From d16c2e855f143b1ce3c0cef59a711f7821b950c1 Mon Sep 17 00:00:00 2001
From: "Fabian S. Biehn" <fbiehn@aagon.com>
Date: Mon, 27 Jan 2020 15:47:59 +0100
Subject: [PATCH 01/64] Added new OpenSSL IO Handler for OpenSSL 1.1.1

Added new OpenSSL 1.1.1 header translation

Added new OpenSSL IO Handler

Fixed memory corruption

If GetPAnsiChar own created UTF8String will be freed when the method
will be leaved. In that case the string is no longer accessable for
OpenSSL.

No clue what to do with the USE_MARSHALLED_PTRS part, that has the same
problem...

Implemented more compiler macros in x509

Set default values for options

Added virtual methods for context initialization for #224

Fixed small translation error

Fixed small errors found with FixInsight

Added missing empty implementations

Added Header to source files

Removed own definition of size_t and time_t

Added PPIdC_INT definition to fpc

Updated OpenSSL Header translation and Source Generator

Fixed quirk with circular references

Added IdOpenSSLConsts for better x64 support

Improved xml doc

Added missing include

Added some pem functions for read/write

Added translation for objects.h and fixed some other translations

Added missing includes of IdCompilerDefines.inc

Some FPC compability

Added  PPPByte to FPC

Implemented some compiler macros in crypto

Some more OpenSSL translation

Moved TIdOpenSSLPersistent to own unit

Added new TIdC_TM

Added new x509 wrapper and callback for verification

Extracted TIdOpenSSLVersion to own unit

Fixed problem with explicite TLS

Renamed tls version properties

Implemented better way for dynamic loading

Implemented usage of dynamic loading
---
 .../OpenSSL/GenerateCode/GenerateCode.dpr     |  378 ++
 .../OpenSSL/GenerateCode/GenerateCode.dproj   |  573 +++
 Lib/Protocols/OpenSSL/IdOpenSSLConsts.pas     |   19 +
 Lib/Protocols/OpenSSL/IdOpenSSLContext.pas    |  396 ++
 .../OpenSSL/IdOpenSSLContextClient.pas        |  113 +
 .../OpenSSL/IdOpenSSLContextServer.pas        |  173 +
 .../IdOpenSSLExceptionResourcestrings.pas     |   45 +
 Lib/Protocols/OpenSSL/IdOpenSSLExceptions.pas |  264 ++
 .../OpenSSL/IdOpenSSLIOHandlerClient.pas      |  190 +
 .../OpenSSL/IdOpenSSLIOHandlerClientBase.pas  |  169 +
 .../IdOpenSSLIOHandlerClientServer.pas        |   73 +
 .../OpenSSL/IdOpenSSLIOHandlerServer.pas      |  170 +
 Lib/Protocols/OpenSSL/IdOpenSSLLoader.pas     |  349 ++
 Lib/Protocols/OpenSSL/IdOpenSSLOptions.pas    |  270 ++
 .../OpenSSL/IdOpenSSLOptionsClient.pas        |   87 +
 .../OpenSSL/IdOpenSSLOptionsServer.pas        |  124 +
 Lib/Protocols/OpenSSL/IdOpenSSLPersistent.pas |   41 +
 Lib/Protocols/OpenSSL/IdOpenSSLSocket.pas     |  214 ++
 .../OpenSSL/IdOpenSSLSocketClient.pas         |   99 +
 .../OpenSSL/IdOpenSSLSocketServer.pas         |   73 +
 Lib/Protocols/OpenSSL/IdOpenSSLTypes.pas      |   72 +
 Lib/Protocols/OpenSSL/IdOpenSSLUtils.pas      |  111 +
 Lib/Protocols/OpenSSL/IdOpenSSLVersion.pas    |   47 +
 Lib/Protocols/OpenSSL/IdOpenSSLX509.pas       |  362 ++
 .../IntermediateCode/IdOpenSSLHeaders_aes.pas |   87 +
 .../IdOpenSSLHeaders_asn1.pas                 |  776 ++++
 .../IdOpenSSLHeaders_asn1_mac.pas             |   40 +
 .../IdOpenSSLHeaders_asn1err.pas              |  277 ++
 .../IdOpenSSLHeaders_asn1t.pas                |  991 +++++
 .../IdOpenSSLHeaders_async.pas                |   88 +
 .../IdOpenSSLHeaders_asyncerr.pas             |   66 +
 .../IntermediateCode/IdOpenSSLHeaders_bio.pas |  827 ++++
 .../IdOpenSSLHeaders_bioerr.pas               |  148 +
 .../IdOpenSSLHeaders_blowfish.pas             |   76 +
 .../IntermediateCode/IdOpenSSLHeaders_bn.pas  |  429 +++
 .../IdOpenSSLHeaders_bnerr.pas                |  124 +
 .../IdOpenSSLHeaders_buffer.pas               |   63 +
 .../IdOpenSSLHeaders_buffererr.pas            |   54 +
 .../IdOpenSSLHeaders_camellia.pas             |   87 +
 .../IdOpenSSLHeaders_cast.pas                 |   70 +
 .../IdOpenSSLHeaders_cmac.pas                 |   62 +
 .../IntermediateCode/IdOpenSSLHeaders_cms.pas |  292 ++
 .../IdOpenSSLHeaders_cmserr.pas               |  221 ++
 .../IdOpenSSLHeaders_comp.pas                 |   60 +
 .../IdOpenSSLHeaders_comperr.pas              |   63 +
 .../IdOpenSSLHeaders_conf.pas                 |  184 +
 .../IdOpenSSLHeaders_conf_api.pas             |   60 +
 .../IdOpenSSLHeaders_conferr.pas              |  100 +
 .../IdOpenSSLHeaders_crypto.pas               |  441 +++
 .../IdOpenSSLHeaders_cryptoerr.pas            |   81 +
 .../IdOpenSSLHeaders_cterr.pas                |  100 +
 .../IntermediateCode/IdOpenSSLHeaders_dh.pas  |  301 ++
 .../IdOpenSSLHeaders_dherr.pas                |  103 +
 .../IntermediateCode/IdOpenSSLHeaders_dsa.pas |  198 +
 .../IdOpenSSLHeaders_dsaerr.pas               |   91 +
 .../IdOpenSSLHeaders_ebcdic.pas               |   51 +
 .../IntermediateCode/IdOpenSSLHeaders_ec.pas  |  347 ++
 .../IdOpenSSLHeaders_ecerr.pas                |  294 ++
 .../IdOpenSSLHeaders_engine.pas               |  713 ++++
 .../IdOpenSSLHeaders_engineerr.pas            |  130 +
 .../IntermediateCode/IdOpenSSLHeaders_err.pas |  226 ++
 .../IntermediateCode/IdOpenSSLHeaders_evp.pas | 1333 +++++++
 .../IdOpenSSLHeaders_evperr.pas               |  228 ++
 .../IdOpenSSLHeaders_hmac.pas                 |   59 +
 .../IdOpenSSLHeaders_idea.pas                 |   71 +
 .../IdOpenSSLHeaders_kdferr.pas               |   79 +
 .../IdOpenSSLHeaders_obj_mac.pas              | 2915 ++++++++++++++
 .../IdOpenSSLHeaders_objects.pas              |  181 +
 .../IdOpenSSLHeaders_objectserr.pas           |   66 +
 .../IdOpenSSLHeaders_ocsperr.pas              |   97 +
 .../IdOpenSSLHeaders_ossl_typ.pas             |  529 +++
 .../IntermediateCode/IdOpenSSLHeaders_pem.pas |  207 +
 .../IdOpenSSLHeaders_pemerr.pas               |  122 +
 .../IdOpenSSLHeaders_pkcs7.pas                |  347 ++
 .../IdOpenSSLHeaders_pkcs7err.pas             |  127 +
 .../IdOpenSSLHeaders_rand.pas                 |   85 +
 .../IdOpenSSLHeaders_randerr.pas              |  118 +
 .../IntermediateCode/IdOpenSSLHeaders_rsa.pas |  437 +++
 .../IdOpenSSLHeaders_rsaerr.pas               |  191 +
 .../IntermediateCode/IdOpenSSLHeaders_sha.pas |  126 +
 .../IdOpenSSLHeaders_srtp.pas                 |   64 +
 .../IntermediateCode/IdOpenSSLHeaders_ssl.pas | 2550 +++++++++++++
 .../IdOpenSSLHeaders_ssl3.pas                 |  325 ++
 .../IdOpenSSLHeaders_sslerr.pas               |  792 ++++
 .../IdOpenSSLHeaders_storeerr.pas             |  116 +
 .../IdOpenSSLHeaders_tls1.pas                 | 1206 ++++++
 .../IntermediateCode/IdOpenSSLHeaders_ts.pas  |  559 +++
 .../IdOpenSSLHeaders_tserr.pas                |  151 +
 .../IdOpenSSLHeaders_txt_db.pas               |   82 +
 .../IntermediateCode/IdOpenSSLHeaders_ui.pas  |  378 ++
 .../IdOpenSSLHeaders_uierr.pas                |   89 +
 .../IdOpenSSLHeaders_whrlpool.pas             |   70 +
 .../IdOpenSSLHeaders_x509.pas                 |  971 +++++
 .../IdOpenSSLHeaders_x509_vfy.pas             |  555 +++
 .../IdOpenSSLHeaders_x509err.pas              |  154 +
 .../IdOpenSSLHeaders_x509v3.pas               |  927 +++++
 .../OpenSSL/dynamic/IdOpenSSLHeaders_aes.pas  |  147 +
 .../OpenSSL/dynamic/IdOpenSSLHeaders_asn1.pas | 1124 ++++++
 .../dynamic/IdOpenSSLHeaders_asn1_mac.pas     |   46 +
 .../dynamic/IdOpenSSLHeaders_asn1err.pas      |  309 ++
 .../dynamic/IdOpenSSLHeaders_asn1t.pas        | 1029 +++++
 .../dynamic/IdOpenSSLHeaders_async.pas        |  150 +
 .../dynamic/IdOpenSSLHeaders_asyncerr.pas     |   98 +
 .../OpenSSL/dynamic/IdOpenSSLHeaders_bio.pas  | 1107 ++++++
 .../dynamic/IdOpenSSLHeaders_bioerr.pas       |  180 +
 .../dynamic/IdOpenSSLHeaders_blowfish.pas     |  122 +
 .../OpenSSL/dynamic/IdOpenSSLHeaders_bn.pas   |  785 ++++
 .../dynamic/IdOpenSSLHeaders_bnerr.pas        |  156 +
 .../dynamic/IdOpenSSLHeaders_buffer.pas       |  105 +
 .../dynamic/IdOpenSSLHeaders_buffererr.pas    |   86 +
 .../dynamic/IdOpenSSLHeaders_camellia.pas     |  137 +
 .../OpenSSL/dynamic/IdOpenSSLHeaders_cast.pas |  114 +
 .../OpenSSL/dynamic/IdOpenSSLHeaders_cmac.pas |  111 +
 .../OpenSSL/dynamic/IdOpenSSLHeaders_cms.pas  |  510 +++
 .../dynamic/IdOpenSSLHeaders_cmserr.pas       |  253 ++
 .../OpenSSL/dynamic/IdOpenSSLHeaders_comp.pas |  110 +
 .../dynamic/IdOpenSSLHeaders_comperr.pas      |   95 +
 .../OpenSSL/dynamic/IdOpenSSLHeaders_conf.pas |  266 ++
 .../dynamic/IdOpenSSLHeaders_conf_api.pas     |  105 +
 .../dynamic/IdOpenSSLHeaders_conferr.pas      |  132 +
 .../dynamic/IdOpenSSLHeaders_crypto.pas       |  601 +++
 .../dynamic/IdOpenSSLHeaders_cryptoerr.pas    |  113 +
 .../dynamic/IdOpenSSLHeaders_cterr.pas        |  133 +
 .../OpenSSL/dynamic/IdOpenSSLHeaders_dh.pas   |  473 +++
 .../dynamic/IdOpenSSLHeaders_dherr.pas        |  135 +
 .../OpenSSL/dynamic/IdOpenSSLHeaders_dsa.pas  |  380 ++
 .../dynamic/IdOpenSSLHeaders_dsaerr.pas       |  123 +
 .../dynamic/IdOpenSSLHeaders_ebcdic.pas       |   85 +
 .../OpenSSL/dynamic/IdOpenSSLHeaders_ec.pas   |  727 ++++
 .../dynamic/IdOpenSSLHeaders_ecerr.pas        |  326 ++
 .../dynamic/IdOpenSSLHeaders_engine.pas       |  979 +++++
 .../dynamic/IdOpenSSLHeaders_engineerr.pas    |  162 +
 .../OpenSSL/dynamic/IdOpenSSLHeaders_err.pas  |  313 ++
 .../OpenSSL/dynamic/IdOpenSSLHeaders_evp.pas  | 2388 ++++++++++++
 .../dynamic/IdOpenSSLHeaders_evperr.pas       |  260 ++
 .../OpenSSL/dynamic/IdOpenSSLHeaders_hmac.pas |  111 +
 .../OpenSSL/dynamic/IdOpenSSLHeaders_idea.pas |  117 +
 .../dynamic/IdOpenSSLHeaders_kdferr.pas       |  111 +
 .../dynamic/IdOpenSSLHeaders_obj_mac.pas      | 2921 ++++++++++++++
 .../dynamic/IdOpenSSLHeaders_objects.pas      |  263 ++
 .../dynamic/IdOpenSSLHeaders_objectserr.pas   |   98 +
 .../dynamic/IdOpenSSLHeaders_ocsperr.pas      |  129 +
 .../dynamic/IdOpenSSLHeaders_ossl_typ.pas     |  536 +++
 .../OpenSSL/dynamic/IdOpenSSLHeaders_pem.pas  |  381 ++
 .../dynamic/IdOpenSSLHeaders_pemerr.pas       |  154 +
 .../dynamic/IdOpenSSLHeaders_pkcs7.pas        |  467 +++
 .../dynamic/IdOpenSSLHeaders_pkcs7err.pas     |  159 +
 .../OpenSSL/dynamic/IdOpenSSLHeaders_rand.pas |  147 +
 .../dynamic/IdOpenSSLHeaders_randerr.pas      |  150 +
 .../OpenSSL/dynamic/IdOpenSSLHeaders_rsa.pas  |  657 ++++
 .../dynamic/IdOpenSSLHeaders_rsaerr.pas       |  223 ++
 .../OpenSSL/dynamic/IdOpenSSLHeaders_sha.pas  |  202 +
 .../OpenSSL/dynamic/IdOpenSSLHeaders_srtp.pas |  100 +
 .../OpenSSL/dynamic/IdOpenSSLHeaders_ssl.pas  | 3345 +++++++++++++++++
 .../OpenSSL/dynamic/IdOpenSSLHeaders_ssl3.pas |  332 ++
 .../dynamic/IdOpenSSLHeaders_sslerr.pas       |  824 ++++
 .../dynamic/IdOpenSSLHeaders_storeerr.pas     |  148 +
 .../OpenSSL/dynamic/IdOpenSSLHeaders_tls1.pas | 1258 +++++++
 .../OpenSSL/dynamic/IdOpenSSLHeaders_ts.pas   |  963 +++++
 .../dynamic/IdOpenSSLHeaders_tserr.pas        |  183 +
 .../dynamic/IdOpenSSLHeaders_txt_db.pas       |  122 +
 .../OpenSSL/dynamic/IdOpenSSLHeaders_ui.pas   |  532 +++
 .../dynamic/IdOpenSSLHeaders_uierr.pas        |  121 +
 .../dynamic/IdOpenSSLHeaders_whrlpool.pas     |  110 +
 .../OpenSSL/dynamic/IdOpenSSLHeaders_x509.pas | 1751 +++++++++
 .../dynamic/IdOpenSSLHeaders_x509_vfy.pas     |  902 +++++
 .../dynamic/IdOpenSSLHeaders_x509err.pas      |  186 +
 .../dynamic/IdOpenSSLHeaders_x509v3.pas       | 1124 ++++++
 .../OpenSSL/static/IdOpenSSLHeaders_aes.pas   |   92 +
 .../OpenSSL/static/IdOpenSSLHeaders_asn1.pas  |  781 ++++
 .../static/IdOpenSSLHeaders_asn1_mac.pas      |   46 +
 .../static/IdOpenSSLHeaders_asn1err.pas       |  282 ++
 .../OpenSSL/static/IdOpenSSLHeaders_asn1t.pas |  996 +++++
 .../OpenSSL/static/IdOpenSSLHeaders_async.pas |   93 +
 .../static/IdOpenSSLHeaders_asyncerr.pas      |   71 +
 .../OpenSSL/static/IdOpenSSLHeaders_bio.pas   |  832 ++++
 .../static/IdOpenSSLHeaders_bioerr.pas        |  153 +
 .../static/IdOpenSSLHeaders_blowfish.pas      |   81 +
 .../OpenSSL/static/IdOpenSSLHeaders_bn.pas    |  434 +++
 .../OpenSSL/static/IdOpenSSLHeaders_bnerr.pas |  129 +
 .../static/IdOpenSSLHeaders_buffer.pas        |   68 +
 .../static/IdOpenSSLHeaders_buffererr.pas     |   59 +
 .../static/IdOpenSSLHeaders_camellia.pas      |   92 +
 .../OpenSSL/static/IdOpenSSLHeaders_cast.pas  |   75 +
 .../OpenSSL/static/IdOpenSSLHeaders_cmac.pas  |   68 +
 .../OpenSSL/static/IdOpenSSLHeaders_cms.pas   |  297 ++
 .../static/IdOpenSSLHeaders_cmserr.pas        |  226 ++
 .../OpenSSL/static/IdOpenSSLHeaders_comp.pas  |   65 +
 .../static/IdOpenSSLHeaders_comperr.pas       |   68 +
 .../OpenSSL/static/IdOpenSSLHeaders_conf.pas  |  189 +
 .../static/IdOpenSSLHeaders_conf_api.pas      |   66 +
 .../static/IdOpenSSLHeaders_conferr.pas       |  105 +
 .../static/IdOpenSSLHeaders_crypto.pas        |  446 +++
 .../static/IdOpenSSLHeaders_cryptoerr.pas     |   86 +
 .../OpenSSL/static/IdOpenSSLHeaders_cterr.pas |  106 +
 .../OpenSSL/static/IdOpenSSLHeaders_dh.pas    |  306 ++
 .../OpenSSL/static/IdOpenSSLHeaders_dherr.pas |  108 +
 .../OpenSSL/static/IdOpenSSLHeaders_dsa.pas   |  203 +
 .../static/IdOpenSSLHeaders_dsaerr.pas        |   96 +
 .../static/IdOpenSSLHeaders_ebcdic.pas        |   56 +
 .../OpenSSL/static/IdOpenSSLHeaders_ec.pas    |  352 ++
 .../OpenSSL/static/IdOpenSSLHeaders_ecerr.pas |  299 ++
 .../static/IdOpenSSLHeaders_engine.pas        |  718 ++++
 .../static/IdOpenSSLHeaders_engineerr.pas     |  135 +
 .../OpenSSL/static/IdOpenSSLHeaders_err.pas   |  232 ++
 .../OpenSSL/static/IdOpenSSLHeaders_evp.pas   | 1341 +++++++
 .../static/IdOpenSSLHeaders_evperr.pas        |  233 ++
 .../OpenSSL/static/IdOpenSSLHeaders_hmac.pas  |   64 +
 .../OpenSSL/static/IdOpenSSLHeaders_idea.pas  |   76 +
 .../static/IdOpenSSLHeaders_kdferr.pas        |   84 +
 .../static/IdOpenSSLHeaders_obj_mac.pas       | 2921 ++++++++++++++
 .../static/IdOpenSSLHeaders_objects.pas       |  186 +
 .../static/IdOpenSSLHeaders_objectserr.pas    |   71 +
 .../static/IdOpenSSLHeaders_ocsperr.pas       |  102 +
 .../static/IdOpenSSLHeaders_ossl_typ.pas      |  536 +++
 .../OpenSSL/static/IdOpenSSLHeaders_pem.pas   |  212 ++
 .../static/IdOpenSSLHeaders_pemerr.pas        |  127 +
 .../OpenSSL/static/IdOpenSSLHeaders_pkcs7.pas |  352 ++
 .../static/IdOpenSSLHeaders_pkcs7err.pas      |  132 +
 .../OpenSSL/static/IdOpenSSLHeaders_rand.pas  |   90 +
 .../static/IdOpenSSLHeaders_randerr.pas       |  123 +
 .../OpenSSL/static/IdOpenSSLHeaders_rsa.pas   |  442 +++
 .../static/IdOpenSSLHeaders_rsaerr.pas        |  196 +
 .../OpenSSL/static/IdOpenSSLHeaders_sha.pas   |  131 +
 .../OpenSSL/static/IdOpenSSLHeaders_srtp.pas  |   69 +
 .../OpenSSL/static/IdOpenSSLHeaders_ssl.pas   | 2560 +++++++++++++
 .../OpenSSL/static/IdOpenSSLHeaders_ssl3.pas  |  332 ++
 .../static/IdOpenSSLHeaders_sslerr.pas        |  797 ++++
 .../static/IdOpenSSLHeaders_storeerr.pas      |  121 +
 .../OpenSSL/static/IdOpenSSLHeaders_tls1.pas  | 1213 ++++++
 .../OpenSSL/static/IdOpenSSLHeaders_ts.pas    |  564 +++
 .../OpenSSL/static/IdOpenSSLHeaders_tserr.pas |  156 +
 .../static/IdOpenSSLHeaders_txt_db.pas        |   87 +
 .../OpenSSL/static/IdOpenSSLHeaders_ui.pas    |  383 ++
 .../OpenSSL/static/IdOpenSSLHeaders_uierr.pas |   94 +
 .../static/IdOpenSSLHeaders_whrlpool.pas      |   75 +
 .../OpenSSL/static/IdOpenSSLHeaders_x509.pas  |  976 +++++
 .../static/IdOpenSSLHeaders_x509_vfy.pas      |  561 +++
 .../static/IdOpenSSLHeaders_x509err.pas       |  159 +
 .../static/IdOpenSSLHeaders_x509v3.pas        |  933 +++++
 240 files changed, 87352 insertions(+)
 create mode 100644 Lib/Protocols/OpenSSL/GenerateCode/GenerateCode.dpr
 create mode 100644 Lib/Protocols/OpenSSL/GenerateCode/GenerateCode.dproj
 create mode 100644 Lib/Protocols/OpenSSL/IdOpenSSLConsts.pas
 create mode 100644 Lib/Protocols/OpenSSL/IdOpenSSLContext.pas
 create mode 100644 Lib/Protocols/OpenSSL/IdOpenSSLContextClient.pas
 create mode 100644 Lib/Protocols/OpenSSL/IdOpenSSLContextServer.pas
 create mode 100644 Lib/Protocols/OpenSSL/IdOpenSSLExceptionResourcestrings.pas
 create mode 100644 Lib/Protocols/OpenSSL/IdOpenSSLExceptions.pas
 create mode 100644 Lib/Protocols/OpenSSL/IdOpenSSLIOHandlerClient.pas
 create mode 100644 Lib/Protocols/OpenSSL/IdOpenSSLIOHandlerClientBase.pas
 create mode 100644 Lib/Protocols/OpenSSL/IdOpenSSLIOHandlerClientServer.pas
 create mode 100644 Lib/Protocols/OpenSSL/IdOpenSSLIOHandlerServer.pas
 create mode 100644 Lib/Protocols/OpenSSL/IdOpenSSLLoader.pas
 create mode 100644 Lib/Protocols/OpenSSL/IdOpenSSLOptions.pas
 create mode 100644 Lib/Protocols/OpenSSL/IdOpenSSLOptionsClient.pas
 create mode 100644 Lib/Protocols/OpenSSL/IdOpenSSLOptionsServer.pas
 create mode 100644 Lib/Protocols/OpenSSL/IdOpenSSLPersistent.pas
 create mode 100644 Lib/Protocols/OpenSSL/IdOpenSSLSocket.pas
 create mode 100644 Lib/Protocols/OpenSSL/IdOpenSSLSocketClient.pas
 create mode 100644 Lib/Protocols/OpenSSL/IdOpenSSLSocketServer.pas
 create mode 100644 Lib/Protocols/OpenSSL/IdOpenSSLTypes.pas
 create mode 100644 Lib/Protocols/OpenSSL/IdOpenSSLUtils.pas
 create mode 100644 Lib/Protocols/OpenSSL/IdOpenSSLVersion.pas
 create mode 100644 Lib/Protocols/OpenSSL/IdOpenSSLX509.pas
 create mode 100644 Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_aes.pas
 create mode 100644 Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_asn1.pas
 create mode 100644 Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_asn1_mac.pas
 create mode 100644 Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_asn1err.pas
 create mode 100644 Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_asn1t.pas
 create mode 100644 Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_async.pas
 create mode 100644 Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_asyncerr.pas
 create mode 100644 Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_bio.pas
 create mode 100644 Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_bioerr.pas
 create mode 100644 Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_blowfish.pas
 create mode 100644 Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_bn.pas
 create mode 100644 Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_bnerr.pas
 create mode 100644 Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_buffer.pas
 create mode 100644 Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_buffererr.pas
 create mode 100644 Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_camellia.pas
 create mode 100644 Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_cast.pas
 create mode 100644 Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_cmac.pas
 create mode 100644 Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_cms.pas
 create mode 100644 Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_cmserr.pas
 create mode 100644 Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_comp.pas
 create mode 100644 Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_comperr.pas
 create mode 100644 Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_conf.pas
 create mode 100644 Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_conf_api.pas
 create mode 100644 Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_conferr.pas
 create mode 100644 Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_crypto.pas
 create mode 100644 Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_cryptoerr.pas
 create mode 100644 Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_cterr.pas
 create mode 100644 Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_dh.pas
 create mode 100644 Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_dherr.pas
 create mode 100644 Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_dsa.pas
 create mode 100644 Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_dsaerr.pas
 create mode 100644 Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ebcdic.pas
 create mode 100644 Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ec.pas
 create mode 100644 Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ecerr.pas
 create mode 100644 Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_engine.pas
 create mode 100644 Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_engineerr.pas
 create mode 100644 Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_err.pas
 create mode 100644 Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_evp.pas
 create mode 100644 Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_evperr.pas
 create mode 100644 Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_hmac.pas
 create mode 100644 Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_idea.pas
 create mode 100644 Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_kdferr.pas
 create mode 100644 Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_obj_mac.pas
 create mode 100644 Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_objects.pas
 create mode 100644 Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_objectserr.pas
 create mode 100644 Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ocsperr.pas
 create mode 100644 Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ossl_typ.pas
 create mode 100644 Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_pem.pas
 create mode 100644 Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_pemerr.pas
 create mode 100644 Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_pkcs7.pas
 create mode 100644 Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_pkcs7err.pas
 create mode 100644 Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_rand.pas
 create mode 100644 Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_randerr.pas
 create mode 100644 Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_rsa.pas
 create mode 100644 Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_rsaerr.pas
 create mode 100644 Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_sha.pas
 create mode 100644 Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_srtp.pas
 create mode 100644 Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ssl.pas
 create mode 100644 Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ssl3.pas
 create mode 100644 Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_sslerr.pas
 create mode 100644 Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_storeerr.pas
 create mode 100644 Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_tls1.pas
 create mode 100644 Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ts.pas
 create mode 100644 Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_tserr.pas
 create mode 100644 Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_txt_db.pas
 create mode 100644 Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ui.pas
 create mode 100644 Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_uierr.pas
 create mode 100644 Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_whrlpool.pas
 create mode 100644 Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_x509.pas
 create mode 100644 Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_x509_vfy.pas
 create mode 100644 Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_x509err.pas
 create mode 100644 Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_x509v3.pas
 create mode 100644 Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_aes.pas
 create mode 100644 Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_asn1.pas
 create mode 100644 Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_asn1_mac.pas
 create mode 100644 Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_asn1err.pas
 create mode 100644 Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_asn1t.pas
 create mode 100644 Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_async.pas
 create mode 100644 Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_asyncerr.pas
 create mode 100644 Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_bio.pas
 create mode 100644 Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_bioerr.pas
 create mode 100644 Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_blowfish.pas
 create mode 100644 Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_bn.pas
 create mode 100644 Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_bnerr.pas
 create mode 100644 Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_buffer.pas
 create mode 100644 Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_buffererr.pas
 create mode 100644 Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_camellia.pas
 create mode 100644 Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_cast.pas
 create mode 100644 Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_cmac.pas
 create mode 100644 Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_cms.pas
 create mode 100644 Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_cmserr.pas
 create mode 100644 Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_comp.pas
 create mode 100644 Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_comperr.pas
 create mode 100644 Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_conf.pas
 create mode 100644 Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_conf_api.pas
 create mode 100644 Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_conferr.pas
 create mode 100644 Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_crypto.pas
 create mode 100644 Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_cryptoerr.pas
 create mode 100644 Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_cterr.pas
 create mode 100644 Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_dh.pas
 create mode 100644 Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_dherr.pas
 create mode 100644 Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_dsa.pas
 create mode 100644 Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_dsaerr.pas
 create mode 100644 Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ebcdic.pas
 create mode 100644 Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ec.pas
 create mode 100644 Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ecerr.pas
 create mode 100644 Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_engine.pas
 create mode 100644 Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_engineerr.pas
 create mode 100644 Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_err.pas
 create mode 100644 Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_evp.pas
 create mode 100644 Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_evperr.pas
 create mode 100644 Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_hmac.pas
 create mode 100644 Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_idea.pas
 create mode 100644 Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_kdferr.pas
 create mode 100644 Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_obj_mac.pas
 create mode 100644 Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_objects.pas
 create mode 100644 Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_objectserr.pas
 create mode 100644 Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ocsperr.pas
 create mode 100644 Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ossl_typ.pas
 create mode 100644 Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_pem.pas
 create mode 100644 Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_pemerr.pas
 create mode 100644 Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_pkcs7.pas
 create mode 100644 Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_pkcs7err.pas
 create mode 100644 Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_rand.pas
 create mode 100644 Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_randerr.pas
 create mode 100644 Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_rsa.pas
 create mode 100644 Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_rsaerr.pas
 create mode 100644 Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_sha.pas
 create mode 100644 Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_srtp.pas
 create mode 100644 Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ssl.pas
 create mode 100644 Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ssl3.pas
 create mode 100644 Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_sslerr.pas
 create mode 100644 Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_storeerr.pas
 create mode 100644 Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_tls1.pas
 create mode 100644 Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ts.pas
 create mode 100644 Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_tserr.pas
 create mode 100644 Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_txt_db.pas
 create mode 100644 Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ui.pas
 create mode 100644 Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_uierr.pas
 create mode 100644 Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_whrlpool.pas
 create mode 100644 Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_x509.pas
 create mode 100644 Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_x509_vfy.pas
 create mode 100644 Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_x509err.pas
 create mode 100644 Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_x509v3.pas
 create mode 100644 Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_aes.pas
 create mode 100644 Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_asn1.pas
 create mode 100644 Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_asn1_mac.pas
 create mode 100644 Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_asn1err.pas
 create mode 100644 Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_asn1t.pas
 create mode 100644 Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_async.pas
 create mode 100644 Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_asyncerr.pas
 create mode 100644 Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_bio.pas
 create mode 100644 Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_bioerr.pas
 create mode 100644 Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_blowfish.pas
 create mode 100644 Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_bn.pas
 create mode 100644 Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_bnerr.pas
 create mode 100644 Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_buffer.pas
 create mode 100644 Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_buffererr.pas
 create mode 100644 Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_camellia.pas
 create mode 100644 Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_cast.pas
 create mode 100644 Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_cmac.pas
 create mode 100644 Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_cms.pas
 create mode 100644 Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_cmserr.pas
 create mode 100644 Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_comp.pas
 create mode 100644 Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_comperr.pas
 create mode 100644 Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_conf.pas
 create mode 100644 Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_conf_api.pas
 create mode 100644 Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_conferr.pas
 create mode 100644 Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_crypto.pas
 create mode 100644 Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_cryptoerr.pas
 create mode 100644 Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_cterr.pas
 create mode 100644 Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_dh.pas
 create mode 100644 Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_dherr.pas
 create mode 100644 Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_dsa.pas
 create mode 100644 Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_dsaerr.pas
 create mode 100644 Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ebcdic.pas
 create mode 100644 Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ec.pas
 create mode 100644 Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ecerr.pas
 create mode 100644 Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_engine.pas
 create mode 100644 Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_engineerr.pas
 create mode 100644 Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_err.pas
 create mode 100644 Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_evp.pas
 create mode 100644 Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_evperr.pas
 create mode 100644 Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_hmac.pas
 create mode 100644 Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_idea.pas
 create mode 100644 Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_kdferr.pas
 create mode 100644 Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_obj_mac.pas
 create mode 100644 Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_objects.pas
 create mode 100644 Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_objectserr.pas
 create mode 100644 Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ocsperr.pas
 create mode 100644 Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ossl_typ.pas
 create mode 100644 Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_pem.pas
 create mode 100644 Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_pemerr.pas
 create mode 100644 Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_pkcs7.pas
 create mode 100644 Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_pkcs7err.pas
 create mode 100644 Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_rand.pas
 create mode 100644 Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_randerr.pas
 create mode 100644 Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_rsa.pas
 create mode 100644 Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_rsaerr.pas
 create mode 100644 Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_sha.pas
 create mode 100644 Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_srtp.pas
 create mode 100644 Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ssl.pas
 create mode 100644 Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ssl3.pas
 create mode 100644 Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_sslerr.pas
 create mode 100644 Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_storeerr.pas
 create mode 100644 Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_tls1.pas
 create mode 100644 Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ts.pas
 create mode 100644 Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_tserr.pas
 create mode 100644 Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_txt_db.pas
 create mode 100644 Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ui.pas
 create mode 100644 Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_uierr.pas
 create mode 100644 Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_whrlpool.pas
 create mode 100644 Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_x509.pas
 create mode 100644 Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_x509_vfy.pas
 create mode 100644 Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_x509err.pas
 create mode 100644 Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_x509v3.pas

diff --git a/Lib/Protocols/OpenSSL/GenerateCode/GenerateCode.dpr b/Lib/Protocols/OpenSSL/GenerateCode/GenerateCode.dpr
new file mode 100644
index 000000000..c86be9a5e
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/GenerateCode/GenerateCode.dpr
@@ -0,0 +1,378 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+program GenerateCode;
+
+{$APPTYPE CONSOLE}
+
+{$R *.res}
+
+uses
+  System.Classes,
+  System.IOUtils,
+  System.StrUtils,
+  System.SysUtils,
+  System.Types,
+  Winapi.Windows;
+
+type
+  TGenerateMode = (gmDynamic, gmStatic);
+
+function ExpandEnvironmentVariables(const AValue: string): string;
+const
+  MAX_LENGTH = 32767;
+begin
+  SetLength(Result, MAX_LENGTH);
+  SetLength(Result, ExpandEnvironmentStrings(@AValue[1], @Result[1], MAX_LENGTH)-1);
+end;
+
+function ReplaceStatic(const ALine: string; const AShouldUseLibSSL: Boolean): string;
+const
+  CSemicolon: string = ';';
+var
+  i: Integer;
+begin
+  Result := ALine;
+  i := Result.LastIndexOf(CSemicolon);
+  if i = -1 then
+    Exit;
+  Result := Result.Remove(i, CSemicolon.Length);
+  Result := Result.Insert(i, Format(' cdecl; external %s;', [IfThen(AShouldUseLibSSL, 'CLibSSL', 'CLibCrypto')]));
+end;
+
+function ReplaceDynamic(const ALine: string; const AMethodList: TStringList): string;
+var
+  i: Integer;
+  LMethodPrefix: string;
+  LMethod: string;
+begin
+  Result := ALine;
+
+  if not Result.TrimLeft.StartsWith('function') and not Result.TrimLeft.StartsWith('procedure') then
+    Exit;
+
+  LMethodPrefix := 'function';
+  i := Result.IndexOf(LMethodPrefix);
+  if i = -1 then
+  begin
+    LMethodPrefix := 'procedure';
+    i := Result.IndexOf(LMethodPrefix);
+    if i = -1 then
+      Exit;
+  end;
+
+  // Remove LMethodPrefix
+  Result := Result.Remove(i, LMethodPrefix.Length + string(' ').Length);
+  // Keep Result for method name extracting later
+  LMethod := Result.TrimLeft();
+  // Add LMethodPrefix after parameters
+  if Result.Contains(')') then
+    Result := Result.Replace('(', ': ' + LMethodPrefix + '(')
+  // No Params? Add LMethodPrefix after before return type
+  else if Result.Contains(': ') then
+    Result := Result.Replace(': ', ': ' + LMethodPrefix + ': ')
+  // Also no return type? Add LMethodPrefix before semi colon
+  else
+    Result := Result.Replace(';', ': ' + LMethodPrefix + ';');
+
+  if Result[Result.Length] = ';' then
+    Result := Result.Remove(Result.Length-1) + ' cdecl = nil;';
+
+  // Ignore comments
+  i := LMethod.IndexOf('}');
+  if i > -1 then
+    // +1 for including } and Trim for removing whitespace of intendation
+    LMethod := LMethod.Substring(i + 1{, LMethod.Length - i}).TrimLeft;
+  i := LMethod.IndexOf(';');
+  if i > -1 then
+    LMethod := LMethod.Remove(i);
+  i := LMethod.IndexOf(' ');
+  if i > -1 then
+    LMethod := LMethod.Remove(i);
+  i := LMethod.IndexOf(':');
+  if i > -1 then
+    LMethod := LMethod.Remove(i);
+  i := LMethod.IndexOf('(');
+  if i > -1 then
+    LMethod := LMethod.Remove(i);
+  AMethodList.Add(LMethod);
+end;
+
+procedure AddDynamicLoadingMethods(
+  const AFile: TStringList;
+  const AMethods: TStringList;
+  const AUsesIndex: Integer;
+  const AVarIndex: Integer;
+  const AImplementationIndex: Integer);
+
+  procedure Insert(const AList: TStringList; const s: string; var Index: Integer);
+  begin
+    AList.Insert(Index, s);
+    Inc(Index);
+  end;
+
+  function Find(const AList: TStringList; const s: string; var Index: Integer; const AOffset: Integer = 0): Boolean;
+  var
+    i: Integer;
+  begin
+    Result := False;
+    for i := AOffset to AList.Count - 1 do
+    begin
+      if AList[i].Contains(s) then
+      begin
+        Index := i;
+        Exit(True);
+      end;
+    end;
+  end;
+
+var
+  LOffset: Integer;
+  LMethod: string;
+begin
+  if AImplementationIndex = -1 then
+    Exit;
+  LOffset := AImplementationIndex + 1;
+
+  if Find(AFile, 'uses', LOffset, LOffset) then
+    if Find(AFile, ';', LOffset, LOffset) then
+      Inc(LOffset);
+
+  Insert(AFile, '', LOffset);
+  Insert(AFile, '{$REGION ''Generated loading and unloading methods''}', LOffSet);
+  Insert(AFile, 'procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);', LOffset);
+  Insert(AFile, '', LOffset);
+  Insert(AFile, '  function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;', LOffset);
+  Insert(AFile, '  begin', LOffset);
+  Insert(AFile, '    Result := LoadLibFunction(ADllHandle, AMethodName);', LOffset);
+  Insert(AFile, '    if not Assigned(Result) then', LOffset);
+  Insert(AFile, '      AFailed.Add(AMethodName);', LOffset);
+  Insert(AFile, '  end;', LOffset);
+  Insert(AFile, '', LOffset);
+  Insert(AFile, 'begin', LOffset);
+  for LMethod in AMethods do
+    Insert(AFile, Format('  %0:s := LoadFunction(''%0:s'', AFailed);', [LMethod]), LOffset);
+  Insert(AFile, 'end;', LOffset);
+  Insert(AFile, '', LOffset);
+
+
+  Insert(AFile, 'procedure UnLoad;', LOffset);
+  Insert(AFile, 'begin', LOffset);
+  for LMethod in AMethods do
+    Insert(AFile, Format('  %s := nil;', [LMethod]), LOffset);
+  Insert(AFile, 'end;', LOffset);
+  Insert(AFile, '{$ENDREGION}', LOffSet);
+
+  if AVarIndex = -1 then
+    Exit;
+  LOffSet := Pred(AVarIndex);
+  Insert(AFile, '', LOffSet);
+  Insert(AFile, '{$REGION ''Generated loading and unloading methods''}', LOffSet);
+  Insert(AFile, 'procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);', LOffSet);
+  Insert(AFile, 'procedure UnLoad;', LOffSet);
+  Insert(AFile, '{$ENDREGION}', LOffSet);
+
+  LOffSet := Succ(AUsesIndex);
+  Insert(AFile, '  Classes,', LOffset);
+//  AFile.Insert(Pred(AVarIndex), 'function Load(const ADllHandle: THandle): TArray<string>;');
+end;
+
+function ShouldSkipLine(ALine: string): Boolean;
+begin
+  ALine := ALine.Trim;
+  Result := ALine.IsEmpty;
+  Result := Result or ALine.StartsWith('//');
+  Result := Result or ALine.StartsWith('(*');
+  Result := Result or ALine.StartsWith('*');
+end;
+
+function ReadParameters(out ASource: string; out ATarget: string; out AMode: TGenerateMode): Boolean;
+var
+  LMode: string;
+begin
+  Result := True;
+  if not FindCmdLineSwitch('Source', ASource) then
+  begin
+    Writeln('No source folder!');
+    Exit(False);
+  end;
+  ASource := ExpandEnvironmentVariables(ASource);
+
+  if not FindCmdLineSwitch('Target', ATarget) then
+  begin
+    Writeln('No target folder!');
+    Exit(False);
+  end;
+  ATarget := ExpandEnvironmentVariables(ATarget);
+
+  if not FindCmdLineSwitch('Mode', LMode) then
+  begin
+    Writeln('No mode!');
+    Exit(False);
+  end;
+
+  if LMode = 'dynamic' then
+    AMode := gmDynamic
+  else if LMode = 'static' then
+    AMode := gmStatic
+  else
+  begin
+    Writeln('Invalid mode! Use "dynamic" or "static"!');
+    Exit(False);
+  end;
+end;
+
+procedure AddGeneratedHeader(const AFile: TStringList);
+
+  function Find(const AList: TStringList; const s: string; var Index: Integer): Boolean;
+  var
+    i: Integer;
+  begin
+    Index := -1;
+    Result := False;
+    for i := 0 to AList.Count-1 do
+      if AList[i].Contains(s) then
+      begin
+        Index := i;
+        Exit(True);
+      end;
+  end;
+
+const
+  CHeader: array[0..4] of string =
+  (
+   '',
+   '// This File is auto generated!',
+   '// Any change to this file should be made in the',
+   '// corresponding unit in the folder "intermediate"!',
+   ''
+  );
+var
+  i: Integer;
+  LOffset: Integer;
+begin
+  if not Find(AFile, 'unit ', LOffset) then
+    Exit;
+  // Keep a empty line before "unit"
+  Dec(LOffset);
+  for i := Low(CHeader) to High(CHeader) do
+    AFile.Insert(i + LOffset, CHeader[i]);
+  AFile.Insert(Length(CHeader) + LOffset, '// Generation date: ' + DateTimeToStr(Now()));
+end;
+
+procedure Main;
+var
+  LFile: string;
+  LStringListFile: TStringList;
+  i: Integer;
+  LVarIndex: Integer;
+  LUsesIndex: Integer;
+  LImplementationIndex: Integer;
+  LSource: string;
+  LTarget: string;
+  LMode: TGenerateMode;
+  LStringListMethods: TStringList;
+  LFileName: string;
+  LShouldUseLibSSL: Boolean;
+begin
+  if not ReadParameters(LSource, LTarget, LMode) then
+  begin
+    Readln;
+    Exit;
+  end;
+
+  for LFile in TDirectory.GetFiles(LSource, '*.pas') do
+  begin
+    Writeln('Converting ' + LFile);
+    LFileName := TPath.GetFileName(LFile);
+    LStringListFile := TStringList.Create();
+    LStringListMethods := TStringList.Create();
+    try
+      LStringListFile.LoadFromFile(LFile);
+      LUsesIndex := -1;
+      LVarIndex := -1;
+      LImplementationIndex := -1;
+      LShouldUseLibSSL := MatchText(LFileName,
+        ['IdOpenSSLHeaders_ssl.pas', 'IdOpenSSLHeaders_sslerr.pas', 'IdOpenSSLHeaders_tls1.pas']);
+      for i := 0 to LStringListFile.Count - 1 do
+      begin
+        // Find fist uses
+        if (LVarIndex = -1) and (LUsesIndex = -1) then
+          if LStringListFile[i].StartsWith('uses') then
+            LUsesIndex := i;
+
+        // var block found?
+        if (LVarIndex = -1) and LStringListFile[i].StartsWith('var') then
+          LVarIndex := i;
+        // Skip until we find the var block
+        if (LVarIndex = -1) or ShouldSkipLine(LStringListFile[i]) then
+          Continue;
+
+        // No need to go further than "implementation"
+        if LStringListFile[i] = 'implementation' then
+        begin
+          LImplementationIndex := i;
+          Break;
+        end;
+
+        case LMode of
+          gmDynamic:
+            LStringListFile[i] := ReplaceDynamic(LStringListFile[i], LStringListMethods);
+          gmStatic:
+            LStringListFile[i] := ReplaceStatic(LStringListFile[i], LShouldUseLibSSL);
+        end;
+      end;
+
+      case LMode of
+        gmDynamic:
+          AddDynamicLoadingMethods(LStringListFile, LStringListMethods, LUsesIndex, LVarIndex, LImplementationIndex);
+        gmStatic:
+          if LVarIndex > -1 then
+            LStringListFile.Delete(LVarIndex);
+      end;
+
+      AddGeneratedHeader(LStringListFile);
+
+      LStringListFile.SaveToFile(TPath.Combine(LTarget, LFileName));
+    finally
+      LStringListMethods.Free();
+      LStringListFile.Free();
+    end;
+  end;
+end;
+
+begin
+  try
+    Main;
+    Writeln('done');
+  except
+    on E: Exception do
+    begin
+      Writeln(E.ClassName, ': ', E.Message);
+    end;
+  end;
+//  Readln;
+end.
diff --git a/Lib/Protocols/OpenSSL/GenerateCode/GenerateCode.dproj b/Lib/Protocols/OpenSSL/GenerateCode/GenerateCode.dproj
new file mode 100644
index 000000000..aa44901cd
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/GenerateCode/GenerateCode.dproj
@@ -0,0 +1,573 @@
+<Project xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+    <PropertyGroup>
+        <ProjectGuid>{BF1132E1-9278-4E93-A62E-F22EDF0C4C94}</ProjectGuid>
+        <ProjectVersion>18.2</ProjectVersion>
+        <FrameworkType>None</FrameworkType>
+        <MainSource>GenerateCode.dpr</MainSource>
+        <Base>True</Base>
+        <Config Condition="'$(Config)'==''">Debug</Config>
+        <Platform Condition="'$(Platform)'==''">Win32</Platform>
+        <TargetedPlatforms>1</TargetedPlatforms>
+        <AppType>Console</AppType>
+    </PropertyGroup>
+    <PropertyGroup Condition="'$(Config)'=='Base' or '$(Base)'!=''">
+        <Base>true</Base>
+    </PropertyGroup>
+    <PropertyGroup Condition="('$(Platform)'=='Win32' and '$(Base)'=='true') or '$(Base_Win32)'!=''">
+        <Base_Win32>true</Base_Win32>
+        <CfgParent>Base</CfgParent>
+        <Base>true</Base>
+    </PropertyGroup>
+    <PropertyGroup Condition="('$(Platform)'=='Win64' and '$(Base)'=='true') or '$(Base_Win64)'!=''">
+        <Base_Win64>true</Base_Win64>
+        <CfgParent>Base</CfgParent>
+        <Base>true</Base>
+    </PropertyGroup>
+    <PropertyGroup Condition="'$(Config)'=='Debug' or '$(Cfg_1)'!=''">
+        <Cfg_1>true</Cfg_1>
+        <CfgParent>Base</CfgParent>
+        <Base>true</Base>
+    </PropertyGroup>
+    <PropertyGroup Condition="('$(Platform)'=='Win32' and '$(Cfg_1)'=='true') or '$(Cfg_1_Win32)'!=''">
+        <Cfg_1_Win32>true</Cfg_1_Win32>
+        <CfgParent>Cfg_1</CfgParent>
+        <Cfg_1>true</Cfg_1>
+        <Base>true</Base>
+    </PropertyGroup>
+    <PropertyGroup Condition="'$(Config)'=='Release' or '$(Cfg_2)'!=''">
+        <Cfg_2>true</Cfg_2>
+        <CfgParent>Base</CfgParent>
+        <Base>true</Base>
+    </PropertyGroup>
+    <PropertyGroup Condition="'$(Base)'!=''">
+        <SanitizedProjectName>GenerateCode</SanitizedProjectName>
+        <DCC_Namespace>System;Xml;Data;Datasnap;Web;Soap;$(DCC_Namespace)</DCC_Namespace>
+        <VerInfo_Keys>CompanyName=;FileDescription=$(MSBuildProjectName);FileVersion=1.0.0.0;InternalName=;LegalCopyright=;LegalTrademarks=;OriginalFilename=;ProgramID=com.embarcadero.$(MSBuildProjectName);ProductName=$(MSBuildProjectName);ProductVersion=1.0.0.0;Comments=</VerInfo_Keys>
+        <VerInfo_Locale>1031</VerInfo_Locale>
+        <DCC_DcuOutput>.\$(Platform)\$(Config)</DCC_DcuOutput>
+        <DCC_ExeOutput>.\$(Platform)\$(Config)</DCC_ExeOutput>
+        <DCC_E>false</DCC_E>
+        <DCC_N>false</DCC_N>
+        <DCC_S>false</DCC_S>
+        <DCC_F>false</DCC_F>
+        <DCC_K>false</DCC_K>
+    </PropertyGroup>
+    <PropertyGroup Condition="'$(Base_Win32)'!=''">
+        <DCC_ConsoleTarget>true</DCC_ConsoleTarget>
+        <BT_BuildType>Debug</BT_BuildType>
+        <UWP_DelphiLogo150>$(BDS)\bin\Artwork\Windows\UWP\delphi_UwpDefault_150.png</UWP_DelphiLogo150>
+        <Debugger_RunParams>/Source &quot;C:\Git\mezen\Indy\Lib\Protocols\OpenSSL\IntermediateCode&quot; /Target &quot;C:\Git\mezen\Indy\Lib\Protocols\OpenSSL\dynamic&quot; /Mode dynamic</Debugger_RunParams>
+        <UWP_DelphiLogo44>$(BDS)\bin\Artwork\Windows\UWP\delphi_UwpDefault_44.png</UWP_DelphiLogo44>
+        <Manifest_File>(None)</Manifest_File>
+        <VerInfo_Locale>1033</VerInfo_Locale>
+        <DCC_Namespace>Winapi;System.Win;Data.Win;Datasnap.Win;Web.Win;Soap.Win;Xml.Win;Bde;$(DCC_Namespace)</DCC_Namespace>
+        <DCC_UsePackage>DBXSqliteDriver;dxFlowChartAdvancedCustomizeFormRS24;dxRichEditInplaceRS24;dxSpreadSheetConditionalFormattingDialogsRS24;dxPSdxGaugeControlLnkRS24;vclactnband;dxSpreadSheetRS24;vclFireDAC;dxDockingRS24;fs24;tethering;dxPScxTLLnkRS24;dxBarExtItemsRS24;FireDACADSDriver;JvPluginSystem;cxSchedulerWebServiceStorageRS24;edbrun;vcltouch;JvBands;vcldb;svn;JvJans;Spring.Base;dxADOServerModeRS24;TMSScripter_Memo;JvDotNetCtrls;dxGDIPlusRS24;dxCloudServiceLibraryRS24;dxPSdxDBTVLnkRS24;frx24;acQueryBuilderDsgnD24;dxNavBarRS24;vclx;cxTreeListRS24;dxtrmdRS24;DataBindingsVCL;dxRichEditControlCoreRS24;RESTBackendComponents;dxRibbonRS24;VCLRESTComponents;cxExportRS24;cxPivotGridChartRS24;cxTreeListdxBarPopupMenuRS24;dxTabbedMDIRS24;vclie;bindengine;CloudService;JvHMI;FireDACMySQLDriver;fsDB24;cxPivotGridOLAPRS24;acQueryBuilderD24;dxPSLnksRS24;bindcompdbx;IndyIPServer;DevExpressPresenter;dxCoreRS24;IndySystem;dsnapcon;acQueryBuilderADOD24;VirtualTreesR;FireDACMSAccDriver;fmxFireDAC;vclimg;Jcl;dxBarDBNavRS24;dxPSdxLCLnkRS24;FMXTee;dxPScxExtCommonRS24;dxPScxPivotGridLnkRS24;soaprtl;DbxCommonDriver;JvManagedThreads;xmlrtl;soapmidas;JvTimeFramework;fmxobj;sbridge240;rtl;TMSScripter_IDE;DbxClientDriver;cxGridRS24;acQueryBuilderDsgnADOD24;dxSpellCheckerRS24;JvSystem;cxLibraryRS24;JvStdCtrls;appanalytics;dxSkinsCoreRS24;fsTee24;dxMapControlRS24;IndyIPClient;bindcompvcl;dxPSdxMapControlLnkRS24;TeeUI;frxe24;dxPsPrVwAdvRS24;JvDocking;JvPascalInterpreter;VclSmp;cxSchedulerRibbonStyleEventEditorRS24;dxRichEditDocumentModelRS24;JclVcl;dxPSPrVwRibbonRS24;dxSpreadSheetReportDesignerRS24;JvControls;JvPrintPreview;dxdborRS24;dxmdsRS24;cxSchedulerGridRS24;RESTComponents;dxHttpIndyRequestRS24;DSharp.Core;DBXInterBaseDriver;cxPivotGridRS24;JvGlobus;svnui;dxdbtrRS24;dxPScxPCProdRS24;JvMM;TMSScripter;dxWizardControlRS24;bindcompfmx;JvNet;dxBarExtDBItemsRS24;dxPSdxOCLnkRS24;dxPSdxFCLnkRS24;inetdb;cxSchedulerTreeBrowserRS24;JvAppFrm;DataBindings;FmxTeeUI;FireDACIBDriver;fmx;fmxdae;dxSpreadSheetInplaceRichEditRS24;JvWizards;dbexpress;IndyCore;dxSpreadSheetCoreRS24;dxTileControlRS24;JvPageComps;dsnap;dxPSdxSpreadSheetLnkRS24;RVPkgD10_1;fsADO24;FireDACCommon;JvDB;soapserver;TMSScripter_Legacy;JclDeveloperTools;dxBarRS24;TMSScripter_VCL;JvCmp;DBXMySQLDriver;dxPSRichEditControlLnkRS24;dxPScxCommonRS24;FireDACCommonODBC;FireDACCommonDriver;dxPSdxPDFViewerLnkRS24;inet;IndyIPCommon;JvCustom;vcl;JvXPCtrls;dxPSdxDBOCLnkRS24;madExcept_;madBasic_;TeeDB;FireDAC;dxPScxVGridLnkRS24;dxPScxGridLnkRS24;JvCore;dxSpreadSheetCoreConditionalFormattingDialogsRS24;JvCrypt;FireDACSqliteDriver;FireDACPgDriver;dxServerModeRS24;JvDlgs;JvRuntimeDesign;dxSpreadSheetCoreDialogsRS24;Tee;SearchPathFinder;dxRichEditCoreRS24;cxSchedulerRS24;vclwinx;madDisAsm_;dxPSCoreRS24;frxTee24;CustomIPTransport;vcldsnap;dxPScxSchedulerLnkRS24;dxRibbonCustomizationFormRS24;bindcomp;dxorgcRS24;dxPDFViewerRS24;SynEdit_R;FixInsight_10_1;dxRichEditControlRS24;TreeViewPresenter;dbxcds;adortl;dxComnRS24;dxFlowChartRS24;cxVerticalGridRS24;frxDB24;dsnapxml;dbrtl;inetdbxpress;IndyProtocols;dxGaugeControlRS24;JclContainers;dxFlowChartDesignerRS24;fmxase;$(DCC_UsePackage)</DCC_UsePackage>
+    </PropertyGroup>
+    <PropertyGroup Condition="'$(Base_Win64)'!=''">
+        <DCC_ConsoleTarget>true</DCC_ConsoleTarget>
+        <UWP_DelphiLogo150>$(BDS)\bin\Artwork\Windows\UWP\delphi_UwpDefault_150.png</UWP_DelphiLogo150>
+        <DCC_UsePackage>DBXSqliteDriver;dxFlowChartAdvancedCustomizeFormRS24;dxRichEditInplaceRS24;dxSpreadSheetConditionalFormattingDialogsRS24;dxPSdxGaugeControlLnkRS24;vclactnband;dxSpreadSheetRS24;vclFireDAC;dxDockingRS24;tethering;dxPScxTLLnkRS24;dxBarExtItemsRS24;FireDACADSDriver;cxSchedulerWebServiceStorageRS24;vcltouch;vcldb;Spring.Base;dxADOServerModeRS24;TMSScripter_Memo;dxGDIPlusRS24;dxCloudServiceLibraryRS24;dxPSdxDBTVLnkRS24;acQueryBuilderDsgnD24;dxNavBarRS24;vclx;cxTreeListRS24;dxtrmdRS24;DataBindingsVCL;dxRichEditControlCoreRS24;RESTBackendComponents;dxRibbonRS24;VCLRESTComponents;cxExportRS24;cxPivotGridChartRS24;cxTreeListdxBarPopupMenuRS24;dxTabbedMDIRS24;vclie;bindengine;CloudService;FireDACMySQLDriver;cxPivotGridOLAPRS24;acQueryBuilderD24;dxPSLnksRS24;bindcompdbx;IndyIPServer;dxCoreRS24;IndySystem;dsnapcon;acQueryBuilderADOD24;VirtualTreesR;FireDACMSAccDriver;fmxFireDAC;vclimg;dxBarDBNavRS24;dxPSdxLCLnkRS24;FMXTee;dxPScxExtCommonRS24;dxPScxPivotGridLnkRS24;soaprtl;DbxCommonDriver;xmlrtl;soapmidas;fmxobj;rtl;TMSScripter_IDE;DbxClientDriver;cxGridRS24;acQueryBuilderDsgnADOD24;dxSpellCheckerRS24;cxLibraryRS24;appanalytics;dxSkinsCoreRS24;dxMapControlRS24;IndyIPClient;bindcompvcl;dxPSdxMapControlLnkRS24;TeeUI;dxPsPrVwAdvRS24;VclSmp;cxSchedulerRibbonStyleEventEditorRS24;dxRichEditDocumentModelRS24;dxPSPrVwRibbonRS24;dxSpreadSheetReportDesignerRS24;dxdborRS24;dxmdsRS24;cxSchedulerGridRS24;RESTComponents;dxHttpIndyRequestRS24;DSharp.Core;DBXInterBaseDriver;cxPivotGridRS24;dxdbtrRS24;dxPScxPCProdRS24;TMSScripter;dxWizardControlRS24;bindcompfmx;dxBarExtDBItemsRS24;dxPSdxOCLnkRS24;dxPSdxFCLnkRS24;inetdb;cxSchedulerTreeBrowserRS24;DataBindings;FmxTeeUI;FireDACIBDriver;fmx;fmxdae;dxSpreadSheetInplaceRichEditRS24;dbexpress;IndyCore;dxSpreadSheetCoreRS24;dxTileControlRS24;dsnap;dxPSdxSpreadSheetLnkRS24;FireDACCommon;soapserver;TMSScripter_Legacy;dxBarRS24;TMSScripter_VCL;DBXMySQLDriver;dxPSRichEditControlLnkRS24;dxPScxCommonRS24;FireDACCommonODBC;FireDACCommonDriver;dxPSdxPDFViewerLnkRS24;inet;IndyIPCommon;vcl;dxPSdxDBOCLnkRS24;TeeDB;FireDAC;dxPScxVGridLnkRS24;dxPScxGridLnkRS24;dxSpreadSheetCoreConditionalFormattingDialogsRS24;FireDACSqliteDriver;FireDACPgDriver;dxServerModeRS24;dxSpreadSheetCoreDialogsRS24;Tee;dxRichEditCoreRS24;cxSchedulerRS24;vclwinx;dxPSCoreRS24;CustomIPTransport;vcldsnap;dxPScxSchedulerLnkRS24;dxRibbonCustomizationFormRS24;bindcomp;dxorgcRS24;dxPDFViewerRS24;SynEdit_R;dxRichEditControlRS24;TreeViewPresenter;dbxcds;adortl;dxComnRS24;dxFlowChartRS24;cxVerticalGridRS24;dsnapxml;dbrtl;inetdbxpress;IndyProtocols;dxGaugeControlRS24;dxFlowChartDesignerRS24;fmxase;$(DCC_UsePackage)</DCC_UsePackage>
+        <UWP_DelphiLogo44>$(BDS)\bin\Artwork\Windows\UWP\delphi_UwpDefault_44.png</UWP_DelphiLogo44>
+    </PropertyGroup>
+    <PropertyGroup Condition="'$(Cfg_1)'!=''">
+        <DCC_Define>DEBUG;$(DCC_Define)</DCC_Define>
+        <DCC_DebugDCUs>true</DCC_DebugDCUs>
+        <DCC_Optimize>false</DCC_Optimize>
+        <DCC_GenerateStackFrames>true</DCC_GenerateStackFrames>
+        <DCC_DebugInfoInExe>true</DCC_DebugInfoInExe>
+        <DCC_RemoteDebug>true</DCC_RemoteDebug>
+    </PropertyGroup>
+    <PropertyGroup Condition="'$(Cfg_1_Win32)'!=''">
+        <Debugger_RunParams>/Source &quot;C:\Git\mezen\Indy\Lib\Protocols\OpenSSL\IntermediateCode&quot; /Target &quot;C:\Git\mezen\Indy\Lib\Protocols\OpenSSL\static&quot; /Mode static</Debugger_RunParams>
+        <VerInfo_Locale>1033</VerInfo_Locale>
+        <DCC_RemoteDebug>false</DCC_RemoteDebug>
+    </PropertyGroup>
+    <PropertyGroup Condition="'$(Cfg_2)'!=''">
+        <DCC_LocalDebugSymbols>false</DCC_LocalDebugSymbols>
+        <DCC_Define>RELEASE;$(DCC_Define)</DCC_Define>
+        <DCC_SymbolReferenceInfo>0</DCC_SymbolReferenceInfo>
+        <DCC_DebugInformation>0</DCC_DebugInformation>
+    </PropertyGroup>
+    <ItemGroup>
+        <DelphiCompile Include="$(MainSource)">
+            <MainSource>MainSource</MainSource>
+        </DelphiCompile>
+        <BuildConfiguration Include="Release">
+            <Key>Cfg_2</Key>
+            <CfgParent>Base</CfgParent>
+        </BuildConfiguration>
+        <BuildConfiguration Include="Base">
+            <Key>Base</Key>
+        </BuildConfiguration>
+        <BuildConfiguration Include="Debug">
+            <Key>Cfg_1</Key>
+            <CfgParent>Base</CfgParent>
+        </BuildConfiguration>
+    </ItemGroup>
+    <ProjectExtensions>
+        <Borland.Personality>Delphi.Personality.12</Borland.Personality>
+        <Borland.ProjectType>Application</Borland.ProjectType>
+        <BorlandProject>
+            <Delphi.Personality>
+                <Source>
+                    <Source Name="MainSource">GenerateCode.dpr</Source>
+                </Source>
+                <Excluded_Packages>
+                    <Excluded_Packages Name="$(BDSBIN)\dcloffice2k240.bpl">Microsoft Office 2000 Sample Automation Server Wrapper Components</Excluded_Packages>
+                    <Excluded_Packages Name="$(BDSBIN)\dclofficexp240.bpl">Microsoft Office XP Sample Automation Server Wrapper Components</Excluded_Packages>
+                </Excluded_Packages>
+            </Delphi.Personality>
+            <Deployment Version="3">
+                <DeployFile LocalName="$(BDS)\Redist\osx32\libcgunwind.1.0.dylib" Class="DependencyModule">
+                    <Platform Name="OSX32">
+                        <Overwrite>true</Overwrite>
+                    </Platform>
+                </DeployFile>
+                <DeployFile LocalName="$(BDS)\Redist\iossimulator\libcgunwind.1.0.dylib" Class="DependencyModule">
+                    <Platform Name="iOSSimulator">
+                        <Overwrite>true</Overwrite>
+                    </Platform>
+                </DeployFile>
+                <DeployFile LocalName="$(BDS)\Redist\iossimulator\libPCRE.dylib" Class="DependencyModule">
+                    <Platform Name="iOSSimulator">
+                        <Overwrite>true</Overwrite>
+                    </Platform>
+                </DeployFile>
+                <DeployFile LocalName="$(BDS)\Redist\osx32\libcgsqlite3.dylib" Class="DependencyModule">
+                    <Platform Name="OSX32">
+                        <Overwrite>true</Overwrite>
+                    </Platform>
+                </DeployFile>
+                <DeployFile LocalName="Win32\Debug\GenerateCode.exe" Configuration="Debug" Class="ProjectOutput">
+                    <Platform Name="Win32">
+                        <RemoteName>GenerateCode.exe</RemoteName>
+                        <Overwrite>true</Overwrite>
+                    </Platform>
+                </DeployFile>
+                <DeployClass Name="DependencyModule">
+                    <Platform Name="Win32">
+                        <Operation>0</Operation>
+                        <Extensions>.dll;.bpl</Extensions>
+                    </Platform>
+                    <Platform Name="iOSDevice64">
+                        <Operation>1</Operation>
+                        <Extensions>.dylib</Extensions>
+                    </Platform>
+                    <Platform Name="OSX32">
+                        <RemoteDir>Contents\MacOS</RemoteDir>
+                        <Operation>1</Operation>
+                        <Extensions>.dylib</Extensions>
+                    </Platform>
+                    <Platform Name="iOSDevice32">
+                        <Operation>1</Operation>
+                        <Extensions>.dylib</Extensions>
+                    </Platform>
+                    <Platform Name="iOSSimulator">
+                        <Operation>1</Operation>
+                        <Extensions>.dylib</Extensions>
+                    </Platform>
+                </DeployClass>
+                <DeployClass Name="ProjectOSXResource">
+                    <Platform Name="OSX32">
+                        <RemoteDir>Contents\Resources</RemoteDir>
+                        <Operation>1</Operation>
+                    </Platform>
+                </DeployClass>
+                <DeployClass Name="AndroidClassesDexFile">
+                    <Platform Name="Android">
+                        <RemoteDir>classes</RemoteDir>
+                        <Operation>1</Operation>
+                    </Platform>
+                </DeployClass>
+                <DeployClass Name="AdditionalDebugSymbols">
+                    <Platform Name="Win32">
+                        <RemoteDir>Contents\MacOS</RemoteDir>
+                        <Operation>0</Operation>
+                    </Platform>
+                    <Platform Name="iOSSimulator">
+                        <Operation>1</Operation>
+                    </Platform>
+                    <Platform Name="OSX32">
+                        <RemoteDir>Contents\MacOS</RemoteDir>
+                        <Operation>1</Operation>
+                    </Platform>
+                </DeployClass>
+                <DeployClass Name="iPad_Launch768">
+                    <Platform Name="iOSSimulator">
+                        <Operation>1</Operation>
+                    </Platform>
+                    <Platform Name="iOSDevice64">
+                        <Operation>1</Operation>
+                    </Platform>
+                    <Platform Name="iOSDevice32">
+                        <Operation>1</Operation>
+                    </Platform>
+                </DeployClass>
+                <DeployClass Name="Android_LauncherIcon144">
+                    <Platform Name="Android">
+                        <RemoteDir>res\drawable-xxhdpi</RemoteDir>
+                        <Operation>1</Operation>
+                    </Platform>
+                </DeployClass>
+                <DeployClass Name="AndroidLibnativeMipsFile">
+                    <Platform Name="Android">
+                        <RemoteDir>library\lib\mips</RemoteDir>
+                        <Operation>1</Operation>
+                    </Platform>
+                </DeployClass>
+                <DeployClass Required="true" Name="ProjectOutput">
+                    <Platform Name="iOSDevice64">
+                        <Operation>1</Operation>
+                    </Platform>
+                    <Platform Name="iOSDevice32">
+                        <Operation>1</Operation>
+                    </Platform>
+                    <Platform Name="Win32">
+                        <Operation>0</Operation>
+                    </Platform>
+                    <Platform Name="Linux64">
+                        <Operation>1</Operation>
+                    </Platform>
+                    <Platform Name="OSX32">
+                        <RemoteDir>Contents\MacOS</RemoteDir>
+                        <Operation>1</Operation>
+                    </Platform>
+                    <Platform Name="Android">
+                        <RemoteDir>library\lib\armeabi-v7a</RemoteDir>
+                        <Operation>1</Operation>
+                    </Platform>
+                    <Platform Name="iOSSimulator">
+                        <Operation>1</Operation>
+                    </Platform>
+                </DeployClass>
+                <DeployClass Name="DependencyFramework">
+                    <Platform Name="Win32">
+                        <Operation>0</Operation>
+                    </Platform>
+                    <Platform Name="OSX32">
+                        <RemoteDir>Contents\MacOS</RemoteDir>
+                        <Operation>1</Operation>
+                        <Extensions>.framework</Extensions>
+                    </Platform>
+                </DeployClass>
+                <DeployClass Name="ProjectUWPManifest">
+                    <Platform Name="Win32">
+                        <Operation>1</Operation>
+                    </Platform>
+                    <Platform Name="Win64">
+                        <Operation>1</Operation>
+                    </Platform>
+                </DeployClass>
+                <DeployClass Name="iPhone_Launch640">
+                    <Platform Name="iOSSimulator">
+                        <Operation>1</Operation>
+                    </Platform>
+                    <Platform Name="iOSDevice64">
+                        <Operation>1</Operation>
+                    </Platform>
+                    <Platform Name="iOSDevice32">
+                        <Operation>1</Operation>
+                    </Platform>
+                </DeployClass>
+                <DeployClass Name="iPad_Launch1024">
+                    <Platform Name="iOSSimulator">
+                        <Operation>1</Operation>
+                    </Platform>
+                    <Platform Name="iOSDevice64">
+                        <Operation>1</Operation>
+                    </Platform>
+                    <Platform Name="iOSDevice32">
+                        <Operation>1</Operation>
+                    </Platform>
+                </DeployClass>
+                <DeployClass Name="ProjectiOSDeviceDebug">
+                    <Platform Name="iOSDevice64">
+                        <RemoteDir>..\$(PROJECTNAME).app.dSYM\Contents\Resources\DWARF</RemoteDir>
+                        <Operation>1</Operation>
+                    </Platform>
+                    <Platform Name="iOSDevice32">
+                        <RemoteDir>..\$(PROJECTNAME).app.dSYM\Contents\Resources\DWARF</RemoteDir>
+                        <Operation>1</Operation>
+                    </Platform>
+                </DeployClass>
+                <DeployClass Name="iPhone_Launch320">
+                    <Platform Name="iOSSimulator">
+                        <Operation>1</Operation>
+                    </Platform>
+                    <Platform Name="iOSDevice64">
+                        <Operation>1</Operation>
+                    </Platform>
+                    <Platform Name="iOSDevice32">
+                        <Operation>1</Operation>
+                    </Platform>
+                </DeployClass>
+                <DeployClass Name="ProjectiOSInfoPList">
+                    <Platform Name="iOSSimulator">
+                        <Operation>1</Operation>
+                    </Platform>
+                    <Platform Name="iOSDevice64">
+                        <Operation>1</Operation>
+                    </Platform>
+                    <Platform Name="iOSDevice32">
+                        <Operation>1</Operation>
+                    </Platform>
+                </DeployClass>
+                <DeployClass Name="AndroidLibnativeArmeabiFile">
+                    <Platform Name="Android">
+                        <RemoteDir>library\lib\armeabi</RemoteDir>
+                        <Operation>1</Operation>
+                    </Platform>
+                </DeployClass>
+                <DeployClass Name="DebugSymbols">
+                    <Platform Name="Win32">
+                        <Operation>0</Operation>
+                    </Platform>
+                    <Platform Name="iOSSimulator">
+                        <Operation>1</Operation>
+                    </Platform>
+                    <Platform Name="OSX32">
+                        <RemoteDir>Contents\MacOS</RemoteDir>
+                        <Operation>1</Operation>
+                    </Platform>
+                </DeployClass>
+                <DeployClass Name="iPad_Launch1536">
+                    <Platform Name="iOSSimulator">
+                        <Operation>1</Operation>
+                    </Platform>
+                    <Platform Name="iOSDevice64">
+                        <Operation>1</Operation>
+                    </Platform>
+                    <Platform Name="iOSDevice32">
+                        <Operation>1</Operation>
+                    </Platform>
+                </DeployClass>
+                <DeployClass Name="Android_SplashImage470">
+                    <Platform Name="Android">
+                        <RemoteDir>res\drawable-normal</RemoteDir>
+                        <Operation>1</Operation>
+                    </Platform>
+                </DeployClass>
+                <DeployClass Name="Android_LauncherIcon96">
+                    <Platform Name="Android">
+                        <RemoteDir>res\drawable-xhdpi</RemoteDir>
+                        <Operation>1</Operation>
+                    </Platform>
+                </DeployClass>
+                <DeployClass Name="Android_SplashImage640">
+                    <Platform Name="Android">
+                        <RemoteDir>res\drawable-large</RemoteDir>
+                        <Operation>1</Operation>
+                    </Platform>
+                </DeployClass>
+                <DeployClass Name="iPhone_Launch640x1136">
+                    <Platform Name="iOSSimulator">
+                        <Operation>1</Operation>
+                    </Platform>
+                    <Platform Name="iOSDevice64">
+                        <Operation>1</Operation>
+                    </Platform>
+                    <Platform Name="iOSDevice32">
+                        <Operation>1</Operation>
+                    </Platform>
+                </DeployClass>
+                <DeployClass Name="UWP_DelphiLogo44">
+                    <Platform Name="Win32">
+                        <RemoteDir>Assets</RemoteDir>
+                        <Operation>1</Operation>
+                    </Platform>
+                    <Platform Name="Win64">
+                        <RemoteDir>Assets</RemoteDir>
+                        <Operation>1</Operation>
+                    </Platform>
+                </DeployClass>
+                <DeployClass Name="ProjectiOSEntitlements">
+                    <Platform Name="iOSDevice64">
+                        <RemoteDir>..\</RemoteDir>
+                        <Operation>1</Operation>
+                    </Platform>
+                    <Platform Name="iOSDevice32">
+                        <RemoteDir>..\</RemoteDir>
+                        <Operation>1</Operation>
+                    </Platform>
+                </DeployClass>
+                <DeployClass Name="Android_LauncherIcon72">
+                    <Platform Name="Android">
+                        <RemoteDir>res\drawable-hdpi</RemoteDir>
+                        <Operation>1</Operation>
+                    </Platform>
+                </DeployClass>
+                <DeployClass Name="AndroidGDBServer">
+                    <Platform Name="Android">
+                        <RemoteDir>library\lib\armeabi-v7a</RemoteDir>
+                        <Operation>1</Operation>
+                    </Platform>
+                </DeployClass>
+                <DeployClass Name="ProjectOSXInfoPList">
+                    <Platform Name="OSX32">
+                        <RemoteDir>Contents</RemoteDir>
+                        <Operation>1</Operation>
+                    </Platform>
+                </DeployClass>
+                <DeployClass Name="ProjectOSXEntitlements">
+                    <Platform Name="OSX32">
+                        <RemoteDir>..\</RemoteDir>
+                        <Operation>1</Operation>
+                    </Platform>
+                </DeployClass>
+                <DeployClass Name="UWP_DelphiLogo150">
+                    <Platform Name="Win32">
+                        <RemoteDir>Assets</RemoteDir>
+                        <Operation>1</Operation>
+                    </Platform>
+                    <Platform Name="Win64">
+                        <RemoteDir>Assets</RemoteDir>
+                        <Operation>1</Operation>
+                    </Platform>
+                </DeployClass>
+                <DeployClass Name="iPad_Launch2048">
+                    <Platform Name="iOSSimulator">
+                        <Operation>1</Operation>
+                    </Platform>
+                    <Platform Name="iOSDevice64">
+                        <Operation>1</Operation>
+                    </Platform>
+                    <Platform Name="iOSDevice32">
+                        <Operation>1</Operation>
+                    </Platform>
+                </DeployClass>
+                <DeployClass Name="AndroidSplashStyles">
+                    <Platform Name="Android">
+                        <RemoteDir>res\values</RemoteDir>
+                        <Operation>1</Operation>
+                    </Platform>
+                </DeployClass>
+                <DeployClass Name="Android_SplashImage426">
+                    <Platform Name="Android">
+                        <RemoteDir>res\drawable-small</RemoteDir>
+                        <Operation>1</Operation>
+                    </Platform>
+                </DeployClass>
+                <DeployClass Name="AndroidSplashImageDef">
+                    <Platform Name="Android">
+                        <RemoteDir>res\drawable</RemoteDir>
+                        <Operation>1</Operation>
+                    </Platform>
+                </DeployClass>
+                <DeployClass Name="ProjectiOSResource">
+                    <Platform Name="iOSSimulator">
+                        <Operation>1</Operation>
+                    </Platform>
+                    <Platform Name="iOSDevice64">
+                        <Operation>1</Operation>
+                    </Platform>
+                    <Platform Name="iOSDevice32">
+                        <Operation>1</Operation>
+                    </Platform>
+                </DeployClass>
+                <DeployClass Name="ProjectAndroidManifest">
+                    <Platform Name="Android">
+                        <Operation>1</Operation>
+                    </Platform>
+                </DeployClass>
+                <DeployClass Name="Android_DefaultAppIcon">
+                    <Platform Name="Android">
+                        <RemoteDir>res\drawable</RemoteDir>
+                        <Operation>1</Operation>
+                    </Platform>
+                </DeployClass>
+                <DeployClass Name="File">
+                    <Platform Name="Win32">
+                        <Operation>0</Operation>
+                    </Platform>
+                    <Platform Name="iOSDevice64">
+                        <Operation>0</Operation>
+                    </Platform>
+                    <Platform Name="OSX32">
+                        <RemoteDir>Contents\Resources\StartUp\</RemoteDir>
+                        <Operation>0</Operation>
+                    </Platform>
+                    <Platform Name="iOSDevice32">
+                        <Operation>0</Operation>
+                    </Platform>
+                    <Platform Name="Android">
+                        <Operation>0</Operation>
+                    </Platform>
+                    <Platform Name="iOSSimulator">
+                        <Operation>0</Operation>
+                    </Platform>
+                </DeployClass>
+                <DeployClass Name="AndroidServiceOutput">
+                    <Platform Name="Android">
+                        <RemoteDir>library\lib\armeabi-v7a</RemoteDir>
+                        <Operation>1</Operation>
+                    </Platform>
+                </DeployClass>
+                <DeployClass Required="true" Name="DependencyPackage">
+                    <Platform Name="Win32">
+                        <Operation>0</Operation>
+                        <Extensions>.bpl</Extensions>
+                    </Platform>
+                    <Platform Name="iOSDevice64">
+                        <Operation>1</Operation>
+                        <Extensions>.dylib</Extensions>
+                    </Platform>
+                    <Platform Name="OSX32">
+                        <RemoteDir>Contents\MacOS</RemoteDir>
+                        <Operation>1</Operation>
+                        <Extensions>.dylib</Extensions>
+                    </Platform>
+                    <Platform Name="iOSDevice32">
+                        <Operation>1</Operation>
+                        <Extensions>.dylib</Extensions>
+                    </Platform>
+                    <Platform Name="iOSSimulator">
+                        <Operation>1</Operation>
+                        <Extensions>.dylib</Extensions>
+                    </Platform>
+                </DeployClass>
+                <DeployClass Name="Android_LauncherIcon48">
+                    <Platform Name="Android">
+                        <RemoteDir>res\drawable-mdpi</RemoteDir>
+                        <Operation>1</Operation>
+                    </Platform>
+                </DeployClass>
+                <DeployClass Name="Android_SplashImage960">
+                    <Platform Name="Android">
+                        <RemoteDir>res\drawable-xlarge</RemoteDir>
+                        <Operation>1</Operation>
+                    </Platform>
+                </DeployClass>
+                <DeployClass Name="Android_LauncherIcon36">
+                    <Platform Name="Android">
+                        <RemoteDir>res\drawable-ldpi</RemoteDir>
+                        <Operation>1</Operation>
+                    </Platform>
+                </DeployClass>
+                <DeployClass Name="ProjectiOSDeviceResourceRules">
+                    <Platform Name="iOSDevice64">
+                        <Operation>1</Operation>
+                    </Platform>
+                    <Platform Name="iOSDevice32">
+                        <Operation>1</Operation>
+                    </Platform>
+                </DeployClass>
+                <ProjectRoot Platform="iOSDevice64" Name="$(PROJECTNAME).app"/>
+                <ProjectRoot Platform="Win64" Name="$(PROJECTNAME)"/>
+                <ProjectRoot Platform="iOSDevice32" Name="$(PROJECTNAME).app"/>
+                <ProjectRoot Platform="Linux64" Name="$(PROJECTNAME)"/>
+                <ProjectRoot Platform="Win32" Name="$(PROJECTNAME)"/>
+                <ProjectRoot Platform="OSX32" Name="$(PROJECTNAME).app"/>
+                <ProjectRoot Platform="Android" Name="$(PROJECTNAME)"/>
+                <ProjectRoot Platform="iOSSimulator" Name="$(PROJECTNAME).app"/>
+            </Deployment>
+            <Platforms>
+                <Platform value="Win32">True</Platform>
+                <Platform value="Win64">False</Platform>
+            </Platforms>
+        </BorlandProject>
+        <ProjectFileVersion>12</ProjectFileVersion>
+    </ProjectExtensions>
+    <Import Project="$(BDS)\Bin\CodeGear.Delphi.Targets" Condition="Exists('$(BDS)\Bin\CodeGear.Delphi.Targets')"/>
+    <Import Project="$(APPDATA)\Embarcadero\$(BDSAPPDATABASEDIR)\$(PRODUCTVERSION)\UserTools.proj" Condition="Exists('$(APPDATA)\Embarcadero\$(BDSAPPDATABASEDIR)\$(PRODUCTVERSION)\UserTools.proj')"/>
+    <Import Project="$(MSBuildProjectName).deployproj" Condition="Exists('$(MSBuildProjectName).deployproj')"/>
+</Project>
diff --git a/Lib/Protocols/OpenSSL/IdOpenSSLConsts.pas b/Lib/Protocols/OpenSSL/IdOpenSSLConsts.pas
new file mode 100644
index 000000000..1ec07c84b
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/IdOpenSSLConsts.pas
@@ -0,0 +1,19 @@
+unit IdOpenSSLConsts;
+
+interface
+
+{$i IdCompilerDefines.inc}
+
+const
+  CLibCrypto =
+    {$IFDEF CPU32}'libcrypto-1_1.dll'{$ENDIF}
+    {$IFDEF CPU64}'libcrypto-1_1-x64.dll'{$ENDIF}
+    ;
+  CLibSSL =
+    {$IFDEF CPU32}'libssl-1_1.dll'{$ENDIF}
+    {$IFDEF CPU64}'libssl-1_1-x64.dll'{$ENDIF}
+    ;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/IdOpenSSLContext.pas b/Lib/Protocols/OpenSSL/IdOpenSSLContext.pas
new file mode 100644
index 000000000..73b6b97a1
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/IdOpenSSLContext.pas
@@ -0,0 +1,396 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+unit IdOpenSSLContext;
+
+interface
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLHeaders_ossl_typ,
+  IdOpenSSLHeaders_ssl,
+  IdOpenSSLOptions,
+  IdOpenSSLSocket,
+  IdOpenSSLTypes,
+  IdOpenSSLVersion;
+
+type
+  TIdOpenSSLContext = class(TObject)
+  public const
+    CExDataIndexSelf = 0;
+//    CExDataIndexOptions = 1;
+  private
+    FContext: PSSL_CTX;
+    FOptions: TIdOpenSSLOptionsBase;
+    function AreOptionsUnchanged(const AOptions: TIdOpenSSLOptionsBase): Boolean;
+
+    procedure InitContextWithStaticValues(const AContext: PSSL_CTX);
+    procedure SetExData(const AContext: PSSL_CTX; AIndex: Integer; const AObj: TObject);
+    procedure SetTLSVersions(
+      const AContext: PSSL_CTX;
+      const AMinVersion: TIdOpenSSLVersion;
+      const AMaxVersion: TIdOpenSSLVersion);
+    procedure SetVerifyLocations(
+      const AContext: PSSL_CTX;
+      const AVerifyCertificate: UTF8String;
+      const AVerifyCertDirectory: UTF8String);
+    procedure SetCertificate(
+      const AContext: PSSL_CTX;
+      const ACertificateFile: UTF8String;
+      const APrivateKeyFile: UTF8String);
+    procedure SetCiphers(
+      const AContext: PSSL_CTX;
+      const ACipherList: UTF8String;
+      const ACipherSuites: UTF8String;
+      const AUseServerCipherPreferences: Boolean);
+    procedure SetKeylogCallback(
+      const AContext: PSSL_CTX;
+      const ACallback: TKeyLog);
+    procedure SetLegacyOptions(
+      const AContext: PSSL_CTX;
+      const AAllowUnsafeLegacyRenegotiation: Boolean;
+      const AUseLegacyServerConnect: Boolean);
+
+    /// <summary>
+    ///   Decrements the reference count of the internal SSL_CTX object, and
+    ///   removes the SSL_CTX object pointed to by ctx and frees up the
+    ///   allocated memory if the reference count has reached 0
+    /// </summary>
+    /// <remarks>
+    ///   The function is nil-safe
+    /// </remarks>
+    procedure FreeContext(const AContext: PSSL_CTX);
+  protected
+    function GetVerifyMode(const AOptions: TIdOpenSSLOptionsBase): TIdC_INT; virtual; abstract;
+  public
+    destructor Destroy; override;
+
+    function Init(const AOptions: TIdOpenSSLOptionsBase): Boolean;
+    function CreateSocket: TIdOpenSSLSocket; virtual; abstract;
+
+    property OpenSSLContext: PSSL_CTX read FContext;
+  end;
+
+implementation
+
+uses
+  IdOpenSSLExceptionResourcestrings,
+  IdOpenSSLExceptions,
+  IdOpenSSLHeaders_ssl3,
+  IdOpenSSLHeaders_tls1,
+  IdOpenSSLHeaders_x509,
+  IdOpenSSLHeaders_x509_vfy,
+  IdOpenSSLUtils,
+  IdOpenSSLX509,
+  Math,
+  SysUtils;
+
+function FreeString(const Value: string): Boolean;
+var
+  refCount: Integer;
+begin
+  // clear passed string if its refcount allows for it, removes the value from
+  //  memory of the process
+  refCount := StringRefCount(Value);
+  Result := (refCount > -1) and (refCount < 2);
+  if Result then
+    FillChar(PByte(Value)^, Length(Value) * SizeOf(Char), 0);
+end;
+
+function GetPasswordCallback(buf: PIdAnsiChar; size: TIdC_INT; rwflag: TIdC_INT; userdata: Pointer): TIdC_INT; cdecl;
+type
+  PBytesPtr = ^TBytes;
+var
+  LContext: TIdOpenSSLContext;
+  LPassword: string;
+  LPasswordBytes: TIdBytes;
+  LPasswordByteLength: Integer;
+begin
+  Result := 0;
+  LContext := TIdOpenSSLContext(userdata);
+  if not Assigned(LContext.FOptions.OnGetPassword) then
+    Exit;
+  FillChar(buf^, size, 0);
+
+  LPassword := '';
+  LContext.FOptions.OnGetPassword(LContext, LPassword, rwflag = 1);
+  UniqueString(LPassword);
+
+  LPasswordBytes := IndyTextEncoding_OSDefault.GetBytes(LPassword);
+  LPasswordByteLength := Length(LPasswordBytes);
+  if LPasswordByteLength = 0 then
+    Exit;
+  {$IFDEF USE_MARSHALLED_PTRS}
+  TMarshal.Copy(PBytesPtr(@LPasswordBytes)^, 0, TPtrWrapper.Create(buf), IndyMin(LPasswordByteLength, size));
+  {$ELSE}
+  Move(LPasswordBytes[0], buf^, IndyMin(LPasswordByteLength, size));
+  {$ENDIF}
+
+  // Override memory to prevent reading password via memory dump
+  FillChar(LPasswordBytes[0], LPasswordByteLength, 0);
+  FreeString(LPassword);
+
+  buf[size-1] := #0; // RLebeau: truncate the password if needed
+  Result := IndyMin(LPasswordByteLength, size);
+end;
+
+function VerifyCallback(preverify_ok: TIdC_INT; x509_ctx: PX509_STORE_CTX): TIdC_INT; cdecl;
+var
+  LCertOpenSSL: PX509;
+  LCertIndy: TIdOpenSSLX509;
+  LVerifyResult: TIdC_INT;
+  LDepth: TIdC_INT;
+  LSSL: PSSL;
+  LCtx: PSSL_CTX;
+  LContext: TIdOpenSSLContext;
+  LAccepted: Boolean;
+begin
+  Result := 0;
+
+  LSSL := X509_STORE_CTX_get_ex_data(x509_ctx, SSL_get_ex_data_X509_STORE_CTX_idx());
+  LCtx := SSL_get_SSL_CTX(LSSL);
+  LContext := TIdOpenSSLContext(SSL_ctx_get_ex_data(LCtx, TIdOpenSSLContext.CExDataIndexSelf));
+  if not Assigned(LContext) then
+    EIdOpenSSLGetExDataError.&Raise(RIdOpenSSLGetExDataError);
+
+  if not Assigned(LContext.FOptions.OnVerify) then
+  begin
+    Result := preverify_ok;
+    Exit;
+  end;
+
+  LVerifyResult := X509_STORE_CTX_get_error(x509_ctx);
+  LDepth := X509_STORE_CTX_get_error_depth(x509_ctx);
+
+  LCertOpenSSL := X509_STORE_CTX_get_current_cert(x509_ctx);
+  if not Assigned(LCertOpenSSL) then
+    Exit;
+  LCertIndy := TIdOpenSSLX509.Create(LCertOpenSSL);
+  try
+    LAccepted := IntToBool(preverify_ok);
+    LContext.FOptions.OnVerify(LContext, LCertIndy, LVerifyResult, LDepth, LAccepted);
+    Result := BoolToInt(LAccepted);
+  finally
+    LCertIndy.Free();
+  end;
+end;
+
+procedure KeylogCallback(const ssl: PSSL; const line: PIdAnsiChar); cdecl;
+var
+  LCtx: PSSL_CTX;
+  LContext: TIdOpenSSLContext;
+begin
+  LCtx := SSL_get_SSL_CTX(ssl);
+  LContext := TIdOpenSSLContext(SSL_ctx_get_ex_data(LCtx, TIdOpenSSLContext.CExDataIndexSelf));
+  if not Assigned(LContext) then
+    EIdOpenSSLGetExDataError.&Raise(RIdOpenSSLGetExDataError);
+
+//  LOptions := TIdOpenSSLOptionsBase(SSL_ctx_get_ex_data(LCtx, TIdOpenSSLContext.CExDataIndexOptions));
+//  if not Assigned(LOptions) then
+//    EIdOpenSSLGetExDataError.&Raise(RIdOpenSSLGetExDataError);
+
+  if not Assigned(LContext.FOptions.OnKeyLogging) then
+    Exit;
+  LContext.FOptions.OnKeyLogging(LContext, GetString(line));
+end;
+
+{ TIdOpenSSLContext }
+
+function TIdOpenSSLContext.AreOptionsUnchanged(
+  const AOptions: TIdOpenSSLOptionsBase): Boolean;
+begin
+  Result := not Assigned(FOptions) or not FOptions.Equals(AOptions);
+end;
+
+destructor TIdOpenSSLContext.Destroy;
+begin
+  FOptions.Free();
+  FreeContext(FContext);
+  inherited;
+end;
+
+procedure TIdOpenSSLContext.FreeContext(const AContext: PSSL_CTX);
+begin
+  if Assigned(AContext) then
+    SSL_CTX_Free(AContext); // SSL_CTX_Free is also nil-safe
+end;
+
+function TIdOpenSSLContext.Init(const AOptions: TIdOpenSSLOptionsBase): Boolean;
+begin
+  Result := True;
+  if Assigned(FContext) and AreOptionsUnchanged(AOptions) then
+    Exit;
+
+  FreeContext(FContext);
+  FContext := SSL_CTX_new(TLS_method());
+//  FContext := SSL_CTX_new(TLS_method());
+  if not Assigned(FContext) then
+    EIdOpenSSLNewSSLCtxError.&Raise(RIdOpenSSLNewSSLCtxError);
+
+  FOptions.Free();
+  FOptions := AOptions.Clone() as TIdOpenSSLOptionsBase;
+
+  InitContextWithStaticValues(FContext);
+
+  SetCertificate(FContext, UTF8String(FOptions.CertFile), UTF8String(FOptions.CertKey));
+  SetTLSVersions(FContext, FOptions.TLSVersionMinimum, FOptions.TLSVersionMaximum);
+  SetVerifyLocations(FContext, UTF8String(FOptions.VerifyCertificate), UTF8String(FOptions.VerifyCertDirectory));
+  SSL_CTX_set_verify(FContext, GetVerifyMode(FOptions), VerifyCallback);
+//  SSL_CTX_set_verify(FContext, GetVerifyMode(FOptions), nil);
+  SetCiphers(FContext, UTF8String(FOptions.CipherList), UTF8String(FOptions.CipherSuites), FOptions.UseServerCipherPreferences);
+  SetKeylogCallback(FContext, FOptions.OnKeyLogging);
+  SetLegacyOptions(FContext, FOptions.AllowUnsafeLegacyRenegotiation, FOptions.UseLegacyServerConnect);
+end;
+
+procedure TIdOpenSSLContext.InitContextWithStaticValues(
+  const AContext: PSSL_CTX);
+begin
+  SSL_CTX_set_mode(AContext, SSL_MODE_AUTO_RETRY);
+  SSL_CTX_set_default_verify_paths(AContext);
+  SSL_CTX_set_session_cache_mode(AContext, SSL_SESS_CACHE_BOTH);
+  SetExData(AContext, CExDataIndexSelf, Self);
+//  SetExData(AContext, CExDataIndexOptions, FOptions);
+
+//  SSL_CTX_set_verify_depth(AContext, -1);
+
+  SSL_CTX_set_default_passwd_cb(AContext, GetPasswordCallback);
+  SSL_CTX_set_default_passwd_cb_userdata(AContext, Pointer(Self));
+end;
+
+procedure TIdOpenSSLContext.SetCertificate(const AContext: PSSL_CTX;
+  const ACertificateFile, APrivateKeyFile: UTF8String);
+begin
+  if (ACertificateFile = '') and (APrivateKeyFile = '') then
+    Exit;
+
+  if ACertificateFile <> '' then
+//    if SSL_CTX_use_certificate_file(FContext, GetPAnsiChar(ACertificateFile), SSL_FILETYPE_PEM) <> 1 then
+    if SSL_CTX_use_certificate_chain_file(AContext, GetPAnsiChar(ACertificateFile)) <> 1 then
+      EIdOpenSSLSetCertificateError.&Raise();
+
+  if APrivateKeyFile <> '' then
+    if SSL_CTX_use_PrivateKey_file(AContext, GetPAnsiChar(APrivateKeyFile), SSL_FILETYPE_PEM) <> 1 then
+      EIdOpenSSLSetPrivateKeyError.&Raise();
+
+  if SSL_CTX_check_private_key(AContext) <> 1 then
+    EIdOpenSSLCertAndPrivKeyMisMatchError.&Raise();
+end;
+
+procedure TIdOpenSSLContext.SetCiphers(
+  const AContext: PSSL_CTX;
+  const ACipherList: UTF8String;
+  const ACipherSuites: UTF8String;
+  const AUseServerCipherPreferences: Boolean);
+begin
+  if ACipherList <> '' then
+    if SSL_CTX_set_cipher_list(AContext, GetPAnsiChar(ACipherList)) <> 1 then
+      EIdOpenSSLSetCipherListError.&Raise(RIdOpenSSLSetCipherListError);
+  if ACipherSuites <> '' then
+    if SSL_CTX_set_ciphersuites(AContext, GetPAnsiChar(ACipherSuites)) <> 1 then
+      EIdOpenSSLSetCipherSuiteError.&Raise(RIdOpenSSLSetCipherSuiteError);
+
+  if AUseServerCipherPreferences then
+    SSL_CTX_set_options(AContext, SSL_OP_CIPHER_SERVER_PREFERENCE)
+  else
+    SSL_CTX_clear_options(AContext, SSL_OP_CIPHER_SERVER_PREFERENCE);
+end;
+
+procedure TIdOpenSSLContext.SetExData(const AContext: PSSL_CTX; AIndex: Integer;
+  const AObj: TObject);
+begin
+  if SSL_CTX_set_ex_data(AContext, AIndex, Pointer(AObj)) <> 1 then
+    EIdOpenSSLSetExDataError.&Raise(RIdOpenSSLSetExDataError);
+end;
+
+procedure TIdOpenSSLContext.SetKeylogCallback(
+  const AContext: PSSL_CTX;
+  const ACallback: TKeyLog);
+begin
+  if Assigned(ACallback) then
+    SSL_CTX_set_keylog_callback(AContext, KeylogCallback)
+  else
+    SSL_CTX_set_keylog_callback(AContext, nil);
+end;
+
+procedure TIdOpenSSLContext.SetLegacyOptions(
+  const AContext: PSSL_CTX;
+  const AAllowUnsafeLegacyRenegotiation: Boolean;
+  const AUseLegacyServerConnect: Boolean);
+begin
+  if AAllowUnsafeLegacyRenegotiation then
+    SSL_CTX_set_options(AContext, SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION)
+  else
+    SSL_CTX_clear_options(AContext, SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION);
+
+  if AUseLegacyServerConnect then
+    SSL_CTX_set_options(AContext, SSL_OP_LEGACY_SERVER_CONNECT)
+  else
+    SSL_CTX_clear_options(AContext, SSL_OP_LEGACY_SERVER_CONNECT);
+end;
+
+procedure TIdOpenSSLContext.SetTLSVersions(
+  const AContext: PSSL_CTX;
+  const AMinVersion: TIdOpenSSLVersion;
+  const AMaxVersion: TIdOpenSSLVersion);
+const
+  CVersionConverter: array[TIdOpenSSLVersion] of TIdC_INT =
+  (
+    0,                //Undefined - 0 means autoconfiguration lowest (for min)
+                      //            or highest (for max) by OpenSSL itselfs
+    SSL3_VERSION,     //SSLv3
+    TLS1_VERSION,     //TLSv1
+    TLS1_1_VERSION,   //TLSv1_1
+    TLS1_2_VERSION,   //TLSv1_2
+    TLS1_3_VERSION    //TLSv1_3
+  );
+begin
+  SSL_CTX_set_min_proto_version(AContext, CVersionConverter[AMinVersion]);
+  SSL_CTX_set_max_proto_version(AContext, CVersionConverter[AMaxVersion]);
+end;
+
+procedure TIdOpenSSLContext.SetVerifyLocations(const AContext: PSSL_CTX;
+  const AVerifyCertificate, AVerifyCertDirectory: UTF8String);
+var
+  LCert: PIdAnsiChar;
+  LDir: PIdAnsiChar;
+begin
+  if not ((AVerifyCertificate = '') and (AVerifyCertDirectory = '')) then
+  begin
+    LCert := GetPAnsiCharOrNil(AVerifyCertificate);
+    LDir := GetPAnsiCharOrNil(AVerifyCertDirectory);
+    if SSL_CTX_load_verify_locations(AContext,
+      LCert,
+      LDir) = 0 then
+    begin
+      EIdOpenSSLSetVerifyLocationError.&Raise(RIdOpenSSLSetVerifyLocationError);
+    end;
+  end;
+end;
+
+end.
diff --git a/Lib/Protocols/OpenSSL/IdOpenSSLContextClient.pas b/Lib/Protocols/OpenSSL/IdOpenSSLContextClient.pas
new file mode 100644
index 000000000..56d893b10
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/IdOpenSSLContextClient.pas
@@ -0,0 +1,113 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+unit IdOpenSSLContextClient;
+
+interface
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdOpenSSLContext,
+  IdOpenSSLOptions,
+  IdOpenSSLOptionsClient,
+  IdOpenSSLSocket;
+
+type
+  TIdOpenSSLContextClient = class(TIdOpenSSLContext)
+  private
+    FSession: Pointer;
+  protected
+    function GetVerifyMode(const AOptions: TIdOpenSSLOptionsBase): TIdC_INT; override;
+  public
+    function Init(const AOptions: TIdOpenSSLOptionsClient): Boolean;
+    function CreateSocket: TIdOpenSSLSocket; override;
+  end;
+
+implementation
+
+uses
+  IdOpenSSLHeaders_ssl,
+  IdOpenSSLSocketClient,
+  IdOpenSSLHeaders_ossl_typ;
+
+// Is automatically called whenever a new session was negotiated
+function new_session_cb(ssl: PSSL; session: PSSL_SESSION): TIdC_INT; cdecl;
+var
+  LCtx: PSSL_CTX;
+  LContext: TIdOpenSSLContextClient;
+begin
+  Result := 0;
+  LCtx := SSL_get_SSL_CTX(ssl);
+  if not Assigned(LCtx) then
+    Exit;
+  LContext := TIdOpenSSLContextClient(SSL_ctx_get_ex_data(LCtx, TIdOpenSSLContext.CExDataIndexSelf));
+  if not Assigned(LContext) then
+    Exit;
+  LContext.FSession := session;
+  Result := 1;
+end;
+
+// Is automatically called whenever a session is removed by the SSL engine,
+// because it is considered faulty or the session has become obsolete because of
+// exceeding the timeout value
+procedure remove_session_cb(ctx: PSSL_CTX; session: PSSL_SESSION); cdecl;
+var
+  LContext: TIdOpenSSLContextClient;
+begin
+  LContext := TIdOpenSSLContextClient(SSL_ctx_get_ex_data(ctx, TIdOpenSSLContext.CExDataIndexSelf));
+  if not Assigned(LContext) then
+    Exit;
+  if LContext.FSession = session then
+    LContext.FSession := nil;
+end;
+
+{ TIdOpenSSLContextClient }
+
+function TIdOpenSSLContextClient.CreateSocket: TIdOpenSSLSocket;
+begin
+  Result := TIdOpenSSLSocketClient.Create(OpenSSLContext);
+  TIdOpenSSLSocketClient(Result).SetSession(FSession);
+end;
+
+function TIdOpenSSLContextClient.GetVerifyMode(
+  const AOptions: TIdOpenSSLOptionsBase): TIdC_INT;
+begin
+  Result := SSL_VERIFY_NONE;
+  if TIdOpenSSLOptionsClient(AOptions).VerifyServerCertificate then
+    Result := SSL_VERIFY_PEER;
+end;
+
+function TIdOpenSSLContextClient.Init(
+  const AOptions: TIdOpenSSLOptionsClient): Boolean;
+begin
+  Result := inherited Init(AOptions);
+  SSL_CTX_sess_set_new_cb(OpenSSLContext, new_session_cb);
+  SSL_CTX_sess_set_remove_cb(OpenSSLContext, remove_session_cb);
+end;
+
+end.
diff --git a/Lib/Protocols/OpenSSL/IdOpenSSLContextServer.pas b/Lib/Protocols/OpenSSL/IdOpenSSLContextServer.pas
new file mode 100644
index 000000000..879285088
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/IdOpenSSLContextServer.pas
@@ -0,0 +1,173 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+unit IdOpenSSLContextServer;
+
+interface
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdOpenSSLContext,
+  IdOpenSSLOptions,
+  IdOpenSSLSocket,
+  IdOpenSSLOptionsServer,
+  IdOpenSSLHeaders_ssl,
+  IdOpenSSLHeaders_ossl_typ;
+
+type
+  TIdOpenSSLContextServer = class(TIdOpenSSLContext)
+  private
+    FSessionIdCtx: array[0 .. SSL_MAX_SID_CTX_LENGTH-1] of Byte;
+    FSessionIdCtxFallback: Integer;
+    procedure SetSessionContext(
+      const AContext: PSSL_CTX;
+      const ACAFile: UTF8String);
+    procedure SetClientCA(
+      const AContext: PSSL_CTX;
+      const ACAFile: UTF8String);
+  protected
+    function GetVerifyMode(const AOptions: TIdOpenSSLOptionsBase): TIdC_INT; override;
+  public
+    function Init(const AOptions: TIdOpenSSLOptionsServer): Boolean;
+    function CreateSocket: TIdOpenSSLSocket; override;
+  end;
+
+implementation
+
+uses
+  IdOpenSSLExceptions,
+  IdOpenSSLHeaders_bio,
+  IdOpenSSLHeaders_evp,
+  IdOpenSSLHeaders_pem,
+  IdOpenSSLHeaders_x509,
+  IdOpenSSLSocketServer,
+  IdOpenSSLUtils;
+
+{ TIdOpenSSLContextServer }
+
+function TIdOpenSSLContextServer.CreateSocket: TIdOpenSSLSocket;
+begin
+  Result := TIdOpenSSLSocketServer.Create(OpenSSLContext);
+end;
+
+function TIdOpenSSLContextServer.GetVerifyMode(
+  const AOptions: TIdOpenSSLOptionsBase): TIdC_INT;
+var
+  LOptions: TIdOpenSSLOptionsServer;
+begin
+  Result := SSL_VERIFY_NONE;
+  LOptions := TIdOpenSSLOptionsServer(AOptions);
+  if LOptions.RequestCertificate then
+  begin
+    Result := SSL_VERIFY_PEER;
+    if LOptions.FailIfNoPeerCertificate then
+      Result := Result or SSL_VERIFY_FAIL_IF_NO_PEER_CERT;
+    if LOptions.RequestCertificateOnlyOnce then
+      Result := Result or SSL_VERIFY_CLIENT_ONCE;
+  end;
+end;
+
+function TIdOpenSSLContextServer.Init(
+  const AOptions: TIdOpenSSLOptionsServer): Boolean;
+begin
+  Result := inherited Init(AOptions);
+  SetSessionContext(OpenSSLContext, UTF8String(AOptions.VerifyCertificate));
+  if AOptions.RequestCertificate then
+    SetClientCA(OpenSSLContext, UTF8String(AOptions.VerifyCertificate));
+end;
+
+procedure TIdOpenSSLContextServer.SetClientCA(const AContext: PSSL_CTX;
+  const ACAFile: UTF8String);
+var
+  LBio: PBIO;
+  LX509: PX509;
+begin
+  LBio := BIO_new_file(GetPAnsiChar(ACAFile), 'r');
+  if not Assigned(LBio) then
+    EIdOpenSSLSetClientCAError.&Raise();
+  try
+    LX509 := PEM_read_bio_X509(LBio, nil, nil, nil);
+    if not Assigned(LX509) then
+      EIdOpenSSLSetClientCAError.&Raise();
+    try
+      if SSL_CTX_add_client_CA(AContext, LX509) <> 1 then
+        EIdOpenSSLSetClientCAError.&Raise();
+    finally
+      X509_free(LX509);
+    end;
+  finally
+    BIO_free(LBio);
+  end;
+end;
+
+procedure TIdOpenSSLContextServer.SetSessionContext(
+  const AContext: PSSL_CTX;
+  const ACAFile: UTF8String);
+var
+  LBio: PBIO;
+  LX509: PX509;
+  LLen: Integer;
+begin
+  if ACAFile = '' then
+  begin
+    Randomize();
+    FSessionIdCtxFallback := Random(High(Integer));
+    if SSL_CTX_set_session_id_context(
+      AContext,
+      PByte(@FSessionIdCtxFallback),
+      SizeOf(FSessionIdCtxFallback)) <> 1 then
+    begin
+      EIdOpenSSLSessionIdContextError.&Raise();
+    end;
+    Exit;
+  end;
+
+  LBio := BIO_new_file(GetPAnsiChar(ACAFile), 'r');
+  if not Assigned(LBio) then
+    EIdOpenSSLSessionIdContextError.&Raise();
+  try
+    LX509 := PEM_read_bio_X509(LBio, nil, nil, nil);
+    if not Assigned(LX509) then
+      EIdOpenSSLSessionIdContextError.&Raise();
+    try
+      LLen := SSL_MAX_SID_CTX_LENGTH;
+      FillChar(FSessionIdCtx[0], LLen, 0);
+      if X509_digest(LX509, EVP_sha1, @FSessionIdCtx[0], @LLen) <> 1 then
+        EIdOpenSSLSessionIdContextError.&Raise();
+
+      if SSL_CTX_set_session_id_context(AContext, @FSessionIdCtx[0], LLen) <> 1 then
+        EIdOpenSSLSessionIdContextError.&Raise();
+    finally
+      X509_free(LX509);
+    end;
+  finally
+    BIO_free(LBio);
+  end;
+end;
+
+end.
diff --git a/Lib/Protocols/OpenSSL/IdOpenSSLExceptionResourcestrings.pas b/Lib/Protocols/OpenSSL/IdOpenSSLExceptionResourcestrings.pas
new file mode 100644
index 000000000..0aa2b2f6e
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/IdOpenSSLExceptionResourcestrings.pas
@@ -0,0 +1,45 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+unit IdOpenSSLExceptionResourcestrings;
+
+interface
+
+{$i IdCompilerDefines.inc}
+
+resourcestring
+  RIdOpenSSLSetExDataError = 'Failed to set ex data.';
+  RIdOpenSSLGetExDataError = 'Failed to get ex data.';
+  RIdOpenSSLSetCipherListError = 'Failed to set cipher list.';
+  RIdOpenSSLSetCipherSuiteError = 'Failed to set cipher suites.';
+  RIdOpenSSLSetVerifyLocationError = 'The processing at one of the locations specified failed.';
+  RIdOpenSSLNewSSLCtxError = 'The creation of a new SSL_CTX object failed.';
+  RIdOpenSSLNewSSLError = 'The creation of a new SSL structure failed.';
+  RIdOpenSSLShutdownError = 'Failed to shutdown with result reason code %d.';
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/IdOpenSSLExceptions.pas b/Lib/Protocols/OpenSSL/IdOpenSSLExceptions.pas
new file mode 100644
index 000000000..d23d59621
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/IdOpenSSLExceptions.pas
@@ -0,0 +1,264 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+unit IdOpenSSLExceptions;
+
+interface
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdException,
+  IdOpenSSLHeaders_ossl_typ,
+  IdOpenSSLHeaders_ssl;
+
+type
+  EIdOpenSSLBaseError = class(EIdException)
+  public
+    class procedure &Raise; overload;
+    class procedure &Raise(const AMsg: string); overload;
+    class procedure RaiseFmt(const AMsg: string; const Args: array of const);
+  end;
+
+  EIdOpenSSLLoadError = class(EIdOpenSSLBaseError);
+
+  EIdOpenSSLSetExDataError = class(EIdOpenSSLBaseError);
+  EIdOpenSSLGetExDataError = class(EIdOpenSSLBaseError);
+  EIdOpenSSLSetCipherListError = class(EIdOpenSSLBaseError);
+  EIdOpenSSLSetCipherSuiteError = class(EIdOpenSSLBaseError);
+  EIdOpenSSLSetClientCAError = class(EIdOpenSSLBaseError);
+  EIdOpenSSLSetSNIServerNameError = class(EIdOpenSSLBaseError);
+
+  /// <summary>
+  ///   Base class for errors that are based on the error stack in err.h
+  /// </summary>
+  EIdOpenSSLErrorStackBasedError = class(EIdOpenSSLBaseError)
+  private
+    FErrorCode: TIdC_INT;
+    FErrorText: string;
+    FExtractedReason: string;
+    FInnerMessage: string;
+    /// <summary>
+    ///   Generates a human-readable string representing the error code
+    /// </summary>
+    /// <returns>
+    ///   The Result string will have the following format:
+    ///   <code>error:[error code]:[library name]:[function name]:[reason string]</code>
+    /// </returns>
+    class function GetErrorText(const AErrorCode: TIdC_INT): string;
+    class function GetErrorReason(const AErrorText: string): string;
+    function GetErrorCodeInHex: string;
+  public
+    constructor Create; overload;
+    constructor Create(const AMsg: string); overload; override;
+    constructor Create(const AMsg: string; const AErrorCode: TIdC_INT); overload;
+
+    /// <returns>
+    ///   Contains a human-readable string representing the error code
+    /// </returns>
+    /// <remarks>
+    ///   The Result string will have the following format:
+    ///   <code>error:[error code]:[library name]:[function name]:[reason string]</code>
+    /// </remarks>
+    property ErrorText: string read FErrorText;
+
+    /// <returns>
+    ///   Returns the error code in decimal numbers (useful for case statements)
+    /// </returns>
+    /// <remarks>
+    ///   The hexadecimal representation will be contained as "error code" in <see cref="ErrorText"/>
+    /// </remarks>
+    property ErrorCodeInDec: TIdC_INT read FErrorCode;
+    /// <returns>
+    ///   Returns the error code in hexadecimal
+    /// </returns>
+    /// <remarks>
+    ///   This will be contained as "error code" in <see cref="ErrorText"/>
+    /// </remarks>
+    property ErrorCodeInHex: string read GetErrorCodeInHex;
+
+    /// <returns>
+    ///   Returns a human-readable reason of the failure
+    /// </returns>
+    /// <remarks>
+    ///   This will be contained as "reason string" in <see cref="ErrorText"/>
+    /// </remarks>
+    property ErrorReason: string read FExtractedReason;
+  end;
+
+  EIdOpenSSLNewSSLCtxError = class(EIdOpenSSLErrorStackBasedError);
+  EIdOpenSSLNewSSLError = class(EIdOpenSSLErrorStackBasedError);
+  EIdOpenSSLSetVerifyLocationError = class(EIdOpenSSLErrorStackBasedError);
+  EIdOpenSSLSetCertificateError = class(EIdOpenSSLErrorStackBasedError);
+  EIdOpenSSLSetPrivateKeyError = class(EIdOpenSSLErrorStackBasedError);
+  EIdOpenSSLCertAndPrivKeyMisMatchError = class(EIdOpenSSLErrorStackBasedError);
+  EIdOpenSSLSessionIdContextError = class(EIdOpenSSLErrorStackBasedError);
+  EIdOpenSSLSetSessionError = class(EIdOpenSSLErrorStackBasedError);
+
+  /// <summary>
+  ///   Base class for errors that are based on the ssl error return codes
+  /// </summary>
+  EIdOpenSSLSSLBasedError = class(EIdOpenSSLErrorStackBasedError)
+  private
+    FErrorCode: TIdC_INT;
+    FReturnCode: TIdC_INT;
+  public
+    constructor Create(const ASSL: PSSL; const AReturnCode: TIdC_INT; const AMsg: string);
+  end;
+
+  EIdOpenSSLConnectError = class(EIdOpenSSLSSLBasedError);
+  EIdOpenSSLAcceptError = class(EIdOpenSSLSSLBasedError);
+  EIdOpenSSLShutdownError = class(EIdOpenSSLSSLBasedError);
+
+implementation
+
+uses
+  IdOpenSSLHeaders_err,
+  StrUtils,
+  SysUtils,
+  Types;
+
+{ EIdOpenSSLBaseError }
+
+class procedure EIdOpenSSLBaseError.&Raise;
+begin
+  raise Self.Create('') at
+  {$IFNDEF FPC}
+  ReturnAddress
+  {$ELSE}
+  get_caller_addr(get_frame), get_caller_frame(get_frame)
+  {$ENDIF}
+  ;
+end;
+
+class procedure EIdOpenSSLBaseError.&Raise(const AMsg: string);
+begin
+  raise Self.Create(AMsg) at
+  {$IFNDEF FPC}
+  ReturnAddress
+  {$ELSE}
+  get_caller_addr(get_frame), get_caller_frame(get_frame)
+  {$ENDIF}
+  ;
+end;
+
+class procedure EIdOpenSSLBaseError.RaiseFmt(const AMsg: string; const Args: array of const);
+begin
+  raise Self.Create(Format(AMsg, Args)) at
+  {$IFNDEF FPC}
+  ReturnAddress
+  {$ELSE}
+  get_caller_addr(get_frame), get_caller_frame(get_frame)
+  {$ENDIF}
+  ;
+end;
+
+{ EIdOpenSSLBaseErrorStackError }
+
+constructor EIdOpenSSLErrorStackBasedError.Create;
+begin
+  Create('');
+end;
+
+constructor EIdOpenSSLErrorStackBasedError.Create(const AMsg: string);
+begin
+  Create(AMsg, ERR_get_error());
+end;
+
+constructor EIdOpenSSLErrorStackBasedError.Create(const AMsg: string;
+  const AErrorCode: TIdC_INT);
+
+  function InternalGetMessage(const AMsg: string): string;
+  begin
+    Result := AMsg;
+    if (Result <> '') and (FErrorText <> '') then
+      Result := Result + sLineBreak;
+    if FErrorText <> '' then
+      Result := AMsg + FErrorText;
+  end;
+
+begin
+  FInnerMessage := AMsg;
+  FErrorCode := AErrorCode;
+  FErrorText := GetErrorText(FErrorCode);
+  FExtractedReason := GetErrorReason(FErrorText);
+
+  inherited Create(InternalGetMessage(FInnerMessage));
+end;
+
+function EIdOpenSSLErrorStackBasedError.GetErrorCodeInHex: string;
+begin
+  Result := IntToHex(FErrorCode, 0);
+end;
+
+class function EIdOpenSSLErrorStackBasedError.GetErrorReason(
+  const AErrorText: string): string;
+const
+  CIndexOfReason = 4;
+var
+  LError: TStringDynArray;
+begin
+  Result := '';
+  if AErrorText = '' then
+    Exit;
+
+  LError := SplitString(AErrorText, ':');
+  if Length(LError) < CIndexOfReason then
+    Exit;
+  Result := LError[CIndexOfReason];
+end;
+
+class function EIdOpenSSLErrorStackBasedError.GetErrorText(
+  const AErrorCode: TIdC_INT): string;
+begin
+  Result := '';
+  if AErrorCode <> 0 then
+    Result := string(AnsiString(ERR_error_string(AErrorCode, nil)));
+end;
+
+{ EIdOpenSSLSSLBasedError }
+
+constructor EIdOpenSSLSSLBasedError.Create(
+  const ASSL: PSSL;
+  const AReturnCode: TIdC_INT;
+  const AMsg: string);
+begin
+  FReturnCode := AReturnCode;
+  FErrorCode := SSL_get_error(ASSL, AReturnCode);
+  case FErrorCode of
+    SSL_ERROR_SYSCALL:
+      // ERR_get_error() *may* contains more information
+      inherited Create(AMsg, ERR_get_error());
+    SSL_ERROR_SSL:
+      // ERR_get_error() contains for sure more information
+      inherited Create(AMsg, ERR_get_error());
+  else
+    inherited Create(AMsg, 0);
+  end;
+end;
+
+end.
diff --git a/Lib/Protocols/OpenSSL/IdOpenSSLIOHandlerClient.pas b/Lib/Protocols/OpenSSL/IdOpenSSLIOHandlerClient.pas
new file mode 100644
index 000000000..26c628aea
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/IdOpenSSLIOHandlerClient.pas
@@ -0,0 +1,190 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+unit IdOpenSSLIOHandlerClient;
+
+interface
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdGlobal,
+  IdOpenSSLContext,
+  IdOpenSSLIOHandlerClientBase,
+  IdOpenSSLOptionsClient,
+  IdOpenSSLSocketClient,
+  IdSSL;
+
+type
+  TIdOpenSSLIOHandlerClient = class(TIdOpenSSLIOHandlerClientBase)
+  private
+    FOpenSSLLoaded: Boolean;
+    function GetTargetHost: string;
+    function GetClientSocket: TIdOpenSSLSocketClient; {$IFDEF USE_INLINE}inline;{$ENDIF}
+  protected
+    FOptions: TIdOpenSSLOptionsClient;
+    function GetOptionClass: TIdOpenSSLOptionsClientClass; virtual;
+    procedure InitComponent; override;
+    procedure EnsureContext; override;
+
+    procedure BeforeInitContext(const AContext: TIdOpenSSLContext); virtual;
+    procedure AfterInitContext(const AContext: TIdOpenSSLContext); virtual;
+  public
+    destructor Destroy; override;
+    procedure StartSSL; override;
+
+    function Clone: TIdSSLIOHandlerSocketBase; override;
+  published
+    property Options: TIdOpenSSLOptionsClient read FOptions;
+  end;
+
+implementation
+
+uses
+  IdCustomTransparentProxy,
+  IdOpenSSLContextClient,
+  IdOpenSSLExceptions,
+  IdOpenSSLLoader,
+  IdURI,
+  SysUtils;
+
+{ TIdOpenSSLIOHandlerClient }
+
+procedure TIdOpenSSLIOHandlerClient.EnsureContext;
+var
+  LLoader: IOpenSSLLoader;
+begin
+  if Assigned(FContext) then
+    Exit;
+  FContext := TIdOpenSSLContextClient.Create();
+
+  LLoader := GetOpenSSLLoader();
+  if not FOpenSSLLoaded and Assigned(LLoader) and not LLoader.Load() then
+    raise EIdOpenSSLLoadError.Create('Failed to load OpenSSL');
+  FOpenSSLLoaded := True;
+  try
+    BeforeInitContext(FContext);
+    TIdOpenSSLContextClient(FContext).Init(FOptions);
+    AfterInitContext(FContext);
+  except
+    on E: EExternalException do
+    begin
+      try
+        FreeAndNil(FContext);
+      except
+        on E: EExternalException do ; // Nothing
+      end;
+      raise EIdOpenSSLLoadError.Create('Failed to load OpenSSL');
+    end;
+  end;
+end;
+
+procedure TIdOpenSSLIOHandlerClient.AfterInitContext(
+  const AContext: TIdOpenSSLContext);
+begin
+end;
+
+procedure TIdOpenSSLIOHandlerClient.BeforeInitContext(
+  const AContext: TIdOpenSSLContext);
+begin
+end;
+
+function TIdOpenSSLIOHandlerClient.Clone: TIdSSLIOHandlerSocketBase;
+begin
+  Result := inherited;
+  Options.AssignTo(TIdOpenSSLIOHandlerClient(Result).Options);
+end;
+
+destructor TIdOpenSSLIOHandlerClient.Destroy;
+begin
+  FOptions.Free();
+  FContext.Free();
+  inherited;
+end;
+
+function TIdOpenSSLIOHandlerClient.GetClientSocket: TIdOpenSSLSocketClient;
+begin
+  Result := FTLSSocket as TIdOpenSSLSocketClient;
+end;
+
+function TIdOpenSSLIOHandlerClient.GetOptionClass: TIdOpenSSLOptionsClientClass;
+begin
+  Result := TIdOpenSSLOptionsClient;
+end;
+
+function TIdOpenSSLIOHandlerClient.GetTargetHost: string;
+
+  function GetHostToCheck(const AUriToCheck: string): string;
+  var
+    LURI: TIdURI;
+  begin
+    Result := '';
+    if AUriToCheck = '' then
+      Exit;
+    LURI := TIdURI.Create(URIToCheck);
+    try
+      Result := LURI.Host;
+    finally
+      LURI.Free();
+    end;
+  end;
+
+  function GetProxyTargetHost(const ATransparentProxy: TIdCustomTransparentProxy): string;
+  var
+    LProxy: TIdCustomTransparentProxy;
+  begin
+    Result := '';
+    LProxy := ATransparentProxy;
+    while Assigned(LProxy) and LProxy.Enabled do
+    begin
+      Result := LProxy.Host;
+      LProxy := LProxy.ChainedProxy;
+    end;
+  end;
+
+begin
+  Result := GetHostToCheck(URIToCheck);
+  if Result = '' then
+    // RLebeau: not reading from the property as it will create a
+    // default Proxy object if one is not already assigned...
+    Result := GetProxyTargetHost(FTransparentProxy);
+end;
+
+procedure TIdOpenSSLIOHandlerClient.InitComponent;
+begin
+  inherited;
+  FOptions := GetOptionClass().Create();
+end;
+
+procedure TIdOpenSSLIOHandlerClient.StartSSL;
+begin
+  inherited;
+  if PassThrough then
+    Exit;
+  GetClientSocket().Connect(Binding.Handle, GetTargetHost());
+end;
+
+end.
diff --git a/Lib/Protocols/OpenSSL/IdOpenSSLIOHandlerClientBase.pas b/Lib/Protocols/OpenSSL/IdOpenSSLIOHandlerClientBase.pas
new file mode 100644
index 000000000..64c0bc3d2
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/IdOpenSSLIOHandlerClientBase.pas
@@ -0,0 +1,169 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+unit IdOpenSSLIOHandlerClientBase;
+
+interface
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdGlobal,
+  IdOpenSSLContext,
+  IdOpenSSLSocket,
+  IdSSL;
+
+type
+  TIdOpenSSLIOHandlerClientBase = class(TIdSSLIOHandlerSocketBase)
+  private
+  protected
+    FTLSSocket: TIdOpenSSLSocket;
+    FContext: TIdOpenSSLContext;
+
+    function RecvEnc(var ABuffer: TIdBytes): Integer; override;
+    function SendEnc(const ABuffer: TIdBytes; const AOffset, ALength: Integer): Integer; override;
+    procedure EnsureContext; virtual; abstract;
+
+    procedure SetPassThrough(const Value: Boolean); override;
+  public
+    destructor Destroy; override;
+
+    procedure AfterAccept; override;
+    procedure StartSSL; override;
+    procedure ConnectClient; override;
+    procedure Close; override;
+
+    function Readable(AMSec: Integer = IdTimeoutDefault): Boolean; override;
+
+    function Clone: TIdSSLIOHandlerSocketBase; override;
+  end;
+
+implementation
+
+uses
+  IdStackConsts,
+  SysUtils;
+
+{ TIdOpenSSLIOHandlerClientBase }
+
+procedure TIdOpenSSLIOHandlerClientBase.AfterAccept;
+begin
+  inherited;
+  EnsureContext();
+  StartSSL();
+end;
+
+procedure TIdOpenSSLIOHandlerClientBase.Close;
+begin
+  if Assigned(FTLSSocket) then
+  begin
+    FTLSSocket.Close();
+    FreeAndNil(FTLSSocket);
+  end;
+  inherited;
+end;
+
+procedure TIdOpenSSLIOHandlerClientBase.ConnectClient;
+begin
+  inherited;
+  EnsureContext();
+  StartSSL();
+end;
+
+destructor TIdOpenSSLIOHandlerClientBase.Destroy;
+begin
+  FreeAndNil(FTLSSocket);
+  // no FContext.Free() here, if a derived class creates an own instance that
+  // class should free that object
+  inherited;
+end;
+
+function TIdOpenSSLIOHandlerClientBase.Clone: TIdSSLIOHandlerSocketBase;
+begin
+  Result := TIdClientSSLClass(Self.ClassType).Create(Owner);
+end;
+
+function TIdOpenSSLIOHandlerClientBase.RecvEnc(var ABuffer: TIdBytes): Integer;
+begin
+  Result := FTLSSocket.Receive(ABuffer);
+end;
+
+function TIdOpenSSLIOHandlerClientBase.SendEnc(const ABuffer: TIdBytes;
+  const AOffset, ALength: Integer): Integer;
+begin
+  Result := FTLSSocket.Send(ABuffer, AOffset, ALength);
+end;
+
+procedure TIdOpenSSLIOHandlerClientBase.SetPassThrough(const Value: Boolean);
+begin
+  if fPassThrough = Value then
+    Exit;
+  inherited;
+  if not Value then
+  begin
+    if BindingAllocated then
+      StartSSL();
+  end
+  else
+  begin
+    if Assigned(FTLSSocket) then
+    begin
+      FTLSSocket.Close();
+      FreeAndNil(FTLSSocket);
+    end;
+  end;
+end;
+
+function TIdOpenSSLIOHandlerClientBase.Readable(AMSec: Integer): Boolean;
+begin
+  Result := True;
+  if PassThrough or not FTLSSocket.HasReadableData() then
+    Result := inherited Readable(AMSec);
+end;
+
+procedure TIdOpenSSLIOHandlerClientBase.StartSSL;
+var
+  LTimeout: Integer;
+begin
+  inherited;
+  if PassThrough then
+    Exit;
+  FTLSSocket := FContext.CreateSocket();
+
+  if IndyCheckWindowsVersion(6) then
+  begin
+    // Note: Fix needed to allow SSL_Read and SSL_Write to timeout under
+    // Vista+ when connection is dropped
+    LTimeout := FReadTimeOut;
+    if LTimeout <= 0 then begin
+      LTimeout := 30000; // 30 seconds
+    end;
+    Binding.SetSockOpt(Id_SOL_SOCKET, Id_SO_RCVTIMEO, LTimeout);
+    Binding.SetSockOpt(Id_SOL_SOCKET, Id_SO_SNDTIMEO, LTimeout);
+  end;
+end;
+
+end.
diff --git a/Lib/Protocols/OpenSSL/IdOpenSSLIOHandlerClientServer.pas b/Lib/Protocols/OpenSSL/IdOpenSSLIOHandlerClientServer.pas
new file mode 100644
index 000000000..3dada76eb
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/IdOpenSSLIOHandlerClientServer.pas
@@ -0,0 +1,73 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+unit IdOpenSSLIOHandlerClientServer;
+
+interface
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdOpenSSLIOHandlerClientBase,
+  IdOpenSSLContextServer;
+
+type
+  TIdOpenSSLIOHandlerClientForServer = class(TIdOpenSSLIOHandlerClientBase)
+  protected
+    procedure EnsureContext; override;
+  public
+    procedure SetServerContext(const AContext: TIdOpenSSLContextServer);
+    procedure StartSSL; override;
+  end;
+
+implementation
+
+uses
+  IdOpenSSLSocketServer;
+
+{ TIdOpenSSLIOHandlerClientForServer }
+
+procedure TIdOpenSSLIOHandlerClientForServer.EnsureContext;
+begin
+  inherited;
+  Assert(Assigned(FContext));
+end;
+
+procedure TIdOpenSSLIOHandlerClientForServer.SetServerContext(
+  const AContext: TIdOpenSSLContextServer);
+begin
+  FContext := AContext;
+end;
+
+procedure TIdOpenSSLIOHandlerClientForServer.StartSSL;
+begin
+  inherited;
+  if PassThrough then
+    Exit;
+  (FTLSSocket as TIdOpenSSLSocketServer).Accept(Binding.Handle);
+end;
+
+end.
diff --git a/Lib/Protocols/OpenSSL/IdOpenSSLIOHandlerServer.pas b/Lib/Protocols/OpenSSL/IdOpenSSLIOHandlerServer.pas
new file mode 100644
index 000000000..59a715130
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/IdOpenSSLIOHandlerServer.pas
@@ -0,0 +1,170 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+unit IdOpenSSLIOHandlerServer;
+
+interface
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdOpenSSLContextServer,
+  IdOpenSSLOptionsServer,
+  IdSSL,
+  IdSocketHandle,
+  IdThread,
+  IdYarn,
+  IdIOHandler;
+
+type
+  TIdOpenSSLIOHandlerServer = class(TIdServerIOHandlerSSLBase)
+  private
+    FOptions: TIdOpenSSLOptionsServer;
+    FContext: TIdOpenSSLContextServer;
+    FOpenSSLLoaded: Boolean;
+  protected
+    function GetOptionClass: TIdOpenSSLOptionsServerClass; virtual;
+    procedure InitComponent; override;
+  public
+    destructor Destroy; override;
+
+    procedure Init; override;
+    procedure Shutdown; override;
+    function Accept(ASocket: TIdSocketHandle; AListenerThread: TIdThread;
+      AYarn: TIdYarn): TIdIOHandler; override;
+
+    {$REGION 'abstract functions from TIdServerIOHandlerSSLBase'}
+    function MakeClientIOHandler: TIdSSLIOHandlerSocketBase; override;
+    function MakeFTPSvrPort: TIdSSLIOHandlerSocketBase; override;
+    function MakeFTPSvrPasv: TIdSSLIOHandlerSocketBase; override;
+    {$ENDREGION}
+  published
+    property Options: TIdOpenSSLOptionsServer read FOptions;
+  end;
+
+implementation
+
+uses
+  IdOpenSSLExceptions,
+  IdOpenSSLIOHandlerClientServer,
+  IdOpenSSLLoader,
+  SysUtils;
+
+{ TIdOpenSSLIOHandlerServer }
+
+function TIdOpenSSLIOHandlerServer.Accept(ASocket: TIdSocketHandle;
+  AListenerThread: TIdThread; AYarn: TIdYarn): TIdIOHandler;
+var
+  LIOHandler: TIdOpenSSLIOHandlerClientForServer;
+begin
+  LIOHandler := MakeClientIOHandler() as TIdOpenSSLIOHandlerClientForServer;
+  try
+    LIOHandler.PassThrough := False;
+    LIOHandler.Open;
+    if LIOHandler.Binding.Accept(ASocket.Handle) then
+    begin
+      LIOHandler.StartSSL();
+    end
+    else
+      FreeAndNil(LIOHandler);
+  except
+    FreeAndNil(LIOHandler);
+    raise;
+  end;
+  Result := LIOHandler;
+end;
+
+destructor TIdOpenSSLIOHandlerServer.Destroy;
+begin
+  FOptions.Free();
+  inherited;
+end;
+
+function TIdOpenSSLIOHandlerServer.GetOptionClass: TIdOpenSSLOptionsServerClass;
+begin
+  Result := TIdOpenSSLOptionsServer;
+end;
+
+procedure TIdOpenSSLIOHandlerServer.Init;
+var
+  LLoader: IOpenSSLLoader;
+begin
+  inherited;
+
+  LLoader := GetOpenSSLLoader();
+  if not FOpenSSLLoaded and Assigned(LLoader) and not LLoader.Load() then
+    raise EIdOpenSSLLoadError.Create('Failed to load OpenSSL');
+  FOpenSSLLoaded := True;
+
+  FContext := TIdOpenSSLContextServer.Create();
+  try
+    FContext.Init(FOptions);
+  except
+    on E: EExternalException do
+    begin
+      try
+        FreeAndNil(FContext);
+      except
+        on E: EExternalException do ; // Nothing
+      end;
+      raise EIdOpenSSLLoadError.Create('Failed to load OpenSSL');
+    end;
+  end;
+end;
+
+procedure TIdOpenSSLIOHandlerServer.InitComponent;
+begin
+  inherited;
+  FOptions := GetOptionClass().Create();
+end;
+
+function TIdOpenSSLIOHandlerServer.MakeClientIOHandler: TIdSSLIOHandlerSocketBase;
+var
+  LHandler: TIdOpenSSLIOHandlerClientForServer;
+begin
+  LHandler := TIdOpenSSLIOHandlerClientForServer.Create(nil);
+  LHandler.SetServerContext(FContext);
+
+  Result := LHandler;
+end;
+
+function TIdOpenSSLIOHandlerServer.MakeFTPSvrPasv: TIdSSLIOHandlerSocketBase;
+begin
+  Result := MakeClientIOHandler();
+end;
+
+function TIdOpenSSLIOHandlerServer.MakeFTPSvrPort: TIdSSLIOHandlerSocketBase;
+begin
+  Result := MakeClientIOHandler();
+end;
+
+procedure TIdOpenSSLIOHandlerServer.Shutdown;
+begin
+  inherited;
+  FContext.Free();
+end;
+
+end.
diff --git a/Lib/Protocols/OpenSSL/IdOpenSSLLoader.pas b/Lib/Protocols/OpenSSL/IdOpenSSLLoader.pas
new file mode 100644
index 000000000..f5b6cbf1e
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/IdOpenSSLLoader.pas
@@ -0,0 +1,349 @@
+unit IdOpenSSLLoader;
+
+interface
+
+uses
+  Classes;
+
+type
+  IOpenSSLLoader = interface
+    ['{BBB0F670-CC26-42BC-A9E0-33647361941A}']
+  {$REGION 'Property Getter/Setter'}
+    function GetOpenSSLPath: string;
+    procedure SetOpenSSLPath(const Value: string);
+    function GetFailedToLoad: TStringList;
+  {$ENDREGION}
+
+    function Load: Boolean;
+    procedure Unload;
+
+    property OpenSSLPath: string read GetOpenSSLPath write SetOpenSSLPath;
+    property FailedToLoad: TStringList read GetFailedToLoad;
+  end;
+
+function GetOpenSSLLoader: IOpenSSLLoader;
+
+implementation
+
+{$IFNDEF STATICLOAD_OPENSSL}
+uses
+  IdOpenSSLHeaders_aes,
+  IdOpenSSLHeaders_asn1,
+  IdOpenSSLHeaders_asn1err,
+  IdOpenSSLHeaders_asn1t,
+  IdOpenSSLHeaders_async,
+  IdOpenSSLHeaders_asyncerr,
+  IdOpenSSLHeaders_bio,
+  IdOpenSSLHeaders_bioerr,
+  IdOpenSSLHeaders_blowfish,
+  IdOpenSSLHeaders_bn,
+  IdOpenSSLHeaders_bnerr,
+  IdOpenSSLHeaders_buffer,
+  IdOpenSSLHeaders_buffererr,
+  IdOpenSSLHeaders_camellia,
+  IdOpenSSLHeaders_cast,
+  IdOpenSSLHeaders_cmac,
+  IdOpenSSLHeaders_cms,
+  IdOpenSSLHeaders_cmserr,
+  IdOpenSSLHeaders_comp,
+  IdOpenSSLHeaders_comperr,
+  IdOpenSSLHeaders_conf,
+  IdOpenSSLHeaders_conf_api,
+  IdOpenSSLHeaders_conferr,
+  IdOpenSSLHeaders_crypto,
+  IdOpenSSLHeaders_cryptoerr,
+  IdOpenSSLHeaders_cterr,
+  IdOpenSSLHeaders_dh,
+  IdOpenSSLHeaders_dherr,
+  IdOpenSSLHeaders_dsa,
+  IdOpenSSLHeaders_dsaerr,
+  IdOpenSSLHeaders_ebcdic,
+  IdOpenSSLHeaders_ec,
+  IdOpenSSLHeaders_ecerr,
+  IdOpenSSLHeaders_engine,
+  IdOpenSSLHeaders_engineerr,
+  IdOpenSSLHeaders_err,
+  IdOpenSSLHeaders_evp,
+  IdOpenSSLHeaders_evperr,
+  IdOpenSSLHeaders_hmac,
+  IdOpenSSLHeaders_idea,
+  IdOpenSSLHeaders_kdferr,
+  IdOpenSSLHeaders_objects,
+  IdOpenSSLHeaders_objectserr,
+  IdOpenSSLHeaders_ocsperr,
+  IdOpenSSLHeaders_pem,
+  IdOpenSSLHeaders_pemerr,
+  IdOpenSSLHeaders_pkcs7,
+  IdOpenSSLHeaders_pkcs7err,
+  IdOpenSSLHeaders_rand,
+  IdOpenSSLHeaders_randerr,
+  IdOpenSSLHeaders_rsa,
+  IdOpenSSLHeaders_rsaerr,
+  IdOpenSSLHeaders_sha,
+  IdOpenSSLHeaders_srtp,
+  IdOpenSSLHeaders_storeerr,
+  IdOpenSSLHeaders_ts,
+  IdOpenSSLHeaders_tserr,
+  IdOpenSSLHeaders_txt_db,
+  IdOpenSSLHeaders_ui,
+  IdOpenSSLHeaders_uierr,
+  IdOpenSSLHeaders_whrlpool,
+  IdOpenSSLHeaders_x509,
+  IdOpenSSLHeaders_x509_vfy,
+  IdOpenSSLHeaders_x509err,
+  IdOpenSSLHeaders_x509v3,
+
+  IdOpenSSLHeaders_ssl,
+  IdOpenSSLHeaders_sslerr,
+  IdOpenSSLHeaders_tls1,
+
+  IdGlobal,
+  IdOpenSSLConsts,
+  IdThreadSafe,
+  SysUtils;
+{$ENDIF}
+
+var
+  GOpenSSLLoader: IOpenSSLLoader;
+
+function GetOpenSSLLoader: IOpenSSLLoader;
+begin
+  Result := GOpenSSLLoader;
+end;
+
+{$IFNDEF STATICLOAD_OPENSSL}
+type
+  TOpenSSLLoader = class(TInterfacedObject, IOpenSSLLoader)
+  private
+    FOpenSSLPath: string;
+    FFailed: TStringList;
+    FLoadCount: TIdThreadSafeInteger;
+    function GetOpenSSLPath: string;
+    procedure SetOpenSSLPath(const Value: string);
+    function GetFailedToLoad: TStringList;
+  public
+    constructor Create;
+    destructor Destroy; override;
+
+    function Load: Boolean;
+    procedure Unload;
+
+    property OpenSSLPath: string read GetOpenSSLPath write SetOpenSSLPath;
+    property FailedToLoad: TStringList read GetFailedToLoad;
+  end;
+
+{ TOpenSSLLoader }
+
+constructor TOpenSSLLoader.Create;
+begin
+  inherited;
+  FFailed := TStringList.Create();
+  FLoadCount := TIdThreadSafeInteger.Create();
+end;
+
+destructor TOpenSSLLoader.Destroy;
+begin
+  FLoadCount.Free();
+  FFailed.Free();
+  inherited;
+end;
+
+function TOpenSSLLoader.GetFailedToLoad: TStringList;
+begin
+  Result := FFailed;
+end;
+
+function TOpenSSLLoader.GetOpenSSLPath: string;
+begin
+  Result := FOpenSSLPath;
+end;
+
+function TOpenSSLLoader.Load: Boolean;
+var
+  LLibCrypto, LLibSSL: TIdLibHandle;
+begin
+  Result := True;
+  FLoadCount.Lock();
+  try
+    if FLoadCount.Value <= 0 then
+    begin
+      LLibCrypto := SafeLoadLibrary(FOpenSSLPath + CLibCrypto);
+      LLibSSL := SafeLoadLibrary(FOpenSSLPath + CLibSSL);
+      Result := not (LLibCrypto = IdNilHandle) and not (LLibSSL = IdNilHandle);
+      if not Result then
+        Exit;
+
+      FLoadCount.Value := 1;
+
+      IdOpenSSLHeaders_aes.Load(LLibCrypto, FFailed);
+      IdOpenSSLHeaders_asn1.Load(LLibCrypto, FFailed);
+      IdOpenSSLHeaders_asn1err.Load(LLibCrypto, FFailed);
+      IdOpenSSLHeaders_asn1t.Load(LLibCrypto, FFailed);
+      IdOpenSSLHeaders_async.Load(LLibCrypto, FFailed);
+      IdOpenSSLHeaders_asyncerr.Load(LLibCrypto, FFailed);
+      IdOpenSSLHeaders_bio.Load(LLibCrypto, FFailed);
+      IdOpenSSLHeaders_bioerr.Load(LLibCrypto, FFailed);
+      IdOpenSSLHeaders_blowfish.Load(LLibCrypto, FFailed);
+      IdOpenSSLHeaders_bn.Load(LLibCrypto, FFailed);
+      IdOpenSSLHeaders_bnerr.Load(LLibCrypto, FFailed);
+      IdOpenSSLHeaders_buffer.Load(LLibCrypto, FFailed);
+      IdOpenSSLHeaders_buffererr.Load(LLibCrypto, FFailed);
+      IdOpenSSLHeaders_camellia.Load(LLibCrypto, FFailed);
+      IdOpenSSLHeaders_cast.Load(LLibCrypto, FFailed);
+      IdOpenSSLHeaders_cmac.Load(LLibCrypto, FFailed);
+      IdOpenSSLHeaders_cms.Load(LLibCrypto, FFailed);
+      IdOpenSSLHeaders_cmserr.Load(LLibCrypto, FFailed);
+      IdOpenSSLHeaders_comp.Load(LLibCrypto, FFailed);
+      IdOpenSSLHeaders_comperr.Load(LLibCrypto, FFailed);
+      IdOpenSSLHeaders_conf.Load(LLibCrypto, FFailed);
+      IdOpenSSLHeaders_conf_api.Load(LLibCrypto, FFailed);
+      IdOpenSSLHeaders_conferr.Load(LLibCrypto, FFailed);
+      IdOpenSSLHeaders_crypto.Load(LLibCrypto, FFailed);
+      IdOpenSSLHeaders_cryptoerr.Load(LLibCrypto, FFailed);
+      IdOpenSSLHeaders_cterr.Load(LLibCrypto, FFailed);
+      IdOpenSSLHeaders_dh.Load(LLibCrypto, FFailed);
+      IdOpenSSLHeaders_dherr.Load(LLibCrypto, FFailed);
+      IdOpenSSLHeaders_dsa.Load(LLibCrypto, FFailed);
+      IdOpenSSLHeaders_dsaerr.Load(LLibCrypto, FFailed);
+      IdOpenSSLHeaders_ebcdic.Load(LLibCrypto, FFailed);
+      IdOpenSSLHeaders_ec.Load(LLibCrypto, FFailed);
+      IdOpenSSLHeaders_ecerr.Load(LLibCrypto, FFailed);
+      IdOpenSSLHeaders_engine.Load(LLibCrypto, FFailed);
+      IdOpenSSLHeaders_engineerr.Load(LLibCrypto, FFailed);
+      IdOpenSSLHeaders_err.Load(LLibCrypto, FFailed);
+      IdOpenSSLHeaders_evp.Load(LLibCrypto, FFailed);
+      IdOpenSSLHeaders_evperr.Load(LLibCrypto, FFailed);
+      IdOpenSSLHeaders_hmac.Load(LLibCrypto, FFailed);
+      IdOpenSSLHeaders_idea.Load(LLibCrypto, FFailed);
+      IdOpenSSLHeaders_kdferr.Load(LLibCrypto, FFailed);
+      IdOpenSSLHeaders_objects.Load(LLibCrypto, FFailed);
+      IdOpenSSLHeaders_objectserr.Load(LLibCrypto, FFailed);
+      IdOpenSSLHeaders_ocsperr.Load(LLibCrypto, FFailed);
+      IdOpenSSLHeaders_pem.Load(LLibCrypto, FFailed);
+      IdOpenSSLHeaders_pemerr.Load(LLibCrypto, FFailed);
+      IdOpenSSLHeaders_pkcs7.Load(LLibCrypto, FFailed);
+      IdOpenSSLHeaders_pkcs7err.Load(LLibCrypto, FFailed);
+      IdOpenSSLHeaders_rand.Load(LLibCrypto, FFailed);
+      IdOpenSSLHeaders_randerr.Load(LLibCrypto, FFailed);
+      IdOpenSSLHeaders_rsa.Load(LLibCrypto, FFailed);
+      IdOpenSSLHeaders_rsaerr.Load(LLibCrypto, FFailed);
+      IdOpenSSLHeaders_sha.Load(LLibCrypto, FFailed);
+      IdOpenSSLHeaders_srtp.Load(LLibCrypto, FFailed);
+      IdOpenSSLHeaders_storeerr.Load(LLibCrypto, FFailed);
+      IdOpenSSLHeaders_ts.Load(LLibCrypto, FFailed);
+      IdOpenSSLHeaders_tserr.Load(LLibCrypto, FFailed);
+      IdOpenSSLHeaders_txt_db.Load(LLibCrypto, FFailed);
+      IdOpenSSLHeaders_ui.Load(LLibCrypto, FFailed);
+      IdOpenSSLHeaders_uierr.Load(LLibCrypto, FFailed);
+      IdOpenSSLHeaders_whrlpool.Load(LLibCrypto, FFailed);
+      IdOpenSSLHeaders_x509.Load(LLibCrypto, FFailed);
+      IdOpenSSLHeaders_x509_vfy.Load(LLibCrypto, FFailed);
+      IdOpenSSLHeaders_x509err.Load(LLibCrypto, FFailed);
+      IdOpenSSLHeaders_x509v3.Load(LLibCrypto, FFailed);
+
+      IdOpenSSLHeaders_ssl.Load(LLibSSL, FFailed);
+      IdOpenSSLHeaders_sslerr.Load(LLibSSL, FFailed);
+      IdOpenSSLHeaders_tls1.Load(LLibSSL, FFailed);
+    end;
+  finally
+    FLoadCount.Unlock();
+  end;
+end;
+
+procedure TOpenSSLLoader.SetOpenSSLPath(const Value: string);
+begin
+  FOpenSSLPath := IncludeTrailingPathDelimiter(Value);
+end;
+
+procedure TOpenSSLLoader.Unload;
+begin
+  FLoadCount.Lock();
+  try
+    FLoadCount.Decrement();
+    if FLoadCount.Value = 0 then
+    begin
+      IdOpenSSLHeaders_aes.Unload();
+      IdOpenSSLHeaders_asn1.Unload();
+      IdOpenSSLHeaders_asn1err.Unload();
+      IdOpenSSLHeaders_asn1t.Unload();
+      IdOpenSSLHeaders_async.Unload();
+      IdOpenSSLHeaders_asyncerr.Unload();
+      IdOpenSSLHeaders_bio.Unload();
+      IdOpenSSLHeaders_bioerr.Unload();
+      IdOpenSSLHeaders_blowfish.Unload();
+      IdOpenSSLHeaders_bn.Unload();
+      IdOpenSSLHeaders_bnerr.Unload();
+      IdOpenSSLHeaders_buffer.Unload();
+      IdOpenSSLHeaders_buffererr.Unload();
+      IdOpenSSLHeaders_camellia.Unload();
+      IdOpenSSLHeaders_cast.Unload();
+      IdOpenSSLHeaders_cmac.Unload();
+      IdOpenSSLHeaders_cms.Unload();
+      IdOpenSSLHeaders_cmserr.Unload();
+      IdOpenSSLHeaders_comp.Unload();
+      IdOpenSSLHeaders_comperr.Unload();
+      IdOpenSSLHeaders_conf.Unload();
+      IdOpenSSLHeaders_conf_api.Unload();
+      IdOpenSSLHeaders_conferr.Unload();
+      IdOpenSSLHeaders_crypto.Unload();
+      IdOpenSSLHeaders_cryptoerr.Unload();
+      IdOpenSSLHeaders_cterr.Unload();
+      IdOpenSSLHeaders_dh.Unload();
+      IdOpenSSLHeaders_dherr.Unload();
+      IdOpenSSLHeaders_dsa.Unload();
+      IdOpenSSLHeaders_dsaerr.Unload();
+      IdOpenSSLHeaders_ebcdic.Unload();
+      IdOpenSSLHeaders_ec.Unload();
+      IdOpenSSLHeaders_ecerr.Unload();
+      IdOpenSSLHeaders_engine.Unload();
+      IdOpenSSLHeaders_engineerr.Unload();
+      IdOpenSSLHeaders_err.Unload();
+      IdOpenSSLHeaders_evp.Unload();
+      IdOpenSSLHeaders_evperr.Unload();
+      IdOpenSSLHeaders_hmac.Unload();
+      IdOpenSSLHeaders_idea.Unload();
+      IdOpenSSLHeaders_kdferr.Unload();
+      IdOpenSSLHeaders_objects.Unload();
+      IdOpenSSLHeaders_objectserr.Unload();
+      IdOpenSSLHeaders_ocsperr.Unload();
+      IdOpenSSLHeaders_pem.Unload();
+      IdOpenSSLHeaders_pemerr.Unload();
+      IdOpenSSLHeaders_pkcs7.Unload();
+      IdOpenSSLHeaders_pkcs7err.Unload();
+      IdOpenSSLHeaders_rand.Unload();
+      IdOpenSSLHeaders_randerr.Unload();
+      IdOpenSSLHeaders_rsa.Unload();
+      IdOpenSSLHeaders_rsaerr.Unload();
+      IdOpenSSLHeaders_sha.Unload();
+      IdOpenSSLHeaders_srtp.Unload();
+      IdOpenSSLHeaders_storeerr.Unload();
+      IdOpenSSLHeaders_ts.Unload();
+      IdOpenSSLHeaders_tserr.Unload();
+      IdOpenSSLHeaders_txt_db.Unload();
+      IdOpenSSLHeaders_ui.Unload();
+      IdOpenSSLHeaders_uierr.Unload();
+      IdOpenSSLHeaders_whrlpool.Unload();
+      IdOpenSSLHeaders_x509.Unload();
+      IdOpenSSLHeaders_x509_vfy.Unload();
+      IdOpenSSLHeaders_x509err.Unload();
+      IdOpenSSLHeaders_x509v3.Unload();
+
+      IdOpenSSLHeaders_ssl.Unload();
+      IdOpenSSLHeaders_sslerr.Unload();
+      IdOpenSSLHeaders_tls1.Unload();
+
+      FFailed.Clear();
+    end;
+  finally
+    FLoadCount.Unlock();
+  end;
+end;
+{$ENDIF}
+
+initialization
+  GOpenSSLLoader := nil;
+{$IFNDEF STATICLOAD_OPENSSL}
+  GOpenSSLLoader := TOpenSSLLoader.Create();
+{$ENDIF}
+
+end.
diff --git a/Lib/Protocols/OpenSSL/IdOpenSSLOptions.pas b/Lib/Protocols/OpenSSL/IdOpenSSLOptions.pas
new file mode 100644
index 000000000..b4bf7af38
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/IdOpenSSLOptions.pas
@@ -0,0 +1,270 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+unit IdOpenSSLOptions;
+
+interface
+
+{$i IdCompilerDefines.inc}
+
+uses
+  Classes,
+  IdOpenSSLPersistent,
+  IdOpenSSLTypes,
+  IdOpenSSLVersion;
+
+type
+  TIdOpenSSLOptionsBase = class(TIdOpenSSLPersistent)
+  strict private const
+    CDefaultMinumumTLSVersion = TIdOpenSSLVersion.TLSv1;
+    CDefaultMaximumTLSVersion = TIdOpenSSLVersion.Undefined;
+    CDefaultUseServerCipherPreferences = True;
+    CDefaultAllowUnsafeLegacyRenegotiation = False;
+    CDefaultUseLegacyServerConnect = False;
+  private
+    FCertFile: string;
+    FCertKey: string;
+    FVerifyCertificate: string;
+    FVerifyCertDirectory: string;
+    FTLSVersionMaximum: TIdOpenSSLVersion;
+    FTLSVersionMinimum: TIdOpenSSLVersion;
+    FCipherList: string;
+    FOnGetPassword: TGetPassword;
+    FOnKeyLogging: TKeyLog;
+    FCipherSuites: string;
+    FUseServerCipherPreferences: Boolean;
+    FAllowUnsafeLegacyRenegotiation: Boolean;
+    FUseLegacyServerConnect: Boolean;
+    FOnVerify: TVerifyCallback;
+  public
+    constructor Create; override;
+    procedure AssignTo(Dest: TPersistent); override;
+    function Equals(Obj: TObject): Boolean; override;
+
+    /// <summary>
+    ///   Sets the OpenSSL Option SSL_OP_CIPHER_SERVER_PREFERENCE
+    /// </summary>
+    property UseServerCipherPreferences: Boolean read FUseServerCipherPreferences write FUseServerCipherPreferences;
+    /// <summary>
+    ///   Allow legacy insecure renegotiation between OpenSSL and unpatched
+    ///   clients or servers. Affects CVE-2009-3555 & RFC5746.
+    /// </summary>
+    /// <remarks>
+    ///   <para>See SECURE RENEGOTIATION for more information.</para>
+    ///   <code>https://www.openssl.org/docs/man1.1.1/man3/SSL_CTX_set_options.html</code>
+    /// </remarks>
+    property AllowUnsafeLegacyRenegotiation: Boolean read FAllowUnsafeLegacyRenegotiation write FAllowUnsafeLegacyRenegotiation;
+    /// <summary>
+    ///   Allow legacy insecure renegotiation between OpenSSL and unpatched
+    ///   servers only. Affects CVE-2009-3555 & RFC5746.
+    /// </summary>
+    /// <remarks>
+    ///   <para>See SECURE RENEGOTIATION for more information.</para>
+    ///   <code>https://www.openssl.org/docs/man1.1.1/man3/SSL_CTX_set_options.html</code>
+    /// </remarks>
+    property UseLegacyServerConnect: Boolean read FUseLegacyServerConnect write FUseLegacyServerConnect;
+  published
+    /// <remarks>
+    ///   Expects a path to a certificate in PEM format
+    /// </remarks>
+    property CertFile: string read FCertFile write FCertFile;
+    /// <remarks>
+    ///   Expects a path to a private key in PEM format
+    /// </remarks>
+    property CertKey: string read FCertKey write FCertKey;
+    property OnGetPassword: TGetPassword read FOnGetPassword write FOnGetPassword;
+
+    /// <summary>
+    ///   Path to a CA certificate in PEM format. The file can contain several
+    ///   CA certificates.
+    /// </summary>
+    /// <remarks>
+    ///   <para>
+    ///   The file can contain several CA certificates identified by this
+    ///   sequences. Before, between, and after the certificates text is allowed
+    ///   which can be used e.g. for descriptions of the certificates.
+    ///   <code>
+    ///   -----BEGIN CERTIFICATE-----</code></para><para><code>
+    ///   ... (CA certificate in base64 encoding) ...</code></para><para><code>
+    ///   -----END CERTIFICATE-----
+    ///   </code>
+    ///   </para>
+    ///
+    ///   <para>
+    ///   When looking up CA certificates, the OpenSSL library will first search
+    ///   the certificates in CAfile, then those in CApath.
+    ///   </para>
+    /// </remarks>
+    property VerifyCertificate: string read FVerifyCertificate write FVerifyCertificate;
+    /// <summary>
+    ///   Path to a directory containing CA certificates in PEM format.
+    ///   The files each contain one CA certificate.
+    /// </summary>
+    /// <remarks>
+    ///   <para>
+    ///   When looking up CA certificates, the OpenSSL library will first search
+    ///   the certificates in CAfile, then those in <see cref="VerifyCertificate"/>.
+    ///   </para>
+    ///
+    ///   <para>
+    ///   Each name of a certificate file have to be in the "hash format" (the
+    ///   name has to be like hash.0). For more information, please look at
+    ///   OpenSSL documentation about "openssl verify -CApath" and
+    ///   "openssl x509 -hash". In order to get the hash you could call:
+    ///   <code>openssl x509 -hash -noout -in MyCA.pem</code>
+    ///   </para>
+    /// </remarks>
+    property VerifyCertDirectory: string read FVerifyCertDirectory write FVerifyCertDirectory;
+
+    /// <summary>
+    ///   Minimum allowed TLS version. For letting OpenSSL automagic choosing
+    ///   the lowest possible version use:
+    ///   <code><see cref="IdOpenSSLTypes|TIdOpenSSLVersion"/>.Undefined</code>
+    /// </summary>
+    property TLSVersionMinimum: TIdOpenSSLVersion read FTLSVersionMinimum write FTLSVersionMinimum default CDefaultMinumumTLSVersion;
+    /// <summary>
+    ///   Maximum allowed TLS version. For letting OpenSSL automagic choosing
+    ///   the highest possible version use:
+    ///   <code><see cref="IdOpenSSLTypes|TIdOpenSSLVersion"/>.Undefined</code>
+    /// </summary>
+    property TLSVersionMaximum: TIdOpenSSLVersion read FTLSVersionMaximum write FTLSVersionMaximum default CDefaultMaximumTLSVersion;
+    /// <summary>
+    ///   <para>Sets the list of available ciphers. Only used for TLSv1.2 and below.</para>
+    ///   <para>For TLSv1.3 use <see cref="CipherSuites"/>.</para>
+    /// </summary>
+    /// <remarks>
+    ///   The format of the string is described in
+    ///   <code>https://www.openssl.org/docs/man1.1.1/man1/ciphers.html</code>
+    /// </remarks>
+    property CipherList: string read FCipherList write FCipherList;
+    /// <summary>
+    ///   <para>Sets the list of available ciphersuites. Only used for TLSv1.3.</para>
+    ///   <para>For TLSv1.2 and lower use <see cref="CipherList"/>.</para>
+    /// </summary>
+    /// <remarks>
+    ///   This is a simple colon (":") separated list of TLSv1.3 ciphersuite
+    ///   names in order of preference.
+    /// </remarks>
+    property CipherSuites: string read FCipherSuites write FCipherSuites;
+
+    /// <summary>
+    ///  <para>
+    ///   !!! ONLY FOR DEBUGGING, be careful with productive code !!!
+    ///  </para>
+    ///  <para>
+    ///   This callback is called whenever TLS key material is generated or
+    ///   received, in order to allow applications to store this keying material
+    ///   for debugging purposes.
+    ///  </para>
+    ///  <para>
+    ///   Save every line into a text file, in wireshark set "(para-)Master
+    ///   Secret log filename" to that text file. Now wireshark can unencrypt
+    ///   all encrypted messages.
+    ///   <code>Wireshark: Edit/preferences/Protocols/SSL/(para-)Master Secret log filename</code>
+    ///  </para>
+    ///  <para>
+    ///  OpenSSL follows the format from NSS:
+    ///  <code>https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/Key_Log_Format</code>
+    ///  </para>
+    /// </summary>
+    /// <remarks>
+    ///   !!! ONLY FOR DEBUGGING, be careful with productive code !!!
+    /// </remarks>
+    property OnKeyLogging: TKeyLog read FOnKeyLogging write FOnKeyLogging;
+
+    /// <summary>
+    ///   Callback for custom verification of an x509 certificate.
+    ///   See <see cref="IdOpenSSLTypes|TVerifyCallback"/> for more details.
+    /// </summary>
+    property OnVerify: TVerifyCallback read FOnVerify write FOnVerify;
+  end;
+
+  TIdOpenSSLOptionsClass = class of TIdOpenSSLOptionsBase;
+
+implementation
+
+{ TIdOpenSSLOptionsBase }
+
+procedure TIdOpenSSLOptionsBase.AssignTo(Dest: TPersistent);
+var
+  LDest: TIdOpenSSLOptionsBase;
+begin
+  inherited;
+  if Dest is TIdOpenSSLOptionsBase then
+  begin
+    LDest := TIdOpenSSLOptionsBase(Dest);
+    LDest.FCertFile := FCertFile;
+    LDest.FCertKey := FCertKey;
+    LDest.FVerifyCertificate := FVerifyCertificate;
+    LDest.FVerifyCertDirectory := FVerifyCertDirectory;
+    LDest.FTLSVersionMinimum := FTLSVersionMinimum;
+    LDest.FTLSVersionMaximum := FTLSVersionMaximum;
+    LDest.FCipherList := FCipherList;
+    LDest.FOnGetPassword := FOnGetPassword;
+    LDest.FOnKeyLogging := FOnKeyLogging;
+    LDest.FOnVerify := FOnVerify;
+  end
+end;
+
+constructor TIdOpenSSLOptionsBase.Create;
+begin
+  inherited;
+  FTLSVersionMinimum := CDefaultMinumumTLSVersion;
+  FTLSVersionMaximum := CDefaultMaximumTLSVersion;
+  FUseServerCipherPreferences := CDefaultUseServerCipherPreferences;
+  FAllowUnsafeLegacyRenegotiation := CDefaultAllowUnsafeLegacyRenegotiation;
+  FUseLegacyServerConnect := CDefaultUseLegacyServerConnect;
+end;
+
+function TIdOpenSSLOptionsBase.Equals(Obj: TObject): Boolean;
+
+  function EqualMethod(const ALeft, ARight: TMethod): Boolean; inline;
+  begin
+    Result := (ALeft.Code = ARight.Code) and (ALeft.Data = ARight.Data);
+  end;
+
+var
+  LObj: TIdOpenSSLOptionsBase;
+begin
+  inherited;
+  Result := Obj is TIdOpenSSLOptionsBase;
+  if Result then
+  begin
+    LObj := TIdOpenSSLOptionsBase(Obj);
+    Result := (FCertFile = LObj.FCertFile)
+      and (FCertKey = LObj.FCertKey)
+      and (FVerifyCertificate = LObj.FVerifyCertificate)
+      and (FVerifyCertDirectory = LObj.FVerifyCertDirectory)
+      and (FTLSVersionMinimum = LObj.FTLSVersionMinimum)
+      and (FTLSVersionMaximum = LObj.FTLSVersionMaximum)
+      and (FCipherList = LObj.FCipherList)
+      and EqualMethod(TMethod(FOnGetPassword), TMethod(LObj.FOnGetPassword))
+      and EqualMethod(TMethod(FOnKeyLogging), TMethod(LObj.FOnKeyLogging))
+      and EqualMethod(TMethod(FOnVerify), TMethod(LObj.FOnVerify));
+  end;
+end;
+
+end.
diff --git a/Lib/Protocols/OpenSSL/IdOpenSSLOptionsClient.pas b/Lib/Protocols/OpenSSL/IdOpenSSLOptionsClient.pas
new file mode 100644
index 000000000..78d937cfe
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/IdOpenSSLOptionsClient.pas
@@ -0,0 +1,87 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+unit IdOpenSSLOptionsClient;
+
+interface
+
+{$i IdCompilerDefines.inc}
+
+uses
+  Classes,
+  IdOpenSSLOptions;
+
+type
+  TIdOpenSSLOptionsClient = class(TIdOpenSSLOptionsBase)
+  strict private const
+    CDefaultVerifyServerCertificate = True;
+  private
+    FVerifyServerCertificate: Boolean;
+  public
+    constructor Create; override;
+
+    procedure AssignTo(Dest: TPersistent); override;
+    function Equals(Obj: TObject): Boolean; override;
+  published
+    /// <summary>
+    ///   Verify the server certificate.
+    /// </summary>
+    /// <remarks>
+    ///   If the verification process fails, the TLS/SSL handshake is
+    ///   immediately terminated with an alert message containing the reason for
+    ///   the verification failure. If no server certificate is sent, because an
+    ///   anonymous cipher is used, this option is ignored.
+    /// </remarks>
+    property VerifyServerCertificate: Boolean read FVerifyServerCertificate write FVerifyServerCertificate default CDefaultVerifyServerCertificate;
+  end;
+
+  TIdOpenSSLOptionsClientClass = class of TIdOpenSSLOptionsClient;
+
+implementation
+
+{ TIdOpenSSLOptionsClient }
+
+procedure TIdOpenSSLOptionsClient.AssignTo(Dest: TPersistent);
+begin
+  inherited;
+  if Dest is TIdOpenSSLOptionsClient then
+    TIdOpenSSLOptionsClient(Dest).FVerifyServerCertificate := FVerifyServerCertificate;
+end;
+
+constructor TIdOpenSSLOptionsClient.Create;
+begin
+  inherited;
+  FVerifyServerCertificate := CDefaultVerifyServerCertificate;
+end;
+
+function TIdOpenSSLOptionsClient.Equals(Obj: TObject): Boolean;
+begin
+  Result := inherited;
+  if Result and (Obj is TIdOpenSSLOptionsClient) then
+    Result := FVerifyServerCertificate = TIdOpenSSLOptionsClient(Obj).FVerifyServerCertificate;
+end;
+
+end.
diff --git a/Lib/Protocols/OpenSSL/IdOpenSSLOptionsServer.pas b/Lib/Protocols/OpenSSL/IdOpenSSLOptionsServer.pas
new file mode 100644
index 000000000..95cfa8a24
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/IdOpenSSLOptionsServer.pas
@@ -0,0 +1,124 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+unit IdOpenSSLOptionsServer;
+
+interface
+
+{$i IdCompilerDefines.inc}
+
+uses
+  Classes,
+  IdOpenSSLOptions;
+
+type
+  TIdOpenSSLOptionsServer = class(TIdOpenSSLOptionsBase)
+  strict private const
+    CDefaultRequestCertificate = False;
+    CDefaultFailIfNoPeerCertificate = False;
+    CDefaultRequestCertificateOnlyOnce = False;
+  private
+    FRequestCertificate: Boolean;
+    FFailIfNoPeerCertificate: Boolean;
+    FRequestCertificateOnlyOnce: Boolean;
+  public
+    constructor Create; override;
+
+    procedure AssignTo(Dest: TPersistent); override;
+    function Equals(Obj: TObject): Boolean; override;
+  published
+    /// <summary>
+    ///   The server sends a client certificate request to the client. The
+    ///   certificate returned (if any) is checked. If the verification process
+    ///   fails, the TLS/SSL handshake is immediately terminated with an alert
+    ///   message containing the reason for the verification failure.
+    /// </summary>
+    property RequestCertificate: Boolean read FRequestCertificate write FRequestCertificate default CDefaultRequestCertificate;
+
+    /// <summary>
+    ///   If the client did not return a certificate, the TLS/SSL handshake is
+    ///   immediately terminated with a "handshake failure" alert.
+    /// </summary>
+    /// <remarks>
+    ///   Will be ignored if <see cref="RequestCertificate"/> is False.
+    /// </remarks>
+    property FailIfNoPeerCertificate: Boolean read FFailIfNoPeerCertificate write FFailIfNoPeerCertificate default CDefaultFailIfNoPeerCertificate;
+
+    /// <summary>
+    ///   Only request a client certificate once during the connection. Do not
+    ///   ask for a client certificate again during renegotiation or
+    ///   post-authentication if a certificate was requested during the initial
+    ///   handshake.
+    /// </summary>
+    /// <remarks>
+    ///   Will be ignored if <see cref="RequestCertificate"/> is False.
+    /// </remarks>
+    property RequestCertificateOnlyOnce: Boolean read FRequestCertificateOnlyOnce write FRequestCertificateOnlyOnce default CDefaultRequestCertificateOnlyOnce;
+  end;
+
+  TIdOpenSSLOptionsServerClass = class of TIdOpenSSLOptionsServer;
+
+implementation
+
+{ TIdOpenSSLOptionsServer }
+
+procedure TIdOpenSSLOptionsServer.AssignTo(Dest: TPersistent);
+var
+  LDest: TIdOpenSSLOptionsServer;
+begin
+  inherited;
+  if Dest is TIdOpenSSLOptionsServer then
+  begin
+    LDest := TIdOpenSSLOptionsServer(Dest);
+    LDest.FRequestCertificate := FRequestCertificate;
+    LDest.FFailIfNoPeerCertificate := FFailIfNoPeerCertificate;
+    LDest.FRequestCertificateOnlyOnce := FRequestCertificateOnlyOnce;
+  end;
+end;
+
+constructor TIdOpenSSLOptionsServer.Create;
+begin
+  inherited;
+  FRequestCertificate := CDefaultRequestCertificate;
+  FFailIfNoPeerCertificate := CDefaultFailIfNoPeerCertificate;
+  FRequestCertificateOnlyOnce := CDefaultRequestCertificateOnlyOnce;
+end;
+
+function TIdOpenSSLOptionsServer.Equals(Obj: TObject): Boolean;
+var
+  LObj: TIdOpenSSLOptionsServer;
+begin
+  Result := inherited;
+  if Result and (Obj is TIdOpenSSLOptionsServer) then
+  begin
+    LObj := TIdOpenSSLOptionsServer(Obj);
+    Result := (FRequestCertificate = LObj.FRequestCertificate)
+      and (FFailIfNoPeerCertificate = LObj.FFailIfNoPeerCertificate)
+      and (FRequestCertificateOnlyOnce = LObj.FRequestCertificateOnlyOnce);
+  end;
+end;
+
+end.
diff --git a/Lib/Protocols/OpenSSL/IdOpenSSLPersistent.pas b/Lib/Protocols/OpenSSL/IdOpenSSLPersistent.pas
new file mode 100644
index 000000000..1b1d65901
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/IdOpenSSLPersistent.pas
@@ -0,0 +1,41 @@
+unit IdOpenSSLPersistent;
+
+interface
+
+{$i IdCompilerDefines.inc}
+
+uses
+  Classes;
+
+type
+  TIdOpenSSLPersistent = class(TPersistent)
+  public
+    constructor Create; virtual;
+
+    procedure AssignTo(Dest: TPersistent); override;
+    function Clone: TIdOpenSSLPersistent; virtual;
+  end;
+  TIdOpenSSLPersistentClass = class of TIdOpenSSLPersistent;
+
+implementation
+
+{ TIdOpenSSLPersistent }
+
+procedure TIdOpenSSLPersistent.AssignTo(Dest: TPersistent);
+begin
+  if not (Dest is TIdOpenSSLPersistent) then
+    inherited;
+end;
+
+function TIdOpenSSLPersistent.Clone: TIdOpenSSLPersistent;
+begin
+  Result := TIdOpenSSLPersistentClass(Self.ClassType).Create();
+  AssignTo(Result);
+end;
+
+constructor TIdOpenSSLPersistent.Create;
+begin
+  inherited;
+end;
+
+end.
diff --git a/Lib/Protocols/OpenSSL/IdOpenSSLSocket.pas b/Lib/Protocols/OpenSSL/IdOpenSSLSocket.pas
new file mode 100644
index 000000000..c7cf85d82
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/IdOpenSSLSocket.pas
@@ -0,0 +1,214 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+unit IdOpenSSLSocket;
+
+interface
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdGlobal,
+  IdOpenSSLHeaders_ossl_typ;
+
+type
+  TIdOpenSSLSocket = class(TObject)
+  private
+    FDoNotCallShutdown: Boolean;
+  protected
+    FSSL: PSSL;
+    FContext: PSSL_CTX;
+    function StartSSL(const AContext: PSSL_CTX): PSSL;
+    /// <summary>
+    ///   Checks if the return code is a recoverable error which means we should
+    ///   do the same action again, for example because of a renegotiation
+    /// </summary>
+    /// <param name="ASSL">
+    ///   Pointer to the PSSL
+    /// </param>
+    /// <param name="AReturnCode">
+    ///   The result of the before called api, will be zero'ed only if the
+    ///   connection is closed from the peer
+    /// </param>
+    function ShouldRetry(const ASSL: PSSL; var AReturnCode: Integer): Boolean;
+  public
+    constructor Create(const AContext: PSSL_CTX);
+    destructor Destroy; override;
+
+    procedure Close;
+
+    function Send(const ABuffer: TIdBytes; AOffset, ALength: Integer): Integer;
+    function Receive(var ABuffer: TIdBytes): Integer;
+
+    function HasReadableData: Boolean;
+  end;
+
+implementation
+
+uses
+  IdCTypes,
+  IdOpenSSLExceptionResourcestrings,
+  IdOpenSSLExceptions,
+  IdOpenSSLHeaders_err,
+  IdOpenSSLHeaders_ssl,
+  SysUtils;
+
+{ TIdOpenSSLSocket }
+
+procedure TIdOpenSSLSocket.Close;
+var
+  LReturnCode: TIdC_INT;
+  LSSLErrorCode: TIdC_INT;
+begin
+  if not FDoNotCallShutdown then
+  begin
+    LReturnCode := SSL_shutdown(FSSL);
+    if LReturnCode < 0 then
+    begin
+      LSSLErrorCode := SSL_get_error(FSSL, LReturnCode);
+      if LSSLErrorCode <> SSL_ERROR_ZERO_RETURN then
+        EIdOpenSSLShutdownError.RaiseFmt(RIdOpenSSLShutdownError, [LSSLErrorCode]);
+    end;
+  end
+  else
+    SSL_set_shutdown(FSSL, SSL_SENT_SHUTDOWN or SSL_RECEIVED_SHUTDOWN);
+end;
+
+constructor TIdOpenSSLSocket.Create(const AContext: PSSL_CTX);
+begin
+  inherited Create;
+  FContext := AContext;
+end;
+
+destructor TIdOpenSSLSocket.Destroy;
+begin
+  SSL_free(FSSL); // nil-safe
+  FSSL := nil;
+  inherited;
+end;
+
+function TIdOpenSSLSocket.HasReadableData: Boolean;
+begin
+  Result := SSL_pending(FSSL) > 0;
+end;
+
+function TIdOpenSSLSocket.ShouldRetry(const ASSL: PSSL; var AReturnCode: Integer): Boolean;
+begin
+  Result := False;
+  // Only negative values are errors, positiv values represent the amount of
+  // bytes which are read/written
+  if AReturnCode > 0 then
+    Exit;
+
+  case SSL_get_error(ASSL, AReturnCode) of
+    SSL_ERROR_NONE:
+    // The TLS/SSL I/O operation completed. This result code is returned if and
+    // only if AReturnCode > 0
+    // No reason for a retry
+      Result := False;
+
+    // Even write operation could trigger read operations, for example
+    // because of an automatic executed renegotiation
+    SSL_ERROR_WANT_READ, SSL_ERROR_WANT_WRITE:
+    // The operation did not complete and can be retried later.
+      Result := True;
+
+    SSL_ERROR_WANT_CONNECT, SSL_ERROR_WANT_ACCEPT:
+    // The operation did not complete; the same TLS/SSL I/O function should
+    // be called again later.
+      Result := True;
+
+    SSL_ERROR_ZERO_RETURN:
+    // The TLS/SSL peer has closed the connection for writing by sending the
+    // close_notify alert. No more data can be read.
+    begin
+      Result := False;
+      AReturnCode := 0;
+    end;
+
+    SSL_ERROR_SYSCALL:
+    // Some non-recoverable, fatal I/O error occurred.
+    begin
+      FDoNotCallShutdown := True;
+      Result := False;
+    end;
+
+    SSL_ERROR_SSL:
+    // A non-recoverable, fatal error in the SSL library occurred, usually a
+    // protocol error.
+    begin
+      FDoNotCallShutdown := True;
+      Result := False;
+    end
+  else
+    Result := False;
+  end;
+end;
+
+function TIdOpenSSLSocket.Receive(var ABuffer: TIdBytes): Integer;
+begin
+  repeat
+    Result := SSL_read(FSSL, PByte(ABuffer), Length(ABuffer));
+    // Got a result, no need for reading more or retrying
+    if Result > 0 then
+      Exit;
+  until not ShouldRetry(FSSL, Result);
+end;
+
+function TIdOpenSSLSocket.Send(const ABuffer: TIdBytes; AOffset, ALength: Integer): Integer;
+var
+  LBytesWritten: Integer;
+begin
+  Result := 0;
+  while Result < ALength do
+  begin
+    LBytesWritten := SSL_write(FSSL, @ABuffer[AOffset], ALength);
+    if LBytesWritten > 0 then
+    begin
+      Inc(AOffset, LBytesWritten);
+      Dec(ALength, LBytesWritten);
+      Inc(Result, LBytesWritten);
+    end
+    else
+    begin
+      if not ShouldRetry(FSSL, LBytesWritten) then
+      begin
+        Result := LBytesWritten;
+        Exit;
+      end;
+    end;
+  end;
+end;
+
+function TIdOpenSSLSocket.StartSSL(const AContext: PSSL_CTX): PSSL;
+begin
+  Result := SSL_new(AContext);
+  if not Assigned(Result) then
+    EIdOpenSSLNewSSLError.&Raise(RIdOpenSSLNewSSLError);
+  FDoNotCallShutdown := False;
+end;
+
+end.
diff --git a/Lib/Protocols/OpenSSL/IdOpenSSLSocketClient.pas b/Lib/Protocols/OpenSSL/IdOpenSSLSocketClient.pas
new file mode 100644
index 000000000..fd8d3a723
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/IdOpenSSLSocketClient.pas
@@ -0,0 +1,99 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+unit IdOpenSSLSocketClient;
+
+interface
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdOpenSSLHeaders_ossl_typ,
+  IdOpenSSLSocket,
+  IdStackConsts;
+
+type
+  TIdOpenSSLSocketClient = class(TIdOpenSSLSocket)
+  private
+    FSession: Pointer;
+  public
+    function Connect(
+      const AHandle: TIdStackSocketHandle;
+      const ASNIHostname: string = ''): Boolean;
+    procedure SetSession(const ASession: Pointer);
+  end;
+
+implementation
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLExceptionResourcestrings,
+  IdOpenSSLExceptions,
+  IdOpenSSLHeaders_ssl,
+  IdOpenSSLHeaders_tls1,
+  IdOpenSSLUtils;
+
+{ TIdOpenSSLSocketClient }
+
+function TIdOpenSSLSocketClient.Connect(
+  const AHandle: TIdStackSocketHandle;
+  const ASNIHostname: string): Boolean;
+var
+  LReturnCode: TIdC_INT;
+  LShouldRetry: Boolean;
+//  x: Boolean;
+begin
+  FSSL := StartSSL(FContext);
+  SSL_set_fd(FSSL, AHandle);
+  if ASNIHostname <> '' then
+    if SSL_set_tlsext_host_name(FSSL, GetPAnsiChar(UTF8String(ASNIHostname))) <> 1 then
+      EIdOpenSSLSetSNIServerNameError.&Raise();
+  if Assigned(FSession) then
+    if SSL_set_session(FSSL, FSession) <> 1 then
+      EIdOpenSSLSetSessionError.&Raise();
+
+  repeat
+    LReturnCode := SSL_connect(FSSL);
+    Result := LReturnCode = 1;
+
+    LShouldRetry := ShouldRetry(FSSL, LReturnCode);
+    if not LShouldRetry and (LReturnCode < 0) then
+      raise EIdOpenSSLConnectError.Create(FSSL, LReturnCode, '');
+  until not LShouldRetry;
+
+  // The specification recommends that applications only use a session once
+  // (although this may not be enforced). Now we enforce this on our own :)
+//  SSL_CTX_remove_session(FContext, FSession);
+//  x := SSL_session_reused(FSSL) = 1;
+end;
+
+procedure TIdOpenSSLSocketClient.SetSession(const ASession: Pointer);
+begin
+  FSession := ASession;
+end;
+
+end.
diff --git a/Lib/Protocols/OpenSSL/IdOpenSSLSocketServer.pas b/Lib/Protocols/OpenSSL/IdOpenSSLSocketServer.pas
new file mode 100644
index 000000000..38269cc8f
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/IdOpenSSLSocketServer.pas
@@ -0,0 +1,73 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+unit IdOpenSSLSocketServer;
+
+interface
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdOpenSSLSocket,
+  IdStackConsts;
+
+type
+  TIdOpenSSLSocketServer = class(TIdOpenSSLSocket)
+  public
+    function Accept(
+      const AHandle: TIdStackSocketHandle): Boolean;
+  end;
+
+implementation
+
+uses
+  IdOpenSSLExceptionResourcestrings,
+  IdOpenSSLExceptions,
+  IdOpenSSLHeaders_ssl,
+  IdCTypes;
+
+{ TIdOpenSSLSocketServer }
+
+function TIdOpenSSLSocketServer.Accept(
+  const AHandle: TIdStackSocketHandle): Boolean;
+var
+  LReturnCode: TIdC_INT;
+  LShouldRetry: Boolean;
+begin
+  FSSL := StartSSL(FContext);
+  SSL_set_fd(FSSL, AHandle);
+
+  repeat
+    LReturnCode := SSL_accept(FSSL);
+    Result := LReturnCode = 1;
+
+    LShouldRetry := ShouldRetry(FSSL, LReturnCode);
+    if not LShouldRetry and (LReturnCode < 0) then
+      raise EIdOpenSSLAcceptError.Create(FSSL, LReturnCode, '');
+  until not LShouldRetry;
+end;
+
+end.
diff --git a/Lib/Protocols/OpenSSL/IdOpenSSLTypes.pas b/Lib/Protocols/OpenSSL/IdOpenSSLTypes.pas
new file mode 100644
index 000000000..50119a271
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/IdOpenSSLTypes.pas
@@ -0,0 +1,72 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+unit IdOpenSSLTypes;
+
+interface
+
+uses
+  IdOpenSSLX509;
+
+{$i IdCompilerDefines.inc}
+
+type
+  TGetPassword = procedure(Sender: TObject; var Password: string; const IsWrite: Boolean) of object;
+
+  TKeyLog = procedure(Sender: TObject; const ALine: string) of object;
+
+  /// <summary>
+  ///   Callback type for custom x509 verification
+  /// </summary>
+  /// <param name="Sender">
+  ///   <see cref="IdOpenSSLContext|TIdOpenSSLContext"/> which triggers this callback.
+  /// </param>
+  /// <param name="x509">
+  ///   <see cref="IdOpenSSLX509|TIdOpenSSLX509"/> information about the current certificate.
+  /// </param>
+  /// <param name="VerifyResult">
+  ///   The result code of the OpenSSL verification.
+  ///   See IdOpenSSLHeaders_x509_vfy.<see cref="IdOpenSSLHeaders_x509_vfy|X509_V_OK"/> (0) and following for named constants.
+  /// </param>
+  /// <param name="Depth">
+  ///   The depth of the current certificate. The depth count is
+  ///   "level 0: peer certificate", "level 1: CA certificate",
+  ///   "level 2: higher level CA certificate", and so on.
+  /// </param>
+  /// <param name="Accepted">
+  ///   The validation result. Will be initialized with the result of the
+  ///   OpenSSL verification result. To leave it unchanged is valid.
+  /// </param>
+  TVerifyCallback = procedure(
+    Sender: TObject;
+    const x509: TIdOpenSSLX509;
+    const VerifyResult: Integer;
+    const Depth: Integer;
+    var Accepted: Boolean) of object;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/IdOpenSSLUtils.pas b/Lib/Protocols/OpenSSL/IdOpenSSLUtils.pas
new file mode 100644
index 000000000..784eb9e4a
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/IdOpenSSLUtils.pas
@@ -0,0 +1,111 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+unit IdOpenSSLUtils;
+
+interface
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal;
+
+function GetPAnsiChar(const s: UTF8String): PIdAnsiChar;
+function GetPAnsiCharOrNil(const s: UTF8String): PIdAnsiChar;
+function GetString(const p: PIdAnsiChar): string;
+
+function TMToDateTime(const ATM: TIdC_TM): TDateTime;
+
+function BoolToInt(const ABool: Boolean): Integer;
+function IntToBool(const AInt: Integer): Boolean;
+
+implementation
+
+uses
+  DateUtils,
+//{$IFDEF USE_MARSHALLED_PTRS}
+//{$IFDEF MSWINDOWS} // prevent "[dcc32 Hint] H2443 Inline function 'TMarshaller.AsUtf8'
+//  Windows,         // has not been expanded because unit 'Winapi.Windows' is not
+//{$ENDIF MSWINDOWS} // specified in USES list" ¯\_(ツ)_/¯
+//{$ENDIF}
+  SysUtils;
+
+const
+  BoolConverter: array[Boolean] of Integer = (0, 1);
+
+function GetPAnsiChar(const s: UTF8String): PIdAnsiChar;
+//{$IFDEF USE_MARSHALLED_PTRS}
+//var
+//  m: TMarshaller;
+//{$ENDIF}
+begin
+//  {$IFDEF USE_MARSHALLED_PTRS}
+//  Result := m.AsUtf8(string(s)).ToPointer;
+//  {$ELSE}
+  Result := PIdAnsiChar(Pointer(s));
+//  {$ENDIF}
+end;
+
+function GetPAnsiCharOrNil(const s: UTF8String): PIdAnsiChar;
+begin
+  if s = '' then
+    Result := nil
+  else
+    Result := GetPAnsiChar(s);
+end;
+
+function GetString(const p: PIdAnsiChar): string;
+begin
+  Result := string(AnsiString(p));
+end;
+
+function TMToDateTime(const ATM: TIdC_TM): TDateTime;
+begin
+  Result := EncodeDateTime(
+    ATM.tm_year + 1900,
+    ATM.tm_mon + 1,
+    ATM.tm_mday,
+    ATM.tm_hour,
+    ATM.tm_min,
+    ATM.tm_sec,
+    0);
+end;
+
+function BoolToInt(const ABool: Boolean): Integer;
+begin
+  Result := BoolConverter[ABool];
+end;
+
+function IntToBool(const AInt: Integer): Boolean;
+begin
+  if BoolConverter[True] = AInt then
+    Result := True
+  else
+    Result := False;
+end;
+
+end.
diff --git a/Lib/Protocols/OpenSSL/IdOpenSSLVersion.pas b/Lib/Protocols/OpenSSL/IdOpenSSLVersion.pas
new file mode 100644
index 000000000..f48113a80
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/IdOpenSSLVersion.pas
@@ -0,0 +1,47 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+unit IdOpenSSLVersion;
+
+interface
+
+{$i IdCompilerDefines.inc}
+
+type
+  {$SCOPEDENUMS ON}
+  TIdOpenSSLVersion =
+  (
+    Undefined,
+    SSLv3,
+    TLSv1,
+    TLSv1_1,
+    TLSv1_2,
+    TLSv1_3
+  );
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/IdOpenSSLX509.pas b/Lib/Protocols/OpenSSL/IdOpenSSLX509.pas
new file mode 100644
index 000000000..e19241ecb
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/IdOpenSSLX509.pas
@@ -0,0 +1,362 @@
+unit IdOpenSSLX509;
+
+interface
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdOpenSSLPersistent,
+  IdOpenSSLHeaders_ossl_typ,
+  IdCTypes,
+  IdGlobal,
+  Classes;
+
+type
+  TIdOpenSSLX509Name = class(TIdOpenSSLPersistent)
+  private
+    FName: PX509_NAME;
+    function GetAsString: string;
+    function GetCN: string;
+
+    function GetNameEntry(const nid: TIdC_INT): string;
+    function GetOU: string;
+    function GetC: string;
+    function GetO: string;
+    function GetST: string;
+    function GetL: string;
+  public
+    constructor Create(const AName: PX509_NAME); reintroduce;
+    procedure AssignTo(Dest: TPersistent); override;
+
+    property AsString: string read GetAsString;
+
+    /// <summary>
+    ///   OID 2.5.4.3: Common name
+    /// </summary>
+    property CN: string read GetCN;
+    /// <summary>
+    ///   OID 2.5.4.10: Organization
+    /// </summary>
+    property O: string read GetO;
+    /// <summary>
+    ///   OID 2.5.4.11: Organizational unit
+    /// </summary>
+    property OU: string read GetOU;
+    /// <summary>
+    ///   OID 2.5.4.6: Country
+    /// </summary>
+    property C: string read GetC;
+    /// <summary>
+    ///   OID 2.5.4.8: State or Province Name
+    /// </summary>
+    /// <remarks>
+    ///   In Windows also known only as "S"
+    /// </remarks>
+    property ST: string read GetST;
+    /// <summary>
+    ///   OID 2.5.4.8: State or Province Name
+    /// </summary>
+    /// <remarks>
+    ///   In OpenSSL also known only as "ST"
+    /// </remarks>
+    property S: string read GetST; //FI:C110
+    /// <summary>
+    ///   OID 2.5.4.7: Locality
+    /// </summary>
+    property L: string read GetL;
+  end;
+
+  // https://zakird.com/2013/10/13/certificate-parsing-with-openssl
+  TIdOpenSSLX509 = class(TIdOpenSSLPersistent)
+  private
+    FX509: PX509;
+    FIssuer: TIdOpenSSLX509Name;
+    FSubject: TIdOpenSSLX509Name;
+    function GetVersion: TIdC_Long;
+    function GetIssuer: TIdOpenSSLX509Name;
+    function GetSerialNumber: string;
+    function GetSubject: TIdOpenSSLX509Name;
+    function GetSignatureAlgorithmAsString: string;
+    function GetSignatureAlgorithmAsNID: TIdC_INT;
+    function GetThumbprintAsMD5: string;
+    function GetThumbprintAsSHA1: string;
+    function GetThumbprintAsSHA256: string;
+    function GetValidFromInGMT: TDateTime;
+//    function GetPublicKey: TIdBytes;
+
+    function GetInternalThumbprint(const md: PEVP_MD): string;
+    function ASN1TimeToDateTime(const ATimeASN1: PASN1_TIME): TDateTime;
+    function GetValidToInGMT: TDateTime;
+  public
+    constructor Create(const AX509: PX509); reintroduce;
+    destructor Destroy; override;
+    procedure AssignTo(Dest: TPersistent); override;
+
+    /// <returns>
+    ///   Returns the numerical value of the version field of the certificate.
+    /// </returns>
+    /// <remarks>
+    ///   Note: this is defined by standards (X.509 et al) to be one less than
+    ///   the certificate version. So a version 3 certificate will return 2 and
+    ///   a version 1 certificate will return 0.
+    /// </remarks>
+    property Version: TIdC_Long read GetVersion;
+    /// <returns>
+    ///   Returns the hexadecimal serial number
+    /// </returns>
+    property SerialNumber: string read GetSerialNumber;
+    /// <remarks>
+    ///   Constants for NIDs can be found in IdOpenSSLHeaders_obj_mac.pas,
+    ///   for example <see cref="IdOpenSSLHeaders_obj_mac|NID_sha256WithRSAEncryption"/>
+    ///   for SHA256RSA.
+    /// </remarks>
+    property SignatureAlgorithmAsNID: TIdC_INT read GetSignatureAlgorithmAsNID;
+    /// <remarks>
+    ///   Constants for LNs (long names) can be found in IdOpenSSLHeaders_obj_mac.pas,
+    ///   for example <see cref="IdOpenSSLHeaders_obj_mac|LN_sha256WithRSAEncryption"/>
+    ///   for SHA256RSA.
+    /// </remarks>
+    /// <returns>
+    ///   Returns a LN (long name) of the signature algorithm
+    /// </returns>
+    property SignatureAlgorithmAsString: string read GetSignatureAlgorithmAsString;
+
+    property Issuer: TIdOpenSSLX509Name read GetIssuer;
+
+    property ValidFromInGMT: TDateTime read GetValidFromInGMT;
+    property ValidToInGMT: TDateTime read GetValidToInGMT;
+
+    property Subject: TIdOpenSSLX509Name read GetSubject;
+
+//    property PublicKey: TIdBytes read GetPublicKey;
+
+    property ThumbprintAsMD5: string read GetThumbprintAsMD5;
+    property ThumbprintAsSHA1: string read GetThumbprintAsSHA1;
+    property ThumbprintAsSHA256: string read GetThumbprintAsSHA256;
+
+    property X509: PX509 read FX509 write FX509;
+  end;
+
+implementation
+
+uses
+  IdOpenSSLHeaders_asn1,
+  IdOpenSSLHeaders_bn,
+  IdOpenSSLHeaders_crypto,
+  IdOpenSSLHeaders_evp,
+  IdOpenSSLHeaders_obj_mac,
+  IdOpenSSLHeaders_objects,
+  IdOpenSSLHeaders_x509,
+  IdOpenSSLUtils;
+
+{ TIdOpenSSLX509 }
+
+function TIdOpenSSLX509.ASN1TimeToDateTime(
+  const ATimeASN1: PASN1_TIME): TDateTime;
+var
+  LTime: TIdC_TM;
+begin
+  if ASN1_TIME_to_tm(ATimeASN1, @LTime) = 0 then
+    Exit(0);
+  Result := TMToDateTime(LTime);
+end;
+
+procedure TIdOpenSSLX509.AssignTo(Dest: TPersistent);
+begin
+  inherited;
+  if Dest is TIdOpenSSLX509 then
+    TIdOpenSSLX509(Dest).FX509 := FX509;
+end;
+
+constructor TIdOpenSSLX509.Create(const AX509: PX509);
+begin
+  inherited Create();
+  FX509 := AX509;
+end;
+
+destructor TIdOpenSSLX509.Destroy;
+begin
+  FSubject.Free();
+  FIssuer.Free();
+  inherited;
+end;
+
+function TIdOpenSSLX509.GetIssuer: TIdOpenSSLX509Name;
+begin
+  if not Assigned(FIssuer) then
+    FIssuer := TIdOpenSSLX509Name.Create(X509_get_issuer_name(FX509));
+  Result := FIssuer;
+end;
+
+//function TIdOpenSSLX509.GetPublicKey: TIdBytes;
+//var
+//  LPubKey: PEVP_PKEY;
+//begin
+//  LPubKey := X509_get_pubkey(FX509);
+//end;
+
+function TIdOpenSSLX509.GetSerialNumber: string;
+var
+  LAsAsn1Int: PASN1_INTEGER;
+  LAsBN: PBIGNUM;
+begin
+  LAsAsn1Int := X509_get_serialNumber(FX509);
+  LAsBN := ASN1_INTEGER_to_BN(LAsAsn1Int, nil);
+  Result := GetString(BN_bn2hex(LAsBN));
+end;
+
+function TIdOpenSSLX509.GetSignatureAlgorithmAsString: string;
+var
+  LNID: TIdC_INT;
+begin
+  LNID := SignatureAlgorithmAsNID;
+  Result := GetString(OBJ_nid2ln(LNID));
+end;
+
+function TIdOpenSSLX509.GetSignatureAlgorithmAsNID: TIdC_INT;
+begin
+  Result := X509_get_signature_nid(FX509);
+end;
+
+function TIdOpenSSLX509.GetSubject: TIdOpenSSLX509Name;
+begin
+  if not Assigned(FSubject) then
+    FSubject := TIdOpenSSLX509Name.Create(X509_get_subject_name(FX509));
+  Result := FSubject;
+end;
+
+function TIdOpenSSLX509.GetInternalThumbprint(const md: PEVP_MD): string;
+var
+  LBuffer: array[0 .. EVP_MAX_MD_SIZE -1] of Byte;
+  LByteCount: TIdC_UINT;
+  i: Integer;
+begin
+  Result := '';
+  LByteCount := EVP_MAX_MD_SIZE;
+  if X509_digest(FX509, md, @LBuffer, @LByteCount) = 1 then
+    for i := 0 to LByteCount-1 do
+      Result := Result + ByteToHex(LBuffer[i]);
+end;
+
+function TIdOpenSSLX509.GetThumbprintAsMD5: string;
+begin
+  Result := GetInternalThumbprint(EVP_md5());
+end;
+
+function TIdOpenSSLX509.GetThumbprintAsSHA1: string;
+begin
+  Result := GetInternalThumbprint(EVP_sha1());
+end;
+
+function TIdOpenSSLX509.GetThumbprintAsSHA256: string;
+begin
+  Result := GetInternalThumbprint(EVP_sha256());
+end;
+
+function TIdOpenSSLX509.GetValidFromInGMT: TDateTime;
+begin
+  Result := ASN1TimeToDateTime(X509_get0_notBefore(FX509));
+end;
+
+function TIdOpenSSLX509.GetValidToInGMT: TDateTime;
+begin
+  Result := ASN1TimeToDateTime(X509_get0_notAfter(FX509));
+end;
+
+function TIdOpenSSLX509.GetVersion: TIdC_Long;
+begin
+  Result := X509_get_version(FX509);
+end;
+
+{ TIdOpenSSLX509Name }
+
+procedure TIdOpenSSLX509Name.AssignTo(Dest: TPersistent);
+begin
+  inherited;
+  if Dest is TIdOpenSSLX509Name then
+    TIdOpenSSLX509Name(Dest).FName := FName;
+end;
+
+constructor TIdOpenSSLX509Name.Create(const AName: PX509_NAME);
+begin
+  inherited Create();
+  FName := AName;
+end;
+
+function TIdOpenSSLX509Name.GetAsString: string;
+begin
+  Result := GetString(X509_NAME_oneline(FName, nil, 0));
+end;
+
+function TIdOpenSSLX509Name.GetC: string;
+begin
+  Result := GetNameEntry(NID_countryName);
+end;
+
+function TIdOpenSSLX509Name.GetCN: string;
+begin
+  Result := GetNameEntry(NID_commonName);
+end;
+
+function TIdOpenSSLX509Name.GetL: string;
+begin
+  Result := GetNameEntry(NID_localityName);
+end;
+
+function TIdOpenSSLX509Name.GetNameEntry(const nid: TIdC_INT): string;
+var
+  LPos: TIdC_INT;
+  LEntry: PX509_NAME_ENTRY;
+  LString: PASN1_STRING;
+  LBuffer: PPByte;
+  LReturn: TIdC_INT;
+begin
+  Result := '';
+  New(LBuffer);
+  try
+    // First Entry
+    LPos := X509_NAME_get_index_by_NID(FName, nid, -1);
+    if LPos = -1 then
+      Exit;
+
+    repeat
+      LEntry := X509_NAME_get_entry(FName, LPos);
+      if not Assigned(LEntry) then
+        Exit;
+      LString := X509_NAME_ENTRY_get_data(LEntry);
+
+      LReturn := ASN1_STRING_to_UTF8(LBuffer, LString);
+      if LReturn < 0 then
+        Exit;
+      try
+        if not (Result = '') then
+          Result := Result + ' ';
+        Result := Result + GetString(PIdAnsiChar(LBuffer^));
+      finally
+        OPENSSL_free(LBuffer^);
+      end;
+
+      // Next Entry
+      LPos := X509_NAME_get_index_by_NID(FName, nid, LPos);
+    until LPos = -1;
+  finally
+    Dispose(LBuffer);
+  end;
+end;
+
+function TIdOpenSSLX509Name.GetO: string;
+begin
+  Result := GetNameEntry(NID_organizationName);
+end;
+
+function TIdOpenSSLX509Name.GetOU: string;
+begin
+  Result := GetNameEntry(NID_organizationalUnitName);
+end;
+
+function TIdOpenSSLX509Name.GetST: string;
+begin
+  Result := GetNameEntry(NID_stateOrProvinceName);
+end;
+
+end.
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_aes.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_aes.pas
new file mode 100644
index 000000000..936bf31b3
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_aes.pas
@@ -0,0 +1,87 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+unit IdOpenSSLHeaders_aes;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// aes.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+const
+// Added '_CONST' to avoid name clashes
+  AES_ENCRYPT_CONST = 1;
+// Added '_CONST' to avoid name clashes
+  AES_DECRYPT_CONST = 0;
+  AES_MAXNR = 14;
+  AES_BLOCK_SIZE = 16;
+
+type
+  aes_key_st = record
+  // in old IdSSLOpenSSLHeaders.pas it was also TIdC_UINT ¯\_(ツ)_/¯
+//    {$IFDEF AES_LONG}
+//    rd_key: array[0..(4 * (AES_MAXNR + 1))] of TIdC_ULONG;
+//    {$ELSE}
+    rd_key: array[0..(4 * (AES_MAXNR + 1))] of TIdC_UINT;
+//    {$ENDIF}
+    rounds: TIdC_INT;
+  end;
+  AES_KEY = aes_key_st;
+  PAES_KEY = ^AES_KEY;
+
+var
+  function AES_options: PIdAnsiChar;
+
+  function AES_set_encrypt_key(const userKey: PByte; const bits: TIdC_INT; const key: PAES_KEY): TIdC_INT;
+  function AES_set_decrypt_key(const userKey: PByte; const bits: TIdC_INT; const key: PAES_KEY): TIdC_INT;
+
+  procedure AES_encrypt(const &in: PByte; &out: PByte; const key: PAES_KEY);
+  procedure AES_decrypt(const &in: PByte; &out: PByte; const key: PAES_KEY);
+
+  procedure AES_ecb_encrypt(const &in: PByte; &out: PByte; const key: PAES_KEY; const enc: TIdC_INT);
+  procedure AES_cbc_encrypt(const &in: PByte; &out: PByte; length: TIdC_SIZET; const key: PAES_KEY; ivec: PByte; const enc: TIdC_INT);
+  procedure AES_cfb128_encrypt(const &in: PByte; &out: PByte; length: TIdC_SIZET; const key: PAES_KEY; ivec: PByte; num: PIdC_INT; const enc: TIdC_INT);
+  procedure AES_cfb1_encrypt(const &in: PByte; &out: PByte; length: TIdC_SIZET; const key: PAES_KEY; ivec: PByte; num: PIdC_INT; const enc: TIdC_INT);
+  procedure AES_cfb8_encrypt(const &in: PByte; &out: PByte; length: TIdC_SIZET; const key: PAES_KEY; ivec: PByte; num: PIdC_INT; const enc: TIdC_INT);
+  procedure AES_ofb128_encrypt(const &in: PByte; &out: PByte; length: TIdC_SIZET; const key: PAES_KEY; ivec: PByte; num: PIdC_INT);
+  (* NB: the IV is _two_ blocks long *)
+  procedure AES_ige_encrypt(const &in: PByte; &out: PByte; length: TIdC_SIZET; const key: PAES_KEY; ivec: PByte; const enc: TIdC_INT);
+  (* NB: the IV is _four_ blocks long *)
+  procedure AES_bi_ige_encrypt(const &in: PByte; &out: PByte; length: TIdC_SIZET; const key: PAES_KEY; const key2: PAES_KEY; ivec: PByte; const enc: TIdC_INT);
+
+  function AES_wrap_key(key: PAES_KEY; const iv: PByte; &out: PByte; const &in: PByte; inlen: TIdC_UINT): TIdC_INT;
+  function AES_unwrap_key(key: PAES_KEY; const iv: PByte; &out: PByte; const &in: PByte; inlen: TIdC_UINT): TIdC_INT;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_asn1.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_asn1.pas
new file mode 100644
index 000000000..2ea7a5bf1
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_asn1.pas
@@ -0,0 +1,776 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+unit IdOpenSSLHeaders_asn1;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// asn1.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts,
+  IdOpenSSLHeaders_asn1t,
+  IdOpenSSLHeaders_bio,
+  IdOpenSSlHeaders_ossl_typ;
+
+{$MINENUMSIZE 4}
+
+const
+  (*
+   * NB the constants below are used internally by ASN1_INTEGER
+   * and ASN1_ENUMERATED to indicate the sign. They are *not* on
+   * the wire tag values.
+   *)
+
+  V_ASN1_NEG = $100;
+  V_ASN1_NEG_INTEGER = 2 or V_ASN1_NEG;
+  V_ASN1_NEG_ENUMERATED = 10 or V_ASN1_NEG;
+
+  (* For use with d2i_ASN1_type_bytes() *)
+  B_ASN1_NUMERICSTRING = $0001;
+  B_ASN1_PRINTABLESTRING = $0002;
+  B_ASN1_T61STRING = $0004;
+  B_ASN1_TELETEXSTRING = $0004;
+  B_ASN1_VIDEOTEXSTRING = $0008;
+  B_ASN1_IA5STRING = $0010;
+  B_ASN1_GRAPHICSTRING = $0020;
+  B_ASN1_ISO64STRING = $0040;
+  B_ASN1_VISIBLESTRING = $0040;
+  B_ASN1_GENERALSTRING = $0080;
+  B_ASN1_UNIVERSALSTRING = $0100;
+  B_ASN1_OCTET_STRING = $0200;
+  B_ASN1_BIT_STRING = $0400;
+  B_ASN1_BMPSTRING = $0800;
+  B_ASN1_UNKNOWN = $1000;
+  B_ASN1_UTF8STRING = $2000;
+  B_ASN1_UTCTIME = $4000;
+  B_ASN1_GENERALIZEDTIME = $8000;
+  B_ASN1_SEQUENCE = $10000;
+ (* For use with ASN1_mbstring_copy() *)
+  MBSTRING_FLAG = $1000;
+  MBSTRING_UTF8 = MBSTRING_FLAG;
+  MBSTRING_ASC = MBSTRING_FLAG or 1;
+  MBSTRING_BMP = MBSTRING_FLAG or 2;
+  MBSTRING_UNIV = MBSTRING_FLAG or 4;
+  SMIME_OLDMIME = $400;
+  SMIME_CRLFEOL = $800;
+  SMIME_STREAM = $1000;
+
+//    struct X509_algor_st;
+//DEFINE_STACK_OF(X509_ALGOR)
+
+  ASN1_STRING_FLAG_BITS_LEFT = $08;   (* Set if $07 has bits left value *)
+  (*
+   * This indicates that the ASN1_STRING is not a real value but just a place
+   * holder for the location where indefinite length constructed data should be
+   * inserted in the memory buffer
+   *)
+  ASN1_STRING_FLAG_NDEF = $010;
+
+  (*
+   * This flag is used by the CMS code to indicate that a string is not
+   * complete and is a place holder for content when it had all been accessed.
+   * The flag will be reset when content has been written to it.
+   *)
+
+  ASN1_STRING_FLAG_CONT = $020;
+  (*
+   * This flag is used by ASN1 code to indicate an ASN1_STRING is an MSTRING
+   * type.
+   *)
+  ASN1_STRING_FLAG_MSTRING = $040;
+  (* String is embedded and only content should be freed *)
+  ASN1_STRING_FLAG_EMBED = $080;
+  (* String should be parsed in RFC 5280's time format *)
+  ASN1_STRING_FLAG_X509_TIME = $100;
+
+  (* Used with ASN1 LONG type: if a long is set to this it is omitted *)
+  ASN1_LONG_UNDEF = TIdC_LONG($7fffffff);
+
+  STABLE_FLAGS_MALLOC = $01;
+  (*
+   * A zero passed to ASN1_STRING_TABLE_new_add for the flags is interpreted
+   * as "don't change" and STABLE_FLAGS_MALLOC is always set. By setting
+   * STABLE_FLAGS_MALLOC only we can clear the existing value. Use the alias
+   * STABLE_FLAGS_CLEAR to reflect this.
+   *)
+  STABLE_FLAGS_CLEAR = STABLE_FLAGS_MALLOC;
+  STABLE_NO_MASK = $02;
+  DIRSTRING_TYPE = B_ASN1_PRINTABLESTRING or B_ASN1_T61STRING or B_ASN1_BMPSTRING or B_ASN1_UTF8STRING;
+  PKCS9STRING_TYPE = DIRSTRING_TYPE or B_ASN1_IA5STRING;
+
+  (* size limits: this stuff is taken straight from RFC2459 *)
+  ub_name = 32768;
+  ub_common_name = 64;
+  ub_locality_name = 128;
+  ub_state_name = 128;
+  ub_organization_name = 64;
+  ub_organization_unit_name = 64;
+  ub_title = 64;
+  ub_email_address = 128;
+
+  (* Parameters used by ASN1_STRING_print_ex() *)
+
+  (*
+   * These determine which characters to escape: RFC2253 special characters,
+   * control characters and MSB set characters
+   *)
+  ASN1_STRFLGS_ESC_2253 = 1;
+  ASN1_STRFLGS_ESC_CTRL = 2;
+  ASN1_STRFLGS_ESC_MSB = 4;
+
+  (*
+   * This flag determines how we do escaping: normally RC2253 backslash only,
+   * set this to use backslash and quote.
+   *)
+
+  ASN1_STRFLGS_ESC_QUOTE = 8;
+
+  (* These three flags are internal use only. *)
+
+  (* Character is a valid PrintableString character *)
+  CHARTYPE_PRINTABLESTRING = $10;
+  (* Character needs escaping if it is the first character *)
+  CHARTYPE_FIRST_ESC_2253 = $20;
+  (* Character needs escaping if it is the last character *)
+  CHARTYPE_LAST_ESC_2253 = $40;
+
+  (*
+   * NB the internal flags are safely reused below by flags handled at the top
+   * level.
+   *)
+
+  (*
+   * If this is set we convert all character strings to UTF8 first
+   *)
+
+  ASN1_STRFLGS_UTF8_CONVERT = $10;
+
+  (*
+   * If this is set we don't attempt to interpret content: just assume all
+   * strings are 1 byte per character. This will produce some pretty odd
+   * looking output!
+   *)
+
+  ASN1_STRFLGS_IGNORE_TYPE = $20;
+
+  (* If this is set we include the string type in the output *)
+  ASN1_STRFLGS_SHOW_TYPE = $40;
+
+  (*
+   * This determines which strings to display and which to 'dump' (hex dump of
+   * content octets or DER encoding). We can only dump non character strings or
+   * everything. If we don't dump 'unknown' they are interpreted as character
+   * strings with 1 octet per character and are subject to the usual escaping
+   * options.
+   *)
+
+  ASN1_STRFLGS_DUMP_ALL = $80;
+  ASN1_STRFLGS_DUMP_UNKNOWN = $100;
+
+  (*
+   * These determine what 'dumping' does, we can dump the content octets or the
+   * DER encoding: both use the RFC2253 #XXXXX notation.
+   *)
+
+  ASN1_STRFLGS_DUMP_DER = $200;
+
+  (*
+   * This flag specifies that RC2254 escaping shall be performed.
+   *)
+
+  ASN1_STRFLGS_ESC_2254 = $400;
+
+  (*
+   * All the string flags consistent with RFC2253, escaping control characters
+   * isn't essential in RFC2253 but it is advisable anyway.
+   *)
+
+  ASN1_STRFLGS_RFC2253 = ASN1_STRFLGS_ESC_2253 or ASN1_STRFLGS_ESC_CTRL or
+    ASN1_STRFLGS_ESC_MSB or ASN1_STRFLGS_UTF8_CONVERT or
+    ASN1_STRFLGS_DUMP_UNKNOWN or ASN1_STRFLGS_DUMP_DER;
+
+  B_ASN1_TIME = B_ASN1_UTCTIME or B_ASN1_GENERALIZEDTIME;
+
+  B_ASN1_PRINTABLE = B_ASN1_NUMERICSTRING or B_ASN1_PRINTABLESTRING or
+    B_ASN1_T61STRING or B_ASN1_IA5STRING or B_ASN1_BIT_STRING or
+    B_ASN1_UNIVERSALSTRING or B_ASN1_BMPSTRING or B_ASN1_UTF8STRING or
+    B_ASN1_SEQUENCE or B_ASN1_UNKNOWN;
+
+  B_ASN1_DIRECTORYSTRING = B_ASN1_PRINTABLESTRING or B_ASN1_TELETEXSTRING or
+    B_ASN1_BMPSTRING or B_ASN1_UNIVERSALSTRING or B_ASN1_UTF8STRING;
+
+  B_ASN1_DISPLAYTEXT = B_ASN1_IA5STRING or B_ASN1_VISIBLESTRING or
+    B_ASN1_BMPSTRING or B_ASN1_UTF8STRING;
+
+  (* ASN1 Print flags *)
+  (* Indicate missing OPTIONAL fields *)
+  ASN1_PCTX_FLAGS_SHOW_ABSENT = $001;
+  (* Mark start and end of SEQUENCE *)
+  ASN1_PCTX_FLAGS_SHOW_SEQUENCE = $002;
+  (* Mark start and end of SEQUENCE/SET OF *)
+  ASN1_PCTX_FLAGS_SHOW_SSOF = $004;
+  (* Show the ASN1 type of primitives *)
+  ASN1_PCTX_FLAGS_SHOW_TYPE = $008;
+  (* Don't show ASN1 type of ANY *)
+  ASN1_PCTX_FLAGS_NO_ANY_TYPE = $010;
+  (* Don't show ASN1 type of MSTRINGs *)
+  ASN1_PCTX_FLAGS_NO_MSTRING_TYPE = $020;
+  (* Don't show field names in SEQUENCE *)
+  ASN1_PCTX_FLAGS_NO_FIELD_NAME = $040;
+  (* Show structure names of each SEQUENCE field *)
+  ASN1_PCTX_FLAGS_SHOW_FIELD_STRUCT_NAME = $080;
+  (* Don't show structure name even at top level *)
+  ASN1_PCTX_FLAGS_NO_STRUCT_NAME = $100;
+
+type
+// Moved to ossl_type to prevent circular references
+///(* This is the base type that holds just about everything :-) *)
+//  asn1_string_st = record
+//    length: TIdC_int;
+//    &type: TIdC_int;
+//    data: PByte;
+//    (*
+//     * The value of the following field depends on the type being held.  It
+//     * is mostly being used for BIT_STRING so if the input data has a
+//     * non-zero 'unused bits' value, it will be handled correctly
+//     *)
+//    flags: TIdC_long;
+//  end;
+
+  (*
+   * ASN1_ENCODING structure: this is used to save the received encoding of an
+   * ASN1 type. This is useful to get round problems with invalid encodings
+   * which can break signatures.
+   *)
+
+  ASN1_ENCODING_st = record
+    enc: PIdAnsiChar;           (* DER encoding *)
+    len: TIdC_LONG;                     (* Length of encoding *)
+    modified: TIdC_INT;                 (* set to 1 if 'enc' is invalid *)
+  end;
+  ASN1_ENCODING = ASN1_ENCODING_st;
+
+  asn1_string_table_st = record
+    nid: TIdC_INT;
+    minsize: TIdC_LONG;
+    maxsize: TIdC_LONG;
+    mask: TIdC_ULONG;
+    flags: TIdC_ULONG;
+  end;
+  ASN1_STRING_TABLE = asn1_string_table_st;
+  PASN1_STRING_TABLE = ^ASN1_STRING_TABLE;
+
+// DEFINE_STACK_OF(ASN1_STRING_TABLE)
+
+  (*                  !!!
+   * Declarations for template structures: for full definitions see asn1t.h
+   *)
+  (* This is just an opaque pointer *)
+// typedef struct ASN1_VALUE_st ASN1_VALUE;
+
+  (* Declare ASN1 functions: the implement macro in in asn1t.h *)
+
+//# define DECLARE_ASN1_FUNCTIONS(type) DECLARE_ASN1_FUNCTIONS_name(type, type)
+//
+//# define DECLARE_ASN1_ALLOC_FUNCTIONS(type) \
+//        DECLARE_ASN1_ALLOC_FUNCTIONS_name(type, type)
+//
+//# define DECLARE_ASN1_FUNCTIONS_name(type, name) \
+//        DECLARE_ASN1_ALLOC_FUNCTIONS_name(type, name) \
+//        DECLARE_ASN1_ENCODE_FUNCTIONS(type, name, name)
+//
+//# define DECLARE_ASN1_FUNCTIONS_fname(type, itname, name) \
+//        DECLARE_ASN1_ALLOC_FUNCTIONS_name(type, name) \
+//        DECLARE_ASN1_ENCODE_FUNCTIONS(type, itname, name)
+//
+//# define DECLARE_ASN1_ENCODE_FUNCTIONS(type, itname, name) \
+//        type *d2i_##name(type **a, const unsigned char **in, long len); \
+//        int i2d_##name(type *a, unsigned char **out); \
+//        DECLARE_ASN1_ITEM(itname)
+//
+//# define DECLARE_ASN1_ENCODE_FUNCTIONS_const(type, name) \
+//        type *d2i_##name(type **a, const unsigned char **in, long len); \
+//        int i2d_##name(const type *a, unsigned char **out); \
+//        DECLARE_ASN1_ITEM(name)
+//
+//# define DECLARE_ASN1_NDEF_FUNCTION(name) \
+//        int i2d_##name##_NDEF(name *a, unsigned char **out);
+//
+//# define DECLARE_ASN1_FUNCTIONS_const(name) \
+//        DECLARE_ASN1_ALLOC_FUNCTIONS(name) \
+//        DECLARE_ASN1_ENCODE_FUNCTIONS_const(name, name)
+//
+//# define DECLARE_ASN1_ALLOC_FUNCTIONS_name(type, name) \
+//        type *name##_new(void); \
+//        void name##_free(type *a);
+//
+//# define DECLARE_ASN1_PRINT_FUNCTION(stname) \
+//        DECLARE_ASN1_PRINT_FUNCTION_fname(stname, stname)
+//
+//# define DECLARE_ASN1_PRINT_FUNCTION_fname(stname, fname) \
+//        int fname##_print_ctx(BIO *out, stname *x, int indent, \
+//                                         const ASN1_PCTX *pctx);
+//
+//# define D2I_OF(type) type *(*)(type **,const unsigned char **,long)
+//# define I2D_OF(type) int (*)(type *,unsigned char **)
+//# define I2D_OF_const(type) int (*)(const type *,unsigned char **)
+//
+//# define CHECKED_D2I_OF(type, d2i) \
+//    ((d2i_of_void*) (1 ? d2i : ((D2I_OF(type))0)))
+//# define CHECKED_I2D_OF(type, i2d) \
+//    ((i2d_of_void*) (1 ? i2d : ((I2D_OF(type))0)))
+//# define CHECKED_NEW_OF(type, xnew) \
+//    ((void *(*)(void)) (1 ? xnew : ((type *(*)(void))0)))
+//# define CHECKED_PTR_OF(type, p) \
+//    ((void*) (1 ? p : (type*)0))
+//# define CHECKED_PPTR_OF(type, p) \
+//    ((void**) (1 ? p : (type**)0))
+//
+//# define TYPEDEF_D2I_OF(type) typedef type *d2i_of_##type(type **,const unsigned char **,long)
+//# define TYPEDEF_I2D_OF(type) typedef int i2d_of_##type(type *,unsigned char **)
+//# define TYPEDEF_D2I2D_OF(type) TYPEDEF_D2I_OF(type); TYPEDEF_I2D_OF(type)
+//
+//TYPEDEF_D2I2D_OF(void);
+
+  (*-
+   * The following macros and typedefs allow an ASN1_ITEM
+   * to be embedded in a structure and referenced. Since
+   * the ASN1_ITEM pointers need to be globally accessible
+   * (possibly from shared libraries) they may exist in
+   * different forms. On platforms that support it the
+   * ASN1_ITEM structure itself will be globally exported.
+   * Other platforms will export a function that returns
+   * an ASN1_ITEM pointer.
+   *
+   * To handle both cases transparently the macros below
+   * should be used instead of hard coding an ASN1_ITEM
+   * pointer in a structure.
+   *
+   * The structure will look like this:
+   *
+   * typedef struct SOMETHING_st {
+   *      ...
+   *      ASN1_ITEM_EXP *iptr;
+   *      ...
+   * } SOMETHING;
+   *
+   * It would be initialised as e.g.:
+   *
+   * SOMETHING somevar = {...,ASN1_ITEM_ref(X509),...};
+   *
+   * and the actual pointer extracted with:
+   *
+   * const ASN1_ITEM *it = ASN1_ITEM_ptr(somevar.iptr);
+   *
+   * Finally an ASN1_ITEM pointer can be extracted from an
+   * appropriate reference with: ASN1_ITEM_rptr(X509). This
+   * would be used when a function takes an ASN1_ITEM * argument.
+   *
+   *)
+		
+// # ifndef OPENSSL_EXPORT_VAR_AS_FUNCTION
+
+///(* ASN1_ITEM pointer exported type *)
+//typedef const ASN1_ITEM ASN1_ITEM_EXP;
+//
+///(* Macro to obtain ASN1_ITEM pointer from exported type *)
+//#  define ASN1_ITEM_ptr(iptr) (iptr)
+//
+// (* Macro to include ASN1_ITEM pointer from base type *)
+//#  define ASN1_ITEM_ref(iptr) (&(iptr##_it))
+//
+//#  define ASN1_ITEM_rptr(ref) (&(ref##_it))
+//
+//#  define DECLARE_ASN1_ITEM(name) \
+//        OPENSSL_EXTERN const ASN1_ITEM name##_it;
+//
+//# else
+
+// (*
+// * Platforms that can't easily handle shared global variables are declared as
+// * functions returning ASN1_ITEM pointers.
+// *)
+
+///(* ASN1_ITEM pointer exported type *)
+//typedef const ASN1_ITEM *ASN1_ITEM_EXP (void);
+//
+///(* Macro to obtain ASN1_ITEM pointer from exported type *)
+//#  define ASN1_ITEM_ptr(iptr) (iptr())
+//
+///(* Macro to include ASN1_ITEM pointer from base type *)
+//#  define ASN1_ITEM_ref(iptr) (iptr##_it)
+//
+//#  define ASN1_ITEM_rptr(ref) (ref##_it())
+//
+//#  define DECLARE_ASN1_ITEM(name) \
+//        const ASN1_ITEM * name##_it(void);
+//
+//# endif
+
+//DEFINE_STACK_OF(ASN1_INTEGER)
+//
+//DEFINE_STACK_OF(ASN1_GENERALSTRING)
+//
+//DEFINE_STACK_OF(ASN1_UTF8STRING)
+
+//DEFINE_STACK_OF(ASN1_TYPE)
+//
+//typedef STACK_OF(ASN1_TYPE) ASN1_SEQUENCE_ANY;
+//
+//DECLARE_ASN1_ENCODE_FUNCTIONS_const(ASN1_SEQUENCE_ANY, ASN1_SEQUENCE_ANY)
+//DECLARE_ASN1_ENCODE_FUNCTIONS_const(ASN1_SEQUENCE_ANY, ASN1_SET_ANY)
+
+  (* This is used to contain a list of bit names *)
+
+  BIT_STRING_BITNAME_st = record
+    bitnum: TIdC_INT;
+    lname: PIdAnsiChar;
+    sname: PIdAnsiChar;
+  end;
+  BIT_STRING_BITNAME = BIT_STRING_BITNAME_st;
+  PBIT_STRING_BITNAME = ^BIT_STRING_BITNAME;
+
+var
+// DECLARE_ASN1_FUNCTIONS_fname(ASN1_TYPE, ASN1_ANY, ASN1_TYPE)
+  function ASN1_TYPE_get(const a: PASN1_TYPE): TIdC_INT;
+  procedure ASN1_TYPE_set(a: PASN1_TYPE; &type: TIdC_INT; value: Pointer);
+  function ASN1_TYPE_set1(a: PASN1_TYPE; &type: TIdC_INT; const value: Pointer): TIdC_INT;
+  function ASN1_TYPE_cmp(const a: PASN1_TYPE; const b: PASN1_TYPE): TIdC_INT;
+
+  function ASN1_TYPE_pack_sequence(const it: PASN1_ITEM; s: Pointer; t: PPASN1_TYPE): PASN1_TYPE;
+  function ASN1_TYPE_unpack_sequence(const it: PASN1_ITEM; const t: PASN1_TYPE): Pointer;
+
+  function ASN1_OBJECT_new: PASN1_OBJECT;
+  procedure ASN1_OBJECT_free(a: PASN1_OBJECT);
+  function i2d_ASN1_OBJECT(const a: PASN1_OBJECT; pp: PPByte): TIdC_INT;
+  function d2i_ASN1_OBJECT(a: PPASN1_OBJECT; const pp: PPByte; length: TIdC_LONG): PASN1_OBJECT;
+
+  //DECLARE_ASN1_ITEM(ASN1_OBJECT)
+  //
+  //DEFINE_STACK_OF(ASN1_OBJECT)
+
+  function ASN1_STRING_new: PASN1_STRING;
+  procedure ASN1_STRING_free(a: PASN1_STRING);
+  procedure ASN1_STRING_clear_free(a: PASN1_STRING);
+  function ASN1_STRING_copy(dst: PASN1_STRING; const str: PASN1_STRING): TIdC_INT;
+  function ASN1_STRING_dup(const a: PASN1_STRING): PASN1_STRING;
+  function ASN1_STRING_type_new(&type: TIdC_INT): PASN1_STRING;
+  function ASN1_STRING_cmp(const a: PASN1_STRING; const b: PASN1_STRING): TIdC_INT;
+
+  (*
+   * Since this is used to store all sorts of things, via macros, for now,
+   * make its data void *
+   *)
+  function ASN1_STRING_set(str: PASN1_STRING; const data: Pointer; len: TIdC_INT): TIdC_INT;
+  procedure ASN1_STRING_set0(str: PASN1_STRING; data: Pointer; len: TIdC_INT);
+  function ASN1_STRING_length(const x: PASN1_STRING): TIdC_INT;
+  procedure ASN1_STRING_length_set(x: PASN1_STRING; n: TIdC_INT);
+  function ASN1_STRING_type(const x: PASN1_STRING): TIdC_INT;
+  function ASN1_STRING_get0_data(const x: PASN1_STRING): PByte;
+
+  //DECLARE_ASN1_FUNCTIONS(ASN1_BIT_STRING)
+  function ASN1_BIT_STRING_set(a: PASN1_BIT_STRING; d: PByte; length: TIdC_INT): TIdC_INT;
+  function ASN1_BIT_STRING_set_bit(a: PASN1_BIT_STRING; n: TIdC_INT; value: TIdC_INT): TIdC_INT;
+  function ASN1_BIT_STRING_get_bit(const a: PASN1_BIT_STRING; n: TIdC_INT): TIdC_INT;
+  function ASN1_BIT_STRING_check(const a: PASN1_BIT_STRING; const flags: PByte; flags_len: TIdC_INT): TIdC_INT;
+
+  function ASN1_BIT_STRING_name_print(&out: PBIO; bs: PASN1_BIT_STRING; tbl: PBIT_STRING_BITNAME; indent: TIdC_INT): TIdC_INT;
+  function ASN1_BIT_STRING_num_asc(const name: PIdAnsiChar; tbl: PBIT_STRING_BITNAME): TIdC_INT;
+  function ASN1_BIT_STRING_set_asc(bs: PASN1_BIT_STRING; const name: PIdAnsiChar; value: TIdC_INT; tbl: PBIT_STRING_BITNAME): TIdC_INT;
+
+  //DECLARE_ASN1_FUNCTIONS(ASN1_INTEGER)
+  function d2i_ASN1_UINTEGER(a: PPASN1_INTEGER; const pp: PPByte; length: TIdC_LONG): PASN1_INTEGER;
+  function ASN1_INTEGER_dup(const x: PASN1_INTEGER): PASN1_INTEGER;
+  function ASN1_INTEGER_cmp(const x: PASN1_INTEGER; const y: PASN1_INTEGER): TIdC_INT;
+
+  // DECLARE_ASN1_FUNCTIONS(ASN1_ENUMERATED)
+
+  function ASN1_UTCTIME_check(const a: PASN1_UTCTIME): TIdC_INT;
+  function ASN1_UTCTIME_set(s: PASN1_UTCTIME; t: TIdC_TIMET): PASN1_UTCTIME;
+  function ASN1_UTCTIME_adj(s: PASN1_UTCTIME; t: TIdC_TIMET; offset_day: TIdC_INT; offset_sec: TIdC_LONG): PASN1_UTCTIME;
+  function ASN1_UTCTIME_set_string(s: PASN1_UTCTIME; const str: PAnsiChar): TIdC_INT;
+  function ASN1_UTCTIME_cmp_time_t(const s: PASN1_UTCTIME; t: TIdC_TIMET): TIdC_INT;
+
+  function ASN1_GENERALIZEDTIME_check(const a: PASN1_GENERALIZEDTIME): TIdC_INT;
+  function ASN1_GENERALIZEDTIME_set(s: PASN1_GENERALIZEDTIME; t: TIdC_TIMET): PASN1_GENERALIZEDTIME;
+  function ASN1_GENERALIZEDTIME_adj(s: PASN1_GENERALIZEDTIME; t: TIdC_TIMET; offset_day: TIdC_INT; offset_sec: TIdC_LONG): PASN1_GENERALIZEDTIME;
+  function ASN1_GENERALIZEDTIME_set_string(s: pASN1_GENERALIZEDTIME; const str: PAnsiChar): TIdC_INT;
+
+  function ASN1_TIME_diff(pday: PIdC_INT; psec: PIdC_INT; const from: PASN1_TIME; const &to: PASN1_TIME): TIdC_INT;
+
+  // DECLARE_ASN1_FUNCTIONS(ASN1_OCTET_STRING)
+  function ASN1_OCTET_STRING_dup(const a: PASN1_OCTET_STRING): PASN1_OCTET_STRING;
+  function ASN1_OCTET_STRING_cmp(const a: PASN1_OCTET_STRING; const b: PASN1_OCTET_STRING): TIdC_INT;
+  function ASN1_OCTET_STRING_set(str: PASN1_OCTET_STRING; const data: PByte; len: TIdC_INT): TIdC_INT;
+
+  //DECLARE_ASN1_FUNCTIONS(ASN1_VISIBLESTRING)
+  //DECLARE_ASN1_FUNCTIONS(ASN1_UNIVERSALSTRING)
+  //DECLARE_ASN1_FUNCTIONS(ASN1_UTF8STRING)
+  //DECLARE_ASN1_FUNCTIONS(ASN1_NULL)
+  //DECLARE_ASN1_FUNCTIONS(ASN1_BMPSTRING)
+
+  function UTF8_getc(const str: PByte; len: TIdC_INT; val: PIdC_ULONG): TIdC_INT;
+  function UTF8_putc(str: PIdAnsiChar; len: TIdC_INT; value: TIdC_ULONG): TIdC_INT;
+
+  //DECLARE_ASN1_FUNCTIONS_name(ASN1_STRING, ASN1_PRINTABLE)
+  //
+  //DECLARE_ASN1_FUNCTIONS_name(ASN1_STRING, DIRECTORYSTRING)
+  //DECLARE_ASN1_FUNCTIONS_name(ASN1_STRING, DISPLAYTEXT)
+  //DECLARE_ASN1_FUNCTIONS(ASN1_PRINTABLESTRING)
+  //DECLARE_ASN1_FUNCTIONS(ASN1_T61STRING)
+  //DECLARE_ASN1_FUNCTIONS(ASN1_IA5STRING)
+  //DECLARE_ASN1_FUNCTIONS(ASN1_GENERALSTRING)
+  //DECLARE_ASN1_FUNCTIONS(ASN1_UTCTIME)
+  //DECLARE_ASN1_FUNCTIONS(ASN1_GENERALIZEDTIME)
+  //DECLARE_ASN1_FUNCTIONS(ASN1_TIME)
+
+  // DECLARE_ASN1_ITEM(ASN1_OCTET_STRING_NDEF)
+
+  function ASN1_TIME_set(s: PASN1_TIME; t: TIdC_TIMET): PASN1_TIME;
+  function ASN1_TIME_adj(s: PASN1_TIME; t: TIdC_TIMET; offset_day: TIdC_INT; offset_sec: TIdC_LONG): PASN1_TIME;
+  function ASN1_TIME_check(const t: PASN1_TIME): TIdC_INT;
+  function ASN1_TIME_to_generalizedtime(const t: PASN1_TIME; &out: PPASN1_GENERALIZEDTIME): PASN1_GENERALIZEDTIME;
+  function ASN1_TIME_set_string(s: PASN1_TIME; const str: PIdAnsiChar): TIdC_INT;
+  function ASN1_TIME_set_string_X509(s: PASN1_TIME; const str: PIdAnsiChar): TIdC_INT;
+  function ASN1_TIME_to_tm(const s: PASN1_TIME; tm: PIdC_TM): TIdC_INT;
+  function ASN1_TIME_normalize(s: PASN1_TIME): TIdC_INT;
+  function ASN1_TIME_cmp_time_t(const s: PASN1_TIME; t: TIdC_TIMET): TIdC_INT;
+  function ASN1_TIME_compare(const a: PASN1_TIME; const b: PASN1_TIME): TIdC_INT;
+
+  function i2a_ASN1_INTEGER(bp: PBIO; const a: PASN1_INTEGER): TIdC_INT;
+  function a2i_ASN1_INTEGER(bp: PBIO; bs: PASN1_INTEGER; buf: PIdAnsiChar; size: TIdC_INT): TIdC_INT;
+  function i2a_ASN1_ENUMERATED(bp: PBIO; const a: PASN1_ENUMERATED): TIdC_INT;
+  function a2i_ASN1_ENUMERATED(bp: PBIO; bs: PASN1_ENUMERATED; buf: PIdAnsiChar; size: TIdC_INT): TIdC_INT;
+  function i2a_ASN1_OBJECT(bp: PBIO; const a: PASN1_OBJECT): TIdC_INT;
+  function a2i_ASN1_STRING(bp: PBIO; bs: PASN1_STRING; buf: PAnsiChar; size: TIdC_INT): TIdC_INT;
+  function i2a_ASN1_STRING(bp: PBIO; const a: PASN1_STRING; &type: TIdC_INT): TIdC_INT;
+  function i2t_ASN1_OBJECT(buf: PAnsiChar; buf_len: TIdC_INT; const a: PASN1_OBJECT): TIdC_INT;
+
+  function a2d_ASN1_OBJECT(&out: PByte; olen: TIdC_INT; const buf: PIdAnsiChar; num: TIdC_INT): TIdC_INT;
+  function ASN1_OBJECT_create(nid: TIdC_INT; data: PByte; len: TIdC_INT; const sn: PAnsiChar; const ln: PAnsiChar): PASN1_OBJECT;
+
+  function ASN1_INTEGER_get_int64(pr: PIdC_Int64; const a: PASN1_INTEGER): TIdC_INT;
+  function ASN1_INTEGER_set_int64(a: PASN1_INTEGER; r: TIdC_Int64): TIdC_INT;
+  function ASN1_INTEGER_get_uint64(pr: PIdC_UInt64; const a: PASN1_INTEGER): TIdC_INT;
+  function ASN1_INTEGER_set_uint64(a: PASN1_INTEGER; r: TIdC_UInt64): TIdC_INT;
+
+  function ASN1_INTEGER_set(a: PASN1_INTEGER; v: TIdC_LONG): TIdC_INT;
+  function ASN1_INTEGER_get(const a: PASN1_INTEGER): TIdC_LONG;
+  function BN_to_ASN1_INTEGER(const bn: PBIGNUM; ai: PASN1_INTEGER): PASN1_INTEGER;
+  function ASN1_INTEGER_to_BN(const ai: PASN1_INTEGER; bn: PBIGNUM): PBIGNUM;
+
+  function ASN1_ENUMERATED_get_int64(pr: PIdC_Int64; const a: PASN1_ENUMERATED): TIdC_INT;
+  function ASN1_ENUMERATED_set_int64(a: PASN1_ENUMERATED; r: TIdC_Int64): TIdC_INT;
+
+
+  function ASN1_ENUMERATED_set(a: PASN1_ENUMERATED; v: TIdC_LONG): TIdC_INT;
+  function ASN1_ENUMERATED_get(const a: PASN1_ENUMERATED): TIdC_LONG;
+  function BN_to_ASN1_ENUMERATED(const bn: PBIGNUM; ai: PASN1_ENUMERATED): PASN1_ENUMERATED;
+  function ASN1_ENUMERATED_to_BN(const ai: PASN1_ENUMERATED; bn: PBIGNUM): PBIGNUM;
+
+  (* General *)
+  (* given a string, return the correct type, max is the maximum length *)
+  function ASN1_PRINTABLE_type(const s: PByte; max: TIdC_INT): TIdC_INT;
+
+  function ASN1_tag2bit(tag: TIdC_INT): TIdC_ULONG;
+
+  (* SPECIALS *)
+  function ASN1_get_object(const pp: PPByte; plength: PIdC_LONG; ptag: PIdC_INT; pclass: PIdC_INT; omax: TIdC_LONG): TIdC_INT;
+  function ASN1_check_infinite_end(p: PPByte; len: TIdC_LONG): TIdC_INT;
+  function ASN1_const_check_infinite_end(const p: PPByte; len: TIdC_LONG): TIdC_INT;
+  procedure ASN1_put_object(pp: PPByte; constructed: TIdC_INT; length: TIdC_INT; tag: TIdC_INT; xclass: TIdC_INT);
+  function ASN1_put_eoc(pp: PPByte): TIdC_INT;
+  function ASN1_object_size(constructed: TIdC_INT; length: TIdC_INT; tag: TIdC_INT): TIdC_INT;
+
+  (* Used to implement other functions *)
+  //void *ASN1_dup(i2d_of_void *i2d, d2i_of_void *d2i, void *x);
+  //
+  //# define ASN1_dup_of(type,i2d,d2i,x) \
+  //    ((type*)ASN1_dup(CHECKED_I2D_OF(type, i2d), \
+  //                     CHECKED_D2I_OF(type, d2i), \
+  //                     CHECKED_PTR_OF(type, x)))
+  //
+  //# define ASN1_dup_of_const(type,i2d,d2i,x) \
+  //    ((type*)ASN1_dup(CHECKED_I2D_OF(const type, i2d), \
+  //                     CHECKED_D2I_OF(type, d2i), \
+  //                     CHECKED_PTR_OF(const type, x)))
+  //
+  function ASN1_item_dup(const it: PASN1_ITEM; x: Pointer): Pointer;
+
+    (* ASN1 alloc/free macros for when a type is only used internally *)
+
+  //# define M_ASN1_new_of(type) (type *)ASN1_item_new(ASN1_ITEM_rptr(type))
+  //# define M_ASN1_free_of(x, type) \
+  //                ASN1_item_free(CHECKED_PTR_OF(type, x), ASN1_ITEM_rptr(type))
+  //
+  //# ifndef OPENSSL_NO_STDIO
+  //void *ASN1_d2i_fp(void *(*xnew) (void), d2i_of_void *d2i, FILE *in, void **x);
+
+  //#  define ASN1_d2i_fp_of(type,xnew,d2i,in,x) \
+  //    ((type*)ASN1_d2i_fp(CHECKED_NEW_OF(type, xnew), \
+  //                        CHECKED_D2I_OF(type, d2i), \
+  //                        in, \
+  //                        CHECKED_PPTR_OF(type, x)))
+  //
+  //function ASN1_item_d2i_fp(const it: PASN1_ITEM; &in: PFILE; x: Pointer): Pointer;
+  //function ASN1_i2d_fp(i2d: Pi2d_of_void; &out: PFILE; x: Pointer): TIdC_INT;
+  //
+  //#  define ASN1_i2d_fp_of(type,i2d,out,x) \
+  //    (ASN1_i2d_fp(CHECKED_I2D_OF(type, i2d), \
+  //                 out, \
+  //                 CHECKED_PTR_OF(type, x)))
+  //
+  //#  define ASN1_i2d_fp_of_const(type,i2d,out,x) \
+  //    (ASN1_i2d_fp(CHECKED_I2D_OF(const type, i2d), \
+  //                 out, \
+  //                 CHECKED_PTR_OF(const type, x)))
+  //
+  //function ASN1_item_i2d_fp(const it: PASN1_ITEM; &out: PFILE; x: Pointer): TIdC_INT;
+  //function ASN1_STRING_print_ex_fp(&fp: PFILE; const str: PASN1_STRING; flags: TIdC_ULONG): TIdC_INT;
+  //# endif
+
+  function ASN1_STRING_to_UTF8(&out: PPByte; const &in: PASN1_STRING): TIdC_INT;
+
+  //void *ASN1_d2i_bio(void *(*xnew) (void), d2i_of_void *d2i, BIO *in, void **x);
+
+  //#  define ASN1_d2i_bio_of(type,xnew,d2i,in,x) \
+  //    ((type*)ASN1_d2i_bio( CHECKED_NEW_OF(type, xnew), \
+  //                          CHECKED_D2I_OF(type, d2i), \
+  //                          in, \
+  //                          CHECKED_PPTR_OF(type, x)))
+
+  function ASN1_item_d2i_bio(const it: PASN1_ITEM; &in: PBIO; x: Pointer): Pointer;
+  function ASN1_i2d_bio(i2d: Pi2d_of_void; &out: PBIO; x: PByte): TIdC_INT;
+
+  //#  define ASN1_i2d_bio_of(type,i2d,out,x) \
+  //    (ASN1_i2d_bio(CHECKED_I2D_OF(type, i2d), \
+  //                  out, \
+  //                  CHECKED_PTR_OF(type, x)))
+  //
+  //#  define ASN1_i2d_bio_of_const(type,i2d,out,x) \
+  //    (ASN1_i2d_bio(CHECKED_I2D_OF(const type, i2d), \
+  //                  out, \
+  //                  CHECKED_PTR_OF(const type, x)))
+
+  function ASN1_item_i2d_bio(const it: PASN1_ITEM; &out: PBIO; x: Pointer): TIdC_INT;
+  function ASN1_UTCTIME_print(fp: PBIO; const a: PASN1_UTCTIME): TIdC_INT;
+  function ASN1_GENERALIZEDTIME_print(fp: PBIO; const a: PASN1_GENERALIZEDTIME): TIdC_INT;
+  function ASN1_TIME_print(fp: PBIO; const a: PASN1_TIME): TIdC_INT;
+  function ASN1_STRING_print(bp: PBIO; const v: PASN1_STRING): TIdC_INT;
+  function ASN1_STRING_print_ex(&out: PBIO; const str: PASN1_STRING; flags: TIdC_ULONG): TIdC_INT;
+  function ASN1_buf_print(bp: PBIO; const buf: PByte; buflen: TIdC_SIZET; off: TIdC_INT): TIdC_INT;
+  function ASN1_bn_print(bp: PBIO; const number: PIdAnsiChar; const num: PBIGNUM; buf: PByte; off: TIdC_INT): TIdC_INT;
+  function ASN1_parse(bp: PBIO; const pp: PByte; len: TIdC_LONG; indent: TIdC_INT): TIdC_INT;
+  function ASN1_parse_dump(bp: PPBIO; const pp: PByte; len: TIdC_LONG; indent: TIdC_INT; dump: TIdC_INT): TIdC_INT;
+  function ASN1_tag2str(tag: TIdC_INT): PIdAnsiChar;
+
+  (* Used to load and write Netscape format cert *)
+
+  function ASN1_UNIVERSALSTRING_to_string(s: PASN1_UNIVERSALSTRING): TIdC_INT;
+
+  function ASN1_TYPE_set_octetstring(a: PASN1_TYPE; data: PByte; len: TIdC_INT): TIdC_INT;
+  function ASN1_TYPE_get_octetstring(const a: PASN1_TYPE; data: PByte; max_len: TIdC_INT): TIdC_INT;
+  function ASN1_TYPE_set_int_octetstring(a: PASN1_TYPE; num: TIdC_LONG; data: PByte; len: TIdC_INT): TIdC_INT;
+  function ASN1_TYPE_get_int_octetstring(const a: PASN1_TYPE; num: PIdC_LONG; data: PByte; max_len: TIdC_INT): TIdC_INT;
+
+  function ASN1_item_unpack(const oct: PASN1_STRING; const it: PASN1_ITEM): Pointer;
+
+  function ASN1_item_pack(obj: Pointer; const it: PASN1_ITEM; oct: PPASN1_OCTET_STRING): PASN1_STRING;
+
+  procedure ASN1_STRING_set_default_mask(mask: TIdC_ULONG);
+  function ASN1_STRING_set_default_mask_asc(const p: PAnsiChar): TIdC_INT;
+  function ASN1_STRING_get_default_mask: TIdC_ULONG;
+  function ASN1_mbstring_copy(&out: PPASN1_STRING; const &in: PByte; len: TIdC_INT; inform: TIdC_INT; mask: TIdC_ULONG): TIdC_INT;
+  function ASN1_mbstring_ncopy(&out: PPASN1_STRING; const &in: PByte; len: TIdC_INT; inform: TIdC_INT; mask: TIdC_ULONG; minsize: TIdC_LONG; maxsize: TIdC_LONG): TIdC_INT;
+
+  function ASN1_STRING_set_by_NID(&out: PPASN1_STRING; const &in: PByte; inlen: TIdC_INT; inform: TIdC_INT; nid: TIdC_INT): PASN1_STRING;
+  function ASN1_STRING_TABLE_get(nid: TIdC_INT): PASN1_STRING_TABLE;
+  function ASN1_STRING_TABLE_add(v1: TIdC_INT; v2: TIdC_LONG; v3: TIdC_LONG; v4: TIdC_ULONG; v5: TIdC_ULONG): TIdC_INT;
+  procedure ASN1_STRING_TABLE_cleanup;
+
+  (* ASN1 template functions *)
+
+  (* Old API compatible functions *)
+  function ASN1_item_new(const it: PASN1_ITEM): PASN1_VALUE;
+  procedure ASN1_item_free(val: PASN1_VALUE; const it: PASN1_ITEM);
+  function ASN1_item_d2i(val: PPASN1_VALUE; const &in: PPByte; len: TIdC_LONG; const it: PASN1_ITEM): PASN1_VALUE;
+  function ASN1_item_i2d(val: PASN1_VALUE; &out: PPByte; const it: PASN1_ITEM): TIdC_INT;
+  function ASN1_item_ndef_i2d(val: PASN1_VALUE; &out: PPByte; const it: PASN1_ITEM): TIdC_INT;
+
+  procedure ASN1_add_oid_module;
+  procedure ASN1_add_stable_module;
+
+  function ASN1_generate_nconf(const str: PAnsiChar; nconf: PCONF): PASN1_TYPE;
+  function ASN1_generate_v3(const str: PAnsiChar; cnf: PX509V3_CTX): PASN1_TYPE;
+  function ASN1_str2mask(const str: PByte; pmask: PIdC_ULONG): TIdC_INT;
+
+  function ASN1_item_print(&out: PBIO; ifld: PASN1_VALUE; indent: TIdC_INT; const it: PASN1_ITEM; const pctx: PASN1_PCTX): TIdC_INT;
+  function ASN1_PCTX_new: PASN1_PCTX;
+  procedure ASN1_PCTX_free(p: PASN1_PCTX);
+  function ASN1_PCTX_get_flags(const p: PASN1_PCTX): TIdC_ULONG;
+  procedure ASN1_PCTX_set_flags(p: PASN1_PCTX; flags: TIdC_ULONG);
+  function ASN1_PCTX_get_nm_flags(const p: PASN1_PCTX): TIdC_ULONG;
+  procedure ASN1_PCTX_set_nm_flags(p: PASN1_PCTX; flags: TIdC_ULONG);
+  function ASN1_PCTX_get_cert_flags(const p: PASN1_PCTX): TIdC_ULONG;
+  procedure ASN1_PCTX_set_cert_flags(p: PASN1_PCTX; flags: TIdC_ULONG);
+  function ASN1_PCTX_get_oid_flags(const p: PASN1_PCTX): TIdC_ULONG;
+  procedure ASN1_PCTX_set_oid_flags(p: PASN1_PCTX; flags: TIdC_ULONG);
+  function ASN1_PCTX_get_str_flags(const p: PASN1_PCTX): TIdC_ULONG;
+  procedure ASN1_PCTX_set_str_flags(p: PASN1_PCTX; flags: TIdC_ULONG);
+
+  //ASN1_SCTX *ASN1_SCTX_new(int (*scan_cb) (ASN1_SCTX *ctx));
+  procedure ASN1_SCTX_free(p: PASN1_SCTX);
+  function ASN1_SCTX_get_item(p: PASN1_SCTX): PASN1_ITEM;
+  function ASN1_SCTX_get_template(p: PASN1_SCTX): PASN1_TEMPLATE;
+  function ASN1_SCTX_get_flags(p: PASN1_SCTX): TIdC_ULONG;
+  procedure ASN1_SCTX_set_app_data(p: PASN1_SCTX; data: Pointer);
+  function ASN1_SCTX_get_app_data(p: PASN1_SCTX): Pointer;
+
+  function BIO_f_asn1: PBIO_METHOD;
+
+  function BIO_new_NDEF(&out: PBIO; val: PASN1_VALUE; const it: PASN1_ITEM): PBIO;
+
+  function i2d_ASN1_bio_stream(&out: PBIO; val: PASN1_VALUE; &in: PBIO; flags: TIdC_INT; const it: PASN1_ITEM): TIdC_INT;
+  function PEM_write_bio_ASN1_stream(&out: PBIO; val: PASN1_VALUE; &in: PBIO; flags: TIdC_INT; const hdr: PAnsiChar; const it: PASN1_ITEM): TIdC_INT;
+  //function SMIME_write_ASN1(bio: PBIO; val: PASN1_VALUE; data: PBIO; flags: TIdC_INT;
+  //                     ctype_nid: TIdC_INT; econt_nid: TIdC_INT;
+  //                     STACK_OF(X509_ALGOR) *mdalgs, const ASN1_ITEM *it): TIdC_INT;
+  function SMIME_read_ASN1(bio: PBIO; bcont: PPBIO; const it: PASN1_ITEM): PASN1_VALUE;
+  function SMIME_crlf_copy(&in: PBIO; &out: PBIO; flags: TIdC_INT): TIdC_INT;
+  function SMIME_text(&in: PBIO; &out: PBIO): TIdC_INT;
+
+  function ASN1_ITEM_lookup(const name: PIdAnsiChar): PASN1_ITEM;
+  function ASN1_ITEM_get(i: TIdC_SIZET): PASN1_ITEM;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_asn1_mac.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_asn1_mac.pas
new file mode 100644
index 000000000..498528608
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_asn1_mac.pas
@@ -0,0 +1,40 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+unit IdOpenSSLHeaders_asn1_mac;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// asn1_mac.h
+
+{.$i IdCompilerDefines.inc}
+
+//#error "This file is obsolete; please update your software."
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_asn1err.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_asn1err.pas
new file mode 100644
index 000000000..ed22be3a6
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_asn1err.pas
@@ -0,0 +1,277 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+unit IdOpenSSLHeaders_asn1err;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// asn1err.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+const
+
+// ASN1 function codes.
+  ASN1_F_A2D_ASN1_OBJECT                          = 100;
+  ASN1_F_A2I_ASN1_INTEGER                         = 102;
+  ASN1_F_A2I_ASN1_STRING                          = 103;
+  ASN1_F_APPEND_EXP                               = 176;
+  ASN1_F_ASN1_BIO_INIT                            = 113;
+  ASN1_F_ASN1_BIT_STRING_SET_BIT                  = 183;
+  ASN1_F_ASN1_CB                                  = 177;
+  ASN1_F_ASN1_CHECK_TLEN                          = 104;
+  ASN1_F_ASN1_COLLECT                             = 106;
+  ASN1_F_ASN1_D2I_EX_PRIMITIVE                    = 108;
+  ASN1_F_ASN1_D2I_FP                              = 109;
+  ASN1_F_ASN1_D2I_READ_BIO                        = 107;
+  ASN1_F_ASN1_DIGEST                              = 184;
+  ASN1_F_ASN1_DO_ADB                              = 110;
+  ASN1_F_ASN1_DO_LOCK                             = 233;
+  ASN1_F_ASN1_DUP                                 = 111;
+  ASN1_F_ASN1_ENC_SAVE                            = 115;
+  ASN1_F_ASN1_EX_C2I                              = 204;
+  ASN1_F_ASN1_FIND_END                            = 190;
+  ASN1_F_ASN1_GENERALIZEDTIME_ADJ                 = 216;
+  ASN1_F_ASN1_GENERATE_V3                         = 178;
+  ASN1_F_ASN1_GET_INT64                           = 224;
+  ASN1_F_ASN1_GET_OBJECT                          = 114;
+  ASN1_F_ASN1_GET_UINT64                          = 225;
+  ASN1_F_ASN1_I2D_BIO                             = 116;
+  ASN1_F_ASN1_I2D_FP                              = 117;
+  ASN1_F_ASN1_ITEM_D2I_FP                         = 206;
+  ASN1_F_ASN1_ITEM_DUP                            = 191;
+  ASN1_F_ASN1_ITEM_EMBED_D2I                      = 120;
+  ASN1_F_ASN1_ITEM_EMBED_NEW                      = 121;
+  ASN1_F_ASN1_ITEM_FLAGS_I2D                      = 118;
+  ASN1_F_ASN1_ITEM_I2D_BIO                        = 192;
+  ASN1_F_ASN1_ITEM_I2D_FP                         = 193;
+  ASN1_F_ASN1_ITEM_PACK                           = 198;
+  ASN1_F_ASN1_ITEM_SIGN                           = 195;
+  ASN1_F_ASN1_ITEM_SIGN_CTX                       = 220;
+  ASN1_F_ASN1_ITEM_UNPACK                         = 199;
+  ASN1_F_ASN1_ITEM_VERIFY                         = 197;
+  ASN1_F_ASN1_MBSTRING_NCOPY                      = 122;
+  ASN1_F_ASN1_OBJECT_NEW                          = 123;
+  ASN1_F_ASN1_OUTPUT_DATA                         = 214;
+  ASN1_F_ASN1_PCTX_NEW                            = 205;
+  ASN1_F_ASN1_PRIMITIVE_NEW                       = 119;
+  ASN1_F_ASN1_SCTX_NEW                            = 221;
+  ASN1_F_ASN1_SIGN                                = 128;
+  ASN1_F_ASN1_STR2TYPE                            = 179;
+  ASN1_F_ASN1_STRING_GET_INT64                    = 227;
+  ASN1_F_ASN1_STRING_GET_UINT64                   = 230;
+  ASN1_F_ASN1_STRING_SET                          = 186;
+  ASN1_F_ASN1_STRING_TABLE_ADD                    = 129;
+  ASN1_F_ASN1_STRING_TO_BN                        = 228;
+  ASN1_F_ASN1_STRING_TYPE_NEW                     = 130;
+  ASN1_F_ASN1_TEMPLATE_EX_D2I                     = 132;
+  ASN1_F_ASN1_TEMPLATE_NEW                        = 133;
+  ASN1_F_ASN1_TEMPLATE_NOEXP_D2I                  = 131;
+  ASN1_F_ASN1_TIME_ADJ                            = 217;
+  ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING            = 134;
+  ASN1_F_ASN1_TYPE_GET_OCTETSTRING                = 135;
+  ASN1_F_ASN1_UTCTIME_ADJ                         = 218;
+  ASN1_F_ASN1_VERIFY                              = 137;
+  ASN1_F_B64_READ_ASN1                            = 209;
+  ASN1_F_B64_WRITE_ASN1                           = 210;
+  ASN1_F_BIO_NEW_NDEF                             = 208;
+  ASN1_F_BITSTR_CB                                = 180;
+  ASN1_F_BN_TO_ASN1_STRING                        = 229;
+  ASN1_F_C2I_ASN1_BIT_STRING                      = 189;
+  ASN1_F_C2I_ASN1_INTEGER                         = 194;
+  ASN1_F_C2I_ASN1_OBJECT                          = 196;
+  ASN1_F_C2I_IBUF                                 = 226;
+  ASN1_F_C2I_UINT64_INT                           = 101;
+  ASN1_F_COLLECT_DATA                             = 140;
+  ASN1_F_D2I_ASN1_OBJECT                          = 147;
+  ASN1_F_D2I_ASN1_UINTEGER                        = 150;
+  ASN1_F_D2I_AUTOPRIVATEKEY                       = 207;
+  ASN1_F_D2I_PRIVATEKEY                           = 154;
+  ASN1_F_D2I_PUBLICKEY                            = 155;
+  ASN1_F_DO_BUF                                   = 142;
+  ASN1_F_DO_CREATE                                = 124;
+  ASN1_F_DO_DUMP                                  = 125;
+  ASN1_F_DO_TCREATE                               = 222;
+  ASN1_F_I2A_ASN1_OBJECT                          = 126;
+  ASN1_F_I2D_ASN1_BIO_STREAM                      = 211;
+  ASN1_F_I2D_ASN1_OBJECT                          = 143;
+  ASN1_F_I2D_DSA_PUBKEY                           = 161;
+  ASN1_F_I2D_EC_PUBKEY                            = 181;
+  ASN1_F_I2D_PRIVATEKEY                           = 163;
+  ASN1_F_I2D_PUBLICKEY                            = 164;
+  ASN1_F_I2D_RSA_PUBKEY                           = 165;
+  ASN1_F_LONG_C2I                                 = 166;
+  ASN1_F_NDEF_PREFIX                              = 127;
+  ASN1_F_NDEF_SUFFIX                              = 136;
+  ASN1_F_OID_MODULE_INIT                          = 174;
+  ASN1_F_PARSE_TAGGING                            = 182;
+  ASN1_F_PKCS5_PBE2_SET_IV                        = 167;
+  ASN1_F_PKCS5_PBE2_SET_SCRYPT                    = 231;
+  ASN1_F_PKCS5_PBE_SET                            = 202;
+  ASN1_F_PKCS5_PBE_SET0_ALGOR                     = 215;
+  ASN1_F_PKCS5_PBKDF2_SET                         = 219;
+  ASN1_F_PKCS5_SCRYPT_SET                         = 232;
+  ASN1_F_SMIME_READ_ASN1                          = 212;
+  ASN1_F_SMIME_TEXT                               = 213;
+  ASN1_F_STABLE_GET                               = 138;
+  ASN1_F_STBL_MODULE_INIT                         = 223;
+  ASN1_F_UINT32_C2I                               = 105;
+  ASN1_F_UINT32_NEW                               = 139;
+  ASN1_F_UINT64_C2I                               = 112;
+  ASN1_F_UINT64_NEW                               = 141;
+  ASN1_F_X509_CRL_ADD0_REVOKED                    = 169;
+  ASN1_F_X509_INFO_NEW                            = 170;
+  ASN1_F_X509_NAME_ENCODE                         = 203;
+  ASN1_F_X509_NAME_EX_D2I                         = 158;
+  ASN1_F_X509_NAME_EX_NEW                         = 171;
+  ASN1_F_X509_PKEY_NEW                            = 173;
+
+// ASN1 reason codes.
+  ASN1_R_ADDING_OBJECT                            = 171;
+  ASN1_R_ASN1_PARSE_ERROR                         = 203;
+  ASN1_R_ASN1_SIG_PARSE_ERROR                     = 204;
+  ASN1_R_AUX_ERROR                                = 100;
+  ASN1_R_BAD_OBJECT_HEADER                        = 102;
+  ASN1_R_BMPSTRING_IS_WRONG_LENGTH                = 214;
+  ASN1_R_BN_LIB                                   = 105;
+  ASN1_R_BOOLEAN_IS_WRONG_LENGTH                  = 106;
+  ASN1_R_BUFFER_TOO_SMALL                         = 107;
+  ASN1_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER          = 108;
+  ASN1_R_CONTEXT_NOT_INITIALISED                  = 217;
+  ASN1_R_DATA_IS_WRONG                            = 109;
+  ASN1_R_DECODE_ERROR                             = 110;
+  ASN1_R_DEPTH_EXCEEDED                           = 174;
+  ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED        = 198;
+  ASN1_R_ENCODE_ERROR                             = 112;
+  ASN1_R_ERROR_GETTING_TIME                       = 173;
+  ASN1_R_ERROR_LOADING_SECTION                    = 172;
+  ASN1_R_ERROR_SETTING_CIPHER_PARAMS              = 114;
+  ASN1_R_EXPECTING_AN_INTEGER                     = 115;
+  ASN1_R_EXPECTING_AN_OBJECT                      = 116;
+  ASN1_R_EXPLICIT_LENGTH_MISMATCH                 = 119;
+  ASN1_R_EXPLICIT_TAG_NOT_CONSTRUCTED             = 120;
+  ASN1_R_FIELD_MISSING                            = 121;
+  ASN1_R_FIRST_NUM_TOO_LARGE                      = 122;
+  ASN1_R_HEADER_TOO_LONG                          = 123;
+  ASN1_R_ILLEGAL_BITSTRING_FORMAT                 = 175;
+  ASN1_R_ILLEGAL_BOOLEAN                          = 176;
+  ASN1_R_ILLEGAL_CHARACTERS                       = 124;
+  ASN1_R_ILLEGAL_FORMAT                           = 177;
+  ASN1_R_ILLEGAL_HEX                              = 178;
+  ASN1_R_ILLEGAL_IMPLICIT_TAG                     = 179;
+  ASN1_R_ILLEGAL_INTEGER                          = 180;
+  ASN1_R_ILLEGAL_NEGATIVE_VALUE                   = 226;
+  ASN1_R_ILLEGAL_NESTED_TAGGING                   = 181;
+  ASN1_R_ILLEGAL_NULL                             = 125;
+  ASN1_R_ILLEGAL_NULL_VALUE                       = 182;
+  ASN1_R_ILLEGAL_OBJECT                           = 183;
+  ASN1_R_ILLEGAL_OPTIONAL_ANY                     = 126;
+  ASN1_R_ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE         = 170;
+  ASN1_R_ILLEGAL_PADDING                          = 221;
+  ASN1_R_ILLEGAL_TAGGED_ANY                       = 127;
+  ASN1_R_ILLEGAL_TIME_VALUE                       = 184;
+  ASN1_R_ILLEGAL_ZERO_CONTENT                     = 222;
+  ASN1_R_INTEGER_NOT_ASCII_FORMAT                 = 185;
+  ASN1_R_INTEGER_TOO_LARGE_FOR_LONG               = 128;
+  ASN1_R_INVALID_BIT_STRING_BITS_LEFT             = 220;
+  ASN1_R_INVALID_BMPSTRING_LENGTH                 = 129;
+  ASN1_R_INVALID_DIGIT                            = 130;
+  ASN1_R_INVALID_MIME_TYPE                        = 205;
+  ASN1_R_INVALID_MODIFIER                         = 186;
+  ASN1_R_INVALID_NUMBER                           = 187;
+  ASN1_R_INVALID_OBJECT_ENCODING                  = 216;
+  ASN1_R_INVALID_SCRYPT_PARAMETERS                = 227;
+  ASN1_R_INVALID_SEPARATOR                        = 131;
+  ASN1_R_INVALID_STRING_TABLE_VALUE               = 218;
+  ASN1_R_INVALID_UNIVERSALSTRING_LENGTH           = 133;
+  ASN1_R_INVALID_UTF8STRING                       = 134;
+  ASN1_R_INVALID_VALUE                            = 219;
+  ASN1_R_LIST_ERROR                               = 188;
+  ASN1_R_MIME_NO_CONTENT_TYPE                     = 206;
+  ASN1_R_MIME_PARSE_ERROR                         = 207;
+  ASN1_R_MIME_SIG_PARSE_ERROR                     = 208;
+  ASN1_R_MISSING_EOC                              = 137;
+  ASN1_R_MISSING_SECOND_NUMBER                    = 138;
+  ASN1_R_MISSING_VALUE                            = 189;
+  ASN1_R_MSTRING_NOT_UNIVERSAL                    = 139;
+  ASN1_R_MSTRING_WRONG_TAG                        = 140;
+  ASN1_R_NESTED_ASN1_STRING                       = 197;
+  ASN1_R_NESTED_TOO_DEEP                          = 201;
+  ASN1_R_NON_HEX_CHARACTERS                       = 141;
+  ASN1_R_NOT_ASCII_FORMAT                         = 190;
+  ASN1_R_NOT_ENOUGH_DATA                          = 142;
+  ASN1_R_NO_CONTENT_TYPE                          = 209;
+  ASN1_R_NO_MATCHING_CHOICE_TYPE                  = 143;
+  ASN1_R_NO_MULTIPART_BODY_FAILURE                = 210;
+  ASN1_R_NO_MULTIPART_BOUNDARY                    = 211;
+  ASN1_R_NO_SIG_CONTENT_TYPE                      = 212;
+  ASN1_R_NULL_IS_WRONG_LENGTH                     = 144;
+  ASN1_R_OBJECT_NOT_ASCII_FORMAT                  = 191;
+  ASN1_R_ODD_NUMBER_OF_CHARS                      = 145;
+  ASN1_R_SECOND_NUMBER_TOO_LARGE                  = 147;
+  ASN1_R_SEQUENCE_LENGTH_MISMATCH                 = 148;
+  ASN1_R_SEQUENCE_NOT_CONSTRUCTED                 = 149;
+  ASN1_R_SEQUENCE_OR_SET_NEEDS_CONFIG             = 192;
+  ASN1_R_SHORT_LINE                               = 150;
+  ASN1_R_SIG_INVALID_MIME_TYPE                    = 213;
+  ASN1_R_STREAMING_NOT_SUPPORTED                  = 202;
+  ASN1_R_STRING_TOO_LONG                          = 151;
+  ASN1_R_STRING_TOO_SHORT                         = 152;
+  ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD = 154;
+  ASN1_R_TIME_NOT_ASCII_FORMAT                    = 193;
+  ASN1_R_TOO_LARGE                                = 223;
+  ASN1_R_TOO_LONG                                 = 155;
+  ASN1_R_TOO_SMALL                                = 224;
+  ASN1_R_TYPE_NOT_CONSTRUCTED                     = 156;
+  ASN1_R_TYPE_NOT_PRIMITIVE                       = 195;
+  ASN1_R_UNEXPECTED_EOC                           = 159;
+  ASN1_R_UNIVERSALSTRING_IS_WRONG_LENGTH          = 215;
+  ASN1_R_UNKNOWN_FORMAT                           = 160;
+  ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM         = 161;
+  ASN1_R_UNKNOWN_OBJECT_TYPE                      = 162;
+  ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE                  = 163;
+  ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM              = 199;
+  ASN1_R_UNKNOWN_TAG                              = 194;
+  ASN1_R_UNSUPPORTED_ANY_DEFINED_BY_TYPE          = 164;
+  ASN1_R_UNSUPPORTED_CIPHER                       = 228;
+  ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE              = 167;
+  ASN1_R_UNSUPPORTED_TYPE                         = 196;
+  ASN1_R_WRONG_INTEGER_TYPE                       = 225;
+  ASN1_R_WRONG_PUBLIC_KEY_TYPE                    = 200;
+  ASN1_R_WRONG_TAG                                = 168;
+
+var
+  function ERR_load_ASN1_strings: TIdC_INT;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_asn1t.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_asn1t.pas
new file mode 100644
index 000000000..5ad3a985d
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_asn1t.pas
@@ -0,0 +1,991 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+unit IdOpenSSLHeaders_asn1t;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// asn1t.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts,
+  IdOpenSSLHeaders_ossl_typ;
+  
+type
+  // moved from asn1
+  ASN1_ITEM_EXP = ASN1_ITEM;
+  PASN1_ITEM_EXP = ^ASN1_ITEM_EXP;
+
+//# ifndef OPENSSL_EXPORT_VAR_AS_FUNCTION
+//
+///// Macro to obtain ASN1_ADB pointer from a type (only used internally) ///
+//#  define ASN1_ADB_ptr(iptr) ((const ASN1_ADB //)(iptr))
+//
+///// Macros for start and end of ASN1_ITEM definition ///
+//
+//#  define ASN1_ITEM_start(itname) \
+//        const ASN1_ITEM itname##_it = {
+//
+//#  define static_ASN1_ITEM_start(itname) \
+//        static const ASN1_ITEM itname##_it = {
+//
+//#  define ASN1_ITEM_end(itname)                 \
+//                };
+//
+//# else
+//
+///// Macro to obtain ASN1_ADB pointer from a type (only used internally) ///
+//#  define ASN1_ADB_ptr(iptr) ((const ASN1_ADB //)((iptr)()))
+//
+///// Macros for start and end of ASN1_ITEM definition ///
+//
+//#  define ASN1_ITEM_start(itname) \
+//        const ASN1_ITEM // itname##_it(void) \
+//        { \
+//                static const ASN1_ITEM local_it = {
+//
+//#  define static_ASN1_ITEM_start(itname) \
+//        static ASN1_ITEM_start(itname)
+//
+//#  define ASN1_ITEM_end(itname) \
+//                }; \
+//        return &local_it; \
+//        }
+//
+//# endif
+//
+///// Macros to aid ASN1 template writing ///
+//
+//  ASN1_ITEM_TEMPLATE(tname) \
+//        static const PASN1_TEMPLATE tname##_item_tt
+//
+//  ASN1_ITEM_TEMPLATE_END(tname) \
+//        ;\
+//        ASN1_ITEM_start(tname) \
+//                ASN1_ITYPE_PRIMITIVE,\
+//                -1,\
+//                &tname##_item_tt,\
+//                0,\
+//                NULL,\
+//                0,\
+//                #tname \
+//        ASN1_ITEM_end(tname)
+//  static_ASN1_ITEM_TEMPLATE_END(tname) \
+//        ;\
+//        static_ASN1_ITEM_start(tname) \
+//                ASN1_ITYPE_PRIMITIVE,\
+//                -1,\
+//                &tname##_item_tt,\
+//                0,\
+//                NULL,\
+//                0,\
+//                #tname \
+//        ASN1_ITEM_end(tname)
+//
+///// This is a ASN1 type which just embeds a template ///
+//
+/////-
+// // This pair helps declare a SEQUENCE. We can do:
+// //
+// //      ASN1_SEQUENCE(stname) = {
+// //              ... SEQUENCE components ...
+// //      } ASN1_SEQUENCE_END(stname)
+// //
+// //      This will produce an ASN1_ITEM called stname_it
+// //      for a structure called stname.
+// //
+// //      If you want the same structure but a different
+// //      name then use:
+// //
+// //      ASN1_SEQUENCE(itname) = {
+// //              ... SEQUENCE components ...
+// //      } ASN1_SEQUENCE_END_name(stname, itname)
+// //
+// //      This will create an item called itname_it using
+// //      a structure called stname.
+// ///
+//
+//  ASN1_SEQUENCE(tname) \
+//        static const PASN1_TEMPLATE tname##_seq_tt[]
+//
+//  ASN1_SEQUENCE_END(stname) ASN1_SEQUENCE_END_name(stname, stname)
+//
+//  static_ASN1_SEQUENCE_END(stname) static_ASN1_SEQUENCE_END_name(stname, stname)
+//
+//  ASN1_SEQUENCE_END_name(stname, tname) \
+//        ;\
+//        ASN1_ITEM_start(tname) \
+//                ASN1_ITYPE_SEQUENCE,\
+//                V_ASN1_SEQUENCE,\
+//                tname##_seq_tt,\
+//                sizeof(tname##_seq_tt) / sizeof(PASN1_TEMPLATE),\
+//                NULL,\
+//                sizeof(stname),\
+//                #tname \
+//        ASN1_ITEM_end(tname)
+//
+//  static_ASN1_SEQUENCE_END_name(stname, tname) \
+//        ;\
+//        static_ASN1_ITEM_start(tname) \
+//                ASN1_ITYPE_SEQUENCE,\
+//                V_ASN1_SEQUENCE,\
+//                tname##_seq_tt,\
+//                sizeof(tname##_seq_tt) / sizeof(PASN1_TEMPLATE),\
+//                NULL,\
+//                sizeof(stname),\
+//                #stname \
+//        ASN1_ITEM_end(tname)
+//
+//  ASN1_NDEF_SEQUENCE(tname) \
+//        ASN1_SEQUENCE(tname)
+//
+//  ASN1_NDEF_SEQUENCE_cb(tname, cb) \
+//        ASN1_SEQUENCE_cb(tname, cb)
+//
+//  ASN1_SEQUENCE_cb(tname, cb) \
+//        static const ASN1_AUX tname##_aux = {NULL, 0, 0, 0, cb, 0}; \
+//        ASN1_SEQUENCE(tname)
+//
+//  ASN1_BROKEN_SEQUENCE(tname) \
+//        static const ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_BROKEN, 0, 0, 0, 0}; \
+//        ASN1_SEQUENCE(tname)
+//
+//  ASN1_SEQUENCE_ref(tname, cb) \
+//        static const ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_REFCOUNT, offsetof(tname, references), offsetof(tname, lock), cb, 0}; \
+//        ASN1_SEQUENCE(tname)
+//
+//  ASN1_SEQUENCE_enc(tname, enc, cb) \
+//        static const ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_ENCODING, 0, 0, cb, offsetof(tname, enc)}; \
+//        ASN1_SEQUENCE(tname)
+//
+//  ASN1_NDEF_SEQUENCE_END(tname) \
+//        ;\
+//        ASN1_ITEM_start(tname) \
+//                ASN1_ITYPE_NDEF_SEQUENCE,\
+//                V_ASN1_SEQUENCE,\
+//                tname##_seq_tt,\
+//                sizeof(tname##_seq_tt) / sizeof(PASN1_TEMPLATE),\
+//                NULL,\
+//                sizeof(tname),\
+//                #tname \
+//        ASN1_ITEM_end(tname)
+//  static_ASN1_NDEF_SEQUENCE_END(tname) \
+//        ;\
+//        static_ASN1_ITEM_start(tname) \
+//                ASN1_ITYPE_NDEF_SEQUENCE,\
+//                V_ASN1_SEQUENCE,\
+//                tname##_seq_tt,\
+//                sizeof(tname##_seq_tt) / sizeof(PASN1_TEMPLATE),\
+//                NULL,\
+//                sizeof(tname),\
+//                #tname \
+//        ASN1_ITEM_end(tname)
+//
+//  ASN1_BROKEN_SEQUENCE_END(stname) ASN1_SEQUENCE_END_ref(stname, stname)
+//  static_ASN1_BROKEN_SEQUENCE_END(stname) \
+//        static_ASN1_SEQUENCE_END_ref(stname, stname)
+//
+//  ASN1_SEQUENCE_END_enc(stname, tname) ASN1_SEQUENCE_END_ref(stname, tname)
+//
+//  ASN1_SEQUENCE_END_cb(stname, tname) ASN1_SEQUENCE_END_ref(stname, tname)
+//  static_ASN1_SEQUENCE_END_cb(stname, tname) static_ASN1_SEQUENCE_END_ref(stname, tname)
+//
+//  ASN1_SEQUENCE_END_ref(stname, tname) \
+//        ;\
+//        ASN1_ITEM_start(tname) \
+//                ASN1_ITYPE_SEQUENCE,\
+//                V_ASN1_SEQUENCE,\
+//                tname##_seq_tt,\
+//                sizeof(tname##_seq_tt) / sizeof(PASN1_TEMPLATE),\
+//                &tname##_aux,\
+//                sizeof(stname),\
+//                #tname \
+//        ASN1_ITEM_end(tname)
+//  static_ASN1_SEQUENCE_END_ref(stname, tname) \
+//        ;\
+//        static_ASN1_ITEM_start(tname) \
+//                ASN1_ITYPE_SEQUENCE,\
+//                V_ASN1_SEQUENCE,\
+//                tname##_seq_tt,\
+//                sizeof(tname##_seq_tt) / sizeof(PASN1_TEMPLATE),\
+//                &tname##_aux,\
+//                sizeof(stname),\
+//                #stname \
+//        ASN1_ITEM_end(tname)
+//
+//  ASN1_NDEF_SEQUENCE_END_cb(stname, tname) \
+//        ;\
+//        ASN1_ITEM_start(tname) \
+//                ASN1_ITYPE_NDEF_SEQUENCE,\
+//                V_ASN1_SEQUENCE,\
+//                tname##_seq_tt,\
+//                sizeof(tname##_seq_tt) / sizeof(PASN1_TEMPLATE),\
+//                &tname##_aux,\
+//                sizeof(stname),\
+//                #stname \
+//        ASN1_ITEM_end(tname)
+//
+/////-
+// // This pair helps declare a CHOICE type. We can do:
+// //
+// //      ASN1_CHOICE(chname) = {
+// //              ... CHOICE options ...
+// //      ASN1_CHOICE_END(chname)
+// //
+// //      This will produce an ASN1_ITEM called chname_it
+// //      for a structure called chname. The structure
+// //      definition must look like this:
+// //      typedef struct {
+// //              int type;
+// //              union {
+// //                      ASN1_SOMETHING //opt1;
+// //                      ASN1_SOMEOTHER //opt2;
+// //              } value;
+// //      } chname;
+// //
+// //      the name of the selector must be 'type'.
+// //      to use an alternative selector name use the
+// //      ASN1_CHOICE_END_selector() version.
+// ///
+//
+//  ASN1_CHOICE(tname) \
+//        static const PASN1_TEMPLATE tname##_ch_tt[]
+//
+//  ASN1_CHOICE_cb(tname, cb) \
+//        static const ASN1_AUX tname##_aux = {NULL, 0, 0, 0, cb, 0}; \
+//        ASN1_CHOICE(tname)
+//
+//  ASN1_CHOICE_END(stname) ASN1_CHOICE_END_name(stname, stname)
+//
+//  static_ASN1_CHOICE_END(stname) static_ASN1_CHOICE_END_name(stname, stname)
+//
+//  ASN1_CHOICE_END_name(stname, tname) ASN1_CHOICE_END_selector(stname, tname, type)
+//
+//  static_ASN1_CHOICE_END_name(stname, tname) static_ASN1_CHOICE_END_selector(stname, tname, type)
+//
+//  ASN1_CHOICE_END_selector(stname, tname, selname) \
+//        ;\
+//        ASN1_ITEM_start(tname) \
+//                ASN1_ITYPE_CHOICE,\
+//                offsetof(stname,selname) ,\
+//                tname##_ch_tt,\
+//                sizeof(tname##_ch_tt) / sizeof(PASN1_TEMPLATE),\
+//                NULL,\
+//                sizeof(stname),\
+//                #stname \
+//        ASN1_ITEM_end(tname)
+//
+//  static_ASN1_CHOICE_END_selector(stname, tname, selname) \
+//        ;\
+//        static_ASN1_ITEM_start(tname) \
+//                ASN1_ITYPE_CHOICE,\
+//                offsetof(stname,selname) ,\
+//                tname##_ch_tt,\
+//                sizeof(tname##_ch_tt) / sizeof(PASN1_TEMPLATE),\
+//                NULL,\
+//                sizeof(stname),\
+//                #stname \
+//        ASN1_ITEM_end(tname)
+//
+//  ASN1_CHOICE_END_cb(stname, tname, selname) \
+//        ;\
+//        ASN1_ITEM_start(tname) \
+//                ASN1_ITYPE_CHOICE,\
+//                offsetof(stname,selname) ,\
+//                tname##_ch_tt,\
+//                sizeof(tname##_ch_tt) / sizeof(PASN1_TEMPLATE),\
+//                &tname##_aux,\
+//                sizeof(stname),\
+//                #stname \
+//        ASN1_ITEM_end(tname)
+//
+///// This helps with the template wrapper form of ASN1_ITEM ///
+//
+//  ASN1_EX_TEMPLATE_TYPE(flags, tag, name, type) { \
+//        (flags), (tag), 0,\
+//        #name, ASN1_ITEM_ref(type) }
+//
+///// These help with SEQUENCE or CHOICE components ///
+//
+///// used to declare other types ///
+//
+//  ASN1_EX_TYPE(flags, tag, stname, field, type) { \
+//        (flags), (tag), offsetof(stname, field),\
+//        #field, ASN1_ITEM_ref(type) }
+//
+///// implicit and explicit helper macros ///
+//
+//  ASN1_IMP_EX(stname, field, type, tag, ex) \
+//         ASN1_EX_TYPE(ASN1_TFLG_IMPLICIT | (ex), tag, stname, field, type)
+//
+//  ASN1_EXP_EX(stname, field, type, tag, ex) \
+//         ASN1_EX_TYPE(ASN1_TFLG_EXPLICIT | (ex), tag, stname, field, type)
+//
+///// Any defined by macros: the field used is in the table itself ///
+//
+//# ifndef OPENSSL_EXPORT_VAR_AS_FUNCTION
+//#  define ASN1_ADB_OBJECT(tblname) { ASN1_TFLG_ADB_OID, -1, 0, #tblname, (const ASN1_ITEM //)&(tblname##_adb) }
+//#  define ASN1_ADB_INTEGER(tblname) { ASN1_TFLG_ADB_INT, -1, 0, #tblname, (const ASN1_ITEM //)&(tblname##_adb) }
+//# else
+//#  define ASN1_ADB_OBJECT(tblname) { ASN1_TFLG_ADB_OID, -1, 0, #tblname, tblname##_adb }
+//#  define ASN1_ADB_INTEGER(tblname) { ASN1_TFLG_ADB_INT, -1, 0, #tblname, tblname##_adb }
+//# endif
+///// Plain simple type ///
+//  ASN1_SIMPLE(stname, field, type) ASN1_EX_TYPE(0,0, stname, field, type)
+///// Embedded simple type ///
+//  ASN1_EMBED(stname, field, type) ASN1_EX_TYPE(ASN1_TFLG_EMBED,0, stname, field, type)
+//
+///// OPTIONAL simple type ///
+//  ASN1_OPT(stname, field, type) ASN1_EX_TYPE(ASN1_TFLG_OPTIONAL, 0, stname, field, type)
+//  ASN1_OPT_EMBED(stname, field, type) ASN1_EX_TYPE(ASN1_TFLG_OPTIONAL|ASN1_TFLG_EMBED, 0, stname, field, type)
+//
+///// IMPLICIT tagged simple type ///
+//  ASN1_IMP(stname, field, type, tag) ASN1_IMP_EX(stname, field, type, tag, 0)
+//  ASN1_IMP_EMBED(stname, field, type, tag) ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_EMBED)
+//
+///// IMPLICIT tagged OPTIONAL simple type ///
+//  ASN1_IMP_OPT(stname, field, type, tag) ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_OPTIONAL)
+//  ASN1_IMP_OPT_EMBED(stname, field, type, tag) ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_OPTIONAL|ASN1_TFLG_EMBED)
+//
+///// Same as above but EXPLICIT ///
+//
+//  ASN1_EXP(stname, field, type, tag) ASN1_EXP_EX(stname, field, type, tag, 0)
+//  ASN1_EXP_EMBED(stname, field, type, tag) ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_EMBED)
+//  ASN1_EXP_OPT(stname, field, type, tag) ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_OPTIONAL)
+//  ASN1_EXP_OPT_EMBED(stname, field, type, tag) ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_OPTIONAL|ASN1_TFLG_EMBED)
+//
+///// SEQUENCE OF type ///
+//  ASN1_SEQUENCE_OF(stname, field, type) \
+//                ASN1_EX_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, stname, field, type)
+//
+///// OPTIONAL SEQUENCE OF ///
+//  ASN1_SEQUENCE_OF_OPT(stname, field, type) \
+//                ASN1_EX_TYPE(ASN1_TFLG_SEQUENCE_OF|ASN1_TFLG_OPTIONAL, 0, stname, field, type)
+//
+///// Same as above but for SET OF ///
+//
+//  ASN1_SET_OF(stname, field, type) \
+//                ASN1_EX_TYPE(ASN1_TFLG_SET_OF, 0, stname, field, type)
+//
+//  ASN1_SET_OF_OPT(stname, field, type) \
+//                ASN1_EX_TYPE(ASN1_TFLG_SET_OF|ASN1_TFLG_OPTIONAL, 0, stname, field, type)
+//
+///// Finally compound types of SEQUENCE, SET, IMPLICIT, EXPLICIT and OPTIONAL ///
+//
+//  ASN1_IMP_SET_OF(stname, field, type, tag) \
+//                        ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_SET_OF)
+//
+//  ASN1_EXP_SET_OF(stname, field, type, tag) \
+//                        ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SET_OF)
+//
+//  ASN1_IMP_SET_OF_OPT(stname, field, type, tag) \
+//                        ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_SET_OF|ASN1_TFLG_OPTIONAL)
+//
+//  ASN1_EXP_SET_OF_OPT(stname, field, type, tag) \
+//                        ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SET_OF|ASN1_TFLG_OPTIONAL)
+//
+//  ASN1_IMP_SEQUENCE_OF(stname, field, type, tag) \
+//                        ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF)
+//
+//  ASN1_IMP_SEQUENCE_OF_OPT(stname, field, type, tag) \
+//                        ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF|ASN1_TFLG_OPTIONAL)
+//
+//  ASN1_EXP_SEQUENCE_OF(stname, field, type, tag) \
+//                        ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF)
+//
+//  ASN1_EXP_SEQUENCE_OF_OPT(stname, field, type, tag) \
+//                        ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF|ASN1_TFLG_OPTIONAL)
+//
+///// EXPLICIT using indefinite length constructed form ///
+//  ASN1_NDEF_EXP(stname, field, type, tag) \
+//                        ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_NDEF)
+//
+///// EXPLICIT OPTIONAL using indefinite length constructed form ///
+//  ASN1_NDEF_EXP_OPT(stname, field, type, tag) \
+//                        ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_OPTIONAL|ASN1_TFLG_NDEF)
+//
+///// Macros for the ASN1_ADB structure ///
+//
+//  ASN1_ADB(name) \
+//        static const ASN1_ADB_TABLE name##_adbtbl[]
+//
+//# ifndef OPENSSL_EXPORT_VAR_AS_FUNCTION
+//
+//#  define ASN1_ADB_END(name, flags, field, adb_cb, def, none) \
+//        ;\
+//        static const ASN1_ADB name##_adb = {\
+//                flags,\
+//                offsetof(name, field),\
+//                adb_cb,\
+//                name##_adbtbl,\
+//                sizeof(name##_adbtbl) / sizeof(ASN1_ADB_TABLE),\
+//                def,\
+//                none\
+//        }
+//
+//# else
+//
+//#  define ASN1_ADB_END(name, flags, field, adb_cb, def, none) \
+//        ;\
+//        static const ASN1_ITEM //name##_adb(void) \
+//        { \
+//        static const ASN1_ADB internal_adb = \
+//                {\
+//                flags,\
+//                offsetof(name, field),\
+//                adb_cb,\
+//                name##_adbtbl,\
+//                sizeof(name##_adbtbl) / sizeof(ASN1_ADB_TABLE),\
+//                def,\
+//                none\
+//                }; \
+//                return (const ASN1_ITEM //) &internal_adb; \
+//        } \
+//        void dummy_function(void)
+//
+//# endif
+//
+//  ADB_ENTRY(val, template) {val, template}
+//
+//  ASN1_ADB_TEMPLATE(name) \
+//        static const PASN1_TEMPLATE name##_tt
+//
+/////
+// // This is the ASN1 template structure that defines a wrapper round the
+// // actual type. It determines the actual position of the field in the value
+// // structure, various flags such as OPTIONAL and the field name.
+// ///
+
+type
+  ASN1_TEMPLATE_st = record
+    flags: TIdC_ULONG;
+    tag: TIdC_LONG;
+    offset: TIdC_ULONG;
+    fieldname: PIdAnsiChar;
+    item: PASN1_ITEM_EXP;
+  end;  
+  ASN1_TEMPLATE = ASN1_TEMPLATE_st;
+  PASN1_TEMPLATE = ^ASN1_TEMPLATE;
+
+///// Macro to extract ASN1_ITEM and ASN1_ADB pointer from PASN1_TEMPLATE ///
+//
+//  ASN1_TEMPLATE_item(t) (t->item_ptr)
+//  ASN1_TEMPLATE_adb(t) (t->item_ptr)
+
+  adb_cb_callback = function(psel: PIdC_LONG): TIdC_INT;
+
+  ASN1_ADB_TABLE_st = record
+    value: TIdC_LONG;
+    tt: PASN1_TEMPLATE;
+  end;
+
+  ASN1_ADB_TABLE = ASN1_ADB_TABLE_st;
+  PASN1_ADB_TABLE = ^ASN1_ADB_TABLE;
+  
+  ASN1_ADB_st = record
+    flags: TIdC_ULONG;
+    offset: TIdC_ULONG;
+    adb_cb: adb_cb_callback;
+    tbl: PASN1_ADB_TABLE;
+    tblcount: TIdC_LONG;
+    default_tt: PASN1_TEMPLATE;
+    null_tt: PASN1_TEMPLATE;
+  end;
+  ASN1_ADB = ASN1_ADB_st;
+
+const
+// template flags //
+
+// Field is optional //
+  ASN1_TFLG_OPTIONAL     = $1;
+
+// Field is a SET OF //
+  ASN1_TFLG_SET_OF       = ($1 shl 1);
+
+// Field is a SEQUENCE OF //
+  ASN1_TFLG_SEQUENCE_OF  = ($2 shl 1);
+
+//
+// Special case: this refers to a SET OF that will be sorted into DER order
+// when encoded /and/ the corresponding STACK will be modified to match the
+// new order.
+ //
+  ASN1_TFLG_SET_ORDER     = ($3 shl 1);
+
+// Mask for SET OF or SEQUENCE OF //
+  ASN1_TFLG_SK_MASK       = ($3 shl 1);
+
+//
+//  These flags mean the tag should be taken from the tag field. If EXPLICIT
+//  then the underlying type is used for the inner tag.
+ //
+
+// IMPLICIT tagging //
+  ASN1_TFLG_IMPTAG        = ($1 shl 3);
+
+// EXPLICIT tagging, inner tag from underlying type //
+  ASN1_TFLG_EXPTAG        = ($2 shl 3);
+
+  ASN1_TFLG_TAG_MASK      = ($3 shl 3);
+
+// context specific IMPLICIT //
+//   ASN1_TFLG_IMPLICIT      (ASN1_TFLG_IMPTAG|ASN1_TFLG_CONTEXT)
+
+// context specific EXPLICIT //
+//   ASN1_TFLG_EXPLICIT      (ASN1_TFLG_EXPTAG|ASN1_TFLG_CONTEXT)
+
+//
+// If tagging is in force these determine the type of tag to use. Otherwise
+// the tag is determined by the underlying type. These values reflect the
+// actual octet format.
+ //
+
+// Universal tag //
+  ASN1_TFLG_UNIVERSAL     = ($0 shl 6);
+// Application tag //
+  ASN1_TFLG_APPLICATION   = ($1 shl 6);
+// Context specific tag //
+  ASN1_TFLG_CONTEXT       = ($2 shl 6);
+// Private tag //
+  ASN1_TFLG_PRIVATE       = ($3 shl 6);
+
+  ASN1_TFLG_TAG_CLASS     = ($3 shl 6);
+
+//
+// These are for ANY DEFINED BY type. In this case the 'item' field points to
+// an ASN1_ADB structure which contains a table of values to decode the
+// relevant type
+ //
+
+  ASN1_TFLG_ADB_MASK      = ($3 shl 8);
+
+  ASN1_TFLG_ADB_OID       = ($1 shl 8);
+
+  ASN1_TFLG_ADB_INT       = ($1 shl 9);
+
+//
+// This flag when present in a SEQUENCE OF, SET OF or EXPLICIT causes
+// indefinite length constructed encoding to be used if required.
+ //
+
+  ASN1_TFLG_NDEF          = ($1 shl 11);
+
+// Field is embedded and not a pointer //
+  ASN1_TFLG_EMBED         = ($1 shl 12);
+
+// This is the actual ASN1 item itself //
+
+type
+  ASN1_ITEM_st = record
+    itype: AnsiChar;
+    utype: TIdC_LONG;
+    template: PASN1_TEMPLATE;
+    tcount: TIdC_LONG;
+    funcs: Pointer;
+    size: TIdC_LONG;
+    sname: PIdAnsiChar;
+  end;
+
+//-
+ // These are values for the itype field and
+ // determine how the type is interpreted.
+ //
+ // For PRIMITIVE types the underlying type
+ // determines the behaviour if items is NULL.
+ //
+ // Otherwise templates must contain a single
+ // template and the type is treated in the
+ // same way as the type specified in the template.
+ //
+ // For SEQUENCE types the templates field points
+ // to the members, the size field is the
+ // structure size.
+ //
+ // For CHOICE types the templates field points
+ // to each possible member (typically a union)
+ // and the 'size' field is the offset of the
+ // selector.
+ //
+ // The 'funcs' field is used for application
+ // specific functions.
+ //
+ // The EXTERN type uses a new style d2i/i2d.
+ // The new style should be used where possible
+ // because it avoids things like the d2i IMPLICIT
+ // hack.
+ //
+ // MSTRING is a multiple string type, it is used
+ // for a CHOICE of character strings where the
+ // actual strings all occupy an ASN1_STRING
+ // structure. In this case the 'utype' field
+ // has a special meaning, it is used as a mask
+ // of acceptable types using the B_ASN1 constants.
+ //
+ // NDEF_SEQUENCE is the same as SEQUENCE except
+ // that it will use indefinite length constructed
+ // encoding if requested.
+ //
+ //
+const
+  ASN1_ITYPE_PRIMITIVE            = $0;
+
+  ASN1_ITYPE_SEQUENCE             = $1;
+
+  ASN1_ITYPE_CHOICE               = $2;
+
+  ASN1_ITYPE_EXTERN               = $4;
+
+  ASN1_ITYPE_MSTRING              = $5;
+
+  ASN1_ITYPE_NDEF_SEQUENCE        = $6;
+
+//
+ // Cache for ASN1 tag and length, so we don't keep re-reading it for things
+ // like CHOICE
+ //
+
+type
+  ASN1_TLC_st = record
+    valid: AnsiChar;
+    ret: TIdC_INT;
+    plen: TIdC_LONG;
+    ptag: TIdC_INT;
+    pclass: TIdC_INT;
+    hdrlen: TIdC_INT;
+  end;
+  ASN1_TLC = ASN1_TLC_st;
+  PASN1_TLC = ^ASN1_TLC;
+
+  ASN1_ex_d2i = function(pval: PPASN1_VALUE; const AIn: PPByte; len: TIdC_LONG;
+    const it: PASN1_ITEM; tag: TIdC_INT; aclass: TIdC_INT;
+    opt: AnsiChar; ctx: PASN1_TLC): TIdC_INT;
+  PASN1_ex_d2i = ^ASN1_ex_d2i;
+
+  ASN1_ex_i2d = function(pval: PPASN1_VALUE; AOut: PPByte; const it: PASN1_ITEM;
+    tag: TIdC_INT; aclass: TIdC_INT): TIdC_INT;
+  PASN1_ex_i2d = ^ASN1_ex_i2d;
+
+  ASN1_ex_new_func = function(pval: PPASN1_VALUE; const it: PASN1_ITEM): TIdC_INT;
+  PASN1_ex_new_func = ^ASN1_ex_new_func;
+
+  ASN1_ex_free_func = procedure(pval: PPASN1_VALUE; const it: PASN1_ITEM);
+  PASN1_ex_free_func = ^ASN1_ex_free_func;
+
+  ASN1_ex_print_func = function(AOut: PBIO; pval: PPASN1_VALUE; indent: TIdC_INT;
+    const fname: PIdAnsiChar; const pctx: PASN1_PCTX): TIdC_INT;
+  PASN1_ex_print_func = ^ASN1_ex_print_func;
+
+  ASN1_primitive_i2c = function(pval: PPASN1_VALUE; const cont: PIdAnsiChar;
+    puttype: PIdC_INT; const it: PASN1_ITEM): TIdC_INT;
+  PASN1_primitive_i2c = ^ASN1_primitive_i2c;
+
+  ASN1_primitive_c2i = function(pval: PPASN1_VALUE; const cont: PByte;
+    len: TIdC_INT; utype: TIdC_INT; free_cont: PIdAnsiChar;
+    const it: PASN1_ITEM): TIdC_INT;
+  PASN1_primitive_c2i = ^ASN1_primitive_c2i;
+
+  ASN1_primitive_print = function(AOut: PBIO; pval: PPASN1_VALUE;
+    const it: PASN1_ITEM; indent: TIdC_INT; const pctx: PASN1_PCTX): TIdC_INT;
+  PASN1_primitive_print = ^ASN1_primitive_print;
+
+  ASN1_EXTERN_FUNCS_st = record
+    app_data: Pointer;
+    asn1_ex_new: PASN1_ex_new_func;
+    asn1_ex_free: PASN1_ex_free_func;
+    asn1_ex_clear: PASN1_ex_free_func;
+    asn1_ex_d2i: PASN1_ex_d2i;
+    asn1_ex_i2d: PASN1_ex_i2d;
+    asn1_ex_print: PASN1_ex_print_func;
+  end;
+
+  ASN1_EXTERN_FUNCS = ASN1_EXTERN_FUNCS_st;
+
+  ASN1_PRIMITIVE_FUNCS_st = record
+    app_data: Pointer;
+    flags: TIdC_ULONG;
+    prim_new: PASN1_ex_new_func;
+    prim_free: PASN1_ex_free_func;
+    prim_clear: PASN1_ex_free_func;
+    prim_c2i: PASN1_primitive_c2i;
+    prim_i2c: PASN1_primitive_i2c;
+    prim_print: PASN1_primitive_print;
+  end;
+
+  ASN1_PRIMITIVE_FUNCS = ASN1_PRIMITIVE_FUNCS_st;
+
+//
+ // This is the ASN1_AUX structure: it handles various miscellaneous
+ // requirements. For example the use of reference counts and an informational
+ // callback. The "informational callback" is called at various points during
+ // the ASN1 encoding and decoding. It can be used to provide minor
+ // customisation of the structures used. This is most useful where the
+ // supplied routines //almost// do the right thing but need some extra help at
+ // a few points. If the callback returns zero then it is assumed a fatal
+ // error has occurred and the main operation should be abandoned. If major
+ // changes in the default behaviour are required then an external type is
+ // more appropriate.
+ //
+
+  ASN1_aux_cb = function(operation: TIdC_INT; AIn: PASN1_VALUE; const it: PASN1_ITEM; exarg: Pointer): TIdC_INT;
+  PASN1_aux_cb = ^ASN1_aux_cb;
+
+  ASN1_AUX_st = record
+    app_data: Pointer;
+    flags: TIdC_INT;
+    ref_offset: TIdC_INT;
+    ref_lock: TIdC_INT;
+    asn1_cb: PASN1_aux_cb;
+    enc_offset: TidC_INT;
+  end;
+
+  ASN1_AUX = ASN1_AUX_st;
+
+// For print related callbacks exarg points to this structure
+
+  ASN1_PRINT_ARG_st = record
+    AOut: PBIO;
+    indent: TIdC_INT;
+    pctx: PASN1_PCTX;
+  end;
+
+  ASN1_PRINT_ARG = ASN1_PRINT_ARG_st;
+
+// For streaming related callbacks exarg points to this structure
+  ASN1_STREAM_ARG_st = record
+    // BIO to stream through
+    FOut: PBIO;
+    // BIO with filters appended
+    ndef_bio: PBIO;
+    // Streaming I/O boundary
+    boundary: PPByte;
+  end;
+
+  ASN1_STREAM_ARG = ASN1_STREAM_ARG_st;
+
+const
+/// Flags in ASN1_AUX ///
+
+/// Use a reference count ///
+  ASN1_AFLG_REFCOUNT      = 1;
+/// Save the encoding of structure (useful for signatures) ///
+  ASN1_AFLG_ENCODING      = 2;
+/// The Sequence length is invalid ///
+  ASN1_AFLG_BROKEN        = 4;
+
+/// operation values for asn1_cb ///
+
+  ASN1_OP_NEW_PRE         = 0;
+  ASN1_OP_NEW_POST        = 1;
+  ASN1_OP_FREE_PRE        = 2;
+  ASN1_OP_FREE_POST       = 3;
+  ASN1_OP_D2I_PRE         = 4;
+  ASN1_OP_D2I_POST        = 5;
+  ASN1_OP_I2D_PRE         = 6;
+  ASN1_OP_I2D_POST        = 7;
+  ASN1_OP_PRINT_PRE       = 8;
+  ASN1_OP_PRINT_POST      = 9;
+  ASN1_OP_STREAM_PRE      = 10;
+  ASN1_OP_STREAM_POST     = 11;
+  ASN1_OP_DETACHED_PRE    = 12;
+  ASN1_OP_DETACHED_POST   = 13;
+
+///* Macro to implement a primitive type */
+//# define IMPLEMENT_ASN1_TYPE(stname) IMPLEMENT_ASN1_TYPE_ex(stname, stname, 0)
+//# define IMPLEMENT_ASN1_TYPE_ex(itname, vname, ex) \
+//                                ASN1_ITEM_start(itname) \
+//                                        ASN1_ITYPE_PRIMITIVE, V_##vname, NULL, 0, NULL, ex, #itname \
+//                                ASN1_ITEM_end(itname)
+//
+///* Macro to implement a multi string type */
+//# define IMPLEMENT_ASN1_MSTRING(itname, mask) \
+//                                ASN1_ITEM_start(itname) \
+//                                        ASN1_ITYPE_MSTRING, mask, NULL, 0, NULL, sizeof(ASN1_STRING), #itname \
+//                                ASN1_ITEM_end(itname)
+//
+//# define IMPLEMENT_EXTERN_ASN1(sname, tag, fptrs) \
+//        ASN1_ITEM_start(sname) \
+//                ASN1_ITYPE_EXTERN, \
+//                tag, \
+//                NULL, \
+//                0, \
+//                &fptrs, \
+//                0, \
+//                #sname \
+//        ASN1_ITEM_end(sname)
+//
+///* Macro to implement standard functions in terms of ASN1_ITEM structures */
+//
+//# define IMPLEMENT_ASN1_FUNCTIONS(stname) IMPLEMENT_ASN1_FUNCTIONS_fname(stname, stname, stname)
+//
+//# define IMPLEMENT_ASN1_FUNCTIONS_name(stname, itname) IMPLEMENT_ASN1_FUNCTIONS_fname(stname, itname, itname)
+//
+//# define IMPLEMENT_ASN1_FUNCTIONS_ENCODE_name(stname, itname) \
+//                        IMPLEMENT_ASN1_FUNCTIONS_ENCODE_fname(stname, itname, itname)
+//
+//# define IMPLEMENT_STATIC_ASN1_ALLOC_FUNCTIONS(stname) \
+//                IMPLEMENT_ASN1_ALLOC_FUNCTIONS_pfname(static, stname, stname, stname)
+//
+//# define IMPLEMENT_ASN1_ALLOC_FUNCTIONS(stname) \
+//                IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, stname, stname)
+//
+//# define IMPLEMENT_ASN1_ALLOC_FUNCTIONS_pfname(pre, stname, itname, fname) \
+//        pre stname *fname##_new(void) \
+//        { \
+//                return (stname *)ASN1_item_new(ASN1_ITEM_rptr(itname)); \
+//        } \
+//        pre void fname##_free(stname *a) \
+//        { \
+//                ASN1_item_free((ASN1_VALUE *)a, ASN1_ITEM_rptr(itname)); \
+//        }
+//
+//# define IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, itname, fname) \
+//        stname *fname##_new(void) \
+//        { \
+//                return (stname *)ASN1_item_new(ASN1_ITEM_rptr(itname)); \
+//        } \
+//        void fname##_free(stname *a) \
+//        { \
+//                ASN1_item_free((ASN1_VALUE *)a, ASN1_ITEM_rptr(itname)); \
+//        }
+//
+//# define IMPLEMENT_ASN1_FUNCTIONS_fname(stname, itname, fname) \
+//        IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(stname, itname, fname) \
+//        IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, itname, fname)
+//
+//# define IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(stname, itname, fname) \
+//        stname *d2i_##fname(stname **a, const unsigned char **in, long len) \
+//        { \
+//                return (stname *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, ASN1_ITEM_rptr(itname));\
+//        } \
+//        int i2d_##fname(stname *a, unsigned char **out) \
+//        { \
+//                return ASN1_item_i2d((ASN1_VALUE *)a, out, ASN1_ITEM_rptr(itname));\
+//        }
+//
+//# define IMPLEMENT_ASN1_NDEF_FUNCTION(stname) \
+//        int i2d_##stname##_NDEF(stname *a, unsigned char **out) \
+//        { \
+//                return ASN1_item_ndef_i2d((ASN1_VALUE *)a, out, ASN1_ITEM_rptr(stname));\
+//        }
+//
+//# define IMPLEMENT_STATIC_ASN1_ENCODE_FUNCTIONS(stname) \
+//        static stname *d2i_##stname(stname **a, \
+//                                   const unsigned char **in, long len) \
+//        { \
+//                return (stname *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, \
+//                                               ASN1_ITEM_rptr(stname)); \
+//        } \
+//        static int i2d_##stname(stname *a, unsigned char **out) \
+//        { \
+//                return ASN1_item_i2d((ASN1_VALUE *)a, out, \
+//                                     ASN1_ITEM_rptr(stname)); \
+//        }
+//
+///*
+// * This includes evil casts to remove const: they will go away when full ASN1
+// * constification is done.
+// */
+//# define IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(stname, itname, fname) \
+//        stname *d2i_##fname(stname **a, const unsigned char **in, long len) \
+//        { \
+//                return (stname *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, ASN1_ITEM_rptr(itname));\
+//        } \
+//        int i2d_##fname(const stname *a, unsigned char **out) \
+//        { \
+//                return ASN1_item_i2d((ASN1_VALUE *)a, out, ASN1_ITEM_rptr(itname));\
+//        }
+//
+//# define IMPLEMENT_ASN1_DUP_FUNCTION(stname) \
+//        stname * stname##_dup(stname *x) \
+//        { \
+//        return ASN1_item_dup(ASN1_ITEM_rptr(stname), x); \
+//        }
+//
+//# define IMPLEMENT_ASN1_PRINT_FUNCTION(stname) \
+//        IMPLEMENT_ASN1_PRINT_FUNCTION_fname(stname, stname, stname)
+//
+//# define IMPLEMENT_ASN1_PRINT_FUNCTION_fname(stname, itname, fname) \
+//        int fname##_print_ctx(BIO *out, stname *x, int indent, \
+//                                                const ASN1_PCTX *pctx) \
+//        { \
+//                return ASN1_item_print(out, (ASN1_VALUE *)x, indent, \
+//                        ASN1_ITEM_rptr(itname), pctx); \
+//        }
+//
+//# define IMPLEMENT_ASN1_FUNCTIONS_const(name) \
+//                IMPLEMENT_ASN1_FUNCTIONS_const_fname(name, name, name)
+//
+//# define IMPLEMENT_ASN1_FUNCTIONS_const_fname(stname, itname, fname) \
+//        IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(stname, itname, fname) \
+//        IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, itname, fname)
+//
+//* external definitions for primitive types */
+
+//DECLARE_ASN1_ITEM(ASN1_BOOLEAN)
+//DECLARE_ASN1_ITEM(ASN1_TBOOLEAN)
+//DECLARE_ASN1_ITEM(ASN1_FBOOLEAN)
+//DECLARE_ASN1_ITEM(ASN1_SEQUENCE)
+//DECLARE_ASN1_ITEM(CBIGNUM)
+//DECLARE_ASN1_ITEM(BIGNUM)
+//DECLARE_ASN1_ITEM(INT32)
+//DECLARE_ASN1_ITEM(ZINT32)
+//DECLARE_ASN1_ITEM(UINT32)
+//DECLARE_ASN1_ITEM(ZUINT32)
+//DECLARE_ASN1_ITEM(INT64)
+//DECLARE_ASN1_ITEM(ZINT64)
+//DECLARE_ASN1_ITEM(UINT64)
+//DECLARE_ASN1_ITEM(ZUINT64)
+
+//# if OPENSSL_API_COMPAT < 0x10200000L
+///*
+// * LONG and ZLONG are strongly discouraged for use as stored data, as the
+// * underlying C type (long) differs in size depending on the architecture.
+// * They are designed with 32-bit longs in mind.
+// */
+//DECLARE_ASN1_ITEM(LONG)
+//DECLARE_ASN1_ITEM(ZLONG)
+//# endif
+
+//DEFINE_STACK_OF(ASN1_VALUE)
+
+//* Functions used internally by the ASN1 code */
+
+var
+  function ASN1_item_ex_new(pval: PPASN1_VALUE; const it: PASN1_ITEM): TIdC_INT;
+  procedure ASN1_item_ex_free(pval: PPASN1_VALUE; const it: PASN1_ITEM);
+
+  function ASN1_item_ex_d2i(pval: PPASN1_VALUE; const AIn: PPByte; len: TIdC_LONG; const it: PASN1_ITEM; tag: TIdC_INT; aclass: TIdC_INT; opt: AnsiChar; ctx: PASN1_TLC): TIdC_INT;
+
+  function ASN1_item_ex_i2d(pval: PPASN1_VALUE; AOut: PPByte; const it: PASN1_ITEM; tag: TIdC_INT; aclass: TIdC_INT): TIdC_INT;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_async.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_async.pas
new file mode 100644
index 000000000..1506ddbd2
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_async.pas
@@ -0,0 +1,88 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+unit IdOpenSSLHeaders_async;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// async.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+const
+  ASYNC_ERR = 0;
+  ASYNC_NO_JOBS = 0;
+  ASYNC_PAUSE = 2;
+  ASYNC_FINISH = 3;
+
+type
+  async_job_st = type Pointer;
+  ASYNC_JOB = async_job_st;
+  PASYNC_JOB = ^ASYNC_JOB;
+  PPASYNC_JOB = ^PASYNC_JOB;
+  
+  async_wait_ctx_st = type Pointer;
+  ASYNC_WAIT_CTX = async_wait_ctx_st;
+  PASYNC_WAIT_CTX = ^ASYNC_WAIT_CTX;
+  
+  OSSL_ASYNC_FD = type TIdC_INT;
+  POSSL_ASYNC_FD = ^OSSL_ASYNC_FD;
+
+  ASYNC_WAIT_CTX_set_wait_fd_cleanup = procedure(v1: PASYNC_WAIT_CTX;
+    const v2: Pointer; v3: OSSL_ASYNC_FD; v4: Pointer);
+  ASYNC_start_job_cb = function(v1: Pointer): TIdC_INT;
+
+var
+  function ASYNC_init_thread(max_size: TIdC_SIZET; init_size: TIdC_SIZET): TIdC_INT;
+  procedure ASYNC_cleanup_thread;
+
+  function ASYNC_WAIT_CTX_new: PASYNC_WAIT_CTX;
+  procedure ASYNC_WAIT_CTX_free(ctx: PASYNC_WAIT_CTX);
+  function ASYNC_WAIT_CTX_set_wait_fd(ctx: PASYNC_WAIT_CTX; const key: Pointer; fd: OSSL_ASYNC_FD; custom_data: Pointer; cleanup_cb: ASYNC_WAIT_CTX_set_wait_fd_cleanup): TIdC_INT;
+  function ASYNC_WAIT_CTX_get_fd(ctx: PASYNC_WAIT_CTX; const key: Pointer; fd: POSSL_ASYNC_FD; custom_data: PPointer): TIdC_INT;
+  function ASYNC_WAIT_CTX_get_all_fds(ctx: PASYNC_WAIT_CTX; fd: POSSL_ASYNC_FD; numfds: PIdC_SIZET): TIdC_INT;
+  function ASYNC_WAIT_CTX_get_changed_fds(ctx: PASYNC_WAIT_CTX; addfd: POSSL_ASYNC_FD; numaddfds: PIdC_SIZET; delfd: POSSL_ASYNC_FD; numdelfds: PIdC_SIZET): TIdC_INT;
+  function ASYNC_WAIT_CTX_clear_fd(ctx: PASYNC_WAIT_CTX; const key: Pointer): TIdC_INT;
+
+  function ASYNC_is_capable: TIdC_INT;
+
+  function ASYNC_start_job(job: PPASYNC_JOB; ctx: PASYNC_WAIT_CTX; ret: PIdC_INT; func: ASYNC_start_job_cb; args: Pointer; size: TIdC_SIZET): TIdC_INT;
+  function ASYNC_pause_job: TIdC_INT;
+
+  function ASYNC_get_current_job: PASYNC_JOB;
+  function ASYNC_get_wait_ctx(job: PASYNC_JOB): PASYNC_WAIT_CTX;
+  procedure ASYNC_block_pause;
+  procedure ASYNC_unblock_pause;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_asyncerr.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_asyncerr.pas
new file mode 100644
index 000000000..cf9182238
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_asyncerr.pas
@@ -0,0 +1,66 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+unit IdOpenSSLHeaders_asyncerr;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// asyncerr.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+const
+  //
+  // ASYNC function codes.
+  //
+  ASYNC_F_ASYNC_CTX_NEW                            = 100;
+  ASYNC_F_ASYNC_INIT_THREAD                        = 101;
+  ASYNC_F_ASYNC_JOB_NEW                            = 102;
+  ASYNC_F_ASYNC_PAUSE_JOB                          = 103;
+  ASYNC_F_ASYNC_START_FUNC                         = 104;
+  ASYNC_F_ASYNC_START_JOB                          = 105;
+  ASYNC_F_ASYNC_WAIT_CTX_SET_WAIT_FD               = 106;
+
+  //
+  // ASYNC reason codes.
+  //
+  ASYNC_R_FAILED_TO_SET_POOL                       = 101;
+  ASYNC_R_FAILED_TO_SWAP_CONTEXT                   = 102;
+  ASYNC_R_INIT_FAILED                              = 105;
+  ASYNC_R_INVALID_POOL_SIZE                        = 103;
+
+var
+  function ERR_load_ASYNC_strings: TIdC_INT;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_bio.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_bio.pas
new file mode 100644
index 000000000..1ab63fdef
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_bio.pas
@@ -0,0 +1,827 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+unit IdOpenSSLHeaders_bio;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// bio.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts,
+  IdOpenSSlHeaders_ossl_typ;
+
+{$MINENUMSIZE 4}
+
+const
+  (* There are the classes of BIOs *)
+  {$REGION 'BIO_TYPE_*'}
+  BIO_TYPE_DESCRIPTOR = $0100;
+  BIO_TYPE_FILTER = $0200;
+  BIO_TYPE_SOURCE_SINK = $0400;
+  {$ENDREGION}
+
+  (* These are the 'types' of BIOs *)
+  {$REGION 'BIO_TYPE_*'}
+  BIO_TYPE_NONE = 0;
+  BIO_TYPE_MEM =  1 or BIO_TYPE_SOURCE_SINK;
+  BIO_TYPE_FILE =  2 or BIO_TYPE_SOURCE_SINK;
+
+  BIO_TYPE_FD          =  4 or BIO_TYPE_SOURCE_SINK or BIO_TYPE_DESCRIPTOR;
+  BIO_TYPE_SOCKET      =  5 or BIO_TYPE_SOURCE_SINK or BIO_TYPE_DESCRIPTOR;
+  BIO_TYPE_NULL        =  6 or BIO_TYPE_SOURCE_SINK;
+  BIO_TYPE_SSL         =  7 or BIO_TYPE_FILTER;
+  BIO_TYPE_MD          =  8 or BIO_TYPE_FILTER;
+  BIO_TYPE_BUFFER      =  9 or BIO_TYPE_FILTER;
+  BIO_TYPE_CIPHER      = 10 or BIO_TYPE_FILTER;
+  BIO_TYPE_BASE64      = 11 or BIO_TYPE_FILTER;
+  BIO_TYPE_CONNECT     = 12 or BIO_TYPE_SOURCE_SINK or BIO_TYPE_DESCRIPTOR;
+  BIO_TYPE_ACCEPT      = 13 or BIO_TYPE_SOURCE_SINK or BIO_TYPE_DESCRIPTOR;
+
+  BIO_TYPE_NBIO_TEST   = 16 or BIO_TYPE_FILTER;
+  BIO_TYPE_NULL_FILTER = 17 or BIO_TYPE_FILTER;
+  BIO_TYPE_BIO         = 19 or BIO_TYPE_SOURCE_SINK;
+  BIO_TYPE_LINEBUFFER  = 20 or BIO_TYPE_FILTER;
+  BIO_TYPE_DGRAM       = 21 or BIO_TYPE_SOURCE_SINK or BIO_TYPE_DESCRIPTOR;
+  BIO_TYPE_ASN1        = 22 or BIO_TYPE_FILTER;
+  BIO_TYPE_COMP        = 23 or BIO_TYPE_FILTER;
+  BIO_TYPE_DGRAM_SCTP  = 24 or BIO_TYPE_SOURCE_SINK or BIO_TYPE_DESCRIPTOR;
+  {$ENDREGION}
+
+  BIO_TYPE_START = 128;
+
+  (*
+   * BIO_FILENAME_READ|BIO_CLOSE to open or close on free.
+   * BIO_set_fp(in,stdin,BIO_NOCLOSE);
+   *)
+  {$REGION}
+  BIO_NOCLOSE = $00;
+  BIO_CLOSE   = $01;
+  {$ENDREGION}
+
+  (*
+   * These are used in the following macros and are passed to BIO_ctrl()
+   *)
+  {$REGION 'BIO_CTRL_*'}
+  BIO_CTRL_RESET        = 1;(* opt - rewind/zero etc *)
+  BIO_CTRL_EOF          = 2;(* opt - are we at the eof *)
+  BIO_CTRL_INFO         = 3;(* opt - extra tit-bits *)
+  BIO_CTRL_SET          = 4;(* man - set the 'IO' type *)
+  BIO_CTRL_GET          = 5;(* man - get the 'IO' type *)
+  BIO_CTRL_PUSH         = 6;(* opt - internal, used to signify change *)
+  BIO_CTRL_POP          = 7;(* opt - internal, used to signify change *)
+  BIO_CTRL_GET_CLOSE    = 8;(* man - set the 'close' on free *)
+  BIO_CTRL_SET_CLOSE    = 9;(* man - set the 'close' on free *)
+  // Added "_const" to prevent naming clashes
+  BIO_CTRL_PENDING_const      = 10;(* opt - is their more data buffered *)
+  BIO_CTRL_FLUSH        = 11;(* opt - 'flush' buffered output *)
+  BIO_CTRL_DUP          = 12;(* man - extra stuff for 'duped' BIO *)
+  // Added "_const" to prevent naming clashes
+  BIO_CTRL_WPENDING_const     = 13;(* opt - number of bytes still to write *)
+  BIO_CTRL_SET_CALLBACK = 14;(* opt - set callback function *)
+  BIO_CTRL_GET_CALLBACK = 15;(* opt - set callback function *)
+
+  BIO_CTRL_PEEK         = 29;(* BIO_f_buffer special *)
+  BIO_CTRL_SET_FILENAME = 30;(* BIO_s_file special *)
+
+  (* dgram BIO stuff *)
+  BIO_CTRL_DGRAM_CONNECT       = 31;(* BIO dgram special *)
+  BIO_CTRL_DGRAM_SET_CONNECTED = 32;(* allow for an externally connected
+                                           * socket to be passed in *)
+  BIO_CTRL_DGRAM_SET_RECV_TIMEOUT = 33;(* setsockopt, essentially *)
+  BIO_CTRL_DGRAM_GET_RECV_TIMEOUT = 34;(* getsockopt, essentially *)
+  BIO_CTRL_DGRAM_SET_SEND_TIMEOUT = 35;(* setsockopt, essentially *)
+  BIO_CTRL_DGRAM_GET_SEND_TIMEOUT = 36;(* getsockopt, essentially *)
+
+  BIO_CTRL_DGRAM_GET_RECV_TIMER_EXP = 37;(* flag whether the last *)
+  BIO_CTRL_DGRAM_GET_SEND_TIMER_EXP = 38;(* I/O operation tiemd out *)
+
+  BIO_CTRL_DGRAM_MTU_DISCOVER     = 39;(* set DF bit on egress packets *)
+
+  BIO_CTRL_DGRAM_QUERY_MTU        = 40;(* as kernel for current MTU *)
+  BIO_CTRL_DGRAM_GET_FALLBACK_MTU = 47;
+  BIO_CTRL_DGRAM_GET_MTU          = 41;(* get cached value for MTU *)
+  BIO_CTRL_DGRAM_SET_MTU          = 42;(* set cached value for MTU.
+                                                * want to use this if asking
+                                                * the kernel fails *)
+
+  BIO_CTRL_DGRAM_MTU_EXCEEDED     = 43;(* check whether the MTU was
+                                                * exceed in the previous write
+                                                * operation *)
+
+  BIO_CTRL_DGRAM_GET_PEER         = 46;
+  BIO_CTRL_DGRAM_SET_PEER         = 44;(* Destination for the data *)
+
+  BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT = 45;(* Next DTLS handshake timeout
+                                                * to adjust socket timeouts *)
+  BIO_CTRL_DGRAM_SET_DONT_FRAG    = 48;
+
+  BIO_CTRL_DGRAM_GET_MTU_OVERHEAD = 49;
+
+  (* Deliberately outside of OPENSSL_NO_SCTP - used in bss_dgram.c *)
+  BIO_CTRL_DGRAM_SCTP_SET_IN_HANDSHAKE  = 50;
+  (* SCTP stuff *)
+  BIO_CTRL_DGRAM_SCTP_ADD_AUTH_KEY      = 51;
+  BIO_CTRL_DGRAM_SCTP_NEXT_AUTH_KEY     = 52;
+  BIO_CTRL_DGRAM_SCTP_AUTH_CCS_RCVD     = 53;
+  BIO_CTRL_DGRAM_SCTP_GET_SNDINFO       = 60;
+  BIO_CTRL_DGRAM_SCTP_SET_SNDINFO       = 61;
+  BIO_CTRL_DGRAM_SCTP_GET_RCVINFO       = 62;
+  BIO_CTRL_DGRAM_SCTP_SET_RCVINFO       = 63;
+  BIO_CTRL_DGRAM_SCTP_GET_PRINFO        = 64;
+  BIO_CTRL_DGRAM_SCTP_SET_PRINFO        = 65;
+  BIO_CTRL_DGRAM_SCTP_SAVE_SHUTDOWN     = 70;
+
+  BIO_CTRL_DGRAM_SET_PEEK_MODE          = 71;
+  {$ENDREGION}
+
+  (* modifiers *)
+  BIO_FP_READ            = $02;
+  BIO_FP_WRITE           = $04;
+  BIO_FP_APPEND          = $08;
+  BIO_FP_TEXT            = $10;
+
+  {$REGION 'BIO_FLAGS_*}
+  BIO_FLAGS_READ         = $01;
+  BIO_FLAGS_WRITE        = $02;
+  BIO_FLAGS_IO_SPECIAL   = $04;
+  BIO_FLAGS_RWS          = BIO_FLAGS_READ or BIO_FLAGS_WRITE or BIO_FLAGS_IO_SPECIAL;
+  BIO_FLAGS_SHOULD_RETRY = $08;
+
+  BIO_FLAGS_BASE64_NO_NL = $100;
+
+  (*
+   * This is used with memory BIOs:
+   * BIO_FLAGS_MEM_RDONLY means we shouldn't free up or change the data in any way;
+   * BIO_FLAGS_NONCLEAR_RST means we shouldn't clear data on reset.
+   *)
+  BIO_FLAGS_MEM_RDONLY   = $200;
+  BIO_FLAGS_NONCLEAR_RST = $400;
+  {$ENDREGION}
+
+  {$REGION 'BIO_RR_*'}
+  BIO_RR_SSL_X509_LOOKUP = $01;
+  (* Returned from the connect BIO when a connect would have blocked *)
+  BIO_RR_CONNECT         = $02;
+  (* Returned from the accept BIO when an accept would have blocked *)
+  BIO_RR_ACCEPT          = $03;
+  {$ENDREGION}
+
+  (* These are passed by the BIO callback *)
+  {$REGION 'BIO_CB_*'}
+  BIO_CB_FREE  = $01;
+  BIO_CB_READ  = $02;
+  BIO_CB_WRITE = $03;
+  BIO_CB_PUTS  = $04;
+  BIO_CB_GETS  = $05;
+  BIO_CB_CTRL  = $06;
+///*
+// * The callback is called before and after the underling operation, The
+// * BIO_CB_RETURN flag indicates if it is after the call
+// */
+//# define BIO_CB_RETURN   0x80
+//# define BIO_CB_return(a) ((a)|BIO_CB_RETURN)
+//# define BIO_cb_pre(a)   (!((a)&BIO_CB_RETURN))
+//# define BIO_cb_post(a)  ((a)&BIO_CB_RETURN)
+  {$ENDREGION}
+
+  {$REGION 'BIO_C_*'}
+  BIO_C_SET_CONNECT                 = 100;
+  BIO_C_DO_STATE_MACHINE            = 101;
+  BIO_C_SET_NBIO                    = 102;
+  (* BIO_C_SET_PROXY_PARAM            = 103 *)
+  BIO_C_SET_FD                      = 104;
+  BIO_C_GET_FD                      = 105;
+  BIO_C_SET_FILE_PTR                = 106;
+  BIO_C_GET_FILE_PTR                = 107;
+  BIO_C_SET_FILENAME                = 108;
+  BIO_C_SET_SSL                     = 109;
+  BIO_C_GET_SSL                     = 110;
+  BIO_C_SET_MD                      = 111;
+  BIO_C_GET_MD                      = 112;
+  BIO_C_GET_CIPHER_STATUS           = 113;
+  BIO_C_SET_BUF_MEM                 = 114;
+  BIO_C_GET_BUF_MEM_PTR             = 115;
+  BIO_C_GET_BUFF_NUM_LINES          = 116;
+  BIO_C_SET_BUFF_SIZE               = 117;
+  BIO_C_SET_ACCEPT                  = 118;
+  BIO_C_SSL_MODE                    = 119;
+  BIO_C_GET_MD_CTX                  = 120;
+  (* BIO_C_GET_PROXY_PARAM             = 121 *)
+  BIO_C_SET_BUFF_READ_DATA          = 122;(* data to read first *)
+  BIO_C_GET_CONNECT                 = 123;
+  BIO_C_GET_ACCEPT                  = 124;
+  BIO_C_SET_SSL_RENEGOTIATE_BYTES   = 125;
+  BIO_C_GET_SSL_NUM_RENEGOTIATES    = 126;
+  BIO_C_SET_SSL_RENEGOTIATE_TIMEOUT = 127;
+  BIO_C_FILE_SEEK                   = 128;
+  BIO_C_GET_CIPHER_CTX              = 129;
+  BIO_C_SET_BUF_MEM_EOF_RETURN      = 130;(* return end of input
+                                                       * value *)
+  BIO_C_SET_BIND_MODE               = 131;
+  BIO_C_GET_BIND_MODE               = 132;
+  BIO_C_FILE_TELL                   = 133;
+  BIO_C_GET_SOCKS                   = 134;
+  BIO_C_SET_SOCKS                   = 135;
+
+  BIO_C_SET_WRITE_BUF_SIZE          = 136;(* for BIO_s_bio *)
+  BIO_C_GET_WRITE_BUF_SIZE          = 137;
+  BIO_C_MAKE_BIO_PAIR               = 138;
+  BIO_C_DESTROY_BIO_PAIR            = 139;
+  BIO_C_GET_WRITE_GUARANTEE         = 140;
+  BIO_C_GET_READ_REQUEST            = 141;
+  BIO_C_SHUTDOWN_WR                 = 142;
+  BIO_C_NREAD0                      = 143;
+  BIO_C_NREAD                       = 144;
+  BIO_C_NWRITE0                     = 145;
+  BIO_C_NWRITE                      = 146;
+  BIO_C_RESET_READ_REQUEST          = 147;
+  BIO_C_SET_MD_CTX                  = 148;
+
+  BIO_C_SET_PREFIX                  = 149;
+  BIO_C_GET_PREFIX                  = 150;
+  BIO_C_SET_SUFFIX                  = 151;
+  BIO_C_GET_SUFFIX                  = 152;
+
+  BIO_C_SET_EX_ARG                  = 153;
+  BIO_C_GET_EX_ARG                  = 154;
+
+  BIO_C_SET_CONNECT_MODE            = 155;
+  {$ENDREGION}
+
+  {$REGION 'BIO_SOCK_*'}
+  BIO_SOCK_REUSEADDR = $01;
+  BIO_SOCK_V6_ONLY   = $02;
+  BIO_SOCK_KEEPALIVE = $04;
+  BIO_SOCK_NONBLOCK  = $08;
+  BIO_SOCK_NODELAY   = $10;
+  {$ENDREGION}
+
+type
+  BIO_ADDR = Pointer; // bio_addr_st
+  PBIO_ADDR = ^BIO_ADDR;
+  BIO_ADDRINFO = Pointer; // bio_addrinfo_st
+  PBIO_ADDRINFO = ^BIO_ADDRINFO;
+  PPBIO_ADDRINFO = ^PBIO_ADDRINFO;
+  BIO_callback_fn = function(b: PBIO; oper: TIdC_INT; const argp: PIdAnsiChar; 
+    argi: TIdC_INT; argl: TIdC_LONG; ret: TIdC_LONG): TIdC_LONG;
+  BIO_callback_fn_ex = function(b: PBIO; oper: TIdC_INT; const argp: PIdAnsiChar; len: TIdC_SIZET; argi: TIdC_INT; argl: TIdC_LONG; ret: TIdC_INT; processed: PIdC_SIZET): TIdC_LONG;
+  BIO_METHOD = Pointer; // bio_method_st
+  PBIO_METHOD = ^BIO_METHOD;
+  BIO_info_cb = function(v1: PBIO; v2: TIdC_INT; v3: TIdC_INT): TIdC_INT;
+  PBIO_info_cb = ^BIO_info_cb;
+  asn1_ps_func = function(b: PBIO; pbuf: PPIdAnsiChar; plen: PIdC_INT; parg: Pointer): TIdC_INT;
+
+  bio_dgram_sctp_sndinfo = record
+    snd_sid: TIdC_UINT16;
+    snd_flags: TIdC_UINT16;
+    snd_ppid: TIdC_UINT32;
+    snd_context: TIdC_UINT32;
+  end;
+
+  bio_dgram_sctp_rcvinfo = record
+    rcv_sid: TIdC_UINT16;
+    rcv_ssn: TIdC_UINT16;
+    rcv_flags: TIdC_UINT16;
+    rcv_ppid: TIdC_UINT32;
+    rcv_tsn: TIdC_UINT32;
+    rcv_cumtsn: TIdC_UINT32;
+    rcv_context: TIdC_UINT32;
+  end;
+
+  bio_dgram_sctp_prinfo = record
+    pr_policy: TIdC_UINT16;
+    pr_value: TIdC_UINT32;
+  end;
+
+  BIO_hostserv_priorities = (BIO_PARSE_PRIO_HOST, BIO_PARSE_PRIO_SERV);
+
+  BIO_lookup_type = (BIO_LOOKUP_CLIENT, BIO_LOOKUP_SERVER);
+
+  BIO_sock_info_u = record
+    addr: PBIO_ADDR;
+  end;
+  PBIO_sock_info_u = ^BIO_sock_info_u;
+
+  BIO_sock_info_type = (BIO_SOCK_INFO_ADDRESS);
+
+function BIO_get_flags(const b: PBIO): TIdC_INT;
+procedure BIO_set_retry_special(b: PBIO);
+procedure BIO_set_retry_read(b: PBIO);
+procedure BIO_set_retry_write(b: PBIO);
+
+(* These are normally used internally in BIOs *)
+procedure BIO_clear_retry_flags(b: PBIO);
+function BIO_get_retry_flags(b: PBIO): TIdC_INT;
+
+(* These should be used by the application to tell why we should retry *)
+function BIO_should_read(b: PBIO): TIdC_INT;
+function BIO_should_write(b: PBIO): TIdC_INT;
+function BIO_should_io_special(b: PBIO): TIdC_INT;
+function BIO_retry_type(b: PBIO): TIdC_INT;
+function BIO_should_retry(b: PBIO): TIdC_INT;
+
+(* BIO_s_accept() and BIO_s_connect() *)
+function BIO_do_connect(b: PBIO): TIdC_LONG;
+function BIO_do_accept(b: PBIO): TIdC_LONG;
+function BIO_do_handshake(b: PBIO): TIdC_LONG;
+
+var
+  function BIO_get_new_index: TIdC_INT;
+  procedure BIO_set_flags(b: PBIO; flags: TIdC_INT);
+  function BIO_test_flags(const b: PBIO; flags: TIdC_INT): TIdC_INT;
+  procedure BIO_clear_flags(b: PBIO; flags: TIdC_INT);
+
+  function BIO_get_callback(b: PBIO): BIO_callback_fn;
+  procedure BIO_set_callback(b: PBIO; callback: BIO_callback_fn);
+
+  function BIO_get_callback_ex(b: PBIO): BIO_callback_fn_ex;
+  procedure BIO_set_callback_ex(b: PBIO; callback: BIO_callback_fn_ex);
+
+  function BIO_get_callback_arg(const b: PBIO): PIdAnsiChar;
+  procedure BIO_set_callback_arg(var b: PBIO; arg: PIdAnsiChar);
+
+  function BIO_method_name(const b: PBIO): PIdAnsiChar;
+  function BIO_method_type(const b: PBIO): TIdC_INT;
+
+//  {$HPPEMIT '# define BIO_set_app_data(s,arg)         BIO_set_ex_data(s,0,arg)'}
+//  {$HPPEMIT '# define BIO_get_app_data(s)             BIO_get_ex_data(s,0)'}
+//
+//  {$HPPEMIT '# define BIO_set_nbio(b,n)             BIO_ctrl(b,BIO_C_SET_NBIO,(n),NULL)'}
+//
+//  {$HPPEMIT '# ifndef OPENSSL_NO_SOCK'}
+//  (* IP families we support, for BIO_s_connect() and BIO_s_accept() *)
+//  (* Note: the underlying operating system may not support some of them *)
+//  {$HPPEMIT '#  define BIO_FAMILY_IPV4                         4'}
+//  {$HPPEMIT '#  define BIO_FAMILY_IPV6                         6'}
+//  {$HPPEMIT '#  define BIO_FAMILY_IPANY                        256'}
+//
+//  (* BIO_s_connect() *)
+//  {$HPPEMIT '#  define BIO_set_conn_hostname(b,name) BIO_ctrl(b,BIO_C_SET_CONNECT,0,'}
+//                                                   (char (name))
+//  {$HPPEMIT '#  define BIO_set_conn_port(b,port)     BIO_ctrl(b,BIO_C_SET_CONNECT,1,'}
+//                                                   (char (port))
+//  {$HPPEMIT '#  define BIO_set_conn_address(b,addr)  BIO_ctrl(b,BIO_C_SET_CONNECT,2,'}
+//                                                   (char (addr))
+//  {$HPPEMIT '#  define BIO_set_conn_ip_family(b,f)   BIO_int_ctrl(b,BIO_C_SET_CONNECT,3,f)'}
+//  {$HPPEMIT '#  define BIO_get_conn_hostname(b)      (( char )BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,0))'}
+//  {$HPPEMIT '#  define BIO_get_conn_port(b)          (( char )BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,1))'}
+//  {$HPPEMIT '#  define BIO_get_conn_address(b)       (( PBIO_ADDR )BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,2))'}
+//  {$HPPEMIT '#  define BIO_get_conn_ip_family(b)     BIO_ctrl(b,BIO_C_GET_CONNECT,3,NULL)'}
+//  {$HPPEMIT '#  define BIO_set_conn_mode(b,n)        BIO_ctrl(b,BIO_C_SET_CONNECT_MODE,(n),NULL)'}
+//
+//  (* BIO_s_accept() *)
+//  {$HPPEMIT '#  define BIO_set_accept_name(b,name)   BIO_ctrl(b,BIO_C_SET_ACCEPT,0,'}
+//  {$EXTERNALSYM PBIO}
+//                                                   (char (name))
+//  {$HPPEMIT '#  define BIO_set_accept_port(b,port)   BIO_ctrl(b,BIO_C_SET_ACCEPT,1,'}
+//                                                   (char (port))
+//  {$HPPEMIT '#  define BIO_get_accept_name(b)        (( char )BIO_ptr_ctrl(b,BIO_C_GET_ACCEPT,0))'}
+//  {$HPPEMIT '#  define BIO_get_accept_port(b)        (( char )BIO_ptr_ctrl(b,BIO_C_GET_ACCEPT,1))'}
+//  {$HPPEMIT '#  define BIO_get_peer_name(b)          (( char )BIO_ptr_ctrl(b,BIO_C_GET_ACCEPT,2))'}
+//  {$HPPEMIT '#  define BIO_get_peer_port(b)          (( char )BIO_ptr_ctrl(b,BIO_C_GET_ACCEPT,3))'}
+//  (* #define BIO_set_nbio(b,n)    BIO_ctrl(b,BIO_C_SET_NBIO,(n),NULL) *)
+//  {$HPPEMIT '#  define BIO_set_nbio_accept(b,n)      #  define BIO_set_nbio_accept(b,n)      BIO_ctrl(b,BIO_C_SET_ACCEPT,2,(n)?(procedure )'a':NULL)  BIO_ctrl(b,BIO_C_SET_ACCEPT,3,'}
+//                                                   (char (bio))
+//  {$HPPEMIT '#  define BIO_set_accept_ip_family(b,f) BIO_int_ctrl(b,BIO_C_SET_ACCEPT,4,f)'}
+//  {$HPPEMIT '#  define BIO_get_accept_ip_family(b)   BIO_ctrl(b,BIO_C_GET_ACCEPT,4,NULL)'}
+//
+//  (* Aliases kept for backward compatibility *)
+//  {$HPPEMIT '#  define BIO_BIND_NORMAL                 0'}
+//  {$HPPEMIT '#  define BIO_BIND_REUSEADDR              BIO_SOCK_REUSEADDR'}
+//  {$HPPEMIT '#  define BIO_BIND_REUSEADDR_IF_UNUSED    BIO_SOCK_REUSEADDR'}
+//  {$HPPEMIT '#  define BIO_set_bind_mode(b,mode) BIO_ctrl(b,BIO_C_SET_BIND_MODE,mode,NULL)'}
+//  {$HPPEMIT '#  define BIO_get_bind_mode(b)    BIO_ctrl(b,BIO_C_GET_BIND_MODE,0,NULL)'}
+//
+//  (* BIO_s_accept() and BIO_s_connect() *)
+//  {$HPPEMIT '#  define BIO_do_connect(b)       BIO_do_handshake(b)'}
+//  {$HPPEMIT '#  define BIO_do_accept(b)        BIO_do_handshake(b)'}
+//  {$HPPEMIT '# endif'}	(* OPENSSL_NO_SOCK *)
+//
+//  {$HPPEMIT '# define BIO_do_handshake(b)     BIO_ctrl(b,BIO_C_DO_STATE_MACHINE,0,NULL)'}
+//
+//  (* BIO_s_datagram(), BIO_s_fd(), BIO_s_socket(), BIO_s_accept() and BIO_s_connect() *)
+//  {$HPPEMIT '# define BIO_set_fd(b,fd,c)      BIO_int_ctrl(b,BIO_C_SET_FD,c,fd)'}
+//  {$HPPEMIT '# define BIO_get_fd(b,c)         BIO_ctrl(b,BIO_C_GET_FD,0,(char (c))'}
+//
+//  (* BIO_s_file() *)
+//  {$HPPEMIT '# define BIO_set_fp(b,fp,c)      BIO_ctrl(b,BIO_C_SET_FILE_PTR,c,(char (fp))'}
+//  {$HPPEMIT '# define BIO_get_fp(b,fpp)       BIO_ctrl(b,BIO_C_GET_FILE_PTR,0,(char (fpp))'}
+//
+//  (* BIO_s_fd() and BIO_s_file() *)
+//  {$HPPEMIT '# define BIO_seek(b,ofs(int)BIO_ctrl(b,BIO_C_FILE_SEEK,ofs,NULL)'}
+//  {$HPPEMIT '# define BIO_tell(b)     (int)BIO_ctrl(b,BIO_C_FILE_TELL,0,NULL)'}
+//
+//  (*
+//   * name is cast to lose , but might be better to route through a
+//   * cFunction so we can do it safely
+//   *)
+//  {$HPPEMIT '# ifdef CONST_STRICT'}
+//  (*
+//   * If you are wondering why this isn't defined, its because CONST_STRICT is
+//   * purely a compile-time kludge to allow  to be checked.
+//   *)
+////  function BIO_read_filename(b: PBIO; const name: PIdAnsiChar): TIdC_INT;
+//  {$HPPEMIT '# define BIO_write_filename(b,name(int)BIO_ctrl(b,BIO_C_SET_FILENAME,'}
+//                  BIO_CLOSE or BIO_FP_WRITE,name)
+//  {$HPPEMIT '# define BIO_append_filename(b,name(int)BIO_ctrl(b,BIO_C_SET_FILENAME,'}
+//                  BIO_CLOSE or BIO_FP_APPEND,name)
+//  {$HPPEMIT '# define BIO_rw_filename(b,name(int)BIO_ctrl(b,BIO_C_SET_FILENAME,'}
+//                  BIO_CLOSE or BIO_FP_READ or BIO_FP_WRITE,name)
+//
+//  (*
+//   * WARNING WARNING, this ups the reference count on the read bio of the SSL
+//   * structure.  This is because the ssl read PBIO is now pointed to by the
+//   * next_bio field in the bio.  So when you free the PBIO, make sure you are
+//   * doing a BIO_free_all() to catch the underlying PBIO.
+//   *)
+//  {$HPPEMIT '# define BIO_set_ssl(b,ssl,c)    BIO_ctrl(b,BIO_C_SET_SSL,c,(char (ssl))'}
+//  {$HPPEMIT '# define BIO_get_ssl(b,sslp)     BIO_ctrl(b,BIO_C_GET_SSL,0,(char (sslp))'}
+//  {$HPPEMIT '# define BIO_set_ssl_mode(b,client)      BIO_ctrl(b,BIO_C_SSL_MODE,client,NULL)'}
+//  {$HPPEMIT '# define BIO_set_ssl_renegotiate_bytes(b,num)'}
+//          BIO_ctrl(b,BIO_C_SET_SSL_RENEGOTIATE_BYTES,num,0)
+//  {$HPPEMIT '# define BIO_get_num_renegotiates(b)'}
+//          BIO_ctrl(b,BIO_C_GET_SSL_NUM_RENEGOTIATES,0,0)
+//  {$HPPEMIT '# define BIO_set_ssl_renegotiate_timeout(b,seconds)'}
+//          BIO_ctrl(b,BIO_C_SET_SSL_RENEGOTIATE_TIMEOUT,seconds,0)
+//
+//  (* defined in evp.h *)
+//  (* #define BIO_set_md(b,md)     BIO_ctrl(b,BIO_C_SET_MD,1,(char )(md)) *)
+//
+//  {$HPPEMIT '# define BIO_get_mem_data(b,pp)  BIO_ctrl(b,BIO_CTRL_INFO,0,(char (pp))'}
+//  {$HPPEMIT '# define BIO_set_mem_buf(b,bm,c) BIO_ctrl(b,BIO_C_SET_BUF_MEM,c,(char (bm))'}
+//  {$HPPEMIT '# define BIO_get_mem_ptr(b,pp)   BIO_ctrl(b,BIO_C_GET_BUF_MEM_PTR,0,'}
+//                                            (char (pp))
+//  {$HPPEMIT '# define BIO_set_mem_eof_return(b,v)'}
+//                                  BIO_ctrl(b,BIO_C_SET_BUF_MEM_EOF_RETURN,v,0)
+//
+//  (* For the BIO_f_buffer() type *)
+//  {$HPPEMIT '# define BIO_get_buffer_num_lines(b)     BIO_ctrl(b,BIO_C_GET_BUFF_NUM_LINES,0,NULL)'}
+//  {$HPPEMIT '# define BIO_set_buffer_size(b,size)     BIO_ctrl(b,BIO_C_SET_BUFF_SIZE,size,NULL)'}
+//  {$HPPEMIT '# define BIO_set_read_buffer_size(b,size) BIO_int_ctrl(b,BIO_C_SET_BUFF_SIZE,size,0)'}
+//  {$HPPEMIT '# define BIO_set_write_buffer_size(b,size) BIO_int_ctrl(b,BIO_C_SET_BUFF_SIZE,size,1)'}
+//  {$HPPEMIT '# define BIO_set_buffer_read_data(b,buf,num) BIO_ctrl(b,BIO_C_SET_BUFF_READ_DATA,num,buf)'}
+//
+//  (* Don't use the next one unless you know what you are doing :-) */
+//  {$HPPEMIT '# define BIO_dup_state(b,ret)    BIO_ctrl(b,BIO_CTRL_DUP,0,(char (ret))'}
+//
+//  {$HPPEMIT '# define BIO_reset(b)            (int)BIO_ctrl(b,BIO_CTRL_RESET,0,NULL)'}
+//  {$HPPEMIT '# define BIO_eof(b)              (int)BIO_ctrl(b,BIO_CTRL_EOF,0,NULL)'}
+//  {$HPPEMIT '# define BIO_set_close(b,c)      (int)BIO_ctrl(b,BIO_CTRL_SET_CLOSE,(c),NULL)'}
+//  {$HPPEMIT '# define BIO_get_close(b)        (int)BIO_ctrl(b,BIO_CTRL_GET_CLOSE,0,NULL)'}
+//  {$HPPEMIT '# define BIO_pending(b)          (int)BIO_ctrl(b,BIO_CTRL_PENDING,0,NULL)'}
+//  {$HPPEMIT '# define BIO_wpending(b)         (int)BIO_ctrl(b,BIO_CTRL_WPENDING,0,NULL)'}
+  (* ...pending macros have inappropriate return type *)
+  function BIO_ctrl_pending(b: PBIO): TIdC_SIZET;
+  function BIO_ctrl_wpending(b: PBIO): TIdC_SIZET;
+//  {$HPPEMIT '# define BIO_flush(b)            (int)BIO_ctrl(b,BIO_CTRL_FLUSH,0,NULL)'}
+//  {$HPPEMIT '# define BIO_get_info_callback(b,cbp(int)BIO_ctrl(b,BIO_CTRL_GET_CALLBACK,0,'}
+//                                                     cbp)
+//  {$HPPEMIT '# define BIO_set_info_callback(b,cb(int)BIO_callback_ctrl(b,BIO_CTRL_SET_CALLBACK,cb)'}
+//
+//  (* For the BIO_f_buffer() type *)
+//  {$HPPEMIT '# define BIO_buffer_get_num_lines(b) BIO_ctrl(b,BIO_CTRL_GET,0,NULL)'}
+//  {$HPPEMIT '# define BIO_buffer_peek(b,s,l) BIO_ctrl(b,BIO_CTRL_PEEK,(l),(s))'}
+//
+//  (* For BIO_s_bio() *)
+//  {$HPPEMIT '# define BIO_set_write_buf_size(b,size(int)BIO_ctrl(b,BIO_C_SET_WRITE_BUF_SIZE,size,NULL)'}
+//  {$HPPEMIT '# define BIO_get_write_buf_size(b,size(TIdC_SIZET)BIO_ctrl(b,BIO_C_GET_WRITE_BUF_SIZE,size,NULL)'}
+//  {$HPPEMIT '# define BIO_make_bio_pair(b1,b2)   (int)BIO_ctrl(b1,BIO_C_MAKE_BIO_PAIR,0,b2)'}
+//  {$HPPEMIT '# define BIO_destroy_bio_pair(b)    (int)BIO_ctrl(b,BIO_C_DESTROY_BIO_PAIR,0,NULL)'}
+//  {$HPPEMIT '# define BIO_shutdown_wr(b(int)BIO_ctrl(b, BIO_C_SHUTDOWN_WR, 0, NULL)'}
+//  (* macros with inappropriate type -- but ...pending macros use int too: *)
+//  {$HPPEMIT '# define BIO_get_write_guarantee(b(int)BIO_ctrl(b,BIO_C_GET_WRITE_GUARANTEE,0,NULL)'}
+//  {$HPPEMIT '# define BIO_get_read_request(b)    (int)BIO_ctrl(b,BIO_C_GET_READ_REQUEST,0,NULL)'}
+  function BIO_ctrl_get_write_guarantee(b: PBIO): TIdC_SIZET;
+  function BIO_ctrl_get_read_request(b: PBIO): TIdC_SIZET;
+  function BIO_ctrl_reset_read_request(b: PBIO): TIdC_INT;
+
+  (* ctrl macros for dgram *)
+//  {$HPPEMIT '# define BIO_ctrl_dgram_connect(b,peer)'}
+//                       (TIdC_INT)BIO_ctrl(b,BIO_CTRL_DGRAM_CONNECT,0, (char (peer))
+//  {$HPPEMIT '# define BIO_ctrl_set_connected(b,peer)'}
+//           (TIdC_INT)BIO_ctrl(b, BIO_CTRL_DGRAM_SET_CONNECTED, 0, (char (peer))
+//  {$HPPEMIT '# define BIO_dgram_recv_timedout(b)'}
+//           (TIdC_INT)BIO_ctrl(b, BIO_CTRL_DGRAM_GET_RECV_TIMER_EXP, 0, 0)
+//  {$HPPEMIT '# define BIO_dgram_send_timedout(b)'}
+//           (TIdC_INT)BIO_ctrl(b, BIO_CTRL_DGRAM_GET_SEND_TIMER_EXP, 0, 0)
+//  {$HPPEMIT '# define BIO_dgram_get_peer(b,peer)'}
+//           (TIdC_INT)BIO_ctrl(b, BIO_CTRL_DGRAM_GET_PEER, 0, (char (peer))
+//  {$HPPEMIT '# define BIO_dgram_set_peer(b,peer)'}
+//           (TIdC_INT)BIO_ctrl(b, BIO_CTRL_DGRAM_SET_PEER, 0, (char (peer))
+//  {$HPPEMIT '# define BIO_dgram_get_mtu_overhead(b)'}
+//           (Cardinal)BIO_ctrl((b), BIO_CTRL_DGRAM_GET_MTU_OVERHEAD, 0, 0)
+
+//#define BIO_get_ex_new_index(l, p, newf, dupf, freef) \
+//    CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_BIO, l, p, newf, dupf, freef)
+
+  function BIO_set_ex_data(bio: PBIO; idx: TIdC_INT; data: Pointer): TIdC_INT;
+  function BIO_get_ex_data(bio: PBIO; idx: TIdC_INT): Pointer;
+  function BIO_number_read(bio: PBIO): TIdC_UINT64;
+  function BIO_number_written(bio: PBIO): TIdC_UINT64;
+
+  (* For BIO_f_asn1() *)
+//  function BIO_asn1_set_prefix(b: PBIO; prefix: ^asn1_ps_func; prefix_free: ^asn1_ps_func): TIdC_INT;
+//  function BIO_asn1_get_prefix(b: PBIO; pprefix: ^^asn1_ps_func; pprefix_free: ^^asn1_ps_func): TIdC_INT;
+//  function BIO_asn1_set_suffix(b: PBIO; suffix: ^asn1_ps_func; suffix_free: ^asn1_ps_func): TIdC_INT;
+//  function BIO_asn1_get_suffix(b: PBIO; psuffix: ^asn1_ps_func; psuffix_free: ^^asn1_ps_func): TIdC_INT;
+
+  function BIO_s_file: PBIO_METHOD;
+  function BIO_new_file(const filename: PIdAnsiChar; const mode: PIdAnsiChar): PBIO;
+//  function BIO_new_fp(stream: cFile; close_flag: TIdC_INT): PBIO;
+  function BIO_new(const cType: PBIO_METHOD): PBIO;
+  function BIO_free(a: PBIO): TIdC_INT;
+  procedure BIO_set_data(a: PBIO; ptr: Pointer);
+  function BIO_get_data(a: PBIO): Pointer;
+  procedure BIO_set_init(a: PBIO; init: TIdC_INT);
+  function BIO_get_init(a: PBIO): TIdC_INT;
+  procedure BIO_set_shutdown(a: PBIO; shut: TIdC_INT);
+  function BIO_get_shutdown(a: PBIO): TIdC_INT;
+  procedure BIO_vfree(a: PBIO);
+  function BIO_up_ref(a: PBIO): TIdC_INT;
+  function BIO_read(b: PBIO; data: Pointer; dlen: TIdC_INT): TIdC_INT;
+  function BIO_read_ex(b: PBIO; data: Pointer; dlen: TIdC_SIZET; readbytes: PIdC_SIZET): TIdC_INT;
+  function BIO_gets( bp: PBIO; buf: PIdAnsiChar; size: TIdC_INT): TIdC_INT;
+  function BIO_write(b: PBIO; const data: Pointer; dlen: TIdC_INT): TIdC_INT;
+  function BIO_write_ex(b: PBIO; const data: Pointer; dlen: TIdC_SIZET; written: PIdC_SIZET): TIdC_INT;
+  function BIO_puts(bp: PBIO; const buf: PIdAnsiChar): TIdC_INT;
+  function BIO_indent(b: PBIO; indent: TIdC_INT; max: TIdC_INT): TIdC_INT;
+  function BIO_ctrl(bp: PBIO; cmd: TIdC_INT; larg: TIdC_LONG; parg: Pointer): TIdC_LONG;
+  function BIO_callback_ctrl(b: PBIO; cmd: TIdC_INT; fp: PBIO_info_cb): TIdC_LONG;
+  function BIO_ptr_ctrl(bp: PBIO; cmd: TIdC_INT; larg: TIdC_LONG): Pointer;
+  function BIO_int_ctrl(bp: PBIO; cmd: TIdC_INT; larg: TIdC_LONG; iarg: TIdC_INT): TIdC_LONG;
+  function BIO_push(b: PBIO; append: PBIO): PBIO;
+  function BIO_pop(b: PBIO): PBIO;
+  procedure BIO_free_all(a: PBIO);
+  function BIO_find_type(b: PBIO; bio_type: TIdC_INT): PBIO;
+  function BIO_next(b: PBIO): PBIO;
+  procedure BIO_set_next(b: PBIO; next: PBIO);
+  function BIO_get_retry_BIO(bio: PBIO; reason: TIdC_INT): PBIO;
+  function BIO_get_retry_reason(bio: PBIO): TIdC_INT;
+  procedure BIO_set_retry_reason(bio: PBIO; reason: TIdC_INT);
+  function BIO_dup_chain(&in: PBIO): PBIO;
+
+  function BIO_nread0(bio: PBIO; buf: PPIdAnsiChar): TIdC_INT;
+  function BIO_nread(bio: PBIO; buf: PPIdAnsiChar; num: TIdC_INT): TIdC_INT;
+  function BIO_nwrite0(bio: PBIO; buf: PPIdAnsiChar): TIdC_INT;
+  function BIO_nwrite(bio: PBIO; buf: PPIdAnsiChar; num: TIdC_INT): TIdC_INT;
+
+  function BIO_debug_callback(bio: PBIO; cmd: TIdC_INT; const argp: PIdAnsiChar; argi: TIdC_INT; argl: TIdC_LONG; ret: TIdC_LONG): TIdC_LONG;
+
+  function BIO_s_mem: BIO_METHOD;
+  function BIO_s_secmem: BIO_METHOD;
+  function BIO_new_mem_buf(const buf: Pointer; len: TIdC_INT): PBIO;
+
+  function BIO_s_socket: BIO_METHOD;
+  function BIO_s_connect: BIO_METHOD;
+  function BIO_s_accept: BIO_METHOD;
+
+  function BIO_s_fd: BIO_METHOD;
+  function BIO_s_log: BIO_METHOD;
+  function BIO_s_bio: BIO_METHOD;
+  function BIO_s_null: BIO_METHOD;
+  function BIO_f_null: BIO_METHOD;
+  function BIO_f_buffer: BIO_METHOD;
+  function BIO_f_linebuffer: BIO_METHOD;
+  function BIO_f_nbio_test: BIO_METHOD;
+  function BIO_s_datagram: BIO_METHOD;
+  function BIO_dgram_non_fatal_error(error: TIdC_INT): TIdC_INT;
+  function BIO_new_dgram(fd: TIdC_INT; close_flag: TIdC_INT): PBIO;
+
+  function BIO_s_datagram_sctp: BIO_METHOD;
+  function BIO_new_dgram_sctp(fd: TIdC_INT; close_flag: TIdC_INT): PBIO;
+  function BIO_dgram_is_sctp(bio: PBIO): TIdC_INT;
+//  function BIO_dgram_sctp_notification_cb(bio: PBIO; handle_notifications(PBIO;
+//    context: Pointer;
+//    buf: Pointer): TIdC_INT, Pointer context);
+  function BIO_dgram_sctp_wait_for_dry(b: PBIO): TIdC_INT;
+  function BIO_dgram_sctp_msg_waiting(b: PBIO): TIdC_INT;
+
+  function BIO_sock_should_retry(i: TIdC_INT): TIdC_INT;
+  function BIO_sock_non_fatal_error(error: TIdC_INT): TIdC_INT;
+
+  function BIO_fd_should_retry(i: TIdC_INT): TIdC_INT;
+  function BIO_fd_non_fatal_error(error: TIdC_INT): TIdC_INT;
+//  function BIO_dump_cb(
+//    Pointer data: cb(;
+//    len: TIdC_SIZET;
+//    function: Pointer): u: TIdC_INT, Pointer function ,  PIdAnsiChar s, TIdC_INT len): u;
+//  function BIO_dump_indent_cb(TIdC_INT (cb( Pointer data, TIdC_SIZET len, Pointer function ): u: TIdC_INT, Pointer function ,  PIdAnsiChar s, TIdC_INT len, TIdC_INT indent): u;
+  function BIO_dump(b: PBIO; const bytes: PIdAnsiChar; len: TIdC_INT): TIdC_INT;
+  function BIO_dump_indent(b: PBIO; const bytes: PIdAnsiChar; len: TIdC_INT; indent: TIdC_INT): TIdC_INT;
+
+//  function BIO_dump_fp(fp: cFile; const s: PByte; len: TIdC_INT): TIdC_INT;
+//  function BIO_dump_indent_fp(fp: cFile; const s: PByte; len: TIdC_INT; indent: TIdC_INT): TIdC_INT;
+
+  function BIO_hex_string(&out: PBIO; indent: TIdC_INT; width: TIdC_INT; data: PByte; datalen: TIdC_INT): TIdC_INT;
+
+  function BIO_ADDR_new: PBIO_ADDR;
+  function BIO_ADDR_rawmake(ap: PBIO_ADDR; familiy: TIdC_INT; const where: Pointer; wherelen: TIdC_SIZET; port: TIdC_SHORT): TIdC_INT;
+  procedure BIO_ADDR_free(a: PBIO_ADDR);
+  procedure BIO_ADDR_clear(ap: PBIO_ADDR);
+  function BIO_ADDR_family(const ap: PBIO_ADDR): TIdC_INT;
+  function BIO_ADDR_rawaddress(const ap: PBIO_ADDR; p: Pointer; l: PIdC_SIZET): TIdC_INT;
+  function BIO_ADDR_rawport(const ap: PBIO_ADDR): TIdC_SHORT;
+  function BIO_ADDR_hostname_string(const ap: PBIO_ADDR; numeric: TIdC_INT): PIdAnsiChar;
+  function BIO_ADDR_service_string(const ap: PBIO_ADDR; numeric: TIdC_INT): PIdAnsiChar;
+  function BIO_ADDR_path_string(const ap: PBIO_ADDR): PIdAnsiChar;
+
+  function BIO_ADDRINFO_next(const bai: PBIO_ADDRINFO): PBIO_ADDRINFO;
+  function BIO_ADDRINFO_family(const bai: PBIO_ADDRINFO): TIdC_INT;
+  function BIO_ADDRINFO_socktype(const bai: PBIO_ADDRINFO): TIdC_INT;
+  function BIO_ADDRINFO_protocol(const bai: PBIO_ADDRINFO): TIdC_INT;
+  function BIO_ADDRINFO_address(const bai: PBIO_ADDRINFO): PBIO_ADDR;
+  procedure BIO_ADDRINFO_free(bai: PBIO_ADDRINFO);
+
+  function BIO_parse_hostserv(const hostserv: PIdAnsiChar; host: PPIdAnsiChar; service: PPIdAnsiChar; hostserv_prio: BIO_hostserv_priorities): TIdC_INT;
+
+  function BIO_lookup(const host: PIdAnsiChar; const service: PIdAnsiChar; lookup_type: BIO_lookup_type; family: TIdC_INT; socktype: TIdC_INT; res: PPBIO_ADDRINFO): TIdC_INT;
+  function BIO_lookup_ex(const host: PIdAnsiChar; const service: PIdAnsiChar; lookup_type: TIdC_INT; family: TIdC_INT; socktype: TIdC_INT; protocol: TIdC_INT; res: PPBIO_ADDRINFO): TIdC_INT;
+  function BIO_sock_error(sock: TIdC_INT): TIdC_INT;
+  function BIO_socket_ioctl(fd: TIdC_INT; cType: TIdC_LONG; arg: Pointer): TIdC_INT;
+  function BIO_socket_nbio(fd: TIdC_INT; mode: TIdC_INT): TIdC_INT;
+  function BIO_sock_init: TIdC_INT;
+
+  function BIO_set_tcp_ndelay(sock: TIdC_INT; turn_on: TIdC_INT): TIdC_INT;
+
+  function BIO_sock_info(sock: TIdC_INT; &type: BIO_sock_info_type; info: PBIO_sock_info_u): TIdC_INT;
+
+  function BIO_socket(domain: TIdC_INT; socktype: TIdC_INT; protocol: TIdC_INT; options: TIdC_INT): TIdC_INT;
+  function BIO_connect(sock: TIdC_INT; const addr: PBIO_ADDR; options: TIdC_INT): TIdC_INT;
+  function BIO_bind(sock: TIdC_INT; const addr: PBIO_ADDR; options: TIdC_INT): TIdC_INT;
+  function BIO_listen(sock: TIdC_INT; const addr: PBIO_ADDR; options: TIdC_INT): TIdC_INT;
+  function BIO_accept_ex(accept_sock: TIdC_INT; addr: PBIO_ADDR; options: TIdC_INT): TIdC_INT;
+  function BIO_closesocket(sock: TIdC_INT): TIdC_INT;
+
+  function BIO_new_socket(sock: TIdC_INT; close_flag: TIdC_INT): PBIO;
+  function BIO_new_connect(const host_port: PIdAnsiChar): PBIO;
+  function BIO_new_accept(const host_port: PIdAnsiChar): PBIO;
+
+  function BIO_new_fd(fd: TIdC_INT; close_flag: TIdC_INT): PBIO;
+
+  function BIO_new_bio_pair(bio1: PPBIO; writebuf1: TIdC_SIZET; bio2: PPBIO; writebuf2: TIdC_SIZET): TIdC_INT;
+  (*
+   * If successful, returns 1 and in *bio1, *bio2 two BIO pair endpoints.
+   * Otherwise returns 0 and sets *bio1 and *bio2 to NULL. Size 0 uses default
+   * value.
+   *)
+
+  procedure BIO_copy_next_retry(b: PBIO);
+
+//  BIO_METHOD *BIO_meth_new(int type, const char *name);
+//  void BIO_meth_free(BIO_METHOD *biom);
+//  int (*BIO_meth_get_write(const BIO_METHOD *biom)) (BIO *, const char *, int);
+//  int (*BIO_meth_get_write_ex(const BIO_METHOD *biom)) (BIO *, const char *, TIdC_SIZET,
+//                                                  TIdC_SIZET *);
+//  int BIO_meth_set_write(BIO_METHOD *biom,
+//                         int (*write) (BIO *, const char *, int));
+//  int BIO_meth_set_write_ex(BIO_METHOD *biom,
+//                         int (*bwrite) (BIO *, const char *, TIdC_SIZET, TIdC_SIZET *));
+//  int (*BIO_meth_get_read(const BIO_METHOD *biom)) (BIO *, char *, int);
+//  int (*BIO_meth_get_read_ex(const BIO_METHOD *biom)) (BIO *, char *, TIdC_SIZET, TIdC_SIZET *);
+//  int BIO_meth_set_read(BIO_METHOD *biom,
+//                        int (*read) (BIO *, char *, int));
+//  int BIO_meth_set_read_ex(BIO_METHOD *biom,
+//                           int (*bread) (BIO *, char *, TIdC_SIZET, TIdC_SIZET *));
+//  int (*BIO_meth_get_puts(const BIO_METHOD *biom)) (BIO *, const char *);
+//  int BIO_meth_set_puts(BIO_METHOD *biom,
+//                        int (*puts) (BIO *, const char *));
+//  int (*BIO_meth_get_gets(const BIO_METHOD *biom)) (BIO *, char *, int);
+//  int BIO_meth_set_gets(BIO_METHOD *biom,
+//                        int (*gets) (BIO *, char *, int));
+//  long (*BIO_meth_get_ctrl(const BIO_METHOD *biom)) (BIO *, int, long, void *);
+//  int BIO_meth_set_ctrl(BIO_METHOD *biom,
+//                        long (*ctrl) (BIO *, int, long, void *));
+//  int (*BIO_meth_get_create(const BIO_METHOD *bion)) (BIO *);
+//  int BIO_meth_set_create(BIO_METHOD *biom, int (*create) (BIO *));
+//  int (*BIO_meth_get_destroy(const BIO_METHOD *biom)) (BIO *);
+//  int BIO_meth_set_destroy(BIO_METHOD *biom, int (*destroy) (BIO *));
+//  long (*BIO_meth_get_callback_ctrl(const BIO_METHOD *biom))
+//                                   (BIO *, int, BIO_info_cb *);
+//  int BIO_meth_set_callback_ctrl(BIO_METHOD *biom,
+//                                 long (*callback_ctrl) (BIO *, int,
+//                                                        BIO_info_cb *));
+
+implementation
+
+{$REGION 'C compiler macros'}
+// # define BIO_get_flags(b) BIO_test_flags(b, ~(0x0))
+function BIO_get_flags(const b: PBIO): TIdC_INT;
+begin
+  Result := BIO_test_flags(b, not $0);
+end;
+
+//# define BIO_set_retry_special(b) \
+//                BIO_set_flags(b, (BIO_FLAGS_IO_SPECIAL|BIO_FLAGS_SHOULD_RETRY))
+procedure BIO_set_retry_special(b: PBIO);
+begin
+  BIO_set_flags(b, BIO_FLAGS_IO_SPECIAL or BIO_FLAGS_SHOULD_RETRY);
+end;
+
+//# define BIO_set_retry_read(b) \
+//                BIO_set_flags(b, (BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY))
+procedure BIO_set_retry_read(b: PBIO);
+begin
+  BIO_set_flags(b, BIO_FLAGS_READ or BIO_FLAGS_SHOULD_RETRY);
+end;
+
+//# define BIO_set_retry_write(b) \
+//                BIO_set_flags(b, (BIO_FLAGS_WRITE|BIO_FLAGS_SHOULD_RETRY))
+procedure BIO_set_retry_write(b: PBIO);
+begin
+  BIO_set_flags(b, BIO_FLAGS_WRITE or BIO_FLAGS_SHOULD_RETRY);
+end;
+
+//# define BIO_clear_retry_flags(b) \
+//                BIO_clear_flags(b, (BIO_FLAGS_RWS|BIO_FLAGS_SHOULD_RETRY))
+procedure BIO_clear_retry_flags(b: PBIO);
+begin
+  BIO_clear_flags(b, BIO_FLAGS_RWS or BIO_FLAGS_SHOULD_RETRY);
+end;
+
+//# define BIO_get_retry_flags(b) \
+//                BIO_test_flags(b, (BIO_FLAGS_RWS|BIO_FLAGS_SHOULD_RETRY))
+function BIO_get_retry_flags(b: PBIO): TIdC_INT;
+begin
+  Result := BIO_test_flags(b, BIO_FLAGS_RWS or BIO_FLAGS_SHOULD_RETRY);
+end;
+
+//# define BIO_should_read(a)              BIO_test_flags(a, BIO_FLAGS_READ)
+function BIO_should_read(b: PBIO): TIdC_INT;
+begin
+  Result := BIO_test_flags(b, BIO_FLAGS_READ);
+end;
+
+//# define BIO_should_write(a)             BIO_test_flags(a, BIO_FLAGS_WRITE)
+function BIO_should_write(b: PBIO): TIdC_INT;
+begin
+  Result := BIO_test_flags(b, BIO_FLAGS_WRITE);
+end;
+
+//# define BIO_should_io_special(a)        BIO_test_flags(a, BIO_FLAGS_IO_SPECIAL)
+function BIO_should_io_special(b: PBIO): TIdC_INT;
+begin
+  Result := BIO_test_flags(b, BIO_FLAGS_IO_SPECIAL);
+end;
+
+//# define BIO_retry_type(a)               BIO_test_flags(a, BIO_FLAGS_RWS)
+function BIO_retry_type(b: PBIO): TIdC_INT;
+begin
+  Result := BIO_test_flags(b, BIO_FLAGS_RWS);
+end;
+
+//# define BIO_should_retry(a)             BIO_test_flags(a, BIO_FLAGS_SHOULD_RETRY)
+function BIO_should_retry(b: PBIO): TIdC_INT;
+begin
+  Result := BIO_test_flags(b, BIO_FLAGS_SHOULD_RETRY);
+end;
+
+//#  define BIO_do_connect(b)       BIO_do_handshake(b)
+function BIO_do_connect(b: PBIO): TIdC_LONG;
+begin
+  Result := BIO_do_handshake(b);
+end;
+
+//#  define BIO_do_accept(b)        BIO_do_handshake(b)
+function BIO_do_accept(b: PBIO): TIdC_LONG;
+begin
+  Result := BIO_do_handshake(b);
+end;
+
+//# define BIO_do_handshake(b)     BIO_ctrl(b,BIO_C_DO_STATE_MACHINE,0,NULL)
+function BIO_do_handshake(b: PBIO): TIdC_LONG;
+begin
+  Result := BIO_ctrl(b, BIO_C_DO_STATE_MACHINE, 0, nil);
+end;
+{$ENDREGION}
+
+end.
+
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_bioerr.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_bioerr.pas
new file mode 100644
index 000000000..55d724d6e
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_bioerr.pas
@@ -0,0 +1,148 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+unit IdOpenSSLHeaders_bioerr;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// bioerr.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+const
+  (*
+   * BIO function codes.
+   *)
+  BIO_F_ACPT_STATE = 100;
+  BIO_F_ADDRINFO_WRAP = 148;
+  BIO_F_ADDR_STRINGS = 134;
+  BIO_F_BIO_ACCEPT = 101;
+  BIO_F_BIO_ACCEPT_EX = 137;
+  BIO_F_BIO_ACCEPT_NEW = 152;
+  BIO_F_BIO_ADDR_NEW = 144;
+  BIO_F_BIO_BIND = 147;
+  BIO_F_BIO_CALLBACK_CTRL = 131;
+  BIO_F_BIO_CONNECT = 138;
+  BIO_F_BIO_CONNECT_NEW = 153;
+  BIO_F_BIO_CTRL = 103;
+  BIO_F_BIO_GETS = 104;
+  BIO_F_BIO_GET_HOST_IP = 106;
+  BIO_F_BIO_GET_NEW_INDEX = 102;
+  BIO_F_BIO_GET_PORT = 107;
+  BIO_F_BIO_LISTEN = 139;
+  BIO_F_BIO_LOOKUP = 135;
+  BIO_F_BIO_LOOKUP_EX = 143;
+  BIO_F_BIO_MAKE_PAIR = 121;
+  BIO_F_BIO_METH_NEW = 146;
+  BIO_F_BIO_NEW = 108;
+  BIO_F_BIO_NEW_DGRAM_SCTP = 145;
+  BIO_F_BIO_NEW_FILE = 109;
+  BIO_F_BIO_NEW_MEM_BUF = 126;
+  BIO_F_BIO_NREAD = 123;
+  BIO_F_BIO_NREAD0 = 124;
+  BIO_F_BIO_NWRITE = 125;
+  BIO_F_BIO_NWRITE0 = 122;
+  BIO_F_BIO_PARSE_HOSTSERV = 136;
+  BIO_F_BIO_PUTS = 110;
+  BIO_F_BIO_READ = 111;
+  BIO_F_BIO_READ_EX = 105;
+  BIO_F_BIO_READ_INTERN = 120;
+  BIO_F_BIO_SOCKET = 140;
+  BIO_F_BIO_SOCKET_NBIO = 142;
+  BIO_F_BIO_SOCK_INFO = 141;
+  BIO_F_BIO_SOCK_INIT = 112;
+  BIO_F_BIO_WRITE = 113;
+  BIO_F_BIO_WRITE_EX = 119;
+  BIO_F_BIO_WRITE_INTERN = 128;
+  BIO_F_BUFFER_CTRL = 114;
+  BIO_F_CONN_CTRL = 127;
+  BIO_F_CONN_STATE = 115;
+  BIO_F_DGRAM_SCTP_NEW = 149;
+  BIO_F_DGRAM_SCTP_READ = 132;
+  BIO_F_DGRAM_SCTP_WRITE = 133;
+  BIO_F_DOAPR_OUTCH = 150;
+  BIO_F_FILE_CTRL = 116;
+  BIO_F_FILE_READ = 130;
+  BIO_F_LINEBUFFER_CTRL = 129;
+  BIO_F_LINEBUFFER_NEW = 151;
+  BIO_F_MEM_WRITE = 117;
+  BIO_F_NBIOF_NEW = 154;
+  BIO_F_SLG_WRITE = 155;
+  BIO_F_SSL_NEW = 118;
+
+  (*
+   * BIO reason codes.
+   *)
+  BIO_R_ACCEPT_ERROR =   100;
+  BIO_R_ADDRINFO_ADDR_IS_NOT_AF_INET =  141;
+  BIO_R_AMBIGUOUS_HOST_OR_SERVICE =  129;
+  BIO_R_BAD_FOPEN_MODE =  101;
+  BIO_R_BROKEN_PIPE =   124;
+  BIO_R_CONNECT_ERROR =  103;
+  BIO_R_GETHOSTBYNAME_ADDR_IS_NOT_AF_INET = 107;
+  BIO_R_GETSOCKNAME_ERROR =  132;
+  BIO_R_GETSOCKNAME_TRUNCATED_ADDRESS = 133;
+  BIO_R_GETTING_SOCKTYPE =  134;
+  BIO_R_INVALID_ARGUMENT =  125;
+  BIO_R_INVALID_SOCKET =  135;
+  BIO_R_IN_USE =   123;
+  BIO_R_LENGTH_TOO_LONG =  102;
+  BIO_R_LISTEN_V6_ONLY =  136;
+  BIO_R_LOOKUP_RETURNED_NOTHING =  142;
+  BIO_R_MALFORMED_HOST_OR_SERVICE =  130;
+  BIO_R_NBIO_CONNECT_ERROR =  110;
+  BIO_R_NO_ACCEPT_ADDR_OR_SERVICE_SPECIFIED = 143;
+  BIO_R_NO_HOSTNAME_OR_SERVICE_SPECIFIED = 144;
+  BIO_R_NO_PORT_DEFINED =  113;
+  BIO_R_NO_SUCH_FILE =   128;
+  BIO_R_NULL_PARAMETER =  115;
+  BIO_R_UNABLE_TO_BIND_SOCKET =  117;
+  BIO_R_UNABLE_TO_CREATE_SOCKET =  118;
+  BIO_R_UNABLE_TO_KEEPALIVE =  137;
+  BIO_R_UNABLE_TO_LISTEN_SOCKET =  119;
+  BIO_R_UNABLE_TO_NODELAY =  138;
+  BIO_R_UNABLE_TO_REUSEADDR =  139;
+  BIO_R_UNAVAILABLE_IP_FAMILY =  145;
+  BIO_R_UNINITIALIZED =  120;
+  BIO_R_UNKNOWN_INFO_TYPE =  140;
+  BIO_R_UNSUPPORTED_IP_FAMILY =  146;
+  BIO_R_UNSUPPORTED_METHOD =  121;
+  BIO_R_UNSUPPORTED_PROTOCOL_FAMILY =  131;
+  BIO_R_WRITE_TO_READ_ONLY_BIO =  126;
+  BIO_R_WSASTARTUP =   122;
+  
+var
+  function ERR_load_BIO_strings: TIdC_INT;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_blowfish.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_blowfish.pas
new file mode 100644
index 000000000..2e24441cb
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_blowfish.pas
@@ -0,0 +1,76 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+unit IdOpenSSLHeaders_blowfish;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// blowfish.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+const
+  // Added '_CONST' to avoid name clashes
+  BF_ENCRYPT_CONST = 1;
+  // Added '_CONST' to avoid name clashes
+  BF_DECRYPT_CONST = 0;
+
+  BF_ROUNDS = 16;
+  BF_BLOCK  = 8;
+
+type
+  BF_LONG = TIdC_UINT;
+  PBF_LONG = ^BF_LONG;
+
+  bf_key_st = record
+    p: array[0 .. BF_ROUNDS + 2 - 1] of BF_LONG;
+    s: array[0 .. 4 * 256 - 1] of BF_LONG;
+  end;
+  BF_KEY = bf_key_st;
+  PBF_KEY = ^BF_KEY;
+
+var
+  procedure BF_set_key(key: PBF_KEY; len: TIdC_INT; const data: PByte);
+
+  procedure BF_encrypt(data: PBF_LONG; const key: PBF_KEY);
+  procedure BF_decrypt(data: PBF_LONG; const key: PBF_KEY);
+
+  procedure BF_ecb_encrypt(const &in: PByte; &out: PByte; key: PBF_KEY; enc: TIdC_INT);
+  procedure BF_cbc_encrypt(const &in: PByte; &out: PByte; length: TIdC_LONG; schedule: PBF_KEY; ivec: PByte; enc: TIdC_INT);
+  procedure BF_cfb64_encrypt(const &in: PByte; &out: PByte; length: TIdC_LONG; schedule: PBF_KEY; ivec: PByte; num: PIdC_INT; enc: TIdC_INT);
+  procedure BF_ofb64_encrypt(const &in: PByte; &out: PByte; length: TIdC_LONG; schedule: PBF_KEY; ivec: PByte; num: PIdC_INT);
+
+  function BF_options: PIdAnsiChar;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_bn.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_bn.pas
new file mode 100644
index 000000000..b1a25abf9
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_bn.pas
@@ -0,0 +1,429 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+unit IdOpenSSLHeaders_bn;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// bn.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts,
+  IdOpenSSLHeaders_ossl_typ;
+
+const
+  BN_FLG_MALLOCED = $01;
+  BN_FLG_STATIC_DATA = $02;
+
+  (*
+   * avoid leaking exponent information through timing,
+   * BN_mod_exp_mont() will call BN_mod_exp_mont_consttime,
+   * BN_div() will call BN_div_no_branch,
+   * BN_mod_inverse() will call BN_mod_inverse_no_branch.
+   *)
+  BN_FLG_CONSTTIME = $04;
+  BN_FLG_SECURE = $08;
+
+  (* Values for |top| in BN_rand() *)
+  BN_RAND_TOP_ANY = -1;
+  BN_RAND_TOP_ONE = 0;
+  BN_RAND_TOP_TWO = 1;
+
+  (* Values for |bottom| in BN_rand() *)
+  BN_RAND_BOTTOM_ANY = 0;
+  BN_RAND_BOTTOM_ODD = 1;
+  
+  (* BN_BLINDING flags *)
+  BN_BLINDING_NO_UPDATE = $00000001;
+  BN_BLINDING_NO_RECREATE = $00000002;
+
+type
+  BN_ULONG = TIdC_ULONG;
+
+  BN_GENCB_set_old_cb = procedure (a: TIdC_INT; b: TIdC_INT; c: Pointer); cdecl;
+  BN_GENCB_set_cb = function (a: TIdC_INT; b: TIdC_INT; c: PBN_GENCB): TIdC_INT; cdecl;
+
+var
+  procedure BN_set_flags(b: PBIGNUM; n: TIdC_INT);
+  function BN_get_flags(b: PBIGNUM; n: TIdC_INT): TIdC_INT;
+
+  (*
+   * get a clone of a BIGNUM with changed flags, for *temporary* use only (the
+   * two BIGNUMs cannot be used in parallel!). Also only for *read only* use. The
+   * value |dest| should be a newly allocated BIGNUM obtained via BN_new() that
+   * has not been otherwise initialised or used.
+   *)
+  procedure BN_with_flags(dest: PBIGNUM; b: PBIGNUM; flags: TIdC_INT);
+  (* Wrapper function to make using BN_GENCB easier *)
+  function BN_GENCB_call(cb: PBN_GENCB; a: TIdC_INT; b: TIdC_INT): TIdC_INT;
+
+  function BN_GENCB_new: PBN_GENCB;
+  procedure BN_GENCB_free(cb: PBN_GENCB);
+
+  (* Populate a PBN_GENCB structure with an "old"-style callback *)
+  procedure BN_GENCB_set_old(gencb: PBN_GENCB; callback: BN_GENCB_set_old_cb; cb_arg: Pointer);
+
+  (* Populate a PBN_GENCB structure with a "new"-style callback *)
+  procedure BN_GENCB_set(gencb: PBN_GENCB; callback: BN_GENCB_set_cb; cb_arg: Pointer);
+
+  function BN_GENCB_get_arg(cb: PBN_GENCB): Pointer;
+  
+  (*
+   * BN_prime_checks_for_size() returns the number of Miller-Rabin iterations
+   * that will be done for checking that a random number is probably prime. The
+   * error rate for accepting a composite number as prime depends on the size of
+   * the prime |b|. The error rates used are for calculating an RSA key with 2 primes,
+   * and so the level is what you would expect for a key of double the size of the
+   * prime.
+   *
+   * This table is generated using the algorithm of FIPS PUB 186-4
+   * Digital Signature Standard (DSS), section F.1, page 117.
+   * (https://dx.doi.org/10.6028/NIST.FIPS.186-4)
+   *
+   * The following magma script was used to generate the output:
+   * securitybits:=125;
+   * k:=1024;
+   * for t:=1 to 65 do
+   *   for M:=3 to Floor(2*Sqrt(k-1)-1) do
+   *     S:=0;
+   *     // Sum over m
+   *     for m:=3 to M do
+   *       s:=0;
+   *       // Sum over j
+   *       for j:=2 to m do
+   *         s+:=(RealField(32)!2)^-(j+(k-1)/j);
+   *       end for;
+   *       S+:=2^(m-(m-1)*t)*s;
+   *     end for;
+   *     A:=2^(k-2-M*t);
+   *     B:=8*(Pi(RealField(32))^2-6)/3*2^(k-2)*S;
+   *     pkt:=2.00743*Log(2)*k*2^-k*(A+B);
+   *     seclevel:=Floor(-Log(2,pkt));
+   *     if seclevel ge securitybits then
+   *       printf "k: %5o, security: %o bits  (t: %o, M: %o)\n",k,seclevel,t,M;
+   *       break;
+   *     end if;
+   *   end for;
+   *   if seclevel ge securitybits then break; end if;
+   * end for;
+   *
+   * It can be run online at:
+   * http://magma.maths.usyd.edu.au/calc
+   *
+   * And will output:
+   * k:  1024, security: 129 bits  (t: 6, M: 23)
+   *
+   * k is the number of bits of the prime, securitybits is the level we want to
+   * reach.
+   *
+   * prime length | RSA key size | # MR tests | security level
+   * -------------+--------------|------------+---------------
+   *  (b) >= 6394 |     >= 12788 |          3 |        256 bit
+   *  (b) >= 3747 |     >=  7494 |          3 |        192 bit
+   *  (b) >= 1345 |     >=  2690 |          4 |        128 bit
+   *  (b) >= 1080 |     >=  2160 |          5 |        128 bit
+   *  (b) >=  852 |     >=  1704 |          5 |        112 bit
+   *  (b) >=  476 |     >=   952 |          5 |         80 bit
+   *  (b) >=  400 |     >=   800 |          6 |         80 bit
+   *  (b) >=  347 |     >=   694 |          7 |         80 bit
+   *  (b) >=  308 |     >=   616 |          8 |         80 bit
+   *  (b) >=   55 |     >=   110 |         27 |         64 bit
+   *  (b) >=    6 |     >=    12 |         34 |         64 bit
+   *)
+
+//  # define BN_prime_checks_for_size(b) ((b) >= 3747 ?  3 : \
+//                                  (b) >=  1345 ?  4 : \
+//                                  (b) >=  476 ?  5 : \
+//                                  (b) >=  400 ?  6 : \
+//                                  (b) >=  347 ?  7 : \
+//                                  (b) >=  308 ?  8 : \
+//                                  (b) >=  55  ? 27 : \
+//                                  (* b >= 6 *) 34)
+//
+//  # define BN_num_bytes(a) ((BN_num_bits(a)+7)/8)
+
+  function BN_abs_is_word(a: PBIGNUM; w: BN_ULONG): TIdC_INT;
+  function BN_is_zero(a: PBIGNUM): TIdC_INT;
+  function BN_is_one(a: PBIGNUM): TIdC_INT;
+  function BN_is_word(a: PBIGNUM; w: BN_ULONG): TIdC_INT;
+  function BN_is_odd(a: PBIGNUM): TIdC_INT;
+
+//  # define BN_one(a)       (BN_set_word((a),1))
+
+  procedure BN_zero_ex(a: PBIGNUM);
+
+  function BN_value_one: PBIGNUM;
+  function BN_options: PIdAnsiChar;
+  function BN_CTX_new: PBN_CTX;
+  function BN_CTX_secure_new: PBN_CTX;
+  procedure BN_CTX_free(c: PBN_CTX);
+  procedure BN_CTX_start(ctx: PBN_CTX);
+  function BN_CTX_get(ctx: PBN_CTX): PBIGNUM;
+  procedure BN_CTX_end(ctx: PBN_CTX);
+  function BN_rand(rnd: PBIGNUM; bits: TIdC_INT; top: TIdC_INT; bottom: TIdC_INT): TIdC_INT;
+  function BN_priv_rand(rnd: PBIGNUM; bits: TIdC_INT; top: TIdC_INT; bottom: TIdC_INT): TIdC_INT;
+  function BN_rand_range(rnd: PBIGNUM; range: PBIGNUM): TIdC_INT;
+  function BN_priv_rand_range(rnd: PBIGNUM; range: PBIGNUM): TIdC_INT;
+  function BN_pseudo_rand(rnd: PBIGNUM; bits: TIdC_INT; top: TIdC_INT; bottom: TIdC_INT): TIdC_INT;
+  function BN_pseudo_rand_range(rnd: PBIGNUM; range: PBIGNUM): TIdC_INT;
+  function BN_num_bits(a: PBIGNUM): TIdC_INT;
+  function BN_num_bits_word(l: BN_ULONG): TIdC_INT;
+  function BN_security_bits(L: TIdC_INT; N: TIdC_INT): TIdC_INT;
+  function BN_new: PBIGNUM;
+  function BN_secure_new: PBIGNUM;
+  procedure BN_clear_free(a: PBIGNUM);
+  function BN_copy(a: PBIGNUM; b: PBIGNUM): PBIGNUM;
+  procedure BN_swap(a: PBIGNUM; b: PBIGNUM);
+  function BN_bin2bn(const s: PByte; len: TIdC_INT; ret: PBIGNUM): PBIGNUM;
+  function BN_bn2bin(const a: PBIGNUM; &to: PByte): TIdC_INT;
+  function BN_bn2binpad(const a: PBIGNUM; &to: PByte; tolen: TIdC_INT): TIdC_INT;
+  function BN_lebin2bn(const s: PByte; len: TIdC_INT; ret: PBIGNUM): PBIGNUM;
+  function BN_bn2lebinpad(a: PBIGNUM; &to: PByte; tolen: TIdC_INT): TIdC_INT;
+  function BN_mpi2bn(const s: PByte; len: TIdC_INT; ret: PBIGNUM): PBIGNUM;
+  function BN_bn2mpi(a: PBIGNUM; &to: PByte): TIdC_INT;
+  function BN_sub(r: PBIGNUM; const a: PBIGNUM; const b: PBIGNUM): TIdC_INT;
+  function BN_usub(r: PBIGNUM; const a: PBIGNUM; const b: PBIGNUM): TIdC_INT;
+  function BN_uadd(r: PBIGNUM; const a: PBIGNUM; const b: PBIGNUM): TIdC_INT;
+  function BN_add(r: PBIGNUM; const a: PBIGNUM; const b: PBIGNUM): TIdC_INT;
+  function BN_mul(r: PBIGNUM; const a: PBIGNUM; const b: PBIGNUM; ctx: PBN_CTX): TIdC_INT;
+  function BN_sqr(r: PBIGNUM; const a: PBIGNUM; ctx: PBN_CTX): TIdC_INT;
+
+  (** BN_set_negative sets sign of a BIGNUM
+   * \param  b  pointer to the BIGNUM object
+   * \param  n  0 if the BIGNUM b should be positive and a value != 0 otherwise
+   *)
+  procedure BN_set_negative(b: PBIGNUM; n: TIdC_INT);
+  (** BN_is_negative returns 1 if the BIGNUM is negative
+   * \param  b  pointer to the BIGNUM object
+   * \return 1 if a < 0 and 0 otherwise
+   *)
+  function BN_is_negative(b: PBIGNUM): TIdC_INT;
+
+  function BN_div(dv: PBIGNUM; rem: PBIGNUM; const m: PBIGNUM; const d: PBIGNUM; ctx: PBN_CTX): TIdC_INT;
+//  # define BN_mod(rem,m,d,ctx) BN_div(NULL,(rem),(m),(d),(ctx))
+  function BN_nnmod(r: PBIGNUM; const m: PBIGNUM; const d: PBIGNUM; ctx: PBN_CTX): TIdC_INT;
+  function BN_mod_add(r: PBIGNUM; const a: PBIGNUM; const b: PBIGNUM; const m: PBIGNUM; ctx: PBN_CTX): TIdC_INT;
+  function BN_mod_add_quick(r: PBIGNUM; const a: PBIGNUM; const b: PBIGNUM; const m: PBIGNUM): TIdC_INT;
+  function BN_mod_sub(r: PBIGNUM; const a: PBIGNUM; const b: PBIGNUM; const m: PBIGNUM; ctx: PBN_CTX): TIdC_INT;
+  function BN_mod_sub_quick(r: PBIGNUM; const a: PBIGNUM; const b: PBIGNUM; const m: PBIGNUM): TIdC_INT;
+  function BN_mod_mul(r: PBIGNUM; const a: PBIGNUM; const b: PBIGNUM; const m: PBIGNUM; ctx: PBN_CTX): TIdC_INT;
+  function BN_mod_sqr(r: PBIGNUM; const a: PBIGNUM; const m: PBIGNUM; ctx: PBN_CTX): TIdC_INT;
+  function BN_mod_lshift1(r: PBIGNUM; const a: PBIGNUM; const m: PBIGNUM; ctx: PBN_CTX): TIdC_INT;
+  function BN_mod_lshift1_quick(r: PBIGNUM; const a: PBIGNUM; const m: PBIGNUM): TIdC_INT;
+  function BN_mod_lshift(r: PBIGNUM; const a: PBIGNUM; n: TIdC_INT; const m: PBIGNUM; ctx: PBN_CTX): TIdC_INT;
+  function BN_mod_lshift_quick(r: PBIGNUM; const a: PBIGNUM; n: TIdC_INT; const m: PBIGNUM): TIdC_INT;
+
+  function BN_mod_word(const a: PBIGNUM; w: BN_ULONG): BN_ULONG;
+  function BN_div_word(a: PBIGNUM; w: BN_ULONG): BN_ULONG;
+  function BN_mul_word(a: PBIGNUM; w: BN_ULONG): TIdC_INT;
+  function BN_add_word(a: PBIGNUM; w: BN_ULONG): TIdC_INT;
+  function BN_sub_word(a: PBIGNUM; w: BN_ULONG): TIdC_INT;
+  function BN_set_word(a: PBIGNUM; w: BN_ULONG): TIdC_INT;
+  function BN_get_word(const a: PBIGNUM): BN_ULONG;
+
+  function BN_cmp(const a: PBIGNUM; const b: PBIGNUM): TIdC_INT;
+  procedure BN_free(a: PBIGNUM);
+  function BN_is_bit_set(const a: PBIGNUM; n: TIdC_INT): TIdC_INT;
+  function BN_lshift(r: PBIGNUM; const a: PBIGNUM; n: TIdC_INT): TIdC_INT;
+  function BN_lshift1(r: PBIGNUM; const a: PBIGNUM): TIdC_INT;
+  function BN_exp(r: PBIGNUM; a: PBIGNUM; p: PBIGNUM; ctx: PBN_CTX): TIdC_INT;
+
+  function BN_mod_exp(r: PBIGNUM; a: PBIGNUM; p: PBIGNUM; const m: PBIGNUM; ctx: PBN_CTX): TIdC_INT;
+  function BN_mod_exp_mont(r: PBIGNUM; a: PBIGNUM; p: PBIGNUM; m: PBIGNUM; ctx: PBN_CTX; m_ctx: PBN_MONT_CTX): TIdC_INT;
+  function BN_mod_exp_mont_consttime(rr: PBIGNUM; a: PBIGNUM; p: PBIGNUM; m: PBIGNUM; ctx: PBN_CTX; in_mont: PBN_MONT_CTX): TIdC_INT;
+  function BN_mod_exp_mont_word(r: PBIGNUM; a: BN_ULONG; p: PBIGNUM; m: PBIGNUM; ctx: PBN_CTX; m_ctx: PBN_MONT_CTX): TIdC_INT;
+  function BN_mod_exp2_mont(r: PBIGNUM; const a1: PBIGNUM; const p1: PBIGNUM; const a2: PBIGNUM; const p2: PBIGNUM; const m: PBIGNUM; ctx: PBN_CTX; m_ctx: PBN_MONT_CTX): TIdC_INT;
+  function BN_mod_exp_simple(r: PBIGNUM; a: PBIGNUM; p: PBIGNUM; m: PBIGNUM; ctx: PBN_CTX): TIdC_INT;
+
+  function BN_mask_bits(a: PBIGNUM; n: TIdC_INT): TIdC_INT;
+  function BN_print(bio: PBIO; a: PBIGNUM): TIdC_INT;
+  function BN_reciprocal(r: PBIGNUM; m: PBIGNUM; len: TIdC_INT; ctx: PBN_CTX): TIdC_INT;
+  function BN_rshift(r: PBIGNUM; a: PBIGNUM; n: TIdC_INT): TIdC_INT;
+  function BN_rshift1(r: PBIGNUM; a: PBIGNUM): TIdC_INT;
+  procedure BN_clear(a: PBIGNUM);
+  function BN_dup(const a: PBIGNUM): PBIGNUM;
+  function BN_ucmp(a: PBIGNUM; b: PBIGNUM): TIdC_INT;
+  function BN_set_bit(a: PBIGNUM; n: TIdC_INT): TIdC_INT;
+  function BN_clear_bit(a: PBIGNUM; n: TIdC_INT): TIdC_INT;
+  function BN_bn2hex(a: PBIGNUM): PIdAnsiChar;
+  function BN_bn2dec(a: PBIGNUM): PIdAnsiChar;
+  function BN_hex2bn(a: PBIGNUM; str: PIdAnsiChar): TIdC_INT;
+  function BN_dec2bn(a: PBIGNUM; str: PIdAnsiChar): TIdC_INT;
+  function BN_asc2bn(a: PBIGNUM; str: PIdAnsiChar): TIdC_INT;
+  function BN_gcd(r: PBIGNUM; a: PBIGNUM; b: PBIGNUM; ctx: PBN_CTX): TIdC_INT;
+  function BN_kronecker(a: PBIGNUM; b: PBIGNUM; ctx: PBN_CTX): TIdC_INT;
+
+  function BN_mod_inverse(ret: PBIGNUM; a: PBIGNUM; const n: PBIGNUM; ctx: PBN_CTX): PBIGNUM;
+  function BN_mod_sqrt(ret: PBIGNUM; a: PBIGNUM; const n: PBIGNUM; ctx: PBN_CTX): PBIGNUM;
+
+  procedure BN_consttime_swap(swap: BN_ULONG; a: PBIGNUM; b: PBIGNUM; nwords: TIdC_INT);
+
+  function BN_generate_prime_ex(ret: PBIGNUM; bits: TIdC_INT; safe: TIdC_INT; const add: PBIGNUM; const rem: PBIGNUM; cb: PBN_GENCB): TIdC_INT;
+  function BN_is_prime_ex(const p: PBIGNUM; nchecks: TIdC_INT; ctx: PBN_CTX; cb: PBN_GENCB): TIdC_INT;
+  function BN_is_prime_fasttest_ex(const p: PBIGNUM; nchecks: TIdC_INT; ctx: PBN_CTX; do_trial_division: TIdC_INT; cb: PBN_GENCB): TIdC_INT;
+  function BN_X931_generate_Xpq(Xp: PBIGNUM; Xq: PBIGNUM; nbits: TIdC_INT; ctx: PBN_CTX): TIdC_INT;
+  function BN_X931_derive_prime_ex(p: PBIGNUM; p1: PBIGNUM; p2: PBIGNUM; const Xp: PBIGNUM; const Xp1: PBIGNUM; const Xp2: PBIGNUM; const e: PBIGNUM; ctx: PBN_CTX; cb: PBN_GENCB): TIdC_INT;
+  function BN_X931_generate_prime_ex(p: PBIGNUM; p1: PBIGNUM; p2: PBIGNUM; Xp1: PBIGNUM; Xp2: PBIGNUM; Xp: PBIGNUM; const e: PBIGNUM; ctx: PBN_CTX; cb: PBN_GENCB): TIdC_INT;
+  function BN_MONT_CTX_new: PBN_MONT_CTX;
+  function BN_mod_mul_montgomery(r: PBIGNUM; const a: PBIGNUM; const b: PBIGNUM; mont: PBN_MONT_CTX; ctx: PBN_CTX): TIdC_INT;
+  function BN_to_montgomery(r: PBIGNUM; a: PBIGNUM; mont: PBN_MONT_CTX; ctx: PBN_CTX): TIdC_INT;
+  function BN_from_montgomery(r: PBIGNUM; a: PBIGNUM; mont: PBN_MONT_CTX; ctx: PBN_CTX): TIdC_INT;
+  procedure BN_MONT_CTX_free(mont: PBN_MONT_CTX);
+  function BN_MONT_CTX_set(mont: PBN_MONT_CTX; &mod: PBIGNUM; ctx: PBN_CTX): TIdC_INT;
+  function BN_MONT_CTX_copy(&to: PBN_MONT_CTX; from: PBN_MONT_CTX): PBN_MONT_CTX;
+//  function BN_MONT_CTX_set_locked(pmont: ^PBN_MONT_CTX; lock: CRYPTO_RWLOCK; &mod: PBIGNUM; ctx: PBN_CTX): PBN_MONT_CTX;
+
+  function BN_BLINDING_new(const A: PBIGNUM; const Ai: PBIGNUM; &mod: PBIGNUM): PBN_BLINDING;
+  procedure BN_BLINDING_free(b: PBN_BLINDING);
+  function BN_BLINDING_update(b: PBN_BLINDING; ctx: PBN_CTX): TIdC_INT;
+  function BN_BLINDING_convert(n: PBIGNUM; b: PBN_BLINDING; ctx: PBN_CTX): TIdC_INT;
+  function BN_BLINDING_invert(n: PBIGNUM; b: PBN_BLINDING; ctx: PBN_CTX): TIdC_INT;
+  function BN_BLINDING_convert_ex(n: PBIGNUM; r: PBIGNUM; b: PBN_BLINDING; v4: PBN_CTX): TIdC_INT;
+  function BN_BLINDING_invert_ex(n: PBIGNUM; r: PBIGNUM; b: PBN_BLINDING; v2: PBN_CTX): TIdC_INT;
+
+  function BN_BLINDING_is_current_thread(b: PBN_BLINDING): TIdC_INT;
+  procedure BN_BLINDING_set_current_thread(b: PBN_BLINDING);
+  function BN_BLINDING_lock(b: PBN_BLINDING): TIdC_INT;
+  function BN_BLINDING_unlock(b: PBN_BLINDING): TIdC_INT;
+
+  function BN_BLINDING_get_flags(v1: PBN_BLINDING): TIdC_ULONG;
+  procedure BN_BLINDING_set_flags(v1: PBN_BLINDING; v2: TIdC_ULONG);
+//  function BN_BLINDING_create_param(PBN_BLINDING *b,
+//                                         PBIGNUM *e, PBIGNUM *m, PBN_CTX *ctx,
+//                                        function (
+//    r: PBIGNUM;
+//    a: PBIGNUM;
+//    p: PBIGNUM;
+//    m: PBIGNUM;
+//    ctx: PBN_CTX;
+//    m_ctx: PBN_MONT_CTX): TIdC_INT,
+//                                        PBN_MONT_CTX *m_ctx): PBN_BLINDING;
+
+  procedure BN_RECP_CTX_free(recp: PBN_RECP_CTX);
+  function BN_RECP_CTX_set(recp: PBN_RECP_CTX; rdiv: PBIGNUM; ctx: PBN_CTX): TIdC_INT;
+  function BN_mod_mul_reciprocal(r: PBIGNUM; x: PBIGNUM; y: PBIGNUM; recp: PBN_RECP_CTX; ctx: PBN_CTX): TIdC_INT;
+  function BN_mod_exp_recp(r: PBIGNUM; a: PBIGNUM; p: PBIGNUM; m: PBIGNUM; ctx: PBN_CTX): TIdC_INT;
+  function BN_div_recp(dv: PBIGNUM; rem: PBIGNUM; m: PBIGNUM; recp: PBN_RECP_CTX; ctx: PBN_CTX): TIdC_INT;
+
+  (*
+   * Functions for arithmetic over binary polynomials represented by BIGNUMs.
+   * The BIGNUM::neg property of BIGNUMs representing binary polynomials is
+   * ignored. Note that input arguments are not const so that their bit arrays
+   * can be expanded to the appropriate size if needed.
+   *)
+
+  (*
+   * r = a + b
+   *)
+  function BN_GF2m_add(r: PBIGNUM; a: PBIGNUM; b: PBIGNUM): TIdC_INT;
+//  #  define BN_GF2m_sub(r, a, b) BN_GF2m_add(r, a, b)
+  (*
+   * r=a mod p
+   *)
+  function BN_GF2m_mod(r: PBIGNUM; a: PBIGNUM; p: PBIGNUM): TIdC_INT;
+  (* r = (a * b) mod p *)
+  function BN_GF2m_mod_mul(r: PBIGNUM; a: PBIGNUM; b: PBIGNUM; p: PBIGNUM; ctx: PBN_CTX): TIdC_INT;
+  (* r = (a * a) mod p *)
+  function BN_GF2m_mod_sqr(r: PBIGNUM; a: PBIGNUM; p: PBIGNUM; ctx: PBN_CTX): TIdC_INT;
+  (* r = (1 / b) mod p *)
+  function BN_GF2m_mod_inv(r: PBIGNUM; b: PBIGNUM; p: PBIGNUM; ctx: PBN_CTX): TIdC_INT;
+  (* r = (a / b) mod p *)
+  function BN_GF2m_mod_div(r: PBIGNUM; a: PBIGNUM; b: PBIGNUM; p: PBIGNUM; ctx: PBN_CTX): TIdC_INT;
+  (* r = (a ^ b) mod p *)
+  function BN_GF2m_mod_exp(r: PBIGNUM; a: PBIGNUM; b: PBIGNUM; p: PBIGNUM; ctx: PBN_CTX): TIdC_INT;
+  (* r = sqrt(a) mod p *)
+  function BN_GF2m_mod_sqrt(r: PBIGNUM; a: PBIGNUM; p: PBIGNUM; ctx: PBN_CTX): TIdC_INT;
+  (* r^2 + r = a mod p *)
+  function BN_GF2m_mod_solve_quad(r: PBIGNUM; a: PBIGNUM; p: PBIGNUM; ctx: PBN_CTX): TIdC_INT;
+//  #  define BN_GF2m_cmp(a, b) BN_ucmp((a), (b))
+  (*-
+   * Some functions allow for representation of the irreducible polynomials
+   * as an unsigned int[], say p.  The irreducible f(t) is then of the form:
+   *     t^p[0] + t^p[1] + ... + t^p[k]
+   * where m = p[0] > p[1] > ... > p[k] = 0.
+   *)
+  (* r = a mod p *)
+//  function BN_GF2m_mod_arr(r: PBIGNUM; a: PBIGNUM; p: array of TIdC_INT): TIdC_INT;
+  (* r = (a * b) mod p *)
+//  function BN_GF2m_mod_mul_arr(r: PBIGNUM; a: PBIGNUM; p: PBIGNUM; p: array of TIdC_INT; ctx: PBN_CTX): TIdC_INT;
+  (* r = (a * a) mod p *)
+//  function BN_GF2m_mod_sqr_arr(r: PBIGNUM; a: PBIGNUM; p: array of TIdC_INT; ctx: PBN_CTX): TIdC_INT;
+  (* r = (1 / b) mod p *)
+//  function BN_GF2m_mod_inv_arr(r: PBIGNUM; b: PBIGNUM; p: array of TIdC_INT; ctx: PBN_CTX): TIdC_INT;
+  (* r = (a / b) mod p *)
+//  function BN_GF2m_mod_div_arr(r: PBIGNUM; a: PBIGNUM; b: PBIGNUM; p: array of TIdC_INT; ctx: PBN_CTX): TIdC_INT;
+  (* r = (a ^ b) mod p *)
+//  function BN_GF2m_mod_exp_arr(r: PBIGNUM; a: PBIGNUM; b: PBIGNUM; p: array of TIdC_INT; ctx: PBN_CTX): TIdC_INT;
+  (* r = sqrt(a) mod p *)
+//  function BN_GF2m_mod_sqrt_arr(r: PBIGNUM; a: PBIGNUM; p: array of TIdC_INT; ctx: PBN_CTX): TIdC_INT;
+  (* r^2 + r = a mod p *)
+//  function BN_GF2m_mod_solve_quad_arr(r: PBIGNUM; a: PBIGNUM; p: array of TIdC_INT; ctx: PBN_CTX): TIdC_INT;
+//  function BN_GF2m_poly2arr(a: PBIGNUM; p: array of TIdC_INT; max: TIdC_INT): TIdC_INT;
+//  function BN_GF2m_arr2poly(p: array of TIdC_INT; a: PBIGNUM): TIdC_INT;
+
+  (*
+   * faster mod functions for the 'NIST primes' 0 <= a < p^2
+   *)
+  function BN_nist_mod_192(r: PBIGNUM; a: PBIGNUM; p: PBIGNUM; ctx: PBN_CTX): TIdC_INT;
+  function BN_nist_mod_224(r: PBIGNUM; a: PBIGNUM; p: PBIGNUM; ctx: PBN_CTX): TIdC_INT;
+  function BN_nist_mod_256(r: PBIGNUM; a: PBIGNUM; p: PBIGNUM; ctx: PBN_CTX): TIdC_INT;
+  function BN_nist_mod_384(r: PBIGNUM; a: PBIGNUM; p: PBIGNUM; ctx: PBN_CTX): TIdC_INT;
+  function BN_nist_mod_521(r: PBIGNUM; a: PBIGNUM; p: PBIGNUM; ctx: PBN_CTX): TIdC_INT;
+
+  function BN_get0_nist_prime_192: PBIGNUM;
+  function BN_get0_nist_prime_224: PBIGNUM;
+  function BN_get0_nist_prime_256: PBIGNUM;
+  function BN_get0_nist_prime_384: PBIGNUM;
+  function BN_get0_nist_prime_521: PBIGNUM;
+
+//int (*BN_nist_mod_func(const BIGNUM *p)) (BIGNUM *r, const BIGNUM *a,
+//                                          const BIGNUM *field, BN_CTX *ctx);
+
+  function BN_generate_dsa_nonce(&out: PBIGNUM; range: PBIGNUM; priv: PBIGNUM; const &message: PByte; message_len: TIdC_SIZET; ctx: PBN_CTX): TIdC_INT;
+
+  (* Primes from RFC 2409 *)
+  function BN_get_rfc2409_prime_768(bn: PBIGNUM ): PBIGNUM;
+  function BN_get_rfc2409_prime_1024(bn: PBIGNUM): PBIGNUM;
+
+  (* Primes from RFC 3526 *)
+  function BN_get_rfc3526_prime_1536(bn: PBIGNUM): PBIGNUM;
+  function BN_get_rfc3526_prime_2048(bn: PBIGNUM): PBIGNUM;
+  function BN_get_rfc3526_prime_3072(bn: PBIGNUM): PBIGNUM;
+  function BN_get_rfc3526_prime_4096(bn: PBIGNUM): PBIGNUM;
+  function BN_get_rfc3526_prime_6144(bn: PBIGNUM): PBIGNUM;
+  function BN_get_rfc3526_prime_8192(bn: PBIGNUM): PBIGNUM;
+
+  function BN_bntest_rand(rnd: PBIGNUM; bits: TIdC_INT; top: TIdC_INT; bottom: TIdC_INT): TIdC_INT;
+
+implementation
+
+end.
+
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_bnerr.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_bnerr.pas
new file mode 100644
index 000000000..aa37efb66
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_bnerr.pas
@@ -0,0 +1,124 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+unit IdOpenSSLHeaders_bnerr;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// bnerr.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+const
+  (*
+   * BN function codes.
+   *)
+  BN_F_BNRAND = 127;
+  BN_F_BNRAND_RANGE = 138;
+  BN_F_BN_BLINDING_CONVERT_EX = 100;
+  BN_F_BN_BLINDING_CREATE_PARAM = 128;
+  BN_F_BN_BLINDING_INVERT_EX = 101;
+  BN_F_BN_BLINDING_NEW = 102;
+  BN_F_BN_BLINDING_UPDATE = 103;
+  BN_F_BN_BN2DEC = 104;
+  BN_F_BN_BN2HEX = 105;
+  BN_F_BN_COMPUTE_WNAF = 142;
+  BN_F_BN_CTX_GET = 116;
+  BN_F_BN_CTX_NEW = 106;
+  BN_F_BN_CTX_START = 129;
+  BN_F_BN_DIV = 107;
+  BN_F_BN_DIV_RECP = 130;
+  BN_F_BN_EXP = 123;
+  BN_F_BN_EXPAND_INTERNAL = 120;
+  BN_F_BN_GENCB_NEW = 143;
+  BN_F_BN_GENERATE_DSA_NONCE = 140;
+  BN_F_BN_GENERATE_PRIME_EX = 141;
+  BN_F_BN_GF2M_MOD = 131;
+  BN_F_BN_GF2M_MOD_EXP = 132;
+  BN_F_BN_GF2M_MOD_MUL = 133;
+  BN_F_BN_GF2M_MOD_SOLVE_QUAD = 134;
+  BN_F_BN_GF2M_MOD_SOLVE_QUAD_ARR = 135;
+  BN_F_BN_GF2M_MOD_SQR = 136;
+  BN_F_BN_GF2M_MOD_SQRT = 137;
+  BN_F_BN_LSHIFT = 145;
+  BN_F_BN_MOD_EXP2_MONT = 118;
+  BN_F_BN_MOD_EXP_MONT = 109;
+  BN_F_BN_MOD_EXP_MONT_CONSTTIME = 124;
+  BN_F_BN_MOD_EXP_MONT_WORD = 117;
+  BN_F_BN_MOD_EXP_RECP = 125;
+  BN_F_BN_MOD_EXP_SIMPLE = 126;
+  BN_F_BN_MOD_INVERSE = 110;
+  BN_F_BN_MOD_INVERSE_NO_BRANCH = 139;
+  BN_F_BN_MOD_LSHIFT_QUICK = 119;
+  BN_F_BN_MOD_SQRT = 121;
+  BN_F_BN_MONT_CTX_NEW = 149;
+  BN_F_BN_MPI2BN = 112;
+  BN_F_BN_NEW = 113;
+  BN_F_BN_POOL_GET = 147;
+  BN_F_BN_RAND = 114;
+  BN_F_BN_RAND_RANGE = 122;
+  BN_F_BN_RECP_CTX_NEW = 150;
+  BN_F_BN_RSHIFT = 146;
+  BN_F_BN_SET_WORDS = 144;
+  BN_F_BN_STACK_PUSH = 148;
+  BN_F_BN_USUB = 115;
+
+  (*
+   * BN reason codes.
+   *)
+  BN_R_ARG2_LT_ARG3 = 100;
+  BN_R_BAD_RECIPROCAL = 101;
+  BN_R_BIGNUM_TOO_LONG = 114;
+  BN_R_BITS_TOO_SMALL = 118;
+  BN_R_CALLED_WITH_EVEN_MODULUS = 102;
+  BN_R_DIV_BY_ZERO = 103;
+  BN_R_ENCODING_ERROR = 104;
+  BN_R_EXPAND_ON_STATIC_BIGNUM_DATA = 105;
+  BN_R_INPUT_NOT_REDUCED = 110;
+  BN_R_INVALID_LENGTH = 106;
+  BN_R_INVALID_RANGE = 115;
+  BN_R_INVALID_SHIFT = 119;
+  BN_R_NOT_A_SQUARE = 111;
+  BN_R_NOT_INITIALIZED = 107;
+  BN_R_NO_INVERSE = 108;
+  BN_R_NO_SOLUTION = 116;
+  BN_R_PRIVATE_KEY_TOO_LARGE = 117;
+  BN_R_P_IS_NOT_PRIME = 112;
+  BN_R_TOO_MANY_ITERATIONS = 113;
+  BN_R_TOO_MANY_TEMPORARY_VARIABLES = 109;
+
+var
+  function ERR_load_BN_strings: TIdC_INT;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_buffer.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_buffer.pas
new file mode 100644
index 000000000..f18a7306a
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_buffer.pas
@@ -0,0 +1,63 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+unit IdOpenSSLHeaders_buffer;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// buffer.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts,
+  IdOpenSSLHeaders_ossl_typ;
+
+const
+  BUF_MEM_FLAG_SECURE = $01;
+
+type
+  buf_mem_st = record
+    length: TIdC_SIZET;
+    data: PIdAnsiChar;
+    max: TIdC_SIZET;
+    flags: TIdC_ULONG;
+  end;
+
+var
+  function BUF_MEM_new: PBUF_MEM;
+  function BUF_MEM_new_ex(flags: TIdC_ULONG): PBUF_MEM;
+  procedure BUF_MEM_free(a: PBUF_MEM);
+  function BUF_MEM_grow(str: PBUF_MEM; len: TIdC_SIZET): TIdC_SIZET;
+  function BUF_MEM_grow_clean(str: PBUF_MEM; len: TIdC_SIZET): TIdC_SIZET;
+  procedure BUF_reverse(&out: PByte; const &in: PByte; siz: TIdC_SIZET);
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_buffererr.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_buffererr.pas
new file mode 100644
index 000000000..27b9ca2cc
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_buffererr.pas
@@ -0,0 +1,54 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+unit IdOpenSSLHeaders_buffererr;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// buffererr.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+const
+// BUF function codes.
+  BUF_F_BUF_MEM_GROW = 100;
+  BUF_F_BUF_MEM_GROW_CLEAN = 105;
+  BUF_F_BUF_MEM_NEW = 101;
+
+// BUF reason codes.
+
+var
+  function ERR_load_BUF_strings: TIdC_INT;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_camellia.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_camellia.pas
new file mode 100644
index 000000000..f68d9edd5
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_camellia.pas
@@ -0,0 +1,87 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+unit IdOpenSSLHeaders_camellia;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// camellia.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+const
+  // Added '_CONST' to avoid name clashes
+  CAMELLIA_ENCRYPT_CONST = 1;
+  // Added '_CONST' to avoid name clashes
+  CAMELLIA_DECRYPT_CONST = 0;
+
+  CAMELLIA_BLOCK_SIZE = 16;
+  CAMELLIA_TABLE_BYTE_LEN = 272;
+  CAMELLIA_TABLE_WORD_LEN = CAMELLIA_TABLE_BYTE_LEN div 4;
+
+type
+  KEY_TABLE_TYPE = array[0 .. CAMELLIA_TABLE_WORD_LEN - 1] of TIdC_UINT;
+
+  camellia_key_st_u = record
+    case Integer of
+    0: (d: TIdC_DOUBLE);
+    1: (rd_key: KEY_TABLE_TYPE);
+  end;
+
+  camellia_key_st = record
+    u: camellia_key_st_u;
+    grand_rounds: TIdC_INT;
+  end;
+
+  CAMELLIA_KEY = camellia_key_st;
+  PCAMELLIA_KEY = ^CAMELLIA_KEY;
+
+  TCamellia_ctr128_encrypt_ivec = array[0 .. CAMELLIA_TABLE_WORD_LEN - 1] of Byte;
+  TCamellia_ctr128_encrypt_ecount_buf = array[0 .. CAMELLIA_TABLE_WORD_LEN - 1] of Byte;
+
+var
+  function Camellia_set_key(const userKey: PByte; const bits: TIdC_INT; key: PCAMELLIA_KEY): TIdC_INT;
+
+  procedure Camellia_encrypt(const &in: PByte; const &out: PByte; const key: PCAMELLIA_KEY);
+  procedure Camellia_decrypt(const &in: PByte; const &out: PByte; const key: PCAMELLIA_KEY);
+
+  procedure Camellia_ecb_encrypt( const &in: PByte; const &out: PByte; const key: PCAMELLIA_KEY; const enc: TIdC_INT);
+  procedure Camellia_cbc_encrypt( const &in: PByte; const &out: PByte; length: TIdC_SIZET; const key: PCAMELLIA_KEY; ivec: PByte; const enc: TIdC_INT);
+  procedure Camellia_cfb128_encrypt( const &in: PByte; const &out: PByte; length: TIdC_SIZET; const key: PCAMELLIA_KEY; ivec: PByte; num: PIdC_INT; const enc: TIdC_INT);
+  procedure Camellia_cfb1_encrypt( const &in: PByte; const &out: PByte; length: TIdC_SIZET; const key: PCAMELLIA_KEY; ivec: PByte; num: PIdC_INT; const enc: TIdC_INT);
+  procedure Camellia_cfb8_encrypt( const &in: PByte; const &out: PByte; length: TIdC_SIZET; const key: PCAMELLIA_KEY; ivec: PByte; num: PIdC_INT; const enc: TIdC_INT);
+  procedure Camellia_ofb128_encrypt( const &in: PByte; const &out: PByte; length: TIdC_SIZET; const key: PCAMELLIA_KEY; ivec: PByte; num: PIdC_INT);
+  procedure Camellia_ctr128_encrypt( const &in: PByte; const &out: PByte; length: TIdC_SIZET; const key: PCAMELLIA_KEY; ivec: TCamellia_ctr128_encrypt_ivec; ecount_buf: TCamellia_ctr128_encrypt_ecount_buf; num: PIdC_INT);
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_cast.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_cast.pas
new file mode 100644
index 000000000..ac28d85ce
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_cast.pas
@@ -0,0 +1,70 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+unit IdOpenSSLHeaders_cast;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// cast.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+const
+  CAST_ENCRYPT_CONST =  1;
+  CAST_DECRYPT_CONST =  0;
+  CAST_BLOCK =  8;
+  CAST_KEY_LENGTH = 16;
+
+type
+  CAST_LONG = type TIdC_UINT;
+  PCAST_LONG = ^CAST_LONG;
+
+  cast_key_st = record
+    data: array of CAST_LONG;
+    short_key: TIdC_INT;              //* Use reduced rounds for short key */
+  end;
+
+  CAST_KEY = cast_key_st;
+  PCAST_KEY = ^CAST_KEY;
+
+var
+  procedure CAST_set_key(key: PCast_Key; len: TIdC_INT; const data: PByte);
+  procedure CAST_ecb_encrypt(const &in: PByte; &out: PByte; const key: PCast_Key; enc: TIdC_INT);
+  procedure CAST_encrypt(data: PCAST_LONG; const key: PCast_Key);
+  procedure CAST_decrypt(data: PCAST_LONG; const key: PCast_Key);
+  procedure CAST_cbc_encrypt(const &in: PByte; &out: PByte; length: TIdC_LONG; const ks: PCast_Key; iv: PByte; enc: TIdC_INT);
+  procedure CAST_cfb64_encrypt(const &in: PByte; &out: PByte; length: TIdC_LONG; const schedule: PCast_Key; ivec: PByte; num: PIdC_INT; enc: TIdC_INT);
+  procedure CAST_ofb64_encrypt(const &in: PByte; &out: PByte; length: TIdC_LONG; const schedule: PCast_Key; ivec: PByte; num: PIdC_INT);
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_cmac.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_cmac.pas
new file mode 100644
index 000000000..309baa107
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_cmac.pas
@@ -0,0 +1,62 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+unit IdOpenSSLHeaders_cmac;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// cmac.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts,
+  IdOpenSSLHeaders_evp,
+  IdOpenSSLHeaders_ossl_typ;
+
+//* Opaque */
+type
+  CMAC_CTX_st = type Pointer;
+  CMAC_CTX = CMAC_CTX_st;
+  PCMAC_CTX = ^CMAC_CTX;
+
+var
+  function CMAC_CTX_new: PCMAC_CTX;
+  procedure CMAC_CTX_cleanup(ctx: PCMAC_CTX);
+  procedure CMAC_CTX_free(ctx: PCMAC_CTX);
+  function CMAC_CTX_get0_cipher_ctx(ctx: PCMAC_CTX): PEVP_CIPHER_CTX;
+  function CMAC_CTX_copy(out: PCMAC_CTX; const &in: PCMAC_CTX): TIdC_INT;
+  function CMAC_Init(ctx: PCMAC_CTX; const key: Pointer; keylen: TIdC_SIZET; const cipher: PEVP_Cipher; impl: PENGINe): TIdC_INT;
+  function CMAC_Update(ctx: PCMAC_CTX; const data: Pointer; dlen: TIdC_SIZET): TIdC_INT;
+  function CMAC_Final(ctx: PCMAC_CTX; &out: PByte; poutlen: PIdC_SIZET): TIdC_INT;
+  function CMAC_resume(ctx: PCMAC_CTX): TIdC_INT;
+
+
implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_cms.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_cms.pas
new file mode 100644
index 000000000..8216fe33a
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_cms.pas
@@ -0,0 +1,292 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+unit IdOpenSSLHeaders_cms;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// cms.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts,
+  IdOpenSSLHeaders_ossl_typ,
+  IdOpenSSLHeaders_x509;
+
+type
+  CMS_ContentInfo_st = type Pointer;
+  CMS_ContentInfo = CMS_ContentInfo_st;
+  PCMS_ContentInfo = ^CMS_ContentInfo;
+  PPCMS_ContentInfo = ^PCMS_ContentInfo;
+
+  CMS_SignerInfo_st = type Pointer;
+  CMS_SignerInfo = CMS_SignerInfo_st;
+  PCMS_SignerInfo = ^CMS_SignerInfo;
+
+  CMS_CertificateChoices_st = type Pointer;
+  CMS_CertificateChoices = CMS_CertificateChoices_st;
+  PCMS_CertificateChoices = ^CMS_CertificateChoices;
+
+  CMS_RevocationInfoChoice_st = type Pointer;
+  CMS_RevocationInfoChoice = CMS_RevocationInfoChoice_st;
+  PCMS_RevocationInfoChoice = ^CMS_RevocationInfoChoice;
+
+  CMS_RecipientInfo_st = type Pointer;
+  CMS_RecipientInfo = CMS_RecipientInfo_st;
+  PCMS_RecipientInfo = ^CMS_RecipientInfo;
+  PPCMS_RecipientInfo = ^PCMS_RecipientInfo;
+
+  CMS_ReceiptRequest_st = type Pointer;
+  CMS_ReceiptRequest = CMS_ReceiptRequest_st;
+  PCMS_ReceiptRequest = ^CMS_ReceiptRequest;
+  PPCMS_ReceiptRequest = ^PCMS_ReceiptRequest;
+
+  CMS_Receipt_st = type Pointer;
+  CMS_Receipt = CMS_Receipt_st;
+  PCMS_Receipt = ^CMS_Receipt;
+
+  CMS_RecipientEncryptedKey_st = type Pointer;
+  CMS_RecipientEncryptedKey = CMS_RecipientEncryptedKey_st;
+  PCMS_RecipientEncryptedKey = ^CMS_RecipientEncryptedKey;
+
+  CMS_OtherKeyAttribute_st = type Pointer;
+  CMS_OtherKeyAttribute = CMS_OtherKeyAttribute_st;
+  PCMS_OtherKeyAttribute = ^CMS_OtherKeyAttribute;
+  PPCMS_OtherKeyAttribute = ^PCMS_OtherKeyAttribute;
+
+//DEFINE_STACK_OF(CMS_SignerInfo)
+//DEFINE_STACK_OF(CMS_RecipientEncryptedKey)
+//DEFINE_STACK_OF(CMS_RecipientInfo)
+//DEFINE_STACK_OF(CMS_RevocationInfoChoice)
+//DECLARE_ASN1_FUNCTIONS(CMS_ContentInfo)
+//DECLARE_ASN1_FUNCTIONS(CMS_ReceiptRequest)
+//DECLARE_ASN1_PRINT_FUNCTION(CMS_ContentInfo)
+
+const
+  CMS_SIGNERINFO_ISSUER_SERIAL    = 0;
+  CMS_SIGNERINFO_KEYIDENTIFIER    = 1;
+
+  CMS_RECIPINFO_NONE              = -1;
+  CMS_RECIPINFO_TRANS             = 0;
+  CMS_RECIPINFO_AGREE             = 1;
+  CMS_RECIPINFO_KEK               = 2;
+  CMS_RECIPINFO_PASS              = 3;
+  CMS_RECIPINFO_OTHER             = 4;
+
+// S/MIME related flags /
+
+  CMS_TEXT                        = $1;
+  CMS_NOCERTS                     = $2;
+  CMS_NO_CONTENT_VERIFY           = $4;
+  CMS_NO_ATTR_VERIFY              = $8;
+  CMS_NOSIGS                      = (CMS_NO_CONTENT_VERIFY or CMS_NO_ATTR_VERIFY);
+  CMS_NOINTERN                    = $10;
+  CMS_NO_SIGNER_CERT_VERIFY       = $20;
+  CMS_NOVERIFY                    = $20;
+  CMS_DETACHED                    = $40;
+  CMS_BINARY                      = $80;
+  CMS_NOATTR                      = $100;
+  CMS_NOSMIMECAP                  = $200;
+  CMS_NOOLDMIMETYPE               = $400;
+  CMS_CRLFEOL                     = $800;
+  CMS_STREAM_CONST                = $1000;
+  CMS_NOCRL                       = $2000;
+  CMS_PARTIAL                     = $4000;
+  CMS_REUSE_DIGEST                = $8000;
+  CMS_USE_KEYID                   = $10000;
+  CMS_DEBUG_DECRYPT               = $20000;
+  CMS_KEY_PARAM                   = $40000;
+  CMS_ASCIICRLF                   = $80000;
+
+var
+  function CMS_get0_type(const cms: PCMS_ContentInfo): PASN1_OBJECT;
+
+  function CMS_dataInit(cms: PCMS_ContentInfo; icont: PBIO): PBIO;
+  function CMS_dataFinal(cms: PCMS_ContentInfo; bio: PBIO): TIdC_INT;
+
+  function CMS_get0_content(cms: PCMS_ContentInfo): PPASN1_OCTET_STRING;
+  function CMS_is_detached(cms: PCMS_ContentInfo): TIdC_INT;
+  function CMS_set_detached(cms: PCMS_ContentInfo; detached: TIdC_INT): TIdC_INT;
+
+  function CMS_stream(cms: PCMS_ContentInfo; boundary: PPPByte): TIdC_INT;
+  function d2i_CMS_bio(bp: PBIO; cms: PPCMS_ContentInfo): PCMS_ContentInfo;
+  function i2d_CMS_bio(bp: PBIO; cms: PCMS_ContentInfo): TIdC_INT;
+
+  function BIO_new_CMS(&out: PBIO; cms: PCMS_ContentInfo): PBIO;
+  function i2d_CMS_bio_stream(&out: PBIO; cms: PCMS_ContentInfo; &in: PBIO; flags: TIdC_INT): TIdC_INT;
+  function PEM_write_bio_CMS_stream(&out: PBIO; cms: PCMS_ContentInfo; &in: PBIO; flags: TIdC_INT): TIdC_INT;
+  function SMIME_read_CMS(bio: PBIO; bcont: PPBIO): PCMS_ContentInfo;
+  function SMIME_write_CMS(bio: PBIO; cms: PCMS_ContentInfo; data: PBIO; flags: TIdC_INT): TIdC_INT;
+
+  function CMS_final(cms: PCMS_ContentInfo; data: PBIO; dcont: PBIO; flags: TIdC_UINT): TIdC_INT;
+
+//  function CMS_sign(signcert: PX509; pkey: PEVP_PKEY; {STACK_OF(x509) *certs;} data: PBIO; flags: TIdC_UINT): PCMS_ContentInfo;
+
+//  function CMS_sign_receipt(si: PCMS_SignerInfo; signcert: PX509; pkey: PEVP_PKEY; {STACK_OF(X509) *certs;} flags: TIdC_UINT): PCMS_ContentInfo;
+
+  function CMS_data(cms: PCMS_ContentInfo; &out: PBIO; flags: TIdC_UINT): TIdC_INT;
+  function CMS_data_create(&in: PBIO; flags: TIdC_UINT): PCMS_ContentInfo;
+
+  function CMS_digest_verify(cms: PCMS_ContentInfo; dcont: PBIO; &out: PBIO; flags: TIdC_UINT): TIdC_INT;
+  function CMS_digest_create(&in: PBIO; const md: PEVP_MD; flags: TIdC_UINT): PCMS_ContentInfo;
+
+  function CMS_EncryptedData_decrypt(cms: PCMS_ContentInfo; const key: PByte; keylen: TIdC_SIZET; dcont: PBIO; &out: PBIO; flags: TIdC_UINT): TIdC_INT;
+
+  function CMS_EncryptedData_encrypt(&in: PBIO; const cipher: PEVP_CIPHER; const key: PByte; keylen: TIdC_SIZET; flags: TIdC_UINT): PCMS_ContentInfo;
+
+  function CMS_EncryptedData_set1_key(cms: PCMS_ContentInfo; const ciph: PEVP_CIPHER; const key: PByte; keylen: TIdC_SIZET): TIdC_INT;
+
+//  function CMS_verify(cms: PCMS_ContentInfo; {STACK_OF(X509) *certs;} store: PX509_STORE; dcont: PBIO; &out: PBIO; flags: TIdC_UINT): TIdC_INT;
+
+//  function CMS_verify_receipt(rcms: PCMS_ContentInfo; ocms: PCMS_ContentInfo; {STACK_OF(x509) *certs;} store: PX509_STORE; flags: TIdC_UINT): TIdC_INT;
+
+  // STACK_OF(X509) *CMS_get0_signers(CMS_ContentInfo *cms);
+
+//  function CMS_encrypt({STACK_OF(x509) *certs;} &in: PBIO; const cipher: PEVP_CIPHER; flags: TIdC_UINT): PCMS_ContentInfo;
+
+  function CMS_decrypt(cms: PCMS_ContentInfo; pkey: PEVP_PKEY; cert: PX509; dcont: PBIO; &out: PBIO; flags: TIdC_UINT): TIdC_INT;
+
+  function CMS_decrypt_set1_pkey(cms: PCMS_ContentInfo; pk: PEVP_PKEY; cert: PX509): TIdC_INT;
+  function CMS_decrypt_set1_key(cms: PCMS_ContentInfo; key: PByte; keylen: TIdC_SIZET; const id: PByte; idlen: TIdC_SIZET): TIdC_INT;
+  function CMS_decrypt_set1_password(cms: PCMS_ContentInfo; pass: PByte; passlen: ossl_ssize_t): TIdC_INT;
+
+  //STACK_OF(CMS_RecipientInfo) *CMS_get0_RecipientInfos(CMS_ContentInfo *cms);
+  function CMS_RecipientInfo_type(ri: PCMS_RecipientInfo): TIdC_INT;
+  function CMS_RecipientInfo_get0_pkey_ctx(ri: PCMS_RecipientInfo): PEVP_PKEY_CTX;
+  function CMS_EnvelopedData_create(const cipher: PEVP_CIPHER): PCMS_ContentInfo;
+  function CMS_add1_recipient_cert(cms: PCMS_ContentInfo; recip: PX509; flags: TIdC_UINT): PCMS_RecipientInfo;
+  function CMS_RecipientInfo_set0_pkey(ri: PCMS_RecipientInfo; pkey: PEVP_PKEY): TIdC_INT;
+  function CMS_RecipientInfo_ktri_cert_cmp(ri: PCMS_RecipientInfo; cert: PX509): TIdC_INT;
+  function CMS_RecipientInfo_ktri_get0_algs(ri: PCMS_RecipientInfo; pk: PPEVP_PKEY; recip: PPX509; palg: PPX509_ALGOR): TIdC_INT;
+  function CMS_RecipientInfo_ktri_get0_signer_id(ri: PPCMS_RecipientInfo; keyid: PPASN1_OCTET_STRING; issuer: PPX509_NAME; sno: PPASN1_INTEGER): TIdC_INT;
+
+  function CMS_add0_recipient_key(cms: PCMS_ContentInfo; nid: TIdC_INT; key: PByte; keylen: TIdC_SIZET; id: PByte; idlen: TIdC_SIZET; date: PASN1_GENERALIZEDTIME; otherTypeId: PASN1_OBJECT; otherType: ASN1_TYPE): PCMS_RecipientInfo;
+
+  function CMS_RecipientInfo_kekri_get0_id(ri: PCMS_RecipientInfo; palg: PPX509_ALGOR; pid: PPASN1_OCTET_STRING; pdate: PPASN1_GENERALIZEDTIME; potherid: PPASN1_OBJECT; pothertype: PASN1_TYPE): TIdC_INT;
+
+  function CMS_RecipientInfo_set0_key(ri: PCMS_RecipientInfo; key: PByte; keylen: TIdC_SIZET): TIdC_INT;
+
+  function CMS_RecipientInfo_kekri_id_cmp(ri: PCMS_RecipientInfo; const id: PByte; idlen: TIdC_SIZET): TIdC_INT;
+
+  function CMS_RecipientInfo_set0_password(ri: PCMS_RecipientInfo; pass: PByte; passlen: ossl_ssize_t): TIdC_INT;
+
+  function CMS_add0_recipient_password(cms: PCMS_ContentInfo; iter: TIdC_INT; wrap_nid: TIdC_INT; pbe_nid: TIdC_INT; pass: PByte; passlen: ossl_ssize_t; const kekciph: PEVP_CIPHER): PCMS_RecipientInfo;
+
+  function CMS_RecipientInfo_decrypt(cms: PCMS_ContentInfo; ri: PCMS_RecipientInfo): TIdC_INT;
+  function CMS_RecipientInfo_encrypt(cms: PCMS_ContentInfo; ri: PCMS_RecipientInfo): TIdC_INT;
+
+  function CMS_uncompress(cms: PCMS_ContentInfo; dcont: PBIO; &out: PBIO; flags: TIdC_UINT): TIdC_INT;
+  function CMS_compress(&in: PBIO; comp_nid: TIdC_INT; flags: TIdC_UINT): PCMS_ContentInfo;
+
+  function CMS_set1_eContentType(cms: CMS_ContentInfo; const oit: PASN1_OBJECT): TIdC_INT;
+  function CMS_get0_eContentType(cms: PCMS_ContentInfo): PASN1_OBJECT;
+
+  function CMS_add0_CertificateChoices(cms: PCMS_ContentInfo): PCMS_CertificateChoices;
+  function CMS_add0_cert(cms: PCMS_ContentInfo; cert: PX509): TIdC_INT;
+  function CMS_add1_cert(cms: PCMS_ContentInfo; cert: PX509): TIdC_INT;
+  // STACK_OF(X509) *CMS_get1_certs(CMS_ContentInfo *cms);
+
+  function CMS_add0_RevocationInfoChoice(cms: PCMS_ContentInfo): PCMS_RevocationInfoChoice;
+  function CMS_add0_crl(cms: PCMS_ContentInfo; crl: PX509_CRL): TIdC_INT;
+  function CMS_add1_crl(cms: PCMS_ContentInfo; crl: PX509_CRL): TIdC_INT;
+  // STACK_OF(X509_CRL) *CMS_get1_crls(CMS_ContentInfo *cms);
+
+  function CMS_SignedData_init(cms: PCMS_ContentInfo): TIdC_INT;
+  function CMS_add1_signer(cms: PCMS_ContentInfo; signer: PX509; pk: PEVP_PKEY; const md: PEVP_MD; flags: TIdC_UINT): PCMS_SignerInfo;
+  function CMS_SignerInfo_get0_pkey_ctx(si: PCMS_SignerInfo): PEVP_PKEY_CTX;
+  function CMS_SignerInfo_get0_md_ctx(si: PCMS_SignerInfo): PEVP_MD_CTX;
+  // STACK_OF(CMS_SignerInfo) *CMS_get0_SignerInfos(CMS_ContentInfo *cms);
+
+  procedure CMS_SignerInfo_set1_signer_cert(si: PCMS_SignerInfo; signer: PX509);
+  function CMS_SignerInfo_get0_signer_id(si: PCMS_SignerInfo; keyid: PPASN1_OCTET_STRING; issuer: PPX509_NAME; sno: PPASN1_INTEGER): TIdC_INT;
+  function CMS_SignerInfo_cert_cmp(si: PCMS_SignerInfo; cert: PX509): TIdC_INT;
+//  function CMS_set1_signers_certs(cms: PCMS_ContentInfo; {STACK_OF(X509) *certs;} flags: TIdC_UINT): TIdC_INT;
+  procedure CMS_SignerInfo_get0_algs(si: PCMS_SignerInfo; pk: PPEVP_PKEY; signer: PPX509; pdig: PPX509_ALGOR; psig: PPX509_ALGOR);
+  function CMS_SignerInfo_get0_signature(si: PCMS_SignerInfo): PASN1_OCTET_STRING;
+  function CMS_SignerInfo_sign(si: PCMS_SignerInfo): TIdC_INT;
+  function CMS_SignerInfo_verify(si: PCMS_SignerInfo): TIdC_INT;
+  function CMS_SignerInfo_verify_content(si: PCMS_SignerInfo; chain: PBIO): TIdC_INT;
+
+//  function CMS_add_smimecap(si: PCMS_SignerInfo{; STACK_OF(X509_ALGOR) *algs}): TIdC_INT;
+//  function CMS_add_simple_smimecap({STACK_OF(X509_ALGOR) **algs;} algnid: TIdC_INT; keysize: TIdC_INT): TIdC_INT;
+//  function CMS_add_standard_smimecap({STACK_OF(X509_ALGOR) **smcap}): TIdC_INT;
+
+  function CMS_signed_get_attr_count(const si: PCMS_SignerInfo): TIdC_INT;
+  function CMS_signed_get_attr_by_NID(const si: PCMS_SignerInfo; nid: TIdC_INT; lastpos: TIdC_INT): TIdC_INT;
+  function CMS_signed_get_attr_by_OBJ(const si: PCMS_SignerInfo; const obj: ASN1_OBJECT; lastpos: TIdC_INT): TIdC_INT;
+  function CMS_signed_get_attr(const si: PCMS_SignerInfo; loc: TIdC_INT): PX509_ATTRIBUTE;
+  function CMS_signed_delete_attr(const si: PCMS_SignerInfo; loc: TIdC_INT): PX509_ATTRIBUTE;
+  function CMS_signed_add1_attr(si: PCMS_SignerInfo; loc: TIdC_INT): TIdC_INT;
+  function CMS_signed_add1_attr_by_OBJ(si: PCMS_SignerInfo; const obj: PASN1_OBJECT; &type: TIdC_INT; const bytes: Pointer; len: TIdC_INT): TIdC_INT;
+  function CMS_signed_add1_attr_by_NID(si: PCMS_SignerInfo; nid: TIdC_INT; &type: TIdC_INT; const bytes: Pointer; len: TIdC_INT): TIdC_INT;
+  function CMS_signed_add1_attr_by_txt(si: PCMS_SignerInfo; const attrname: PAnsiChar; &type: TIdC_INT; const bytes: Pointer; len: TIdC_INT): TIdC_INT;
+  function CMS_signed_get0_data_by_OBJ(si: PCMS_SignerInfo; const oid: PASN1_OBJECT; lastpos: TIdC_INT; &type: TIdC_INT): Pointer;
+
+  function CMS_unsigned_get_attr_count(const si: PCMS_SignerInfo): TIdC_INT;
+  function CMS_unsigned_get_attr_by_NID(const si: PCMS_SignerInfo; nid: TIdC_INT; lastpos: TIdC_INT): TIdC_INT;
+  function CMS_unsigned_get_attr_by_OBJ(const si: PCMS_SignerInfo; const obj: PASN1_OBJECT; lastpos: TIdC_INT): TIdC_INT;
+  function CMS_unsigned_get_attr(const si: PCMS_SignerInfo; loc: TIdC_INT): PX509_ATTRIBUTE;
+  function CMS_unsigned_delete_attr(si: PCMS_SignerInfo; loc: TIdC_INT): PX509_ATTRIBUTE;
+  function CMS_unsigned_add1_attr(si: PCMS_SignerInfo; attr: PX509_ATTRIBUTE): TIdC_INT;
+  function CMS_unsigned_add1_attr_by_OBJ(si: PCMS_SignerInfo; const obj: PASN1_OBJECT; &type: TIdC_INT; const bytes: Pointer; len: TIdC_INT): TIdC_INT;
+  function CMS_unsigned_add1_attr_by_NID(si: PCMS_SignerInfo; nid: TIdC_INT; &type: TIdC_INT; const bytes: Pointer; len: TIdC_INT): TIdC_INT;
+  function CMS_unsigned_add1_attr_by_txt(si: PCMS_SignerInfo; const attrname: PAnsiChar; &type: TIdC_INT; const bytes: Pointer; len: TIdC_INT): TIdC_INT;
+  function CMS_unsigned_get0_data_by_OBJ(si: PCMS_SignerInfo; oid: PASN1_OBJECT; lastpos: TIdC_INT; &type: TIdC_INT): Pointer;
+
+  function CMS_get1_ReceiptRequest(si: PCMS_SignerInfo; prr: PPCMS_ReceiptRequest): TIdC_INT;
+//  function CMS_ReceiptRequest_create0(id: PByte; idlen: TIdC_INT; allorfirst: TIdC_INT
+//    {;STACK_OF(GENERAL_NAMES) *receiptList;} {STACK_OF(GENERAL_NAMES) *receiptsTo}): PCMS_ReceiptRequest;
+  function CMS_add1_ReceiptRequest(si: PCMS_SignerInfo; rr: PCMS_ReceiptRequest): TIdC_INT;
+//  procedure CMS_ReceiptRequest_get0_values(rr: PCMS_ReceiptRequest; pcid: PPASN1_STRING;
+//    pallorfirst: PIdC_INT {;STACK_OF(GENERAL_NAMES) **plist;}
+//    {STACK_OF(GENERAL_NAMES) **prto});
+//  function CMS_RecipientInfo_kari_get0_alg(ri: PCMS_RecipientInfo; palg: PPX509_ALGOR;
+//    pukm: PPASN1_OCTET_STRING): TIdC_INT;
+//  // STACK_OF(CMS_RecipientEncryptedKey) *CMS_RecipientInfo_kari_get0_reks(CMS_RecipientInfo *ri);
+
+  function CMS_RecipientInfo_kari_get0_orig_id(ri: PCMS_RecipientInfo; pubalg: PPX509_ALGOR; pubkey: PASN1_BIT_STRING; keyid: PPASN1_OCTET_STRING; issuer: PPX509_NAME; sno: PPASN1_INTEGER): TIdC_INT;
+
+  function CMS_RecipientInfo_kari_orig_id_cmp(ri: PCMS_RecipientInfo; cert: PX509): TIdC_INT;
+
+  function CMS_RecipientEncryptedKey_get0_id(rek: PCMS_RecipientEncryptedKey; keyid: PPASN1_OCTET_STRING; tm: PPASN1_GENERALIZEDTIME; other: PPCMS_OtherKeyAttribute; issuer: PPX509_NAME; sno: PPASN1_INTEGER): TIdC_INT;
+  function CMS_RecipientEncryptedKey_cert_cmp(rek: PCMS_RecipientEncryptedKey; cert: PX509): TIdC_INT;
+  function CMS_RecipientInfo_kari_set0_pkey(ri: PCMS_RecipientInfo; pk: PEVP_PKEY): TIdC_INT;
+  function CMS_RecipientInfo_kari_get0_ctx(ri: PCMS_RecipientInfo): PEVP_CIPHER_CTX;
+  function CMS_RecipientInfo_kari_decrypt(cms: PCMS_ContentInfo; ri: PCMS_RecipientInfo; rek: PCMS_RecipientEncryptedKey): TIdC_INT;
+
+  function CMS_SharedInfo_encode(pder: PPByte; kekalg: PX509_ALGOR; ukm: PASN1_OCTET_STRING; keylen: TIdC_INT): TIdC_INT;
+
+  ///* Backward compatibility for spelling errors. */
+  //# define CMS_R_UNKNOWN_DIGEST_ALGORITM CMS_R_UNKNOWN_DIGEST_ALGORITHM
+  //# define CMS_R_UNSUPPORTED_RECPIENTINFO_TYPE \ CMS_R_UNSUPPORTED_RECIPIENTINFO_TYPE
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_cmserr.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_cmserr.pas
new file mode 100644
index 000000000..5b65830f9
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_cmserr.pas
@@ -0,0 +1,221 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+unit IdOpenSSLHeaders_cmserr;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// cmserr.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+const
+  //
+  // CMS function codes.
+  //
+  CMS_F_CHECK_CONTENT                             = 99;
+  CMS_F_CMS_ADD0_CERT                             = 164;
+  CMS_F_CMS_ADD0_RECIPIENT_KEY                    = 100;
+  CMS_F_CMS_ADD0_RECIPIENT_PASSWORD               = 165;
+  CMS_F_CMS_ADD1_RECEIPTREQUEST                   = 158;
+  CMS_F_CMS_ADD1_RECIPIENT_CERT                   = 101;
+  CMS_F_CMS_ADD1_SIGNER                           = 102;
+  CMS_F_CMS_ADD1_SIGNINGTIME                      = 103;
+  CMS_F_CMS_COMPRESS                              = 104;
+  CMS_F_CMS_COMPRESSEDDATA_CREATE                 = 105;
+  CMS_F_CMS_COMPRESSEDDATA_INIT_BIO               = 106;
+  CMS_F_CMS_COPY_CONTENT                          = 107;
+  CMS_F_CMS_COPY_MESSAGEDIGEST                    = 108;
+  CMS_F_CMS_DATA                                  = 109;
+  CMS_F_CMS_DATAFINAL                             = 110;
+  CMS_F_CMS_DATAINIT                              = 111;
+  CMS_F_CMS_DECRYPT                               = 112;
+  CMS_F_CMS_DECRYPT_SET1_KEY                      = 113;
+  CMS_F_CMS_DECRYPT_SET1_PASSWORD                 = 166;
+  CMS_F_CMS_DECRYPT_SET1_PKEY                     = 114;
+  CMS_F_CMS_DIGESTALGORITHM_FIND_CTX              = 115;
+  CMS_F_CMS_DIGESTALGORITHM_INIT_BIO              = 116;
+  CMS_F_CMS_DIGESTEDDATA_DO_FINAL                 = 117;
+  CMS_F_CMS_DIGEST_VERIFY                         = 118;
+  CMS_F_CMS_ENCODE_RECEIPT                        = 161;
+  CMS_F_CMS_ENCRYPT                               = 119;
+  CMS_F_CMS_ENCRYPTEDCONTENT_INIT                 = 179;
+  CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO             = 120;
+  CMS_F_CMS_ENCRYPTEDDATA_DECRYPT                 = 121;
+  CMS_F_CMS_ENCRYPTEDDATA_ENCRYPT                 = 122;
+  CMS_F_CMS_ENCRYPTEDDATA_SET1_KEY                = 123;
+  CMS_F_CMS_ENVELOPEDDATA_CREATE                  = 124;
+  CMS_F_CMS_ENVELOPEDDATA_INIT_BIO                = 125;
+  CMS_F_CMS_ENVELOPED_DATA_INIT                   = 126;
+  CMS_F_CMS_ENV_ASN1_CTRL                         = 171;
+  CMS_F_CMS_FINAL                                 = 127;
+  CMS_F_CMS_GET0_CERTIFICATE_CHOICES              = 128;
+  CMS_F_CMS_GET0_CONTENT                          = 129;
+  CMS_F_CMS_GET0_ECONTENT_TYPE                    = 130;
+  CMS_F_CMS_GET0_ENVELOPED                        = 131;
+  CMS_F_CMS_GET0_REVOCATION_CHOICES               = 132;
+  CMS_F_CMS_GET0_SIGNED                           = 133;
+  CMS_F_CMS_MSGSIGDIGEST_ADD1                     = 162;
+  CMS_F_CMS_RECEIPTREQUEST_CREATE0                = 159;
+  CMS_F_CMS_RECEIPT_VERIFY                        = 160;
+  CMS_F_CMS_RECIPIENTINFO_DECRYPT                 = 134;
+  CMS_F_CMS_RECIPIENTINFO_ENCRYPT                 = 169;
+  CMS_F_CMS_RECIPIENTINFO_KARI_ENCRYPT            = 178;
+  CMS_F_CMS_RECIPIENTINFO_KARI_GET0_ALG           = 175;
+  CMS_F_CMS_RECIPIENTINFO_KARI_GET0_ORIG_ID       = 173;
+  CMS_F_CMS_RECIPIENTINFO_KARI_GET0_REKS          = 172;
+  CMS_F_CMS_RECIPIENTINFO_KARI_ORIG_ID_CMP        = 174;
+  CMS_F_CMS_RECIPIENTINFO_KEKRI_DECRYPT           = 135;
+  CMS_F_CMS_RECIPIENTINFO_KEKRI_ENCRYPT           = 136;
+  CMS_F_CMS_RECIPIENTINFO_KEKRI_GET0_ID           = 137;
+  CMS_F_CMS_RECIPIENTINFO_KEKRI_ID_CMP            = 138;
+  CMS_F_CMS_RECIPIENTINFO_KTRI_CERT_CMP           = 139;
+  CMS_F_CMS_RECIPIENTINFO_KTRI_DECRYPT            = 140;
+  CMS_F_CMS_RECIPIENTINFO_KTRI_ENCRYPT            = 141;
+  CMS_F_CMS_RECIPIENTINFO_KTRI_GET0_ALGS          = 142;
+  CMS_F_CMS_RECIPIENTINFO_KTRI_GET0_SIGNER_ID     = 143;
+  CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT              = 167;
+  CMS_F_CMS_RECIPIENTINFO_SET0_KEY                = 144;
+  CMS_F_CMS_RECIPIENTINFO_SET0_PASSWORD           = 168;
+  CMS_F_CMS_RECIPIENTINFO_SET0_PKEY               = 145;
+  CMS_F_CMS_SD_ASN1_CTRL                          = 170;
+  CMS_F_CMS_SET1_IAS                              = 176;
+  CMS_F_CMS_SET1_KEYID                            = 177;
+  CMS_F_CMS_SET1_SIGNERIDENTIFIER                 = 146;
+  CMS_F_CMS_SET_DETACHED                          = 147;
+  CMS_F_CMS_SIGN                                  = 148;
+  CMS_F_CMS_SIGNED_DATA_INIT                      = 149;
+  CMS_F_CMS_SIGNERINFO_CONTENT_SIGN               = 150;
+  CMS_F_CMS_SIGNERINFO_SIGN                       = 151;
+  CMS_F_CMS_SIGNERINFO_VERIFY                     = 152;
+  CMS_F_CMS_SIGNERINFO_VERIFY_CERT                = 153;
+  CMS_F_CMS_SIGNERINFO_VERIFY_CONTENT             = 154;
+  CMS_F_CMS_SIGN_RECEIPT                          = 163;
+  CMS_F_CMS_SI_CHECK_ATTRIBUTES                   = 183;
+  CMS_F_CMS_STREAM                                = 155;
+  CMS_F_CMS_UNCOMPRESS                            = 156;
+  CMS_F_CMS_VERIFY                                = 157;
+  CMS_F_KEK_UNWRAP_KEY                            = 180;
+
+  //
+  // CMS reason codes.
+  //
+  CMS_R_ADD_SIGNER_ERROR                          = 99;
+  CMS_R_ATTRIBUTE_ERROR                           = 161;
+  CMS_R_CERTIFICATE_ALREADY_PRESENT               = 175;
+  CMS_R_CERTIFICATE_HAS_NO_KEYID                  = 160;
+  CMS_R_CERTIFICATE_VERIFY_ERROR                  = 100;
+  CMS_R_CIPHER_INITIALISATION_ERROR               = 101;
+  CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR     = 102;
+  CMS_R_CMS_DATAFINAL_ERROR                       = 103;
+  CMS_R_CMS_LIB                                   = 104;
+  CMS_R_CONTENTIDENTIFIER_MISMATCH                = 170;
+  CMS_R_CONTENT_NOT_FOUND                         = 105;
+  CMS_R_CONTENT_TYPE_MISMATCH                     = 171;
+  CMS_R_CONTENT_TYPE_NOT_COMPRESSED_DATA          = 106;
+  CMS_R_CONTENT_TYPE_NOT_ENVELOPED_DATA           = 107;
+  CMS_R_CONTENT_TYPE_NOT_SIGNED_DATA              = 108;
+  CMS_R_CONTENT_VERIFY_ERROR                      = 109;
+  CMS_R_CTRL_ERROR                                = 110;
+  CMS_R_CTRL_FAILURE                              = 111;
+  CMS_R_DECRYPT_ERROR                             = 112;
+  CMS_R_ERROR_GETTING_PUBLIC_KEY                  = 113;
+  CMS_R_ERROR_READING_MESSAGEDIGEST_ATTRIBUTE     = 114;
+  CMS_R_ERROR_SETTING_KEY                         = 115;
+  CMS_R_ERROR_SETTING_RECIPIENTINFO               = 116;
+  CMS_R_INVALID_ENCRYPTED_KEY_LENGTH              = 117;
+  CMS_R_INVALID_KEY_ENCRYPTION_PARAMETER          = 176;
+  CMS_R_INVALID_KEY_LENGTH                        = 118;
+  CMS_R_MD_BIO_INIT_ERROR                         = 119;
+  CMS_R_MESSAGEDIGEST_ATTRIBUTE_WRONG_LENGTH      = 120;
+  CMS_R_MESSAGEDIGEST_WRONG_LENGTH                = 121;
+  CMS_R_MSGSIGDIGEST_ERROR                        = 172;
+  CMS_R_MSGSIGDIGEST_VERIFICATION_FAILURE         = 162;
+  CMS_R_MSGSIGDIGEST_WRONG_LENGTH                 = 163;
+  CMS_R_NEED_ONE_SIGNER                           = 164;
+  CMS_R_NOT_A_SIGNED_RECEIPT                      = 165;
+  CMS_R_NOT_ENCRYPTED_DATA                        = 122;
+  CMS_R_NOT_KEK                                   = 123;
+  CMS_R_NOT_KEY_AGREEMENT                         = 181;
+  CMS_R_NOT_KEY_TRANSPORT                         = 124;
+  CMS_R_NOT_PWRI                                  = 177;
+  CMS_R_NOT_SUPPORTED_FOR_THIS_KEY_TYPE           = 125;
+  CMS_R_NO_CIPHER                                 = 126;
+  CMS_R_NO_CONTENT                                = 127;
+  CMS_R_NO_CONTENT_TYPE                           = 173;
+  CMS_R_NO_DEFAULT_DIGEST                         = 128;
+  CMS_R_NO_DIGEST_SET                             = 129;
+  CMS_R_NO_KEY                                    = 130;
+  CMS_R_NO_KEY_OR_CERT                            = 174;
+  CMS_R_NO_MATCHING_DIGEST                        = 131;
+  CMS_R_NO_MATCHING_RECIPIENT                     = 132;
+  CMS_R_NO_MATCHING_SIGNATURE                     = 166;
+  CMS_R_NO_MSGSIGDIGEST                           = 167;
+  CMS_R_NO_PASSWORD                               = 178;
+  CMS_R_NO_PRIVATE_KEY                            = 133;
+  CMS_R_NO_PUBLIC_KEY                             = 134;
+  CMS_R_NO_RECEIPT_REQUEST                        = 168;
+  CMS_R_NO_SIGNERS                                = 135;
+  CMS_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE    = 136;
+  CMS_R_RECEIPT_DECODE_ERROR                      = 169;
+  CMS_R_RECIPIENT_ERROR                           = 137;
+  CMS_R_SIGNER_CERTIFICATE_NOT_FOUND              = 138;
+  CMS_R_SIGNFINAL_ERROR                           = 139;
+  CMS_R_SMIME_TEXT_ERROR                          = 140;
+  CMS_R_STORE_INIT_ERROR                          = 141;
+  CMS_R_TYPE_NOT_COMPRESSED_DATA                  = 142;
+  CMS_R_TYPE_NOT_DATA                             = 143;
+  CMS_R_TYPE_NOT_DIGESTED_DATA                    = 144;
+  CMS_R_TYPE_NOT_ENCRYPTED_DATA                   = 145;
+  CMS_R_TYPE_NOT_ENVELOPED_DATA                   = 146;
+  CMS_R_UNABLE_TO_FINALIZE_CONTEXT                = 147;
+  CMS_R_UNKNOWN_CIPHER                            = 148;
+  CMS_R_UNKNOWN_DIGEST_ALGORITHM                  = 149;
+  CMS_R_UNKNOWN_ID                                = 150;
+  CMS_R_UNSUPPORTED_COMPRESSION_ALGORITHM         = 151;
+  CMS_R_UNSUPPORTED_CONTENT_TYPE                  = 152;
+  CMS_R_UNSUPPORTED_KEK_ALGORITHM                 = 153;
+  CMS_R_UNSUPPORTED_KEY_ENCRYPTION_ALGORITHM      = 179;
+  CMS_R_UNSUPPORTED_RECIPIENTINFO_TYPE            = 155;
+  CMS_R_UNSUPPORTED_RECIPIENT_TYPE                = 154;
+  CMS_R_UNSUPPORTED_TYPE                          = 156;
+  CMS_R_UNWRAP_ERROR                              = 157;
+  CMS_R_UNWRAP_FAILURE                            = 180;
+  CMS_R_VERIFICATION_FAILURE                      = 158;
+  CMS_R_WRAP_ERROR                                = 159;
+
+var
+  function ERR_load_CMS_strings: TIdC_INT;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_comp.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_comp.pas
new file mode 100644
index 000000000..500345a09
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_comp.pas
@@ -0,0 +1,60 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+unit IdOpenSSLHeaders_comp;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// comp.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts,
+  IdOpenSSLHeaders_bio,
+  IdOpenSSLHeaders_ossl_typ;
+
+var
+  function COMP_CTX_new(meth: PCOMP_METHOD): PCOMP_CTX;
+  function COMP_CTX_get_method(const ctx: PCOMP_CTX): PCOMP_METHOD;
+  function COMP_CTX_get_type(const comp: PCOMP_CTX): TIdC_INT;
+  function COMP_get_type(const meth: PCOMP_METHOD): TIdC_INT;
+  function COMP_get_name(const meth: PCOMP_METHOD): PIdAnsiChar;
+  procedure COMP_CTX_free(ctx: PCOMP_CTX);
+
+  function COMP_compress_block(ctx: PCOMP_CTX; &out: PByte; olen: TIdC_INT; &in: PByte; ilen: TIdC_INT): TIdC_INT;
+  function COMP_expand_block(ctx: PCOMP_CTX; &out: PByte; olen: TIdC_INT; &in: PByte; ilen: TIdC_INT): TIdC_INT;
+
+  function COMP_zlib: PCOMP_METHOD;
+
+  function BIO_f_zlib: PBIO_METHOD;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_comperr.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_comperr.pas
new file mode 100644
index 000000000..a61c893cc
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_comperr.pas
@@ -0,0 +1,63 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+unit IdOpenSSLHeaders_comperr;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// comperr.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+const
+///*
+// * COMP function codes.
+// */
+  COMP_F_BIO_ZLIB_FLUSH =      99;
+  COMP_F_BIO_ZLIB_NEW =        100;
+  COMP_F_BIO_ZLIB_READ =       101;
+  COMP_F_BIO_ZLIB_WRITE =      102;
+  COMP_F_COMP_CTX_NEW =        103;
+
+///*
+// * COMP reason codes.
+// */
+  COMP_R_ZLIB_DEFLATE_ERROR =  99;
+  COMP_R_ZLIB_INFLATE_ERROR =  100;
+  COMP_R_ZLIB_NOT_SUPPORTED =  101;
+
+var
+  function ERR_load_COMP_strings: TIdC_INT;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_conf.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_conf.pas
new file mode 100644
index 000000000..58c582075
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_conf.pas
@@ -0,0 +1,184 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+unit IdOpenSSLHeaders_conf;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// conf.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts,
+  IdOpenSSLHeaders_bio,
+  IdOpenSSLHeaders_ossl_typ;
+
+type
+  CONF_parse_list_list_cb = function (const elem: PAnsiChar; len: TIdC_INT; usr: Pointer): TIdC_INT;
+
+  CONF_VALUE = record
+    section: PAnsiChar;
+    name: PAnsiChar;
+    value: PAnsiChar;
+  end;
+  PCONF_VALUE = ^CONF_VALUE;
+
+//DEFINE_STACK_OF(CONF_VALUE)
+//DEFINE_LHASH_OF(CONF_VALUE);
+
+  conf_st = type Pointer;
+  conf_method_st = type Pointer;
+  CONF_METHOD = conf_method_st;
+  PCONF_METHOD = ^conf_method_st;
+  CONF = conf_st;
+  PCONF = ^CONF;
+
+  (*conf_method_st = record
+    const char *name;
+    CONF *(*create) (CONF_METHOD *meth);
+    int (*init) (CONF *conf);
+    int (*destroy) (CONF *conf);
+    int (*destroy_data) (CONF *conf);
+    int (*load_bio) (CONF *conf, BIO *bp, long *eline);
+    int (*dump) (const CONF *conf, BIO *bp);
+    int (*is_number) (const CONF *conf, char c);
+    int (*to_int) (const CONF *conf, char c);
+    int (*load) (CONF *conf, const char *name, long *eline);
+  end; *)
+
+//* Module definitions */
+
+  conf_imodule_st = type Pointer;
+  CONF_IMODULE = conf_imodule_st;
+  PCONF_IMODULE = ^CONF_IMODULE;
+  conf_module_st = type Pointer;
+  CONF_MODULE = conf_module_st;
+  PCONF_MODULE = ^CONF_MODULE;
+
+//DEFINE_STACK_OF(CONF_MODULE)
+//DEFINE_STACK_OF(CONF_IMODULE)
+
+//* DSO module function typedefs */
+  conf_init_func = function(md: PCONF_IMODULE; const cnf: PCONF): TIdC_INT;
+  conf_finish_func = procedure(md: PCONF_IMODULE);
+
+const
+  CONF_MFLAGS_IGNORE_ERRORS = $1;
+  CONF_MFLAGS_IGNORE_RETURN_CODES = $2;
+  CONF_MFLAGS_SILENT = $4;
+  CONF_MFLAGS_NO_DSO = $8;
+  CONF_MFLAGS_IGNORE_MISSING_FILE = $10;
+  CONF_MFLAGS_DEFAULT_SECTION = $20;
+
+var
+  function CONF_set_default_method(meth: PCONF_METHOD): TIdC_INT;
+//  (*
+//  void CONF_set_nconf(CONF *conf, LHASH_OF(CONF_VALUE) *hash);
+//  LHASH_OF(CONF_VALUE) *CONF_load(LHASH_OF(CONF_VALUE) *conf, const char *file, long *eline);
+//  {$ifndef OPENSSL_NO_STDIO}
+//  LHASH_OF(CONF_VALUE) *CONF_load_fp(LHASH_OF(CONF_VALUE) *conf, FILE *fp, long *eline);
+//  {$endif}
+//  LHASH_OF(CONF_VALUE) *CONF_load_bio(LHASH_OF(CONF_VALUE) *conf, BIO *bp,
+//                                      long *eline);
+//  STACK_OF(CONF_VALUE) *CONF_get_section(LHASH_OF(CONF_VALUE) *conf,
+//                                         const char *section);
+//  char *CONF_get_string(LHASH_OF(CONF_VALUE) *conf, const char *group,
+//                        const char *name);
+//  long CONF_get_number(LHASH_OF(CONF_VALUE) *conf, const char *group,
+//                       const char *name);
+//  void CONF_free(LHASH_OF(CONF_VALUE) *conf);
+//  #ifndef OPENSSL_NO_STDIO
+//  int CONF_dump_fp(LHASH_OF(CONF_VALUE) *conf, FILE *out);
+//  #endif
+//  int CONF_dump_bio(LHASH_OF(CONF_VALUE) *conf, BIO *out);
+//
+//  DEPRECATEDIN_1_1_0(void OPENSSL_config(const char *config_name))
+//
+//  #if OPENSSL_API_COMPAT < 0x10100000L
+//  # define OPENSSL_no_config() \
+//      OPENSSL_init_crypto(OPENSSL_INIT_NO_LOAD_CONFIG, NULL)
+//  #endif
+//  *)
+
+  (*
+   * New conf code.  The semantics are different from the functions above. If
+   * that wasn't the case, the above functions would have been replaced
+   *)
+
+  //type     Doppelt???
+  //  conf_st = record
+  //    CONF_METHOD *meth;
+  //    void *meth_data;
+  //    LHASH_OF(CONF_VALUE) *data;
+  //  end;
+
+  function NCONF_new(meth: PCONF_METHOD): PCONF;
+  function NCONF_default: PCONF_METHOD;
+  function NCONF_WIN32: PCONF_METHOD;
+  procedure NCONF_free(conf: PCONF);
+  procedure NCONF_free_data(conf: PCONF);
+
+  function NCONF_load(conf: PCONF; const &file: PAnsiChar; eline: PIdC_LONG): TIdC_INT;
+  function NCONF_load_bio(conf: PCONF; bp: PBIO; eline: PIdC_LONG): TIdC_INT;
+  //STACK_OF(CONF_VALUE) *NCONF_get_section(const CONF *conf,
+  //                                        const char *section);
+  function NCONF_get_string(const conf: PCONF; const group: PAnsiChar; const name: PAnsiChar): PAnsiChar;
+  function NCONF_get_number_e(const conf: PCONF; const group: PAnsiChar; const name: PAnsiChar; result: PIdC_LONG): TIdC_INT;
+  function NCONF_dump_bio(const conf: PCONf; out: PBIO): TIdC_INT;
+
+  //#define NCONF_get_number(c,g,n,r) NCONF_get_number_e(c,g,n,r)
+
+  //* Module functions */
+
+  function CONF_modules_load(const cnf: PCONF; const appname: PAnsiChar; flags: TIdC_ULONG): TIdC_INT;
+  function CONF_modules_load_file(const filename: PAnsiChar; const appname: PAnsiChar; flags: TIdC_ULONG): TIdC_INT;
+
+  procedure CONF_modules_unload(all: TIdC_INT);
+  procedure CONF_modules_finish;
+  function CONF_module_add(const name: PAnsiChar; ifunc: conf_init_func; ffunc: conf_finish_func): TIdC_INT;
+
+  //const char *CONF_imodule_get_name(const CONF_IMODULE *md);
+  //const char *CONF_imodule_get_value(const CONF_IMODULE *md);
+  function CONF_imodule_get_usr_data(const md: PCONF_IMODULE): Pointer;
+  procedure CONF_imodule_set_usr_data(md: PCONF_IMODULE; usr_data: Pointer);
+  function CONF_imodule_get_module(const md: PCONF_IMODULE): PCONF_MODULE;
+  function CONF_imodule_get_flags(const md: PCONF_IMODULE): TIdC_ULONG;
+  procedure CONF_imodule_set_flags(md: PCONF_IMODULE; flags: TIdC_ULONG);
+  function CONF_module_get_usr_data(pmod: PCONF_MODULE): Pointer;
+  procedure CONF_module_set_usr_data(pmod: PCONF_MODULE; usr_data: Pointer);
+
+  function CONF_get1_default_config_file: PAnsiChar;
+  function CONF_parse_list(const list: PAnsiChar; sep: TIdC_INT; nospc: TIdC_INT; list_cb: CONF_parse_list_list_cb; arg: Pointer): TIdC_INT;
+
+  procedure OPENSSL_load_builtin_modules;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_conf_api.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_conf_api.pas
new file mode 100644
index 000000000..137b285a7
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_conf_api.pas
@@ -0,0 +1,60 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+unit IdOpenSSLHeaders_conf_api;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// conf_api.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts,
+  IdOpenSSLHeaders_conf;
+
+var
+  //* Up until OpenSSL 0.9.5a, this was new_section */
+  function _CONF_new_section(conf: PCONF; const section: PAnsiChar): PCONF_VALUE;
+  //* Up until OpenSSL 0.9.5a, this was get_section */
+  function _CONF_get_section(const conf: PCONF; const section: PAnsiChar): PCONF_VALUE;
+  //* Up until OpenSSL 0.9.5a, this was CONF_get_section */
+  //STACK_OF(CONF_VALUE) *_CONF_get_section_values(const CONF *conf,
+  //                                               const char *section);
+
+  function _CONF_add_string(conf: PCONF; section: PCONF_VALUE; value: PCONF_VALUE): TIdC_INT;
+  function _CONF_get_string(const conf: PCONF; const section: PAnsiChar; const name: PAnsiChar): PAnsiChar;
+  function _CONF_get_number(const conf: PCONF; const section: PAnsiChar; const name: PAnsiChar): TIdC_LONG;
+
+  function _CONF_new_data(conf: PCONF): TIdC_INT;
+  procedure _CONF_free_data(conf: PCONF);
+
+
implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_conferr.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_conferr.pas
new file mode 100644
index 000000000..a1bf5ab3b
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_conferr.pas
@@ -0,0 +1,100 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+unit IdOpenSSLHeaders_conferr;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// conferr.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+const
+  ///*
+  // * CONF function codes.
+  // */
+  CONF_F_CONF_DUMP_FP = 104;
+  CONF_F_CONF_LOAD = 100;
+  CONF_F_CONF_LOAD_FP = 103;
+  CONF_F_CONF_PARSE_LIST = 119;
+  CONF_F_DEF_LOAD = 120;
+  CONF_F_DEF_LOAD_BIO = 121;
+  CONF_F_GET_NEXT_FILE = 107;
+  CONF_F_MODULE_ADD = 122;
+  CONF_F_MODULE_INIT = 115;
+  CONF_F_MODULE_LOAD_DSO = 117;
+  CONF_F_MODULE_RUN = 118;
+  CONF_F_NCONF_DUMP_BIO = 105;
+  CONF_F_NCONF_DUMP_FP = 106;
+  CONF_F_NCONF_GET_NUMBER_E = 112;
+  CONF_F_NCONF_GET_SECTION = 108;
+  CONF_F_NCONF_GET_STRING = 109;
+  CONF_F_NCONF_LOAD = 113;
+  CONF_F_NCONF_LOAD_BIO = 110;
+  CONF_F_NCONF_LOAD_FP = 114;
+  CONF_F_NCONF_NEW = 111;
+  CONF_F_PROCESS_INCLUDE = 116;
+  CONF_F_SSL_MODULE_INIT = 123;
+  CONF_F_STR_COPY = 101;
+
+  ///*
+  // * CONF reason codes.
+  // */
+  CONF_R_ERROR_LOADING_DSO = 110;
+  CONF_R_LIST_CANNOT_BE_NULL = 115;
+  CONF_R_MISSING_CLOSE_SQUARE_BRACKET = 100;
+  CONF_R_MISSING_EQUAL_SIGN = 101;
+  CONF_R_MISSING_INIT_FUNCTION = 112;
+  CONF_R_MODULE_INITIALIZATION_ERROR = 109;
+  CONF_R_NO_CLOSE_BRACE = 102;
+  CONF_R_NO_CONF = 105;
+  CONF_R_NO_CONF_OR_ENVIRONMENT_VARIABLE = 106;
+  CONF_R_NO_SECTION = 107;
+  CONF_R_NO_SUCH_FILE = 114;
+  CONF_R_NO_VALUE = 108;
+  CONF_R_NUMBER_TOO_LARGE = 121;
+  CONF_R_RECURSIVE_DIRECTORY_INCLUDE = 111;
+  CONF_R_SSL_COMMAND_SECTION_EMPTY = 117;
+  CONF_R_SSL_COMMAND_SECTION_NOT_FOUND = 118;
+  CONF_R_SSL_SECTION_EMPTY = 119;
+  CONF_R_SSL_SECTION_NOT_FOUND = 120;
+  CONF_R_UNABLE_TO_CREATE_NEW_SECTION = 103;
+  CONF_R_UNKNOWN_MODULE_NAME = 113;
+  CONF_R_VARIABLE_EXPANSION_TOO_LONG = 116;
+  CONF_R_VARIABLE_HAS_NO_VALUE = 104;
+
+var
+  function ERR_load_CONF_strings: TIdC_INT;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_crypto.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_crypto.pas
new file mode 100644
index 000000000..1d5a7459f
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_crypto.pas
@@ -0,0 +1,441 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+unit IdOpenSSLHeaders_crypto;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// crypto.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts,
+  IdOpenSSLHeaders_bio,
+  IdOpenSSLHeaders_ossl_typ,
+  System.Types;
+
+{$MINENUMSIZE 4}
+
+const
+  CRYPTO_MEM_CHECK_OFF = $0;   //* Control only */
+  CRYPTO_MEM_CHECK_ON = $1;   //* Control and mode bit */
+  CRYPTO_MEM_CHECK_ENABLE = $2;   //* Control and mode bit */
+  CRYPTO_MEM_CHECK_DISABLE = $3;   //* Control only */
+
+  CRYPTO_EX_INDEX_SSL = 0;
+  CRYPTO_EX_INDEX_SSL_CTX = 1;
+  CRYPTO_EX_INDEX_SSL_SESSION = 2;
+  CRYPTO_EX_INDEX_X509 = 3;
+  CRYPTO_EX_INDEX_X509_STORE = 4;
+  CRYPTO_EX_INDEX_X509_STORE_CTX = 5;
+  CRYPTO_EX_INDEX_DH = 6;
+  CRYPTO_EX_INDEX_DSA = 7;
+  CRYPTO_EX_INDEX_EC_KEY = 8;
+  CRYPTO_EX_INDEX_RSA = 9;
+  CRYPTO_EX_INDEX_ENGINE = 10;
+  CRYPTO_EX_INDEX_UI = 11;
+  CRYPTO_EX_INDEX_BIO = 12;
+  CRYPTO_EX_INDEX_APP = 13;
+  CRYPTO_EX_INDEX_UI_METHOD = 14;
+  CRYPTO_EX_INDEX_DRBG = 15;
+  CRYPTO_EX_INDEX__COUNT = 16;
+  
+  // Added _CONST to prevent nameclashes
+  OPENSSL_VERSION_CONST = 0;
+  OPENSSL_CFLAGS = 1;
+  OPENSSL_BUILT_ON = 2;
+  OPENSSL_PLATFORM = 3;
+  OPENSSL_DIR = 4;
+  OPENSSL_ENGINES_DIR = 5;
+
+  (*
+   * These defines where used in combination with the old locking callbacks,
+   * they are not called anymore, but old code that's not called might still
+   * use them.
+   *)
+  CRYPTO_LOCK = 1;
+  CRYPTO_UNLOCK = 2;
+  CRYPTO_READ = 4;
+  CRYPTO_WRITE = 8;
+
+  (* Standard initialisation options *)
+  OPENSSL_INIT_NO_LOAD_CRYPTO_STRINGS = TIdC_Long($00000001);
+  OPENSSL_INIT_LOAD_CRYPTO_STRINGS = TIdC_Long($00000002);
+  OPENSSL_INIT_ADD_ALL_CIPHERS = TIdC_Long($00000004);
+  OPENSSL_INIT_ADD_ALL_DIGESTS = TIdC_Long($00000008);
+  OPENSSL_INIT_NO_ADD_ALL_CIPHERS = TIdC_Long($00000010);
+  OPENSSL_INIT_NO_ADD_ALL_DIGESTS = TIdC_Long($00000020);
+  OPENSSL_INIT_LOAD_CONFIG = TIdC_Long($00000040);
+  OPENSSL_INIT_NO_LOAD_CONFIG = TIdC_Long($00000080);
+  OPENSSL_INIT_ASYNC = TIdC_Long($00000100);
+  OPENSSL_INIT_ENGINE_RDRAND = TIdC_Long($00000200);
+  OPENSSL_INIT_ENGINE_DYNAMIC = TIdC_Long($00000400);
+  OPENSSL_INIT_ENGINE_OPENSSL = TIdC_Long($00000800);
+  OPENSSL_INIT_ENGINE_CRYPTODEV = TIdC_Long($00001000);
+  OPENSSL_INIT_ENGINE_CAPI = TIdC_Long($00002000);
+  OPENSSL_INIT_ENGINE_PADLOCK = TIdC_Long($00004000);
+  OPENSSL_INIT_ENGINE_AFALG = TIdC_Long($00008000);
+  (* OPENSSL_INIT_ZLIB = TIdC_Long($00010000); *)
+  OPENSSL_INIT_ATFORK = TIdC_Long(00020000);
+  (* OPENSSL_INIT_BASE_ONLY = TIdC_Long(00040000); *)
+  OPENSSL_INIT_NO_ATEXIT = TIdC_Long(00080000);
+  (* OPENSSL_INIT flag range 0xfff00000 reserved for OPENSSL_init_ssl() *)
+  (* Max OPENSSL_INIT flag value is 0x80000000 *)
+
+  (* openssl and dasync not counted as builtin *)
+  OPENSSL_INIT_ENGINE_ALL_BUILTIN = OPENSSL_INIT_ENGINE_RDRAND
+    or OPENSSL_INIT_ENGINE_DYNAMIC or OPENSSL_INIT_ENGINE_CRYPTODEV
+    or OPENSSL_INIT_ENGINE_CAPI or OPENSSL_INIT_ENGINE_PADLOCK;
+
+  CRYPTO_ONCE_STATIC_INIT = 0;
+
+type
+  CRYPTO_RWLOCK = type Pointer;
+  PCRYPTO_RWLOCK = ^CRYPTO_RWLOCK;
+  //crypto_ex_data_st = record
+  //  sk: PStackOfVoid;
+  //end;
+  //DEFINE_STACK_OF(void)
+
+  // CRYPTO_EX_new = procedure(parent: Pointer; ptr: Pointer; CRYPTO_EX_DATA *ad; idx: TIdC_INT; argl: TIdC_LONG; argp: Pointer);
+  //  CRYPTO_EX_free = procedure(void *parent, void *ptr, CRYPTO_EX_DATA *ad,
+  //                             int idx, long argl, void *argp);
+  //typedef int CRYPTO_EX_dup (CRYPTO_EX_DATA *to, const CRYPTO_EX_DATA *from,
+  //                           void *from_d, int idx, long argl, void *argp);
+  //__owur int CRYPTO_get_ex_new_index(int class_index, long argl, void *argp,
+  //                            CRYPTO_EX_new *new_func, CRYPTO_EX_dup *dup_func,
+  //                            CRYPTO_EX_free *free_func);
+
+  CRYPTO_mem_leaks_cb_cb = function(const str: PIdAnsiChar; len: TIdC_SIZET; u: Pointer): TIdC_INT;
+  CRYPTO_THREAD_run_once_init = procedure;
+
+  CRYPTO_THREAD_LOCAL = type DWORD;
+  PCRYPTO_THREAD_LOCAL = ^CRYPTO_THREAD_LOCAL;
+  CRYPTO_THREAD_ID = type DWORD;
+  CRYPTO_ONCE = type TIdC_LONG;
+  PCRYPTO_ONCE = ^CRYPTO_ONCE;
+
+{$REGION 'C compiler macros'}
+function OPENSSL_malloc(num: TIdC_SIZET): Pointer;
+function OPENSSL_zalloc(num: TIdC_SIZET): Pointer;
+function OPENSSL_realloc(addr: Pointer; num: TIdC_SIZET): Pointer;
+function OPENSSL_clear_realloc(addr: Pointer; old_num: TIdC_SIZET; num: TIdC_SIZET): Pointer;
+procedure OPENSSL_clear_free(addr: Pointer; num: TIdC_SIZET);
+procedure OPENSSL_free(addr: Pointer);
+function OPENSSL_memdup(const str: Pointer; s: TIdC_SIZET): Pointer;
+function OPENSSL_strdup(const str: PAnsiChar): PAnsiChar;
+function OPENSSL_strndup(const str: PAnsiChar; n: TIdC_SIZET): PAnsiChar;
+function OPENSSL_secure_malloc(num: TIdC_SIZET): Pointer;
+function OPENSSL_secure_zalloc(num: TIdC_SIZET): Pointer;
+procedure OPENSSL_secure_free(addr: Pointer);
+procedure OPENSSL_secure_clear_free(addr: Pointer; num: TIdC_SIZET);
+function OPENSSL_secure_actual_size(ptr: Pointer): TIdC_SIZET;
+{$ENDREGION}
+
+var
+  function CRYPTO_THREAD_lock_new: PCRYPTO_RWLOCK;
+  function CRYPTO_THREAD_read_lock(lock: PCRYPTO_RWLOCK): TIdC_INT;
+  function CRYPTO_THREAD_write_lock(lock: PCRYPTO_RWLOCK): TIdC_INT;
+  function CRYPTO_THREAD_unlock(lock: PCRYPTO_RWLOCK): TIdC_INT;
+  procedure CRYPTO_THREAD_lock_free(lock: PCRYPTO_RWLOCK);
+
+  function CRYPTO_atomic_add(val: PIdC_INT; amount: TIdC_INT; ret: PIdC_INT; lock: PCRYPTO_RWLOCK): TIdC_INT;
+
+  function CRYPTO_mem_ctrl(mode: TIdC_INT): TIdC_INT;
+
+  function OPENSSL_strlcpy(dst: PIdAnsiChar; const src: PIdAnsiChar; siz: TIdC_SIZET): TIdC_SIZET;
+  function OPENSSL_strlcat(dst: PIdAnsiChar; const src: PIdAnsiChar; siz: TIdC_SIZET): TIdC_SIZET;
+  function OPENSSL_strnlen(const str: PIdAnsiChar; maxlen: TIdC_SIZET): TIdC_SIZET;
+  function OPENSSL_buf2hexstr(const buffer: PByte; len: TIdC_LONG): PIdAnsiChar;
+  function OPENSSL_hexstr2buf(const str: PIdAnsiChar; len: PIdC_LONG): PByte;
+  function OPENSSL_hexchar2int(c: Byte): TIdC_INT;
+
+  // # define OPENSSL_MALLOC_MAX_NELEMS(type)  (((1U<<(sizeof(int)*8-1))-1)/sizeof(type))
+
+  function OpenSSL_version_num: TIdC_ULONG;
+  function OpenSSL_version(&type: TIdC_INT): PAnsiChar;
+
+  function OPENSSL_issetugid: TIdC_INT;
+
+  (* No longer use an index. *)
+  //function CRYPTO_free_ex_index(class_index: TIdC_INT; idx: TIdC_INT): TIdC_INT;
+
+  (*
+   * Initialise/duplicate/free CRYPTO_EX_DATA variables corresponding to a
+   * given class (invokes whatever per-class callbacks are applicable)
+   *)
+   function CRYPTO_new_ex_data(class_index: TIdC_INT; obj: Pointer; ad: PCRYPTO_EX_DATA): TIdC_INT;
+   function CRYPTO_dup_ex_data(class_index: TIdC_INT; &to: PCRYPTO_EX_DATA; const from: PCRYPTO_EX_DATA): TIdC_INT;
+
+   procedure CRYPTO_free_ex_data(class_index: TIdC_INT; obj: Pointer; ad: PCRYPTO_EX_DATA);
+
+  (*
+   * Get/set data in a CRYPTO_EX_DATA variable corresponding to a particular
+   * index (relative to the class type involved)
+   *)
+   function CRYPTO_set_ex_data(ad: PCRYPTO_EX_DATA; idx: TIdC_INT; val: Pointer): TIdC_INT;
+   function CRYPTO_get_ex_data(const ad: PCRYPTO_EX_DATA; idx: TIdC_INT): Pointer;
+
+  ///*
+  // * The old locking functions have been removed completely without compatibility
+  // * macros. This is because the old functions either could not properly report
+  // * errors, or the returned error values were not clearly documented.
+  // * Replacing the locking functions with no-ops would cause race condition
+  // * issues in the affected applications. It is far better for them to fail at
+  // * compile time.
+  // * On the other hand, the locking callbacks are no longer used.  Consequently,
+  // * the callback management functions can be safely replaced with no-op macros.
+  // */
+  //#  define CRYPTO_num_locks()            (1)
+  //#  define CRYPTO_set_locking_callback(func)
+  //#  define CRYPTO_get_locking_callback()         (NULL)
+  //#  define CRYPTO_set_add_lock_callback(func)
+  //#  define CRYPTO_get_add_lock_callback()        (NULL)
+
+  ///* Only use CRYPTO_THREADID_set_[numeric|pointer]() within callbacks */
+  //#  define CRYPTO_THREADID_set_numeric(id, val)
+  //#  define CRYPTO_THREADID_set_pointer(id, ptr)
+  //#  define CRYPTO_THREADID_set_callback(threadid_func)   (0)
+  //#  define CRYPTO_THREADID_get_callback()                (NULL)
+  //#  define CRYPTO_THREADID_current(id)
+  //#  define CRYPTO_THREADID_cmp(a, b)                     (-1)
+  //#  define CRYPTO_THREADID_cpy(dest, src)
+  //#  define CRYPTO_THREADID_hash(id)                      (0UL)
+  //
+  //#  define CRYPTO_set_dynlock_create_callback(dyn_create_function)
+  //#  define CRYPTO_set_dynlock_lock_callback(dyn_lock_function)
+  //#  define CRYPTO_set_dynlock_destroy_callback(dyn_destroy_function)
+  //#  define CRYPTO_get_dynlock_create_callback()          (NULL)
+  //#  define CRYPTO_get_dynlock_lock_callback()            (NULL)
+  //#  define CRYPTO_get_dynlock_destroy_callback()         (NULL)
+  //# endif /* OPENSSL_API_COMPAT < 0x10100000L */
+
+  //int CRYPTO_set_mem_functions(
+  //        void *(*m) (TIdC_SIZET, const char *, int),
+  //        void *(*r) (void *, TIdC_SIZET, const char *, int),
+  //        void (*f) (void *, const char *, int));
+  //int CRYPTO_set_mem_debug(int flag);
+  //void CRYPTO_get_mem_functions(
+  //        void *(**m) (TIdC_SIZET, const char *, int),
+  //        void *(**r) (void *, TIdC_SIZET, const char *, int),
+  //        void (**f) (void *, const char *, int));
+
+  function CRYPTO_malloc(num: TIdC_SIZET; const &file: PAnsiChar; line: TIdC_INT): Pointer;
+  function CRYPTO_zalloc(num: TIdC_SIZET; const &file: PAnsiChar; line: TIdC_INT): Pointer;
+  function CRYPTO_memdup(const str: Pointer; siz: TIdC_SIZET; const &file: PAnsiChar; line: TIdC_INT): Pointer;
+  function CRYPTO_strdup(const str: PAnsiChar; const &file: PAnsiChar; line: TIdC_INT): PAnsiChar;
+  function CRYPTO_strndup(const str: PAnsiChar; s: TIdC_SIZET; const &file: PAnsiChar; line: TIdC_INT): PAnsiChar;
+  procedure CRYPTO_free(ptr: Pointer; const &file: PAnsiChar; line: TIdC_INT);
+  procedure CRYPTO_clear_free(ptr: Pointer; num: TIdC_SIZET; const &file: PAnsiChar; line: TIdC_INT);
+  function CRYPTO_realloc(addr: Pointer; num: TIdC_SIZET; const &file: PAnsiChar; line: TIdC_INT): Pointer;
+  function CRYPTO_clear_realloc(addr: Pointer; old_num: TIdC_SIZET; num: TIdC_SIZET; const &file: PAnsiChar; line: TIdC_INT): Pointer;
+
+  function CRYPTO_secure_malloc_init(sz: TIdC_SIZET; minsize: TIdC_INT): TIdC_INT;
+  function CRYPTO_secure_malloc_done: TIdC_INT;
+  function CRYPTO_secure_malloc(num: TIdC_SIZET; const &file: PAnsiChar; line: TIdC_INT): Pointer;
+  function CRYPTO_secure_zalloc(num: TIdC_SIZET; const &file: PAnsiChar; line: TIdC_INT): Pointer;
+  procedure CRYPTO_secure_free(ptr: Pointer; const &file: PAnsiChar; line: TIdC_INT);
+  procedure CRYPTO_secure_clear_free(ptr: Pointer; num: TIdC_SIZET; const &file: PAnsiChar; line: TIdC_INT);
+  function CRYPTO_secure_allocated(const ptr: Pointer): TIdC_INT;
+  function CRYPTO_secure_malloc_initialized: TIdC_INT;
+  function CRYPTO_secure_actual_size(ptr: Pointer): TIdC_SIZET;
+  function CRYPTO_secure_used: TIdC_SIZET;
+
+  procedure OPENSSL_cleanse(ptr: Pointer; len: TIdC_SIZET);
+
+  function CRYPTO_mem_debug_push(const info: PAnsiChar; const &file: PAnsiChar; line: TIdC_INT): TIdC_INT;
+  function CRYPTO_mem_debug_pop: TIdC_INT;
+  procedure CRYPTO_get_alloc_counts(mcount: PIdC_INT; rcount: PIdC_INT; fcount: PIdC_INT);
+
+  (*
+   * Debugging functions (enabled by CRYPTO_set_mem_debug(1))
+   * The flag argument has the following significance:
+   *   0:   called before the actual memory allocation has taken place
+   *   1:   called after the actual memory allocation has taken place
+   *)
+  procedure CRYPTO_mem_debug_malloc(addr: Pointer; num: TIdC_SIZET; flag: TIdC_INT; const &file: PAnsiChar; line: TIdC_INT);
+  procedure CRYPTO_mem_debug_realloc(addr1: Pointer; addr2: Pointer; num: TIdC_SIZET; flag: TIdC_INT; const &file: PAnsiChar; line: TIdC_INT);
+  procedure CRYPTO_mem_debug_free(addr: Pointer; flag: TIdC_INT; const &file: PAnsiChar; line: TIdC_INT);
+
+  function CRYPTO_mem_leaks_cb(cb: CRYPTO_mem_leaks_cb_cb; u: Pointer): TIdC_INT;
+
+//  function CRYPTO_mem_leaks_fp(&FILE: Pointer): TIdC_INT;
+  function CRYPTO_mem_leaks(BIO: PBIO): TIdC_INT;
+
+  //* die if we have to */
+  //ossl_noreturn void OPENSSL_die(const char *assertion, const char *file, int line);
+
+  //# define OPENSSL_assert(e) \
+  //    (void)((e) ? 0 : (OPENSSL_die("assertion failed: " #e, OPENSSL_FILE, OPENSSL_LINE), 1))
+
+  function OPENSSL_isservice: TIdC_INT;
+
+  function FIPS_mode: TIdC_INT;
+  function FIPS_mode_set(r: TIdC_INT): TIdC_INT;
+
+  procedure OPENSSL_init;
+
+  // struct tm *OPENSSL_gmtime(const TIdC_TIMET *timer, struct tm *result);
+
+  //function OPENSSL_gmtime_adj(struct tm *tm, int offset_day, long offset_sec): TIdC_INT;
+  //function OPENSSL_gmtime_diff(int *pday, int *psec, const struct tm *from, const struct tm *to): TIdC_INT;
+
+  (*
+   * CRYPTO_memcmp returns zero iff the |len| bytes at |a| and |b| are equal.
+   * It takes an amount of time dependent on |len|, but independent of the
+   * contents of |a| and |b|. Unlike memcmp, it cannot be used to put elements
+   * into a defined order as the return value when a != b is undefined, other
+   * than to be non-zero.
+   *)
+  function CRYPTO_memcmp(const in_a: Pointer; const in_b: Pointer; len: TIdC_SIZET): TIdC_INT;
+
+  (* Library initialisation functions *)
+  procedure OPENSSL_cleanup;
+  function OPENSSL_init_crypto(opts: TIdC_UINT64; const settings: POPENSSL_INIT_SETTINGS): TIdC_INT;
+  // int OPENSSL_atexit(void (*handler)(void));
+  procedure OPENSSL_thread_stop;
+
+  (* Low-level control of initialization *)
+  function OPENSSL_INIT_new: POPENSSL_INIT_SETTINGS;
+  //int OPENSSL_INIT_set_config_filename(OPENSSL_INIT_SETTINGS *settings,
+  //                                     const char *config_filename);
+  //void OPENSSL_INIT_set_config_file_flags(OPENSSL_INIT_SETTINGS *settings,
+  //                                        unsigned long flags);
+  //int OPENSSL_INIT_set_config_appname(OPENSSL_INIT_SETTINGS *settings,
+  //                                    const char *config_appname);
+  procedure OPENSSL_INIT_free(settings: POPENSSL_INIT_SETTINGS);
+
+  function CRYPTO_THREAD_run_once(once: PCRYPTO_ONCE; init: CRYPTO_THREAD_run_once_init): TIdC_INT;
+
+  //type
+  //  CRYPTO_THREAD_init_local_cleanup = procedure(v1: Pointer);
+  //
+  //function CRYPTO_THREAD_init_local(key: PCRYPTO_THREAD_LOCAL; cleanup: CRYPTO_THREAD_init_local_cleanup): TIdC_INT;
+  function CRYPTO_THREAD_get_local(key: PCRYPTO_THREAD_LOCAL): Pointer;
+  function CRYPTO_THREAD_set_local(key: PCRYPTO_THREAD_LOCAL; val: Pointer): TIdC_INT;
+  function CRYPTO_THREAD_cleanup_local(key: PCRYPTO_THREAD_LOCAL): TidC_INT;
+
+  function CRYPTO_THREAD_get_current_id: CRYPTO_THREAD_ID;
+  function CRYPTO_THREAD_compare_id(a: CRYPTO_THREAD_ID; b: CRYPTO_THREAD_ID): TIdC_INT;
+
+implementation
+
+{$REGION 'C compiler macros'}
+// OPENSSL_FILE = __FILE__ = C preprocessor macro
+// OPENSSL_LINE = __LINE__ = C preprocessor macro
+// FPC hase an equivalent with {$I %FILE%} and {$I %LINE%}, see https://www.freepascal.org/docs-html/prog/progsu41.html#x47-460001.1.41
+// Delphi has nothing :(
+
+//# define OPENSSL_malloc(num) CRYPTO_malloc(num, OPENSSL_FILE, OPENSSL_LINE)
+function OPENSSL_malloc(num: TIdC_SIZET): Pointer;
+begin
+  Result := CRYPTO_malloc(num, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINE%}{$ENDIF});
+end;
+
+//# define OPENSSL_zalloc(num) CRYPTO_zalloc(num, OPENSSL_FILE, OPENSSL_LINE)
+function OPENSSL_zalloc(num: TIdC_SIZET): Pointer;
+begin
+  Result := CRYPTO_zalloc(num, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINE%}{$ENDIF});
+end;
+
+//# define OPENSSL_realloc(addr, num) CRYPTO_realloc(addr, num, OPENSSL_FILE, OPENSSL_LINE)
+function OPENSSL_realloc(addr: Pointer; num: TIdC_SIZET): Pointer;
+begin
+  Result := CRYPTO_realloc(addr, num, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINE%}{$ENDIF});
+end;
+
+//# define OPENSSL_clear_realloc(addr, old_num, num) CRYPTO_clear_realloc(addr, old_num, num, OPENSSL_FILE, OPENSSL_LINE)
+function OPENSSL_clear_realloc(addr: Pointer; old_num: TIdC_SIZET; num: TIdC_SIZET): Pointer;
+begin
+  Result := CRYPTO_clear_realloc(addr, old_num, num, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINE%}{$ENDIF});
+end;
+
+//# define OPENSSL_clear_free(addr, num) CRYPTO_clear_free(addr, num, OPENSSL_FILE, OPENSSL_LINE)
+procedure OPENSSL_clear_free(addr: Pointer; num: TIdC_SIZET);
+begin
+  CRYPTO_clear_free(addr, num, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINE%}{$ENDIF});
+end;
+
+//# define OPENSSL_free(addr) CRYPTO_free(addr, OPENSSL_FILE, OPENSSL_LINE)
+procedure OPENSSL_free(addr: Pointer);
+begin
+  CRYPTO_free(addr, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINE%}{$ENDIF});
+end;
+
+//# define OPENSSL_memdup(str, s) CRYPTO_memdup((str), s, OPENSSL_FILE, OPENSSL_LINE)
+function OPENSSL_memdup(const str: Pointer; s: TIdC_SIZET): Pointer;
+begin
+  Result := CRYPTO_memdup(str, s, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINE%}{$ENDIF});
+end;
+
+//# define OPENSSL_strdup(str) CRYPTO_strdup(str, OPENSSL_FILE, OPENSSL_LINE)
+function OPENSSL_strdup(const str: PAnsiChar): PAnsiChar;
+begin
+  Result := CRYPTO_strdup(str, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINE%}{$ENDIF});
+end;
+
+//# define OPENSSL_strndup(str, n) CRYPTO_strndup(str, n, OPENSSL_FILE, OPENSSL_LINE)
+function OPENSSL_strndup(const str: PAnsiChar; n: TIdC_SIZET): PAnsiChar;
+begin
+  Result := CRYPTO_strndup(str, n, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINE%}{$ENDIF});
+end;
+
+//# define OPENSSL_secure_malloc(num) CRYPTO_secure_malloc(num, OPENSSL_FILE, OPENSSL_LINE)
+function OPENSSL_secure_malloc(num: TIdC_SIZET): Pointer;
+begin
+  Result := CRYPTO_secure_malloc(num, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINE%}{$ENDIF});
+end;
+
+//# define OPENSSL_secure_zalloc(num) CRYPTO_secure_zalloc(num, OPENSSL_FILE, OPENSSL_LINE)
+function OPENSSL_secure_zalloc(num: TIdC_SIZET): Pointer;
+begin
+  Result := CRYPTO_secure_zalloc(num, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINE%}{$ENDIF});
+end;
+
+//# define OPENSSL_secure_free(addr) CRYPTO_secure_free(addr, OPENSSL_FILE, OPENSSL_LINE)
+procedure OPENSSL_secure_free(addr: Pointer);
+begin
+  CRYPTO_secure_free(addr, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINE%}{$ENDIF});
+end;
+
+//# define OPENSSL_secure_clear_free(addr, num) CRYPTO_secure_clear_free(addr, num, OPENSSL_FILE, OPENSSL_LINE)
+procedure OPENSSL_secure_clear_free(addr: Pointer; num: TIdC_SIZET);
+begin
+  CRYPTO_secure_clear_free(addr, num, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINE%}{$ENDIF});
+end;
+
+//# define OPENSSL_secure_actual_size(ptr) CRYPTO_secure_actual_size(ptr)
+function OPENSSL_secure_actual_size(ptr: Pointer): TIdC_SIZET;
+begin
+  Result := CRYPTO_secure_actual_size(ptr);
+end;
+{$ENDREGION}
+
+end.
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_cryptoerr.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_cryptoerr.pas
new file mode 100644
index 000000000..7aa172d8f
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_cryptoerr.pas
@@ -0,0 +1,81 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+unit IdOpenSSLHeaders_cryptoerr;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// cryptoerr.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+const
+  (*
+   * CRYPTO function codes.
+   *)
+  CRYPTO_F_CMAC_CTX_NEW = 120;
+  CRYPTO_F_CRYPTO_DUP_EX_DATA = 110;
+  CRYPTO_F_CRYPTO_FREE_EX_DATA = 111;
+  CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX = 100;
+  CRYPTO_F_CRYPTO_MEMDUP = 115;
+  CRYPTO_F_CRYPTO_NEW_EX_DATA = 112;
+  CRYPTO_F_CRYPTO_OCB128_COPY_CTX = 121;
+  CRYPTO_F_CRYPTO_OCB128_INIT = 122;
+  CRYPTO_F_CRYPTO_SET_EX_DATA = 102;
+  CRYPTO_F_FIPS_MODE_SET = 109;
+  CRYPTO_F_GET_AND_LOCK = 113;
+  CRYPTO_F_OPENSSL_ATEXIT = 114;
+  CRYPTO_F_OPENSSL_BUF2HEXSTR = 117;
+  CRYPTO_F_OPENSSL_FOPEN = 119;
+  CRYPTO_F_OPENSSL_HEXSTR2BUF = 118;
+  CRYPTO_F_OPENSSL_INIT_CRYPTO = 116;
+  CRYPTO_F_OPENSSL_LH_NEW = 126;
+  CRYPTO_F_OPENSSL_SK_DEEP_COPY = 127;
+  CRYPTO_F_OPENSSL_SK_DUP = 128;
+  CRYPTO_F_PKEY_HMAC_INIT = 123;
+  CRYPTO_F_PKEY_POLY1305_INIT = 124;
+  CRYPTO_F_PKEY_SIPHASH_INIT = 125;
+  CRYPTO_F_SK_RESERVE = 129;
+
+  (*
+   * CRYPTO reason codes.
+   *)
+  CRYPTO_R_FIPS_MODE_NOT_SUPPORTED = 101;
+  CRYPTO_R_ILLEGAL_HEX_DIGIT = 102;
+  CRYPTO_R_ODD_NUMBER_OF_DIGITS = 103;
+
+var
+  function ERR_load_CRYPTO_strings: TIdC_INT;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_cterr.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_cterr.pas
new file mode 100644
index 000000000..156ae13b7
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_cterr.pas
@@ -0,0 +1,100 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+unit IdOpenSSLHeaders_cterr;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// cterr.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+const
+  ///*
+  // * CT function codes.
+  // */
+  CT_F_CTLOG_NEW = 117;
+  CT_F_CTLOG_NEW_FROM_BASE64 = 118;
+  CT_F_CTLOG_NEW_FROM_CONF = 119;
+  CT_F_CTLOG_STORE_LOAD_CTX_NEW = 122;
+  CT_F_CTLOG_STORE_LOAD_FILE = 123;
+  CT_F_CTLOG_STORE_LOAD_LOG = 130;
+  CT_F_CTLOG_STORE_NEW = 131;
+  CT_F_CT_BASE64_DECODE = 124;
+  CT_F_CT_POLICY_EVAL_CTX_NEW = 133;
+  CT_F_CT_V1_LOG_ID_FROM_PKEY = 125;
+  CT_F_I2O_SCT = 107;
+  CT_F_I2O_SCT_LIST = 108;
+  CT_F_I2O_SCT_SIGNATURE = 109;
+  CT_F_O2I_SCT = 110;
+  CT_F_O2I_SCT_LIST = 111;
+  CT_F_O2I_SCT_SIGNATURE = 112;
+  CT_F_SCT_CTX_NEW = 126;
+  CT_F_SCT_CTX_VERIFY = 128;
+  CT_F_SCT_NEW = 100;
+  CT_F_SCT_NEW_FROM_BASE64 = 127;
+  CT_F_SCT_SET0_LOG_ID = 101;
+  CT_F_SCT_SET1_EXTENSIONS = 114;
+  CT_F_SCT_SET1_LOG_ID = 115;
+  CT_F_SCT_SET1_SIGNATURE = 116;
+  CT_F_SCT_SET_LOG_ENTRY_TYPE = 102;
+  CT_F_SCT_SET_SIGNATURE_NID = 103;
+  CT_F_SCT_SET_VERSION = 104;
+
+
+  ///*
+  // * CT reason codes.
+  // */
+  CT_R_BASE64_DECODE_ERROR =  108;
+  CT_R_INVALID_LOG_ID_LENGTH =  100;
+  CT_R_LOG_CONF_INVALID =  109;
+  CT_R_LOG_CONF_INVALID_KEY =  110;
+  CT_R_LOG_CONF_MISSING_DESCRIPTION =  111;
+  CT_R_LOG_CONF_MISSING_KEY =  112;
+  CT_R_LOG_KEY_INVALID =  113;
+  CT_R_SCT_FUTURE_TIMESTAMP =  116;
+  CT_R_SCT_INVALID =   104;
+  CT_R_SCT_INVALID_SIGNATURE =  107;
+  CT_R_SCT_LIST_INVALID =  105;
+  CT_R_SCT_LOG_ID_MISMATCH =  114;
+  CT_R_SCT_NOT_SET =   106;
+  CT_R_SCT_UNSUPPORTED_VERSION =  115;
+  CT_R_UNRECOGNIZED_SIGNATURE_NID =  101;
+  CT_R_UNSUPPORTED_ENTRY_TYPE =  102;
+  CT_R_UNSUPPORTED_VERSION =  103;
+
+var
+  function ERR_load_CT_strings: TIdC_INT;
+
+
implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_dh.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_dh.pas
new file mode 100644
index 000000000..146ea6c1a
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_dh.pas
@@ -0,0 +1,301 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+unit IdOpenSSLHeaders_dh;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// dh.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts,
+  IdOpenSSLHeaders_ossl_typ,
+  IdOpenSSLHeaders_evp;
+
+const
+  OPENSSL_DH_MAX_MODULUS_BITS      = 10000;
+  OPENSSL_DH_FIPS_MIN_MODULUS_BITS =  1024;
+
+  DH_FLAG_CACHE_MONT_P   =   $01;
+  DH_FLAG_FIPS_METHOD    = $0400;
+  DH_FLAG_NON_FIPS_ALLOW = $0400;
+
+  DH_GENERATOR_2 = 2;
+  DH_GENERATOR_5 = 5;
+
+  DH_CHECK_P_NOT_PRIME         = $01;
+  DH_CHECK_P_NOT_SAFE_PRIME    = $02;
+  DH_UNABLE_TO_CHECK_GENERATOR = $04;
+  DH_NOT_SUITABLE_GENERATOR    = $08;
+  DH_CHECK_Q_NOT_PRIME         = $10;
+  DH_CHECK_INVALID_Q_VALUE     = $20;
+  DH_CHECK_INVALID_J_VALUE     = $40;
+  DH_CHECK_PUBKEY_TOO_SMALL    = $01;
+  DH_CHECK_PUBKEY_TOO_LARGE    = $02;
+  DH_CHECK_PUBKEY_INVALID      = $04;
+  DH_CHECK_P_NOT_STRONG_PRIME  = DH_CHECK_P_NOT_SAFE_PRIME;
+
+  EVP_PKEY_DH_KDF_NONE  = 1;
+  EVP_PKEY_DH_KDF_X9_42 = 2;
+
+  EVP_PKEY_CTRL_DH_PARAMGEN_PRIME_LEN    = (EVP_PKEY_ALG_CTRL + 1);
+  EVP_PKEY_CTRL_DH_PARAMGEN_GENERATOR    = (EVP_PKEY_ALG_CTRL + 2);
+  EVP_PKEY_CTRL_DH_RFC5114               = (EVP_PKEY_ALG_CTRL + 3);
+  EVP_PKEY_CTRL_DH_PARAMGEN_SUBPRIME_LEN = (EVP_PKEY_ALG_CTRL + 4);
+  EVP_PKEY_CTRL_DH_PARAMGEN_TYPE         = (EVP_PKEY_ALG_CTRL + 5);
+  EVP_PKEY_CTRL_DH_KDF_TYPE              = (EVP_PKEY_ALG_CTRL + 6);
+  EVP_PKEY_CTRL_DH_KDF_MD                = (EVP_PKEY_ALG_CTRL + 7);
+  EVP_PKEY_CTRL_GET_DH_KDF_MD            = (EVP_PKEY_ALG_CTRL + 8);
+  EVP_PKEY_CTRL_DH_KDF_OUTLEN            = (EVP_PKEY_ALG_CTRL + 9);
+  EVP_PKEY_CTRL_GET_DH_KDF_OUTLEN        = (EVP_PKEY_ALG_CTRL + 10);
+  EVP_PKEY_CTRL_DH_KDF_UKM               = (EVP_PKEY_ALG_CTRL + 11);
+  EVP_PKEY_CTRL_GET_DH_KDF_UKM           = (EVP_PKEY_ALG_CTRL + 12);
+  EVP_PKEY_CTRL_DH_KDF_OID               = (EVP_PKEY_ALG_CTRL + 13);
+  EVP_PKEY_CTRL_GET_DH_KDF_OID           = (EVP_PKEY_ALG_CTRL + 14);
+  EVP_PKEY_CTRL_DH_NID                   = (EVP_PKEY_ALG_CTRL + 15);
+  EVP_PKEY_CTRL_DH_PAD                   = (EVP_PKEY_ALG_CTRL + 16);
+
+type
+  DH_meth_generate_key_cb = function(dh: PDH): TIdC_INT;
+  DH_meth_compute_key_cb = function(key: PByte; const pub_key: PBIGNUM; dh: PDH): TIdC_INT;
+  DH_meth_bn_mod_exp_cb = function(
+    const dh: PDH; r: PBIGNUM; const a: PBIGNUM;
+    const p: PBIGNUM; const m: PBIGNUM;
+    ctx: PBN_CTX; m_ctx: PBN_MONT_CTX): TIdC_INT;
+  DH_meth_init_cb = function(dh: PDH): TIdC_INT;
+  DH_meth_finish_cb = function(dh: PDH): TIdC_INT;
+  DH_meth_generate_params_cb = function(dh: PDH; prime_len: TIdC_INT; generator: TIdC_INT; cb: PBN_GENCB): TIdC_INT;
+
+var
+{
+  # define DH_CHECK_P_NOT_STRONG_PRIME     DH_CHECK_P_NOT_SAFE_PRIME
+
+  # define d2i_DHparams_fp(fp,x) \
+      (DH *)ASN1_d2i_fp((char *(*)())DH_new, \
+                        (char *(*)())d2i_DHparams, \
+                        (fp), \
+                        (unsigned char **)(x))
+  # define i2d_DHparams_fp(fp,x) \
+      ASN1_i2d_fp(i2d_DHparams,(fp), (unsigned char *)(x))
+  # define d2i_DHparams_bio(bp,x) \
+      ASN1_d2i_bio_of(DH, DH_new, d2i_DHparams, bp, x)
+  # define i2d_DHparams_bio(bp,x) \
+      ASN1_i2d_bio_of_const(DH,i2d_DHparams,bp,x)
+
+  # define d2i_DHxparams_fp(fp,x) \
+      (DH *)ASN1_d2i_fp((char *(*)())DH_new, \
+                        (char *(*)())d2i_DHxparams, \
+                        (fp), \
+                        (unsigned char **)(x))
+  # define i2d_DHxparams_fp(fp,x) \
+      ASN1_i2d_fp(i2d_DHxparams,(fp), (unsigned char *)(x))
+  # define d2i_DHxparams_bio(bp,x) \
+      ASN1_d2i_bio_of(DH, DH_new, d2i_DHxparams, bp, x)
+  # define i2d_DHxparams_bio(bp,x) \
+      ASN1_i2d_bio_of_const(DH, i2d_DHxparams, bp, x)
+}
+
+  function DHparams_dup(dh: PDH): PDH;
+
+  function DH_OpenSSL: PDH_Method;
+
+  procedure DH_set_default_method(const meth: PDH_Method);
+  function DH_get_default_method: PDH_Method;
+  function DH_set_method(dh: PDH; const meth: PDH_Method): TIdC_INT;
+  function DH_new_method(engine: PENGINE): PDH;
+
+  function DH_new: PDH;
+  procedure DH_free(dh: PDH);
+  function DH_up_ref(dh: PDH): TIdC_INT;
+  function DH_bits(const dh: PDH): TIdC_INT;
+  function DH_size(const dh: PDH): TIdC_INT;
+  function DH_security_bits(const dh: PDH): TIdC_INT;
+  function DH_set_ex_data(d: PDH; idx: TIdC_INT; arg: Pointer): TIdC_INT;
+  function DH_get_ex_data(d: PDH; idx: TIdC_INT): Pointer;
+
+  function DH_generate_parameters_ex(dh: PDH; prime_len: TIdC_INT; generator: TIdC_INT; cb: PBN_GENCB): TIdC_INT;
+
+  function DH_check_params_ex(const dh: PDH): TIdC_INT;
+  function DH_check_ex(const dh: PDH): TIdC_INT;
+  function DH_check_pub_key_ex(const dh: PDH; const pub_key: PBIGNUM): TIdC_INT;
+  function DH_check_params(const dh: PDH; ret: PIdC_INT): TIdC_INT;
+  function DH_check(const dh: PDH; codes: PIdC_INT): TIdC_INT;
+  function DH_check_pub_key(const dh: PDH; const pub_key: PBIGNUM; codes: PIdC_INT): TIdC_INT;
+  function DH_generate_key(dh: PDH): TIdC_INT;
+  function DH_compute_key(key: PByte; const pub_key: PBIGNUM; dh: PDH): TIdC_INT;
+  function DH_compute_key_padded(key: PByte; const pub_key: PBIGNUM; dh: PDH): TIdC_INT;
+  function d2i_DHparams(a: PPDH; const pp: PPByte; length: TIdC_LONG): PDH;
+  function i2d_DHparams(const a: PDH; pp: PPByte): TIdC_INT;
+  function d2i_DHxparams(a: PPDH; const pp: PPByte; length: TIdC_LONG): PDH;
+  function i2d_DHxparams(const a: PDH; pp: PPByte): TIdC_INT;
+  function DHparams_print(bp: PBIO; const x: PDH): TIdC_INT;
+
+  function DH_get_1024_160: PDH;
+  function DH_get_2048_224: PDH;
+  function DH_get_2048_256: PDH;
+
+  function DH_new_by_nid(nid: TIdC_INT): PDH;
+  function DH_get_nid(const dh: PDH): TIdC_INT;
+
+  function DH_KDF_X9_42( &out: PByte; outlen: TIdC_SIZET; const Z: PByte; Zlen: TIdC_SIZET; key_oid: PASN1_OBJECT; const ukm: PByte; ukmlen: TIdC_SIZET; const md: PEVP_MD): TIdC_INT;
+
+  procedure DH_get0_pqg(const dh: PDH; const p: PPBIGNUM; const q: PPBIGNUM; const g: PPBIGNUM);
+  function DH_set0_pqg(dh: PDH; p: PBIGNUM; q: PBIGNUM; g: PBIGNUM): TIdC_INT;
+  procedure DH_get0_key(const dh: PDH; const pub_key: PPBIGNUM; const priv_key: PPBIGNUM);
+  function DH_set0_key(dh: PDH; pub_key: PBIGNUM; priv_key: PBIGNUM): TIdC_INT;
+  function DH_get0_p(const dh: PDH): PBIGNUM;
+  function DH_get0_q(const dh: PDH): PBIGNUM;
+  function DH_get0_g(const dh: PDH): PBIGNUM;
+  function DH_get0_priv_key(const dh: PDH): PBIGNUM;
+  function DH_get0_pub_key(const dh: PDH): PBIGNUM;
+  procedure DH_clear_flags(dh: PDH; flags: TIdC_INT);
+  function DH_test_flags(const dh: PDH; flags: TIdC_INT): TIdC_INT;
+  procedure DH_set_flags(dh: PDH; flags: TIdC_INT);
+  function DH_get0_engine(d: PDH): PENGINE;
+  function DH_get_length(const dh: PDH): TIdC_LONG;
+  function DH_set_length(dh: PDH; length: TIdC_LONG): TIdC_INT;
+
+  function DH_meth_new(const name: PIdAnsiChar; flags: TIdC_INT): PDH_Method;
+  procedure DH_meth_free(dhm: PDH_Method);
+  function DH_meth_dup(const dhm: PDH_Method): PDH_Method;
+  function DH_meth_get0_name(const dhm: PDH_Method): PIdAnsiChar;
+  function DH_meth_set1_name(dhm: PDH_Method; const name: PIdAnsiChar): TIdC_INT;
+  function DH_meth_get_flags(const dhm: PDH_Method): TIdC_INT;
+  function DH_meth_set_flags(const dhm: PDH_Method; flags: TIdC_INT): TIdC_INT;
+  function DH_meth_get0_app_data(const dhm: PDH_Method): Pointer;
+  function DH_meth_set0_app_data(const dhm: PDH_Method; app_data: Pointer): TIdC_INT;
+
+  function DH_meth_get_generate_key(const dhm: PDH_Method): DH_meth_generate_key_cb;
+  function DH_meth_set_generate_key(const dhm: PDH_Method; generate_key: DH_meth_generate_key_cb): TIdC_INT;
+
+  function DH_meth_get_compute_key(const dhm: PDH_Method): DH_meth_compute_key_cb;
+  function DH_meth_set_compute_key(const dhm: PDH_Method; compute_key: DH_meth_compute_key_cb): TIdC_INT;
+
+  function DH_meth_get_bn_mod_exp(const dhm: PDH_Method): DH_meth_bn_mod_exp_cb;
+  function DH_meth_set_bn_mod_exp(const dhm: PDH_Method; bn_mod_expr: DH_meth_bn_mod_exp_cb): TIdC_INT;
+
+  function DH_meth_get_init(const dhm: PDH_Method): DH_meth_init_cb;
+  function DH_meth_set_init(const dhm: PDH_Method; init: DH_meth_init_cb): TIdC_INT;
+
+  function DH_meth_get_finish(const dhm: PDH_Method): DH_meth_finish_cb;
+  function DH_meth_set_finish(const dhm: PDH_Method; finish: DH_meth_finish_cb): TIdC_INT;
+
+  function DH_meth_get_generate_params(const dhm: PDH_Method): DH_meth_generate_params_cb;
+  function DH_meth_set_generate_params(const dhm: PDH_Method; generate_params: DH_meth_generate_params_cb): TIdC_INT;
+
+{
+# define EVP_PKEY_CTX_set_dh_paramgen_prime_len(ctx, len) \
+        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN, \
+                        EVP_PKEY_CTRL_DH_PARAMGEN_PRIME_LEN, len, NULL)
+
+# define EVP_PKEY_CTX_set_dh_paramgen_subprime_len(ctx, len) \
+        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN, \
+                        EVP_PKEY_CTRL_DH_PARAMGEN_SUBPRIME_LEN, len, NULL)
+
+# define EVP_PKEY_CTX_set_dh_paramgen_type(ctx, typ) \
+        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN, \
+                        EVP_PKEY_CTRL_DH_PARAMGEN_TYPE, typ, NULL)
+
+# define EVP_PKEY_CTX_set_dh_paramgen_generator(ctx, gen) \
+        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN, \
+                        EVP_PKEY_CTRL_DH_PARAMGEN_GENERATOR, gen, NULL)
+
+# define EVP_PKEY_CTX_set_dh_rfc5114(ctx, gen) \
+        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, EVP_PKEY_OP_PARAMGEN, \
+                        EVP_PKEY_CTRL_DH_RFC5114, gen, NULL)
+
+# define EVP_PKEY_CTX_set_dhx_rfc5114(ctx, gen) \
+        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, EVP_PKEY_OP_PARAMGEN, \
+                        EVP_PKEY_CTRL_DH_RFC5114, gen, NULL)
+
+# define EVP_PKEY_CTX_set_dh_nid(ctx, nid) \
+        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, \
+                        EVP_PKEY_OP_PARAMGEN | EVP_PKEY_OP_KEYGEN, \
+                        EVP_PKEY_CTRL_DH_NID, nid, NULL)
+
+# define EVP_PKEY_CTX_set_dh_pad(ctx, pad) \
+        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_DERIVE, \
+                          EVP_PKEY_CTRL_DH_PAD, pad, NULL)
+
+# define EVP_PKEY_CTX_set_dh_kdf_type(ctx, kdf) \
+        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
+                                EVP_PKEY_OP_DERIVE, \
+                                EVP_PKEY_CTRL_DH_KDF_TYPE, kdf, NULL)
+
+# define EVP_PKEY_CTX_get_dh_kdf_type(ctx) \
+        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
+                                EVP_PKEY_OP_DERIVE, \
+                                EVP_PKEY_CTRL_DH_KDF_TYPE, -2, NULL)
+
+# define EVP_PKEY_CTX_set0_dh_kdf_oid(ctx, oid) \
+        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
+                                EVP_PKEY_OP_DERIVE, \
+                                EVP_PKEY_CTRL_DH_KDF_OID, 0, (void *)(oid))
+
+# define EVP_PKEY_CTX_get0_dh_kdf_oid(ctx, poid) \
+        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
+                                EVP_PKEY_OP_DERIVE, \
+                                EVP_PKEY_CTRL_GET_DH_KDF_OID, 0, (void *)(poid))
+
+# define EVP_PKEY_CTX_set_dh_kdf_md(ctx, md) \
+        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
+                                EVP_PKEY_OP_DERIVE, \
+                                EVP_PKEY_CTRL_DH_KDF_MD, 0, (void *)(md))
+
+# define EVP_PKEY_CTX_get_dh_kdf_md(ctx, pmd) \
+        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
+                                EVP_PKEY_OP_DERIVE, \
+                                EVP_PKEY_CTRL_GET_DH_KDF_MD, 0, (void *)(pmd))
+
+# define EVP_PKEY_CTX_set_dh_kdf_outlen(ctx, len) \
+        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
+                                EVP_PKEY_OP_DERIVE, \
+                                EVP_PKEY_CTRL_DH_KDF_OUTLEN, len, NULL)
+
+# define EVP_PKEY_CTX_get_dh_kdf_outlen(ctx, plen) \
+        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
+                                EVP_PKEY_OP_DERIVE, \
+                        EVP_PKEY_CTRL_GET_DH_KDF_OUTLEN, 0, (void *)(plen))
+
+# define EVP_PKEY_CTX_set0_dh_kdf_ukm(ctx, p, plen) \
+        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
+                                EVP_PKEY_OP_DERIVE, \
+                                EVP_PKEY_CTRL_DH_KDF_UKM, plen, (void *)(p))
+
+# define EVP_PKEY_CTX_get0_dh_kdf_ukm(ctx, p) \
+        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
+                                EVP_PKEY_OP_DERIVE, \
+                                EVP_PKEY_CTRL_GET_DH_KDF_UKM, 0, (void *)(p))
+}
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_dherr.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_dherr.pas
new file mode 100644
index 000000000..1726ecd05
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_dherr.pas
@@ -0,0 +1,103 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+unit IdOpenSSLHeaders_dherr;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// dherr.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+const
+  // DH function codes
+  DH_F_COMPUTE_KEY               = 102;
+  DH_F_DHPARAMS_PRINT_FP         = 101;
+  DH_F_DH_BUILTIN_GENPARAMS      = 106;
+  DH_F_DH_CHECK_EX               = 121;
+  DH_F_DH_CHECK_PARAMS_EX        = 122;
+  DH_F_DH_CHECK_PUB_KEY_EX       = 123;
+  DH_F_DH_CMS_DECRYPT            = 114;
+  DH_F_DH_CMS_SET_PEERKEY        = 115;
+  DH_F_DH_CMS_SET_SHARED_INFO    = 116;
+  DH_F_DH_METH_DUP               = 117;
+  DH_F_DH_METH_NEW               = 118;
+  DH_F_DH_METH_SET1_NAME         = 119;
+  DH_F_DH_NEW_BY_NID             = 104;
+  DH_F_DH_NEW_METHOD             = 105;
+  DH_F_DH_PARAM_DECODE           = 107;
+  DH_F_DH_PKEY_PUBLIC_CHECK      = 124;
+  DH_F_DH_PRIV_DECODE            = 110;
+  DH_F_DH_PRIV_ENCODE            = 111;
+  DH_F_DH_PUB_DECODE             = 108;
+  DH_F_DH_PUB_ENCODE             = 109;
+  DH_F_DO_DH_PRINT               = 100;
+  DH_F_GENERATE_KEY              = 103;
+  DH_F_PKEY_DH_CTRL_STR          = 120;
+  DH_F_PKEY_DH_DERIVE            = 112;
+  DH_F_PKEY_DH_INIT              = 125;
+  DH_F_PKEY_DH_KEYGEN            = 113;
+
+  // DH reason codes
+  DH_R_BAD_GENERATOR             = 101;
+  DH_R_BN_DECODE_ERROR           = 109;
+  DH_R_BN_ERROR                  = 106;
+  DH_R_CHECK_INVALID_J_VALUE     = 115;
+  DH_R_CHECK_INVALID_Q_VALUE     = 116;
+  DH_R_CHECK_PUBKEY_INVALID      = 122;
+  DH_R_CHECK_PUBKEY_TOO_LARGE    = 123;
+  DH_R_CHECK_PUBKEY_TOO_SMALL    = 124;
+  DH_R_CHECK_P_NOT_PRIME         = 117;
+  DH_R_CHECK_P_NOT_SAFE_PRIME    = 118;
+  DH_R_CHECK_Q_NOT_PRIME         = 119;
+  DH_R_DECODE_ERROR              = 104;
+  DH_R_INVALID_PARAMETER_NAME    = 110;
+  DH_R_INVALID_PARAMETER_NID     = 114;
+  DH_R_INVALID_PUBKEY            = 102;
+  DH_R_KDF_PARAMETER_ERROR       = 112;
+  DH_R_KEYS_NOT_SET              = 108;
+  DH_R_MISSING_PUBKEY            = 125;
+  DH_R_MODULUS_TOO_LARGE         = 103;
+  DH_R_NOT_SUITABLE_GENERATOR    = 120;
+  DH_R_NO_PARAMETERS_SET         = 107;
+  DH_R_NO_PRIVATE_VALUE          = 100;
+  DH_R_PARAMETER_ENCODING_ERROR  = 105;
+  DH_R_PEER_KEY_ERROR            = 111;
+  DH_R_SHARED_INFO_ERROR         = 113;
+  DH_R_UNABLE_TO_CHECK_GENERATOR = 121;
+
+var
+  function ERR_load_DH_strings: TIdC_INT;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_dsa.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_dsa.pas
new file mode 100644
index 000000000..91fd84237
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_dsa.pas
@@ -0,0 +1,198 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+unit IdOpenSSLHeaders_dsa;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// dsa.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts,
+  IdOpenSSLHeaders_ossl_typ,
+  IdOpenSSLHeaders_evp;
+
+const
+  OPENSSL_DSA_MAX_MODULUS_BITS = 10000;
+  OPENSSL_DSA_FIPS_MIN_MODULUS_BITS = 1024;
+  DSA_FLAG_CACHE_MONT_P = $01;
+  DSA_FLAG_NO_EXP_CONSTTIME = $00;
+  DSA_FLAG_FIPS_METHOD = $0400;
+  DSA_FLAG_NON_FIPS_ALLOW = $0400;
+  DSA_FLAG_FIPS_CHECKED = $0800;
+
+  DSS_prime_checks = 64;
+
+  EVP_PKEY_CTRL_DSA_PARAMGEN_BITS = EVP_PKEY_ALG_CTRL + 1;
+  EVP_PKEY_CTRL_DSA_PARAMGEN_Q_BITS = EVP_PKEY_ALG_CTRL + 2;
+  EVP_PKEY_CTRL_DSA_PARAMGEN_MD = EVP_PKEY_ALG_CTRL + 3;
+
+type
+  DSA_SIG = type Pointer; // DSA_SIG_st
+  PDSA_SIG = ^DSA_SIG;
+  PPDSA_SIG = ^PDSA_SIG;
+
+  DSA_meth_sign_cb = function (const v1: PByte; v2: TIdC_INT; v3: PDSA): PDSA_SIG cdecl;
+  DSA_meth_sign_setup_cb = function (v1: PDSA; v2: PBN_CTX;
+    v3: PPBIGNUM; v4: PPBIGNUM): TIdC_INT cdecl;
+  DSA_meth_verify_cb = function (const v1: PByte; v2: TIdC_INT;
+    v3: PDSA_SIG; v4: PDSA): TIdC_INT cdecl;
+  DSA_meth_mod_exp_cb = function (v1: PDSA; v2: PBIGNUM;
+    const v3: PBIGNUM; const v4: PBIGNUM; const v5: PBIGNUM; const v6: PBIGNUM;
+    const v7: PBIGNUM; v8: PBN_CTX; v9: PBN_MONT_CTX): TIdC_INT cdecl;
+  DSA_meth_bn_mod_exp_cb = function (v1: PDSA; v2: PBIGNUM;
+    const v3: PBIGNUM; const v4: PBIGNUM; const v5: PBIGNUM; v6: PBN_CTX; v7: PBN_MONT_CTX): TIdC_INT cdecl;
+  DSA_meth_init_cb = function(v1: PDSA): TIdC_INT cdecl;
+  DSA_meth_finish_cb = function (v1: PDSA): TIdC_INT cdecl;
+  DSA_meth_paramgen_cb = function (v1: PDSA; v2: TIdC_INT;
+    const v3: PByte; v4: TIdC_INT; v5: PIdC_INT; v6: PIdC_ULONG; v7: PBN_GENCB): TIdC_INT cdecl;
+  DSA_meth_keygen_cb = function (v1: PDSA): TIdC_INT cdecl;
+
+//# define d2i_DSAparams_fp(fp,x) (DSA *)ASN1_d2i_fp((char *(*)())DSA_new, \
+//                (char *(*)())d2i_DSAparams,(fp),(unsigned char **)(x))
+//# define i2d_DSAparams_fp(fp,x) ASN1_i2d_fp(i2d_DSAparams,(fp), \
+//                (unsigned char *)(x))
+//# define d2i_DSAparams_bio(bp,x) ASN1_d2i_bio_of(DSA,DSA_new,d2i_DSAparams,bp,x)
+//# define i2d_DSAparams_bio(bp,x) ASN1_i2d_bio_of_const(DSA,i2d_DSAparams,bp,x)
+
+var
+  function DSAparams_dup(x: PDSA): PDSA;
+  function DSA_SIG_new: PDSA_SIG;
+  procedure DSA_SIG_free(a: PDSA_SIG);
+  function i2d_DSA_SIG(const a: PDSA_SIG; pp: PPByte): TIdC_INT;
+  function d2i_DSA_SIG(v: PPDSA_SIG; const pp: PPByte; length: TIdC_LONG): PDSA_SIG;
+  procedure DSA_SIG_get0(const sig: PDSA_SIG; const pr: PPBIGNUM; const ps: PPBIGNUM);
+  function DSA_SIG_set0(sig: PDSA_SIG; r: PBIGNUM; s: PBIGNUM): TIdC_INT;
+  
+  function DSA_do_sign(const dgst: PByte; dlen: TIdC_INT; dsa: PDSA): PDSA_SIG;
+  function DSA_do_verify(const dgst: PByte; dgst_len: TIdC_INT; sig: PDSA_SIG; dsa: PDSA): TIdC_INT;
+  
+  function DSA_OpenSSL: PDSA_METHOD;
+  procedure DSA_set_default_method(const v1: PDSA_METHOD);
+  function DSA_get_default_method: PDSA_METHOD;
+  function DSA_set_method(dsa: PDSA; const v1: PDSA_METHOD): TIdC_INT;
+  function DSA_get_method(d: PDSA): PDSA_METHOD;
+
+  function DSA_new: PDSA;
+  function DSA_new_method(engine: PENGINE): PDSA;
+  procedure DSA_free(r: PDSA);
+  (* "up" the DSA object's reference count *)
+  function DSA_up_ref(r: PDSA): TIdC_INT;
+  function DSA_size(const v1: PDSA): TIdC_INT;
+  function DSA_bits(const d: PDSA): TIdC_INT;
+  function DSA_security_bits(const d: PDSA): TIdC_INT;
+  function DSA_sign(&type: TIdC_INT; const dgst: PByte; dlen: TIdC_INT; sig: PByte; siglen: PIdC_UINT; dsa: PDSA): TIdC_INT;
+  function DSA_verify(&type: TIdC_INT; const dgst: PByte; dgst_len: TIdC_INT; const sigbuf: PByte; siglen: TIdC_INT; dsa: PDSA): TIdC_INT;
+  //#define DSA_get_ex_new_index(l, p, newf, dupf, freef) \
+  //    CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_DSA, l, p, newf, dupf, freef)
+  function DSA_set_ex_data(d: PDSA; idx: TIdC_INT; arg: Pointer): TIdC_INT;
+  function DSA_get_ex_data(d: PDSA; idx: TIdC_INT): Pointer;
+  
+  function d2i_DSAPublicKey(a: PPDSA; const pp: PPByte; length: TIdC_LONG): PDSA;
+  function d2i_DSAPrivateKey(a: PPDSA; const pp: PPByte; length: TIdC_LONG): PDSA;
+  function d2i_DSAparams(a: PPDSA; const pp: PPByte; length: TIdC_LONG): PDSA;
+
+  function DSA_generate_parameters_ex(dsa: PDSA; bits: TIdC_INT; const seed: PByte; seed_len: TIdC_INT; counter_ret: PIdC_INT; h_ret: PIdC_ULONG; cb: PBN_GENCB): TIdC_INT;
+
+  function DSA_generate_key(a: PDSA): TIdC_INT;
+  function i2d_DSAPublicKey(const a: PDSA; pp: PPByte): TIdC_INT;
+  function i2d_DSAPrivateKey(const a: PDSA; pp: PPByte): TIdC_INT;
+  function i2d_DSAparams(const a: PDSA; pp: PPByte): TIdC_INT;
+  
+  function DSAparams_print(bp: PBIO; const x: PDSA): TIdC_INT;
+  function DSA_print(bp: PBIO; const x: PDSA; off: TIdC_INT): TIdC_INT;
+//  function DSAparams_print_fp(fp: PFile; const x: PDSA): TIdC_INT;
+//  function DSA_print_fp(bp: PFile; const x: PDSA; off: TIdC_INT): TIdC_INT;
+
+  //# define DSA_is_prime(n, callback, cb_arg) \
+  //        BN_is_prime(n, DSS_prime_checks, callback, NULL, cb_arg)
+
+  (*
+   * Convert DSA structure (key or just parameters) into DH structure (be
+   * careful to avoid small subgroup attacks when using this!)
+   *)
+  function DSA_dup_DH(const r: PDSA): PDH;
+
+  //# define EVP_PKEY_CTX_set_dsa_paramgen_bits(ctx, nbits) \
+  //        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DSA, EVP_PKEY_OP_PARAMGEN, \
+  //                                EVP_PKEY_CTRL_DSA_PARAMGEN_BITS, nbits, NULL)
+  //# define EVP_PKEY_CTX_set_dsa_paramgen_q_bits(ctx, qbits) \
+  //        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DSA, EVP_PKEY_OP_PARAMGEN, \
+  //                                EVP_PKEY_CTRL_DSA_PARAMGEN_Q_BITS, qbits, NULL)
+  //# define EVP_PKEY_CTX_set_dsa_paramgen_md(ctx, md) \
+  //        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DSA, EVP_PKEY_OP_PARAMGEN, \
+  //                                EVP_PKEY_CTRL_DSA_PARAMGEN_MD, 0, (void *)(md))
+
+  procedure DSA_get0_pqg(const d: PDSA; const p: PPBIGNUM; const q: PPBIGNUM; const g: PPBIGNUM);
+  function DSA_set0_pqg(d: PDSA; p: PBIGNUM; q: PBIGNUM; g: PBIGNUM): TIdC_INT;
+  procedure DSA_get0_key(const d: PDSA; const pub_key: PPBIGNUM; const priv_key: PPBIGNUM);
+  function DSA_set0_key(d: PDSA; pub_key: PBIGNUM; priv_key: PBIGNUM): TIdC_INT;
+  function DSA_get0_p(const d: PDSA): PBIGNUM;
+  function DSA_get0_q(const d: PDSA): PBIGNUM;
+  function DSA_get0_g(const d: PDSA): PBIGNUM;
+  function DSA_get0_pub_key(const d: PDSA): PBIGNUM;
+  function DSA_get0_priv_key(const d: PDSA): PBIGNUM;
+  procedure DSA_clear_flags(d: PDSA; flags: TIdC_INT);
+  function DSA_test_flags(const d: PDSA; flags: TIdC_INT): TIdC_INT;
+  procedure DSA_set_flags(d: PDSA; flags: TIdC_INT);
+  function DSA_get0_engine(d: PDSA): PENGINE;
+  
+  function DSA_meth_new(const name: PIdAnsiChar; flags: TIdC_INT): PDSA_METHOD;
+  procedure DSA_meth_free(dsam: PDSA_METHOD);
+  function DSA_meth_dup(const dsam: PDSA_METHOD): PDSA_METHOD;
+  function DSA_meth_get0_name(const dsam: PDSA_METHOD): PIdAnsiChar;
+  function DSA_meth_set1_name(dsam: PDSA_METHOD; const name: PIdAnsiChar): TIdC_INT;
+  function DSA_meth_get_flags(const dsam: PDSA_METHOD): TIdC_INT;
+  function DSA_meth_set_flags(dsam: PDSA_METHOD; flags: TIdC_INT): TIdC_INT;
+  function DSA_meth_get0_app_data(const dsam: PDSA_METHOD): Pointer;
+  function DSA_meth_set0_app_data(dsam: PDSA_METHOD; app_data: Pointer): TIdC_INT;
+  function DSA_meth_get_sign(const dsam: PDSA_METHOD): DSA_meth_sign_cb;
+  function DSA_meth_set_sign(dsam: PDSA_METHOD; sign: DSA_meth_sign_cb): TIdC_INT;
+  function DSA_meth_get_sign_setup(const dsam: PDSA_METHOD): DSA_meth_sign_setup_cb;
+  function DSA_meth_set_sign_setup(dsam: PDSA_METHOD; sign_setup: DSA_meth_sign_setup_cb): TIdC_INT;
+  function DSA_meth_get_verify(const dsam: PDSA_METHOD): DSA_meth_verify_cb;
+  function DSA_meth_set_verify(dsam: PDSA_METHOD; verify: DSA_meth_verify_cb): TIdC_INT;
+  function DSA_meth_get_mod_exp(const dsam: PDSA_METHOD): DSA_meth_mod_exp_cb;
+  function DSA_meth_set_mod_exp(dsam: PDSA_METHOD; mod_exp: DSA_meth_mod_exp_cb): TIdC_INT;
+  function DSA_meth_get_bn_mod_exp(const dsam: PDSA_METHOD): DSA_meth_bn_mod_exp_cb;
+  function DSA_meth_set_bn_mod_exp(dsam: PDSA_METHOD; bn_mod_exp: DSA_meth_bn_mod_exp_cb): TIdC_INT;
+  function DSA_meth_get_init(const dsam: PDSA_METHOD): DSA_meth_init_cb;
+  function DSA_meth_set_init(dsam: PDSA_METHOD; init: DSA_meth_init_cb): TIdC_INT;
+  function DSA_meth_get_finish(const dsam: PDSA_METHOD): DSA_meth_finish_cb;
+  function DSA_meth_set_finish(dsam: PDSA_METHOD; finish: DSA_meth_finish_cb): TIdC_INT;
+  function DSA_meth_get_paramgen(const dsam: PDSA_METHOD): DSA_meth_paramgen_cb;
+  function DSA_meth_set_paramgen(dsam: PDSA_METHOD; paramgen: DSA_meth_paramgen_cb): TIdC_INT;
+  function DSA_meth_get_keygen(const dsam: PDSA_METHOD): DSA_meth_keygen_cb;
+  function DSA_meth_set_keygen(dsam: PDSA_METHOD; keygen: DSA_meth_keygen_cb): TIdC_INT;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_dsaerr.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_dsaerr.pas
new file mode 100644
index 000000000..403e2ccb8
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_dsaerr.pas
@@ -0,0 +1,91 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+unit IdOpenSSLHeaders_dsaerr;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// dsaerr.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+const
+  ///*
+  // * DSA function codes.
+  // */
+  DSA_F_DSAPARAMS_PRINT = 100;
+  DSA_F_DSAPARAMS_PRINT_FP = 101;
+  DSA_F_DSA_BUILTIN_PARAMGEN = 125;
+  DSA_F_DSA_BUILTIN_PARAMGEN2 = 126;
+  DSA_F_DSA_DO_SIGN = 112;
+  DSA_F_DSA_DO_VERIFY = 113;
+  DSA_F_DSA_METH_DUP = 127;
+  DSA_F_DSA_METH_NEW = 128;
+  DSA_F_DSA_METH_SET1_NAME = 129;
+  DSA_F_DSA_NEW_METHOD = 103;
+  DSA_F_DSA_PARAM_DECODE = 119;
+  DSA_F_DSA_PRINT_FP = 105;
+  DSA_F_DSA_PRIV_DECODE = 115;
+  DSA_F_DSA_PRIV_ENCODE = 116;
+  DSA_F_DSA_PUB_DECODE = 117;
+  DSA_F_DSA_PUB_ENCODE = 118;
+  DSA_F_DSA_SIGN = 106;
+  DSA_F_DSA_SIGN_SETUP = 107;
+  DSA_F_DSA_SIG_NEW = 102;
+  DSA_F_OLD_DSA_PRIV_DECODE = 122;
+  DSA_F_PKEY_DSA_CTRL = 120;
+  DSA_F_PKEY_DSA_CTRL_STR = 104;
+  DSA_F_PKEY_DSA_KEYGEN = 121;
+
+  ///*
+  // * DSA reason codes.
+  // */
+  DSA_R_BAD_Q_VALUE = 102;
+  DSA_R_BN_DECODE_ERROR = 108;
+  DSA_R_BN_ERROR = 109;
+  DSA_R_DECODE_ERROR = 104;
+  DSA_R_INVALID_DIGEST_TYPE = 106;
+  DSA_R_INVALID_PARAMETERS = 112;
+  DSA_R_MISSING_PARAMETERS = 101;
+  DSA_R_MISSING_PRIVATE_KEY = 111;
+  DSA_R_MODULUS_TOO_LARGE = 103;
+  DSA_R_NO_PARAMETERS_SET = 107;
+  DSA_R_PARAMETER_ENCODING_ERROR = 105;
+  DSA_R_Q_NOT_PRIME = 113;
+  DSA_R_SEED_LEN_SMALL = 110;
+
+var
+  function ERR_load_DSA_strings: TIdC_INT;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ebcdic.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ebcdic.pas
new file mode 100644
index 000000000..8c19fe75c
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ebcdic.pas
@@ -0,0 +1,51 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+unit IdOpenSSLHeaders_ebcdic;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// ebcdic.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+var
+
+  //extern const unsigned char os_toascii[256];
+  //extern const unsigned char os_toebcdic[256];
+
+  function ebcdic2ascii(dest: Pointer; const srce: Pointer; count: TIdC_SIZET): Pointer;
+  function ascii2ebcdic(dest: Pointer; const srce: Pointer; count: TIdC_SIZET): Pointer;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ec.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ec.pas
new file mode 100644
index 000000000..a1c7c0505
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ec.pas
@@ -0,0 +1,347 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+unit IdOpenSSLHeaders_ec;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// ec.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts,
+  IdOpenSSLHeaders_ossl_typ,
+  IdOpenSSLHeaders_evp;
+
+const
+  OPENSSL_EC_EXPLICIT_CURVE = $000;
+  OPENSSL_EC_NAMED_CURVE    = $001;
+  EC_PKEY_NO_PARAMETERS = $001;
+  EC_PKEY_NO_PUBKEY     = $002;
+  EC_FLAG_NON_FIPS_ALLOW = $1;
+  EC_FLAG_FIPS_CHECKED   = $2;
+  EC_FLAG_COFACTOR_ECDH  = $1000;
+  EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID = (EVP_PKEY_ALG_CTRL + 1);
+  EVP_PKEY_CTRL_EC_PARAM_ENC          = (EVP_PKEY_ALG_CTRL + 2);
+  EVP_PKEY_CTRL_EC_ECDH_COFACTOR      = (EVP_PKEY_ALG_CTRL + 3);
+  EVP_PKEY_CTRL_EC_KDF_TYPE           = (EVP_PKEY_ALG_CTRL + 4);
+  EVP_PKEY_CTRL_EC_KDF_MD             = (EVP_PKEY_ALG_CTRL + 5);
+  EVP_PKEY_CTRL_GET_EC_KDF_MD         = (EVP_PKEY_ALG_CTRL + 6);
+  EVP_PKEY_CTRL_EC_KDF_OUTLEN         = (EVP_PKEY_ALG_CTRL + 7);
+  EVP_PKEY_CTRL_GET_EC_KDF_OUTLEN     = (EVP_PKEY_ALG_CTRL + 8);
+  EVP_PKEY_CTRL_EC_KDF_UKM            = (EVP_PKEY_ALG_CTRL + 9);
+  EVP_PKEY_CTRL_GET_EC_KDF_UKM        = (EVP_PKEY_ALG_CTRL + 10);
+  EVP_PKEY_CTRL_SET1_ID               = (EVP_PKEY_ALG_CTRL + 11);
+  EVP_PKEY_CTRL_GET1_ID               = (EVP_PKEY_ALG_CTRL + 12);
+  EVP_PKEY_CTRL_GET1_ID_LEN           = (EVP_PKEY_ALG_CTRL + 13);
+  EVP_PKEY_ECDH_KDF_NONE              = 1;
+  EVP_PKEY_ECDH_KDF_X9_63             = 2;
+  EVP_PKEY_ECDH_KDF_X9_62             = EVP_PKEY_ECDH_KDF_X9_63;
+
+type
+  {$MINENUMSIZE 4}
+  point_conversion_form_t = (
+    POINT_CONVERSION_COMPRESSED = 2,
+    POINT_CONVERSION_UNCOMPRESSED = 4,
+    POINT_CONVERSION_HYBRID = 6
+  );
+
+  EC_METHOD = type Pointer; // ec_method_st
+  PEC_METHOD = ^EC_METHOD;
+  
+  EC_GROUP = type Pointer; // ec_group_st
+  PEC_GROUP = ^EC_GROUP;
+  PPEC_GROUP = ^PEC_GROUP;
+  
+  EC_POINT = type Pointer; // ec_point_st
+  PEC_POINT = ^EC_POINT;
+  PPEC_POINT = ^PEC_POINT;
+  
+  ECPKPARAMETERS = type Pointer; // ecpk_parameters_st
+  PECPKPARAMETERS = ^ECPKPARAMETERS;
+  
+  ECPARAMETERS = type Pointer; // ec_parameters_st
+  PECPARAMETERS = ^ECPARAMETERS;
+
+  EC_builtin_curve = record
+    nid: TIdC_INT;
+    comment: PIdAnsiChar;
+  end;
+  PEC_builtin_curve = ^EC_builtin_curve;
+
+  ECDSA_SIG = type Pointer; // ECDSA_SIG_st
+  PECDSA_SIG = ^ECDSA_SIG;
+  PPECDSA_SIG = ^PECDSA_SIG;
+
+  ECDH_compute_key_KDF = function(const &in: Pointer; inlen: TIdC_SIZET; &out: Pointer; outlen: PIdC_SIZET): Pointer; cdecl;
+
+  EC_KEY_METHOD_init_init = function(key: PEC_KEY): TIdC_INT; cdecl;
+  EC_KEY_METHOD_init_finish = procedure(key: PEC_KEY); cdecl;
+  EC_KEY_METHOD_init_copy = function(dest: PEC_KEY; const src: PEC_KEY): TIdC_INT; cdecl;
+  EC_KEY_METHOD_init_set_group = function(key: PEC_KEY; const grp: PEC_GROUP): TIdC_INT; cdecl;
+  EC_KEY_METHOD_init_set_private = function(key: PEC_KEY; const priv_key: PBIGNUM): TIdC_INT; cdecl;
+  EC_KEY_METHOD_init_set_public = function(key: PEC_KEY; const pub_key: PEC_POINT): TIdC_INT; cdecl;
+
+  EC_KEY_METHOD_keygen_keygen = function(key: PEC_KEY): TIdC_INT; cdecl;
+
+  EC_KEY_METHOD_compute_key_ckey = function(psec: PPByte; pseclen: PIdC_SIZET; const pub_key: PEC_POINT; const ecdh: PEC_KEY): TIdC_INT; cdecl;
+
+  EC_KEY_METHOD_sign_sign = function(&type: TIdC_INT; const dgst: PByte; dlen: TIdC_INT; sig: PByte; siglen: PIdC_UINT; const kinv: PBIGNUM; const r: PBIGNUM; eckey: PEC_KEY): TIdC_INT; cdecl;
+  EC_KEY_METHOD_sign_sign_setup = function(eckey: PEC_KEY; ctx_in: PBN_CTX; kinvp: PPBIGNUM; rp: PPBIGNUM): TIdC_INT; cdecl;
+  EC_KEY_METHOD_sign_sign_sig = function(const dgst: PByte; dgst_len: TIdC_INT; const in_kinv: PBIGNUM; const in_r: PBIGNUM; eckey: PEC_KEY): PECDSA_SIG; cdecl;
+
+  EC_KEY_METHOD_verify_verify = function(&type: TIdC_INT; const dgst: PByte; dgst_len: TIdC_INT; const sigbuf: PByte; sig_len: TIdC_INT; eckey: PEC_KEY): TIdC_INT; cdecl;
+  EC_KEY_METHOD_verify_verify_sig = function(const dgst: PByte; dgst_len: TIdC_INT; const sig: PECDSA_SIG; eckey: PEC_KEY): TIdC_INT; cdecl;
+
+  PEC_KEY_METHOD_init_init = ^EC_KEY_METHOD_init_init;
+  PEC_KEY_METHOD_init_finish = ^EC_KEY_METHOD_init_finish;
+  PEC_KEY_METHOD_init_copy = ^EC_KEY_METHOD_init_copy;
+  PEC_KEY_METHOD_init_set_group = ^EC_KEY_METHOD_init_set_group;
+  PEC_KEY_METHOD_init_set_private = ^EC_KEY_METHOD_init_set_private;
+  PEC_KEY_METHOD_init_set_public = ^EC_KEY_METHOD_init_set_public;
+
+  PEC_KEY_METHOD_keygen_keygen = ^EC_KEY_METHOD_keygen_keygen;
+
+  PEC_KEY_METHOD_compute_key_ckey = ^EC_KEY_METHOD_compute_key_ckey;
+
+  PEC_KEY_METHOD_sign_sign = ^EC_KEY_METHOD_sign_sign;
+  PEC_KEY_METHOD_sign_sign_setup = ^EC_KEY_METHOD_sign_sign_setup;
+  PEC_KEY_METHOD_sign_sign_sig = ^EC_KEY_METHOD_sign_sign_sig;
+
+  PEC_KEY_METHOD_verify_verify = ^EC_KEY_METHOD_verify_verify;
+  PEC_KEY_METHOD_verify_verify_sig = ^EC_KEY_METHOD_verify_verify_sig;
+
+var
+  function EC_GFp_simple_method: PEC_METHOD;
+  function EC_GFp_mont_method: PEC_METHOD;
+  function EC_GFp_nist_method: PEC_METHOD;
+  function EC_GFp_nistp224_method: PEC_METHOD;
+  function EC_GFp_nistp256_method: PEC_METHOD;
+  function EC_GFp_nistp521_method: PEC_METHOD;
+
+  function EC_GF2m_simple_method: PEC_METHOD;
+
+  function EC_GROUP_new(const meth: PEC_METHOD): PEC_GROUP;
+  procedure EC_GROUP_free(group: PEC_GROUP);
+  procedure EC_GROUP_clear_free(group: PEC_GROUP);
+  function EC_GROUP_copy(dst: PEC_GROUP; const src: PEC_GROUP): TIdC_INT;
+  function EC_GROUP_dup(const src: PEC_GROUP): PEC_GROUP;
+  function EC_GROUP_method_of(const group: PEC_GROUP): PEC_GROUP;
+  function EC_METHOD_get_field_type(const meth: PEC_METHOD): TIdC_INT;
+  function EC_GROUP_set_generator(group: PEC_GROUP; const generator: PEC_POINT; const order: PBIGNUM; const cofactor: PBIGNUM): TIdC_INT;
+  function EC_GROUP_get0_generator(const group: PEC_GROUP): PEC_POINT;
+  function EC_GROUP_get_mont_data(const group: PEC_GROUP): PBN_MONT_CTX;
+  function EC_GROUP_get_order(const group: PEC_GROUP; order: PBIGNUM; ctx: PBN_CTX): TIdC_INT;
+  function EC_GROUP_get0_order(const group: PEC_GROUP): PBIGNUM;
+  function EC_GROUP_order_bits(const group: PEC_GROUP): TIdC_INT;
+  function EC_GROUP_get_cofactor(const group: PEC_GROUP; cofactor: PBIGNUM; ctx: PBN_CTX): TIdC_INT;
+  function EC_GROUP_get0_cofactor(const group: PEC_GROUP): PBIGNUM;
+  procedure EC_GROUP_set_curve_name(group: PEC_GROUP; nid: TIdC_INT);
+  function EC_GROUP_get_curve_name(const group: PEC_GROUP): TIdC_INT;
+
+  procedure EC_GROUP_set_asn1_flag(group: PEC_GROUP; flag: TIdC_INT);
+  function EC_GROUP_get_asn1_flag(const group: PEC_GROUP): TIdC_INT;
+
+  procedure EC_GROUP_set_point_conversion_form(group: PEC_GROUP; form: point_conversion_form_t);
+  function EC_GROUP_get_point_conversion_form(const group: PEC_GROUP): point_conversion_form_t;
+
+  function EC_GROUP_get0_seed(const x: PEC_GROUP): PByte;
+  function EC_GROUP_get_seed_len(const x: PEC_GROUP): TIdC_SIZET;
+  function EC_GROUP_set_seed(x: PEC_GROUP; const p: PByte; len: TIdC_SIZET): TIdC_SIZET;
+
+  function EC_GROUP_set_curve(group: PEC_GROUP; const p: PBIGNUM; const a: PBIGNUM; const b: PBIGNUM; ctx: PBN_CTX): TIdC_INT;
+  function EC_GROUP_get_curve(const group: PEC_GROUP; p: PBIGNUM; a: PBIGNUM; b: PBIGNUM; ctx: PBN_CTX): TIdC_INT;
+  function EC_GROUP_set_curve_GFp(group: PEC_GROUP; const p: PBIGNUM; const a: PBIGNUM; const b: PBIGNUM; ctx: PBN_CTX): TIdC_INT;
+  function EC_GROUP_get_curve_GFp(const group: PEC_GROUP; p: PBIGNUM; a: PBIGNUM; b: PBIGNUM; ctx: PBN_CTX): TIdC_INT;
+  function EC_GROUP_set_curve_GF2m(group: PEC_GROUP; const p: PBIGNUM; const a: PBIGNUM; const b:PBIGNUM; ctx: PBN_CTX): TIdC_INT;
+  function EC_GROUP_get_curve_GF2m(const group: PEC_GROUP; p: PBIGNUM; a: PBIGNUM; ctx: PBN_CTX): TIdC_INT;
+
+  function EC_GROUP_get_degree(const group: PEC_GROUP): TIdC_INT;
+  function EC_GROUP_check(const group: PEC_GROUP; ctx: PBN_CTX): TIdC_INT;
+  function EC_GROUP_check_discriminant(const group: PEC_GROUP; ctx: PBN_CTX): TIdC_INT;
+  function EC_GROUP_cmp(const a: PEC_GROUP; const b: PEC_GROUP; ctx: PBN_CTX): TIdC_INT;
+
+  function EC_GROUP_new_curve_GFp(const p: PBIGNUM; const a: PBIGNUM; const b: PBIGNUM; ctx: PBN_CTX): PEC_GROUP;
+  function EC_GROUP_new_curve_GF2m(const p: PBIGNUM; const a: PBIGNUM; const b: PBIGNUM; ctx: PBN_CTX): PEC_GROUP;
+  function EC_GROUP_new_by_curve_name(nid: TIdC_INT): PEC_GROUP;
+  function EC_GROUP_new_from_ecparameters(const params: PECPARAMETERS): PEC_GROUP;
+  function EC_GROUP_get_ecparameters(const group: PEC_GROUP; params: PECPARAMETERS): PECPARAMETERS;
+  function EC_GROUP_new_from_ecpkparameters(const params: PECPKPARAMETERS): PEC_GROUP;
+  function EC_GROUP_get_ecpkparameters(const group: PEC_GROUP; params: PECPKPARAMETERS): PECPKPARAMETERS;
+
+  function EC_get_builtin_curves(r: PEC_builtin_curve; nitems: TIdC_SIZET): TIdC_SIZET;
+
+  function EC_curve_nid2nist(nid: TIdC_INT): PIdAnsiChar;
+  function EC_curve_nist2nid(const name: PIdAnsiChar): TIdC_INT;
+
+  function EC_POINT_new(const group: PEC_GROUP): PEC_POINT;
+  procedure EC_POINT_free(point: PEC_POINT);
+  procedure EC_POINT_clear_free(point: PEC_POINT);
+  function EC_POINT_copy(dst: PEC_POINT; const src: PEC_POINT): TIdC_INT;
+  function EC_POINT_dup(const src: PEC_POINT; const group: PEC_GROUP): PEC_POINT;
+  function EC_POINT_method_of(const point: PEC_POINT): PEC_METHOD;
+  function EC_POINT_set_to_infinity(const group: PEC_GROUP; point: PEC_POINT): TIdC_INT;
+  function EC_POINT_set_Jprojective_coordinates_GFp(const group: PEC_GROUP; p: PEC_POINT; const x: PBIGNUM; const y: PBIGNUM; const z: PBIGNUM; ctx: PBN_CTX): TIdC_INT;
+  function EC_POINT_get_Jprojective_coordinates_GFp(const group: PEC_METHOD; const p: PEC_POINT; x: PBIGNUM; y: PBIGNUM; z: PBIGNUM; ctx: PBN_CTX): TIdC_INT;
+  function EC_POINT_set_affine_coordinates(const group: PEC_GROUP; p: PEC_POINT; const x: PBIGNUM; const y: PBIGNUM; ctx: PBN_CTX): TIdC_INT;
+  function EC_POINT_get_affine_coordinates(const group: PEC_GROUP; const p: PEC_POINT; x: PBIGNUM; y: PBIGNUM; ctx: PBN_CTX): TIdC_INT;
+  function EC_POINT_set_affine_coordinates_GFp(const group: PEC_GROUP; p: PEC_POINT; const x: PBIGNUM; const y: PBIGNUM; ctx: PBN_CTX): TIdC_INT;
+  function EC_POINT_get_affine_coordinates_GFp(const group: PEC_GROUP; const p: PEC_POINT; x: PBIGNUM; y: PBIGNUM; ctx: PBN_CTX): TIdC_INT;
+  function EC_POINT_set_compressed_coordinates(const group: PEC_GROUP; p: PEC_POINT; x: PBIGNUM; y_bit: TIdC_INT; ctx: PBN_CTX): TIdC_INT;
+  function EC_POINT_set_compressed_coordinates_GFp(const group: PEC_GROUP; p: PEC_POINT; const x: PBIGNUM; y_bit: TIdC_INT; ctx: PBN_CTX): TIdC_INT;
+  function EC_POINT_set_affine_coordinates_GF2m(const group: PEC_GROUP; p: PEC_POINT; const x: PBIGNUM; const y: PBIGNUM; ctx: PBN_CTX): TIdC_INT;
+  function EC_POINT_get_affine_coordinates_GF2m(const group: PEC_GROUP; p: PEC_POINT; x: PBIGNUM; y: PBIGNUM; ctx: PBN_CTX): TIdC_INT;
+  function EC_POINT_set_compressed_coordinates_GF2m(const group: PEC_GROUP; p: PEC_POINT; const x: PBIGNUM; y_bit: TIdC_INT; ctx: PBN_CTX): TIdC_INT;
+
+  function EC_POINT_point2oct(const group: PEC_GROUP; const p: PEC_POINT; form: point_conversion_form_t; buf: PByte; len: TIdC_SIZET; ctx: PBN_CTX): TIdC_SIZET;
+  function EC_POINT_oct2point(const group: PEC_GROUP; p: PEC_POINT; const buf: PByte; len: TIdC_SIZET; ctx: PBN_CTX): TIdC_INT;
+  function EC_POINT_point2buf(const group: PEC_GROUP; const point: PEC_POINT; form: point_conversion_form_t; pbuf: PPByte; ctx: PBN_CTX): TIdC_SIZET;
+  function EC_POINT_point2bn(const group: PEC_GROUP; const p: PEC_POINT; form: point_conversion_form_t; bn: PBIGNUM; ctx: PBN_CTX): PBIGNUM;
+  function EC_POINT_bn2point(const group: PEC_GROUP; const bn: PBIGNUM; p: PEC_POINT; ctx: PBN_CTX): PEC_POINT;
+  function EC_POINT_point2hex(const group: PEC_GROUP; const p: PEC_POINT; form: point_conversion_form_t; ctx: PBN_CTX): PIdAnsiChar;
+  function EC_POINT_hex2point(const group: PEC_GROUP; const buf: PIdAnsiChar; p: PEC_POINT; ctx: PBN_CTX): PEC_POINT;
+
+  function EC_POINT_add(const group: PEC_GROUP; r: PEC_POINT; const a: PEC_POINT; const b: PEC_POINT; ctx: PBN_CTX): TIdC_INT;
+  function EC_POINT_dbl(const group: PEC_GROUP; r: PEC_POINT; const a: PEC_POINT; ctx: PBN_CTX): TIdC_INT;
+  function EC_POINT_invert(const group: PEC_GROUP; a: PEC_POINT; ctx: PBN_CTX): TIdC_INT;
+  function EC_POINT_is_at_infinity(const group: PEC_GROUP; const p: PEC_POINT): TIdC_INT;
+  function EC_POINT_is_on_curve(const group: PEC_GROUP; const point: PEC_POINT; ctx: PBN_CTX): TIdC_INT;
+  function EC_POINT_cmp(const group: PEC_GROUP; const a: PEC_POINT; const b: PEC_POINT; ctx: PBN_CTX): TIdC_INT;
+  function EC_POINT_make_affine(const group: PEC_GROUP; point: PEC_POINT; ctx: PBN_CTX): TIdC_INT;
+  function EC_POINTs_make_affine(const group: PEC_METHOD; num: TIdC_SIZET; points: PPEC_POINT; ctx: PBN_CTX): TIdC_INT;
+  function EC_POINTs_mul(const group: PEC_GROUP; r: PEC_POINT; const n: PBIGNUM; num: TIdC_SIZET; const p: PPEC_POINT; const m: PPBIGNUM; ctx: PBN_CTX): TIdC_INT;
+  function EC_POINT_mul(const group: PEC_GROUP; r: PEC_POINT; const n: PBIGNUM; const q: PEC_POINT; const m: PBIGNUM; ctx: PBN_CTX): TIdC_INT;
+
+  function EC_GROUP_precompute_mult(group: PEC_GROUP; ctx: PBN_CTX): TIdC_INT;
+  function EC_GROUP_have_precompute_mult(const group: PEC_GROUP): TIdC_INT;
+
+  function ECPKPARAMETERS_it: PASN1_ITEM;
+  function ECPKPARAMETERS_new: PECPKPARAMETERS;
+  procedure ECPKPARAMETERS_free(a: PECPKPARAMETERS);
+
+  function ECPARAMETERS_it: PASN1_ITEM;
+  function ECPARAMETERS_new: PECPARAMETERS;
+  procedure ECPARAMETERS_free(a: PECPARAMETERS);
+
+  function EC_GROUP_get_basis_type(const group: PEC_GROUP): TIdC_INT;
+  function EC_GROUP_get_trinomial_basis(const group: PEC_GROUP; k: PIdC_UINT): TIdC_INT;
+  function EC_GROUP_get_pentanomial_basis(const group: PEC_GROUP; k1: PIdC_UINT; k2: PIdC_UINT; k3: PIdC_UINT): TIdC_INT;
+
+  function d2i_ECPKParameters(group: PPEC_GROUP; const &in: PPByte; len: TIdC_LONG): PEC_GROUP;
+  function i2d_ECPKParameters(const group: PEC_GROUP; &out: PPByte): TIdC_INT;
+
+  function ECPKParameters_print(bp: PBIO; const x: PEC_GROUP; off: TIdC_INT): TIdC_INT;
+
+  function EC_KEY_new: PEC_KEY;
+  function EC_KEY_get_flags(const key: PEC_KEY): TIdC_INT;
+  procedure EC_KEY_set_flags(key: PEC_KEY; flags: TIdC_INT);
+  procedure EC_KEY_clear_flags(key: PEC_KEY; flags: TIdC_INT);
+  function EC_KEY_new_by_curve_name(nid: TIdC_INT): PEC_KEY;
+  procedure EC_KEY_free(key: PEC_KEY);
+  function EC_KEY_copy(dst: PEC_KEY; const src: PEC_KEY): PEC_KEY;
+  function EC_KEY_dup(const src: PEC_KEY): PEC_KEY;
+  function EC_KEY_up_ref(key: PEC_KEY): TIdC_INT;
+  function EC_KEY_get0_engine(const eckey: PEC_KEY): PENGINE;
+  function EC_KEY_get0_group(const key: PEC_KEY): PEC_GROUP;
+  function EC_KEY_set_group(key: PEC_KEY; const group: PEC_GROUP): TIdC_INT;
+  function EC_KEY_get0_private_key(const key: PEC_KEY): PBIGNUM;
+  function EC_KEY_set_private_key(const key: PEC_KEY; const prv: PBIGNUM): TIdC_INT;
+  function EC_KEY_get0_public_key(const key: PEC_KEY): PEC_POINT;
+  function EC_KEY_set_public_key(key: PEC_KEY; const pub: PEC_POINT): TIdC_INT;
+  function EC_KEY_get_enc_flags(const key: PEC_KEY): TIdC_UINT;
+  procedure EC_KEY_set_enc_flags(eckey: PEC_KEY; flags: TIdC_UINT);
+  function EC_KEY_get_conv_form(const key: Pec_key_st): point_conversion_form_t;
+  procedure EC_KEY_set_conv_form(eckey: PEC_KEY; cform: point_conversion_form_t);
+  function EC_KEY_set_ex_data(key: PEC_KEY; idx: TIdC_INT; arg: Pointer): TIdC_INT;
+  function EC_KEY_get_ex_data(const key: PEC_KEY; idx: TIdC_INT): Pointer;
+  procedure EC_KEY_set_asn1_flag(eckey: PEC_KEY; asn1_flag: TIdC_INT);
+  function EC_KEY_precompute_mult(key: PEC_KEY; ctx: PBN_CTX): TIdC_INT;
+  function EC_KEY_generate_key(key: PEC_KEY): TIdC_INT;
+  function EC_KEY_check_key(const key: PEC_KEY): TIdC_INT;
+  function EC_KEY_can_sign(const eckey: PEC_KEY): TIdC_INT;
+  function EC_KEY_set_public_key_affine_coordinates(key: PEC_KEY; x: PBIGNUM; y: PBIGNUM): TIdC_INT;
+  function EC_KEY_key2buf(const key: PEC_KEY; form: point_conversion_form_t; pbuf: PPByte; ctx: PBN_CTX): TIdC_SIZET;
+  function EC_KEY_oct2key(key: PEC_KEY; const buf: PByte; len: TIdC_SIZET; ctx: PBN_CTX): TIdC_INT;
+  function EC_KEY_oct2priv(key: PEC_KEY; const buf: PByte; len: TIdC_SIZET): TIdC_INT;
+  function EC_KEY_priv2oct(const key: PEC_KEY; buf: PByte; len: TIdC_SIZET): TIdC_SIZET;
+  function EC_KEY_priv2buf(const eckey: PEC_KEY; buf: PPByte): TIdC_SIZET;
+
+  function d2i_ECPrivateKey(key: PPEC_KEY; const &in: PPByte; len: TIdC_LONG): PEC_KEY;
+  function i2d_ECPrivateKey(key: PEC_KEY; &out: PPByte): TIdC_INT;
+  function o2i_ECPublicKey(key: PPEC_KEY; const &in: PPByte; len: TIdC_LONG): PEC_KEY;
+  function i2o_ECPublicKey(const key: PEC_KEY; &out: PPByte): TIdC_INT;
+
+  function ECParameters_print(bp: PBIO; const key: PEC_KEY): TIdC_INT;
+  function EC_KEY_print(bp: PBIO; const key: PEC_KEY; off: TIdC_INT): TIdC_INT;
+
+  function EC_KEY_OpenSSL: PEC_KEY_METHOD;
+  function EC_KEY_get_default_method: PEC_KEY_METHOD;
+  procedure EC_KEY_set_default_method(const meth: PEC_KEY_METHOD);
+  function EC_KEY_get_method(const key: PEC_KEY): PEC_KEY_METHOD;
+  function EC_KEY_set_method(key: PEC_KEY; const meth: PEC_KEY_METHOD): TIdC_INT;
+  function EC_KEY_new_method(engine: PENGINE): PEC_KEY;
+
+  function ECDH_KDF_X9_62(&out: PByte; outlen: TIdC_SIZET; const Z: PByte; Zlen: TIdC_SIZET; const sinfo: PByte; sinfolen: TIdC_SIZET; const md: PEVP_MD): TIdC_INT;
+  function ECDH_compute_key(&out: Pointer; oulen: TIdC_SIZET; const pub_key: PEC_POINT; const ecdh: PEC_KEY; kdf: ECDH_compute_key_KDF): TIdC_INT;
+
+  function ECDSA_SIG_new: PECDSA_SIG;
+  procedure ECDSA_SIG_free(sig: PECDSA_SIG);
+  function i2d_ECDSA_SIG(const sig: PECDSA_SIG; pp: PPByte): TIdC_INT;
+  function d2i_ECDSA_SIG(sig: PPECDSA_SIG; const pp: PPByte; len: TIdC_LONG): PECDSA_SIG;
+  procedure ECDSA_SIG_get0(const sig: PECDSA_SIG; const pr: PPBIGNUM; const ps: PPBIGNUM);
+  function ECDSA_SIG_get0_r(const sig: PECDSA_SIG): PBIGNUM;
+  function ECDSA_SIG_get0_s(const sig: PECDSA_SIG): PBIGNUM;
+  function ECDSA_SIG_set0(sig: PECDSA_SIG; r: PBIGNUM; s: PBIGNUM): TIdC_INT;
+  function ECDSA_do_sign(const dgst: PByte; dgst_len: TIdC_INT; eckey: PEC_KEY): PECDSA_SIG;
+  function ECDSA_do_sign_ex(const dgst: PByte; dgst_len: TIdC_INT; const kinv: PBIGNUM; const rp: PBIGNUM; eckey: PEC_KEY): PECDSA_SIG;
+  function ECDSA_do_verify(const dgst: PByte; dgst_len: TIdC_INT; const sig: PECDSA_SIG; eckey: PEC_KEY): TIdC_INT;
+  function ECDSA_sign_setup(eckey: PEC_KEY; ctx: PBN_CTX; kiv: PPBIGNUM; rp: PPBIGNUM): TIdC_INT;
+  function ECDSA_sign(&type: TIdC_INT; const dgst: PByte; dgstlen: TIdC_INT; sig: PByte; siglen: PIdC_UINT; eckey: PEC_KEY): TIdC_INT;
+  function ECDSA_sign_ex(&type: TIdC_INT; const dgst: PByte; dgstlen: TIdC_INT; sig: PByte; siglen: PIdC_UINT; const kinv: PBIGNUM; const rp: PBIGNUM; eckey: PEC_KEY): TIdC_INT;
+  function ECDSA_verify(&type: TIdC_INT; const dgst: PByte; dgstlen: TIdC_INT; const sig: PByte; siglen: TIdC_INT; eckey: PEC_KEY): TIdC_INT;
+  function ECDSA_size(const eckey: PEC_KEY): TIdC_INT;
+
+  function EC_KEY_METHOD_new(const meth: PEC_KEY_METHOD): PEC_KEY_METHOD;
+  procedure EC_KEY_METHOD_free(meth: PEC_KEY_METHOD);
+  procedure EC_KEY_METHOD_set_init(meth: PEC_KEY_METHOD; init: EC_KEY_METHOD_init_init; finish: EC_KEY_METHOD_init_finish; copy: EC_KEY_METHOD_init_copy; set_group: EC_KEY_METHOD_init_set_group; set_private: EC_KEY_METHOD_init_set_private; set_public: EC_KEY_METHOD_init_set_public);
+  procedure EC_KEY_METHOD_set_keygen(meth: PEC_KEY_METHOD; keygen: EC_KEY_METHOD_keygen_keygen);
+  procedure EC_KEY_METHOD_set_compute_key(meth: PEC_KEY_METHOD; ckey: EC_KEY_METHOD_compute_key_ckey);
+  procedure EC_KEY_METHOD_set_sign(meth: PEC_KEY_METHOD; sign: EC_KEY_METHOD_sign_sign; sign_setup: EC_KEY_METHOD_sign_sign_setup; sign_sig: EC_KEY_METHOD_sign_sign_sig);
+  procedure EC_KEY_METHOD_set_verify(meth: PEC_KEY_METHOD; verify: EC_KEY_METHOD_verify_verify; verify_sig: EC_KEY_METHOD_verify_verify_sig);
+
+  procedure EC_KEY_METHOD_get_init(const meth: PEC_KEY_METHOD; pinit: PEC_KEY_METHOD_init_init; pfinish: PEC_KEY_METHOD_init_finish; pcopy: PEC_KEY_METHOD_init_copy; pset_group: PEC_KEY_METHOD_init_set_group; pset_private: PEC_KEY_METHOD_init_set_private; pset_public: PEC_KEY_METHOD_init_set_public);
+  procedure EC_KEY_METHOD_get_keygen(const meth: PEC_KEY_METHOD; pkeygen: PEC_KEY_METHOD_keygen_keygen);
+  procedure EC_KEY_METHOD_get_compute_key(const meth: PEC_KEY_METHOD; pck: PEC_KEY_METHOD_compute_key_ckey);
+  procedure EC_KEY_METHOD_get_sign(const meth: PEC_KEY_METHOD; psign: PEC_KEY_METHOD_sign_sign; psign_setup: PEC_KEY_METHOD_sign_sign_setup; psign_sig: PEC_KEY_METHOD_sign_sign_sig);
+  procedure EC_KEY_METHOD_get_verify(const meth: PEC_KEY_METHOD; pverify: PEC_KEY_METHOD_verify_verify; pverify_sig: PEC_KEY_METHOD_verify_verify_sig);
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ecerr.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ecerr.pas
new file mode 100644
index 000000000..9b1547540
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ecerr.pas
@@ -0,0 +1,294 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+unit IdOpenSSLHeaders_ecerr;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// ecerr.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+const
+  (*
+   * EC function codes.
+   *)
+  EC_F_BN_TO_FELEM = 224;
+  EC_F_D2I_ECPARAMETERS = 144;
+  EC_F_D2I_ECPKPARAMETERS = 145;
+  EC_F_D2I_ECPRIVATEKEY = 146;
+  EC_F_DO_EC_KEY_PRINT = 221;
+  EC_F_ECDH_CMS_DECRYPT = 238;
+  EC_F_ECDH_CMS_SET_SHARED_INFO = 239;
+  EC_F_ECDH_COMPUTE_KEY = 246;
+  EC_F_ECDH_SIMPLE_COMPUTE_KEY = 257;
+  EC_F_ECDSA_DO_SIGN_EX = 251;
+  EC_F_ECDSA_DO_VERIFY = 252;
+  EC_F_ECDSA_SIGN_EX = 254;
+  EC_F_ECDSA_SIGN_SETUP = 248;
+  EC_F_ECDSA_SIG_NEW = 265;
+  EC_F_ECDSA_VERIFY = 253;
+  EC_F_ECD_ITEM_VERIFY = 270;
+  EC_F_ECKEY_PARAM2TYPE = 223;
+  EC_F_ECKEY_PARAM_DECODE = 212;
+  EC_F_ECKEY_PRIV_DECODE = 213;
+  EC_F_ECKEY_PRIV_ENCODE = 214;
+  EC_F_ECKEY_PUB_DECODE = 215;
+  EC_F_ECKEY_PUB_ENCODE = 216;
+  EC_F_ECKEY_TYPE2PARAM = 220;
+  EC_F_ECPARAMETERS_PRINT = 147;
+  EC_F_ECPARAMETERS_PRINT_FP = 148;
+  EC_F_ECPKPARAMETERS_PRINT = 149;
+  EC_F_ECPKPARAMETERS_PRINT_FP = 150;
+  EC_F_ECP_NISTZ256_GET_AFFINE = 240;
+  EC_F_ECP_NISTZ256_INV_MOD_ORD = 275;
+  EC_F_ECP_NISTZ256_MULT_PRECOMPUTE = 243;
+  EC_F_ECP_NISTZ256_POINTS_MUL = 241;
+  EC_F_ECP_NISTZ256_PRE_COMP_NEW = 244;
+  EC_F_ECP_NISTZ256_WINDOWED_MUL = 242;
+  EC_F_ECX_KEY_OP = 266;
+  EC_F_ECX_PRIV_ENCODE = 267;
+  EC_F_ECX_PUB_ENCODE = 268;
+  EC_F_EC_ASN1_GROUP2CURVE = 153;
+  EC_F_EC_ASN1_GROUP2FIELDID = 154;
+  EC_F_EC_GF2M_MONTGOMERY_POINT_MULTIPLY = 208;
+  EC_F_EC_GF2M_SIMPLE_FIELD_INV = 296;
+  EC_F_EC_GF2M_SIMPLE_GROUP_CHECK_DISCRIMINANT = 159;
+  EC_F_EC_GF2M_SIMPLE_GROUP_SET_CURVE = 195;
+  EC_F_EC_GF2M_SIMPLE_LADDER_POST = 285;
+  EC_F_EC_GF2M_SIMPLE_LADDER_PRE = 288;
+  EC_F_EC_GF2M_SIMPLE_OCT2POINT = 160;
+  EC_F_EC_GF2M_SIMPLE_POINT2OCT = 161;
+  EC_F_EC_GF2M_SIMPLE_POINTS_MUL = 289;
+  EC_F_EC_GF2M_SIMPLE_POINT_GET_AFFINE_COORDINATES = 162;
+  EC_F_EC_GF2M_SIMPLE_POINT_SET_AFFINE_COORDINATES = 163;
+  EC_F_EC_GF2M_SIMPLE_SET_COMPRESSED_COORDINATES = 164;
+  EC_F_EC_GFP_MONT_FIELD_DECODE = 133;
+  EC_F_EC_GFP_MONT_FIELD_ENCODE = 134;
+  EC_F_EC_GFP_MONT_FIELD_INV = 297;
+  EC_F_EC_GFP_MONT_FIELD_MUL = 131;
+  EC_F_EC_GFP_MONT_FIELD_SET_TO_ONE = 209;
+  EC_F_EC_GFP_MONT_FIELD_SQR = 132;
+  EC_F_EC_GFP_MONT_GROUP_SET_CURVE = 189;
+  EC_F_EC_GFP_NISTP224_GROUP_SET_CURVE = 225;
+  EC_F_EC_GFP_NISTP224_POINTS_MUL = 228;
+  EC_F_EC_GFP_NISTP224_POINT_GET_AFFINE_COORDINATES = 226;
+  EC_F_EC_GFP_NISTP256_GROUP_SET_CURVE = 230;
+  EC_F_EC_GFP_NISTP256_POINTS_MUL = 231;
+  EC_F_EC_GFP_NISTP256_POINT_GET_AFFINE_COORDINATES = 232;
+  EC_F_EC_GFP_NISTP521_GROUP_SET_CURVE = 233;
+  EC_F_EC_GFP_NISTP521_POINTS_MUL = 234;
+  EC_F_EC_GFP_NISTP521_POINT_GET_AFFINE_COORDINATES = 235;
+  EC_F_EC_GFP_NIST_FIELD_MUL = 200;
+  EC_F_EC_GFP_NIST_FIELD_SQR = 201;
+  EC_F_EC_GFP_NIST_GROUP_SET_CURVE = 202;
+  EC_F_EC_GFP_SIMPLE_BLIND_COORDINATES = 287;
+  EC_F_EC_GFP_SIMPLE_FIELD_INV = 298;
+  EC_F_EC_GFP_SIMPLE_GROUP_CHECK_DISCRIMINANT = 165;
+  EC_F_EC_GFP_SIMPLE_GROUP_SET_CURVE = 166;
+  EC_F_EC_GFP_SIMPLE_MAKE_AFFINE = 102;
+  EC_F_EC_GFP_SIMPLE_OCT2POINT = 103;
+  EC_F_EC_GFP_SIMPLE_POINT2OCT = 104;
+  EC_F_EC_GFP_SIMPLE_POINTS_MAKE_AFFINE = 137;
+  EC_F_EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES = 167;
+  EC_F_EC_GFP_SIMPLE_POINT_SET_AFFINE_COORDINATES = 168;
+  EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES = 169;
+  EC_F_EC_GROUP_CHECK = 170;
+  EC_F_EC_GROUP_CHECK_DISCRIMINANT = 171;
+  EC_F_EC_GROUP_COPY = 106;
+  EC_F_EC_GROUP_GET_CURVE = 291;
+  EC_F_EC_GROUP_GET_CURVE_GF2M = 172;
+  EC_F_EC_GROUP_GET_CURVE_GFP = 130;
+  EC_F_EC_GROUP_GET_DEGREE = 173;
+  EC_F_EC_GROUP_GET_ECPARAMETERS = 261;
+  EC_F_EC_GROUP_GET_ECPKPARAMETERS = 262;
+  EC_F_EC_GROUP_GET_PENTANOMIAL_BASIS = 193;
+  EC_F_EC_GROUP_GET_TRINOMIAL_BASIS = 194;
+  EC_F_EC_GROUP_NEW = 108;
+  EC_F_EC_GROUP_NEW_BY_CURVE_NAME = 174;
+  EC_F_EC_GROUP_NEW_FROM_DATA = 175;
+  EC_F_EC_GROUP_NEW_FROM_ECPARAMETERS = 263;
+  EC_F_EC_GROUP_NEW_FROM_ECPKPARAMETERS = 264;
+  EC_F_EC_GROUP_SET_CURVE = 292;
+  EC_F_EC_GROUP_SET_CURVE_GF2M = 176;
+  EC_F_EC_GROUP_SET_CURVE_GFP = 109;
+  EC_F_EC_GROUP_SET_GENERATOR = 111;
+  EC_F_EC_GROUP_SET_SEED = 286;
+  EC_F_EC_KEY_CHECK_KEY = 177;
+  EC_F_EC_KEY_COPY = 178;
+  EC_F_EC_KEY_GENERATE_KEY = 179;
+  EC_F_EC_KEY_NEW = 182;
+  EC_F_EC_KEY_NEW_METHOD = 245;
+  EC_F_EC_KEY_OCT2PRIV = 255;
+  EC_F_EC_KEY_PRINT = 180;
+  EC_F_EC_KEY_PRINT_FP = 181;
+  EC_F_EC_KEY_PRIV2BUF = 279;
+  EC_F_EC_KEY_PRIV2OCT = 256;
+  EC_F_EC_KEY_SET_PUBLIC_KEY_AFFINE_COORDINATES = 229;
+  EC_F_EC_KEY_SIMPLE_CHECK_KEY = 258;
+  EC_F_EC_KEY_SIMPLE_OCT2PRIV = 259;
+  EC_F_EC_KEY_SIMPLE_PRIV2OCT = 260;
+  EC_F_EC_PKEY_CHECK = 273;
+  EC_F_EC_PKEY_PARAM_CHECK = 274;
+  EC_F_EC_POINTS_MAKE_AFFINE = 136;
+  EC_F_EC_POINTS_MUL = 290;
+  EC_F_EC_POINT_ADD = 112;
+  EC_F_EC_POINT_BN2POINT = 280;
+  EC_F_EC_POINT_CMP = 113;
+  EC_F_EC_POINT_COPY = 114;
+  EC_F_EC_POINT_DBL = 115;
+  EC_F_EC_POINT_GET_AFFINE_COORDINATES = 293;
+  EC_F_EC_POINT_GET_AFFINE_COORDINATES_GF2M = 183;
+  EC_F_EC_POINT_GET_AFFINE_COORDINATES_GFP = 116;
+  EC_F_EC_POINT_GET_JPROJECTIVE_COORDINATES_GFP = 117;
+  EC_F_EC_POINT_INVERT = 210;
+  EC_F_EC_POINT_IS_AT_INFINITY = 118;
+  EC_F_EC_POINT_IS_ON_CURVE = 119;
+  EC_F_EC_POINT_MAKE_AFFINE = 120;
+  EC_F_EC_POINT_NEW = 121;
+  EC_F_EC_POINT_OCT2POINT = 122;
+  EC_F_EC_POINT_POINT2BUF = 281;
+  EC_F_EC_POINT_POINT2OCT = 123;
+  EC_F_EC_POINT_SET_AFFINE_COORDINATES = 294;
+  EC_F_EC_POINT_SET_AFFINE_COORDINATES_GF2M = 185;
+  EC_F_EC_POINT_SET_AFFINE_COORDINATES_GFP = 124;
+  EC_F_EC_POINT_SET_COMPRESSED_COORDINATES = 295;
+  EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GF2M = 186;
+  EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GFP = 125;
+  EC_F_EC_POINT_SET_JPROJECTIVE_COORDINATES_GFP = 126;
+  EC_F_EC_POINT_SET_TO_INFINITY = 127;
+  EC_F_EC_PRE_COMP_NEW = 196;
+  EC_F_EC_SCALAR_MUL_LADDER = 284;
+  EC_F_EC_WNAF_MUL = 187;
+  EC_F_EC_WNAF_PRECOMPUTE_MULT = 188;
+  EC_F_I2D_ECPARAMETERS = 190;
+  EC_F_I2D_ECPKPARAMETERS = 191;
+  EC_F_I2D_ECPRIVATEKEY = 192;
+  EC_F_I2O_ECPUBLICKEY = 151;
+  EC_F_NISTP224_PRE_COMP_NEW = 227;
+  EC_F_NISTP256_PRE_COMP_NEW = 236;
+  EC_F_NISTP521_PRE_COMP_NEW = 237;
+  EC_F_O2I_ECPUBLICKEY = 152;
+  EC_F_OLD_EC_PRIV_DECODE = 222;
+  EC_F_OSSL_ECDH_COMPUTE_KEY = 247;
+  EC_F_OSSL_ECDSA_SIGN_SIG = 249;
+  EC_F_OSSL_ECDSA_VERIFY_SIG = 250;
+  EC_F_PKEY_ECD_CTRL = 271;
+  EC_F_PKEY_ECD_DIGESTSIGN = 272;
+  EC_F_PKEY_ECD_DIGESTSIGN25519 = 276;
+  EC_F_PKEY_ECD_DIGESTSIGN448 = 277;
+  EC_F_PKEY_ECX_DERIVE = 269;
+  EC_F_PKEY_EC_CTRL = 197;
+  EC_F_PKEY_EC_CTRL_STR = 198;
+  EC_F_PKEY_EC_DERIVE = 217;
+  EC_F_PKEY_EC_INIT = 282;
+  EC_F_PKEY_EC_KDF_DERIVE = 283;
+  EC_F_PKEY_EC_KEYGEN = 199;
+  EC_F_PKEY_EC_PARAMGEN = 219;
+  EC_F_PKEY_EC_SIGN = 218;
+  EC_F_VALIDATE_ECX_DERIVE = 278;
+
+  (*
+   * EC reason codes.
+   *)
+  EC_R_ASN1_ERROR =   115;
+  EC_R_BAD_SIGNATURE =   156;
+  EC_R_BIGNUM_OUT_OF_RANGE =  144;
+  EC_R_BUFFER_TOO_SMALL =  100;
+  EC_R_CANNOT_INVERT =   165;
+  EC_R_COORDINATES_OUT_OF_RANGE =  146;
+  EC_R_CURVE_DOES_NOT_SUPPORT_ECDH =  160;
+  EC_R_CURVE_DOES_NOT_SUPPORT_SIGNING = 159;
+  EC_R_D2I_ECPKPARAMETERS_FAILURE =  117;
+  EC_R_DECODE_ERROR =   142;
+  EC_R_DISCRIMINANT_IS_ZERO =  118;
+  EC_R_EC_GROUP_NEW_BY_NAME_FAILURE =  119;
+  EC_R_FIELD_TOO_LARGE =  143;
+  EC_R_GF2M_NOT_SUPPORTED =  147;
+  EC_R_GROUP2PKPARAMETERS_FAILURE =  120;
+  EC_R_I2D_ECPKPARAMETERS_FAILURE =  121;
+  EC_R_INCOMPATIBLE_OBJECTS =  101;
+  EC_R_INVALID_ARGUMENT =  112;
+  EC_R_INVALID_COMPRESSED_POINT =  110;
+  EC_R_INVALID_COMPRESSION_BIT =  109;
+  EC_R_INVALID_CURVE =   141;
+  EC_R_INVALID_DIGEST =  151;
+  EC_R_INVALID_DIGEST_TYPE =  138;
+  EC_R_INVALID_ENCODING =  102;
+  EC_R_INVALID_FIELD =   103;
+  EC_R_INVALID_FORM =   104;
+  EC_R_INVALID_GROUP_ORDER =  122;
+  EC_R_INVALID_KEY =   116;
+  EC_R_INVALID_OUTPUT_LENGTH =  161;
+  EC_R_INVALID_PEER_KEY =  133;
+  EC_R_INVALID_PENTANOMIAL_BASIS =  132;
+  EC_R_INVALID_PRIVATE_KEY =  123;
+  EC_R_INVALID_TRINOMIAL_BASIS =  137;
+  EC_R_KDF_PARAMETER_ERROR =  148;
+  EC_R_KEYS_NOT_SET =   140;
+  EC_R_LADDER_POST_FAILURE =  136;
+  EC_R_LADDER_PRE_FAILURE =  153;
+  EC_R_LADDER_STEP_FAILURE =  162;
+  EC_R_MISSING_PARAMETERS =  124;
+  EC_R_MISSING_PRIVATE_KEY =  125;
+  EC_R_NEED_NEW_SETUP_VALUES =  157;
+  EC_R_NOT_A_NIST_PRIME =  135;
+  EC_R_NOT_IMPLEMENTED =  126;
+  EC_R_NOT_INITIALIZED =  111;
+  EC_R_NO_PARAMETERS_SET =  139;
+  EC_R_NO_PRIVATE_VALUE =  154;
+  EC_R_OPERATION_NOT_SUPPORTED =  152;
+  EC_R_PASSED_NULL_PARAMETER =  134;
+  EC_R_PEER_KEY_ERROR =  149;
+  EC_R_PKPARAMETERS2GROUP_FAILURE =  127;
+  EC_R_POINT_ARITHMETIC_FAILURE =  155;
+  EC_R_POINT_AT_INFINITY =  106;
+  EC_R_POINT_COORDINATES_BLIND_FAILURE = 163;
+  EC_R_POINT_IS_NOT_ON_CURVE =  107;
+  EC_R_RANDOM_NUMBER_GENERATION_FAILED = 158;
+  EC_R_SHARED_INFO_ERROR =  150;
+  EC_R_SLOT_FULL =   108;
+  EC_R_UNDEFINED_GENERATOR =  113;
+  EC_R_UNDEFINED_ORDER =  128;
+  EC_R_UNKNOWN_COFACTOR =  164;
+  EC_R_UNKNOWN_GROUP =   129;
+  EC_R_UNKNOWN_ORDER =   114;
+  EC_R_UNSUPPORTED_FIELD =  131;
+  EC_R_WRONG_CURVE_PARAMETERS =  145;
+  EC_R_WRONG_ORDER =   130;
+
+var
+  function ERR_load_EC_strings: TIdC_INT;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_engine.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_engine.pas
new file mode 100644
index 000000000..7e6726c5b
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_engine.pas
@@ -0,0 +1,713 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+unit IdOpenSSLHeaders_engine;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// engine.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts,
+  IdOpenSSLHeaders_ossl_typ,
+  IdOpenSSLHeaders_ec;
+
+const
+  (*
+   * These flags are used to control combinations of algorithm (methods) by
+   * bitwise "OR"ing.
+   *)
+  ENGINE_METHOD_RSA               = TIdC_UINT($0001);
+  ENGINE_METHOD_DSA               = TIdC_UINT($0002);
+  ENGINE_METHOD_DH                = TIdC_UINT($0004);
+  ENGINE_METHOD_RAND              = TIdC_UINT($0008);
+  ENGINE_METHOD_CIPHERS           = TIdC_UINT($0040);
+  ENGINE_METHOD_DIGESTS           = TIdC_UINT($0080);
+  ENGINE_METHOD_PKEY_METHS        = TIdC_UINT($0200);
+  ENGINE_METHOD_PKEY_ASN1_METHS   = TIdC_UINT($0400);
+  ENGINE_METHOD_EC                = TIdC_UINT($0800);
+  (* Obvious all-or-nothing cases. *)
+  ENGINE_METHOD_ALL               = TIdC_UINT($FFFF);
+  ENGINE_METHOD_NONE              = TIdC_UINT($0000);
+
+  //
+  // This(ese) flag(s) controls behaviour of the ENGINE_TABLE mechanism used
+  // internally to control registration of ENGINE implementations, and can be
+  // set by ENGINE_set_table_flags(). The "NOINIT" flag prevents attempts to
+  // initialise registered ENGINEs if they are not already initialised.
+  //
+  ENGINE_TABLE_FLAG_NOINIT        = TIdC_UINT($0001);
+
+  //
+  // This flag is for ENGINEs that wish to handle the various 'CMD'-related
+  // control commands on their own. Without this flag, ENGINE_ctrl() handles
+  // these control commands on behalf of the ENGINE using their "cmd_defns"
+  // data.
+  //
+  ENGINE_FLAGS_MANUAL_CMD_CTRL    = TIdC_INT($0002);
+
+  //
+  // This flag is for ENGINEs who return new duplicate structures when found
+  // via "ENGINE_by_id()". When an ENGINE must store state (eg. if
+  // ENGINE_ctrl() commands are called in sequence as part of some stateful
+  // process like key-generation setup and execution), it can set this flag -
+  // then each attempt to obtain the ENGINE will result in it being copied intoo
+  // a new structure. Normally, ENGINEs don't declare this flag so
+  // ENGINE_by_id() just increments the existing ENGINE's structural reference
+  // count.
+  //
+  ENGINE_FLAGS_BY_ID_COPY         = TIdC_INT($0004);
+
+  //
+  // This flag if for an ENGINE that does not want its methods registered as
+  // part of ENGINE_register_all_complete() for example if the methods are not
+  // usable as default methods.
+  //
+
+  ENGINE_FLAGS_NO_REGISTER_ALL    = TIdC_INT($0008);
+
+  //
+  // ENGINEs can support their own command types, and these flags are used in
+  // ENGINE_CTRL_GET_CMD_FLAGS to indicate to the caller what kind of input
+  // each command expects. Currently only numeric and string input is
+  // supported. If a control command supports none of the _NUMERIC, _STRING, or
+  // _NO_INPUT options, then it is regarded as an "internal" control command -
+  // and not for use in config setting situations. As such, they're not
+  // available to the ENGINE_ctrl_cmd_string() function, only raw ENGINE_ctrl()
+  // access. Changes to this list of 'command types' should be reflected
+  // carefully in ENGINE_cmd_is_executable() and ENGINE_ctrl_cmd_string().
+  //
+
+  // accepts a 'long' input value (3rd parameter to ENGINE_ctrl) */
+  ENGINE_CMD_FLAG_NUMERIC         = TIdC_UINT($0001);
+  //
+  // accepts string input (cast from 'void*' to 'const char *', 4th parameter
+  // to ENGINE_ctrl)
+  //
+  ENGINE_CMD_FLAG_STRING          = TIdC_UINT($0002);
+  //
+  // Indicates that the control command takes *no* input. Ie. the control
+  // command is unparameterised.
+  //
+  ENGINE_CMD_FLAG_NO_INPUT        = TIdC_UINT($0004);
+  //
+  // Indicates that the control command is internal. This control command won't
+  // be shown in any output, and is only usable through the ENGINE_ctrl_cmd()
+  // function.
+  //
+  ENGINE_CMD_FLAG_INTERNAL        = TIdC_UINT($0008);
+
+  //
+  // NB: These 3 control commands are deprecated and should not be used.
+  // ENGINEs relying on these commands should compile conditional support for
+  // compatibility (eg. if these symbols are defined) but should also migrate
+  // the same functionality to their own ENGINE-specific control functions that
+  // can be "discovered" by calling applications. The fact these control
+  // commands wouldn't be "executable" (ie. usable by text-based config)
+  // doesn't change the fact that application code can find and use them
+  // without requiring per-ENGINE hacking.
+  //
+
+  //
+  // These flags are used to tell the ctrl function what should be done. All
+  // command numbers are shared between all engines, even if some don't make
+  // sense to some engines.  In such a case, they do nothing but return the
+  // error ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED.
+  //
+  ENGINE_CTRL_SET_LOGSTREAM              = 1;
+  ENGINE_CTRL_SET_PASSWORD_CALLBACK      = 2;
+  ENGINE_CTRL_HUP                        = 3;// Close and reinitialise
+                                             // any handles/connections
+                                             // etc.
+  ENGINE_CTRL_SET_USER_INTERFACE         = 4;// Alternative to callback
+  ENGINE_CTRL_SET_CALLBACK_DATA          = 5;// User-specific data, used
+                                             // when calling the password
+                                             // callback and the user
+                                             // interface
+  ENGINE_CTRL_LOAD_CONFIGURATION         = 6;// Load a configuration,
+                                             // given a string that
+                                             // represents a file name
+                                             // or so
+  ENGINE_CTRL_LOAD_SECTION               = 7;// Load data from a given
+                                             // section in the already
+                                             // loaded configuration
+
+  //
+  // These control commands allow an application to deal with an arbitrary
+  // engine in a dynamic way. Warn: Negative return values indicate errors FOR
+  // THESE COMMANDS because zero is used to indicate 'end-of-list'. Other
+  // commands, including ENGINE-specific command types, return zero for an
+  // error. An ENGINE can choose to implement these ctrl functions, and can
+  // internally manage things however it chooses - it does so by setting the
+  // ENGINE_FLAGS_MANUAL_CMD_CTRL flag (using ENGINE_set_flags()). Otherwise
+  // the ENGINE_ctrl() code handles this on the ENGINE's behalf using the
+  // cmd_defns data (set using ENGINE_set_cmd_defns()). This means an ENGINE's
+  // ctrl() handler need only implement its own commands - the above "meta"
+  // commands will be taken care of.
+  //
+
+  //
+  // Returns non-zero if the supplied ENGINE has a ctrl() handler. If "not",
+  // then all the remaining control commands will return failure, so it is
+  // worth checking this first if the caller is trying to "discover" the
+  // engine's capabilities and doesn't want errors generated unnecessarily.
+  //
+  ENGINE_CTRL_HAS_CTRL_FUNCTION          = 10;
+  //
+  // Returns a positive command number for the first command supported by the
+  // engine. Returns zero if no ctrl commands are supported.
+  //
+  ENGINE_CTRL_GET_FIRST_CMD_TYPE         = 11;
+  //
+  // The 'long' argument specifies a command implemented by the engine, and the
+  // return value is the next command supported, or zero if there are no more.
+  //
+  ENGINE_CTRL_GET_NEXT_CMD_TYPE          = 12;
+  //
+  // The 'void*' argument is a command name (cast from 'const char *'), and the
+  // return value is the command that corresponds to it.
+  //
+  ENGINE_CTRL_GET_CMD_FROM_NAME          = 13;
+  //
+  // The next two allow a command to be converted into its corresponding string
+  // form. In each case, the 'long' argument supplies the command. In the
+  // NAME_LEN case, the return value is the length of the command name (not
+  // counting a trailing EOL). In the NAME case, the 'void*' argument must be a
+  // string buffer large enough, and it will be populated with the name of the
+  // command (WITH a trailing EOL).
+  //
+  ENGINE_CTRL_GET_NAME_LEN_FROM_CMD      = 14;
+  ENGINE_CTRL_GET_NAME_FROM_CMD          = 15;
+  // The next two are similar but give a "short description" of a command. */
+  ENGINE_CTRL_GET_DESC_LEN_FROM_CMD      = 16;
+  ENGINE_CTRL_GET_DESC_FROM_CMD          = 17;
+  //
+  // With this command, the return value is the OR'd combination of
+  // ENGINE_CMD_FLAG_*** values that indicate what kind of input a given
+  // engine-specific ctrl command expects.
+  //
+  ENGINE_CTRL_GET_CMD_FLAGS              = 18;
+
+  //
+  // ENGINE implementations should start the numbering of their own control
+  // commands from this value. (ie. ENGINE_CMD_BASE, ENGINE_CMD_BASE += 1, etc).
+  //
+  ENGINE_CMD_BASE                        = 200;
+
+  //
+  // NB: These 2 nCipher "chil" control commands are deprecated, and their
+  // functionality is now available through ENGINE-specific control commands
+  // (exposed through the above-mentioned 'CMD'-handling). Code using these 2
+  // commands should be migrated to the more general command handling before
+  // these are removed.
+  //
+
+  // Flags specific to the nCipher "chil" engine */
+  ENGINE_CTRL_CHIL_SET_FORKCHECK         = 100;
+  //
+  // Depending on the value of the (long)i argument, this sets or
+  // unsets the SimpleForkCheck flag in the CHIL API to enable or
+  // disable checking and workarounds for applications that fork().
+  //
+  ENGINE_CTRL_CHIL_NO_LOCKING            = 101;
+  //
+  // This prevents the initialisation function from providing mutex
+  // callbacks to the nCipher library.
+  //
+
+type
+  //
+  // If an ENGINE supports its own specific control commands and wishes the
+  // framework to handle the above 'ENGINE_CMD_***'-manipulation commands on
+  // its behalf, it should supply a null-terminated array of ENGINE_CMD_DEFN
+  // entries to ENGINE_set_cmd_defns(). It should also implement a ctrl()
+  // handler that supports the stated commands (ie. the "cmd_num" entries as
+  // described by the array). NB: The array must be ordered in increasing order
+  // of cmd_num. "null-terminated" means that the last ENGINE_CMD_DEFN element
+  // has cmd_num set to zero and/or cmd_name set to NULL.
+  //
+  ENGINE_CMD_DEFN_st = record
+    cmd_num: TIdC_UINT;
+    cmd_name: PIdAnsiChar;
+    cmd_desc: PIdAnsiChar;
+    cmd_flags: TIdC_UINT;
+  end;
+  ENGINE_CMD_DEFN = ENGINE_CMD_DEFN_st;
+  PENGINE_CMD_DEFN = ^ENGINE_CMD_DEFN;
+
+  // Generic function pointer */
+  ENGINE_GEN_FUNC_PTR = function: TIdC_INT; cdecl;
+  // Generic function pointer taking no arguments */
+  ENGINE_GEN_INT_FUNC_PTR = function(v1: PENGINE): TIdC_INT; cdecl;
+  // Specific control function pointer */
+  f = procedure; cdecl;
+  ENGINE_CTRL_FUNC_PTR = function(v1: PENGINE; v2: TIdC_INT; v3: TIdC_LONG; v4: Pointer; v5: f): TIdC_INT; cdecl;
+  // Generic load_key function pointer */
+  ENGINE_LOAD_KEY_PTR = function(v1: PENGINE; const v2: PIdAnsiChar;
+    ui_method: PUI_METHOD; callback_data: Pointer): PEVP_PKEY; cdecl;
+  //ENGINE_SSL_CLIENT_CERT_PTR = function(v1: PENGINE; ssl: PSSL;
+  //  {STACK_OF(X509_NAME) *ca_dn;} pcert: PPX509; pkey: PPEVP_PKEY;
+  //  {STACK_OF(X509) **pother;} ui_method: PUI_METHOD; callback_data: Pointer): TIdC_INT; cdecl;
+
+  //
+  // These callback types are for an ENGINE's handler for cipher and digest logic.
+  // These handlers have these prototypes;
+  //   int foo(ENGINE *e, const EVP_CIPHER **cipher, const int **nids, int nid);
+  //   int foo(ENGINE *e, const EVP_MD **digest, const int **nids, int nid);
+  // Looking at how to implement these handlers in the case of cipher support, if
+  // the framework wants the EVP_CIPHER for 'nid', it will call;
+  //   foo(e, &p_evp_cipher, NULL, nid);    (return zero for failure)
+  // If the framework wants a list of supported 'nid's, it will call;
+  //   foo(e, NULL, &p_nids, 0); (returns number of 'nids' or -1 for error)
+  //
+  //
+  // Returns to a pointer to the array of supported cipher 'nid's. If the
+  // second parameter is non-NULL it is set to the size of the returned array.
+  //
+  ENGINE_CIPHERS_PTR = function(v1: PENGINE; const v2: PPEVP_CIPHER;
+    const v3: PPIdC_INT; v4: TIdC_INT): TIdC_INT; cdecl;
+  ENGINE_DIGESTS_PTR = function(v1: PENGINE; const v2: PPEVP_MD;
+    const v3: PPIdC_INT; v4: TIdC_INT): TIdC_INT; cdecl;
+  ENGINE_PKEY_METHS_PTR = function(v1: PENGINE; v2: PPEVP_PKEY_METHOD;
+    const v3: PPIdC_INT; v4: TIdC_INT): TIdC_INT; cdecl;
+  ENGINE_PKEY_ASN1_METHS_PTR = function(v1: PENGINE; v2: PPEVP_PKEY_ASN1_METHOD;
+    const v3: PPIdC_INT; v4: TIdC_INT): TIdC_INT; cdecl;
+
+  dyn_MEM_malloc_fn = function(v1: TIdC_SIZET; const v2: PIdAnsiChar; v3: TIdC_INT): Pointer; cdecl;
+  dyn_MEM_realloc_fn = function(v1: Pointer; v2: TIdC_SIZET; const v3: PIdAnsiChar; v4: TIdC_INT): Pointer; cdecl;
+  dyn_MEM_free_fn = procedure(v1: Pointer; const v2: PIdAnsiChar; v3: TIdC_INT); cdecl;
+
+  st_dynamic_MEM_fns = record
+    malloc_fn: dyn_MEM_malloc_fn;
+    realloc_fn: dyn_MEM_realloc_fn;
+    free_fn: dyn_MEM_free_fn;
+  end;
+  dynamic_MEM_fns = st_dynamic_MEM_fns;
+  
+  //*
+  // * FIXME: Perhaps the memory and locking code (crypto.h) should declare and
+  // * use these types so we (and any other dependent code) can simplify a bit??
+  // */
+  //* The top-level structure */
+  st_dynamic_fns = record
+    static_state: Pointer;
+    mem_fns: dynamic_MEM_fns;
+  end;
+  dynamic_fns = st_dynamic_fns;
+
+  //*
+  // * The version checking function should be of this prototype. NB: The
+  // * ossl_version value passed in is the OSSL_DYNAMIC_VERSION of the loading
+  // * code. If this function returns zero, it indicates a (potential) version
+  // * incompatibility and the loaded library doesn't believe it can proceed.
+  // * Otherwise, the returned value is the (latest) version supported by the
+  // * loading library. The loader may still decide that the loaded code's
+  // * version is unsatisfactory and could veto the load. The function is
+  // * expected to be implemented with the symbol name "v_check", and a default
+  // * implementation can be fully instantiated with
+  // * IMPLEMENT_DYNAMIC_CHECK_FN().
+  // */
+  dynamic_v_check_fn = function(ossl_version: TIdC_ULONG): TIdC_ULONG; cdecl;
+  //# define IMPLEMENT_DYNAMIC_CHECK_FN() \
+  //        OPENSSL_EXPORT unsigned long v_check(unsigned long v); \
+  //        OPENSSL_EXPORT unsigned long v_check(unsigned long v) { \
+  //                if (v >= OSSL_DYNAMIC_OLDEST) return OSSL_DYNAMIC_VERSION; \
+  //                return 0; }
+
+  //*
+  // * This function is passed the ENGINE structure to initialise with its own
+  // * function and command settings. It should not adjust the structural or
+  // * functional reference counts. If this function returns zero, (a) the load
+  // * will be aborted, (b) the previous ENGINE state will be memcpy'd back onto
+  // * the structure, and (c) the shared library will be unloaded. So
+  // * implementations should do their own internal cleanup in failure
+  // * circumstances otherwise they could leak. The 'id' parameter, if non-NULL,
+  // * represents the ENGINE id that the loader is looking for. If this is NULL,
+  // * the shared library can choose to return failure or to initialise a
+  // * 'default' ENGINE. If non-NULL, the shared library must initialise only an
+  // * ENGINE matching the passed 'id'. The function is expected to be
+  // * implemented with the symbol name "bind_engine". A standard implementation
+  // * can be instantiated with IMPLEMENT_DYNAMIC_BIND_FN(fn) where the parameter
+  // * 'fn' is a callback function that populates the ENGINE structure and
+  // * returns an int value (zero for failure). 'fn' should have prototype;
+  // * [static] int fn(ENGINE *e, const char *id);
+  // */
+  dynamic_bind_engine = function(e: PENGINE; const id: PIdAnsiChar;
+    const fns: dynamic_fns): TIdC_INT; cdecl;
+
+var
+  //
+  // STRUCTURE functions ... all of these functions deal with pointers to
+  // ENGINE structures where the pointers have a "structural reference". This
+  // means that their reference is to allowed access to the structure but it
+  // does not imply that the structure is functional. To simply increment or
+  // decrement the structural reference count, use ENGINE_by_id and
+  // ENGINE_free. NB: This is not required when iterating using ENGINE_get_next
+  // as it will automatically decrement the structural reference count of the
+  // "current" ENGINE and increment the structural reference count of the
+  // ENGINE it returns (unless it is NULL).
+  //
+  // Get the first/last "ENGINE" type available. */
+  function ENGINE_get_first: PENGINE;
+  function ENGINE_get_last: PENGINE;
+  function ENGINE_get_next(e: PENGINE): PENGINE;
+  function ENGINE_get_prev(e: PENGINE): PENGINE;
+  function ENGINE_add(e: PENGINE): TIdC_INT;
+  function ENGINE_remove(e: PENGINE): TIdC_INT;
+  function ENGINE_by_id(const id: PIdAnsiChar): PENGINE;
+
+  procedure ENGINE_load_builtin_engines;
+
+  //
+  // Get and set global flags (ENGINE_TABLE_FLAG_***) for the implementation
+  // "registry" handling.
+  //
+  function ENGINE_get_table_flags: TIdC_UINT;
+  procedure ENGINE_set_table_flags(flags: TIdC_UINT);
+
+  //- Manage registration of ENGINEs per "table". For each type, there are 3
+  // functions;
+  //   ENGINE_register_***(e) - registers the implementation from 'e' (if it has one)
+  //   ENGINE_unregister_***(e) - unregister the implementation from 'e'
+  //   ENGINE_register_all_***() - call ENGINE_register_***() for each 'e' in the list
+  // Cleanup is automatically registered from each table when required.
+  //
+
+  function ENGINE_register_RSA(e: PENGINE): TIdC_INT;
+  procedure ENGINE_unregister_RSA(e: PENGINE);
+  procedure ENGINE_register_all_RSA;
+
+  function ENGINE_register_DSA(e: PENGINE): TIdC_INT;
+  procedure ENGINE_unregister_DSA(e: PENGINE);
+  procedure ENGINE_register_all_DSA;
+
+  function ENGINE_register_EC(e: PENGINE): TIdC_INT;
+  procedure ENGINE_unregister_EC(e: PENGINE);
+  procedure ENGINE_register_all_EC;
+
+  function ENGINE_register_DH(e: PENGINE): TIdC_INT;
+  procedure ENGINE_unregister_DH(e: PENGINE);
+  procedure ENGINE_register_all_DH;
+
+  function ENGINE_register_RAND(e: PENGINE): TIdC_INT;
+  procedure ENGINE_unregister_RAND(e: PENGINE);
+  procedure ENGINE_register_all_RAND;
+
+  function ENGINE_register_ciphers(e: PENGINE): TIdC_INT;
+  procedure ENGINE_unregister_ciphers(e: PENGINE);
+  procedure ENGINE_register_all_ciphers;
+
+  function ENGINE_register_digests(e: PENGINE): TIdC_INT;
+  procedure ENGINE_unregister_digests(e: PENGINE);
+  procedure ENGINE_register_all_digests;
+
+  function ENGINE_register_pkey_meths(e: PENGINE): TIdC_INT;
+  procedure ENGINE_unregister_pkey_meths(e: PENGINE);
+  procedure ENGINE_register_all_pkey_meths;
+
+  function ENGINE_register_pkey_asn1_meths(e: PENGINE): TIdC_INT;
+  procedure ENGINE_unregister_pkey_asn1_meths(e: PENGINE);
+  procedure ENGINE_register_all_pkey_asn1_meths;
+
+  //
+  // These functions register all support from the above categories. Note, use
+  // of these functions can result in static linkage of code your application
+  // may not need. If you only need a subset of functionality, consider using
+  // more selective initialisation.
+  //
+  function ENGINE_register_complete(e: PENGINE): TIdC_INT;
+  function ENGINE_register_all_complete: TIdC_INT;
+
+  //
+  // Send parameterised control commands to the engine. The possibilities to
+  // send down an integer, a pointer to data or a function pointer are
+  // provided. Any of the parameters may or may not be NULL, depending on the
+  // command number. In actuality, this function only requires a structural
+  // (rather than functional) reference to an engine, but many control commands
+  // may require the engine be functional. The caller should be aware of trying
+  // commands that require an operational ENGINE, and only use functional
+  // references in such situations.
+  //
+  function ENGINE_ctrl(e: PENGINE; cmd: TIdC_INT; i: TIdC_LONG; p: Pointer; v1: f): TIdC_INT;
+
+  //
+  // This function tests if an ENGINE-specific command is usable as a
+  // "setting". Eg. in an application's config file that gets processed through
+  // ENGINE_ctrl_cmd_string(). If this returns zero, it is not available to
+  // ENGINE_ctrl_cmd_string(), only ENGINE_ctrl().
+  //
+  function ENGINE_cmd_is_executable(e: PENGINE; cmd: TIdC_INT): TIdC_INT;
+
+  //
+  // This function works like ENGINE_ctrl() with the exception of taking a
+  // command name instead of a command number, and can handle optional
+  // commands. See the comment on ENGINE_ctrl_cmd_string() for an explanation
+  // on how to use the cmd_name and cmd_optional.
+  //
+  function ENGINE_ctrl_cmd(e: PENGINE; const cmd_name: PIdAnsiChar; i: TIdC_LONG; p: Pointer; v1: f; cmd_optional: TIdC_INT): TIdC_INT;
+
+  //
+  // This function passes a command-name and argument to an ENGINE. The
+  // cmd_name is converted to a command number and the control command is
+  // called using 'arg' as an argument (unless the ENGINE doesn't support such
+  // a command, in which case no control command is called). The command is
+  // checked for input flags, and if necessary the argument will be converted
+  // to a numeric value. If cmd_optional is non-zero, then if the ENGINE
+  // doesn't support the given cmd_name the return value will be success
+  // anyway. This function is intended for applications to use so that users
+  // (or config files) can supply engine-specific config data to the ENGINE at
+  // run-time to control behaviour of specific engines. As such, it shouldn't
+  // be used for calling ENGINE_ctrl() functions that return data, deal with
+  // binary data, or that are otherwise supposed to be used directly through
+  // ENGINE_ctrl() in application code. Any "return" data from an ENGINE_ctrl()
+  // operation in this function will be lost - the return value is interpreted
+  // as failure if the return value is zero, success otherwise, and this
+  // function returns a boolean value as a result. In other words, vendors of
+  // 'ENGINE'-enabled devices should write ENGINE implementations with
+  // parameterisations that work in this scheme, so that compliant ENGINE-based
+  // applications can work consistently with the same configuration for the
+  // same ENGINE-enabled devices, across applications.
+  //
+  function ENGINE_ctrl_cmd_string(e: PENGINE; const cmd_name: PIdAnsiChar; const arg: PIdAnsiChar; cmd_optional: TIdC_INT): TIdC_INT;
+
+  //
+  // These functions are useful for manufacturing new ENGINE structures. They
+  // don't address reference counting at all - one uses them to populate an
+  // ENGINE structure with personalised implementations of things prior to
+  // using it directly or adding it to the builtin ENGINE list in OpenSSL.
+  // These are also here so that the ENGINE structure doesn't have to be
+  // exposed and break binary compatibility!
+  //
+  function ENGINE_new: PENGINE;
+  function ENGINE_free(e: PENGINE): TIdC_INT;
+  function ENGINE_up_ref(e: PENGINE): TIdC_INT;
+  function ENGINE_set_id(e: PENGINE; const id: PIdAnsiChar): TIdC_INT;
+  function ENGINE_set_name(e: PENGINE; const name: PIdAnsiChar): TIdC_INT;
+  function ENGINE_set_RSA(e: PENGINE; const rsa_meth: PRSA_METHOD): TIdC_INT;
+  function ENGINE_set_DSA(e: PENGINE; const dsa_meth: PDSA_METHOD): TIdC_INT;
+  function ENGINE_set_EC(e: PENGINE; const ecdsa_meth: PEC_KEY_METHOD): TIdC_INT;
+  function ENGINE_set_DH(e: PENGINE; const dh_meth: PDH_METHOD): TIdC_INT;
+  function ENGINE_set_RAND(e: PENGINE; const rand_meth: PRAND_METHOD): TIdC_INT;
+  function ENGINE_set_destroy_function(e: PENGINE; destroy_f: ENGINE_GEN_INT_FUNC_PTR): TIdC_INT;
+  function ENGINE_set_init_function(e: PENGINE; init_f: ENGINE_GEN_INT_FUNC_PTR): TIdC_INT;
+  function ENGINE_set_finish_function(e: PENGINE; finish_f: ENGINE_GEN_INT_FUNC_PTR): TIdC_INT;
+  function ENGINE_set_ctrl_function(e: PENGINE; ctrl_f: ENGINE_CTRL_FUNC_PTR): TIdC_INT;
+  function ENGINE_set_load_privkey_function(e: PENGINE; loadpriv_f: ENGINE_LOAD_KEY_PTR): TIdC_INT;
+  function ENGINE_set_load_pubkey_function(e: PENGINE; loadpub_f: ENGINE_LOAD_KEY_PTR): TIdC_INT;
+  //function ENGINE_set_load_ssl_client_cert_function(e: PENGINE; loadssl_f: ENGINE_SSL_CLIENT_CERT_PTR): TIdC_INT;
+  function ENGINE_set_ciphers(e: PENGINE; f: ENGINE_CIPHERS_PTR): TIdC_INT;
+  function ENGINE_set_digests(e: PENGINE; f: ENGINE_DIGESTS_PTR): TIdC_INT;
+  function ENGINE_set_pkey_meths(e: PENGINE; f: ENGINE_PKEY_METHS_PTR): TIdC_INT;
+  function ENGINE_set_pkey_asn1_meths(e: PENGINE; f: ENGINE_PKEY_ASN1_METHS_PTR): TIdC_INT;
+  function ENGINE_set_flags(e: PENGINE; flags: TIdC_INT): TIdC_INT;
+  function ENGINE_set_cmd_defns(e: PENGINE; const defns: PENGINE_CMD_DEFN): TIdC_INT;
+  // These functions allow control over any per-structure ENGINE data. */
+  //#define ENGINE_get_ex_new_index(l, p, newf, dupf, freef) CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_ENGINE, l, p, newf, dupf, freef)
+  function ENGINE_set_ex_data(e: PENGINE; idx: TIdC_INT; arg: Pointer): TIdC_INT;
+  function ENGINE_get_ex_data(const e: PENGINE; idx: TIdC_INT): Pointer;
+
+  //
+  // These return values from within the ENGINE structure. These can be useful
+  // with functional references as well as structural references - it depends
+  // which you obtained. Using the result for functional purposes if you only
+  // obtained a structural reference may be problematic!
+  //
+  function ENGINE_get_id(const e: PENGINE): PIdAnsiChar;
+  function ENGINE_get_name(const e: PENGINE): PIdAnsiChar;
+  function ENGINE_get_RSA(const e: PENGINE): PRSA_METHOD;
+  function ENGINE_get_DSA(const e: PENGINE): PDSA_METHOD;
+  function ENGINE_get_EC(const e: PENGINE): PEC_METHOD;
+  function ENGINE_get_DH(const e: PENGINE): PDH_METHOD;
+  function ENGINE_get_RAND(const e: PENGINE): PRAND_METHOD;
+  function ENGINE_get_destroy_function(const e: PENGINE): ENGINE_GEN_INT_FUNC_PTR;
+  function ENGINE_get_init_function(const e: PENGINE): ENGINE_GEN_INT_FUNC_PTR;
+  function ENGINE_get_finish_function(const e: PENGINE): ENGINE_GEN_INT_FUNC_PTR;
+  function ENGINE_get_ctrl_function(const e: PENGINE): ENGINE_CTRL_FUNC_PTR;
+  function ENGINE_get_load_privkey_function(const e: PENGINE): ENGINE_LOAD_KEY_PTR;
+  function ENGINE_get_load_pubkey_function(const e: PENGINE): ENGINE_LOAD_KEY_PTR;
+  //function ENGINE_get_ssl_client_cert_function(const e: PENGINE): ENGINE_SSL_CLIENT_CERT_PTR;
+  
+  function ENGINE_get_ciphers(const e: PENGINE): ENGINE_CIPHERS_PTR;
+  function ENGINE_get_digests(const e: PENGINE): ENGINE_DIGESTS_PTR;
+  function ENGINE_get_pkey_meths(const e: PENGINE): ENGINE_PKEY_METHS_PTR;
+  function ENGINE_get_pkey_asn1_meths(const e: PENGINE): ENGINE_PKEY_ASN1_METHS_PTR;
+  function ENGINE_get_cipher(e: PENGINE; nid: TIdC_INT): PEVP_CIPHER;
+  function ENGINE_get_digest(e: PENGINE; nid: TIdC_INT): PEVP_MD;
+  function ENGINE_get_pkey_meth(e: PENGINE; nid: TIdC_INT): PEVP_PKEY_METHOD;
+  function ENGINE_get_pkey_asn1_meth(e: PENGINE; nid: TIdC_INT): PEVP_PKEY_ASN1_METHOD;
+  function ENGINE_get_pkey_asn1_meth_str(e: PENGINE; const str: PIdAnsiChar; len: TIdC_INT): PEVP_PKEY_ASN1_METHOD;
+  function ENGINE_pkey_asn1_find_str(pe: PPENGINE; const str: PIdAnsiChar; len: TIdC_INT): PEVP_PKEY_ASN1_METHOD;
+  function ENGINE_get_cmd_defns(const e: PENGINE): PENGINE_CMD_DEFN;
+  function ENGINE_get_flags(const e: PENGINE): TIdC_INT;
+
+  ///*
+  // * FUNCTIONAL functions. These functions deal with ENGINE structures that
+  // * have (or will) be initialised for use. Broadly speaking, the structural
+  // * functions are useful for iterating the list of available engine types,
+  // * creating new engine types, and other "list" operations. These functions
+  // * actually deal with ENGINEs that are to be used. As such these functions
+  // * can fail (if applicable) when particular engines are unavailable - eg. if
+  // * a hardware accelerator is not attached or not functioning correctly. Each
+  // * ENGINE has 2 reference counts; structural and functional. Every time a
+  // * functional reference is obtained or released, a corresponding structural
+  // * reference is automatically obtained or released too.
+  // */
+
+  ///*
+  // * Initialise a engine type for use (or up its reference count if it's
+  // * already in use). This will fail if the engine is not currently operational
+  // * and cannot initialise.
+  // */
+  function ENGINE_init(e: PENGINE): TIdC_INT;
+  ///*
+  // * Free a functional reference to a engine type. This does not require a
+  // * corresponding call to ENGINE_free as it also releases a structural
+  // * reference.
+  // */
+  function ENGINE_finish(e: PENGINE): TIdC_INT;
+
+  ///*
+  // * The following functions handle keys that are stored in some secondary
+  // * location, handled by the engine.  The storage may be on a card or
+  // * whatever.
+  // */
+  function ENGINE_load_private_key(e: PENGINE; const key_id: PIdAnsiChar; ui_method: PUI_METHOD; callback_data: Pointer): PEVP_PKEY;
+  function ENGINE_load_public_key(e: PENGINE; const key_id: PIdAnsiChar; ui_method: PUI_METHOD; callback_data: Pointer): PEVP_PKEY;
+  //function ENGINE_load_ssl_client_cert(e: PENGINE; s: PSSL;
+  //  {STACK_OF(X509) *ca_dn;} {STACK_OF(X509) **pother;} ui_method: PUI_METHOD;
+  //  callback_data: Pointer): TIdC_INT;
+
+  ///*
+  // * This returns a pointer for the current ENGINE structure that is (by
+  // * default) performing any RSA operations. The value returned is an
+  // * incremented reference, so it should be free'd (ENGINE_finish) before it is
+  // * discarded.
+  // */
+  function ENGINE_get_default_RSA: PENGINE;
+  //* Same for the other "methods" */
+  function ENGINE_get_default_DSA: PENGINE;
+  function ENGINE_get_default_EC: PENGINE;
+  function ENGINE_get_default_DH: PENGINE;
+  function ENGINE_get_default_RAND: PENGINE;
+  ///*
+  // * These functions can be used to get a functional reference to perform
+  // * ciphering or digesting corresponding to "nid".
+  // */
+  function ENGINE_get_cipher_engine(nid: TIdC_INT): PENGINE;
+  function ENGINE_get_digest_engine(nid: TIdC_INT): PENGINE;
+  function ENGINE_get_pkey_meth_engine(nid: TIdC_INT): PENGINE;
+  function ENGINE_get_pkey_asn1_meth_engine(nid: TIdC_INT): PENGINE;
+  ///*
+  // * This sets a new default ENGINE structure for performing RSA operations. If
+  // * the result is non-zero (success) then the ENGINE structure will have had
+  // * its reference count up'd so the caller should still free their own
+  // * reference 'e'.
+  // */
+  function ENGINE_set_default_RSA(e: PENGINE): TIdC_INT;
+  function ENGINE_set_default_string(e: PENGINE; const def_list: PIdAnsiChar): TIdC_INT;
+  // Same for the other "methods"
+  function ENGINE_set_default_DSA(e: PENGINE): TIdC_INT;
+  function ENGINE_set_default_EC(e: PENGINE): TIdC_INT;
+  function ENGINE_set_default_DH(e: PENGINE): TIdC_INT;
+  function ENGINE_set_default_RAND(e: PENGINE): TIdC_INT;
+  function ENGINE_set_default_ciphers(e: PENGINE): TIdC_INT;
+  function ENGINE_set_default_digests(e: PENGINE): TIdC_INT;
+  function ENGINE_set_default_pkey_meths(e: PENGINE): TIdC_INT;
+  function ENGINE_set_default_pkey_asn1_meths(e: PENGINE): TIdC_INT;
+
+  ///*
+  // * The combination "set" - the flags are bitwise "OR"d from the
+  // * ENGINE_METHOD_*** defines above. As with the "ENGINE_register_complete()"
+  // * function, this function can result in unnecessary static linkage. If your
+  // * application requires only specific functionality, consider using more
+  // * selective functions.
+  // */
+  function ENGINE_set_default(e: PENGINE; flags: TIdC_ULONG): TIdC_INT;
+
+  procedure ENGINE_add_conf_module;
+
+  ///* Deprecated functions ... */
+  ///* int ENGINE_clear_defaults(void); */
+  //
+  //**************************/
+  //* DYNAMIC ENGINE SUPPORT */
+  //**************************/
+  //
+  //* Binary/behaviour compatibility levels */
+  //# define OSSL_DYNAMIC_VERSION            (unsigned long)0x00030000
+  //*
+  // * Binary versions older than this are too old for us (whether we're a loader
+  // * or a loadee)
+  // */
+  //# define OSSL_DYNAMIC_OLDEST             (unsigned long)0x00030000
+  //
+  //*
+  // * When compiling an ENGINE entirely as an external shared library, loadable
+  // * by the "dynamic" ENGINE, these types are needed. The 'dynamic_fns'
+  // * structure type provides the calling application's (or library's) error
+  // * functionality and memory management function pointers to the loaded
+  // * library. These should be used/set in the loaded library code so that the
+  // * loading application's 'state' will be used/changed in all operations. The
+  // * 'static_state' pointer allows the loaded library to know if it shares the
+  // * same static data as the calling application (or library), and thus whether
+  // * these callbacks need to be set or not.
+  // */
+
+
+  //# define IMPLEMENT_DYNAMIC_BIND_FN(fn) \
+  //        OPENSSL_EXPORT \
+  //        int bind_engine(ENGINE *e, const char *id, const dynamic_fns *fns); \
+  //        OPENSSL_EXPORT \
+  //        int bind_engine(ENGINE *e, const char *id, const dynamic_fns *fns) { \
+  //            if (ENGINE_get_static_state() == fns->static_state) goto skip_cbs; \
+  //            CRYPTO_set_mem_functions(fns->mem_fns.malloc_fn, \
+  //                                     fns->mem_fns.realloc_fn, \
+  //                                     fns->mem_fns.free_fn); \
+  //        skip_cbs: \
+  //            if (!fn(e, id)) return 0; \
+  //            return 1; }
+  //
+  //*
+  // * If the loading application (or library) and the loaded ENGINE library
+  // * share the same static data (eg. they're both dynamically linked to the
+  // * same libcrypto.so) we need a way to avoid trying to set system callbacks -
+  // * this would fail, and for the same reason that it's unnecessary to try. If
+  // * the loaded ENGINE has (or gets from through the loader) its own copy of
+  // * the libcrypto static data, we will need to set the callbacks. The easiest
+  // * way to detect this is to have a function that returns a pointer to some
+  // * static data and let the loading application and loaded ENGINE compare
+  // * their respective values.
+  // */
+  function ENGINE_get_static_state: Pointer;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_engineerr.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_engineerr.pas
new file mode 100644
index 000000000..8c15badf1
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_engineerr.pas
@@ -0,0 +1,130 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+unit IdOpenSSLHeaders_engineerr;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// engineerr.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+const
+  (*
+   * ENGINE function codes.
+   *)
+  ENGINE_F_DIGEST_UPDATE = 198;
+  ENGINE_F_DYNAMIC_CTRL = 180;
+  ENGINE_F_DYNAMIC_GET_DATA_CTX = 181;
+  ENGINE_F_DYNAMIC_LOAD = 182;
+  ENGINE_F_DYNAMIC_SET_DATA_CTX = 183;
+  ENGINE_F_ENGINE_ADD = 105;
+  ENGINE_F_ENGINE_BY_ID = 106;
+  ENGINE_F_ENGINE_CMD_IS_EXECUTABLE = 170;
+  ENGINE_F_ENGINE_CTRL = 142;
+  ENGINE_F_ENGINE_CTRL_CMD = 178;
+  ENGINE_F_ENGINE_CTRL_CMD_STRING = 171;
+  ENGINE_F_ENGINE_FINISH = 107;
+  ENGINE_F_ENGINE_GET_CIPHER = 185;
+  ENGINE_F_ENGINE_GET_DIGEST = 186;
+  ENGINE_F_ENGINE_GET_FIRST = 195;
+  ENGINE_F_ENGINE_GET_LAST = 196;
+  ENGINE_F_ENGINE_GET_NEXT = 115;
+  ENGINE_F_ENGINE_GET_PKEY_ASN1_METH = 193;
+  ENGINE_F_ENGINE_GET_PKEY_METH = 192;
+  ENGINE_F_ENGINE_GET_PREV = 116;
+  ENGINE_F_ENGINE_INIT = 119;
+  ENGINE_F_ENGINE_LIST_ADD = 120;
+  ENGINE_F_ENGINE_LIST_REMOVE = 121;
+  ENGINE_F_ENGINE_LOAD_PRIVATE_KEY = 150;
+  ENGINE_F_ENGINE_LOAD_PUBLIC_KEY = 151;
+  ENGINE_F_ENGINE_LOAD_SSL_CLIENT_CERT = 194;
+  ENGINE_F_ENGINE_NEW = 122;
+  ENGINE_F_ENGINE_PKEY_ASN1_FIND_STR = 197;
+  ENGINE_F_ENGINE_REMOVE = 123;
+  ENGINE_F_ENGINE_SET_DEFAULT_STRING = 189;
+  ENGINE_F_ENGINE_SET_ID = 129;
+  ENGINE_F_ENGINE_SET_NAME = 130;
+  ENGINE_F_ENGINE_TABLE_REGISTER = 184;
+  ENGINE_F_ENGINE_UNLOCKED_FINISH = 191;
+  ENGINE_F_ENGINE_UP_REF = 190;
+  ENGINE_F_INT_CLEANUP_ITEM = 199;
+  ENGINE_F_INT_CTRL_HELPER = 172;
+  ENGINE_F_INT_ENGINE_CONFIGURE = 188;
+  ENGINE_F_INT_ENGINE_MODULE_INIT = 187;
+  ENGINE_F_OSSL_HMAC_INIT = 200;
+
+  (*
+   * ENGINE reason codes.
+   *)
+  ENGINE_R_ALREADY_LOADED = 100;
+  ENGINE_R_ARGUMENT_IS_NOT_A_NUMBER = 133;
+  ENGINE_R_CMD_NOT_EXECUTABLE = 134;
+  ENGINE_R_COMMAND_TAKES_INPUT = 135;
+  ENGINE_R_COMMAND_TAKES_NO_INPUT = 136;
+  ENGINE_R_CONFLICTING_ENGINE_ID = 103;
+  ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED = 119;
+  ENGINE_R_DSO_FAILURE = 104;
+  ENGINE_R_DSO_NOT_FOUND = 132;
+  ENGINE_R_ENGINES_SECTION_ERROR = 148;
+  ENGINE_R_ENGINE_CONFIGURATION_ERROR = 102;
+  ENGINE_R_ENGINE_IS_NOT_IN_LIST = 105;
+  ENGINE_R_ENGINE_SECTION_ERROR = 149;
+  ENGINE_R_FAILED_LOADING_PRIVATE_KEY = 128;
+  ENGINE_R_FAILED_LOADING_PUBLIC_KEY = 129;
+  ENGINE_R_FINISH_FAILED = 106;
+  ENGINE_R_ID_OR_NAME_MISSING = 108;
+  ENGINE_R_INIT_FAILED = 109;
+  ENGINE_R_INTERNAL_LIST_ERROR = 110;
+  ENGINE_R_INVALID_ARGUMENT = 143;
+  ENGINE_R_INVALID_CMD_NAME = 137;
+  ENGINE_R_INVALID_CMD_NUMBER = 138;
+  ENGINE_R_INVALID_INIT_VALUE = 151;
+  ENGINE_R_INVALID_STRING = 150;
+  ENGINE_R_NOT_INITIALISED = 117;
+  ENGINE_R_NOT_LOADED = 112;
+  ENGINE_R_NO_CONTROL_FUNCTION = 120;
+  ENGINE_R_NO_INDEX = 144;
+  ENGINE_R_NO_LOAD_FUNCTION = 125;
+  ENGINE_R_NO_REFERENCE = 130;
+  ENGINE_R_NO_SUCH_ENGINE = 116;
+  ENGINE_R_UNIMPLEMENTED_CIPHER = 146;
+  ENGINE_R_UNIMPLEMENTED_DIGEST = 147;
+  ENGINE_R_UNIMPLEMENTED_PUBLIC_KEY_METHOD = 101;
+  ENGINE_R_VERSION_INCOMPATIBILITY = 145;
+
+var
+  function ERR_load_ENGINE_strings: TIdC_INT;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_err.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_err.pas
new file mode 100644
index 000000000..83a069d73
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_err.pas
@@ -0,0 +1,226 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+unit IdOpenSSLHeaders_err;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// err.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts,
+  IdOpenSSLHeaders_ossl_typ;
+
+const
+  ERR_TXT_MALLOCED = $01;
+  ERR_TXT_STRING = $02;
+  ERR_FLAG_MARK = $01;
+  ERR_FLAG_CLEAR = $02;
+
+  ERR_NUM_ERRORS = 16;
+
+//* library */
+  ERR_LIB_SYS =    2;
+  ERR_LIB_BN =    3;
+  ERR_LIB_RSA =    4;
+  ERR_LIB_DH =    5;
+  ERR_LIB_EVP =    6;
+  ERR_LIB_BUF =    7;
+  ERR_LIB_OBJ =    8;
+  ERR_LIB_PEM =    9;
+  ERR_LIB_DSA =    10;
+  ERR_LIB_X509 =    11;
+  // ERR_LIB_METH         12
+  ERR_LIB_ASN1 =    13;
+  ERR_LIB_CONF =    14;
+  ERR_LIB_CRYPTO =   15;
+  ERR_LIB_EC =    16;
+  ERR_LIB_SSL =    20;
+(* #define ERR_LIB_SSL23        21 *)
+(* #define ERR_LIB_SSL2         22 *)
+(* #define ERR_LIB_SSL3         23 *)
+(* #define ERR_LIB_RSAREF       30 *)
+(* #define ERR_LIB_PROXY        31 *)
+  ERR_LIB_BIO =    32;
+  ERR_LIB_PKCS7 =    33;
+  ERR_LIB_X509V3 =   34;
+  ERR_LIB_PKCS12 =   35;
+  ERR_LIB_RAND =    36;
+  ERR_LIB_DSO =    37;
+  ERR_LIB_ENGINE =   38;
+  ERR_LIB_OCSP =    39;
+  ERR_LIB_UI =    40;
+  ERR_LIB_COMP =    41;
+  ERR_LIB_ECDSA =    42;
+  ERR_LIB_ECDH =    43;
+  ERR_LIB_OSSL_STORE =  44;
+  ERR_LIB_FIPS =    45;
+  ERR_LIB_CMS =    46;
+  ERR_LIB_TS =    47;
+  ERR_LIB_HMAC =    48;
+(* # define ERR_LIB_JPAKE       49 *)
+  ERR_LIB_CT =    50;
+  ERR_LIB_ASYNC =    51;
+  ERR_LIB_KDF =    52;
+  ERR_LIB_SM2 =    53;
+  ERR_LIB_USER =    128;
+  
+//* OS functions */
+  SYS_F_FOPEN = 1;
+  SYS_F_CONNECT = 2;
+  SYS_F_GETSERVBYNAME = 3;
+  SYS_F_SOCKET = 4;
+  SYS_F_IOCTLSOCKET = 5;
+  SYS_F_BIND = 6;
+  SYS_F_LISTEN = 7;
+  SYS_F_ACCEPT = 8;
+  SYS_F_WSASTARTUP = 9; (* Winsock stuff *)
+  SYS_F_OPENDIR = 10;
+  SYS_F_FREAD = 11;
+  SYS_F_GETADDRINFO = 12;
+  SYS_F_GETNAMEINFO = 13;
+  SYS_F_SETSOCKOPT = 14;
+  SYS_F_GETSOCKOPT = 15;
+  SYS_F_GETSOCKNAME = 16;
+  SYS_F_GETHOSTBYNAME = 17;
+  SYS_F_FFLUSH = 18;
+  SYS_F_OPEN = 19;
+  SYS_F_CLOSE = 20;
+  SYS_F_IOCTL = 21;
+  SYS_F_STAT = 22;
+  SYS_F_FCNTL = 23;
+  SYS_F_FSTAT = 24;
+
+//* reasons */
+  ERR_R_SYS_LIB = ERR_LIB_SYS; //2
+  ERR_R_BN_LIB = ERR_LIB_BN; //3
+  ERR_R_RSA_LIB = ERR_LIB_RSA; //4
+  ERR_R_DH_LIB = ERR_LIB_DH; //5
+  ERR_R_EVP_LIB = ERR_LIB_EVP; //6
+  ERR_R_BUF_LIB = ERR_LIB_BUF; //7
+  ERR_R_OBJ_LIB = ERR_LIB_OBJ; //8
+  ERR_R_PEM_LIB = ERR_LIB_PEM; //9
+  ERR_R_DSA_LIB = ERR_LIB_DSA; //10
+  ERR_R_X509_LIB = ERR_LIB_X509; //11
+  ERR_R_ASN1_LIB = ERR_LIB_ASN1; //13
+  ERR_R_EC_LIB = ERR_LIB_EC; //16
+  ERR_R_BIO_LIB = ERR_LIB_BIO; //32
+  ERR_R_PKCS7_LIB = ERR_LIB_PKCS7; //33
+  ERR_R_X509V3_LIB = ERR_LIB_X509V3; //34
+  ERR_R_ENGINE_LIB = ERR_LIB_ENGINE; //38
+  ERR_R_UI_LIB = ERR_LIB_UI; //40
+  ERR_R_ECDSA_LIB = ERR_LIB_ECDSA; //42
+  ERR_R_OSSL_STORE_LIB = ERR_LIB_OSSL_STORE; //44
+
+  ERR_R_NESTED_ASN1_ERROR =  58;
+  ERR_R_MISSING_ASN1_EOS =  63;
+
+  //* fatal error */
+  ERR_R_FATAL =  64;
+  ERR_R_MALLOC_FAILURE = (1 or ERR_R_FATAL);
+  ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED = (2 or ERR_R_FATAL);
+  ERR_R_PASSED_NULL_PARAMETER = (3 or ERR_R_FATAL);
+  ERR_R_INTERNAL_ERROR = (4 or ERR_R_FATAL);
+  ERR_R_DISABLED = (5 or ERR_R_FATAL);
+  ERR_R_INIT_FAIL = (6 or ERR_R_FATAL);
+  ERR_R_PASSED_INVALID_ARGUMENT = (7);
+  ERR_R_OPERATION_FAIL = (8 or ERR_R_FATAL);
+
+
+(*
+ * 99 is the maximum possible ERR_R_... code, higher values are reserved for
+ * the individual libraries
+ *)
+
+type
+  err_state_st = record
+    err_flags: array[0..ERR_NUM_ERRORS -1] of TIdC_INT;
+    err_buffer: array[0..ERR_NUM_ERRORS -1] of TIdC_ULONG;
+    err_data: array[0..ERR_NUM_ERRORS -1] of PIdAnsiChar;
+    err_data_flags: array[0..ERR_NUM_ERRORS -1] of TIdC_INT;
+    err_file: array[0..ERR_NUM_ERRORS -1] of PIdAnsiChar;
+    err_line: array[0..ERR_NUM_ERRORS -1] of TIdC_INT;
+    top, bottom: TIdC_INT;
+  end;
+  ERR_STATE = err_state_st;
+  PERR_STATE = ^ERR_STATE;
+
+  ERR_string_data_st = record
+    error: TIdC_ULONG;
+    &string: PIdAnsiChar;
+  end;
+  ERR_STRING_DATA = ERR_string_data_st;
+  PERR_STRING_DATA = ^ERR_STRING_DATA;
+
  ERR_print_errors_cb_cb = function(str: PIdAnsiChar; len: TIdC_SIZET; u: Pointer): TIdC_INT; cdecl;
+
+var
+// DEFINE_LHASH_OF(ERR_STRING_DATA);
+
+  procedure ERR_put_error(lib: TIdC_INT; func: TIdC_INT; reason: TIdC_INT; &file: PIdAnsiChar; line: TIdC_INT);
+  procedure ERR_set_error_data(data: PIdAnsiChar; flags: TIdC_INT);
+  
+  function ERR_get_error: TIdC_ULONG;
+  function ERR_get_error_line(&file: PPIdAnsiChar; line: PIdC_INT): TIdC_ULONG;
+  function ERR_get_error_line_data(&file: PPIdAnsiChar; line: PIdC_INT; data: PPIdAnsiChar; flags: PIdC_INT): TIdC_ULONG;
+
+  function ERR_peek_error: TIdC_ULONG;
+  function ERR_peek_error_line(&file: PPIdAnsiChar; line: PIdC_INT): TIdC_ULONG;
+  function ERR_peek_error_line_data(&file: PPIdAnsiChar; line: PIdC_INT; data: PPIdAnsiChar; flags: PIdC_INT): TIdC_ULONG;
+
+  function ERR_peek_last_error: TIdC_ULONG;
+  function ERR_peek_last_error_line(&file: PPIdAnsiChar; line: PIdC_INT): TIdC_ULONG;
+  function ERR_peek_last_error_line_data(&file: PPIdAnsiChar; line: PIdC_INT; data: PPIdAnsiChar; flags: PIdC_INT): TIdC_ULONG;
+
+  procedure ERR_clear_error;
+  function ERR_error_string(e: TIdC_ULONG; buf: PIdAnsiChar): PIdAnsiChar;
+  procedure ERR_error_string_n(e: TIdC_ULONG; buf: PIdAnsiChar; len: TIdC_SIZET);
+  function ERR_lib_error_string(e: TIdC_ULONG): PIdAnsiChar;
+  function ERR_func_error_string(e: TIdC_ULONG): PIdAnsiChar;
+  function ERR_reason_error_string(e: TIdC_ULONG): PIdAnsiChar;
+  procedure ERR_print_errors_cb(cb: ERR_print_errors_cb_cb; u: Pointer);
+
+  procedure ERR_print_errors(bp: PBIO);
+  // void ERR_add_error_data(int num, ...);
+  // procedure ERR_add_error_vdata(num: TIdC_INT; args: va_list);
+  function ERR_load_strings(lib: TIdC_INT; str: PERR_STRING_DATA): TIdC_INT;
+  function ERR_load_strings_const(str: PERR_STRING_DATA): TIdC_INT;
+  function ERR_unload_strings(lib: TIdC_INT; str: PERR_STRING_DATA): TIdC_INT;
+  function ERR_load_ERR_strings: TIdC_INT;
+
+  function ERR_get_state: PERR_STATE;
+  function ERR_get_next_error_library: TIdC_INT;
+  function ERR_set_mark: TIdC_INT;
+  function ERR_pop_to_mark: TIdC_INT;
+  function ERR_clear_last_mark: TIdC_INT;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_evp.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_evp.pas
new file mode 100644
index 000000000..39ddc6146
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_evp.pas
@@ -0,0 +1,1333 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+unit IdOpenSSLHeaders_evp;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// evp.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts,
+  IdOpenSSlHeaders_bio,
+  IdOpenSSLHeaders_obj_mac,
+  IdOpenSSlHeaders_ossl_typ;
+
+const
+  EVP_MAX_MD_SIZE = 64; // longest known is SHA512
+  EVP_MAX_KEY_LENGTH = 64;
+  EVP_MAX_IV_LENGTH = 16;
+  EVP_MAX_BLOCK_LENGTH = 32;
+  PKCS5_SALT_LEN = 8;
+  // Default PKCS#5 iteration count
+  PKCS5_DEFAULT_ITER = 2048;
+  EVP_PK_RSA = $0001;
+  EVP_PK_DSA = $0002;
+  EVP_PK_DH  = $0004;
+  EVP_PK_EC = $0008;
+  EVP_PKT_SIGN = $0010;
+  EVP_PKT_ENC = $0020;
+  EVP_PKT_EXCH = $0040;
+  EVP_PKS_RSA = $0100;
+  EVP_PKS_DSA = $0200;
+  EVP_PKS_EC = $0400;
+
+  EVP_PKEY_NONE = NID_undef;
+  EVP_PKEY_RSA = NID_rsaEncryption;
+  EVP_PKEY_RSA2 = NID_rsa;
+  EVP_PKEY_RSA_PSS = NID_rsassaPss;
+  EVP_PKEY_DSA = NID_dsa;
+  EVP_PKEY_DSA1 = NID_dsa_2;
+  EVP_PKEY_DSA2 = NID_dsaWithSHA;
+  EVP_PKEY_DSA3 = NID_dsaWithSHA1;
+  EVP_PKEY_DSA4 = NID_dsaWithSHA1_2;
+  EVP_PKEY_DH = NID_dhKeyAgreement;
+  EVP_PKEY_DHX = NID_dhpublicnumber;
+  EVP_PKEY_EC = NID_X9_62_id_ecPublicKey;
+  EVP_PKEY_SM2 = NID_sm2;
+  EVP_PKEY_HMAC = NID_hmac;
+  EVP_PKEY_CMAC = NID_cmac;
+  EVP_PKEY_SCRYPT = NID_id_scrypt;
+  EVP_PKEY_TLS1_PRF = NID_tls1_prf;
+  EVP_PKEY_HKDF = NID_hkdf;
+  EVP_PKEY_POLY1305 = NID_poly1305;
+  EVP_PKEY_SIPHASH = NID_siphash;
+  EVP_PKEY_X25519 = NID_X25519;
+  EVP_PKEY_ED25519 = NID_ED25519;
+  EVP_PKEY_X448 = NID_X448;
+  EVP_PKEY_ED448 = NID_ED448;
+
+  EVP_PKEY_MO_SIGN = $0001;
+  EVP_PKEY_MO_VERIFY = $0002;
+  EVP_PKEY_MO_ENCRYPT = $0004;
+  EVP_PKEY_MO_DECRYPT = $0008;
+
+// digest can only handle a single block ///
+  EVP_MD_FLAG_ONESHOT = $0001;
+
+// digest is extensible-output function; XOF ///
+
+  EVP_MD_FLAG_XOF = $0002;
+
+// DigestAlgorithmIdentifier flags... ///
+
+  EVP_MD_FLAG_DIGALGID_MASK = $0018;
+
+// NULL or absent parameter accepted. Use NULL ///
+
+  EVP_MD_FLAG_DIGALGID_NULL = $0000;
+
+// NULL or absent parameter accepted. Use NULL for PKCS#1 otherwise absent ///
+
+  EVP_MD_FLAG_DIGALGID_ABSENT = $0008;
+
+// Custom handling via ctrl ///
+
+  EVP_MD_FLAG_DIGALGID_CUSTOM = $0018;
+
+// Note if suitable for use in FIPS mode ///
+
+  EVP_MD_FLAG_FIPS = $0400;
+
+// Digest ctrls ///
+
+  EVP_MD_CTRL_DIGALGID = $1;
+  EVP_MD_CTRL_MICALG = $2;
+  EVP_MD_CTRL_XOF_LEN = $3;
+
+// Minimum Algorithm specific ctrl value ///
+
+  EVP_MD_CTRL_ALG_CTRL = $1000;
+ // not EVP_MD ///
+
+// values for EVP_MD_CTX flags ///
+  EVP_MD_CTX_FLAG_ONESHOT = $0001;
+  EVP_MD_CTX_FLAG_CLEANED = $0002;
+  EVP_MD_CTX_FLAG_REUSE = $0004;
+//
+ // FIPS and pad options are ignored in 1.0.0; definitions are here so we
+ // don't accidentally reuse the values for other purposes.
+ ///
+
+  EVP_MD_CTX_FLAG_NON_FIPS_ALLOW = $0008;
+
+//
+ // The following PAD options are also currently ignored in 1.0.0; digest
+ // parameters are handled through EVP_DigestSign//() and EVP_DigestVerify//()
+ // instead.
+ ///
+  EVP_MD_CTX_FLAG_PAD_MASK = $F0;
+  EVP_MD_CTX_FLAG_PAD_PKCS1 = $00;
+  EVP_MD_CTX_FLAG_PAD_X931 = $10;
+  EVP_MD_CTX_FLAG_PAD_PSS = $20;
+
+  EVP_MD_CTX_FLAG_NO_INIT = $0100;
+//
+ // Some functions such as EVP_DigestSign only finalise copies of internal
+ // contexts so additional data can be included after the finalisation call.
+ // This is inefficient if this functionality is not required: it is disabled
+ // if the following flag is set.
+ ///
+  EVP_MD_CTX_FLAG_FINALISE = $0200;
+
+
+// NOTE: $0400 is reserved for internal usage ///
+// Values for cipher flags ///
+
+// Modes for ciphers ///
+
+  EVP_CIPH_STREAM_CIPHER = $0;
+  EVP_CIPH_ECB_MODE = $1;
+  EVP_CIPHC_MODE = $2;
+  EVP_CIPH_CFB_MODE = $3;
+  EVP_CIPH_OFB_MODE = $4;
+  EVP_CIPH_CTR_MODE = $5;
+  EVP_CIPH_GCM_MODE = $6;
+  EVP_CIPH_CCM_MODE = $7;
+  EVP_CIPH_XTS_MODE = $10001;
+  EVP_CIPH_WRAP_MODE = $10002;
+  EVP_CIPH_OCB_MODE = $10003;
+  EVP_CIPH_MODE = $F0007;
+// Set if variable length cipher ///
+  EVP_CIPH_VARIABLE_LENGTH = $8;
+// Set if the iv handling should be done by the cipher itself ///
+  EVP_CIPH_CUSTOM_IV = $10;
+// Set if the cipher's init() function should be called if key is NULL ///
+  EVP_CIPH_ALWAYS_CALL_INIT = $20;
+// Call ctrl() to init cipher parameters ///
+  EVP_CIPH_CTRL_INIT = $40;
+// Don't use standard key length function ///
+  EVP_CIPH_CUSTOM_KEY_LENGTH = $80;
+// Don't use standard block padding ///
+  EVP_CIPH_NO_PADDING = $100;
+// cipher handles random key generation ///
+  EVP_CIPH_RAND_KEY = $200;
+// cipher has its own additional copying logic ///
+  EVP_CIPH_CUSTOM_COPY = $400;
+// Don't use standard iv length function ///
+  EVP_CIPH_CUSTOM_IV_LENGTH = $800;
+// Allow use default ASN1 get/set iv ///
+  EVP_CIPH_FLAG_DEFAULT_ASN1 = $1000;
+// Buffer length in bits not bytes: CFB1 mode only ///
+  EVP_CIPH_FLAG_LENGTH_BITS = $2000;
+// Note if suitable for use in FIPS mode ///
+  EVP_CIPH_FLAG_FIPS = $4000;
+// Allow non FIPS cipher in FIPS mode ///
+  EVP_CIPH_FLAG_NON_FIPS_ALLOW = $8000;
+//
+ // Cipher handles any and all padding logic as well as finalisation.
+ ///
+  EVP_CIPH_FLAG_CUSTOM_CIPHER = $100000;
+  EVP_CIPH_FLAG_AEAD_CIPHER = $200000;
+  EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK = $400000;
+// Cipher can handle pipeline operations ///
+  EVP_CIPH_FLAG_PIPELINE = $800000;
+
+//
+ // Cipher context flag to indicate we can handle wrap mode: if allowed in
+ // older applications it could overflow buffers.
+ ///
+
+  EVP_CIPHER_CTX_FLAG_WRAP_ALLOW = $1;
+
+// ctrl() values ///
+
+  EVP_CTRL_INIT = $0;
+  EVP_CTRL_SET_KEY_LENGTH = $1;
+  EVP_CTRL_GET_RC2_KEY_BITS = $2;
+  EVP_CTRL_SET_RC2_KEY_BITS = $3;
+  EVP_CTRL_GET_RC5_ROUNDS = $4;
+  EVP_CTRL_SET_RC5_ROUNDS = $5;
+  EVP_CTRL_RAND_KEY = $6;
+  EVP_CTRL_PBE_PRF_NID = $7;
+  EVP_CTRL_COPY = $8;
+  EVP_CTRL_AEAD_SET_IVLEN = $9;
+  EVP_CTRL_AEAD_GET_TAG = $10;
+  EVP_CTRL_AEAD_SET_TAG = $11;
+  EVP_CTRL_AEAD_SET_IV_FIXED = $12;
+  EVP_CTRL_GCM_SET_IVLEN = EVP_CTRL_AEAD_SET_IVLEN;
+  EVP_CTRL_GCM_GET_TAG = EVP_CTRL_AEAD_GET_TAG;
+  EVP_CTRL_GCM_SET_TAG = EVP_CTRL_AEAD_SET_TAG;
+  EVP_CTRL_GCM_SET_IV_FIXED = EVP_CTRL_AEAD_SET_IV_FIXED;
+  EVP_CTRL_GCM_IV_GEN = $13;
+  EVP_CTRL_CCM_SET_IVLEN = EVP_CTRL_AEAD_SET_IVLEN;
+  EVP_CTRL_CCM_GET_TAG = EVP_CTRL_AEAD_GET_TAG;
+  EVP_CTRL_CCM_SET_TAG = EVP_CTRL_AEAD_SET_TAG;
+  EVP_CTRL_CCM_SET_IV_FIXED = EVP_CTRL_AEAD_SET_IV_FIXED;
+  EVP_CTRL_CCM_SET_L = $14;
+  EVP_CTRL_CCM_SET_MSGLEN = $15;
+//
+ // AEAD cipher deduces payload length and returns number of bytes required to
+ // store MAC and eventual padding. Subsequent call to EVP_Cipher even
+ // appends/verifies MAC.
+ ///
+  EVP_CTRL_AEAD_TLS1_AAD = $16;
+// Used by composite AEAD ciphers; no-op in GCM; CCM... ///
+  EVP_CTRL_AEAD_SET_MAC_KEY = $17;
+// Set the GCM invocation field; decrypt only ///
+  EVP_CTRL_GCM_SET_IV_INV = $18;
+
+  EVP_CTRL_TLS1_1_MULTIBLOCK_AAD = $19;
+  EVP_CTRL_TLS1_1_MULTIBLOCK_ENCRYPT = $1a;
+  EVP_CTRL_TLS1_1_MULTIBLOCK_DECRYPT = $1b;
+  EVP_CTRL_TLS1_1_MULTIBLOCK_MAX_BUFSIZE = $1c;
+
+  EVP_CTRL_SSL3_MASTER_SECRET = $1d;
+
+// EVP_CTRL_SET_SBOX takes the PIdAnsiChar// specifying S-boxes///
+  EVP_CTRL_SET_SBOX = $1e;
+//
+// EVP_CTRL_SBOX_USED takes a 'TIdC_SIZET' and 'PIdAnsiChar//'; pointing at a
+// pre-allocated buffer with specified size
+///
+  EVP_CTRL_SBOX_USED = $1f;
+// EVP_CTRL_KEY_MESH takes 'TIdC_SIZET' number of bytes to mesh the key after;
+// 0 switches meshing off
+///
+  EVP_CTRL_KEY_MESH = $20;
+// EVP_CTRL_BLOCK_PADDING_MODE takes the padding mode///
+  EVP_CTRL_BLOCK_PADDING_MODE = $21;
+
+// Set the output buffers to use for a pipelined operation///
+  EVP_CTRL_SET_PIPELINE_OUTPUT_BUFS = $22;
+// Set the input buffers to use for a pipelined operation///
+  EVP_CTRL_SET_PIPELINE_INPUT_BUFS = $23;
+// Set the input buffer lengths to use for a pipelined operation///
+  EVP_CTRL_SET_PIPELINE_INPUT_LENS = $24;
+
+  EVP_CTRL_GET_IVLEN = $25;
+
+// Padding modes///
+  EVP_PADDING_PKCS7 = 1;
+  EVP_PADDING_ISO7816_4 = 2;
+  EVP_PADDING_ANSI923 = 3;
+  EVP_PADDING_ISO10126 = 4;
+  EVP_PADDING_ZERO = 5;
+
+// RFC 5246 defines additional data to be 13 bytes in length///
+  EVP_AEAD_TLS1_AAD_LEN = 13;
+
+// GCM TLS constants///
+// Length of fixed part of IV derived from PRF///
+  EVP_GCM_TLS_FIXED_IV_LEN = 4;
+// Length of explicit part of IV part of TLS records///
+  EVP_GCM_TLS_EXPLICIT_IV_LEN = 8;
+// Length of tag for TLS
+  EVP_GCM_TLS_TAG_LEN = 16;
+
+/// CCM TLS constants ///
+/// Length of fixed part of IV derived from PRF ///
+  EVP_CCM_TLS_FIXED_IV_LEN = 4;
+/// Length of explicit part of IV part of TLS records ///
+  EVP_CCM_TLS_EXPLICIT_IV_LEN = 8;
+/// Total length of CCM IV length for TLS ///
+  EVP_CCM_TLS_IV_LEN = 12;
+/// Length of tag for TLS ///
+  EVP_CCM_TLS_TAG_LEN = 16;
+/// Length of CCM8 tag for TLS ///
+  EVP_CCM8_TLS_TAG_LEN = 8;
+
+/// Length of tag for TLS ///
+  EVP_CHACHAPOLY_TLS_TAG_LEN = 16;
+
+(* Can appear as the outermost AlgorithmIdentifier *)
+  EVP_PBE_TYPE_OUTER = $0;
+(* Is an PRF type OID *)
+  EVP_PBE_TYPE_PRF = $1;
+(* Is a PKCS#5 v2.0 KDF *)
+  EVP_PBE_TYPE_KDF = $2;
+
+  ASN1_PKEY_ALIAS = $1;
+  ASN1_PKEY_DYNAMIC = $2;
+  ASN1_PKEY_SIGPARAM_NULL = $4;
+
+  ASN1_PKEY_CTRL_PKCS7_SIGN = $1;
+  ASN1_PKEY_CTRL_PKCS7_ENCRYPT = $2;
+  ASN1_PKEY_CTRL_DEFAULT_MD_NID = $3;
+  ASN1_PKEY_CTRL_CMS_SIGN = $5;
+  ASN1_PKEY_CTRL_CMS_ENVELOPE = $7;
+  ASN1_PKEY_CTRL_CMS_RI_TYPE = $8;
+
+  ASN1_PKEY_CTRL_SET1_TLS_ENCPT = $9;
+  ASN1_PKEY_CTRL_GET1_TLS_ENCPT = $a;
+
+  EVP_PKEY_OP_UNDEFINED = 0;
+  EVP_PKEY_OP_PARAMGEN = (1 shl 1);
+  EVP_PKEY_OP_KEYGEN = (1 shl 2);
+  EVP_PKEY_OP_SIGN = (1 shl 3);
+  EVP_PKEY_OP_VERIFY = (1 shl 4);
+  EVP_PKEY_OP_VERIFYRECOVER = (1 shl 5);
+  EVP_PKEY_OP_SIGNCTX = (1 shl 6);
+  EVP_PKEY_OP_VERIFYCTX = (1 shl 7);
+  EVP_PKEY_OP_ENCRYPT = (1 shl 8);
+  EVP_PKEY_OP_DECRYPT = (1 shl 9);
+  EVP_PKEY_OP_DERIVE = (1 shl 10);
+
+  EVP_PKEY_OP_TYPE_SIG = EVP_PKEY_OP_SIGN or EVP_PKEY_OP_VERIFY
+    or EVP_PKEY_OP_VERIFYRECOVER or EVP_PKEY_OP_SIGNCTX or EVP_PKEY_OP_VERIFYCTX;
+
+  EVP_PKEY_OP_TYPE_CRYPT = EVP_PKEY_OP_ENCRYPT or EVP_PKEY_OP_DECRYPT;
+
+  EVP_PKEY_OP_TYPE_NOGEN = EVP_PKEY_OP_TYPE_SIG or EVP_PKEY_OP_TYPE_CRYPT or EVP_PKEY_OP_DERIVE;
+
+  EVP_PKEY_OP_TYPE_GEN = EVP_PKEY_OP_PARAMGEN or EVP_PKEY_OP_KEYGEN;
+
+  EVP_PKEY_CTRL_MD = 1;
+  EVP_PKEY_CTRL_PEER_KEY = 2;
+
+  EVP_PKEY_CTRL_PKCS7_ENCRYPT = 3;
+  EVP_PKEY_CTRL_PKCS7_DECRYPT = 4;
+
+  EVP_PKEY_CTRL_PKCS7_SIGN = 5;
+
+  EVP_PKEY_CTRL_SET_MAC_KEY = 6;
+
+  EVP_PKEY_CTRL_DIGESTINIT = 7;
+
+(* Used by GOST key encryption in TLS *)
+  EVP_PKEY_CTRL_SET_IV = 8;
+
+  EVP_PKEY_CTRL_CMS_ENCRYPT = 9;
+  EVP_PKEY_CTRL_CMS_DECRYPT = 10;
+  EVP_PKEY_CTRL_CMS_SIGN = 11;
+
+  EVP_PKEY_CTRL_CIPHER = 12;
+
+  EVP_PKEY_CTRL_GET_MD = 13;
+
+  EVP_PKEY_CTRL_SET_DIGEST_SIZE = 14;
+
+  EVP_PKEY_ALG_CTRL = $1000;
+
+  EVP_PKEY_FLAG_AUTOARGLEN = 2;
+  //
+ // Method handles all operations: don't assume any digest related defaults.
+ //
+  EVP_PKEY_FLAG_SIGCTX_CUSTOM = 4;
+
+type
+  EVP_MD_meth_init = function(ctx: PEVP_MD_CTX): TIdC_INT; cdecl;
+  EVP_MD_meth_update = function(ctx: PEVP_MD_CTX; const data: Pointer;
+    count: TIdC_SIZET): TIdC_INT; cdecl;
+  EVP_MD_meth_final = function(ctx: PEVP_MD_CTX; const md: PByte): TIdC_INT; cdecl;
+  EVP_MD_meth_copy = function(&to: PEVP_MD_CTX; const from: PEVP_MD_CTX): TIdC_INT; cdecl;
+  EVP_MD_meth_cleanup = function(ctx: PEVP_MD_CTX): TIdC_INT; cdecl;
+  EVP_MD_meth_ctrl = function(ctx: PEVP_MD_CTX; cmd: TIdC_INT; p1: TIdC_INT;
+    p2: Pointer): TIdC_INT; cdecl;
+
+  EVP_CIPHER_meth_init = function(ctx: PEVP_CIPHER_CTX; const key: PByte;
+    const iv: PByte; enc: TIdC_SIZET): TIdC_INT; cdecl;
+  EVP_CIPHER_meth_do_cipher = function(ctx: PEVP_CIPHER_CTX; &out: PByte;
+    const &in: PByte; inl: TIdC_SIZET): TIdC_INT; cdecl;
+  EVP_CIPHER_meth_cleanup = function(v1: PEVP_CIPHER_CTX): TIdC_INT; cdecl;
+  EVP_CIPHER_meth_set_asn1_params = function(v1: PEVP_CIPHER_CTX;
+    v2: PASN1_TYPE): TIdC_INT; cdecl;
+  EVP_CIPHER_meth_get_asn1_params = function(v1: PEVP_CIPHER_CTX;
+    v2: PASN1_TYPE): TIdC_INT; cdecl;
+  EVP_CIPHER_meth_ctrl = function(v1: PEVP_CIPHER_CTX; &type: TIdC_INT;
+    arg: TIdC_INT; ptr: Pointer): TIdC_INT; cdecl;
+
+  EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM = record
+    &out: PByte;
+    inp: PByte;
+    len: TIdC_SIZET;
+    interleave: TidC_UINT;
+  end;
+
+  evp_cipher_info_st = record
+    cipher: PEVP_CIPHER;
+    iv: array[0 .. EVP_MAX_IV_LENGTH - 1] of PByte;
+  end;
+  EVP_CIPHER_INFO = evp_cipher_info_st;
+
+  EVP_MD_CTX_update = function(ctx: PEVP_MD_CTX; const data: Pointer; count: TIdC_SIZET): TIdC_INT; cdecl;
+
+  fn = procedure(const ciph: PEVP_CIPHER; const from: PIdAnsiChar; const &to: PIdAnsiChar; x: Pointer); cdecl;
+
+  rsa_st = type Pointer;
+  Prsa_st = ^rsa_st;
+
+  dsa_st = type Pointer;
+
  Pdsa_st = ^dsa_st;
+
+  dh_st = type Pointer;
+
  Pdh_st = ^dh_st;
+  ec_key_st = type Pointer;
+
  Pec_key_st = ^ec_key_st;
+
+  pub_decode = function(pk: PEVP_PKEY; pub: PX509_PUBKEY): TIdC_INT; cdecl;
+  pub_encode = function(pub: PX509_PUBKEY; const pk: PEVP_PKEY): TIdC_INT; cdecl;
+  pub_cmd = function(const a: PEVP_PKEY; const b: PEVP_PKEY): TIdC_INT; cdecl;
+  pub_print = function(&out: PBIO; const pkey: PEVP_PKEY; indent: TIdC_INT; pctx: PASN1_PCTX): TIdC_INT; cdecl;
+  pkey_size = function(const pk: PEVP_PKEY): TIdC_INT; cdecl;
+  pkey_bits = function(const pk: PEVP_PKEY): TIdC_INT; cdecl;
+
+  priv_decode = function(pk: PEVP_PKEY; const p8inf: PKCS8_PRIV_KEY_INFO): TIdC_INT; cdecl;
+  priv_encode = function(p8: PPKCS8_PRIV_KEY_INFO; const pk: PEVP_PKEY): TIdC_INT; cdecl;
+  priv_print = function(&out: PBIO; const pkea: PEVP_PKEY; indent: TIdC_INT; pctx: PASN1_PCTX): TIdC_INT; cdecl;
+
+  param_decode = function(pkey: PEVP_PKEY; const pder: PPByte; derlen: TIdC_INT): TIdC_INT; cdecl;
+  param_encode = function(const pkey: PEVP_PKEY; pder: PPByte): TIdC_INT; cdecl;
+  param_missing = function(const pk: PEVP_PKEY): TIdC_INT; cdecl;
+  param_copy = function(&to: PEVP_PKEY; const from: PEVP_PKEY): TIdC_INT; cdecl;
+  param_cmp = function(const a: PEVP_PKEY; const b: PEVP_PKEY): TIdC_INT; cdecl;
+  param_print = function(&out: PBIO; const pkey: PEVP_PKEY; indent: TIdC_INT; pctx: PASN1_PCTX): TIdC_INT; cdecl;
+
+  pkey_free = procedure(pkey: PEVP_PKEY); cdecl;
+  pkey_ctrl = function(pkey: PEVP_PKEY; op: TIdC_INT; arg1: TIdC_LONG; arg2: Pointer): TIdC_INT; cdecl;
+  item_verify = function(ctx: PEVP_MD_CTX; const it: PASN1_ITEM; asn: Pointer;
+    a: PX509_ALGOR; sig: PASN1_BIT_STRING; pkey: PEVP_PKEY): TIdC_INT; cdecl;
+  item_sign = function(ctx: PEVP_MD_CTX; const it: PASN1_ITEM; asn: Pointer;
+    alg1: PX509_ALGOR; alg2: PX509_ALGOR; sig: PASN1_BIT_STRING): TIdC_INT; cdecl;
+  siginf_set = function(siginf: PX509_SIG_INFO; const alg: PX509_ALGOR; const sig: PASN1_STRING): TIdC_INT; cdecl;
+  pkey_check = function(const pk: PEVP_PKEY): TIdC_INT; cdecl;
+  pkey_pub_check = function(const pk: PEVP_PKEY): TIdC_INT; cdecl;
+  pkey_param_check = function(const pk: PEVP_PKEY): TIdC_INT; cdecl;
+  set_priv_key = function(pk: PEVP_PKEY; const priv: PByte; len: TIdC_SIZET): TIdC_INT; cdecl;
+  set_pub_key = function(pk: PEVP_PKEY; const pub: PByte; len: TIdC_SIZET): TIdC_INT; cdecl;
+  get_priv_key = function(const pk: PEVP_PKEY; priv: PByte; len: PIdC_SIZET): TIdC_INT; cdecl;
+  get_pub_key = function(const pk: PEVP_PKEY; pub: PByte; len: PIdC_SIZET): TIdC_INT; cdecl;
+  pkey_security_bits = function(const pk: PEVP_PKEY): TIdC_INT; cdecl;
+
+  EVP_PKEY_gen_cb = function(ctx: PEVP_PKEY_CTX): TIdC_INT; cdecl;
+//  PEVP_PKEY_gen_cb = ^EVP_PKEY_gen_cb;
+
+  EVP_PKEY_meth_init = function(ctx: PEVP_PKEY_CTX): TIdC_INT; cdecl;
+  PEVP_PKEY_meth_init = ^EVP_PKEY_meth_init;
+  EVP_PKEY_meth_copy_cb = function(dst: PEVP_PKEY_CTX; src: PEVP_PKEY_CTX): TIdC_INT; cdecl;
+  PEVP_PKEY_meth_copy = ^EVP_PKEY_meth_copy_cb;
+  EVP_PKEY_meth_cleanup = procedure(ctx: PEVP_PKEY_CTX); cdecl;
+  PEVP_PKEY_meth_cleanup = ^EVP_PKEY_meth_cleanup;
+  EVP_PKEY_meth_paramgen_init = function(ctx: PEVP_PKEY_CTX): TIdC_INT; cdecl;
+  PEVP_PKEY_meth_paramgen_init = ^EVP_PKEY_meth_paramgen_init;
+  EVP_PKEY_meth_paramgen = function(ctx: PEVP_PKEY_CTX; pkey: PEVP_PKEY): TIdC_INT; cdecl;
+  PEVP_PKEY_meth_paramgen = ^EVP_PKEY_meth_paramgen;
+  EVP_PKEY_meth_keygen_init = function(ctx: PEVP_PKEY_CTX): TIdC_INT; cdecl;
+  PEVP_PKEY_meth_keygen_init = ^EVP_PKEY_meth_keygen_init;
+  EVP_PKEY_meth_keygen = function(ctx: PEVP_PKEY_CTX; pkey: PEVP_PKEY): TIdC_INT; cdecl;
+  PEVP_PKEY_meth_keygen = ^EVP_PKEY_meth_keygen;
+  EVP_PKEY_meth_sign_init = function(ctx: PEVP_PKEY_CTX): TIdC_INT; cdecl;
+  PEVP_PKEY_meth_sign_init = ^EVP_PKEY_meth_sign_init;
+  EVP_PKEY_meth_sign = function(ctx: PEVP_PKEY_CTX; sig: PByte; siglen: TIdC_SIZET;
+    const tbs: PByte; tbslen: TIdC_SIZET): TIdC_INT; cdecl;
+  PEVP_PKEY_meth_sign = ^EVP_PKEY_meth_sign;
+  EVP_PKEY_meth_verify_init = function(ctx: PEVP_PKEY_CTX): TIdC_INT; cdecl;
+  PEVP_PKEY_meth_verify_init = ^EVP_PKEY_meth_verify_init;
+  EVP_PKEY_meth_verify = function(ctx: PEVP_PKEY_CTX; const sig: PByte;
+    siglen: TIdC_SIZET; const tbs: PByte; tbslen: TIdC_SIZET): TIdC_INT; cdecl;
+  PEVP_PKEY_meth_verify = ^EVP_PKEY_meth_verify;
+  EVP_PKEY_meth_verify_recover_init = function(ctx: PEVP_PKEY_CTX): TIdC_INT; cdecl;
+  PEVP_PKEY_meth_verify_recover_init = ^EVP_PKEY_meth_verify_recover_init;
+  EVP_PKEY_meth_verify_recover = function(ctx: PEVP_PKEY_CTX; sig: PByte;
+    siglen: TIdC_SIZET; const tbs: PByte; tbslen: TIdC_SIZET): TIdC_INT; cdecl;
+  PEVP_PKEY_meth_verify_recover = ^EVP_PKEY_meth_verify_recover;
+  EVP_PKEY_meth_signctx_init = function(ctx: PEVP_PKEY_CTX): TIdC_INT; cdecl;
+  PEVP_PKEY_meth_signctx_init = ^EVP_PKEY_meth_signctx_init;
+  EVP_PKEY_meth_signctx = function(ctx: PEVP_PKEY_CTX; sig: Pbyte;
+    siglen: TIdC_SIZET; mctx: PEVP_MD_CTX): TIdC_INT; cdecl;
+  PEVP_PKEY_meth_signctx = ^EVP_PKEY_meth_signctx;
+  EVP_PKEY_meth_verifyctx_init = function(ctx: PEVP_PKEY_CTX; mctx: PEVP_MD_CTX): TIdC_INT; cdecl;
+  PEVP_PKEY_meth_verifyctx_init = ^EVP_PKEY_meth_verifyctx_init;
+  EVP_PKEY_meth_verifyctx = function(ctx: PEVP_PKEY_CTX; const sig: PByte;
+    siglen: TIdC_INT; mctx: PEVP_MD_CTX): TIdC_INT; cdecl;
+  PEVP_PKEY_meth_verifyctx = ^EVP_PKEY_meth_verifyctx;
+  EVP_PKEY_meth_encrypt_init = function(ctx: PEVP_PKEY_CTX): TIdC_INT; cdecl;
+  PEVP_PKEY_meth_encrypt_init = ^EVP_PKEY_meth_encrypt_init;
+  EVP_PKEY_meth_encrypt = function(ctx: PEVP_PKEY_CTX; &out: PByte;
+    outlen: TIdC_SIZET; const &in: PByte): TIdC_INT; cdecl;
+  PEVP_PKEY_meth_encrypt = ^ EVP_PKEY_meth_encrypt;
+  EVP_PKEY_meth_decrypt_init = function(ctx: PEVP_PKEY_CTX): TIdC_INT; cdecl;
+  PEVP_PKEY_meth_decrypt_init = ^EVP_PKEY_meth_decrypt_init;
+  EVP_PKEY_meth_decrypt = function(ctx: PEVP_PKEY_CTX; &out: PByte;
+    outlen: TIdC_SIZET; const &in: PByte; inlen: TIdC_SIZET): TIdC_INT; cdecl;
+  PEVP_PKEY_meth_decrypt = ^EVP_PKEY_meth_decrypt;
+  EVP_PKEY_meth_derive_init = function(ctx: PEVP_PKEY_CTX): TIdC_INT; cdecl;
+  PEVP_PKEY_meth_derive_init = ^EVP_PKEY_meth_derive_init;
+  EVP_PKEY_meth_derive = function(ctx: PEVP_PKEY_CTX; key: PByte; keylen: PIdC_SIZET): TIdC_INT; cdecl;
+  PEVP_PKEY_meth_derive = ^EVP_PKEY_meth_derive;
+  EVP_PKEY_meth_ctrl = function(ctx: PEVP_PKEY_CTX; &type: TIdC_INT; p1: TIdC_INT; p2: Pointer): TIdC_INT; cdecl;
+  PEVP_PKEY_meth_ctrl = ^EVP_PKEY_meth_ctrl;
+  EVP_PKEY_meth_ctrl_str = function(ctx: PEVP_PKEY_CTX; key: PByte; keylen: PIdC_SIZET): TIdC_INT; cdecl;
+  PEVP_PKEY_meth_ctrl_str = ^EVP_PKEY_meth_ctrl_str;
+  EVP_PKEY_meth_digestsign = function(ctx: PEVP_PKEY_CTX; sig: PByte;
+    siglen: PIdC_SIZET; const tbs: PByte; tbslen: TIdC_SIZET): TIdC_INT; cdecl;
+  PEVP_PKEY_meth_digestsign = ^EVP_PKEY_meth_digestsign;
+  EVP_PKEY_meth_digestverify = function(ctx: PEVP_MD_CTX; const sig: PByte;
+    siglen: TIdC_SIZET; const tbs: PByte; tbslen: TIdC_SIZET): TIdC_INT; cdecl;
+  PEVP_PKEY_meth_digestverify = ^EVP_PKEY_meth_digestverify;
+  EVP_PKEY_meth_check = function(pkey: PEVP_PKEY): TIdC_INT; cdecl;
+  PEVP_PKEY_meth_check = ^EVP_PKEY_meth_check;
+  EVP_PKEY_meth_public_check = function(pkey: PEVP_PKEY): TIdC_INT; cdecl;
+  PEVP_PKEY_meth_public_check = ^EVP_PKEY_meth_public_check;
+  EVP_PKEY_meth_param_check = function(pkey: PEVP_PKEY): TIdC_INT; cdecl;
+  PEVP_PKEY_meth_param_check = ^EVP_PKEY_meth_param_check;
+  EVP_PKEY_meth_digest_custom = function(pkey: PEVP_PKEY; mctx: PEVP_MD_CTX): TIdC_INT; cdecl;
+  PEVP_PKEY_meth_digest_custom = ^EVP_PKEY_meth_digest_custom;
+
+  // Password based encryption function
+  EVP_PBE_KEYGEN = function(ctx: PEVP_CIPHER_CTX; const pass: PIdAnsiChar;
+    passlen: TIdC_INT; param: PASN1_TYPE; const cipher: PEVP_CIPHER;
+    const md: PEVP_MD; en_de: TIdC_INT): TIdC_INT; cdecl;
+  PEVP_PBE_KEYGEN = ^EVP_PBE_KEYGEN;
+  PPEVP_PBE_KEYGEN = ^PEVP_PBE_KEYGEN;
+
+{$REGION 'C compiler macros'}
+function EVP_PKEY_assign_RSA(pkey: PEVP_PKEY; rsa: Pointer): TIdC_INT;
+function EVP_PKEY_assign_DSA(pkey: PEVP_PKEY; dsa: Pointer): TIdC_INT;
+function EVP_PKEY_assign_DH(pkey: PEVP_PKEY; dh: Pointer): TIdC_INT;
+function EVP_PKEY_assign_EC_KEY(pkey: PEVP_PKEY; eckey: Pointer): TIdC_INT;
+function EVP_PKEY_assign_SIPHASH(pkey: PEVP_PKEY; shkey: Pointer): TIdC_INT;
+function EVP_PKEY_assign_POLY1305(pkey: PEVP_PKEY; polykey: Pointer): TIdC_INT;
+{$ENDREGION}
+
+var
+  function EVP_MD_meth_new(md_type: TIdC_INT; pkey_type: TIdC_INT): PEVP_MD;
+  function EVP_MD_meth_dup(const md: PEVP_MD): PEVP_MD;
+  procedure EVP_MD_meth_free(md: PEVP_MD);
+
+  function EVP_MD_meth_set_input_blocksize(md: PEVP_MD; blocksize: TIdC_INT): TIdC_INT;
+  function EVP_MD_meth_set_result_size(md: PEVP_MD; resultsize: TIdC_INT): TIdC_INT;
+  function EVP_MD_meth_set_app_datasize(md: PEVP_MD; datasize: TIdC_INT): TIdC_INT;
+  function EVP_MD_meth_set_flags(md: PEVP_MD; flags: TIdC_ULONG): TIdC_INT;
+  function EVP_MD_meth_set_init(md: PEVP_MD; init: EVP_MD_meth_init): TIdC_INT;
+  function EVP_MD_meth_set_update(md: PEVP_MD; update: EVP_MD_meth_update): TIdC_INT;
+  function EVP_MD_meth_set_final(md: PEVP_MD; &final: EVP_MD_meth_final): TIdC_INT;
+  function EVP_MD_meth_set_copy(md: PEVP_MD; copy: EVP_MD_meth_copy): TIdC_INT;
+  function EVP_MD_meth_set_cleanup(md: PEVP_MD; cleanup: EVP_MD_meth_cleanup): TIdC_INT;
+  function EVP_MD_meth_set_ctrl(md: PEVP_MD; ctrl: EVP_MD_meth_ctrl): TIdC_INT;
+
+  function EVP_MD_meth_get_input_blocksize(const md: PEVP_MD): TIdC_INT;
+  function EVP_MD_meth_get_result_size(const md: PEVP_MD): TIdC_INT;
+  function EVP_MD_meth_get_app_datasize(const md: PEVP_MD): TIdC_INT;
+  function EVP_MD_meth_get_flags(const md: PEVP_MD): TIdC_ULONG;
+  function EVP_MD_meth_get_init(const md: PEVP_MD): EVP_MD_meth_init;
+  function EVP_MD_meth_get_update(const md: PEVP_MD): EVP_MD_meth_update;
+  function EVP_MD_meth_get_final(const md: PEVP_MD): EVP_MD_meth_final;
+  function EVP_MD_meth_get_copy(const md: PEVP_MD): EVP_MD_meth_copy;
+  function EVP_MD_meth_get_cleanup(const md: PEVP_MD): EVP_MD_meth_cleanup;
+  function EVP_MD_meth_get_ctrl(const md: PEVP_MD): EVP_MD_meth_ctrl;
+
+  function EVP_CIPHER_meth_new(cipher_type: TIdC_INT; block_size: TIdC_INT; key_len: TIdC_INT): PEVP_CIPHER;
+  function EVP_CIPHER_meth_dup(const cipher: PEVP_CIPHER): PEVP_CIPHER;
+  procedure EVP_CIPHER_meth_free(cipher: PEVP_CIPHER);
+
+  function EVP_CIPHER_meth_set_iv_length(cipher: PEVP_CIPHER; iv_len: TIdC_INT): TIdC_INT;
+  function EVP_CIPHER_meth_set_flags(cipher: PEVP_CIPHER; flags: TIdC_ULONG): TIdC_INT;
+  function EVP_CIPHER_meth_set_impl_ctx_size(cipher: PEVP_CIPHER; ctx_size: TIdC_INT): TIdC_INT;
+  function EVP_CIPHER_meth_set_init(cipher: PEVP_CIPHER; init: EVP_CIPHER_meth_init): TIdC_INT;
+  function EVP_CIPHER_meth_set_do_cipher(cipher: PEVP_CIPHER; do_cipher: EVP_CIPHER_meth_do_cipher): TIdC_INT;
+  function EVP_CIPHER_meth_set_cleanup(cipher: PEVP_CIPHER; cleanup: EVP_CIPHER_meth_cleanup): TIdC_INT;
+  function EVP_CIPHER_meth_set_set_asn1_params(cipher: PEVP_CIPHER; set_asn1_parameters: EVP_CIPHER_meth_set_asn1_params): TIdC_INT;
+  function EVP_CIPHER_meth_set_get_asn1_params(cipher: PEVP_CIPHER; get_asn1_parameters: EVP_CIPHER_meth_get_asn1_params): TIdC_INT;
+  function EVP_CIPHER_meth_set_ctrl(cipher: PEVP_CIPHER; ctrl: EVP_CIPHER_meth_ctrl): TIdC_INT;
+  function EVP_CIPHER_meth_get_init(const cipher: PEVP_CIPHER): EVP_CIPHER_meth_init;
+  function EVP_CIPHER_meth_get_do_cipher(const cipher: PEVP_CIPHER): EVP_CIPHER_meth_do_cipher;
+  function EVP_CIPHER_meth_get_cleanup(const cipher: PEVP_CIPHER): EVP_CIPHER_meth_cleanup;
+  function EVP_CIPHER_meth_get_set_asn1_params(const cipher: PEVP_CIPHER): EVP_CIPHER_meth_set_asn1_params;
+  function EVP_CIPHER_meth_get_get_asn1_params(const cipher: PEVP_CIPHER): EVP_CIPHER_meth_get_asn1_params;
+  function EVP_CIPHER_meth_get_ctrl(const cipher: PEVP_CIPHER): EVP_CIPHER_meth_ctrl;
+
+  /// Add some extra combinations ///
+  //# define EVP_get_digestbynid(a) EVP_get_digestbyname(OBJ_nid2sn(a));
+  //# define EVP_get_digestbyobj(a) EVP_get_digestbynid(OBJ_obj2nid(a));
+  //# define EVP_get_cipherbynid(a) EVP_get_cipherbyname(OBJ_nid2sn(a));
+  //# define EVP_get_cipherbyobj(a) EVP_get_cipherbynid(OBJ_obj2nid(a));
+
+  function EVP_MD_type(const md: PEVP_MD): TIdC_INT;
+  //# define EVP_MD_nid(e)                   EVP_MD_type(e)
+  //# define EVP_MD_name(e)                  OBJ_nid2sn(EVP_MD_nid(e))
+  function EVP_MD_pkey_type(const md: PEVP_MD): TIdC_INT;
+  function EVP_MD_size(const md: PEVP_MD): TIdC_INT;
+  function EVP_MD_block_size(const md: PEVP_MD): TIdC_INT;
+  function EVP_MD_flags(const md: PEVP_MD): PIdC_ULONG;
+
+  function EVP_MD_CTX_md(ctx: PEVP_MD_CTX): PEVP_MD;
+  function EVP_MD_CTX_update_fn(ctx: PEVP_MD_CTX): EVP_MD_CTX_update;
+  procedure EVP_MD_CTX_set_update_fn(ctx: PEVP_MD_CTX; update: EVP_MD_CTX_update);
+  //  EVP_MD_CTX_size(e)              EVP_MD_size(EVP_MD_CTX_md(e))
+  //  EVP_MD_CTX_block_size(e)        EVP_MD_block_size(EVP_MD_CTX_md(e))
+  //  EVP_MD_CTX_type(e)              EVP_MD_type(EVP_MD_CTX_md(e))
+  function EVP_MD_CTX_pkey_ctx(const ctx: PEVP_MD_CTX): PEVP_PKEY_CTX;
+  procedure EVP_MD_CTX_set_pkey_ctx(ctx: PEVP_MD_CTX; pctx: PEVP_PKEY_CTX);
+  function EVP_MD_CTX_md_data(const ctx: PEVP_MD_CTX): Pointer;
+
+  function EVP_CIPHER_nid(const ctx: PEVP_MD_CTX): TIdC_INT;
+  //# define EVP_CIPHER_name(e)              OBJ_nid2sn(EVP_CIPHER_nid(e))
+  function EVP_CIPHER_block_size(const cipher: PEVP_CIPHER): TIdC_INT;
+  function EVP_CIPHER_impl_ctx_size(const cipher: PEVP_CIPHER): TIdC_INT;
+  function EVP_CIPHER_key_length(const cipher: PEVP_CIPHER): TIdC_INT;
+  function EVP_CIPHER_iv_length(const cipher: PEVP_CIPHER): TIdC_INT;
+  function EVP_CIPHER_flags(const cipher: PEVP_CIPHER): TIdC_ULONG;
+  //# define EVP_CIPHER_mode(e)              (EVP_CIPHER_flags(e) & EVP_CIPH_MODE)
+
+  function EVP_CIPHER_CTX_cipher(const ctx: PEVP_CIPHER_CTX): PEVP_CIPHER;
+  function EVP_CIPHER_CTX_encrypting(const ctx: PEVP_CIPHER_CTX): TIdC_INT;
+  function EVP_CIPHER_CTX_nid(const ctx: PEVP_CIPHER_CTX): TIdC_INT;
+  function EVP_CIPHER_CTX_block_size(const ctx: PEVP_CIPHER_CTX): TIdC_INT;
+  function EVP_CIPHER_CTX_key_length(const ctx: PEVP_CIPHER_CTX): TIdC_INT;
+  function EVP_CIPHER_CTX_iv_length(const ctx: PEVP_CIPHER_CTX): TIdC_INT;
+  function EVP_CIPHER_CTX_iv(const ctx: PEVP_CIPHER_CTX): PByte;
+  function EVP_CIPHER_CTX_original_iv(const ctx: PEVP_CIPHER_CTX): PByte;
+  function EVP_CIPHER_CTX_iv_noconst(ctx: PEVP_CIPHER_CTX): PByte;
+  function EVP_CIPHER_CTX_buf_noconst(ctx: PEVP_CIPHER_CTX): PByte;
+  function EVP_CIPHER_CTX_num(const ctx: PEVP_CIPHER_CTX): TIdC_INT;
+  procedure EVP_CIPHER_CTX_set_num(ctx: PEVP_CIPHER_CTX; num: TIdC_INT);
+  function EVP_CIPHER_CTX_copy(&out: PEVP_CIPHER_CTX; const &in: PEVP_CIPHER_CTX): TIdC_INT;
+  function EVP_CIPHER_CTX_get_app_data(const ctx: PEVP_CIPHER_CTX): Pointer;
+  procedure EVP_CIPHER_CTX_set_app_data(ctx: PEVP_CIPHER_CTX; data: Pointer);
+  function EVP_CIPHER_CTX_get_cipher_data(const ctx: PEVP_CIPHER_CTX): Pointer;
+  function EVP_CIPHER_CTX_set_cipher_data(ctx: PEVP_CIPHER_CTX; cipher_data: Pointer): Pointer;
+
+  //# define EVP_CIPHER_CTX_type(c)         EVP_CIPHER_type(EVP_CIPHER_CTX_cipher(c))
+  //# if OPENSSL_API_COMPAT < 0x10100000L
+  //#  define EVP_CIPHER_CTX_flags(c)       EVP_CIPHER_flags(EVP_CIPHER_CTX_cipher(c))
+  //# endif
+  //# define EVP_CIPHER_CTX_mode(c)         EVP_CIPHER_mode(EVP_CIPHER_CTX_cipher(c))
+  //
+  //# define EVP_ENCODE_LENGTH(l)    ((((l)+2)/3*4)+((l)/48+1)*2+80)
+  //# define EVP_DECODE_LENGTH(l)    (((l)+3)/4*3+80)
+  //
+  //# define EVP_SignInit_ex(a;b;c)          EVP_DigestInit_ex(a;b;c)
+  //# define EVP_SignInit(a;b)               EVP_DigestInit(a;b)
+  //# define EVP_SignUpdate(a;b;c)           EVP_DigestUpdate(a;b;c)
+  //# define EVP_VerifyInit_ex(a;b;c)        EVP_DigestInit_ex(a;b;c)
+  //# define EVP_VerifyInit(a;b)             EVP_DigestInit(a;b)
+  //# define EVP_VerifyUpdate(a;b;c)         EVP_DigestUpdate(a;b;c)
+  //# define EVP_OpenUpdate(a;b;c;d;e)       EVP_DecryptUpdate(a;b;c;d;e)
+  //# define EVP_SealUpdate(a;b;c;d;e)       EVP_EncryptUpdate(a;b;c;d;e)
+  //# define EVP_DigestSignUpdate(a;b;c)     EVP_DigestUpdate(a;b;c)
+  //# define EVP_DigestVerifyUpdate(a;b;c)   EVP_DigestUpdate(a;b;c)
+
+  procedure BIO_set_md(v1: PBIO; const md: PEVP_MD);
+  //# define BIO_get_md(b;mdp)          BIO_ctrl(b;BIO_C_GET_MD;0;(PIdAnsiChar)(mdp))
+  //# define BIO_get_md_ctx(b;mdcp)     BIO_ctrl(b;BIO_C_GET_MD_CTX;0; (PIdAnsiChar)(mdcp))
+  //# define BIO_set_md_ctx(b;mdcp)     BIO_ctrl(b;BIO_C_SET_MD_CTX;0; (PIdAnsiChar)(mdcp))
+  //# define BIO_get_cipher_status(b)   BIO_ctrl(b;BIO_C_GET_CIPHER_STATUS;0;NULL)
+  //# define BIO_get_cipher_ctx(b;c_pp) BIO_ctrl(b;BIO_C_GET_CIPHER_CTX;0; (PIdAnsiChar)(c_pp))
+
+  //function EVP_Cipher(c: PEVP_CIPHER_CTX; &out: PByte; const &in: PByte; in1: TIdC_UINT): TIdC_INT;
+
+  //# define EVP_add_cipher_alias(n;alias) OBJ_NAME_add((alias);OBJ_NAME_TYPE_CIPHER_METH|OBJ_NAME_ALIAS;(n))
+  //# define EVP_add_digest_alias(n;alias) OBJ_NAME_add((alias);OBJ_NAME_TYPE_MD_METH|OBJ_NAME_ALIAS;(n))
+  //# define EVP_delete_cipher_alias(alias) OBJ_NAME_remove(alias;OBJ_NAME_TYPE_CIPHER_METH|OBJ_NAME_ALIAS);
+  //# define EVP_delete_digest_alias(alias) OBJ_NAME_remove(alias;OBJ_NAME_TYPE_MD_METH|OBJ_NAME_ALIAS);
+
+  function EVP_MD_CTX_ctrl(ctx: PEVP_MD_CTX; cmd: TIdC_INT; p1: TIdC_INT; p2: Pointer): TIdC_INT;
+  function EVP_MD_CTX_new: PEVP_MD_CTX;
+  function EVP_MD_CTX_reset(ctx: PEVP_MD_CTX): TIdC_INT;
+  procedure EVP_MD_CTX_free(ctx: PEVP_MD_CTX);
+  //# define EVP_MD_CTX_create()     EVP_MD_CTX_new()
+  //# define EVP_MD_CTX_init(ctx)    EVP_MD_CTX_reset((ctx))
+  //# define EVP_MD_CTX_destroy(ctx) EVP_MD_CTX_free((ctx))
+  function EVP_MD_CTX_copy_ex(&out: PEVP_MD_CTX; const &in: PEVP_MD_CTX): TIdC_INT;
+  procedure EVP_MD_CTX_set_flags(ctx: PEVP_MD_CTX; flags: TIdC_INT);
+  procedure EVP_MD_CTX_clear_flags(ctx: PEVP_MD_CTX; flags: TIdC_INT);
+  function EVP_MD_CTX_test_flags(const ctx: PEVP_MD_CTX; flags: TIdC_INT): TIdC_INT;
+  function EVP_DigestInit_ex(ctx: PEVP_MD_CTX; const &type: PEVP_MD; impl: PENGINE): TIdC_INT;
+  function EVP_DigestUpdate(ctx: PEVP_MD_CTX; const d: Pointer; cnt: TIdC_SIZET): TIdC_INT;
+  function EVP_DigestFinal_ex(ctx: PEVP_MD_CTX; md: PByte; s: PIdC_UINT): TIdC_INT;
+  function EVP_Digest(const data: Pointer; count: TIdC_SIZET; md: PByte; size: PIdC_UINT; const &type: PEVP_MD; impl: PENGINE): TIdC_INT;
+
+  function EVP_MD_CTX_copy(&out: PEVP_MD_CTX; const &in: PEVP_MD_CTX): TIdC_INT;
+  function EVP_DigestInit(ctx: PEVP_MD_CTX; const &type: PEVP_MD): TIdC_INT;
+  function EVP_DigestFinal(ctx: PEVP_MD_CTX; md: PByte; s: PIdC_UINT): TIdC_INT;
+  function EVP_DigestFinalXOF(ctx: PEVP_MD_CTX; md: PByte; len: TIdC_SIZET): TIdC_INT;
+
+  function EVP_read_pw_string(buf: PIdAnsiChar; length: TIdC_INT; const prompt: PIdAnsiChar; verify: TIdC_INT): TIdC_INT;
+  function EVP_read_pw_string_min(buf: PIdAnsiChar; minlen: TIdC_INT; maxlen: TIdC_INT; const prompt: PIdAnsiChar; verify: TIdC_INT): TIdC_INT;
+  procedure EVP_set_pw_prompt(const prompt: PIdAnsiChar);
+  function EVP_get_pw_prompt: PIdAnsiChar;
+  function EVP_BytesToKey(const &type: PEVP_CIPHER; const md: PEVP_MD; const salt: PByte; const data: PByte; data1: TIdC_INT; count: TIdC_INT; key: PByte; iv: PByte): TIdC_INT;
+
+  procedure EVP_CIPHER_CTX_set_flags(ctx: PEVP_CIPHER_CTX; flags: TIdC_INT);
+  procedure EVP_CIPHER_CTX_clear_flags(ctx: PEVP_CIPHER_CTX; flags: TIdC_INT);
+  function EVP_CIPHER_CTX_test_flags(const ctx: PEVP_CIPHER_CTX; flags: TIdC_INT): TIdC_INT;
+
+  function EVP_EncryptInit(ctx: PEVP_CIPHER_CTX; const cipher: PEVP_CIPHER; const key: PByte; const iv: PByte): TIdC_INT;
+  function EVP_EncryptInit_ex(ctx: PEVP_CIPHER_CTX; const cipher: PEVP_CIPHER; impl: PENGINE; const key: PByte; const iv: PByte): TIdC_INT;
+  function EVP_EncryptUpdate(ctx: PEVP_CIPHER_CTX; &out: PByte; out1: PIdC_INT; const &in: PByte; &in1: TIdC_INT): TIdC_INT;
+  function EVP_EncryptFinal_ex(ctx: PEVP_CIPHER_CTX; &out: PByte; out1: PIdC_INT): TIdC_INT;
+  function EVP_EncryptFinal(ctx: PEVP_CIPHER_CTX; &out: PByte; out1: PIdC_INT): TIdC_INT;
+
+  function EVP_DecryptInit(ctx: PEVP_CIPHER_CTX; &out: PByte; out1: PidC_INT): TIdC_INT;
+  function EVP_DecryptInit_ex(ctx: PEVP_CIPHER_CTX; const cipher: PEVP_CIPHER; impl: PENGINE; const key: PByte; const iv: PByte): TIdC_INT;
+  function EVP_DecryptUpdate(ctx: PEVP_CIPHER_CTX; &out: PByte; out1: PIdC_INT; const &in: PByte; &in1: TIdC_INT): TIdC_INT;
+  function EVP_DecryptFinal(ctx: PEVP_CIPHER_CTX; outm: PByte; out1: PIdC_INT): TIdC_INT;
+  function EVP_DecryptFinal_ex(ctx: PEVP_MD_CTX; outm: PByte; out1: PIdC_INT): TIdC_INT;
+
+  function EVP_CipherInit(ctx: PEVP_CIPHER_CTX; const cipher: PEVP_CIPHER; const key: PByte; const iv: PByte; enc: TIdC_INT): TIdC_INT;
+  function EVP_CipherInit_ex(ctx: PEVP_CIPHER_CTX; const cipher: PEVP_CIPHER; impl: PENGINE; const key: PByte; const iv: PByte; enc: TidC_INT): TIdC_INT;
+  function EVP_CipherUpdate(ctx: PEVP_CIPHER_CTX; &out: PByte; out1: PIdC_INT; const &in: PByte; in1: TIdC_INT): TIdC_INT;
+  function EVP_CipherFinal(ctx: PEVP_CIPHER_CTX; outm: PByte; out1: PIdC_INT): TIdC_INT;
+  function EVP_CipherFinal_ex(ctx: PEVP_CIPHER_CTX; outm: PByte; out1: PIdC_INT): TIdC_INT;
+
+  function EVP_SignFinal(ctx: PEVP_CIPHER_CTX; md: PByte; s: PIdC_UINT; pkey: PEVP_PKEY): TIdC_INT;
+
+  function EVP_DigestSign(ctx: PEVP_CIPHER_CTX; sigret: PByte; siglen: PIdC_SIZET; const tbs: PByte; tbslen: TIdC_SIZET): TIdC_INT;
+
+  function EVP_VerifyFinal(ctx: PEVP_MD_CTX; const sigbuf: PByte; siglen: TIdC_UINT; pkey: PEVP_PKEY): TIdC_INT;
+
+  function EVP_DigestVerify(ctx: PEVP_CIPHER_CTX; const sigret: PByte; siglen: TIdC_SIZET; const tbs: PByte; tbslen: TIdC_SIZET): TIdC_INT;
+
+  function EVP_DigestSignInit(ctx: PEVP_CIPHER_CTX; pctx: PPEVP_PKEY_CTX; const &type: PEVP_MD; e: PENGINE; pkey: PEVP_PKEY): TIdC_INT;
+  function EVP_DigestSignFinal(ctx: PEVP_CIPHER_CTX; sigret: PByte; siglen: PIdC_SIZET): TIdC_INT;
+
+  function EVP_DigestVerifyInit(ctx: PEVP_MD_CTX; ppctx: PPEVP_PKEY_CTX; const &type: PEVP_MD; e: PENGINE; pkey: PEVP_PKEY): TIdC_INT;
+  function EVP_DigestVerifyFinal(ctx: PEVP_MD_CTX; const sig: PByte; siglen: TIdC_SIZET): TIdC_INT;
+
+  function EVP_OpenInit(ctx: PEVP_CIPHER_CTX; const &type: PEVP_CIPHER; const ek: PByte; ek1: TIdC_INT; const iv: PByte; priv: PEVP_PKEY): TIdC_INT;
+  function EVP_OpenFinal(ctx: PEVP_CIPHER_CTX; &out: PByte; out1: PIdC_INT): TIdC_INT;
+
+  function EVP_SealInit(ctx: PEVP_CIPHER_CTX; const &type: EVP_CIPHER; ek: PPByte; ek1: PIdC_INT; iv: PByte; pubk: PPEVP_PKEY; npubk: TIdC_INT): TIdC_INT;
+  function EVP_SealFinal(ctx: PEVP_CIPHER_CTX; &out: PByte; out1: PIdC_INT): TIdC_INT;
+
+  function EVP_ENCODE_CTX_new: PEVP_ENCODE_CTX;
+  procedure EVP_ENCODE_CTX_free(ctx: PEVP_ENCODE_CTX);
+  function EVP_ENCODE_CTX_copy(dctx: PEVP_ENCODE_CTX; sctx: PEVP_ENCODE_CTX): TIdC_INT;
+  function EVP_ENCODE_CTX_num(ctx: PEVP_ENCODE_CTX): TIdC_INT;
+  procedure EVP_EncodeInit(ctx: PEVP_ENCODE_CTX);
+  function EVP_EncodeUpdate(ctx: PEVP_ENCODE_CTX; &out: PByte; out1: PIdC_INT; const &in: PByte; in1: TIdC_INT): TIdC_INT;
+  procedure EVP_EncodeFinal(ctx: PEVP_ENCODE_CTX; &out: PByte; out1: PIdC_INT);
+  function EVP_EncodeBlock(t: PByte; const f: PByte; n: TIdC_INT): TIdC_INT;
+
+  procedure EVP_DecodeInit(ctx: PEVP_ENCODE_CTX);
+  function EVP_DecodeUpdate(ctx: PEVP_ENCODE_CTX; &out: PByte; out1: PIdC_INT; const &in: PByte; in1: TIdC_INT): TIdC_INT;
+  function EVP_DecodeFinal(ctx: PEVP_ENCODE_CTX; &out: PByte; out1: PIdC_INT): TIdC_INT;
+  function EVP_DecodeBlock(t: PByte; const f: PByte; n: TIdC_INT): TIdC_INT;
+
+  function EVP_CIPHER_CTX_new: PEVP_CIPHER_CTX;
+  function EVP_CIPHER_CTX_reset(c: PEVP_CIPHER_CTX): TIdC_INT;
+  procedure EVP_CIPHER_CTX_free(c: PEVP_CIPHER_CTX);
+  function EVP_CIPHER_CTX_set_key_length(x: PEVP_CIPHER_CTX; keylen: TIdC_INT): TIdC_INT;
+  function EVP_CIPHER_CTX_set_padding(c: PEVP_CIPHER_CTX; pad: TIdC_INT): TIdC_INT;
+  function EVP_CIPHER_CTX_ctrl(ctx: PEVP_CIPHER_CTX; &type: TIdC_INT; arg: TIdC_INT; ptr: Pointer): TIdC_INT;
+  function EVP_CIPHER_CTX_rand_key(ctx: PEVP_CIPHER_CTX; key: PByte): TIdC_INT;
+
+  function BIO_f_md: PBIO_METHOD;
+  function BIO_f_base64: PBIO_METHOD;
+  function BIO_f_cipher: PBIO_METHOD;
+  function BIO_f_reliable: PBIO_METHOD;
+  function BIO_set_cipher(b: PBIO; c: PEVP_CIPHER; const k: PByte; const i: PByte; enc: TIdC_INT): TIdC_INT;
+
+  function EVP_md_null: PEVP_MD;
+
+  function EVP_md5: PEVP_MD;
+  function EVP_md5_sha1: PEVP_MD;
+
+  function EVP_sha1: PEVP_MD;
+  function EVP_sha224: PEVP_MD;
+  function EVP_sha256: PEVP_MD;
+  function EVP_sha384: PEVP_MD;
+  function EVP_sha512: PEVP_MD;
+  function EVP_sha512_224: PEVP_MD;
+  function EVP_sha512_256: PEVP_MD;
+  function EVP_sha3_224: PEVP_MD;
+  function EVP_sha3_256: PEVP_MD;
+  function EVP_sha3_384: PEVP_MD;
+  function EVP_sha3_512: PEVP_MD;
+  function EVP_shake128: PEVP_MD;
+  function EVP_shake256: PEVP_MD;
+
+  (* does nothing :-) *)
+  function EVP_enc_null: PEVP_CIPHER;
+
+  function EVP_des_ecb: PEVP_CIPHER;
+  function EVP_des_ede: PEVP_CIPHER;
+  function EVP_des_ede3: PEVP_CIPHER;
+  function EVP_des_ede_ecb: PEVP_CIPHER;
+  function EVP_des_ede3_ecb: PEVP_CIPHER;
+  function EVP_des_cfb64: PEVP_CIPHER;
+  //EVP_des_cfb EVP_des_cfb64
+  function EVP_des_cfb1: PEVP_CIPHER;
+  function EVP_des_cfb8: PEVP_CIPHER;
+  function EVP_des_ede_cfb64: PEVP_CIPHER;
+  function EVP_des_ede3_cfb64: PEVP_CIPHER;
+  //EVP_des_ede3_cfb EVP_des_ede3_cfb64
+  function EVP_des_ede3_cfb1: PEVP_CIPHER;
+  function EVP_des_ede3_cfb8: PEVP_CIPHER;
+  function EVP_des_ofb: PEVP_CIPHER;
+  function EVP_des_ede_ofb: PEVP_CIPHER;
+  function EVP_des_ede3_ofb: PEVP_CIPHER;
+  function EVP_des_cbc: PEVP_CIPHER;
+  function EVP_des_ede_cbc: PEVP_CIPHER;
+  function EVP_des_ede3_cbc: PEVP_CIPHER;
+  function EVP_desx_cbc: PEVP_CIPHER;
+  function EVP_des_ede3_wrap: PEVP_CIPHER;
+  //
+  // This should now be supported through the dev_crypto ENGINE. But also, why
+  // are rc4 and md5 declarations made here inside a "NO_DES" precompiler
+  // branch?
+  //
+  function EVP_rc4: PEVP_CIPHER;
+  function EVP_rc4_40: PEVP_CIPHER;
+  function EVP_idea_ecb: PEVP_CIPHER;
+  function EVP_idea_cfb64: PEVP_CIPHER;
+  //EVP_idea_cfb EVP_idea_cfb64
+  function EVP_idea_ofb: PEVP_CIPHER;
+  function EVP_idea_cbc: PEVP_CIPHER;
+  function EVP_rc2_ecb: PEVP_CIPHER;
+  function EVP_rc2_cbc: PEVP_CIPHER;
+  function EVP_rc2_40_cbc: PEVP_CIPHER;
+  function EVP_rc2_64_cbc: PEVP_CIPHER;
+  function EVP_rc2_cfb64: PEVP_CIPHER;
+  //EVP_rc2_cfb EVP_rc2_cfb64
+  function EVP_rc2_ofb: PEVP_CIPHER;
+  function EVP_bf_ecb: PEVP_CIPHER;
+  function EVP_bf_cbc: PEVP_CIPHER;
+  function EVP_bf_cfb64: PEVP_CIPHER;
+  //EVP_bf_cfb EVP_bf_cfb64
+  function EVP_bf_ofb: PEVP_CIPHER;
+  function EVP_cast5_ecb: PEVP_CIPHER;
+  function EVP_cast5_cbc: PEVP_CIPHER;
+  function EVP_cast5_cfb64: PEVP_CIPHER;
+  //EVP_cast5_cfb EVP_cast5_cfb64
+  function EVP_cast5_ofb: PEVP_CIPHER;
+  function EVP_rc5_32_12_16_cbc: PEVP_CIPHER;
+  function EVP_rc5_32_12_16_ecb: PEVP_CIPHER;
+  function EVP_rc5_32_12_16_cfb64: PEVP_CIPHER;
+  //EVP_rc5_32_12_16_cfb EVP_rc5_32_12_16_cfb64
+  function EVP_rc5_32_12_16_ofb: PEVP_CIPHER;
+
+  function EVP_aes_128_ecb: PEVP_CIPHER;
+  function EVP_aes_128_cbc: PEVP_CIPHER;
+  function EVP_aes_128_cfb1: PEVP_CIPHER;
+  function EVP_aes_128_cfb8: PEVP_CIPHER;
+  function EVP_aes_128_cfb128: PEVP_CIPHER;
+  //EVP_aes_128_cfb EVP_aes_128_cfb128
+  function EVP_aes_128_ofb: PEVP_CIPHER;
+  function EVP_aes_128_ctr: PEVP_CIPHER;
+  function EVP_aes_128_ccm: PEVP_CIPHER;
+  function EVP_aes_128_gcm: PEVP_CIPHER;
+  function EVP_aes_128_xts: PEVP_CIPHER;
+  function EVP_aes_128_wrap: PEVP_CIPHER;
+  function EVP_aes_128_wrap_pad: PEVP_CIPHER;
+  function EVP_aes_128_ocb: PEVP_CIPHER;
+  function EVP_aes_192_ecb: PEVP_CIPHER;
+  function EVP_aes_192_cbc: PEVP_CIPHER;
+  function EVP_aes_192_cfb1: PEVP_CIPHER;
+  function EVP_aes_192_cfb8: PEVP_CIPHER;
+  function EVP_aes_192_cfb128: PEVP_CIPHER;
+  //EVP_aes_192_cfb EVP_aes_192_cfb128
+  function EVP_aes_192_ofb: PEVP_CIPHER;
+  function EVP_aes_192_ctr: PEVP_CIPHER;
+  function EVP_aes_192_ccm: PEVP_CIPHER;
+  function EVP_aes_192_gcm: PEVP_CIPHER;
+  function EVP_aes_192_wrap: PEVP_CIPHER;
+  function EVP_aes_192_wrap_pad: PEVP_CIPHER;
+  function EVP_aes_192_ocb: PEVP_CIPHER;
+  function EVP_aes_256_ecb: PEVP_CIPHER;
+  function EVP_aes_256_cbc: PEVP_CIPHER;
+  function EVP_aes_256_cfb1: PEVP_CIPHER;
+  function EVP_aes_256_cfb8: PEVP_CIPHER;
+  function EVP_aes_256_cfb128: PEVP_CIPHER;
+  //EVP_aes_256_cfb EVP_aes_256_cfb128
+  function EVP_aes_256_ofb: PEVP_CIPHER;
+  function EVP_aes_256_ctr: PEVP_CIPHER;
+  function EVP_aes_256_ccm: PEVP_CIPHER;
+  function EVP_aes_256_gcm: PEVP_CIPHER;
+  function EVP_aes_256_xts: PEVP_CIPHER;
+  function EVP_aes_256_wrap: PEVP_CIPHER;
+  function EVP_aes_256_wrap_pad: PEVP_CIPHER;
+  function EVP_aes_256_ocb: PEVP_CIPHER;
+  function EVP_aes_128_cbc_hmac_sha1: PEVP_CIPHER;
+  function EVP_aes_256_cbc_hmac_sha1: PEVP_CIPHER;
+  function EVP_aes_128_cbc_hmac_sha256: PEVP_CIPHER;
+  function EVP_aes_256_cbc_hmac_sha256: PEVP_CIPHER;
+
+  function EVP_aria_128_ecb: PEVP_CIPHER;
+  function EVP_aria_128_cbc: PEVP_CIPHER;
+  function EVP_aria_128_cfb1: PEVP_CIPHER;
+  function EVP_aria_128_cfb8: PEVP_CIPHER;
+  function EVP_aria_128_cfb128: PEVP_CIPHER;
+  function EVP_aria_128_ctr: PEVP_CIPHER;
+  function EVP_aria_128_ofb: PEVP_CIPHER;
+  function EVP_aria_128_gcm: PEVP_CIPHER;
+  function EVP_aria_128_ccm: PEVP_CIPHER;
+  function EVP_aria_192_ecb: PEVP_CIPHER;
+  function EVP_aria_192_cbc: PEVP_CIPHER;
+  function EVP_aria_192_cfb1: PEVP_CIPHER;
+  function EVP_aria_192_cfb8: PEVP_CIPHER;
+  function EVP_aria_192_cfb128: PEVP_CIPHER;
+  //EVP_aria_192_cfb EVP_aria_192_cfb128
+  function EVP_aria_192_ctr: PEVP_CIPHER;
+  function EVP_aria_192_ofb: PEVP_CIPHER;
+  function EVP_aria_192_gcm: PEVP_CIPHER;
+  function EVP_aria_192_ccm: PEVP_CIPHER;
+  function EVP_aria_256_ecb: PEVP_CIPHER;
+  function EVP_aria_256_cbc: PEVP_CIPHER;
+  function EVP_aria_256_cfb1: PEVP_CIPHER;
+  function EVP_aria_256_cfb8: PEVP_CIPHER;
+  function EVP_aria_256_cfb128: PEVP_CIPHER;
+  //EVP_aria_256_cfb EVP_aria_256_cfb128
+  function EVP_aria_256_ctr: PEVP_CIPHER;
+  function EVP_aria_256_ofb: PEVP_CIPHER;
+  function EVP_aria_256_gcm: PEVP_CIPHER;
+  function EVP_aria_256_ccm: PEVP_CIPHER;
+
+  function EVP_camellia_128_ecb: PEVP_CIPHER;
+  function EVP_camellia_128_cbc: PEVP_CIPHER;
+  function EVP_camellia_128_cfb1: PEVP_CIPHER;
+  function EVP_camellia_128_cfb8: PEVP_CIPHER;
+  function EVP_camellia_128_cfb128: PEVP_CIPHER;
+  //EVP_camellia_128_cfb EVP_camellia_128_cfb128
+  function EVP_camellia_128_ofb: PEVP_CIPHER;
+  function EVP_camellia_128_ctr: PEVP_CIPHER;
+  function EVP_camellia_192_ecb: PEVP_CIPHER;
+  function EVP_camellia_192_cbc: PEVP_CIPHER;
+  function EVP_camellia_192_cfb1: PEVP_CIPHER;
+  function EVP_camellia_192_cfb8: PEVP_CIPHER;
+  function EVP_camellia_192_cfb128: PEVP_CIPHER;
+  //EVP_camellia_192_cfb EVP_camellia_192_cfb128
+  function EVP_camellia_192_ofb: PEVP_CIPHER;
+  function EVP_camellia_192_ctr: PEVP_CIPHER;
+  function EVP_camellia_256_ecb: PEVP_CIPHER;
+  function EVP_camellia_256_cbc: PEVP_CIPHER;
+  function EVP_camellia_256_cfb1: PEVP_CIPHER;
+  function EVP_camellia_256_cfb8: PEVP_CIPHER;
+  function EVP_camellia_256_cfb128: PEVP_CIPHER;
+  //EVP_camellia_256_cfb EVP_camellia_256_cfb128
+  function EVP_camellia_256_ofb: PEVP_CIPHER;
+  function EVP_camellia_256_ctr: PEVP_CIPHER;
+
+  function EVP_chacha20: PEVP_CIPHER;
+  function EVP_chacha20_poly1305: PEVP_CIPHER;
+
+  function EVP_seed_ecb: PEVP_CIPHER;
+  function EVP_seed_cbc: PEVP_CIPHER;
+  function EVP_seed_cfb128: PEVP_CIPHER;
+  //EVP_seed_cfb EVP_seed_cfb128
+  function EVP_seed_ofb: PEVP_CIPHER;
+
+  function EVP_sm4_ecb: PEVP_CIPHER;
+  function EVP_sm4_cbc: PEVP_CIPHER;
+  function EVP_sm4_cfb128: PEVP_CIPHER;
+  //EVP_sm4_cfb EVP_sm4_cfb128
+  function EVP_sm4_ofb: PEVP_CIPHER;
+  function EVP_sm4_ctr: PEVP_CIPHER;
+
+  function EVP_add_cipher(const cipher: PEVP_CIPHER): TIdC_INT;
+  function EVP_add_digest(const digest: PEVP_MD): TIdC_INT;
+
+  function EVP_get_cipherbyname(const name: PIdAnsiChar): PEVP_CIPHER;
+  function EVP_get_digestbyname(const name: PIdAnsiChar): PEVP_MD;
+
+  procedure EVP_CIPHER_do_all(AFn: fn; arg: Pointer);
+  procedure EVP_CIPHER_do_all_sorted(AFn: fn; arg: Pointer);
+
+  procedure EVP_MD_do_all(AFn: fn; arg: Pointer);
+  procedure EVP_MD_do_all_sorted(AFn: fn; arg: Pointer);
+
+  function EVP_PKEY_decrypt_old(dec_key: PByte; const enc_key: PByte; enc_key_len: TIdC_INT; private_key: PEVP_PKEY): TIdC_INT;
+  function EVP_PKEY_encrypt_old(dec_key: PByte; const enc_key: PByte; key_len: TIdC_INT; pub_key: PEVP_PKEY): TIdC_INT;
+  function EVP_PKEY_type(&type: TIdC_INT): TIdC_INT;
+  function EVP_PKEY_id(const pkey: PEVP_PKEY): TIdC_INT;
+  function EVP_PKEY_base_id(const pkey: PEVP_PKEY): TIdC_INT;
+  function EVP_PKEY_bits(const pkey: PEVP_PKEY): TIdC_INT;
+  function EVP_PKEY_security_bits(const pkey: PEVP_PKEY): TIdC_INT;
+  function EVP_PKEY_size(const pkey: PEVP_PKEY): TIdC_INT;
+  function EVP_PKEY_set_type(pkey: PEVP_PKEY): TIdC_INT;
+  function EVP_PKEY_set_type_str(pkey: PEVP_PKEY; const str: PIdAnsiChar; len: TIdC_INT): TIdC_INT;
+  function EVP_PKEY_set_alias_type(pkey: PEVP_PKEY; &type: TIdC_INT): TIdC_INT;
+
+  function EVP_PKEY_set1_engine(pkey: PEVP_PKEY; e: PENGINE): TIdC_INT;
+  function EVP_PKEY_get0_engine(const pkey: PEVP_PKEY): PENGINE;
+
+  function EVP_PKEY_assign(pkey: PEVP_PKEY; &type: TIdC_INT; key: Pointer): TIdC_INT;
+  function EVP_PKEY_get0(const pkey: PEVP_PKEY): Pointer;
+  function EVP_PKEY_get0_hmac(const pkey: PEVP_PKEY; len: PIdC_SIZET): PByte;
+  function EVP_PKEY_get0_poly1305(const pkey: PEVP_PKEY; len: PIdC_SIZET): PByte;
+  function EVP_PKEY_get0_siphash(const pkey: PEVP_PKEY; len: PIdC_SIZET): PByte;
+
+  function EVP_PKEY_set1_RSA(pkey: PEVP_PKEY): TIdC_INT;
+  function EVP_PKEY_get0_RSA(pkey: PEVP_PKEY): Prsa_st;
+  function EVP_PKEY_get1_RSA(pkey: PEVP_PKEY): Prsa_st;
+
+  function EVP_PKEY_set1_DSA(pkey: PEVP_PKEY): TIdC_INT;
+  function EVP_PKEY_get0_DSA(pkey: PEVP_PKEY): Pdsa_st;
+  function EVP_PKEY_get1_DSA(pkey: PEVP_PKEY): Pdsa_st;
+
+  function EVP_PKEY_set1_DH(pkey: PEVP_PKEY; key: Pdh_st): TIdC_INT;
+  function EVP_PKEY_get0_DH(pkey: PEVP_PKEY): Pdh_st;
+  function EVP_PKEY_get1_DH(pkey: PEVP_PKEY): Pdh_st;
+
+  function EVP_PKEY_set1_EC_KEY(pkey: PEVP_PKEY; key: Pec_key_st): TIdC_INT;
+  function EVP_PKEY_get0_EC_KEY(pkey: PEVP_PKEY): Pec_key_st;
+  function EVP_PKEY_get1_EC_KEY(pkey: PEVP_PKEY): Pec_key_st;
+
+  function EVP_PKEY_new: PEVP_PKEY;
+  function EVP_PKEY_up_ref(pkey: PEVP_PKEY): TIdC_INT;
+  procedure EVP_PKEY_free(pkey: PEVP_PKEY);
+
+  function d2i_PublicKey(&type: TIdC_INT; a: PPEVP_PKEY; const pp: PPByte; length: TIdC_LONG): PEVP_PKEY;
+  function i2d_PublicKey(a: PEVP_PKEY; pp: PPByte): TIdC_INT;
+
+  function d2i_PrivateKey(&type: TIdC_INT; a: PEVP_PKEY; const pp: PPByte; length: TIdC_LONG): PEVP_PKEY;
+  function d2i_AutoPrivateKey(a: PPEVP_PKEY; const pp: PPByte; length: TIdC_LONG): PEVP_PKEY;
+  function i2d_PrivateKey(a: PEVP_PKEY; pp: PPByte): TIdC_INT;
+
+  function EVP_PKEY_copy_parameters(&to: PEVP_PKEY; const from: PEVP_PKEY): TIdC_INT;
+  function EVP_PKEY_missing_parameters(const pkey: PEVP_PKEY): TIdC_INT;
+  function EVP_PKEY_save_parameters(pkey: PEVP_PKEY; mode: TIdC_INT): TIdC_INT;
+  function EVP_PKEY_cmp_parameters(const a: PEVP_PKEY; const b: PEVP_PKEY): TIdC_INT;
+
+  function EVP_PKEY_cmp(const a: PEVP_PKEY; const b: PEVP_PKEY): TIdC_INT;
+
+  function EVP_PKEY_print_public(&out: PBIO; const pkey: PEVP_PKEY; indent: TIdC_INT; pctx: PASN1_PCTX): TIdC_INT;
+  function EVP_PKEY_print_private(&out: PBIO; const pkey: PEVP_PKEY; indent: TIdC_INT; pctx: PASN1_PCTX): TIdC_INT;
+  function EVP_PKEY_print_params(&out: PBIO; const pkey: PEVP_PKEY; indent: TIdC_INT; pctx: PASN1_PCTX): TIdC_INT;
+
+  function EVP_PKEY_get_default_digest_nid(pkey: PEVP_PKEY; pnid: PIdC_INT): TIdC_INT;
+
+  function EVP_PKEY_set1_tls_encodedpoint(pkey: PEVP_PKEY; const pt: PByte; ptlen: TIdC_SIZET): TIdC_INT;
+  function EVP_PKEY_get1_tls_encodedpoint(pkey: PEVP_PKEY; ppt: PPByte): TIdC_SIZET;
+
+  function EVP_CIPHER_type(const ctx: PEVP_CIPHER): TIdC_INT;
+
+  (* calls methods *)
+  function EVP_CIPHER_param_to_asn1(c: PEVP_CIPHER_CTX; &type: PASN1_TYPE): TIdC_INT;
+  function EVP_CIPHER_asn1_to_param(c: PEVP_CIPHER_CTX; &type: PASN1_TYPE): TIdC_INT;
+
+  (* These are used by EVP_CIPHER methods *)
+  function EVP_CIPHER_set_asn1_iv(c: PEVP_CIPHER_CTX; &type: PASN1_TYPE): TIdC_INT;
+  function EVP_CIPHER_get_asn1_iv(c: PEVP_CIPHER_CTX; &type: PASN1_TYPE): TIdC_INT;
+
+  (* PKCS5 password based encryption *)
+  function PKCS5_PBE_keyivgen(ctx: PEVP_CIPHER_CTX; const pass: PIdAnsiChar; passlen: TIdC_INT; param: PASN1_TYPE; const cipher: PEVP_CIPHER; const md: PEVP_MD; en_de: TIdC_INT): TIdC_INT;
+  function PKCS5_PBKDF2_HMAC_SHA1(const pass: PIdAnsiChar; passlen: TIdC_INT; const salt: PByte; saltlen: TIdC_INT; iter: TIdC_INT; keylen: TIdC_INT; &out: PByte): TIdC_INT;
+  function PKCS5_PBKDF2_HMAC(const pass: PIdAnsiChar; passlen: TIdC_INT; const salt: PByte; saltlen: TIdC_INT; iter: TIdC_INT; const digest: PEVP_MD; keylen: TIdC_INT; &out: PByte): TIdC_INT;
+  function PKCS5_v2_PBE_keyivgen(ctx: PEVP_CIPHER_CTX; const pass: PIdAnsiChar; passlen: TIdC_INT; param: PASN1_TYPE; const cipher: PEVP_CIPHER; const md: PEVP_MD; en_de: TIdC_INT): TIdC_INT;
+
+  function EVP_PBE_scrypt(const pass: PIdAnsiChar; passlen: TIdC_SIZET; const salt: PByte; saltlen: TIdC_SIZET; N: TIdC_UINT64; r: TIdC_UINT64; p: TIdC_UINT64; maxmem: TIdC_UINT64; key: PByte; keylen: TIdC_SIZET): TIdC_INT;
+
+  function PKCS5_v2_scrypt_keyivgen(ctx: PEVP_CIPHER_CTX; const pass: PIdAnsiChar; passlen: TIdC_INT; param: PASN1_TYPE; const c: PEVP_CIPHER; const md: PEVP_MD; en_de: TIdC_INT): TIdC_INT;
+
+  procedure PKCS5_PBE_add;
+
+  function EVP_PBE_CipherInit(pbe_obj: PASN1_OBJECT; const pass: PIdAnsiChar; passlen: TIdC_INT; param: PASN1_TYPE; ctx: PEVP_CIPHER_CTX; en_de: TIdC_INT): TIdC_INT;
+
+  (* PBE type *)
+  function EVP_PBE_alg_add_type(pbe_type: TIdC_INT; pbe_nid: TIdC_INT; cipher_nid: TIdC_INT; md_nid: TIdC_INT; keygen: PEVP_PBE_KEYGEN): TIdC_INT;
+  function EVP_PBE_alg_add(nid: TIdC_INT; const cipher: PEVP_CIPHER; const md: PEVP_MD; keygen: PEVP_PBE_KEYGEN): TIdC_INT;
+  function EVP_PBE_find(&type: TIdC_INT; pbe_nid: TIdC_INT; pcnid: PIdC_INT; pmnid: PIdC_INT; pkeygen: PPEVP_PBE_KEYGEN): TIdC_INT;
+  procedure EVP_PBE_cleanup;
+  function EVP_PBE_get(ptype: PIdC_INT; ppbe_nid: PIdC_INT; num: TIdC_SIZET): TIdC_INT;
+
+  function EVP_PKEY_asn1_get_count: TIdC_INT;
+  function EVP_PKEY_asn1_get0(idx: TIdC_INT): PEVP_PKEY_ASN1_METHOD;
+  function EVP_PKEY_asn1_find(pe: PPENGINE; &type: TIdC_INT): PEVP_PKEY_ASN1_METHOD;
+  function EVP_PKEY_asn1_find_str(pe: PPENGINE; const str: PIdAnsiChar; len: TIdC_INT): PEVP_PKEY_ASN1_METHOD;
+  function EVP_PKEY_asn1_add0(const ameth: PEVP_PKEY_ASN1_METHOD): TIdC_INT;
+  function EVP_PKEY_asn1_add_alias(&to: TIdC_INT; from: TIdC_INT): TIdC_INT;
+  function EVP_PKEY_asn1_get0_info(ppkey_id: PIdC_INT; pkey_base_id: PIdC_INT; ppkey_flags: PIdC_INT; const pinfo: PPIdAnsiChar; const ppem_str: PPIdAnsiChar; const ameth: PEVP_PKEY_ASN1_METHOD): TIdC_INT;
+
+  function EVP_PKEY_get0_asn1(const pkey: PEVP_PKEY): PEVP_PKEY_ASN1_METHOD;
+  function EVP_PKEY_asn1_new(id: TIdC_INT; flags: TIdC_INT; const pem_str: PIdAnsiChar; const info: PIdAnsiChar): PEVP_PKEY_ASN1_METHOD;
+  procedure EVP_PKEY_asn1_copy(dst: PEVP_PKEY_ASN1_METHOD; const src: PEVP_PKEY_ASN1_METHOD);
+  procedure EVP_PKEY_asn1_free(ameth: PEVP_PKEY_ASN1_METHOD);
+
+  procedure EVP_PKEY_asn1_set_public(ameth: PEVP_PKEY_ASN1_METHOD; APub_decode: pub_decode; APub_encode: pub_encode; APub_cmd: pub_cmd; APub_print: pub_print; APkey_size: pkey_size; APkey_bits: pkey_bits);
+  procedure EVP_PKEY_asn1_set_private(ameth: PEVP_PKEY_ASN1_METHOD; APriv_decode: priv_decode; APriv_encode: priv_encode; APriv_print: priv_print);
+  procedure EVP_PKEY_asn1_set_param(ameth: PEVP_PKEY_ASN1_METHOD; AParam_decode: param_decode; AParam_encode: param_encode; AParam_missing: param_missing; AParam_copy: param_copy; AParam_cmp: param_cmp; AParam_print: param_print);
+
+  procedure EVP_PKEY_asn1_set_free(ameth: PEVP_PKEY_ASN1_METHOD; APkey_free: pkey_free);
+  procedure EVP_PKEY_asn1_set_ctrl(ameth: PEVP_PKEY_ASN1_METHOD; APkey_ctrl: pkey_ctrl);
+  procedure EVP_PKEY_asn1_set_item(ameth: PEVP_PKEY_ASN1_METHOD; AItem_verify: item_verify; AItem_sign: item_sign);
+
+  procedure EVP_PKEY_asn1_set_siginf(ameth: PEVP_PKEY_ASN1_METHOD; ASiginf_set: siginf_set);
+
+  procedure EVP_PKEY_asn1_set_check(ameth: PEVP_PKEY_ASN1_METHOD; APkey_check: pkey_check);
+
+  procedure EVP_PKEY_asn1_set_public_check(ameth: PEVP_PKEY_ASN1_METHOD; APkey_pub_check: pkey_pub_check);
+
+  procedure EVP_PKEY_asn1_set_param_check(ameth: PEVP_PKEY_ASN1_METHOD; APkey_param_check: pkey_param_check);
+
+  procedure EVP_PKEY_asn1_set_set_priv_key(ameth: PEVP_PKEY_ASN1_METHOD; ASet_priv_key: set_priv_key);
+  procedure EVP_PKEY_asn1_set_set_pub_key(ameth: PEVP_PKEY_ASN1_METHOD; ASet_pub_key: set_pub_key);
+  procedure EVP_PKEY_asn1_set_get_priv_key(ameth: PEVP_PKEY_ASN1_METHOD; AGet_priv_key: get_priv_key);
+  procedure EVP_PKEY_asn1_set_get_pub_key(ameth: PEVP_PKEY_ASN1_METHOD; AGet_pub_key: get_pub_key);
+
+  procedure EVP_PKEY_asn1_set_security_bits(ameth: PEVP_PKEY_ASN1_METHOD; APkey_security_bits: pkey_security_bits);
+
+  function EVP_PKEY_meth_find(&type: TIdC_INT): PEVP_PKEY_METHOD;
+  function EVP_PKEY_meth_new(id: TIdC_INT; flags: TIdC_INT): PEVP_PKEY_METHOD;
+  procedure EVP_PKEY_meth_get0_info(ppkey_id: PIdC_INT; pflags: PIdC_INT; const meth: PEVP_PKEY_METHOD);
+  procedure EVP_PKEY_meth_copy(dst: PEVP_PKEY_METHOD; const src: PEVP_PKEY_METHOD);
+  procedure EVP_PKEY_meth_free(pmeth: PEVP_PKEY_METHOD);
+  function EVP_PKEY_meth_add0(const pmeth: PEVP_PKEY_METHOD): TIdC_INT;
+  function EVP_PKEY_meth_remove(const pmeth: PEVP_PKEY_METHOD): TIdC_INT;
+  function EVP_PKEY_meth_get_count: TIdC_SIZET;
+  function EVP_PKEY_meth_get0(idx: TIdC_SIZET): PEVP_PKEY_METHOD;
+
+  function EVP_PKEY_CTX_new(pkey: PEVP_PKEY; e: PENGINE): PEVP_PKEY_CTX;
+  function EVP_PKEY_CTX_new_id(id: TIdC_INT; e: PENGINE): PEVP_PKEY_CTX;
+  function EVP_PKEY_CTX_dup(ctx: PEVP_PKEY_CTX): PEVP_PKEY_CTX;
+  procedure EVP_PKEY_CTX_free(ctx: PEVP_PKEY_CTX);
+
+  function EVP_PKEY_CTX_ctrl(ctx: PEVP_PKEY_CTX; keytype: TIdC_INT; optype: TIdC_INT; cmd: TIdC_INT; p1: TIdC_INT; p2: Pointer): TIdC_INT;
+  function EVP_PKEY_CTX_ctrl_str(ctx: PEVP_PKEY_CTX; const &type: PIdAnsiChar; const value: PIdAnsiChar): TIdC_INT;
+  function EVP_PKEY_CTX_ctrl_uint64(ctx: PEVP_PKEY_CTX; keytype: TIdC_INT; optype: TIdC_INT; cmd: TIdC_INT; value: TIdC_UINT64): TIdC_INT;
+
+  function EVP_PKEY_CTX_str2ctrl(ctx: PEVP_PKEY_CTX; cmd: TIdC_INT; const str: PIdAnsiChar): TIdC_INT;
+  function EVP_PKEY_CTX_hex2ctrl(ctx: PEVP_PKEY_CTX; cmd: TIdC_INT; const hex: PIdAnsiChar): TIdC_INT;
+
+  function EVP_PKEY_CTX_md(ctx: PEVP_PKEY_CTX; optype: TIdC_INT; cmd: TIdC_INT; const md: PIdAnsiChar): TIdC_INT;
+
+  function EVP_PKEY_CTX_get_operation(ctx: PEVP_PKEY_CTX): TIdC_INT;
+  procedure EVP_PKEY_CTX_set0_keygen_info(ctx: PEVP_PKEY_CTX; dat: PIdC_INT; datlen: TIdC_INT);
+
+  function EVP_PKEY_new_mac_key(&type: TIdC_INT; e: PENGINE; const key: PByte; keylen: TIdC_INT): PEVP_PKEY;
+  function EVP_PKEY_new_raw_private_key(&type: TIdC_INT; e: PENGINE; const priv: PByte; len: TIdC_SIZET): PEVP_PKEY;
+  function EVP_PKEY_new_raw_public_key(&type: TIdC_INT; e: PENGINE; const pub: PByte; len: TIdC_SIZET): PEVP_PKEY;
+  function EVP_PKEY_get_raw_private_key(const pkey: PEVP_PKEY; priv: PByte; len: PIdC_SIZET): TIdC_INT;
+  function EVP_PKEY_get_raw_public_key(const pkey: PEVP_PKEY; pub: PByte; len: PIdC_SIZET): TIdC_INT;
+
+  function EVP_PKEY_new_CMAC_key(e: PENGINE; const priv: PByte; len: TIdC_SIZET; const cipher: PEVP_CIPHER): PEVP_PKEY;
+
+  procedure EVP_PKEY_CTX_set_data(ctx: PEVP_PKEY_CTX; data: Pointer);
+  function EVP_PKEY_CTX_get_data(ctx: PEVP_PKEY_CTX): Pointer;
+  function EVP_PKEY_CTX_get0_pkey(ctx: PEVP_PKEY_CTX): PEVP_PKEY;
+
+  function EVP_PKEY_CTX_get0_peerkey(ctx: PEVP_PKEY_CTX): PEVP_PKEY;
+
+  procedure EVP_PKEY_CTX_set_app_data(ctx: PEVP_PKEY_CTX; data: Pointer);
+  function EVP_PKEY_CTX_get_app_data(ctx: PEVP_PKEY_CTX): Pointer;
+
+  function EVP_PKEY_sign_init(ctx: PEVP_PKEY_CTX): TIdC_INT;
+  function EVP_PKEY_sign(ctx: PEVP_PKEY_CTX; sig: PByte; siglen: PIdC_SIZET; const tbs: PByte; tbslen: TIdC_SIZET): TIdC_INT;
+  function EVP_PKEY_verify_init(ctx: PEVP_PKEY_CTX): TIdC_INT;
+  function EVP_PKEY_verify(ctx: PEVP_PKEY_CTX; const sig: PByte; siglen: TIdC_SIZET; const tbs: PByte; tbslen: TIdC_SIZET): TIdC_INT;
+  function EVP_PKEY_verify_recover_init(ctx: PEVP_PKEY_CTX): TIdC_INT;
+  function EVP_PKEY_verify_recover(ctx: PEVP_PKEY_CTX; rout: PByte; routlen: PIdC_SIZET; const sig: PByte; siglen: TIdC_SIZET): TIdC_INT;
+  function EVP_PKEY_encrypt_init(ctx: PEVP_PKEY_CTX): TIdC_INT;
+  function EVP_PKEY_encrypt(ctx: PEVP_PKEY_CTX; &out: PByte; outlen: PIdC_SIZET; const &in: PByte; inlen: TIdC_SIZET): TIdC_INT;
+  function EVP_PKEY_decrypt_init(ctx: PEVP_PKEY_CTX): TIdC_INT;
+  function EVP_PKEY_decrypt(ctx: PEVP_PKEY_CTX; &out: PByte; outlen: PIdC_SIZET; const &in: PByte; inlen: TIdC_SIZET): TIdC_INT;
+
+  function EVP_PKEY_derive_init(ctx: PEVP_PKEY_CTX): TIdC_INT;
+  function EVP_PKEY_derive_set_peer(ctx: PEVP_PKEY_CTX; peer: PEVP_PKEY): TIdC_INT;
+  function EVP_PKEY_derive(ctx: PEVP_PKEY_CTX; key: PByte; keylen: PIdC_SIZET): TIdC_INT;
+
+  function EVP_PKEY_paramgen_init(ctx: PEVP_PKEY_CTX): TIdC_INT;
+  function EVP_PKEY_paramgen(ctx: PEVP_PKEY_CTX; ppkey: PPEVP_PKEY): TIdC_INT;
+  function EVP_PKEY_keygen_init(ctx: PEVP_PKEY_CTX): TIdC_INT;
+  function EVP_PKEY_keygen(ctx: PEVP_PKEY_CTX; ppkey: PPEVP_PKEY): TIdC_INT;
+  function EVP_PKEY_check(ctx: PEVP_PKEY_CTX): TIdC_INT;
+  function EVP_PKEY_public_check(ctx: PEVP_PKEY_CTX): TIdC_INT;
+  function EVP_PKEY_param_check(ctx: PEVP_PKEY_CTX): TIdC_INT;
+
+  procedure EVP_PKEY_CTX_set_cb(ctx: PEVP_PKEY_CTX; cb: EVP_PKEY_gen_cb);
+  function EVP_PKEY_CTX_get_cb(ctx: PEVP_PKEY_CTX): EVP_PKEY_gen_cb;
+
+  function EVP_PKEY_CTX_get_keygen_info(ctx: PEVP_PKEY_CTX; idx: TIdC_INT): TIdC_INT;
+
+  procedure EVP_PKEY_meth_set_init(pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_init: EVP_PKEY_meth_init);
+
+  procedure EVP_PKEY_meth_set_copy(pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_copy_cb: EVP_PKEY_meth_copy_cb);
+
+  procedure EVP_PKEY_meth_set_cleanup(pmeth: PEVP_PKEY_METHOD; PEVP_PKEY_meth_cleanup: EVP_PKEY_meth_cleanup);
+
+  procedure EVP_PKEY_meth_set_paramgen(pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_paramgen_init: EVP_PKEY_meth_paramgen_init; AEVP_PKEY_meth_paramgen: EVP_PKEY_meth_paramgen_init);
+
+  procedure EVP_PKEY_meth_set_keygen(pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_keygen_init: EVP_PKEY_meth_keygen_init; AEVP_PKEY_meth_keygen: EVP_PKEY_meth_keygen);
+
+  procedure EVP_PKEY_meth_set_sign(pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_sign_init: EVP_PKEY_meth_sign_init; AEVP_PKEY_meth_sign: EVP_PKEY_meth_sign);
+
+  procedure EVP_PKEY_meth_set_verify(pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_verify_init: EVP_PKEY_meth_verify_init; AEVP_PKEY_meth_verify: EVP_PKEY_meth_verify_init);
+
+  procedure EVP_PKEY_meth_set_verify_recover(pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_verify_recover_init: EVP_PKEY_meth_verify_recover_init; AEVP_PKEY_meth_verify_recover: EVP_PKEY_meth_verify_recover_init);
+
+  procedure EVP_PKEY_meth_set_signctx(pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_signctx_init: EVP_PKEY_meth_signctx_init; AEVP_PKEY_meth_signctx: EVP_PKEY_meth_signctx);
+
+  procedure EVP_PKEY_meth_set_verifyctx(pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_verifyctx_init: EVP_PKEY_meth_verifyctx_init; AEVP_PKEY_meth_verifyctx: EVP_PKEY_meth_verifyctx);
+
+  procedure EVP_PKEY_meth_set_encrypt(pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_encrypt_init: EVP_PKEY_meth_encrypt_init; AEVP_PKEY_meth_encrypt: EVP_PKEY_meth_encrypt);
+
+  procedure EVP_PKEY_meth_set_decrypt(pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_decrypt_init: EVP_PKEY_meth_decrypt_init; AEVP_PKEY_meth_decrypt: EVP_PKEY_meth_decrypt);
+
+  procedure EVP_PKEY_meth_set_derive(pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_derive_init: EVP_PKEY_meth_derive_init; AEVP_PKEY_meth_derive: EVP_PKEY_meth_derive);
+
+  procedure EVP_PKEY_meth_set_ctrl(pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_ctrl: EVP_PKEY_meth_ctrl; AEVP_PKEY_meth_ctrl_str: EVP_PKEY_meth_ctrl_str);
+
+  procedure EVP_PKEY_meth_set_digestsign(pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_digestsign: EVP_PKEY_meth_digestsign);
+
+  procedure EVP_PKEY_meth_set_digestverify(pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_digestverify: EVP_PKEY_meth_digestverify);
+
+  procedure EVP_PKEY_meth_set_check(pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_check: EVP_PKEY_meth_check);
+
+  procedure EVP_PKEY_meth_set_public_check(pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_public_check: EVP_PKEY_meth_public_check);
+
+  procedure EVP_PKEY_meth_set_param_check(pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_param_check: EVP_PKEY_meth_param_check);
+
+  procedure EVP_PKEY_meth_set_digest_custom(pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_digest_custom: EVP_PKEY_meth_digest_custom);
+
+  procedure EVP_PKEY_meth_get_init(const pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_init: PEVP_PKEY_meth_init);
+
+  procedure EVP_PKEY_meth_get_copy(const pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_copy: PEVP_PKEY_meth_copy);
+
+  procedure EVP_PKEY_meth_get_cleanup(const pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_cleanup: PEVP_PKEY_meth_cleanup);
+
+  procedure EVP_PKEY_meth_get_paramgen(const pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_paramgen_init: EVP_PKEY_meth_paramgen_init; AEVP_PKEY_meth_paramgen: PEVP_PKEY_meth_paramgen);
+
+  procedure EVP_PKEY_meth_get_keygen(const pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_keygen_init: EVP_PKEY_meth_keygen_init; AEVP_PKEY_meth_keygen: PEVP_PKEY_meth_keygen);
+
+  procedure EVP_PKEY_meth_get_sign(const pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_sign_init: PEVP_PKEY_meth_sign_init; AEVP_PKEY_meth_sign: PEVP_PKEY_meth_sign);
+
+  procedure EVP_PKEY_meth_get_verify(pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_verify_init: PEVP_PKEY_meth_verify_init; AEVP_PKEY_meth_verify: PEVP_PKEY_meth_verify_init);
+
+  procedure EVP_PKEY_meth_get_verify_recover(pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_verify_recover_init: PEVP_PKEY_meth_verify_recover_init; AEVP_PKEY_meth_verify_recover: PEVP_PKEY_meth_verify_recover_init);
+
+  procedure EVP_PKEY_meth_get_signctx(pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_signctx_init: PEVP_PKEY_meth_signctx_init; AEVP_PKEY_meth_signctx: PEVP_PKEY_meth_signctx);
+
+  procedure EVP_PKEY_meth_get_verifyctx(pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_verifyctx_init: PEVP_PKEY_meth_verifyctx_init; AEVP_PKEY_meth_verifyctx: PEVP_PKEY_meth_verifyctx);
+
+  procedure EVP_PKEY_meth_get_encrypt(pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_encrypt_init: PEVP_PKEY_meth_encrypt_init; AEVP_PKEY_meth_encrypt: PEVP_PKEY_meth_encrypt);
+
+  procedure EVP_PKEY_meth_get_decrypt(pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_decrypt_init: PEVP_PKEY_meth_decrypt_init; AEVP_PKEY_meth_decrypt: PEVP_PKEY_meth_decrypt);
+
+  procedure EVP_PKEY_meth_get_derive(pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_derive_init: PEVP_PKEY_meth_derive_init; AEVP_PKEY_meth_derive: PEVP_PKEY_meth_derive);
+
+  procedure EVP_PKEY_meth_get_ctrl(pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_ctrl: PEVP_PKEY_meth_ctrl; AEVP_PKEY_meth_ctrl_str: PEVP_PKEY_meth_ctrl_str);
+
+  procedure EVP_PKEY_meth_get_digestsign(pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_digestsign: PEVP_PKEY_meth_digestsign);
+
+  procedure EVP_PKEY_meth_get_digestverify(pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_digestverify: PEVP_PKEY_meth_digestverify);
+
+  procedure EVP_PKEY_meth_get_check(pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_check: PEVP_PKEY_meth_check);
+
+  procedure EVP_PKEY_meth_get_public_check(pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_public_check: PEVP_PKEY_meth_public_check);
+
+  procedure EVP_PKEY_meth_get_param_check(pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_param_check: PEVP_PKEY_meth_param_check);
+
+  procedure EVP_PKEY_meth_get_digest_custom(pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_digest_custom: PEVP_PKEY_meth_digest_custom);
+
+  procedure EVP_add_alg_module;
+
+implementation
+
+{$REGION 'C compiler macros'}
+//#  define EVP_PKEY_assign_RSA(pkey,rsa) EVP_PKEY_assign((pkey),EVP_PKEY_RSA, (char *)(rsa))
+function EVP_PKEY_assign_RSA(pkey: PEVP_PKEY; rsa: Pointer): TIdC_INT;
+begin
+  Result := EVP_PKEY_assign(pkey, EVP_PKEY_RSA, rsa);
+end;
+
+//#  define EVP_PKEY_assign_DSA(pkey,dsa) EVP_PKEY_assign((pkey),EVP_PKEY_DSA, (char *)(dsa))
+function EVP_PKEY_assign_DSA(pkey: PEVP_PKEY; dsa: Pointer): TIdC_INT;
+begin
+  Result := EVP_PKEY_assign(pkey, EVP_PKEY_DSA, dsa);
+end;
+
+//#  define EVP_PKEY_assign_DH(pkey,dh) EVP_PKEY_assign((pkey),EVP_PKEY_DH, (char *)(dh))
+function EVP_PKEY_assign_DH(pkey: PEVP_PKEY; dh: Pointer): TIdC_INT;
+begin
+  Result := EVP_PKEY_assign(pkey, EVP_PKEY_DH, dh);
+end;
+
+//#  define EVP_PKEY_assign_EC_KEY(pkey,eckey) EVP_PKEY_assign((pkey),EVP_PKEY_EC, (char *)(eckey))
+function EVP_PKEY_assign_EC_KEY(pkey: PEVP_PKEY; eckey: Pointer): TIdC_INT;
+begin
+  Result := EVP_PKEY_assign(pkey, EVP_PKEY_EC, eckey);
+end;
+
+//#  define EVP_PKEY_assign_SIPHASH(pkey,shkey) EVP_PKEY_assign((pkey),EVP_PKEY_SIPHASH, (char *)(shkey))
+function EVP_PKEY_assign_SIPHASH(pkey: PEVP_PKEY; shkey: Pointer): TIdC_INT;
+begin
+  Result := EVP_PKEY_assign(pkey, EVP_PKEY_SIPHASH, shkey);
+end;
+
+//#  define EVP_PKEY_assign_POLY1305(pkey,polykey) EVP_PKEY_assign((pkey),EVP_PKEY_POLY1305, (char *)(polykey))
+function EVP_PKEY_assign_POLY1305(pkey: PEVP_PKEY; polykey: Pointer): TIdC_INT;
+begin
+  Result := EVP_PKEY_assign(pkey, EVP_PKEY_POLY1305, polykey);
+end;
+{$ENDREGION}
+
+end.
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_evperr.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_evperr.pas
new file mode 100644
index 000000000..7f0f0ba32
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_evperr.pas
@@ -0,0 +1,228 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+unit IdOpenSSLHeaders_evperr;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// evperr.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+const
+  (*
+   * EVP function codes.
+   *)
+  EVP_F_AESNI_INIT_KEY =        165;
+  EVP_F_AESNI_XTS_INIT_KEY =       207;
+  EVP_F_AES_GCM_CTRL =         196;
+  EVP_F_AES_INIT_KEY =         133;
+  EVP_F_AES_OCB_CIPHER =        169;
+  EVP_F_AES_T4_INIT_KEY =        178;
+  EVP_F_AES_T4_XTS_INIT_KEY =       208;
+  EVP_F_AES_WRAP_CIPHER =        170;
+  EVP_F_AES_XTS_INIT_KEY =        209;
+  EVP_F_ALG_MODULE_INIT =        177;
+  EVP_F_ARIA_CCM_INIT_KEY =       175;
+  EVP_F_ARIA_GCM_CTRL =        197;
+  EVP_F_ARIA_GCM_INIT_KEY =       176;
+  EVP_F_ARIA_INIT_KEY =        185;
+  EVP_F_B64_NEW =          198;
+  EVP_F_CAMELLIA_INIT_KEY =       159;
+  EVP_F_CHACHA20_POLY1305_CTRL =      182;
+  EVP_F_CMLL_T4_INIT_KEY =        179;
+  EVP_F_DES_EDE3_WRAP_CIPHER =       171;
+  EVP_F_DO_SIGVER_INIT =        161;
+  EVP_F_ENC_NEW =          199;
+  EVP_F_EVP_CIPHERINIT_EX =       123;
+  EVP_F_EVP_CIPHER_ASN1_TO_PARAM =      204;
+  EVP_F_EVP_CIPHER_CTX_COPY =       163;
+  EVP_F_EVP_CIPHER_CTX_CTRL =       124;
+  EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH =    122;
+  EVP_F_EVP_CIPHER_PARAM_TO_ASN1 =      205;
+  EVP_F_EVP_DECRYPTFINAL_EX =       101;
+  EVP_F_EVP_DECRYPTUPDATE =       166;
+  EVP_F_EVP_DIGESTFINALXOF =       174;
+  EVP_F_EVP_DIGESTINIT_EX =       128;
+  EVP_F_EVP_ENCRYPTDECRYPTUPDATE =      219;
+  EVP_F_EVP_ENCRYPTFINAL_EX =       127;
+  EVP_F_EVP_ENCRYPTUPDATE =       167;
+  EVP_F_EVP_MD_CTX_COPY_EX =       110;
+  EVP_F_EVP_MD_SIZE =         162;
+  EVP_F_EVP_OPENINIT =         102;
+  EVP_F_EVP_PBE_ALG_ADD =        115;
+  EVP_F_EVP_PBE_ALG_ADD_TYPE =       160;
+  EVP_F_EVP_PBE_CIPHERINIT =       116;
+  EVP_F_EVP_PBE_SCRYPT =        181;
+  EVP_F_EVP_PKCS82PKEY =        111;
+  EVP_F_EVP_PKEY2PKCS8 =        113;
+  EVP_F_EVP_PKEY_ASN1_ADD0 =       188;
+  EVP_F_EVP_PKEY_CHECK =        186;
+  EVP_F_EVP_PKEY_COPY_PARAMETERS =      103;
+  EVP_F_EVP_PKEY_CTX_CTRL =       137;
+  EVP_F_EVP_PKEY_CTX_CTRL_STR =      150;
+  EVP_F_EVP_PKEY_CTX_DUP =        156;
+  EVP_F_EVP_PKEY_CTX_MD =        168;
+  EVP_F_EVP_PKEY_DECRYPT =        104;
+  EVP_F_EVP_PKEY_DECRYPT_INIT =      138;
+  EVP_F_EVP_PKEY_DECRYPT_OLD =       151;
+  EVP_F_EVP_PKEY_DERIVE =        153;
+  EVP_F_EVP_PKEY_DERIVE_INIT =       154;
+  EVP_F_EVP_PKEY_DERIVE_SET_PEER =      155;
+  EVP_F_EVP_PKEY_ENCRYPT =        105;
+  EVP_F_EVP_PKEY_ENCRYPT_INIT =      139;
+  EVP_F_EVP_PKEY_ENCRYPT_OLD =       152;
+  EVP_F_EVP_PKEY_GET0_DH =        119;
+  EVP_F_EVP_PKEY_GET0_DSA =       120;
+  EVP_F_EVP_PKEY_GET0_EC_KEY =       131;
+  EVP_F_EVP_PKEY_GET0_HMAC =       183;
+  EVP_F_EVP_PKEY_GET0_POLY1305 =      184;
+  EVP_F_EVP_PKEY_GET0_RSA =       121;
+  EVP_F_EVP_PKEY_GET0_SIPHASH =      172;
+  EVP_F_EVP_PKEY_GET_RAW_PRIVATE_KEY =     202;
+  EVP_F_EVP_PKEY_GET_RAW_PUBLIC_KEY =     203;
+  EVP_F_EVP_PKEY_KEYGEN =        146;
+  EVP_F_EVP_PKEY_KEYGEN_INIT =       147;
+  EVP_F_EVP_PKEY_METH_ADD0 =       194;
+  EVP_F_EVP_PKEY_METH_NEW =       195;
+  EVP_F_EVP_PKEY_NEW =         106;
+  EVP_F_EVP_PKEY_NEW_CMAC_KEY =      193;
+  EVP_F_EVP_PKEY_NEW_RAW_PRIVATE_KEY =     191;
+  EVP_F_EVP_PKEY_NEW_RAW_PUBLIC_KEY =     192;
+  EVP_F_EVP_PKEY_PARAMGEN =       148;
+  EVP_F_EVP_PKEY_PARAMGEN_INIT =      149;
+  EVP_F_EVP_PKEY_PARAM_CHECK =       189;
+  EVP_F_EVP_PKEY_PUBLIC_CHECK =      190;
+  EVP_F_EVP_PKEY_SET1_ENGINE =       187;
+  EVP_F_EVP_PKEY_SET_ALIAS_TYPE =      206;
+  EVP_F_EVP_PKEY_SIGN =        140;
+  EVP_F_EVP_PKEY_SIGN_INIT =       141;
+  EVP_F_EVP_PKEY_VERIFY =        142;
+  EVP_F_EVP_PKEY_VERIFY_INIT =       143;
+  EVP_F_EVP_PKEY_VERIFY_RECOVER =      144;
+  EVP_F_EVP_PKEY_VERIFY_RECOVER_INIT =     145;
+  EVP_F_EVP_SIGNFINAL =        107;
+  EVP_F_EVP_VERIFYFINAL =        108;
+  EVP_F_INT_CTX_NEW =         157;
+  EVP_F_OK_NEW =          200;
+  EVP_F_PKCS5_PBE_KEYIVGEN =       117;
+  EVP_F_PKCS5_V2_PBE_KEYIVGEN =      118;
+  EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN =      164;
+  EVP_F_PKCS5_V2_SCRYPT_KEYIVGEN =      180;
+  EVP_F_PKEY_SET_TYPE =        158;
+  EVP_F_RC2_MAGIC_TO_METH =       109;
+  EVP_F_RC5_CTRL =          125;
+  EVP_F_R_32_12_16_INIT_KEY =       242;
+  EVP_F_S390X_AES_GCM_CTRL =       201;
+  EVP_F_UPDATE =          173;
+
+  (*
+   * EVP reason codes.
+   *)
+  EVP_R_AES_KEY_SETUP_FAILED = 143;
+  EVP_R_ARIA_KEY_SETUP_FAILED = 176;
+  EVP_R_BAD_DECRYPT = 100;
+  EVP_R_BAD_KEY_LENGTH = 195;
+  EVP_R_BUFFER_TOO_SMALL = 155;
+  EVP_R_CAMELLIA_KEY_SETUP_FAILED = 157;
+  EVP_R_CIPHER_PARAMETER_ERROR = 122;
+  EVP_R_COMMAND_NOT_SUPPORTED = 147;
+  EVP_R_COPY_ERROR = 173;
+  EVP_R_CTRL_NOT_IMPLEMENTED = 132;
+  EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED = 133;
+  EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH = 138;
+  EVP_R_DECODE_ERROR = 114;
+  EVP_R_DIFFERENT_KEY_TYPES = 101;
+  EVP_R_DIFFERENT_PARAMETERS = 153;
+  EVP_R_ERROR_LOADING_SECTION = 165;
+  EVP_R_ERROR_SETTING_FIPS_MODE = 166;
+  EVP_R_EXPECTING_AN_HMAC_KEY = 174;
+  EVP_R_EXPECTING_AN_RSA_KEY = 127;
+  EVP_R_EXPECTING_A_DH_KEY = 128;
+  EVP_R_EXPECTING_A_DSA_KEY = 129;
+  EVP_R_EXPECTING_A_EC_KEY = 142;
+  EVP_R_EXPECTING_A_POLY1305_KEY = 164;
+  EVP_R_EXPECTING_A_SIPHASH_KEY = 175;
+  EVP_R_FIPS_MODE_NOT_SUPPORTED = 167;
+  EVP_R_GET_RAW_KEY_FAILED = 182;
+  EVP_R_ILLEGAL_SCRYPT_PARAMETERS = 171;
+  EVP_R_INITIALIZATION_ERROR = 134;
+  EVP_R_INPUT_NOT_INITIALIZED = 111;
+  EVP_R_INVALID_DIGEST = 152;
+  EVP_R_INVALID_FIPS_MODE = 168;
+  EVP_R_INVALID_KEY = 163;
+  EVP_R_INVALID_KEY_LENGTH = 130;
+  EVP_R_INVALID_OPERATION = 148;
+  EVP_R_KEYGEN_FAILURE = 120;
+  EVP_R_KEY_SETUP_FAILED = 180;
+  EVP_R_MEMORY_LIMIT_EXCEEDED = 172;
+  EVP_R_MESSAGE_DIGEST_IS_NULL = 159;
+  EVP_R_METHOD_NOT_SUPPORTED = 144;
+  EVP_R_MISSING_PARAMETERS = 103;
+  EVP_R_NOT_XOF_OR_INVALID_LENGTH = 178;
+  EVP_R_NO_CIPHER_SET = 131;
+  EVP_R_NO_DEFAULT_DIGEST = 158;
+  EVP_R_NO_DIGEST_SET = 139;
+  EVP_R_NO_KEY_SET = 154;
+  EVP_R_NO_OPERATION_SET = 149;
+  EVP_R_ONLY_ONESHOT_SUPPORTED = 177;
+  EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE = 150;
+  EVP_R_OPERATON_NOT_INITIALIZED = 151;
+  EVP_R_PARTIALLY_OVERLAPPING = 162;
+  EVP_R_PBKDF2_ERROR = 181;
+  EVP_R_PKEY_APPLICATION_ASN1_METHOD_ALREADY_REGISTERED = 179;
+  EVP_R_PRIVATE_KEY_DECODE_ERROR = 145;
+  EVP_R_PRIVATE_KEY_ENCODE_ERROR = 146;
+  EVP_R_PUBLIC_KEY_NOT_RSA = 106;
+  EVP_R_UNKNOWN_CIPHER = 160;
+  EVP_R_UNKNOWN_DIGEST = 161;
+  EVP_R_UNKNOWN_OPTION = 169;
+  EVP_R_UNKNOWN_PBE_ALGORITHM = 121;
+  EVP_R_UNSUPPORTED_ALGORITHM = 156;
+  EVP_R_UNSUPPORTED_CIPHER = 107;
+  EVP_R_UNSUPPORTED_KEYLENGTH = 123;
+  EVP_R_UNSUPPORTED_KEY_DERIVATION_FUNCTION = 124;
+  EVP_R_UNSUPPORTED_KEY_SIZE = 108;
+  EVP_R_UNSUPPORTED_NUMBER_OF_ROUNDS = 135;
+  EVP_R_UNSUPPORTED_PRF = 125;
+  EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM = 118;
+  EVP_R_UNSUPPORTED_SALT_TYPE = 126;
+  EVP_R_WRAP_MODE_NOT_ALLOWED = 170;
+  EVP_R_WRONG_FINAL_BLOCK_LENGTH = 109;
+  EVP_R_XTS_DUPLICATED_KEYS = 183;
+
+var
+  function ERR_load_EVP_strings: TIdC_INT;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_hmac.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_hmac.pas
new file mode 100644
index 000000000..8bf1e5efb
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_hmac.pas
@@ -0,0 +1,59 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+unit IdOpenSSLHeaders_hmac;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// hmac.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts,
+  IdOpenSSLHeaders_ossl_typ;
+
+var
+  function HMAC_size(const e: PHMAC_CTX): TIdC_SIZET;
+  function HMAC_CTX_new: PHMAC_CTX;
+  function HMAC_CTX_reset(ctx: PHMAC_CTX): TIdC_INT;
+  procedure HMAC_CTX_free(ctx: PHMAC_CTX);
+
+  function HMAC_Init_ex(ctx: PHMAC_CTX; const key: Pointer; len: TIdC_INT; const md: PEVP_MD; impl: PENGINE): TIdC_INT;
+  function HMAC_Update(ctx: PHMAC_CTX; const data: PByte; len: TIdC_SIZET): TIdC_INT;
+  function HMAC_Final(ctx: PHMAC_CTX; md: PByte; len: PByte): TIdC_INT;
+  function HMAC(const evp_md: PEVP_MD; const key: Pointer; key_len: TIdC_INT; const d: PByte; n: TIdC_SIZET; md: PByte; md_len: PIdC_INT): PByte;
+  function HMAC_CTX_copy(dctx: PHMAC_CTX; sctx: PHMAC_CTX): TIdC_INT;
+
+  procedure HMAC_CTX_set_flags(ctx: PHMAC_CTX; flags: TIdC_ULONG);
+  function HMAC_CTX_get_md(const ctx: PHMAC_CTX): PEVP_MD;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_idea.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_idea.pas
new file mode 100644
index 000000000..a1de54434
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_idea.pas
@@ -0,0 +1,71 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+unit IdOpenSSLHeaders_idea;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// idea.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+const
+  // Added '_CONST' to avoid name clashes
+  IDEA_ENCRYPT_CONST = 1;
+  // Added '_CONST' to avoid name clashes
+  IDEA_DECRYPT_CONST = 0;
+
+  IDEA_BLOCK      = 8;
+  IDEA_KEY_LENGTH = 16;
+
+type
+  IDEA_INT = type TIdC_INT;
+
+  idea_key_st = record
+    data: array[0..8, 0..5] of IDEA_INT;
+  end;
+  IDEA_KEY_SCHEDULE = idea_key_st;
+  PIDEA_KEY_SCHEDULE = ^IDEA_KEY_SCHEDULE;
+
+var
+  function IDEA_options: PIdAnsiChar;
+  procedure IDEA_ecb_encrypt(const &in: PByte; &out: PByte; ks: PIDEA_KEY_SCHEDULE);
+  procedure IDEA_set_encrypt_key(const key: PByte; ks: PIDEA_KEY_SCHEDULE);
+  procedure IDEA_set_decrypt_key(ek: PIDEA_KEY_SCHEDULE; dk: PIDEA_KEY_SCHEDULE);
+  procedure IDEA_cbc_encrypt(const &in: PByte; &out: PByte; length: TIdC_LONG; ks: PIDEA_KEY_SCHEDULE; iv: PByte; enc: TIdC_INT);
+  procedure IDEA_cfb64_encrypt(const &in: PByte; &out: PByte; length: TIdC_LONG; ks: PIDEA_KEY_SCHEDULE; iv: PByte; num: PIdC_INT; enc: TIdC_INT);
+  procedure IDEA_ofb64_encrypt(const &in: PByte; &out: PByte; length: TIdC_LONG; ks: PIDEA_KEY_SCHEDULE; iv: PByte; num: PIdC_INT);
+  procedure IDEA_encrypt(&in: PIdC_LONG; ks: PIDEA_KEY_SCHEDULE);
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_kdferr.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_kdferr.pas
new file mode 100644
index 000000000..664492913
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_kdferr.pas
@@ -0,0 +1,79 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+unit IdOpenSSLHeaders_kdferr;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// kdferr.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+const
+  (*
+   * KDF function codes.
+   *)
+  KDF_F_PKEY_HKDF_CTRL_STR = 103;
+  KDF_F_PKEY_HKDF_DERIVE = 102;
+  KDF_F_PKEY_HKDF_INIT = 108;
+  KDF_F_PKEY_SCRYPT_CTRL_STR = 104;
+  KDF_F_PKEY_SCRYPT_CTRL_UINT64 = 105;
+  KDF_F_PKEY_SCRYPT_DERIVE = 109;
+  KDF_F_PKEY_SCRYPT_INIT = 106;
+  KDF_F_PKEY_SCRYPT_SET_MEMBUF = 107;
+  KDF_F_PKEY_TLS1_PRF_CTRL_STR = 100;
+  KDF_F_PKEY_TLS1_PRF_DERIVE = 101;
+  KDF_F_PKEY_TLS1_PRF_INIT = 110;
+  KDF_F_TLS1_PRF_ALG = 111;
+
+  (*
+   * KDF reason codes.
+   *)
+  KDF_R_INVALID_DIGEST = 100;
+  KDF_R_MISSING_ITERATION_COUNT = 109;
+  KDF_R_MISSING_KEY = 104;
+  KDF_R_MISSING_MESSAGE_DIGEST = 105;
+  KDF_R_MISSING_PARAMETER = 101;
+  KDF_R_MISSING_PASS = 110;
+  KDF_R_MISSING_SALT = 111;
+  KDF_R_MISSING_SECRET = 107;
+  KDF_R_MISSING_SEED = 106;
+  KDF_R_UNKNOWN_PARAMETER_TYPE = 103;
+  KDF_R_VALUE_ERROR = 108;
+  KDF_R_VALUE_MISSING = 102;
+
+var
+  function ERR_load_KDF_strings: TIdC_INT;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_obj_mac.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_obj_mac.pas
new file mode 100644
index 000000000..bf4095581
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_obj_mac.pas
@@ -0,0 +1,2915 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+unit IdOpenSSLHeaders_obj_mac;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// obj_mac.h
+
+{$i IdCompilerDefines.inc}
+
+const
+  SN_undef =       'UNDEF';
+  LN_undef =       'undefined';
+  NID_undef =       0;
+  SN_itu_t =     'ITU-T';
+  LN_itu_t =     'itu-t';
+  NID_itu_t =     645;
+  NID_ccitt =     404;
+  SN_iso =   'ISO';
+  LN_iso =   'iso';
+  NID_iso =   181;
+  SN_joint_iso_itu_t =    'JOINT-ISO-ITU-T';
+  LN_joint_iso_itu_t =    'joint-iso-itu-t';
+  NID_joint_iso_itu_t =    646;
+  NID_joint_iso_ccitt =    393;
+  SN_member_body =   'member-body';
+  LN_member_body =   'ISO Member Body';
+  NID_member_body =   182;
+  SN_identified_organization =    'identified-organization';
+  NID_identified_organization =    676;
+  SN_hmac_md5 =    'HMAC-MD5';
+  LN_hmac_md5 =    'hmac-md5';
+  NID_hmac_md5 =    780;
+  SN_hmac_sha1 =    'HMAC-SHA1';
+  LN_hmac_sha1 =    'hmac-sha1';
+  NID_hmac_sha1 =    781;
+  SN_x509ExtAdmission =    'x509ExtAdmission';
+  LN_x509ExtAdmission =    'Professional Information or basis for Admission';
+  NID_x509ExtAdmission =    1093;
+  SN_certicom_arc =   'certicom-arc';
+  NID_certicom_arc =     677;
+  SN_ieee =   'ieee';
+  NID_ieee =     1170;
+  SN_ieee_siswg =    'ieee-siswg';
+  LN_ieee_siswg =    'IEEE Security in Storage Working Group';
+  NID_ieee_siswg =   1171;
+  SN_international_organizations =   'international-organizations';
+  LN_international_organizations =   'International Organizations';
+  NID_international_organizations =   647;
+  SN_wap =   'wap';
+  NID_wap =   678;
+  SN_wap_wsg =    'wap-wsg';
+  NID_wap_wsg =    679;
+  SN_selected_attribute_types =    'selected-attribute-types';
+  LN_selected_attribute_types =    'Selected Attribute Types';
+  NID_selected_attribute_types =    394;
+  SN_clearance =    'clearance';
+  NID_clearance =    395;
+  SN_ISO_US =     'ISO-US';
+  LN_ISO_US =     'ISO US Member Body';
+  NID_ISO_US =    183;
+  SN_X9_57 =     'X9-57';
+  LN_X9_57 =     'X9.57';
+  NID_X9_57 =     184;
+  SN_X9cm =   'X9cm';
+  LN_X9cm =   'X9.57 CM ?';
+  NID_X9cm =     185;
+  SN_ISO_CN =     'ISO-CN';
+  LN_ISO_CN =     'ISO CN Member Body';
+  NID_ISO_CN =    1140;
+  SN_oscca =     'oscca';
+  NID_oscca =     1141;
+  SN_sm_scheme =    'sm-scheme';
+  NID_sm_scheme =    1142;
+  SN_dsa =   'DSA';
+  LN_dsa =   'dsaEncryption';
+  NID_dsa =   116;
+  SN_dsaWithSHA1 =   'DSA-SHA1';
+  LN_dsaWithSHA1 =   'dsaWithSHA1';
+  NID_dsaWithSHA1 =   113;
+  SN_ansi_X9_62 =    'ansi-X9-62';
+  LN_ansi_X9_62 =    'ANSI X9.62';
+  NID_ansi_X9_62 =   405;
+  SN_X9_62_prime_field =    'prime-field';
+  NID_X9_62_prime_field =    406;
+  SN_X9_62_characteristic_two_field =     'characteristic-two-field';
+  NID_X9_62_characteristic_two_field =    407;
+  SN_X9_62_id_characteristic_two_basis =    'id-characteristic-two-basis';
+  NID_X9_62_id_characteristic_two_basis =    680;
+  SN_X9_62_onBasis =     'onBasis';
+  NID_X9_62_onBasis =     681;
+  SN_X9_62_tpBasis =     'tpBasis';
+  NID_X9_62_tpBasis =     682;
+  SN_X9_62_ppBasis =     'ppBasis';
+  NID_X9_62_ppBasis =     683;
+  SN_X9_62_id_ecPublicKey =   'id-ecPublicKey';
+  NID_X9_62_id_ecPublicKey =     408;
+  SN_X9_62_c2pnb163v1 =    'c2pnb163v1';
+  NID_X9_62_c2pnb163v1 =    684;
+  SN_X9_62_c2pnb163v2 =    'c2pnb163v2';
+  NID_X9_62_c2pnb163v2 =    685;
+  SN_X9_62_c2pnb163v3 =    'c2pnb163v3';
+  NID_X9_62_c2pnb163v3 =    686;
+  SN_X9_62_c2pnb176v1 =    'c2pnb176v1';
+  NID_X9_62_c2pnb176v1 =    687;
+  SN_X9_62_c2tnb191v1 =    'c2tnb191v1';
+  NID_X9_62_c2tnb191v1 =    688;
+  SN_X9_62_c2tnb191v2 =    'c2tnb191v2';
+  NID_X9_62_c2tnb191v2 =    689;
+  SN_X9_62_c2tnb191v3 =    'c2tnb191v3';
+  NID_X9_62_c2tnb191v3 =    690;
+  SN_X9_62_c2onb191v4 =    'c2onb191v4';
+  NID_X9_62_c2onb191v4 =    691;
+  SN_X9_62_c2onb191v5 =    'c2onb191v5';
+  NID_X9_62_c2onb191v5 =    692;
+  SN_X9_62_c2pnb208w1 =    'c2pnb208w1';
+  NID_X9_62_c2pnb208w1 =    693;
+  SN_X9_62_c2tnb239v1 =    'c2tnb239v1';
+  NID_X9_62_c2tnb239v1 =    694;
+  SN_X9_62_c2tnb239v2 =    'c2tnb239v2';
+  NID_X9_62_c2tnb239v2 =    695;
+  SN_X9_62_c2tnb239v3 =    'c2tnb239v3';
+  NID_X9_62_c2tnb239v3 =    696;
+  SN_X9_62_c2onb239v4 =    'c2onb239v4';
+  NID_X9_62_c2onb239v4 =    697;
+  SN_X9_62_c2onb239v5 =    'c2onb239v5';
+  NID_X9_62_c2onb239v5 =    698;
+  SN_X9_62_c2pnb272w1 =    'c2pnb272w1';
+  NID_X9_62_c2pnb272w1 =    699;
+  SN_X9_62_c2pnb304w1 =    'c2pnb304w1';
+  NID_X9_62_c2pnb304w1 =    700;
+  SN_X9_62_c2tnb359v1 =    'c2tnb359v1';
+  NID_X9_62_c2tnb359v1 =    701;
+  SN_X9_62_c2pnb368w1 =    'c2pnb368w1';
+  NID_X9_62_c2pnb368w1 =    702;
+  SN_X9_62_c2tnb431r1 =    'c2tnb431r1';
+  NID_X9_62_c2tnb431r1 =    703;
+  SN_X9_62_prime192v1 =    'prime192v1';
+  NID_X9_62_prime192v1 =    409;
+  SN_X9_62_prime192v2 =    'prime192v2';
+  NID_X9_62_prime192v2 =    410;
+  SN_X9_62_prime192v3 =    'prime192v3';
+  NID_X9_62_prime192v3 =    411;
+  SN_X9_62_prime239v1 =    'prime239v1';
+  NID_X9_62_prime239v1 =    412;
+  SN_X9_62_prime239v2 =    'prime239v2';
+  NID_X9_62_prime239v2 =    413;
+  SN_X9_62_prime239v3 =    'prime239v3';
+  NID_X9_62_prime239v3 =    414;
+  SN_X9_62_prime256v1 =    'prime256v1';
+  NID_X9_62_prime256v1 =    415;
+  SN_ecdsa_with_SHA1 =    'ecdsa-with-SHA1';
+  NID_ecdsa_with_SHA1 =    416;
+  SN_ecdsa_with_Recommended =     'ecdsa-with-Recommended';
+  NID_ecdsa_with_Recommended =    791;
+  SN_ecdsa_with_Specified =   'ecdsa-with-Specified';
+  NID_ecdsa_with_Specified =     792;
+  SN_ecdsa_with_SHA224 =    'ecdsa-with-SHA224';
+  NID_ecdsa_with_SHA224 =    793;
+  SN_ecdsa_with_SHA256 =    'ecdsa-with-SHA256';
+  NID_ecdsa_with_SHA256 =    794;
+  SN_ecdsa_with_SHA384 =    'ecdsa-with-SHA384';
+  NID_ecdsa_with_SHA384 =    795;
+  SN_ecdsa_with_SHA512 =    'ecdsa-with-SHA512';
+  NID_ecdsa_with_SHA512 =    796;
+  SN_secp112r1 =    'secp112r1';
+  NID_secp112r1 =    704;
+  SN_secp112r2 =    'secp112r2';
+  NID_secp112r2 =    705;
+  SN_secp128r1 =    'secp128r1';
+  NID_secp128r1 =    706;
+  SN_secp128r2 =    'secp128r2';
+  NID_secp128r2 =    707;
+  SN_secp160k1 =    'secp160k1';
+  NID_secp160k1 =    708;
+  SN_secp160r1 =    'secp160r1';
+  NID_secp160r1 =    709;
+  SN_secp160r2 =    'secp160r2';
+  NID_secp160r2 =    710;
+  SN_secp192k1 =    'secp192k1';
+  NID_secp192k1 =    711;
+  SN_secp224k1 =    'secp224k1';
+  NID_secp224k1 =    712;
+  SN_secp224r1 =    'secp224r1';
+  NID_secp224r1 =    713;
+  SN_secp256k1 =    'secp256k1';
+  NID_secp256k1 =    714;
+  SN_secp384r1 =    'secp384r1';
+  NID_secp384r1 =    715;
+  SN_secp521r1 =    'secp521r1';
+  NID_secp521r1 =    716;
+  SN_sect113r1 =    'sect113r1';
+  NID_sect113r1 =    717;
+  SN_sect113r2 =    'sect113r2';
+  NID_sect113r2 =    718;
+  SN_sect131r1 =    'sect131r1';
+  NID_sect131r1 =    719;
+  SN_sect131r2 =    'sect131r2';
+  NID_sect131r2 =    720;
+  SN_sect163k1 =    'sect163k1';
+  NID_sect163k1 =    721;
+  SN_sect163r1 =    'sect163r1';
+  NID_sect163r1 =    722;
+  SN_sect163r2 =    'sect163r2';
+  NID_sect163r2 =    723;
+  SN_sect193r1 =    'sect193r1';
+  NID_sect193r1 =    724;
+  SN_sect193r2 =    'sect193r2';
+  NID_sect193r2 =    725;
+  SN_sect233k1 =    'sect233k1';
+  NID_sect233k1 =    726;
+  SN_sect233r1 =    'sect233r1';
+  NID_sect233r1 =    727;
+  SN_sect239k1 =    'sect239k1';
+  NID_sect239k1 =    728;
+  SN_sect283k1 =    'sect283k1';
+  NID_sect283k1 =    729;
+  SN_sect283r1 =    'sect283r1';
+  NID_sect283r1 =    730;
+  SN_sect409k1 =    'sect409k1';
+  NID_sect409k1 =    731;
+  SN_sect409r1 =    'sect409r1';
+  NID_sect409r1 =    732;
+  SN_sect571k1 =    'sect571k1';
+  NID_sect571k1 =    733;
+  SN_sect571r1 =    'sect571r1';
+  NID_sect571r1 =    734;
+  SN_wap_wsg_idm_ecid_wtls1 =     'wap-wsg-idm-ecid-wtls1';
+  NID_wap_wsg_idm_ecid_wtls1 =    735;
+  SN_wap_wsg_idm_ecid_wtls3 =     'wap-wsg-idm-ecid-wtls3';
+  NID_wap_wsg_idm_ecid_wtls3 =    736;
+  SN_wap_wsg_idm_ecid_wtls4 =     'wap-wsg-idm-ecid-wtls4';
+  NID_wap_wsg_idm_ecid_wtls4 =    737;
+  SN_wap_wsg_idm_ecid_wtls5 =     'wap-wsg-idm-ecid-wtls5';
+  NID_wap_wsg_idm_ecid_wtls5 =    738;
+  SN_wap_wsg_idm_ecid_wtls6 =     'wap-wsg-idm-ecid-wtls6';
+  NID_wap_wsg_idm_ecid_wtls6 =    739;
+  SN_wap_wsg_idm_ecid_wtls7 =     'wap-wsg-idm-ecid-wtls7';
+  NID_wap_wsg_idm_ecid_wtls7 =    740;
+  SN_wap_wsg_idm_ecid_wtls8 =     'wap-wsg-idm-ecid-wtls8';
+  NID_wap_wsg_idm_ecid_wtls8 =    741;
+  SN_wap_wsg_idm_ecid_wtls9 =     'wap-wsg-idm-ecid-wtls9';
+  NID_wap_wsg_idm_ecid_wtls9 =    742;
+  SN_wap_wsg_idm_ecid_wtls10 =    'wap-wsg-idm-ecid-wtls10';
+  NID_wap_wsg_idm_ecid_wtls10 =    743;
+  SN_wap_wsg_idm_ecid_wtls11 =    'wap-wsg-idm-ecid-wtls11';
+  NID_wap_wsg_idm_ecid_wtls11 =    744;
+  SN_wap_wsg_idm_ecid_wtls12 =    'wap-wsg-idm-ecid-wtls12';
+  NID_wap_wsg_idm_ecid_wtls12 =    745;
+  SN_cast5_cbc =    'CAST5-CBC';
+  LN_cast5_cbc =    'cast5-cbc';
+  NID_cast5_cbc =    108;
+  SN_cast5_ecb =    'CAST5-ECB';
+  LN_cast5_ecb =    'cast5-ecb';
+  NID_cast5_ecb =    109;
+  SN_cast5_cfb64 =   'CAST5-CFB';
+  LN_cast5_cfb64 =   'cast5-cfb';
+  NID_cast5_cfb64 =   110;
+  SN_cast5_ofb64 =   'CAST5-OFB';
+  LN_cast5_ofb64 =   'cast5-ofb';
+  NID_cast5_ofb64 =   111;
+  LN_pbeWithMD5AndCast5_CBC =     'pbeWithMD5AndCast5CBC';
+  NID_pbeWithMD5AndCast5_CBC =    112;
+  SN_id_PasswordBasedMAC =   'id-PasswordBasedMAC';
+  LN_id_PasswordBasedMAC =   'password based MAC';
+  NID_id_PasswordBasedMAC =   782;
+  SN_id_DHBasedMac =     'id-DHBasedMac';
+  LN_id_DHBasedMac =     'Diffie-Hellman based MAC';
+  NID_id_DHBasedMac =     783;
+  SN_rsadsi =     'rsadsi';
+  LN_rsadsi =     'RSA Data Security; Inc.';
+  NID_rsadsi =    1;
+  SN_pkcs =   'pkcs';
+  LN_pkcs =   'RSA Data Security; Inc. PKCS';
+  NID_pkcs =     2;
+  SN_pkcs1 =     'pkcs1';
+  NID_pkcs1 =     186;
+  LN_rsaEncryption =     'rsaEncryption';
+  NID_rsaEncryption =     6;
+  SN_md2WithRSAEncryption =   'RSA-MD2';
+  LN_md2WithRSAEncryption =   'md2WithRSAEncryption';
+  NID_md2WithRSAEncryption =     7;
+  SN_md4WithRSAEncryption =   'RSA-MD4';
+  LN_md4WithRSAEncryption =   'md4WithRSAEncryption';
+  NID_md4WithRSAEncryption =     396;
+  SN_md5WithRSAEncryption =   'RSA-MD5';
+  LN_md5WithRSAEncryption =   'md5WithRSAEncryption';
+  NID_md5WithRSAEncryption =     8;
+  SN_sha1WithRSAEncryption =     'RSA-SHA1';
+  LN_sha1WithRSAEncryption =     'sha1WithRSAEncryption';
+  NID_sha1WithRSAEncryption =     65;
+  SN_rsaesOaep =    'RSAES-OAEP';
+  LN_rsaesOaep =    'rsaesOaep';
+  NID_rsaesOaep =    919;
+  SN_mgf1 =   'MGF1';
+  LN_mgf1 =   'mgf1';
+  NID_mgf1 =     911;
+  SN_pSpecified =    'PSPECIFIED';
+  LN_pSpecified =    'pSpecified';
+  NID_pSpecified =   935;
+  SN_rsassaPss =    'RSASSA-PSS';
+  LN_rsassaPss =    'rsassaPss';
+  NID_rsassaPss =    912;
+  SN_sha256WithRSAEncryption =    'RSA-SHA256';
+  LN_sha256WithRSAEncryption =    'sha256WithRSAEncryption';
+  NID_sha256WithRSAEncryption =    668;
+  SN_sha384WithRSAEncryption =    'RSA-SHA384';
+  LN_sha384WithRSAEncryption =    'sha384WithRSAEncryption';
+  NID_sha384WithRSAEncryption =    669;
+  SN_sha512WithRSAEncryption =    'RSA-SHA512';
+  LN_sha512WithRSAEncryption =    'sha512WithRSAEncryption';
+  NID_sha512WithRSAEncryption =    670;
+  SN_sha224WithRSAEncryption =    'RSA-SHA224';
+  LN_sha224WithRSAEncryption =    'sha224WithRSAEncryption';
+  NID_sha224WithRSAEncryption =    671;
+  SN_sha512_224WithRSAEncryption =   'RSA-SHA512/224';
+  LN_sha512_224WithRSAEncryption =   'sha512-224WithRSAEncryption';
+  NID_sha512_224WithRSAEncryption =   1145;
+  SN_sha512_256WithRSAEncryption =   'RSA-SHA512/256';
+  LN_sha512_256WithRSAEncryption =   'sha512-256WithRSAEncryption';
+  NID_sha512_256WithRSAEncryption =   1146;
+  SN_pkcs3 =     'pkcs3';
+  NID_pkcs3 =     27;
+  LN_dhKeyAgreement =     'dhKeyAgreement';
+  NID_dhKeyAgreement =    28;
+  SN_pkcs5 =     'pkcs5';
+  NID_pkcs5 =     187;
+  SN_pbeWithMD2AndDES_CBC =   'PBE-MD2-DES';
+  LN_pbeWithMD2AndDES_CBC =   'pbeWithMD2AndDES-CBC';
+  NID_pbeWithMD2AndDES_CBC =     9;
+  SN_pbeWithMD5AndDES_CBC =   'PBE-MD5-DES';
+  LN_pbeWithMD5AndDES_CBC =   'pbeWithMD5AndDES-CBC';
+  NID_pbeWithMD5AndDES_CBC =     10;
+  SN_pbeWithMD2AndRC2_CBC =   'PBE-MD2-RC2-64';
+  LN_pbeWithMD2AndRC2_CBC =   'pbeWithMD2AndRC2-CBC';
+  NID_pbeWithMD2AndRC2_CBC =     168;
+  SN_pbeWithMD5AndRC2_CBC =   'PBE-MD5-RC2-64';
+  LN_pbeWithMD5AndRC2_CBC =   'pbeWithMD5AndRC2-CBC';
+  NID_pbeWithMD5AndRC2_CBC =     169;
+  SN_pbeWithSHA1AndDES_CBC =     'PBE-SHA1-DES';
+  LN_pbeWithSHA1AndDES_CBC =     'pbeWithSHA1AndDES-CBC';
+  NID_pbeWithSHA1AndDES_CBC =     170;
+  SN_pbeWithSHA1AndRC2_CBC =     'PBE-SHA1-RC2-64';
+  LN_pbeWithSHA1AndRC2_CBC =     'pbeWithSHA1AndRC2-CBC';
+  NID_pbeWithSHA1AndRC2_CBC =     68;
+  LN_id_pbkdf2 =    'PBKDF2';
+  NID_id_pbkdf2 =    69;
+  LN_pbes2 =     'PBES2';
+  NID_pbes2 =     161;
+  LN_pbmac1 =     'PBMAC1';
+  NID_pbmac1 =    162;
+  SN_pkcs7 =     'pkcs7';
+  NID_pkcs7 =     20;
+  LN_pkcs7_data =    'pkcs7-data';
+  NID_pkcs7_data =   21;
+  LN_pkcs7_signed =   'pkcs7-signedData';
+  NID_pkcs7_signed =     22;
+  LN_pkcs7_enveloped =    'pkcs7-envelopedData';
+  NID_pkcs7_enveloped =    23;
+  LN_pkcs7_signedAndEnveloped =    'pkcs7-signedAndEnvelopedData';
+  NID_pkcs7_signedAndEnveloped =    24;
+  LN_pkcs7_digest =   'pkcs7-digestData';
+  NID_pkcs7_digest =     25;
+  LN_pkcs7_encrypted =    'pkcs7-encryptedData';
+  NID_pkcs7_encrypted =    26;
+  SN_pkcs9 =     'pkcs9';
+  NID_pkcs9 =     47;
+  LN_pkcs9_emailAddress =    'emailAddress';
+  NID_pkcs9_emailAddress =   48;
+  LN_pkcs9_unstructuredName =     'unstructuredName';
+  NID_pkcs9_unstructuredName =    49;
+  LN_pkcs9_contentType =    'contentType';
+  NID_pkcs9_contentType =    50;
+  LN_pkcs9_messageDigest =   'messageDigest';
+  NID_pkcs9_messageDigest =   51;
+  LN_pkcs9_signingTime =    'signingTime';
+  NID_pkcs9_signingTime =    52;
+  LN_pkcs9_countersignature =     'countersignature';
+  NID_pkcs9_countersignature =    53;
+  LN_pkcs9_challengePassword =    'challengePassword';
+  NID_pkcs9_challengePassword =    54;
+  LN_pkcs9_unstructuredAddress =    'unstructuredAddress';
+  NID_pkcs9_unstructuredAddress =    55;
+  LN_pkcs9_extCertAttributes =    'extendedCertificateAttributes';
+  NID_pkcs9_extCertAttributes =    56;
+  SN_ext_req =    'extReq';
+  LN_ext_req =    'Extension Request';
+  NID_ext_req =    172;
+  SN_SMIMECapabilities =    'SMIME-CAPS';
+  LN_SMIMECapabilities =    'S/MIME Capabilities';
+  NID_SMIMECapabilities =    167;
+  SN_SMIME =     'SMIME';
+  LN_SMIME =     'S/MIME';
+  NID_SMIME =     188;
+  SN_id_smime_mod =   'id-smime-mod';
+  NID_id_smime_mod =     189;
+  SN_id_smime_ct =   'id-smime-ct';
+  NID_id_smime_ct =   190;
+  SN_id_smime_aa =   'id-smime-aa';
+  NID_id_smime_aa =   191;
+  SN_id_smime_alg =   'id-smime-alg';
+  NID_id_smime_alg =     192;
+  SN_id_smime_cd =   'id-smime-cd';
+  NID_id_smime_cd =   193;
+  SN_id_smime_spq =   'id-smime-spq';
+  NID_id_smime_spq =     194;
+  SN_id_smime_cti =   'id-smime-cti';
+  NID_id_smime_cti =     195;
+  SN_id_smime_mod_cms =    'id-smime-mod-cms';
+  NID_id_smime_mod_cms =    196;
+  SN_id_smime_mod_ess =    'id-smime-mod-ess';
+  NID_id_smime_mod_ess =    197;
+  SN_id_smime_mod_oid =    'id-smime-mod-oid';
+  NID_id_smime_mod_oid =    198;
+  SN_id_smime_mod_msg_v3 =   'id-smime-mod-msg-v3';
+  NID_id_smime_mod_msg_v3 =   199;
+  SN_id_smime_mod_ets_eSignature_88 =     'id-smime-mod-ets-eSignature-88';
+  NID_id_smime_mod_ets_eSignature_88 =    200;
+  SN_id_smime_mod_ets_eSignature_97 =     'id-smime-mod-ets-eSignature-97';
+  NID_id_smime_mod_ets_eSignature_97 =    201;
+  SN_id_smime_mod_ets_eSigPolicy_88 =     'id-smime-mod-ets-eSigPolicy-88';
+  NID_id_smime_mod_ets_eSigPolicy_88 =    202;
+  SN_id_smime_mod_ets_eSigPolicy_97 =     'id-smime-mod-ets-eSigPolicy-97';
+  NID_id_smime_mod_ets_eSigPolicy_97 =    203;
+  SN_id_smime_ct_receipt =   'id-smime-ct-receipt';
+  NID_id_smime_ct_receipt =   204;
+  SN_id_smime_ct_authData =   'id-smime-ct-authData';
+  NID_id_smime_ct_authData =     205;
+  SN_id_smime_ct_publishCert =    'id-smime-ct-publishCert';
+  NID_id_smime_ct_publishCert =    206;
+  SN_id_smime_ct_TSTInfo =   'id-smime-ct-TSTInfo';
+  NID_id_smime_ct_TSTInfo =   207;
+  SN_id_smime_ct_TDTInfo =   'id-smime-ct-TDTInfo';
+  NID_id_smime_ct_TDTInfo =   208;
+  SN_id_smime_ct_contentInfo =    'id-smime-ct-contentInfo';
+  NID_id_smime_ct_contentInfo =    209;
+  SN_id_smime_ct_DVCSRequestData =   'id-smime-ct-DVCSRequestData';
+  NID_id_smime_ct_DVCSRequestData =   210;
+  SN_id_smime_ct_DVCSResponseData =   'id-smime-ct-DVCSResponseData';
+  NID_id_smime_ct_DVCSResponseData =     211;
+  SN_id_smime_ct_compressedData =    'id-smime-ct-compressedData';
+  NID_id_smime_ct_compressedData =   786;
+  SN_id_smime_ct_contentCollection =     'id-smime-ct-contentCollection';
+  NID_id_smime_ct_contentCollection =     1058;
+  SN_id_smime_ct_authEnvelopedData =     'id-smime-ct-authEnvelopedData';
+  NID_id_smime_ct_authEnvelopedData =     1059;
+  SN_id_ct_asciiTextWithCRLF =    'id-ct-asciiTextWithCRLF';
+  NID_id_ct_asciiTextWithCRLF =    787;
+  SN_id_ct_xml =    'id-ct-xml';
+  NID_id_ct_xml =    1060;
+  SN_id_smime_aa_receiptRequest =    'id-smime-aa-receiptRequest';
+  NID_id_smime_aa_receiptRequest =   212;
+  SN_id_smime_aa_securityLabel =    'id-smime-aa-securityLabel';
+  NID_id_smime_aa_securityLabel =    213;
+  SN_id_smime_aa_mlExpandHistory =   'id-smime-aa-mlExpandHistory';
+  NID_id_smime_aa_mlExpandHistory =   214;
+  SN_id_smime_aa_contentHint =    'id-smime-aa-contentHint';
+  NID_id_smime_aa_contentHint =    215;
+  SN_id_smime_aa_msgSigDigest =    'id-smime-aa-msgSigDigest';
+  NID_id_smime_aa_msgSigDigest =    216;
+  SN_id_smime_aa_encapContentType =   'id-smime-aa-encapContentType';
+  NID_id_smime_aa_encapContentType =     217;
+  SN_id_smime_aa_contentIdentifier =     'id-smime-aa-contentIdentifier';
+  NID_id_smime_aa_contentIdentifier =     218;
+  SN_id_smime_aa_macValue =   'id-smime-aa-macValue';
+  NID_id_smime_aa_macValue =     219;
+  SN_id_smime_aa_equivalentLabels =   'id-smime-aa-equivalentLabels';
+  NID_id_smime_aa_equivalentLabels =     220;
+  SN_id_smime_aa_contentReference =   'id-smime-aa-contentReference';
+  NID_id_smime_aa_contentReference =     221;
+  SN_id_smime_aa_encrypKeyPref =    'id-smime-aa-encrypKeyPref';
+  NID_id_smime_aa_encrypKeyPref =    222;
+  SN_id_smime_aa_signingCertificate =     'id-smime-aa-signingCertificate';
+  NID_id_smime_aa_signingCertificate =    223;
+  SN_id_smime_aa_smimeEncryptCerts =     'id-smime-aa-smimeEncryptCerts';
+  NID_id_smime_aa_smimeEncryptCerts =     224;
+  SN_id_smime_aa_timeStampToken =    'id-smime-aa-timeStampToken';
+  NID_id_smime_aa_timeStampToken =   225;
+  SN_id_smime_aa_ets_sigPolicyId =   'id-smime-aa-ets-sigPolicyId';
+  NID_id_smime_aa_ets_sigPolicyId =   226;
+  SN_id_smime_aa_ets_commitmentType =     'id-smime-aa-ets-commitmentType';
+  NID_id_smime_aa_ets_commitmentType =    227;
+  SN_id_smime_aa_ets_signerLocation =     'id-smime-aa-ets-signerLocation';
+  NID_id_smime_aa_ets_signerLocation =    228;
+  SN_id_smime_aa_ets_signerAttr =    'id-smime-aa-ets-signerAttr';
+  NID_id_smime_aa_ets_signerAttr =   229;
+  SN_id_smime_aa_ets_otherSigCert =   'id-smime-aa-ets-otherSigCert';
+  NID_id_smime_aa_ets_otherSigCert =     230;
+  SN_id_smime_aa_ets_contentTimestamp =    'id-smime-aa-ets-contentTimestamp';
+  NID_id_smime_aa_ets_contentTimestamp =    231;
+  SN_id_smime_aa_ets_CertificateRefs =    'id-smime-aa-ets-CertificateRefs';
+  NID_id_smime_aa_ets_CertificateRefs =    232;
+  SN_id_smime_aa_ets_RevocationRefs =     'id-smime-aa-ets-RevocationRefs';
+  NID_id_smime_aa_ets_RevocationRefs =    233;
+  SN_id_smime_aa_ets_certValues =    'id-smime-aa-ets-certValues';
+  NID_id_smime_aa_ets_certValues =   234;
+  SN_id_smime_aa_ets_revocationValues =    'id-smime-aa-ets-revocationValues';
+  NID_id_smime_aa_ets_revocationValues =    235;
+  SN_id_smime_aa_ets_escTimeStamp =   'id-smime-aa-ets-escTimeStamp';
+  NID_id_smime_aa_ets_escTimeStamp =     236;
+  SN_id_smime_aa_ets_certCRLTimestamp =    'id-smime-aa-ets-certCRLTimestamp';
+  NID_id_smime_aa_ets_certCRLTimestamp =    237;
+  SN_id_smime_aa_ets_archiveTimeStamp =    'id-smime-aa-ets-archiveTimeStamp';
+  NID_id_smime_aa_ets_archiveTimeStamp =    238;
+  SN_id_smime_aa_signatureType =    'id-smime-aa-signatureType';
+  NID_id_smime_aa_signatureType =    239;
+  SN_id_smime_aa_dvcs_dvc =   'id-smime-aa-dvcs-dvc';
+  NID_id_smime_aa_dvcs_dvc =     240;
+  SN_id_smime_aa_signingCertificateV2 =    'id-smime-aa-signingCertificateV2';
+  NID_id_smime_aa_signingCertificateV2 =    1086;
+  SN_id_smime_alg_ESDHwith3DES =    'id-smime-alg-ESDHwith3DES';
+  NID_id_smime_alg_ESDHwith3DES =    241;
+  SN_id_smime_alg_ESDHwithRC2 =    'id-smime-alg-ESDHwithRC2';
+  NID_id_smime_alg_ESDHwithRC2 =    242;
+  SN_id_smime_alg_3DESwrap =     'id-smime-alg-3DESwrap';
+  NID_id_smime_alg_3DESwrap =     243;
+  SN_id_smime_alg_RC2wrap =   'id-smime-alg-RC2wrap';
+  NID_id_smime_alg_RC2wrap =     244;
+  SN_id_smime_alg_ESDH =    'id-smime-alg-ESDH';
+  NID_id_smime_alg_ESDH =    245;
+  SN_id_smime_alg_CMS3DESwrap =    'id-smime-alg-CMS3DESwrap';
+  NID_id_smime_alg_CMS3DESwrap =    246;
+  SN_id_smime_alg_CMSRC2wrap =    'id-smime-alg-CMSRC2wrap';
+  NID_id_smime_alg_CMSRC2wrap =    247;
+  SN_id_alg_PWRI_KEK =    'id-alg-PWRI-KEK';
+  NID_id_alg_PWRI_KEK =    893;
+  SN_id_smime_cd_ldap =    'id-smime-cd-ldap';
+  NID_id_smime_cd_ldap =    248;
+  SN_id_smime_spq_ets_sqt_uri =    'id-smime-spq-ets-sqt-uri';
+  NID_id_smime_spq_ets_sqt_uri =    249;
+  SN_id_smime_spq_ets_sqt_unotice =   'id-smime-spq-ets-sqt-unotice';
+  NID_id_smime_spq_ets_sqt_unotice =     250;
+  SN_id_smime_cti_ets_proofOfOrigin =     'id-smime-cti-ets-proofOfOrigin';
+  NID_id_smime_cti_ets_proofOfOrigin =    251;
+  SN_id_smime_cti_ets_proofOfReceipt =    'id-smime-cti-ets-proofOfReceipt';
+  NID_id_smime_cti_ets_proofOfReceipt =    252;
+  SN_id_smime_cti_ets_proofOfDelivery =    'id-smime-cti-ets-proofOfDelivery';
+  NID_id_smime_cti_ets_proofOfDelivery =    253;
+  SN_id_smime_cti_ets_proofOfSender =     'id-smime-cti-ets-proofOfSender';
+  NID_id_smime_cti_ets_proofOfSender =    254;
+  SN_id_smime_cti_ets_proofOfApproval =    'id-smime-cti-ets-proofOfApproval';
+  NID_id_smime_cti_ets_proofOfApproval =    255;
+  SN_id_smime_cti_ets_proofOfCreation =    'id-smime-cti-ets-proofOfCreation';
+  NID_id_smime_cti_ets_proofOfCreation =    256;
+  LN_friendlyName =   'friendlyName';
+  NID_friendlyName =     156;
+  LN_localKeyID =    'localKeyID';
+  NID_localKeyID =   157;
+  SN_ms_csp_name =   'CSPName';
+  LN_ms_csp_name =   'Microsoft CSP Name';
+  NID_ms_csp_name =   417;
+  SN_LocalKeySet =   'LocalKeySet';
+  LN_LocalKeySet =   'Microsoft Local Key set';
+  NID_LocalKeySet =   856;
+  LN_x509Certificate =    'x509Certificate';
+  NID_x509Certificate =    158;
+  LN_sdsiCertificate =    'sdsiCertificate';
+  NID_sdsiCertificate =    159;
+  LN_x509Crl =    'x509Crl';
+  NID_x509Crl =    160;
+  SN_pbe_WithSHA1And128BitRC4 =    'PBE-SHA1-RC4-128';
+  LN_pbe_WithSHA1And128BitRC4 =    'pbeWithSHA1And128BitRC4';
+  NID_pbe_WithSHA1And128BitRC4 =    144;
+  SN_pbe_WithSHA1And40BitRC4 =    'PBE-SHA1-RC4-40';
+  LN_pbe_WithSHA1And40BitRC4 =    'pbeWithSHA1And40BitRC4';
+  NID_pbe_WithSHA1And40BitRC4 =    145;
+  SN_pbe_WithSHA1And3_Key_TripleDES_CBC =    'PBE-SHA1-3DES';
+  LN_pbe_WithSHA1And3_Key_TripleDES_CBC =    'pbeWithSHA1And3-KeyTripleDES-CBC';
+  NID_pbe_WithSHA1And3_Key_TripleDES_CBC =   146;
+  SN_pbe_WithSHA1And2_Key_TripleDES_CBC =    'PBE-SHA1-2DES';
+  LN_pbe_WithSHA1And2_Key_TripleDES_CBC =    'pbeWithSHA1And2-KeyTripleDES-CBC';
+  NID_pbe_WithSHA1And2_Key_TripleDES_CBC =   147;
+  SN_pbe_WithSHA1And128BitRC2_CBC =   'PBE-SHA1-RC2-128';
+  LN_pbe_WithSHA1And128BitRC2_CBC =   'pbeWithSHA1And128BitRC2-CBC';
+  NID_pbe_WithSHA1And128BitRC2_CBC =     148;
+  SN_pbe_WithSHA1And40BitRC2_CBC =   'PBE-SHA1-RC2-40';
+  LN_pbe_WithSHA1And40BitRC2_CBC =   'pbeWithSHA1And40BitRC2-CBC';
+  NID_pbe_WithSHA1And40BitRC2_CBC =   149;
+  LN_keyBag =     'keyBag';
+  NID_keyBag =    150;
+  LN_pkcs8ShroudedKeyBag =   'pkcs8ShroudedKeyBag';
+  NID_pkcs8ShroudedKeyBag =   151;
+  LN_certBag =    'certBag';
+  NID_certBag =    152;
+  LN_crlBag =     'crlBag';
+  NID_crlBag =    153;
+  LN_secretBag =    'secretBag';
+  NID_secretBag =    154;
+  LN_safeContentsBag =    'safeContentsBag';
+  NID_safeContentsBag =    155;
+  SN_md2 =   'MD2';
+  LN_md2 =   'md2';
+  NID_md2 =   3;
+  SN_md4 =   'MD4';
+  LN_md4 =   'md4';
+  NID_md4 =   257;
+  SN_md5 =   'MD5';
+  LN_md5 =   'md5';
+  NID_md5 =   4;
+  SN_md5_sha1 =    'MD5-SHA1';
+  LN_md5_sha1 =    'md5-sha1';
+  NID_md5_sha1 =    114;
+  LN_hmacWithMD5 =   'hmacWithMD5';
+  NID_hmacWithMD5 =   797;
+  LN_hmacWithSHA1 =   'hmacWithSHA1';
+  NID_hmacWithSHA1 =     163;
+  SN_sm2 =   'SM2';
+  LN_sm2 =   'sm2';
+  NID_sm2 =   1172;
+  SN_sm3 =   'SM3';
+  LN_sm3 =   'sm3';
+  NID_sm3 =   1143;
+  SN_sm3WithRSAEncryption =   'RSA-SM3';
+  LN_sm3WithRSAEncryption =   'sm3WithRSAEncryption';
+  NID_sm3WithRSAEncryption =     1144;
+  LN_hmacWithSHA224 =     'hmacWithSHA224';
+  NID_hmacWithSHA224 =    798;
+  LN_hmacWithSHA256 =     'hmacWithSHA256';
+  NID_hmacWithSHA256 =    799;
+  LN_hmacWithSHA384 =     'hmacWithSHA384';
+  NID_hmacWithSHA384 =    800;
+  LN_hmacWithSHA512 =     'hmacWithSHA512';
+  NID_hmacWithSHA512 =    801;
+  LN_hmacWithSHA512_224 =    'hmacWithSHA512-224';
+  NID_hmacWithSHA512_224 =   1193;
+  LN_hmacWithSHA512_256 =    'hmacWithSHA512-256';
+  NID_hmacWithSHA512_256 =   1194;
+  SN_rc2_cbc =    'RC2-CBC';
+  LN_rc2_cbc =    'rc2-cbc';
+  NID_rc2_cbc =    37;
+  SN_rc2_ecb =    'RC2-ECB';
+  LN_rc2_ecb =    'rc2-ecb';
+  NID_rc2_ecb =    38;
+  SN_rc2_cfb64 =    'RC2-CFB';
+  LN_rc2_cfb64 =    'rc2-cfb';
+  NID_rc2_cfb64 =    39;
+  SN_rc2_ofb64 =    'RC2-OFB';
+  LN_rc2_ofb64 =    'rc2-ofb';
+  NID_rc2_ofb64 =    40;
+  SN_rc2_40_cbc =    'RC2-40-CBC';
+  LN_rc2_40_cbc =    'rc2-40-cbc';
+  NID_rc2_40_cbc =   98;
+  SN_rc2_64_cbc =    'RC2-64-CBC';
+  LN_rc2_64_cbc =    'rc2-64-cbc';
+  NID_rc2_64_cbc =   166;
+  SN_rc4 =   'RC4';
+  LN_rc4 =   'rc4';
+  NID_rc4 =   5;
+  SN_rc4_40 =     'RC4-40';
+  LN_rc4_40 =     'rc4-40';
+  NID_rc4_40 =    97;
+  SN_des_ede3_cbc =   'DES-EDE3-CBC';
+  LN_des_ede3_cbc =   'des-ede3-cbc';
+  NID_des_ede3_cbc =     44;
+  SN_rc5_cbc =    'RC5-CBC';
+  LN_rc5_cbc =    'rc5-cbc';
+  NID_rc5_cbc =    120;
+  SN_rc5_ecb =    'RC5-ECB';
+  LN_rc5_ecb =    'rc5-ecb';
+  NID_rc5_ecb =    121;
+  SN_rc5_cfb64 =    'RC5-CFB';
+  LN_rc5_cfb64 =    'rc5-cfb';
+  NID_rc5_cfb64 =    122;
+  SN_rc5_ofb64 =    'RC5-OFB';
+  LN_rc5_ofb64 =    'rc5-ofb';
+  NID_rc5_ofb64 =    123;
+  SN_ms_ext_req =    'msExtReq';
+  LN_ms_ext_req =    'Microsoft Extension Request';
+  NID_ms_ext_req =   171;
+  SN_ms_code_ind =   'msCodeInd';
+  LN_ms_code_ind =   'Microsoft Individual Code Signing';
+  NID_ms_code_ind =   134;
+  SN_ms_code_com =   'msCodeCom';
+  LN_ms_code_com =   'Microsoft Commercial Code Signing';
+  NID_ms_code_com =   135;
+  SN_ms_ctl_sign =   'msCTLSign';
+  LN_ms_ctl_sign =   'Microsoft Trust List Signing';
+  NID_ms_ctl_sign =   136;
+  SN_ms_sgc =     'msSGC';
+  LN_ms_sgc =     'Microsoft Server Gated Crypto';
+  NID_ms_sgc =    137;
+  SN_ms_efs =     'msEFS';
+  LN_ms_efs =     'Microsoft Encrypted File System';
+  NID_ms_efs =    138;
+  SN_ms_smartcard_login =    'msSmartcardLogin';
+  LN_ms_smartcard_login =    'Microsoft Smartcard Login';
+  NID_ms_smartcard_login =   648;
+  SN_ms_upn =     'msUPN';
+  LN_ms_upn =     'Microsoft User Principal Name';
+  NID_ms_upn =    649;
+  SN_idea_cbc =    'IDEA-CBC';
+  LN_idea_cbc =    'idea-cbc';
+  NID_idea_cbc =    34;
+  SN_idea_ecb =    'IDEA-ECB';
+  LN_idea_ecb =    'idea-ecb';
+  NID_idea_ecb =    36;
+  SN_idea_cfb64 =    'IDEA-CFB';
+  LN_idea_cfb64 =    'idea-cfb';
+  NID_idea_cfb64 =   35;
+  SN_idea_ofb64 =    'IDEA-OFB';
+  LN_idea_ofb64 =    'idea-ofb';
+  NID_idea_ofb64 =   46;
+  SN_bf_cbc =     'BF-CBC';
+  LN_bf_cbc =     'bf-cbc';
+  NID_bf_cbc =    91;
+  SN_bf_ecb =     'BF-ECB';
+  LN_bf_ecb =     'bf-ecb';
+  NID_bf_ecb =    92;
+  SN_bf_cfb64 =    'BF-CFB';
+  LN_bf_cfb64 =    'bf-cfb';
+  NID_bf_cfb64 =    93;
+  SN_bf_ofb64 =    'BF-OFB';
+  LN_bf_ofb64 =    'bf-ofb';
+  NID_bf_ofb64 =    94;
+  SN_id_pkix =    'PKIX';
+  NID_id_pkix =    127;
+  SN_id_pkix_mod =   'id-pkix-mod';
+  NID_id_pkix_mod =   258;
+  SN_id_pe =     'id-pe';
+  NID_id_pe =     175;
+  SN_id_qt =     'id-qt';
+  NID_id_qt =     259;
+  SN_id_kp =     'id-kp';
+  NID_id_kp =     128;
+  SN_id_it =     'id-it';
+  NID_id_it =     260;
+  SN_id_pkip =    'id-pkip';
+  NID_id_pkip =    261;
+  SN_id_alg =     'id-alg';
+  NID_id_alg =    262;
+  SN_id_cmc =     'id-cmc';
+  NID_id_cmc =    263;
+  SN_id_on =     'id-on';
+  NID_id_on =     264;
+  SN_id_pda =     'id-pda';
+  NID_id_pda =    265;
+  SN_id_aca =     'id-aca';
+  NID_id_aca =    266;
+  SN_id_qcs =     'id-qcs';
+  NID_id_qcs =    267;
+  SN_id_cct =     'id-cct';
+  NID_id_cct =    268;
+  SN_id_ppl =     'id-ppl';
+  NID_id_ppl =    662;
+  SN_id_ad =     'id-ad';
+  NID_id_ad =     176;
+  SN_id_pkix1_explicit_88 =   'id-pkix1-explicit-88';
+  NID_id_pkix1_explicit_88 =     269;
+  SN_id_pkix1_implicit_88 =   'id-pkix1-implicit-88';
+  NID_id_pkix1_implicit_88 =     270;
+  SN_id_pkix1_explicit_93 =   'id-pkix1-explicit-93';
+  NID_id_pkix1_explicit_93 =     271;
+  SN_id_pkix1_implicit_93 =   'id-pkix1-implicit-93';
+  NID_id_pkix1_implicit_93 =     272;
+  SN_id_mod_crmf =   'id-mod-crmf';
+  NID_id_mod_crmf =   273;
+  SN_id_mod_cmc =    'id-mod-cmc';
+  NID_id_mod_cmc =   274;
+  SN_id_mod_kea_profile_88 =     'id-mod-kea-profile-88';
+  NID_id_mod_kea_profile_88 =     275;
+  SN_id_mod_kea_profile_93 =     'id-mod-kea-profile-93';
+  NID_id_mod_kea_profile_93 =     276;
+  SN_id_mod_cmp =    'id-mod-cmp';
+  NID_id_mod_cmp =   277;
+  SN_id_mod_qualified_cert_88 =    'id-mod-qualified-cert-88';
+  NID_id_mod_qualified_cert_88 =    278;
+  SN_id_mod_qualified_cert_93 =    'id-mod-qualified-cert-93';
+  NID_id_mod_qualified_cert_93 =    279;
+  SN_id_mod_attribute_cert =     'id-mod-attribute-cert';
+  NID_id_mod_attribute_cert =     280;
+  SN_id_mod_timestamp_protocol =    'id-mod-timestamp-protocol';
+  NID_id_mod_timestamp_protocol =    281;
+  SN_id_mod_ocsp =   'id-mod-ocsp';
+  NID_id_mod_ocsp =   282;
+  SN_id_mod_dvcs =   'id-mod-dvcs';
+  NID_id_mod_dvcs =   283;
+  SN_id_mod_cmp2000 =     'id-mod-cmp2000';
+  NID_id_mod_cmp2000 =    284;
+  SN_info_access =   'authorityInfoAccess';
+  LN_info_access =   'Authority Information Access';
+  NID_info_access =   177;
+  SN_biometricInfo =     'biometricInfo';
+  LN_biometricInfo =     'Biometric Info';
+  NID_biometricInfo =     285;
+  SN_qcStatements =   'qcStatements';
+  NID_qcStatements =     286;
+  SN_ac_auditEntity =     'ac-auditEntity';
+  NID_ac_auditEntity =    287;
+  SN_ac_targeting =   'ac-targeting';
+  NID_ac_targeting =     288;
+  SN_aaControls =    'aaControls';
+  NID_aaControls =   289;
+  SN_sbgp_ipAddrBlock =    'sbgp-ipAddrBlock';
+  NID_sbgp_ipAddrBlock =    290;
+  SN_sbgp_autonomousSysNum =     'sbgp-autonomousSysNum';
+  NID_sbgp_autonomousSysNum =     291;
+  SN_sbgp_routerIdentifier =     'sbgp-routerIdentifier';
+  NID_sbgp_routerIdentifier =     292;
+  SN_ac_proxying =   'ac-proxying';
+  NID_ac_proxying =   397;
+  SN_sinfo_access =   'subjectInfoAccess';
+  LN_sinfo_access =   'Subject Information Access';
+  NID_sinfo_access =     398;
+  SN_proxyCertInfo =     'proxyCertInfo';
+  LN_proxyCertInfo =     'Proxy Certificate Information';
+  NID_proxyCertInfo =     663;
+  SN_tlsfeature =    'tlsfeature';
+  LN_tlsfeature =    'TLS Feature';
+  NID_tlsfeature =   1020;
+  SN_id_qt_cps =    'id-qt-cps';
+  LN_id_qt_cps =    'Policy Qualifier CPS';
+  NID_id_qt_cps =    164;
+  SN_id_qt_unotice =     'id-qt-unotice';
+  LN_id_qt_unotice =     'Policy Qualifier User Notice';
+  NID_id_qt_unotice =     165;
+  SN_textNotice =    'textNotice';
+  NID_textNotice =   293;
+  SN_server_auth =   'serverAuth';
+  LN_server_auth =   'TLS Web Server Authentication';
+  NID_server_auth =   129;
+  SN_client_auth =   'clientAuth';
+  LN_client_auth =   'TLS Web Client Authentication';
+  NID_client_auth =   130;
+  SN_code_sign =    'codeSigning';
+  LN_code_sign =    'Code Signing';
+  NID_code_sign =    131;
+  SN_email_protect =     'emailProtection';
+  LN_email_protect =     'E-mail Protection';
+  NID_email_protect =     132;
+  SN_ipsecEndSystem =     'ipsecEndSystem';
+  LN_ipsecEndSystem =     'IPSec End System';
+  NID_ipsecEndSystem =    294;
+  SN_ipsecTunnel =   'ipsecTunnel';
+  LN_ipsecTunnel =   'IPSec Tunnel';
+  NID_ipsecTunnel =   295;
+  SN_ipsecUser =    'ipsecUser';
+  LN_ipsecUser =    'IPSec User';
+  NID_ipsecUser =    296;
+  SN_time_stamp =    'timeStamping';
+  LN_time_stamp =    'Time Stamping';
+  NID_time_stamp =   133;
+  SN_OCSP_sign =    'OCSPSigning';
+  LN_OCSP_sign =    'OCSP Signing';
+  NID_OCSP_sign =    180;
+  SN_dvcs =   'DVCS';
+  LN_dvcs =   'dvcs';
+  NID_dvcs =     297;
+  SN_ipsec_IKE =    'ipsecIKE';
+  LN_ipsec_IKE =    'ipsec Internet Key Exchange';
+  NID_ipsec_IKE =    1022;
+  SN_capwapAC =    'capwapAC';
+  LN_capwapAC =    'Ctrl/provision WAP Access';
+  NID_capwapAC =    1023;
+  SN_capwapWTP =    'capwapWTP';
+  LN_capwapWTP =    'Ctrl/Provision WAP Termination';
+  NID_capwapWTP =    1024;
+  SN_sshClient =    'secureShellClient';
+  LN_sshClient =    'SSH Client';
+  NID_sshClient =    1025;
+  SN_sshServer =    'secureShellServer';
+  LN_sshServer =    'SSH Server';
+  NID_sshServer =    1026;
+  SN_sendRouter =    'sendRouter';
+  LN_sendRouter =    'Send Router';
+  NID_sendRouter =   1027;
+  SN_sendProxiedRouter =    'sendProxiedRouter';
+  LN_sendProxiedRouter =    'Send Proxied Router';
+  NID_sendProxiedRouter =    1028;
+  SN_sendOwner =    'sendOwner';
+  LN_sendOwner =    'Send Owner';
+  NID_sendOwner =    1029;
+  SN_sendProxiedOwner =    'sendProxiedOwner';
+  LN_sendProxiedOwner =    'Send Proxied Owner';
+  NID_sendProxiedOwner =    1030;
+  SN_cmcCA =     'cmcCA';
+  LN_cmcCA =     'CMC Certificate Authority';
+  NID_cmcCA =     1131;
+  SN_cmcRA =     'cmcRA';
+  LN_cmcRA =     'CMC Registration Authority';
+  NID_cmcRA =     1132;
+  SN_id_it_caProtEncCert =   'id-it-caProtEncCert';
+  NID_id_it_caProtEncCert =   298;
+  SN_id_it_signKeyPairTypes =     'id-it-signKeyPairTypes';
+  NID_id_it_signKeyPairTypes =    299;
+  SN_id_it_encKeyPairTypes =     'id-it-encKeyPairTypes';
+  NID_id_it_encKeyPairTypes =     300;
+  SN_id_it_preferredSymmAlg =     'id-it-preferredSymmAlg';
+  NID_id_it_preferredSymmAlg =    301;
+  SN_id_it_caKeyUpdateInfo =     'id-it-caKeyUpdateInfo';
+  NID_id_it_caKeyUpdateInfo =     302;
+  SN_id_it_currentCRL =    'id-it-currentCRL';
+  NID_id_it_currentCRL =    303;
+  SN_id_it_unsupportedOIDs =     'id-it-unsupportedOIDs';
+  NID_id_it_unsupportedOIDs =     304;
+  SN_id_it_subscriptionRequest =    'id-it-subscriptionRequest';
+  NID_id_it_subscriptionRequest =    305;
+  SN_id_it_subscriptionResponse =    'id-it-subscriptionResponse';
+  NID_id_it_subscriptionResponse =   306;
+  SN_id_it_keyPairParamReq =     'id-it-keyPairParamReq';
+  NID_id_it_keyPairParamReq =     307;
+  SN_id_it_keyPairParamRep =     'id-it-keyPairParamRep';
+  NID_id_it_keyPairParamRep =     308;
+  SN_id_it_revPassphrase =   'id-it-revPassphrase';
+  NID_id_it_revPassphrase =   309;
+  SN_id_it_implicitConfirm =     'id-it-implicitConfirm';
+  NID_id_it_implicitConfirm =     310;
+  SN_id_it_confirmWaitTime =     'id-it-confirmWaitTime';
+  NID_id_it_confirmWaitTime =     311;
+  SN_id_it_origPKIMessage =   'id-it-origPKIMessage';
+  NID_id_it_origPKIMessage =     312;
+  SN_id_it_suppLangTags =    'id-it-suppLangTags';
+  NID_id_it_suppLangTags =   784;
+  SN_id_regCtrl =    'id-regCtrl';
+  NID_id_regCtrl =   313;
+  SN_id_regInfo =    'id-regInfo';
+  NID_id_regInfo =   314;
+  SN_id_regCtrl_regToken =   'id-regCtrl-regToken';
+  NID_id_regCtrl_regToken =   315;
+  SN_id_regCtrl_authenticator =    'id-regCtrl-authenticator';
+  NID_id_regCtrl_authenticator =    316;
+  SN_id_regCtrl_pkiPublicationInfo =     'id-regCtrl-pkiPublicationInfo';
+  NID_id_regCtrl_pkiPublicationInfo =     317;
+  SN_id_regCtrl_pkiArchiveOptions =   'id-regCtrl-pkiArchiveOptions';
+  NID_id_regCtrl_pkiArchiveOptions =     318;
+  SN_id_regCtrl_oldCertID =   'id-regCtrl-oldCertID';
+  NID_id_regCtrl_oldCertID =     319;
+  SN_id_regCtrl_protocolEncrKey =    'id-regCtrl-protocolEncrKey';
+  NID_id_regCtrl_protocolEncrKey =   320;
+  SN_id_regInfo_utf8Pairs =   'id-regInfo-utf8Pairs';
+  NID_id_regInfo_utf8Pairs =     321;
+  SN_id_regInfo_certReq =    'id-regInfo-certReq';
+  NID_id_regInfo_certReq =   322;
+  SN_id_alg_des40 =   'id-alg-des40';
+  NID_id_alg_des40 =     323;
+  SN_id_alg_noSignature =    'id-alg-noSignature';
+  NID_id_alg_noSignature =   324;
+  SN_id_alg_dh_sig_hmac_sha1 =    'id-alg-dh-sig-hmac-sha1';
+  NID_id_alg_dh_sig_hmac_sha1 =    325;
+  SN_id_alg_dh_pop =     'id-alg-dh-pop';
+  NID_id_alg_dh_pop =     326;
+  SN_id_cmc_statusInfo =    'id-cmc-statusInfo';
+  NID_id_cmc_statusInfo =    327;
+  SN_id_cmc_identification =     'id-cmc-identification';
+  NID_id_cmc_identification =     328;
+  SN_id_cmc_identityProof =   'id-cmc-identityProof';
+  NID_id_cmc_identityProof =     329;
+  SN_id_cmc_dataReturn =    'id-cmc-dataReturn';
+  NID_id_cmc_dataReturn =    330;
+  SN_id_cmc_transactionId =   'id-cmc-transactionId';
+  NID_id_cmc_transactionId =     331;
+  SN_id_cmc_senderNonce =    'id-cmc-senderNonce';
+  NID_id_cmc_senderNonce =   332;
+  SN_id_cmc_recipientNonce =     'id-cmc-recipientNonce';
+  NID_id_cmc_recipientNonce =     333;
+  SN_id_cmc_addExtensions =   'id-cmc-addExtensions';
+  NID_id_cmc_addExtensions =     334;
+  SN_id_cmc_encryptedPOP =   'id-cmc-encryptedPOP';
+  NID_id_cmc_encryptedPOP =   335;
+  SN_id_cmc_decryptedPOP =   'id-cmc-decryptedPOP';
+  NID_id_cmc_decryptedPOP =   336;
+  SN_id_cmc_lraPOPWitness =   'id-cmc-lraPOPWitness';
+  NID_id_cmc_lraPOPWitness =     337;
+  SN_id_cmc_getCert =     'id-cmc-getCert';
+  NID_id_cmc_getCert =    338;
+  SN_id_cmc_getCRL =     'id-cmc-getCRL';
+  NID_id_cmc_getCRL =     339;
+  SN_id_cmc_revokeRequest =   'id-cmc-revokeRequest';
+  NID_id_cmc_revokeRequest =     340;
+  SN_id_cmc_regInfo =     'id-cmc-regInfo';
+  NID_id_cmc_regInfo =    341;
+  SN_id_cmc_responseInfo =   'id-cmc-responseInfo';
+  NID_id_cmc_responseInfo =   342;
+  SN_id_cmc_queryPending =   'id-cmc-queryPending';
+  NID_id_cmc_queryPending =   343;
+  SN_id_cmc_popLinkRandom =   'id-cmc-popLinkRandom';
+  NID_id_cmc_popLinkRandom =     344;
+  SN_id_cmc_popLinkWitness =     'id-cmc-popLinkWitness';
+  NID_id_cmc_popLinkWitness =     345;
+  SN_id_cmc_confirmCertAcceptance =   'id-cmc-confirmCertAcceptance';
+  NID_id_cmc_confirmCertAcceptance =     346;
+  SN_id_on_personalData =    'id-on-personalData';
+  NID_id_on_personalData =   347;
+  SN_id_on_permanentIdentifier =    'id-on-permanentIdentifier';
+  LN_id_on_permanentIdentifier =    'Permanent Identifier';
+  NID_id_on_permanentIdentifier =    858;
+  SN_id_pda_dateOfBirth =    'id-pda-dateOfBirth';
+  NID_id_pda_dateOfBirth =   348;
+  SN_id_pda_placeOfBirth =   'id-pda-placeOfBirth';
+  NID_id_pda_placeOfBirth =   349;
+  SN_id_pda_gender =     'id-pda-gender';
+  NID_id_pda_gender =     351;
+  SN_id_pda_countryOfCitizenship =   'id-pda-countryOfCitizenship';
+  NID_id_pda_countryOfCitizenship =   352;
+  SN_id_pda_countryOfResidence =    'id-pda-countryOfResidence';
+  NID_id_pda_countryOfResidence =    353;
+  SN_id_aca_authenticationInfo =    'id-aca-authenticationInfo';
+  NID_id_aca_authenticationInfo =    354;
+  SN_id_aca_accessIdentity =     'id-aca-accessIdentity';
+  NID_id_aca_accessIdentity =     355;
+  SN_id_aca_chargingIdentity =    'id-aca-chargingIdentity';
+  NID_id_aca_chargingIdentity =    356;
+  SN_id_aca_group =   'id-aca-group';
+  NID_id_aca_group =     357;
+  SN_id_aca_role =   'id-aca-role';
+  NID_id_aca_role =   358;
+  SN_id_aca_encAttrs =    'id-aca-encAttrs';
+  NID_id_aca_encAttrs =    399;
+  SN_id_qcs_pkixQCSyntax_v1 =     'id-qcs-pkixQCSyntax-v1';
+  NID_id_qcs_pkixQCSyntax_v1 =    359;
+  SN_id_cct_crs =    'id-cct-crs';
+  NID_id_cct_crs =   360;
+  SN_id_cct_PKIData =     'id-cct-PKIData';
+  NID_id_cct_PKIData =    361;
+  SN_id_cct_PKIResponse =    'id-cct-PKIResponse';
+  NID_id_cct_PKIResponse =   362;
+  SN_id_ppl_anyLanguage =    'id-ppl-anyLanguage';
+  LN_id_ppl_anyLanguage =    'Any language';
+  NID_id_ppl_anyLanguage =   664;
+  SN_id_ppl_inheritAll =    'id-ppl-inheritAll';
+  LN_id_ppl_inheritAll =    'Inherit all';
+  NID_id_ppl_inheritAll =    665;
+  SN_Independent =   'id-ppl-independent';
+  LN_Independent =   'Independent';
+  NID_Independent =   667;
+  SN_ad_OCSP =    'OCSP';
+  LN_ad_OCSP =    'OCSP';
+  NID_ad_OCSP =    178;
+  SN_ad_ca_issuers =     'caIssuers';
+  LN_ad_ca_issuers =     'CA Issuers';
+  NID_ad_ca_issuers =     179;
+  SN_ad_timeStamping =    'ad_timestamping';
+  LN_ad_timeStamping =    'AD Time Stamping';
+  NID_ad_timeStamping =    363;
+  SN_ad_dvcs =    'AD_DVCS';
+  LN_ad_dvcs =    'ad dvcs';
+  NID_ad_dvcs =    364;
+  SN_caRepository =   'caRepository';
+  LN_caRepository =   'CA Repository';
+  NID_caRepository =     785;
+  SN_id_pkix_OCSP_basic =    'basicOCSPResponse';
+  LN_id_pkix_OCSP_basic =    'Basic OCSP Response';
+  NID_id_pkix_OCSP_basic =   365;
+  SN_id_pkix_OCSP_Nonce =    'Nonce';
+  LN_id_pkix_OCSP_Nonce =    'OCSP Nonce';
+  NID_id_pkix_OCSP_Nonce =   366;
+  SN_id_pkix_OCSP_CrlID =    'CrlID';
+  LN_id_pkix_OCSP_CrlID =    'OCSP CRL ID';
+  NID_id_pkix_OCSP_CrlID =   367;
+  SN_id_pkix_OCSP_acceptableResponses =    'acceptableResponses';
+  LN_id_pkix_OCSP_acceptableResponses =    'Acceptable OCSP Responses';
+  NID_id_pkix_OCSP_acceptableResponses =    368;
+  SN_id_pkix_OCSP_noCheck =   'noCheck';
+  LN_id_pkix_OCSP_noCheck =   'OCSP No Check';
+  NID_id_pkix_OCSP_noCheck =     369;
+  SN_id_pkix_OCSP_archiveCutoff =    'archiveCutoff';
+  LN_id_pkix_OCSP_archiveCutoff =    'OCSP Archive Cutoff';
+  NID_id_pkix_OCSP_archiveCutoff =   370;
+  SN_id_pkix_OCSP_serviceLocator =   'serviceLocator';
+  LN_id_pkix_OCSP_serviceLocator =   'OCSP Service Locator';
+  NID_id_pkix_OCSP_serviceLocator =   371;
+  SN_id_pkix_OCSP_extendedStatus =   'extendedStatus';
+  LN_id_pkix_OCSP_extendedStatus =   'Extended OCSP Status';
+  NID_id_pkix_OCSP_extendedStatus =   372;
+  SN_id_pkix_OCSP_valid =    'valid';
+  NID_id_pkix_OCSP_valid =   373;
+  SN_id_pkix_OCSP_path =    'path';
+  NID_id_pkix_OCSP_path =    374;
+  SN_id_pkix_OCSP_trustRoot =     'trustRoot';
+  LN_id_pkix_OCSP_trustRoot =     'Trust Root';
+  NID_id_pkix_OCSP_trustRoot =    375;
+  SN_algorithm =    'algorithm';
+  LN_algorithm =    'algorithm';
+  NID_algorithm =    376;
+  SN_md5WithRSA =    'RSA-NP-MD5';
+  LN_md5WithRSA =    'md5WithRSA';
+  NID_md5WithRSA =   104;
+  SN_des_ecb =    'DES-ECB';
+  LN_des_ecb =    'des-ecb';
+  NID_des_ecb =    29;
+  SN_des_cbc =    'DES-CBC';
+  LN_des_cbc =    'des-cbc';
+  NID_des_cbc =    31;
+  SN_des_ofb64 =    'DES-OFB';
+  LN_des_ofb64 =    'des-ofb';
+  NID_des_ofb64 =    45;
+  SN_des_cfb64 =    'DES-CFB';
+  LN_des_cfb64 =    'des-cfb';
+  NID_des_cfb64 =    30;
+  SN_rsaSignature =   'rsaSignature';
+  NID_rsaSignature =     377;
+  SN_dsa_2 =     'DSA-old';
+  LN_dsa_2 =     'dsaEncryption-old';
+  NID_dsa_2 =     67;
+  SN_dsaWithSHA =    'DSA-SHA';
+  LN_dsaWithSHA =    'dsaWithSHA';
+  NID_dsaWithSHA =   66;
+  SN_shaWithRSAEncryption =   'RSA-SHA';
+  LN_shaWithRSAEncryption =   'shaWithRSAEncryption';
+  NID_shaWithRSAEncryption =     42;
+  SN_des_ede_ecb =   'DES-EDE';
+  LN_des_ede_ecb =   'des-ede';
+  NID_des_ede_ecb =   32;
+  SN_des_ede3_ecb =   'DES-EDE3';
+  LN_des_ede3_ecb =   'des-ede3';
+  NID_des_ede3_ecb =     33;
+  SN_des_ede_cbc =   'DES-EDE-CBC';
+  LN_des_ede_cbc =   'des-ede-cbc';
+  NID_des_ede_cbc =   43;
+  SN_des_ede_cfb64 =     'DES-EDE-CFB';
+  LN_des_ede_cfb64 =     'des-ede-cfb';
+  NID_des_ede_cfb64 =     60;
+  SN_des_ede3_cfb64 =     'DES-EDE3-CFB';
+  LN_des_ede3_cfb64 =     'des-ede3-cfb';
+  NID_des_ede3_cfb64 =    61;
+  SN_des_ede_ofb64 =     'DES-EDE-OFB';
+  LN_des_ede_ofb64 =     'des-ede-ofb';
+  NID_des_ede_ofb64 =     62;
+  SN_des_ede3_ofb64 =     'DES-EDE3-OFB';
+  LN_des_ede3_ofb64 =     'des-ede3-ofb';
+  NID_des_ede3_ofb64 =    63;
+  SN_desx_cbc =    'DESX-CBC';
+  LN_desx_cbc =    'desx-cbc';
+  NID_desx_cbc =    80;
+  SN_sha =   'SHA';
+  LN_sha =   'sha';
+  NID_sha =   41;
+  SN_sha1 =   'SHA1';
+  LN_sha1 =   'sha1';
+  NID_sha1 =     64;
+  SN_dsaWithSHA1_2 =     'DSA-SHA1-old';
+  LN_dsaWithSHA1_2 =     'dsaWithSHA1-old';
+  NID_dsaWithSHA1_2 =     70;
+  SN_sha1WithRSA =   'RSA-SHA1-2';
+  LN_sha1WithRSA =   'sha1WithRSA';
+  NID_sha1WithRSA =   115;
+  SN_ripemd160 =    'RIPEMD160';
+  LN_ripemd160 =    'ripemd160';
+  NID_ripemd160 =    117;
+  SN_ripemd160WithRSA =    'RSA-RIPEMD160';
+  LN_ripemd160WithRSA =    'ripemd160WithRSA';
+  NID_ripemd160WithRSA =    119;
+  SN_blake2b512 =    'BLAKE2b512';
+  LN_blake2b512 =    'blake2b512';
+  NID_blake2b512 =   1056;
+  SN_blake2s256 =    'BLAKE2s256';
+  LN_blake2s256 =    'blake2s256';
+  NID_blake2s256 =   1057;
+  SN_sxnet =     'SXNetID';
+  LN_sxnet =     'Strong Extranet ID';
+  NID_sxnet =     143;
+  SN_X500 =   'X500';
+  LN_X500 =   'directory services(X.500)';
+  NID_X500 =     11;
+  SN_X509 =   'X509';
+  NID_X509 =     12;
+  SN_commonName =    'CN';
+  LN_commonName =    'commonName';
+  NID_commonName =   13;
+  SN_surname =    'SN';
+  LN_surname =    'surname';
+  NID_surname =    100;
+  LN_serialNumber =   'serialNumber';
+  NID_serialNumber =     105;
+  SN_countryName =   'C';
+  LN_countryName =   'countryName';
+  NID_countryName =   14;
+  SN_localityName =   'L';
+  LN_localityName =   'localityName';
+  NID_localityName =     15;
+  SN_stateOrProvinceName =   'ST';
+  LN_stateOrProvinceName =   'stateOrProvinceName';
+  NID_stateOrProvinceName =   16;
+  SN_streetAddress =     'street';
+  LN_streetAddress =     'streetAddress';
+  NID_streetAddress =     660;
+  SN_organizationName =    'O';
+  LN_organizationName =    'organizationName';
+  NID_organizationName =    17;
+  SN_organizationalUnitName =     'OU';
+  LN_organizationalUnitName =     'organizationalUnitName';
+  NID_organizationalUnitName =    18;
+  SN_title =     'title';
+  LN_title =     'title';
+  NID_title =     106;
+  LN_description =   'description';
+  NID_description =   107;
+  LN_searchGuide =   'searchGuide';
+  NID_searchGuide =   859;
+  LN_businessCategory =    'businessCategory';
+  NID_businessCategory =    860;
+  LN_postalAddress =     'postalAddress';
+  NID_postalAddress =     861;
+  LN_postalCode =    'postalCode';
+  NID_postalCode =   661;
+  LN_postOfficeBox =     'postOfficeBox';
+  NID_postOfficeBox =     862;
+  LN_physicalDeliveryOfficeName =    'physicalDeliveryOfficeName';
+  NID_physicalDeliveryOfficeName =   863;
+  LN_telephoneNumber =    'telephoneNumber';
+  NID_telephoneNumber =    864;
+  LN_telexNumber =   'telexNumber';
+  NID_telexNumber =   865;
+  LN_teletexTerminalIdentifier =    'teletexTerminalIdentifier';
+  NID_teletexTerminalIdentifier =    866;
+  LN_facsimileTelephoneNumber =    'facsimileTelephoneNumber';
+  NID_facsimileTelephoneNumber =    867;
+  LN_x121Address =   'x121Address';
+  NID_x121Address =   868;
+  LN_internationaliSDNNumber =    'internationaliSDNNumber';
+  NID_internationaliSDNNumber =    869;
+  LN_registeredAddress =    'registeredAddress';
+  NID_registeredAddress =    870;
+  LN_destinationIndicator =   'destinationIndicator';
+  NID_destinationIndicator =     871;
+  LN_preferredDeliveryMethod =    'preferredDeliveryMethod';
+  NID_preferredDeliveryMethod =    872;
+  LN_presentationAddress =   'presentationAddress';
+  NID_presentationAddress =   873;
+  LN_supportedApplicationContext =   'supportedApplicationContext';
+  NID_supportedApplicationContext =   874;
+  SN_member =     'member';
+  NID_member =    875;
+  SN_owner =     'owner';
+  NID_owner =     876;
+  LN_roleOccupant =   'roleOccupant';
+  NID_roleOccupant =     877;
+  SN_seeAlso =    'seeAlso';
+  NID_seeAlso =    878;
+  LN_userPassword =   'userPassword';
+  NID_userPassword =     879;
+  LN_userCertificate =    'userCertificate';
+  NID_userCertificate =    880;
+  LN_cACertificate =     'cACertificate';
+  NID_cACertificate =     881;
+  LN_authorityRevocationList =    'authorityRevocationList';
+  NID_authorityRevocationList =    882;
+  LN_certificateRevocationList =    'certificateRevocationList';
+  NID_certificateRevocationList =    883;
+  LN_crossCertificatePair =   'crossCertificatePair';
+  NID_crossCertificatePair =     884;
+  SN_name =   'name';
+  LN_name =   'name';
+  NID_name =     173;
+  SN_givenName =    'GN';
+  LN_givenName =    'givenName';
+  NID_givenName =    99;
+  SN_initials =    'initials';
+  LN_initials =    'initials';
+  NID_initials =    101;
+  LN_generationQualifier =   'generationQualifier';
+  NID_generationQualifier =   509;
+  LN_x500UniqueIdentifier =   'x500UniqueIdentifier';
+  NID_x500UniqueIdentifier =     503;
+  SN_dnQualifier =   'dnQualifier';
+  LN_dnQualifier =   'dnQualifier';
+  NID_dnQualifier =   174;
+  LN_enhancedSearchGuide =   'enhancedSearchGuide';
+  NID_enhancedSearchGuide =   885;
+  LN_protocolInformation =   'protocolInformation';
+  NID_protocolInformation =   886;
+  LN_distinguishedName =    'distinguishedName';
+  NID_distinguishedName =    887;
+  LN_uniqueMember =   'uniqueMember';
+  NID_uniqueMember =     888;
+  LN_houseIdentifier =    'houseIdentifier';
+  NID_houseIdentifier =    889;
+  LN_supportedAlgorithms =   'supportedAlgorithms';
+  NID_supportedAlgorithms =   890;
+  LN_deltaRevocationList =   'deltaRevocationList';
+  NID_deltaRevocationList =   891;
+  SN_dmdName =    'dmdName';
+  NID_dmdName =    892;
+  LN_pseudonym =    'pseudonym';
+  NID_pseudonym =    510;
+  SN_role =   'role';
+  LN_role =   'role';
+  NID_role =     400;
+  LN_organizationIdentifier =     'organizationIdentifier';
+  NID_organizationIdentifier =    1089;
+  SN_countryCode3c =     'c3';
+  LN_countryCode3c =     'countryCode3c';
+  NID_countryCode3c =     1090;
+  SN_countryCode3n =     'n3';
+  LN_countryCode3n =     'countryCode3n';
+  NID_countryCode3n =     1091;
+  LN_dnsName =    'dnsName';
+  NID_dnsName =    1092;
+  SN_X500algorithms =     'X500algorithms';
+  LN_X500algorithms =     'directory services - algorithms';
+  NID_X500algorithms =    378;
+  SN_rsa =   'RSA';
+  LN_rsa =   'rsa';
+  NID_rsa =   19;
+  SN_mdc2WithRSA =   'RSA-MDC2';
+  LN_mdc2WithRSA =   'mdc2WithRSA';
+  NID_mdc2WithRSA =   96;
+  SN_mdc2 =   'MDC2';
+  LN_mdc2 =   'mdc2';
+  NID_mdc2 =     95;
+  SN_id_ce =     'id-ce';
+  NID_id_ce =     81;
+  SN_subject_directory_attributes =   'subjectDirectoryAttributes';
+  LN_subject_directory_attributes =   'X509v3 Subject Directory Attributes';
+  NID_subject_directory_attributes =     769;
+  SN_subject_key_identifier =     'subjectKeyIdentifier';
+  LN_subject_key_identifier =     'X509v3 Subject Key Identifier';
+  NID_subject_key_identifier =    82;
+  SN_key_usage =    'keyUsage';
+  LN_key_usage =    'X509v3 Key Usage';
+  NID_key_usage =    83;
+  SN_private_key_usage_period =    'privateKeyUsagePeriod';
+  LN_private_key_usage_period =    'X509v3 Private Key Usage Period';
+  NID_private_key_usage_period =    84;
+  SN_subject_alt_name =    'subjectAltName';
+  LN_subject_alt_name =    'X509v3 Subject Alternative Name';
+  NID_subject_alt_name =    85;
+  SN_issuer_alt_name =    'issuerAltName';
+  LN_issuer_alt_name =    'X509v3 Issuer Alternative Name';
+  NID_issuer_alt_name =    86;
+  SN_basic_constraints =    'basicConstraints';
+  LN_basic_constraints =    'X509v3 Basic Constraints';
+  NID_basic_constraints =    87;
+  SN_crl_number =    'crlNumber';
+  LN_crl_number =    'X509v3 CRL Number';
+  NID_crl_number =   88;
+  SN_crl_reason =    'CRLReason';
+  LN_crl_reason =    'X509v3 CRL Reason Code';
+  NID_crl_reason =   141;
+  SN_invalidity_date =    'invalidityDate';
+  LN_invalidity_date =    'Invalidity Date';
+  NID_invalidity_date =    142;
+  SN_delta_crl =    'deltaCRL';
+  LN_delta_crl =    'X509v3 Delta CRL Indicator';
+  NID_delta_crl =    140;
+  SN_issuing_distribution_point =    'issuingDistributionPoint';
+  LN_issuing_distribution_point =    'X509v3 Issuing Distribution Point';
+  NID_issuing_distribution_point =   770;
+  SN_certificate_issuer =    'certificateIssuer';
+  LN_certificate_issuer =    'X509v3 Certificate Issuer';
+  NID_certificate_issuer =   771;
+  SN_name_constraints =    'nameConstraints';
+  LN_name_constraints =    'X509v3 Name Constraints';
+  NID_name_constraints =    666;
+  SN_crl_distribution_points =    'crlDistributionPoints';
+  LN_crl_distribution_points =    'X509v3 CRL Distribution Points';
+  NID_crl_distribution_points =    103;
+  SN_certificate_policies =   'certificatePolicies';
+  LN_certificate_policies =   'X509v3 Certificate Policies';
+  NID_certificate_policies =     89;
+  SN_any_policy =    'anyPolicy';
+  LN_any_policy =    'X509v3 Any Policy';
+  NID_any_policy =   746;
+  SN_policy_mappings =    'policyMappings';
+  LN_policy_mappings =    'X509v3 Policy Mappings';
+  NID_policy_mappings =    747;
+  SN_authority_key_identifier =    'authorityKeyIdentifier';
+  LN_authority_key_identifier =    'X509v3 Authority Key Identifier';
+  NID_authority_key_identifier =    90;
+  SN_policy_constraints =    'policyConstraints';
+  LN_policy_constraints =    'X509v3 Policy Constraints';
+  NID_policy_constraints =   401;
+  SN_ext_key_usage =     'extendedKeyUsage';
+  LN_ext_key_usage =     'X509v3 Extended Key Usage';
+  NID_ext_key_usage =     126;
+  SN_freshest_crl =   'freshestCRL';
+  LN_freshest_crl =   'X509v3 Freshest CRL';
+  NID_freshest_crl =     857;
+  SN_inhibit_any_policy =    'inhibitAnyPolicy';
+  LN_inhibit_any_policy =    'X509v3 Inhibit Any Policy';
+  NID_inhibit_any_policy =   748;
+  SN_target_information =    'targetInformation';
+  LN_target_information =    'X509v3 AC Targeting';
+  NID_target_information =   402;
+  SN_no_rev_avail =   'noRevAvail';
+  LN_no_rev_avail =   'X509v3 No Revocation Available';
+  NID_no_rev_avail =     403;
+  SN_anyExtendedKeyUsage =   'anyExtendedKeyUsage';
+  LN_anyExtendedKeyUsage =   'Any Extended Key Usage';
+  NID_anyExtendedKeyUsage =   910;
+  SN_netscape =    'Netscape';
+  LN_netscape =    'Netscape Communications Corp.';
+  NID_netscape =    57;
+  SN_netscape_cert_extension =    'nsCertExt';
+  LN_netscape_cert_extension =    'Netscape Certificate Extension';
+  NID_netscape_cert_extension =    58;
+  SN_netscape_data_type =    'nsDataType';
+  LN_netscape_data_type =    'Netscape Data Type';
+  NID_netscape_data_type =   59;
+  SN_netscape_cert_type =    'nsCertType';
+  LN_netscape_cert_type =    'Netscape Cert Type';
+  NID_netscape_cert_type =   71;
+  SN_netscape_base_url =    'nsBaseUrl';
+  LN_netscape_base_url =    'Netscape Base Url';
+  NID_netscape_base_url =    72;
+  SN_netscape_revocation_url =    'nsRevocationUrl';
+  LN_netscape_revocation_url =    'Netscape Revocation Url';
+  NID_netscape_revocation_url =    73;
+  SN_netscape_ca_revocation_url =    'nsCaRevocationUrl';
+  LN_netscape_ca_revocation_url =    'Netscape CA Revocation Url';
+  NID_netscape_ca_revocation_url =   74;
+  SN_netscape_renewal_url =   'nsRenewalUrl';
+  LN_netscape_renewal_url =   'Netscape Renewal Url';
+  NID_netscape_renewal_url =     75;
+  SN_netscape_ca_policy_url =     'nsCaPolicyUrl';
+  LN_netscape_ca_policy_url =     'Netscape CA Policy Url';
+  NID_netscape_ca_policy_url =    76;
+  SN_netscape_ssl_server_name =    'nsSslServerName';
+  LN_netscape_ssl_server_name =    'Netscape Server: SSl Name';
+  NID_netscape_ssl_server_name =    77;
+  SN_netscape_comment =    'nsComment';
+  LN_netscape_comment =    'Netscape Comment';
+  NID_netscape_comment =    78;
+  SN_netscape_cert_sequence =     'nsCertSequence';
+  LN_netscape_cert_sequence =     'Netscape Certificate Sequence';
+  NID_netscape_cert_sequence =    79;
+  SN_ns_sgc =     'nsSGC';
+  LN_ns_sgc =     'Netscape Server Gated Crypto';
+  NID_ns_sgc =    139;
+  SN_org =   'ORG';
+  LN_org =   'org';
+  NID_org =   379;
+  SN_dod =   'DOD';
+  LN_dod =   'dod';
+  NID_dod =   380;
+  SN_iana =   'IANA';
+  LN_iana =   'iana';
+  NID_iana =     381;
+  SN_Directory =    'directory';
+  LN_Directory =    'Directory';
+  NID_Directory =    382;
+  SN_Management =    'mgmt';
+  LN_Management =    'Management';
+  NID_Management =   383;
+  SN_Experimental =   'experimental';
+  LN_Experimental =   'Experimental';
+  NID_Experimental =     384;
+  SN_Private =    'private';
+  LN_Private =    'Private';
+  NID_Private =    385;
+  SN_Security =    'security';
+  LN_Security =    'Security';
+  NID_Security =    386;
+  SN_SNMPv2 =     'snmpv2';
+  LN_SNMPv2 =     'SNMPv2';
+  NID_SNMPv2 =    387;
+  LN_Mail =   'Mail';
+  NID_Mail =     388;
+  SN_Enterprises =   'enterprises';
+  LN_Enterprises =   'Enterprises';
+  NID_Enterprises =   389;
+  SN_dcObject =    'dcobject';
+  LN_dcObject =    'dcObject';
+  NID_dcObject =    390;
+  SN_mime_mhs =    'mime-mhs';
+  LN_mime_mhs =    'MIME MHS';
+  NID_mime_mhs =    504;
+  SN_mime_mhs_headings =    'mime-mhs-headings';
+  LN_mime_mhs_headings =    'mime-mhs-headings';
+  NID_mime_mhs_headings =    505;
+  SN_mime_mhs_bodies =    'mime-mhs-bodies';
+  LN_mime_mhs_bodies =    'mime-mhs-bodies';
+  NID_mime_mhs_bodies =    506;
+  SN_id_hex_partial_message =     'id-hex-partial-message';
+  LN_id_hex_partial_message =     'id-hex-partial-message';
+  NID_id_hex_partial_message =    507;
+  SN_id_hex_multipart_message =    'id-hex-multipart-message';
+  LN_id_hex_multipart_message =    'id-hex-multipart-message';
+  NID_id_hex_multipart_message =    508;
+  SN_zlib_compression =    'ZLIB';
+  LN_zlib_compression =    'zlib compression';
+  NID_zlib_compression =    125;
+  SN_aes_128_ecb =   'AES-128-ECB';
+  LN_aes_128_ecb =   'aes-128-ecb';
+  NID_aes_128_ecb =   418;
+  SN_aes_128_cbc =   'AES-128-CBC';
+  LN_aes_128_cbc =   'aes-128-cbc';
+  NID_aes_128_cbc =   419;
+  SN_aes_128_ofb128 =     'AES-128-OFB';
+  LN_aes_128_ofb128 =     'aes-128-ofb';
+  NID_aes_128_ofb128 =    420;
+  SN_aes_128_cfb128 =     'AES-128-CFB';
+  LN_aes_128_cfb128 =     'aes-128-cfb';
+  NID_aes_128_cfb128 =    421;
+  SN_id_aes128_wrap =     'id-aes128-wrap';
+  NID_id_aes128_wrap =    788;
+  SN_aes_128_gcm =   'id-aes128-GCM';
+  LN_aes_128_gcm =   'aes-128-gcm';
+  NID_aes_128_gcm =   895;
+  SN_aes_128_ccm =   'id-aes128-CCM';
+  LN_aes_128_ccm =   'aes-128-ccm';
+  NID_aes_128_ccm =   896;
+  SN_id_aes128_wrap_pad =    'id-aes128-wrap-pad';
+  NID_id_aes128_wrap_pad =   897;
+  SN_aes_192_ecb =   'AES-192-ECB';
+  LN_aes_192_ecb =   'aes-192-ecb';
+  NID_aes_192_ecb =   422;
+  SN_aes_192_cbc =   'AES-192-CBC';
+  LN_aes_192_cbc =   'aes-192-cbc';
+  NID_aes_192_cbc =   423;
+  SN_aes_192_ofb128 =     'AES-192-OFB';
+  LN_aes_192_ofb128 =     'aes-192-ofb';
+  NID_aes_192_ofb128 =    424;
+  SN_aes_192_cfb128 =     'AES-192-CFB';
+  LN_aes_192_cfb128 =     'aes-192-cfb';
+  NID_aes_192_cfb128 =    425;
+  SN_id_aes192_wrap =     'id-aes192-wrap';
+  NID_id_aes192_wrap =    789;
+  SN_aes_192_gcm =   'id-aes192-GCM';
+  LN_aes_192_gcm =   'aes-192-gcm';
+  NID_aes_192_gcm =   898;
+  SN_aes_192_ccm =   'id-aes192-CCM';
+  LN_aes_192_ccm =   'aes-192-ccm';
+  NID_aes_192_ccm =   899;
+  SN_id_aes192_wrap_pad =    'id-aes192-wrap-pad';
+  NID_id_aes192_wrap_pad =   900;
+  SN_aes_256_ecb =   'AES-256-ECB';
+  LN_aes_256_ecb =   'aes-256-ecb';
+  NID_aes_256_ecb =   426;
+  SN_aes_256_cbc =   'AES-256-CBC';
+  LN_aes_256_cbc =   'aes-256-cbc';
+  NID_aes_256_cbc =   427;
+  SN_aes_256_ofb128 =     'AES-256-OFB';
+  LN_aes_256_ofb128 =     'aes-256-ofb';
+  NID_aes_256_ofb128 =    428;
+  SN_aes_256_cfb128 =     'AES-256-CFB';
+  LN_aes_256_cfb128 =     'aes-256-cfb';
+  NID_aes_256_cfb128 =    429;
+  SN_id_aes256_wrap =     'id-aes256-wrap';
+  NID_id_aes256_wrap =    790;
+  SN_aes_256_gcm =   'id-aes256-GCM';
+  LN_aes_256_gcm =   'aes-256-gcm';
+  NID_aes_256_gcm =   901;
+  SN_aes_256_ccm =   'id-aes256-CCM';
+  LN_aes_256_ccm =   'aes-256-ccm';
+  NID_aes_256_ccm =   902;
+  SN_id_aes256_wrap_pad =    'id-aes256-wrap-pad';
+  NID_id_aes256_wrap_pad =   903;
+  SN_aes_128_xts =   'AES-128-XTS';
+  LN_aes_128_xts =   'aes-128-xts';
+  NID_aes_128_xts =   913;
+  SN_aes_256_xts =   'AES-256-XTS';
+  LN_aes_256_xts =   'aes-256-xts';
+  NID_aes_256_xts =   914;
+  SN_aes_128_cfb1 =   'AES-128-CFB1';
+  LN_aes_128_cfb1 =   'aes-128-cfb1';
+  NID_aes_128_cfb1 =     650;
+  SN_aes_192_cfb1 =   'AES-192-CFB1';
+  LN_aes_192_cfb1 =   'aes-192-cfb1';
+  NID_aes_192_cfb1 =     651;
+  SN_aes_256_cfb1 =   'AES-256-CFB1';
+  LN_aes_256_cfb1 =   'aes-256-cfb1';
+  NID_aes_256_cfb1 =     652;
+  SN_aes_128_cfb8 =   'AES-128-CFB8';
+  LN_aes_128_cfb8 =   'aes-128-cfb8';
+  NID_aes_128_cfb8 =     653;
+  SN_aes_192_cfb8 =   'AES-192-CFB8';
+  LN_aes_192_cfb8 =   'aes-192-cfb8';
+  NID_aes_192_cfb8 =     654;
+  SN_aes_256_cfb8 =   'AES-256-CFB8';
+  LN_aes_256_cfb8 =   'aes-256-cfb8';
+  NID_aes_256_cfb8 =     655;
+  SN_aes_128_ctr =   'AES-128-CTR';
+  LN_aes_128_ctr =   'aes-128-ctr';
+  NID_aes_128_ctr =   904;
+  SN_aes_192_ctr =   'AES-192-CTR';
+  LN_aes_192_ctr =   'aes-192-ctr';
+  NID_aes_192_ctr =   905;
+  SN_aes_256_ctr =   'AES-256-CTR';
+  LN_aes_256_ctr =   'aes-256-ctr';
+  NID_aes_256_ctr =   906;
+  SN_aes_128_ocb =   'AES-128-OCB';
+  LN_aes_128_ocb =   'aes-128-ocb';
+  NID_aes_128_ocb =   958;
+  SN_aes_192_ocb =   'AES-192-OCB';
+  LN_aes_192_ocb =   'aes-192-ocb';
+  NID_aes_192_ocb =   959;
+  SN_aes_256_ocb =   'AES-256-OCB';
+  LN_aes_256_ocb =   'aes-256-ocb';
+  NID_aes_256_ocb =   960;
+  SN_des_cfb1 =    'DES-CFB1';
+  LN_des_cfb1 =    'des-cfb1';
+  NID_des_cfb1 =    656;
+  SN_des_cfb8 =    'DES-CFB8';
+  LN_des_cfb8 =    'des-cfb8';
+  NID_des_cfb8 =    657;
+  SN_des_ede3_cfb1 =     'DES-EDE3-CFB1';
+  LN_des_ede3_cfb1 =     'des-ede3-cfb1';
+  NID_des_ede3_cfb1 =     658;
+  SN_des_ede3_cfb8 =     'DES-EDE3-CFB8';
+  LN_des_ede3_cfb8 =     'des-ede3-cfb8';
+  NID_des_ede3_cfb8 =     659;
+  SN_sha256 =     'SHA256';
+  LN_sha256 =     'sha256';
+  NID_sha256 =    672;
+  SN_sha384 =     'SHA384';
+  LN_sha384 =     'sha384';
+  NID_sha384 =    673;
+  SN_sha512 =     'SHA512';
+  LN_sha512 =     'sha512';
+  NID_sha512 =    674;
+  SN_sha224 =     'SHA224';
+  LN_sha224 =     'sha224';
+  NID_sha224 =    675;
+  SN_sha512_224 =    'SHA512-224';
+  LN_sha512_224 =    'sha512-224';
+  NID_sha512_224 =   1094;
+  SN_sha512_256 =    'SHA512-256';
+  LN_sha512_256 =    'sha512-256';
+  NID_sha512_256 =   1095;
+  SN_sha3_224 =    'SHA3-224';
+  LN_sha3_224 =    'sha3-224';
+  NID_sha3_224 =    1096;
+  SN_sha3_256 =    'SHA3-256';
+  LN_sha3_256 =    'sha3-256';
+  NID_sha3_256 =    1097;
+  SN_sha3_384 =    'SHA3-384';
+  LN_sha3_384 =    'sha3-384';
+  NID_sha3_384 =    1098;
+  SN_sha3_512 =    'SHA3-512';
+  LN_sha3_512 =    'sha3-512';
+  NID_sha3_512 =    1099;
+  SN_shake128 =    'SHAKE128';
+  LN_shake128 =    'shake128';
+  NID_shake128 =    1100;
+  SN_shake256 =    'SHAKE256';
+  LN_shake256 =    'shake256';
+  NID_shake256 =    1101;
+  SN_hmac_sha3_224 =     'id-hmacWithSHA3-224';
+  LN_hmac_sha3_224 =     'hmac-sha3-224';
+  NID_hmac_sha3_224 =     1102;
+  SN_hmac_sha3_256 =     'id-hmacWithSHA3-256';
+  LN_hmac_sha3_256 =     'hmac-sha3-256';
+  NID_hmac_sha3_256 =     1103;
+  SN_hmac_sha3_384 =     'id-hmacWithSHA3-384';
+  LN_hmac_sha3_384 =     'hmac-sha3-384';
+  NID_hmac_sha3_384 =     1104;
+  SN_hmac_sha3_512 =     'id-hmacWithSHA3-512';
+  LN_hmac_sha3_512 =     'hmac-sha3-512';
+  NID_hmac_sha3_512 =     1105;
+  SN_dsa_with_SHA224 =    'dsa_with_SHA224';
+  NID_dsa_with_SHA224 =    802;
+  SN_dsa_with_SHA256 =    'dsa_with_SHA256';
+  NID_dsa_with_SHA256 =    803;
+  SN_dsa_with_SHA384 =    'id-dsa-with-sha384';
+  LN_dsa_with_SHA384 =    'dsa_with_SHA384';
+  NID_dsa_with_SHA384 =    1106;
+  SN_dsa_with_SHA512 =    'id-dsa-with-sha512';
+  LN_dsa_with_SHA512 =    'dsa_with_SHA512';
+  NID_dsa_with_SHA512 =    1107;
+  SN_dsa_with_SHA3_224 =    'id-dsa-with-sha3-224';
+  LN_dsa_with_SHA3_224 =    'dsa_with_SHA3-224';
+  NID_dsa_with_SHA3_224 =    1108;
+  SN_dsa_with_SHA3_256 =    'id-dsa-with-sha3-256';
+  LN_dsa_with_SHA3_256 =    'dsa_with_SHA3-256';
+  NID_dsa_with_SHA3_256 =    1109;
+  SN_dsa_with_SHA3_384 =    'id-dsa-with-sha3-384';
+  LN_dsa_with_SHA3_384 =    'dsa_with_SHA3-384';
+  NID_dsa_with_SHA3_384 =    1110;
+  SN_dsa_with_SHA3_512 =    'id-dsa-with-sha3-512';
+  LN_dsa_with_SHA3_512 =    'dsa_with_SHA3-512';
+  NID_dsa_with_SHA3_512 =    1111;
+  SN_ecdsa_with_SHA3_224 =   'id-ecdsa-with-sha3-224';
+  LN_ecdsa_with_SHA3_224 =   'ecdsa_with_SHA3-224';
+  NID_ecdsa_with_SHA3_224 =   1112;
+  SN_ecdsa_with_SHA3_256 =   'id-ecdsa-with-sha3-256';
+  LN_ecdsa_with_SHA3_256 =   'ecdsa_with_SHA3-256';
+  NID_ecdsa_with_SHA3_256 =   1113;
+  SN_ecdsa_with_SHA3_384 =   'id-ecdsa-with-sha3-384';
+  LN_ecdsa_with_SHA3_384 =   'ecdsa_with_SHA3-384';
+  NID_ecdsa_with_SHA3_384 =   1114;
+  SN_ecdsa_with_SHA3_512 =   'id-ecdsa-with-sha3-512';
+  LN_ecdsa_with_SHA3_512 =   'ecdsa_with_SHA3-512';
+  NID_ecdsa_with_SHA3_512 =   1115;
+  SN_RSA_SHA3_224 =   'id-rsassa-pkcs1-v1_5-with-sha3-224';
+  LN_RSA_SHA3_224 =   'RSA-SHA3-224';
+  NID_RSA_SHA3_224 =     1116;
+  SN_RSA_SHA3_256 =   'id-rsassa-pkcs1-v1_5-with-sha3-256';
+  LN_RSA_SHA3_256 =   'RSA-SHA3-256';
+  NID_RSA_SHA3_256 =     1117;
+  SN_RSA_SHA3_384 =   'id-rsassa-pkcs1-v1_5-with-sha3-384';
+  LN_RSA_SHA3_384 =   'RSA-SHA3-384';
+  NID_RSA_SHA3_384 =     1118;
+  SN_RSA_SHA3_512 =   'id-rsassa-pkcs1-v1_5-with-sha3-512';
+  LN_RSA_SHA3_512 =   'RSA-SHA3-512';
+  NID_RSA_SHA3_512 =     1119;
+  SN_hold_instruction_code =     'holdInstructionCode';
+  LN_hold_instruction_code =     'Hold Instruction Code';
+  NID_hold_instruction_code =     430;
+  SN_hold_instruction_none =     'holdInstructionNone';
+  LN_hold_instruction_none =     'Hold Instruction None';
+  NID_hold_instruction_none =     431;
+  SN_hold_instruction_call_issuer =   'holdInstructionCallIssuer';
+  LN_hold_instruction_call_issuer =   'Hold Instruction Call Issuer';
+  NID_hold_instruction_call_issuer =     432;
+  SN_hold_instruction_reject =    'holdInstructionReject';
+  LN_hold_instruction_reject =    'Hold Instruction Reject';
+  NID_hold_instruction_reject =    433;
+  SN_data =   'data';
+  NID_data =     434;
+  SN_pss =   'pss';
+  NID_pss =   435;
+  SN_ucl =   'ucl';
+  NID_ucl =   436;
+  SN_pilot =     'pilot';
+  NID_pilot =     437;
+  LN_pilotAttributeType =    'pilotAttributeType';
+  NID_pilotAttributeType =   438;
+  LN_pilotAttributeSyntax =   'pilotAttributeSyntax';
+  NID_pilotAttributeSyntax =     439;
+  LN_pilotObjectClass =    'pilotObjectClass';
+  NID_pilotObjectClass =    440;
+  LN_pilotGroups =   'pilotGroups';
+  NID_pilotGroups =   441;
+  LN_iA5StringSyntax =    'iA5StringSyntax';
+  NID_iA5StringSyntax =    442;
+  LN_caseIgnoreIA5StringSyntax =    'caseIgnoreIA5StringSyntax';
+  NID_caseIgnoreIA5StringSyntax =    443;
+  LN_pilotObject =   'pilotObject';
+  NID_pilotObject =   444;
+  LN_pilotPerson =   'pilotPerson';
+  NID_pilotPerson =   445;
+  SN_account =    'account';
+  NID_account =    446;
+  SN_document =    'document';
+  NID_document =    447;
+  SN_room =   'room';
+  NID_room =     448;
+  LN_documentSeries =     'documentSeries';
+  NID_documentSeries =    449;
+  SN_Domain =     'domain';
+  LN_Domain =     'Domain';
+  NID_Domain =    392;
+  LN_rFC822localPart =    'rFC822localPart';
+  NID_rFC822localPart =    450;
+  LN_dNSDomain =    'dNSDomain';
+  NID_dNSDomain =    451;
+  LN_domainRelatedObject =   'domainRelatedObject';
+  NID_domainRelatedObject =   452;
+  LN_friendlyCountry =    'friendlyCountry';
+  NID_friendlyCountry =    453;
+  LN_simpleSecurityObject =   'simpleSecurityObject';
+  NID_simpleSecurityObject =     454;
+  LN_pilotOrganization =    'pilotOrganization';
+  NID_pilotOrganization =    455;
+  LN_pilotDSA =    'pilotDSA';
+  NID_pilotDSA =    456;
+  LN_qualityLabelledData =   'qualityLabelledData';
+  NID_qualityLabelledData =   457;
+  SN_userId =     'UID';
+  LN_userId =     'userId';
+  NID_userId =    458;
+  LN_textEncodedORAddress =   'textEncodedORAddress';
+  NID_textEncodedORAddress =     459;
+  SN_rfc822Mailbox =     'mail';
+  LN_rfc822Mailbox =     'rfc822Mailbox';
+  NID_rfc822Mailbox =     460;
+  SN_info =   'info';
+  NID_info =     461;
+  LN_favouriteDrink =     'favouriteDrink';
+  NID_favouriteDrink =    462;
+  LN_roomNumber =    'roomNumber';
+  NID_roomNumber =   463;
+  SN_photo =     'photo';
+  NID_photo =     464;
+  LN_userClass =    'userClass';
+  NID_userClass =    465;
+  SN_host =   'host';
+  NID_host =     466;
+  SN_manager =    'manager';
+  NID_manager =    467;
+  LN_documentIdentifier =    'documentIdentifier';
+  NID_documentIdentifier =   468;
+  LN_documentTitle =     'documentTitle';
+  NID_documentTitle =     469;
+  LN_documentVersion =    'documentVersion';
+  NID_documentVersion =    470;
+  LN_documentAuthor =     'documentAuthor';
+  NID_documentAuthor =    471;
+  LN_documentLocation =    'documentLocation';
+  NID_documentLocation =    472;
+  LN_homeTelephoneNumber =   'homeTelephoneNumber';
+  NID_homeTelephoneNumber =   473;
+  SN_secretary =    'secretary';
+  NID_secretary =    474;
+  LN_otherMailbox =   'otherMailbox';
+  NID_otherMailbox =     475;
+  LN_lastModifiedTime =    'lastModifiedTime';
+  NID_lastModifiedTime =    476;
+  LN_lastModifiedBy =     'lastModifiedBy';
+  NID_lastModifiedBy =    477;
+  SN_domainComponent =    'DC';
+  LN_domainComponent =    'domainComponent';
+  NID_domainComponent =    391;
+  LN_aRecord =    'aRecord';
+  NID_aRecord =    478;
+  LN_pilotAttributeType27 =   'pilotAttributeType27';
+  NID_pilotAttributeType27 =     479;
+  LN_mXRecord =    'mXRecord';
+  NID_mXRecord =    480;
+  LN_nSRecord =    'nSRecord';
+  NID_nSRecord =    481;
+  LN_sOARecord =    'sOARecord';
+  NID_sOARecord =    482;
+  LN_cNAMERecord =   'cNAMERecord';
+  NID_cNAMERecord =   483;
+  LN_associatedDomain =    'associatedDomain';
+  NID_associatedDomain =    484;
+  LN_associatedName =     'associatedName';
+  NID_associatedName =    485;
+  LN_homePostalAddress =    'homePostalAddress';
+  NID_homePostalAddress =    486;
+  LN_personalTitle =     'personalTitle';
+  NID_personalTitle =     487;
+  LN_mobileTelephoneNumber =     'mobileTelephoneNumber';
+  NID_mobileTelephoneNumber =     488;
+  LN_pagerTelephoneNumber =   'pagerTelephoneNumber';
+  NID_pagerTelephoneNumber =     489;
+  LN_friendlyCountryName =   'friendlyCountryName';
+  NID_friendlyCountryName =   490;
+  SN_uniqueIdentifier =    'uid';
+  LN_uniqueIdentifier =    'uniqueIdentifier';
+  NID_uniqueIdentifier =    102;
+  LN_organizationalStatus =   'organizationalStatus';
+  NID_organizationalStatus =     491;
+  LN_janetMailbox =   'janetMailbox';
+  NID_janetMailbox =     492;
+  LN_mailPreferenceOption =   'mailPreferenceOption';
+  NID_mailPreferenceOption =     493;
+  LN_buildingName =   'buildingName';
+  NID_buildingName =     494;
+  LN_dSAQuality =    'dSAQuality';
+  NID_dSAQuality =   495;
+  LN_singleLevelQuality =    'singleLevelQuality';
+  NID_singleLevelQuality =   496;
+  LN_subtreeMinimumQuality =     'subtreeMinimumQuality';
+  NID_subtreeMinimumQuality =     497;
+  LN_subtreeMaximumQuality =     'subtreeMaximumQuality';
+  NID_subtreeMaximumQuality =     498;
+  LN_personalSignature =    'personalSignature';
+  NID_personalSignature =    499;
+  LN_dITRedirect =   'dITRedirect';
+  NID_dITRedirect =   500;
+  SN_audio =     'audio';
+  NID_audio =     501;
+  LN_documentPublisher =    'documentPublisher';
+  NID_documentPublisher =    502;
+  SN_id_set =     'id-set';
+  LN_id_set =     'Secure Electronic Transactions';
+  NID_id_set =    512;
+  SN_set_ctype =    'set-ctype';
+  LN_set_ctype =    'content types';
+  NID_set_ctype =    513;
+  SN_set_msgExt =    'set-msgExt';
+  LN_set_msgExt =    'message extensions';
+  NID_set_msgExt =   514;
+  SN_set_attr =    'set-attr';
+  NID_set_attr =    515;
+  SN_set_policy =    'set-policy';
+  NID_set_policy =   516;
+  SN_set_certExt =   'set-certExt';
+  LN_set_certExt =   'certificate extensions';
+  NID_set_certExt =   517;
+  SN_set_brand =    'set-brand';
+  NID_set_brand =    518;
+  SN_setct_PANData =     'setct-PANData';
+  NID_setct_PANData =     519;
+  SN_setct_PANToken =     'setct-PANToken';
+  NID_setct_PANToken =    520;
+  SN_setct_PANOnly =     'setct-PANOnly';
+  NID_setct_PANOnly =     521;
+  SN_setct_OIData =   'setct-OIData';
+  NID_setct_OIData =     522;
+  SN_setct_PI =    'setct-PI';
+  NID_setct_PI =    523;
+  SN_setct_PIData =   'setct-PIData';
+  NID_setct_PIData =     524;
+  SN_setct_PIDataUnsigned =   'setct-PIDataUnsigned';
+  NID_setct_PIDataUnsigned =     525;
+  SN_setct_HODInput =     'setct-HODInput';
+  NID_setct_HODInput =    526;
+  SN_setct_AuthResBaggage =   'setct-AuthResBaggage';
+  NID_setct_AuthResBaggage =     527;
+  SN_setct_AuthRevReqBaggage =    'setct-AuthRevReqBaggage';
+  NID_setct_AuthRevReqBaggage =    528;
+  SN_setct_AuthRevResBaggage =    'setct-AuthRevResBaggage';
+  NID_setct_AuthRevResBaggage =    529;
+  SN_setct_CapTokenSeq =    'setct-CapTokenSeq';
+  NID_setct_CapTokenSeq =    530;
+  SN_setct_PInitResData =    'setct-PInitResData';
+  NID_setct_PInitResData =   531;
+  SN_setct_PI_TBS =   'setct-PI-TBS';
+  NID_setct_PI_TBS =     532;
+  SN_setct_PResData =     'setct-PResData';
+  NID_setct_PResData =    533;
+  SN_setct_AuthReqTBS =    'setct-AuthReqTBS';
+  NID_setct_AuthReqTBS =    534;
+  SN_setct_AuthResTBS =    'setct-AuthResTBS';
+  NID_setct_AuthResTBS =    535;
+  SN_setct_AuthResTBSX =    'setct-AuthResTBSX';
+  NID_setct_AuthResTBSX =    536;
+  SN_setct_AuthTokenTBS =    'setct-AuthTokenTBS';
+  NID_setct_AuthTokenTBS =   537;
+  SN_setct_CapTokenData =    'setct-CapTokenData';
+  NID_setct_CapTokenData =   538;
+  SN_setct_CapTokenTBS =    'setct-CapTokenTBS';
+  NID_setct_CapTokenTBS =    539;
+  SN_setct_AcqCardCodeMsg =   'setct-AcqCardCodeMsg';
+  NID_setct_AcqCardCodeMsg =     540;
+  SN_setct_AuthRevReqTBS =   'setct-AuthRevReqTBS';
+  NID_setct_AuthRevReqTBS =   541;
+  SN_setct_AuthRevResData =   'setct-AuthRevResData';
+  NID_setct_AuthRevResData =     542;
+  SN_setct_AuthRevResTBS =   'setct-AuthRevResTBS';
+  NID_setct_AuthRevResTBS =   543;
+  SN_setct_CapReqTBS =    'setct-CapReqTBS';
+  NID_setct_CapReqTBS =    544;
+  SN_setct_CapReqTBSX =    'setct-CapReqTBSX';
+  NID_setct_CapReqTBSX =    545;
+  SN_setct_CapResData =    'setct-CapResData';
+  NID_setct_CapResData =    546;
+  SN_setct_CapRevReqTBS =    'setct-CapRevReqTBS';
+  NID_setct_CapRevReqTBS =   547;
+  SN_setct_CapRevReqTBSX =   'setct-CapRevReqTBSX';
+  NID_setct_CapRevReqTBSX =   548;
+  SN_setct_CapRevResData =   'setct-CapRevResData';
+  NID_setct_CapRevResData =   549;
+  SN_setct_CredReqTBS =    'setct-CredReqTBS';
+  NID_setct_CredReqTBS =    550;
+  SN_setct_CredReqTBSX =    'setct-CredReqTBSX';
+  NID_setct_CredReqTBSX =    551;
+  SN_setct_CredResData =    'setct-CredResData';
+  NID_setct_CredResData =    552;
+  SN_setct_CredRevReqTBS =   'setct-CredRevReqTBS';
+  NID_setct_CredRevReqTBS =   553;
+  SN_setct_CredRevReqTBSX =   'setct-CredRevReqTBSX';
+  NID_setct_CredRevReqTBSX =     554;
+  SN_setct_CredRevResData =   'setct-CredRevResData';
+  NID_setct_CredRevResData =     555;
+  SN_setct_PCertReqData =    'setct-PCertReqData';
+  NID_setct_PCertReqData =   556;
+  SN_setct_PCertResTBS =    'setct-PCertResTBS';
+  NID_setct_PCertResTBS =    557;
+  SN_setct_BatchAdminReqData =    'setct-BatchAdminReqData';
+  NID_setct_BatchAdminReqData =    558;
+  SN_setct_BatchAdminResData =    'setct-BatchAdminResData';
+  NID_setct_BatchAdminResData =    559;
+  SN_setct_CardCInitResTBS =     'setct-CardCInitResTBS';
+  NID_setct_CardCInitResTBS =     560;
+  SN_setct_MeAqCInitResTBS =     'setct-MeAqCInitResTBS';
+  NID_setct_MeAqCInitResTBS =     561;
+  SN_setct_RegFormResTBS =   'setct-RegFormResTBS';
+  NID_setct_RegFormResTBS =   562;
+  SN_setct_CertReqData =    'setct-CertReqData';
+  NID_setct_CertReqData =    563;
+  SN_setct_CertReqTBS =    'setct-CertReqTBS';
+  NID_setct_CertReqTBS =    564;
+  SN_setct_CertResData =    'setct-CertResData';
+  NID_setct_CertResData =    565;
+  SN_setct_CertInqReqTBS =   'setct-CertInqReqTBS';
+  NID_setct_CertInqReqTBS =   566;
+  SN_setct_ErrorTBS =     'setct-ErrorTBS';
+  NID_setct_ErrorTBS =    567;
+  SN_setct_PIDualSignedTBE =     'setct-PIDualSignedTBE';
+  NID_setct_PIDualSignedTBE =     568;
+  SN_setct_PIUnsignedTBE =   'setct-PIUnsignedTBE';
+  NID_setct_PIUnsignedTBE =   569;
+  SN_setct_AuthReqTBE =    'setct-AuthReqTBE';
+  NID_setct_AuthReqTBE =    570;
+  SN_setct_AuthResTBE =    'setct-AuthResTBE';
+  NID_setct_AuthResTBE =    571;
+  SN_setct_AuthResTBEX =    'setct-AuthResTBEX';
+  NID_setct_AuthResTBEX =    572;
+  SN_setct_AuthTokenTBE =    'setct-AuthTokenTBE';
+  NID_setct_AuthTokenTBE =   573;
+  SN_setct_CapTokenTBE =    'setct-CapTokenTBE';
+  NID_setct_CapTokenTBE =    574;
+  SN_setct_CapTokenTBEX =    'setct-CapTokenTBEX';
+  NID_setct_CapTokenTBEX =   575;
+  SN_setct_AcqCardCodeMsgTBE =    'setct-AcqCardCodeMsgTBE';
+  NID_setct_AcqCardCodeMsgTBE =    576;
+  SN_setct_AuthRevReqTBE =   'setct-AuthRevReqTBE';
+  NID_setct_AuthRevReqTBE =   577;
+  SN_setct_AuthRevResTBE =   'setct-AuthRevResTBE';
+  NID_setct_AuthRevResTBE =   578;
+  SN_setct_AuthRevResTBEB =   'setct-AuthRevResTBEB';
+  NID_setct_AuthRevResTBEB =     579;
+  SN_setct_CapReqTBE =    'setct-CapReqTBE';
+  NID_setct_CapReqTBE =    580;
+  SN_setct_CapReqTBEX =    'setct-CapReqTBEX';
+  NID_setct_CapReqTBEX =    581;
+  SN_setct_CapResTBE =    'setct-CapResTBE';
+  NID_setct_CapResTBE =    582;
+  SN_setct_CapRevReqTBE =    'setct-CapRevReqTBE';
+  NID_setct_CapRevReqTBE =   583;
+  SN_setct_CapRevReqTBEX =   'setct-CapRevReqTBEX';
+  NID_setct_CapRevReqTBEX =   584;
+  SN_setct_CapRevResTBE =    'setct-CapRevResTBE';
+  NID_setct_CapRevResTBE =   585;
+  SN_setct_CredReqTBE =    'setct-CredReqTBE';
+  NID_setct_CredReqTBE =    586;
+  SN_setct_CredReqTBEX =    'setct-CredReqTBEX';
+  NID_setct_CredReqTBEX =    587;
+  SN_setct_CredResTBE =    'setct-CredResTBE';
+  NID_setct_CredResTBE =    588;
+  SN_setct_CredRevReqTBE =   'setct-CredRevReqTBE';
+  NID_setct_CredRevReqTBE =   589;
+  SN_setct_CredRevReqTBEX =   'setct-CredRevReqTBEX';
+  NID_setct_CredRevReqTBEX =     590;
+  SN_setct_CredRevResTBE =   'setct-CredRevResTBE';
+  NID_setct_CredRevResTBE =   591;
+  SN_setct_BatchAdminReqTBE =     'setct-BatchAdminReqTBE';
+  NID_setct_BatchAdminReqTBE =    592;
+  SN_setct_BatchAdminResTBE =     'setct-BatchAdminResTBE';
+  NID_setct_BatchAdminResTBE =    593;
+  SN_setct_RegFormReqTBE =   'setct-RegFormReqTBE';
+  NID_setct_RegFormReqTBE =   594;
+  SN_setct_CertReqTBE =    'setct-CertReqTBE';
+  NID_setct_CertReqTBE =    595;
+  SN_setct_CertReqTBEX =    'setct-CertReqTBEX';
+  NID_setct_CertReqTBEX =    596;
+  SN_setct_CertResTBE =    'setct-CertResTBE';
+  NID_setct_CertResTBE =    597;
+  SN_setct_CRLNotificationTBS =    'setct-CRLNotificationTBS';
+  NID_setct_CRLNotificationTBS =    598;
+  SN_setct_CRLNotificationResTBS =   'setct-CRLNotificationResTBS';
+  NID_setct_CRLNotificationResTBS =   599;
+  SN_setct_BCIDistributionTBS =    'setct-BCIDistributionTBS';
+  NID_setct_BCIDistributionTBS =    600;
+  SN_setext_genCrypt =    'setext-genCrypt';
+  LN_setext_genCrypt =    'generic cryptogram';
+  NID_setext_genCrypt =    601;
+  SN_setext_miAuth =     'setext-miAuth';
+  LN_setext_miAuth =     'merchant initiated auth';
+  NID_setext_miAuth =     602;
+  SN_setext_pinSecure =    'setext-pinSecure';
+  NID_setext_pinSecure =    603;
+  SN_setext_pinAny =     'setext-pinAny';
+  NID_setext_pinAny =     604;
+  SN_setext_track2 =     'setext-track2';
+  NID_setext_track2 =     605;
+  SN_setext_cv =    'setext-cv';
+  LN_setext_cv =    'additional verification';
+  NID_setext_cv =    606;
+  SN_set_policy_root =    'set-policy-root';
+  NID_set_policy_root =    607;
+  SN_setCext_hashedRoot =    'setCext-hashedRoot';
+  NID_setCext_hashedRoot =   608;
+  SN_setCext_certType =    'setCext-certType';
+  NID_setCext_certType =    609;
+  SN_setCext_merchData =    'setCext-merchData';
+  NID_setCext_merchData =    610;
+  SN_setCext_cCertRequired =     'setCext-cCertRequired';
+  NID_setCext_cCertRequired =     611;
+  SN_setCext_tunneling =    'setCext-tunneling';
+  NID_setCext_tunneling =    612;
+  SN_setCext_setExt =     'setCext-setExt';
+  NID_setCext_setExt =    613;
+  SN_setCext_setQualf =    'setCext-setQualf';
+  NID_setCext_setQualf =    614;
+  SN_setCext_PGWYcapabilities =    'setCext-PGWYcapabilities';
+  NID_setCext_PGWYcapabilities =    615;
+  SN_setCext_TokenIdentifier =    'setCext-TokenIdentifier';
+  NID_setCext_TokenIdentifier =    616;
+  SN_setCext_Track2Data =    'setCext-Track2Data';
+  NID_setCext_Track2Data =   617;
+  SN_setCext_TokenType =    'setCext-TokenType';
+  NID_setCext_TokenType =    618;
+  SN_setCext_IssuerCapabilities =    'setCext-IssuerCapabilities';
+  NID_setCext_IssuerCapabilities =   619;
+  SN_setAttr_Cert =   'setAttr-Cert';
+  NID_setAttr_Cert =     620;
+  SN_setAttr_PGWYcap =    'setAttr-PGWYcap';
+  LN_setAttr_PGWYcap =    'payment gateway capabilities';
+  NID_setAttr_PGWYcap =    621;
+  SN_setAttr_TokenType =    'setAttr-TokenType';
+  NID_setAttr_TokenType =    622;
+  SN_setAttr_IssCap =     'setAttr-IssCap';
+  LN_setAttr_IssCap =     'issuer capabilities';
+  NID_setAttr_IssCap =    623;
+  SN_set_rootKeyThumb =    'set-rootKeyThumb';
+  NID_set_rootKeyThumb =    624;
+  SN_set_addPolicy =     'set-addPolicy';
+  NID_set_addPolicy =     625;
+  SN_setAttr_Token_EMV =    'setAttr-Token-EMV';
+  NID_setAttr_Token_EMV =    626;
+  SN_setAttr_Token_B0Prime =     'setAttr-Token-B0Prime';
+  NID_setAttr_Token_B0Prime =     627;
+  SN_setAttr_IssCap_CVM =    'setAttr-IssCap-CVM';
+  NID_setAttr_IssCap_CVM =   628;
+  SN_setAttr_IssCap_T2 =    'setAttr-IssCap-T2';
+  NID_setAttr_IssCap_T2 =    629;
+  SN_setAttr_IssCap_Sig =    'setAttr-IssCap-Sig';
+  NID_setAttr_IssCap_Sig =   630;
+  SN_setAttr_GenCryptgrm =   'setAttr-GenCryptgrm';
+  LN_setAttr_GenCryptgrm =   'generate cryptogram';
+  NID_setAttr_GenCryptgrm =   631;
+  SN_setAttr_T2Enc =     'setAttr-T2Enc';
+  LN_setAttr_T2Enc =     'encrypted track 2';
+  NID_setAttr_T2Enc =     632;
+  SN_setAttr_T2cleartxt =    'setAttr-T2cleartxt';
+  LN_setAttr_T2cleartxt =    'cleartext track 2';
+  NID_setAttr_T2cleartxt =   633;
+  SN_setAttr_TokICCsig =    'setAttr-TokICCsig';
+  LN_setAttr_TokICCsig =    'ICC or token signature';
+  NID_setAttr_TokICCsig =    634;
+  SN_setAttr_SecDevSig =    'setAttr-SecDevSig';
+  LN_setAttr_SecDevSig =    'secure device signature';
+  NID_setAttr_SecDevSig =    635;
+  SN_set_brand_IATA_ATA =    'set-brand-IATA-ATA';
+  NID_set_brand_IATA_ATA =   636;
+  SN_set_brand_Diners =    'set-brand-Diners';
+  NID_set_brand_Diners =    637;
+  SN_set_brand_AmericanExpress =    'set-brand-AmericanExpress';
+  NID_set_brand_AmericanExpress =    638;
+  SN_set_brand_JCB =     'set-brand-JCB';
+  NID_set_brand_JCB =     639;
+  SN_set_brand_Visa =     'set-brand-Visa';
+  NID_set_brand_Visa =    640;
+  SN_set_brand_MasterCard =   'set-brand-MasterCard';
+  NID_set_brand_MasterCard =     641;
+  SN_set_brand_Novus =    'set-brand-Novus';
+  NID_set_brand_Novus =    642;
+  SN_des_cdmf =    'DES-CDMF';
+  LN_des_cdmf =    'des-cdmf';
+  NID_des_cdmf =    643;
+  SN_rsaOAEPEncryptionSET =   'rsaOAEPEncryptionSET';
+  NID_rsaOAEPEncryptionSET =     644;
+  SN_ipsec3 =     'Oakley-EC2N-3';
+  LN_ipsec3 =     'ipsec3';
+  NID_ipsec3 =    749;
+  SN_ipsec4 =     'Oakley-EC2N-4';
+  LN_ipsec4 =     'ipsec4';
+  NID_ipsec4 =    750;
+  SN_whirlpool =    'whirlpool';
+  NID_whirlpool =    804;
+  SN_cryptopro =    'cryptopro';
+  NID_cryptopro =    805;
+  SN_cryptocom =    'cryptocom';
+  NID_cryptocom =    806;
+  SN_id_tc26 =    'id-tc26';
+  NID_id_tc26 =    974;
+  SN_id_GostR3411_94_with_GostR3410_2001 =   'id-GostR3411-94-with-GostR3410-2001';
+  LN_id_GostR3411_94_with_GostR3410_2001 =   'GOST R 34.11-94 with GOST R 34.10-2001';
+  NID_id_GostR3411_94_with_GostR3410_2001 =   807;
+  SN_id_GostR3411_94_with_GostR3410_94 =    'id-GostR3411-94-with-GostR3410-94';
+  LN_id_GostR3411_94_with_GostR3410_94 =    'GOST R 34.11-94 with GOST R 34.10-94';
+  NID_id_GostR3411_94_with_GostR3410_94 =    808;
+  SN_id_GostR3411_94 =    'md_gost94';
+  LN_id_GostR3411_94 =    'GOST R 34.11-94';
+  NID_id_GostR3411_94 =    809;
+  SN_id_HMACGostR3411_94 =   'id-HMACGostR3411-94';
+  LN_id_HMACGostR3411_94 =   'HMAC GOST 34.11-94';
+  NID_id_HMACGostR3411_94 =   810;
+  SN_id_GostR3410_2001 =    'gost2001';
+  LN_id_GostR3410_2001 =    'GOST R 34.10-2001';
+  NID_id_GostR3410_2001 =    811;
+  SN_id_GostR3410_94 =    'gost94';
+  LN_id_GostR3410_94 =    'GOST R 34.10-94';
+  NID_id_GostR3410_94 =    812;
+  SN_id_Gost28147_89 =    'gost89';
+  LN_id_Gost28147_89 =    'GOST 28147-89';
+  NID_id_Gost28147_89 =    813;
+  SN_gost89_cnt =    'gost89-cnt';
+  NID_gost89_cnt =   814;
+  SN_gost89_cnt_12 =     'gost89-cnt-12';
+  NID_gost89_cnt_12 =     975;
+  SN_gost89_cbc =    'gost89-cbc';
+  NID_gost89_cbc =   1009;
+  SN_gost89_ecb =    'gost89-ecb';
+  NID_gost89_ecb =   1010;
+  SN_gost89_ctr =    'gost89-ctr';
+  NID_gost89_ctr =   1011;
+  SN_id_Gost28147_89_MAC =   'gost-mac';
+  LN_id_Gost28147_89_MAC =   'GOST 28147-89 MAC';
+  NID_id_Gost28147_89_MAC =   815;
+  SN_gost_mac_12 =   'gost-mac-12';
+  NID_gost_mac_12 =   976;
+  SN_id_GostR3411_94_prf =   'prf-gostr3411-94';
+  LN_id_GostR3411_94_prf =   'GOST R 34.11-94 PRF';
+  NID_id_GostR3411_94_prf =   816;
+  SN_id_GostR3410_2001DH =   'id-GostR3410-2001DH';
+  LN_id_GostR3410_2001DH =   'GOST R 34.10-2001 DH';
+  NID_id_GostR3410_2001DH =   817;
+  SN_id_GostR3410_94DH =    'id-GostR3410-94DH';
+  LN_id_GostR3410_94DH =    'GOST R 34.10-94 DH';
+  NID_id_GostR3410_94DH =    818;
+  SN_id_Gost28147_89_CryptoPro_KeyMeshing =   'id-Gost28147-89-CryptoPro-KeyMeshing';
+  NID_id_Gost28147_89_CryptoPro_KeyMeshing =     819;
+  SN_id_Gost28147_89_None_KeyMeshing =    'id-Gost28147-89-None-KeyMeshing';
+  NID_id_Gost28147_89_None_KeyMeshing =    820;
+  SN_id_GostR3411_94_TestParamSet =   'id-GostR3411-94-TestParamSet';
+  NID_id_GostR3411_94_TestParamSet =     821;
+  SN_id_GostR3411_94_CryptoProParamSet =    'id-GostR3411-94-CryptoProParamSet';
+  NID_id_GostR3411_94_CryptoProParamSet =    822;
+  SN_id_Gost28147_89_TestParamSet =   'id-Gost28147-89-TestParamSet';
+  NID_id_Gost28147_89_TestParamSet =     823;
+  SN_id_Gost28147_89_CryptoPro_A_ParamSet =   'id-Gost28147-89-CryptoPro-A-ParamSet';
+  NID_id_Gost28147_89_CryptoPro_A_ParamSet =     824;
+  SN_id_Gost28147_89_CryptoPro_B_ParamSet =   'id-Gost28147-89-CryptoPro-B-ParamSet';
+  NID_id_Gost28147_89_CryptoPro_B_ParamSet =     825;
+  SN_id_Gost28147_89_CryptoPro_C_ParamSet =   'id-Gost28147-89-CryptoPro-C-ParamSet';
+  NID_id_Gost28147_89_CryptoPro_C_ParamSet =     826;
+  SN_id_Gost28147_89_CryptoPro_D_ParamSet =   'id-Gost28147-89-CryptoPro-D-ParamSet';
+  NID_id_Gost28147_89_CryptoPro_D_ParamSet =     827;
+  SN_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet =   'id-Gost28147-89-CryptoPro-Oscar-1-1-ParamSet';
+  NID_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet =     828;
+  SN_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet =   'id-Gost28147-89-CryptoPro-Oscar-1-0-ParamSet';
+  NID_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet =     829;
+  SN_id_Gost28147_89_CryptoPro_RIC_1_ParamSet =    'id-Gost28147-89-CryptoPro-RIC-1-ParamSet';
+  NID_id_Gost28147_89_CryptoPro_RIC_1_ParamSet =    830;
+  SN_id_GostR3410_94_TestParamSet =   'id-GostR3410-94-TestParamSet';
+  NID_id_GostR3410_94_TestParamSet =     831;
+  SN_id_GostR3410_94_CryptoPro_A_ParamSet =   'id-GostR3410-94-CryptoPro-A-ParamSet';
+  NID_id_GostR3410_94_CryptoPro_A_ParamSet =     832;
+  SN_id_GostR3410_94_CryptoPro_B_ParamSet =   'id-GostR3410-94-CryptoPro-B-ParamSet';
+  NID_id_GostR3410_94_CryptoPro_B_ParamSet =     833;
+  SN_id_GostR3410_94_CryptoPro_C_ParamSet =   'id-GostR3410-94-CryptoPro-C-ParamSet';
+  NID_id_GostR3410_94_CryptoPro_C_ParamSet =     834;
+  SN_id_GostR3410_94_CryptoPro_D_ParamSet =   'id-GostR3410-94-CryptoPro-D-ParamSet';
+  NID_id_GostR3410_94_CryptoPro_D_ParamSet =     835;
+  SN_id_GostR3410_94_CryptoPro_XchA_ParamSet =    'id-GostR3410-94-CryptoPro-XchA-ParamSet';
+  NID_id_GostR3410_94_CryptoPro_XchA_ParamSet =    836;
+  SN_id_GostR3410_94_CryptoPro_XchB_ParamSet =    'id-GostR3410-94-CryptoPro-XchB-ParamSet';
+  NID_id_GostR3410_94_CryptoPro_XchB_ParamSet =    837;
+  SN_id_GostR3410_94_CryptoPro_XchC_ParamSet =    'id-GostR3410-94-CryptoPro-XchC-ParamSet';
+  NID_id_GostR3410_94_CryptoPro_XchC_ParamSet =    838;
+  SN_id_GostR3410_2001_TestParamSet =     'id-GostR3410-2001-TestParamSet';
+  NID_id_GostR3410_2001_TestParamSet =    839;
+  SN_id_GostR3410_2001_CryptoPro_A_ParamSet =     'id-GostR3410-2001-CryptoPro-A-ParamSet';
+  NID_id_GostR3410_2001_CryptoPro_A_ParamSet =    840;
+  SN_id_GostR3410_2001_CryptoPro_B_ParamSet =     'id-GostR3410-2001-CryptoPro-B-ParamSet';
+  NID_id_GostR3410_2001_CryptoPro_B_ParamSet =    841;
+  SN_id_GostR3410_2001_CryptoPro_C_ParamSet =     'id-GostR3410-2001-CryptoPro-C-ParamSet';
+  NID_id_GostR3410_2001_CryptoPro_C_ParamSet =    842;
+  SN_id_GostR3410_2001_CryptoPro_XchA_ParamSet =    'id-GostR3410-2001-CryptoPro-XchA-ParamSet';
+  NID_id_GostR3410_2001_CryptoPro_XchA_ParamSet =    843;
+  SN_id_GostR3410_2001_CryptoPro_XchB_ParamSet =    'id-GostR3410-2001-CryptoPro-XchB-ParamSet';
+  NID_id_GostR3410_2001_CryptoPro_XchB_ParamSet =    844;
+  SN_id_GostR3410_94_a =    'id-GostR3410-94-a';
+  NID_id_GostR3410_94_a =    845;
+  SN_id_GostR3410_94_aBis =   'id-GostR3410-94-aBis';
+  NID_id_GostR3410_94_aBis =     846;
+  SN_id_GostR3410_94_b =    'id-GostR3410-94-b';
+  NID_id_GostR3410_94_b =    847;
+  SN_id_GostR3410_94_bBis =   'id-GostR3410-94-bBis';
+  NID_id_GostR3410_94_bBis =     848;
+  SN_id_Gost28147_89_cc =    'id-Gost28147-89-cc';
+  LN_id_Gost28147_89_cc =    'GOST 28147-89 Cryptocom ParamSet';
+  NID_id_Gost28147_89_cc =   849;
+  SN_id_GostR3410_94_cc =    'gost94cc';
+  LN_id_GostR3410_94_cc =    'GOST 34.10-94 Cryptocom';
+  NID_id_GostR3410_94_cc =   850;
+  SN_id_GostR3410_2001_cc =   'gost2001cc';
+  LN_id_GostR3410_2001_cc =   'GOST 34.10-2001 Cryptocom';
+  NID_id_GostR3410_2001_cc =     851;
+  SN_id_GostR3411_94_with_GostR3410_94_cc =   'id-GostR3411-94-with-GostR3410-94-cc';
+  LN_id_GostR3411_94_with_GostR3410_94_cc =   'GOST R 34.11-94 with GOST R 34.10-94 Cryptocom';
+  NID_id_GostR3411_94_with_GostR3410_94_cc =     852;
+  SN_id_GostR3411_94_with_GostR3410_2001_cc =     'id-GostR3411-94-with-GostR3410-2001-cc';
+  LN_id_GostR3411_94_with_GostR3410_2001_cc =     'GOST R 34.11-94 with GOST R 34.10-2001 Cryptocom';
+  NID_id_GostR3411_94_with_GostR3410_2001_cc =    853;
+  SN_id_GostR3410_2001_ParamSet_cc =     'id-GostR3410-2001-ParamSet-cc';
+  LN_id_GostR3410_2001_ParamSet_cc =     'GOST R 3410-2001 Parameter Set Cryptocom';
+  NID_id_GostR3410_2001_ParamSet_cc =     854;
+  SN_id_tc26_algorithms =    'id-tc26-algorithms';
+  NID_id_tc26_algorithms =   977;
+  SN_id_tc26_sign =   'id-tc26-sign';
+  NID_id_tc26_sign =     978;
+  SN_id_GostR3410_2012_256 =     'gost2012_256';
+  LN_id_GostR3410_2012_256 =     'GOST R 34.10-2012 with 256 bit modulus';
+  NID_id_GostR3410_2012_256 =     979;
+  SN_id_GostR3410_2012_512 =     'gost2012_512';
+  LN_id_GostR3410_2012_512 =     'GOST R 34.10-2012 with 512 bit modulus';
+  NID_id_GostR3410_2012_512 =     980;
+  SN_id_tc26_digest =     'id-tc26-digest';
+  NID_id_tc26_digest =    981;
+  SN_id_GostR3411_2012_256 =     'md_gost12_256';
+  LN_id_GostR3411_2012_256 =     'GOST R 34.11-2012 with 256 bit hash';
+  NID_id_GostR3411_2012_256 =     982;
+  SN_id_GostR3411_2012_512 =     'md_gost12_512';
+  LN_id_GostR3411_2012_512 =     'GOST R 34.11-2012 with 512 bit hash';
+  NID_id_GostR3411_2012_512 =     983;
+  SN_id_tc26_signwithdigest =     'id-tc26-signwithdigest';
+  NID_id_tc26_signwithdigest =    984;
+  SN_id_tc26_signwithdigest_gost3410_2012_256 =    'id-tc26-signwithdigest-gost3410-2012-256';
+  LN_id_tc26_signwithdigest_gost3410_2012_256 =    'GOST R 34.10-2012 with GOST R 34.11-2012(256 bit)';
+  NID_id_tc26_signwithdigest_gost3410_2012_256 =    985;
+  SN_id_tc26_signwithdigest_gost3410_2012_512 =    'id-tc26-signwithdigest-gost3410-2012-512';
+  LN_id_tc26_signwithdigest_gost3410_2012_512 =    'GOST R 34.10-2012 with GOST R 34.11-2012(512 bit)';
+  NID_id_tc26_signwithdigest_gost3410_2012_512 =    986;
+  SN_id_tc26_mac =   'id-tc26-mac';
+  NID_id_tc26_mac =   987;
+  SN_id_tc26_hmac_gost_3411_2012_256 =    'id-tc26-hmac-gost-3411-2012-256';
+  LN_id_tc26_hmac_gost_3411_2012_256 =    'HMAC GOST 34.11-2012 256 bit';
+  NID_id_tc26_hmac_gost_3411_2012_256 =    988;
+  SN_id_tc26_hmac_gost_3411_2012_512 =    'id-tc26-hmac-gost-3411-2012-512';
+  LN_id_tc26_hmac_gost_3411_2012_512 =    'HMAC GOST 34.11-2012 512 bit';
+  NID_id_tc26_hmac_gost_3411_2012_512 =    989;
+  SN_id_tc26_cipher =     'id-tc26-cipher';
+  NID_id_tc26_cipher =    990;
+  SN_id_tc26_cipher_gostr3412_2015_magma =   'id-tc26-cipher-gostr3412-2015-magma';
+  NID_id_tc26_cipher_gostr3412_2015_magma =   1173;
+  SN_id_tc26_cipher_gostr3412_2015_magma_ctracpkm =   'id-tc26-cipher-gostr3412-2015-magma-ctracpkm';
+  NID_id_tc26_cipher_gostr3412_2015_magma_ctracpkm =     1174;
+  SN_id_tc26_cipher_gostr3412_2015_magma_ctracpkm_omac =    'id-tc26-cipher-gostr3412-2015-magma-ctracpkm-omac';
+  NID_id_tc26_cipher_gostr3412_2015_magma_ctracpkm_omac =    1175;
+  SN_id_tc26_cipher_gostr3412_2015_kuznyechik =    'id-tc26-cipher-gostr3412-2015-kuznyechik';
+  NID_id_tc26_cipher_gostr3412_2015_kuznyechik =    1176;
+  SN_id_tc26_cipher_gostr3412_2015_kuznyechik_ctracpkm =    'id-tc26-cipher-gostr3412-2015-kuznyechik-ctracpkm';
+  NID_id_tc26_cipher_gostr3412_2015_kuznyechik_ctracpkm =    1177;
+  SN_id_tc26_cipher_gostr3412_2015_kuznyechik_ctracpkm_omac =     'id-tc26-cipher-gostr3412-2015-kuznyechik-ctracpkm-omac';
+  NID_id_tc26_cipher_gostr3412_2015_kuznyechik_ctracpkm_omac =    1178;
+  SN_id_tc26_agreement =    'id-tc26-agreement';
+  NID_id_tc26_agreement =    991;
+  SN_id_tc26_agreement_gost_3410_2012_256 =   'id-tc26-agreement-gost-3410-2012-256';
+  NID_id_tc26_agreement_gost_3410_2012_256 =     992;
+  SN_id_tc26_agreement_gost_3410_2012_512 =   'id-tc26-agreement-gost-3410-2012-512';
+  NID_id_tc26_agreement_gost_3410_2012_512 =     993;
+  SN_id_tc26_wrap =   'id-tc26-wrap';
+  NID_id_tc26_wrap =     1179;
+  SN_id_tc26_wrap_gostr3412_2015_magma =    'id-tc26-wrap-gostr3412-2015-magma';
+  NID_id_tc26_wrap_gostr3412_2015_magma =    1180;
+  SN_id_tc26_wrap_gostr3412_2015_magma_kexp15 =    'id-tc26-wrap-gostr3412-2015-magma-kexp15';
+  NID_id_tc26_wrap_gostr3412_2015_magma_kexp15 =    1181;
+  SN_id_tc26_wrap_gostr3412_2015_kuznyechik =     'id-tc26-wrap-gostr3412-2015-kuznyechik';
+  NID_id_tc26_wrap_gostr3412_2015_kuznyechik =    1182;
+  SN_id_tc26_wrap_gostr3412_2015_kuznyechik_kexp15 =     'id-tc26-wrap-gostr3412-2015-kuznyechik-kexp15';
+  NID_id_tc26_wrap_gostr3412_2015_kuznyechik_kexp15 =     1183;
+  SN_id_tc26_constants =    'id-tc26-constants';
+  NID_id_tc26_constants =    994;
+  SN_id_tc26_sign_constants =     'id-tc26-sign-constants';
+  NID_id_tc26_sign_constants =    995;
+  SN_id_tc26_gost_3410_2012_256_constants =   'id-tc26-gost-3410-2012-256-constants';
+  NID_id_tc26_gost_3410_2012_256_constants =     1147;
+  SN_id_tc26_gost_3410_2012_256_paramSetA =   'id-tc26-gost-3410-2012-256-paramSetA';
+  LN_id_tc26_gost_3410_2012_256_paramSetA =   'GOST R 34.10-2012(256 bit)ParamSet A';
+  NID_id_tc26_gost_3410_2012_256_paramSetA =     1148;
+  SN_id_tc26_gost_3410_2012_256_paramSetB =   'id-tc26-gost-3410-2012-256-paramSetB';
+  LN_id_tc26_gost_3410_2012_256_paramSetB =   'GOST R 34.10-2012(256 bit)ParamSet B';
+  NID_id_tc26_gost_3410_2012_256_paramSetB =     1184;
+  SN_id_tc26_gost_3410_2012_256_paramSetC =   'id-tc26-gost-3410-2012-256-paramSetC';
+  LN_id_tc26_gost_3410_2012_256_paramSetC =   'GOST R 34.10-2012(256 bit)ParamSet C';
+  NID_id_tc26_gost_3410_2012_256_paramSetC =     1185;
+  SN_id_tc26_gost_3410_2012_256_paramSetD =   'id-tc26-gost-3410-2012-256-paramSetD';
+  LN_id_tc26_gost_3410_2012_256_paramSetD =   'GOST R 34.10-2012(256 bit)ParamSet D';
+  NID_id_tc26_gost_3410_2012_256_paramSetD =     1186;
+  SN_id_tc26_gost_3410_2012_512_constants =   'id-tc26-gost-3410-2012-512-constants';
+  NID_id_tc26_gost_3410_2012_512_constants =     996;
+  SN_id_tc26_gost_3410_2012_512_paramSetTest =    'id-tc26-gost-3410-2012-512-paramSetTest';
+  LN_id_tc26_gost_3410_2012_512_paramSetTest =    'GOST R 34.10-2012(512 bit)testing parameter set';
+  NID_id_tc26_gost_3410_2012_512_paramSetTest =    997;
+  SN_id_tc26_gost_3410_2012_512_paramSetA =   'id-tc26-gost-3410-2012-512-paramSetA';
+  LN_id_tc26_gost_3410_2012_512_paramSetA =   'GOST R 34.10-2012(512 bit)ParamSet A';
+  NID_id_tc26_gost_3410_2012_512_paramSetA =     998;
+  SN_id_tc26_gost_3410_2012_512_paramSetB =   'id-tc26-gost-3410-2012-512-paramSetB';
+  LN_id_tc26_gost_3410_2012_512_paramSetB =   'GOST R 34.10-2012(512 bit)ParamSet B';
+  NID_id_tc26_gost_3410_2012_512_paramSetB =     999;
+  SN_id_tc26_gost_3410_2012_512_paramSetC =   'id-tc26-gost-3410-2012-512-paramSetC';
+  LN_id_tc26_gost_3410_2012_512_paramSetC =   'GOST R 34.10-2012(512 bit)ParamSet C';
+  NID_id_tc26_gost_3410_2012_512_paramSetC =     1149;
+  SN_id_tc26_digest_constants =    'id-tc26-digest-constants';
+  NID_id_tc26_digest_constants =    1000;
+  SN_id_tc26_cipher_constants =    'id-tc26-cipher-constants';
+  NID_id_tc26_cipher_constants =    1001;
+  SN_id_tc26_gost_28147_constants =   'id-tc26-gost-28147-constants';
+  NID_id_tc26_gost_28147_constants =     1002;
+  SN_id_tc26_gost_28147_param_Z =    'id-tc26-gost-28147-param-Z';
+  LN_id_tc26_gost_28147_param_Z =    'GOST 28147-89 TC26 parameter set';
+  NID_id_tc26_gost_28147_param_Z =   1003;
+  SN_INN =   'INN';
+  LN_INN =   'INN';
+  NID_INN =   1004;
+  SN_OGRN =   'OGRN';
+  LN_OGRN =   'OGRN';
+  NID_OGRN =     1005;
+  SN_SNILS =     'SNILS';
+  LN_SNILS =     'SNILS';
+  NID_SNILS =     1006;
+  SN_subjectSignTool =    'subjectSignTool';
+  LN_subjectSignTool =    'Signing Tool of Subject';
+  NID_subjectSignTool =    1007;
+  SN_issuerSignTool =     'issuerSignTool';
+  LN_issuerSignTool =     'Signing Tool of Issuer';
+  NID_issuerSignTool =    1008;
+  SN_grasshopper_ecb =    'grasshopper-ecb';
+  NID_grasshopper_ecb =    1012;
+  SN_grasshopper_ctr =    'grasshopper-ctr';
+  NID_grasshopper_ctr =    1013;
+  SN_grasshopper_ofb =    'grasshopper-ofb';
+  NID_grasshopper_ofb =    1014;
+  SN_grasshopper_cbc =    'grasshopper-cbc';
+  NID_grasshopper_cbc =    1015;
+  SN_grasshopper_cfb =    'grasshopper-cfb';
+  NID_grasshopper_cfb =    1016;
+  SN_grasshopper_mac =    'grasshopper-mac';
+  NID_grasshopper_mac =    1017;
+  SN_magma_ecb =    'magma-ecb';
+  NID_magma_ecb =    1187;
+  SN_magma_ctr =    'magma-ctr';
+  NID_magma_ctr =    1188;
+  SN_magma_ofb =    'magma-ofb';
+  NID_magma_ofb =    1189;
+  SN_magma_cbc =    'magma-cbc';
+  NID_magma_cbc =    1190;
+  SN_magma_cfb =    'magma-cfb';
+  NID_magma_cfb =    1191;
+  SN_magma_mac =    'magma-mac';
+  NID_magma_mac =    1192;
+  SN_camellia_128_cbc =    'CAMELLIA-128-CBC';
+  LN_camellia_128_cbc =    'camellia-128-cbc';
+  NID_camellia_128_cbc =    751;
+  SN_camellia_192_cbc =    'CAMELLIA-192-CBC';
+  LN_camellia_192_cbc =    'camellia-192-cbc';
+  NID_camellia_192_cbc =    752;
+  SN_camellia_256_cbc =    'CAMELLIA-256-CBC';
+  LN_camellia_256_cbc =    'camellia-256-cbc';
+  NID_camellia_256_cbc =    753;
+  SN_id_camellia128_wrap =   'id-camellia128-wrap';
+  NID_id_camellia128_wrap =   907;
+  SN_id_camellia192_wrap =   'id-camellia192-wrap';
+  NID_id_camellia192_wrap =   908;
+  SN_id_camellia256_wrap =   'id-camellia256-wrap';
+  NID_id_camellia256_wrap =   909;
+  SN_camellia_128_ecb =    'CAMELLIA-128-ECB';
+  LN_camellia_128_ecb =    'camellia-128-ecb';
+  NID_camellia_128_ecb =    754;
+  SN_camellia_128_ofb128 =   'CAMELLIA-128-OFB';
+  LN_camellia_128_ofb128 =   'camellia-128-ofb';
+  NID_camellia_128_ofb128 =   766;
+  SN_camellia_128_cfb128 =   'CAMELLIA-128-CFB';
+  LN_camellia_128_cfb128 =   'camellia-128-cfb';
+  NID_camellia_128_cfb128 =   757;
+  SN_camellia_128_gcm =    'CAMELLIA-128-GCM';
+  LN_camellia_128_gcm =    'camellia-128-gcm';
+  NID_camellia_128_gcm =    961;
+  SN_camellia_128_ccm =    'CAMELLIA-128-CCM';
+  LN_camellia_128_ccm =    'camellia-128-ccm';
+  NID_camellia_128_ccm =    962;
+  SN_camellia_128_ctr =    'CAMELLIA-128-CTR';
+  LN_camellia_128_ctr =    'camellia-128-ctr';
+  NID_camellia_128_ctr =    963;
+  SN_camellia_128_cmac =    'CAMELLIA-128-CMAC';
+  LN_camellia_128_cmac =    'camellia-128-cmac';
+  NID_camellia_128_cmac =    964;
+  SN_camellia_192_ecb =    'CAMELLIA-192-ECB';
+  LN_camellia_192_ecb =    'camellia-192-ecb';
+  NID_camellia_192_ecb =    755;
+  SN_camellia_192_ofb128 =   'CAMELLIA-192-OFB';
+  LN_camellia_192_ofb128 =   'camellia-192-ofb';
+  NID_camellia_192_ofb128 =   767;
+  SN_camellia_192_cfb128 =   'CAMELLIA-192-CFB';
+  LN_camellia_192_cfb128 =   'camellia-192-cfb';
+  NID_camellia_192_cfb128 =   758;
+  SN_camellia_192_gcm =    'CAMELLIA-192-GCM';
+  LN_camellia_192_gcm =    'camellia-192-gcm';
+  NID_camellia_192_gcm =    965;
+  SN_camellia_192_ccm =    'CAMELLIA-192-CCM';
+  LN_camellia_192_ccm =    'camellia-192-ccm';
+  NID_camellia_192_ccm =    966;
+  SN_camellia_192_ctr =    'CAMELLIA-192-CTR';
+  LN_camellia_192_ctr =    'camellia-192-ctr';
+  NID_camellia_192_ctr =    967;
+  SN_camellia_192_cmac =    'CAMELLIA-192-CMAC';
+  LN_camellia_192_cmac =    'camellia-192-cmac';
+  NID_camellia_192_cmac =    968;
+  SN_camellia_256_ecb =    'CAMELLIA-256-ECB';
+  LN_camellia_256_ecb =    'camellia-256-ecb';
+  NID_camellia_256_ecb =    756;
+  SN_camellia_256_ofb128 =   'CAMELLIA-256-OFB';
+  LN_camellia_256_ofb128 =   'camellia-256-ofb';
+  NID_camellia_256_ofb128 =   768;
+  SN_camellia_256_cfb128 =   'CAMELLIA-256-CFB';
+  LN_camellia_256_cfb128 =   'camellia-256-cfb';
+  NID_camellia_256_cfb128 =   759;
+  SN_camellia_256_gcm =    'CAMELLIA-256-GCM';
+  LN_camellia_256_gcm =    'camellia-256-gcm';
+  NID_camellia_256_gcm =    969;
+  SN_camellia_256_ccm =    'CAMELLIA-256-CCM';
+  LN_camellia_256_ccm =    'camellia-256-ccm';
+  NID_camellia_256_ccm =    970;
+  SN_camellia_256_ctr =    'CAMELLIA-256-CTR';
+  LN_camellia_256_ctr =    'camellia-256-ctr';
+  NID_camellia_256_ctr =    971;
+  SN_camellia_256_cmac =    'CAMELLIA-256-CMAC';
+  LN_camellia_256_cmac =    'camellia-256-cmac';
+  NID_camellia_256_cmac =    972;
+  SN_camellia_128_cfb1 =    'CAMELLIA-128-CFB1';
+  LN_camellia_128_cfb1 =    'camellia-128-cfb1';
+  NID_camellia_128_cfb1 =    760;
+  SN_camellia_192_cfb1 =    'CAMELLIA-192-CFB1';
+  LN_camellia_192_cfb1 =    'camellia-192-cfb1';
+  NID_camellia_192_cfb1 =    761;
+  SN_camellia_256_cfb1 =    'CAMELLIA-256-CFB1';
+  LN_camellia_256_cfb1 =    'camellia-256-cfb1';
+  NID_camellia_256_cfb1 =    762;
+  SN_camellia_128_cfb8 =    'CAMELLIA-128-CFB8';
+  LN_camellia_128_cfb8 =    'camellia-128-cfb8';
+  NID_camellia_128_cfb8 =    763;
+  SN_camellia_192_cfb8 =    'CAMELLIA-192-CFB8';
+  LN_camellia_192_cfb8 =    'camellia-192-cfb8';
+  NID_camellia_192_cfb8 =    764;
+  SN_camellia_256_cfb8 =    'CAMELLIA-256-CFB8';
+  LN_camellia_256_cfb8 =    'camellia-256-cfb8';
+  NID_camellia_256_cfb8 =    765;
+  SN_aria_128_ecb =   'ARIA-128-ECB';
+  LN_aria_128_ecb =   'aria-128-ecb';
+  NID_aria_128_ecb =     1065;
+  SN_aria_128_cbc =   'ARIA-128-CBC';
+  LN_aria_128_cbc =   'aria-128-cbc';
+  NID_aria_128_cbc =     1066;
+  SN_aria_128_cfb128 =    'ARIA-128-CFB';
+  LN_aria_128_cfb128 =    'aria-128-cfb';
+  NID_aria_128_cfb128 =    1067;
+  SN_aria_128_ofb128 =    'ARIA-128-OFB';
+  LN_aria_128_ofb128 =    'aria-128-ofb';
+  NID_aria_128_ofb128 =    1068;
+  SN_aria_128_ctr =   'ARIA-128-CTR';
+  LN_aria_128_ctr =   'aria-128-ctr';
+  NID_aria_128_ctr =     1069;
+  SN_aria_192_ecb =   'ARIA-192-ECB';
+  LN_aria_192_ecb =   'aria-192-ecb';
+  NID_aria_192_ecb =     1070;
+  SN_aria_192_cbc =   'ARIA-192-CBC';
+  LN_aria_192_cbc =   'aria-192-cbc';
+  NID_aria_192_cbc =     1071;
+  SN_aria_192_cfb128 =    'ARIA-192-CFB';
+  LN_aria_192_cfb128 =    'aria-192-cfb';
+  NID_aria_192_cfb128 =    1072;
+  SN_aria_192_ofb128 =    'ARIA-192-OFB';
+  LN_aria_192_ofb128 =    'aria-192-ofb';
+  NID_aria_192_ofb128 =    1073;
+  SN_aria_192_ctr =   'ARIA-192-CTR';
+  LN_aria_192_ctr =   'aria-192-ctr';
+  NID_aria_192_ctr =     1074;
+  SN_aria_256_ecb =   'ARIA-256-ECB';
+  LN_aria_256_ecb =   'aria-256-ecb';
+  NID_aria_256_ecb =     1075;
+  SN_aria_256_cbc =   'ARIA-256-CBC';
+  LN_aria_256_cbc =   'aria-256-cbc';
+  NID_aria_256_cbc =     1076;
+  SN_aria_256_cfb128 =    'ARIA-256-CFB';
+  LN_aria_256_cfb128 =    'aria-256-cfb';
+  NID_aria_256_cfb128 =    1077;
+  SN_aria_256_ofb128 =    'ARIA-256-OFB';
+  LN_aria_256_ofb128 =    'aria-256-ofb';
+  NID_aria_256_ofb128 =    1078;
+  SN_aria_256_ctr =   'ARIA-256-CTR';
+  LN_aria_256_ctr =   'aria-256-ctr';
+  NID_aria_256_ctr =     1079;
+  SN_aria_128_cfb1 =     'ARIA-128-CFB1';
+  LN_aria_128_cfb1 =     'aria-128-cfb1';
+  NID_aria_128_cfb1 =     1080;
+  SN_aria_192_cfb1 =     'ARIA-192-CFB1';
+  LN_aria_192_cfb1 =     'aria-192-cfb1';
+  NID_aria_192_cfb1 =     1081;
+  SN_aria_256_cfb1 =     'ARIA-256-CFB1';
+  LN_aria_256_cfb1 =     'aria-256-cfb1';
+  NID_aria_256_cfb1 =     1082;
+  SN_aria_128_cfb8 =     'ARIA-128-CFB8';
+  LN_aria_128_cfb8 =     'aria-128-cfb8';
+  NID_aria_128_cfb8 =     1083;
+  SN_aria_192_cfb8 =     'ARIA-192-CFB8';
+  LN_aria_192_cfb8 =     'aria-192-cfb8';
+  NID_aria_192_cfb8 =     1084;
+  SN_aria_256_cfb8 =     'ARIA-256-CFB8';
+  LN_aria_256_cfb8 =     'aria-256-cfb8';
+  NID_aria_256_cfb8 =     1085;
+  SN_aria_128_ccm =   'ARIA-128-CCM';
+  LN_aria_128_ccm =   'aria-128-ccm';
+  NID_aria_128_ccm =     1120;
+  SN_aria_192_ccm =   'ARIA-192-CCM';
+  LN_aria_192_ccm =   'aria-192-ccm';
+  NID_aria_192_ccm =     1121;
+  SN_aria_256_ccm =   'ARIA-256-CCM';
+  LN_aria_256_ccm =   'aria-256-ccm';
+  NID_aria_256_ccm =     1122;
+  SN_aria_128_gcm =   'ARIA-128-GCM';
+  LN_aria_128_gcm =   'aria-128-gcm';
+  NID_aria_128_gcm =     1123;
+  SN_aria_192_gcm =   'ARIA-192-GCM';
+  LN_aria_192_gcm =   'aria-192-gcm';
+  NID_aria_192_gcm =     1124;
+  SN_aria_256_gcm =   'ARIA-256-GCM';
+  LN_aria_256_gcm =   'aria-256-gcm';
+  NID_aria_256_gcm =     1125;
+  SN_kisa =   'KISA';
+  LN_kisa =   'kisa';
+  NID_kisa =     773;
+  SN_seed_ecb =    'SEED-ECB';
+  LN_seed_ecb =    'seed-ecb';
+  NID_seed_ecb =    776;
+  SN_seed_cbc =    'SEED-CBC';
+  LN_seed_cbc =    'seed-cbc';
+  NID_seed_cbc =    777;
+  SN_seed_cfb128 =   'SEED-CFB';
+  LN_seed_cfb128 =   'seed-cfb';
+  NID_seed_cfb128 =   779;
+  SN_seed_ofb128 =   'SEED-OFB';
+  LN_seed_ofb128 =   'seed-ofb';
+  NID_seed_ofb128 =   778;
+  SN_sm4_ecb =    'SM4-ECB';
+  LN_sm4_ecb =    'sm4-ecb';
+  NID_sm4_ecb =    1133;
+  SN_sm4_cbc =    'SM4-CBC';
+  LN_sm4_cbc =    'sm4-cbc';
+  NID_sm4_cbc =    1134;
+  SN_sm4_ofb128 =    'SM4-OFB';
+  LN_sm4_ofb128 =    'sm4-ofb';
+  NID_sm4_ofb128 =   1135;
+  SN_sm4_cfb128 =    'SM4-CFB';
+  LN_sm4_cfb128 =    'sm4-cfb';
+  NID_sm4_cfb128 =   1137;
+  SN_sm4_cfb1 =    'SM4-CFB1';
+  LN_sm4_cfb1 =    'sm4-cfb1';
+  NID_sm4_cfb1 =    1136;
+  SN_sm4_cfb8 =    'SM4-CFB8';
+  LN_sm4_cfb8 =    'sm4-cfb8';
+  NID_sm4_cfb8 =    1138;
+  SN_sm4_ctr =    'SM4-CTR';
+  LN_sm4_ctr =    'sm4-ctr';
+  NID_sm4_ctr =    1139;
+  SN_hmac =   'HMAC';
+  LN_hmac =   'hmac';
+  NID_hmac =     855;
+  SN_cmac =   'CMAC';
+  LN_cmac =   'cmac';
+  NID_cmac =     894;
+  SN_rc4_hmac_md5 =   'RC4-HMAC-MD5';
+  LN_rc4_hmac_md5 =   'rc4-hmac-md5';
+  NID_rc4_hmac_md5 =     915;
+  SN_aes_128_cbc_hmac_sha1 =     'AES-128-CBC-HMAC-SHA1';
+  LN_aes_128_cbc_hmac_sha1 =     'aes-128-cbc-hmac-sha1';
+  NID_aes_128_cbc_hmac_sha1 =     916;
+  SN_aes_192_cbc_hmac_sha1 =     'AES-192-CBC-HMAC-SHA1';
+  LN_aes_192_cbc_hmac_sha1 =     'aes-192-cbc-hmac-sha1';
+  NID_aes_192_cbc_hmac_sha1 =     917;
+  SN_aes_256_cbc_hmac_sha1 =     'AES-256-CBC-HMAC-SHA1';
+  LN_aes_256_cbc_hmac_sha1 =     'aes-256-cbc-hmac-sha1';
+  NID_aes_256_cbc_hmac_sha1 =     918;
+  SN_aes_128_cbc_hmac_sha256 =    'AES-128-CBC-HMAC-SHA256';
+  LN_aes_128_cbc_hmac_sha256 =    'aes-128-cbc-hmac-sha256';
+  NID_aes_128_cbc_hmac_sha256 =    948;
+  SN_aes_192_cbc_hmac_sha256 =    'AES-192-CBC-HMAC-SHA256';
+  LN_aes_192_cbc_hmac_sha256 =    'aes-192-cbc-hmac-sha256';
+  NID_aes_192_cbc_hmac_sha256 =    949;
+  SN_aes_256_cbc_hmac_sha256 =    'AES-256-CBC-HMAC-SHA256';
+  LN_aes_256_cbc_hmac_sha256 =    'aes-256-cbc-hmac-sha256';
+  NID_aes_256_cbc_hmac_sha256 =    950;
+  SN_chacha20_poly1305 =    'ChaCha20-Poly1305';
+  LN_chacha20_poly1305 =    'chacha20-poly1305';
+  NID_chacha20_poly1305 =    1018;
+  SN_chacha20 =    'ChaCha20';
+  LN_chacha20 =    'chacha20';
+  NID_chacha20 =    1019;
+  SN_dhpublicnumber =     'dhpublicnumber';
+  LN_dhpublicnumber =     'X9.42 DH';
+  NID_dhpublicnumber =    920;
+  SN_brainpoolP160r1 =    'brainpoolP160r1';
+  NID_brainpoolP160r1 =    921;
+  SN_brainpoolP160t1 =    'brainpoolP160t1';
+  NID_brainpoolP160t1 =    922;
+  SN_brainpoolP192r1 =    'brainpoolP192r1';
+  NID_brainpoolP192r1 =    923;
+  SN_brainpoolP192t1 =    'brainpoolP192t1';
+  NID_brainpoolP192t1 =    924;
+  SN_brainpoolP224r1 =    'brainpoolP224r1';
+  NID_brainpoolP224r1 =    925;
+  SN_brainpoolP224t1 =    'brainpoolP224t1';
+  NID_brainpoolP224t1 =    926;
+  SN_brainpoolP256r1 =    'brainpoolP256r1';
+  NID_brainpoolP256r1 =    927;
+  SN_brainpoolP256t1 =    'brainpoolP256t1';
+  NID_brainpoolP256t1 =    928;
+  SN_brainpoolP320r1 =    'brainpoolP320r1';
+  NID_brainpoolP320r1 =    929;
+  SN_brainpoolP320t1 =    'brainpoolP320t1';
+  NID_brainpoolP320t1 =    930;
+  SN_brainpoolP384r1 =    'brainpoolP384r1';
+  NID_brainpoolP384r1 =    931;
+  SN_brainpoolP384t1 =    'brainpoolP384t1';
+  NID_brainpoolP384t1 =    932;
+  SN_brainpoolP512r1 =    'brainpoolP512r1';
+  NID_brainpoolP512r1 =    933;
+  SN_brainpoolP512t1 =    'brainpoolP512t1';
+  NID_brainpoolP512t1 =    934;
+  SN_dhSinglePass_stdDH_sha1kdf_scheme =    'dhSinglePass-stdDH-sha1kdf-scheme';
+  NID_dhSinglePass_stdDH_sha1kdf_scheme =    936;
+  SN_dhSinglePass_stdDH_sha224kdf_scheme =   'dhSinglePass-stdDH-sha224kdf-scheme';
+  NID_dhSinglePass_stdDH_sha224kdf_scheme =   937;
+  SN_dhSinglePass_stdDH_sha256kdf_scheme =   'dhSinglePass-stdDH-sha256kdf-scheme';
+  NID_dhSinglePass_stdDH_sha256kdf_scheme =   938;
+  SN_dhSinglePass_stdDH_sha384kdf_scheme =   'dhSinglePass-stdDH-sha384kdf-scheme';
+  NID_dhSinglePass_stdDH_sha384kdf_scheme =   939;
+  SN_dhSinglePass_stdDH_sha512kdf_scheme =   'dhSinglePass-stdDH-sha512kdf-scheme';
+  NID_dhSinglePass_stdDH_sha512kdf_scheme =   940;
+  SN_dhSinglePass_cofactorDH_sha1kdf_scheme =     'dhSinglePass-cofactorDH-sha1kdf-scheme';
+  NID_dhSinglePass_cofactorDH_sha1kdf_scheme =    941;
+  SN_dhSinglePass_cofactorDH_sha224kdf_scheme =    'dhSinglePass-cofactorDH-sha224kdf-scheme';
+  NID_dhSinglePass_cofactorDH_sha224kdf_scheme =    942;
+  SN_dhSinglePass_cofactorDH_sha256kdf_scheme =    'dhSinglePass-cofactorDH-sha256kdf-scheme';
+  NID_dhSinglePass_cofactorDH_sha256kdf_scheme =    943;
+  SN_dhSinglePass_cofactorDH_sha384kdf_scheme =    'dhSinglePass-cofactorDH-sha384kdf-scheme';
+  NID_dhSinglePass_cofactorDH_sha384kdf_scheme =    944;
+  SN_dhSinglePass_cofactorDH_sha512kdf_scheme =    'dhSinglePass-cofactorDH-sha512kdf-scheme';
+  NID_dhSinglePass_cofactorDH_sha512kdf_scheme =    945;
+  SN_dh_std_kdf =    'dh-std-kdf';
+  NID_dh_std_kdf =   946;
+  SN_dh_cofactor_kdf =    'dh-cofactor-kdf';
+  NID_dh_cofactor_kdf =    947;
+  SN_ct_precert_scts =    'ct_precert_scts';
+  LN_ct_precert_scts =    'CT Precertificate SCTs';
+  NID_ct_precert_scts =    951;
+  SN_ct_precert_poison =    'ct_precert_poison';
+  LN_ct_precert_poison =    'CT Precertificate Poison';
+  NID_ct_precert_poison =    952;
+  SN_ct_precert_signer =    'ct_precert_signer';
+  LN_ct_precert_signer =    'CT Precertificate Signer';
+  NID_ct_precert_signer =    953;
+  SN_ct_cert_scts =   'ct_cert_scts';
+  LN_ct_cert_scts =   'CT Certificate SCTs';
+  NID_ct_cert_scts =     954;
+  SN_jurisdictionLocalityName =    'jurisdictionL';
+  LN_jurisdictionLocalityName =    'jurisdictionLocalityName';
+  NID_jurisdictionLocalityName =    955;
+  SN_jurisdictionStateOrProvinceName =    'jurisdictionST';
+  LN_jurisdictionStateOrProvinceName =    'jurisdictionStateOrProvinceName';
+  NID_jurisdictionStateOrProvinceName =    956;
+  SN_jurisdictionCountryName =    'jurisdictionC';
+  LN_jurisdictionCountryName =    'jurisdictionCountryName';
+  NID_jurisdictionCountryName =    957;
+  SN_id_scrypt =    'id-scrypt';
+  LN_id_scrypt =    'scrypt';
+  NID_id_scrypt =    973;
+  SN_tls1_prf =    'TLS1-PRF';
+  LN_tls1_prf =    'tls1-prf';
+  NID_tls1_prf =    1021;
+  SN_hkdf =   'HKDF';
+  LN_hkdf =   'hkdf';
+  NID_hkdf =     1036;
+  SN_id_pkinit =    'id-pkinit';
+  NID_id_pkinit =    1031;
+  SN_pkInitClientAuth =    'pkInitClientAuth';
+  LN_pkInitClientAuth =    'PKINIT Client Auth';
+  NID_pkInitClientAuth =    1032;
+  SN_pkInitKDC =    'pkInitKDC';
+  LN_pkInitKDC =    'Signing KDC Response';
+  NID_pkInitKDC =    1033;
+  SN_X25519 =     'X25519';
+  NID_X25519 =    1034;
+  SN_X448 =   'X448';
+  NID_X448 =     1035;
+  SN_ED25519 =    'ED25519';
+  NID_ED25519 =    1087;
+  SN_ED448 =     'ED448';
+  NID_ED448 =     1088;
+  SN_kx_rsa =     'KxRSA';
+  LN_kx_rsa =     'kx-rsa';
+  NID_kx_rsa =    1037;
+  SN_kx_ecdhe =    'KxECDHE';
+  LN_kx_ecdhe =    'kx-ecdhe';
+  NID_kx_ecdhe =    1038;
+  SN_kx_dhe =     'KxDHE';
+  LN_kx_dhe =     'kx-dhe';
+  NID_kx_dhe =    1039;
+  SN_kx_ecdhe_psk =   'KxECDHE-PSK';
+  LN_kx_ecdhe_psk =   'kx-ecdhe-psk';
+  NID_kx_ecdhe_psk =     1040;
+  SN_kx_dhe_psk =    'KxDHE-PSK';
+  LN_kx_dhe_psk =    'kx-dhe-psk';
+  NID_kx_dhe_psk =   1041;
+  SN_kx_rsa_psk =    'KxRSA_PSK';
+  LN_kx_rsa_psk =    'kx-rsa-psk';
+  NID_kx_rsa_psk =   1042;
+  SN_kx_psk =     'KxPSK';
+  LN_kx_psk =     'kx-psk';
+  NID_kx_psk =    1043;
+  SN_kx_srp =     'KxSRP';
+  LN_kx_srp =     'kx-srp';
+  NID_kx_srp =    1044;
+  SN_kx_gost =    'KxGOST';
+  LN_kx_gost =    'kx-gost';
+  NID_kx_gost =    1045;
+  SN_kx_any =     'KxANY';
+  LN_kx_any =     'kx-any';
+  NID_kx_any =    1063;
+  SN_auth_rsa =    'AuthRSA';
+  LN_auth_rsa =    'auth-rsa';
+  NID_auth_rsa =    1046;
+  SN_auth_ecdsa =    'AuthECDSA';
+  LN_auth_ecdsa =    'auth-ecdsa';
+  NID_auth_ecdsa =   1047;
+  SN_auth_psk =    'AuthPSK';
+  LN_auth_psk =    'auth-psk';
+  NID_auth_psk =    1048;
+  SN_auth_dss =    'AuthDSS';
+  LN_auth_dss =    'auth-dss';
+  NID_auth_dss =    1049;
+  SN_auth_gost01 =   'AuthGOST01';
+  LN_auth_gost01 =   'auth-gost01';
+  NID_auth_gost01 =   1050;
+  SN_auth_gost12 =   'AuthGOST12';
+  LN_auth_gost12 =   'auth-gost12';
+  NID_auth_gost12 =   1051;
+  SN_auth_srp =    'AuthSRP';
+  LN_auth_srp =    'auth-srp';
+  NID_auth_srp =    1052;
+  SN_auth_null =    'AuthNULL';
+  LN_auth_null =    'auth-null';
+  NID_auth_null =    1053;
+  SN_auth_any =    'AuthANY';
+  LN_auth_any =    'auth-any';
+  NID_auth_any =    1064;
+  SN_poly1305 =    'Poly1305';
+  LN_poly1305 =    'poly1305';
+  NID_poly1305 =    1061;
+  SN_siphash =    'SipHash';
+  LN_siphash =    'siphash';
+  NID_siphash =    1062;
+  SN_ffdhe2048 =    'ffdhe2048';
+  NID_ffdhe2048 =    1126;
+  SN_ffdhe3072 =    'ffdhe3072';
+  NID_ffdhe3072 =    1127;
+  SN_ffdhe4096 =    'ffdhe4096';
+  NID_ffdhe4096 =    1128;
+  SN_ffdhe6144 =    'ffdhe6144';
+  NID_ffdhe6144 =    1129;
+  SN_ffdhe8192 =    'ffdhe8192';
+  NID_ffdhe8192 =    1130;
+  SN_ISO_UA =     'ISO-UA';
+  NID_ISO_UA =    1150;
+  SN_ua_pki =     'ua-pki';
+  NID_ua_pki =    1151;
+  SN_dstu28147 =    'dstu28147';
+  LN_dstu28147 =    'DSTU Gost 28147-2009';
+  NID_dstu28147 =    1152;
+  SN_dstu28147_ofb =     'dstu28147-ofb';
+  LN_dstu28147_ofb =     'DSTU Gost 28147-2009 OFB mode';
+  NID_dstu28147_ofb =     1153;
+  SN_dstu28147_cfb =     'dstu28147-cfb';
+  LN_dstu28147_cfb =     'DSTU Gost 28147-2009 CFB mode';
+  NID_dstu28147_cfb =     1154;
+  SN_dstu28147_wrap =     'dstu28147-wrap';
+  LN_dstu28147_wrap =     'DSTU Gost 28147-2009 key wrap';
+  NID_dstu28147_wrap =    1155;
+  SN_hmacWithDstu34311 =    'hmacWithDstu34311';
+  LN_hmacWithDstu34311 =    'HMAC DSTU Gost 34311-95';
+  NID_hmacWithDstu34311 =    1156;
+  SN_dstu34311 =    'dstu34311';
+  LN_dstu34311 =    'DSTU Gost 34311-95';
+  NID_dstu34311 =    1157;
+  SN_dstu4145le =    'dstu4145le';
+  LN_dstu4145le =    'DSTU 4145-2002 little endian';
+  NID_dstu4145le =   1158;
+  SN_dstu4145be =    'dstu4145be';
+  LN_dstu4145be =    'DSTU 4145-2002 big endian';
+  NID_dstu4145be =   1159;
+  SN_uacurve0 =    'uacurve0';
+  LN_uacurve0 =    'DSTU curve 0';
+  NID_uacurve0 =    1160;
+  SN_uacurve1 =    'uacurve1';
+  LN_uacurve1 =    'DSTU curve 1';
+  NID_uacurve1 =    1161;
+  SN_uacurve2 =    'uacurve2';
+  LN_uacurve2 =    'DSTU curve 2';
+  NID_uacurve2 =    1162;
+  SN_uacurve3 =    'uacurve3';
+  LN_uacurve3 =    'DSTU curve 3';
+  NID_uacurve3 =    1163;
+  SN_uacurve4 =    'uacurve4';
+  LN_uacurve4 =    'DSTU curve 4';
+  NID_uacurve4 =    1164;
+  SN_uacurve5 =    'uacurve5';
+  LN_uacurve5 =    'DSTU curve 5';
+  NID_uacurve5 =    1165;
+  SN_uacurve6 =    'uacurve6';
+  LN_uacurve6 =    'DSTU curve 6';
+  NID_uacurve6 =    1166;
+  SN_uacurve7 =    'uacurve7';
+  LN_uacurve7 =    'DSTU curve 7';
+  NID_uacurve7 =    1167;
+  SN_uacurve8 =    'uacurve8';
+  LN_uacurve8 =    'DSTU curve 8';
+  NID_uacurve8 =    1168;
+  SN_uacurve9 =    'uacurve9';
+  LN_uacurve9 =    'DSTU curve 9';
+  NID_uacurve9 =    1169;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_objects.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_objects.pas
new file mode 100644
index 000000000..aef7c2079
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_objects.pas
@@ -0,0 +1,181 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+unit IdOpenSSLHeaders_objects;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// objects.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts,
+  IdOpenSSLHeaders_ossl_typ;
+
+type
+  obj_name_st = record
+    &type: TIdC_INT;
+    alias: TIdC_INT;
+    name: PIdAnsiChar;
+    data: PIdAnsiChar;
+  end;
+  OBJ_NAME = obj_name_st;
+  POBJ_NAME = ^OBJ_NAME;
+
+//# define         OBJ_create_and_add_object(a,b,c) OBJ_create(a,b,c)
+
+var
+  function OBJ_NAME_init: TIdC_INT;
+  //TIdC_INT OBJ_NAME_new_index(TIdC_ULONG (*hash_func) (const PIdAnsiChar *);
+  //                       TIdC_INT (*cmp_func) (const PIdAnsiChar *; const PIdAnsiChar *);
+  //                       void (*free_func) (const PIdAnsiChar *; TIdC_INT; const PIdAnsiChar *));
+  function OBJ_NAME_get(const name: PIdAnsiChar; &type: TIdC_INT): PIdAnsiChar;
+  function OBJ_NAME_add(const name: PIdAnsiChar; &type: TIdC_INT; const data: PIdAnsiChar): TIdC_INT;
+  function OBJ_NAME_remove(const name: PIdAnsiChar; &type: TIdC_INT): TIdC_INT;
+  procedure OBJ_NAME_cleanup(&type: TIdC_INT);
+//  void OBJ_NAME_do_all(TIdC_INT &type; void (*fn) (const OBJ_NAME *; void *arg);
+//                       void *arg);
+//  void OBJ_NAME_do_all_sorted(TIdC_INT &type;
+//                              void (*fn) (const OBJ_NAME *; void *arg);
+//                              void *arg);
+
+  function OBJ_dup(const o: PASN1_OBJECT): PASN1_OBJECT;
+  function OBJ_nid2obj(n: TIdC_INT): PASN1_OBJECT;
+  function OBJ_nid2ln(n: TIdC_INT): PIdAnsiChar;
+  function OBJ_nid2sn(n: TIdC_INT): PIdAnsiChar;
+  function OBJ_obj2nid(const o: PASN1_OBJECT): TIdC_INT;
+  function OBJ_txt2obj(const s: PIdAnsiChar; no_name: TIdC_INT): PASN1_OBJECT;
+  function OBJ_obj2txt(buf: PIdAnsiChar; buf_len: TIdC_INT; const a: PASN1_OBJECT; no_name: TIdC_INT): TIdC_INT;
+  function OBJ_txt2nid(const s: PIdAnsiChar): TIdC_INT;
+  function OBJ_ln2nid(const s: PIdAnsiChar): TIdC_INT;
+  function OBJ_sn2nid(const s: PIdAnsiChar): TIdC_INT;
+  function OBJ_cmp(const a: PASN1_OBJECT; const b: PASN1_OBJECT): TIdC_INT;
+//  const void *OBJ_bsearch_(const void *key; const void *base; TIdC_INT num; TIdC_INT size;
+//                           TIdC_INT (*cmp) (const void *; const void *));
+//  const void *OBJ_bsearch_ex_(const void *key; const void *base; TIdC_INT num;
+//                              TIdC_INT size;
+//                              TIdC_INT (*cmp) (const void *; const void *);
+//                              TIdC_INT flags);
+
+  //# define _DECLARE_OBJ_BSEARCH_CMP_FN(scope; type1; type2; nm)    \
+  //  static TIdC_INT nm##_cmp_BSEARCH_CMP_FN(const void *; const void *); \
+  //  static TIdC_INT nm##_cmp(type1 const *; type2 const *); \
+  //  scope type2 * OBJ_bsearch_##nm(type1 *key; type2 const *base; TIdC_INT num)
+  //
+  //# define DECLARE_OBJ_BSEARCH_CMP_FN(type1; type2; cmp)   \
+  //  _DECLARE_OBJ_BSEARCH_CMP_FN(static; type1; type2; cmp)
+  //# define DECLARE_OBJ_BSEARCH_GLOBAL_CMP_FN(type1; type2; nm)     \
+  //  type2 * OBJ_bsearch_##nm(type1 *key; type2 const *base; TIdC_INT num)
+
+  (*
+   * Unsolved problem: if a type is actually a pointer type, like
+   * nid_triple is, then its impossible to get a const where you need
+   * it. Consider:
+   *
+   * typedef TIdC_INT nid_triple[3];
+   * const void *a_;
+   * const nid_triple const *a = a_;
+   *
+   * The assignment discards a const because what you really want is:
+   *
+   * const TIdC_INT const * const *a = a_;
+   *
+   * But if you do that, you lose the fact that a is an array of 3 ints,
+   * which breaks comparison functions.
+   *
+   * Thus we end up having to cast, sadly, or unpack the
+   * declarations. Or, as I finally did in this case, declare nid_triple
+   * to be a struct, which it should have been in the first place.
+   *
+   * Ben, August 2008.
+   *
+   * Also, strictly speaking not all types need be const, but handling
+   * the non-constness means a lot of complication, and in practice
+   * comparison routines do always not touch their arguments.
+   *)
+
+  //# define IMPLEMENT_OBJ_BSEARCH_CMP_FN(type1, type2, nm)  \
+  //  static TIdC_INT nm##_cmp_BSEARCH_CMP_FN(const void *a_; const void *b_)    \
+  //      { \
+  //      type1 const *a = a_; \
+  //      type2 const *b = b_; \
+  //      return nm##_cmp(a;b); \
+  //      } \
+  //  static type2 *OBJ_bsearch_##nm(type1 *key; type2 const *base; TIdC_INT num) \
+  //      { \
+  //      return (type2 *)OBJ_bsearch_(key; base; num; sizeof(type2); \
+  //                                        nm##_cmp_BSEARCH_CMP_FN); \
+  //      } \
+  //      extern void dummy_prototype(void)
+  //
+  //# define IMPLEMENT_OBJ_BSEARCH_GLOBAL_CMP_FN(type1; type2; nm)   \
+  //  static TIdC_INT nm##_cmp_BSEARCH_CMP_FN(const void *a_; const void *b_)    \
+  //      { \
+  //      type1 const *a = a_; \
+  //      type2 const *b = b_; \
+  //      return nm##_cmp(a;b); \
+  //      } \
+  //  type2 *OBJ_bsearch_##nm(type1 *key; type2 const *base; TIdC_INT num) \
+  //      { \
+  //      return (type2 *)OBJ_bsearch_(key; base; num; sizeof(type2); \
+  //                                        nm##_cmp_BSEARCH_CMP_FN); \
+  //      } \
+  //      extern void dummy_prototype(void)
+  //
+  //# define OBJ_bsearch(type1;key;type2;base;num;cmp)                              \
+  //  ((type2 *)OBJ_bsearch_(CHECKED_PTR_OF(type1;key);CHECKED_PTR_OF(type2;base); \
+  //                         num;sizeof(type2);                             \
+  //                         ((void)CHECKED_PTR_OF(type1;cmp##_type_1);     \
+  //                          (void)CHECKED_PTR_OF(type2;cmp##_type_2);     \
+  //                          cmp##_BSEARCH_CMP_FN)))
+  //
+  //# define OBJ_bsearch_ex(type1;key;type2;base;num;cmp;flags)                      \
+  //  ((type2 *)OBJ_bsearch_ex_(CHECKED_PTR_OF(type1;key);CHECKED_PTR_OF(type2;base); \
+  //                         num;sizeof(type2);                             \
+  //                         ((void)CHECKED_PTR_OF(type1;cmp##_type_1);     \
+  //                          (void)type_2=CHECKED_PTR_OF(type2;cmp##_type_2); \
+  //                          cmp##_BSEARCH_CMP_FN));flags)
+
+  function OBJ_new_nid(num: TIdC_INT): TIdC_INT;
+  function OBJ_add_object(const obj: PASN1_OBJECT): TIdC_INT;
+  function OBJ_create(const oid: PIdAnsiChar; const sn: PIdAnsiChar; const ln: PIdAnsiChar): TIdC_INT;
+  function OBJ_create_objects(&in: PBIO): TIdC_INT;
+
+  function OBJ_length(const obj: PASN1_OBJECT): TIdC_SIZET;
+  function OBJ_get0_data(const obj: PASN1_OBJECT): PByte;
+
+  function OBJ_find_sigid_algs(signid: TIdC_INT; pdig_nid: PIdC_INT; ppkey_nid: PIdC_INT): TIdC_INT;
+  function OBJ_find_sigid_by_algs(psignid: PIdC_INT; dig_nid: TIdC_INT; pkey_nid: TIdC_INT): TIdC_INT;
+  function OBJ_add_sigid(signid: TIdC_INT; dig_id: TIdC_INT; pkey_id: TIdC_INT): TIdC_INT;
+  procedure OBJ_sigid_free;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_objectserr.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_objectserr.pas
new file mode 100644
index 000000000..01f34d279
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_objectserr.pas
@@ -0,0 +1,66 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+unit IdOpenSSLHeaders_objectserr;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// objectserr.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+const
+  (*
+   * OBJ function codes.
+   *)
+  OBJ_F_OBJ_ADD_OBJECT =  105;
+  OBJ_F_OBJ_ADD_SIGID =  107;
+  OBJ_F_OBJ_CREATE =   100;
+  OBJ_F_OBJ_DUP =   101;
+  OBJ_F_OBJ_NAME_NEW_INDEX =  106;
+  OBJ_F_OBJ_NID2LN =   102;
+  OBJ_F_OBJ_NID2OBJ =   103;
+  OBJ_F_OBJ_NID2SN =   104;
+  OBJ_F_OBJ_TXT2OBJ =   108;
+
+  (*
+   * OBJ reason codes.
+   *)
+  OBJ_R_OID_EXISTS = 102;
+  OBJ_R_UNKNOWN_NID = 101;
+
+var
+  function ERR_load_OBJ_strings: TIdC_INT;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ocsperr.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ocsperr.pas
new file mode 100644
index 000000000..eae45808c
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ocsperr.pas
@@ -0,0 +1,97 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+unit IdOpenSSLHeaders_ocsperr;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// ocsperr.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+const
+  (*
+   * OCSP function codes.
+   *)
+  OCSP_F_D2I_OCSP_NONCE = 102;
+  OCSP_F_OCSP_BASIC_ADD1_STATUS = 103;
+  OCSP_F_OCSP_BASIC_SIGN = 104;
+  OCSP_F_OCSP_BASIC_SIGN_CTX = 119;
+  OCSP_F_OCSP_BASIC_VERIFY = 105;
+  OCSP_F_OCSP_CERT_ID_NEW = 101;
+  OCSP_F_OCSP_CHECK_DELEGATED = 106;
+  OCSP_F_OCSP_CHECK_IDS = 107;
+  OCSP_F_OCSP_CHECK_ISSUER = 108;
+  OCSP_F_OCSP_CHECK_VALIDITY = 115;
+  OCSP_F_OCSP_MATCH_ISSUERID = 109;
+  OCSP_F_OCSP_PARSE_URL = 114;
+  OCSP_F_OCSP_REQUEST_SIGN = 110;
+  OCSP_F_OCSP_REQUEST_VERIFY = 116;
+  OCSP_F_OCSP_RESPONSE_GET1_BASIC = 111;
+  OCSP_F_PARSE_HTTP_LINE1 = 118;
+
+  (*
+   * OCSP reason codes.
+   *)
+  OCSP_R_CERTIFICATE_VERIFY_ERROR = 101;
+  OCSP_R_DIGEST_ERR = 102;
+  OCSP_R_ERROR_IN_NEXTUPDATE_FIELD = 122;
+  OCSP_R_ERROR_IN_THISUPDATE_FIELD = 123;
+  OCSP_R_ERROR_PARSING_URL = 121;
+  OCSP_R_MISSING_OCSPSIGNING_USAGE = 103;
+  OCSP_R_NEXTUPDATE_BEFORE_THISUPDATE = 124;
+  OCSP_R_NOT_BASIC_RESPONSE = 104;
+  OCSP_R_NO_CERTIFICATES_IN_CHAIN = 105;
+  OCSP_R_NO_RESPONSE_DATA = 108;
+  OCSP_R_NO_REVOKED_TIME = 109;
+  OCSP_R_NO_SIGNER_KEY = 130;
+  OCSP_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE = 110;
+  OCSP_R_REQUEST_NOT_SIGNED = 128;
+  OCSP_R_RESPONSE_CONTAINS_NO_REVOCATION_DATA = 111;
+  OCSP_R_ROOT_CA_NOT_TRUSTED = 112;
+  OCSP_R_SERVER_RESPONSE_ERROR = 114;
+  OCSP_R_SERVER_RESPONSE_PARSE_ERROR = 115;
+  OCSP_R_SIGNATURE_FAILURE = 117;
+  OCSP_R_SIGNER_CERTIFICATE_NOT_FOUND = 118;
+  OCSP_R_STATUS_EXPIRED = 125;
+  OCSP_R_STATUS_NOT_YET_VALID = 126;
+  OCSP_R_STATUS_TOO_OLD = 127;
+  OCSP_R_UNKNOWN_MESSAGE_DIGEST = 119;
+  OCSP_R_UNKNOWN_NID = 120;
+  OCSP_R_UNSUPPORTED_REQUESTORNAME_TYPE = 129;
+
+var
+  function ERR_load_OCSP_strings: TIdC_INT;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ossl_typ.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ossl_typ.pas
new file mode 100644
index 000000000..328f60c70
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ossl_typ.pas
@@ -0,0 +1,529 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+unit IdOpenSSLHeaders_ossl_typ;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// ossl_typ.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
type
+{$REGION 'moved from unit "asn1" to prevent circular references'}
+  asn1_string_st = record
+    length: TIdC_INT;
+    &type: TIdC_INT;
+    data: PByte;
+    (*
+     * The value of the following field depends on the type being held.  It
+     * is mostly being used for BIT_STRING so if the input data has a
+     * non-zero 'unused bits' value, it will be handled correctly
+     *)
+    flags: TIdC_LONG;
+  end;
+{$ENDREGION}
+
+  // moved from asn1  
+  ASN1_VALUE_st = type Pointer;
+  ASN1_VALUE = ASN1_VALUE_st;
+  PASN1_VALUE = ^ASN1_VALUE;
+  PPASN1_VALUE = ^PASN1_VALUE;
+
+  // moved from e_os2
+  ossl_ssize_t = type {$IFDEF WIN64}TIdC_INT64{$ELSE}TIdC_INT{$ENDIF};
+
+  asn1_object_st = type Pointer;
+  ASN1_OBJECT = asn1_object_st;
+  PASN1_OBJECT = ^ASN1_OBJECT;
+  PPASN1_OBJECT = ^PASN1_OBJECT;
+
+  ASN1_INTEGER = type asn1_string_st;
+  PASN1_INTEGER = ^ASN1_INTEGER;
+  PPASN1_INTEGER = ^PASN1_INTEGER;
+
+  ASN1_ENUMERATED = type asn1_string_st;
+  PASN1_ENUMERATED = ^ASN1_ENUMERATED;
+
+  ASN1_BIT_STRING = type asn1_string_st;
+  PASN1_BIT_STRING = ^ASN1_BIT_STRING;
+  PPASN1_BIT_STRING = ^PASN1_BIT_STRING;
+
+  ASN1_OCTET_STRING = type asn1_string_st;
+  PASN1_OCTET_STRING = ^ASN1_OCTET_STRING;
+  PPASN1_OCTET_STRING = ^PASN1_OCTET_STRING;
+
+  ASN1_PRINTABLESTRING = type asn1_string_st;
+  PASN1_PRINTABLESTRING = ^ASN1_PRINTABLESTRING;
+
+  ASN1_T61STRING = type asn1_string_st;
+  PASN1_T61STRING = ^ASN1_T61STRING;
+
+  ASN1_IA5STRING = type asn1_string_st;
+  PASN1_IA5STRING = ^ASN1_IA5STRING;
+
+  ASN1_GENERALSTRING = type asn1_string_st;
+  PASN1_GENERALSTRING = ^ASN1_GENERALSTRING;
+
+  ASN1_UNIVERSALSTRING = type asn1_string_st;
+  PASN1_UNIVERSALSTRING = ^ASN1_UNIVERSALSTRING;
+
+  ASN1_BMPSTRING = type asn1_string_st;
+  PASN1_BMPSTRING = ^ASN1_BMPSTRING;
+
+  ASN1_UTCTIME = type asn1_string_st;
+  PASN1_UTCTIME = ^ASN1_UTCTIME;
+
+  ASN1_TIME = type asn1_string_st;
+  PASN1_TIME = ^ASN1_TIME;
+
+  ASN1_GENERALIZEDTIME = type asn1_string_st;
+  PASN1_GENERALIZEDTIME = ^ASN1_GENERALIZEDTIME;
+  PPASN1_GENERALIZEDTIME = ^PASN1_GENERALIZEDTIME;
+
+  ASN1_VISIBLESTRING = type asn1_string_st;
+  PASN1_VISIBLESTRING = ^ASN1_VISIBLESTRING;
+
+  ASN1_UTF8STRING = type asn1_string_st;
+  PASN1_UTF8STRING = ^ASN1_UTF8STRING;
+
+  ASN1_STRING = type asn1_string_st;
+  PASN1_STRING = ^ASN1_STRING;
+  PPASN1_STRING = ^PASN1_STRING;
+
+  ASN1_BOOLEAN = type TIdC_INT;
+  PASN1_BOOLEAN = ^ASN1_BOOLEAN;
+
+  ASN1_NULL = type TIdC_INT;
+  PASN1_NULL = ^ASN1_NULL;
+
+  
+  ASN1_ITEM_st = type Pointer;
+  ASN1_ITEM = ASN1_ITEM_st;
+  PASN1_ITEM = ^ASN1_ITEM;
+  
+  asn1_pctx_st = type Pointer;
+  ASN1_PCTX = asn1_pctx_st;
+  PASN1_PCTX = ^ASN1_PCTX;
+  
+  asn1_sctx_st = type Pointer;
+  ASN1_SCTX = asn1_sctx_st;
+  PASN1_SCTX = ^ASN1_SCTX;
+
+  dane_st = type Pointer;
+  bio_st = type Pointer;
+  BIO = bio_st;
+  PBIO = ^BIO;
+  PPBIO  = ^PBIO;
+  bignum_st = type Pointer;
+  BIGNUM = bignum_st;
+  PBIGNUM = ^BIGNUM;
+  PPBIGNUM  = ^PBIGNUM;
+  bignum_ctx = type Pointer;
+  BN_CTX = bignum_ctx;
+  PBN_CTX = ^BN_CTX;
+  bn_blinding_st = type Pointer;
+  BN_BLINDING = bn_blinding_st;
+  PBN_BLINDING = ^BN_BLINDING;
+  bn_mont_ctx_st = type Pointer;
+  BN_MONT_CTX = bn_mont_ctx_st;
+  PBN_MONT_CTX = ^BN_MONT_CTX;
+  bn_recp_ctx_st = type Pointer;
+  BN_RECP_CTX = bn_recp_ctx_st;
+  PBN_RECP_CTX = ^BN_RECP_CTX;
+  bn_gencb_st = type Pointer;
+  BN_GENCB = bn_gencb_st;
+  PBN_GENCB = ^BN_GENCB;
+  
+  buf_mem_st = type Pointer;
+  BUF_MEM = buf_mem_st;
+  PBUF_MEM = ^BUF_MEM;
+
+  evp_cipher_st = type Pointer;
+  EVP_CIPHER = evp_cipher_st;
+  PEVP_CIPHER = ^EVP_CIPHER;
+  PPEVP_CIPHER = ^PEVP_CIPHER;
+  evp_cipher_ctx_st = type Pointer;
+  EVP_CIPHER_CTX = evp_cipher_ctx_st;
+  PEVP_CIPHER_CTX = ^EVP_CIPHER_CTX;
+  evp_md_st = type Pointer;
+  EVP_MD = evp_md_st;
+  PEVP_MD = ^EVP_MD;
+  PPEVP_MD = ^PEVP_MD;
+  evp_md_ctx_st = type Pointer;
+  EVP_MD_CTX = evp_md_ctx_st;
+  PEVP_MD_CTX = ^EVP_MD_CTX;
+  evp_pkey_st = type Pointer;
+  EVP_PKEY = evp_pkey_st;
+  PEVP_PKEY = ^EVP_PKEY;
+  PPEVP_PKEY = ^PEVP_PKEY;
+  
+  evp_pkey_asn1_method_st = type Pointer;
+  EVP_PKEY_ASN1_METHOD = evp_pkey_asn1_method_st;
+  PEVP_PKEY_ASN1_METHOD = ^EVP_PKEY_ASN1_METHOD;
+  PPEVP_PKEY_ASN1_METHOD = ^PEVP_PKEY_ASN1_METHOD;
+  
+  evp_pkey_method_st = type Pointer;
+  EVP_PKEY_METHOD = evp_pkey_method_st;
+  PEVP_PKEY_METHOD = ^EVP_PKEY_METHOD;
+  PPEVP_PKEY_METHOD = ^PEVP_PKEY_METHOD;
+  evp_pkey_ctx_st = type Pointer;
+  EVP_PKEY_CTX = evp_pkey_ctx_st;
+  PEVP_PKEY_CTX = ^EVP_PKEY_CTX;
+  PPEVP_PKEY_CTX = ^PEVP_PKEY_CTX;
+  
+  evp_Encode_Ctx_st = type Pointer;
+  EVP_ENCODE_CTX = evp_Encode_Ctx_st;
+  PEVP_ENCODE_CTX = ^EVP_ENCODE_CTX;
+
+  hmac_ctx_st = type Pointer;
+  HMAC_CTX = hmac_ctx_st;
+  PHMAC_CTX = ^HMAC_CTX;
+  
+  dh_st = type Pointer;
+  DH = dh_st;
+  PDH = ^DH;
+  PPDH = ^PDH;
+  dh_method_st = type Pointer;
+  DH_METHOD = dh_method_st;
+  PDH_METHOD = ^DH_METHOD;
+  
+  dsa_st = type Pointer;
+  DSA = dsa_st;
+  PDSA = ^DSA;
+  PPDSA = ^PDSA;
+  dsa_method_st = type Pointer;
+  DSA_METHOD = dsa_method_st;
+  PDSA_METHOD = ^DSA_METHOD;
+  
+  rsa_st = type Pointer;
+  RSA = rsa_st;
+  PRSA = ^RSA;
+  PPRSA = ^PRSA;
+  rsa_meth_st = type Pointer;
+  RSA_METHOD = rsa_meth_st;
+  PRSA_METHOD = ^RSA_METHOD;
+
+  ec_key_st = type Pointer;
+  EC_KEY = ec_key_st;
+  PEC_KEY = ^EC_KEY;
+  PPEC_KEY = ^PEC_KEY;
+  ec_key_method_st = type Pointer;
+  EC_KEY_METHOD = ec_key_method_st;
+  PEC_KEY_METHOD = ^EC_KEY_METHOD;
+  
+  rand_meth_st = type Pointer;
+  RAND_METHOD = rand_meth_st;
+  PRAND_METHOD = ^RAND_METHOD;
+  rand_drbg_st = type Pointer;
+  RAND_DRBG = rand_drbg_st;
+  PRAND_DRBG = ^RAND_DRBG;
+  
+  ssl_dane_st = type Pointer;
+  SSL_DANE = ssl_dane_st;
+  PSSL_DANE = ^SSL_DANE;
+  x509_st = type Pointer;
+  X509 = x509_st;
+  PX509 = ^X509;
+  PPX509 = ^PX509;
+  X509_crl_st = type Pointer;
+  X509_CRL = X509_crl_st;
+  PX509_CRL = ^X509_CRL;
+  PPX509_CRL = ^PX509_CRL;
+  x509_crl_method_st = type Pointer;
+  X509_CRL_METHOD = x509_crl_method_st;
+  PX509_CRL_METHOD = ^X509_CRL_METHOD;
+  x509_revoked_st = type Pointer;
+  X509_REVOKED = x509_revoked_st;
+  PX509_REVOKED = ^X509_REVOKED;
+  X509_name_st = type Pointer;
+  X509_NAME = X509_name_st;
+  PX509_NAME = ^X509_NAME;
+  PPX509_NAME = ^PX509_NAME;
+  X509_pubkey_st = type Pointer;
+  X509_PUBKEY = X509_pubkey_st;
+  PX509_PUBKEY = ^X509_PUBKEY;
+  PPX509_PUBKEY = ^PX509_PUBKEY;
+  x509_store_st = type Pointer;
+  X509_STORE = x509_store_st;
+  PX509_STORE = ^X509_STORE;
+  x509_store_ctx_st = type Pointer;
+  X509_STORE_CTX = x509_store_ctx_st;
+  PX509_STORE_CTX = ^X509_STORE_CTX;
+  
+  x509_object_st = type Pointer;
+  X509_OBJECT = x509_object_st;
+  PX509_OBJECT = ^X509_OBJECT;
+  x509_lookup_st = type Pointer;
+  X509_LOOKUP = x509_lookup_st;
+  PX509_LOOKUP = ^X509_LOOKUP;
+  x509_lookup_method_st = type Pointer;
+  X509_LOOKUP_METHOD = x509_lookup_method_st;
+  PX509_LOOKUP_METHOD = ^X509_LOOKUP_METHOD;
+  X509_VERIFY_PARAM_st = type Pointer;
+  X509_VERIFY_PARAM = X509_VERIFY_PARAM_st;
+  PX509_VERIFY_PARAM = ^X509_VERIFY_PARAM;
+  
+  x509_sig_info_st = type Pointer;
+  X509_SIG_INFO = x509_sig_info_st;
+  PX509_SIG_INFO = ^X509_SIG_INFO;
+
+  pkcs8_priv_key_info_st = type Pointer;
+  PKCS8_PRIV_KEY_INFO = pkcs8_priv_key_info_st;
+  PPKCS8_PRIV_KEY_INFO = ^PKCS8_PRIV_KEY_INFO;
+  PPPKCS8_PRIV_KEY_INFO = ^PPKCS8_PRIV_KEY_INFO;
+
+// moved from x509 to prevent circular references
+  X509_REQ = type Pointer; // X509_req_st
+  PX509_REQ = ^X509_REQ;
+  PPX509_REQ = ^PX509_REQ;
+
+// moved from x509v3 to prevent circular references
+  (* Context specific info *)
+  v3_ext_ctx = record
+    flags: TIdC_INT;
+    issuer_cert: PX509;
+    subject_cert: PX509;
+    subject_req: PX509_REQ;
+    crl: PX509_CRL;
+    db_meth: Pointer; //PX509V3_CONF_METHOD;
+    db: Pointer;
+  (* Maybe more here *)
+  end;
+//  v3_ext_ctx = type Pointer;
+  X509V3_CTX = v3_ext_ctx;
+  PX509V3_CTX = ^X509V3_CTX;
+  conf_st = type Pointer;
+  CONF = conf_st;
+  PCONF = ^CONF;
+  ossl_init_settings_st = type Pointer;
+  OPENSSL_INIT_SETTINGS = ossl_init_settings_st;
+  POPENSSL_INIT_SETTINGS = ^OPENSSL_INIT_SETTINGS;
+
+  ui_st = type Pointer;
+  UI = ui_st;
+  PUI = ^UI;
+  ui_method_st = type Pointer;
+  UI_METHOD = ui_method_st;
+  PUI_METHOD = ^UI_METHOD;
+  
+  engine_st = type Pointer;
+  ENGINE = engine_st;
+  PENGINE = ^ENGINE;
+  PPENGINE = ^PENGINE;
+  ssl_st = type Pointer;
+  SSL = ssl_st;
+  PSSL = ^SSL;
+  ssl_ctx_st = type Pointer;
+  SSL_CTX = ssl_ctx_st;
+  PSSL_CTX = ^SSL_CTX;
+  PPSSL_CTX  = ^PSSL_CTX;
+  
+  comp_ctx_st = type Pointer;
+  COMP_CTX = comp_ctx_st;
+  PCOMP_CTX = ^COMP_CTX;
+  comp_method_st = type Pointer;
+  COMP_METHOD = comp_method_st;
+  PCOMP_METHOD = ^COMP_METHOD;
+  
+  X509_POLICY_NODE_st = type Pointer;
+  X509_POLICY_NODE = X509_POLICY_NODE_st;
+  PX509_POLICY_NODE = ^X509_POLICY_NODE;
+  X509_POLICY_LEVEL_st = type Pointer;
+  X509_POLICY_LEVEL = X509_POLICY_LEVEL_st;
+  PX509_POLICY_LEVEL = ^X509_POLICY_LEVEL;
+  X509_POLICY_TREE_st = type Pointer;
+  X509_POLICY_TREE = X509_POLICY_TREE_st;
+  PX509_POLICY_TREE = ^X509_POLICY_TREE;
+  X509_POLICY_CACHE_st = type Pointer;
+  X509_POLICY_CACHE = X509_POLICY_CACHE_st;
+  PX509_POLICY_CACHE = ^X509_POLICY_CACHE;
+  
+  AUTHORITY_KEYID_st = type Pointer;
+  AUTHORITY_KEYID = AUTHORITY_KEYID_st;
+  PAUTHORITY_KEYID = ^AUTHORITY_KEYID;
+  DIST_POINT_st = type Pointer;
+  DIST_POINT = DIST_POINT_st;
+  PDIST_POINT = ^DIST_POINT;
+  ISSUING_DIST_POINT_st = type Pointer;
+  ISSUING_DIST_POINT = ISSUING_DIST_POINT_st;
+  PISSUING_DIST_POINT = ^ISSUING_DIST_POINT;
+  NAME_CONSTRAINTS_st = type Pointer;
+  NAME_CONSTRAINTS = NAME_CONSTRAINTS_st;
+  PNAME_CONSTRAINTS = ^NAME_CONSTRAINTS;
+  
+  crypto_ex_data_st = type Pointer;
+  CRYPTO_EX_DATA = crypto_ex_data_st;
+  PCRYPTO_EX_DATA = ^CRYPTO_EX_DATA;
+  
+  ocsp_req_ctx_st = type Pointer;
+  OCSP_REQ_CTX = ocsp_req_ctx_st;
+  POCSP_REQ_CTX = ^OCSP_REQ_CTX;
+  ocsp_response_st = type Pointer;
+  OCSP_RESPONSE = ocsp_response_st;
+  POCSP_RESPONSE = ^OCSP_RESPONSE;
+  ocsp_responder_id_st = type Pointer;
+  OCSP_RESPID = ocsp_responder_id_st;
+  POCSP_RESPID = ^OCSP_RESPID;
+  
+  sct_st = type Pointer;
+  SCT = sct_st;
+  PSCT = ^SCT;
+  sct_ctx_st = type Pointer;
+  SCT_CTX = sct_ctx_st;
+  PSCT_CTX = ^SCT_CTX;
+  ctlog_st = type Pointer;
+  CTLOG = ctlog_st;
+  PCTLOG = ^CTLOG;
+  ctlog_store_st = type Pointer;
+  CTLOG_STORE = ctlog_store_st;
+  PCTLOG_STORE = ^CTLOG_STORE;
+  ct_policy_eval_ctx_st = type Pointer;
+  CT_POLICY_EVAL_CTX = ct_policy_eval_ctx_st;
+  PCT_POLICY_EVAL_CTX = ^CT_POLICY_EVAL_CTX;
+  
+  ossl_store_info_st = type Pointer;
+  OSSL_STORE_INFO = ossl_store_info_st;
+  POSSL_STORE_INFO = ^OSSL_STORE_INFO;
+  ossl_store_search_st = type Pointer;
+  OSSL_STORE_SEARCH = ossl_store_search_st;
+  POSSL_STORE_SEARCH = ^OSSL_STORE_SEARCH;
+
+{$REGION 'moved from unit "asn1" to prevent circular references'}
+const
+  V_ASN1_UNIVERSAL = $00;
+  V_ASN1_APPLICATION = $40;
+  V_ASN1_CONTEXT_SPECIFIC = $80;
+  V_ASN1_PRIVATE = $c0;
+
+  V_ASN1_CONSTRUCTED = $20;
+  V_ASN1_PRIMITIVE_TAG = $1f;
+  V_ASN1_PRIMATIVE_TAG = V_ASN1_PRIMITIVE_TAG;
+
+  V_ASN1_APP_CHOOSE = -2; (* let the recipient choose *)
+  V_ASN1_OTHER = -3;      (* used in ASN1_TYPE *)
+  V_ASN1_ANY = -4;        (* used in ASN1 template code *)
+
+  V_ASN1_UNDEF = -1;
+  V_ASN1_EOC =  0;
+  V_ASN1_BOOLEAN = 1;
+  V_ASN1_INTEGER = 2;
+  V_ASN1_BIT_STRING = 3;
+  V_ASN1_OCTET_STRING = 4;
+  V_ASN1_NULL = 5;
+  V_ASN1_OBJECT = 6;
+  V_ASN1_OBJECT_DESCRIPTOR = 7;
+  V_ASN1_EXTERNAL = 8;
+  V_ASN1_REAL = 9;
+  V_ASN1_ENUMERATED = 10;
+  V_ASN1_UTF8STRING = 12;
+  V_ASN1_SEQUENCE = 16;
+  V_ASN1_SET = 17;
+  V_ASN1_NUMERICSTRING = 18;
+  V_ASN1_PRINTABLESTRING = 19;
+  V_ASN1_T61STRING = 20;
+  V_ASN1_TELETEXSTRING = 20;
+  V_ASN1_VIDEOTEXSTRING = 21;
+  V_ASN1_IA5STRING = 22;
+  V_ASN1_UTCTIME = 23;
+  V_ASN1_GENERALIZEDTIME = 24;
+  V_ASN1_GRAPHICSTRING = 25;
+  V_ASN1_ISO64STRING = 26;
+  V_ASN1_VISIBLESTRING = 26;
+  V_ASN1_GENERALSTRING = 27;
+  V_ASN1_UNIVERSALSTRING = 28;
+  V_ASN1_BMPSTRING = 30;
+
+type
+  asn1_type_st = record
+    case &type: TIdC_INT of
+//      (ptr: PIdAnsichar);
+      V_ASN1_BOOLEAN: (boolean: ASN1_BOOLEAN);
+//      (asn1_string: PASN1_STRING);
+      V_ASN1_OBJECT: (&object: PASN1_OBJECT);
+      V_ASN1_INTEGER: (integer: PASN1_INTEGER);
+      V_ASN1_ENUMERATED: (enumerated: PASN1_ENUMERATED);
+      V_ASN1_BIT_STRING: (bit_string: PASN1_BIT_STRING);
+      V_ASN1_OCTET_STRING: (octet_string: PASN1_OCTET_STRING);
+      V_ASN1_PRINTABLESTRING: (printablestring: PASN1_PRINTABLESTRING);
+      V_ASN1_T61STRING: (t61string: PASN1_T61STRING);
+      V_ASN1_IA5STRING: (ia5string: PASN1_IA5STRING);
+      V_ASN1_GENERALSTRING: (generalstring: PASN1_GENERALSTRING);
+      V_ASN1_BMPSTRING: (bmpstring: PASN1_BMPSTRING);
+      V_ASN1_UNIVERSALSTRING: (universalstring: PASN1_UNIVERSALSTRING);
+      V_ASN1_UTCTIME: (utctime: PASN1_UTCTIME);
+      V_ASN1_GENERALIZEDTIME: (generalizedtime: PASN1_GENERALIZEDTIME);
+      V_ASN1_VISIBLESTRING: (visiblestring: PASN1_VISIBLESTRING);
+      V_ASN1_UTF8STRING: (utf8string: PASN1_UTF8STRING);
+      (*
+       * set and sequence are left complete and still contain the set or
+       * sequence bytes
+       *)
+      V_ASN1_SET: (&set: PASN1_STRING);
+      V_ASN1_SEQUENCE: (sequence: PASN1_STRING);
+//      (asn1_value: PASN1_VALUE);
+
+//      V_ASN1_UNDEF: ;
+//      V_ASN1_EOC: ;
+//      V_ASN1_NULL: ;
+//      V_ASN1_OBJECT_DESCRIPTOR: ;
+//      V_ASN1_EXTERNAL: ;
+//      V_ASN1_REAL: ;
+//      V_ASN1_NUMERICSTRING: ;
+//      V_ASN1_TELETEXSTRING: ;
+//      V_ASN1_VIDEOTEXSTRING: ;
+//      V_ASN1_GRAPHICSTRING: ;
+//      V_ASN1_ISO64STRING: ;
+  end;
+  ASN1_TYPE = asn1_type_st;
+  PASN1_TYPE = ^ASN1_TYPE;
+  PPASN1_TYPE = ^PASN1_TYPE;
+{$ENDREGION}
+
+{$REGION 'moved from unit "x509" to prevent circular references'}
+  X509_algor_st = record
+    algorithm: PASN1_OBJECT;
+    parameter: PASN1_TYPE;
+  end; (* X509_ALGOR *)
+{$ENDREGION}
+  X509_ALGOR = X509_algor_st;
+  PX509_ALGOR = ^X509_ALGOR;
+  PPX509_ALGOR = ^PX509_ALGOR;
+  
+  i2d_of_void = type Pointer;
+  Pi2d_of_void = ^i2d_of_void;
+
+  d2i_of_void = type Pointer;
+  Pd2i_of_void = ^d2i_of_void;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_pem.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_pem.pas
new file mode 100644
index 000000000..befcea269
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_pem.pas
@@ -0,0 +1,207 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+unit IdOpenSSLHeaders_pem;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// pem.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts,
+  IdOpenSSLHeaders_ec,
+  IdOpenSSLHeaders_ossl_typ,
+  IdOpenSSLHeaders_pkcs7,
+  IdOpenSSLHeaders_x509;
+  
+type
+  EVP_CIPHER_INFO = type Pointer;
+  PEVP_CIPHER_INFO = ^EVP_CIPHER_INFO;
+
+const
+  PEM_BUFSIZE             = 1024;
+
+  PEM_STRING_X509_OLD     = 'X509 CERTIFICATE';
+  PEM_STRING_X509         = 'CERTIFICATE';
+  PEM_STRING_X509_TRUSTED = 'TRUSTED CERTIFICATE';
+  PEM_STRING_X509_REQ_OLD = 'NEW CERTIFICATE REQUEST';
+  PEM_STRING_X509_REQ     = 'CERTIFICATE REQUEST';
+  PEM_STRING_X509_CRL     = 'X509 CRL';
+  PEM_STRING_EVP_PKEY     = 'ANY PRIVATE KEY';
+  PEM_STRING_PUBLIC       = 'PUBLIC KEY';
+  PEM_STRING_RSA          = 'RSA PRIVATE KEY';
+  PEM_STRING_RSA_PUBLIC   = 'RSA PUBLIC KEY';
+  PEM_STRING_DSA          = 'DSA PRIVATE KEY';
+  PEM_STRING_DSA_PUBLIC   = 'DSA PUBLIC KEY';
+  PEM_STRING_PKCS7        = 'PKCS7';
+  PEM_STRING_PKCS7_SIGNED = 'PKCS #7 SIGNED DATA';
+  PEM_STRING_PKCS8        = 'ENCRYPTED PRIVATE KEY';
+  PEM_STRING_PKCS8INF     = 'PRIVATE KEY';
+  PEM_STRING_DHPARAMS     = 'DH PARAMETERS';
+  PEM_STRING_DHXPARAMS    = 'X9.42 DH PARAMETERS';
+  PEM_STRING_SSL_SESSION  = 'SSL SESSION PARAMETERS';
+  PEM_STRING_DSAPARAMS    = 'DSA PARAMETERS';
+  PEM_STRING_ECDSA_PUBLIC = 'ECDSA PUBLIC KEY';
+  PEM_STRING_ECPARAMETERS = 'EC PARAMETERS';
+  PEM_STRING_ECPRIVATEKEY = 'EC PRIVATE KEY';
+  PEM_STRING_PARAMETERS   = 'PARAMETERS';
+  PEM_STRING_CMS          = 'CMS';
+
+  PEM_TYPE_ENCRYPTED      = 10;
+  PEM_TYPE_MIC_ONLY       = 20;
+  PEM_TYPE_MIC_CLEAR      = 30;
+  PEM_TYPE_CLEAR          = 40;
+
+  PEM_FLAG_SECURE         = $1;
+  PEM_FLAG_EAY_COMPATIBLE = $2;
+  PEM_FLAG_ONLY_B64       = $4;
+
+type
+  pem_password_cb = function(buf: PIdAnsiChar; size: TIdC_INT; rwflag: TIdC_INT; userdata: Pointer): TIdC_INT; cdecl;
+
+var
+  function PEM_get_EVP_CIPHER_INFO(header: PIdAnsiChar; cipher: PEVP_CIPHER_INFO): TIdC_INT;
+  function PEM_do_header(cipher: PEVP_CIPHER_INFO; data: PByte; len: PIdC_LONG; callback: pem_password_cb; u: Pointer): TIdC_INT;
+
+  function PEM_read_bio(bp: PBIO; name: PPIdAnsiChar; header: PPIdAnsiChar; data: PPByte; len: PIdC_LONG): TIdC_INT;
+  function PEM_read_bio_ex(bp: PBIO; name: PPIdAnsiChar; header: PPIdAnsiChar; data: PPByte; len: PIdC_LONG; flags: TIdC_UINT): TIdC_INT;
+  function PEM_bytes_read_bio_secmem(pdata: PPByte; plen: PIdC_LONG; pnm: PPIdAnsiChar; const name: PIdAnsiChar; bp: PBIO; cb: pem_password_cb; u: Pointer): TIdC_INT;
+  function PEM_write_bio(bp: PBIO; const name: PIdAnsiChar; const hdr: PIdAnsiChar; const data: PByte; len: TIdC_LONG): TIdC_INT;
+  function PEM_bytes_read_bio(pdata: PPByte; plen: PIdC_LONG; pnm: PPIdAnsiChar; const name: PIdAnsiChar; bp: PBIO; cb: pem_password_cb; u: Pointer): TIdC_INT;
+  function PEM_ASN1_read_bio(d2i: d2i_of_void; const name: PIdAnsiChar; bp: PBIO; x: PPointer; cb: pem_password_cb; u: Pointer): Pointer;
+  function PEM_ASN1_write_bio(i2d: i2d_of_void; const name: PIdAnsiChar; bp: PBIO; x: Pointer; const enc: PEVP_CIPHER; kstr: PByte; klen: TIdC_INT; cb: pem_password_cb; u: Pointer): TIdC_INT;
+
+  //function PEM_X509_INFO_read_bio(bp: PBIO; sk: PSTACK_OF_X509_INFO; cb: pem_password_cb; u: Pointer): PSTACK_OF_X509_INFO;
+  function PEM_X509_INFO_write_bio(bp: PBIO; xi: PX509_INFO; enc: PEVP_CIPHER; kstr: PByte; klen: TIdC_INT; cd: pem_password_cb; u: Pointer): TIdC_INT;
+
+  function PEM_SignInit(ctx: PEVP_MD_CTX; &type: PEVP_MD): TIdC_INT;
+  function PEM_SignUpdate(ctx: PEVP_MD_CTX; d: PByte; cnt: Byte): TIdC_INT;
+  function PEM_SignFinal(ctx: PEVP_MD_CTX; sigret: PByte; siglen: PIdC_UINT; pkey: PEVP_PKEY): TIdC_INT;
+
+  (* The default pem_password_cb that's used internally *)
+  function PEM_def_callback(buf: PIdAnsiChar; num: TIdC_INT; rwflag: TIdC_INT; userdata: Pointer): TIdC_INT;
+  procedure PEM_proc_type(buf: PIdAnsiChar; &type: TIdC_INT);
+  procedure PEM_dek_info(buf: PIdAnsiChar; const &type: PIdAnsiChar; len: TIdC_INT; str: PIdAnsiChar);
+
+  function PEM_read_bio_X509(bp: PBIO; x: PPX509; cb: pem_password_cb; u: Pointer): PX509;
+  function PEM_write_bio_X509(bp: PBIO; x: PX509): TIdC_INT;
+
+  function PEM_read_bio_X509_AUX(bp: PBIO; x: PPX509; cb: pem_password_cb; u: Pointer): PX509;
+  function PEM_write_bio_X509_AUX(bp: PBIO; x: PX509): TIdC_INT;
+
+  function PEM_read_bio_X509_REQ(bp: PBIO; x: PPX509_REQ; cb: pem_password_cb; u: Pointer): PX509_REQ;
+  function PEM_write_bio_X509_REQ(bp: PBIO; x: PX509_REQ): TIdC_INT;
+
+  function PEM_write_bio_X509_REQ_NEW(bp: PBIO; x: PX509_REQ): TIdC_INT;
+
+  function PEM_read_bio_X509_CRL(bp: PBIO; x: PPX509_CRL; cb: pem_password_cb; u: Pointer): PX509_CRL;
+  function PEM_write_bio_X509_CRL(bp: PBIO; x: PX509_CRL): TIdC_INT;
+
+  function PEM_read_bio_PKCS7(bp: PBIO; x: PPPKCS7; cb: pem_password_cb; u: Pointer): PPKCS7;
+  function PEM_write_bio_PKCS7(bp: PBIO; x: PPKCS7): TIdC_INT;
+
+//  function PEM_read_bio_NETSCAPE_CERT_SEQUENCE(bp: PBIO; x: PPNETSCAPE_CERT_SEQUENCE; cb: pem_password_cb; u: Pointer): PNETSCAPE_CERT_SEQUENCE;
+//  function PEM_write_bio_NETSCAPE_CERT_SEQUENCE(bp: PBIO; x: PNETSCAPE_CERT_SEQUENCE): TIdC_INT;
+
+  function PEM_read_bio_PKCS8(bp: PBIO; x: PPX509_SIG; cb: pem_password_cb; u: Pointer): PX509_SIG;
+  function PEM_write_bio_PKCS8(bp: PBIO; x: PX509_SIG): TIdC_INT;
+
+  function PEM_read_bio_PKCS8_PRIV_KEY_INFO(bp: PBIO; x: PPPKCS8_PRIV_KEY_INFO; cb: pem_password_cb; u: Pointer): PPKCS8_PRIV_KEY_INFO;
+  function PEM_write_bio_PKCS8_PRIV_KEY_INFO(bp: PBIO; x: PPKCS8_PRIV_KEY_INFO): TIdC_INT;
+
+  // RSA
+  function PEM_read_bio_RSAPrivateKey(bp: PBIO; x: PPRSA; cb: pem_password_cb; u: Pointer): PRSA;
+  function PEM_write_bio_RSAPrivateKey(bp: PBIO; x: PRSA; const enc: PEVP_CIPHER; kstr: PByte; klen: TIdC_INT; cb: pem_password_cb; u: Pointer): TIdC_INT;
+
+  function PEM_read_bio_RSAPublicKey(bp: PBIO; x: PPRSA; cb: pem_password_cb; u: Pointer): PRSA;
+  function PEM_write_bio_RSAPublicKey(bp: PBIO; const x: PRSA): TIdC_INT;
+
+  function PEM_read_bio_RSA_PUBKEY(bp: PBIO; x: PPRSA; cb: pem_password_cb; u: Pointer): PRSA;
+  function PEM_write_bio_RSA_PUBKEY(bp: PBIO; x: PRSA): TIdC_INT;
+  // ~RSA
+
+  // DSA
+  function PEM_read_bio_DSAPrivateKey(bp: PBIO; x: PPDSA; cb: pem_password_cb; u: Pointer): PDSA;
+  function PEM_write_bio_DSAPrivateKey(bp: PBIO; x: PDSA; const enc: PEVP_CIPHER; kstr: PByte; klen: TIdC_INT; cb: pem_password_cb; u: Pointer): TIdC_INT;
+
+  function PEM_read_bio_DSA_PUBKEY(bp: PBIO; x: PPDSA; cb: pem_password_cb; u: Pointer): PDSA;
+  function PEM_write_bio_DSA_PUBKEY(bp: PBIO; x: PDSA): TIdC_INT;
+
+  function PEM_read_bio_DSAparams(bp: PBIO; x: PPDSA; cb: pem_password_cb; u: Pointer): PDSA;
+  function PEM_write_bio_DSAparams(bp: PBIO; const x: PDSA): TIdC_INT;
+  // ~DSA
+
+  // EC
+  function PEM_read_bio_ECPKParameters(bp: PBIO; x: PPEC_GROUP; cb: pem_password_cb; u: Pointer): PEC_GROUP;
+  function PEM_write_bio_ECPKParameters(bp: PBIO; const x: PEC_GROUP): TIdC_INT;
+
+  function PEM_read_bio_ECPrivateKey(bp: PBIO; x: PPEC_KEY; cb: pem_password_cb; u: Pointer): PEC_KEY;
+  function PEM_write_bio_ECPrivateKey(bp: PBIO; x: PEC_KEY; const enc: PEVP_CIPHER; kstr: PByte; klen: TIdC_INT; cb: pem_password_cb; u: Pointer): TIdC_INT;
+
+  function PEM_read_bio_EC_PUBKEY(bp: PBIO; x: PPEC_KEY; cb: pem_password_cb; u: Pointer): PEC_KEY;
+  function PEM_write_bio_EC_PUBKEY(bp: PBIO; x: PEC_KEY): TIdC_INT;
+  // ~EC
+
+  // DH
+  function PEM_read_bio_DHparams(bp: PBIO; x: PPDH; cb: pem_password_cb; u: Pointer): PDH;
+  function PEM_write_bio_DHparams(bp: PBIO; const x: PDH): TIdC_INT;
+
+  function PEM_write_bio_DHxparams(bp: PBIO; const x: PDH): TIdC_INT;
+  // ~DH
+
+  function PEM_read_bio_PrivateKey(bp: PBIO; x: PPEVP_PKEY; cb: pem_password_cb; u: Pointer): PEVP_PKEY;
+  function PEM_write_bio_PrivateKey(bp: PBIO; x: PEVP_PKEY; const enc: PEVP_CIPHER; kstr: PByte; klen: TIdC_INT; cb: pem_password_cb; u: Pointer): TIdC_INT;
+
+  function PEM_read_bio_PUBKEY(bp: PBIO; x: PPEVP_PKEY; cb: pem_password_cb; u: Pointer): PEVP_PKEY;
+  function PEM_write_bio_PUBKEY(bp: PBIO; x: PEVP_PKEY): TIdC_INT;
+
+  function PEM_write_bio_PrivateKey_traditional(bp: PBIO; x: PEVP_PKEY; const enc: PEVP_CIPHER; kstr: PByte; klen: TIdC_INT; cb: pem_password_cb; u: Pointer): TIdC_INT;
+  function PEM_write_bio_PKCS8PrivateKey_nid(bp: PBIO; x: PEVP_PKEY; nid: TIdC_INT; kstr: PIdAnsiChar; klen: TIdC_INT; cb: pem_password_cb; u: Pointer): TIdC_INT;
+  function PEM_write_bio_PKCS8PrivateKey(bp: PBIO; x: PEVP_PKEY_METHOD; const enc: PEVP_CIPHER; kstr: PIdAnsiChar; klen: TIdC_INT; cb: pem_password_cb; u: Pointer): TIdC_INT;
+  function i2d_PKCS8PrivateKey_bio(bp: PBIO; x: PEVP_PKEY; const enc: PEVP_CIPHER_CTX; kstr: PIdAnsiChar; klen: TIdC_INT; cb: pem_password_cb; u: Pointer): TIdC_INT;
+  function i2d_PKCS8PrivateKey_nid_bio(bp: PBIO; x: PEVP_PKEY; nid: TIdC_INT; kstr: PIdAnsiChar; klen: TIdC_INT; cb: pem_password_cb; u: Pointer): TIdC_INT;
+  function d2i_PKCS8PrivateKey_bio(bp: PBIO; x: PPEVP_PKEY_CTX; cb: pem_password_cb; u: Pointer): PEVP_PKEY;
+
+  function PEM_read_bio_Parameters(bp: PBIO; x: PPEVP_PKEY): PEVP_PKEY;
+  function PEM_write_bio_Parameters(bp: PBIO; x: PEVP_PKEY): TIdC_INT;
+
+  function b2i_PrivateKey(const &in: PPByte; length: TIdC_LONG): PEVP_PKEY;
+  function b2i_PublicKey(const &in: PPByte; length: TIdC_LONG): PEVP_PKEY;
+  function b2i_PrivateKey_bio(&in: PBIO): PEVP_PKEY;
+  function b2i_PublicKey_bio(&in: PBIO): PEVP_PKEY;
+  function i2b_PrivateKey_bio(&out: PBIO; pk: PEVP_PKEY): TIdC_INT;
+  function i2b_PublicKey_bio(&out: PBIO; pk: PEVP_PKEY): TIdC_INT;
+  function b2i_PVK_bio(&in: PBIO; cb: pem_password_cb; u: Pointer): PEVP_PKEY;
+  function i2b_PVK_bio(&out: PBIO; pk: PEVP_PKEY; enclevel: TIdC_INT; cb: pem_password_cb; u: Pointer): TIdC_INT;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_pemerr.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_pemerr.pas
new file mode 100644
index 000000000..afb411384
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_pemerr.pas
@@ -0,0 +1,122 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+unit IdOpenSSLHeaders_pemerr;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// pemerr.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+const
+  // PEM function codes
+  PEM_F_B2I_DSS                      = 127;
+  PEM_F_B2I_PVK_BIO                  = 128;
+  PEM_F_B2I_RSA                      = 129;
+  PEM_F_CHECK_BITLEN_DSA             = 130;
+  PEM_F_CHECK_BITLEN_RSA             = 131;
+  PEM_F_D2I_PKCS8PRIVATEKEY_BIO      = 120;
+  PEM_F_D2I_PKCS8PRIVATEKEY_FP       = 121;
+  PEM_F_DO_B2I                       = 132;
+  PEM_F_DO_B2I_BIO                   = 133;
+  PEM_F_DO_BLOB_HEADER               = 134;
+  PEM_F_DO_I2B                       = 146;
+  PEM_F_DO_PK8PKEY                   = 126;
+  PEM_F_DO_PK8PKEY_FP                = 125;
+  PEM_F_DO_PVK_BODY                  = 135;
+  PEM_F_DO_PVK_HEADER                = 136;
+  PEM_F_GET_HEADER_AND_DATA          = 143;
+  PEM_F_GET_NAME                     = 144;
+  PEM_F_I2B_PVK                      = 137;
+  PEM_F_I2B_PVK_BIO                  = 138;
+  PEM_F_LOAD_IV                      = 101;
+  PEM_F_PEM_ASN1_READ                = 102;
+  PEM_F_PEM_ASN1_READ_BIO            = 103;
+  PEM_F_PEM_ASN1_WRITE               = 104;
+  PEM_F_PEM_ASN1_WRITE_BIO           = 105;
+  PEM_F_PEM_DEF_CALLBACK             = 100;
+  PEM_F_PEM_DO_HEADER                = 106;
+  PEM_F_PEM_GET_EVP_CIPHER_INFO      = 107;
+  PEM_F_PEM_READ                     = 108;
+  PEM_F_PEM_READ_BIO                 = 109;
+  PEM_F_PEM_READ_BIO_DHPARAMS        = 141;
+  PEM_F_PEM_READ_BIO_EX              = 145;
+  PEM_F_PEM_READ_BIO_PARAMETERS      = 140;
+  PEM_F_PEM_READ_BIO_PRIVATEKEY      = 123;
+  PEM_F_PEM_READ_DHPARAMS            = 142;
+  PEM_F_PEM_READ_PRIVATEKEY          = 124;
+  PEM_F_PEM_SIGNFINAL                = 112;
+  PEM_F_PEM_WRITE                    = 113;
+  PEM_F_PEM_WRITE_BIO                = 114;
+  PEM_F_PEM_WRITE_PRIVATEKEY         = 139;
+  PEM_F_PEM_X509_INFO_READ           = 115;
+  PEM_F_PEM_X509_INFO_READ_BIO       = 116;
+  PEM_F_PEM_X509_INFO_WRITE_BIO      = 117;
+  // PEM reason codes
+  PEM_R_BAD_BASE64_DECODE            = 100;
+  PEM_R_BAD_DECRYPT                  = 101;
+  PEM_R_BAD_END_LINE                 = 102;
+  PEM_R_BAD_IV_CHARS                 = 103;
+  PEM_R_BAD_MAGIC_NUMBER             = 116;
+  PEM_R_BAD_PASSWORD_READ            = 104;
+  PEM_R_BAD_VERSION_NUMBER           = 117;
+  PEM_R_BIO_WRITE_FAILURE            = 118;
+  PEM_R_CIPHER_IS_NULL               = 127;
+  PEM_R_ERROR_CONVERTING_PRIVATE_KEY = 115;
+  PEM_R_EXPECTING_PRIVATE_KEY_BLOB   = 119;
+  PEM_R_EXPECTING_PUBLIC_KEY_BLOB    = 120;
+  PEM_R_HEADER_TOO_LONG              = 128;
+  PEM_R_INCONSISTENT_HEADER          = 121;
+  PEM_R_KEYBLOB_HEADER_PARSE_ERROR   = 122;
+  PEM_R_KEYBLOB_TOO_SHORT            = 123;
+  PEM_R_MISSING_DEK_IV               = 129;
+  PEM_R_NOT_DEK_INFO                 = 105;
+  PEM_R_NOT_ENCRYPTED                = 106;
+  PEM_R_NOT_PROC_TYPE                = 107;
+  PEM_R_NO_START_LINE                = 108;
+  PEM_R_PROBLEMS_GETTING_PASSWORD    = 109;
+  PEM_R_PVK_DATA_TOO_SHORT           = 124;
+  PEM_R_PVK_TOO_SHORT                = 125;
+  PEM_R_READ_KEY                     = 111;
+  PEM_R_SHORT_HEADER                 = 112;
+  PEM_R_UNEXPECTED_DEK_IV            = 130;
+  PEM_R_UNSUPPORTED_CIPHER           = 113;
+  PEM_R_UNSUPPORTED_ENCRYPTION       = 114;
+  PEM_R_UNSUPPORTED_KEY_COMPONENTS   = 126;
+
+var
+  function ERR_load_PEM_strings: TIdC_INT;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_pkcs7.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_pkcs7.pas
new file mode 100644
index 000000000..afad95990
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_pkcs7.pas
@@ -0,0 +1,347 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+unit IdOpenSSLHeaders_pkcs7;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// pkcs7.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts,
+  IdOpenSSLHeaders_ossl_typ;
+
+const
+  PKCS7_S_HEADER = 0;
+  PKCS7_S_BODY   = 1;
+  PKCS7_S_TAIL   = 2;
+
+  PKCS7_OP_SET_DETACHED_SIGNATURE = 1;
+  PKCS7_OP_GET_DETACHED_SIGNATURE = 2;
+
+  (* S/MIME related flags *)
+  PKCS7_TEXT            =     $1;
+  PKCS7_NOCERTS         =     $2;
+  PKCS7_NOSIGS          =     $4;
+  PKCS7_NOCHAIN         =     $8;
+  PKCS7_NOINTERN        =    $10;
+  PKCS7_NOVERIFY        =    $20;
+  PKCS7_DETACHED        =    $40;
+  PKCS7_BINARY          =    $80;
+  PKCS7_NOATTR          =   $100;
+  PKCS7_NOSMIMECAP      =   $200;
+  PKCS7_NOOLDMIMETYPE   =   $400;
+  PKCS7_CRLFEOL         =   $800;
+  // Added '_CONST' to avoid name clashes
+  PKCS7_STREAM_CONST    =  $1000;
+  PKCS7_NOCRL           =  $2000;
+  PKCS7_PARTIAL         =  $4000;
+  PKCS7_REUSE_DIGEST    =  $8000;
+  PKCS7_NO_DUAL_CONTENT = $10000;
+
+  (* Flags: for compatibility with older code *)
+  SMIME_TEXT      = PKCS7_TEXT;
+  SMIME_NOCERTS   = PKCS7_NOCERTS;
+  SMIME_NOSIGS    = PKCS7_NOSIGS;
+  SMIME_NOCHAIN   = PKCS7_NOCHAIN;
+  SMIME_NOINTERN  = PKCS7_NOINTERN;
+  SMIME_NOVERIFY  = PKCS7_NOVERIFY;
+  SMIME_DETACHED  = PKCS7_DETACHED;
+  SMIME_BINARY    = PKCS7_BINARY;
+  SMIME_NOATTR    = PKCS7_NOATTR;
+
+  (* CRLF ASCII canonicalisation *)
+  SMIME_ASCIICRLF = $80000;
+
+type
+  PPKCS7 = ^PKCS7;
+  PPPKCS7 = ^PPKCS7;
+
+  PPKCS7_DIGEST = ^PKCS7_DIGEST;
+  PPPKCS7_DIGEST = ^PPKCS7_DIGEST;
+
+  pkcs7_issuer_and_serial_st = record
+    issue: PX509_NAME;
+    serial: PASN1_INTEGER;
+  end;
+  PKCS7_ISSUER_AND_SERIAL = pkcs7_issuer_and_serial_st;
+  PPKCS7_ISSUER_AND_SERIAL = ^PKCS7_ISSUER_AND_SERIAL;
+  PPPKCS7_ISSUER_AND_SERIAL = ^PPKCS7_ISSUER_AND_SERIAL;
+
+  pkcs7_signer_info_st = record
+    version: PASN1_INTEGER;
+    issuer_and_serial: PPKCS7_ISSUER_AND_SERIAL;
+    digest_alg: PX509_ALGOR;
+    auth_attr: Pointer; //PSTACK_OF_X509_ATTRIBUTE;
+    digest_enc_alg: PX509_ALGOR;
+    enc_digest: PASN1_OCTET_STRING;
+    unauth_attr: Pointer; //PSTACK_OF_X509_ATTRIBUTE;
+    pkey: PEVP_PKEY;
+  end;
+  PKCS7_SIGNER_INFO = pkcs7_issuer_and_serial_st;
+  PPKCS7_SIGNER_INFO = ^PKCS7_SIGNER_INFO;
+  PPPKCS7_SIGNER_INFO = ^PPKCS7_SIGNER_INFO;
+
+  pkcs7_recip_info_st = record
+    version: PASN1_INTEGER;
+    issuer_and_serial: PPKCS7_ISSUER_AND_SERIAL;
+    key_enc_algor: PX509_ALGOR;
+    enc_key: PASN1_OCTET_STRING;
+    cert: PX509;
+  end;
+  PKCS7_RECIP_INFO = pkcs7_recip_info_st;
+  PPKCS7_RECIP_INFO = ^PKCS7_RECIP_INFO;
+  PPPKCS7_RECIP_INFO = ^PPKCS7_RECIP_INFO;
+
+  pkcs7_signed_st = record
+    version: PASN1_INTEGER;
+    md_algs: Pointer; //PSTACK_OF_X509_ALGOR;
+    cert: Pointer; //PSTACK_OF_X509;
+    crl: Pointer; //PSTACK_OF_X509_CRL;
+    signer_info: Pointer; //PSTACK_OF_PKCS7_SIGNER_INFO;
+    contents: PPKCS7;
+  end;
+  PKCS7_SIGNED = pkcs7_signed_st;
+  PPKCS7_SIGNED = ^PKCS7_SIGNED;
+  PPPKCS7_SIGNED = ^PPKCS7_SIGNED;
+
+  pkcs7_enc_content_st = record
+    content_type: PASN1_OBJECT;
+    algorithm: PX509_ALGOR;
+    enc_data: PASN1_OCTET_STRING;
+    cipher: PEVP_CIPHER;
+  end;
+  PKCS7_ENC_CONTENT = pkcs7_enc_content_st;
+  PPKCS7_ENC_CONTENT = ^PKCS7_ENC_CONTENT;
+  PPPKCS7_ENC_CONTENT = ^PPKCS7_ENC_CONTENT;
+
+  pkcs7_enveloped_st = record
+    version: PASN1_INTEGER;
+    recipientinfo: Pointer; //PSTACK_OF_PKCS7_RECIP_INFO;
+    enc_data: PPKCS7_ENC_CONTENT;
+  end;
+  PKCS7_ENVELOPE = pkcs7_enveloped_st;
+  PPKCS7_ENVELOPE = ^PKCS7_ENVELOPE;
+  PPPKCS7_ENVELOPE = ^PPKCS7_ENVELOPE;
+
+  pkcs7_signedandenveloped_st = record
+    version: PASN1_INTEGER;
+    md_algs: Pointer; //PSTACK_OF_X509_ALGOR;
+    cert: Pointer; //PSTACK_OF_X509;
+    crl: Pointer; //PSTACK_OF_X509_CRL;
+    signer_info: Pointer; //PSTACK_OF_PKCS7_SIGNER_INFO;
+    enc_data: PPKCS7_ENC_CONTENT;
+    recipientinfo: Pointer; //PSTACK_OF_PKCS7_RECIP_INFO;
+  end;
+  PKCS7_SIGN_ENVELOPE = pkcs7_signedandenveloped_st;
+  PPKCS7_SIGN_ENVELOPE = ^PKCS7_SIGN_ENVELOPE;
+  PPPKCS7_SIGN_ENVELOPE = ^PPKCS7_SIGN_ENVELOPE;
+
+  pkcs7_encrypted_st = record
+    version: PASN1_INTEGER;
+    enc_data: PPKCS7_ENC_CONTENT;
+  end;
+  // Added '_STRUCT' to avoid name clashes
+  PKCS7_ENCRYPT_STRUCT = pkcs7_encrypted_st;
+  PPKCS7_ENCRYPT_STRUCT = ^PKCS7_ENCRYPT_STRUCT;
+  PPPKCS7_ENCRYPT_STRUCT = ^PPKCS7_ENCRYPT_STRUCT;
+
+  pkcs7_st_d = record
+    case Integer of
+    0: (ptr: PIdAnsiChar);
+    1: (data: PASN1_OCTET_STRING);
+    2: (sign: PPKCS7_SIGNED);
+    3: (enveloped: PPKCS7_ENVELOPE);
+    4: (signed_and_enveloped: PPKCS7_SIGN_ENVELOPE);
+    5: (digest: PPKCS7_DIGEST);
+    6: (encrypted: PPKCS7_ENCRYPT_STRUCT);
+    7: (other: PASN1_TYPE);
+  end;
+  pkcs7_st = record
+    asn1: PByte;
+    length: TIdC_LONG;
+    state: TIdC_INT;
+    detached: TIdC_INT;
+    &type: PASN1_OBJECT;
+    d: pkcs7_st_d;
+  end;
+  PKCS7 = pkcs7_st;
+
+  pkcs7_digest_st = record
+    version: PASN1_INTEGER;
+    md: PX509_ALGOR;
+    contents: PPKCS7;
+    digest: PASN1_OCTET_STRING;
+  end;
+  PKCS7_DIGEST = pkcs7_digest_st;
+
+var
+  //function PKCS7_ISSUER_AND_SERIAL_new: PPKCS7_ISSUER_AND_SERIAL;
+  //procedure PKCS7_ISSUER_AND_SERIAL_free(a: PPKCS7_ISSUER_AND_SERIAL);
+  //function d2i_PKCS7_ISSUER_AND_SERIAL(a: PPPKCS7_ISSUER_AND_SERIAL; const &in: PByte; len: TIdC_LONG): PPKCS7_ISSUER_AND_SERIAL;
+  //function i2d_PKCS7_ISSUER_AND_SERIAL(const a: PPKCS7_ISSUER_AND_SERIAL; &out: PByte): TIdC_INT;
+  //function PKCS7_ISSUER_AND_SERIAL_it: PASN1_ITEM;
+
+  function PKCS7_ISSUER_AND_SERIAL_digest(data: PPKCS7_ISSUER_AND_SERIAL; const &type: PEVP_MD; md: PByte; len: PIdC_UINT): TIdC_INT;
+
+  function PKCS7_dup(p7: PPKCS7): PPKCS7;
+  function d2i_PKCS7_bio(bp: PBIO; p7: PPPKCS7): PPKCS7;
+  function i2d_PKCS7_bio(bp: PBIO; p7: PPKCS7): TIdC_INT;
+  function i2d_PKCS7_bio_stream(&out: PBIO; p7: PPKCS7; &in: PBIO; flags: TIdC_INT): TIdC_INT;
+  function PEM_write_bio_PKCS7_stream(&out: PBIO; p7: PPKCS7; &in: PBIO; flags: TIdC_INT): TIdC_INT;
+
+//  function PKCS7_SIGNER_INFO_new: PPKCS7_SIGNER_INFO;
+//  procedure PKCS7_SIGNER_INFO_free(a: PPKCS7_SIGNER_INFO);
+//  function d2i_PKCS7_SIGNER_INFO(a: PPPKCS7_SIGNER_INFO; const &in: PByte; len: TIdC_LONG): PPKCS7_SIGNER_INFO;
+//  function i2d_PKCS7_SIGNER_INFO(const a: PPKCS7_SIGNER_INFO; &out: PByte): TIdC_INT;
+//  function PKCS7_SIGNER_INFO_it: PASN1_ITEM;
+//
+//  function PKCS7_RECIP_INFO_new: PPKCS7_RECIP_INFO;
+//  procedure PKCS7_RECIP_INFO_free(a: PPKCS7_RECIP_INFO);
+//  function d2i_PKCS7_RECIP_INFO(a: PPPKCS7_RECIP_INFO; const &in: PByte; len: TIdC_LONG): PPKCS7_RECIP_INFO;
+//  function i2d_PKCS7_RECIP_INFO(const a: PPKCS7_RECIP_INFO; &out: PByte): TIdC_INT;
+//  function PKCS7_RECIP_INFO_it: PASN1_ITEM;
+//
+//  function PKCS7_SIGNED_new: PPKCS7_SIGNED;
+//  procedure PKCS7_SIGNED_free(a: PPKCS7_SIGNED);
+//  function d2i_PKCS7_SIGNED(a: PPPKCS7_SIGNED; const &in: PByte; len: TIdC_LONG): PPKCS7_SIGNED;
+//  function i2d_PKCS7_SIGNED(const a: PPKCS7_SIGNED; &out: PByte): TIdC_INT;
+//  function PKCS7_SIGNED_it: PASN1_ITEM;
+//
+//  function PKCS7_ENC_CONTENT_new: PPKCS7_ENC_CONTENT;
+//  procedure PKCS7_ENC_CONTENT_free(a: PPKCS7_ENC_CONTENT);
+//  function d2i_PKCS7_ENC_CONTENT(a: PPPKCS7_ENC_CONTENT; const &in: PByte; len: TIdC_LONG): PPKCS7_ENC_CONTENT;
+//  function i2d_PKCS7_ENC_CONTENT(const a: PPKCS7_ENC_CONTENT; &out: PByte): TIdC_INT;
+//  function PKCS7_ENC_CONTENT_it: PASN1_ITEM;
+//
+//  function PKCS7_ENVELOPE_new: PPKCS7_ENVELOPE;
+//  procedure PKCS7_ENVELOPE_free(a: PPKCS7_ENVELOPE);
+//  function d2i_PKCS7_ENVELOPE(a: PPPKCS7_ENVELOPE; const &in: PByte; len: TIdC_LONG): PPKCS7_ENVELOPE;
+//  function i2d_PKCS7_ENVELOPE(const a: PPKCS7_ENVELOPE; &out: PByte): TIdC_INT;
+//  function PKCS7_ENVELOPE_it: PASN1_ITEM;
+//
+//  function PKCS7_SIGN_ENVELOPE_new: PPKCS7_SIGN_ENVELOPE;
+//  procedure PKCS7_SIGN_ENVELOPE_free(a: PPKCS7_SIGN_ENVELOPE);
+//  function d2i_PKCS7_SIGN_ENVELOPE(a: PPPKCS7_SIGN_ENVELOPE; const &in: PByte; len: TIdC_LONG): PPKCS7_SIGN_ENVELOPE;
+//  function i2d_PKCS7_SIGN_ENVELOPE(const a: PPKCS7_SIGN_ENVELOPE; &out: PByte): TIdC_INT;
+//  function PKCS7_SIGN_ENVELOPE_it: PASN1_ITEM;
+//
+//  function PKCS7_DIGEST_new: PPKCS7_DIGEST;
+//  procedure PKCS7_DIGEST_free(a: PPKCS7_DIGEST);
+//  function d2i_PKCS7_DIGEST(a: PPPKCS7_DIGEST; const &in: PByte; len: TIdC_LONG): PPKCS7_DIGEST;
+//  function i2d_PKCS7_DIGEST(const a: PPKCS7_DIGEST; &out: PByte): TIdC_INT;
+//  function PKCS7_DIGEST_it: PASN1_ITEM;
+//
+//  function PKCS7_ENCRYPT_new: PPKCS7_ENCRYPT_STRUCT;
+//  procedure PKCS7_ENCRYPT_free(a: PPKCS7_ENCRYPT_STRUCT);
+//  function d2i_PKCS7_ENCRYPT(a: PPPKCS7_ENCRYPT_STRUCT; const &in: PByte; len: TIdC_LONG): PPKCS7_ENCRYPT_STRUCT;
+//  function i2d_PKCS7_ENCRYPT(const a: PPKCS7_ENCRYPT_STRUCT; &out: PByte): TIdC_INT;
+//  function PKCS7_ENCRYPT_it: PASN1_ITEM;
+//
+//  function PKCS7_new: PPKCS7;
+//  procedure PKCS7_free(a: PPKCS7);
+//  function d2i_PKCS7(a: PPPKCS7; const &in: PByte; len: TIdC_LONG): PPKCS7;
+//  function i2d_PKCS7(const a: PPKCS7; &out: PByte): TIdC_INT;
+//  function PKCS7_it: PASN1_ITEM;
+//
+//  function PKCS7_ATTR_SIGN_it: PASN1_ITEM;
+//
+//  function PKCS7_ATTR_VERIFY_it: PASN1_ITEM;
+//
+//  function i2d_PKCS7_NDEF(const a: PPKCS7; &out: PPByte): TIdC_INT;
+//  function PKCS7_print_ctx(&out: PBIO; const x: PPKCS7; indent: TIdC_INT; const pctx: PASN1_PCTX): TIdC_INT;
+
+  function PKCS7_ctrl(p7: PPKCS7; cmd: TIdC_INT; larg: TIdC_LONG; parg: PIdAnsiChar): TIdC_LONG;
+
+  function PKCS7_set_type(p7: PPKCS7; &type: TIdC_INT): TIdC_INT;
+  function PKCS7_set0_type_other(p7: PPKCS7; &type: TIdC_INT; other: PASN1_TYPE): TIdC_INT;
+  function PKCS7_set_content(p7: PPKCS7; p7_data: PPKCS7): TIdC_INT;
+  function PKCS7_SIGNER_INFO_set(p7i: PPKCS7_SIGNER_INFO; x509: PX509; pkey: PEVP_PKEY; const dgst: PEVP_MD): TIdC_INT;
+  function PKCS7_SIGNER_INFO_sign(si: PPKCS7_SIGNER_INFO): TIdC_INT;
+  function PKCS7_add_signer(p7: PPKCS7; p7i: PPKCS7_SIGNER_INFO): TIdC_INT;
+  function PKCS7_add_certificate(p7: PPKCS7; x509: PX509): TIdC_INT;
+  function PKCS7_add_crl(p7: PPKCS7; x509: PX509_CRL): TIdC_INT;
+  function PKCS7_content_new(p7: PPKCS7; nid: TIdC_INT): TIdC_INT;
+  function PKCS7_dataVerify(cert_store: PX509_STORE; ctx: PX509_STORE_CTX; bio: PBIO; p7: PPKCS7; si: PPKCS7_SIGNER_INFO): TIdC_INT;
+  function PKCS7_signatureVerify(bio: PBIO; p7: PPKCS7; si: PPKCS7_SIGNER_INFO; x509: PX509): TIdC_INT;
+
+  function PKCS7_dataInit(p7: PPKCS7; bio: PBIO): PBIO;
+  function PKCS7_dataFinal(p7: PPKCS7; bio: PBIO): TIdC_INT;
+  function PKCS7_dataDecode(p7: PPKCS7; pkey: PEVP_PKEY; in_bio: PBIO; pcert: PX509): PBIO;
+
+  function PKCS7_add_signature(p7: PPKCS7; x509: PX509; pkey: PEVP_PKEY; const dgst: PEVP_MD): PPKCS7_SIGNER_INFO;
+  function PKCS7_cert_from_signer_info(p7: PPKCS7; si: PPKCS7_SIGNER_INFO): PX509;
+  function PKCS7_set_digest(p7: PPKCS7; const md: PEVP_MD): TIdC_INT;
+//  function PKCS7_get_signer_info(p7: PPKCS7): PSTACK_OF_PKCS7_SIGNER_INFO;
+
+  function PKCS7_add_recipient(p7: PPKCS7; x509: PX509): PPKCS7_RECIP_INFO;
+  procedure PKCS7_SIGNER_INFO_get0_algs(si: PPKCS7_SIGNER_INFO; pk: PPEVP_PKEY; pdig: PPX509_ALGOR; psig: PPX509_ALGOR);
+  procedure PKCS7_RECIP_INFO_get0_alg(ri: PPKCS7_RECIP_INFO; penc: PPX509_ALGOR);
+  function PKCS7_add_recipient_info(p7: PPKCS7; ri: PPKCS7_RECIP_INFO): TIdC_INT;
+  function PKCS7_RECIP_INFO_set(p7i: PPKCS7_RECIP_INFO; x509: PX509): TIdC_INT;
+  function PKCS7_set_cipher(p7: PPKCS7; const cipher: PEVP_CIPHER): TIdC_INT;
+  function PKCS7_stream(boundary: PPPByte; p7: PPKCS7): TIdC_INT;
+
+  function PKCS7_get_issuer_and_serial(p7: PPKCS7; idx: TIdC_INT): PPKCS7_ISSUER_AND_SERIAL;
+  //function PKCS7_digest_from_attributes(sk: Pointer{PSTACK_OF_X509_ATTRIBUTE}): PASN1_OCTET_STRING;
+  function PKCS7_add_signed_attribute(p7si: PPKCS7_SIGNER_INFO; nid: TIdC_INT; &type: TIdC_INT; data: Pointer): TIdC_INT;
+  function PKCS7_add_attribute(p7si: PPKCS7_SIGNER_INFO; nid: TIdC_INT; atrtype: TIdC_INT; value: Pointer): TIdC_INT;
+  function PKCS7_get_attribute(si: PPKCS7_SIGNER_INFO; nid: TIdC_INT): PASN1_TYPE;
+  function PKCS7_get_signed_attribute(si: PPKCS7_SIGNER_INFO; nid: TIdC_INT): PASN1_TYPE;
+  //function PKCS7_set_signed_attributes(p7si: PPKCS7_SIGNER_INFO; sk: PSTACK_OF_X509): TIdC_INT;
+  //function PKCS7_set_attributes(p7si: PPKCS7_SIGNER_INFO; sk: PSTACK_OF_X509_ATTRIBUTE): TIdC_INT;
+
+  //function PKCS7_sign(signcert: PX509; pkey: PEVP_PKEY; certs: PSTACK_OF_X509; data: PBIO; flags: TIdC_INT): PPKCS7;
+
+  function PKCS7_sign_add_signer(p7: PPKCS7; signcert: PX509; pkey: PEVP_PKEY; const md: PEVP_MD; flags: TIdC_INT): PPKCS7_SIGNER_INFO;
+
+  function PKCS7_final(p7: PPKCS7; data: PBIO; flags: TIdC_INT): TIdC_INT;
+  //function PKCS7_verify(p7: PPKCS7; certs: PSTACK_OF_X509; store: PX509_STORE; indata: PBIO; &out: PBIO; flags: TIdC_INT): TIdC_INT;
+  //function PKCS7_get0_signers(p7: PPKCS7; certs: PSTACK_OF_X509; flags: TIdC_INT): PSTACK_OF_X509;
+  //function PKCS7_encrypt(certs: PSTACK_OF_X509; &in: PBIO; const cipher: PEVP_CIPHER; flags: TIdC_INT): PPKCS7;
+  function PKCS7_decrypt(p7: PPKCS7; pkey: PEVP_PKEY; cert: PX509; data: PBIO; flags: TIdC_INT): TIdC_INT;
+
+  //function PKCS7_add_attrib_smimecap(si: PPKCS7_SIGNER_INFO; cap: PSTACK_OF_X509_ALGOR): TIdC_INT;
+  //function PKCS7_get_smimecap(si: PPKCS7_SIGNER_INFO): PSTACK_OF_X509_ALGOR;
+  //function PKCS7_simple_smimecap(sk: PSTACK_OF_X509_ALGOR; nid: TIdC_INT; arg: TIdC_INT): TIdC_INT;
+
+  function PKCS7_add_attrib_content_type(si: PPKCS7_SIGNER_INFO; coid: PASN1_OBJECT): TIdC_INT;
+  function PKCS7_add0_attrib_signing_time(si: PPKCS7_SIGNER_INFO; t: PASN1_TIME): TIdC_INT;
+  function PKCS7_add1_attrib_digest(si: PPKCS7_SIGNER_INFO; const md: PByte; mdlen: TIdC_INT): TIdC_INT;
+
+  function SMIME_write_PKCS7(bio: PBIO; p7: PPKCS7; data: PBIO; flags: TIdC_INT): TIdC_INT;
+  function SMIME_read_PKCS7(bio: PBIO; bcont: PPBIO): PPKCS7;
+
+  function BIO_new_PKCS7(&out: PBIO; p7: PPKCS7): PBIO;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_pkcs7err.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_pkcs7err.pas
new file mode 100644
index 000000000..5db73b8ae
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_pkcs7err.pas
@@ -0,0 +1,127 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+unit IdOpenSSLHeaders_pkcs7err;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// pkcs7err.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+const
+  (*
+   * PKCS7 function codes.
+   *)
+  PKCS7_F_DO_PKCS7_SIGNED_ATTRIB                     = 136;
+  PKCS7_F_PKCS7_ADD0_ATTRIB_SIGNING_TIME             = 135;
+  PKCS7_F_PKCS7_ADD_ATTRIB_SMIMECAP                  = 118;
+  PKCS7_F_PKCS7_ADD_CERTIFICATE                      = 100;
+  PKCS7_F_PKCS7_ADD_CRL                              = 101;
+  PKCS7_F_PKCS7_ADD_RECIPIENT_INFO                   = 102;
+  PKCS7_F_PKCS7_ADD_SIGNATURE                        = 131;
+  PKCS7_F_PKCS7_ADD_SIGNER                           = 103;
+  PKCS7_F_PKCS7_BIO_ADD_DIGEST                       = 125;
+  PKCS7_F_PKCS7_COPY_EXISTING_DIGEST                 = 138;
+  PKCS7_F_PKCS7_CTRL                                 = 104;
+  PKCS7_F_PKCS7_DATADECODE                           = 112;
+  PKCS7_F_PKCS7_DATAFINAL                            = 128;
+  PKCS7_F_PKCS7_DATAINIT                             = 105;
+  PKCS7_F_PKCS7_DATAVERIFY                           = 107;
+  PKCS7_F_PKCS7_DECRYPT                              = 114;
+  PKCS7_F_PKCS7_DECRYPT_RINFO                        = 133;
+  PKCS7_F_PKCS7_ENCODE_RINFO                         = 132;
+  PKCS7_F_PKCS7_ENCRYPT                              = 115;
+  PKCS7_F_PKCS7_FINAL                                = 134;
+  PKCS7_F_PKCS7_FIND_DIGEST                          = 127;
+  PKCS7_F_PKCS7_GET0_SIGNERS                         = 124;
+  PKCS7_F_PKCS7_RECIP_INFO_SET                       = 130;
+  PKCS7_F_PKCS7_SET_CIPHER                           = 108;
+  PKCS7_F_PKCS7_SET_CONTENT                          = 109;
+  PKCS7_F_PKCS7_SET_DIGEST                           = 126;
+  PKCS7_F_PKCS7_SET_TYPE                             = 110;
+  PKCS7_F_PKCS7_SIGN                                 = 116;
+  PKCS7_F_PKCS7_SIGNATUREVERIFY                      = 113;
+  PKCS7_F_PKCS7_SIGNER_INFO_SET                      = 129;
+  PKCS7_F_PKCS7_SIGNER_INFO_SIGN                     = 139;
+  PKCS7_F_PKCS7_SIGN_ADD_SIGNER                      = 137;
+  PKCS7_F_PKCS7_SIMPLE_SMIMECAP                      = 119;
+  PKCS7_F_PKCS7_VERIFY                               = 117;
+
+  (*
+   * PKCS7 reason codes.
+   *)
+  PKCS7_R_CERTIFICATE_VERIFY_ERROR                   = 117;
+  PKCS7_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER            = 144;
+  PKCS7_R_CIPHER_NOT_INITIALIZED                     = 116;
+  PKCS7_R_CONTENT_AND_DATA_PRESENT                   = 118;
+  PKCS7_R_CTRL_ERROR                                 = 152;
+  PKCS7_R_DECRYPT_ERROR                              = 119;
+  PKCS7_R_DIGEST_FAILURE                             = 101;
+  PKCS7_R_ENCRYPTION_CTRL_FAILURE                    = 149;
+  PKCS7_R_ENCRYPTION_NOT_SUPPORTED_FOR_THIS_KEY_TYPE = 150;
+  PKCS7_R_ERROR_ADDING_RECIPIENT                     = 120;
+  PKCS7_R_ERROR_SETTING_CIPHER                       = 121;
+  PKCS7_R_INVALID_NULL_POINTER                       = 143;
+  PKCS7_R_INVALID_SIGNED_DATA_TYPE                   = 155;
+  PKCS7_R_NO_CONTENT                                 = 122;
+  PKCS7_R_NO_DEFAULT_DIGEST                          = 151;
+  PKCS7_R_NO_MATCHING_DIGEST_TYPE_FOUND              = 154;
+  PKCS7_R_NO_RECIPIENT_MATCHES_CERTIFICATE           = 115;
+  PKCS7_R_NO_SIGNATURES_ON_DATA                      = 123;
+  PKCS7_R_NO_SIGNERS                                 = 142;
+  PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE       = 104;
+  PKCS7_R_PKCS7_ADD_SIGNATURE_ERROR                  = 124;
+  PKCS7_R_PKCS7_ADD_SIGNER_ERROR                     = 153;
+  PKCS7_R_PKCS7_DATASIGN                             = 145;
+  PKCS7_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE     = 127;
+  PKCS7_R_SIGNATURE_FAILURE                          = 105;
+  PKCS7_R_SIGNER_CERTIFICATE_NOT_FOUND               = 128;
+  PKCS7_R_SIGNING_CTRL_FAILURE                       = 147;
+  PKCS7_R_SIGNING_NOT_SUPPORTED_FOR_THIS_KEY_TYPE    = 148;
+  PKCS7_R_SMIME_TEXT_ERROR                           = 129;
+  PKCS7_R_UNABLE_TO_FIND_CERTIFICATE                 = 106;
+  PKCS7_R_UNABLE_TO_FIND_MEM_BIO                     = 107;
+  PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST              = 108;
+  PKCS7_R_UNKNOWN_DIGEST_TYPE                        = 109;
+  PKCS7_R_UNKNOWN_OPERATION                          = 110;
+  PKCS7_R_UNSUPPORTED_CIPHER_TYPE                    = 111;
+  PKCS7_R_UNSUPPORTED_CONTENT_TYPE                   = 112;
+  PKCS7_R_WRONG_CONTENT_TYPE                         = 113;
+  PKCS7_R_WRONG_PKCS7_TYPE                           = 114;
+
+var
+  function ERR_load_PKCS7_strings: TIdC_INT;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_rand.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_rand.pas
new file mode 100644
index 000000000..f135a4c3b
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_rand.pas
@@ -0,0 +1,85 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+unit IdOpenSSLHeaders_rand;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// rand.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts,
+  IdOpenSSLHeaders_ossl_typ;
+
+type
+  rand_meth_st_seed = function (const buf: Pointer; num: TIdC_INT): TIdC_INT; cdecl;
+  rand_meth_st_bytes = function (buf: PByte; num: TIdC_INT): TIdC_INT; cdecl;
+  rand_meth_st_cleanup = procedure; cdecl;
+  rand_meth_st_add = function (const buf: Pointer; num: TIdC_INT; randomness: TIdC_DOUBLE): TIdC_INT; cdecl;
+  rand_meth_st_pseudorand = function (buf: PByte; num: TIdC_INT): TIdC_INT; cdecl;
+  rand_meth_st_status = function: TIdC_INT; cdecl;
+
+  rand_meth_st = class
+    seed: rand_meth_st_seed;
+    bytes: rand_meth_st_bytes;
+    cleanup: rand_meth_st_cleanup;
+    add: rand_meth_st_add;
+    pseudorand: rand_meth_st_pseudorand;
+    status: rand_meth_st_status;
+  end;
+
+var
+  function RAND_set_rand_method(const meth: PRAND_METHOD): TIdC_INT;
+  function RAND_get_rand_method: PRAND_METHOD;
+  function RAND_set_rand_engine(engine: PENGINE): TIdC_INT;
+
+  function RAND_OpenSSL: PRAND_METHOD;
+
+  function RAND_bytes(buf: PByte; num: TIdC_INT): TIdC_INT;
+  function RAND_priv_bytes(buf: PByte; num: TIdC_INT): TIdC_INT;
+
+  procedure RAND_seed(const buf: Pointer; num: TIdC_INT);
+  procedure RAND_keep_random_devices_open(keep: TIdC_INT);
+
+  procedure RAND_add(const buf: Pointer; num: TIdC_INT; randomness: TIdC_DOUBLE);
+  function RAND_load_file(const &file: PIdAnsiChar; max_bytes: TIdC_LONG): TIdC_INT;
+  function RAND_write_file(const &file: PIdAnsiChar): TIdC_INT;
+  function RAND_status: TIdC_INT;
+
+  function RAND_query_egd_bytes(const path: PIdAnsiChar; buf: PByte; bytes: TIdC_INT): TIdC_INT;
+  function RAND_egd(const path: PIdAnsiChar): TIdC_INT;
+  function RAND_egd_bytes(const path: PIdAnsiChar; bytes: TIdC_INT): TIdC_INT;
+
+  function RAND_poll: TIdC_INT;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_randerr.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_randerr.pas
new file mode 100644
index 000000000..2f9d8dee7
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_randerr.pas
@@ -0,0 +1,118 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+unit IdOpenSSLHeaders_randerr;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// randerr.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+const
+  (*
+   * RAND function codes.
+   *)
+  RAND_F_DRBG_BYTES = 101;
+  RAND_F_DRBG_GET_ENTROPY = 105;
+  RAND_F_DRBG_SETUP = 117;
+  RAND_F_GET_ENTROPY = 106;
+  RAND_F_RAND_BYTES = 100;
+  RAND_F_RAND_DRBG_ENABLE_LOCKING = 119;
+  RAND_F_RAND_DRBG_GENERATE = 107;
+  RAND_F_RAND_DRBG_GET_ENTROPY = 120;
+  RAND_F_RAND_DRBG_GET_NONCE = 123;
+  RAND_F_RAND_DRBG_INSTANTIATE = 108;
+  RAND_F_RAND_DRBG_NEW = 109;
+  RAND_F_RAND_DRBG_RESEED = 110;
+  RAND_F_RAND_DRBG_RESTART = 102;
+  RAND_F_RAND_DRBG_SET = 104;
+  RAND_F_RAND_DRBG_SET_DEFAULTS = 121;
+  RAND_F_RAND_DRBG_UNINSTANTIATE = 118;
+  RAND_F_RAND_LOAD_FILE = 111;
+  RAND_F_RAND_POOL_ACQUIRE_ENTROPY = 122;
+  RAND_F_RAND_POOL_ADD = 103;
+  RAND_F_RAND_POOL_ADD_BEGIN = 113;
+  RAND_F_RAND_POOL_ADD_END = 114;
+  RAND_F_RAND_POOL_ATTACH = 124;
+  RAND_F_RAND_POOL_BYTES_NEEDED = 115;
+  RAND_F_RAND_POOL_GROW = 125;
+  RAND_F_RAND_POOL_NEW = 116;
+  RAND_F_RAND_WRITE_FILE = 112;
+
+  (*
+   * RAND reason codes.
+   *)
+  RAND_R_ADDITIONAL_INPUT_TOO_LONG = 102;
+  RAND_R_ALREADY_INSTANTIATED = 103;
+  RAND_R_ARGUMENT_OUT_OF_RANGE = 105;
+  RAND_R_CANNOT_OPEN_FILE = 121;
+  RAND_R_DRBG_ALREADY_INITIALIZED = 129;
+  RAND_R_DRBG_NOT_INITIALISED = 104;
+  RAND_R_ENTROPY_INPUT_TOO_LONG = 106;
+  RAND_R_ENTROPY_OUT_OF_RANGE = 124;
+  RAND_R_ERROR_ENTROPY_POOL_WAS_IGNORED = 127;
+  RAND_R_ERROR_INITIALISING_DRBG = 107;
+  RAND_R_ERROR_INSTANTIATING_DRBG = 108;
+  RAND_R_ERROR_RETRIEVING_ADDITIONAL_INPUT = 109;
+  RAND_R_ERROR_RETRIEVING_ENTROPY = 110;
+  RAND_R_ERROR_RETRIEVING_NONCE = 111;
+  RAND_R_FAILED_TO_CREATE_LOCK = 126;
+  RAND_R_FUNC_NOT_IMPLEMENTED = 101;
+  RAND_R_FWRITE_ERROR = 123;
+  RAND_R_GENERATE_ERROR = 112;
+  RAND_R_INTERNAL_ERROR = 113;
+  RAND_R_IN_ERROR_STATE = 114;
+  RAND_R_NOT_A_REGULAR_FILE = 122;
+  RAND_R_NOT_INSTANTIATED = 115;
+  RAND_R_NO_DRBG_IMPLEMENTATION_SELECTED = 128;
+  RAND_R_PARENT_LOCKING_NOT_ENABLED = 130;
+  RAND_R_PARENT_STRENGTH_TOO_WEAK = 131;
+  RAND_R_PERSONALISATION_STRING_TOO_LONG = 116;
+  RAND_R_PREDICTION_RESISTANCE_NOT_SUPPORTED = 133;
+  RAND_R_PRNG_NOT_SEEDED = 100;
+  RAND_R_RANDOM_POOL_OVERFLOW = 125;
+  RAND_R_RANDOM_POOL_UNDERFLOW = 134;
+  RAND_R_REQUEST_TOO_LARGE_FOR_DRBG = 117;
+  RAND_R_RESEED_ERROR = 118;
+  RAND_R_SELFTEST_FAILURE = 119;
+  RAND_R_TOO_LITTLE_NONCE_REQUESTED = 135;
+  RAND_R_TOO_MUCH_NONCE_REQUESTED = 136;
+  RAND_R_UNSUPPORTED_DRBG_FLAGS = 132;
+  RAND_R_UNSUPPORTED_DRBG_TYPE = 120;
+
+var
+  function ERR_load_RAND_strings: TIdC_INT;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_rsa.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_rsa.pas
new file mode 100644
index 000000000..881ccbb16
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_rsa.pas
@@ -0,0 +1,437 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+unit IdOpenSSLHeaders_rsa;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// rsa.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts,
+  IdOpenSSLHeaders_ossl_typ,
+  IdOpenSSLHeaders_evp;
+
+(* The types RSA and RSA_METHOD are defined in ossl_typ.h *)
+
+const
+  OPENSSL_RSA_MAX_MODULUS_BITS =  16384;
+  OPENSSL_RSA_FIPS_MIN_MODULUS_BITS = 1024;
+  OPENSSL_RSA_SMALL_MODULUS_BITS = 3072;
+  (* exponent limit enforced for "large" modulus only *)
+  OPENSSL_RSA_MAX_PUBEXP_BITS =  64;
+
+  RSA_3 =  TIdC_Long($3);
+  RSA_F4 = TIdC_Long($10001);
+
+  (* based on RFC 8017 appendix A.1.2 *)
+  RSA_ASN1_VERSION_DEFAULT = 0;
+  RSA_ASN1_VERSION_MULTI =   1;
+  RSA_DEFAULT_PRIME_NUM =    2;
+
+  RSA_METHOD_FLAG_NO_CHECK = $0001; (* don't check pub/private match *)
+  RSA_FLAG_CACHE_PUBLIC =    $0002;
+  RSA_FLAG_CACHE_PRIVATE =   $0004;
+  RSA_FLAG_BLINDING =        $0008;
+  RSA_FLAG_THREAD_SAFE =     $0010;
+  (*
+   * This flag means the private key operations will be handled by rsa_mod_exp
+   * and that they do not depend on the private key components being present:
+   * for example a key stored in external hardware. Without this flag
+   * bn_mod_exp gets called when private key components are absent.
+   *)
+  RSA_FLAG_EXT_PKEY =        $0020;
+  (*
+   * new with 0.9.6j and 0.9.7b; the built-in
+   * RSA implementation now uses blinding by
+   * default (ignoring RSA_FLAG_BLINDING),
+   * but other engines might not need it
+   *)
+  RSA_FLAG_NO_BLINDING =     $0080;
+  (*
+   * Does nothing. Previously this switched off constant time behaviour.
+   *)
+  RSA_FLAG_NO_CONSTTIME =    $0000;
+
+  (* Salt length matches digest *)
+  RSA_PSS_SALTLEN_DIGEST = -1;
+  (* Verify only: auto detect salt length *)
+  RSA_PSS_SALTLEN_AUTO = -2;
+  (* Set salt length to maximum possible *)
+  RSA_PSS_SALTLEN_MAX = -3;
+  (* Old compatible max salt length for sign only *)
+  RSA_PSS_SALTLEN_MAX_SIGN = -2;
+
+  EVP_PKEY_CTRL_RSA_PADDING = EVP_PKEY_ALG_CTRL + 1;
+  EVP_PKEY_CTRL_RSA_PSS_SALTLEN = EVP_PKEY_ALG_CTRL + 2;
+
+  EVP_PKEY_CTRL_RSA_KEYGEN_BITS = EVP_PKEY_ALG_CTRL + 3;
+  EVP_PKEY_CTRL_RSA_KEYGEN_PUBEXP = EVP_PKEY_ALG_CTRL + 4;
+  EVP_PKEY_CTRL_RSA_MGF1_MD = EVP_PKEY_ALG_CTRL + 5;
+
+  EVP_PKEY_CTRL_GET_RSA_PADDING =  EVP_PKEY_ALG_CTRL + 6;
+  EVP_PKEY_CTRL_GET_RSA_PSS_SALTLEN = EVP_PKEY_ALG_CTRL + 7;
+  EVP_PKEY_CTRL_GET_RSA_MGF1_MD =  EVP_PKEY_ALG_CTRL + 8;
+
+  EVP_PKEY_CTRL_RSA_OAEP_MD = EVP_PKEY_ALG_CTRL + 9;
+  EVP_PKEY_CTRL_RSA_OAEP_LABEL = EVP_PKEY_ALG_CTRL + 10;
+
+  EVP_PKEY_CTRL_GET_RSA_OAEP_MD = EVP_PKEY_ALG_CTRL + 11;
+  EVP_PKEY_CTRL_GET_RSA_OAEP_LABEL = EVP_PKEY_ALG_CTRL + 12;
+
+  EVP_PKEY_CTRL_RSA_KEYGEN_PRIMES = EVP_PKEY_ALG_CTRL + 13;
+
+  RSA_PKCS1_PADDING =   1;
+  RSA_SSLV23_PADDING =  2;
+  RSA_NO_PADDING =   3;
+  RSA_PKCS1_OAEP_PADDING = 4;
+  RSA_X931_PADDING =   5;
+  RSA_PKCS1_PSS_PADDING =  6; (* EVP_PKEY_ only *)
+  RSA_PKCS1_PADDING_SIZE = 11;
+
+  (*
+   * If this flag is set the RSA method is FIPS compliant and can be used in
+   * FIPS mode. This is set in the validated module method. If an application
+   * sets this flag in its own methods it is its responsibility to ensure the
+   * result is compliant.
+   *)
+  RSA_FLAG_FIPS_METHOD = $0400;
+  (*
+   * If this flag is set the operations normally disabled in FIPS mode are
+   * permitted it is then the applications responsibility to ensure that the
+   * usage is compliant.
+   *)
+  RSA_FLAG_NON_FIPS_ALLOW = $0400;
+  (*
+   * Application has decided PRNG is good enough to generate a key: don't
+   * check.
+   *)
+  RSA_FLAG_CHECKED = $0800;
+
+type
+  rsa_pss_params_st = record
+    hashAlgorithm: PX509_ALGOR;
+    maskGenAlgorithm: PX509_ALGOR;
+    saltLength: PASN1_INTEGER;
+    trailerField: PASN1_INTEGER;
+    (* Decoded hash algorithm from maskGenAlgorithm *)
+    maskHash: PX509_ALGOR;
+  end;
+  RSA_PSS_PARAMS = rsa_pss_params_st;
+  // DECLARE_ASN1_FUNCTIONS(RSA_PSS_PARAMS)
+
+  rsa_oaep_params_st = record
+    hashFunc: PX509_ALGOR;
+    maskGenFunc: PX509_ALGOR;
+    pSourceFunc: PX509_ALGOR;
+    (* Decoded hash algorithm from maskGenFunc *)
+    maskHash: PX509_ALGOR;
+  end;
+  RSA_OAEP_PARAMS = rsa_oaep_params_st;
+  //DECLARE_ASN1_FUNCTIONS(RSA_OAEP_PARAMS)
+
+  //DECLARE_ASN1_ENCODE_FUNCTIONS_const(RSA, RSAPublicKey)
+  //DECLARE_ASN1_ENCODE_FUNCTIONS_const(RSA, RSAPrivateKey)
+
+  RSA_meth_set_priv_dec_priv_dec = function(flen: TIdC_INT; const from: PByte;
+    &to: PByte; rsa: PRSA; padding: TIdC_INT): TIdC_INT; cdecl;
+
+  RSA_meth_set_mod_exp_mod_exp = function(r0: PBIGNUM; const i: PBIGNUM;
+    rsa: PRSA; ctx: PBN_CTX): TIdC_INT; cdecl;
+
+  RSA_meth_set_bn_mod_exp_bn_mod_exp = function(r: PBIGNUM; const a: PBIGNUM;
+    const p: PBIGNUM; const m: PBIGNUM; ctx: PBN_CTx; m_ctx: PBN_MONT_CTx): TIdC_INT; cdecl;
+
+  RSA_meth_set_init_init = function(rsa: PRSA): TIdC_INT; cdecl;
+
+  RSA_meth_set_finish_finish = function(rsa: PRSA): TIdC_INT; cdecl;
+
+  RSA_meth_set_sign_sign = function(&type: TIdC_INT; const m: PByte;
+    m_length: TIdC_UINT; sigret: PByte; siglen: PIdC_UINT; const rsa: PRSA): TIdC_INT; cdecl;
+
+  RSA_meth_set_verify_verify = function(dtype: TIdC_INT; const m: PByte;
+    m_length: TIdC_UINT; const sigbuf: PByte; siglen: TIdC_UINT; const rsa: PRSA): TIdC_INT; cdecl;
+
+  RSA_meth_set_keygen_keygen = function(rsa: PRSA; bits: TIdC_INT; e: PBIGNUM; cb: PBN_GENCb): TIdC_INT; cdecl;
+
+  RSA_meth_set_multi_prime_keygen_keygen = function(rsa: PRSA; bits: TIdC_INT;
+    primes: TIdC_INT; e: PBIGNUM; cb: PBN_GENCb): TIdC_INT; cdecl;
+
+//# define EVP_PKEY_CTX_set_rsa_padding(ctx, pad) \
+//        RSA_pkey_ctx_ctrl(ctx, -1, EVP_PKEY_CTRL_RSA_PADDING, pad, NULL)
+//
+//# define EVP_PKEY_CTX_get_rsa_padding(ctx, ppad) \
+//        RSA_pkey_ctx_ctrl(ctx, -1, EVP_PKEY_CTRL_GET_RSA_PADDING, 0, ppad)
+//
+//# define EVP_PKEY_CTX_set_rsa_pss_saltlen(ctx, len) \
+//        RSA_pkey_ctx_ctrl(ctx, (EVP_PKEY_OP_SIGN|EVP_PKEY_OP_VERIFY), \
+//                          EVP_PKEY_CTRL_RSA_PSS_SALTLEN, len, NULL)
+
+//# define EVP_PKEY_CTX_set_rsa_pss_keygen_saltlen(ctx, len) \
+//        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA_PSS, EVP_PKEY_OP_KEYGEN, \
+//                          EVP_PKEY_CTRL_RSA_PSS_SALTLEN, len, NULL)
+//
+//# define EVP_PKEY_CTX_get_rsa_pss_saltlen(ctx, plen) \
+//        RSA_pkey_ctx_ctrl(ctx, (EVP_PKEY_OP_SIGN|EVP_PKEY_OP_VERIFY), \
+//                          EVP_PKEY_CTRL_GET_RSA_PSS_SALTLEN, 0, plen)
+//
+//# define EVP_PKEY_CTX_set_rsa_keygen_bits(ctx, bits) \
+//        RSA_pkey_ctx_ctrl(ctx, EVP_PKEY_OP_KEYGEN, \
+//                          EVP_PKEY_CTRL_RSA_KEYGEN_BITS, bits, NULL)
+//
+//# define EVP_PKEY_CTX_set_rsa_keygen_pubexp(ctx, pubexp) \
+//        RSA_pkey_ctx_ctrl(ctx, EVP_PKEY_OP_KEYGEN, \
+//                          EVP_PKEY_CTRL_RSA_KEYGEN_PUBEXP, 0, pubexp)
+//
+//# define EVP_PKEY_CTX_set_rsa_keygen_primes(ctx, primes) \
+//        RSA_pkey_ctx_ctrl(ctx, EVP_PKEY_OP_KEYGEN, \
+//                          EVP_PKEY_CTRL_RSA_KEYGEN_PRIMES, primes, NULL)
+//
+//# define  EVP_PKEY_CTX_set_rsa_mgf1_md(ctx, md) \
+//        RSA_pkey_ctx_ctrl(ctx, EVP_PKEY_OP_TYPE_SIG | EVP_PKEY_OP_TYPE_CRYPT, \
+//                          EVP_PKEY_CTRL_RSA_MGF1_MD, 0, (void *)(md))
+//
+//# define  EVP_PKEY_CTX_set_rsa_pss_keygen_mgf1_md(ctx, md) \
+//        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA_PSS, EVP_PKEY_OP_KEYGEN, \
+//                          EVP_PKEY_CTRL_RSA_MGF1_MD, 0, (void *)(md))
+//
+//# define  EVP_PKEY_CTX_set_rsa_oaep_md(ctx, md) \
+//        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_TYPE_CRYPT,  \
+//                          EVP_PKEY_CTRL_RSA_OAEP_MD, 0, (void *)(md))
+//
+//# define  EVP_PKEY_CTX_get_rsa_mgf1_md(ctx, pmd) \
+//        RSA_pkey_ctx_ctrl(ctx, EVP_PKEY_OP_TYPE_SIG | EVP_PKEY_OP_TYPE_CRYPT, \
+//                          EVP_PKEY_CTRL_GET_RSA_MGF1_MD, 0, (void *)(pmd))
+//
+//# define  EVP_PKEY_CTX_get_rsa_oaep_md(ctx, pmd) \
+//        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_TYPE_CRYPT,  \
+//                          EVP_PKEY_CTRL_GET_RSA_OAEP_MD, 0, (void *)(pmd))
+//
+//# define  EVP_PKEY_CTX_set0_rsa_oaep_label(ctx, l, llen) \
+//        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_TYPE_CRYPT,  \
+//                          EVP_PKEY_CTRL_RSA_OAEP_LABEL, llen, (void *)(l))
+//
+//# define  EVP_PKEY_CTX_get0_rsa_oaep_label(ctx, l) \
+//        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_TYPE_CRYPT,  \
+//                          EVP_PKEY_CTRL_GET_RSA_OAEP_LABEL, 0, (void *)(l))
+//
+//# define  EVP_PKEY_CTX_set_rsa_pss_keygen_md(ctx, md) \
+//        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA_PSS,  \
+//                          EVP_PKEY_OP_KEYGEN, EVP_PKEY_CTRL_MD,  \
+//                          0, (void *)(md))
+
+//# define RSA_set_app_data(s,arg)         RSA_set_ex_data(s,0,arg)
+//# define RSA_get_app_data(s)             RSA_get_ex_data(s,0)
+
+var
+  function RSA_new: PRSA;
+  function RSA_new_method(engine: PENGINE): PRSA;
+  function RSA_bits(const rsa: PRSA): TIdC_INT;
+  function RSA_size(const rsa: PRSA): TIdC_INT;
+  function RSA_security_bits(const rsa: PRSA): TIdC_INT;
+
+  function RSA_set0_key(r: PRSA; n: PBIGNUM; e: PBIGNUM; d: PBIGNUM): TIdC_INT;
+  function RSA_set0_factors(r: PRSA; p: PBIGNUM; q: PBIGNUM): TIdC_INT;
+  function RSA_set0_crt_params(r: PRSA; dmp1: PBIGNUM; dmq1: PBIGNUM; iqmp: PBIGNUM): TIdC_INT;
+  //function RSA_set0_multi_prime_params(r: PRSA; primes: array of PBIGNUM; exps: array of PBIGNUM; coeffs: array of PBIGNUM; pnum: TIdC_INT): TIdC_INT;
+
+  procedure RSA_get0_key(const r: PRSA; const n: PPBIGNUM; const e: PPBIGNUM; const d: PPBIGNUM);
+  procedure RSA_get0_factors(const r: PRSA; const p: PPBIGNUM; const q: PPBIGNUM);
+  function RSA_get_multi_prime_extra_count(const r: PRSA): TIdC_INT;
+  //function RSA_get0_multi_prime_factors(const r: PRSA; const primes: array of PBIGNUM): TIdC_INT;
+  procedure RSA_get0_crt_params(const r: PRSA; const dmp1: PPBIGNUM; const dmq1: PPBIGNUM; const iqmp: PPBIGNUM);
+
+  //function RSA_get0_multi_prime_crt_params(const r: PRSA; const exps: array of PBIGNUM; const coeffs: array of PBIGNUM): TIdC_INT;
+
+  function RSA_get0_n(const d: PRSA): PBIGNUM;
+  function RSA_get0_e(const d: PRSA): PBIGNUM;
+  function RSA_get0_d(const d: PRSA): PBIGNUM;
+  function RSA_get0_p(const d: PRSA): PBIGNUM;
+  function RSA_get0_q(const d: PRSA): PBIGNUM;
+  function RSA_get0_dmp1(const r: PRSA): PBIGNUM;
+  function RSA_get0_dmq1(const r: PRSA): PBIGNUM;
+  function RSA_get0_iqmp(const r: PRSA): PBIGNUM;
+
+  procedure RSA_clear_flags(r: PRSA; flags: TIdC_INT);
+  function RSA_test_flags(const r: PRSA; flags: TIdC_INT): TIdC_INT;
+  procedure RSA_set_flags(r: PRSA; flags: TIdC_INT);
+  function RSA_get_version(r: PRSA): TIdC_INT;
+  function RSA_get0_engine(const r: PRSA): PENGINE;
+
+  (* New version *)
+  function RSA_generate_key_ex(rsa: PRSA; bits: TIdC_INT; e: PBIGNUM; cb: PBN_GENCB): TIdC_INT;
+  (* Multi-prime version *)
+  function RSA_generate_multi_prime_key(rsa: PRSA; bits: TIdC_INT; primes: TIdC_INT; e: PBIGNUM; cb: PBN_GENCB): TIdC_INT;
+  function RSA_X931_derive_ex(rsa: PRSA; p1: PBIGNUM; p2: PBIGNUM; q1: PBIGNUM; q2: PBIGNUM; const Xp1: PBIGNUM; const Xp2: PBIGNUM; const Xp: PBIGNUM; const Xq1: PBIGNUM; const Xq2: PBIGNUM; const Xq: PBIGNUM; const e: PBIGNUM; cb: PBN_GENCB): TIdC_INT;
+  function RSA_X931_generate_key_ex(rsa: PRSA; bits: TIdC_INT; const e: PBIGNUM; cb: PBN_GENCB): TIdC_INT;
+
+  function RSA_check_key(const v1: PRSA): TIdC_INT;
+  function RSA_check_key_ex(const v1: PRSA; cb: BN_GENCB): TIdC_INT;
+  (* next 4 return -1 on error *)
+  function RSA_public_encrypt(flen: TIdC_INT; const from: PByte; &to: PByte; rsa: PRSA; padding: TIdC_INT): TIdC_INT;
+  function RSA_private_encrypt(flen: TIdC_INT; const from: PByte; &to: PByte; rsa: PRSA; padding: TIdC_INT): TIdC_INT;
+  function RSA_public_decrypt(flen: TIdC_INT; const from: PByte; &to: PByte; rsa: PRSA; padding: TIdC_INT): TIdC_INT;
+  function RSA_private_decrypt(flen: TIdC_INT; const from: PByte; &to: PByte; rsa: PRSA; padding: TIdC_INT): TIdC_INT;
+
+  procedure RSA_free(r: PRSA);
+  (* "up" the RSA object's reference count *)
+  function RSA_up_ref(r: PRSA): TIdC_INT;
+
+  function RSA_flags(const r: PRSA): TIdC_INT;
+
+  procedure RSA_set_default_method(const meth: PRSA_METHOD);
+  function RSA_get_default_method: PRSA_METHOD;
+  function RSA_null_method: PRSA_METHOD;
+  function RSA_get_method(const rsa: PRSA): PRSA_METHOD;
+  function RSA_set_method(rsa: PRSA; const meth: PRSA_METHOD): TIdC_INT;
+
+  (* these are the actual RSA functions *)
+  function RSA_PKCS1_OpenSSL: PRSA_METHOD;
+
+  function RSA_pkey_ctx_ctrl(ctx: PEVP_PKEY_CTX; optype: TIdC_INT; cmd: TIdC_INT; p1: TIdC_INT; p2: Pointer): TIdC_INT;
+
+  function RSA_print(bp: PBIO; const r: PRSA; offset: TIdC_INT): TIdC_INT;
+
+  (*
+   * The following 2 functions sign and verify a X509_SIG ASN1 object inside
+   * PKCS#1 padded RSA encryption
+   *)
+  function RSA_sign(&type: TIdC_INT; const m: PByte; m_length: TIdC_UINT; sigret: PByte; siglen: PIdC_UINT; rsa: PRSA): TIdC_INT;
+  function RSA_verify(&type: TIdC_INT; const m: PByte; m_length: TIdC_UINT; const sigbuf: PByte; siglen: TIdC_UINT; rsa: PRSA): TIdC_INT;
+
+  (*
+   * The following 2 function sign and verify a ASN1_OCTET_STRING object inside
+   * PKCS#1 padded RSA encryption
+   *)
+  function RSA_sign_ASN1_OCTET_STRING(&type: TIdC_INT; const m: PByte; m_length: TIdC_UINT; sigret: PByte; siglen: PIdC_UINT; rsa: PRSA): TIdC_INT;
+  function RSA_verify_ASN1_OCTET_STRING(&type: TIdC_INT; const m: PByte; m_length: TIdC_UINT; sigbuf: PByte; siglen: TIdC_UINT; rsa: PRSA): TIdC_INT;
+
+  function RSA_blinding_on(rsa: PRSA; ctx: PBN_CTX): TIdC_INT;
+  procedure RSA_blinding_off(rsa: PRSA);
+  function RSA_setup_blinding(rsa: PRSA; ctx: PBN_CTX): PBN_BLINDING;
+  function RSA_padding_add_PKCS1_type_1(&to: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT): TIdC_INT;
+  function RSA_padding_check_PKCS1_type_1(&to: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT; rsa_len: TIdC_INT): TIdC_INT;
+  function RSA_padding_add_PKCS1_type_2(&to: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT): TIdC_INT;
+  function RSA_padding_check_PKCS1_type_2(&to: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT; rsa_len: TIdC_INT): TIdC_INT;
+  function PKCS1_MGF1(mask: PByte; len: TIdC_LONG; const seed: PByte; seedlen: TIdC_LONG; const dgst: PEVP_MD): TIdC_INT;
+  function RSA_padding_add_PKCS1_OAEP(&to: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT; const p: PByte; pl: TIdC_INT): TIdC_INT;
+  function RSA_padding_check_PKCS1_OAEP(&to: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT; rsa_len: TIdC_INT; const p: PByte; pl: TIdC_INT): TIdC_INT;
+  function RSA_padding_add_PKCS1_OAEP_mgf1(&to: PByte; tlen: TIdC_INT; const from: PByte; flen: TIdC_INT; const param: PByte; plen: TIdC_INT; const md: PEVP_MD; const mgf1md: PEVP_MD): TIdC_INT;
+  function RSA_padding_check_PKCS1_OAEP_mgf1(&to: PByte; tlen: TIdC_INT; const from: PByte; flen: TIdC_INT; num: TIdC_INT; const param: PByte; plen: TIdC_INT; const md: PEVP_MD; const mgf1md: PEVP_MD): TIdC_INT;
+  function RSA_padding_add_SSLv23(&to: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT): TIdC_INT;
+  function RSA_padding_check_SSLv23(&to: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT; rsa_len: TIdC_INT): TIdC_INT;
+  function RSA_padding_add_none(&to: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT): TIdC_INT;
+  function RSA_padding_check_none(&to: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT; rsa_len: TIdC_INT): TIdC_INT;
+  function RSA_padding_add_X931(&to: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT): TIdC_INT;
+  function RSA_padding_check_X931(&to: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT; rsa_len: TIdC_INT): TIdC_INT;
+  function RSA_X931_hash_id(nid: TIdC_INT): TIdC_INT;
+
+  function RSA_verify_PKCS1_PSS(rsa: PRSA; const mHash: PByte; const Hash: PEVP_MD; const EM: PByte; sLen: TIdC_INT): TIdC_INT;
+  function RSA_padding_add_PKCS1_PSS(rsa: PRSA; EM: PByte; const mHash: PByte; const Hash: PEVP_MD; sLen: TIdC_INT): TIdC_INT;
+  function RSA_verify_PKCS1_PSS_mgf1(rsa: PRSA; const mHash: PByte; const Hash: PEVP_MD; const mgf1Hash: PEVP_MD; const EM: PByte; sLen: TIdC_INT): TIdC_INT;
+  function RSA_padding_add_PKCS1_PSS_mgf1(rsa: PRSA; EM: PByte; const mHash: PByte; const Hash: PEVP_MD; const mgf1Hash: PEVP_MD; sLen: TIdC_INT): TIdC_INT;
+
+  //#define RSA_get_ex_new_index(l, p, newf, dupf, freef) \
+  //    CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_RSA, l, p, newf, dupf, freef)
+
+  function RSA_set_ex_data(r: PRSA; idx: TIdC_INT; arg: Pointer): TIdC_INT;
+  function RSA_get_ex_data(const r: PRSA; idx: TIdC_INT): Pointer;
+  function RSAPublicKey_dup(rsa: PRSA): PRSA;
+  function RSAPrivateKey_dup(rsa: PRSA): PRSA;
+
+  function RSA_meth_new(const name: PIdAnsiChar; flags: TIdC_INT): PRSA_METHOD;
+  procedure RSA_meth_free(meth: PRSA_METHOD);
+  function RSA_meth_dup(const meth: PRSA_METHOD): PRSA_METHOD;
+  function RSA_meth_get0_name(const meth: PRSA_METHOD): PIdAnsiChar;
+  function RSA_meth_set1_name(meth: PRSA_METHOD; const name: PIdAnsiChar): TIdC_INT;
+  function RSA_meth_get_flags(const meth: PRSA_METHOD): TIdC_INT;
+  function RSA_meth_set_flags(meth: PRSA_METHOD; flags: TIdC_INT): TIdC_INT;
+  function RSA_meth_get0_app_data(const meth: PRSA_METHOD): Pointer;
+  function RSA_meth_set0_app_data(meth: PRSA_METHOD; app_data: Pointer): TIdC_INT;
+
+  //int (*RSA_meth_get_pub_enc(const RSA_METHOD *meth))
+  //    (int flen, const unsigned char *from,
+  //     unsigned char *&to, RSA *rsa, int padding);
+  //int RSA_meth_set_pub_enc(RSA_METHOD *rsa,
+  //                         int (*pub_enc) (int flen, const unsigned char *from,
+  //                                         unsigned char *&to, RSA *rsa,
+  //                                         int padding));
+  //int (*RSA_meth_get_pub_dec(const RSA_METHOD *meth))
+  //    (int flen, const unsigned char *from,
+  //     unsigned char *&to, RSA *rsa, int padding);
+  //int RSA_meth_set_pub_dec(RSA_METHOD *rsa,
+  //                         int (*pub_dec) (int flen, const unsigned char *from,
+  //                                         unsigned char *&to, RSA *rsa,
+  //                                         int padding));
+  //int (*RSA_meth_get_priv_enc(const RSA_METHOD *meth))
+  //    (int flen, const unsigned char *from,
+  //     unsigned char *&to, RSA *rsa, int padding);
+  //int RSA_meth_set_priv_enc(RSA_METHOD *rsa,
+  //                          int (*priv_enc) (int flen, const unsigned char *from,
+  //                                           unsigned char *&to, RSA *rsa,
+  //                                           int padding));
+  //int (*RSA_meth_get_priv_dec(const RSA_METHOD *meth))
+  //    (int flen, const unsigned char *from,
+  //     unsigned char *&to, RSA *rsa, int padding);
+  function RSA_meth_set_priv_dec(rsa: PRSA_METHOD; priv_dec: RSA_meth_set_priv_dec_priv_dec): TIdC_INT;
+
+  //int (*RSA_meth_get_mod_exp(const RSA_METHOD *meth))
+  //    (BIGNUM *r0, const BIGNUM *i, RSA *rsa, BN_CTX *ctx);
+  function RSA_meth_set_mod_exp(rsa: PRSA_METHOD; mod_exp: RSA_meth_set_mod_exp_mod_exp): TIdC_INT;
+  //int (*RSA_meth_get_bn_mod_exp(const RSA_METHOD *meth))
+  //    (BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+  //     const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+  function RSA_meth_set_bn_mod_exp(rsa: PRSA_METHOD; bn_mod_exp: RSA_meth_set_bn_mod_exp_bn_mod_exp): TIdC_INT;
+  //int (*RSA_meth_get_init(const RSA_METHOD *meth)) (RSA *rsa);
+  function RSA_meth_set_init(rsa: PRSA_METHOD; init: RSA_meth_set_init_init): TIdC_INT;
+  //int (*RSA_meth_get_finish(const RSA_METHOD *meth)) (RSA *rsa);
+  function RSA_meth_set_finish(rsa: PRSA_METHOD; finish: RSA_meth_set_finish_finish): TIdC_INT;
+  //int (*RSA_meth_get_sign(const RSA_METHOD *meth))
+  //    (int &type,
+  //     const unsigned char *m, unsigned int m_length,
+  //     unsigned char *sigret, unsigned int *siglen,
+  //     const RSA *rsa);
+  function RSA_meth_set_sign(rsa: PRSA_METHOD; sign: RSA_meth_set_sign_sign): TIdC_INT;
+  //int (*RSA_meth_get_verify(const RSA_METHOD *meth))
+  //    (int dtype, const unsigned char *m,
+  //     unsigned int m_length, const unsigned char *sigbuf,
+  //     unsigned int siglen, const RSA *rsa);
+  function RSA_meth_set_verify(rsa: PRSA_METHOD; verify: RSA_meth_set_verify_verify): TIdC_INT;
+  //int (*RSA_meth_get_keygen(const RSA_METHOD *meth))
+  //    (RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb);
+  function RSA_meth_set_keygen(rsa: PRSA_METHOD; keygen: RSA_meth_set_keygen_keygen): TIdC_INT;
+  //int (*RSA_meth_get_multi_prime_keygen(const RSA_METHOD *meth))
+  //    (RSA *rsa, int bits, int primes, BIGNUM *e, BN_GENCB *cb);
+  function RSA_meth_set_multi_prime_keygen(meth: PRSA_METHOD; keygen: RSA_meth_set_multi_prime_keygen_keygen): TIdC_INT;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_rsaerr.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_rsaerr.pas
new file mode 100644
index 000000000..9038aa14b
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_rsaerr.pas
@@ -0,0 +1,191 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+unit IdOpenSSLHeaders_rsaerr;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// rsaerr.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+const
+  (*
+   * RSA function codes.
+   *)
+  RSA_F_CHECK_PADDING_MD = 140;
+  RSA_F_ENCODE_PKCS1 = 146;
+  RSA_F_INT_RSA_VERIFY = 145;
+  RSA_F_OLD_RSA_PRIV_DECODE = 147;
+  RSA_F_PKEY_PSS_INIT = 165;
+  RSA_F_PKEY_RSA_CTRL = 143;
+  RSA_F_PKEY_RSA_CTRL_STR = 144;
+  RSA_F_PKEY_RSA_SIGN = 142;
+  RSA_F_PKEY_RSA_VERIFY = 149;
+  RSA_F_PKEY_RSA_VERIFYRECOVER = 141;
+  RSA_F_RSA_ALGOR_TO_MD = 156;
+  RSA_F_RSA_BUILTIN_KEYGEN = 129;
+  RSA_F_RSA_CHECK_KEY = 123;
+  RSA_F_RSA_CHECK_KEY_EX = 160;
+  RSA_F_RSA_CMS_DECRYPT = 159;
+  RSA_F_RSA_CMS_VERIFY = 158;
+  RSA_F_RSA_ITEM_VERIFY = 148;
+  RSA_F_RSA_METH_DUP = 161;
+  RSA_F_RSA_METH_NEW = 162;
+  RSA_F_RSA_METH_SET1_NAME = 163;
+  RSA_F_RSA_MGF1_TO_MD = 157;
+  RSA_F_RSA_MULTIP_INFO_NEW = 166;
+  RSA_F_RSA_NEW_METHOD = 106;
+  RSA_F_RSA_NULL = 124;
+  RSA_F_RSA_NULL_PRIVATE_DECRYPT = 132;
+  RSA_F_RSA_NULL_PRIVATE_ENCRYPT = 133;
+  RSA_F_RSA_NULL_PUBLIC_DECRYPT = 134;
+  RSA_F_RSA_NULL_PUBLIC_ENCRYPT = 135;
+  RSA_F_RSA_OSSL_PRIVATE_DECRYPT = 101;
+  RSA_F_RSA_OSSL_PRIVATE_ENCRYPT = 102;
+  RSA_F_RSA_OSSL_PUBLIC_DECRYPT = 103;
+  RSA_F_RSA_OSSL_PUBLIC_ENCRYPT = 104;
+  RSA_F_RSA_PADDING_ADD_NONE = 107;
+  RSA_F_RSA_PADDING_ADD_PKCS1_OAEP = 121;
+  RSA_F_RSA_PADDING_ADD_PKCS1_OAEP_MGF1 = 154;
+  RSA_F_RSA_PADDING_ADD_PKCS1_PSS = 125;
+  RSA_F_RSA_PADDING_ADD_PKCS1_PSS_MGF1 = 152;
+  RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1 = 108;
+  RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2 = 109;
+  RSA_F_RSA_PADDING_ADD_SSLV23 = 110;
+  RSA_F_RSA_PADDING_ADD_X931 = 127;
+  RSA_F_RSA_PADDING_CHECK_NONE = 111;
+  RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP = 122;
+  RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP_MGF1 = 153;
+  RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1 = 112;
+  RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2 = 113;
+  RSA_F_RSA_PADDING_CHECK_SSLV23 = 114;
+  RSA_F_RSA_PADDING_CHECK_X931 = 128;
+  RSA_F_RSA_PARAM_DECODE = 164;
+  RSA_F_RSA_PRINT = 115;
+  RSA_F_RSA_PRINT_FP = 116;
+  RSA_F_RSA_PRIV_DECODE = 150;
+  RSA_F_RSA_PRIV_ENCODE = 138;
+  RSA_F_RSA_PSS_GET_PARAM = 151;
+  RSA_F_RSA_PSS_TO_CTX = 155;
+  RSA_F_RSA_PUB_DECODE = 139;
+  RSA_F_RSA_SETUP_BLINDING = 136;
+  RSA_F_RSA_SIGN = 117;
+  RSA_F_RSA_SIGN_ASN1_OCTET_STRING = 118;
+  RSA_F_RSA_VERIFY = 119;
+  RSA_F_RSA_VERIFY_ASN1_OCTET_STRING = 120;
+  RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1 = 126;
+  RSA_F_SETUP_TBUF = 167;
+
+  (*
+   * RSA reason codes.
+   *)
+  RSA_R_ALGORITHM_MISMATCH = 100;
+  RSA_R_BAD_E_VALUE = 101;
+  RSA_R_BAD_FIXED_HEADER_DECRYPT = 102;
+  RSA_R_BAD_PAD_BYTE_COUNT = 103;
+  RSA_R_BAD_SIGNATURE = 104;
+  RSA_R_BLOCK_TYPE_IS_NOT_01 = 106;
+  RSA_R_BLOCK_TYPE_IS_NOT_02 = 107;
+  RSA_R_DATA_GREATER_THAN_MOD_LEN = 108;
+  RSA_R_DATA_TOO_LARGE = 109;
+  RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE = 110;
+  RSA_R_DATA_TOO_LARGE_FOR_MODULUS = 132;
+  RSA_R_DATA_TOO_SMALL = 111;
+  RSA_R_DATA_TOO_SMALL_FOR_KEY_SIZE = 122;
+  RSA_R_DIGEST_DOES_NOT_MATCH = 158;
+  RSA_R_DIGEST_NOT_ALLOWED = 145;
+  RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY = 112;
+  RSA_R_DMP1_NOT_CONGRUENT_TO_D = 124;
+  RSA_R_DMQ1_NOT_CONGRUENT_TO_D = 125;
+  RSA_R_D_E_NOT_CONGRUENT_TO_1 = 123;
+  RSA_R_FIRST_OCTET_INVALID = 133;
+  RSA_R_ILLEGAL_OR_UNSUPPORTED_PADDING_MODE = 144;
+  RSA_R_INVALID_DIGEST = 157;
+  RSA_R_INVALID_DIGEST_LENGTH = 143;
+  RSA_R_INVALID_HEADER = 137;
+  RSA_R_INVALID_LABEL = 160;
+  RSA_R_INVALID_MESSAGE_LENGTH = 131;
+  RSA_R_INVALID_MGF1_MD = 156;
+  RSA_R_INVALID_MULTI_PRIME_KEY = 167;
+  RSA_R_INVALID_OAEP_PARAMETERS = 161;
+  RSA_R_INVALID_PADDING = 138;
+  RSA_R_INVALID_PADDING_MODE = 141;
+  RSA_R_INVALID_PSS_PARAMETERS = 149;
+  RSA_R_INVALID_PSS_SALTLEN = 146;
+  RSA_R_INVALID_SALT_LENGTH = 150;
+  RSA_R_INVALID_TRAILER = 139;
+  RSA_R_INVALID_X931_DIGEST = 142;
+  RSA_R_IQMP_NOT_INVERSE_OF_Q = 126;
+  RSA_R_KEY_PRIME_NUM_INVALID = 165;
+  RSA_R_KEY_SIZE_TOO_SMALL = 120;
+  RSA_R_LAST_OCTET_INVALID = 134;
+  RSA_R_MISSING_PRIVATE_KEY = 179;
+  RSA_R_MGF1_DIGEST_NOT_ALLOWED = 152;
+  RSA_R_MODULUS_TOO_LARGE = 105;
+  RSA_R_MP_COEFFICIENT_NOT_INVERSE_OF_R = 168;
+  RSA_R_MP_EXPONENT_NOT_CONGRUENT_TO_D = 169;
+  RSA_R_MP_R_NOT_PRIME = 170;
+  RSA_R_NO_PUBLIC_EXPONENT = 140;
+  RSA_R_NULL_BEFORE_BLOCK_MISSING = 113;
+  RSA_R_N_DOES_NOT_EQUAL_PRODUCT_OF_PRIMES = 172;
+  RSA_R_N_DOES_NOT_EQUAL_P_Q = 127;
+  RSA_R_OAEP_DECODING_ERROR = 121;
+  RSA_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE = 148;
+  RSA_R_PADDING_CHECK_FAILED = 114;
+  RSA_R_PKCS_DECODING_ERROR = 159;
+  RSA_R_PSS_SALTLEN_TOO_SMALL = 164;
+  RSA_R_P_NOT_PRIME = 128;
+  RSA_R_Q_NOT_PRIME = 129;
+  RSA_R_RSA_OPERATIONS_NOT_SUPPORTED = 130;
+  RSA_R_SLEN_CHECK_FAILED = 136;
+  RSA_R_SLEN_RECOVERY_FAILED = 135;
+  RSA_R_SSLV3_ROLLBACK_ATTACK = 115;
+  RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD = 116;
+  RSA_R_UNKNOWN_ALGORITHM_TYPE = 117;
+  RSA_R_UNKNOWN_DIGEST = 166;
+  RSA_R_UNKNOWN_MASK_DIGEST = 151;
+  RSA_R_UNKNOWN_PADDING_TYPE = 118;
+  RSA_R_UNSUPPORTED_ENCRYPTION_TYPE = 162;
+  RSA_R_UNSUPPORTED_LABEL_SOURCE = 163;
+  RSA_R_UNSUPPORTED_MASK_ALGORITHM = 153;
+  RSA_R_UNSUPPORTED_MASK_PARAMETER = 154;
+  RSA_R_UNSUPPORTED_SIGNATURE_TYPE = 155;
+  RSA_R_VALUE_MISSING = 147;
+  RSA_R_WRONG_SIGNATURE_LENGTH = 119;
+
+var
+  function ERR_load_RSA_strings: TIdC_INT;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_sha.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_sha.pas
new file mode 100644
index 000000000..b53b03d2c
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_sha.pas
@@ -0,0 +1,126 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+unit IdOpenSSLHeaders_sha;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// sha.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+const
+  SHA_LBLOCK = 16;
+  SHA_CBLOCK = SHA_LBLOCK * 4;
+
+  SHA_LAST_BLOCK = SHA_CBLOCK - 8;
+  SHA_DIGEST_LENGTH = 20;
+
+  SHA256_CBLOCK = SHA_LBLOCK * 4;
+
+  SHA224_DIGEST_LENGTH = 28;
+  SHA256_DIGEST_LENGTH = 32;
+  SHA384_DIGEST_LENGTH = 48;
+  SHA512_DIGEST_LENGTH = 64;
+
+  SHA512_CBLOCK = SHA_LBLOCK * 8;
+
+type
+  SHA_LONG = TIdC_UINT;
+
+  SHAstate_sf = record
+    h0, h1, h2, h3, h4: SHA_LONG;
+    Nl, Nh: SHA_LONG;
+    data: array[0 .. SHA_LAST_BLOCK - 1] of SHA_LONG;
+    num: TIdC_UINT;
+  end;
+  SHA_CTX = SHAstate_sf;
+  PSHA_CTX = ^SHA_CTX;
+
+  SHAstate256_sf = record
+    h: array[0..7] of SHA_LONG;
+    Nl, Nh: SHA_LONG;
+    data: array[0 .. SHA_LAST_BLOCK - 1] of SHA_LONG;
+    num, md_len: TIdC_UINT;
+  end;
+  SHA256_CTX = SHAstate256_sf;
+  PSHA256_CTX = ^SHA256_CTX;
+
+  SHA_LONG64 = TIdC_UINT64;
+
+  SHA512state_st_u = record
+    case Integer of
+    0: (d: array[0 .. SHA_LBLOCK - 1] of SHA_LONG64);
+    1: (p: array[0 .. SHA512_CBLOCK - 1] of Byte);
+  end;
+
+  SHA512state_st = record
+    h: array[0..7] of SHA_LONG64;
+    Nl, Nh: SHA_LONG64;
+    u: SHA512state_st_u;
+    num, md_len: TIdC_UINT;
+  end;
+  SHA512_CTX = SHA512state_st;
+  PSHA512_CTX = ^SHA512_CTX;
+
+var
+  function SHA1_Init(c: PSHA_CTX): TIdC_INT;
+  function SHA1_Update(c: PSHA_CTX; const data: Pointer; len: TIdC_SIZET): TIdC_INT;
+  function SHA1_Final(md: PByte; c: PSHA_CTX): TIdC_INT;
+  function SHA1(const d: PByte; n: TIdC_SIZET; md: PByte): PByte;
+  procedure SHA1_Transform(c: PSHA_CTX; const data: PByte);
+
+  function SHA224_Init(c: PSHA256_CTX): TIdC_INT;
+  function SHA224_Update(c: PSHA256_CTX; const data: Pointer; len: TIdC_SIZET): TIdC_INT;
+  function SHA224_Final(md: PByte; c: PSHA256_CTX): TIdC_INT;
+  function SHA224(const d: PByte; n: TIdC_SIZET; md: PByte): PByte;
+
+  function SHA256_Init(c: PSHA256_CTX): TIdC_INT;
+  function SHA256_Update(c: PSHA256_CTX; const data: Pointer; len: TIdC_SIZET): TIdC_INT;
+  function SHA256_Final(md: PByte; c: PSHA256_CTX): TIdC_INT;
+  function SHA256(const d: PByte; n: TIdC_SIZET; md: PByte): PByte;
+  procedure SHA256_Transform(c: PSHA256_CTX; const data: PByte);
+
+  function SHA384_Init(c: PSHA512_CTX): TIdC_INT;
+  function SHA384_Update(c: PSHA512_CTX; const data: Pointer; len: TIdC_SIZET): TIdC_INT;
+  function SHA384_Final(md: PByte; c: PSHA512_CTX): TIdC_INT;
+  function SHA384(const d: PByte; n: TIdC_SIZET; md: PByte): PByte;
+
+  function SHA512_Init(c: PSHA512_CTX): TIdC_INT;
+  function SHA512_Update(c: PSHA512_CTX; const data: Pointer; len: TIdC_SIZET): TIdC_INT;
+  function SHA512_Final(md: PByte; c: PSHA512_CTX): TIdC_INT;
+  function SHA512(const d: PByte; n: TIdC_SIZET; md: PByte): PByte;
+  procedure SHA512_Transform(c: PSHA512_CTX; const data: PByte);
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_srtp.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_srtp.pas
new file mode 100644
index 000000000..f061edbb8
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_srtp.pas
@@ -0,0 +1,64 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+unit IdOpenSSLHeaders_srtp;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// srtp.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts,
+  IdOpenSSLHeaders_ossl_typ,
+  IdOpenSSLHeaders_ssl;
+
+const
+  SRTP_AES128_CM_SHA1_80 = $0001;
+  SRTP_AES128_CM_SHA1_32 = $0002;
+  SRTP_AES128_F8_SHA1_80 = $0003;
+  SRTP_AES128_F8_SHA1_32 = $0004;
+  SRTP_NULL_SHA1_80      = $0005;
+  SRTP_NULL_SHA1_32      = $0006;
+
+  (* AEAD SRTP protection profiles from RFC 7714 *)
+  SRTP_AEAD_AES_128_GCM = $0007;
+  SRTP_AEAD_AES_256_GCM = $0008;
+
+var
+  function SSL_CTX_set_tlsext_use_srtp(ctx: PSSL_CTX; const profiles: PIdAnsiChar): TIdC_INT;
+  function SSL_set_tlsext_use_srtp(ctx: PSSL_CTX; const profiles: PIdAnsiChar): TIdC_INT;
+
+  //function SSL_get_srtp_profiles(s: PSSL): PSTACK_OF_SRTP_PROTECTION_PROFILE;
+  function SSL_get_selected_srtp_profile(s: PSSL): PSRTP_PROTECTION_PROFILE;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ssl.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ssl.pas
new file mode 100644
index 000000000..496d52029
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ssl.pas
@@ -0,0 +1,2550 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+unit IdOpenSSLHeaders_ssl;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// ssl.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts,
+  IdOpenSSLHeaders_ossl_typ,
+  IdOpenSSLHeaders_async,
+  IdOpenSSLHeaders_bio,
+  IdOpenSSLHeaders_crypto,
+  IdOpenSSLHeaders_pem,
+  IdOpenSSLHeaders_tls1,
+  IdOpenSSLHeaders_ssl3,
+  IdOpenSSLHeaders_X509;
+
+{$MINENUMSIZE 4}
+
+const
+  (* OpenSSL version number for ASN.1 encoding of the session information *)
+  (*-
+   * Version 0 - initial version
+   * Version 1 - added the optional peer certificate
+   *)
+  SSL_SESSION_ASN1_VERSION = $0001;
+  
+  SSL_MAX_SSL_SESSION_ID_LENGTH = 32;
+  SSL_MAX_SID_CTX_LENGTH = 32;
+
+  SSL_MIN_RSA_MODULUS_LENGTH_IN_BYTES = 512/8;
+  SSL_MAX_KEY_ARG_LENGTH = 8;
+  SSL_MAX_MASTER_KEY_LENGTH = 48;
+
+  (* The maximum number of encrypt/decrypt pipelines we can support *)
+  SSL_MAX_PIPELINES = 32;
+
+  (* text strings for the ciphers *)
+
+  (* These are used to specify which ciphers to use and not to use *)
+
+  SSL_TXT_LOW = 'LOW';
+  SSL_TXT_MEDIUM = 'MEDIUM';
+  SSL_TXT_HIGH = 'HIGH';
+  SSL_TXT_FIPS = 'FIPS';
+
+  SSL_TXT_aNULL = 'aNULL';
+  SSL_TXT_eNULL = 'eNULL';
+  SSL_TXT_NULL = 'NULL';
+
+  SSL_TXT_kRSA = 'kRSA';
+  SSL_TXT_kDHr = 'kDHr';
+  SSL_TXT_kDHd = 'kDHd';
+  SSL_TXT_kDH = 'kDH';
+  SSL_TXT_kEDH = 'kEDH';
+  SSL_TXT_kDHE = 'kDHE';
+  SSL_TXT_kECDHr = 'kECDHr';
+//const SSL_TXT_kECDHe = 'kECDHe';
+  SSL_TXT_kECDH = 'kECDH';
+  SSL_TXT_kEECDH = 'kEECDH';
+  SSL_TXT_kECDHE = 'kECDHE';
+  SSL_TXT_kPSK = 'kPSK';
+  SSL_TXT_kRSAPSK = 'kRSAPSK';
+  SSL_TXT_kECDHEPSK = 'kECDHEPSK';
+  SSL_TXT_kDHEPSK = 'kDHEPSK';
+  SSL_TXT_kGOST = 'kGOST';
+  SSL_TXT_kSRP = 'kSRP';
+
+  SSL_TXT_aRSA = 'aRSA';
+  SSL_TXT_aDSS = 'aDSS';
+  SSL_TXT_aDH = 'aDH';
+  SSL_TXT_aECDH = 'aECDH';
+  SSL_TXT_aECDSA = 'aECDSA';
+  SSL_TXT_aPSK = 'aPSK';
+  SSL_TXT_aGOST94 = 'aGOST94';
+  SSL_TXT_aGOST01 = 'aGOST01';
+  SSL_TXT_aGOST12 = 'aGOST12';
+  SSL_TXT_aGOST = 'aGOST';
+  SSL_TXT_aSRP = 'aSRP';
+
+  SSL_TXT_DSS = 'DSS';
+  SSL_TXT_DH = 'DH';
+  SSL_TXT_DHE = 'DHE';
+  SSL_TXT_EDH = 'EDH';
+  //SSL_TXT_ADH = 'ADH';
+  SSL_TXT_RSA = 'RSA';
+  SSL_TXT_ECDH = 'ECDH';
+  SSL_TXT_EECDH = 'EECDH';
+  SSL_TXT_ECDHE = 'ECDHE';
+  //SSL_TXT_AECDH = 'AECDH';
+  SSL_TXT_ECDSA = 'ECDSA';
+  SSL_TXT_PSK = 'PSK';
+  SSL_TXT_SRP = 'SRP';
+
+  SSL_TXT_DES = 'DES';
+  SSL_TXT_3DES = '3DES';
+  SSL_TXT_RC4 = 'RC4';
+  SSL_TXT_RC2 = 'RC2';
+  SSL_TXT_IDEA = 'IDEA';
+  SSL_TXT_SEED = 'SEED';
+  SSL_TXT_AES128 = 'AES128';
+  SSL_TXT_AES256 = 'AES256';
+  SSL_TXT_AES = 'AES';
+  SSL_TXT_AES_GCM = 'AESGCM';
+  SSL_TXT_AES_CCM = 'AESCCM';
+  SSL_TXT_AES_CCM_8 = 'AESCCM8';
+  SSL_TXT_CAMELLIA128 = 'CAMELLIA128';
+  SSL_TXT_CAMELLIA256 = 'CAMELLIA256';
+  SSL_TXT_CAMELLIA = 'CAMELLIA';
+  SSL_TXT_CHACHA20 = 'CHACHA20';
+  SSL_TXT_GOST = 'GOST89';
+  SSL_TXT_ARIA = 'ARIA';
+  SSL_TXT_ARIA_GCM = 'ARIAGCM';
+  SSL_TXT_ARIA128 = 'ARIA128';
+  SSL_TXT_ARIA256 = 'ARIA256';
+
+  SSL_TXT_MD5 = 'MD5';
+  SSL_TXT_SHA1 = 'SHA1';
+  SSL_TXT_SHA = 'SHA';
+  SSL_TXT_GOST94 = 'GOST94';
+  SSL_TXT_GOST89MAC = 'GOST89MAC';
+  SSL_TXT_GOST12 = 'GOST12';
+  SSL_TXT_GOST89MAC12 = 'GOST89MAC12';
+  SSL_TXT_SHA256 = 'SHA256';
+  SSL_TXT_SHA384 = 'SHA384';
+
+  SSL_TXT_SSLV3 = 'SSLv3';
+  SSL_TXT_TLSV1 = 'TLSv1';
+  SSL_TXT_TLSV1_1 = 'TLSv1.1';
+  SSL_TXT_TLSV1_2 = 'TLSv1.2';
+
+  SSL_TXT_ALL = 'ALL';
+
+  (*-
+   * COMPLEMENTOF* definitions. These identifiers are used to (de-select)
+   * ciphers normally not being used.
+   * Example: "RC4" will activate all ciphers using RC4 including ciphers
+   * without authentication, which would normally disabled by DEFAULT (due
+   * the "!ADH" being part of default). Therefore "RC4:!COMPLEMENTOFDEFAULT"
+   * will make sure that it is also disabled in the specific selection.
+   * COMPLEMENTOF* identifiers are portable between version, as adjustments
+   * to the default cipher setup will also be included here.
+   *
+   * COMPLEMENTOFDEFAULT does not experience the same special treatment that
+   * DEFAULT gets, as only selection is being done and no sorting as needed
+   * for DEFAULT.
+   *)
+  SSL_TXT_CMPALL = 'COMPLEMENTOFALL';
+  SSL_TXT_CMPDEF = 'COMPLEMENTOFDEFAULT';
+
+  (*
+   * The following cipher list is used by default. It also is substituted when
+   * an application-defined cipher list string starts with 'DEFAULT'.
+   * This applies to ciphersuites for TLSv1.2 and below.
+   *)
+  SSL_DEFAULT_CIPHER_LIST = 'ALL:!COMPLEMENTOFDEFAULT:!eNULL';
+  (* This is the default set of TLSv1.3 ciphersuites *)
+  TLS_DEFAULT_CIPHERSUITES = 'TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256';
+
+  (*
+   * As of OpenSSL 1.0.0, ssl_create_cipher_list() in ssl/ssl_ciph.c always
+   * starts with a reasonable order, and all we have to do for DEFAULT is
+   * throwing out anonymous and unencrypted ciphersuites! (The latter are not
+   * actually enabled by ALL, but "ALL:RSA" would enable some of them.)
+   *)
+
+  (* Used in SSL_set_shutdown()/SSL_get_shutdown(); *)
+  SSL_SENT_SHUTDOWN = 1;
+  SSL_RECEIVED_SHUTDOWN = 2;
+
+  SSL_FILETYPE_ASN1 = X509_FILETYPE_ASN1;
+  SSL_FILETYPE_PEM = X509_FILETYPE_PEM;
+
+  (* Extension context codes *)
+  (* This extension is only allowed in TLS *)
+  SSL_EXT_TLS_ONLY = $0001;
+  (* This extension is only allowed in DTLS *)
+  SSL_EXT_DTLS_ONLY = $0002;
+  (* Some extensions may be allowed in DTLS but we don't implement them for it *)
+  SSL_EXT_TLS_IMPLEMENTATION_ONLY = $0004;
+  (* Most extensions are not defined for SSLv3 but EXT_TYPE_renegotiate is *)
+  SSL_EXT_SSL3_ALLOWED = $0008;
+  (* Extension is only defined for TLS1.2 and below *)
+  SSL_EXT_TLS1_2_AND_BELOW_ONLY = $0010;
+  (* Extension is only defined for TLS1.3 and above *)
+  SSL_EXT_TLS1_3_ONLY = $0020;
+  (* Ignore this extension during parsing if we are resuming *)
+  SSL_EXT_IGNORE_ON_RESUMPTION = $0040;
+  SSL_EXT_CLIENT_HELLO = $0080;
+  (* Really means TLS1.2 or below *)
+  SSL_EXT_TLS1_2_SERVER_HELLO = $0100;
+  SSL_EXT_TLS1_3_SERVER_HELLO = $0200;
+  SSL_EXT_TLS1_3_ENCRYPTED_EXTENSIONS = $0400;
+  SSL_EXT_TLS1_3_HELLO_RETRY_REQUEST = $0800;
+  SSL_EXT_TLS1_3_CERTIFICATE = $1000;
+  SSL_EXT_TLS1_3_NEW_SESSION_TICKET = $2000;
+  SSL_EXT_TLS1_3_CERTIFICATE_REQUEST = $4000;
+
+  (*
+   * Some values are reserved until OpenSSL 1.2.0 because they were previously
+   * included in SSL_OP_ALL in a 1.1.x release.
+   *
+   * Reserved value (until OpenSSL 1.2.0)                  $00000001U
+   * Reserved value (until OpenSSL 1.2.0)                  $00000002U
+   *)
+  (* Allow initial connection to servers that don't support RI *)
+  SSL_OP_LEGACY_SERVER_CONNECT = TIdC_UINT($00000004);
+
+  (* Reserved value (until OpenSSL 1.2.0)                  $00000008U *)
+  SSL_OP_TLSEXT_PADDING =      TIdC_UINT($00000010);
+  (* Reserved value (until OpenSSL 1.2.0)                  $00000020U *)
+  SSL_OP_SAFARI_ECDHE_ECDSA_BUG = TIdC_UINT($00000040);
+  (*
+   * Reserved value (until OpenSSL 1.2.0)                  $00000080U
+   * Reserved value (until OpenSSL 1.2.0)                  $00000100U
+   * Reserved value (until OpenSSL 1.2.0)                  $00000200U
+   *)
+
+  (* In TLSv1.3 allow a non-(ec)dhe based kex_mode *)
+  SSL_OP_ALLOW_NO_DHE_KEX                         = TIdC_UINT($00000400);
+
+  (*
+   * Disable SSL 3.0/TLS 1.0 CBC vulnerability workaround that was added in
+   * OpenSSL 0.9.6d.  Usually (depending on the application protocol) the
+   * workaround is not needed.  Unfortunately some broken SSL/TLS
+   * implementations cannot handle it at all, which is why we include it in
+   * SSL_OP_ALL. Added in 0.9.6e
+   *)
+  SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS              = TIdC_UINT($00000800);
+
+  (* DTLS options *)
+  SSL_OP_NO_QUERY_MTU                             = TIdC_UINT($00001000);
+  (* Turn on Cookie Exchange (on relevant for servers) *)
+  SSL_OP_COOKIE_EXCHANGE                          = TIdC_UINT($00002000);
+  (* Don't use RFC4507 ticket extension *)
+  SSL_OP_NO_TICKET                                = TIdC_UINT($00004000);
+  (* Use Cisco's "speshul" version of DTLS_BAD_VER
+   * (only with deprecated DTLSv1_client_method())  *)
+  SSL_OP_CISCO_ANYCONNECT                        = TIdC_UINT($00008000);
+
+  (* As server, disallow session resumption on renegotiation *)
+  SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION   = TIdC_UINT($00010000);
+  (* Don't use compression even if supported *)
+  SSL_OP_NO_COMPRESSION                           = TIdC_UINT($00020000);
+  (* Permit unsafe legacy renegotiation *)
+  SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION        = TIdC_UINT($00040000);
+  (* Disable encrypt-then-mac *)
+  SSL_OP_NO_ENCRYPT_THEN_MAC                      = TIdC_UINT($00080000);
+
+  (*
+   * Enable TLSv1.3 Compatibility mode. This is on by default. A future version
+   * of OpenSSL may have this disabled by default.
+   *)
+  SSL_OP_ENABLE_MIDDLEBOX_COMPAT                  = TIdC_UINT($00100000);
+
+  (* Prioritize Chacha20Poly1305 when client does.
+   * Modifies SSL_OP_CIPHER_SERVER_PREFERENCE *)
+  SSL_OP_PRIORITIZE_CHACHA                        = TIdC_UINT($00200000);
+
+  (*
+   * Set on servers to choose the cipher according to the server's preferences
+   *)
+  SSL_OP_CIPHER_SERVER_PREFERENCE                 = TIdC_UINT($00400000);
+  (*
+   * If set, a server will allow a client to issue a SSLv3.0 version number as
+   * latest version supported in the premaster secret, even when TLSv1.0
+   * (version 3.1) was announced in the client hello. Normally this is
+   * forbidden to prevent version rollback attacks.
+   *)
+  SSL_OP_TLS_ROLLBACK_BUG                         = TIdC_UINT($00800000);
+
+  (*
+   * Switches off automatic TLSv1.3 anti-replay protection for early data. This
+   * is a server-side option only (no effect on the client).
+   *)
+  SSL_OP_NO_ANTI_REPLAY                           = TIdC_UINT($01000000);
+
+  SSL_OP_NO_SSLv3                                 = TIdC_UINT($02000000);
+  SSL_OP_NO_TLSv1                                 = TIdC_UINT($04000000);
+  SSL_OP_NO_TLSv1_2                               = TIdC_UINT($08000000);
+  SSL_OP_NO_TLSv1_1                               = TIdC_UINT($10000000);
+  SSL_OP_NO_TLSv1_3                               = TIdC_UINT($20000000);
+
+  SSL_OP_NO_DTLSv1                                = TIdC_UINT($04000000);
+  SSL_OP_NO_DTLSv1_2                              = TIdC_UINT($08000000);
+
+  SSL_OP_NO_SSL_MASK = SSL_OP_NO_SSLv3 or SSL_OP_NO_TLSv1 or SSL_OP_NO_TLSv1_1
+    or SSL_OP_NO_TLSv1_2 or SSL_OP_NO_TLSv1_3;
+  SSL_OP_NO_DTLS_MASK = SSL_OP_NO_DTLSv1 or SSL_OP_NO_DTLSv1_2;
+
+  (* Disallow all renegotiation *)
+  SSL_OP_NO_RENEGOTIATION                         = TIdC_UINT($40000000);
+
+  (*
+   * Make server add server-hello extension from early version of cryptopro
+   * draft, when GOST ciphersuite is negotiated. Required for interoperability
+   * with CryptoPro CSP 3.x
+   *)
+  SSL_OP_CRYPTOPRO_TLSEXT_BUG                     = TIdC_UINT($80000000);
+
+  (*
+   * SSL_OP_ALL: various bug workarounds that should be rather harmless.
+   * This used to be $000FFFFFL before 0.9.7.
+   * This used to be $80000BFFU before 1.1.1.
+   *)
+  SSL_OP_ALL = SSL_OP_CRYPTOPRO_TLSEXT_BUG or SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS
+    or SSL_OP_LEGACY_SERVER_CONNECT or SSL_OP_TLSEXT_PADDING or SSL_OP_SAFARI_ECDHE_ECDSA_BUG;
+
+  (* OBSOLETE OPTIONS: retained for compatibility *)
+
+  (* Removed from OpenSSL 1.1.0. Was $00000001L *)
+  (* Related to removed SSLv2. *)
+  SSL_OP_MICROSOFT_SESS_ID_BUG                    = $0;
+  (* Removed from OpenSSL 1.1.0. Was $00000002L *)
+  (* Related to removed SSLv2. *)
+  SSL_OP_NETSCAPE_CHALLENGE_BUG                   = $0;
+  (* Removed from OpenSSL 0.9.8q and 1.0.0c. Was $00000008L *)
+  (* Dead forever, see CVE-2010-4180 *)
+  SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG         = $0;
+  (* Removed from OpenSSL 1.0.1h and 1.0.2. Was $00000010L *)
+  (* Refers to ancient SSLREF and SSLv2. *)
+  SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG              = $0;
+  (* Removed from OpenSSL 1.1.0. Was $00000020 *)
+  SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER               = $0;
+  (* Removed from OpenSSL 0.9.7h and 0.9.8b. Was $00000040L *)
+  SSL_OP_MSIE_SSLV2_RSA_PADDING                   = $0;
+  (* Removed from OpenSSL 1.1.0. Was $00000080 *)
+  (* Ancient SSLeay version. *)
+  SSL_OP_SSLEAY_080_CLIENT_DH_BUG                 = $0;
+  (* Removed from OpenSSL 1.1.0. Was $00000100L *)
+  SSL_OP_TLS_D5_BUG                               = $0;
+  (* Removed from OpenSSL 1.1.0. Was $00000200L *)
+  SSL_OP_TLS_BLOCK_PADDING_BUG                    = $0;
+  (* Removed from OpenSSL 1.1.0. Was $00080000L *)
+  SSL_OP_SINGLE_ECDH_USE                          = $0;
+  (* Removed from OpenSSL 1.1.0. Was $00100000L *)
+  SSL_OP_SINGLE_DH_USE                            = $0;
+  (* Removed from OpenSSL 1.0.1k and 1.0.2. Was $00200000L *)
+  SSL_OP_EPHEMERAL_RSA                            = $0;
+  (* Removed from OpenSSL 1.1.0. Was $01000000L *)
+  SSL_OP_NO_SSLv2                                 = $0;
+  (* Removed from OpenSSL 1.0.1. Was $08000000L *)
+  SSL_OP_PKCS1_CHECK_1                            = $0;
+  (* Removed from OpenSSL 1.0.1. Was $10000000L *)
+  SSL_OP_PKCS1_CHECK_2                            = $0;
+  (* Removed from OpenSSL 1.1.0. Was $20000000L *)
+  SSL_OP_NETSCAPE_CA_DN_BUG                       = $0;
+  (* Removed from OpenSSL 1.1.0. Was $40000000L *)
+  SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG          = $0;
+
+  (*
+   * Allow SSL_write(..., n) to return r with 0 < r < n (i.e. report success
+   * when just a single record has been written):
+   *)
+  SSL_MODE_ENABLE_PARTIAL_WRITE = TIdC_UINT($00000001);
+  (*
+   * Make it possible to retry SSL_write() with changed buffer location (buffer
+   * contents must stay the same!); this is not the default to avoid the
+   * misconception that non-blocking SSL_write() behaves like non-blocking
+   * write():
+   *)
+  SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER = TIdC_UINT($00000002);
+  (*
+   * Never bother the application with retries if the transport is blocking:
+   *)
+  SSL_MODE_AUTO_RETRY = TIdC_UINT($00000004);
+  (* Don't attempt to automatically build certificate chain *)
+  SSL_MODE_NO_AUTO_CHAIN = TIdC_UINT($00000008);
+  (*
+   * Save RAM by releasing read and write buffers when they're empty. (SSL3 and
+   * TLS only.) Released buffers are freed.
+   *)
+  SSL_MODE_RELEASE_BUFFERS = TIdC_UINT($00000010);
+  (*
+   * Send the current time in the Random fields of the ClientHello and
+   * ServerHello records for compatibility with hypothetical implementations
+   * that require it.
+   *)
+  SSL_MODE_SEND_CLIENTHELLO_TIME = TIdC_UINT($00000020);
+  SSL_MODE_SEND_SERVERHELLO_TIME = TIdC_UINT($00000040);
+  (*
+   * Send TLS_FALLBACK_SCSV in the ClientHello. To be set only by applications
+   * that reconnect with a downgraded protocol version; see
+   * draft-ietf-tls-downgrade-scsv-00 for details. DO NOT ENABLE THIS if your
+   * application attempts a normal handshake. Only use this in explicit
+   * fallback retries, following the guidance in
+   * draft-ietf-tls-downgrade-scsv-00.
+   *)
+  SSL_MODE_SEND_FALLBACK_SCSV = TIdC_UINT($00000080);
+  (*
+   * Support Asynchronous operation
+   *)
+  SSL_MODE_ASYNC = TIdC_UINT($00000100);
+
+  (*
+   * When using DTLS/SCTP, include the terminating zero in the label
+   * used for computing the endpoint-pair shared secret. Required for
+   * interoperability with implementations having this bug like these
+   * older version of OpenSSL:
+   * - OpenSSL 1.0.0 series
+   * - OpenSSL 1.0.1 series
+   * - OpenSSL 1.0.2 series
+   * - OpenSSL 1.1.0 series
+   * - OpenSSL 1.1.1 and 1.1.1a
+   *)
+  SSL_MODE_DTLS_SCTP_LABEL_LENGTH_BUG = TIdC_UINT($00000400);
+
+  (* Cert related flags *)
+  (*
+   * Many implementations ignore some aspects of the TLS standards such as
+   * enforcing certificate chain algorithms. When this is set we enforce them.
+   *)
+  SSL_CERT_FLAG_TLS_STRICT = TIdC_UINT($00000001);
+  (* Suite B modes, takes same values as certificate verify flags *)
+  SSL_CERT_FLAG_SUITEB_128_LOS_ONLY = $10000;
+  (* Suite B 192 bit only mode *)
+  SSL_CERT_FLAG_SUITEB_192_LOS = $20000;
+  (* Suite B 128 bit mode allowing 192 bit algorithms *)
+  SSL_CERT_FLAG_SUITEB_128_LOS = $30000;
+
+  (* Perform all sorts of protocol violations for testing purposes *)
+  SSL_CERT_FLAG_BROKEN_PROTOCOL = $10000000;
+
+  (* Flags for building certificate chains *)
+  (* Treat any existing certificates as untrusted CAs *)
+  SSL_BUILD_CHAIN_FLAG_UNTRUSTED = $1;
+  (* Don't include root CA in chain *)
+  SSL_BUILD_CHAIN_FLAG_NO_ROOT = $2;
+  (* Just check certificates already there *)
+  SSL_BUILD_CHAIN_FLAG_CHECK = $4;
+  (* Ignore verification errors *)
+  SSL_BUILD_CHAIN_FLAG_IGNORE_ERROR = $8;
+  (* Clear verification errors from queue *)
+  SSL_BUILD_CHAIN_FLAG_CLEAR_ERROR = $10;
+
+  (* Flags returned by SSL_check_chain *)
+  (* Certificate can be used with this session *)
+  CERT_PKEY_VALID = $1;
+  (* Certificate can also be used for signing *)
+  CERT_PKEY_SIGN = $2;
+  (* EE certificate signing algorithm OK *)
+  CERT_PKEY_EE_SIGNATURE = $10;
+  (* CA signature algorithms OK *)
+  CERT_PKEY_CA_SIGNATURE = $20;
+  (* EE certificate parameters OK *)
+  CERT_PKEY_EE_PARAM = $40;
+  (* CA certificate parameters OK *)
+  CERT_PKEY_CA_PARAM = $80;
+  (* Signing explicitly allowed as opposed to SHA1 fallback *)
+  CERT_PKEY_EXPLICIT_SIGN = $100;
+  (* Client CA issuer names match (always set for server cert) *)
+  CERT_PKEY_ISSUER_NAME = $200;
+  (* Cert type matches client types (always set for server cert) *)
+  CERT_PKEY_CERT_TYPE = $400;
+  (* Cert chain suitable to Suite B *)
+  CERT_PKEY_SUITEB = $800;
+
+  SSL_CONF_FLAG_CMDLINE = $1;
+  SSL_CONF_FLAG_FILE = $2;
+  SSL_CONF_FLAG_CLIENT = $4;
+  SSL_CONF_FLAG_SERVER = $8;
+  SSL_CONF_FLAG_SHOW_ERRORS = $10;
+  SSL_CONF_FLAG_CERTIFICATE = $20;
+  SSL_CONF_FLAG_REQUIRE_PRIVATE = $40;
+  (* Configuration value types *)
+  SSL_CONF_TYPE_UNKNOWN = $0;
+  SSL_CONF_TYPE_STRING = $1;
+  SSL_CONF_TYPE_FILE = $2;
+  SSL_CONF_TYPE_DIR = $3;
+  SSL_CONF_TYPE_NONE = $4;
+
+  (* Maximum length of the application-controlled segment of a a TLSv1.3 cookie *)
+  SSL_COOKIE_LENGTH = 4096;
+
+  (* 100k max cert list *)
+  SSL_MAX_CERT_LIST_DEFAULT = 1024 * 100;
+  SSL_SESSION_CACHE_MAX_SIZE_DEFAULT = 1024 * 20;
+
+  SSL_SESS_CACHE_OFF = $0000;
+  SSL_SESS_CACHE_CLIENT = $0001;
+  SSL_SESS_CACHE_SERVER = $0002;
+  SSL_SESS_CACHE_BOTH = (SSL_SESS_CACHE_CLIENT or SSL_SESS_CACHE_SERVER);
+  SSL_SESS_CACHE_NO_AUTO_CLEAR = $0080;
+  (* enough comments already ... see SSL_CTX_set_session_cache_mode(3) *)
+  SSL_SESS_CACHE_NO_INTERNAL_LOOKUP = $0100;
+  SSL_SESS_CACHE_NO_INTERNAL_STORE = $0200;
+  SSL_SESS_CACHE_NO_INTERNAL = (SSL_SESS_CACHE_NO_INTERNAL_LOOKUP or SSL_SESS_CACHE_NO_INTERNAL_STORE);
+
+  OPENSSL_NPN_UNSUPPORTED = 0;
+  OPENSSL_NPN_NEGOTIATED = 1;
+  OPENSSL_NPN_NO_OVERLAP = 2;
+
+  (*
+   * the maximum length of the buffer given to callbacks containing the
+   * resulting identity/psk
+   *)
+  PSK_MAX_IDENTITY_LEN = 128;
+  PSK_MAX_PSK_LEN = 256;
+
+  SSL_NOTHING = 1;
+  SSL_WRITING = 2;
+  SSL_READING = 3;
+  SSL_X509_LOOKUP = 4;
+  SSL_ASYNC_PAUSED = 5;
+  SSL_ASYNC_NO_JOBS = 6;
+  SSL_CLIENT_HELLO_CB = 7;
+
+  SSL_MAC_FLAG_READ_MAC_STREAM = 1;
+  SSL_MAC_FLAG_WRITE_MAC_STREAM = 2;
+
+  (* TLSv1.3 KeyUpdate message types *)
+  (* -1 used so that this is an invalid value for the on-the-wire protocol *)
+  SSL_KEY_UPDATE_NONE = -1;
+  (* Values as defined for the on-the-wire protocol *)
+  SSL_KEY_UPDATE_NOT_REQUESTED = 0;
+  SSL_KEY_UPDATE_REQUESTED = 1;
+
+  (*
+   * Most of the following state values are no longer used and are defined to be
+   * the closest equivalent value &in the current state machine code. Not all
+   * defines have an equivalent and are set to a dummy value (-1). SSL_ST_CONNECT
+   * and SSL_ST_ACCEPT are still &in use &in the definition of SSL_CB_ACCEPT_LOOP,
+   * SSL_CB_ACCEPT_EXIT, SSL_CB_CONNECT_LOOP and SSL_CB_CONNECT_EXIT.
+   *)
+  SSL_ST_CONNECT = $1000;
+  SSL_ST_ACCEPT = $2000;
+  
+  SSL_ST_MASK = $0FFF;
+  
+  SSL_CB_LOOP = $01;
+  SSL_CB_EXIT = $02;
+  SSL_CB_READ = $04;
+  SSL_CB_WRITE = $08;
+  SSL_CB_ALERT = $4000;
+  SSL_CB_READ_ALERT = SSL_CB_ALERT or SSL_CB_READ;
+  SSL_CB_WRITE_ALERT = SSL_CB_ALERT or SSL_CB_WRITE;
+  SSL_CB_ACCEPT_LOOP = SSL_ST_ACCEPT or SSL_CB_LOOP;
+  SSL_CB_ACCEPT_EXIT = SSL_ST_ACCEPT or SSL_CB_EXIT;
+  SSL_CB_CONNECT_LOOP = SSL_ST_CONNECT or SSL_CB_LOOP;
+  SSL_CB_CONNECT_EXIT = SSL_ST_CONNECT or SSL_CB_EXIT;
+  SSL_CB_HANDSHAKE_START = $10;
+  SSL_CB_HANDSHAKE_DONE = $20;
+
+  (*
+   * The following 3 states are kept in ssl->rlayer.rstate when reads fail, you
+   * should not need these
+   *)
+  SSL_ST_READ_HEADER = $F0;
+  SSL_ST_READ_BODY = $F1;
+  SSL_ST_READ_DONE = $F2;
+
+  (*
+   * use either SSL_VERIFY_NONE or SSL_VERIFY_PEER, the last 3 options are
+   * 'ored' with SSL_VERIFY_PEER if they are desired
+   *)
+  SSL_VERIFY_NONE = $00;
+  SSL_VERIFY_PEER = $01;
+  SSL_VERIFY_FAIL_IF_NO_PEER_CERT = $02;
+  SSL_VERIFY_CLIENT_ONCE = $04;
+  SSL_VERIFY_POST_HANDSHAKE = $08;
+
+  SSL_AD_REASON_OFFSET = 1000; (* offset to get SSL_R_... value
+                                * from SSL_AD_... *)
+  (* These alert types are for SSLv3 and TLSv1 *)
+  SSL_AD_CLOSE_NOTIFY = SSL3_AD_CLOSE_NOTIFY;
+  (* fatal *)
+  SSL_AD_UNEXPECTED_MESSAGE = SSL3_AD_UNEXPECTED_MESSAGE;
+  (* fatal *)
+  SSL_AD_BAD_RECORD_MAC = SSL3_AD_BAD_RECORD_MAC;
+  SSL_AD_DECRYPTION_FAILED = TLS1_AD_DECRYPTION_FAILED;
+  SSL_AD_RECORD_OVERFLOW = TLS1_AD_RECORD_OVERFLOW;
+  (* fatal *)
+  SSL_AD_DECOMPRESSION_FAILURE = SSL3_AD_DECOMPRESSION_FAILURE;
+  (* fatal *)
+  SSL_AD_HANDSHAKE_FAILURE = SSL3_AD_HANDSHAKE_FAILURE;
+  (* Not for TLS *)
+  SSL_AD_NO_CERTIFICATE = SSL3_AD_NO_CERTIFICATE;
+  SSL_AD_BAD_CERTIFICATE = SSL3_AD_BAD_CERTIFICATE;
+  SSL_AD_UNSUPPORTED_CERTIFICATE = SSL3_AD_UNSUPPORTED_CERTIFICATE;
+  SSL_AD_CERTIFICATE_REVOKED = SSL3_AD_CERTIFICATE_REVOKED;
+  SSL_AD_CERTIFICATE_EXPIRED = SSL3_AD_CERTIFICATE_EXPIRED;
+  SSL_AD_CERTIFICATE_UNKNOWN = SSL3_AD_CERTIFICATE_UNKNOWN;
+  (* fatal *)
+  SSL_AD_ILLEGAL_PARAMETER = SSL3_AD_ILLEGAL_PARAMETER;
+  (* fatal *)
+  SSL_AD_UNKNOWN_CA = TLS1_AD_UNKNOWN_CA;
+  (* fatal *)
+  SSL_AD_ACCESS_DENIED = TLS1_AD_ACCESS_DENIED;
+  (* fatal *)
+  SSL_AD_DECODE_ERROR = TLS1_AD_DECODE_ERROR;
+  SSL_AD_DECRYPT_ERROR = TLS1_AD_DECRYPT_ERROR;
+  (* fatal *)
+  SSL_AD_EXPORT_RESTRICTION = TLS1_AD_EXPORT_RESTRICTION;
+  (* fatal *)
+  SSL_AD_PROTOCOL_VERSION = TLS1_AD_PROTOCOL_VERSION;
+  (* fatal *)
+  SSL_AD_INSUFFICIENT_SECURITY = TLS1_AD_INSUFFICIENT_SECURITY;
+  (* fatal *)
+  SSL_AD_INTERNAL_ERROR = TLS1_AD_INTERNAL_ERROR;
+  SSL_AD_USER_CANCELLED = TLS1_AD_USER_CANCELLED;
+  SSL_AD_NO_RENEGOTIATION = TLS1_AD_NO_RENEGOTIATION;
+  SSL_AD_MISSING_EXTENSION = TLS13_AD_MISSING_EXTENSION;
+  SSL_AD_CERTIFICATE_REQUIRED = TLS13_AD_CERTIFICATE_REQUIRED;
+  SSL_AD_UNSUPPORTED_EXTENSION = TLS1_AD_UNSUPPORTED_EXTENSION;
+  SSL_AD_CERTIFICATE_UNOBTAINABLE = TLS1_AD_CERTIFICATE_UNOBTAINABLE;
+  SSL_AD_UNRECOGNIZED_NAME = TLS1_AD_UNRECOGNIZED_NAME;
+  SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE = TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE;
+  SSL_AD_BAD_CERTIFICATE_HASH_VALUE = TLS1_AD_BAD_CERTIFICATE_HASH_VALUE;
+  (* fatal *)
+  SSL_AD_UNKNOWN_PSK_IDENTITY = TLS1_AD_UNKNOWN_PSK_IDENTITY;
+  (* fatal *)
+  SSL_AD_INAPPROPRIATE_FALLBACK = TLS1_AD_INAPPROPRIATE_FALLBACK;
+  SSL_AD_NO_APPLICATION_PROTOCOL = TLS1_AD_NO_APPLICATION_PROTOCOL;
+  SSL_ERROR_NONE = 0;
+  SSL_ERROR_SSL = 1;
+  SSL_ERROR_WANT_READ = 2;
+  SSL_ERROR_WANT_WRITE = 3;
+  SSL_ERROR_WANT_X509_LOOKUP = 4;
+  SSL_ERROR_SYSCALL = 5; (* look at error stack/return
+                          * value/errno *)
+  SSL_ERROR_ZERO_RETURN = 6;
+  SSL_ERROR_WANT_CONNECT = 7;
+  SSL_ERROR_WANT_ACCEPT = 8;
+  SSL_ERROR_WANT_ASYNC = 9;
+  SSL_ERROR_WANT_ASYNC_JOB = 10;
+  SSL_ERROR_WANT_CLIENT_HELLO_CB = 11;
+  SSL_CTRL_SET_TMP_DH = 3;
+  SSL_CTRL_SET_TMP_ECDH = 4;
+  SSL_CTRL_SET_TMP_DH_CB = 6;
+  SSL_CTRL_GET_CLIENT_CERT_REQUEST = 9;
+  SSL_CTRL_GET_NUM_RENEGOTIATIONS = 10;
+  SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS = 11;
+  SSL_CTRL_GET_TOTAL_RENEGOTIATIONS = 12;
+  SSL_CTRL_GET_FLAGS = 13;
+  SSL_CTRL_EXTRA_CHAIN_CERT = 14;
+  SSL_CTRL_SET_MSG_CALLBACK = 15;
+  SSL_CTRL_SET_MSG_CALLBACK_ARG = 16;
+  (* only applies to datagram connections *)
+  SSL_CTRL_SET_MTU = 17;
+  (* Stats *)
+  SSL_CTRL_SESS_NUMBER = 20;
+  SSL_CTRL_SESS_CONNECT = 21;
+  SSL_CTRL_SESS_CONNECT_GOOD = 22;
+  SSL_CTRL_SESS_CONNECT_RENEGOTIATE = 23;
+  SSL_CTRL_SESS_ACCEPT = 24;
+  SSL_CTRL_SESS_ACCEPT_GOOD = 25;
+  SSL_CTRL_SESS_ACCEPT_RENEGOTIATE = 26;
+  SSL_CTRL_SESS_HIT = 27;
+  SSL_CTRL_SESS_CB_HIT = 28;
+  SSL_CTRL_SESS_MISSES = 29;
+  SSL_CTRL_SESS_TIMEOUTS = 30;
+  SSL_CTRL_SESS_CACHE_FULL = 31;
+  SSL_CTRL_MODE = 33;
+  SSL_CTRL_GET_READ_AHEAD = 40;
+  SSL_CTRL_SET_READ_AHEAD = 41;
+  SSL_CTRL_SET_SESS_CACHE_SIZE = 42;
+  SSL_CTRL_GET_SESS_CACHE_SIZE = 43;
+  SSL_CTRL_SET_SESS_CACHE_MODE = 44;
+  SSL_CTRL_GET_SESS_CACHE_MODE = 45;
+  SSL_CTRL_GET_MAX_CERT_LIST = 50;
+  SSL_CTRL_SET_MAX_CERT_LIST = 51;
+  SSL_CTRL_SET_MAX_SEND_FRAGMENT = 52;
+  (* see tls1.h for macros based on these *)
+  SSL_CTRL_SET_TLSEXT_SERVERNAME_CB = 53;
+  SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG = 54;
+  SSL_CTRL_SET_TLSEXT_HOSTNAME = 55;
+  SSL_CTRL_SET_TLSEXT_DEBUG_CB = 56;
+  SSL_CTRL_SET_TLSEXT_DEBUG_ARG = 57;
+  SSL_CTRL_GET_TLSEXT_TICKET_KEYS = 58;
+  SSL_CTRL_SET_TLSEXT_TICKET_KEYS = 59;
+  SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB = 63;
+  SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG = 64;
+  SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE = 65;
+  SSL_CTRL_GET_TLSEXT_STATUS_REQ_EXTS = 66;
+  SSL_CTRL_SET_TLSEXT_STATUS_REQ_EXTS = 67;
+  SSL_CTRL_GET_TLSEXT_STATUS_REQ_IDS = 68;
+  SSL_CTRL_SET_TLSEXT_STATUS_REQ_IDS = 69;
+  SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP = 70;
+  SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP = 71;
+  SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB = 72;
+  SSL_CTRL_SET_TLS_EXT_SRP_USERNAME_CB = 75;
+  SSL_CTRL_SET_SRP_VERIFY_PARAM_CB = 76;
+  SSL_CTRL_SET_SRP_GIVE_CLIENT_PWD_CB = 77;
+  SSL_CTRL_SET_SRP_ARG = 78;
+  SSL_CTRL_SET_TLS_EXT_SRP_USERNAME = 79;
+  SSL_CTRL_SET_TLS_EXT_SRP_STRENGTH = 80;
+  SSL_CTRL_SET_TLS_EXT_SRP_PASSWORD = 81;
+  SSL_CTRL_DTLS_EXT_SEND_HEARTBEAT = 85;
+  SSL_CTRL_GET_DTLS_EXT_HEARTBEAT_PENDING = 86;
+  SSL_CTRL_SET_DTLS_EXT_HEARTBEAT_NO_REQUESTS = 87;
+  DTLS_CTRL_GET_TIMEOUT = 73;
+  DTLS_CTRL_HANDLE_TIMEOUT = 74;
+  SSL_CTRL_GET_RI_SUPPORT = 76;
+  SSL_CTRL_CLEAR_MODE = 78;
+  SSL_CTRL_SET_NOT_RESUMABLE_SESS_CB = 79;
+  SSL_CTRL_GET_EXTRA_CHAIN_CERTS = 82;
+  SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS = 83;
+  SSL_CTRL_CHAIN = 88;
+  SSL_CTRL_CHAIN_CERT = 89;
+  SSL_CTRL_GET_GROUPS = 90;
+  SSL_CTRL_SET_GROUPS = 91;
+  SSL_CTRL_SET_GROUPS_LIST = 92;
+  SSL_CTRL_GET_SHARED_GROUP = 93;
+  SSL_CTRL_SET_SIGALGS = 97;
+  SSL_CTRL_SET_SIGALGS_LIST = 98;
+  SSL_CTRL_CERT_FLAGS = 99;
+  SSL_CTRL_CLEAR_CERT_FLAGS = 100;
+  SSL_CTRL_SET_CLIENT_SIGALGS = 101;
+  SSL_CTRL_SET_CLIENT_SIGALGS_LIST = 102;
+  SSL_CTRL_GET_CLIENT_CERT_TYPES = 103;
+  SSL_CTRL_SET_CLIENT_CERT_TYPES = 104;
+  SSL_CTRL_BUILD_CERT_CHAIN = 105;
+  SSL_CTRL_SET_VERIFY_CERT_STORE = 106;
+  SSL_CTRL_SET_CHAIN_CERT_STORE = 107;
+  SSL_CTRL_GET_PEER_SIGNATURE_NID = 108;
+  SSL_CTRL_GET_PEER_TMP_KEY = 109;
+  SSL_CTRL_GET_RAW_CIPHERLIST = 110;
+  SSL_CTRL_GET_EC_POINT_FORMATS = 111;
+  SSL_CTRL_GET_CHAIN_CERTS = 115;
+  SSL_CTRL_SELECT_CURRENT_CERT = 116;
+  SSL_CTRL_SET_CURRENT_CERT = 117;
+  SSL_CTRL_SET_DH_AUTO = 118;
+  DTLS_CTRL_SET_LINK_MTU = 120;
+  DTLS_CTRL_GET_LINK_MIN_MTU = 121;
+  SSL_CTRL_GET_EXTMS_SUPPORT = 122;
+  SSL_CTRL_SET_MIN_PROTO_VERSION = 123;
+  SSL_CTRL_SET_MAX_PROTO_VERSION = 124;
+  SSL_CTRL_SET_SPLIT_SEND_FRAGMENT = 125;
+  SSL_CTRL_SET_MAX_PIPELINES = 126;
+  SSL_CTRL_GET_TLSEXT_STATUS_REQ_TYPE = 127;
+  SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB = 128;
+  SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB_ARG = 129;
+  SSL_CTRL_GET_MIN_PROTO_VERSION = 130;
+  SSL_CTRL_GET_MAX_PROTO_VERSION = 131;
+  SSL_CTRL_GET_SIGNATURE_NID = 132;
+  SSL_CTRL_GET_TMP_KEY = 133;
+  SSL_CERT_SET_FIRST = 1;
+  SSL_CERT_SET_NEXT = 2;
+  SSL_CERT_SET_SERVER = 3;
+
+  (*
+   * The following symbol names are old and obsolete. They are kept
+   * for compatibility reasons only and should not be used anymore.
+   *)
+  SSL_CTRL_GET_CURVES = SSL_CTRL_GET_GROUPS;
+  SSL_CTRL_SET_CURVES = SSL_CTRL_SET_GROUPS;
+  SSL_CTRL_SET_CURVES_LIST = SSL_CTRL_SET_GROUPS_LIST;
+  SSL_CTRL_GET_SHARED_CURVE = SSL_CTRL_GET_SHARED_GROUP;
+  
+//  SSL_get1_curves = SSL_get1_groups;
+//  SSL_CTX_set1_curves = SSL_CTX_set1_groups;
+//  SSL_CTX_set1_curves_list = SSL_CTX_set1_groups_list;
+//  SSL_set1_curves = SSL_set1_groups;
+//  SSL_set1_curves_list = SSL_set1_groups_list;
+//  SSL_get_shared_curve = SSL_get_shared_group;
+
+  (* serverinfo file format versions *)
+  SSL_SERVERINFOV1 = 1;
+  SSL_SERVERINFOV2 = 2;
+
+  SSL_CLIENT_HELLO_SUCCESS = 1;
+  SSL_CLIENT_HELLO_ERROR = 0;
+  SSL_CLIENT_HELLO_RETRY = -1;
+
+  SSL_READ_EARLY_DATA_ERROR = 0;
+  SSL_READ_EARLY_DATA_SUCCESS = 1;
+  SSL_READ_EARLY_DATA_FINISH = 2;
+
+  SSL_EARLY_DATA_NOT_SENT = 0;
+  SSL_EARLY_DATA_REJECTED = 1;
+  SSL_EARLY_DATA_ACCEPTED = 2;
+
+  //SSLv23_method = TLS_method;
+  //SSLv23_server_method = TLS_server_method;
+  //SSLv23_client_method = TLS_client_method;
+
+  (* What the 'other' parameter contains &in security callback *)
+  (* Mask for type *)
+  SSL_SECOP_OTHER_TYPE = $ffff0000;
+  SSL_SECOP_OTHER_NONE = 0;
+  SSL_SECOP_OTHER_CIPHER = (1 shl 16);
+  SSL_SECOP_OTHER_CURVE = (2 shl 16);
+  SSL_SECOP_OTHER_DH = (3 shl 16);
+  SSL_SECOP_OTHER_PKEY = (4 shl 16);
+  SSL_SECOP_OTHER_SIGALG = (5 shl 16);
+  SSL_SECOP_OTHER_CERT = (6 shl 16);
+
+  (* Indicated operation refers to peer key or certificate *)
+  SSL_SECOP_PEER = $1000;
+
+  (* Values for "op" parameter in security callback *)
+
+  (* Called to filter ciphers *)
+  (* Ciphers client supports *)
+  SSL_SECOP_CIPHER_SUPPORTED = 1 or SSL_SECOP_OTHER_CIPHER;
+  (* Cipher shared by client/server *)
+  SSL_SECOP_CIPHER_SHARED = 2 or SSL_SECOP_OTHER_CIPHER;
+  (* Sanity check of cipher server selects *)
+  SSL_SECOP_CIPHER_CHECK = 3 or SSL_SECOP_OTHER_CIPHER;
+  (* Curves supported by client *)
+  SSL_SECOP_CURVE_SUPPORTED = 4 or SSL_SECOP_OTHER_CURVE;
+  (* Curves shared by client/server *)
+  SSL_SECOP_CURVE_SHARED = 5 or SSL_SECOP_OTHER_CURVE;
+  (* Sanity check of curve server selects *)
+  SSL_SECOP_CURVE_CHECK = 6 or SSL_SECOP_OTHER_CURVE;
+  (* Temporary DH key *)
+  SSL_SECOP_TMP_DH = 7 or SSL_SECOP_OTHER_PKEY;
+  (* SSL/TLS version *)
+  SSL_SECOP_VERSION = 9 or SSL_SECOP_OTHER_NONE;
+  (* Session tickets *)
+  SSL_SECOP_TICKET = 10 or SSL_SECOP_OTHER_NONE;
+  (* Supported signature algorithms sent to peer *)
+  SSL_SECOP_SIGALG_SUPPORTED = 11 or SSL_SECOP_OTHER_SIGALG;
+  (* Shared signature algorithm *)
+  SSL_SECOP_SIGALG_SHARED = 12 or SSL_SECOP_OTHER_SIGALG;
+  (* Sanity check signature algorithm allowed *)
+  SSL_SECOP_SIGALG_CHECK = 13 or SSL_SECOP_OTHER_SIGALG;
+  (* Used to get mask of supported public key signature algorithms *)
+  SSL_SECOP_SIGALG_MASK = 14 or SSL_SECOP_OTHER_SIGALG;
+  (* Use to see if compression is allowed *)
+  SSL_SECOP_COMPRESSION = 15 or SSL_SECOP_OTHER_NONE;
+  (* EE key in certificate *)
+  SSL_SECOP_EE_KEY = 16 or SSL_SECOP_OTHER_CERT;
+  (* CA key in certificate *)
+  SSL_SECOP_CA_KEY = 17 or SSL_SECOP_OTHER_CERT;
+  (* CA digest algorithm in certificate *)
+  SSL_SECOP_CA_MD = 18 or SSL_SECOP_OTHER_CERT;
+  (* Peer EE key in certificate *)
+  SSL_SECOP_PEER_EE_KEY = SSL_SECOP_EE_KEY or SSL_SECOP_PEER;
+  (* Peer CA key in certificate *)
+  SSL_SECOP_PEER_CA_KEY = SSL_SECOP_CA_KEY or SSL_SECOP_PEER;
+  (* Peer CA digest algorithm in certificate *)
+  SSL_SECOP_PEER_CA_MD = SSL_SECOP_CA_MD or SSL_SECOP_PEER;
+
+  (* OPENSSL_INIT flag 0x010000 reserved for internal use *)
+  OPENSSL_INIT_NO_LOAD_SSL_STRINGS = TIdC_LONG($00100000);
+  OPENSSL_INIT_LOAD_SSL_STRINGS = TIdC_LONG($00200000);
+  OPENSSL_INIT_SSL_DEFAULT = OPENSSL_INIT_LOAD_SSL_STRINGS or OPENSSL_INIT_LOAD_CRYPTO_STRINGS;
+
+  (* Support for ticket appdata *)
+  (* fatal error, malloc failure *)
+  SSL_TICKET_FATAL_ERR_MALLOC = 0;
+  (* fatal error, either from parsing or decrypting the ticket *)
+  SSL_TICKET_FATAL_ERR_OTHER = 1;
+  (* No ticket present *)
+  SSL_TICKET_NONE = 2;
+  (* Empty ticket present *)
+  SSL_TICKET_EMPTY = 3;
+  (* the ticket couldn't be decrypted *)
+  SSL_TICKET_NO_DECRYPT = 4;
+  (* a ticket was successfully decrypted *)
+  SSL_TICKET_SUCCESS = 5;
+  (* same as above but the ticket needs to be renewed *)
+  SSL_TICKET_SUCCESS_RENEW = 6;
+
+  (* An error occurred *)
+  SSL_TICKET_RETURN_ABORT = 0;
+  (* Do not use the ticket, do not send a renewed ticket to the client *)
+  SSL_TICKET_RETURN_IGNORE = 1;
+  (* Do not use the ticket, send a renewed ticket to the client *)
+  SSL_TICKET_RETURN_IGNORE_RENEW = 2;
+  (* Use the ticket, do not send a renewed ticket to the client *)
+  SSL_TICKET_RETURN_USE = 3;
+  (* Use the ticket, send a renewed ticket to the client *)
+  SSL_TICKET_RETURN_USE_RENEW = 4;
+
+type
+  (*
+   * This is needed to stop compilers complaining about the 'struct ssl_st *'
+   * function parameters used to prototype callbacks in SSL_CTX.
+   *)
+  ssl_crock_st = ^ssl_st;
+  TLS_SESSION_TICKET_EXT = tls_session_ticket_ext_st;
+  ssl_method_st = type Pointer;
+  SSL_METHOD = ssl_method_st;
+  PSSL_METHOD = ^SSL_METHOD;
+  ssl_session_st = type Pointer;
+  SSL_CIPHER = ssl_session_st;
+  PSSL_CIPHER = ^SSL_CIPHER;
+  SSL_SESSION = ssl_session_st;
+  PSSL_SESSION = ^SSL_SESSION;
+  PPSSL_SESSION = ^PSSL_SESSION;
+  tls_sigalgs_st = type Pointer;
+  TLS_SIGALGS = tls_sigalgs_st;
+  ssl_conf_ctx_st = type Pointer;
+  SSL_CONF_CTX = ssl_conf_ctx_st;
+  PSSL_CONF_CTX = ^SSL_CONF_CTX;
+  ssl_comp_st = type Pointer;
+  SSL_COMP = ssl_comp_st;
+
+  //STACK_OF(SSL_CIPHER);
+  //STACK_OF(SSL_COMP);
+
+  (* SRTP protection profiles for use with the use_srtp extension (RFC 5764)*)
+  srtp_protection_profile_st = record
+    name: PIdAnsiChar;
+    id: TIdC_ULONG;
+  end;
+  SRTP_PROTECTION_PROFILE = srtp_protection_profile_st;
+  PSRTP_PROTECTION_PROFILE = ^SRTP_PROTECTION_PROFILE;
+
+  //DEFINE_STACK_OF(SRTP_PROTECTION_PROFILE)
+
+  (* Typedefs for handling custom extensions *)
+  custom_ext_add_cb = function (s: PSSL; ext_type: TIdC_UINT; const &out: PByte; outlen: PIdC_SIZET; al: PIdC_INT; add_arg: Pointer): TIdC_INT; cdecl;
+  custom_ext_free_cb = procedure (s: PSSL; ext_type: TIdC_UINT; const &out: PByte; add_arg: Pointer); cdecl;
+  custom_ext_parse_cb = function (s: PSSL; ext_type: TIdC_UINT; const &in: PByte; inlen: TIdC_SIZET; al: PIdC_INT; parse_arg: Pointer): TIdC_INT; cdecl;
+
+  SSL_custom_ext_add_cb_ex = function (s: PSSL; ext_type: TIdC_UINT; context: TIdC_UINT; const &out: PByte; outlen: PIdC_SIZET; x: Px509; chainidx: TIdC_SIZET; al: PIdC_INT; add_arg: Pointer): TIdC_INT; cdecl;
+  SSL_custom_ext_free_cb_ex = procedure (s: PSSL; ext_type: TIdC_UINT; context: TIdC_UINT; const &out: PByte; add_arg: Pointer); cdecl;
+  SSL_custom_ext_parse_cb_ex = function (s: PSSL; ext_type: TIdC_UINT; context: TIdC_UINT; const &in: PByte; inlen: TIdC_SIZET; x: Px509; chainidx: TIdC_SIZET; al: PIdC_INT; parse_arg: Pointer): TIdC_INT; cdecl;
+
+  (* Typedef for verification callback *)
+  SSL_verify_cb = function (preverify_ok: TIdC_INT; x509_ctx: PX509_STORE_CTX): TIdC_INT; cdecl;
+
+  tls_session_ticket_ext_cb_fn = function (s: PSSL; const data: PByte; len: TIdC_INT; arg: Pointer): TIdC_INT; cdecl;
+
+  (*
+   * This callback type is used inside SSL_CTX, SSL, and &in the functions that
+   * set them. It is used to override the generation of SSL/TLS session IDs &in
+   * a server. Return value should be zero on an error, non-zero to proceed.
+   * Also, callbacks should themselves check if the id they generate is unique
+   * otherwise the SSL handshake will fail with an error - callbacks can do
+   * this using the 'ssl' value they're passed by;
+   * SSL_has_matching_session_id(ssl, id, *id_len) The length value passed &in
+   * is set at the maximum size the session ID can be. &in SSLv3/TLSv1 it is 32
+   * bytes. The callback can alter this length to be less if desired. It is
+   * also an error for the callback to set the size to zero.
+   *)
+  GEN_SESSION_CB = function (ssl: PSSL; id: PByte; id_len: PIdC_UINT): TIdC_INT; cdecl;
+
+  SSL_CTX_info_callback = procedure (const ssl: PSSL; &type: TIdC_INT; val: TIdC_INT); cdecl;
+  SSL_CTX_client_cert_cb = function (ssl: PSSL; x509: PPx509; pkey: PPEVP_PKEY): TIdC_INT; cdecl;
+
+  SSL_CTX_cookie_verify_cb = function (ssl: PSSL; cookie: PByte; cookie_len: PIdC_UINT): TIdC_INT; cdecl;
+  SSL_CTX_set_cookie_verify_cb_app_verify_cookie_cb = function (ssl: PSSL; const cookie: PByte; cookie_len: TIdC_UINT): TIdC_INT; cdecl;
+  SSL_CTX_set_stateless_cookie_generate_cb_gen_stateless_cookie_cb = function (ssl: PSSL; cookie: PByte; cookie_len: PIdC_SIZET): TIdC_INT; cdecl;
+  SSL_CTX_set_stateless_cookie_verify_cb_verify_stateless_cookie_cb = function (ssl: PSSL; const cookie: PByte; cookie_len: TIdC_SIZET): TIdC_INT; cdecl;
+
+  SSL_CTX_alpn_select_cb_func = function (ssl: PSSL; const &out: PPByte; outlen: PByte; const &in: PByte; inlen: TIdC_UINT; arg: Pointer): TIdC_INT; cdecl;
+  SSL_psk_client_cb_func = function (ssl: PSSL; const hint: PIdAnsiChar; identity: PIdAnsiChar; max_identity_len: TIdC_UINT; psk: PByte; max_psk_len: TIdC_UINT): TIdC_UINT; cdecl;
+  SSL_psk_server_cb_func = function (ssl: PSSL; const identity: PIdAnsiChar; psk: PByte; max_psk_len: TIdC_UINT): TIdC_UINT; cdecl;
+  SSL_psk_find_session_cb_func = function (ssl: PSSL; const identity: PByte; identity_len: TIdC_SIZET; sess: PPSSL_SESSION): TIdC_INT; cdecl;
+  SSL_psk_use_session_cb_func = function (ssl: PSSL; const md: PEVP_MD; const id: PPByte; idlen: PIdC_SIZET; sess: PPSSL_SESSION): TIdC_INT; cdecl;
+
+  (*
+   * A callback for logging out TLS key material. This callback should log out
+   * |line| followed by a newline.
+   *)
+  SSL_CTX_keylog_cb_func = procedure(const ssl: PSSL; const line: PIdAnsiChar); cdecl;
+
+  (*
+   * The valid handshake states (one for each type message sent and one for each
+   * type of message received). There are also two "special" states:
+   * TLS = TLS or DTLS state
+   * DTLS = DTLS specific state
+   * CR/SR = Client Read/Server Read
+   * CW/SW = Client Write/Server Write
+   *
+   * The "special" states are:
+   * TLS_ST_BEFORE = No handshake has been initiated yet
+   * TLS_ST_OK = A handshake has been successfully completed
+   *)
+  TLS_ST_OK = (
+    DTLS_ST_CR_HELLO_VERIFY_REQUEST,
+    TLS_ST_CR_SRVR_HELLO,
+    TLS_ST_CR_CERT,
+    TLS_ST_CR_CERT_STATUS,
+    TLS_ST_CR_KEY_EXCH,
+    TLS_ST_CR_CERT_REQ,
+    TLS_ST_CR_SRVR_DONE,
+    TLS_ST_CR_SESSION_TICKET,
+    TLS_ST_CR_CHANGE,
+    TLS_ST_CR_FINISHED,
+    TLS_ST_CW_CLNT_HELLO,
+    TLS_ST_CW_CERT,
+    TLS_ST_CW_KEY_EXCH,
+    TLS_ST_CW_CERT_VRFY,
+    TLS_ST_CW_CHANGE,
+    TLS_ST_CW_NEXT_PROTO,
+    TLS_ST_CW_FINISHED,
+    TLS_ST_SW_HELLO_REQ,
+    TLS_ST_SR_CLNT_HELLO,
+    DTLS_ST_SW_HELLO_VERIFY_REQUEST,
+    TLS_ST_SW_SRVR_HELLO,
+    TLS_ST_SW_CERT,
+    TLS_ST_SW_KEY_EXCH,
+    TLS_ST_SW_CERT_REQ,
+    TLS_ST_SW_SRVR_DONE,
+    TLS_ST_SR_CERT,
+    TLS_ST_SR_KEY_EXCH,
+    TLS_ST_SR_CERT_VRFY,
+    TLS_ST_SR_NEXT_PROTO,
+    TLS_ST_SR_CHANGE,
+    TLS_ST_SR_FINISHED,
+    TLS_ST_SW_SESSION_TICKET,
+    TLS_ST_SW_CERT_STATUS,
+    TLS_ST_SW_CHANGE,
+    TLS_ST_SW_FINISHED,
+    TLS_ST_SW_ENCRYPTED_EXTENSIONS,
+    TLS_ST_CR_ENCRYPTED_EXTENSIONS,
+    TLS_ST_CR_CERT_VRFY,
+    TLS_ST_SW_CERT_VRFY,
+    TLS_ST_CR_HELLO_REQ,
+    TLS_ST_SW_KEY_UPDATE,
+    TLS_ST_CW_KEY_UPDATE,
+    TLS_ST_SR_KEY_UPDATE,
+    TLS_ST_CR_KEY_UPDATE,
+    TLS_ST_EARLY_DATA,
+    TLS_ST_PENDING_EARLY_DATA_END,
+    TLS_ST_CW_END_OF_EARLY_DATA
+  );
+  OSSL_HANDSHAKE_STATE = TLS_ST_OK;
+
+  SSL_CTX_set_cert_verify_callback_cb = function (v1: PX509_STORE_CTX; v2: Pointer): TIdC_INT; cdecl;
+  SSL_CTX_set_cert_cb_cb = function (ssl: PSSL; arg: Pointer): TIdC_INT; cdecl;
+
+  SSL_CTX_set_srp_client_pwd_callback_cb = function (v1: PSSL; v2: Pointer): PIdAnsiChar; cdecl;
+  SSL_CTX_set_srp_verify_param_callback_cb = function (v1: PSSL; v2: Pointer): TIdC_INT; cdecl;
+  SSL_CTX_set_srp_username_callback_cb = function (v1: PSSL; v2: PIdC_INT; v3: Pointer): TIdC_INT; cdecl;
+  SSL_client_hello_cb_fn = function (s: PSSL; al: PIdC_INT; arg: Pointer): TIdC_INT; cdecl;
+  SSL_callback_ctrl_v3 = procedure; cdecl;
+  SSL_CTX_callback_ctrl_v3 = procedure; cdecl;
+  SSL_info_callback = procedure (const ssl: PSSL; &type: TIdC_INT; val: TIdC_INT); cdecl;
+
+  (* NB: the |keylength| is only applicable when is_export is true *)
+  SSL_CTX_set_tmp_dh_callback_dh = function (ssl: PSSL; is_export: TIdC_INT; keylength: TIdC_INT): PDH; cdecl;
+  SSL_set_tmp_dh_callback_dh = function (ssl: PSSL; is_export: TIdC_INT; keylength: TIdC_INT): PDH; cdecl;
+  SSL_CTX_set_not_resumable_session_callback_cb = function (ssl: PSSL; is_forward_secure: TIdC_INT): TIdC_INT; cdecl;
+  SSL_set_not_resumable_session_callback_cb = function (ssl: PSSL; is_forward_secure: TIdC_INT): TIdC_INT; cdecl;
+  SSL_CTX_set_record_padding_callback_cb = function (ssl: PSSL; &type: TIdC_INT; len: TIdC_SIZET; arg: Pointer): TIdC_SIZET; cdecl;
+  SSL_set_record_padding_callback_cb = function (ssl: PSSL; &type: TIdC_INT; len: TIdC_SIZET; arg: Pointer): TIdC_SIZET; cdecl;
+  
+  (*
+   * The validation type enumerates the available behaviours of the built-in SSL
+   * CT validation callback selected via SSL_enable_ct() and SSL_CTX_enable_ct().
+   * The underlying callback is a static function in libssl.
+   *)
+  SSL_CT_VALIDATION = (         
+    SSL_CT_VALIDATION_PERMISSIVE = 0,
+    SSL_CT_VALIDATION_STRICT
+  );
+  SSL_security_callback = function (const s: PSSL; const ctx: PSSL_CTX; op: TIdC_INT; bits: TIdC_INT; nid: TIdC_INT; other: Pointer; ex: Pointer): TIdC_INT; cdecl;
+
+  (* Status codes passed to the decrypt session ticket callback. Some of these
+   * are for internal use only and are never passed to the callback. *)
+  SSL_TICKET_STATUS = TIdC_INT;
+  SSL_TICKET_RETURN = TIdC_INT;
+
+  SSL_CTX_generate_session_ticket_fn = function(s: PSSL; arg: Pointer): TIdC_INT; cdecl;
+
+  SSL_CTX_decrypt_session_ticket_fn = function (s: PSSL; ss: PSSL_SESSION; const keyname: PByte; keyname_length: TIdC_SIZET; status: SSL_TICKET_STATUS; arg: Pointer): SSL_TICKET_RETURN; cdecl;
+
+  DTLS_timer_cb = function(s: PSSL; timer_us: TIdC_UINT): TIdC_UINT; cdecl;
+  SSL_allow_early_data_cb_fn = function(s: PSSL; arg: Pointer): TIdC_INT; cdecl;
+
+  SSL_CTX_sess_new_cb = function (ssl: PSSL; sess: PSSL_SESSION): TIdC_INT; cdecl;
+
+  SSL_CTX_sess_remove_cb = procedure(ctx: PSSL_CTX; sess: PSSL_SESSION); cdecl;
+
+{$REGION 'C compiler macros'}
+function SSL_CTX_set_mode(ctx: PSSL_CTX; op: TIdC_LONG): TIdC_LONG;
+function SSL_CTX_clear_mode(ctx: PSSL_CTX; op: TIdC_LONG): TIdC_LONG;
+
+function SSL_CTX_sess_set_cache_size(ctx: PSSL_CTX; t: TIdC_LONG): TIdC_LONG;
+function SSL_CTX_sess_get_cache_size(ctx: PSSL_CTX): TIdC_LONG;
+function SSL_CTX_set_session_cache_mode(ctx: PSSL_CTX; m: TIdC_LONG): TIdC_LONG;
+function SSL_CTX_get_session_cache_mode(ctx: PSSL_CTX): TIdC_LONG;
+
+function SSL_num_renegotiations(ssl: PSSL): TIdC_LONG;
+function SSL_clear_num_renegotiations(ssl: PSSL): TIdC_LONG;
+function SSL_total_renegotiations(ssl: PSSL): TIdC_LONG;
+function SSL_CTX_set_tmp_dh(ctx: PSSL_CTX; dh: PByte): TIdC_LONG;
+function SSL_CTX_set_tmp_ecdh(ctx: PSSL_CTX; ecdh: PByte): TIdC_LONG;
+function SSL_CTX_set_dh_auto(ctx: PSSL_CTX; onoff: TIdC_LONG): TIdC_LONG;
+function SSL_set_dh_auto(s: PSSL; onoff: TIdC_LONG): TIdC_LONG;
+function SSL_set_tmp_dh(ssl: PSSL; dh: PByte): TIdC_LONG;
+function SSL_set_tmp_ecdh(ssl: PSSL; ecdh: PByte): TIdC_LONG;
+function SSL_CTX_add_extra_chain_cert(ctx: PSSL_CTX; x509: PByte): TIdC_LONG;
+function SSL_CTX_get_extra_chain_certs(ctx: PSSL_CTX; px509: Pointer): TIdC_LONG;
+function SSL_CTX_get_extra_chain_certs_only(ctx: PSSL_CTX; px509: Pointer): TIdC_LONG;
+function SSL_CTX_clear_extra_chain_certs(ctx: PSSL_CTX): TIdC_LONG;
+function SSL_CTX_set0_chain(ctx: PSSL_CTX; sk: PByte): TIdC_LONG;
+function SSL_CTX_set1_chain(ctx: PSSL_CTX; sk: PByte): TIdC_LONG;
+function SSL_CTX_add0_chain_cert(ctx: PSSL_CTX; x509: PByte): TIdC_LONG;
+function SSL_CTX_add1_chain_cert(ctx: PSSL_CTX; x509: PByte): TIdC_LONG;
+function SSL_CTX_get0_chain_certs(ctx: PSSL_CTX; px509: Pointer): TIdC_LONG;
+function SSL_CTX_clear_chain_certs(ctx: PSSL_CTX): TIdC_LONG;
+function SSL_CTX_build_cert_chain(ctx: PSSL_CTX; flags: TIdC_LONG): TIdC_LONG;
+function SSL_CTX_select_current_cert(ctx: PSSL_CTX; x509: PByte): TIdC_LONG;
+function SSL_CTX_set_current_cert(ctx: PSSL_CTX; op: TIdC_LONG): TIdC_LONG;
+function SSL_CTX_set0_verify_cert_store(ctx: PSSL_CTX; st: Pointer): TIdC_LONG;
+function SSL_CTX_set1_verify_cert_store(ctx: PSSL_CTX; st: Pointer): TIdC_LONG;
+function SSL_CTX_set0_chain_cert_store(ctx: PSSL_CTX; st: Pointer): TIdC_LONG;
+function SSL_CTX_set1_chain_cert_store(ctx: PSSL_CTX; st: Pointer): TIdC_LONG;
+function SSL_set0_chain(s: PSSL; sk: PByte): TIdC_LONG;
+function SSL_set1_chain(s: PSSL; sk: PByte): TIdC_LONG;
+function SSL_add0_chain_cert(s: PSSL; x509: PByte): TIdC_LONG;
+function SSL_add1_chain_cert(s: PSSL; x509: PByte): TIdC_LONG;
+function SSL_get0_chain_certs(s: PSSL; px509: Pointer): TIdC_LONG;
+function SSL_clear_chain_certs(s: PSSL): TIdC_LONG;
+function SSL_build_cert_chain(s: PSSL; flags: TIdC_LONG): TIdC_LONG;
+function SSL_select_current_cert(s: PSSL; x509: PByte): TIdC_LONG;
+function SSL_set_current_cert(s: PSSL; op: TIdC_LONG): TIdC_LONG;
+function SSL_set0_verify_cert_store(s: PSSL; st: PByte): TIdC_LONG;
+function SSL_set1_verify_cert_store(s: PSSL; st: PByte): TIdC_LONG;
+function SSL_set0_chain_cert_store(s: PSSL; st: PByte): TIdC_LONG;
+function SSL_set1_chain_cert_store(s: PSSL; st: PByte): TIdC_LONG;
+function SSL_get1_groups(s: PSSL; glist: PIdC_INT): TIdC_LONG;
+function SSL_CTX_set1_groups(ctx: PSSL_CTX; glist: PByte; glistlen: TIdC_LONG): TIdC_LONG;
+function SSL_CTX_set1_groups_list(ctx: PSSL_CTX; s: PByte): TIdC_LONG;
+function SSL_set1_groups(s: PSSL; glist: PByte; glistlen: TIdC_LONG): TIdC_LONG;
+function SSL_set1_groups_list(s: PSSL; str: PByte): TIdC_LONG;
+function SSL_get_shared_group(s: PSSL; n: TIdC_LONG): TIdC_LONG;
+function SSL_CTX_set1_sigalgs(ctx: PSSL_CTX; slist: PIdC_INT; slistlen: TIdC_LONG): TIdC_LONG;
+function SSL_CTX_set1_sigalgs_list(ctx: PSSL_CTX; s: PByte): TIdC_LONG;
+function SSL_set1_sigalgs(s: PSSL; slist: PIdC_INT; slistlen: TIdC_LONG): TIdC_LONG;
+function SSL_set1_sigalgs_list(s: PSSL; str: PByte): TIdC_LONG;
+function SSL_CTX_set1_client_sigalgs(ctx: PSSL_CTX; slist: PIdC_INT; slistlen: TIdC_LONG): TIdC_LONG;
+function SSL_CTX_set1_client_sigalgs_list(ctx: PSSL_CTX; s: PByte): TIdC_LONG;
+function SSL_set1_client_sigalgs(s: PSSL; slist: PIdC_INT; slistlen: TIdC_LONG): TIdC_LONG;
+function SSL_set1_client_sigalgs_list(s: PSSL; str: PByte): TIdC_LONG;
+function SSL_get0_certificate_types(s: PSSL; clist: PByte): TIdC_LONG;
+function SSL_CTX_set1_client_certificate_types(ctx: PSSL_CTX; clist: PByte; clistlen: TIdC_LONG): TIdC_LONG;
+function SSL_set1_client_certificate_types(s: PSSL; clist: PByte; clistlen: TIdC_LONG): TIdC_LONG;
+function SSL_get_signature_nid(s: PSSL; pn: Pointer): TIdC_LONG;
+function SSL_get_peer_signature_nid(s: PSSL; pn: Pointer): TIdC_LONG;
+function SSL_get_peer_tmp_key(s: PSSL; pk: Pointer): TIdC_LONG;
+function SSL_get_tmp_key(s: PSSL; pk: Pointer): TIdC_LONG;
+function SSL_get0_raw_cipherlist(s: PSSL; plst: Pointer): TIdC_LONG;
+function SSL_get0_ec_point_formats(s: PSSL; plst: Pointer): TIdC_LONG;
+function SSL_CTX_set_min_proto_version(ctx: PSSL_CTX; version: TIdC_LONG): TIdC_LONG;
+function SSL_CTX_set_max_proto_version(ctx: PSSL_CTX; version: TIdC_LONG): TIdC_LONG;
+function SSL_CTX_get_min_proto_version(ctx: PSSL_CTX): TIdC_LONG;
+function SSL_CTX_get_max_proto_version(ctx: PSSL_CTX): TIdC_LONG;
+function SSL_set_min_proto_version(s: PSSL; version: TIdC_LONG): TIdC_LONG;
+function SSL_set_max_proto_version(s: PSSL; version: TIdC_LONG): TIdC_LONG;
+function SSL_get_min_proto_version(s: PSSL): TIdC_LONG;
+function SSL_get_max_proto_version(s: PSSL): TIdC_LONG;
+{$ENDREGION}
+
+var
+  //typedef TIdC_INT (*tls_session_secret_cb_fn)(s: PSSL, void *secret, TIdC_INT *secret_len,
+  //                                        STACK_OF(SSL_CIPHER) *peer_ciphers,
+  //                                        const SSL_CIPHER **cipher, void *arg);
+
+  function SSL_CTX_get_options(const ctx: PSSL_CTX): TIdC_ULONG;
+  function SSL_get_options(const s: PSSL): TIdC_ULONG;
+  function SSL_CTX_clear_options(ctx: PSSL_CTX; op: TIdC_ULONG): TIdC_ULONG;
+  function SSL_clear_options(s: PSSL; op: TIdC_ULONG): TIdC_ULONG;
+  function SSL_CTX_set_options(ctx: PSSL_CTX; op: TIdC_ULONG): TIdC_ULONG;
+  function SSL_set_options(s: PSSL; op: TIdC_ULONG): TIdC_ULONG;
+
+  //# define SSL_CTX_set_mode(ctx,op) \
+  //        SSL_CTX_ctrl((ctx),SSL_CTRL_MODE,(op),NULL)
+  //# define SSL_CTX_clear_mode(ctx,op) \
+  //        SSL_CTX_ctrl((ctx),SSL_CTRL_CLEAR_MODE,(op),NULL)
+  //# define SSL_CTX_get_mode(ctx) \
+  //        SSL_CTX_ctrl((ctx),SSL_CTRL_MODE,0,NULL)
+  //# define SSL_clear_mode(ssl,op) \
+  //        SSL_ctrl((ssl),SSL_CTRL_CLEAR_MODE,(op),NULL)
+  //# define SSL_set_mode(ssl,op) \
+  //        SSL_ctrl((ssl),SSL_CTRL_MODE,(op),NULL)
+  //# define SSL_get_mode(ssl) \
+  //        SSL_ctrl((ssl),SSL_CTRL_MODE,0,NULL)
+  //# define SSL_set_mtu(ssl, mtu) \
+  //        SSL_ctrl((ssl),SSL_CTRL_SET_MTU,(mtu),NULL)
+  //# define DTLS_set_link_mtu(ssl, mtu) \
+  //        SSL_ctrl((ssl),DTLS_CTRL_SET_LINK_MTU,(mtu),NULL)
+  //# define DTLS_get_link_min_mtu(ssl) \
+  //        SSL_ctrl((ssl),DTLS_CTRL_GET_LINK_MIN_MTU,0,NULL)
+  //
+  //# define SSL_get_secure_renegotiation_support(ssl) \
+  //        SSL_ctrl((ssl), SSL_CTRL_GET_RI_SUPPORT, 0, NULL)
+  //
+  //# ifndef OPENSSL_NO_HEARTBEATS
+  //#  define SSL_heartbeat(ssl) \
+  //        SSL_ctrl((ssl),SSL_CTRL_DTLS_EXT_SEND_HEARTBEAT,0,NULL)
+  //# endif
+  //
+  //# define SSL_CTX_set_cert_flags(ctx,op) \
+  //        SSL_CTX_ctrl((ctx),SSL_CTRL_CERT_FLAGS,(op),NULL)
+  //# define SSL_set_cert_flags(s,op) \
+  //        SSL_ctrl((s),SSL_CTRL_CERT_FLAGS,(op),NULL)
+  //# define SSL_CTX_clear_cert_flags(ctx,op) \
+  //        SSL_CTX_ctrl((ctx),SSL_CTRL_CLEAR_CERT_FLAGS,(op),NULL)
+  //# define SSL_clear_cert_flags(s,op) \
+  //        SSL_ctrl((s),SSL_CTRL_CLEAR_CERT_FLAGS,(op),NULL)
+  //
+  //void SSL_CTX_set_msg_callback(ctx: PSSL_CTX,
+  //                              void (*cb) (TIdC_INT write_p, TIdC_INT version,
+  //                                          TIdC_INT content_type, const void *buf,
+  //                                          TIdC_SIZET len, ssl: PSSL, void *arg));
+  //void SSL_set_msg_callback(ssl: PSSL,
+  //                          void (*cb) (TIdC_INT write_p, TIdC_INT version,
+  //                                      TIdC_INT content_type, const void *buf,
+  //                                      TIdC_SIZET len, ssl: PSSL, void *arg));
+  //# define SSL_CTX_set_msg_callback_arg(ctx, arg) SSL_CTX_ctrl((ctx), SSL_CTRL_SET_MSG_CALLBACK_ARG, 0, (arg))
+  //# define SSL_set_msg_callback_arg(ssl, arg) SSL_ctrl((ssl), SSL_CTRL_SET_MSG_CALLBACK_ARG, 0, (arg))
+  //
+  //# define SSL_get_extms_support(s) \
+  //        SSL_ctrl((s),SSL_CTRL_GET_EXTMS_SUPPORT,0,NULL)
+  //
+  //# ifndef OPENSSL_NO_SRP
+
+  ///* see tls_srp.c */
+  //__owur TIdC_INT SSL_SRP_CTX_init(s: PSSL);
+  //__owur TIdC_INT SSL_CTX_SRP_CTX_init(ctx: PSSL_CTX);
+  //TIdC_INT SSL_SRP_CTX_free(SSL *ctx);
+  //TIdC_INT SSL_CTX_SRP_CTX_free(ctx: PSSL_CTX);
+  //__owur TIdC_INT SSL_srp_server_param_with_username(s: PSSL, TIdC_INT *ad);
+  //__owur TIdC_INT SRP_Calc_A_param(s: PSSL);
+
+  // # endif
+
+  // LHASH_OF(SSL_SESSION) *SSL_CTX_sessions(ctx: PSSL_CTX);
+  //# define SSL_CTX_sess_number(ctx) \
+  //        SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_NUMBER,0,NULL)
+  //# define SSL_CTX_sess_connect(ctx) \
+  //        SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CONNECT,0,NULL)
+  //# define SSL_CTX_sess_connect_good(ctx) \
+  //        SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CONNECT_GOOD,0,NULL)
+  //# define SSL_CTX_sess_connect_renegotiate(ctx) \
+  //        SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CONNECT_RENEGOTIATE,0,NULL)
+  //# define SSL_CTX_sess_accept(ctx) \
+  //        SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_ACCEPT,0,NULL)
+  //# define SSL_CTX_sess_accept_renegotiate(ctx) \
+  //        SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_ACCEPT_RENEGOTIATE,0,NULL)
+  //# define SSL_CTX_sess_accept_good(ctx) \
+  //        SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_ACCEPT_GOOD,0,NULL)
+  //# define SSL_CTX_sess_hits(ctx) \
+  //        SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_HIT,0,NULL)
+  //# define SSL_CTX_sess_cb_hits(ctx) \
+  //        SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CB_HIT,0,NULL)
+  //# define SSL_CTX_sess_misses(ctx) \
+  //        SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_MISSES,0,NULL)
+  //# define SSL_CTX_sess_timeouts(ctx) \
+  //        SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_TIMEOUTS,0,NULL)
+  //# define SSL_CTX_sess_cache_full(ctx) \
+  //        SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CACHE_FULL,0,NULL)
+
+  procedure SSL_CTX_sess_set_new_cb(ctx: PSSL_CTX; new_session_cb: SSL_CTX_sess_new_cb);
+  function SSL_CTX_sess_get_new_cb(ctx: PSSL_CTX): SSL_CTX_sess_new_cb;
+  procedure SSL_CTX_sess_set_remove_cb(ctx: PSSL_CTX; remove_session_cb: SSL_CTX_sess_remove_cb);
+  function SSL_CTX_sess_get_remove_cb(ctx: PSSL_CTX): SSL_CTX_sess_remove_cb;
+
+  //void SSL_CTX_sess_set_get_cb(ctx: PSSL_CTX,
+  //                             SSL_SESSION *(*get_session_cb) (struct ssl_st
+  //                                                             *ssl,
+  //                                                             const Byte
+  //                                                             *data, TIdC_INT len,
+  //                                                             TIdC_INT *copy));
+  //SSL_SESSION *(*SSL_CTX_sess_get_get_cb(ctx: PSSL_CTX)) (struct ssl_st *ssl,
+  //                                                       const d: PByteata,
+  //                                                       TIdC_INT len, TIdC_INT *copy);
+  procedure SSL_CTX_set_info_callback(ctx: PSSL_CTX; cb: SSL_CTX_info_callback);
+  function SSL_CTX_get_info_callback(ctx: PSSL_CTX): SSL_CTX_info_callback;
+  procedure SSL_CTX_set_client_cert_cb(ctx: PSSL_CTX; client_cert_cb: SSL_CTX_client_cert_cb);
+  function SSL_CTX_get_client_cert_cb(ctx: PSSL_CTX): SSL_CTX_client_cert_cb;
+  function SSL_CTX_set_client_cert_engine(ctx: PSSL_CTX; e: PENGINE): TIdC_INT;
+
+  procedure SSL_CTX_set_cookie_generate_cb(ctx: PSSL_CTX; app_gen_cookie_cb: SSL_CTX_cookie_verify_cb);
+  procedure SSL_CTX_set_cookie_verify_cb(ctx: PSSL_CTX; app_verify_cookie_cb: SSL_CTX_set_cookie_verify_cb_app_verify_cookie_cb);
+  procedure SSL_CTX_set_stateless_cookie_generate_cb(ctx: PSSL_CTX; gen_stateless_cookie_cb: SSL_CTX_set_stateless_cookie_generate_cb_gen_stateless_cookie_cb);
+  procedure SSL_CTX_set_stateless_cookie_verify_cb(ctx: PSSL_CTX; verify_stateless_cookie_cb: SSL_CTX_set_stateless_cookie_verify_cb_verify_stateless_cookie_cb);
+
+  //__owur TIdC_INT SSL_CTX_set_alpn_protos(ctx: PSSL_CTX, const Byte *protos,
+  //                                   TIdC_UINT protos_len);
+  //__owur TIdC_INT SSL_set_alpn_protos(ssl: PSSL, const Byte *protos,
+  //                               TIdC_UINT protos_len);
+
+  procedure SSL_CTX_set_alpn_select_cb(ctx: PSSL_CTX; cb: SSL_CTX_alpn_select_cb_func; arg: Pointer);
+  procedure SSL_get0_alpn_selected(const ssl: PSSL; const data: PPByte; len: PIdC_UINT);
+  procedure SSL_CTX_set_psk_client_callback(ctx: PSSL_CTX; cb: SSL_psk_client_cb_func);
+  procedure SSL_set_psk_client_callback(ssl: PSSL; cb: SSL_psk_client_cb_func);
+  procedure SSL_CTX_set_psk_server_callback(ctx: PSSL_CTX; cb: SSL_psk_server_cb_func);
+  procedure SSL_set_psk_server_callback(ssl: PSSL; cb: SSL_psk_server_cb_func);
+
+  //__owur TIdC_INT SSL_CTX_use_psk_identity_hint(ctx: PSSL_CTX, const PIdAnsiChar *identity_hint);
+  //__owur TIdC_INT SSL_use_psk_identity_hint(s: PSSL, const PIdAnsiChar *identity_hint);
+  //const PIdAnsiChar *SSL_get_psk_identity_hint(const s: PSSL);
+  //const PIdAnsiChar *SSL_get_psk_identity(const s: PSSL);
+
+  procedure SSL_set_psk_find_session_callback(s: PSSL; cb: SSL_psk_find_session_cb_func);
+  procedure SSL_CTX_set_psk_find_session_callback(ctx: PSSL_CTX; cb: SSL_psk_find_session_cb_func);
+  procedure SSL_set_psk_use_session_callback(s: PSSL; cb: SSL_psk_use_session_cb_func);
+  procedure SSL_CTX_set_psk_use_session_callback(ctx: PSSL_CTX; cb: SSL_psk_use_session_cb_func);
+
+  ///* Register callbacks to handle custom TLS Extensions for client or server. */
+
+  //__owur TIdC_INT SSL_CTX_has_client_custom_ext(const ctx: PSSL_CTX,
+  //                                         TIdC_UINT ext_type);
+  //
+  //__owur TIdC_INT SSL_CTX_add_client_custom_ext(ctx: PSSL_CTX,
+  //                                         TIdC_UINT ext_type,
+  //                                         custom_ext_add_cb add_cb,
+  //                                         custom_ext_free_cb free_cb,
+  //                                         void *add_arg,
+  //                                         custom_ext_parse_cb parse_cb,
+  //                                         void *parse_arg);
+  //
+  //__owur TIdC_INT SSL_CTX_add_server_custom_ext(ctx: PSSL_CTX,
+  //                                         TIdC_UINT ext_type,
+  //                                         custom_ext_add_cb add_cb,
+  //                                         custom_ext_free_cb free_cb,
+  //                                         void *add_arg,
+  //                                         custom_ext_parse_cb parse_cb,
+  //                                         void *parse_arg);
+  //
+  //__owur TIdC_INT SSL_CTX_add_custom_ext(ctx: PSSL_CTX, TIdC_UINT ext_type,
+  //                                  TIdC_UINT context,
+  //                                  SSL_custom_ext_add_cb_ex add_cb,
+  //                                  SSL_custom_ext_free_cb_ex free_cb,
+  //                                  void *add_arg,
+  //                                  SSL_custom_ext_parse_cb_ex parse_cb,
+  //                                  void *parse_arg);
+
+  //__owur TIdC_INT SSL_extension_supported(TIdC_UINT ext_type);
+
+
+  ///* These will only be used when doing non-blocking IO */
+  //# define SSL_want_nothing(s)         (SSL_want(s) == SSL_NOTHING)
+  //# define SSL_want_read(s)            (SSL_want(s) == SSL_READING)
+  //# define SSL_want_write(s)           (SSL_want(s) == SSL_WRITING)
+  //# define SSL_want_x509_lookup(s)     (SSL_want(s) == SSL_X509_LOOKUP)
+  //# define SSL_want_async(s)           (SSL_want(s) == SSL_ASYNC_PAUSED)
+  //# define SSL_want_async_job(s)       (SSL_want(s) == SSL_ASYNC_NO_JOBS)
+  //# define SSL_want_client_hello_cb(s) (SSL_want(s) == SSL_CLIENT_HELLO_CB)
+
+  (*
+   * SSL_CTX_set_keylog_callback configures a callback to log key material. This
+   * is intended for debugging use with tools like Wireshark. The cb function
+   * should log line followed by a newline.
+   *)
+  procedure SSL_CTX_set_keylog_callback(ctx: PSSL_CTX; cb: SSL_CTX_keylog_cb_func);
+  (*
+   * SSL_CTX_get_keylog_callback returns the callback configured by
+   * SSL_CTX_set_keylog_callback.
+   *)
+  function SSL_CTX_get_keylog_callback(const ctx: PSSL_CTX): SSL_CTX_keylog_cb_func;
+  function SSL_CTX_set_max_early_data(ctx: PSSL_CTX; max_early_data: TIdC_UINT32): TIdC_INT;
+  function SSL_CTX_get_max_early_data(const ctx: PSSL_CTX): TIdC_UINT32;
+  function SSL_set_max_early_data(s: PSSL; max_early_data: TIdC_UINT32): TIdC_INT;
+  function SSL_get_max_early_data(const s: PSSL): TIdC_UINT32;
+  function SSL_CTX_set_recv_max_early_data(ctx: PSSL_CTX; recv_max_early_data: TIdC_UINT32): TIdC_INT;
+  function SSL_CTX_get_recv_max_early_data(const ctx: PSSL_CTX): TIdC_UINT32;
+  function SSL_set_recv_max_early_data(s: PSSL; recv_max_early_data: TIdC_UINT32): TIdC_INT;
+  function SSL_get_recv_max_early_data(const s: PSSL): TIdC_UINT32;
+
+  ///*
+  // * These need to be after the above set of includes due to a compiler bug
+  // * &in VisualStudio 2015
+  // */
+  //DEFINE_STACK_OF_CONST(SSL_CIPHER)
+  //DEFINE_STACK_OF(SSL_COMP)
+
+  ///* compatibility */
+  //# define SSL_set_app_data(s,arg)         (SSL_set_ex_data(s,0,(PIdAnsiChar *)(arg)))
+  //# define SSL_get_app_data(s)             (SSL_get_ex_data(s,0))
+  //# define SSL_SESSION_set_app_data(s,a)   (SSL_SESSION_set_ex_data(s,0, \
+  //                                                                  (PIdAnsiChar *)(a)))
+  //# define SSL_SESSION_get_app_data(s)     (SSL_SESSION_get_ex_data(s,0))
+  //# define SSL_CTX_get_app_data(ctx)       (SSL_CTX_get_ex_data(ctx,0))
+  //# define SSL_CTX_set_app_data(ctx,arg)   (SSL_CTX_set_ex_data(ctx,0, \
+  //                                                              (PIdAnsiChar *)(arg)))
+
+  ///* Is the SSL_connection established? */
+  //# define SSL_in_connect_init(a)          (SSL_in_init(a) && !SSL_is_server(a))
+  //# define SSL_in_accept_init(a)           (SSL_in_init(a) && SSL_is_server(a))
+  function SSL_in_init(const s: PSSL): TIdC_INT;
+  function SSL_in_before(const s: PSSL): TIdC_INT;
+  function SSL_is_init_finished(const s: PSSL): TIdC_INT;
+
+  (*-
+   * Obtain latest Finished message
+   *   -- that we sent (SSL_get_finished)
+   *   -- that we expected from peer (SSL_get_peer_finished).
+   * Returns length (0 == no Finished so far), copies up to 'count' bytes.
+   *)
+  function SSL_get_finished(const s: PSSL; buf: Pointer; count: TIdC_SIZET): TIdC_SIZET;
+  function SSL_get_peer_finished(const s: PSSL; buf: Pointer; count: TIdC_SIZET): TIdC_SIZET;
+
+  //# if OPENSSL_API_COMPAT < 0x10100000L
+  //#  define OpenSSL_add_ssl_algorithms()   SSL_library_init()
+  //#  define SSLeay_add_ssl_algorithms()    SSL_library_init()
+  //# endif
+
+  ///* More backward compatibility */
+  //# define SSL_get_cipher(s) \
+  //                SSL_CIPHER_get_name(SSL_get_current_cipher(s))
+  //# define SSL_get_cipher_bits(s,np) \
+  //                SSL_CIPHER_get_bits(SSL_get_current_cipher(s),np)
+  //# define SSL_get_cipher_version(s) \
+  //                SSL_CIPHER_get_version(SSL_get_current_cipher(s))
+  //# define SSL_get_cipher_name(s) \
+  //                SSL_CIPHER_get_name(SSL_get_current_cipher(s))
+  //# define SSL_get_time(a)         SSL_SESSION_get_time(a)
+  //# define SSL_set_time(a,b)       SSL_SESSION_set_time((a),(b))
+  //# define SSL_get_timeout(a)      SSL_SESSION_get_timeout(a)
+  //# define SSL_set_timeout(a,b)    SSL_SESSION_set_timeout((a),(b))
+  //
+  //# define d2i_SSL_SESSION_bio(bp,s_id) ASN1_d2i_bio_of(SSL_SESSION,SSL_SESSION_new,d2i_SSL_SESSION,bp,s_id)
+  //# define i2d_SSL_SESSION_bio(bp,s_id) ASN1_i2d_bio_of(SSL_SESSION,i2d_SSL_SESSION,bp,s_id)
+
+  //DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION)
+
+  //# define DTLSv1_get_timeout(ssl, arg) \
+  //        SSL_ctrl(ssl,DTLS_CTRL_GET_TIMEOUT,0, (void *)(arg))
+  //# define DTLSv1_handle_timeout(ssl) \
+  //        SSL_ctrl(ssl,DTLS_CTRL_HANDLE_TIMEOUT,0, NULL)
+  //
+  ///* Backwards compatibility, original 1.1.0 names */
+  //# define SSL_CTRL_GET_SERVER_TMP_KEY \
+  //         SSL_CTRL_GET_PEER_TMP_KEY
+  //# define SSL_get_server_tmp_key(s, pk) \
+  //         SSL_get_peer_tmp_key(s, pk)
+
+  //# if OPENSSL_API_COMPAT < 0x10100000L
+  //const SSL_CTX_need_tmp_RSA = (ctx)    0;
+  //const SSL_CTX_set_tmp_rsa = (ctx;rsa)   1;
+  //const SSL_need_tmp_RSA = (ssl)     0;
+  //const SSL_set_tmp_rsa = (ssl;rsa)    1;
+
+  //#  define SSL_CTX_set_ecdh_auto(dummy, onoff)      ((onoff) != 0)
+  //#  define SSL_set_ecdh_auto(dummy, onoff)          ((onoff) != 0)
+  ///*
+  // * We 'pretend' to call the callback to avoid warnings about unused static
+  // * functions.
+  // */
+  //#  define SSL_CTX_set_tmp_rsa_callback(ctx, cb)    while(0) (cb)(NULL, 0, 0)
+  //#  define SSL_set_tmp_rsa_callback(ssl, cb)        while(0) (cb)(NULL, 0, 0)
+  //# endif
+  //
+  function BIO_f_ssl: PBIO_METHOD;
+  function BIO_new_ssl(ctx: PSSL_CTX; client: TIdC_INT): PBIO;
+  function BIO_new_ssl_connect(ctx: PSSL_CTX): PBIO;
+  function BIO_new_buffer_ssl_connect(ctx: PSSL_CTX): PBIO;
+  function BIO_ssl_copy_session_id(&to: PBIO; from: PBIO): TIdC_INT;
+
+  function SSL_CTX_set_cipher_list(v1: PSSL_CTX; const str: PIdAnsiChar): TIdC_INT;
+  function SSL_CTX_new(const meth: PSSL_METHOD): PSSL_CTX;
+  function SSL_CTX_set_timeout(ctx: PSSL_CTX; t: TIdC_LONG): TIdC_LONG;
+  function SSL_CTX_get_timeout(const ctx: PSSL_CTX): TIdC_LONG;
+  function SSL_CTX_get_cert_store(const v1: PSSL_CTX): PX509_STORE;
+  function SSL_want(const s: PSSL): TIdC_INT;
+  function SSL_clear(s: PSSL): TIdC_INT;
+
+  procedure BIO_ssl_shutdown(ssl_bio: PBIO);
+  function SSL_CTX_up_ref(ctx: PSSL_CTX): TIdC_INT;
+  procedure SSL_CTX_free(v1: PSSL_CTX);
+  procedure SSL_CTX_set_cert_store(v1: PSSL_CTX; v2: PX509_STORE);
+  procedure SSL_CTX_set1_cert_store(v1: PSSL_CTX; v2: PX509_STORE);
+
+  procedure SSL_CTX_flush_sessions(ctx: PSSL_CTX; tm: TIdC_LONG);
+
+  function SSL_get_current_cipher(const s: PSSL): PSSL_CIPHER;
+  function SSL_get_pending_cipher(const s: PSSL): PSSL_CIPHER;
+  function SSL_CIPHER_get_bits(const c: PSSL_CIPHER; alg_bits: PIdC_INT): TIdC_INT;
+  function SSL_CIPHER_get_version(const c: PSSL_CIPHER): PIdAnsiChar;
+  function SSL_CIPHER_get_name(const c: PSSL_CIPHER): PIdAnsiChar;
+  function SSL_CIPHER_standard_name(const c: PSSL_CIPHER): PIdAnsiChar;
+  function OPENSSL_cipher_name(const rfc_name: PIdAnsiChar): PIdAnsiChar;
+  function SSL_CIPHER_get_id(const c: PSSL_CIPHER): TIdC_UINT32;
+  function SSL_CIPHER_get_protocol_id(const c: PSSL_CIPHER): TIdC_UINT16;
+  function SSL_CIPHER_get_kx_nid(const c: PSSL_CIPHER): TIdC_INT;
+  function SSL_CIPHER_get_auth_nid(const c: PSSL_CIPHER): TIdC_INT;
+  function SSL_CIPHER_get_handshake_digest(const c: PSSL_CIPHER): PEVP_MD;
+  function SSL_CIPHER_is_aead(const c: PSSL_CIPHER): TIdC_INT;
+
+  function SSL_get_fd(const s: PSSL): TIdC_INT;
+  function SSL_get_rfd(const s: PSSL): TIdC_INT;
+  function SSL_get_wfd(const s: PSSL): TIdC_INT;
+  function SSL_get_cipher_list(const s: PSSL; n: TIdC_INT): PIdAnsiChar;
+  function SSL_get_shared_ciphers(const s: PSSL; buf: PIdAnsiChar; size: TIdC_INT): PIdAnsiChar;
+  function SSL_get_read_ahead(const s: PSSL): TIdC_INT;
+  function SSL_pending(const s: PSSL): TIdC_INT;
+  function SSL_has_pending(const s: PSSL): TIdC_INT;
+  function SSL_set_fd(s: PSSL; fd: TIdC_INT): TIdC_INT;
+  function SSL_set_rfd(s: PSSL; fd: TIdC_INT): TIdC_INT;
+  function SSL_set_wfd(s: PSSL; fd: TIdC_INT): TIdC_INT;
+  procedure SSL_set0_rbio(s: PSSL; rbio: PBIO);
+  procedure SSL_set0_wbio(s: PSSL; wbio: PBIO);
+  procedure SSL_set_bio(s: PSSL; rbio: PBIO; wbio: PBIO);
+  function SSL_get_rbio(const s: PSSL): PBIO;
+  function SSL_get_wbio(const s: PSSL): PBIO;
+  function SSL_set_cipher_list(s: PSSL; const str: PIdAnsiChar): TIdC_INT;
+  function SSL_CTX_set_ciphersuites(ctx: PSSL_CTX; const str: PIdAnsiChar): TIdC_INT;
+  function SSL_set_ciphersuites(s: PSSL; const str: PIdAnsiChar): TIdC_INT;
+  function SSL_get_verify_mode(const s: PSSL): TIdC_INT;
+  function SSL_get_verify_depth(const s: PSSL): TIdC_INT;
+  function SSL_get_verify_callback(const s: PSSL): SSL_verify_cb;
+  procedure SSL_set_read_ahead(s: PSSL; yes: TIdC_INT);
+  procedure SSL_set_verify(s: PSSL; mode: TIdC_INT; callback: SSL_verify_cb);
+  procedure SSL_set_verify_depth(s: PSSL; depth: TIdC_INT);
+  //void SSL_set_cert_cb(s: PSSL, TIdC_INT (*cb) (ssl: PSSL, void *arg), void *arg);
+
+  function SSL_use_RSAPrivateKey(ssl: PSSL; rsa: PRSA): TIdC_INT;
+  function SSL_use_RSAPrivateKey_ASN1(ssl: PSSL; const d: PByte; len: TIdC_LONG): TIdC_INT;
+  function SSL_use_PrivateKey(ssl: PSSL; pkey: PEVP_PKEY): TIdC_INT;
+  function SSL_use_PrivateKey_ASN1(pk: TIdC_INT; ssl: PSSL; const d: PByte; len: TIdC_LONG): TIdC_INT;
+  function SSL_use_certificate(ssl: PSSL; x: PX509): TIdC_INT;
+  function SSL_use_certificate_ASN1(ssl: PSSL; const d: PByte; len: TIdC_INT): TIdC_INT;
+  //__owur TIdC_INT SSL_use_cert_and_key(ssl: PSSL, x509: PX509, EVP_PKEY *privatekey,
+  //                                STACK_OF(X509) *chain, TIdC_INT override);
+
+  (* Set serverinfo data for the current active cert. *)
+  function SSL_CTX_use_serverinfo(ctx: PSSL_CTX; const serverinfo: PByte; serverinfo_length: TIdC_SIZET): TIdC_INT;
+  function SSL_CTX_use_serverinfo_ex(ctx: PSSL_CTX; version: TIdC_UINT; const serverinfo: PByte; serverinfo_length: TIdC_SIZET): TIdC_INT;
+  function SSL_CTX_use_serverinfo_file(ctx: PSSL_CTX; const &file: PIdAnsiChar): TIdC_INT;
+
+  function SSL_use_RSAPrivateKey_file(ssl: PSSL; const &file: PIdAnsiChar; &type: TIdC_INT): TIdC_INT;
+
+  function SSL_use_PrivateKey_file(ssl: PSSL; const &file: PIdAnsiChar; &type: TIdC_INT): TIdC_INT;
+  function SSL_use_certificate_file(ssl: PSSL; const &file: PIdAnsiChar; &type: TIdC_INT): TIdC_INT;
+
+  function SSL_CTX_use_RSAPrivateKey_file(ctx: PSSL_CTX; const &file: PIdAnsiChar; &type: TIdC_INT): TIdC_INT;
+
+  function SSL_CTX_use_PrivateKey_file(ctx: PSSL_CTX; const &file: PIdAnsiChar; &type: TIdC_INT): TIdC_INT;
+  function SSL_CTX_use_certificate_file(ctx: PSSL_CTX; const &file: PIdAnsiChar; &type: TIdC_INT): TIdC_INT;
+  (* PEM type *)
+  function SSL_CTX_use_certificate_chain_file(ctx: PSSL_CTX; const &file: PIdAnsiChar): TIdC_INT;
+  function SSL_use_certificate_chain_file(ssl: PSSL; const &file: PIdAnsiChar): TIdC_INT;
+  //__owur STACK_OF(X509_NAME) *SSL_load_client_CA_file(const PIdAnsiChar *file);
+  //__owur TIdC_INT SSL_add_file_cert_subjects_to_stack(STACK_OF(X509_NAME) *stackCAs,
+  //                                               const PIdAnsiChar *file);
+  //TIdC_INT SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stackCAs,
+  //                                       const PIdAnsiChar *dir);
+
+  //# if OPENSSL_API_COMPAT < 0x10100000L
+  //#  define SSL_load_error_strings() \
+  //    OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS \
+  //                     | OPENSSL_INIT_LOAD_CRYPTO_STRINGS, NULL)
+  //# endif
+
+  function SSL_state_string(const s: PSSL): PIdAnsiChar;
+  function SSL_rstate_string(const s: PSSL): PIdAnsiChar;
+  function SSL_state_string_long(const s: PSSL): PIdAnsiChar;
+  function SSL_rstate_string_long(const s: PSSL): PIdAnsiChar;
+  function SSL_SESSION_get_time(const s: PSSL_SESSION): TIdC_LONG;
+  function SSL_SESSION_set_time(s: PSSL_SESSION; t: TIdC_LONG): TIdC_LONG;
+  function SSL_SESSION_get_timeout(const s: PSSL_SESSION): TIdC_LONG;
+  function SSL_SESSION_set_timeout(s: PSSL_SESSION; t: TIdC_LONG): TIdC_LONG;
+  function SSL_SESSION_get_protocol_version(const s: PSSL_SESSION): TIdC_INT;
+  function SSL_SESSION_set_protocol_version(s: PSSL_SESSION; version: TIdC_INT): TIdC_INT;
+
+  function SSL_SESSION_get0_hostname(const s: PSSL_SESSION): PIdAnsiChar;
+  function SSL_SESSION_set1_hostname(s: PSSL_SESSION; const hostname: PIdAnsiChar): TIdC_INT;
+  procedure SSL_SESSION_get0_alpn_selected(const s: PSSL_SESSION; const alpn: PPByte; len: PIdC_SIZET);
+  function SSL_SESSION_set1_alpn_selected(s: PSSL_SESSION; const alpn: PByte; len: TIdC_SIZET): TIdC_INT;
+  function SSL_SESSION_get0_cipher(const s: PSSL_SESSION): PSSL_CIPHER;
+  function SSL_SESSION_set_cipher(s: PSSL_SESSION; const cipher: PSSL_CIPHER): TIdC_INT;
+  function SSL_SESSION_has_ticket(const s: PSSL_SESSION): TIdC_INT;
+  function SSL_SESSION_get_ticket_lifetime_hint(const s: PSSL_SESSION): TIdC_ULONG;
+  procedure SSL_SESSION_get0_ticket(const s: PSSL_SESSION; const tick: PPByte; len: PIdC_SIZET);
+  function SSL_SESSION_get_max_early_data(const s: PSSL_SESSION): TIdC_UINT32;
+  function SSL_SESSION_set_max_early_data(s: PSSL_SESSION; max_early_data: TIdC_UINT32): TIdC_INT;
+  function SSL_copy_session_id(&to: PSSL; const from: PSSL): TIdC_INT;
+  function SSL_SESSION_get0_peer(s: PSSL_SESSION): PX509;
+  function SSL_SESSION_set1_id_context(s: PSSL_SESSION; const sid_ctx: PByte; sid_ctx_len: TIdC_UINT): TIdC_INT;
+  function SSL_SESSION_set1_id(s: PSSL_SESSION; const sid: PByte; sid_len: TIdC_UINT): TIdC_INT;
+  function SSL_SESSION_is_resumable(const s: PSSL_SESSION): TIdC_INT;
+
+  function SSL_SESSION_new: PSSL_SESSION;
+  function SSL_SESSION_dup(src: PSSL_SESSION): PSSL_SESSION;
+  function SSL_SESSION_get_id(const s: PSSL_SESSION; len: PIdC_UINT): PByte;
+  function SSL_SESSION_get0_id_context(const s: PSSL_SESSION; len: PIdC_UINT): PByte;
+  function SSL_SESSION_get_compress_id(const s: PSSL_SESSION): TIdC_UINT;
+  function SSL_SESSION_print(fp: PBIO; const ses: PSSL_SESSION): TIdC_INT;
+  function SSL_SESSION_print_keylog(bp: PBIO; const x: PSSL_SESSION): TIdC_INT;
+  function SSL_SESSION_up_ref(ses: PSSL_SESSION): TIdC_INT;
+  procedure SSL_SESSION_free(ses: PSSL_SESSION);
+  //__owur TIdC_INT i2d_SSL_SESSION(SSL_SESSION *&in, Byte **pp);
+  function SSL_set_session(&to: PSSL; session: PSSL_SESSION): TIdC_INT;
+  function SSL_CTX_add_session(ctx: PSSL_CTX; session: PSSL_SESSION): TIdC_INT;
+  function SSL_CTX_remove_session(ctx: PSSL_CTX; session: PSSL_SESSION): TIdC_INT;
+  function SSL_CTX_set_generate_session_id(ctx: PSSL_CTX; cb: GEN_SESSION_CB): TIdC_INT;
+  function SSL_set_generate_session_id(s: PSSL; cb: GEN_SESSION_CB): TIdC_INT;
+  function SSL_has_matching_session_id(const s: PSSL; const id: PByte; id_len: TIdC_UINT): TIdC_INT;
+  function d2i_SSL_SESSION(a: PPSSL_SESSION; const pp: PPByte; length: TIdC_LONG): PSSL_SESSION;
+
+  function SSL_get_peer_certificate(const s: PSSL): PX509;
+
+  //__owur STACK_OF(X509) *SSL_get_peer_cert_chain(const s: PSSL);
+  //
+  function SSL_CTX_get_verify_mode(const ctx: PSSL_CTX): TIdC_INT;
+  function SSL_CTX_get_verify_depth(const ctx: PSSL_CTX): TIdC_INT;
+  function SSL_CTX_get_verify_callback(const ctx: PSSL_CTX): SSL_verify_cb;
+  procedure SSL_CTX_set_verify(ctx: PSSL_CTX; mode: TIdC_INT; callback: SSL_verify_cb);
+  procedure SSL_CTX_set_verify_depth(ctx: PSSL_CTX; depth: TIdC_INT);
+  procedure SSL_CTX_set_cert_verify_callback(ctx: PSSL_CTX; cb: SSL_CTX_set_cert_verify_callback_cb; arg: Pointer);
+  procedure SSL_CTX_set_cert_cb(c: PSSL_CTX; cb: SSL_CTX_set_cert_cb_cb; arg: Pointer);
+  function SSL_CTX_use_RSAPrivateKey(ctx: PSSL_CTX; rsa: PRSA): TIdC_INT;
+  function SSL_CTX_use_RSAPrivateKey_ASN1(ctx: PSSL_CTX; const d: PByte; len: TIdC_LONG): TIdC_INT;
+  function SSL_CTX_use_PrivateKey(ctx: PSSL_CTX; pkey: PEVP_PKEY): TIdC_INT;
+  function SSL_CTX_use_PrivateKey_ASN1(pk: TIdC_INT; ctx: PSSL_CTX; const d: PByte; len: TIdC_LONG): TIdC_INT;
+  function SSL_CTX_use_certificate(ctx: PSSL_CTX; x: X509): TIdC_INT;
+  function SSL_CTX_use_certificate_ASN1(ctx: PSSL_CTX; len: TIdC_INT; const d: PByte): TIdC_INT;
+  //function TIdC_INT SSL_CTX_use_cert_and_key(ctx: PSSL_CTX; x509: PX509; EVP_PKEY *privatekey; STACK_OF(X509) *chain; TIdC_INT override);
+
+  procedure SSL_CTX_set_default_passwd_cb(ctx: PSSL_CTX; cb: pem_password_cb);
+  procedure SSL_CTX_set_default_passwd_cb_userdata(ctx: PSSL_CTX; u: Pointer);
+  function SSL_CTX_get_default_passwd_cb(ctx: PSSL_CTX): pem_password_cb;
+  function SSL_CTX_get_default_passwd_cb_userdata(ctx: PSSL_CTX): Pointer;
+  procedure SSL_set_default_passwd_cb(s: PSSL; cb: pem_password_cb);
+  procedure SSL_set_default_passwd_cb_userdata(s: PSSL; u: Pointer);
+  function SSL_get_default_passwd_cb(s: PSSL): pem_password_cb;
+  function SSL_get_default_passwd_cb_userdata(s: PSSL): Pointer;
+
+  function SSL_CTX_check_private_key(const ctx: PSSL_CTX): TIdC_INT;
+  function SSL_check_private_key(const ctx: PSSL): TIdC_INT;
+
+  function SSL_CTX_set_session_id_context(ctx: PSSL_CTX; const sid_ctx: PByte; sid_ctx_len: TIdC_UINT): TIdC_INT;
+
+  function SSL_new(ctx: PSSL_CTX): PSSL;
+  function SSL_up_ref(s: PSSL): TIdC_INT;
+  function SSL_is_dtls(const s: PSSL): TIdC_INT;
+  function SSL_set_session_id_context(ssl: PSSL; const sid_ctx: PByte; sid_ctx_len: TIdC_UINT): TIdC_INT;
+
+  function SSL_CTX_set_purpose(ctx: PSSL_CTX; purpose: TIdC_INT): TIdC_INT;
+  function SSL_set_purpose(ssl: PSSL; purpose: TIdC_INT): TIdC_INT;
+  function SSL_CTX_set_trust(ctx: PSSL_CTX; trust: TIdC_INT): TIdC_INT;
+  function SSL_set_trust(ssl: PSSL; trust: TIdC_INT): TIdC_INT;
+
+  function SSL_set1_host(s: PSSL; const hostname: PIdAnsiChar): TIdC_INT;
+  function SSL_add1_host(s: PSSL; const hostname: PIdAnsiChar): TIdC_INT;
+  function SSL_get0_peername(s: PSSL): PIdAnsiChar;
+  procedure SSL_set_hostflags(s: PSSL; flags: TIdC_UINT);
+
+  function SSL_CTX_dane_enable(ctx: PSSL_CTX): TIdC_INT;
+  function SSL_CTX_dane_mtype_set(ctx: PSSL_CTX; const md: PEVP_MD; mtype: TIdC_UINT8; ord: TIdC_UINT8): TIdC_INT;
+  function SSL_dane_enable(s: PSSL; const basedomain: PIdAnsiChar): TIdC_INT;
+  function SSL_dane_tlsa_add(s: PSSL; usage: TIdC_UINT8; selector: TIdC_UINT8; mtype: TIdC_UINT8; const data: PByte; dlen: TIdC_SIZET): TIdC_INT;
+  function SSL_get0_dane_authority(s: PSSL; mcert: PPX509; mspki: PPEVP_PKEY): TIdC_INT;
+  function SSL_get0_dane_tlsa(s: PSSL; usage: PIdC_UINT8; selector: PIdC_UINT8; mtype: PIdC_UINT8; const data: PPByte; dlen: PIdC_SIZET): TIdC_INT;
+  (*
+   * Bridge opacity barrier between libcrypt and libssl, also needed to support
+   * offline testing in test/danetest.c
+   *)
+  function SSL_get0_dane(ssl: PSSL): PSSL_DANE;
+
+  (*
+   * DANE flags
+   *)
+  function SSL_CTX_dane_set_flags(ctx: PSSL_CTX; flags: TIdC_ULONG): TIdC_ULONG;
+  function SSL_CTX_dane_clear_flags(ctx: PSSL_CTX; flags: TIdC_ULONG): TIdC_ULONG;
+  function SSL_dane_set_flags(ssl: PSSL; flags: TIdC_ULONG): TIdC_ULONG;
+  function SSL_dane_clear_flags(ssl: PSSL; flags: TIdC_ULONG): TIdC_ULONG;
+
+  function SSL_CTX_set1_param(ctx: PSSL_CTX; vpm: PX509_VERIFY_PARAM): TIdC_INT;
+  function SSL_set1_param(ssl: PSSL; vpm: PX509_VERIFY_PARAM): TIdC_INT;
+
+  function SSL_CTX_get0_param(ctx: PSSL_CTX): PX509_VERIFY_PARAM;
+  function SSL_get0_param(ssl: PSSL): PX509_VERIFY_PARAM;
+
+  function SSL_CTX_set_srp_username(ctx: PSSL_CTX; name: PIdAnsiChar): TIdC_INT;
+  function SSL_CTX_set_srp_password(ctx: PSSL_CTX; password: PIdAnsiChar): TIdC_INT;
+  function SSL_CTX_set_srp_strength(ctx: PSSL_CTX; strength: TIdC_INT): TIdC_INT;
+
+  function SSL_CTX_set_srp_client_pwd_callback(ctx: PSSL_CTX; cb: SSL_CTX_set_srp_client_pwd_callback_cb): TIdC_INT;
+  function SSL_CTX_set_srp_verify_param_callback(ctx: PSSL_CTX; cb: SSL_CTX_set_srp_verify_param_callback_cb): TIdC_INT;
+  function SSL_CTX_set_srp_username_callback(ctx: PSSL_CTX; cb: SSL_CTX_set_srp_username_callback_cb): TIdC_INT;
+
+  function SSL_CTX_set_srp_cb_arg(ctx: PSSL_CTX; arg: Pointer): TIdC_INT;
+  function SSL_set_srp_server_param(s: PSSL; const N: PBIGNUm; const g: PBIGNUm; sa: PBIGNUm; v: PBIGNUm; info: PIdAnsiChar): TIdC_INT;
+  function SSL_set_srp_server_param_pw(s: PSSL; const user: PIdAnsiChar; const pass: PIdAnsiChar; const grp: PIdAnsiChar): TIdC_INT;
+
+  //__owur BIGNUM *SSL_get_srp_g(s: PSSL);
+  //__owur BIGNUM *SSL_get_srp_N(s: PSSL);
+  //
+  //__owur PIdAnsiChar *SSL_get_srp_username(s: PSSL);
+  //__owur PIdAnsiChar *SSL_get_srp_userinfo(s: PSSL);
+  //
+  ///*
+  // * ClientHello callback and helpers.
+  // */
+  procedure SSL_CTX_set_client_hello_cb(c: PSSL_CTX; cb: SSL_client_hello_cb_fn; arg: Pointer);
+  function SSL_client_hello_isv2(s: PSSL): TIdC_INT;
+  function SSL_client_hello_get0_legacy_version(s: PSSL): TIdC_UINT;
+  function SSL_client_hello_get0_random(s: PSSL; const &out: PPByte): TIdC_SIZET;
+  function SSL_client_hello_get0_session_id(s: PSSL; const &out: PPByte): TIdC_SIZET;
+  function SSL_client_hello_get0_ciphers(s: PSSL; const &out: PPByte): TIdC_SIZET;
+  function SSL_client_hello_get0_compression_methods(s: PSSL; const &out: PPByte): TIdC_SIZET;
+  function SSL_client_hello_get1_extensions_present(s: PSSL; &out: PPIdC_INT; outlen: PIdC_SIZET): TIdC_INT;
+  function SSL_client_hello_get0_ext(s: PSSL; &type: TIdC_UINT; const &out: PPByte; outlen: PIdC_SIZET): TIdC_INT;
+  procedure SSL_certs_clear(s: PSSL);
+  procedure SSL_free(ssl: PSSL);
+
+  (*
+   * Windows application developer has to include windows.h to use these.
+   *)
+  function SSL_waiting_for_async(s: PSSL): TIdC_INT;
+  function SSL_get_all_async_fds(s: PSSL; fds: POSSL_ASYNC_FD; numfds: PIdC_SIZET): TIdC_INT;
+  function SSL_get_changed_async_fds(s: PSSL; addfd: POSSL_ASYNC_FD; numaddfds: PIdC_SIZET; delfd: POSSL_ASYNC_FD; numdelfds: PIdC_SIZET): TIdC_INT;
+  function SSL_accept(ssl: PSSL): TIdC_INT;
+  function SSL_stateless(s: PSSL): TIdC_INT;
+  function SSL_connect(ssl: PSSL): TIdC_INT;
+  function SSL_read(ssl: PSSL; buf: Pointer; num: TIdC_INT): TIdC_INT;
+  function SSL_read_ex(ssl: PSSL; buf: Pointer; num: TIdC_SIZET; readbytes: PIdC_SIZET): TIdC_INT;
+
+  function SSL_read_early_data(s: PSSL; buf: Pointer; num: TIdC_SIZET; readbytes: PIdC_SIZET): TIdC_INT;
+  function SSL_peek(ssl: PSSL; buf: Pointer; num: TIdC_INT): TIdC_INT;
+  function SSL_peek_ex(ssl: PSSL; buf: Pointer; num: TIdC_SIZET; readbytes: PIdC_SIZET): TIdC_INT;
+  function SSL_write(ssl: PSSL; const buf: Pointer; num: TIdC_INT): TIdC_INT;
+  function SSL_write_ex(s: PSSL; const buf: Pointer; num: TIdC_SIZET; written: PIdC_SIZET): TIdC_INT;
+  function SSL_write_early_data(s: PSSL; const buf: Pointer; num: TIdC_SIZET; written: PIdC_SIZET): TIdC_INT;
+  function SSL_callback_ctrl(v1: PSSL; v2: TIdC_INT; v3: SSL_callback_ctrl_v3): TIdC_LONG;
+
+  function SSL_ctrl(ssl: PSSL; cmd: TIdC_INT; larg: TIdC_LONG; parg: Pointer): TIdC_LONG;
+  function SSL_CTX_ctrl(ctx: PSSL_CTX; cmd: TIdC_INT; larg: TIdC_LONG; parg: Pointer): TIdC_LONG;
+  function SSL_CTX_callback_ctrl(v1: PSSL_CTX; v2: TIdC_INT; v3: SSL_CTX_callback_ctrl_v3): TIdC_LONG;
+
+  function SSL_get_early_data_status(const s: PSSL): TIdC_INT;
+
+  function SSL_get_error(const s: PSSL; ret_code: TIdC_INT): TIdC_INT;
+  function SSL_get_version(const s: PSSL): PIdAnsiChar;
+
+  (* This sets the 'default' SSL version that SSL_new() will create *)
+  function SSL_CTX_set_ssl_version(ctx: PSSL_CTX; const meth: PSSL_METHOD): TIdC_INT;
+
+  ///* Negotiate highest available SSL/TLS version */
+  function TLS_method: PSSL_METHOD;
+  function TLS_server_method: PSSL_METHOD;
+  function TLS_client_method: PSSL_METHOD;
+
+  //__owur const SSL_METHOD *DTLS_method(void); /* DTLS 1.0 and 1.2 */
+  //__owur const SSL_METHOD *DTLS_server_method(void); /* DTLS 1.0 and 1.2 */
+  //__owur const SSL_METHOD *DTLS_client_method(void); /* DTLS 1.0 and 1.2 */
+  //
+  //__owur TIdC_SIZET DTLS_get_data_mtu(const s: PSSL);
+  //
+  //__owur STACK_OF(SSL_CIPHER) *SSL_get_ciphers(const s: PSSL);
+  //__owur STACK_OF(SSL_CIPHER) *SSL_CTX_get_ciphers(const ctx: PSSL_CTX);
+  //__owur STACK_OF(SSL_CIPHER) *SSL_get_client_ciphers(const s: PSSL);
+  //__owur STACK_OF(SSL_CIPHER) *SSL_get1_supported_ciphers(s: PSSL);
+  //
+  //__owur TIdC_INT SSL_do_handshake(s: PSSL);
+  function SSL_key_update(s: PSSL; updatetype: TIdC_INT): TIdC_INT;
+  function SSL_get_key_update_type(const s: PSSL): TIdC_INT;
+  function SSL_renegotiate(s: PSSL): TIdC_INT;
+  function SSL_renegotiate_abbreviated(s: PSSL): TIdC_INT;
+  function SSL_shutdown(s: PSSL): TIdC_INT;
+  procedure SSL_CTX_set_post_handshake_auth(ctx: PSSL_CTX; val: TIdC_INT);
+  procedure SSL_set_post_handshake_auth(s: PSSL; val: TIdC_INT);
+
+  function SSL_renegotiate_pending(const s: PSSL): TIdC_INT;
+  function SSL_verify_client_post_handshake(s: PSSL): TIdC_INT;
+
+  function SSL_CTX_get_ssl_method(const ctx: PSSL_CTX): PSSL_METHOD;
+  function SSL_get_ssl_method(const s: PSSL): PSSL_METHOD;
+  function SSL_set_ssl_method(s: PSSL; const method: PSSL_METHOD): TIdC_INT;
+  function SSL_alert_type_string_long(value: TIdC_INT): PIdAnsiChar;
+  function SSL_alert_type_string(value: TIdC_INT): PIdAnsiChar;
+  function SSL_alert_desc_string_long(value: TIdC_INT): PIdAnsiChar;
+  function SSL_alert_desc_string(value: TIdC_INT): PIdAnsiChar;
+
+  //void SSL_set0_CA_list(s: PSSL, STACK_OF(X509_NAME) *name_list);
+  //void SSL_CTX_set0_CA_list(ctx: PSSL_CTX, STACK_OF(X509_NAME) *name_list);
+  //__owur const STACK_OF(X509_NAME) *SSL_get0_CA_list(const s: PSSL);
+  //__owur const STACK_OF(X509_NAME) *SSL_CTX_get0_CA_list(const ctx: PSSL_CTX);
+  //__owur TIdC_INT SSL_add1_to_CA_list(ssl: PSSL, const X509 *x);
+  //__owur TIdC_INT SSL_CTX_add1_to_CA_list(ctx: PSSL_CTX, const X509 *x);
+  //__owur const STACK_OF(X509_NAME) *SSL_get0_peer_CA_list(const s: PSSL);
+
+  //void SSL_set_client_CA_list(s: PSSL, STACK_OF(X509_NAME) *name_list);
+  //void SSL_CTX_set_client_CA_list(ctx: PSSL_CTX, STACK_OF(X509_NAME) *name_list);
+  //__owur STACK_OF(X509_NAME) *SSL_get_client_CA_list(const s: PSSL);
+  //__owur STACK_OF(X509_NAME) *SSL_CTX_get_client_CA_list(const SSL_CTX *s);
+  function SSL_add_client_CA(ssl: PSSL; x: PX509): TIdC_INT;
+  function SSL_CTX_add_client_CA(ctx: PSSL_CTX; x: PX509): TIdC_INT;
+
+  procedure SSL_set_connect_state(s: PSSL);
+  procedure SSL_set_accept_state(s: PSSL);
+
+  //__owur TIdC_LONG SSL_get_default_timeout(const s: PSSL);
+  //
+  //# if OPENSSL_API_COMPAT < 0x10100000L
+  //#  define SSL_library_init() OPENSSL_init_ssl(0, NULL)
+  //# endif
+
+  //__owur PIdAnsiChar *SSL_CIPHER_description(const SSL_CIPHER *, PIdAnsiChar *buf, TIdC_INT size);
+  //__owur STACK_OF(X509_NAME) *SSL_dup_CA_list(const STACK_OF(X509_NAME) *sk);
+
+  function SSL_dup(ssl: PSSL): PSSL;
+
+  function SSL_get_certificate(const ssl: PSSL): PX509;
+  (*
+   * EVP_PKEY
+   *)
+  function SSL_get_privatekey(const ssl: PSSL): PEVP_PKEY;
+
+  function SSL_CTX_get0_certificate(const ctx: PSSL_CTX): PX509;
+  function SSL_CTX_get0_privatekey(const ctx: PSSL_CTX): PEVP_PKEY;
+
+  procedure SSL_CTX_set_quiet_shutdown(ctx: PSSL_CTX; mode: TIdC_INT);
+  function SSL_CTX_get_quiet_shutdown(const ctx: PSSL_CTX): TIdC_INT;
+  procedure SSL_set_quiet_shutdown(ssl: PSSL; mode: TIdC_INT);
+  function SSL_get_quiet_shutdown(const ssl: PSSL): TIdC_INT;
+  procedure SSL_set_shutdown(ssl: PSSL; mode: TIdC_INT);
+  function SSL_get_shutdown(const ssl: PSSL): TIdC_INT;
+  function SSL_version(const ssl: PSSL): TIdC_INT;
+  function SSL_client_version(const s: PSSL): TIdC_INT;
+  function SSL_CTX_set_default_verify_paths(ctx: PSSL_CTX): TIdC_INT;
+  function SSL_CTX_set_default_verify_dir(ctx: PSSL_CTX): TIdC_INT;
+  function SSL_CTX_set_default_verify_file(ctx: PSSL_CTX): TIdC_INT;
+  function SSL_CTX_load_verify_locations(ctx: PSSL_CTX; const CAfile: PIdAnsiChar; const CApath: PIdAnsiChar): TIdC_INT;
+  //# define SSL_get0_session SSL_get_session/* just peek at pointer */
+  function SSL_get_session(const ssl: PSSL): PSSL_SESSION;
+  (* obtain a reference count *)
+  function SSL_get1_session(ssl: PSSL): PSSL_SESSION;
+  function SSL_get_SSL_CTX(const ssl: PSSL): PSSL_CTX;
+  function SSL_set_SSL_CTX(ssl: PSSL; ctx: PSSL_CTX): PSSL_CTX;
+  procedure SSL_set_info_callback(ssl: PSSL; cb: SSL_info_callback);
+  function SSL_get_info_callback(const ssl: PSSL): SSL_info_callback;
+  function SSL_get_state(const ssl: PSSL): OSSL_HANDSHAKE_STATE;
+
+  procedure SSL_set_verify_result(ssl: PSSL; v: TIdC_LONG);
+  function SSL_get_verify_result(const ssl: PSSL): TIdC_LONG;
+  //__owur STACK_OF(X509) *SSL_get0_verified_chain(const s: PSSL);
+
+  function SSL_get_client_random(const ssl: PSSL; &out: PByte; outlen: TIdC_SIZET): TIdC_SIZET;
+  function SSL_get_server_random(const ssl: PSSL; &out: PByte; outlen: TIdC_SIZET): TIdC_SIZET;
+  function SSL_SESSION_get_master_key(const sess: PSSL_SESSION; &out: PByte; outlen: TIdC_SIZET): TIdC_SIZET;
+  function SSL_SESSION_set1_master_key(sess: PSSL_SESSION; const &in: PByte; len: TIdC_SIZET): TIdC_INT;
+  function SSL_SESSION_get_max_fragment_length(const sess: PSSL_SESSION): TIdC_UINT8;
+
+  //#define SSL_get_ex_new_index(l, p, newf, dupf, freef) \
+  //    CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL, l, p, newf, dupf, freef)
+  function SSL_set_ex_data(ssl: PSSL; idx: TIdC_INT; data: Pointer): TIdC_INT;
+  function SSL_get_ex_data(const ssl: PSSL; idx: TIdC_INT): Pointer;
+  //#define SSL_SESSION_get_ex_new_index(l, p, newf, dupf, freef) \
+  //    CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL_SESSION, l, p, newf, dupf, freef)
+  function SSL_SESSION_set_ex_data(ss: PSSL_SESSION; idx: TIdC_INT; data: Pointer): TIdC_INT;
+  function SSL_SESSION_get_ex_data(const ss: PSSL_SESSION; idx: TIdC_INT): Pointer;
+  //#define SSL_CTX_get_ex_new_index(l, p, newf, dupf, freef) \
+  //    CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL_CTX, l, p, newf, dupf, freef)
+  function SSL_CTX_set_ex_data(ssl: PSSL_CTX; idx: TIdC_INT; data: Pointer): TIdC_INT;
+  function SSL_CTX_get_ex_data(const ssl: PSSL_CTX; idx: TIdC_INT): Pointer;
+
+  function SSL_get_ex_data_X509_STORE_CTX_idx: TIdC_INT;
+
+  //# define SSL_CTX_get_default_read_ahead(ctx) SSL_CTX_get_read_ahead(ctx)
+  //# define SSL_CTX_set_default_read_ahead(ctx,m) SSL_CTX_set_read_ahead(ctx,m)
+  //# define SSL_CTX_get_read_ahead(ctx) \
+  //        SSL_CTX_ctrl(ctx,SSL_CTRL_GET_READ_AHEAD,0,NULL)
+  //# define SSL_CTX_set_read_ahead(ctx,m) \
+  //        SSL_CTX_ctrl(ctx,SSL_CTRL_SET_READ_AHEAD,m,NULL)
+  //# define SSL_CTX_get_max_cert_list(ctx) \
+  //        SSL_CTX_ctrl(ctx,SSL_CTRL_GET_MAX_CERT_LIST,0,NULL)
+  //# define SSL_CTX_set_max_cert_list(ctx,m) \
+  //        SSL_CTX_ctrl(ctx,SSL_CTRL_SET_MAX_CERT_LIST,m,NULL)
+  //# define SSL_get_max_cert_list(ssl) \
+  //        SSL_ctrl(ssl,SSL_CTRL_GET_MAX_CERT_LIST,0,NULL)
+  //# define SSL_set_max_cert_list(ssl,m) \
+  //        SSL_ctrl(ssl,SSL_CTRL_SET_MAX_CERT_LIST,m,NULL)
+  //
+  //# define SSL_CTX_set_max_send_fragment(ctx,m) \
+  //        SSL_CTX_ctrl(ctx,SSL_CTRL_SET_MAX_SEND_FRAGMENT,m,NULL)
+  //# define SSL_set_max_send_fragment(ssl,m) \
+  //        SSL_ctrl(ssl,SSL_CTRL_SET_MAX_SEND_FRAGMENT,m,NULL)
+  //# define SSL_CTX_set_split_send_fragment(ctx,m) \
+  //        SSL_CTX_ctrl(ctx,SSL_CTRL_SET_SPLIT_SEND_FRAGMENT,m,NULL)
+  //# define SSL_set_split_send_fragment(ssl,m) \
+  //        SSL_ctrl(ssl,SSL_CTRL_SET_SPLIT_SEND_FRAGMENT,m,NULL)
+  //# define SSL_CTX_set_max_pipelines(ctx,m) \
+  //        SSL_CTX_ctrl(ctx,SSL_CTRL_SET_MAX_PIPELINES,m,NULL)
+  //# define SSL_set_max_pipelines(ssl,m) \
+  //        SSL_ctrl(ssl,SSL_CTRL_SET_MAX_PIPELINES,m,NULL)
+
+  procedure SSL_CTX_set_default_read_buffer_len(ctx: PSSL_CTX; len: TIdC_SIZET);
+  procedure SSL_set_default_read_buffer_len(s: PSSL; len: TIdC_SIZET);
+
+  procedure SSL_CTX_set_tmp_dh_callback(ctx: PSSL_CTX; dh: SSL_CTX_set_tmp_dh_callback_dh);
+  procedure SSL_set_tmp_dh_callback(ssl: PSSL; dh: SSL_set_tmp_dh_callback_dh);
+
+  //__owur const COMP_METHOD *SSL_get_current_compression(const s: PSSL);
+  //__owur const COMP_METHOD *SSL_get_current_expansion(const s: PSSL);
+  //__owur const PIdAnsiChar *SSL_COMP_get_name(const COMP_METHOD *comp);
+  //__owur const PIdAnsiChar *SSL_COMP_get0_name(const SSL_COMP *comp);
+  //__owur TIdC_INT SSL_COMP_get_id(const SSL_COMP *comp);
+  //STACK_OF(SSL_COMP) *SSL_COMP_get_compression_methods(void);
+  //__owur STACK_OF(SSL_COMP) *SSL_COMP_set0_compression_methods(STACK_OF(SSL_COMP)
+  //                                                             *meths);
+  //# if OPENSSL_API_COMPAT < 0x10100000L
+  //#  define SSL_COMP_free_compression_methods() while(0) continue
+  //# endif
+  //__owur TIdC_INT SSL_COMP_add_compression_method(TIdC_INT id, COMP_METHOD *cm);
+
+  function SSL_CIPHER_find(ssl: PSSL; const ptr: PByte): PSSL_CIPHER;
+  function SSL_CIPHER_get_cipher_nid(const c: PSSL_CIPHEr): TIdC_INT;
+  function SSL_CIPHER_get_digest_nid(const c: PSSL_CIPHEr): TIdC_INT;
+  //TIdC_INT SSL_bytes_to_cipher_list(s: PSSL, const Byte *bytes, TIdC_SIZET len,
+  //                             TIdC_INT isv2format, STACK_OF(SSL_CIPHER) **sk,
+  //                             STACK_OF(SSL_CIPHER) **scsvs);
+
+  (* TLS extensions functions *)
+  function SSL_set_session_ticket_ext(s: PSSL; ext_data: Pointer; ext_len: TIdC_INT): TIdC_INT;
+  //
+  function SSL_set_session_ticket_ext_cb(s: PSSL; cb: tls_session_ticket_ext_cb_fn; arg: Pointer): TIdC_INT;
+
+  ///* Pre-shared secret session resumption functions */
+  //__owur TIdC_INT SSL_set_session_secret_cb(s: PSSL,
+  //                                     tls_session_secret_cb_fn session_secret_cb,
+  //                                     void *arg);
+
+  procedure SSL_CTX_set_not_resumable_session_callback(ctx: PSSL_CTX; cb: SSL_CTX_set_not_resumable_session_callback_cb);
+  procedure SSL_set_not_resumable_session_callback(ssl: PSSL; cb: SSL_set_not_resumable_session_callback_cb);
+  procedure SSL_CTX_set_record_padding_callback(ctx: PSSL_CTX; cb: SSL_CTX_set_record_padding_callback_cb);
+
+  procedure SSL_CTX_set_record_padding_callback_arg(ctx: PSSL_CTX; arg: Pointer);
+  function SSL_CTX_get_record_padding_callback_arg(const ctx: PSSL_CTX): Pointer;
+  function SSL_CTX_set_block_padding(ctx: PSSL_CTX; block_size: TIdC_SIZET): TIdC_INT;
+
+  procedure SSL_set_record_padding_callback(ssl: PSSL; cb: SSL_set_record_padding_callback_cb);
+
+  procedure SSL_set_record_padding_callback_arg(ssl: PSSL; arg: Pointer);
+  function SSL_get_record_padding_callback_arg(const ssl: PSSL): Pointer;
+  function SSL_set_block_padding(ssl: PSSL; block_size: TIdC_SIZET): TIdC_INT;
+  function SSL_set_num_tickets(s: PSSL; num_tickets: TIdC_SIZET): TIdC_INT;
+  function SSL_get_num_tickets(const s: PSSL): TIdC_SIZET;
+  function SSL_CTX_set_num_tickets(ctx: PSSL_CTX; num_tickets: TIdC_SIZET): TIdC_INT;
+  function SSL_CTX_get_num_tickets(const ctx: PSSL_CTX): TIdC_SIZET;
+
+  //# if OPENSSL_API_COMPAT < 0x10100000L
+  //#  define SSL_cache_hit(s) SSL_session_reused(s)
+  //# endif
+
+  function SSL_session_reused(const s: PSSL): TIdC_INT;
+  function SSL_is_server(const s: PSSL): TIdC_INT;
+
+  function SSL_CONF_CTX_new: PSSL_CONF_CTX;
+  function SSL_CONF_CTX_finish(cctx: PSSL_CONF_CTX): TIdC_INT;
+  procedure SSL_CONF_CTX_free(cctx: PSSL_CONF_CTX);
+  function SSL_CONF_CTX_set_flags(cctx: PSSL_CONF_CTX; flags: TIdC_UINT): TIdC_UINT;
+  function SSL_CONF_CTX_clear_flags(cctx: PSSL_CONF_CTX; flags: TIdC_UINT): TIdC_UINT;
+  function SSL_CONF_CTX_set1_prefix(cctx: PSSL_CONF_CTX; const pre: PIdAnsiChar): TIdC_INT;
+  function SSL_CONF_cmd(cctx: PSSL_CONF_CTX; const cmd: PIdAnsiChar; const value: PIdAnsiChar): TIdC_INT;
+  function SSL_CONF_cmd_argv(cctx: PSSL_CONF_CTX; pargc: PIdC_INT; pargv: PPPIdAnsiChar): TIdC_INT;
+  function SSL_CONF_cmd_value_type(cctx: PSSL_CONF_CTX; const cmd: PIdAnsiChar): TIdC_INT;
+
+  procedure SSL_CONF_CTX_set_ssl(cctx: PSSL_CONF_CTX; ssl: PSSL);
+  procedure SSL_CONF_CTX_set_ssl_ctx(cctx: PSSL_CONF_CTX; ctx: PSSL_CTX);
+  procedure SSL_add_ssl_module;
+  function SSL_config(s: PSSL; const name: PIdAnsiChar): TIdC_INT;
+  function SSL_CTX_config(ctx: PSSL_CTX; const name: PIdAnsiChar): TIdC_INT;
+
+  procedure SSL_trace(write_p: TIdC_INT; version: TIdC_INT; content_type: TIdC_INT; const buf: Pointer; len: TIdC_SIZET; ssl: PSSL; arg: Pointer);
+
+  function DTLSv1_listen(s: PSSL; client: PBIO_ADDr): TIdC_INT;
+
+  //# ifndef OPENSSL_NO_CT
+  //
+  ///*
+  // * A callback for verifying that the received SCTs are sufficient.
+  // * Expected to return 1 if they are sufficient, otherwise 0.
+  // * May return a negative integer if an error occurs.
+  // * A connection should be aborted if the SCTs are deemed insufficient.
+  // */
+  //typedef TIdC_INT (*ssl_ct_validation_cb)(const CT_POLICY_EVAL_CTX *ctx,
+  //                                    const STACK_OF(SCT) *scts, void *arg);
+
+  ///*
+  // * Sets a |callback| that is invoked upon receipt of ServerHelloDone to validate
+  // * the received SCTs.
+  // * If the callback returns a non-positive result, the connection is terminated.
+  // * Call this function before beginning a handshake.
+  // * If a NULL |callback| is provided, SCT validation is disabled.
+  // * |arg| is arbitrary userdata that will be passed to the callback whenever it
+  // * is invoked. Ownership of |arg| remains with the caller.
+  // *
+  // * NOTE: A side-effect of setting a CT callback is that an OCSP stapled response
+  // *       will be requested.
+  // */
+  //function SSL_set_ct_validation_callback(s: PSSL; callback: ssl_ct_validation_cb; arg: Pointer): TIdC_INT;
+  //function SSL_CTX_set_ct_validation_callback(ctx: PSSL_CTX; callback: ssl_ct_validation_cb; arg: Pointer): TIdC_INT;
+
+  //#define SSL_disable_ct(s) \
+  //        ((void) SSL_set_validation_callback((s), NULL, NULL))
+  //#define SSL_CTX_disable_ct(ctx) \
+  //        ((void) SSL_CTX_set_validation_callback((ctx), NULL, NULL))
+
+  ///*
+  // * The validation type enumerates the available behaviours of the built-&in SSL
+  // * CT validation callback selected via SSL_enable_ct() and SSL_CTX_enable_ct().
+  // * The underlying callback is a static function &in libssl.
+  // */
+
+  ///*
+  // * Enable CT by setting up a callback that implements one of the built-&in
+  // * validation variants.  The SSL_CT_VALIDATION_PERMISSIVE variant always
+  // * continues the handshake, the application can make appropriate decisions at
+  // * handshake completion.  The SSL_CT_VALIDATION_STRICT variant requires at
+  // * least one valid SCT, or else handshake termination will be requested.  The
+  // * handshake may continue anyway if SSL_VERIFY_NONE is &in effect.
+  // */
+  function SSL_enable_ct(s: PSSL; validation_mode: TIdC_INT): TIdC_INT;
+  function SSL_CTX_enable_ct(ctx: PSSL_CTX; validation_mode: TIdC_INT): TIdC_INT;
+
+  ///*
+  // * Report whether a non-NULL callback is enabled.
+  // */
+  function SSL_ct_is_enabled(const s: PSSL): TIdC_INT;
+  function SSL_CTX_ct_is_enabled(const ctx: PSSL_CTX): TIdC_INT;
+
+  ///* Gets the SCTs received from a connection */
+  //const STACK_OF(SCT) *SSL_get0_peer_scts(s: PSSL);
+
+  function SSL_CTX_set_default_ctlog_list_file(ctx: PSSL_CTX): TIdC_INT;
+  function SSL_CTX_set_ctlog_list_file(ctx: PSSL_CTX; const path: PIdAnsiChar): TIdC_INT;
+  procedure SSL_CTX_set0_ctlog_store(ctx: PSSL_CTX; logs: PCTLOG_STORE);
+
+  // const CTLOG_STORE *SSL_CTX_get0_ctlog_store(const ctx: PSSL_CTX);
+
+  // # endif /* OPENSSL_NO_CT */
+
+  procedure SSL_set_security_level(s: PSSL; level: TIdC_INT);
+
+  ////__owur TIdC_INT SSL_get_security_level(const s: PSSL);
+  procedure SSL_set_security_callback(s: PSSL; cb: SSL_security_callback);
+  function SSL_get_security_callback(const s: PSSL): SSL_security_callback;
+  procedure SSL_set0_security_ex_data(s: PSSL; ex: Pointer);
+  function SSL_get0_security_ex_data(const s: PSSL): Pointer;
+  procedure SSL_CTX_set_security_level(ctx: PSSL_CTX; level: TIdC_INT);
+  function SSL_CTX_get_security_level(const ctx: PSSL_CTX): TIdC_INT;
+  //void SSL_CTX_set_security_callback(ctx: PSSL_CTX,
+  //                                   TIdC_INT (*cb) (const s: PSSL, const ctx: PSSL_CTX,
+  //                                              TIdC_INT op, TIdC_INT bits, TIdC_INT nid,
+  //                                              void *other, void *ex));
+  //TIdC_INT (*SSL_CTX_get_security_callback(const ctx: PSSL_CTX)) (const s: PSSL,
+  //                                                          const ctx: PSSL_CTX,
+  //                                                          TIdC_INT op, TIdC_INT bits,
+  //                                                          TIdC_INT nid,
+  //                                                          void *other,
+  //                                                          void *ex);
+
+  function SSL_CTX_get0_security_ex_data(const ctx: PSSL_CTX): Pointer;
+
+  procedure SSL_CTX_set0_security_ex_data(ctx: PSSL_CTX; ex: Pointer);
+
+  function OPENSSL_init_ssl(opts: TIdC_UINT64; const settings: POPENSSL_INIT_SETTINGS): TIdC_INT;
+
+  //# ifndef OPENSSL_NO_UNIT_TEST
+  //__owur const struct openssl_ssl_test_functions *SSL_test_functions(void);
+  //# endif
+
+  function SSL_free_buffers(ssl: PSSL): TIdC_INT;
+  function SSL_alloc_buffers(ssl: PSSL): TIdC_INT;
+
+  function SSL_CTX_set_session_ticket_cb(ctx: PSSL_CTX; gen_cb: SSL_CTX_generate_session_ticket_fn; dec_cb: SSL_CTX_decrypt_session_ticket_fn; arg: Pointer): TIdC_INT;
+
+  function SSL_SESSION_set1_ticket_appdata(ss: PSSL_SESSION; const data: Pointer; len: TIdC_SIZET): TIdC_INT;
+  function SSL_SESSION_get0_ticket_appdata(ss: PSSL_SESSION; data: PPointer; len: PIdC_SIZET): TIdC_INT;
+
+  //extern const PIdAnsiChar SSL_version_str[];
+
+  procedure DTLS_set_timer_cb(s: PSSL; cb: DTLS_timer_cb);
+  procedure SSL_CTX_set_allow_early_data_cb(ctx: PSSL_CTX; cb: SSL_allow_early_data_cb_fN; arg: Pointer);
+  procedure SSL_set_allow_early_data_cb(s: PSSL; cb: SSL_allow_early_data_cb_fN; arg: Pointer);
+
+implementation
+
+
{$REGION 'C compiler macros'}
+
//# define SSL_CTX_set_mode(ctx,op)      SSL_CTX_ctrl((ctx),SSL_CTRL_MODE,(op),NULL)
+function SSL_CTX_set_mode(ctx: PSSL_CTX; op: TIdC_LONG): TIdC_LONG;
+
begin
+
  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_MODE, op, nil);
+end;
+
+
//# define SSL_CTX_clear_mode(ctx,op)   SSL_CTX_ctrl((ctx),SSL_CTRL_CLEAR_MODE,(op),NULL)
+function SSL_CTX_clear_mode(ctx: PSSL_CTX; op: TIdC_LONG): TIdC_LONG;
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_CLEAR_MODE, op, nil);
+end;
+
+//# define SSL_CTX_sess_set_cache_size(ctx,t)         SSL_CTX_ctrl(ctx,SSL_CTRL_SET_SESS_CACHE_SIZE,t,NULL)
+function SSL_CTX_sess_set_cache_size(ctx: PSSL_CTX; t: TIdC_LONG): TIdC_LONG;
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_SET_SESS_CACHE_SIZE, t, nil);
+end;
+
+//# define SSL_CTX_sess_get_cache_size(ctx)           SSL_CTX_ctrl(ctx,SSL_CTRL_GET_SESS_CACHE_SIZE,0,NULL)
+function SSL_CTX_sess_get_cache_size(ctx: PSSL_CTX): TIdC_LONG;
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_GET_SESS_CACHE_SIZE, 0, nil);
+end;
+
+//# define SSL_CTX_set_session_cache_mode(ctx,m)      SSL_CTX_ctrl(ctx,SSL_CTRL_SET_SESS_CACHE_MODE,m,NULL)
+function SSL_CTX_set_session_cache_mode(ctx: PSSL_CTX; m: TIdC_LONG): TIdC_LONG;
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_SET_SESS_CACHE_MODE, m, nil);
+end;
+
+//# define SSL_CTX_get_session_cache_mode(ctx)        SSL_CTX_ctrl(ctx,SSL_CTRL_GET_SESS_CACHE_MODE,0,NULL)
+function SSL_CTX_get_session_cache_mode(ctx: PSSL_CTX): TIdC_LONG;
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_GET_SESS_CACHE_MODE, 0, nil);
+end;
+
+//# define SSL_num_renegotiations(ssl)                       SSL_ctrl((ssl),SSL_CTRL_GET_NUM_RENEGOTIATIONS,0,NULL)
+function SSL_num_renegotiations(ssl: PSSL): TIdC_LONG;
+begin
+  Result := SSL_ctrl(ssl, SSL_CTRL_GET_NUM_RENEGOTIATIONS, 0, nil);
+end;
+
+//# define SSL_clear_num_renegotiations(ssl)                 SSL_ctrl((ssl),SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS,0,NULL)
+function SSL_clear_num_renegotiations(ssl: PSSL): TIdC_LONG;
+begin
+  Result := SSL_ctrl(ssl, SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS, 0, nil);
+end;
+
+//# define SSL_total_renegotiations(ssl)                     SSL_ctrl((ssl),SSL_CTRL_GET_TOTAL_RENEGOTIATIONS,0,NULL)
+function SSL_total_renegotiations(ssl: PSSL): TIdC_LONG;
+begin
+  Result := SSL_ctrl(ssl, SSL_CTRL_GET_TOTAL_RENEGOTIATIONS, 0, nil);
+end;
+
+//# define SSL_CTX_set_tmp_dh(ctx,dh)                        SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_DH,0,(char *)(dh))
+function SSL_CTX_set_tmp_dh(ctx: PSSL_CTX; dh: PByte): TIdC_LONG;
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_SET_TMP_DH, 0, dh);
+end;
+
+//# define SSL_CTX_set_tmp_ecdh(ctx,ecdh)                    SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_ECDH,0,(char *)(ecdh))
+function SSL_CTX_set_tmp_ecdh(ctx: PSSL_CTX; ecdh: PByte): TIdC_LONG;
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_SET_TMP_ECDH, 0, ecdh);
+end;
+
+//# define SSL_CTX_set_dh_auto(ctx, onoff)                   SSL_CTX_ctrl(ctx,SSL_CTRL_SET_DH_AUTO,onoff,NULL)
+function SSL_CTX_set_dh_auto(ctx: PSSL_CTX; onoff: TIdC_LONG): TIdC_LONG;
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_SET_DH_AUTO, onoff, nil);
+end;
+
+//# define SSL_set_dh_auto(s, onoff)                         SSL_ctrl(s,SSL_CTRL_SET_DH_AUTO,onoff,NULL)
+function SSL_set_dh_auto(s: PSSL; onoff: TIdC_LONG): TIdC_LONG;
+begin
+  Result := SSL_ctrl(s, SSL_CTRL_SET_DH_AUTO, onoff, nil);
+end;
+
+//# define SSL_set_tmp_dh(ssl,dh)                            SSL_ctrl(ssl,SSL_CTRL_SET_TMP_DH,0,(char *)(dh))
+function SSL_set_tmp_dh(ssl: PSSL; dh: PByte): TIdC_LONG;
+begin
+  Result := SSL_ctrl(ssl, SSL_CTRL_SET_TMP_DH, 0, dh);
+end;
+
+//# define SSL_set_tmp_ecdh(ssl,ecdh)                        SSL_ctrl(ssl,SSL_CTRL_SET_TMP_ECDH,0,(char *)(ecdh))
+function SSL_set_tmp_ecdh(ssl: PSSL; ecdh: PByte): TIdC_LONG;
+begin
+  Result := SSL_ctrl(ssl, SSL_CTRL_SET_TMP_ECDH, 0, ecdh);
+end;
+
+//# define SSL_CTX_add_extra_chain_cert(ctx,x509)            SSL_CTX_ctrl(ctx,SSL_CTRL_EXTRA_CHAIN_CERT,0,(char *)(x509))
+function SSL_CTX_add_extra_chain_cert(ctx: PSSL_CTX; x509: PByte): TIdC_LONG;
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_EXTRA_CHAIN_CERT, 0, x509);
+end;
+
+//# define SSL_CTX_get_extra_chain_certs(ctx,px509)          SSL_CTX_ctrl(ctx,SSL_CTRL_GET_EXTRA_CHAIN_CERTS,0,px509)
+function SSL_CTX_get_extra_chain_certs(ctx: PSSL_CTX; px509: Pointer): TIdC_LONG;
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_GET_EXTRA_CHAIN_CERTS, 0, px509);
+end;
+
+//# define SSL_CTX_get_extra_chain_certs_only(ctx,px509)     SSL_CTX_ctrl(ctx,SSL_CTRL_GET_EXTRA_CHAIN_CERTS,1,px509)
+function SSL_CTX_get_extra_chain_certs_only(ctx: PSSL_CTX; px509: Pointer): TIdC_LONG;
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_GET_EXTRA_CHAIN_CERTS, 1, px509);
+end;
+
+//# define SSL_CTX_clear_extra_chain_certs(ctx)              SSL_CTX_ctrl(ctx,SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS,0,NULL)
+function SSL_CTX_clear_extra_chain_certs(ctx: PSSL_CTX): TIdC_LONG;
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS, 0, nil);
+end;
+
+//# define SSL_CTX_set0_chain(ctx,sk)                        SSL_CTX_ctrl(ctx,SSL_CTRL_CHAIN,0,(char *)(sk))
+function SSL_CTX_set0_chain(ctx: PSSL_CTX; sk: PByte): TIdC_LONG;
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_CHAIN, 0, sk);
+end;
+
+//# define SSL_CTX_set1_chain(ctx,sk)                        SSL_CTX_ctrl(ctx,SSL_CTRL_CHAIN,1,(char *)(sk))
+function SSL_CTX_set1_chain(ctx: PSSL_CTX; sk: PByte): TIdC_LONG;
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_CHAIN, 1, sk);
+end;
+
+//# define SSL_CTX_add0_chain_cert(ctx,x509)                 SSL_CTX_ctrl(ctx,SSL_CTRL_CHAIN_CERT,0,(char *)(x509))
+function SSL_CTX_add0_chain_cert(ctx: PSSL_CTX; x509: PByte): TIdC_LONG;
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_CHAIN_CERT, 0, x509);
+end;
+
+//# define SSL_CTX_add1_chain_cert(ctx,x509)                 SSL_CTX_ctrl(ctx,SSL_CTRL_CHAIN_CERT,1,(char *)(x509))
+function SSL_CTX_add1_chain_cert(ctx: PSSL_CTX; x509: PByte): TIdC_LONG;
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_CHAIN_CERT, 1, x509);
+end;
+
+//# define SSL_CTX_get0_chain_certs(ctx,px509)               SSL_CTX_ctrl(ctx,SSL_CTRL_GET_CHAIN_CERTS,0,px509)
+function SSL_CTX_get0_chain_certs(ctx: PSSL_CTX; px509: Pointer): TIdC_LONG;
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_GET_CHAIN_CERTS, 0, px509);
+end;
+
+//# define SSL_CTX_clear_chain_certs(ctx)                    SSL_CTX_set0_chain(ctx,NULL)
+function SSL_CTX_clear_chain_certs(ctx: PSSL_CTX): TIdC_LONG;
+begin
+  Result := SSL_CTX_set0_chain(ctx, nil);
+end;
+
+//# define SSL_CTX_build_cert_chain(ctx, flags)              SSL_CTX_ctrl(ctx,SSL_CTRL_BUILD_CERT_CHAIN, flags, NULL)
+function SSL_CTX_build_cert_chain(ctx: PSSL_CTX; flags: TIdC_LONG): TIdC_LONG;
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_BUILD_CERT_CHAIN, flags, nil);
+end;
+
+//# define SSL_CTX_select_current_cert(ctx,x509)             SSL_CTX_ctrl(ctx,SSL_CTRL_SELECT_CURRENT_CERT,0,(char *)(x509))
+function SSL_CTX_select_current_cert(ctx: PSSL_CTX; x509: PByte): TIdC_LONG;
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_SELECT_CURRENT_CERT, 0, x509);
+end;
+
+//# define SSL_CTX_set_current_cert(ctx, op)                 SSL_CTX_ctrl(ctx,SSL_CTRL_SET_CURRENT_CERT, op, NULL)
+function SSL_CTX_set_current_cert(ctx: PSSL_CTX; op: TIdC_LONG): TIdC_LONG;
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_SET_CURRENT_CERT, op, nil);
+end;
+
+//# define SSL_CTX_set0_verify_cert_store(ctx,st)            SSL_CTX_ctrl(ctx,SSL_CTRL_SET_VERIFY_CERT_STORE,0,(char *)(st))
+function SSL_CTX_set0_verify_cert_store(ctx: PSSL_CTX; st: Pointer): TIdC_LONG;
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_SET_VERIFY_CERT_STORE, 0, st);
+end;
+
+//# define SSL_CTX_set1_verify_cert_store(ctx,st)            SSL_CTX_ctrl(ctx,SSL_CTRL_SET_VERIFY_CERT_STORE,1,(char *)(st))
+function SSL_CTX_set1_verify_cert_store(ctx: PSSL_CTX; st: Pointer): TIdC_LONG;
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_SET_VERIFY_CERT_STORE, 1, st);
+end;
+
+//# define SSL_CTX_set0_chain_cert_store(ctx,st)             SSL_CTX_ctrl(ctx,SSL_CTRL_SET_CHAIN_CERT_STORE,0,(char *)(st))
+function SSL_CTX_set0_chain_cert_store(ctx: PSSL_CTX; st: Pointer): TIdC_LONG;
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_SET_CHAIN_CERT_STORE, 0, st);
+end;
+
+//# define SSL_CTX_set1_chain_cert_store(ctx,st)             SSL_CTX_ctrl(ctx,SSL_CTRL_SET_CHAIN_CERT_STORE,1,(char *)(st))
+function SSL_CTX_set1_chain_cert_store(ctx: PSSL_CTX; st: Pointer): TIdC_LONG;
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_SET_CHAIN_CERT_STORE, 1, st);
+end;
+
+//# define SSL_set0_chain(s,sk)                              SSL_ctrl(s,SSL_CTRL_CHAIN,0,(char *)(sk))
+function SSL_set0_chain(s: PSSL; sk: PByte): TIdC_LONG;
+begin
+  Result := SSL_ctrl(s, SSL_CTRL_CHAIN, 0, sk);
+end;
+
+//# define SSL_set1_chain(s,sk)                              SSL_ctrl(s,SSL_CTRL_CHAIN,1,(char *)(sk))
+function SSL_set1_chain(s: PSSL; sk: PByte): TIdC_LONG;
+begin
+  Result := SSL_ctrl(s, SSL_CTRL_CHAIN, 1, sk);
+end;
+
+//# define SSL_add0_chain_cert(s,x509)                       SSL_ctrl(s,SSL_CTRL_CHAIN_CERT,0,(char *)(x509))
+function SSL_add0_chain_cert(s: PSSL; x509: PByte): TIdC_LONG;
+begin
+  Result := SSL_ctrl(s, SSL_CTRL_CHAIN_CERT, 0, x509);
+end;
+
+//# define SSL_add1_chain_cert(s,x509)                       SSL_ctrl(s,SSL_CTRL_CHAIN_CERT,1,(char *)(x509))
+function SSL_add1_chain_cert(s: PSSL; x509: PByte): TIdC_LONG;
+begin
+  Result := SSL_ctrl(s, SSL_CTRL_CHAIN_CERT, 1, x509);
+end;
+
+//# define SSL_get0_chain_certs(s,px509)                     SSL_ctrl(s,SSL_CTRL_GET_CHAIN_CERTS,0,px509)
+function SSL_get0_chain_certs(s: PSSL; px509: Pointer): TIdC_LONG;
+begin
+  Result := SSL_ctrl(s, SSL_CTRL_GET_CHAIN_CERTS, 0, px509);
+end;
+
+//# define SSL_clear_chain_certs(s)                          SSL_set0_chain(s,NULL)
+function SSL_clear_chain_certs(s: PSSL): TIdC_LONG;
+begin
+  Result := SSL_set0_chain(s, nil);
+end;
+
+//# define SSL_build_cert_chain(s, flags)                    SSL_ctrl(s,SSL_CTRL_BUILD_CERT_CHAIN, flags, NULL)
+function SSL_build_cert_chain(s: PSSL; flags: TIdC_LONG): TIdC_LONG;
+begin
+  Result := SSL_ctrl(s, SSL_CTRL_BUILD_CERT_CHAIN, flags, nil);
+end;
+
+//# define SSL_select_current_cert(s,x509)                   SSL_ctrl(s,SSL_CTRL_SELECT_CURRENT_CERT,0,(char *)(x509))
+function SSL_select_current_cert(s: PSSL; x509: PByte): TIdC_LONG;
+begin
+  Result := SSL_ctrl(s, SSL_CTRL_SELECT_CURRENT_CERT, 0, x509);
+end;
+
+//# define SSL_set_current_cert(s,op)                        SSL_ctrl(s,SSL_CTRL_SET_CURRENT_CERT, op, NULL)
+function SSL_set_current_cert(s: PSSL; op: TIdC_LONG): TIdC_LONG;
+begin
+  Result := SSL_ctrl(s, SSL_CTRL_SET_CURRENT_CERT, op, nil);
+end;
+
+//# define SSL_set0_verify_cert_store(s,st)                  SSL_ctrl(s,SSL_CTRL_SET_VERIFY_CERT_STORE,0,(char *)(st))
+function SSL_set0_verify_cert_store(s: PSSL; st: PByte): TIdC_LONG;
+begin
+  Result := SSL_ctrl(s, SSL_CTRL_SET_VERIFY_CERT_STORE, 0, st);
+end;
+
+//# define SSL_set1_verify_cert_store(s,st)                  SSL_ctrl(s,SSL_CTRL_SET_VERIFY_CERT_STORE,1,(char *)(st))
+function SSL_set1_verify_cert_store(s: PSSL; st: PByte): TIdC_LONG;
+begin
+  Result := SSL_ctrl(s, SSL_CTRL_SET_VERIFY_CERT_STORE, 1, st);
+end;
+
+//# define SSL_set0_chain_cert_store(s,st)                   SSL_ctrl(s,SSL_CTRL_SET_CHAIN_CERT_STORE,0,(char *)(st))
+function SSL_set0_chain_cert_store(s: PSSL; st: PByte): TIdC_LONG;
+begin
+  Result := SSL_ctrl(s, SSL_CTRL_SET_CHAIN_CERT_STORE, 0, st);
+end;
+
+//# define SSL_set1_chain_cert_store(s,st)                   SSL_ctrl(s,SSL_CTRL_SET_CHAIN_CERT_STORE,1,(char *)(st))
+function SSL_set1_chain_cert_store(s: PSSL; st: PByte): TIdC_LONG;
+begin
+  Result := SSL_ctrl(s, SSL_CTRL_SET_CHAIN_CERT_STORE, 1, st);
+end;
+
+//# define SSL_get1_groups(s, glist)                         SSL_ctrl(s,SSL_CTRL_GET_GROUPS,0,(TIdC_INT*)(glist))
+function SSL_get1_groups(s: PSSL; glist: PIdC_INT): TIdC_LONG;
+begin
+  Result := SSL_ctrl(s, SSL_CTRL_GET_GROUPS, 0, glist);
+end;
+
+//# define SSL_CTX_set1_groups(ctx, glist, glistlen)         SSL_CTX_ctrl(ctx,SSL_CTRL_SET_GROUPS,glistlen,(char *)(glist))
+function SSL_CTX_set1_groups(ctx: PSSL_CTX; glist: PByte; glistlen: TIdC_LONG): TIdC_LONG;
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_SET_GROUPS, glistlen, glist);
+end;
+
+//# define SSL_CTX_set1_groups_list(ctx, s)                  SSL_CTX_ctrl(ctx,SSL_CTRL_SET_GROUPS_LIST,0,(char *)(s))
+function SSL_CTX_set1_groups_list(ctx: PSSL_CTX; s: PByte): TIdC_LONG;
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_SET_GROUPS_LIST, 0, s);
+end;
+
+//# define SSL_set1_groups(s, glist, glistlen)               SSL_ctrl(s,SSL_CTRL_SET_GROUPS,glistlen,(char *)(glist))
+function SSL_set1_groups(s: PSSL; glist: PByte; glistlen: TIdC_LONG): TIdC_LONG;
+begin
+  Result := SSL_ctrl(s, SSL_CTRL_SET_GROUPS, glistlen, glist);
+end;
+
+//# define SSL_set1_groups_list(s, str)                      SSL_ctrl(s,SSL_CTRL_SET_GROUPS_LIST,0,(char *)(str))
+function SSL_set1_groups_list(s: PSSL; str: PByte): TIdC_LONG;
+begin
+  Result := SSL_ctrl(s, SSL_CTRL_SET_GROUPS_LIST, 0, str);
+end;
+
+//# define SSL_get_shared_group(s, n)                        SSL_ctrl(s,SSL_CTRL_GET_SHARED_GROUP,n,NULL)
+function SSL_get_shared_group(s: PSSL; n: TIdC_LONG): TIdC_LONG;
+begin
+  Result := SSL_ctrl(s, SSL_CTRL_GET_SHARED_GROUP, n, nil);
+end;
+
+//# define SSL_CTX_set1_sigalgs(ctx, slist, slistlen)        SSL_CTX_ctrl(ctx,SSL_CTRL_SET_SIGALGS,slistlen,(TIdC_INT *)(slist))
+function SSL_CTX_set1_sigalgs(ctx: PSSL_CTX; slist: PIdC_INT; slistlen: TIdC_LONG): TIdC_LONG;
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_SET_SIGALGS, slistlen, slist);
+end;
+
+//# define SSL_CTX_set1_sigalgs_list(ctx, s)                 SSL_CTX_ctrl(ctx,SSL_CTRL_SET_SIGALGS_LIST,0,(char *)(s))
+function SSL_CTX_set1_sigalgs_list(ctx: PSSL_CTX; s: PByte): TIdC_LONG;
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_SET_SIGALGS_LIST, 0, s);
+end;
+
+//# define SSL_set1_sigalgs(s, slist, slistlen)              SSL_ctrl(s,SSL_CTRL_SET_SIGALGS,slistlen,(TIdC_INT *)(slist))
+function SSL_set1_sigalgs(s: PSSL; slist: PIdC_INT; slistlen: TIdC_LONG): TIdC_LONG;
+begin
+  Result := SSL_ctrl(s, SSL_CTRL_SET_SIGALGS, slistlen, slist);
+end;
+
+//# define SSL_set1_sigalgs_list(s, str)                     SSL_ctrl(s,SSL_CTRL_SET_SIGALGS_LIST,0,(char *)(str))
+function SSL_set1_sigalgs_list(s: PSSL; str: PByte): TIdC_LONG;
+begin
+  Result := SSL_ctrl(s, SSL_CTRL_SET_SIGALGS_LIST, 0, str);
+end;
+
+//# define SSL_CTX_set1_client_sigalgs(ctx, slist, slistlen) SSL_CTX_ctrl(ctx,SSL_CTRL_SET_CLIENT_SIGALGS,slistlen,(TIdC_INT *)(slist))
+function SSL_CTX_set1_client_sigalgs(ctx: PSSL_CTX; slist: PIdC_INT; slistlen: TIdC_LONG): TIdC_LONG;
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_SET_CLIENT_SIGALGS, slistlen, slist);
+end;
+
+//# define SSL_CTX_set1_client_sigalgs_list(ctx, s)          SSL_CTX_ctrl(ctx,SSL_CTRL_SET_CLIENT_SIGALGS_LIST,0,(char *)(s))
+function SSL_CTX_set1_client_sigalgs_list(ctx: PSSL_CTX; s: PByte): TIdC_LONG;
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_SET_CLIENT_SIGALGS_LIST, 0, s);
+end;
+
+//# define SSL_set1_client_sigalgs(s, slist, slistlen)       SSL_ctrl(s,SSL_CTRL_SET_CLIENT_SIGALGS,slistlen,(TIdC_INT *)(slist))
+function SSL_set1_client_sigalgs(s: PSSL; slist: PIdC_INT; slistlen: TIdC_LONG): TIdC_LONG;
+begin
+  Result := SSL_ctrl(s, SSL_CTRL_SET_CLIENT_SIGALGS, slistlen, slist);
+end;
+
+//# define SSL_set1_client_sigalgs_list(s, str)              SSL_ctrl(s,SSL_CTRL_SET_CLIENT_SIGALGS_LIST,0,(char *)(str))
+function SSL_set1_client_sigalgs_list(s: PSSL; str: PByte): TIdC_LONG;
+begin
+  Result := SSL_ctrl(s, SSL_CTRL_SET_CLIENT_SIGALGS_LIST, 0, str);
+end;
+
+//# define SSL_get0_certificate_types(s, clist)              SSL_ctrl(s, SSL_CTRL_GET_CLIENT_CERT_TYPES, 0, (char *)(clist))
+function SSL_get0_certificate_types(s: PSSL; clist: PByte): TIdC_LONG;
+begin
+  Result := SSL_ctrl(s, SSL_CTRL_GET_CLIENT_CERT_TYPES, 0, clist);
+end;
+
+//# define SSL_CTX_set1_client_certificate_types(ctx, clist, clistlen)   SSL_CTX_ctrl(ctx,SSL_CTRL_SET_CLIENT_CERT_TYPES,clistlen, (char *)(clist))
+function SSL_CTX_set1_client_certificate_types(ctx: PSSL_CTX; clist: PByte; clistlen: TIdC_LONG): TIdC_LONG;
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_SET_CLIENT_CERT_TYPES, clistlen, clist);
+end;
+
+//# define SSL_set1_client_certificate_types(s, clist, clistlen)         SSL_ctrl(s,SSL_CTRL_SET_CLIENT_CERT_TYPES,clistlen,(char *)(clist))
+function SSL_set1_client_certificate_types(s: PSSL; clist: PByte; clistlen: TIdC_LONG): TIdC_LONG;
+begin
+  Result := SSL_ctrl(s, SSL_CTRL_SET_CLIENT_CERT_TYPES, clistlen, clist);
+end;
+
+//# define SSL_get_signature_nid(s, pn)                      SSL_ctrl(s,SSL_CTRL_GET_SIGNATURE_NID,0,pn)
+function SSL_get_signature_nid(s: PSSL; pn: Pointer): TIdC_LONG;
+begin
+  Result := SSL_ctrl(s, SSL_CTRL_GET_SIGNATURE_NID, 0, pn);
+end;
+
+//# define SSL_get_peer_signature_nid(s, pn)                 SSL_ctrl(s,SSL_CTRL_GET_PEER_SIGNATURE_NID,0,pn)
+function SSL_get_peer_signature_nid(s: PSSL; pn: Pointer): TIdC_LONG;
+begin
+  Result := SSL_ctrl(s, SSL_CTRL_GET_PEER_SIGNATURE_NID, 0, pn);
+end;
+
+//# define SSL_get_peer_tmp_key(s, pk)                       SSL_ctrl(s,SSL_CTRL_GET_PEER_TMP_KEY,0,pk)
+function SSL_get_peer_tmp_key(s: PSSL; pk: Pointer): TIdC_LONG;
+begin
+  Result := SSL_ctrl(s, SSL_CTRL_GET_PEER_TMP_KEY, 0, pk);
+end;
+
+//# define SSL_get_tmp_key(s, pk)                            SSL_ctrl(s,SSL_CTRL_GET_TMP_KEY,0,pk)
+function SSL_get_tmp_key(s: PSSL; pk: Pointer): TIdC_LONG;
+begin
+  Result := SSL_ctrl(s, SSL_CTRL_GET_TMP_KEY, 0, pk);
+end;
+
+//# define SSL_get0_raw_cipherlist(s, plst)                  SSL_ctrl(s,SSL_CTRL_GET_RAW_CIPHERLIST,0,plst)
+function SSL_get0_raw_cipherlist(s: PSSL; plst: Pointer): TIdC_LONG;
+begin
+  Result := SSL_ctrl(s, SSL_CTRL_GET_RAW_CIPHERLIST, 0, plst);
+end;
+
+//# define SSL_get0_ec_point_formats(s, plst)                SSL_ctrl(s,SSL_CTRL_GET_EC_POINT_FORMATS,0,plst)
+function SSL_get0_ec_point_formats(s: PSSL; plst: Pointer): TIdC_LONG;
+begin
+  Result := SSL_ctrl(s, SSL_CTRL_GET_EC_POINT_FORMATS, 0, plst);
+end;
+
+//# define SSL_CTX_set_min_proto_version(ctx, version)       SSL_CTX_ctrl(ctx, SSL_CTRL_SET_MIN_PROTO_VERSION, version, NULL)
+function SSL_CTX_set_min_proto_version(ctx: PSSL_CTX; version: TIdC_LONG): TIdC_LONG;
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_SET_MIN_PROTO_VERSION, version, nil);
+end;
+
+//# define SSL_CTX_set_max_proto_version(ctx, version)       SSL_CTX_ctrl(ctx, SSL_CTRL_SET_MAX_PROTO_VERSION, version, NULL)
+function SSL_CTX_set_max_proto_version(ctx: PSSL_CTX; version: TIdC_LONG): TIdC_LONG;
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_SET_MAX_PROTO_VERSION, version, nil);
+end;
+
+//# define SSL_CTX_get_min_proto_version(ctx)                SSL_CTX_ctrl(ctx, SSL_CTRL_GET_MIN_PROTO_VERSION, 0, NULL)
+function SSL_CTX_get_min_proto_version(ctx: PSSL_CTX): TIdC_LONG;
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_GET_MIN_PROTO_VERSION, 0, nil);
+end;
+
+//# define SSL_CTX_get_max_proto_version(ctx)                SSL_CTX_ctrl(ctx, SSL_CTRL_GET_MAX_PROTO_VERSION, 0, NULL)
+function SSL_CTX_get_max_proto_version(ctx: PSSL_CTX): TIdC_LONG;
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_GET_MAX_PROTO_VERSION, 0, nil);
+end;
+
+//# define SSL_set_min_proto_version(s, version)             SSL_ctrl(s, SSL_CTRL_SET_MIN_PROTO_VERSION, version, NULL)
+function SSL_set_min_proto_version(s: PSSL; version: TIdC_LONG): TIdC_LONG;
+begin
+  Result := SSL_ctrl(s, SSL_CTRL_SET_MIN_PROTO_VERSION, version, nil);
+end;
+
+//# define SSL_set_max_proto_version(s, version)             SSL_ctrl(s, SSL_CTRL_SET_MAX_PROTO_VERSION, version, NULL)
+function SSL_set_max_proto_version(s: PSSL; version: TIdC_LONG): TIdC_LONG;
+begin
+  Result := SSL_ctrl(s, SSL_CTRL_SET_MAX_PROTO_VERSION, version, nil);
+end;
+
+//# define SSL_get_min_proto_version(s)                      SSL_ctrl(s, SSL_CTRL_GET_MIN_PROTO_VERSION, 0, NULL)
+function SSL_get_min_proto_version(s: PSSL): TIdC_LONG;
+begin
+  Result := SSL_ctrl(s, SSL_CTRL_GET_MIN_PROTO_VERSION, 0, nil);
+end;
+
+//# define SSL_get_max_proto_version(s)                      SSL_ctrl(s, SSL_CTRL_GET_MAX_PROTO_VERSION, 0, NULL)
+function SSL_get_max_proto_version(s: PSSL): TIdC_LONG;
+begin
+  Result := SSL_ctrl(s, SSL_CTRL_GET_MAX_PROTO_VERSION, 0, nil);
+end;
+{$ENDREGION}
+
+end.
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ssl3.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ssl3.pas
new file mode 100644
index 000000000..d47015345
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ssl3.pas
@@ -0,0 +1,325 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+unit IdOpenSSLHeaders_ssl3;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// ssl3.h
+
+{$i IdCompilerDefines.inc}
+
+const
+  (*
+   * Signalling cipher suite value from RFC 5746
+   * (TLS_EMPTY_RENEGOTIATION_INFO_SCSV)
+   *)
+  SSL3_CK_SCSV = $030000FF;
+
+  (*
+  * Signalling cipher suite value from draft-ietf-tls-downgrade-scsv-00
+  * (TLS_FALLBACK_SCSV)
+  *)
+  SSL3_CK_FALLBACK_SCSV = $03005600;
+
+  SSL3_CK_RSA_NULL_MD5 = $03000001;
+  SSL3_CK_RSA_NULL_SHA = $03000002;
+  SSL3_CK_RSA_RC4_40_MD5 = $03000003;
+  SSL3_CK_RSA_RC4_128_MD5 = $03000004;
+  SSL3_CK_RSA_RC4_128_SHA = $03000005;
+  SSL3_CK_RSA_RC2_40_MD5 = $03000006;
+  SSL3_CK_RSA_IDEA_128_SHA = $03000007;
+  SSL3_CK_RSA_DES_40_CBC_SHA = $03000008;
+  SSL3_CK_RSA_DES_64_CBC_SHA = $03000009;
+  SSL3_CK_RSA_DES_192_CBC3_SHA = $0300000A;
+
+  SSL3_CK_DH_DSS_DES_40_CBC_SHA = $0300000B;
+  SSL3_CK_DH_DSS_DES_64_CBC_SHA = $0300000C;
+  SSL3_CK_DH_DSS_DES_192_CBC3_SHA = $0300000D;
+  SSL3_CK_DH_RSA_DES_40_CBC_SHA = $0300000E;
+  SSL3_CK_DH_RSA_DES_64_CBC_SHA = $0300000F;
+  SSL3_CK_DH_RSA_DES_192_CBC3_SHA = $03000010;
+
+  SSL3_CK_DHE_DSS_DES_40_CBC_SHA = $03000011;
+  SSL3_CK_EDH_DSS_DES_40_CBC_SHA = SSL3_CK_DHE_DSS_DES_40_CBC_SHA;
+  SSL3_CK_DHE_DSS_DES_64_CBC_SHA = $03000012;
+  SSL3_CK_EDH_DSS_DES_64_CBC_SHA = SSL3_CK_DHE_DSS_DES_64_CBC_SHA;
+  SSL3_CK_DHE_DSS_DES_192_CBC3_SHA = $03000013;
+  SSL3_CK_EDH_DSS_DES_192_CBC3_SHA = SSL3_CK_DHE_DSS_DES_192_CBC3_SHA;
+  SSL3_CK_DHE_RSA_DES_40_CBC_SHA = $03000014;
+  SSL3_CK_EDH_RSA_DES_40_CBC_SHA = SSL3_CK_DHE_RSA_DES_40_CBC_SHA;
+  SSL3_CK_DHE_RSA_DES_64_CBC_SHA = $03000015;
+  SSL3_CK_EDH_RSA_DES_64_CBC_SHA = SSL3_CK_DHE_RSA_DES_64_CBC_SHA;
+  SSL3_CK_DHE_RSA_DES_192_CBC3_SHA = $03000016;
+  SSL3_CK_EDH_RSA_DES_192_CBC3_SHA = SSL3_CK_DHE_RSA_DES_192_CBC3_SHA;
+
+  SSL3_CK_ADH_RC4_40_MD5 = $03000017;
+  SSL3_CK_ADH_RC4_128_MD5 = $03000018;
+  SSL3_CK_ADH_DES_40_CBC_SHA = $03000019;
+  SSL3_CK_ADH_DES_64_CBC_SHA = $0300001A;
+  SSL3_CK_ADH_DES_192_CBC_SHA = $0300001B;
+
+  (* a bundle of RFC standard cipher names, generated from ssl3_ciphers[] *)
+  SSL3_RFC_RSA_NULL_MD5 = 'TLS_RSA_WITH_NULL_MD5';
+  SSL3_RFC_RSA_NULL_SHA = 'TLS_RSA_WITH_NULL_SHA';
+  SSL3_RFC_RSA_DES_192_CBC3_SHA = 'TLS_RSA_WITH_3DES_EDE_CBC_SHA';
+  SSL3_RFC_DHE_DSS_DES_192_CBC3_SHA = 'TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA';
+  SSL3_RFC_DHE_RSA_DES_192_CBC3_SHA = 'TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA';
+  SSL3_RFC_ADH_DES_192_CBC_SHA = 'TLS_DH_anon_WITH_3DES_EDE_CBC_SHA';
+  SSL3_RFC_RSA_IDEA_128_SHA = 'TLS_RSA_WITH_IDEA_CBC_SHA';
+  SSL3_RFC_RSA_RC4_128_MD5 = 'TLS_RSA_WITH_RC4_128_MD5';
+  SSL3_RFC_RSA_RC4_128_SHA = 'TLS_RSA_WITH_RC4_128_SHA';
+  SSL3_RFC_ADH_RC4_128_MD5 = 'TLS_DH_anon_WITH_RC4_128_MD5';
+
+  SSL3_TXT_RSA_NULL_MD5 = 'NULL-MD5';
+  SSL3_TXT_RSA_NULL_SHA = 'NULL-SHA';
+  SSL3_TXT_RSA_RC4_40_MD5 = 'EXP-RC4-MD5';
+  SSL3_TXT_RSA_RC4_128_MD5 = 'RC4-MD5';
+  SSL3_TXT_RSA_RC4_128_SHA = 'RC4-SHA';
+  SSL3_TXT_RSA_RC2_40_MD5 = 'EXP-RC2-CBC-MD5';
+  SSL3_TXT_RSA_IDEA_128_SHA = 'IDEA-CBC-SHA';
+  SSL3_TXT_RSA_DES_40_CBC_SHA = 'EXP-DES-CBC-SHA';
+  SSL3_TXT_RSA_DES_64_CBC_SHA = 'DES-CBC-SHA';
+  SSL3_TXT_RSA_DES_192_CBC3_SHA = 'DES-CBC3-SHA';
+
+  SSL3_TXT_DH_DSS_DES_40_CBC_SHA = 'EXP-DH-DSS-DES-CBC-SHA';
+  SSL3_TXT_DH_DSS_DES_64_CBC_SHA = 'DH-DSS-DES-CBC-SHA';
+  SSL3_TXT_DH_DSS_DES_192_CBC3_SHA = 'DH-DSS-DES-CBC3-SHA';
+  SSL3_TXT_DH_RSA_DES_40_CBC_SHA = 'EXP-DH-RSA-DES-CBC-SHA';
+  SSL3_TXT_DH_RSA_DES_64_CBC_SHA = 'DH-RSA-DES-CBC-SHA';
+  SSL3_TXT_DH_RSA_DES_192_CBC3_SHA = 'DH-RSA-DES-CBC3-SHA';
+
+  SSL3_TXT_DHE_DSS_DES_40_CBC_SHA = 'EXP-DHE-DSS-DES-CBC-SHA';
+  SSL3_TXT_DHE_DSS_DES_64_CBC_SHA = 'DHE-DSS-DES-CBC-SHA';
+  SSL3_TXT_DHE_DSS_DES_192_CBC3_SHA = 'DHE-DSS-DES-CBC3-SHA';
+  SSL3_TXT_DHE_RSA_DES_40_CBC_SHA = 'EXP-DHE-RSA-DES-CBC-SHA';
+  SSL3_TXT_DHE_RSA_DES_64_CBC_SHA = 'DHE-RSA-DES-CBC-SHA';
+  SSL3_TXT_DHE_RSA_DES_192_CBC3_SHA = 'DHE-RSA-DES-CBC3-SHA';
+
+  (*
+   * This next block of six 'EDH' labels is for backward compatibility with
+   * older versions of OpenSSL.  New code should use the six 'DHE' labels above
+   * instead:
+   *)
+  SSL3_TXT_EDH_DSS_DES_40_CBC_SHA = 'EXP-EDH-DSS-DES-CBC-SHA';
+  SSL3_TXT_EDH_DSS_DES_64_CBC_SHA = 'EDH-DSS-DES-CBC-SHA';
+  SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA = 'EDH-DSS-DES-CBC3-SHA';
+  SSL3_TXT_EDH_RSA_DES_40_CBC_SHA = 'EXP-EDH-RSA-DES-CBC-SHA';
+  SSL3_TXT_EDH_RSA_DES_64_CBC_SHA = 'EDH-RSA-DES-CBC-SHA';
+  SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA = 'EDH-RSA-DES-CBC3-SHA';
+
+  SSL3_TXT_ADH_RC4_40_MD5 = 'EXP-ADH-RC4-MD5';
+  SSL3_TXT_ADH_RC4_128_MD5 = 'ADH-RC4-MD5';
+  SSL3_TXT_ADH_DES_40_CBC_SHA = 'EXP-ADH-DES-CBC-SHA';
+  SSL3_TXT_ADH_DES_64_CBC_SHA = 'ADH-DES-CBC-SHA';
+  SSL3_TXT_ADH_DES_192_CBC_SHA = 'ADH-DES-CBC3-SHA';
+
+  SSL3_SSL_SESSION_ID_LENGTH = 32;
+  SSL3_MAX_SSL_SESSION_ID_LENGTH = 32;
+
+  SSL3_MASTER_SECRET_SIZE = 48;
+  SSL3_RANDOM_SIZE = 32;
+  SSL3_SESSION_ID_SIZE = 32;
+  SSL3_RT_HEADER_LENGTH = 5;
+
+  SSL3_HM_HEADER_LENGTH = 4;
+
+  (*
+   * Some will argue that this increases memory footprint, but it's not
+   * actually true. Point is that malloc has to return at least 64-bit aligned
+   * pointers, meaning that allocating 5 bytes wastes 3 bytes in either case.
+   * Suggested pre-gaping simply moves these wasted bytes from the end of
+   * allocated region to its front, but makes data payload aligned, which
+   * improves performance:-)
+   *)
+  SSL3_ALIGN_PAYLOAD = 8;
+
+
+  (*
+   * This is the maximum MAC (digest) size used by the SSL library. Currently
+   * maximum of 20 is used by SHA1, but we reserve for future extension for
+   * 512-bit hashes.
+   *)
+  SSL3_RT_MAX_MD_SIZE = 64;
+
+  (*
+   * Maximum block size used in all ciphersuites. Currently 16 for AES.
+   *)
+  SSL_RT_MAX_CIPHER_BLOCK_SIZE = 16;
+  SSL3_RT_MAX_EXTRA = 16384;
+
+  (* Maximum plaintext length: defined by SSL/TLS standards *)
+  SSL3_RT_MAX_PLAIN_LENGTH = 16384;
+  (* Maximum compression overhead: defined by SSL/TLS standards *)
+  SSL3_RT_MAX_COMPRESSED_OVERHEAD = 1024;
+
+  (*
+   * The standards give a maximum encryption overhead of 1024 bytes. In
+   * practice the value is lower than this. The overhead is the maximum number
+   * of padding bytes (256) plus the mac size.
+   *)
+  SSL3_RT_MAX_ENCRYPTED_OVERHEAD = 256 + SSL3_RT_MAX_MD_SIZE;
+  SSL3_RT_MAX_TLS13_ENCRYPTED_OVERHEAD = 256;
+
+  (*
+   * OpenSSL currently only uses a padding length of at most one block so the
+   * send overhead is smaller.
+   *)
+  SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD = SSL_RT_MAX_CIPHER_BLOCK_SIZE + SSL3_RT_MAX_MD_SIZE;
+
+  (* If compression isn't used don't include the compression overhead *)
+  SSL3_RT_MAX_COMPRESSED_LENGTH = SSL3_RT_MAX_PLAIN_LENGTH;
+//  SSL3_RT_MAX_COMPRESSED_LENGTH = (SSL3_RT_MAX_PLAIN_LENGTH + SSL3_RT_MAX_COMPRESSED_OVERHEAD);
+
+  SSL3_RT_MAX_ENCRYPTED_LENGTH = SSL3_RT_MAX_ENCRYPTED_OVERHEAD + SSL3_RT_MAX_COMPRESSED_LENGTH;
+  SSL3_RT_MAX_TLS13_ENCRYPTED_LENGTH = SSL3_RT_MAX_PLAIN_LENGTH + SSL3_RT_MAX_TLS13_ENCRYPTED_OVERHEAD;
+  SSL3_RT_MAX_PACKET_SIZE = SSL3_RT_MAX_ENCRYPTED_LENGTH+SSL3_RT_HEADER_LENGTH;
+
+  SSL3_MD_CLIENT_FINISHED_= '\x43\x4C\x4E\x54';
+  SSL3_MD_SERVER_FINISHED_= '\x53\x52\x56\x52';
+
+  SSL3_VERSION = $0300;
+  SSL3_VERSION_MAJOR = $03;
+  SSL3_VERSION_MINOR = $00;
+
+  SSL3_RT_CHANGE_CIPHER_SPEC = 20;
+  SSL3_RT_ALERT = 21;
+  SSL3_RT_HANDSHAKE = 22;
+  SSL3_RT_APPLICATION_DATA = 23;
+  DTLS1_RT_HEARTBEAT = 24;
+
+  (* Pseudo content types to indicate additional parameters *)
+  TLS1_RT_CRYPTO = $1000;
+  TLS1_RT_CRYPTO_PREMASTER = TLS1_RT_CRYPTO or $1;
+  TLS1_RT_CRYPTO_CLIENT_RANDOM = TLS1_RT_CRYPTO or $2;
+  TLS1_RT_CRYPTO_SERVER_RANDOM = TLS1_RT_CRYPTO or $3;
+  TLS1_RT_CRYPTO_MASTER = TLS1_RT_CRYPTO or $4;
+
+  TLS1_RT_CRYPTO_READ = $0000;
+  TLS1_RT_CRYPTO_WRITE = $0100;
+  TLS1_RT_CRYPTO_MAC = TLS1_RT_CRYPTO or $5;
+  TLS1_RT_CRYPTO_KEY = TLS1_RT_CRYPTO or $6;
+  TLS1_RT_CRYPTO_IV = TLS1_RT_CRYPTO or $7;
+  TLS1_RT_CRYPTO_FIXED_IV = TLS1_RT_CRYPTO or $8;
+
+  (* Pseudo content types for SSL/TLS header info *)
+  SSL3_RT_HEADER = $100;
+  SSL3_RT_INNER_CONTENT_TYPE = $101;
+
+  SSL3_AL_WARNING = 1;
+  SSL3_AL_FATAL = 2;
+
+  SSL3_AD_CLOSE_NOTIFY = 0;
+  SSL3_AD_UNEXPECTED_MESSAGE = 10; (* fatal *)
+  SSL3_AD_BAD_RECORD_MAC = 20; (* fatal *)
+  SSL3_AD_DECOMPRESSION_FAILURE = 30; (* fatal *)
+  SSL3_AD_HANDSHAKE_FAILURE = 40; (* fatal *)
+  SSL3_AD_NO_CERTIFICATE = 41;
+  SSL3_AD_BAD_CERTIFICATE = 42;
+  SSL3_AD_UNSUPPORTED_CERTIFICATE = 43;
+  SSL3_AD_CERTIFICATE_REVOKED = 44;
+  SSL3_AD_CERTIFICATE_EXPIRED = 45;
+  SSL3_AD_CERTIFICATE_UNKNOWN = 46;
+  SSL3_AD_ILLEGAL_PARAMETER = 47; (* fatal *)
+
+  TLS1_HB_REQUEST = 1;
+  TLS1_HB_RESPONSE = 2;
+
+  SSL3_CT_RSA_SIGN = 1;
+  SSL3_CT_DSS_SIGN = 2;
+  SSL3_CT_RSA_FIXED_DH = 3;
+  SSL3_CT_DSS_FIXED_DH = 4;
+  SSL3_CT_RSA_EPHEMERAL_DH = 5;
+  SSL3_CT_DSS_EPHEMERAL_DH = 6;
+  SSL3_CT_FORTEZZA_DMS = 20;
+
+  (*
+   * SSL3_CT_NUMBER is used to size arrays and it must be large enough to
+   * contain all of the cert types defined for *either* SSLv3 and TLSv1.
+   *)
+  SSL3_CT_NUMBER = 10;
+
+  (* No longer used as of OpenSSL 1.1.1 *)
+  SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS = $0001;
+
+  (* Removed from OpenSSL 1.1.0 *)
+  TLS1_FLAGS_TLS_PADDING_BUG = $0;
+  TLS1_FLAGS_SKIP_CERT_VERIFY = $0010;
+
+  (* Set if we encrypt then mac instead of usual mac then encrypt *)
+  TLS1_FLAGS_ENCRYPT_THEN_MAC_READ = $0100;
+  TLS1_FLAGS_ENCRYPT_THEN_MAC = TLS1_FLAGS_ENCRYPT_THEN_MAC_READ;
+
+
+  (* Set if extended master secret extension received from peer *)
+  TLS1_FLAGS_RECEIVED_EXTMS = $0200;
+
+  TLS1_FLAGS_ENCRYPT_THEN_MAC_WRITE = $0400;
+
+  TLS1_FLAGS_STATELESS = $0800;
+
+  SSL3_MT_HELLO_REQUEST = 0;
+  SSL3_MT_CLIENT_HELLO = 1;
+  SSL3_MT_SERVER_HELLO = 2;
+  SSL3_MT_NEWSESSION_TICKET = 4;
+  SSL3_MT_END_OF_EARLY_DATA = 5;
+  SSL3_MT_ENCRYPTED_EXTENSIONS = 8;
+  SSL3_MT_CERTIFICATE = 11;
+  SSL3_MT_SERVER_KEY_EXCHANGE = 12;
+  SSL3_MT_CERTIFICATE_REQUEST = 13;
+  SSL3_MT_SERVER_DONE = 14;
+  SSL3_MT_CERTIFICATE_VERIFY = 15;
+  SSL3_MT_CLIENT_KEY_EXCHANGE = 16;
+  SSL3_MT_FINISHED = 20;
+  SSL3_MT_CERTIFICATE_URL = 21;
+  SSL3_MT_CERTIFICATE_STATUS = 22;
+  SSL3_MT_SUPPLEMENTAL_DATA = 23;
+  SSL3_MT_KEY_UPDATE = 24;
+  SSL3_MT_NEXT_PROTO = 67;
+  SSL3_MT_MESSAGE_HASH = 254;
+  DTLS1_MT_HELLO_VERIFY_REQUEST = 3;
+
+  (* Dummy message type for handling CCS like a normal handshake message *)
+  SSL3_MT_CHANGE_CIPHER_SPEC = $0101;
+
+  SSL3_MT_CCS = 1;
+
+  (* These are used when changing over to a new cipher *)
+  SSL3_CC_READ = $001;
+  SSL3_CC_WRITE = $002;
+  SSL3_CC_CLIENT = $010;
+  SSL3_CC_SERVER = $020;
+  SSL3_CC_EARLY = $040;
+  SSL3_CC_HANDSHAKE = $080;
+  SSL3_CC_APPLICATION = $100;
+  SSL3_CHANGE_CIPHER_CLIENT_WRITE = SSL3_CC_CLIENT or SSL3_CC_WRITE;
+  SSL3_CHANGE_CIPHER_SERVER_READ = SSL3_CC_SERVER or SSL3_CC_READ;
+  SSL3_CHANGE_CIPHER_CLIENT_READ = SSL3_CC_CLIENT or SSL3_CC_READ;
+  SSL3_CHANGE_CIPHER_SERVER_WRITE = SSL3_CC_SERVER or SSL3_CC_WRITE;
+
implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_sslerr.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_sslerr.pas
new file mode 100644
index 000000000..6faac35a6
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_sslerr.pas
@@ -0,0 +1,792 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+unit IdOpenSSLHeaders_sslerr;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// sslerr.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+(*
+ * SSL function codes.
+ *)
+const
+  SSL_F_ADD_CLIENT_KEY_SHARE_EXT = 438;
+  SSL_F_ADD_KEY_SHARE = 512;
+  SSL_F_BYTES_TO_CIPHER_LIST = 519;
+  SSL_F_CHECK_SUITEB_CIPHER_LIST = 331;
+  SSL_F_CIPHERSUITE_CB = 622;
+  SSL_F_CONSTRUCT_CA_NAMES = 552;
+  SSL_F_CONSTRUCT_KEY_EXCHANGE_TBS = 553;
+  SSL_F_CONSTRUCT_STATEFUL_TICKET = 636;
+  SSL_F_CONSTRUCT_STATELESS_TICKET = 637;
+  SSL_F_CREATE_SYNTHETIC_MESSAGE_HASH = 539;
+  SSL_F_CREATE_TICKET_PREQUEL = 638;
+  SSL_F_CT_MOVE_SCTS = 345;
+  SSL_F_CT_STRICT = 349;
+  SSL_F_CUSTOM_EXT_ADD = 554;
+  SSL_F_CUSTOM_EXT_PARSE = 555;
+  SSL_F_D2I_SSL_SESSION = 103;
+  SSL_F_DANE_CTX_ENABLE = 347;
+  SSL_F_DANE_MTYPE_SET = 393;
+  SSL_F_DANE_TLSA_ADD = 394;
+  SSL_F_DERIVE_SECRET_KEY_AND_IV = 514;
+  SSL_F_DO_DTLS1_WRITE = 245;
+  SSL_F_DO_SSL3_WRITE = 104;
+  SSL_F_DTLS1_BUFFER_RECORD = 247;
+  SSL_F_DTLS1_CHECK_TIMEOUT_NUM = 318;
+  SSL_F_DTLS1_HEARTBEAT = 305;
+  SSL_F_DTLS1_HM_FRAGMENT_NEW = 623;
+  SSL_F_DTLS1_PREPROCESS_FRAGMENT = 288;
+  SSL_F_DTLS1_PROCESS_BUFFERED_RECORDS = 424;
+  SSL_F_DTLS1_PROCESS_RECORD = 257;
+  SSL_F_DTLS1_READ_BYTES = 258;
+  SSL_F_DTLS1_READ_FAILED = 339;
+  SSL_F_DTLS1_RETRANSMIT_MESSAGE = 390;
+  SSL_F_DTLS1_WRITE_APP_DATA_BYTES = 268;
+  SSL_F_DTLS1_WRITE_BYTES = 545;
+  SSL_F_DTLSV1_LISTEN = 350;
+  SSL_F_DTLS_CONSTRUCT_CHANGE_CIPHER_SPEC = 371;
+  SSL_F_DTLS_CONSTRUCT_HELLO_VERIFY_REQUEST = 385;
+  SSL_F_DTLS_GET_REASSEMBLED_MESSAGE = 370;
+  SSL_F_DTLS_PROCESS_HELLO_VERIFY = 386;
+  SSL_F_DTLS_RECORD_LAYER_NEW = 635;
+  SSL_F_DTLS_WAIT_FOR_DRY = 592;
+  SSL_F_EARLY_DATA_COUNT_OK = 532;
+  SSL_F_FINAL_EARLY_DATA = 556;
+  SSL_F_FINAL_EC_PT_FORMATS = 485;
+  SSL_F_FINAL_EMS = 486;
+  SSL_F_FINAL_KEY_SHARE = 503;
+  SSL_F_FINAL_MAXFRAGMENTLEN = 557;
+  SSL_F_FINAL_RENEGOTIATE = 483;
+  SSL_F_FINAL_SERVER_NAME = 558;
+  SSL_F_FINAL_SIG_ALGS = 497;
+  SSL_F_GET_CERT_VERIFY_TBS_DATA = 588;
+  SSL_F_NSS_KEYLOG_INT = 500;
+  SSL_F_OPENSSL_INIT_SSL = 342;
+  SSL_F_OSSL_STATEM_CLIENT13_READ_TRANSITION = 436;
+  SSL_F_OSSL_STATEM_CLIENT13_WRITE_TRANSITION = 598;
+  SSL_F_OSSL_STATEM_CLIENT_CONSTRUCT_MESSAGE = 430;
+  SSL_F_OSSL_STATEM_CLIENT_POST_PROCESS_MESSAGE = 593;
+  SSL_F_OSSL_STATEM_CLIENT_PROCESS_MESSAGE = 594;
+  SSL_F_OSSL_STATEM_CLIENT_READ_TRANSITION = 417;
+  SSL_F_OSSL_STATEM_CLIENT_WRITE_TRANSITION = 599;
+  SSL_F_OSSL_STATEM_SERVER13_READ_TRANSITION = 437;
+  SSL_F_OSSL_STATEM_SERVER13_WRITE_TRANSITION = 600;
+  SSL_F_OSSL_STATEM_SERVER_CONSTRUCT_MESSAGE = 431;
+  SSL_F_OSSL_STATEM_SERVER_POST_PROCESS_MESSAGE = 601;
+  SSL_F_OSSL_STATEM_SERVER_POST_WORK = 602;
+  SSL_F_OSSL_STATEM_SERVER_PROCESS_MESSAGE = 603;
+  SSL_F_OSSL_STATEM_SERVER_READ_TRANSITION = 418;
+  SSL_F_OSSL_STATEM_SERVER_WRITE_TRANSITION = 604;
+  SSL_F_PARSE_CA_NAMES = 541;
+  SSL_F_PITEM_NEW = 624;
+  SSL_F_PQUEUE_NEW = 625;
+  SSL_F_PROCESS_KEY_SHARE_EXT = 439;
+  SSL_F_READ_STATE_MACHINE = 352;
+  SSL_F_SET_CLIENT_CIPHERSUITE = 540;
+  SSL_F_SRP_GENERATE_CLIENT_MASTER_SECRET = 595;
+  SSL_F_SRP_GENERATE_SERVER_MASTER_SECRET = 589;
+  SSL_F_SRP_VERIFY_SERVER_PARAM = 596;
+  SSL_F_SSL3_CHANGE_CIPHER_STATE = 129;
+  SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM = 130;
+  SSL_F_SSL3_CTRL = 213;
+  SSL_F_SSL3_CTX_CTRL = 133;
+  SSL_F_SSL3_DIGEST_CACHED_RECORDS = 293;
+  SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC = 292;
+  SSL_F_SSL3_ENC = 608;
+  SSL_F_SSL3_FINAL_FINISH_MAC = 285;
+  SSL_F_SSL3_FINISH_MAC = 587;
+  SSL_F_SSL3_GENERATE_KEY_BLOCK = 238;
+  SSL_F_SSL3_GENERATE_MASTER_SECRET = 388;
+  SSL_F_SSL3_GET_RECORD = 143;
+  SSL_F_SSL3_INIT_FINISHED_MAC = 397;
+  SSL_F_SSL3_OUTPUT_CERT_CHAIN = 147;
+  SSL_F_SSL3_READ_BYTES = 148;
+  SSL_F_SSL3_READ_N = 149;
+  SSL_F_SSL3_SETUP_KEY_BLOCK = 157;
+  SSL_F_SSL3_SETUP_READ_BUFFER = 156;
+  SSL_F_SSL3_SETUP_WRITE_BUFFER = 291;
+  SSL_F_SSL3_WRITE_BYTES = 158;
+  SSL_F_SSL3_WRITE_PENDING = 159;
+  SSL_F_SSL_ADD_CERT_CHAIN = 316;
+  SSL_F_SSL_ADD_CERT_TO_BUF = 319;
+  SSL_F_SSL_ADD_CERT_TO_WPACKET = 493;
+  SSL_F_SSL_ADD_CLIENTHELLO_RENEGOTIATE_EXT = 298;
+  SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT = 277;
+  SSL_F_SSL_ADD_CLIENTHELLO_USE_SRTP_EXT = 307;
+  SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK = 215;
+  SSL_F_SSL_ADD_FILE_CERT_SUBJECTS_TO_STACK = 216;
+  SSL_F_SSL_ADD_SERVERHELLO_RENEGOTIATE_EXT = 299;
+  SSL_F_SSL_ADD_SERVERHELLO_TLSEXT = 278;
+  SSL_F_SSL_ADD_SERVERHELLO_USE_SRTP_EXT = 308;
+  SSL_F_SSL_BAD_METHOD = 160;
+  SSL_F_SSL_BUILD_CERT_CHAIN = 332;
+  SSL_F_SSL_BYTES_TO_CIPHER_LIST = 161;
+  SSL_F_SSL_CACHE_CIPHERLIST = 520;
+  SSL_F_SSL_CERT_ADD0_CHAIN_CERT = 346;
+  SSL_F_SSL_CERT_DUP = 221;
+  SSL_F_SSL_CERT_NEW = 162;
+  SSL_F_SSL_CERT_SET0_CHAIN = 340;
+  SSL_F_SSL_CHECK_PRIVATE_KEY = 163;
+  SSL_F_SSL_CHECK_SERVERHELLO_TLSEXT = 280;
+  SSL_F_SSL_CHECK_SRP_EXT_CLIENTHELLO = 606;
+  SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG = 279;
+  SSL_F_SSL_CHOOSE_CLIENT_VERSION = 607;
+  SSL_F_SSL_CIPHER_DESCRIPTION = 626;
+  SSL_F_SSL_CIPHER_LIST_TO_BYTES = 425;
+  SSL_F_SSL_CIPHER_PROCESS_RULESTR = 230;
+  SSL_F_SSL_CIPHER_STRENGTH_SORT = 231;
+  SSL_F_SSL_CLEAR = 164;
+  SSL_F_SSL_CLIENT_HELLO_GET1_EXTENSIONS_PRESENT = 627;
+  SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD = 165;
+  SSL_F_SSL_CONF_CMD = 334;
+  SSL_F_SSL_CREATE_CIPHER_LIST = 166;
+  SSL_F_SSL_CTRL = 232;
+  SSL_F_SSL_CTX_CHECK_PRIVATE_KEY = 168;
+  SSL_F_SSL_CTX_ENABLE_CT = 398;
+  SSL_F_SSL_CTX_MAKE_PROFILES = 309;
+  SSL_F_SSL_CTX_NEW = 169;
+  SSL_F_SSL_CTX_SET_ALPN_PROTOS = 343;
+  SSL_F_SSL_CTX_SET_CIPHER_LIST = 269;
+  SSL_F_SSL_CTX_SET_CLIENT_CERT_ENGINE = 290;
+  SSL_F_SSL_CTX_SET_CT_VALIDATION_CALLBACK = 396;
+  SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT = 219;
+  SSL_F_SSL_CTX_SET_SSL_VERSION = 170;
+  SSL_F_SSL_CTX_SET_TLSEXT_MAX_FRAGMENT_LENGTH = 551;
+  SSL_F_SSL_CTX_USE_CERTIFICATE = 171;
+  SSL_F_SSL_CTX_USE_CERTIFICATE_ASN1 = 172;
+  SSL_F_SSL_CTX_USE_CERTIFICATE_FILE = 173;
+  SSL_F_SSL_CTX_USE_PRIVATEKEY = 174;
+  SSL_F_SSL_CTX_USE_PRIVATEKEY_ASN1 = 175;
+  SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE = 176;
+  SSL_F_SSL_CTX_USE_PSK_IDENTITY_HINT = 272;
+  SSL_F_SSL_CTX_USE_RSAPRIVATEKEY = 177;
+  SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_ASN1 = 178;
+  SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE = 179;
+  SSL_F_SSL_CTX_USE_SERVERINFO = 336;
+  SSL_F_SSL_CTX_USE_SERVERINFO_EX = 543;
+  SSL_F_SSL_CTX_USE_SERVERINFO_FILE = 337;
+  SSL_F_SSL_DANE_DUP = 403;
+  SSL_F_SSL_DANE_ENABLE = 395;
+  SSL_F_SSL_DERIVE = 590;
+  SSL_F_SSL_DO_CONFIG = 391;
+  SSL_F_SSL_DO_HANDSHAKE = 180;
+  SSL_F_SSL_DUP_CA_LIST = 408;
+  SSL_F_SSL_ENABLE_CT = 402;
+  SSL_F_SSL_GENERATE_PKEY_GROUP = 559;
+  SSL_F_SSL_GENERATE_SESSION_ID = 547;
+  SSL_F_SSL_GET_NEW_SESSION = 181;
+  SSL_F_SSL_GET_PREV_SESSION = 217;
+  SSL_F_SSL_GET_SERVER_CERT_INDEX = 322;
+  SSL_F_SSL_GET_SIGN_PKEY = 183;
+  SSL_F_SSL_HANDSHAKE_HASH = 560;
+  SSL_F_SSL_INIT_WBIO_BUFFER = 184;
+  SSL_F_SSL_KEY_UPDATE = 515;
+  SSL_F_SSL_LOAD_CLIENT_CA_FILE = 185;
+  SSL_F_SSL_LOG_MASTER_SECRET = 498;
+  SSL_F_SSL_LOG_RSA_CLIENT_KEY_EXCHANGE = 499;
+  SSL_F_SSL_MODULE_INIT = 392;
+  SSL_F_SSL_NEW = 186;
+  SSL_F_SSL_NEXT_PROTO_VALIDATE = 565;
+  SSL_F_SSL_PARSE_CLIENTHELLO_RENEGOTIATE_EXT = 300;
+  SSL_F_SSL_PARSE_CLIENTHELLO_TLSEXT = 302;
+  SSL_F_SSL_PARSE_CLIENTHELLO_USE_SRTP_EXT = 310;
+  SSL_F_SSL_PARSE_SERVERHELLO_RENEGOTIATE_EXT = 301;
+  SSL_F_SSL_PARSE_SERVERHELLO_TLSEXT = 303;
+  SSL_F_SSL_PARSE_SERVERHELLO_USE_SRTP_EXT = 311;
+  SSL_F_SSL_PEEK = 270;
+  SSL_F_SSL_PEEK_EX = 432;
+  SSL_F_SSL_PEEK_INTERNAL = 522;
+  SSL_F_SSL_READ = 223;
+  SSL_F_SSL_READ_EARLY_DATA = 529;
+  SSL_F_SSL_READ_EX = 434;
+  SSL_F_SSL_READ_INTERNAL = 523;
+  SSL_F_SSL_RENEGOTIATE = 516;
+  SSL_F_SSL_RENEGOTIATE_ABBREVIATED = 546;
+  SSL_F_SSL_SCAN_CLIENTHELLO_TLSEXT = 320;
+  SSL_F_SSL_SCAN_SERVERHELLO_TLSEXT = 321;
+  SSL_F_SSL_SESSION_DUP = 348;
+  SSL_F_SSL_SESSION_NEW = 189;
+  SSL_F_SSL_SESSION_PRINT_FP = 190;
+  SSL_F_SSL_SESSION_SET1_ID = 423;
+  SSL_F_SSL_SESSION_SET1_ID_CONTEXT = 312;
+  SSL_F_SSL_SET_ALPN_PROTOS = 344;
+  SSL_F_SSL_SET_CERT = 191;
+  SSL_F_SSL_SET_CERT_AND_KEY = 621;
+  SSL_F_SSL_SET_CIPHER_LIST = 271;
+  SSL_F_SSL_SET_CT_VALIDATION_CALLBACK = 399;
+  SSL_F_SSL_SET_FD = 192;
+  SSL_F_SSL_SET_PKEY = 193;
+  SSL_F_SSL_SET_RFD = 194;
+  SSL_F_SSL_SET_SESSION = 195;
+  SSL_F_SSL_SET_SESSION_ID_CONTEXT = 218;
+  SSL_F_SSL_SET_SESSION_TICKET_EXT = 294;
+  SSL_F_SSL_SET_TLSEXT_MAX_FRAGMENT_LENGTH = 550;
+  SSL_F_SSL_SET_WFD = 196;
+  SSL_F_SSL_SHUTDOWN = 224;
+  SSL_F_SSL_SRP_CTX_INIT = 313;
+  SSL_F_SSL_START_ASYNC_JOB = 389;
+  SSL_F_SSL_UNDEFINED_FUNCTION = 197;
+  SSL_F_SSL_UNDEFINED_VOID_FUNCTION = 244;
+  SSL_F_SSL_USE_CERTIFICATE = 198;
+  SSL_F_SSL_USE_CERTIFICATE_ASN1 = 199;
+  SSL_F_SSL_USE_CERTIFICATE_FILE = 200;
+  SSL_F_SSL_USE_PRIVATEKEY = 201;
+  SSL_F_SSL_USE_PRIVATEKEY_ASN1 = 202;
+  SSL_F_SSL_USE_PRIVATEKEY_FILE = 203;
+  SSL_F_SSL_USE_PSK_IDENTITY_HINT = 273;
+  SSL_F_SSL_USE_RSAPRIVATEKEY = 204;
+  SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1 = 205;
+  SSL_F_SSL_USE_RSAPRIVATEKEY_FILE = 206;
+  SSL_F_SSL_VALIDATE_CT = 400;
+  SSL_F_SSL_VERIFY_CERT_CHAIN = 207;
+  SSL_F_SSL_VERIFY_CLIENT_POST_HANDSHAKE = 616;
+  SSL_F_SSL_WRITE = 208;
+  SSL_F_SSL_WRITE_EARLY_DATA = 526;
+  SSL_F_SSL_WRITE_EARLY_FINISH = 527;
+  SSL_F_SSL_WRITE_EX = 433;
+  SSL_F_SSL_WRITE_INTERNAL = 524;
+  SSL_F_STATE_MACHINE = 353;
+  SSL_F_TLS12_CHECK_PEER_SIGALG = 333;
+  SSL_F_TLS12_COPY_SIGALGS = 533;
+  SSL_F_TLS13_CHANGE_CIPHER_STATE = 440;
+  SSL_F_TLS13_ENC = 609;
+  SSL_F_TLS13_FINAL_FINISH_MAC = 605;
+  SSL_F_TLS13_GENERATE_SECRET = 591;
+  SSL_F_TLS13_HKDF_EXPAND = 561;
+  SSL_F_TLS13_RESTORE_HANDSHAKE_DIGEST_FOR_PHA = 617;
+  SSL_F_TLS13_SAVE_HANDSHAKE_DIGEST_FOR_PHA = 618;
+  SSL_F_TLS13_SETUP_KEY_BLOCK = 441;
+  SSL_F_TLS1_CHANGE_CIPHER_STATE = 209;
+  SSL_F_TLS1_CHECK_DUPLICATE_EXTENSIONS = 341;
+  SSL_F_TLS1_ENC = 401;
+  SSL_F_TLS1_EXPORT_KEYING_MATERIAL = 314;
+  SSL_F_TLS1_GET_CURVELIST = 338;
+  SSL_F_TLS1_PRF = 284;
+  SSL_F_TLS1_SAVE_U16 = 628;
+  SSL_F_TLS1_SETUP_KEY_BLOCK = 211;
+  SSL_F_TLS1_SET_GROUPS = 629;
+  SSL_F_TLS1_SET_RAW_SIGALGS = 630;
+  SSL_F_TLS1_SET_SERVER_SIGALGS = 335;
+  SSL_F_TLS1_SET_SHARED_SIGALGS = 631;
+  SSL_F_TLS1_SET_SIGALGS = 632;
+  SSL_F_TLS_CHOOSE_SIGALG = 513;
+  SSL_F_TLS_CLIENT_KEY_EXCHANGE_POST_WORK = 354;
+  SSL_F_TLS_COLLECT_EXTENSIONS = 435;
+  SSL_F_TLS_CONSTRUCT_CERTIFICATE_AUTHORITIES = 542;
+  SSL_F_TLS_CONSTRUCT_CERTIFICATE_REQUEST = 372;
+  SSL_F_TLS_CONSTRUCT_CERT_STATUS = 429;
+  SSL_F_TLS_CONSTRUCT_CERT_STATUS_BODY = 494;
+  SSL_F_TLS_CONSTRUCT_CERT_VERIFY = 496;
+  SSL_F_TLS_CONSTRUCT_CHANGE_CIPHER_SPEC = 427;
+  SSL_F_TLS_CONSTRUCT_CKE_DHE = 404;
+  SSL_F_TLS_CONSTRUCT_CKE_ECDHE = 405;
+  SSL_F_TLS_CONSTRUCT_CKE_GOST = 406;
+  SSL_F_TLS_CONSTRUCT_CKE_PSK_PREAMBLE = 407;
+  SSL_F_TLS_CONSTRUCT_CKE_RSA = 409;
+  SSL_F_TLS_CONSTRUCT_CKE_SRP = 410;
+  SSL_F_TLS_CONSTRUCT_CLIENT_CERTIFICATE = 484;
+  SSL_F_TLS_CONSTRUCT_CLIENT_HELLO = 487;
+  SSL_F_TLS_CONSTRUCT_CLIENT_KEY_EXCHANGE = 488;
+  SSL_F_TLS_CONSTRUCT_CLIENT_VERIFY = 489;
+  SSL_F_TLS_CONSTRUCT_CTOS_ALPN = 466;
+  SSL_F_TLS_CONSTRUCT_CTOS_CERTIFICATE = 355;
+  SSL_F_TLS_CONSTRUCT_CTOS_COOKIE = 535;
+  SSL_F_TLS_CONSTRUCT_CTOS_EARLY_DATA = 530;
+  SSL_F_TLS_CONSTRUCT_CTOS_EC_PT_FORMATS = 467;
+  SSL_F_TLS_CONSTRUCT_CTOS_EMS = 468;
+  SSL_F_TLS_CONSTRUCT_CTOS_ETM = 469;
+  SSL_F_TLS_CONSTRUCT_CTOS_HELLO = 356;
+  SSL_F_TLS_CONSTRUCT_CTOS_KEY_EXCHANGE = 357;
+  SSL_F_TLS_CONSTRUCT_CTOS_KEY_SHARE = 470;
+  SSL_F_TLS_CONSTRUCT_CTOS_MAXFRAGMENTLEN = 549;
+  SSL_F_TLS_CONSTRUCT_CTOS_NPN = 471;
+  SSL_F_TLS_CONSTRUCT_CTOS_PADDING = 472;
+  SSL_F_TLS_CONSTRUCT_CTOS_POST_HANDSHAKE_AUTH = 619;
+  SSL_F_TLS_CONSTRUCT_CTOS_PSK = 501;
+  SSL_F_TLS_CONSTRUCT_CTOS_PSK_KEX_MODES = 509;
+  SSL_F_TLS_CONSTRUCT_CTOS_RENEGOTIATE = 473;
+  SSL_F_TLS_CONSTRUCT_CTOS_SCT = 474;
+  SSL_F_TLS_CONSTRUCT_CTOS_SERVER_NAME = 475;
+  SSL_F_TLS_CONSTRUCT_CTOS_SESSION_TICKET = 476;
+  SSL_F_TLS_CONSTRUCT_CTOS_SIG_ALGS = 477;
+  SSL_F_TLS_CONSTRUCT_CTOS_SRP = 478;
+  SSL_F_TLS_CONSTRUCT_CTOS_STATUS_REQUEST = 479;
+  SSL_F_TLS_CONSTRUCT_CTOS_SUPPORTED_GROUPS = 480;
+  SSL_F_TLS_CONSTRUCT_CTOS_SUPPORTED_VERSIONS = 481;
+  SSL_F_TLS_CONSTRUCT_CTOS_USE_SRTP = 482;
+  SSL_F_TLS_CONSTRUCT_CTOS_VERIFY = 358;
+  SSL_F_TLS_CONSTRUCT_ENCRYPTED_EXTENSIONS = 443;
+  SSL_F_TLS_CONSTRUCT_END_OF_EARLY_DATA = 536;
+  SSL_F_TLS_CONSTRUCT_EXTENSIONS = 447;
+  SSL_F_TLS_CONSTRUCT_FINISHED = 359;
+  SSL_F_TLS_CONSTRUCT_HELLO_REQUEST = 373;
+  SSL_F_TLS_CONSTRUCT_HELLO_RETRY_REQUEST = 510;
+  SSL_F_TLS_CONSTRUCT_KEY_UPDATE = 517;
+  SSL_F_TLS_CONSTRUCT_NEW_SESSION_TICKET = 428;
+  SSL_F_TLS_CONSTRUCT_NEXT_PROTO = 426;
+  SSL_F_TLS_CONSTRUCT_SERVER_CERTIFICATE = 490;
+  SSL_F_TLS_CONSTRUCT_SERVER_HELLO = 491;
+  SSL_F_TLS_CONSTRUCT_SERVER_KEY_EXCHANGE = 492;
+  SSL_F_TLS_CONSTRUCT_STOC_ALPN = 451;
+  SSL_F_TLS_CONSTRUCT_STOC_CERTIFICATE = 374;
+  SSL_F_TLS_CONSTRUCT_STOC_COOKIE = 613;
+  SSL_F_TLS_CONSTRUCT_STOC_CRYPTOPRO_BUG = 452;
+  SSL_F_TLS_CONSTRUCT_STOC_DONE = 375;
+  SSL_F_TLS_CONSTRUCT_STOC_EARLY_DATA = 531;
+  SSL_F_TLS_CONSTRUCT_STOC_EARLY_DATA_INFO = 525;
+  SSL_F_TLS_CONSTRUCT_STOC_EC_PT_FORMATS = 453;
+  SSL_F_TLS_CONSTRUCT_STOC_EMS = 454;
+  SSL_F_TLS_CONSTRUCT_STOC_ETM = 455;
+  SSL_F_TLS_CONSTRUCT_STOC_HELLO = 376;
+  SSL_F_TLS_CONSTRUCT_STOC_KEY_EXCHANGE = 377;
+  SSL_F_TLS_CONSTRUCT_STOC_KEY_SHARE = 456;
+  SSL_F_TLS_CONSTRUCT_STOC_MAXFRAGMENTLEN = 548;
+  SSL_F_TLS_CONSTRUCT_STOC_NEXT_PROTO_NEG = 457;
+  SSL_F_TLS_CONSTRUCT_STOC_PSK = 504;
+  SSL_F_TLS_CONSTRUCT_STOC_RENEGOTIATE = 458;
+  SSL_F_TLS_CONSTRUCT_STOC_SERVER_NAME = 459;
+  SSL_F_TLS_CONSTRUCT_STOC_SESSION_TICKET = 460;
+  SSL_F_TLS_CONSTRUCT_STOC_STATUS_REQUEST = 461;
+  SSL_F_TLS_CONSTRUCT_STOC_SUPPORTED_GROUPS = 544;
+  SSL_F_TLS_CONSTRUCT_STOC_SUPPORTED_VERSIONS = 611;
+  SSL_F_TLS_CONSTRUCT_STOC_USE_SRTP = 462;
+  SSL_F_TLS_EARLY_POST_PROCESS_CLIENT_HELLO = 521;
+  SSL_F_TLS_FINISH_HANDSHAKE = 597;
+  SSL_F_TLS_GET_MESSAGE_BODY = 351;
+  SSL_F_TLS_GET_MESSAGE_HEADER = 387;
+  SSL_F_TLS_HANDLE_ALPN = 562;
+  SSL_F_TLS_HANDLE_STATUS_REQUEST = 563;
+  SSL_F_TLS_PARSE_CERTIFICATE_AUTHORITIES = 566;
+  SSL_F_TLS_PARSE_CLIENTHELLO_TLSEXT = 449;
+  SSL_F_TLS_PARSE_CTOS_ALPN = 567;
+  SSL_F_TLS_PARSE_CTOS_COOKIE = 614;
+  SSL_F_TLS_PARSE_CTOS_EARLY_DATA = 568;
+  SSL_F_TLS_PARSE_CTOS_EC_PT_FORMATS = 569;
+  SSL_F_TLS_PARSE_CTOS_EMS = 570;
+  SSL_F_TLS_PARSE_CTOS_KEY_SHARE = 463;
+  SSL_F_TLS_PARSE_CTOS_MAXFRAGMENTLEN = 571;
+  SSL_F_TLS_PARSE_CTOS_POST_HANDSHAKE_AUTH = 620;
+  SSL_F_TLS_PARSE_CTOS_PSK = 505;
+  SSL_F_TLS_PARSE_CTOS_PSK_KEX_MODES = 572;
+  SSL_F_TLS_PARSE_CTOS_RENEGOTIATE = 464;
+  SSL_F_TLS_PARSE_CTOS_SERVER_NAME = 573;
+  SSL_F_TLS_PARSE_CTOS_SESSION_TICKET = 574;
+  SSL_F_TLS_PARSE_CTOS_SIG_ALGS = 575;
+  SSL_F_TLS_PARSE_CTOS_SIG_ALGS_CERT = 615;
+  SSL_F_TLS_PARSE_CTOS_SRP = 576;
+  SSL_F_TLS_PARSE_CTOS_STATUS_REQUEST = 577;
+  SSL_F_TLS_PARSE_CTOS_SUPPORTED_GROUPS = 578;
+  SSL_F_TLS_PARSE_CTOS_USE_SRTP = 465;
+  SSL_F_TLS_PARSE_STOC_ALPN = 579;
+  SSL_F_TLS_PARSE_STOC_COOKIE = 534;
+  SSL_F_TLS_PARSE_STOC_EARLY_DATA = 538;
+  SSL_F_TLS_PARSE_STOC_EARLY_DATA_INFO = 528;
+  SSL_F_TLS_PARSE_STOC_EC_PT_FORMATS = 580;
+  SSL_F_TLS_PARSE_STOC_KEY_SHARE = 445;
+  SSL_F_TLS_PARSE_STOC_MAXFRAGMENTLEN = 581;
+  SSL_F_TLS_PARSE_STOC_NPN = 582;
+  SSL_F_TLS_PARSE_STOC_PSK = 502;
+  SSL_F_TLS_PARSE_STOC_RENEGOTIATE = 448;
+  SSL_F_TLS_PARSE_STOC_SCT = 564;
+  SSL_F_TLS_PARSE_STOC_SERVER_NAME = 583;
+  SSL_F_TLS_PARSE_STOC_SESSION_TICKET = 584;
+  SSL_F_TLS_PARSE_STOC_STATUS_REQUEST = 585;
+  SSL_F_TLS_PARSE_STOC_SUPPORTED_VERSIONS = 612;
+  SSL_F_TLS_PARSE_STOC_USE_SRTP = 446;
+  SSL_F_TLS_POST_PROCESS_CLIENT_HELLO = 378;
+  SSL_F_TLS_POST_PROCESS_CLIENT_KEY_EXCHANGE = 384;
+  SSL_F_TLS_PREPARE_CLIENT_CERTIFICATE = 360;
+  SSL_F_TLS_PROCESS_AS_HELLO_RETRY_REQUEST = 610;
+  SSL_F_TLS_PROCESS_CERTIFICATE_REQUEST = 361;
+  SSL_F_TLS_PROCESS_CERT_STATUS = 362;
+  SSL_F_TLS_PROCESS_CERT_STATUS_BODY = 495;
+  SSL_F_TLS_PROCESS_CERT_VERIFY = 379;
+  SSL_F_TLS_PROCESS_CHANGE_CIPHER_SPEC = 363;
+  SSL_F_TLS_PROCESS_CKE_DHE = 411;
+  SSL_F_TLS_PROCESS_CKE_ECDHE = 412;
+  SSL_F_TLS_PROCESS_CKE_GOST = 413;
+  SSL_F_TLS_PROCESS_CKE_PSK_PREAMBLE = 414;
+  SSL_F_TLS_PROCESS_CKE_RSA = 415;
+  SSL_F_TLS_PROCESS_CKE_SRP = 416;
+  SSL_F_TLS_PROCESS_CLIENT_CERTIFICATE = 380;
+  SSL_F_TLS_PROCESS_CLIENT_HELLO = 381;
+  SSL_F_TLS_PROCESS_CLIENT_KEY_EXCHANGE = 382;
+  SSL_F_TLS_PROCESS_ENCRYPTED_EXTENSIONS = 444;
+  SSL_F_TLS_PROCESS_END_OF_EARLY_DATA = 537;
+  SSL_F_TLS_PROCESS_FINISHED = 364;
+  SSL_F_TLS_PROCESS_HELLO_REQ = 507;
+  SSL_F_TLS_PROCESS_HELLO_RETRY_REQUEST = 511;
+  SSL_F_TLS_PROCESS_INITIAL_SERVER_FLIGHT = 442;
+  SSL_F_TLS_PROCESS_KEY_EXCHANGE = 365;
+  SSL_F_TLS_PROCESS_KEY_UPDATE = 518;
+  SSL_F_TLS_PROCESS_NEW_SESSION_TICKET = 366;
+  SSL_F_TLS_PROCESS_NEXT_PROTO = 383;
+  SSL_F_TLS_PROCESS_SERVER_CERTIFICATE = 367;
+  SSL_F_TLS_PROCESS_SERVER_DONE = 368;
+  SSL_F_TLS_PROCESS_SERVER_HELLO = 369;
+  SSL_F_TLS_PROCESS_SKE_DHE = 419;
+  SSL_F_TLS_PROCESS_SKE_ECDHE = 420;
+  SSL_F_TLS_PROCESS_SKE_PSK_PREAMBLE = 421;
+  SSL_F_TLS_PROCESS_SKE_SRP = 422;
+  SSL_F_TLS_PSK_DO_BINDER = 506;
+  SSL_F_TLS_SCAN_CLIENTHELLO_TLSEXT = 450;
+  SSL_F_TLS_SETUP_HANDSHAKE = 508;
+  SSL_F_USE_CERTIFICATE_CHAIN_FILE = 220;
+  SSL_F_WPACKET_INTERN_INIT_LEN = 633;
+  SSL_F_WPACKET_START_SUB_PACKET_LEN__ = 634;
+  SSL_F_WRITE_STATE_MACHINE = 586;
+  SSL_R_APPLICATION_DATA_AFTER_CLOSE_NOTIFY = 291;
+  SSL_R_APP_DATA_IN_HANDSHAKE = 100;
+  SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT = 272;
+  SSL_R_AT_LEAST_TLS_1_0_NEEDED_IN_FIPS_MODE = 143;
+  SSL_R_AT_LEAST_TLS_1_2_NEEDED_IN_SUITEB_MODE = 158;
+  SSL_R_BAD_CHANGE_CIPHER_SPEC = 103;
+  SSL_R_BAD_CIPHER = 186;
+  SSL_R_BAD_DATA = 390;
+  SSL_R_BAD_DATA_RETURNED_BY_CALLBACK = 106;
+  SSL_R_BAD_DECOMPRESSION = 107;
+  SSL_R_BAD_DH_VALUE = 102;
+  SSL_R_BAD_DIGEST_LENGTH = 111;
+  SSL_R_BAD_EARLY_DATA = 233;
+  SSL_R_BAD_ECC_CERT = 304;
+  SSL_R_BAD_ECPOINT = 306;
+  SSL_R_BAD_EXTENSION = 110;
+  SSL_R_BAD_HANDSHAKE_LENGTH = 332;
+  SSL_R_BAD_HANDSHAKE_STATE = 236;
+  SSL_R_BAD_HELLO_REQUEST = 105;
+  SSL_R_BAD_HRR_VERSION = 263;
+  SSL_R_BAD_KEY_SHARE = 108;
+  SSL_R_BAD_KEY_UPDATE = 122;
+  SSL_R_BAD_LEGACY_VERSION = 292;
+  SSL_R_BAD_LENGTH = 271;
+  SSL_R_BAD_PACKET = 240;
+  SSL_R_BAD_PACKET_LENGTH = 115;
+  SSL_R_BAD_PROTOCOL_VERSION_NUMBER = 116;
+  SSL_R_BAD_PSK = 219;
+  SSL_R_BAD_PSK_IDENTITY = 114;
+  SSL_R_BAD_RECORD_TYPE = 443;
+  SSL_R_BAD_RSA_ENCRYPT = 119;
+  SSL_R_BAD_SIGNATURE = 123;
+  SSL_R_BAD_SRP_A_LENGTH = 347;
+  SSL_R_BAD_SRP_PARAMETERS = 371;
+  SSL_R_BAD_SRTP_MKI_VALUE = 352;
+  SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST = 353;
+  SSL_R_BAD_SSL_FILETYPE = 124;
+  SSL_R_BAD_VALUE = 384;
+  SSL_R_BAD_WRITE_RETRY = 127;
+  SSL_R_BINDER_DOES_NOT_VERIFY = 253;
+  SSL_R_BIO_NOT_SET = 128;
+  SSL_R_BLOCK_CIPHER_PAD_IS_WRONG = 129;
+  SSL_R_BN_LIB = 130;
+  SSL_R_CALLBACK_FAILED = 234;
+  SSL_R_CANNOT_CHANGE_CIPHER = 109;
+  SSL_R_CA_DN_LENGTH_MISMATCH = 131;
+  SSL_R_CA_KEY_TOO_SMALL = 397;
+  SSL_R_CA_MD_TOO_WEAK = 398;
+  SSL_R_CCS_RECEIVED_EARLY = 133;
+  SSL_R_CERTIFICATE_VERIFY_FAILED = 134;
+  SSL_R_CERT_CB_ERROR = 377;
+  SSL_R_CERT_LENGTH_MISMATCH = 135;
+  SSL_R_CIPHERSUITE_DIGEST_HAS_CHANGED = 218;
+  SSL_R_CIPHER_CODE_WRONG_LENGTH = 137;
+  SSL_R_CIPHER_OR_HASH_UNAVAILABLE = 138;
+  SSL_R_CLIENTHELLO_TLSEXT = 226;
+  SSL_R_COMPRESSED_LENGTH_TOO_LONG = 140;
+  SSL_R_COMPRESSION_DISABLED = 343;
+  SSL_R_COMPRESSION_FAILURE = 141;
+  SSL_R_COMPRESSION_ID_NOT_WITHIN_PRIVATE_RANGE = 307;
+  SSL_R_COMPRESSION_LIBRARY_ERROR = 142;
+  SSL_R_CONNECTION_TYPE_NOT_SET = 144;
+  SSL_R_CONTEXT_NOT_DANE_ENABLED = 167;
+  SSL_R_COOKIE_GEN_CALLBACK_FAILURE = 400;
+  SSL_R_COOKIE_MISMATCH = 308;
+  SSL_R_CUSTOM_EXT_HANDLER_ALREADY_INSTALLED = 206;
+  SSL_R_DANE_ALREADY_ENABLED = 172;
+  SSL_R_DANE_CANNOT_OVERRIDE_MTYPE_FULL = 173;
+  SSL_R_DANE_NOT_ENABLED = 175;
+  SSL_R_DANE_TLSA_BAD_CERTIFICATE = 180;
+  SSL_R_DANE_TLSA_BAD_CERTIFICATE_USAGE = 184;
+  SSL_R_DANE_TLSA_BAD_DATA_LENGTH = 189;
+  SSL_R_DANE_TLSA_BAD_DIGEST_LENGTH = 192;
+  SSL_R_DANE_TLSA_BAD_MATCHING_TYPE = 200;
+  SSL_R_DANE_TLSA_BAD_PUBLIC_KEY = 201;
+  SSL_R_DANE_TLSA_BAD_SELECTOR = 202;
+  SSL_R_DANE_TLSA_NULL_DATA = 203;
+  SSL_R_DATA_BETWEEN_CCS_AND_FINISHED = 145;
+  SSL_R_DATA_LENGTH_TOO_LONG = 146;
+  SSL_R_DECRYPTION_FAILED = 147;
+  SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC = 281;
+  SSL_R_DH_KEY_TOO_SMALL = 394;
+  SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG = 148;
+  SSL_R_DIGEST_CHECK_FAILED = 149;
+  SSL_R_DTLS_MESSAGE_TOO_BIG = 334;
+  SSL_R_DUPLICATE_COMPRESSION_ID = 309;
+  SSL_R_ECC_CERT_NOT_FOR_SIGNING = 318;
+  SSL_R_ECDH_REQUIRED_FOR_SUITEB_MODE = 374;
+  SSL_R_EE_KEY_TOO_SMALL = 399;
+  SSL_R_EMPTY_SRTP_PROTECTION_PROFILE_LIST = 354;
+  SSL_R_ENCRYPTED_LENGTH_TOO_LONG = 150;
+  SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST = 151;
+  SSL_R_ERROR_SETTING_TLSA_BASE_DOMAIN = 204;
+  SSL_R_EXCEEDS_MAX_FRAGMENT_SIZE = 194;
+  SSL_R_EXCESSIVE_MESSAGE_SIZE = 152;
+  SSL_R_EXTENSION_NOT_RECEIVED = 279;
+  SSL_R_EXTRA_DATA_IN_MESSAGE = 153;
+  SSL_R_EXT_LENGTH_MISMATCH = 163;
+  SSL_R_FAILED_TO_INIT_ASYNC = 405;
+  SSL_R_FRAGMENTED_CLIENT_HELLO = 401;
+  SSL_R_GOT_A_FIN_BEFORE_A_CCS = 154;
+  SSL_R_HTTPS_PROXY_REQUEST = 155;
+  SSL_R_HTTP_REQUEST = 156;
+  SSL_R_ILLEGAL_POINT_COMPRESSION = 162;
+  SSL_R_ILLEGAL_SUITEB_DIGEST = 380;
+  SSL_R_INAPPROPRIATE_FALLBACK = 373;
+  SSL_R_INCONSISTENT_COMPRESSION = 340;
+  SSL_R_INCONSISTENT_EARLY_DATA_ALPN = 222;
+  SSL_R_INCONSISTENT_EARLY_DATA_SNI = 231;
+  SSL_R_INCONSISTENT_EXTMS = 104;
+  SSL_R_INSUFFICIENT_SECURITY = 241;
+  SSL_R_INVALID_ALERT = 205;
+  SSL_R_INVALID_CCS_MESSAGE = 260;
+  SSL_R_INVALID_CERTIFICATE_OR_ALG = 238;
+  SSL_R_INVALID_COMMAND = 280;
+  SSL_R_INVALID_COMPRESSION_ALGORITHM = 341;
+  SSL_R_INVALID_CONFIG = 283;
+  SSL_R_INVALID_CONFIGURATION_NAME = 113;
+  SSL_R_INVALID_CONTEXT = 282;
+  SSL_R_INVALID_CT_VALIDATION_TYPE = 212;
+  SSL_R_INVALID_KEY_UPDATE_TYPE = 120;
+  SSL_R_INVALID_MAX_EARLY_DATA = 174;
+  SSL_R_INVALID_NULL_CMD_NAME = 385;
+  SSL_R_INVALID_SEQUENCE_NUMBER = 402;
+  SSL_R_INVALID_SERVERINFO_DATA = 388;
+  SSL_R_INVALID_SESSION_ID = 999;
+  SSL_R_INVALID_SRP_USERNAME = 357;
+  SSL_R_INVALID_STATUS_RESPONSE = 328;
+  SSL_R_INVALID_TICKET_KEYS_LENGTH = 325;
+  SSL_R_LENGTH_MISMATCH = 159;
+  SSL_R_LENGTH_TOO_LONG = 404;
+  SSL_R_LENGTH_TOO_SHORT = 160;
+  SSL_R_LIBRARY_BUG = 274;
+  SSL_R_LIBRARY_HAS_NO_CIPHERS = 161;
+  SSL_R_MISSING_DSA_SIGNING_CERT = 165;
+  SSL_R_MISSING_ECDSA_SIGNING_CERT = 381;
+  SSL_R_MISSING_FATAL = 256;
+  SSL_R_MISSING_PARAMETERS = 290;
+  SSL_R_MISSING_RSA_CERTIFICATE = 168;
+  SSL_R_MISSING_RSA_ENCRYPTING_CERT = 169;
+  SSL_R_MISSING_RSA_SIGNING_CERT = 170;
+  SSL_R_MISSING_SIGALGS_EXTENSION = 112;
+  SSL_R_MISSING_SIGNING_CERT = 221;
+  SSL_R_MISSING_SRP_PARAM = 358;
+  SSL_R_MISSING_SUPPORTED_GROUPS_EXTENSION = 209;
+  SSL_R_MISSING_TMP_DH_KEY = 171;
+  SSL_R_MISSING_TMP_ECDH_KEY = 311;
+  SSL_R_MIXED_HANDSHAKE_AND_NON_HANDSHAKE_DATA = 293;
+  SSL_R_NOT_ON_RECORD_BOUNDARY = 182;
+  SSL_R_NOT_REPLACING_CERTIFICATE = 289;
+  SSL_R_NOT_SERVER = 284;
+  SSL_R_NO_APPLICATION_PROTOCOL = 235;
+  SSL_R_NO_CERTIFICATES_RETURNED = 176;
+  SSL_R_NO_CERTIFICATE_ASSIGNED = 177;
+  SSL_R_NO_CERTIFICATE_SET = 179;
+  SSL_R_NO_CHANGE_FOLLOWING_HRR = 214;
+  SSL_R_NO_CIPHERS_AVAILABLE = 181;
+  SSL_R_NO_CIPHERS_SPECIFIED = 183;
+  SSL_R_NO_CIPHER_MATCH = 185;
+  SSL_R_NO_CLIENT_CERT_METHOD = 331;
+  SSL_R_NO_COMPRESSION_SPECIFIED = 187;
+  SSL_R_NO_COOKIE_CALLBACK_SET = 287;
+  SSL_R_NO_GOST_CERTIFICATE_SENT_BY_PEER = 330;
+  SSL_R_NO_METHOD_SPECIFIED = 188;
+  SSL_R_NO_PEM_EXTENSIONS = 389;
+  SSL_R_NO_PRIVATE_KEY_ASSIGNED = 190;
+  SSL_R_NO_PROTOCOLS_AVAILABLE = 191;
+  SSL_R_NO_RENEGOTIATION = 339;
+  SSL_R_NO_REQUIRED_DIGEST = 324;
+  SSL_R_NO_SHARED_CIPHER = 193;
+  SSL_R_NO_SHARED_GROUPS = 410;
+  SSL_R_NO_SHARED_SIGNATURE_ALGORITHMS = 376;
+  SSL_R_NO_SRTP_PROFILES = 359;
+  SSL_R_NO_SUITABLE_KEY_SHARE = 101;
+  SSL_R_NO_SUITABLE_SIGNATURE_ALGORITHM = 118;
+  SSL_R_NO_VALID_SCTS = 216;
+  SSL_R_NO_VERIFY_COOKIE_CALLBACK = 403;
+  SSL_R_NULL_SSL_CTX = 195;
+  SSL_R_NULL_SSL_METHOD_PASSED = 196;
+  SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED = 197;
+  SSL_R_OLD_SESSION_COMPRESSION_ALGORITHM_NOT_RETURNED = 344;
+  SSL_R_OVERFLOW_ERROR = 237;
+  SSL_R_PACKET_LENGTH_TOO_LONG = 198;
+  SSL_R_PARSE_TLSEXT = 227;
+  SSL_R_PATH_TOO_LONG = 270;
+  SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE = 199;
+  SSL_R_PEM_NAME_BAD_PREFIX = 391;
+  SSL_R_PEM_NAME_TOO_SHORT = 392;
+  SSL_R_PIPELINE_FAILURE = 406;
+  SSL_R_POST_HANDSHAKE_AUTH_ENCODING_ERR = 278;
+  SSL_R_PRIVATE_KEY_MISMATCH = 288;
+  SSL_R_PROTOCOL_IS_SHUTDOWN = 207;
+  SSL_R_PSK_IDENTITY_NOT_FOUND = 223;
+  SSL_R_PSK_NO_CLIENT_CB = 224;
+  SSL_R_PSK_NO_SERVER_CB = 225;
+  SSL_R_READ_BIO_NOT_SET = 211;
+  SSL_R_READ_TIMEOUT_EXPIRED = 312;
+  SSL_R_RECORD_LENGTH_MISMATCH = 213;
+  SSL_R_RECORD_TOO_SMALL = 298;
+  SSL_R_RENEGOTIATE_EXT_TOO_LONG = 335;
+  SSL_R_RENEGOTIATION_ENCODING_ERR = 336;
+  SSL_R_RENEGOTIATION_MISMATCH = 337;
+  SSL_R_REQUEST_PENDING = 285;
+  SSL_R_REQUEST_SENT = 286;
+  SSL_R_REQUIRED_CIPHER_MISSING = 215;
+  SSL_R_REQUIRED_COMPRESSION_ALGORITHM_MISSING = 342;
+  SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING = 345;
+  SSL_R_SCT_VERIFICATION_FAILED = 208;
+  SSL_R_SERVERHELLO_TLSEXT = 275;
+  SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED = 277;
+  SSL_R_SHUTDOWN_WHILE_IN_INIT = 407;
+  SSL_R_SIGNATURE_ALGORITHMS_ERROR = 360;
+  SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE = 220;
+  SSL_R_SRP_A_CALC = 361;
+  SSL_R_SRTP_COULD_NOT_ALLOCATE_PROFILES = 362;
+  SSL_R_SRTP_PROTECTION_PROFILE_LIST_TOO_LONG = 363;
+  SSL_R_SRTP_UNKNOWN_PROTECTION_PROFILE = 364;
+  SSL_R_SSL3_EXT_INVALID_MAX_FRAGMENT_LENGTH = 232;
+  SSL_R_SSL3_EXT_INVALID_SERVERNAME = 319;
+  SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE = 320;
+  SSL_R_SSL3_SESSION_ID_TOO_LONG = 300;
+  SSL_R_SSLV3_ALERT_BAD_CERTIFICATE = 1042;
+  SSL_R_SSLV3_ALERT_BAD_RECORD_MAC = 1020;
+  SSL_R_SSLV3_ALERT_CERTIFICATE_EXPIRED = 1045;
+  SSL_R_SSLV3_ALERT_CERTIFICATE_REVOKED = 1044;
+  SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN = 1046;
+  SSL_R_SSLV3_ALERT_DECOMPRESSION_FAILURE = 1030;
+  SSL_R_SSLV3_ALERT_HANDSHAKE_FAILURE = 1040;
+  SSL_R_SSLV3_ALERT_ILLEGAL_PARAMETER = 1047;
+  SSL_R_SSLV3_ALERT_NO_CERTIFICATE = 1041;
+  SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE = 1010;
+  SSL_R_SSLV3_ALERT_UNSUPPORTED_CERTIFICATE = 1043;
+  SSL_R_SSL_COMMAND_SECTION_EMPTY = 117;
+  SSL_R_SSL_COMMAND_SECTION_NOT_FOUND = 125;
+  SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION = 228;
+  SSL_R_SSL_HANDSHAKE_FAILURE = 229;
+  SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS = 230;
+  SSL_R_SSL_NEGATIVE_LENGTH = 372;
+  SSL_R_SSL_SECTION_EMPTY = 126;
+  SSL_R_SSL_SECTION_NOT_FOUND = 136;
+  SSL_R_SSL_SESSION_ID_CALLBACK_FAILED = 301;
+  SSL_R_SSL_SESSION_ID_CONFLICT = 302;
+  SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG = 273;
+  SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH = 303;
+  SSL_R_SSL_SESSION_ID_TOO_LONG = 408;
+  SSL_R_SSL_SESSION_VERSION_MISMATCH = 210;
+  SSL_R_STILL_IN_INIT = 121;
+  SSL_R_TLSV13_ALERT_CERTIFICATE_REQUIRED = 1116;
+  SSL_R_TLSV13_ALERT_MISSING_EXTENSION = 1109;
+  SSL_R_TLSV1_ALERT_ACCESS_DENIED = 1049;
+  SSL_R_TLSV1_ALERT_DECODE_ERROR = 1050;
+  SSL_R_TLSV1_ALERT_DECRYPTION_FAILED = 1021;
+  SSL_R_TLSV1_ALERT_DECRYPT_ERROR = 1051;
+  SSL_R_TLSV1_ALERT_EXPORT_RESTRICTION = 1060;
+  SSL_R_TLSV1_ALERT_INAPPROPRIATE_FALLBACK = 1086;
+  SSL_R_TLSV1_ALERT_INSUFFICIENT_SECURITY = 1071;
+  SSL_R_TLSV1_ALERT_INTERNAL_ERROR = 1080;
+  SSL_R_TLSV1_ALERT_NO_RENEGOTIATION = 1100;
+  SSL_R_TLSV1_ALERT_PROTOCOL_VERSION = 1070;
+  SSL_R_TLSV1_ALERT_RECORD_OVERFLOW = 1022;
+  SSL_R_TLSV1_ALERT_UNKNOWN_CA = 1048;
+  SSL_R_TLSV1_ALERT_USER_CANCELLED = 1090;
+  SSL_R_TLSV1_BAD_CERTIFICATE_HASH_VALUE = 1114;
+  SSL_R_TLSV1_BAD_CERTIFICATE_STATUS_RESPONSE = 1113;
+  SSL_R_TLSV1_CERTIFICATE_UNOBTAINABLE = 1111;
+  SSL_R_TLSV1_UNRECOGNIZED_NAME = 1112;
+  SSL_R_TLSV1_UNSUPPORTED_EXTENSION = 1110;
+  SSL_R_TLS_HEARTBEAT_PEER_DOESNT_ACCEPT = 365;
+  SSL_R_TLS_HEARTBEAT_PENDING = 366;
+  SSL_R_TLS_ILLEGAL_EXPORTER_LABEL = 367;
+  SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST = 157;
+  SSL_R_TOO_MANY_KEY_UPDATES = 132;
+  SSL_R_TOO_MANY_WARN_ALERTS = 409;
+  SSL_R_TOO_MUCH_EARLY_DATA = 164;
+  SSL_R_UNABLE_TO_FIND_ECDH_PARAMETERS = 314;
+  SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS = 239;
+  SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES = 242;
+  SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES = 243;
+  SSL_R_UNEXPECTED_CCS_MESSAGE = 262;
+  SSL_R_UNEXPECTED_END_OF_EARLY_DATA = 178;
+  SSL_R_UNEXPECTED_MESSAGE = 244;
+  SSL_R_UNEXPECTED_RECORD = 245;
+  SSL_R_UNINITIALIZED = 276;
+  SSL_R_UNKNOWN_ALERT_TYPE = 246;
+  SSL_R_UNKNOWN_CERTIFICATE_TYPE = 247;
+  SSL_R_UNKNOWN_CIPHER_RETURNED = 248;
+  SSL_R_UNKNOWN_CIPHER_TYPE = 249;
+  SSL_R_UNKNOWN_CMD_NAME = 386;
+  SSL_R_UNKNOWN_COMMAND = 139;
+  SSL_R_UNKNOWN_DIGEST = 368;
+  SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE = 250;
+  SSL_R_UNKNOWN_PKEY_TYPE = 251;
+  SSL_R_UNKNOWN_PROTOCOL = 252;
+  SSL_R_UNKNOWN_SSL_VERSION = 254;
+  SSL_R_UNKNOWN_STATE = 255;
+  SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED = 338;
+  SSL_R_UNSOLICITED_EXTENSION = 217;
+  SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM = 257;
+  SSL_R_UNSUPPORTED_ELLIPTIC_CURVE = 315;
+  SSL_R_UNSUPPORTED_PROTOCOL = 258;
+  SSL_R_UNSUPPORTED_SSL_VERSION = 259;
+  SSL_R_UNSUPPORTED_STATUS_TYPE = 329;
+  SSL_R_USE_SRTP_NOT_NEGOTIATED = 369;
+  SSL_R_VERSION_TOO_HIGH = 166;
+  SSL_R_VERSION_TOO_LOW = 396;
+  SSL_R_WRONG_CERTIFICATE_TYPE = 383;
+  SSL_R_WRONG_CIPHER_RETURNED = 261;
+  SSL_R_WRONG_CURVE = 378;
+  SSL_R_WRONG_SIGNATURE_LENGTH = 264;
+  SSL_R_WRONG_SIGNATURE_SIZE = 265;
+  SSL_R_WRONG_SIGNATURE_TYPE = 370;
+  SSL_R_WRONG_SSL_VERSION = 266;
+  SSL_R_WRONG_VERSION_NUMBER = 267;
+  SSL_R_X509_LIB = 268;
+  SSL_R_X509_VERIFICATION_SETUP_PROBLEMS = 269;
+
+var
+  function ERR_load_SSL_strings: TIdC_INT;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_storeerr.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_storeerr.pas
new file mode 100644
index 000000000..d6cb52962
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_storeerr.pas
@@ -0,0 +1,116 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+unit IdOpenSSLHeaders_storeerr;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// storeerr.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+const
+  (*
+   * OSSL_STORE function codes.
+   *)
+  OSSL_STORE_F_FILE_CTRL = 129;
+  OSSL_STORE_F_FILE_FIND = 138;
+  OSSL_STORE_F_FILE_GET_PASS = 118;
+  OSSL_STORE_F_FILE_LOAD = 119;
+  OSSL_STORE_F_FILE_LOAD_TRY_DECODE = 124;
+  OSSL_STORE_F_FILE_NAME_TO_URI = 126;
+  OSSL_STORE_F_FILE_OPEN = 120;
+  OSSL_STORE_F_OSSL_STORE_ATTACH_PEM_BIO = 127;
+  OSSL_STORE_F_OSSL_STORE_EXPECT = 130;
+  OSSL_STORE_F_OSSL_STORE_FILE_ATTACH_PEM_BIO_INT = 128;
+  OSSL_STORE_F_OSSL_STORE_FIND = 131;
+  OSSL_STORE_F_OSSL_STORE_GET0_LOADER_INT = 100;
+  OSSL_STORE_F_OSSL_STORE_INFO_GET1_CERT = 101;
+  OSSL_STORE_F_OSSL_STORE_INFO_GET1_CRL = 102;
+  OSSL_STORE_F_OSSL_STORE_INFO_GET1_NAME = 103;
+  OSSL_STORE_F_OSSL_STORE_INFO_GET1_NAME_DESCRIPTION = 135;
+  OSSL_STORE_F_OSSL_STORE_INFO_GET1_PARAMS = 104;
+  OSSL_STORE_F_OSSL_STORE_INFO_GET1_PKEY = 105;
+  OSSL_STORE_F_OSSL_STORE_INFO_NEW_CERT = 106;
+  OSSL_STORE_F_OSSL_STORE_INFO_NEW_CRL = 107;
+  OSSL_STORE_F_OSSL_STORE_INFO_NEW_EMBEDDED = 123;
+  OSSL_STORE_F_OSSL_STORE_INFO_NEW_NAME = 109;
+  OSSL_STORE_F_OSSL_STORE_INFO_NEW_PARAMS = 110;
+  OSSL_STORE_F_OSSL_STORE_INFO_NEW_PKEY = 111;
+  OSSL_STORE_F_OSSL_STORE_INFO_SET0_NAME_DESCRIPTION = 134;
+  OSSL_STORE_F_OSSL_STORE_INIT_ONCE = 112;
+  OSSL_STORE_F_OSSL_STORE_LOADER_NEW = 113;
+  OSSL_STORE_F_OSSL_STORE_OPEN = 114;
+  OSSL_STORE_F_OSSL_STORE_OPEN_INT = 115;
+  OSSL_STORE_F_OSSL_STORE_REGISTER_LOADER_INT = 117;
+  OSSL_STORE_F_OSSL_STORE_SEARCH_BY_ALIAS = 132;
+  OSSL_STORE_F_OSSL_STORE_SEARCH_BY_ISSUER_SERIAL = 133;
+  OSSL_STORE_F_OSSL_STORE_SEARCH_BY_KEY_FINGERPRINT = 136;
+  OSSL_STORE_F_OSSL_STORE_SEARCH_BY_NAME = 137;
+  OSSL_STORE_F_OSSL_STORE_UNREGISTER_LOADER_INT = 116;
+  OSSL_STORE_F_TRY_DECODE_PARAMS = 121;
+  OSSL_STORE_F_TRY_DECODE_PKCS12 = 122;
+  OSSL_STORE_F_TRY_DECODE_PKCS8ENCRYPTED = 125;
+
+
+  (*
+   * OSSL_STORE reason codes.
+   *)
+  OSSL_STORE_R_AMBIGUOUS_CONTENT_TYPE = 107;
+  OSSL_STORE_R_BAD_PASSWORD_READ = 115;
+  OSSL_STORE_R_ERROR_VERIFYING_PKCS12_MAC = 113;
+  OSSL_STORE_R_FINGERPRINT_SIZE_DOES_NOT_MATCH_DIGEST = 121;
+  OSSL_STORE_R_INVALID_SCHEME = 106;
+  OSSL_STORE_R_IS_NOT_A = 112;
+  OSSL_STORE_R_LOADER_INCOMPLETE = 116;
+  OSSL_STORE_R_LOADING_STARTED = 117;
+  OSSL_STORE_R_NOT_A_CERTIFICATE = 100;
+  OSSL_STORE_R_NOT_A_CRL = 101;
+  OSSL_STORE_R_NOT_A_KEY = 102;
+  OSSL_STORE_R_NOT_A_NAME = 103;
+  OSSL_STORE_R_NOT_PARAMETERS = 104;
+  OSSL_STORE_R_PASSPHRASE_CALLBACK_ERROR = 114;
+  OSSL_STORE_R_PATH_MUST_BE_ABSOLUTE = 108;
+  OSSL_STORE_R_SEARCH_ONLY_SUPPORTED_FOR_DIRECTORIES = 119;
+  OSSL_STORE_R_UI_PROCESS_INTERRUPTED_OR_CANCELLED = 109;
+  OSSL_STORE_R_UNREGISTERED_SCHEME = 105;
+  OSSL_STORE_R_UNSUPPORTED_CONTENT_TYPE = 110;
+  OSSL_STORE_R_UNSUPPORTED_OPERATION = 118;
+  OSSL_STORE_R_UNSUPPORTED_SEARCH_TYPE = 120;
+  OSSL_STORE_R_URI_AUTHORITY_UNSUPPORTED = 111;
+
+var
+  function ERR_load_OSSL_STORE_strings: TIdC_INT;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_tls1.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_tls1.pas
new file mode 100644
index 000000000..74e7112ca
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_tls1.pas
@@ -0,0 +1,1206 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+unit IdOpenSSLHeaders_tls1;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// tls1.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts,
+  IdOpenSSLHeaders_ossl_typ;
+
+const
+  (* Default security level if not overridden at config time *)
+  OPENSSL_TLS_SECURITY_LEVEL = 1;
+
+  TLS1_VERSION = $0301;
+  TLS1_1_VERSION = $0302;
+  TLS1_2_VERSION = $0303;
+  TLS1_3_VERSION = $0304;
+  TLS_MAX_VERSION = TLS1_3_VERSION;
+
+  (* Special value for method supporting multiple versions *)
+  TLS_ANY_VERSION = $10000;
+
+  TLS1_VERSION_MAJOR = $03;
+  TLS1_VERSION_MINOR = $01;
+
+  TLS1_1_VERSION_MAJOR = $03;
+  TLS1_1_VERSION_MINOR = $02;
+
+  TLS1_2_VERSION_MAJOR = $03;
+  TLS1_2_VERSION_MINOR = $03;
+
+
+//# define TLS1_get_version(s) \
+//        ((SSL_version(s) >> 8) == TLS1_VERSION_MAJOR ? SSL_version(s) : 0)
+//
+//# define TLS1_get_client_version(s) \
+//        ((SSL_client_version(s) >> 8) == TLS1_VERSION_MAJOR ? SSL_client_version(s) : 0)
+
+  TLS1_AD_DECRYPTION_FAILED = 21;
+  TLS1_AD_RECORD_OVERFLOW = 22;
+  TLS1_AD_UNKNOWN_CA = 48; (* fatal *)
+  TLS1_AD_ACCESS_DENIED = 49; (* fatal *)
+  TLS1_AD_DECODE_ERROR = 50; (* fatal *)
+  TLS1_AD_DECRYPT_ERROR = 51;
+  TLS1_AD_EXPORT_RESTRICTION = 60; (* fatal *)
+  TLS1_AD_PROTOCOL_VERSION = 70; (* fatal *)
+  TLS1_AD_INSUFFICIENT_SECURITY = 71; (* fatal *)
+  TLS1_AD_INTERNAL_ERROR = 80; (* fatal *)
+  TLS1_AD_INAPPROPRIATE_FALLBACK = 86; (* fatal *)
+  TLS1_AD_USER_CANCELLED = 90;
+  TLS1_AD_NO_RENEGOTIATION = 100;
+  (* TLSv1.3 alerts *)
+  TLS13_AD_MISSING_EXTENSION = 109; (* fatal *)
+  TLS13_AD_CERTIFICATE_REQUIRED = 116; (* fatal *)
+  (* codes 110-114 are from RFC3546 *)
+  TLS1_AD_UNSUPPORTED_EXTENSION = 110;
+  TLS1_AD_CERTIFICATE_UNOBTAINABLE = 111;
+  TLS1_AD_UNRECOGNIZED_NAME = 112;
+  TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE = 113;
+  TLS1_AD_BAD_CERTIFICATE_HASH_VALUE = 114;
+  TLS1_AD_UNKNOWN_PSK_IDENTITY = 115; (* fatal *)
+  TLS1_AD_NO_APPLICATION_PROTOCOL = 120; (* fatal *)
+
+  (* ExtensionType values from RFC3546 / RFC4366 / RFC6066 *)
+  TLSEXT_TYPE_server_name = 0;
+  TLSEXT_TYPE_max_fragment_length = 1;
+  TLSEXT_TYPE_client_certificate_url = 2;
+  TLSEXT_TYPE_trusted_ca_keys = 3;
+  TLSEXT_TYPE_truncated_hmac = 4;
+  TLSEXT_TYPE_status_request = 5;
+  (* ExtensionType values from RFC4681 *)
+  TLSEXT_TYPE_user_mapping = 6;
+  (* ExtensionType values from RFC5878 *)
+  TLSEXT_TYPE_client_authz = 7;
+  TLSEXT_TYPE_server_authz = 8;
+  (* ExtensionType values from RFC6091 *)
+  TLSEXT_TYPE_cert_type = 9;
+
+  (* ExtensionType values from RFC4492 *)
+  (*
+   * Prior to TLSv1.3 the supported_groups extension was known as
+   * elliptic_curves
+   *)
+  TLSEXT_TYPE_supported_groups = 10;
+  TLSEXT_TYPE_elliptic_curves = TLSEXT_TYPE_supported_groups;
+  TLSEXT_TYPE_ec_poTIdC_INT_formats = 11;
+
+  (* ExtensionType value from RFC5054 *)
+  TLSEXT_TYPE_srp = 12;
+  (* ExtensionType values from RFC5246 *)
+  TLSEXT_TYPE_signature_algorithms = 13;
+
+  (* ExtensionType value from RFC5764 *)
+  TLSEXT_TYPE_use_srtp = 14;
+
+  (* ExtensionType value from RFC5620 *)
+  TLSEXT_TYPE_heartbeat = 15;
+
+  (* ExtensionType value from RFC7301 *)
+  TLSEXT_TYPE_application_layer_protocol_negotiation = 16;
+
+  (*
+   * Extension type for Certificate Transparency
+   * https://tools.ietf.org/html/rfc6962#section-3.3.1
+   *)
+  TLSEXT_TYPE_signed_certificate_timestamp = 18;
+
+  (*
+   * ExtensionType value for TLS padding extension.
+   * http://tools.ietf.org/html/draft-agl-tls-padding
+   *)
+  TLSEXT_TYPE_padding = 21;
+
+  (* ExtensionType value from RFC7366 *)
+  TLSEXT_TYPE_encrypt_then_mac = 22;
+
+  (* ExtensionType value from RFC7627 *)
+  TLSEXT_TYPE_extended_master_secret = 23;
+
+  (* ExtensionType value from RFC4507 *)
+  TLSEXT_TYPE_session_ticket = 35;
+
+  (* As defined for TLS1.3 *)
+  TLSEXT_TYPE_psk = 41;
+  TLSEXT_TYPE_early_data = 42;
+  TLSEXT_TYPE_supported_versions = 43;
+  TLSEXT_TYPE_cookie = 44;
+  TLSEXT_TYPE_psk_kex_modes = 45;
+  TLSEXT_TYPE_certificate_authorities = 47;
+  TLSEXT_TYPE_post_handshake_auth = 49;
+  TLSEXT_TYPE_signature_algorithms_cert = 50;
+  TLSEXT_TYPE_key_share = 51;
+
+  (* Temporary extension type *)
+  TLSEXT_TYPE_renegotiate = $ff01;
+
+  (* This is not an IANA defined extension number *)
+  TLSEXT_TYPE_next_proto_neg = 13172;
+
+  (* NameType value from RFC3546 *)
+  TLSEXT_NAMETYPE_host_name = 0;
+  (* status request value from RFC3546 *)
+  TLSEXT_STATUSTYPE_ocsp = 1;
+
+  (* ECPoTIdC_INTFormat values from RFC4492 *)
+  TLSEXT_ECPOTIdC_INTFORMAT_first = 0;
+  TLSEXT_ECPOTIdC_INTFORMAT_uncompressed = 0;
+  TLSEXT_ECPOTIdC_INTFORMAT_ansiX962_compressed_prime = 1;
+  TLSEXT_ECPOTIdC_INTFORMAT_ansiX962_compressed_PIdAnsiChar2 = 2;
+  TLSEXT_ECPOTIdC_INTFORMAT_last = 2;
+
+  (* Signature and hash algorithms from RFC5246 *)
+  TLSEXT_signature_anonymous = 0;
+  TLSEXT_signature_rsa = 1;
+  TLSEXT_signature_dsa = 2;
+  TLSEXT_signature_ecdsa = 3;
+  TLSEXT_signature_gostr34102001 = 237;
+  TLSEXT_signature_gostr34102012_256 = 238;
+  TLSEXT_signature_gostr34102012_512 = 239;
+
+  (* Total number of different signature algorithms *)
+  TLSEXT_signature_num = 7;
+
+  TLSEXT_hash_none = 0;
+  TLSEXT_hash_md5 = 1;
+  TLSEXT_hash_sha1 = 2;
+  TLSEXT_hash_sha224 = 3;
+  TLSEXT_hash_sha256 = 4;
+  TLSEXT_hash_sha384 = 5;
+  TLSEXT_hash_sha512 = 6;
+  TLSEXT_hash_gostr3411 = 237;
+  TLSEXT_hash_gostr34112012_256 = 238;
+  TLSEXT_hash_gostr34112012_512 = 239;
+
+  (* Total number of different digest algorithms *)
+  TLSEXT_hash_num = 10;
+
+  (* Flag set for unrecognised algorithms *)
+  TLSEXT_nid_unknown = $1000000;
+
+  (* ECC curves *)
+  TLSEXT_curve_P_256 = 23;
+  TLSEXT_curve_P_384 = 24;
+
+  (* OpenSSL value to disable maximum fragment length extension *)
+  TLSEXT_max_fragment_length_DISABLED = 0;
+  (* Allowed values for max fragment length extension *)
+  TLSEXT_max_fragment_length_512 = 1;
+  TLSEXT_max_fragment_length_1024 = 2;
+  TLSEXT_max_fragment_length_2048 = 3;
+  TLSEXT_max_fragment_length_4096 = 4;
+
+  TLSEXT_MAXLEN_host_name = 255;
+
+  SSL_TLSEXT_ERR_OK = 0;
+  SSL_TLSEXT_ERR_ALERT_WARNING = 1;
+  SSL_TLSEXT_ERR_ALERT_FATAL = 2;
+  SSL_TLSEXT_ERR_NOACK = 3;
+
+  SSL_DTLSEXT_HB_ENABLED = $01;
+  SSL_DTLSEXT_HB_DONT_SEND_REQUESTS = $02;
+  SSL_DTLSEXT_HB_DONT_RECV_REQUESTS = $04;
+
+  (* PSK ciphersuites from 4279 *)
+  TLS1_CK_PSK_WITH_RC4_128_SHA = $0300008A;
+  TLS1_CK_PSK_WITH_3DES_EDE_CBC_SHA = $0300008B;
+  TLS1_CK_PSK_WITH_AES_128_CBC_SHA = $0300008C;
+  TLS1_CK_PSK_WITH_AES_256_CBC_SHA = $0300008D;
+  TLS1_CK_DHE_PSK_WITH_RC4_128_SHA = $0300008E;
+  TLS1_CK_DHE_PSK_WITH_3DES_EDE_CBC_SHA = $0300008F;
+  TLS1_CK_DHE_PSK_WITH_AES_128_CBC_SHA = $03000090;
+  TLS1_CK_DHE_PSK_WITH_AES_256_CBC_SHA = $03000091;
+  TLS1_CK_RSA_PSK_WITH_RC4_128_SHA = $03000092;
+  TLS1_CK_RSA_PSK_WITH_3DES_EDE_CBC_SHA = $03000093;
+  TLS1_CK_RSA_PSK_WITH_AES_128_CBC_SHA = $03000094;
+  TLS1_CK_RSA_PSK_WITH_AES_256_CBC_SHA = $03000095;
+
+  (* PSK ciphersuites from 5487 *)
+  TLS1_CK_PSK_WITH_AES_128_GCM_SHA256 = $030000A8;
+  TLS1_CK_PSK_WITH_AES_256_GCM_SHA384 = $030000A9;
+  TLS1_CK_DHE_PSK_WITH_AES_128_GCM_SHA256 = $030000AA;
+  TLS1_CK_DHE_PSK_WITH_AES_256_GCM_SHA384 = $030000AB;
+  TLS1_CK_RSA_PSK_WITH_AES_128_GCM_SHA256 = $030000AC;
+  TLS1_CK_RSA_PSK_WITH_AES_256_GCM_SHA384 = $030000AD;
+  TLS1_CK_PSK_WITH_AES_128_CBC_SHA256 = $030000AE;
+  TLS1_CK_PSK_WITH_AES_256_CBC_SHA384 = $030000AF;
+  TLS1_CK_PSK_WITH_NULL_SHA256 = $030000B0;
+  TLS1_CK_PSK_WITH_NULL_SHA384 = $030000B1;
+  TLS1_CK_DHE_PSK_WITH_AES_128_CBC_SHA256 = $030000B2;
+  TLS1_CK_DHE_PSK_WITH_AES_256_CBC_SHA384 = $030000B3;
+  TLS1_CK_DHE_PSK_WITH_NULL_SHA256 = $030000B4;
+  TLS1_CK_DHE_PSK_WITH_NULL_SHA384 = $030000B5;
+  TLS1_CK_RSA_PSK_WITH_AES_128_CBC_SHA256 = $030000B6;
+  TLS1_CK_RSA_PSK_WITH_AES_256_CBC_SHA384 = $030000B7;
+  TLS1_CK_RSA_PSK_WITH_NULL_SHA256 = $030000B8;
+  TLS1_CK_RSA_PSK_WITH_NULL_SHA384 = $030000B9;
+
+  (* NULL PSK ciphersuites from RFC4785 *)
+  TLS1_CK_PSK_WITH_NULL_SHA = $0300002C;
+  TLS1_CK_DHE_PSK_WITH_NULL_SHA = $0300002D;
+  TLS1_CK_RSA_PSK_WITH_NULL_SHA = $0300002E;
+
+  (* AES ciphersuites from RFC3268 *)
+  TLS1_CK_RSA_WITH_AES_128_SHA = $0300002F;
+  TLS1_CK_DH_DSS_WITH_AES_128_SHA = $03000030;
+  TLS1_CK_DH_RSA_WITH_AES_128_SHA = $03000031;
+  TLS1_CK_DHE_DSS_WITH_AES_128_SHA = $03000032;
+  TLS1_CK_DHE_RSA_WITH_AES_128_SHA = $03000033;
+  TLS1_CK_ADH_WITH_AES_128_SHA = $03000034;
+  TLS1_CK_RSA_WITH_AES_256_SHA = $03000035;
+  TLS1_CK_DH_DSS_WITH_AES_256_SHA = $03000036;
+  TLS1_CK_DH_RSA_WITH_AES_256_SHA = $03000037;
+  TLS1_CK_DHE_DSS_WITH_AES_256_SHA = $03000038;
+  TLS1_CK_DHE_RSA_WITH_AES_256_SHA = $03000039;
+  TLS1_CK_ADH_WITH_AES_256_SHA = $0300003A;
+
+  (* TLS v1.2 ciphersuites *)
+  TLS1_CK_RSA_WITH_NULL_SHA256 = $0300003B;
+  TLS1_CK_RSA_WITH_AES_128_SHA256 = $0300003C;
+  TLS1_CK_RSA_WITH_AES_256_SHA256 = $0300003D;
+  TLS1_CK_DH_DSS_WITH_AES_128_SHA256 = $0300003E;
+  TLS1_CK_DH_RSA_WITH_AES_128_SHA256 = $0300003F;
+  TLS1_CK_DHE_DSS_WITH_AES_128_SHA256 = $03000040;
+
+  (* Camellia ciphersuites from RFC4132 *)
+  TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA = $03000041;
+  TLS1_CK_DH_DSS_WITH_CAMELLIA_128_CBC_SHA = $03000042;
+  TLS1_CK_DH_RSA_WITH_CAMELLIA_128_CBC_SHA = $03000043;
+  TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA = $03000044;
+  TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA = $03000045;
+  TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA = $03000046;
+
+  (* TLS v1.2 ciphersuites *)
+  TLS1_CK_DHE_RSA_WITH_AES_128_SHA256 = $03000067;
+  TLS1_CK_DH_DSS_WITH_AES_256_SHA256 = $03000068;
+  TLS1_CK_DH_RSA_WITH_AES_256_SHA256 = $03000069;
+  TLS1_CK_DHE_DSS_WITH_AES_256_SHA256 = $0300006A;
+  TLS1_CK_DHE_RSA_WITH_AES_256_SHA256 = $0300006B;
+  TLS1_CK_ADH_WITH_AES_128_SHA256 = $0300006C;
+  TLS1_CK_ADH_WITH_AES_256_SHA256 = $0300006D;
+
+  (* Camellia ciphersuites from RFC4132 *)
+  TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA = $03000084;
+  TLS1_CK_DH_DSS_WITH_CAMELLIA_256_CBC_SHA = $03000085;
+  TLS1_CK_DH_RSA_WITH_CAMELLIA_256_CBC_SHA = $03000086;
+  TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA = $03000087;
+  TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA = $03000088;
+  TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA = $03000089;
+
+  (* SEED ciphersuites from RFC4162 *)
+  TLS1_CK_RSA_WITH_SEED_SHA = $03000096;
+  TLS1_CK_DH_DSS_WITH_SEED_SHA = $03000097;
+  TLS1_CK_DH_RSA_WITH_SEED_SHA = $03000098;
+  TLS1_CK_DHE_DSS_WITH_SEED_SHA = $03000099;
+  TLS1_CK_DHE_RSA_WITH_SEED_SHA = $0300009A;
+  TLS1_CK_ADH_WITH_SEED_SHA = $0300009B;
+
+  (* TLS v1.2 GCM ciphersuites from RFC5288 *)
+  TLS1_CK_RSA_WITH_AES_128_GCM_SHA256 = $0300009C;
+  TLS1_CK_RSA_WITH_AES_256_GCM_SHA384 = $0300009D;
+  TLS1_CK_DHE_RSA_WITH_AES_128_GCM_SHA256 = $0300009E;
+  TLS1_CK_DHE_RSA_WITH_AES_256_GCM_SHA384 = $0300009F;
+  TLS1_CK_DH_RSA_WITH_AES_128_GCM_SHA256 = $030000A0;
+  TLS1_CK_DH_RSA_WITH_AES_256_GCM_SHA384 = $030000A1;
+  TLS1_CK_DHE_DSS_WITH_AES_128_GCM_SHA256 = $030000A2;
+  TLS1_CK_DHE_DSS_WITH_AES_256_GCM_SHA384 = $030000A3;
+  TLS1_CK_DH_DSS_WITH_AES_128_GCM_SHA256 = $030000A4;
+  TLS1_CK_DH_DSS_WITH_AES_256_GCM_SHA384 = $030000A5;
+  TLS1_CK_ADH_WITH_AES_128_GCM_SHA256 = $030000A6;
+  TLS1_CK_ADH_WITH_AES_256_GCM_SHA384 = $030000A7;
+
+  (* CCM ciphersuites from RFC6655 *)
+  TLS1_CK_RSA_WITH_AES_128_CCM = $0300C09C;
+  TLS1_CK_RSA_WITH_AES_256_CCM = $0300C09D;
+  TLS1_CK_DHE_RSA_WITH_AES_128_CCM = $0300C09E;
+  TLS1_CK_DHE_RSA_WITH_AES_256_CCM = $0300C09F;
+  TLS1_CK_RSA_WITH_AES_128_CCM_8 = $0300C0A0;
+  TLS1_CK_RSA_WITH_AES_256_CCM_8 = $0300C0A1;
+  TLS1_CK_DHE_RSA_WITH_AES_128_CCM_8 = $0300C0A2;
+  TLS1_CK_DHE_RSA_WITH_AES_256_CCM_8 = $0300C0A3;
+  TLS1_CK_PSK_WITH_AES_128_CCM = $0300C0A4;
+  TLS1_CK_PSK_WITH_AES_256_CCM = $0300C0A5;
+  TLS1_CK_DHE_PSK_WITH_AES_128_CCM = $0300C0A6;
+  TLS1_CK_DHE_PSK_WITH_AES_256_CCM = $0300C0A7;
+  TLS1_CK_PSK_WITH_AES_128_CCM_8 = $0300C0A8;
+  TLS1_CK_PSK_WITH_AES_256_CCM_8 = $0300C0A9;
+  TLS1_CK_DHE_PSK_WITH_AES_128_CCM_8 = $0300C0AA;
+  TLS1_CK_DHE_PSK_WITH_AES_256_CCM_8 = $0300C0AB;
+
+  (* CCM ciphersuites from RFC7251 *)
+  TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CCM = $0300C0AC;
+  TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CCM = $0300C0AD;
+  TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CCM_8 = $0300C0AE;
+  TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CCM_8 = $0300C0AF;
+
+  (* TLS 1.2 Camellia SHA-256 ciphersuites from RFC5932 *)
+  TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA256 = $030000BA;
+  TLS1_CK_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256 = $030000BB;
+  TLS1_CK_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256 = $030000BC;
+  TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256 = $030000BD;
+  TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 = $030000BE;
+  TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA256 = $030000BF;
+
+  TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA256 = $030000C0;
+  TLS1_CK_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256 = $030000C1;
+  TLS1_CK_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256 = $030000C2;
+  TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256 = $030000C3;
+  TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 = $030000C4;
+  TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA256 = $030000C5;
+
+  (* ECC ciphersuites from RFC4492 *)
+  TLS1_CK_ECDH_ECDSA_WITH_NULL_SHA = $0300C001;
+  TLS1_CK_ECDH_ECDSA_WITH_RC4_128_SHA = $0300C002;
+  TLS1_CK_ECDH_ECDSA_WITH_DES_192_CBC3_SHA = $0300C003;
+  TLS1_CK_ECDH_ECDSA_WITH_AES_128_CBC_SHA = $0300C004;
+  TLS1_CK_ECDH_ECDSA_WITH_AES_256_CBC_SHA = $0300C005;
+
+  TLS1_CK_ECDHE_ECDSA_WITH_NULL_SHA = $0300C006;
+  TLS1_CK_ECDHE_ECDSA_WITH_RC4_128_SHA = $0300C007;
+  TLS1_CK_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA = $0300C008;
+  TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CBC_SHA = $0300C009;
+  TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA = $0300C00A;
+
+  TLS1_CK_ECDH_RSA_WITH_NULL_SHA = $0300C00B;
+  TLS1_CK_ECDH_RSA_WITH_RC4_128_SHA = $0300C00C;
+  TLS1_CK_ECDH_RSA_WITH_DES_192_CBC3_SHA = $0300C00D;
+  TLS1_CK_ECDH_RSA_WITH_AES_128_CBC_SHA = $0300C00E;
+  TLS1_CK_ECDH_RSA_WITH_AES_256_CBC_SHA = $0300C00F;
+
+  TLS1_CK_ECDHE_RSA_WITH_NULL_SHA = $0300C010;
+  TLS1_CK_ECDHE_RSA_WITH_RC4_128_SHA = $0300C011;
+  TLS1_CK_ECDHE_RSA_WITH_DES_192_CBC3_SHA = $0300C012;
+  TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA = $0300C013;
+  TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA = $0300C014;
+
+  TLS1_CK_ECDH_anon_WITH_NULL_SHA = $0300C015;
+  TLS1_CK_ECDH_anon_WITH_RC4_128_SHA = $0300C016;
+  TLS1_CK_ECDH_anon_WITH_DES_192_CBC3_SHA = $0300C017;
+  TLS1_CK_ECDH_anon_WITH_AES_128_CBC_SHA = $0300C018;
+  TLS1_CK_ECDH_anon_WITH_AES_256_CBC_SHA = $0300C019;
+
+  (* SRP ciphersuites from RFC 5054 *)
+  TLS1_CK_SRP_SHA_WITH_3DES_EDE_CBC_SHA = $0300C01A;
+  TLS1_CK_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA = $0300C01B;
+  TLS1_CK_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA = $0300C01C;
+  TLS1_CK_SRP_SHA_WITH_AES_128_CBC_SHA = $0300C01D;
+  TLS1_CK_SRP_SHA_RSA_WITH_AES_128_CBC_SHA = $0300C01E;
+  TLS1_CK_SRP_SHA_DSS_WITH_AES_128_CBC_SHA = $0300C01F;
+  TLS1_CK_SRP_SHA_WITH_AES_256_CBC_SHA = $0300C020;
+  TLS1_CK_SRP_SHA_RSA_WITH_AES_256_CBC_SHA = $0300C021;
+  TLS1_CK_SRP_SHA_DSS_WITH_AES_256_CBC_SHA = $0300C022;
+
+  (* ECDH HMAC based ciphersuites from RFC5289 *)
+  TLS1_CK_ECDHE_ECDSA_WITH_AES_128_SHA256 = $0300C023;
+  TLS1_CK_ECDHE_ECDSA_WITH_AES_256_SHA384 = $0300C024;
+  TLS1_CK_ECDH_ECDSA_WITH_AES_128_SHA256 = $0300C025;
+  TLS1_CK_ECDH_ECDSA_WITH_AES_256_SHA384 = $0300C026;
+  TLS1_CK_ECDHE_RSA_WITH_AES_128_SHA256 = $0300C027;
+  TLS1_CK_ECDHE_RSA_WITH_AES_256_SHA384 = $0300C028;
+  TLS1_CK_ECDH_RSA_WITH_AES_128_SHA256 = $0300C029;
+  TLS1_CK_ECDH_RSA_WITH_AES_256_SHA384 = $0300C02A;
+
+  (* ECDH GCM based ciphersuites from RFC5289 *)
+  TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 = $0300C02B;
+  TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 = $0300C02C;
+  TLS1_CK_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 = $0300C02D;
+  TLS1_CK_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 = $0300C02E;
+  TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256 = $0300C02F;
+  TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384 = $0300C030;
+  TLS1_CK_ECDH_RSA_WITH_AES_128_GCM_SHA256 = $0300C031;
+  TLS1_CK_ECDH_RSA_WITH_AES_256_GCM_SHA384 = $0300C032;
+
+  (* ECDHE PSK ciphersuites from RFC5489 *)
+  TLS1_CK_ECDHE_PSK_WITH_RC4_128_SHA = $0300C033;
+  TLS1_CK_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA = $0300C034;
+  TLS1_CK_ECDHE_PSK_WITH_AES_128_CBC_SHA = $0300C035;
+  TLS1_CK_ECDHE_PSK_WITH_AES_256_CBC_SHA = $0300C036;
+  TLS1_CK_ECDHE_PSK_WITH_AES_128_CBC_SHA256 = $0300C037;
+  TLS1_CK_ECDHE_PSK_WITH_AES_256_CBC_SHA384 = $0300C038;
+  TLS1_CK_ECDHE_PSK_WITH_NULL_SHA = $0300C039;
+
+  TLS1_CK_ECDHE_PSK_WITH_NULL_SHA256 = $0300C03A;
+  TLS1_CK_ECDHE_PSK_WITH_NULL_SHA384 = $0300C03B;
+
+  (* Camellia-CBC ciphersuites from RFC6367 *)
+  TLS1_CK_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 = $0300C072;
+  TLS1_CK_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 = $0300C073;
+  TLS1_CK_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 = $0300C074;
+  TLS1_CK_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 = $0300C075;
+  TLS1_CK_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 = $0300C076;
+  TLS1_CK_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 = $0300C077;
+  TLS1_CK_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 = $0300C078;
+  TLS1_CK_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 = $0300C079;
+
+  TLS1_CK_PSK_WITH_CAMELLIA_128_CBC_SHA256 = $0300C094;
+  TLS1_CK_PSK_WITH_CAMELLIA_256_CBC_SHA384 = $0300C095;
+  TLS1_CK_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 = $0300C096;
+  TLS1_CK_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 = $0300C097;
+  TLS1_CK_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 = $0300C098;
+  TLS1_CK_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 = $0300C099;
+  TLS1_CK_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 = $0300C09A;
+  TLS1_CK_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 = $0300C09B;
+
+  (* draft-ietf-tls-chacha20-poly1305-03 *)
+  TLS1_CK_ECDHE_RSA_WITH_CHACHA20_POLY1305 = $0300CCA8;
+  TLS1_CK_ECDHE_ECDSA_WITH_CHACHA20_POLY1305 = $0300CCA9;
+  TLS1_CK_DHE_RSA_WITH_CHACHA20_POLY1305 = $0300CCAA;
+  TLS1_CK_PSK_WITH_CHACHA20_POLY1305 = $0300CCAB;
+  TLS1_CK_ECDHE_PSK_WITH_CHACHA20_POLY1305 = $0300CCAC;
+  TLS1_CK_DHE_PSK_WITH_CHACHA20_POLY1305 = $0300CCAD;
+  TLS1_CK_RSA_PSK_WITH_CHACHA20_POLY1305 = $0300CCAE;
+
+  (* TLS v1.3 ciphersuites *)
+  TLS1_3_CK_AES_128_GCM_SHA256 = $03001301;
+  TLS1_3_CK_AES_256_GCM_SHA384 = $03001302;
+  TLS1_3_CK_CHACHA20_POLY1305_SHA256 = $03001303;
+  TLS1_3_CK_AES_128_CCM_SHA256 = $03001304;
+  TLS1_3_CK_AES_128_CCM_8_SHA256 = $03001305;
+
+  (* Aria ciphersuites from RFC6209 *)
+  TLS1_CK_RSA_WITH_ARIA_128_GCM_SHA256 = $0300C050;
+  TLS1_CK_RSA_WITH_ARIA_256_GCM_SHA384 = $0300C051;
+  TLS1_CK_DHE_RSA_WITH_ARIA_128_GCM_SHA256 = $0300C052;
+  TLS1_CK_DHE_RSA_WITH_ARIA_256_GCM_SHA384 = $0300C053;
+  TLS1_CK_DH_RSA_WITH_ARIA_128_GCM_SHA256 = $0300C054;
+  TLS1_CK_DH_RSA_WITH_ARIA_256_GCM_SHA384 = $0300C055;
+  TLS1_CK_DHE_DSS_WITH_ARIA_128_GCM_SHA256 = $0300C056;
+  TLS1_CK_DHE_DSS_WITH_ARIA_256_GCM_SHA384 = $0300C057;
+  TLS1_CK_DH_DSS_WITH_ARIA_128_GCM_SHA256 = $0300C058;
+  TLS1_CK_DH_DSS_WITH_ARIA_256_GCM_SHA384 = $0300C059;
+  TLS1_CK_DH_anon_WITH_ARIA_128_GCM_SHA256 = $0300C05A;
+  TLS1_CK_DH_anon_WITH_ARIA_256_GCM_SHA384 = $0300C05B;
+  TLS1_CK_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256 = $0300C05C;
+  TLS1_CK_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384 = $0300C05D;
+  TLS1_CK_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256 = $0300C05E;
+  TLS1_CK_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384 = $0300C05F;
+  TLS1_CK_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 = $0300C060;
+  TLS1_CK_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 = $0300C061;
+  TLS1_CK_ECDH_RSA_WITH_ARIA_128_GCM_SHA256 = $0300C062;
+  TLS1_CK_ECDH_RSA_WITH_ARIA_256_GCM_SHA384 = $0300C063;
+  TLS1_CK_PSK_WITH_ARIA_128_GCM_SHA256 = $0300C06A;
+  TLS1_CK_PSK_WITH_ARIA_256_GCM_SHA384 = $0300C06B;
+  TLS1_CK_DHE_PSK_WITH_ARIA_128_GCM_SHA256 = $0300C06C;
+  TLS1_CK_DHE_PSK_WITH_ARIA_256_GCM_SHA384 = $0300C06D;
+  TLS1_CK_RSA_PSK_WITH_ARIA_128_GCM_SHA256 = $0300C06E;
+  TLS1_CK_RSA_PSK_WITH_ARIA_256_GCM_SHA384 = $0300C06F;
+
+  (* a bundle of RFC standard cipher names, generated from ssl3_ciphers[] *)
+  TLS1_RFC_RSA_WITH_AES_128_SHA = 'TLS_RSA_WITH_AES_128_CBC_SHA';
+  TLS1_RFC_DHE_DSS_WITH_AES_128_SHA = 'TLS_DHE_DSS_WITH_AES_128_CBC_SHA';
+  TLS1_RFC_DHE_RSA_WITH_AES_128_SHA = 'TLS_DHE_RSA_WITH_AES_128_CBC_SHA';
+  TLS1_RFC_ADH_WITH_AES_128_SHA = 'TLS_DH_anon_WITH_AES_128_CBC_SHA';
+  TLS1_RFC_RSA_WITH_AES_256_SHA = 'TLS_RSA_WITH_AES_256_CBC_SHA';
+  TLS1_RFC_DHE_DSS_WITH_AES_256_SHA = 'TLS_DHE_DSS_WITH_AES_256_CBC_SHA';
+  TLS1_RFC_DHE_RSA_WITH_AES_256_SHA = 'TLS_DHE_RSA_WITH_AES_256_CBC_SHA';
+  TLS1_RFC_ADH_WITH_AES_256_SHA = 'TLS_DH_anon_WITH_AES_256_CBC_SHA';
+  TLS1_RFC_RSA_WITH_NULL_SHA256 = 'TLS_RSA_WITH_NULL_SHA256';
+  TLS1_RFC_RSA_WITH_AES_128_SHA256 = 'TLS_RSA_WITH_AES_128_CBC_SHA256';
+  TLS1_RFC_RSA_WITH_AES_256_SHA256 = 'TLS_RSA_WITH_AES_256_CBC_SHA256';
+  TLS1_RFC_DHE_DSS_WITH_AES_128_SHA256 = 'TLS_DHE_DSS_WITH_AES_128_CBC_SHA256';
+  TLS1_RFC_DHE_RSA_WITH_AES_128_SHA256 = 'TLS_DHE_RSA_WITH_AES_128_CBC_SHA256';
+  TLS1_RFC_DHE_DSS_WITH_AES_256_SHA256 = 'TLS_DHE_DSS_WITH_AES_256_CBC_SHA256';
+  TLS1_RFC_DHE_RSA_WITH_AES_256_SHA256 = 'TLS_DHE_RSA_WITH_AES_256_CBC_SHA256';
+  TLS1_RFC_ADH_WITH_AES_128_SHA256 = 'TLS_DH_anon_WITH_AES_128_CBC_SHA256';
+  TLS1_RFC_ADH_WITH_AES_256_SHA256 = 'TLS_DH_anon_WITH_AES_256_CBC_SHA256';
+  TLS1_RFC_RSA_WITH_AES_128_GCM_SHA256 = 'TLS_RSA_WITH_AES_128_GCM_SHA256';
+  TLS1_RFC_RSA_WITH_AES_256_GCM_SHA384 = 'TLS_RSA_WITH_AES_256_GCM_SHA384';
+  TLS1_RFC_DHE_RSA_WITH_AES_128_GCM_SHA256 = 'TLS_DHE_RSA_WITH_AES_128_GCM_SHA256';
+  TLS1_RFC_DHE_RSA_WITH_AES_256_GCM_SHA384 = 'TLS_DHE_RSA_WITH_AES_256_GCM_SHA384';
+  TLS1_RFC_DHE_DSS_WITH_AES_128_GCM_SHA256 = 'TLS_DHE_DSS_WITH_AES_128_GCM_SHA256';
+  TLS1_RFC_DHE_DSS_WITH_AES_256_GCM_SHA384 = 'TLS_DHE_DSS_WITH_AES_256_GCM_SHA384';
+  TLS1_RFC_ADH_WITH_AES_128_GCM_SHA256 = 'TLS_DH_anon_WITH_AES_128_GCM_SHA256';
+  TLS1_RFC_ADH_WITH_AES_256_GCM_SHA384 = 'TLS_DH_anon_WITH_AES_256_GCM_SHA384';
+  TLS1_RFC_RSA_WITH_AES_128_CCM = 'TLS_RSA_WITH_AES_128_CCM';
+  TLS1_RFC_RSA_WITH_AES_256_CCM = 'TLS_RSA_WITH_AES_256_CCM';
+  TLS1_RFC_DHE_RSA_WITH_AES_128_CCM = 'TLS_DHE_RSA_WITH_AES_128_CCM';
+  TLS1_RFC_DHE_RSA_WITH_AES_256_CCM = 'TLS_DHE_RSA_WITH_AES_256_CCM';
+  TLS1_RFC_RSA_WITH_AES_128_CCM_8 = 'TLS_RSA_WITH_AES_128_CCM_8';
+  TLS1_RFC_RSA_WITH_AES_256_CCM_8 = 'TLS_RSA_WITH_AES_256_CCM_8';
+  TLS1_RFC_DHE_RSA_WITH_AES_128_CCM_8 = 'TLS_DHE_RSA_WITH_AES_128_CCM_8';
+  TLS1_RFC_DHE_RSA_WITH_AES_256_CCM_8 = 'TLS_DHE_RSA_WITH_AES_256_CCM_8';
+  TLS1_RFC_PSK_WITH_AES_128_CCM = 'TLS_PSK_WITH_AES_128_CCM';
+  TLS1_RFC_PSK_WITH_AES_256_CCM = 'TLS_PSK_WITH_AES_256_CCM';
+  TLS1_RFC_DHE_PSK_WITH_AES_128_CCM = 'TLS_DHE_PSK_WITH_AES_128_CCM';
+  TLS1_RFC_DHE_PSK_WITH_AES_256_CCM = 'TLS_DHE_PSK_WITH_AES_256_CCM';
+  TLS1_RFC_PSK_WITH_AES_128_CCM_8 = 'TLS_PSK_WITH_AES_128_CCM_8';
+  TLS1_RFC_PSK_WITH_AES_256_CCM_8 = 'TLS_PSK_WITH_AES_256_CCM_8';
+  TLS1_RFC_DHE_PSK_WITH_AES_128_CCM_8 = 'TLS_PSK_DHE_WITH_AES_128_CCM_8';
+  TLS1_RFC_DHE_PSK_WITH_AES_256_CCM_8 = 'TLS_PSK_DHE_WITH_AES_256_CCM_8';
+  TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_CCM = 'TLS_ECDHE_ECDSA_WITH_AES_128_CCM';
+  TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_CCM = 'TLS_ECDHE_ECDSA_WITH_AES_256_CCM';
+  TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_CCM_8 = 'TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8';
+  TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_CCM_8 = 'TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8';
+  TLS1_3_RFC_AES_128_GCM_SHA256 = 'TLS_AES_128_GCM_SHA256';
+  TLS1_3_RFC_AES_256_GCM_SHA384 = 'TLS_AES_256_GCM_SHA384';
+  TLS1_3_RFC_CHACHA20_POLY1305_SHA256 = 'TLS_CHACHA20_POLY1305_SHA256';
+  TLS1_3_RFC_AES_128_CCM_SHA256 = 'TLS_AES_128_CCM_SHA256';
+  TLS1_3_RFC_AES_128_CCM_8_SHA256 = 'TLS_AES_128_CCM_8_SHA256';
+  TLS1_RFC_ECDHE_ECDSA_WITH_NULL_SHA = 'TLS_ECDHE_ECDSA_WITH_NULL_SHA';
+  TLS1_RFC_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA = 'TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA';
+  TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_CBC_SHA = 'TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA';
+  TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_CBC_SHA = 'TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA';
+  TLS1_RFC_ECDHE_RSA_WITH_NULL_SHA = 'TLS_ECDHE_RSA_WITH_NULL_SHA';
+  TLS1_RFC_ECDHE_RSA_WITH_DES_192_CBC3_SHA = 'TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA';
+  TLS1_RFC_ECDHE_RSA_WITH_AES_128_CBC_SHA = 'TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA';
+  TLS1_RFC_ECDHE_RSA_WITH_AES_256_CBC_SHA = 'TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA';
+  TLS1_RFC_ECDH_anon_WITH_NULL_SHA = 'TLS_ECDH_anon_WITH_NULL_SHA';
+  TLS1_RFC_ECDH_anon_WITH_DES_192_CBC3_SHA = 'TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA';
+  TLS1_RFC_ECDH_anon_WITH_AES_128_CBC_SHA = 'TLS_ECDH_anon_WITH_AES_128_CBC_SHA';
+  TLS1_RFC_ECDH_anon_WITH_AES_256_CBC_SHA = 'TLS_ECDH_anon_WITH_AES_256_CBC_SHA';
+  TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_SHA256 = 'TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256';
+  TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_SHA384 = 'TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384';
+  TLS1_RFC_ECDHE_RSA_WITH_AES_128_SHA256 = 'TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256';
+  TLS1_RFC_ECDHE_RSA_WITH_AES_256_SHA384 = 'TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384';
+  TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 = 'TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256';
+  TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 = 'TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384';
+  TLS1_RFC_ECDHE_RSA_WITH_AES_128_GCM_SHA256 = 'TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256';
+  TLS1_RFC_ECDHE_RSA_WITH_AES_256_GCM_SHA384 = 'TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384';
+  TLS1_RFC_PSK_WITH_NULL_SHA = 'TLS_PSK_WITH_NULL_SHA';
+  TLS1_RFC_DHE_PSK_WITH_NULL_SHA = 'TLS_DHE_PSK_WITH_NULL_SHA';
+  TLS1_RFC_RSA_PSK_WITH_NULL_SHA = 'TLS_RSA_PSK_WITH_NULL_SHA';
+  TLS1_RFC_PSK_WITH_3DES_EDE_CBC_SHA = 'TLS_PSK_WITH_3DES_EDE_CBC_SHA';
+  TLS1_RFC_PSK_WITH_AES_128_CBC_SHA = 'TLS_PSK_WITH_AES_128_CBC_SHA';
+  TLS1_RFC_PSK_WITH_AES_256_CBC_SHA = 'TLS_PSK_WITH_AES_256_CBC_SHA';
+  TLS1_RFC_DHE_PSK_WITH_3DES_EDE_CBC_SHA = 'TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA';
+  TLS1_RFC_DHE_PSK_WITH_AES_128_CBC_SHA = 'TLS_DHE_PSK_WITH_AES_128_CBC_SHA';
+  TLS1_RFC_DHE_PSK_WITH_AES_256_CBC_SHA = 'TLS_DHE_PSK_WITH_AES_256_CBC_SHA';
+  TLS1_RFC_RSA_PSK_WITH_3DES_EDE_CBC_SHA = 'TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA';
+  TLS1_RFC_RSA_PSK_WITH_AES_128_CBC_SHA = 'TLS_RSA_PSK_WITH_AES_128_CBC_SHA';
+  TLS1_RFC_RSA_PSK_WITH_AES_256_CBC_SHA = 'TLS_RSA_PSK_WITH_AES_256_CBC_SHA';
+  TLS1_RFC_PSK_WITH_AES_128_GCM_SHA256 = 'TLS_PSK_WITH_AES_128_GCM_SHA256';
+  TLS1_RFC_PSK_WITH_AES_256_GCM_SHA384 = 'TLS_PSK_WITH_AES_256_GCM_SHA384';
+  TLS1_RFC_DHE_PSK_WITH_AES_128_GCM_SHA256 = 'TLS_DHE_PSK_WITH_AES_128_GCM_SHA256';
+  TLS1_RFC_DHE_PSK_WITH_AES_256_GCM_SHA384 = 'TLS_DHE_PSK_WITH_AES_256_GCM_SHA384';
+  TLS1_RFC_RSA_PSK_WITH_AES_128_GCM_SHA256 = 'TLS_RSA_PSK_WITH_AES_128_GCM_SHA256';
+  TLS1_RFC_RSA_PSK_WITH_AES_256_GCM_SHA384 = 'TLS_RSA_PSK_WITH_AES_256_GCM_SHA384';
+  TLS1_RFC_PSK_WITH_AES_128_CBC_SHA256 = 'TLS_PSK_WITH_AES_128_CBC_SHA256';
+  TLS1_RFC_PSK_WITH_AES_256_CBC_SHA384 = 'TLS_PSK_WITH_AES_256_CBC_SHA384';
+  TLS1_RFC_PSK_WITH_NULL_SHA256 = 'TLS_PSK_WITH_NULL_SHA256';
+  TLS1_RFC_PSK_WITH_NULL_SHA384 = 'TLS_PSK_WITH_NULL_SHA384';
+  TLS1_RFC_DHE_PSK_WITH_AES_128_CBC_SHA256 = 'TLS_DHE_PSK_WITH_AES_128_CBC_SHA256';
+  TLS1_RFC_DHE_PSK_WITH_AES_256_CBC_SHA384 = 'TLS_DHE_PSK_WITH_AES_256_CBC_SHA384';
+  TLS1_RFC_DHE_PSK_WITH_NULL_SHA256 = 'TLS_DHE_PSK_WITH_NULL_SHA256';
+  TLS1_RFC_DHE_PSK_WITH_NULL_SHA384 = 'TLS_DHE_PSK_WITH_NULL_SHA384';
+  TLS1_RFC_RSA_PSK_WITH_AES_128_CBC_SHA256 = 'TLS_RSA_PSK_WITH_AES_128_CBC_SHA256';
+  TLS1_RFC_RSA_PSK_WITH_AES_256_CBC_SHA384 = 'TLS_RSA_PSK_WITH_AES_256_CBC_SHA384';
+  TLS1_RFC_RSA_PSK_WITH_NULL_SHA256 = 'TLS_RSA_PSK_WITH_NULL_SHA256';
+  TLS1_RFC_RSA_PSK_WITH_NULL_SHA384 = 'TLS_RSA_PSK_WITH_NULL_SHA384';
+  TLS1_RFC_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA = 'TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA';
+  TLS1_RFC_ECDHE_PSK_WITH_AES_128_CBC_SHA = 'TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA';
+  TLS1_RFC_ECDHE_PSK_WITH_AES_256_CBC_SHA = 'TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA';
+  TLS1_RFC_ECDHE_PSK_WITH_AES_128_CBC_SHA256 = 'TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256';
+  TLS1_RFC_ECDHE_PSK_WITH_AES_256_CBC_SHA384 = 'TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384';
+  TLS1_RFC_ECDHE_PSK_WITH_NULL_SHA = 'TLS_ECDHE_PSK_WITH_NULL_SHA';
+  TLS1_RFC_ECDHE_PSK_WITH_NULL_SHA256 = 'TLS_ECDHE_PSK_WITH_NULL_SHA256';
+  TLS1_RFC_ECDHE_PSK_WITH_NULL_SHA384 = 'TLS_ECDHE_PSK_WITH_NULL_SHA384';
+  TLS1_RFC_SRP_SHA_WITH_3DES_EDE_CBC_SHA = 'TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA';
+  TLS1_RFC_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA = 'TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA';
+  TLS1_RFC_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA = 'TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA';
+  TLS1_RFC_SRP_SHA_WITH_AES_128_CBC_SHA = 'TLS_SRP_SHA_WITH_AES_128_CBC_SHA';
+  TLS1_RFC_SRP_SHA_RSA_WITH_AES_128_CBC_SHA = 'TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA';
+  TLS1_RFC_SRP_SHA_DSS_WITH_AES_128_CBC_SHA = 'TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA';
+  TLS1_RFC_SRP_SHA_WITH_AES_256_CBC_SHA = 'TLS_SRP_SHA_WITH_AES_256_CBC_SHA';
+  TLS1_RFC_SRP_SHA_RSA_WITH_AES_256_CBC_SHA = 'TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA';
+  TLS1_RFC_SRP_SHA_DSS_WITH_AES_256_CBC_SHA = 'TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA';
+  TLS1_RFC_DHE_RSA_WITH_CHACHA20_POLY1305 = 'TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256';
+  TLS1_RFC_ECDHE_RSA_WITH_CHACHA20_POLY1305 = 'TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256';
+  TLS1_RFC_ECDHE_ECDSA_WITH_CHACHA20_POLY1305 = 'TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256';
+  TLS1_RFC_PSK_WITH_CHACHA20_POLY1305 = 'TLS_PSK_WITH_CHACHA20_POLY1305_SHA256';
+  TLS1_RFC_ECDHE_PSK_WITH_CHACHA20_POLY1305 = 'TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256';
+  TLS1_RFC_DHE_PSK_WITH_CHACHA20_POLY1305 = 'TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256';
+  TLS1_RFC_RSA_PSK_WITH_CHACHA20_POLY1305 = 'TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256';
+  TLS1_RFC_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 'TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256';
+  TLS1_RFC_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256 = 'TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256';
+  TLS1_RFC_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 'TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256';
+  TLS1_RFC_ADH_WITH_CAMELLIA_128_CBC_SHA256 = 'TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256';
+  TLS1_RFC_RSA_WITH_CAMELLIA_256_CBC_SHA256 = 'TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256';
+  TLS1_RFC_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256 = 'TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256';
+  TLS1_RFC_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 = 'TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256';
+  TLS1_RFC_ADH_WITH_CAMELLIA_256_CBC_SHA256 = 'TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256';
+  TLS1_RFC_RSA_WITH_CAMELLIA_256_CBC_SHA = 'TLS_RSA_WITH_CAMELLIA_256_CBC_SHA';
+  TLS1_RFC_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA = 'TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA';
+  TLS1_RFC_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA = 'TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA';
+  TLS1_RFC_ADH_WITH_CAMELLIA_256_CBC_SHA = 'TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA';
+  TLS1_RFC_RSA_WITH_CAMELLIA_128_CBC_SHA = 'TLS_RSA_WITH_CAMELLIA_128_CBC_SHA';
+  TLS1_RFC_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA = 'TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA';
+  TLS1_RFC_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA = 'TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA';
+  TLS1_RFC_ADH_WITH_CAMELLIA_128_CBC_SHA = 'TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA';
+  TLS1_RFC_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 = 'TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256';
+  TLS1_RFC_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 = 'TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384';
+  TLS1_RFC_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 'TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256';
+  TLS1_RFC_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 = 'TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384';
+  TLS1_RFC_PSK_WITH_CAMELLIA_128_CBC_SHA256 = 'TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256';
+  TLS1_RFC_PSK_WITH_CAMELLIA_256_CBC_SHA384 = 'TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384';
+  TLS1_RFC_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 = 'TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256';
+  TLS1_RFC_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 = 'TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384';
+  TLS1_RFC_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 = 'TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256';
+  TLS1_RFC_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 = 'TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384';
+  TLS1_RFC_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 = 'TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256';
+  TLS1_RFC_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 = 'TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384';
+  TLS1_RFC_RSA_WITH_SEED_SHA = 'TLS_RSA_WITH_SEED_CBC_SHA';
+  TLS1_RFC_DHE_DSS_WITH_SEED_SHA = 'TLS_DHE_DSS_WITH_SEED_CBC_SHA';
+  TLS1_RFC_DHE_RSA_WITH_SEED_SHA = 'TLS_DHE_RSA_WITH_SEED_CBC_SHA';
+  TLS1_RFC_ADH_WITH_SEED_SHA = 'TLS_DH_anon_WITH_SEED_CBC_SHA';
+  TLS1_RFC_ECDHE_PSK_WITH_RC4_128_SHA = 'TLS_ECDHE_PSK_WITH_RC4_128_SHA';
+  TLS1_RFC_ECDH_anon_WITH_RC4_128_SHA = 'TLS_ECDH_anon_WITH_RC4_128_SHA';
+  TLS1_RFC_ECDHE_ECDSA_WITH_RC4_128_SHA = 'TLS_ECDHE_ECDSA_WITH_RC4_128_SHA';
+  TLS1_RFC_ECDHE_RSA_WITH_RC4_128_SHA = 'TLS_ECDHE_RSA_WITH_RC4_128_SHA';
+  TLS1_RFC_PSK_WITH_RC4_128_SHA = 'TLS_PSK_WITH_RC4_128_SHA';
+  TLS1_RFC_RSA_PSK_WITH_RC4_128_SHA = 'TLS_RSA_PSK_WITH_RC4_128_SHA';
+  TLS1_RFC_DHE_PSK_WITH_RC4_128_SHA = 'TLS_DHE_PSK_WITH_RC4_128_SHA';
+  TLS1_RFC_RSA_WITH_ARIA_128_GCM_SHA256 = 'TLS_RSA_WITH_ARIA_128_GCM_SHA256';
+  TLS1_RFC_RSA_WITH_ARIA_256_GCM_SHA384 = 'TLS_RSA_WITH_ARIA_256_GCM_SHA384';
+  TLS1_RFC_DHE_RSA_WITH_ARIA_128_GCM_SHA256 = 'TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256';
+  TLS1_RFC_DHE_RSA_WITH_ARIA_256_GCM_SHA384 = 'TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384';
+  TLS1_RFC_DH_RSA_WITH_ARIA_128_GCM_SHA256 = 'TLS_DH_RSA_WITH_ARIA_128_GCM_SHA256';
+  TLS1_RFC_DH_RSA_WITH_ARIA_256_GCM_SHA384 = 'TLS_DH_RSA_WITH_ARIA_256_GCM_SHA384';
+  TLS1_RFC_DHE_DSS_WITH_ARIA_128_GCM_SHA256 = 'TLS_DHE_DSS_WITH_ARIA_128_GCM_SHA256';
+  TLS1_RFC_DHE_DSS_WITH_ARIA_256_GCM_SHA384 = 'TLS_DHE_DSS_WITH_ARIA_256_GCM_SHA384';
+  TLS1_RFC_DH_DSS_WITH_ARIA_128_GCM_SHA256 = 'TLS_DH_DSS_WITH_ARIA_128_GCM_SHA256';
+  TLS1_RFC_DH_DSS_WITH_ARIA_256_GCM_SHA384 = 'TLS_DH_DSS_WITH_ARIA_256_GCM_SHA384';
+  TLS1_RFC_DH_anon_WITH_ARIA_128_GCM_SHA256 = 'TLS_DH_anon_WITH_ARIA_128_GCM_SHA256';
+  TLS1_RFC_DH_anon_WITH_ARIA_256_GCM_SHA384 = 'TLS_DH_anon_WITH_ARIA_256_GCM_SHA384';
+  TLS1_RFC_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256 = 'TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256';
+  TLS1_RFC_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384 = 'TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384';
+  TLS1_RFC_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256 = 'TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256';
+  TLS1_RFC_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384 = 'TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384';
+  TLS1_RFC_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 = 'TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256';
+  TLS1_RFC_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 = 'TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384';
+  TLS1_RFC_ECDH_RSA_WITH_ARIA_128_GCM_SHA256 = 'TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256';
+  TLS1_RFC_ECDH_RSA_WITH_ARIA_256_GCM_SHA384 = 'TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384';
+  TLS1_RFC_PSK_WITH_ARIA_128_GCM_SHA256 = 'TLS_PSK_WITH_ARIA_128_GCM_SHA256';
+  TLS1_RFC_PSK_WITH_ARIA_256_GCM_SHA384 = 'TLS_PSK_WITH_ARIA_256_GCM_SHA384';
+  TLS1_RFC_DHE_PSK_WITH_ARIA_128_GCM_SHA256 = 'TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256';
+  TLS1_RFC_DHE_PSK_WITH_ARIA_256_GCM_SHA384 = 'TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384';
+  TLS1_RFC_RSA_PSK_WITH_ARIA_128_GCM_SHA256 = 'TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256';
+  TLS1_RFC_RSA_PSK_WITH_ARIA_256_GCM_SHA384 = 'TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384';
+
+  (*
+   * XXX Backward compatibility alert: Older versions of OpenSSL gave some DHE
+   * ciphers names with "EDH" instead of "DHE".  Going forward, we should be
+   * using DHE everywhere, though we may indefinitely maTIdC_INTain aliases for
+   * users or configurations that used "EDH"
+   *)
+  TLS1_TXT_DHE_DSS_WITH_RC4_128_SHA = 'DHE-DSS-RC4-SHA';
+
+  TLS1_TXT_PSK_WITH_NULL_SHA = 'PSK-NULL-SHA';
+  TLS1_TXT_DHE_PSK_WITH_NULL_SHA = 'DHE-PSK-NULL-SHA';
+  TLS1_TXT_RSA_PSK_WITH_NULL_SHA = 'RSA-PSK-NULL-SHA';
+
+  (* AES ciphersuites from RFC3268 *)
+  TLS1_TXT_RSA_WITH_AES_128_SHA = 'AES128-SHA';
+  TLS1_TXT_DH_DSS_WITH_AES_128_SHA = 'DH-DSS-AES128-SHA';
+  TLS1_TXT_DH_RSA_WITH_AES_128_SHA = 'DH-RSA-AES128-SHA';
+  TLS1_TXT_DHE_DSS_WITH_AES_128_SHA = 'DHE-DSS-AES128-SHA';
+  TLS1_TXT_DHE_RSA_WITH_AES_128_SHA = 'DHE-RSA-AES128-SHA';
+  TLS1_TXT_ADH_WITH_AES_128_SHA = 'ADH-AES128-SHA';
+
+  TLS1_TXT_RSA_WITH_AES_256_SHA = 'AES256-SHA';
+  TLS1_TXT_DH_DSS_WITH_AES_256_SHA = 'DH-DSS-AES256-SHA';
+  TLS1_TXT_DH_RSA_WITH_AES_256_SHA = 'DH-RSA-AES256-SHA';
+  TLS1_TXT_DHE_DSS_WITH_AES_256_SHA = 'DHE-DSS-AES256-SHA';
+  TLS1_TXT_DHE_RSA_WITH_AES_256_SHA = 'DHE-RSA-AES256-SHA';
+  TLS1_TXT_ADH_WITH_AES_256_SHA = 'ADH-AES256-SHA';
+
+  (* ECC ciphersuites from RFC4492 *)
+  TLS1_TXT_ECDH_ECDSA_WITH_NULL_SHA = 'ECDH-ECDSA-NULL-SHA';
+  TLS1_TXT_ECDH_ECDSA_WITH_RC4_128_SHA = 'ECDH-ECDSA-RC4-SHA';
+  TLS1_TXT_ECDH_ECDSA_WITH_DES_192_CBC3_SHA = 'ECDH-ECDSA-DES-CBC3-SHA';
+  TLS1_TXT_ECDH_ECDSA_WITH_AES_128_CBC_SHA = 'ECDH-ECDSA-AES128-SHA';
+  TLS1_TXT_ECDH_ECDSA_WITH_AES_256_CBC_SHA = 'ECDH-ECDSA-AES256-SHA';
+
+  TLS1_TXT_ECDHE_ECDSA_WITH_NULL_SHA = 'ECDHE-ECDSA-NULL-SHA';
+  TLS1_TXT_ECDHE_ECDSA_WITH_RC4_128_SHA = 'ECDHE-ECDSA-RC4-SHA';
+  TLS1_TXT_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA = 'ECDHE-ECDSA-DES-CBC3-SHA';
+  TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CBC_SHA = 'ECDHE-ECDSA-AES128-SHA';
+  TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CBC_SHA = 'ECDHE-ECDSA-AES256-SHA';
+
+  TLS1_TXT_ECDH_RSA_WITH_NULL_SHA = 'ECDH-RSA-NULL-SHA';
+  TLS1_TXT_ECDH_RSA_WITH_RC4_128_SHA = 'ECDH-RSA-RC4-SHA';
+  TLS1_TXT_ECDH_RSA_WITH_DES_192_CBC3_SHA = 'ECDH-RSA-DES-CBC3-SHA';
+  TLS1_TXT_ECDH_RSA_WITH_AES_128_CBC_SHA = 'ECDH-RSA-AES128-SHA';
+  TLS1_TXT_ECDH_RSA_WITH_AES_256_CBC_SHA = 'ECDH-RSA-AES256-SHA';
+
+  TLS1_TXT_ECDHE_RSA_WITH_NULL_SHA = 'ECDHE-RSA-NULL-SHA';
+  TLS1_TXT_ECDHE_RSA_WITH_RC4_128_SHA = 'ECDHE-RSA-RC4-SHA';
+  TLS1_TXT_ECDHE_RSA_WITH_DES_192_CBC3_SHA = 'ECDHE-RSA-DES-CBC3-SHA';
+  TLS1_TXT_ECDHE_RSA_WITH_AES_128_CBC_SHA = 'ECDHE-RSA-AES128-SHA';
+  TLS1_TXT_ECDHE_RSA_WITH_AES_256_CBC_SHA = 'ECDHE-RSA-AES256-SHA';
+
+  TLS1_TXT_ECDH_anon_WITH_NULL_SHA = 'AECDH-NULL-SHA';
+  TLS1_TXT_ECDH_anon_WITH_RC4_128_SHA = 'AECDH-RC4-SHA';
+  TLS1_TXT_ECDH_anon_WITH_DES_192_CBC3_SHA = 'AECDH-DES-CBC3-SHA';
+  TLS1_TXT_ECDH_anon_WITH_AES_128_CBC_SHA = 'AECDH-AES128-SHA';
+  TLS1_TXT_ECDH_anon_WITH_AES_256_CBC_SHA = 'AECDH-AES256-SHA';
+
+  (* PSK ciphersuites from RFC 4279 *)
+  TLS1_TXT_PSK_WITH_RC4_128_SHA = 'PSK-RC4-SHA';
+  TLS1_TXT_PSK_WITH_3DES_EDE_CBC_SHA = 'PSK-3DES-EDE-CBC-SHA';
+  TLS1_TXT_PSK_WITH_AES_128_CBC_SHA = 'PSK-AES128-CBC-SHA';
+  TLS1_TXT_PSK_WITH_AES_256_CBC_SHA = 'PSK-AES256-CBC-SHA';
+
+  TLS1_TXT_DHE_PSK_WITH_RC4_128_SHA = 'DHE-PSK-RC4-SHA';
+  TLS1_TXT_DHE_PSK_WITH_3DES_EDE_CBC_SHA = 'DHE-PSK-3DES-EDE-CBC-SHA';
+  TLS1_TXT_DHE_PSK_WITH_AES_128_CBC_SHA = 'DHE-PSK-AES128-CBC-SHA';
+  TLS1_TXT_DHE_PSK_WITH_AES_256_CBC_SHA = 'DHE-PSK-AES256-CBC-SHA';
+  TLS1_TXT_RSA_PSK_WITH_RC4_128_SHA = 'RSA-PSK-RC4-SHA';
+  TLS1_TXT_RSA_PSK_WITH_3DES_EDE_CBC_SHA = 'RSA-PSK-3DES-EDE-CBC-SHA';
+  TLS1_TXT_RSA_PSK_WITH_AES_128_CBC_SHA = 'RSA-PSK-AES128-CBC-SHA';
+  TLS1_TXT_RSA_PSK_WITH_AES_256_CBC_SHA = 'RSA-PSK-AES256-CBC-SHA';
+
+  (* PSK ciphersuites from RFC 5487 *)
+  TLS1_TXT_PSK_WITH_AES_128_GCM_SHA256 = 'PSK-AES128-GCM-SHA256';
+  TLS1_TXT_PSK_WITH_AES_256_GCM_SHA384 = 'PSK-AES256-GCM-SHA384';
+  TLS1_TXT_DHE_PSK_WITH_AES_128_GCM_SHA256 = 'DHE-PSK-AES128-GCM-SHA256';
+  TLS1_TXT_DHE_PSK_WITH_AES_256_GCM_SHA384 = 'DHE-PSK-AES256-GCM-SHA384';
+  TLS1_TXT_RSA_PSK_WITH_AES_128_GCM_SHA256 = 'RSA-PSK-AES128-GCM-SHA256';
+  TLS1_TXT_RSA_PSK_WITH_AES_256_GCM_SHA384 = 'RSA-PSK-AES256-GCM-SHA384';
+
+  TLS1_TXT_PSK_WITH_AES_128_CBC_SHA256 = 'PSK-AES128-CBC-SHA256';
+  TLS1_TXT_PSK_WITH_AES_256_CBC_SHA384 = 'PSK-AES256-CBC-SHA384';
+  TLS1_TXT_PSK_WITH_NULL_SHA256 = 'PSK-NULL-SHA256';
+  TLS1_TXT_PSK_WITH_NULL_SHA384 = 'PSK-NULL-SHA384';
+
+  TLS1_TXT_DHE_PSK_WITH_AES_128_CBC_SHA256 = 'DHE-PSK-AES128-CBC-SHA256';
+  TLS1_TXT_DHE_PSK_WITH_AES_256_CBC_SHA384 = 'DHE-PSK-AES256-CBC-SHA384';
+  TLS1_TXT_DHE_PSK_WITH_NULL_SHA256 = 'DHE-PSK-NULL-SHA256';
+  TLS1_TXT_DHE_PSK_WITH_NULL_SHA384 = 'DHE-PSK-NULL-SHA384';
+
+  TLS1_TXT_RSA_PSK_WITH_AES_128_CBC_SHA256 = 'RSA-PSK-AES128-CBC-SHA256';
+  TLS1_TXT_RSA_PSK_WITH_AES_256_CBC_SHA384 = 'RSA-PSK-AES256-CBC-SHA384';
+  TLS1_TXT_RSA_PSK_WITH_NULL_SHA256 = 'RSA-PSK-NULL-SHA256';
+  TLS1_TXT_RSA_PSK_WITH_NULL_SHA384 = 'RSA-PSK-NULL-SHA384';
+
+  (* SRP ciphersuite from RFC 5054 *)
+  TLS1_TXT_SRP_SHA_WITH_3DES_EDE_CBC_SHA = 'SRP-3DES-EDE-CBC-SHA';
+  TLS1_TXT_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA = 'SRP-RSA-3DES-EDE-CBC-SHA';
+  TLS1_TXT_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA = 'SRP-DSS-3DES-EDE-CBC-SHA';
+  TLS1_TXT_SRP_SHA_WITH_AES_128_CBC_SHA = 'SRP-AES-128-CBC-SHA';
+  TLS1_TXT_SRP_SHA_RSA_WITH_AES_128_CBC_SHA = 'SRP-RSA-AES-128-CBC-SHA';
+  TLS1_TXT_SRP_SHA_DSS_WITH_AES_128_CBC_SHA = 'SRP-DSS-AES-128-CBC-SHA';
+  TLS1_TXT_SRP_SHA_WITH_AES_256_CBC_SHA = 'SRP-AES-256-CBC-SHA';
+  TLS1_TXT_SRP_SHA_RSA_WITH_AES_256_CBC_SHA = 'SRP-RSA-AES-256-CBC-SHA';
+  TLS1_TXT_SRP_SHA_DSS_WITH_AES_256_CBC_SHA = 'SRP-DSS-AES-256-CBC-SHA';
+
+  (* Camellia ciphersuites from RFC4132 *)
+  TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA = 'CAMELLIA128-SHA';
+  TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA = 'DH-DSS-CAMELLIA128-SHA';
+  TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA = 'DH-RSA-CAMELLIA128-SHA';
+  TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA = 'DHE-DSS-CAMELLIA128-SHA';
+  TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA = 'DHE-RSA-CAMELLIA128-SHA';
+  TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA = 'ADH-CAMELLIA128-SHA';
+
+  TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA = 'CAMELLIA256-SHA';
+  TLS1_TXT_DH_DSS_WITH_CAMELLIA_256_CBC_SHA = 'DH-DSS-CAMELLIA256-SHA';
+  TLS1_TXT_DH_RSA_WITH_CAMELLIA_256_CBC_SHA = 'DH-RSA-CAMELLIA256-SHA';
+  TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA = 'DHE-DSS-CAMELLIA256-SHA';
+  TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA = 'DHE-RSA-CAMELLIA256-SHA';
+  TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA = 'ADH-CAMELLIA256-SHA';
+
+  (* TLS 1.2 Camellia SHA-256 ciphersuites from RFC5932 *)
+  TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 'CAMELLIA128-SHA256';
+  TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256 = 'DH-DSS-CAMELLIA128-SHA256';
+  TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 'DH-RSA-CAMELLIA128-SHA256';
+  TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256 = 'DHE-DSS-CAMELLIA128-SHA256';
+  TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 'DHE-RSA-CAMELLIA128-SHA256';
+  TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA256 = 'ADH-CAMELLIA128-SHA256';
+
+  TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA256 = 'CAMELLIA256-SHA256';
+  TLS1_TXT_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256 = 'DH-DSS-CAMELLIA256-SHA256';
+  TLS1_TXT_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256 = 'DH-RSA-CAMELLIA256-SHA256';
+  TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256 = 'DHE-DSS-CAMELLIA256-SHA256';
+  TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 = 'DHE-RSA-CAMELLIA256-SHA256';
+  TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA256 = 'ADH-CAMELLIA256-SHA256';
+
+  TLS1_TXT_PSK_WITH_CAMELLIA_128_CBC_SHA256 = 'PSK-CAMELLIA128-SHA256';
+  TLS1_TXT_PSK_WITH_CAMELLIA_256_CBC_SHA384 = 'PSK-CAMELLIA256-SHA384';
+  TLS1_TXT_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 = 'DHE-PSK-CAMELLIA128-SHA256';
+  TLS1_TXT_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 = 'DHE-PSK-CAMELLIA256-SHA384';
+  TLS1_TXT_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 = 'RSA-PSK-CAMELLIA128-SHA256';
+  TLS1_TXT_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 = 'RSA-PSK-CAMELLIA256-SHA384';
+  TLS1_TXT_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 = 'ECDHE-PSK-CAMELLIA128-SHA256';
+  TLS1_TXT_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 = 'ECDHE-PSK-CAMELLIA256-SHA384';
+
+  (* SEED ciphersuites from RFC4162 *)
+  TLS1_TXT_RSA_WITH_SEED_SHA = 'SEED-SHA';
+  TLS1_TXT_DH_DSS_WITH_SEED_SHA = 'DH-DSS-SEED-SHA';
+  TLS1_TXT_DH_RSA_WITH_SEED_SHA = 'DH-RSA-SEED-SHA';
+  TLS1_TXT_DHE_DSS_WITH_SEED_SHA = 'DHE-DSS-SEED-SHA';
+  TLS1_TXT_DHE_RSA_WITH_SEED_SHA = 'DHE-RSA-SEED-SHA';
+  TLS1_TXT_ADH_WITH_SEED_SHA = 'ADH-SEED-SHA';
+
+  (* TLS v1.2 ciphersuites *)
+  TLS1_TXT_RSA_WITH_NULL_SHA256 = 'NULL-SHA256';
+  TLS1_TXT_RSA_WITH_AES_128_SHA256 = 'AES128-SHA256';
+  TLS1_TXT_RSA_WITH_AES_256_SHA256 = 'AES256-SHA256';
+  TLS1_TXT_DH_DSS_WITH_AES_128_SHA256 = 'DH-DSS-AES128-SHA256';
+  TLS1_TXT_DH_RSA_WITH_AES_128_SHA256 = 'DH-RSA-AES128-SHA256';
+  TLS1_TXT_DHE_DSS_WITH_AES_128_SHA256 = 'DHE-DSS-AES128-SHA256';
+  TLS1_TXT_DHE_RSA_WITH_AES_128_SHA256 = 'DHE-RSA-AES128-SHA256';
+  TLS1_TXT_DH_DSS_WITH_AES_256_SHA256 = 'DH-DSS-AES256-SHA256';
+  TLS1_TXT_DH_RSA_WITH_AES_256_SHA256 = 'DH-RSA-AES256-SHA256';
+  TLS1_TXT_DHE_DSS_WITH_AES_256_SHA256 = 'DHE-DSS-AES256-SHA256';
+  TLS1_TXT_DHE_RSA_WITH_AES_256_SHA256 = 'DHE-RSA-AES256-SHA256';
+  TLS1_TXT_ADH_WITH_AES_128_SHA256 = 'ADH-AES128-SHA256';
+  TLS1_TXT_ADH_WITH_AES_256_SHA256 = 'ADH-AES256-SHA256';
+
+  (* TLS v1.2 GCM ciphersuites from RFC5288 *)
+  TLS1_TXT_RSA_WITH_AES_128_GCM_SHA256 = 'AES128-GCM-SHA256';
+  TLS1_TXT_RSA_WITH_AES_256_GCM_SHA384 = 'AES256-GCM-SHA384';
+  TLS1_TXT_DHE_RSA_WITH_AES_128_GCM_SHA256 = 'DHE-RSA-AES128-GCM-SHA256';
+  TLS1_TXT_DHE_RSA_WITH_AES_256_GCM_SHA384 = 'DHE-RSA-AES256-GCM-SHA384';
+  TLS1_TXT_DH_RSA_WITH_AES_128_GCM_SHA256 = 'DH-RSA-AES128-GCM-SHA256';
+  TLS1_TXT_DH_RSA_WITH_AES_256_GCM_SHA384 = 'DH-RSA-AES256-GCM-SHA384';
+  TLS1_TXT_DHE_DSS_WITH_AES_128_GCM_SHA256 = 'DHE-DSS-AES128-GCM-SHA256';
+  TLS1_TXT_DHE_DSS_WITH_AES_256_GCM_SHA384 = 'DHE-DSS-AES256-GCM-SHA384';
+  TLS1_TXT_DH_DSS_WITH_AES_128_GCM_SHA256 = 'DH-DSS-AES128-GCM-SHA256';
+  TLS1_TXT_DH_DSS_WITH_AES_256_GCM_SHA384 = 'DH-DSS-AES256-GCM-SHA384';
+  TLS1_TXT_ADH_WITH_AES_128_GCM_SHA256 = 'ADH-AES128-GCM-SHA256';
+  TLS1_TXT_ADH_WITH_AES_256_GCM_SHA384 = 'ADH-AES256-GCM-SHA384';
+
+  (* CCM ciphersuites from RFC6655 *)
+  TLS1_TXT_RSA_WITH_AES_128_CCM = 'AES128-CCM';
+  TLS1_TXT_RSA_WITH_AES_256_CCM = 'AES256-CCM';
+  TLS1_TXT_DHE_RSA_WITH_AES_128_CCM = 'DHE-RSA-AES128-CCM';
+  TLS1_TXT_DHE_RSA_WITH_AES_256_CCM = 'DHE-RSA-AES256-CCM';
+
+  TLS1_TXT_RSA_WITH_AES_128_CCM_8 = 'AES128-CCM8';
+  TLS1_TXT_RSA_WITH_AES_256_CCM_8 = 'AES256-CCM8';
+  TLS1_TXT_DHE_RSA_WITH_AES_128_CCM_8 = 'DHE-RSA-AES128-CCM8';
+  TLS1_TXT_DHE_RSA_WITH_AES_256_CCM_8 = 'DHE-RSA-AES256-CCM8';
+
+  TLS1_TXT_PSK_WITH_AES_128_CCM = 'PSK-AES128-CCM';
+  TLS1_TXT_PSK_WITH_AES_256_CCM = 'PSK-AES256-CCM';
+  TLS1_TXT_DHE_PSK_WITH_AES_128_CCM = 'DHE-PSK-AES128-CCM';
+  TLS1_TXT_DHE_PSK_WITH_AES_256_CCM = 'DHE-PSK-AES256-CCM';
+
+  TLS1_TXT_PSK_WITH_AES_128_CCM_8 = 'PSK-AES128-CCM8';
+  TLS1_TXT_PSK_WITH_AES_256_CCM_8 = 'PSK-AES256-CCM8';
+  TLS1_TXT_DHE_PSK_WITH_AES_128_CCM_8 = 'DHE-PSK-AES128-CCM8';
+  TLS1_TXT_DHE_PSK_WITH_AES_256_CCM_8 = 'DHE-PSK-AES256-CCM8';
+
+  (* CCM ciphersuites from RFC7251 *)
+  TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CCM = 'ECDHE-ECDSA-AES128-CCM';
+  TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CCM = 'ECDHE-ECDSA-AES256-CCM';
+  TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CCM_8 = 'ECDHE-ECDSA-AES128-CCM8';
+  TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CCM_8 = 'ECDHE-ECDSA-AES256-CCM8';
+
+  (* ECDH HMAC based ciphersuites from RFC5289 *)
+  TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_SHA256 = 'ECDHE-ECDSA-AES128-SHA256';
+  TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_SHA384 = 'ECDHE-ECDSA-AES256-SHA384';
+  TLS1_TXT_ECDH_ECDSA_WITH_AES_128_SHA256 = 'ECDH-ECDSA-AES128-SHA256';
+  TLS1_TXT_ECDH_ECDSA_WITH_AES_256_SHA384 = 'ECDH-ECDSA-AES256-SHA384';
+  TLS1_TXT_ECDHE_RSA_WITH_AES_128_SHA256 = 'ECDHE-RSA-AES128-SHA256';
+  TLS1_TXT_ECDHE_RSA_WITH_AES_256_SHA384 = 'ECDHE-RSA-AES256-SHA384';
+  TLS1_TXT_ECDH_RSA_WITH_AES_128_SHA256 = 'ECDH-RSA-AES128-SHA256';
+  TLS1_TXT_ECDH_RSA_WITH_AES_256_SHA384 = 'ECDH-RSA-AES256-SHA384';
+
+  (* ECDH GCM based ciphersuites from RFC5289 *)
+  TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 = 'ECDHE-ECDSA-AES128-GCM-SHA256';
+  TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 = 'ECDHE-ECDSA-AES256-GCM-SHA384';
+  TLS1_TXT_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 = 'ECDH-ECDSA-AES128-GCM-SHA256';
+  TLS1_TXT_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 = 'ECDH-ECDSA-AES256-GCM-SHA384';
+  TLS1_TXT_ECDHE_RSA_WITH_AES_128_GCM_SHA256 = 'ECDHE-RSA-AES128-GCM-SHA256';
+  TLS1_TXT_ECDHE_RSA_WITH_AES_256_GCM_SHA384 = 'ECDHE-RSA-AES256-GCM-SHA384';
+  TLS1_TXT_ECDH_RSA_WITH_AES_128_GCM_SHA256 = 'ECDH-RSA-AES128-GCM-SHA256';
+  TLS1_TXT_ECDH_RSA_WITH_AES_256_GCM_SHA384 = 'ECDH-RSA-AES256-GCM-SHA384';
+
+  (* TLS v1.2 PSK GCM ciphersuites from RFC5487 *)
+  //TLS1_TXT_PSK_WITH_AES_128_GCM_SHA256 = 'PSK-AES128-GCM-SHA256';
+  //TLS1_TXT_PSK_WITH_AES_256_GCM_SHA384 = 'PSK-AES256-GCM-SHA384';
+
+  (* ECDHE PSK ciphersuites from RFC 5489 *)
+  TLS1_TXT_ECDHE_PSK_WITH_RC4_128_SHA = 'ECDHE-PSK-RC4-SHA';
+  TLS1_TXT_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA = 'ECDHE-PSK-3DES-EDE-CBC-SHA';
+  TLS1_TXT_ECDHE_PSK_WITH_AES_128_CBC_SHA = 'ECDHE-PSK-AES128-CBC-SHA';
+  TLS1_TXT_ECDHE_PSK_WITH_AES_256_CBC_SHA = 'ECDHE-PSK-AES256-CBC-SHA';
+
+  TLS1_TXT_ECDHE_PSK_WITH_AES_128_CBC_SHA256 = 'ECDHE-PSK-AES128-CBC-SHA256';
+  TLS1_TXT_ECDHE_PSK_WITH_AES_256_CBC_SHA384 = 'ECDHE-PSK-AES256-CBC-SHA384';
+
+  TLS1_TXT_ECDHE_PSK_WITH_NULL_SHA = 'ECDHE-PSK-NULL-SHA';
+  TLS1_TXT_ECDHE_PSK_WITH_NULL_SHA256 = 'ECDHE-PSK-NULL-SHA256';
+  TLS1_TXT_ECDHE_PSK_WITH_NULL_SHA384 = 'ECDHE-PSK-NULL-SHA384';
+
+  (* Camellia-CBC ciphersuites from RFC6367 *)
+  TLS1_TXT_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 = 'ECDHE-ECDSA-CAMELLIA128-SHA256';
+  TLS1_TXT_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 = 'ECDHE-ECDSA-CAMELLIA256-SHA384';
+  TLS1_TXT_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 = 'ECDH-ECDSA-CAMELLIA128-SHA256';
+  TLS1_TXT_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 = 'ECDH-ECDSA-CAMELLIA256-SHA384';
+  TLS1_TXT_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 'ECDHE-RSA-CAMELLIA128-SHA256';
+  TLS1_TXT_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 = 'ECDHE-RSA-CAMELLIA256-SHA384';
+  TLS1_TXT_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 'ECDH-RSA-CAMELLIA128-SHA256';
+  TLS1_TXT_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 = 'ECDH-RSA-CAMELLIA256-SHA384';
+
+  (* draft-ietf-tls-chacha20-poly1305-03 *)
+  TLS1_TXT_ECDHE_RSA_WITH_CHACHA20_POLY1305 = 'ECDHE-RSA-CHACHA20-POLY1305';
+  TLS1_TXT_ECDHE_ECDSA_WITH_CHACHA20_POLY1305 = 'ECDHE-ECDSA-CHACHA20-POLY1305';
+  TLS1_TXT_DHE_RSA_WITH_CHACHA20_POLY1305 = 'DHE-RSA-CHACHA20-POLY1305';
+  TLS1_TXT_PSK_WITH_CHACHA20_POLY1305 = 'PSK-CHACHA20-POLY1305';
+  TLS1_TXT_ECDHE_PSK_WITH_CHACHA20_POLY1305 = 'ECDHE-PSK-CHACHA20-POLY1305';
+  TLS1_TXT_DHE_PSK_WITH_CHACHA20_POLY1305 = 'DHE-PSK-CHACHA20-POLY1305';
+  TLS1_TXT_RSA_PSK_WITH_CHACHA20_POLY1305 = 'RSA-PSK-CHACHA20-POLY1305';
+
+  (* Aria ciphersuites from RFC6209 *)
+  TLS1_TXT_RSA_WITH_ARIA_128_GCM_SHA256 = 'ARIA128-GCM-SHA256';
+  TLS1_TXT_RSA_WITH_ARIA_256_GCM_SHA384 = 'ARIA256-GCM-SHA384';
+  TLS1_TXT_DHE_RSA_WITH_ARIA_128_GCM_SHA256 = 'DHE-RSA-ARIA128-GCM-SHA256';
+  TLS1_TXT_DHE_RSA_WITH_ARIA_256_GCM_SHA384 = 'DHE-RSA-ARIA256-GCM-SHA384';
+  TLS1_TXT_DH_RSA_WITH_ARIA_128_GCM_SHA256 = 'DH-RSA-ARIA128-GCM-SHA256';
+  TLS1_TXT_DH_RSA_WITH_ARIA_256_GCM_SHA384 = 'DH-RSA-ARIA256-GCM-SHA384';
+  TLS1_TXT_DHE_DSS_WITH_ARIA_128_GCM_SHA256 = 'DHE-DSS-ARIA128-GCM-SHA256';
+  TLS1_TXT_DHE_DSS_WITH_ARIA_256_GCM_SHA384 = 'DHE-DSS-ARIA256-GCM-SHA384';
+  TLS1_TXT_DH_DSS_WITH_ARIA_128_GCM_SHA256 = 'DH-DSS-ARIA128-GCM-SHA256';
+  TLS1_TXT_DH_DSS_WITH_ARIA_256_GCM_SHA384 = 'DH-DSS-ARIA256-GCM-SHA384';
+  TLS1_TXT_DH_anon_WITH_ARIA_128_GCM_SHA256 = 'ADH-ARIA128-GCM-SHA256';
+  TLS1_TXT_DH_anon_WITH_ARIA_256_GCM_SHA384 = 'ADH-ARIA256-GCM-SHA384';
+  TLS1_TXT_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256 = 'ECDHE-ECDSA-ARIA128-GCM-SHA256';
+  TLS1_TXT_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384 = 'ECDHE-ECDSA-ARIA256-GCM-SHA384';
+  TLS1_TXT_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256 = 'ECDH-ECDSA-ARIA128-GCM-SHA256';
+  TLS1_TXT_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384 = 'ECDH-ECDSA-ARIA256-GCM-SHA384';
+  TLS1_TXT_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 = 'ECDHE-ARIA128-GCM-SHA256';
+  TLS1_TXT_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 = 'ECDHE-ARIA256-GCM-SHA384';
+  TLS1_TXT_ECDH_RSA_WITH_ARIA_128_GCM_SHA256 = 'ECDH-ARIA128-GCM-SHA256';
+  TLS1_TXT_ECDH_RSA_WITH_ARIA_256_GCM_SHA384 = 'ECDH-ARIA256-GCM-SHA384';
+  TLS1_TXT_PSK_WITH_ARIA_128_GCM_SHA256 = 'PSK-ARIA128-GCM-SHA256';
+  TLS1_TXT_PSK_WITH_ARIA_256_GCM_SHA384 = 'PSK-ARIA256-GCM-SHA384';
+  TLS1_TXT_DHE_PSK_WITH_ARIA_128_GCM_SHA256 = 'DHE-PSK-ARIA128-GCM-SHA256';
+  TLS1_TXT_DHE_PSK_WITH_ARIA_256_GCM_SHA384 = 'DHE-PSK-ARIA256-GCM-SHA384';
+  TLS1_TXT_RSA_PSK_WITH_ARIA_128_GCM_SHA256 = 'RSA-PSK-ARIA128-GCM-SHA256';
+  TLS1_TXT_RSA_PSK_WITH_ARIA_256_GCM_SHA384 = 'RSA-PSK-ARIA256-GCM-SHA384';
+
+  TLS_CT_RSA_SIGN = 1;
+  TLS_CT_DSS_SIGN = 2;
+  TLS_CT_RSA_FIXED_DH = 3;
+  TLS_CT_DSS_FIXED_DH = 4;
+  TLS_CT_ECDSA_SIGN = 64;
+  TLS_CT_RSA_FIXED_ECDH = 65;
+  TLS_CT_ECDSA_FIXED_ECDH = 66;
+  TLS_CT_GOST01_SIGN = 22;
+  TLS_CT_GOST12_SIGN = 238;
+  TLS_CT_GOST12_512_SIGN = 239;
+
+  (*
+   * when correcting this number, correct also SSL3_CT_NUMBER in ssl3.h (see
+   * comment there)
+   *)
+  TLS_CT_NUMBER = 10;
+
+  TLS1_FINISH_MAC_LENGTH = 12;
+
+  TLS_MD_MAX_CONST_SIZE = 22;
+  TLS_MD_CLIENT_FINISH_CONST  = 'client finished';
+  TLS_MD_CLIENT_FINISH_CONST_SIZE = 15;
+  TLS_MD_SERVER_FINISH_CONST  = 'server finished';
+  TLS_MD_SERVER_FINISH_CONST_SIZE = 15;
+  TLS_MD_KEY_EXPANSION_CONST  = 'key expansion';
+  TLS_MD_KEY_EXPANSION_CONST_SIZE = 13;
+  TLS_MD_CLIENT_WRITE_KEY_CONST  = 'client write key';
+  TLS_MD_CLIENT_WRITE_KEY_CONST_SIZE = 16;
+  TLS_MD_SERVER_WRITE_KEY_CONST  = 'server write key';
+  TLS_MD_SERVER_WRITE_KEY_CONST_SIZE = 16;
+  TLS_MD_IV_BLOCK_CONST  = 'IV block';
+  TLS_MD_IV_BLOCK_CONST_SIZE = 8;
+  TLS_MD_MASTER_SECRET_CONST  = 'master secret';
+  TLS_MD_MASTER_SECRET_CONST_SIZE = 13;
+  TLS_MD_EXTENDED_MASTER_SECRET_CONST  = 'extended master secret';
+  TLS_MD_EXTENDED_MASTER_SECRET_CONST_SIZE = 22;
+
+//  (*
+//   * client finished
+//   *)
+//  TLS_MD_CLIENT_FINISH_CONST  = '\x63\x6c\x69\x65\x6e\x74\x20\x66\x69\x6e\x69\x73\x68\x65\x64';
+//
+//  (*
+//   * server finished
+//   *)
+//  TLS_MD_SERVER_FINISH_CONST  = '\x73\x65\x72\x76\x65\x72\x20\x66\x69\x6e\x69\x73\x68\x65\x64';
+//
+//  (*
+//   * server write key
+//   *)
+//  TLS_MD_SERVER_WRITE_KEY_CONST  = '\x73\x65\x72\x76\x65\x72\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79';
+//
+//  (*
+//   * key expansion
+//   *)
+//  TLS_MD_KEY_EXPANSION_CONST  = '\x6b\x65\x79\x20\x65\x78\x70\x61\x6e\x73\x69\x6f\x6e';
+//
+//  (*
+//   * client write key
+//   *)
+//  TLS_MD_CLIENT_WRITE_KEY_CONST  = '\x63\x6c\x69\x65\x6e\x74\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79';
+//
+//  (*
+//   * server write key
+//   *)
+//  TLS_MD_SERVER_WRITE_KEY_CONST  = '\x73\x65\x72\x76\x65\x72\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79';
+//
+//  (*
+//   * IV block
+//   *)
+//  TLS_MD_IV_BLOCK_CONST  = '\x49\x56\x20\x62\x6c\x6f\x63\x6b';
+//
+//
+//  (*
+//   * master secret
+//   *)
+//  TLS_MD_MASTER_SECRET_CONST  = '\x6d\x61\x73\x74\x65\x72\x20\x73\x65\x63\x72\x65\x74';
+//
+//  (*
+//   * extended master secret
+//   *)
+//  TLS_MD_EXTENDED_MASTER_SECRET_CONST  = '\x65\x78\x74\x65\x6e\x64\x65\x64\x20\x6d\x61\x73\x74\x65\x72\x20\x73\x65\x63\x72\x65\x74';
+
+type
+  (* TLS Session Ticket extension struct *)
+  tls_session_ticket_ext_st = record
+    length: TIdC_USHORT;
+    data: Pointer;
+  end;
+
+{$REGION 'C compiler macros'}
+function SSL_set_tlsext_host_name(s: PSSL; const name: PIdAnsiChar): TIdC_LONG;
+{$ENDREGION}
+
+var
+  function SSL_CTX_set_tlsext_max_fragment_length(ctx: PSSL_CTx; mode: TIdC_UINT8): TIdC_INT;
+  function SSL_set_tlsext_max_fragment_length(ssl: PSSL; mode: TIdC_UINT8): TIdC_INT;
+
+  function SSL_get_servername(const s: PSSL; const &type: TIdC_INT): PIdAnsiChar;
+  function SSL_get_servername_type(const s: PSSL): TIdC_INT;
+  (*
+   * SSL_export_keying_material exports a value derived from the master secret,
+   * as specified in RFC 5705. It writes |olen| bytes to |out| given a label and
+   * optional context. (Since a zero length context is allowed, the |use_context|
+   * flag controls whether a context is included.) It returns 1 on success and
+   * 0 or -1 otherwise.
+   *)
+  function SSL_export_keying_material(s: PSSL; &out: PByte; olen: TIdC_SIZET; const &label: PIdAnsiChar; llen: TIdC_SIZET; const context: PByte; contextlen: TIdC_SIZET; use_context: TIdC_INT): TIdC_INT;
+
+  (*
+   * SSL_export_keying_material_early exports a value derived from the
+   * early exporter master secret, as specified in
+   * https://tools.ietf.org/html/draft-ietf-tls-tls13-23. It writes
+   * |olen| bytes to |out| given a label and optional context. It
+   * returns 1 on success and 0 otherwise.
+   *)
+  function SSL_export_keying_material_early(s: PSSL; &out: PByte; olen: TIdC_SIZET; const &label: PIdAnsiChar; llen: TIdC_SIZET; const context: PByte; contextlen: TIdC_SIZET): TIdC_INT;
+
+  function SSL_get_peer_signature_type_nid(const s: PSSl; pnid: PIdC_INT): TIdC_INT;
+  function SSL_get_signature_type_nid(const s: PSSl; pnid: PIdC_INT): TIdC_INT;
+  function SSL_get_sigalgs(s: PSSl; idx: TIdC_INT; psign: PIdC_INT; phash: PIdC_INT; psignandhash: PIdC_INT; rsig: PByte; rhash: PByte): TIdC_INT;
+  function SSL_get_shared_sigalgs(s: PSSl; idx: TIdC_INT; psign: PIdC_INT; phash: PIdC_INT; psignandhash: PIdC_INT; rsig: PByte; rhash: PByte): TIdC_INT;
+
+  //__owur TIdC_INT SSL_check_chain(s: PSSL, X509 *x, EVP_PKEY *pk, STACK_OF(X509) *chain);
+
+  //# define SSL_set_tlsext_debug_callback(ssl, cb) \
+  //        SSL_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_DEBUG_CB,\
+  //                (void (*)(void))cb)
+
+  //# define SSL_set_tlsext_debug_arg(ssl, arg) \
+  //        SSL_ctrl(ssl,SSL_CTRL_SET_TLSEXT_DEBUG_ARG,0,arg)
+  //
+  //# define SSL_get_tlsext_status_type(ssl) \
+  //        SSL_ctrl(ssl,SSL_CTRL_GET_TLSEXT_STATUS_REQ_TYPE,0,NULL)
+  //
+  //# define SSL_set_tlsext_status_type(ssl, type) \
+  //        SSL_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE,type,NULL)
+  //
+  //# define SSL_get_tlsext_status_exts(ssl, arg) \
+  //        SSL_ctrl(ssl,SSL_CTRL_GET_TLSEXT_STATUS_REQ_EXTS,0,arg)
+  //
+  //# define SSL_set_tlsext_status_exts(ssl, arg) \
+  //        SSL_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_EXTS,0,arg)
+  //
+  //# define SSL_get_tlsext_status_ids(ssl, arg) \
+  //        SSL_ctrl(ssl,SSL_CTRL_GET_TLSEXT_STATUS_REQ_IDS,0,arg)
+  //
+  //# define SSL_set_tlsext_status_ids(ssl, arg) \
+  //        SSL_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_IDS,0,arg)
+  //
+  //# define SSL_get_tlsext_status_ocsp_resp(ssl, arg) \
+  //        SSL_ctrl(ssl,SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP,0,arg)
+  //
+  //# define SSL_set_tlsext_status_ocsp_resp(ssl, arg, arglen) \
+  //        SSL_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP,arglen,arg)
+  //
+  //# define SSL_CTX_set_tlsext_servername_callback(ctx, cb) \
+  //        SSL_CTX_callback_ctrl(ctx,SSL_CTRL_SET_TLSEXT_SERVERNAME_CB,\
+  //                (void (*)(void))cb)
+
+  //# define SSL_CTX_set_tlsext_servername_arg(ctx, arg) \
+  //        SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG,0,arg)
+  //
+  //# define SSL_CTX_get_tlsext_ticket_keys(ctx, keys, keylen) \
+  //        SSL_CTX_ctrl(ctx,SSL_CTRL_GET_TLSEXT_TICKET_KEYS,keylen,keys)
+  //# define SSL_CTX_set_tlsext_ticket_keys(ctx, keys, keylen) \
+  //        SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TLSEXT_TICKET_KEYS,keylen,keys)
+  //
+  //# define SSL_CTX_get_tlsext_status_cb(ssl, cb) \
+  //        SSL_CTX_ctrl(ssl,SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB,0,(void *)cb)
+  //# define SSL_CTX_set_tlsext_status_cb(ssl, cb) \
+  //        SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB,\
+  //                (void (*)(void))cb)
+
+  //# define SSL_CTX_get_tlsext_status_arg(ssl, arg) \
+  //        SSL_CTX_ctrl(ssl,SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB_ARG,0,arg)
+  //# define SSL_CTX_set_tlsext_status_arg(ssl, arg) \
+  //        SSL_CTX_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG,0,arg)
+  //
+  //# define SSL_CTX_set_tlsext_status_type(ssl, type) \
+  //        SSL_CTX_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE,type,NULL)
+  //
+  //# define SSL_CTX_get_tlsext_status_type(ssl) \
+  //        SSL_CTX_ctrl(ssl,SSL_CTRL_GET_TLSEXT_STATUS_REQ_TYPE,0,NULL)
+  //
+  //# define SSL_CTX_set_tlsext_ticket_key_cb(ssl, cb) \
+  //        SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,\
+  //                (void (*)(void))cb)
+
+implementation
+
uses
+  IdOpenSSLHeaders_ssl;
+
+
{$REGION 'C compiler macros'}
+//# define SSL_set_tlsext_host_name(s,name)         SSL_ctrl(s,SSL_CTRL_SET_TLSEXT_HOSTNAME,TLSEXT_NAMETYPE_host_name, (void *)name)
+function SSL_set_tlsext_host_name(s: PSSL; const name: PIdAnsiChar): TIdC_LONG;
+begin
+  Result := SSL_ctrl(s, SSL_CTRL_SET_TLSEXT_HOSTNAME, TLSEXT_NAMETYPE_host_name, Pointer(name));
+end;
+{$ENDREGION}
+
+end.
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ts.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ts.pas
new file mode 100644
index 000000000..1efb697dc
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ts.pas
@@ -0,0 +1,559 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+unit IdOpenSSLHeaders_ts;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// ts.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts,
+  IdOpenSSLHeaders_asn1,
+  IdOpenSSLHeaders_bio,
+  IdOpenSSLHeaders_ossl_typ,
+  IdOpenSSLHeaders_pkcs7,
+  IdOpenSSLHeaders_rsa,
+  IdOpenSSLHeaders_tserr,
+  IdOpenSSLHeaders_x509,
+  IdOpenSSLHeaders_x509v3;
+
+const
+  (* Possible values for status. *)
+  TS_STATUS_GRANTED = 0;
+  TS_STATUS_GRANTED_WITH_MODS = 1;
+  TS_STATUS_REJECTION = 2;
+  TS_STATUS_WAITING = 3;
+  TS_STATUS_REVOCATION_WARNING = 4;
+  TS_STATUS_REVOCATION_NOTIFICATION = 5;
+
+
+  (* Possible values for failure_info. *)
+  TS_INFO_BAD_ALG = 0;
+  TS_INFO_BAD_REQUEST = 2;
+  TS_INFO_BAD_DATA_FORMAT = 5;
+  TS_INFO_TIME_NOT_AVAILABLE = 14;
+  TS_INFO_UNACCEPTED_POLICY = 15;
+  TS_INFO_UNACCEPTED_EXTENSION = 16;
+  TS_INFO_ADD_INFO_NOT_AVAILABLE = 17;
+  TS_INFO_SYSTEM_FAILURE = 25;
+
+  (* Optional flags for response generation. *)
+
+  (* Don't include the TSA name in response. *)
+  TS_TSA_NAME = $01;
+
+  (* Set ordering to true in response. *)
+  TS_ORDERING = $02;
+
+  (*
+   * Include the signer certificate and the other specified certificates in
+   * the ESS signing certificate attribute beside the PKCS7 signed data.
+   * Only the signer certificates is included by default.
+   *)
+  TS_ESS_CERT_ID_CHAIN = $04;
+
+  (* At most we accept usec precision. *)
+  TS_MAX_CLOCK_PRECISION_DIGITS = 6;
+
+  (* Maximum status message length *)
+  TS_MAX_STATUS_LENGTH = 1024 * 1024;
+
+  (* Verify the signer's certificate and the signature of the response. *)
+  TS_VFY_SIGNATURE = TIdC_UINT(1) shl 0;
+  (* Verify the version number of the response. *)
+  TS_VFY_VERSION = TIdC_UINT(1) shl 1;
+  (* Verify if the policy supplied by the user matches the policy of the TSA. *)
+  TS_VFY_POLICY = TIdC_UINT(1) shl 2;
+  (*
+   * Verify the message imprint provided by the user. This flag should not be
+   * specified with TS_VFY_DATA.
+   *)
+  TS_VFY_IMPRINT = TIdC_UINT(1) shl 3;
+  (*
+   * Verify the message imprint computed by the verify method from the user
+   * provided data and the MD algorithm of the response. This flag should not
+   * be specified with TS_VFY_IMPRINT.
+   *)
+  TS_VFY_DATA = TIdC_UINT(1) shl 4;
+  (* Verify the nonce value. *)
+  TS_VFY_NONCE = TIdC_UINT(1) shl 5;
+  (* Verify if the TSA name field matches the signer certificate. *)
+  TS_VFY_SIGNER = TIdC_UINT(1) shl 6;
+  (* Verify if the TSA name field equals to the user provided name. *)
+  TS_VFY_TSA_NAME = TIdC_UINT(1) shl 7;
+
+  (* You can use the following convenience constants. *)
+  TS_VFY_ALL_IMPRINT = TS_VFY_SIGNATURE or TS_VFY_VERSION or TS_VFY_POLICY
+    or TS_VFY_IMPRINT or TS_VFY_NONCE or TS_VFY_SIGNER or TS_VFY_TSA_NAME;
+
+  TS_VFY_ALL_DATA = TS_VFY_SIGNATURE or TS_VFY_VERSION or TS_VFY_POLICY
+    or TS_VFY_DATA or TS_VFY_NONCE or TS_VFY_SIGNER or TS_VFY_TSA_NAME;
+
+type
+  TS_msg_imprint_st = type Pointer;
+  TS_req_st = type Pointer;
+  TS_accuracy_st = type Pointer;
+  TS_tst_info_st = type Pointer;
+
+  TS_MSG_IMPRINT = TS_msg_imprint_st;
+  PTS_MSG_IMPRINT = ^TS_MSG_IMPRINT;
+  PPTS_MSG_IMPRINT = ^PTS_MSG_IMPRINT;
+
+  TS_REQ = TS_req_st;
+  PTS_REQ = ^TS_REQ;
+  PPTS_REQ = ^PTS_REQ;
+
+  TS_ACCURACY = TS_accuracy_st;
+  PTS_ACCURACY = ^TS_ACCURACY;
+  PPTS_ACCURACY = ^PTS_ACCURACY;
+
+  TS_TST_INFO = TS_tst_info_st;
+  PTS_TST_INFO = ^TS_TST_INFO;
+  PPTS_TST_INFO = ^PTS_TST_INFO;
+
+  TS_status_info_st = type Pointer;
+  ESS_issuer_serial_st = type Pointer;
+  ESS_cert_id_st = type Pointer;
+  ESS_signing_cert_st = type Pointer;
+  ESS_cert_id_v2_st = type Pointer;
+  ESS_signing_cert_v2_st = type Pointer;
+
+  TS_STATUS_INFO = TS_status_info_st;
+  PTS_STATUS_INFO = ^TS_STATUS_INFO;
+  PPTS_STATUS_INFO = ^PTS_STATUS_INFO;
+
+  ESS_ISSUER_SERIAL = ESS_issuer_serial_st;
+  PESS_ISSUER_SERIAL = ^ESS_ISSUER_SERIAL;
+  PPESS_ISSUER_SERIAL = ^PESS_ISSUER_SERIAL;
+
+  ESS_CERT_ID = ESS_cert_id_st;
+  PESS_CERT_ID = ^ESS_CERT_ID;
+  PPESS_CERT_ID = ^PESS_CERT_ID;
+
+  ESS_SIGNING_CERT = ESS_signing_cert_st;
+  PESS_SIGNING_CERT = ^ESS_SIGNING_CERT;
+  PPESS_SIGNING_CERT = ^PESS_SIGNING_CERT;
+
+// DEFINE_STACK_OF(ESS_CERT_ID)
+
+  ESS_CERT_ID_V2 = ESS_cert_id_v2_st;
+  PESS_CERT_ID_V2 = ^ESS_CERT_ID_V2;
+  PPESS_CERT_ID_V2 = ^PESS_CERT_ID_V2;
+
+  ESS_SIGNING_CERT_V2 = ESS_signing_cert_v2_st;
+  PESS_SIGNING_CERT_V2 = ^ESS_SIGNING_CERT_V2;
+  PPESS_SIGNING_CERT_V2 = ^PESS_SIGNING_CERT_V2;
+
+// DEFINE_STACK_OF(ESS_CERT_ID_V2)
+  TS_resp_st = type Pointer;
+  TS_RESP = TS_resp_st;
+  PTS_RESP = ^TS_RESP;
+  PPTS_RESP = ^PTS_RESP;
+
+  (* Forward declaration. *)
+  TS_resp_ctx = type Pointer;
+  PTS_resp_ctx = ^TS_resp_ctx;
+  PPTS_resp_ctx = ^PTS_resp_ctx;
+
+  (* This must return a unique number less than 160 bits long. *)
+  TS_serial_cb = function({struct} v1: PTS_resp_ctx; v2: Pointer): PASN1_INTEGER;
+
+  (*
+   * This must return the seconds and microseconds since Jan 1, 1970 in the sec
+   * and usec variables allocated by the caller. Return non-zero for success
+   * and zero for failure.
+   *)
+  TS_time_cb = function({struct} v1: PTS_resp_ctx; v2: Pointer; sec: PIdC_LONG; usec: PIdC_LONG): TIdC_INT;
+
+  (*
+   * This must process the given extension. It can modify the TS_TST_INFO
+   * object of the context. Return values: !0 (processed), 0 (error, it must
+   * set the status info/failure info of the response).
+   *)
+  TS_extension_cb = function({struct} v1: PTS_resp_ctx; v2: PX509_Extension; v3: Pointer): TIdC_INT;
+
+//  TS_VERIFY_CTX = TS_verify_ctx;
+  TS_VERIFY_CTX = type Pointer;
+  PTS_VERIFY_CTX = ^TS_VERIFY_CTX;
+
+var
+  function TS_REQ_new: PTS_REQ;
+  procedure TS_REQ_free(a: PTS_REQ);
+  function i2d_TS_REQ(a: PTS_REQ; pp: PPByte): TIdC_INT;
+  function d2i_TS_REQ(a: PPTS_REQ; pp: PPByte; length: TIdC_LONG): PTS_REQ;
+
+  function TS_REQ_dup(a: PTS_REQ): PTS_REQ;
+
+  function d2i_TS_REQ_bio(fp: PBIO; a: PPTS_REQ): PTS_REQ;
+  function i2d_TS_REQ_bio(fp: PBIO; a: PTS_REQ): TIdC_INT;
+
+  function TS_MSG_IMPRINT_new: PTS_MSG_IMPRINT;
+  procedure TS_MSG_IMPRINT_free(a: PTS_MSG_IMPRINT);
+  function i2d_TS_MSG_IMPRINT(a: PTS_MSG_IMPRINT; pp: PPByte): TIdC_INT;
+  function d2i_TS_MSG_IMPRINT(a: PPTS_MSG_IMPRINT; pp: PPByte; length: TIdC_LONG): PTS_MSG_IMPRINT;
+
+  function TS_MSG_IMPRINT_dup(a: PTS_MSG_IMPRINT): PTS_MSG_IMPRINT;
+
+  function d2i_TS_MSG_IMPRINT_bio(bio: PBIO; a: PPTS_MSG_IMPRINT): PTS_MSG_IMPRINT;
+  function i2d_TS_MSG_IMPRINT_bio(bio: PBIO; a: PTS_MSG_IMPRINT): TIdC_INT;
+
+  function TS_RESP_new: PTS_RESP;
+  procedure TS_RESP_free(a: PTS_RESP);
+  function i2d_TS_RESP(a: PTS_RESP; pp: PPByte): TIdC_INT;
+  function d2i_TS_RESP(a: PPTS_RESP; pp: PPByte; length: TIdC_LONG): PTS_RESP;
+  function PKCS7_to_TS_TST_INFO(token: PPKCS7): PTS_TST_Info;
+  function TS_RESP_dup(a: PTS_RESP): PTS_RESP;
+
+  function d2i_TS_RESP_bio(bio: PBIO; a: PPTS_RESP): PTS_RESP;
+  function i2d_TS_RESP_bio(bio: PBIO; a: PTS_RESP): TIdC_INT;
+
+  function TS_STATUS_INFO_new: PTS_STATUS_INFO;
+  procedure TS_STATUS_INFO_free(a: PTS_STATUS_INFO);
+  function i2d_TS_STATUS_INFO(a: PTS_STATUS_INFO; pp: PPByte): TIdC_INT;
+  function d2i_TS_STATUS_INFO(a: PPTS_STATUS_INFO; pp: PPByte; length: TIdC_LONG): PTS_STATUS_INFO;
+  function TS_STATUS_INFO_dup(a: PTS_STATUS_INFO): PTS_STATUS_INFO;
+
+  function TS_TST_INFO_new: PTS_TST_Info;
+  procedure TS_TST_INFO_free(a: PTS_TST_Info);
+  function i2d_TS_TST_INFO(a: PTS_TST_Info; pp: PPByte): TIdC_INT;
+  function d2i_TS_TST_INFO(a: PPTS_TST_Info; pp: PPByte; length: TIdC_LONG): PTS_TST_Info;
+  function TS_TST_INFO_dup(a: PTS_TST_Info): PTS_TST_Info;
+
+  function d2i_TS_TST_INFO_bio(bio: PBIO; a: PPTS_TST_Info): PTS_TST_Info;
+  function i2d_TS_TST_INFO_bio(bio: PBIO; a: PTS_TST_Info): TIdC_INT;
+
+  function TS_ACCURACY_new: PTS_ACCURACY;
+  procedure TS_ACCURACY_free(a: PTS_ACCURACY);
+  function i2d_TS_ACCURACY(a: PTS_ACCURACY; pp: PPByte): TIdC_INT;
+  function d2i_TS_ACCURACY(a: PPTS_ACCURACY; pp: PPByte; length: TIdC_LONG): PTS_ACCURACY;
+  function TS_ACCURACY_dup(a: PTS_ACCURACY): PTS_ACCURACY;
+
+  function ESS_ISSUER_SERIAL_new: PESS_ISSUER_SERIAL;
+  procedure ESS_ISSUER_SERIAL_free(a: PESS_ISSUER_SERIAL);
+  function i2d_ESS_ISSUER_SERIAL( a: PESS_ISSUER_SERIAL; pp: PPByte): TIdC_INT;
+  function d2i_ESS_ISSUER_SERIAL(a: PPESS_ISSUER_SERIAL; pp: PPByte; length: TIdC_LONG): PESS_ISSUER_SERIAL;
+  function ESS_ISSUER_SERIAL_dup(a: PESS_ISSUER_SERIAL): PESS_ISSUER_SERIAL;
+
+  function ESS_CERT_ID_new: PESS_CERT_ID;
+  procedure ESS_CERT_ID_free(a: PESS_CERT_ID);
+  function i2d_ESS_CERT_ID(a: PESS_CERT_ID; pp: PPByte): TIdC_INT;
+  function d2i_ESS_CERT_ID(a: PPESS_CERT_ID; pp: PPByte; length: TIdC_LONG): PESS_CERT_ID;
+  function ESS_CERT_ID_dup(a: PESS_CERT_ID): PESS_CERT_ID;
+
+  function ESS_SIGNING_CERT_new: PESS_SIGNING_Cert;
+  procedure ESS_SIGNING_CERT_free(a: PESS_SIGNING_Cert);
+  function i2d_ESS_SIGNING_CERT( a: PESS_SIGNING_Cert; pp: PPByte): TIdC_INT;
+  function d2i_ESS_SIGNING_CERT(a: PPESS_SIGNING_Cert; pp: PPByte; length: TIdC_LONG): PESS_SIGNING_Cert;
+  function ESS_SIGNING_CERT_dup(a: PESS_SIGNING_Cert): PESS_SIGNING_Cert;
+
+  function ESS_CERT_ID_V2_new: PESS_CERT_ID_V2;
+  procedure ESS_CERT_ID_V2_free(a: PESS_CERT_ID_V2);
+  function i2d_ESS_CERT_ID_V2( a: PESS_CERT_ID_V2; pp: PPByte): TIdC_INT;
+  function d2i_ESS_CERT_ID_V2(a: PPESS_CERT_ID_V2; pp: PPByte; length: TIdC_LONG): PESS_CERT_ID_V2;
+  function ESS_CERT_ID_V2_dup(a: PESS_CERT_ID_V2): PESS_CERT_ID_V2;
+
+  function ESS_SIGNING_CERT_V2_new: PESS_SIGNING_CERT_V2;
+  procedure ESS_SIGNING_CERT_V2_free(a: PESS_SIGNING_CERT_V2);
+  function i2d_ESS_SIGNING_CERT_V2(a: PESS_SIGNING_CERT_V2; pp: PPByte): TIdC_INT;
+  function d2i_ESS_SIGNING_CERT_V2(a: PPESS_SIGNING_CERT_V2; pp: PPByte; length: TIdC_LONG): PESS_SIGNING_CERT_V2;
+  function ESS_SIGNING_CERT_V2_dup(a: PESS_SIGNING_CERT_V2): PESS_SIGNING_CERT_V2;
+
+  function TS_REQ_set_version(a: PTS_REQ; version: TIdC_LONG): TIdC_INT;
+  function TS_REQ_get_version(a: PTS_REQ): TIdC_LONG;
+
+  function TS_STATUS_INFO_set_status(a: PTS_STATUS_INFO; i: TIdC_INT): TIdC_INT;
+  function TS_STATUS_INFO_get0_status(const a: PTS_STATUS_INFO): PASN1_INTEGER;
+
+  // const STACK_OF(ASN1_UTF8STRING) *TS_STATUS_INFO_get0_text(const TS_STATUS_INFO *a);
+
+  // const ASN1_BIT_STRING *TS_STATUS_INFO_get0_failure_info(const TS_STATUS_INFO *a);
+
+  function TS_REQ_set_msg_imprint(a: PTS_REQ; msg_imprint: PTS_MSG_IMPRINT): TIdC_INT;
+  function TS_REQ_get_msg_imprint(a: PTS_REQ): PTS_MSG_IMPRINT;
+
+  function TS_MSG_IMPRINT_set_algo(a: PTS_MSG_IMPRINT; alg: PX509_ALGOr): TIdC_INT;
+  function TS_MSG_IMPRINT_get_algo(a: PTS_MSG_IMPRINT): PX509_ALGOr;
+
+  function TS_MSG_IMPRINT_set_msg(a: PTS_MSG_IMPRINT; d: PByte; len: TIdC_INT): TIdC_INT;
+  function TS_MSG_IMPRINT_get_msg(a: PTS_MSG_IMPRINT): PASN1_OCTET_STRING;
+
+  function TS_REQ_set_policy_id(a: PTS_REQ; policy: PASN1_OBJECT): TIdC_INT;
+  function TS_REQ_get_policy_id(a: PTS_REQ): PASN1_OBJECT;
+
+  function TS_REQ_set_nonce(a: PTS_REQ; nonce: PASN1_INTEGER): TIdC_INT;
+  function TS_REQ_get_nonce(const a: PTS_REQ): PASN1_INTEGER;
+
+  function TS_REQ_set_cert_req(a: PTS_REQ; cert_req: TIdC_INT): TIdC_INT;
+  function TS_REQ_get_cert_req(a: PTS_REQ): TIdC_INT;
+
+  //STACK_OF(X509_EXTENSION) *TS_REQ_get_exts(TS_REQ *a);
+  procedure TS_REQ_ext_free(a: PTS_REQ);
+  function TS_REQ_get_ext_count(a: PTS_REQ): TIdC_INT;
+  function TS_REQ_get_ext_by_NID(a: PTS_REQ; nid: TIdC_INT; lastpos: TIdC_INT): TIdC_INT;
+  function TS_REQ_get_ext_by_OBJ(a: PTS_REQ; obj: PASN1_Object; lastpos: TIdC_INT): TIdC_INT;
+  function TS_REQ_get_ext_by_critical(a: PTS_REQ; crit: TIdC_INT; lastpos: TIdC_INT): TIdC_INT;
+  function TS_REQ_get_ext(a: PTS_REQ; loc: TIdC_INT): PX509_Extension;
+  function TS_REQ_delete_ext(a: PTS_REQ; loc: TIdC_INT): PX509_Extension;
+  function TS_REQ_add_ext(a: PTS_REQ; ex: PX509_Extension; loc: TIdC_INT): TIdC_INT;
+  function TS_REQ_get_ext_d2i(a: PTS_REQ; nid: TIdC_INT; crit: PIdC_INT; idx: PIdC_INT): Pointer;
+
+  //* Function declarations for TS_REQ defined in ts/ts_req_print.c */
+
+  function TS_REQ_print_bio(bio: PBIO; a: PTS_REQ): TIdC_INT;
+
+  //* Function declarations for TS_RESP defined in ts/ts_resp_utils.c */
+
+  function TS_RESP_set_status_info(a: PTS_RESP; info: PTS_STATUS_INFO): TIdC_INT;
+  function TS_RESP_get_status_info(a: PTS_RESP): PTS_STATUS_INFO;
+
+  //* Caller loses ownership of PKCS7 and TS_TST_INFO objects. */
+  procedure TS_RESP_set_tst_info(a: PTS_RESP; p7: PPKCS7; tst_info: PTS_TST_Info);
+  function TS_RESP_get_token(a: PTS_RESP): PPKCS7;
+  function TS_RESP_get_tst_info(a: PTS_RESP): PTS_TST_Info;
+
+  function TS_TST_INFO_set_version(a: PTS_TST_Info; version: TIdC_LONG): TIdC_INT;
+  function TS_TST_INFO_get_version(const a: PTS_TST_Info): TIdC_LONG;
+
+  function TS_TST_INFO_set_policy_id(a: PTS_TST_Info; policy_id: PASN1_Object): TIdC_INT;
+  function TS_TST_INFO_get_policy_id(a: PTS_TST_Info): PASN1_Object;
+
+  function TS_TST_INFO_set_msg_imprint(a: PTS_TST_Info; msg_imprint: PTS_MSG_IMPRINT): TIdC_INT;
+  function TS_TST_INFO_get_msg_imprint(a: PTS_TST_Info): PTS_MSG_IMPRINT;
+
+  function TS_TST_INFO_set_serial(a: PTS_TST_Info; const serial: PASN1_INTEGER): TIdC_INT;
+  function TS_TST_INFO_get_serial(const a: PTS_TST_INFO): PASN1_INTEGER;
+
+  function TS_TST_INFO_set_time(a: PTS_TST_Info; gtime: PASN1_GENERALIZEDTIME): TIdC_INT;
+  function TS_TST_INFO_get_time(const a: PTS_TST_INFO): PASN1_GENERALIZEDTIME;
+
+  function TS_TST_INFO_set_accuracy(a: PTS_TST_Info; accuracy: PTS_ACCURACY): TIdC_INT;
+  function TS_TST_INFO_get_accuracy(a: PTS_TST_Info): PTS_ACCURACY;
+
+  function TS_ACCURACY_set_seconds(a: PTS_ACCURACY; const seconds: PASN1_INTEGER): TIdC_INT;
+  function TS_ACCURACY_get_seconds(const a: PTS_ACCURACY): PASN1_INTEGER;
+
+  function TS_ACCURACY_set_millis(a: PTS_ACCURACY; const millis: PASN1_INTEGER): TIdC_INT;
+  function TS_ACCURACY_get_millis(const a: PTS_ACCURACY): PASN1_INTEGER;
+
+  function TS_ACCURACY_set_micros(a: PTS_ACCURACY; const micros: PASN1_INTEGER): TIdC_INT;
+  function TS_ACCURACY_get_micros(const a: PTS_ACCURACY): PASN1_INTEGER;
+
+  function TS_TST_INFO_set_ordering(a: PTS_TST_Info; ordering: TIdC_INT): TIdC_INT;
+  function TS_TST_INFO_get_ordering(const a: PTS_TST_Info): TIdC_INT;
+
+  function TS_TST_INFO_set_nonce(a: PTS_TST_Info; const nonce: PASN1_INTEGER): TIdC_INT;
+  function TS_TST_INFO_get_nonce(const a: PTS_TST_INFO): PASN1_INTEGER;
+
+  function TS_TST_INFO_set_tsa(a: PTS_TST_Info; tsa: PGENERAL_NAME): TIdC_INT;
+  function TS_TST_INFO_get_tsa(a: PTS_TST_Info): PGENERAL_NAME;
+
+  //STACK_OF(X509_EXTENSION) *TS_TST_INFO_get_exts(TS_TST_INFO *a);
+  procedure TS_TST_INFO_ext_free(a: PTS_TST_Info);
+  function TS_TST_INFO_get_ext_count(a: PTS_TST_Info): TIdC_INT;
+  function TS_TST_INFO_get_ext_by_NID(a: PTS_TST_Info; nid: TIdC_INT; lastpos: TIdC_INT): TIdC_INT;
+  function TS_TST_INFO_get_ext_by_OBJ(a: PTS_TST_Info; const obj: PASN1_Object; lastpos: TIdC_INT): TIdC_INT;
+  function TS_TST_INFO_get_ext_by_critical(a: PTS_TST_Info; crit: TIdC_INT; lastpos: TIdC_INT): TIdC_INT;
+  function TS_TST_INFO_get_ext(a: PTS_TST_Info; loc: TIdC_INT): PX509_Extension;
+  function TS_TST_INFO_delete_ext(a: PTS_TST_Info; loc: TIdC_INT): PX509_Extension;
+  function TS_TST_INFO_add_ext(a: PTS_TST_Info; ex: PX509_Extension; loc: TIdC_INT): TIdC_INT;
+  function TS_TST_INFO_get_ext_d2i(a: PTS_TST_Info; nid: TIdC_INT; crit: PIdC_INT; idx: PIdC_INT): Pointer;
+
+  (*
+   * Declarations related to response generation, defined in ts/ts_resp_sign.c.
+   *)
+
+  //DEFINE_STACK_OF_CONST(EVP_MD)
+
+  (* Creates a response context that can be used for generating responses. *)
+  function TS_RESP_CTX_new: PTS_RESP_CTX;
+  procedure TS_RESP_CTX_free(ctx: PTS_RESP_CTX);
+
+  (* This parameter must be set. *)
+  function TS_RESP_CTX_set_signer_cert(ctx: PTS_RESP_CTX; signer: PX509): TIdC_INT;
+
+  (* This parameter must be set. *)
+  function TS_RESP_CTX_set_signer_key(ctx: PTS_RESP_CTX; key: PEVP_PKEY): TIdC_INT;
+
+  function TS_RESP_CTX_set_signer_digest(ctx: PTS_RESP_CTX; signer_digest: PEVP_MD): TIdC_INT;
+  function TS_RESP_CTX_set_ess_cert_id_digest(ctx: PTS_RESP_CTX; md: PEVP_MD): TIdC_INT;
+
+  (* This parameter must be set. *)
+  function TS_RESP_CTX_set_def_policy(ctx: PTS_RESP_CTX; def_policy: PASN1_Object): TIdC_INT;
+
+  (* No additional certs are included in the response by default. *)
+  // int TS_RESP_CTX_set_certs(TS_RESP_CTX *ctx, STACK_OF(X509) *certs);
+
+  (*
+   * Adds a new acceptable policy, only the default policy is accepted by
+   * default.
+   *)
+  function TS_RESP_CTX_add_policy(ctx: PTS_RESP_CTX; const policy: PASN1_Object): TIdC_INT;
+
+  (*
+   * Adds a new acceptable message digest. Note that no message digests are
+   * accepted by default. The md argument is shared with the caller.
+   *)
+  function TS_RESP_CTX_add_md(ctx: PTS_RESP_CTX; const md: PEVP_MD): TIdC_INT;
+
+  (* Accuracy is not included by default. *)
+  function TS_RESP_CTX_set_accuracy(ctx: PTS_RESP_CTX; secs: TIdC_INT; millis: TIdC_INT; micros: TIdC_INT): TIdC_INT;
+
+  (*
+   * Clock precision digits, i.e. the number of decimal digits: '0' means sec,
+   * '3' msec, '6' usec, and so on. Default is 0.
+   *)
+  function TS_RESP_CTX_set_clock_precision_digits(ctx: PTS_RESP_CTX; clock_precision_digits: TIdC_UINT): TIdC_INT;
+
+  (* No flags are set by default. *)
+  procedure TS_RESP_CTX_add_flags(ctx: PTS_RESP_CTX; flags: TIdC_INT);
+
+  (* Default callback always returns a constant. *)
+  procedure TS_RESP_CTX_set_serial_cb(ctx: PTS_RESP_CTX; cb: TS_serial_cb; data: Pointer);
+
+  (* Default callback uses the gettimeofday() and gmtime() system calls. *)
+  procedure TS_RESP_CTX_set_time_cb(ctx: PTS_RESP_CTX; cb: TS_time_cb; data: Pointer);
+
+  (*
+   * Default callback rejects all extensions. The extension callback is called
+   * when the TS_TST_INFO object is already set up and not signed yet.
+   *)
+  (* FIXME: extension handling is not tested yet. *)
+  procedure TS_RESP_CTX_set_extension_cb(ctx: PTS_RESP_CTX; cb: TS_extension_cb; data: Pointer);
+
+  (* The following methods can be used in the callbacks. *)
+  function TS_RESP_CTX_set_status_info(ctx: PTS_RESP_CTX; status: TIdC_INT; text: PIdAnsiChar): TIdC_INT;
+
+  (* Sets the status info only if it is still TS_STATUS_GRANTED. *)
+  function TS_RESP_CTX_set_status_info_cond(ctx: PTS_RESP_CTX; status: TIdC_INT; text: PIdAnsiChar): TIdC_INT;
+
+  function TS_RESP_CTX_add_failure_info(ctx: PTS_RESP_CTX; failure: TIdC_INT): TIdC_INT;
+
+  (* The get methods below can be used in the extension callback. *)
+  function TS_RESP_CTX_get_request(ctx: PTS_RESP_CTX): PTS_REQ;
+
+  function TS_RESP_CTX_get_tst_info(ctx: PTS_RESP_CTX): PTS_TST_Info;
+
+  (*
+   * Creates the signed TS_TST_INFO and puts it in TS_RESP.
+   * In case of errors it sets the status info properly.
+   * Returns NULL only in case of memory allocation/fatal error.
+   *)
+  function TS_RESP_create_response(ctx: PTS_RESP_CTX; req_bio: PBIO): PTS_RESP;
+
+  (*
+   * Declarations related to response verification,
+   * they are defined in ts/ts_resp_verify.c.
+   *)
+
+  //int TS_RESP_verify_signature(PKCS7 *token, STACK_OF(X509) *certs,
+  //                             X509_STORE *store, X509 **signer_out);
+
+  (* Context structure for the generic verify method. *)
+
+  function TS_RESP_verify_response(ctx: PTS_VERIFY_CTX; response: PTS_RESP): TIdC_INT;
+  function TS_RESP_verify_token(ctx: PTS_VERIFY_CTX; token: PPKCS7): TIdC_INT;
+
+  (*
+   * Declarations related to response verification context,
+   *)
+  function TS_VERIFY_CTX_new: PTS_VERIFY_CTX;
+  procedure TS_VERIFY_CTX_init(ctx: PTS_VERIFY_CTX);
+  procedure TS_VERIFY_CTX_free(ctx: PTS_VERIFY_CTX);
+  procedure TS_VERIFY_CTX_cleanup(ctx: PTS_VERIFY_CTX);
+  function TS_VERIFY_CTX_set_flags(ctx: PTS_VERIFY_CTX; f: TIdC_INT): TIdC_INT;
+  function TS_VERIFY_CTX_add_flags(ctx: PTS_VERIFY_CTX; f: TIdC_INT): TIdC_INT;
+  function TS_VERIFY_CTX_set_data(ctx: PTS_VERIFY_CTX; b: PBIO): PBIO;
+  function TS_VERIFY_CTX_set_imprint(ctx: PTS_VERIFY_CTX; hexstr: PByte; len: TIdC_LONG): PByte;
+  function TS_VERIFY_CTX_set_store(ctx: PTS_VERIFY_CTX; s: PX509_Store): PX509_Store;
+  // STACK_OF(X509) *TS_VERIFY_CTS_set_certs(TS_VERIFY_CTX *ctx, STACK_OF(X509) *certs);
+
+  (*-
+   * If ctx is NULL, it allocates and returns a new object, otherwise
+   * it returns ctx. It initialises all the members as follows:
+   * flags = TS_VFY_ALL_IMPRINT & ~(TS_VFY_TSA_NAME | TS_VFY_SIGNATURE)
+   * certs = NULL
+   * store = NULL
+   * policy = policy from the request or NULL if absent (in this case
+   *      TS_VFY_POLICY is cleared from flags as well)
+   * md_alg = MD algorithm from request
+   * imprint, imprint_len = imprint from request
+   * data = NULL
+   * nonce, nonce_len = nonce from the request or NULL if absent (in this case
+   *      TS_VFY_NONCE is cleared from flags as well)
+   * tsa_name = NULL
+   * Important: after calling this method TS_VFY_SIGNATURE should be added!
+   *)
+  function TS_REQ_to_TS_VERIFY_CTX(req: PTS_REQ; ctx: PTS_VERIFY_CTX): PTS_VERIFY_CTX;
+
+  (* Function declarations for TS_RESP defined in ts/ts_resp_print.c *)
+
+  function TS_RESP_print_bio(bio: PBIO; a: PTS_RESP): TIdC_INT;
+  function TS_STATUS_INFO_print_bio(bio: PBIO; a: PTS_STATUS_INFO): TIdC_INT;
+  function TS_TST_INFO_print_bio(bio: PBIO; a: PTS_TST_Info): TIdC_INT;
+
+  (* Common utility functions defined in ts/ts_lib.c *)
+
+  function TS_ASN1_INTEGER_print_bio(bio: PBIO; const num: PASN1_INTEGER): TIdC_INT;
+  function TS_OBJ_print_bio(bio: PBIO; const obj: PASN1_Object): TIdC_INT;
+  //function TS_ext_print_bio(bio: PBIO; const STACK_OF(): X509_Extension * extensions): TIdC_INT;
+  function TS_X509_ALGOR_print_bio(bio: PBIO; const alg: PX509_ALGOr): TIdC_INT;
+  function TS_MSG_IMPRINT_print_bio(bio: PBIO; msg: PTS_MSG_IMPRINT): TIdC_INT;
+
+  (*
+   * Function declarations for handling configuration options, defined in
+   * ts/ts_conf.c
+   *)
+
+  function TS_CONF_load_cert(&file: PIdAnsiChar): PX509;
+  function TS_CONF_load_key( &file: PIdAnsiChar; pass: PIdAnsiChar): PEVP_PKey;
+  function TS_CONF_set_serial(conf: PCONF; section: PIdAnsiChar; cb: TS_serial_cb; ctx: PTS_RESP_CTX): TIdC_INT;
+  //STACK_OF(X509) *TS_CONF_load_certs(const char *file);
+  function TS_CONF_get_tsa_section(conf: PCONF; const section: PIdAnsiChar): PIdAnsiChar;
+  function TS_CONF_set_crypto_device(conf: PCONF; section: PIdAnsiChar; device: PIdAnsiChar): TIdC_INT;
+  function TS_CONF_set_default_engine(name: PIdAnsiChar): TIdC_INT;
+  function TS_CONF_set_signer_cert(conf: PCONF; section: PIdAnsiChar; cert: PIdAnsiChar; ctx: PTS_RESP_CTX): TIdC_INT;
+  function TS_CONF_set_certs(conf: PCONF; section: PIdAnsiChar; certs: PIdAnsiChar; ctx: PTS_RESP_CTX): TIdC_INT;
+  function TS_CONF_set_signer_key(conf: PCONF; const section: PIdAnsiChar; key: PIdAnsiChar; pass: PIdAnsiChar; ctx: PTS_RESP_CTX): TIdC_INT;
+  function TS_CONF_set_signer_digest(conf: PCONF; section: PIdAnsiChar; md: PIdAnsiChar; ctx: PTS_RESP_CTX): TIdC_INT;
+  function TS_CONF_set_def_policy(conf: PCONF; section: PIdAnsiChar; policy: PIdAnsiChar; ctx: PTS_RESP_CTX): TIdC_INT;
+  function TS_CONF_set_policies(conf: PCONF; section: PIdAnsiChar; ctx: PTS_RESP_CTX): TIdC_INT;
+  function TS_CONF_set_digests(conf: PCONF; section: PIdAnsiChar; ctx: PTS_RESP_CTX): TIdC_INT;
+  function TS_CONF_set_accuracy(conf: PCONF; section: PIdAnsiChar; ctx: PTS_RESP_CTX): TIdC_INT;
+  function TS_CONF_set_clock_precision_digits(conf: PCONF; section: PIdAnsiChar; ctx: PTS_RESP_CTX): TIdC_INT;
+  function TS_CONF_set_ordering(conf: PCONF; section: PIdAnsiChar; ctx: PTS_RESP_CTX): TIdC_INT;
+  function TS_CONF_set_tsa_name(conf: PCONF; section: PIdAnsiChar; ctx: PTS_RESP_CTX): TIdC_INT;
+  function TS_CONF_set_ess_cert_id_chain(conf: PCONF; section: PIdAnsiChar; ctx: PTS_RESP_CTX): TIdC_INT;
+  function TS_CONF_set_ess_cert_id_digest(conf: PCONF; section: PIdAnsiChar; ctx: PTS_RESP_CTX): TIdC_INT;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_tserr.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_tserr.pas
new file mode 100644
index 000000000..cf226a781
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_tserr.pas
@@ -0,0 +1,151 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+unit IdOpenSSLHeaders_tserr;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// tserr.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+const
+  (*
+   * TS function codes.
+   *)
+  TS_F_DEF_SERIAL_CB = 110;
+  TS_F_DEF_TIME_CB = 111;
+  TS_F_ESS_ADD_SIGNING_CERT = 112;
+  TS_F_ESS_ADD_SIGNING_CERT_V2 = 147;
+  TS_F_ESS_CERT_ID_NEW_INIT = 113;
+  TS_F_ESS_CERT_ID_V2_NEW_INIT = 156;
+  TS_F_ESS_SIGNING_CERT_NEW_INIT = 114;
+  TS_F_ESS_SIGNING_CERT_V2_NEW_INIT = 157;
+  TS_F_INT_TS_RESP_VERIFY_TOKEN = 149;
+  TS_F_PKCS7_TO_TS_TST_INFO = 148;
+  TS_F_TS_ACCURACY_SET_MICROS = 115;
+  TS_F_TS_ACCURACY_SET_MILLIS = 116;
+  TS_F_TS_ACCURACY_SET_SECONDS = 117;
+  TS_F_TS_CHECK_IMPRINTS = 100;
+  TS_F_TS_CHECK_NONCES = 101;
+  TS_F_TS_CHECK_POLICY = 102;
+  TS_F_TS_CHECK_SIGNING_CERTS = 103;
+  TS_F_TS_CHECK_STATUS_INFO = 104;
+  TS_F_TS_COMPUTE_IMPRINT = 145;
+  TS_F_TS_CONF_INVALID = 151;
+  TS_F_TS_CONF_LOAD_CERT = 153;
+  TS_F_TS_CONF_LOAD_CERTS = 154;
+  TS_F_TS_CONF_LOAD_KEY = 155;
+  TS_F_TS_CONF_LOOKUP_FAIL = 152;
+  TS_F_TS_CONF_SET_DEFAULT_ENGINE = 146;
+  TS_F_TS_GET_STATUS_TEXT = 105;
+  TS_F_TS_MSG_IMPRINT_SET_ALGO = 118;
+  TS_F_TS_REQ_SET_MSG_IMPRINT = 119;
+  TS_F_TS_REQ_SET_NONCE = 120;
+  TS_F_TS_REQ_SET_POLICY_ID = 121;
+  TS_F_TS_RESP_CREATE_RESPONSE = 122;
+  TS_F_TS_RESP_CREATE_TST_INFO = 123;
+  TS_F_TS_RESP_CTX_ADD_FAILURE_INFO = 124;
+  TS_F_TS_RESP_CTX_ADD_MD = 125;
+  TS_F_TS_RESP_CTX_ADD_POLICY = 126;
+  TS_F_TS_RESP_CTX_NEW = 127;
+  TS_F_TS_RESP_CTX_SET_ACCURACY = 128;
+  TS_F_TS_RESP_CTX_SET_CERTS = 129;
+  TS_F_TS_RESP_CTX_SET_DEF_POLICY = 130;
+  TS_F_TS_RESP_CTX_SET_SIGNER_CERT = 131;
+  TS_F_TS_RESP_CTX_SET_STATUS_INFO = 132;
+  TS_F_TS_RESP_GET_POLICY = 133;
+  TS_F_TS_RESP_SET_GENTIME_WITH_PRECISION = 134;
+  TS_F_TS_RESP_SET_STATUS_INFO = 135;
+  TS_F_TS_RESP_SET_TST_INFO = 150;
+  TS_F_TS_RESP_SIGN = 136;
+  TS_F_TS_RESP_VERIFY_SIGNATURE = 106;
+  TS_F_TS_TST_INFO_SET_ACCURACY = 137;
+  TS_F_TS_TST_INFO_SET_MSG_IMPRINT = 138;
+  TS_F_TS_TST_INFO_SET_NONCE = 139;
+  TS_F_TS_TST_INFO_SET_POLICY_ID = 140;
+  TS_F_TS_TST_INFO_SET_SERIAL = 141;
+  TS_F_TS_TST_INFO_SET_TIME = 142;
+  TS_F_TS_TST_INFO_SET_TSA = 143;
+  TS_F_TS_VERIFY = 108;
+  TS_F_TS_VERIFY_CERT = 109;
+  TS_F_TS_VERIFY_CTX_NEW = 144;
+
+  (*
+   * TS reason codes.
+   *)
+  TS_R_BAD_PKCS7_TYPE = 132;
+  TS_R_BAD_TYPE = 133;
+  TS_R_CANNOT_LOAD_CERT = 137;
+  TS_R_CANNOT_LOAD_KEY = 138;
+  TS_R_CERTIFICATE_VERIFY_ERROR = 100;
+  TS_R_COULD_NOT_SET_ENGINE = 127;
+  TS_R_COULD_NOT_SET_TIME = 115;
+  TS_R_DETACHED_CONTENT = 134;
+  TS_R_ESS_ADD_SIGNING_CERT_ERROR = 116;
+  TS_R_ESS_ADD_SIGNING_CERT_V2_ERROR = 139;
+  TS_R_ESS_SIGNING_CERTIFICATE_ERROR = 101;
+  TS_R_INVALID_NULL_POINTER = 102;
+  TS_R_INVALID_SIGNER_CERTIFICATE_PURPOSE = 117;
+  TS_R_MESSAGE_IMPRINT_MISMATCH = 103;
+  TS_R_NONCE_MISMATCH = 104;
+  TS_R_NONCE_NOT_RETURNED = 105;
+  TS_R_NO_CONTENT = 106;
+  TS_R_NO_TIME_STAMP_TOKEN = 107;
+  TS_R_PKCS7_ADD_SIGNATURE_ERROR = 118;
+  TS_R_PKCS7_ADD_SIGNED_ATTR_ERROR = 119;
+  TS_R_PKCS7_TO_TS_TST_INFO_FAILED = 129;
+  TS_R_POLICY_MISMATCH = 108;
+  TS_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE = 120;
+  TS_R_RESPONSE_SETUP_ERROR = 121;
+  TS_R_SIGNATURE_FAILURE = 109;
+  TS_R_THERE_MUST_BE_ONE_SIGNER = 110;
+  TS_R_TIME_SYSCALL_ERROR = 122;
+  TS_R_TOKEN_NOT_PRESENT = 130;
+  TS_R_TOKEN_PRESENT = 131;
+  TS_R_TSA_NAME_MISMATCH = 111;
+  TS_R_TSA_UNTRUSTED = 112;
+  TS_R_TST_INFO_SETUP_ERROR = 123;
+  TS_R_TS_DATASIGN = 124;
+  TS_R_UNACCEPTABLE_POLICY = 125;
+  TS_R_UNSUPPORTED_MD_ALGORITHM = 126;
+  TS_R_UNSUPPORTED_VERSION = 113;
+  TS_R_VAR_BAD_VALUE = 135;
+  TS_R_VAR_LOOKUP_FAILURE = 136;
+  TS_R_WRONG_CONTENT_TYPE = 114;
+
+var
+  function ERR_load_TS_strings: TIdC_INT;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_txt_db.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_txt_db.pas
new file mode 100644
index 000000000..8ec32f4e8
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_txt_db.pas
@@ -0,0 +1,82 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+unit IdOpenSSLHeaders_txt_db;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// txt_db.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts,
+  IdOpenSSLHeaders_ossl_typ;
+
+const
+  DB_ERROR_OK = 0;
+  DB_ERROR_MALLOC = 1;
+  DB_ERROR_INDEX_CLASH = 2;
+  DB_ERROR_INDEX_OUT_OF_RANGE = 3;
+  DB_ERROR_NO_INDEX = 4;
+  DB_ERROR_INSERT_INDEX_CLASH = 5;
+  DB_ERROR_WRONG_NUM_FIELDS = 6;
+
+type
+  OPENSSL_STRING = type Pointer;
+  POPENSSL_STRING = ^OPENSSL_STRING;
+// DEFINE_SPECIAL_STACK_OF(OPENSSL_PSTRING, OPENSSL_STRING)
+
+  qual_func =  function (v1: POPENSSL_STRING): TIdC_INT;
+  txt_db_st = record
+    num_fields: TIdC_INT;
+    data: Pointer; // STACK_OF(OPENSSL_PSTRING) *
+    index: Pointer; // LHASH_OF(OPENSSL_STRING) **
+    qual: qual_func;
+    error: TIdC_LONG;
+    arg1: TIdC_LONG;
+    arg2: TIdC_LONG;
+    arg_row: POPENSSL_STRING;
+  end;
+  TXT_DB = txt_db_st;
+  PTXT_DB = ^TXT_DB;
+
+  TXT_DB_create_index_qual = function(v1: POPENSSL_STRING): TIdC_INT;
+
+var
+  function TXT_DB_read(&in: PBIO; num: TIdC_INT): PTXT_DB;
+  function TXT_DB_write(&out: PBIO; db: PTXT_DB): TIdC_LONG;
+  //function TXT_DB_create_index(db: PTXT_DB; field: TIdC_INT; qual: TXT_DB_create_index_qual; hash: OPENSSL_LH_HashFunc; cmp: OPENSSL_LH_COMPFUNC): TIdC_INT;
+  procedure TXT_DB_free(db: PTXT_DB);
+  function TXT_DB_get_by_index(db: PTXT_DB; idx: TIdC_INT; value: POPENSSL_STRING): POPENSSL_STRING;
+  function TXT_DB_insert(db: PTXT_DB; value: POPENSSL_STRING): TIdC_INT;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ui.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ui.pas
new file mode 100644
index 000000000..1b57d9f4a
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ui.pas
@@ -0,0 +1,378 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+unit IdOpenSSLHeaders_ui;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// ui.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts,
+  IdOpenSSLHeaders_ossl_typ,
+  IdOpenSSLHeaders_crypto,
+  IdOpenSSLHeaders_pem,
+  IdOpenSSLHeaders_uierr;
+
+{$MINENUMSIZE 4}
+
+const
+  (* These are the possible flags.  They can be or'ed together. *)
+  (* Use to have echoing of input *)
+  UI_INPUT_FLAG_ECHO = $01;
+  (*
+   * Use a default password.  Where that password is found is completely up to
+   * the application, it might for example be in the user data set with
+   * UI_add_user_data().  It is not recommended to have more than one input in
+   * each UI being marked with this flag, or the application might get
+   * confused.
+   *)
+  UI_INPUT_FLAG_DEFAULT_PWD = $02;
+
+
+  (*
+   * The user of these routines may want to define flags of their own.  The core
+   * UI won't look at those, but will pass them on to the method routines.  They
+   * must use higher bits so they don't get confused with the UI bits above.
+   * UI_INPUT_FLAG_USER_BASE tells which is the lowest bit to use.  A good
+   * example of use is this:
+   *
+   *    #define MY_UI_FLAG1       (0x01 << UI_INPUT_FLAG_USER_BASE)
+   *
+  *)
+  UI_INPUT_FLAG_USER_BASE = 16;
+
+  (* The commands *)
+  (*
+   * Use UI_CONTROL_PRINT_ERRORS with the value 1 to have UI_process print the
+   * OpenSSL error stack before printing any info or added error messages and
+   * before any prompting.
+   *)
+  UI_CTRL_PRINT_ERRORS = 1;
+  (*
+   * Check if a UI_process() is possible to do again with the same instance of
+   * a user interface.  This makes UI_ctrl() return 1 if it is redoable, and 0
+   * if not.
+   *)
+  UI_CTRL_IS_REDOABLE = 2;
+
+type
+  (*
+   * Give a user interface parameterised control commands.  This can be used to
+   * send down an integer, a data pointer or a function pointer, as well as be
+   * used to get information from a UI.
+   *)
+  UI_ctrl_f = procedure;
+
+  (*
+   * The UI_STRING type is the data structure that contains all the needed info
+   * about a string or a prompt, including test data for a verification prompt.
+   *)
+  ui_string_st = type Pointer;
+  UI_STRING = ui_string_st;
+  PUI_STRING = ^UI_STRING;
+// DEFINE_STACK_OF(UI_STRING)
+
+  (*
+   * The different types of strings that are currently supported. This is only
+   * needed by method authors.
+   *)
+  UI_string_types = (
+    UIT_NONE = 0,
+    UIT_PROMPT,                 (* Prompt for a string *)
+    UIT_VERIFY,                 (* Prompt for a string and verify *)
+    UIT_BOOLEAN,                (* Prompt for a yes/no response *)
+    UIT_INFO,                   (* Send info to the user *)
+    UIT_ERROR                   (* Send an error message to the user *)
+  );
+
+  (* Create and manipulate methods *)
+  UI_method_opener_cb = function(ui: PUI): TIdC_INT;
+  UI_method_writer_cb = function(ui: PUI; uis: PUI_String): TIdC_INT;
+  UI_method_flusher_cb = function(ui: PUI): TIdC_INT;
+  UI_method_reader_cb = function(ui: PUI; uis: PUI_String): TIdC_INT;
+  UI_method_closer_cb = function(ui: PUI): TIdC_INT;
+  UI_method_data_duplicator_cb = function(ui: PUI; ui_data: Pointer): Pointer;
+  UI_method_data_destructor_cb = procedure(ui: PUI; ui_data: Pointer);
+  UI_method_prompt_constructor_cb = function(ui: PUI; const object_desc: PIdAnsiChar; const object_name: PIdAnsiChar): PIdAnsiChar;
+
+var
+  (*
+   * All the following functions return -1 or NULL on error and in some cases
+   * (UI_process()) -2 if interrupted or in some other way cancelled. When
+   * everything is fine, they return 0, a positive value or a non-NULL pointer,
+   * all depending on their purpose.
+   *)
+
+  (* Creators and destructor.   *)
+  function UI_new: PUI;
+  function UI_new_method(const method: PUI_Method): PUI;
+  procedure UI_free(ui: PUI);
+
+  (*
+   * The following functions are used to add strings to be printed and prompt
+   * strings to prompt for data.  The names are UI_{add,dup}_<function>_string
+   * and UI_{add,dup}_input_boolean.
+   *
+   * UI_{add,dup}_<function>_string have the following meanings:
+   *      add     add a text or prompt string.  The pointers given to these
+   *              functions are used verbatim, no copying is done.
+   *      dup     make a copy of the text or prompt string, then add the copy
+   *              to the collection of strings in the user interface.
+   *      <function>
+   *              The function is a name for the functionality that the given
+   *              string shall be used for.  It can be one of:
+   *                      input   use the string as data prompt.
+   *                      verify  use the string as verification prompt.  This
+   *                              is used to verify a previous input.
+   *                      info    use the string for informational output.
+   *                      error   use the string for error output.
+   * Honestly, there's currently no difference between info and error for the
+   * moment.
+   *
+   * UI_{add,dup}_input_boolean have the same semantics for "add" and "dup",
+   * and are typically used when one wants to prompt for a yes/no response.
+   *
+   * All of the functions in this group take a UI and a prompt string.
+   * The string input and verify addition functions also take a flag argument,
+   * a buffer for the result to end up with, a minimum input size and a maximum
+   * input size (the result buffer MUST be large enough to be able to contain
+   * the maximum number of characters).  Additionally, the verify addition
+   * functions takes another buffer to compare the result against.
+   * The boolean input functions take an action description string (which should
+   * be safe to ignore if the expected user action is obvious, for example with
+   * a dialog box with an OK button and a Cancel button), a string of acceptable
+   * characters to mean OK and to mean Cancel.  The two last strings are checked
+   * to make sure they don't have common characters.  Additionally, the same
+   * flag argument as for the string input is taken, as well as a result buffer.
+   * The result buffer is required to be at least one byte long.  Depending on
+   * the answer, the first character from the OK or the Cancel character strings
+   * will be stored in the first byte of the result buffer.  No NUL will be
+   * added, so the result is *not* a string.
+   *
+   * On success, the all return an index of the added information.  That index
+   * is useful when retrieving results with UI_get0_result(). *)
+
+  function UI_add_input_string(ui: PUI; const prompt: PIdAnsiChar; flags: TIdC_INT; result_buf: PIdAnsiChar; minsize: TIdC_INT; maxsize: TIdC_INT): TIdC_INT;
+  function UI_dup_input_string(ui: PUI; const prompt: PIdAnsiChar; flags: TIdC_INT; result_buf: PIdAnsiChar; minsize: TIdC_INT; maxsize: TIdC_INT): TIdC_INT;
+  function UI_add_verify_string(ui: PUI; const prompt: PIdAnsiChar; flags: TIdC_INT; result_buf: PIdAnsiChar; minsize: TIdC_INT; maxsize: TIdC_INT; const test_buf: PIdAnsiChar): TIdC_INT;
+  function UI_dup_verify_string(ui: PUI; const prompt: PIdAnsiChar; flags: TIdC_INT; result_buf: PIdAnsiChar; minsize: TIdC_INT; maxsize: TIdC_INT; const test_buf: PIdAnsiChar): TIdC_INT;
+  function UI_add_input_boolean(ui: PUI; const prompt: PIdAnsiChar; const action_desc: PIdAnsiChar; const ok_chars: PIdAnsiChar; const cancel_chars: PIdAnsiChar; flags: TIdC_INT; result_buf: PIdAnsiChar): TIdC_INT;
+  function UI_dup_input_boolean(ui: PUI; const prompt: PIdAnsiChar; const action_desc: PIdAnsiChar; const ok_chars: PIdAnsiChar; const cancel_chars: PIdAnsiChar; flags: TIdC_INT; result_buf: PIdAnsiChar): TIdC_INT;
+  function UI_add_info_string(ui: PUI; const text: PIdAnsiChar): TIdC_INT;
+  function UI_dup_info_string(ui: PUI; const text: PIdAnsiChar): TIdC_INT;
+  function UI_add_error_string(ui: PUI; const text: PIdAnsiChar): TIdC_INT;
+  function UI_dup_error_string(ui: PUI; const text: PIdAnsiChar): TIdC_INT;
+
+  (*
+   * The following function helps construct a prompt.  object_desc is a
+   * textual short description of the object, for example "pass phrase",
+   * and object_name is the name of the object (might be a card name or
+   * a file name.
+   * The returned string shall always be allocated on the heap with
+   * OPENSSL_malloc(), and need to be free'd with OPENSSL_free().
+   *
+   * If the ui_method doesn't contain a pointer to a user-defined prompt
+   * constructor, a default string is built, looking like this:
+   *
+   *       "Enter {object_desc} for {object_name}:"
+   *
+   * So, if object_desc has the value "pass phrase" and object_name has
+   * the value "foo.key", the resulting string is:
+   *
+   *       "Enter pass phrase for foo.key:"
+   *)
+  function UI_construct_prompt(ui_method: PUI; const object_desc: PIdAnsiChar; const object_name: PIdAnsiChar): PIdAnsiChar;
+
+  (*
+   * The following function is used to store a pointer to user-specific data.
+   * Any previous such pointer will be returned and replaced.
+   *
+   * For callback purposes, this function makes a lot more sense than using
+   * ex_data, since the latter requires that different parts of OpenSSL or
+   * applications share the same ex_data index.
+   *
+   * Note that the UI_OpenSSL() method completely ignores the user data. Other
+   * methods may not, however.
+   *)
+  function UI_add_user_data(ui: PUI; user_data: Pointer): Pointer;
+  (*
+   * Alternatively, this function is used to duplicate the user data.
+   * This uses the duplicator method function.  The destroy function will
+   * be used to free the user data in this case.
+   *)
+  function UI_dup_user_data(ui: PUI; user_data: Pointer): TIdC_INT;
+  (* We need a user data retrieving function as well.  *)
+  function UI_get0_user_data(ui: PUI): Pointer;
+
+  (* Return the result associated with a prompt given with the index i. *)
+  function UI_get0_result(ui: PUI; i: TIdC_INT): PIdAnsiChar;
+  function UI_get_result_length(ui: PUI; i: TIdC_INT): TIdC_INT;
+
+  (* When all strings have been added, process the whole thing. *)
+  function UI_process(ui: PUI): TIdC_INT;
+
+  (*
+   * Give a user interface parameterised control commands.  This can be used to
+   * send down an integer, a data pointer or a function pointer, as well as be
+   * used to get information from a UI.
+   *)
+  function UI_ctrl(ui: PUI; cmd: TIdC_INT; i: TIdC_LONG; p: Pointer; f: UI_ctrl_f): TIdC_INT;
+
+
+  (* Some methods may use extra data *)
+  //# define UI_set_app_data(s,arg)         UI_set_ex_data(s,0,arg)
+  //# define UI_get_app_data(s)             UI_get_ex_data(s,0)
+
+  //# define UI_get_ex_new_index(l, p, newf, dupf, freef) \
+  //    CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_UI, l, p, newf, dupf, freef)
+  function UI_set_ex_data(r: PUI; idx: TIdC_INT; arg: Pointer): TIdC_INT;
+  function UI_get_ex_data(r: PUI; idx: TIdC_INT): Pointer;
+
+  (* Use specific methods instead of the built-in one *)
+  procedure UI_set_default_method(const meth: PUI_Method);
+  function UI_get_default_method: PUI_METHOD;
+  function UI_get_method(ui: PUI): PUI_METHOD;
+  function UI_set_method(ui: PUI; const meth: PUI_METHOD): PUI_METHOD;
+
+  (* The method with all the built-in thingies *)
+  function UI_OpenSSL: PUI_Method;
+
+  (*
+   * NULL method.  Literally does nothing, but may serve as a placeholder
+   * to avoid internal default.
+   *)
+  function UI_null: PUI_METHOD;
+
+  (* ---------- For method writers ---------- *)
+  (*
+     A method contains a number of functions that implement the low level
+     of the User Interface.  The functions are:
+
+          an opener       This function starts a session, maybe by opening
+                          a channel to a tty, or by opening a window.
+          a writer        This function is called to write a given string,
+                          maybe to the tty, maybe as a field label in a
+                          window.
+          a flusher       This function is called to flush everything that
+                          has been output so far.  It can be used to actually
+                          display a dialog box after it has been built.
+          a reader        This function is called to read a given prompt,
+                          maybe from the tty, maybe from a field in a
+                          window.  Note that it's called with all string
+                          structures, not only the prompt ones, so it must
+                          check such things itself.
+          a closer        This function closes the session, maybe by closing
+                          the channel to the tty, or closing the window.
+
+     All these functions are expected to return:
+
+          0       on error.
+          1       on success.
+          -1      on out-of-band events, for example if some prompting has
+                  been canceled (by pressing Ctrl-C, for example).  This is
+                  only checked when returned by the flusher or the reader.
+
+     The way this is used, the opener is first called, then the writer for all
+     strings, then the flusher, then the reader for all strings and finally the
+     closer.  Note that if you want to prompt from a terminal or other command
+     line interface, the best is to have the reader also write the prompts
+     instead of having the writer do it.  If you want to prompt from a dialog
+     box, the writer can be used to build up the contents of the box, and the
+     flusher to actually display the box and run the event loop until all data
+     has been given, after which the reader only grabs the given data and puts
+     them back into the UI strings.
+
+     All method functions take a UI as argument.  Additionally, the writer and
+     the reader take a UI_STRING.
+  *)
+
+  function UI_create_method(const name: PIdAnsiChar): PUI_Method;
+  procedure UI_destroy_method(ui_method: PUI_Method);
+
+  function UI_method_set_opener(method: PUI_Method; opener: UI_method_opener_cb): TIdC_INT;
+  function UI_method_set_writer(method: PUI_Method; writer: UI_method_writer_cb): TIdC_INT;
+  function UI_method_set_flusher(method: PUI_Method; flusher: UI_method_flusher_cb): TIdC_INT;
+  function UI_method_set_reader(method: PUI_Method; reader: UI_method_reader_cb): TIdC_INT;
+  function UI_method_set_closer(method: PUI_Method; closer: UI_method_closer_cb): TIdC_INT;
+  function UI_method_set_data_duplicator(method: PUI_Method; duplicator: UI_method_data_duplicator_cb; &destructor: UI_method_data_destructor_cb): TIdC_INT;
+  function UI_method_set_prompt_constructor(method: PUI_Method; prompt_constructor: UI_method_prompt_constructor_cb): TIdC_INT;
+  function UI_method_set_ex_data(method: PUI_Method; idx: TIdC_INT; data: Pointer): TIdC_INT;
+
+  function UI_method_get_opener(const method: PUI_METHOD): UI_method_opener_cb;
+  function UI_method_get_writer(const method: PUI_METHOD): UI_method_writer_cb;
+  function UI_method_get_flusher(const method: PUI_METHOD): UI_method_flusher_cb;
+  function UI_method_get_reader(const method: PUI_METHOD): UI_method_reader_cb;
+  function UI_method_get_closer(const method: PUI_METHOD): UI_method_closer_cb;
+  function UI_method_get_prompt_constructor(const method: PUI_METHOD): UI_method_prompt_constructor_cb;
+  function UI_method_get_data_duplicator(const method: PUI_METHOD): UI_method_data_duplicator_cb;
+  function UI_method_get_data_destructor(const method: PUI_METHOD): UI_method_data_destructor_cb;
+  function UI_method_get_ex_data(const method: PUI_METHOD; idx: TIdC_INT): Pointer;
+
+  (*
+   * The following functions are helpers for method writers to access relevant
+   * data from a UI_STRING.
+   *)
+
+  (* Return type of the UI_STRING *)
+  function UI_get_string_type(uis: PUI_String): UI_string_types;
+  (* Return input flags of the UI_STRING *)
+  function UI_get_input_flags(uis: PUI_String): TIdC_INT;
+  (* Return the actual string to output (the prompt, info or error) *)
+  function UI_get0_output_string(uis: PUI_String): PIdAnsiChar;
+  (*
+   * Return the optional action string to output (the boolean prompt
+   * instruction)
+   *)
+  function UI_get0_action_string(uis: PUI_String): PIdAnsiChar;
+  (* Return the result of a prompt *)
+  function UI_get0_result_string(uis: PUI_String): PIdAnsiChar;
+  function UI_get_result_string_length(uis: PUI_String): TIdC_INT;
+  (*
+   * Return the string to test the result against.  Only useful with verifies.
+   *)
+  function UI_get0_test_string(uis: PUI_String): PIdAnsiChar;
+  (* Return the required minimum size of the result *)
+  function UI_get_result_minsize(uis: PUI_String): TIdC_INT;
+  (* Return the required maximum size of the result *)
+  function UI_get_result_maxsize(uis: PUI_String): TIdC_INT;
+  (* Set the result of a UI_STRING. *)
+  function UI_set_result(ui: PUI; uis: PUI_String; const result: PIdAnsiChar): TIdC_INT;
+  function UI_set_result_ex(ui: PUI; uis: PUI_String; const result: PIdAnsiChar; len: TIdC_INT): TIdC_INT;
+
+  (* A couple of popular utility functions *)
+  function UI_UTIL_read_pw_string(buf: PIdAnsiChar; length: TIdC_INT; const prompt: PIdAnsiChar; verify: TIdC_INT): TIdC_INT;
+  function UI_UTIL_read_pw(buf: PIdAnsiChar; buff: PIdAnsiChar; size: TIdC_INT; const prompt: PIdAnsiChar; verify: TIdC_INT): TIdC_INT;
+  function UI_UTIL_wrap_read_pem_callback(cb: pem_password_cb; rwflag: TIdC_INT): PUI_Method;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_uierr.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_uierr.pas
new file mode 100644
index 000000000..d3a299c72
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_uierr.pas
@@ -0,0 +1,89 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+unit IdOpenSSLHeaders_uierr;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// uierr.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+const
+  (*
+   * UI function codes.
+   *)
+  UI_F_CLOSE_CONSOLE = 115;
+  UI_F_ECHO_CONSOLE = 116;
+  UI_F_GENERAL_ALLOCATE_BOOLEAN = 108;
+  UI_F_GENERAL_ALLOCATE_PROMPT = 109;
+  UI_F_NOECHO_CONSOLE = 117;
+  UI_F_OPEN_CONSOLE = 114;
+  UI_F_UI_CONSTRUCT_PROMPT = 121;
+  UI_F_UI_CREATE_METHOD = 112;
+  UI_F_UI_CTRL = 111;
+  UI_F_UI_DUP_ERROR_STRING = 101;
+  UI_F_UI_DUP_INFO_STRING = 102;
+  UI_F_UI_DUP_INPUT_BOOLEAN = 110;
+  UI_F_UI_DUP_INPUT_STRING = 103;
+  UI_F_UI_DUP_USER_DATA = 118;
+  UI_F_UI_DUP_VERIFY_STRING = 106;
+  UI_F_UI_GET0_RESULT = 107;
+  UI_F_UI_GET_RESULT_LENGTH = 119;
+  UI_F_UI_NEW_METHOD = 104;
+  UI_F_UI_PROCESS = 113;
+  UI_F_UI_SET_RESULT = 105;
+  UI_F_UI_SET_RESULT_EX = 120;
+
+  (*
+   * UI reason codes.
+   *)
+  UI_R_COMMON_OK_AND_CANCEL_CHARACTERS = 104;
+  UI_R_INDEX_TOO_LARGE = 102;
+  UI_R_INDEX_TOO_SMALL = 103;
+  UI_R_NO_RESULT_BUFFER = 105;
+  UI_R_PROCESSING_ERROR = 107;
+  UI_R_RESULT_TOO_LARGE = 100;
+  UI_R_RESULT_TOO_SMALL = 101;
+  UI_R_SYSASSIGN_ERROR = 109;
+  UI_R_SYSDASSGN_ERROR = 110;
+  UI_R_SYSQIOW_ERROR = 111;
+  UI_R_UNKNOWN_CONTROL_COMMAND = 106;
+  UI_R_UNKNOWN_TTYGET_ERRNO_VALUE = 108;
+  UI_R_USER_DATA_DUPLICATION_UNSUPPORTED = 112;
+
+var
+  function ERR_load_UI_strings: TIdC_INT;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_whrlpool.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_whrlpool.pas
new file mode 100644
index 000000000..905672322
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_whrlpool.pas
@@ -0,0 +1,70 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+unit IdOpenSSLHeaders_whrlpool;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// whrlpool.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+const
+  WHIRLPOOL_DIGEST_LENGTH = 512 div 8;
+  WHIRLPOOL_BBLOCK = 512;
+  WHIRLPOOL_COUNTER = 256 div 8;
+
+type
+  WHIRLPOOL_CTX_union = record
+    case Byte of
+      0: (c: array[0 .. WHIRLPOOL_DIGEST_LENGTH -1] of Byte);
+      (* double q is here to ensure 64-bit alignment *)
+      1: (q: array[0 .. (WHIRLPOOL_DIGEST_LENGTH div SizeOf(TIdC_DOUBLE)) -1] of TIdC_DOUBLE);
+  end;
+  WHIRLPOOL_CTX = record
+    H: WHIRLPOOL_CTX_union;
+    data: array[0 .. (WHIRLPOOL_BBLOCK div 8) -1] of Byte;
+    bitoff: TIdC_UINT;
+    bitlen: array[0 .. (WHIRLPOOL_COUNTER div SizeOf(TIdC_SIZET)) -1] of TIdC_SIZET;
+  end;
+  PWHIRLPOOL_CTX = ^WHIRLPOOL_CTX;
+
+var
+  function WHIRLPOOL_Init(c: PWHIRLPOOL_CTX): TIdC_INT;
+  function WHIRLPOOL_Update(c: PWHIRLPOOL_CTX; inp: Pointer; bytes: TIdC_SIZET): TIdC_INT;
+  procedure WHIRLPOOL_BitUpdate(c: PWHIRLPOOL_CTX; inp: Pointer; bits: TIdC_SIZET);
+  function WHIRLPOOL_Final(md: PByte; c: PWHIRLPOOL_CTX): TIdC_INT;
+  function WHIRLPOOL(inp: Pointer; bytes: TIdC_SIZET; md: PByte): PByte;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_x509.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_x509.pas
new file mode 100644
index 000000000..5fdc36b9e
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_x509.pas
@@ -0,0 +1,971 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+unit IdOpenSSLHeaders_x509;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// x509.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts,
+  IdOpenSSLHeaders_asn1,
+  IdOpenSSLHeaders_bio,
+  IdOpenSSLHeaders_evp,
+  IdOpenSSLHeaders_ossl_typ;
+
+type
+  X509_ALGORS = type Pointer;
+
+const
+  (* Flags for X509_get_signature_info() *)
+  (* Signature info is valid *)
+  X509_SIG_INFO_VALID = $1;
+  (* Signature is suitable for TLS use *)
+  X509_SIG_INFO_TLS = $2;
+
+  X509_FILETYPE_PEM     = 1;
+  X509_FILETYPE_ASN1    = 2;
+  X509_FILETYPE_DEFAULT = 3;
+
+  X509v3_KU_DIGITAL_SIGNATURE = $0080;
+  X509v3_KU_NON_REPUDIATION   = $0040;
+  X509v3_KU_KEY_ENCIPHERMENT  = $0020;
+  X509v3_KU_DATA_ENCIPHERMENT = $0010;
+  X509v3_KU_KEY_AGREEMENT     = $0008;
+  X509v3_KU_KEY_CERT_SIGN     = $0004;
+  X509v3_KU_CRL_SIGN          = $0002;
+  X509v3_KU_ENCIPHER_ONLY     = $0001;
+  X509v3_KU_DECIPHER_ONLY     = $8000;
+  X509v3_KU_UNDEF             = $ffff;
+
+  X509_EX_V_NETSCAPE_HACK = $8000;
+  X509_EX_V_INIT          = $0001;
+
+
+  (* standard trust ids *)
+
+  X509_TRUST_DEFAULT      = 0; (* Only valid in purpose settings *)
+
+  X509_TRUST_COMPAT       = 1;
+  X509_TRUST_SSL_CLIENT   = 2;
+  X509_TRUST_SSL_SERVER   = 3;
+  X509_TRUST_EMAIL        = 4;
+  X509_TRUST_OBJECT_SIGN  = 5;
+  X509_TRUST_OCSP_SIGN    = 6;
+  X509_TRUST_OCSP_REQUEST = 7;
+  X509_TRUST_TSA          = 8;
+
+  (* Keep these up to date! *)
+  X509_TRUST_MIN          = 1;
+  X509_TRUST_MAX          = 8;
+
+  (* trust_flags values *)
+  X509_TRUST_DYNAMIC      = TIdC_UINT(1) shl 0;
+  X509_TRUST_DYNAMIC_NAME = TIdC_UINT(1) shl 1;
+  (* No compat trust if self-signed, preempts "DO_SS" *)
+  X509_TRUST_NO_SS_COMPAT = TIdC_UINT(1) shl 2;
+  (* Compat trust if no explicit accepted trust EKUs *)
+  X509_TRUST_DO_SS_COMPAT = TIdC_UINT(1) shl 3;
+  (* Accept "anyEKU" as a wildcard trust OID *)
+  X509_TRUST_OK_ANY_EKU   = TIdC_UINT(1) shl 4;
+
+  (* check_trust return codes *)
+
+  X509_TRUST_TRUSTED   = 1;
+  X509_TRUST_REJECTED  = 2;
+  X509_TRUST_UNTRUSTED = 3;
+
+  (* Flags for X509_print_ex() *)
+
+  X509_FLAG_COMPAT        = 0;
+  X509_FLAG_NO_HEADER     = TIdC_LONG(1);
+  X509_FLAG_NO_VERSION    = TIdC_LONG(1) shl 1;
+  X509_FLAG_NO_SERIAL     = TIdC_LONG(1) shl 2;
+  X509_FLAG_NO_SIGNAME    = TIdC_LONG(1) shl 3;
+  X509_FLAG_NO_ISSUER     = TIdC_LONG(1) shl 4;
+  X509_FLAG_NO_VALIDITY   = TIdC_LONG(1) shl 5;
+  X509_FLAG_NO_SUBJECT    = TIdC_LONG(1) shl 6;
+  X509_FLAG_NO_PUBKEY     = TIdC_LONG(1) shl 7;
+  X509_FLAG_NO_EXTENSIONS = TIdC_LONG(1) shl 8;
+  X509_FLAG_NO_SIGDUMP    = TIdC_LONG(1) shl 9;
+  X509_FLAG_NO_AUX        = TIdC_LONG(1) shl 10;
+  X509_FLAG_NO_ATTRIBUTES = TIdC_LONG(1) shl 11;
+  X509_FLAG_NO_IDS        = TIdC_LONG(1) shl 12;
+
+  (* Flags specific to X509_NAME_print_ex() *)
+
+  (* The field separator information *)
+
+  XN_FLAG_SEP_MASK       = $f shl 16;
+
+  XN_FLAG_COMPAT         = 0;(* Traditional; use old X509_NAME_print *)
+  XN_FLAG_SEP_COMMA_PLUS = 1 shl 16;(* RFC2253 ,+ *)
+  XN_FLAG_SEP_CPLUS_SPC  = 2 shl 16;(* ,+ spaced: more readable *)
+  XN_FLAG_SEP_SPLUS_SPC  = 3 shl 16;(* ;+ spaced *)
+  XN_FLAG_SEP_MULTILINE  = 4 shl 16;(* One line per field *)
+
+  XN_FLAG_DN_REV         = 1 shl 20;(* Reverse DN order *)
+
+  (* How the field name is shown *)
+
+  XN_FLAG_FN_MASK        = $3 shl 21;
+
+  XN_FLAG_FN_SN          = 0;(* Object short name *)
+  XN_FLAG_FN_LN          = 1 shl 21;(* Object long name *)
+  XN_FLAG_FN_OID         = 2 shl 21;(* Always use OIDs *)
+  XN_FLAG_FN_NONE        = 3 shl 21;(* No field names *)
+
+  XN_FLAG_SPC_EQ         = 1 shl 23;(* Put spaces round '=' *)
+
+  (*
+   * This determines if we dump fields we don't recognise: RFC2253 requires
+   * this.
+   *)
+
+  XN_FLAG_DUMP_UNKNOWN_FIELDS = 1 shl 24;
+
+  XN_FLAG_FN_ALIGN = 1 shl 25;(* Align field names to 20
+                                             * characters *)
+
+  (* Complete set of RFC2253 flags *)
+
+  XN_FLAG_RFC2253 = ASN1_STRFLGS_RFC2253 or XN_FLAG_SEP_COMMA_PLUS
+    or XN_FLAG_DN_REV or XN_FLAG_FN_SN or XN_FLAG_DUMP_UNKNOWN_FIELDS;
+
+  (* readable oneline form *)
+
+  XN_FLAG_ONELINE = ASN1_STRFLGS_RFC2253 or ASN1_STRFLGS_ESC_QUOTE
+    or XN_FLAG_SEP_CPLUS_SPC or XN_FLAG_SPC_EQ or XN_FLAG_FN_SN;
+
+  (* readable multiline form *)
+
+  XN_FLAG_MULTILINE = ASN1_STRFLGS_ESC_CTRL or ASN1_STRFLGS_ESC_MSB
+    or XN_FLAG_SEP_MULTILINE or XN_FLAG_SPC_EQ or XN_FLAG_FN_LN or XN_FLAG_FN_ALIGN;
+
+  X509_EXT_PACK_UNKNOWN = 1;
+  X509_EXT_PACK_STRING  = 2;
+
+type
+  X509_val_st = record
+    notBefore: PASN1_TIME;
+    notAfter: PASN1_TIME;
+  end;
+  X509_VAL = X509_val_st;
+  PX509_VAL = ^X509_VAL;
+  PPX509_VAL = ^PX509_VAL;
+
+  X509_SIG = type Pointer; // X509_sig_st
+  PX509_SIG = ^X509_SIG;
+  PPX509_SIG = ^PX509_SIG;
+
+  X509_NAME_ENTRY = type Pointer; // X509_name_entry_st
+  PX509_NAME_ENTRY = ^X509_NAME_ENTRY;
+  PPX509_NAME_ENTRY = ^PX509_NAME_ENTRY;
+
+  //DEFINE_STACK_OF(X509_NAME_ENTRY)
+  //
+  //DEFINE_STACK_OF(X509_NAME)
+
+  X509_EXTENSION = type Pointer; // X509_extension_st
+  PX509_EXTENSION = ^X509_EXTENSION;
+  PPX509_EXTENSION = ^PX509_EXTENSION;
+
+  //typedef STACK_OF(X509_EXTENSION) X509_EXTENSIONS;
+  //
+  //DEFINE_STACK_OF(X509_EXTENSION)
+
+  X509_ATTRIBUTE = type Pointer; // x509_attributes_st
+  PX509_ATTRIBUTE = ^X509_ATTRIBUTE;
+  PPX509_ATTRIBUTE = ^PX509_ATTRIBUTE;
+
+  //DEFINE_STACK_OF(X509_ATTRIBUTE)
+
+  X509_REQ_INFO = type Pointer; // X509_req_info_st
+  PX509_REQ_INFO = ^X509_REQ_INFO;
+  PPX509_REQ_INFO = ^PX509_REQ_INFO;
+
+  X509_CERT_AUX = type Pointer; // x509_cert_aux_st
+
+  X509_CINF = type Pointer; // x509_cinf_st
+
+  //DEFINE_STACK_OF(X509)
+
+  (* This is used for a table of trust checking functions *)
+
+  Px509_trust_st = ^x509_trust_st;
+  x509_trust_st = record
+    trust: TIdC_INT;
+    flags: TIdC_INT;
+    check_trust: function(v1: Px509_trust_st; v2: PX509; v3: TIdC_INT): TIdC_INT;
+    name: PIdAnsiChar;
+    arg1: TIdC_INT;
+    arg2: Pointer;
+  end;
+  X509_TRUST = x509_trust_st;
+  PX509_TRUST = ^X509_TRUST;
+
+  //DEFINE_STACK_OF(X509_TRUST)
+
+  //DEFINE_STACK_OF(X509_REVOKED)
+  X509_REVOKED = type Pointer;   //////////////////////////////////////////////
+  PX509_REVOKED = ^X509_REVOKED; //////////////////////////////////////////////
+  PPX509_REVOKED = ^PX509_REVOKED;/////////////////////////////////////////////
+
+  X509_CRL_INFO = type Pointer; // X509_crl_info_st
+  PX509_CRL_INFO = ^X509_CRL_INFO;
+  PPX509_CRL_INFO = ^PX509_CRL_INFO;
+
+  //DEFINE_STACK_OF(X509_CRL)
+
+  private_key_st = record
+    version: TIdC_INT;
+    (* The PKCS#8 data types *)
+    enc_algor: PX509_ALGOR;
+    enc_pkey: PASN1_OCTET_STRING; (* encrypted pub key *)
+    (* When decrypted, the following will not be NULL *)
+    dec_pkey: PEVP_PKEY;
+    (* used to encrypt and decrypt *)
+    key_length: TIdC_INT;
+    key_data: PIdAnsiChar;
+    key_free: TIdC_INT;               (* true if we should auto free key_data *)
+    (* expanded version of 'enc_algor' *)
+    cipher: EVP_CIPHER_INFO;
+  end;
+  X509_PKEY = private_key_st;
+  PX509_PKEY = ^X509_PKEY;
+
+  X509_info_st = record
+    x509: PX509;
+    crl: PX509_CRL;
+    x_pkey: PX509_PKEY;
+    enc_cipher: EVP_CIPHER_INFO;
+    enc_len: TIdC_INT;
+    enc_data: PIdAnsiChar;
+  end;
+  X509_INFO = X509_info_st;
+  PX509_INFO = ^X509_INFO;
+
+  //DEFINE_STACK_OF(X509_INFO)
+
+  (*
+   * The next 2 structures and their 8 routines are used to manipulate Netscape's
+   * spki structures - useful if you are writing a CA web page
+   *)
+  Netscape_spkac_st = record
+    pubkey: PX509_PUBKEY;
+    challenge: PASN1_IA5STRING;  (* challenge sent in atlas >= PR2 *)
+  end;
+  NETSCAPE_SPKAC = Netscape_spkac_st;
+  PNETSCAPE_SPKAC = ^NETSCAPE_SPKAC;
+
+  Netscape_spki_st = record
+    spkac: PNETSCAPE_SPKAC;      (* signed public key and challenge *)
+    sig_algor: X509_ALGOR;
+    signature: PASN1_BIT_STRING;
+  end;
+  NETSCAPE_SPKI = Netscape_spki_st;
+  PNETSCAPE_SPKI = ^NETSCAPE_SPKI;
+
+  (* Netscape certificate sequence structure *)
+//  Netscape_certificate_sequence: record
+//    &type: PASN1_OBJECT;
+//    certs: P --> STACK_OF(X509) <--;
+//  end;
+//  NETSCAPE_CERT_SEQUENCE = Netscape_certificate_sequence;
+
+  (*- Unused (and iv length is wrong)
+  typedef struct CBCParameter_st
+          {
+          unsigned char iv[8];
+          } CBC_PARAM;
+  *)
+
+  (* Password based encryption structure *)
+  PBEPARAM_st = record
+    salt: PASN1_OCTET_STRING;
+    iter: PASN1_INTEGER;
+  end;
+  PBEPARAM = PBEPARAM_st;
+
+  (* Password based encryption V2 structures *)
+  PBE2PARAM_st = record
+    keyfunc: PX509_ALGOR;
+    encryption: X509_ALGOR;
+  end;
+  PBE2PARAM = PBE2PARAM_st;
+
+  PBKDF2PARAM_st = record
+  (* Usually OCTET STRING but could be anything *)
+    salt: PASN1_TYPE;
+    iter: PASN1_INTEGER;
+    keylength: PASN1_INTEGER;
+    prf: X509_ALGOR;
+  end;
+  PBKDF2PARAM = PBKDF2PARAM_st;
+
+  SCRYPT_PARAMS_st = record
+    salt: PASN1_OCTET_STRING;
+    costParameter: PASN1_INTEGER;
+    blockSize: PASN1_INTEGER;
+    parallelizationParameter: PASN1_INTEGER;
+    keyLength: ASN1_INTEGER;
+  end;
+  SCRYPT_PARAMS = SCRYPT_PARAMS_st;
+
+  //# define         X509_extract_key(x)     X509_get_pubkey(x)(*****)
+  //# define         X509_REQ_extract_key(a) X509_REQ_get_pubkey(a)
+  //# define         X509_name_cmp(a,b)      X509_NAME_cmp((a),(b))
+  //
+
+var
+  procedure X509_CRL_set_default_method(const meth: PX509_CRL_METHOD);
+//  function X509_CRL_METHOD_new(crl_init: function(crl: X509_CRL): TIdC_INT;
+//    crl_free: function(crl: PX509_CRL): TIdC_INT;
+//    crl_lookup: function(crl: PX509_CRL; ret: PPX509_REVOKED; ser: PASN1_INTEGER; issuer: PX509_NAME): TIdC_INT;
+//    crl_verify: function(crl: PX509_CRL, pk: PEVP_PKEY): TIdC_INT): PX509_CRL_METHOD;
+  procedure X509_CRL_METHOD_free(m: PX509_CRL_METHOD);
+
+  procedure X509_CRL_set_meth_data(crl: PX509_CRL; dat: Pointer);
+  function X509_CRL_get_meth_data(crl: PX509_CRL): Pointer;
+
+  function X509_verify_cert_error_string(n: TIdC_LONG): PIdAnsiChar;
+
+  function X509_verify(a: PX509; r: PEVP_PKEY): TIdC_INT;
+
+  function X509_REQ_verify(a: PX509_REQ; r: PEVP_PKEY): TIdC_INT;
+  function X509_CRL_verify(a: PX509_CRL; r: PEVP_PKEY): TIdC_INT;
+  function NETSCAPE_SPKI_verify(a: PNETSCAPE_SPKI; r: PEVP_PKEY): TIdC_INT;
+
+  function NETSCAPE_SPKI_b64_decode(const str: PIdAnsiChar; len: TIdC_INT): PNETSCAPE_SPKI;
+  function NETSCAPE_SPKI_b64_encode(x: PNETSCAPE_SPKI): PIdAnsiChar;
+  function NETSCAPE_SPKI_get_pubkey(x: PNETSCAPE_SPKI): PEVP_PKEY;
+  function NETSCAPE_SPKI_set_pubkey(x: PNETSCAPE_SPKI; pkey: PEVP_PKEY): TIdC_INT;
+
+  function NETSCAPE_SPKI_print(&out: PBIO; spki: PNETSCAPE_SPKI): TIdC_INT;
+
+  function X509_signature_dump(bp: PBIO; const sig: PASN1_STRING; indent: TIdC_INT): TIdC_INT;
+  function X509_signature_print(bp: PBIO; const alg: PX509_ALGOR; const sig: PASN1_STRING): TIdC_INT;
+
+  function X509_sign(x: PX509; pkey: PEVP_PKEY; const md: PEVP_MD): TIdC_INT;
+  function X509_sign_ctx(x: PX509; ctx: PEVP_MD_CTX): TIdC_INT;
+
+  function X509_http_nbio(rctx: POCSP_REQ_CTX; pcert: PPX509): TIdC_INT;
+
+  function X509_REQ_sign(x: PX509_REQ; pkey: PEVP_PKEY; const md: PEVP_MD): TIdC_INT;
+  function X509_REQ_sign_ctx(x: PX509_REQ; ctx: PEVP_MD_CTX): TIdC_INT;
+  function X509_CRL_sign(x: PX509_CRL; pkey: PEVP_PKEY; const md: PEVP_MD): TIdC_INT;
+  function X509_CRL_sign_ctx(x: PX509_CRL; ctx: PEVP_MD_CTX): TIdC_INT;
+
+  function X509_CRL_http_nbio(rctx: POCSP_REQ_CTX; pcrl: PPX509_CRL): TIdC_INT;
+
+  function NETSCAPE_SPKI_sign(x: PNETSCAPE_SPKI; pkey: PEVP_PKEY; const md: PEVP_MD): TIdC_INT;
+
+  function X509_pubkey_digest(const data: PX509; const &type: PEVP_MD; md: PByte; len: PIdC_UINT): TIdC_INT;
+  function X509_digest(const data: PX509; const &type: PEVP_MD; md: PByte; len: PIdC_UINT): TIdC_INT;
+  function X509_CRL_digest(const data: PX509_CRL; const &type: PEVP_MD; md: PByte; len: PIdC_UINT): TIdC_INT;
+  function X509_REQ_digest(const data: PX509_REQ; const &type: PEVP_MD; md: PByte; len: PIdC_UINT): TIdC_INT;
+  function X509_NAME_digest(const data: PX509_NAME; const &type: PEVP_MD; md: PByte; len: PIdC_UINT): TIdC_INT;
+
+  //# ifndef OPENSSL_NO_STDIO
+  //X509 *d2i_X509_fp(FILE *fp, X509 **x509);
+  //TIdC_INT i2d_X509_fp(FILE *fp, X509 *x509);
+  //X509_CRL *d2i_X509_CRL_fp(FILE *fp, X509_CRL **crl);
+  //TIdC_INT i2d_X509_CRL_fp(FILE *fp, X509_CRL *crl);
+  //X509_REQ *d2i_X509_REQ_fp(FILE *fp, X509_REQ **req);
+  //TIdC_INT i2d_X509_REQ_fp(FILE *fp, X509_REQ *req);
+  //#  ifndef OPENSSL_NO_RSA
+  //RSA *d2i_RSAPrivateKey_fp(FILE *fp, RSA **rsa);
+  //TIdC_INT i2d_RSAPrivateKey_fp(FILE *fp, RSA *rsa);
+  //RSA *d2i_RSAPublicKey_fp(FILE *fp, RSA **rsa);
+  //TIdC_INT i2d_RSAPublicKey_fp(FILE *fp, RSA *rsa);
+  //RSA *d2i_RSA_PUBKEY_fp(FILE *fp, RSA **rsa);
+  //TIdC_INT i2d_RSA_PUBKEY_fp(FILE *fp, RSA *rsa);
+  //#  endif
+  //#  ifndef OPENSSL_NO_DSA
+  //DSA *d2i_DSA_PUBKEY_fp(FILE *fp, DSA **dsa);
+  //TIdC_INT i2d_DSA_PUBKEY_fp(FILE *fp, DSA *dsa);
+  //DSA *d2i_DSAPrivateKey_fp(FILE *fp, DSA **dsa);
+  //TIdC_INT i2d_DSAPrivateKey_fp(FILE *fp, DSA *dsa);
+  //#  endif
+  //#  ifndef OPENSSL_NO_EC
+  //EC_KEY *d2i_EC_PUBKEY_fp(FILE *fp, EC_KEY **eckey);
+  //TIdC_INT i2d_EC_PUBKEY_fp(FILE *fp, EC_KEY *eckey);
+  //EC_KEY *d2i_ECPrivateKey_fp(FILE *fp, EC_KEY **eckey);
+  //TIdC_INT i2d_ECPrivateKey_fp(FILE *fp, EC_KEY *eckey);
+  //#  endif
+  //X509_SIG *d2i_PKCS8_fp(FILE *fp, X509_SIG **p8);
+  //TIdC_INT i2d_PKCS8_fp(FILE *fp, X509_SIG *p8);
+  //PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_fp(FILE *fp,
+  //                                                PKCS8_PRIV_KEY_INFO **p8inf);
+  //TIdC_INT i2d_PKCS8_PRIV_KEY_INFO_fp(FILE *fp, PKCS8_PRIV_KEY_INFO *p8inf);
+  //TIdC_INT i2d_PKCS8PrivateKeyInfo_fp(FILE *fp, EVP_PKEY *key);
+  //TIdC_INT i2d_PrivateKey_fp(FILE *fp, EVP_PKEY *pkey);
+  //EVP_PKEY *d2i_PrivateKey_fp(FILE *fp, EVP_PKEY **a);
+  //TIdC_INT i2d_PUBKEY_fp(FILE *fp, EVP_PKEY *pkey);
+  //EVP_PKEY *d2i_PUBKEY_fp(FILE *fp, EVP_PKEY **a);
+  //# endif
+
+  function d2i_X509_bio(bp: PBIO; x509: PPX509): PX509;
+  function i2d_X509_bio(bp: PBIO; x509: PX509): TIdC_INT;
+  function d2i_X509_CRL_bio(bp: PBIO; crl: PPX509_CRL): PX509_CRL;
+  function i2d_X509_CRL_bio(bp: PBIO; crl: PX509_CRL): TIdC_INT;
+  function d2i_X509_REQ_bio(bp: PBIO; req: PPX509_REQ): PX509_REQ;
+  function i2d_X509_REQ_bio(bp: PBIO; req: PX509_REQ): TIdC_INT;
+
+  function d2i_RSAPrivateKey_bio(bp: PBIO; rsa: PPRSA): PRSA;
+  function i2d_RSAPrivateKey_bio(bp: PBIO; rsa: PRSA): TIdC_INT;
+  function d2i_RSAPublicKey_bio(bp: PBIO; rsa: PPRSA): PRSA;
+  function i2d_RSAPublicKey_bio(bp: PBIO; rsa: PRSA): TIdC_INT;
+  function d2i_RSA_PUBKEY_bio(bp: PBIO; rsa: PPRSA): PRSA;
+  function i2d_RSA_PUBKEY_bio(bp: PBIO; rsa: PRSA): TIdC_INT;
+
+  function d2i_DSA_PUBKEY_bio(bp: PBIO; dsa: PPDSA): DSA;
+  function i2d_DSA_PUBKEY_bio(bp: PBIO; dsa: PDSA): TIdC_INT;
+  function d2i_DSAPrivateKey_bio(bp: PBIO; dsa: PPDSA): PDSA;
+  function i2d_DSAPrivateKey_bio(bp: PBIO; dsa: PDSA): TIdC_INT;
+
+  function d2i_EC_PUBKEY_bio(bp: PBIO; eckey: PPEC_KEY): PEC_KEY;
+  function i2d_EC_PUBKEY_bio(bp: PBIO; eckey: PEC_KEY): TIdC_INT;
+  function d2i_ECPrivateKey_bio(bp: PBIO; eckey: PPEC_KEY): EC_KEY;
+  function i2d_ECPrivateKey_bio(bp: PBIO; eckey: PEC_KEY): TIdC_INT;
+
+  function d2i_PKCS8_bio(bp: PBIO; p8: PPX509_SIG): PX509_SIG;
+  function i2d_PKCS8_bio(bp: PBIO; p8: PX509_SIG): TIdC_INT;
+  function d2i_PKCS8_PRIV_KEY_INFO_bio(bp: PBIO; p8inf: PPPKCS8_PRIV_KEY_INFO): PPKCS8_PRIV_KEY_INFO;
+  function i2d_PKCS8_PRIV_KEY_INFO_bio(bp: PBIO; p8inf: PPKCS8_PRIV_KEY_INFO): TIdC_INT;
+  function i2d_PKCS8PrivateKeyInfo_bio(bp: PBIO; key: PEVP_PKEY): TIdC_INT;
+  function i2d_PrivateKey_bio(bp: PBIO; pkey: PEVP_PKEY): TIdC_INT;
+  function d2i_PrivateKey_bio(bp: PBIO; a: PPEVP_PKEY): PEVP_PKEY;
+  function i2d_PUBKEY_bio(bp: PBIO; pkey: PEVP_PKEY): TIdC_INT;
+  function d2i_PUBKEY_bio(bp: PBIO; a: PPEVP_PKEY): PEVP_PKEY;
+
+  function X509_dup(x509: PX509): PX509;
+  function X509_ATTRIBUTE_dup(xa: PX509_ATTRIBUTE): PX509_ATTRIBUTE;
+  function X509_EXTENSION_dup(ex: PX509_EXTENSION): PX509_EXTENSION;
+  function X509_CRL_dup(crl: PX509_CRL): PX509_CRL;
+  function X509_REVOKED_dup(rev: PX509_REVOKED): PX509_REVOKED;
+  function X509_REQ_dup(req: PX509_REQ): PX509_REQ;
+  function X509_ALGOR_dup(xn: PX509_ALGOR): PX509_ALGOR;
+  function X509_ALGOR_set0(alg: PX509_ALGOR; aobj: PASN1_OBJECT; ptype: TIdC_INT; pval: Pointer): TIdC_INT;
+  procedure X509_ALGOR_get0(const paobj: PPASN1_OBJECT; pptype: PIdC_INT; const ppval: PPointer; const algor: PX509_ALGOR);
+  procedure X509_ALGOR_set_md(alg: PX509_ALGOR; const md: PEVP_MD);
+  function X509_ALGOR_cmp(const a: PX509_ALGOR; const b: PX509_ALGOR): TIdC_INT;
+
+  function X509_NAME_dup(xn: PX509_NAME): PX509_NAME;
+  function X509_NAME_ENTRY_dup(ne: PX509_NAME_ENTRY): PX509_NAME_ENTRY;
+
+  function X509_cmp_time(const s: PASN1_TIME; t: PIdC_TIMET): TIdC_INT;
+  function X509_cmp_current_time(const s: PASN1_TIME): TIdC_INT;
+  function X509_time_adj(s: PASN1_TIME; adj: TIdC_LONG; t: PIdC_TIMET): PASN1_TIME;
+  function X509_time_adj_ex(s: PASN1_TIME; offset_day: TIdC_INT; offset_sec: TIdC_LONG; t: PIdC_TIMET): PASN1_TIME;
+  function X509_gmtime_adj(s: PASN1_TIME; adj: TIdC_LONG): PASN1_TIME;
+
+  function X509_get_default_cert_area: PIdAnsiChar;
+  function X509_get_default_cert_dir: PIdAnsiChar;
+  function X509_get_default_cert_file: PIdAnsiChar;
+  function X509_get_default_cert_dir_env: PIdAnsiChar;
+  function X509_get_default_cert_file_env: PIdAnsiChar;
+  function X509_get_default_private_dir: PIdAnsiChar;
+
+  function X509_to_X509_REQ(x: PX509; pkey: PEVP_PKEY; const md: PEVP_MD): PX509_REQ;
+  function X509_REQ_to_X509(r: PX509_REQ; days: TIdC_INT; pkey: PEVP_PKEY): PX509;
+
+  function X509_ALGOR_new: PX509_ALGOR;
+  procedure X509_ALGOR_free(v1: PX509_ALGOR);
+  function d2i_X509_ALGOR(a: PPX509_ALGOR; const &in: PPByte; len: TIdC_LONG): PX509_ALGOR;
+  function i2d_X509_ALGOR(a: PX509_ALGOR; &out: PPByte): TIdC_INT;
+  //DECLARE_ASN1_ENCODE_FUNCTIONS(X509_ALGORS, X509_ALGORS, X509_ALGORS)
+  function X509_VAL_new: PX509_VAL;
+  procedure X509_VAL_free(v1: PX509_VAL);
+  function d2i_X509_VAL(a: PPX509_VAL; const &in: PPByte; len: TIdC_LONG): PX509_VAL;
+  function i2d_X509_VAL(a: PX509_VAL; &out: PPByte): TIdC_INT;
+
+  function X509_PUBKEY_new: PX509_PUBKEY;
+  procedure X509_PUBKEY_free(v1: PX509_PUBKEY);
+  function d2i_X509_PUBKEY(a: PPX509_PUBKEY; const &in: PPByte; len: TIdC_LONG): PX509_PUBKEY;
+  function i2d_X509_PUBKEY(a: PX509_PUBKEY; &out: PPByte): TIdC_INT;
+
+  function X509_PUBKEY_set(x: PPX509_PUBKEY; pkey: PEVP_PKEY): TIdC_INT;
+  function X509_PUBKEY_get0(key: PX509_PUBKEY): PEVP_PKEY;
+  function X509_PUBKEY_get(key: PX509_PUBKEY): PEVP_PKEY;
+//  function X509_get_pubkey_parameters(pkey: PEVP_PKEY; chain: P STACK_OF(X509)): TIdC_INT;
+  function X509_get_pathlen(x: PX509): TIdC_LONG;
+  function i2d_PUBKEY(a: PEVP_PKEY; pp: PPByte): TIdC_INT;
+  function d2i_PUBKEY(a: PPEVP_PKEY; const pp: PPByte; length: TIdC_LONG): PEVP_PKEY;
+
+  function i2d_RSA_PUBKEY(a: PRSA; pp: PPByte): TIdC_INT;
+  function d2i_RSA_PUBKEY(a: PPRSA; const pp: PPByte; length: TIdC_LONG): PRSA;
+
+  function i2d_DSA_PUBKEY(a: PDSA; pp: PPByte): TIdC_INT;
+  function d2i_DSA_PUBKEY(a: PPDSA; const pp: PPByte; length: TIdC_LONG): PDSA;
+
+  function i2d_EC_PUBKEY(a: EC_KEY; pp: PPByte): TIdC_INT;
+  function d2i_EC_PUBKEY(a: PPEC_KEY; const pp: PPByte; length: TIdC_LONG): PEC_KEY;
+
+  function X509_SIG_new: PX509_SIG;
+  procedure X509_SIG_free(v1: PX509_SIG);
+  function d2i_X509_SIG(a: PPX509_SIG; const &in: PPByte; len: TIdC_LONG): PX509_SIG;
+  function i2d_X509_SIG(a: PX509_SIG; &out: PPByte): TIdC_INT;
+  procedure X509_SIG_get0(const sig: PX509_SIG; const palg: PPX509_ALGOR; const pdigest: PPASN1_OCTET_STRING);
+  procedure X509_SIG_getm(sig: X509_SIG; palg: PPX509_ALGOR; pdigest: PPASN1_OCTET_STRING);
+
+  function X509_REQ_INFO_new: PX509_REQ_INFO;
+  procedure X509_REQ_INFO_free(v1: PX509_REQ_INFO);
+  function d2i_X509_REQ_INFO(a: PPX509_REQ_INFO; const &in: PPByte; len: TIdC_LONG): PX509_REQ_INFO;
+  function i2d_X509_REQ_INFO(a: PX509_REQ_INFO; &out: PPByte): TIdC_INT;
+
+  function X509_REQ_new: PX509_REQ;
+  procedure X509_REQ_free(v1: PX509_REQ);
+  function d2i_X509_REQ(a: PPX509_REQ; const &in: PPByte; len: TIdC_LONG): PX509_REQ;
+  function i2d_X509_REQ(a: PX509_REQ; &out: PPByte): TIdC_INT;
+
+  function X509_ATTRIBUTE_new: PX509_ATTRIBUTE;
+  procedure X509_ATTRIBUTE_free(v1: PX509_ATTRIBUTE);
+  function d2i_X509_ATTRIBUTE(a: PPX509_ATTRIBUTE; const &in: PPByte; len: TIdC_LONG): PX509_ATTRIBUTE;
+  function i2d_X509_ATTRIBUTE(a: PX509_ATTRIBUTE; &out: PPByte): TIdC_INT;
+  function X509_ATTRIBUTE_create(nid: TIdC_INT; trtype: TIdC_INT; value: Pointer): PX509_ATTRIBUTE;
+
+  function X509_EXTENSION_new: PX509_EXTENSION;
+  procedure X509_EXTENSION_free(v1: PX509_EXTENSION);
+  function d2i_X509_EXTENSION(a: PPX509_EXTENSION; const &in: PPByte; len: TIdC_LONG): PX509_EXTENSION;
+  function i2d_X509_EXTENSION(a: PX509_EXTENSION; &out: PPByte): TIdC_INT;
+  //DECLARE_ASN1_ENCODE_FUNCTIONS(X509_EXTENSIONS, X509_EXTENSIONS, X509_EXTENSIONS)
+
+  function X509_NAME_ENTRY_new: PX509_NAME_ENTRY;
+  procedure X509_NAME_ENTRY_free(v1: PX509_NAME_ENTRY);
+  function d2i_X509_NAME_ENTRY(a: PPX509_NAME_ENTRY; const &in: PPByte; len: TIdC_LONG): PX509_NAME_ENTRY;
+  function i2d_X509_NAME_ENTRY(a: PX509_NAME_ENTRY; &out: PPByte): TIdC_INT;
+
+  function X509_NAME_new: PX509_NAME;
+  procedure X509_NAME_free(v1: PX509_NAME);
+  function d2i_X509_NAME(a: PPX509_NAME; const &in: PPByte; len: TIdC_LONG): PX509_NAME;
+  function i2d_X509_NAME(a: PX509_NAME; &out: PPByte): TIdC_INT;
+
+  function X509_NAME_set(xn: PPX509_NAME; name: PX509_NAME): TIdC_INT;
+
+  //DECLARE_ASN1_FUNCTIONS(X509_CINF)
+
+  function X509_new: PX509;
+  procedure X509_free(v1: PX509);
+  function d2i_X509(a: PPX509; const &in: PPByte; len: TIdC_LONG): PX509;
+  function i2d_X509(a: PX509; &out: PPByte): TIdC_INT;
+
+  //DECLARE_ASN1_FUNCTIONS(X509_CERT_AUX)
+  //
+  //#define X509_get_ex_new_index(l, p, newf, dupf, freef) \
+  //    CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_X509, l, p, newf, dupf, freef)
+  function X509_set_ex_data(r: PX509; idx: TIdC_INT; arg: Pointer): TIdC_INT;
+  function X509_get_ex_data(r: PX509; idx: TIdC_INT): Pointer;
+  function i2d_X509_AUX(a: PX509; pp: PPByte): TIdC_INT;
+  function d2i_X509_AUX(a: PPX509; const pp: PPByte; length: TIdC_LONG): PX509;
+
+  function i2d_re_X509_tbs(x: PX509; pp: PPByte): TIdC_INT;
+
+  function X509_SIG_INFO_get(const siginf: PX509_SIG_INFO; mdnid: PIdC_INT; pknid: PIdC_INT; secbits: PIdC_INT; flags: PIdC_UINT32): TIdC_INT;
+  procedure X509_SIG_INFO_set(siginf: PX509_SIG_INFO; mdnid: TIdC_INT; pknid: TIdC_INT; secbits: TIdC_INT; flags: TIdC_UINT32);
+
+  function X509_get_signature_info(x: PX509; mdnid: PIdC_INT; pknid: PIdC_INT; secbits: PIdC_INT; flags: PIdC_UINT32): TIdC_INT;
+
+  procedure X509_get0_signature(const psig: PPASN1_BIT_STRING; const palg: PPX509_ALGOR; const x: PX509);
+  function X509_get_signature_nid(const x: PX509): TIdC_INT;
+
+  function X509_trusted(const x: PX509): TIdC_INT;
+  function X509_alias_set1(x: PX509; const name: PByte; len: TIdC_INT): TIdC_INT;
+  function X509_keyid_set1(x: PX509; const id: PByte; len: TIdC_INT): TIdC_INT;
+  function X509_alias_get0(x: PX509; len: PIdC_INT): PByte;
+  function X509_keyid_get0(x: PX509; len: PIdC_INT): PByte;
+//  TIdC_INT (*X509_TRUST_set_default(TIdC_INT (*trust) (TIdC_INT, X509 *, TIdC_INT))) (TIdC_INT, X509 *,
+//                                                                  TIdC_INT);
+  function X509_TRUST_set(t: PIdC_INT; trust: TIdC_INT): TIdC_INT;
+  function X509_add1_trust_object(x: PX509; const obj: PASN1_OBJECT): TIdC_INT;
+  function X509_add1_reject_object(x: PX509; const obj: PASN1_OBJECT): TIdC_INT;
+  procedure X509_trust_clear(x: PX509);
+  procedure X509_reject_clear(x: PX509);
+
+  //STACK_OF(ASN1_OBJECT) *X509_get0_trust_objects(X509 *x);
+  //STACK_OF(ASN1_OBJECT) *X509_get0_reject_objects(X509 *x);
+  //
+  function X509_REVOKED_new: PX509_REVOKED;
+  procedure X509_REVOKED_free(v1: PX509_REVOKED);
+  function d2i_X509_REVOKED(a: PPX509_REVOKED; const &in: PPByte; len: TIdC_LONG): PX509_REVOKED;
+  function i2d_X509_REVOKED(a: PX509_REVOKED; &out: PPByte): TIdC_INT;
+  function X509_CRL_INFO_new: PX509_CRL_INFO;
+  procedure X509_CRL_INFO_free(v1: PX509_CRL_INFO);
+  function d2i_X509_CRL_INFO(a: PPX509_CRL_INFO; const &in: PPByte; len: TIdC_LONG): PX509_CRL_INFO;
+  function i2d_X509_CRL_INFO(a: PX509_CRL_INFO; &out: PPByte): TIdC_INT;
+  function X509_CRL_new: PX509_CRL;
+  procedure X509_CRL_free(v1: PX509_CRL);
+  function d2i_X509_CRL(a: PPX509_CRL; const &in: PPByte; len: TIdC_LONG): PX509_CRL;
+  function i2d_X509_CRL(a: PX509_CRL; &out: PPByte): TIdC_INT;
+
+  function X509_CRL_add0_revoked(crl: PX509_CRL; rev: PX509_REVOKED): TIdC_INT;
+  function X509_CRL_get0_by_serial(crl: PX509_CRL; ret: PPX509_REVOKED; serial: PASN1_INTEGER): TIdC_INT;
+  function X509_CRL_get0_by_cert(crl: PX509_CRL; ret: PPX509_REVOKED; x: PX509): TIdC_INT;
+
+  function X509_PKEY_new: PX509_PKEY;
+  procedure X509_PKEY_free(a: PX509_PKEY);
+
+  //DECLARE_ASN1_FUNCTIONS(NETSCAPE_SPKI)
+  //DECLARE_ASN1_FUNCTIONS(NETSCAPE_SPKAC)
+  //DECLARE_ASN1_FUNCTIONS(NETSCAPE_CERT_SEQUENCE)
+
+  function X509_INFO_new: PX509_INFO;
+  procedure X509_INFO_free(a: PX509_INFO);
+  function X509_NAME_oneline(const a: PX509_NAME; buf: PIdAnsiChar; size: TIdC_INT): PIdAnsiChar;
+
+//  function ASN1_verify(i2d: Pi2d_of_void; algor1: PX509_ALGOR;
+//    signature: PASN1_BIT_STRING; data: PIdAnsiChar; pkey: PEVP_PKEY): TIdC_INT;
+
+//  TIdC_INT ASN1_digest(i2d_of_void *i2d, const EVP_MD *type, char *data,
+//                  unsigned char *md, unsigned TIdC_INT *len);
+
+//  TIdC_INT ASN1_sign(i2d_of_void *i2d, X509_ALGOR *algor1,
+//                X509_ALGOR *algor2, ASN1_BIT_STRING *signature,
+//                char *data, EVP_PKEY *pkey, const EVP_MD *type);
+
+  function ASN1_item_digest(const it: PASN1_ITEM; const &type: PEVP_MD; data: Pointer; md: PByte; len: PIdC_UINT): TIdC_INT;
+
+  function ASN1_item_verify(const it: PASN1_ITEM; algor1: PX509_ALGOR; signature: PASN1_BIT_STRING; data: Pointer; pkey: PEVP_PKEY): TIdC_INT;
+
+  function ASN1_item_sign(const it: PASN1_ITEM; algor1: PX509_ALGOR; algor2: PX509_ALGOR; signature: PASN1_BIT_STRING; data: Pointer; pkey: PEVP_PKEY; const &type: PEVP_MD): TIdC_INT;
+  function ASN1_item_sign_ctx(const it: PASN1_ITEM; algor1: PX509_ALGOR; algor2: PX509_ALGOR; signature: PASN1_BIT_STRING; asn: Pointer; ctx: PEVP_MD_CTX): TIdC_INT;
+
+  function X509_get_version(const x: PX509): TIdC_LONG;
+  function X509_set_version(x: PX509; version: TIdC_LONG): TIdC_INT;
+  function X509_set_serialNumber(x: PX509; serial: PASN1_INTEGER): TIdC_INT;
+  function X509_get_serialNumber(x: PX509): PASN1_INTEGER;
+  function X509_get0_serialNumber(const x: PX509): PASN1_INTEGER;
+  function X509_set_issuer_name(x: PX509; name: PX509_NAME): TIdC_INT;
+  function X509_get_issuer_name(const a: PX509): PX509_NAME;
+  function X509_set_subject_name(x: PX509; name: PX509_NAME): TIdC_INT;
+  function X509_get_subject_name(const a: PX509): PX509_NAME;
+  function X509_get0_notBefore(const x: PX509): PASN1_TIME;
+  function X509_getm_notBefore(const x: PX509): PASN1_TIME;
+  function X509_set1_notBefore(x: PX509; const tm: PASN1_TIME): TIdC_INT;
+  function X509_get0_notAfter(const x: PX509): PASN1_TIME;
+  function X509_getm_notAfter(const x: PX509): PASN1_TIME;
+  function X509_set1_notAfter(x: PX509; const tm: PASN1_TIME): TIdC_INT;
+  function X509_set_pubkey(x: PX509; pkey: PEVP_PKEY): TIdC_INT;
+  function X509_up_ref(x: PX509): TIdC_INT;
+  function X509_get_signature_type(const x: PX509): TIdC_INT;
+
+  (*
+   * This one is only used so that a binary form can output, as in
+   * i2d_X509_PUBKEY(X509_get_X509_PUBKEY(x), &buf)
+   *)
+  function X509_get_X509_PUBKEY(const x: PX509): PX509_PUBKEY;
+//  const STACK_OF(X509_EXTENSION) *X509_get0_extensions(const X509 *x);
+  procedure X509_get0_uids(const x: PX509; const piuid: PPASN1_BIT_STRING; const psuid: PPASN1_BIT_STRING);
+  function X509_get0_tbs_sigalg(const x: PX509): PX509_ALGOR;
+
+  function X509_get0_pubkey(const x: PX509): PEVP_PKEY;
+  function X509_get_pubkey(x: PX509): PEVP_PKEY;
+  function X509_get0_pubkey_bitstr(const x: PX509): PASN1_BIT_STRING;
+  function X509_certificate_type(const x: PX509; const pubkey: PEVP_PKEY): TIdC_INT;
+
+  function X509_REQ_get_version(const req: PX509_REQ): TIdC_LONG;
+  function X509_REQ_set_version(x: PX509_REQ; version: TIdC_LONG): TIdC_INT;
+  function X509_REQ_get_subject_name(const req: PX509_REQ): PX509_NAME;
+  function X509_REQ_set_subject_name(req: PX509_REQ; name: PX509_NAME): TIdC_INT;
+  procedure X509_REQ_get0_signature(const req: PX509_REQ; const psig: PPASN1_BIT_STRING; const palg: PPX509_ALGOR);
+  function X509_REQ_get_signature_nid(const req: PX509_REQ): TIdC_INT;
+  function i2d_re_X509_REQ_tbs(req: PX509_REQ; pp: PPByte): TIdC_INT;
+  function X509_REQ_set_pubkey(x: PX509_REQ; pkey: PEVP_PKEY): TIdC_INT;
+  function X509_REQ_get_pubkey(req: PX509_REQ): PEVP_PKEY;
+  function X509_REQ_get0_pubkey(req: PX509_REQ): PEVP_PKEY;
+  function X509_REQ_get_X509_PUBKEY(req: PX509_REQ): PX509_PUBKEY;
+  function X509_REQ_extension_nid(nid: TIdC_INT): TIdC_INT;
+  function X509_REQ_get_extension_nids: PIdC_INT;
+  procedure X509_REQ_set_extension_nids(nids: PIdC_INT);
+//  STACK_OF(X509_EXTENSION) *X509_REQ_get_extensions(X509_REQ *req);
+  //TIdC_INT X509_REQ_add_extensions_nid(X509_REQ *req, STACK_OF(X509_EXTENSION) *exts,
+  //                                TIdC_INT nid);
+  //TIdC_INT X509_REQ_add_extensions(X509_REQ *req, STACK_OF(X509_EXTENSION) *exts);
+  function X509_REQ_get_attr_count(const req: PX509_REQ): TIdC_INT;
+  function X509_REQ_get_attr_by_NID(const req: PX509_REQ; nid: TIdC_INT; lastpos: TIdC_INT): TIdC_INT;
+  function X509_REQ_get_attr_by_OBJ(const req: PX509_REQ; const obj: ASN1_OBJECT; lastpos: TIdC_INT): TIdC_INT;
+  function X509_REQ_get_attr(const req: PX509_REQ; loc: TIdC_INT): PX509_ATTRIBUTE;
+  function X509_REQ_delete_attr(req: PX509_REQ; loc: TIdC_INT): PX509_ATTRIBUTE;
+  function X509_REQ_add1_attr(req: PX509_REQ; attr: PX509_ATTRIBUTE): TIdC_INT;
+  function X509_REQ_add1_attr_by_OBJ(req: PX509_REQ; const obj: PASN1_OBJECT; &type: TIdC_INT; const bytes: PByte; len: TIdC_INT): TIdC_INT;
+  function X509_REQ_add1_attr_by_NID(req: PX509_REQ; nid: TIdC_INT; &type: TIdC_INT; const bytes: PByte; len: TIdC_INT): TIdC_INT;
+  function X509_REQ_add1_attr_by_txt(req: PX509_REQ; const attrname: PIdAnsiChar; &type: TIdC_INT; const bytes: PByte; len: TIdC_INT): TIdC_INT;
+
+  function X509_CRL_set_version(x: PX509_CRL; version: TIdC_LONG): TIdC_INT;
+  function X509_CRL_set_issuer_name(x: PX509_CRL; name: PX509_NAME): TIdC_INT;
+  function X509_CRL_set1_lastUpdate(x: PX509_CRL; const tm: PASN1_TIME): TIdC_INT;
+  function X509_CRL_set1_nextUpdate(x: PX509_CRL; const tm: PASN1_TIME): TIdC_INT;
+  function X509_CRL_sort(crl: PX509_CRL): TIdC_INT;
+  function X509_CRL_up_ref(crl: PX509_CRL): TIdC_INT;
+
+  function X509_CRL_get_version(const crl: PX509_CRL): TIdC_LONG;
+  function X509_CRL_get0_lastUpdate(const crl: PX509_CRL): PASN1_TIME;
+  function X509_CRL_get0_nextUpdate(const crl: PX509_CRL): PASN1_TIME;
+  function X509_CRL_get_issuer(const crl: PX509_CRL): PX509_NAME;
+  //const STACK_OF(X509_EXTENSION) *X509_CRL_get0_extensions(const X509_CRL *crl);
+  //STACK_OF(X509_REVOKED) *X509_CRL_get_REVOKED(X509_CRL *crl);
+  procedure X509_CRL_get0_signature(const crl: PX509_CRL; const psig: PPASN1_BIT_STRING; const palg: PPX509_ALGOR);
+  function  X509_CRL_get_signature_nid(const crl: PX509_CRL): TIdC_INT;
+  function i2d_re_X509_CRL_tbs(req: PX509_CRL; pp: PPByte): TIdC_INT;
+
+  function X509_REVOKED_get0_serialNumber(const x: PX509_REVOKED): PASN1_INTEGER;
+  function X509_REVOKED_set_serialNumber(x: PX509_REVOKED; serial: PASN1_INTEGER): TIdC_INT;
+  function X509_REVOKED_get0_revocationDate(const x: PX509_REVOKED): PASN1_TIME;
+  function X509_REVOKED_set_revocationDate(r: PX509_REVOKED; tm: PASN1_TIME): TIdC_INT;
+  //const STACK_OF(X509_EXTENSION) *
+  //X509_REVOKED_get0_extensions(const X509_REVOKED *r);
+
+  function X509_CRL_diff(base: PX509_CRL; newer: PX509_CRL; skey: PEVP_PKEY; const md: PEVP_MD; flags: TIdC_UINT): PX509_CRL;
+
+  function X509_REQ_check_private_key(x509: PX509_REQ; pkey: PEVP_PKEY): TIdC_INT;
+
+  function X509_check_private_key(const x509: PX509; const pkey: PEVP_PKEY): TIdC_INT;
+  //TIdC_INT X509_chain_check_suiteb(TIdC_INT *perror_depth,
+  //                            X509 *x, STACK_OF(X509) *chain,
+  //                            unsigned TIdC_LONG flags);
+  function X509_CRL_check_suiteb(crl: PX509_CRL; pk: PEVP_PKEY; flags: TIdC_ULONG): TIdC_INT;
+  //STACK_OF(X509) *X509_chain_up_ref(STACK_OF(X509) *chain);
+
+  function X509_issuer_and_serial_cmp(const a: PX509; const b: PX509): TIdC_INT;
+  function X509_issuer_and_serial_hash(a: PX509): TIdC_ULONG;
+
+  function X509_issuer_name_cmp(const a: PX509; const b: PX509): TIdC_INT;
+  function X509_issuer_name_hash(a: PX509): TIdC_uLONG;
+
+  function X509_subject_name_cmp(const a: PX509; const b: PX509): TIdC_INT;
+  function X509_subject_name_hash(x: PX509): TIdC_ULONG;
+
+  function X509_cmp(const a: PX509; const b: PX509): TIdC_INT;
+  function X509_NAME_cmp(const a: PX509_NAME; const b: PX509_NAME): TIdC_INT;
+  function X509_NAME_hash(x: PX509_NAME): TIdC_ULONG;
+  function X509_NAME_hash_old(x: PX509_NAME): TIdC_ULONG;
+
+  function X509_CRL_cmp(const a: PX509_CRL; const b: PX509_CRL): TIdC_INT;
+  function X509_CRL_match(const a: PX509_CRL; const b: PX509_CRL): TIdC_INT;
+  function X509_aux_print(&out: PBIO; x: PX509; indent: TIdC_INT): TIdC_INT;
+  //# ifndef OPENSSL_NO_STDIO
+  //TIdC_INT X509_print_ex_fp(FILE *bp, X509 *x, unsigned TIdC_LONG nmflag,
+  //                     unsigned TIdC_LONG cflag);
+  //TIdC_INT X509_print_fp(FILE *bp, X509 *x);
+  //TIdC_INT X509_CRL_print_fp(FILE *bp, X509_CRL *x);
+  //TIdC_INT X509_REQ_print_fp(FILE *bp, X509_REQ *req);
+  //TIdC_INT X509_NAME_print_ex_fp(FILE *fp, const X509_NAME *nm, TIdC_INT indent,
+  //                          unsigned TIdC_LONG flags);
+  //# endif
+
+  function X509_NAME_print(bp: PBIO; const name: PX509_NAME; obase: TIdC_INT): TIdC_INT;
+  function X509_NAME_print_ex(&out: PBIO; const nm: PX509_NAME; indent: TIdC_INT; flags: TIdC_ULONG): TIdC_INT;
+  function X509_print_ex(bp: PBIO; x: PX509; nmflag: TIdC_ULONG; cflag: TIdC_ULONG): TIdC_INT;
+  function X509_print(bp: PBIO; x: PX509): TIdC_INT;
+  function X509_ocspid_print(bp: PBIO; x: PX509): TIdC_INT;
+  function X509_CRL_print_ex(&out: PBIO; x: PX509_CRL; nmflag: TIdC_ULONG): TIdC_INT;
+  function X509_CRL_print(bp: PBIO; x: PX509_CRL): TIdC_INT;
+  function X509_REQ_print_ex(bp: PBIO; x: PX509_REQ; nmflag: TIdC_ULONG; cflag: TIdC_ULONG): TIdC_INT;
+  function X509_REQ_print(bp: PBIO; req: PX509_REQ): TIdC_INT;
+
+  function X509_NAME_entry_count(const name: PX509_NAME): TIdC_INT;
+  function X509_NAME_get_text_by_NID(name: PX509_NAME; nid: TIdC_INT; buf: PIdAnsiChar; len: TIdC_INT): TIdC_INT;
+  function X509_NAME_get_text_by_OBJ(name: PX509_NAME; const obj: PASN1_OBJECT; buf: PIdAnsiChar; len: TIdC_INT): TIdC_INT;
+
+  (*
+   * NOTE: you should be passing -1, not 0 as lastpos. The functions that use
+   * lastpos, search after that position on.
+   *)
+  function X509_NAME_get_index_by_NID(name: PX509_NAME; nid: TIdC_INT; lastpos: TIdC_INT): TIdC_INT;
+  function X509_NAME_get_index_by_OBJ(name: PX509_NAME; const obj: PASN1_OBJECT; lastpos: TIdC_INT): TIdC_INT;
+  function X509_NAME_get_entry(const name: PX509_NAME; loc: TIdC_INT): PX509_NAME_ENTRY;
+  function X509_NAME_delete_entry(name: PX509_NAME; loc: TIdC_INT): pX509_NAME_ENTRY;
+  function X509_NAME_add_entry(name: PX509_NAME; const ne: PX509_NAME_ENTRY; loc: TIdC_INT; &set: TIdC_INT): TIdC_INT;
+  function X509_NAME_add_entry_by_OBJ(name: PX509_NAME; const obj: PASN1_OBJECT; &type: TIdC_INT; const bytes: PByte; len: TIdC_INT; loc: TIdC_INT; &set: TIdC_INT): TIdC_INT;
+  function X509_NAME_add_entry_by_NID(name: PX509_NAME; nid: TIdC_INT; &type: TIdC_INT; const bytes: PByte; len: TIdC_INT; loc: TIdC_INT; &set: TIdC_INT): TIdC_INT;
+  function X509_NAME_ENTRY_create_by_txt(ne: PPX509_NAME_ENTRY; const field: PIdAnsiChar; &type: TIdC_INT; const bytes: PByte; len: TIdC_INT): PX509_NAME_ENTRY;
+  function X509_NAME_ENTRY_create_by_NID(ne: PPX509_NAME_ENTRY; nid: TIdC_INT; &type: TIdC_INT; const bytes: PByte; len: TIdC_INT): PX509_NAME_ENTRY;
+  function X509_NAME_add_entry_by_txt(name: PX509_NAME; const field: PIdAnsiChar; &type: TIdC_INT; const bytes: PByte; len: TIdC_INT; loc: TIdC_INT; &set: TIdC_INT): TIdC_INT;
+  function X509_NAME_ENTRY_create_by_OBJ(ne: PPX509_NAME_ENTRY; const obj: PASN1_OBJECT; &type: TIdC_INT; const bytes: PByte; len: TIdC_INT): PX509_NAME_ENTRY;
+  function X509_NAME_ENTRY_set_object(ne: PX509_NAME_ENTRY; const obj: PASN1_OBJECT): TIdC_INT;
+  function X509_NAME_ENTRY_set_data(ne: PX509_NAME_ENTRY; &type: TIdC_INT; const bytes: PByte; len: TIdC_INT): TIdC_INT;
+  function X509_NAME_ENTRY_get_object(const ne: PX509_NAME_ENTRY): PASN1_OBJECT;
+  function X509_NAME_ENTRY_get_data(const ne: PX509_NAME_ENTRY): PASN1_STRING;
+  function X509_NAME_ENTRY_set(const ne: PX509_NAME_ENTRY): TIdC_INT;
+
+  function X509_NAME_get0_der(nm: PX509_NAME; const pder: PPByte; pderlen: PIdC_SIZET): TIdC_INT;
+
+  //TIdC_INT X509v3_get_ext_count(const STACK_OF(X509_EXTENSION) *x);
+  //TIdC_INT X509v3_get_ext_by_NID(const STACK_OF(X509_EXTENSION) *x,
+  //                          TIdC_INT nid, TIdC_INT lastpos);
+  //TIdC_INT X509v3_get_ext_by_OBJ(const STACK_OF(X509_EXTENSION) *x,
+  //                          const ASN1_OBJECT *obj, TIdC_INT lastpos);
+  //TIdC_INT X509v3_get_ext_by_critical(const STACK_OF(X509_EXTENSION) *x,
+  //                               TIdC_INT crit, TIdC_INT lastpos);
+  //X509_EXTENSION *X509v3_get_ext(const STACK_OF(X509_EXTENSION) *x, TIdC_INT loc);
+  //X509_EXTENSION *X509v3_delete_ext(STACK_OF(X509_EXTENSION) *x, TIdC_INT loc);
+  //STACK_OF(X509_EXTENSION) *X509v3_add_ext(STACK_OF(X509_EXTENSION) **x,
+  //                                         X509_EXTENSION *ex, TIdC_INT loc);
+
+  function X509_get_ext_count(const x: PX509): TIdC_INT;
+  function X509_get_ext_by_NID(const x: PX509; nid: TIdC_INT; lastpos: TIdC_INT): TIdC_INT;
+  function X509_get_ext_by_OBJ(const x: PX509; const obj: PASN1_OBJECT; lastpos: TIdC_INT): TIdC_INT;
+  function X509_get_ext_by_critical(const x: PX509; crit: TIdC_INT; lastpos: TIdC_INT): TIdC_INT;
+  function X509_get_ext(const x: PX509; loc: TIdC_INT): PX509_EXTENSION;
+  function X509_delete_ext(x: PX509; loc: TIdC_INT): PX509_EXTENSION;
+  function X509_add_ext(x: PX509; ex: PX509_EXTENSION; loc: TIdC_INT): TIdC_INT;
+  function X509_get_ext_d2i(const x: PX509; nid: TIdC_INT; crit: PIdC_INT; idx: PIdC_INT): Pointer;
+  function X509_add1_ext_i2d(x: PX509; nid: TIdC_INT; value: Pointer; crit: TIdC_INT; flags: TIdC_ULONG): TIdC_INT;
+
+  function X509_CRL_get_ext_count(const x: PX509_CRL): TIdC_INT;
+  function X509_CRL_get_ext_by_NID(const x: PX509_CRL; nid: TIdC_INT; lastpos: TIdC_INT): TIdC_INT;
+  function X509_CRL_get_ext_by_OBJ(const x: X509_CRL; const obj: PASN1_OBJECT; lastpos: TIdC_INT): TIdC_INT;
+  function X509_CRL_get_ext_by_critical(const x: PX509_CRL; crit: TIdC_INT; lastpos: TIdC_INT): TIdC_INT;
+  function X509_CRL_get_ext(const x: PX509_CRL; loc: TIdC_INT): PX509_EXTENSION;
+  function X509_CRL_delete_ext(x: PX509_CRL; loc: TIdC_INT): PX509_EXTENSION;
+  function X509_CRL_add_ext(x: PX509_CRL; ex: PX509_EXTENSION; loc: TIdC_INT): TIdC_INT;
+  function X509_CRL_get_ext_d2i(const x: PX509_CRL; nid: TIdC_INT; crit: PIdC_INT; idx: PIdC_INT): Pointer;
+  function X509_CRL_add1_ext_i2d(x: PX509_CRL; nid: TIdC_INT; value: Pointer; crit: TIdC_INT; flags: TIdC_ULONG): TIdC_INT;
+
+  function X509_REVOKED_get_ext_count(const x: PX509_REVOKED): TIdC_INT;
+  function X509_REVOKED_get_ext_by_NID(const x: PX509_REVOKED; nid: TIdC_INT; lastpos: TIdC_INT): TIdC_INT;
+  function X509_REVOKED_get_ext_by_OBJ(const x: PX509_REVOKED; const obj: PASN1_OBJECT; lastpos: TIdC_INT): TIdC_INT;
+  function X509_REVOKED_get_ext_by_critical(const x: PX509_REVOKED; crit: TIdC_INT; lastpos: TIdC_INT): TIdC_INT;
+  function X509_REVOKED_get_ext(const x: PX509_REVOKED; loc: TIdC_INT): PX509_EXTENSION;
+  function X509_REVOKED_delete_ext(x: PX509_REVOKED; loc: TIdC_INT): PX509_EXTENSION;
+  function X509_REVOKED_add_ext(x: PX509_REVOKED; ex: PX509_EXTENSION; loc: TIdC_INT): TIdC_INT;
+  function X509_REVOKED_get_ext_d2i(const x: PX509_REVOKED; nid: TIdC_INT; crit: PIdC_INT; idx: PIdC_INT): Pointer;
+  function X509_REVOKED_add1_ext_i2d(x: PX509_REVOKED; nid: TIdC_INT; value: Pointer; crit: TIdC_INT; flags: TIdC_ULONG): TIdC_INT;
+
+  function X509_EXTENSION_create_by_NID(ex: PPX509_EXTENSION; nid: TIdC_INT; crit: TIdC_INT; data: PASN1_OCTET_STRING): PX509_EXTENSION;
+  function X509_EXTENSION_create_by_OBJ(ex: PPX509_EXTENSION; const obj: PASN1_OBJECT; crit: TIdC_INT; data: PASN1_OCTET_STRING): PX509_EXTENSION;
+  function X509_EXTENSION_set_object(ex: PX509_EXTENSION; const obj: PASN1_OBJECT): TIdC_INT;
+  function X509_EXTENSION_set_critical(ex: PX509_EXTENSION; crit: TIdC_INT): TIdC_INT;
+  function X509_EXTENSION_set_data(ex: PX509_EXTENSION; data: PASN1_OCTET_STRING): TIdC_INT;
+  function X509_EXTENSION_get_object(ex: PX509_EXTENSION): PASN1_OBJECT;
+  function X509_EXTENSION_get_data(ne: PX509_EXTENSION): PASN1_OCTET_STRING;
+  function X509_EXTENSION_get_critical(const ex: PX509_EXTENSION): TIdC_INT;
+
+  //TIdC_INT X509at_get_attr_count(const STACK_OF(X509_ATTRIBUTE) *x);
+  //TIdC_INT X509at_get_attr_by_NID(const STACK_OF(X509_ATTRIBUTE) *x, TIdC_INT nid,
+  //                           TIdC_INT lastpos);
+  //TIdC_INT X509at_get_attr_by_OBJ(const STACK_OF(X509_ATTRIBUTE) *sk,
+  //                           const ASN1_OBJECT *obj, TIdC_INT lastpos);
+  //X509_ATTRIBUTE *X509at_get_attr(const STACK_OF(X509_ATTRIBUTE) *x, TIdC_INT loc);
+  //X509_ATTRIBUTE *X509at_delete_attr(STACK_OF(X509_ATTRIBUTE) *x, TIdC_INT loc);
+  //STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr(STACK_OF(X509_ATTRIBUTE) **x,
+  //                                           X509_ATTRIBUTE *attr);
+  //STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_OBJ(STACK_OF(X509_ATTRIBUTE)
+  //                                                  **x, const ASN1_OBJECT *obj,
+  //                                                  TIdC_INT type,
+  //                                                  const unsigned char *bytes,
+  //                                                  TIdC_INT len);
+  //STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_NID(STACK_OF(X509_ATTRIBUTE)
+  //                                                  **x, TIdC_INT nid, TIdC_INT type,
+  //                                                  const unsigned char *bytes,
+  //                                                  TIdC_INT len);
+  //STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_txt(STACK_OF(X509_ATTRIBUTE)
+  //                                                  **x, const PIdAnsiChar *attrname,
+  //                                                  TIdC_INT type,
+  //                                                  const unsigned char *bytes,
+  //                                                  TIdC_INT len);
+  //void *X509at_get0_data_by_OBJ(STACK_OF(X509_ATTRIBUTE) *x,
+  //                              const ASN1_OBJECT *obj, TIdC_INT lastpos, TIdC_INT type);
+  function X509_ATTRIBUTE_create_by_NID(attr: PPX509_ATTRIBUTE; nid: TIdC_INT; atrtype: TIdC_INT; const data: Pointer; len: TIdC_INT): PX509_ATTRIBUTE;
+  function X509_ATTRIBUTE_create_by_OBJ(attr: PPX509_ATTRIBUTE; const obj: PASN1_OBJECT; atrtype: TIdC_INT; const data: Pointer; len: TIdC_INT): PX509_ATTRIBUTE;
+  function X509_ATTRIBUTE_create_by_txt(attr: PPX509_ATTRIBUTE; const atrname: PIdAnsiChar; &type: TIdC_INT; const bytes: PByte; len: TIdC_INT): PX509_ATTRIBUTE;
+  function X509_ATTRIBUTE_set1_object(attr: PX509_ATTRIBUTE; const obj: PASN1_OBJECT): TIdC_INT;
+  function X509_ATTRIBUTE_set1_data(attr: PX509_ATTRIBUTE; attrtype: TIdC_INT; const data: Pointer; len: TIdC_INT): TIdC_INT;
+  function X509_ATTRIBUTE_get0_data(attr: PX509_ATTRIBUTE; idx: TIdC_INT; atrtype: TIdC_INT; data: Pointer): Pointer;
+  function X509_ATTRIBUTE_count(const attr: PX509_ATTRIBUTE): TIdC_INT;
+  function X509_ATTRIBUTE_get0_object(attr: PX509_ATTRIBUTE): PASN1_OBJECT;
+  function X509_ATTRIBUTE_get0_type(attr: PX509_ATTRIBUTE; idx: TIdC_INT): PASN1_TYPE;
+
+  function EVP_PKEY_get_attr_count(const key: PEVP_PKEY): TIdC_INT;
+  function EVP_PKEY_get_attr_by_NID(const key: PEVP_PKEY; nid: TIdC_INT; lastpos: TIdC_INT): TIdC_INT;
+  function EVP_PKEY_get_attr_by_OBJ(const key: PEVP_PKEY; const obj: PASN1_OBJECT; lastpos: TIdC_INT): TIdC_INT;
+  function EVP_PKEY_get_attr(const key: PEVP_PKEY; loc: TIdC_INT): PX509_ATTRIBUTE;
+  function EVP_PKEY_delete_attr(key: PEVP_PKEY; loc: TIdC_INT): PX509_ATTRIBUTE;
+  function EVP_PKEY_add1_attr(key: PEVP_PKEY; attr: PX509_ATTRIBUTE): TIdC_INT;
+  function EVP_PKEY_add1_attr_by_OBJ(key: PEVP_PKEY; const obj: PASN1_OBJECT; &type: TIdC_INT; const bytes: PByte; len: TIdC_INT): TIdC_INT;
+  function EVP_PKEY_add1_attr_by_NID(key: PEVP_PKEY; nid: TIdC_INT; &type: TIdC_INT; const bytes: PByte; len: TIdC_INT): TIdC_INT;
+  function EVP_PKEY_add1_attr_by_txt(key: PEVP_PKEY; const attrname: PIdAnsiChar; &type: TIdC_INT; const bytes: PByte; len: TIdC_INT): TIdC_INT;
+
+  function X509_verify_cert(ctx: PX509_STORE_CTX): TIdC_INT;
+
+  (* lookup a cert from a X509 STACK *)
+//  function X509_find_by_issuer_and_serial(sk: P STACK_OF(X509); name: PX509_NAME; serial: PASN1_INTEGER): PX509;
+//  X509 *X509_find_by_subject(STACK_OF(X509) *sk, X509_NAME *name);
+
+  //DECLARE_ASN1_FUNCTIONS(PBEPARAM)
+  //DECLARE_ASN1_FUNCTIONS(PBE2PARAM)
+  //DECLARE_ASN1_FUNCTIONS(PBKDF2PARAM)
+  //#ifndef OPENSSL_NO_SCRYPT
+  //DECLARE_ASN1_FUNCTIONS(SCRYPT_PARAMS)
+  //#endif
+
+  function PKCS5_pbe_set0_algor(algor: PX509_ALGOR; alg: TIdC_INT; iter: TIdC_INT; const salt: PByte; saltlen: TIdC_INT): TIdC_INT;
+
+  function PKCS5_pbe_set(alg: TIdC_INT; iter: TIdC_INT; const salt: PByte; saltlen: TIdC_INT): PX509_ALGOR;
+  function PKCS5_pbe2_set(const cipher: PEVP_CIPHER; iter: TIdC_INT; salt: PByte; saltlen: TIdC_INT): PX509_ALGOR;
+  function PKCS5_pbe2_set_iv(const cipher: PEVP_CIPHER; iter: TIdC_INT; salt: PByte; saltlen: TIdC_INT; aiv: PByte; prf_nid: TIdC_INT): PX509_ALGOR;
+
+  function PKCS5_pbe2_set_scrypt(const cipher: PEVP_CIPHER; const salt: PByte; saltlen: TIdC_INT; aiv: PByte; N: TIdC_UINT64; r: TIdC_UINT64; p: TIdC_UINT64): PX509_ALGOR;
+
+  function PKCS5_pbkdf2_set(iter: TIdC_INT; salt: PByte; saltlen: TIdC_INT; prf_nid: TIdC_INT; keylen: TIdC_INT): PX509_ALGOR;
+
+  (* PKCS#8 utilities *)
+
+  //DECLARE_ASN1_FUNCTIONS(PKCS8_PRIV_KEY_INFO)
+
+  function EVP_PKCS82PKEY(const p8: PPKCS8_PRIV_KEY_INFO): PEVP_PKEY;
+  function EVP_PKEY2PKCS8(pkey: PEVP_PKEY): PKCS8_PRIV_KEY_INFO;
+
+  function PKCS8_pkey_set0(priv: PPKCS8_PRIV_KEY_INFO; aobj: PASN1_OBJECT; version: TIdC_INT; ptype: TIdC_INT; pval: Pointer; penc: PByte; penclen: TIdC_INT): TIdC_INT;
+  function PKCS8_pkey_get0(const ppkalg: PPASN1_OBJECT; const pk: PPByte; ppklen: PIdC_INT; const pa: PPX509_ALGOR; const p8: PPKCS8_PRIV_KEY_INFO): TIdC_INT;
+
+  //const STACK_OF(X509_ATTRIBUTE) *
+  //PKCS8_pkey_get0_attrs(const PKCS8_PRIV_KEY_INFO *p8);
+  function PKCS8_pkey_add1_attr_by_NID(p8: PPKCS8_PRIV_KEY_INFO; nid: TIdC_INT; &type: TIdC_INT; const bytes: PByte; len: TIdC_INT): TIdC_INT;
+
+  function X509_PUBKEY_set0_param(pub: PX509_PUBKEY; aobj: PASN1_OBJECT; ptype: TIdC_INT; pval: Pointer; penc: PByte; penclen: TIdC_INT): TIdC_INT;
+  function X509_PUBKEY_get0_param(ppkalg: PPASN1_OBJECT; const pk: PPByte; ppklen: PIdC_INT; pa: PPX509_ALGOR; pub: PX509_PUBKEY): TIdC_INT;
+
+  function X509_check_trust(x: PX509; id: TIdC_INT; flags: TIdC_INT): TIdC_INT;
+  function X509_TRUST_get_count: TIdC_INT;
+  function X509_TRUST_get0(idx: TIdC_INT): PX509_TRUST;
+  function X509_TRUST_get_by_id(id: TIdC_INT): TIdC_INT;
+//  TIdC_INT X509_TRUST_add(TIdC_INT id, TIdC_INT flags, TIdC_INT (*ck) (X509_TRUST *, X509 *, TIdC_INT),
+//                     const PIdAnsiChar *name, TIdC_INT arg1, void *arg2);
+  procedure X509_TRUST_cleanup;
+  function X509_TRUST_get_flags(const xp: PX509_TRUST): TIdC_INT;
+  function X509_TRUST_get0_name(const xp: PX509_TRUST): PIdAnsiChar;
+  function X509_TRUST_get_trust(const xp: PX509_TRUST): TIdC_INT;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_x509_vfy.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_x509_vfy.pas
new file mode 100644
index 000000000..b35f15a09
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_x509_vfy.pas
@@ -0,0 +1,555 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+unit IdOpenSSLHeaders_x509_vfy;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// x509_vfy.h
+
+{$i IdCompilerDefines.inc}
+
+{$MINENUMSIZE 4}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts,
+  IdOpenSSLHeaders_ossl_typ;
+
+const
+  X509_L_FILE_LOAD = 1;
+  X509_L_ADD_DIR   = 2;
+
+  X509_V_OK                                       = 0;
+  X509_V_ERR_UNSPECIFIED                          = 1;
+  X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT            = 2;
+  X509_V_ERR_UNABLE_TO_GET_CRL                    = 3;
+  X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE     = 4;
+  X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE      = 5;
+  X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY   = 6;
+  X509_V_ERR_CERT_SIGNATURE_FAILURE               = 7;
+  X509_V_ERR_CRL_SIGNATURE_FAILURE                = 8;
+  X509_V_ERR_CERT_NOT_YET_VALID                   = 9;
+  X509_V_ERR_CERT_HAS_EXPIRED                     = 10;
+  X509_V_ERR_CRL_NOT_YET_VALID                    = 11;
+  X509_V_ERR_CRL_HAS_EXPIRED                      = 12;
+  X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD       = 13;
+  X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD        = 14;
+  X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD       = 15;
+  X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD       = 16;
+  X509_V_ERR_OUT_OF_MEM                           = 17;
+  X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT          = 18;
+  X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN            = 19;
+  X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY    = 20;
+  X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE      = 21;
+  X509_V_ERR_CERT_CHAIN_TOO_LONG                  = 22;
+  X509_V_ERR_CERT_REVOKED                         = 23;
+  X509_V_ERR_INVALID_CA                           = 24;
+  X509_V_ERR_PATH_LENGTH_EXCEEDED                 = 25;
+  X509_V_ERR_INVALID_PURPOSE                      = 26;
+  X509_V_ERR_CERT_UNTRUSTED                       = 27;
+  X509_V_ERR_CERT_REJECTED                        = 28;
+  (* These are 'informational' when looking for issuer cert *)
+  X509_V_ERR_SUBJECT_ISSUER_MISMATCH              = 29;
+  X509_V_ERR_AKID_SKID_MISMATCH                   = 30;
+  X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH          = 31;
+  X509_V_ERR_KEYUSAGE_NO_CERTSIGN                 = 32;
+  X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER             = 33;
+  X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION         = 34;
+  X509_V_ERR_KEYUSAGE_NO_CRL_SIGN                 = 35;
+  X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION     = 36;
+  X509_V_ERR_INVALID_NON_CA                       = 37;
+  X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED           = 38;
+  X509_V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE        = 39;
+  X509_V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED       = 40;
+  X509_V_ERR_INVALID_EXTENSION                    = 41;
+  X509_V_ERR_INVALID_POLICY_EXTENSION             = 42;
+  X509_V_ERR_NO_EXPLICIT_POLICY                   = 43;
+  X509_V_ERR_DIFFERENT_CRL_SCOPE                  = 44;
+  X509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE        = 45;
+  X509_V_ERR_UNNESTED_RESOURCE                    = 46;
+  X509_V_ERR_PERMITTED_VIOLATION                  = 47;
+  X509_V_ERR_EXCLUDED_VIOLATION                   = 48;
+  X509_V_ERR_SUBTREE_MINMAX                       = 49;
+  (* The application is not happy *)
+  X509_V_ERR_APPLICATION_VERIFICATION             = 50;
+  X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE          = 51;
+  X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX        = 52;
+  X509_V_ERR_UNSUPPORTED_NAME_SYNTAX              = 53;
+  X509_V_ERR_CRL_PATH_VALIDATION_ERROR            = 54;
+  (* Another issuer check debug option *)
+  X509_V_ERR_PATH_LOOP                            = 55;
+  (* Suite B mode algorithm violation *)
+  X509_V_ERR_SUITE_B_INVALID_VERSION              = 56;
+  X509_V_ERR_SUITE_B_INVALID_ALGORITHM            = 57;
+  X509_V_ERR_SUITE_B_INVALID_CURVE                = 58;
+  X509_V_ERR_SUITE_B_INVALID_SIGNATURE_ALGORITHM  = 59;
+  X509_V_ERR_SUITE_B_LOS_NOT_ALLOWED              = 60;
+  X509_V_ERR_SUITE_B_CANNOT_SIGN_P_384_WITH_P_256 = 61;
+  (* Host, email and IP check errors *)
+  X509_V_ERR_HOSTNAME_MISMATCH                    = 62;
+  X509_V_ERR_EMAIL_MISMATCH                       = 63;
+  X509_V_ERR_IP_ADDRESS_MISMATCH                  = 64;
+  (* DANE TLSA errors *)
+  X509_V_ERR_DANE_NO_MATCH                        = 65;
+  (* security level errors *)
+  X509_V_ERR_EE_KEY_TOO_SMALL                     = 66;
+  X509_V_ERR_CA_KEY_TOO_SMALL                     = 67;
+  X509_V_ERR_CA_MD_TOO_WEAK                       = 68;
+  (* Caller error *)
+  X509_V_ERR_INVALID_CALL                         = 69;
+  (* Issuer lookup error *)
+  X509_V_ERR_STORE_LOOKUP                         = 70;
+  (* Certificate transparency *)
+  X509_V_ERR_NO_VALID_SCTS                        = 71;
+
+  X509_V_ERR_PROXY_SUBJECT_NAME_VIOLATION         = 72;
+  (* OCSP status errors *)
+  X509_V_ERR_OCSP_VERIFY_NEEDED                   = 73;  (* Need OCSP verification *)
+  X509_V_ERR_OCSP_VERIFY_FAILED                   = 74;  (* Couldn't verify cert through OCSP *)
+  X509_V_ERR_OCSP_CERT_UNKNOWN                    = 75;  (* Certificate wasn't recognized by the OCSP responder *)
+
+  (* Certificate verify flags *)
+
+  (* Use check time instead of current time *)
+  X509_V_FLAG_USE_CHECK_TIME       = $2;
+  (* Lookup CRLs *)
+  X509_V_FLAG_CRL_CHECK            = $4;
+  (* Lookup CRLs for whole chain *)
+  X509_V_FLAG_CRL_CHECK_ALL        = $8;
+  (* Ignore unhandled critical extensions *)
+  X509_V_FLAG_IGNORE_CRITICAL      = $10;
+  (* Disable workarounds for broken certificates *)
+  X509_V_FLAG_X509_STRICT          = $20;
+  (* Enable proxy certificate validation *)
+  X509_V_FLAG_ALLOW_PROXY_CERTS    = $40;
+  (* Enable policy checking *)
+  X509_V_FLAG_POLICY_CHECK         = $80;
+  (* Policy variable require-explicit-policy *)
+  X509_V_FLAG_EXPLICIT_POLICY      = $100;
+  (* Policy variable inhibit-any-policy *)
+  X509_V_FLAG_INHIBIT_ANY          = $200;
+  (* Policy variable inhibit-policy-mapping *)
+  X509_V_FLAG_INHIBIT_MAP          = $400;
+  (* Notify callback that policy is OK *)
+  X509_V_FLAG_NOTIFY_POLICY        = $800;
+  (* Extended CRL features such as indirect CRLs, alternate CRL signing keys *)
+  X509_V_FLAG_EXTENDED_CRL_SUPPORT = $1000;
+  (* Delta CRL support *)
+  X509_V_FLAG_USE_DELTAS           = $2000;
+  (* Check self-signed CA signature *)
+  X509_V_FLAG_CHECK_SS_SIGNATURE   = $4000;
+  (* Use trusted store first *)
+  X509_V_FLAG_TRUSTED_FIRST        = $8000;
+  (* Suite B 128 bit only mode: not normally used *)
+  X509_V_FLAG_SUITEB_128_LOS_ONLY  = $10000;
+  (* Suite B 192 bit only mode *)
+  X509_V_FLAG_SUITEB_192_LOS       = $20000;
+  (* Suite B 128 bit mode allowing 192 bit algorithms *)
+  X509_V_FLAG_SUITEB_128_LOS       = $30000;
+  (* Allow partial chains if at least one certificate is in trusted store *)
+  X509_V_FLAG_PARTIAL_CHAIN        = $80000;
+  (*
+   * If the initial chain is not trusted, do not attempt to build an alternative
+   * chain. Alternate chain checking was introduced in 1.1.0. Setting this flag
+   * will force the behaviour to match that of previous versions.
+   *)
+  X509_V_FLAG_NO_ALT_CHAINS        = $100000;
+  (* Do not check certificate/CRL validity against current time *)
+  X509_V_FLAG_NO_CHECK_TIME        = $200000;
+
+  X509_VP_FLAG_DEFAULT             = $1;
+  X509_VP_FLAG_OVERWRITE           = $2;
+  X509_VP_FLAG_RESET_FLAGS         = $4;
+  X509_VP_FLAG_LOCKED              = $8;
+  X509_VP_FLAG_ONCE                = $10;
+
+  (* Internal use: mask of policy related options *)
+  X509_V_FLAG_POLICY_MASK = X509_V_FLAG_POLICY_CHECK or X509_V_FLAG_EXPLICIT_POLICY
+    or X509_V_FLAG_INHIBIT_ANY or X509_V_FLAG_INHIBIT_MAP;
+
+
  DANE_FLAG_NO_DANE_EE_NAMECHECKS = TIdC_Long(1) shl 0;
+
+  (* Non positive return values are errors *)
+  X509_PCY_TREE_FAILURE  = -2; (* Failure to satisfy explicit policy *)
+  X509_PCY_TREE_INVALID  = -1; (* Inconsistent or invalid extensions *)
+  X509_PCY_TREE_INTERNAL = 0; (* Internal error, most likely malloc *)
+
+  (*
+   * Positive return values form a bit mask, all but the first are internal to
+   * the library and don't appear in results from X509_policy_check().
+   *)
+  X509_PCY_TREE_VALID    = 1; (* The policy tree is valid *)
+  X509_PCY_TREE_EMPTY    = 2; (* The policy tree is empty *)
+  X509_PCY_TREE_EXPLICIT = 4; (* Explicit policy required *)
+
+type
+  (*-
+  SSL_CTX -> X509_STORE
+                  -> X509_LOOKUP
+                          ->X509_LOOKUP_METHOD
+                  -> X509_LOOKUP
+                          ->X509_LOOKUP_METHOD
+
+  SSL     -> X509_STORE_CTX
+                  ->X509_STORE
+
+  The X509_STORE holds the tables etc for verification stuff.
+  A X509_STORE_CTX is used while validating a single certificate.
+  The X509_STORE has X509_LOOKUPs for looking up certs.
+  The X509_STORE then calls a function to actually verify the
+  certificate chain.
+  *)
+
+  X509_LOOKUP_TYPE = (
+    X509_LU_NONE = 0,
+    X509_LU_X509,
+    X509_LU_CRL
+  );
+
+  X509_STORE_CTX_verify_cb = function(v1: TIdC_INT; v2: PX509_STORE_CTX): TIdC_INT;
+  X509_STORE_CTX_verify_fn = function(v1: PX509_STORE_CTX): TIdC_INT;
+  X509_STORE_CTX_get_issuer_fn = function(issuer: PPX509; ctx: PX509_STORE_CTX; x: PX509): TIdC_INT;
+  X509_STORE_CTX_check_issued_fn = function(ctx: PX509_STORE_CTX; x: PX509; issuer: PX509): TIdC_INT;
+  X509_STORE_CTX_check_revocation_fn = function(ctx: PX509_STORE_CTX): TIdC_INT;
+  X509_STORE_CTX_get_crl_fn = function(ctx: PX509_STORE_CTX; crl: PPX509_CRL; x: PX509): TIdC_INT;
+  X509_STORE_CTX_check_crl_fn = function(ctx: PX509_STORE_CTX; crl: PX509_CRL): TIdC_INT;
+  X509_STORE_CTX_cert_crl_fn = function(ctx: PX509_STORE_CTX; crl: PX509_CRL; x: PX509): TIdC_INT;
+  X509_STORE_CTX_check_policy_fn = function(ctx: PX509_STORE_CTX): TIdC_INT;
+//  typedef STACK_OF(X509) *(*X509_STORE_CTX_lookup_certs_fn)(X509_STORE_CTX *ctx,
+//                                                            X509_NAME *nm);
+//  typedef STACK_OF(X509_CRL) *(*X509_STORE_CTX_lookup_crls_fn)(X509_STORE_CTX *ctx,
+//                                                               X509_NAME *nm);
+  X509_STORE_CTX_cleanup_fn = function(ctx: PX509_STORE_CTX): TIdC_INT;
+
+  X509_LOOKUP_ctrl_fn = function(ctx: PX509_LOOKUP; cmd: TIdC_INT;
+    const argc: PIdAnsiChar; argl: TIdC_LONG; ret: PPIdAnsiChar): TIdC_INT;
+  X509_LOOKUP_get_by_subject_fn = function(ctx: PX509_LOOKUP;
+    &type: X509_LOOKUP_TYPE; name: PX509_NAME; ret: PX509_OBJECT): TIdC_INT;
+  X509_LOOKUP_get_by_issuer_serial_fn = function(ctx: PX509_LOOKUP;
+    &type: X509_LOOKUP_TYPE; name: PX509_NAME; serial: PASN1_INTEGER; ret: PX509_OBJECT): TIdC_INT;
+  X509_LOOKUP_get_by_fingerprint_fn = function(ctx: PX509_LOOKUP; &type: X509_LOOKUP_TYPE;
+    const bytes: PByte; len: TIdC_INT; ret: PX509_OBJECT): TIdC_INT;
+  X509_LOOKUP_get_by_alias_fn = function(ctx: PX509_LOOKUP; &type: X509_LOOKUP_TYPE;
+    const str: PIdAnsiChar; len: TIdC_INT; ret: PX509_OBJECT): TIdC_INT;
+
+var
+  //DEFINE_STACK_OF(X509_LOOKUP)
+  //DEFINE_STACK_OF(X509_OBJECT)
+  //DEFINE_STACK_OF(X509_VERIFY_PARAM)
+
+  function X509_STORE_set_depth(store: PX509_STORE; depth: TIdC_INT): TIdC_INT;
+
+  procedure X509_STORE_CTX_set_depth(ctx: PX509_STORE_CTX; depth: TIdC_INT);
+
+  //# define X509_STORE_CTX_set_app_data(ctx,data) \
+  //        X509_STORE_CTX_set_ex_data(ctx,0,data)
+  //# define X509_STORE_CTX_get_app_data(ctx) \
+  //        X509_STORE_CTX_get_ex_data(ctx,0)
+  //
+  //# define X509_LOOKUP_load_file(x,name,type) \
+  //                X509_LOOKUP_ctrl((x),X509_L_FILE_LOAD,(name),(TIdC_LONG)(type),NULL)
+  //
+  //# define X509_LOOKUP_add_dir(x,name,type) \
+  //                X509_LOOKUP_ctrl((x),X509_L_ADD_DIR,(name),(TIdC_LONG)(type),NULL)
+  //
+  //TIdC_INT X509_OBJECT_idx_by_subject(STACK_OF(X509_OBJECT) *h, X509_LOOKUP_TYPE type,
+  //                               X509_NAME *name);
+  //X509_OBJECT *X509_OBJECT_retrieve_by_subject(STACK_OF(X509_OBJECT) *h,
+  //                                             X509_LOOKUP_TYPE type,
+  //                                             X509_NAME *name);
+  //X509_OBJECT *X509_OBJECT_retrieve_match(STACK_OF(X509_OBJECT) *h,
+  //                                        X509_OBJECT *x);
+  function X509_OBJECT_up_ref_count(a: PX509_OBJECT): TIdC_INT;
+  function X509_OBJECT_new: PX509_OBJECT;
+  procedure X509_OBJECT_free(a: PX509_OBJECT);
+  function X509_OBJECT_get_type(const a: PX509_OBJECT): X509_LOOKUP_TYPE;
+  function X509_OBJECT_get0_X509(const a: PX509_OBJECT): PX509;
+  function X509_OBJECT_set1_X509(a: PX509_OBJECT; obj: PX509): TIdC_INT;
+  function X509_OBJECT_get0_X509_CRL(a: PX509_OBJECT): PX509_CRL;
+  function X509_OBJECT_set1_X509_CRL(a: PX509_OBJECT; obj: PX509_CRL): TIdC_INT;
+  function X509_STORE_new: PX509_STORE;
+  procedure X509_STORE_free(v: PX509_STORE);
+  function X509_STORE_lock(ctx: PX509_STORE): TIdC_INT;
+  function X509_STORE_unlock(ctx: PX509_STORE): TIdC_INT;
+  function X509_STORE_up_ref(v: PX509_STORE): TIdC_INT;
+  //STACK_OF(X509_OBJECT) *X509_STORE_get0_objects(X509_STORE *v);
+
+  //STACK_OF(X509) *X509_STORE_CTX_get1_certs(X509_STORE_CTX *st, X509_NAME *nm);
+  //STACK_OF(X509_CRL) *X509_STORE_CTX_get1_crls(X509_STORE_CTX *st, X509_NAME *nm);
+  function X509_STORE_set_flags(ctx: PX509_STORE; flags: TIdC_ULONG): TIdC_INT;
+  function X509_STORE_set_purpose(ctx: PX509_STORE; purpose: TIdC_INT): TIdC_INT;
+  function X509_STORE_set_trust(ctx: PX509_STORE; trust: TIdC_INT): TIdC_INT;
+  function X509_STORE_set1_param(ctx: PX509_STORE; pm: PX509_VERIFY_PARAM): TIdC_INT;
+  function X509_STORE_get0_param(ctx: PX509_STORE): PX509_VERIFY_PARAM;
+
+  procedure X509_STORE_set_verify(ctx: PX509_STORE; verify: X509_STORE_CTX_verify_fn);
+  //#define X509_STORE_set_verify_func(ctx, func) \
+  //            X509_STORE_set_verify((ctx),(func))
+  procedure X509_STORE_CTX_set_verify(ctx: PX509_STORE_CTX; verify: X509_STORE_CTX_verify_fn);
+  function X509_STORE_get_verify(ctx: PX509_STORE): X509_STORE_CTX_verify_fn;
+  procedure X509_STORE_set_verify_cb(ctx: PX509_STORE; verify_cb: X509_STORE_CTX_verify_cb);
+  //# define X509_STORE_set_verify_cb_func(ctx,func) \
+  //            X509_STORE_set_verify_cb((ctx),(func))
+  function X509_STORE_get_verify_cb(ctx: PX509_STORE): X509_STORE_CTX_verify_cb;
+  procedure X509_STORE_set_get_issuer(ctx: PX509_STORE; get_issuer: X509_STORE_CTX_get_issuer_fn);
+  function X509_STORE_get_get_issuer(ctx: PX509_STORE): X509_STORE_CTX_get_issuer_fn;
+  procedure X509_STORE_set_check_issued(ctx: PX509_STORE; check_issued: X509_STORE_CTX_check_issued_fn);
+  function X509_STORE_get_check_issued(ctx: PX509_STORE): X509_STORE_CTX_check_issued_fn;
+  procedure X509_STORE_set_check_revocation(ctx: PX509_STORE; check_revocation: X509_STORE_CTX_check_revocation_fn);
+  function X509_STORE_get_check_revocation(ctx: PX509_STORE): X509_STORE_CTX_check_revocation_fn;
+  procedure X509_STORE_set_get_crl(ctx: PX509_STORE; get_crl: X509_STORE_CTX_get_crl_fn);
+  function X509_STORE_get_get_crl(ctx: PX509_STORE): X509_STORE_CTX_get_crl_fn;
+  procedure X509_STORE_set_check_crl(ctx: PX509_STORE; check_crl: X509_STORE_CTX_check_crl_fn);
+  function X509_STORE_get_check_crl(ctx: PX509_STORE): X509_STORE_CTX_check_crl_fn;
+  procedure X509_STORE_set_cert_crl(ctx: PX509_STORE; cert_crl: X509_STORE_CTX_cert_crl_fn);
+  function X509_STORE_get_cert_crl(ctx: PX509_STORE): X509_STORE_CTX_cert_crl_fn;
+  procedure X509_STORE_set_check_policy(ctx: PX509_STORE; check_policy: X509_STORE_CTX_check_policy_fn);
+  function X509_STORE_get_check_policy(ctx: PX509_STORE): X509_STORE_CTX_check_policy_fn;
+//  procedure X509_STORE_set_lookup_certs(ctx: PX509_STORE; lookup_certs: X509_STORE_CTX_lookup_certs_fn);
+//  function X509_STORE_get_lookup_certs(ctx: PX509_STORE): X509_STORE_CTX_lookup_certs_fn;
+//  procedure X509_STORE_set_lookup_crls(ctx: PX509_STORE; lookup_crls: X509_STORE_CTX_lookup_crls_fn);
+//  #define X509_STORE_set_lookup_crls_cb(ctx, func) \
+//      X509_STORE_set_lookup_crls((ctx), (func))
+//  function X509_STORE_get_lookup_crls(ctx: PX509_STORE): X509_STORE_CTX_lookup_crls_fn;
+  procedure X509_STORE_set_cleanup(ctx: PX509_STORE; cleanup: X509_STORE_CTX_cleanup_fn);
+  function X509_STORE_get_cleanup(ctx: PX509_STORE): X509_STORE_CTX_cleanup_fn;
+
+  //#define X509_STORE_get_ex_new_index(l, p, newf, dupf, freef) \
+  //    CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_X509_STORE, l, p, newf, dupf, freef)
+  function X509_STORE_set_ex_data(ctx: PX509_STORE; idx: TIdC_INT; data: Pointer): TIdC_INT;
+  function X509_STORE_get_ex_data(ctx: PX509_STORE; idx: TIdC_INT): Pointer;
+
+  function X509_STORE_CTX_new: PX509_STORE_CTX;
+
+  function X509_STORE_CTX_get1_issuer(issuer: PPX509; ctx: PX509_STORE_CTX; x: PX509): TIdC_INT;
+
+  procedure X509_STORE_CTX_free(ctx: PX509_STORE_CTX);
+//  TIdC_INT X509_STORE_CTX_init(ctx: PX509_STORE_CTX; store: PX509_STORE; x509: PX509; chain: P STACK_OF(X509));
+//  procedure X509_STORE_CTX_set0_trusted_stack(ctx: PX509_STORE_CTX; sk: P STACK_OF(X509));
+  procedure X509_STORE_CTX_cleanup(ctx: PX509_STORE_CTX);
+
+  function X509_STORE_CTX_get0_store(ctx: PX509_STORE_CTX): PX509_STORE;
+  function X509_STORE_CTX_get0_cert(ctx: PX509_STORE_CTX): PX509;
+  //STACK_OF(X509)* X509_STORE_CTX_get0_untrusted(X509_STORE_CTX *ctx);
+  //void X509_STORE_CTX_set0_untrusted(X509_STORE_CTX *ctx, STACK_OF(X509) *sk);
+  procedure X509_STORE_CTX_set_verify_cb(ctx: PX509_STORE_CTX; verify: X509_STORE_CTX_verify_cb);
+  function X509_STORE_CTX_get_verify_cb(ctx: PX509_STORE_CTX): X509_STORE_CTX_verify_cb;
+  function X509_STORE_CTX_get_verify(ctx: PX509_STORE_CTX): X509_STORE_CTX_verify_fn;
+  function X509_STORE_CTX_get_get_issuer(ctx: PX509_STORE_CTX): X509_STORE_CTX_get_issuer_fn;
+  function X509_STORE_CTX_get_check_issued(ctx: PX509_STORE_CTX): X509_STORE_CTX_check_issued_fn;
+  function X509_STORE_CTX_get_check_revocation(ctx: PX509_STORE_CTX): X509_STORE_CTX_check_revocation_fn;
+  function X509_STORE_CTX_get_get_crl(ctx: PX509_STORE_CTX): X509_STORE_CTX_get_crl_fn;
+  function X509_STORE_CTX_get_check_crl(ctx: PX509_STORE_CTX): X509_STORE_CTX_check_crl_fn;
+  function X509_STORE_CTX_get_cert_crl(ctx: PX509_STORE_CTX): X509_STORE_CTX_cert_crl_fn;
+  function X509_STORE_CTX_get_check_policy(ctx: PX509_STORE_CTX): X509_STORE_CTX_check_policy_fn;
+//  function X509_STORE_CTX_get_lookup_certs(ctx: PX509_STORE_CTX): X509_STORE_CTX_lookup_certs_fn;
+//  function X509_STORE_CTX_get_lookup_crls(ctx: PX509_STORE_CTX): X509_STORE_CTX_lookup_crls_fn;
+  function X509_STORE_CTX_get_cleanup(ctx: PX509_STORE_CTX): X509_STORE_CTX_cleanup_fn;
+
+  function X509_STORE_add_lookup(v: PX509_STORE; m: PX509_LOOKUP_METHOD): PX509_LOOKUP;
+  function X509_LOOKUP_hash_dir: PX509_LOOKUP_METHOD;
+  function X509_LOOKUP_file: PX509_LOOKUP_METHOD;
+
+  function X509_LOOKUP_meth_new(const name: PIdAnsiChar): PX509_LOOKUP_METHOD;
+  procedure X509_LOOKUP_meth_free(method: PX509_LOOKUP_METHOD);
+
+  //TIdC_INT X509_LOOKUP_meth_set_new_item(X509_LOOKUP_METHOD *method,
+  //                                  TIdC_INT (*new_item) (X509_LOOKUP *ctx));
+  //TIdC_INT (*X509_LOOKUP_meth_get_new_item(const X509_LOOKUP_METHOD* method))
+  //    (X509_LOOKUP *ctx);
+  //
+  //TIdC_INT X509_LOOKUP_meth_set_free(X509_LOOKUP_METHOD *method,
+  //                              void (*free_fn) (X509_LOOKUP *ctx));
+  //void (*X509_LOOKUP_meth_get_free(const X509_LOOKUP_METHOD* method))
+  //    (X509_LOOKUP *ctx);
+  //
+  //TIdC_INT X509_LOOKUP_meth_set_init(X509_LOOKUP_METHOD *method,
+  //                              TIdC_INT (*init) (X509_LOOKUP *ctx));
+  //TIdC_INT (*X509_LOOKUP_meth_get_init(const X509_LOOKUP_METHOD* method))
+  //    (X509_LOOKUP *ctx);
+  //
+  //TIdC_INT X509_LOOKUP_meth_set_shutdown(X509_LOOKUP_METHOD *method,
+  //                                  TIdC_INT (*shutdown) (X509_LOOKUP *ctx));
+  //TIdC_INT (*X509_LOOKUP_meth_get_shutdown(const X509_LOOKUP_METHOD* method))
+  //    (X509_LOOKUP *ctx);
+
+  function X509_LOOKUP_meth_set_ctrl(method: PX509_LOOKUP_METHOD; ctrl_fn: X509_LOOKUP_ctrl_fn): TIdC_INT;
+  function X509_LOOKUP_meth_get_ctrl(const method: PX509_LOOKUP_METHOD): X509_LOOKUP_ctrl_fn;
+
+  function X509_LOOKUP_meth_set_get_by_subject(method: PX509_LOOKUP_METHOD; fn: X509_LOOKUP_get_by_subject_fn): TIdC_INT;
+  function X509_LOOKUP_meth_get_get_by_subject(const method: PX509_LOOKUP_METHOD): X509_LOOKUP_get_by_subject_fn;
+
+  function X509_LOOKUP_meth_set_get_by_issuer_serial(method: PX509_LOOKUP_METHOD; fn: X509_LOOKUP_get_by_issuer_serial_fn): TIdC_INT;
+  function X509_LOOKUP_meth_get_get_by_issuer_serial(const method: PX509_LOOKUP_METHOD): X509_LOOKUP_get_by_issuer_serial_fn;
+
+  function X509_LOOKUP_meth_set_get_by_fingerprint(method: PX509_LOOKUP_METHOD; fn: X509_LOOKUP_get_by_fingerprint_fn): TIdC_INT;
+  function X509_LOOKUP_meth_get_get_by_fingerprint(const method: PX509_LOOKUP_METHOD): X509_LOOKUP_get_by_fingerprint_fn;
+
+  function X509_LOOKUP_meth_set_get_by_alias(method: PX509_LOOKUP_METHOD; fn: X509_LOOKUP_get_by_alias_fn): TIdC_INT;
+  function X509_LOOKUP_meth_get_get_by_alias(const method: PX509_LOOKUP_METHOD): X509_LOOKUP_get_by_alias_fn;
+
+  function X509_STORE_add_cert(ctx: PX509_STORE; x: PX509): TIdC_INT;
+  function X509_STORE_add_crl(ctx: PX509_STORE; x: PX509_CRL): TIdC_INT;
+
+  function X509_STORE_CTX_get_by_subject(vs: PX509_STORE_CTX; &type: X509_LOOKUP_TYPE; name: PX509_NAME; ret: PX509_OBJECT): TIdC_INT;
+  function X509_STORE_CTX_get_obj_by_subject(vs: PX509_STORE_CTX; &type: X509_LOOKUP_TYPE; name: PX509_NAME): PX509_OBJECT;
+
+  function X509_LOOKUP_ctrl(ctx: PX509_LOOKUP; cmd: TIdC_INT; const argc: PIdAnsiChar; argl: TIdC_LONG; ret: PPIdAnsiChar): TIdC_INT;
+
+  function X509_load_cert_file(ctx: PX509_LOOKUP; const &file: PIdAnsiChar; &type: TIdC_INT): TIdC_INT;
+  function X509_load_crl_file(ctx: PX509_LOOKUP; const &file: PIdAnsiChar; &type: TIdC_INT): TIdC_INT;
+  function X509_load_cert_crl_file(ctx: PX509_LOOKUP; const &file: PIdAnsiChar; &type: TIdC_INT): TIdC_INT;
+
+  function X509_LOOKUP_new(method: PX509_LOOKUP_METHOD): PX509_LOOKUP;
+  procedure X509_LOOKUP_free(ctx: PX509_LOOKUP);
+  function X509_LOOKUP_init(ctx: PX509_LOOKUP): TIdC_INT;
+  function X509_LOOKUP_by_subject(ctx: PX509_LOOKUP; &type: X509_LOOKUP_TYPE; name: PX509_NAME; ret: PX509_OBJECT): TIdC_INT;
+  function X509_LOOKUP_by_issuer_serial(ctx: PX509_LOOKUP; &type: X509_LOOKUP_TYPE; name: PX509_NAME; serial: PASN1_INTEGER; ret: PX509_OBJECT): TIdC_INT;
+  function X509_LOOKUP_by_fingerprint(ctx: PX509_LOOKUP; &type: X509_LOOKUP_TYPE; const bytes: PByte; len: TIdC_INT; ret: PX509_OBJECT): TIdC_INT;
+  function X509_LOOKUP_by_alias(ctx: PX509_LOOKUP; &type: X509_LOOKUP_TYPE; const str: PIdAnsiChar; len: TIdC_INT; ret: PX509_OBJECT): TIdC_INT;
+  function X509_LOOKUP_set_method_data(ctx: PX509_LOOKUP; data: Pointer): TIdC_INT;
+  function X509_LOOKUP_get_method_data(const ctx: PX509_LOOKUP): Pointer;
+  function X509_LOOKUP_get_store(const ctx: PX509_LOOKUP): PX509_STORE;
+  function X509_LOOKUP_shutdown(ctx: PX509_LOOKUP): TIdC_INT;
+
+  function X509_STORE_load_locations(ctx: PX509_STORE; const &file: PIdAnsiChar; const dir: PIdAnsiChar): TIdC_INT;
+  function X509_STORE_set_default_paths(ctx: PX509_STORE): TIdC_INT;
+
+  //#define X509_STORE_CTX_get_ex_new_index(l, p, newf, dupf, freef) \
+  //    CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_X509_STORE_CTX, l, p, newf, dupf, freef)
+  function X509_STORE_CTX_set_ex_data(ctx: PX509_STORE_CTX; idx: TIdC_INT; data: Pointer): TIdC_INT;
+  function X509_STORE_CTX_get_ex_data(ctx: PX509_STORE_CTX; idx: TIdC_INT): Pointer;
+  function X509_STORE_CTX_get_error(ctx: PX509_STORE_CTX): TIdC_INT;
+  procedure X509_STORE_CTX_set_error(ctx: X509_STORE_CTX; s: TIdC_INT);
+  function X509_STORE_CTX_get_error_depth(ctx: PX509_STORE_CTX): TIdC_INT;
+  procedure X509_STORE_CTX_set_error_depth(ctx: PX509_STORE_CTX; depth: TIdC_INT);
+  function X509_STORE_CTX_get_current_cert(ctx: PX509_STORE_CTX): PX509;
+  procedure X509_STORE_CTX_set_current_cert(ctx: PX509_STORE_CTX; x: PX509);
+  function X509_STORE_CTX_get0_current_issuer(ctx: PX509_STORE_CTX): PX509;
+  function X509_STORE_CTX_get0_current_crl(ctx: PX509_STORE_CTX): PX509_CRL;
+  function X509_STORE_CTX_get0_parent_ctx(ctx: PX509_STORE_CTX): PX509_STORE_CTX;
+//  STACK_OF(X509) *X509_STORE_CTX_get0_chain(X509_STORE_CTX *ctx);
+//  STACK_OF(X509) *X509_STORE_CTX_get1_chain(X509_STORE_CTX *ctx);
+  procedure X509_STORE_CTX_set_cert(c: PX509_STORE_CTX; x: PX509);
+//  void X509_STORE_CTX_set0_verified_chain(X509_STORE_CTX *c, STACK_OF(X509) *sk);
+//  void X509_STORE_CTX_set0_crls(X509_STORE_CTX *c, STACK_OF(X509_CRL) *sk);
+  function X509_STORE_CTX_set_purpose(ctx: PX509_STORE_CTX; purpose: TIdC_INT): TIdC_INT;
+  function X509_STORE_CTX_set_trust(ctx: PX509_STORE_CTX; trust: TIdC_INT): TIdC_INT;
+  function X509_STORE_CTX_purpose_inherit(ctx: PX509_STORE_CTX; def_purpose: TIdC_INT; purpose: TIdC_INT; trust: TIdC_INT): TIdC_INT;
+  procedure X509_STORE_CTX_set_flags(ctx: PX509_STORE_CTX; flags: TIdC_ULONG);
+//  procedure X509_STORE_CTX_set_time(ctx: PX509_STORE_CTX; flags: TIdC_ULONG; t: TIdC_TIMET);
+
+  function X509_STORE_CTX_get0_policy_tree(ctx: PX509_STORE_CTX): PX509_POLICY_TREE;
+  function X509_STORE_CTX_get_explicit_policy(ctx: PX509_STORE_CTX): TIdC_INT;
+  function X509_STORE_CTX_get_num_untrusted(ctx: PX509_STORE_CTX): TIdC_INT;
+
+  function X509_STORE_CTX_get0_param(ctx: PX509_STORE_CTX): PX509_VERIFY_PARAM;
+  procedure X509_STORE_CTX_set0_param(ctx: PX509_STORE_CTX; param: PX509_VERIFY_PARAM);
+  function X509_STORE_CTX_set_default(ctx: PX509_STORE_CTX; const name: PIdAnsiChar): TIdC_INT;
+
+  (*
+   * Bridge opacity barrier between libcrypt and libssl, also needed to support
+   * offline testing in test/danetest.c
+   *)
+  procedure X509_STORE_CTX_set0_dane(ctx: PX509_STORE_CTX; dane: PSSL_DANE);
+
+  (* X509_VERIFY_PARAM functions *)
+
+  function X509_VERIFY_PARAM_new: PX509_VERIFY_PARAM;
+  procedure X509_VERIFY_PARAM_free(param: PX509_VERIFY_PARAM);
+  function X509_VERIFY_PARAM_inherit(&to: PX509_VERIFY_PARAM; const from: PX509_VERIFY_PARAM): TIdC_INT;
+  function X509_VERIFY_PARAM_set1(&to: PX509_VERIFY_PARAM; const from: PX509_VERIFY_PARAM): TIdC_INT;
+  function X509_VERIFY_PARAM_set1_name(param: PX509_VERIFY_PARAM; const name: PIdAnsiChar): TIdC_INT;
+  function X509_VERIFY_PARAM_set_flags(param: PX509_VERIFY_PARAM; flags: TIdC_ULONG): TIdC_INT;
+  function X509_VERIFY_PARAM_clear_flags(param: PX509_VERIFY_PARAM; flags: TIdC_ULONG): TIdC_INT;
+  function X509_VERIFY_PARAM_get_flags(param: PX509_VERIFY_PARAM): TIdC_ULONG;
+  function X509_VERIFY_PARAM_set_purpose(param: PX509_VERIFY_PARAM; purpose: TIdC_INT): TIdC_INT;
+  function X509_VERIFY_PARAM_set_trust(param: PX509_VERIFY_PARAM; trust: TIdC_INT): TIdC_INT;
+  procedure X509_VERIFY_PARAM_set_depth(param: PX509_VERIFY_PARAM; depth: TIdC_INT);
+  procedure X509_VERIFY_PARAM_set_auth_level(param: PX509_VERIFY_PARAM; auth_level: TIdC_INT);
+//  function X509_VERIFY_PARAM_get_time(const param: PX509_VERIFY_PARAM): TIdC_TIMET;
+//  procedure X509_VERIFY_PARAM_set_time(param: PX509_VERIFY_PARAM; t: TIdC_TIMET);
+  function X509_VERIFY_PARAM_add0_policy(param: PX509_VERIFY_PARAM; policy: PASN1_OBJECT): TIdC_INT;
+  //TIdC_INT X509_VERIFY_PARAM_set1_policies(X509_VERIFY_PARAM *param,
+  //                                    STACK_OF(ASN1_OBJECT) *policies);
+
+  function X509_VERIFY_PARAM_set_inh_flags(param: PX509_VERIFY_PARAM; flags: TIdC_UINT32): TIdC_INT;
+  function X509_VERIFY_PARAM_get_inh_flags(const param: PX509_VERIFY_PARAM): TIdC_UINT32;
+
+  function X509_VERIFY_PARAM_set1_host(param: PX509_VERIFY_PARAM; const name: PIdAnsiChar; namelen: TIdC_SIZET): TIdC_INT;
+  function X509_VERIFY_PARAM_add1_host(param: PX509_VERIFY_PARAM; const name: PIdAnsiChar; namelen: TIdC_SIZET): TIdC_INT;
+  procedure X509_VERIFY_PARAM_set_hostflags(param: PX509_VERIFY_PARAM; flags: TIdC_UINT);
+  function X509_VERIFY_PARAM_get_hostflags(const param: PX509_VERIFY_PARAM): TIdC_UINT;
+  function X509_VERIFY_PARAM_get0_peername(v1: PX509_VERIFY_PARAM): PIdAnsiChar;
+  procedure X509_VERIFY_PARAM_move_peername(v1: PX509_VERIFY_PARAM; v2: PX509_VERIFY_PARAM);
+  function X509_VERIFY_PARAM_set1_email(param: PX509_VERIFY_PARAM; const email: PIdAnsiChar; emaillen: TIdC_SIZET): TIdC_INT;
+  function X509_VERIFY_PARAM_set1_ip(param: PX509_VERIFY_PARAM; const ip: PByte; iplen: TIdC_SIZET): TIdC_INT;
+  function X509_VERIFY_PARAM_set1_ip_asc(param: PX509_VERIFY_PARAM; const ipasc: PIdAnsiChar): TIdC_INT;
+
+  function X509_VERIFY_PARAM_get_depth(const param: PX509_VERIFY_PARAM): TIdC_INT;
+  function X509_VERIFY_PARAM_get_auth_level(const param: PX509_VERIFY_PARAM): TIdC_INT;
+  function X509_VERIFY_PARAM_get0_name(const param: PX509_VERIFY_PARAM): PIdAnsiChar;
+
+  function X509_VERIFY_PARAM_add0_table(param: PX509_VERIFY_PARAM): TIdC_INT;
+  function X509_VERIFY_PARAM_get_count: TIdC_INT;
+  function X509_VERIFY_PARAM_get0(id: TIdC_INT): PX509_VERIFY_PARAM;
+  function X509_VERIFY_PARAM_lookup(const name: PIdAnsiChar): X509_VERIFY_PARAM;
+  procedure X509_VERIFY_PARAM_table_cleanup;
+
+  //TIdC_INT X509_policy_check(X509_POLICY_TREE **ptree, TIdC_INT *pexplicit_policy,
+  //                      STACK_OF(X509) *certs,
+  //                      STACK_OF(ASN1_OBJECT) *policy_oids, TIdC_UINT flags);
+
+  procedure X509_policy_tree_free(tree: PX509_POLICY_TREE);
+
+  function X509_policy_tree_level_count(const tree: PX509_POLICY_TREE): TIdC_INT;
+  function X509_policy_tree_get0_level(const tree: PX509_POLICY_TREE; i: TIdC_INT): PX509_POLICY_LEVEL;
+
+  //STACK_OF(X509_POLICY_NODE) *X509_policy_tree_get0_policies(const
+  //                                                           X509_POLICY_TREE
+  //                                                           *tree);
+  //
+  //STACK_OF(X509_POLICY_NODE) *X509_policy_tree_get0_user_policies(const
+  //                                                                X509_POLICY_TREE
+  //                                                                *tree);
+
+  function X509_policy_level_node_count(level: PX509_POLICY_LEVEL): TIdC_INT;
+
+  function X509_policy_level_get0_node(level: PX509_POLICY_LEVEL; i: TIdC_INT): PX509_POLICY_NODE;
+
+  function X509_policy_node_get0_policy(const node: PX509_POLICY_NODE): PASN1_OBJECT;
+
+  //STACK_OF(POLICYQUALINFO) *X509_policy_node_get0_qualifiers(const
+  //                                                           X509_POLICY_NODE
+  //                                                           *node);
+  function X509_policy_node_get0_parent(const node: PX509_POLICY_NODE): PX509_POLICY_NODE;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_x509err.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_x509err.pas
new file mode 100644
index 000000000..dae2e3ada
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_x509err.pas
@@ -0,0 +1,154 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+unit IdOpenSSLHeaders_x509err;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// x509err.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+const
+  (*
+   * X509 function codes.
+   *)
+  X509_F_ADD_CERT_DIR                       = 100;
+  X509_F_BUILD_CHAIN                        = 106;
+  X509_F_BY_FILE_CTRL                       = 101;
+  X509_F_CHECK_NAME_CONSTRAINTS             = 149;
+  X509_F_CHECK_POLICY                       = 145;
+  X509_F_DANE_I2D                           = 107;
+  X509_F_DIR_CTRL                           = 102;
+  X509_F_GET_CERT_BY_SUBJECT                = 103;
+  X509_F_I2D_X509_AUX                       = 151;
+  X509_F_LOOKUP_CERTS_SK                    = 152;
+  X509_F_NETSCAPE_SPKI_B64_DECODE           = 129;
+  X509_F_NETSCAPE_SPKI_B64_ENCODE           = 130;
+  X509_F_NEW_DIR                            = 153;
+  X509_F_X509AT_ADD1_ATTR                   = 135;
+  X509_F_X509V3_ADD_EXT                     = 104;
+  X509_F_X509_ATTRIBUTE_CREATE_BY_NID       = 136;
+  X509_F_X509_ATTRIBUTE_CREATE_BY_OBJ       = 137;
+  X509_F_X509_ATTRIBUTE_CREATE_BY_TXT       = 140;
+  X509_F_X509_ATTRIBUTE_GET0_DATA           = 139;
+  X509_F_X509_ATTRIBUTE_SET1_DATA           = 138;
+  X509_F_X509_CHECK_PRIVATE_KEY             = 128;
+  X509_F_X509_CRL_DIFF                      = 105;
+  X509_F_X509_CRL_METHOD_NEW                = 154;
+  X509_F_X509_CRL_PRINT_FP                  = 147;
+  X509_F_X509_EXTENSION_CREATE_BY_NID       = 108;
+  X509_F_X509_EXTENSION_CREATE_BY_OBJ       = 109;
+  X509_F_X509_GET_PUBKEY_PARAMETERS         = 110;
+  X509_F_X509_LOAD_CERT_CRL_FILE            = 132;
+  X509_F_X509_LOAD_CERT_FILE                = 111;
+  X509_F_X509_LOAD_CRL_FILE                 = 112;
+  X509_F_X509_LOOKUP_METH_NEW               = 160;
+  X509_F_X509_LOOKUP_NEW                    = 155;
+  X509_F_X509_NAME_ADD_ENTRY                = 113;
+  X509_F_X509_NAME_CANON                    = 156;
+  X509_F_X509_NAME_ENTRY_CREATE_BY_NID      = 114;
+  X509_F_X509_NAME_ENTRY_CREATE_BY_TXT      = 131;
+  X509_F_X509_NAME_ENTRY_SET_OBJECT         = 115;
+  X509_F_X509_NAME_ONELINE                  = 116;
+  X509_F_X509_NAME_PRINT                    = 117;
+  X509_F_X509_OBJECT_NEW                    = 150;
+  X509_F_X509_PRINT_EX_FP                   = 118;
+  X509_F_X509_PUBKEY_DECODE                 = 148;
+  X509_F_X509_PUBKEY_GET0                   = 119;
+  X509_F_X509_PUBKEY_SET                    = 120;
+  X509_F_X509_REQ_CHECK_PRIVATE_KEY         = 144;
+  X509_F_X509_REQ_PRINT_EX                  = 121;
+  X509_F_X509_REQ_PRINT_FP                  = 122;
+  X509_F_X509_REQ_TO_X509                   = 123;
+  X509_F_X509_STORE_ADD_CERT                = 124;
+  X509_F_X509_STORE_ADD_CRL                 = 125;
+  X509_F_X509_STORE_ADD_LOOKUP              = 157;
+  X509_F_X509_STORE_CTX_GET1_ISSUER         = 146;
+  X509_F_X509_STORE_CTX_INIT                = 143;
+  X509_F_X509_STORE_CTX_NEW                 = 142;
+  X509_F_X509_STORE_CTX_PURPOSE_INHERIT     = 134;
+  X509_F_X509_STORE_NEW                     = 158;
+  X509_F_X509_TO_X509_REQ                   = 126;
+  X509_F_X509_TRUST_ADD                     = 133;
+  X509_F_X509_TRUST_SET                     = 141;
+  X509_F_X509_VERIFY_CERT                   = 127;
+  X509_F_X509_VERIFY_PARAM_NEW              = 159;
+
+  (*
+   * X509 reason codes.
+   *)
+  X509_R_AKID_MISMATCH                      = 110;
+  X509_R_BAD_SELECTOR                       = 133;
+  X509_R_BAD_X509_FILETYPE                  = 100;
+  X509_R_BASE64_DECODE_ERROR                = 118;
+  X509_R_CANT_CHECK_DH_KEY                  = 114;
+  X509_R_CERT_ALREADY_IN_HASH_TABLE         = 101;
+  X509_R_CRL_ALREADY_DELTA                  = 127;
+  X509_R_CRL_VERIFY_FAILURE                 = 131;
+  X509_R_IDP_MISMATCH                       = 128;
+  X509_R_INVALID_ATTRIBUTES                 = 138;
+  X509_R_INVALID_DIRECTORY                  = 113;
+  X509_R_INVALID_FIELD_NAME                 = 119;
+  X509_R_INVALID_TRUST                      = 123;
+  X509_R_ISSUER_MISMATCH                    = 129;
+  X509_R_KEY_TYPE_MISMATCH                  = 115;
+  X509_R_KEY_VALUES_MISMATCH                = 116;
+  X509_R_LOADING_CERT_DIR                   = 103;
+  X509_R_LOADING_DEFAULTS                   = 104;
+  X509_R_METHOD_NOT_SUPPORTED               = 124;
+  X509_R_NAME_TOO_LONG                      = 134;
+  X509_R_NEWER_CRL_NOT_NEWER                = 132;
+  X509_R_NO_CERTIFICATE_FOUND               = 135;
+  X509_R_NO_CERTIFICATE_OR_CRL_FOUND        = 136;
+  X509_R_NO_CERT_SET_FOR_US_TO_VERIFY       = 105;
+  X509_R_NO_CRL_FOUND                       = 137;
+  X509_R_NO_CRL_NUMBER                      = 130;
+  X509_R_PUBLIC_KEY_DECODE_ERROR            = 125;
+  X509_R_PUBLIC_KEY_ENCODE_ERROR            = 126;
+  X509_R_SHOULD_RETRY                       = 106;
+  X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN = 107;
+  X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY     = 108;
+  X509_R_UNKNOWN_KEY_TYPE                   = 117;
+  X509_R_UNKNOWN_NID                        = 109;
+  X509_R_UNKNOWN_PURPOSE_ID                 = 121;
+  X509_R_UNKNOWN_TRUST_ID                   = 120;
+  X509_R_UNSUPPORTED_ALGORITHM              = 111;
+  X509_R_WRONG_LOOKUP_TYPE                  = 112;
+  X509_R_WRONG_TYPE                         = 122;
+
+var
+  function ERR_load_X509_strings: TIdC_INT;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_x509v3.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_x509v3.pas
new file mode 100644
index 000000000..16bdf8aa8
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_x509v3.pas
@@ -0,0 +1,927 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+unit IdOpenSSLHeaders_x509v3;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// x509v3.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts,
+  IdOpenSSLHeaders_ossl_typ,
+  IdOpenSSLHeaders_asn1,
+  IdOpenSSLHeaders_asn1t,
+  IdOpenSSLHeaders_x509,
+  System.Types;
+
+const
+  (* ext_flags values *)
+  X509V3_EXT_DYNAMIC      = $1;
+  X509V3_EXT_CTX_DEP      = $2;
+  X509V3_EXT_MULTILINE    = $4;
+
+  // v3_ext_ctx
+  CTX_TEST = $1;
+  X509V3_CTX_REPLACE = $2;
+
+  // GENERAL_NAME_st
+  GEN_OTHERNAME   = 0;
+  GEN_EMAIL       = 1;
+  GEN_DNS         = 2;
+  GEN_X400        = 3;
+  GEN_DIRNAME     = 4;
+  GEN_EDIPARTY    = 5;
+  GEN_URI         = 6;
+  GEN_IPADD       = 7;
+  GEN_RID         = 8;
+
+  (* All existing reasons *)
+  CRLDP_ALL_REASONS       = $807f;
+
+  CRL_REASON_NONE                         = -1;
+  CRL_REASON_UNSPECIFIED                  = 0;
+  CRL_REASON_KEY_COMPROMISE               = 1;
+  CRL_REASON_CA_COMPROMISE                = 2;
+  CRL_REASON_AFFILIATION_CHANGED          = 3;
+  CRL_REASON_SUPERSEDED                   = 4;
+  CRL_REASON_CESSATION_OF_OPERATION       = 5;
+  CRL_REASON_CERTIFICATE_HOLD             = 6;
+  CRL_REASON_REMOVE_FROM_CRL              = 8;
+  CRL_REASON_PRIVILEGE_WITHDRAWN          = 9;
+  CRL_REASON_AA_COMPROMISE                = 10;
+
+  (* Values in idp_flags field *)
+  (* IDP present *)
+  IDP_PRESENT     = $1;
+  (* IDP values inconsistent *)
+  IDP_INVALID     = $2;
+  (* onlyuser true *)
+  IDP_ONLYUSER    = $4;
+  (* onlyCA true *)
+  IDP_ONLYCA      = $8;
+  (* onlyattr true *)
+  IDP_ONLYATTR    = $10;
+  (* indirectCRL true *)
+  IDP_INDIRECT    = $20;
+  (* onlysomereasons present *)
+  IDP_REASONS     = $40;
+
+  EXT_END: array[0..13] of TIdC_INT = (-1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0);
+
+  (* X509_PURPOSE stuff *)
+
+  EXFLAG_BCONS            = $1;
+  EXFLAG_KUSAGE           = $2;
+  EXFLAG_XKUSAGE          = $4;
+  EXFLAG_NSCERT           = $8;
+
+  EXFLAG_CA               = $10;
+  (* Really self issued not necessarily self signed *)
+  EXFLAG_SI               = $20;
+  EXFLAG_V1               = $40;
+  EXFLAG_INVALID          = $80;
+  (* EXFLAG_SET is set to indicate that some values have been precomputed *)
+  EXFLAG_SET              = $100;
+  EXFLAG_CRITICAL         = $200;
+  EXFLAG_PROXY            = $400;
+
+  EXFLAG_INVALID_POLICY   = $800;
+  EXFLAG_FRESHEST         = $1000;
+  (* Self signed *)
+  EXFLAG_SS               = $2000;
+
+  KU_DIGITAL_SIGNATURE    = $0080;
+  KU_NON_REPUDIATION      = $0040;
+  KU_KEY_ENCIPHERMENT     = $0020;
+  KU_DATA_ENCIPHERMENT    = $0010;
+  KU_KEY_AGREEMENT        = $0008;
+  KU_KEY_CERT_SIGN        = $0004;
+  KU_CRL_SIGN             = $0002;
+  KU_ENCIPHER_ONLY        = $0001;
+  KU_DECIPHER_ONLY        = $8000;
+
+  NS_SSL_CLIENT           = $80;
+  NS_SSL_SERVER           = $40;
+  NS_SMIME                = $20;
+  NS_OBJSIGN              = $10;
+  NS_SSL_CA               = $04;
+  NS_SMIME_CA             = $02;
+  NS_OBJSIGN_CA           = $01;
+  NS_ANY_CA               = NS_SSL_CA or NS_SMIME_CA or NS_OBJSIGN_CA;
+
+  XKU_SSL_SERVER          = $1;
+  XKU_SSL_CLIENT          = $2;
+  XKU_SMIME               = $4;
+  XKU_CODE_SIGN           = $8;
+  XKU_SGC                 = $10;
+  XKU_OCSP_SIGN           = $20;
+  XKU_TIMESTAMP           = $40;
+  XKU_DVCS                = $80;
+  XKU_ANYEKU              = $100;
+
+  X509_PURPOSE_DYNAMIC    = $1;
+  X509_PURPOSE_DYNAMIC_NAME       = $2;
+
+  X509_PURPOSE_SSL_CLIENT         = 1;
+  X509_PURPOSE_SSL_SERVER         = 2;
+  X509_PURPOSE_NS_SSL_SERVER      = 3;
+  X509_PURPOSE_SMIME_SIGN         = 4;
+  X509_PURPOSE_SMIME_ENCRYPT      = 5;
+  X509_PURPOSE_CRL_SIGN           = 6;
+  X509_PURPOSE_ANY                = 7;
+  X509_PURPOSE_OCSP_HELPER        = 8;
+  X509_PURPOSE_TIMESTAMP_SIGN     = 9;
+
+  X509_PURPOSE_MIN                = 1;
+  X509_PURPOSE_MAX                = 9;
+
+  (* Flags for X509V3_EXT_print() *)
+
+  X509V3_EXT_UNKNOWN_MASK         = TIdC_LONG($f) shl 16;
+  (* Return error for unknown extensions *)
+  X509V3_EXT_DEFAULT              = 0;
+  (* Print error for unknown extensions *)
+  X509V3_EXT_ERROR_UNKNOWN        = TIdC_LONG(1) shl 16;
+  (* ASN1 parse unknown extensions *)
+  X509V3_EXT_PARSE_UNKNOWN        = TIdC_LONG(2) shl 16;
+  (* BIO_dump unknown extensions *)
+  X509V3_EXT_DUMP_UNKNOWN         = TIdC_LONG(3) shl 16;
+
+  (* Flags for X509V3_add1_i2d *)
+
+  X509V3_ADD_OP_MASK              = TIdC_LONG($f);
+  X509V3_ADD_DEFAULT              = TIdC_LONG(0);
+  X509V3_ADD_APPEND               = TIdC_LONG(1);
+  X509V3_ADD_REPLACE              = TIdC_LONG(2);
+  X509V3_ADD_REPLACE_EXISTING     = TIdC_LONG(3);
+  X509V3_ADD_KEEP_EXISTING        = TIdC_LONG(4);
+  X509V3_ADD_DELETE               = TIdC_LONG(5);
+  X509V3_ADD_SILENT               = $10;
+
+  (* Flags for X509_check_* functions *)
+
+  (*
+   * Always check subject name for host match even if subject alt names present
+   *)
+  X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT    = $1;
+  (* Disable wildcard matching for dnsName fields and common name. *)
+  X509_CHECK_FLAG_NO_WILDCARDS    = $2;
+  (* Wildcards must not match a partial label. *)
+  X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS = $4;
+  (* Allow (non-partial) wildcards to match multiple labels. *)
+  X509_CHECK_FLAG_MULTI_LABEL_WILDCARDS = $8;
+  (* Constraint verifier subdomain patterns to match a single labels. *)
+  X509_CHECK_FLAG_SINGLE_LABEL_SUBDOMAINS = $10;
+  (* Never check the subject CN *)
+  X509_CHECK_FLAG_NEVER_CHECK_SUBJECT    = $20;
+  (*
+   * Match reference identifiers starting with "." to any sub-domain.
+   * This is a non-public flag, turned on implicitly when the subject
+   * reference identity is a DNS name.
+   *)
+  _X509_CHECK_FLAG_DOT_SUBDOMAINS = $8000;
+
+  ASIdOrRange_id          = 0;
+  ASIdOrRange_range       = 1;
+
+  ASIdentifierChoice_inherit              = 0;
+  ASIdentifierChoice_asIdsOrRanges        = 1;
+
+  IPAddressOrRange_addressPrefix  = 0;
+  IPAddressOrRange_addressRange   = 1;
+
+  IPAddressChoice_inherit                 = 0;
+  IPAddressChoice_addressesOrRanges       = 1;
+
+  (*
+   * API tag for elements of the ASIdentifer SEQUENCE.
+   *)
+  V3_ASID_ASNUM   = 0;
+  V3_ASID_RDI     = 1;
+
+  (*
+   * AFI values, assigned by IANA.  It'd be nice to make the AFI
+   * handling code totally generic, but there are too many little things
+   * that would need to be defined for other address families for it to
+   * be worth the trouble.
+   *)
+  IANA_AFI_IPV4   = 1;
+  IANA_AFI_IPV6   = 2;
+
+type
+  (* Forward reference *)
+  //Pv3_ext_method = ^v3_ext_method;
+  //Pv3_ext_ctx = ^v3_ext_ctx;
+
+  (* Useful typedefs *)
+
+  //X509V3_EXT_NEW = function: Pointer; cdecl;
+  //X509V3_EXT_FREE = procedure(v1: Pointer); cdecl;
+  //X509V3_EXT_D2I = function(v1: Pointer; v2: PPByte; v3: TIdC_Long): Pointer; cdecl;
+  //X509V3_EXT_I2D = function(v1: Pointer; v2: PPByte): TIdC_INT; cdecl;
+//  typedef STACK_OF(CONF_VALUE) *
+//      (*X509V3_EXT_I2V) (const struct v3_ext_method *method, void *ext,
+//                         STACK_OF(CONF_VALUE) *extlist);
+//  typedef void *(*X509V3_EXT_V2I)(const struct v3_ext_method *method,
+//                                  struct v3_ext_ctx *ctx,
+//                                  STACK_OF(CONF_VALUE) *values);
+  //X509V3_EXT_I2S = function(method: Pv3_ext_method; ext: Pointer): PIdAnsiChar; cdecl;
+  //X509V3_EXT_S2I = function(method: Pv3_ext_method; ctx: Pv3_ext_ctx; const str: PIdAnsiChar): Pointer; cdecl;
+  //X509V3_EXT_I2R = function(const method: Pv3_ext_method; ext: Pointer; &out: PBIO; indent: TIdC_INT): TIdC_INT; cdecl;
+  //X509V3_EXT_R2I = function(const method: Pv3_ext_method; ctx: Pv3_ext_ctx; const str: PIdAnsiChar): Pointer; cdecl;
+
+//  (* V3 extension structure *)
+//  v3_ext_method = record
+//    ext_nid: TIdC_INT;
+//    ext_flags: TIdC_INT;
+//(* If this is set the following four fields are ignored *)
+//    it: PASN1_ITEM_EXP;
+//(* Old style ASN1 calls *)
+//    ext_new: X509V3_EXT_NEW;
+//    ext_free: X509V3_EXT_FREE;
+//    d2i: X509V3_EXT_D2I;
+//    i2d: X509V3_EXT_I2D;
+//(* The following pair is used for string extensions *)
+//    i2s: X509V3_EXT_I2S;
+//    s2i: X509V3_EXT_S2I;
+//(* The following pair is used for multi-valued extensions *)
+//    i2v: X509V3_EXT_I2V;
+//    v2i: X509V3_EXT_V2I;
+//(* The following are used for raw extensions *)
+//    i2r: X509V3_EXT_I2R;
+//    r2i: X509V3_EXT_R2I;
+//    usr_data: Pointer;             (* Any extension specific data *)
+//  end;
+//  X509V3_EXT_METHOD = v3_ext_method;
+//  PX509V3_EXT_METHOD = ^X509V3_EXT_METHOD;
+//  DEFINE_STACK_OF(X509V3_EXT_METHOD)
+
+//  typedef struct X509V3_CONF_METHOD_st {
+//      PIdAnsiChar *(*get_string) (void *db, const section: PIdAnsiChar, const value: PIdAnsiChar);
+//      STACK_OF(CONF_VALUE) *(*get_section) (void *db, const section: PIdAnsiChar);
+//      void (*free_string) (void *db, PIdAnsiChar *string);
+//      void (*free_section) (void *db, STACK_OF(CONF_VALUE) *section);
+//  } X509V3_CONF_METHOD;
+
+// Moved to ossl_typ
+//  (* Context specific info *)
+//  v3_ext_ctx = record
+//    flags: TIdC_INT;
+//    issuer_cert: PX509;
+//    subject_cert: PX509;
+//    subject_req: PX509_REQ;
+//    crl: PX509_CRL;
+//    db_meth: PX509V3_CONF_METHOD;
+//    db: Pointer;
+//  (* Maybe more here *)
+//  end;
+
+  ENUMERATED_NAMES = BIT_STRING_BITNAME;
+
+  BASIC_CONSTRAINTS_st = record
+    ca: TIdC_INT;
+    pathlen: PASN1_INTEGER;
+  end;
+  BASIC_CONSTRAINTS = BASIC_CONSTRAINTS_st;
+  PBASIC_CONSTRAINTS = ^BASIC_CONSTRAINTS;
+
+  PKEY_USAGE_PERIOD_st = record
+    notBefore: PASN1_GENERALIZEDTIME;
+    notAfter: PASN1_GENERALIZEDTIME;
+  end;
+  PKEY_USAGE_PERIOD = PKEY_USAGE_PERIOD_st;
+  PPKEY_USAGE_PERIOD = ^PKEY_USAGE_PERIOD;
+
+  otherName_st = record
+    type_id: PASN1_OBJECT;
+    value: PASN1_TYPE;
+  end;
+  OTHERNAME = otherName_st;
+  POTHERNAME = ^OTHERNAME;
+
+  EDIPartyName_st  = record
+    nameAssigner: PASN1_STRING;
+    partyName: PASN1_STRING;
+  end;
+  EDIPARTYNAME = EDIPartyName_st;
+  PEDIPARTYNAME = ^EDIPARTYNAME;
+
+  GENERAL_NAME_st_union = record
+    case DWORD of
+      0: (ptr: PIdAnsiChar);
+      1: (otherName: POTHERNAME);   (* otherName *)
+      2: (rfc822Name: PASN1_IA5STRING);
+      3: (dNSName: PASN1_IA5STRING);
+      4: (x400Address: PASN1_TYPE);
+      5: (directoryName: PX509_NAME);
+      6: (ediPartyName: PEDIPARTYNAME);
+      7: (uniformResourceIdentifier: PASN1_IA5STRING);
+      8: (iPAddress: PASN1_OCTET_STRING);
+      9: (registeredID: PASN1_OBJECT);
+      (* Old names *)
+      10: (ip: PASN1_OCTET_STRING);  (* iPAddress *)
+      11: (dirn: PX509_NAME);        (* dirn *)
+      12: (ia5: PASN1_IA5STRING);    (* rfc822Name, dNSName,
+                                      * uniformResourceIdentifier *)
+      13: (rid: PASN1_OBJECT);       (* registeredID *)
+      14: (other: PASN1_TYPE);       (* x400Address *)
+  end;
+  GENERAL_NAME_st = record
+    &type: TIdC_INT;
+    d: GENERAL_NAME_st_union;
+  end;
+  GENERAL_NAME = GENERAL_NAME_st;
+  PGENERAL_NAME = ^GENERAL_NAME;
+
+  ACCESS_DESCRIPTION_st = record
+    method: PASN1_OBJECT;
+    location: PGENERAL_NAME;
+  end;
+  ACCESS_DESCRIPTION = ACCESS_DESCRIPTION_st;
+  PACCESS_DESCRIPTION = ^ACCESS_DESCRIPTION;
+
+//  typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS;
+
+//  typedef STACK_OF(ASN1_OBJECT) EXTENDED_KEY_USAGE;
+
+//  typedef STACK_OF(ASN1_INTEGER) TLS_FEATURE;
+
+//  DEFINE_STACK_OF(GENERAL_NAME)
+//  typedef STACK_OF(GENERAL_NAME) GENERAL_NAMES;
+//  DEFINE_STACK_OF(GENERAL_NAMES)
+
+//  DEFINE_STACK_OF(ACCESS_DESCRIPTION)
+//  DIST_POINT_NAME_st_union = record
+//    case DWord of
+//      0: (GENERAL_NAMES *fullname);
+//      1: (STACK_OF(X509_NAME_ENTRY) *relativename);
+//  end;
+  DIST_POINT_NAME_st = record
+    &type: TIdC_INT;
+    (* If relativename then this contains the full distribution point name *)
+    dpname: PX509_NAME;
+  end;
+  DIST_POINT_NAME = DIST_POINT_NAME_st;
+  PDIST_POINT_NAME = ^DIST_POINT_NAME;
+
+
+//  struct DIST_POINT_ST {
+//      DIST_POINT_NAME *distpoint;
+//      ASN1_BIT_STRING *reasons;
+//      GENERAL_NAMES *CRLissuer;
+//      TIdC_INT dp_reasons;
+//  };
+
+//  typedef STACK_OF(DIST_POINT) CRL_DIST_POINTS;
+
+//  DEFINE_STACK_OF(DIST_POINT)
+
+//  AUTHORITY_KEYID_st = record
+//    keyid: PASN1_OCTET_STRING;
+//    issuer: PGENERAL_NAMES;
+//    serial: PASN1_INTEGER;
+//  end;
+
+  (* Strong extranet structures *)
+
+  SXNET_ID_st = record
+    zone: PASN1_INTEGER;
+    user: PASN1_OCTET_STRING;
+  end;
+  SXNETID = SXNET_ID_st;
+  PSXNETID = ^SXNETID;
+//  DEFINE_STACK_OF(SXNETID)
+
+//  SXNET_st = record
+//    ASN1_INTEGER *version;
+//    STACK_OF(SXNETID) *ids;
+//  end;
+//  SXNET = SXNET_st;
+//  PSXNET = ^SXNET;
+
+//  NOTICEREF_st = record
+//    ASN1_STRING *organization;
+//    STACK_OF(ASN1_INTEGER) *noticenos;
+//  end;
+//  NOTICEREF = NOTICEREF_st;
+//  PNOTICEREF = ^NOTICEREF;
+
+//  USERNOTICE_st = record
+//    noticeref: PNOTICEREF;
+//    exptext: PASN1_STRING;
+//  end;
+//  USERNOTICE = USERNOTICE_st;
+//  PUSERNOTICE = ^USERNOTICE;
+
+//  POLICYQUALINFO_st_union = record
+//    case DWord of
+//      0: (cpsuri: PASN1_IA5STRING);
+//      1: (usernotice: PUSERNOTICE);
+//      2: (other: PASN1_TYPE);
+//  end;
+//  POLICYQUALINFO_st = record
+//    pqualid: PASN1_OBJECT;
+//    d: POLICYQUALINFO_st_union;
+//  end;
+//  POLICYQUALINFO = POLICYQUALINFO_st;
+//  PPOLICYQUALINFO = ^POLICYQUALINFO;
+//  DEFINE_STACK_OF(POLICYQUALINFO)
+
+//  POLICYINFO_st = record
+//    ASN1_OBJECT *policyid;
+//    STACK_OF(POLICYQUALINFO) *qualifiers;
+//  end;
+//  POLICYINFO = POLICYINFO_st;
+//  PPOLICYINFO = ^POLICYINFO;
+//  typedef STACK_OF(POLICYINFO) CERTIFICATEPOLICIES;
+//  DEFINE_STACK_OF(POLICYINFO)
+
+  POLICY_MAPPING_st = record
+    issuerDomainPolicy: PASN1_OBJECT;
+    subjectDomainPolicy: PASN1_OBJECT;
+  end;
+  POLICY_MAPPING = POLICY_MAPPING_st;
+  PPOLICY_MAPPING = ^POLICY_MAPPING;
+//  DEFINE_STACK_OF(POLICY_MAPPING)
+//  typedef STACK_OF(POLICY_MAPPING) POLICY_MAPPINGS;
+
+  GENERAL_SUBTREE_st = record
+    base: PGENERAL_NAME;
+    minimum: PASN1_INTEGER;
+    maximum: PASN1_INTEGER;
+  end;
+  GENERAL_SUBTREE = GENERAL_SUBTREE_st;
+  PGENERAL_SUBTREE = ^GENERAL_SUBTREE;
+//  DEFINE_STACK_OF(GENERAL_SUBTREE)
+
+//  NAME_CONSTRAINTS_st = record
+//    STACK_OF(GENERAL_SUBTREE) *permittedSubtrees;
+//    STACK_OF(GENERAL_SUBTREE) *excludedSubtrees;
+//  end;
+
+  POLICY_CONSTRAINTS_st = record
+    requireExplicitPolicy: PASN1_INTEGER;
+    inhibitPolicyMapping: PASN1_INTEGER;
+  end;
+  POLICY_CONSTRAINTS = POLICY_CONSTRAINTS_st;
+  PPOLICY_CONSTRAINTS = ^POLICY_CONSTRAINTS;
+
+  (* Proxy certificate structures, see RFC 3820 *)
+  PROXY_POLICY_st = record
+    policyLanguage: PASN1_OBJECT;
+    policy: PASN1_OCTET_STRING;
+  end;
+  PROXY_POLICY = PROXY_POLICY_st;
+  PPROXY_POLICY = ^PROXY_POLICY;
+//  DECLARE_ASN1_FUNCTIONS(PROXY_POLICY)
+
+  PROXY_CERT_INFO_EXTENSION_st = record
+    pcPathLengthConstraint: PASN1_INTEGER;
+    proxyPolicy: PPROXY_POLICY;
+  end;
+  PROXY_CERT_INFO_EXTENSION = PROXY_CERT_INFO_EXTENSION_st;
+  PPROXY_CERT_INFO_EXTENSION = ^PROXY_CERT_INFO_EXTENSION;
+//  DECLARE_ASN1_FUNCTIONS(PROXY_CERT_INFO_EXTENSION)
+
+//  ISSUING_DIST_POint_st = record
+//    distpoint: PDIST_POINT_NAME;
+//    TIdC_INT onlyuser;
+//    TIdC_INT onlyCA;
+//    onlysomereasons: PASN1_BIT_STRING;
+//    TIdC_INT indirectCRL;
+//    TIdC_INT onlyattr;
+//  end;
+
+//  # define X509V3_conf_err(val) ERR_add_error_data(6, \
+//                          "section:", (val)->section, \
+//                          ",name:", (val)->name, ",value:", (val)->value)
+//
+//  # define X509V3_set_ctx_test(ctx) \
+//                          X509V3_set_ctx(ctx, NULL, NULL, NULL, NULL, CTX_TEST)
+//  # define X509V3_set_ctx_nodb(ctx) (ctx)->db = NULL;
+//
+//  # define EXT_BITSTRING(nid, table) { nid, 0, ASN1_ITEM_ref(ASN1_BIT_STRING), \
+//                          0,0,0,0, \
+//                          0,0, \
+//                          (X509V3_EXT_I2V)i2v_ASN1_BIT_STRING, \
+//                          (X509V3_EXT_V2I)v2i_ASN1_BIT_STRING, \
+//                          NULL, NULL, \
+//                          table}
+//
+//  # define EXT_IA5STRING(nid) { nid, 0, ASN1_ITEM_ref(ASN1_IA5STRING), \
+//                          0,0,0,0, \
+//                          (X509V3_EXT_I2S)i2s_ASN1_IA5STRING, \
+//                          (X509V3_EXT_S2I)s2i_ASN1_IA5STRING, \
+//                          0,0,0,0, \
+//                          NULL}
+                         
+  PX509_PURPOSE = ^X509_PURPOSE;
+  x509_purpose_st = record
+    purpose: TIdC_INT;
+    trust: TIdC_INT;                  (* Default trust ID *)
+    flags: TIdC_INT;
+    check_purpose: function(const v1: PX509_PURPOSE; const v2: PX509; v3: TIdC_INT): TIdC_INT;
+    name: PIdAnsiChar;
+    sname: PIdAnsiChar;
+    usr_data: Pointer;
+  end;
+  X509_PURPOSE = x509_purpose_st;
+//  DEFINE_STACK_OF(X509_PURPOSE)
+
+//  DECLARE_ASN1_FUNCTIONS(BASIC_CONSTRAINTS_st)
+
+//  DECLARE_ASN1_FUNCTIONS(SXNET)
+//  DECLARE_ASN1_FUNCTIONS(SXNETID)
+
+  ASRange_st = record
+    min, max: PASN1_INTEGER;
+  end;
+  ASRange = ASRange_st;
+  PASRange = ^ASRange;
+
+  ASIdOrRange_st = record
+    &type: TIdC_INT;
+    case u: DWord of
+      0: (id: PASN1_INTEGER);
+      1: (range: PASRange);
+  end;
+  ASIdOrRange = ASIdOrRange_st;
+  PASIdOrRange = ^ASIdOrRange;
+//  typedef STACK_OF(ASIdOrRange) ASIdOrRanges;
+//  DEFINE_STACK_OF(ASIdOrRange)
+
+//  ASIdentifierChoice_st = record
+//    &type: TIdC_INT;
+//    case u: DWORD of
+//      0: (inherit: PASN1_NULL);
+//      1: (asIdsOrRanges: PASIdOrRanges);
+//  end;
+//  ASIdentifierChoice = ASIdentifierChoice_st;
+//  PASIdentifierChoice = ^ASIdentifierChoice;
+
+//  ASIdentifiers_st = record
+//    asnum, rdi: PASIdentifierChoice;
+//  end;
+//  ASIdentifiers = ASIdentifiers_st;
+//  PASIdentifiers = ^ASIdentifiers;
+
+//  DECLARE_ASN1_FUNCTIONS(ASRange)
+//  DECLARE_ASN1_FUNCTIONS(ASIdOrRange)
+//  DECLARE_ASN1_FUNCTIONS(ASIdentifierChoice)
+//  DECLARE_ASN1_FUNCTIONS(ASIdentifiers)
+
+  IPAddressRange_st = record
+    min, max: PASN1_BIT_STRING;
+  end;
+  IPAddressRange = IPAddressRange_st;
+  PIPAddressRange = ^IPAddressRange;
+
+  IPAddressOrRange_st = record
+    &type: TIdC_INT;
+    case u: DWORD of
+      0: (addressPrefix: PASN1_BIT_STRING);
+      1: (addressRange: PIPAddressRange);
+  end;
+  IPAddressOrRange = IPAddressOrRange_st;
+  PIPAddressOrRange = ^IPAddressOrRange;
+
+//  typedef STACK_OF(IPAddressOrRange) IPAddressOrRanges;
+//  DEFINE_STACK_OF(IPAddressOrRange)
+
+//  IPAddressChoice_st = record
+//    &type: TIdC_INT;
+//    case u: DWORD of
+//      0: (inherit: PASN1_NULL);
+//      1: (addressesOrRanges: PIPAddressOrRanges);
+//  end;
+//  IPAddressChoice = IPAddressChoice_st;
+//  PIPAddressChoice = ^IPAddressChoice;
+
+//  IPAddressFamily_st = record
+//    addressFamily: PASN1_OCTET_STRING;
+//    ipAddressChoice: PIPAddressChoice;
+//  end;
+//  IPAddressFamily = IPAddressFamily_st;
+//  PIPAddressFamily = ^IPAddressFamily;
+
+//  typedef STACK_OF(IPAddressFamily) IPAddrBlocks;
+//  DEFINE_STACK_OF(IPAddressFamily)
+
+//  DECLARE_ASN1_FUNCTIONS(IPAddressRange)
+//  DECLARE_ASN1_FUNCTIONS(IPAddressOrRange)
+//  DECLARE_ASN1_FUNCTIONS(IPAddressChoice)
+//  DECLARE_ASN1_FUNCTIONS(IPAddressFamily)
+
+  NamingAuthority_st = type Pointer;
+  NAMING_AUTHORITY = NamingAuthority_st;
+  PNAMING_AUTHORITY = ^NAMING_AUTHORITY;
+  
+  ProfessionInfo_st = type Pointer;
+  PROFESSION_INFO = ProfessionInfo_st;
+  PPROFESSION_INFO = ^PROFESSION_INFO;
+  
+  Admissions_st = type Pointer;
+  ADMISSIONS = Admissions_st;
+  PADMISSIONS = ^ADMISSIONS;
+  
+  AdmissionSyntax_st = type Pointer;
+  ADMISSION_SYNTAX = AdmissionSyntax_st;
+  PADMISSION_SYNTAX = ^ADMISSION_SYNTAX;
+//  DECLARE_ASN1_FUNCTIONS(NAMING_AUTHORITY)
+//  DECLARE_ASN1_FUNCTIONS(PROFESSION_INFO)
+//  DECLARE_ASN1_FUNCTIONS(ADMISSIONS)
+//  DECLARE_ASN1_FUNCTIONS(ADMISSION_SYNTAX)
+//  DEFINE_STACK_OF(ADMISSIONS)
+//  DEFINE_STACK_OF(PROFESSION_INFO)
+//  typedef STACK_OF(PROFESSION_INFO) PROFESSION_INFOS;
+
+var
+//  function SXNET_add_id_asc(psx: PPSXNET; const zone: PIdAnsiChar; const user: PIdAnsiChar; userlen: TIdC_INT): TIdC_INT;
+//  function SXNET_add_id_ulong(psx: PPSXNET; lzone: TIdC_ULONG; const user: PIdAnsiChar; userlen: TIdC_INT): TIdC_INT;
+//  function SXNET_add_id_INTEGER(psx: PPSXNET; izone: PASN1_INTEGER; const user: PIdAnsiChar; userlen: TIdC_INT): TIdC_INT;
+
+//  function SXNET_get_id_asc(sx: PSXNET; const zone: PIdAnsiChar): PASN1_OCTET_STRING;
+//  function SXNET_get_id_ulong(sx: PSXNET; lzone: TIdC_ULONG): PASN1_OCTET_STRING;
+//  function SXNET_get_id_INTEGER(sx: PSXNET; zone: PASN1_INTEGER): PASN1_OCTET_STRING;
+
+//  DECLARE_ASN1_FUNCTIONS(AUTHORITY_KEYID)
+
+//  DECLARE_ASN1_FUNCTIONS(PKEY_USAGE_PERIOD)
+
+//  DECLARE_ASN1_FUNCTIONS(GENERAL_NAME)
+//  GENERAL_NAME *GENERAL_NAME_dup(a: PGENERAL_NAME);
+  function GENERAL_NAME_cmp(a: PGENERAL_NAME; b: PGENERAL_NAME): TIdC_INT;
+
+//  ASN1_BIT_STRING *v2i_ASN1_BIT_STRING(method: PX509V3_EXT_METHOD; ctx: PX509V3_CTX; STACK_OF(CONF_VALUE) *nval);
+//  STACK_OF(CONF_VALUE) *i2v_ASN1_BIT_STRING(method: PX509V3_EXT_METHOD; ASN1_BIT_STRING *bits; STACK_OF(CONF_VALUE) *extlist);
+  //function i2s_ASN1_IA5STRING(method: PX509V3_EXT_METHOD; ia5: PASN1_IA5STRING): PIdAnsiChar;
+  //function s2i_ASN1_IA5STRING(method: PX509V3_EXT_METHOD; ctx: PX509V3_CTX; const str: PIdAnsiChar): PASN1_IA5STRING;
+
+//  STACK_OF(CONF_VALUE) *i2v_GENERAL_NAME(method: PX509V3_EXT_METHOD; gen: PGENERAL_NAME; STACK_OF(CONF_VALUE) *ret);
+  function GENERAL_NAME_print(&out: PBIO; gen: PGENERAL_NAME): TIdC_INT;
+
+//  DECLARE_ASN1_FUNCTIONS(GENERAL_NAMES)
+
+//  STACK_OF(CONF_VALUE) *i2v_GENERAL_NAMES(method: PX509V3_EXT_METHOD, GENERAL_NAMES *gen, STACK_OF(CONF_VALUE) *extlist);
+//  GENERAL_NAMES *v2i_GENERAL_NAMES(const method: PX509V3_EXT_METHOD, ctx: PX509V3_CTX, STACK_OF(CONF_VALUE) *nval);
+
+//  DECLARE_ASN1_FUNCTIONS(OTHERNAME)
+//  DECLARE_ASN1_FUNCTIONS(EDIPARTYNAME)
+  function OTHERNAME_cmp(a: POTHERNAME; b: POTHERNAME): TIdC_INT;
+  procedure GENERAL_NAME_set0_value(a: PGENERAL_NAME; &type: TIdC_INT; value: Pointer);
+  function GENERAL_NAME_get0_value(const a: PGENERAL_NAME; ptype: PIdC_INT): Pointer;
+  function GENERAL_NAME_set0_othername(gen: PGENERAL_NAME; oid: PASN1_OBJECT; value: PASN1_TYPE): TIdC_INT;
+  function GENERAL_NAME_get0_otherName(const gen: PGENERAL_NAME; poid: PPASN1_OBJECT; pvalue: PPASN1_TYPE): TIdC_INT;
+
+  //function i2s_ASN1_OCTET_STRING(method: PX509V3_EXT_METHOD; const ia5: PASN1_OCTET_STRING): PIdAnsiChar;
+  //function s2i_ASN1_OCTET_STRING(method: PX509V3_EXT_METHOD; ctx: PX509V3_CTX; const str: PIdAnsiChar): PASN1_OCTET_STRING;
+
+//  DECLARE_ASN1_FUNCTIONS(EXTENDED_KEY_USAGE)
+  function i2a_ACCESS_DESCRIPTION(bp: PBIO; const a: PACCESS_DESCRIPTION): TIdC_INT;
+
+//  DECLARE_ASN1_ALLOC_FUNCTIONS(TLS_FEATURE)
+
+//  DECLARE_ASN1_FUNCTIONS(CERTIFICATEPOLICIES)
+//  DECLARE_ASN1_FUNCTIONS(POLICYINFO)
+//  DECLARE_ASN1_FUNCTIONS(POLICYQUALINFO)
+//  DECLARE_ASN1_FUNCTIONS(USERNOTICE)
+//  DECLARE_ASN1_FUNCTIONS(NOTICEREF)
+
+//  DECLARE_ASN1_FUNCTIONS(CRL_DIST_POINTS)
+//  DECLARE_ASN1_FUNCTIONS(DIST_POINT)
+//  DECLARE_ASN1_FUNCTIONS(DIST_POINT_NAME)
+//  DECLARE_ASN1_FUNCTIONS(ISSUING_DIST_POINT)
+
+  function DIST_POINT_set_dpname(dpn: PDIST_POINT_NAME; iname: PX509_NAME): TIdC_INT;
+
+  function NAME_CONSTRAINTS_check(x: PX509; nc: PNAME_CONSTRAINTS): TIdC_INT;
+  function NAME_CONSTRAINTS_check_CN(x: PX509; nc: PNAME_CONSTRAINTS): TIdC_INT;
+
+//  DECLARE_ASN1_FUNCTIONS(ACCESS_DESCRIPTION)
+//  DECLARE_ASN1_FUNCTIONS(AUTHORITY_INFO_ACCESS)
+
+//  DECLARE_ASN1_ITEM(POLICY_MAPPING)
+//  DECLARE_ASN1_ALLOC_FUNCTIONS(POLICY_MAPPING)
+//  DECLARE_ASN1_ITEM(POLICY_MAPPINGS)
+
+//  DECLARE_ASN1_ITEM(GENERAL_SUBTREE)
+//  DECLARE_ASN1_ALLOC_FUNCTIONS(GENERAL_SUBTREE)
+
+//  DECLARE_ASN1_ITEM(NAME_CONSTRAINTS)
+//  DECLARE_ASN1_ALLOC_FUNCTIONS(NAME_CONSTRAINTS)
+
+//  DECLARE_ASN1_ALLOC_FUNCTIONS(POLICY_CONSTRAINTS)
+//  DECLARE_ASN1_ITEM(POLICY_CONSTRAINTS)
+
+  //function a2i_GENERAL_NAME(&out: PGENERAL_NAME; const method: PX509V3_EXT_METHOD; ctx: PX509V3_CTX; TIdC_INT gen_type; const value: PIdAnsiChar; is_nc: TIdC_INT): GENERAL_NAME;
+
+  //function v2i_GENERAL_NAME(const method: PX509V3_EXT_METHOD; ctx: PX509V3_CTX; cnf: PCONF_VALUE): PGENERAL_NAME;
+  //function v2i_GENERAL_NAME_ex(&out: PGENERAL_NAME; const method: PX509V3_EXT_METHOD; ctx: PX509V3_CTX; cnf: PCONF_VALUE; is_nc: TIdC_INT): PGENERAL_NAME;
+  //procedure X509V3_conf_free(val: PCONF_VALUE);
+
+  function X509V3_EXT_nconf_nid(conf: PCONF; ctx: PX509V3_CTX; ext_nid: TIdC_INT; const value: PIdAnsiChar): PX509_EXTENSION;
+  function X509V3_EXT_nconf(conf: PCONF; ctx: PX509V3_CTX; const name: PIdAnsiChar; const value: PIdAnsiChar): PX509_EXTENSION;
+//  TIdC_INT X509V3_EXT_add_nconf_sk(conf: PCONF; ctx: PX509V3_CTX; const section: PIdAnsiChar; STACK_OF(X509_EXTENSION) **sk);
+  function X509V3_EXT_add_nconf(conf: PCONF; ctx: PX509V3_CTX; const section: PIdAnsiChar; cert: PX509): TIdC_INT;
+  function X509V3_EXT_REQ_add_nconf(conf: PCONF; ctx: PX509V3_CTX; const section: PIdAnsiChar; req: PX509_REQ): TIdC_INT;
+  function X509V3_EXT_CRL_add_nconf(conf: PCONF; ctx: PX509V3_CTX; const section: PIdAnsiChar; crl: PX509_CRL): TIdC_INT;
+
+  function X509V3_EXT_conf_nid(conf: Pointer; ctx: PX509V3_CTX; ext_nid: TIdC_INT; const value: PIdAnsiChar): PX509_EXTENSION;
+//  X509_EXTENSION *X509V3_EXT_conf_nid(LHASH_OF(CONF_VALUE) *conf; ctx: PX509V3_CTX; ext_nid: TIdC_INT; const value: PIdAnsiChar);
+  function X509V3_EXT_conf(conf: Pointer; ctx: PX509V3_CTX; const name: PIdAnsiChar; const value: PIdAnsiChar): PX509_EXTENSION;
+//  X509_EXTENSION *X509V3_EXT_conf(LHASH_OF(CONF_VALUE) *conf; ctx: PX509V3_CTX; const name: PIdAnsiChar; const value: PIdAnsiChar);
+  function X509V3_EXT_add_conf(conf: Pointer; ctx: PX509V3_CTX; const section: PIdAnsiChar; cert: PX509): TIdC_INT;
+//  TIdC_INT X509V3_EXT_add_conf(LHASH_OF(CONF_VALUE) *conf; ctx: PX509V3_CTX; const section: PIdAnsiChar; cert: PX509);
+  function X509V3_EXT_REQ_add_conf(conf: Pointer; ctx: PX509V3_CTX; const section: PIdAnsiChar; req: PX509_REQ): TIdC_INT;
+//  TIdC_INT X509V3_EXT_REQ_add_conf(LHASH_OF(CONF_VALUE) *conf; ctx: PX509V3_CTX; const section: PIdAnsiChar; req: PX509_REQ);
+  function X509V3_EXT_CRL_add_conf(conf: Pointer; ctx: PX509V3_CTX; const section: PIdAnsiChar; crl: PX509_CRL): TIdC_INT;
+//  TIdC_INT X509V3_EXT_CRL_add_conf(LHASH_OF(CONF_VALUE) *conf; ctx: PX509V3_CTX; const section: PIdAnsiChar; crl: PX509_CRL);
+
+//  TIdC_INT X509V3_add_value_bool_nf(const name: PIdAnsiChar; TIdC_INT asn1_bool; STACK_OF(CONF_VALUE) **extlist);
+  //function X509V3_get_value_bool(const value: PCONF_VALUE; asn1_bool: PIdC_INT): TIdC_INT;
+  //function X509V3_get_value_int(const value: PCONF_VALUE; aint: PPASN1_INTEGER): TIdC_INT;
+  procedure X509V3_set_nconf(ctx: PX509V3_CTX; conf: PCONF);
+//  void X509V3_set_conf_lhash(ctx: PX509V3_CTX; LHASH_OF(CONF_VALUE) *lhash);
+
+  function X509V3_get_string(ctx: PX509V3_CTX; const name: PIdAnsiChar; const section: PIdAnsiChar): PIdAnsiChar;
+//  STACK_OF(CONF_VALUE) *X509V3_get_section(ctx: PX509V3_CTX; const section: PIdAnsiChar);
+  procedure X509V3_string_free(ctx: PX509V3_CTX; str: PIdAnsiChar);
+//  void X509V3_section_free(ctx: PX509V3_CTX; STACK_OF(CONF_VALUE) *section);
+  procedure X509V3_set_ctx(ctx: PX509V3_CTX; issuer: PX509; subject: PX509; req: PX509_REQ; crl: PX509_CRL; flags: TIdC_INT);
+
+//  TIdC_INT X509V3_add_value(const name: PIdAnsiChar; const value: PIdAnsiChar; STACK_OF(CONF_VALUE) **extlist);
+//  TIdC_INT X509V3_add_value_uPIdAnsiChar(const name: PIdAnsiChar; const Byte *value; STACK_OF(CONF_VALUE) **extlist);
+//  TIdC_INT X509V3_add_value_bool(const name: PIdAnsiChar; TIdC_INT asn1_bool; STACK_OF(CONF_VALUE) **extlist);
+//  TIdC_INT X509V3_add_value_int(const name: PIdAnsiChar; const aint: PASN1_INTEGER; STACK_OF(CONF_VALUE) **extlist);
+  //function i2s_ASN1_INTEGER(meth: PX509V3_EXT_METHOD; const aint: PASN1_INTEGER): PIdAnsiChar;
+  //function s2i_ASN1_INTEGER(meth: PX509V3_EXT_METHOD; const value: PIdAnsiChar): PASN1_INTEGER;
+  //function i2s_ASN1_ENUMERATED(meth: PX509V3_EXT_METHOD; const aint: PASN1_ENUMERATED): PIdAnsiChar;
+  //function i2s_ASN1_ENUMERATED_TABLE(meth: PX509V3_EXT_METHOD; const aint: PASN1_ENUMERATED): PIdAnsiChar;
+  //function X509V3_EXT_add(ext: PX509V3_EXT_METHOD): TIdC_INT;
+  //function X509V3_EXT_add_list(extlist: PX509V3_EXT_METHOD): TIdC_INT;
+  function X509V3_EXT_add_alias(nid_to: TIdC_INT; nid_from: TIdC_INT): TIdC_INT;
+  procedure X509V3_EXT_cleanup;
+
+  //function X509V3_EXT_get(ext: PX509_EXTENSION): PX509V3_EXT_METHOD;
+  //function X509V3_EXT_get_nid(nid: TIdC_INT): PX509V3_EXT_METHOD;
+  function X509V3_add_standard_extensions: TIdC_INT;
+//  STACK_OF(CONF_VALUE) *X509V3_parse_list(const line: PIdAnsiChar);
+  function X509V3_EXT_d2i(ext: PX509_EXTENSION): Pointer;
+//  void *X509V3_get_d2i(const STACK_OF(X509_EXTENSION) *x; nid: TIdC_INT; TIdC_INT *crit; TIdC_INT *idx);
+
+  function X509V3_EXT_i2d(ext_nid: TIdC_INT; crit: TIdC_INT; ext_struc: Pointer): PX509_EXTENSION;
+//  TIdC_INT X509V3_add1_i2d(STACK_OF(X509_EXTENSION) **x; nid: TIdC_INT; value: Pointer; crit: TIdC_INT; TIdC_ULONG flags);
+
+//  void X509V3_EXT_val_prn(&out: PBIO; STACK_OF(CONF_VALUE) *val; indent: TIdC_INT; TIdC_INT ml);
+  function X509V3_EXT_print(&out: PBIO; ext: PX509_EXTENSION; flag: TIdC_ULONG; indent: TIdC_INT): TIdC_INT;
+//  TIdC_INT X509V3_extensions_print(&out: PBIO; const PIdAnsiChar *title; const STACK_OF(X509_EXTENSION) *exts; flag: TIdC_ULONG; indent: TIdC_INT);
+
+  function X509_check_ca(x: PX509): TIdC_INT;
+  function X509_check_purpose(x: PX509; id: TIdC_INT; ca: TIdC_INT): TIdC_INT;
+  function X509_supported_extension(ex: PX509_EXTENSION): TIdC_INT;
+  function X509_PURPOSE_set(p: PIdC_INT; purpose: TIdC_INT): TIdC_INT;
+  function X509_check_issued(issuer: PX509; subject: PX509): TIdC_INT;
+  function X509_check_akid(issuer: PX509; akid: PAUTHORITY_KEYID): TIdC_INT;
+  procedure X509_set_proxy_flag(x: PX509);
+  procedure X509_set_proxy_pathlen(x: PX509; l: TIdC_LONG);
+  function X509_get_proxy_pathlen(x: PX509): TIdC_LONG;
+
+  function X509_get_extension_flags(x: PX509): TIdC_UINT32;
+  function X509_get_key_usage(x: PX509): TIdC_UINT32;
+  function X509_get_extended_key_usage(x: PX509): TIdC_UINT32;
+  function X509_get0_subject_key_id(x: PX509): PASN1_OCTET_STRING;
+  function X509_get0_authority_key_id(x: PX509): PASN1_OCTET_STRING;
+  //function X509_get0_authority_issuer(x: PX509): PGENERAL_NAMES;
+  function X509_get0_authority_serial(x: PX509): PASN1_INTEGER;
+
+  function X509_PURPOSE_get_count: TIdC_INT;
+  function X509_PURPOSE_get0(idx: TIdC_INT): PX509_PURPOSE;
+  function X509_PURPOSE_get_by_sname(const sname: PIdAnsiChar): TIdC_INT;
+  function X509_PURPOSE_get_by_id(id: TIdC_INT): TIdC_INT;
+//  TIdC_INT X509_PURPOSE_add(id: TIdC_INT, TIdC_INT trust, flags: TIdC_INT, TIdC_INT (*ck) (const X509_PURPOSE *, const X509 *, TIdC_INT), const name: PIdAnsiChar, const sname: PIdAnsiChar, void *arg);
+  function X509_PURPOSE_get0_name(const xp: PX509_PURPOSE): PIdAnsiChar;
+  function X509_PURPOSE_get0_sname(const xp: PX509_PURPOSE): PIdAnsiChar;
+  function X509_PURPOSE_get_trust(const xp: PX509_PURPOSE): TIdC_INT;
+  procedure X509_PURPOSE_cleanup;
+  function X509_PURPOSE_get_id(const v1: PX509_PURPOSE): TIdC_INT;
+
+//  STACK_OF(OPENSSL_STRING) *X509_get1_email(x: PX509);
+//  STACK_OF(OPENSSL_STRING) *X509_REQ_get1_email(X509_REQ *x);
+//  void X509_email_free(STACK_OF(OPENSSL_STRING) *sk);
+//  STACK_OF(OPENSSL_STRING) *X509_get1_ocsp(x: PX509);
+
+  function X509_check_host(x: PX509; const chk: PIdAnsiChar; chklen: TIdC_SIZET; flags: TIdC_UINT; peername: PPIdAnsiChar): TIdC_INT;
+  function X509_check_email(x: PX509; const chk: PIdAnsiChar; chklen: TIdC_SIZET; flags: TIdC_UINT): TIdC_INT;
+  function X509_check_ip(x: PX509; const chk: PByte; chklen: TIdC_SIZET; flags: TIdC_UINT): TIdC_INT;
+  function X509_check_ip_asc(x: PX509; const ipasc: PIdAnsiChar; flags: TIdC_UINT): TIdC_INT;
+
+  function a2i_IPADDRESS(const ipasc: PIdAnsiChar): PASN1_OCTET_STRING;
+  function a2i_IPADDRESS_NC(const ipasc: PIdAnsiChar): PASN1_OCTET_STRING;
+//  TIdC_INT X509V3_NAME_from_section(X509_NAME *nm; STACK_OF(CONF_VALUE) *dn_sk; TIdC_ULONG chtype);
+
+  procedure X509_POLICY_NODE_print(&out: PBIO; node: PX509_POLICY_NODE; indent: TIdC_INT);
+//  DEFINE_STACK_OF(X509_POLICY_NODE)
+
+  (*
+   * Utilities to construct and extract values from RFC3779 extensions,
+   * since some of the encodings (particularly for IP address prefixes
+   * and ranges) are a bit tedious to work with directly.
+   *)
+  //function X509v3_asid_add_inherit(asid: PASIdentifiers; which: TIdC_INT): TIdC_INT;
+  //function X509v3_asid_add_id_or_range(asid: PASIdentifiers; which: TIdC_INT; min: PASN1_INTEGER; max: PASN1_INTEGER): TIdC_INT;
+  //function X509v3_addr_add_inherit(addr: PIPAddrBlocks; const afi: TIdC_UINT; const safi: PIdC_UINT): TIdC_INT;
+  //function X509v3_addr_add_prefix(addr: PIPAddrBlocks; const afi: TIdC_UINT; const safi: PIdC_UINT; a: PByte; const prefixlen: TIdC_INT): TIdC_INT;
+  //function X509v3_addr_add_range(addr: PIPAddrBlocks; const afi: TIdC_UINT; const safi: PIdC_UINT; min: PByte; max: PByte): TIdC_INT;
+  //function X509v3_addr_get_afi(const f: PIPAddressFamily): TIdC_UINT;
+  function X509v3_addr_get_range(aor: PIPAddressOrRange; const afi: TIdC_UINT; min: PByte; max: Byte; const length: TIdC_INT): TIdC_INT;
+
+  (*
+   * Canonical forms.
+   *)
+  //function X509v3_asid_is_canonical(asid: PASIdentifiers): TIdC_INT;
+  //function X509v3_addr_is_canonical(addr: PIPAddrBlocks): TIdC_INT;
+  //function X509v3_asid_canonize(asid: PASIdentifiers): TIdC_INT;
+  //function X509v3_addr_canonize(addr: PIPAddrBlocks): TIdC_INT;
+
+  (*
+   * Tests for inheritance and containment.
+   *)
+  //function X509v3_asid_inherits(asid: PASIdentifiers): TIdC_INT;
+  //function X509v3_addr_inherits(addr: PIPAddrBlocks): TIdC_INT;
+  //function X509v3_asid_subset(a: PASIdentifiers; b: PASIdentifiers): TIdC_INT;
+  //function X509v3_addr_subset(a: PIPAddrBlocks; b: PIPAddrBlocks): TIdC_INT;
+
+  (*
+   * Check whether RFC 3779 extensions nest properly in chains.
+   *)
+  function X509v3_asid_validate_path(v1: PX509_STORE_CTX): TIdC_INT;
+  function X509v3_addr_validate_path(v1: PX509_STORE_CTX): TIdC_INT;
+//  TIdC_INT X509v3_asid_validate_resource_set(STACK_OF(X509) *chain; ASIdentifiers *ext; TIdC_INT allow_inheritance);
+//  TIdC_INT X509v3_addr_validate_resource_set(STACK_OF(X509) *chain; IPAddrBlocks *ext; TIdC_INT allow_inheritance);
+
+
+//  DEFINE_STACK_OF(ASN1_STRING)
+
+  (*
+   * Admission Syntax
+   *)
+  function NAMING_AUTHORITY_get0_authorityId(const n: PNAMING_AUTHORITY): PASN1_OBJECT;
+  function NAMING_AUTHORITY_get0_authorityURL(const n: PNAMING_AUTHORITY): PASN1_IA5STRING;
+  function NAMING_AUTHORITY_get0_authorityText(const n: PNAMING_AUTHORITY): PASN1_STRING;
+  procedure NAMING_AUTHORITY_set0_authorityId(n: PNAMING_AUTHORITY; namingAuthorityId: PASN1_OBJECT);
+  procedure NAMING_AUTHORITY_set0_authorityURL(n: PNAMING_AUTHORITY; namingAuthorityUrl: PASN1_IA5STRING);
+  procedure NAMING_AUTHORITY_set0_authorityText(n: PNAMING_AUTHORITY; namingAuthorityText: PASN1_STRING);
+
+  function ADMISSION_SYNTAX_get0_admissionAuthority(const &as: ADMISSION_SYNTAX): PGENERAL_NAME;
+  procedure ADMISSION_SYNTAX_set0_admissionAuthority(&as: ADMISSION_SYNTAX; aa: PGENERAL_NAME);
+//  const STACK_OF(ADMISSIONS) *ADMISSION_SYNTAX_get0_contentsOfAdmissions(const &as: ADMISSION_SYNTAX);
+//  void ADMISSION_SYNTAX_set0_contentsOfAdmissions(&as: ADMISSION_SYNTAX; STACK_OF(ADMISSIONS) *a);
+  function ADMISSIONS_get0_admissionAuthority(const a: PADMISSIONS): PGENERAL_NAME;
+  procedure ADMISSIONS_set0_admissionAuthority(a: PADMISSIONS; aa: PGENERAL_NAME);
+  function ADMISSIONS_get0_namingAuthority(const a: PADMISSIONS): PNAMING_AUTHORITY;
+  procedure ADMISSIONS_set0_namingAuthority(a: PADMISSIONS; na: PNAMING_AUTHORITY);
+  //function ADMISSIONS_get0_professionInfos(const a: PADMISSIONS): PPROFESSION_INFOS;
+  //procedure ADMISSIONS_set0_professionInfos(a: PADMISSIONS; pi: PPROFESSION_INFOS);
+  function PROFESSION_INFO_get0_addProfessionInfo(const pi: PPROFESSION_INFO): PASN1_OCTET_STRING;
+  procedure PROFESSION_INFO_set0_addProfessionInfo(pi: PPROFESSION_INFO; aos: PASN1_OCTET_STRING);
+  function PROFESSION_INFO_get0_namingAuthority(const pi: PPROFESSION_INFO): PNAMING_AUTHORITY;
+  procedure PROFESSION_INFO_set0_namingAuthority(pi: PPROFESSION_INFO; na: PNAMING_AUTHORITY);
+//  const STACK_OF(ASN1_STRING) *PROFESSION_INFO_get0_professionItems(const pi: PPROFESSION_INFO);
+//  void PROFESSION_INFO_set0_professionItems(pi: PPROFESSION_INFO; STACK_OF(ASN1_STRING) *as);
+//  const STACK_OF(ASN1_OBJECT) *PROFESSION_INFO_get0_professionOIDs(const pi: PPROFESSION_INFO);
+//  void PROFESSION_INFO_set0_professionOIDs(pi: PPROFESSION_INFO; STACK_OF(ASN1_OBJECT) *po);
+  function PROFESSION_INFO_get0_registrationNumber(const pi: PPROFESSION_INFO): PASN1_PRINTABLESTRING;
+  procedure PROFESSION_INFO_set0_registrationNumber(pi: PPROFESSION_INFO; rn: PASN1_PRINTABLESTRING);
+
+
implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_aes.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_aes.pas
new file mode 100644
index 000000000..bcb8207f1
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_aes.pas
@@ -0,0 +1,147 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 15:01:04
+
+unit IdOpenSSLHeaders_aes;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// aes.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  Classes,
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+const
+// Added '_CONST' to avoid name clashes
+  AES_ENCRYPT_CONST = 1;
+// Added '_CONST' to avoid name clashes
+  AES_DECRYPT_CONST = 0;
+  AES_MAXNR = 14;
+  AES_BLOCK_SIZE = 16;
+
+type
+  aes_key_st = record
+  // in old IdSSLOpenSSLHeaders.pas it was also TIdC_UINT ¯\_(ツ)_/¯
+//    {$IFDEF AES_LONG}
+//    rd_key: array[0..(4 * (AES_MAXNR + 1))] of TIdC_ULONG;
+//    {$ELSE}
+    rd_key: array[0..(4 * (AES_MAXNR + 1))] of TIdC_UINT;
+//    {$ENDIF}
+    rounds: TIdC_INT;
+  end;
+  AES_KEY = aes_key_st;
+  PAES_KEY = ^AES_KEY;
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+procedure UnLoad;
+{$ENDREGION}
+
+var
+  AES_options: function: PIdAnsiChar cdecl = nil;
+
+  AES_set_encrypt_key: function(const userKey: PByte; const bits: TIdC_INT; const key: PAES_KEY): TIdC_INT cdecl = nil;
+  AES_set_decrypt_key: function(const userKey: PByte; const bits: TIdC_INT; const key: PAES_KEY): TIdC_INT cdecl = nil;
+
+  AES_encrypt: procedure(const &in: PByte; &out: PByte; const key: PAES_KEY) cdecl = nil;
+  AES_decrypt: procedure(const &in: PByte; &out: PByte; const key: PAES_KEY) cdecl = nil;
+
+  AES_ecb_encrypt: procedure(const &in: PByte; &out: PByte; const key: PAES_KEY; const enc: TIdC_INT) cdecl = nil;
+  AES_cbc_encrypt: procedure(const &in: PByte; &out: PByte; length: TIdC_SIZET; const key: PAES_KEY; ivec: PByte; const enc: TIdC_INT) cdecl = nil;
+  AES_cfb128_encrypt: procedure(const &in: PByte; &out: PByte; length: TIdC_SIZET; const key: PAES_KEY; ivec: PByte; num: PIdC_INT; const enc: TIdC_INT) cdecl = nil;
+  AES_cfb1_encrypt: procedure(const &in: PByte; &out: PByte; length: TIdC_SIZET; const key: PAES_KEY; ivec: PByte; num: PIdC_INT; const enc: TIdC_INT) cdecl = nil;
+  AES_cfb8_encrypt: procedure(const &in: PByte; &out: PByte; length: TIdC_SIZET; const key: PAES_KEY; ivec: PByte; num: PIdC_INT; const enc: TIdC_INT) cdecl = nil;
+  AES_ofb128_encrypt: procedure(const &in: PByte; &out: PByte; length: TIdC_SIZET; const key: PAES_KEY; ivec: PByte; num: PIdC_INT) cdecl = nil;
+  (* NB: the IV is _two_ blocks long *)
+  AES_ige_encrypt: procedure(const &in: PByte; &out: PByte; length: TIdC_SIZET; const key: PAES_KEY; ivec: PByte; const enc: TIdC_INT) cdecl = nil;
+  (* NB: the IV is _four_ blocks long *)
+  AES_bi_ige_encrypt: procedure(const &in: PByte; &out: PByte; length: TIdC_SIZET; const key: PAES_KEY; const key2: PAES_KEY; ivec: PByte; const enc: TIdC_INT) cdecl = nil;
+
+  AES_wrap_key: function(key: PAES_KEY; const iv: PByte; &out: PByte; const &in: PByte; inlen: TIdC_UINT): TIdC_INT cdecl = nil;
+  AES_unwrap_key: function(key: PAES_KEY; const iv: PByte; &out: PByte; const &in: PByte; inlen: TIdC_UINT): TIdC_INT cdecl = nil;
+
+implementation
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+
+  function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
+  begin
+    Result := LoadLibFunction(ADllHandle, AMethodName);
+    if not Assigned(Result) then
+      AFailed.Add(AMethodName);
+  end;
+
+begin
+  AES_options := LoadFunction('AES_options', AFailed);
+  AES_set_encrypt_key := LoadFunction('AES_set_encrypt_key', AFailed);
+  AES_set_decrypt_key := LoadFunction('AES_set_decrypt_key', AFailed);
+  AES_encrypt := LoadFunction('AES_encrypt', AFailed);
+  AES_decrypt := LoadFunction('AES_decrypt', AFailed);
+  AES_ecb_encrypt := LoadFunction('AES_ecb_encrypt', AFailed);
+  AES_cbc_encrypt := LoadFunction('AES_cbc_encrypt', AFailed);
+  AES_cfb128_encrypt := LoadFunction('AES_cfb128_encrypt', AFailed);
+  AES_cfb1_encrypt := LoadFunction('AES_cfb1_encrypt', AFailed);
+  AES_cfb8_encrypt := LoadFunction('AES_cfb8_encrypt', AFailed);
+  AES_ofb128_encrypt := LoadFunction('AES_ofb128_encrypt', AFailed);
+  AES_ige_encrypt := LoadFunction('AES_ige_encrypt', AFailed);
+  AES_bi_ige_encrypt := LoadFunction('AES_bi_ige_encrypt', AFailed);
+  AES_wrap_key := LoadFunction('AES_wrap_key', AFailed);
+  AES_unwrap_key := LoadFunction('AES_unwrap_key', AFailed);
+end;
+
+procedure UnLoad;
+begin
+  AES_options := nil;
+  AES_set_encrypt_key := nil;
+  AES_set_decrypt_key := nil;
+  AES_encrypt := nil;
+  AES_decrypt := nil;
+  AES_ecb_encrypt := nil;
+  AES_cbc_encrypt := nil;
+  AES_cfb128_encrypt := nil;
+  AES_cfb1_encrypt := nil;
+  AES_cfb8_encrypt := nil;
+  AES_ofb128_encrypt := nil;
+  AES_ige_encrypt := nil;
+  AES_bi_ige_encrypt := nil;
+  AES_wrap_key := nil;
+  AES_unwrap_key := nil;
+end;
+{$ENDREGION}
+
+end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_asn1.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_asn1.pas
new file mode 100644
index 000000000..b63c916d6
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_asn1.pas
@@ -0,0 +1,1124 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 15:01:04
+
+unit IdOpenSSLHeaders_asn1;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// asn1.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  Classes,
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts,
+  IdOpenSSLHeaders_asn1t,
+  IdOpenSSLHeaders_bio,
+  IdOpenSSlHeaders_ossl_typ;
+
+{$MINENUMSIZE 4}
+
+const
+  (*
+   * NB the constants below are used internally by ASN1_INTEGER
+   * and ASN1_ENUMERATED to indicate the sign. They are *not* on
+   * the wire tag values.
+   *)
+
+  V_ASN1_NEG = $100;
+  V_ASN1_NEG_INTEGER = 2 or V_ASN1_NEG;
+  V_ASN1_NEG_ENUMERATED = 10 or V_ASN1_NEG;
+
+  (* For use with d2i_ASN1_type_bytes() *)
+  B_ASN1_NUMERICSTRING = $0001;
+  B_ASN1_PRINTABLESTRING = $0002;
+  B_ASN1_T61STRING = $0004;
+  B_ASN1_TELETEXSTRING = $0004;
+  B_ASN1_VIDEOTEXSTRING = $0008;
+  B_ASN1_IA5STRING = $0010;
+  B_ASN1_GRAPHICSTRING = $0020;
+  B_ASN1_ISO64STRING = $0040;
+  B_ASN1_VISIBLESTRING = $0040;
+  B_ASN1_GENERALSTRING = $0080;
+  B_ASN1_UNIVERSALSTRING = $0100;
+  B_ASN1_OCTET_STRING = $0200;
+  B_ASN1_BIT_STRING = $0400;
+  B_ASN1_BMPSTRING = $0800;
+  B_ASN1_UNKNOWN = $1000;
+  B_ASN1_UTF8STRING = $2000;
+  B_ASN1_UTCTIME = $4000;
+  B_ASN1_GENERALIZEDTIME = $8000;
+  B_ASN1_SEQUENCE = $10000;
+ (* For use with ASN1_mbstring_copy() *)
+  MBSTRING_FLAG = $1000;
+  MBSTRING_UTF8 = MBSTRING_FLAG;
+  MBSTRING_ASC = MBSTRING_FLAG or 1;
+  MBSTRING_BMP = MBSTRING_FLAG or 2;
+  MBSTRING_UNIV = MBSTRING_FLAG or 4;
+  SMIME_OLDMIME = $400;
+  SMIME_CRLFEOL = $800;
+  SMIME_STREAM = $1000;
+
+//    struct X509_algor_st;
+//DEFINE_STACK_OF(X509_ALGOR)
+
+  ASN1_STRING_FLAG_BITS_LEFT = $08;   (* Set if $07 has bits left value *)
+  (*
+   * This indicates that the ASN1_STRING is not a real value but just a place
+   * holder for the location where indefinite length constructed data should be
+   * inserted in the memory buffer
+   *)
+  ASN1_STRING_FLAG_NDEF = $010;
+
+  (*
+   * This flag is used by the CMS code to indicate that a string is not
+   * complete and is a place holder for content when it had all been accessed.
+   * The flag will be reset when content has been written to it.
+   *)
+
+  ASN1_STRING_FLAG_CONT = $020;
+  (*
+   * This flag is used by ASN1 code to indicate an ASN1_STRING is an MSTRING
+   * type.
+   *)
+  ASN1_STRING_FLAG_MSTRING = $040;
+  (* String is embedded and only content should be freed *)
+  ASN1_STRING_FLAG_EMBED = $080;
+  (* String should be parsed in RFC 5280's time format *)
+  ASN1_STRING_FLAG_X509_TIME = $100;
+
+  (* Used with ASN1 LONG type: if a long is set to this it is omitted *)
+  ASN1_LONG_UNDEF = TIdC_LONG($7fffffff);
+
+  STABLE_FLAGS_MALLOC = $01;
+  (*
+   * A zero passed to ASN1_STRING_TABLE_new_add for the flags is interpreted
+   * as "don't change" and STABLE_FLAGS_MALLOC is always set. By setting
+   * STABLE_FLAGS_MALLOC only we can clear the existing value. Use the alias
+   * STABLE_FLAGS_CLEAR to reflect this.
+   *)
+  STABLE_FLAGS_CLEAR = STABLE_FLAGS_MALLOC;
+  STABLE_NO_MASK = $02;
+  DIRSTRING_TYPE = B_ASN1_PRINTABLESTRING or B_ASN1_T61STRING or B_ASN1_BMPSTRING or B_ASN1_UTF8STRING;
+  PKCS9STRING_TYPE = DIRSTRING_TYPE or B_ASN1_IA5STRING;
+
+  (* size limits: this stuff is taken straight from RFC2459 *)
+  ub_name = 32768;
+  ub_common_name = 64;
+  ub_locality_name = 128;
+  ub_state_name = 128;
+  ub_organization_name = 64;
+  ub_organization_unit_name = 64;
+  ub_title = 64;
+  ub_email_address = 128;
+
+  (* Parameters used by ASN1_STRING_print_ex() *)
+
+  (*
+   * These determine which characters to escape: RFC2253 special characters,
+   * control characters and MSB set characters
+   *)
+  ASN1_STRFLGS_ESC_2253 = 1;
+  ASN1_STRFLGS_ESC_CTRL = 2;
+  ASN1_STRFLGS_ESC_MSB = 4;
+
+  (*
+   * This flag determines how we do escaping: normally RC2253 backslash only,
+   * set this to use backslash and quote.
+   *)
+
+  ASN1_STRFLGS_ESC_QUOTE = 8;
+
+  (* These three flags are internal use only. *)
+
+  (* Character is a valid PrintableString character *)
+  CHARTYPE_PRINTABLESTRING = $10;
+  (* Character needs escaping if it is the first character *)
+  CHARTYPE_FIRST_ESC_2253 = $20;
+  (* Character needs escaping if it is the last character *)
+  CHARTYPE_LAST_ESC_2253 = $40;
+
+  (*
+   * NB the internal flags are safely reused below by flags handled at the top
+   * level.
+   *)
+
+  (*
+   * If this is set we convert all character strings to UTF8 first
+   *)
+
+  ASN1_STRFLGS_UTF8_CONVERT = $10;
+
+  (*
+   * If this is set we don't attempt to interpret content: just assume all
+   * strings are 1 byte per character. This will produce some pretty odd
+   * looking output!
+   *)
+
+  ASN1_STRFLGS_IGNORE_TYPE = $20;
+
+  (* If this is set we include the string type in the output *)
+  ASN1_STRFLGS_SHOW_TYPE = $40;
+
+  (*
+   * This determines which strings to display and which to 'dump' (hex dump of
+   * content octets or DER encoding). We can only dump non character strings or
+   * everything. If we don't dump 'unknown' they are interpreted as character
+   * strings with 1 octet per character and are subject to the usual escaping
+   * options.
+   *)
+
+  ASN1_STRFLGS_DUMP_ALL = $80;
+  ASN1_STRFLGS_DUMP_UNKNOWN = $100;
+
+  (*
+   * These determine what 'dumping' does, we can dump the content octets or the
+   * DER encoding: both use the RFC2253 #XXXXX notation.
+   *)
+
+  ASN1_STRFLGS_DUMP_DER = $200;
+
+  (*
+   * This flag specifies that RC2254 escaping shall be performed.
+   *)
+
+  ASN1_STRFLGS_ESC_2254 = $400;
+
+  (*
+   * All the string flags consistent with RFC2253, escaping control characters
+   * isn't essential in RFC2253 but it is advisable anyway.
+   *)
+
+  ASN1_STRFLGS_RFC2253 = ASN1_STRFLGS_ESC_2253 or ASN1_STRFLGS_ESC_CTRL or
+    ASN1_STRFLGS_ESC_MSB or ASN1_STRFLGS_UTF8_CONVERT or
+    ASN1_STRFLGS_DUMP_UNKNOWN or ASN1_STRFLGS_DUMP_DER;
+
+  B_ASN1_TIME = B_ASN1_UTCTIME or B_ASN1_GENERALIZEDTIME;
+
+  B_ASN1_PRINTABLE = B_ASN1_NUMERICSTRING or B_ASN1_PRINTABLESTRING or
+    B_ASN1_T61STRING or B_ASN1_IA5STRING or B_ASN1_BIT_STRING or
+    B_ASN1_UNIVERSALSTRING or B_ASN1_BMPSTRING or B_ASN1_UTF8STRING or
+    B_ASN1_SEQUENCE or B_ASN1_UNKNOWN;
+
+  B_ASN1_DIRECTORYSTRING = B_ASN1_PRINTABLESTRING or B_ASN1_TELETEXSTRING or
+    B_ASN1_BMPSTRING or B_ASN1_UNIVERSALSTRING or B_ASN1_UTF8STRING;
+
+  B_ASN1_DISPLAYTEXT = B_ASN1_IA5STRING or B_ASN1_VISIBLESTRING or
+    B_ASN1_BMPSTRING or B_ASN1_UTF8STRING;
+
+  (* ASN1 Print flags *)
+  (* Indicate missing OPTIONAL fields *)
+  ASN1_PCTX_FLAGS_SHOW_ABSENT = $001;
+  (* Mark start and end of SEQUENCE *)
+  ASN1_PCTX_FLAGS_SHOW_SEQUENCE = $002;
+  (* Mark start and end of SEQUENCE/SET OF *)
+  ASN1_PCTX_FLAGS_SHOW_SSOF = $004;
+  (* Show the ASN1 type of primitives *)
+  ASN1_PCTX_FLAGS_SHOW_TYPE = $008;
+  (* Don't show ASN1 type of ANY *)
+  ASN1_PCTX_FLAGS_NO_ANY_TYPE = $010;
+  (* Don't show ASN1 type of MSTRINGs *)
+  ASN1_PCTX_FLAGS_NO_MSTRING_TYPE = $020;
+  (* Don't show field names in SEQUENCE *)
+  ASN1_PCTX_FLAGS_NO_FIELD_NAME = $040;
+  (* Show structure names of each SEQUENCE field *)
+  ASN1_PCTX_FLAGS_SHOW_FIELD_STRUCT_NAME = $080;
+  (* Don't show structure name even at top level *)
+  ASN1_PCTX_FLAGS_NO_STRUCT_NAME = $100;
+
+type
+// Moved to ossl_type to prevent circular references
+///(* This is the base type that holds just about everything :-) *)
+//  asn1_string_st = record
+//    length: TIdC_int;
+//    &type: TIdC_int;
+//    data: PByte;
+//    (*
+//     * The value of the following field depends on the type being held.  It
+//     * is mostly being used for BIT_STRING so if the input data has a
+//     * non-zero 'unused bits' value, it will be handled correctly
+//     *)
+//    flags: TIdC_long;
+//  end;
+
+  (*
+   * ASN1_ENCODING structure: this is used to save the received encoding of an
+   * ASN1 type. This is useful to get round problems with invalid encodings
+   * which can break signatures.
+   *)
+
+  ASN1_ENCODING_st = record
+    enc: PIdAnsiChar;           (* DER encoding *)
+    len: TIdC_LONG;                     (* Length of encoding *)
+    modified: TIdC_INT;                 (* set to 1 if 'enc' is invalid *)
+  end;
+  ASN1_ENCODING = ASN1_ENCODING_st;
+
+  asn1_string_table_st = record
+    nid: TIdC_INT;
+    minsize: TIdC_LONG;
+    maxsize: TIdC_LONG;
+    mask: TIdC_ULONG;
+    flags: TIdC_ULONG;
+  end;
+  ASN1_STRING_TABLE = asn1_string_table_st;
+  PASN1_STRING_TABLE = ^ASN1_STRING_TABLE;
+
+// DEFINE_STACK_OF(ASN1_STRING_TABLE)
+
+  (*                  !!!
+   * Declarations for template structures: for full definitions see asn1t.h
+   *)
+  (* This is just an opaque pointer *)
+// typedef struct ASN1_VALUE_st ASN1_VALUE;
+
+  (* Declare ASN1 functions: the implement macro in in asn1t.h *)
+
+//# define DECLARE_ASN1_FUNCTIONS(type) DECLARE_ASN1_FUNCTIONS_name(type, type)
+//
+//# define DECLARE_ASN1_ALLOC_FUNCTIONS(type) \
+//        DECLARE_ASN1_ALLOC_FUNCTIONS_name(type, type)
+//
+//# define DECLARE_ASN1_FUNCTIONS_name(type, name) \
+//        DECLARE_ASN1_ALLOC_FUNCTIONS_name(type, name) \
+//        DECLARE_ASN1_ENCODE_FUNCTIONS(type, name, name)
+//
+//# define DECLARE_ASN1_FUNCTIONS_fname(type, itname, name) \
+//        DECLARE_ASN1_ALLOC_FUNCTIONS_name(type, name) \
+//        DECLARE_ASN1_ENCODE_FUNCTIONS(type, itname, name)
+//
+//# define DECLARE_ASN1_ENCODE_FUNCTIONS(type, itname, name) \
+//        type *d2i_##name(type **a, const unsigned char **in, long len); \
+//        int i2d_##name(type *a, unsigned char **out); \
+//        DECLARE_ASN1_ITEM(itname)
+//
+//# define DECLARE_ASN1_ENCODE_FUNCTIONS_const(type, name) \
+//        type *d2i_##name(type **a, const unsigned char **in, long len); \
+//        int i2d_##name(const type *a, unsigned char **out); \
+//        DECLARE_ASN1_ITEM(name)
+//
+//# define DECLARE_ASN1_NDEF_FUNCTION(name) \
+//        int i2d_##name##_NDEF(name *a, unsigned char **out);
+//
+//# define DECLARE_ASN1_FUNCTIONS_const(name) \
+//        DECLARE_ASN1_ALLOC_FUNCTIONS(name) \
+//        DECLARE_ASN1_ENCODE_FUNCTIONS_const(name, name)
+//
+//# define DECLARE_ASN1_ALLOC_FUNCTIONS_name(type, name) \
+//        type *name##_new(void); \
+//        void name##_free(type *a);
+//
+//# define DECLARE_ASN1_PRINT_FUNCTION(stname) \
+//        DECLARE_ASN1_PRINT_FUNCTION_fname(stname, stname)
+//
+//# define DECLARE_ASN1_PRINT_FUNCTION_fname(stname, fname) \
+//        int fname##_print_ctx(BIO *out, stname *x, int indent, \
+//                                         const ASN1_PCTX *pctx);
+//
+//# define D2I_OF(type) type *(*)(type **,const unsigned char **,long)
+//# define I2D_OF(type) int (*)(type *,unsigned char **)
+//# define I2D_OF_const(type) int (*)(const type *,unsigned char **)
+//
+//# define CHECKED_D2I_OF(type, d2i) \
+//    ((d2i_of_void*) (1 ? d2i : ((D2I_OF(type))0)))
+//# define CHECKED_I2D_OF(type, i2d) \
+//    ((i2d_of_void*) (1 ? i2d : ((I2D_OF(type))0)))
+//# define CHECKED_NEW_OF(type, xnew) \
+//    ((void *(*)(void)) (1 ? xnew : ((type *(*)(void))0)))
+//# define CHECKED_PTR_OF(type, p) \
+//    ((void*) (1 ? p : (type*)0))
+//# define CHECKED_PPTR_OF(type, p) \
+//    ((void**) (1 ? p : (type**)0))
+//
+//# define TYPEDEF_D2I_OF(type) typedef type *d2i_of_##type(type **,const unsigned char **,long)
+//# define TYPEDEF_I2D_OF(type) typedef int i2d_of_##type(type *,unsigned char **)
+//# define TYPEDEF_D2I2D_OF(type) TYPEDEF_D2I_OF(type); TYPEDEF_I2D_OF(type)
+//
+//TYPEDEF_D2I2D_OF(void);
+
+  (*-
+   * The following macros and typedefs allow an ASN1_ITEM
+   * to be embedded in a structure and referenced. Since
+   * the ASN1_ITEM pointers need to be globally accessible
+   * (possibly from shared libraries) they may exist in
+   * different forms. On platforms that support it the
+   * ASN1_ITEM structure itself will be globally exported.
+   * Other platforms will export a function that returns
+   * an ASN1_ITEM pointer.
+   *
+   * To handle both cases transparently the macros below
+   * should be used instead of hard coding an ASN1_ITEM
+   * pointer in a structure.
+   *
+   * The structure will look like this:
+   *
+   * typedef struct SOMETHING_st {
+   *      ...
+   *      ASN1_ITEM_EXP *iptr;
+   *      ...
+   * } SOMETHING;
+   *
+   * It would be initialised as e.g.:
+   *
+   * SOMETHING somevar = {...,ASN1_ITEM_ref(X509),...};
+   *
+   * and the actual pointer extracted with:
+   *
+   * const ASN1_ITEM *it = ASN1_ITEM_ptr(somevar.iptr);
+   *
+   * Finally an ASN1_ITEM pointer can be extracted from an
+   * appropriate reference with: ASN1_ITEM_rptr(X509). This
+   * would be used when a function takes an ASN1_ITEM * argument.
+   *
+   *)
+		
+// # ifndef OPENSSL_EXPORT_VAR_AS_FUNCTION
+
+///(* ASN1_ITEM pointer exported type *)
+//typedef const ASN1_ITEM ASN1_ITEM_EXP;
+//
+///(* Macro to obtain ASN1_ITEM pointer from exported type *)
+//#  define ASN1_ITEM_ptr(iptr) (iptr)
+//
+// (* Macro to include ASN1_ITEM pointer from base type *)
+//#  define ASN1_ITEM_ref(iptr) (&(iptr##_it))
+//
+//#  define ASN1_ITEM_rptr(ref) (&(ref##_it))
+//
+//#  define DECLARE_ASN1_ITEM(name) \
+//        OPENSSL_EXTERN const ASN1_ITEM name##_it;
+//
+//# else
+
+// (*
+// * Platforms that can't easily handle shared global variables are declared as
+// * functions returning ASN1_ITEM pointers.
+// *)
+
+///(* ASN1_ITEM pointer exported type *)
+//typedef const ASN1_ITEM *ASN1_ITEM_EXP (void);
+//
+///(* Macro to obtain ASN1_ITEM pointer from exported type *)
+//#  define ASN1_ITEM_ptr(iptr) (iptr())
+//
+///(* Macro to include ASN1_ITEM pointer from base type *)
+//#  define ASN1_ITEM_ref(iptr) (iptr##_it)
+//
+//#  define ASN1_ITEM_rptr(ref) (ref##_it())
+//
+//#  define DECLARE_ASN1_ITEM(name) \
+//        const ASN1_ITEM * name##_it(void);
+//
+//# endif
+
+//DEFINE_STACK_OF(ASN1_INTEGER)
+//
+//DEFINE_STACK_OF(ASN1_GENERALSTRING)
+//
+//DEFINE_STACK_OF(ASN1_UTF8STRING)
+
+//DEFINE_STACK_OF(ASN1_TYPE)
+//
+//typedef STACK_OF(ASN1_TYPE) ASN1_SEQUENCE_ANY;
+//
+//DECLARE_ASN1_ENCODE_FUNCTIONS_const(ASN1_SEQUENCE_ANY, ASN1_SEQUENCE_ANY)
+//DECLARE_ASN1_ENCODE_FUNCTIONS_const(ASN1_SEQUENCE_ANY, ASN1_SET_ANY)
+
+  (* This is used to contain a list of bit names *)
+
+  BIT_STRING_BITNAME_st = record
+    bitnum: TIdC_INT;
+    lname: PIdAnsiChar;
+    sname: PIdAnsiChar;
+  end;
+  BIT_STRING_BITNAME = BIT_STRING_BITNAME_st;
+  PBIT_STRING_BITNAME = ^BIT_STRING_BITNAME;
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+procedure UnLoad;
+{$ENDREGION}
+
+var
+// DECLARE_ASN1_FUNCTIONS_fname(ASN1_TYPE, ASN1_ANY, ASN1_TYPE)
+  ASN1_TYPE_get: function(const a: PASN1_TYPE): TIdC_INT cdecl = nil;
+  ASN1_TYPE_set: procedure(a: PASN1_TYPE; &type: TIdC_INT; value: Pointer) cdecl = nil;
+  ASN1_TYPE_set1: function(a: PASN1_TYPE; &type: TIdC_INT; const value: Pointer): TIdC_INT cdecl = nil;
+  ASN1_TYPE_cmp: function(const a: PASN1_TYPE; const b: PASN1_TYPE): TIdC_INT cdecl = nil;
+
+  ASN1_TYPE_pack_sequence: function(const it: PASN1_ITEM; s: Pointer; t: PPASN1_TYPE): PASN1_TYPE cdecl = nil;
+  ASN1_TYPE_unpack_sequence: function(const it: PASN1_ITEM; const t: PASN1_TYPE): Pointer cdecl = nil;
+
+  ASN1_OBJECT_new: function: PASN1_OBJECT cdecl = nil;
+  ASN1_OBJECT_free: procedure(a: PASN1_OBJECT) cdecl = nil;
+  i2d_ASN1_OBJECT: function(const a: PASN1_OBJECT; pp: PPByte): TIdC_INT cdecl = nil;
+  d2i_ASN1_OBJECT: function(a: PPASN1_OBJECT; const pp: PPByte; length: TIdC_LONG): PASN1_OBJECT cdecl = nil;
+
+  //DECLARE_ASN1_ITEM(ASN1_OBJECT)
+  //
+  //DEFINE_STACK_OF(ASN1_OBJECT)
+
+  ASN1_STRING_new: function: PASN1_STRING cdecl = nil;
+  ASN1_STRING_free: procedure(a: PASN1_STRING) cdecl = nil;
+  ASN1_STRING_clear_free: procedure(a: PASN1_STRING) cdecl = nil;
+  ASN1_STRING_copy: function(dst: PASN1_STRING; const str: PASN1_STRING): TIdC_INT cdecl = nil;
+  ASN1_STRING_dup: function(const a: PASN1_STRING): PASN1_STRING cdecl = nil;
+  ASN1_STRING_type_new: function(&type: TIdC_INT): PASN1_STRING cdecl = nil;
+  ASN1_STRING_cmp: function(const a: PASN1_STRING; const b: PASN1_STRING): TIdC_INT cdecl = nil;
+
+  (*
+   * Since this is used to store all sorts of things, via macros, for now,
+   * make its data void *
+   *)
+  ASN1_STRING_set: function(str: PASN1_STRING; const data: Pointer; len: TIdC_INT): TIdC_INT cdecl = nil;
+  ASN1_STRING_set0: procedure(str: PASN1_STRING; data: Pointer; len: TIdC_INT) cdecl = nil;
+  ASN1_STRING_length: function(const x: PASN1_STRING): TIdC_INT cdecl = nil;
+  ASN1_STRING_length_set: procedure(x: PASN1_STRING; n: TIdC_INT) cdecl = nil;
+  ASN1_STRING_type: function(const x: PASN1_STRING): TIdC_INT cdecl = nil;
+  ASN1_STRING_get0_data: function(const x: PASN1_STRING): PByte cdecl = nil;
+
+  //DECLARE_ASN1_FUNCTIONS(ASN1_BIT_STRING)
+  ASN1_BIT_STRING_set: function(a: PASN1_BIT_STRING; d: PByte; length: TIdC_INT): TIdC_INT cdecl = nil;
+  ASN1_BIT_STRING_set_bit: function(a: PASN1_BIT_STRING; n: TIdC_INT; value: TIdC_INT): TIdC_INT cdecl = nil;
+  ASN1_BIT_STRING_get_bit: function(const a: PASN1_BIT_STRING; n: TIdC_INT): TIdC_INT cdecl = nil;
+  ASN1_BIT_STRING_check: function(const a: PASN1_BIT_STRING; const flags: PByte; flags_len: TIdC_INT): TIdC_INT cdecl = nil;
+
+  ASN1_BIT_STRING_name_print: function(&out: PBIO; bs: PASN1_BIT_STRING; tbl: PBIT_STRING_BITNAME; indent: TIdC_INT): TIdC_INT cdecl = nil;
+  ASN1_BIT_STRING_num_asc: function(const name: PIdAnsiChar; tbl: PBIT_STRING_BITNAME): TIdC_INT cdecl = nil;
+  ASN1_BIT_STRING_set_asc: function(bs: PASN1_BIT_STRING; const name: PIdAnsiChar; value: TIdC_INT; tbl: PBIT_STRING_BITNAME): TIdC_INT cdecl = nil;
+
+  //DECLARE_ASN1_FUNCTIONS(ASN1_INTEGER)
+  d2i_ASN1_UINTEGER: function(a: PPASN1_INTEGER; const pp: PPByte; length: TIdC_LONG): PASN1_INTEGER cdecl = nil;
+  ASN1_INTEGER_dup: function(const x: PASN1_INTEGER): PASN1_INTEGER cdecl = nil;
+  ASN1_INTEGER_cmp: function(const x: PASN1_INTEGER; const y: PASN1_INTEGER): TIdC_INT cdecl = nil;
+
+  // DECLARE_ASN1_FUNCTIONS(ASN1_ENUMERATED)
+
+  ASN1_UTCTIME_check: function(const a: PASN1_UTCTIME): TIdC_INT cdecl = nil;
+  ASN1_UTCTIME_set: function(s: PASN1_UTCTIME; t: TIdC_TIMET): PASN1_UTCTIME cdecl = nil;
+  ASN1_UTCTIME_adj: function(s: PASN1_UTCTIME; t: TIdC_TIMET; offset_day: TIdC_INT; offset_sec: TIdC_LONG): PASN1_UTCTIME cdecl = nil;
+  ASN1_UTCTIME_set_string: function(s: PASN1_UTCTIME; const str: PAnsiChar): TIdC_INT cdecl = nil;
+  ASN1_UTCTIME_cmp_time_t: function(const s: PASN1_UTCTIME; t: TIdC_TIMET): TIdC_INT cdecl = nil;
+
+  ASN1_GENERALIZEDTIME_check: function(const a: PASN1_GENERALIZEDTIME): TIdC_INT cdecl = nil;
+  ASN1_GENERALIZEDTIME_set: function(s: PASN1_GENERALIZEDTIME; t: TIdC_TIMET): PASN1_GENERALIZEDTIME cdecl = nil;
+  ASN1_GENERALIZEDTIME_adj: function(s: PASN1_GENERALIZEDTIME; t: TIdC_TIMET; offset_day: TIdC_INT; offset_sec: TIdC_LONG): PASN1_GENERALIZEDTIME cdecl = nil;
+  ASN1_GENERALIZEDTIME_set_string: function(s: pASN1_GENERALIZEDTIME; const str: PAnsiChar): TIdC_INT cdecl = nil;
+
+  ASN1_TIME_diff: function(pday: PIdC_INT; psec: PIdC_INT; const from: PASN1_TIME; const &to: PASN1_TIME): TIdC_INT cdecl = nil;
+
+  // DECLARE_ASN1_FUNCTIONS(ASN1_OCTET_STRING)
+  ASN1_OCTET_STRING_dup: function(const a: PASN1_OCTET_STRING): PASN1_OCTET_STRING cdecl = nil;
+  ASN1_OCTET_STRING_cmp: function(const a: PASN1_OCTET_STRING; const b: PASN1_OCTET_STRING): TIdC_INT cdecl = nil;
+  ASN1_OCTET_STRING_set: function(str: PASN1_OCTET_STRING; const data: PByte; len: TIdC_INT): TIdC_INT cdecl = nil;
+
+  //DECLARE_ASN1_FUNCTIONS(ASN1_VISIBLESTRING)
+  //DECLARE_ASN1_FUNCTIONS(ASN1_UNIVERSALSTRING)
+  //DECLARE_ASN1_FUNCTIONS(ASN1_UTF8STRING)
+  //DECLARE_ASN1_FUNCTIONS(ASN1_NULL)
+  //DECLARE_ASN1_FUNCTIONS(ASN1_BMPSTRING)
+
+  UTF8_getc: function(const str: PByte; len: TIdC_INT; val: PIdC_ULONG): TIdC_INT cdecl = nil;
+  UTF8_putc: function(str: PIdAnsiChar; len: TIdC_INT; value: TIdC_ULONG): TIdC_INT cdecl = nil;
+
+  //DECLARE_ASN1_FUNCTIONS_name(ASN1_STRING, ASN1_PRINTABLE)
+  //
+  //DECLARE_ASN1_FUNCTIONS_name(ASN1_STRING, DIRECTORYSTRING)
+  //DECLARE_ASN1_FUNCTIONS_name(ASN1_STRING, DISPLAYTEXT)
+  //DECLARE_ASN1_FUNCTIONS(ASN1_PRINTABLESTRING)
+  //DECLARE_ASN1_FUNCTIONS(ASN1_T61STRING)
+  //DECLARE_ASN1_FUNCTIONS(ASN1_IA5STRING)
+  //DECLARE_ASN1_FUNCTIONS(ASN1_GENERALSTRING)
+  //DECLARE_ASN1_FUNCTIONS(ASN1_UTCTIME)
+  //DECLARE_ASN1_FUNCTIONS(ASN1_GENERALIZEDTIME)
+  //DECLARE_ASN1_FUNCTIONS(ASN1_TIME)
+
+  // DECLARE_ASN1_ITEM(ASN1_OCTET_STRING_NDEF)
+
+  ASN1_TIME_set: function(s: PASN1_TIME; t: TIdC_TIMET): PASN1_TIME cdecl = nil;
+  ASN1_TIME_adj: function(s: PASN1_TIME; t: TIdC_TIMET; offset_day: TIdC_INT; offset_sec: TIdC_LONG): PASN1_TIME cdecl = nil;
+  ASN1_TIME_check: function(const t: PASN1_TIME): TIdC_INT cdecl = nil;
+  ASN1_TIME_to_generalizedtime: function(const t: PASN1_TIME; &out: PPASN1_GENERALIZEDTIME): PASN1_GENERALIZEDTIME cdecl = nil;
+  ASN1_TIME_set_string: function(s: PASN1_TIME; const str: PIdAnsiChar): TIdC_INT cdecl = nil;
+  ASN1_TIME_set_string_X509: function(s: PASN1_TIME; const str: PIdAnsiChar): TIdC_INT cdecl = nil;
+  ASN1_TIME_to_tm: function(const s: PASN1_TIME; tm: PIdC_TM): TIdC_INT cdecl = nil;
+  ASN1_TIME_normalize: function(s: PASN1_TIME): TIdC_INT cdecl = nil;
+  ASN1_TIME_cmp_time_t: function(const s: PASN1_TIME; t: TIdC_TIMET): TIdC_INT cdecl = nil;
+  ASN1_TIME_compare: function(const a: PASN1_TIME; const b: PASN1_TIME): TIdC_INT cdecl = nil;
+
+  i2a_ASN1_INTEGER: function(bp: PBIO; const a: PASN1_INTEGER): TIdC_INT cdecl = nil;
+  a2i_ASN1_INTEGER: function(bp: PBIO; bs: PASN1_INTEGER; buf: PIdAnsiChar; size: TIdC_INT): TIdC_INT cdecl = nil;
+  i2a_ASN1_ENUMERATED: function(bp: PBIO; const a: PASN1_ENUMERATED): TIdC_INT cdecl = nil;
+  a2i_ASN1_ENUMERATED: function(bp: PBIO; bs: PASN1_ENUMERATED; buf: PIdAnsiChar; size: TIdC_INT): TIdC_INT cdecl = nil;
+  i2a_ASN1_OBJECT: function(bp: PBIO; const a: PASN1_OBJECT): TIdC_INT cdecl = nil;
+  a2i_ASN1_STRING: function(bp: PBIO; bs: PASN1_STRING; buf: PAnsiChar; size: TIdC_INT): TIdC_INT cdecl = nil;
+  i2a_ASN1_STRING: function(bp: PBIO; const a: PASN1_STRING; &type: TIdC_INT): TIdC_INT cdecl = nil;
+  i2t_ASN1_OBJECT: function(buf: PAnsiChar; buf_len: TIdC_INT; const a: PASN1_OBJECT): TIdC_INT cdecl = nil;
+
+  a2d_ASN1_OBJECT: function(&out: PByte; olen: TIdC_INT; const buf: PIdAnsiChar; num: TIdC_INT): TIdC_INT cdecl = nil;
+  ASN1_OBJECT_create: function(nid: TIdC_INT; data: PByte; len: TIdC_INT; const sn: PAnsiChar; const ln: PAnsiChar): PASN1_OBJECT cdecl = nil;
+
+  ASN1_INTEGER_get_int64: function(pr: PIdC_Int64; const a: PASN1_INTEGER): TIdC_INT cdecl = nil;
+  ASN1_INTEGER_set_int64: function(a: PASN1_INTEGER; r: TIdC_Int64): TIdC_INT cdecl = nil;
+  ASN1_INTEGER_get_uint64: function(pr: PIdC_UInt64; const a: PASN1_INTEGER): TIdC_INT cdecl = nil;
+  ASN1_INTEGER_set_uint64: function(a: PASN1_INTEGER; r: TIdC_UInt64): TIdC_INT cdecl = nil;
+
+  ASN1_INTEGER_set: function(a: PASN1_INTEGER; v: TIdC_LONG): TIdC_INT cdecl = nil;
+  ASN1_INTEGER_get: function(const a: PASN1_INTEGER): TIdC_LONG cdecl = nil;
+  BN_to_ASN1_INTEGER: function(const bn: PBIGNUM; ai: PASN1_INTEGER): PASN1_INTEGER cdecl = nil;
+  ASN1_INTEGER_to_BN: function(const ai: PASN1_INTEGER; bn: PBIGNUM): PBIGNUM cdecl = nil;
+
+  ASN1_ENUMERATED_get_int64: function(pr: PIdC_Int64; const a: PASN1_ENUMERATED): TIdC_INT cdecl = nil;
+  ASN1_ENUMERATED_set_int64: function(a: PASN1_ENUMERATED; r: TIdC_Int64): TIdC_INT cdecl = nil;
+
+
+  ASN1_ENUMERATED_set: function(a: PASN1_ENUMERATED; v: TIdC_LONG): TIdC_INT cdecl = nil;
+  ASN1_ENUMERATED_get: function(const a: PASN1_ENUMERATED): TIdC_LONG cdecl = nil;
+  BN_to_ASN1_ENUMERATED: function(const bn: PBIGNUM; ai: PASN1_ENUMERATED): PASN1_ENUMERATED cdecl = nil;
+  ASN1_ENUMERATED_to_BN: function(const ai: PASN1_ENUMERATED; bn: PBIGNUM): PBIGNUM cdecl = nil;
+
+  (* General *)
+  (* given a string, return the correct type, max is the maximum length *)
+  ASN1_PRINTABLE_type: function(const s: PByte; max: TIdC_INT): TIdC_INT cdecl = nil;
+
+  ASN1_tag2bit: function(tag: TIdC_INT): TIdC_ULONG cdecl = nil;
+
+  (* SPECIALS *)
+  ASN1_get_object: function(const pp: PPByte; plength: PIdC_LONG; ptag: PIdC_INT; pclass: PIdC_INT; omax: TIdC_LONG): TIdC_INT cdecl = nil;
+  ASN1_check_infinite_end: function(p: PPByte; len: TIdC_LONG): TIdC_INT cdecl = nil;
+  ASN1_const_check_infinite_end: function(const p: PPByte; len: TIdC_LONG): TIdC_INT cdecl = nil;
+  ASN1_put_object: procedure(pp: PPByte; constructed: TIdC_INT; length: TIdC_INT; tag: TIdC_INT; xclass: TIdC_INT) cdecl = nil;
+  ASN1_put_eoc: function(pp: PPByte): TIdC_INT cdecl = nil;
+  ASN1_object_size: function(constructed: TIdC_INT; length: TIdC_INT; tag: TIdC_INT): TIdC_INT cdecl = nil;
+
+  (* Used to implement other functions *)
+  //void *ASN1_dup(i2d_of_void *i2d, d2i_of_void *d2i, void *x);
+  //
+  //# define ASN1_dup_of(type,i2d,d2i,x) \
+  //    ((type*)ASN1_dup(CHECKED_I2D_OF(type, i2d), \
+  //                     CHECKED_D2I_OF(type, d2i), \
+  //                     CHECKED_PTR_OF(type, x)))
+  //
+  //# define ASN1_dup_of_const(type,i2d,d2i,x) \
+  //    ((type*)ASN1_dup(CHECKED_I2D_OF(const type, i2d), \
+  //                     CHECKED_D2I_OF(type, d2i), \
+  //                     CHECKED_PTR_OF(const type, x)))
+  //
+  ASN1_item_dup: function(const it: PASN1_ITEM; x: Pointer): Pointer cdecl = nil;
+
+    (* ASN1 alloc/free macros for when a type is only used internally *)
+
+  //# define M_ASN1_new_of(type) (type *)ASN1_item_new(ASN1_ITEM_rptr(type))
+  //# define M_ASN1_free_of(x, type) \
+  //                ASN1_item_free(CHECKED_PTR_OF(type, x), ASN1_ITEM_rptr(type))
+  //
+  //# ifndef OPENSSL_NO_STDIO
+  //void *ASN1_d2i_fp(void *(*xnew) (void), d2i_of_void *d2i, FILE *in, void **x);
+
+  //#  define ASN1_d2i_fp_of(type,xnew,d2i,in,x) \
+  //    ((type*)ASN1_d2i_fp(CHECKED_NEW_OF(type, xnew), \
+  //                        CHECKED_D2I_OF(type, d2i), \
+  //                        in, \
+  //                        CHECKED_PPTR_OF(type, x)))
+  //
+  //function ASN1_item_d2i_fp(const it: PASN1_ITEM; &in: PFILE; x: Pointer): Pointer;
+  //function ASN1_i2d_fp(i2d: Pi2d_of_void; &out: PFILE; x: Pointer): TIdC_INT;
+  //
+  //#  define ASN1_i2d_fp_of(type,i2d,out,x) \
+  //    (ASN1_i2d_fp(CHECKED_I2D_OF(type, i2d), \
+  //                 out, \
+  //                 CHECKED_PTR_OF(type, x)))
+  //
+  //#  define ASN1_i2d_fp_of_const(type,i2d,out,x) \
+  //    (ASN1_i2d_fp(CHECKED_I2D_OF(const type, i2d), \
+  //                 out, \
+  //                 CHECKED_PTR_OF(const type, x)))
+  //
+  //function ASN1_item_i2d_fp(const it: PASN1_ITEM; &out: PFILE; x: Pointer): TIdC_INT;
+  //function ASN1_STRING_print_ex_fp(&fp: PFILE; const str: PASN1_STRING; flags: TIdC_ULONG): TIdC_INT;
+  //# endif
+
+  ASN1_STRING_to_UTF8: function(&out: PPByte; const &in: PASN1_STRING): TIdC_INT cdecl = nil;
+
+  //void *ASN1_d2i_bio(void *(*xnew) (void), d2i_of_void *d2i, BIO *in, void **x);
+
+  //#  define ASN1_d2i_bio_of(type,xnew,d2i,in,x) \
+  //    ((type*)ASN1_d2i_bio( CHECKED_NEW_OF(type, xnew), \
+  //                          CHECKED_D2I_OF(type, d2i), \
+  //                          in, \
+  //                          CHECKED_PPTR_OF(type, x)))
+
+  ASN1_item_d2i_bio: function(const it: PASN1_ITEM; &in: PBIO; x: Pointer): Pointer cdecl = nil;
+  ASN1_i2d_bio: function(i2d: Pi2d_of_void; &out: PBIO; x: PByte): TIdC_INT cdecl = nil;
+
+  //#  define ASN1_i2d_bio_of(type,i2d,out,x) \
+  //    (ASN1_i2d_bio(CHECKED_I2D_OF(type, i2d), \
+  //                  out, \
+  //                  CHECKED_PTR_OF(type, x)))
+  //
+  //#  define ASN1_i2d_bio_of_const(type,i2d,out,x) \
+  //    (ASN1_i2d_bio(CHECKED_I2D_OF(const type, i2d), \
+  //                  out, \
+  //                  CHECKED_PTR_OF(const type, x)))
+
+  ASN1_item_i2d_bio: function(const it: PASN1_ITEM; &out: PBIO; x: Pointer): TIdC_INT cdecl = nil;
+  ASN1_UTCTIME_print: function(fp: PBIO; const a: PASN1_UTCTIME): TIdC_INT cdecl = nil;
+  ASN1_GENERALIZEDTIME_print: function(fp: PBIO; const a: PASN1_GENERALIZEDTIME): TIdC_INT cdecl = nil;
+  ASN1_TIME_print: function(fp: PBIO; const a: PASN1_TIME): TIdC_INT cdecl = nil;
+  ASN1_STRING_print: function(bp: PBIO; const v: PASN1_STRING): TIdC_INT cdecl = nil;
+  ASN1_STRING_print_ex: function(&out: PBIO; const str: PASN1_STRING; flags: TIdC_ULONG): TIdC_INT cdecl = nil;
+  ASN1_buf_print: function(bp: PBIO; const buf: PByte; buflen: TIdC_SIZET; off: TIdC_INT): TIdC_INT cdecl = nil;
+  ASN1_bn_print: function(bp: PBIO; const number: PIdAnsiChar; const num: PBIGNUM; buf: PByte; off: TIdC_INT): TIdC_INT cdecl = nil;
+  ASN1_parse: function(bp: PBIO; const pp: PByte; len: TIdC_LONG; indent: TIdC_INT): TIdC_INT cdecl = nil;
+  ASN1_parse_dump: function(bp: PPBIO; const pp: PByte; len: TIdC_LONG; indent: TIdC_INT; dump: TIdC_INT): TIdC_INT cdecl = nil;
+  ASN1_tag2str: function(tag: TIdC_INT): PIdAnsiChar cdecl = nil;
+
+  (* Used to load and write Netscape format cert *)
+
+  ASN1_UNIVERSALSTRING_to_string: function(s: PASN1_UNIVERSALSTRING): TIdC_INT cdecl = nil;
+
+  ASN1_TYPE_set_octetstring: function(a: PASN1_TYPE; data: PByte; len: TIdC_INT): TIdC_INT cdecl = nil;
+  ASN1_TYPE_get_octetstring: function(const a: PASN1_TYPE; data: PByte; max_len: TIdC_INT): TIdC_INT cdecl = nil;
+  ASN1_TYPE_set_int_octetstring: function(a: PASN1_TYPE; num: TIdC_LONG; data: PByte; len: TIdC_INT): TIdC_INT cdecl = nil;
+  ASN1_TYPE_get_int_octetstring: function(const a: PASN1_TYPE; num: PIdC_LONG; data: PByte; max_len: TIdC_INT): TIdC_INT cdecl = nil;
+
+  ASN1_item_unpack: function(const oct: PASN1_STRING; const it: PASN1_ITEM): Pointer cdecl = nil;
+
+  ASN1_item_pack: function(obj: Pointer; const it: PASN1_ITEM; oct: PPASN1_OCTET_STRING): PASN1_STRING cdecl = nil;
+
+  ASN1_STRING_set_default_mask: procedure(mask: TIdC_ULONG) cdecl = nil;
+  ASN1_STRING_set_default_mask_asc: function(const p: PAnsiChar): TIdC_INT cdecl = nil;
+  ASN1_STRING_get_default_mask: function: TIdC_ULONG cdecl = nil;
+  ASN1_mbstring_copy: function(&out: PPASN1_STRING; const &in: PByte; len: TIdC_INT; inform: TIdC_INT; mask: TIdC_ULONG): TIdC_INT cdecl = nil;
+  ASN1_mbstring_ncopy: function(&out: PPASN1_STRING; const &in: PByte; len: TIdC_INT; inform: TIdC_INT; mask: TIdC_ULONG; minsize: TIdC_LONG; maxsize: TIdC_LONG): TIdC_INT cdecl = nil;
+
+  ASN1_STRING_set_by_NID: function(&out: PPASN1_STRING; const &in: PByte; inlen: TIdC_INT; inform: TIdC_INT; nid: TIdC_INT): PASN1_STRING cdecl = nil;
+  ASN1_STRING_TABLE_get: function(nid: TIdC_INT): PASN1_STRING_TABLE cdecl = nil;
+  ASN1_STRING_TABLE_add: function(v1: TIdC_INT; v2: TIdC_LONG; v3: TIdC_LONG; v4: TIdC_ULONG; v5: TIdC_ULONG): TIdC_INT cdecl = nil;
+  ASN1_STRING_TABLE_cleanup: procedure cdecl = nil;
+
+  (* ASN1 template functions *)
+
+  (* Old API compatible functions *)
+  ASN1_item_new: function(const it: PASN1_ITEM): PASN1_VALUE cdecl = nil;
+  ASN1_item_free: procedure(val: PASN1_VALUE; const it: PASN1_ITEM) cdecl = nil;
+  ASN1_item_d2i: function(val: PPASN1_VALUE; const &in: PPByte; len: TIdC_LONG; const it: PASN1_ITEM): PASN1_VALUE cdecl = nil;
+  ASN1_item_i2d: function(val: PASN1_VALUE; &out: PPByte; const it: PASN1_ITEM): TIdC_INT cdecl = nil;
+  ASN1_item_ndef_i2d: function(val: PASN1_VALUE; &out: PPByte; const it: PASN1_ITEM): TIdC_INT cdecl = nil;
+
+  ASN1_add_oid_module: procedure cdecl = nil;
+  ASN1_add_stable_module: procedure cdecl = nil;
+
+  ASN1_generate_nconf: function(const str: PAnsiChar; nconf: PCONF): PASN1_TYPE cdecl = nil;
+  ASN1_generate_v3: function(const str: PAnsiChar; cnf: PX509V3_CTX): PASN1_TYPE cdecl = nil;
+  ASN1_str2mask: function(const str: PByte; pmask: PIdC_ULONG): TIdC_INT cdecl = nil;
+
+  ASN1_item_print: function(&out: PBIO; ifld: PASN1_VALUE; indent: TIdC_INT; const it: PASN1_ITEM; const pctx: PASN1_PCTX): TIdC_INT cdecl = nil;
+  ASN1_PCTX_new: function: PASN1_PCTX cdecl = nil;
+  ASN1_PCTX_free: procedure(p: PASN1_PCTX) cdecl = nil;
+  ASN1_PCTX_get_flags: function(const p: PASN1_PCTX): TIdC_ULONG cdecl = nil;
+  ASN1_PCTX_set_flags: procedure(p: PASN1_PCTX; flags: TIdC_ULONG) cdecl = nil;
+  ASN1_PCTX_get_nm_flags: function(const p: PASN1_PCTX): TIdC_ULONG cdecl = nil;
+  ASN1_PCTX_set_nm_flags: procedure(p: PASN1_PCTX; flags: TIdC_ULONG) cdecl = nil;
+  ASN1_PCTX_get_cert_flags: function(const p: PASN1_PCTX): TIdC_ULONG cdecl = nil;
+  ASN1_PCTX_set_cert_flags: procedure(p: PASN1_PCTX; flags: TIdC_ULONG) cdecl = nil;
+  ASN1_PCTX_get_oid_flags: function(const p: PASN1_PCTX): TIdC_ULONG cdecl = nil;
+  ASN1_PCTX_set_oid_flags: procedure(p: PASN1_PCTX; flags: TIdC_ULONG) cdecl = nil;
+  ASN1_PCTX_get_str_flags: function(const p: PASN1_PCTX): TIdC_ULONG cdecl = nil;
+  ASN1_PCTX_set_str_flags: procedure(p: PASN1_PCTX; flags: TIdC_ULONG) cdecl = nil;
+
+  //ASN1_SCTX *ASN1_SCTX_new(int (*scan_cb) (ASN1_SCTX *ctx));
+  ASN1_SCTX_free: procedure(p: PASN1_SCTX) cdecl = nil;
+  ASN1_SCTX_get_item: function(p: PASN1_SCTX): PASN1_ITEM cdecl = nil;
+  ASN1_SCTX_get_template: function(p: PASN1_SCTX): PASN1_TEMPLATE cdecl = nil;
+  ASN1_SCTX_get_flags: function(p: PASN1_SCTX): TIdC_ULONG cdecl = nil;
+  ASN1_SCTX_set_app_data: procedure(p: PASN1_SCTX; data: Pointer) cdecl = nil;
+  ASN1_SCTX_get_app_data: function(p: PASN1_SCTX): Pointer cdecl = nil;
+
+  BIO_f_asn1: function: PBIO_METHOD cdecl = nil;
+
+  BIO_new_NDEF: function(&out: PBIO; val: PASN1_VALUE; const it: PASN1_ITEM): PBIO cdecl = nil;
+
+  i2d_ASN1_bio_stream: function(&out: PBIO; val: PASN1_VALUE; &in: PBIO; flags: TIdC_INT; const it: PASN1_ITEM): TIdC_INT cdecl = nil;
+  PEM_write_bio_ASN1_stream: function(&out: PBIO; val: PASN1_VALUE; &in: PBIO; flags: TIdC_INT; const hdr: PAnsiChar; const it: PASN1_ITEM): TIdC_INT cdecl = nil;
+  //function SMIME_write_ASN1(bio: PBIO; val: PASN1_VALUE; data: PBIO; flags: TIdC_INT;
+  //                     ctype_nid: TIdC_INT; econt_nid: TIdC_INT;
+  //                     STACK_OF(X509_ALGOR) *mdalgs, const ASN1_ITEM *it): TIdC_INT;
+  SMIME_read_ASN1: function(bio: PBIO; bcont: PPBIO; const it: PASN1_ITEM): PASN1_VALUE cdecl = nil;
+  SMIME_crlf_copy: function(&in: PBIO; &out: PBIO; flags: TIdC_INT): TIdC_INT cdecl = nil;
+  SMIME_text: function(&in: PBIO; &out: PBIO): TIdC_INT cdecl = nil;
+
+  ASN1_ITEM_lookup: function(const name: PIdAnsiChar): PASN1_ITEM cdecl = nil;
+  ASN1_ITEM_get: function(i: TIdC_SIZET): PASN1_ITEM cdecl = nil;
+
+implementation
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+
+  function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
+  begin
+    Result := LoadLibFunction(ADllHandle, AMethodName);
+    if not Assigned(Result) then
+      AFailed.Add(AMethodName);
+  end;
+
+begin
+  ASN1_TYPE_get := LoadFunction('ASN1_TYPE_get', AFailed);
+  ASN1_TYPE_set := LoadFunction('ASN1_TYPE_set', AFailed);
+  ASN1_TYPE_set1 := LoadFunction('ASN1_TYPE_set1', AFailed);
+  ASN1_TYPE_cmp := LoadFunction('ASN1_TYPE_cmp', AFailed);
+  ASN1_TYPE_pack_sequence := LoadFunction('ASN1_TYPE_pack_sequence', AFailed);
+  ASN1_TYPE_unpack_sequence := LoadFunction('ASN1_TYPE_unpack_sequence', AFailed);
+  ASN1_OBJECT_new := LoadFunction('ASN1_OBJECT_new', AFailed);
+  ASN1_OBJECT_free := LoadFunction('ASN1_OBJECT_free', AFailed);
+  i2d_ASN1_OBJECT := LoadFunction('i2d_ASN1_OBJECT', AFailed);
+  d2i_ASN1_OBJECT := LoadFunction('d2i_ASN1_OBJECT', AFailed);
+  ASN1_STRING_new := LoadFunction('ASN1_STRING_new', AFailed);
+  ASN1_STRING_free := LoadFunction('ASN1_STRING_free', AFailed);
+  ASN1_STRING_clear_free := LoadFunction('ASN1_STRING_clear_free', AFailed);
+  ASN1_STRING_copy := LoadFunction('ASN1_STRING_copy', AFailed);
+  ASN1_STRING_dup := LoadFunction('ASN1_STRING_dup', AFailed);
+  ASN1_STRING_type_new := LoadFunction('ASN1_STRING_type_new', AFailed);
+  ASN1_STRING_cmp := LoadFunction('ASN1_STRING_cmp', AFailed);
+  ASN1_STRING_set := LoadFunction('ASN1_STRING_set', AFailed);
+  ASN1_STRING_set0 := LoadFunction('ASN1_STRING_set0', AFailed);
+  ASN1_STRING_length := LoadFunction('ASN1_STRING_length', AFailed);
+  ASN1_STRING_length_set := LoadFunction('ASN1_STRING_length_set', AFailed);
+  ASN1_STRING_type := LoadFunction('ASN1_STRING_type', AFailed);
+  ASN1_STRING_get0_data := LoadFunction('ASN1_STRING_get0_data', AFailed);
+  ASN1_BIT_STRING_set := LoadFunction('ASN1_BIT_STRING_set', AFailed);
+  ASN1_BIT_STRING_set_bit := LoadFunction('ASN1_BIT_STRING_set_bit', AFailed);
+  ASN1_BIT_STRING_get_bit := LoadFunction('ASN1_BIT_STRING_get_bit', AFailed);
+  ASN1_BIT_STRING_check := LoadFunction('ASN1_BIT_STRING_check', AFailed);
+  ASN1_BIT_STRING_name_print := LoadFunction('ASN1_BIT_STRING_name_print', AFailed);
+  ASN1_BIT_STRING_num_asc := LoadFunction('ASN1_BIT_STRING_num_asc', AFailed);
+  ASN1_BIT_STRING_set_asc := LoadFunction('ASN1_BIT_STRING_set_asc', AFailed);
+  d2i_ASN1_UINTEGER := LoadFunction('d2i_ASN1_UINTEGER', AFailed);
+  ASN1_INTEGER_dup := LoadFunction('ASN1_INTEGER_dup', AFailed);
+  ASN1_INTEGER_cmp := LoadFunction('ASN1_INTEGER_cmp', AFailed);
+  ASN1_UTCTIME_check := LoadFunction('ASN1_UTCTIME_check', AFailed);
+  ASN1_UTCTIME_set := LoadFunction('ASN1_UTCTIME_set', AFailed);
+  ASN1_UTCTIME_adj := LoadFunction('ASN1_UTCTIME_adj', AFailed);
+  ASN1_UTCTIME_set_string := LoadFunction('ASN1_UTCTIME_set_string', AFailed);
+  ASN1_UTCTIME_cmp_time_t := LoadFunction('ASN1_UTCTIME_cmp_time_t', AFailed);
+  ASN1_GENERALIZEDTIME_check := LoadFunction('ASN1_GENERALIZEDTIME_check', AFailed);
+  ASN1_GENERALIZEDTIME_set := LoadFunction('ASN1_GENERALIZEDTIME_set', AFailed);
+  ASN1_GENERALIZEDTIME_adj := LoadFunction('ASN1_GENERALIZEDTIME_adj', AFailed);
+  ASN1_GENERALIZEDTIME_set_string := LoadFunction('ASN1_GENERALIZEDTIME_set_string', AFailed);
+  ASN1_TIME_diff := LoadFunction('ASN1_TIME_diff', AFailed);
+  ASN1_OCTET_STRING_dup := LoadFunction('ASN1_OCTET_STRING_dup', AFailed);
+  ASN1_OCTET_STRING_cmp := LoadFunction('ASN1_OCTET_STRING_cmp', AFailed);
+  ASN1_OCTET_STRING_set := LoadFunction('ASN1_OCTET_STRING_set', AFailed);
+  UTF8_getc := LoadFunction('UTF8_getc', AFailed);
+  UTF8_putc := LoadFunction('UTF8_putc', AFailed);
+  ASN1_TIME_set := LoadFunction('ASN1_TIME_set', AFailed);
+  ASN1_TIME_adj := LoadFunction('ASN1_TIME_adj', AFailed);
+  ASN1_TIME_check := LoadFunction('ASN1_TIME_check', AFailed);
+  ASN1_TIME_to_generalizedtime := LoadFunction('ASN1_TIME_to_generalizedtime', AFailed);
+  ASN1_TIME_set_string := LoadFunction('ASN1_TIME_set_string', AFailed);
+  ASN1_TIME_set_string_X509 := LoadFunction('ASN1_TIME_set_string_X509', AFailed);
+  ASN1_TIME_to_tm := LoadFunction('ASN1_TIME_to_tm', AFailed);
+  ASN1_TIME_normalize := LoadFunction('ASN1_TIME_normalize', AFailed);
+  ASN1_TIME_cmp_time_t := LoadFunction('ASN1_TIME_cmp_time_t', AFailed);
+  ASN1_TIME_compare := LoadFunction('ASN1_TIME_compare', AFailed);
+  i2a_ASN1_INTEGER := LoadFunction('i2a_ASN1_INTEGER', AFailed);
+  a2i_ASN1_INTEGER := LoadFunction('a2i_ASN1_INTEGER', AFailed);
+  i2a_ASN1_ENUMERATED := LoadFunction('i2a_ASN1_ENUMERATED', AFailed);
+  a2i_ASN1_ENUMERATED := LoadFunction('a2i_ASN1_ENUMERATED', AFailed);
+  i2a_ASN1_OBJECT := LoadFunction('i2a_ASN1_OBJECT', AFailed);
+  a2i_ASN1_STRING := LoadFunction('a2i_ASN1_STRING', AFailed);
+  i2a_ASN1_STRING := LoadFunction('i2a_ASN1_STRING', AFailed);
+  i2t_ASN1_OBJECT := LoadFunction('i2t_ASN1_OBJECT', AFailed);
+  a2d_ASN1_OBJECT := LoadFunction('a2d_ASN1_OBJECT', AFailed);
+  ASN1_OBJECT_create := LoadFunction('ASN1_OBJECT_create', AFailed);
+  ASN1_INTEGER_get_int64 := LoadFunction('ASN1_INTEGER_get_int64', AFailed);
+  ASN1_INTEGER_set_int64 := LoadFunction('ASN1_INTEGER_set_int64', AFailed);
+  ASN1_INTEGER_get_uint64 := LoadFunction('ASN1_INTEGER_get_uint64', AFailed);
+  ASN1_INTEGER_set_uint64 := LoadFunction('ASN1_INTEGER_set_uint64', AFailed);
+  ASN1_INTEGER_set := LoadFunction('ASN1_INTEGER_set', AFailed);
+  ASN1_INTEGER_get := LoadFunction('ASN1_INTEGER_get', AFailed);
+  BN_to_ASN1_INTEGER := LoadFunction('BN_to_ASN1_INTEGER', AFailed);
+  ASN1_INTEGER_to_BN := LoadFunction('ASN1_INTEGER_to_BN', AFailed);
+  ASN1_ENUMERATED_get_int64 := LoadFunction('ASN1_ENUMERATED_get_int64', AFailed);
+  ASN1_ENUMERATED_set_int64 := LoadFunction('ASN1_ENUMERATED_set_int64', AFailed);
+  ASN1_ENUMERATED_set := LoadFunction('ASN1_ENUMERATED_set', AFailed);
+  ASN1_ENUMERATED_get := LoadFunction('ASN1_ENUMERATED_get', AFailed);
+  BN_to_ASN1_ENUMERATED := LoadFunction('BN_to_ASN1_ENUMERATED', AFailed);
+  ASN1_ENUMERATED_to_BN := LoadFunction('ASN1_ENUMERATED_to_BN', AFailed);
+  ASN1_PRINTABLE_type := LoadFunction('ASN1_PRINTABLE_type', AFailed);
+  ASN1_tag2bit := LoadFunction('ASN1_tag2bit', AFailed);
+  ASN1_get_object := LoadFunction('ASN1_get_object', AFailed);
+  ASN1_check_infinite_end := LoadFunction('ASN1_check_infinite_end', AFailed);
+  ASN1_const_check_infinite_end := LoadFunction('ASN1_const_check_infinite_end', AFailed);
+  ASN1_put_object := LoadFunction('ASN1_put_object', AFailed);
+  ASN1_put_eoc := LoadFunction('ASN1_put_eoc', AFailed);
+  ASN1_object_size := LoadFunction('ASN1_object_size', AFailed);
+  ASN1_item_dup := LoadFunction('ASN1_item_dup', AFailed);
+  ASN1_STRING_to_UTF8 := LoadFunction('ASN1_STRING_to_UTF8', AFailed);
+  ASN1_item_d2i_bio := LoadFunction('ASN1_item_d2i_bio', AFailed);
+  ASN1_i2d_bio := LoadFunction('ASN1_i2d_bio', AFailed);
+  ASN1_item_i2d_bio := LoadFunction('ASN1_item_i2d_bio', AFailed);
+  ASN1_UTCTIME_print := LoadFunction('ASN1_UTCTIME_print', AFailed);
+  ASN1_GENERALIZEDTIME_print := LoadFunction('ASN1_GENERALIZEDTIME_print', AFailed);
+  ASN1_TIME_print := LoadFunction('ASN1_TIME_print', AFailed);
+  ASN1_STRING_print := LoadFunction('ASN1_STRING_print', AFailed);
+  ASN1_STRING_print_ex := LoadFunction('ASN1_STRING_print_ex', AFailed);
+  ASN1_buf_print := LoadFunction('ASN1_buf_print', AFailed);
+  ASN1_bn_print := LoadFunction('ASN1_bn_print', AFailed);
+  ASN1_parse := LoadFunction('ASN1_parse', AFailed);
+  ASN1_parse_dump := LoadFunction('ASN1_parse_dump', AFailed);
+  ASN1_tag2str := LoadFunction('ASN1_tag2str', AFailed);
+  ASN1_UNIVERSALSTRING_to_string := LoadFunction('ASN1_UNIVERSALSTRING_to_string', AFailed);
+  ASN1_TYPE_set_octetstring := LoadFunction('ASN1_TYPE_set_octetstring', AFailed);
+  ASN1_TYPE_get_octetstring := LoadFunction('ASN1_TYPE_get_octetstring', AFailed);
+  ASN1_TYPE_set_int_octetstring := LoadFunction('ASN1_TYPE_set_int_octetstring', AFailed);
+  ASN1_TYPE_get_int_octetstring := LoadFunction('ASN1_TYPE_get_int_octetstring', AFailed);
+  ASN1_item_unpack := LoadFunction('ASN1_item_unpack', AFailed);
+  ASN1_item_pack := LoadFunction('ASN1_item_pack', AFailed);
+  ASN1_STRING_set_default_mask := LoadFunction('ASN1_STRING_set_default_mask', AFailed);
+  ASN1_STRING_set_default_mask_asc := LoadFunction('ASN1_STRING_set_default_mask_asc', AFailed);
+  ASN1_STRING_get_default_mask := LoadFunction('ASN1_STRING_get_default_mask', AFailed);
+  ASN1_mbstring_copy := LoadFunction('ASN1_mbstring_copy', AFailed);
+  ASN1_mbstring_ncopy := LoadFunction('ASN1_mbstring_ncopy', AFailed);
+  ASN1_STRING_set_by_NID := LoadFunction('ASN1_STRING_set_by_NID', AFailed);
+  ASN1_STRING_TABLE_get := LoadFunction('ASN1_STRING_TABLE_get', AFailed);
+  ASN1_STRING_TABLE_add := LoadFunction('ASN1_STRING_TABLE_add', AFailed);
+  ASN1_STRING_TABLE_cleanup := LoadFunction('ASN1_STRING_TABLE_cleanup', AFailed);
+  ASN1_item_new := LoadFunction('ASN1_item_new', AFailed);
+  ASN1_item_free := LoadFunction('ASN1_item_free', AFailed);
+  ASN1_item_d2i := LoadFunction('ASN1_item_d2i', AFailed);
+  ASN1_item_i2d := LoadFunction('ASN1_item_i2d', AFailed);
+  ASN1_item_ndef_i2d := LoadFunction('ASN1_item_ndef_i2d', AFailed);
+  ASN1_add_oid_module := LoadFunction('ASN1_add_oid_module', AFailed);
+  ASN1_add_stable_module := LoadFunction('ASN1_add_stable_module', AFailed);
+  ASN1_generate_nconf := LoadFunction('ASN1_generate_nconf', AFailed);
+  ASN1_generate_v3 := LoadFunction('ASN1_generate_v3', AFailed);
+  ASN1_str2mask := LoadFunction('ASN1_str2mask', AFailed);
+  ASN1_item_print := LoadFunction('ASN1_item_print', AFailed);
+  ASN1_PCTX_new := LoadFunction('ASN1_PCTX_new', AFailed);
+  ASN1_PCTX_free := LoadFunction('ASN1_PCTX_free', AFailed);
+  ASN1_PCTX_get_flags := LoadFunction('ASN1_PCTX_get_flags', AFailed);
+  ASN1_PCTX_set_flags := LoadFunction('ASN1_PCTX_set_flags', AFailed);
+  ASN1_PCTX_get_nm_flags := LoadFunction('ASN1_PCTX_get_nm_flags', AFailed);
+  ASN1_PCTX_set_nm_flags := LoadFunction('ASN1_PCTX_set_nm_flags', AFailed);
+  ASN1_PCTX_get_cert_flags := LoadFunction('ASN1_PCTX_get_cert_flags', AFailed);
+  ASN1_PCTX_set_cert_flags := LoadFunction('ASN1_PCTX_set_cert_flags', AFailed);
+  ASN1_PCTX_get_oid_flags := LoadFunction('ASN1_PCTX_get_oid_flags', AFailed);
+  ASN1_PCTX_set_oid_flags := LoadFunction('ASN1_PCTX_set_oid_flags', AFailed);
+  ASN1_PCTX_get_str_flags := LoadFunction('ASN1_PCTX_get_str_flags', AFailed);
+  ASN1_PCTX_set_str_flags := LoadFunction('ASN1_PCTX_set_str_flags', AFailed);
+  ASN1_SCTX_free := LoadFunction('ASN1_SCTX_free', AFailed);
+  ASN1_SCTX_get_item := LoadFunction('ASN1_SCTX_get_item', AFailed);
+  ASN1_SCTX_get_template := LoadFunction('ASN1_SCTX_get_template', AFailed);
+  ASN1_SCTX_get_flags := LoadFunction('ASN1_SCTX_get_flags', AFailed);
+  ASN1_SCTX_set_app_data := LoadFunction('ASN1_SCTX_set_app_data', AFailed);
+  ASN1_SCTX_get_app_data := LoadFunction('ASN1_SCTX_get_app_data', AFailed);
+  BIO_f_asn1 := LoadFunction('BIO_f_asn1', AFailed);
+  BIO_new_NDEF := LoadFunction('BIO_new_NDEF', AFailed);
+  i2d_ASN1_bio_stream := LoadFunction('i2d_ASN1_bio_stream', AFailed);
+  PEM_write_bio_ASN1_stream := LoadFunction('PEM_write_bio_ASN1_stream', AFailed);
+  SMIME_read_ASN1 := LoadFunction('SMIME_read_ASN1', AFailed);
+  SMIME_crlf_copy := LoadFunction('SMIME_crlf_copy', AFailed);
+  SMIME_text := LoadFunction('SMIME_text', AFailed);
+  ASN1_ITEM_lookup := LoadFunction('ASN1_ITEM_lookup', AFailed);
+  ASN1_ITEM_get := LoadFunction('ASN1_ITEM_get', AFailed);
+end;
+
+procedure UnLoad;
+begin
+  ASN1_TYPE_get := nil;
+  ASN1_TYPE_set := nil;
+  ASN1_TYPE_set1 := nil;
+  ASN1_TYPE_cmp := nil;
+  ASN1_TYPE_pack_sequence := nil;
+  ASN1_TYPE_unpack_sequence := nil;
+  ASN1_OBJECT_new := nil;
+  ASN1_OBJECT_free := nil;
+  i2d_ASN1_OBJECT := nil;
+  d2i_ASN1_OBJECT := nil;
+  ASN1_STRING_new := nil;
+  ASN1_STRING_free := nil;
+  ASN1_STRING_clear_free := nil;
+  ASN1_STRING_copy := nil;
+  ASN1_STRING_dup := nil;
+  ASN1_STRING_type_new := nil;
+  ASN1_STRING_cmp := nil;
+  ASN1_STRING_set := nil;
+  ASN1_STRING_set0 := nil;
+  ASN1_STRING_length := nil;
+  ASN1_STRING_length_set := nil;
+  ASN1_STRING_type := nil;
+  ASN1_STRING_get0_data := nil;
+  ASN1_BIT_STRING_set := nil;
+  ASN1_BIT_STRING_set_bit := nil;
+  ASN1_BIT_STRING_get_bit := nil;
+  ASN1_BIT_STRING_check := nil;
+  ASN1_BIT_STRING_name_print := nil;
+  ASN1_BIT_STRING_num_asc := nil;
+  ASN1_BIT_STRING_set_asc := nil;
+  d2i_ASN1_UINTEGER := nil;
+  ASN1_INTEGER_dup := nil;
+  ASN1_INTEGER_cmp := nil;
+  ASN1_UTCTIME_check := nil;
+  ASN1_UTCTIME_set := nil;
+  ASN1_UTCTIME_adj := nil;
+  ASN1_UTCTIME_set_string := nil;
+  ASN1_UTCTIME_cmp_time_t := nil;
+  ASN1_GENERALIZEDTIME_check := nil;
+  ASN1_GENERALIZEDTIME_set := nil;
+  ASN1_GENERALIZEDTIME_adj := nil;
+  ASN1_GENERALIZEDTIME_set_string := nil;
+  ASN1_TIME_diff := nil;
+  ASN1_OCTET_STRING_dup := nil;
+  ASN1_OCTET_STRING_cmp := nil;
+  ASN1_OCTET_STRING_set := nil;
+  UTF8_getc := nil;
+  UTF8_putc := nil;
+  ASN1_TIME_set := nil;
+  ASN1_TIME_adj := nil;
+  ASN1_TIME_check := nil;
+  ASN1_TIME_to_generalizedtime := nil;
+  ASN1_TIME_set_string := nil;
+  ASN1_TIME_set_string_X509 := nil;
+  ASN1_TIME_to_tm := nil;
+  ASN1_TIME_normalize := nil;
+  ASN1_TIME_cmp_time_t := nil;
+  ASN1_TIME_compare := nil;
+  i2a_ASN1_INTEGER := nil;
+  a2i_ASN1_INTEGER := nil;
+  i2a_ASN1_ENUMERATED := nil;
+  a2i_ASN1_ENUMERATED := nil;
+  i2a_ASN1_OBJECT := nil;
+  a2i_ASN1_STRING := nil;
+  i2a_ASN1_STRING := nil;
+  i2t_ASN1_OBJECT := nil;
+  a2d_ASN1_OBJECT := nil;
+  ASN1_OBJECT_create := nil;
+  ASN1_INTEGER_get_int64 := nil;
+  ASN1_INTEGER_set_int64 := nil;
+  ASN1_INTEGER_get_uint64 := nil;
+  ASN1_INTEGER_set_uint64 := nil;
+  ASN1_INTEGER_set := nil;
+  ASN1_INTEGER_get := nil;
+  BN_to_ASN1_INTEGER := nil;
+  ASN1_INTEGER_to_BN := nil;
+  ASN1_ENUMERATED_get_int64 := nil;
+  ASN1_ENUMERATED_set_int64 := nil;
+  ASN1_ENUMERATED_set := nil;
+  ASN1_ENUMERATED_get := nil;
+  BN_to_ASN1_ENUMERATED := nil;
+  ASN1_ENUMERATED_to_BN := nil;
+  ASN1_PRINTABLE_type := nil;
+  ASN1_tag2bit := nil;
+  ASN1_get_object := nil;
+  ASN1_check_infinite_end := nil;
+  ASN1_const_check_infinite_end := nil;
+  ASN1_put_object := nil;
+  ASN1_put_eoc := nil;
+  ASN1_object_size := nil;
+  ASN1_item_dup := nil;
+  ASN1_STRING_to_UTF8 := nil;
+  ASN1_item_d2i_bio := nil;
+  ASN1_i2d_bio := nil;
+  ASN1_item_i2d_bio := nil;
+  ASN1_UTCTIME_print := nil;
+  ASN1_GENERALIZEDTIME_print := nil;
+  ASN1_TIME_print := nil;
+  ASN1_STRING_print := nil;
+  ASN1_STRING_print_ex := nil;
+  ASN1_buf_print := nil;
+  ASN1_bn_print := nil;
+  ASN1_parse := nil;
+  ASN1_parse_dump := nil;
+  ASN1_tag2str := nil;
+  ASN1_UNIVERSALSTRING_to_string := nil;
+  ASN1_TYPE_set_octetstring := nil;
+  ASN1_TYPE_get_octetstring := nil;
+  ASN1_TYPE_set_int_octetstring := nil;
+  ASN1_TYPE_get_int_octetstring := nil;
+  ASN1_item_unpack := nil;
+  ASN1_item_pack := nil;
+  ASN1_STRING_set_default_mask := nil;
+  ASN1_STRING_set_default_mask_asc := nil;
+  ASN1_STRING_get_default_mask := nil;
+  ASN1_mbstring_copy := nil;
+  ASN1_mbstring_ncopy := nil;
+  ASN1_STRING_set_by_NID := nil;
+  ASN1_STRING_TABLE_get := nil;
+  ASN1_STRING_TABLE_add := nil;
+  ASN1_STRING_TABLE_cleanup := nil;
+  ASN1_item_new := nil;
+  ASN1_item_free := nil;
+  ASN1_item_d2i := nil;
+  ASN1_item_i2d := nil;
+  ASN1_item_ndef_i2d := nil;
+  ASN1_add_oid_module := nil;
+  ASN1_add_stable_module := nil;
+  ASN1_generate_nconf := nil;
+  ASN1_generate_v3 := nil;
+  ASN1_str2mask := nil;
+  ASN1_item_print := nil;
+  ASN1_PCTX_new := nil;
+  ASN1_PCTX_free := nil;
+  ASN1_PCTX_get_flags := nil;
+  ASN1_PCTX_set_flags := nil;
+  ASN1_PCTX_get_nm_flags := nil;
+  ASN1_PCTX_set_nm_flags := nil;
+  ASN1_PCTX_get_cert_flags := nil;
+  ASN1_PCTX_set_cert_flags := nil;
+  ASN1_PCTX_get_oid_flags := nil;
+  ASN1_PCTX_set_oid_flags := nil;
+  ASN1_PCTX_get_str_flags := nil;
+  ASN1_PCTX_set_str_flags := nil;
+  ASN1_SCTX_free := nil;
+  ASN1_SCTX_get_item := nil;
+  ASN1_SCTX_get_template := nil;
+  ASN1_SCTX_get_flags := nil;
+  ASN1_SCTX_set_app_data := nil;
+  ASN1_SCTX_get_app_data := nil;
+  BIO_f_asn1 := nil;
+  BIO_new_NDEF := nil;
+  i2d_ASN1_bio_stream := nil;
+  PEM_write_bio_ASN1_stream := nil;
+  SMIME_read_ASN1 := nil;
+  SMIME_crlf_copy := nil;
+  SMIME_text := nil;
+  ASN1_ITEM_lookup := nil;
+  ASN1_ITEM_get := nil;
+end;
+{$ENDREGION}
+
+end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_asn1_mac.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_asn1_mac.pas
new file mode 100644
index 000000000..abb843536
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_asn1_mac.pas
@@ -0,0 +1,46 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 15:01:04
+
+unit IdOpenSSLHeaders_asn1_mac;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// asn1_mac.h
+
+{.$i IdCompilerDefines.inc}
+
+//#error "This file is obsolete; please update your software."
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_asn1err.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_asn1err.pas
new file mode 100644
index 000000000..d63beac78
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_asn1err.pas
@@ -0,0 +1,309 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 15:01:04
+
+unit IdOpenSSLHeaders_asn1err;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// asn1err.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  Classes,
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+const
+
+// ASN1 function codes.
+  ASN1_F_A2D_ASN1_OBJECT                          = 100;
+  ASN1_F_A2I_ASN1_INTEGER                         = 102;
+  ASN1_F_A2I_ASN1_STRING                          = 103;
+  ASN1_F_APPEND_EXP                               = 176;
+  ASN1_F_ASN1_BIO_INIT                            = 113;
+  ASN1_F_ASN1_BIT_STRING_SET_BIT                  = 183;
+  ASN1_F_ASN1_CB                                  = 177;
+  ASN1_F_ASN1_CHECK_TLEN                          = 104;
+  ASN1_F_ASN1_COLLECT                             = 106;
+  ASN1_F_ASN1_D2I_EX_PRIMITIVE                    = 108;
+  ASN1_F_ASN1_D2I_FP                              = 109;
+  ASN1_F_ASN1_D2I_READ_BIO                        = 107;
+  ASN1_F_ASN1_DIGEST                              = 184;
+  ASN1_F_ASN1_DO_ADB                              = 110;
+  ASN1_F_ASN1_DO_LOCK                             = 233;
+  ASN1_F_ASN1_DUP                                 = 111;
+  ASN1_F_ASN1_ENC_SAVE                            = 115;
+  ASN1_F_ASN1_EX_C2I                              = 204;
+  ASN1_F_ASN1_FIND_END                            = 190;
+  ASN1_F_ASN1_GENERALIZEDTIME_ADJ                 = 216;
+  ASN1_F_ASN1_GENERATE_V3                         = 178;
+  ASN1_F_ASN1_GET_INT64                           = 224;
+  ASN1_F_ASN1_GET_OBJECT                          = 114;
+  ASN1_F_ASN1_GET_UINT64                          = 225;
+  ASN1_F_ASN1_I2D_BIO                             = 116;
+  ASN1_F_ASN1_I2D_FP                              = 117;
+  ASN1_F_ASN1_ITEM_D2I_FP                         = 206;
+  ASN1_F_ASN1_ITEM_DUP                            = 191;
+  ASN1_F_ASN1_ITEM_EMBED_D2I                      = 120;
+  ASN1_F_ASN1_ITEM_EMBED_NEW                      = 121;
+  ASN1_F_ASN1_ITEM_FLAGS_I2D                      = 118;
+  ASN1_F_ASN1_ITEM_I2D_BIO                        = 192;
+  ASN1_F_ASN1_ITEM_I2D_FP                         = 193;
+  ASN1_F_ASN1_ITEM_PACK                           = 198;
+  ASN1_F_ASN1_ITEM_SIGN                           = 195;
+  ASN1_F_ASN1_ITEM_SIGN_CTX                       = 220;
+  ASN1_F_ASN1_ITEM_UNPACK                         = 199;
+  ASN1_F_ASN1_ITEM_VERIFY                         = 197;
+  ASN1_F_ASN1_MBSTRING_NCOPY                      = 122;
+  ASN1_F_ASN1_OBJECT_NEW                          = 123;
+  ASN1_F_ASN1_OUTPUT_DATA                         = 214;
+  ASN1_F_ASN1_PCTX_NEW                            = 205;
+  ASN1_F_ASN1_PRIMITIVE_NEW                       = 119;
+  ASN1_F_ASN1_SCTX_NEW                            = 221;
+  ASN1_F_ASN1_SIGN                                = 128;
+  ASN1_F_ASN1_STR2TYPE                            = 179;
+  ASN1_F_ASN1_STRING_GET_INT64                    = 227;
+  ASN1_F_ASN1_STRING_GET_UINT64                   = 230;
+  ASN1_F_ASN1_STRING_SET                          = 186;
+  ASN1_F_ASN1_STRING_TABLE_ADD                    = 129;
+  ASN1_F_ASN1_STRING_TO_BN                        = 228;
+  ASN1_F_ASN1_STRING_TYPE_NEW                     = 130;
+  ASN1_F_ASN1_TEMPLATE_EX_D2I                     = 132;
+  ASN1_F_ASN1_TEMPLATE_NEW                        = 133;
+  ASN1_F_ASN1_TEMPLATE_NOEXP_D2I                  = 131;
+  ASN1_F_ASN1_TIME_ADJ                            = 217;
+  ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING            = 134;
+  ASN1_F_ASN1_TYPE_GET_OCTETSTRING                = 135;
+  ASN1_F_ASN1_UTCTIME_ADJ                         = 218;
+  ASN1_F_ASN1_VERIFY                              = 137;
+  ASN1_F_B64_READ_ASN1                            = 209;
+  ASN1_F_B64_WRITE_ASN1                           = 210;
+  ASN1_F_BIO_NEW_NDEF                             = 208;
+  ASN1_F_BITSTR_CB                                = 180;
+  ASN1_F_BN_TO_ASN1_STRING                        = 229;
+  ASN1_F_C2I_ASN1_BIT_STRING                      = 189;
+  ASN1_F_C2I_ASN1_INTEGER                         = 194;
+  ASN1_F_C2I_ASN1_OBJECT                          = 196;
+  ASN1_F_C2I_IBUF                                 = 226;
+  ASN1_F_C2I_UINT64_INT                           = 101;
+  ASN1_F_COLLECT_DATA                             = 140;
+  ASN1_F_D2I_ASN1_OBJECT                          = 147;
+  ASN1_F_D2I_ASN1_UINTEGER                        = 150;
+  ASN1_F_D2I_AUTOPRIVATEKEY                       = 207;
+  ASN1_F_D2I_PRIVATEKEY                           = 154;
+  ASN1_F_D2I_PUBLICKEY                            = 155;
+  ASN1_F_DO_BUF                                   = 142;
+  ASN1_F_DO_CREATE                                = 124;
+  ASN1_F_DO_DUMP                                  = 125;
+  ASN1_F_DO_TCREATE                               = 222;
+  ASN1_F_I2A_ASN1_OBJECT                          = 126;
+  ASN1_F_I2D_ASN1_BIO_STREAM                      = 211;
+  ASN1_F_I2D_ASN1_OBJECT                          = 143;
+  ASN1_F_I2D_DSA_PUBKEY                           = 161;
+  ASN1_F_I2D_EC_PUBKEY                            = 181;
+  ASN1_F_I2D_PRIVATEKEY                           = 163;
+  ASN1_F_I2D_PUBLICKEY                            = 164;
+  ASN1_F_I2D_RSA_PUBKEY                           = 165;
+  ASN1_F_LONG_C2I                                 = 166;
+  ASN1_F_NDEF_PREFIX                              = 127;
+  ASN1_F_NDEF_SUFFIX                              = 136;
+  ASN1_F_OID_MODULE_INIT                          = 174;
+  ASN1_F_PARSE_TAGGING                            = 182;
+  ASN1_F_PKCS5_PBE2_SET_IV                        = 167;
+  ASN1_F_PKCS5_PBE2_SET_SCRYPT                    = 231;
+  ASN1_F_PKCS5_PBE_SET                            = 202;
+  ASN1_F_PKCS5_PBE_SET0_ALGOR                     = 215;
+  ASN1_F_PKCS5_PBKDF2_SET                         = 219;
+  ASN1_F_PKCS5_SCRYPT_SET                         = 232;
+  ASN1_F_SMIME_READ_ASN1                          = 212;
+  ASN1_F_SMIME_TEXT                               = 213;
+  ASN1_F_STABLE_GET                               = 138;
+  ASN1_F_STBL_MODULE_INIT                         = 223;
+  ASN1_F_UINT32_C2I                               = 105;
+  ASN1_F_UINT32_NEW                               = 139;
+  ASN1_F_UINT64_C2I                               = 112;
+  ASN1_F_UINT64_NEW                               = 141;
+  ASN1_F_X509_CRL_ADD0_REVOKED                    = 169;
+  ASN1_F_X509_INFO_NEW                            = 170;
+  ASN1_F_X509_NAME_ENCODE                         = 203;
+  ASN1_F_X509_NAME_EX_D2I                         = 158;
+  ASN1_F_X509_NAME_EX_NEW                         = 171;
+  ASN1_F_X509_PKEY_NEW                            = 173;
+
+// ASN1 reason codes.
+  ASN1_R_ADDING_OBJECT                            = 171;
+  ASN1_R_ASN1_PARSE_ERROR                         = 203;
+  ASN1_R_ASN1_SIG_PARSE_ERROR                     = 204;
+  ASN1_R_AUX_ERROR                                = 100;
+  ASN1_R_BAD_OBJECT_HEADER                        = 102;
+  ASN1_R_BMPSTRING_IS_WRONG_LENGTH                = 214;
+  ASN1_R_BN_LIB                                   = 105;
+  ASN1_R_BOOLEAN_IS_WRONG_LENGTH                  = 106;
+  ASN1_R_BUFFER_TOO_SMALL                         = 107;
+  ASN1_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER          = 108;
+  ASN1_R_CONTEXT_NOT_INITIALISED                  = 217;
+  ASN1_R_DATA_IS_WRONG                            = 109;
+  ASN1_R_DECODE_ERROR                             = 110;
+  ASN1_R_DEPTH_EXCEEDED                           = 174;
+  ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED        = 198;
+  ASN1_R_ENCODE_ERROR                             = 112;
+  ASN1_R_ERROR_GETTING_TIME                       = 173;
+  ASN1_R_ERROR_LOADING_SECTION                    = 172;
+  ASN1_R_ERROR_SETTING_CIPHER_PARAMS              = 114;
+  ASN1_R_EXPECTING_AN_INTEGER                     = 115;
+  ASN1_R_EXPECTING_AN_OBJECT                      = 116;
+  ASN1_R_EXPLICIT_LENGTH_MISMATCH                 = 119;
+  ASN1_R_EXPLICIT_TAG_NOT_CONSTRUCTED             = 120;
+  ASN1_R_FIELD_MISSING                            = 121;
+  ASN1_R_FIRST_NUM_TOO_LARGE                      = 122;
+  ASN1_R_HEADER_TOO_LONG                          = 123;
+  ASN1_R_ILLEGAL_BITSTRING_FORMAT                 = 175;
+  ASN1_R_ILLEGAL_BOOLEAN                          = 176;
+  ASN1_R_ILLEGAL_CHARACTERS                       = 124;
+  ASN1_R_ILLEGAL_FORMAT                           = 177;
+  ASN1_R_ILLEGAL_HEX                              = 178;
+  ASN1_R_ILLEGAL_IMPLICIT_TAG                     = 179;
+  ASN1_R_ILLEGAL_INTEGER                          = 180;
+  ASN1_R_ILLEGAL_NEGATIVE_VALUE                   = 226;
+  ASN1_R_ILLEGAL_NESTED_TAGGING                   = 181;
+  ASN1_R_ILLEGAL_NULL                             = 125;
+  ASN1_R_ILLEGAL_NULL_VALUE                       = 182;
+  ASN1_R_ILLEGAL_OBJECT                           = 183;
+  ASN1_R_ILLEGAL_OPTIONAL_ANY                     = 126;
+  ASN1_R_ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE         = 170;
+  ASN1_R_ILLEGAL_PADDING                          = 221;
+  ASN1_R_ILLEGAL_TAGGED_ANY                       = 127;
+  ASN1_R_ILLEGAL_TIME_VALUE                       = 184;
+  ASN1_R_ILLEGAL_ZERO_CONTENT                     = 222;
+  ASN1_R_INTEGER_NOT_ASCII_FORMAT                 = 185;
+  ASN1_R_INTEGER_TOO_LARGE_FOR_LONG               = 128;
+  ASN1_R_INVALID_BIT_STRING_BITS_LEFT             = 220;
+  ASN1_R_INVALID_BMPSTRING_LENGTH                 = 129;
+  ASN1_R_INVALID_DIGIT                            = 130;
+  ASN1_R_INVALID_MIME_TYPE                        = 205;
+  ASN1_R_INVALID_MODIFIER                         = 186;
+  ASN1_R_INVALID_NUMBER                           = 187;
+  ASN1_R_INVALID_OBJECT_ENCODING                  = 216;
+  ASN1_R_INVALID_SCRYPT_PARAMETERS                = 227;
+  ASN1_R_INVALID_SEPARATOR                        = 131;
+  ASN1_R_INVALID_STRING_TABLE_VALUE               = 218;
+  ASN1_R_INVALID_UNIVERSALSTRING_LENGTH           = 133;
+  ASN1_R_INVALID_UTF8STRING                       = 134;
+  ASN1_R_INVALID_VALUE                            = 219;
+  ASN1_R_LIST_ERROR                               = 188;
+  ASN1_R_MIME_NO_CONTENT_TYPE                     = 206;
+  ASN1_R_MIME_PARSE_ERROR                         = 207;
+  ASN1_R_MIME_SIG_PARSE_ERROR                     = 208;
+  ASN1_R_MISSING_EOC                              = 137;
+  ASN1_R_MISSING_SECOND_NUMBER                    = 138;
+  ASN1_R_MISSING_VALUE                            = 189;
+  ASN1_R_MSTRING_NOT_UNIVERSAL                    = 139;
+  ASN1_R_MSTRING_WRONG_TAG                        = 140;
+  ASN1_R_NESTED_ASN1_STRING                       = 197;
+  ASN1_R_NESTED_TOO_DEEP                          = 201;
+  ASN1_R_NON_HEX_CHARACTERS                       = 141;
+  ASN1_R_NOT_ASCII_FORMAT                         = 190;
+  ASN1_R_NOT_ENOUGH_DATA                          = 142;
+  ASN1_R_NO_CONTENT_TYPE                          = 209;
+  ASN1_R_NO_MATCHING_CHOICE_TYPE                  = 143;
+  ASN1_R_NO_MULTIPART_BODY_FAILURE                = 210;
+  ASN1_R_NO_MULTIPART_BOUNDARY                    = 211;
+  ASN1_R_NO_SIG_CONTENT_TYPE                      = 212;
+  ASN1_R_NULL_IS_WRONG_LENGTH                     = 144;
+  ASN1_R_OBJECT_NOT_ASCII_FORMAT                  = 191;
+  ASN1_R_ODD_NUMBER_OF_CHARS                      = 145;
+  ASN1_R_SECOND_NUMBER_TOO_LARGE                  = 147;
+  ASN1_R_SEQUENCE_LENGTH_MISMATCH                 = 148;
+  ASN1_R_SEQUENCE_NOT_CONSTRUCTED                 = 149;
+  ASN1_R_SEQUENCE_OR_SET_NEEDS_CONFIG             = 192;
+  ASN1_R_SHORT_LINE                               = 150;
+  ASN1_R_SIG_INVALID_MIME_TYPE                    = 213;
+  ASN1_R_STREAMING_NOT_SUPPORTED                  = 202;
+  ASN1_R_STRING_TOO_LONG                          = 151;
+  ASN1_R_STRING_TOO_SHORT                         = 152;
+  ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD = 154;
+  ASN1_R_TIME_NOT_ASCII_FORMAT                    = 193;
+  ASN1_R_TOO_LARGE                                = 223;
+  ASN1_R_TOO_LONG                                 = 155;
+  ASN1_R_TOO_SMALL                                = 224;
+  ASN1_R_TYPE_NOT_CONSTRUCTED                     = 156;
+  ASN1_R_TYPE_NOT_PRIMITIVE                       = 195;
+  ASN1_R_UNEXPECTED_EOC                           = 159;
+  ASN1_R_UNIVERSALSTRING_IS_WRONG_LENGTH          = 215;
+  ASN1_R_UNKNOWN_FORMAT                           = 160;
+  ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM         = 161;
+  ASN1_R_UNKNOWN_OBJECT_TYPE                      = 162;
+  ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE                  = 163;
+  ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM              = 199;
+  ASN1_R_UNKNOWN_TAG                              = 194;
+  ASN1_R_UNSUPPORTED_ANY_DEFINED_BY_TYPE          = 164;
+  ASN1_R_UNSUPPORTED_CIPHER                       = 228;
+  ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE              = 167;
+  ASN1_R_UNSUPPORTED_TYPE                         = 196;
+  ASN1_R_WRONG_INTEGER_TYPE                       = 225;
+  ASN1_R_WRONG_PUBLIC_KEY_TYPE                    = 200;
+  ASN1_R_WRONG_TAG                                = 168;
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+procedure UnLoad;
+{$ENDREGION}
+
+var
+  ERR_load_ASN1_strings: function: TIdC_INT cdecl = nil;
+
+implementation
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+
+  function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
+  begin
+    Result := LoadLibFunction(ADllHandle, AMethodName);
+    if not Assigned(Result) then
+      AFailed.Add(AMethodName);
+  end;
+
+begin
+  ERR_load_ASN1_strings := LoadFunction('ERR_load_ASN1_strings', AFailed);
+end;
+
+procedure UnLoad;
+begin
+  ERR_load_ASN1_strings := nil;
+end;
+{$ENDREGION}
+
+end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_asn1t.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_asn1t.pas
new file mode 100644
index 000000000..3b3e66844
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_asn1t.pas
@@ -0,0 +1,1029 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 15:01:04
+
+unit IdOpenSSLHeaders_asn1t;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// asn1t.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  Classes,
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts,
+  IdOpenSSLHeaders_ossl_typ;
+  
+type
+  // moved from asn1
+  ASN1_ITEM_EXP = ASN1_ITEM;
+  PASN1_ITEM_EXP = ^ASN1_ITEM_EXP;
+
+//# ifndef OPENSSL_EXPORT_VAR_AS_FUNCTION
+//
+///// Macro to obtain ASN1_ADB pointer from a type (only used internally) ///
+//#  define ASN1_ADB_ptr(iptr) ((const ASN1_ADB //)(iptr))
+//
+///// Macros for start and end of ASN1_ITEM definition ///
+//
+//#  define ASN1_ITEM_start(itname) \
+//        const ASN1_ITEM itname##_it = {
+//
+//#  define static_ASN1_ITEM_start(itname) \
+//        static const ASN1_ITEM itname##_it = {
+//
+//#  define ASN1_ITEM_end(itname)                 \
+//                };
+//
+//# else
+//
+///// Macro to obtain ASN1_ADB pointer from a type (only used internally) ///
+//#  define ASN1_ADB_ptr(iptr) ((const ASN1_ADB //)((iptr)()))
+//
+///// Macros for start and end of ASN1_ITEM definition ///
+//
+//#  define ASN1_ITEM_start(itname) \
+//        const ASN1_ITEM // itname##_it(void) \
+//        { \
+//                static const ASN1_ITEM local_it = {
+//
+//#  define static_ASN1_ITEM_start(itname) \
+//        static ASN1_ITEM_start(itname)
+//
+//#  define ASN1_ITEM_end(itname) \
+//                }; \
+//        return &local_it; \
+//        }
+//
+//# endif
+//
+///// Macros to aid ASN1 template writing ///
+//
+//  ASN1_ITEM_TEMPLATE(tname) \
+//        static const PASN1_TEMPLATE tname##_item_tt
+//
+//  ASN1_ITEM_TEMPLATE_END(tname) \
+//        ;\
+//        ASN1_ITEM_start(tname) \
+//                ASN1_ITYPE_PRIMITIVE,\
+//                -1,\
+//                &tname##_item_tt,\
+//                0,\
+//                NULL,\
+//                0,\
+//                #tname \
+//        ASN1_ITEM_end(tname)
+//  static_ASN1_ITEM_TEMPLATE_END(tname) \
+//        ;\
+//        static_ASN1_ITEM_start(tname) \
+//                ASN1_ITYPE_PRIMITIVE,\
+//                -1,\
+//                &tname##_item_tt,\
+//                0,\
+//                NULL,\
+//                0,\
+//                #tname \
+//        ASN1_ITEM_end(tname)
+//
+///// This is a ASN1 type which just embeds a template ///
+//
+/////-
+// // This pair helps declare a SEQUENCE. We can do:
+// //
+// //      ASN1_SEQUENCE(stname) = {
+// //              ... SEQUENCE components ...
+// //      } ASN1_SEQUENCE_END(stname)
+// //
+// //      This will produce an ASN1_ITEM called stname_it
+// //      for a structure called stname.
+// //
+// //      If you want the same structure but a different
+// //      name then use:
+// //
+// //      ASN1_SEQUENCE(itname) = {
+// //              ... SEQUENCE components ...
+// //      } ASN1_SEQUENCE_END_name(stname, itname)
+// //
+// //      This will create an item called itname_it using
+// //      a structure called stname.
+// ///
+//
+//  ASN1_SEQUENCE(tname) \
+//        static const PASN1_TEMPLATE tname##_seq_tt[]
+//
+//  ASN1_SEQUENCE_END(stname) ASN1_SEQUENCE_END_name(stname, stname)
+//
+//  static_ASN1_SEQUENCE_END(stname) static_ASN1_SEQUENCE_END_name(stname, stname)
+//
+//  ASN1_SEQUENCE_END_name(stname, tname) \
+//        ;\
+//        ASN1_ITEM_start(tname) \
+//                ASN1_ITYPE_SEQUENCE,\
+//                V_ASN1_SEQUENCE,\
+//                tname##_seq_tt,\
+//                sizeof(tname##_seq_tt) / sizeof(PASN1_TEMPLATE),\
+//                NULL,\
+//                sizeof(stname),\
+//                #tname \
+//        ASN1_ITEM_end(tname)
+//
+//  static_ASN1_SEQUENCE_END_name(stname, tname) \
+//        ;\
+//        static_ASN1_ITEM_start(tname) \
+//                ASN1_ITYPE_SEQUENCE,\
+//                V_ASN1_SEQUENCE,\
+//                tname##_seq_tt,\
+//                sizeof(tname##_seq_tt) / sizeof(PASN1_TEMPLATE),\
+//                NULL,\
+//                sizeof(stname),\
+//                #stname \
+//        ASN1_ITEM_end(tname)
+//
+//  ASN1_NDEF_SEQUENCE(tname) \
+//        ASN1_SEQUENCE(tname)
+//
+//  ASN1_NDEF_SEQUENCE_cb(tname, cb) \
+//        ASN1_SEQUENCE_cb(tname, cb)
+//
+//  ASN1_SEQUENCE_cb(tname, cb) \
+//        static const ASN1_AUX tname##_aux = {NULL, 0, 0, 0, cb, 0}; \
+//        ASN1_SEQUENCE(tname)
+//
+//  ASN1_BROKEN_SEQUENCE(tname) \
+//        static const ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_BROKEN, 0, 0, 0, 0}; \
+//        ASN1_SEQUENCE(tname)
+//
+//  ASN1_SEQUENCE_ref(tname, cb) \
+//        static const ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_REFCOUNT, offsetof(tname, references), offsetof(tname, lock), cb, 0}; \
+//        ASN1_SEQUENCE(tname)
+//
+//  ASN1_SEQUENCE_enc(tname, enc, cb) \
+//        static const ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_ENCODING, 0, 0, cb, offsetof(tname, enc)}; \
+//        ASN1_SEQUENCE(tname)
+//
+//  ASN1_NDEF_SEQUENCE_END(tname) \
+//        ;\
+//        ASN1_ITEM_start(tname) \
+//                ASN1_ITYPE_NDEF_SEQUENCE,\
+//                V_ASN1_SEQUENCE,\
+//                tname##_seq_tt,\
+//                sizeof(tname##_seq_tt) / sizeof(PASN1_TEMPLATE),\
+//                NULL,\
+//                sizeof(tname),\
+//                #tname \
+//        ASN1_ITEM_end(tname)
+//  static_ASN1_NDEF_SEQUENCE_END(tname) \
+//        ;\
+//        static_ASN1_ITEM_start(tname) \
+//                ASN1_ITYPE_NDEF_SEQUENCE,\
+//                V_ASN1_SEQUENCE,\
+//                tname##_seq_tt,\
+//                sizeof(tname##_seq_tt) / sizeof(PASN1_TEMPLATE),\
+//                NULL,\
+//                sizeof(tname),\
+//                #tname \
+//        ASN1_ITEM_end(tname)
+//
+//  ASN1_BROKEN_SEQUENCE_END(stname) ASN1_SEQUENCE_END_ref(stname, stname)
+//  static_ASN1_BROKEN_SEQUENCE_END(stname) \
+//        static_ASN1_SEQUENCE_END_ref(stname, stname)
+//
+//  ASN1_SEQUENCE_END_enc(stname, tname) ASN1_SEQUENCE_END_ref(stname, tname)
+//
+//  ASN1_SEQUENCE_END_cb(stname, tname) ASN1_SEQUENCE_END_ref(stname, tname)
+//  static_ASN1_SEQUENCE_END_cb(stname, tname) static_ASN1_SEQUENCE_END_ref(stname, tname)
+//
+//  ASN1_SEQUENCE_END_ref(stname, tname) \
+//        ;\
+//        ASN1_ITEM_start(tname) \
+//                ASN1_ITYPE_SEQUENCE,\
+//                V_ASN1_SEQUENCE,\
+//                tname##_seq_tt,\
+//                sizeof(tname##_seq_tt) / sizeof(PASN1_TEMPLATE),\
+//                &tname##_aux,\
+//                sizeof(stname),\
+//                #tname \
+//        ASN1_ITEM_end(tname)
+//  static_ASN1_SEQUENCE_END_ref(stname, tname) \
+//        ;\
+//        static_ASN1_ITEM_start(tname) \
+//                ASN1_ITYPE_SEQUENCE,\
+//                V_ASN1_SEQUENCE,\
+//                tname##_seq_tt,\
+//                sizeof(tname##_seq_tt) / sizeof(PASN1_TEMPLATE),\
+//                &tname##_aux,\
+//                sizeof(stname),\
+//                #stname \
+//        ASN1_ITEM_end(tname)
+//
+//  ASN1_NDEF_SEQUENCE_END_cb(stname, tname) \
+//        ;\
+//        ASN1_ITEM_start(tname) \
+//                ASN1_ITYPE_NDEF_SEQUENCE,\
+//                V_ASN1_SEQUENCE,\
+//                tname##_seq_tt,\
+//                sizeof(tname##_seq_tt) / sizeof(PASN1_TEMPLATE),\
+//                &tname##_aux,\
+//                sizeof(stname),\
+//                #stname \
+//        ASN1_ITEM_end(tname)
+//
+/////-
+// // This pair helps declare a CHOICE type. We can do:
+// //
+// //      ASN1_CHOICE(chname) = {
+// //              ... CHOICE options ...
+// //      ASN1_CHOICE_END(chname)
+// //
+// //      This will produce an ASN1_ITEM called chname_it
+// //      for a structure called chname. The structure
+// //      definition must look like this:
+// //      typedef struct {
+// //              int type;
+// //              union {
+// //                      ASN1_SOMETHING //opt1;
+// //                      ASN1_SOMEOTHER //opt2;
+// //              } value;
+// //      } chname;
+// //
+// //      the name of the selector must be 'type'.
+// //      to use an alternative selector name use the
+// //      ASN1_CHOICE_END_selector() version.
+// ///
+//
+//  ASN1_CHOICE(tname) \
+//        static const PASN1_TEMPLATE tname##_ch_tt[]
+//
+//  ASN1_CHOICE_cb(tname, cb) \
+//        static const ASN1_AUX tname##_aux = {NULL, 0, 0, 0, cb, 0}; \
+//        ASN1_CHOICE(tname)
+//
+//  ASN1_CHOICE_END(stname) ASN1_CHOICE_END_name(stname, stname)
+//
+//  static_ASN1_CHOICE_END(stname) static_ASN1_CHOICE_END_name(stname, stname)
+//
+//  ASN1_CHOICE_END_name(stname, tname) ASN1_CHOICE_END_selector(stname, tname, type)
+//
+//  static_ASN1_CHOICE_END_name(stname, tname) static_ASN1_CHOICE_END_selector(stname, tname, type)
+//
+//  ASN1_CHOICE_END_selector(stname, tname, selname) \
+//        ;\
+//        ASN1_ITEM_start(tname) \
+//                ASN1_ITYPE_CHOICE,\
+//                offsetof(stname,selname) ,\
+//                tname##_ch_tt,\
+//                sizeof(tname##_ch_tt) / sizeof(PASN1_TEMPLATE),\
+//                NULL,\
+//                sizeof(stname),\
+//                #stname \
+//        ASN1_ITEM_end(tname)
+//
+//  static_ASN1_CHOICE_END_selector(stname, tname, selname) \
+//        ;\
+//        static_ASN1_ITEM_start(tname) \
+//                ASN1_ITYPE_CHOICE,\
+//                offsetof(stname,selname) ,\
+//                tname##_ch_tt,\
+//                sizeof(tname##_ch_tt) / sizeof(PASN1_TEMPLATE),\
+//                NULL,\
+//                sizeof(stname),\
+//                #stname \
+//        ASN1_ITEM_end(tname)
+//
+//  ASN1_CHOICE_END_cb(stname, tname, selname) \
+//        ;\
+//        ASN1_ITEM_start(tname) \
+//                ASN1_ITYPE_CHOICE,\
+//                offsetof(stname,selname) ,\
+//                tname##_ch_tt,\
+//                sizeof(tname##_ch_tt) / sizeof(PASN1_TEMPLATE),\
+//                &tname##_aux,\
+//                sizeof(stname),\
+//                #stname \
+//        ASN1_ITEM_end(tname)
+//
+///// This helps with the template wrapper form of ASN1_ITEM ///
+//
+//  ASN1_EX_TEMPLATE_TYPE(flags, tag, name, type) { \
+//        (flags), (tag), 0,\
+//        #name, ASN1_ITEM_ref(type) }
+//
+///// These help with SEQUENCE or CHOICE components ///
+//
+///// used to declare other types ///
+//
+//  ASN1_EX_TYPE(flags, tag, stname, field, type) { \
+//        (flags), (tag), offsetof(stname, field),\
+//        #field, ASN1_ITEM_ref(type) }
+//
+///// implicit and explicit helper macros ///
+//
+//  ASN1_IMP_EX(stname, field, type, tag, ex) \
+//         ASN1_EX_TYPE(ASN1_TFLG_IMPLICIT | (ex), tag, stname, field, type)
+//
+//  ASN1_EXP_EX(stname, field, type, tag, ex) \
+//         ASN1_EX_TYPE(ASN1_TFLG_EXPLICIT | (ex), tag, stname, field, type)
+//
+///// Any defined by macros: the field used is in the table itself ///
+//
+//# ifndef OPENSSL_EXPORT_VAR_AS_FUNCTION
+//#  define ASN1_ADB_OBJECT(tblname) { ASN1_TFLG_ADB_OID, -1, 0, #tblname, (const ASN1_ITEM //)&(tblname##_adb) }
+//#  define ASN1_ADB_INTEGER(tblname) { ASN1_TFLG_ADB_INT, -1, 0, #tblname, (const ASN1_ITEM //)&(tblname##_adb) }
+//# else
+//#  define ASN1_ADB_OBJECT(tblname) { ASN1_TFLG_ADB_OID, -1, 0, #tblname, tblname##_adb }
+//#  define ASN1_ADB_INTEGER(tblname) { ASN1_TFLG_ADB_INT, -1, 0, #tblname, tblname##_adb }
+//# endif
+///// Plain simple type ///
+//  ASN1_SIMPLE(stname, field, type) ASN1_EX_TYPE(0,0, stname, field, type)
+///// Embedded simple type ///
+//  ASN1_EMBED(stname, field, type) ASN1_EX_TYPE(ASN1_TFLG_EMBED,0, stname, field, type)
+//
+///// OPTIONAL simple type ///
+//  ASN1_OPT(stname, field, type) ASN1_EX_TYPE(ASN1_TFLG_OPTIONAL, 0, stname, field, type)
+//  ASN1_OPT_EMBED(stname, field, type) ASN1_EX_TYPE(ASN1_TFLG_OPTIONAL|ASN1_TFLG_EMBED, 0, stname, field, type)
+//
+///// IMPLICIT tagged simple type ///
+//  ASN1_IMP(stname, field, type, tag) ASN1_IMP_EX(stname, field, type, tag, 0)
+//  ASN1_IMP_EMBED(stname, field, type, tag) ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_EMBED)
+//
+///// IMPLICIT tagged OPTIONAL simple type ///
+//  ASN1_IMP_OPT(stname, field, type, tag) ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_OPTIONAL)
+//  ASN1_IMP_OPT_EMBED(stname, field, type, tag) ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_OPTIONAL|ASN1_TFLG_EMBED)
+//
+///// Same as above but EXPLICIT ///
+//
+//  ASN1_EXP(stname, field, type, tag) ASN1_EXP_EX(stname, field, type, tag, 0)
+//  ASN1_EXP_EMBED(stname, field, type, tag) ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_EMBED)
+//  ASN1_EXP_OPT(stname, field, type, tag) ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_OPTIONAL)
+//  ASN1_EXP_OPT_EMBED(stname, field, type, tag) ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_OPTIONAL|ASN1_TFLG_EMBED)
+//
+///// SEQUENCE OF type ///
+//  ASN1_SEQUENCE_OF(stname, field, type) \
+//                ASN1_EX_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, stname, field, type)
+//
+///// OPTIONAL SEQUENCE OF ///
+//  ASN1_SEQUENCE_OF_OPT(stname, field, type) \
+//                ASN1_EX_TYPE(ASN1_TFLG_SEQUENCE_OF|ASN1_TFLG_OPTIONAL, 0, stname, field, type)
+//
+///// Same as above but for SET OF ///
+//
+//  ASN1_SET_OF(stname, field, type) \
+//                ASN1_EX_TYPE(ASN1_TFLG_SET_OF, 0, stname, field, type)
+//
+//  ASN1_SET_OF_OPT(stname, field, type) \
+//                ASN1_EX_TYPE(ASN1_TFLG_SET_OF|ASN1_TFLG_OPTIONAL, 0, stname, field, type)
+//
+///// Finally compound types of SEQUENCE, SET, IMPLICIT, EXPLICIT and OPTIONAL ///
+//
+//  ASN1_IMP_SET_OF(stname, field, type, tag) \
+//                        ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_SET_OF)
+//
+//  ASN1_EXP_SET_OF(stname, field, type, tag) \
+//                        ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SET_OF)
+//
+//  ASN1_IMP_SET_OF_OPT(stname, field, type, tag) \
+//                        ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_SET_OF|ASN1_TFLG_OPTIONAL)
+//
+//  ASN1_EXP_SET_OF_OPT(stname, field, type, tag) \
+//                        ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SET_OF|ASN1_TFLG_OPTIONAL)
+//
+//  ASN1_IMP_SEQUENCE_OF(stname, field, type, tag) \
+//                        ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF)
+//
+//  ASN1_IMP_SEQUENCE_OF_OPT(stname, field, type, tag) \
+//                        ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF|ASN1_TFLG_OPTIONAL)
+//
+//  ASN1_EXP_SEQUENCE_OF(stname, field, type, tag) \
+//                        ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF)
+//
+//  ASN1_EXP_SEQUENCE_OF_OPT(stname, field, type, tag) \
+//                        ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF|ASN1_TFLG_OPTIONAL)
+//
+///// EXPLICIT using indefinite length constructed form ///
+//  ASN1_NDEF_EXP(stname, field, type, tag) \
+//                        ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_NDEF)
+//
+///// EXPLICIT OPTIONAL using indefinite length constructed form ///
+//  ASN1_NDEF_EXP_OPT(stname, field, type, tag) \
+//                        ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_OPTIONAL|ASN1_TFLG_NDEF)
+//
+///// Macros for the ASN1_ADB structure ///
+//
+//  ASN1_ADB(name) \
+//        static const ASN1_ADB_TABLE name##_adbtbl[]
+//
+//# ifndef OPENSSL_EXPORT_VAR_AS_FUNCTION
+//
+//#  define ASN1_ADB_END(name, flags, field, adb_cb, def, none) \
+//        ;\
+//        static const ASN1_ADB name##_adb = {\
+//                flags,\
+//                offsetof(name, field),\
+//                adb_cb,\
+//                name##_adbtbl,\
+//                sizeof(name##_adbtbl) / sizeof(ASN1_ADB_TABLE),\
+//                def,\
+//                none\
+//        }
+//
+//# else
+//
+//#  define ASN1_ADB_END(name, flags, field, adb_cb, def, none) \
+//        ;\
+//        static const ASN1_ITEM //name##_adb(void) \
+//        { \
+//        static const ASN1_ADB internal_adb = \
+//                {\
+//                flags,\
+//                offsetof(name, field),\
+//                adb_cb,\
+//                name##_adbtbl,\
+//                sizeof(name##_adbtbl) / sizeof(ASN1_ADB_TABLE),\
+//                def,\
+//                none\
+//                }; \
+//                return (const ASN1_ITEM //) &internal_adb; \
+//        } \
+//        void dummy_function(void)
+//
+//# endif
+//
+//  ADB_ENTRY(val, template) {val, template}
+//
+//  ASN1_ADB_TEMPLATE(name) \
+//        static const PASN1_TEMPLATE name##_tt
+//
+/////
+// // This is the ASN1 template structure that defines a wrapper round the
+// // actual type. It determines the actual position of the field in the value
+// // structure, various flags such as OPTIONAL and the field name.
+// ///
+
+type
+  ASN1_TEMPLATE_st = record
+    flags: TIdC_ULONG;
+    tag: TIdC_LONG;
+    offset: TIdC_ULONG;
+    fieldname: PIdAnsiChar;
+    item: PASN1_ITEM_EXP;
+  end;  
+  ASN1_TEMPLATE = ASN1_TEMPLATE_st;
+  PASN1_TEMPLATE = ^ASN1_TEMPLATE;
+
+///// Macro to extract ASN1_ITEM and ASN1_ADB pointer from PASN1_TEMPLATE ///
+//
+//  ASN1_TEMPLATE_item(t) (t->item_ptr)
+//  ASN1_TEMPLATE_adb(t) (t->item_ptr)
+
+  adb_cb_callback = function(psel: PIdC_LONG): TIdC_INT;
+
+  ASN1_ADB_TABLE_st = record
+    value: TIdC_LONG;
+    tt: PASN1_TEMPLATE;
+  end;
+
+  ASN1_ADB_TABLE = ASN1_ADB_TABLE_st;
+  PASN1_ADB_TABLE = ^ASN1_ADB_TABLE;
+  
+  ASN1_ADB_st = record
+    flags: TIdC_ULONG;
+    offset: TIdC_ULONG;
+    adb_cb: adb_cb_callback;
+    tbl: PASN1_ADB_TABLE;
+    tblcount: TIdC_LONG;
+    default_tt: PASN1_TEMPLATE;
+    null_tt: PASN1_TEMPLATE;
+  end;
+  ASN1_ADB = ASN1_ADB_st;
+
+const
+// template flags //
+
+// Field is optional //
+  ASN1_TFLG_OPTIONAL     = $1;
+
+// Field is a SET OF //
+  ASN1_TFLG_SET_OF       = ($1 shl 1);
+
+// Field is a SEQUENCE OF //
+  ASN1_TFLG_SEQUENCE_OF  = ($2 shl 1);
+
+//
+// Special case: this refers to a SET OF that will be sorted into DER order
+// when encoded /and/ the corresponding STACK will be modified to match the
+// new order.
+ //
+  ASN1_TFLG_SET_ORDER     = ($3 shl 1);
+
+// Mask for SET OF or SEQUENCE OF //
+  ASN1_TFLG_SK_MASK       = ($3 shl 1);
+
+//
+//  These flags mean the tag should be taken from the tag field. If EXPLICIT
+//  then the underlying type is used for the inner tag.
+ //
+
+// IMPLICIT tagging //
+  ASN1_TFLG_IMPTAG        = ($1 shl 3);
+
+// EXPLICIT tagging, inner tag from underlying type //
+  ASN1_TFLG_EXPTAG        = ($2 shl 3);
+
+  ASN1_TFLG_TAG_MASK      = ($3 shl 3);
+
+// context specific IMPLICIT //
+//   ASN1_TFLG_IMPLICIT      (ASN1_TFLG_IMPTAG|ASN1_TFLG_CONTEXT)
+
+// context specific EXPLICIT //
+//   ASN1_TFLG_EXPLICIT      (ASN1_TFLG_EXPTAG|ASN1_TFLG_CONTEXT)
+
+//
+// If tagging is in force these determine the type of tag to use. Otherwise
+// the tag is determined by the underlying type. These values reflect the
+// actual octet format.
+ //
+
+// Universal tag //
+  ASN1_TFLG_UNIVERSAL     = ($0 shl 6);
+// Application tag //
+  ASN1_TFLG_APPLICATION   = ($1 shl 6);
+// Context specific tag //
+  ASN1_TFLG_CONTEXT       = ($2 shl 6);
+// Private tag //
+  ASN1_TFLG_PRIVATE       = ($3 shl 6);
+
+  ASN1_TFLG_TAG_CLASS     = ($3 shl 6);
+
+//
+// These are for ANY DEFINED BY type. In this case the 'item' field points to
+// an ASN1_ADB structure which contains a table of values to decode the
+// relevant type
+ //
+
+  ASN1_TFLG_ADB_MASK      = ($3 shl 8);
+
+  ASN1_TFLG_ADB_OID       = ($1 shl 8);
+
+  ASN1_TFLG_ADB_INT       = ($1 shl 9);
+
+//
+// This flag when present in a SEQUENCE OF, SET OF or EXPLICIT causes
+// indefinite length constructed encoding to be used if required.
+ //
+
+  ASN1_TFLG_NDEF          = ($1 shl 11);
+
+// Field is embedded and not a pointer //
+  ASN1_TFLG_EMBED         = ($1 shl 12);
+
+// This is the actual ASN1 item itself //
+
+type
+  ASN1_ITEM_st = record
+    itype: AnsiChar;
+    utype: TIdC_LONG;
+    template: PASN1_TEMPLATE;
+    tcount: TIdC_LONG;
+    funcs: Pointer;
+    size: TIdC_LONG;
+    sname: PIdAnsiChar;
+  end;
+
+//-
+ // These are values for the itype field and
+ // determine how the type is interpreted.
+ //
+ // For PRIMITIVE types the underlying type
+ // determines the behaviour if items is NULL.
+ //
+ // Otherwise templates must contain a single
+ // template and the type is treated in the
+ // same way as the type specified in the template.
+ //
+ // For SEQUENCE types the templates field points
+ // to the members, the size field is the
+ // structure size.
+ //
+ // For CHOICE types the templates field points
+ // to each possible member (typically a union)
+ // and the 'size' field is the offset of the
+ // selector.
+ //
+ // The 'funcs' field is used for application
+ // specific functions.
+ //
+ // The EXTERN type uses a new style d2i/i2d.
+ // The new style should be used where possible
+ // because it avoids things like the d2i IMPLICIT
+ // hack.
+ //
+ // MSTRING is a multiple string type, it is used
+ // for a CHOICE of character strings where the
+ // actual strings all occupy an ASN1_STRING
+ // structure. In this case the 'utype' field
+ // has a special meaning, it is used as a mask
+ // of acceptable types using the B_ASN1 constants.
+ //
+ // NDEF_SEQUENCE is the same as SEQUENCE except
+ // that it will use indefinite length constructed
+ // encoding if requested.
+ //
+ //
+const
+  ASN1_ITYPE_PRIMITIVE            = $0;
+
+  ASN1_ITYPE_SEQUENCE             = $1;
+
+  ASN1_ITYPE_CHOICE               = $2;
+
+  ASN1_ITYPE_EXTERN               = $4;
+
+  ASN1_ITYPE_MSTRING              = $5;
+
+  ASN1_ITYPE_NDEF_SEQUENCE        = $6;
+
+//
+ // Cache for ASN1 tag and length, so we don't keep re-reading it for things
+ // like CHOICE
+ //
+
+type
+  ASN1_TLC_st = record
+    valid: AnsiChar;
+    ret: TIdC_INT;
+    plen: TIdC_LONG;
+    ptag: TIdC_INT;
+    pclass: TIdC_INT;
+    hdrlen: TIdC_INT;
+  end;
+  ASN1_TLC = ASN1_TLC_st;
+  PASN1_TLC = ^ASN1_TLC;
+
+  ASN1_ex_d2i = function(pval: PPASN1_VALUE; const AIn: PPByte; len: TIdC_LONG;
+    const it: PASN1_ITEM; tag: TIdC_INT; aclass: TIdC_INT;
+    opt: AnsiChar; ctx: PASN1_TLC): TIdC_INT;
+  PASN1_ex_d2i = ^ASN1_ex_d2i;
+
+  ASN1_ex_i2d = function(pval: PPASN1_VALUE; AOut: PPByte; const it: PASN1_ITEM;
+    tag: TIdC_INT; aclass: TIdC_INT): TIdC_INT;
+  PASN1_ex_i2d = ^ASN1_ex_i2d;
+
+  ASN1_ex_new_func = function(pval: PPASN1_VALUE; const it: PASN1_ITEM): TIdC_INT;
+  PASN1_ex_new_func = ^ASN1_ex_new_func;
+
+  ASN1_ex_free_func = procedure(pval: PPASN1_VALUE; const it: PASN1_ITEM);
+  PASN1_ex_free_func = ^ASN1_ex_free_func;
+
+  ASN1_ex_print_func = function(AOut: PBIO; pval: PPASN1_VALUE; indent: TIdC_INT;
+    const fname: PIdAnsiChar; const pctx: PASN1_PCTX): TIdC_INT;
+  PASN1_ex_print_func = ^ASN1_ex_print_func;
+
+  ASN1_primitive_i2c = function(pval: PPASN1_VALUE; const cont: PIdAnsiChar;
+    puttype: PIdC_INT; const it: PASN1_ITEM): TIdC_INT;
+  PASN1_primitive_i2c = ^ASN1_primitive_i2c;
+
+  ASN1_primitive_c2i = function(pval: PPASN1_VALUE; const cont: PByte;
+    len: TIdC_INT; utype: TIdC_INT; free_cont: PIdAnsiChar;
+    const it: PASN1_ITEM): TIdC_INT;
+  PASN1_primitive_c2i = ^ASN1_primitive_c2i;
+
+  ASN1_primitive_print = function(AOut: PBIO; pval: PPASN1_VALUE;
+    const it: PASN1_ITEM; indent: TIdC_INT; const pctx: PASN1_PCTX): TIdC_INT;
+  PASN1_primitive_print = ^ASN1_primitive_print;
+
+  ASN1_EXTERN_FUNCS_st = record
+    app_data: Pointer;
+    asn1_ex_new: PASN1_ex_new_func;
+    asn1_ex_free: PASN1_ex_free_func;
+    asn1_ex_clear: PASN1_ex_free_func;
+    asn1_ex_d2i: PASN1_ex_d2i;
+    asn1_ex_i2d: PASN1_ex_i2d;
+    asn1_ex_print: PASN1_ex_print_func;
+  end;
+
+  ASN1_EXTERN_FUNCS = ASN1_EXTERN_FUNCS_st;
+
+  ASN1_PRIMITIVE_FUNCS_st = record
+    app_data: Pointer;
+    flags: TIdC_ULONG;
+    prim_new: PASN1_ex_new_func;
+    prim_free: PASN1_ex_free_func;
+    prim_clear: PASN1_ex_free_func;
+    prim_c2i: PASN1_primitive_c2i;
+    prim_i2c: PASN1_primitive_i2c;
+    prim_print: PASN1_primitive_print;
+  end;
+
+  ASN1_PRIMITIVE_FUNCS = ASN1_PRIMITIVE_FUNCS_st;
+
+//
+ // This is the ASN1_AUX structure: it handles various miscellaneous
+ // requirements. For example the use of reference counts and an informational
+ // callback. The "informational callback" is called at various points during
+ // the ASN1 encoding and decoding. It can be used to provide minor
+ // customisation of the structures used. This is most useful where the
+ // supplied routines //almost// do the right thing but need some extra help at
+ // a few points. If the callback returns zero then it is assumed a fatal
+ // error has occurred and the main operation should be abandoned. If major
+ // changes in the default behaviour are required then an external type is
+ // more appropriate.
+ //
+
+  ASN1_aux_cb = function(operation: TIdC_INT; AIn: PASN1_VALUE; const it: PASN1_ITEM; exarg: Pointer): TIdC_INT;
+  PASN1_aux_cb = ^ASN1_aux_cb;
+
+  ASN1_AUX_st = record
+    app_data: Pointer;
+    flags: TIdC_INT;
+    ref_offset: TIdC_INT;
+    ref_lock: TIdC_INT;
+    asn1_cb: PASN1_aux_cb;
+    enc_offset: TidC_INT;
+  end;
+
+  ASN1_AUX = ASN1_AUX_st;
+
+// For print related callbacks exarg points to this structure
+
+  ASN1_PRINT_ARG_st = record
+    AOut: PBIO;
+    indent: TIdC_INT;
+    pctx: PASN1_PCTX;
+  end;
+
+  ASN1_PRINT_ARG = ASN1_PRINT_ARG_st;
+
+// For streaming related callbacks exarg points to this structure
+  ASN1_STREAM_ARG_st = record
+    // BIO to stream through
+    FOut: PBIO;
+    // BIO with filters appended
+    ndef_bio: PBIO;
+    // Streaming I/O boundary
+    boundary: PPByte;
+  end;
+
+  ASN1_STREAM_ARG = ASN1_STREAM_ARG_st;
+
+const
+/// Flags in ASN1_AUX ///
+
+/// Use a reference count ///
+  ASN1_AFLG_REFCOUNT      = 1;
+/// Save the encoding of structure (useful for signatures) ///
+  ASN1_AFLG_ENCODING      = 2;
+/// The Sequence length is invalid ///
+  ASN1_AFLG_BROKEN        = 4;
+
+/// operation values for asn1_cb ///
+
+  ASN1_OP_NEW_PRE         = 0;
+  ASN1_OP_NEW_POST        = 1;
+  ASN1_OP_FREE_PRE        = 2;
+  ASN1_OP_FREE_POST       = 3;
+  ASN1_OP_D2I_PRE         = 4;
+  ASN1_OP_D2I_POST        = 5;
+  ASN1_OP_I2D_PRE         = 6;
+  ASN1_OP_I2D_POST        = 7;
+  ASN1_OP_PRINT_PRE       = 8;
+  ASN1_OP_PRINT_POST      = 9;
+  ASN1_OP_STREAM_PRE      = 10;
+  ASN1_OP_STREAM_POST     = 11;
+  ASN1_OP_DETACHED_PRE    = 12;
+  ASN1_OP_DETACHED_POST   = 13;
+
+///* Macro to implement a primitive type */
+//# define IMPLEMENT_ASN1_TYPE(stname) IMPLEMENT_ASN1_TYPE_ex(stname, stname, 0)
+//# define IMPLEMENT_ASN1_TYPE_ex(itname, vname, ex) \
+//                                ASN1_ITEM_start(itname) \
+//                                        ASN1_ITYPE_PRIMITIVE, V_##vname, NULL, 0, NULL, ex, #itname \
+//                                ASN1_ITEM_end(itname)
+//
+///* Macro to implement a multi string type */
+//# define IMPLEMENT_ASN1_MSTRING(itname, mask) \
+//                                ASN1_ITEM_start(itname) \
+//                                        ASN1_ITYPE_MSTRING, mask, NULL, 0, NULL, sizeof(ASN1_STRING), #itname \
+//                                ASN1_ITEM_end(itname)
+//
+//# define IMPLEMENT_EXTERN_ASN1(sname, tag, fptrs) \
+//        ASN1_ITEM_start(sname) \
+//                ASN1_ITYPE_EXTERN, \
+//                tag, \
+//                NULL, \
+//                0, \
+//                &fptrs, \
+//                0, \
+//                #sname \
+//        ASN1_ITEM_end(sname)
+//
+///* Macro to implement standard functions in terms of ASN1_ITEM structures */
+//
+//# define IMPLEMENT_ASN1_FUNCTIONS(stname) IMPLEMENT_ASN1_FUNCTIONS_fname(stname, stname, stname)
+//
+//# define IMPLEMENT_ASN1_FUNCTIONS_name(stname, itname) IMPLEMENT_ASN1_FUNCTIONS_fname(stname, itname, itname)
+//
+//# define IMPLEMENT_ASN1_FUNCTIONS_ENCODE_name(stname, itname) \
+//                        IMPLEMENT_ASN1_FUNCTIONS_ENCODE_fname(stname, itname, itname)
+//
+//# define IMPLEMENT_STATIC_ASN1_ALLOC_FUNCTIONS(stname) \
+//                IMPLEMENT_ASN1_ALLOC_FUNCTIONS_pfname(static, stname, stname, stname)
+//
+//# define IMPLEMENT_ASN1_ALLOC_FUNCTIONS(stname) \
+//                IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, stname, stname)
+//
+//# define IMPLEMENT_ASN1_ALLOC_FUNCTIONS_pfname(pre, stname, itname, fname) \
+//        pre stname *fname##_new(void) \
+//        { \
+//                return (stname *)ASN1_item_new(ASN1_ITEM_rptr(itname)); \
+//        } \
+//        pre void fname##_free(stname *a) \
+//        { \
+//                ASN1_item_free((ASN1_VALUE *)a, ASN1_ITEM_rptr(itname)); \
+//        }
+//
+//# define IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, itname, fname) \
+//        stname *fname##_new(void) \
+//        { \
+//                return (stname *)ASN1_item_new(ASN1_ITEM_rptr(itname)); \
+//        } \
+//        void fname##_free(stname *a) \
+//        { \
+//                ASN1_item_free((ASN1_VALUE *)a, ASN1_ITEM_rptr(itname)); \
+//        }
+//
+//# define IMPLEMENT_ASN1_FUNCTIONS_fname(stname, itname, fname) \
+//        IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(stname, itname, fname) \
+//        IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, itname, fname)
+//
+//# define IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(stname, itname, fname) \
+//        stname *d2i_##fname(stname **a, const unsigned char **in, long len) \
+//        { \
+//                return (stname *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, ASN1_ITEM_rptr(itname));\
+//        } \
+//        int i2d_##fname(stname *a, unsigned char **out) \
+//        { \
+//                return ASN1_item_i2d((ASN1_VALUE *)a, out, ASN1_ITEM_rptr(itname));\
+//        }
+//
+//# define IMPLEMENT_ASN1_NDEF_FUNCTION(stname) \
+//        int i2d_##stname##_NDEF(stname *a, unsigned char **out) \
+//        { \
+//                return ASN1_item_ndef_i2d((ASN1_VALUE *)a, out, ASN1_ITEM_rptr(stname));\
+//        }
+//
+//# define IMPLEMENT_STATIC_ASN1_ENCODE_FUNCTIONS(stname) \
+//        static stname *d2i_##stname(stname **a, \
+//                                   const unsigned char **in, long len) \
+//        { \
+//                return (stname *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, \
+//                                               ASN1_ITEM_rptr(stname)); \
+//        } \
+//        static int i2d_##stname(stname *a, unsigned char **out) \
+//        { \
+//                return ASN1_item_i2d((ASN1_VALUE *)a, out, \
+//                                     ASN1_ITEM_rptr(stname)); \
+//        }
+//
+///*
+// * This includes evil casts to remove const: they will go away when full ASN1
+// * constification is done.
+// */
+//# define IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(stname, itname, fname) \
+//        stname *d2i_##fname(stname **a, const unsigned char **in, long len) \
+//        { \
+//                return (stname *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, ASN1_ITEM_rptr(itname));\
+//        } \
+//        int i2d_##fname(const stname *a, unsigned char **out) \
+//        { \
+//                return ASN1_item_i2d((ASN1_VALUE *)a, out, ASN1_ITEM_rptr(itname));\
+//        }
+//
+//# define IMPLEMENT_ASN1_DUP_FUNCTION(stname) \
+//        stname * stname##_dup(stname *x) \
+//        { \
+//        return ASN1_item_dup(ASN1_ITEM_rptr(stname), x); \
+//        }
+//
+//# define IMPLEMENT_ASN1_PRINT_FUNCTION(stname) \
+//        IMPLEMENT_ASN1_PRINT_FUNCTION_fname(stname, stname, stname)
+//
+//# define IMPLEMENT_ASN1_PRINT_FUNCTION_fname(stname, itname, fname) \
+//        int fname##_print_ctx(BIO *out, stname *x, int indent, \
+//                                                const ASN1_PCTX *pctx) \
+//        { \
+//                return ASN1_item_print(out, (ASN1_VALUE *)x, indent, \
+//                        ASN1_ITEM_rptr(itname), pctx); \
+//        }
+//
+//# define IMPLEMENT_ASN1_FUNCTIONS_const(name) \
+//                IMPLEMENT_ASN1_FUNCTIONS_const_fname(name, name, name)
+//
+//# define IMPLEMENT_ASN1_FUNCTIONS_const_fname(stname, itname, fname) \
+//        IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(stname, itname, fname) \
+//        IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, itname, fname)
+//
+//* external definitions for primitive types */
+
+//DECLARE_ASN1_ITEM(ASN1_BOOLEAN)
+//DECLARE_ASN1_ITEM(ASN1_TBOOLEAN)
+//DECLARE_ASN1_ITEM(ASN1_FBOOLEAN)
+//DECLARE_ASN1_ITEM(ASN1_SEQUENCE)
+//DECLARE_ASN1_ITEM(CBIGNUM)
+//DECLARE_ASN1_ITEM(BIGNUM)
+//DECLARE_ASN1_ITEM(INT32)
+//DECLARE_ASN1_ITEM(ZINT32)
+//DECLARE_ASN1_ITEM(UINT32)
+//DECLARE_ASN1_ITEM(ZUINT32)
+//DECLARE_ASN1_ITEM(INT64)
+//DECLARE_ASN1_ITEM(ZINT64)
+//DECLARE_ASN1_ITEM(UINT64)
+//DECLARE_ASN1_ITEM(ZUINT64)
+
+//# if OPENSSL_API_COMPAT < 0x10200000L
+///*
+// * LONG and ZLONG are strongly discouraged for use as stored data, as the
+// * underlying C type (long) differs in size depending on the architecture.
+// * They are designed with 32-bit longs in mind.
+// */
+//DECLARE_ASN1_ITEM(LONG)
+//DECLARE_ASN1_ITEM(ZLONG)
+//# endif
+
+//DEFINE_STACK_OF(ASN1_VALUE)
+
+//* Functions used internally by the ASN1 code */
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+procedure UnLoad;
+{$ENDREGION}
+
+var
+  ASN1_item_ex_new: function(pval: PPASN1_VALUE; const it: PASN1_ITEM): TIdC_INT cdecl = nil;
+  ASN1_item_ex_free: procedure(pval: PPASN1_VALUE; const it: PASN1_ITEM) cdecl = nil;
+
+  ASN1_item_ex_d2i: function(pval: PPASN1_VALUE; const AIn: PPByte; len: TIdC_LONG; const it: PASN1_ITEM; tag: TIdC_INT; aclass: TIdC_INT; opt: AnsiChar; ctx: PASN1_TLC): TIdC_INT cdecl = nil;
+
+  ASN1_item_ex_i2d: function(pval: PPASN1_VALUE; AOut: PPByte; const it: PASN1_ITEM; tag: TIdC_INT; aclass: TIdC_INT): TIdC_INT cdecl = nil;
+
+implementation
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+
+  function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
+  begin
+    Result := LoadLibFunction(ADllHandle, AMethodName);
+    if not Assigned(Result) then
+      AFailed.Add(AMethodName);
+  end;
+
+begin
+  ASN1_item_ex_new := LoadFunction('ASN1_item_ex_new', AFailed);
+  ASN1_item_ex_free := LoadFunction('ASN1_item_ex_free', AFailed);
+  ASN1_item_ex_d2i := LoadFunction('ASN1_item_ex_d2i', AFailed);
+  ASN1_item_ex_i2d := LoadFunction('ASN1_item_ex_i2d', AFailed);
+end;
+
+procedure UnLoad;
+begin
+  ASN1_item_ex_new := nil;
+  ASN1_item_ex_free := nil;
+  ASN1_item_ex_d2i := nil;
+  ASN1_item_ex_i2d := nil;
+end;
+{$ENDREGION}
+
+end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_async.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_async.pas
new file mode 100644
index 000000000..1b4231995
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_async.pas
@@ -0,0 +1,150 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 15:01:04
+
+unit IdOpenSSLHeaders_async;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// async.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  Classes,
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+const
+  ASYNC_ERR = 0;
+  ASYNC_NO_JOBS = 0;
+  ASYNC_PAUSE = 2;
+  ASYNC_FINISH = 3;
+
+type
+  async_job_st = type Pointer;
+  ASYNC_JOB = async_job_st;
+  PASYNC_JOB = ^ASYNC_JOB;
+  PPASYNC_JOB = ^PASYNC_JOB;
+  
+  async_wait_ctx_st = type Pointer;
+  ASYNC_WAIT_CTX = async_wait_ctx_st;
+  PASYNC_WAIT_CTX = ^ASYNC_WAIT_CTX;
+  
+  OSSL_ASYNC_FD = type TIdC_INT;
+  POSSL_ASYNC_FD = ^OSSL_ASYNC_FD;
+
+  ASYNC_WAIT_CTX_set_wait_fd_cleanup = procedure(v1: PASYNC_WAIT_CTX;
+    const v2: Pointer; v3: OSSL_ASYNC_FD; v4: Pointer);
+  ASYNC_start_job_cb = function(v1: Pointer): TIdC_INT;
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+procedure UnLoad;
+{$ENDREGION}
+
+var
+  ASYNC_init_thread: function(max_size: TIdC_SIZET; init_size: TIdC_SIZET): TIdC_INT cdecl = nil;
+  ASYNC_cleanup_thread: procedure cdecl = nil;
+
+  ASYNC_WAIT_CTX_new: function: PASYNC_WAIT_CTX cdecl = nil;
+  ASYNC_WAIT_CTX_free: procedure(ctx: PASYNC_WAIT_CTX) cdecl = nil;
+  ASYNC_WAIT_CTX_set_wait_fd: function(ctx: PASYNC_WAIT_CTX; const key: Pointer; fd: OSSL_ASYNC_FD; custom_data: Pointer; cleanup_cb: ASYNC_WAIT_CTX_set_wait_fd_cleanup): TIdC_INT cdecl = nil;
+  ASYNC_WAIT_CTX_get_fd: function(ctx: PASYNC_WAIT_CTX; const key: Pointer; fd: POSSL_ASYNC_FD; custom_data: PPointer): TIdC_INT cdecl = nil;
+  ASYNC_WAIT_CTX_get_all_fds: function(ctx: PASYNC_WAIT_CTX; fd: POSSL_ASYNC_FD; numfds: PIdC_SIZET): TIdC_INT cdecl = nil;
+  ASYNC_WAIT_CTX_get_changed_fds: function(ctx: PASYNC_WAIT_CTX; addfd: POSSL_ASYNC_FD; numaddfds: PIdC_SIZET; delfd: POSSL_ASYNC_FD; numdelfds: PIdC_SIZET): TIdC_INT cdecl = nil;
+  ASYNC_WAIT_CTX_clear_fd: function(ctx: PASYNC_WAIT_CTX; const key: Pointer): TIdC_INT cdecl = nil;
+
+  ASYNC_is_capable: function: TIdC_INT cdecl = nil;
+
+  ASYNC_start_job: function(job: PPASYNC_JOB; ctx: PASYNC_WAIT_CTX; ret: PIdC_INT; func: ASYNC_start_job_cb; args: Pointer; size: TIdC_SIZET): TIdC_INT cdecl = nil;
+  ASYNC_pause_job: function: TIdC_INT cdecl = nil;
+
+  ASYNC_get_current_job: function: PASYNC_JOB cdecl = nil;
+  ASYNC_get_wait_ctx: function(job: PASYNC_JOB): PASYNC_WAIT_CTX cdecl = nil;
+  ASYNC_block_pause: procedure cdecl = nil;
+  ASYNC_unblock_pause: procedure cdecl = nil;
+
+implementation
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+
+  function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
+  begin
+    Result := LoadLibFunction(ADllHandle, AMethodName);
+    if not Assigned(Result) then
+      AFailed.Add(AMethodName);
+  end;
+
+begin
+  ASYNC_init_thread := LoadFunction('ASYNC_init_thread', AFailed);
+  ASYNC_cleanup_thread := LoadFunction('ASYNC_cleanup_thread', AFailed);
+  ASYNC_WAIT_CTX_new := LoadFunction('ASYNC_WAIT_CTX_new', AFailed);
+  ASYNC_WAIT_CTX_free := LoadFunction('ASYNC_WAIT_CTX_free', AFailed);
+  ASYNC_WAIT_CTX_set_wait_fd := LoadFunction('ASYNC_WAIT_CTX_set_wait_fd', AFailed);
+  ASYNC_WAIT_CTX_get_fd := LoadFunction('ASYNC_WAIT_CTX_get_fd', AFailed);
+  ASYNC_WAIT_CTX_get_all_fds := LoadFunction('ASYNC_WAIT_CTX_get_all_fds', AFailed);
+  ASYNC_WAIT_CTX_get_changed_fds := LoadFunction('ASYNC_WAIT_CTX_get_changed_fds', AFailed);
+  ASYNC_WAIT_CTX_clear_fd := LoadFunction('ASYNC_WAIT_CTX_clear_fd', AFailed);
+  ASYNC_is_capable := LoadFunction('ASYNC_is_capable', AFailed);
+  ASYNC_start_job := LoadFunction('ASYNC_start_job', AFailed);
+  ASYNC_pause_job := LoadFunction('ASYNC_pause_job', AFailed);
+  ASYNC_get_current_job := LoadFunction('ASYNC_get_current_job', AFailed);
+  ASYNC_get_wait_ctx := LoadFunction('ASYNC_get_wait_ctx', AFailed);
+  ASYNC_block_pause := LoadFunction('ASYNC_block_pause', AFailed);
+  ASYNC_unblock_pause := LoadFunction('ASYNC_unblock_pause', AFailed);
+end;
+
+procedure UnLoad;
+begin
+  ASYNC_init_thread := nil;
+  ASYNC_cleanup_thread := nil;
+  ASYNC_WAIT_CTX_new := nil;
+  ASYNC_WAIT_CTX_free := nil;
+  ASYNC_WAIT_CTX_set_wait_fd := nil;
+  ASYNC_WAIT_CTX_get_fd := nil;
+  ASYNC_WAIT_CTX_get_all_fds := nil;
+  ASYNC_WAIT_CTX_get_changed_fds := nil;
+  ASYNC_WAIT_CTX_clear_fd := nil;
+  ASYNC_is_capable := nil;
+  ASYNC_start_job := nil;
+  ASYNC_pause_job := nil;
+  ASYNC_get_current_job := nil;
+  ASYNC_get_wait_ctx := nil;
+  ASYNC_block_pause := nil;
+  ASYNC_unblock_pause := nil;
+end;
+{$ENDREGION}
+
+end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_asyncerr.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_asyncerr.pas
new file mode 100644
index 000000000..0f8646437
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_asyncerr.pas
@@ -0,0 +1,98 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 15:01:04
+
+unit IdOpenSSLHeaders_asyncerr;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// asyncerr.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  Classes,
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+const
+  //
+  // ASYNC function codes.
+  //
+  ASYNC_F_ASYNC_CTX_NEW                            = 100;
+  ASYNC_F_ASYNC_INIT_THREAD                        = 101;
+  ASYNC_F_ASYNC_JOB_NEW                            = 102;
+  ASYNC_F_ASYNC_PAUSE_JOB                          = 103;
+  ASYNC_F_ASYNC_START_FUNC                         = 104;
+  ASYNC_F_ASYNC_START_JOB                          = 105;
+  ASYNC_F_ASYNC_WAIT_CTX_SET_WAIT_FD               = 106;
+
+  //
+  // ASYNC reason codes.
+  //
+  ASYNC_R_FAILED_TO_SET_POOL                       = 101;
+  ASYNC_R_FAILED_TO_SWAP_CONTEXT                   = 102;
+  ASYNC_R_INIT_FAILED                              = 105;
+  ASYNC_R_INVALID_POOL_SIZE                        = 103;
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+procedure UnLoad;
+{$ENDREGION}
+
+var
+  ERR_load_ASYNC_strings: function: TIdC_INT cdecl = nil;
+
+implementation
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+
+  function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
+  begin
+    Result := LoadLibFunction(ADllHandle, AMethodName);
+    if not Assigned(Result) then
+      AFailed.Add(AMethodName);
+  end;
+
+begin
+  ERR_load_ASYNC_strings := LoadFunction('ERR_load_ASYNC_strings', AFailed);
+end;
+
+procedure UnLoad;
+begin
+  ERR_load_ASYNC_strings := nil;
+end;
+{$ENDREGION}
+
+end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_bio.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_bio.pas
new file mode 100644
index 000000000..33254577b
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_bio.pas
@@ -0,0 +1,1107 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 15:01:04
+
+unit IdOpenSSLHeaders_bio;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// bio.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  Classes,
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts,
+  IdOpenSSlHeaders_ossl_typ;
+
+{$MINENUMSIZE 4}
+
+const
+  (* There are the classes of BIOs *)
+  {$REGION 'BIO_TYPE_*'}
+  BIO_TYPE_DESCRIPTOR = $0100;
+  BIO_TYPE_FILTER = $0200;
+  BIO_TYPE_SOURCE_SINK = $0400;
+  {$ENDREGION}
+
+  (* These are the 'types' of BIOs *)
+  {$REGION 'BIO_TYPE_*'}
+  BIO_TYPE_NONE = 0;
+  BIO_TYPE_MEM =  1 or BIO_TYPE_SOURCE_SINK;
+  BIO_TYPE_FILE =  2 or BIO_TYPE_SOURCE_SINK;
+
+  BIO_TYPE_FD          =  4 or BIO_TYPE_SOURCE_SINK or BIO_TYPE_DESCRIPTOR;
+  BIO_TYPE_SOCKET      =  5 or BIO_TYPE_SOURCE_SINK or BIO_TYPE_DESCRIPTOR;
+  BIO_TYPE_NULL        =  6 or BIO_TYPE_SOURCE_SINK;
+  BIO_TYPE_SSL         =  7 or BIO_TYPE_FILTER;
+  BIO_TYPE_MD          =  8 or BIO_TYPE_FILTER;
+  BIO_TYPE_BUFFER      =  9 or BIO_TYPE_FILTER;
+  BIO_TYPE_CIPHER      = 10 or BIO_TYPE_FILTER;
+  BIO_TYPE_BASE64      = 11 or BIO_TYPE_FILTER;
+  BIO_TYPE_CONNECT     = 12 or BIO_TYPE_SOURCE_SINK or BIO_TYPE_DESCRIPTOR;
+  BIO_TYPE_ACCEPT      = 13 or BIO_TYPE_SOURCE_SINK or BIO_TYPE_DESCRIPTOR;
+
+  BIO_TYPE_NBIO_TEST   = 16 or BIO_TYPE_FILTER;
+  BIO_TYPE_NULL_FILTER = 17 or BIO_TYPE_FILTER;
+  BIO_TYPE_BIO         = 19 or BIO_TYPE_SOURCE_SINK;
+  BIO_TYPE_LINEBUFFER  = 20 or BIO_TYPE_FILTER;
+  BIO_TYPE_DGRAM       = 21 or BIO_TYPE_SOURCE_SINK or BIO_TYPE_DESCRIPTOR;
+  BIO_TYPE_ASN1        = 22 or BIO_TYPE_FILTER;
+  BIO_TYPE_COMP        = 23 or BIO_TYPE_FILTER;
+  BIO_TYPE_DGRAM_SCTP  = 24 or BIO_TYPE_SOURCE_SINK or BIO_TYPE_DESCRIPTOR;
+  {$ENDREGION}
+
+  BIO_TYPE_START = 128;
+
+  (*
+   * BIO_FILENAME_READ|BIO_CLOSE to open or close on free.
+   * BIO_set_fp(in,stdin,BIO_NOCLOSE);
+   *)
+  {$REGION}
+  BIO_NOCLOSE = $00;
+  BIO_CLOSE   = $01;
+  {$ENDREGION}
+
+  (*
+   * These are used in the following macros and are passed to BIO_ctrl()
+   *)
+  {$REGION 'BIO_CTRL_*'}
+  BIO_CTRL_RESET        = 1;(* opt - rewind/zero etc *)
+  BIO_CTRL_EOF          = 2;(* opt - are we at the eof *)
+  BIO_CTRL_INFO         = 3;(* opt - extra tit-bits *)
+  BIO_CTRL_SET          = 4;(* man - set the 'IO' type *)
+  BIO_CTRL_GET          = 5;(* man - get the 'IO' type *)
+  BIO_CTRL_PUSH         = 6;(* opt - internal, used to signify change *)
+  BIO_CTRL_POP          = 7;(* opt - internal, used to signify change *)
+  BIO_CTRL_GET_CLOSE    = 8;(* man - set the 'close' on free *)
+  BIO_CTRL_SET_CLOSE    = 9;(* man - set the 'close' on free *)
+  // Added "_const" to prevent naming clashes
+  BIO_CTRL_PENDING_const      = 10;(* opt - is their more data buffered *)
+  BIO_CTRL_FLUSH        = 11;(* opt - 'flush' buffered output *)
+  BIO_CTRL_DUP          = 12;(* man - extra stuff for 'duped' BIO *)
+  // Added "_const" to prevent naming clashes
+  BIO_CTRL_WPENDING_const     = 13;(* opt - number of bytes still to write *)
+  BIO_CTRL_SET_CALLBACK = 14;(* opt - set callback function *)
+  BIO_CTRL_GET_CALLBACK = 15;(* opt - set callback function *)
+
+  BIO_CTRL_PEEK         = 29;(* BIO_f_buffer special *)
+  BIO_CTRL_SET_FILENAME = 30;(* BIO_s_file special *)
+
+  (* dgram BIO stuff *)
+  BIO_CTRL_DGRAM_CONNECT       = 31;(* BIO dgram special *)
+  BIO_CTRL_DGRAM_SET_CONNECTED = 32;(* allow for an externally connected
+                                           * socket to be passed in *)
+  BIO_CTRL_DGRAM_SET_RECV_TIMEOUT = 33;(* setsockopt, essentially *)
+  BIO_CTRL_DGRAM_GET_RECV_TIMEOUT = 34;(* getsockopt, essentially *)
+  BIO_CTRL_DGRAM_SET_SEND_TIMEOUT = 35;(* setsockopt, essentially *)
+  BIO_CTRL_DGRAM_GET_SEND_TIMEOUT = 36;(* getsockopt, essentially *)
+
+  BIO_CTRL_DGRAM_GET_RECV_TIMER_EXP = 37;(* flag whether the last *)
+  BIO_CTRL_DGRAM_GET_SEND_TIMER_EXP = 38;(* I/O operation tiemd out *)
+
+  BIO_CTRL_DGRAM_MTU_DISCOVER     = 39;(* set DF bit on egress packets *)
+
+  BIO_CTRL_DGRAM_QUERY_MTU        = 40;(* as kernel for current MTU *)
+  BIO_CTRL_DGRAM_GET_FALLBACK_MTU = 47;
+  BIO_CTRL_DGRAM_GET_MTU          = 41;(* get cached value for MTU *)
+  BIO_CTRL_DGRAM_SET_MTU          = 42;(* set cached value for MTU.
+                                                * want to use this if asking
+                                                * the kernel fails *)
+
+  BIO_CTRL_DGRAM_MTU_EXCEEDED     = 43;(* check whether the MTU was
+                                                * exceed in the previous write
+                                                * operation *)
+
+  BIO_CTRL_DGRAM_GET_PEER         = 46;
+  BIO_CTRL_DGRAM_SET_PEER         = 44;(* Destination for the data *)
+
+  BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT = 45;(* Next DTLS handshake timeout
+                                                * to adjust socket timeouts *)
+  BIO_CTRL_DGRAM_SET_DONT_FRAG    = 48;
+
+  BIO_CTRL_DGRAM_GET_MTU_OVERHEAD = 49;
+
+  (* Deliberately outside of OPENSSL_NO_SCTP - used in bss_dgram.c *)
+  BIO_CTRL_DGRAM_SCTP_SET_IN_HANDSHAKE  = 50;
+  (* SCTP stuff *)
+  BIO_CTRL_DGRAM_SCTP_ADD_AUTH_KEY      = 51;
+  BIO_CTRL_DGRAM_SCTP_NEXT_AUTH_KEY     = 52;
+  BIO_CTRL_DGRAM_SCTP_AUTH_CCS_RCVD     = 53;
+  BIO_CTRL_DGRAM_SCTP_GET_SNDINFO       = 60;
+  BIO_CTRL_DGRAM_SCTP_SET_SNDINFO       = 61;
+  BIO_CTRL_DGRAM_SCTP_GET_RCVINFO       = 62;
+  BIO_CTRL_DGRAM_SCTP_SET_RCVINFO       = 63;
+  BIO_CTRL_DGRAM_SCTP_GET_PRINFO        = 64;
+  BIO_CTRL_DGRAM_SCTP_SET_PRINFO        = 65;
+  BIO_CTRL_DGRAM_SCTP_SAVE_SHUTDOWN     = 70;
+
+  BIO_CTRL_DGRAM_SET_PEEK_MODE          = 71;
+  {$ENDREGION}
+
+  (* modifiers *)
+  BIO_FP_READ            = $02;
+  BIO_FP_WRITE           = $04;
+  BIO_FP_APPEND          = $08;
+  BIO_FP_TEXT            = $10;
+
+  {$REGION 'BIO_FLAGS_*}
+  BIO_FLAGS_READ         = $01;
+  BIO_FLAGS_WRITE        = $02;
+  BIO_FLAGS_IO_SPECIAL   = $04;
+  BIO_FLAGS_RWS          = BIO_FLAGS_READ or BIO_FLAGS_WRITE or BIO_FLAGS_IO_SPECIAL;
+  BIO_FLAGS_SHOULD_RETRY = $08;
+
+  BIO_FLAGS_BASE64_NO_NL = $100;
+
+  (*
+   * This is used with memory BIOs:
+   * BIO_FLAGS_MEM_RDONLY means we shouldn't free up or change the data in any way;
+   * BIO_FLAGS_NONCLEAR_RST means we shouldn't clear data on reset.
+   *)
+  BIO_FLAGS_MEM_RDONLY   = $200;
+  BIO_FLAGS_NONCLEAR_RST = $400;
+  {$ENDREGION}
+
+  {$REGION 'BIO_RR_*'}
+  BIO_RR_SSL_X509_LOOKUP = $01;
+  (* Returned from the connect BIO when a connect would have blocked *)
+  BIO_RR_CONNECT         = $02;
+  (* Returned from the accept BIO when an accept would have blocked *)
+  BIO_RR_ACCEPT          = $03;
+  {$ENDREGION}
+
+  (* These are passed by the BIO callback *)
+  {$REGION 'BIO_CB_*'}
+  BIO_CB_FREE  = $01;
+  BIO_CB_READ  = $02;
+  BIO_CB_WRITE = $03;
+  BIO_CB_PUTS  = $04;
+  BIO_CB_GETS  = $05;
+  BIO_CB_CTRL  = $06;
+///*
+// * The callback is called before and after the underling operation, The
+// * BIO_CB_RETURN flag indicates if it is after the call
+// */
+//# define BIO_CB_RETURN   0x80
+//# define BIO_CB_return(a) ((a)|BIO_CB_RETURN)
+//# define BIO_cb_pre(a)   (!((a)&BIO_CB_RETURN))
+//# define BIO_cb_post(a)  ((a)&BIO_CB_RETURN)
+  {$ENDREGION}
+
+  {$REGION 'BIO_C_*'}
+  BIO_C_SET_CONNECT                 = 100;
+  BIO_C_DO_STATE_MACHINE            = 101;
+  BIO_C_SET_NBIO                    = 102;
+  (* BIO_C_SET_PROXY_PARAM            = 103 *)
+  BIO_C_SET_FD                      = 104;
+  BIO_C_GET_FD                      = 105;
+  BIO_C_SET_FILE_PTR                = 106;
+  BIO_C_GET_FILE_PTR                = 107;
+  BIO_C_SET_FILENAME                = 108;
+  BIO_C_SET_SSL                     = 109;
+  BIO_C_GET_SSL                     = 110;
+  BIO_C_SET_MD                      = 111;
+  BIO_C_GET_MD                      = 112;
+  BIO_C_GET_CIPHER_STATUS           = 113;
+  BIO_C_SET_BUF_MEM                 = 114;
+  BIO_C_GET_BUF_MEM_PTR             = 115;
+  BIO_C_GET_BUFF_NUM_LINES          = 116;
+  BIO_C_SET_BUFF_SIZE               = 117;
+  BIO_C_SET_ACCEPT                  = 118;
+  BIO_C_SSL_MODE                    = 119;
+  BIO_C_GET_MD_CTX                  = 120;
+  (* BIO_C_GET_PROXY_PARAM             = 121 *)
+  BIO_C_SET_BUFF_READ_DATA          = 122;(* data to read first *)
+  BIO_C_GET_CONNECT                 = 123;
+  BIO_C_GET_ACCEPT                  = 124;
+  BIO_C_SET_SSL_RENEGOTIATE_BYTES   = 125;
+  BIO_C_GET_SSL_NUM_RENEGOTIATES    = 126;
+  BIO_C_SET_SSL_RENEGOTIATE_TIMEOUT = 127;
+  BIO_C_FILE_SEEK                   = 128;
+  BIO_C_GET_CIPHER_CTX              = 129;
+  BIO_C_SET_BUF_MEM_EOF_RETURN      = 130;(* return end of input
+                                                       * value *)
+  BIO_C_SET_BIND_MODE               = 131;
+  BIO_C_GET_BIND_MODE               = 132;
+  BIO_C_FILE_TELL                   = 133;
+  BIO_C_GET_SOCKS                   = 134;
+  BIO_C_SET_SOCKS                   = 135;
+
+  BIO_C_SET_WRITE_BUF_SIZE          = 136;(* for BIO_s_bio *)
+  BIO_C_GET_WRITE_BUF_SIZE          = 137;
+  BIO_C_MAKE_BIO_PAIR               = 138;
+  BIO_C_DESTROY_BIO_PAIR            = 139;
+  BIO_C_GET_WRITE_GUARANTEE         = 140;
+  BIO_C_GET_READ_REQUEST            = 141;
+  BIO_C_SHUTDOWN_WR                 = 142;
+  BIO_C_NREAD0                      = 143;
+  BIO_C_NREAD                       = 144;
+  BIO_C_NWRITE0                     = 145;
+  BIO_C_NWRITE                      = 146;
+  BIO_C_RESET_READ_REQUEST          = 147;
+  BIO_C_SET_MD_CTX                  = 148;
+
+  BIO_C_SET_PREFIX                  = 149;
+  BIO_C_GET_PREFIX                  = 150;
+  BIO_C_SET_SUFFIX                  = 151;
+  BIO_C_GET_SUFFIX                  = 152;
+
+  BIO_C_SET_EX_ARG                  = 153;
+  BIO_C_GET_EX_ARG                  = 154;
+
+  BIO_C_SET_CONNECT_MODE            = 155;
+  {$ENDREGION}
+
+  {$REGION 'BIO_SOCK_*'}
+  BIO_SOCK_REUSEADDR = $01;
+  BIO_SOCK_V6_ONLY   = $02;
+  BIO_SOCK_KEEPALIVE = $04;
+  BIO_SOCK_NONBLOCK  = $08;
+  BIO_SOCK_NODELAY   = $10;
+  {$ENDREGION}
+
+type
+  BIO_ADDR = Pointer; // bio_addr_st
+  PBIO_ADDR = ^BIO_ADDR;
+  BIO_ADDRINFO = Pointer; // bio_addrinfo_st
+  PBIO_ADDRINFO = ^BIO_ADDRINFO;
+  PPBIO_ADDRINFO = ^PBIO_ADDRINFO;
+  BIO_callback_fn = function(b: PBIO; oper: TIdC_INT; const argp: PIdAnsiChar; 
+    argi: TIdC_INT; argl: TIdC_LONG; ret: TIdC_LONG): TIdC_LONG;
+  BIO_callback_fn_ex = function(b: PBIO; oper: TIdC_INT; const argp: PIdAnsiChar; len: TIdC_SIZET; argi: TIdC_INT; argl: TIdC_LONG; ret: TIdC_INT; processed: PIdC_SIZET): TIdC_LONG;
+  BIO_METHOD = Pointer; // bio_method_st
+  PBIO_METHOD = ^BIO_METHOD;
+  BIO_info_cb = function(v1: PBIO; v2: TIdC_INT; v3: TIdC_INT): TIdC_INT;
+  PBIO_info_cb = ^BIO_info_cb;
+  asn1_ps_func = function(b: PBIO; pbuf: PPIdAnsiChar; plen: PIdC_INT; parg: Pointer): TIdC_INT;
+
+  bio_dgram_sctp_sndinfo = record
+    snd_sid: TIdC_UINT16;
+    snd_flags: TIdC_UINT16;
+    snd_ppid: TIdC_UINT32;
+    snd_context: TIdC_UINT32;
+  end;
+
+  bio_dgram_sctp_rcvinfo = record
+    rcv_sid: TIdC_UINT16;
+    rcv_ssn: TIdC_UINT16;
+    rcv_flags: TIdC_UINT16;
+    rcv_ppid: TIdC_UINT32;
+    rcv_tsn: TIdC_UINT32;
+    rcv_cumtsn: TIdC_UINT32;
+    rcv_context: TIdC_UINT32;
+  end;
+
+  bio_dgram_sctp_prinfo = record
+    pr_policy: TIdC_UINT16;
+    pr_value: TIdC_UINT32;
+  end;
+
+  BIO_hostserv_priorities = (BIO_PARSE_PRIO_HOST, BIO_PARSE_PRIO_SERV);
+
+  BIO_lookup_type = (BIO_LOOKUP_CLIENT, BIO_LOOKUP_SERVER);
+
+  BIO_sock_info_u = record
+    addr: PBIO_ADDR;
+  end;
+  PBIO_sock_info_u = ^BIO_sock_info_u;
+
+  BIO_sock_info_type = (BIO_SOCK_INFO_ADDRESS);
+
+function BIO_get_flags(const b: PBIO): TIdC_INT;
+procedure BIO_set_retry_special(b: PBIO);
+procedure BIO_set_retry_read(b: PBIO);
+procedure BIO_set_retry_write(b: PBIO);
+
+(* These are normally used internally in BIOs *)
+procedure BIO_clear_retry_flags(b: PBIO);
+function BIO_get_retry_flags(b: PBIO): TIdC_INT;
+
+(* These should be used by the application to tell why we should retry *)
+function BIO_should_read(b: PBIO): TIdC_INT;
+function BIO_should_write(b: PBIO): TIdC_INT;
+function BIO_should_io_special(b: PBIO): TIdC_INT;
+function BIO_retry_type(b: PBIO): TIdC_INT;
+function BIO_should_retry(b: PBIO): TIdC_INT;
+
+(* BIO_s_accept() and BIO_s_connect() *)
+function BIO_do_connect(b: PBIO): TIdC_LONG;
+function BIO_do_accept(b: PBIO): TIdC_LONG;
+function BIO_do_handshake(b: PBIO): TIdC_LONG;
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+procedure UnLoad;
+{$ENDREGION}
+
+var
+  BIO_get_new_index: function: TIdC_INT cdecl = nil;
+  BIO_set_flags: procedure(b: PBIO; flags: TIdC_INT) cdecl = nil;
+  BIO_test_flags: function(const b: PBIO; flags: TIdC_INT): TIdC_INT cdecl = nil;
+  BIO_clear_flags: procedure(b: PBIO; flags: TIdC_INT) cdecl = nil;
+
+  BIO_get_callback: function(b: PBIO): BIO_callback_fn cdecl = nil;
+  BIO_set_callback: procedure(b: PBIO; callback: BIO_callback_fn) cdecl = nil;
+
+  BIO_get_callback_ex: function(b: PBIO): BIO_callback_fn_ex cdecl = nil;
+  BIO_set_callback_ex: procedure(b: PBIO; callback: BIO_callback_fn_ex) cdecl = nil;
+
+  BIO_get_callback_arg: function(const b: PBIO): PIdAnsiChar cdecl = nil;
+  BIO_set_callback_arg: procedure(var b: PBIO; arg: PIdAnsiChar) cdecl = nil;
+
+  BIO_method_name: function(const b: PBIO): PIdAnsiChar cdecl = nil;
+  BIO_method_type: function(const b: PBIO): TIdC_INT cdecl = nil;
+
+//  {$HPPEMIT '# define BIO_set_app_data(s,arg)         BIO_set_ex_data(s,0,arg)'}
+//  {$HPPEMIT '# define BIO_get_app_data(s)             BIO_get_ex_data(s,0)'}
+//
+//  {$HPPEMIT '# define BIO_set_nbio(b,n)             BIO_ctrl(b,BIO_C_SET_NBIO,(n),NULL)'}
+//
+//  {$HPPEMIT '# ifndef OPENSSL_NO_SOCK'}
+//  (* IP families we support, for BIO_s_connect() and BIO_s_accept() *)
+//  (* Note: the underlying operating system may not support some of them *)
+//  {$HPPEMIT '#  define BIO_FAMILY_IPV4                         4'}
+//  {$HPPEMIT '#  define BIO_FAMILY_IPV6                         6'}
+//  {$HPPEMIT '#  define BIO_FAMILY_IPANY                        256'}
+//
+//  (* BIO_s_connect() *)
+//  {$HPPEMIT '#  define BIO_set_conn_hostname(b,name) BIO_ctrl(b,BIO_C_SET_CONNECT,0,'}
+//                                                   (char (name))
+//  {$HPPEMIT '#  define BIO_set_conn_port(b,port)     BIO_ctrl(b,BIO_C_SET_CONNECT,1,'}
+//                                                   (char (port))
+//  {$HPPEMIT '#  define BIO_set_conn_address(b,addr)  BIO_ctrl(b,BIO_C_SET_CONNECT,2,'}
+//                                                   (char (addr))
+//  {$HPPEMIT '#  define BIO_set_conn_ip_family(b,f)   BIO_int_ctrl(b,BIO_C_SET_CONNECT,3,f)'}
+//  {$HPPEMIT '#  define BIO_get_conn_hostname(b)      (( char )BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,0))'}
+//  {$HPPEMIT '#  define BIO_get_conn_port(b)          (( char )BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,1))'}
+//  {$HPPEMIT '#  define BIO_get_conn_address(b)       (( PBIO_ADDR )BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,2))'}
+//  {$HPPEMIT '#  define BIO_get_conn_ip_family(b)     BIO_ctrl(b,BIO_C_GET_CONNECT,3,NULL)'}
+//  {$HPPEMIT '#  define BIO_set_conn_mode(b,n)        BIO_ctrl(b,BIO_C_SET_CONNECT_MODE,(n),NULL)'}
+//
+//  (* BIO_s_accept() *)
+//  {$HPPEMIT '#  define BIO_set_accept_name(b,name)   BIO_ctrl(b,BIO_C_SET_ACCEPT,0,'}
+//  {$EXTERNALSYM PBIO}
+//                                                   (char (name))
+//  {$HPPEMIT '#  define BIO_set_accept_port(b,port)   BIO_ctrl(b,BIO_C_SET_ACCEPT,1,'}
+//                                                   (char (port))
+//  {$HPPEMIT '#  define BIO_get_accept_name(b)        (( char )BIO_ptr_ctrl(b,BIO_C_GET_ACCEPT,0))'}
+//  {$HPPEMIT '#  define BIO_get_accept_port(b)        (( char )BIO_ptr_ctrl(b,BIO_C_GET_ACCEPT,1))'}
+//  {$HPPEMIT '#  define BIO_get_peer_name(b)          (( char )BIO_ptr_ctrl(b,BIO_C_GET_ACCEPT,2))'}
+//  {$HPPEMIT '#  define BIO_get_peer_port(b)          (( char )BIO_ptr_ctrl(b,BIO_C_GET_ACCEPT,3))'}
+//  (* #define BIO_set_nbio(b,n)    BIO_ctrl(b,BIO_C_SET_NBIO,(n),NULL) *)
+//  {$HPPEMIT '#  define BIO_set_nbio_accept(b,n)      #  define BIO_set_nbio_accept(b,n)      BIO_ctrl(b,BIO_C_SET_ACCEPT,2,(n)?(procedure )'a':NULL)  BIO_ctrl(b,BIO_C_SET_ACCEPT,3,'}
+//                                                   (char (bio))
+//  {$HPPEMIT '#  define BIO_set_accept_ip_family(b,f) BIO_int_ctrl(b,BIO_C_SET_ACCEPT,4,f)'}
+//  {$HPPEMIT '#  define BIO_get_accept_ip_family(b)   BIO_ctrl(b,BIO_C_GET_ACCEPT,4,NULL)'}
+//
+//  (* Aliases kept for backward compatibility *)
+//  {$HPPEMIT '#  define BIO_BIND_NORMAL                 0'}
+//  {$HPPEMIT '#  define BIO_BIND_REUSEADDR              BIO_SOCK_REUSEADDR'}
+//  {$HPPEMIT '#  define BIO_BIND_REUSEADDR_IF_UNUSED    BIO_SOCK_REUSEADDR'}
+//  {$HPPEMIT '#  define BIO_set_bind_mode(b,mode) BIO_ctrl(b,BIO_C_SET_BIND_MODE,mode,NULL)'}
+//  {$HPPEMIT '#  define BIO_get_bind_mode(b)    BIO_ctrl(b,BIO_C_GET_BIND_MODE,0,NULL)'}
+//
+//  (* BIO_s_accept() and BIO_s_connect() *)
+//  {$HPPEMIT '#  define BIO_do_connect(b)       BIO_do_handshake(b)'}
+//  {$HPPEMIT '#  define BIO_do_accept(b)        BIO_do_handshake(b)'}
+//  {$HPPEMIT '# endif'}	(* OPENSSL_NO_SOCK *)
+//
+//  {$HPPEMIT '# define BIO_do_handshake(b)     BIO_ctrl(b,BIO_C_DO_STATE_MACHINE,0,NULL)'}
+//
+//  (* BIO_s_datagram(), BIO_s_fd(), BIO_s_socket(), BIO_s_accept() and BIO_s_connect() *)
+//  {$HPPEMIT '# define BIO_set_fd(b,fd,c)      BIO_int_ctrl(b,BIO_C_SET_FD,c,fd)'}
+//  {$HPPEMIT '# define BIO_get_fd(b,c)         BIO_ctrl(b,BIO_C_GET_FD,0,(char (c))'}
+//
+//  (* BIO_s_file() *)
+//  {$HPPEMIT '# define BIO_set_fp(b,fp,c)      BIO_ctrl(b,BIO_C_SET_FILE_PTR,c,(char (fp))'}
+//  {$HPPEMIT '# define BIO_get_fp(b,fpp)       BIO_ctrl(b,BIO_C_GET_FILE_PTR,0,(char (fpp))'}
+//
+//  (* BIO_s_fd() and BIO_s_file() *)
+//  {$HPPEMIT '# define BIO_seek(b,ofs(int)BIO_ctrl(b,BIO_C_FILE_SEEK,ofs,NULL)'}
+//  {$HPPEMIT '# define BIO_tell(b)     (int)BIO_ctrl(b,BIO_C_FILE_TELL,0,NULL)'}
+//
+//  (*
+//   * name is cast to lose , but might be better to route through a
+//   * cFunction so we can do it safely
+//   *)
+//  {$HPPEMIT '# ifdef CONST_STRICT'}
+//  (*
+//   * If you are wondering why this isn't defined, its because CONST_STRICT is
+//   * purely a compile-time kludge to allow  to be checked.
+//   *)
+////  function BIO_read_filename(b: PBIO; const name: PIdAnsiChar): TIdC_INT;
+//  {$HPPEMIT '# define BIO_write_filename(b,name(int)BIO_ctrl(b,BIO_C_SET_FILENAME,'}
+//                  BIO_CLOSE or BIO_FP_WRITE,name)
+//  {$HPPEMIT '# define BIO_append_filename(b,name(int)BIO_ctrl(b,BIO_C_SET_FILENAME,'}
+//                  BIO_CLOSE or BIO_FP_APPEND,name)
+//  {$HPPEMIT '# define BIO_rw_filename(b,name(int)BIO_ctrl(b,BIO_C_SET_FILENAME,'}
+//                  BIO_CLOSE or BIO_FP_READ or BIO_FP_WRITE,name)
+//
+//  (*
+//   * WARNING WARNING, this ups the reference count on the read bio of the SSL
+//   * structure.  This is because the ssl read PBIO is now pointed to by the
+//   * next_bio field in the bio.  So when you free the PBIO, make sure you are
+//   * doing a BIO_free_all() to catch the underlying PBIO.
+//   *)
+//  {$HPPEMIT '# define BIO_set_ssl(b,ssl,c)    BIO_ctrl(b,BIO_C_SET_SSL,c,(char (ssl))'}
+//  {$HPPEMIT '# define BIO_get_ssl(b,sslp)     BIO_ctrl(b,BIO_C_GET_SSL,0,(char (sslp))'}
+//  {$HPPEMIT '# define BIO_set_ssl_mode(b,client)      BIO_ctrl(b,BIO_C_SSL_MODE,client,NULL)'}
+//  {$HPPEMIT '# define BIO_set_ssl_renegotiate_bytes(b,num)'}
+//          BIO_ctrl(b,BIO_C_SET_SSL_RENEGOTIATE_BYTES,num,0)
+//  {$HPPEMIT '# define BIO_get_num_renegotiates(b)'}
+//          BIO_ctrl(b,BIO_C_GET_SSL_NUM_RENEGOTIATES,0,0)
+//  {$HPPEMIT '# define BIO_set_ssl_renegotiate_timeout(b,seconds)'}
+//          BIO_ctrl(b,BIO_C_SET_SSL_RENEGOTIATE_TIMEOUT,seconds,0)
+//
+//  (* defined in evp.h *)
+//  (* #define BIO_set_md(b,md)     BIO_ctrl(b,BIO_C_SET_MD,1,(char )(md)) *)
+//
+//  {$HPPEMIT '# define BIO_get_mem_data(b,pp)  BIO_ctrl(b,BIO_CTRL_INFO,0,(char (pp))'}
+//  {$HPPEMIT '# define BIO_set_mem_buf(b,bm,c) BIO_ctrl(b,BIO_C_SET_BUF_MEM,c,(char (bm))'}
+//  {$HPPEMIT '# define BIO_get_mem_ptr(b,pp)   BIO_ctrl(b,BIO_C_GET_BUF_MEM_PTR,0,'}
+//                                            (char (pp))
+//  {$HPPEMIT '# define BIO_set_mem_eof_return(b,v)'}
+//                                  BIO_ctrl(b,BIO_C_SET_BUF_MEM_EOF_RETURN,v,0)
+//
+//  (* For the BIO_f_buffer() type *)
+//  {$HPPEMIT '# define BIO_get_buffer_num_lines(b)     BIO_ctrl(b,BIO_C_GET_BUFF_NUM_LINES,0,NULL)'}
+//  {$HPPEMIT '# define BIO_set_buffer_size(b,size)     BIO_ctrl(b,BIO_C_SET_BUFF_SIZE,size,NULL)'}
+//  {$HPPEMIT '# define BIO_set_read_buffer_size(b,size) BIO_int_ctrl(b,BIO_C_SET_BUFF_SIZE,size,0)'}
+//  {$HPPEMIT '# define BIO_set_write_buffer_size(b,size) BIO_int_ctrl(b,BIO_C_SET_BUFF_SIZE,size,1)'}
+//  {$HPPEMIT '# define BIO_set_buffer_read_data(b,buf,num) BIO_ctrl(b,BIO_C_SET_BUFF_READ_DATA,num,buf)'}
+//
+//  (* Don't use the next one unless you know what you are doing :-) */
+//  {$HPPEMIT '# define BIO_dup_state(b,ret)    BIO_ctrl(b,BIO_CTRL_DUP,0,(char (ret))'}
+//
+//  {$HPPEMIT '# define BIO_reset(b)            (int)BIO_ctrl(b,BIO_CTRL_RESET,0,NULL)'}
+//  {$HPPEMIT '# define BIO_eof(b)              (int)BIO_ctrl(b,BIO_CTRL_EOF,0,NULL)'}
+//  {$HPPEMIT '# define BIO_set_close(b,c)      (int)BIO_ctrl(b,BIO_CTRL_SET_CLOSE,(c),NULL)'}
+//  {$HPPEMIT '# define BIO_get_close(b)        (int)BIO_ctrl(b,BIO_CTRL_GET_CLOSE,0,NULL)'}
+//  {$HPPEMIT '# define BIO_pending(b)          (int)BIO_ctrl(b,BIO_CTRL_PENDING,0,NULL)'}
+//  {$HPPEMIT '# define BIO_wpending(b)         (int)BIO_ctrl(b,BIO_CTRL_WPENDING,0,NULL)'}
+  (* ...pending macros have inappropriate return type *)
+  BIO_ctrl_pending: function(b: PBIO): TIdC_SIZET cdecl = nil;
+  BIO_ctrl_wpending: function(b: PBIO): TIdC_SIZET cdecl = nil;
+//  {$HPPEMIT '# define BIO_flush(b)            (int)BIO_ctrl(b,BIO_CTRL_FLUSH,0,NULL)'}
+//  {$HPPEMIT '# define BIO_get_info_callback(b,cbp(int)BIO_ctrl(b,BIO_CTRL_GET_CALLBACK,0,'}
+//                                                     cbp)
+//  {$HPPEMIT '# define BIO_set_info_callback(b,cb(int)BIO_callback_ctrl(b,BIO_CTRL_SET_CALLBACK,cb)'}
+//
+//  (* For the BIO_f_buffer() type *)
+//  {$HPPEMIT '# define BIO_buffer_get_num_lines(b) BIO_ctrl(b,BIO_CTRL_GET,0,NULL)'}
+//  {$HPPEMIT '# define BIO_buffer_peek(b,s,l) BIO_ctrl(b,BIO_CTRL_PEEK,(l),(s))'}
+//
+//  (* For BIO_s_bio() *)
+//  {$HPPEMIT '# define BIO_set_write_buf_size(b,size(int)BIO_ctrl(b,BIO_C_SET_WRITE_BUF_SIZE,size,NULL)'}
+//  {$HPPEMIT '# define BIO_get_write_buf_size(b,size(TIdC_SIZET)BIO_ctrl(b,BIO_C_GET_WRITE_BUF_SIZE,size,NULL)'}
+//  {$HPPEMIT '# define BIO_make_bio_pair(b1,b2)   (int)BIO_ctrl(b1,BIO_C_MAKE_BIO_PAIR,0,b2)'}
+//  {$HPPEMIT '# define BIO_destroy_bio_pair(b)    (int)BIO_ctrl(b,BIO_C_DESTROY_BIO_PAIR,0,NULL)'}
+//  {$HPPEMIT '# define BIO_shutdown_wr(b(int)BIO_ctrl(b, BIO_C_SHUTDOWN_WR, 0, NULL)'}
+//  (* macros with inappropriate type -- but ...pending macros use int too: *)
+//  {$HPPEMIT '# define BIO_get_write_guarantee(b(int)BIO_ctrl(b,BIO_C_GET_WRITE_GUARANTEE,0,NULL)'}
+//  {$HPPEMIT '# define BIO_get_read_request(b)    (int)BIO_ctrl(b,BIO_C_GET_READ_REQUEST,0,NULL)'}
+  BIO_ctrl_get_write_guarantee: function(b: PBIO): TIdC_SIZET cdecl = nil;
+  BIO_ctrl_get_read_request: function(b: PBIO): TIdC_SIZET cdecl = nil;
+  BIO_ctrl_reset_read_request: function(b: PBIO): TIdC_INT cdecl = nil;
+
+  (* ctrl macros for dgram *)
+//  {$HPPEMIT '# define BIO_ctrl_dgram_connect(b,peer)'}
+//                       (TIdC_INT)BIO_ctrl(b,BIO_CTRL_DGRAM_CONNECT,0, (char (peer))
+//  {$HPPEMIT '# define BIO_ctrl_set_connected(b,peer)'}
+//           (TIdC_INT)BIO_ctrl(b, BIO_CTRL_DGRAM_SET_CONNECTED, 0, (char (peer))
+//  {$HPPEMIT '# define BIO_dgram_recv_timedout(b)'}
+//           (TIdC_INT)BIO_ctrl(b, BIO_CTRL_DGRAM_GET_RECV_TIMER_EXP, 0, 0)
+//  {$HPPEMIT '# define BIO_dgram_send_timedout(b)'}
+//           (TIdC_INT)BIO_ctrl(b, BIO_CTRL_DGRAM_GET_SEND_TIMER_EXP, 0, 0)
+//  {$HPPEMIT '# define BIO_dgram_get_peer(b,peer)'}
+//           (TIdC_INT)BIO_ctrl(b, BIO_CTRL_DGRAM_GET_PEER, 0, (char (peer))
+//  {$HPPEMIT '# define BIO_dgram_set_peer(b,peer)'}
+//           (TIdC_INT)BIO_ctrl(b, BIO_CTRL_DGRAM_SET_PEER, 0, (char (peer))
+//  {$HPPEMIT '# define BIO_dgram_get_mtu_overhead(b)'}
+//           (Cardinal)BIO_ctrl((b), BIO_CTRL_DGRAM_GET_MTU_OVERHEAD, 0, 0)
+
+//#define BIO_get_ex_new_index(l, p, newf, dupf, freef) \
+//    CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_BIO, l, p, newf, dupf, freef)
+
+  BIO_set_ex_data: function(bio: PBIO; idx: TIdC_INT; data: Pointer): TIdC_INT cdecl = nil;
+  BIO_get_ex_data: function(bio: PBIO; idx: TIdC_INT): Pointer cdecl = nil;
+  BIO_number_read: function(bio: PBIO): TIdC_UINT64 cdecl = nil;
+  BIO_number_written: function(bio: PBIO): TIdC_UINT64 cdecl = nil;
+
+  (* For BIO_f_asn1() *)
+//  function BIO_asn1_set_prefix(b: PBIO; prefix: ^asn1_ps_func; prefix_free: ^asn1_ps_func): TIdC_INT;
+//  function BIO_asn1_get_prefix(b: PBIO; pprefix: ^^asn1_ps_func; pprefix_free: ^^asn1_ps_func): TIdC_INT;
+//  function BIO_asn1_set_suffix(b: PBIO; suffix: ^asn1_ps_func; suffix_free: ^asn1_ps_func): TIdC_INT;
+//  function BIO_asn1_get_suffix(b: PBIO; psuffix: ^asn1_ps_func; psuffix_free: ^^asn1_ps_func): TIdC_INT;
+
+  BIO_s_file: function: PBIO_METHOD cdecl = nil;
+  BIO_new_file: function(const filename: PIdAnsiChar; const mode: PIdAnsiChar): PBIO cdecl = nil;
+//  function BIO_new_fp(stream: cFile; close_flag: TIdC_INT): PBIO;
+  BIO_new: function(const cType: PBIO_METHOD): PBIO cdecl = nil;
+  BIO_free: function(a: PBIO): TIdC_INT cdecl = nil;
+  BIO_set_data: procedure(a: PBIO; ptr: Pointer) cdecl = nil;
+  BIO_get_data: function(a: PBIO): Pointer cdecl = nil;
+  BIO_set_init: procedure(a: PBIO; init: TIdC_INT) cdecl = nil;
+  BIO_get_init: function(a: PBIO): TIdC_INT cdecl = nil;
+  BIO_set_shutdown: procedure(a: PBIO; shut: TIdC_INT) cdecl = nil;
+  BIO_get_shutdown: function(a: PBIO): TIdC_INT cdecl = nil;
+  BIO_vfree: procedure(a: PBIO) cdecl = nil;
+  BIO_up_ref: function(a: PBIO): TIdC_INT cdecl = nil;
+  BIO_read: function(b: PBIO; data: Pointer; dlen: TIdC_INT): TIdC_INT cdecl = nil;
+  BIO_read_ex: function(b: PBIO; data: Pointer; dlen: TIdC_SIZET; readbytes: PIdC_SIZET): TIdC_INT cdecl = nil;
+  BIO_gets: function( bp: PBIO; buf: PIdAnsiChar; size: TIdC_INT): TIdC_INT cdecl = nil;
+  BIO_write: function(b: PBIO; const data: Pointer; dlen: TIdC_INT): TIdC_INT cdecl = nil;
+  BIO_write_ex: function(b: PBIO; const data: Pointer; dlen: TIdC_SIZET; written: PIdC_SIZET): TIdC_INT cdecl = nil;
+  BIO_puts: function(bp: PBIO; const buf: PIdAnsiChar): TIdC_INT cdecl = nil;
+  BIO_indent: function(b: PBIO; indent: TIdC_INT; max: TIdC_INT): TIdC_INT cdecl = nil;
+  BIO_ctrl: function(bp: PBIO; cmd: TIdC_INT; larg: TIdC_LONG; parg: Pointer): TIdC_LONG cdecl = nil;
+  BIO_callback_ctrl: function(b: PBIO; cmd: TIdC_INT; fp: PBIO_info_cb): TIdC_LONG cdecl = nil;
+  BIO_ptr_ctrl: function(bp: PBIO; cmd: TIdC_INT; larg: TIdC_LONG): Pointer cdecl = nil;
+  BIO_int_ctrl: function(bp: PBIO; cmd: TIdC_INT; larg: TIdC_LONG; iarg: TIdC_INT): TIdC_LONG cdecl = nil;
+  BIO_push: function(b: PBIO; append: PBIO): PBIO cdecl = nil;
+  BIO_pop: function(b: PBIO): PBIO cdecl = nil;
+  BIO_free_all: procedure(a: PBIO) cdecl = nil;
+  BIO_find_type: function(b: PBIO; bio_type: TIdC_INT): PBIO cdecl = nil;
+  BIO_next: function(b: PBIO): PBIO cdecl = nil;
+  BIO_set_next: procedure(b: PBIO; next: PBIO) cdecl = nil;
+  BIO_get_retry_BIO: function(bio: PBIO; reason: TIdC_INT): PBIO cdecl = nil;
+  BIO_get_retry_reason: function(bio: PBIO): TIdC_INT cdecl = nil;
+  BIO_set_retry_reason: procedure(bio: PBIO; reason: TIdC_INT) cdecl = nil;
+  BIO_dup_chain: function(&in: PBIO): PBIO cdecl = nil;
+
+  BIO_nread0: function(bio: PBIO; buf: PPIdAnsiChar): TIdC_INT cdecl = nil;
+  BIO_nread: function(bio: PBIO; buf: PPIdAnsiChar; num: TIdC_INT): TIdC_INT cdecl = nil;
+  BIO_nwrite0: function(bio: PBIO; buf: PPIdAnsiChar): TIdC_INT cdecl = nil;
+  BIO_nwrite: function(bio: PBIO; buf: PPIdAnsiChar; num: TIdC_INT): TIdC_INT cdecl = nil;
+
+  BIO_debug_callback: function(bio: PBIO; cmd: TIdC_INT; const argp: PIdAnsiChar; argi: TIdC_INT; argl: TIdC_LONG; ret: TIdC_LONG): TIdC_LONG cdecl = nil;
+
+  BIO_s_mem: function: BIO_METHOD cdecl = nil;
+  BIO_s_secmem: function: BIO_METHOD cdecl = nil;
+  BIO_new_mem_buf: function(const buf: Pointer; len: TIdC_INT): PBIO cdecl = nil;
+
+  BIO_s_socket: function: BIO_METHOD cdecl = nil;
+  BIO_s_connect: function: BIO_METHOD cdecl = nil;
+  BIO_s_accept: function: BIO_METHOD cdecl = nil;
+
+  BIO_s_fd: function: BIO_METHOD cdecl = nil;
+  BIO_s_log: function: BIO_METHOD cdecl = nil;
+  BIO_s_bio: function: BIO_METHOD cdecl = nil;
+  BIO_s_null: function: BIO_METHOD cdecl = nil;
+  BIO_f_null: function: BIO_METHOD cdecl = nil;
+  BIO_f_buffer: function: BIO_METHOD cdecl = nil;
+  BIO_f_linebuffer: function: BIO_METHOD cdecl = nil;
+  BIO_f_nbio_test: function: BIO_METHOD cdecl = nil;
+  BIO_s_datagram: function: BIO_METHOD cdecl = nil;
+  BIO_dgram_non_fatal_error: function(error: TIdC_INT): TIdC_INT cdecl = nil;
+  BIO_new_dgram: function(fd: TIdC_INT; close_flag: TIdC_INT): PBIO cdecl = nil;
+
+  BIO_s_datagram_sctp: function: BIO_METHOD cdecl = nil;
+  BIO_new_dgram_sctp: function(fd: TIdC_INT; close_flag: TIdC_INT): PBIO cdecl = nil;
+  BIO_dgram_is_sctp: function(bio: PBIO): TIdC_INT cdecl = nil;
+//  function BIO_dgram_sctp_notification_cb(bio: PBIO; handle_notifications(PBIO;
+//    context: Pointer;
+//    buf: Pointer): TIdC_INT, Pointer context);
+  BIO_dgram_sctp_wait_for_dry: function(b: PBIO): TIdC_INT cdecl = nil;
+  BIO_dgram_sctp_msg_waiting: function(b: PBIO): TIdC_INT cdecl = nil;
+
+  BIO_sock_should_retry: function(i: TIdC_INT): TIdC_INT cdecl = nil;
+  BIO_sock_non_fatal_error: function(error: TIdC_INT): TIdC_INT cdecl = nil;
+
+  BIO_fd_should_retry: function(i: TIdC_INT): TIdC_INT cdecl = nil;
+  BIO_fd_non_fatal_error: function(error: TIdC_INT): TIdC_INT cdecl = nil;
+//  function BIO_dump_cb(
+//    Pointer data: cb(;
+//    len: TIdC_SIZET;
+//    function: Pointer): u: TIdC_INT, Pointer function ,  PIdAnsiChar s, TIdC_INT len): u;
+//  function BIO_dump_indent_cb(TIdC_INT (cb( Pointer data, TIdC_SIZET len, Pointer function ): u: TIdC_INT, Pointer function ,  PIdAnsiChar s, TIdC_INT len, TIdC_INT indent): u;
+  BIO_dump: function(b: PBIO; const bytes: PIdAnsiChar; len: TIdC_INT): TIdC_INT cdecl = nil;
+  BIO_dump_indent: function(b: PBIO; const bytes: PIdAnsiChar; len: TIdC_INT; indent: TIdC_INT): TIdC_INT cdecl = nil;
+
+//  function BIO_dump_fp(fp: cFile; const s: PByte; len: TIdC_INT): TIdC_INT;
+//  function BIO_dump_indent_fp(fp: cFile; const s: PByte; len: TIdC_INT; indent: TIdC_INT): TIdC_INT;
+
+  BIO_hex_string: function(&out: PBIO; indent: TIdC_INT; width: TIdC_INT; data: PByte; datalen: TIdC_INT): TIdC_INT cdecl = nil;
+
+  BIO_ADDR_new: function: PBIO_ADDR cdecl = nil;
+  BIO_ADDR_rawmake: function(ap: PBIO_ADDR; familiy: TIdC_INT; const where: Pointer; wherelen: TIdC_SIZET; port: TIdC_SHORT): TIdC_INT cdecl = nil;
+  BIO_ADDR_free: procedure(a: PBIO_ADDR) cdecl = nil;
+  BIO_ADDR_clear: procedure(ap: PBIO_ADDR) cdecl = nil;
+  BIO_ADDR_family: function(const ap: PBIO_ADDR): TIdC_INT cdecl = nil;
+  BIO_ADDR_rawaddress: function(const ap: PBIO_ADDR; p: Pointer; l: PIdC_SIZET): TIdC_INT cdecl = nil;
+  BIO_ADDR_rawport: function(const ap: PBIO_ADDR): TIdC_SHORT cdecl = nil;
+  BIO_ADDR_hostname_string: function(const ap: PBIO_ADDR; numeric: TIdC_INT): PIdAnsiChar cdecl = nil;
+  BIO_ADDR_service_string: function(const ap: PBIO_ADDR; numeric: TIdC_INT): PIdAnsiChar cdecl = nil;
+  BIO_ADDR_path_string: function(const ap: PBIO_ADDR): PIdAnsiChar cdecl = nil;
+
+  BIO_ADDRINFO_next: function(const bai: PBIO_ADDRINFO): PBIO_ADDRINFO cdecl = nil;
+  BIO_ADDRINFO_family: function(const bai: PBIO_ADDRINFO): TIdC_INT cdecl = nil;
+  BIO_ADDRINFO_socktype: function(const bai: PBIO_ADDRINFO): TIdC_INT cdecl = nil;
+  BIO_ADDRINFO_protocol: function(const bai: PBIO_ADDRINFO): TIdC_INT cdecl = nil;
+  BIO_ADDRINFO_address: function(const bai: PBIO_ADDRINFO): PBIO_ADDR cdecl = nil;
+  BIO_ADDRINFO_free: procedure(bai: PBIO_ADDRINFO) cdecl = nil;
+
+  BIO_parse_hostserv: function(const hostserv: PIdAnsiChar; host: PPIdAnsiChar; service: PPIdAnsiChar; hostserv_prio: BIO_hostserv_priorities): TIdC_INT cdecl = nil;
+
+  BIO_lookup: function(const host: PIdAnsiChar; const service: PIdAnsiChar; lookup_type: BIO_lookup_type; family: TIdC_INT; socktype: TIdC_INT; res: PPBIO_ADDRINFO): TIdC_INT cdecl = nil;
+  BIO_lookup_ex: function(const host: PIdAnsiChar; const service: PIdAnsiChar; lookup_type: TIdC_INT; family: TIdC_INT; socktype: TIdC_INT; protocol: TIdC_INT; res: PPBIO_ADDRINFO): TIdC_INT cdecl = nil;
+  BIO_sock_error: function(sock: TIdC_INT): TIdC_INT cdecl = nil;
+  BIO_socket_ioctl: function(fd: TIdC_INT; cType: TIdC_LONG; arg: Pointer): TIdC_INT cdecl = nil;
+  BIO_socket_nbio: function(fd: TIdC_INT; mode: TIdC_INT): TIdC_INT cdecl = nil;
+  BIO_sock_init: function: TIdC_INT cdecl = nil;
+
+  BIO_set_tcp_ndelay: function(sock: TIdC_INT; turn_on: TIdC_INT): TIdC_INT cdecl = nil;
+
+  BIO_sock_info: function(sock: TIdC_INT; &type: BIO_sock_info_type; info: PBIO_sock_info_u): TIdC_INT cdecl = nil;
+
+  BIO_socket: function(domain: TIdC_INT; socktype: TIdC_INT; protocol: TIdC_INT; options: TIdC_INT): TIdC_INT cdecl = nil;
+  BIO_connect: function(sock: TIdC_INT; const addr: PBIO_ADDR; options: TIdC_INT): TIdC_INT cdecl = nil;
+  BIO_bind: function(sock: TIdC_INT; const addr: PBIO_ADDR; options: TIdC_INT): TIdC_INT cdecl = nil;
+  BIO_listen: function(sock: TIdC_INT; const addr: PBIO_ADDR; options: TIdC_INT): TIdC_INT cdecl = nil;
+  BIO_accept_ex: function(accept_sock: TIdC_INT; addr: PBIO_ADDR; options: TIdC_INT): TIdC_INT cdecl = nil;
+  BIO_closesocket: function(sock: TIdC_INT): TIdC_INT cdecl = nil;
+
+  BIO_new_socket: function(sock: TIdC_INT; close_flag: TIdC_INT): PBIO cdecl = nil;
+  BIO_new_connect: function(const host_port: PIdAnsiChar): PBIO cdecl = nil;
+  BIO_new_accept: function(const host_port: PIdAnsiChar): PBIO cdecl = nil;
+
+  BIO_new_fd: function(fd: TIdC_INT; close_flag: TIdC_INT): PBIO cdecl = nil;
+
+  BIO_new_bio_pair: function(bio1: PPBIO; writebuf1: TIdC_SIZET; bio2: PPBIO; writebuf2: TIdC_SIZET): TIdC_INT cdecl = nil;
+  (*
+   * If successful, returns 1 and in *bio1, *bio2 two BIO pair endpoints.
+   * Otherwise returns 0 and sets *bio1 and *bio2 to NULL. Size 0 uses default
+   * value.
+   *)
+
+  BIO_copy_next_retry: procedure(b: PBIO) cdecl = nil;
+
+//  BIO_METHOD *BIO_meth_new(int type, const char *name);
+//  void BIO_meth_free(BIO_METHOD *biom);
+//  int (*BIO_meth_get_write(const BIO_METHOD *biom)) (BIO *, const char *, int);
+//  int (*BIO_meth_get_write_ex(const BIO_METHOD *biom)) (BIO *, const char *, TIdC_SIZET,
+//                                                  TIdC_SIZET *);
+//  int BIO_meth_set_write(BIO_METHOD *biom,
+//                         int (*write) (BIO *, const char *, int));
+//  int BIO_meth_set_write_ex(BIO_METHOD *biom,
+//                         int (*bwrite) (BIO *, const char *, TIdC_SIZET, TIdC_SIZET *));
+//  int (*BIO_meth_get_read(const BIO_METHOD *biom)) (BIO *, char *, int);
+//  int (*BIO_meth_get_read_ex(const BIO_METHOD *biom)) (BIO *, char *, TIdC_SIZET, TIdC_SIZET *);
+//  int BIO_meth_set_read(BIO_METHOD *biom,
+//                        int (*read) (BIO *, char *, int));
+//  int BIO_meth_set_read_ex(BIO_METHOD *biom,
+//                           int (*bread) (BIO *, char *, TIdC_SIZET, TIdC_SIZET *));
+//  int (*BIO_meth_get_puts(const BIO_METHOD *biom)) (BIO *, const char *);
+//  int BIO_meth_set_puts(BIO_METHOD *biom,
+//                        int (*puts) (BIO *, const char *));
+//  int (*BIO_meth_get_gets(const BIO_METHOD *biom)) (BIO *, char *, int);
+//  int BIO_meth_set_gets(BIO_METHOD *biom,
+//                        int (*gets) (BIO *, char *, int));
+//  long (*BIO_meth_get_ctrl(const BIO_METHOD *biom)) (BIO *, int, long, void *);
+//  int BIO_meth_set_ctrl(BIO_METHOD *biom,
+//                        long (*ctrl) (BIO *, int, long, void *));
+//  int (*BIO_meth_get_create(const BIO_METHOD *bion)) (BIO *);
+//  int BIO_meth_set_create(BIO_METHOD *biom, int (*create) (BIO *));
+//  int (*BIO_meth_get_destroy(const BIO_METHOD *biom)) (BIO *);
+//  int BIO_meth_set_destroy(BIO_METHOD *biom, int (*destroy) (BIO *));
+//  long (*BIO_meth_get_callback_ctrl(const BIO_METHOD *biom))
+//                                   (BIO *, int, BIO_info_cb *);
+//  int BIO_meth_set_callback_ctrl(BIO_METHOD *biom,
+//                                 long (*callback_ctrl) (BIO *, int,
+//                                                        BIO_info_cb *));
+
+implementation
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+
+  function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
+  begin
+    Result := LoadLibFunction(ADllHandle, AMethodName);
+    if not Assigned(Result) then
+      AFailed.Add(AMethodName);
+  end;
+
+begin
+  BIO_get_new_index := LoadFunction('BIO_get_new_index', AFailed);
+  BIO_set_flags := LoadFunction('BIO_set_flags', AFailed);
+  BIO_test_flags := LoadFunction('BIO_test_flags', AFailed);
+  BIO_clear_flags := LoadFunction('BIO_clear_flags', AFailed);
+  BIO_get_callback := LoadFunction('BIO_get_callback', AFailed);
+  BIO_set_callback := LoadFunction('BIO_set_callback', AFailed);
+  BIO_get_callback_ex := LoadFunction('BIO_get_callback_ex', AFailed);
+  BIO_set_callback_ex := LoadFunction('BIO_set_callback_ex', AFailed);
+  BIO_get_callback_arg := LoadFunction('BIO_get_callback_arg', AFailed);
+  BIO_set_callback_arg := LoadFunction('BIO_set_callback_arg', AFailed);
+  BIO_method_name := LoadFunction('BIO_method_name', AFailed);
+  BIO_method_type := LoadFunction('BIO_method_type', AFailed);
+  BIO_ctrl_pending := LoadFunction('BIO_ctrl_pending', AFailed);
+  BIO_ctrl_wpending := LoadFunction('BIO_ctrl_wpending', AFailed);
+  BIO_ctrl_get_write_guarantee := LoadFunction('BIO_ctrl_get_write_guarantee', AFailed);
+  BIO_ctrl_get_read_request := LoadFunction('BIO_ctrl_get_read_request', AFailed);
+  BIO_ctrl_reset_read_request := LoadFunction('BIO_ctrl_reset_read_request', AFailed);
+  BIO_set_ex_data := LoadFunction('BIO_set_ex_data', AFailed);
+  BIO_get_ex_data := LoadFunction('BIO_get_ex_data', AFailed);
+  BIO_number_read := LoadFunction('BIO_number_read', AFailed);
+  BIO_number_written := LoadFunction('BIO_number_written', AFailed);
+  BIO_s_file := LoadFunction('BIO_s_file', AFailed);
+  BIO_new_file := LoadFunction('BIO_new_file', AFailed);
+  BIO_new := LoadFunction('BIO_new', AFailed);
+  BIO_free := LoadFunction('BIO_free', AFailed);
+  BIO_set_data := LoadFunction('BIO_set_data', AFailed);
+  BIO_get_data := LoadFunction('BIO_get_data', AFailed);
+  BIO_set_init := LoadFunction('BIO_set_init', AFailed);
+  BIO_get_init := LoadFunction('BIO_get_init', AFailed);
+  BIO_set_shutdown := LoadFunction('BIO_set_shutdown', AFailed);
+  BIO_get_shutdown := LoadFunction('BIO_get_shutdown', AFailed);
+  BIO_vfree := LoadFunction('BIO_vfree', AFailed);
+  BIO_up_ref := LoadFunction('BIO_up_ref', AFailed);
+  BIO_read := LoadFunction('BIO_read', AFailed);
+  BIO_read_ex := LoadFunction('BIO_read_ex', AFailed);
+  BIO_gets := LoadFunction('BIO_gets', AFailed);
+  BIO_write := LoadFunction('BIO_write', AFailed);
+  BIO_write_ex := LoadFunction('BIO_write_ex', AFailed);
+  BIO_puts := LoadFunction('BIO_puts', AFailed);
+  BIO_indent := LoadFunction('BIO_indent', AFailed);
+  BIO_ctrl := LoadFunction('BIO_ctrl', AFailed);
+  BIO_callback_ctrl := LoadFunction('BIO_callback_ctrl', AFailed);
+  BIO_ptr_ctrl := LoadFunction('BIO_ptr_ctrl', AFailed);
+  BIO_int_ctrl := LoadFunction('BIO_int_ctrl', AFailed);
+  BIO_push := LoadFunction('BIO_push', AFailed);
+  BIO_pop := LoadFunction('BIO_pop', AFailed);
+  BIO_free_all := LoadFunction('BIO_free_all', AFailed);
+  BIO_find_type := LoadFunction('BIO_find_type', AFailed);
+  BIO_next := LoadFunction('BIO_next', AFailed);
+  BIO_set_next := LoadFunction('BIO_set_next', AFailed);
+  BIO_get_retry_BIO := LoadFunction('BIO_get_retry_BIO', AFailed);
+  BIO_get_retry_reason := LoadFunction('BIO_get_retry_reason', AFailed);
+  BIO_set_retry_reason := LoadFunction('BIO_set_retry_reason', AFailed);
+  BIO_dup_chain := LoadFunction('BIO_dup_chain', AFailed);
+  BIO_nread0 := LoadFunction('BIO_nread0', AFailed);
+  BIO_nread := LoadFunction('BIO_nread', AFailed);
+  BIO_nwrite0 := LoadFunction('BIO_nwrite0', AFailed);
+  BIO_nwrite := LoadFunction('BIO_nwrite', AFailed);
+  BIO_debug_callback := LoadFunction('BIO_debug_callback', AFailed);
+  BIO_s_mem := LoadFunction('BIO_s_mem', AFailed);
+  BIO_s_secmem := LoadFunction('BIO_s_secmem', AFailed);
+  BIO_new_mem_buf := LoadFunction('BIO_new_mem_buf', AFailed);
+  BIO_s_socket := LoadFunction('BIO_s_socket', AFailed);
+  BIO_s_connect := LoadFunction('BIO_s_connect', AFailed);
+  BIO_s_accept := LoadFunction('BIO_s_accept', AFailed);
+  BIO_s_fd := LoadFunction('BIO_s_fd', AFailed);
+  BIO_s_log := LoadFunction('BIO_s_log', AFailed);
+  BIO_s_bio := LoadFunction('BIO_s_bio', AFailed);
+  BIO_s_null := LoadFunction('BIO_s_null', AFailed);
+  BIO_f_null := LoadFunction('BIO_f_null', AFailed);
+  BIO_f_buffer := LoadFunction('BIO_f_buffer', AFailed);
+  BIO_f_linebuffer := LoadFunction('BIO_f_linebuffer', AFailed);
+  BIO_f_nbio_test := LoadFunction('BIO_f_nbio_test', AFailed);
+  BIO_s_datagram := LoadFunction('BIO_s_datagram', AFailed);
+  BIO_dgram_non_fatal_error := LoadFunction('BIO_dgram_non_fatal_error', AFailed);
+  BIO_new_dgram := LoadFunction('BIO_new_dgram', AFailed);
+  BIO_s_datagram_sctp := LoadFunction('BIO_s_datagram_sctp', AFailed);
+  BIO_new_dgram_sctp := LoadFunction('BIO_new_dgram_sctp', AFailed);
+  BIO_dgram_is_sctp := LoadFunction('BIO_dgram_is_sctp', AFailed);
+  BIO_dgram_sctp_wait_for_dry := LoadFunction('BIO_dgram_sctp_wait_for_dry', AFailed);
+  BIO_dgram_sctp_msg_waiting := LoadFunction('BIO_dgram_sctp_msg_waiting', AFailed);
+  BIO_sock_should_retry := LoadFunction('BIO_sock_should_retry', AFailed);
+  BIO_sock_non_fatal_error := LoadFunction('BIO_sock_non_fatal_error', AFailed);
+  BIO_fd_should_retry := LoadFunction('BIO_fd_should_retry', AFailed);
+  BIO_fd_non_fatal_error := LoadFunction('BIO_fd_non_fatal_error', AFailed);
+  BIO_dump := LoadFunction('BIO_dump', AFailed);
+  BIO_dump_indent := LoadFunction('BIO_dump_indent', AFailed);
+  BIO_hex_string := LoadFunction('BIO_hex_string', AFailed);
+  BIO_ADDR_new := LoadFunction('BIO_ADDR_new', AFailed);
+  BIO_ADDR_rawmake := LoadFunction('BIO_ADDR_rawmake', AFailed);
+  BIO_ADDR_free := LoadFunction('BIO_ADDR_free', AFailed);
+  BIO_ADDR_clear := LoadFunction('BIO_ADDR_clear', AFailed);
+  BIO_ADDR_family := LoadFunction('BIO_ADDR_family', AFailed);
+  BIO_ADDR_rawaddress := LoadFunction('BIO_ADDR_rawaddress', AFailed);
+  BIO_ADDR_rawport := LoadFunction('BIO_ADDR_rawport', AFailed);
+  BIO_ADDR_hostname_string := LoadFunction('BIO_ADDR_hostname_string', AFailed);
+  BIO_ADDR_service_string := LoadFunction('BIO_ADDR_service_string', AFailed);
+  BIO_ADDR_path_string := LoadFunction('BIO_ADDR_path_string', AFailed);
+  BIO_ADDRINFO_next := LoadFunction('BIO_ADDRINFO_next', AFailed);
+  BIO_ADDRINFO_family := LoadFunction('BIO_ADDRINFO_family', AFailed);
+  BIO_ADDRINFO_socktype := LoadFunction('BIO_ADDRINFO_socktype', AFailed);
+  BIO_ADDRINFO_protocol := LoadFunction('BIO_ADDRINFO_protocol', AFailed);
+  BIO_ADDRINFO_address := LoadFunction('BIO_ADDRINFO_address', AFailed);
+  BIO_ADDRINFO_free := LoadFunction('BIO_ADDRINFO_free', AFailed);
+  BIO_parse_hostserv := LoadFunction('BIO_parse_hostserv', AFailed);
+  BIO_lookup := LoadFunction('BIO_lookup', AFailed);
+  BIO_lookup_ex := LoadFunction('BIO_lookup_ex', AFailed);
+  BIO_sock_error := LoadFunction('BIO_sock_error', AFailed);
+  BIO_socket_ioctl := LoadFunction('BIO_socket_ioctl', AFailed);
+  BIO_socket_nbio := LoadFunction('BIO_socket_nbio', AFailed);
+  BIO_sock_init := LoadFunction('BIO_sock_init', AFailed);
+  BIO_set_tcp_ndelay := LoadFunction('BIO_set_tcp_ndelay', AFailed);
+  BIO_sock_info := LoadFunction('BIO_sock_info', AFailed);
+  BIO_socket := LoadFunction('BIO_socket', AFailed);
+  BIO_connect := LoadFunction('BIO_connect', AFailed);
+  BIO_bind := LoadFunction('BIO_bind', AFailed);
+  BIO_listen := LoadFunction('BIO_listen', AFailed);
+  BIO_accept_ex := LoadFunction('BIO_accept_ex', AFailed);
+  BIO_closesocket := LoadFunction('BIO_closesocket', AFailed);
+  BIO_new_socket := LoadFunction('BIO_new_socket', AFailed);
+  BIO_new_connect := LoadFunction('BIO_new_connect', AFailed);
+  BIO_new_accept := LoadFunction('BIO_new_accept', AFailed);
+  BIO_new_fd := LoadFunction('BIO_new_fd', AFailed);
+  BIO_new_bio_pair := LoadFunction('BIO_new_bio_pair', AFailed);
+  BIO_copy_next_retry := LoadFunction('BIO_copy_next_retry', AFailed);
+end;
+
+procedure UnLoad;
+begin
+  BIO_get_new_index := nil;
+  BIO_set_flags := nil;
+  BIO_test_flags := nil;
+  BIO_clear_flags := nil;
+  BIO_get_callback := nil;
+  BIO_set_callback := nil;
+  BIO_get_callback_ex := nil;
+  BIO_set_callback_ex := nil;
+  BIO_get_callback_arg := nil;
+  BIO_set_callback_arg := nil;
+  BIO_method_name := nil;
+  BIO_method_type := nil;
+  BIO_ctrl_pending := nil;
+  BIO_ctrl_wpending := nil;
+  BIO_ctrl_get_write_guarantee := nil;
+  BIO_ctrl_get_read_request := nil;
+  BIO_ctrl_reset_read_request := nil;
+  BIO_set_ex_data := nil;
+  BIO_get_ex_data := nil;
+  BIO_number_read := nil;
+  BIO_number_written := nil;
+  BIO_s_file := nil;
+  BIO_new_file := nil;
+  BIO_new := nil;
+  BIO_free := nil;
+  BIO_set_data := nil;
+  BIO_get_data := nil;
+  BIO_set_init := nil;
+  BIO_get_init := nil;
+  BIO_set_shutdown := nil;
+  BIO_get_shutdown := nil;
+  BIO_vfree := nil;
+  BIO_up_ref := nil;
+  BIO_read := nil;
+  BIO_read_ex := nil;
+  BIO_gets := nil;
+  BIO_write := nil;
+  BIO_write_ex := nil;
+  BIO_puts := nil;
+  BIO_indent := nil;
+  BIO_ctrl := nil;
+  BIO_callback_ctrl := nil;
+  BIO_ptr_ctrl := nil;
+  BIO_int_ctrl := nil;
+  BIO_push := nil;
+  BIO_pop := nil;
+  BIO_free_all := nil;
+  BIO_find_type := nil;
+  BIO_next := nil;
+  BIO_set_next := nil;
+  BIO_get_retry_BIO := nil;
+  BIO_get_retry_reason := nil;
+  BIO_set_retry_reason := nil;
+  BIO_dup_chain := nil;
+  BIO_nread0 := nil;
+  BIO_nread := nil;
+  BIO_nwrite0 := nil;
+  BIO_nwrite := nil;
+  BIO_debug_callback := nil;
+  BIO_s_mem := nil;
+  BIO_s_secmem := nil;
+  BIO_new_mem_buf := nil;
+  BIO_s_socket := nil;
+  BIO_s_connect := nil;
+  BIO_s_accept := nil;
+  BIO_s_fd := nil;
+  BIO_s_log := nil;
+  BIO_s_bio := nil;
+  BIO_s_null := nil;
+  BIO_f_null := nil;
+  BIO_f_buffer := nil;
+  BIO_f_linebuffer := nil;
+  BIO_f_nbio_test := nil;
+  BIO_s_datagram := nil;
+  BIO_dgram_non_fatal_error := nil;
+  BIO_new_dgram := nil;
+  BIO_s_datagram_sctp := nil;
+  BIO_new_dgram_sctp := nil;
+  BIO_dgram_is_sctp := nil;
+  BIO_dgram_sctp_wait_for_dry := nil;
+  BIO_dgram_sctp_msg_waiting := nil;
+  BIO_sock_should_retry := nil;
+  BIO_sock_non_fatal_error := nil;
+  BIO_fd_should_retry := nil;
+  BIO_fd_non_fatal_error := nil;
+  BIO_dump := nil;
+  BIO_dump_indent := nil;
+  BIO_hex_string := nil;
+  BIO_ADDR_new := nil;
+  BIO_ADDR_rawmake := nil;
+  BIO_ADDR_free := nil;
+  BIO_ADDR_clear := nil;
+  BIO_ADDR_family := nil;
+  BIO_ADDR_rawaddress := nil;
+  BIO_ADDR_rawport := nil;
+  BIO_ADDR_hostname_string := nil;
+  BIO_ADDR_service_string := nil;
+  BIO_ADDR_path_string := nil;
+  BIO_ADDRINFO_next := nil;
+  BIO_ADDRINFO_family := nil;
+  BIO_ADDRINFO_socktype := nil;
+  BIO_ADDRINFO_protocol := nil;
+  BIO_ADDRINFO_address := nil;
+  BIO_ADDRINFO_free := nil;
+  BIO_parse_hostserv := nil;
+  BIO_lookup := nil;
+  BIO_lookup_ex := nil;
+  BIO_sock_error := nil;
+  BIO_socket_ioctl := nil;
+  BIO_socket_nbio := nil;
+  BIO_sock_init := nil;
+  BIO_set_tcp_ndelay := nil;
+  BIO_sock_info := nil;
+  BIO_socket := nil;
+  BIO_connect := nil;
+  BIO_bind := nil;
+  BIO_listen := nil;
+  BIO_accept_ex := nil;
+  BIO_closesocket := nil;
+  BIO_new_socket := nil;
+  BIO_new_connect := nil;
+  BIO_new_accept := nil;
+  BIO_new_fd := nil;
+  BIO_new_bio_pair := nil;
+  BIO_copy_next_retry := nil;
+end;
+{$ENDREGION}
+
+{$REGION 'C compiler macros'}
+// # define BIO_get_flags(b) BIO_test_flags(b, ~(0x0))
+function BIO_get_flags(const b: PBIO): TIdC_INT;
+begin
+  Result := BIO_test_flags(b, not $0);
+end;
+
+//# define BIO_set_retry_special(b) \
+//                BIO_set_flags(b, (BIO_FLAGS_IO_SPECIAL|BIO_FLAGS_SHOULD_RETRY))
+procedure BIO_set_retry_special(b: PBIO);
+begin
+  BIO_set_flags(b, BIO_FLAGS_IO_SPECIAL or BIO_FLAGS_SHOULD_RETRY);
+end;
+
+//# define BIO_set_retry_read(b) \
+//                BIO_set_flags(b, (BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY))
+procedure BIO_set_retry_read(b: PBIO);
+begin
+  BIO_set_flags(b, BIO_FLAGS_READ or BIO_FLAGS_SHOULD_RETRY);
+end;
+
+//# define BIO_set_retry_write(b) \
+//                BIO_set_flags(b, (BIO_FLAGS_WRITE|BIO_FLAGS_SHOULD_RETRY))
+procedure BIO_set_retry_write(b: PBIO);
+begin
+  BIO_set_flags(b, BIO_FLAGS_WRITE or BIO_FLAGS_SHOULD_RETRY);
+end;
+
+//# define BIO_clear_retry_flags(b) \
+//                BIO_clear_flags(b, (BIO_FLAGS_RWS|BIO_FLAGS_SHOULD_RETRY))
+procedure BIO_clear_retry_flags(b: PBIO);
+begin
+  BIO_clear_flags(b, BIO_FLAGS_RWS or BIO_FLAGS_SHOULD_RETRY);
+end;
+
+//# define BIO_get_retry_flags(b) \
+//                BIO_test_flags(b, (BIO_FLAGS_RWS|BIO_FLAGS_SHOULD_RETRY))
+function BIO_get_retry_flags(b: PBIO): TIdC_INT;
+begin
+  Result := BIO_test_flags(b, BIO_FLAGS_RWS or BIO_FLAGS_SHOULD_RETRY);
+end;
+
+//# define BIO_should_read(a)              BIO_test_flags(a, BIO_FLAGS_READ)
+function BIO_should_read(b: PBIO): TIdC_INT;
+begin
+  Result := BIO_test_flags(b, BIO_FLAGS_READ);
+end;
+
+//# define BIO_should_write(a)             BIO_test_flags(a, BIO_FLAGS_WRITE)
+function BIO_should_write(b: PBIO): TIdC_INT;
+begin
+  Result := BIO_test_flags(b, BIO_FLAGS_WRITE);
+end;
+
+//# define BIO_should_io_special(a)        BIO_test_flags(a, BIO_FLAGS_IO_SPECIAL)
+function BIO_should_io_special(b: PBIO): TIdC_INT;
+begin
+  Result := BIO_test_flags(b, BIO_FLAGS_IO_SPECIAL);
+end;
+
+//# define BIO_retry_type(a)               BIO_test_flags(a, BIO_FLAGS_RWS)
+function BIO_retry_type(b: PBIO): TIdC_INT;
+begin
+  Result := BIO_test_flags(b, BIO_FLAGS_RWS);
+end;
+
+//# define BIO_should_retry(a)             BIO_test_flags(a, BIO_FLAGS_SHOULD_RETRY)
+function BIO_should_retry(b: PBIO): TIdC_INT;
+begin
+  Result := BIO_test_flags(b, BIO_FLAGS_SHOULD_RETRY);
+end;
+
+//#  define BIO_do_connect(b)       BIO_do_handshake(b)
+function BIO_do_connect(b: PBIO): TIdC_LONG;
+begin
+  Result := BIO_do_handshake(b);
+end;
+
+//#  define BIO_do_accept(b)        BIO_do_handshake(b)
+function BIO_do_accept(b: PBIO): TIdC_LONG;
+begin
+  Result := BIO_do_handshake(b);
+end;
+
+//# define BIO_do_handshake(b)     BIO_ctrl(b,BIO_C_DO_STATE_MACHINE,0,NULL)
+function BIO_do_handshake(b: PBIO): TIdC_LONG;
+begin
+  Result := BIO_ctrl(b, BIO_C_DO_STATE_MACHINE, 0, nil);
+end;
+{$ENDREGION}
+
+end.
+
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_bioerr.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_bioerr.pas
new file mode 100644
index 000000000..319a97ffb
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_bioerr.pas
@@ -0,0 +1,180 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 15:01:04
+
+unit IdOpenSSLHeaders_bioerr;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// bioerr.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  Classes,
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+const
+  (*
+   * BIO function codes.
+   *)
+  BIO_F_ACPT_STATE = 100;
+  BIO_F_ADDRINFO_WRAP = 148;
+  BIO_F_ADDR_STRINGS = 134;
+  BIO_F_BIO_ACCEPT = 101;
+  BIO_F_BIO_ACCEPT_EX = 137;
+  BIO_F_BIO_ACCEPT_NEW = 152;
+  BIO_F_BIO_ADDR_NEW = 144;
+  BIO_F_BIO_BIND = 147;
+  BIO_F_BIO_CALLBACK_CTRL = 131;
+  BIO_F_BIO_CONNECT = 138;
+  BIO_F_BIO_CONNECT_NEW = 153;
+  BIO_F_BIO_CTRL = 103;
+  BIO_F_BIO_GETS = 104;
+  BIO_F_BIO_GET_HOST_IP = 106;
+  BIO_F_BIO_GET_NEW_INDEX = 102;
+  BIO_F_BIO_GET_PORT = 107;
+  BIO_F_BIO_LISTEN = 139;
+  BIO_F_BIO_LOOKUP = 135;
+  BIO_F_BIO_LOOKUP_EX = 143;
+  BIO_F_BIO_MAKE_PAIR = 121;
+  BIO_F_BIO_METH_NEW = 146;
+  BIO_F_BIO_NEW = 108;
+  BIO_F_BIO_NEW_DGRAM_SCTP = 145;
+  BIO_F_BIO_NEW_FILE = 109;
+  BIO_F_BIO_NEW_MEM_BUF = 126;
+  BIO_F_BIO_NREAD = 123;
+  BIO_F_BIO_NREAD0 = 124;
+  BIO_F_BIO_NWRITE = 125;
+  BIO_F_BIO_NWRITE0 = 122;
+  BIO_F_BIO_PARSE_HOSTSERV = 136;
+  BIO_F_BIO_PUTS = 110;
+  BIO_F_BIO_READ = 111;
+  BIO_F_BIO_READ_EX = 105;
+  BIO_F_BIO_READ_INTERN = 120;
+  BIO_F_BIO_SOCKET = 140;
+  BIO_F_BIO_SOCKET_NBIO = 142;
+  BIO_F_BIO_SOCK_INFO = 141;
+  BIO_F_BIO_SOCK_INIT = 112;
+  BIO_F_BIO_WRITE = 113;
+  BIO_F_BIO_WRITE_EX = 119;
+  BIO_F_BIO_WRITE_INTERN = 128;
+  BIO_F_BUFFER_CTRL = 114;
+  BIO_F_CONN_CTRL = 127;
+  BIO_F_CONN_STATE = 115;
+  BIO_F_DGRAM_SCTP_NEW = 149;
+  BIO_F_DGRAM_SCTP_READ = 132;
+  BIO_F_DGRAM_SCTP_WRITE = 133;
+  BIO_F_DOAPR_OUTCH = 150;
+  BIO_F_FILE_CTRL = 116;
+  BIO_F_FILE_READ = 130;
+  BIO_F_LINEBUFFER_CTRL = 129;
+  BIO_F_LINEBUFFER_NEW = 151;
+  BIO_F_MEM_WRITE = 117;
+  BIO_F_NBIOF_NEW = 154;
+  BIO_F_SLG_WRITE = 155;
+  BIO_F_SSL_NEW = 118;
+
+  (*
+   * BIO reason codes.
+   *)
+  BIO_R_ACCEPT_ERROR =   100;
+  BIO_R_ADDRINFO_ADDR_IS_NOT_AF_INET =  141;
+  BIO_R_AMBIGUOUS_HOST_OR_SERVICE =  129;
+  BIO_R_BAD_FOPEN_MODE =  101;
+  BIO_R_BROKEN_PIPE =   124;
+  BIO_R_CONNECT_ERROR =  103;
+  BIO_R_GETHOSTBYNAME_ADDR_IS_NOT_AF_INET = 107;
+  BIO_R_GETSOCKNAME_ERROR =  132;
+  BIO_R_GETSOCKNAME_TRUNCATED_ADDRESS = 133;
+  BIO_R_GETTING_SOCKTYPE =  134;
+  BIO_R_INVALID_ARGUMENT =  125;
+  BIO_R_INVALID_SOCKET =  135;
+  BIO_R_IN_USE =   123;
+  BIO_R_LENGTH_TOO_LONG =  102;
+  BIO_R_LISTEN_V6_ONLY =  136;
+  BIO_R_LOOKUP_RETURNED_NOTHING =  142;
+  BIO_R_MALFORMED_HOST_OR_SERVICE =  130;
+  BIO_R_NBIO_CONNECT_ERROR =  110;
+  BIO_R_NO_ACCEPT_ADDR_OR_SERVICE_SPECIFIED = 143;
+  BIO_R_NO_HOSTNAME_OR_SERVICE_SPECIFIED = 144;
+  BIO_R_NO_PORT_DEFINED =  113;
+  BIO_R_NO_SUCH_FILE =   128;
+  BIO_R_NULL_PARAMETER =  115;
+  BIO_R_UNABLE_TO_BIND_SOCKET =  117;
+  BIO_R_UNABLE_TO_CREATE_SOCKET =  118;
+  BIO_R_UNABLE_TO_KEEPALIVE =  137;
+  BIO_R_UNABLE_TO_LISTEN_SOCKET =  119;
+  BIO_R_UNABLE_TO_NODELAY =  138;
+  BIO_R_UNABLE_TO_REUSEADDR =  139;
+  BIO_R_UNAVAILABLE_IP_FAMILY =  145;
+  BIO_R_UNINITIALIZED =  120;
+  BIO_R_UNKNOWN_INFO_TYPE =  140;
+  BIO_R_UNSUPPORTED_IP_FAMILY =  146;
+  BIO_R_UNSUPPORTED_METHOD =  121;
+  BIO_R_UNSUPPORTED_PROTOCOL_FAMILY =  131;
+  BIO_R_WRITE_TO_READ_ONLY_BIO =  126;
+  BIO_R_WSASTARTUP =   122;
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+procedure UnLoad;
+{$ENDREGION}
+  
+var
+  ERR_load_BIO_strings: function: TIdC_INT cdecl = nil;
+
+implementation
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+
+  function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
+  begin
+    Result := LoadLibFunction(ADllHandle, AMethodName);
+    if not Assigned(Result) then
+      AFailed.Add(AMethodName);
+  end;
+
+begin
+  ERR_load_BIO_strings := LoadFunction('ERR_load_BIO_strings', AFailed);
+end;
+
+procedure UnLoad;
+begin
+  ERR_load_BIO_strings := nil;
+end;
+{$ENDREGION}
+
+end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_blowfish.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_blowfish.pas
new file mode 100644
index 000000000..2a0888c78
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_blowfish.pas
@@ -0,0 +1,122 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 15:01:04
+
+unit IdOpenSSLHeaders_blowfish;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// blowfish.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  Classes,
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+const
+  // Added '_CONST' to avoid name clashes
+  BF_ENCRYPT_CONST = 1;
+  // Added '_CONST' to avoid name clashes
+  BF_DECRYPT_CONST = 0;
+
+  BF_ROUNDS = 16;
+  BF_BLOCK  = 8;
+
+type
+  BF_LONG = TIdC_UINT;
+  PBF_LONG = ^BF_LONG;
+
+  bf_key_st = record
+    p: array[0 .. BF_ROUNDS + 2 - 1] of BF_LONG;
+    s: array[0 .. 4 * 256 - 1] of BF_LONG;
+  end;
+  BF_KEY = bf_key_st;
+  PBF_KEY = ^BF_KEY;
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+procedure UnLoad;
+{$ENDREGION}
+
+var
+  BF_set_key: procedure(key: PBF_KEY; len: TIdC_INT; const data: PByte) cdecl = nil;
+
+  BF_encrypt: procedure(data: PBF_LONG; const key: PBF_KEY) cdecl = nil;
+  BF_decrypt: procedure(data: PBF_LONG; const key: PBF_KEY) cdecl = nil;
+
+  BF_ecb_encrypt: procedure(const &in: PByte; &out: PByte; key: PBF_KEY; enc: TIdC_INT) cdecl = nil;
+  BF_cbc_encrypt: procedure(const &in: PByte; &out: PByte; length: TIdC_LONG; schedule: PBF_KEY; ivec: PByte; enc: TIdC_INT) cdecl = nil;
+  BF_cfb64_encrypt: procedure(const &in: PByte; &out: PByte; length: TIdC_LONG; schedule: PBF_KEY; ivec: PByte; num: PIdC_INT; enc: TIdC_INT) cdecl = nil;
+  BF_ofb64_encrypt: procedure(const &in: PByte; &out: PByte; length: TIdC_LONG; schedule: PBF_KEY; ivec: PByte; num: PIdC_INT) cdecl = nil;
+
+  BF_options: function: PIdAnsiChar cdecl = nil;
+
+implementation
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+
+  function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
+  begin
+    Result := LoadLibFunction(ADllHandle, AMethodName);
+    if not Assigned(Result) then
+      AFailed.Add(AMethodName);
+  end;
+
+begin
+  BF_set_key := LoadFunction('BF_set_key', AFailed);
+  BF_encrypt := LoadFunction('BF_encrypt', AFailed);
+  BF_decrypt := LoadFunction('BF_decrypt', AFailed);
+  BF_ecb_encrypt := LoadFunction('BF_ecb_encrypt', AFailed);
+  BF_cbc_encrypt := LoadFunction('BF_cbc_encrypt', AFailed);
+  BF_cfb64_encrypt := LoadFunction('BF_cfb64_encrypt', AFailed);
+  BF_ofb64_encrypt := LoadFunction('BF_ofb64_encrypt', AFailed);
+  BF_options := LoadFunction('BF_options', AFailed);
+end;
+
+procedure UnLoad;
+begin
+  BF_set_key := nil;
+  BF_encrypt := nil;
+  BF_decrypt := nil;
+  BF_ecb_encrypt := nil;
+  BF_cbc_encrypt := nil;
+  BF_cfb64_encrypt := nil;
+  BF_ofb64_encrypt := nil;
+  BF_options := nil;
+end;
+{$ENDREGION}
+
+end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_bn.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_bn.pas
new file mode 100644
index 000000000..df8e53a03
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_bn.pas
@@ -0,0 +1,785 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 15:01:04
+
+unit IdOpenSSLHeaders_bn;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// bn.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  Classes,
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts,
+  IdOpenSSLHeaders_ossl_typ;
+
+const
+  BN_FLG_MALLOCED = $01;
+  BN_FLG_STATIC_DATA = $02;
+
+  (*
+   * avoid leaking exponent information through timing,
+   * BN_mod_exp_mont() will call BN_mod_exp_mont_consttime,
+   * BN_div() will call BN_div_no_branch,
+   * BN_mod_inverse() will call BN_mod_inverse_no_branch.
+   *)
+  BN_FLG_CONSTTIME = $04;
+  BN_FLG_SECURE = $08;
+
+  (* Values for |top| in BN_rand() *)
+  BN_RAND_TOP_ANY = -1;
+  BN_RAND_TOP_ONE = 0;
+  BN_RAND_TOP_TWO = 1;
+
+  (* Values for |bottom| in BN_rand() *)
+  BN_RAND_BOTTOM_ANY = 0;
+  BN_RAND_BOTTOM_ODD = 1;
+  
+  (* BN_BLINDING flags *)
+  BN_BLINDING_NO_UPDATE = $00000001;
+  BN_BLINDING_NO_RECREATE = $00000002;
+
+type
+  BN_ULONG = TIdC_ULONG;
+
+  BN_GENCB_set_old_cb = procedure (a: TIdC_INT; b: TIdC_INT; c: Pointer); cdecl;
+  BN_GENCB_set_cb = function (a: TIdC_INT; b: TIdC_INT; c: PBN_GENCB): TIdC_INT; cdecl;
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+procedure UnLoad;
+{$ENDREGION}
+
+var
+  BN_set_flags: procedure(b: PBIGNUM; n: TIdC_INT) cdecl = nil;
+  BN_get_flags: function(b: PBIGNUM; n: TIdC_INT): TIdC_INT cdecl = nil;
+
+  (*
+   * get a clone of a BIGNUM with changed flags, for *temporary* use only (the
+   * two BIGNUMs cannot be used in parallel!). Also only for *read only* use. The
+   * value |dest| should be a newly allocated BIGNUM obtained via BN_new() that
+   * has not been otherwise initialised or used.
+   *)
+  BN_with_flags: procedure(dest: PBIGNUM; b: PBIGNUM; flags: TIdC_INT) cdecl = nil;
+  (* Wrapper function to make using BN_GENCB easier *)
+  BN_GENCB_call: function(cb: PBN_GENCB; a: TIdC_INT; b: TIdC_INT): TIdC_INT cdecl = nil;
+
+  BN_GENCB_new: function: PBN_GENCB cdecl = nil;
+  BN_GENCB_free: procedure(cb: PBN_GENCB) cdecl = nil;
+
+  (* Populate a PBN_GENCB structure with an "old"-style callback *)
+  BN_GENCB_set_old: procedure(gencb: PBN_GENCB; callback: BN_GENCB_set_old_cb; cb_arg: Pointer) cdecl = nil;
+
+  (* Populate a PBN_GENCB structure with a "new"-style callback *)
+  BN_GENCB_set: procedure(gencb: PBN_GENCB; callback: BN_GENCB_set_cb; cb_arg: Pointer) cdecl = nil;
+
+  BN_GENCB_get_arg: function(cb: PBN_GENCB): Pointer cdecl = nil;
+  
+  (*
+   * BN_prime_checks_for_size() returns the number of Miller-Rabin iterations
+   * that will be done for checking that a random number is probably prime. The
+   * error rate for accepting a composite number as prime depends on the size of
+   * the prime |b|. The error rates used are for calculating an RSA key with 2 primes,
+   * and so the level is what you would expect for a key of double the size of the
+   * prime.
+   *
+   * This table is generated using the algorithm of FIPS PUB 186-4
+   * Digital Signature Standard (DSS), section F.1, page 117.
+   * (https://dx.doi.org/10.6028/NIST.FIPS.186-4)
+   *
+   * The following magma script was used to generate the output:
+   * securitybits:=125;
+   * k:=1024;
+   * for t:=1 to 65 do
+   *   for M:=3 to Floor(2*Sqrt(k-1)-1) do
+   *     S:=0;
+   *     // Sum over m
+   *     for m:=3 to M do
+   *       s:=0;
+   *       // Sum over j
+   *       for j:=2 to m do
+   *         s+:=(RealField(32)!2)^-(j+(k-1)/j);
+   *       end for;
+   *       S+:=2^(m-(m-1)*t)*s;
+   *     end for;
+   *     A:=2^(k-2-M*t);
+   *     B:=8*(Pi(RealField(32))^2-6)/3*2^(k-2)*S;
+   *     pkt:=2.00743*Log(2)*k*2^-k*(A+B);
+   *     seclevel:=Floor(-Log(2,pkt));
+   *     if seclevel ge securitybits then
+   *       printf "k: %5o, security: %o bits  (t: %o, M: %o)\n",k,seclevel,t,M;
+   *       break;
+   *     end if;
+   *   end for;
+   *   if seclevel ge securitybits then break; end if;
+   * end for;
+   *
+   * It can be run online at:
+   * http://magma.maths.usyd.edu.au/calc
+   *
+   * And will output:
+   * k:  1024, security: 129 bits  (t: 6, M: 23)
+   *
+   * k is the number of bits of the prime, securitybits is the level we want to
+   * reach.
+   *
+   * prime length | RSA key size | # MR tests | security level
+   * -------------+--------------|------------+---------------
+   *  (b) >= 6394 |     >= 12788 |          3 |        256 bit
+   *  (b) >= 3747 |     >=  7494 |          3 |        192 bit
+   *  (b) >= 1345 |     >=  2690 |          4 |        128 bit
+   *  (b) >= 1080 |     >=  2160 |          5 |        128 bit
+   *  (b) >=  852 |     >=  1704 |          5 |        112 bit
+   *  (b) >=  476 |     >=   952 |          5 |         80 bit
+   *  (b) >=  400 |     >=   800 |          6 |         80 bit
+   *  (b) >=  347 |     >=   694 |          7 |         80 bit
+   *  (b) >=  308 |     >=   616 |          8 |         80 bit
+   *  (b) >=   55 |     >=   110 |         27 |         64 bit
+   *  (b) >=    6 |     >=    12 |         34 |         64 bit
+   *)
+
+//  # define BN_prime_checks_for_size(b) ((b) >= 3747 ?  3 : \
+//                                  (b) >=  1345 ?  4 : \
+//                                  (b) >=  476 ?  5 : \
+//                                  (b) >=  400 ?  6 : \
+//                                  (b) >=  347 ?  7 : \
+//                                  (b) >=  308 ?  8 : \
+//                                  (b) >=  55  ? 27 : \
+//                                  (* b >= 6 *) 34)
+//
+//  # define BN_num_bytes(a) ((BN_num_bits(a)+7)/8)
+
+  BN_abs_is_word: function(a: PBIGNUM; w: BN_ULONG): TIdC_INT cdecl = nil;
+  BN_is_zero: function(a: PBIGNUM): TIdC_INT cdecl = nil;
+  BN_is_one: function(a: PBIGNUM): TIdC_INT cdecl = nil;
+  BN_is_word: function(a: PBIGNUM; w: BN_ULONG): TIdC_INT cdecl = nil;
+  BN_is_odd: function(a: PBIGNUM): TIdC_INT cdecl = nil;
+
+//  # define BN_one(a)       (BN_set_word((a),1))
+
+  BN_zero_ex: procedure(a: PBIGNUM) cdecl = nil;
+
+  BN_value_one: function: PBIGNUM cdecl = nil;
+  BN_options: function: PIdAnsiChar cdecl = nil;
+  BN_CTX_new: function: PBN_CTX cdecl = nil;
+  BN_CTX_secure_new: function: PBN_CTX cdecl = nil;
+  BN_CTX_free: procedure(c: PBN_CTX) cdecl = nil;
+  BN_CTX_start: procedure(ctx: PBN_CTX) cdecl = nil;
+  BN_CTX_get: function(ctx: PBN_CTX): PBIGNUM cdecl = nil;
+  BN_CTX_end: procedure(ctx: PBN_CTX) cdecl = nil;
+  BN_rand: function(rnd: PBIGNUM; bits: TIdC_INT; top: TIdC_INT; bottom: TIdC_INT): TIdC_INT cdecl = nil;
+  BN_priv_rand: function(rnd: PBIGNUM; bits: TIdC_INT; top: TIdC_INT; bottom: TIdC_INT): TIdC_INT cdecl = nil;
+  BN_rand_range: function(rnd: PBIGNUM; range: PBIGNUM): TIdC_INT cdecl = nil;
+  BN_priv_rand_range: function(rnd: PBIGNUM; range: PBIGNUM): TIdC_INT cdecl = nil;
+  BN_pseudo_rand: function(rnd: PBIGNUM; bits: TIdC_INT; top: TIdC_INT; bottom: TIdC_INT): TIdC_INT cdecl = nil;
+  BN_pseudo_rand_range: function(rnd: PBIGNUM; range: PBIGNUM): TIdC_INT cdecl = nil;
+  BN_num_bits: function(a: PBIGNUM): TIdC_INT cdecl = nil;
+  BN_num_bits_word: function(l: BN_ULONG): TIdC_INT cdecl = nil;
+  BN_security_bits: function(L: TIdC_INT; N: TIdC_INT): TIdC_INT cdecl = nil;
+  BN_new: function: PBIGNUM cdecl = nil;
+  BN_secure_new: function: PBIGNUM cdecl = nil;
+  BN_clear_free: procedure(a: PBIGNUM) cdecl = nil;
+  BN_copy: function(a: PBIGNUM; b: PBIGNUM): PBIGNUM cdecl = nil;
+  BN_swap: procedure(a: PBIGNUM; b: PBIGNUM) cdecl = nil;
+  BN_bin2bn: function(const s: PByte; len: TIdC_INT; ret: PBIGNUM): PBIGNUM cdecl = nil;
+  BN_bn2bin: function(const a: PBIGNUM; &to: PByte): TIdC_INT cdecl = nil;
+  BN_bn2binpad: function(const a: PBIGNUM; &to: PByte; tolen: TIdC_INT): TIdC_INT cdecl = nil;
+  BN_lebin2bn: function(const s: PByte; len: TIdC_INT; ret: PBIGNUM): PBIGNUM cdecl = nil;
+  BN_bn2lebinpad: function(a: PBIGNUM; &to: PByte; tolen: TIdC_INT): TIdC_INT cdecl = nil;
+  BN_mpi2bn: function(const s: PByte; len: TIdC_INT; ret: PBIGNUM): PBIGNUM cdecl = nil;
+  BN_bn2mpi: function(a: PBIGNUM; &to: PByte): TIdC_INT cdecl = nil;
+  BN_sub: function(r: PBIGNUM; const a: PBIGNUM; const b: PBIGNUM): TIdC_INT cdecl = nil;
+  BN_usub: function(r: PBIGNUM; const a: PBIGNUM; const b: PBIGNUM): TIdC_INT cdecl = nil;
+  BN_uadd: function(r: PBIGNUM; const a: PBIGNUM; const b: PBIGNUM): TIdC_INT cdecl = nil;
+  BN_add: function(r: PBIGNUM; const a: PBIGNUM; const b: PBIGNUM): TIdC_INT cdecl = nil;
+  BN_mul: function(r: PBIGNUM; const a: PBIGNUM; const b: PBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl = nil;
+  BN_sqr: function(r: PBIGNUM; const a: PBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl = nil;
+
+  (** BN_set_negative sets sign of a BIGNUM
+   * \param  b  pointer to the BIGNUM object
+   * \param  n  0 if the BIGNUM b should be positive and a value != 0 otherwise
+   *)
+  BN_set_negative: procedure(b: PBIGNUM; n: TIdC_INT) cdecl = nil;
+  (** BN_is_negative returns 1 if the BIGNUM is negative
+   * \param  b  pointer to the BIGNUM object
+   * \return 1 if a < 0 and 0 otherwise
+   *)
+  BN_is_negative: function(b: PBIGNUM): TIdC_INT cdecl = nil;
+
+  BN_div: function(dv: PBIGNUM; rem: PBIGNUM; const m: PBIGNUM; const d: PBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl = nil;
+//  # define BN_mod(rem,m,d,ctx) BN_div(NULL,(rem),(m),(d),(ctx))
+  BN_nnmod: function(r: PBIGNUM; const m: PBIGNUM; const d: PBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl = nil;
+  BN_mod_add: function(r: PBIGNUM; const a: PBIGNUM; const b: PBIGNUM; const m: PBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl = nil;
+  BN_mod_add_quick: function(r: PBIGNUM; const a: PBIGNUM; const b: PBIGNUM; const m: PBIGNUM): TIdC_INT cdecl = nil;
+  BN_mod_sub: function(r: PBIGNUM; const a: PBIGNUM; const b: PBIGNUM; const m: PBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl = nil;
+  BN_mod_sub_quick: function(r: PBIGNUM; const a: PBIGNUM; const b: PBIGNUM; const m: PBIGNUM): TIdC_INT cdecl = nil;
+  BN_mod_mul: function(r: PBIGNUM; const a: PBIGNUM; const b: PBIGNUM; const m: PBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl = nil;
+  BN_mod_sqr: function(r: PBIGNUM; const a: PBIGNUM; const m: PBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl = nil;
+  BN_mod_lshift1: function(r: PBIGNUM; const a: PBIGNUM; const m: PBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl = nil;
+  BN_mod_lshift1_quick: function(r: PBIGNUM; const a: PBIGNUM; const m: PBIGNUM): TIdC_INT cdecl = nil;
+  BN_mod_lshift: function(r: PBIGNUM; const a: PBIGNUM; n: TIdC_INT; const m: PBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl = nil;
+  BN_mod_lshift_quick: function(r: PBIGNUM; const a: PBIGNUM; n: TIdC_INT; const m: PBIGNUM): TIdC_INT cdecl = nil;
+
+  BN_mod_word: function(const a: PBIGNUM; w: BN_ULONG): BN_ULONG cdecl = nil;
+  BN_div_word: function(a: PBIGNUM; w: BN_ULONG): BN_ULONG cdecl = nil;
+  BN_mul_word: function(a: PBIGNUM; w: BN_ULONG): TIdC_INT cdecl = nil;
+  BN_add_word: function(a: PBIGNUM; w: BN_ULONG): TIdC_INT cdecl = nil;
+  BN_sub_word: function(a: PBIGNUM; w: BN_ULONG): TIdC_INT cdecl = nil;
+  BN_set_word: function(a: PBIGNUM; w: BN_ULONG): TIdC_INT cdecl = nil;
+  BN_get_word: function(const a: PBIGNUM): BN_ULONG cdecl = nil;
+
+  BN_cmp: function(const a: PBIGNUM; const b: PBIGNUM): TIdC_INT cdecl = nil;
+  BN_free: procedure(a: PBIGNUM) cdecl = nil;
+  BN_is_bit_set: function(const a: PBIGNUM; n: TIdC_INT): TIdC_INT cdecl = nil;
+  BN_lshift: function(r: PBIGNUM; const a: PBIGNUM; n: TIdC_INT): TIdC_INT cdecl = nil;
+  BN_lshift1: function(r: PBIGNUM; const a: PBIGNUM): TIdC_INT cdecl = nil;
+  BN_exp: function(r: PBIGNUM; a: PBIGNUM; p: PBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl = nil;
+
+  BN_mod_exp: function(r: PBIGNUM; a: PBIGNUM; p: PBIGNUM; const m: PBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl = nil;
+  BN_mod_exp_mont: function(r: PBIGNUM; a: PBIGNUM; p: PBIGNUM; m: PBIGNUM; ctx: PBN_CTX; m_ctx: PBN_MONT_CTX): TIdC_INT cdecl = nil;
+  BN_mod_exp_mont_consttime: function(rr: PBIGNUM; a: PBIGNUM; p: PBIGNUM; m: PBIGNUM; ctx: PBN_CTX; in_mont: PBN_MONT_CTX): TIdC_INT cdecl = nil;
+  BN_mod_exp_mont_word: function(r: PBIGNUM; a: BN_ULONG; p: PBIGNUM; m: PBIGNUM; ctx: PBN_CTX; m_ctx: PBN_MONT_CTX): TIdC_INT cdecl = nil;
+  BN_mod_exp2_mont: function(r: PBIGNUM; const a1: PBIGNUM; const p1: PBIGNUM; const a2: PBIGNUM; const p2: PBIGNUM; const m: PBIGNUM; ctx: PBN_CTX; m_ctx: PBN_MONT_CTX): TIdC_INT cdecl = nil;
+  BN_mod_exp_simple: function(r: PBIGNUM; a: PBIGNUM; p: PBIGNUM; m: PBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl = nil;
+
+  BN_mask_bits: function(a: PBIGNUM; n: TIdC_INT): TIdC_INT cdecl = nil;
+  BN_print: function(bio: PBIO; a: PBIGNUM): TIdC_INT cdecl = nil;
+  BN_reciprocal: function(r: PBIGNUM; m: PBIGNUM; len: TIdC_INT; ctx: PBN_CTX): TIdC_INT cdecl = nil;
+  BN_rshift: function(r: PBIGNUM; a: PBIGNUM; n: TIdC_INT): TIdC_INT cdecl = nil;
+  BN_rshift1: function(r: PBIGNUM; a: PBIGNUM): TIdC_INT cdecl = nil;
+  BN_clear: procedure(a: PBIGNUM) cdecl = nil;
+  BN_dup: function(const a: PBIGNUM): PBIGNUM cdecl = nil;
+  BN_ucmp: function(a: PBIGNUM; b: PBIGNUM): TIdC_INT cdecl = nil;
+  BN_set_bit: function(a: PBIGNUM; n: TIdC_INT): TIdC_INT cdecl = nil;
+  BN_clear_bit: function(a: PBIGNUM; n: TIdC_INT): TIdC_INT cdecl = nil;
+  BN_bn2hex: function(a: PBIGNUM): PIdAnsiChar cdecl = nil;
+  BN_bn2dec: function(a: PBIGNUM): PIdAnsiChar cdecl = nil;
+  BN_hex2bn: function(a: PBIGNUM; str: PIdAnsiChar): TIdC_INT cdecl = nil;
+  BN_dec2bn: function(a: PBIGNUM; str: PIdAnsiChar): TIdC_INT cdecl = nil;
+  BN_asc2bn: function(a: PBIGNUM; str: PIdAnsiChar): TIdC_INT cdecl = nil;
+  BN_gcd: function(r: PBIGNUM; a: PBIGNUM; b: PBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl = nil;
+  BN_kronecker: function(a: PBIGNUM; b: PBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl = nil;
+
+  BN_mod_inverse: function(ret: PBIGNUM; a: PBIGNUM; const n: PBIGNUM; ctx: PBN_CTX): PBIGNUM cdecl = nil;
+  BN_mod_sqrt: function(ret: PBIGNUM; a: PBIGNUM; const n: PBIGNUM; ctx: PBN_CTX): PBIGNUM cdecl = nil;
+
+  BN_consttime_swap: procedure(swap: BN_ULONG; a: PBIGNUM; b: PBIGNUM; nwords: TIdC_INT) cdecl = nil;
+
+  BN_generate_prime_ex: function(ret: PBIGNUM; bits: TIdC_INT; safe: TIdC_INT; const add: PBIGNUM; const rem: PBIGNUM; cb: PBN_GENCB): TIdC_INT cdecl = nil;
+  BN_is_prime_ex: function(const p: PBIGNUM; nchecks: TIdC_INT; ctx: PBN_CTX; cb: PBN_GENCB): TIdC_INT cdecl = nil;
+  BN_is_prime_fasttest_ex: function(const p: PBIGNUM; nchecks: TIdC_INT; ctx: PBN_CTX; do_trial_division: TIdC_INT; cb: PBN_GENCB): TIdC_INT cdecl = nil;
+  BN_X931_generate_Xpq: function(Xp: PBIGNUM; Xq: PBIGNUM; nbits: TIdC_INT; ctx: PBN_CTX): TIdC_INT cdecl = nil;
+  BN_X931_derive_prime_ex: function(p: PBIGNUM; p1: PBIGNUM; p2: PBIGNUM; const Xp: PBIGNUM; const Xp1: PBIGNUM; const Xp2: PBIGNUM; const e: PBIGNUM; ctx: PBN_CTX; cb: PBN_GENCB): TIdC_INT cdecl = nil;
+  BN_X931_generate_prime_ex: function(p: PBIGNUM; p1: PBIGNUM; p2: PBIGNUM; Xp1: PBIGNUM; Xp2: PBIGNUM; Xp: PBIGNUM; const e: PBIGNUM; ctx: PBN_CTX; cb: PBN_GENCB): TIdC_INT cdecl = nil;
+  BN_MONT_CTX_new: function: PBN_MONT_CTX cdecl = nil;
+  BN_mod_mul_montgomery: function(r: PBIGNUM; const a: PBIGNUM; const b: PBIGNUM; mont: PBN_MONT_CTX; ctx: PBN_CTX): TIdC_INT cdecl = nil;
+  BN_to_montgomery: function(r: PBIGNUM; a: PBIGNUM; mont: PBN_MONT_CTX; ctx: PBN_CTX): TIdC_INT cdecl = nil;
+  BN_from_montgomery: function(r: PBIGNUM; a: PBIGNUM; mont: PBN_MONT_CTX; ctx: PBN_CTX): TIdC_INT cdecl = nil;
+  BN_MONT_CTX_free: procedure(mont: PBN_MONT_CTX) cdecl = nil;
+  BN_MONT_CTX_set: function(mont: PBN_MONT_CTX; &mod: PBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl = nil;
+  BN_MONT_CTX_copy: function(&to: PBN_MONT_CTX; from: PBN_MONT_CTX): PBN_MONT_CTX cdecl = nil;
+//  function BN_MONT_CTX_set_locked(pmont: ^PBN_MONT_CTX; lock: CRYPTO_RWLOCK; &mod: PBIGNUM; ctx: PBN_CTX): PBN_MONT_CTX;
+
+  BN_BLINDING_new: function(const A: PBIGNUM; const Ai: PBIGNUM; &mod: PBIGNUM): PBN_BLINDING cdecl = nil;
+  BN_BLINDING_free: procedure(b: PBN_BLINDING) cdecl = nil;
+  BN_BLINDING_update: function(b: PBN_BLINDING; ctx: PBN_CTX): TIdC_INT cdecl = nil;
+  BN_BLINDING_convert: function(n: PBIGNUM; b: PBN_BLINDING; ctx: PBN_CTX): TIdC_INT cdecl = nil;
+  BN_BLINDING_invert: function(n: PBIGNUM; b: PBN_BLINDING; ctx: PBN_CTX): TIdC_INT cdecl = nil;
+  BN_BLINDING_convert_ex: function(n: PBIGNUM; r: PBIGNUM; b: PBN_BLINDING; v4: PBN_CTX): TIdC_INT cdecl = nil;
+  BN_BLINDING_invert_ex: function(n: PBIGNUM; r: PBIGNUM; b: PBN_BLINDING; v2: PBN_CTX): TIdC_INT cdecl = nil;
+
+  BN_BLINDING_is_current_thread: function(b: PBN_BLINDING): TIdC_INT cdecl = nil;
+  BN_BLINDING_set_current_thread: procedure(b: PBN_BLINDING) cdecl = nil;
+  BN_BLINDING_lock: function(b: PBN_BLINDING): TIdC_INT cdecl = nil;
+  BN_BLINDING_unlock: function(b: PBN_BLINDING): TIdC_INT cdecl = nil;
+
+  BN_BLINDING_get_flags: function(v1: PBN_BLINDING): TIdC_ULONG cdecl = nil;
+  BN_BLINDING_set_flags: procedure(v1: PBN_BLINDING; v2: TIdC_ULONG) cdecl = nil;
+//  function BN_BLINDING_create_param(PBN_BLINDING *b,
+//                                         PBIGNUM *e, PBIGNUM *m, PBN_CTX *ctx,
+//                                        function (
+//    r: PBIGNUM;
+//    a: PBIGNUM;
+//    p: PBIGNUM;
+//    m: PBIGNUM;
+//    ctx: PBN_CTX;
+//    m_ctx: PBN_MONT_CTX): TIdC_INT,
+//                                        PBN_MONT_CTX *m_ctx): PBN_BLINDING;
+
+  BN_RECP_CTX_free: procedure(recp: PBN_RECP_CTX) cdecl = nil;
+  BN_RECP_CTX_set: function(recp: PBN_RECP_CTX; rdiv: PBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl = nil;
+  BN_mod_mul_reciprocal: function(r: PBIGNUM; x: PBIGNUM; y: PBIGNUM; recp: PBN_RECP_CTX; ctx: PBN_CTX): TIdC_INT cdecl = nil;
+  BN_mod_exp_recp: function(r: PBIGNUM; a: PBIGNUM; p: PBIGNUM; m: PBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl = nil;
+  BN_div_recp: function(dv: PBIGNUM; rem: PBIGNUM; m: PBIGNUM; recp: PBN_RECP_CTX; ctx: PBN_CTX): TIdC_INT cdecl = nil;
+
+  (*
+   * Functions for arithmetic over binary polynomials represented by BIGNUMs.
+   * The BIGNUM::neg property of BIGNUMs representing binary polynomials is
+   * ignored. Note that input arguments are not const so that their bit arrays
+   * can be expanded to the appropriate size if needed.
+   *)
+
+  (*
+   * r = a + b
+   *)
+  BN_GF2m_add: function(r: PBIGNUM; a: PBIGNUM; b: PBIGNUM): TIdC_INT cdecl = nil;
+//  #  define BN_GF2m_sub(r, a, b) BN_GF2m_add(r, a, b)
+  (*
+   * r=a mod p
+   *)
+  BN_GF2m_mod: function(r: PBIGNUM; a: PBIGNUM; p: PBIGNUM): TIdC_INT cdecl = nil;
+  (* r = (a * b) mod p *)
+  BN_GF2m_mod_mul: function(r: PBIGNUM; a: PBIGNUM; b: PBIGNUM; p: PBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl = nil;
+  (* r = (a * a) mod p *)
+  BN_GF2m_mod_sqr: function(r: PBIGNUM; a: PBIGNUM; p: PBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl = nil;
+  (* r = (1 / b) mod p *)
+  BN_GF2m_mod_inv: function(r: PBIGNUM; b: PBIGNUM; p: PBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl = nil;
+  (* r = (a / b) mod p *)
+  BN_GF2m_mod_div: function(r: PBIGNUM; a: PBIGNUM; b: PBIGNUM; p: PBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl = nil;
+  (* r = (a ^ b) mod p *)
+  BN_GF2m_mod_exp: function(r: PBIGNUM; a: PBIGNUM; b: PBIGNUM; p: PBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl = nil;
+  (* r = sqrt(a) mod p *)
+  BN_GF2m_mod_sqrt: function(r: PBIGNUM; a: PBIGNUM; p: PBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl = nil;
+  (* r^2 + r = a mod p *)
+  BN_GF2m_mod_solve_quad: function(r: PBIGNUM; a: PBIGNUM; p: PBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl = nil;
+//  #  define BN_GF2m_cmp(a, b) BN_ucmp((a), (b))
+  (*-
+   * Some functions allow for representation of the irreducible polynomials
+   * as an unsigned int[], say p.  The irreducible f(t) is then of the form:
+   *     t^p[0] + t^p[1] + ... + t^p[k]
+   * where m = p[0] > p[1] > ... > p[k] = 0.
+   *)
+  (* r = a mod p *)
+//  function BN_GF2m_mod_arr(r: PBIGNUM; a: PBIGNUM; p: array of TIdC_INT): TIdC_INT;
+  (* r = (a * b) mod p *)
+//  function BN_GF2m_mod_mul_arr(r: PBIGNUM; a: PBIGNUM; p: PBIGNUM; p: array of TIdC_INT; ctx: PBN_CTX): TIdC_INT;
+  (* r = (a * a) mod p *)
+//  function BN_GF2m_mod_sqr_arr(r: PBIGNUM; a: PBIGNUM; p: array of TIdC_INT; ctx: PBN_CTX): TIdC_INT;
+  (* r = (1 / b) mod p *)
+//  function BN_GF2m_mod_inv_arr(r: PBIGNUM; b: PBIGNUM; p: array of TIdC_INT; ctx: PBN_CTX): TIdC_INT;
+  (* r = (a / b) mod p *)
+//  function BN_GF2m_mod_div_arr(r: PBIGNUM; a: PBIGNUM; b: PBIGNUM; p: array of TIdC_INT; ctx: PBN_CTX): TIdC_INT;
+  (* r = (a ^ b) mod p *)
+//  function BN_GF2m_mod_exp_arr(r: PBIGNUM; a: PBIGNUM; b: PBIGNUM; p: array of TIdC_INT; ctx: PBN_CTX): TIdC_INT;
+  (* r = sqrt(a) mod p *)
+//  function BN_GF2m_mod_sqrt_arr(r: PBIGNUM; a: PBIGNUM; p: array of TIdC_INT; ctx: PBN_CTX): TIdC_INT;
+  (* r^2 + r = a mod p *)
+//  function BN_GF2m_mod_solve_quad_arr(r: PBIGNUM; a: PBIGNUM; p: array of TIdC_INT; ctx: PBN_CTX): TIdC_INT;
+//  function BN_GF2m_poly2arr(a: PBIGNUM; p: array of TIdC_INT; max: TIdC_INT): TIdC_INT;
+//  function BN_GF2m_arr2poly(p: array of TIdC_INT; a: PBIGNUM): TIdC_INT;
+
+  (*
+   * faster mod functions for the 'NIST primes' 0 <= a < p^2
+   *)
+  BN_nist_mod_192: function(r: PBIGNUM; a: PBIGNUM; p: PBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl = nil;
+  BN_nist_mod_224: function(r: PBIGNUM; a: PBIGNUM; p: PBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl = nil;
+  BN_nist_mod_256: function(r: PBIGNUM; a: PBIGNUM; p: PBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl = nil;
+  BN_nist_mod_384: function(r: PBIGNUM; a: PBIGNUM; p: PBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl = nil;
+  BN_nist_mod_521: function(r: PBIGNUM; a: PBIGNUM; p: PBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl = nil;
+
+  BN_get0_nist_prime_192: function: PBIGNUM cdecl = nil;
+  BN_get0_nist_prime_224: function: PBIGNUM cdecl = nil;
+  BN_get0_nist_prime_256: function: PBIGNUM cdecl = nil;
+  BN_get0_nist_prime_384: function: PBIGNUM cdecl = nil;
+  BN_get0_nist_prime_521: function: PBIGNUM cdecl = nil;
+
+//int (*BN_nist_mod_func(const BIGNUM *p)) (BIGNUM *r, const BIGNUM *a,
+//                                          const BIGNUM *field, BN_CTX *ctx);
+
+  BN_generate_dsa_nonce: function(&out: PBIGNUM; range: PBIGNUM; priv: PBIGNUM; const &message: PByte; message_len: TIdC_SIZET; ctx: PBN_CTX): TIdC_INT cdecl = nil;
+
+  (* Primes from RFC 2409 *)
+  BN_get_rfc2409_prime_768: function(bn: PBIGNUM ): PBIGNUM cdecl = nil;
+  BN_get_rfc2409_prime_1024: function(bn: PBIGNUM): PBIGNUM cdecl = nil;
+
+  (* Primes from RFC 3526 *)
+  BN_get_rfc3526_prime_1536: function(bn: PBIGNUM): PBIGNUM cdecl = nil;
+  BN_get_rfc3526_prime_2048: function(bn: PBIGNUM): PBIGNUM cdecl = nil;
+  BN_get_rfc3526_prime_3072: function(bn: PBIGNUM): PBIGNUM cdecl = nil;
+  BN_get_rfc3526_prime_4096: function(bn: PBIGNUM): PBIGNUM cdecl = nil;
+  BN_get_rfc3526_prime_6144: function(bn: PBIGNUM): PBIGNUM cdecl = nil;
+  BN_get_rfc3526_prime_8192: function(bn: PBIGNUM): PBIGNUM cdecl = nil;
+
+  BN_bntest_rand: function(rnd: PBIGNUM; bits: TIdC_INT; top: TIdC_INT; bottom: TIdC_INT): TIdC_INT cdecl = nil;
+
+implementation
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+
+  function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
+  begin
+    Result := LoadLibFunction(ADllHandle, AMethodName);
+    if not Assigned(Result) then
+      AFailed.Add(AMethodName);
+  end;
+
+begin
+  BN_set_flags := LoadFunction('BN_set_flags', AFailed);
+  BN_get_flags := LoadFunction('BN_get_flags', AFailed);
+  BN_with_flags := LoadFunction('BN_with_flags', AFailed);
+  BN_GENCB_call := LoadFunction('BN_GENCB_call', AFailed);
+  BN_GENCB_new := LoadFunction('BN_GENCB_new', AFailed);
+  BN_GENCB_free := LoadFunction('BN_GENCB_free', AFailed);
+  BN_GENCB_set_old := LoadFunction('BN_GENCB_set_old', AFailed);
+  BN_GENCB_set := LoadFunction('BN_GENCB_set', AFailed);
+  BN_GENCB_get_arg := LoadFunction('BN_GENCB_get_arg', AFailed);
+  BN_abs_is_word := LoadFunction('BN_abs_is_word', AFailed);
+  BN_is_zero := LoadFunction('BN_is_zero', AFailed);
+  BN_is_one := LoadFunction('BN_is_one', AFailed);
+  BN_is_word := LoadFunction('BN_is_word', AFailed);
+  BN_is_odd := LoadFunction('BN_is_odd', AFailed);
+  BN_zero_ex := LoadFunction('BN_zero_ex', AFailed);
+  BN_value_one := LoadFunction('BN_value_one', AFailed);
+  BN_options := LoadFunction('BN_options', AFailed);
+  BN_CTX_new := LoadFunction('BN_CTX_new', AFailed);
+  BN_CTX_secure_new := LoadFunction('BN_CTX_secure_new', AFailed);
+  BN_CTX_free := LoadFunction('BN_CTX_free', AFailed);
+  BN_CTX_start := LoadFunction('BN_CTX_start', AFailed);
+  BN_CTX_get := LoadFunction('BN_CTX_get', AFailed);
+  BN_CTX_end := LoadFunction('BN_CTX_end', AFailed);
+  BN_rand := LoadFunction('BN_rand', AFailed);
+  BN_priv_rand := LoadFunction('BN_priv_rand', AFailed);
+  BN_rand_range := LoadFunction('BN_rand_range', AFailed);
+  BN_priv_rand_range := LoadFunction('BN_priv_rand_range', AFailed);
+  BN_pseudo_rand := LoadFunction('BN_pseudo_rand', AFailed);
+  BN_pseudo_rand_range := LoadFunction('BN_pseudo_rand_range', AFailed);
+  BN_num_bits := LoadFunction('BN_num_bits', AFailed);
+  BN_num_bits_word := LoadFunction('BN_num_bits_word', AFailed);
+  BN_security_bits := LoadFunction('BN_security_bits', AFailed);
+  BN_new := LoadFunction('BN_new', AFailed);
+  BN_secure_new := LoadFunction('BN_secure_new', AFailed);
+  BN_clear_free := LoadFunction('BN_clear_free', AFailed);
+  BN_copy := LoadFunction('BN_copy', AFailed);
+  BN_swap := LoadFunction('BN_swap', AFailed);
+  BN_bin2bn := LoadFunction('BN_bin2bn', AFailed);
+  BN_bn2bin := LoadFunction('BN_bn2bin', AFailed);
+  BN_bn2binpad := LoadFunction('BN_bn2binpad', AFailed);
+  BN_lebin2bn := LoadFunction('BN_lebin2bn', AFailed);
+  BN_bn2lebinpad := LoadFunction('BN_bn2lebinpad', AFailed);
+  BN_mpi2bn := LoadFunction('BN_mpi2bn', AFailed);
+  BN_bn2mpi := LoadFunction('BN_bn2mpi', AFailed);
+  BN_sub := LoadFunction('BN_sub', AFailed);
+  BN_usub := LoadFunction('BN_usub', AFailed);
+  BN_uadd := LoadFunction('BN_uadd', AFailed);
+  BN_add := LoadFunction('BN_add', AFailed);
+  BN_mul := LoadFunction('BN_mul', AFailed);
+  BN_sqr := LoadFunction('BN_sqr', AFailed);
+  BN_set_negative := LoadFunction('BN_set_negative', AFailed);
+  BN_is_negative := LoadFunction('BN_is_negative', AFailed);
+  BN_div := LoadFunction('BN_div', AFailed);
+  BN_nnmod := LoadFunction('BN_nnmod', AFailed);
+  BN_mod_add := LoadFunction('BN_mod_add', AFailed);
+  BN_mod_add_quick := LoadFunction('BN_mod_add_quick', AFailed);
+  BN_mod_sub := LoadFunction('BN_mod_sub', AFailed);
+  BN_mod_sub_quick := LoadFunction('BN_mod_sub_quick', AFailed);
+  BN_mod_mul := LoadFunction('BN_mod_mul', AFailed);
+  BN_mod_sqr := LoadFunction('BN_mod_sqr', AFailed);
+  BN_mod_lshift1 := LoadFunction('BN_mod_lshift1', AFailed);
+  BN_mod_lshift1_quick := LoadFunction('BN_mod_lshift1_quick', AFailed);
+  BN_mod_lshift := LoadFunction('BN_mod_lshift', AFailed);
+  BN_mod_lshift_quick := LoadFunction('BN_mod_lshift_quick', AFailed);
+  BN_mod_word := LoadFunction('BN_mod_word', AFailed);
+  BN_div_word := LoadFunction('BN_div_word', AFailed);
+  BN_mul_word := LoadFunction('BN_mul_word', AFailed);
+  BN_add_word := LoadFunction('BN_add_word', AFailed);
+  BN_sub_word := LoadFunction('BN_sub_word', AFailed);
+  BN_set_word := LoadFunction('BN_set_word', AFailed);
+  BN_get_word := LoadFunction('BN_get_word', AFailed);
+  BN_cmp := LoadFunction('BN_cmp', AFailed);
+  BN_free := LoadFunction('BN_free', AFailed);
+  BN_is_bit_set := LoadFunction('BN_is_bit_set', AFailed);
+  BN_lshift := LoadFunction('BN_lshift', AFailed);
+  BN_lshift1 := LoadFunction('BN_lshift1', AFailed);
+  BN_exp := LoadFunction('BN_exp', AFailed);
+  BN_mod_exp := LoadFunction('BN_mod_exp', AFailed);
+  BN_mod_exp_mont := LoadFunction('BN_mod_exp_mont', AFailed);
+  BN_mod_exp_mont_consttime := LoadFunction('BN_mod_exp_mont_consttime', AFailed);
+  BN_mod_exp_mont_word := LoadFunction('BN_mod_exp_mont_word', AFailed);
+  BN_mod_exp2_mont := LoadFunction('BN_mod_exp2_mont', AFailed);
+  BN_mod_exp_simple := LoadFunction('BN_mod_exp_simple', AFailed);
+  BN_mask_bits := LoadFunction('BN_mask_bits', AFailed);
+  BN_print := LoadFunction('BN_print', AFailed);
+  BN_reciprocal := LoadFunction('BN_reciprocal', AFailed);
+  BN_rshift := LoadFunction('BN_rshift', AFailed);
+  BN_rshift1 := LoadFunction('BN_rshift1', AFailed);
+  BN_clear := LoadFunction('BN_clear', AFailed);
+  BN_dup := LoadFunction('BN_dup', AFailed);
+  BN_ucmp := LoadFunction('BN_ucmp', AFailed);
+  BN_set_bit := LoadFunction('BN_set_bit', AFailed);
+  BN_clear_bit := LoadFunction('BN_clear_bit', AFailed);
+  BN_bn2hex := LoadFunction('BN_bn2hex', AFailed);
+  BN_bn2dec := LoadFunction('BN_bn2dec', AFailed);
+  BN_hex2bn := LoadFunction('BN_hex2bn', AFailed);
+  BN_dec2bn := LoadFunction('BN_dec2bn', AFailed);
+  BN_asc2bn := LoadFunction('BN_asc2bn', AFailed);
+  BN_gcd := LoadFunction('BN_gcd', AFailed);
+  BN_kronecker := LoadFunction('BN_kronecker', AFailed);
+  BN_mod_inverse := LoadFunction('BN_mod_inverse', AFailed);
+  BN_mod_sqrt := LoadFunction('BN_mod_sqrt', AFailed);
+  BN_consttime_swap := LoadFunction('BN_consttime_swap', AFailed);
+  BN_generate_prime_ex := LoadFunction('BN_generate_prime_ex', AFailed);
+  BN_is_prime_ex := LoadFunction('BN_is_prime_ex', AFailed);
+  BN_is_prime_fasttest_ex := LoadFunction('BN_is_prime_fasttest_ex', AFailed);
+  BN_X931_generate_Xpq := LoadFunction('BN_X931_generate_Xpq', AFailed);
+  BN_X931_derive_prime_ex := LoadFunction('BN_X931_derive_prime_ex', AFailed);
+  BN_X931_generate_prime_ex := LoadFunction('BN_X931_generate_prime_ex', AFailed);
+  BN_MONT_CTX_new := LoadFunction('BN_MONT_CTX_new', AFailed);
+  BN_mod_mul_montgomery := LoadFunction('BN_mod_mul_montgomery', AFailed);
+  BN_to_montgomery := LoadFunction('BN_to_montgomery', AFailed);
+  BN_from_montgomery := LoadFunction('BN_from_montgomery', AFailed);
+  BN_MONT_CTX_free := LoadFunction('BN_MONT_CTX_free', AFailed);
+  BN_MONT_CTX_set := LoadFunction('BN_MONT_CTX_set', AFailed);
+  BN_MONT_CTX_copy := LoadFunction('BN_MONT_CTX_copy', AFailed);
+  BN_BLINDING_new := LoadFunction('BN_BLINDING_new', AFailed);
+  BN_BLINDING_free := LoadFunction('BN_BLINDING_free', AFailed);
+  BN_BLINDING_update := LoadFunction('BN_BLINDING_update', AFailed);
+  BN_BLINDING_convert := LoadFunction('BN_BLINDING_convert', AFailed);
+  BN_BLINDING_invert := LoadFunction('BN_BLINDING_invert', AFailed);
+  BN_BLINDING_convert_ex := LoadFunction('BN_BLINDING_convert_ex', AFailed);
+  BN_BLINDING_invert_ex := LoadFunction('BN_BLINDING_invert_ex', AFailed);
+  BN_BLINDING_is_current_thread := LoadFunction('BN_BLINDING_is_current_thread', AFailed);
+  BN_BLINDING_set_current_thread := LoadFunction('BN_BLINDING_set_current_thread', AFailed);
+  BN_BLINDING_lock := LoadFunction('BN_BLINDING_lock', AFailed);
+  BN_BLINDING_unlock := LoadFunction('BN_BLINDING_unlock', AFailed);
+  BN_BLINDING_get_flags := LoadFunction('BN_BLINDING_get_flags', AFailed);
+  BN_BLINDING_set_flags := LoadFunction('BN_BLINDING_set_flags', AFailed);
+  BN_RECP_CTX_free := LoadFunction('BN_RECP_CTX_free', AFailed);
+  BN_RECP_CTX_set := LoadFunction('BN_RECP_CTX_set', AFailed);
+  BN_mod_mul_reciprocal := LoadFunction('BN_mod_mul_reciprocal', AFailed);
+  BN_mod_exp_recp := LoadFunction('BN_mod_exp_recp', AFailed);
+  BN_div_recp := LoadFunction('BN_div_recp', AFailed);
+  BN_GF2m_add := LoadFunction('BN_GF2m_add', AFailed);
+  BN_GF2m_mod := LoadFunction('BN_GF2m_mod', AFailed);
+  BN_GF2m_mod_mul := LoadFunction('BN_GF2m_mod_mul', AFailed);
+  BN_GF2m_mod_sqr := LoadFunction('BN_GF2m_mod_sqr', AFailed);
+  BN_GF2m_mod_inv := LoadFunction('BN_GF2m_mod_inv', AFailed);
+  BN_GF2m_mod_div := LoadFunction('BN_GF2m_mod_div', AFailed);
+  BN_GF2m_mod_exp := LoadFunction('BN_GF2m_mod_exp', AFailed);
+  BN_GF2m_mod_sqrt := LoadFunction('BN_GF2m_mod_sqrt', AFailed);
+  BN_GF2m_mod_solve_quad := LoadFunction('BN_GF2m_mod_solve_quad', AFailed);
+  BN_nist_mod_192 := LoadFunction('BN_nist_mod_192', AFailed);
+  BN_nist_mod_224 := LoadFunction('BN_nist_mod_224', AFailed);
+  BN_nist_mod_256 := LoadFunction('BN_nist_mod_256', AFailed);
+  BN_nist_mod_384 := LoadFunction('BN_nist_mod_384', AFailed);
+  BN_nist_mod_521 := LoadFunction('BN_nist_mod_521', AFailed);
+  BN_get0_nist_prime_192 := LoadFunction('BN_get0_nist_prime_192', AFailed);
+  BN_get0_nist_prime_224 := LoadFunction('BN_get0_nist_prime_224', AFailed);
+  BN_get0_nist_prime_256 := LoadFunction('BN_get0_nist_prime_256', AFailed);
+  BN_get0_nist_prime_384 := LoadFunction('BN_get0_nist_prime_384', AFailed);
+  BN_get0_nist_prime_521 := LoadFunction('BN_get0_nist_prime_521', AFailed);
+  BN_generate_dsa_nonce := LoadFunction('BN_generate_dsa_nonce', AFailed);
+  BN_get_rfc2409_prime_768 := LoadFunction('BN_get_rfc2409_prime_768', AFailed);
+  BN_get_rfc2409_prime_1024 := LoadFunction('BN_get_rfc2409_prime_1024', AFailed);
+  BN_get_rfc3526_prime_1536 := LoadFunction('BN_get_rfc3526_prime_1536', AFailed);
+  BN_get_rfc3526_prime_2048 := LoadFunction('BN_get_rfc3526_prime_2048', AFailed);
+  BN_get_rfc3526_prime_3072 := LoadFunction('BN_get_rfc3526_prime_3072', AFailed);
+  BN_get_rfc3526_prime_4096 := LoadFunction('BN_get_rfc3526_prime_4096', AFailed);
+  BN_get_rfc3526_prime_6144 := LoadFunction('BN_get_rfc3526_prime_6144', AFailed);
+  BN_get_rfc3526_prime_8192 := LoadFunction('BN_get_rfc3526_prime_8192', AFailed);
+  BN_bntest_rand := LoadFunction('BN_bntest_rand', AFailed);
+end;
+
+procedure UnLoad;
+begin
+  BN_set_flags := nil;
+  BN_get_flags := nil;
+  BN_with_flags := nil;
+  BN_GENCB_call := nil;
+  BN_GENCB_new := nil;
+  BN_GENCB_free := nil;
+  BN_GENCB_set_old := nil;
+  BN_GENCB_set := nil;
+  BN_GENCB_get_arg := nil;
+  BN_abs_is_word := nil;
+  BN_is_zero := nil;
+  BN_is_one := nil;
+  BN_is_word := nil;
+  BN_is_odd := nil;
+  BN_zero_ex := nil;
+  BN_value_one := nil;
+  BN_options := nil;
+  BN_CTX_new := nil;
+  BN_CTX_secure_new := nil;
+  BN_CTX_free := nil;
+  BN_CTX_start := nil;
+  BN_CTX_get := nil;
+  BN_CTX_end := nil;
+  BN_rand := nil;
+  BN_priv_rand := nil;
+  BN_rand_range := nil;
+  BN_priv_rand_range := nil;
+  BN_pseudo_rand := nil;
+  BN_pseudo_rand_range := nil;
+  BN_num_bits := nil;
+  BN_num_bits_word := nil;
+  BN_security_bits := nil;
+  BN_new := nil;
+  BN_secure_new := nil;
+  BN_clear_free := nil;
+  BN_copy := nil;
+  BN_swap := nil;
+  BN_bin2bn := nil;
+  BN_bn2bin := nil;
+  BN_bn2binpad := nil;
+  BN_lebin2bn := nil;
+  BN_bn2lebinpad := nil;
+  BN_mpi2bn := nil;
+  BN_bn2mpi := nil;
+  BN_sub := nil;
+  BN_usub := nil;
+  BN_uadd := nil;
+  BN_add := nil;
+  BN_mul := nil;
+  BN_sqr := nil;
+  BN_set_negative := nil;
+  BN_is_negative := nil;
+  BN_div := nil;
+  BN_nnmod := nil;
+  BN_mod_add := nil;
+  BN_mod_add_quick := nil;
+  BN_mod_sub := nil;
+  BN_mod_sub_quick := nil;
+  BN_mod_mul := nil;
+  BN_mod_sqr := nil;
+  BN_mod_lshift1 := nil;
+  BN_mod_lshift1_quick := nil;
+  BN_mod_lshift := nil;
+  BN_mod_lshift_quick := nil;
+  BN_mod_word := nil;
+  BN_div_word := nil;
+  BN_mul_word := nil;
+  BN_add_word := nil;
+  BN_sub_word := nil;
+  BN_set_word := nil;
+  BN_get_word := nil;
+  BN_cmp := nil;
+  BN_free := nil;
+  BN_is_bit_set := nil;
+  BN_lshift := nil;
+  BN_lshift1 := nil;
+  BN_exp := nil;
+  BN_mod_exp := nil;
+  BN_mod_exp_mont := nil;
+  BN_mod_exp_mont_consttime := nil;
+  BN_mod_exp_mont_word := nil;
+  BN_mod_exp2_mont := nil;
+  BN_mod_exp_simple := nil;
+  BN_mask_bits := nil;
+  BN_print := nil;
+  BN_reciprocal := nil;
+  BN_rshift := nil;
+  BN_rshift1 := nil;
+  BN_clear := nil;
+  BN_dup := nil;
+  BN_ucmp := nil;
+  BN_set_bit := nil;
+  BN_clear_bit := nil;
+  BN_bn2hex := nil;
+  BN_bn2dec := nil;
+  BN_hex2bn := nil;
+  BN_dec2bn := nil;
+  BN_asc2bn := nil;
+  BN_gcd := nil;
+  BN_kronecker := nil;
+  BN_mod_inverse := nil;
+  BN_mod_sqrt := nil;
+  BN_consttime_swap := nil;
+  BN_generate_prime_ex := nil;
+  BN_is_prime_ex := nil;
+  BN_is_prime_fasttest_ex := nil;
+  BN_X931_generate_Xpq := nil;
+  BN_X931_derive_prime_ex := nil;
+  BN_X931_generate_prime_ex := nil;
+  BN_MONT_CTX_new := nil;
+  BN_mod_mul_montgomery := nil;
+  BN_to_montgomery := nil;
+  BN_from_montgomery := nil;
+  BN_MONT_CTX_free := nil;
+  BN_MONT_CTX_set := nil;
+  BN_MONT_CTX_copy := nil;
+  BN_BLINDING_new := nil;
+  BN_BLINDING_free := nil;
+  BN_BLINDING_update := nil;
+  BN_BLINDING_convert := nil;
+  BN_BLINDING_invert := nil;
+  BN_BLINDING_convert_ex := nil;
+  BN_BLINDING_invert_ex := nil;
+  BN_BLINDING_is_current_thread := nil;
+  BN_BLINDING_set_current_thread := nil;
+  BN_BLINDING_lock := nil;
+  BN_BLINDING_unlock := nil;
+  BN_BLINDING_get_flags := nil;
+  BN_BLINDING_set_flags := nil;
+  BN_RECP_CTX_free := nil;
+  BN_RECP_CTX_set := nil;
+  BN_mod_mul_reciprocal := nil;
+  BN_mod_exp_recp := nil;
+  BN_div_recp := nil;
+  BN_GF2m_add := nil;
+  BN_GF2m_mod := nil;
+  BN_GF2m_mod_mul := nil;
+  BN_GF2m_mod_sqr := nil;
+  BN_GF2m_mod_inv := nil;
+  BN_GF2m_mod_div := nil;
+  BN_GF2m_mod_exp := nil;
+  BN_GF2m_mod_sqrt := nil;
+  BN_GF2m_mod_solve_quad := nil;
+  BN_nist_mod_192 := nil;
+  BN_nist_mod_224 := nil;
+  BN_nist_mod_256 := nil;
+  BN_nist_mod_384 := nil;
+  BN_nist_mod_521 := nil;
+  BN_get0_nist_prime_192 := nil;
+  BN_get0_nist_prime_224 := nil;
+  BN_get0_nist_prime_256 := nil;
+  BN_get0_nist_prime_384 := nil;
+  BN_get0_nist_prime_521 := nil;
+  BN_generate_dsa_nonce := nil;
+  BN_get_rfc2409_prime_768 := nil;
+  BN_get_rfc2409_prime_1024 := nil;
+  BN_get_rfc3526_prime_1536 := nil;
+  BN_get_rfc3526_prime_2048 := nil;
+  BN_get_rfc3526_prime_3072 := nil;
+  BN_get_rfc3526_prime_4096 := nil;
+  BN_get_rfc3526_prime_6144 := nil;
+  BN_get_rfc3526_prime_8192 := nil;
+  BN_bntest_rand := nil;
+end;
+{$ENDREGION}
+
+end.
+
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_bnerr.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_bnerr.pas
new file mode 100644
index 000000000..e784a43c3
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_bnerr.pas
@@ -0,0 +1,156 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 15:01:04
+
+unit IdOpenSSLHeaders_bnerr;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// bnerr.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  Classes,
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+const
+  (*
+   * BN function codes.
+   *)
+  BN_F_BNRAND = 127;
+  BN_F_BNRAND_RANGE = 138;
+  BN_F_BN_BLINDING_CONVERT_EX = 100;
+  BN_F_BN_BLINDING_CREATE_PARAM = 128;
+  BN_F_BN_BLINDING_INVERT_EX = 101;
+  BN_F_BN_BLINDING_NEW = 102;
+  BN_F_BN_BLINDING_UPDATE = 103;
+  BN_F_BN_BN2DEC = 104;
+  BN_F_BN_BN2HEX = 105;
+  BN_F_BN_COMPUTE_WNAF = 142;
+  BN_F_BN_CTX_GET = 116;
+  BN_F_BN_CTX_NEW = 106;
+  BN_F_BN_CTX_START = 129;
+  BN_F_BN_DIV = 107;
+  BN_F_BN_DIV_RECP = 130;
+  BN_F_BN_EXP = 123;
+  BN_F_BN_EXPAND_INTERNAL = 120;
+  BN_F_BN_GENCB_NEW = 143;
+  BN_F_BN_GENERATE_DSA_NONCE = 140;
+  BN_F_BN_GENERATE_PRIME_EX = 141;
+  BN_F_BN_GF2M_MOD = 131;
+  BN_F_BN_GF2M_MOD_EXP = 132;
+  BN_F_BN_GF2M_MOD_MUL = 133;
+  BN_F_BN_GF2M_MOD_SOLVE_QUAD = 134;
+  BN_F_BN_GF2M_MOD_SOLVE_QUAD_ARR = 135;
+  BN_F_BN_GF2M_MOD_SQR = 136;
+  BN_F_BN_GF2M_MOD_SQRT = 137;
+  BN_F_BN_LSHIFT = 145;
+  BN_F_BN_MOD_EXP2_MONT = 118;
+  BN_F_BN_MOD_EXP_MONT = 109;
+  BN_F_BN_MOD_EXP_MONT_CONSTTIME = 124;
+  BN_F_BN_MOD_EXP_MONT_WORD = 117;
+  BN_F_BN_MOD_EXP_RECP = 125;
+  BN_F_BN_MOD_EXP_SIMPLE = 126;
+  BN_F_BN_MOD_INVERSE = 110;
+  BN_F_BN_MOD_INVERSE_NO_BRANCH = 139;
+  BN_F_BN_MOD_LSHIFT_QUICK = 119;
+  BN_F_BN_MOD_SQRT = 121;
+  BN_F_BN_MONT_CTX_NEW = 149;
+  BN_F_BN_MPI2BN = 112;
+  BN_F_BN_NEW = 113;
+  BN_F_BN_POOL_GET = 147;
+  BN_F_BN_RAND = 114;
+  BN_F_BN_RAND_RANGE = 122;
+  BN_F_BN_RECP_CTX_NEW = 150;
+  BN_F_BN_RSHIFT = 146;
+  BN_F_BN_SET_WORDS = 144;
+  BN_F_BN_STACK_PUSH = 148;
+  BN_F_BN_USUB = 115;
+
+  (*
+   * BN reason codes.
+   *)
+  BN_R_ARG2_LT_ARG3 = 100;
+  BN_R_BAD_RECIPROCAL = 101;
+  BN_R_BIGNUM_TOO_LONG = 114;
+  BN_R_BITS_TOO_SMALL = 118;
+  BN_R_CALLED_WITH_EVEN_MODULUS = 102;
+  BN_R_DIV_BY_ZERO = 103;
+  BN_R_ENCODING_ERROR = 104;
+  BN_R_EXPAND_ON_STATIC_BIGNUM_DATA = 105;
+  BN_R_INPUT_NOT_REDUCED = 110;
+  BN_R_INVALID_LENGTH = 106;
+  BN_R_INVALID_RANGE = 115;
+  BN_R_INVALID_SHIFT = 119;
+  BN_R_NOT_A_SQUARE = 111;
+  BN_R_NOT_INITIALIZED = 107;
+  BN_R_NO_INVERSE = 108;
+  BN_R_NO_SOLUTION = 116;
+  BN_R_PRIVATE_KEY_TOO_LARGE = 117;
+  BN_R_P_IS_NOT_PRIME = 112;
+  BN_R_TOO_MANY_ITERATIONS = 113;
+  BN_R_TOO_MANY_TEMPORARY_VARIABLES = 109;
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+procedure UnLoad;
+{$ENDREGION}
+
+var
+  ERR_load_BN_strings: function: TIdC_INT cdecl = nil;
+
+implementation
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+
+  function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
+  begin
+    Result := LoadLibFunction(ADllHandle, AMethodName);
+    if not Assigned(Result) then
+      AFailed.Add(AMethodName);
+  end;
+
+begin
+  ERR_load_BN_strings := LoadFunction('ERR_load_BN_strings', AFailed);
+end;
+
+procedure UnLoad;
+begin
+  ERR_load_BN_strings := nil;
+end;
+{$ENDREGION}
+
+end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_buffer.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_buffer.pas
new file mode 100644
index 000000000..07f741413
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_buffer.pas
@@ -0,0 +1,105 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 15:01:04
+
+unit IdOpenSSLHeaders_buffer;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// buffer.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  Classes,
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts,
+  IdOpenSSLHeaders_ossl_typ;
+
+const
+  BUF_MEM_FLAG_SECURE = $01;
+
+type
+  buf_mem_st = record
+    length: TIdC_SIZET;
+    data: PIdAnsiChar;
+    max: TIdC_SIZET;
+    flags: TIdC_ULONG;
+  end;
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+procedure UnLoad;
+{$ENDREGION}
+
+var
+  BUF_MEM_new: function: PBUF_MEM cdecl = nil;
+  BUF_MEM_new_ex: function(flags: TIdC_ULONG): PBUF_MEM cdecl = nil;
+  BUF_MEM_free: procedure(a: PBUF_MEM) cdecl = nil;
+  BUF_MEM_grow: function(str: PBUF_MEM; len: TIdC_SIZET): TIdC_SIZET cdecl = nil;
+  BUF_MEM_grow_clean: function(str: PBUF_MEM; len: TIdC_SIZET): TIdC_SIZET cdecl = nil;
+  BUF_reverse: procedure(&out: PByte; const &in: PByte; siz: TIdC_SIZET) cdecl = nil;
+
+implementation
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+
+  function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
+  begin
+    Result := LoadLibFunction(ADllHandle, AMethodName);
+    if not Assigned(Result) then
+      AFailed.Add(AMethodName);
+  end;
+
+begin
+  BUF_MEM_new := LoadFunction('BUF_MEM_new', AFailed);
+  BUF_MEM_new_ex := LoadFunction('BUF_MEM_new_ex', AFailed);
+  BUF_MEM_free := LoadFunction('BUF_MEM_free', AFailed);
+  BUF_MEM_grow := LoadFunction('BUF_MEM_grow', AFailed);
+  BUF_MEM_grow_clean := LoadFunction('BUF_MEM_grow_clean', AFailed);
+  BUF_reverse := LoadFunction('BUF_reverse', AFailed);
+end;
+
+procedure UnLoad;
+begin
+  BUF_MEM_new := nil;
+  BUF_MEM_new_ex := nil;
+  BUF_MEM_free := nil;
+  BUF_MEM_grow := nil;
+  BUF_MEM_grow_clean := nil;
+  BUF_reverse := nil;
+end;
+{$ENDREGION}
+
+end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_buffererr.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_buffererr.pas
new file mode 100644
index 000000000..f1b346030
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_buffererr.pas
@@ -0,0 +1,86 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 15:01:04
+
+unit IdOpenSSLHeaders_buffererr;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// buffererr.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  Classes,
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+const
+// BUF function codes.
+  BUF_F_BUF_MEM_GROW = 100;
+  BUF_F_BUF_MEM_GROW_CLEAN = 105;
+  BUF_F_BUF_MEM_NEW = 101;
+
+// BUF reason codes.
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+procedure UnLoad;
+{$ENDREGION}
+
+var
+  ERR_load_BUF_strings: function: TIdC_INT cdecl = nil;
+
+implementation
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+
+  function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
+  begin
+    Result := LoadLibFunction(ADllHandle, AMethodName);
+    if not Assigned(Result) then
+      AFailed.Add(AMethodName);
+  end;
+
+begin
+  ERR_load_BUF_strings := LoadFunction('ERR_load_BUF_strings', AFailed);
+end;
+
+procedure UnLoad;
+begin
+  ERR_load_BUF_strings := nil;
+end;
+{$ENDREGION}
+
+end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_camellia.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_camellia.pas
new file mode 100644
index 000000000..68416b8ea
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_camellia.pas
@@ -0,0 +1,137 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 15:01:04
+
+unit IdOpenSSLHeaders_camellia;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// camellia.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  Classes,
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+const
+  // Added '_CONST' to avoid name clashes
+  CAMELLIA_ENCRYPT_CONST = 1;
+  // Added '_CONST' to avoid name clashes
+  CAMELLIA_DECRYPT_CONST = 0;
+
+  CAMELLIA_BLOCK_SIZE = 16;
+  CAMELLIA_TABLE_BYTE_LEN = 272;
+  CAMELLIA_TABLE_WORD_LEN = CAMELLIA_TABLE_BYTE_LEN div 4;
+
+type
+  KEY_TABLE_TYPE = array[0 .. CAMELLIA_TABLE_WORD_LEN - 1] of TIdC_UINT;
+
+  camellia_key_st_u = record
+    case Integer of
+    0: (d: TIdC_DOUBLE);
+    1: (rd_key: KEY_TABLE_TYPE);
+  end;
+
+  camellia_key_st = record
+    u: camellia_key_st_u;
+    grand_rounds: TIdC_INT;
+  end;
+
+  CAMELLIA_KEY = camellia_key_st;
+  PCAMELLIA_KEY = ^CAMELLIA_KEY;
+
+  TCamellia_ctr128_encrypt_ivec = array[0 .. CAMELLIA_TABLE_WORD_LEN - 1] of Byte;
+  TCamellia_ctr128_encrypt_ecount_buf = array[0 .. CAMELLIA_TABLE_WORD_LEN - 1] of Byte;
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+procedure UnLoad;
+{$ENDREGION}
+
+var
+  Camellia_set_key: function(const userKey: PByte; const bits: TIdC_INT; key: PCAMELLIA_KEY): TIdC_INT cdecl = nil;
+
+  Camellia_encrypt: procedure(const &in: PByte; const &out: PByte; const key: PCAMELLIA_KEY) cdecl = nil;
+  Camellia_decrypt: procedure(const &in: PByte; const &out: PByte; const key: PCAMELLIA_KEY) cdecl = nil;
+
+  Camellia_ecb_encrypt: procedure( const &in: PByte; const &out: PByte; const key: PCAMELLIA_KEY; const enc: TIdC_INT) cdecl = nil;
+  Camellia_cbc_encrypt: procedure( const &in: PByte; const &out: PByte; length: TIdC_SIZET; const key: PCAMELLIA_KEY; ivec: PByte; const enc: TIdC_INT) cdecl = nil;
+  Camellia_cfb128_encrypt: procedure( const &in: PByte; const &out: PByte; length: TIdC_SIZET; const key: PCAMELLIA_KEY; ivec: PByte; num: PIdC_INT; const enc: TIdC_INT) cdecl = nil;
+  Camellia_cfb1_encrypt: procedure( const &in: PByte; const &out: PByte; length: TIdC_SIZET; const key: PCAMELLIA_KEY; ivec: PByte; num: PIdC_INT; const enc: TIdC_INT) cdecl = nil;
+  Camellia_cfb8_encrypt: procedure( const &in: PByte; const &out: PByte; length: TIdC_SIZET; const key: PCAMELLIA_KEY; ivec: PByte; num: PIdC_INT; const enc: TIdC_INT) cdecl = nil;
+  Camellia_ofb128_encrypt: procedure( const &in: PByte; const &out: PByte; length: TIdC_SIZET; const key: PCAMELLIA_KEY; ivec: PByte; num: PIdC_INT) cdecl = nil;
+  Camellia_ctr128_encrypt: procedure( const &in: PByte; const &out: PByte; length: TIdC_SIZET; const key: PCAMELLIA_KEY; ivec: TCamellia_ctr128_encrypt_ivec; ecount_buf: TCamellia_ctr128_encrypt_ecount_buf; num: PIdC_INT) cdecl = nil;
+
+implementation
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+
+  function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
+  begin
+    Result := LoadLibFunction(ADllHandle, AMethodName);
+    if not Assigned(Result) then
+      AFailed.Add(AMethodName);
+  end;
+
+begin
+  Camellia_set_key := LoadFunction('Camellia_set_key', AFailed);
+  Camellia_encrypt := LoadFunction('Camellia_encrypt', AFailed);
+  Camellia_decrypt := LoadFunction('Camellia_decrypt', AFailed);
+  Camellia_ecb_encrypt := LoadFunction('Camellia_ecb_encrypt', AFailed);
+  Camellia_cbc_encrypt := LoadFunction('Camellia_cbc_encrypt', AFailed);
+  Camellia_cfb128_encrypt := LoadFunction('Camellia_cfb128_encrypt', AFailed);
+  Camellia_cfb1_encrypt := LoadFunction('Camellia_cfb1_encrypt', AFailed);
+  Camellia_cfb8_encrypt := LoadFunction('Camellia_cfb8_encrypt', AFailed);
+  Camellia_ofb128_encrypt := LoadFunction('Camellia_ofb128_encrypt', AFailed);
+  Camellia_ctr128_encrypt := LoadFunction('Camellia_ctr128_encrypt', AFailed);
+end;
+
+procedure UnLoad;
+begin
+  Camellia_set_key := nil;
+  Camellia_encrypt := nil;
+  Camellia_decrypt := nil;
+  Camellia_ecb_encrypt := nil;
+  Camellia_cbc_encrypt := nil;
+  Camellia_cfb128_encrypt := nil;
+  Camellia_cfb1_encrypt := nil;
+  Camellia_cfb8_encrypt := nil;
+  Camellia_ofb128_encrypt := nil;
+  Camellia_ctr128_encrypt := nil;
+end;
+{$ENDREGION}
+
+end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_cast.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_cast.pas
new file mode 100644
index 000000000..9934bb006
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_cast.pas
@@ -0,0 +1,114 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 15:01:04
+
+unit IdOpenSSLHeaders_cast;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// cast.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  Classes,
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+const
+  CAST_ENCRYPT_CONST =  1;
+  CAST_DECRYPT_CONST =  0;
+  CAST_BLOCK =  8;
+  CAST_KEY_LENGTH = 16;
+
+type
+  CAST_LONG = type TIdC_UINT;
+  PCAST_LONG = ^CAST_LONG;
+
+  cast_key_st = record
+    data: array of CAST_LONG;
+    short_key: TIdC_INT;              //* Use reduced rounds for short key */
+  end;
+
+  CAST_KEY = cast_key_st;
+  PCAST_KEY = ^CAST_KEY;
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+procedure UnLoad;
+{$ENDREGION}
+
+var
+  CAST_set_key: procedure(key: PCast_Key; len: TIdC_INT; const data: PByte) cdecl = nil;
+  CAST_ecb_encrypt: procedure(const &in: PByte; &out: PByte; const key: PCast_Key; enc: TIdC_INT) cdecl = nil;
+  CAST_encrypt: procedure(data: PCAST_LONG; const key: PCast_Key) cdecl = nil;
+  CAST_decrypt: procedure(data: PCAST_LONG; const key: PCast_Key) cdecl = nil;
+  CAST_cbc_encrypt: procedure(const &in: PByte; &out: PByte; length: TIdC_LONG; const ks: PCast_Key; iv: PByte; enc: TIdC_INT) cdecl = nil;
+  CAST_cfb64_encrypt: procedure(const &in: PByte; &out: PByte; length: TIdC_LONG; const schedule: PCast_Key; ivec: PByte; num: PIdC_INT; enc: TIdC_INT) cdecl = nil;
+  CAST_ofb64_encrypt: procedure(const &in: PByte; &out: PByte; length: TIdC_LONG; const schedule: PCast_Key; ivec: PByte; num: PIdC_INT) cdecl = nil;
+
+implementation
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+
+  function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
+  begin
+    Result := LoadLibFunction(ADllHandle, AMethodName);
+    if not Assigned(Result) then
+      AFailed.Add(AMethodName);
+  end;
+
+begin
+  CAST_set_key := LoadFunction('CAST_set_key', AFailed);
+  CAST_ecb_encrypt := LoadFunction('CAST_ecb_encrypt', AFailed);
+  CAST_encrypt := LoadFunction('CAST_encrypt', AFailed);
+  CAST_decrypt := LoadFunction('CAST_decrypt', AFailed);
+  CAST_cbc_encrypt := LoadFunction('CAST_cbc_encrypt', AFailed);
+  CAST_cfb64_encrypt := LoadFunction('CAST_cfb64_encrypt', AFailed);
+  CAST_ofb64_encrypt := LoadFunction('CAST_ofb64_encrypt', AFailed);
+end;
+
+procedure UnLoad;
+begin
+  CAST_set_key := nil;
+  CAST_ecb_encrypt := nil;
+  CAST_encrypt := nil;
+  CAST_decrypt := nil;
+  CAST_cbc_encrypt := nil;
+  CAST_cfb64_encrypt := nil;
+  CAST_ofb64_encrypt := nil;
+end;
+{$ENDREGION}
+
+end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_cmac.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_cmac.pas
new file mode 100644
index 000000000..904a446cd
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_cmac.pas
@@ -0,0 +1,111 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 15:01:04
+
+unit IdOpenSSLHeaders_cmac;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// cmac.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  Classes,
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts,
+  IdOpenSSLHeaders_evp,
+  IdOpenSSLHeaders_ossl_typ;
+
+//* Opaque */
+type
+  CMAC_CTX_st = type Pointer;
+  CMAC_CTX = CMAC_CTX_st;
+  PCMAC_CTX = ^CMAC_CTX;
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+procedure UnLoad;
+{$ENDREGION}
+
+var
+  CMAC_CTX_new: function: PCMAC_CTX cdecl = nil;
+  CMAC_CTX_cleanup: procedure(ctx: PCMAC_CTX) cdecl = nil;
+  CMAC_CTX_free: procedure(ctx: PCMAC_CTX) cdecl = nil;
+  CMAC_CTX_get0_cipher_ctx: function(ctx: PCMAC_CTX): PEVP_CIPHER_CTX cdecl = nil;
+  CMAC_CTX_copy: function(out: PCMAC_CTX; const &in: PCMAC_CTX): TIdC_INT cdecl = nil;
+  CMAC_Init: function(ctx: PCMAC_CTX; const key: Pointer; keylen: TIdC_SIZET; const cipher: PEVP_Cipher; impl: PENGINe): TIdC_INT cdecl = nil;
+  CMAC_Update: function(ctx: PCMAC_CTX; const data: Pointer; dlen: TIdC_SIZET): TIdC_INT cdecl = nil;
+  CMAC_Final: function(ctx: PCMAC_CTX; &out: PByte; poutlen: PIdC_SIZET): TIdC_INT cdecl = nil;
+  CMAC_resume: function(ctx: PCMAC_CTX): TIdC_INT cdecl = nil;
+
+
+implementation
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+
+  function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
+  begin
+    Result := LoadLibFunction(ADllHandle, AMethodName);
+    if not Assigned(Result) then
+      AFailed.Add(AMethodName);
+  end;
+
+begin
+  CMAC_CTX_new := LoadFunction('CMAC_CTX_new', AFailed);
+  CMAC_CTX_cleanup := LoadFunction('CMAC_CTX_cleanup', AFailed);
+  CMAC_CTX_free := LoadFunction('CMAC_CTX_free', AFailed);
+  CMAC_CTX_get0_cipher_ctx := LoadFunction('CMAC_CTX_get0_cipher_ctx', AFailed);
+  CMAC_CTX_copy := LoadFunction('CMAC_CTX_copy', AFailed);
+  CMAC_Init := LoadFunction('CMAC_Init', AFailed);
+  CMAC_Update := LoadFunction('CMAC_Update', AFailed);
+  CMAC_Final := LoadFunction('CMAC_Final', AFailed);
+  CMAC_resume := LoadFunction('CMAC_resume', AFailed);
+end;
+
+procedure UnLoad;
+begin
+  CMAC_CTX_new := nil;
+  CMAC_CTX_cleanup := nil;
+  CMAC_CTX_free := nil;
+  CMAC_CTX_get0_cipher_ctx := nil;
+  CMAC_CTX_copy := nil;
+  CMAC_Init := nil;
+  CMAC_Update := nil;
+  CMAC_Final := nil;
+  CMAC_resume := nil;
+end;
+{$ENDREGION}
+
+end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_cms.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_cms.pas
new file mode 100644
index 000000000..732309516
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_cms.pas
@@ -0,0 +1,510 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 15:01:04
+
+unit IdOpenSSLHeaders_cms;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// cms.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  Classes,
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts,
+  IdOpenSSLHeaders_ossl_typ,
+  IdOpenSSLHeaders_x509;
+
+type
+  CMS_ContentInfo_st = type Pointer;
+  CMS_ContentInfo = CMS_ContentInfo_st;
+  PCMS_ContentInfo = ^CMS_ContentInfo;
+  PPCMS_ContentInfo = ^PCMS_ContentInfo;
+
+  CMS_SignerInfo_st = type Pointer;
+  CMS_SignerInfo = CMS_SignerInfo_st;
+  PCMS_SignerInfo = ^CMS_SignerInfo;
+
+  CMS_CertificateChoices_st = type Pointer;
+  CMS_CertificateChoices = CMS_CertificateChoices_st;
+  PCMS_CertificateChoices = ^CMS_CertificateChoices;
+
+  CMS_RevocationInfoChoice_st = type Pointer;
+  CMS_RevocationInfoChoice = CMS_RevocationInfoChoice_st;
+  PCMS_RevocationInfoChoice = ^CMS_RevocationInfoChoice;
+
+  CMS_RecipientInfo_st = type Pointer;
+  CMS_RecipientInfo = CMS_RecipientInfo_st;
+  PCMS_RecipientInfo = ^CMS_RecipientInfo;
+  PPCMS_RecipientInfo = ^PCMS_RecipientInfo;
+
+  CMS_ReceiptRequest_st = type Pointer;
+  CMS_ReceiptRequest = CMS_ReceiptRequest_st;
+  PCMS_ReceiptRequest = ^CMS_ReceiptRequest;
+  PPCMS_ReceiptRequest = ^PCMS_ReceiptRequest;
+
+  CMS_Receipt_st = type Pointer;
+  CMS_Receipt = CMS_Receipt_st;
+  PCMS_Receipt = ^CMS_Receipt;
+
+  CMS_RecipientEncryptedKey_st = type Pointer;
+  CMS_RecipientEncryptedKey = CMS_RecipientEncryptedKey_st;
+  PCMS_RecipientEncryptedKey = ^CMS_RecipientEncryptedKey;
+
+  CMS_OtherKeyAttribute_st = type Pointer;
+  CMS_OtherKeyAttribute = CMS_OtherKeyAttribute_st;
+  PCMS_OtherKeyAttribute = ^CMS_OtherKeyAttribute;
+  PPCMS_OtherKeyAttribute = ^PCMS_OtherKeyAttribute;
+
+//DEFINE_STACK_OF(CMS_SignerInfo)
+//DEFINE_STACK_OF(CMS_RecipientEncryptedKey)
+//DEFINE_STACK_OF(CMS_RecipientInfo)
+//DEFINE_STACK_OF(CMS_RevocationInfoChoice)
+//DECLARE_ASN1_FUNCTIONS(CMS_ContentInfo)
+//DECLARE_ASN1_FUNCTIONS(CMS_ReceiptRequest)
+//DECLARE_ASN1_PRINT_FUNCTION(CMS_ContentInfo)
+
+const
+  CMS_SIGNERINFO_ISSUER_SERIAL    = 0;
+  CMS_SIGNERINFO_KEYIDENTIFIER    = 1;
+
+  CMS_RECIPINFO_NONE              = -1;
+  CMS_RECIPINFO_TRANS             = 0;
+  CMS_RECIPINFO_AGREE             = 1;
+  CMS_RECIPINFO_KEK               = 2;
+  CMS_RECIPINFO_PASS              = 3;
+  CMS_RECIPINFO_OTHER             = 4;
+
+// S/MIME related flags /
+
+  CMS_TEXT                        = $1;
+  CMS_NOCERTS                     = $2;
+  CMS_NO_CONTENT_VERIFY           = $4;
+  CMS_NO_ATTR_VERIFY              = $8;
+  CMS_NOSIGS                      = (CMS_NO_CONTENT_VERIFY or CMS_NO_ATTR_VERIFY);
+  CMS_NOINTERN                    = $10;
+  CMS_NO_SIGNER_CERT_VERIFY       = $20;
+  CMS_NOVERIFY                    = $20;
+  CMS_DETACHED                    = $40;
+  CMS_BINARY                      = $80;
+  CMS_NOATTR                      = $100;
+  CMS_NOSMIMECAP                  = $200;
+  CMS_NOOLDMIMETYPE               = $400;
+  CMS_CRLFEOL                     = $800;
+  CMS_STREAM_CONST                = $1000;
+  CMS_NOCRL                       = $2000;
+  CMS_PARTIAL                     = $4000;
+  CMS_REUSE_DIGEST                = $8000;
+  CMS_USE_KEYID                   = $10000;
+  CMS_DEBUG_DECRYPT               = $20000;
+  CMS_KEY_PARAM                   = $40000;
+  CMS_ASCIICRLF                   = $80000;
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+procedure UnLoad;
+{$ENDREGION}
+
+var
+  CMS_get0_type: function(const cms: PCMS_ContentInfo): PASN1_OBJECT cdecl = nil;
+
+  CMS_dataInit: function(cms: PCMS_ContentInfo; icont: PBIO): PBIO cdecl = nil;
+  CMS_dataFinal: function(cms: PCMS_ContentInfo; bio: PBIO): TIdC_INT cdecl = nil;
+
+  CMS_get0_content: function(cms: PCMS_ContentInfo): PPASN1_OCTET_STRING cdecl = nil;
+  CMS_is_detached: function(cms: PCMS_ContentInfo): TIdC_INT cdecl = nil;
+  CMS_set_detached: function(cms: PCMS_ContentInfo; detached: TIdC_INT): TIdC_INT cdecl = nil;
+
+  CMS_stream: function(cms: PCMS_ContentInfo; boundary: PPPByte): TIdC_INT cdecl = nil;
+  d2i_CMS_bio: function(bp: PBIO; cms: PPCMS_ContentInfo): PCMS_ContentInfo cdecl = nil;
+  i2d_CMS_bio: function(bp: PBIO; cms: PCMS_ContentInfo): TIdC_INT cdecl = nil;
+
+  BIO_new_CMS: function(&out: PBIO; cms: PCMS_ContentInfo): PBIO cdecl = nil;
+  i2d_CMS_bio_stream: function(&out: PBIO; cms: PCMS_ContentInfo; &in: PBIO; flags: TIdC_INT): TIdC_INT cdecl = nil;
+  PEM_write_bio_CMS_stream: function(&out: PBIO; cms: PCMS_ContentInfo; &in: PBIO; flags: TIdC_INT): TIdC_INT cdecl = nil;
+  SMIME_read_CMS: function(bio: PBIO; bcont: PPBIO): PCMS_ContentInfo cdecl = nil;
+  SMIME_write_CMS: function(bio: PBIO; cms: PCMS_ContentInfo; data: PBIO; flags: TIdC_INT): TIdC_INT cdecl = nil;
+
+  CMS_final: function(cms: PCMS_ContentInfo; data: PBIO; dcont: PBIO; flags: TIdC_UINT): TIdC_INT cdecl = nil;
+
+//  function CMS_sign(signcert: PX509; pkey: PEVP_PKEY; {STACK_OF(x509) *certs;} data: PBIO; flags: TIdC_UINT): PCMS_ContentInfo;
+
+//  function CMS_sign_receipt(si: PCMS_SignerInfo; signcert: PX509; pkey: PEVP_PKEY; {STACK_OF(X509) *certs;} flags: TIdC_UINT): PCMS_ContentInfo;
+
+  CMS_data: function(cms: PCMS_ContentInfo; &out: PBIO; flags: TIdC_UINT): TIdC_INT cdecl = nil;
+  CMS_data_create: function(&in: PBIO; flags: TIdC_UINT): PCMS_ContentInfo cdecl = nil;
+
+  CMS_digest_verify: function(cms: PCMS_ContentInfo; dcont: PBIO; &out: PBIO; flags: TIdC_UINT): TIdC_INT cdecl = nil;
+  CMS_digest_create: function(&in: PBIO; const md: PEVP_MD; flags: TIdC_UINT): PCMS_ContentInfo cdecl = nil;
+
+  CMS_EncryptedData_decrypt: function(cms: PCMS_ContentInfo; const key: PByte; keylen: TIdC_SIZET; dcont: PBIO; &out: PBIO; flags: TIdC_UINT): TIdC_INT cdecl = nil;
+
+  CMS_EncryptedData_encrypt: function(&in: PBIO; const cipher: PEVP_CIPHER; const key: PByte; keylen: TIdC_SIZET; flags: TIdC_UINT): PCMS_ContentInfo cdecl = nil;
+
+  CMS_EncryptedData_set1_key: function(cms: PCMS_ContentInfo; const ciph: PEVP_CIPHER; const key: PByte; keylen: TIdC_SIZET): TIdC_INT cdecl = nil;
+
+//  function CMS_verify(cms: PCMS_ContentInfo; {STACK_OF(X509) *certs;} store: PX509_STORE; dcont: PBIO; &out: PBIO; flags: TIdC_UINT): TIdC_INT;
+
+//  function CMS_verify_receipt(rcms: PCMS_ContentInfo; ocms: PCMS_ContentInfo; {STACK_OF(x509) *certs;} store: PX509_STORE; flags: TIdC_UINT): TIdC_INT;
+
+  // STACK_OF(X509) *CMS_get0_signers(CMS_ContentInfo *cms);
+
+//  function CMS_encrypt({STACK_OF(x509) *certs;} &in: PBIO; const cipher: PEVP_CIPHER; flags: TIdC_UINT): PCMS_ContentInfo;
+
+  CMS_decrypt: function(cms: PCMS_ContentInfo; pkey: PEVP_PKEY; cert: PX509; dcont: PBIO; &out: PBIO; flags: TIdC_UINT): TIdC_INT cdecl = nil;
+
+  CMS_decrypt_set1_pkey: function(cms: PCMS_ContentInfo; pk: PEVP_PKEY; cert: PX509): TIdC_INT cdecl = nil;
+  CMS_decrypt_set1_key: function(cms: PCMS_ContentInfo; key: PByte; keylen: TIdC_SIZET; const id: PByte; idlen: TIdC_SIZET): TIdC_INT cdecl = nil;
+  CMS_decrypt_set1_password: function(cms: PCMS_ContentInfo; pass: PByte; passlen: ossl_ssize_t): TIdC_INT cdecl = nil;
+
+  //STACK_OF(CMS_RecipientInfo) *CMS_get0_RecipientInfos(CMS_ContentInfo *cms);
+  CMS_RecipientInfo_type: function(ri: PCMS_RecipientInfo): TIdC_INT cdecl = nil;
+  CMS_RecipientInfo_get0_pkey_ctx: function(ri: PCMS_RecipientInfo): PEVP_PKEY_CTX cdecl = nil;
+  CMS_EnvelopedData_create: function(const cipher: PEVP_CIPHER): PCMS_ContentInfo cdecl = nil;
+  CMS_add1_recipient_cert: function(cms: PCMS_ContentInfo; recip: PX509; flags: TIdC_UINT): PCMS_RecipientInfo cdecl = nil;
+  CMS_RecipientInfo_set0_pkey: function(ri: PCMS_RecipientInfo; pkey: PEVP_PKEY): TIdC_INT cdecl = nil;
+  CMS_RecipientInfo_ktri_cert_cmp: function(ri: PCMS_RecipientInfo; cert: PX509): TIdC_INT cdecl = nil;
+  CMS_RecipientInfo_ktri_get0_algs: function(ri: PCMS_RecipientInfo; pk: PPEVP_PKEY; recip: PPX509; palg: PPX509_ALGOR): TIdC_INT cdecl = nil;
+  CMS_RecipientInfo_ktri_get0_signer_id: function(ri: PPCMS_RecipientInfo; keyid: PPASN1_OCTET_STRING; issuer: PPX509_NAME; sno: PPASN1_INTEGER): TIdC_INT cdecl = nil;
+
+  CMS_add0_recipient_key: function(cms: PCMS_ContentInfo; nid: TIdC_INT; key: PByte; keylen: TIdC_SIZET; id: PByte; idlen: TIdC_SIZET; date: PASN1_GENERALIZEDTIME; otherTypeId: PASN1_OBJECT; otherType: ASN1_TYPE): PCMS_RecipientInfo cdecl = nil;
+
+  CMS_RecipientInfo_kekri_get0_id: function(ri: PCMS_RecipientInfo; palg: PPX509_ALGOR; pid: PPASN1_OCTET_STRING; pdate: PPASN1_GENERALIZEDTIME; potherid: PPASN1_OBJECT; pothertype: PASN1_TYPE): TIdC_INT cdecl = nil;
+
+  CMS_RecipientInfo_set0_key: function(ri: PCMS_RecipientInfo; key: PByte; keylen: TIdC_SIZET): TIdC_INT cdecl = nil;
+
+  CMS_RecipientInfo_kekri_id_cmp: function(ri: PCMS_RecipientInfo; const id: PByte; idlen: TIdC_SIZET): TIdC_INT cdecl = nil;
+
+  CMS_RecipientInfo_set0_password: function(ri: PCMS_RecipientInfo; pass: PByte; passlen: ossl_ssize_t): TIdC_INT cdecl = nil;
+
+  CMS_add0_recipient_password: function(cms: PCMS_ContentInfo; iter: TIdC_INT; wrap_nid: TIdC_INT; pbe_nid: TIdC_INT; pass: PByte; passlen: ossl_ssize_t; const kekciph: PEVP_CIPHER): PCMS_RecipientInfo cdecl = nil;
+
+  CMS_RecipientInfo_decrypt: function(cms: PCMS_ContentInfo; ri: PCMS_RecipientInfo): TIdC_INT cdecl = nil;
+  CMS_RecipientInfo_encrypt: function(cms: PCMS_ContentInfo; ri: PCMS_RecipientInfo): TIdC_INT cdecl = nil;
+
+  CMS_uncompress: function(cms: PCMS_ContentInfo; dcont: PBIO; &out: PBIO; flags: TIdC_UINT): TIdC_INT cdecl = nil;
+  CMS_compress: function(&in: PBIO; comp_nid: TIdC_INT; flags: TIdC_UINT): PCMS_ContentInfo cdecl = nil;
+
+  CMS_set1_eContentType: function(cms: CMS_ContentInfo; const oit: PASN1_OBJECT): TIdC_INT cdecl = nil;
+  CMS_get0_eContentType: function(cms: PCMS_ContentInfo): PASN1_OBJECT cdecl = nil;
+
+  CMS_add0_CertificateChoices: function(cms: PCMS_ContentInfo): PCMS_CertificateChoices cdecl = nil;
+  CMS_add0_cert: function(cms: PCMS_ContentInfo; cert: PX509): TIdC_INT cdecl = nil;
+  CMS_add1_cert: function(cms: PCMS_ContentInfo; cert: PX509): TIdC_INT cdecl = nil;
+  // STACK_OF(X509) *CMS_get1_certs(CMS_ContentInfo *cms);
+
+  CMS_add0_RevocationInfoChoice: function(cms: PCMS_ContentInfo): PCMS_RevocationInfoChoice cdecl = nil;
+  CMS_add0_crl: function(cms: PCMS_ContentInfo; crl: PX509_CRL): TIdC_INT cdecl = nil;
+  CMS_add1_crl: function(cms: PCMS_ContentInfo; crl: PX509_CRL): TIdC_INT cdecl = nil;
+  // STACK_OF(X509_CRL) *CMS_get1_crls(CMS_ContentInfo *cms);
+
+  CMS_SignedData_init: function(cms: PCMS_ContentInfo): TIdC_INT cdecl = nil;
+  CMS_add1_signer: function(cms: PCMS_ContentInfo; signer: PX509; pk: PEVP_PKEY; const md: PEVP_MD; flags: TIdC_UINT): PCMS_SignerInfo cdecl = nil;
+  CMS_SignerInfo_get0_pkey_ctx: function(si: PCMS_SignerInfo): PEVP_PKEY_CTX cdecl = nil;
+  CMS_SignerInfo_get0_md_ctx: function(si: PCMS_SignerInfo): PEVP_MD_CTX cdecl = nil;
+  // STACK_OF(CMS_SignerInfo) *CMS_get0_SignerInfos(CMS_ContentInfo *cms);
+
+  CMS_SignerInfo_set1_signer_cert: procedure(si: PCMS_SignerInfo; signer: PX509) cdecl = nil;
+  CMS_SignerInfo_get0_signer_id: function(si: PCMS_SignerInfo; keyid: PPASN1_OCTET_STRING; issuer: PPX509_NAME; sno: PPASN1_INTEGER): TIdC_INT cdecl = nil;
+  CMS_SignerInfo_cert_cmp: function(si: PCMS_SignerInfo; cert: PX509): TIdC_INT cdecl = nil;
+//  function CMS_set1_signers_certs(cms: PCMS_ContentInfo; {STACK_OF(X509) *certs;} flags: TIdC_UINT): TIdC_INT;
+  CMS_SignerInfo_get0_algs: procedure(si: PCMS_SignerInfo; pk: PPEVP_PKEY; signer: PPX509; pdig: PPX509_ALGOR; psig: PPX509_ALGOR) cdecl = nil;
+  CMS_SignerInfo_get0_signature: function(si: PCMS_SignerInfo): PASN1_OCTET_STRING cdecl = nil;
+  CMS_SignerInfo_sign: function(si: PCMS_SignerInfo): TIdC_INT cdecl = nil;
+  CMS_SignerInfo_verify: function(si: PCMS_SignerInfo): TIdC_INT cdecl = nil;
+  CMS_SignerInfo_verify_content: function(si: PCMS_SignerInfo; chain: PBIO): TIdC_INT cdecl = nil;
+
+//  function CMS_add_smimecap(si: PCMS_SignerInfo{; STACK_OF(X509_ALGOR) *algs}): TIdC_INT;
+//  function CMS_add_simple_smimecap({STACK_OF(X509_ALGOR) **algs;} algnid: TIdC_INT; keysize: TIdC_INT): TIdC_INT;
+//  function CMS_add_standard_smimecap({STACK_OF(X509_ALGOR) **smcap}): TIdC_INT;
+
+  CMS_signed_get_attr_count: function(const si: PCMS_SignerInfo): TIdC_INT cdecl = nil;
+  CMS_signed_get_attr_by_NID: function(const si: PCMS_SignerInfo; nid: TIdC_INT; lastpos: TIdC_INT): TIdC_INT cdecl = nil;
+  CMS_signed_get_attr_by_OBJ: function(const si: PCMS_SignerInfo; const obj: ASN1_OBJECT; lastpos: TIdC_INT): TIdC_INT cdecl = nil;
+  CMS_signed_get_attr: function(const si: PCMS_SignerInfo; loc: TIdC_INT): PX509_ATTRIBUTE cdecl = nil;
+  CMS_signed_delete_attr: function(const si: PCMS_SignerInfo; loc: TIdC_INT): PX509_ATTRIBUTE cdecl = nil;
+  CMS_signed_add1_attr: function(si: PCMS_SignerInfo; loc: TIdC_INT): TIdC_INT cdecl = nil;
+  CMS_signed_add1_attr_by_OBJ: function(si: PCMS_SignerInfo; const obj: PASN1_OBJECT; &type: TIdC_INT; const bytes: Pointer; len: TIdC_INT): TIdC_INT cdecl = nil;
+  CMS_signed_add1_attr_by_NID: function(si: PCMS_SignerInfo; nid: TIdC_INT; &type: TIdC_INT; const bytes: Pointer; len: TIdC_INT): TIdC_INT cdecl = nil;
+  CMS_signed_add1_attr_by_txt: function(si: PCMS_SignerInfo; const attrname: PAnsiChar; &type: TIdC_INT; const bytes: Pointer; len: TIdC_INT): TIdC_INT cdecl = nil;
+  CMS_signed_get0_data_by_OBJ: function(si: PCMS_SignerInfo; const oid: PASN1_OBJECT; lastpos: TIdC_INT; &type: TIdC_INT): Pointer cdecl = nil;
+
+  CMS_unsigned_get_attr_count: function(const si: PCMS_SignerInfo): TIdC_INT cdecl = nil;
+  CMS_unsigned_get_attr_by_NID: function(const si: PCMS_SignerInfo; nid: TIdC_INT; lastpos: TIdC_INT): TIdC_INT cdecl = nil;
+  CMS_unsigned_get_attr_by_OBJ: function(const si: PCMS_SignerInfo; const obj: PASN1_OBJECT; lastpos: TIdC_INT): TIdC_INT cdecl = nil;
+  CMS_unsigned_get_attr: function(const si: PCMS_SignerInfo; loc: TIdC_INT): PX509_ATTRIBUTE cdecl = nil;
+  CMS_unsigned_delete_attr: function(si: PCMS_SignerInfo; loc: TIdC_INT): PX509_ATTRIBUTE cdecl = nil;
+  CMS_unsigned_add1_attr: function(si: PCMS_SignerInfo; attr: PX509_ATTRIBUTE): TIdC_INT cdecl = nil;
+  CMS_unsigned_add1_attr_by_OBJ: function(si: PCMS_SignerInfo; const obj: PASN1_OBJECT; &type: TIdC_INT; const bytes: Pointer; len: TIdC_INT): TIdC_INT cdecl = nil;
+  CMS_unsigned_add1_attr_by_NID: function(si: PCMS_SignerInfo; nid: TIdC_INT; &type: TIdC_INT; const bytes: Pointer; len: TIdC_INT): TIdC_INT cdecl = nil;
+  CMS_unsigned_add1_attr_by_txt: function(si: PCMS_SignerInfo; const attrname: PAnsiChar; &type: TIdC_INT; const bytes: Pointer; len: TIdC_INT): TIdC_INT cdecl = nil;
+  CMS_unsigned_get0_data_by_OBJ: function(si: PCMS_SignerInfo; oid: PASN1_OBJECT; lastpos: TIdC_INT; &type: TIdC_INT): Pointer cdecl = nil;
+
+  CMS_get1_ReceiptRequest: function(si: PCMS_SignerInfo; prr: PPCMS_ReceiptRequest): TIdC_INT cdecl = nil;
+//  function CMS_ReceiptRequest_create0(id: PByte; idlen: TIdC_INT; allorfirst: TIdC_INT
+//    {;STACK_OF(GENERAL_NAMES) *receiptList;} {STACK_OF(GENERAL_NAMES) *receiptsTo}): PCMS_ReceiptRequest;
+  CMS_add1_ReceiptRequest: function(si: PCMS_SignerInfo; rr: PCMS_ReceiptRequest): TIdC_INT cdecl = nil;
+//  procedure CMS_ReceiptRequest_get0_values(rr: PCMS_ReceiptRequest; pcid: PPASN1_STRING;
+//    pallorfirst: PIdC_INT {;STACK_OF(GENERAL_NAMES) **plist;}
+//    {STACK_OF(GENERAL_NAMES) **prto});
+//  function CMS_RecipientInfo_kari_get0_alg(ri: PCMS_RecipientInfo; palg: PPX509_ALGOR;
+//    pukm: PPASN1_OCTET_STRING): TIdC_INT;
+//  // STACK_OF(CMS_RecipientEncryptedKey) *CMS_RecipientInfo_kari_get0_reks(CMS_RecipientInfo *ri);
+
+  CMS_RecipientInfo_kari_get0_orig_id: function(ri: PCMS_RecipientInfo; pubalg: PPX509_ALGOR; pubkey: PASN1_BIT_STRING; keyid: PPASN1_OCTET_STRING; issuer: PPX509_NAME; sno: PPASN1_INTEGER): TIdC_INT cdecl = nil;
+
+  CMS_RecipientInfo_kari_orig_id_cmp: function(ri: PCMS_RecipientInfo; cert: PX509): TIdC_INT cdecl = nil;
+
+  CMS_RecipientEncryptedKey_get0_id: function(rek: PCMS_RecipientEncryptedKey; keyid: PPASN1_OCTET_STRING; tm: PPASN1_GENERALIZEDTIME; other: PPCMS_OtherKeyAttribute; issuer: PPX509_NAME; sno: PPASN1_INTEGER): TIdC_INT cdecl = nil;
+  CMS_RecipientEncryptedKey_cert_cmp: function(rek: PCMS_RecipientEncryptedKey; cert: PX509): TIdC_INT cdecl = nil;
+  CMS_RecipientInfo_kari_set0_pkey: function(ri: PCMS_RecipientInfo; pk: PEVP_PKEY): TIdC_INT cdecl = nil;
+  CMS_RecipientInfo_kari_get0_ctx: function(ri: PCMS_RecipientInfo): PEVP_CIPHER_CTX cdecl = nil;
+  CMS_RecipientInfo_kari_decrypt: function(cms: PCMS_ContentInfo; ri: PCMS_RecipientInfo; rek: PCMS_RecipientEncryptedKey): TIdC_INT cdecl = nil;
+
+  CMS_SharedInfo_encode: function(pder: PPByte; kekalg: PX509_ALGOR; ukm: PASN1_OCTET_STRING; keylen: TIdC_INT): TIdC_INT cdecl = nil;
+
+  ///* Backward compatibility for spelling errors. */
+  //# define CMS_R_UNKNOWN_DIGEST_ALGORITM CMS_R_UNKNOWN_DIGEST_ALGORITHM
+  //# define CMS_R_UNSUPPORTED_RECPIENTINFO_TYPE \ CMS_R_UNSUPPORTED_RECIPIENTINFO_TYPE
+
+implementation
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+
+  function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
+  begin
+    Result := LoadLibFunction(ADllHandle, AMethodName);
+    if not Assigned(Result) then
+      AFailed.Add(AMethodName);
+  end;
+
+begin
+  CMS_get0_type := LoadFunction('CMS_get0_type', AFailed);
+  CMS_dataInit := LoadFunction('CMS_dataInit', AFailed);
+  CMS_dataFinal := LoadFunction('CMS_dataFinal', AFailed);
+  CMS_get0_content := LoadFunction('CMS_get0_content', AFailed);
+  CMS_is_detached := LoadFunction('CMS_is_detached', AFailed);
+  CMS_set_detached := LoadFunction('CMS_set_detached', AFailed);
+  CMS_stream := LoadFunction('CMS_stream', AFailed);
+  d2i_CMS_bio := LoadFunction('d2i_CMS_bio', AFailed);
+  i2d_CMS_bio := LoadFunction('i2d_CMS_bio', AFailed);
+  BIO_new_CMS := LoadFunction('BIO_new_CMS', AFailed);
+  i2d_CMS_bio_stream := LoadFunction('i2d_CMS_bio_stream', AFailed);
+  PEM_write_bio_CMS_stream := LoadFunction('PEM_write_bio_CMS_stream', AFailed);
+  SMIME_read_CMS := LoadFunction('SMIME_read_CMS', AFailed);
+  SMIME_write_CMS := LoadFunction('SMIME_write_CMS', AFailed);
+  CMS_final := LoadFunction('CMS_final', AFailed);
+  CMS_data := LoadFunction('CMS_data', AFailed);
+  CMS_data_create := LoadFunction('CMS_data_create', AFailed);
+  CMS_digest_verify := LoadFunction('CMS_digest_verify', AFailed);
+  CMS_digest_create := LoadFunction('CMS_digest_create', AFailed);
+  CMS_EncryptedData_decrypt := LoadFunction('CMS_EncryptedData_decrypt', AFailed);
+  CMS_EncryptedData_encrypt := LoadFunction('CMS_EncryptedData_encrypt', AFailed);
+  CMS_EncryptedData_set1_key := LoadFunction('CMS_EncryptedData_set1_key', AFailed);
+  CMS_decrypt := LoadFunction('CMS_decrypt', AFailed);
+  CMS_decrypt_set1_pkey := LoadFunction('CMS_decrypt_set1_pkey', AFailed);
+  CMS_decrypt_set1_key := LoadFunction('CMS_decrypt_set1_key', AFailed);
+  CMS_decrypt_set1_password := LoadFunction('CMS_decrypt_set1_password', AFailed);
+  CMS_RecipientInfo_type := LoadFunction('CMS_RecipientInfo_type', AFailed);
+  CMS_RecipientInfo_get0_pkey_ctx := LoadFunction('CMS_RecipientInfo_get0_pkey_ctx', AFailed);
+  CMS_EnvelopedData_create := LoadFunction('CMS_EnvelopedData_create', AFailed);
+  CMS_add1_recipient_cert := LoadFunction('CMS_add1_recipient_cert', AFailed);
+  CMS_RecipientInfo_set0_pkey := LoadFunction('CMS_RecipientInfo_set0_pkey', AFailed);
+  CMS_RecipientInfo_ktri_cert_cmp := LoadFunction('CMS_RecipientInfo_ktri_cert_cmp', AFailed);
+  CMS_RecipientInfo_ktri_get0_algs := LoadFunction('CMS_RecipientInfo_ktri_get0_algs', AFailed);
+  CMS_RecipientInfo_ktri_get0_signer_id := LoadFunction('CMS_RecipientInfo_ktri_get0_signer_id', AFailed);
+  CMS_add0_recipient_key := LoadFunction('CMS_add0_recipient_key', AFailed);
+  CMS_RecipientInfo_kekri_get0_id := LoadFunction('CMS_RecipientInfo_kekri_get0_id', AFailed);
+  CMS_RecipientInfo_set0_key := LoadFunction('CMS_RecipientInfo_set0_key', AFailed);
+  CMS_RecipientInfo_kekri_id_cmp := LoadFunction('CMS_RecipientInfo_kekri_id_cmp', AFailed);
+  CMS_RecipientInfo_set0_password := LoadFunction('CMS_RecipientInfo_set0_password', AFailed);
+  CMS_add0_recipient_password := LoadFunction('CMS_add0_recipient_password', AFailed);
+  CMS_RecipientInfo_decrypt := LoadFunction('CMS_RecipientInfo_decrypt', AFailed);
+  CMS_RecipientInfo_encrypt := LoadFunction('CMS_RecipientInfo_encrypt', AFailed);
+  CMS_uncompress := LoadFunction('CMS_uncompress', AFailed);
+  CMS_compress := LoadFunction('CMS_compress', AFailed);
+  CMS_set1_eContentType := LoadFunction('CMS_set1_eContentType', AFailed);
+  CMS_get0_eContentType := LoadFunction('CMS_get0_eContentType', AFailed);
+  CMS_add0_CertificateChoices := LoadFunction('CMS_add0_CertificateChoices', AFailed);
+  CMS_add0_cert := LoadFunction('CMS_add0_cert', AFailed);
+  CMS_add1_cert := LoadFunction('CMS_add1_cert', AFailed);
+  CMS_add0_RevocationInfoChoice := LoadFunction('CMS_add0_RevocationInfoChoice', AFailed);
+  CMS_add0_crl := LoadFunction('CMS_add0_crl', AFailed);
+  CMS_add1_crl := LoadFunction('CMS_add1_crl', AFailed);
+  CMS_SignedData_init := LoadFunction('CMS_SignedData_init', AFailed);
+  CMS_add1_signer := LoadFunction('CMS_add1_signer', AFailed);
+  CMS_SignerInfo_get0_pkey_ctx := LoadFunction('CMS_SignerInfo_get0_pkey_ctx', AFailed);
+  CMS_SignerInfo_get0_md_ctx := LoadFunction('CMS_SignerInfo_get0_md_ctx', AFailed);
+  CMS_SignerInfo_set1_signer_cert := LoadFunction('CMS_SignerInfo_set1_signer_cert', AFailed);
+  CMS_SignerInfo_get0_signer_id := LoadFunction('CMS_SignerInfo_get0_signer_id', AFailed);
+  CMS_SignerInfo_cert_cmp := LoadFunction('CMS_SignerInfo_cert_cmp', AFailed);
+  CMS_SignerInfo_get0_algs := LoadFunction('CMS_SignerInfo_get0_algs', AFailed);
+  CMS_SignerInfo_get0_signature := LoadFunction('CMS_SignerInfo_get0_signature', AFailed);
+  CMS_SignerInfo_sign := LoadFunction('CMS_SignerInfo_sign', AFailed);
+  CMS_SignerInfo_verify := LoadFunction('CMS_SignerInfo_verify', AFailed);
+  CMS_SignerInfo_verify_content := LoadFunction('CMS_SignerInfo_verify_content', AFailed);
+  CMS_signed_get_attr_count := LoadFunction('CMS_signed_get_attr_count', AFailed);
+  CMS_signed_get_attr_by_NID := LoadFunction('CMS_signed_get_attr_by_NID', AFailed);
+  CMS_signed_get_attr_by_OBJ := LoadFunction('CMS_signed_get_attr_by_OBJ', AFailed);
+  CMS_signed_get_attr := LoadFunction('CMS_signed_get_attr', AFailed);
+  CMS_signed_delete_attr := LoadFunction('CMS_signed_delete_attr', AFailed);
+  CMS_signed_add1_attr := LoadFunction('CMS_signed_add1_attr', AFailed);
+  CMS_signed_add1_attr_by_OBJ := LoadFunction('CMS_signed_add1_attr_by_OBJ', AFailed);
+  CMS_signed_add1_attr_by_NID := LoadFunction('CMS_signed_add1_attr_by_NID', AFailed);
+  CMS_signed_add1_attr_by_txt := LoadFunction('CMS_signed_add1_attr_by_txt', AFailed);
+  CMS_signed_get0_data_by_OBJ := LoadFunction('CMS_signed_get0_data_by_OBJ', AFailed);
+  CMS_unsigned_get_attr_count := LoadFunction('CMS_unsigned_get_attr_count', AFailed);
+  CMS_unsigned_get_attr_by_NID := LoadFunction('CMS_unsigned_get_attr_by_NID', AFailed);
+  CMS_unsigned_get_attr_by_OBJ := LoadFunction('CMS_unsigned_get_attr_by_OBJ', AFailed);
+  CMS_unsigned_get_attr := LoadFunction('CMS_unsigned_get_attr', AFailed);
+  CMS_unsigned_delete_attr := LoadFunction('CMS_unsigned_delete_attr', AFailed);
+  CMS_unsigned_add1_attr := LoadFunction('CMS_unsigned_add1_attr', AFailed);
+  CMS_unsigned_add1_attr_by_OBJ := LoadFunction('CMS_unsigned_add1_attr_by_OBJ', AFailed);
+  CMS_unsigned_add1_attr_by_NID := LoadFunction('CMS_unsigned_add1_attr_by_NID', AFailed);
+  CMS_unsigned_add1_attr_by_txt := LoadFunction('CMS_unsigned_add1_attr_by_txt', AFailed);
+  CMS_unsigned_get0_data_by_OBJ := LoadFunction('CMS_unsigned_get0_data_by_OBJ', AFailed);
+  CMS_get1_ReceiptRequest := LoadFunction('CMS_get1_ReceiptRequest', AFailed);
+  CMS_add1_ReceiptRequest := LoadFunction('CMS_add1_ReceiptRequest', AFailed);
+  CMS_RecipientInfo_kari_get0_orig_id := LoadFunction('CMS_RecipientInfo_kari_get0_orig_id', AFailed);
+  CMS_RecipientInfo_kari_orig_id_cmp := LoadFunction('CMS_RecipientInfo_kari_orig_id_cmp', AFailed);
+  CMS_RecipientEncryptedKey_get0_id := LoadFunction('CMS_RecipientEncryptedKey_get0_id', AFailed);
+  CMS_RecipientEncryptedKey_cert_cmp := LoadFunction('CMS_RecipientEncryptedKey_cert_cmp', AFailed);
+  CMS_RecipientInfo_kari_set0_pkey := LoadFunction('CMS_RecipientInfo_kari_set0_pkey', AFailed);
+  CMS_RecipientInfo_kari_get0_ctx := LoadFunction('CMS_RecipientInfo_kari_get0_ctx', AFailed);
+  CMS_RecipientInfo_kari_decrypt := LoadFunction('CMS_RecipientInfo_kari_decrypt', AFailed);
+  CMS_SharedInfo_encode := LoadFunction('CMS_SharedInfo_encode', AFailed);
+end;
+
+procedure UnLoad;
+begin
+  CMS_get0_type := nil;
+  CMS_dataInit := nil;
+  CMS_dataFinal := nil;
+  CMS_get0_content := nil;
+  CMS_is_detached := nil;
+  CMS_set_detached := nil;
+  CMS_stream := nil;
+  d2i_CMS_bio := nil;
+  i2d_CMS_bio := nil;
+  BIO_new_CMS := nil;
+  i2d_CMS_bio_stream := nil;
+  PEM_write_bio_CMS_stream := nil;
+  SMIME_read_CMS := nil;
+  SMIME_write_CMS := nil;
+  CMS_final := nil;
+  CMS_data := nil;
+  CMS_data_create := nil;
+  CMS_digest_verify := nil;
+  CMS_digest_create := nil;
+  CMS_EncryptedData_decrypt := nil;
+  CMS_EncryptedData_encrypt := nil;
+  CMS_EncryptedData_set1_key := nil;
+  CMS_decrypt := nil;
+  CMS_decrypt_set1_pkey := nil;
+  CMS_decrypt_set1_key := nil;
+  CMS_decrypt_set1_password := nil;
+  CMS_RecipientInfo_type := nil;
+  CMS_RecipientInfo_get0_pkey_ctx := nil;
+  CMS_EnvelopedData_create := nil;
+  CMS_add1_recipient_cert := nil;
+  CMS_RecipientInfo_set0_pkey := nil;
+  CMS_RecipientInfo_ktri_cert_cmp := nil;
+  CMS_RecipientInfo_ktri_get0_algs := nil;
+  CMS_RecipientInfo_ktri_get0_signer_id := nil;
+  CMS_add0_recipient_key := nil;
+  CMS_RecipientInfo_kekri_get0_id := nil;
+  CMS_RecipientInfo_set0_key := nil;
+  CMS_RecipientInfo_kekri_id_cmp := nil;
+  CMS_RecipientInfo_set0_password := nil;
+  CMS_add0_recipient_password := nil;
+  CMS_RecipientInfo_decrypt := nil;
+  CMS_RecipientInfo_encrypt := nil;
+  CMS_uncompress := nil;
+  CMS_compress := nil;
+  CMS_set1_eContentType := nil;
+  CMS_get0_eContentType := nil;
+  CMS_add0_CertificateChoices := nil;
+  CMS_add0_cert := nil;
+  CMS_add1_cert := nil;
+  CMS_add0_RevocationInfoChoice := nil;
+  CMS_add0_crl := nil;
+  CMS_add1_crl := nil;
+  CMS_SignedData_init := nil;
+  CMS_add1_signer := nil;
+  CMS_SignerInfo_get0_pkey_ctx := nil;
+  CMS_SignerInfo_get0_md_ctx := nil;
+  CMS_SignerInfo_set1_signer_cert := nil;
+  CMS_SignerInfo_get0_signer_id := nil;
+  CMS_SignerInfo_cert_cmp := nil;
+  CMS_SignerInfo_get0_algs := nil;
+  CMS_SignerInfo_get0_signature := nil;
+  CMS_SignerInfo_sign := nil;
+  CMS_SignerInfo_verify := nil;
+  CMS_SignerInfo_verify_content := nil;
+  CMS_signed_get_attr_count := nil;
+  CMS_signed_get_attr_by_NID := nil;
+  CMS_signed_get_attr_by_OBJ := nil;
+  CMS_signed_get_attr := nil;
+  CMS_signed_delete_attr := nil;
+  CMS_signed_add1_attr := nil;
+  CMS_signed_add1_attr_by_OBJ := nil;
+  CMS_signed_add1_attr_by_NID := nil;
+  CMS_signed_add1_attr_by_txt := nil;
+  CMS_signed_get0_data_by_OBJ := nil;
+  CMS_unsigned_get_attr_count := nil;
+  CMS_unsigned_get_attr_by_NID := nil;
+  CMS_unsigned_get_attr_by_OBJ := nil;
+  CMS_unsigned_get_attr := nil;
+  CMS_unsigned_delete_attr := nil;
+  CMS_unsigned_add1_attr := nil;
+  CMS_unsigned_add1_attr_by_OBJ := nil;
+  CMS_unsigned_add1_attr_by_NID := nil;
+  CMS_unsigned_add1_attr_by_txt := nil;
+  CMS_unsigned_get0_data_by_OBJ := nil;
+  CMS_get1_ReceiptRequest := nil;
+  CMS_add1_ReceiptRequest := nil;
+  CMS_RecipientInfo_kari_get0_orig_id := nil;
+  CMS_RecipientInfo_kari_orig_id_cmp := nil;
+  CMS_RecipientEncryptedKey_get0_id := nil;
+  CMS_RecipientEncryptedKey_cert_cmp := nil;
+  CMS_RecipientInfo_kari_set0_pkey := nil;
+  CMS_RecipientInfo_kari_get0_ctx := nil;
+  CMS_RecipientInfo_kari_decrypt := nil;
+  CMS_SharedInfo_encode := nil;
+end;
+{$ENDREGION}
+
+end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_cmserr.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_cmserr.pas
new file mode 100644
index 000000000..76ff3fd1a
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_cmserr.pas
@@ -0,0 +1,253 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 15:01:04
+
+unit IdOpenSSLHeaders_cmserr;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// cmserr.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  Classes,
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+const
+  //
+  // CMS function codes.
+  //
+  CMS_F_CHECK_CONTENT                             = 99;
+  CMS_F_CMS_ADD0_CERT                             = 164;
+  CMS_F_CMS_ADD0_RECIPIENT_KEY                    = 100;
+  CMS_F_CMS_ADD0_RECIPIENT_PASSWORD               = 165;
+  CMS_F_CMS_ADD1_RECEIPTREQUEST                   = 158;
+  CMS_F_CMS_ADD1_RECIPIENT_CERT                   = 101;
+  CMS_F_CMS_ADD1_SIGNER                           = 102;
+  CMS_F_CMS_ADD1_SIGNINGTIME                      = 103;
+  CMS_F_CMS_COMPRESS                              = 104;
+  CMS_F_CMS_COMPRESSEDDATA_CREATE                 = 105;
+  CMS_F_CMS_COMPRESSEDDATA_INIT_BIO               = 106;
+  CMS_F_CMS_COPY_CONTENT                          = 107;
+  CMS_F_CMS_COPY_MESSAGEDIGEST                    = 108;
+  CMS_F_CMS_DATA                                  = 109;
+  CMS_F_CMS_DATAFINAL                             = 110;
+  CMS_F_CMS_DATAINIT                              = 111;
+  CMS_F_CMS_DECRYPT                               = 112;
+  CMS_F_CMS_DECRYPT_SET1_KEY                      = 113;
+  CMS_F_CMS_DECRYPT_SET1_PASSWORD                 = 166;
+  CMS_F_CMS_DECRYPT_SET1_PKEY                     = 114;
+  CMS_F_CMS_DIGESTALGORITHM_FIND_CTX              = 115;
+  CMS_F_CMS_DIGESTALGORITHM_INIT_BIO              = 116;
+  CMS_F_CMS_DIGESTEDDATA_DO_FINAL                 = 117;
+  CMS_F_CMS_DIGEST_VERIFY                         = 118;
+  CMS_F_CMS_ENCODE_RECEIPT                        = 161;
+  CMS_F_CMS_ENCRYPT                               = 119;
+  CMS_F_CMS_ENCRYPTEDCONTENT_INIT                 = 179;
+  CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO             = 120;
+  CMS_F_CMS_ENCRYPTEDDATA_DECRYPT                 = 121;
+  CMS_F_CMS_ENCRYPTEDDATA_ENCRYPT                 = 122;
+  CMS_F_CMS_ENCRYPTEDDATA_SET1_KEY                = 123;
+  CMS_F_CMS_ENVELOPEDDATA_CREATE                  = 124;
+  CMS_F_CMS_ENVELOPEDDATA_INIT_BIO                = 125;
+  CMS_F_CMS_ENVELOPED_DATA_INIT                   = 126;
+  CMS_F_CMS_ENV_ASN1_CTRL                         = 171;
+  CMS_F_CMS_FINAL                                 = 127;
+  CMS_F_CMS_GET0_CERTIFICATE_CHOICES              = 128;
+  CMS_F_CMS_GET0_CONTENT                          = 129;
+  CMS_F_CMS_GET0_ECONTENT_TYPE                    = 130;
+  CMS_F_CMS_GET0_ENVELOPED                        = 131;
+  CMS_F_CMS_GET0_REVOCATION_CHOICES               = 132;
+  CMS_F_CMS_GET0_SIGNED                           = 133;
+  CMS_F_CMS_MSGSIGDIGEST_ADD1                     = 162;
+  CMS_F_CMS_RECEIPTREQUEST_CREATE0                = 159;
+  CMS_F_CMS_RECEIPT_VERIFY                        = 160;
+  CMS_F_CMS_RECIPIENTINFO_DECRYPT                 = 134;
+  CMS_F_CMS_RECIPIENTINFO_ENCRYPT                 = 169;
+  CMS_F_CMS_RECIPIENTINFO_KARI_ENCRYPT            = 178;
+  CMS_F_CMS_RECIPIENTINFO_KARI_GET0_ALG           = 175;
+  CMS_F_CMS_RECIPIENTINFO_KARI_GET0_ORIG_ID       = 173;
+  CMS_F_CMS_RECIPIENTINFO_KARI_GET0_REKS          = 172;
+  CMS_F_CMS_RECIPIENTINFO_KARI_ORIG_ID_CMP        = 174;
+  CMS_F_CMS_RECIPIENTINFO_KEKRI_DECRYPT           = 135;
+  CMS_F_CMS_RECIPIENTINFO_KEKRI_ENCRYPT           = 136;
+  CMS_F_CMS_RECIPIENTINFO_KEKRI_GET0_ID           = 137;
+  CMS_F_CMS_RECIPIENTINFO_KEKRI_ID_CMP            = 138;
+  CMS_F_CMS_RECIPIENTINFO_KTRI_CERT_CMP           = 139;
+  CMS_F_CMS_RECIPIENTINFO_KTRI_DECRYPT            = 140;
+  CMS_F_CMS_RECIPIENTINFO_KTRI_ENCRYPT            = 141;
+  CMS_F_CMS_RECIPIENTINFO_KTRI_GET0_ALGS          = 142;
+  CMS_F_CMS_RECIPIENTINFO_KTRI_GET0_SIGNER_ID     = 143;
+  CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT              = 167;
+  CMS_F_CMS_RECIPIENTINFO_SET0_KEY                = 144;
+  CMS_F_CMS_RECIPIENTINFO_SET0_PASSWORD           = 168;
+  CMS_F_CMS_RECIPIENTINFO_SET0_PKEY               = 145;
+  CMS_F_CMS_SD_ASN1_CTRL                          = 170;
+  CMS_F_CMS_SET1_IAS                              = 176;
+  CMS_F_CMS_SET1_KEYID                            = 177;
+  CMS_F_CMS_SET1_SIGNERIDENTIFIER                 = 146;
+  CMS_F_CMS_SET_DETACHED                          = 147;
+  CMS_F_CMS_SIGN                                  = 148;
+  CMS_F_CMS_SIGNED_DATA_INIT                      = 149;
+  CMS_F_CMS_SIGNERINFO_CONTENT_SIGN               = 150;
+  CMS_F_CMS_SIGNERINFO_SIGN                       = 151;
+  CMS_F_CMS_SIGNERINFO_VERIFY                     = 152;
+  CMS_F_CMS_SIGNERINFO_VERIFY_CERT                = 153;
+  CMS_F_CMS_SIGNERINFO_VERIFY_CONTENT             = 154;
+  CMS_F_CMS_SIGN_RECEIPT                          = 163;
+  CMS_F_CMS_SI_CHECK_ATTRIBUTES                   = 183;
+  CMS_F_CMS_STREAM                                = 155;
+  CMS_F_CMS_UNCOMPRESS                            = 156;
+  CMS_F_CMS_VERIFY                                = 157;
+  CMS_F_KEK_UNWRAP_KEY                            = 180;
+
+  //
+  // CMS reason codes.
+  //
+  CMS_R_ADD_SIGNER_ERROR                          = 99;
+  CMS_R_ATTRIBUTE_ERROR                           = 161;
+  CMS_R_CERTIFICATE_ALREADY_PRESENT               = 175;
+  CMS_R_CERTIFICATE_HAS_NO_KEYID                  = 160;
+  CMS_R_CERTIFICATE_VERIFY_ERROR                  = 100;
+  CMS_R_CIPHER_INITIALISATION_ERROR               = 101;
+  CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR     = 102;
+  CMS_R_CMS_DATAFINAL_ERROR                       = 103;
+  CMS_R_CMS_LIB                                   = 104;
+  CMS_R_CONTENTIDENTIFIER_MISMATCH                = 170;
+  CMS_R_CONTENT_NOT_FOUND                         = 105;
+  CMS_R_CONTENT_TYPE_MISMATCH                     = 171;
+  CMS_R_CONTENT_TYPE_NOT_COMPRESSED_DATA          = 106;
+  CMS_R_CONTENT_TYPE_NOT_ENVELOPED_DATA           = 107;
+  CMS_R_CONTENT_TYPE_NOT_SIGNED_DATA              = 108;
+  CMS_R_CONTENT_VERIFY_ERROR                      = 109;
+  CMS_R_CTRL_ERROR                                = 110;
+  CMS_R_CTRL_FAILURE                              = 111;
+  CMS_R_DECRYPT_ERROR                             = 112;
+  CMS_R_ERROR_GETTING_PUBLIC_KEY                  = 113;
+  CMS_R_ERROR_READING_MESSAGEDIGEST_ATTRIBUTE     = 114;
+  CMS_R_ERROR_SETTING_KEY                         = 115;
+  CMS_R_ERROR_SETTING_RECIPIENTINFO               = 116;
+  CMS_R_INVALID_ENCRYPTED_KEY_LENGTH              = 117;
+  CMS_R_INVALID_KEY_ENCRYPTION_PARAMETER          = 176;
+  CMS_R_INVALID_KEY_LENGTH                        = 118;
+  CMS_R_MD_BIO_INIT_ERROR                         = 119;
+  CMS_R_MESSAGEDIGEST_ATTRIBUTE_WRONG_LENGTH      = 120;
+  CMS_R_MESSAGEDIGEST_WRONG_LENGTH                = 121;
+  CMS_R_MSGSIGDIGEST_ERROR                        = 172;
+  CMS_R_MSGSIGDIGEST_VERIFICATION_FAILURE         = 162;
+  CMS_R_MSGSIGDIGEST_WRONG_LENGTH                 = 163;
+  CMS_R_NEED_ONE_SIGNER                           = 164;
+  CMS_R_NOT_A_SIGNED_RECEIPT                      = 165;
+  CMS_R_NOT_ENCRYPTED_DATA                        = 122;
+  CMS_R_NOT_KEK                                   = 123;
+  CMS_R_NOT_KEY_AGREEMENT                         = 181;
+  CMS_R_NOT_KEY_TRANSPORT                         = 124;
+  CMS_R_NOT_PWRI                                  = 177;
+  CMS_R_NOT_SUPPORTED_FOR_THIS_KEY_TYPE           = 125;
+  CMS_R_NO_CIPHER                                 = 126;
+  CMS_R_NO_CONTENT                                = 127;
+  CMS_R_NO_CONTENT_TYPE                           = 173;
+  CMS_R_NO_DEFAULT_DIGEST                         = 128;
+  CMS_R_NO_DIGEST_SET                             = 129;
+  CMS_R_NO_KEY                                    = 130;
+  CMS_R_NO_KEY_OR_CERT                            = 174;
+  CMS_R_NO_MATCHING_DIGEST                        = 131;
+  CMS_R_NO_MATCHING_RECIPIENT                     = 132;
+  CMS_R_NO_MATCHING_SIGNATURE                     = 166;
+  CMS_R_NO_MSGSIGDIGEST                           = 167;
+  CMS_R_NO_PASSWORD                               = 178;
+  CMS_R_NO_PRIVATE_KEY                            = 133;
+  CMS_R_NO_PUBLIC_KEY                             = 134;
+  CMS_R_NO_RECEIPT_REQUEST                        = 168;
+  CMS_R_NO_SIGNERS                                = 135;
+  CMS_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE    = 136;
+  CMS_R_RECEIPT_DECODE_ERROR                      = 169;
+  CMS_R_RECIPIENT_ERROR                           = 137;
+  CMS_R_SIGNER_CERTIFICATE_NOT_FOUND              = 138;
+  CMS_R_SIGNFINAL_ERROR                           = 139;
+  CMS_R_SMIME_TEXT_ERROR                          = 140;
+  CMS_R_STORE_INIT_ERROR                          = 141;
+  CMS_R_TYPE_NOT_COMPRESSED_DATA                  = 142;
+  CMS_R_TYPE_NOT_DATA                             = 143;
+  CMS_R_TYPE_NOT_DIGESTED_DATA                    = 144;
+  CMS_R_TYPE_NOT_ENCRYPTED_DATA                   = 145;
+  CMS_R_TYPE_NOT_ENVELOPED_DATA                   = 146;
+  CMS_R_UNABLE_TO_FINALIZE_CONTEXT                = 147;
+  CMS_R_UNKNOWN_CIPHER                            = 148;
+  CMS_R_UNKNOWN_DIGEST_ALGORITHM                  = 149;
+  CMS_R_UNKNOWN_ID                                = 150;
+  CMS_R_UNSUPPORTED_COMPRESSION_ALGORITHM         = 151;
+  CMS_R_UNSUPPORTED_CONTENT_TYPE                  = 152;
+  CMS_R_UNSUPPORTED_KEK_ALGORITHM                 = 153;
+  CMS_R_UNSUPPORTED_KEY_ENCRYPTION_ALGORITHM      = 179;
+  CMS_R_UNSUPPORTED_RECIPIENTINFO_TYPE            = 155;
+  CMS_R_UNSUPPORTED_RECIPIENT_TYPE                = 154;
+  CMS_R_UNSUPPORTED_TYPE                          = 156;
+  CMS_R_UNWRAP_ERROR                              = 157;
+  CMS_R_UNWRAP_FAILURE                            = 180;
+  CMS_R_VERIFICATION_FAILURE                      = 158;
+  CMS_R_WRAP_ERROR                                = 159;
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+procedure UnLoad;
+{$ENDREGION}
+
+var
+  ERR_load_CMS_strings: function: TIdC_INT cdecl = nil;
+
+implementation
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+
+  function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
+  begin
+    Result := LoadLibFunction(ADllHandle, AMethodName);
+    if not Assigned(Result) then
+      AFailed.Add(AMethodName);
+  end;
+
+begin
+  ERR_load_CMS_strings := LoadFunction('ERR_load_CMS_strings', AFailed);
+end;
+
+procedure UnLoad;
+begin
+  ERR_load_CMS_strings := nil;
+end;
+{$ENDREGION}
+
+end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_comp.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_comp.pas
new file mode 100644
index 000000000..967ff9fdb
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_comp.pas
@@ -0,0 +1,110 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 15:01:04
+
+unit IdOpenSSLHeaders_comp;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// comp.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  Classes,
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts,
+  IdOpenSSLHeaders_bio,
+  IdOpenSSLHeaders_ossl_typ;
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+procedure UnLoad;
+{$ENDREGION}
+
+var
+  COMP_CTX_new: function(meth: PCOMP_METHOD): PCOMP_CTX cdecl = nil;
+  COMP_CTX_get_method: function(const ctx: PCOMP_CTX): PCOMP_METHOD cdecl = nil;
+  COMP_CTX_get_type: function(const comp: PCOMP_CTX): TIdC_INT cdecl = nil;
+  COMP_get_type: function(const meth: PCOMP_METHOD): TIdC_INT cdecl = nil;
+  COMP_get_name: function(const meth: PCOMP_METHOD): PIdAnsiChar cdecl = nil;
+  COMP_CTX_free: procedure(ctx: PCOMP_CTX) cdecl = nil;
+
+  COMP_compress_block: function(ctx: PCOMP_CTX; &out: PByte; olen: TIdC_INT; &in: PByte; ilen: TIdC_INT): TIdC_INT cdecl = nil;
+  COMP_expand_block: function(ctx: PCOMP_CTX; &out: PByte; olen: TIdC_INT; &in: PByte; ilen: TIdC_INT): TIdC_INT cdecl = nil;
+
+  COMP_zlib: function: PCOMP_METHOD cdecl = nil;
+
+  BIO_f_zlib: function: PBIO_METHOD cdecl = nil;
+
+implementation
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+
+  function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
+  begin
+    Result := LoadLibFunction(ADllHandle, AMethodName);
+    if not Assigned(Result) then
+      AFailed.Add(AMethodName);
+  end;
+
+begin
+  COMP_CTX_new := LoadFunction('COMP_CTX_new', AFailed);
+  COMP_CTX_get_method := LoadFunction('COMP_CTX_get_method', AFailed);
+  COMP_CTX_get_type := LoadFunction('COMP_CTX_get_type', AFailed);
+  COMP_get_type := LoadFunction('COMP_get_type', AFailed);
+  COMP_get_name := LoadFunction('COMP_get_name', AFailed);
+  COMP_CTX_free := LoadFunction('COMP_CTX_free', AFailed);
+  COMP_compress_block := LoadFunction('COMP_compress_block', AFailed);
+  COMP_expand_block := LoadFunction('COMP_expand_block', AFailed);
+  COMP_zlib := LoadFunction('COMP_zlib', AFailed);
+  BIO_f_zlib := LoadFunction('BIO_f_zlib', AFailed);
+end;
+
+procedure UnLoad;
+begin
+  COMP_CTX_new := nil;
+  COMP_CTX_get_method := nil;
+  COMP_CTX_get_type := nil;
+  COMP_get_type := nil;
+  COMP_get_name := nil;
+  COMP_CTX_free := nil;
+  COMP_compress_block := nil;
+  COMP_expand_block := nil;
+  COMP_zlib := nil;
+  BIO_f_zlib := nil;
+end;
+{$ENDREGION}
+
+end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_comperr.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_comperr.pas
new file mode 100644
index 000000000..3d323fe36
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_comperr.pas
@@ -0,0 +1,95 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 15:01:04
+
+unit IdOpenSSLHeaders_comperr;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// comperr.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  Classes,
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+const
+///*
+// * COMP function codes.
+// */
+  COMP_F_BIO_ZLIB_FLUSH =      99;
+  COMP_F_BIO_ZLIB_NEW =        100;
+  COMP_F_BIO_ZLIB_READ =       101;
+  COMP_F_BIO_ZLIB_WRITE =      102;
+  COMP_F_COMP_CTX_NEW =        103;
+
+///*
+// * COMP reason codes.
+// */
+  COMP_R_ZLIB_DEFLATE_ERROR =  99;
+  COMP_R_ZLIB_INFLATE_ERROR =  100;
+  COMP_R_ZLIB_NOT_SUPPORTED =  101;
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+procedure UnLoad;
+{$ENDREGION}
+
+var
+  ERR_load_COMP_strings: function: TIdC_INT cdecl = nil;
+
+implementation
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+
+  function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
+  begin
+    Result := LoadLibFunction(ADllHandle, AMethodName);
+    if not Assigned(Result) then
+      AFailed.Add(AMethodName);
+  end;
+
+begin
+  ERR_load_COMP_strings := LoadFunction('ERR_load_COMP_strings', AFailed);
+end;
+
+procedure UnLoad;
+begin
+  ERR_load_COMP_strings := nil;
+end;
+{$ENDREGION}
+
+end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_conf.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_conf.pas
new file mode 100644
index 000000000..33a18cac3
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_conf.pas
@@ -0,0 +1,266 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 15:01:04
+
+unit IdOpenSSLHeaders_conf;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// conf.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  Classes,
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts,
+  IdOpenSSLHeaders_bio,
+  IdOpenSSLHeaders_ossl_typ;
+
+type
+  CONF_parse_list_list_cb = function (const elem: PAnsiChar; len: TIdC_INT; usr: Pointer): TIdC_INT;
+
+  CONF_VALUE = record
+    section: PAnsiChar;
+    name: PAnsiChar;
+    value: PAnsiChar;
+  end;
+  PCONF_VALUE = ^CONF_VALUE;
+
+//DEFINE_STACK_OF(CONF_VALUE)
+//DEFINE_LHASH_OF(CONF_VALUE);
+
+  conf_st = type Pointer;
+  conf_method_st = type Pointer;
+  CONF_METHOD = conf_method_st;
+  PCONF_METHOD = ^conf_method_st;
+  CONF = conf_st;
+  PCONF = ^CONF;
+
+  (*conf_method_st = record
+    const char *name;
+    CONF *(*create) (CONF_METHOD *meth);
+    int (*init) (CONF *conf);
+    int (*destroy) (CONF *conf);
+    int (*destroy_data) (CONF *conf);
+    int (*load_bio) (CONF *conf, BIO *bp, long *eline);
+    int (*dump) (const CONF *conf, BIO *bp);
+    int (*is_number) (const CONF *conf, char c);
+    int (*to_int) (const CONF *conf, char c);
+    int (*load) (CONF *conf, const char *name, long *eline);
+  end; *)
+
+//* Module definitions */
+
+  conf_imodule_st = type Pointer;
+  CONF_IMODULE = conf_imodule_st;
+  PCONF_IMODULE = ^CONF_IMODULE;
+  conf_module_st = type Pointer;
+  CONF_MODULE = conf_module_st;
+  PCONF_MODULE = ^CONF_MODULE;
+
+//DEFINE_STACK_OF(CONF_MODULE)
+//DEFINE_STACK_OF(CONF_IMODULE)
+
+//* DSO module function typedefs */
+  conf_init_func = function(md: PCONF_IMODULE; const cnf: PCONF): TIdC_INT;
+  conf_finish_func = procedure(md: PCONF_IMODULE);
+
+const
+  CONF_MFLAGS_IGNORE_ERRORS = $1;
+  CONF_MFLAGS_IGNORE_RETURN_CODES = $2;
+  CONF_MFLAGS_SILENT = $4;
+  CONF_MFLAGS_NO_DSO = $8;
+  CONF_MFLAGS_IGNORE_MISSING_FILE = $10;
+  CONF_MFLAGS_DEFAULT_SECTION = $20;
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+procedure UnLoad;
+{$ENDREGION}
+
+var
+  CONF_set_default_method: function(meth: PCONF_METHOD): TIdC_INT cdecl = nil;
+//  (*
+//  void CONF_set_nconf(CONF *conf, LHASH_OF(CONF_VALUE) *hash);
+//  LHASH_OF(CONF_VALUE) *CONF_load(LHASH_OF(CONF_VALUE) *conf, const char *file, long *eline);
+//  {$ifndef OPENSSL_NO_STDIO}
+//  LHASH_OF(CONF_VALUE) *CONF_load_fp(LHASH_OF(CONF_VALUE) *conf, FILE *fp, long *eline);
+//  {$endif}
+//  LHASH_OF(CONF_VALUE) *CONF_load_bio(LHASH_OF(CONF_VALUE) *conf, BIO *bp,
+//                                      long *eline);
+//  STACK_OF(CONF_VALUE) *CONF_get_section(LHASH_OF(CONF_VALUE) *conf,
+//                                         const char *section);
+//  char *CONF_get_string(LHASH_OF(CONF_VALUE) *conf, const char *group,
+//                        const char *name);
+//  long CONF_get_number(LHASH_OF(CONF_VALUE) *conf, const char *group,
+//                       const char *name);
+//  void CONF_free(LHASH_OF(CONF_VALUE) *conf);
+//  #ifndef OPENSSL_NO_STDIO
+//  int CONF_dump_fp(LHASH_OF(CONF_VALUE) *conf, FILE *out);
+//  #endif
+//  int CONF_dump_bio(LHASH_OF(CONF_VALUE) *conf, BIO *out);
+//
+//  DEPRECATEDIN_1_1_0(void OPENSSL_config(const char *config_name))
+//
+//  #if OPENSSL_API_COMPAT < 0x10100000L
+//  # define OPENSSL_no_config() \
+//      OPENSSL_init_crypto(OPENSSL_INIT_NO_LOAD_CONFIG, NULL)
+//  #endif
+//  *)
+
+  (*
+   * New conf code.  The semantics are different from the functions above. If
+   * that wasn't the case, the above functions would have been replaced
+   *)
+
+  //type     Doppelt???
+  //  conf_st = record
+  //    CONF_METHOD *meth;
+  //    void *meth_data;
+  //    LHASH_OF(CONF_VALUE) *data;
+  //  end;
+
+  NCONF_new: function(meth: PCONF_METHOD): PCONF cdecl = nil;
+  NCONF_default: function: PCONF_METHOD cdecl = nil;
+  NCONF_WIN32: function: PCONF_METHOD cdecl = nil;
+  NCONF_free: procedure(conf: PCONF) cdecl = nil;
+  NCONF_free_data: procedure(conf: PCONF) cdecl = nil;
+
+  NCONF_load: function(conf: PCONF; const &file: PAnsiChar; eline: PIdC_LONG): TIdC_INT cdecl = nil;
+  NCONF_load_bio: function(conf: PCONF; bp: PBIO; eline: PIdC_LONG): TIdC_INT cdecl = nil;
+  //STACK_OF(CONF_VALUE) *NCONF_get_section(const CONF *conf,
+  //                                        const char *section);
+  NCONF_get_string: function(const conf: PCONF; const group: PAnsiChar; const name: PAnsiChar): PAnsiChar cdecl = nil;
+  NCONF_get_number_e: function(const conf: PCONF; const group: PAnsiChar; const name: PAnsiChar; result: PIdC_LONG): TIdC_INT cdecl = nil;
+  NCONF_dump_bio: function(const conf: PCONf; out: PBIO): TIdC_INT cdecl = nil;
+
+  //#define NCONF_get_number(c,g,n,r) NCONF_get_number_e(c,g,n,r)
+
+  //* Module functions */
+
+  CONF_modules_load: function(const cnf: PCONF; const appname: PAnsiChar; flags: TIdC_ULONG): TIdC_INT cdecl = nil;
+  CONF_modules_load_file: function(const filename: PAnsiChar; const appname: PAnsiChar; flags: TIdC_ULONG): TIdC_INT cdecl = nil;
+
+  CONF_modules_unload: procedure(all: TIdC_INT) cdecl = nil;
+  CONF_modules_finish: procedure cdecl = nil;
+  CONF_module_add: function(const name: PAnsiChar; ifunc: conf_init_func; ffunc: conf_finish_func): TIdC_INT cdecl = nil;
+
+  //const char *CONF_imodule_get_name(const CONF_IMODULE *md);
+  //const char *CONF_imodule_get_value(const CONF_IMODULE *md);
+  CONF_imodule_get_usr_data: function(const md: PCONF_IMODULE): Pointer cdecl = nil;
+  CONF_imodule_set_usr_data: procedure(md: PCONF_IMODULE; usr_data: Pointer) cdecl = nil;
+  CONF_imodule_get_module: function(const md: PCONF_IMODULE): PCONF_MODULE cdecl = nil;
+  CONF_imodule_get_flags: function(const md: PCONF_IMODULE): TIdC_ULONG cdecl = nil;
+  CONF_imodule_set_flags: procedure(md: PCONF_IMODULE; flags: TIdC_ULONG) cdecl = nil;
+  CONF_module_get_usr_data: function(pmod: PCONF_MODULE): Pointer cdecl = nil;
+  CONF_module_set_usr_data: procedure(pmod: PCONF_MODULE; usr_data: Pointer) cdecl = nil;
+
+  CONF_get1_default_config_file: function: PAnsiChar cdecl = nil;
+  CONF_parse_list: function(const list: PAnsiChar; sep: TIdC_INT; nospc: TIdC_INT; list_cb: CONF_parse_list_list_cb; arg: Pointer): TIdC_INT cdecl = nil;
+
+  OPENSSL_load_builtin_modules: procedure cdecl = nil;
+
+implementation
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+
+  function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
+  begin
+    Result := LoadLibFunction(ADllHandle, AMethodName);
+    if not Assigned(Result) then
+      AFailed.Add(AMethodName);
+  end;
+
+begin
+  CONF_set_default_method := LoadFunction('CONF_set_default_method', AFailed);
+  NCONF_new := LoadFunction('NCONF_new', AFailed);
+  NCONF_default := LoadFunction('NCONF_default', AFailed);
+  NCONF_WIN32 := LoadFunction('NCONF_WIN32', AFailed);
+  NCONF_free := LoadFunction('NCONF_free', AFailed);
+  NCONF_free_data := LoadFunction('NCONF_free_data', AFailed);
+  NCONF_load := LoadFunction('NCONF_load', AFailed);
+  NCONF_load_bio := LoadFunction('NCONF_load_bio', AFailed);
+  NCONF_get_string := LoadFunction('NCONF_get_string', AFailed);
+  NCONF_get_number_e := LoadFunction('NCONF_get_number_e', AFailed);
+  NCONF_dump_bio := LoadFunction('NCONF_dump_bio', AFailed);
+  CONF_modules_load := LoadFunction('CONF_modules_load', AFailed);
+  CONF_modules_load_file := LoadFunction('CONF_modules_load_file', AFailed);
+  CONF_modules_unload := LoadFunction('CONF_modules_unload', AFailed);
+  CONF_modules_finish := LoadFunction('CONF_modules_finish', AFailed);
+  CONF_module_add := LoadFunction('CONF_module_add', AFailed);
+  CONF_imodule_get_usr_data := LoadFunction('CONF_imodule_get_usr_data', AFailed);
+  CONF_imodule_set_usr_data := LoadFunction('CONF_imodule_set_usr_data', AFailed);
+  CONF_imodule_get_module := LoadFunction('CONF_imodule_get_module', AFailed);
+  CONF_imodule_get_flags := LoadFunction('CONF_imodule_get_flags', AFailed);
+  CONF_imodule_set_flags := LoadFunction('CONF_imodule_set_flags', AFailed);
+  CONF_module_get_usr_data := LoadFunction('CONF_module_get_usr_data', AFailed);
+  CONF_module_set_usr_data := LoadFunction('CONF_module_set_usr_data', AFailed);
+  CONF_get1_default_config_file := LoadFunction('CONF_get1_default_config_file', AFailed);
+  CONF_parse_list := LoadFunction('CONF_parse_list', AFailed);
+  OPENSSL_load_builtin_modules := LoadFunction('OPENSSL_load_builtin_modules', AFailed);
+end;
+
+procedure UnLoad;
+begin
+  CONF_set_default_method := nil;
+  NCONF_new := nil;
+  NCONF_default := nil;
+  NCONF_WIN32 := nil;
+  NCONF_free := nil;
+  NCONF_free_data := nil;
+  NCONF_load := nil;
+  NCONF_load_bio := nil;
+  NCONF_get_string := nil;
+  NCONF_get_number_e := nil;
+  NCONF_dump_bio := nil;
+  CONF_modules_load := nil;
+  CONF_modules_load_file := nil;
+  CONF_modules_unload := nil;
+  CONF_modules_finish := nil;
+  CONF_module_add := nil;
+  CONF_imodule_get_usr_data := nil;
+  CONF_imodule_set_usr_data := nil;
+  CONF_imodule_get_module := nil;
+  CONF_imodule_get_flags := nil;
+  CONF_imodule_set_flags := nil;
+  CONF_module_get_usr_data := nil;
+  CONF_module_set_usr_data := nil;
+  CONF_get1_default_config_file := nil;
+  CONF_parse_list := nil;
+  OPENSSL_load_builtin_modules := nil;
+end;
+{$ENDREGION}
+
+end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_conf_api.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_conf_api.pas
new file mode 100644
index 000000000..2dcdfa1f5
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_conf_api.pas
@@ -0,0 +1,105 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 15:01:04
+
+unit IdOpenSSLHeaders_conf_api;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// conf_api.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  Classes,
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts,
+  IdOpenSSLHeaders_conf;
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+procedure UnLoad;
+{$ENDREGION}
+
+var
+  //* Up until OpenSSL 0.9.5a, this was new_section */
+  _CONF_new_section: function(conf: PCONF; const section: PAnsiChar): PCONF_VALUE cdecl = nil;
+  //* Up until OpenSSL 0.9.5a, this was get_section */
+  _CONF_get_section: function(const conf: PCONF; const section: PAnsiChar): PCONF_VALUE cdecl = nil;
+  //* Up until OpenSSL 0.9.5a, this was CONF_get_section */
+  //STACK_OF(CONF_VALUE) *_CONF_get_section_values(const CONF *conf,
+  //                                               const char *section);
+
+  _CONF_add_string: function(conf: PCONF; section: PCONF_VALUE; value: PCONF_VALUE): TIdC_INT cdecl = nil;
+  _CONF_get_string: function(const conf: PCONF; const section: PAnsiChar; const name: PAnsiChar): PAnsiChar cdecl = nil;
+  _CONF_get_number: function(const conf: PCONF; const section: PAnsiChar; const name: PAnsiChar): TIdC_LONG cdecl = nil;
+
+  _CONF_new_data: function(conf: PCONF): TIdC_INT cdecl = nil;
+  _CONF_free_data: procedure(conf: PCONF) cdecl = nil;
+
+
+implementation
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+
+  function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
+  begin
+    Result := LoadLibFunction(ADllHandle, AMethodName);
+    if not Assigned(Result) then
+      AFailed.Add(AMethodName);
+  end;
+
+begin
+  _CONF_new_section := LoadFunction('_CONF_new_section', AFailed);
+  _CONF_get_section := LoadFunction('_CONF_get_section', AFailed);
+  _CONF_add_string := LoadFunction('_CONF_add_string', AFailed);
+  _CONF_get_string := LoadFunction('_CONF_get_string', AFailed);
+  _CONF_get_number := LoadFunction('_CONF_get_number', AFailed);
+  _CONF_new_data := LoadFunction('_CONF_new_data', AFailed);
+  _CONF_free_data := LoadFunction('_CONF_free_data', AFailed);
+end;
+
+procedure UnLoad;
+begin
+  _CONF_new_section := nil;
+  _CONF_get_section := nil;
+  _CONF_add_string := nil;
+  _CONF_get_string := nil;
+  _CONF_get_number := nil;
+  _CONF_new_data := nil;
+  _CONF_free_data := nil;
+end;
+{$ENDREGION}
+
+end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_conferr.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_conferr.pas
new file mode 100644
index 000000000..3f65cbfdf
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_conferr.pas
@@ -0,0 +1,132 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 15:01:04
+
+unit IdOpenSSLHeaders_conferr;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// conferr.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  Classes,
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+const
+  ///*
+  // * CONF function codes.
+  // */
+  CONF_F_CONF_DUMP_FP = 104;
+  CONF_F_CONF_LOAD = 100;
+  CONF_F_CONF_LOAD_FP = 103;
+  CONF_F_CONF_PARSE_LIST = 119;
+  CONF_F_DEF_LOAD = 120;
+  CONF_F_DEF_LOAD_BIO = 121;
+  CONF_F_GET_NEXT_FILE = 107;
+  CONF_F_MODULE_ADD = 122;
+  CONF_F_MODULE_INIT = 115;
+  CONF_F_MODULE_LOAD_DSO = 117;
+  CONF_F_MODULE_RUN = 118;
+  CONF_F_NCONF_DUMP_BIO = 105;
+  CONF_F_NCONF_DUMP_FP = 106;
+  CONF_F_NCONF_GET_NUMBER_E = 112;
+  CONF_F_NCONF_GET_SECTION = 108;
+  CONF_F_NCONF_GET_STRING = 109;
+  CONF_F_NCONF_LOAD = 113;
+  CONF_F_NCONF_LOAD_BIO = 110;
+  CONF_F_NCONF_LOAD_FP = 114;
+  CONF_F_NCONF_NEW = 111;
+  CONF_F_PROCESS_INCLUDE = 116;
+  CONF_F_SSL_MODULE_INIT = 123;
+  CONF_F_STR_COPY = 101;
+
+  ///*
+  // * CONF reason codes.
+  // */
+  CONF_R_ERROR_LOADING_DSO = 110;
+  CONF_R_LIST_CANNOT_BE_NULL = 115;
+  CONF_R_MISSING_CLOSE_SQUARE_BRACKET = 100;
+  CONF_R_MISSING_EQUAL_SIGN = 101;
+  CONF_R_MISSING_INIT_FUNCTION = 112;
+  CONF_R_MODULE_INITIALIZATION_ERROR = 109;
+  CONF_R_NO_CLOSE_BRACE = 102;
+  CONF_R_NO_CONF = 105;
+  CONF_R_NO_CONF_OR_ENVIRONMENT_VARIABLE = 106;
+  CONF_R_NO_SECTION = 107;
+  CONF_R_NO_SUCH_FILE = 114;
+  CONF_R_NO_VALUE = 108;
+  CONF_R_NUMBER_TOO_LARGE = 121;
+  CONF_R_RECURSIVE_DIRECTORY_INCLUDE = 111;
+  CONF_R_SSL_COMMAND_SECTION_EMPTY = 117;
+  CONF_R_SSL_COMMAND_SECTION_NOT_FOUND = 118;
+  CONF_R_SSL_SECTION_EMPTY = 119;
+  CONF_R_SSL_SECTION_NOT_FOUND = 120;
+  CONF_R_UNABLE_TO_CREATE_NEW_SECTION = 103;
+  CONF_R_UNKNOWN_MODULE_NAME = 113;
+  CONF_R_VARIABLE_EXPANSION_TOO_LONG = 116;
+  CONF_R_VARIABLE_HAS_NO_VALUE = 104;
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+procedure UnLoad;
+{$ENDREGION}
+
+var
+  ERR_load_CONF_strings: function: TIdC_INT cdecl = nil;
+
+implementation
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+
+  function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
+  begin
+    Result := LoadLibFunction(ADllHandle, AMethodName);
+    if not Assigned(Result) then
+      AFailed.Add(AMethodName);
+  end;
+
+begin
+  ERR_load_CONF_strings := LoadFunction('ERR_load_CONF_strings', AFailed);
+end;
+
+procedure UnLoad;
+begin
+  ERR_load_CONF_strings := nil;
+end;
+{$ENDREGION}
+
+end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_crypto.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_crypto.pas
new file mode 100644
index 000000000..1d172fa58
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_crypto.pas
@@ -0,0 +1,601 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 15:01:04
+
+unit IdOpenSSLHeaders_crypto;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// crypto.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  Classes,
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts,
+  IdOpenSSLHeaders_bio,
+  IdOpenSSLHeaders_ossl_typ,
+  System.Types;
+
+{$MINENUMSIZE 4}
+
+const
+  CRYPTO_MEM_CHECK_OFF = $0;   //* Control only */
+  CRYPTO_MEM_CHECK_ON = $1;   //* Control and mode bit */
+  CRYPTO_MEM_CHECK_ENABLE = $2;   //* Control and mode bit */
+  CRYPTO_MEM_CHECK_DISABLE = $3;   //* Control only */
+
+  CRYPTO_EX_INDEX_SSL = 0;
+  CRYPTO_EX_INDEX_SSL_CTX = 1;
+  CRYPTO_EX_INDEX_SSL_SESSION = 2;
+  CRYPTO_EX_INDEX_X509 = 3;
+  CRYPTO_EX_INDEX_X509_STORE = 4;
+  CRYPTO_EX_INDEX_X509_STORE_CTX = 5;
+  CRYPTO_EX_INDEX_DH = 6;
+  CRYPTO_EX_INDEX_DSA = 7;
+  CRYPTO_EX_INDEX_EC_KEY = 8;
+  CRYPTO_EX_INDEX_RSA = 9;
+  CRYPTO_EX_INDEX_ENGINE = 10;
+  CRYPTO_EX_INDEX_UI = 11;
+  CRYPTO_EX_INDEX_BIO = 12;
+  CRYPTO_EX_INDEX_APP = 13;
+  CRYPTO_EX_INDEX_UI_METHOD = 14;
+  CRYPTO_EX_INDEX_DRBG = 15;
+  CRYPTO_EX_INDEX__COUNT = 16;
+  
+  // Added _CONST to prevent nameclashes
+  OPENSSL_VERSION_CONST = 0;
+  OPENSSL_CFLAGS = 1;
+  OPENSSL_BUILT_ON = 2;
+  OPENSSL_PLATFORM = 3;
+  OPENSSL_DIR = 4;
+  OPENSSL_ENGINES_DIR = 5;
+
+  (*
+   * These defines where used in combination with the old locking callbacks,
+   * they are not called anymore, but old code that's not called might still
+   * use them.
+   *)
+  CRYPTO_LOCK = 1;
+  CRYPTO_UNLOCK = 2;
+  CRYPTO_READ = 4;
+  CRYPTO_WRITE = 8;
+
+  (* Standard initialisation options *)
+  OPENSSL_INIT_NO_LOAD_CRYPTO_STRINGS = TIdC_Long($00000001);
+  OPENSSL_INIT_LOAD_CRYPTO_STRINGS = TIdC_Long($00000002);
+  OPENSSL_INIT_ADD_ALL_CIPHERS = TIdC_Long($00000004);
+  OPENSSL_INIT_ADD_ALL_DIGESTS = TIdC_Long($00000008);
+  OPENSSL_INIT_NO_ADD_ALL_CIPHERS = TIdC_Long($00000010);
+  OPENSSL_INIT_NO_ADD_ALL_DIGESTS = TIdC_Long($00000020);
+  OPENSSL_INIT_LOAD_CONFIG = TIdC_Long($00000040);
+  OPENSSL_INIT_NO_LOAD_CONFIG = TIdC_Long($00000080);
+  OPENSSL_INIT_ASYNC = TIdC_Long($00000100);
+  OPENSSL_INIT_ENGINE_RDRAND = TIdC_Long($00000200);
+  OPENSSL_INIT_ENGINE_DYNAMIC = TIdC_Long($00000400);
+  OPENSSL_INIT_ENGINE_OPENSSL = TIdC_Long($00000800);
+  OPENSSL_INIT_ENGINE_CRYPTODEV = TIdC_Long($00001000);
+  OPENSSL_INIT_ENGINE_CAPI = TIdC_Long($00002000);
+  OPENSSL_INIT_ENGINE_PADLOCK = TIdC_Long($00004000);
+  OPENSSL_INIT_ENGINE_AFALG = TIdC_Long($00008000);
+  (* OPENSSL_INIT_ZLIB = TIdC_Long($00010000); *)
+  OPENSSL_INIT_ATFORK = TIdC_Long(00020000);
+  (* OPENSSL_INIT_BASE_ONLY = TIdC_Long(00040000); *)
+  OPENSSL_INIT_NO_ATEXIT = TIdC_Long(00080000);
+  (* OPENSSL_INIT flag range 0xfff00000 reserved for OPENSSL_init_ssl() *)
+  (* Max OPENSSL_INIT flag value is 0x80000000 *)
+
+  (* openssl and dasync not counted as builtin *)
+  OPENSSL_INIT_ENGINE_ALL_BUILTIN = OPENSSL_INIT_ENGINE_RDRAND
+    or OPENSSL_INIT_ENGINE_DYNAMIC or OPENSSL_INIT_ENGINE_CRYPTODEV
+    or OPENSSL_INIT_ENGINE_CAPI or OPENSSL_INIT_ENGINE_PADLOCK;
+
+  CRYPTO_ONCE_STATIC_INIT = 0;
+
+type
+  CRYPTO_RWLOCK = type Pointer;
+  PCRYPTO_RWLOCK = ^CRYPTO_RWLOCK;
+  //crypto_ex_data_st = record
+  //  sk: PStackOfVoid;
+  //end;
+  //DEFINE_STACK_OF(void)
+
+  // CRYPTO_EX_new = procedure(parent: Pointer; ptr: Pointer; CRYPTO_EX_DATA *ad; idx: TIdC_INT; argl: TIdC_LONG; argp: Pointer);
+  //  CRYPTO_EX_free = procedure(void *parent, void *ptr, CRYPTO_EX_DATA *ad,
+  //                             int idx, long argl, void *argp);
+  //typedef int CRYPTO_EX_dup (CRYPTO_EX_DATA *to, const CRYPTO_EX_DATA *from,
+  //                           void *from_d, int idx, long argl, void *argp);
+  //__owur int CRYPTO_get_ex_new_index(int class_index, long argl, void *argp,
+  //                            CRYPTO_EX_new *new_func, CRYPTO_EX_dup *dup_func,
+  //                            CRYPTO_EX_free *free_func);
+
+  CRYPTO_mem_leaks_cb_cb = function(const str: PIdAnsiChar; len: TIdC_SIZET; u: Pointer): TIdC_INT;
+  CRYPTO_THREAD_run_once_init = procedure;
+
+  CRYPTO_THREAD_LOCAL = type DWORD;
+  PCRYPTO_THREAD_LOCAL = ^CRYPTO_THREAD_LOCAL;
+  CRYPTO_THREAD_ID = type DWORD;
+  CRYPTO_ONCE = type TIdC_LONG;
+  PCRYPTO_ONCE = ^CRYPTO_ONCE;
+
+{$REGION 'C compiler macros'}
+function OPENSSL_malloc(num: TIdC_SIZET): Pointer;
+function OPENSSL_zalloc(num: TIdC_SIZET): Pointer;
+function OPENSSL_realloc(addr: Pointer; num: TIdC_SIZET): Pointer;
+function OPENSSL_clear_realloc(addr: Pointer; old_num: TIdC_SIZET; num: TIdC_SIZET): Pointer;
+procedure OPENSSL_clear_free(addr: Pointer; num: TIdC_SIZET);
+procedure OPENSSL_free(addr: Pointer);
+function OPENSSL_memdup(const str: Pointer; s: TIdC_SIZET): Pointer;
+function OPENSSL_strdup(const str: PAnsiChar): PAnsiChar;
+function OPENSSL_strndup(const str: PAnsiChar; n: TIdC_SIZET): PAnsiChar;
+function OPENSSL_secure_malloc(num: TIdC_SIZET): Pointer;
+function OPENSSL_secure_zalloc(num: TIdC_SIZET): Pointer;
+procedure OPENSSL_secure_free(addr: Pointer);
+procedure OPENSSL_secure_clear_free(addr: Pointer; num: TIdC_SIZET);
+function OPENSSL_secure_actual_size(ptr: Pointer): TIdC_SIZET;
+{$ENDREGION}
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+procedure UnLoad;
+{$ENDREGION}
+
+var
+  CRYPTO_THREAD_lock_new: function: PCRYPTO_RWLOCK cdecl = nil;
+  CRYPTO_THREAD_read_lock: function(lock: PCRYPTO_RWLOCK): TIdC_INT cdecl = nil;
+  CRYPTO_THREAD_write_lock: function(lock: PCRYPTO_RWLOCK): TIdC_INT cdecl = nil;
+  CRYPTO_THREAD_unlock: function(lock: PCRYPTO_RWLOCK): TIdC_INT cdecl = nil;
+  CRYPTO_THREAD_lock_free: procedure(lock: PCRYPTO_RWLOCK) cdecl = nil;
+
+  CRYPTO_atomic_add: function(val: PIdC_INT; amount: TIdC_INT; ret: PIdC_INT; lock: PCRYPTO_RWLOCK): TIdC_INT cdecl = nil;
+
+  CRYPTO_mem_ctrl: function(mode: TIdC_INT): TIdC_INT cdecl = nil;
+
+  OPENSSL_strlcpy: function(dst: PIdAnsiChar; const src: PIdAnsiChar; siz: TIdC_SIZET): TIdC_SIZET cdecl = nil;
+  OPENSSL_strlcat: function(dst: PIdAnsiChar; const src: PIdAnsiChar; siz: TIdC_SIZET): TIdC_SIZET cdecl = nil;
+  OPENSSL_strnlen: function(const str: PIdAnsiChar; maxlen: TIdC_SIZET): TIdC_SIZET cdecl = nil;
+  OPENSSL_buf2hexstr: function(const buffer: PByte; len: TIdC_LONG): PIdAnsiChar cdecl = nil;
+  OPENSSL_hexstr2buf: function(const str: PIdAnsiChar; len: PIdC_LONG): PByte cdecl = nil;
+  OPENSSL_hexchar2int: function(c: Byte): TIdC_INT cdecl = nil;
+
+  // # define OPENSSL_MALLOC_MAX_NELEMS(type)  (((1U<<(sizeof(int)*8-1))-1)/sizeof(type))
+
+  OpenSSL_version_num: function: TIdC_ULONG cdecl = nil;
+  OpenSSL_version: function(&type: TIdC_INT): PAnsiChar cdecl = nil;
+
+  OPENSSL_issetugid: function: TIdC_INT cdecl = nil;
+
+  (* No longer use an index. *)
+  //function CRYPTO_free_ex_index(class_index: TIdC_INT; idx: TIdC_INT): TIdC_INT;
+
+  (*
+   * Initialise/duplicate/free CRYPTO_EX_DATA variables corresponding to a
+   * given class (invokes whatever per-class callbacks are applicable)
+   *)
+   CRYPTO_new_ex_data: function(class_index: TIdC_INT; obj: Pointer; ad: PCRYPTO_EX_DATA): TIdC_INT cdecl = nil;
+   CRYPTO_dup_ex_data: function(class_index: TIdC_INT; &to: PCRYPTO_EX_DATA; const from: PCRYPTO_EX_DATA): TIdC_INT cdecl = nil;
+
+   CRYPTO_free_ex_data: procedure(class_index: TIdC_INT; obj: Pointer; ad: PCRYPTO_EX_DATA) cdecl = nil;
+
+  (*
+   * Get/set data in a CRYPTO_EX_DATA variable corresponding to a particular
+   * index (relative to the class type involved)
+   *)
+   CRYPTO_set_ex_data: function(ad: PCRYPTO_EX_DATA; idx: TIdC_INT; val: Pointer): TIdC_INT cdecl = nil;
+   CRYPTO_get_ex_data: function(const ad: PCRYPTO_EX_DATA; idx: TIdC_INT): Pointer cdecl = nil;
+
+  ///*
+  // * The old locking functions have been removed completely without compatibility
+  // * macros. This is because the old functions either could not properly report
+  // * errors, or the returned error values were not clearly documented.
+  // * Replacing the locking functions with no-ops would cause race condition
+  // * issues in the affected applications. It is far better for them to fail at
+  // * compile time.
+  // * On the other hand, the locking callbacks are no longer used.  Consequently,
+  // * the callback management functions can be safely replaced with no-op macros.
+  // */
+  //#  define CRYPTO_num_locks()            (1)
+  //#  define CRYPTO_set_locking_callback(func)
+  //#  define CRYPTO_get_locking_callback()         (NULL)
+  //#  define CRYPTO_set_add_lock_callback(func)
+  //#  define CRYPTO_get_add_lock_callback()        (NULL)
+
+  ///* Only use CRYPTO_THREADID_set_[numeric|pointer]() within callbacks */
+  //#  define CRYPTO_THREADID_set_numeric(id, val)
+  //#  define CRYPTO_THREADID_set_pointer(id, ptr)
+  //#  define CRYPTO_THREADID_set_callback(threadid_func)   (0)
+  //#  define CRYPTO_THREADID_get_callback()                (NULL)
+  //#  define CRYPTO_THREADID_current(id)
+  //#  define CRYPTO_THREADID_cmp(a, b)                     (-1)
+  //#  define CRYPTO_THREADID_cpy(dest, src)
+  //#  define CRYPTO_THREADID_hash(id)                      (0UL)
+  //
+  //#  define CRYPTO_set_dynlock_create_callback(dyn_create_function)
+  //#  define CRYPTO_set_dynlock_lock_callback(dyn_lock_function)
+  //#  define CRYPTO_set_dynlock_destroy_callback(dyn_destroy_function)
+  //#  define CRYPTO_get_dynlock_create_callback()          (NULL)
+  //#  define CRYPTO_get_dynlock_lock_callback()            (NULL)
+  //#  define CRYPTO_get_dynlock_destroy_callback()         (NULL)
+  //# endif /* OPENSSL_API_COMPAT < 0x10100000L */
+
+  //int CRYPTO_set_mem_functions(
+  //        void *(*m) (TIdC_SIZET, const char *, int),
+  //        void *(*r) (void *, TIdC_SIZET, const char *, int),
+  //        void (*f) (void *, const char *, int));
+  //int CRYPTO_set_mem_debug(int flag);
+  //void CRYPTO_get_mem_functions(
+  //        void *(**m) (TIdC_SIZET, const char *, int),
+  //        void *(**r) (void *, TIdC_SIZET, const char *, int),
+  //        void (**f) (void *, const char *, int));
+
+  CRYPTO_malloc: function(num: TIdC_SIZET; const &file: PAnsiChar; line: TIdC_INT): Pointer cdecl = nil;
+  CRYPTO_zalloc: function(num: TIdC_SIZET; const &file: PAnsiChar; line: TIdC_INT): Pointer cdecl = nil;
+  CRYPTO_memdup: function(const str: Pointer; siz: TIdC_SIZET; const &file: PAnsiChar; line: TIdC_INT): Pointer cdecl = nil;
+  CRYPTO_strdup: function(const str: PAnsiChar; const &file: PAnsiChar; line: TIdC_INT): PAnsiChar cdecl = nil;
+  CRYPTO_strndup: function(const str: PAnsiChar; s: TIdC_SIZET; const &file: PAnsiChar; line: TIdC_INT): PAnsiChar cdecl = nil;
+  CRYPTO_free: procedure(ptr: Pointer; const &file: PAnsiChar; line: TIdC_INT) cdecl = nil;
+  CRYPTO_clear_free: procedure(ptr: Pointer; num: TIdC_SIZET; const &file: PAnsiChar; line: TIdC_INT) cdecl = nil;
+  CRYPTO_realloc: function(addr: Pointer; num: TIdC_SIZET; const &file: PAnsiChar; line: TIdC_INT): Pointer cdecl = nil;
+  CRYPTO_clear_realloc: function(addr: Pointer; old_num: TIdC_SIZET; num: TIdC_SIZET; const &file: PAnsiChar; line: TIdC_INT): Pointer cdecl = nil;
+
+  CRYPTO_secure_malloc_init: function(sz: TIdC_SIZET; minsize: TIdC_INT): TIdC_INT cdecl = nil;
+  CRYPTO_secure_malloc_done: function: TIdC_INT cdecl = nil;
+  CRYPTO_secure_malloc: function(num: TIdC_SIZET; const &file: PAnsiChar; line: TIdC_INT): Pointer cdecl = nil;
+  CRYPTO_secure_zalloc: function(num: TIdC_SIZET; const &file: PAnsiChar; line: TIdC_INT): Pointer cdecl = nil;
+  CRYPTO_secure_free: procedure(ptr: Pointer; const &file: PAnsiChar; line: TIdC_INT) cdecl = nil;
+  CRYPTO_secure_clear_free: procedure(ptr: Pointer; num: TIdC_SIZET; const &file: PAnsiChar; line: TIdC_INT) cdecl = nil;
+  CRYPTO_secure_allocated: function(const ptr: Pointer): TIdC_INT cdecl = nil;
+  CRYPTO_secure_malloc_initialized: function: TIdC_INT cdecl = nil;
+  CRYPTO_secure_actual_size: function(ptr: Pointer): TIdC_SIZET cdecl = nil;
+  CRYPTO_secure_used: function: TIdC_SIZET cdecl = nil;
+
+  OPENSSL_cleanse: procedure(ptr: Pointer; len: TIdC_SIZET) cdecl = nil;
+
+  CRYPTO_mem_debug_push: function(const info: PAnsiChar; const &file: PAnsiChar; line: TIdC_INT): TIdC_INT cdecl = nil;
+  CRYPTO_mem_debug_pop: function: TIdC_INT cdecl = nil;
+  CRYPTO_get_alloc_counts: procedure(mcount: PIdC_INT; rcount: PIdC_INT; fcount: PIdC_INT) cdecl = nil;
+
+  (*
+   * Debugging functions (enabled by CRYPTO_set_mem_debug(1))
+   * The flag argument has the following significance:
+   *   0:   called before the actual memory allocation has taken place
+   *   1:   called after the actual memory allocation has taken place
+   *)
+  CRYPTO_mem_debug_malloc: procedure(addr: Pointer; num: TIdC_SIZET; flag: TIdC_INT; const &file: PAnsiChar; line: TIdC_INT) cdecl = nil;
+  CRYPTO_mem_debug_realloc: procedure(addr1: Pointer; addr2: Pointer; num: TIdC_SIZET; flag: TIdC_INT; const &file: PAnsiChar; line: TIdC_INT) cdecl = nil;
+  CRYPTO_mem_debug_free: procedure(addr: Pointer; flag: TIdC_INT; const &file: PAnsiChar; line: TIdC_INT) cdecl = nil;
+
+  CRYPTO_mem_leaks_cb: function(cb: CRYPTO_mem_leaks_cb_cb; u: Pointer): TIdC_INT cdecl = nil;
+
+//  function CRYPTO_mem_leaks_fp(&FILE: Pointer): TIdC_INT;
+  CRYPTO_mem_leaks: function(BIO: PBIO): TIdC_INT cdecl = nil;
+
+  //* die if we have to */
+  //ossl_noreturn void OPENSSL_die(const char *assertion, const char *file, int line);
+
+  //# define OPENSSL_assert(e) \
+  //    (void)((e) ? 0 : (OPENSSL_die("assertion failed: " #e, OPENSSL_FILE, OPENSSL_LINE), 1))
+
+  OPENSSL_isservice: function: TIdC_INT cdecl = nil;
+
+  FIPS_mode: function: TIdC_INT cdecl = nil;
+  FIPS_mode_set: function(r: TIdC_INT): TIdC_INT cdecl = nil;
+
+  OPENSSL_init: procedure cdecl = nil;
+
+  // struct tm *OPENSSL_gmtime(const TIdC_TIMET *timer, struct tm *result);
+
+  //function OPENSSL_gmtime_adj(struct tm *tm, int offset_day, long offset_sec): TIdC_INT;
+  //function OPENSSL_gmtime_diff(int *pday, int *psec, const struct tm *from, const struct tm *to): TIdC_INT;
+
+  (*
+   * CRYPTO_memcmp returns zero iff the |len| bytes at |a| and |b| are equal.
+   * It takes an amount of time dependent on |len|, but independent of the
+   * contents of |a| and |b|. Unlike memcmp, it cannot be used to put elements
+   * into a defined order as the return value when a != b is undefined, other
+   * than to be non-zero.
+   *)
+  CRYPTO_memcmp: function(const in_a: Pointer; const in_b: Pointer; len: TIdC_SIZET): TIdC_INT cdecl = nil;
+
+  (* Library initialisation functions *)
+  OPENSSL_cleanup: procedure cdecl = nil;
+  OPENSSL_init_crypto: function(opts: TIdC_UINT64; const settings: POPENSSL_INIT_SETTINGS): TIdC_INT cdecl = nil;
+  // int OPENSSL_atexit(void (*handler)(void));
+  OPENSSL_thread_stop: procedure cdecl = nil;
+
+  (* Low-level control of initialization *)
+  OPENSSL_INIT_new: function: POPENSSL_INIT_SETTINGS cdecl = nil;
+  //int OPENSSL_INIT_set_config_filename(OPENSSL_INIT_SETTINGS *settings,
+  //                                     const char *config_filename);
+  //void OPENSSL_INIT_set_config_file_flags(OPENSSL_INIT_SETTINGS *settings,
+  //                                        unsigned long flags);
+  //int OPENSSL_INIT_set_config_appname(OPENSSL_INIT_SETTINGS *settings,
+  //                                    const char *config_appname);
+  OPENSSL_INIT_free: procedure(settings: POPENSSL_INIT_SETTINGS) cdecl = nil;
+
+  CRYPTO_THREAD_run_once: function(once: PCRYPTO_ONCE; init: CRYPTO_THREAD_run_once_init): TIdC_INT cdecl = nil;
+
+  //type
+  //  CRYPTO_THREAD_init_local_cleanup = procedure(v1: Pointer);
+  //
+  //function CRYPTO_THREAD_init_local(key: PCRYPTO_THREAD_LOCAL; cleanup: CRYPTO_THREAD_init_local_cleanup): TIdC_INT;
+  CRYPTO_THREAD_get_local: function(key: PCRYPTO_THREAD_LOCAL): Pointer cdecl = nil;
+  CRYPTO_THREAD_set_local: function(key: PCRYPTO_THREAD_LOCAL; val: Pointer): TIdC_INT cdecl = nil;
+  CRYPTO_THREAD_cleanup_local: function(key: PCRYPTO_THREAD_LOCAL): TidC_INT cdecl = nil;
+
+  CRYPTO_THREAD_get_current_id: function: CRYPTO_THREAD_ID cdecl = nil;
+  CRYPTO_THREAD_compare_id: function(a: CRYPTO_THREAD_ID; b: CRYPTO_THREAD_ID): TIdC_INT cdecl = nil;
+
+implementation
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+
+  function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
+  begin
+    Result := LoadLibFunction(ADllHandle, AMethodName);
+    if not Assigned(Result) then
+      AFailed.Add(AMethodName);
+  end;
+
+begin
+  CRYPTO_THREAD_lock_new := LoadFunction('CRYPTO_THREAD_lock_new', AFailed);
+  CRYPTO_THREAD_read_lock := LoadFunction('CRYPTO_THREAD_read_lock', AFailed);
+  CRYPTO_THREAD_write_lock := LoadFunction('CRYPTO_THREAD_write_lock', AFailed);
+  CRYPTO_THREAD_unlock := LoadFunction('CRYPTO_THREAD_unlock', AFailed);
+  CRYPTO_THREAD_lock_free := LoadFunction('CRYPTO_THREAD_lock_free', AFailed);
+  CRYPTO_atomic_add := LoadFunction('CRYPTO_atomic_add', AFailed);
+  CRYPTO_mem_ctrl := LoadFunction('CRYPTO_mem_ctrl', AFailed);
+  OPENSSL_strlcpy := LoadFunction('OPENSSL_strlcpy', AFailed);
+  OPENSSL_strlcat := LoadFunction('OPENSSL_strlcat', AFailed);
+  OPENSSL_strnlen := LoadFunction('OPENSSL_strnlen', AFailed);
+  OPENSSL_buf2hexstr := LoadFunction('OPENSSL_buf2hexstr', AFailed);
+  OPENSSL_hexstr2buf := LoadFunction('OPENSSL_hexstr2buf', AFailed);
+  OPENSSL_hexchar2int := LoadFunction('OPENSSL_hexchar2int', AFailed);
+  OpenSSL_version_num := LoadFunction('OpenSSL_version_num', AFailed);
+  OpenSSL_version := LoadFunction('OpenSSL_version', AFailed);
+  OPENSSL_issetugid := LoadFunction('OPENSSL_issetugid', AFailed);
+  CRYPTO_new_ex_data := LoadFunction('CRYPTO_new_ex_data', AFailed);
+  CRYPTO_dup_ex_data := LoadFunction('CRYPTO_dup_ex_data', AFailed);
+  CRYPTO_free_ex_data := LoadFunction('CRYPTO_free_ex_data', AFailed);
+  CRYPTO_set_ex_data := LoadFunction('CRYPTO_set_ex_data', AFailed);
+  CRYPTO_get_ex_data := LoadFunction('CRYPTO_get_ex_data', AFailed);
+  CRYPTO_malloc := LoadFunction('CRYPTO_malloc', AFailed);
+  CRYPTO_zalloc := LoadFunction('CRYPTO_zalloc', AFailed);
+  CRYPTO_memdup := LoadFunction('CRYPTO_memdup', AFailed);
+  CRYPTO_strdup := LoadFunction('CRYPTO_strdup', AFailed);
+  CRYPTO_strndup := LoadFunction('CRYPTO_strndup', AFailed);
+  CRYPTO_free := LoadFunction('CRYPTO_free', AFailed);
+  CRYPTO_clear_free := LoadFunction('CRYPTO_clear_free', AFailed);
+  CRYPTO_realloc := LoadFunction('CRYPTO_realloc', AFailed);
+  CRYPTO_clear_realloc := LoadFunction('CRYPTO_clear_realloc', AFailed);
+  CRYPTO_secure_malloc_init := LoadFunction('CRYPTO_secure_malloc_init', AFailed);
+  CRYPTO_secure_malloc_done := LoadFunction('CRYPTO_secure_malloc_done', AFailed);
+  CRYPTO_secure_malloc := LoadFunction('CRYPTO_secure_malloc', AFailed);
+  CRYPTO_secure_zalloc := LoadFunction('CRYPTO_secure_zalloc', AFailed);
+  CRYPTO_secure_free := LoadFunction('CRYPTO_secure_free', AFailed);
+  CRYPTO_secure_clear_free := LoadFunction('CRYPTO_secure_clear_free', AFailed);
+  CRYPTO_secure_allocated := LoadFunction('CRYPTO_secure_allocated', AFailed);
+  CRYPTO_secure_malloc_initialized := LoadFunction('CRYPTO_secure_malloc_initialized', AFailed);
+  CRYPTO_secure_actual_size := LoadFunction('CRYPTO_secure_actual_size', AFailed);
+  CRYPTO_secure_used := LoadFunction('CRYPTO_secure_used', AFailed);
+  OPENSSL_cleanse := LoadFunction('OPENSSL_cleanse', AFailed);
+  CRYPTO_mem_debug_push := LoadFunction('CRYPTO_mem_debug_push', AFailed);
+  CRYPTO_mem_debug_pop := LoadFunction('CRYPTO_mem_debug_pop', AFailed);
+  CRYPTO_get_alloc_counts := LoadFunction('CRYPTO_get_alloc_counts', AFailed);
+  CRYPTO_mem_debug_malloc := LoadFunction('CRYPTO_mem_debug_malloc', AFailed);
+  CRYPTO_mem_debug_realloc := LoadFunction('CRYPTO_mem_debug_realloc', AFailed);
+  CRYPTO_mem_debug_free := LoadFunction('CRYPTO_mem_debug_free', AFailed);
+  CRYPTO_mem_leaks_cb := LoadFunction('CRYPTO_mem_leaks_cb', AFailed);
+  CRYPTO_mem_leaks := LoadFunction('CRYPTO_mem_leaks', AFailed);
+  OPENSSL_isservice := LoadFunction('OPENSSL_isservice', AFailed);
+  FIPS_mode := LoadFunction('FIPS_mode', AFailed);
+  FIPS_mode_set := LoadFunction('FIPS_mode_set', AFailed);
+  OPENSSL_init := LoadFunction('OPENSSL_init', AFailed);
+  CRYPTO_memcmp := LoadFunction('CRYPTO_memcmp', AFailed);
+  OPENSSL_cleanup := LoadFunction('OPENSSL_cleanup', AFailed);
+  OPENSSL_init_crypto := LoadFunction('OPENSSL_init_crypto', AFailed);
+  OPENSSL_thread_stop := LoadFunction('OPENSSL_thread_stop', AFailed);
+  OPENSSL_INIT_new := LoadFunction('OPENSSL_INIT_new', AFailed);
+  OPENSSL_INIT_free := LoadFunction('OPENSSL_INIT_free', AFailed);
+  CRYPTO_THREAD_run_once := LoadFunction('CRYPTO_THREAD_run_once', AFailed);
+  CRYPTO_THREAD_get_local := LoadFunction('CRYPTO_THREAD_get_local', AFailed);
+  CRYPTO_THREAD_set_local := LoadFunction('CRYPTO_THREAD_set_local', AFailed);
+  CRYPTO_THREAD_cleanup_local := LoadFunction('CRYPTO_THREAD_cleanup_local', AFailed);
+  CRYPTO_THREAD_get_current_id := LoadFunction('CRYPTO_THREAD_get_current_id', AFailed);
+  CRYPTO_THREAD_compare_id := LoadFunction('CRYPTO_THREAD_compare_id', AFailed);
+end;
+
+procedure UnLoad;
+begin
+  CRYPTO_THREAD_lock_new := nil;
+  CRYPTO_THREAD_read_lock := nil;
+  CRYPTO_THREAD_write_lock := nil;
+  CRYPTO_THREAD_unlock := nil;
+  CRYPTO_THREAD_lock_free := nil;
+  CRYPTO_atomic_add := nil;
+  CRYPTO_mem_ctrl := nil;
+  OPENSSL_strlcpy := nil;
+  OPENSSL_strlcat := nil;
+  OPENSSL_strnlen := nil;
+  OPENSSL_buf2hexstr := nil;
+  OPENSSL_hexstr2buf := nil;
+  OPENSSL_hexchar2int := nil;
+  OpenSSL_version_num := nil;
+  OpenSSL_version := nil;
+  OPENSSL_issetugid := nil;
+  CRYPTO_new_ex_data := nil;
+  CRYPTO_dup_ex_data := nil;
+  CRYPTO_free_ex_data := nil;
+  CRYPTO_set_ex_data := nil;
+  CRYPTO_get_ex_data := nil;
+  CRYPTO_malloc := nil;
+  CRYPTO_zalloc := nil;
+  CRYPTO_memdup := nil;
+  CRYPTO_strdup := nil;
+  CRYPTO_strndup := nil;
+  CRYPTO_free := nil;
+  CRYPTO_clear_free := nil;
+  CRYPTO_realloc := nil;
+  CRYPTO_clear_realloc := nil;
+  CRYPTO_secure_malloc_init := nil;
+  CRYPTO_secure_malloc_done := nil;
+  CRYPTO_secure_malloc := nil;
+  CRYPTO_secure_zalloc := nil;
+  CRYPTO_secure_free := nil;
+  CRYPTO_secure_clear_free := nil;
+  CRYPTO_secure_allocated := nil;
+  CRYPTO_secure_malloc_initialized := nil;
+  CRYPTO_secure_actual_size := nil;
+  CRYPTO_secure_used := nil;
+  OPENSSL_cleanse := nil;
+  CRYPTO_mem_debug_push := nil;
+  CRYPTO_mem_debug_pop := nil;
+  CRYPTO_get_alloc_counts := nil;
+  CRYPTO_mem_debug_malloc := nil;
+  CRYPTO_mem_debug_realloc := nil;
+  CRYPTO_mem_debug_free := nil;
+  CRYPTO_mem_leaks_cb := nil;
+  CRYPTO_mem_leaks := nil;
+  OPENSSL_isservice := nil;
+  FIPS_mode := nil;
+  FIPS_mode_set := nil;
+  OPENSSL_init := nil;
+  CRYPTO_memcmp := nil;
+  OPENSSL_cleanup := nil;
+  OPENSSL_init_crypto := nil;
+  OPENSSL_thread_stop := nil;
+  OPENSSL_INIT_new := nil;
+  OPENSSL_INIT_free := nil;
+  CRYPTO_THREAD_run_once := nil;
+  CRYPTO_THREAD_get_local := nil;
+  CRYPTO_THREAD_set_local := nil;
+  CRYPTO_THREAD_cleanup_local := nil;
+  CRYPTO_THREAD_get_current_id := nil;
+  CRYPTO_THREAD_compare_id := nil;
+end;
+{$ENDREGION}
+
+{$REGION 'C compiler macros'}
+// OPENSSL_FILE = __FILE__ = C preprocessor macro
+// OPENSSL_LINE = __LINE__ = C preprocessor macro
+// FPC hase an equivalent with {$I %FILE%} and {$I %LINE%}, see https://www.freepascal.org/docs-html/prog/progsu41.html#x47-460001.1.41
+// Delphi has nothing :(
+
+//# define OPENSSL_malloc(num) CRYPTO_malloc(num, OPENSSL_FILE, OPENSSL_LINE)
+function OPENSSL_malloc(num: TIdC_SIZET): Pointer;
+begin
+  Result := CRYPTO_malloc(num, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINE%}{$ENDIF});
+end;
+
+//# define OPENSSL_zalloc(num) CRYPTO_zalloc(num, OPENSSL_FILE, OPENSSL_LINE)
+function OPENSSL_zalloc(num: TIdC_SIZET): Pointer;
+begin
+  Result := CRYPTO_zalloc(num, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINE%}{$ENDIF});
+end;
+
+//# define OPENSSL_realloc(addr, num) CRYPTO_realloc(addr, num, OPENSSL_FILE, OPENSSL_LINE)
+function OPENSSL_realloc(addr: Pointer; num: TIdC_SIZET): Pointer;
+begin
+  Result := CRYPTO_realloc(addr, num, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINE%}{$ENDIF});
+end;
+
+//# define OPENSSL_clear_realloc(addr, old_num, num) CRYPTO_clear_realloc(addr, old_num, num, OPENSSL_FILE, OPENSSL_LINE)
+function OPENSSL_clear_realloc(addr: Pointer; old_num: TIdC_SIZET; num: TIdC_SIZET): Pointer;
+begin
+  Result := CRYPTO_clear_realloc(addr, old_num, num, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINE%}{$ENDIF});
+end;
+
+//# define OPENSSL_clear_free(addr, num) CRYPTO_clear_free(addr, num, OPENSSL_FILE, OPENSSL_LINE)
+procedure OPENSSL_clear_free(addr: Pointer; num: TIdC_SIZET);
+begin
+  CRYPTO_clear_free(addr, num, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINE%}{$ENDIF});
+end;
+
+//# define OPENSSL_free(addr) CRYPTO_free(addr, OPENSSL_FILE, OPENSSL_LINE)
+procedure OPENSSL_free(addr: Pointer);
+begin
+  CRYPTO_free(addr, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINE%}{$ENDIF});
+end;
+
+//# define OPENSSL_memdup(str, s) CRYPTO_memdup((str), s, OPENSSL_FILE, OPENSSL_LINE)
+function OPENSSL_memdup(const str: Pointer; s: TIdC_SIZET): Pointer;
+begin
+  Result := CRYPTO_memdup(str, s, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINE%}{$ENDIF});
+end;
+
+//# define OPENSSL_strdup(str) CRYPTO_strdup(str, OPENSSL_FILE, OPENSSL_LINE)
+function OPENSSL_strdup(const str: PAnsiChar): PAnsiChar;
+begin
+  Result := CRYPTO_strdup(str, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINE%}{$ENDIF});
+end;
+
+//# define OPENSSL_strndup(str, n) CRYPTO_strndup(str, n, OPENSSL_FILE, OPENSSL_LINE)
+function OPENSSL_strndup(const str: PAnsiChar; n: TIdC_SIZET): PAnsiChar;
+begin
+  Result := CRYPTO_strndup(str, n, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINE%}{$ENDIF});
+end;
+
+//# define OPENSSL_secure_malloc(num) CRYPTO_secure_malloc(num, OPENSSL_FILE, OPENSSL_LINE)
+function OPENSSL_secure_malloc(num: TIdC_SIZET): Pointer;
+begin
+  Result := CRYPTO_secure_malloc(num, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINE%}{$ENDIF});
+end;
+
+//# define OPENSSL_secure_zalloc(num) CRYPTO_secure_zalloc(num, OPENSSL_FILE, OPENSSL_LINE)
+function OPENSSL_secure_zalloc(num: TIdC_SIZET): Pointer;
+begin
+  Result := CRYPTO_secure_zalloc(num, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINE%}{$ENDIF});
+end;
+
+//# define OPENSSL_secure_free(addr) CRYPTO_secure_free(addr, OPENSSL_FILE, OPENSSL_LINE)
+procedure OPENSSL_secure_free(addr: Pointer);
+begin
+  CRYPTO_secure_free(addr, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINE%}{$ENDIF});
+end;
+
+//# define OPENSSL_secure_clear_free(addr, num) CRYPTO_secure_clear_free(addr, num, OPENSSL_FILE, OPENSSL_LINE)
+procedure OPENSSL_secure_clear_free(addr: Pointer; num: TIdC_SIZET);
+begin
+  CRYPTO_secure_clear_free(addr, num, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINE%}{$ENDIF});
+end;
+
+//# define OPENSSL_secure_actual_size(ptr) CRYPTO_secure_actual_size(ptr)
+function OPENSSL_secure_actual_size(ptr: Pointer): TIdC_SIZET;
+begin
+  Result := CRYPTO_secure_actual_size(ptr);
+end;
+{$ENDREGION}
+
+end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_cryptoerr.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_cryptoerr.pas
new file mode 100644
index 000000000..d58258fc9
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_cryptoerr.pas
@@ -0,0 +1,113 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 15:01:04
+
+unit IdOpenSSLHeaders_cryptoerr;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// cryptoerr.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  Classes,
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+const
+  (*
+   * CRYPTO function codes.
+   *)
+  CRYPTO_F_CMAC_CTX_NEW = 120;
+  CRYPTO_F_CRYPTO_DUP_EX_DATA = 110;
+  CRYPTO_F_CRYPTO_FREE_EX_DATA = 111;
+  CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX = 100;
+  CRYPTO_F_CRYPTO_MEMDUP = 115;
+  CRYPTO_F_CRYPTO_NEW_EX_DATA = 112;
+  CRYPTO_F_CRYPTO_OCB128_COPY_CTX = 121;
+  CRYPTO_F_CRYPTO_OCB128_INIT = 122;
+  CRYPTO_F_CRYPTO_SET_EX_DATA = 102;
+  CRYPTO_F_FIPS_MODE_SET = 109;
+  CRYPTO_F_GET_AND_LOCK = 113;
+  CRYPTO_F_OPENSSL_ATEXIT = 114;
+  CRYPTO_F_OPENSSL_BUF2HEXSTR = 117;
+  CRYPTO_F_OPENSSL_FOPEN = 119;
+  CRYPTO_F_OPENSSL_HEXSTR2BUF = 118;
+  CRYPTO_F_OPENSSL_INIT_CRYPTO = 116;
+  CRYPTO_F_OPENSSL_LH_NEW = 126;
+  CRYPTO_F_OPENSSL_SK_DEEP_COPY = 127;
+  CRYPTO_F_OPENSSL_SK_DUP = 128;
+  CRYPTO_F_PKEY_HMAC_INIT = 123;
+  CRYPTO_F_PKEY_POLY1305_INIT = 124;
+  CRYPTO_F_PKEY_SIPHASH_INIT = 125;
+  CRYPTO_F_SK_RESERVE = 129;
+
+  (*
+   * CRYPTO reason codes.
+   *)
+  CRYPTO_R_FIPS_MODE_NOT_SUPPORTED = 101;
+  CRYPTO_R_ILLEGAL_HEX_DIGIT = 102;
+  CRYPTO_R_ODD_NUMBER_OF_DIGITS = 103;
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+procedure UnLoad;
+{$ENDREGION}
+
+var
+  ERR_load_CRYPTO_strings: function: TIdC_INT cdecl = nil;
+
+implementation
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+
+  function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
+  begin
+    Result := LoadLibFunction(ADllHandle, AMethodName);
+    if not Assigned(Result) then
+      AFailed.Add(AMethodName);
+  end;
+
+begin
+  ERR_load_CRYPTO_strings := LoadFunction('ERR_load_CRYPTO_strings', AFailed);
+end;
+
+procedure UnLoad;
+begin
+  ERR_load_CRYPTO_strings := nil;
+end;
+{$ENDREGION}
+
+end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_cterr.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_cterr.pas
new file mode 100644
index 000000000..a02cefea7
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_cterr.pas
@@ -0,0 +1,133 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 15:01:04
+
+unit IdOpenSSLHeaders_cterr;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// cterr.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  Classes,
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+const
+  ///*
+  // * CT function codes.
+  // */
+  CT_F_CTLOG_NEW = 117;
+  CT_F_CTLOG_NEW_FROM_BASE64 = 118;
+  CT_F_CTLOG_NEW_FROM_CONF = 119;
+  CT_F_CTLOG_STORE_LOAD_CTX_NEW = 122;
+  CT_F_CTLOG_STORE_LOAD_FILE = 123;
+  CT_F_CTLOG_STORE_LOAD_LOG = 130;
+  CT_F_CTLOG_STORE_NEW = 131;
+  CT_F_CT_BASE64_DECODE = 124;
+  CT_F_CT_POLICY_EVAL_CTX_NEW = 133;
+  CT_F_CT_V1_LOG_ID_FROM_PKEY = 125;
+  CT_F_I2O_SCT = 107;
+  CT_F_I2O_SCT_LIST = 108;
+  CT_F_I2O_SCT_SIGNATURE = 109;
+  CT_F_O2I_SCT = 110;
+  CT_F_O2I_SCT_LIST = 111;
+  CT_F_O2I_SCT_SIGNATURE = 112;
+  CT_F_SCT_CTX_NEW = 126;
+  CT_F_SCT_CTX_VERIFY = 128;
+  CT_F_SCT_NEW = 100;
+  CT_F_SCT_NEW_FROM_BASE64 = 127;
+  CT_F_SCT_SET0_LOG_ID = 101;
+  CT_F_SCT_SET1_EXTENSIONS = 114;
+  CT_F_SCT_SET1_LOG_ID = 115;
+  CT_F_SCT_SET1_SIGNATURE = 116;
+  CT_F_SCT_SET_LOG_ENTRY_TYPE = 102;
+  CT_F_SCT_SET_SIGNATURE_NID = 103;
+  CT_F_SCT_SET_VERSION = 104;
+
+
+  ///*
+  // * CT reason codes.
+  // */
+  CT_R_BASE64_DECODE_ERROR =  108;
+  CT_R_INVALID_LOG_ID_LENGTH =  100;
+  CT_R_LOG_CONF_INVALID =  109;
+  CT_R_LOG_CONF_INVALID_KEY =  110;
+  CT_R_LOG_CONF_MISSING_DESCRIPTION =  111;
+  CT_R_LOG_CONF_MISSING_KEY =  112;
+  CT_R_LOG_KEY_INVALID =  113;
+  CT_R_SCT_FUTURE_TIMESTAMP =  116;
+  CT_R_SCT_INVALID =   104;
+  CT_R_SCT_INVALID_SIGNATURE =  107;
+  CT_R_SCT_LIST_INVALID =  105;
+  CT_R_SCT_LOG_ID_MISMATCH =  114;
+  CT_R_SCT_NOT_SET =   106;
+  CT_R_SCT_UNSUPPORTED_VERSION =  115;
+  CT_R_UNRECOGNIZED_SIGNATURE_NID =  101;
+  CT_R_UNSUPPORTED_ENTRY_TYPE =  102;
+  CT_R_UNSUPPORTED_VERSION =  103;
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+procedure UnLoad;
+{$ENDREGION}
+
+var
+  ERR_load_CT_strings: function: TIdC_INT cdecl = nil;
+
+
+implementation
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+
+  function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
+  begin
+    Result := LoadLibFunction(ADllHandle, AMethodName);
+    if not Assigned(Result) then
+      AFailed.Add(AMethodName);
+  end;
+
+begin
+  ERR_load_CT_strings := LoadFunction('ERR_load_CT_strings', AFailed);
+end;
+
+procedure UnLoad;
+begin
+  ERR_load_CT_strings := nil;
+end;
+{$ENDREGION}
+
+end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_dh.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_dh.pas
new file mode 100644
index 000000000..1ba2f8f94
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_dh.pas
@@ -0,0 +1,473 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 15:01:04
+
+unit IdOpenSSLHeaders_dh;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// dh.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  Classes,
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts,
+  IdOpenSSLHeaders_ossl_typ,
+  IdOpenSSLHeaders_evp;
+
+const
+  OPENSSL_DH_MAX_MODULUS_BITS      = 10000;
+  OPENSSL_DH_FIPS_MIN_MODULUS_BITS =  1024;
+
+  DH_FLAG_CACHE_MONT_P   =   $01;
+  DH_FLAG_FIPS_METHOD    = $0400;
+  DH_FLAG_NON_FIPS_ALLOW = $0400;
+
+  DH_GENERATOR_2 = 2;
+  DH_GENERATOR_5 = 5;
+
+  DH_CHECK_P_NOT_PRIME         = $01;
+  DH_CHECK_P_NOT_SAFE_PRIME    = $02;
+  DH_UNABLE_TO_CHECK_GENERATOR = $04;
+  DH_NOT_SUITABLE_GENERATOR    = $08;
+  DH_CHECK_Q_NOT_PRIME         = $10;
+  DH_CHECK_INVALID_Q_VALUE     = $20;
+  DH_CHECK_INVALID_J_VALUE     = $40;
+  DH_CHECK_PUBKEY_TOO_SMALL    = $01;
+  DH_CHECK_PUBKEY_TOO_LARGE    = $02;
+  DH_CHECK_PUBKEY_INVALID      = $04;
+  DH_CHECK_P_NOT_STRONG_PRIME  = DH_CHECK_P_NOT_SAFE_PRIME;
+
+  EVP_PKEY_DH_KDF_NONE  = 1;
+  EVP_PKEY_DH_KDF_X9_42 = 2;
+
+  EVP_PKEY_CTRL_DH_PARAMGEN_PRIME_LEN    = (EVP_PKEY_ALG_CTRL + 1);
+  EVP_PKEY_CTRL_DH_PARAMGEN_GENERATOR    = (EVP_PKEY_ALG_CTRL + 2);
+  EVP_PKEY_CTRL_DH_RFC5114               = (EVP_PKEY_ALG_CTRL + 3);
+  EVP_PKEY_CTRL_DH_PARAMGEN_SUBPRIME_LEN = (EVP_PKEY_ALG_CTRL + 4);
+  EVP_PKEY_CTRL_DH_PARAMGEN_TYPE         = (EVP_PKEY_ALG_CTRL + 5);
+  EVP_PKEY_CTRL_DH_KDF_TYPE              = (EVP_PKEY_ALG_CTRL + 6);
+  EVP_PKEY_CTRL_DH_KDF_MD                = (EVP_PKEY_ALG_CTRL + 7);
+  EVP_PKEY_CTRL_GET_DH_KDF_MD            = (EVP_PKEY_ALG_CTRL + 8);
+  EVP_PKEY_CTRL_DH_KDF_OUTLEN            = (EVP_PKEY_ALG_CTRL + 9);
+  EVP_PKEY_CTRL_GET_DH_KDF_OUTLEN        = (EVP_PKEY_ALG_CTRL + 10);
+  EVP_PKEY_CTRL_DH_KDF_UKM               = (EVP_PKEY_ALG_CTRL + 11);
+  EVP_PKEY_CTRL_GET_DH_KDF_UKM           = (EVP_PKEY_ALG_CTRL + 12);
+  EVP_PKEY_CTRL_DH_KDF_OID               = (EVP_PKEY_ALG_CTRL + 13);
+  EVP_PKEY_CTRL_GET_DH_KDF_OID           = (EVP_PKEY_ALG_CTRL + 14);
+  EVP_PKEY_CTRL_DH_NID                   = (EVP_PKEY_ALG_CTRL + 15);
+  EVP_PKEY_CTRL_DH_PAD                   = (EVP_PKEY_ALG_CTRL + 16);
+
+type
+  DH_meth_generate_key_cb = function(dh: PDH): TIdC_INT;
+  DH_meth_compute_key_cb = function(key: PByte; const pub_key: PBIGNUM; dh: PDH): TIdC_INT;
+  DH_meth_bn_mod_exp_cb = function(
+    const dh: PDH; r: PBIGNUM; const a: PBIGNUM;
+    const p: PBIGNUM; const m: PBIGNUM;
+    ctx: PBN_CTX; m_ctx: PBN_MONT_CTX): TIdC_INT;
+  DH_meth_init_cb = function(dh: PDH): TIdC_INT;
+  DH_meth_finish_cb = function(dh: PDH): TIdC_INT;
+  DH_meth_generate_params_cb = function(dh: PDH; prime_len: TIdC_INT; generator: TIdC_INT; cb: PBN_GENCB): TIdC_INT;
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+procedure UnLoad;
+{$ENDREGION}
+
+var
+{
+  # define DH_CHECK_P_NOT_STRONG_PRIME     DH_CHECK_P_NOT_SAFE_PRIME
+
+  # define d2i_DHparams_fp(fp,x) \
+      (DH *)ASN1_d2i_fp((char *(*)())DH_new, \
+                        (char *(*)())d2i_DHparams, \
+                        (fp), \
+                        (unsigned char **)(x))
+  # define i2d_DHparams_fp(fp,x) \
+      ASN1_i2d_fp(i2d_DHparams,(fp), (unsigned char *)(x))
+  # define d2i_DHparams_bio(bp,x) \
+      ASN1_d2i_bio_of(DH, DH_new, d2i_DHparams, bp, x)
+  # define i2d_DHparams_bio(bp,x) \
+      ASN1_i2d_bio_of_const(DH,i2d_DHparams,bp,x)
+
+  # define d2i_DHxparams_fp(fp,x) \
+      (DH *)ASN1_d2i_fp((char *(*)())DH_new, \
+                        (char *(*)())d2i_DHxparams, \
+                        (fp), \
+                        (unsigned char **)(x))
+  # define i2d_DHxparams_fp(fp,x) \
+      ASN1_i2d_fp(i2d_DHxparams,(fp), (unsigned char *)(x))
+  # define d2i_DHxparams_bio(bp,x) \
+      ASN1_d2i_bio_of(DH, DH_new, d2i_DHxparams, bp, x)
+  # define i2d_DHxparams_bio(bp,x) \
+      ASN1_i2d_bio_of_const(DH, i2d_DHxparams, bp, x)
+}
+
+  DHparams_dup: function(dh: PDH): PDH cdecl = nil;
+
+  DH_OpenSSL: function: PDH_Method cdecl = nil;
+
+  DH_set_default_method: procedure(const meth: PDH_Method) cdecl = nil;
+  DH_get_default_method: function: PDH_Method cdecl = nil;
+  DH_set_method: function(dh: PDH; const meth: PDH_Method): TIdC_INT cdecl = nil;
+  DH_new_method: function(engine: PENGINE): PDH cdecl = nil;
+
+  DH_new: function: PDH cdecl = nil;
+  DH_free: procedure(dh: PDH) cdecl = nil;
+  DH_up_ref: function(dh: PDH): TIdC_INT cdecl = nil;
+  DH_bits: function(const dh: PDH): TIdC_INT cdecl = nil;
+  DH_size: function(const dh: PDH): TIdC_INT cdecl = nil;
+  DH_security_bits: function(const dh: PDH): TIdC_INT cdecl = nil;
+  DH_set_ex_data: function(d: PDH; idx: TIdC_INT; arg: Pointer): TIdC_INT cdecl = nil;
+  DH_get_ex_data: function(d: PDH; idx: TIdC_INT): Pointer cdecl = nil;
+
+  DH_generate_parameters_ex: function(dh: PDH; prime_len: TIdC_INT; generator: TIdC_INT; cb: PBN_GENCB): TIdC_INT cdecl = nil;
+
+  DH_check_params_ex: function(const dh: PDH): TIdC_INT cdecl = nil;
+  DH_check_ex: function(const dh: PDH): TIdC_INT cdecl = nil;
+  DH_check_pub_key_ex: function(const dh: PDH; const pub_key: PBIGNUM): TIdC_INT cdecl = nil;
+  DH_check_params: function(const dh: PDH; ret: PIdC_INT): TIdC_INT cdecl = nil;
+  DH_check: function(const dh: PDH; codes: PIdC_INT): TIdC_INT cdecl = nil;
+  DH_check_pub_key: function(const dh: PDH; const pub_key: PBIGNUM; codes: PIdC_INT): TIdC_INT cdecl = nil;
+  DH_generate_key: function(dh: PDH): TIdC_INT cdecl = nil;
+  DH_compute_key: function(key: PByte; const pub_key: PBIGNUM; dh: PDH): TIdC_INT cdecl = nil;
+  DH_compute_key_padded: function(key: PByte; const pub_key: PBIGNUM; dh: PDH): TIdC_INT cdecl = nil;
+  d2i_DHparams: function(a: PPDH; const pp: PPByte; length: TIdC_LONG): PDH cdecl = nil;
+  i2d_DHparams: function(const a: PDH; pp: PPByte): TIdC_INT cdecl = nil;
+  d2i_DHxparams: function(a: PPDH; const pp: PPByte; length: TIdC_LONG): PDH cdecl = nil;
+  i2d_DHxparams: function(const a: PDH; pp: PPByte): TIdC_INT cdecl = nil;
+  DHparams_print: function(bp: PBIO; const x: PDH): TIdC_INT cdecl = nil;
+
+  DH_get_1024_160: function: PDH cdecl = nil;
+  DH_get_2048_224: function: PDH cdecl = nil;
+  DH_get_2048_256: function: PDH cdecl = nil;
+
+  DH_new_by_nid: function(nid: TIdC_INT): PDH cdecl = nil;
+  DH_get_nid: function(const dh: PDH): TIdC_INT cdecl = nil;
+
+  DH_KDF_X9_42: function( &out: PByte; outlen: TIdC_SIZET; const Z: PByte; Zlen: TIdC_SIZET; key_oid: PASN1_OBJECT; const ukm: PByte; ukmlen: TIdC_SIZET; const md: PEVP_MD): TIdC_INT cdecl = nil;
+
+  DH_get0_pqg: procedure(const dh: PDH; const p: PPBIGNUM; const q: PPBIGNUM; const g: PPBIGNUM) cdecl = nil;
+  DH_set0_pqg: function(dh: PDH; p: PBIGNUM; q: PBIGNUM; g: PBIGNUM): TIdC_INT cdecl = nil;
+  DH_get0_key: procedure(const dh: PDH; const pub_key: PPBIGNUM; const priv_key: PPBIGNUM) cdecl = nil;
+  DH_set0_key: function(dh: PDH; pub_key: PBIGNUM; priv_key: PBIGNUM): TIdC_INT cdecl = nil;
+  DH_get0_p: function(const dh: PDH): PBIGNUM cdecl = nil;
+  DH_get0_q: function(const dh: PDH): PBIGNUM cdecl = nil;
+  DH_get0_g: function(const dh: PDH): PBIGNUM cdecl = nil;
+  DH_get0_priv_key: function(const dh: PDH): PBIGNUM cdecl = nil;
+  DH_get0_pub_key: function(const dh: PDH): PBIGNUM cdecl = nil;
+  DH_clear_flags: procedure(dh: PDH; flags: TIdC_INT) cdecl = nil;
+  DH_test_flags: function(const dh: PDH; flags: TIdC_INT): TIdC_INT cdecl = nil;
+  DH_set_flags: procedure(dh: PDH; flags: TIdC_INT) cdecl = nil;
+  DH_get0_engine: function(d: PDH): PENGINE cdecl = nil;
+  DH_get_length: function(const dh: PDH): TIdC_LONG cdecl = nil;
+  DH_set_length: function(dh: PDH; length: TIdC_LONG): TIdC_INT cdecl = nil;
+
+  DH_meth_new: function(const name: PIdAnsiChar; flags: TIdC_INT): PDH_Method cdecl = nil;
+  DH_meth_free: procedure(dhm: PDH_Method) cdecl = nil;
+  DH_meth_dup: function(const dhm: PDH_Method): PDH_Method cdecl = nil;
+  DH_meth_get0_name: function(const dhm: PDH_Method): PIdAnsiChar cdecl = nil;
+  DH_meth_set1_name: function(dhm: PDH_Method; const name: PIdAnsiChar): TIdC_INT cdecl = nil;
+  DH_meth_get_flags: function(const dhm: PDH_Method): TIdC_INT cdecl = nil;
+  DH_meth_set_flags: function(const dhm: PDH_Method; flags: TIdC_INT): TIdC_INT cdecl = nil;
+  DH_meth_get0_app_data: function(const dhm: PDH_Method): Pointer cdecl = nil;
+  DH_meth_set0_app_data: function(const dhm: PDH_Method; app_data: Pointer): TIdC_INT cdecl = nil;
+
+  DH_meth_get_generate_key: function(const dhm: PDH_Method): DH_meth_generate_key_cb cdecl = nil;
+  DH_meth_set_generate_key: function(const dhm: PDH_Method; generate_key: DH_meth_generate_key_cb): TIdC_INT cdecl = nil;
+
+  DH_meth_get_compute_key: function(const dhm: PDH_Method): DH_meth_compute_key_cb cdecl = nil;
+  DH_meth_set_compute_key: function(const dhm: PDH_Method; compute_key: DH_meth_compute_key_cb): TIdC_INT cdecl = nil;
+
+  DH_meth_get_bn_mod_exp: function(const dhm: PDH_Method): DH_meth_bn_mod_exp_cb cdecl = nil;
+  DH_meth_set_bn_mod_exp: function(const dhm: PDH_Method; bn_mod_expr: DH_meth_bn_mod_exp_cb): TIdC_INT cdecl = nil;
+
+  DH_meth_get_init: function(const dhm: PDH_Method): DH_meth_init_cb cdecl = nil;
+  DH_meth_set_init: function(const dhm: PDH_Method; init: DH_meth_init_cb): TIdC_INT cdecl = nil;
+
+  DH_meth_get_finish: function(const dhm: PDH_Method): DH_meth_finish_cb cdecl = nil;
+  DH_meth_set_finish: function(const dhm: PDH_Method; finish: DH_meth_finish_cb): TIdC_INT cdecl = nil;
+
+  DH_meth_get_generate_params: function(const dhm: PDH_Method): DH_meth_generate_params_cb cdecl = nil;
+  DH_meth_set_generate_params: function(const dhm: PDH_Method; generate_params: DH_meth_generate_params_cb): TIdC_INT cdecl = nil;
+
+{
+# define EVP_PKEY_CTX_set_dh_paramgen_prime_len(ctx, len) \
+        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN, \
+                        EVP_PKEY_CTRL_DH_PARAMGEN_PRIME_LEN, len, NULL)
+
+# define EVP_PKEY_CTX_set_dh_paramgen_subprime_len(ctx, len) \
+        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN, \
+                        EVP_PKEY_CTRL_DH_PARAMGEN_SUBPRIME_LEN, len, NULL)
+
+# define EVP_PKEY_CTX_set_dh_paramgen_type(ctx, typ) \
+        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN, \
+                        EVP_PKEY_CTRL_DH_PARAMGEN_TYPE, typ, NULL)
+
+# define EVP_PKEY_CTX_set_dh_paramgen_generator(ctx, gen) \
+        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN, \
+                        EVP_PKEY_CTRL_DH_PARAMGEN_GENERATOR, gen, NULL)
+
+# define EVP_PKEY_CTX_set_dh_rfc5114(ctx, gen) \
+        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, EVP_PKEY_OP_PARAMGEN, \
+                        EVP_PKEY_CTRL_DH_RFC5114, gen, NULL)
+
+# define EVP_PKEY_CTX_set_dhx_rfc5114(ctx, gen) \
+        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, EVP_PKEY_OP_PARAMGEN, \
+                        EVP_PKEY_CTRL_DH_RFC5114, gen, NULL)
+
+# define EVP_PKEY_CTX_set_dh_nid(ctx, nid) \
+        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, \
+                        EVP_PKEY_OP_PARAMGEN | EVP_PKEY_OP_KEYGEN, \
+                        EVP_PKEY_CTRL_DH_NID, nid, NULL)
+
+# define EVP_PKEY_CTX_set_dh_pad(ctx, pad) \
+        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_DERIVE, \
+                          EVP_PKEY_CTRL_DH_PAD, pad, NULL)
+
+# define EVP_PKEY_CTX_set_dh_kdf_type(ctx, kdf) \
+        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
+                                EVP_PKEY_OP_DERIVE, \
+                                EVP_PKEY_CTRL_DH_KDF_TYPE, kdf, NULL)
+
+# define EVP_PKEY_CTX_get_dh_kdf_type(ctx) \
+        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
+                                EVP_PKEY_OP_DERIVE, \
+                                EVP_PKEY_CTRL_DH_KDF_TYPE, -2, NULL)
+
+# define EVP_PKEY_CTX_set0_dh_kdf_oid(ctx, oid) \
+        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
+                                EVP_PKEY_OP_DERIVE, \
+                                EVP_PKEY_CTRL_DH_KDF_OID, 0, (void *)(oid))
+
+# define EVP_PKEY_CTX_get0_dh_kdf_oid(ctx, poid) \
+        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
+                                EVP_PKEY_OP_DERIVE, \
+                                EVP_PKEY_CTRL_GET_DH_KDF_OID, 0, (void *)(poid))
+
+# define EVP_PKEY_CTX_set_dh_kdf_md(ctx, md) \
+        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
+                                EVP_PKEY_OP_DERIVE, \
+                                EVP_PKEY_CTRL_DH_KDF_MD, 0, (void *)(md))
+
+# define EVP_PKEY_CTX_get_dh_kdf_md(ctx, pmd) \
+        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
+                                EVP_PKEY_OP_DERIVE, \
+                                EVP_PKEY_CTRL_GET_DH_KDF_MD, 0, (void *)(pmd))
+
+# define EVP_PKEY_CTX_set_dh_kdf_outlen(ctx, len) \
+        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
+                                EVP_PKEY_OP_DERIVE, \
+                                EVP_PKEY_CTRL_DH_KDF_OUTLEN, len, NULL)
+
+# define EVP_PKEY_CTX_get_dh_kdf_outlen(ctx, plen) \
+        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
+                                EVP_PKEY_OP_DERIVE, \
+                        EVP_PKEY_CTRL_GET_DH_KDF_OUTLEN, 0, (void *)(plen))
+
+# define EVP_PKEY_CTX_set0_dh_kdf_ukm(ctx, p, plen) \
+        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
+                                EVP_PKEY_OP_DERIVE, \
+                                EVP_PKEY_CTRL_DH_KDF_UKM, plen, (void *)(p))
+
+# define EVP_PKEY_CTX_get0_dh_kdf_ukm(ctx, p) \
+        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
+                                EVP_PKEY_OP_DERIVE, \
+                                EVP_PKEY_CTRL_GET_DH_KDF_UKM, 0, (void *)(p))
+}
+
+implementation
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+
+  function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
+  begin
+    Result := LoadLibFunction(ADllHandle, AMethodName);
+    if not Assigned(Result) then
+      AFailed.Add(AMethodName);
+  end;
+
+begin
+  DHparams_dup := LoadFunction('DHparams_dup', AFailed);
+  DH_OpenSSL := LoadFunction('DH_OpenSSL', AFailed);
+  DH_set_default_method := LoadFunction('DH_set_default_method', AFailed);
+  DH_get_default_method := LoadFunction('DH_get_default_method', AFailed);
+  DH_set_method := LoadFunction('DH_set_method', AFailed);
+  DH_new_method := LoadFunction('DH_new_method', AFailed);
+  DH_new := LoadFunction('DH_new', AFailed);
+  DH_free := LoadFunction('DH_free', AFailed);
+  DH_up_ref := LoadFunction('DH_up_ref', AFailed);
+  DH_bits := LoadFunction('DH_bits', AFailed);
+  DH_size := LoadFunction('DH_size', AFailed);
+  DH_security_bits := LoadFunction('DH_security_bits', AFailed);
+  DH_set_ex_data := LoadFunction('DH_set_ex_data', AFailed);
+  DH_get_ex_data := LoadFunction('DH_get_ex_data', AFailed);
+  DH_generate_parameters_ex := LoadFunction('DH_generate_parameters_ex', AFailed);
+  DH_check_params_ex := LoadFunction('DH_check_params_ex', AFailed);
+  DH_check_ex := LoadFunction('DH_check_ex', AFailed);
+  DH_check_pub_key_ex := LoadFunction('DH_check_pub_key_ex', AFailed);
+  DH_check_params := LoadFunction('DH_check_params', AFailed);
+  DH_check := LoadFunction('DH_check', AFailed);
+  DH_check_pub_key := LoadFunction('DH_check_pub_key', AFailed);
+  DH_generate_key := LoadFunction('DH_generate_key', AFailed);
+  DH_compute_key := LoadFunction('DH_compute_key', AFailed);
+  DH_compute_key_padded := LoadFunction('DH_compute_key_padded', AFailed);
+  d2i_DHparams := LoadFunction('d2i_DHparams', AFailed);
+  i2d_DHparams := LoadFunction('i2d_DHparams', AFailed);
+  d2i_DHxparams := LoadFunction('d2i_DHxparams', AFailed);
+  i2d_DHxparams := LoadFunction('i2d_DHxparams', AFailed);
+  DHparams_print := LoadFunction('DHparams_print', AFailed);
+  DH_get_1024_160 := LoadFunction('DH_get_1024_160', AFailed);
+  DH_get_2048_224 := LoadFunction('DH_get_2048_224', AFailed);
+  DH_get_2048_256 := LoadFunction('DH_get_2048_256', AFailed);
+  DH_new_by_nid := LoadFunction('DH_new_by_nid', AFailed);
+  DH_get_nid := LoadFunction('DH_get_nid', AFailed);
+  DH_KDF_X9_42 := LoadFunction('DH_KDF_X9_42', AFailed);
+  DH_get0_pqg := LoadFunction('DH_get0_pqg', AFailed);
+  DH_set0_pqg := LoadFunction('DH_set0_pqg', AFailed);
+  DH_get0_key := LoadFunction('DH_get0_key', AFailed);
+  DH_set0_key := LoadFunction('DH_set0_key', AFailed);
+  DH_get0_p := LoadFunction('DH_get0_p', AFailed);
+  DH_get0_q := LoadFunction('DH_get0_q', AFailed);
+  DH_get0_g := LoadFunction('DH_get0_g', AFailed);
+  DH_get0_priv_key := LoadFunction('DH_get0_priv_key', AFailed);
+  DH_get0_pub_key := LoadFunction('DH_get0_pub_key', AFailed);
+  DH_clear_flags := LoadFunction('DH_clear_flags', AFailed);
+  DH_test_flags := LoadFunction('DH_test_flags', AFailed);
+  DH_set_flags := LoadFunction('DH_set_flags', AFailed);
+  DH_get0_engine := LoadFunction('DH_get0_engine', AFailed);
+  DH_get_length := LoadFunction('DH_get_length', AFailed);
+  DH_set_length := LoadFunction('DH_set_length', AFailed);
+  DH_meth_new := LoadFunction('DH_meth_new', AFailed);
+  DH_meth_free := LoadFunction('DH_meth_free', AFailed);
+  DH_meth_dup := LoadFunction('DH_meth_dup', AFailed);
+  DH_meth_get0_name := LoadFunction('DH_meth_get0_name', AFailed);
+  DH_meth_set1_name := LoadFunction('DH_meth_set1_name', AFailed);
+  DH_meth_get_flags := LoadFunction('DH_meth_get_flags', AFailed);
+  DH_meth_set_flags := LoadFunction('DH_meth_set_flags', AFailed);
+  DH_meth_get0_app_data := LoadFunction('DH_meth_get0_app_data', AFailed);
+  DH_meth_set0_app_data := LoadFunction('DH_meth_set0_app_data', AFailed);
+  DH_meth_get_generate_key := LoadFunction('DH_meth_get_generate_key', AFailed);
+  DH_meth_set_generate_key := LoadFunction('DH_meth_set_generate_key', AFailed);
+  DH_meth_get_compute_key := LoadFunction('DH_meth_get_compute_key', AFailed);
+  DH_meth_set_compute_key := LoadFunction('DH_meth_set_compute_key', AFailed);
+  DH_meth_get_bn_mod_exp := LoadFunction('DH_meth_get_bn_mod_exp', AFailed);
+  DH_meth_set_bn_mod_exp := LoadFunction('DH_meth_set_bn_mod_exp', AFailed);
+  DH_meth_get_init := LoadFunction('DH_meth_get_init', AFailed);
+  DH_meth_set_init := LoadFunction('DH_meth_set_init', AFailed);
+  DH_meth_get_finish := LoadFunction('DH_meth_get_finish', AFailed);
+  DH_meth_set_finish := LoadFunction('DH_meth_set_finish', AFailed);
+  DH_meth_get_generate_params := LoadFunction('DH_meth_get_generate_params', AFailed);
+  DH_meth_set_generate_params := LoadFunction('DH_meth_set_generate_params', AFailed);
+end;
+
+procedure UnLoad;
+begin
+  DHparams_dup := nil;
+  DH_OpenSSL := nil;
+  DH_set_default_method := nil;
+  DH_get_default_method := nil;
+  DH_set_method := nil;
+  DH_new_method := nil;
+  DH_new := nil;
+  DH_free := nil;
+  DH_up_ref := nil;
+  DH_bits := nil;
+  DH_size := nil;
+  DH_security_bits := nil;
+  DH_set_ex_data := nil;
+  DH_get_ex_data := nil;
+  DH_generate_parameters_ex := nil;
+  DH_check_params_ex := nil;
+  DH_check_ex := nil;
+  DH_check_pub_key_ex := nil;
+  DH_check_params := nil;
+  DH_check := nil;
+  DH_check_pub_key := nil;
+  DH_generate_key := nil;
+  DH_compute_key := nil;
+  DH_compute_key_padded := nil;
+  d2i_DHparams := nil;
+  i2d_DHparams := nil;
+  d2i_DHxparams := nil;
+  i2d_DHxparams := nil;
+  DHparams_print := nil;
+  DH_get_1024_160 := nil;
+  DH_get_2048_224 := nil;
+  DH_get_2048_256 := nil;
+  DH_new_by_nid := nil;
+  DH_get_nid := nil;
+  DH_KDF_X9_42 := nil;
+  DH_get0_pqg := nil;
+  DH_set0_pqg := nil;
+  DH_get0_key := nil;
+  DH_set0_key := nil;
+  DH_get0_p := nil;
+  DH_get0_q := nil;
+  DH_get0_g := nil;
+  DH_get0_priv_key := nil;
+  DH_get0_pub_key := nil;
+  DH_clear_flags := nil;
+  DH_test_flags := nil;
+  DH_set_flags := nil;
+  DH_get0_engine := nil;
+  DH_get_length := nil;
+  DH_set_length := nil;
+  DH_meth_new := nil;
+  DH_meth_free := nil;
+  DH_meth_dup := nil;
+  DH_meth_get0_name := nil;
+  DH_meth_set1_name := nil;
+  DH_meth_get_flags := nil;
+  DH_meth_set_flags := nil;
+  DH_meth_get0_app_data := nil;
+  DH_meth_set0_app_data := nil;
+  DH_meth_get_generate_key := nil;
+  DH_meth_set_generate_key := nil;
+  DH_meth_get_compute_key := nil;
+  DH_meth_set_compute_key := nil;
+  DH_meth_get_bn_mod_exp := nil;
+  DH_meth_set_bn_mod_exp := nil;
+  DH_meth_get_init := nil;
+  DH_meth_set_init := nil;
+  DH_meth_get_finish := nil;
+  DH_meth_set_finish := nil;
+  DH_meth_get_generate_params := nil;
+  DH_meth_set_generate_params := nil;
+end;
+{$ENDREGION}
+
+end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_dherr.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_dherr.pas
new file mode 100644
index 000000000..918fd5d09
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_dherr.pas
@@ -0,0 +1,135 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 15:01:04
+
+unit IdOpenSSLHeaders_dherr;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// dherr.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  Classes,
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+const
+  // DH function codes
+  DH_F_COMPUTE_KEY               = 102;
+  DH_F_DHPARAMS_PRINT_FP         = 101;
+  DH_F_DH_BUILTIN_GENPARAMS      = 106;
+  DH_F_DH_CHECK_EX               = 121;
+  DH_F_DH_CHECK_PARAMS_EX        = 122;
+  DH_F_DH_CHECK_PUB_KEY_EX       = 123;
+  DH_F_DH_CMS_DECRYPT            = 114;
+  DH_F_DH_CMS_SET_PEERKEY        = 115;
+  DH_F_DH_CMS_SET_SHARED_INFO    = 116;
+  DH_F_DH_METH_DUP               = 117;
+  DH_F_DH_METH_NEW               = 118;
+  DH_F_DH_METH_SET1_NAME         = 119;
+  DH_F_DH_NEW_BY_NID             = 104;
+  DH_F_DH_NEW_METHOD             = 105;
+  DH_F_DH_PARAM_DECODE           = 107;
+  DH_F_DH_PKEY_PUBLIC_CHECK      = 124;
+  DH_F_DH_PRIV_DECODE            = 110;
+  DH_F_DH_PRIV_ENCODE            = 111;
+  DH_F_DH_PUB_DECODE             = 108;
+  DH_F_DH_PUB_ENCODE             = 109;
+  DH_F_DO_DH_PRINT               = 100;
+  DH_F_GENERATE_KEY              = 103;
+  DH_F_PKEY_DH_CTRL_STR          = 120;
+  DH_F_PKEY_DH_DERIVE            = 112;
+  DH_F_PKEY_DH_INIT              = 125;
+  DH_F_PKEY_DH_KEYGEN            = 113;
+
+  // DH reason codes
+  DH_R_BAD_GENERATOR             = 101;
+  DH_R_BN_DECODE_ERROR           = 109;
+  DH_R_BN_ERROR                  = 106;
+  DH_R_CHECK_INVALID_J_VALUE     = 115;
+  DH_R_CHECK_INVALID_Q_VALUE     = 116;
+  DH_R_CHECK_PUBKEY_INVALID      = 122;
+  DH_R_CHECK_PUBKEY_TOO_LARGE    = 123;
+  DH_R_CHECK_PUBKEY_TOO_SMALL    = 124;
+  DH_R_CHECK_P_NOT_PRIME         = 117;
+  DH_R_CHECK_P_NOT_SAFE_PRIME    = 118;
+  DH_R_CHECK_Q_NOT_PRIME         = 119;
+  DH_R_DECODE_ERROR              = 104;
+  DH_R_INVALID_PARAMETER_NAME    = 110;
+  DH_R_INVALID_PARAMETER_NID     = 114;
+  DH_R_INVALID_PUBKEY            = 102;
+  DH_R_KDF_PARAMETER_ERROR       = 112;
+  DH_R_KEYS_NOT_SET              = 108;
+  DH_R_MISSING_PUBKEY            = 125;
+  DH_R_MODULUS_TOO_LARGE         = 103;
+  DH_R_NOT_SUITABLE_GENERATOR    = 120;
+  DH_R_NO_PARAMETERS_SET         = 107;
+  DH_R_NO_PRIVATE_VALUE          = 100;
+  DH_R_PARAMETER_ENCODING_ERROR  = 105;
+  DH_R_PEER_KEY_ERROR            = 111;
+  DH_R_SHARED_INFO_ERROR         = 113;
+  DH_R_UNABLE_TO_CHECK_GENERATOR = 121;
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+procedure UnLoad;
+{$ENDREGION}
+
+var
+  ERR_load_DH_strings: function: TIdC_INT cdecl = nil;
+
+implementation
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+
+  function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
+  begin
+    Result := LoadLibFunction(ADllHandle, AMethodName);
+    if not Assigned(Result) then
+      AFailed.Add(AMethodName);
+  end;
+
+begin
+  ERR_load_DH_strings := LoadFunction('ERR_load_DH_strings', AFailed);
+end;
+
+procedure UnLoad;
+begin
+  ERR_load_DH_strings := nil;
+end;
+{$ENDREGION}
+
+end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_dsa.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_dsa.pas
new file mode 100644
index 000000000..df6bc7446
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_dsa.pas
@@ -0,0 +1,380 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 15:01:04
+
+unit IdOpenSSLHeaders_dsa;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// dsa.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  Classes,
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts,
+  IdOpenSSLHeaders_ossl_typ,
+  IdOpenSSLHeaders_evp;
+
+const
+  OPENSSL_DSA_MAX_MODULUS_BITS = 10000;
+  OPENSSL_DSA_FIPS_MIN_MODULUS_BITS = 1024;
+  DSA_FLAG_CACHE_MONT_P = $01;
+  DSA_FLAG_NO_EXP_CONSTTIME = $00;
+  DSA_FLAG_FIPS_METHOD = $0400;
+  DSA_FLAG_NON_FIPS_ALLOW = $0400;
+  DSA_FLAG_FIPS_CHECKED = $0800;
+
+  DSS_prime_checks = 64;
+
+  EVP_PKEY_CTRL_DSA_PARAMGEN_BITS = EVP_PKEY_ALG_CTRL + 1;
+  EVP_PKEY_CTRL_DSA_PARAMGEN_Q_BITS = EVP_PKEY_ALG_CTRL + 2;
+  EVP_PKEY_CTRL_DSA_PARAMGEN_MD = EVP_PKEY_ALG_CTRL + 3;
+
+type
+  DSA_SIG = type Pointer; // DSA_SIG_st
+  PDSA_SIG = ^DSA_SIG;
+  PPDSA_SIG = ^PDSA_SIG;
+
+  DSA_meth_sign_cb = function (const v1: PByte; v2: TIdC_INT; v3: PDSA): PDSA_SIG cdecl;
+  DSA_meth_sign_setup_cb = function (v1: PDSA; v2: PBN_CTX;
+    v3: PPBIGNUM; v4: PPBIGNUM): TIdC_INT cdecl;
+  DSA_meth_verify_cb = function (const v1: PByte; v2: TIdC_INT;
+    v3: PDSA_SIG; v4: PDSA): TIdC_INT cdecl;
+  DSA_meth_mod_exp_cb = function (v1: PDSA; v2: PBIGNUM;
+    const v3: PBIGNUM; const v4: PBIGNUM; const v5: PBIGNUM; const v6: PBIGNUM;
+    const v7: PBIGNUM; v8: PBN_CTX; v9: PBN_MONT_CTX): TIdC_INT cdecl;
+  DSA_meth_bn_mod_exp_cb = function (v1: PDSA; v2: PBIGNUM;
+    const v3: PBIGNUM; const v4: PBIGNUM; const v5: PBIGNUM; v6: PBN_CTX; v7: PBN_MONT_CTX): TIdC_INT cdecl;
+  DSA_meth_init_cb = function(v1: PDSA): TIdC_INT cdecl;
+  DSA_meth_finish_cb = function (v1: PDSA): TIdC_INT cdecl;
+  DSA_meth_paramgen_cb = function (v1: PDSA; v2: TIdC_INT;
+    const v3: PByte; v4: TIdC_INT; v5: PIdC_INT; v6: PIdC_ULONG; v7: PBN_GENCB): TIdC_INT cdecl;
+  DSA_meth_keygen_cb = function (v1: PDSA): TIdC_INT cdecl;
+
+//# define d2i_DSAparams_fp(fp,x) (DSA *)ASN1_d2i_fp((char *(*)())DSA_new, \
+//                (char *(*)())d2i_DSAparams,(fp),(unsigned char **)(x))
+//# define i2d_DSAparams_fp(fp,x) ASN1_i2d_fp(i2d_DSAparams,(fp), \
+//                (unsigned char *)(x))
+//# define d2i_DSAparams_bio(bp,x) ASN1_d2i_bio_of(DSA,DSA_new,d2i_DSAparams,bp,x)
+//# define i2d_DSAparams_bio(bp,x) ASN1_i2d_bio_of_const(DSA,i2d_DSAparams,bp,x)
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+procedure UnLoad;
+{$ENDREGION}
+
+var
+  DSAparams_dup: function(x: PDSA): PDSA cdecl = nil;
+  DSA_SIG_new: function: PDSA_SIG cdecl = nil;
+  DSA_SIG_free: procedure(a: PDSA_SIG) cdecl = nil;
+  i2d_DSA_SIG: function(const a: PDSA_SIG; pp: PPByte): TIdC_INT cdecl = nil;
+  d2i_DSA_SIG: function(v: PPDSA_SIG; const pp: PPByte; length: TIdC_LONG): PDSA_SIG cdecl = nil;
+  DSA_SIG_get0: procedure(const sig: PDSA_SIG; const pr: PPBIGNUM; const ps: PPBIGNUM) cdecl = nil;
+  DSA_SIG_set0: function(sig: PDSA_SIG; r: PBIGNUM; s: PBIGNUM): TIdC_INT cdecl = nil;
+  
+  DSA_do_sign: function(const dgst: PByte; dlen: TIdC_INT; dsa: PDSA): PDSA_SIG cdecl = nil;
+  DSA_do_verify: function(const dgst: PByte; dgst_len: TIdC_INT; sig: PDSA_SIG; dsa: PDSA): TIdC_INT cdecl = nil;
+  
+  DSA_OpenSSL: function: PDSA_METHOD cdecl = nil;
+  DSA_set_default_method: procedure(const v1: PDSA_METHOD) cdecl = nil;
+  DSA_get_default_method: function: PDSA_METHOD cdecl = nil;
+  DSA_set_method: function(dsa: PDSA; const v1: PDSA_METHOD): TIdC_INT cdecl = nil;
+  DSA_get_method: function(d: PDSA): PDSA_METHOD cdecl = nil;
+
+  DSA_new: function: PDSA cdecl = nil;
+  DSA_new_method: function(engine: PENGINE): PDSA cdecl = nil;
+  DSA_free: procedure(r: PDSA) cdecl = nil;
+  (* "up" the DSA object's reference count *)
+  DSA_up_ref: function(r: PDSA): TIdC_INT cdecl = nil;
+  DSA_size: function(const v1: PDSA): TIdC_INT cdecl = nil;
+  DSA_bits: function(const d: PDSA): TIdC_INT cdecl = nil;
+  DSA_security_bits: function(const d: PDSA): TIdC_INT cdecl = nil;
+  DSA_sign: function(&type: TIdC_INT; const dgst: PByte; dlen: TIdC_INT; sig: PByte; siglen: PIdC_UINT; dsa: PDSA): TIdC_INT cdecl = nil;
+  DSA_verify: function(&type: TIdC_INT; const dgst: PByte; dgst_len: TIdC_INT; const sigbuf: PByte; siglen: TIdC_INT; dsa: PDSA): TIdC_INT cdecl = nil;
+  //#define DSA_get_ex_new_index(l, p, newf, dupf, freef) \
+  //    CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_DSA, l, p, newf, dupf, freef)
+  DSA_set_ex_data: function(d: PDSA; idx: TIdC_INT; arg: Pointer): TIdC_INT cdecl = nil;
+  DSA_get_ex_data: function(d: PDSA; idx: TIdC_INT): Pointer cdecl = nil;
+  
+  d2i_DSAPublicKey: function(a: PPDSA; const pp: PPByte; length: TIdC_LONG): PDSA cdecl = nil;
+  d2i_DSAPrivateKey: function(a: PPDSA; const pp: PPByte; length: TIdC_LONG): PDSA cdecl = nil;
+  d2i_DSAparams: function(a: PPDSA; const pp: PPByte; length: TIdC_LONG): PDSA cdecl = nil;
+
+  DSA_generate_parameters_ex: function(dsa: PDSA; bits: TIdC_INT; const seed: PByte; seed_len: TIdC_INT; counter_ret: PIdC_INT; h_ret: PIdC_ULONG; cb: PBN_GENCB): TIdC_INT cdecl = nil;
+
+  DSA_generate_key: function(a: PDSA): TIdC_INT cdecl = nil;
+  i2d_DSAPublicKey: function(const a: PDSA; pp: PPByte): TIdC_INT cdecl = nil;
+  i2d_DSAPrivateKey: function(const a: PDSA; pp: PPByte): TIdC_INT cdecl = nil;
+  i2d_DSAparams: function(const a: PDSA; pp: PPByte): TIdC_INT cdecl = nil;
+  
+  DSAparams_print: function(bp: PBIO; const x: PDSA): TIdC_INT cdecl = nil;
+  DSA_print: function(bp: PBIO; const x: PDSA; off: TIdC_INT): TIdC_INT cdecl = nil;
+//  function DSAparams_print_fp(fp: PFile; const x: PDSA): TIdC_INT;
+//  function DSA_print_fp(bp: PFile; const x: PDSA; off: TIdC_INT): TIdC_INT;
+
+  //# define DSA_is_prime(n, callback, cb_arg) \
+  //        BN_is_prime(n, DSS_prime_checks, callback, NULL, cb_arg)
+
+  (*
+   * Convert DSA structure (key or just parameters) into DH structure (be
+   * careful to avoid small subgroup attacks when using this!)
+   *)
+  DSA_dup_DH: function(const r: PDSA): PDH cdecl = nil;
+
+  //# define EVP_PKEY_CTX_set_dsa_paramgen_bits(ctx, nbits) \
+  //        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DSA, EVP_PKEY_OP_PARAMGEN, \
+  //                                EVP_PKEY_CTRL_DSA_PARAMGEN_BITS, nbits, NULL)
+  //# define EVP_PKEY_CTX_set_dsa_paramgen_q_bits(ctx, qbits) \
+  //        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DSA, EVP_PKEY_OP_PARAMGEN, \
+  //                                EVP_PKEY_CTRL_DSA_PARAMGEN_Q_BITS, qbits, NULL)
+  //# define EVP_PKEY_CTX_set_dsa_paramgen_md(ctx, md) \
+  //        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DSA, EVP_PKEY_OP_PARAMGEN, \
+  //                                EVP_PKEY_CTRL_DSA_PARAMGEN_MD, 0, (void *)(md))
+
+  DSA_get0_pqg: procedure(const d: PDSA; const p: PPBIGNUM; const q: PPBIGNUM; const g: PPBIGNUM) cdecl = nil;
+  DSA_set0_pqg: function(d: PDSA; p: PBIGNUM; q: PBIGNUM; g: PBIGNUM): TIdC_INT cdecl = nil;
+  DSA_get0_key: procedure(const d: PDSA; const pub_key: PPBIGNUM; const priv_key: PPBIGNUM) cdecl = nil;
+  DSA_set0_key: function(d: PDSA; pub_key: PBIGNUM; priv_key: PBIGNUM): TIdC_INT cdecl = nil;
+  DSA_get0_p: function(const d: PDSA): PBIGNUM cdecl = nil;
+  DSA_get0_q: function(const d: PDSA): PBIGNUM cdecl = nil;
+  DSA_get0_g: function(const d: PDSA): PBIGNUM cdecl = nil;
+  DSA_get0_pub_key: function(const d: PDSA): PBIGNUM cdecl = nil;
+  DSA_get0_priv_key: function(const d: PDSA): PBIGNUM cdecl = nil;
+  DSA_clear_flags: procedure(d: PDSA; flags: TIdC_INT) cdecl = nil;
+  DSA_test_flags: function(const d: PDSA; flags: TIdC_INT): TIdC_INT cdecl = nil;
+  DSA_set_flags: procedure(d: PDSA; flags: TIdC_INT) cdecl = nil;
+  DSA_get0_engine: function(d: PDSA): PENGINE cdecl = nil;
+  
+  DSA_meth_new: function(const name: PIdAnsiChar; flags: TIdC_INT): PDSA_METHOD cdecl = nil;
+  DSA_meth_free: procedure(dsam: PDSA_METHOD) cdecl = nil;
+  DSA_meth_dup: function(const dsam: PDSA_METHOD): PDSA_METHOD cdecl = nil;
+  DSA_meth_get0_name: function(const dsam: PDSA_METHOD): PIdAnsiChar cdecl = nil;
+  DSA_meth_set1_name: function(dsam: PDSA_METHOD; const name: PIdAnsiChar): TIdC_INT cdecl = nil;
+  DSA_meth_get_flags: function(const dsam: PDSA_METHOD): TIdC_INT cdecl = nil;
+  DSA_meth_set_flags: function(dsam: PDSA_METHOD; flags: TIdC_INT): TIdC_INT cdecl = nil;
+  DSA_meth_get0_app_data: function(const dsam: PDSA_METHOD): Pointer cdecl = nil;
+  DSA_meth_set0_app_data: function(dsam: PDSA_METHOD; app_data: Pointer): TIdC_INT cdecl = nil;
+  DSA_meth_get_sign: function(const dsam: PDSA_METHOD): DSA_meth_sign_cb cdecl = nil;
+  DSA_meth_set_sign: function(dsam: PDSA_METHOD; sign: DSA_meth_sign_cb): TIdC_INT cdecl = nil;
+  DSA_meth_get_sign_setup: function(const dsam: PDSA_METHOD): DSA_meth_sign_setup_cb cdecl = nil;
+  DSA_meth_set_sign_setup: function(dsam: PDSA_METHOD; sign_setup: DSA_meth_sign_setup_cb): TIdC_INT cdecl = nil;
+  DSA_meth_get_verify: function(const dsam: PDSA_METHOD): DSA_meth_verify_cb cdecl = nil;
+  DSA_meth_set_verify: function(dsam: PDSA_METHOD; verify: DSA_meth_verify_cb): TIdC_INT cdecl = nil;
+  DSA_meth_get_mod_exp: function(const dsam: PDSA_METHOD): DSA_meth_mod_exp_cb cdecl = nil;
+  DSA_meth_set_mod_exp: function(dsam: PDSA_METHOD; mod_exp: DSA_meth_mod_exp_cb): TIdC_INT cdecl = nil;
+  DSA_meth_get_bn_mod_exp: function(const dsam: PDSA_METHOD): DSA_meth_bn_mod_exp_cb cdecl = nil;
+  DSA_meth_set_bn_mod_exp: function(dsam: PDSA_METHOD; bn_mod_exp: DSA_meth_bn_mod_exp_cb): TIdC_INT cdecl = nil;
+  DSA_meth_get_init: function(const dsam: PDSA_METHOD): DSA_meth_init_cb cdecl = nil;
+  DSA_meth_set_init: function(dsam: PDSA_METHOD; init: DSA_meth_init_cb): TIdC_INT cdecl = nil;
+  DSA_meth_get_finish: function(const dsam: PDSA_METHOD): DSA_meth_finish_cb cdecl = nil;
+  DSA_meth_set_finish: function(dsam: PDSA_METHOD; finish: DSA_meth_finish_cb): TIdC_INT cdecl = nil;
+  DSA_meth_get_paramgen: function(const dsam: PDSA_METHOD): DSA_meth_paramgen_cb cdecl = nil;
+  DSA_meth_set_paramgen: function(dsam: PDSA_METHOD; paramgen: DSA_meth_paramgen_cb): TIdC_INT cdecl = nil;
+  DSA_meth_get_keygen: function(const dsam: PDSA_METHOD): DSA_meth_keygen_cb cdecl = nil;
+  DSA_meth_set_keygen: function(dsam: PDSA_METHOD; keygen: DSA_meth_keygen_cb): TIdC_INT cdecl = nil;
+
+implementation
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+
+  function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
+  begin
+    Result := LoadLibFunction(ADllHandle, AMethodName);
+    if not Assigned(Result) then
+      AFailed.Add(AMethodName);
+  end;
+
+begin
+  DSAparams_dup := LoadFunction('DSAparams_dup', AFailed);
+  DSA_SIG_new := LoadFunction('DSA_SIG_new', AFailed);
+  DSA_SIG_free := LoadFunction('DSA_SIG_free', AFailed);
+  i2d_DSA_SIG := LoadFunction('i2d_DSA_SIG', AFailed);
+  d2i_DSA_SIG := LoadFunction('d2i_DSA_SIG', AFailed);
+  DSA_SIG_get0 := LoadFunction('DSA_SIG_get0', AFailed);
+  DSA_SIG_set0 := LoadFunction('DSA_SIG_set0', AFailed);
+  DSA_do_sign := LoadFunction('DSA_do_sign', AFailed);
+  DSA_do_verify := LoadFunction('DSA_do_verify', AFailed);
+  DSA_OpenSSL := LoadFunction('DSA_OpenSSL', AFailed);
+  DSA_set_default_method := LoadFunction('DSA_set_default_method', AFailed);
+  DSA_get_default_method := LoadFunction('DSA_get_default_method', AFailed);
+  DSA_set_method := LoadFunction('DSA_set_method', AFailed);
+  DSA_get_method := LoadFunction('DSA_get_method', AFailed);
+  DSA_new := LoadFunction('DSA_new', AFailed);
+  DSA_new_method := LoadFunction('DSA_new_method', AFailed);
+  DSA_free := LoadFunction('DSA_free', AFailed);
+  DSA_up_ref := LoadFunction('DSA_up_ref', AFailed);
+  DSA_size := LoadFunction('DSA_size', AFailed);
+  DSA_bits := LoadFunction('DSA_bits', AFailed);
+  DSA_security_bits := LoadFunction('DSA_security_bits', AFailed);
+  DSA_sign := LoadFunction('DSA_sign', AFailed);
+  DSA_verify := LoadFunction('DSA_verify', AFailed);
+  DSA_set_ex_data := LoadFunction('DSA_set_ex_data', AFailed);
+  DSA_get_ex_data := LoadFunction('DSA_get_ex_data', AFailed);
+  d2i_DSAPublicKey := LoadFunction('d2i_DSAPublicKey', AFailed);
+  d2i_DSAPrivateKey := LoadFunction('d2i_DSAPrivateKey', AFailed);
+  d2i_DSAparams := LoadFunction('d2i_DSAparams', AFailed);
+  DSA_generate_parameters_ex := LoadFunction('DSA_generate_parameters_ex', AFailed);
+  DSA_generate_key := LoadFunction('DSA_generate_key', AFailed);
+  i2d_DSAPublicKey := LoadFunction('i2d_DSAPublicKey', AFailed);
+  i2d_DSAPrivateKey := LoadFunction('i2d_DSAPrivateKey', AFailed);
+  i2d_DSAparams := LoadFunction('i2d_DSAparams', AFailed);
+  DSAparams_print := LoadFunction('DSAparams_print', AFailed);
+  DSA_print := LoadFunction('DSA_print', AFailed);
+  DSA_dup_DH := LoadFunction('DSA_dup_DH', AFailed);
+  DSA_get0_pqg := LoadFunction('DSA_get0_pqg', AFailed);
+  DSA_set0_pqg := LoadFunction('DSA_set0_pqg', AFailed);
+  DSA_get0_key := LoadFunction('DSA_get0_key', AFailed);
+  DSA_set0_key := LoadFunction('DSA_set0_key', AFailed);
+  DSA_get0_p := LoadFunction('DSA_get0_p', AFailed);
+  DSA_get0_q := LoadFunction('DSA_get0_q', AFailed);
+  DSA_get0_g := LoadFunction('DSA_get0_g', AFailed);
+  DSA_get0_pub_key := LoadFunction('DSA_get0_pub_key', AFailed);
+  DSA_get0_priv_key := LoadFunction('DSA_get0_priv_key', AFailed);
+  DSA_clear_flags := LoadFunction('DSA_clear_flags', AFailed);
+  DSA_test_flags := LoadFunction('DSA_test_flags', AFailed);
+  DSA_set_flags := LoadFunction('DSA_set_flags', AFailed);
+  DSA_get0_engine := LoadFunction('DSA_get0_engine', AFailed);
+  DSA_meth_new := LoadFunction('DSA_meth_new', AFailed);
+  DSA_meth_free := LoadFunction('DSA_meth_free', AFailed);
+  DSA_meth_dup := LoadFunction('DSA_meth_dup', AFailed);
+  DSA_meth_get0_name := LoadFunction('DSA_meth_get0_name', AFailed);
+  DSA_meth_set1_name := LoadFunction('DSA_meth_set1_name', AFailed);
+  DSA_meth_get_flags := LoadFunction('DSA_meth_get_flags', AFailed);
+  DSA_meth_set_flags := LoadFunction('DSA_meth_set_flags', AFailed);
+  DSA_meth_get0_app_data := LoadFunction('DSA_meth_get0_app_data', AFailed);
+  DSA_meth_set0_app_data := LoadFunction('DSA_meth_set0_app_data', AFailed);
+  DSA_meth_get_sign := LoadFunction('DSA_meth_get_sign', AFailed);
+  DSA_meth_set_sign := LoadFunction('DSA_meth_set_sign', AFailed);
+  DSA_meth_get_sign_setup := LoadFunction('DSA_meth_get_sign_setup', AFailed);
+  DSA_meth_set_sign_setup := LoadFunction('DSA_meth_set_sign_setup', AFailed);
+  DSA_meth_get_verify := LoadFunction('DSA_meth_get_verify', AFailed);
+  DSA_meth_set_verify := LoadFunction('DSA_meth_set_verify', AFailed);
+  DSA_meth_get_mod_exp := LoadFunction('DSA_meth_get_mod_exp', AFailed);
+  DSA_meth_set_mod_exp := LoadFunction('DSA_meth_set_mod_exp', AFailed);
+  DSA_meth_get_bn_mod_exp := LoadFunction('DSA_meth_get_bn_mod_exp', AFailed);
+  DSA_meth_set_bn_mod_exp := LoadFunction('DSA_meth_set_bn_mod_exp', AFailed);
+  DSA_meth_get_init := LoadFunction('DSA_meth_get_init', AFailed);
+  DSA_meth_set_init := LoadFunction('DSA_meth_set_init', AFailed);
+  DSA_meth_get_finish := LoadFunction('DSA_meth_get_finish', AFailed);
+  DSA_meth_set_finish := LoadFunction('DSA_meth_set_finish', AFailed);
+  DSA_meth_get_paramgen := LoadFunction('DSA_meth_get_paramgen', AFailed);
+  DSA_meth_set_paramgen := LoadFunction('DSA_meth_set_paramgen', AFailed);
+  DSA_meth_get_keygen := LoadFunction('DSA_meth_get_keygen', AFailed);
+  DSA_meth_set_keygen := LoadFunction('DSA_meth_set_keygen', AFailed);
+end;
+
+procedure UnLoad;
+begin
+  DSAparams_dup := nil;
+  DSA_SIG_new := nil;
+  DSA_SIG_free := nil;
+  i2d_DSA_SIG := nil;
+  d2i_DSA_SIG := nil;
+  DSA_SIG_get0 := nil;
+  DSA_SIG_set0 := nil;
+  DSA_do_sign := nil;
+  DSA_do_verify := nil;
+  DSA_OpenSSL := nil;
+  DSA_set_default_method := nil;
+  DSA_get_default_method := nil;
+  DSA_set_method := nil;
+  DSA_get_method := nil;
+  DSA_new := nil;
+  DSA_new_method := nil;
+  DSA_free := nil;
+  DSA_up_ref := nil;
+  DSA_size := nil;
+  DSA_bits := nil;
+  DSA_security_bits := nil;
+  DSA_sign := nil;
+  DSA_verify := nil;
+  DSA_set_ex_data := nil;
+  DSA_get_ex_data := nil;
+  d2i_DSAPublicKey := nil;
+  d2i_DSAPrivateKey := nil;
+  d2i_DSAparams := nil;
+  DSA_generate_parameters_ex := nil;
+  DSA_generate_key := nil;
+  i2d_DSAPublicKey := nil;
+  i2d_DSAPrivateKey := nil;
+  i2d_DSAparams := nil;
+  DSAparams_print := nil;
+  DSA_print := nil;
+  DSA_dup_DH := nil;
+  DSA_get0_pqg := nil;
+  DSA_set0_pqg := nil;
+  DSA_get0_key := nil;
+  DSA_set0_key := nil;
+  DSA_get0_p := nil;
+  DSA_get0_q := nil;
+  DSA_get0_g := nil;
+  DSA_get0_pub_key := nil;
+  DSA_get0_priv_key := nil;
+  DSA_clear_flags := nil;
+  DSA_test_flags := nil;
+  DSA_set_flags := nil;
+  DSA_get0_engine := nil;
+  DSA_meth_new := nil;
+  DSA_meth_free := nil;
+  DSA_meth_dup := nil;
+  DSA_meth_get0_name := nil;
+  DSA_meth_set1_name := nil;
+  DSA_meth_get_flags := nil;
+  DSA_meth_set_flags := nil;
+  DSA_meth_get0_app_data := nil;
+  DSA_meth_set0_app_data := nil;
+  DSA_meth_get_sign := nil;
+  DSA_meth_set_sign := nil;
+  DSA_meth_get_sign_setup := nil;
+  DSA_meth_set_sign_setup := nil;
+  DSA_meth_get_verify := nil;
+  DSA_meth_set_verify := nil;
+  DSA_meth_get_mod_exp := nil;
+  DSA_meth_set_mod_exp := nil;
+  DSA_meth_get_bn_mod_exp := nil;
+  DSA_meth_set_bn_mod_exp := nil;
+  DSA_meth_get_init := nil;
+  DSA_meth_set_init := nil;
+  DSA_meth_get_finish := nil;
+  DSA_meth_set_finish := nil;
+  DSA_meth_get_paramgen := nil;
+  DSA_meth_set_paramgen := nil;
+  DSA_meth_get_keygen := nil;
+  DSA_meth_set_keygen := nil;
+end;
+{$ENDREGION}
+
+end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_dsaerr.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_dsaerr.pas
new file mode 100644
index 000000000..421977e0f
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_dsaerr.pas
@@ -0,0 +1,123 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 15:01:04
+
+unit IdOpenSSLHeaders_dsaerr;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// dsaerr.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  Classes,
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+const
+  ///*
+  // * DSA function codes.
+  // */
+  DSA_F_DSAPARAMS_PRINT = 100;
+  DSA_F_DSAPARAMS_PRINT_FP = 101;
+  DSA_F_DSA_BUILTIN_PARAMGEN = 125;
+  DSA_F_DSA_BUILTIN_PARAMGEN2 = 126;
+  DSA_F_DSA_DO_SIGN = 112;
+  DSA_F_DSA_DO_VERIFY = 113;
+  DSA_F_DSA_METH_DUP = 127;
+  DSA_F_DSA_METH_NEW = 128;
+  DSA_F_DSA_METH_SET1_NAME = 129;
+  DSA_F_DSA_NEW_METHOD = 103;
+  DSA_F_DSA_PARAM_DECODE = 119;
+  DSA_F_DSA_PRINT_FP = 105;
+  DSA_F_DSA_PRIV_DECODE = 115;
+  DSA_F_DSA_PRIV_ENCODE = 116;
+  DSA_F_DSA_PUB_DECODE = 117;
+  DSA_F_DSA_PUB_ENCODE = 118;
+  DSA_F_DSA_SIGN = 106;
+  DSA_F_DSA_SIGN_SETUP = 107;
+  DSA_F_DSA_SIG_NEW = 102;
+  DSA_F_OLD_DSA_PRIV_DECODE = 122;
+  DSA_F_PKEY_DSA_CTRL = 120;
+  DSA_F_PKEY_DSA_CTRL_STR = 104;
+  DSA_F_PKEY_DSA_KEYGEN = 121;
+
+  ///*
+  // * DSA reason codes.
+  // */
+  DSA_R_BAD_Q_VALUE = 102;
+  DSA_R_BN_DECODE_ERROR = 108;
+  DSA_R_BN_ERROR = 109;
+  DSA_R_DECODE_ERROR = 104;
+  DSA_R_INVALID_DIGEST_TYPE = 106;
+  DSA_R_INVALID_PARAMETERS = 112;
+  DSA_R_MISSING_PARAMETERS = 101;
+  DSA_R_MISSING_PRIVATE_KEY = 111;
+  DSA_R_MODULUS_TOO_LARGE = 103;
+  DSA_R_NO_PARAMETERS_SET = 107;
+  DSA_R_PARAMETER_ENCODING_ERROR = 105;
+  DSA_R_Q_NOT_PRIME = 113;
+  DSA_R_SEED_LEN_SMALL = 110;
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+procedure UnLoad;
+{$ENDREGION}
+
+var
+  ERR_load_DSA_strings: function: TIdC_INT cdecl = nil;
+
+implementation
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+
+  function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
+  begin
+    Result := LoadLibFunction(ADllHandle, AMethodName);
+    if not Assigned(Result) then
+      AFailed.Add(AMethodName);
+  end;
+
+begin
+  ERR_load_DSA_strings := LoadFunction('ERR_load_DSA_strings', AFailed);
+end;
+
+procedure UnLoad;
+begin
+  ERR_load_DSA_strings := nil;
+end;
+{$ENDREGION}
+
+end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ebcdic.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ebcdic.pas
new file mode 100644
index 000000000..8d739173b
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ebcdic.pas
@@ -0,0 +1,85 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 15:01:04
+
+unit IdOpenSSLHeaders_ebcdic;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// ebcdic.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  Classes,
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+procedure UnLoad;
+{$ENDREGION}
+
+var
+
+  //extern const unsigned char os_toascii[256];
+  //extern const unsigned char os_toebcdic[256];
+
+  ebcdic2ascii: function(dest: Pointer; const srce: Pointer; count: TIdC_SIZET): Pointer cdecl = nil;
+  ascii2ebcdic: function(dest: Pointer; const srce: Pointer; count: TIdC_SIZET): Pointer cdecl = nil;
+
+implementation
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+
+  function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
+  begin
+    Result := LoadLibFunction(ADllHandle, AMethodName);
+    if not Assigned(Result) then
+      AFailed.Add(AMethodName);
+  end;
+
+begin
+  ebcdic2ascii := LoadFunction('ebcdic2ascii', AFailed);
+  ascii2ebcdic := LoadFunction('ascii2ebcdic', AFailed);
+end;
+
+procedure UnLoad;
+begin
+  ebcdic2ascii := nil;
+  ascii2ebcdic := nil;
+end;
+{$ENDREGION}
+
+end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ec.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ec.pas
new file mode 100644
index 000000000..99cc78a16
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ec.pas
@@ -0,0 +1,727 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 15:01:04
+
+unit IdOpenSSLHeaders_ec;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// ec.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  Classes,
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts,
+  IdOpenSSLHeaders_ossl_typ,
+  IdOpenSSLHeaders_evp;
+
+const
+  OPENSSL_EC_EXPLICIT_CURVE = $000;
+  OPENSSL_EC_NAMED_CURVE    = $001;
+  EC_PKEY_NO_PARAMETERS = $001;
+  EC_PKEY_NO_PUBKEY     = $002;
+  EC_FLAG_NON_FIPS_ALLOW = $1;
+  EC_FLAG_FIPS_CHECKED   = $2;
+  EC_FLAG_COFACTOR_ECDH  = $1000;
+  EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID = (EVP_PKEY_ALG_CTRL + 1);
+  EVP_PKEY_CTRL_EC_PARAM_ENC          = (EVP_PKEY_ALG_CTRL + 2);
+  EVP_PKEY_CTRL_EC_ECDH_COFACTOR      = (EVP_PKEY_ALG_CTRL + 3);
+  EVP_PKEY_CTRL_EC_KDF_TYPE           = (EVP_PKEY_ALG_CTRL + 4);
+  EVP_PKEY_CTRL_EC_KDF_MD             = (EVP_PKEY_ALG_CTRL + 5);
+  EVP_PKEY_CTRL_GET_EC_KDF_MD         = (EVP_PKEY_ALG_CTRL + 6);
+  EVP_PKEY_CTRL_EC_KDF_OUTLEN         = (EVP_PKEY_ALG_CTRL + 7);
+  EVP_PKEY_CTRL_GET_EC_KDF_OUTLEN     = (EVP_PKEY_ALG_CTRL + 8);
+  EVP_PKEY_CTRL_EC_KDF_UKM            = (EVP_PKEY_ALG_CTRL + 9);
+  EVP_PKEY_CTRL_GET_EC_KDF_UKM        = (EVP_PKEY_ALG_CTRL + 10);
+  EVP_PKEY_CTRL_SET1_ID               = (EVP_PKEY_ALG_CTRL + 11);
+  EVP_PKEY_CTRL_GET1_ID               = (EVP_PKEY_ALG_CTRL + 12);
+  EVP_PKEY_CTRL_GET1_ID_LEN           = (EVP_PKEY_ALG_CTRL + 13);
+  EVP_PKEY_ECDH_KDF_NONE              = 1;
+  EVP_PKEY_ECDH_KDF_X9_63             = 2;
+  EVP_PKEY_ECDH_KDF_X9_62             = EVP_PKEY_ECDH_KDF_X9_63;
+
+type
+  {$MINENUMSIZE 4}
+  point_conversion_form_t = (
+    POINT_CONVERSION_COMPRESSED = 2,
+    POINT_CONVERSION_UNCOMPRESSED = 4,
+    POINT_CONVERSION_HYBRID = 6
+  );
+
+  EC_METHOD = type Pointer; // ec_method_st
+  PEC_METHOD = ^EC_METHOD;
+  
+  EC_GROUP = type Pointer; // ec_group_st
+  PEC_GROUP = ^EC_GROUP;
+  PPEC_GROUP = ^PEC_GROUP;
+  
+  EC_POINT = type Pointer; // ec_point_st
+  PEC_POINT = ^EC_POINT;
+  PPEC_POINT = ^PEC_POINT;
+  
+  ECPKPARAMETERS = type Pointer; // ecpk_parameters_st
+  PECPKPARAMETERS = ^ECPKPARAMETERS;
+  
+  ECPARAMETERS = type Pointer; // ec_parameters_st
+  PECPARAMETERS = ^ECPARAMETERS;
+
+  EC_builtin_curve = record
+    nid: TIdC_INT;
+    comment: PIdAnsiChar;
+  end;
+  PEC_builtin_curve = ^EC_builtin_curve;
+
+  ECDSA_SIG = type Pointer; // ECDSA_SIG_st
+  PECDSA_SIG = ^ECDSA_SIG;
+  PPECDSA_SIG = ^PECDSA_SIG;
+
+  ECDH_compute_key_KDF = function(const &in: Pointer; inlen: TIdC_SIZET; &out: Pointer; outlen: PIdC_SIZET): Pointer; cdecl;
+
+  EC_KEY_METHOD_init_init = function(key: PEC_KEY): TIdC_INT; cdecl;
+  EC_KEY_METHOD_init_finish = procedure(key: PEC_KEY); cdecl;
+  EC_KEY_METHOD_init_copy = function(dest: PEC_KEY; const src: PEC_KEY): TIdC_INT; cdecl;
+  EC_KEY_METHOD_init_set_group = function(key: PEC_KEY; const grp: PEC_GROUP): TIdC_INT; cdecl;
+  EC_KEY_METHOD_init_set_private = function(key: PEC_KEY; const priv_key: PBIGNUM): TIdC_INT; cdecl;
+  EC_KEY_METHOD_init_set_public = function(key: PEC_KEY; const pub_key: PEC_POINT): TIdC_INT; cdecl;
+
+  EC_KEY_METHOD_keygen_keygen = function(key: PEC_KEY): TIdC_INT; cdecl;
+
+  EC_KEY_METHOD_compute_key_ckey = function(psec: PPByte; pseclen: PIdC_SIZET; const pub_key: PEC_POINT; const ecdh: PEC_KEY): TIdC_INT; cdecl;
+
+  EC_KEY_METHOD_sign_sign = function(&type: TIdC_INT; const dgst: PByte; dlen: TIdC_INT; sig: PByte; siglen: PIdC_UINT; const kinv: PBIGNUM; const r: PBIGNUM; eckey: PEC_KEY): TIdC_INT; cdecl;
+  EC_KEY_METHOD_sign_sign_setup = function(eckey: PEC_KEY; ctx_in: PBN_CTX; kinvp: PPBIGNUM; rp: PPBIGNUM): TIdC_INT; cdecl;
+  EC_KEY_METHOD_sign_sign_sig = function(const dgst: PByte; dgst_len: TIdC_INT; const in_kinv: PBIGNUM; const in_r: PBIGNUM; eckey: PEC_KEY): PECDSA_SIG; cdecl;
+
+  EC_KEY_METHOD_verify_verify = function(&type: TIdC_INT; const dgst: PByte; dgst_len: TIdC_INT; const sigbuf: PByte; sig_len: TIdC_INT; eckey: PEC_KEY): TIdC_INT; cdecl;
+  EC_KEY_METHOD_verify_verify_sig = function(const dgst: PByte; dgst_len: TIdC_INT; const sig: PECDSA_SIG; eckey: PEC_KEY): TIdC_INT; cdecl;
+
+  PEC_KEY_METHOD_init_init = ^EC_KEY_METHOD_init_init;
+  PEC_KEY_METHOD_init_finish = ^EC_KEY_METHOD_init_finish;
+  PEC_KEY_METHOD_init_copy = ^EC_KEY_METHOD_init_copy;
+  PEC_KEY_METHOD_init_set_group = ^EC_KEY_METHOD_init_set_group;
+  PEC_KEY_METHOD_init_set_private = ^EC_KEY_METHOD_init_set_private;
+  PEC_KEY_METHOD_init_set_public = ^EC_KEY_METHOD_init_set_public;
+
+  PEC_KEY_METHOD_keygen_keygen = ^EC_KEY_METHOD_keygen_keygen;
+
+  PEC_KEY_METHOD_compute_key_ckey = ^EC_KEY_METHOD_compute_key_ckey;
+
+  PEC_KEY_METHOD_sign_sign = ^EC_KEY_METHOD_sign_sign;
+  PEC_KEY_METHOD_sign_sign_setup = ^EC_KEY_METHOD_sign_sign_setup;
+  PEC_KEY_METHOD_sign_sign_sig = ^EC_KEY_METHOD_sign_sign_sig;
+
+  PEC_KEY_METHOD_verify_verify = ^EC_KEY_METHOD_verify_verify;
+  PEC_KEY_METHOD_verify_verify_sig = ^EC_KEY_METHOD_verify_verify_sig;
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+procedure UnLoad;
+{$ENDREGION}
+
+var
+  EC_GFp_simple_method: function: PEC_METHOD cdecl = nil;
+  EC_GFp_mont_method: function: PEC_METHOD cdecl = nil;
+  EC_GFp_nist_method: function: PEC_METHOD cdecl = nil;
+  EC_GFp_nistp224_method: function: PEC_METHOD cdecl = nil;
+  EC_GFp_nistp256_method: function: PEC_METHOD cdecl = nil;
+  EC_GFp_nistp521_method: function: PEC_METHOD cdecl = nil;
+
+  EC_GF2m_simple_method: function: PEC_METHOD cdecl = nil;
+
+  EC_GROUP_new: function(const meth: PEC_METHOD): PEC_GROUP cdecl = nil;
+  EC_GROUP_free: procedure(group: PEC_GROUP) cdecl = nil;
+  EC_GROUP_clear_free: procedure(group: PEC_GROUP) cdecl = nil;
+  EC_GROUP_copy: function(dst: PEC_GROUP; const src: PEC_GROUP): TIdC_INT cdecl = nil;
+  EC_GROUP_dup: function(const src: PEC_GROUP): PEC_GROUP cdecl = nil;
+  EC_GROUP_method_of: function(const group: PEC_GROUP): PEC_GROUP cdecl = nil;
+  EC_METHOD_get_field_type: function(const meth: PEC_METHOD): TIdC_INT cdecl = nil;
+  EC_GROUP_set_generator: function(group: PEC_GROUP; const generator: PEC_POINT; const order: PBIGNUM; const cofactor: PBIGNUM): TIdC_INT cdecl = nil;
+  EC_GROUP_get0_generator: function(const group: PEC_GROUP): PEC_POINT cdecl = nil;
+  EC_GROUP_get_mont_data: function(const group: PEC_GROUP): PBN_MONT_CTX cdecl = nil;
+  EC_GROUP_get_order: function(const group: PEC_GROUP; order: PBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl = nil;
+  EC_GROUP_get0_order: function(const group: PEC_GROUP): PBIGNUM cdecl = nil;
+  EC_GROUP_order_bits: function(const group: PEC_GROUP): TIdC_INT cdecl = nil;
+  EC_GROUP_get_cofactor: function(const group: PEC_GROUP; cofactor: PBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl = nil;
+  EC_GROUP_get0_cofactor: function(const group: PEC_GROUP): PBIGNUM cdecl = nil;
+  EC_GROUP_set_curve_name: procedure(group: PEC_GROUP; nid: TIdC_INT) cdecl = nil;
+  EC_GROUP_get_curve_name: function(const group: PEC_GROUP): TIdC_INT cdecl = nil;
+
+  EC_GROUP_set_asn1_flag: procedure(group: PEC_GROUP; flag: TIdC_INT) cdecl = nil;
+  EC_GROUP_get_asn1_flag: function(const group: PEC_GROUP): TIdC_INT cdecl = nil;
+
+  EC_GROUP_set_point_conversion_form: procedure(group: PEC_GROUP; form: point_conversion_form_t) cdecl = nil;
+  EC_GROUP_get_point_conversion_form: function(const group: PEC_GROUP): point_conversion_form_t cdecl = nil;
+
+  EC_GROUP_get0_seed: function(const x: PEC_GROUP): PByte cdecl = nil;
+  EC_GROUP_get_seed_len: function(const x: PEC_GROUP): TIdC_SIZET cdecl = nil;
+  EC_GROUP_set_seed: function(x: PEC_GROUP; const p: PByte; len: TIdC_SIZET): TIdC_SIZET cdecl = nil;
+
+  EC_GROUP_set_curve: function(group: PEC_GROUP; const p: PBIGNUM; const a: PBIGNUM; const b: PBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl = nil;
+  EC_GROUP_get_curve: function(const group: PEC_GROUP; p: PBIGNUM; a: PBIGNUM; b: PBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl = nil;
+  EC_GROUP_set_curve_GFp: function(group: PEC_GROUP; const p: PBIGNUM; const a: PBIGNUM; const b: PBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl = nil;
+  EC_GROUP_get_curve_GFp: function(const group: PEC_GROUP; p: PBIGNUM; a: PBIGNUM; b: PBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl = nil;
+  EC_GROUP_set_curve_GF2m: function(group: PEC_GROUP; const p: PBIGNUM; const a: PBIGNUM; const b:PBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl = nil;
+  EC_GROUP_get_curve_GF2m: function(const group: PEC_GROUP; p: PBIGNUM; a: PBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl = nil;
+
+  EC_GROUP_get_degree: function(const group: PEC_GROUP): TIdC_INT cdecl = nil;
+  EC_GROUP_check: function(const group: PEC_GROUP; ctx: PBN_CTX): TIdC_INT cdecl = nil;
+  EC_GROUP_check_discriminant: function(const group: PEC_GROUP; ctx: PBN_CTX): TIdC_INT cdecl = nil;
+  EC_GROUP_cmp: function(const a: PEC_GROUP; const b: PEC_GROUP; ctx: PBN_CTX): TIdC_INT cdecl = nil;
+
+  EC_GROUP_new_curve_GFp: function(const p: PBIGNUM; const a: PBIGNUM; const b: PBIGNUM; ctx: PBN_CTX): PEC_GROUP cdecl = nil;
+  EC_GROUP_new_curve_GF2m: function(const p: PBIGNUM; const a: PBIGNUM; const b: PBIGNUM; ctx: PBN_CTX): PEC_GROUP cdecl = nil;
+  EC_GROUP_new_by_curve_name: function(nid: TIdC_INT): PEC_GROUP cdecl = nil;
+  EC_GROUP_new_from_ecparameters: function(const params: PECPARAMETERS): PEC_GROUP cdecl = nil;
+  EC_GROUP_get_ecparameters: function(const group: PEC_GROUP; params: PECPARAMETERS): PECPARAMETERS cdecl = nil;
+  EC_GROUP_new_from_ecpkparameters: function(const params: PECPKPARAMETERS): PEC_GROUP cdecl = nil;
+  EC_GROUP_get_ecpkparameters: function(const group: PEC_GROUP; params: PECPKPARAMETERS): PECPKPARAMETERS cdecl = nil;
+
+  EC_get_builtin_curves: function(r: PEC_builtin_curve; nitems: TIdC_SIZET): TIdC_SIZET cdecl = nil;
+
+  EC_curve_nid2nist: function(nid: TIdC_INT): PIdAnsiChar cdecl = nil;
+  EC_curve_nist2nid: function(const name: PIdAnsiChar): TIdC_INT cdecl = nil;
+
+  EC_POINT_new: function(const group: PEC_GROUP): PEC_POINT cdecl = nil;
+  EC_POINT_free: procedure(point: PEC_POINT) cdecl = nil;
+  EC_POINT_clear_free: procedure(point: PEC_POINT) cdecl = nil;
+  EC_POINT_copy: function(dst: PEC_POINT; const src: PEC_POINT): TIdC_INT cdecl = nil;
+  EC_POINT_dup: function(const src: PEC_POINT; const group: PEC_GROUP): PEC_POINT cdecl = nil;
+  EC_POINT_method_of: function(const point: PEC_POINT): PEC_METHOD cdecl = nil;
+  EC_POINT_set_to_infinity: function(const group: PEC_GROUP; point: PEC_POINT): TIdC_INT cdecl = nil;
+  EC_POINT_set_Jprojective_coordinates_GFp: function(const group: PEC_GROUP; p: PEC_POINT; const x: PBIGNUM; const y: PBIGNUM; const z: PBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl = nil;
+  EC_POINT_get_Jprojective_coordinates_GFp: function(const group: PEC_METHOD; const p: PEC_POINT; x: PBIGNUM; y: PBIGNUM; z: PBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl = nil;
+  EC_POINT_set_affine_coordinates: function(const group: PEC_GROUP; p: PEC_POINT; const x: PBIGNUM; const y: PBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl = nil;
+  EC_POINT_get_affine_coordinates: function(const group: PEC_GROUP; const p: PEC_POINT; x: PBIGNUM; y: PBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl = nil;
+  EC_POINT_set_affine_coordinates_GFp: function(const group: PEC_GROUP; p: PEC_POINT; const x: PBIGNUM; const y: PBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl = nil;
+  EC_POINT_get_affine_coordinates_GFp: function(const group: PEC_GROUP; const p: PEC_POINT; x: PBIGNUM; y: PBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl = nil;
+  EC_POINT_set_compressed_coordinates: function(const group: PEC_GROUP; p: PEC_POINT; x: PBIGNUM; y_bit: TIdC_INT; ctx: PBN_CTX): TIdC_INT cdecl = nil;
+  EC_POINT_set_compressed_coordinates_GFp: function(const group: PEC_GROUP; p: PEC_POINT; const x: PBIGNUM; y_bit: TIdC_INT; ctx: PBN_CTX): TIdC_INT cdecl = nil;
+  EC_POINT_set_affine_coordinates_GF2m: function(const group: PEC_GROUP; p: PEC_POINT; const x: PBIGNUM; const y: PBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl = nil;
+  EC_POINT_get_affine_coordinates_GF2m: function(const group: PEC_GROUP; p: PEC_POINT; x: PBIGNUM; y: PBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl = nil;
+  EC_POINT_set_compressed_coordinates_GF2m: function(const group: PEC_GROUP; p: PEC_POINT; const x: PBIGNUM; y_bit: TIdC_INT; ctx: PBN_CTX): TIdC_INT cdecl = nil;
+
+  EC_POINT_point2oct: function(const group: PEC_GROUP; const p: PEC_POINT; form: point_conversion_form_t; buf: PByte; len: TIdC_SIZET; ctx: PBN_CTX): TIdC_SIZET cdecl = nil;
+  EC_POINT_oct2point: function(const group: PEC_GROUP; p: PEC_POINT; const buf: PByte; len: TIdC_SIZET; ctx: PBN_CTX): TIdC_INT cdecl = nil;
+  EC_POINT_point2buf: function(const group: PEC_GROUP; const point: PEC_POINT; form: point_conversion_form_t; pbuf: PPByte; ctx: PBN_CTX): TIdC_SIZET cdecl = nil;
+  EC_POINT_point2bn: function(const group: PEC_GROUP; const p: PEC_POINT; form: point_conversion_form_t; bn: PBIGNUM; ctx: PBN_CTX): PBIGNUM cdecl = nil;
+  EC_POINT_bn2point: function(const group: PEC_GROUP; const bn: PBIGNUM; p: PEC_POINT; ctx: PBN_CTX): PEC_POINT cdecl = nil;
+  EC_POINT_point2hex: function(const group: PEC_GROUP; const p: PEC_POINT; form: point_conversion_form_t; ctx: PBN_CTX): PIdAnsiChar cdecl = nil;
+  EC_POINT_hex2point: function(const group: PEC_GROUP; const buf: PIdAnsiChar; p: PEC_POINT; ctx: PBN_CTX): PEC_POINT cdecl = nil;
+
+  EC_POINT_add: function(const group: PEC_GROUP; r: PEC_POINT; const a: PEC_POINT; const b: PEC_POINT; ctx: PBN_CTX): TIdC_INT cdecl = nil;
+  EC_POINT_dbl: function(const group: PEC_GROUP; r: PEC_POINT; const a: PEC_POINT; ctx: PBN_CTX): TIdC_INT cdecl = nil;
+  EC_POINT_invert: function(const group: PEC_GROUP; a: PEC_POINT; ctx: PBN_CTX): TIdC_INT cdecl = nil;
+  EC_POINT_is_at_infinity: function(const group: PEC_GROUP; const p: PEC_POINT): TIdC_INT cdecl = nil;
+  EC_POINT_is_on_curve: function(const group: PEC_GROUP; const point: PEC_POINT; ctx: PBN_CTX): TIdC_INT cdecl = nil;
+  EC_POINT_cmp: function(const group: PEC_GROUP; const a: PEC_POINT; const b: PEC_POINT; ctx: PBN_CTX): TIdC_INT cdecl = nil;
+  EC_POINT_make_affine: function(const group: PEC_GROUP; point: PEC_POINT; ctx: PBN_CTX): TIdC_INT cdecl = nil;
+  EC_POINTs_make_affine: function(const group: PEC_METHOD; num: TIdC_SIZET; points: PPEC_POINT; ctx: PBN_CTX): TIdC_INT cdecl = nil;
+  EC_POINTs_mul: function(const group: PEC_GROUP; r: PEC_POINT; const n: PBIGNUM; num: TIdC_SIZET; const p: PPEC_POINT; const m: PPBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl = nil;
+  EC_POINT_mul: function(const group: PEC_GROUP; r: PEC_POINT; const n: PBIGNUM; const q: PEC_POINT; const m: PBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl = nil;
+
+  EC_GROUP_precompute_mult: function(group: PEC_GROUP; ctx: PBN_CTX): TIdC_INT cdecl = nil;
+  EC_GROUP_have_precompute_mult: function(const group: PEC_GROUP): TIdC_INT cdecl = nil;
+
+  ECPKPARAMETERS_it: function: PASN1_ITEM cdecl = nil;
+  ECPKPARAMETERS_new: function: PECPKPARAMETERS cdecl = nil;
+  ECPKPARAMETERS_free: procedure(a: PECPKPARAMETERS) cdecl = nil;
+
+  ECPARAMETERS_it: function: PASN1_ITEM cdecl = nil;
+  ECPARAMETERS_new: function: PECPARAMETERS cdecl = nil;
+  ECPARAMETERS_free: procedure(a: PECPARAMETERS) cdecl = nil;
+
+  EC_GROUP_get_basis_type: function(const group: PEC_GROUP): TIdC_INT cdecl = nil;
+  EC_GROUP_get_trinomial_basis: function(const group: PEC_GROUP; k: PIdC_UINT): TIdC_INT cdecl = nil;
+  EC_GROUP_get_pentanomial_basis: function(const group: PEC_GROUP; k1: PIdC_UINT; k2: PIdC_UINT; k3: PIdC_UINT): TIdC_INT cdecl = nil;
+
+  d2i_ECPKParameters: function(group: PPEC_GROUP; const &in: PPByte; len: TIdC_LONG): PEC_GROUP cdecl = nil;
+  i2d_ECPKParameters: function(const group: PEC_GROUP; &out: PPByte): TIdC_INT cdecl = nil;
+
+  ECPKParameters_print: function(bp: PBIO; const x: PEC_GROUP; off: TIdC_INT): TIdC_INT cdecl = nil;
+
+  EC_KEY_new: function: PEC_KEY cdecl = nil;
+  EC_KEY_get_flags: function(const key: PEC_KEY): TIdC_INT cdecl = nil;
+  EC_KEY_set_flags: procedure(key: PEC_KEY; flags: TIdC_INT) cdecl = nil;
+  EC_KEY_clear_flags: procedure(key: PEC_KEY; flags: TIdC_INT) cdecl = nil;
+  EC_KEY_new_by_curve_name: function(nid: TIdC_INT): PEC_KEY cdecl = nil;
+  EC_KEY_free: procedure(key: PEC_KEY) cdecl = nil;
+  EC_KEY_copy: function(dst: PEC_KEY; const src: PEC_KEY): PEC_KEY cdecl = nil;
+  EC_KEY_dup: function(const src: PEC_KEY): PEC_KEY cdecl = nil;
+  EC_KEY_up_ref: function(key: PEC_KEY): TIdC_INT cdecl = nil;
+  EC_KEY_get0_engine: function(const eckey: PEC_KEY): PENGINE cdecl = nil;
+  EC_KEY_get0_group: function(const key: PEC_KEY): PEC_GROUP cdecl = nil;
+  EC_KEY_set_group: function(key: PEC_KEY; const group: PEC_GROUP): TIdC_INT cdecl = nil;
+  EC_KEY_get0_private_key: function(const key: PEC_KEY): PBIGNUM cdecl = nil;
+  EC_KEY_set_private_key: function(const key: PEC_KEY; const prv: PBIGNUM): TIdC_INT cdecl = nil;
+  EC_KEY_get0_public_key: function(const key: PEC_KEY): PEC_POINT cdecl = nil;
+  EC_KEY_set_public_key: function(key: PEC_KEY; const pub: PEC_POINT): TIdC_INT cdecl = nil;
+  EC_KEY_get_enc_flags: function(const key: PEC_KEY): TIdC_UINT cdecl = nil;
+  EC_KEY_set_enc_flags: procedure(eckey: PEC_KEY; flags: TIdC_UINT) cdecl = nil;
+  EC_KEY_get_conv_form: function(const key: Pec_key_st): point_conversion_form_t cdecl = nil;
+  EC_KEY_set_conv_form: procedure(eckey: PEC_KEY; cform: point_conversion_form_t) cdecl = nil;
+  EC_KEY_set_ex_data: function(key: PEC_KEY; idx: TIdC_INT; arg: Pointer): TIdC_INT cdecl = nil;
+  EC_KEY_get_ex_data: function(const key: PEC_KEY; idx: TIdC_INT): Pointer cdecl = nil;
+  EC_KEY_set_asn1_flag: procedure(eckey: PEC_KEY; asn1_flag: TIdC_INT) cdecl = nil;
+  EC_KEY_precompute_mult: function(key: PEC_KEY; ctx: PBN_CTX): TIdC_INT cdecl = nil;
+  EC_KEY_generate_key: function(key: PEC_KEY): TIdC_INT cdecl = nil;
+  EC_KEY_check_key: function(const key: PEC_KEY): TIdC_INT cdecl = nil;
+  EC_KEY_can_sign: function(const eckey: PEC_KEY): TIdC_INT cdecl = nil;
+  EC_KEY_set_public_key_affine_coordinates: function(key: PEC_KEY; x: PBIGNUM; y: PBIGNUM): TIdC_INT cdecl = nil;
+  EC_KEY_key2buf: function(const key: PEC_KEY; form: point_conversion_form_t; pbuf: PPByte; ctx: PBN_CTX): TIdC_SIZET cdecl = nil;
+  EC_KEY_oct2key: function(key: PEC_KEY; const buf: PByte; len: TIdC_SIZET; ctx: PBN_CTX): TIdC_INT cdecl = nil;
+  EC_KEY_oct2priv: function(key: PEC_KEY; const buf: PByte; len: TIdC_SIZET): TIdC_INT cdecl = nil;
+  EC_KEY_priv2oct: function(const key: PEC_KEY; buf: PByte; len: TIdC_SIZET): TIdC_SIZET cdecl = nil;
+  EC_KEY_priv2buf: function(const eckey: PEC_KEY; buf: PPByte): TIdC_SIZET cdecl = nil;
+
+  d2i_ECPrivateKey: function(key: PPEC_KEY; const &in: PPByte; len: TIdC_LONG): PEC_KEY cdecl = nil;
+  i2d_ECPrivateKey: function(key: PEC_KEY; &out: PPByte): TIdC_INT cdecl = nil;
+  o2i_ECPublicKey: function(key: PPEC_KEY; const &in: PPByte; len: TIdC_LONG): PEC_KEY cdecl = nil;
+  i2o_ECPublicKey: function(const key: PEC_KEY; &out: PPByte): TIdC_INT cdecl = nil;
+
+  ECParameters_print: function(bp: PBIO; const key: PEC_KEY): TIdC_INT cdecl = nil;
+  EC_KEY_print: function(bp: PBIO; const key: PEC_KEY; off: TIdC_INT): TIdC_INT cdecl = nil;
+
+  EC_KEY_OpenSSL: function: PEC_KEY_METHOD cdecl = nil;
+  EC_KEY_get_default_method: function: PEC_KEY_METHOD cdecl = nil;
+  EC_KEY_set_default_method: procedure(const meth: PEC_KEY_METHOD) cdecl = nil;
+  EC_KEY_get_method: function(const key: PEC_KEY): PEC_KEY_METHOD cdecl = nil;
+  EC_KEY_set_method: function(key: PEC_KEY; const meth: PEC_KEY_METHOD): TIdC_INT cdecl = nil;
+  EC_KEY_new_method: function(engine: PENGINE): PEC_KEY cdecl = nil;
+
+  ECDH_KDF_X9_62: function(&out: PByte; outlen: TIdC_SIZET; const Z: PByte; Zlen: TIdC_SIZET; const sinfo: PByte; sinfolen: TIdC_SIZET; const md: PEVP_MD): TIdC_INT cdecl = nil;
+  ECDH_compute_key: function(&out: Pointer; oulen: TIdC_SIZET; const pub_key: PEC_POINT; const ecdh: PEC_KEY; kdf: ECDH_compute_key_KDF): TIdC_INT cdecl = nil;
+
+  ECDSA_SIG_new: function: PECDSA_SIG cdecl = nil;
+  ECDSA_SIG_free: procedure(sig: PECDSA_SIG) cdecl = nil;
+  i2d_ECDSA_SIG: function(const sig: PECDSA_SIG; pp: PPByte): TIdC_INT cdecl = nil;
+  d2i_ECDSA_SIG: function(sig: PPECDSA_SIG; const pp: PPByte; len: TIdC_LONG): PECDSA_SIG cdecl = nil;
+  ECDSA_SIG_get0: procedure(const sig: PECDSA_SIG; const pr: PPBIGNUM; const ps: PPBIGNUM) cdecl = nil;
+  ECDSA_SIG_get0_r: function(const sig: PECDSA_SIG): PBIGNUM cdecl = nil;
+  ECDSA_SIG_get0_s: function(const sig: PECDSA_SIG): PBIGNUM cdecl = nil;
+  ECDSA_SIG_set0: function(sig: PECDSA_SIG; r: PBIGNUM; s: PBIGNUM): TIdC_INT cdecl = nil;
+  ECDSA_do_sign: function(const dgst: PByte; dgst_len: TIdC_INT; eckey: PEC_KEY): PECDSA_SIG cdecl = nil;
+  ECDSA_do_sign_ex: function(const dgst: PByte; dgst_len: TIdC_INT; const kinv: PBIGNUM; const rp: PBIGNUM; eckey: PEC_KEY): PECDSA_SIG cdecl = nil;
+  ECDSA_do_verify: function(const dgst: PByte; dgst_len: TIdC_INT; const sig: PECDSA_SIG; eckey: PEC_KEY): TIdC_INT cdecl = nil;
+  ECDSA_sign_setup: function(eckey: PEC_KEY; ctx: PBN_CTX; kiv: PPBIGNUM; rp: PPBIGNUM): TIdC_INT cdecl = nil;
+  ECDSA_sign: function(&type: TIdC_INT; const dgst: PByte; dgstlen: TIdC_INT; sig: PByte; siglen: PIdC_UINT; eckey: PEC_KEY): TIdC_INT cdecl = nil;
+  ECDSA_sign_ex: function(&type: TIdC_INT; const dgst: PByte; dgstlen: TIdC_INT; sig: PByte; siglen: PIdC_UINT; const kinv: PBIGNUM; const rp: PBIGNUM; eckey: PEC_KEY): TIdC_INT cdecl = nil;
+  ECDSA_verify: function(&type: TIdC_INT; const dgst: PByte; dgstlen: TIdC_INT; const sig: PByte; siglen: TIdC_INT; eckey: PEC_KEY): TIdC_INT cdecl = nil;
+  ECDSA_size: function(const eckey: PEC_KEY): TIdC_INT cdecl = nil;
+
+  EC_KEY_METHOD_new: function(const meth: PEC_KEY_METHOD): PEC_KEY_METHOD cdecl = nil;
+  EC_KEY_METHOD_free: procedure(meth: PEC_KEY_METHOD) cdecl = nil;
+  EC_KEY_METHOD_set_init: procedure(meth: PEC_KEY_METHOD; init: EC_KEY_METHOD_init_init; finish: EC_KEY_METHOD_init_finish; copy: EC_KEY_METHOD_init_copy; set_group: EC_KEY_METHOD_init_set_group; set_private: EC_KEY_METHOD_init_set_private; set_public: EC_KEY_METHOD_init_set_public) cdecl = nil;
+  EC_KEY_METHOD_set_keygen: procedure(meth: PEC_KEY_METHOD; keygen: EC_KEY_METHOD_keygen_keygen) cdecl = nil;
+  EC_KEY_METHOD_set_compute_key: procedure(meth: PEC_KEY_METHOD; ckey: EC_KEY_METHOD_compute_key_ckey) cdecl = nil;
+  EC_KEY_METHOD_set_sign: procedure(meth: PEC_KEY_METHOD; sign: EC_KEY_METHOD_sign_sign; sign_setup: EC_KEY_METHOD_sign_sign_setup; sign_sig: EC_KEY_METHOD_sign_sign_sig) cdecl = nil;
+  EC_KEY_METHOD_set_verify: procedure(meth: PEC_KEY_METHOD; verify: EC_KEY_METHOD_verify_verify; verify_sig: EC_KEY_METHOD_verify_verify_sig) cdecl = nil;
+
+  EC_KEY_METHOD_get_init: procedure(const meth: PEC_KEY_METHOD; pinit: PEC_KEY_METHOD_init_init; pfinish: PEC_KEY_METHOD_init_finish; pcopy: PEC_KEY_METHOD_init_copy; pset_group: PEC_KEY_METHOD_init_set_group; pset_private: PEC_KEY_METHOD_init_set_private; pset_public: PEC_KEY_METHOD_init_set_public) cdecl = nil;
+  EC_KEY_METHOD_get_keygen: procedure(const meth: PEC_KEY_METHOD; pkeygen: PEC_KEY_METHOD_keygen_keygen) cdecl = nil;
+  EC_KEY_METHOD_get_compute_key: procedure(const meth: PEC_KEY_METHOD; pck: PEC_KEY_METHOD_compute_key_ckey) cdecl = nil;
+  EC_KEY_METHOD_get_sign: procedure(const meth: PEC_KEY_METHOD; psign: PEC_KEY_METHOD_sign_sign; psign_setup: PEC_KEY_METHOD_sign_sign_setup; psign_sig: PEC_KEY_METHOD_sign_sign_sig) cdecl = nil;
+  EC_KEY_METHOD_get_verify: procedure(const meth: PEC_KEY_METHOD; pverify: PEC_KEY_METHOD_verify_verify; pverify_sig: PEC_KEY_METHOD_verify_verify_sig) cdecl = nil;
+
+implementation
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+
+  function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
+  begin
+    Result := LoadLibFunction(ADllHandle, AMethodName);
+    if not Assigned(Result) then
+      AFailed.Add(AMethodName);
+  end;
+
+begin
+  EC_GFp_simple_method := LoadFunction('EC_GFp_simple_method', AFailed);
+  EC_GFp_mont_method := LoadFunction('EC_GFp_mont_method', AFailed);
+  EC_GFp_nist_method := LoadFunction('EC_GFp_nist_method', AFailed);
+  EC_GFp_nistp224_method := LoadFunction('EC_GFp_nistp224_method', AFailed);
+  EC_GFp_nistp256_method := LoadFunction('EC_GFp_nistp256_method', AFailed);
+  EC_GFp_nistp521_method := LoadFunction('EC_GFp_nistp521_method', AFailed);
+  EC_GF2m_simple_method := LoadFunction('EC_GF2m_simple_method', AFailed);
+  EC_GROUP_new := LoadFunction('EC_GROUP_new', AFailed);
+  EC_GROUP_free := LoadFunction('EC_GROUP_free', AFailed);
+  EC_GROUP_clear_free := LoadFunction('EC_GROUP_clear_free', AFailed);
+  EC_GROUP_copy := LoadFunction('EC_GROUP_copy', AFailed);
+  EC_GROUP_dup := LoadFunction('EC_GROUP_dup', AFailed);
+  EC_GROUP_method_of := LoadFunction('EC_GROUP_method_of', AFailed);
+  EC_METHOD_get_field_type := LoadFunction('EC_METHOD_get_field_type', AFailed);
+  EC_GROUP_set_generator := LoadFunction('EC_GROUP_set_generator', AFailed);
+  EC_GROUP_get0_generator := LoadFunction('EC_GROUP_get0_generator', AFailed);
+  EC_GROUP_get_mont_data := LoadFunction('EC_GROUP_get_mont_data', AFailed);
+  EC_GROUP_get_order := LoadFunction('EC_GROUP_get_order', AFailed);
+  EC_GROUP_get0_order := LoadFunction('EC_GROUP_get0_order', AFailed);
+  EC_GROUP_order_bits := LoadFunction('EC_GROUP_order_bits', AFailed);
+  EC_GROUP_get_cofactor := LoadFunction('EC_GROUP_get_cofactor', AFailed);
+  EC_GROUP_get0_cofactor := LoadFunction('EC_GROUP_get0_cofactor', AFailed);
+  EC_GROUP_set_curve_name := LoadFunction('EC_GROUP_set_curve_name', AFailed);
+  EC_GROUP_get_curve_name := LoadFunction('EC_GROUP_get_curve_name', AFailed);
+  EC_GROUP_set_asn1_flag := LoadFunction('EC_GROUP_set_asn1_flag', AFailed);
+  EC_GROUP_get_asn1_flag := LoadFunction('EC_GROUP_get_asn1_flag', AFailed);
+  EC_GROUP_set_point_conversion_form := LoadFunction('EC_GROUP_set_point_conversion_form', AFailed);
+  EC_GROUP_get_point_conversion_form := LoadFunction('EC_GROUP_get_point_conversion_form', AFailed);
+  EC_GROUP_get0_seed := LoadFunction('EC_GROUP_get0_seed', AFailed);
+  EC_GROUP_get_seed_len := LoadFunction('EC_GROUP_get_seed_len', AFailed);
+  EC_GROUP_set_seed := LoadFunction('EC_GROUP_set_seed', AFailed);
+  EC_GROUP_set_curve := LoadFunction('EC_GROUP_set_curve', AFailed);
+  EC_GROUP_get_curve := LoadFunction('EC_GROUP_get_curve', AFailed);
+  EC_GROUP_set_curve_GFp := LoadFunction('EC_GROUP_set_curve_GFp', AFailed);
+  EC_GROUP_get_curve_GFp := LoadFunction('EC_GROUP_get_curve_GFp', AFailed);
+  EC_GROUP_set_curve_GF2m := LoadFunction('EC_GROUP_set_curve_GF2m', AFailed);
+  EC_GROUP_get_curve_GF2m := LoadFunction('EC_GROUP_get_curve_GF2m', AFailed);
+  EC_GROUP_get_degree := LoadFunction('EC_GROUP_get_degree', AFailed);
+  EC_GROUP_check := LoadFunction('EC_GROUP_check', AFailed);
+  EC_GROUP_check_discriminant := LoadFunction('EC_GROUP_check_discriminant', AFailed);
+  EC_GROUP_cmp := LoadFunction('EC_GROUP_cmp', AFailed);
+  EC_GROUP_new_curve_GFp := LoadFunction('EC_GROUP_new_curve_GFp', AFailed);
+  EC_GROUP_new_curve_GF2m := LoadFunction('EC_GROUP_new_curve_GF2m', AFailed);
+  EC_GROUP_new_by_curve_name := LoadFunction('EC_GROUP_new_by_curve_name', AFailed);
+  EC_GROUP_new_from_ecparameters := LoadFunction('EC_GROUP_new_from_ecparameters', AFailed);
+  EC_GROUP_get_ecparameters := LoadFunction('EC_GROUP_get_ecparameters', AFailed);
+  EC_GROUP_new_from_ecpkparameters := LoadFunction('EC_GROUP_new_from_ecpkparameters', AFailed);
+  EC_GROUP_get_ecpkparameters := LoadFunction('EC_GROUP_get_ecpkparameters', AFailed);
+  EC_get_builtin_curves := LoadFunction('EC_get_builtin_curves', AFailed);
+  EC_curve_nid2nist := LoadFunction('EC_curve_nid2nist', AFailed);
+  EC_curve_nist2nid := LoadFunction('EC_curve_nist2nid', AFailed);
+  EC_POINT_new := LoadFunction('EC_POINT_new', AFailed);
+  EC_POINT_free := LoadFunction('EC_POINT_free', AFailed);
+  EC_POINT_clear_free := LoadFunction('EC_POINT_clear_free', AFailed);
+  EC_POINT_copy := LoadFunction('EC_POINT_copy', AFailed);
+  EC_POINT_dup := LoadFunction('EC_POINT_dup', AFailed);
+  EC_POINT_method_of := LoadFunction('EC_POINT_method_of', AFailed);
+  EC_POINT_set_to_infinity := LoadFunction('EC_POINT_set_to_infinity', AFailed);
+  EC_POINT_set_Jprojective_coordinates_GFp := LoadFunction('EC_POINT_set_Jprojective_coordinates_GFp', AFailed);
+  EC_POINT_get_Jprojective_coordinates_GFp := LoadFunction('EC_POINT_get_Jprojective_coordinates_GFp', AFailed);
+  EC_POINT_set_affine_coordinates := LoadFunction('EC_POINT_set_affine_coordinates', AFailed);
+  EC_POINT_get_affine_coordinates := LoadFunction('EC_POINT_get_affine_coordinates', AFailed);
+  EC_POINT_set_affine_coordinates_GFp := LoadFunction('EC_POINT_set_affine_coordinates_GFp', AFailed);
+  EC_POINT_get_affine_coordinates_GFp := LoadFunction('EC_POINT_get_affine_coordinates_GFp', AFailed);
+  EC_POINT_set_compressed_coordinates := LoadFunction('EC_POINT_set_compressed_coordinates', AFailed);
+  EC_POINT_set_compressed_coordinates_GFp := LoadFunction('EC_POINT_set_compressed_coordinates_GFp', AFailed);
+  EC_POINT_set_affine_coordinates_GF2m := LoadFunction('EC_POINT_set_affine_coordinates_GF2m', AFailed);
+  EC_POINT_get_affine_coordinates_GF2m := LoadFunction('EC_POINT_get_affine_coordinates_GF2m', AFailed);
+  EC_POINT_set_compressed_coordinates_GF2m := LoadFunction('EC_POINT_set_compressed_coordinates_GF2m', AFailed);
+  EC_POINT_point2oct := LoadFunction('EC_POINT_point2oct', AFailed);
+  EC_POINT_oct2point := LoadFunction('EC_POINT_oct2point', AFailed);
+  EC_POINT_point2buf := LoadFunction('EC_POINT_point2buf', AFailed);
+  EC_POINT_point2bn := LoadFunction('EC_POINT_point2bn', AFailed);
+  EC_POINT_bn2point := LoadFunction('EC_POINT_bn2point', AFailed);
+  EC_POINT_point2hex := LoadFunction('EC_POINT_point2hex', AFailed);
+  EC_POINT_hex2point := LoadFunction('EC_POINT_hex2point', AFailed);
+  EC_POINT_add := LoadFunction('EC_POINT_add', AFailed);
+  EC_POINT_dbl := LoadFunction('EC_POINT_dbl', AFailed);
+  EC_POINT_invert := LoadFunction('EC_POINT_invert', AFailed);
+  EC_POINT_is_at_infinity := LoadFunction('EC_POINT_is_at_infinity', AFailed);
+  EC_POINT_is_on_curve := LoadFunction('EC_POINT_is_on_curve', AFailed);
+  EC_POINT_cmp := LoadFunction('EC_POINT_cmp', AFailed);
+  EC_POINT_make_affine := LoadFunction('EC_POINT_make_affine', AFailed);
+  EC_POINTs_make_affine := LoadFunction('EC_POINTs_make_affine', AFailed);
+  EC_POINTs_mul := LoadFunction('EC_POINTs_mul', AFailed);
+  EC_POINT_mul := LoadFunction('EC_POINT_mul', AFailed);
+  EC_GROUP_precompute_mult := LoadFunction('EC_GROUP_precompute_mult', AFailed);
+  EC_GROUP_have_precompute_mult := LoadFunction('EC_GROUP_have_precompute_mult', AFailed);
+  ECPKPARAMETERS_it := LoadFunction('ECPKPARAMETERS_it', AFailed);
+  ECPKPARAMETERS_new := LoadFunction('ECPKPARAMETERS_new', AFailed);
+  ECPKPARAMETERS_free := LoadFunction('ECPKPARAMETERS_free', AFailed);
+  ECPARAMETERS_it := LoadFunction('ECPARAMETERS_it', AFailed);
+  ECPARAMETERS_new := LoadFunction('ECPARAMETERS_new', AFailed);
+  ECPARAMETERS_free := LoadFunction('ECPARAMETERS_free', AFailed);
+  EC_GROUP_get_basis_type := LoadFunction('EC_GROUP_get_basis_type', AFailed);
+  EC_GROUP_get_trinomial_basis := LoadFunction('EC_GROUP_get_trinomial_basis', AFailed);
+  EC_GROUP_get_pentanomial_basis := LoadFunction('EC_GROUP_get_pentanomial_basis', AFailed);
+  d2i_ECPKParameters := LoadFunction('d2i_ECPKParameters', AFailed);
+  i2d_ECPKParameters := LoadFunction('i2d_ECPKParameters', AFailed);
+  ECPKParameters_print := LoadFunction('ECPKParameters_print', AFailed);
+  EC_KEY_new := LoadFunction('EC_KEY_new', AFailed);
+  EC_KEY_get_flags := LoadFunction('EC_KEY_get_flags', AFailed);
+  EC_KEY_set_flags := LoadFunction('EC_KEY_set_flags', AFailed);
+  EC_KEY_clear_flags := LoadFunction('EC_KEY_clear_flags', AFailed);
+  EC_KEY_new_by_curve_name := LoadFunction('EC_KEY_new_by_curve_name', AFailed);
+  EC_KEY_free := LoadFunction('EC_KEY_free', AFailed);
+  EC_KEY_copy := LoadFunction('EC_KEY_copy', AFailed);
+  EC_KEY_dup := LoadFunction('EC_KEY_dup', AFailed);
+  EC_KEY_up_ref := LoadFunction('EC_KEY_up_ref', AFailed);
+  EC_KEY_get0_engine := LoadFunction('EC_KEY_get0_engine', AFailed);
+  EC_KEY_get0_group := LoadFunction('EC_KEY_get0_group', AFailed);
+  EC_KEY_set_group := LoadFunction('EC_KEY_set_group', AFailed);
+  EC_KEY_get0_private_key := LoadFunction('EC_KEY_get0_private_key', AFailed);
+  EC_KEY_set_private_key := LoadFunction('EC_KEY_set_private_key', AFailed);
+  EC_KEY_get0_public_key := LoadFunction('EC_KEY_get0_public_key', AFailed);
+  EC_KEY_set_public_key := LoadFunction('EC_KEY_set_public_key', AFailed);
+  EC_KEY_get_enc_flags := LoadFunction('EC_KEY_get_enc_flags', AFailed);
+  EC_KEY_set_enc_flags := LoadFunction('EC_KEY_set_enc_flags', AFailed);
+  EC_KEY_get_conv_form := LoadFunction('EC_KEY_get_conv_form', AFailed);
+  EC_KEY_set_conv_form := LoadFunction('EC_KEY_set_conv_form', AFailed);
+  EC_KEY_set_ex_data := LoadFunction('EC_KEY_set_ex_data', AFailed);
+  EC_KEY_get_ex_data := LoadFunction('EC_KEY_get_ex_data', AFailed);
+  EC_KEY_set_asn1_flag := LoadFunction('EC_KEY_set_asn1_flag', AFailed);
+  EC_KEY_precompute_mult := LoadFunction('EC_KEY_precompute_mult', AFailed);
+  EC_KEY_generate_key := LoadFunction('EC_KEY_generate_key', AFailed);
+  EC_KEY_check_key := LoadFunction('EC_KEY_check_key', AFailed);
+  EC_KEY_can_sign := LoadFunction('EC_KEY_can_sign', AFailed);
+  EC_KEY_set_public_key_affine_coordinates := LoadFunction('EC_KEY_set_public_key_affine_coordinates', AFailed);
+  EC_KEY_key2buf := LoadFunction('EC_KEY_key2buf', AFailed);
+  EC_KEY_oct2key := LoadFunction('EC_KEY_oct2key', AFailed);
+  EC_KEY_oct2priv := LoadFunction('EC_KEY_oct2priv', AFailed);
+  EC_KEY_priv2oct := LoadFunction('EC_KEY_priv2oct', AFailed);
+  EC_KEY_priv2buf := LoadFunction('EC_KEY_priv2buf', AFailed);
+  d2i_ECPrivateKey := LoadFunction('d2i_ECPrivateKey', AFailed);
+  i2d_ECPrivateKey := LoadFunction('i2d_ECPrivateKey', AFailed);
+  o2i_ECPublicKey := LoadFunction('o2i_ECPublicKey', AFailed);
+  i2o_ECPublicKey := LoadFunction('i2o_ECPublicKey', AFailed);
+  ECParameters_print := LoadFunction('ECParameters_print', AFailed);
+  EC_KEY_print := LoadFunction('EC_KEY_print', AFailed);
+  EC_KEY_OpenSSL := LoadFunction('EC_KEY_OpenSSL', AFailed);
+  EC_KEY_get_default_method := LoadFunction('EC_KEY_get_default_method', AFailed);
+  EC_KEY_set_default_method := LoadFunction('EC_KEY_set_default_method', AFailed);
+  EC_KEY_get_method := LoadFunction('EC_KEY_get_method', AFailed);
+  EC_KEY_set_method := LoadFunction('EC_KEY_set_method', AFailed);
+  EC_KEY_new_method := LoadFunction('EC_KEY_new_method', AFailed);
+  ECDH_KDF_X9_62 := LoadFunction('ECDH_KDF_X9_62', AFailed);
+  ECDH_compute_key := LoadFunction('ECDH_compute_key', AFailed);
+  ECDSA_SIG_new := LoadFunction('ECDSA_SIG_new', AFailed);
+  ECDSA_SIG_free := LoadFunction('ECDSA_SIG_free', AFailed);
+  i2d_ECDSA_SIG := LoadFunction('i2d_ECDSA_SIG', AFailed);
+  d2i_ECDSA_SIG := LoadFunction('d2i_ECDSA_SIG', AFailed);
+  ECDSA_SIG_get0 := LoadFunction('ECDSA_SIG_get0', AFailed);
+  ECDSA_SIG_get0_r := LoadFunction('ECDSA_SIG_get0_r', AFailed);
+  ECDSA_SIG_get0_s := LoadFunction('ECDSA_SIG_get0_s', AFailed);
+  ECDSA_SIG_set0 := LoadFunction('ECDSA_SIG_set0', AFailed);
+  ECDSA_do_sign := LoadFunction('ECDSA_do_sign', AFailed);
+  ECDSA_do_sign_ex := LoadFunction('ECDSA_do_sign_ex', AFailed);
+  ECDSA_do_verify := LoadFunction('ECDSA_do_verify', AFailed);
+  ECDSA_sign_setup := LoadFunction('ECDSA_sign_setup', AFailed);
+  ECDSA_sign := LoadFunction('ECDSA_sign', AFailed);
+  ECDSA_sign_ex := LoadFunction('ECDSA_sign_ex', AFailed);
+  ECDSA_verify := LoadFunction('ECDSA_verify', AFailed);
+  ECDSA_size := LoadFunction('ECDSA_size', AFailed);
+  EC_KEY_METHOD_new := LoadFunction('EC_KEY_METHOD_new', AFailed);
+  EC_KEY_METHOD_free := LoadFunction('EC_KEY_METHOD_free', AFailed);
+  EC_KEY_METHOD_set_init := LoadFunction('EC_KEY_METHOD_set_init', AFailed);
+  EC_KEY_METHOD_set_keygen := LoadFunction('EC_KEY_METHOD_set_keygen', AFailed);
+  EC_KEY_METHOD_set_compute_key := LoadFunction('EC_KEY_METHOD_set_compute_key', AFailed);
+  EC_KEY_METHOD_set_sign := LoadFunction('EC_KEY_METHOD_set_sign', AFailed);
+  EC_KEY_METHOD_set_verify := LoadFunction('EC_KEY_METHOD_set_verify', AFailed);
+  EC_KEY_METHOD_get_init := LoadFunction('EC_KEY_METHOD_get_init', AFailed);
+  EC_KEY_METHOD_get_keygen := LoadFunction('EC_KEY_METHOD_get_keygen', AFailed);
+  EC_KEY_METHOD_get_compute_key := LoadFunction('EC_KEY_METHOD_get_compute_key', AFailed);
+  EC_KEY_METHOD_get_sign := LoadFunction('EC_KEY_METHOD_get_sign', AFailed);
+  EC_KEY_METHOD_get_verify := LoadFunction('EC_KEY_METHOD_get_verify', AFailed);
+end;
+
+procedure UnLoad;
+begin
+  EC_GFp_simple_method := nil;
+  EC_GFp_mont_method := nil;
+  EC_GFp_nist_method := nil;
+  EC_GFp_nistp224_method := nil;
+  EC_GFp_nistp256_method := nil;
+  EC_GFp_nistp521_method := nil;
+  EC_GF2m_simple_method := nil;
+  EC_GROUP_new := nil;
+  EC_GROUP_free := nil;
+  EC_GROUP_clear_free := nil;
+  EC_GROUP_copy := nil;
+  EC_GROUP_dup := nil;
+  EC_GROUP_method_of := nil;
+  EC_METHOD_get_field_type := nil;
+  EC_GROUP_set_generator := nil;
+  EC_GROUP_get0_generator := nil;
+  EC_GROUP_get_mont_data := nil;
+  EC_GROUP_get_order := nil;
+  EC_GROUP_get0_order := nil;
+  EC_GROUP_order_bits := nil;
+  EC_GROUP_get_cofactor := nil;
+  EC_GROUP_get0_cofactor := nil;
+  EC_GROUP_set_curve_name := nil;
+  EC_GROUP_get_curve_name := nil;
+  EC_GROUP_set_asn1_flag := nil;
+  EC_GROUP_get_asn1_flag := nil;
+  EC_GROUP_set_point_conversion_form := nil;
+  EC_GROUP_get_point_conversion_form := nil;
+  EC_GROUP_get0_seed := nil;
+  EC_GROUP_get_seed_len := nil;
+  EC_GROUP_set_seed := nil;
+  EC_GROUP_set_curve := nil;
+  EC_GROUP_get_curve := nil;
+  EC_GROUP_set_curve_GFp := nil;
+  EC_GROUP_get_curve_GFp := nil;
+  EC_GROUP_set_curve_GF2m := nil;
+  EC_GROUP_get_curve_GF2m := nil;
+  EC_GROUP_get_degree := nil;
+  EC_GROUP_check := nil;
+  EC_GROUP_check_discriminant := nil;
+  EC_GROUP_cmp := nil;
+  EC_GROUP_new_curve_GFp := nil;
+  EC_GROUP_new_curve_GF2m := nil;
+  EC_GROUP_new_by_curve_name := nil;
+  EC_GROUP_new_from_ecparameters := nil;
+  EC_GROUP_get_ecparameters := nil;
+  EC_GROUP_new_from_ecpkparameters := nil;
+  EC_GROUP_get_ecpkparameters := nil;
+  EC_get_builtin_curves := nil;
+  EC_curve_nid2nist := nil;
+  EC_curve_nist2nid := nil;
+  EC_POINT_new := nil;
+  EC_POINT_free := nil;
+  EC_POINT_clear_free := nil;
+  EC_POINT_copy := nil;
+  EC_POINT_dup := nil;
+  EC_POINT_method_of := nil;
+  EC_POINT_set_to_infinity := nil;
+  EC_POINT_set_Jprojective_coordinates_GFp := nil;
+  EC_POINT_get_Jprojective_coordinates_GFp := nil;
+  EC_POINT_set_affine_coordinates := nil;
+  EC_POINT_get_affine_coordinates := nil;
+  EC_POINT_set_affine_coordinates_GFp := nil;
+  EC_POINT_get_affine_coordinates_GFp := nil;
+  EC_POINT_set_compressed_coordinates := nil;
+  EC_POINT_set_compressed_coordinates_GFp := nil;
+  EC_POINT_set_affine_coordinates_GF2m := nil;
+  EC_POINT_get_affine_coordinates_GF2m := nil;
+  EC_POINT_set_compressed_coordinates_GF2m := nil;
+  EC_POINT_point2oct := nil;
+  EC_POINT_oct2point := nil;
+  EC_POINT_point2buf := nil;
+  EC_POINT_point2bn := nil;
+  EC_POINT_bn2point := nil;
+  EC_POINT_point2hex := nil;
+  EC_POINT_hex2point := nil;
+  EC_POINT_add := nil;
+  EC_POINT_dbl := nil;
+  EC_POINT_invert := nil;
+  EC_POINT_is_at_infinity := nil;
+  EC_POINT_is_on_curve := nil;
+  EC_POINT_cmp := nil;
+  EC_POINT_make_affine := nil;
+  EC_POINTs_make_affine := nil;
+  EC_POINTs_mul := nil;
+  EC_POINT_mul := nil;
+  EC_GROUP_precompute_mult := nil;
+  EC_GROUP_have_precompute_mult := nil;
+  ECPKPARAMETERS_it := nil;
+  ECPKPARAMETERS_new := nil;
+  ECPKPARAMETERS_free := nil;
+  ECPARAMETERS_it := nil;
+  ECPARAMETERS_new := nil;
+  ECPARAMETERS_free := nil;
+  EC_GROUP_get_basis_type := nil;
+  EC_GROUP_get_trinomial_basis := nil;
+  EC_GROUP_get_pentanomial_basis := nil;
+  d2i_ECPKParameters := nil;
+  i2d_ECPKParameters := nil;
+  ECPKParameters_print := nil;
+  EC_KEY_new := nil;
+  EC_KEY_get_flags := nil;
+  EC_KEY_set_flags := nil;
+  EC_KEY_clear_flags := nil;
+  EC_KEY_new_by_curve_name := nil;
+  EC_KEY_free := nil;
+  EC_KEY_copy := nil;
+  EC_KEY_dup := nil;
+  EC_KEY_up_ref := nil;
+  EC_KEY_get0_engine := nil;
+  EC_KEY_get0_group := nil;
+  EC_KEY_set_group := nil;
+  EC_KEY_get0_private_key := nil;
+  EC_KEY_set_private_key := nil;
+  EC_KEY_get0_public_key := nil;
+  EC_KEY_set_public_key := nil;
+  EC_KEY_get_enc_flags := nil;
+  EC_KEY_set_enc_flags := nil;
+  EC_KEY_get_conv_form := nil;
+  EC_KEY_set_conv_form := nil;
+  EC_KEY_set_ex_data := nil;
+  EC_KEY_get_ex_data := nil;
+  EC_KEY_set_asn1_flag := nil;
+  EC_KEY_precompute_mult := nil;
+  EC_KEY_generate_key := nil;
+  EC_KEY_check_key := nil;
+  EC_KEY_can_sign := nil;
+  EC_KEY_set_public_key_affine_coordinates := nil;
+  EC_KEY_key2buf := nil;
+  EC_KEY_oct2key := nil;
+  EC_KEY_oct2priv := nil;
+  EC_KEY_priv2oct := nil;
+  EC_KEY_priv2buf := nil;
+  d2i_ECPrivateKey := nil;
+  i2d_ECPrivateKey := nil;
+  o2i_ECPublicKey := nil;
+  i2o_ECPublicKey := nil;
+  ECParameters_print := nil;
+  EC_KEY_print := nil;
+  EC_KEY_OpenSSL := nil;
+  EC_KEY_get_default_method := nil;
+  EC_KEY_set_default_method := nil;
+  EC_KEY_get_method := nil;
+  EC_KEY_set_method := nil;
+  EC_KEY_new_method := nil;
+  ECDH_KDF_X9_62 := nil;
+  ECDH_compute_key := nil;
+  ECDSA_SIG_new := nil;
+  ECDSA_SIG_free := nil;
+  i2d_ECDSA_SIG := nil;
+  d2i_ECDSA_SIG := nil;
+  ECDSA_SIG_get0 := nil;
+  ECDSA_SIG_get0_r := nil;
+  ECDSA_SIG_get0_s := nil;
+  ECDSA_SIG_set0 := nil;
+  ECDSA_do_sign := nil;
+  ECDSA_do_sign_ex := nil;
+  ECDSA_do_verify := nil;
+  ECDSA_sign_setup := nil;
+  ECDSA_sign := nil;
+  ECDSA_sign_ex := nil;
+  ECDSA_verify := nil;
+  ECDSA_size := nil;
+  EC_KEY_METHOD_new := nil;
+  EC_KEY_METHOD_free := nil;
+  EC_KEY_METHOD_set_init := nil;
+  EC_KEY_METHOD_set_keygen := nil;
+  EC_KEY_METHOD_set_compute_key := nil;
+  EC_KEY_METHOD_set_sign := nil;
+  EC_KEY_METHOD_set_verify := nil;
+  EC_KEY_METHOD_get_init := nil;
+  EC_KEY_METHOD_get_keygen := nil;
+  EC_KEY_METHOD_get_compute_key := nil;
+  EC_KEY_METHOD_get_sign := nil;
+  EC_KEY_METHOD_get_verify := nil;
+end;
+{$ENDREGION}
+
+end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ecerr.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ecerr.pas
new file mode 100644
index 000000000..bdd342d93
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ecerr.pas
@@ -0,0 +1,326 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 15:01:04
+
+unit IdOpenSSLHeaders_ecerr;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// ecerr.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  Classes,
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+const
+  (*
+   * EC function codes.
+   *)
+  EC_F_BN_TO_FELEM = 224;
+  EC_F_D2I_ECPARAMETERS = 144;
+  EC_F_D2I_ECPKPARAMETERS = 145;
+  EC_F_D2I_ECPRIVATEKEY = 146;
+  EC_F_DO_EC_KEY_PRINT = 221;
+  EC_F_ECDH_CMS_DECRYPT = 238;
+  EC_F_ECDH_CMS_SET_SHARED_INFO = 239;
+  EC_F_ECDH_COMPUTE_KEY = 246;
+  EC_F_ECDH_SIMPLE_COMPUTE_KEY = 257;
+  EC_F_ECDSA_DO_SIGN_EX = 251;
+  EC_F_ECDSA_DO_VERIFY = 252;
+  EC_F_ECDSA_SIGN_EX = 254;
+  EC_F_ECDSA_SIGN_SETUP = 248;
+  EC_F_ECDSA_SIG_NEW = 265;
+  EC_F_ECDSA_VERIFY = 253;
+  EC_F_ECD_ITEM_VERIFY = 270;
+  EC_F_ECKEY_PARAM2TYPE = 223;
+  EC_F_ECKEY_PARAM_DECODE = 212;
+  EC_F_ECKEY_PRIV_DECODE = 213;
+  EC_F_ECKEY_PRIV_ENCODE = 214;
+  EC_F_ECKEY_PUB_DECODE = 215;
+  EC_F_ECKEY_PUB_ENCODE = 216;
+  EC_F_ECKEY_TYPE2PARAM = 220;
+  EC_F_ECPARAMETERS_PRINT = 147;
+  EC_F_ECPARAMETERS_PRINT_FP = 148;
+  EC_F_ECPKPARAMETERS_PRINT = 149;
+  EC_F_ECPKPARAMETERS_PRINT_FP = 150;
+  EC_F_ECP_NISTZ256_GET_AFFINE = 240;
+  EC_F_ECP_NISTZ256_INV_MOD_ORD = 275;
+  EC_F_ECP_NISTZ256_MULT_PRECOMPUTE = 243;
+  EC_F_ECP_NISTZ256_POINTS_MUL = 241;
+  EC_F_ECP_NISTZ256_PRE_COMP_NEW = 244;
+  EC_F_ECP_NISTZ256_WINDOWED_MUL = 242;
+  EC_F_ECX_KEY_OP = 266;
+  EC_F_ECX_PRIV_ENCODE = 267;
+  EC_F_ECX_PUB_ENCODE = 268;
+  EC_F_EC_ASN1_GROUP2CURVE = 153;
+  EC_F_EC_ASN1_GROUP2FIELDID = 154;
+  EC_F_EC_GF2M_MONTGOMERY_POINT_MULTIPLY = 208;
+  EC_F_EC_GF2M_SIMPLE_FIELD_INV = 296;
+  EC_F_EC_GF2M_SIMPLE_GROUP_CHECK_DISCRIMINANT = 159;
+  EC_F_EC_GF2M_SIMPLE_GROUP_SET_CURVE = 195;
+  EC_F_EC_GF2M_SIMPLE_LADDER_POST = 285;
+  EC_F_EC_GF2M_SIMPLE_LADDER_PRE = 288;
+  EC_F_EC_GF2M_SIMPLE_OCT2POINT = 160;
+  EC_F_EC_GF2M_SIMPLE_POINT2OCT = 161;
+  EC_F_EC_GF2M_SIMPLE_POINTS_MUL = 289;
+  EC_F_EC_GF2M_SIMPLE_POINT_GET_AFFINE_COORDINATES = 162;
+  EC_F_EC_GF2M_SIMPLE_POINT_SET_AFFINE_COORDINATES = 163;
+  EC_F_EC_GF2M_SIMPLE_SET_COMPRESSED_COORDINATES = 164;
+  EC_F_EC_GFP_MONT_FIELD_DECODE = 133;
+  EC_F_EC_GFP_MONT_FIELD_ENCODE = 134;
+  EC_F_EC_GFP_MONT_FIELD_INV = 297;
+  EC_F_EC_GFP_MONT_FIELD_MUL = 131;
+  EC_F_EC_GFP_MONT_FIELD_SET_TO_ONE = 209;
+  EC_F_EC_GFP_MONT_FIELD_SQR = 132;
+  EC_F_EC_GFP_MONT_GROUP_SET_CURVE = 189;
+  EC_F_EC_GFP_NISTP224_GROUP_SET_CURVE = 225;
+  EC_F_EC_GFP_NISTP224_POINTS_MUL = 228;
+  EC_F_EC_GFP_NISTP224_POINT_GET_AFFINE_COORDINATES = 226;
+  EC_F_EC_GFP_NISTP256_GROUP_SET_CURVE = 230;
+  EC_F_EC_GFP_NISTP256_POINTS_MUL = 231;
+  EC_F_EC_GFP_NISTP256_POINT_GET_AFFINE_COORDINATES = 232;
+  EC_F_EC_GFP_NISTP521_GROUP_SET_CURVE = 233;
+  EC_F_EC_GFP_NISTP521_POINTS_MUL = 234;
+  EC_F_EC_GFP_NISTP521_POINT_GET_AFFINE_COORDINATES = 235;
+  EC_F_EC_GFP_NIST_FIELD_MUL = 200;
+  EC_F_EC_GFP_NIST_FIELD_SQR = 201;
+  EC_F_EC_GFP_NIST_GROUP_SET_CURVE = 202;
+  EC_F_EC_GFP_SIMPLE_BLIND_COORDINATES = 287;
+  EC_F_EC_GFP_SIMPLE_FIELD_INV = 298;
+  EC_F_EC_GFP_SIMPLE_GROUP_CHECK_DISCRIMINANT = 165;
+  EC_F_EC_GFP_SIMPLE_GROUP_SET_CURVE = 166;
+  EC_F_EC_GFP_SIMPLE_MAKE_AFFINE = 102;
+  EC_F_EC_GFP_SIMPLE_OCT2POINT = 103;
+  EC_F_EC_GFP_SIMPLE_POINT2OCT = 104;
+  EC_F_EC_GFP_SIMPLE_POINTS_MAKE_AFFINE = 137;
+  EC_F_EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES = 167;
+  EC_F_EC_GFP_SIMPLE_POINT_SET_AFFINE_COORDINATES = 168;
+  EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES = 169;
+  EC_F_EC_GROUP_CHECK = 170;
+  EC_F_EC_GROUP_CHECK_DISCRIMINANT = 171;
+  EC_F_EC_GROUP_COPY = 106;
+  EC_F_EC_GROUP_GET_CURVE = 291;
+  EC_F_EC_GROUP_GET_CURVE_GF2M = 172;
+  EC_F_EC_GROUP_GET_CURVE_GFP = 130;
+  EC_F_EC_GROUP_GET_DEGREE = 173;
+  EC_F_EC_GROUP_GET_ECPARAMETERS = 261;
+  EC_F_EC_GROUP_GET_ECPKPARAMETERS = 262;
+  EC_F_EC_GROUP_GET_PENTANOMIAL_BASIS = 193;
+  EC_F_EC_GROUP_GET_TRINOMIAL_BASIS = 194;
+  EC_F_EC_GROUP_NEW = 108;
+  EC_F_EC_GROUP_NEW_BY_CURVE_NAME = 174;
+  EC_F_EC_GROUP_NEW_FROM_DATA = 175;
+  EC_F_EC_GROUP_NEW_FROM_ECPARAMETERS = 263;
+  EC_F_EC_GROUP_NEW_FROM_ECPKPARAMETERS = 264;
+  EC_F_EC_GROUP_SET_CURVE = 292;
+  EC_F_EC_GROUP_SET_CURVE_GF2M = 176;
+  EC_F_EC_GROUP_SET_CURVE_GFP = 109;
+  EC_F_EC_GROUP_SET_GENERATOR = 111;
+  EC_F_EC_GROUP_SET_SEED = 286;
+  EC_F_EC_KEY_CHECK_KEY = 177;
+  EC_F_EC_KEY_COPY = 178;
+  EC_F_EC_KEY_GENERATE_KEY = 179;
+  EC_F_EC_KEY_NEW = 182;
+  EC_F_EC_KEY_NEW_METHOD = 245;
+  EC_F_EC_KEY_OCT2PRIV = 255;
+  EC_F_EC_KEY_PRINT = 180;
+  EC_F_EC_KEY_PRINT_FP = 181;
+  EC_F_EC_KEY_PRIV2BUF = 279;
+  EC_F_EC_KEY_PRIV2OCT = 256;
+  EC_F_EC_KEY_SET_PUBLIC_KEY_AFFINE_COORDINATES = 229;
+  EC_F_EC_KEY_SIMPLE_CHECK_KEY = 258;
+  EC_F_EC_KEY_SIMPLE_OCT2PRIV = 259;
+  EC_F_EC_KEY_SIMPLE_PRIV2OCT = 260;
+  EC_F_EC_PKEY_CHECK = 273;
+  EC_F_EC_PKEY_PARAM_CHECK = 274;
+  EC_F_EC_POINTS_MAKE_AFFINE = 136;
+  EC_F_EC_POINTS_MUL = 290;
+  EC_F_EC_POINT_ADD = 112;
+  EC_F_EC_POINT_BN2POINT = 280;
+  EC_F_EC_POINT_CMP = 113;
+  EC_F_EC_POINT_COPY = 114;
+  EC_F_EC_POINT_DBL = 115;
+  EC_F_EC_POINT_GET_AFFINE_COORDINATES = 293;
+  EC_F_EC_POINT_GET_AFFINE_COORDINATES_GF2M = 183;
+  EC_F_EC_POINT_GET_AFFINE_COORDINATES_GFP = 116;
+  EC_F_EC_POINT_GET_JPROJECTIVE_COORDINATES_GFP = 117;
+  EC_F_EC_POINT_INVERT = 210;
+  EC_F_EC_POINT_IS_AT_INFINITY = 118;
+  EC_F_EC_POINT_IS_ON_CURVE = 119;
+  EC_F_EC_POINT_MAKE_AFFINE = 120;
+  EC_F_EC_POINT_NEW = 121;
+  EC_F_EC_POINT_OCT2POINT = 122;
+  EC_F_EC_POINT_POINT2BUF = 281;
+  EC_F_EC_POINT_POINT2OCT = 123;
+  EC_F_EC_POINT_SET_AFFINE_COORDINATES = 294;
+  EC_F_EC_POINT_SET_AFFINE_COORDINATES_GF2M = 185;
+  EC_F_EC_POINT_SET_AFFINE_COORDINATES_GFP = 124;
+  EC_F_EC_POINT_SET_COMPRESSED_COORDINATES = 295;
+  EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GF2M = 186;
+  EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GFP = 125;
+  EC_F_EC_POINT_SET_JPROJECTIVE_COORDINATES_GFP = 126;
+  EC_F_EC_POINT_SET_TO_INFINITY = 127;
+  EC_F_EC_PRE_COMP_NEW = 196;
+  EC_F_EC_SCALAR_MUL_LADDER = 284;
+  EC_F_EC_WNAF_MUL = 187;
+  EC_F_EC_WNAF_PRECOMPUTE_MULT = 188;
+  EC_F_I2D_ECPARAMETERS = 190;
+  EC_F_I2D_ECPKPARAMETERS = 191;
+  EC_F_I2D_ECPRIVATEKEY = 192;
+  EC_F_I2O_ECPUBLICKEY = 151;
+  EC_F_NISTP224_PRE_COMP_NEW = 227;
+  EC_F_NISTP256_PRE_COMP_NEW = 236;
+  EC_F_NISTP521_PRE_COMP_NEW = 237;
+  EC_F_O2I_ECPUBLICKEY = 152;
+  EC_F_OLD_EC_PRIV_DECODE = 222;
+  EC_F_OSSL_ECDH_COMPUTE_KEY = 247;
+  EC_F_OSSL_ECDSA_SIGN_SIG = 249;
+  EC_F_OSSL_ECDSA_VERIFY_SIG = 250;
+  EC_F_PKEY_ECD_CTRL = 271;
+  EC_F_PKEY_ECD_DIGESTSIGN = 272;
+  EC_F_PKEY_ECD_DIGESTSIGN25519 = 276;
+  EC_F_PKEY_ECD_DIGESTSIGN448 = 277;
+  EC_F_PKEY_ECX_DERIVE = 269;
+  EC_F_PKEY_EC_CTRL = 197;
+  EC_F_PKEY_EC_CTRL_STR = 198;
+  EC_F_PKEY_EC_DERIVE = 217;
+  EC_F_PKEY_EC_INIT = 282;
+  EC_F_PKEY_EC_KDF_DERIVE = 283;
+  EC_F_PKEY_EC_KEYGEN = 199;
+  EC_F_PKEY_EC_PARAMGEN = 219;
+  EC_F_PKEY_EC_SIGN = 218;
+  EC_F_VALIDATE_ECX_DERIVE = 278;
+
+  (*
+   * EC reason codes.
+   *)
+  EC_R_ASN1_ERROR =   115;
+  EC_R_BAD_SIGNATURE =   156;
+  EC_R_BIGNUM_OUT_OF_RANGE =  144;
+  EC_R_BUFFER_TOO_SMALL =  100;
+  EC_R_CANNOT_INVERT =   165;
+  EC_R_COORDINATES_OUT_OF_RANGE =  146;
+  EC_R_CURVE_DOES_NOT_SUPPORT_ECDH =  160;
+  EC_R_CURVE_DOES_NOT_SUPPORT_SIGNING = 159;
+  EC_R_D2I_ECPKPARAMETERS_FAILURE =  117;
+  EC_R_DECODE_ERROR =   142;
+  EC_R_DISCRIMINANT_IS_ZERO =  118;
+  EC_R_EC_GROUP_NEW_BY_NAME_FAILURE =  119;
+  EC_R_FIELD_TOO_LARGE =  143;
+  EC_R_GF2M_NOT_SUPPORTED =  147;
+  EC_R_GROUP2PKPARAMETERS_FAILURE =  120;
+  EC_R_I2D_ECPKPARAMETERS_FAILURE =  121;
+  EC_R_INCOMPATIBLE_OBJECTS =  101;
+  EC_R_INVALID_ARGUMENT =  112;
+  EC_R_INVALID_COMPRESSED_POINT =  110;
+  EC_R_INVALID_COMPRESSION_BIT =  109;
+  EC_R_INVALID_CURVE =   141;
+  EC_R_INVALID_DIGEST =  151;
+  EC_R_INVALID_DIGEST_TYPE =  138;
+  EC_R_INVALID_ENCODING =  102;
+  EC_R_INVALID_FIELD =   103;
+  EC_R_INVALID_FORM =   104;
+  EC_R_INVALID_GROUP_ORDER =  122;
+  EC_R_INVALID_KEY =   116;
+  EC_R_INVALID_OUTPUT_LENGTH =  161;
+  EC_R_INVALID_PEER_KEY =  133;
+  EC_R_INVALID_PENTANOMIAL_BASIS =  132;
+  EC_R_INVALID_PRIVATE_KEY =  123;
+  EC_R_INVALID_TRINOMIAL_BASIS =  137;
+  EC_R_KDF_PARAMETER_ERROR =  148;
+  EC_R_KEYS_NOT_SET =   140;
+  EC_R_LADDER_POST_FAILURE =  136;
+  EC_R_LADDER_PRE_FAILURE =  153;
+  EC_R_LADDER_STEP_FAILURE =  162;
+  EC_R_MISSING_PARAMETERS =  124;
+  EC_R_MISSING_PRIVATE_KEY =  125;
+  EC_R_NEED_NEW_SETUP_VALUES =  157;
+  EC_R_NOT_A_NIST_PRIME =  135;
+  EC_R_NOT_IMPLEMENTED =  126;
+  EC_R_NOT_INITIALIZED =  111;
+  EC_R_NO_PARAMETERS_SET =  139;
+  EC_R_NO_PRIVATE_VALUE =  154;
+  EC_R_OPERATION_NOT_SUPPORTED =  152;
+  EC_R_PASSED_NULL_PARAMETER =  134;
+  EC_R_PEER_KEY_ERROR =  149;
+  EC_R_PKPARAMETERS2GROUP_FAILURE =  127;
+  EC_R_POINT_ARITHMETIC_FAILURE =  155;
+  EC_R_POINT_AT_INFINITY =  106;
+  EC_R_POINT_COORDINATES_BLIND_FAILURE = 163;
+  EC_R_POINT_IS_NOT_ON_CURVE =  107;
+  EC_R_RANDOM_NUMBER_GENERATION_FAILED = 158;
+  EC_R_SHARED_INFO_ERROR =  150;
+  EC_R_SLOT_FULL =   108;
+  EC_R_UNDEFINED_GENERATOR =  113;
+  EC_R_UNDEFINED_ORDER =  128;
+  EC_R_UNKNOWN_COFACTOR =  164;
+  EC_R_UNKNOWN_GROUP =   129;
+  EC_R_UNKNOWN_ORDER =   114;
+  EC_R_UNSUPPORTED_FIELD =  131;
+  EC_R_WRONG_CURVE_PARAMETERS =  145;
+  EC_R_WRONG_ORDER =   130;
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+procedure UnLoad;
+{$ENDREGION}
+
+var
+  ERR_load_EC_strings: function: TIdC_INT cdecl = nil;
+
+implementation
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+
+  function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
+  begin
+    Result := LoadLibFunction(ADllHandle, AMethodName);
+    if not Assigned(Result) then
+      AFailed.Add(AMethodName);
+  end;
+
+begin
+  ERR_load_EC_strings := LoadFunction('ERR_load_EC_strings', AFailed);
+end;
+
+procedure UnLoad;
+begin
+  ERR_load_EC_strings := nil;
+end;
+{$ENDREGION}
+
+end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_engine.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_engine.pas
new file mode 100644
index 000000000..cc95fb2d0
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_engine.pas
@@ -0,0 +1,979 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 15:01:04
+
+unit IdOpenSSLHeaders_engine;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// engine.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  Classes,
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts,
+  IdOpenSSLHeaders_ossl_typ,
+  IdOpenSSLHeaders_ec;
+
+const
+  (*
+   * These flags are used to control combinations of algorithm (methods) by
+   * bitwise "OR"ing.
+   *)
+  ENGINE_METHOD_RSA               = TIdC_UINT($0001);
+  ENGINE_METHOD_DSA               = TIdC_UINT($0002);
+  ENGINE_METHOD_DH                = TIdC_UINT($0004);
+  ENGINE_METHOD_RAND              = TIdC_UINT($0008);
+  ENGINE_METHOD_CIPHERS           = TIdC_UINT($0040);
+  ENGINE_METHOD_DIGESTS           = TIdC_UINT($0080);
+  ENGINE_METHOD_PKEY_METHS        = TIdC_UINT($0200);
+  ENGINE_METHOD_PKEY_ASN1_METHS   = TIdC_UINT($0400);
+  ENGINE_METHOD_EC                = TIdC_UINT($0800);
+  (* Obvious all-or-nothing cases. *)
+  ENGINE_METHOD_ALL               = TIdC_UINT($FFFF);
+  ENGINE_METHOD_NONE              = TIdC_UINT($0000);
+
+  //
+  // This(ese) flag(s) controls behaviour of the ENGINE_TABLE mechanism used
+  // internally to control registration of ENGINE implementations, and can be
+  // set by ENGINE_set_table_flags(). The "NOINIT" flag prevents attempts to
+  // initialise registered ENGINEs if they are not already initialised.
+  //
+  ENGINE_TABLE_FLAG_NOINIT        = TIdC_UINT($0001);
+
+  //
+  // This flag is for ENGINEs that wish to handle the various 'CMD'-related
+  // control commands on their own. Without this flag, ENGINE_ctrl() handles
+  // these control commands on behalf of the ENGINE using their "cmd_defns"
+  // data.
+  //
+  ENGINE_FLAGS_MANUAL_CMD_CTRL    = TIdC_INT($0002);
+
+  //
+  // This flag is for ENGINEs who return new duplicate structures when found
+  // via "ENGINE_by_id()". When an ENGINE must store state (eg. if
+  // ENGINE_ctrl() commands are called in sequence as part of some stateful
+  // process like key-generation setup and execution), it can set this flag -
+  // then each attempt to obtain the ENGINE will result in it being copied intoo
+  // a new structure. Normally, ENGINEs don't declare this flag so
+  // ENGINE_by_id() just increments the existing ENGINE's structural reference
+  // count.
+  //
+  ENGINE_FLAGS_BY_ID_COPY         = TIdC_INT($0004);
+
+  //
+  // This flag if for an ENGINE that does not want its methods registered as
+  // part of ENGINE_register_all_complete() for example if the methods are not
+  // usable as default methods.
+  //
+
+  ENGINE_FLAGS_NO_REGISTER_ALL    = TIdC_INT($0008);
+
+  //
+  // ENGINEs can support their own command types, and these flags are used in
+  // ENGINE_CTRL_GET_CMD_FLAGS to indicate to the caller what kind of input
+  // each command expects. Currently only numeric and string input is
+  // supported. If a control command supports none of the _NUMERIC, _STRING, or
+  // _NO_INPUT options, then it is regarded as an "internal" control command -
+  // and not for use in config setting situations. As such, they're not
+  // available to the ENGINE_ctrl_cmd_string() function, only raw ENGINE_ctrl()
+  // access. Changes to this list of 'command types' should be reflected
+  // carefully in ENGINE_cmd_is_executable() and ENGINE_ctrl_cmd_string().
+  //
+
+  // accepts a 'long' input value (3rd parameter to ENGINE_ctrl) */
+  ENGINE_CMD_FLAG_NUMERIC         = TIdC_UINT($0001);
+  //
+  // accepts string input (cast from 'void*' to 'const char *', 4th parameter
+  // to ENGINE_ctrl)
+  //
+  ENGINE_CMD_FLAG_STRING          = TIdC_UINT($0002);
+  //
+  // Indicates that the control command takes *no* input. Ie. the control
+  // command is unparameterised.
+  //
+  ENGINE_CMD_FLAG_NO_INPUT        = TIdC_UINT($0004);
+  //
+  // Indicates that the control command is internal. This control command won't
+  // be shown in any output, and is only usable through the ENGINE_ctrl_cmd()
+  // function.
+  //
+  ENGINE_CMD_FLAG_INTERNAL        = TIdC_UINT($0008);
+
+  //
+  // NB: These 3 control commands are deprecated and should not be used.
+  // ENGINEs relying on these commands should compile conditional support for
+  // compatibility (eg. if these symbols are defined) but should also migrate
+  // the same functionality to their own ENGINE-specific control functions that
+  // can be "discovered" by calling applications. The fact these control
+  // commands wouldn't be "executable" (ie. usable by text-based config)
+  // doesn't change the fact that application code can find and use them
+  // without requiring per-ENGINE hacking.
+  //
+
+  //
+  // These flags are used to tell the ctrl function what should be done. All
+  // command numbers are shared between all engines, even if some don't make
+  // sense to some engines.  In such a case, they do nothing but return the
+  // error ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED.
+  //
+  ENGINE_CTRL_SET_LOGSTREAM              = 1;
+  ENGINE_CTRL_SET_PASSWORD_CALLBACK      = 2;
+  ENGINE_CTRL_HUP                        = 3;// Close and reinitialise
+                                             // any handles/connections
+                                             // etc.
+  ENGINE_CTRL_SET_USER_INTERFACE         = 4;// Alternative to callback
+  ENGINE_CTRL_SET_CALLBACK_DATA          = 5;// User-specific data, used
+                                             // when calling the password
+                                             // callback and the user
+                                             // interface
+  ENGINE_CTRL_LOAD_CONFIGURATION         = 6;// Load a configuration,
+                                             // given a string that
+                                             // represents a file name
+                                             // or so
+  ENGINE_CTRL_LOAD_SECTION               = 7;// Load data from a given
+                                             // section in the already
+                                             // loaded configuration
+
+  //
+  // These control commands allow an application to deal with an arbitrary
+  // engine in a dynamic way. Warn: Negative return values indicate errors FOR
+  // THESE COMMANDS because zero is used to indicate 'end-of-list'. Other
+  // commands, including ENGINE-specific command types, return zero for an
+  // error. An ENGINE can choose to implement these ctrl functions, and can
+  // internally manage things however it chooses - it does so by setting the
+  // ENGINE_FLAGS_MANUAL_CMD_CTRL flag (using ENGINE_set_flags()). Otherwise
+  // the ENGINE_ctrl() code handles this on the ENGINE's behalf using the
+  // cmd_defns data (set using ENGINE_set_cmd_defns()). This means an ENGINE's
+  // ctrl() handler need only implement its own commands - the above "meta"
+  // commands will be taken care of.
+  //
+
+  //
+  // Returns non-zero if the supplied ENGINE has a ctrl() handler. If "not",
+  // then all the remaining control commands will return failure, so it is
+  // worth checking this first if the caller is trying to "discover" the
+  // engine's capabilities and doesn't want errors generated unnecessarily.
+  //
+  ENGINE_CTRL_HAS_CTRL_FUNCTION          = 10;
+  //
+  // Returns a positive command number for the first command supported by the
+  // engine. Returns zero if no ctrl commands are supported.
+  //
+  ENGINE_CTRL_GET_FIRST_CMD_TYPE         = 11;
+  //
+  // The 'long' argument specifies a command implemented by the engine, and the
+  // return value is the next command supported, or zero if there are no more.
+  //
+  ENGINE_CTRL_GET_NEXT_CMD_TYPE          = 12;
+  //
+  // The 'void*' argument is a command name (cast from 'const char *'), and the
+  // return value is the command that corresponds to it.
+  //
+  ENGINE_CTRL_GET_CMD_FROM_NAME          = 13;
+  //
+  // The next two allow a command to be converted into its corresponding string
+  // form. In each case, the 'long' argument supplies the command. In the
+  // NAME_LEN case, the return value is the length of the command name (not
+  // counting a trailing EOL). In the NAME case, the 'void*' argument must be a
+  // string buffer large enough, and it will be populated with the name of the
+  // command (WITH a trailing EOL).
+  //
+  ENGINE_CTRL_GET_NAME_LEN_FROM_CMD      = 14;
+  ENGINE_CTRL_GET_NAME_FROM_CMD          = 15;
+  // The next two are similar but give a "short description" of a command. */
+  ENGINE_CTRL_GET_DESC_LEN_FROM_CMD      = 16;
+  ENGINE_CTRL_GET_DESC_FROM_CMD          = 17;
+  //
+  // With this command, the return value is the OR'd combination of
+  // ENGINE_CMD_FLAG_*** values that indicate what kind of input a given
+  // engine-specific ctrl command expects.
+  //
+  ENGINE_CTRL_GET_CMD_FLAGS              = 18;
+
+  //
+  // ENGINE implementations should start the numbering of their own control
+  // commands from this value. (ie. ENGINE_CMD_BASE, ENGINE_CMD_BASE += 1, etc).
+  //
+  ENGINE_CMD_BASE                        = 200;
+
+  //
+  // NB: These 2 nCipher "chil" control commands are deprecated, and their
+  // functionality is now available through ENGINE-specific control commands
+  // (exposed through the above-mentioned 'CMD'-handling). Code using these 2
+  // commands should be migrated to the more general command handling before
+  // these are removed.
+  //
+
+  // Flags specific to the nCipher "chil" engine */
+  ENGINE_CTRL_CHIL_SET_FORKCHECK         = 100;
+  //
+  // Depending on the value of the (long)i argument, this sets or
+  // unsets the SimpleForkCheck flag in the CHIL API to enable or
+  // disable checking and workarounds for applications that fork().
+  //
+  ENGINE_CTRL_CHIL_NO_LOCKING            = 101;
+  //
+  // This prevents the initialisation function from providing mutex
+  // callbacks to the nCipher library.
+  //
+
+type
+  //
+  // If an ENGINE supports its own specific control commands and wishes the
+  // framework to handle the above 'ENGINE_CMD_***'-manipulation commands on
+  // its behalf, it should supply a null-terminated array of ENGINE_CMD_DEFN
+  // entries to ENGINE_set_cmd_defns(). It should also implement a ctrl()
+  // handler that supports the stated commands (ie. the "cmd_num" entries as
+  // described by the array). NB: The array must be ordered in increasing order
+  // of cmd_num. "null-terminated" means that the last ENGINE_CMD_DEFN element
+  // has cmd_num set to zero and/or cmd_name set to NULL.
+  //
+  ENGINE_CMD_DEFN_st = record
+    cmd_num: TIdC_UINT;
+    cmd_name: PIdAnsiChar;
+    cmd_desc: PIdAnsiChar;
+    cmd_flags: TIdC_UINT;
+  end;
+  ENGINE_CMD_DEFN = ENGINE_CMD_DEFN_st;
+  PENGINE_CMD_DEFN = ^ENGINE_CMD_DEFN;
+
+  // Generic function pointer */
+  ENGINE_GEN_FUNC_PTR = function: TIdC_INT; cdecl;
+  // Generic function pointer taking no arguments */
+  ENGINE_GEN_INT_FUNC_PTR = function(v1: PENGINE): TIdC_INT; cdecl;
+  // Specific control function pointer */
+  f = procedure; cdecl;
+  ENGINE_CTRL_FUNC_PTR = function(v1: PENGINE; v2: TIdC_INT; v3: TIdC_LONG; v4: Pointer; v5: f): TIdC_INT; cdecl;
+  // Generic load_key function pointer */
+  ENGINE_LOAD_KEY_PTR = function(v1: PENGINE; const v2: PIdAnsiChar;
+    ui_method: PUI_METHOD; callback_data: Pointer): PEVP_PKEY; cdecl;
+  //ENGINE_SSL_CLIENT_CERT_PTR = function(v1: PENGINE; ssl: PSSL;
+  //  {STACK_OF(X509_NAME) *ca_dn;} pcert: PPX509; pkey: PPEVP_PKEY;
+  //  {STACK_OF(X509) **pother;} ui_method: PUI_METHOD; callback_data: Pointer): TIdC_INT; cdecl;
+
+  //
+  // These callback types are for an ENGINE's handler for cipher and digest logic.
+  // These handlers have these prototypes;
+  //   int foo(ENGINE *e, const EVP_CIPHER **cipher, const int **nids, int nid);
+  //   int foo(ENGINE *e, const EVP_MD **digest, const int **nids, int nid);
+  // Looking at how to implement these handlers in the case of cipher support, if
+  // the framework wants the EVP_CIPHER for 'nid', it will call;
+  //   foo(e, &p_evp_cipher, NULL, nid);    (return zero for failure)
+  // If the framework wants a list of supported 'nid's, it will call;
+  //   foo(e, NULL, &p_nids, 0); (returns number of 'nids' or -1 for error)
+  //
+  //
+  // Returns to a pointer to the array of supported cipher 'nid's. If the
+  // second parameter is non-NULL it is set to the size of the returned array.
+  //
+  ENGINE_CIPHERS_PTR = function(v1: PENGINE; const v2: PPEVP_CIPHER;
+    const v3: PPIdC_INT; v4: TIdC_INT): TIdC_INT; cdecl;
+  ENGINE_DIGESTS_PTR = function(v1: PENGINE; const v2: PPEVP_MD;
+    const v3: PPIdC_INT; v4: TIdC_INT): TIdC_INT; cdecl;
+  ENGINE_PKEY_METHS_PTR = function(v1: PENGINE; v2: PPEVP_PKEY_METHOD;
+    const v3: PPIdC_INT; v4: TIdC_INT): TIdC_INT; cdecl;
+  ENGINE_PKEY_ASN1_METHS_PTR = function(v1: PENGINE; v2: PPEVP_PKEY_ASN1_METHOD;
+    const v3: PPIdC_INT; v4: TIdC_INT): TIdC_INT; cdecl;
+
+  dyn_MEM_malloc_fn = function(v1: TIdC_SIZET; const v2: PIdAnsiChar; v3: TIdC_INT): Pointer; cdecl;
+  dyn_MEM_realloc_fn = function(v1: Pointer; v2: TIdC_SIZET; const v3: PIdAnsiChar; v4: TIdC_INT): Pointer; cdecl;
+  dyn_MEM_free_fn = procedure(v1: Pointer; const v2: PIdAnsiChar; v3: TIdC_INT); cdecl;
+
+  st_dynamic_MEM_fns = record
+    malloc_fn: dyn_MEM_malloc_fn;
+    realloc_fn: dyn_MEM_realloc_fn;
+    free_fn: dyn_MEM_free_fn;
+  end;
+  dynamic_MEM_fns = st_dynamic_MEM_fns;
+  
+  //*
+  // * FIXME: Perhaps the memory and locking code (crypto.h) should declare and
+  // * use these types so we (and any other dependent code) can simplify a bit??
+  // */
+  //* The top-level structure */
+  st_dynamic_fns = record
+    static_state: Pointer;
+    mem_fns: dynamic_MEM_fns;
+  end;
+  dynamic_fns = st_dynamic_fns;
+
+  //*
+  // * The version checking function should be of this prototype. NB: The
+  // * ossl_version value passed in is the OSSL_DYNAMIC_VERSION of the loading
+  // * code. If this function returns zero, it indicates a (potential) version
+  // * incompatibility and the loaded library doesn't believe it can proceed.
+  // * Otherwise, the returned value is the (latest) version supported by the
+  // * loading library. The loader may still decide that the loaded code's
+  // * version is unsatisfactory and could veto the load. The function is
+  // * expected to be implemented with the symbol name "v_check", and a default
+  // * implementation can be fully instantiated with
+  // * IMPLEMENT_DYNAMIC_CHECK_FN().
+  // */
+  dynamic_v_check_fn = function(ossl_version: TIdC_ULONG): TIdC_ULONG; cdecl;
+  //# define IMPLEMENT_DYNAMIC_CHECK_FN() \
+  //        OPENSSL_EXPORT unsigned long v_check(unsigned long v); \
+  //        OPENSSL_EXPORT unsigned long v_check(unsigned long v) { \
+  //                if (v >= OSSL_DYNAMIC_OLDEST) return OSSL_DYNAMIC_VERSION; \
+  //                return 0; }
+
+  //*
+  // * This function is passed the ENGINE structure to initialise with its own
+  // * function and command settings. It should not adjust the structural or
+  // * functional reference counts. If this function returns zero, (a) the load
+  // * will be aborted, (b) the previous ENGINE state will be memcpy'd back onto
+  // * the structure, and (c) the shared library will be unloaded. So
+  // * implementations should do their own internal cleanup in failure
+  // * circumstances otherwise they could leak. The 'id' parameter, if non-NULL,
+  // * represents the ENGINE id that the loader is looking for. If this is NULL,
+  // * the shared library can choose to return failure or to initialise a
+  // * 'default' ENGINE. If non-NULL, the shared library must initialise only an
+  // * ENGINE matching the passed 'id'. The function is expected to be
+  // * implemented with the symbol name "bind_engine". A standard implementation
+  // * can be instantiated with IMPLEMENT_DYNAMIC_BIND_FN(fn) where the parameter
+  // * 'fn' is a callback function that populates the ENGINE structure and
+  // * returns an int value (zero for failure). 'fn' should have prototype;
+  // * [static] int fn(ENGINE *e, const char *id);
+  // */
+  dynamic_bind_engine = function(e: PENGINE; const id: PIdAnsiChar;
+    const fns: dynamic_fns): TIdC_INT; cdecl;
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+procedure UnLoad;
+{$ENDREGION}
+
+var
+  //
+  // STRUCTURE functions ... all of these functions deal with pointers to
+  // ENGINE structures where the pointers have a "structural reference". This
+  // means that their reference is to allowed access to the structure but it
+  // does not imply that the structure is functional. To simply increment or
+  // decrement the structural reference count, use ENGINE_by_id and
+  // ENGINE_free. NB: This is not required when iterating using ENGINE_get_next
+  // as it will automatically decrement the structural reference count of the
+  // "current" ENGINE and increment the structural reference count of the
+  // ENGINE it returns (unless it is NULL).
+  //
+  // Get the first/last "ENGINE" type available. */
+  ENGINE_get_first: function: PENGINE cdecl = nil;
+  ENGINE_get_last: function: PENGINE cdecl = nil;
+  ENGINE_get_next: function(e: PENGINE): PENGINE cdecl = nil;
+  ENGINE_get_prev: function(e: PENGINE): PENGINE cdecl = nil;
+  ENGINE_add: function(e: PENGINE): TIdC_INT cdecl = nil;
+  ENGINE_remove: function(e: PENGINE): TIdC_INT cdecl = nil;
+  ENGINE_by_id: function(const id: PIdAnsiChar): PENGINE cdecl = nil;
+
+  ENGINE_load_builtin_engines: procedure cdecl = nil;
+
+  //
+  // Get and set global flags (ENGINE_TABLE_FLAG_***) for the implementation
+  // "registry" handling.
+  //
+  ENGINE_get_table_flags: function: TIdC_UINT cdecl = nil;
+  ENGINE_set_table_flags: procedure(flags: TIdC_UINT) cdecl = nil;
+
+  //- Manage registration of ENGINEs per "table". For each type, there are 3
+  // functions;
+  //   ENGINE_register_***(e) - registers the implementation from 'e' (if it has one)
+  //   ENGINE_unregister_***(e) - unregister the implementation from 'e'
+  //   ENGINE_register_all_***() - call ENGINE_register_***() for each 'e' in the list
+  // Cleanup is automatically registered from each table when required.
+  //
+
+  ENGINE_register_RSA: function(e: PENGINE): TIdC_INT cdecl = nil;
+  ENGINE_unregister_RSA: procedure(e: PENGINE) cdecl = nil;
+  ENGINE_register_all_RSA: procedure cdecl = nil;
+
+  ENGINE_register_DSA: function(e: PENGINE): TIdC_INT cdecl = nil;
+  ENGINE_unregister_DSA: procedure(e: PENGINE) cdecl = nil;
+  ENGINE_register_all_DSA: procedure cdecl = nil;
+
+  ENGINE_register_EC: function(e: PENGINE): TIdC_INT cdecl = nil;
+  ENGINE_unregister_EC: procedure(e: PENGINE) cdecl = nil;
+  ENGINE_register_all_EC: procedure cdecl = nil;
+
+  ENGINE_register_DH: function(e: PENGINE): TIdC_INT cdecl = nil;
+  ENGINE_unregister_DH: procedure(e: PENGINE) cdecl = nil;
+  ENGINE_register_all_DH: procedure cdecl = nil;
+
+  ENGINE_register_RAND: function(e: PENGINE): TIdC_INT cdecl = nil;
+  ENGINE_unregister_RAND: procedure(e: PENGINE) cdecl = nil;
+  ENGINE_register_all_RAND: procedure cdecl = nil;
+
+  ENGINE_register_ciphers: function(e: PENGINE): TIdC_INT cdecl = nil;
+  ENGINE_unregister_ciphers: procedure(e: PENGINE) cdecl = nil;
+  ENGINE_register_all_ciphers: procedure cdecl = nil;
+
+  ENGINE_register_digests: function(e: PENGINE): TIdC_INT cdecl = nil;
+  ENGINE_unregister_digests: procedure(e: PENGINE) cdecl = nil;
+  ENGINE_register_all_digests: procedure cdecl = nil;
+
+  ENGINE_register_pkey_meths: function(e: PENGINE): TIdC_INT cdecl = nil;
+  ENGINE_unregister_pkey_meths: procedure(e: PENGINE) cdecl = nil;
+  ENGINE_register_all_pkey_meths: procedure cdecl = nil;
+
+  ENGINE_register_pkey_asn1_meths: function(e: PENGINE): TIdC_INT cdecl = nil;
+  ENGINE_unregister_pkey_asn1_meths: procedure(e: PENGINE) cdecl = nil;
+  ENGINE_register_all_pkey_asn1_meths: procedure cdecl = nil;
+
+  //
+  // These functions register all support from the above categories. Note, use
+  // of these functions can result in static linkage of code your application
+  // may not need. If you only need a subset of functionality, consider using
+  // more selective initialisation.
+  //
+  ENGINE_register_complete: function(e: PENGINE): TIdC_INT cdecl = nil;
+  ENGINE_register_all_complete: function: TIdC_INT cdecl = nil;
+
+  //
+  // Send parameterised control commands to the engine. The possibilities to
+  // send down an integer, a pointer to data or a function pointer are
+  // provided. Any of the parameters may or may not be NULL, depending on the
+  // command number. In actuality, this function only requires a structural
+  // (rather than functional) reference to an engine, but many control commands
+  // may require the engine be functional. The caller should be aware of trying
+  // commands that require an operational ENGINE, and only use functional
+  // references in such situations.
+  //
+  ENGINE_ctrl: function(e: PENGINE; cmd: TIdC_INT; i: TIdC_LONG; p: Pointer; v1: f): TIdC_INT cdecl = nil;
+
+  //
+  // This function tests if an ENGINE-specific command is usable as a
+  // "setting". Eg. in an application's config file that gets processed through
+  // ENGINE_ctrl_cmd_string(). If this returns zero, it is not available to
+  // ENGINE_ctrl_cmd_string(), only ENGINE_ctrl().
+  //
+  ENGINE_cmd_is_executable: function(e: PENGINE; cmd: TIdC_INT): TIdC_INT cdecl = nil;
+
+  //
+  // This function works like ENGINE_ctrl() with the exception of taking a
+  // command name instead of a command number, and can handle optional
+  // commands. See the comment on ENGINE_ctrl_cmd_string() for an explanation
+  // on how to use the cmd_name and cmd_optional.
+  //
+  ENGINE_ctrl_cmd: function(e: PENGINE; const cmd_name: PIdAnsiChar; i: TIdC_LONG; p: Pointer; v1: f; cmd_optional: TIdC_INT): TIdC_INT cdecl = nil;
+
+  //
+  // This function passes a command-name and argument to an ENGINE. The
+  // cmd_name is converted to a command number and the control command is
+  // called using 'arg' as an argument (unless the ENGINE doesn't support such
+  // a command, in which case no control command is called). The command is
+  // checked for input flags, and if necessary the argument will be converted
+  // to a numeric value. If cmd_optional is non-zero, then if the ENGINE
+  // doesn't support the given cmd_name the return value will be success
+  // anyway. This function is intended for applications to use so that users
+  // (or config files) can supply engine-specific config data to the ENGINE at
+  // run-time to control behaviour of specific engines. As such, it shouldn't
+  // be used for calling ENGINE_ctrl() functions that return data, deal with
+  // binary data, or that are otherwise supposed to be used directly through
+  // ENGINE_ctrl() in application code. Any "return" data from an ENGINE_ctrl()
+  // operation in this function will be lost - the return value is interpreted
+  // as failure if the return value is zero, success otherwise, and this
+  // function returns a boolean value as a result. In other words, vendors of
+  // 'ENGINE'-enabled devices should write ENGINE implementations with
+  // parameterisations that work in this scheme, so that compliant ENGINE-based
+  // applications can work consistently with the same configuration for the
+  // same ENGINE-enabled devices, across applications.
+  //
+  ENGINE_ctrl_cmd_string: function(e: PENGINE; const cmd_name: PIdAnsiChar; const arg: PIdAnsiChar; cmd_optional: TIdC_INT): TIdC_INT cdecl = nil;
+
+  //
+  // These functions are useful for manufacturing new ENGINE structures. They
+  // don't address reference counting at all - one uses them to populate an
+  // ENGINE structure with personalised implementations of things prior to
+  // using it directly or adding it to the builtin ENGINE list in OpenSSL.
+  // These are also here so that the ENGINE structure doesn't have to be
+  // exposed and break binary compatibility!
+  //
+  ENGINE_new: function: PENGINE cdecl = nil;
+  ENGINE_free: function(e: PENGINE): TIdC_INT cdecl = nil;
+  ENGINE_up_ref: function(e: PENGINE): TIdC_INT cdecl = nil;
+  ENGINE_set_id: function(e: PENGINE; const id: PIdAnsiChar): TIdC_INT cdecl = nil;
+  ENGINE_set_name: function(e: PENGINE; const name: PIdAnsiChar): TIdC_INT cdecl = nil;
+  ENGINE_set_RSA: function(e: PENGINE; const rsa_meth: PRSA_METHOD): TIdC_INT cdecl = nil;
+  ENGINE_set_DSA: function(e: PENGINE; const dsa_meth: PDSA_METHOD): TIdC_INT cdecl = nil;
+  ENGINE_set_EC: function(e: PENGINE; const ecdsa_meth: PEC_KEY_METHOD): TIdC_INT cdecl = nil;
+  ENGINE_set_DH: function(e: PENGINE; const dh_meth: PDH_METHOD): TIdC_INT cdecl = nil;
+  ENGINE_set_RAND: function(e: PENGINE; const rand_meth: PRAND_METHOD): TIdC_INT cdecl = nil;
+  ENGINE_set_destroy_function: function(e: PENGINE; destroy_f: ENGINE_GEN_INT_FUNC_PTR): TIdC_INT cdecl = nil;
+  ENGINE_set_init_function: function(e: PENGINE; init_f: ENGINE_GEN_INT_FUNC_PTR): TIdC_INT cdecl = nil;
+  ENGINE_set_finish_function: function(e: PENGINE; finish_f: ENGINE_GEN_INT_FUNC_PTR): TIdC_INT cdecl = nil;
+  ENGINE_set_ctrl_function: function(e: PENGINE; ctrl_f: ENGINE_CTRL_FUNC_PTR): TIdC_INT cdecl = nil;
+  ENGINE_set_load_privkey_function: function(e: PENGINE; loadpriv_f: ENGINE_LOAD_KEY_PTR): TIdC_INT cdecl = nil;
+  ENGINE_set_load_pubkey_function: function(e: PENGINE; loadpub_f: ENGINE_LOAD_KEY_PTR): TIdC_INT cdecl = nil;
+  //function ENGINE_set_load_ssl_client_cert_function(e: PENGINE; loadssl_f: ENGINE_SSL_CLIENT_CERT_PTR): TIdC_INT;
+  ENGINE_set_ciphers: function(e: PENGINE; f: ENGINE_CIPHERS_PTR): TIdC_INT cdecl = nil;
+  ENGINE_set_digests: function(e: PENGINE; f: ENGINE_DIGESTS_PTR): TIdC_INT cdecl = nil;
+  ENGINE_set_pkey_meths: function(e: PENGINE; f: ENGINE_PKEY_METHS_PTR): TIdC_INT cdecl = nil;
+  ENGINE_set_pkey_asn1_meths: function(e: PENGINE; f: ENGINE_PKEY_ASN1_METHS_PTR): TIdC_INT cdecl = nil;
+  ENGINE_set_flags: function(e: PENGINE; flags: TIdC_INT): TIdC_INT cdecl = nil;
+  ENGINE_set_cmd_defns: function(e: PENGINE; const defns: PENGINE_CMD_DEFN): TIdC_INT cdecl = nil;
+  // These functions allow control over any per-structure ENGINE data. */
+  //#define ENGINE_get_ex_new_index(l, p, newf, dupf, freef) CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_ENGINE, l, p, newf, dupf, freef)
+  ENGINE_set_ex_data: function(e: PENGINE; idx: TIdC_INT; arg: Pointer): TIdC_INT cdecl = nil;
+  ENGINE_get_ex_data: function(const e: PENGINE; idx: TIdC_INT): Pointer cdecl = nil;
+
+  //
+  // These return values from within the ENGINE structure. These can be useful
+  // with functional references as well as structural references - it depends
+  // which you obtained. Using the result for functional purposes if you only
+  // obtained a structural reference may be problematic!
+  //
+  ENGINE_get_id: function(const e: PENGINE): PIdAnsiChar cdecl = nil;
+  ENGINE_get_name: function(const e: PENGINE): PIdAnsiChar cdecl = nil;
+  ENGINE_get_RSA: function(const e: PENGINE): PRSA_METHOD cdecl = nil;
+  ENGINE_get_DSA: function(const e: PENGINE): PDSA_METHOD cdecl = nil;
+  ENGINE_get_EC: function(const e: PENGINE): PEC_METHOD cdecl = nil;
+  ENGINE_get_DH: function(const e: PENGINE): PDH_METHOD cdecl = nil;
+  ENGINE_get_RAND: function(const e: PENGINE): PRAND_METHOD cdecl = nil;
+  ENGINE_get_destroy_function: function(const e: PENGINE): ENGINE_GEN_INT_FUNC_PTR cdecl = nil;
+  ENGINE_get_init_function: function(const e: PENGINE): ENGINE_GEN_INT_FUNC_PTR cdecl = nil;
+  ENGINE_get_finish_function: function(const e: PENGINE): ENGINE_GEN_INT_FUNC_PTR cdecl = nil;
+  ENGINE_get_ctrl_function: function(const e: PENGINE): ENGINE_CTRL_FUNC_PTR cdecl = nil;
+  ENGINE_get_load_privkey_function: function(const e: PENGINE): ENGINE_LOAD_KEY_PTR cdecl = nil;
+  ENGINE_get_load_pubkey_function: function(const e: PENGINE): ENGINE_LOAD_KEY_PTR cdecl = nil;
+  //function ENGINE_get_ssl_client_cert_function(const e: PENGINE): ENGINE_SSL_CLIENT_CERT_PTR;
+  
+  ENGINE_get_ciphers: function(const e: PENGINE): ENGINE_CIPHERS_PTR cdecl = nil;
+  ENGINE_get_digests: function(const e: PENGINE): ENGINE_DIGESTS_PTR cdecl = nil;
+  ENGINE_get_pkey_meths: function(const e: PENGINE): ENGINE_PKEY_METHS_PTR cdecl = nil;
+  ENGINE_get_pkey_asn1_meths: function(const e: PENGINE): ENGINE_PKEY_ASN1_METHS_PTR cdecl = nil;
+  ENGINE_get_cipher: function(e: PENGINE; nid: TIdC_INT): PEVP_CIPHER cdecl = nil;
+  ENGINE_get_digest: function(e: PENGINE; nid: TIdC_INT): PEVP_MD cdecl = nil;
+  ENGINE_get_pkey_meth: function(e: PENGINE; nid: TIdC_INT): PEVP_PKEY_METHOD cdecl = nil;
+  ENGINE_get_pkey_asn1_meth: function(e: PENGINE; nid: TIdC_INT): PEVP_PKEY_ASN1_METHOD cdecl = nil;
+  ENGINE_get_pkey_asn1_meth_str: function(e: PENGINE; const str: PIdAnsiChar; len: TIdC_INT): PEVP_PKEY_ASN1_METHOD cdecl = nil;
+  ENGINE_pkey_asn1_find_str: function(pe: PPENGINE; const str: PIdAnsiChar; len: TIdC_INT): PEVP_PKEY_ASN1_METHOD cdecl = nil;
+  ENGINE_get_cmd_defns: function(const e: PENGINE): PENGINE_CMD_DEFN cdecl = nil;
+  ENGINE_get_flags: function(const e: PENGINE): TIdC_INT cdecl = nil;
+
+  ///*
+  // * FUNCTIONAL functions. These functions deal with ENGINE structures that
+  // * have (or will) be initialised for use. Broadly speaking, the structural
+  // * functions are useful for iterating the list of available engine types,
+  // * creating new engine types, and other "list" operations. These functions
+  // * actually deal with ENGINEs that are to be used. As such these functions
+  // * can fail (if applicable) when particular engines are unavailable - eg. if
+  // * a hardware accelerator is not attached or not functioning correctly. Each
+  // * ENGINE has 2 reference counts; structural and functional. Every time a
+  // * functional reference is obtained or released, a corresponding structural
+  // * reference is automatically obtained or released too.
+  // */
+
+  ///*
+  // * Initialise a engine type for use (or up its reference count if it's
+  // * already in use). This will fail if the engine is not currently operational
+  // * and cannot initialise.
+  // */
+  ENGINE_init: function(e: PENGINE): TIdC_INT cdecl = nil;
+  ///*
+  // * Free a functional reference to a engine type. This does not require a
+  // * corresponding call to ENGINE_free as it also releases a structural
+  // * reference.
+  // */
+  ENGINE_finish: function(e: PENGINE): TIdC_INT cdecl = nil;
+
+  ///*
+  // * The following functions handle keys that are stored in some secondary
+  // * location, handled by the engine.  The storage may be on a card or
+  // * whatever.
+  // */
+  ENGINE_load_private_key: function(e: PENGINE; const key_id: PIdAnsiChar; ui_method: PUI_METHOD; callback_data: Pointer): PEVP_PKEY cdecl = nil;
+  ENGINE_load_public_key: function(e: PENGINE; const key_id: PIdAnsiChar; ui_method: PUI_METHOD; callback_data: Pointer): PEVP_PKEY cdecl = nil;
+  //function ENGINE_load_ssl_client_cert(e: PENGINE; s: PSSL;
+  //  {STACK_OF(X509) *ca_dn;} {STACK_OF(X509) **pother;} ui_method: PUI_METHOD;
+  //  callback_data: Pointer): TIdC_INT;
+
+  ///*
+  // * This returns a pointer for the current ENGINE structure that is (by
+  // * default) performing any RSA operations. The value returned is an
+  // * incremented reference, so it should be free'd (ENGINE_finish) before it is
+  // * discarded.
+  // */
+  ENGINE_get_default_RSA: function: PENGINE cdecl = nil;
+  //* Same for the other "methods" */
+  ENGINE_get_default_DSA: function: PENGINE cdecl = nil;
+  ENGINE_get_default_EC: function: PENGINE cdecl = nil;
+  ENGINE_get_default_DH: function: PENGINE cdecl = nil;
+  ENGINE_get_default_RAND: function: PENGINE cdecl = nil;
+  ///*
+  // * These functions can be used to get a functional reference to perform
+  // * ciphering or digesting corresponding to "nid".
+  // */
+  ENGINE_get_cipher_engine: function(nid: TIdC_INT): PENGINE cdecl = nil;
+  ENGINE_get_digest_engine: function(nid: TIdC_INT): PENGINE cdecl = nil;
+  ENGINE_get_pkey_meth_engine: function(nid: TIdC_INT): PENGINE cdecl = nil;
+  ENGINE_get_pkey_asn1_meth_engine: function(nid: TIdC_INT): PENGINE cdecl = nil;
+  ///*
+  // * This sets a new default ENGINE structure for performing RSA operations. If
+  // * the result is non-zero (success) then the ENGINE structure will have had
+  // * its reference count up'd so the caller should still free their own
+  // * reference 'e'.
+  // */
+  ENGINE_set_default_RSA: function(e: PENGINE): TIdC_INT cdecl = nil;
+  ENGINE_set_default_string: function(e: PENGINE; const def_list: PIdAnsiChar): TIdC_INT cdecl = nil;
+  // Same for the other "methods"
+  ENGINE_set_default_DSA: function(e: PENGINE): TIdC_INT cdecl = nil;
+  ENGINE_set_default_EC: function(e: PENGINE): TIdC_INT cdecl = nil;
+  ENGINE_set_default_DH: function(e: PENGINE): TIdC_INT cdecl = nil;
+  ENGINE_set_default_RAND: function(e: PENGINE): TIdC_INT cdecl = nil;
+  ENGINE_set_default_ciphers: function(e: PENGINE): TIdC_INT cdecl = nil;
+  ENGINE_set_default_digests: function(e: PENGINE): TIdC_INT cdecl = nil;
+  ENGINE_set_default_pkey_meths: function(e: PENGINE): TIdC_INT cdecl = nil;
+  ENGINE_set_default_pkey_asn1_meths: function(e: PENGINE): TIdC_INT cdecl = nil;
+
+  ///*
+  // * The combination "set" - the flags are bitwise "OR"d from the
+  // * ENGINE_METHOD_*** defines above. As with the "ENGINE_register_complete()"
+  // * function, this function can result in unnecessary static linkage. If your
+  // * application requires only specific functionality, consider using more
+  // * selective functions.
+  // */
+  ENGINE_set_default: function(e: PENGINE; flags: TIdC_ULONG): TIdC_INT cdecl = nil;
+
+  ENGINE_add_conf_module: procedure cdecl = nil;
+
+  ///* Deprecated functions ... */
+  ///* int ENGINE_clear_defaults(void); */
+  //
+  //**************************/
+  //* DYNAMIC ENGINE SUPPORT */
+  //**************************/
+  //
+  //* Binary/behaviour compatibility levels */
+  //# define OSSL_DYNAMIC_VERSION            (unsigned long)0x00030000
+  //*
+  // * Binary versions older than this are too old for us (whether we're a loader
+  // * or a loadee)
+  // */
+  //# define OSSL_DYNAMIC_OLDEST             (unsigned long)0x00030000
+  //
+  //*
+  // * When compiling an ENGINE entirely as an external shared library, loadable
+  // * by the "dynamic" ENGINE, these types are needed. The 'dynamic_fns'
+  // * structure type provides the calling application's (or library's) error
+  // * functionality and memory management function pointers to the loaded
+  // * library. These should be used/set in the loaded library code so that the
+  // * loading application's 'state' will be used/changed in all operations. The
+  // * 'static_state' pointer allows the loaded library to know if it shares the
+  // * same static data as the calling application (or library), and thus whether
+  // * these callbacks need to be set or not.
+  // */
+
+
+  //# define IMPLEMENT_DYNAMIC_BIND_FN(fn) \
+  //        OPENSSL_EXPORT \
+  //        int bind_engine(ENGINE *e, const char *id, const dynamic_fns *fns); \
+  //        OPENSSL_EXPORT \
+  //        int bind_engine(ENGINE *e, const char *id, const dynamic_fns *fns) { \
+  //            if (ENGINE_get_static_state() == fns->static_state) goto skip_cbs; \
+  //            CRYPTO_set_mem_functions(fns->mem_fns.malloc_fn, \
+  //                                     fns->mem_fns.realloc_fn, \
+  //                                     fns->mem_fns.free_fn); \
+  //        skip_cbs: \
+  //            if (!fn(e, id)) return 0; \
+  //            return 1; }
+  //
+  //*
+  // * If the loading application (or library) and the loaded ENGINE library
+  // * share the same static data (eg. they're both dynamically linked to the
+  // * same libcrypto.so) we need a way to avoid trying to set system callbacks -
+  // * this would fail, and for the same reason that it's unnecessary to try. If
+  // * the loaded ENGINE has (or gets from through the loader) its own copy of
+  // * the libcrypto static data, we will need to set the callbacks. The easiest
+  // * way to detect this is to have a function that returns a pointer to some
+  // * static data and let the loading application and loaded ENGINE compare
+  // * their respective values.
+  // */
+  ENGINE_get_static_state: function: Pointer cdecl = nil;
+
+implementation
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+
+  function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
+  begin
+    Result := LoadLibFunction(ADllHandle, AMethodName);
+    if not Assigned(Result) then
+      AFailed.Add(AMethodName);
+  end;
+
+begin
+  ENGINE_get_first := LoadFunction('ENGINE_get_first', AFailed);
+  ENGINE_get_last := LoadFunction('ENGINE_get_last', AFailed);
+  ENGINE_get_next := LoadFunction('ENGINE_get_next', AFailed);
+  ENGINE_get_prev := LoadFunction('ENGINE_get_prev', AFailed);
+  ENGINE_add := LoadFunction('ENGINE_add', AFailed);
+  ENGINE_remove := LoadFunction('ENGINE_remove', AFailed);
+  ENGINE_by_id := LoadFunction('ENGINE_by_id', AFailed);
+  ENGINE_load_builtin_engines := LoadFunction('ENGINE_load_builtin_engines', AFailed);
+  ENGINE_get_table_flags := LoadFunction('ENGINE_get_table_flags', AFailed);
+  ENGINE_set_table_flags := LoadFunction('ENGINE_set_table_flags', AFailed);
+  ENGINE_register_RSA := LoadFunction('ENGINE_register_RSA', AFailed);
+  ENGINE_unregister_RSA := LoadFunction('ENGINE_unregister_RSA', AFailed);
+  ENGINE_register_all_RSA := LoadFunction('ENGINE_register_all_RSA', AFailed);
+  ENGINE_register_DSA := LoadFunction('ENGINE_register_DSA', AFailed);
+  ENGINE_unregister_DSA := LoadFunction('ENGINE_unregister_DSA', AFailed);
+  ENGINE_register_all_DSA := LoadFunction('ENGINE_register_all_DSA', AFailed);
+  ENGINE_register_EC := LoadFunction('ENGINE_register_EC', AFailed);
+  ENGINE_unregister_EC := LoadFunction('ENGINE_unregister_EC', AFailed);
+  ENGINE_register_all_EC := LoadFunction('ENGINE_register_all_EC', AFailed);
+  ENGINE_register_DH := LoadFunction('ENGINE_register_DH', AFailed);
+  ENGINE_unregister_DH := LoadFunction('ENGINE_unregister_DH', AFailed);
+  ENGINE_register_all_DH := LoadFunction('ENGINE_register_all_DH', AFailed);
+  ENGINE_register_RAND := LoadFunction('ENGINE_register_RAND', AFailed);
+  ENGINE_unregister_RAND := LoadFunction('ENGINE_unregister_RAND', AFailed);
+  ENGINE_register_all_RAND := LoadFunction('ENGINE_register_all_RAND', AFailed);
+  ENGINE_register_ciphers := LoadFunction('ENGINE_register_ciphers', AFailed);
+  ENGINE_unregister_ciphers := LoadFunction('ENGINE_unregister_ciphers', AFailed);
+  ENGINE_register_all_ciphers := LoadFunction('ENGINE_register_all_ciphers', AFailed);
+  ENGINE_register_digests := LoadFunction('ENGINE_register_digests', AFailed);
+  ENGINE_unregister_digests := LoadFunction('ENGINE_unregister_digests', AFailed);
+  ENGINE_register_all_digests := LoadFunction('ENGINE_register_all_digests', AFailed);
+  ENGINE_register_pkey_meths := LoadFunction('ENGINE_register_pkey_meths', AFailed);
+  ENGINE_unregister_pkey_meths := LoadFunction('ENGINE_unregister_pkey_meths', AFailed);
+  ENGINE_register_all_pkey_meths := LoadFunction('ENGINE_register_all_pkey_meths', AFailed);
+  ENGINE_register_pkey_asn1_meths := LoadFunction('ENGINE_register_pkey_asn1_meths', AFailed);
+  ENGINE_unregister_pkey_asn1_meths := LoadFunction('ENGINE_unregister_pkey_asn1_meths', AFailed);
+  ENGINE_register_all_pkey_asn1_meths := LoadFunction('ENGINE_register_all_pkey_asn1_meths', AFailed);
+  ENGINE_register_complete := LoadFunction('ENGINE_register_complete', AFailed);
+  ENGINE_register_all_complete := LoadFunction('ENGINE_register_all_complete', AFailed);
+  ENGINE_ctrl := LoadFunction('ENGINE_ctrl', AFailed);
+  ENGINE_cmd_is_executable := LoadFunction('ENGINE_cmd_is_executable', AFailed);
+  ENGINE_ctrl_cmd := LoadFunction('ENGINE_ctrl_cmd', AFailed);
+  ENGINE_ctrl_cmd_string := LoadFunction('ENGINE_ctrl_cmd_string', AFailed);
+  ENGINE_new := LoadFunction('ENGINE_new', AFailed);
+  ENGINE_free := LoadFunction('ENGINE_free', AFailed);
+  ENGINE_up_ref := LoadFunction('ENGINE_up_ref', AFailed);
+  ENGINE_set_id := LoadFunction('ENGINE_set_id', AFailed);
+  ENGINE_set_name := LoadFunction('ENGINE_set_name', AFailed);
+  ENGINE_set_RSA := LoadFunction('ENGINE_set_RSA', AFailed);
+  ENGINE_set_DSA := LoadFunction('ENGINE_set_DSA', AFailed);
+  ENGINE_set_EC := LoadFunction('ENGINE_set_EC', AFailed);
+  ENGINE_set_DH := LoadFunction('ENGINE_set_DH', AFailed);
+  ENGINE_set_RAND := LoadFunction('ENGINE_set_RAND', AFailed);
+  ENGINE_set_destroy_function := LoadFunction('ENGINE_set_destroy_function', AFailed);
+  ENGINE_set_init_function := LoadFunction('ENGINE_set_init_function', AFailed);
+  ENGINE_set_finish_function := LoadFunction('ENGINE_set_finish_function', AFailed);
+  ENGINE_set_ctrl_function := LoadFunction('ENGINE_set_ctrl_function', AFailed);
+  ENGINE_set_load_privkey_function := LoadFunction('ENGINE_set_load_privkey_function', AFailed);
+  ENGINE_set_load_pubkey_function := LoadFunction('ENGINE_set_load_pubkey_function', AFailed);
+  ENGINE_set_ciphers := LoadFunction('ENGINE_set_ciphers', AFailed);
+  ENGINE_set_digests := LoadFunction('ENGINE_set_digests', AFailed);
+  ENGINE_set_pkey_meths := LoadFunction('ENGINE_set_pkey_meths', AFailed);
+  ENGINE_set_pkey_asn1_meths := LoadFunction('ENGINE_set_pkey_asn1_meths', AFailed);
+  ENGINE_set_flags := LoadFunction('ENGINE_set_flags', AFailed);
+  ENGINE_set_cmd_defns := LoadFunction('ENGINE_set_cmd_defns', AFailed);
+  ENGINE_set_ex_data := LoadFunction('ENGINE_set_ex_data', AFailed);
+  ENGINE_get_ex_data := LoadFunction('ENGINE_get_ex_data', AFailed);
+  ENGINE_get_id := LoadFunction('ENGINE_get_id', AFailed);
+  ENGINE_get_name := LoadFunction('ENGINE_get_name', AFailed);
+  ENGINE_get_RSA := LoadFunction('ENGINE_get_RSA', AFailed);
+  ENGINE_get_DSA := LoadFunction('ENGINE_get_DSA', AFailed);
+  ENGINE_get_EC := LoadFunction('ENGINE_get_EC', AFailed);
+  ENGINE_get_DH := LoadFunction('ENGINE_get_DH', AFailed);
+  ENGINE_get_RAND := LoadFunction('ENGINE_get_RAND', AFailed);
+  ENGINE_get_destroy_function := LoadFunction('ENGINE_get_destroy_function', AFailed);
+  ENGINE_get_init_function := LoadFunction('ENGINE_get_init_function', AFailed);
+  ENGINE_get_finish_function := LoadFunction('ENGINE_get_finish_function', AFailed);
+  ENGINE_get_ctrl_function := LoadFunction('ENGINE_get_ctrl_function', AFailed);
+  ENGINE_get_load_privkey_function := LoadFunction('ENGINE_get_load_privkey_function', AFailed);
+  ENGINE_get_load_pubkey_function := LoadFunction('ENGINE_get_load_pubkey_function', AFailed);
+  ENGINE_get_ciphers := LoadFunction('ENGINE_get_ciphers', AFailed);
+  ENGINE_get_digests := LoadFunction('ENGINE_get_digests', AFailed);
+  ENGINE_get_pkey_meths := LoadFunction('ENGINE_get_pkey_meths', AFailed);
+  ENGINE_get_pkey_asn1_meths := LoadFunction('ENGINE_get_pkey_asn1_meths', AFailed);
+  ENGINE_get_cipher := LoadFunction('ENGINE_get_cipher', AFailed);
+  ENGINE_get_digest := LoadFunction('ENGINE_get_digest', AFailed);
+  ENGINE_get_pkey_meth := LoadFunction('ENGINE_get_pkey_meth', AFailed);
+  ENGINE_get_pkey_asn1_meth := LoadFunction('ENGINE_get_pkey_asn1_meth', AFailed);
+  ENGINE_get_pkey_asn1_meth_str := LoadFunction('ENGINE_get_pkey_asn1_meth_str', AFailed);
+  ENGINE_pkey_asn1_find_str := LoadFunction('ENGINE_pkey_asn1_find_str', AFailed);
+  ENGINE_get_cmd_defns := LoadFunction('ENGINE_get_cmd_defns', AFailed);
+  ENGINE_get_flags := LoadFunction('ENGINE_get_flags', AFailed);
+  ENGINE_init := LoadFunction('ENGINE_init', AFailed);
+  ENGINE_finish := LoadFunction('ENGINE_finish', AFailed);
+  ENGINE_load_private_key := LoadFunction('ENGINE_load_private_key', AFailed);
+  ENGINE_load_public_key := LoadFunction('ENGINE_load_public_key', AFailed);
+  ENGINE_get_default_RSA := LoadFunction('ENGINE_get_default_RSA', AFailed);
+  ENGINE_get_default_DSA := LoadFunction('ENGINE_get_default_DSA', AFailed);
+  ENGINE_get_default_EC := LoadFunction('ENGINE_get_default_EC', AFailed);
+  ENGINE_get_default_DH := LoadFunction('ENGINE_get_default_DH', AFailed);
+  ENGINE_get_default_RAND := LoadFunction('ENGINE_get_default_RAND', AFailed);
+  ENGINE_get_cipher_engine := LoadFunction('ENGINE_get_cipher_engine', AFailed);
+  ENGINE_get_digest_engine := LoadFunction('ENGINE_get_digest_engine', AFailed);
+  ENGINE_get_pkey_meth_engine := LoadFunction('ENGINE_get_pkey_meth_engine', AFailed);
+  ENGINE_get_pkey_asn1_meth_engine := LoadFunction('ENGINE_get_pkey_asn1_meth_engine', AFailed);
+  ENGINE_set_default_RSA := LoadFunction('ENGINE_set_default_RSA', AFailed);
+  ENGINE_set_default_string := LoadFunction('ENGINE_set_default_string', AFailed);
+  ENGINE_set_default_DSA := LoadFunction('ENGINE_set_default_DSA', AFailed);
+  ENGINE_set_default_EC := LoadFunction('ENGINE_set_default_EC', AFailed);
+  ENGINE_set_default_DH := LoadFunction('ENGINE_set_default_DH', AFailed);
+  ENGINE_set_default_RAND := LoadFunction('ENGINE_set_default_RAND', AFailed);
+  ENGINE_set_default_ciphers := LoadFunction('ENGINE_set_default_ciphers', AFailed);
+  ENGINE_set_default_digests := LoadFunction('ENGINE_set_default_digests', AFailed);
+  ENGINE_set_default_pkey_meths := LoadFunction('ENGINE_set_default_pkey_meths', AFailed);
+  ENGINE_set_default_pkey_asn1_meths := LoadFunction('ENGINE_set_default_pkey_asn1_meths', AFailed);
+  ENGINE_set_default := LoadFunction('ENGINE_set_default', AFailed);
+  ENGINE_add_conf_module := LoadFunction('ENGINE_add_conf_module', AFailed);
+  ENGINE_get_static_state := LoadFunction('ENGINE_get_static_state', AFailed);
+end;
+
+procedure UnLoad;
+begin
+  ENGINE_get_first := nil;
+  ENGINE_get_last := nil;
+  ENGINE_get_next := nil;
+  ENGINE_get_prev := nil;
+  ENGINE_add := nil;
+  ENGINE_remove := nil;
+  ENGINE_by_id := nil;
+  ENGINE_load_builtin_engines := nil;
+  ENGINE_get_table_flags := nil;
+  ENGINE_set_table_flags := nil;
+  ENGINE_register_RSA := nil;
+  ENGINE_unregister_RSA := nil;
+  ENGINE_register_all_RSA := nil;
+  ENGINE_register_DSA := nil;
+  ENGINE_unregister_DSA := nil;
+  ENGINE_register_all_DSA := nil;
+  ENGINE_register_EC := nil;
+  ENGINE_unregister_EC := nil;
+  ENGINE_register_all_EC := nil;
+  ENGINE_register_DH := nil;
+  ENGINE_unregister_DH := nil;
+  ENGINE_register_all_DH := nil;
+  ENGINE_register_RAND := nil;
+  ENGINE_unregister_RAND := nil;
+  ENGINE_register_all_RAND := nil;
+  ENGINE_register_ciphers := nil;
+  ENGINE_unregister_ciphers := nil;
+  ENGINE_register_all_ciphers := nil;
+  ENGINE_register_digests := nil;
+  ENGINE_unregister_digests := nil;
+  ENGINE_register_all_digests := nil;
+  ENGINE_register_pkey_meths := nil;
+  ENGINE_unregister_pkey_meths := nil;
+  ENGINE_register_all_pkey_meths := nil;
+  ENGINE_register_pkey_asn1_meths := nil;
+  ENGINE_unregister_pkey_asn1_meths := nil;
+  ENGINE_register_all_pkey_asn1_meths := nil;
+  ENGINE_register_complete := nil;
+  ENGINE_register_all_complete := nil;
+  ENGINE_ctrl := nil;
+  ENGINE_cmd_is_executable := nil;
+  ENGINE_ctrl_cmd := nil;
+  ENGINE_ctrl_cmd_string := nil;
+  ENGINE_new := nil;
+  ENGINE_free := nil;
+  ENGINE_up_ref := nil;
+  ENGINE_set_id := nil;
+  ENGINE_set_name := nil;
+  ENGINE_set_RSA := nil;
+  ENGINE_set_DSA := nil;
+  ENGINE_set_EC := nil;
+  ENGINE_set_DH := nil;
+  ENGINE_set_RAND := nil;
+  ENGINE_set_destroy_function := nil;
+  ENGINE_set_init_function := nil;
+  ENGINE_set_finish_function := nil;
+  ENGINE_set_ctrl_function := nil;
+  ENGINE_set_load_privkey_function := nil;
+  ENGINE_set_load_pubkey_function := nil;
+  ENGINE_set_ciphers := nil;
+  ENGINE_set_digests := nil;
+  ENGINE_set_pkey_meths := nil;
+  ENGINE_set_pkey_asn1_meths := nil;
+  ENGINE_set_flags := nil;
+  ENGINE_set_cmd_defns := nil;
+  ENGINE_set_ex_data := nil;
+  ENGINE_get_ex_data := nil;
+  ENGINE_get_id := nil;
+  ENGINE_get_name := nil;
+  ENGINE_get_RSA := nil;
+  ENGINE_get_DSA := nil;
+  ENGINE_get_EC := nil;
+  ENGINE_get_DH := nil;
+  ENGINE_get_RAND := nil;
+  ENGINE_get_destroy_function := nil;
+  ENGINE_get_init_function := nil;
+  ENGINE_get_finish_function := nil;
+  ENGINE_get_ctrl_function := nil;
+  ENGINE_get_load_privkey_function := nil;
+  ENGINE_get_load_pubkey_function := nil;
+  ENGINE_get_ciphers := nil;
+  ENGINE_get_digests := nil;
+  ENGINE_get_pkey_meths := nil;
+  ENGINE_get_pkey_asn1_meths := nil;
+  ENGINE_get_cipher := nil;
+  ENGINE_get_digest := nil;
+  ENGINE_get_pkey_meth := nil;
+  ENGINE_get_pkey_asn1_meth := nil;
+  ENGINE_get_pkey_asn1_meth_str := nil;
+  ENGINE_pkey_asn1_find_str := nil;
+  ENGINE_get_cmd_defns := nil;
+  ENGINE_get_flags := nil;
+  ENGINE_init := nil;
+  ENGINE_finish := nil;
+  ENGINE_load_private_key := nil;
+  ENGINE_load_public_key := nil;
+  ENGINE_get_default_RSA := nil;
+  ENGINE_get_default_DSA := nil;
+  ENGINE_get_default_EC := nil;
+  ENGINE_get_default_DH := nil;
+  ENGINE_get_default_RAND := nil;
+  ENGINE_get_cipher_engine := nil;
+  ENGINE_get_digest_engine := nil;
+  ENGINE_get_pkey_meth_engine := nil;
+  ENGINE_get_pkey_asn1_meth_engine := nil;
+  ENGINE_set_default_RSA := nil;
+  ENGINE_set_default_string := nil;
+  ENGINE_set_default_DSA := nil;
+  ENGINE_set_default_EC := nil;
+  ENGINE_set_default_DH := nil;
+  ENGINE_set_default_RAND := nil;
+  ENGINE_set_default_ciphers := nil;
+  ENGINE_set_default_digests := nil;
+  ENGINE_set_default_pkey_meths := nil;
+  ENGINE_set_default_pkey_asn1_meths := nil;
+  ENGINE_set_default := nil;
+  ENGINE_add_conf_module := nil;
+  ENGINE_get_static_state := nil;
+end;
+{$ENDREGION}
+
+end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_engineerr.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_engineerr.pas
new file mode 100644
index 000000000..675fb4645
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_engineerr.pas
@@ -0,0 +1,162 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 15:01:04
+
+unit IdOpenSSLHeaders_engineerr;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// engineerr.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  Classes,
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+const
+  (*
+   * ENGINE function codes.
+   *)
+  ENGINE_F_DIGEST_UPDATE = 198;
+  ENGINE_F_DYNAMIC_CTRL = 180;
+  ENGINE_F_DYNAMIC_GET_DATA_CTX = 181;
+  ENGINE_F_DYNAMIC_LOAD = 182;
+  ENGINE_F_DYNAMIC_SET_DATA_CTX = 183;
+  ENGINE_F_ENGINE_ADD = 105;
+  ENGINE_F_ENGINE_BY_ID = 106;
+  ENGINE_F_ENGINE_CMD_IS_EXECUTABLE = 170;
+  ENGINE_F_ENGINE_CTRL = 142;
+  ENGINE_F_ENGINE_CTRL_CMD = 178;
+  ENGINE_F_ENGINE_CTRL_CMD_STRING = 171;
+  ENGINE_F_ENGINE_FINISH = 107;
+  ENGINE_F_ENGINE_GET_CIPHER = 185;
+  ENGINE_F_ENGINE_GET_DIGEST = 186;
+  ENGINE_F_ENGINE_GET_FIRST = 195;
+  ENGINE_F_ENGINE_GET_LAST = 196;
+  ENGINE_F_ENGINE_GET_NEXT = 115;
+  ENGINE_F_ENGINE_GET_PKEY_ASN1_METH = 193;
+  ENGINE_F_ENGINE_GET_PKEY_METH = 192;
+  ENGINE_F_ENGINE_GET_PREV = 116;
+  ENGINE_F_ENGINE_INIT = 119;
+  ENGINE_F_ENGINE_LIST_ADD = 120;
+  ENGINE_F_ENGINE_LIST_REMOVE = 121;
+  ENGINE_F_ENGINE_LOAD_PRIVATE_KEY = 150;
+  ENGINE_F_ENGINE_LOAD_PUBLIC_KEY = 151;
+  ENGINE_F_ENGINE_LOAD_SSL_CLIENT_CERT = 194;
+  ENGINE_F_ENGINE_NEW = 122;
+  ENGINE_F_ENGINE_PKEY_ASN1_FIND_STR = 197;
+  ENGINE_F_ENGINE_REMOVE = 123;
+  ENGINE_F_ENGINE_SET_DEFAULT_STRING = 189;
+  ENGINE_F_ENGINE_SET_ID = 129;
+  ENGINE_F_ENGINE_SET_NAME = 130;
+  ENGINE_F_ENGINE_TABLE_REGISTER = 184;
+  ENGINE_F_ENGINE_UNLOCKED_FINISH = 191;
+  ENGINE_F_ENGINE_UP_REF = 190;
+  ENGINE_F_INT_CLEANUP_ITEM = 199;
+  ENGINE_F_INT_CTRL_HELPER = 172;
+  ENGINE_F_INT_ENGINE_CONFIGURE = 188;
+  ENGINE_F_INT_ENGINE_MODULE_INIT = 187;
+  ENGINE_F_OSSL_HMAC_INIT = 200;
+
+  (*
+   * ENGINE reason codes.
+   *)
+  ENGINE_R_ALREADY_LOADED = 100;
+  ENGINE_R_ARGUMENT_IS_NOT_A_NUMBER = 133;
+  ENGINE_R_CMD_NOT_EXECUTABLE = 134;
+  ENGINE_R_COMMAND_TAKES_INPUT = 135;
+  ENGINE_R_COMMAND_TAKES_NO_INPUT = 136;
+  ENGINE_R_CONFLICTING_ENGINE_ID = 103;
+  ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED = 119;
+  ENGINE_R_DSO_FAILURE = 104;
+  ENGINE_R_DSO_NOT_FOUND = 132;
+  ENGINE_R_ENGINES_SECTION_ERROR = 148;
+  ENGINE_R_ENGINE_CONFIGURATION_ERROR = 102;
+  ENGINE_R_ENGINE_IS_NOT_IN_LIST = 105;
+  ENGINE_R_ENGINE_SECTION_ERROR = 149;
+  ENGINE_R_FAILED_LOADING_PRIVATE_KEY = 128;
+  ENGINE_R_FAILED_LOADING_PUBLIC_KEY = 129;
+  ENGINE_R_FINISH_FAILED = 106;
+  ENGINE_R_ID_OR_NAME_MISSING = 108;
+  ENGINE_R_INIT_FAILED = 109;
+  ENGINE_R_INTERNAL_LIST_ERROR = 110;
+  ENGINE_R_INVALID_ARGUMENT = 143;
+  ENGINE_R_INVALID_CMD_NAME = 137;
+  ENGINE_R_INVALID_CMD_NUMBER = 138;
+  ENGINE_R_INVALID_INIT_VALUE = 151;
+  ENGINE_R_INVALID_STRING = 150;
+  ENGINE_R_NOT_INITIALISED = 117;
+  ENGINE_R_NOT_LOADED = 112;
+  ENGINE_R_NO_CONTROL_FUNCTION = 120;
+  ENGINE_R_NO_INDEX = 144;
+  ENGINE_R_NO_LOAD_FUNCTION = 125;
+  ENGINE_R_NO_REFERENCE = 130;
+  ENGINE_R_NO_SUCH_ENGINE = 116;
+  ENGINE_R_UNIMPLEMENTED_CIPHER = 146;
+  ENGINE_R_UNIMPLEMENTED_DIGEST = 147;
+  ENGINE_R_UNIMPLEMENTED_PUBLIC_KEY_METHOD = 101;
+  ENGINE_R_VERSION_INCOMPATIBILITY = 145;
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+procedure UnLoad;
+{$ENDREGION}
+
+var
+  ERR_load_ENGINE_strings: function: TIdC_INT cdecl = nil;
+
+implementation
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+
+  function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
+  begin
+    Result := LoadLibFunction(ADllHandle, AMethodName);
+    if not Assigned(Result) then
+      AFailed.Add(AMethodName);
+  end;
+
+begin
+  ERR_load_ENGINE_strings := LoadFunction('ERR_load_ENGINE_strings', AFailed);
+end;
+
+procedure UnLoad;
+begin
+  ERR_load_ENGINE_strings := nil;
+end;
+{$ENDREGION}
+
+end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_err.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_err.pas
new file mode 100644
index 000000000..d88c3edbe
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_err.pas
@@ -0,0 +1,313 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 15:01:04
+
+unit IdOpenSSLHeaders_err;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// err.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  Classes,
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts,
+  IdOpenSSLHeaders_ossl_typ;
+
+const
+  ERR_TXT_MALLOCED = $01;
+  ERR_TXT_STRING = $02;
+  ERR_FLAG_MARK = $01;
+  ERR_FLAG_CLEAR = $02;
+
+  ERR_NUM_ERRORS = 16;
+
+//* library */
+  ERR_LIB_SYS =    2;
+  ERR_LIB_BN =    3;
+  ERR_LIB_RSA =    4;
+  ERR_LIB_DH =    5;
+  ERR_LIB_EVP =    6;
+  ERR_LIB_BUF =    7;
+  ERR_LIB_OBJ =    8;
+  ERR_LIB_PEM =    9;
+  ERR_LIB_DSA =    10;
+  ERR_LIB_X509 =    11;
+  // ERR_LIB_METH         12
+  ERR_LIB_ASN1 =    13;
+  ERR_LIB_CONF =    14;
+  ERR_LIB_CRYPTO =   15;
+  ERR_LIB_EC =    16;
+  ERR_LIB_SSL =    20;
+(* #define ERR_LIB_SSL23        21 *)
+(* #define ERR_LIB_SSL2         22 *)
+(* #define ERR_LIB_SSL3         23 *)
+(* #define ERR_LIB_RSAREF       30 *)
+(* #define ERR_LIB_PROXY        31 *)
+  ERR_LIB_BIO =    32;
+  ERR_LIB_PKCS7 =    33;
+  ERR_LIB_X509V3 =   34;
+  ERR_LIB_PKCS12 =   35;
+  ERR_LIB_RAND =    36;
+  ERR_LIB_DSO =    37;
+  ERR_LIB_ENGINE =   38;
+  ERR_LIB_OCSP =    39;
+  ERR_LIB_UI =    40;
+  ERR_LIB_COMP =    41;
+  ERR_LIB_ECDSA =    42;
+  ERR_LIB_ECDH =    43;
+  ERR_LIB_OSSL_STORE =  44;
+  ERR_LIB_FIPS =    45;
+  ERR_LIB_CMS =    46;
+  ERR_LIB_TS =    47;
+  ERR_LIB_HMAC =    48;
+(* # define ERR_LIB_JPAKE       49 *)
+  ERR_LIB_CT =    50;
+  ERR_LIB_ASYNC =    51;
+  ERR_LIB_KDF =    52;
+  ERR_LIB_SM2 =    53;
+  ERR_LIB_USER =    128;
+  
+//* OS functions */
+  SYS_F_FOPEN = 1;
+  SYS_F_CONNECT = 2;
+  SYS_F_GETSERVBYNAME = 3;
+  SYS_F_SOCKET = 4;
+  SYS_F_IOCTLSOCKET = 5;
+  SYS_F_BIND = 6;
+  SYS_F_LISTEN = 7;
+  SYS_F_ACCEPT = 8;
+  SYS_F_WSASTARTUP = 9; (* Winsock stuff *)
+  SYS_F_OPENDIR = 10;
+  SYS_F_FREAD = 11;
+  SYS_F_GETADDRINFO = 12;
+  SYS_F_GETNAMEINFO = 13;
+  SYS_F_SETSOCKOPT = 14;
+  SYS_F_GETSOCKOPT = 15;
+  SYS_F_GETSOCKNAME = 16;
+  SYS_F_GETHOSTBYNAME = 17;
+  SYS_F_FFLUSH = 18;
+  SYS_F_OPEN = 19;
+  SYS_F_CLOSE = 20;
+  SYS_F_IOCTL = 21;
+  SYS_F_STAT = 22;
+  SYS_F_FCNTL = 23;
+  SYS_F_FSTAT = 24;
+
+//* reasons */
+  ERR_R_SYS_LIB = ERR_LIB_SYS; //2
+  ERR_R_BN_LIB = ERR_LIB_BN; //3
+  ERR_R_RSA_LIB = ERR_LIB_RSA; //4
+  ERR_R_DH_LIB = ERR_LIB_DH; //5
+  ERR_R_EVP_LIB = ERR_LIB_EVP; //6
+  ERR_R_BUF_LIB = ERR_LIB_BUF; //7
+  ERR_R_OBJ_LIB = ERR_LIB_OBJ; //8
+  ERR_R_PEM_LIB = ERR_LIB_PEM; //9
+  ERR_R_DSA_LIB = ERR_LIB_DSA; //10
+  ERR_R_X509_LIB = ERR_LIB_X509; //11
+  ERR_R_ASN1_LIB = ERR_LIB_ASN1; //13
+  ERR_R_EC_LIB = ERR_LIB_EC; //16
+  ERR_R_BIO_LIB = ERR_LIB_BIO; //32
+  ERR_R_PKCS7_LIB = ERR_LIB_PKCS7; //33
+  ERR_R_X509V3_LIB = ERR_LIB_X509V3; //34
+  ERR_R_ENGINE_LIB = ERR_LIB_ENGINE; //38
+  ERR_R_UI_LIB = ERR_LIB_UI; //40
+  ERR_R_ECDSA_LIB = ERR_LIB_ECDSA; //42
+  ERR_R_OSSL_STORE_LIB = ERR_LIB_OSSL_STORE; //44
+
+  ERR_R_NESTED_ASN1_ERROR =  58;
+  ERR_R_MISSING_ASN1_EOS =  63;
+
+  //* fatal error */
+  ERR_R_FATAL =  64;
+  ERR_R_MALLOC_FAILURE = (1 or ERR_R_FATAL);
+  ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED = (2 or ERR_R_FATAL);
+  ERR_R_PASSED_NULL_PARAMETER = (3 or ERR_R_FATAL);
+  ERR_R_INTERNAL_ERROR = (4 or ERR_R_FATAL);
+  ERR_R_DISABLED = (5 or ERR_R_FATAL);
+  ERR_R_INIT_FAIL = (6 or ERR_R_FATAL);
+  ERR_R_PASSED_INVALID_ARGUMENT = (7);
+  ERR_R_OPERATION_FAIL = (8 or ERR_R_FATAL);
+
+
+(*
+ * 99 is the maximum possible ERR_R_... code, higher values are reserved for
+ * the individual libraries
+ *)
+
+type
+  err_state_st = record
+    err_flags: array[0..ERR_NUM_ERRORS -1] of TIdC_INT;
+    err_buffer: array[0..ERR_NUM_ERRORS -1] of TIdC_ULONG;
+    err_data: array[0..ERR_NUM_ERRORS -1] of PIdAnsiChar;
+    err_data_flags: array[0..ERR_NUM_ERRORS -1] of TIdC_INT;
+    err_file: array[0..ERR_NUM_ERRORS -1] of PIdAnsiChar;
+    err_line: array[0..ERR_NUM_ERRORS -1] of TIdC_INT;
+    top, bottom: TIdC_INT;
+  end;
+  ERR_STATE = err_state_st;
+  PERR_STATE = ^ERR_STATE;
+
+  ERR_string_data_st = record
+    error: TIdC_ULONG;
+    &string: PIdAnsiChar;
+  end;
+  ERR_STRING_DATA = ERR_string_data_st;
+  PERR_STRING_DATA = ^ERR_STRING_DATA;
+
+  ERR_print_errors_cb_cb = function(str: PIdAnsiChar; len: TIdC_SIZET; u: Pointer): TIdC_INT; cdecl;
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+procedure UnLoad;
+{$ENDREGION}
+
+var
+// DEFINE_LHASH_OF(ERR_STRING_DATA);
+
+  ERR_put_error: procedure(lib: TIdC_INT; func: TIdC_INT; reason: TIdC_INT; &file: PIdAnsiChar; line: TIdC_INT) cdecl = nil;
+  ERR_set_error_data: procedure(data: PIdAnsiChar; flags: TIdC_INT) cdecl = nil;
+  
+  ERR_get_error: function: TIdC_ULONG cdecl = nil;
+  ERR_get_error_line: function(&file: PPIdAnsiChar; line: PIdC_INT): TIdC_ULONG cdecl = nil;
+  ERR_get_error_line_data: function(&file: PPIdAnsiChar; line: PIdC_INT; data: PPIdAnsiChar; flags: PIdC_INT): TIdC_ULONG cdecl = nil;
+
+  ERR_peek_error: function: TIdC_ULONG cdecl = nil;
+  ERR_peek_error_line: function(&file: PPIdAnsiChar; line: PIdC_INT): TIdC_ULONG cdecl = nil;
+  ERR_peek_error_line_data: function(&file: PPIdAnsiChar; line: PIdC_INT; data: PPIdAnsiChar; flags: PIdC_INT): TIdC_ULONG cdecl = nil;
+
+  ERR_peek_last_error: function: TIdC_ULONG cdecl = nil;
+  ERR_peek_last_error_line: function(&file: PPIdAnsiChar; line: PIdC_INT): TIdC_ULONG cdecl = nil;
+  ERR_peek_last_error_line_data: function(&file: PPIdAnsiChar; line: PIdC_INT; data: PPIdAnsiChar; flags: PIdC_INT): TIdC_ULONG cdecl = nil;
+
+  ERR_clear_error: procedure cdecl = nil;
+  ERR_error_string: function(e: TIdC_ULONG; buf: PIdAnsiChar): PIdAnsiChar cdecl = nil;
+  ERR_error_string_n: procedure(e: TIdC_ULONG; buf: PIdAnsiChar; len: TIdC_SIZET) cdecl = nil;
+  ERR_lib_error_string: function(e: TIdC_ULONG): PIdAnsiChar cdecl = nil;
+  ERR_func_error_string: function(e: TIdC_ULONG): PIdAnsiChar cdecl = nil;
+  ERR_reason_error_string: function(e: TIdC_ULONG): PIdAnsiChar cdecl = nil;
+  ERR_print_errors_cb: procedure(cb: ERR_print_errors_cb_cb; u: Pointer) cdecl = nil;
+
+  ERR_print_errors: procedure(bp: PBIO) cdecl = nil;
+  // void ERR_add_error_data(int num, ...);
+  // procedure ERR_add_error_vdata(num: TIdC_INT; args: va_list);
+  ERR_load_strings: function(lib: TIdC_INT; str: PERR_STRING_DATA): TIdC_INT cdecl = nil;
+  ERR_load_strings_const: function(str: PERR_STRING_DATA): TIdC_INT cdecl = nil;
+  ERR_unload_strings: function(lib: TIdC_INT; str: PERR_STRING_DATA): TIdC_INT cdecl = nil;
+  ERR_load_ERR_strings: function: TIdC_INT cdecl = nil;
+
+  ERR_get_state: function: PERR_STATE cdecl = nil;
+  ERR_get_next_error_library: function: TIdC_INT cdecl = nil;
+  ERR_set_mark: function: TIdC_INT cdecl = nil;
+  ERR_pop_to_mark: function: TIdC_INT cdecl = nil;
+  ERR_clear_last_mark: function: TIdC_INT cdecl = nil;
+
+implementation
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+
+  function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
+  begin
+    Result := LoadLibFunction(ADllHandle, AMethodName);
+    if not Assigned(Result) then
+      AFailed.Add(AMethodName);
+  end;
+
+begin
+  ERR_put_error := LoadFunction('ERR_put_error', AFailed);
+  ERR_set_error_data := LoadFunction('ERR_set_error_data', AFailed);
+  ERR_get_error := LoadFunction('ERR_get_error', AFailed);
+  ERR_get_error_line := LoadFunction('ERR_get_error_line', AFailed);
+  ERR_get_error_line_data := LoadFunction('ERR_get_error_line_data', AFailed);
+  ERR_peek_error := LoadFunction('ERR_peek_error', AFailed);
+  ERR_peek_error_line := LoadFunction('ERR_peek_error_line', AFailed);
+  ERR_peek_error_line_data := LoadFunction('ERR_peek_error_line_data', AFailed);
+  ERR_peek_last_error := LoadFunction('ERR_peek_last_error', AFailed);
+  ERR_peek_last_error_line := LoadFunction('ERR_peek_last_error_line', AFailed);
+  ERR_peek_last_error_line_data := LoadFunction('ERR_peek_last_error_line_data', AFailed);
+  ERR_clear_error := LoadFunction('ERR_clear_error', AFailed);
+  ERR_error_string := LoadFunction('ERR_error_string', AFailed);
+  ERR_error_string_n := LoadFunction('ERR_error_string_n', AFailed);
+  ERR_lib_error_string := LoadFunction('ERR_lib_error_string', AFailed);
+  ERR_func_error_string := LoadFunction('ERR_func_error_string', AFailed);
+  ERR_reason_error_string := LoadFunction('ERR_reason_error_string', AFailed);
+  ERR_print_errors_cb := LoadFunction('ERR_print_errors_cb', AFailed);
+  ERR_print_errors := LoadFunction('ERR_print_errors', AFailed);
+  ERR_load_strings := LoadFunction('ERR_load_strings', AFailed);
+  ERR_load_strings_const := LoadFunction('ERR_load_strings_const', AFailed);
+  ERR_unload_strings := LoadFunction('ERR_unload_strings', AFailed);
+  ERR_load_ERR_strings := LoadFunction('ERR_load_ERR_strings', AFailed);
+  ERR_get_state := LoadFunction('ERR_get_state', AFailed);
+  ERR_get_next_error_library := LoadFunction('ERR_get_next_error_library', AFailed);
+  ERR_set_mark := LoadFunction('ERR_set_mark', AFailed);
+  ERR_pop_to_mark := LoadFunction('ERR_pop_to_mark', AFailed);
+  ERR_clear_last_mark := LoadFunction('ERR_clear_last_mark', AFailed);
+end;
+
+procedure UnLoad;
+begin
+  ERR_put_error := nil;
+  ERR_set_error_data := nil;
+  ERR_get_error := nil;
+  ERR_get_error_line := nil;
+  ERR_get_error_line_data := nil;
+  ERR_peek_error := nil;
+  ERR_peek_error_line := nil;
+  ERR_peek_error_line_data := nil;
+  ERR_peek_last_error := nil;
+  ERR_peek_last_error_line := nil;
+  ERR_peek_last_error_line_data := nil;
+  ERR_clear_error := nil;
+  ERR_error_string := nil;
+  ERR_error_string_n := nil;
+  ERR_lib_error_string := nil;
+  ERR_func_error_string := nil;
+  ERR_reason_error_string := nil;
+  ERR_print_errors_cb := nil;
+  ERR_print_errors := nil;
+  ERR_load_strings := nil;
+  ERR_load_strings_const := nil;
+  ERR_unload_strings := nil;
+  ERR_load_ERR_strings := nil;
+  ERR_get_state := nil;
+  ERR_get_next_error_library := nil;
+  ERR_set_mark := nil;
+  ERR_pop_to_mark := nil;
+  ERR_clear_last_mark := nil;
+end;
+{$ENDREGION}
+
+end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_evp.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_evp.pas
new file mode 100644
index 000000000..3d893643f
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_evp.pas
@@ -0,0 +1,2388 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 15:01:04
+
+unit IdOpenSSLHeaders_evp;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// evp.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  Classes,
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts,
+  IdOpenSSlHeaders_bio,
+  IdOpenSSLHeaders_obj_mac,
+  IdOpenSSlHeaders_ossl_typ;
+
+const
+  EVP_MAX_MD_SIZE = 64; // longest known is SHA512
+  EVP_MAX_KEY_LENGTH = 64;
+  EVP_MAX_IV_LENGTH = 16;
+  EVP_MAX_BLOCK_LENGTH = 32;
+  PKCS5_SALT_LEN = 8;
+  // Default PKCS#5 iteration count
+  PKCS5_DEFAULT_ITER = 2048;
+  EVP_PK_RSA = $0001;
+  EVP_PK_DSA = $0002;
+  EVP_PK_DH  = $0004;
+  EVP_PK_EC = $0008;
+  EVP_PKT_SIGN = $0010;
+  EVP_PKT_ENC = $0020;
+  EVP_PKT_EXCH = $0040;
+  EVP_PKS_RSA = $0100;
+  EVP_PKS_DSA = $0200;
+  EVP_PKS_EC = $0400;
+
+  EVP_PKEY_NONE = NID_undef;
+  EVP_PKEY_RSA = NID_rsaEncryption;
+  EVP_PKEY_RSA2 = NID_rsa;
+  EVP_PKEY_RSA_PSS = NID_rsassaPss;
+  EVP_PKEY_DSA = NID_dsa;
+  EVP_PKEY_DSA1 = NID_dsa_2;
+  EVP_PKEY_DSA2 = NID_dsaWithSHA;
+  EVP_PKEY_DSA3 = NID_dsaWithSHA1;
+  EVP_PKEY_DSA4 = NID_dsaWithSHA1_2;
+  EVP_PKEY_DH = NID_dhKeyAgreement;
+  EVP_PKEY_DHX = NID_dhpublicnumber;
+  EVP_PKEY_EC = NID_X9_62_id_ecPublicKey;
+  EVP_PKEY_SM2 = NID_sm2;
+  EVP_PKEY_HMAC = NID_hmac;
+  EVP_PKEY_CMAC = NID_cmac;
+  EVP_PKEY_SCRYPT = NID_id_scrypt;
+  EVP_PKEY_TLS1_PRF = NID_tls1_prf;
+  EVP_PKEY_HKDF = NID_hkdf;
+  EVP_PKEY_POLY1305 = NID_poly1305;
+  EVP_PKEY_SIPHASH = NID_siphash;
+  EVP_PKEY_X25519 = NID_X25519;
+  EVP_PKEY_ED25519 = NID_ED25519;
+  EVP_PKEY_X448 = NID_X448;
+  EVP_PKEY_ED448 = NID_ED448;
+
+  EVP_PKEY_MO_SIGN = $0001;
+  EVP_PKEY_MO_VERIFY = $0002;
+  EVP_PKEY_MO_ENCRYPT = $0004;
+  EVP_PKEY_MO_DECRYPT = $0008;
+
+// digest can only handle a single block ///
+  EVP_MD_FLAG_ONESHOT = $0001;
+
+// digest is extensible-output function; XOF ///
+
+  EVP_MD_FLAG_XOF = $0002;
+
+// DigestAlgorithmIdentifier flags... ///
+
+  EVP_MD_FLAG_DIGALGID_MASK = $0018;
+
+// NULL or absent parameter accepted. Use NULL ///
+
+  EVP_MD_FLAG_DIGALGID_NULL = $0000;
+
+// NULL or absent parameter accepted. Use NULL for PKCS#1 otherwise absent ///
+
+  EVP_MD_FLAG_DIGALGID_ABSENT = $0008;
+
+// Custom handling via ctrl ///
+
+  EVP_MD_FLAG_DIGALGID_CUSTOM = $0018;
+
+// Note if suitable for use in FIPS mode ///
+
+  EVP_MD_FLAG_FIPS = $0400;
+
+// Digest ctrls ///
+
+  EVP_MD_CTRL_DIGALGID = $1;
+  EVP_MD_CTRL_MICALG = $2;
+  EVP_MD_CTRL_XOF_LEN = $3;
+
+// Minimum Algorithm specific ctrl value ///
+
+  EVP_MD_CTRL_ALG_CTRL = $1000;
+ // not EVP_MD ///
+
+// values for EVP_MD_CTX flags ///
+  EVP_MD_CTX_FLAG_ONESHOT = $0001;
+  EVP_MD_CTX_FLAG_CLEANED = $0002;
+  EVP_MD_CTX_FLAG_REUSE = $0004;
+//
+ // FIPS and pad options are ignored in 1.0.0; definitions are here so we
+ // don't accidentally reuse the values for other purposes.
+ ///
+
+  EVP_MD_CTX_FLAG_NON_FIPS_ALLOW = $0008;
+
+//
+ // The following PAD options are also currently ignored in 1.0.0; digest
+ // parameters are handled through EVP_DigestSign//() and EVP_DigestVerify//()
+ // instead.
+ ///
+  EVP_MD_CTX_FLAG_PAD_MASK = $F0;
+  EVP_MD_CTX_FLAG_PAD_PKCS1 = $00;
+  EVP_MD_CTX_FLAG_PAD_X931 = $10;
+  EVP_MD_CTX_FLAG_PAD_PSS = $20;
+
+  EVP_MD_CTX_FLAG_NO_INIT = $0100;
+//
+ // Some functions such as EVP_DigestSign only finalise copies of internal
+ // contexts so additional data can be included after the finalisation call.
+ // This is inefficient if this functionality is not required: it is disabled
+ // if the following flag is set.
+ ///
+  EVP_MD_CTX_FLAG_FINALISE = $0200;
+
+
+// NOTE: $0400 is reserved for internal usage ///
+// Values for cipher flags ///
+
+// Modes for ciphers ///
+
+  EVP_CIPH_STREAM_CIPHER = $0;
+  EVP_CIPH_ECB_MODE = $1;
+  EVP_CIPHC_MODE = $2;
+  EVP_CIPH_CFB_MODE = $3;
+  EVP_CIPH_OFB_MODE = $4;
+  EVP_CIPH_CTR_MODE = $5;
+  EVP_CIPH_GCM_MODE = $6;
+  EVP_CIPH_CCM_MODE = $7;
+  EVP_CIPH_XTS_MODE = $10001;
+  EVP_CIPH_WRAP_MODE = $10002;
+  EVP_CIPH_OCB_MODE = $10003;
+  EVP_CIPH_MODE = $F0007;
+// Set if variable length cipher ///
+  EVP_CIPH_VARIABLE_LENGTH = $8;
+// Set if the iv handling should be done by the cipher itself ///
+  EVP_CIPH_CUSTOM_IV = $10;
+// Set if the cipher's init() function should be called if key is NULL ///
+  EVP_CIPH_ALWAYS_CALL_INIT = $20;
+// Call ctrl() to init cipher parameters ///
+  EVP_CIPH_CTRL_INIT = $40;
+// Don't use standard key length function ///
+  EVP_CIPH_CUSTOM_KEY_LENGTH = $80;
+// Don't use standard block padding ///
+  EVP_CIPH_NO_PADDING = $100;
+// cipher handles random key generation ///
+  EVP_CIPH_RAND_KEY = $200;
+// cipher has its own additional copying logic ///
+  EVP_CIPH_CUSTOM_COPY = $400;
+// Don't use standard iv length function ///
+  EVP_CIPH_CUSTOM_IV_LENGTH = $800;
+// Allow use default ASN1 get/set iv ///
+  EVP_CIPH_FLAG_DEFAULT_ASN1 = $1000;
+// Buffer length in bits not bytes: CFB1 mode only ///
+  EVP_CIPH_FLAG_LENGTH_BITS = $2000;
+// Note if suitable for use in FIPS mode ///
+  EVP_CIPH_FLAG_FIPS = $4000;
+// Allow non FIPS cipher in FIPS mode ///
+  EVP_CIPH_FLAG_NON_FIPS_ALLOW = $8000;
+//
+ // Cipher handles any and all padding logic as well as finalisation.
+ ///
+  EVP_CIPH_FLAG_CUSTOM_CIPHER = $100000;
+  EVP_CIPH_FLAG_AEAD_CIPHER = $200000;
+  EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK = $400000;
+// Cipher can handle pipeline operations ///
+  EVP_CIPH_FLAG_PIPELINE = $800000;
+
+//
+ // Cipher context flag to indicate we can handle wrap mode: if allowed in
+ // older applications it could overflow buffers.
+ ///
+
+  EVP_CIPHER_CTX_FLAG_WRAP_ALLOW = $1;
+
+// ctrl() values ///
+
+  EVP_CTRL_INIT = $0;
+  EVP_CTRL_SET_KEY_LENGTH = $1;
+  EVP_CTRL_GET_RC2_KEY_BITS = $2;
+  EVP_CTRL_SET_RC2_KEY_BITS = $3;
+  EVP_CTRL_GET_RC5_ROUNDS = $4;
+  EVP_CTRL_SET_RC5_ROUNDS = $5;
+  EVP_CTRL_RAND_KEY = $6;
+  EVP_CTRL_PBE_PRF_NID = $7;
+  EVP_CTRL_COPY = $8;
+  EVP_CTRL_AEAD_SET_IVLEN = $9;
+  EVP_CTRL_AEAD_GET_TAG = $10;
+  EVP_CTRL_AEAD_SET_TAG = $11;
+  EVP_CTRL_AEAD_SET_IV_FIXED = $12;
+  EVP_CTRL_GCM_SET_IVLEN = EVP_CTRL_AEAD_SET_IVLEN;
+  EVP_CTRL_GCM_GET_TAG = EVP_CTRL_AEAD_GET_TAG;
+  EVP_CTRL_GCM_SET_TAG = EVP_CTRL_AEAD_SET_TAG;
+  EVP_CTRL_GCM_SET_IV_FIXED = EVP_CTRL_AEAD_SET_IV_FIXED;
+  EVP_CTRL_GCM_IV_GEN = $13;
+  EVP_CTRL_CCM_SET_IVLEN = EVP_CTRL_AEAD_SET_IVLEN;
+  EVP_CTRL_CCM_GET_TAG = EVP_CTRL_AEAD_GET_TAG;
+  EVP_CTRL_CCM_SET_TAG = EVP_CTRL_AEAD_SET_TAG;
+  EVP_CTRL_CCM_SET_IV_FIXED = EVP_CTRL_AEAD_SET_IV_FIXED;
+  EVP_CTRL_CCM_SET_L = $14;
+  EVP_CTRL_CCM_SET_MSGLEN = $15;
+//
+ // AEAD cipher deduces payload length and returns number of bytes required to
+ // store MAC and eventual padding. Subsequent call to EVP_Cipher even
+ // appends/verifies MAC.
+ ///
+  EVP_CTRL_AEAD_TLS1_AAD = $16;
+// Used by composite AEAD ciphers; no-op in GCM; CCM... ///
+  EVP_CTRL_AEAD_SET_MAC_KEY = $17;
+// Set the GCM invocation field; decrypt only ///
+  EVP_CTRL_GCM_SET_IV_INV = $18;
+
+  EVP_CTRL_TLS1_1_MULTIBLOCK_AAD = $19;
+  EVP_CTRL_TLS1_1_MULTIBLOCK_ENCRYPT = $1a;
+  EVP_CTRL_TLS1_1_MULTIBLOCK_DECRYPT = $1b;
+  EVP_CTRL_TLS1_1_MULTIBLOCK_MAX_BUFSIZE = $1c;
+
+  EVP_CTRL_SSL3_MASTER_SECRET = $1d;
+
+// EVP_CTRL_SET_SBOX takes the PIdAnsiChar// specifying S-boxes///
+  EVP_CTRL_SET_SBOX = $1e;
+//
+// EVP_CTRL_SBOX_USED takes a 'TIdC_SIZET' and 'PIdAnsiChar//'; pointing at a
+// pre-allocated buffer with specified size
+///
+  EVP_CTRL_SBOX_USED = $1f;
+// EVP_CTRL_KEY_MESH takes 'TIdC_SIZET' number of bytes to mesh the key after;
+// 0 switches meshing off
+///
+  EVP_CTRL_KEY_MESH = $20;
+// EVP_CTRL_BLOCK_PADDING_MODE takes the padding mode///
+  EVP_CTRL_BLOCK_PADDING_MODE = $21;
+
+// Set the output buffers to use for a pipelined operation///
+  EVP_CTRL_SET_PIPELINE_OUTPUT_BUFS = $22;
+// Set the input buffers to use for a pipelined operation///
+  EVP_CTRL_SET_PIPELINE_INPUT_BUFS = $23;
+// Set the input buffer lengths to use for a pipelined operation///
+  EVP_CTRL_SET_PIPELINE_INPUT_LENS = $24;
+
+  EVP_CTRL_GET_IVLEN = $25;
+
+// Padding modes///
+  EVP_PADDING_PKCS7 = 1;
+  EVP_PADDING_ISO7816_4 = 2;
+  EVP_PADDING_ANSI923 = 3;
+  EVP_PADDING_ISO10126 = 4;
+  EVP_PADDING_ZERO = 5;
+
+// RFC 5246 defines additional data to be 13 bytes in length///
+  EVP_AEAD_TLS1_AAD_LEN = 13;
+
+// GCM TLS constants///
+// Length of fixed part of IV derived from PRF///
+  EVP_GCM_TLS_FIXED_IV_LEN = 4;
+// Length of explicit part of IV part of TLS records///
+  EVP_GCM_TLS_EXPLICIT_IV_LEN = 8;
+// Length of tag for TLS
+  EVP_GCM_TLS_TAG_LEN = 16;
+
+/// CCM TLS constants ///
+/// Length of fixed part of IV derived from PRF ///
+  EVP_CCM_TLS_FIXED_IV_LEN = 4;
+/// Length of explicit part of IV part of TLS records ///
+  EVP_CCM_TLS_EXPLICIT_IV_LEN = 8;
+/// Total length of CCM IV length for TLS ///
+  EVP_CCM_TLS_IV_LEN = 12;
+/// Length of tag for TLS ///
+  EVP_CCM_TLS_TAG_LEN = 16;
+/// Length of CCM8 tag for TLS ///
+  EVP_CCM8_TLS_TAG_LEN = 8;
+
+/// Length of tag for TLS ///
+  EVP_CHACHAPOLY_TLS_TAG_LEN = 16;
+
+(* Can appear as the outermost AlgorithmIdentifier *)
+  EVP_PBE_TYPE_OUTER = $0;
+(* Is an PRF type OID *)
+  EVP_PBE_TYPE_PRF = $1;
+(* Is a PKCS#5 v2.0 KDF *)
+  EVP_PBE_TYPE_KDF = $2;
+
+  ASN1_PKEY_ALIAS = $1;
+  ASN1_PKEY_DYNAMIC = $2;
+  ASN1_PKEY_SIGPARAM_NULL = $4;
+
+  ASN1_PKEY_CTRL_PKCS7_SIGN = $1;
+  ASN1_PKEY_CTRL_PKCS7_ENCRYPT = $2;
+  ASN1_PKEY_CTRL_DEFAULT_MD_NID = $3;
+  ASN1_PKEY_CTRL_CMS_SIGN = $5;
+  ASN1_PKEY_CTRL_CMS_ENVELOPE = $7;
+  ASN1_PKEY_CTRL_CMS_RI_TYPE = $8;
+
+  ASN1_PKEY_CTRL_SET1_TLS_ENCPT = $9;
+  ASN1_PKEY_CTRL_GET1_TLS_ENCPT = $a;
+
+  EVP_PKEY_OP_UNDEFINED = 0;
+  EVP_PKEY_OP_PARAMGEN = (1 shl 1);
+  EVP_PKEY_OP_KEYGEN = (1 shl 2);
+  EVP_PKEY_OP_SIGN = (1 shl 3);
+  EVP_PKEY_OP_VERIFY = (1 shl 4);
+  EVP_PKEY_OP_VERIFYRECOVER = (1 shl 5);
+  EVP_PKEY_OP_SIGNCTX = (1 shl 6);
+  EVP_PKEY_OP_VERIFYCTX = (1 shl 7);
+  EVP_PKEY_OP_ENCRYPT = (1 shl 8);
+  EVP_PKEY_OP_DECRYPT = (1 shl 9);
+  EVP_PKEY_OP_DERIVE = (1 shl 10);
+
+  EVP_PKEY_OP_TYPE_SIG = EVP_PKEY_OP_SIGN or EVP_PKEY_OP_VERIFY
+    or EVP_PKEY_OP_VERIFYRECOVER or EVP_PKEY_OP_SIGNCTX or EVP_PKEY_OP_VERIFYCTX;
+
+  EVP_PKEY_OP_TYPE_CRYPT = EVP_PKEY_OP_ENCRYPT or EVP_PKEY_OP_DECRYPT;
+
+  EVP_PKEY_OP_TYPE_NOGEN = EVP_PKEY_OP_TYPE_SIG or EVP_PKEY_OP_TYPE_CRYPT or EVP_PKEY_OP_DERIVE;
+
+  EVP_PKEY_OP_TYPE_GEN = EVP_PKEY_OP_PARAMGEN or EVP_PKEY_OP_KEYGEN;
+
+  EVP_PKEY_CTRL_MD = 1;
+  EVP_PKEY_CTRL_PEER_KEY = 2;
+
+  EVP_PKEY_CTRL_PKCS7_ENCRYPT = 3;
+  EVP_PKEY_CTRL_PKCS7_DECRYPT = 4;
+
+  EVP_PKEY_CTRL_PKCS7_SIGN = 5;
+
+  EVP_PKEY_CTRL_SET_MAC_KEY = 6;
+
+  EVP_PKEY_CTRL_DIGESTINIT = 7;
+
+(* Used by GOST key encryption in TLS *)
+  EVP_PKEY_CTRL_SET_IV = 8;
+
+  EVP_PKEY_CTRL_CMS_ENCRYPT = 9;
+  EVP_PKEY_CTRL_CMS_DECRYPT = 10;
+  EVP_PKEY_CTRL_CMS_SIGN = 11;
+
+  EVP_PKEY_CTRL_CIPHER = 12;
+
+  EVP_PKEY_CTRL_GET_MD = 13;
+
+  EVP_PKEY_CTRL_SET_DIGEST_SIZE = 14;
+
+  EVP_PKEY_ALG_CTRL = $1000;
+
+  EVP_PKEY_FLAG_AUTOARGLEN = 2;
+  //
+ // Method handles all operations: don't assume any digest related defaults.
+ //
+  EVP_PKEY_FLAG_SIGCTX_CUSTOM = 4;
+
+type
+  EVP_MD_meth_init = function(ctx: PEVP_MD_CTX): TIdC_INT; cdecl;
+  EVP_MD_meth_update = function(ctx: PEVP_MD_CTX; const data: Pointer;
+    count: TIdC_SIZET): TIdC_INT; cdecl;
+  EVP_MD_meth_final = function(ctx: PEVP_MD_CTX; const md: PByte): TIdC_INT; cdecl;
+  EVP_MD_meth_copy = function(&to: PEVP_MD_CTX; const from: PEVP_MD_CTX): TIdC_INT; cdecl;
+  EVP_MD_meth_cleanup = function(ctx: PEVP_MD_CTX): TIdC_INT; cdecl;
+  EVP_MD_meth_ctrl = function(ctx: PEVP_MD_CTX; cmd: TIdC_INT; p1: TIdC_INT;
+    p2: Pointer): TIdC_INT; cdecl;
+
+  EVP_CIPHER_meth_init = function(ctx: PEVP_CIPHER_CTX; const key: PByte;
+    const iv: PByte; enc: TIdC_SIZET): TIdC_INT; cdecl;
+  EVP_CIPHER_meth_do_cipher = function(ctx: PEVP_CIPHER_CTX; &out: PByte;
+    const &in: PByte; inl: TIdC_SIZET): TIdC_INT; cdecl;
+  EVP_CIPHER_meth_cleanup = function(v1: PEVP_CIPHER_CTX): TIdC_INT; cdecl;
+  EVP_CIPHER_meth_set_asn1_params = function(v1: PEVP_CIPHER_CTX;
+    v2: PASN1_TYPE): TIdC_INT; cdecl;
+  EVP_CIPHER_meth_get_asn1_params = function(v1: PEVP_CIPHER_CTX;
+    v2: PASN1_TYPE): TIdC_INT; cdecl;
+  EVP_CIPHER_meth_ctrl = function(v1: PEVP_CIPHER_CTX; &type: TIdC_INT;
+    arg: TIdC_INT; ptr: Pointer): TIdC_INT; cdecl;
+
+  EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM = record
+    &out: PByte;
+    inp: PByte;
+    len: TIdC_SIZET;
+    interleave: TidC_UINT;
+  end;
+
+  evp_cipher_info_st = record
+    cipher: PEVP_CIPHER;
+    iv: array[0 .. EVP_MAX_IV_LENGTH - 1] of PByte;
+  end;
+  EVP_CIPHER_INFO = evp_cipher_info_st;
+
+  EVP_MD_CTX_update = function(ctx: PEVP_MD_CTX; const data: Pointer; count: TIdC_SIZET): TIdC_INT; cdecl;
+
+  fn = procedure(const ciph: PEVP_CIPHER; const from: PIdAnsiChar; const &to: PIdAnsiChar; x: Pointer); cdecl;
+
+  rsa_st = type Pointer;
+  Prsa_st = ^rsa_st;
+
+  dsa_st = type Pointer;
+
+  Pdsa_st = ^dsa_st;
+
+  dh_st = type Pointer;
+
+  Pdh_st = ^dh_st;
+  ec_key_st = type Pointer;
+
+  Pec_key_st = ^ec_key_st;
+
+  pub_decode = function(pk: PEVP_PKEY; pub: PX509_PUBKEY): TIdC_INT; cdecl;
+  pub_encode = function(pub: PX509_PUBKEY; const pk: PEVP_PKEY): TIdC_INT; cdecl;
+  pub_cmd = function(const a: PEVP_PKEY; const b: PEVP_PKEY): TIdC_INT; cdecl;
+  pub_print = function(&out: PBIO; const pkey: PEVP_PKEY; indent: TIdC_INT; pctx: PASN1_PCTX): TIdC_INT; cdecl;
+  pkey_size = function(const pk: PEVP_PKEY): TIdC_INT; cdecl;
+  pkey_bits = function(const pk: PEVP_PKEY): TIdC_INT; cdecl;
+
+  priv_decode = function(pk: PEVP_PKEY; const p8inf: PKCS8_PRIV_KEY_INFO): TIdC_INT; cdecl;
+  priv_encode = function(p8: PPKCS8_PRIV_KEY_INFO; const pk: PEVP_PKEY): TIdC_INT; cdecl;
+  priv_print = function(&out: PBIO; const pkea: PEVP_PKEY; indent: TIdC_INT; pctx: PASN1_PCTX): TIdC_INT; cdecl;
+
+  param_decode = function(pkey: PEVP_PKEY; const pder: PPByte; derlen: TIdC_INT): TIdC_INT; cdecl;
+  param_encode = function(const pkey: PEVP_PKEY; pder: PPByte): TIdC_INT; cdecl;
+  param_missing = function(const pk: PEVP_PKEY): TIdC_INT; cdecl;
+  param_copy = function(&to: PEVP_PKEY; const from: PEVP_PKEY): TIdC_INT; cdecl;
+  param_cmp = function(const a: PEVP_PKEY; const b: PEVP_PKEY): TIdC_INT; cdecl;
+  param_print = function(&out: PBIO; const pkey: PEVP_PKEY; indent: TIdC_INT; pctx: PASN1_PCTX): TIdC_INT; cdecl;
+
+  pkey_free = procedure(pkey: PEVP_PKEY); cdecl;
+  pkey_ctrl = function(pkey: PEVP_PKEY; op: TIdC_INT; arg1: TIdC_LONG; arg2: Pointer): TIdC_INT; cdecl;
+  item_verify = function(ctx: PEVP_MD_CTX; const it: PASN1_ITEM; asn: Pointer;
+    a: PX509_ALGOR; sig: PASN1_BIT_STRING; pkey: PEVP_PKEY): TIdC_INT; cdecl;
+  item_sign = function(ctx: PEVP_MD_CTX; const it: PASN1_ITEM; asn: Pointer;
+    alg1: PX509_ALGOR; alg2: PX509_ALGOR; sig: PASN1_BIT_STRING): TIdC_INT; cdecl;
+  siginf_set = function(siginf: PX509_SIG_INFO; const alg: PX509_ALGOR; const sig: PASN1_STRING): TIdC_INT; cdecl;
+  pkey_check = function(const pk: PEVP_PKEY): TIdC_INT; cdecl;
+  pkey_pub_check = function(const pk: PEVP_PKEY): TIdC_INT; cdecl;
+  pkey_param_check = function(const pk: PEVP_PKEY): TIdC_INT; cdecl;
+  set_priv_key = function(pk: PEVP_PKEY; const priv: PByte; len: TIdC_SIZET): TIdC_INT; cdecl;
+  set_pub_key = function(pk: PEVP_PKEY; const pub: PByte; len: TIdC_SIZET): TIdC_INT; cdecl;
+  get_priv_key = function(const pk: PEVP_PKEY; priv: PByte; len: PIdC_SIZET): TIdC_INT; cdecl;
+  get_pub_key = function(const pk: PEVP_PKEY; pub: PByte; len: PIdC_SIZET): TIdC_INT; cdecl;
+  pkey_security_bits = function(const pk: PEVP_PKEY): TIdC_INT; cdecl;
+
+  EVP_PKEY_gen_cb = function(ctx: PEVP_PKEY_CTX): TIdC_INT; cdecl;
+//  PEVP_PKEY_gen_cb = ^EVP_PKEY_gen_cb;
+
+  EVP_PKEY_meth_init = function(ctx: PEVP_PKEY_CTX): TIdC_INT; cdecl;
+  PEVP_PKEY_meth_init = ^EVP_PKEY_meth_init;
+  EVP_PKEY_meth_copy_cb = function(dst: PEVP_PKEY_CTX; src: PEVP_PKEY_CTX): TIdC_INT; cdecl;
+  PEVP_PKEY_meth_copy = ^EVP_PKEY_meth_copy_cb;
+  EVP_PKEY_meth_cleanup = procedure(ctx: PEVP_PKEY_CTX); cdecl;
+  PEVP_PKEY_meth_cleanup = ^EVP_PKEY_meth_cleanup;
+  EVP_PKEY_meth_paramgen_init = function(ctx: PEVP_PKEY_CTX): TIdC_INT; cdecl;
+  PEVP_PKEY_meth_paramgen_init = ^EVP_PKEY_meth_paramgen_init;
+  EVP_PKEY_meth_paramgen = function(ctx: PEVP_PKEY_CTX; pkey: PEVP_PKEY): TIdC_INT; cdecl;
+  PEVP_PKEY_meth_paramgen = ^EVP_PKEY_meth_paramgen;
+  EVP_PKEY_meth_keygen_init = function(ctx: PEVP_PKEY_CTX): TIdC_INT; cdecl;
+  PEVP_PKEY_meth_keygen_init = ^EVP_PKEY_meth_keygen_init;
+  EVP_PKEY_meth_keygen = function(ctx: PEVP_PKEY_CTX; pkey: PEVP_PKEY): TIdC_INT; cdecl;
+  PEVP_PKEY_meth_keygen = ^EVP_PKEY_meth_keygen;
+  EVP_PKEY_meth_sign_init = function(ctx: PEVP_PKEY_CTX): TIdC_INT; cdecl;
+  PEVP_PKEY_meth_sign_init = ^EVP_PKEY_meth_sign_init;
+  EVP_PKEY_meth_sign = function(ctx: PEVP_PKEY_CTX; sig: PByte; siglen: TIdC_SIZET;
+    const tbs: PByte; tbslen: TIdC_SIZET): TIdC_INT; cdecl;
+  PEVP_PKEY_meth_sign = ^EVP_PKEY_meth_sign;
+  EVP_PKEY_meth_verify_init = function(ctx: PEVP_PKEY_CTX): TIdC_INT; cdecl;
+  PEVP_PKEY_meth_verify_init = ^EVP_PKEY_meth_verify_init;
+  EVP_PKEY_meth_verify = function(ctx: PEVP_PKEY_CTX; const sig: PByte;
+    siglen: TIdC_SIZET; const tbs: PByte; tbslen: TIdC_SIZET): TIdC_INT; cdecl;
+  PEVP_PKEY_meth_verify = ^EVP_PKEY_meth_verify;
+  EVP_PKEY_meth_verify_recover_init = function(ctx: PEVP_PKEY_CTX): TIdC_INT; cdecl;
+  PEVP_PKEY_meth_verify_recover_init = ^EVP_PKEY_meth_verify_recover_init;
+  EVP_PKEY_meth_verify_recover = function(ctx: PEVP_PKEY_CTX; sig: PByte;
+    siglen: TIdC_SIZET; const tbs: PByte; tbslen: TIdC_SIZET): TIdC_INT; cdecl;
+  PEVP_PKEY_meth_verify_recover = ^EVP_PKEY_meth_verify_recover;
+  EVP_PKEY_meth_signctx_init = function(ctx: PEVP_PKEY_CTX): TIdC_INT; cdecl;
+  PEVP_PKEY_meth_signctx_init = ^EVP_PKEY_meth_signctx_init;
+  EVP_PKEY_meth_signctx = function(ctx: PEVP_PKEY_CTX; sig: Pbyte;
+    siglen: TIdC_SIZET; mctx: PEVP_MD_CTX): TIdC_INT; cdecl;
+  PEVP_PKEY_meth_signctx = ^EVP_PKEY_meth_signctx;
+  EVP_PKEY_meth_verifyctx_init = function(ctx: PEVP_PKEY_CTX; mctx: PEVP_MD_CTX): TIdC_INT; cdecl;
+  PEVP_PKEY_meth_verifyctx_init = ^EVP_PKEY_meth_verifyctx_init;
+  EVP_PKEY_meth_verifyctx = function(ctx: PEVP_PKEY_CTX; const sig: PByte;
+    siglen: TIdC_INT; mctx: PEVP_MD_CTX): TIdC_INT; cdecl;
+  PEVP_PKEY_meth_verifyctx = ^EVP_PKEY_meth_verifyctx;
+  EVP_PKEY_meth_encrypt_init = function(ctx: PEVP_PKEY_CTX): TIdC_INT; cdecl;
+  PEVP_PKEY_meth_encrypt_init = ^EVP_PKEY_meth_encrypt_init;
+  EVP_PKEY_meth_encrypt = function(ctx: PEVP_PKEY_CTX; &out: PByte;
+    outlen: TIdC_SIZET; const &in: PByte): TIdC_INT; cdecl;
+  PEVP_PKEY_meth_encrypt = ^ EVP_PKEY_meth_encrypt;
+  EVP_PKEY_meth_decrypt_init = function(ctx: PEVP_PKEY_CTX): TIdC_INT; cdecl;
+  PEVP_PKEY_meth_decrypt_init = ^EVP_PKEY_meth_decrypt_init;
+  EVP_PKEY_meth_decrypt = function(ctx: PEVP_PKEY_CTX; &out: PByte;
+    outlen: TIdC_SIZET; const &in: PByte; inlen: TIdC_SIZET): TIdC_INT; cdecl;
+  PEVP_PKEY_meth_decrypt = ^EVP_PKEY_meth_decrypt;
+  EVP_PKEY_meth_derive_init = function(ctx: PEVP_PKEY_CTX): TIdC_INT; cdecl;
+  PEVP_PKEY_meth_derive_init = ^EVP_PKEY_meth_derive_init;
+  EVP_PKEY_meth_derive = function(ctx: PEVP_PKEY_CTX; key: PByte; keylen: PIdC_SIZET): TIdC_INT; cdecl;
+  PEVP_PKEY_meth_derive = ^EVP_PKEY_meth_derive;
+  EVP_PKEY_meth_ctrl = function(ctx: PEVP_PKEY_CTX; &type: TIdC_INT; p1: TIdC_INT; p2: Pointer): TIdC_INT; cdecl;
+  PEVP_PKEY_meth_ctrl = ^EVP_PKEY_meth_ctrl;
+  EVP_PKEY_meth_ctrl_str = function(ctx: PEVP_PKEY_CTX; key: PByte; keylen: PIdC_SIZET): TIdC_INT; cdecl;
+  PEVP_PKEY_meth_ctrl_str = ^EVP_PKEY_meth_ctrl_str;
+  EVP_PKEY_meth_digestsign = function(ctx: PEVP_PKEY_CTX; sig: PByte;
+    siglen: PIdC_SIZET; const tbs: PByte; tbslen: TIdC_SIZET): TIdC_INT; cdecl;
+  PEVP_PKEY_meth_digestsign = ^EVP_PKEY_meth_digestsign;
+  EVP_PKEY_meth_digestverify = function(ctx: PEVP_MD_CTX; const sig: PByte;
+    siglen: TIdC_SIZET; const tbs: PByte; tbslen: TIdC_SIZET): TIdC_INT; cdecl;
+  PEVP_PKEY_meth_digestverify = ^EVP_PKEY_meth_digestverify;
+  EVP_PKEY_meth_check = function(pkey: PEVP_PKEY): TIdC_INT; cdecl;
+  PEVP_PKEY_meth_check = ^EVP_PKEY_meth_check;
+  EVP_PKEY_meth_public_check = function(pkey: PEVP_PKEY): TIdC_INT; cdecl;
+  PEVP_PKEY_meth_public_check = ^EVP_PKEY_meth_public_check;
+  EVP_PKEY_meth_param_check = function(pkey: PEVP_PKEY): TIdC_INT; cdecl;
+  PEVP_PKEY_meth_param_check = ^EVP_PKEY_meth_param_check;
+  EVP_PKEY_meth_digest_custom = function(pkey: PEVP_PKEY; mctx: PEVP_MD_CTX): TIdC_INT; cdecl;
+  PEVP_PKEY_meth_digest_custom = ^EVP_PKEY_meth_digest_custom;
+
+  // Password based encryption function
+  EVP_PBE_KEYGEN = function(ctx: PEVP_CIPHER_CTX; const pass: PIdAnsiChar;
+    passlen: TIdC_INT; param: PASN1_TYPE; const cipher: PEVP_CIPHER;
+    const md: PEVP_MD; en_de: TIdC_INT): TIdC_INT; cdecl;
+  PEVP_PBE_KEYGEN = ^EVP_PBE_KEYGEN;
+  PPEVP_PBE_KEYGEN = ^PEVP_PBE_KEYGEN;
+
+{$REGION 'C compiler macros'}
+function EVP_PKEY_assign_RSA(pkey: PEVP_PKEY; rsa: Pointer): TIdC_INT;
+function EVP_PKEY_assign_DSA(pkey: PEVP_PKEY; dsa: Pointer): TIdC_INT;
+function EVP_PKEY_assign_DH(pkey: PEVP_PKEY; dh: Pointer): TIdC_INT;
+function EVP_PKEY_assign_EC_KEY(pkey: PEVP_PKEY; eckey: Pointer): TIdC_INT;
+function EVP_PKEY_assign_SIPHASH(pkey: PEVP_PKEY; shkey: Pointer): TIdC_INT;
+function EVP_PKEY_assign_POLY1305(pkey: PEVP_PKEY; polykey: Pointer): TIdC_INT;
+{$ENDREGION}
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+procedure UnLoad;
+{$ENDREGION}
+
+var
+  EVP_MD_meth_new: function(md_type: TIdC_INT; pkey_type: TIdC_INT): PEVP_MD cdecl = nil;
+  EVP_MD_meth_dup: function(const md: PEVP_MD): PEVP_MD cdecl = nil;
+  EVP_MD_meth_free: procedure(md: PEVP_MD) cdecl = nil;
+
+  EVP_MD_meth_set_input_blocksize: function(md: PEVP_MD; blocksize: TIdC_INT): TIdC_INT cdecl = nil;
+  EVP_MD_meth_set_result_size: function(md: PEVP_MD; resultsize: TIdC_INT): TIdC_INT cdecl = nil;
+  EVP_MD_meth_set_app_datasize: function(md: PEVP_MD; datasize: TIdC_INT): TIdC_INT cdecl = nil;
+  EVP_MD_meth_set_flags: function(md: PEVP_MD; flags: TIdC_ULONG): TIdC_INT cdecl = nil;
+  EVP_MD_meth_set_init: function(md: PEVP_MD; init: EVP_MD_meth_init): TIdC_INT cdecl = nil;
+  EVP_MD_meth_set_update: function(md: PEVP_MD; update: EVP_MD_meth_update): TIdC_INT cdecl = nil;
+  EVP_MD_meth_set_final: function(md: PEVP_MD; &final: EVP_MD_meth_final): TIdC_INT cdecl = nil;
+  EVP_MD_meth_set_copy: function(md: PEVP_MD; copy: EVP_MD_meth_copy): TIdC_INT cdecl = nil;
+  EVP_MD_meth_set_cleanup: function(md: PEVP_MD; cleanup: EVP_MD_meth_cleanup): TIdC_INT cdecl = nil;
+  EVP_MD_meth_set_ctrl: function(md: PEVP_MD; ctrl: EVP_MD_meth_ctrl): TIdC_INT cdecl = nil;
+
+  EVP_MD_meth_get_input_blocksize: function(const md: PEVP_MD): TIdC_INT cdecl = nil;
+  EVP_MD_meth_get_result_size: function(const md: PEVP_MD): TIdC_INT cdecl = nil;
+  EVP_MD_meth_get_app_datasize: function(const md: PEVP_MD): TIdC_INT cdecl = nil;
+  EVP_MD_meth_get_flags: function(const md: PEVP_MD): TIdC_ULONG cdecl = nil;
+  EVP_MD_meth_get_init: function(const md: PEVP_MD): EVP_MD_meth_init cdecl = nil;
+  EVP_MD_meth_get_update: function(const md: PEVP_MD): EVP_MD_meth_update cdecl = nil;
+  EVP_MD_meth_get_final: function(const md: PEVP_MD): EVP_MD_meth_final cdecl = nil;
+  EVP_MD_meth_get_copy: function(const md: PEVP_MD): EVP_MD_meth_copy cdecl = nil;
+  EVP_MD_meth_get_cleanup: function(const md: PEVP_MD): EVP_MD_meth_cleanup cdecl = nil;
+  EVP_MD_meth_get_ctrl: function(const md: PEVP_MD): EVP_MD_meth_ctrl cdecl = nil;
+
+  EVP_CIPHER_meth_new: function(cipher_type: TIdC_INT; block_size: TIdC_INT; key_len: TIdC_INT): PEVP_CIPHER cdecl = nil;
+  EVP_CIPHER_meth_dup: function(const cipher: PEVP_CIPHER): PEVP_CIPHER cdecl = nil;
+  EVP_CIPHER_meth_free: procedure(cipher: PEVP_CIPHER) cdecl = nil;
+
+  EVP_CIPHER_meth_set_iv_length: function(cipher: PEVP_CIPHER; iv_len: TIdC_INT): TIdC_INT cdecl = nil;
+  EVP_CIPHER_meth_set_flags: function(cipher: PEVP_CIPHER; flags: TIdC_ULONG): TIdC_INT cdecl = nil;
+  EVP_CIPHER_meth_set_impl_ctx_size: function(cipher: PEVP_CIPHER; ctx_size: TIdC_INT): TIdC_INT cdecl = nil;
+  EVP_CIPHER_meth_set_init: function(cipher: PEVP_CIPHER; init: EVP_CIPHER_meth_init): TIdC_INT cdecl = nil;
+  EVP_CIPHER_meth_set_do_cipher: function(cipher: PEVP_CIPHER; do_cipher: EVP_CIPHER_meth_do_cipher): TIdC_INT cdecl = nil;
+  EVP_CIPHER_meth_set_cleanup: function(cipher: PEVP_CIPHER; cleanup: EVP_CIPHER_meth_cleanup): TIdC_INT cdecl = nil;
+  EVP_CIPHER_meth_set_set_asn1_params: function(cipher: PEVP_CIPHER; set_asn1_parameters: EVP_CIPHER_meth_set_asn1_params): TIdC_INT cdecl = nil;
+  EVP_CIPHER_meth_set_get_asn1_params: function(cipher: PEVP_CIPHER; get_asn1_parameters: EVP_CIPHER_meth_get_asn1_params): TIdC_INT cdecl = nil;
+  EVP_CIPHER_meth_set_ctrl: function(cipher: PEVP_CIPHER; ctrl: EVP_CIPHER_meth_ctrl): TIdC_INT cdecl = nil;
+  EVP_CIPHER_meth_get_init: function(const cipher: PEVP_CIPHER): EVP_CIPHER_meth_init cdecl = nil;
+  EVP_CIPHER_meth_get_do_cipher: function(const cipher: PEVP_CIPHER): EVP_CIPHER_meth_do_cipher cdecl = nil;
+  EVP_CIPHER_meth_get_cleanup: function(const cipher: PEVP_CIPHER): EVP_CIPHER_meth_cleanup cdecl = nil;
+  EVP_CIPHER_meth_get_set_asn1_params: function(const cipher: PEVP_CIPHER): EVP_CIPHER_meth_set_asn1_params cdecl = nil;
+  EVP_CIPHER_meth_get_get_asn1_params: function(const cipher: PEVP_CIPHER): EVP_CIPHER_meth_get_asn1_params cdecl = nil;
+  EVP_CIPHER_meth_get_ctrl: function(const cipher: PEVP_CIPHER): EVP_CIPHER_meth_ctrl cdecl = nil;
+
+  /// Add some extra combinations ///
+  //# define EVP_get_digestbynid(a) EVP_get_digestbyname(OBJ_nid2sn(a));
+  //# define EVP_get_digestbyobj(a) EVP_get_digestbynid(OBJ_obj2nid(a));
+  //# define EVP_get_cipherbynid(a) EVP_get_cipherbyname(OBJ_nid2sn(a));
+  //# define EVP_get_cipherbyobj(a) EVP_get_cipherbynid(OBJ_obj2nid(a));
+
+  EVP_MD_type: function(const md: PEVP_MD): TIdC_INT cdecl = nil;
+  //# define EVP_MD_nid(e)                   EVP_MD_type(e)
+  //# define EVP_MD_name(e)                  OBJ_nid2sn(EVP_MD_nid(e))
+  EVP_MD_pkey_type: function(const md: PEVP_MD): TIdC_INT cdecl = nil;
+  EVP_MD_size: function(const md: PEVP_MD): TIdC_INT cdecl = nil;
+  EVP_MD_block_size: function(const md: PEVP_MD): TIdC_INT cdecl = nil;
+  EVP_MD_flags: function(const md: PEVP_MD): PIdC_ULONG cdecl = nil;
+
+  EVP_MD_CTX_md: function(ctx: PEVP_MD_CTX): PEVP_MD cdecl = nil;
+  EVP_MD_CTX_update_fn: function(ctx: PEVP_MD_CTX): EVP_MD_CTX_update cdecl = nil;
+  EVP_MD_CTX_set_update_fn: procedure(ctx: PEVP_MD_CTX; update: EVP_MD_CTX_update) cdecl = nil;
+  //  EVP_MD_CTX_size(e)              EVP_MD_size(EVP_MD_CTX_md(e))
+  //  EVP_MD_CTX_block_size(e)        EVP_MD_block_size(EVP_MD_CTX_md(e))
+  //  EVP_MD_CTX_type(e)              EVP_MD_type(EVP_MD_CTX_md(e))
+  EVP_MD_CTX_pkey_ctx: function(const ctx: PEVP_MD_CTX): PEVP_PKEY_CTX cdecl = nil;
+  EVP_MD_CTX_set_pkey_ctx: procedure(ctx: PEVP_MD_CTX; pctx: PEVP_PKEY_CTX) cdecl = nil;
+  EVP_MD_CTX_md_data: function(const ctx: PEVP_MD_CTX): Pointer cdecl = nil;
+
+  EVP_CIPHER_nid: function(const ctx: PEVP_MD_CTX): TIdC_INT cdecl = nil;
+  //# define EVP_CIPHER_name(e)              OBJ_nid2sn(EVP_CIPHER_nid(e))
+  EVP_CIPHER_block_size: function(const cipher: PEVP_CIPHER): TIdC_INT cdecl = nil;
+  EVP_CIPHER_impl_ctx_size: function(const cipher: PEVP_CIPHER): TIdC_INT cdecl = nil;
+  EVP_CIPHER_key_length: function(const cipher: PEVP_CIPHER): TIdC_INT cdecl = nil;
+  EVP_CIPHER_iv_length: function(const cipher: PEVP_CIPHER): TIdC_INT cdecl = nil;
+  EVP_CIPHER_flags: function(const cipher: PEVP_CIPHER): TIdC_ULONG cdecl = nil;
+  //# define EVP_CIPHER_mode(e)              (EVP_CIPHER_flags(e) & EVP_CIPH_MODE)
+
+  EVP_CIPHER_CTX_cipher: function(const ctx: PEVP_CIPHER_CTX): PEVP_CIPHER cdecl = nil;
+  EVP_CIPHER_CTX_encrypting: function(const ctx: PEVP_CIPHER_CTX): TIdC_INT cdecl = nil;
+  EVP_CIPHER_CTX_nid: function(const ctx: PEVP_CIPHER_CTX): TIdC_INT cdecl = nil;
+  EVP_CIPHER_CTX_block_size: function(const ctx: PEVP_CIPHER_CTX): TIdC_INT cdecl = nil;
+  EVP_CIPHER_CTX_key_length: function(const ctx: PEVP_CIPHER_CTX): TIdC_INT cdecl = nil;
+  EVP_CIPHER_CTX_iv_length: function(const ctx: PEVP_CIPHER_CTX): TIdC_INT cdecl = nil;
+  EVP_CIPHER_CTX_iv: function(const ctx: PEVP_CIPHER_CTX): PByte cdecl = nil;
+  EVP_CIPHER_CTX_original_iv: function(const ctx: PEVP_CIPHER_CTX): PByte cdecl = nil;
+  EVP_CIPHER_CTX_iv_noconst: function(ctx: PEVP_CIPHER_CTX): PByte cdecl = nil;
+  EVP_CIPHER_CTX_buf_noconst: function(ctx: PEVP_CIPHER_CTX): PByte cdecl = nil;
+  EVP_CIPHER_CTX_num: function(const ctx: PEVP_CIPHER_CTX): TIdC_INT cdecl = nil;
+  EVP_CIPHER_CTX_set_num: procedure(ctx: PEVP_CIPHER_CTX; num: TIdC_INT) cdecl = nil;
+  EVP_CIPHER_CTX_copy: function(&out: PEVP_CIPHER_CTX; const &in: PEVP_CIPHER_CTX): TIdC_INT cdecl = nil;
+  EVP_CIPHER_CTX_get_app_data: function(const ctx: PEVP_CIPHER_CTX): Pointer cdecl = nil;
+  EVP_CIPHER_CTX_set_app_data: procedure(ctx: PEVP_CIPHER_CTX; data: Pointer) cdecl = nil;
+  EVP_CIPHER_CTX_get_cipher_data: function(const ctx: PEVP_CIPHER_CTX): Pointer cdecl = nil;
+  EVP_CIPHER_CTX_set_cipher_data: function(ctx: PEVP_CIPHER_CTX; cipher_data: Pointer): Pointer cdecl = nil;
+
+  //# define EVP_CIPHER_CTX_type(c)         EVP_CIPHER_type(EVP_CIPHER_CTX_cipher(c))
+  //# if OPENSSL_API_COMPAT < 0x10100000L
+  //#  define EVP_CIPHER_CTX_flags(c)       EVP_CIPHER_flags(EVP_CIPHER_CTX_cipher(c))
+  //# endif
+  //# define EVP_CIPHER_CTX_mode(c)         EVP_CIPHER_mode(EVP_CIPHER_CTX_cipher(c))
+  //
+  //# define EVP_ENCODE_LENGTH(l)    ((((l)+2)/3*4)+((l)/48+1)*2+80)
+  //# define EVP_DECODE_LENGTH(l)    (((l)+3)/4*3+80)
+  //
+  //# define EVP_SignInit_ex(a;b;c)          EVP_DigestInit_ex(a;b;c)
+  //# define EVP_SignInit(a;b)               EVP_DigestInit(a;b)
+  //# define EVP_SignUpdate(a;b;c)           EVP_DigestUpdate(a;b;c)
+  //# define EVP_VerifyInit_ex(a;b;c)        EVP_DigestInit_ex(a;b;c)
+  //# define EVP_VerifyInit(a;b)             EVP_DigestInit(a;b)
+  //# define EVP_VerifyUpdate(a;b;c)         EVP_DigestUpdate(a;b;c)
+  //# define EVP_OpenUpdate(a;b;c;d;e)       EVP_DecryptUpdate(a;b;c;d;e)
+  //# define EVP_SealUpdate(a;b;c;d;e)       EVP_EncryptUpdate(a;b;c;d;e)
+  //# define EVP_DigestSignUpdate(a;b;c)     EVP_DigestUpdate(a;b;c)
+  //# define EVP_DigestVerifyUpdate(a;b;c)   EVP_DigestUpdate(a;b;c)
+
+  BIO_set_md: procedure(v1: PBIO; const md: PEVP_MD) cdecl = nil;
+  //# define BIO_get_md(b;mdp)          BIO_ctrl(b;BIO_C_GET_MD;0;(PIdAnsiChar)(mdp))
+  //# define BIO_get_md_ctx(b;mdcp)     BIO_ctrl(b;BIO_C_GET_MD_CTX;0; (PIdAnsiChar)(mdcp))
+  //# define BIO_set_md_ctx(b;mdcp)     BIO_ctrl(b;BIO_C_SET_MD_CTX;0; (PIdAnsiChar)(mdcp))
+  //# define BIO_get_cipher_status(b)   BIO_ctrl(b;BIO_C_GET_CIPHER_STATUS;0;NULL)
+  //# define BIO_get_cipher_ctx(b;c_pp) BIO_ctrl(b;BIO_C_GET_CIPHER_CTX;0; (PIdAnsiChar)(c_pp))
+
+  //function EVP_Cipher(c: PEVP_CIPHER_CTX; &out: PByte; const &in: PByte; in1: TIdC_UINT): TIdC_INT;
+
+  //# define EVP_add_cipher_alias(n;alias) OBJ_NAME_add((alias);OBJ_NAME_TYPE_CIPHER_METH|OBJ_NAME_ALIAS;(n))
+  //# define EVP_add_digest_alias(n;alias) OBJ_NAME_add((alias);OBJ_NAME_TYPE_MD_METH|OBJ_NAME_ALIAS;(n))
+  //# define EVP_delete_cipher_alias(alias) OBJ_NAME_remove(alias;OBJ_NAME_TYPE_CIPHER_METH|OBJ_NAME_ALIAS);
+  //# define EVP_delete_digest_alias(alias) OBJ_NAME_remove(alias;OBJ_NAME_TYPE_MD_METH|OBJ_NAME_ALIAS);
+
+  EVP_MD_CTX_ctrl: function(ctx: PEVP_MD_CTX; cmd: TIdC_INT; p1: TIdC_INT; p2: Pointer): TIdC_INT cdecl = nil;
+  EVP_MD_CTX_new: function: PEVP_MD_CTX cdecl = nil;
+  EVP_MD_CTX_reset: function(ctx: PEVP_MD_CTX): TIdC_INT cdecl = nil;
+  EVP_MD_CTX_free: procedure(ctx: PEVP_MD_CTX) cdecl = nil;
+  //# define EVP_MD_CTX_create()     EVP_MD_CTX_new()
+  //# define EVP_MD_CTX_init(ctx)    EVP_MD_CTX_reset((ctx))
+  //# define EVP_MD_CTX_destroy(ctx) EVP_MD_CTX_free((ctx))
+  EVP_MD_CTX_copy_ex: function(&out: PEVP_MD_CTX; const &in: PEVP_MD_CTX): TIdC_INT cdecl = nil;
+  EVP_MD_CTX_set_flags: procedure(ctx: PEVP_MD_CTX; flags: TIdC_INT) cdecl = nil;
+  EVP_MD_CTX_clear_flags: procedure(ctx: PEVP_MD_CTX; flags: TIdC_INT) cdecl = nil;
+  EVP_MD_CTX_test_flags: function(const ctx: PEVP_MD_CTX; flags: TIdC_INT): TIdC_INT cdecl = nil;
+  EVP_DigestInit_ex: function(ctx: PEVP_MD_CTX; const &type: PEVP_MD; impl: PENGINE): TIdC_INT cdecl = nil;
+  EVP_DigestUpdate: function(ctx: PEVP_MD_CTX; const d: Pointer; cnt: TIdC_SIZET): TIdC_INT cdecl = nil;
+  EVP_DigestFinal_ex: function(ctx: PEVP_MD_CTX; md: PByte; s: PIdC_UINT): TIdC_INT cdecl = nil;
+  EVP_Digest: function(const data: Pointer; count: TIdC_SIZET; md: PByte; size: PIdC_UINT; const &type: PEVP_MD; impl: PENGINE): TIdC_INT cdecl = nil;
+
+  EVP_MD_CTX_copy: function(&out: PEVP_MD_CTX; const &in: PEVP_MD_CTX): TIdC_INT cdecl = nil;
+  EVP_DigestInit: function(ctx: PEVP_MD_CTX; const &type: PEVP_MD): TIdC_INT cdecl = nil;
+  EVP_DigestFinal: function(ctx: PEVP_MD_CTX; md: PByte; s: PIdC_UINT): TIdC_INT cdecl = nil;
+  EVP_DigestFinalXOF: function(ctx: PEVP_MD_CTX; md: PByte; len: TIdC_SIZET): TIdC_INT cdecl = nil;
+
+  EVP_read_pw_string: function(buf: PIdAnsiChar; length: TIdC_INT; const prompt: PIdAnsiChar; verify: TIdC_INT): TIdC_INT cdecl = nil;
+  EVP_read_pw_string_min: function(buf: PIdAnsiChar; minlen: TIdC_INT; maxlen: TIdC_INT; const prompt: PIdAnsiChar; verify: TIdC_INT): TIdC_INT cdecl = nil;
+  EVP_set_pw_prompt: procedure(const prompt: PIdAnsiChar) cdecl = nil;
+  EVP_get_pw_prompt: function: PIdAnsiChar cdecl = nil;
+  EVP_BytesToKey: function(const &type: PEVP_CIPHER; const md: PEVP_MD; const salt: PByte; const data: PByte; data1: TIdC_INT; count: TIdC_INT; key: PByte; iv: PByte): TIdC_INT cdecl = nil;
+
+  EVP_CIPHER_CTX_set_flags: procedure(ctx: PEVP_CIPHER_CTX; flags: TIdC_INT) cdecl = nil;
+  EVP_CIPHER_CTX_clear_flags: procedure(ctx: PEVP_CIPHER_CTX; flags: TIdC_INT) cdecl = nil;
+  EVP_CIPHER_CTX_test_flags: function(const ctx: PEVP_CIPHER_CTX; flags: TIdC_INT): TIdC_INT cdecl = nil;
+
+  EVP_EncryptInit: function(ctx: PEVP_CIPHER_CTX; const cipher: PEVP_CIPHER; const key: PByte; const iv: PByte): TIdC_INT cdecl = nil;
+  EVP_EncryptInit_ex: function(ctx: PEVP_CIPHER_CTX; const cipher: PEVP_CIPHER; impl: PENGINE; const key: PByte; const iv: PByte): TIdC_INT cdecl = nil;
+  EVP_EncryptUpdate: function(ctx: PEVP_CIPHER_CTX; &out: PByte; out1: PIdC_INT; const &in: PByte; &in1: TIdC_INT): TIdC_INT cdecl = nil;
+  EVP_EncryptFinal_ex: function(ctx: PEVP_CIPHER_CTX; &out: PByte; out1: PIdC_INT): TIdC_INT cdecl = nil;
+  EVP_EncryptFinal: function(ctx: PEVP_CIPHER_CTX; &out: PByte; out1: PIdC_INT): TIdC_INT cdecl = nil;
+
+  EVP_DecryptInit: function(ctx: PEVP_CIPHER_CTX; &out: PByte; out1: PidC_INT): TIdC_INT cdecl = nil;
+  EVP_DecryptInit_ex: function(ctx: PEVP_CIPHER_CTX; const cipher: PEVP_CIPHER; impl: PENGINE; const key: PByte; const iv: PByte): TIdC_INT cdecl = nil;
+  EVP_DecryptUpdate: function(ctx: PEVP_CIPHER_CTX; &out: PByte; out1: PIdC_INT; const &in: PByte; &in1: TIdC_INT): TIdC_INT cdecl = nil;
+  EVP_DecryptFinal: function(ctx: PEVP_CIPHER_CTX; outm: PByte; out1: PIdC_INT): TIdC_INT cdecl = nil;
+  EVP_DecryptFinal_ex: function(ctx: PEVP_MD_CTX; outm: PByte; out1: PIdC_INT): TIdC_INT cdecl = nil;
+
+  EVP_CipherInit: function(ctx: PEVP_CIPHER_CTX; const cipher: PEVP_CIPHER; const key: PByte; const iv: PByte; enc: TIdC_INT): TIdC_INT cdecl = nil;
+  EVP_CipherInit_ex: function(ctx: PEVP_CIPHER_CTX; const cipher: PEVP_CIPHER; impl: PENGINE; const key: PByte; const iv: PByte; enc: TidC_INT): TIdC_INT cdecl = nil;
+  EVP_CipherUpdate: function(ctx: PEVP_CIPHER_CTX; &out: PByte; out1: PIdC_INT; const &in: PByte; in1: TIdC_INT): TIdC_INT cdecl = nil;
+  EVP_CipherFinal: function(ctx: PEVP_CIPHER_CTX; outm: PByte; out1: PIdC_INT): TIdC_INT cdecl = nil;
+  EVP_CipherFinal_ex: function(ctx: PEVP_CIPHER_CTX; outm: PByte; out1: PIdC_INT): TIdC_INT cdecl = nil;
+
+  EVP_SignFinal: function(ctx: PEVP_CIPHER_CTX; md: PByte; s: PIdC_UINT; pkey: PEVP_PKEY): TIdC_INT cdecl = nil;
+
+  EVP_DigestSign: function(ctx: PEVP_CIPHER_CTX; sigret: PByte; siglen: PIdC_SIZET; const tbs: PByte; tbslen: TIdC_SIZET): TIdC_INT cdecl = nil;
+
+  EVP_VerifyFinal: function(ctx: PEVP_MD_CTX; const sigbuf: PByte; siglen: TIdC_UINT; pkey: PEVP_PKEY): TIdC_INT cdecl = nil;
+
+  EVP_DigestVerify: function(ctx: PEVP_CIPHER_CTX; const sigret: PByte; siglen: TIdC_SIZET; const tbs: PByte; tbslen: TIdC_SIZET): TIdC_INT cdecl = nil;
+
+  EVP_DigestSignInit: function(ctx: PEVP_CIPHER_CTX; pctx: PPEVP_PKEY_CTX; const &type: PEVP_MD; e: PENGINE; pkey: PEVP_PKEY): TIdC_INT cdecl = nil;
+  EVP_DigestSignFinal: function(ctx: PEVP_CIPHER_CTX; sigret: PByte; siglen: PIdC_SIZET): TIdC_INT cdecl = nil;
+
+  EVP_DigestVerifyInit: function(ctx: PEVP_MD_CTX; ppctx: PPEVP_PKEY_CTX; const &type: PEVP_MD; e: PENGINE; pkey: PEVP_PKEY): TIdC_INT cdecl = nil;
+  EVP_DigestVerifyFinal: function(ctx: PEVP_MD_CTX; const sig: PByte; siglen: TIdC_SIZET): TIdC_INT cdecl = nil;
+
+  EVP_OpenInit: function(ctx: PEVP_CIPHER_CTX; const &type: PEVP_CIPHER; const ek: PByte; ek1: TIdC_INT; const iv: PByte; priv: PEVP_PKEY): TIdC_INT cdecl = nil;
+  EVP_OpenFinal: function(ctx: PEVP_CIPHER_CTX; &out: PByte; out1: PIdC_INT): TIdC_INT cdecl = nil;
+
+  EVP_SealInit: function(ctx: PEVP_CIPHER_CTX; const &type: EVP_CIPHER; ek: PPByte; ek1: PIdC_INT; iv: PByte; pubk: PPEVP_PKEY; npubk: TIdC_INT): TIdC_INT cdecl = nil;
+  EVP_SealFinal: function(ctx: PEVP_CIPHER_CTX; &out: PByte; out1: PIdC_INT): TIdC_INT cdecl = nil;
+
+  EVP_ENCODE_CTX_new: function: PEVP_ENCODE_CTX cdecl = nil;
+  EVP_ENCODE_CTX_free: procedure(ctx: PEVP_ENCODE_CTX) cdecl = nil;
+  EVP_ENCODE_CTX_copy: function(dctx: PEVP_ENCODE_CTX; sctx: PEVP_ENCODE_CTX): TIdC_INT cdecl = nil;
+  EVP_ENCODE_CTX_num: function(ctx: PEVP_ENCODE_CTX): TIdC_INT cdecl = nil;
+  EVP_EncodeInit: procedure(ctx: PEVP_ENCODE_CTX) cdecl = nil;
+  EVP_EncodeUpdate: function(ctx: PEVP_ENCODE_CTX; &out: PByte; out1: PIdC_INT; const &in: PByte; in1: TIdC_INT): TIdC_INT cdecl = nil;
+  EVP_EncodeFinal: procedure(ctx: PEVP_ENCODE_CTX; &out: PByte; out1: PIdC_INT) cdecl = nil;
+  EVP_EncodeBlock: function(t: PByte; const f: PByte; n: TIdC_INT): TIdC_INT cdecl = nil;
+
+  EVP_DecodeInit: procedure(ctx: PEVP_ENCODE_CTX) cdecl = nil;
+  EVP_DecodeUpdate: function(ctx: PEVP_ENCODE_CTX; &out: PByte; out1: PIdC_INT; const &in: PByte; in1: TIdC_INT): TIdC_INT cdecl = nil;
+  EVP_DecodeFinal: function(ctx: PEVP_ENCODE_CTX; &out: PByte; out1: PIdC_INT): TIdC_INT cdecl = nil;
+  EVP_DecodeBlock: function(t: PByte; const f: PByte; n: TIdC_INT): TIdC_INT cdecl = nil;
+
+  EVP_CIPHER_CTX_new: function: PEVP_CIPHER_CTX cdecl = nil;
+  EVP_CIPHER_CTX_reset: function(c: PEVP_CIPHER_CTX): TIdC_INT cdecl = nil;
+  EVP_CIPHER_CTX_free: procedure(c: PEVP_CIPHER_CTX) cdecl = nil;
+  EVP_CIPHER_CTX_set_key_length: function(x: PEVP_CIPHER_CTX; keylen: TIdC_INT): TIdC_INT cdecl = nil;
+  EVP_CIPHER_CTX_set_padding: function(c: PEVP_CIPHER_CTX; pad: TIdC_INT): TIdC_INT cdecl = nil;
+  EVP_CIPHER_CTX_ctrl: function(ctx: PEVP_CIPHER_CTX; &type: TIdC_INT; arg: TIdC_INT; ptr: Pointer): TIdC_INT cdecl = nil;
+  EVP_CIPHER_CTX_rand_key: function(ctx: PEVP_CIPHER_CTX; key: PByte): TIdC_INT cdecl = nil;
+
+  BIO_f_md: function: PBIO_METHOD cdecl = nil;
+  BIO_f_base64: function: PBIO_METHOD cdecl = nil;
+  BIO_f_cipher: function: PBIO_METHOD cdecl = nil;
+  BIO_f_reliable: function: PBIO_METHOD cdecl = nil;
+  BIO_set_cipher: function(b: PBIO; c: PEVP_CIPHER; const k: PByte; const i: PByte; enc: TIdC_INT): TIdC_INT cdecl = nil;
+
+  EVP_md_null: function: PEVP_MD cdecl = nil;
+
+  EVP_md5: function: PEVP_MD cdecl = nil;
+  EVP_md5_sha1: function: PEVP_MD cdecl = nil;
+
+  EVP_sha1: function: PEVP_MD cdecl = nil;
+  EVP_sha224: function: PEVP_MD cdecl = nil;
+  EVP_sha256: function: PEVP_MD cdecl = nil;
+  EVP_sha384: function: PEVP_MD cdecl = nil;
+  EVP_sha512: function: PEVP_MD cdecl = nil;
+  EVP_sha512_224: function: PEVP_MD cdecl = nil;
+  EVP_sha512_256: function: PEVP_MD cdecl = nil;
+  EVP_sha3_224: function: PEVP_MD cdecl = nil;
+  EVP_sha3_256: function: PEVP_MD cdecl = nil;
+  EVP_sha3_384: function: PEVP_MD cdecl = nil;
+  EVP_sha3_512: function: PEVP_MD cdecl = nil;
+  EVP_shake128: function: PEVP_MD cdecl = nil;
+  EVP_shake256: function: PEVP_MD cdecl = nil;
+
+  (* does nothing :-) *)
+  EVP_enc_null: function: PEVP_CIPHER cdecl = nil;
+
+  EVP_des_ecb: function: PEVP_CIPHER cdecl = nil;
+  EVP_des_ede: function: PEVP_CIPHER cdecl = nil;
+  EVP_des_ede3: function: PEVP_CIPHER cdecl = nil;
+  EVP_des_ede_ecb: function: PEVP_CIPHER cdecl = nil;
+  EVP_des_ede3_ecb: function: PEVP_CIPHER cdecl = nil;
+  EVP_des_cfb64: function: PEVP_CIPHER cdecl = nil;
+  //EVP_des_cfb EVP_des_cfb64
+  EVP_des_cfb1: function: PEVP_CIPHER cdecl = nil;
+  EVP_des_cfb8: function: PEVP_CIPHER cdecl = nil;
+  EVP_des_ede_cfb64: function: PEVP_CIPHER cdecl = nil;
+  EVP_des_ede3_cfb64: function: PEVP_CIPHER cdecl = nil;
+  //EVP_des_ede3_cfb EVP_des_ede3_cfb64
+  EVP_des_ede3_cfb1: function: PEVP_CIPHER cdecl = nil;
+  EVP_des_ede3_cfb8: function: PEVP_CIPHER cdecl = nil;
+  EVP_des_ofb: function: PEVP_CIPHER cdecl = nil;
+  EVP_des_ede_ofb: function: PEVP_CIPHER cdecl = nil;
+  EVP_des_ede3_ofb: function: PEVP_CIPHER cdecl = nil;
+  EVP_des_cbc: function: PEVP_CIPHER cdecl = nil;
+  EVP_des_ede_cbc: function: PEVP_CIPHER cdecl = nil;
+  EVP_des_ede3_cbc: function: PEVP_CIPHER cdecl = nil;
+  EVP_desx_cbc: function: PEVP_CIPHER cdecl = nil;
+  EVP_des_ede3_wrap: function: PEVP_CIPHER cdecl = nil;
+  //
+  // This should now be supported through the dev_crypto ENGINE. But also, why
+  // are rc4 and md5 declarations made here inside a "NO_DES" precompiler
+  // branch?
+  //
+  EVP_rc4: function: PEVP_CIPHER cdecl = nil;
+  EVP_rc4_40: function: PEVP_CIPHER cdecl = nil;
+  EVP_idea_ecb: function: PEVP_CIPHER cdecl = nil;
+  EVP_idea_cfb64: function: PEVP_CIPHER cdecl = nil;
+  //EVP_idea_cfb EVP_idea_cfb64
+  EVP_idea_ofb: function: PEVP_CIPHER cdecl = nil;
+  EVP_idea_cbc: function: PEVP_CIPHER cdecl = nil;
+  EVP_rc2_ecb: function: PEVP_CIPHER cdecl = nil;
+  EVP_rc2_cbc: function: PEVP_CIPHER cdecl = nil;
+  EVP_rc2_40_cbc: function: PEVP_CIPHER cdecl = nil;
+  EVP_rc2_64_cbc: function: PEVP_CIPHER cdecl = nil;
+  EVP_rc2_cfb64: function: PEVP_CIPHER cdecl = nil;
+  //EVP_rc2_cfb EVP_rc2_cfb64
+  EVP_rc2_ofb: function: PEVP_CIPHER cdecl = nil;
+  EVP_bf_ecb: function: PEVP_CIPHER cdecl = nil;
+  EVP_bf_cbc: function: PEVP_CIPHER cdecl = nil;
+  EVP_bf_cfb64: function: PEVP_CIPHER cdecl = nil;
+  //EVP_bf_cfb EVP_bf_cfb64
+  EVP_bf_ofb: function: PEVP_CIPHER cdecl = nil;
+  EVP_cast5_ecb: function: PEVP_CIPHER cdecl = nil;
+  EVP_cast5_cbc: function: PEVP_CIPHER cdecl = nil;
+  EVP_cast5_cfb64: function: PEVP_CIPHER cdecl = nil;
+  //EVP_cast5_cfb EVP_cast5_cfb64
+  EVP_cast5_ofb: function: PEVP_CIPHER cdecl = nil;
+  EVP_rc5_32_12_16_cbc: function: PEVP_CIPHER cdecl = nil;
+  EVP_rc5_32_12_16_ecb: function: PEVP_CIPHER cdecl = nil;
+  EVP_rc5_32_12_16_cfb64: function: PEVP_CIPHER cdecl = nil;
+  //EVP_rc5_32_12_16_cfb EVP_rc5_32_12_16_cfb64
+  EVP_rc5_32_12_16_ofb: function: PEVP_CIPHER cdecl = nil;
+
+  EVP_aes_128_ecb: function: PEVP_CIPHER cdecl = nil;
+  EVP_aes_128_cbc: function: PEVP_CIPHER cdecl = nil;
+  EVP_aes_128_cfb1: function: PEVP_CIPHER cdecl = nil;
+  EVP_aes_128_cfb8: function: PEVP_CIPHER cdecl = nil;
+  EVP_aes_128_cfb128: function: PEVP_CIPHER cdecl = nil;
+  //EVP_aes_128_cfb EVP_aes_128_cfb128
+  EVP_aes_128_ofb: function: PEVP_CIPHER cdecl = nil;
+  EVP_aes_128_ctr: function: PEVP_CIPHER cdecl = nil;
+  EVP_aes_128_ccm: function: PEVP_CIPHER cdecl = nil;
+  EVP_aes_128_gcm: function: PEVP_CIPHER cdecl = nil;
+  EVP_aes_128_xts: function: PEVP_CIPHER cdecl = nil;
+  EVP_aes_128_wrap: function: PEVP_CIPHER cdecl = nil;
+  EVP_aes_128_wrap_pad: function: PEVP_CIPHER cdecl = nil;
+  EVP_aes_128_ocb: function: PEVP_CIPHER cdecl = nil;
+  EVP_aes_192_ecb: function: PEVP_CIPHER cdecl = nil;
+  EVP_aes_192_cbc: function: PEVP_CIPHER cdecl = nil;
+  EVP_aes_192_cfb1: function: PEVP_CIPHER cdecl = nil;
+  EVP_aes_192_cfb8: function: PEVP_CIPHER cdecl = nil;
+  EVP_aes_192_cfb128: function: PEVP_CIPHER cdecl = nil;
+  //EVP_aes_192_cfb EVP_aes_192_cfb128
+  EVP_aes_192_ofb: function: PEVP_CIPHER cdecl = nil;
+  EVP_aes_192_ctr: function: PEVP_CIPHER cdecl = nil;
+  EVP_aes_192_ccm: function: PEVP_CIPHER cdecl = nil;
+  EVP_aes_192_gcm: function: PEVP_CIPHER cdecl = nil;
+  EVP_aes_192_wrap: function: PEVP_CIPHER cdecl = nil;
+  EVP_aes_192_wrap_pad: function: PEVP_CIPHER cdecl = nil;
+  EVP_aes_192_ocb: function: PEVP_CIPHER cdecl = nil;
+  EVP_aes_256_ecb: function: PEVP_CIPHER cdecl = nil;
+  EVP_aes_256_cbc: function: PEVP_CIPHER cdecl = nil;
+  EVP_aes_256_cfb1: function: PEVP_CIPHER cdecl = nil;
+  EVP_aes_256_cfb8: function: PEVP_CIPHER cdecl = nil;
+  EVP_aes_256_cfb128: function: PEVP_CIPHER cdecl = nil;
+  //EVP_aes_256_cfb EVP_aes_256_cfb128
+  EVP_aes_256_ofb: function: PEVP_CIPHER cdecl = nil;
+  EVP_aes_256_ctr: function: PEVP_CIPHER cdecl = nil;
+  EVP_aes_256_ccm: function: PEVP_CIPHER cdecl = nil;
+  EVP_aes_256_gcm: function: PEVP_CIPHER cdecl = nil;
+  EVP_aes_256_xts: function: PEVP_CIPHER cdecl = nil;
+  EVP_aes_256_wrap: function: PEVP_CIPHER cdecl = nil;
+  EVP_aes_256_wrap_pad: function: PEVP_CIPHER cdecl = nil;
+  EVP_aes_256_ocb: function: PEVP_CIPHER cdecl = nil;
+  EVP_aes_128_cbc_hmac_sha1: function: PEVP_CIPHER cdecl = nil;
+  EVP_aes_256_cbc_hmac_sha1: function: PEVP_CIPHER cdecl = nil;
+  EVP_aes_128_cbc_hmac_sha256: function: PEVP_CIPHER cdecl = nil;
+  EVP_aes_256_cbc_hmac_sha256: function: PEVP_CIPHER cdecl = nil;
+
+  EVP_aria_128_ecb: function: PEVP_CIPHER cdecl = nil;
+  EVP_aria_128_cbc: function: PEVP_CIPHER cdecl = nil;
+  EVP_aria_128_cfb1: function: PEVP_CIPHER cdecl = nil;
+  EVP_aria_128_cfb8: function: PEVP_CIPHER cdecl = nil;
+  EVP_aria_128_cfb128: function: PEVP_CIPHER cdecl = nil;
+  EVP_aria_128_ctr: function: PEVP_CIPHER cdecl = nil;
+  EVP_aria_128_ofb: function: PEVP_CIPHER cdecl = nil;
+  EVP_aria_128_gcm: function: PEVP_CIPHER cdecl = nil;
+  EVP_aria_128_ccm: function: PEVP_CIPHER cdecl = nil;
+  EVP_aria_192_ecb: function: PEVP_CIPHER cdecl = nil;
+  EVP_aria_192_cbc: function: PEVP_CIPHER cdecl = nil;
+  EVP_aria_192_cfb1: function: PEVP_CIPHER cdecl = nil;
+  EVP_aria_192_cfb8: function: PEVP_CIPHER cdecl = nil;
+  EVP_aria_192_cfb128: function: PEVP_CIPHER cdecl = nil;
+  //EVP_aria_192_cfb EVP_aria_192_cfb128
+  EVP_aria_192_ctr: function: PEVP_CIPHER cdecl = nil;
+  EVP_aria_192_ofb: function: PEVP_CIPHER cdecl = nil;
+  EVP_aria_192_gcm: function: PEVP_CIPHER cdecl = nil;
+  EVP_aria_192_ccm: function: PEVP_CIPHER cdecl = nil;
+  EVP_aria_256_ecb: function: PEVP_CIPHER cdecl = nil;
+  EVP_aria_256_cbc: function: PEVP_CIPHER cdecl = nil;
+  EVP_aria_256_cfb1: function: PEVP_CIPHER cdecl = nil;
+  EVP_aria_256_cfb8: function: PEVP_CIPHER cdecl = nil;
+  EVP_aria_256_cfb128: function: PEVP_CIPHER cdecl = nil;
+  //EVP_aria_256_cfb EVP_aria_256_cfb128
+  EVP_aria_256_ctr: function: PEVP_CIPHER cdecl = nil;
+  EVP_aria_256_ofb: function: PEVP_CIPHER cdecl = nil;
+  EVP_aria_256_gcm: function: PEVP_CIPHER cdecl = nil;
+  EVP_aria_256_ccm: function: PEVP_CIPHER cdecl = nil;
+
+  EVP_camellia_128_ecb: function: PEVP_CIPHER cdecl = nil;
+  EVP_camellia_128_cbc: function: PEVP_CIPHER cdecl = nil;
+  EVP_camellia_128_cfb1: function: PEVP_CIPHER cdecl = nil;
+  EVP_camellia_128_cfb8: function: PEVP_CIPHER cdecl = nil;
+  EVP_camellia_128_cfb128: function: PEVP_CIPHER cdecl = nil;
+  //EVP_camellia_128_cfb EVP_camellia_128_cfb128
+  EVP_camellia_128_ofb: function: PEVP_CIPHER cdecl = nil;
+  EVP_camellia_128_ctr: function: PEVP_CIPHER cdecl = nil;
+  EVP_camellia_192_ecb: function: PEVP_CIPHER cdecl = nil;
+  EVP_camellia_192_cbc: function: PEVP_CIPHER cdecl = nil;
+  EVP_camellia_192_cfb1: function: PEVP_CIPHER cdecl = nil;
+  EVP_camellia_192_cfb8: function: PEVP_CIPHER cdecl = nil;
+  EVP_camellia_192_cfb128: function: PEVP_CIPHER cdecl = nil;
+  //EVP_camellia_192_cfb EVP_camellia_192_cfb128
+  EVP_camellia_192_ofb: function: PEVP_CIPHER cdecl = nil;
+  EVP_camellia_192_ctr: function: PEVP_CIPHER cdecl = nil;
+  EVP_camellia_256_ecb: function: PEVP_CIPHER cdecl = nil;
+  EVP_camellia_256_cbc: function: PEVP_CIPHER cdecl = nil;
+  EVP_camellia_256_cfb1: function: PEVP_CIPHER cdecl = nil;
+  EVP_camellia_256_cfb8: function: PEVP_CIPHER cdecl = nil;
+  EVP_camellia_256_cfb128: function: PEVP_CIPHER cdecl = nil;
+  //EVP_camellia_256_cfb EVP_camellia_256_cfb128
+  EVP_camellia_256_ofb: function: PEVP_CIPHER cdecl = nil;
+  EVP_camellia_256_ctr: function: PEVP_CIPHER cdecl = nil;
+
+  EVP_chacha20: function: PEVP_CIPHER cdecl = nil;
+  EVP_chacha20_poly1305: function: PEVP_CIPHER cdecl = nil;
+
+  EVP_seed_ecb: function: PEVP_CIPHER cdecl = nil;
+  EVP_seed_cbc: function: PEVP_CIPHER cdecl = nil;
+  EVP_seed_cfb128: function: PEVP_CIPHER cdecl = nil;
+  //EVP_seed_cfb EVP_seed_cfb128
+  EVP_seed_ofb: function: PEVP_CIPHER cdecl = nil;
+
+  EVP_sm4_ecb: function: PEVP_CIPHER cdecl = nil;
+  EVP_sm4_cbc: function: PEVP_CIPHER cdecl = nil;
+  EVP_sm4_cfb128: function: PEVP_CIPHER cdecl = nil;
+  //EVP_sm4_cfb EVP_sm4_cfb128
+  EVP_sm4_ofb: function: PEVP_CIPHER cdecl = nil;
+  EVP_sm4_ctr: function: PEVP_CIPHER cdecl = nil;
+
+  EVP_add_cipher: function(const cipher: PEVP_CIPHER): TIdC_INT cdecl = nil;
+  EVP_add_digest: function(const digest: PEVP_MD): TIdC_INT cdecl = nil;
+
+  EVP_get_cipherbyname: function(const name: PIdAnsiChar): PEVP_CIPHER cdecl = nil;
+  EVP_get_digestbyname: function(const name: PIdAnsiChar): PEVP_MD cdecl = nil;
+
+  EVP_CIPHER_do_all: procedure(AFn: fn; arg: Pointer) cdecl = nil;
+  EVP_CIPHER_do_all_sorted: procedure(AFn: fn; arg: Pointer) cdecl = nil;
+
+  EVP_MD_do_all: procedure(AFn: fn; arg: Pointer) cdecl = nil;
+  EVP_MD_do_all_sorted: procedure(AFn: fn; arg: Pointer) cdecl = nil;
+
+  EVP_PKEY_decrypt_old: function(dec_key: PByte; const enc_key: PByte; enc_key_len: TIdC_INT; private_key: PEVP_PKEY): TIdC_INT cdecl = nil;
+  EVP_PKEY_encrypt_old: function(dec_key: PByte; const enc_key: PByte; key_len: TIdC_INT; pub_key: PEVP_PKEY): TIdC_INT cdecl = nil;
+  EVP_PKEY_type: function(&type: TIdC_INT): TIdC_INT cdecl = nil;
+  EVP_PKEY_id: function(const pkey: PEVP_PKEY): TIdC_INT cdecl = nil;
+  EVP_PKEY_base_id: function(const pkey: PEVP_PKEY): TIdC_INT cdecl = nil;
+  EVP_PKEY_bits: function(const pkey: PEVP_PKEY): TIdC_INT cdecl = nil;
+  EVP_PKEY_security_bits: function(const pkey: PEVP_PKEY): TIdC_INT cdecl = nil;
+  EVP_PKEY_size: function(const pkey: PEVP_PKEY): TIdC_INT cdecl = nil;
+  EVP_PKEY_set_type: function(pkey: PEVP_PKEY): TIdC_INT cdecl = nil;
+  EVP_PKEY_set_type_str: function(pkey: PEVP_PKEY; const str: PIdAnsiChar; len: TIdC_INT): TIdC_INT cdecl = nil;
+  EVP_PKEY_set_alias_type: function(pkey: PEVP_PKEY; &type: TIdC_INT): TIdC_INT cdecl = nil;
+
+  EVP_PKEY_set1_engine: function(pkey: PEVP_PKEY; e: PENGINE): TIdC_INT cdecl = nil;
+  EVP_PKEY_get0_engine: function(const pkey: PEVP_PKEY): PENGINE cdecl = nil;
+
+  EVP_PKEY_assign: function(pkey: PEVP_PKEY; &type: TIdC_INT; key: Pointer): TIdC_INT cdecl = nil;
+  EVP_PKEY_get0: function(const pkey: PEVP_PKEY): Pointer cdecl = nil;
+  EVP_PKEY_get0_hmac: function(const pkey: PEVP_PKEY; len: PIdC_SIZET): PByte cdecl = nil;
+  EVP_PKEY_get0_poly1305: function(const pkey: PEVP_PKEY; len: PIdC_SIZET): PByte cdecl = nil;
+  EVP_PKEY_get0_siphash: function(const pkey: PEVP_PKEY; len: PIdC_SIZET): PByte cdecl = nil;
+
+  EVP_PKEY_set1_RSA: function(pkey: PEVP_PKEY): TIdC_INT cdecl = nil;
+  EVP_PKEY_get0_RSA: function(pkey: PEVP_PKEY): Prsa_st cdecl = nil;
+  EVP_PKEY_get1_RSA: function(pkey: PEVP_PKEY): Prsa_st cdecl = nil;
+
+  EVP_PKEY_set1_DSA: function(pkey: PEVP_PKEY): TIdC_INT cdecl = nil;
+  EVP_PKEY_get0_DSA: function(pkey: PEVP_PKEY): Pdsa_st cdecl = nil;
+  EVP_PKEY_get1_DSA: function(pkey: PEVP_PKEY): Pdsa_st cdecl = nil;
+
+  EVP_PKEY_set1_DH: function(pkey: PEVP_PKEY; key: Pdh_st): TIdC_INT cdecl = nil;
+  EVP_PKEY_get0_DH: function(pkey: PEVP_PKEY): Pdh_st cdecl = nil;
+  EVP_PKEY_get1_DH: function(pkey: PEVP_PKEY): Pdh_st cdecl = nil;
+
+  EVP_PKEY_set1_EC_KEY: function(pkey: PEVP_PKEY; key: Pec_key_st): TIdC_INT cdecl = nil;
+  EVP_PKEY_get0_EC_KEY: function(pkey: PEVP_PKEY): Pec_key_st cdecl = nil;
+  EVP_PKEY_get1_EC_KEY: function(pkey: PEVP_PKEY): Pec_key_st cdecl = nil;
+
+  EVP_PKEY_new: function: PEVP_PKEY cdecl = nil;
+  EVP_PKEY_up_ref: function(pkey: PEVP_PKEY): TIdC_INT cdecl = nil;
+  EVP_PKEY_free: procedure(pkey: PEVP_PKEY) cdecl = nil;
+
+  d2i_PublicKey: function(&type: TIdC_INT; a: PPEVP_PKEY; const pp: PPByte; length: TIdC_LONG): PEVP_PKEY cdecl = nil;
+  i2d_PublicKey: function(a: PEVP_PKEY; pp: PPByte): TIdC_INT cdecl = nil;
+
+  d2i_PrivateKey: function(&type: TIdC_INT; a: PEVP_PKEY; const pp: PPByte; length: TIdC_LONG): PEVP_PKEY cdecl = nil;
+  d2i_AutoPrivateKey: function(a: PPEVP_PKEY; const pp: PPByte; length: TIdC_LONG): PEVP_PKEY cdecl = nil;
+  i2d_PrivateKey: function(a: PEVP_PKEY; pp: PPByte): TIdC_INT cdecl = nil;
+
+  EVP_PKEY_copy_parameters: function(&to: PEVP_PKEY; const from: PEVP_PKEY): TIdC_INT cdecl = nil;
+  EVP_PKEY_missing_parameters: function(const pkey: PEVP_PKEY): TIdC_INT cdecl = nil;
+  EVP_PKEY_save_parameters: function(pkey: PEVP_PKEY; mode: TIdC_INT): TIdC_INT cdecl = nil;
+  EVP_PKEY_cmp_parameters: function(const a: PEVP_PKEY; const b: PEVP_PKEY): TIdC_INT cdecl = nil;
+
+  EVP_PKEY_cmp: function(const a: PEVP_PKEY; const b: PEVP_PKEY): TIdC_INT cdecl = nil;
+
+  EVP_PKEY_print_public: function(&out: PBIO; const pkey: PEVP_PKEY; indent: TIdC_INT; pctx: PASN1_PCTX): TIdC_INT cdecl = nil;
+  EVP_PKEY_print_private: function(&out: PBIO; const pkey: PEVP_PKEY; indent: TIdC_INT; pctx: PASN1_PCTX): TIdC_INT cdecl = nil;
+  EVP_PKEY_print_params: function(&out: PBIO; const pkey: PEVP_PKEY; indent: TIdC_INT; pctx: PASN1_PCTX): TIdC_INT cdecl = nil;
+
+  EVP_PKEY_get_default_digest_nid: function(pkey: PEVP_PKEY; pnid: PIdC_INT): TIdC_INT cdecl = nil;
+
+  EVP_PKEY_set1_tls_encodedpoint: function(pkey: PEVP_PKEY; const pt: PByte; ptlen: TIdC_SIZET): TIdC_INT cdecl = nil;
+  EVP_PKEY_get1_tls_encodedpoint: function(pkey: PEVP_PKEY; ppt: PPByte): TIdC_SIZET cdecl = nil;
+
+  EVP_CIPHER_type: function(const ctx: PEVP_CIPHER): TIdC_INT cdecl = nil;
+
+  (* calls methods *)
+  EVP_CIPHER_param_to_asn1: function(c: PEVP_CIPHER_CTX; &type: PASN1_TYPE): TIdC_INT cdecl = nil;
+  EVP_CIPHER_asn1_to_param: function(c: PEVP_CIPHER_CTX; &type: PASN1_TYPE): TIdC_INT cdecl = nil;
+
+  (* These are used by EVP_CIPHER methods *)
+  EVP_CIPHER_set_asn1_iv: function(c: PEVP_CIPHER_CTX; &type: PASN1_TYPE): TIdC_INT cdecl = nil;
+  EVP_CIPHER_get_asn1_iv: function(c: PEVP_CIPHER_CTX; &type: PASN1_TYPE): TIdC_INT cdecl = nil;
+
+  (* PKCS5 password based encryption *)
+  PKCS5_PBE_keyivgen: function(ctx: PEVP_CIPHER_CTX; const pass: PIdAnsiChar; passlen: TIdC_INT; param: PASN1_TYPE; const cipher: PEVP_CIPHER; const md: PEVP_MD; en_de: TIdC_INT): TIdC_INT cdecl = nil;
+  PKCS5_PBKDF2_HMAC_SHA1: function(const pass: PIdAnsiChar; passlen: TIdC_INT; const salt: PByte; saltlen: TIdC_INT; iter: TIdC_INT; keylen: TIdC_INT; &out: PByte): TIdC_INT cdecl = nil;
+  PKCS5_PBKDF2_HMAC: function(const pass: PIdAnsiChar; passlen: TIdC_INT; const salt: PByte; saltlen: TIdC_INT; iter: TIdC_INT; const digest: PEVP_MD; keylen: TIdC_INT; &out: PByte): TIdC_INT cdecl = nil;
+  PKCS5_v2_PBE_keyivgen: function(ctx: PEVP_CIPHER_CTX; const pass: PIdAnsiChar; passlen: TIdC_INT; param: PASN1_TYPE; const cipher: PEVP_CIPHER; const md: PEVP_MD; en_de: TIdC_INT): TIdC_INT cdecl = nil;
+
+  EVP_PBE_scrypt: function(const pass: PIdAnsiChar; passlen: TIdC_SIZET; const salt: PByte; saltlen: TIdC_SIZET; N: TIdC_UINT64; r: TIdC_UINT64; p: TIdC_UINT64; maxmem: TIdC_UINT64; key: PByte; keylen: TIdC_SIZET): TIdC_INT cdecl = nil;
+
+  PKCS5_v2_scrypt_keyivgen: function(ctx: PEVP_CIPHER_CTX; const pass: PIdAnsiChar; passlen: TIdC_INT; param: PASN1_TYPE; const c: PEVP_CIPHER; const md: PEVP_MD; en_de: TIdC_INT): TIdC_INT cdecl = nil;
+
+  PKCS5_PBE_add: procedure cdecl = nil;
+
+  EVP_PBE_CipherInit: function(pbe_obj: PASN1_OBJECT; const pass: PIdAnsiChar; passlen: TIdC_INT; param: PASN1_TYPE; ctx: PEVP_CIPHER_CTX; en_de: TIdC_INT): TIdC_INT cdecl = nil;
+
+  (* PBE type *)
+  EVP_PBE_alg_add_type: function(pbe_type: TIdC_INT; pbe_nid: TIdC_INT; cipher_nid: TIdC_INT; md_nid: TIdC_INT; keygen: PEVP_PBE_KEYGEN): TIdC_INT cdecl = nil;
+  EVP_PBE_alg_add: function(nid: TIdC_INT; const cipher: PEVP_CIPHER; const md: PEVP_MD; keygen: PEVP_PBE_KEYGEN): TIdC_INT cdecl = nil;
+  EVP_PBE_find: function(&type: TIdC_INT; pbe_nid: TIdC_INT; pcnid: PIdC_INT; pmnid: PIdC_INT; pkeygen: PPEVP_PBE_KEYGEN): TIdC_INT cdecl = nil;
+  EVP_PBE_cleanup: procedure cdecl = nil;
+  EVP_PBE_get: function(ptype: PIdC_INT; ppbe_nid: PIdC_INT; num: TIdC_SIZET): TIdC_INT cdecl = nil;
+
+  EVP_PKEY_asn1_get_count: function: TIdC_INT cdecl = nil;
+  EVP_PKEY_asn1_get0: function(idx: TIdC_INT): PEVP_PKEY_ASN1_METHOD cdecl = nil;
+  EVP_PKEY_asn1_find: function(pe: PPENGINE; &type: TIdC_INT): PEVP_PKEY_ASN1_METHOD cdecl = nil;
+  EVP_PKEY_asn1_find_str: function(pe: PPENGINE; const str: PIdAnsiChar; len: TIdC_INT): PEVP_PKEY_ASN1_METHOD cdecl = nil;
+  EVP_PKEY_asn1_add0: function(const ameth: PEVP_PKEY_ASN1_METHOD): TIdC_INT cdecl = nil;
+  EVP_PKEY_asn1_add_alias: function(&to: TIdC_INT; from: TIdC_INT): TIdC_INT cdecl = nil;
+  EVP_PKEY_asn1_get0_info: function(ppkey_id: PIdC_INT; pkey_base_id: PIdC_INT; ppkey_flags: PIdC_INT; const pinfo: PPIdAnsiChar; const ppem_str: PPIdAnsiChar; const ameth: PEVP_PKEY_ASN1_METHOD): TIdC_INT cdecl = nil;
+
+  EVP_PKEY_get0_asn1: function(const pkey: PEVP_PKEY): PEVP_PKEY_ASN1_METHOD cdecl = nil;
+  EVP_PKEY_asn1_new: function(id: TIdC_INT; flags: TIdC_INT; const pem_str: PIdAnsiChar; const info: PIdAnsiChar): PEVP_PKEY_ASN1_METHOD cdecl = nil;
+  EVP_PKEY_asn1_copy: procedure(dst: PEVP_PKEY_ASN1_METHOD; const src: PEVP_PKEY_ASN1_METHOD) cdecl = nil;
+  EVP_PKEY_asn1_free: procedure(ameth: PEVP_PKEY_ASN1_METHOD) cdecl = nil;
+
+  EVP_PKEY_asn1_set_public: procedure(ameth: PEVP_PKEY_ASN1_METHOD; APub_decode: pub_decode; APub_encode: pub_encode; APub_cmd: pub_cmd; APub_print: pub_print; APkey_size: pkey_size; APkey_bits: pkey_bits) cdecl = nil;
+  EVP_PKEY_asn1_set_private: procedure(ameth: PEVP_PKEY_ASN1_METHOD; APriv_decode: priv_decode; APriv_encode: priv_encode; APriv_print: priv_print) cdecl = nil;
+  EVP_PKEY_asn1_set_param: procedure(ameth: PEVP_PKEY_ASN1_METHOD; AParam_decode: param_decode; AParam_encode: param_encode; AParam_missing: param_missing; AParam_copy: param_copy; AParam_cmp: param_cmp; AParam_print: param_print) cdecl = nil;
+
+  EVP_PKEY_asn1_set_free: procedure(ameth: PEVP_PKEY_ASN1_METHOD; APkey_free: pkey_free) cdecl = nil;
+  EVP_PKEY_asn1_set_ctrl: procedure(ameth: PEVP_PKEY_ASN1_METHOD; APkey_ctrl: pkey_ctrl) cdecl = nil;
+  EVP_PKEY_asn1_set_item: procedure(ameth: PEVP_PKEY_ASN1_METHOD; AItem_verify: item_verify; AItem_sign: item_sign) cdecl = nil;
+
+  EVP_PKEY_asn1_set_siginf: procedure(ameth: PEVP_PKEY_ASN1_METHOD; ASiginf_set: siginf_set) cdecl = nil;
+
+  EVP_PKEY_asn1_set_check: procedure(ameth: PEVP_PKEY_ASN1_METHOD; APkey_check: pkey_check) cdecl = nil;
+
+  EVP_PKEY_asn1_set_public_check: procedure(ameth: PEVP_PKEY_ASN1_METHOD; APkey_pub_check: pkey_pub_check) cdecl = nil;
+
+  EVP_PKEY_asn1_set_param_check: procedure(ameth: PEVP_PKEY_ASN1_METHOD; APkey_param_check: pkey_param_check) cdecl = nil;
+
+  EVP_PKEY_asn1_set_set_priv_key: procedure(ameth: PEVP_PKEY_ASN1_METHOD; ASet_priv_key: set_priv_key) cdecl = nil;
+  EVP_PKEY_asn1_set_set_pub_key: procedure(ameth: PEVP_PKEY_ASN1_METHOD; ASet_pub_key: set_pub_key) cdecl = nil;
+  EVP_PKEY_asn1_set_get_priv_key: procedure(ameth: PEVP_PKEY_ASN1_METHOD; AGet_priv_key: get_priv_key) cdecl = nil;
+  EVP_PKEY_asn1_set_get_pub_key: procedure(ameth: PEVP_PKEY_ASN1_METHOD; AGet_pub_key: get_pub_key) cdecl = nil;
+
+  EVP_PKEY_asn1_set_security_bits: procedure(ameth: PEVP_PKEY_ASN1_METHOD; APkey_security_bits: pkey_security_bits) cdecl = nil;
+
+  EVP_PKEY_meth_find: function(&type: TIdC_INT): PEVP_PKEY_METHOD cdecl = nil;
+  EVP_PKEY_meth_new: function(id: TIdC_INT; flags: TIdC_INT): PEVP_PKEY_METHOD cdecl = nil;
+  EVP_PKEY_meth_get0_info: procedure(ppkey_id: PIdC_INT; pflags: PIdC_INT; const meth: PEVP_PKEY_METHOD) cdecl = nil;
+  EVP_PKEY_meth_copy: procedure(dst: PEVP_PKEY_METHOD; const src: PEVP_PKEY_METHOD) cdecl = nil;
+  EVP_PKEY_meth_free: procedure(pmeth: PEVP_PKEY_METHOD) cdecl = nil;
+  EVP_PKEY_meth_add0: function(const pmeth: PEVP_PKEY_METHOD): TIdC_INT cdecl = nil;
+  EVP_PKEY_meth_remove: function(const pmeth: PEVP_PKEY_METHOD): TIdC_INT cdecl = nil;
+  EVP_PKEY_meth_get_count: function: TIdC_SIZET cdecl = nil;
+  EVP_PKEY_meth_get0: function(idx: TIdC_SIZET): PEVP_PKEY_METHOD cdecl = nil;
+
+  EVP_PKEY_CTX_new: function(pkey: PEVP_PKEY; e: PENGINE): PEVP_PKEY_CTX cdecl = nil;
+  EVP_PKEY_CTX_new_id: function(id: TIdC_INT; e: PENGINE): PEVP_PKEY_CTX cdecl = nil;
+  EVP_PKEY_CTX_dup: function(ctx: PEVP_PKEY_CTX): PEVP_PKEY_CTX cdecl = nil;
+  EVP_PKEY_CTX_free: procedure(ctx: PEVP_PKEY_CTX) cdecl = nil;
+
+  EVP_PKEY_CTX_ctrl: function(ctx: PEVP_PKEY_CTX; keytype: TIdC_INT; optype: TIdC_INT; cmd: TIdC_INT; p1: TIdC_INT; p2: Pointer): TIdC_INT cdecl = nil;
+  EVP_PKEY_CTX_ctrl_str: function(ctx: PEVP_PKEY_CTX; const &type: PIdAnsiChar; const value: PIdAnsiChar): TIdC_INT cdecl = nil;
+  EVP_PKEY_CTX_ctrl_uint64: function(ctx: PEVP_PKEY_CTX; keytype: TIdC_INT; optype: TIdC_INT; cmd: TIdC_INT; value: TIdC_UINT64): TIdC_INT cdecl = nil;
+
+  EVP_PKEY_CTX_str2ctrl: function(ctx: PEVP_PKEY_CTX; cmd: TIdC_INT; const str: PIdAnsiChar): TIdC_INT cdecl = nil;
+  EVP_PKEY_CTX_hex2ctrl: function(ctx: PEVP_PKEY_CTX; cmd: TIdC_INT; const hex: PIdAnsiChar): TIdC_INT cdecl = nil;
+
+  EVP_PKEY_CTX_md: function(ctx: PEVP_PKEY_CTX; optype: TIdC_INT; cmd: TIdC_INT; const md: PIdAnsiChar): TIdC_INT cdecl = nil;
+
+  EVP_PKEY_CTX_get_operation: function(ctx: PEVP_PKEY_CTX): TIdC_INT cdecl = nil;
+  EVP_PKEY_CTX_set0_keygen_info: procedure(ctx: PEVP_PKEY_CTX; dat: PIdC_INT; datlen: TIdC_INT) cdecl = nil;
+
+  EVP_PKEY_new_mac_key: function(&type: TIdC_INT; e: PENGINE; const key: PByte; keylen: TIdC_INT): PEVP_PKEY cdecl = nil;
+  EVP_PKEY_new_raw_private_key: function(&type: TIdC_INT; e: PENGINE; const priv: PByte; len: TIdC_SIZET): PEVP_PKEY cdecl = nil;
+  EVP_PKEY_new_raw_public_key: function(&type: TIdC_INT; e: PENGINE; const pub: PByte; len: TIdC_SIZET): PEVP_PKEY cdecl = nil;
+  EVP_PKEY_get_raw_private_key: function(const pkey: PEVP_PKEY; priv: PByte; len: PIdC_SIZET): TIdC_INT cdecl = nil;
+  EVP_PKEY_get_raw_public_key: function(const pkey: PEVP_PKEY; pub: PByte; len: PIdC_SIZET): TIdC_INT cdecl = nil;
+
+  EVP_PKEY_new_CMAC_key: function(e: PENGINE; const priv: PByte; len: TIdC_SIZET; const cipher: PEVP_CIPHER): PEVP_PKEY cdecl = nil;
+
+  EVP_PKEY_CTX_set_data: procedure(ctx: PEVP_PKEY_CTX; data: Pointer) cdecl = nil;
+  EVP_PKEY_CTX_get_data: function(ctx: PEVP_PKEY_CTX): Pointer cdecl = nil;
+  EVP_PKEY_CTX_get0_pkey: function(ctx: PEVP_PKEY_CTX): PEVP_PKEY cdecl = nil;
+
+  EVP_PKEY_CTX_get0_peerkey: function(ctx: PEVP_PKEY_CTX): PEVP_PKEY cdecl = nil;
+
+  EVP_PKEY_CTX_set_app_data: procedure(ctx: PEVP_PKEY_CTX; data: Pointer) cdecl = nil;
+  EVP_PKEY_CTX_get_app_data: function(ctx: PEVP_PKEY_CTX): Pointer cdecl = nil;
+
+  EVP_PKEY_sign_init: function(ctx: PEVP_PKEY_CTX): TIdC_INT cdecl = nil;
+  EVP_PKEY_sign: function(ctx: PEVP_PKEY_CTX; sig: PByte; siglen: PIdC_SIZET; const tbs: PByte; tbslen: TIdC_SIZET): TIdC_INT cdecl = nil;
+  EVP_PKEY_verify_init: function(ctx: PEVP_PKEY_CTX): TIdC_INT cdecl = nil;
+  EVP_PKEY_verify: function(ctx: PEVP_PKEY_CTX; const sig: PByte; siglen: TIdC_SIZET; const tbs: PByte; tbslen: TIdC_SIZET): TIdC_INT cdecl = nil;
+  EVP_PKEY_verify_recover_init: function(ctx: PEVP_PKEY_CTX): TIdC_INT cdecl = nil;
+  EVP_PKEY_verify_recover: function(ctx: PEVP_PKEY_CTX; rout: PByte; routlen: PIdC_SIZET; const sig: PByte; siglen: TIdC_SIZET): TIdC_INT cdecl = nil;
+  EVP_PKEY_encrypt_init: function(ctx: PEVP_PKEY_CTX): TIdC_INT cdecl = nil;
+  EVP_PKEY_encrypt: function(ctx: PEVP_PKEY_CTX; &out: PByte; outlen: PIdC_SIZET; const &in: PByte; inlen: TIdC_SIZET): TIdC_INT cdecl = nil;
+  EVP_PKEY_decrypt_init: function(ctx: PEVP_PKEY_CTX): TIdC_INT cdecl = nil;
+  EVP_PKEY_decrypt: function(ctx: PEVP_PKEY_CTX; &out: PByte; outlen: PIdC_SIZET; const &in: PByte; inlen: TIdC_SIZET): TIdC_INT cdecl = nil;
+
+  EVP_PKEY_derive_init: function(ctx: PEVP_PKEY_CTX): TIdC_INT cdecl = nil;
+  EVP_PKEY_derive_set_peer: function(ctx: PEVP_PKEY_CTX; peer: PEVP_PKEY): TIdC_INT cdecl = nil;
+  EVP_PKEY_derive: function(ctx: PEVP_PKEY_CTX; key: PByte; keylen: PIdC_SIZET): TIdC_INT cdecl = nil;
+
+  EVP_PKEY_paramgen_init: function(ctx: PEVP_PKEY_CTX): TIdC_INT cdecl = nil;
+  EVP_PKEY_paramgen: function(ctx: PEVP_PKEY_CTX; ppkey: PPEVP_PKEY): TIdC_INT cdecl = nil;
+  EVP_PKEY_keygen_init: function(ctx: PEVP_PKEY_CTX): TIdC_INT cdecl = nil;
+  EVP_PKEY_keygen: function(ctx: PEVP_PKEY_CTX; ppkey: PPEVP_PKEY): TIdC_INT cdecl = nil;
+  EVP_PKEY_check: function(ctx: PEVP_PKEY_CTX): TIdC_INT cdecl = nil;
+  EVP_PKEY_public_check: function(ctx: PEVP_PKEY_CTX): TIdC_INT cdecl = nil;
+  EVP_PKEY_param_check: function(ctx: PEVP_PKEY_CTX): TIdC_INT cdecl = nil;
+
+  EVP_PKEY_CTX_set_cb: procedure(ctx: PEVP_PKEY_CTX; cb: EVP_PKEY_gen_cb) cdecl = nil;
+  EVP_PKEY_CTX_get_cb: function(ctx: PEVP_PKEY_CTX): EVP_PKEY_gen_cb cdecl = nil;
+
+  EVP_PKEY_CTX_get_keygen_info: function(ctx: PEVP_PKEY_CTX; idx: TIdC_INT): TIdC_INT cdecl = nil;
+
+  EVP_PKEY_meth_set_init: procedure(pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_init: EVP_PKEY_meth_init) cdecl = nil;
+
+  EVP_PKEY_meth_set_copy: procedure(pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_copy_cb: EVP_PKEY_meth_copy_cb) cdecl = nil;
+
+  EVP_PKEY_meth_set_cleanup: procedure(pmeth: PEVP_PKEY_METHOD; PEVP_PKEY_meth_cleanup: EVP_PKEY_meth_cleanup) cdecl = nil;
+
+  EVP_PKEY_meth_set_paramgen: procedure(pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_paramgen_init: EVP_PKEY_meth_paramgen_init; AEVP_PKEY_meth_paramgen: EVP_PKEY_meth_paramgen_init) cdecl = nil;
+
+  EVP_PKEY_meth_set_keygen: procedure(pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_keygen_init: EVP_PKEY_meth_keygen_init; AEVP_PKEY_meth_keygen: EVP_PKEY_meth_keygen) cdecl = nil;
+
+  EVP_PKEY_meth_set_sign: procedure(pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_sign_init: EVP_PKEY_meth_sign_init; AEVP_PKEY_meth_sign: EVP_PKEY_meth_sign) cdecl = nil;
+
+  EVP_PKEY_meth_set_verify: procedure(pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_verify_init: EVP_PKEY_meth_verify_init; AEVP_PKEY_meth_verify: EVP_PKEY_meth_verify_init) cdecl = nil;
+
+  EVP_PKEY_meth_set_verify_recover: procedure(pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_verify_recover_init: EVP_PKEY_meth_verify_recover_init; AEVP_PKEY_meth_verify_recover: EVP_PKEY_meth_verify_recover_init) cdecl = nil;
+
+  EVP_PKEY_meth_set_signctx: procedure(pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_signctx_init: EVP_PKEY_meth_signctx_init; AEVP_PKEY_meth_signctx: EVP_PKEY_meth_signctx) cdecl = nil;
+
+  EVP_PKEY_meth_set_verifyctx: procedure(pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_verifyctx_init: EVP_PKEY_meth_verifyctx_init; AEVP_PKEY_meth_verifyctx: EVP_PKEY_meth_verifyctx) cdecl = nil;
+
+  EVP_PKEY_meth_set_encrypt: procedure(pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_encrypt_init: EVP_PKEY_meth_encrypt_init; AEVP_PKEY_meth_encrypt: EVP_PKEY_meth_encrypt) cdecl = nil;
+
+  EVP_PKEY_meth_set_decrypt: procedure(pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_decrypt_init: EVP_PKEY_meth_decrypt_init; AEVP_PKEY_meth_decrypt: EVP_PKEY_meth_decrypt) cdecl = nil;
+
+  EVP_PKEY_meth_set_derive: procedure(pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_derive_init: EVP_PKEY_meth_derive_init; AEVP_PKEY_meth_derive: EVP_PKEY_meth_derive) cdecl = nil;
+
+  EVP_PKEY_meth_set_ctrl: procedure(pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_ctrl: EVP_PKEY_meth_ctrl; AEVP_PKEY_meth_ctrl_str: EVP_PKEY_meth_ctrl_str) cdecl = nil;
+
+  EVP_PKEY_meth_set_digestsign: procedure(pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_digestsign: EVP_PKEY_meth_digestsign) cdecl = nil;
+
+  EVP_PKEY_meth_set_digestverify: procedure(pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_digestverify: EVP_PKEY_meth_digestverify) cdecl = nil;
+
+  EVP_PKEY_meth_set_check: procedure(pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_check: EVP_PKEY_meth_check) cdecl = nil;
+
+  EVP_PKEY_meth_set_public_check: procedure(pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_public_check: EVP_PKEY_meth_public_check) cdecl = nil;
+
+  EVP_PKEY_meth_set_param_check: procedure(pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_param_check: EVP_PKEY_meth_param_check) cdecl = nil;
+
+  EVP_PKEY_meth_set_digest_custom: procedure(pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_digest_custom: EVP_PKEY_meth_digest_custom) cdecl = nil;
+
+  EVP_PKEY_meth_get_init: procedure(const pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_init: PEVP_PKEY_meth_init) cdecl = nil;
+
+  EVP_PKEY_meth_get_copy: procedure(const pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_copy: PEVP_PKEY_meth_copy) cdecl = nil;
+
+  EVP_PKEY_meth_get_cleanup: procedure(const pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_cleanup: PEVP_PKEY_meth_cleanup) cdecl = nil;
+
+  EVP_PKEY_meth_get_paramgen: procedure(const pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_paramgen_init: EVP_PKEY_meth_paramgen_init; AEVP_PKEY_meth_paramgen: PEVP_PKEY_meth_paramgen) cdecl = nil;
+
+  EVP_PKEY_meth_get_keygen: procedure(const pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_keygen_init: EVP_PKEY_meth_keygen_init; AEVP_PKEY_meth_keygen: PEVP_PKEY_meth_keygen) cdecl = nil;
+
+  EVP_PKEY_meth_get_sign: procedure(const pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_sign_init: PEVP_PKEY_meth_sign_init; AEVP_PKEY_meth_sign: PEVP_PKEY_meth_sign) cdecl = nil;
+
+  EVP_PKEY_meth_get_verify: procedure(pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_verify_init: PEVP_PKEY_meth_verify_init; AEVP_PKEY_meth_verify: PEVP_PKEY_meth_verify_init) cdecl = nil;
+
+  EVP_PKEY_meth_get_verify_recover: procedure(pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_verify_recover_init: PEVP_PKEY_meth_verify_recover_init; AEVP_PKEY_meth_verify_recover: PEVP_PKEY_meth_verify_recover_init) cdecl = nil;
+
+  EVP_PKEY_meth_get_signctx: procedure(pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_signctx_init: PEVP_PKEY_meth_signctx_init; AEVP_PKEY_meth_signctx: PEVP_PKEY_meth_signctx) cdecl = nil;
+
+  EVP_PKEY_meth_get_verifyctx: procedure(pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_verifyctx_init: PEVP_PKEY_meth_verifyctx_init; AEVP_PKEY_meth_verifyctx: PEVP_PKEY_meth_verifyctx) cdecl = nil;
+
+  EVP_PKEY_meth_get_encrypt: procedure(pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_encrypt_init: PEVP_PKEY_meth_encrypt_init; AEVP_PKEY_meth_encrypt: PEVP_PKEY_meth_encrypt) cdecl = nil;
+
+  EVP_PKEY_meth_get_decrypt: procedure(pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_decrypt_init: PEVP_PKEY_meth_decrypt_init; AEVP_PKEY_meth_decrypt: PEVP_PKEY_meth_decrypt) cdecl = nil;
+
+  EVP_PKEY_meth_get_derive: procedure(pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_derive_init: PEVP_PKEY_meth_derive_init; AEVP_PKEY_meth_derive: PEVP_PKEY_meth_derive) cdecl = nil;
+
+  EVP_PKEY_meth_get_ctrl: procedure(pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_ctrl: PEVP_PKEY_meth_ctrl; AEVP_PKEY_meth_ctrl_str: PEVP_PKEY_meth_ctrl_str) cdecl = nil;
+
+  EVP_PKEY_meth_get_digestsign: procedure(pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_digestsign: PEVP_PKEY_meth_digestsign) cdecl = nil;
+
+  EVP_PKEY_meth_get_digestverify: procedure(pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_digestverify: PEVP_PKEY_meth_digestverify) cdecl = nil;
+
+  EVP_PKEY_meth_get_check: procedure(pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_check: PEVP_PKEY_meth_check) cdecl = nil;
+
+  EVP_PKEY_meth_get_public_check: procedure(pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_public_check: PEVP_PKEY_meth_public_check) cdecl = nil;
+
+  EVP_PKEY_meth_get_param_check: procedure(pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_param_check: PEVP_PKEY_meth_param_check) cdecl = nil;
+
+  EVP_PKEY_meth_get_digest_custom: procedure(pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_digest_custom: PEVP_PKEY_meth_digest_custom) cdecl = nil;
+
+  EVP_add_alg_module: procedure cdecl = nil;
+
+implementation
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+
+  function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
+  begin
+    Result := LoadLibFunction(ADllHandle, AMethodName);
+    if not Assigned(Result) then
+      AFailed.Add(AMethodName);
+  end;
+
+begin
+  EVP_MD_meth_new := LoadFunction('EVP_MD_meth_new', AFailed);
+  EVP_MD_meth_dup := LoadFunction('EVP_MD_meth_dup', AFailed);
+  EVP_MD_meth_free := LoadFunction('EVP_MD_meth_free', AFailed);
+  EVP_MD_meth_set_input_blocksize := LoadFunction('EVP_MD_meth_set_input_blocksize', AFailed);
+  EVP_MD_meth_set_result_size := LoadFunction('EVP_MD_meth_set_result_size', AFailed);
+  EVP_MD_meth_set_app_datasize := LoadFunction('EVP_MD_meth_set_app_datasize', AFailed);
+  EVP_MD_meth_set_flags := LoadFunction('EVP_MD_meth_set_flags', AFailed);
+  EVP_MD_meth_set_init := LoadFunction('EVP_MD_meth_set_init', AFailed);
+  EVP_MD_meth_set_update := LoadFunction('EVP_MD_meth_set_update', AFailed);
+  EVP_MD_meth_set_final := LoadFunction('EVP_MD_meth_set_final', AFailed);
+  EVP_MD_meth_set_copy := LoadFunction('EVP_MD_meth_set_copy', AFailed);
+  EVP_MD_meth_set_cleanup := LoadFunction('EVP_MD_meth_set_cleanup', AFailed);
+  EVP_MD_meth_set_ctrl := LoadFunction('EVP_MD_meth_set_ctrl', AFailed);
+  EVP_MD_meth_get_input_blocksize := LoadFunction('EVP_MD_meth_get_input_blocksize', AFailed);
+  EVP_MD_meth_get_result_size := LoadFunction('EVP_MD_meth_get_result_size', AFailed);
+  EVP_MD_meth_get_app_datasize := LoadFunction('EVP_MD_meth_get_app_datasize', AFailed);
+  EVP_MD_meth_get_flags := LoadFunction('EVP_MD_meth_get_flags', AFailed);
+  EVP_MD_meth_get_init := LoadFunction('EVP_MD_meth_get_init', AFailed);
+  EVP_MD_meth_get_update := LoadFunction('EVP_MD_meth_get_update', AFailed);
+  EVP_MD_meth_get_final := LoadFunction('EVP_MD_meth_get_final', AFailed);
+  EVP_MD_meth_get_copy := LoadFunction('EVP_MD_meth_get_copy', AFailed);
+  EVP_MD_meth_get_cleanup := LoadFunction('EVP_MD_meth_get_cleanup', AFailed);
+  EVP_MD_meth_get_ctrl := LoadFunction('EVP_MD_meth_get_ctrl', AFailed);
+  EVP_CIPHER_meth_new := LoadFunction('EVP_CIPHER_meth_new', AFailed);
+  EVP_CIPHER_meth_dup := LoadFunction('EVP_CIPHER_meth_dup', AFailed);
+  EVP_CIPHER_meth_free := LoadFunction('EVP_CIPHER_meth_free', AFailed);
+  EVP_CIPHER_meth_set_iv_length := LoadFunction('EVP_CIPHER_meth_set_iv_length', AFailed);
+  EVP_CIPHER_meth_set_flags := LoadFunction('EVP_CIPHER_meth_set_flags', AFailed);
+  EVP_CIPHER_meth_set_impl_ctx_size := LoadFunction('EVP_CIPHER_meth_set_impl_ctx_size', AFailed);
+  EVP_CIPHER_meth_set_init := LoadFunction('EVP_CIPHER_meth_set_init', AFailed);
+  EVP_CIPHER_meth_set_do_cipher := LoadFunction('EVP_CIPHER_meth_set_do_cipher', AFailed);
+  EVP_CIPHER_meth_set_cleanup := LoadFunction('EVP_CIPHER_meth_set_cleanup', AFailed);
+  EVP_CIPHER_meth_set_set_asn1_params := LoadFunction('EVP_CIPHER_meth_set_set_asn1_params', AFailed);
+  EVP_CIPHER_meth_set_get_asn1_params := LoadFunction('EVP_CIPHER_meth_set_get_asn1_params', AFailed);
+  EVP_CIPHER_meth_set_ctrl := LoadFunction('EVP_CIPHER_meth_set_ctrl', AFailed);
+  EVP_CIPHER_meth_get_init := LoadFunction('EVP_CIPHER_meth_get_init', AFailed);
+  EVP_CIPHER_meth_get_do_cipher := LoadFunction('EVP_CIPHER_meth_get_do_cipher', AFailed);
+  EVP_CIPHER_meth_get_cleanup := LoadFunction('EVP_CIPHER_meth_get_cleanup', AFailed);
+  EVP_CIPHER_meth_get_set_asn1_params := LoadFunction('EVP_CIPHER_meth_get_set_asn1_params', AFailed);
+  EVP_CIPHER_meth_get_get_asn1_params := LoadFunction('EVP_CIPHER_meth_get_get_asn1_params', AFailed);
+  EVP_CIPHER_meth_get_ctrl := LoadFunction('EVP_CIPHER_meth_get_ctrl', AFailed);
+  EVP_MD_type := LoadFunction('EVP_MD_type', AFailed);
+  EVP_MD_pkey_type := LoadFunction('EVP_MD_pkey_type', AFailed);
+  EVP_MD_size := LoadFunction('EVP_MD_size', AFailed);
+  EVP_MD_block_size := LoadFunction('EVP_MD_block_size', AFailed);
+  EVP_MD_flags := LoadFunction('EVP_MD_flags', AFailed);
+  EVP_MD_CTX_md := LoadFunction('EVP_MD_CTX_md', AFailed);
+  EVP_MD_CTX_update_fn := LoadFunction('EVP_MD_CTX_update_fn', AFailed);
+  EVP_MD_CTX_set_update_fn := LoadFunction('EVP_MD_CTX_set_update_fn', AFailed);
+  EVP_MD_CTX_pkey_ctx := LoadFunction('EVP_MD_CTX_pkey_ctx', AFailed);
+  EVP_MD_CTX_set_pkey_ctx := LoadFunction('EVP_MD_CTX_set_pkey_ctx', AFailed);
+  EVP_MD_CTX_md_data := LoadFunction('EVP_MD_CTX_md_data', AFailed);
+  EVP_CIPHER_nid := LoadFunction('EVP_CIPHER_nid', AFailed);
+  EVP_CIPHER_block_size := LoadFunction('EVP_CIPHER_block_size', AFailed);
+  EVP_CIPHER_impl_ctx_size := LoadFunction('EVP_CIPHER_impl_ctx_size', AFailed);
+  EVP_CIPHER_key_length := LoadFunction('EVP_CIPHER_key_length', AFailed);
+  EVP_CIPHER_iv_length := LoadFunction('EVP_CIPHER_iv_length', AFailed);
+  EVP_CIPHER_flags := LoadFunction('EVP_CIPHER_flags', AFailed);
+  EVP_CIPHER_CTX_cipher := LoadFunction('EVP_CIPHER_CTX_cipher', AFailed);
+  EVP_CIPHER_CTX_encrypting := LoadFunction('EVP_CIPHER_CTX_encrypting', AFailed);
+  EVP_CIPHER_CTX_nid := LoadFunction('EVP_CIPHER_CTX_nid', AFailed);
+  EVP_CIPHER_CTX_block_size := LoadFunction('EVP_CIPHER_CTX_block_size', AFailed);
+  EVP_CIPHER_CTX_key_length := LoadFunction('EVP_CIPHER_CTX_key_length', AFailed);
+  EVP_CIPHER_CTX_iv_length := LoadFunction('EVP_CIPHER_CTX_iv_length', AFailed);
+  EVP_CIPHER_CTX_iv := LoadFunction('EVP_CIPHER_CTX_iv', AFailed);
+  EVP_CIPHER_CTX_original_iv := LoadFunction('EVP_CIPHER_CTX_original_iv', AFailed);
+  EVP_CIPHER_CTX_iv_noconst := LoadFunction('EVP_CIPHER_CTX_iv_noconst', AFailed);
+  EVP_CIPHER_CTX_buf_noconst := LoadFunction('EVP_CIPHER_CTX_buf_noconst', AFailed);
+  EVP_CIPHER_CTX_num := LoadFunction('EVP_CIPHER_CTX_num', AFailed);
+  EVP_CIPHER_CTX_set_num := LoadFunction('EVP_CIPHER_CTX_set_num', AFailed);
+  EVP_CIPHER_CTX_copy := LoadFunction('EVP_CIPHER_CTX_copy', AFailed);
+  EVP_CIPHER_CTX_get_app_data := LoadFunction('EVP_CIPHER_CTX_get_app_data', AFailed);
+  EVP_CIPHER_CTX_set_app_data := LoadFunction('EVP_CIPHER_CTX_set_app_data', AFailed);
+  EVP_CIPHER_CTX_get_cipher_data := LoadFunction('EVP_CIPHER_CTX_get_cipher_data', AFailed);
+  EVP_CIPHER_CTX_set_cipher_data := LoadFunction('EVP_CIPHER_CTX_set_cipher_data', AFailed);
+  BIO_set_md := LoadFunction('BIO_set_md', AFailed);
+  EVP_MD_CTX_ctrl := LoadFunction('EVP_MD_CTX_ctrl', AFailed);
+  EVP_MD_CTX_new := LoadFunction('EVP_MD_CTX_new', AFailed);
+  EVP_MD_CTX_reset := LoadFunction('EVP_MD_CTX_reset', AFailed);
+  EVP_MD_CTX_free := LoadFunction('EVP_MD_CTX_free', AFailed);
+  EVP_MD_CTX_copy_ex := LoadFunction('EVP_MD_CTX_copy_ex', AFailed);
+  EVP_MD_CTX_set_flags := LoadFunction('EVP_MD_CTX_set_flags', AFailed);
+  EVP_MD_CTX_clear_flags := LoadFunction('EVP_MD_CTX_clear_flags', AFailed);
+  EVP_MD_CTX_test_flags := LoadFunction('EVP_MD_CTX_test_flags', AFailed);
+  EVP_DigestInit_ex := LoadFunction('EVP_DigestInit_ex', AFailed);
+  EVP_DigestUpdate := LoadFunction('EVP_DigestUpdate', AFailed);
+  EVP_DigestFinal_ex := LoadFunction('EVP_DigestFinal_ex', AFailed);
+  EVP_Digest := LoadFunction('EVP_Digest', AFailed);
+  EVP_MD_CTX_copy := LoadFunction('EVP_MD_CTX_copy', AFailed);
+  EVP_DigestInit := LoadFunction('EVP_DigestInit', AFailed);
+  EVP_DigestFinal := LoadFunction('EVP_DigestFinal', AFailed);
+  EVP_DigestFinalXOF := LoadFunction('EVP_DigestFinalXOF', AFailed);
+  EVP_read_pw_string := LoadFunction('EVP_read_pw_string', AFailed);
+  EVP_read_pw_string_min := LoadFunction('EVP_read_pw_string_min', AFailed);
+  EVP_set_pw_prompt := LoadFunction('EVP_set_pw_prompt', AFailed);
+  EVP_get_pw_prompt := LoadFunction('EVP_get_pw_prompt', AFailed);
+  EVP_BytesToKey := LoadFunction('EVP_BytesToKey', AFailed);
+  EVP_CIPHER_CTX_set_flags := LoadFunction('EVP_CIPHER_CTX_set_flags', AFailed);
+  EVP_CIPHER_CTX_clear_flags := LoadFunction('EVP_CIPHER_CTX_clear_flags', AFailed);
+  EVP_CIPHER_CTX_test_flags := LoadFunction('EVP_CIPHER_CTX_test_flags', AFailed);
+  EVP_EncryptInit := LoadFunction('EVP_EncryptInit', AFailed);
+  EVP_EncryptInit_ex := LoadFunction('EVP_EncryptInit_ex', AFailed);
+  EVP_EncryptUpdate := LoadFunction('EVP_EncryptUpdate', AFailed);
+  EVP_EncryptFinal_ex := LoadFunction('EVP_EncryptFinal_ex', AFailed);
+  EVP_EncryptFinal := LoadFunction('EVP_EncryptFinal', AFailed);
+  EVP_DecryptInit := LoadFunction('EVP_DecryptInit', AFailed);
+  EVP_DecryptInit_ex := LoadFunction('EVP_DecryptInit_ex', AFailed);
+  EVP_DecryptUpdate := LoadFunction('EVP_DecryptUpdate', AFailed);
+  EVP_DecryptFinal := LoadFunction('EVP_DecryptFinal', AFailed);
+  EVP_DecryptFinal_ex := LoadFunction('EVP_DecryptFinal_ex', AFailed);
+  EVP_CipherInit := LoadFunction('EVP_CipherInit', AFailed);
+  EVP_CipherInit_ex := LoadFunction('EVP_CipherInit_ex', AFailed);
+  EVP_CipherUpdate := LoadFunction('EVP_CipherUpdate', AFailed);
+  EVP_CipherFinal := LoadFunction('EVP_CipherFinal', AFailed);
+  EVP_CipherFinal_ex := LoadFunction('EVP_CipherFinal_ex', AFailed);
+  EVP_SignFinal := LoadFunction('EVP_SignFinal', AFailed);
+  EVP_DigestSign := LoadFunction('EVP_DigestSign', AFailed);
+  EVP_VerifyFinal := LoadFunction('EVP_VerifyFinal', AFailed);
+  EVP_DigestVerify := LoadFunction('EVP_DigestVerify', AFailed);
+  EVP_DigestSignInit := LoadFunction('EVP_DigestSignInit', AFailed);
+  EVP_DigestSignFinal := LoadFunction('EVP_DigestSignFinal', AFailed);
+  EVP_DigestVerifyInit := LoadFunction('EVP_DigestVerifyInit', AFailed);
+  EVP_DigestVerifyFinal := LoadFunction('EVP_DigestVerifyFinal', AFailed);
+  EVP_OpenInit := LoadFunction('EVP_OpenInit', AFailed);
+  EVP_OpenFinal := LoadFunction('EVP_OpenFinal', AFailed);
+  EVP_SealInit := LoadFunction('EVP_SealInit', AFailed);
+  EVP_SealFinal := LoadFunction('EVP_SealFinal', AFailed);
+  EVP_ENCODE_CTX_new := LoadFunction('EVP_ENCODE_CTX_new', AFailed);
+  EVP_ENCODE_CTX_free := LoadFunction('EVP_ENCODE_CTX_free', AFailed);
+  EVP_ENCODE_CTX_copy := LoadFunction('EVP_ENCODE_CTX_copy', AFailed);
+  EVP_ENCODE_CTX_num := LoadFunction('EVP_ENCODE_CTX_num', AFailed);
+  EVP_EncodeInit := LoadFunction('EVP_EncodeInit', AFailed);
+  EVP_EncodeUpdate := LoadFunction('EVP_EncodeUpdate', AFailed);
+  EVP_EncodeFinal := LoadFunction('EVP_EncodeFinal', AFailed);
+  EVP_EncodeBlock := LoadFunction('EVP_EncodeBlock', AFailed);
+  EVP_DecodeInit := LoadFunction('EVP_DecodeInit', AFailed);
+  EVP_DecodeUpdate := LoadFunction('EVP_DecodeUpdate', AFailed);
+  EVP_DecodeFinal := LoadFunction('EVP_DecodeFinal', AFailed);
+  EVP_DecodeBlock := LoadFunction('EVP_DecodeBlock', AFailed);
+  EVP_CIPHER_CTX_new := LoadFunction('EVP_CIPHER_CTX_new', AFailed);
+  EVP_CIPHER_CTX_reset := LoadFunction('EVP_CIPHER_CTX_reset', AFailed);
+  EVP_CIPHER_CTX_free := LoadFunction('EVP_CIPHER_CTX_free', AFailed);
+  EVP_CIPHER_CTX_set_key_length := LoadFunction('EVP_CIPHER_CTX_set_key_length', AFailed);
+  EVP_CIPHER_CTX_set_padding := LoadFunction('EVP_CIPHER_CTX_set_padding', AFailed);
+  EVP_CIPHER_CTX_ctrl := LoadFunction('EVP_CIPHER_CTX_ctrl', AFailed);
+  EVP_CIPHER_CTX_rand_key := LoadFunction('EVP_CIPHER_CTX_rand_key', AFailed);
+  BIO_f_md := LoadFunction('BIO_f_md', AFailed);
+  BIO_f_base64 := LoadFunction('BIO_f_base64', AFailed);
+  BIO_f_cipher := LoadFunction('BIO_f_cipher', AFailed);
+  BIO_f_reliable := LoadFunction('BIO_f_reliable', AFailed);
+  BIO_set_cipher := LoadFunction('BIO_set_cipher', AFailed);
+  EVP_md_null := LoadFunction('EVP_md_null', AFailed);
+  EVP_md5 := LoadFunction('EVP_md5', AFailed);
+  EVP_md5_sha1 := LoadFunction('EVP_md5_sha1', AFailed);
+  EVP_sha1 := LoadFunction('EVP_sha1', AFailed);
+  EVP_sha224 := LoadFunction('EVP_sha224', AFailed);
+  EVP_sha256 := LoadFunction('EVP_sha256', AFailed);
+  EVP_sha384 := LoadFunction('EVP_sha384', AFailed);
+  EVP_sha512 := LoadFunction('EVP_sha512', AFailed);
+  EVP_sha512_224 := LoadFunction('EVP_sha512_224', AFailed);
+  EVP_sha512_256 := LoadFunction('EVP_sha512_256', AFailed);
+  EVP_sha3_224 := LoadFunction('EVP_sha3_224', AFailed);
+  EVP_sha3_256 := LoadFunction('EVP_sha3_256', AFailed);
+  EVP_sha3_384 := LoadFunction('EVP_sha3_384', AFailed);
+  EVP_sha3_512 := LoadFunction('EVP_sha3_512', AFailed);
+  EVP_shake128 := LoadFunction('EVP_shake128', AFailed);
+  EVP_shake256 := LoadFunction('EVP_shake256', AFailed);
+  EVP_enc_null := LoadFunction('EVP_enc_null', AFailed);
+  EVP_des_ecb := LoadFunction('EVP_des_ecb', AFailed);
+  EVP_des_ede := LoadFunction('EVP_des_ede', AFailed);
+  EVP_des_ede3 := LoadFunction('EVP_des_ede3', AFailed);
+  EVP_des_ede_ecb := LoadFunction('EVP_des_ede_ecb', AFailed);
+  EVP_des_ede3_ecb := LoadFunction('EVP_des_ede3_ecb', AFailed);
+  EVP_des_cfb64 := LoadFunction('EVP_des_cfb64', AFailed);
+  EVP_des_cfb1 := LoadFunction('EVP_des_cfb1', AFailed);
+  EVP_des_cfb8 := LoadFunction('EVP_des_cfb8', AFailed);
+  EVP_des_ede_cfb64 := LoadFunction('EVP_des_ede_cfb64', AFailed);
+  EVP_des_ede3_cfb64 := LoadFunction('EVP_des_ede3_cfb64', AFailed);
+  EVP_des_ede3_cfb1 := LoadFunction('EVP_des_ede3_cfb1', AFailed);
+  EVP_des_ede3_cfb8 := LoadFunction('EVP_des_ede3_cfb8', AFailed);
+  EVP_des_ofb := LoadFunction('EVP_des_ofb', AFailed);
+  EVP_des_ede_ofb := LoadFunction('EVP_des_ede_ofb', AFailed);
+  EVP_des_ede3_ofb := LoadFunction('EVP_des_ede3_ofb', AFailed);
+  EVP_des_cbc := LoadFunction('EVP_des_cbc', AFailed);
+  EVP_des_ede_cbc := LoadFunction('EVP_des_ede_cbc', AFailed);
+  EVP_des_ede3_cbc := LoadFunction('EVP_des_ede3_cbc', AFailed);
+  EVP_desx_cbc := LoadFunction('EVP_desx_cbc', AFailed);
+  EVP_des_ede3_wrap := LoadFunction('EVP_des_ede3_wrap', AFailed);
+  EVP_rc4 := LoadFunction('EVP_rc4', AFailed);
+  EVP_rc4_40 := LoadFunction('EVP_rc4_40', AFailed);
+  EVP_idea_ecb := LoadFunction('EVP_idea_ecb', AFailed);
+  EVP_idea_cfb64 := LoadFunction('EVP_idea_cfb64', AFailed);
+  EVP_idea_ofb := LoadFunction('EVP_idea_ofb', AFailed);
+  EVP_idea_cbc := LoadFunction('EVP_idea_cbc', AFailed);
+  EVP_rc2_ecb := LoadFunction('EVP_rc2_ecb', AFailed);
+  EVP_rc2_cbc := LoadFunction('EVP_rc2_cbc', AFailed);
+  EVP_rc2_40_cbc := LoadFunction('EVP_rc2_40_cbc', AFailed);
+  EVP_rc2_64_cbc := LoadFunction('EVP_rc2_64_cbc', AFailed);
+  EVP_rc2_cfb64 := LoadFunction('EVP_rc2_cfb64', AFailed);
+  EVP_rc2_ofb := LoadFunction('EVP_rc2_ofb', AFailed);
+  EVP_bf_ecb := LoadFunction('EVP_bf_ecb', AFailed);
+  EVP_bf_cbc := LoadFunction('EVP_bf_cbc', AFailed);
+  EVP_bf_cfb64 := LoadFunction('EVP_bf_cfb64', AFailed);
+  EVP_bf_ofb := LoadFunction('EVP_bf_ofb', AFailed);
+  EVP_cast5_ecb := LoadFunction('EVP_cast5_ecb', AFailed);
+  EVP_cast5_cbc := LoadFunction('EVP_cast5_cbc', AFailed);
+  EVP_cast5_cfb64 := LoadFunction('EVP_cast5_cfb64', AFailed);
+  EVP_cast5_ofb := LoadFunction('EVP_cast5_ofb', AFailed);
+  EVP_rc5_32_12_16_cbc := LoadFunction('EVP_rc5_32_12_16_cbc', AFailed);
+  EVP_rc5_32_12_16_ecb := LoadFunction('EVP_rc5_32_12_16_ecb', AFailed);
+  EVP_rc5_32_12_16_cfb64 := LoadFunction('EVP_rc5_32_12_16_cfb64', AFailed);
+  EVP_rc5_32_12_16_ofb := LoadFunction('EVP_rc5_32_12_16_ofb', AFailed);
+  EVP_aes_128_ecb := LoadFunction('EVP_aes_128_ecb', AFailed);
+  EVP_aes_128_cbc := LoadFunction('EVP_aes_128_cbc', AFailed);
+  EVP_aes_128_cfb1 := LoadFunction('EVP_aes_128_cfb1', AFailed);
+  EVP_aes_128_cfb8 := LoadFunction('EVP_aes_128_cfb8', AFailed);
+  EVP_aes_128_cfb128 := LoadFunction('EVP_aes_128_cfb128', AFailed);
+  EVP_aes_128_ofb := LoadFunction('EVP_aes_128_ofb', AFailed);
+  EVP_aes_128_ctr := LoadFunction('EVP_aes_128_ctr', AFailed);
+  EVP_aes_128_ccm := LoadFunction('EVP_aes_128_ccm', AFailed);
+  EVP_aes_128_gcm := LoadFunction('EVP_aes_128_gcm', AFailed);
+  EVP_aes_128_xts := LoadFunction('EVP_aes_128_xts', AFailed);
+  EVP_aes_128_wrap := LoadFunction('EVP_aes_128_wrap', AFailed);
+  EVP_aes_128_wrap_pad := LoadFunction('EVP_aes_128_wrap_pad', AFailed);
+  EVP_aes_128_ocb := LoadFunction('EVP_aes_128_ocb', AFailed);
+  EVP_aes_192_ecb := LoadFunction('EVP_aes_192_ecb', AFailed);
+  EVP_aes_192_cbc := LoadFunction('EVP_aes_192_cbc', AFailed);
+  EVP_aes_192_cfb1 := LoadFunction('EVP_aes_192_cfb1', AFailed);
+  EVP_aes_192_cfb8 := LoadFunction('EVP_aes_192_cfb8', AFailed);
+  EVP_aes_192_cfb128 := LoadFunction('EVP_aes_192_cfb128', AFailed);
+  EVP_aes_192_ofb := LoadFunction('EVP_aes_192_ofb', AFailed);
+  EVP_aes_192_ctr := LoadFunction('EVP_aes_192_ctr', AFailed);
+  EVP_aes_192_ccm := LoadFunction('EVP_aes_192_ccm', AFailed);
+  EVP_aes_192_gcm := LoadFunction('EVP_aes_192_gcm', AFailed);
+  EVP_aes_192_wrap := LoadFunction('EVP_aes_192_wrap', AFailed);
+  EVP_aes_192_wrap_pad := LoadFunction('EVP_aes_192_wrap_pad', AFailed);
+  EVP_aes_192_ocb := LoadFunction('EVP_aes_192_ocb', AFailed);
+  EVP_aes_256_ecb := LoadFunction('EVP_aes_256_ecb', AFailed);
+  EVP_aes_256_cbc := LoadFunction('EVP_aes_256_cbc', AFailed);
+  EVP_aes_256_cfb1 := LoadFunction('EVP_aes_256_cfb1', AFailed);
+  EVP_aes_256_cfb8 := LoadFunction('EVP_aes_256_cfb8', AFailed);
+  EVP_aes_256_cfb128 := LoadFunction('EVP_aes_256_cfb128', AFailed);
+  EVP_aes_256_ofb := LoadFunction('EVP_aes_256_ofb', AFailed);
+  EVP_aes_256_ctr := LoadFunction('EVP_aes_256_ctr', AFailed);
+  EVP_aes_256_ccm := LoadFunction('EVP_aes_256_ccm', AFailed);
+  EVP_aes_256_gcm := LoadFunction('EVP_aes_256_gcm', AFailed);
+  EVP_aes_256_xts := LoadFunction('EVP_aes_256_xts', AFailed);
+  EVP_aes_256_wrap := LoadFunction('EVP_aes_256_wrap', AFailed);
+  EVP_aes_256_wrap_pad := LoadFunction('EVP_aes_256_wrap_pad', AFailed);
+  EVP_aes_256_ocb := LoadFunction('EVP_aes_256_ocb', AFailed);
+  EVP_aes_128_cbc_hmac_sha1 := LoadFunction('EVP_aes_128_cbc_hmac_sha1', AFailed);
+  EVP_aes_256_cbc_hmac_sha1 := LoadFunction('EVP_aes_256_cbc_hmac_sha1', AFailed);
+  EVP_aes_128_cbc_hmac_sha256 := LoadFunction('EVP_aes_128_cbc_hmac_sha256', AFailed);
+  EVP_aes_256_cbc_hmac_sha256 := LoadFunction('EVP_aes_256_cbc_hmac_sha256', AFailed);
+  EVP_aria_128_ecb := LoadFunction('EVP_aria_128_ecb', AFailed);
+  EVP_aria_128_cbc := LoadFunction('EVP_aria_128_cbc', AFailed);
+  EVP_aria_128_cfb1 := LoadFunction('EVP_aria_128_cfb1', AFailed);
+  EVP_aria_128_cfb8 := LoadFunction('EVP_aria_128_cfb8', AFailed);
+  EVP_aria_128_cfb128 := LoadFunction('EVP_aria_128_cfb128', AFailed);
+  EVP_aria_128_ctr := LoadFunction('EVP_aria_128_ctr', AFailed);
+  EVP_aria_128_ofb := LoadFunction('EVP_aria_128_ofb', AFailed);
+  EVP_aria_128_gcm := LoadFunction('EVP_aria_128_gcm', AFailed);
+  EVP_aria_128_ccm := LoadFunction('EVP_aria_128_ccm', AFailed);
+  EVP_aria_192_ecb := LoadFunction('EVP_aria_192_ecb', AFailed);
+  EVP_aria_192_cbc := LoadFunction('EVP_aria_192_cbc', AFailed);
+  EVP_aria_192_cfb1 := LoadFunction('EVP_aria_192_cfb1', AFailed);
+  EVP_aria_192_cfb8 := LoadFunction('EVP_aria_192_cfb8', AFailed);
+  EVP_aria_192_cfb128 := LoadFunction('EVP_aria_192_cfb128', AFailed);
+  EVP_aria_192_ctr := LoadFunction('EVP_aria_192_ctr', AFailed);
+  EVP_aria_192_ofb := LoadFunction('EVP_aria_192_ofb', AFailed);
+  EVP_aria_192_gcm := LoadFunction('EVP_aria_192_gcm', AFailed);
+  EVP_aria_192_ccm := LoadFunction('EVP_aria_192_ccm', AFailed);
+  EVP_aria_256_ecb := LoadFunction('EVP_aria_256_ecb', AFailed);
+  EVP_aria_256_cbc := LoadFunction('EVP_aria_256_cbc', AFailed);
+  EVP_aria_256_cfb1 := LoadFunction('EVP_aria_256_cfb1', AFailed);
+  EVP_aria_256_cfb8 := LoadFunction('EVP_aria_256_cfb8', AFailed);
+  EVP_aria_256_cfb128 := LoadFunction('EVP_aria_256_cfb128', AFailed);
+  EVP_aria_256_ctr := LoadFunction('EVP_aria_256_ctr', AFailed);
+  EVP_aria_256_ofb := LoadFunction('EVP_aria_256_ofb', AFailed);
+  EVP_aria_256_gcm := LoadFunction('EVP_aria_256_gcm', AFailed);
+  EVP_aria_256_ccm := LoadFunction('EVP_aria_256_ccm', AFailed);
+  EVP_camellia_128_ecb := LoadFunction('EVP_camellia_128_ecb', AFailed);
+  EVP_camellia_128_cbc := LoadFunction('EVP_camellia_128_cbc', AFailed);
+  EVP_camellia_128_cfb1 := LoadFunction('EVP_camellia_128_cfb1', AFailed);
+  EVP_camellia_128_cfb8 := LoadFunction('EVP_camellia_128_cfb8', AFailed);
+  EVP_camellia_128_cfb128 := LoadFunction('EVP_camellia_128_cfb128', AFailed);
+  EVP_camellia_128_ofb := LoadFunction('EVP_camellia_128_ofb', AFailed);
+  EVP_camellia_128_ctr := LoadFunction('EVP_camellia_128_ctr', AFailed);
+  EVP_camellia_192_ecb := LoadFunction('EVP_camellia_192_ecb', AFailed);
+  EVP_camellia_192_cbc := LoadFunction('EVP_camellia_192_cbc', AFailed);
+  EVP_camellia_192_cfb1 := LoadFunction('EVP_camellia_192_cfb1', AFailed);
+  EVP_camellia_192_cfb8 := LoadFunction('EVP_camellia_192_cfb8', AFailed);
+  EVP_camellia_192_cfb128 := LoadFunction('EVP_camellia_192_cfb128', AFailed);
+  EVP_camellia_192_ofb := LoadFunction('EVP_camellia_192_ofb', AFailed);
+  EVP_camellia_192_ctr := LoadFunction('EVP_camellia_192_ctr', AFailed);
+  EVP_camellia_256_ecb := LoadFunction('EVP_camellia_256_ecb', AFailed);
+  EVP_camellia_256_cbc := LoadFunction('EVP_camellia_256_cbc', AFailed);
+  EVP_camellia_256_cfb1 := LoadFunction('EVP_camellia_256_cfb1', AFailed);
+  EVP_camellia_256_cfb8 := LoadFunction('EVP_camellia_256_cfb8', AFailed);
+  EVP_camellia_256_cfb128 := LoadFunction('EVP_camellia_256_cfb128', AFailed);
+  EVP_camellia_256_ofb := LoadFunction('EVP_camellia_256_ofb', AFailed);
+  EVP_camellia_256_ctr := LoadFunction('EVP_camellia_256_ctr', AFailed);
+  EVP_chacha20 := LoadFunction('EVP_chacha20', AFailed);
+  EVP_chacha20_poly1305 := LoadFunction('EVP_chacha20_poly1305', AFailed);
+  EVP_seed_ecb := LoadFunction('EVP_seed_ecb', AFailed);
+  EVP_seed_cbc := LoadFunction('EVP_seed_cbc', AFailed);
+  EVP_seed_cfb128 := LoadFunction('EVP_seed_cfb128', AFailed);
+  EVP_seed_ofb := LoadFunction('EVP_seed_ofb', AFailed);
+  EVP_sm4_ecb := LoadFunction('EVP_sm4_ecb', AFailed);
+  EVP_sm4_cbc := LoadFunction('EVP_sm4_cbc', AFailed);
+  EVP_sm4_cfb128 := LoadFunction('EVP_sm4_cfb128', AFailed);
+  EVP_sm4_ofb := LoadFunction('EVP_sm4_ofb', AFailed);
+  EVP_sm4_ctr := LoadFunction('EVP_sm4_ctr', AFailed);
+  EVP_add_cipher := LoadFunction('EVP_add_cipher', AFailed);
+  EVP_add_digest := LoadFunction('EVP_add_digest', AFailed);
+  EVP_get_cipherbyname := LoadFunction('EVP_get_cipherbyname', AFailed);
+  EVP_get_digestbyname := LoadFunction('EVP_get_digestbyname', AFailed);
+  EVP_CIPHER_do_all := LoadFunction('EVP_CIPHER_do_all', AFailed);
+  EVP_CIPHER_do_all_sorted := LoadFunction('EVP_CIPHER_do_all_sorted', AFailed);
+  EVP_MD_do_all := LoadFunction('EVP_MD_do_all', AFailed);
+  EVP_MD_do_all_sorted := LoadFunction('EVP_MD_do_all_sorted', AFailed);
+  EVP_PKEY_decrypt_old := LoadFunction('EVP_PKEY_decrypt_old', AFailed);
+  EVP_PKEY_encrypt_old := LoadFunction('EVP_PKEY_encrypt_old', AFailed);
+  EVP_PKEY_type := LoadFunction('EVP_PKEY_type', AFailed);
+  EVP_PKEY_id := LoadFunction('EVP_PKEY_id', AFailed);
+  EVP_PKEY_base_id := LoadFunction('EVP_PKEY_base_id', AFailed);
+  EVP_PKEY_bits := LoadFunction('EVP_PKEY_bits', AFailed);
+  EVP_PKEY_security_bits := LoadFunction('EVP_PKEY_security_bits', AFailed);
+  EVP_PKEY_size := LoadFunction('EVP_PKEY_size', AFailed);
+  EVP_PKEY_set_type := LoadFunction('EVP_PKEY_set_type', AFailed);
+  EVP_PKEY_set_type_str := LoadFunction('EVP_PKEY_set_type_str', AFailed);
+  EVP_PKEY_set_alias_type := LoadFunction('EVP_PKEY_set_alias_type', AFailed);
+  EVP_PKEY_set1_engine := LoadFunction('EVP_PKEY_set1_engine', AFailed);
+  EVP_PKEY_get0_engine := LoadFunction('EVP_PKEY_get0_engine', AFailed);
+  EVP_PKEY_assign := LoadFunction('EVP_PKEY_assign', AFailed);
+  EVP_PKEY_get0 := LoadFunction('EVP_PKEY_get0', AFailed);
+  EVP_PKEY_get0_hmac := LoadFunction('EVP_PKEY_get0_hmac', AFailed);
+  EVP_PKEY_get0_poly1305 := LoadFunction('EVP_PKEY_get0_poly1305', AFailed);
+  EVP_PKEY_get0_siphash := LoadFunction('EVP_PKEY_get0_siphash', AFailed);
+  EVP_PKEY_set1_RSA := LoadFunction('EVP_PKEY_set1_RSA', AFailed);
+  EVP_PKEY_get0_RSA := LoadFunction('EVP_PKEY_get0_RSA', AFailed);
+  EVP_PKEY_get1_RSA := LoadFunction('EVP_PKEY_get1_RSA', AFailed);
+  EVP_PKEY_set1_DSA := LoadFunction('EVP_PKEY_set1_DSA', AFailed);
+  EVP_PKEY_get0_DSA := LoadFunction('EVP_PKEY_get0_DSA', AFailed);
+  EVP_PKEY_get1_DSA := LoadFunction('EVP_PKEY_get1_DSA', AFailed);
+  EVP_PKEY_set1_DH := LoadFunction('EVP_PKEY_set1_DH', AFailed);
+  EVP_PKEY_get0_DH := LoadFunction('EVP_PKEY_get0_DH', AFailed);
+  EVP_PKEY_get1_DH := LoadFunction('EVP_PKEY_get1_DH', AFailed);
+  EVP_PKEY_set1_EC_KEY := LoadFunction('EVP_PKEY_set1_EC_KEY', AFailed);
+  EVP_PKEY_get0_EC_KEY := LoadFunction('EVP_PKEY_get0_EC_KEY', AFailed);
+  EVP_PKEY_get1_EC_KEY := LoadFunction('EVP_PKEY_get1_EC_KEY', AFailed);
+  EVP_PKEY_new := LoadFunction('EVP_PKEY_new', AFailed);
+  EVP_PKEY_up_ref := LoadFunction('EVP_PKEY_up_ref', AFailed);
+  EVP_PKEY_free := LoadFunction('EVP_PKEY_free', AFailed);
+  d2i_PublicKey := LoadFunction('d2i_PublicKey', AFailed);
+  i2d_PublicKey := LoadFunction('i2d_PublicKey', AFailed);
+  d2i_PrivateKey := LoadFunction('d2i_PrivateKey', AFailed);
+  d2i_AutoPrivateKey := LoadFunction('d2i_AutoPrivateKey', AFailed);
+  i2d_PrivateKey := LoadFunction('i2d_PrivateKey', AFailed);
+  EVP_PKEY_copy_parameters := LoadFunction('EVP_PKEY_copy_parameters', AFailed);
+  EVP_PKEY_missing_parameters := LoadFunction('EVP_PKEY_missing_parameters', AFailed);
+  EVP_PKEY_save_parameters := LoadFunction('EVP_PKEY_save_parameters', AFailed);
+  EVP_PKEY_cmp_parameters := LoadFunction('EVP_PKEY_cmp_parameters', AFailed);
+  EVP_PKEY_cmp := LoadFunction('EVP_PKEY_cmp', AFailed);
+  EVP_PKEY_print_public := LoadFunction('EVP_PKEY_print_public', AFailed);
+  EVP_PKEY_print_private := LoadFunction('EVP_PKEY_print_private', AFailed);
+  EVP_PKEY_print_params := LoadFunction('EVP_PKEY_print_params', AFailed);
+  EVP_PKEY_get_default_digest_nid := LoadFunction('EVP_PKEY_get_default_digest_nid', AFailed);
+  EVP_PKEY_set1_tls_encodedpoint := LoadFunction('EVP_PKEY_set1_tls_encodedpoint', AFailed);
+  EVP_PKEY_get1_tls_encodedpoint := LoadFunction('EVP_PKEY_get1_tls_encodedpoint', AFailed);
+  EVP_CIPHER_type := LoadFunction('EVP_CIPHER_type', AFailed);
+  EVP_CIPHER_param_to_asn1 := LoadFunction('EVP_CIPHER_param_to_asn1', AFailed);
+  EVP_CIPHER_asn1_to_param := LoadFunction('EVP_CIPHER_asn1_to_param', AFailed);
+  EVP_CIPHER_set_asn1_iv := LoadFunction('EVP_CIPHER_set_asn1_iv', AFailed);
+  EVP_CIPHER_get_asn1_iv := LoadFunction('EVP_CIPHER_get_asn1_iv', AFailed);
+  PKCS5_PBE_keyivgen := LoadFunction('PKCS5_PBE_keyivgen', AFailed);
+  PKCS5_PBKDF2_HMAC_SHA1 := LoadFunction('PKCS5_PBKDF2_HMAC_SHA1', AFailed);
+  PKCS5_PBKDF2_HMAC := LoadFunction('PKCS5_PBKDF2_HMAC', AFailed);
+  PKCS5_v2_PBE_keyivgen := LoadFunction('PKCS5_v2_PBE_keyivgen', AFailed);
+  EVP_PBE_scrypt := LoadFunction('EVP_PBE_scrypt', AFailed);
+  PKCS5_v2_scrypt_keyivgen := LoadFunction('PKCS5_v2_scrypt_keyivgen', AFailed);
+  PKCS5_PBE_add := LoadFunction('PKCS5_PBE_add', AFailed);
+  EVP_PBE_CipherInit := LoadFunction('EVP_PBE_CipherInit', AFailed);
+  EVP_PBE_alg_add_type := LoadFunction('EVP_PBE_alg_add_type', AFailed);
+  EVP_PBE_alg_add := LoadFunction('EVP_PBE_alg_add', AFailed);
+  EVP_PBE_find := LoadFunction('EVP_PBE_find', AFailed);
+  EVP_PBE_cleanup := LoadFunction('EVP_PBE_cleanup', AFailed);
+  EVP_PBE_get := LoadFunction('EVP_PBE_get', AFailed);
+  EVP_PKEY_asn1_get_count := LoadFunction('EVP_PKEY_asn1_get_count', AFailed);
+  EVP_PKEY_asn1_get0 := LoadFunction('EVP_PKEY_asn1_get0', AFailed);
+  EVP_PKEY_asn1_find := LoadFunction('EVP_PKEY_asn1_find', AFailed);
+  EVP_PKEY_asn1_find_str := LoadFunction('EVP_PKEY_asn1_find_str', AFailed);
+  EVP_PKEY_asn1_add0 := LoadFunction('EVP_PKEY_asn1_add0', AFailed);
+  EVP_PKEY_asn1_add_alias := LoadFunction('EVP_PKEY_asn1_add_alias', AFailed);
+  EVP_PKEY_asn1_get0_info := LoadFunction('EVP_PKEY_asn1_get0_info', AFailed);
+  EVP_PKEY_get0_asn1 := LoadFunction('EVP_PKEY_get0_asn1', AFailed);
+  EVP_PKEY_asn1_new := LoadFunction('EVP_PKEY_asn1_new', AFailed);
+  EVP_PKEY_asn1_copy := LoadFunction('EVP_PKEY_asn1_copy', AFailed);
+  EVP_PKEY_asn1_free := LoadFunction('EVP_PKEY_asn1_free', AFailed);
+  EVP_PKEY_asn1_set_public := LoadFunction('EVP_PKEY_asn1_set_public', AFailed);
+  EVP_PKEY_asn1_set_private := LoadFunction('EVP_PKEY_asn1_set_private', AFailed);
+  EVP_PKEY_asn1_set_param := LoadFunction('EVP_PKEY_asn1_set_param', AFailed);
+  EVP_PKEY_asn1_set_free := LoadFunction('EVP_PKEY_asn1_set_free', AFailed);
+  EVP_PKEY_asn1_set_ctrl := LoadFunction('EVP_PKEY_asn1_set_ctrl', AFailed);
+  EVP_PKEY_asn1_set_item := LoadFunction('EVP_PKEY_asn1_set_item', AFailed);
+  EVP_PKEY_asn1_set_siginf := LoadFunction('EVP_PKEY_asn1_set_siginf', AFailed);
+  EVP_PKEY_asn1_set_check := LoadFunction('EVP_PKEY_asn1_set_check', AFailed);
+  EVP_PKEY_asn1_set_public_check := LoadFunction('EVP_PKEY_asn1_set_public_check', AFailed);
+  EVP_PKEY_asn1_set_param_check := LoadFunction('EVP_PKEY_asn1_set_param_check', AFailed);
+  EVP_PKEY_asn1_set_set_priv_key := LoadFunction('EVP_PKEY_asn1_set_set_priv_key', AFailed);
+  EVP_PKEY_asn1_set_set_pub_key := LoadFunction('EVP_PKEY_asn1_set_set_pub_key', AFailed);
+  EVP_PKEY_asn1_set_get_priv_key := LoadFunction('EVP_PKEY_asn1_set_get_priv_key', AFailed);
+  EVP_PKEY_asn1_set_get_pub_key := LoadFunction('EVP_PKEY_asn1_set_get_pub_key', AFailed);
+  EVP_PKEY_asn1_set_security_bits := LoadFunction('EVP_PKEY_asn1_set_security_bits', AFailed);
+  EVP_PKEY_meth_find := LoadFunction('EVP_PKEY_meth_find', AFailed);
+  EVP_PKEY_meth_new := LoadFunction('EVP_PKEY_meth_new', AFailed);
+  EVP_PKEY_meth_get0_info := LoadFunction('EVP_PKEY_meth_get0_info', AFailed);
+  EVP_PKEY_meth_copy := LoadFunction('EVP_PKEY_meth_copy', AFailed);
+  EVP_PKEY_meth_free := LoadFunction('EVP_PKEY_meth_free', AFailed);
+  EVP_PKEY_meth_add0 := LoadFunction('EVP_PKEY_meth_add0', AFailed);
+  EVP_PKEY_meth_remove := LoadFunction('EVP_PKEY_meth_remove', AFailed);
+  EVP_PKEY_meth_get_count := LoadFunction('EVP_PKEY_meth_get_count', AFailed);
+  EVP_PKEY_meth_get0 := LoadFunction('EVP_PKEY_meth_get0', AFailed);
+  EVP_PKEY_CTX_new := LoadFunction('EVP_PKEY_CTX_new', AFailed);
+  EVP_PKEY_CTX_new_id := LoadFunction('EVP_PKEY_CTX_new_id', AFailed);
+  EVP_PKEY_CTX_dup := LoadFunction('EVP_PKEY_CTX_dup', AFailed);
+  EVP_PKEY_CTX_free := LoadFunction('EVP_PKEY_CTX_free', AFailed);
+  EVP_PKEY_CTX_ctrl := LoadFunction('EVP_PKEY_CTX_ctrl', AFailed);
+  EVP_PKEY_CTX_ctrl_str := LoadFunction('EVP_PKEY_CTX_ctrl_str', AFailed);
+  EVP_PKEY_CTX_ctrl_uint64 := LoadFunction('EVP_PKEY_CTX_ctrl_uint64', AFailed);
+  EVP_PKEY_CTX_str2ctrl := LoadFunction('EVP_PKEY_CTX_str2ctrl', AFailed);
+  EVP_PKEY_CTX_hex2ctrl := LoadFunction('EVP_PKEY_CTX_hex2ctrl', AFailed);
+  EVP_PKEY_CTX_md := LoadFunction('EVP_PKEY_CTX_md', AFailed);
+  EVP_PKEY_CTX_get_operation := LoadFunction('EVP_PKEY_CTX_get_operation', AFailed);
+  EVP_PKEY_CTX_set0_keygen_info := LoadFunction('EVP_PKEY_CTX_set0_keygen_info', AFailed);
+  EVP_PKEY_new_mac_key := LoadFunction('EVP_PKEY_new_mac_key', AFailed);
+  EVP_PKEY_new_raw_private_key := LoadFunction('EVP_PKEY_new_raw_private_key', AFailed);
+  EVP_PKEY_new_raw_public_key := LoadFunction('EVP_PKEY_new_raw_public_key', AFailed);
+  EVP_PKEY_get_raw_private_key := LoadFunction('EVP_PKEY_get_raw_private_key', AFailed);
+  EVP_PKEY_get_raw_public_key := LoadFunction('EVP_PKEY_get_raw_public_key', AFailed);
+  EVP_PKEY_new_CMAC_key := LoadFunction('EVP_PKEY_new_CMAC_key', AFailed);
+  EVP_PKEY_CTX_set_data := LoadFunction('EVP_PKEY_CTX_set_data', AFailed);
+  EVP_PKEY_CTX_get_data := LoadFunction('EVP_PKEY_CTX_get_data', AFailed);
+  EVP_PKEY_CTX_get0_pkey := LoadFunction('EVP_PKEY_CTX_get0_pkey', AFailed);
+  EVP_PKEY_CTX_get0_peerkey := LoadFunction('EVP_PKEY_CTX_get0_peerkey', AFailed);
+  EVP_PKEY_CTX_set_app_data := LoadFunction('EVP_PKEY_CTX_set_app_data', AFailed);
+  EVP_PKEY_CTX_get_app_data := LoadFunction('EVP_PKEY_CTX_get_app_data', AFailed);
+  EVP_PKEY_sign_init := LoadFunction('EVP_PKEY_sign_init', AFailed);
+  EVP_PKEY_sign := LoadFunction('EVP_PKEY_sign', AFailed);
+  EVP_PKEY_verify_init := LoadFunction('EVP_PKEY_verify_init', AFailed);
+  EVP_PKEY_verify := LoadFunction('EVP_PKEY_verify', AFailed);
+  EVP_PKEY_verify_recover_init := LoadFunction('EVP_PKEY_verify_recover_init', AFailed);
+  EVP_PKEY_verify_recover := LoadFunction('EVP_PKEY_verify_recover', AFailed);
+  EVP_PKEY_encrypt_init := LoadFunction('EVP_PKEY_encrypt_init', AFailed);
+  EVP_PKEY_encrypt := LoadFunction('EVP_PKEY_encrypt', AFailed);
+  EVP_PKEY_decrypt_init := LoadFunction('EVP_PKEY_decrypt_init', AFailed);
+  EVP_PKEY_decrypt := LoadFunction('EVP_PKEY_decrypt', AFailed);
+  EVP_PKEY_derive_init := LoadFunction('EVP_PKEY_derive_init', AFailed);
+  EVP_PKEY_derive_set_peer := LoadFunction('EVP_PKEY_derive_set_peer', AFailed);
+  EVP_PKEY_derive := LoadFunction('EVP_PKEY_derive', AFailed);
+  EVP_PKEY_paramgen_init := LoadFunction('EVP_PKEY_paramgen_init', AFailed);
+  EVP_PKEY_paramgen := LoadFunction('EVP_PKEY_paramgen', AFailed);
+  EVP_PKEY_keygen_init := LoadFunction('EVP_PKEY_keygen_init', AFailed);
+  EVP_PKEY_keygen := LoadFunction('EVP_PKEY_keygen', AFailed);
+  EVP_PKEY_check := LoadFunction('EVP_PKEY_check', AFailed);
+  EVP_PKEY_public_check := LoadFunction('EVP_PKEY_public_check', AFailed);
+  EVP_PKEY_param_check := LoadFunction('EVP_PKEY_param_check', AFailed);
+  EVP_PKEY_CTX_set_cb := LoadFunction('EVP_PKEY_CTX_set_cb', AFailed);
+  EVP_PKEY_CTX_get_cb := LoadFunction('EVP_PKEY_CTX_get_cb', AFailed);
+  EVP_PKEY_CTX_get_keygen_info := LoadFunction('EVP_PKEY_CTX_get_keygen_info', AFailed);
+  EVP_PKEY_meth_set_init := LoadFunction('EVP_PKEY_meth_set_init', AFailed);
+  EVP_PKEY_meth_set_copy := LoadFunction('EVP_PKEY_meth_set_copy', AFailed);
+  EVP_PKEY_meth_set_cleanup := LoadFunction('EVP_PKEY_meth_set_cleanup', AFailed);
+  EVP_PKEY_meth_set_paramgen := LoadFunction('EVP_PKEY_meth_set_paramgen', AFailed);
+  EVP_PKEY_meth_set_keygen := LoadFunction('EVP_PKEY_meth_set_keygen', AFailed);
+  EVP_PKEY_meth_set_sign := LoadFunction('EVP_PKEY_meth_set_sign', AFailed);
+  EVP_PKEY_meth_set_verify := LoadFunction('EVP_PKEY_meth_set_verify', AFailed);
+  EVP_PKEY_meth_set_verify_recover := LoadFunction('EVP_PKEY_meth_set_verify_recover', AFailed);
+  EVP_PKEY_meth_set_signctx := LoadFunction('EVP_PKEY_meth_set_signctx', AFailed);
+  EVP_PKEY_meth_set_verifyctx := LoadFunction('EVP_PKEY_meth_set_verifyctx', AFailed);
+  EVP_PKEY_meth_set_encrypt := LoadFunction('EVP_PKEY_meth_set_encrypt', AFailed);
+  EVP_PKEY_meth_set_decrypt := LoadFunction('EVP_PKEY_meth_set_decrypt', AFailed);
+  EVP_PKEY_meth_set_derive := LoadFunction('EVP_PKEY_meth_set_derive', AFailed);
+  EVP_PKEY_meth_set_ctrl := LoadFunction('EVP_PKEY_meth_set_ctrl', AFailed);
+  EVP_PKEY_meth_set_digestsign := LoadFunction('EVP_PKEY_meth_set_digestsign', AFailed);
+  EVP_PKEY_meth_set_digestverify := LoadFunction('EVP_PKEY_meth_set_digestverify', AFailed);
+  EVP_PKEY_meth_set_check := LoadFunction('EVP_PKEY_meth_set_check', AFailed);
+  EVP_PKEY_meth_set_public_check := LoadFunction('EVP_PKEY_meth_set_public_check', AFailed);
+  EVP_PKEY_meth_set_param_check := LoadFunction('EVP_PKEY_meth_set_param_check', AFailed);
+  EVP_PKEY_meth_set_digest_custom := LoadFunction('EVP_PKEY_meth_set_digest_custom', AFailed);
+  EVP_PKEY_meth_get_init := LoadFunction('EVP_PKEY_meth_get_init', AFailed);
+  EVP_PKEY_meth_get_copy := LoadFunction('EVP_PKEY_meth_get_copy', AFailed);
+  EVP_PKEY_meth_get_cleanup := LoadFunction('EVP_PKEY_meth_get_cleanup', AFailed);
+  EVP_PKEY_meth_get_paramgen := LoadFunction('EVP_PKEY_meth_get_paramgen', AFailed);
+  EVP_PKEY_meth_get_keygen := LoadFunction('EVP_PKEY_meth_get_keygen', AFailed);
+  EVP_PKEY_meth_get_sign := LoadFunction('EVP_PKEY_meth_get_sign', AFailed);
+  EVP_PKEY_meth_get_verify := LoadFunction('EVP_PKEY_meth_get_verify', AFailed);
+  EVP_PKEY_meth_get_verify_recover := LoadFunction('EVP_PKEY_meth_get_verify_recover', AFailed);
+  EVP_PKEY_meth_get_signctx := LoadFunction('EVP_PKEY_meth_get_signctx', AFailed);
+  EVP_PKEY_meth_get_verifyctx := LoadFunction('EVP_PKEY_meth_get_verifyctx', AFailed);
+  EVP_PKEY_meth_get_encrypt := LoadFunction('EVP_PKEY_meth_get_encrypt', AFailed);
+  EVP_PKEY_meth_get_decrypt := LoadFunction('EVP_PKEY_meth_get_decrypt', AFailed);
+  EVP_PKEY_meth_get_derive := LoadFunction('EVP_PKEY_meth_get_derive', AFailed);
+  EVP_PKEY_meth_get_ctrl := LoadFunction('EVP_PKEY_meth_get_ctrl', AFailed);
+  EVP_PKEY_meth_get_digestsign := LoadFunction('EVP_PKEY_meth_get_digestsign', AFailed);
+  EVP_PKEY_meth_get_digestverify := LoadFunction('EVP_PKEY_meth_get_digestverify', AFailed);
+  EVP_PKEY_meth_get_check := LoadFunction('EVP_PKEY_meth_get_check', AFailed);
+  EVP_PKEY_meth_get_public_check := LoadFunction('EVP_PKEY_meth_get_public_check', AFailed);
+  EVP_PKEY_meth_get_param_check := LoadFunction('EVP_PKEY_meth_get_param_check', AFailed);
+  EVP_PKEY_meth_get_digest_custom := LoadFunction('EVP_PKEY_meth_get_digest_custom', AFailed);
+  EVP_add_alg_module := LoadFunction('EVP_add_alg_module', AFailed);
+end;
+
+procedure UnLoad;
+begin
+  EVP_MD_meth_new := nil;
+  EVP_MD_meth_dup := nil;
+  EVP_MD_meth_free := nil;
+  EVP_MD_meth_set_input_blocksize := nil;
+  EVP_MD_meth_set_result_size := nil;
+  EVP_MD_meth_set_app_datasize := nil;
+  EVP_MD_meth_set_flags := nil;
+  EVP_MD_meth_set_init := nil;
+  EVP_MD_meth_set_update := nil;
+  EVP_MD_meth_set_final := nil;
+  EVP_MD_meth_set_copy := nil;
+  EVP_MD_meth_set_cleanup := nil;
+  EVP_MD_meth_set_ctrl := nil;
+  EVP_MD_meth_get_input_blocksize := nil;
+  EVP_MD_meth_get_result_size := nil;
+  EVP_MD_meth_get_app_datasize := nil;
+  EVP_MD_meth_get_flags := nil;
+  EVP_MD_meth_get_init := nil;
+  EVP_MD_meth_get_update := nil;
+  EVP_MD_meth_get_final := nil;
+  EVP_MD_meth_get_copy := nil;
+  EVP_MD_meth_get_cleanup := nil;
+  EVP_MD_meth_get_ctrl := nil;
+  EVP_CIPHER_meth_new := nil;
+  EVP_CIPHER_meth_dup := nil;
+  EVP_CIPHER_meth_free := nil;
+  EVP_CIPHER_meth_set_iv_length := nil;
+  EVP_CIPHER_meth_set_flags := nil;
+  EVP_CIPHER_meth_set_impl_ctx_size := nil;
+  EVP_CIPHER_meth_set_init := nil;
+  EVP_CIPHER_meth_set_do_cipher := nil;
+  EVP_CIPHER_meth_set_cleanup := nil;
+  EVP_CIPHER_meth_set_set_asn1_params := nil;
+  EVP_CIPHER_meth_set_get_asn1_params := nil;
+  EVP_CIPHER_meth_set_ctrl := nil;
+  EVP_CIPHER_meth_get_init := nil;
+  EVP_CIPHER_meth_get_do_cipher := nil;
+  EVP_CIPHER_meth_get_cleanup := nil;
+  EVP_CIPHER_meth_get_set_asn1_params := nil;
+  EVP_CIPHER_meth_get_get_asn1_params := nil;
+  EVP_CIPHER_meth_get_ctrl := nil;
+  EVP_MD_type := nil;
+  EVP_MD_pkey_type := nil;
+  EVP_MD_size := nil;
+  EVP_MD_block_size := nil;
+  EVP_MD_flags := nil;
+  EVP_MD_CTX_md := nil;
+  EVP_MD_CTX_update_fn := nil;
+  EVP_MD_CTX_set_update_fn := nil;
+  EVP_MD_CTX_pkey_ctx := nil;
+  EVP_MD_CTX_set_pkey_ctx := nil;
+  EVP_MD_CTX_md_data := nil;
+  EVP_CIPHER_nid := nil;
+  EVP_CIPHER_block_size := nil;
+  EVP_CIPHER_impl_ctx_size := nil;
+  EVP_CIPHER_key_length := nil;
+  EVP_CIPHER_iv_length := nil;
+  EVP_CIPHER_flags := nil;
+  EVP_CIPHER_CTX_cipher := nil;
+  EVP_CIPHER_CTX_encrypting := nil;
+  EVP_CIPHER_CTX_nid := nil;
+  EVP_CIPHER_CTX_block_size := nil;
+  EVP_CIPHER_CTX_key_length := nil;
+  EVP_CIPHER_CTX_iv_length := nil;
+  EVP_CIPHER_CTX_iv := nil;
+  EVP_CIPHER_CTX_original_iv := nil;
+  EVP_CIPHER_CTX_iv_noconst := nil;
+  EVP_CIPHER_CTX_buf_noconst := nil;
+  EVP_CIPHER_CTX_num := nil;
+  EVP_CIPHER_CTX_set_num := nil;
+  EVP_CIPHER_CTX_copy := nil;
+  EVP_CIPHER_CTX_get_app_data := nil;
+  EVP_CIPHER_CTX_set_app_data := nil;
+  EVP_CIPHER_CTX_get_cipher_data := nil;
+  EVP_CIPHER_CTX_set_cipher_data := nil;
+  BIO_set_md := nil;
+  EVP_MD_CTX_ctrl := nil;
+  EVP_MD_CTX_new := nil;
+  EVP_MD_CTX_reset := nil;
+  EVP_MD_CTX_free := nil;
+  EVP_MD_CTX_copy_ex := nil;
+  EVP_MD_CTX_set_flags := nil;
+  EVP_MD_CTX_clear_flags := nil;
+  EVP_MD_CTX_test_flags := nil;
+  EVP_DigestInit_ex := nil;
+  EVP_DigestUpdate := nil;
+  EVP_DigestFinal_ex := nil;
+  EVP_Digest := nil;
+  EVP_MD_CTX_copy := nil;
+  EVP_DigestInit := nil;
+  EVP_DigestFinal := nil;
+  EVP_DigestFinalXOF := nil;
+  EVP_read_pw_string := nil;
+  EVP_read_pw_string_min := nil;
+  EVP_set_pw_prompt := nil;
+  EVP_get_pw_prompt := nil;
+  EVP_BytesToKey := nil;
+  EVP_CIPHER_CTX_set_flags := nil;
+  EVP_CIPHER_CTX_clear_flags := nil;
+  EVP_CIPHER_CTX_test_flags := nil;
+  EVP_EncryptInit := nil;
+  EVP_EncryptInit_ex := nil;
+  EVP_EncryptUpdate := nil;
+  EVP_EncryptFinal_ex := nil;
+  EVP_EncryptFinal := nil;
+  EVP_DecryptInit := nil;
+  EVP_DecryptInit_ex := nil;
+  EVP_DecryptUpdate := nil;
+  EVP_DecryptFinal := nil;
+  EVP_DecryptFinal_ex := nil;
+  EVP_CipherInit := nil;
+  EVP_CipherInit_ex := nil;
+  EVP_CipherUpdate := nil;
+  EVP_CipherFinal := nil;
+  EVP_CipherFinal_ex := nil;
+  EVP_SignFinal := nil;
+  EVP_DigestSign := nil;
+  EVP_VerifyFinal := nil;
+  EVP_DigestVerify := nil;
+  EVP_DigestSignInit := nil;
+  EVP_DigestSignFinal := nil;
+  EVP_DigestVerifyInit := nil;
+  EVP_DigestVerifyFinal := nil;
+  EVP_OpenInit := nil;
+  EVP_OpenFinal := nil;
+  EVP_SealInit := nil;
+  EVP_SealFinal := nil;
+  EVP_ENCODE_CTX_new := nil;
+  EVP_ENCODE_CTX_free := nil;
+  EVP_ENCODE_CTX_copy := nil;
+  EVP_ENCODE_CTX_num := nil;
+  EVP_EncodeInit := nil;
+  EVP_EncodeUpdate := nil;
+  EVP_EncodeFinal := nil;
+  EVP_EncodeBlock := nil;
+  EVP_DecodeInit := nil;
+  EVP_DecodeUpdate := nil;
+  EVP_DecodeFinal := nil;
+  EVP_DecodeBlock := nil;
+  EVP_CIPHER_CTX_new := nil;
+  EVP_CIPHER_CTX_reset := nil;
+  EVP_CIPHER_CTX_free := nil;
+  EVP_CIPHER_CTX_set_key_length := nil;
+  EVP_CIPHER_CTX_set_padding := nil;
+  EVP_CIPHER_CTX_ctrl := nil;
+  EVP_CIPHER_CTX_rand_key := nil;
+  BIO_f_md := nil;
+  BIO_f_base64 := nil;
+  BIO_f_cipher := nil;
+  BIO_f_reliable := nil;
+  BIO_set_cipher := nil;
+  EVP_md_null := nil;
+  EVP_md5 := nil;
+  EVP_md5_sha1 := nil;
+  EVP_sha1 := nil;
+  EVP_sha224 := nil;
+  EVP_sha256 := nil;
+  EVP_sha384 := nil;
+  EVP_sha512 := nil;
+  EVP_sha512_224 := nil;
+  EVP_sha512_256 := nil;
+  EVP_sha3_224 := nil;
+  EVP_sha3_256 := nil;
+  EVP_sha3_384 := nil;
+  EVP_sha3_512 := nil;
+  EVP_shake128 := nil;
+  EVP_shake256 := nil;
+  EVP_enc_null := nil;
+  EVP_des_ecb := nil;
+  EVP_des_ede := nil;
+  EVP_des_ede3 := nil;
+  EVP_des_ede_ecb := nil;
+  EVP_des_ede3_ecb := nil;
+  EVP_des_cfb64 := nil;
+  EVP_des_cfb1 := nil;
+  EVP_des_cfb8 := nil;
+  EVP_des_ede_cfb64 := nil;
+  EVP_des_ede3_cfb64 := nil;
+  EVP_des_ede3_cfb1 := nil;
+  EVP_des_ede3_cfb8 := nil;
+  EVP_des_ofb := nil;
+  EVP_des_ede_ofb := nil;
+  EVP_des_ede3_ofb := nil;
+  EVP_des_cbc := nil;
+  EVP_des_ede_cbc := nil;
+  EVP_des_ede3_cbc := nil;
+  EVP_desx_cbc := nil;
+  EVP_des_ede3_wrap := nil;
+  EVP_rc4 := nil;
+  EVP_rc4_40 := nil;
+  EVP_idea_ecb := nil;
+  EVP_idea_cfb64 := nil;
+  EVP_idea_ofb := nil;
+  EVP_idea_cbc := nil;
+  EVP_rc2_ecb := nil;
+  EVP_rc2_cbc := nil;
+  EVP_rc2_40_cbc := nil;
+  EVP_rc2_64_cbc := nil;
+  EVP_rc2_cfb64 := nil;
+  EVP_rc2_ofb := nil;
+  EVP_bf_ecb := nil;
+  EVP_bf_cbc := nil;
+  EVP_bf_cfb64 := nil;
+  EVP_bf_ofb := nil;
+  EVP_cast5_ecb := nil;
+  EVP_cast5_cbc := nil;
+  EVP_cast5_cfb64 := nil;
+  EVP_cast5_ofb := nil;
+  EVP_rc5_32_12_16_cbc := nil;
+  EVP_rc5_32_12_16_ecb := nil;
+  EVP_rc5_32_12_16_cfb64 := nil;
+  EVP_rc5_32_12_16_ofb := nil;
+  EVP_aes_128_ecb := nil;
+  EVP_aes_128_cbc := nil;
+  EVP_aes_128_cfb1 := nil;
+  EVP_aes_128_cfb8 := nil;
+  EVP_aes_128_cfb128 := nil;
+  EVP_aes_128_ofb := nil;
+  EVP_aes_128_ctr := nil;
+  EVP_aes_128_ccm := nil;
+  EVP_aes_128_gcm := nil;
+  EVP_aes_128_xts := nil;
+  EVP_aes_128_wrap := nil;
+  EVP_aes_128_wrap_pad := nil;
+  EVP_aes_128_ocb := nil;
+  EVP_aes_192_ecb := nil;
+  EVP_aes_192_cbc := nil;
+  EVP_aes_192_cfb1 := nil;
+  EVP_aes_192_cfb8 := nil;
+  EVP_aes_192_cfb128 := nil;
+  EVP_aes_192_ofb := nil;
+  EVP_aes_192_ctr := nil;
+  EVP_aes_192_ccm := nil;
+  EVP_aes_192_gcm := nil;
+  EVP_aes_192_wrap := nil;
+  EVP_aes_192_wrap_pad := nil;
+  EVP_aes_192_ocb := nil;
+  EVP_aes_256_ecb := nil;
+  EVP_aes_256_cbc := nil;
+  EVP_aes_256_cfb1 := nil;
+  EVP_aes_256_cfb8 := nil;
+  EVP_aes_256_cfb128 := nil;
+  EVP_aes_256_ofb := nil;
+  EVP_aes_256_ctr := nil;
+  EVP_aes_256_ccm := nil;
+  EVP_aes_256_gcm := nil;
+  EVP_aes_256_xts := nil;
+  EVP_aes_256_wrap := nil;
+  EVP_aes_256_wrap_pad := nil;
+  EVP_aes_256_ocb := nil;
+  EVP_aes_128_cbc_hmac_sha1 := nil;
+  EVP_aes_256_cbc_hmac_sha1 := nil;
+  EVP_aes_128_cbc_hmac_sha256 := nil;
+  EVP_aes_256_cbc_hmac_sha256 := nil;
+  EVP_aria_128_ecb := nil;
+  EVP_aria_128_cbc := nil;
+  EVP_aria_128_cfb1 := nil;
+  EVP_aria_128_cfb8 := nil;
+  EVP_aria_128_cfb128 := nil;
+  EVP_aria_128_ctr := nil;
+  EVP_aria_128_ofb := nil;
+  EVP_aria_128_gcm := nil;
+  EVP_aria_128_ccm := nil;
+  EVP_aria_192_ecb := nil;
+  EVP_aria_192_cbc := nil;
+  EVP_aria_192_cfb1 := nil;
+  EVP_aria_192_cfb8 := nil;
+  EVP_aria_192_cfb128 := nil;
+  EVP_aria_192_ctr := nil;
+  EVP_aria_192_ofb := nil;
+  EVP_aria_192_gcm := nil;
+  EVP_aria_192_ccm := nil;
+  EVP_aria_256_ecb := nil;
+  EVP_aria_256_cbc := nil;
+  EVP_aria_256_cfb1 := nil;
+  EVP_aria_256_cfb8 := nil;
+  EVP_aria_256_cfb128 := nil;
+  EVP_aria_256_ctr := nil;
+  EVP_aria_256_ofb := nil;
+  EVP_aria_256_gcm := nil;
+  EVP_aria_256_ccm := nil;
+  EVP_camellia_128_ecb := nil;
+  EVP_camellia_128_cbc := nil;
+  EVP_camellia_128_cfb1 := nil;
+  EVP_camellia_128_cfb8 := nil;
+  EVP_camellia_128_cfb128 := nil;
+  EVP_camellia_128_ofb := nil;
+  EVP_camellia_128_ctr := nil;
+  EVP_camellia_192_ecb := nil;
+  EVP_camellia_192_cbc := nil;
+  EVP_camellia_192_cfb1 := nil;
+  EVP_camellia_192_cfb8 := nil;
+  EVP_camellia_192_cfb128 := nil;
+  EVP_camellia_192_ofb := nil;
+  EVP_camellia_192_ctr := nil;
+  EVP_camellia_256_ecb := nil;
+  EVP_camellia_256_cbc := nil;
+  EVP_camellia_256_cfb1 := nil;
+  EVP_camellia_256_cfb8 := nil;
+  EVP_camellia_256_cfb128 := nil;
+  EVP_camellia_256_ofb := nil;
+  EVP_camellia_256_ctr := nil;
+  EVP_chacha20 := nil;
+  EVP_chacha20_poly1305 := nil;
+  EVP_seed_ecb := nil;
+  EVP_seed_cbc := nil;
+  EVP_seed_cfb128 := nil;
+  EVP_seed_ofb := nil;
+  EVP_sm4_ecb := nil;
+  EVP_sm4_cbc := nil;
+  EVP_sm4_cfb128 := nil;
+  EVP_sm4_ofb := nil;
+  EVP_sm4_ctr := nil;
+  EVP_add_cipher := nil;
+  EVP_add_digest := nil;
+  EVP_get_cipherbyname := nil;
+  EVP_get_digestbyname := nil;
+  EVP_CIPHER_do_all := nil;
+  EVP_CIPHER_do_all_sorted := nil;
+  EVP_MD_do_all := nil;
+  EVP_MD_do_all_sorted := nil;
+  EVP_PKEY_decrypt_old := nil;
+  EVP_PKEY_encrypt_old := nil;
+  EVP_PKEY_type := nil;
+  EVP_PKEY_id := nil;
+  EVP_PKEY_base_id := nil;
+  EVP_PKEY_bits := nil;
+  EVP_PKEY_security_bits := nil;
+  EVP_PKEY_size := nil;
+  EVP_PKEY_set_type := nil;
+  EVP_PKEY_set_type_str := nil;
+  EVP_PKEY_set_alias_type := nil;
+  EVP_PKEY_set1_engine := nil;
+  EVP_PKEY_get0_engine := nil;
+  EVP_PKEY_assign := nil;
+  EVP_PKEY_get0 := nil;
+  EVP_PKEY_get0_hmac := nil;
+  EVP_PKEY_get0_poly1305 := nil;
+  EVP_PKEY_get0_siphash := nil;
+  EVP_PKEY_set1_RSA := nil;
+  EVP_PKEY_get0_RSA := nil;
+  EVP_PKEY_get1_RSA := nil;
+  EVP_PKEY_set1_DSA := nil;
+  EVP_PKEY_get0_DSA := nil;
+  EVP_PKEY_get1_DSA := nil;
+  EVP_PKEY_set1_DH := nil;
+  EVP_PKEY_get0_DH := nil;
+  EVP_PKEY_get1_DH := nil;
+  EVP_PKEY_set1_EC_KEY := nil;
+  EVP_PKEY_get0_EC_KEY := nil;
+  EVP_PKEY_get1_EC_KEY := nil;
+  EVP_PKEY_new := nil;
+  EVP_PKEY_up_ref := nil;
+  EVP_PKEY_free := nil;
+  d2i_PublicKey := nil;
+  i2d_PublicKey := nil;
+  d2i_PrivateKey := nil;
+  d2i_AutoPrivateKey := nil;
+  i2d_PrivateKey := nil;
+  EVP_PKEY_copy_parameters := nil;
+  EVP_PKEY_missing_parameters := nil;
+  EVP_PKEY_save_parameters := nil;
+  EVP_PKEY_cmp_parameters := nil;
+  EVP_PKEY_cmp := nil;
+  EVP_PKEY_print_public := nil;
+  EVP_PKEY_print_private := nil;
+  EVP_PKEY_print_params := nil;
+  EVP_PKEY_get_default_digest_nid := nil;
+  EVP_PKEY_set1_tls_encodedpoint := nil;
+  EVP_PKEY_get1_tls_encodedpoint := nil;
+  EVP_CIPHER_type := nil;
+  EVP_CIPHER_param_to_asn1 := nil;
+  EVP_CIPHER_asn1_to_param := nil;
+  EVP_CIPHER_set_asn1_iv := nil;
+  EVP_CIPHER_get_asn1_iv := nil;
+  PKCS5_PBE_keyivgen := nil;
+  PKCS5_PBKDF2_HMAC_SHA1 := nil;
+  PKCS5_PBKDF2_HMAC := nil;
+  PKCS5_v2_PBE_keyivgen := nil;
+  EVP_PBE_scrypt := nil;
+  PKCS5_v2_scrypt_keyivgen := nil;
+  PKCS5_PBE_add := nil;
+  EVP_PBE_CipherInit := nil;
+  EVP_PBE_alg_add_type := nil;
+  EVP_PBE_alg_add := nil;
+  EVP_PBE_find := nil;
+  EVP_PBE_cleanup := nil;
+  EVP_PBE_get := nil;
+  EVP_PKEY_asn1_get_count := nil;
+  EVP_PKEY_asn1_get0 := nil;
+  EVP_PKEY_asn1_find := nil;
+  EVP_PKEY_asn1_find_str := nil;
+  EVP_PKEY_asn1_add0 := nil;
+  EVP_PKEY_asn1_add_alias := nil;
+  EVP_PKEY_asn1_get0_info := nil;
+  EVP_PKEY_get0_asn1 := nil;
+  EVP_PKEY_asn1_new := nil;
+  EVP_PKEY_asn1_copy := nil;
+  EVP_PKEY_asn1_free := nil;
+  EVP_PKEY_asn1_set_public := nil;
+  EVP_PKEY_asn1_set_private := nil;
+  EVP_PKEY_asn1_set_param := nil;
+  EVP_PKEY_asn1_set_free := nil;
+  EVP_PKEY_asn1_set_ctrl := nil;
+  EVP_PKEY_asn1_set_item := nil;
+  EVP_PKEY_asn1_set_siginf := nil;
+  EVP_PKEY_asn1_set_check := nil;
+  EVP_PKEY_asn1_set_public_check := nil;
+  EVP_PKEY_asn1_set_param_check := nil;
+  EVP_PKEY_asn1_set_set_priv_key := nil;
+  EVP_PKEY_asn1_set_set_pub_key := nil;
+  EVP_PKEY_asn1_set_get_priv_key := nil;
+  EVP_PKEY_asn1_set_get_pub_key := nil;
+  EVP_PKEY_asn1_set_security_bits := nil;
+  EVP_PKEY_meth_find := nil;
+  EVP_PKEY_meth_new := nil;
+  EVP_PKEY_meth_get0_info := nil;
+  EVP_PKEY_meth_copy := nil;
+  EVP_PKEY_meth_free := nil;
+  EVP_PKEY_meth_add0 := nil;
+  EVP_PKEY_meth_remove := nil;
+  EVP_PKEY_meth_get_count := nil;
+  EVP_PKEY_meth_get0 := nil;
+  EVP_PKEY_CTX_new := nil;
+  EVP_PKEY_CTX_new_id := nil;
+  EVP_PKEY_CTX_dup := nil;
+  EVP_PKEY_CTX_free := nil;
+  EVP_PKEY_CTX_ctrl := nil;
+  EVP_PKEY_CTX_ctrl_str := nil;
+  EVP_PKEY_CTX_ctrl_uint64 := nil;
+  EVP_PKEY_CTX_str2ctrl := nil;
+  EVP_PKEY_CTX_hex2ctrl := nil;
+  EVP_PKEY_CTX_md := nil;
+  EVP_PKEY_CTX_get_operation := nil;
+  EVP_PKEY_CTX_set0_keygen_info := nil;
+  EVP_PKEY_new_mac_key := nil;
+  EVP_PKEY_new_raw_private_key := nil;
+  EVP_PKEY_new_raw_public_key := nil;
+  EVP_PKEY_get_raw_private_key := nil;
+  EVP_PKEY_get_raw_public_key := nil;
+  EVP_PKEY_new_CMAC_key := nil;
+  EVP_PKEY_CTX_set_data := nil;
+  EVP_PKEY_CTX_get_data := nil;
+  EVP_PKEY_CTX_get0_pkey := nil;
+  EVP_PKEY_CTX_get0_peerkey := nil;
+  EVP_PKEY_CTX_set_app_data := nil;
+  EVP_PKEY_CTX_get_app_data := nil;
+  EVP_PKEY_sign_init := nil;
+  EVP_PKEY_sign := nil;
+  EVP_PKEY_verify_init := nil;
+  EVP_PKEY_verify := nil;
+  EVP_PKEY_verify_recover_init := nil;
+  EVP_PKEY_verify_recover := nil;
+  EVP_PKEY_encrypt_init := nil;
+  EVP_PKEY_encrypt := nil;
+  EVP_PKEY_decrypt_init := nil;
+  EVP_PKEY_decrypt := nil;
+  EVP_PKEY_derive_init := nil;
+  EVP_PKEY_derive_set_peer := nil;
+  EVP_PKEY_derive := nil;
+  EVP_PKEY_paramgen_init := nil;
+  EVP_PKEY_paramgen := nil;
+  EVP_PKEY_keygen_init := nil;
+  EVP_PKEY_keygen := nil;
+  EVP_PKEY_check := nil;
+  EVP_PKEY_public_check := nil;
+  EVP_PKEY_param_check := nil;
+  EVP_PKEY_CTX_set_cb := nil;
+  EVP_PKEY_CTX_get_cb := nil;
+  EVP_PKEY_CTX_get_keygen_info := nil;
+  EVP_PKEY_meth_set_init := nil;
+  EVP_PKEY_meth_set_copy := nil;
+  EVP_PKEY_meth_set_cleanup := nil;
+  EVP_PKEY_meth_set_paramgen := nil;
+  EVP_PKEY_meth_set_keygen := nil;
+  EVP_PKEY_meth_set_sign := nil;
+  EVP_PKEY_meth_set_verify := nil;
+  EVP_PKEY_meth_set_verify_recover := nil;
+  EVP_PKEY_meth_set_signctx := nil;
+  EVP_PKEY_meth_set_verifyctx := nil;
+  EVP_PKEY_meth_set_encrypt := nil;
+  EVP_PKEY_meth_set_decrypt := nil;
+  EVP_PKEY_meth_set_derive := nil;
+  EVP_PKEY_meth_set_ctrl := nil;
+  EVP_PKEY_meth_set_digestsign := nil;
+  EVP_PKEY_meth_set_digestverify := nil;
+  EVP_PKEY_meth_set_check := nil;
+  EVP_PKEY_meth_set_public_check := nil;
+  EVP_PKEY_meth_set_param_check := nil;
+  EVP_PKEY_meth_set_digest_custom := nil;
+  EVP_PKEY_meth_get_init := nil;
+  EVP_PKEY_meth_get_copy := nil;
+  EVP_PKEY_meth_get_cleanup := nil;
+  EVP_PKEY_meth_get_paramgen := nil;
+  EVP_PKEY_meth_get_keygen := nil;
+  EVP_PKEY_meth_get_sign := nil;
+  EVP_PKEY_meth_get_verify := nil;
+  EVP_PKEY_meth_get_verify_recover := nil;
+  EVP_PKEY_meth_get_signctx := nil;
+  EVP_PKEY_meth_get_verifyctx := nil;
+  EVP_PKEY_meth_get_encrypt := nil;
+  EVP_PKEY_meth_get_decrypt := nil;
+  EVP_PKEY_meth_get_derive := nil;
+  EVP_PKEY_meth_get_ctrl := nil;
+  EVP_PKEY_meth_get_digestsign := nil;
+  EVP_PKEY_meth_get_digestverify := nil;
+  EVP_PKEY_meth_get_check := nil;
+  EVP_PKEY_meth_get_public_check := nil;
+  EVP_PKEY_meth_get_param_check := nil;
+  EVP_PKEY_meth_get_digest_custom := nil;
+  EVP_add_alg_module := nil;
+end;
+{$ENDREGION}
+
+{$REGION 'C compiler macros'}
+//#  define EVP_PKEY_assign_RSA(pkey,rsa) EVP_PKEY_assign((pkey),EVP_PKEY_RSA, (char *)(rsa))
+function EVP_PKEY_assign_RSA(pkey: PEVP_PKEY; rsa: Pointer): TIdC_INT;
+begin
+  Result := EVP_PKEY_assign(pkey, EVP_PKEY_RSA, rsa);
+end;
+
+//#  define EVP_PKEY_assign_DSA(pkey,dsa) EVP_PKEY_assign((pkey),EVP_PKEY_DSA, (char *)(dsa))
+function EVP_PKEY_assign_DSA(pkey: PEVP_PKEY; dsa: Pointer): TIdC_INT;
+begin
+  Result := EVP_PKEY_assign(pkey, EVP_PKEY_DSA, dsa);
+end;
+
+//#  define EVP_PKEY_assign_DH(pkey,dh) EVP_PKEY_assign((pkey),EVP_PKEY_DH, (char *)(dh))
+function EVP_PKEY_assign_DH(pkey: PEVP_PKEY; dh: Pointer): TIdC_INT;
+begin
+  Result := EVP_PKEY_assign(pkey, EVP_PKEY_DH, dh);
+end;
+
+//#  define EVP_PKEY_assign_EC_KEY(pkey,eckey) EVP_PKEY_assign((pkey),EVP_PKEY_EC, (char *)(eckey))
+function EVP_PKEY_assign_EC_KEY(pkey: PEVP_PKEY; eckey: Pointer): TIdC_INT;
+begin
+  Result := EVP_PKEY_assign(pkey, EVP_PKEY_EC, eckey);
+end;
+
+//#  define EVP_PKEY_assign_SIPHASH(pkey,shkey) EVP_PKEY_assign((pkey),EVP_PKEY_SIPHASH, (char *)(shkey))
+function EVP_PKEY_assign_SIPHASH(pkey: PEVP_PKEY; shkey: Pointer): TIdC_INT;
+begin
+  Result := EVP_PKEY_assign(pkey, EVP_PKEY_SIPHASH, shkey);
+end;
+
+//#  define EVP_PKEY_assign_POLY1305(pkey,polykey) EVP_PKEY_assign((pkey),EVP_PKEY_POLY1305, (char *)(polykey))
+function EVP_PKEY_assign_POLY1305(pkey: PEVP_PKEY; polykey: Pointer): TIdC_INT;
+begin
+  Result := EVP_PKEY_assign(pkey, EVP_PKEY_POLY1305, polykey);
+end;
+{$ENDREGION}
+
+end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_evperr.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_evperr.pas
new file mode 100644
index 000000000..8c268dddf
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_evperr.pas
@@ -0,0 +1,260 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 15:01:04
+
+unit IdOpenSSLHeaders_evperr;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// evperr.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  Classes,
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+const
+  (*
+   * EVP function codes.
+   *)
+  EVP_F_AESNI_INIT_KEY =        165;
+  EVP_F_AESNI_XTS_INIT_KEY =       207;
+  EVP_F_AES_GCM_CTRL =         196;
+  EVP_F_AES_INIT_KEY =         133;
+  EVP_F_AES_OCB_CIPHER =        169;
+  EVP_F_AES_T4_INIT_KEY =        178;
+  EVP_F_AES_T4_XTS_INIT_KEY =       208;
+  EVP_F_AES_WRAP_CIPHER =        170;
+  EVP_F_AES_XTS_INIT_KEY =        209;
+  EVP_F_ALG_MODULE_INIT =        177;
+  EVP_F_ARIA_CCM_INIT_KEY =       175;
+  EVP_F_ARIA_GCM_CTRL =        197;
+  EVP_F_ARIA_GCM_INIT_KEY =       176;
+  EVP_F_ARIA_INIT_KEY =        185;
+  EVP_F_B64_NEW =          198;
+  EVP_F_CAMELLIA_INIT_KEY =       159;
+  EVP_F_CHACHA20_POLY1305_CTRL =      182;
+  EVP_F_CMLL_T4_INIT_KEY =        179;
+  EVP_F_DES_EDE3_WRAP_CIPHER =       171;
+  EVP_F_DO_SIGVER_INIT =        161;
+  EVP_F_ENC_NEW =          199;
+  EVP_F_EVP_CIPHERINIT_EX =       123;
+  EVP_F_EVP_CIPHER_ASN1_TO_PARAM =      204;
+  EVP_F_EVP_CIPHER_CTX_COPY =       163;
+  EVP_F_EVP_CIPHER_CTX_CTRL =       124;
+  EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH =    122;
+  EVP_F_EVP_CIPHER_PARAM_TO_ASN1 =      205;
+  EVP_F_EVP_DECRYPTFINAL_EX =       101;
+  EVP_F_EVP_DECRYPTUPDATE =       166;
+  EVP_F_EVP_DIGESTFINALXOF =       174;
+  EVP_F_EVP_DIGESTINIT_EX =       128;
+  EVP_F_EVP_ENCRYPTDECRYPTUPDATE =      219;
+  EVP_F_EVP_ENCRYPTFINAL_EX =       127;
+  EVP_F_EVP_ENCRYPTUPDATE =       167;
+  EVP_F_EVP_MD_CTX_COPY_EX =       110;
+  EVP_F_EVP_MD_SIZE =         162;
+  EVP_F_EVP_OPENINIT =         102;
+  EVP_F_EVP_PBE_ALG_ADD =        115;
+  EVP_F_EVP_PBE_ALG_ADD_TYPE =       160;
+  EVP_F_EVP_PBE_CIPHERINIT =       116;
+  EVP_F_EVP_PBE_SCRYPT =        181;
+  EVP_F_EVP_PKCS82PKEY =        111;
+  EVP_F_EVP_PKEY2PKCS8 =        113;
+  EVP_F_EVP_PKEY_ASN1_ADD0 =       188;
+  EVP_F_EVP_PKEY_CHECK =        186;
+  EVP_F_EVP_PKEY_COPY_PARAMETERS =      103;
+  EVP_F_EVP_PKEY_CTX_CTRL =       137;
+  EVP_F_EVP_PKEY_CTX_CTRL_STR =      150;
+  EVP_F_EVP_PKEY_CTX_DUP =        156;
+  EVP_F_EVP_PKEY_CTX_MD =        168;
+  EVP_F_EVP_PKEY_DECRYPT =        104;
+  EVP_F_EVP_PKEY_DECRYPT_INIT =      138;
+  EVP_F_EVP_PKEY_DECRYPT_OLD =       151;
+  EVP_F_EVP_PKEY_DERIVE =        153;
+  EVP_F_EVP_PKEY_DERIVE_INIT =       154;
+  EVP_F_EVP_PKEY_DERIVE_SET_PEER =      155;
+  EVP_F_EVP_PKEY_ENCRYPT =        105;
+  EVP_F_EVP_PKEY_ENCRYPT_INIT =      139;
+  EVP_F_EVP_PKEY_ENCRYPT_OLD =       152;
+  EVP_F_EVP_PKEY_GET0_DH =        119;
+  EVP_F_EVP_PKEY_GET0_DSA =       120;
+  EVP_F_EVP_PKEY_GET0_EC_KEY =       131;
+  EVP_F_EVP_PKEY_GET0_HMAC =       183;
+  EVP_F_EVP_PKEY_GET0_POLY1305 =      184;
+  EVP_F_EVP_PKEY_GET0_RSA =       121;
+  EVP_F_EVP_PKEY_GET0_SIPHASH =      172;
+  EVP_F_EVP_PKEY_GET_RAW_PRIVATE_KEY =     202;
+  EVP_F_EVP_PKEY_GET_RAW_PUBLIC_KEY =     203;
+  EVP_F_EVP_PKEY_KEYGEN =        146;
+  EVP_F_EVP_PKEY_KEYGEN_INIT =       147;
+  EVP_F_EVP_PKEY_METH_ADD0 =       194;
+  EVP_F_EVP_PKEY_METH_NEW =       195;
+  EVP_F_EVP_PKEY_NEW =         106;
+  EVP_F_EVP_PKEY_NEW_CMAC_KEY =      193;
+  EVP_F_EVP_PKEY_NEW_RAW_PRIVATE_KEY =     191;
+  EVP_F_EVP_PKEY_NEW_RAW_PUBLIC_KEY =     192;
+  EVP_F_EVP_PKEY_PARAMGEN =       148;
+  EVP_F_EVP_PKEY_PARAMGEN_INIT =      149;
+  EVP_F_EVP_PKEY_PARAM_CHECK =       189;
+  EVP_F_EVP_PKEY_PUBLIC_CHECK =      190;
+  EVP_F_EVP_PKEY_SET1_ENGINE =       187;
+  EVP_F_EVP_PKEY_SET_ALIAS_TYPE =      206;
+  EVP_F_EVP_PKEY_SIGN =        140;
+  EVP_F_EVP_PKEY_SIGN_INIT =       141;
+  EVP_F_EVP_PKEY_VERIFY =        142;
+  EVP_F_EVP_PKEY_VERIFY_INIT =       143;
+  EVP_F_EVP_PKEY_VERIFY_RECOVER =      144;
+  EVP_F_EVP_PKEY_VERIFY_RECOVER_INIT =     145;
+  EVP_F_EVP_SIGNFINAL =        107;
+  EVP_F_EVP_VERIFYFINAL =        108;
+  EVP_F_INT_CTX_NEW =         157;
+  EVP_F_OK_NEW =          200;
+  EVP_F_PKCS5_PBE_KEYIVGEN =       117;
+  EVP_F_PKCS5_V2_PBE_KEYIVGEN =      118;
+  EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN =      164;
+  EVP_F_PKCS5_V2_SCRYPT_KEYIVGEN =      180;
+  EVP_F_PKEY_SET_TYPE =        158;
+  EVP_F_RC2_MAGIC_TO_METH =       109;
+  EVP_F_RC5_CTRL =          125;
+  EVP_F_R_32_12_16_INIT_KEY =       242;
+  EVP_F_S390X_AES_GCM_CTRL =       201;
+  EVP_F_UPDATE =          173;
+
+  (*
+   * EVP reason codes.
+   *)
+  EVP_R_AES_KEY_SETUP_FAILED = 143;
+  EVP_R_ARIA_KEY_SETUP_FAILED = 176;
+  EVP_R_BAD_DECRYPT = 100;
+  EVP_R_BAD_KEY_LENGTH = 195;
+  EVP_R_BUFFER_TOO_SMALL = 155;
+  EVP_R_CAMELLIA_KEY_SETUP_FAILED = 157;
+  EVP_R_CIPHER_PARAMETER_ERROR = 122;
+  EVP_R_COMMAND_NOT_SUPPORTED = 147;
+  EVP_R_COPY_ERROR = 173;
+  EVP_R_CTRL_NOT_IMPLEMENTED = 132;
+  EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED = 133;
+  EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH = 138;
+  EVP_R_DECODE_ERROR = 114;
+  EVP_R_DIFFERENT_KEY_TYPES = 101;
+  EVP_R_DIFFERENT_PARAMETERS = 153;
+  EVP_R_ERROR_LOADING_SECTION = 165;
+  EVP_R_ERROR_SETTING_FIPS_MODE = 166;
+  EVP_R_EXPECTING_AN_HMAC_KEY = 174;
+  EVP_R_EXPECTING_AN_RSA_KEY = 127;
+  EVP_R_EXPECTING_A_DH_KEY = 128;
+  EVP_R_EXPECTING_A_DSA_KEY = 129;
+  EVP_R_EXPECTING_A_EC_KEY = 142;
+  EVP_R_EXPECTING_A_POLY1305_KEY = 164;
+  EVP_R_EXPECTING_A_SIPHASH_KEY = 175;
+  EVP_R_FIPS_MODE_NOT_SUPPORTED = 167;
+  EVP_R_GET_RAW_KEY_FAILED = 182;
+  EVP_R_ILLEGAL_SCRYPT_PARAMETERS = 171;
+  EVP_R_INITIALIZATION_ERROR = 134;
+  EVP_R_INPUT_NOT_INITIALIZED = 111;
+  EVP_R_INVALID_DIGEST = 152;
+  EVP_R_INVALID_FIPS_MODE = 168;
+  EVP_R_INVALID_KEY = 163;
+  EVP_R_INVALID_KEY_LENGTH = 130;
+  EVP_R_INVALID_OPERATION = 148;
+  EVP_R_KEYGEN_FAILURE = 120;
+  EVP_R_KEY_SETUP_FAILED = 180;
+  EVP_R_MEMORY_LIMIT_EXCEEDED = 172;
+  EVP_R_MESSAGE_DIGEST_IS_NULL = 159;
+  EVP_R_METHOD_NOT_SUPPORTED = 144;
+  EVP_R_MISSING_PARAMETERS = 103;
+  EVP_R_NOT_XOF_OR_INVALID_LENGTH = 178;
+  EVP_R_NO_CIPHER_SET = 131;
+  EVP_R_NO_DEFAULT_DIGEST = 158;
+  EVP_R_NO_DIGEST_SET = 139;
+  EVP_R_NO_KEY_SET = 154;
+  EVP_R_NO_OPERATION_SET = 149;
+  EVP_R_ONLY_ONESHOT_SUPPORTED = 177;
+  EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE = 150;
+  EVP_R_OPERATON_NOT_INITIALIZED = 151;
+  EVP_R_PARTIALLY_OVERLAPPING = 162;
+  EVP_R_PBKDF2_ERROR = 181;
+  EVP_R_PKEY_APPLICATION_ASN1_METHOD_ALREADY_REGISTERED = 179;
+  EVP_R_PRIVATE_KEY_DECODE_ERROR = 145;
+  EVP_R_PRIVATE_KEY_ENCODE_ERROR = 146;
+  EVP_R_PUBLIC_KEY_NOT_RSA = 106;
+  EVP_R_UNKNOWN_CIPHER = 160;
+  EVP_R_UNKNOWN_DIGEST = 161;
+  EVP_R_UNKNOWN_OPTION = 169;
+  EVP_R_UNKNOWN_PBE_ALGORITHM = 121;
+  EVP_R_UNSUPPORTED_ALGORITHM = 156;
+  EVP_R_UNSUPPORTED_CIPHER = 107;
+  EVP_R_UNSUPPORTED_KEYLENGTH = 123;
+  EVP_R_UNSUPPORTED_KEY_DERIVATION_FUNCTION = 124;
+  EVP_R_UNSUPPORTED_KEY_SIZE = 108;
+  EVP_R_UNSUPPORTED_NUMBER_OF_ROUNDS = 135;
+  EVP_R_UNSUPPORTED_PRF = 125;
+  EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM = 118;
+  EVP_R_UNSUPPORTED_SALT_TYPE = 126;
+  EVP_R_WRAP_MODE_NOT_ALLOWED = 170;
+  EVP_R_WRONG_FINAL_BLOCK_LENGTH = 109;
+  EVP_R_XTS_DUPLICATED_KEYS = 183;
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+procedure UnLoad;
+{$ENDREGION}
+
+var
+  ERR_load_EVP_strings: function: TIdC_INT cdecl = nil;
+
+implementation
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+
+  function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
+  begin
+    Result := LoadLibFunction(ADllHandle, AMethodName);
+    if not Assigned(Result) then
+      AFailed.Add(AMethodName);
+  end;
+
+begin
+  ERR_load_EVP_strings := LoadFunction('ERR_load_EVP_strings', AFailed);
+end;
+
+procedure UnLoad;
+begin
+  ERR_load_EVP_strings := nil;
+end;
+{$ENDREGION}
+
+end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_hmac.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_hmac.pas
new file mode 100644
index 000000000..da60f2f39
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_hmac.pas
@@ -0,0 +1,111 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 15:01:04
+
+unit IdOpenSSLHeaders_hmac;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// hmac.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  Classes,
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts,
+  IdOpenSSLHeaders_ossl_typ;
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+procedure UnLoad;
+{$ENDREGION}
+
+var
+  HMAC_size: function(const e: PHMAC_CTX): TIdC_SIZET cdecl = nil;
+  HMAC_CTX_new: function: PHMAC_CTX cdecl = nil;
+  HMAC_CTX_reset: function(ctx: PHMAC_CTX): TIdC_INT cdecl = nil;
+  HMAC_CTX_free: procedure(ctx: PHMAC_CTX) cdecl = nil;
+
+  HMAC_Init_ex: function(ctx: PHMAC_CTX; const key: Pointer; len: TIdC_INT; const md: PEVP_MD; impl: PENGINE): TIdC_INT cdecl = nil;
+  HMAC_Update: function(ctx: PHMAC_CTX; const data: PByte; len: TIdC_SIZET): TIdC_INT cdecl = nil;
+  HMAC_Final: function(ctx: PHMAC_CTX; md: PByte; len: PByte): TIdC_INT cdecl = nil;
+  HMAC: function(const evp_md: PEVP_MD; const key: Pointer; key_len: TIdC_INT; const d: PByte; n: TIdC_SIZET; md: PByte; md_len: PIdC_INT): PByte cdecl = nil;
+  HMAC_CTX_copy: function(dctx: PHMAC_CTX; sctx: PHMAC_CTX): TIdC_INT cdecl = nil;
+
+  HMAC_CTX_set_flags: procedure(ctx: PHMAC_CTX; flags: TIdC_ULONG) cdecl = nil;
+  HMAC_CTX_get_md: function(const ctx: PHMAC_CTX): PEVP_MD cdecl = nil;
+
+implementation
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+
+  function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
+  begin
+    Result := LoadLibFunction(ADllHandle, AMethodName);
+    if not Assigned(Result) then
+      AFailed.Add(AMethodName);
+  end;
+
+begin
+  HMAC_size := LoadFunction('HMAC_size', AFailed);
+  HMAC_CTX_new := LoadFunction('HMAC_CTX_new', AFailed);
+  HMAC_CTX_reset := LoadFunction('HMAC_CTX_reset', AFailed);
+  HMAC_CTX_free := LoadFunction('HMAC_CTX_free', AFailed);
+  HMAC_Init_ex := LoadFunction('HMAC_Init_ex', AFailed);
+  HMAC_Update := LoadFunction('HMAC_Update', AFailed);
+  HMAC_Final := LoadFunction('HMAC_Final', AFailed);
+  HMAC := LoadFunction('HMAC', AFailed);
+  HMAC_CTX_copy := LoadFunction('HMAC_CTX_copy', AFailed);
+  HMAC_CTX_set_flags := LoadFunction('HMAC_CTX_set_flags', AFailed);
+  HMAC_CTX_get_md := LoadFunction('HMAC_CTX_get_md', AFailed);
+end;
+
+procedure UnLoad;
+begin
+  HMAC_size := nil;
+  HMAC_CTX_new := nil;
+  HMAC_CTX_reset := nil;
+  HMAC_CTX_free := nil;
+  HMAC_Init_ex := nil;
+  HMAC_Update := nil;
+  HMAC_Final := nil;
+  HMAC := nil;
+  HMAC_CTX_copy := nil;
+  HMAC_CTX_set_flags := nil;
+  HMAC_CTX_get_md := nil;
+end;
+{$ENDREGION}
+
+end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_idea.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_idea.pas
new file mode 100644
index 000000000..2561e7f24
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_idea.pas
@@ -0,0 +1,117 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 15:01:04
+
+unit IdOpenSSLHeaders_idea;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// idea.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  Classes,
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+const
+  // Added '_CONST' to avoid name clashes
+  IDEA_ENCRYPT_CONST = 1;
+  // Added '_CONST' to avoid name clashes
+  IDEA_DECRYPT_CONST = 0;
+
+  IDEA_BLOCK      = 8;
+  IDEA_KEY_LENGTH = 16;
+
+type
+  IDEA_INT = type TIdC_INT;
+
+  idea_key_st = record
+    data: array[0..8, 0..5] of IDEA_INT;
+  end;
+  IDEA_KEY_SCHEDULE = idea_key_st;
+  PIDEA_KEY_SCHEDULE = ^IDEA_KEY_SCHEDULE;
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+procedure UnLoad;
+{$ENDREGION}
+
+var
+  IDEA_options: function: PIdAnsiChar cdecl = nil;
+  IDEA_ecb_encrypt: procedure(const &in: PByte; &out: PByte; ks: PIDEA_KEY_SCHEDULE) cdecl = nil;
+  IDEA_set_encrypt_key: procedure(const key: PByte; ks: PIDEA_KEY_SCHEDULE) cdecl = nil;
+  IDEA_set_decrypt_key: procedure(ek: PIDEA_KEY_SCHEDULE; dk: PIDEA_KEY_SCHEDULE) cdecl = nil;
+  IDEA_cbc_encrypt: procedure(const &in: PByte; &out: PByte; length: TIdC_LONG; ks: PIDEA_KEY_SCHEDULE; iv: PByte; enc: TIdC_INT) cdecl = nil;
+  IDEA_cfb64_encrypt: procedure(const &in: PByte; &out: PByte; length: TIdC_LONG; ks: PIDEA_KEY_SCHEDULE; iv: PByte; num: PIdC_INT; enc: TIdC_INT) cdecl = nil;
+  IDEA_ofb64_encrypt: procedure(const &in: PByte; &out: PByte; length: TIdC_LONG; ks: PIDEA_KEY_SCHEDULE; iv: PByte; num: PIdC_INT) cdecl = nil;
+  IDEA_encrypt: procedure(&in: PIdC_LONG; ks: PIDEA_KEY_SCHEDULE) cdecl = nil;
+
+implementation
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+
+  function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
+  begin
+    Result := LoadLibFunction(ADllHandle, AMethodName);
+    if not Assigned(Result) then
+      AFailed.Add(AMethodName);
+  end;
+
+begin
+  IDEA_options := LoadFunction('IDEA_options', AFailed);
+  IDEA_ecb_encrypt := LoadFunction('IDEA_ecb_encrypt', AFailed);
+  IDEA_set_encrypt_key := LoadFunction('IDEA_set_encrypt_key', AFailed);
+  IDEA_set_decrypt_key := LoadFunction('IDEA_set_decrypt_key', AFailed);
+  IDEA_cbc_encrypt := LoadFunction('IDEA_cbc_encrypt', AFailed);
+  IDEA_cfb64_encrypt := LoadFunction('IDEA_cfb64_encrypt', AFailed);
+  IDEA_ofb64_encrypt := LoadFunction('IDEA_ofb64_encrypt', AFailed);
+  IDEA_encrypt := LoadFunction('IDEA_encrypt', AFailed);
+end;
+
+procedure UnLoad;
+begin
+  IDEA_options := nil;
+  IDEA_ecb_encrypt := nil;
+  IDEA_set_encrypt_key := nil;
+  IDEA_set_decrypt_key := nil;
+  IDEA_cbc_encrypt := nil;
+  IDEA_cfb64_encrypt := nil;
+  IDEA_ofb64_encrypt := nil;
+  IDEA_encrypt := nil;
+end;
+{$ENDREGION}
+
+end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_kdferr.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_kdferr.pas
new file mode 100644
index 000000000..035168600
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_kdferr.pas
@@ -0,0 +1,111 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 15:01:04
+
+unit IdOpenSSLHeaders_kdferr;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// kdferr.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  Classes,
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+const
+  (*
+   * KDF function codes.
+   *)
+  KDF_F_PKEY_HKDF_CTRL_STR = 103;
+  KDF_F_PKEY_HKDF_DERIVE = 102;
+  KDF_F_PKEY_HKDF_INIT = 108;
+  KDF_F_PKEY_SCRYPT_CTRL_STR = 104;
+  KDF_F_PKEY_SCRYPT_CTRL_UINT64 = 105;
+  KDF_F_PKEY_SCRYPT_DERIVE = 109;
+  KDF_F_PKEY_SCRYPT_INIT = 106;
+  KDF_F_PKEY_SCRYPT_SET_MEMBUF = 107;
+  KDF_F_PKEY_TLS1_PRF_CTRL_STR = 100;
+  KDF_F_PKEY_TLS1_PRF_DERIVE = 101;
+  KDF_F_PKEY_TLS1_PRF_INIT = 110;
+  KDF_F_TLS1_PRF_ALG = 111;
+
+  (*
+   * KDF reason codes.
+   *)
+  KDF_R_INVALID_DIGEST = 100;
+  KDF_R_MISSING_ITERATION_COUNT = 109;
+  KDF_R_MISSING_KEY = 104;
+  KDF_R_MISSING_MESSAGE_DIGEST = 105;
+  KDF_R_MISSING_PARAMETER = 101;
+  KDF_R_MISSING_PASS = 110;
+  KDF_R_MISSING_SALT = 111;
+  KDF_R_MISSING_SECRET = 107;
+  KDF_R_MISSING_SEED = 106;
+  KDF_R_UNKNOWN_PARAMETER_TYPE = 103;
+  KDF_R_VALUE_ERROR = 108;
+  KDF_R_VALUE_MISSING = 102;
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+procedure UnLoad;
+{$ENDREGION}
+
+var
+  ERR_load_KDF_strings: function: TIdC_INT cdecl = nil;
+
+implementation
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+
+  function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
+  begin
+    Result := LoadLibFunction(ADllHandle, AMethodName);
+    if not Assigned(Result) then
+      AFailed.Add(AMethodName);
+  end;
+
+begin
+  ERR_load_KDF_strings := LoadFunction('ERR_load_KDF_strings', AFailed);
+end;
+
+procedure UnLoad;
+begin
+  ERR_load_KDF_strings := nil;
+end;
+{$ENDREGION}
+
+end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_obj_mac.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_obj_mac.pas
new file mode 100644
index 000000000..389f5a5b7
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_obj_mac.pas
@@ -0,0 +1,2921 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 15:01:04
+
+unit IdOpenSSLHeaders_obj_mac;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// obj_mac.h
+
+{$i IdCompilerDefines.inc}
+
+const
+  SN_undef =       'UNDEF';
+  LN_undef =       'undefined';
+  NID_undef =       0;
+  SN_itu_t =     'ITU-T';
+  LN_itu_t =     'itu-t';
+  NID_itu_t =     645;
+  NID_ccitt =     404;
+  SN_iso =   'ISO';
+  LN_iso =   'iso';
+  NID_iso =   181;
+  SN_joint_iso_itu_t =    'JOINT-ISO-ITU-T';
+  LN_joint_iso_itu_t =    'joint-iso-itu-t';
+  NID_joint_iso_itu_t =    646;
+  NID_joint_iso_ccitt =    393;
+  SN_member_body =   'member-body';
+  LN_member_body =   'ISO Member Body';
+  NID_member_body =   182;
+  SN_identified_organization =    'identified-organization';
+  NID_identified_organization =    676;
+  SN_hmac_md5 =    'HMAC-MD5';
+  LN_hmac_md5 =    'hmac-md5';
+  NID_hmac_md5 =    780;
+  SN_hmac_sha1 =    'HMAC-SHA1';
+  LN_hmac_sha1 =    'hmac-sha1';
+  NID_hmac_sha1 =    781;
+  SN_x509ExtAdmission =    'x509ExtAdmission';
+  LN_x509ExtAdmission =    'Professional Information or basis for Admission';
+  NID_x509ExtAdmission =    1093;
+  SN_certicom_arc =   'certicom-arc';
+  NID_certicom_arc =     677;
+  SN_ieee =   'ieee';
+  NID_ieee =     1170;
+  SN_ieee_siswg =    'ieee-siswg';
+  LN_ieee_siswg =    'IEEE Security in Storage Working Group';
+  NID_ieee_siswg =   1171;
+  SN_international_organizations =   'international-organizations';
+  LN_international_organizations =   'International Organizations';
+  NID_international_organizations =   647;
+  SN_wap =   'wap';
+  NID_wap =   678;
+  SN_wap_wsg =    'wap-wsg';
+  NID_wap_wsg =    679;
+  SN_selected_attribute_types =    'selected-attribute-types';
+  LN_selected_attribute_types =    'Selected Attribute Types';
+  NID_selected_attribute_types =    394;
+  SN_clearance =    'clearance';
+  NID_clearance =    395;
+  SN_ISO_US =     'ISO-US';
+  LN_ISO_US =     'ISO US Member Body';
+  NID_ISO_US =    183;
+  SN_X9_57 =     'X9-57';
+  LN_X9_57 =     'X9.57';
+  NID_X9_57 =     184;
+  SN_X9cm =   'X9cm';
+  LN_X9cm =   'X9.57 CM ?';
+  NID_X9cm =     185;
+  SN_ISO_CN =     'ISO-CN';
+  LN_ISO_CN =     'ISO CN Member Body';
+  NID_ISO_CN =    1140;
+  SN_oscca =     'oscca';
+  NID_oscca =     1141;
+  SN_sm_scheme =    'sm-scheme';
+  NID_sm_scheme =    1142;
+  SN_dsa =   'DSA';
+  LN_dsa =   'dsaEncryption';
+  NID_dsa =   116;
+  SN_dsaWithSHA1 =   'DSA-SHA1';
+  LN_dsaWithSHA1 =   'dsaWithSHA1';
+  NID_dsaWithSHA1 =   113;
+  SN_ansi_X9_62 =    'ansi-X9-62';
+  LN_ansi_X9_62 =    'ANSI X9.62';
+  NID_ansi_X9_62 =   405;
+  SN_X9_62_prime_field =    'prime-field';
+  NID_X9_62_prime_field =    406;
+  SN_X9_62_characteristic_two_field =     'characteristic-two-field';
+  NID_X9_62_characteristic_two_field =    407;
+  SN_X9_62_id_characteristic_two_basis =    'id-characteristic-two-basis';
+  NID_X9_62_id_characteristic_two_basis =    680;
+  SN_X9_62_onBasis =     'onBasis';
+  NID_X9_62_onBasis =     681;
+  SN_X9_62_tpBasis =     'tpBasis';
+  NID_X9_62_tpBasis =     682;
+  SN_X9_62_ppBasis =     'ppBasis';
+  NID_X9_62_ppBasis =     683;
+  SN_X9_62_id_ecPublicKey =   'id-ecPublicKey';
+  NID_X9_62_id_ecPublicKey =     408;
+  SN_X9_62_c2pnb163v1 =    'c2pnb163v1';
+  NID_X9_62_c2pnb163v1 =    684;
+  SN_X9_62_c2pnb163v2 =    'c2pnb163v2';
+  NID_X9_62_c2pnb163v2 =    685;
+  SN_X9_62_c2pnb163v3 =    'c2pnb163v3';
+  NID_X9_62_c2pnb163v3 =    686;
+  SN_X9_62_c2pnb176v1 =    'c2pnb176v1';
+  NID_X9_62_c2pnb176v1 =    687;
+  SN_X9_62_c2tnb191v1 =    'c2tnb191v1';
+  NID_X9_62_c2tnb191v1 =    688;
+  SN_X9_62_c2tnb191v2 =    'c2tnb191v2';
+  NID_X9_62_c2tnb191v2 =    689;
+  SN_X9_62_c2tnb191v3 =    'c2tnb191v3';
+  NID_X9_62_c2tnb191v3 =    690;
+  SN_X9_62_c2onb191v4 =    'c2onb191v4';
+  NID_X9_62_c2onb191v4 =    691;
+  SN_X9_62_c2onb191v5 =    'c2onb191v5';
+  NID_X9_62_c2onb191v5 =    692;
+  SN_X9_62_c2pnb208w1 =    'c2pnb208w1';
+  NID_X9_62_c2pnb208w1 =    693;
+  SN_X9_62_c2tnb239v1 =    'c2tnb239v1';
+  NID_X9_62_c2tnb239v1 =    694;
+  SN_X9_62_c2tnb239v2 =    'c2tnb239v2';
+  NID_X9_62_c2tnb239v2 =    695;
+  SN_X9_62_c2tnb239v3 =    'c2tnb239v3';
+  NID_X9_62_c2tnb239v3 =    696;
+  SN_X9_62_c2onb239v4 =    'c2onb239v4';
+  NID_X9_62_c2onb239v4 =    697;
+  SN_X9_62_c2onb239v5 =    'c2onb239v5';
+  NID_X9_62_c2onb239v5 =    698;
+  SN_X9_62_c2pnb272w1 =    'c2pnb272w1';
+  NID_X9_62_c2pnb272w1 =    699;
+  SN_X9_62_c2pnb304w1 =    'c2pnb304w1';
+  NID_X9_62_c2pnb304w1 =    700;
+  SN_X9_62_c2tnb359v1 =    'c2tnb359v1';
+  NID_X9_62_c2tnb359v1 =    701;
+  SN_X9_62_c2pnb368w1 =    'c2pnb368w1';
+  NID_X9_62_c2pnb368w1 =    702;
+  SN_X9_62_c2tnb431r1 =    'c2tnb431r1';
+  NID_X9_62_c2tnb431r1 =    703;
+  SN_X9_62_prime192v1 =    'prime192v1';
+  NID_X9_62_prime192v1 =    409;
+  SN_X9_62_prime192v2 =    'prime192v2';
+  NID_X9_62_prime192v2 =    410;
+  SN_X9_62_prime192v3 =    'prime192v3';
+  NID_X9_62_prime192v3 =    411;
+  SN_X9_62_prime239v1 =    'prime239v1';
+  NID_X9_62_prime239v1 =    412;
+  SN_X9_62_prime239v2 =    'prime239v2';
+  NID_X9_62_prime239v2 =    413;
+  SN_X9_62_prime239v3 =    'prime239v3';
+  NID_X9_62_prime239v3 =    414;
+  SN_X9_62_prime256v1 =    'prime256v1';
+  NID_X9_62_prime256v1 =    415;
+  SN_ecdsa_with_SHA1 =    'ecdsa-with-SHA1';
+  NID_ecdsa_with_SHA1 =    416;
+  SN_ecdsa_with_Recommended =     'ecdsa-with-Recommended';
+  NID_ecdsa_with_Recommended =    791;
+  SN_ecdsa_with_Specified =   'ecdsa-with-Specified';
+  NID_ecdsa_with_Specified =     792;
+  SN_ecdsa_with_SHA224 =    'ecdsa-with-SHA224';
+  NID_ecdsa_with_SHA224 =    793;
+  SN_ecdsa_with_SHA256 =    'ecdsa-with-SHA256';
+  NID_ecdsa_with_SHA256 =    794;
+  SN_ecdsa_with_SHA384 =    'ecdsa-with-SHA384';
+  NID_ecdsa_with_SHA384 =    795;
+  SN_ecdsa_with_SHA512 =    'ecdsa-with-SHA512';
+  NID_ecdsa_with_SHA512 =    796;
+  SN_secp112r1 =    'secp112r1';
+  NID_secp112r1 =    704;
+  SN_secp112r2 =    'secp112r2';
+  NID_secp112r2 =    705;
+  SN_secp128r1 =    'secp128r1';
+  NID_secp128r1 =    706;
+  SN_secp128r2 =    'secp128r2';
+  NID_secp128r2 =    707;
+  SN_secp160k1 =    'secp160k1';
+  NID_secp160k1 =    708;
+  SN_secp160r1 =    'secp160r1';
+  NID_secp160r1 =    709;
+  SN_secp160r2 =    'secp160r2';
+  NID_secp160r2 =    710;
+  SN_secp192k1 =    'secp192k1';
+  NID_secp192k1 =    711;
+  SN_secp224k1 =    'secp224k1';
+  NID_secp224k1 =    712;
+  SN_secp224r1 =    'secp224r1';
+  NID_secp224r1 =    713;
+  SN_secp256k1 =    'secp256k1';
+  NID_secp256k1 =    714;
+  SN_secp384r1 =    'secp384r1';
+  NID_secp384r1 =    715;
+  SN_secp521r1 =    'secp521r1';
+  NID_secp521r1 =    716;
+  SN_sect113r1 =    'sect113r1';
+  NID_sect113r1 =    717;
+  SN_sect113r2 =    'sect113r2';
+  NID_sect113r2 =    718;
+  SN_sect131r1 =    'sect131r1';
+  NID_sect131r1 =    719;
+  SN_sect131r2 =    'sect131r2';
+  NID_sect131r2 =    720;
+  SN_sect163k1 =    'sect163k1';
+  NID_sect163k1 =    721;
+  SN_sect163r1 =    'sect163r1';
+  NID_sect163r1 =    722;
+  SN_sect163r2 =    'sect163r2';
+  NID_sect163r2 =    723;
+  SN_sect193r1 =    'sect193r1';
+  NID_sect193r1 =    724;
+  SN_sect193r2 =    'sect193r2';
+  NID_sect193r2 =    725;
+  SN_sect233k1 =    'sect233k1';
+  NID_sect233k1 =    726;
+  SN_sect233r1 =    'sect233r1';
+  NID_sect233r1 =    727;
+  SN_sect239k1 =    'sect239k1';
+  NID_sect239k1 =    728;
+  SN_sect283k1 =    'sect283k1';
+  NID_sect283k1 =    729;
+  SN_sect283r1 =    'sect283r1';
+  NID_sect283r1 =    730;
+  SN_sect409k1 =    'sect409k1';
+  NID_sect409k1 =    731;
+  SN_sect409r1 =    'sect409r1';
+  NID_sect409r1 =    732;
+  SN_sect571k1 =    'sect571k1';
+  NID_sect571k1 =    733;
+  SN_sect571r1 =    'sect571r1';
+  NID_sect571r1 =    734;
+  SN_wap_wsg_idm_ecid_wtls1 =     'wap-wsg-idm-ecid-wtls1';
+  NID_wap_wsg_idm_ecid_wtls1 =    735;
+  SN_wap_wsg_idm_ecid_wtls3 =     'wap-wsg-idm-ecid-wtls3';
+  NID_wap_wsg_idm_ecid_wtls3 =    736;
+  SN_wap_wsg_idm_ecid_wtls4 =     'wap-wsg-idm-ecid-wtls4';
+  NID_wap_wsg_idm_ecid_wtls4 =    737;
+  SN_wap_wsg_idm_ecid_wtls5 =     'wap-wsg-idm-ecid-wtls5';
+  NID_wap_wsg_idm_ecid_wtls5 =    738;
+  SN_wap_wsg_idm_ecid_wtls6 =     'wap-wsg-idm-ecid-wtls6';
+  NID_wap_wsg_idm_ecid_wtls6 =    739;
+  SN_wap_wsg_idm_ecid_wtls7 =     'wap-wsg-idm-ecid-wtls7';
+  NID_wap_wsg_idm_ecid_wtls7 =    740;
+  SN_wap_wsg_idm_ecid_wtls8 =     'wap-wsg-idm-ecid-wtls8';
+  NID_wap_wsg_idm_ecid_wtls8 =    741;
+  SN_wap_wsg_idm_ecid_wtls9 =     'wap-wsg-idm-ecid-wtls9';
+  NID_wap_wsg_idm_ecid_wtls9 =    742;
+  SN_wap_wsg_idm_ecid_wtls10 =    'wap-wsg-idm-ecid-wtls10';
+  NID_wap_wsg_idm_ecid_wtls10 =    743;
+  SN_wap_wsg_idm_ecid_wtls11 =    'wap-wsg-idm-ecid-wtls11';
+  NID_wap_wsg_idm_ecid_wtls11 =    744;
+  SN_wap_wsg_idm_ecid_wtls12 =    'wap-wsg-idm-ecid-wtls12';
+  NID_wap_wsg_idm_ecid_wtls12 =    745;
+  SN_cast5_cbc =    'CAST5-CBC';
+  LN_cast5_cbc =    'cast5-cbc';
+  NID_cast5_cbc =    108;
+  SN_cast5_ecb =    'CAST5-ECB';
+  LN_cast5_ecb =    'cast5-ecb';
+  NID_cast5_ecb =    109;
+  SN_cast5_cfb64 =   'CAST5-CFB';
+  LN_cast5_cfb64 =   'cast5-cfb';
+  NID_cast5_cfb64 =   110;
+  SN_cast5_ofb64 =   'CAST5-OFB';
+  LN_cast5_ofb64 =   'cast5-ofb';
+  NID_cast5_ofb64 =   111;
+  LN_pbeWithMD5AndCast5_CBC =     'pbeWithMD5AndCast5CBC';
+  NID_pbeWithMD5AndCast5_CBC =    112;
+  SN_id_PasswordBasedMAC =   'id-PasswordBasedMAC';
+  LN_id_PasswordBasedMAC =   'password based MAC';
+  NID_id_PasswordBasedMAC =   782;
+  SN_id_DHBasedMac =     'id-DHBasedMac';
+  LN_id_DHBasedMac =     'Diffie-Hellman based MAC';
+  NID_id_DHBasedMac =     783;
+  SN_rsadsi =     'rsadsi';
+  LN_rsadsi =     'RSA Data Security; Inc.';
+  NID_rsadsi =    1;
+  SN_pkcs =   'pkcs';
+  LN_pkcs =   'RSA Data Security; Inc. PKCS';
+  NID_pkcs =     2;
+  SN_pkcs1 =     'pkcs1';
+  NID_pkcs1 =     186;
+  LN_rsaEncryption =     'rsaEncryption';
+  NID_rsaEncryption =     6;
+  SN_md2WithRSAEncryption =   'RSA-MD2';
+  LN_md2WithRSAEncryption =   'md2WithRSAEncryption';
+  NID_md2WithRSAEncryption =     7;
+  SN_md4WithRSAEncryption =   'RSA-MD4';
+  LN_md4WithRSAEncryption =   'md4WithRSAEncryption';
+  NID_md4WithRSAEncryption =     396;
+  SN_md5WithRSAEncryption =   'RSA-MD5';
+  LN_md5WithRSAEncryption =   'md5WithRSAEncryption';
+  NID_md5WithRSAEncryption =     8;
+  SN_sha1WithRSAEncryption =     'RSA-SHA1';
+  LN_sha1WithRSAEncryption =     'sha1WithRSAEncryption';
+  NID_sha1WithRSAEncryption =     65;
+  SN_rsaesOaep =    'RSAES-OAEP';
+  LN_rsaesOaep =    'rsaesOaep';
+  NID_rsaesOaep =    919;
+  SN_mgf1 =   'MGF1';
+  LN_mgf1 =   'mgf1';
+  NID_mgf1 =     911;
+  SN_pSpecified =    'PSPECIFIED';
+  LN_pSpecified =    'pSpecified';
+  NID_pSpecified =   935;
+  SN_rsassaPss =    'RSASSA-PSS';
+  LN_rsassaPss =    'rsassaPss';
+  NID_rsassaPss =    912;
+  SN_sha256WithRSAEncryption =    'RSA-SHA256';
+  LN_sha256WithRSAEncryption =    'sha256WithRSAEncryption';
+  NID_sha256WithRSAEncryption =    668;
+  SN_sha384WithRSAEncryption =    'RSA-SHA384';
+  LN_sha384WithRSAEncryption =    'sha384WithRSAEncryption';
+  NID_sha384WithRSAEncryption =    669;
+  SN_sha512WithRSAEncryption =    'RSA-SHA512';
+  LN_sha512WithRSAEncryption =    'sha512WithRSAEncryption';
+  NID_sha512WithRSAEncryption =    670;
+  SN_sha224WithRSAEncryption =    'RSA-SHA224';
+  LN_sha224WithRSAEncryption =    'sha224WithRSAEncryption';
+  NID_sha224WithRSAEncryption =    671;
+  SN_sha512_224WithRSAEncryption =   'RSA-SHA512/224';
+  LN_sha512_224WithRSAEncryption =   'sha512-224WithRSAEncryption';
+  NID_sha512_224WithRSAEncryption =   1145;
+  SN_sha512_256WithRSAEncryption =   'RSA-SHA512/256';
+  LN_sha512_256WithRSAEncryption =   'sha512-256WithRSAEncryption';
+  NID_sha512_256WithRSAEncryption =   1146;
+  SN_pkcs3 =     'pkcs3';
+  NID_pkcs3 =     27;
+  LN_dhKeyAgreement =     'dhKeyAgreement';
+  NID_dhKeyAgreement =    28;
+  SN_pkcs5 =     'pkcs5';
+  NID_pkcs5 =     187;
+  SN_pbeWithMD2AndDES_CBC =   'PBE-MD2-DES';
+  LN_pbeWithMD2AndDES_CBC =   'pbeWithMD2AndDES-CBC';
+  NID_pbeWithMD2AndDES_CBC =     9;
+  SN_pbeWithMD5AndDES_CBC =   'PBE-MD5-DES';
+  LN_pbeWithMD5AndDES_CBC =   'pbeWithMD5AndDES-CBC';
+  NID_pbeWithMD5AndDES_CBC =     10;
+  SN_pbeWithMD2AndRC2_CBC =   'PBE-MD2-RC2-64';
+  LN_pbeWithMD2AndRC2_CBC =   'pbeWithMD2AndRC2-CBC';
+  NID_pbeWithMD2AndRC2_CBC =     168;
+  SN_pbeWithMD5AndRC2_CBC =   'PBE-MD5-RC2-64';
+  LN_pbeWithMD5AndRC2_CBC =   'pbeWithMD5AndRC2-CBC';
+  NID_pbeWithMD5AndRC2_CBC =     169;
+  SN_pbeWithSHA1AndDES_CBC =     'PBE-SHA1-DES';
+  LN_pbeWithSHA1AndDES_CBC =     'pbeWithSHA1AndDES-CBC';
+  NID_pbeWithSHA1AndDES_CBC =     170;
+  SN_pbeWithSHA1AndRC2_CBC =     'PBE-SHA1-RC2-64';
+  LN_pbeWithSHA1AndRC2_CBC =     'pbeWithSHA1AndRC2-CBC';
+  NID_pbeWithSHA1AndRC2_CBC =     68;
+  LN_id_pbkdf2 =    'PBKDF2';
+  NID_id_pbkdf2 =    69;
+  LN_pbes2 =     'PBES2';
+  NID_pbes2 =     161;
+  LN_pbmac1 =     'PBMAC1';
+  NID_pbmac1 =    162;
+  SN_pkcs7 =     'pkcs7';
+  NID_pkcs7 =     20;
+  LN_pkcs7_data =    'pkcs7-data';
+  NID_pkcs7_data =   21;
+  LN_pkcs7_signed =   'pkcs7-signedData';
+  NID_pkcs7_signed =     22;
+  LN_pkcs7_enveloped =    'pkcs7-envelopedData';
+  NID_pkcs7_enveloped =    23;
+  LN_pkcs7_signedAndEnveloped =    'pkcs7-signedAndEnvelopedData';
+  NID_pkcs7_signedAndEnveloped =    24;
+  LN_pkcs7_digest =   'pkcs7-digestData';
+  NID_pkcs7_digest =     25;
+  LN_pkcs7_encrypted =    'pkcs7-encryptedData';
+  NID_pkcs7_encrypted =    26;
+  SN_pkcs9 =     'pkcs9';
+  NID_pkcs9 =     47;
+  LN_pkcs9_emailAddress =    'emailAddress';
+  NID_pkcs9_emailAddress =   48;
+  LN_pkcs9_unstructuredName =     'unstructuredName';
+  NID_pkcs9_unstructuredName =    49;
+  LN_pkcs9_contentType =    'contentType';
+  NID_pkcs9_contentType =    50;
+  LN_pkcs9_messageDigest =   'messageDigest';
+  NID_pkcs9_messageDigest =   51;
+  LN_pkcs9_signingTime =    'signingTime';
+  NID_pkcs9_signingTime =    52;
+  LN_pkcs9_countersignature =     'countersignature';
+  NID_pkcs9_countersignature =    53;
+  LN_pkcs9_challengePassword =    'challengePassword';
+  NID_pkcs9_challengePassword =    54;
+  LN_pkcs9_unstructuredAddress =    'unstructuredAddress';
+  NID_pkcs9_unstructuredAddress =    55;
+  LN_pkcs9_extCertAttributes =    'extendedCertificateAttributes';
+  NID_pkcs9_extCertAttributes =    56;
+  SN_ext_req =    'extReq';
+  LN_ext_req =    'Extension Request';
+  NID_ext_req =    172;
+  SN_SMIMECapabilities =    'SMIME-CAPS';
+  LN_SMIMECapabilities =    'S/MIME Capabilities';
+  NID_SMIMECapabilities =    167;
+  SN_SMIME =     'SMIME';
+  LN_SMIME =     'S/MIME';
+  NID_SMIME =     188;
+  SN_id_smime_mod =   'id-smime-mod';
+  NID_id_smime_mod =     189;
+  SN_id_smime_ct =   'id-smime-ct';
+  NID_id_smime_ct =   190;
+  SN_id_smime_aa =   'id-smime-aa';
+  NID_id_smime_aa =   191;
+  SN_id_smime_alg =   'id-smime-alg';
+  NID_id_smime_alg =     192;
+  SN_id_smime_cd =   'id-smime-cd';
+  NID_id_smime_cd =   193;
+  SN_id_smime_spq =   'id-smime-spq';
+  NID_id_smime_spq =     194;
+  SN_id_smime_cti =   'id-smime-cti';
+  NID_id_smime_cti =     195;
+  SN_id_smime_mod_cms =    'id-smime-mod-cms';
+  NID_id_smime_mod_cms =    196;
+  SN_id_smime_mod_ess =    'id-smime-mod-ess';
+  NID_id_smime_mod_ess =    197;
+  SN_id_smime_mod_oid =    'id-smime-mod-oid';
+  NID_id_smime_mod_oid =    198;
+  SN_id_smime_mod_msg_v3 =   'id-smime-mod-msg-v3';
+  NID_id_smime_mod_msg_v3 =   199;
+  SN_id_smime_mod_ets_eSignature_88 =     'id-smime-mod-ets-eSignature-88';
+  NID_id_smime_mod_ets_eSignature_88 =    200;
+  SN_id_smime_mod_ets_eSignature_97 =     'id-smime-mod-ets-eSignature-97';
+  NID_id_smime_mod_ets_eSignature_97 =    201;
+  SN_id_smime_mod_ets_eSigPolicy_88 =     'id-smime-mod-ets-eSigPolicy-88';
+  NID_id_smime_mod_ets_eSigPolicy_88 =    202;
+  SN_id_smime_mod_ets_eSigPolicy_97 =     'id-smime-mod-ets-eSigPolicy-97';
+  NID_id_smime_mod_ets_eSigPolicy_97 =    203;
+  SN_id_smime_ct_receipt =   'id-smime-ct-receipt';
+  NID_id_smime_ct_receipt =   204;
+  SN_id_smime_ct_authData =   'id-smime-ct-authData';
+  NID_id_smime_ct_authData =     205;
+  SN_id_smime_ct_publishCert =    'id-smime-ct-publishCert';
+  NID_id_smime_ct_publishCert =    206;
+  SN_id_smime_ct_TSTInfo =   'id-smime-ct-TSTInfo';
+  NID_id_smime_ct_TSTInfo =   207;
+  SN_id_smime_ct_TDTInfo =   'id-smime-ct-TDTInfo';
+  NID_id_smime_ct_TDTInfo =   208;
+  SN_id_smime_ct_contentInfo =    'id-smime-ct-contentInfo';
+  NID_id_smime_ct_contentInfo =    209;
+  SN_id_smime_ct_DVCSRequestData =   'id-smime-ct-DVCSRequestData';
+  NID_id_smime_ct_DVCSRequestData =   210;
+  SN_id_smime_ct_DVCSResponseData =   'id-smime-ct-DVCSResponseData';
+  NID_id_smime_ct_DVCSResponseData =     211;
+  SN_id_smime_ct_compressedData =    'id-smime-ct-compressedData';
+  NID_id_smime_ct_compressedData =   786;
+  SN_id_smime_ct_contentCollection =     'id-smime-ct-contentCollection';
+  NID_id_smime_ct_contentCollection =     1058;
+  SN_id_smime_ct_authEnvelopedData =     'id-smime-ct-authEnvelopedData';
+  NID_id_smime_ct_authEnvelopedData =     1059;
+  SN_id_ct_asciiTextWithCRLF =    'id-ct-asciiTextWithCRLF';
+  NID_id_ct_asciiTextWithCRLF =    787;
+  SN_id_ct_xml =    'id-ct-xml';
+  NID_id_ct_xml =    1060;
+  SN_id_smime_aa_receiptRequest =    'id-smime-aa-receiptRequest';
+  NID_id_smime_aa_receiptRequest =   212;
+  SN_id_smime_aa_securityLabel =    'id-smime-aa-securityLabel';
+  NID_id_smime_aa_securityLabel =    213;
+  SN_id_smime_aa_mlExpandHistory =   'id-smime-aa-mlExpandHistory';
+  NID_id_smime_aa_mlExpandHistory =   214;
+  SN_id_smime_aa_contentHint =    'id-smime-aa-contentHint';
+  NID_id_smime_aa_contentHint =    215;
+  SN_id_smime_aa_msgSigDigest =    'id-smime-aa-msgSigDigest';
+  NID_id_smime_aa_msgSigDigest =    216;
+  SN_id_smime_aa_encapContentType =   'id-smime-aa-encapContentType';
+  NID_id_smime_aa_encapContentType =     217;
+  SN_id_smime_aa_contentIdentifier =     'id-smime-aa-contentIdentifier';
+  NID_id_smime_aa_contentIdentifier =     218;
+  SN_id_smime_aa_macValue =   'id-smime-aa-macValue';
+  NID_id_smime_aa_macValue =     219;
+  SN_id_smime_aa_equivalentLabels =   'id-smime-aa-equivalentLabels';
+  NID_id_smime_aa_equivalentLabels =     220;
+  SN_id_smime_aa_contentReference =   'id-smime-aa-contentReference';
+  NID_id_smime_aa_contentReference =     221;
+  SN_id_smime_aa_encrypKeyPref =    'id-smime-aa-encrypKeyPref';
+  NID_id_smime_aa_encrypKeyPref =    222;
+  SN_id_smime_aa_signingCertificate =     'id-smime-aa-signingCertificate';
+  NID_id_smime_aa_signingCertificate =    223;
+  SN_id_smime_aa_smimeEncryptCerts =     'id-smime-aa-smimeEncryptCerts';
+  NID_id_smime_aa_smimeEncryptCerts =     224;
+  SN_id_smime_aa_timeStampToken =    'id-smime-aa-timeStampToken';
+  NID_id_smime_aa_timeStampToken =   225;
+  SN_id_smime_aa_ets_sigPolicyId =   'id-smime-aa-ets-sigPolicyId';
+  NID_id_smime_aa_ets_sigPolicyId =   226;
+  SN_id_smime_aa_ets_commitmentType =     'id-smime-aa-ets-commitmentType';
+  NID_id_smime_aa_ets_commitmentType =    227;
+  SN_id_smime_aa_ets_signerLocation =     'id-smime-aa-ets-signerLocation';
+  NID_id_smime_aa_ets_signerLocation =    228;
+  SN_id_smime_aa_ets_signerAttr =    'id-smime-aa-ets-signerAttr';
+  NID_id_smime_aa_ets_signerAttr =   229;
+  SN_id_smime_aa_ets_otherSigCert =   'id-smime-aa-ets-otherSigCert';
+  NID_id_smime_aa_ets_otherSigCert =     230;
+  SN_id_smime_aa_ets_contentTimestamp =    'id-smime-aa-ets-contentTimestamp';
+  NID_id_smime_aa_ets_contentTimestamp =    231;
+  SN_id_smime_aa_ets_CertificateRefs =    'id-smime-aa-ets-CertificateRefs';
+  NID_id_smime_aa_ets_CertificateRefs =    232;
+  SN_id_smime_aa_ets_RevocationRefs =     'id-smime-aa-ets-RevocationRefs';
+  NID_id_smime_aa_ets_RevocationRefs =    233;
+  SN_id_smime_aa_ets_certValues =    'id-smime-aa-ets-certValues';
+  NID_id_smime_aa_ets_certValues =   234;
+  SN_id_smime_aa_ets_revocationValues =    'id-smime-aa-ets-revocationValues';
+  NID_id_smime_aa_ets_revocationValues =    235;
+  SN_id_smime_aa_ets_escTimeStamp =   'id-smime-aa-ets-escTimeStamp';
+  NID_id_smime_aa_ets_escTimeStamp =     236;
+  SN_id_smime_aa_ets_certCRLTimestamp =    'id-smime-aa-ets-certCRLTimestamp';
+  NID_id_smime_aa_ets_certCRLTimestamp =    237;
+  SN_id_smime_aa_ets_archiveTimeStamp =    'id-smime-aa-ets-archiveTimeStamp';
+  NID_id_smime_aa_ets_archiveTimeStamp =    238;
+  SN_id_smime_aa_signatureType =    'id-smime-aa-signatureType';
+  NID_id_smime_aa_signatureType =    239;
+  SN_id_smime_aa_dvcs_dvc =   'id-smime-aa-dvcs-dvc';
+  NID_id_smime_aa_dvcs_dvc =     240;
+  SN_id_smime_aa_signingCertificateV2 =    'id-smime-aa-signingCertificateV2';
+  NID_id_smime_aa_signingCertificateV2 =    1086;
+  SN_id_smime_alg_ESDHwith3DES =    'id-smime-alg-ESDHwith3DES';
+  NID_id_smime_alg_ESDHwith3DES =    241;
+  SN_id_smime_alg_ESDHwithRC2 =    'id-smime-alg-ESDHwithRC2';
+  NID_id_smime_alg_ESDHwithRC2 =    242;
+  SN_id_smime_alg_3DESwrap =     'id-smime-alg-3DESwrap';
+  NID_id_smime_alg_3DESwrap =     243;
+  SN_id_smime_alg_RC2wrap =   'id-smime-alg-RC2wrap';
+  NID_id_smime_alg_RC2wrap =     244;
+  SN_id_smime_alg_ESDH =    'id-smime-alg-ESDH';
+  NID_id_smime_alg_ESDH =    245;
+  SN_id_smime_alg_CMS3DESwrap =    'id-smime-alg-CMS3DESwrap';
+  NID_id_smime_alg_CMS3DESwrap =    246;
+  SN_id_smime_alg_CMSRC2wrap =    'id-smime-alg-CMSRC2wrap';
+  NID_id_smime_alg_CMSRC2wrap =    247;
+  SN_id_alg_PWRI_KEK =    'id-alg-PWRI-KEK';
+  NID_id_alg_PWRI_KEK =    893;
+  SN_id_smime_cd_ldap =    'id-smime-cd-ldap';
+  NID_id_smime_cd_ldap =    248;
+  SN_id_smime_spq_ets_sqt_uri =    'id-smime-spq-ets-sqt-uri';
+  NID_id_smime_spq_ets_sqt_uri =    249;
+  SN_id_smime_spq_ets_sqt_unotice =   'id-smime-spq-ets-sqt-unotice';
+  NID_id_smime_spq_ets_sqt_unotice =     250;
+  SN_id_smime_cti_ets_proofOfOrigin =     'id-smime-cti-ets-proofOfOrigin';
+  NID_id_smime_cti_ets_proofOfOrigin =    251;
+  SN_id_smime_cti_ets_proofOfReceipt =    'id-smime-cti-ets-proofOfReceipt';
+  NID_id_smime_cti_ets_proofOfReceipt =    252;
+  SN_id_smime_cti_ets_proofOfDelivery =    'id-smime-cti-ets-proofOfDelivery';
+  NID_id_smime_cti_ets_proofOfDelivery =    253;
+  SN_id_smime_cti_ets_proofOfSender =     'id-smime-cti-ets-proofOfSender';
+  NID_id_smime_cti_ets_proofOfSender =    254;
+  SN_id_smime_cti_ets_proofOfApproval =    'id-smime-cti-ets-proofOfApproval';
+  NID_id_smime_cti_ets_proofOfApproval =    255;
+  SN_id_smime_cti_ets_proofOfCreation =    'id-smime-cti-ets-proofOfCreation';
+  NID_id_smime_cti_ets_proofOfCreation =    256;
+  LN_friendlyName =   'friendlyName';
+  NID_friendlyName =     156;
+  LN_localKeyID =    'localKeyID';
+  NID_localKeyID =   157;
+  SN_ms_csp_name =   'CSPName';
+  LN_ms_csp_name =   'Microsoft CSP Name';
+  NID_ms_csp_name =   417;
+  SN_LocalKeySet =   'LocalKeySet';
+  LN_LocalKeySet =   'Microsoft Local Key set';
+  NID_LocalKeySet =   856;
+  LN_x509Certificate =    'x509Certificate';
+  NID_x509Certificate =    158;
+  LN_sdsiCertificate =    'sdsiCertificate';
+  NID_sdsiCertificate =    159;
+  LN_x509Crl =    'x509Crl';
+  NID_x509Crl =    160;
+  SN_pbe_WithSHA1And128BitRC4 =    'PBE-SHA1-RC4-128';
+  LN_pbe_WithSHA1And128BitRC4 =    'pbeWithSHA1And128BitRC4';
+  NID_pbe_WithSHA1And128BitRC4 =    144;
+  SN_pbe_WithSHA1And40BitRC4 =    'PBE-SHA1-RC4-40';
+  LN_pbe_WithSHA1And40BitRC4 =    'pbeWithSHA1And40BitRC4';
+  NID_pbe_WithSHA1And40BitRC4 =    145;
+  SN_pbe_WithSHA1And3_Key_TripleDES_CBC =    'PBE-SHA1-3DES';
+  LN_pbe_WithSHA1And3_Key_TripleDES_CBC =    'pbeWithSHA1And3-KeyTripleDES-CBC';
+  NID_pbe_WithSHA1And3_Key_TripleDES_CBC =   146;
+  SN_pbe_WithSHA1And2_Key_TripleDES_CBC =    'PBE-SHA1-2DES';
+  LN_pbe_WithSHA1And2_Key_TripleDES_CBC =    'pbeWithSHA1And2-KeyTripleDES-CBC';
+  NID_pbe_WithSHA1And2_Key_TripleDES_CBC =   147;
+  SN_pbe_WithSHA1And128BitRC2_CBC =   'PBE-SHA1-RC2-128';
+  LN_pbe_WithSHA1And128BitRC2_CBC =   'pbeWithSHA1And128BitRC2-CBC';
+  NID_pbe_WithSHA1And128BitRC2_CBC =     148;
+  SN_pbe_WithSHA1And40BitRC2_CBC =   'PBE-SHA1-RC2-40';
+  LN_pbe_WithSHA1And40BitRC2_CBC =   'pbeWithSHA1And40BitRC2-CBC';
+  NID_pbe_WithSHA1And40BitRC2_CBC =   149;
+  LN_keyBag =     'keyBag';
+  NID_keyBag =    150;
+  LN_pkcs8ShroudedKeyBag =   'pkcs8ShroudedKeyBag';
+  NID_pkcs8ShroudedKeyBag =   151;
+  LN_certBag =    'certBag';
+  NID_certBag =    152;
+  LN_crlBag =     'crlBag';
+  NID_crlBag =    153;
+  LN_secretBag =    'secretBag';
+  NID_secretBag =    154;
+  LN_safeContentsBag =    'safeContentsBag';
+  NID_safeContentsBag =    155;
+  SN_md2 =   'MD2';
+  LN_md2 =   'md2';
+  NID_md2 =   3;
+  SN_md4 =   'MD4';
+  LN_md4 =   'md4';
+  NID_md4 =   257;
+  SN_md5 =   'MD5';
+  LN_md5 =   'md5';
+  NID_md5 =   4;
+  SN_md5_sha1 =    'MD5-SHA1';
+  LN_md5_sha1 =    'md5-sha1';
+  NID_md5_sha1 =    114;
+  LN_hmacWithMD5 =   'hmacWithMD5';
+  NID_hmacWithMD5 =   797;
+  LN_hmacWithSHA1 =   'hmacWithSHA1';
+  NID_hmacWithSHA1 =     163;
+  SN_sm2 =   'SM2';
+  LN_sm2 =   'sm2';
+  NID_sm2 =   1172;
+  SN_sm3 =   'SM3';
+  LN_sm3 =   'sm3';
+  NID_sm3 =   1143;
+  SN_sm3WithRSAEncryption =   'RSA-SM3';
+  LN_sm3WithRSAEncryption =   'sm3WithRSAEncryption';
+  NID_sm3WithRSAEncryption =     1144;
+  LN_hmacWithSHA224 =     'hmacWithSHA224';
+  NID_hmacWithSHA224 =    798;
+  LN_hmacWithSHA256 =     'hmacWithSHA256';
+  NID_hmacWithSHA256 =    799;
+  LN_hmacWithSHA384 =     'hmacWithSHA384';
+  NID_hmacWithSHA384 =    800;
+  LN_hmacWithSHA512 =     'hmacWithSHA512';
+  NID_hmacWithSHA512 =    801;
+  LN_hmacWithSHA512_224 =    'hmacWithSHA512-224';
+  NID_hmacWithSHA512_224 =   1193;
+  LN_hmacWithSHA512_256 =    'hmacWithSHA512-256';
+  NID_hmacWithSHA512_256 =   1194;
+  SN_rc2_cbc =    'RC2-CBC';
+  LN_rc2_cbc =    'rc2-cbc';
+  NID_rc2_cbc =    37;
+  SN_rc2_ecb =    'RC2-ECB';
+  LN_rc2_ecb =    'rc2-ecb';
+  NID_rc2_ecb =    38;
+  SN_rc2_cfb64 =    'RC2-CFB';
+  LN_rc2_cfb64 =    'rc2-cfb';
+  NID_rc2_cfb64 =    39;
+  SN_rc2_ofb64 =    'RC2-OFB';
+  LN_rc2_ofb64 =    'rc2-ofb';
+  NID_rc2_ofb64 =    40;
+  SN_rc2_40_cbc =    'RC2-40-CBC';
+  LN_rc2_40_cbc =    'rc2-40-cbc';
+  NID_rc2_40_cbc =   98;
+  SN_rc2_64_cbc =    'RC2-64-CBC';
+  LN_rc2_64_cbc =    'rc2-64-cbc';
+  NID_rc2_64_cbc =   166;
+  SN_rc4 =   'RC4';
+  LN_rc4 =   'rc4';
+  NID_rc4 =   5;
+  SN_rc4_40 =     'RC4-40';
+  LN_rc4_40 =     'rc4-40';
+  NID_rc4_40 =    97;
+  SN_des_ede3_cbc =   'DES-EDE3-CBC';
+  LN_des_ede3_cbc =   'des-ede3-cbc';
+  NID_des_ede3_cbc =     44;
+  SN_rc5_cbc =    'RC5-CBC';
+  LN_rc5_cbc =    'rc5-cbc';
+  NID_rc5_cbc =    120;
+  SN_rc5_ecb =    'RC5-ECB';
+  LN_rc5_ecb =    'rc5-ecb';
+  NID_rc5_ecb =    121;
+  SN_rc5_cfb64 =    'RC5-CFB';
+  LN_rc5_cfb64 =    'rc5-cfb';
+  NID_rc5_cfb64 =    122;
+  SN_rc5_ofb64 =    'RC5-OFB';
+  LN_rc5_ofb64 =    'rc5-ofb';
+  NID_rc5_ofb64 =    123;
+  SN_ms_ext_req =    'msExtReq';
+  LN_ms_ext_req =    'Microsoft Extension Request';
+  NID_ms_ext_req =   171;
+  SN_ms_code_ind =   'msCodeInd';
+  LN_ms_code_ind =   'Microsoft Individual Code Signing';
+  NID_ms_code_ind =   134;
+  SN_ms_code_com =   'msCodeCom';
+  LN_ms_code_com =   'Microsoft Commercial Code Signing';
+  NID_ms_code_com =   135;
+  SN_ms_ctl_sign =   'msCTLSign';
+  LN_ms_ctl_sign =   'Microsoft Trust List Signing';
+  NID_ms_ctl_sign =   136;
+  SN_ms_sgc =     'msSGC';
+  LN_ms_sgc =     'Microsoft Server Gated Crypto';
+  NID_ms_sgc =    137;
+  SN_ms_efs =     'msEFS';
+  LN_ms_efs =     'Microsoft Encrypted File System';
+  NID_ms_efs =    138;
+  SN_ms_smartcard_login =    'msSmartcardLogin';
+  LN_ms_smartcard_login =    'Microsoft Smartcard Login';
+  NID_ms_smartcard_login =   648;
+  SN_ms_upn =     'msUPN';
+  LN_ms_upn =     'Microsoft User Principal Name';
+  NID_ms_upn =    649;
+  SN_idea_cbc =    'IDEA-CBC';
+  LN_idea_cbc =    'idea-cbc';
+  NID_idea_cbc =    34;
+  SN_idea_ecb =    'IDEA-ECB';
+  LN_idea_ecb =    'idea-ecb';
+  NID_idea_ecb =    36;
+  SN_idea_cfb64 =    'IDEA-CFB';
+  LN_idea_cfb64 =    'idea-cfb';
+  NID_idea_cfb64 =   35;
+  SN_idea_ofb64 =    'IDEA-OFB';
+  LN_idea_ofb64 =    'idea-ofb';
+  NID_idea_ofb64 =   46;
+  SN_bf_cbc =     'BF-CBC';
+  LN_bf_cbc =     'bf-cbc';
+  NID_bf_cbc =    91;
+  SN_bf_ecb =     'BF-ECB';
+  LN_bf_ecb =     'bf-ecb';
+  NID_bf_ecb =    92;
+  SN_bf_cfb64 =    'BF-CFB';
+  LN_bf_cfb64 =    'bf-cfb';
+  NID_bf_cfb64 =    93;
+  SN_bf_ofb64 =    'BF-OFB';
+  LN_bf_ofb64 =    'bf-ofb';
+  NID_bf_ofb64 =    94;
+  SN_id_pkix =    'PKIX';
+  NID_id_pkix =    127;
+  SN_id_pkix_mod =   'id-pkix-mod';
+  NID_id_pkix_mod =   258;
+  SN_id_pe =     'id-pe';
+  NID_id_pe =     175;
+  SN_id_qt =     'id-qt';
+  NID_id_qt =     259;
+  SN_id_kp =     'id-kp';
+  NID_id_kp =     128;
+  SN_id_it =     'id-it';
+  NID_id_it =     260;
+  SN_id_pkip =    'id-pkip';
+  NID_id_pkip =    261;
+  SN_id_alg =     'id-alg';
+  NID_id_alg =    262;
+  SN_id_cmc =     'id-cmc';
+  NID_id_cmc =    263;
+  SN_id_on =     'id-on';
+  NID_id_on =     264;
+  SN_id_pda =     'id-pda';
+  NID_id_pda =    265;
+  SN_id_aca =     'id-aca';
+  NID_id_aca =    266;
+  SN_id_qcs =     'id-qcs';
+  NID_id_qcs =    267;
+  SN_id_cct =     'id-cct';
+  NID_id_cct =    268;
+  SN_id_ppl =     'id-ppl';
+  NID_id_ppl =    662;
+  SN_id_ad =     'id-ad';
+  NID_id_ad =     176;
+  SN_id_pkix1_explicit_88 =   'id-pkix1-explicit-88';
+  NID_id_pkix1_explicit_88 =     269;
+  SN_id_pkix1_implicit_88 =   'id-pkix1-implicit-88';
+  NID_id_pkix1_implicit_88 =     270;
+  SN_id_pkix1_explicit_93 =   'id-pkix1-explicit-93';
+  NID_id_pkix1_explicit_93 =     271;
+  SN_id_pkix1_implicit_93 =   'id-pkix1-implicit-93';
+  NID_id_pkix1_implicit_93 =     272;
+  SN_id_mod_crmf =   'id-mod-crmf';
+  NID_id_mod_crmf =   273;
+  SN_id_mod_cmc =    'id-mod-cmc';
+  NID_id_mod_cmc =   274;
+  SN_id_mod_kea_profile_88 =     'id-mod-kea-profile-88';
+  NID_id_mod_kea_profile_88 =     275;
+  SN_id_mod_kea_profile_93 =     'id-mod-kea-profile-93';
+  NID_id_mod_kea_profile_93 =     276;
+  SN_id_mod_cmp =    'id-mod-cmp';
+  NID_id_mod_cmp =   277;
+  SN_id_mod_qualified_cert_88 =    'id-mod-qualified-cert-88';
+  NID_id_mod_qualified_cert_88 =    278;
+  SN_id_mod_qualified_cert_93 =    'id-mod-qualified-cert-93';
+  NID_id_mod_qualified_cert_93 =    279;
+  SN_id_mod_attribute_cert =     'id-mod-attribute-cert';
+  NID_id_mod_attribute_cert =     280;
+  SN_id_mod_timestamp_protocol =    'id-mod-timestamp-protocol';
+  NID_id_mod_timestamp_protocol =    281;
+  SN_id_mod_ocsp =   'id-mod-ocsp';
+  NID_id_mod_ocsp =   282;
+  SN_id_mod_dvcs =   'id-mod-dvcs';
+  NID_id_mod_dvcs =   283;
+  SN_id_mod_cmp2000 =     'id-mod-cmp2000';
+  NID_id_mod_cmp2000 =    284;
+  SN_info_access =   'authorityInfoAccess';
+  LN_info_access =   'Authority Information Access';
+  NID_info_access =   177;
+  SN_biometricInfo =     'biometricInfo';
+  LN_biometricInfo =     'Biometric Info';
+  NID_biometricInfo =     285;
+  SN_qcStatements =   'qcStatements';
+  NID_qcStatements =     286;
+  SN_ac_auditEntity =     'ac-auditEntity';
+  NID_ac_auditEntity =    287;
+  SN_ac_targeting =   'ac-targeting';
+  NID_ac_targeting =     288;
+  SN_aaControls =    'aaControls';
+  NID_aaControls =   289;
+  SN_sbgp_ipAddrBlock =    'sbgp-ipAddrBlock';
+  NID_sbgp_ipAddrBlock =    290;
+  SN_sbgp_autonomousSysNum =     'sbgp-autonomousSysNum';
+  NID_sbgp_autonomousSysNum =     291;
+  SN_sbgp_routerIdentifier =     'sbgp-routerIdentifier';
+  NID_sbgp_routerIdentifier =     292;
+  SN_ac_proxying =   'ac-proxying';
+  NID_ac_proxying =   397;
+  SN_sinfo_access =   'subjectInfoAccess';
+  LN_sinfo_access =   'Subject Information Access';
+  NID_sinfo_access =     398;
+  SN_proxyCertInfo =     'proxyCertInfo';
+  LN_proxyCertInfo =     'Proxy Certificate Information';
+  NID_proxyCertInfo =     663;
+  SN_tlsfeature =    'tlsfeature';
+  LN_tlsfeature =    'TLS Feature';
+  NID_tlsfeature =   1020;
+  SN_id_qt_cps =    'id-qt-cps';
+  LN_id_qt_cps =    'Policy Qualifier CPS';
+  NID_id_qt_cps =    164;
+  SN_id_qt_unotice =     'id-qt-unotice';
+  LN_id_qt_unotice =     'Policy Qualifier User Notice';
+  NID_id_qt_unotice =     165;
+  SN_textNotice =    'textNotice';
+  NID_textNotice =   293;
+  SN_server_auth =   'serverAuth';
+  LN_server_auth =   'TLS Web Server Authentication';
+  NID_server_auth =   129;
+  SN_client_auth =   'clientAuth';
+  LN_client_auth =   'TLS Web Client Authentication';
+  NID_client_auth =   130;
+  SN_code_sign =    'codeSigning';
+  LN_code_sign =    'Code Signing';
+  NID_code_sign =    131;
+  SN_email_protect =     'emailProtection';
+  LN_email_protect =     'E-mail Protection';
+  NID_email_protect =     132;
+  SN_ipsecEndSystem =     'ipsecEndSystem';
+  LN_ipsecEndSystem =     'IPSec End System';
+  NID_ipsecEndSystem =    294;
+  SN_ipsecTunnel =   'ipsecTunnel';
+  LN_ipsecTunnel =   'IPSec Tunnel';
+  NID_ipsecTunnel =   295;
+  SN_ipsecUser =    'ipsecUser';
+  LN_ipsecUser =    'IPSec User';
+  NID_ipsecUser =    296;
+  SN_time_stamp =    'timeStamping';
+  LN_time_stamp =    'Time Stamping';
+  NID_time_stamp =   133;
+  SN_OCSP_sign =    'OCSPSigning';
+  LN_OCSP_sign =    'OCSP Signing';
+  NID_OCSP_sign =    180;
+  SN_dvcs =   'DVCS';
+  LN_dvcs =   'dvcs';
+  NID_dvcs =     297;
+  SN_ipsec_IKE =    'ipsecIKE';
+  LN_ipsec_IKE =    'ipsec Internet Key Exchange';
+  NID_ipsec_IKE =    1022;
+  SN_capwapAC =    'capwapAC';
+  LN_capwapAC =    'Ctrl/provision WAP Access';
+  NID_capwapAC =    1023;
+  SN_capwapWTP =    'capwapWTP';
+  LN_capwapWTP =    'Ctrl/Provision WAP Termination';
+  NID_capwapWTP =    1024;
+  SN_sshClient =    'secureShellClient';
+  LN_sshClient =    'SSH Client';
+  NID_sshClient =    1025;
+  SN_sshServer =    'secureShellServer';
+  LN_sshServer =    'SSH Server';
+  NID_sshServer =    1026;
+  SN_sendRouter =    'sendRouter';
+  LN_sendRouter =    'Send Router';
+  NID_sendRouter =   1027;
+  SN_sendProxiedRouter =    'sendProxiedRouter';
+  LN_sendProxiedRouter =    'Send Proxied Router';
+  NID_sendProxiedRouter =    1028;
+  SN_sendOwner =    'sendOwner';
+  LN_sendOwner =    'Send Owner';
+  NID_sendOwner =    1029;
+  SN_sendProxiedOwner =    'sendProxiedOwner';
+  LN_sendProxiedOwner =    'Send Proxied Owner';
+  NID_sendProxiedOwner =    1030;
+  SN_cmcCA =     'cmcCA';
+  LN_cmcCA =     'CMC Certificate Authority';
+  NID_cmcCA =     1131;
+  SN_cmcRA =     'cmcRA';
+  LN_cmcRA =     'CMC Registration Authority';
+  NID_cmcRA =     1132;
+  SN_id_it_caProtEncCert =   'id-it-caProtEncCert';
+  NID_id_it_caProtEncCert =   298;
+  SN_id_it_signKeyPairTypes =     'id-it-signKeyPairTypes';
+  NID_id_it_signKeyPairTypes =    299;
+  SN_id_it_encKeyPairTypes =     'id-it-encKeyPairTypes';
+  NID_id_it_encKeyPairTypes =     300;
+  SN_id_it_preferredSymmAlg =     'id-it-preferredSymmAlg';
+  NID_id_it_preferredSymmAlg =    301;
+  SN_id_it_caKeyUpdateInfo =     'id-it-caKeyUpdateInfo';
+  NID_id_it_caKeyUpdateInfo =     302;
+  SN_id_it_currentCRL =    'id-it-currentCRL';
+  NID_id_it_currentCRL =    303;
+  SN_id_it_unsupportedOIDs =     'id-it-unsupportedOIDs';
+  NID_id_it_unsupportedOIDs =     304;
+  SN_id_it_subscriptionRequest =    'id-it-subscriptionRequest';
+  NID_id_it_subscriptionRequest =    305;
+  SN_id_it_subscriptionResponse =    'id-it-subscriptionResponse';
+  NID_id_it_subscriptionResponse =   306;
+  SN_id_it_keyPairParamReq =     'id-it-keyPairParamReq';
+  NID_id_it_keyPairParamReq =     307;
+  SN_id_it_keyPairParamRep =     'id-it-keyPairParamRep';
+  NID_id_it_keyPairParamRep =     308;
+  SN_id_it_revPassphrase =   'id-it-revPassphrase';
+  NID_id_it_revPassphrase =   309;
+  SN_id_it_implicitConfirm =     'id-it-implicitConfirm';
+  NID_id_it_implicitConfirm =     310;
+  SN_id_it_confirmWaitTime =     'id-it-confirmWaitTime';
+  NID_id_it_confirmWaitTime =     311;
+  SN_id_it_origPKIMessage =   'id-it-origPKIMessage';
+  NID_id_it_origPKIMessage =     312;
+  SN_id_it_suppLangTags =    'id-it-suppLangTags';
+  NID_id_it_suppLangTags =   784;
+  SN_id_regCtrl =    'id-regCtrl';
+  NID_id_regCtrl =   313;
+  SN_id_regInfo =    'id-regInfo';
+  NID_id_regInfo =   314;
+  SN_id_regCtrl_regToken =   'id-regCtrl-regToken';
+  NID_id_regCtrl_regToken =   315;
+  SN_id_regCtrl_authenticator =    'id-regCtrl-authenticator';
+  NID_id_regCtrl_authenticator =    316;
+  SN_id_regCtrl_pkiPublicationInfo =     'id-regCtrl-pkiPublicationInfo';
+  NID_id_regCtrl_pkiPublicationInfo =     317;
+  SN_id_regCtrl_pkiArchiveOptions =   'id-regCtrl-pkiArchiveOptions';
+  NID_id_regCtrl_pkiArchiveOptions =     318;
+  SN_id_regCtrl_oldCertID =   'id-regCtrl-oldCertID';
+  NID_id_regCtrl_oldCertID =     319;
+  SN_id_regCtrl_protocolEncrKey =    'id-regCtrl-protocolEncrKey';
+  NID_id_regCtrl_protocolEncrKey =   320;
+  SN_id_regInfo_utf8Pairs =   'id-regInfo-utf8Pairs';
+  NID_id_regInfo_utf8Pairs =     321;
+  SN_id_regInfo_certReq =    'id-regInfo-certReq';
+  NID_id_regInfo_certReq =   322;
+  SN_id_alg_des40 =   'id-alg-des40';
+  NID_id_alg_des40 =     323;
+  SN_id_alg_noSignature =    'id-alg-noSignature';
+  NID_id_alg_noSignature =   324;
+  SN_id_alg_dh_sig_hmac_sha1 =    'id-alg-dh-sig-hmac-sha1';
+  NID_id_alg_dh_sig_hmac_sha1 =    325;
+  SN_id_alg_dh_pop =     'id-alg-dh-pop';
+  NID_id_alg_dh_pop =     326;
+  SN_id_cmc_statusInfo =    'id-cmc-statusInfo';
+  NID_id_cmc_statusInfo =    327;
+  SN_id_cmc_identification =     'id-cmc-identification';
+  NID_id_cmc_identification =     328;
+  SN_id_cmc_identityProof =   'id-cmc-identityProof';
+  NID_id_cmc_identityProof =     329;
+  SN_id_cmc_dataReturn =    'id-cmc-dataReturn';
+  NID_id_cmc_dataReturn =    330;
+  SN_id_cmc_transactionId =   'id-cmc-transactionId';
+  NID_id_cmc_transactionId =     331;
+  SN_id_cmc_senderNonce =    'id-cmc-senderNonce';
+  NID_id_cmc_senderNonce =   332;
+  SN_id_cmc_recipientNonce =     'id-cmc-recipientNonce';
+  NID_id_cmc_recipientNonce =     333;
+  SN_id_cmc_addExtensions =   'id-cmc-addExtensions';
+  NID_id_cmc_addExtensions =     334;
+  SN_id_cmc_encryptedPOP =   'id-cmc-encryptedPOP';
+  NID_id_cmc_encryptedPOP =   335;
+  SN_id_cmc_decryptedPOP =   'id-cmc-decryptedPOP';
+  NID_id_cmc_decryptedPOP =   336;
+  SN_id_cmc_lraPOPWitness =   'id-cmc-lraPOPWitness';
+  NID_id_cmc_lraPOPWitness =     337;
+  SN_id_cmc_getCert =     'id-cmc-getCert';
+  NID_id_cmc_getCert =    338;
+  SN_id_cmc_getCRL =     'id-cmc-getCRL';
+  NID_id_cmc_getCRL =     339;
+  SN_id_cmc_revokeRequest =   'id-cmc-revokeRequest';
+  NID_id_cmc_revokeRequest =     340;
+  SN_id_cmc_regInfo =     'id-cmc-regInfo';
+  NID_id_cmc_regInfo =    341;
+  SN_id_cmc_responseInfo =   'id-cmc-responseInfo';
+  NID_id_cmc_responseInfo =   342;
+  SN_id_cmc_queryPending =   'id-cmc-queryPending';
+  NID_id_cmc_queryPending =   343;
+  SN_id_cmc_popLinkRandom =   'id-cmc-popLinkRandom';
+  NID_id_cmc_popLinkRandom =     344;
+  SN_id_cmc_popLinkWitness =     'id-cmc-popLinkWitness';
+  NID_id_cmc_popLinkWitness =     345;
+  SN_id_cmc_confirmCertAcceptance =   'id-cmc-confirmCertAcceptance';
+  NID_id_cmc_confirmCertAcceptance =     346;
+  SN_id_on_personalData =    'id-on-personalData';
+  NID_id_on_personalData =   347;
+  SN_id_on_permanentIdentifier =    'id-on-permanentIdentifier';
+  LN_id_on_permanentIdentifier =    'Permanent Identifier';
+  NID_id_on_permanentIdentifier =    858;
+  SN_id_pda_dateOfBirth =    'id-pda-dateOfBirth';
+  NID_id_pda_dateOfBirth =   348;
+  SN_id_pda_placeOfBirth =   'id-pda-placeOfBirth';
+  NID_id_pda_placeOfBirth =   349;
+  SN_id_pda_gender =     'id-pda-gender';
+  NID_id_pda_gender =     351;
+  SN_id_pda_countryOfCitizenship =   'id-pda-countryOfCitizenship';
+  NID_id_pda_countryOfCitizenship =   352;
+  SN_id_pda_countryOfResidence =    'id-pda-countryOfResidence';
+  NID_id_pda_countryOfResidence =    353;
+  SN_id_aca_authenticationInfo =    'id-aca-authenticationInfo';
+  NID_id_aca_authenticationInfo =    354;
+  SN_id_aca_accessIdentity =     'id-aca-accessIdentity';
+  NID_id_aca_accessIdentity =     355;
+  SN_id_aca_chargingIdentity =    'id-aca-chargingIdentity';
+  NID_id_aca_chargingIdentity =    356;
+  SN_id_aca_group =   'id-aca-group';
+  NID_id_aca_group =     357;
+  SN_id_aca_role =   'id-aca-role';
+  NID_id_aca_role =   358;
+  SN_id_aca_encAttrs =    'id-aca-encAttrs';
+  NID_id_aca_encAttrs =    399;
+  SN_id_qcs_pkixQCSyntax_v1 =     'id-qcs-pkixQCSyntax-v1';
+  NID_id_qcs_pkixQCSyntax_v1 =    359;
+  SN_id_cct_crs =    'id-cct-crs';
+  NID_id_cct_crs =   360;
+  SN_id_cct_PKIData =     'id-cct-PKIData';
+  NID_id_cct_PKIData =    361;
+  SN_id_cct_PKIResponse =    'id-cct-PKIResponse';
+  NID_id_cct_PKIResponse =   362;
+  SN_id_ppl_anyLanguage =    'id-ppl-anyLanguage';
+  LN_id_ppl_anyLanguage =    'Any language';
+  NID_id_ppl_anyLanguage =   664;
+  SN_id_ppl_inheritAll =    'id-ppl-inheritAll';
+  LN_id_ppl_inheritAll =    'Inherit all';
+  NID_id_ppl_inheritAll =    665;
+  SN_Independent =   'id-ppl-independent';
+  LN_Independent =   'Independent';
+  NID_Independent =   667;
+  SN_ad_OCSP =    'OCSP';
+  LN_ad_OCSP =    'OCSP';
+  NID_ad_OCSP =    178;
+  SN_ad_ca_issuers =     'caIssuers';
+  LN_ad_ca_issuers =     'CA Issuers';
+  NID_ad_ca_issuers =     179;
+  SN_ad_timeStamping =    'ad_timestamping';
+  LN_ad_timeStamping =    'AD Time Stamping';
+  NID_ad_timeStamping =    363;
+  SN_ad_dvcs =    'AD_DVCS';
+  LN_ad_dvcs =    'ad dvcs';
+  NID_ad_dvcs =    364;
+  SN_caRepository =   'caRepository';
+  LN_caRepository =   'CA Repository';
+  NID_caRepository =     785;
+  SN_id_pkix_OCSP_basic =    'basicOCSPResponse';
+  LN_id_pkix_OCSP_basic =    'Basic OCSP Response';
+  NID_id_pkix_OCSP_basic =   365;
+  SN_id_pkix_OCSP_Nonce =    'Nonce';
+  LN_id_pkix_OCSP_Nonce =    'OCSP Nonce';
+  NID_id_pkix_OCSP_Nonce =   366;
+  SN_id_pkix_OCSP_CrlID =    'CrlID';
+  LN_id_pkix_OCSP_CrlID =    'OCSP CRL ID';
+  NID_id_pkix_OCSP_CrlID =   367;
+  SN_id_pkix_OCSP_acceptableResponses =    'acceptableResponses';
+  LN_id_pkix_OCSP_acceptableResponses =    'Acceptable OCSP Responses';
+  NID_id_pkix_OCSP_acceptableResponses =    368;
+  SN_id_pkix_OCSP_noCheck =   'noCheck';
+  LN_id_pkix_OCSP_noCheck =   'OCSP No Check';
+  NID_id_pkix_OCSP_noCheck =     369;
+  SN_id_pkix_OCSP_archiveCutoff =    'archiveCutoff';
+  LN_id_pkix_OCSP_archiveCutoff =    'OCSP Archive Cutoff';
+  NID_id_pkix_OCSP_archiveCutoff =   370;
+  SN_id_pkix_OCSP_serviceLocator =   'serviceLocator';
+  LN_id_pkix_OCSP_serviceLocator =   'OCSP Service Locator';
+  NID_id_pkix_OCSP_serviceLocator =   371;
+  SN_id_pkix_OCSP_extendedStatus =   'extendedStatus';
+  LN_id_pkix_OCSP_extendedStatus =   'Extended OCSP Status';
+  NID_id_pkix_OCSP_extendedStatus =   372;
+  SN_id_pkix_OCSP_valid =    'valid';
+  NID_id_pkix_OCSP_valid =   373;
+  SN_id_pkix_OCSP_path =    'path';
+  NID_id_pkix_OCSP_path =    374;
+  SN_id_pkix_OCSP_trustRoot =     'trustRoot';
+  LN_id_pkix_OCSP_trustRoot =     'Trust Root';
+  NID_id_pkix_OCSP_trustRoot =    375;
+  SN_algorithm =    'algorithm';
+  LN_algorithm =    'algorithm';
+  NID_algorithm =    376;
+  SN_md5WithRSA =    'RSA-NP-MD5';
+  LN_md5WithRSA =    'md5WithRSA';
+  NID_md5WithRSA =   104;
+  SN_des_ecb =    'DES-ECB';
+  LN_des_ecb =    'des-ecb';
+  NID_des_ecb =    29;
+  SN_des_cbc =    'DES-CBC';
+  LN_des_cbc =    'des-cbc';
+  NID_des_cbc =    31;
+  SN_des_ofb64 =    'DES-OFB';
+  LN_des_ofb64 =    'des-ofb';
+  NID_des_ofb64 =    45;
+  SN_des_cfb64 =    'DES-CFB';
+  LN_des_cfb64 =    'des-cfb';
+  NID_des_cfb64 =    30;
+  SN_rsaSignature =   'rsaSignature';
+  NID_rsaSignature =     377;
+  SN_dsa_2 =     'DSA-old';
+  LN_dsa_2 =     'dsaEncryption-old';
+  NID_dsa_2 =     67;
+  SN_dsaWithSHA =    'DSA-SHA';
+  LN_dsaWithSHA =    'dsaWithSHA';
+  NID_dsaWithSHA =   66;
+  SN_shaWithRSAEncryption =   'RSA-SHA';
+  LN_shaWithRSAEncryption =   'shaWithRSAEncryption';
+  NID_shaWithRSAEncryption =     42;
+  SN_des_ede_ecb =   'DES-EDE';
+  LN_des_ede_ecb =   'des-ede';
+  NID_des_ede_ecb =   32;
+  SN_des_ede3_ecb =   'DES-EDE3';
+  LN_des_ede3_ecb =   'des-ede3';
+  NID_des_ede3_ecb =     33;
+  SN_des_ede_cbc =   'DES-EDE-CBC';
+  LN_des_ede_cbc =   'des-ede-cbc';
+  NID_des_ede_cbc =   43;
+  SN_des_ede_cfb64 =     'DES-EDE-CFB';
+  LN_des_ede_cfb64 =     'des-ede-cfb';
+  NID_des_ede_cfb64 =     60;
+  SN_des_ede3_cfb64 =     'DES-EDE3-CFB';
+  LN_des_ede3_cfb64 =     'des-ede3-cfb';
+  NID_des_ede3_cfb64 =    61;
+  SN_des_ede_ofb64 =     'DES-EDE-OFB';
+  LN_des_ede_ofb64 =     'des-ede-ofb';
+  NID_des_ede_ofb64 =     62;
+  SN_des_ede3_ofb64 =     'DES-EDE3-OFB';
+  LN_des_ede3_ofb64 =     'des-ede3-ofb';
+  NID_des_ede3_ofb64 =    63;
+  SN_desx_cbc =    'DESX-CBC';
+  LN_desx_cbc =    'desx-cbc';
+  NID_desx_cbc =    80;
+  SN_sha =   'SHA';
+  LN_sha =   'sha';
+  NID_sha =   41;
+  SN_sha1 =   'SHA1';
+  LN_sha1 =   'sha1';
+  NID_sha1 =     64;
+  SN_dsaWithSHA1_2 =     'DSA-SHA1-old';
+  LN_dsaWithSHA1_2 =     'dsaWithSHA1-old';
+  NID_dsaWithSHA1_2 =     70;
+  SN_sha1WithRSA =   'RSA-SHA1-2';
+  LN_sha1WithRSA =   'sha1WithRSA';
+  NID_sha1WithRSA =   115;
+  SN_ripemd160 =    'RIPEMD160';
+  LN_ripemd160 =    'ripemd160';
+  NID_ripemd160 =    117;
+  SN_ripemd160WithRSA =    'RSA-RIPEMD160';
+  LN_ripemd160WithRSA =    'ripemd160WithRSA';
+  NID_ripemd160WithRSA =    119;
+  SN_blake2b512 =    'BLAKE2b512';
+  LN_blake2b512 =    'blake2b512';
+  NID_blake2b512 =   1056;
+  SN_blake2s256 =    'BLAKE2s256';
+  LN_blake2s256 =    'blake2s256';
+  NID_blake2s256 =   1057;
+  SN_sxnet =     'SXNetID';
+  LN_sxnet =     'Strong Extranet ID';
+  NID_sxnet =     143;
+  SN_X500 =   'X500';
+  LN_X500 =   'directory services(X.500)';
+  NID_X500 =     11;
+  SN_X509 =   'X509';
+  NID_X509 =     12;
+  SN_commonName =    'CN';
+  LN_commonName =    'commonName';
+  NID_commonName =   13;
+  SN_surname =    'SN';
+  LN_surname =    'surname';
+  NID_surname =    100;
+  LN_serialNumber =   'serialNumber';
+  NID_serialNumber =     105;
+  SN_countryName =   'C';
+  LN_countryName =   'countryName';
+  NID_countryName =   14;
+  SN_localityName =   'L';
+  LN_localityName =   'localityName';
+  NID_localityName =     15;
+  SN_stateOrProvinceName =   'ST';
+  LN_stateOrProvinceName =   'stateOrProvinceName';
+  NID_stateOrProvinceName =   16;
+  SN_streetAddress =     'street';
+  LN_streetAddress =     'streetAddress';
+  NID_streetAddress =     660;
+  SN_organizationName =    'O';
+  LN_organizationName =    'organizationName';
+  NID_organizationName =    17;
+  SN_organizationalUnitName =     'OU';
+  LN_organizationalUnitName =     'organizationalUnitName';
+  NID_organizationalUnitName =    18;
+  SN_title =     'title';
+  LN_title =     'title';
+  NID_title =     106;
+  LN_description =   'description';
+  NID_description =   107;
+  LN_searchGuide =   'searchGuide';
+  NID_searchGuide =   859;
+  LN_businessCategory =    'businessCategory';
+  NID_businessCategory =    860;
+  LN_postalAddress =     'postalAddress';
+  NID_postalAddress =     861;
+  LN_postalCode =    'postalCode';
+  NID_postalCode =   661;
+  LN_postOfficeBox =     'postOfficeBox';
+  NID_postOfficeBox =     862;
+  LN_physicalDeliveryOfficeName =    'physicalDeliveryOfficeName';
+  NID_physicalDeliveryOfficeName =   863;
+  LN_telephoneNumber =    'telephoneNumber';
+  NID_telephoneNumber =    864;
+  LN_telexNumber =   'telexNumber';
+  NID_telexNumber =   865;
+  LN_teletexTerminalIdentifier =    'teletexTerminalIdentifier';
+  NID_teletexTerminalIdentifier =    866;
+  LN_facsimileTelephoneNumber =    'facsimileTelephoneNumber';
+  NID_facsimileTelephoneNumber =    867;
+  LN_x121Address =   'x121Address';
+  NID_x121Address =   868;
+  LN_internationaliSDNNumber =    'internationaliSDNNumber';
+  NID_internationaliSDNNumber =    869;
+  LN_registeredAddress =    'registeredAddress';
+  NID_registeredAddress =    870;
+  LN_destinationIndicator =   'destinationIndicator';
+  NID_destinationIndicator =     871;
+  LN_preferredDeliveryMethod =    'preferredDeliveryMethod';
+  NID_preferredDeliveryMethod =    872;
+  LN_presentationAddress =   'presentationAddress';
+  NID_presentationAddress =   873;
+  LN_supportedApplicationContext =   'supportedApplicationContext';
+  NID_supportedApplicationContext =   874;
+  SN_member =     'member';
+  NID_member =    875;
+  SN_owner =     'owner';
+  NID_owner =     876;
+  LN_roleOccupant =   'roleOccupant';
+  NID_roleOccupant =     877;
+  SN_seeAlso =    'seeAlso';
+  NID_seeAlso =    878;
+  LN_userPassword =   'userPassword';
+  NID_userPassword =     879;
+  LN_userCertificate =    'userCertificate';
+  NID_userCertificate =    880;
+  LN_cACertificate =     'cACertificate';
+  NID_cACertificate =     881;
+  LN_authorityRevocationList =    'authorityRevocationList';
+  NID_authorityRevocationList =    882;
+  LN_certificateRevocationList =    'certificateRevocationList';
+  NID_certificateRevocationList =    883;
+  LN_crossCertificatePair =   'crossCertificatePair';
+  NID_crossCertificatePair =     884;
+  SN_name =   'name';
+  LN_name =   'name';
+  NID_name =     173;
+  SN_givenName =    'GN';
+  LN_givenName =    'givenName';
+  NID_givenName =    99;
+  SN_initials =    'initials';
+  LN_initials =    'initials';
+  NID_initials =    101;
+  LN_generationQualifier =   'generationQualifier';
+  NID_generationQualifier =   509;
+  LN_x500UniqueIdentifier =   'x500UniqueIdentifier';
+  NID_x500UniqueIdentifier =     503;
+  SN_dnQualifier =   'dnQualifier';
+  LN_dnQualifier =   'dnQualifier';
+  NID_dnQualifier =   174;
+  LN_enhancedSearchGuide =   'enhancedSearchGuide';
+  NID_enhancedSearchGuide =   885;
+  LN_protocolInformation =   'protocolInformation';
+  NID_protocolInformation =   886;
+  LN_distinguishedName =    'distinguishedName';
+  NID_distinguishedName =    887;
+  LN_uniqueMember =   'uniqueMember';
+  NID_uniqueMember =     888;
+  LN_houseIdentifier =    'houseIdentifier';
+  NID_houseIdentifier =    889;
+  LN_supportedAlgorithms =   'supportedAlgorithms';
+  NID_supportedAlgorithms =   890;
+  LN_deltaRevocationList =   'deltaRevocationList';
+  NID_deltaRevocationList =   891;
+  SN_dmdName =    'dmdName';
+  NID_dmdName =    892;
+  LN_pseudonym =    'pseudonym';
+  NID_pseudonym =    510;
+  SN_role =   'role';
+  LN_role =   'role';
+  NID_role =     400;
+  LN_organizationIdentifier =     'organizationIdentifier';
+  NID_organizationIdentifier =    1089;
+  SN_countryCode3c =     'c3';
+  LN_countryCode3c =     'countryCode3c';
+  NID_countryCode3c =     1090;
+  SN_countryCode3n =     'n3';
+  LN_countryCode3n =     'countryCode3n';
+  NID_countryCode3n =     1091;
+  LN_dnsName =    'dnsName';
+  NID_dnsName =    1092;
+  SN_X500algorithms =     'X500algorithms';
+  LN_X500algorithms =     'directory services - algorithms';
+  NID_X500algorithms =    378;
+  SN_rsa =   'RSA';
+  LN_rsa =   'rsa';
+  NID_rsa =   19;
+  SN_mdc2WithRSA =   'RSA-MDC2';
+  LN_mdc2WithRSA =   'mdc2WithRSA';
+  NID_mdc2WithRSA =   96;
+  SN_mdc2 =   'MDC2';
+  LN_mdc2 =   'mdc2';
+  NID_mdc2 =     95;
+  SN_id_ce =     'id-ce';
+  NID_id_ce =     81;
+  SN_subject_directory_attributes =   'subjectDirectoryAttributes';
+  LN_subject_directory_attributes =   'X509v3 Subject Directory Attributes';
+  NID_subject_directory_attributes =     769;
+  SN_subject_key_identifier =     'subjectKeyIdentifier';
+  LN_subject_key_identifier =     'X509v3 Subject Key Identifier';
+  NID_subject_key_identifier =    82;
+  SN_key_usage =    'keyUsage';
+  LN_key_usage =    'X509v3 Key Usage';
+  NID_key_usage =    83;
+  SN_private_key_usage_period =    'privateKeyUsagePeriod';
+  LN_private_key_usage_period =    'X509v3 Private Key Usage Period';
+  NID_private_key_usage_period =    84;
+  SN_subject_alt_name =    'subjectAltName';
+  LN_subject_alt_name =    'X509v3 Subject Alternative Name';
+  NID_subject_alt_name =    85;
+  SN_issuer_alt_name =    'issuerAltName';
+  LN_issuer_alt_name =    'X509v3 Issuer Alternative Name';
+  NID_issuer_alt_name =    86;
+  SN_basic_constraints =    'basicConstraints';
+  LN_basic_constraints =    'X509v3 Basic Constraints';
+  NID_basic_constraints =    87;
+  SN_crl_number =    'crlNumber';
+  LN_crl_number =    'X509v3 CRL Number';
+  NID_crl_number =   88;
+  SN_crl_reason =    'CRLReason';
+  LN_crl_reason =    'X509v3 CRL Reason Code';
+  NID_crl_reason =   141;
+  SN_invalidity_date =    'invalidityDate';
+  LN_invalidity_date =    'Invalidity Date';
+  NID_invalidity_date =    142;
+  SN_delta_crl =    'deltaCRL';
+  LN_delta_crl =    'X509v3 Delta CRL Indicator';
+  NID_delta_crl =    140;
+  SN_issuing_distribution_point =    'issuingDistributionPoint';
+  LN_issuing_distribution_point =    'X509v3 Issuing Distribution Point';
+  NID_issuing_distribution_point =   770;
+  SN_certificate_issuer =    'certificateIssuer';
+  LN_certificate_issuer =    'X509v3 Certificate Issuer';
+  NID_certificate_issuer =   771;
+  SN_name_constraints =    'nameConstraints';
+  LN_name_constraints =    'X509v3 Name Constraints';
+  NID_name_constraints =    666;
+  SN_crl_distribution_points =    'crlDistributionPoints';
+  LN_crl_distribution_points =    'X509v3 CRL Distribution Points';
+  NID_crl_distribution_points =    103;
+  SN_certificate_policies =   'certificatePolicies';
+  LN_certificate_policies =   'X509v3 Certificate Policies';
+  NID_certificate_policies =     89;
+  SN_any_policy =    'anyPolicy';
+  LN_any_policy =    'X509v3 Any Policy';
+  NID_any_policy =   746;
+  SN_policy_mappings =    'policyMappings';
+  LN_policy_mappings =    'X509v3 Policy Mappings';
+  NID_policy_mappings =    747;
+  SN_authority_key_identifier =    'authorityKeyIdentifier';
+  LN_authority_key_identifier =    'X509v3 Authority Key Identifier';
+  NID_authority_key_identifier =    90;
+  SN_policy_constraints =    'policyConstraints';
+  LN_policy_constraints =    'X509v3 Policy Constraints';
+  NID_policy_constraints =   401;
+  SN_ext_key_usage =     'extendedKeyUsage';
+  LN_ext_key_usage =     'X509v3 Extended Key Usage';
+  NID_ext_key_usage =     126;
+  SN_freshest_crl =   'freshestCRL';
+  LN_freshest_crl =   'X509v3 Freshest CRL';
+  NID_freshest_crl =     857;
+  SN_inhibit_any_policy =    'inhibitAnyPolicy';
+  LN_inhibit_any_policy =    'X509v3 Inhibit Any Policy';
+  NID_inhibit_any_policy =   748;
+  SN_target_information =    'targetInformation';
+  LN_target_information =    'X509v3 AC Targeting';
+  NID_target_information =   402;
+  SN_no_rev_avail =   'noRevAvail';
+  LN_no_rev_avail =   'X509v3 No Revocation Available';
+  NID_no_rev_avail =     403;
+  SN_anyExtendedKeyUsage =   'anyExtendedKeyUsage';
+  LN_anyExtendedKeyUsage =   'Any Extended Key Usage';
+  NID_anyExtendedKeyUsage =   910;
+  SN_netscape =    'Netscape';
+  LN_netscape =    'Netscape Communications Corp.';
+  NID_netscape =    57;
+  SN_netscape_cert_extension =    'nsCertExt';
+  LN_netscape_cert_extension =    'Netscape Certificate Extension';
+  NID_netscape_cert_extension =    58;
+  SN_netscape_data_type =    'nsDataType';
+  LN_netscape_data_type =    'Netscape Data Type';
+  NID_netscape_data_type =   59;
+  SN_netscape_cert_type =    'nsCertType';
+  LN_netscape_cert_type =    'Netscape Cert Type';
+  NID_netscape_cert_type =   71;
+  SN_netscape_base_url =    'nsBaseUrl';
+  LN_netscape_base_url =    'Netscape Base Url';
+  NID_netscape_base_url =    72;
+  SN_netscape_revocation_url =    'nsRevocationUrl';
+  LN_netscape_revocation_url =    'Netscape Revocation Url';
+  NID_netscape_revocation_url =    73;
+  SN_netscape_ca_revocation_url =    'nsCaRevocationUrl';
+  LN_netscape_ca_revocation_url =    'Netscape CA Revocation Url';
+  NID_netscape_ca_revocation_url =   74;
+  SN_netscape_renewal_url =   'nsRenewalUrl';
+  LN_netscape_renewal_url =   'Netscape Renewal Url';
+  NID_netscape_renewal_url =     75;
+  SN_netscape_ca_policy_url =     'nsCaPolicyUrl';
+  LN_netscape_ca_policy_url =     'Netscape CA Policy Url';
+  NID_netscape_ca_policy_url =    76;
+  SN_netscape_ssl_server_name =    'nsSslServerName';
+  LN_netscape_ssl_server_name =    'Netscape Server: SSl Name';
+  NID_netscape_ssl_server_name =    77;
+  SN_netscape_comment =    'nsComment';
+  LN_netscape_comment =    'Netscape Comment';
+  NID_netscape_comment =    78;
+  SN_netscape_cert_sequence =     'nsCertSequence';
+  LN_netscape_cert_sequence =     'Netscape Certificate Sequence';
+  NID_netscape_cert_sequence =    79;
+  SN_ns_sgc =     'nsSGC';
+  LN_ns_sgc =     'Netscape Server Gated Crypto';
+  NID_ns_sgc =    139;
+  SN_org =   'ORG';
+  LN_org =   'org';
+  NID_org =   379;
+  SN_dod =   'DOD';
+  LN_dod =   'dod';
+  NID_dod =   380;
+  SN_iana =   'IANA';
+  LN_iana =   'iana';
+  NID_iana =     381;
+  SN_Directory =    'directory';
+  LN_Directory =    'Directory';
+  NID_Directory =    382;
+  SN_Management =    'mgmt';
+  LN_Management =    'Management';
+  NID_Management =   383;
+  SN_Experimental =   'experimental';
+  LN_Experimental =   'Experimental';
+  NID_Experimental =     384;
+  SN_Private =    'private';
+  LN_Private =    'Private';
+  NID_Private =    385;
+  SN_Security =    'security';
+  LN_Security =    'Security';
+  NID_Security =    386;
+  SN_SNMPv2 =     'snmpv2';
+  LN_SNMPv2 =     'SNMPv2';
+  NID_SNMPv2 =    387;
+  LN_Mail =   'Mail';
+  NID_Mail =     388;
+  SN_Enterprises =   'enterprises';
+  LN_Enterprises =   'Enterprises';
+  NID_Enterprises =   389;
+  SN_dcObject =    'dcobject';
+  LN_dcObject =    'dcObject';
+  NID_dcObject =    390;
+  SN_mime_mhs =    'mime-mhs';
+  LN_mime_mhs =    'MIME MHS';
+  NID_mime_mhs =    504;
+  SN_mime_mhs_headings =    'mime-mhs-headings';
+  LN_mime_mhs_headings =    'mime-mhs-headings';
+  NID_mime_mhs_headings =    505;
+  SN_mime_mhs_bodies =    'mime-mhs-bodies';
+  LN_mime_mhs_bodies =    'mime-mhs-bodies';
+  NID_mime_mhs_bodies =    506;
+  SN_id_hex_partial_message =     'id-hex-partial-message';
+  LN_id_hex_partial_message =     'id-hex-partial-message';
+  NID_id_hex_partial_message =    507;
+  SN_id_hex_multipart_message =    'id-hex-multipart-message';
+  LN_id_hex_multipart_message =    'id-hex-multipart-message';
+  NID_id_hex_multipart_message =    508;
+  SN_zlib_compression =    'ZLIB';
+  LN_zlib_compression =    'zlib compression';
+  NID_zlib_compression =    125;
+  SN_aes_128_ecb =   'AES-128-ECB';
+  LN_aes_128_ecb =   'aes-128-ecb';
+  NID_aes_128_ecb =   418;
+  SN_aes_128_cbc =   'AES-128-CBC';
+  LN_aes_128_cbc =   'aes-128-cbc';
+  NID_aes_128_cbc =   419;
+  SN_aes_128_ofb128 =     'AES-128-OFB';
+  LN_aes_128_ofb128 =     'aes-128-ofb';
+  NID_aes_128_ofb128 =    420;
+  SN_aes_128_cfb128 =     'AES-128-CFB';
+  LN_aes_128_cfb128 =     'aes-128-cfb';
+  NID_aes_128_cfb128 =    421;
+  SN_id_aes128_wrap =     'id-aes128-wrap';
+  NID_id_aes128_wrap =    788;
+  SN_aes_128_gcm =   'id-aes128-GCM';
+  LN_aes_128_gcm =   'aes-128-gcm';
+  NID_aes_128_gcm =   895;
+  SN_aes_128_ccm =   'id-aes128-CCM';
+  LN_aes_128_ccm =   'aes-128-ccm';
+  NID_aes_128_ccm =   896;
+  SN_id_aes128_wrap_pad =    'id-aes128-wrap-pad';
+  NID_id_aes128_wrap_pad =   897;
+  SN_aes_192_ecb =   'AES-192-ECB';
+  LN_aes_192_ecb =   'aes-192-ecb';
+  NID_aes_192_ecb =   422;
+  SN_aes_192_cbc =   'AES-192-CBC';
+  LN_aes_192_cbc =   'aes-192-cbc';
+  NID_aes_192_cbc =   423;
+  SN_aes_192_ofb128 =     'AES-192-OFB';
+  LN_aes_192_ofb128 =     'aes-192-ofb';
+  NID_aes_192_ofb128 =    424;
+  SN_aes_192_cfb128 =     'AES-192-CFB';
+  LN_aes_192_cfb128 =     'aes-192-cfb';
+  NID_aes_192_cfb128 =    425;
+  SN_id_aes192_wrap =     'id-aes192-wrap';
+  NID_id_aes192_wrap =    789;
+  SN_aes_192_gcm =   'id-aes192-GCM';
+  LN_aes_192_gcm =   'aes-192-gcm';
+  NID_aes_192_gcm =   898;
+  SN_aes_192_ccm =   'id-aes192-CCM';
+  LN_aes_192_ccm =   'aes-192-ccm';
+  NID_aes_192_ccm =   899;
+  SN_id_aes192_wrap_pad =    'id-aes192-wrap-pad';
+  NID_id_aes192_wrap_pad =   900;
+  SN_aes_256_ecb =   'AES-256-ECB';
+  LN_aes_256_ecb =   'aes-256-ecb';
+  NID_aes_256_ecb =   426;
+  SN_aes_256_cbc =   'AES-256-CBC';
+  LN_aes_256_cbc =   'aes-256-cbc';
+  NID_aes_256_cbc =   427;
+  SN_aes_256_ofb128 =     'AES-256-OFB';
+  LN_aes_256_ofb128 =     'aes-256-ofb';
+  NID_aes_256_ofb128 =    428;
+  SN_aes_256_cfb128 =     'AES-256-CFB';
+  LN_aes_256_cfb128 =     'aes-256-cfb';
+  NID_aes_256_cfb128 =    429;
+  SN_id_aes256_wrap =     'id-aes256-wrap';
+  NID_id_aes256_wrap =    790;
+  SN_aes_256_gcm =   'id-aes256-GCM';
+  LN_aes_256_gcm =   'aes-256-gcm';
+  NID_aes_256_gcm =   901;
+  SN_aes_256_ccm =   'id-aes256-CCM';
+  LN_aes_256_ccm =   'aes-256-ccm';
+  NID_aes_256_ccm =   902;
+  SN_id_aes256_wrap_pad =    'id-aes256-wrap-pad';
+  NID_id_aes256_wrap_pad =   903;
+  SN_aes_128_xts =   'AES-128-XTS';
+  LN_aes_128_xts =   'aes-128-xts';
+  NID_aes_128_xts =   913;
+  SN_aes_256_xts =   'AES-256-XTS';
+  LN_aes_256_xts =   'aes-256-xts';
+  NID_aes_256_xts =   914;
+  SN_aes_128_cfb1 =   'AES-128-CFB1';
+  LN_aes_128_cfb1 =   'aes-128-cfb1';
+  NID_aes_128_cfb1 =     650;
+  SN_aes_192_cfb1 =   'AES-192-CFB1';
+  LN_aes_192_cfb1 =   'aes-192-cfb1';
+  NID_aes_192_cfb1 =     651;
+  SN_aes_256_cfb1 =   'AES-256-CFB1';
+  LN_aes_256_cfb1 =   'aes-256-cfb1';
+  NID_aes_256_cfb1 =     652;
+  SN_aes_128_cfb8 =   'AES-128-CFB8';
+  LN_aes_128_cfb8 =   'aes-128-cfb8';
+  NID_aes_128_cfb8 =     653;
+  SN_aes_192_cfb8 =   'AES-192-CFB8';
+  LN_aes_192_cfb8 =   'aes-192-cfb8';
+  NID_aes_192_cfb8 =     654;
+  SN_aes_256_cfb8 =   'AES-256-CFB8';
+  LN_aes_256_cfb8 =   'aes-256-cfb8';
+  NID_aes_256_cfb8 =     655;
+  SN_aes_128_ctr =   'AES-128-CTR';
+  LN_aes_128_ctr =   'aes-128-ctr';
+  NID_aes_128_ctr =   904;
+  SN_aes_192_ctr =   'AES-192-CTR';
+  LN_aes_192_ctr =   'aes-192-ctr';
+  NID_aes_192_ctr =   905;
+  SN_aes_256_ctr =   'AES-256-CTR';
+  LN_aes_256_ctr =   'aes-256-ctr';
+  NID_aes_256_ctr =   906;
+  SN_aes_128_ocb =   'AES-128-OCB';
+  LN_aes_128_ocb =   'aes-128-ocb';
+  NID_aes_128_ocb =   958;
+  SN_aes_192_ocb =   'AES-192-OCB';
+  LN_aes_192_ocb =   'aes-192-ocb';
+  NID_aes_192_ocb =   959;
+  SN_aes_256_ocb =   'AES-256-OCB';
+  LN_aes_256_ocb =   'aes-256-ocb';
+  NID_aes_256_ocb =   960;
+  SN_des_cfb1 =    'DES-CFB1';
+  LN_des_cfb1 =    'des-cfb1';
+  NID_des_cfb1 =    656;
+  SN_des_cfb8 =    'DES-CFB8';
+  LN_des_cfb8 =    'des-cfb8';
+  NID_des_cfb8 =    657;
+  SN_des_ede3_cfb1 =     'DES-EDE3-CFB1';
+  LN_des_ede3_cfb1 =     'des-ede3-cfb1';
+  NID_des_ede3_cfb1 =     658;
+  SN_des_ede3_cfb8 =     'DES-EDE3-CFB8';
+  LN_des_ede3_cfb8 =     'des-ede3-cfb8';
+  NID_des_ede3_cfb8 =     659;
+  SN_sha256 =     'SHA256';
+  LN_sha256 =     'sha256';
+  NID_sha256 =    672;
+  SN_sha384 =     'SHA384';
+  LN_sha384 =     'sha384';
+  NID_sha384 =    673;
+  SN_sha512 =     'SHA512';
+  LN_sha512 =     'sha512';
+  NID_sha512 =    674;
+  SN_sha224 =     'SHA224';
+  LN_sha224 =     'sha224';
+  NID_sha224 =    675;
+  SN_sha512_224 =    'SHA512-224';
+  LN_sha512_224 =    'sha512-224';
+  NID_sha512_224 =   1094;
+  SN_sha512_256 =    'SHA512-256';
+  LN_sha512_256 =    'sha512-256';
+  NID_sha512_256 =   1095;
+  SN_sha3_224 =    'SHA3-224';
+  LN_sha3_224 =    'sha3-224';
+  NID_sha3_224 =    1096;
+  SN_sha3_256 =    'SHA3-256';
+  LN_sha3_256 =    'sha3-256';
+  NID_sha3_256 =    1097;
+  SN_sha3_384 =    'SHA3-384';
+  LN_sha3_384 =    'sha3-384';
+  NID_sha3_384 =    1098;
+  SN_sha3_512 =    'SHA3-512';
+  LN_sha3_512 =    'sha3-512';
+  NID_sha3_512 =    1099;
+  SN_shake128 =    'SHAKE128';
+  LN_shake128 =    'shake128';
+  NID_shake128 =    1100;
+  SN_shake256 =    'SHAKE256';
+  LN_shake256 =    'shake256';
+  NID_shake256 =    1101;
+  SN_hmac_sha3_224 =     'id-hmacWithSHA3-224';
+  LN_hmac_sha3_224 =     'hmac-sha3-224';
+  NID_hmac_sha3_224 =     1102;
+  SN_hmac_sha3_256 =     'id-hmacWithSHA3-256';
+  LN_hmac_sha3_256 =     'hmac-sha3-256';
+  NID_hmac_sha3_256 =     1103;
+  SN_hmac_sha3_384 =     'id-hmacWithSHA3-384';
+  LN_hmac_sha3_384 =     'hmac-sha3-384';
+  NID_hmac_sha3_384 =     1104;
+  SN_hmac_sha3_512 =     'id-hmacWithSHA3-512';
+  LN_hmac_sha3_512 =     'hmac-sha3-512';
+  NID_hmac_sha3_512 =     1105;
+  SN_dsa_with_SHA224 =    'dsa_with_SHA224';
+  NID_dsa_with_SHA224 =    802;
+  SN_dsa_with_SHA256 =    'dsa_with_SHA256';
+  NID_dsa_with_SHA256 =    803;
+  SN_dsa_with_SHA384 =    'id-dsa-with-sha384';
+  LN_dsa_with_SHA384 =    'dsa_with_SHA384';
+  NID_dsa_with_SHA384 =    1106;
+  SN_dsa_with_SHA512 =    'id-dsa-with-sha512';
+  LN_dsa_with_SHA512 =    'dsa_with_SHA512';
+  NID_dsa_with_SHA512 =    1107;
+  SN_dsa_with_SHA3_224 =    'id-dsa-with-sha3-224';
+  LN_dsa_with_SHA3_224 =    'dsa_with_SHA3-224';
+  NID_dsa_with_SHA3_224 =    1108;
+  SN_dsa_with_SHA3_256 =    'id-dsa-with-sha3-256';
+  LN_dsa_with_SHA3_256 =    'dsa_with_SHA3-256';
+  NID_dsa_with_SHA3_256 =    1109;
+  SN_dsa_with_SHA3_384 =    'id-dsa-with-sha3-384';
+  LN_dsa_with_SHA3_384 =    'dsa_with_SHA3-384';
+  NID_dsa_with_SHA3_384 =    1110;
+  SN_dsa_with_SHA3_512 =    'id-dsa-with-sha3-512';
+  LN_dsa_with_SHA3_512 =    'dsa_with_SHA3-512';
+  NID_dsa_with_SHA3_512 =    1111;
+  SN_ecdsa_with_SHA3_224 =   'id-ecdsa-with-sha3-224';
+  LN_ecdsa_with_SHA3_224 =   'ecdsa_with_SHA3-224';
+  NID_ecdsa_with_SHA3_224 =   1112;
+  SN_ecdsa_with_SHA3_256 =   'id-ecdsa-with-sha3-256';
+  LN_ecdsa_with_SHA3_256 =   'ecdsa_with_SHA3-256';
+  NID_ecdsa_with_SHA3_256 =   1113;
+  SN_ecdsa_with_SHA3_384 =   'id-ecdsa-with-sha3-384';
+  LN_ecdsa_with_SHA3_384 =   'ecdsa_with_SHA3-384';
+  NID_ecdsa_with_SHA3_384 =   1114;
+  SN_ecdsa_with_SHA3_512 =   'id-ecdsa-with-sha3-512';
+  LN_ecdsa_with_SHA3_512 =   'ecdsa_with_SHA3-512';
+  NID_ecdsa_with_SHA3_512 =   1115;
+  SN_RSA_SHA3_224 =   'id-rsassa-pkcs1-v1_5-with-sha3-224';
+  LN_RSA_SHA3_224 =   'RSA-SHA3-224';
+  NID_RSA_SHA3_224 =     1116;
+  SN_RSA_SHA3_256 =   'id-rsassa-pkcs1-v1_5-with-sha3-256';
+  LN_RSA_SHA3_256 =   'RSA-SHA3-256';
+  NID_RSA_SHA3_256 =     1117;
+  SN_RSA_SHA3_384 =   'id-rsassa-pkcs1-v1_5-with-sha3-384';
+  LN_RSA_SHA3_384 =   'RSA-SHA3-384';
+  NID_RSA_SHA3_384 =     1118;
+  SN_RSA_SHA3_512 =   'id-rsassa-pkcs1-v1_5-with-sha3-512';
+  LN_RSA_SHA3_512 =   'RSA-SHA3-512';
+  NID_RSA_SHA3_512 =     1119;
+  SN_hold_instruction_code =     'holdInstructionCode';
+  LN_hold_instruction_code =     'Hold Instruction Code';
+  NID_hold_instruction_code =     430;
+  SN_hold_instruction_none =     'holdInstructionNone';
+  LN_hold_instruction_none =     'Hold Instruction None';
+  NID_hold_instruction_none =     431;
+  SN_hold_instruction_call_issuer =   'holdInstructionCallIssuer';
+  LN_hold_instruction_call_issuer =   'Hold Instruction Call Issuer';
+  NID_hold_instruction_call_issuer =     432;
+  SN_hold_instruction_reject =    'holdInstructionReject';
+  LN_hold_instruction_reject =    'Hold Instruction Reject';
+  NID_hold_instruction_reject =    433;
+  SN_data =   'data';
+  NID_data =     434;
+  SN_pss =   'pss';
+  NID_pss =   435;
+  SN_ucl =   'ucl';
+  NID_ucl =   436;
+  SN_pilot =     'pilot';
+  NID_pilot =     437;
+  LN_pilotAttributeType =    'pilotAttributeType';
+  NID_pilotAttributeType =   438;
+  LN_pilotAttributeSyntax =   'pilotAttributeSyntax';
+  NID_pilotAttributeSyntax =     439;
+  LN_pilotObjectClass =    'pilotObjectClass';
+  NID_pilotObjectClass =    440;
+  LN_pilotGroups =   'pilotGroups';
+  NID_pilotGroups =   441;
+  LN_iA5StringSyntax =    'iA5StringSyntax';
+  NID_iA5StringSyntax =    442;
+  LN_caseIgnoreIA5StringSyntax =    'caseIgnoreIA5StringSyntax';
+  NID_caseIgnoreIA5StringSyntax =    443;
+  LN_pilotObject =   'pilotObject';
+  NID_pilotObject =   444;
+  LN_pilotPerson =   'pilotPerson';
+  NID_pilotPerson =   445;
+  SN_account =    'account';
+  NID_account =    446;
+  SN_document =    'document';
+  NID_document =    447;
+  SN_room =   'room';
+  NID_room =     448;
+  LN_documentSeries =     'documentSeries';
+  NID_documentSeries =    449;
+  SN_Domain =     'domain';
+  LN_Domain =     'Domain';
+  NID_Domain =    392;
+  LN_rFC822localPart =    'rFC822localPart';
+  NID_rFC822localPart =    450;
+  LN_dNSDomain =    'dNSDomain';
+  NID_dNSDomain =    451;
+  LN_domainRelatedObject =   'domainRelatedObject';
+  NID_domainRelatedObject =   452;
+  LN_friendlyCountry =    'friendlyCountry';
+  NID_friendlyCountry =    453;
+  LN_simpleSecurityObject =   'simpleSecurityObject';
+  NID_simpleSecurityObject =     454;
+  LN_pilotOrganization =    'pilotOrganization';
+  NID_pilotOrganization =    455;
+  LN_pilotDSA =    'pilotDSA';
+  NID_pilotDSA =    456;
+  LN_qualityLabelledData =   'qualityLabelledData';
+  NID_qualityLabelledData =   457;
+  SN_userId =     'UID';
+  LN_userId =     'userId';
+  NID_userId =    458;
+  LN_textEncodedORAddress =   'textEncodedORAddress';
+  NID_textEncodedORAddress =     459;
+  SN_rfc822Mailbox =     'mail';
+  LN_rfc822Mailbox =     'rfc822Mailbox';
+  NID_rfc822Mailbox =     460;
+  SN_info =   'info';
+  NID_info =     461;
+  LN_favouriteDrink =     'favouriteDrink';
+  NID_favouriteDrink =    462;
+  LN_roomNumber =    'roomNumber';
+  NID_roomNumber =   463;
+  SN_photo =     'photo';
+  NID_photo =     464;
+  LN_userClass =    'userClass';
+  NID_userClass =    465;
+  SN_host =   'host';
+  NID_host =     466;
+  SN_manager =    'manager';
+  NID_manager =    467;
+  LN_documentIdentifier =    'documentIdentifier';
+  NID_documentIdentifier =   468;
+  LN_documentTitle =     'documentTitle';
+  NID_documentTitle =     469;
+  LN_documentVersion =    'documentVersion';
+  NID_documentVersion =    470;
+  LN_documentAuthor =     'documentAuthor';
+  NID_documentAuthor =    471;
+  LN_documentLocation =    'documentLocation';
+  NID_documentLocation =    472;
+  LN_homeTelephoneNumber =   'homeTelephoneNumber';
+  NID_homeTelephoneNumber =   473;
+  SN_secretary =    'secretary';
+  NID_secretary =    474;
+  LN_otherMailbox =   'otherMailbox';
+  NID_otherMailbox =     475;
+  LN_lastModifiedTime =    'lastModifiedTime';
+  NID_lastModifiedTime =    476;
+  LN_lastModifiedBy =     'lastModifiedBy';
+  NID_lastModifiedBy =    477;
+  SN_domainComponent =    'DC';
+  LN_domainComponent =    'domainComponent';
+  NID_domainComponent =    391;
+  LN_aRecord =    'aRecord';
+  NID_aRecord =    478;
+  LN_pilotAttributeType27 =   'pilotAttributeType27';
+  NID_pilotAttributeType27 =     479;
+  LN_mXRecord =    'mXRecord';
+  NID_mXRecord =    480;
+  LN_nSRecord =    'nSRecord';
+  NID_nSRecord =    481;
+  LN_sOARecord =    'sOARecord';
+  NID_sOARecord =    482;
+  LN_cNAMERecord =   'cNAMERecord';
+  NID_cNAMERecord =   483;
+  LN_associatedDomain =    'associatedDomain';
+  NID_associatedDomain =    484;
+  LN_associatedName =     'associatedName';
+  NID_associatedName =    485;
+  LN_homePostalAddress =    'homePostalAddress';
+  NID_homePostalAddress =    486;
+  LN_personalTitle =     'personalTitle';
+  NID_personalTitle =     487;
+  LN_mobileTelephoneNumber =     'mobileTelephoneNumber';
+  NID_mobileTelephoneNumber =     488;
+  LN_pagerTelephoneNumber =   'pagerTelephoneNumber';
+  NID_pagerTelephoneNumber =     489;
+  LN_friendlyCountryName =   'friendlyCountryName';
+  NID_friendlyCountryName =   490;
+  SN_uniqueIdentifier =    'uid';
+  LN_uniqueIdentifier =    'uniqueIdentifier';
+  NID_uniqueIdentifier =    102;
+  LN_organizationalStatus =   'organizationalStatus';
+  NID_organizationalStatus =     491;
+  LN_janetMailbox =   'janetMailbox';
+  NID_janetMailbox =     492;
+  LN_mailPreferenceOption =   'mailPreferenceOption';
+  NID_mailPreferenceOption =     493;
+  LN_buildingName =   'buildingName';
+  NID_buildingName =     494;
+  LN_dSAQuality =    'dSAQuality';
+  NID_dSAQuality =   495;
+  LN_singleLevelQuality =    'singleLevelQuality';
+  NID_singleLevelQuality =   496;
+  LN_subtreeMinimumQuality =     'subtreeMinimumQuality';
+  NID_subtreeMinimumQuality =     497;
+  LN_subtreeMaximumQuality =     'subtreeMaximumQuality';
+  NID_subtreeMaximumQuality =     498;
+  LN_personalSignature =    'personalSignature';
+  NID_personalSignature =    499;
+  LN_dITRedirect =   'dITRedirect';
+  NID_dITRedirect =   500;
+  SN_audio =     'audio';
+  NID_audio =     501;
+  LN_documentPublisher =    'documentPublisher';
+  NID_documentPublisher =    502;
+  SN_id_set =     'id-set';
+  LN_id_set =     'Secure Electronic Transactions';
+  NID_id_set =    512;
+  SN_set_ctype =    'set-ctype';
+  LN_set_ctype =    'content types';
+  NID_set_ctype =    513;
+  SN_set_msgExt =    'set-msgExt';
+  LN_set_msgExt =    'message extensions';
+  NID_set_msgExt =   514;
+  SN_set_attr =    'set-attr';
+  NID_set_attr =    515;
+  SN_set_policy =    'set-policy';
+  NID_set_policy =   516;
+  SN_set_certExt =   'set-certExt';
+  LN_set_certExt =   'certificate extensions';
+  NID_set_certExt =   517;
+  SN_set_brand =    'set-brand';
+  NID_set_brand =    518;
+  SN_setct_PANData =     'setct-PANData';
+  NID_setct_PANData =     519;
+  SN_setct_PANToken =     'setct-PANToken';
+  NID_setct_PANToken =    520;
+  SN_setct_PANOnly =     'setct-PANOnly';
+  NID_setct_PANOnly =     521;
+  SN_setct_OIData =   'setct-OIData';
+  NID_setct_OIData =     522;
+  SN_setct_PI =    'setct-PI';
+  NID_setct_PI =    523;
+  SN_setct_PIData =   'setct-PIData';
+  NID_setct_PIData =     524;
+  SN_setct_PIDataUnsigned =   'setct-PIDataUnsigned';
+  NID_setct_PIDataUnsigned =     525;
+  SN_setct_HODInput =     'setct-HODInput';
+  NID_setct_HODInput =    526;
+  SN_setct_AuthResBaggage =   'setct-AuthResBaggage';
+  NID_setct_AuthResBaggage =     527;
+  SN_setct_AuthRevReqBaggage =    'setct-AuthRevReqBaggage';
+  NID_setct_AuthRevReqBaggage =    528;
+  SN_setct_AuthRevResBaggage =    'setct-AuthRevResBaggage';
+  NID_setct_AuthRevResBaggage =    529;
+  SN_setct_CapTokenSeq =    'setct-CapTokenSeq';
+  NID_setct_CapTokenSeq =    530;
+  SN_setct_PInitResData =    'setct-PInitResData';
+  NID_setct_PInitResData =   531;
+  SN_setct_PI_TBS =   'setct-PI-TBS';
+  NID_setct_PI_TBS =     532;
+  SN_setct_PResData =     'setct-PResData';
+  NID_setct_PResData =    533;
+  SN_setct_AuthReqTBS =    'setct-AuthReqTBS';
+  NID_setct_AuthReqTBS =    534;
+  SN_setct_AuthResTBS =    'setct-AuthResTBS';
+  NID_setct_AuthResTBS =    535;
+  SN_setct_AuthResTBSX =    'setct-AuthResTBSX';
+  NID_setct_AuthResTBSX =    536;
+  SN_setct_AuthTokenTBS =    'setct-AuthTokenTBS';
+  NID_setct_AuthTokenTBS =   537;
+  SN_setct_CapTokenData =    'setct-CapTokenData';
+  NID_setct_CapTokenData =   538;
+  SN_setct_CapTokenTBS =    'setct-CapTokenTBS';
+  NID_setct_CapTokenTBS =    539;
+  SN_setct_AcqCardCodeMsg =   'setct-AcqCardCodeMsg';
+  NID_setct_AcqCardCodeMsg =     540;
+  SN_setct_AuthRevReqTBS =   'setct-AuthRevReqTBS';
+  NID_setct_AuthRevReqTBS =   541;
+  SN_setct_AuthRevResData =   'setct-AuthRevResData';
+  NID_setct_AuthRevResData =     542;
+  SN_setct_AuthRevResTBS =   'setct-AuthRevResTBS';
+  NID_setct_AuthRevResTBS =   543;
+  SN_setct_CapReqTBS =    'setct-CapReqTBS';
+  NID_setct_CapReqTBS =    544;
+  SN_setct_CapReqTBSX =    'setct-CapReqTBSX';
+  NID_setct_CapReqTBSX =    545;
+  SN_setct_CapResData =    'setct-CapResData';
+  NID_setct_CapResData =    546;
+  SN_setct_CapRevReqTBS =    'setct-CapRevReqTBS';
+  NID_setct_CapRevReqTBS =   547;
+  SN_setct_CapRevReqTBSX =   'setct-CapRevReqTBSX';
+  NID_setct_CapRevReqTBSX =   548;
+  SN_setct_CapRevResData =   'setct-CapRevResData';
+  NID_setct_CapRevResData =   549;
+  SN_setct_CredReqTBS =    'setct-CredReqTBS';
+  NID_setct_CredReqTBS =    550;
+  SN_setct_CredReqTBSX =    'setct-CredReqTBSX';
+  NID_setct_CredReqTBSX =    551;
+  SN_setct_CredResData =    'setct-CredResData';
+  NID_setct_CredResData =    552;
+  SN_setct_CredRevReqTBS =   'setct-CredRevReqTBS';
+  NID_setct_CredRevReqTBS =   553;
+  SN_setct_CredRevReqTBSX =   'setct-CredRevReqTBSX';
+  NID_setct_CredRevReqTBSX =     554;
+  SN_setct_CredRevResData =   'setct-CredRevResData';
+  NID_setct_CredRevResData =     555;
+  SN_setct_PCertReqData =    'setct-PCertReqData';
+  NID_setct_PCertReqData =   556;
+  SN_setct_PCertResTBS =    'setct-PCertResTBS';
+  NID_setct_PCertResTBS =    557;
+  SN_setct_BatchAdminReqData =    'setct-BatchAdminReqData';
+  NID_setct_BatchAdminReqData =    558;
+  SN_setct_BatchAdminResData =    'setct-BatchAdminResData';
+  NID_setct_BatchAdminResData =    559;
+  SN_setct_CardCInitResTBS =     'setct-CardCInitResTBS';
+  NID_setct_CardCInitResTBS =     560;
+  SN_setct_MeAqCInitResTBS =     'setct-MeAqCInitResTBS';
+  NID_setct_MeAqCInitResTBS =     561;
+  SN_setct_RegFormResTBS =   'setct-RegFormResTBS';
+  NID_setct_RegFormResTBS =   562;
+  SN_setct_CertReqData =    'setct-CertReqData';
+  NID_setct_CertReqData =    563;
+  SN_setct_CertReqTBS =    'setct-CertReqTBS';
+  NID_setct_CertReqTBS =    564;
+  SN_setct_CertResData =    'setct-CertResData';
+  NID_setct_CertResData =    565;
+  SN_setct_CertInqReqTBS =   'setct-CertInqReqTBS';
+  NID_setct_CertInqReqTBS =   566;
+  SN_setct_ErrorTBS =     'setct-ErrorTBS';
+  NID_setct_ErrorTBS =    567;
+  SN_setct_PIDualSignedTBE =     'setct-PIDualSignedTBE';
+  NID_setct_PIDualSignedTBE =     568;
+  SN_setct_PIUnsignedTBE =   'setct-PIUnsignedTBE';
+  NID_setct_PIUnsignedTBE =   569;
+  SN_setct_AuthReqTBE =    'setct-AuthReqTBE';
+  NID_setct_AuthReqTBE =    570;
+  SN_setct_AuthResTBE =    'setct-AuthResTBE';
+  NID_setct_AuthResTBE =    571;
+  SN_setct_AuthResTBEX =    'setct-AuthResTBEX';
+  NID_setct_AuthResTBEX =    572;
+  SN_setct_AuthTokenTBE =    'setct-AuthTokenTBE';
+  NID_setct_AuthTokenTBE =   573;
+  SN_setct_CapTokenTBE =    'setct-CapTokenTBE';
+  NID_setct_CapTokenTBE =    574;
+  SN_setct_CapTokenTBEX =    'setct-CapTokenTBEX';
+  NID_setct_CapTokenTBEX =   575;
+  SN_setct_AcqCardCodeMsgTBE =    'setct-AcqCardCodeMsgTBE';
+  NID_setct_AcqCardCodeMsgTBE =    576;
+  SN_setct_AuthRevReqTBE =   'setct-AuthRevReqTBE';
+  NID_setct_AuthRevReqTBE =   577;
+  SN_setct_AuthRevResTBE =   'setct-AuthRevResTBE';
+  NID_setct_AuthRevResTBE =   578;
+  SN_setct_AuthRevResTBEB =   'setct-AuthRevResTBEB';
+  NID_setct_AuthRevResTBEB =     579;
+  SN_setct_CapReqTBE =    'setct-CapReqTBE';
+  NID_setct_CapReqTBE =    580;
+  SN_setct_CapReqTBEX =    'setct-CapReqTBEX';
+  NID_setct_CapReqTBEX =    581;
+  SN_setct_CapResTBE =    'setct-CapResTBE';
+  NID_setct_CapResTBE =    582;
+  SN_setct_CapRevReqTBE =    'setct-CapRevReqTBE';
+  NID_setct_CapRevReqTBE =   583;
+  SN_setct_CapRevReqTBEX =   'setct-CapRevReqTBEX';
+  NID_setct_CapRevReqTBEX =   584;
+  SN_setct_CapRevResTBE =    'setct-CapRevResTBE';
+  NID_setct_CapRevResTBE =   585;
+  SN_setct_CredReqTBE =    'setct-CredReqTBE';
+  NID_setct_CredReqTBE =    586;
+  SN_setct_CredReqTBEX =    'setct-CredReqTBEX';
+  NID_setct_CredReqTBEX =    587;
+  SN_setct_CredResTBE =    'setct-CredResTBE';
+  NID_setct_CredResTBE =    588;
+  SN_setct_CredRevReqTBE =   'setct-CredRevReqTBE';
+  NID_setct_CredRevReqTBE =   589;
+  SN_setct_CredRevReqTBEX =   'setct-CredRevReqTBEX';
+  NID_setct_CredRevReqTBEX =     590;
+  SN_setct_CredRevResTBE =   'setct-CredRevResTBE';
+  NID_setct_CredRevResTBE =   591;
+  SN_setct_BatchAdminReqTBE =     'setct-BatchAdminReqTBE';
+  NID_setct_BatchAdminReqTBE =    592;
+  SN_setct_BatchAdminResTBE =     'setct-BatchAdminResTBE';
+  NID_setct_BatchAdminResTBE =    593;
+  SN_setct_RegFormReqTBE =   'setct-RegFormReqTBE';
+  NID_setct_RegFormReqTBE =   594;
+  SN_setct_CertReqTBE =    'setct-CertReqTBE';
+  NID_setct_CertReqTBE =    595;
+  SN_setct_CertReqTBEX =    'setct-CertReqTBEX';
+  NID_setct_CertReqTBEX =    596;
+  SN_setct_CertResTBE =    'setct-CertResTBE';
+  NID_setct_CertResTBE =    597;
+  SN_setct_CRLNotificationTBS =    'setct-CRLNotificationTBS';
+  NID_setct_CRLNotificationTBS =    598;
+  SN_setct_CRLNotificationResTBS =   'setct-CRLNotificationResTBS';
+  NID_setct_CRLNotificationResTBS =   599;
+  SN_setct_BCIDistributionTBS =    'setct-BCIDistributionTBS';
+  NID_setct_BCIDistributionTBS =    600;
+  SN_setext_genCrypt =    'setext-genCrypt';
+  LN_setext_genCrypt =    'generic cryptogram';
+  NID_setext_genCrypt =    601;
+  SN_setext_miAuth =     'setext-miAuth';
+  LN_setext_miAuth =     'merchant initiated auth';
+  NID_setext_miAuth =     602;
+  SN_setext_pinSecure =    'setext-pinSecure';
+  NID_setext_pinSecure =    603;
+  SN_setext_pinAny =     'setext-pinAny';
+  NID_setext_pinAny =     604;
+  SN_setext_track2 =     'setext-track2';
+  NID_setext_track2 =     605;
+  SN_setext_cv =    'setext-cv';
+  LN_setext_cv =    'additional verification';
+  NID_setext_cv =    606;
+  SN_set_policy_root =    'set-policy-root';
+  NID_set_policy_root =    607;
+  SN_setCext_hashedRoot =    'setCext-hashedRoot';
+  NID_setCext_hashedRoot =   608;
+  SN_setCext_certType =    'setCext-certType';
+  NID_setCext_certType =    609;
+  SN_setCext_merchData =    'setCext-merchData';
+  NID_setCext_merchData =    610;
+  SN_setCext_cCertRequired =     'setCext-cCertRequired';
+  NID_setCext_cCertRequired =     611;
+  SN_setCext_tunneling =    'setCext-tunneling';
+  NID_setCext_tunneling =    612;
+  SN_setCext_setExt =     'setCext-setExt';
+  NID_setCext_setExt =    613;
+  SN_setCext_setQualf =    'setCext-setQualf';
+  NID_setCext_setQualf =    614;
+  SN_setCext_PGWYcapabilities =    'setCext-PGWYcapabilities';
+  NID_setCext_PGWYcapabilities =    615;
+  SN_setCext_TokenIdentifier =    'setCext-TokenIdentifier';
+  NID_setCext_TokenIdentifier =    616;
+  SN_setCext_Track2Data =    'setCext-Track2Data';
+  NID_setCext_Track2Data =   617;
+  SN_setCext_TokenType =    'setCext-TokenType';
+  NID_setCext_TokenType =    618;
+  SN_setCext_IssuerCapabilities =    'setCext-IssuerCapabilities';
+  NID_setCext_IssuerCapabilities =   619;
+  SN_setAttr_Cert =   'setAttr-Cert';
+  NID_setAttr_Cert =     620;
+  SN_setAttr_PGWYcap =    'setAttr-PGWYcap';
+  LN_setAttr_PGWYcap =    'payment gateway capabilities';
+  NID_setAttr_PGWYcap =    621;
+  SN_setAttr_TokenType =    'setAttr-TokenType';
+  NID_setAttr_TokenType =    622;
+  SN_setAttr_IssCap =     'setAttr-IssCap';
+  LN_setAttr_IssCap =     'issuer capabilities';
+  NID_setAttr_IssCap =    623;
+  SN_set_rootKeyThumb =    'set-rootKeyThumb';
+  NID_set_rootKeyThumb =    624;
+  SN_set_addPolicy =     'set-addPolicy';
+  NID_set_addPolicy =     625;
+  SN_setAttr_Token_EMV =    'setAttr-Token-EMV';
+  NID_setAttr_Token_EMV =    626;
+  SN_setAttr_Token_B0Prime =     'setAttr-Token-B0Prime';
+  NID_setAttr_Token_B0Prime =     627;
+  SN_setAttr_IssCap_CVM =    'setAttr-IssCap-CVM';
+  NID_setAttr_IssCap_CVM =   628;
+  SN_setAttr_IssCap_T2 =    'setAttr-IssCap-T2';
+  NID_setAttr_IssCap_T2 =    629;
+  SN_setAttr_IssCap_Sig =    'setAttr-IssCap-Sig';
+  NID_setAttr_IssCap_Sig =   630;
+  SN_setAttr_GenCryptgrm =   'setAttr-GenCryptgrm';
+  LN_setAttr_GenCryptgrm =   'generate cryptogram';
+  NID_setAttr_GenCryptgrm =   631;
+  SN_setAttr_T2Enc =     'setAttr-T2Enc';
+  LN_setAttr_T2Enc =     'encrypted track 2';
+  NID_setAttr_T2Enc =     632;
+  SN_setAttr_T2cleartxt =    'setAttr-T2cleartxt';
+  LN_setAttr_T2cleartxt =    'cleartext track 2';
+  NID_setAttr_T2cleartxt =   633;
+  SN_setAttr_TokICCsig =    'setAttr-TokICCsig';
+  LN_setAttr_TokICCsig =    'ICC or token signature';
+  NID_setAttr_TokICCsig =    634;
+  SN_setAttr_SecDevSig =    'setAttr-SecDevSig';
+  LN_setAttr_SecDevSig =    'secure device signature';
+  NID_setAttr_SecDevSig =    635;
+  SN_set_brand_IATA_ATA =    'set-brand-IATA-ATA';
+  NID_set_brand_IATA_ATA =   636;
+  SN_set_brand_Diners =    'set-brand-Diners';
+  NID_set_brand_Diners =    637;
+  SN_set_brand_AmericanExpress =    'set-brand-AmericanExpress';
+  NID_set_brand_AmericanExpress =    638;
+  SN_set_brand_JCB =     'set-brand-JCB';
+  NID_set_brand_JCB =     639;
+  SN_set_brand_Visa =     'set-brand-Visa';
+  NID_set_brand_Visa =    640;
+  SN_set_brand_MasterCard =   'set-brand-MasterCard';
+  NID_set_brand_MasterCard =     641;
+  SN_set_brand_Novus =    'set-brand-Novus';
+  NID_set_brand_Novus =    642;
+  SN_des_cdmf =    'DES-CDMF';
+  LN_des_cdmf =    'des-cdmf';
+  NID_des_cdmf =    643;
+  SN_rsaOAEPEncryptionSET =   'rsaOAEPEncryptionSET';
+  NID_rsaOAEPEncryptionSET =     644;
+  SN_ipsec3 =     'Oakley-EC2N-3';
+  LN_ipsec3 =     'ipsec3';
+  NID_ipsec3 =    749;
+  SN_ipsec4 =     'Oakley-EC2N-4';
+  LN_ipsec4 =     'ipsec4';
+  NID_ipsec4 =    750;
+  SN_whirlpool =    'whirlpool';
+  NID_whirlpool =    804;
+  SN_cryptopro =    'cryptopro';
+  NID_cryptopro =    805;
+  SN_cryptocom =    'cryptocom';
+  NID_cryptocom =    806;
+  SN_id_tc26 =    'id-tc26';
+  NID_id_tc26 =    974;
+  SN_id_GostR3411_94_with_GostR3410_2001 =   'id-GostR3411-94-with-GostR3410-2001';
+  LN_id_GostR3411_94_with_GostR3410_2001 =   'GOST R 34.11-94 with GOST R 34.10-2001';
+  NID_id_GostR3411_94_with_GostR3410_2001 =   807;
+  SN_id_GostR3411_94_with_GostR3410_94 =    'id-GostR3411-94-with-GostR3410-94';
+  LN_id_GostR3411_94_with_GostR3410_94 =    'GOST R 34.11-94 with GOST R 34.10-94';
+  NID_id_GostR3411_94_with_GostR3410_94 =    808;
+  SN_id_GostR3411_94 =    'md_gost94';
+  LN_id_GostR3411_94 =    'GOST R 34.11-94';
+  NID_id_GostR3411_94 =    809;
+  SN_id_HMACGostR3411_94 =   'id-HMACGostR3411-94';
+  LN_id_HMACGostR3411_94 =   'HMAC GOST 34.11-94';
+  NID_id_HMACGostR3411_94 =   810;
+  SN_id_GostR3410_2001 =    'gost2001';
+  LN_id_GostR3410_2001 =    'GOST R 34.10-2001';
+  NID_id_GostR3410_2001 =    811;
+  SN_id_GostR3410_94 =    'gost94';
+  LN_id_GostR3410_94 =    'GOST R 34.10-94';
+  NID_id_GostR3410_94 =    812;
+  SN_id_Gost28147_89 =    'gost89';
+  LN_id_Gost28147_89 =    'GOST 28147-89';
+  NID_id_Gost28147_89 =    813;
+  SN_gost89_cnt =    'gost89-cnt';
+  NID_gost89_cnt =   814;
+  SN_gost89_cnt_12 =     'gost89-cnt-12';
+  NID_gost89_cnt_12 =     975;
+  SN_gost89_cbc =    'gost89-cbc';
+  NID_gost89_cbc =   1009;
+  SN_gost89_ecb =    'gost89-ecb';
+  NID_gost89_ecb =   1010;
+  SN_gost89_ctr =    'gost89-ctr';
+  NID_gost89_ctr =   1011;
+  SN_id_Gost28147_89_MAC =   'gost-mac';
+  LN_id_Gost28147_89_MAC =   'GOST 28147-89 MAC';
+  NID_id_Gost28147_89_MAC =   815;
+  SN_gost_mac_12 =   'gost-mac-12';
+  NID_gost_mac_12 =   976;
+  SN_id_GostR3411_94_prf =   'prf-gostr3411-94';
+  LN_id_GostR3411_94_prf =   'GOST R 34.11-94 PRF';
+  NID_id_GostR3411_94_prf =   816;
+  SN_id_GostR3410_2001DH =   'id-GostR3410-2001DH';
+  LN_id_GostR3410_2001DH =   'GOST R 34.10-2001 DH';
+  NID_id_GostR3410_2001DH =   817;
+  SN_id_GostR3410_94DH =    'id-GostR3410-94DH';
+  LN_id_GostR3410_94DH =    'GOST R 34.10-94 DH';
+  NID_id_GostR3410_94DH =    818;
+  SN_id_Gost28147_89_CryptoPro_KeyMeshing =   'id-Gost28147-89-CryptoPro-KeyMeshing';
+  NID_id_Gost28147_89_CryptoPro_KeyMeshing =     819;
+  SN_id_Gost28147_89_None_KeyMeshing =    'id-Gost28147-89-None-KeyMeshing';
+  NID_id_Gost28147_89_None_KeyMeshing =    820;
+  SN_id_GostR3411_94_TestParamSet =   'id-GostR3411-94-TestParamSet';
+  NID_id_GostR3411_94_TestParamSet =     821;
+  SN_id_GostR3411_94_CryptoProParamSet =    'id-GostR3411-94-CryptoProParamSet';
+  NID_id_GostR3411_94_CryptoProParamSet =    822;
+  SN_id_Gost28147_89_TestParamSet =   'id-Gost28147-89-TestParamSet';
+  NID_id_Gost28147_89_TestParamSet =     823;
+  SN_id_Gost28147_89_CryptoPro_A_ParamSet =   'id-Gost28147-89-CryptoPro-A-ParamSet';
+  NID_id_Gost28147_89_CryptoPro_A_ParamSet =     824;
+  SN_id_Gost28147_89_CryptoPro_B_ParamSet =   'id-Gost28147-89-CryptoPro-B-ParamSet';
+  NID_id_Gost28147_89_CryptoPro_B_ParamSet =     825;
+  SN_id_Gost28147_89_CryptoPro_C_ParamSet =   'id-Gost28147-89-CryptoPro-C-ParamSet';
+  NID_id_Gost28147_89_CryptoPro_C_ParamSet =     826;
+  SN_id_Gost28147_89_CryptoPro_D_ParamSet =   'id-Gost28147-89-CryptoPro-D-ParamSet';
+  NID_id_Gost28147_89_CryptoPro_D_ParamSet =     827;
+  SN_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet =   'id-Gost28147-89-CryptoPro-Oscar-1-1-ParamSet';
+  NID_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet =     828;
+  SN_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet =   'id-Gost28147-89-CryptoPro-Oscar-1-0-ParamSet';
+  NID_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet =     829;
+  SN_id_Gost28147_89_CryptoPro_RIC_1_ParamSet =    'id-Gost28147-89-CryptoPro-RIC-1-ParamSet';
+  NID_id_Gost28147_89_CryptoPro_RIC_1_ParamSet =    830;
+  SN_id_GostR3410_94_TestParamSet =   'id-GostR3410-94-TestParamSet';
+  NID_id_GostR3410_94_TestParamSet =     831;
+  SN_id_GostR3410_94_CryptoPro_A_ParamSet =   'id-GostR3410-94-CryptoPro-A-ParamSet';
+  NID_id_GostR3410_94_CryptoPro_A_ParamSet =     832;
+  SN_id_GostR3410_94_CryptoPro_B_ParamSet =   'id-GostR3410-94-CryptoPro-B-ParamSet';
+  NID_id_GostR3410_94_CryptoPro_B_ParamSet =     833;
+  SN_id_GostR3410_94_CryptoPro_C_ParamSet =   'id-GostR3410-94-CryptoPro-C-ParamSet';
+  NID_id_GostR3410_94_CryptoPro_C_ParamSet =     834;
+  SN_id_GostR3410_94_CryptoPro_D_ParamSet =   'id-GostR3410-94-CryptoPro-D-ParamSet';
+  NID_id_GostR3410_94_CryptoPro_D_ParamSet =     835;
+  SN_id_GostR3410_94_CryptoPro_XchA_ParamSet =    'id-GostR3410-94-CryptoPro-XchA-ParamSet';
+  NID_id_GostR3410_94_CryptoPro_XchA_ParamSet =    836;
+  SN_id_GostR3410_94_CryptoPro_XchB_ParamSet =    'id-GostR3410-94-CryptoPro-XchB-ParamSet';
+  NID_id_GostR3410_94_CryptoPro_XchB_ParamSet =    837;
+  SN_id_GostR3410_94_CryptoPro_XchC_ParamSet =    'id-GostR3410-94-CryptoPro-XchC-ParamSet';
+  NID_id_GostR3410_94_CryptoPro_XchC_ParamSet =    838;
+  SN_id_GostR3410_2001_TestParamSet =     'id-GostR3410-2001-TestParamSet';
+  NID_id_GostR3410_2001_TestParamSet =    839;
+  SN_id_GostR3410_2001_CryptoPro_A_ParamSet =     'id-GostR3410-2001-CryptoPro-A-ParamSet';
+  NID_id_GostR3410_2001_CryptoPro_A_ParamSet =    840;
+  SN_id_GostR3410_2001_CryptoPro_B_ParamSet =     'id-GostR3410-2001-CryptoPro-B-ParamSet';
+  NID_id_GostR3410_2001_CryptoPro_B_ParamSet =    841;
+  SN_id_GostR3410_2001_CryptoPro_C_ParamSet =     'id-GostR3410-2001-CryptoPro-C-ParamSet';
+  NID_id_GostR3410_2001_CryptoPro_C_ParamSet =    842;
+  SN_id_GostR3410_2001_CryptoPro_XchA_ParamSet =    'id-GostR3410-2001-CryptoPro-XchA-ParamSet';
+  NID_id_GostR3410_2001_CryptoPro_XchA_ParamSet =    843;
+  SN_id_GostR3410_2001_CryptoPro_XchB_ParamSet =    'id-GostR3410-2001-CryptoPro-XchB-ParamSet';
+  NID_id_GostR3410_2001_CryptoPro_XchB_ParamSet =    844;
+  SN_id_GostR3410_94_a =    'id-GostR3410-94-a';
+  NID_id_GostR3410_94_a =    845;
+  SN_id_GostR3410_94_aBis =   'id-GostR3410-94-aBis';
+  NID_id_GostR3410_94_aBis =     846;
+  SN_id_GostR3410_94_b =    'id-GostR3410-94-b';
+  NID_id_GostR3410_94_b =    847;
+  SN_id_GostR3410_94_bBis =   'id-GostR3410-94-bBis';
+  NID_id_GostR3410_94_bBis =     848;
+  SN_id_Gost28147_89_cc =    'id-Gost28147-89-cc';
+  LN_id_Gost28147_89_cc =    'GOST 28147-89 Cryptocom ParamSet';
+  NID_id_Gost28147_89_cc =   849;
+  SN_id_GostR3410_94_cc =    'gost94cc';
+  LN_id_GostR3410_94_cc =    'GOST 34.10-94 Cryptocom';
+  NID_id_GostR3410_94_cc =   850;
+  SN_id_GostR3410_2001_cc =   'gost2001cc';
+  LN_id_GostR3410_2001_cc =   'GOST 34.10-2001 Cryptocom';
+  NID_id_GostR3410_2001_cc =     851;
+  SN_id_GostR3411_94_with_GostR3410_94_cc =   'id-GostR3411-94-with-GostR3410-94-cc';
+  LN_id_GostR3411_94_with_GostR3410_94_cc =   'GOST R 34.11-94 with GOST R 34.10-94 Cryptocom';
+  NID_id_GostR3411_94_with_GostR3410_94_cc =     852;
+  SN_id_GostR3411_94_with_GostR3410_2001_cc =     'id-GostR3411-94-with-GostR3410-2001-cc';
+  LN_id_GostR3411_94_with_GostR3410_2001_cc =     'GOST R 34.11-94 with GOST R 34.10-2001 Cryptocom';
+  NID_id_GostR3411_94_with_GostR3410_2001_cc =    853;
+  SN_id_GostR3410_2001_ParamSet_cc =     'id-GostR3410-2001-ParamSet-cc';
+  LN_id_GostR3410_2001_ParamSet_cc =     'GOST R 3410-2001 Parameter Set Cryptocom';
+  NID_id_GostR3410_2001_ParamSet_cc =     854;
+  SN_id_tc26_algorithms =    'id-tc26-algorithms';
+  NID_id_tc26_algorithms =   977;
+  SN_id_tc26_sign =   'id-tc26-sign';
+  NID_id_tc26_sign =     978;
+  SN_id_GostR3410_2012_256 =     'gost2012_256';
+  LN_id_GostR3410_2012_256 =     'GOST R 34.10-2012 with 256 bit modulus';
+  NID_id_GostR3410_2012_256 =     979;
+  SN_id_GostR3410_2012_512 =     'gost2012_512';
+  LN_id_GostR3410_2012_512 =     'GOST R 34.10-2012 with 512 bit modulus';
+  NID_id_GostR3410_2012_512 =     980;
+  SN_id_tc26_digest =     'id-tc26-digest';
+  NID_id_tc26_digest =    981;
+  SN_id_GostR3411_2012_256 =     'md_gost12_256';
+  LN_id_GostR3411_2012_256 =     'GOST R 34.11-2012 with 256 bit hash';
+  NID_id_GostR3411_2012_256 =     982;
+  SN_id_GostR3411_2012_512 =     'md_gost12_512';
+  LN_id_GostR3411_2012_512 =     'GOST R 34.11-2012 with 512 bit hash';
+  NID_id_GostR3411_2012_512 =     983;
+  SN_id_tc26_signwithdigest =     'id-tc26-signwithdigest';
+  NID_id_tc26_signwithdigest =    984;
+  SN_id_tc26_signwithdigest_gost3410_2012_256 =    'id-tc26-signwithdigest-gost3410-2012-256';
+  LN_id_tc26_signwithdigest_gost3410_2012_256 =    'GOST R 34.10-2012 with GOST R 34.11-2012(256 bit)';
+  NID_id_tc26_signwithdigest_gost3410_2012_256 =    985;
+  SN_id_tc26_signwithdigest_gost3410_2012_512 =    'id-tc26-signwithdigest-gost3410-2012-512';
+  LN_id_tc26_signwithdigest_gost3410_2012_512 =    'GOST R 34.10-2012 with GOST R 34.11-2012(512 bit)';
+  NID_id_tc26_signwithdigest_gost3410_2012_512 =    986;
+  SN_id_tc26_mac =   'id-tc26-mac';
+  NID_id_tc26_mac =   987;
+  SN_id_tc26_hmac_gost_3411_2012_256 =    'id-tc26-hmac-gost-3411-2012-256';
+  LN_id_tc26_hmac_gost_3411_2012_256 =    'HMAC GOST 34.11-2012 256 bit';
+  NID_id_tc26_hmac_gost_3411_2012_256 =    988;
+  SN_id_tc26_hmac_gost_3411_2012_512 =    'id-tc26-hmac-gost-3411-2012-512';
+  LN_id_tc26_hmac_gost_3411_2012_512 =    'HMAC GOST 34.11-2012 512 bit';
+  NID_id_tc26_hmac_gost_3411_2012_512 =    989;
+  SN_id_tc26_cipher =     'id-tc26-cipher';
+  NID_id_tc26_cipher =    990;
+  SN_id_tc26_cipher_gostr3412_2015_magma =   'id-tc26-cipher-gostr3412-2015-magma';
+  NID_id_tc26_cipher_gostr3412_2015_magma =   1173;
+  SN_id_tc26_cipher_gostr3412_2015_magma_ctracpkm =   'id-tc26-cipher-gostr3412-2015-magma-ctracpkm';
+  NID_id_tc26_cipher_gostr3412_2015_magma_ctracpkm =     1174;
+  SN_id_tc26_cipher_gostr3412_2015_magma_ctracpkm_omac =    'id-tc26-cipher-gostr3412-2015-magma-ctracpkm-omac';
+  NID_id_tc26_cipher_gostr3412_2015_magma_ctracpkm_omac =    1175;
+  SN_id_tc26_cipher_gostr3412_2015_kuznyechik =    'id-tc26-cipher-gostr3412-2015-kuznyechik';
+  NID_id_tc26_cipher_gostr3412_2015_kuznyechik =    1176;
+  SN_id_tc26_cipher_gostr3412_2015_kuznyechik_ctracpkm =    'id-tc26-cipher-gostr3412-2015-kuznyechik-ctracpkm';
+  NID_id_tc26_cipher_gostr3412_2015_kuznyechik_ctracpkm =    1177;
+  SN_id_tc26_cipher_gostr3412_2015_kuznyechik_ctracpkm_omac =     'id-tc26-cipher-gostr3412-2015-kuznyechik-ctracpkm-omac';
+  NID_id_tc26_cipher_gostr3412_2015_kuznyechik_ctracpkm_omac =    1178;
+  SN_id_tc26_agreement =    'id-tc26-agreement';
+  NID_id_tc26_agreement =    991;
+  SN_id_tc26_agreement_gost_3410_2012_256 =   'id-tc26-agreement-gost-3410-2012-256';
+  NID_id_tc26_agreement_gost_3410_2012_256 =     992;
+  SN_id_tc26_agreement_gost_3410_2012_512 =   'id-tc26-agreement-gost-3410-2012-512';
+  NID_id_tc26_agreement_gost_3410_2012_512 =     993;
+  SN_id_tc26_wrap =   'id-tc26-wrap';
+  NID_id_tc26_wrap =     1179;
+  SN_id_tc26_wrap_gostr3412_2015_magma =    'id-tc26-wrap-gostr3412-2015-magma';
+  NID_id_tc26_wrap_gostr3412_2015_magma =    1180;
+  SN_id_tc26_wrap_gostr3412_2015_magma_kexp15 =    'id-tc26-wrap-gostr3412-2015-magma-kexp15';
+  NID_id_tc26_wrap_gostr3412_2015_magma_kexp15 =    1181;
+  SN_id_tc26_wrap_gostr3412_2015_kuznyechik =     'id-tc26-wrap-gostr3412-2015-kuznyechik';
+  NID_id_tc26_wrap_gostr3412_2015_kuznyechik =    1182;
+  SN_id_tc26_wrap_gostr3412_2015_kuznyechik_kexp15 =     'id-tc26-wrap-gostr3412-2015-kuznyechik-kexp15';
+  NID_id_tc26_wrap_gostr3412_2015_kuznyechik_kexp15 =     1183;
+  SN_id_tc26_constants =    'id-tc26-constants';
+  NID_id_tc26_constants =    994;
+  SN_id_tc26_sign_constants =     'id-tc26-sign-constants';
+  NID_id_tc26_sign_constants =    995;
+  SN_id_tc26_gost_3410_2012_256_constants =   'id-tc26-gost-3410-2012-256-constants';
+  NID_id_tc26_gost_3410_2012_256_constants =     1147;
+  SN_id_tc26_gost_3410_2012_256_paramSetA =   'id-tc26-gost-3410-2012-256-paramSetA';
+  LN_id_tc26_gost_3410_2012_256_paramSetA =   'GOST R 34.10-2012(256 bit)ParamSet A';
+  NID_id_tc26_gost_3410_2012_256_paramSetA =     1148;
+  SN_id_tc26_gost_3410_2012_256_paramSetB =   'id-tc26-gost-3410-2012-256-paramSetB';
+  LN_id_tc26_gost_3410_2012_256_paramSetB =   'GOST R 34.10-2012(256 bit)ParamSet B';
+  NID_id_tc26_gost_3410_2012_256_paramSetB =     1184;
+  SN_id_tc26_gost_3410_2012_256_paramSetC =   'id-tc26-gost-3410-2012-256-paramSetC';
+  LN_id_tc26_gost_3410_2012_256_paramSetC =   'GOST R 34.10-2012(256 bit)ParamSet C';
+  NID_id_tc26_gost_3410_2012_256_paramSetC =     1185;
+  SN_id_tc26_gost_3410_2012_256_paramSetD =   'id-tc26-gost-3410-2012-256-paramSetD';
+  LN_id_tc26_gost_3410_2012_256_paramSetD =   'GOST R 34.10-2012(256 bit)ParamSet D';
+  NID_id_tc26_gost_3410_2012_256_paramSetD =     1186;
+  SN_id_tc26_gost_3410_2012_512_constants =   'id-tc26-gost-3410-2012-512-constants';
+  NID_id_tc26_gost_3410_2012_512_constants =     996;
+  SN_id_tc26_gost_3410_2012_512_paramSetTest =    'id-tc26-gost-3410-2012-512-paramSetTest';
+  LN_id_tc26_gost_3410_2012_512_paramSetTest =    'GOST R 34.10-2012(512 bit)testing parameter set';
+  NID_id_tc26_gost_3410_2012_512_paramSetTest =    997;
+  SN_id_tc26_gost_3410_2012_512_paramSetA =   'id-tc26-gost-3410-2012-512-paramSetA';
+  LN_id_tc26_gost_3410_2012_512_paramSetA =   'GOST R 34.10-2012(512 bit)ParamSet A';
+  NID_id_tc26_gost_3410_2012_512_paramSetA =     998;
+  SN_id_tc26_gost_3410_2012_512_paramSetB =   'id-tc26-gost-3410-2012-512-paramSetB';
+  LN_id_tc26_gost_3410_2012_512_paramSetB =   'GOST R 34.10-2012(512 bit)ParamSet B';
+  NID_id_tc26_gost_3410_2012_512_paramSetB =     999;
+  SN_id_tc26_gost_3410_2012_512_paramSetC =   'id-tc26-gost-3410-2012-512-paramSetC';
+  LN_id_tc26_gost_3410_2012_512_paramSetC =   'GOST R 34.10-2012(512 bit)ParamSet C';
+  NID_id_tc26_gost_3410_2012_512_paramSetC =     1149;
+  SN_id_tc26_digest_constants =    'id-tc26-digest-constants';
+  NID_id_tc26_digest_constants =    1000;
+  SN_id_tc26_cipher_constants =    'id-tc26-cipher-constants';
+  NID_id_tc26_cipher_constants =    1001;
+  SN_id_tc26_gost_28147_constants =   'id-tc26-gost-28147-constants';
+  NID_id_tc26_gost_28147_constants =     1002;
+  SN_id_tc26_gost_28147_param_Z =    'id-tc26-gost-28147-param-Z';
+  LN_id_tc26_gost_28147_param_Z =    'GOST 28147-89 TC26 parameter set';
+  NID_id_tc26_gost_28147_param_Z =   1003;
+  SN_INN =   'INN';
+  LN_INN =   'INN';
+  NID_INN =   1004;
+  SN_OGRN =   'OGRN';
+  LN_OGRN =   'OGRN';
+  NID_OGRN =     1005;
+  SN_SNILS =     'SNILS';
+  LN_SNILS =     'SNILS';
+  NID_SNILS =     1006;
+  SN_subjectSignTool =    'subjectSignTool';
+  LN_subjectSignTool =    'Signing Tool of Subject';
+  NID_subjectSignTool =    1007;
+  SN_issuerSignTool =     'issuerSignTool';
+  LN_issuerSignTool =     'Signing Tool of Issuer';
+  NID_issuerSignTool =    1008;
+  SN_grasshopper_ecb =    'grasshopper-ecb';
+  NID_grasshopper_ecb =    1012;
+  SN_grasshopper_ctr =    'grasshopper-ctr';
+  NID_grasshopper_ctr =    1013;
+  SN_grasshopper_ofb =    'grasshopper-ofb';
+  NID_grasshopper_ofb =    1014;
+  SN_grasshopper_cbc =    'grasshopper-cbc';
+  NID_grasshopper_cbc =    1015;
+  SN_grasshopper_cfb =    'grasshopper-cfb';
+  NID_grasshopper_cfb =    1016;
+  SN_grasshopper_mac =    'grasshopper-mac';
+  NID_grasshopper_mac =    1017;
+  SN_magma_ecb =    'magma-ecb';
+  NID_magma_ecb =    1187;
+  SN_magma_ctr =    'magma-ctr';
+  NID_magma_ctr =    1188;
+  SN_magma_ofb =    'magma-ofb';
+  NID_magma_ofb =    1189;
+  SN_magma_cbc =    'magma-cbc';
+  NID_magma_cbc =    1190;
+  SN_magma_cfb =    'magma-cfb';
+  NID_magma_cfb =    1191;
+  SN_magma_mac =    'magma-mac';
+  NID_magma_mac =    1192;
+  SN_camellia_128_cbc =    'CAMELLIA-128-CBC';
+  LN_camellia_128_cbc =    'camellia-128-cbc';
+  NID_camellia_128_cbc =    751;
+  SN_camellia_192_cbc =    'CAMELLIA-192-CBC';
+  LN_camellia_192_cbc =    'camellia-192-cbc';
+  NID_camellia_192_cbc =    752;
+  SN_camellia_256_cbc =    'CAMELLIA-256-CBC';
+  LN_camellia_256_cbc =    'camellia-256-cbc';
+  NID_camellia_256_cbc =    753;
+  SN_id_camellia128_wrap =   'id-camellia128-wrap';
+  NID_id_camellia128_wrap =   907;
+  SN_id_camellia192_wrap =   'id-camellia192-wrap';
+  NID_id_camellia192_wrap =   908;
+  SN_id_camellia256_wrap =   'id-camellia256-wrap';
+  NID_id_camellia256_wrap =   909;
+  SN_camellia_128_ecb =    'CAMELLIA-128-ECB';
+  LN_camellia_128_ecb =    'camellia-128-ecb';
+  NID_camellia_128_ecb =    754;
+  SN_camellia_128_ofb128 =   'CAMELLIA-128-OFB';
+  LN_camellia_128_ofb128 =   'camellia-128-ofb';
+  NID_camellia_128_ofb128 =   766;
+  SN_camellia_128_cfb128 =   'CAMELLIA-128-CFB';
+  LN_camellia_128_cfb128 =   'camellia-128-cfb';
+  NID_camellia_128_cfb128 =   757;
+  SN_camellia_128_gcm =    'CAMELLIA-128-GCM';
+  LN_camellia_128_gcm =    'camellia-128-gcm';
+  NID_camellia_128_gcm =    961;
+  SN_camellia_128_ccm =    'CAMELLIA-128-CCM';
+  LN_camellia_128_ccm =    'camellia-128-ccm';
+  NID_camellia_128_ccm =    962;
+  SN_camellia_128_ctr =    'CAMELLIA-128-CTR';
+  LN_camellia_128_ctr =    'camellia-128-ctr';
+  NID_camellia_128_ctr =    963;
+  SN_camellia_128_cmac =    'CAMELLIA-128-CMAC';
+  LN_camellia_128_cmac =    'camellia-128-cmac';
+  NID_camellia_128_cmac =    964;
+  SN_camellia_192_ecb =    'CAMELLIA-192-ECB';
+  LN_camellia_192_ecb =    'camellia-192-ecb';
+  NID_camellia_192_ecb =    755;
+  SN_camellia_192_ofb128 =   'CAMELLIA-192-OFB';
+  LN_camellia_192_ofb128 =   'camellia-192-ofb';
+  NID_camellia_192_ofb128 =   767;
+  SN_camellia_192_cfb128 =   'CAMELLIA-192-CFB';
+  LN_camellia_192_cfb128 =   'camellia-192-cfb';
+  NID_camellia_192_cfb128 =   758;
+  SN_camellia_192_gcm =    'CAMELLIA-192-GCM';
+  LN_camellia_192_gcm =    'camellia-192-gcm';
+  NID_camellia_192_gcm =    965;
+  SN_camellia_192_ccm =    'CAMELLIA-192-CCM';
+  LN_camellia_192_ccm =    'camellia-192-ccm';
+  NID_camellia_192_ccm =    966;
+  SN_camellia_192_ctr =    'CAMELLIA-192-CTR';
+  LN_camellia_192_ctr =    'camellia-192-ctr';
+  NID_camellia_192_ctr =    967;
+  SN_camellia_192_cmac =    'CAMELLIA-192-CMAC';
+  LN_camellia_192_cmac =    'camellia-192-cmac';
+  NID_camellia_192_cmac =    968;
+  SN_camellia_256_ecb =    'CAMELLIA-256-ECB';
+  LN_camellia_256_ecb =    'camellia-256-ecb';
+  NID_camellia_256_ecb =    756;
+  SN_camellia_256_ofb128 =   'CAMELLIA-256-OFB';
+  LN_camellia_256_ofb128 =   'camellia-256-ofb';
+  NID_camellia_256_ofb128 =   768;
+  SN_camellia_256_cfb128 =   'CAMELLIA-256-CFB';
+  LN_camellia_256_cfb128 =   'camellia-256-cfb';
+  NID_camellia_256_cfb128 =   759;
+  SN_camellia_256_gcm =    'CAMELLIA-256-GCM';
+  LN_camellia_256_gcm =    'camellia-256-gcm';
+  NID_camellia_256_gcm =    969;
+  SN_camellia_256_ccm =    'CAMELLIA-256-CCM';
+  LN_camellia_256_ccm =    'camellia-256-ccm';
+  NID_camellia_256_ccm =    970;
+  SN_camellia_256_ctr =    'CAMELLIA-256-CTR';
+  LN_camellia_256_ctr =    'camellia-256-ctr';
+  NID_camellia_256_ctr =    971;
+  SN_camellia_256_cmac =    'CAMELLIA-256-CMAC';
+  LN_camellia_256_cmac =    'camellia-256-cmac';
+  NID_camellia_256_cmac =    972;
+  SN_camellia_128_cfb1 =    'CAMELLIA-128-CFB1';
+  LN_camellia_128_cfb1 =    'camellia-128-cfb1';
+  NID_camellia_128_cfb1 =    760;
+  SN_camellia_192_cfb1 =    'CAMELLIA-192-CFB1';
+  LN_camellia_192_cfb1 =    'camellia-192-cfb1';
+  NID_camellia_192_cfb1 =    761;
+  SN_camellia_256_cfb1 =    'CAMELLIA-256-CFB1';
+  LN_camellia_256_cfb1 =    'camellia-256-cfb1';
+  NID_camellia_256_cfb1 =    762;
+  SN_camellia_128_cfb8 =    'CAMELLIA-128-CFB8';
+  LN_camellia_128_cfb8 =    'camellia-128-cfb8';
+  NID_camellia_128_cfb8 =    763;
+  SN_camellia_192_cfb8 =    'CAMELLIA-192-CFB8';
+  LN_camellia_192_cfb8 =    'camellia-192-cfb8';
+  NID_camellia_192_cfb8 =    764;
+  SN_camellia_256_cfb8 =    'CAMELLIA-256-CFB8';
+  LN_camellia_256_cfb8 =    'camellia-256-cfb8';
+  NID_camellia_256_cfb8 =    765;
+  SN_aria_128_ecb =   'ARIA-128-ECB';
+  LN_aria_128_ecb =   'aria-128-ecb';
+  NID_aria_128_ecb =     1065;
+  SN_aria_128_cbc =   'ARIA-128-CBC';
+  LN_aria_128_cbc =   'aria-128-cbc';
+  NID_aria_128_cbc =     1066;
+  SN_aria_128_cfb128 =    'ARIA-128-CFB';
+  LN_aria_128_cfb128 =    'aria-128-cfb';
+  NID_aria_128_cfb128 =    1067;
+  SN_aria_128_ofb128 =    'ARIA-128-OFB';
+  LN_aria_128_ofb128 =    'aria-128-ofb';
+  NID_aria_128_ofb128 =    1068;
+  SN_aria_128_ctr =   'ARIA-128-CTR';
+  LN_aria_128_ctr =   'aria-128-ctr';
+  NID_aria_128_ctr =     1069;
+  SN_aria_192_ecb =   'ARIA-192-ECB';
+  LN_aria_192_ecb =   'aria-192-ecb';
+  NID_aria_192_ecb =     1070;
+  SN_aria_192_cbc =   'ARIA-192-CBC';
+  LN_aria_192_cbc =   'aria-192-cbc';
+  NID_aria_192_cbc =     1071;
+  SN_aria_192_cfb128 =    'ARIA-192-CFB';
+  LN_aria_192_cfb128 =    'aria-192-cfb';
+  NID_aria_192_cfb128 =    1072;
+  SN_aria_192_ofb128 =    'ARIA-192-OFB';
+  LN_aria_192_ofb128 =    'aria-192-ofb';
+  NID_aria_192_ofb128 =    1073;
+  SN_aria_192_ctr =   'ARIA-192-CTR';
+  LN_aria_192_ctr =   'aria-192-ctr';
+  NID_aria_192_ctr =     1074;
+  SN_aria_256_ecb =   'ARIA-256-ECB';
+  LN_aria_256_ecb =   'aria-256-ecb';
+  NID_aria_256_ecb =     1075;
+  SN_aria_256_cbc =   'ARIA-256-CBC';
+  LN_aria_256_cbc =   'aria-256-cbc';
+  NID_aria_256_cbc =     1076;
+  SN_aria_256_cfb128 =    'ARIA-256-CFB';
+  LN_aria_256_cfb128 =    'aria-256-cfb';
+  NID_aria_256_cfb128 =    1077;
+  SN_aria_256_ofb128 =    'ARIA-256-OFB';
+  LN_aria_256_ofb128 =    'aria-256-ofb';
+  NID_aria_256_ofb128 =    1078;
+  SN_aria_256_ctr =   'ARIA-256-CTR';
+  LN_aria_256_ctr =   'aria-256-ctr';
+  NID_aria_256_ctr =     1079;
+  SN_aria_128_cfb1 =     'ARIA-128-CFB1';
+  LN_aria_128_cfb1 =     'aria-128-cfb1';
+  NID_aria_128_cfb1 =     1080;
+  SN_aria_192_cfb1 =     'ARIA-192-CFB1';
+  LN_aria_192_cfb1 =     'aria-192-cfb1';
+  NID_aria_192_cfb1 =     1081;
+  SN_aria_256_cfb1 =     'ARIA-256-CFB1';
+  LN_aria_256_cfb1 =     'aria-256-cfb1';
+  NID_aria_256_cfb1 =     1082;
+  SN_aria_128_cfb8 =     'ARIA-128-CFB8';
+  LN_aria_128_cfb8 =     'aria-128-cfb8';
+  NID_aria_128_cfb8 =     1083;
+  SN_aria_192_cfb8 =     'ARIA-192-CFB8';
+  LN_aria_192_cfb8 =     'aria-192-cfb8';
+  NID_aria_192_cfb8 =     1084;
+  SN_aria_256_cfb8 =     'ARIA-256-CFB8';
+  LN_aria_256_cfb8 =     'aria-256-cfb8';
+  NID_aria_256_cfb8 =     1085;
+  SN_aria_128_ccm =   'ARIA-128-CCM';
+  LN_aria_128_ccm =   'aria-128-ccm';
+  NID_aria_128_ccm =     1120;
+  SN_aria_192_ccm =   'ARIA-192-CCM';
+  LN_aria_192_ccm =   'aria-192-ccm';
+  NID_aria_192_ccm =     1121;
+  SN_aria_256_ccm =   'ARIA-256-CCM';
+  LN_aria_256_ccm =   'aria-256-ccm';
+  NID_aria_256_ccm =     1122;
+  SN_aria_128_gcm =   'ARIA-128-GCM';
+  LN_aria_128_gcm =   'aria-128-gcm';
+  NID_aria_128_gcm =     1123;
+  SN_aria_192_gcm =   'ARIA-192-GCM';
+  LN_aria_192_gcm =   'aria-192-gcm';
+  NID_aria_192_gcm =     1124;
+  SN_aria_256_gcm =   'ARIA-256-GCM';
+  LN_aria_256_gcm =   'aria-256-gcm';
+  NID_aria_256_gcm =     1125;
+  SN_kisa =   'KISA';
+  LN_kisa =   'kisa';
+  NID_kisa =     773;
+  SN_seed_ecb =    'SEED-ECB';
+  LN_seed_ecb =    'seed-ecb';
+  NID_seed_ecb =    776;
+  SN_seed_cbc =    'SEED-CBC';
+  LN_seed_cbc =    'seed-cbc';
+  NID_seed_cbc =    777;
+  SN_seed_cfb128 =   'SEED-CFB';
+  LN_seed_cfb128 =   'seed-cfb';
+  NID_seed_cfb128 =   779;
+  SN_seed_ofb128 =   'SEED-OFB';
+  LN_seed_ofb128 =   'seed-ofb';
+  NID_seed_ofb128 =   778;
+  SN_sm4_ecb =    'SM4-ECB';
+  LN_sm4_ecb =    'sm4-ecb';
+  NID_sm4_ecb =    1133;
+  SN_sm4_cbc =    'SM4-CBC';
+  LN_sm4_cbc =    'sm4-cbc';
+  NID_sm4_cbc =    1134;
+  SN_sm4_ofb128 =    'SM4-OFB';
+  LN_sm4_ofb128 =    'sm4-ofb';
+  NID_sm4_ofb128 =   1135;
+  SN_sm4_cfb128 =    'SM4-CFB';
+  LN_sm4_cfb128 =    'sm4-cfb';
+  NID_sm4_cfb128 =   1137;
+  SN_sm4_cfb1 =    'SM4-CFB1';
+  LN_sm4_cfb1 =    'sm4-cfb1';
+  NID_sm4_cfb1 =    1136;
+  SN_sm4_cfb8 =    'SM4-CFB8';
+  LN_sm4_cfb8 =    'sm4-cfb8';
+  NID_sm4_cfb8 =    1138;
+  SN_sm4_ctr =    'SM4-CTR';
+  LN_sm4_ctr =    'sm4-ctr';
+  NID_sm4_ctr =    1139;
+  SN_hmac =   'HMAC';
+  LN_hmac =   'hmac';
+  NID_hmac =     855;
+  SN_cmac =   'CMAC';
+  LN_cmac =   'cmac';
+  NID_cmac =     894;
+  SN_rc4_hmac_md5 =   'RC4-HMAC-MD5';
+  LN_rc4_hmac_md5 =   'rc4-hmac-md5';
+  NID_rc4_hmac_md5 =     915;
+  SN_aes_128_cbc_hmac_sha1 =     'AES-128-CBC-HMAC-SHA1';
+  LN_aes_128_cbc_hmac_sha1 =     'aes-128-cbc-hmac-sha1';
+  NID_aes_128_cbc_hmac_sha1 =     916;
+  SN_aes_192_cbc_hmac_sha1 =     'AES-192-CBC-HMAC-SHA1';
+  LN_aes_192_cbc_hmac_sha1 =     'aes-192-cbc-hmac-sha1';
+  NID_aes_192_cbc_hmac_sha1 =     917;
+  SN_aes_256_cbc_hmac_sha1 =     'AES-256-CBC-HMAC-SHA1';
+  LN_aes_256_cbc_hmac_sha1 =     'aes-256-cbc-hmac-sha1';
+  NID_aes_256_cbc_hmac_sha1 =     918;
+  SN_aes_128_cbc_hmac_sha256 =    'AES-128-CBC-HMAC-SHA256';
+  LN_aes_128_cbc_hmac_sha256 =    'aes-128-cbc-hmac-sha256';
+  NID_aes_128_cbc_hmac_sha256 =    948;
+  SN_aes_192_cbc_hmac_sha256 =    'AES-192-CBC-HMAC-SHA256';
+  LN_aes_192_cbc_hmac_sha256 =    'aes-192-cbc-hmac-sha256';
+  NID_aes_192_cbc_hmac_sha256 =    949;
+  SN_aes_256_cbc_hmac_sha256 =    'AES-256-CBC-HMAC-SHA256';
+  LN_aes_256_cbc_hmac_sha256 =    'aes-256-cbc-hmac-sha256';
+  NID_aes_256_cbc_hmac_sha256 =    950;
+  SN_chacha20_poly1305 =    'ChaCha20-Poly1305';
+  LN_chacha20_poly1305 =    'chacha20-poly1305';
+  NID_chacha20_poly1305 =    1018;
+  SN_chacha20 =    'ChaCha20';
+  LN_chacha20 =    'chacha20';
+  NID_chacha20 =    1019;
+  SN_dhpublicnumber =     'dhpublicnumber';
+  LN_dhpublicnumber =     'X9.42 DH';
+  NID_dhpublicnumber =    920;
+  SN_brainpoolP160r1 =    'brainpoolP160r1';
+  NID_brainpoolP160r1 =    921;
+  SN_brainpoolP160t1 =    'brainpoolP160t1';
+  NID_brainpoolP160t1 =    922;
+  SN_brainpoolP192r1 =    'brainpoolP192r1';
+  NID_brainpoolP192r1 =    923;
+  SN_brainpoolP192t1 =    'brainpoolP192t1';
+  NID_brainpoolP192t1 =    924;
+  SN_brainpoolP224r1 =    'brainpoolP224r1';
+  NID_brainpoolP224r1 =    925;
+  SN_brainpoolP224t1 =    'brainpoolP224t1';
+  NID_brainpoolP224t1 =    926;
+  SN_brainpoolP256r1 =    'brainpoolP256r1';
+  NID_brainpoolP256r1 =    927;
+  SN_brainpoolP256t1 =    'brainpoolP256t1';
+  NID_brainpoolP256t1 =    928;
+  SN_brainpoolP320r1 =    'brainpoolP320r1';
+  NID_brainpoolP320r1 =    929;
+  SN_brainpoolP320t1 =    'brainpoolP320t1';
+  NID_brainpoolP320t1 =    930;
+  SN_brainpoolP384r1 =    'brainpoolP384r1';
+  NID_brainpoolP384r1 =    931;
+  SN_brainpoolP384t1 =    'brainpoolP384t1';
+  NID_brainpoolP384t1 =    932;
+  SN_brainpoolP512r1 =    'brainpoolP512r1';
+  NID_brainpoolP512r1 =    933;
+  SN_brainpoolP512t1 =    'brainpoolP512t1';
+  NID_brainpoolP512t1 =    934;
+  SN_dhSinglePass_stdDH_sha1kdf_scheme =    'dhSinglePass-stdDH-sha1kdf-scheme';
+  NID_dhSinglePass_stdDH_sha1kdf_scheme =    936;
+  SN_dhSinglePass_stdDH_sha224kdf_scheme =   'dhSinglePass-stdDH-sha224kdf-scheme';
+  NID_dhSinglePass_stdDH_sha224kdf_scheme =   937;
+  SN_dhSinglePass_stdDH_sha256kdf_scheme =   'dhSinglePass-stdDH-sha256kdf-scheme';
+  NID_dhSinglePass_stdDH_sha256kdf_scheme =   938;
+  SN_dhSinglePass_stdDH_sha384kdf_scheme =   'dhSinglePass-stdDH-sha384kdf-scheme';
+  NID_dhSinglePass_stdDH_sha384kdf_scheme =   939;
+  SN_dhSinglePass_stdDH_sha512kdf_scheme =   'dhSinglePass-stdDH-sha512kdf-scheme';
+  NID_dhSinglePass_stdDH_sha512kdf_scheme =   940;
+  SN_dhSinglePass_cofactorDH_sha1kdf_scheme =     'dhSinglePass-cofactorDH-sha1kdf-scheme';
+  NID_dhSinglePass_cofactorDH_sha1kdf_scheme =    941;
+  SN_dhSinglePass_cofactorDH_sha224kdf_scheme =    'dhSinglePass-cofactorDH-sha224kdf-scheme';
+  NID_dhSinglePass_cofactorDH_sha224kdf_scheme =    942;
+  SN_dhSinglePass_cofactorDH_sha256kdf_scheme =    'dhSinglePass-cofactorDH-sha256kdf-scheme';
+  NID_dhSinglePass_cofactorDH_sha256kdf_scheme =    943;
+  SN_dhSinglePass_cofactorDH_sha384kdf_scheme =    'dhSinglePass-cofactorDH-sha384kdf-scheme';
+  NID_dhSinglePass_cofactorDH_sha384kdf_scheme =    944;
+  SN_dhSinglePass_cofactorDH_sha512kdf_scheme =    'dhSinglePass-cofactorDH-sha512kdf-scheme';
+  NID_dhSinglePass_cofactorDH_sha512kdf_scheme =    945;
+  SN_dh_std_kdf =    'dh-std-kdf';
+  NID_dh_std_kdf =   946;
+  SN_dh_cofactor_kdf =    'dh-cofactor-kdf';
+  NID_dh_cofactor_kdf =    947;
+  SN_ct_precert_scts =    'ct_precert_scts';
+  LN_ct_precert_scts =    'CT Precertificate SCTs';
+  NID_ct_precert_scts =    951;
+  SN_ct_precert_poison =    'ct_precert_poison';
+  LN_ct_precert_poison =    'CT Precertificate Poison';
+  NID_ct_precert_poison =    952;
+  SN_ct_precert_signer =    'ct_precert_signer';
+  LN_ct_precert_signer =    'CT Precertificate Signer';
+  NID_ct_precert_signer =    953;
+  SN_ct_cert_scts =   'ct_cert_scts';
+  LN_ct_cert_scts =   'CT Certificate SCTs';
+  NID_ct_cert_scts =     954;
+  SN_jurisdictionLocalityName =    'jurisdictionL';
+  LN_jurisdictionLocalityName =    'jurisdictionLocalityName';
+  NID_jurisdictionLocalityName =    955;
+  SN_jurisdictionStateOrProvinceName =    'jurisdictionST';
+  LN_jurisdictionStateOrProvinceName =    'jurisdictionStateOrProvinceName';
+  NID_jurisdictionStateOrProvinceName =    956;
+  SN_jurisdictionCountryName =    'jurisdictionC';
+  LN_jurisdictionCountryName =    'jurisdictionCountryName';
+  NID_jurisdictionCountryName =    957;
+  SN_id_scrypt =    'id-scrypt';
+  LN_id_scrypt =    'scrypt';
+  NID_id_scrypt =    973;
+  SN_tls1_prf =    'TLS1-PRF';
+  LN_tls1_prf =    'tls1-prf';
+  NID_tls1_prf =    1021;
+  SN_hkdf =   'HKDF';
+  LN_hkdf =   'hkdf';
+  NID_hkdf =     1036;
+  SN_id_pkinit =    'id-pkinit';
+  NID_id_pkinit =    1031;
+  SN_pkInitClientAuth =    'pkInitClientAuth';
+  LN_pkInitClientAuth =    'PKINIT Client Auth';
+  NID_pkInitClientAuth =    1032;
+  SN_pkInitKDC =    'pkInitKDC';
+  LN_pkInitKDC =    'Signing KDC Response';
+  NID_pkInitKDC =    1033;
+  SN_X25519 =     'X25519';
+  NID_X25519 =    1034;
+  SN_X448 =   'X448';
+  NID_X448 =     1035;
+  SN_ED25519 =    'ED25519';
+  NID_ED25519 =    1087;
+  SN_ED448 =     'ED448';
+  NID_ED448 =     1088;
+  SN_kx_rsa =     'KxRSA';
+  LN_kx_rsa =     'kx-rsa';
+  NID_kx_rsa =    1037;
+  SN_kx_ecdhe =    'KxECDHE';
+  LN_kx_ecdhe =    'kx-ecdhe';
+  NID_kx_ecdhe =    1038;
+  SN_kx_dhe =     'KxDHE';
+  LN_kx_dhe =     'kx-dhe';
+  NID_kx_dhe =    1039;
+  SN_kx_ecdhe_psk =   'KxECDHE-PSK';
+  LN_kx_ecdhe_psk =   'kx-ecdhe-psk';
+  NID_kx_ecdhe_psk =     1040;
+  SN_kx_dhe_psk =    'KxDHE-PSK';
+  LN_kx_dhe_psk =    'kx-dhe-psk';
+  NID_kx_dhe_psk =   1041;
+  SN_kx_rsa_psk =    'KxRSA_PSK';
+  LN_kx_rsa_psk =    'kx-rsa-psk';
+  NID_kx_rsa_psk =   1042;
+  SN_kx_psk =     'KxPSK';
+  LN_kx_psk =     'kx-psk';
+  NID_kx_psk =    1043;
+  SN_kx_srp =     'KxSRP';
+  LN_kx_srp =     'kx-srp';
+  NID_kx_srp =    1044;
+  SN_kx_gost =    'KxGOST';
+  LN_kx_gost =    'kx-gost';
+  NID_kx_gost =    1045;
+  SN_kx_any =     'KxANY';
+  LN_kx_any =     'kx-any';
+  NID_kx_any =    1063;
+  SN_auth_rsa =    'AuthRSA';
+  LN_auth_rsa =    'auth-rsa';
+  NID_auth_rsa =    1046;
+  SN_auth_ecdsa =    'AuthECDSA';
+  LN_auth_ecdsa =    'auth-ecdsa';
+  NID_auth_ecdsa =   1047;
+  SN_auth_psk =    'AuthPSK';
+  LN_auth_psk =    'auth-psk';
+  NID_auth_psk =    1048;
+  SN_auth_dss =    'AuthDSS';
+  LN_auth_dss =    'auth-dss';
+  NID_auth_dss =    1049;
+  SN_auth_gost01 =   'AuthGOST01';
+  LN_auth_gost01 =   'auth-gost01';
+  NID_auth_gost01 =   1050;
+  SN_auth_gost12 =   'AuthGOST12';
+  LN_auth_gost12 =   'auth-gost12';
+  NID_auth_gost12 =   1051;
+  SN_auth_srp =    'AuthSRP';
+  LN_auth_srp =    'auth-srp';
+  NID_auth_srp =    1052;
+  SN_auth_null =    'AuthNULL';
+  LN_auth_null =    'auth-null';
+  NID_auth_null =    1053;
+  SN_auth_any =    'AuthANY';
+  LN_auth_any =    'auth-any';
+  NID_auth_any =    1064;
+  SN_poly1305 =    'Poly1305';
+  LN_poly1305 =    'poly1305';
+  NID_poly1305 =    1061;
+  SN_siphash =    'SipHash';
+  LN_siphash =    'siphash';
+  NID_siphash =    1062;
+  SN_ffdhe2048 =    'ffdhe2048';
+  NID_ffdhe2048 =    1126;
+  SN_ffdhe3072 =    'ffdhe3072';
+  NID_ffdhe3072 =    1127;
+  SN_ffdhe4096 =    'ffdhe4096';
+  NID_ffdhe4096 =    1128;
+  SN_ffdhe6144 =    'ffdhe6144';
+  NID_ffdhe6144 =    1129;
+  SN_ffdhe8192 =    'ffdhe8192';
+  NID_ffdhe8192 =    1130;
+  SN_ISO_UA =     'ISO-UA';
+  NID_ISO_UA =    1150;
+  SN_ua_pki =     'ua-pki';
+  NID_ua_pki =    1151;
+  SN_dstu28147 =    'dstu28147';
+  LN_dstu28147 =    'DSTU Gost 28147-2009';
+  NID_dstu28147 =    1152;
+  SN_dstu28147_ofb =     'dstu28147-ofb';
+  LN_dstu28147_ofb =     'DSTU Gost 28147-2009 OFB mode';
+  NID_dstu28147_ofb =     1153;
+  SN_dstu28147_cfb =     'dstu28147-cfb';
+  LN_dstu28147_cfb =     'DSTU Gost 28147-2009 CFB mode';
+  NID_dstu28147_cfb =     1154;
+  SN_dstu28147_wrap =     'dstu28147-wrap';
+  LN_dstu28147_wrap =     'DSTU Gost 28147-2009 key wrap';
+  NID_dstu28147_wrap =    1155;
+  SN_hmacWithDstu34311 =    'hmacWithDstu34311';
+  LN_hmacWithDstu34311 =    'HMAC DSTU Gost 34311-95';
+  NID_hmacWithDstu34311 =    1156;
+  SN_dstu34311 =    'dstu34311';
+  LN_dstu34311 =    'DSTU Gost 34311-95';
+  NID_dstu34311 =    1157;
+  SN_dstu4145le =    'dstu4145le';
+  LN_dstu4145le =    'DSTU 4145-2002 little endian';
+  NID_dstu4145le =   1158;
+  SN_dstu4145be =    'dstu4145be';
+  LN_dstu4145be =    'DSTU 4145-2002 big endian';
+  NID_dstu4145be =   1159;
+  SN_uacurve0 =    'uacurve0';
+  LN_uacurve0 =    'DSTU curve 0';
+  NID_uacurve0 =    1160;
+  SN_uacurve1 =    'uacurve1';
+  LN_uacurve1 =    'DSTU curve 1';
+  NID_uacurve1 =    1161;
+  SN_uacurve2 =    'uacurve2';
+  LN_uacurve2 =    'DSTU curve 2';
+  NID_uacurve2 =    1162;
+  SN_uacurve3 =    'uacurve3';
+  LN_uacurve3 =    'DSTU curve 3';
+  NID_uacurve3 =    1163;
+  SN_uacurve4 =    'uacurve4';
+  LN_uacurve4 =    'DSTU curve 4';
+  NID_uacurve4 =    1164;
+  SN_uacurve5 =    'uacurve5';
+  LN_uacurve5 =    'DSTU curve 5';
+  NID_uacurve5 =    1165;
+  SN_uacurve6 =    'uacurve6';
+  LN_uacurve6 =    'DSTU curve 6';
+  NID_uacurve6 =    1166;
+  SN_uacurve7 =    'uacurve7';
+  LN_uacurve7 =    'DSTU curve 7';
+  NID_uacurve7 =    1167;
+  SN_uacurve8 =    'uacurve8';
+  LN_uacurve8 =    'DSTU curve 8';
+  NID_uacurve8 =    1168;
+  SN_uacurve9 =    'uacurve9';
+  LN_uacurve9 =    'DSTU curve 9';
+  NID_uacurve9 =    1169;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_objects.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_objects.pas
new file mode 100644
index 000000000..8fa37c7ce
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_objects.pas
@@ -0,0 +1,263 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 15:01:04
+
+unit IdOpenSSLHeaders_objects;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// objects.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  Classes,
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts,
+  IdOpenSSLHeaders_ossl_typ;
+
+type
+  obj_name_st = record
+    &type: TIdC_INT;
+    alias: TIdC_INT;
+    name: PIdAnsiChar;
+    data: PIdAnsiChar;
+  end;
+  OBJ_NAME = obj_name_st;
+  POBJ_NAME = ^OBJ_NAME;
+
+//# define         OBJ_create_and_add_object(a,b,c) OBJ_create(a,b,c)
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+procedure UnLoad;
+{$ENDREGION}
+
+var
+  OBJ_NAME_init: function: TIdC_INT cdecl = nil;
+  //TIdC_INT OBJ_NAME_new_index(TIdC_ULONG (*hash_func) (const PIdAnsiChar *);
+  //                       TIdC_INT (*cmp_func) (const PIdAnsiChar *; const PIdAnsiChar *);
+  //                       void (*free_func) (const PIdAnsiChar *; TIdC_INT; const PIdAnsiChar *));
+  OBJ_NAME_get: function(const name: PIdAnsiChar; &type: TIdC_INT): PIdAnsiChar cdecl = nil;
+  OBJ_NAME_add: function(const name: PIdAnsiChar; &type: TIdC_INT; const data: PIdAnsiChar): TIdC_INT cdecl = nil;
+  OBJ_NAME_remove: function(const name: PIdAnsiChar; &type: TIdC_INT): TIdC_INT cdecl = nil;
+  OBJ_NAME_cleanup: procedure(&type: TIdC_INT) cdecl = nil;
+//  void OBJ_NAME_do_all(TIdC_INT &type; void (*fn) (const OBJ_NAME *; void *arg);
+//                       void *arg);
+//  void OBJ_NAME_do_all_sorted(TIdC_INT &type;
+//                              void (*fn) (const OBJ_NAME *; void *arg);
+//                              void *arg);
+
+  OBJ_dup: function(const o: PASN1_OBJECT): PASN1_OBJECT cdecl = nil;
+  OBJ_nid2obj: function(n: TIdC_INT): PASN1_OBJECT cdecl = nil;
+  OBJ_nid2ln: function(n: TIdC_INT): PIdAnsiChar cdecl = nil;
+  OBJ_nid2sn: function(n: TIdC_INT): PIdAnsiChar cdecl = nil;
+  OBJ_obj2nid: function(const o: PASN1_OBJECT): TIdC_INT cdecl = nil;
+  OBJ_txt2obj: function(const s: PIdAnsiChar; no_name: TIdC_INT): PASN1_OBJECT cdecl = nil;
+  OBJ_obj2txt: function(buf: PIdAnsiChar; buf_len: TIdC_INT; const a: PASN1_OBJECT; no_name: TIdC_INT): TIdC_INT cdecl = nil;
+  OBJ_txt2nid: function(const s: PIdAnsiChar): TIdC_INT cdecl = nil;
+  OBJ_ln2nid: function(const s: PIdAnsiChar): TIdC_INT cdecl = nil;
+  OBJ_sn2nid: function(const s: PIdAnsiChar): TIdC_INT cdecl = nil;
+  OBJ_cmp: function(const a: PASN1_OBJECT; const b: PASN1_OBJECT): TIdC_INT cdecl = nil;
+//  const void *OBJ_bsearch_(const void *key; const void *base; TIdC_INT num; TIdC_INT size;
+//                           TIdC_INT (*cmp) (const void *; const void *));
+//  const void *OBJ_bsearch_ex_(const void *key; const void *base; TIdC_INT num;
+//                              TIdC_INT size;
+//                              TIdC_INT (*cmp) (const void *; const void *);
+//                              TIdC_INT flags);
+
+  //# define _DECLARE_OBJ_BSEARCH_CMP_FN(scope; type1; type2; nm)    \
+  //  static TIdC_INT nm##_cmp_BSEARCH_CMP_FN(const void *; const void *); \
+  //  static TIdC_INT nm##_cmp(type1 const *; type2 const *); \
+  //  scope type2 * OBJ_bsearch_##nm(type1 *key; type2 const *base; TIdC_INT num)
+  //
+  //# define DECLARE_OBJ_BSEARCH_CMP_FN(type1; type2; cmp)   \
+  //  _DECLARE_OBJ_BSEARCH_CMP_FN(static; type1; type2; cmp)
+  //# define DECLARE_OBJ_BSEARCH_GLOBAL_CMP_FN(type1; type2; nm)     \
+  //  type2 * OBJ_bsearch_##nm(type1 *key; type2 const *base; TIdC_INT num)
+
+  (*
+   * Unsolved problem: if a type is actually a pointer type, like
+   * nid_triple is, then its impossible to get a const where you need
+   * it. Consider:
+   *
+   * typedef TIdC_INT nid_triple[3];
+   * const void *a_;
+   * const nid_triple const *a = a_;
+   *
+   * The assignment discards a const because what you really want is:
+   *
+   * const TIdC_INT const * const *a = a_;
+   *
+   * But if you do that, you lose the fact that a is an array of 3 ints,
+   * which breaks comparison functions.
+   *
+   * Thus we end up having to cast, sadly, or unpack the
+   * declarations. Or, as I finally did in this case, declare nid_triple
+   * to be a struct, which it should have been in the first place.
+   *
+   * Ben, August 2008.
+   *
+   * Also, strictly speaking not all types need be const, but handling
+   * the non-constness means a lot of complication, and in practice
+   * comparison routines do always not touch their arguments.
+   *)
+
+  //# define IMPLEMENT_OBJ_BSEARCH_CMP_FN(type1, type2, nm)  \
+  //  static TIdC_INT nm##_cmp_BSEARCH_CMP_FN(const void *a_; const void *b_)    \
+  //      { \
+  //      type1 const *a = a_; \
+  //      type2 const *b = b_; \
+  //      return nm##_cmp(a;b); \
+  //      } \
+  //  static type2 *OBJ_bsearch_##nm(type1 *key; type2 const *base; TIdC_INT num) \
+  //      { \
+  //      return (type2 *)OBJ_bsearch_(key; base; num; sizeof(type2); \
+  //                                        nm##_cmp_BSEARCH_CMP_FN); \
+  //      } \
+  //      extern void dummy_prototype(void)
+  //
+  //# define IMPLEMENT_OBJ_BSEARCH_GLOBAL_CMP_FN(type1; type2; nm)   \
+  //  static TIdC_INT nm##_cmp_BSEARCH_CMP_FN(const void *a_; const void *b_)    \
+  //      { \
+  //      type1 const *a = a_; \
+  //      type2 const *b = b_; \
+  //      return nm##_cmp(a;b); \
+  //      } \
+  //  type2 *OBJ_bsearch_##nm(type1 *key; type2 const *base; TIdC_INT num) \
+  //      { \
+  //      return (type2 *)OBJ_bsearch_(key; base; num; sizeof(type2); \
+  //                                        nm##_cmp_BSEARCH_CMP_FN); \
+  //      } \
+  //      extern void dummy_prototype(void)
+  //
+  //# define OBJ_bsearch(type1;key;type2;base;num;cmp)                              \
+  //  ((type2 *)OBJ_bsearch_(CHECKED_PTR_OF(type1;key);CHECKED_PTR_OF(type2;base); \
+  //                         num;sizeof(type2);                             \
+  //                         ((void)CHECKED_PTR_OF(type1;cmp##_type_1);     \
+  //                          (void)CHECKED_PTR_OF(type2;cmp##_type_2);     \
+  //                          cmp##_BSEARCH_CMP_FN)))
+  //
+  //# define OBJ_bsearch_ex(type1;key;type2;base;num;cmp;flags)                      \
+  //  ((type2 *)OBJ_bsearch_ex_(CHECKED_PTR_OF(type1;key);CHECKED_PTR_OF(type2;base); \
+  //                         num;sizeof(type2);                             \
+  //                         ((void)CHECKED_PTR_OF(type1;cmp##_type_1);     \
+  //                          (void)type_2=CHECKED_PTR_OF(type2;cmp##_type_2); \
+  //                          cmp##_BSEARCH_CMP_FN));flags)
+
+  OBJ_new_nid: function(num: TIdC_INT): TIdC_INT cdecl = nil;
+  OBJ_add_object: function(const obj: PASN1_OBJECT): TIdC_INT cdecl = nil;
+  OBJ_create: function(const oid: PIdAnsiChar; const sn: PIdAnsiChar; const ln: PIdAnsiChar): TIdC_INT cdecl = nil;
+  OBJ_create_objects: function(&in: PBIO): TIdC_INT cdecl = nil;
+
+  OBJ_length: function(const obj: PASN1_OBJECT): TIdC_SIZET cdecl = nil;
+  OBJ_get0_data: function(const obj: PASN1_OBJECT): PByte cdecl = nil;
+
+  OBJ_find_sigid_algs: function(signid: TIdC_INT; pdig_nid: PIdC_INT; ppkey_nid: PIdC_INT): TIdC_INT cdecl = nil;
+  OBJ_find_sigid_by_algs: function(psignid: PIdC_INT; dig_nid: TIdC_INT; pkey_nid: TIdC_INT): TIdC_INT cdecl = nil;
+  OBJ_add_sigid: function(signid: TIdC_INT; dig_id: TIdC_INT; pkey_id: TIdC_INT): TIdC_INT cdecl = nil;
+  OBJ_sigid_free: procedure cdecl = nil;
+
+implementation
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+
+  function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
+  begin
+    Result := LoadLibFunction(ADllHandle, AMethodName);
+    if not Assigned(Result) then
+      AFailed.Add(AMethodName);
+  end;
+
+begin
+  OBJ_NAME_init := LoadFunction('OBJ_NAME_init', AFailed);
+  OBJ_NAME_get := LoadFunction('OBJ_NAME_get', AFailed);
+  OBJ_NAME_add := LoadFunction('OBJ_NAME_add', AFailed);
+  OBJ_NAME_remove := LoadFunction('OBJ_NAME_remove', AFailed);
+  OBJ_NAME_cleanup := LoadFunction('OBJ_NAME_cleanup', AFailed);
+  OBJ_dup := LoadFunction('OBJ_dup', AFailed);
+  OBJ_nid2obj := LoadFunction('OBJ_nid2obj', AFailed);
+  OBJ_nid2ln := LoadFunction('OBJ_nid2ln', AFailed);
+  OBJ_nid2sn := LoadFunction('OBJ_nid2sn', AFailed);
+  OBJ_obj2nid := LoadFunction('OBJ_obj2nid', AFailed);
+  OBJ_txt2obj := LoadFunction('OBJ_txt2obj', AFailed);
+  OBJ_obj2txt := LoadFunction('OBJ_obj2txt', AFailed);
+  OBJ_txt2nid := LoadFunction('OBJ_txt2nid', AFailed);
+  OBJ_ln2nid := LoadFunction('OBJ_ln2nid', AFailed);
+  OBJ_sn2nid := LoadFunction('OBJ_sn2nid', AFailed);
+  OBJ_cmp := LoadFunction('OBJ_cmp', AFailed);
+  OBJ_new_nid := LoadFunction('OBJ_new_nid', AFailed);
+  OBJ_add_object := LoadFunction('OBJ_add_object', AFailed);
+  OBJ_create := LoadFunction('OBJ_create', AFailed);
+  OBJ_create_objects := LoadFunction('OBJ_create_objects', AFailed);
+  OBJ_length := LoadFunction('OBJ_length', AFailed);
+  OBJ_get0_data := LoadFunction('OBJ_get0_data', AFailed);
+  OBJ_find_sigid_algs := LoadFunction('OBJ_find_sigid_algs', AFailed);
+  OBJ_find_sigid_by_algs := LoadFunction('OBJ_find_sigid_by_algs', AFailed);
+  OBJ_add_sigid := LoadFunction('OBJ_add_sigid', AFailed);
+  OBJ_sigid_free := LoadFunction('OBJ_sigid_free', AFailed);
+end;
+
+procedure UnLoad;
+begin
+  OBJ_NAME_init := nil;
+  OBJ_NAME_get := nil;
+  OBJ_NAME_add := nil;
+  OBJ_NAME_remove := nil;
+  OBJ_NAME_cleanup := nil;
+  OBJ_dup := nil;
+  OBJ_nid2obj := nil;
+  OBJ_nid2ln := nil;
+  OBJ_nid2sn := nil;
+  OBJ_obj2nid := nil;
+  OBJ_txt2obj := nil;
+  OBJ_obj2txt := nil;
+  OBJ_txt2nid := nil;
+  OBJ_ln2nid := nil;
+  OBJ_sn2nid := nil;
+  OBJ_cmp := nil;
+  OBJ_new_nid := nil;
+  OBJ_add_object := nil;
+  OBJ_create := nil;
+  OBJ_create_objects := nil;
+  OBJ_length := nil;
+  OBJ_get0_data := nil;
+  OBJ_find_sigid_algs := nil;
+  OBJ_find_sigid_by_algs := nil;
+  OBJ_add_sigid := nil;
+  OBJ_sigid_free := nil;
+end;
+{$ENDREGION}
+
+end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_objectserr.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_objectserr.pas
new file mode 100644
index 000000000..3ed066e63
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_objectserr.pas
@@ -0,0 +1,98 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 15:01:04
+
+unit IdOpenSSLHeaders_objectserr;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// objectserr.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  Classes,
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+const
+  (*
+   * OBJ function codes.
+   *)
+  OBJ_F_OBJ_ADD_OBJECT =  105;
+  OBJ_F_OBJ_ADD_SIGID =  107;
+  OBJ_F_OBJ_CREATE =   100;
+  OBJ_F_OBJ_DUP =   101;
+  OBJ_F_OBJ_NAME_NEW_INDEX =  106;
+  OBJ_F_OBJ_NID2LN =   102;
+  OBJ_F_OBJ_NID2OBJ =   103;
+  OBJ_F_OBJ_NID2SN =   104;
+  OBJ_F_OBJ_TXT2OBJ =   108;
+
+  (*
+   * OBJ reason codes.
+   *)
+  OBJ_R_OID_EXISTS = 102;
+  OBJ_R_UNKNOWN_NID = 101;
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+procedure UnLoad;
+{$ENDREGION}
+
+var
+  ERR_load_OBJ_strings: function: TIdC_INT cdecl = nil;
+
+implementation
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+
+  function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
+  begin
+    Result := LoadLibFunction(ADllHandle, AMethodName);
+    if not Assigned(Result) then
+      AFailed.Add(AMethodName);
+  end;
+
+begin
+  ERR_load_OBJ_strings := LoadFunction('ERR_load_OBJ_strings', AFailed);
+end;
+
+procedure UnLoad;
+begin
+  ERR_load_OBJ_strings := nil;
+end;
+{$ENDREGION}
+
+end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ocsperr.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ocsperr.pas
new file mode 100644
index 000000000..2e7a1f245
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ocsperr.pas
@@ -0,0 +1,129 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 15:01:04
+
+unit IdOpenSSLHeaders_ocsperr;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// ocsperr.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  Classes,
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+const
+  (*
+   * OCSP function codes.
+   *)
+  OCSP_F_D2I_OCSP_NONCE = 102;
+  OCSP_F_OCSP_BASIC_ADD1_STATUS = 103;
+  OCSP_F_OCSP_BASIC_SIGN = 104;
+  OCSP_F_OCSP_BASIC_SIGN_CTX = 119;
+  OCSP_F_OCSP_BASIC_VERIFY = 105;
+  OCSP_F_OCSP_CERT_ID_NEW = 101;
+  OCSP_F_OCSP_CHECK_DELEGATED = 106;
+  OCSP_F_OCSP_CHECK_IDS = 107;
+  OCSP_F_OCSP_CHECK_ISSUER = 108;
+  OCSP_F_OCSP_CHECK_VALIDITY = 115;
+  OCSP_F_OCSP_MATCH_ISSUERID = 109;
+  OCSP_F_OCSP_PARSE_URL = 114;
+  OCSP_F_OCSP_REQUEST_SIGN = 110;
+  OCSP_F_OCSP_REQUEST_VERIFY = 116;
+  OCSP_F_OCSP_RESPONSE_GET1_BASIC = 111;
+  OCSP_F_PARSE_HTTP_LINE1 = 118;
+
+  (*
+   * OCSP reason codes.
+   *)
+  OCSP_R_CERTIFICATE_VERIFY_ERROR = 101;
+  OCSP_R_DIGEST_ERR = 102;
+  OCSP_R_ERROR_IN_NEXTUPDATE_FIELD = 122;
+  OCSP_R_ERROR_IN_THISUPDATE_FIELD = 123;
+  OCSP_R_ERROR_PARSING_URL = 121;
+  OCSP_R_MISSING_OCSPSIGNING_USAGE = 103;
+  OCSP_R_NEXTUPDATE_BEFORE_THISUPDATE = 124;
+  OCSP_R_NOT_BASIC_RESPONSE = 104;
+  OCSP_R_NO_CERTIFICATES_IN_CHAIN = 105;
+  OCSP_R_NO_RESPONSE_DATA = 108;
+  OCSP_R_NO_REVOKED_TIME = 109;
+  OCSP_R_NO_SIGNER_KEY = 130;
+  OCSP_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE = 110;
+  OCSP_R_REQUEST_NOT_SIGNED = 128;
+  OCSP_R_RESPONSE_CONTAINS_NO_REVOCATION_DATA = 111;
+  OCSP_R_ROOT_CA_NOT_TRUSTED = 112;
+  OCSP_R_SERVER_RESPONSE_ERROR = 114;
+  OCSP_R_SERVER_RESPONSE_PARSE_ERROR = 115;
+  OCSP_R_SIGNATURE_FAILURE = 117;
+  OCSP_R_SIGNER_CERTIFICATE_NOT_FOUND = 118;
+  OCSP_R_STATUS_EXPIRED = 125;
+  OCSP_R_STATUS_NOT_YET_VALID = 126;
+  OCSP_R_STATUS_TOO_OLD = 127;
+  OCSP_R_UNKNOWN_MESSAGE_DIGEST = 119;
+  OCSP_R_UNKNOWN_NID = 120;
+  OCSP_R_UNSUPPORTED_REQUESTORNAME_TYPE = 129;
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+procedure UnLoad;
+{$ENDREGION}
+
+var
+  ERR_load_OCSP_strings: function: TIdC_INT cdecl = nil;
+
+implementation
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+
+  function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
+  begin
+    Result := LoadLibFunction(ADllHandle, AMethodName);
+    if not Assigned(Result) then
+      AFailed.Add(AMethodName);
+  end;
+
+begin
+  ERR_load_OCSP_strings := LoadFunction('ERR_load_OCSP_strings', AFailed);
+end;
+
+procedure UnLoad;
+begin
+  ERR_load_OCSP_strings := nil;
+end;
+{$ENDREGION}
+
+end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ossl_typ.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ossl_typ.pas
new file mode 100644
index 000000000..882d72aa6
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ossl_typ.pas
@@ -0,0 +1,536 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 15:01:04
+
+unit IdOpenSSLHeaders_ossl_typ;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// ossl_typ.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+type
+{$REGION 'moved from unit "asn1" to prevent circular references'}
+  asn1_string_st = record
+    length: TIdC_INT;
+    &type: TIdC_INT;
+    data: PByte;
+    (*
+     * The value of the following field depends on the type being held.  It
+     * is mostly being used for BIT_STRING so if the input data has a
+     * non-zero 'unused bits' value, it will be handled correctly
+     *)
+    flags: TIdC_LONG;
+  end;
+{$ENDREGION}
+
+  // moved from asn1  
+  ASN1_VALUE_st = type Pointer;
+  ASN1_VALUE = ASN1_VALUE_st;
+  PASN1_VALUE = ^ASN1_VALUE;
+  PPASN1_VALUE = ^PASN1_VALUE;
+
+  // moved from e_os2
+  ossl_ssize_t = type {$IFDEF WIN64}TIdC_INT64{$ELSE}TIdC_INT{$ENDIF};
+
+  asn1_object_st = type Pointer;
+  ASN1_OBJECT = asn1_object_st;
+  PASN1_OBJECT = ^ASN1_OBJECT;
+  PPASN1_OBJECT = ^PASN1_OBJECT;
+
+  ASN1_INTEGER = type asn1_string_st;
+  PASN1_INTEGER = ^ASN1_INTEGER;
+  PPASN1_INTEGER = ^PASN1_INTEGER;
+
+  ASN1_ENUMERATED = type asn1_string_st;
+  PASN1_ENUMERATED = ^ASN1_ENUMERATED;
+
+  ASN1_BIT_STRING = type asn1_string_st;
+  PASN1_BIT_STRING = ^ASN1_BIT_STRING;
+  PPASN1_BIT_STRING = ^PASN1_BIT_STRING;
+
+  ASN1_OCTET_STRING = type asn1_string_st;
+  PASN1_OCTET_STRING = ^ASN1_OCTET_STRING;
+  PPASN1_OCTET_STRING = ^PASN1_OCTET_STRING;
+
+  ASN1_PRINTABLESTRING = type asn1_string_st;
+  PASN1_PRINTABLESTRING = ^ASN1_PRINTABLESTRING;
+
+  ASN1_T61STRING = type asn1_string_st;
+  PASN1_T61STRING = ^ASN1_T61STRING;
+
+  ASN1_IA5STRING = type asn1_string_st;
+  PASN1_IA5STRING = ^ASN1_IA5STRING;
+
+  ASN1_GENERALSTRING = type asn1_string_st;
+  PASN1_GENERALSTRING = ^ASN1_GENERALSTRING;
+
+  ASN1_UNIVERSALSTRING = type asn1_string_st;
+  PASN1_UNIVERSALSTRING = ^ASN1_UNIVERSALSTRING;
+
+  ASN1_BMPSTRING = type asn1_string_st;
+  PASN1_BMPSTRING = ^ASN1_BMPSTRING;
+
+  ASN1_UTCTIME = type asn1_string_st;
+  PASN1_UTCTIME = ^ASN1_UTCTIME;
+
+  ASN1_TIME = type asn1_string_st;
+  PASN1_TIME = ^ASN1_TIME;
+
+  ASN1_GENERALIZEDTIME = type asn1_string_st;
+  PASN1_GENERALIZEDTIME = ^ASN1_GENERALIZEDTIME;
+  PPASN1_GENERALIZEDTIME = ^PASN1_GENERALIZEDTIME;
+
+  ASN1_VISIBLESTRING = type asn1_string_st;
+  PASN1_VISIBLESTRING = ^ASN1_VISIBLESTRING;
+
+  ASN1_UTF8STRING = type asn1_string_st;
+  PASN1_UTF8STRING = ^ASN1_UTF8STRING;
+
+  ASN1_STRING = type asn1_string_st;
+  PASN1_STRING = ^ASN1_STRING;
+  PPASN1_STRING = ^PASN1_STRING;
+
+  ASN1_BOOLEAN = type TIdC_INT;
+  PASN1_BOOLEAN = ^ASN1_BOOLEAN;
+
+  ASN1_NULL = type TIdC_INT;
+  PASN1_NULL = ^ASN1_NULL;
+
+  
+  ASN1_ITEM_st = type Pointer;
+  ASN1_ITEM = ASN1_ITEM_st;
+  PASN1_ITEM = ^ASN1_ITEM;
+  
+  asn1_pctx_st = type Pointer;
+  ASN1_PCTX = asn1_pctx_st;
+  PASN1_PCTX = ^ASN1_PCTX;
+  
+  asn1_sctx_st = type Pointer;
+  ASN1_SCTX = asn1_sctx_st;
+  PASN1_SCTX = ^ASN1_SCTX;
+
+  dane_st = type Pointer;
+  bio_st = type Pointer;
+  BIO = bio_st;
+  PBIO = ^BIO;
+  PPBIO  = ^PBIO;
+  bignum_st = type Pointer;
+  BIGNUM = bignum_st;
+  PBIGNUM = ^BIGNUM;
+  PPBIGNUM  = ^PBIGNUM;
+  bignum_ctx = type Pointer;
+  BN_CTX = bignum_ctx;
+  PBN_CTX = ^BN_CTX;
+  bn_blinding_st = type Pointer;
+  BN_BLINDING = bn_blinding_st;
+  PBN_BLINDING = ^BN_BLINDING;
+  bn_mont_ctx_st = type Pointer;
+  BN_MONT_CTX = bn_mont_ctx_st;
+  PBN_MONT_CTX = ^BN_MONT_CTX;
+  bn_recp_ctx_st = type Pointer;
+  BN_RECP_CTX = bn_recp_ctx_st;
+  PBN_RECP_CTX = ^BN_RECP_CTX;
+  bn_gencb_st = type Pointer;
+  BN_GENCB = bn_gencb_st;
+  PBN_GENCB = ^BN_GENCB;
+  
+  buf_mem_st = type Pointer;
+  BUF_MEM = buf_mem_st;
+  PBUF_MEM = ^BUF_MEM;
+
+  evp_cipher_st = type Pointer;
+  EVP_CIPHER = evp_cipher_st;
+  PEVP_CIPHER = ^EVP_CIPHER;
+  PPEVP_CIPHER = ^PEVP_CIPHER;
+  evp_cipher_ctx_st = type Pointer;
+  EVP_CIPHER_CTX = evp_cipher_ctx_st;
+  PEVP_CIPHER_CTX = ^EVP_CIPHER_CTX;
+  evp_md_st = type Pointer;
+  EVP_MD = evp_md_st;
+  PEVP_MD = ^EVP_MD;
+  PPEVP_MD = ^PEVP_MD;
+  evp_md_ctx_st = type Pointer;
+  EVP_MD_CTX = evp_md_ctx_st;
+  PEVP_MD_CTX = ^EVP_MD_CTX;
+  evp_pkey_st = type Pointer;
+  EVP_PKEY = evp_pkey_st;
+  PEVP_PKEY = ^EVP_PKEY;
+  PPEVP_PKEY = ^PEVP_PKEY;
+  
+  evp_pkey_asn1_method_st = type Pointer;
+  EVP_PKEY_ASN1_METHOD = evp_pkey_asn1_method_st;
+  PEVP_PKEY_ASN1_METHOD = ^EVP_PKEY_ASN1_METHOD;
+  PPEVP_PKEY_ASN1_METHOD = ^PEVP_PKEY_ASN1_METHOD;
+  
+  evp_pkey_method_st = type Pointer;
+  EVP_PKEY_METHOD = evp_pkey_method_st;
+  PEVP_PKEY_METHOD = ^EVP_PKEY_METHOD;
+  PPEVP_PKEY_METHOD = ^PEVP_PKEY_METHOD;
+  evp_pkey_ctx_st = type Pointer;
+  EVP_PKEY_CTX = evp_pkey_ctx_st;
+  PEVP_PKEY_CTX = ^EVP_PKEY_CTX;
+  PPEVP_PKEY_CTX = ^PEVP_PKEY_CTX;
+  
+  evp_Encode_Ctx_st = type Pointer;
+  EVP_ENCODE_CTX = evp_Encode_Ctx_st;
+  PEVP_ENCODE_CTX = ^EVP_ENCODE_CTX;
+
+  hmac_ctx_st = type Pointer;
+  HMAC_CTX = hmac_ctx_st;
+  PHMAC_CTX = ^HMAC_CTX;
+  
+  dh_st = type Pointer;
+  DH = dh_st;
+  PDH = ^DH;
+  PPDH = ^PDH;
+  dh_method_st = type Pointer;
+  DH_METHOD = dh_method_st;
+  PDH_METHOD = ^DH_METHOD;
+  
+  dsa_st = type Pointer;
+  DSA = dsa_st;
+  PDSA = ^DSA;
+  PPDSA = ^PDSA;
+  dsa_method_st = type Pointer;
+  DSA_METHOD = dsa_method_st;
+  PDSA_METHOD = ^DSA_METHOD;
+  
+  rsa_st = type Pointer;
+  RSA = rsa_st;
+  PRSA = ^RSA;
+  PPRSA = ^PRSA;
+  rsa_meth_st = type Pointer;
+  RSA_METHOD = rsa_meth_st;
+  PRSA_METHOD = ^RSA_METHOD;
+
+  ec_key_st = type Pointer;
+  EC_KEY = ec_key_st;
+  PEC_KEY = ^EC_KEY;
+  PPEC_KEY = ^PEC_KEY;
+  ec_key_method_st = type Pointer;
+  EC_KEY_METHOD = ec_key_method_st;
+  PEC_KEY_METHOD = ^EC_KEY_METHOD;
+  
+  rand_meth_st = type Pointer;
+  RAND_METHOD = rand_meth_st;
+  PRAND_METHOD = ^RAND_METHOD;
+  rand_drbg_st = type Pointer;
+  RAND_DRBG = rand_drbg_st;
+  PRAND_DRBG = ^RAND_DRBG;
+  
+  ssl_dane_st = type Pointer;
+  SSL_DANE = ssl_dane_st;
+  PSSL_DANE = ^SSL_DANE;
+  x509_st = type Pointer;
+  X509 = x509_st;
+  PX509 = ^X509;
+  PPX509 = ^PX509;
+  X509_crl_st = type Pointer;
+  X509_CRL = X509_crl_st;
+  PX509_CRL = ^X509_CRL;
+  PPX509_CRL = ^PX509_CRL;
+  x509_crl_method_st = type Pointer;
+  X509_CRL_METHOD = x509_crl_method_st;
+  PX509_CRL_METHOD = ^X509_CRL_METHOD;
+  x509_revoked_st = type Pointer;
+  X509_REVOKED = x509_revoked_st;
+  PX509_REVOKED = ^X509_REVOKED;
+  X509_name_st = type Pointer;
+  X509_NAME = X509_name_st;
+  PX509_NAME = ^X509_NAME;
+  PPX509_NAME = ^PX509_NAME;
+  X509_pubkey_st = type Pointer;
+  X509_PUBKEY = X509_pubkey_st;
+  PX509_PUBKEY = ^X509_PUBKEY;
+  PPX509_PUBKEY = ^PX509_PUBKEY;
+  x509_store_st = type Pointer;
+  X509_STORE = x509_store_st;
+  PX509_STORE = ^X509_STORE;
+  x509_store_ctx_st = type Pointer;
+  X509_STORE_CTX = x509_store_ctx_st;
+  PX509_STORE_CTX = ^X509_STORE_CTX;
+  
+  x509_object_st = type Pointer;
+  X509_OBJECT = x509_object_st;
+  PX509_OBJECT = ^X509_OBJECT;
+  x509_lookup_st = type Pointer;
+  X509_LOOKUP = x509_lookup_st;
+  PX509_LOOKUP = ^X509_LOOKUP;
+  x509_lookup_method_st = type Pointer;
+  X509_LOOKUP_METHOD = x509_lookup_method_st;
+  PX509_LOOKUP_METHOD = ^X509_LOOKUP_METHOD;
+  X509_VERIFY_PARAM_st = type Pointer;
+  X509_VERIFY_PARAM = X509_VERIFY_PARAM_st;
+  PX509_VERIFY_PARAM = ^X509_VERIFY_PARAM;
+  
+  x509_sig_info_st = type Pointer;
+  X509_SIG_INFO = x509_sig_info_st;
+  PX509_SIG_INFO = ^X509_SIG_INFO;
+
+  pkcs8_priv_key_info_st = type Pointer;
+  PKCS8_PRIV_KEY_INFO = pkcs8_priv_key_info_st;
+  PPKCS8_PRIV_KEY_INFO = ^PKCS8_PRIV_KEY_INFO;
+  PPPKCS8_PRIV_KEY_INFO = ^PPKCS8_PRIV_KEY_INFO;
+
+// moved from x509 to prevent circular references
+  X509_REQ = type Pointer; // X509_req_st
+  PX509_REQ = ^X509_REQ;
+  PPX509_REQ = ^PX509_REQ;
+
+// moved from x509v3 to prevent circular references
+  (* Context specific info *)
+  v3_ext_ctx = record
+    flags: TIdC_INT;
+    issuer_cert: PX509;
+    subject_cert: PX509;
+    subject_req: PX509_REQ;
+    crl: PX509_CRL;
+    db_meth: Pointer; //PX509V3_CONF_METHOD;
+    db: Pointer;
+  (* Maybe more here *)
+  end;
+//  v3_ext_ctx = type Pointer;
+  X509V3_CTX = v3_ext_ctx;
+  PX509V3_CTX = ^X509V3_CTX;
+  conf_st = type Pointer;
+  CONF = conf_st;
+  PCONF = ^CONF;
+  ossl_init_settings_st = type Pointer;
+  OPENSSL_INIT_SETTINGS = ossl_init_settings_st;
+  POPENSSL_INIT_SETTINGS = ^OPENSSL_INIT_SETTINGS;
+
+  ui_st = type Pointer;
+  UI = ui_st;
+  PUI = ^UI;
+  ui_method_st = type Pointer;
+  UI_METHOD = ui_method_st;
+  PUI_METHOD = ^UI_METHOD;
+  
+  engine_st = type Pointer;
+  ENGINE = engine_st;
+  PENGINE = ^ENGINE;
+  PPENGINE = ^PENGINE;
+  ssl_st = type Pointer;
+  SSL = ssl_st;
+  PSSL = ^SSL;
+  ssl_ctx_st = type Pointer;
+  SSL_CTX = ssl_ctx_st;
+  PSSL_CTX = ^SSL_CTX;
+  PPSSL_CTX  = ^PSSL_CTX;
+  
+  comp_ctx_st = type Pointer;
+  COMP_CTX = comp_ctx_st;
+  PCOMP_CTX = ^COMP_CTX;
+  comp_method_st = type Pointer;
+  COMP_METHOD = comp_method_st;
+  PCOMP_METHOD = ^COMP_METHOD;
+  
+  X509_POLICY_NODE_st = type Pointer;
+  X509_POLICY_NODE = X509_POLICY_NODE_st;
+  PX509_POLICY_NODE = ^X509_POLICY_NODE;
+  X509_POLICY_LEVEL_st = type Pointer;
+  X509_POLICY_LEVEL = X509_POLICY_LEVEL_st;
+  PX509_POLICY_LEVEL = ^X509_POLICY_LEVEL;
+  X509_POLICY_TREE_st = type Pointer;
+  X509_POLICY_TREE = X509_POLICY_TREE_st;
+  PX509_POLICY_TREE = ^X509_POLICY_TREE;
+  X509_POLICY_CACHE_st = type Pointer;
+  X509_POLICY_CACHE = X509_POLICY_CACHE_st;
+  PX509_POLICY_CACHE = ^X509_POLICY_CACHE;
+  
+  AUTHORITY_KEYID_st = type Pointer;
+  AUTHORITY_KEYID = AUTHORITY_KEYID_st;
+  PAUTHORITY_KEYID = ^AUTHORITY_KEYID;
+  DIST_POINT_st = type Pointer;
+  DIST_POINT = DIST_POINT_st;
+  PDIST_POINT = ^DIST_POINT;
+  ISSUING_DIST_POINT_st = type Pointer;
+  ISSUING_DIST_POINT = ISSUING_DIST_POINT_st;
+  PISSUING_DIST_POINT = ^ISSUING_DIST_POINT;
+  NAME_CONSTRAINTS_st = type Pointer;
+  NAME_CONSTRAINTS = NAME_CONSTRAINTS_st;
+  PNAME_CONSTRAINTS = ^NAME_CONSTRAINTS;
+  
+  crypto_ex_data_st = type Pointer;
+  CRYPTO_EX_DATA = crypto_ex_data_st;
+  PCRYPTO_EX_DATA = ^CRYPTO_EX_DATA;
+  
+  ocsp_req_ctx_st = type Pointer;
+  OCSP_REQ_CTX = ocsp_req_ctx_st;
+  POCSP_REQ_CTX = ^OCSP_REQ_CTX;
+  ocsp_response_st = type Pointer;
+  OCSP_RESPONSE = ocsp_response_st;
+  POCSP_RESPONSE = ^OCSP_RESPONSE;
+  ocsp_responder_id_st = type Pointer;
+  OCSP_RESPID = ocsp_responder_id_st;
+  POCSP_RESPID = ^OCSP_RESPID;
+  
+  sct_st = type Pointer;
+  SCT = sct_st;
+  PSCT = ^SCT;
+  sct_ctx_st = type Pointer;
+  SCT_CTX = sct_ctx_st;
+  PSCT_CTX = ^SCT_CTX;
+  ctlog_st = type Pointer;
+  CTLOG = ctlog_st;
+  PCTLOG = ^CTLOG;
+  ctlog_store_st = type Pointer;
+  CTLOG_STORE = ctlog_store_st;
+  PCTLOG_STORE = ^CTLOG_STORE;
+  ct_policy_eval_ctx_st = type Pointer;
+  CT_POLICY_EVAL_CTX = ct_policy_eval_ctx_st;
+  PCT_POLICY_EVAL_CTX = ^CT_POLICY_EVAL_CTX;
+  
+  ossl_store_info_st = type Pointer;
+  OSSL_STORE_INFO = ossl_store_info_st;
+  POSSL_STORE_INFO = ^OSSL_STORE_INFO;
+  ossl_store_search_st = type Pointer;
+  OSSL_STORE_SEARCH = ossl_store_search_st;
+  POSSL_STORE_SEARCH = ^OSSL_STORE_SEARCH;
+
+{$REGION 'moved from unit "asn1" to prevent circular references'}
+const
+  V_ASN1_UNIVERSAL = $00;
+  V_ASN1_APPLICATION = $40;
+  V_ASN1_CONTEXT_SPECIFIC = $80;
+  V_ASN1_PRIVATE = $c0;
+
+  V_ASN1_CONSTRUCTED = $20;
+  V_ASN1_PRIMITIVE_TAG = $1f;
+  V_ASN1_PRIMATIVE_TAG = V_ASN1_PRIMITIVE_TAG;
+
+  V_ASN1_APP_CHOOSE = -2; (* let the recipient choose *)
+  V_ASN1_OTHER = -3;      (* used in ASN1_TYPE *)
+  V_ASN1_ANY = -4;        (* used in ASN1 template code *)
+
+  V_ASN1_UNDEF = -1;
+  V_ASN1_EOC =  0;
+  V_ASN1_BOOLEAN = 1;
+  V_ASN1_INTEGER = 2;
+  V_ASN1_BIT_STRING = 3;
+  V_ASN1_OCTET_STRING = 4;
+  V_ASN1_NULL = 5;
+  V_ASN1_OBJECT = 6;
+  V_ASN1_OBJECT_DESCRIPTOR = 7;
+  V_ASN1_EXTERNAL = 8;
+  V_ASN1_REAL = 9;
+  V_ASN1_ENUMERATED = 10;
+  V_ASN1_UTF8STRING = 12;
+  V_ASN1_SEQUENCE = 16;
+  V_ASN1_SET = 17;
+  V_ASN1_NUMERICSTRING = 18;
+  V_ASN1_PRINTABLESTRING = 19;
+  V_ASN1_T61STRING = 20;
+  V_ASN1_TELETEXSTRING = 20;
+  V_ASN1_VIDEOTEXSTRING = 21;
+  V_ASN1_IA5STRING = 22;
+  V_ASN1_UTCTIME = 23;
+  V_ASN1_GENERALIZEDTIME = 24;
+  V_ASN1_GRAPHICSTRING = 25;
+  V_ASN1_ISO64STRING = 26;
+  V_ASN1_VISIBLESTRING = 26;
+  V_ASN1_GENERALSTRING = 27;
+  V_ASN1_UNIVERSALSTRING = 28;
+  V_ASN1_BMPSTRING = 30;
+
+type
+  asn1_type_st = record
+    case &type: TIdC_INT of
+//      (ptr: PIdAnsichar);
+      V_ASN1_BOOLEAN: (boolean: ASN1_BOOLEAN);
+//      (asn1_string: PASN1_STRING);
+      V_ASN1_OBJECT: (&object: PASN1_OBJECT);
+      V_ASN1_INTEGER: (integer: PASN1_INTEGER);
+      V_ASN1_ENUMERATED: (enumerated: PASN1_ENUMERATED);
+      V_ASN1_BIT_STRING: (bit_string: PASN1_BIT_STRING);
+      V_ASN1_OCTET_STRING: (octet_string: PASN1_OCTET_STRING);
+      V_ASN1_PRINTABLESTRING: (printablestring: PASN1_PRINTABLESTRING);
+      V_ASN1_T61STRING: (t61string: PASN1_T61STRING);
+      V_ASN1_IA5STRING: (ia5string: PASN1_IA5STRING);
+      V_ASN1_GENERALSTRING: (generalstring: PASN1_GENERALSTRING);
+      V_ASN1_BMPSTRING: (bmpstring: PASN1_BMPSTRING);
+      V_ASN1_UNIVERSALSTRING: (universalstring: PASN1_UNIVERSALSTRING);
+      V_ASN1_UTCTIME: (utctime: PASN1_UTCTIME);
+      V_ASN1_GENERALIZEDTIME: (generalizedtime: PASN1_GENERALIZEDTIME);
+      V_ASN1_VISIBLESTRING: (visiblestring: PASN1_VISIBLESTRING);
+      V_ASN1_UTF8STRING: (utf8string: PASN1_UTF8STRING);
+      (*
+       * set and sequence are left complete and still contain the set or
+       * sequence bytes
+       *)
+      V_ASN1_SET: (&set: PASN1_STRING);
+      V_ASN1_SEQUENCE: (sequence: PASN1_STRING);
+//      (asn1_value: PASN1_VALUE);
+
+//      V_ASN1_UNDEF: ;
+//      V_ASN1_EOC: ;
+//      V_ASN1_NULL: ;
+//      V_ASN1_OBJECT_DESCRIPTOR: ;
+//      V_ASN1_EXTERNAL: ;
+//      V_ASN1_REAL: ;
+//      V_ASN1_NUMERICSTRING: ;
+//      V_ASN1_TELETEXSTRING: ;
+//      V_ASN1_VIDEOTEXSTRING: ;
+//      V_ASN1_GRAPHICSTRING: ;
+//      V_ASN1_ISO64STRING: ;
+  end;
+  ASN1_TYPE = asn1_type_st;
+  PASN1_TYPE = ^ASN1_TYPE;
+  PPASN1_TYPE = ^PASN1_TYPE;
+{$ENDREGION}
+
+{$REGION 'moved from unit "x509" to prevent circular references'}
+  X509_algor_st = record
+    algorithm: PASN1_OBJECT;
+    parameter: PASN1_TYPE;
+  end; (* X509_ALGOR *)
+{$ENDREGION}
+  X509_ALGOR = X509_algor_st;
+  PX509_ALGOR = ^X509_ALGOR;
+  PPX509_ALGOR = ^PX509_ALGOR;
+  
+  i2d_of_void = type Pointer;
+  Pi2d_of_void = ^i2d_of_void;
+
+  d2i_of_void = type Pointer;
+  Pd2i_of_void = ^d2i_of_void;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_pem.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_pem.pas
new file mode 100644
index 000000000..76cb8cf1e
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_pem.pas
@@ -0,0 +1,381 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 15:01:04
+
+unit IdOpenSSLHeaders_pem;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// pem.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  Classes,
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts,
+  IdOpenSSLHeaders_ec,
+  IdOpenSSLHeaders_ossl_typ,
+  IdOpenSSLHeaders_pkcs7,
+  IdOpenSSLHeaders_x509;
+  
+type
+  EVP_CIPHER_INFO = type Pointer;
+  PEVP_CIPHER_INFO = ^EVP_CIPHER_INFO;
+
+const
+  PEM_BUFSIZE             = 1024;
+
+  PEM_STRING_X509_OLD     = 'X509 CERTIFICATE';
+  PEM_STRING_X509         = 'CERTIFICATE';
+  PEM_STRING_X509_TRUSTED = 'TRUSTED CERTIFICATE';
+  PEM_STRING_X509_REQ_OLD = 'NEW CERTIFICATE REQUEST';
+  PEM_STRING_X509_REQ     = 'CERTIFICATE REQUEST';
+  PEM_STRING_X509_CRL     = 'X509 CRL';
+  PEM_STRING_EVP_PKEY     = 'ANY PRIVATE KEY';
+  PEM_STRING_PUBLIC       = 'PUBLIC KEY';
+  PEM_STRING_RSA          = 'RSA PRIVATE KEY';
+  PEM_STRING_RSA_PUBLIC   = 'RSA PUBLIC KEY';
+  PEM_STRING_DSA          = 'DSA PRIVATE KEY';
+  PEM_STRING_DSA_PUBLIC   = 'DSA PUBLIC KEY';
+  PEM_STRING_PKCS7        = 'PKCS7';
+  PEM_STRING_PKCS7_SIGNED = 'PKCS #7 SIGNED DATA';
+  PEM_STRING_PKCS8        = 'ENCRYPTED PRIVATE KEY';
+  PEM_STRING_PKCS8INF     = 'PRIVATE KEY';
+  PEM_STRING_DHPARAMS     = 'DH PARAMETERS';
+  PEM_STRING_DHXPARAMS    = 'X9.42 DH PARAMETERS';
+  PEM_STRING_SSL_SESSION  = 'SSL SESSION PARAMETERS';
+  PEM_STRING_DSAPARAMS    = 'DSA PARAMETERS';
+  PEM_STRING_ECDSA_PUBLIC = 'ECDSA PUBLIC KEY';
+  PEM_STRING_ECPARAMETERS = 'EC PARAMETERS';
+  PEM_STRING_ECPRIVATEKEY = 'EC PRIVATE KEY';
+  PEM_STRING_PARAMETERS   = 'PARAMETERS';
+  PEM_STRING_CMS          = 'CMS';
+
+  PEM_TYPE_ENCRYPTED      = 10;
+  PEM_TYPE_MIC_ONLY       = 20;
+  PEM_TYPE_MIC_CLEAR      = 30;
+  PEM_TYPE_CLEAR          = 40;
+
+  PEM_FLAG_SECURE         = $1;
+  PEM_FLAG_EAY_COMPATIBLE = $2;
+  PEM_FLAG_ONLY_B64       = $4;
+
+type
+  pem_password_cb = function(buf: PIdAnsiChar; size: TIdC_INT; rwflag: TIdC_INT; userdata: Pointer): TIdC_INT; cdecl;
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+procedure UnLoad;
+{$ENDREGION}
+
+var
+  PEM_get_EVP_CIPHER_INFO: function(header: PIdAnsiChar; cipher: PEVP_CIPHER_INFO): TIdC_INT cdecl = nil;
+  PEM_do_header: function(cipher: PEVP_CIPHER_INFO; data: PByte; len: PIdC_LONG; callback: pem_password_cb; u: Pointer): TIdC_INT cdecl = nil;
+
+  PEM_read_bio: function(bp: PBIO; name: PPIdAnsiChar; header: PPIdAnsiChar; data: PPByte; len: PIdC_LONG): TIdC_INT cdecl = nil;
+  PEM_read_bio_ex: function(bp: PBIO; name: PPIdAnsiChar; header: PPIdAnsiChar; data: PPByte; len: PIdC_LONG; flags: TIdC_UINT): TIdC_INT cdecl = nil;
+  PEM_bytes_read_bio_secmem: function(pdata: PPByte; plen: PIdC_LONG; pnm: PPIdAnsiChar; const name: PIdAnsiChar; bp: PBIO; cb: pem_password_cb; u: Pointer): TIdC_INT cdecl = nil;
+  PEM_write_bio: function(bp: PBIO; const name: PIdAnsiChar; const hdr: PIdAnsiChar; const data: PByte; len: TIdC_LONG): TIdC_INT cdecl = nil;
+  PEM_bytes_read_bio: function(pdata: PPByte; plen: PIdC_LONG; pnm: PPIdAnsiChar; const name: PIdAnsiChar; bp: PBIO; cb: pem_password_cb; u: Pointer): TIdC_INT cdecl = nil;
+  PEM_ASN1_read_bio: function(d2i: d2i_of_void; const name: PIdAnsiChar; bp: PBIO; x: PPointer; cb: pem_password_cb; u: Pointer): Pointer cdecl = nil;
+  PEM_ASN1_write_bio: function(i2d: i2d_of_void; const name: PIdAnsiChar; bp: PBIO; x: Pointer; const enc: PEVP_CIPHER; kstr: PByte; klen: TIdC_INT; cb: pem_password_cb; u: Pointer): TIdC_INT cdecl = nil;
+
+  //function PEM_X509_INFO_read_bio(bp: PBIO; sk: PSTACK_OF_X509_INFO; cb: pem_password_cb; u: Pointer): PSTACK_OF_X509_INFO;
+  PEM_X509_INFO_write_bio: function(bp: PBIO; xi: PX509_INFO; enc: PEVP_CIPHER; kstr: PByte; klen: TIdC_INT; cd: pem_password_cb; u: Pointer): TIdC_INT cdecl = nil;
+
+  PEM_SignInit: function(ctx: PEVP_MD_CTX; &type: PEVP_MD): TIdC_INT cdecl = nil;
+  PEM_SignUpdate: function(ctx: PEVP_MD_CTX; d: PByte; cnt: Byte): TIdC_INT cdecl = nil;
+  PEM_SignFinal: function(ctx: PEVP_MD_CTX; sigret: PByte; siglen: PIdC_UINT; pkey: PEVP_PKEY): TIdC_INT cdecl = nil;
+
+  (* The default pem_password_cb that's used internally *)
+  PEM_def_callback: function(buf: PIdAnsiChar; num: TIdC_INT; rwflag: TIdC_INT; userdata: Pointer): TIdC_INT cdecl = nil;
+  PEM_proc_type: procedure(buf: PIdAnsiChar; &type: TIdC_INT) cdecl = nil;
+  PEM_dek_info: procedure(buf: PIdAnsiChar; const &type: PIdAnsiChar; len: TIdC_INT; str: PIdAnsiChar) cdecl = nil;
+
+  PEM_read_bio_X509: function(bp: PBIO; x: PPX509; cb: pem_password_cb; u: Pointer): PX509 cdecl = nil;
+  PEM_write_bio_X509: function(bp: PBIO; x: PX509): TIdC_INT cdecl = nil;
+
+  PEM_read_bio_X509_AUX: function(bp: PBIO; x: PPX509; cb: pem_password_cb; u: Pointer): PX509 cdecl = nil;
+  PEM_write_bio_X509_AUX: function(bp: PBIO; x: PX509): TIdC_INT cdecl = nil;
+
+  PEM_read_bio_X509_REQ: function(bp: PBIO; x: PPX509_REQ; cb: pem_password_cb; u: Pointer): PX509_REQ cdecl = nil;
+  PEM_write_bio_X509_REQ: function(bp: PBIO; x: PX509_REQ): TIdC_INT cdecl = nil;
+
+  PEM_write_bio_X509_REQ_NEW: function(bp: PBIO; x: PX509_REQ): TIdC_INT cdecl = nil;
+
+  PEM_read_bio_X509_CRL: function(bp: PBIO; x: PPX509_CRL; cb: pem_password_cb; u: Pointer): PX509_CRL cdecl = nil;
+  PEM_write_bio_X509_CRL: function(bp: PBIO; x: PX509_CRL): TIdC_INT cdecl = nil;
+
+  PEM_read_bio_PKCS7: function(bp: PBIO; x: PPPKCS7; cb: pem_password_cb; u: Pointer): PPKCS7 cdecl = nil;
+  PEM_write_bio_PKCS7: function(bp: PBIO; x: PPKCS7): TIdC_INT cdecl = nil;
+
+//  function PEM_read_bio_NETSCAPE_CERT_SEQUENCE(bp: PBIO; x: PPNETSCAPE_CERT_SEQUENCE; cb: pem_password_cb; u: Pointer): PNETSCAPE_CERT_SEQUENCE;
+//  function PEM_write_bio_NETSCAPE_CERT_SEQUENCE(bp: PBIO; x: PNETSCAPE_CERT_SEQUENCE): TIdC_INT;
+
+  PEM_read_bio_PKCS8: function(bp: PBIO; x: PPX509_SIG; cb: pem_password_cb; u: Pointer): PX509_SIG cdecl = nil;
+  PEM_write_bio_PKCS8: function(bp: PBIO; x: PX509_SIG): TIdC_INT cdecl = nil;
+
+  PEM_read_bio_PKCS8_PRIV_KEY_INFO: function(bp: PBIO; x: PPPKCS8_PRIV_KEY_INFO; cb: pem_password_cb; u: Pointer): PPKCS8_PRIV_KEY_INFO cdecl = nil;
+  PEM_write_bio_PKCS8_PRIV_KEY_INFO: function(bp: PBIO; x: PPKCS8_PRIV_KEY_INFO): TIdC_INT cdecl = nil;
+
+  // RSA
+  PEM_read_bio_RSAPrivateKey: function(bp: PBIO; x: PPRSA; cb: pem_password_cb; u: Pointer): PRSA cdecl = nil;
+  PEM_write_bio_RSAPrivateKey: function(bp: PBIO; x: PRSA; const enc: PEVP_CIPHER; kstr: PByte; klen: TIdC_INT; cb: pem_password_cb; u: Pointer): TIdC_INT cdecl = nil;
+
+  PEM_read_bio_RSAPublicKey: function(bp: PBIO; x: PPRSA; cb: pem_password_cb; u: Pointer): PRSA cdecl = nil;
+  PEM_write_bio_RSAPublicKey: function(bp: PBIO; const x: PRSA): TIdC_INT cdecl = nil;
+
+  PEM_read_bio_RSA_PUBKEY: function(bp: PBIO; x: PPRSA; cb: pem_password_cb; u: Pointer): PRSA cdecl = nil;
+  PEM_write_bio_RSA_PUBKEY: function(bp: PBIO; x: PRSA): TIdC_INT cdecl = nil;
+  // ~RSA
+
+  // DSA
+  PEM_read_bio_DSAPrivateKey: function(bp: PBIO; x: PPDSA; cb: pem_password_cb; u: Pointer): PDSA cdecl = nil;
+  PEM_write_bio_DSAPrivateKey: function(bp: PBIO; x: PDSA; const enc: PEVP_CIPHER; kstr: PByte; klen: TIdC_INT; cb: pem_password_cb; u: Pointer): TIdC_INT cdecl = nil;
+
+  PEM_read_bio_DSA_PUBKEY: function(bp: PBIO; x: PPDSA; cb: pem_password_cb; u: Pointer): PDSA cdecl = nil;
+  PEM_write_bio_DSA_PUBKEY: function(bp: PBIO; x: PDSA): TIdC_INT cdecl = nil;
+
+  PEM_read_bio_DSAparams: function(bp: PBIO; x: PPDSA; cb: pem_password_cb; u: Pointer): PDSA cdecl = nil;
+  PEM_write_bio_DSAparams: function(bp: PBIO; const x: PDSA): TIdC_INT cdecl = nil;
+  // ~DSA
+
+  // EC
+  PEM_read_bio_ECPKParameters: function(bp: PBIO; x: PPEC_GROUP; cb: pem_password_cb; u: Pointer): PEC_GROUP cdecl = nil;
+  PEM_write_bio_ECPKParameters: function(bp: PBIO; const x: PEC_GROUP): TIdC_INT cdecl = nil;
+
+  PEM_read_bio_ECPrivateKey: function(bp: PBIO; x: PPEC_KEY; cb: pem_password_cb; u: Pointer): PEC_KEY cdecl = nil;
+  PEM_write_bio_ECPrivateKey: function(bp: PBIO; x: PEC_KEY; const enc: PEVP_CIPHER; kstr: PByte; klen: TIdC_INT; cb: pem_password_cb; u: Pointer): TIdC_INT cdecl = nil;
+
+  PEM_read_bio_EC_PUBKEY: function(bp: PBIO; x: PPEC_KEY; cb: pem_password_cb; u: Pointer): PEC_KEY cdecl = nil;
+  PEM_write_bio_EC_PUBKEY: function(bp: PBIO; x: PEC_KEY): TIdC_INT cdecl = nil;
+  // ~EC
+
+  // DH
+  PEM_read_bio_DHparams: function(bp: PBIO; x: PPDH; cb: pem_password_cb; u: Pointer): PDH cdecl = nil;
+  PEM_write_bio_DHparams: function(bp: PBIO; const x: PDH): TIdC_INT cdecl = nil;
+
+  PEM_write_bio_DHxparams: function(bp: PBIO; const x: PDH): TIdC_INT cdecl = nil;
+  // ~DH
+
+  PEM_read_bio_PrivateKey: function(bp: PBIO; x: PPEVP_PKEY; cb: pem_password_cb; u: Pointer): PEVP_PKEY cdecl = nil;
+  PEM_write_bio_PrivateKey: function(bp: PBIO; x: PEVP_PKEY; const enc: PEVP_CIPHER; kstr: PByte; klen: TIdC_INT; cb: pem_password_cb; u: Pointer): TIdC_INT cdecl = nil;
+
+  PEM_read_bio_PUBKEY: function(bp: PBIO; x: PPEVP_PKEY; cb: pem_password_cb; u: Pointer): PEVP_PKEY cdecl = nil;
+  PEM_write_bio_PUBKEY: function(bp: PBIO; x: PEVP_PKEY): TIdC_INT cdecl = nil;
+
+  PEM_write_bio_PrivateKey_traditional: function(bp: PBIO; x: PEVP_PKEY; const enc: PEVP_CIPHER; kstr: PByte; klen: TIdC_INT; cb: pem_password_cb; u: Pointer): TIdC_INT cdecl = nil;
+  PEM_write_bio_PKCS8PrivateKey_nid: function(bp: PBIO; x: PEVP_PKEY; nid: TIdC_INT; kstr: PIdAnsiChar; klen: TIdC_INT; cb: pem_password_cb; u: Pointer): TIdC_INT cdecl = nil;
+  PEM_write_bio_PKCS8PrivateKey: function(bp: PBIO; x: PEVP_PKEY_METHOD; const enc: PEVP_CIPHER; kstr: PIdAnsiChar; klen: TIdC_INT; cb: pem_password_cb; u: Pointer): TIdC_INT cdecl = nil;
+  i2d_PKCS8PrivateKey_bio: function(bp: PBIO; x: PEVP_PKEY; const enc: PEVP_CIPHER_CTX; kstr: PIdAnsiChar; klen: TIdC_INT; cb: pem_password_cb; u: Pointer): TIdC_INT cdecl = nil;
+  i2d_PKCS8PrivateKey_nid_bio: function(bp: PBIO; x: PEVP_PKEY; nid: TIdC_INT; kstr: PIdAnsiChar; klen: TIdC_INT; cb: pem_password_cb; u: Pointer): TIdC_INT cdecl = nil;
+  d2i_PKCS8PrivateKey_bio: function(bp: PBIO; x: PPEVP_PKEY_CTX; cb: pem_password_cb; u: Pointer): PEVP_PKEY cdecl = nil;
+
+  PEM_read_bio_Parameters: function(bp: PBIO; x: PPEVP_PKEY): PEVP_PKEY cdecl = nil;
+  PEM_write_bio_Parameters: function(bp: PBIO; x: PEVP_PKEY): TIdC_INT cdecl = nil;
+
+  b2i_PrivateKey: function(const &in: PPByte; length: TIdC_LONG): PEVP_PKEY cdecl = nil;
+  b2i_PublicKey: function(const &in: PPByte; length: TIdC_LONG): PEVP_PKEY cdecl = nil;
+  b2i_PrivateKey_bio: function(&in: PBIO): PEVP_PKEY cdecl = nil;
+  b2i_PublicKey_bio: function(&in: PBIO): PEVP_PKEY cdecl = nil;
+  i2b_PrivateKey_bio: function(&out: PBIO; pk: PEVP_PKEY): TIdC_INT cdecl = nil;
+  i2b_PublicKey_bio: function(&out: PBIO; pk: PEVP_PKEY): TIdC_INT cdecl = nil;
+  b2i_PVK_bio: function(&in: PBIO; cb: pem_password_cb; u: Pointer): PEVP_PKEY cdecl = nil;
+  i2b_PVK_bio: function(&out: PBIO; pk: PEVP_PKEY; enclevel: TIdC_INT; cb: pem_password_cb; u: Pointer): TIdC_INT cdecl = nil;
+
+implementation
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+
+  function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
+  begin
+    Result := LoadLibFunction(ADllHandle, AMethodName);
+    if not Assigned(Result) then
+      AFailed.Add(AMethodName);
+  end;
+
+begin
+  PEM_get_EVP_CIPHER_INFO := LoadFunction('PEM_get_EVP_CIPHER_INFO', AFailed);
+  PEM_do_header := LoadFunction('PEM_do_header', AFailed);
+  PEM_read_bio := LoadFunction('PEM_read_bio', AFailed);
+  PEM_read_bio_ex := LoadFunction('PEM_read_bio_ex', AFailed);
+  PEM_bytes_read_bio_secmem := LoadFunction('PEM_bytes_read_bio_secmem', AFailed);
+  PEM_write_bio := LoadFunction('PEM_write_bio', AFailed);
+  PEM_bytes_read_bio := LoadFunction('PEM_bytes_read_bio', AFailed);
+  PEM_ASN1_read_bio := LoadFunction('PEM_ASN1_read_bio', AFailed);
+  PEM_ASN1_write_bio := LoadFunction('PEM_ASN1_write_bio', AFailed);
+  PEM_X509_INFO_write_bio := LoadFunction('PEM_X509_INFO_write_bio', AFailed);
+  PEM_SignInit := LoadFunction('PEM_SignInit', AFailed);
+  PEM_SignUpdate := LoadFunction('PEM_SignUpdate', AFailed);
+  PEM_SignFinal := LoadFunction('PEM_SignFinal', AFailed);
+  PEM_def_callback := LoadFunction('PEM_def_callback', AFailed);
+  PEM_proc_type := LoadFunction('PEM_proc_type', AFailed);
+  PEM_dek_info := LoadFunction('PEM_dek_info', AFailed);
+  PEM_read_bio_X509 := LoadFunction('PEM_read_bio_X509', AFailed);
+  PEM_write_bio_X509 := LoadFunction('PEM_write_bio_X509', AFailed);
+  PEM_read_bio_X509_AUX := LoadFunction('PEM_read_bio_X509_AUX', AFailed);
+  PEM_write_bio_X509_AUX := LoadFunction('PEM_write_bio_X509_AUX', AFailed);
+  PEM_read_bio_X509_REQ := LoadFunction('PEM_read_bio_X509_REQ', AFailed);
+  PEM_write_bio_X509_REQ := LoadFunction('PEM_write_bio_X509_REQ', AFailed);
+  PEM_write_bio_X509_REQ_NEW := LoadFunction('PEM_write_bio_X509_REQ_NEW', AFailed);
+  PEM_read_bio_X509_CRL := LoadFunction('PEM_read_bio_X509_CRL', AFailed);
+  PEM_write_bio_X509_CRL := LoadFunction('PEM_write_bio_X509_CRL', AFailed);
+  PEM_read_bio_PKCS7 := LoadFunction('PEM_read_bio_PKCS7', AFailed);
+  PEM_write_bio_PKCS7 := LoadFunction('PEM_write_bio_PKCS7', AFailed);
+  PEM_read_bio_PKCS8 := LoadFunction('PEM_read_bio_PKCS8', AFailed);
+  PEM_write_bio_PKCS8 := LoadFunction('PEM_write_bio_PKCS8', AFailed);
+  PEM_read_bio_PKCS8_PRIV_KEY_INFO := LoadFunction('PEM_read_bio_PKCS8_PRIV_KEY_INFO', AFailed);
+  PEM_write_bio_PKCS8_PRIV_KEY_INFO := LoadFunction('PEM_write_bio_PKCS8_PRIV_KEY_INFO', AFailed);
+  PEM_read_bio_RSAPrivateKey := LoadFunction('PEM_read_bio_RSAPrivateKey', AFailed);
+  PEM_write_bio_RSAPrivateKey := LoadFunction('PEM_write_bio_RSAPrivateKey', AFailed);
+  PEM_read_bio_RSAPublicKey := LoadFunction('PEM_read_bio_RSAPublicKey', AFailed);
+  PEM_write_bio_RSAPublicKey := LoadFunction('PEM_write_bio_RSAPublicKey', AFailed);
+  PEM_read_bio_RSA_PUBKEY := LoadFunction('PEM_read_bio_RSA_PUBKEY', AFailed);
+  PEM_write_bio_RSA_PUBKEY := LoadFunction('PEM_write_bio_RSA_PUBKEY', AFailed);
+  PEM_read_bio_DSAPrivateKey := LoadFunction('PEM_read_bio_DSAPrivateKey', AFailed);
+  PEM_write_bio_DSAPrivateKey := LoadFunction('PEM_write_bio_DSAPrivateKey', AFailed);
+  PEM_read_bio_DSA_PUBKEY := LoadFunction('PEM_read_bio_DSA_PUBKEY', AFailed);
+  PEM_write_bio_DSA_PUBKEY := LoadFunction('PEM_write_bio_DSA_PUBKEY', AFailed);
+  PEM_read_bio_DSAparams := LoadFunction('PEM_read_bio_DSAparams', AFailed);
+  PEM_write_bio_DSAparams := LoadFunction('PEM_write_bio_DSAparams', AFailed);
+  PEM_read_bio_ECPKParameters := LoadFunction('PEM_read_bio_ECPKParameters', AFailed);
+  PEM_write_bio_ECPKParameters := LoadFunction('PEM_write_bio_ECPKParameters', AFailed);
+  PEM_read_bio_ECPrivateKey := LoadFunction('PEM_read_bio_ECPrivateKey', AFailed);
+  PEM_write_bio_ECPrivateKey := LoadFunction('PEM_write_bio_ECPrivateKey', AFailed);
+  PEM_read_bio_EC_PUBKEY := LoadFunction('PEM_read_bio_EC_PUBKEY', AFailed);
+  PEM_write_bio_EC_PUBKEY := LoadFunction('PEM_write_bio_EC_PUBKEY', AFailed);
+  PEM_read_bio_DHparams := LoadFunction('PEM_read_bio_DHparams', AFailed);
+  PEM_write_bio_DHparams := LoadFunction('PEM_write_bio_DHparams', AFailed);
+  PEM_write_bio_DHxparams := LoadFunction('PEM_write_bio_DHxparams', AFailed);
+  PEM_read_bio_PrivateKey := LoadFunction('PEM_read_bio_PrivateKey', AFailed);
+  PEM_write_bio_PrivateKey := LoadFunction('PEM_write_bio_PrivateKey', AFailed);
+  PEM_read_bio_PUBKEY := LoadFunction('PEM_read_bio_PUBKEY', AFailed);
+  PEM_write_bio_PUBKEY := LoadFunction('PEM_write_bio_PUBKEY', AFailed);
+  PEM_write_bio_PrivateKey_traditional := LoadFunction('PEM_write_bio_PrivateKey_traditional', AFailed);
+  PEM_write_bio_PKCS8PrivateKey_nid := LoadFunction('PEM_write_bio_PKCS8PrivateKey_nid', AFailed);
+  PEM_write_bio_PKCS8PrivateKey := LoadFunction('PEM_write_bio_PKCS8PrivateKey', AFailed);
+  i2d_PKCS8PrivateKey_bio := LoadFunction('i2d_PKCS8PrivateKey_bio', AFailed);
+  i2d_PKCS8PrivateKey_nid_bio := LoadFunction('i2d_PKCS8PrivateKey_nid_bio', AFailed);
+  d2i_PKCS8PrivateKey_bio := LoadFunction('d2i_PKCS8PrivateKey_bio', AFailed);
+  PEM_read_bio_Parameters := LoadFunction('PEM_read_bio_Parameters', AFailed);
+  PEM_write_bio_Parameters := LoadFunction('PEM_write_bio_Parameters', AFailed);
+  b2i_PrivateKey := LoadFunction('b2i_PrivateKey', AFailed);
+  b2i_PublicKey := LoadFunction('b2i_PublicKey', AFailed);
+  b2i_PrivateKey_bio := LoadFunction('b2i_PrivateKey_bio', AFailed);
+  b2i_PublicKey_bio := LoadFunction('b2i_PublicKey_bio', AFailed);
+  i2b_PrivateKey_bio := LoadFunction('i2b_PrivateKey_bio', AFailed);
+  i2b_PublicKey_bio := LoadFunction('i2b_PublicKey_bio', AFailed);
+  b2i_PVK_bio := LoadFunction('b2i_PVK_bio', AFailed);
+  i2b_PVK_bio := LoadFunction('i2b_PVK_bio', AFailed);
+end;
+
+procedure UnLoad;
+begin
+  PEM_get_EVP_CIPHER_INFO := nil;
+  PEM_do_header := nil;
+  PEM_read_bio := nil;
+  PEM_read_bio_ex := nil;
+  PEM_bytes_read_bio_secmem := nil;
+  PEM_write_bio := nil;
+  PEM_bytes_read_bio := nil;
+  PEM_ASN1_read_bio := nil;
+  PEM_ASN1_write_bio := nil;
+  PEM_X509_INFO_write_bio := nil;
+  PEM_SignInit := nil;
+  PEM_SignUpdate := nil;
+  PEM_SignFinal := nil;
+  PEM_def_callback := nil;
+  PEM_proc_type := nil;
+  PEM_dek_info := nil;
+  PEM_read_bio_X509 := nil;
+  PEM_write_bio_X509 := nil;
+  PEM_read_bio_X509_AUX := nil;
+  PEM_write_bio_X509_AUX := nil;
+  PEM_read_bio_X509_REQ := nil;
+  PEM_write_bio_X509_REQ := nil;
+  PEM_write_bio_X509_REQ_NEW := nil;
+  PEM_read_bio_X509_CRL := nil;
+  PEM_write_bio_X509_CRL := nil;
+  PEM_read_bio_PKCS7 := nil;
+  PEM_write_bio_PKCS7 := nil;
+  PEM_read_bio_PKCS8 := nil;
+  PEM_write_bio_PKCS8 := nil;
+  PEM_read_bio_PKCS8_PRIV_KEY_INFO := nil;
+  PEM_write_bio_PKCS8_PRIV_KEY_INFO := nil;
+  PEM_read_bio_RSAPrivateKey := nil;
+  PEM_write_bio_RSAPrivateKey := nil;
+  PEM_read_bio_RSAPublicKey := nil;
+  PEM_write_bio_RSAPublicKey := nil;
+  PEM_read_bio_RSA_PUBKEY := nil;
+  PEM_write_bio_RSA_PUBKEY := nil;
+  PEM_read_bio_DSAPrivateKey := nil;
+  PEM_write_bio_DSAPrivateKey := nil;
+  PEM_read_bio_DSA_PUBKEY := nil;
+  PEM_write_bio_DSA_PUBKEY := nil;
+  PEM_read_bio_DSAparams := nil;
+  PEM_write_bio_DSAparams := nil;
+  PEM_read_bio_ECPKParameters := nil;
+  PEM_write_bio_ECPKParameters := nil;
+  PEM_read_bio_ECPrivateKey := nil;
+  PEM_write_bio_ECPrivateKey := nil;
+  PEM_read_bio_EC_PUBKEY := nil;
+  PEM_write_bio_EC_PUBKEY := nil;
+  PEM_read_bio_DHparams := nil;
+  PEM_write_bio_DHparams := nil;
+  PEM_write_bio_DHxparams := nil;
+  PEM_read_bio_PrivateKey := nil;
+  PEM_write_bio_PrivateKey := nil;
+  PEM_read_bio_PUBKEY := nil;
+  PEM_write_bio_PUBKEY := nil;
+  PEM_write_bio_PrivateKey_traditional := nil;
+  PEM_write_bio_PKCS8PrivateKey_nid := nil;
+  PEM_write_bio_PKCS8PrivateKey := nil;
+  i2d_PKCS8PrivateKey_bio := nil;
+  i2d_PKCS8PrivateKey_nid_bio := nil;
+  d2i_PKCS8PrivateKey_bio := nil;
+  PEM_read_bio_Parameters := nil;
+  PEM_write_bio_Parameters := nil;
+  b2i_PrivateKey := nil;
+  b2i_PublicKey := nil;
+  b2i_PrivateKey_bio := nil;
+  b2i_PublicKey_bio := nil;
+  i2b_PrivateKey_bio := nil;
+  i2b_PublicKey_bio := nil;
+  b2i_PVK_bio := nil;
+  i2b_PVK_bio := nil;
+end;
+{$ENDREGION}
+
+end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_pemerr.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_pemerr.pas
new file mode 100644
index 000000000..99e7ce3bb
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_pemerr.pas
@@ -0,0 +1,154 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 15:01:04
+
+unit IdOpenSSLHeaders_pemerr;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// pemerr.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  Classes,
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+const
+  // PEM function codes
+  PEM_F_B2I_DSS                      = 127;
+  PEM_F_B2I_PVK_BIO                  = 128;
+  PEM_F_B2I_RSA                      = 129;
+  PEM_F_CHECK_BITLEN_DSA             = 130;
+  PEM_F_CHECK_BITLEN_RSA             = 131;
+  PEM_F_D2I_PKCS8PRIVATEKEY_BIO      = 120;
+  PEM_F_D2I_PKCS8PRIVATEKEY_FP       = 121;
+  PEM_F_DO_B2I                       = 132;
+  PEM_F_DO_B2I_BIO                   = 133;
+  PEM_F_DO_BLOB_HEADER               = 134;
+  PEM_F_DO_I2B                       = 146;
+  PEM_F_DO_PK8PKEY                   = 126;
+  PEM_F_DO_PK8PKEY_FP                = 125;
+  PEM_F_DO_PVK_BODY                  = 135;
+  PEM_F_DO_PVK_HEADER                = 136;
+  PEM_F_GET_HEADER_AND_DATA          = 143;
+  PEM_F_GET_NAME                     = 144;
+  PEM_F_I2B_PVK                      = 137;
+  PEM_F_I2B_PVK_BIO                  = 138;
+  PEM_F_LOAD_IV                      = 101;
+  PEM_F_PEM_ASN1_READ                = 102;
+  PEM_F_PEM_ASN1_READ_BIO            = 103;
+  PEM_F_PEM_ASN1_WRITE               = 104;
+  PEM_F_PEM_ASN1_WRITE_BIO           = 105;
+  PEM_F_PEM_DEF_CALLBACK             = 100;
+  PEM_F_PEM_DO_HEADER                = 106;
+  PEM_F_PEM_GET_EVP_CIPHER_INFO      = 107;
+  PEM_F_PEM_READ                     = 108;
+  PEM_F_PEM_READ_BIO                 = 109;
+  PEM_F_PEM_READ_BIO_DHPARAMS        = 141;
+  PEM_F_PEM_READ_BIO_EX              = 145;
+  PEM_F_PEM_READ_BIO_PARAMETERS      = 140;
+  PEM_F_PEM_READ_BIO_PRIVATEKEY      = 123;
+  PEM_F_PEM_READ_DHPARAMS            = 142;
+  PEM_F_PEM_READ_PRIVATEKEY          = 124;
+  PEM_F_PEM_SIGNFINAL                = 112;
+  PEM_F_PEM_WRITE                    = 113;
+  PEM_F_PEM_WRITE_BIO                = 114;
+  PEM_F_PEM_WRITE_PRIVATEKEY         = 139;
+  PEM_F_PEM_X509_INFO_READ           = 115;
+  PEM_F_PEM_X509_INFO_READ_BIO       = 116;
+  PEM_F_PEM_X509_INFO_WRITE_BIO      = 117;
+  // PEM reason codes
+  PEM_R_BAD_BASE64_DECODE            = 100;
+  PEM_R_BAD_DECRYPT                  = 101;
+  PEM_R_BAD_END_LINE                 = 102;
+  PEM_R_BAD_IV_CHARS                 = 103;
+  PEM_R_BAD_MAGIC_NUMBER             = 116;
+  PEM_R_BAD_PASSWORD_READ            = 104;
+  PEM_R_BAD_VERSION_NUMBER           = 117;
+  PEM_R_BIO_WRITE_FAILURE            = 118;
+  PEM_R_CIPHER_IS_NULL               = 127;
+  PEM_R_ERROR_CONVERTING_PRIVATE_KEY = 115;
+  PEM_R_EXPECTING_PRIVATE_KEY_BLOB   = 119;
+  PEM_R_EXPECTING_PUBLIC_KEY_BLOB    = 120;
+  PEM_R_HEADER_TOO_LONG              = 128;
+  PEM_R_INCONSISTENT_HEADER          = 121;
+  PEM_R_KEYBLOB_HEADER_PARSE_ERROR   = 122;
+  PEM_R_KEYBLOB_TOO_SHORT            = 123;
+  PEM_R_MISSING_DEK_IV               = 129;
+  PEM_R_NOT_DEK_INFO                 = 105;
+  PEM_R_NOT_ENCRYPTED                = 106;
+  PEM_R_NOT_PROC_TYPE                = 107;
+  PEM_R_NO_START_LINE                = 108;
+  PEM_R_PROBLEMS_GETTING_PASSWORD    = 109;
+  PEM_R_PVK_DATA_TOO_SHORT           = 124;
+  PEM_R_PVK_TOO_SHORT                = 125;
+  PEM_R_READ_KEY                     = 111;
+  PEM_R_SHORT_HEADER                 = 112;
+  PEM_R_UNEXPECTED_DEK_IV            = 130;
+  PEM_R_UNSUPPORTED_CIPHER           = 113;
+  PEM_R_UNSUPPORTED_ENCRYPTION       = 114;
+  PEM_R_UNSUPPORTED_KEY_COMPONENTS   = 126;
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+procedure UnLoad;
+{$ENDREGION}
+
+var
+  ERR_load_PEM_strings: function: TIdC_INT cdecl = nil;
+
+implementation
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+
+  function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
+  begin
+    Result := LoadLibFunction(ADllHandle, AMethodName);
+    if not Assigned(Result) then
+      AFailed.Add(AMethodName);
+  end;
+
+begin
+  ERR_load_PEM_strings := LoadFunction('ERR_load_PEM_strings', AFailed);
+end;
+
+procedure UnLoad;
+begin
+  ERR_load_PEM_strings := nil;
+end;
+{$ENDREGION}
+
+end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_pkcs7.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_pkcs7.pas
new file mode 100644
index 000000000..f8e69a6c1
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_pkcs7.pas
@@ -0,0 +1,467 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 15:01:04
+
+unit IdOpenSSLHeaders_pkcs7;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// pkcs7.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  Classes,
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts,
+  IdOpenSSLHeaders_ossl_typ;
+
+const
+  PKCS7_S_HEADER = 0;
+  PKCS7_S_BODY   = 1;
+  PKCS7_S_TAIL   = 2;
+
+  PKCS7_OP_SET_DETACHED_SIGNATURE = 1;
+  PKCS7_OP_GET_DETACHED_SIGNATURE = 2;
+
+  (* S/MIME related flags *)
+  PKCS7_TEXT            =     $1;
+  PKCS7_NOCERTS         =     $2;
+  PKCS7_NOSIGS          =     $4;
+  PKCS7_NOCHAIN         =     $8;
+  PKCS7_NOINTERN        =    $10;
+  PKCS7_NOVERIFY        =    $20;
+  PKCS7_DETACHED        =    $40;
+  PKCS7_BINARY          =    $80;
+  PKCS7_NOATTR          =   $100;
+  PKCS7_NOSMIMECAP      =   $200;
+  PKCS7_NOOLDMIMETYPE   =   $400;
+  PKCS7_CRLFEOL         =   $800;
+  // Added '_CONST' to avoid name clashes
+  PKCS7_STREAM_CONST    =  $1000;
+  PKCS7_NOCRL           =  $2000;
+  PKCS7_PARTIAL         =  $4000;
+  PKCS7_REUSE_DIGEST    =  $8000;
+  PKCS7_NO_DUAL_CONTENT = $10000;
+
+  (* Flags: for compatibility with older code *)
+  SMIME_TEXT      = PKCS7_TEXT;
+  SMIME_NOCERTS   = PKCS7_NOCERTS;
+  SMIME_NOSIGS    = PKCS7_NOSIGS;
+  SMIME_NOCHAIN   = PKCS7_NOCHAIN;
+  SMIME_NOINTERN  = PKCS7_NOINTERN;
+  SMIME_NOVERIFY  = PKCS7_NOVERIFY;
+  SMIME_DETACHED  = PKCS7_DETACHED;
+  SMIME_BINARY    = PKCS7_BINARY;
+  SMIME_NOATTR    = PKCS7_NOATTR;
+
+  (* CRLF ASCII canonicalisation *)
+  SMIME_ASCIICRLF = $80000;
+
+type
+  PPKCS7 = ^PKCS7;
+  PPPKCS7 = ^PPKCS7;
+
+  PPKCS7_DIGEST = ^PKCS7_DIGEST;
+  PPPKCS7_DIGEST = ^PPKCS7_DIGEST;
+
+  pkcs7_issuer_and_serial_st = record
+    issue: PX509_NAME;
+    serial: PASN1_INTEGER;
+  end;
+  PKCS7_ISSUER_AND_SERIAL = pkcs7_issuer_and_serial_st;
+  PPKCS7_ISSUER_AND_SERIAL = ^PKCS7_ISSUER_AND_SERIAL;
+  PPPKCS7_ISSUER_AND_SERIAL = ^PPKCS7_ISSUER_AND_SERIAL;
+
+  pkcs7_signer_info_st = record
+    version: PASN1_INTEGER;
+    issuer_and_serial: PPKCS7_ISSUER_AND_SERIAL;
+    digest_alg: PX509_ALGOR;
+    auth_attr: Pointer; //PSTACK_OF_X509_ATTRIBUTE;
+    digest_enc_alg: PX509_ALGOR;
+    enc_digest: PASN1_OCTET_STRING;
+    unauth_attr: Pointer; //PSTACK_OF_X509_ATTRIBUTE;
+    pkey: PEVP_PKEY;
+  end;
+  PKCS7_SIGNER_INFO = pkcs7_issuer_and_serial_st;
+  PPKCS7_SIGNER_INFO = ^PKCS7_SIGNER_INFO;
+  PPPKCS7_SIGNER_INFO = ^PPKCS7_SIGNER_INFO;
+
+  pkcs7_recip_info_st = record
+    version: PASN1_INTEGER;
+    issuer_and_serial: PPKCS7_ISSUER_AND_SERIAL;
+    key_enc_algor: PX509_ALGOR;
+    enc_key: PASN1_OCTET_STRING;
+    cert: PX509;
+  end;
+  PKCS7_RECIP_INFO = pkcs7_recip_info_st;
+  PPKCS7_RECIP_INFO = ^PKCS7_RECIP_INFO;
+  PPPKCS7_RECIP_INFO = ^PPKCS7_RECIP_INFO;
+
+  pkcs7_signed_st = record
+    version: PASN1_INTEGER;
+    md_algs: Pointer; //PSTACK_OF_X509_ALGOR;
+    cert: Pointer; //PSTACK_OF_X509;
+    crl: Pointer; //PSTACK_OF_X509_CRL;
+    signer_info: Pointer; //PSTACK_OF_PKCS7_SIGNER_INFO;
+    contents: PPKCS7;
+  end;
+  PKCS7_SIGNED = pkcs7_signed_st;
+  PPKCS7_SIGNED = ^PKCS7_SIGNED;
+  PPPKCS7_SIGNED = ^PPKCS7_SIGNED;
+
+  pkcs7_enc_content_st = record
+    content_type: PASN1_OBJECT;
+    algorithm: PX509_ALGOR;
+    enc_data: PASN1_OCTET_STRING;
+    cipher: PEVP_CIPHER;
+  end;
+  PKCS7_ENC_CONTENT = pkcs7_enc_content_st;
+  PPKCS7_ENC_CONTENT = ^PKCS7_ENC_CONTENT;
+  PPPKCS7_ENC_CONTENT = ^PPKCS7_ENC_CONTENT;
+
+  pkcs7_enveloped_st = record
+    version: PASN1_INTEGER;
+    recipientinfo: Pointer; //PSTACK_OF_PKCS7_RECIP_INFO;
+    enc_data: PPKCS7_ENC_CONTENT;
+  end;
+  PKCS7_ENVELOPE = pkcs7_enveloped_st;
+  PPKCS7_ENVELOPE = ^PKCS7_ENVELOPE;
+  PPPKCS7_ENVELOPE = ^PPKCS7_ENVELOPE;
+
+  pkcs7_signedandenveloped_st = record
+    version: PASN1_INTEGER;
+    md_algs: Pointer; //PSTACK_OF_X509_ALGOR;
+    cert: Pointer; //PSTACK_OF_X509;
+    crl: Pointer; //PSTACK_OF_X509_CRL;
+    signer_info: Pointer; //PSTACK_OF_PKCS7_SIGNER_INFO;
+    enc_data: PPKCS7_ENC_CONTENT;
+    recipientinfo: Pointer; //PSTACK_OF_PKCS7_RECIP_INFO;
+  end;
+  PKCS7_SIGN_ENVELOPE = pkcs7_signedandenveloped_st;
+  PPKCS7_SIGN_ENVELOPE = ^PKCS7_SIGN_ENVELOPE;
+  PPPKCS7_SIGN_ENVELOPE = ^PPKCS7_SIGN_ENVELOPE;
+
+  pkcs7_encrypted_st = record
+    version: PASN1_INTEGER;
+    enc_data: PPKCS7_ENC_CONTENT;
+  end;
+  // Added '_STRUCT' to avoid name clashes
+  PKCS7_ENCRYPT_STRUCT = pkcs7_encrypted_st;
+  PPKCS7_ENCRYPT_STRUCT = ^PKCS7_ENCRYPT_STRUCT;
+  PPPKCS7_ENCRYPT_STRUCT = ^PPKCS7_ENCRYPT_STRUCT;
+
+  pkcs7_st_d = record
+    case Integer of
+    0: (ptr: PIdAnsiChar);
+    1: (data: PASN1_OCTET_STRING);
+    2: (sign: PPKCS7_SIGNED);
+    3: (enveloped: PPKCS7_ENVELOPE);
+    4: (signed_and_enveloped: PPKCS7_SIGN_ENVELOPE);
+    5: (digest: PPKCS7_DIGEST);
+    6: (encrypted: PPKCS7_ENCRYPT_STRUCT);
+    7: (other: PASN1_TYPE);
+  end;
+  pkcs7_st = record
+    asn1: PByte;
+    length: TIdC_LONG;
+    state: TIdC_INT;
+    detached: TIdC_INT;
+    &type: PASN1_OBJECT;
+    d: pkcs7_st_d;
+  end;
+  PKCS7 = pkcs7_st;
+
+  pkcs7_digest_st = record
+    version: PASN1_INTEGER;
+    md: PX509_ALGOR;
+    contents: PPKCS7;
+    digest: PASN1_OCTET_STRING;
+  end;
+  PKCS7_DIGEST = pkcs7_digest_st;
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+procedure UnLoad;
+{$ENDREGION}
+
+var
+  //function PKCS7_ISSUER_AND_SERIAL_new: PPKCS7_ISSUER_AND_SERIAL;
+  //procedure PKCS7_ISSUER_AND_SERIAL_free(a: PPKCS7_ISSUER_AND_SERIAL);
+  //function d2i_PKCS7_ISSUER_AND_SERIAL(a: PPPKCS7_ISSUER_AND_SERIAL; const &in: PByte; len: TIdC_LONG): PPKCS7_ISSUER_AND_SERIAL;
+  //function i2d_PKCS7_ISSUER_AND_SERIAL(const a: PPKCS7_ISSUER_AND_SERIAL; &out: PByte): TIdC_INT;
+  //function PKCS7_ISSUER_AND_SERIAL_it: PASN1_ITEM;
+
+  PKCS7_ISSUER_AND_SERIAL_digest: function(data: PPKCS7_ISSUER_AND_SERIAL; const &type: PEVP_MD; md: PByte; len: PIdC_UINT): TIdC_INT cdecl = nil;
+
+  PKCS7_dup: function(p7: PPKCS7): PPKCS7 cdecl = nil;
+  d2i_PKCS7_bio: function(bp: PBIO; p7: PPPKCS7): PPKCS7 cdecl = nil;
+  i2d_PKCS7_bio: function(bp: PBIO; p7: PPKCS7): TIdC_INT cdecl = nil;
+  i2d_PKCS7_bio_stream: function(&out: PBIO; p7: PPKCS7; &in: PBIO; flags: TIdC_INT): TIdC_INT cdecl = nil;
+  PEM_write_bio_PKCS7_stream: function(&out: PBIO; p7: PPKCS7; &in: PBIO; flags: TIdC_INT): TIdC_INT cdecl = nil;
+
+//  function PKCS7_SIGNER_INFO_new: PPKCS7_SIGNER_INFO;
+//  procedure PKCS7_SIGNER_INFO_free(a: PPKCS7_SIGNER_INFO);
+//  function d2i_PKCS7_SIGNER_INFO(a: PPPKCS7_SIGNER_INFO; const &in: PByte; len: TIdC_LONG): PPKCS7_SIGNER_INFO;
+//  function i2d_PKCS7_SIGNER_INFO(const a: PPKCS7_SIGNER_INFO; &out: PByte): TIdC_INT;
+//  function PKCS7_SIGNER_INFO_it: PASN1_ITEM;
+//
+//  function PKCS7_RECIP_INFO_new: PPKCS7_RECIP_INFO;
+//  procedure PKCS7_RECIP_INFO_free(a: PPKCS7_RECIP_INFO);
+//  function d2i_PKCS7_RECIP_INFO(a: PPPKCS7_RECIP_INFO; const &in: PByte; len: TIdC_LONG): PPKCS7_RECIP_INFO;
+//  function i2d_PKCS7_RECIP_INFO(const a: PPKCS7_RECIP_INFO; &out: PByte): TIdC_INT;
+//  function PKCS7_RECIP_INFO_it: PASN1_ITEM;
+//
+//  function PKCS7_SIGNED_new: PPKCS7_SIGNED;
+//  procedure PKCS7_SIGNED_free(a: PPKCS7_SIGNED);
+//  function d2i_PKCS7_SIGNED(a: PPPKCS7_SIGNED; const &in: PByte; len: TIdC_LONG): PPKCS7_SIGNED;
+//  function i2d_PKCS7_SIGNED(const a: PPKCS7_SIGNED; &out: PByte): TIdC_INT;
+//  function PKCS7_SIGNED_it: PASN1_ITEM;
+//
+//  function PKCS7_ENC_CONTENT_new: PPKCS7_ENC_CONTENT;
+//  procedure PKCS7_ENC_CONTENT_free(a: PPKCS7_ENC_CONTENT);
+//  function d2i_PKCS7_ENC_CONTENT(a: PPPKCS7_ENC_CONTENT; const &in: PByte; len: TIdC_LONG): PPKCS7_ENC_CONTENT;
+//  function i2d_PKCS7_ENC_CONTENT(const a: PPKCS7_ENC_CONTENT; &out: PByte): TIdC_INT;
+//  function PKCS7_ENC_CONTENT_it: PASN1_ITEM;
+//
+//  function PKCS7_ENVELOPE_new: PPKCS7_ENVELOPE;
+//  procedure PKCS7_ENVELOPE_free(a: PPKCS7_ENVELOPE);
+//  function d2i_PKCS7_ENVELOPE(a: PPPKCS7_ENVELOPE; const &in: PByte; len: TIdC_LONG): PPKCS7_ENVELOPE;
+//  function i2d_PKCS7_ENVELOPE(const a: PPKCS7_ENVELOPE; &out: PByte): TIdC_INT;
+//  function PKCS7_ENVELOPE_it: PASN1_ITEM;
+//
+//  function PKCS7_SIGN_ENVELOPE_new: PPKCS7_SIGN_ENVELOPE;
+//  procedure PKCS7_SIGN_ENVELOPE_free(a: PPKCS7_SIGN_ENVELOPE);
+//  function d2i_PKCS7_SIGN_ENVELOPE(a: PPPKCS7_SIGN_ENVELOPE; const &in: PByte; len: TIdC_LONG): PPKCS7_SIGN_ENVELOPE;
+//  function i2d_PKCS7_SIGN_ENVELOPE(const a: PPKCS7_SIGN_ENVELOPE; &out: PByte): TIdC_INT;
+//  function PKCS7_SIGN_ENVELOPE_it: PASN1_ITEM;
+//
+//  function PKCS7_DIGEST_new: PPKCS7_DIGEST;
+//  procedure PKCS7_DIGEST_free(a: PPKCS7_DIGEST);
+//  function d2i_PKCS7_DIGEST(a: PPPKCS7_DIGEST; const &in: PByte; len: TIdC_LONG): PPKCS7_DIGEST;
+//  function i2d_PKCS7_DIGEST(const a: PPKCS7_DIGEST; &out: PByte): TIdC_INT;
+//  function PKCS7_DIGEST_it: PASN1_ITEM;
+//
+//  function PKCS7_ENCRYPT_new: PPKCS7_ENCRYPT_STRUCT;
+//  procedure PKCS7_ENCRYPT_free(a: PPKCS7_ENCRYPT_STRUCT);
+//  function d2i_PKCS7_ENCRYPT(a: PPPKCS7_ENCRYPT_STRUCT; const &in: PByte; len: TIdC_LONG): PPKCS7_ENCRYPT_STRUCT;
+//  function i2d_PKCS7_ENCRYPT(const a: PPKCS7_ENCRYPT_STRUCT; &out: PByte): TIdC_INT;
+//  function PKCS7_ENCRYPT_it: PASN1_ITEM;
+//
+//  function PKCS7_new: PPKCS7;
+//  procedure PKCS7_free(a: PPKCS7);
+//  function d2i_PKCS7(a: PPPKCS7; const &in: PByte; len: TIdC_LONG): PPKCS7;
+//  function i2d_PKCS7(const a: PPKCS7; &out: PByte): TIdC_INT;
+//  function PKCS7_it: PASN1_ITEM;
+//
+//  function PKCS7_ATTR_SIGN_it: PASN1_ITEM;
+//
+//  function PKCS7_ATTR_VERIFY_it: PASN1_ITEM;
+//
+//  function i2d_PKCS7_NDEF(const a: PPKCS7; &out: PPByte): TIdC_INT;
+//  function PKCS7_print_ctx(&out: PBIO; const x: PPKCS7; indent: TIdC_INT; const pctx: PASN1_PCTX): TIdC_INT;
+
+  PKCS7_ctrl: function(p7: PPKCS7; cmd: TIdC_INT; larg: TIdC_LONG; parg: PIdAnsiChar): TIdC_LONG cdecl = nil;
+
+  PKCS7_set_type: function(p7: PPKCS7; &type: TIdC_INT): TIdC_INT cdecl = nil;
+  PKCS7_set0_type_other: function(p7: PPKCS7; &type: TIdC_INT; other: PASN1_TYPE): TIdC_INT cdecl = nil;
+  PKCS7_set_content: function(p7: PPKCS7; p7_data: PPKCS7): TIdC_INT cdecl = nil;
+  PKCS7_SIGNER_INFO_set: function(p7i: PPKCS7_SIGNER_INFO; x509: PX509; pkey: PEVP_PKEY; const dgst: PEVP_MD): TIdC_INT cdecl = nil;
+  PKCS7_SIGNER_INFO_sign: function(si: PPKCS7_SIGNER_INFO): TIdC_INT cdecl = nil;
+  PKCS7_add_signer: function(p7: PPKCS7; p7i: PPKCS7_SIGNER_INFO): TIdC_INT cdecl = nil;
+  PKCS7_add_certificate: function(p7: PPKCS7; x509: PX509): TIdC_INT cdecl = nil;
+  PKCS7_add_crl: function(p7: PPKCS7; x509: PX509_CRL): TIdC_INT cdecl = nil;
+  PKCS7_content_new: function(p7: PPKCS7; nid: TIdC_INT): TIdC_INT cdecl = nil;
+  PKCS7_dataVerify: function(cert_store: PX509_STORE; ctx: PX509_STORE_CTX; bio: PBIO; p7: PPKCS7; si: PPKCS7_SIGNER_INFO): TIdC_INT cdecl = nil;
+  PKCS7_signatureVerify: function(bio: PBIO; p7: PPKCS7; si: PPKCS7_SIGNER_INFO; x509: PX509): TIdC_INT cdecl = nil;
+
+  PKCS7_dataInit: function(p7: PPKCS7; bio: PBIO): PBIO cdecl = nil;
+  PKCS7_dataFinal: function(p7: PPKCS7; bio: PBIO): TIdC_INT cdecl = nil;
+  PKCS7_dataDecode: function(p7: PPKCS7; pkey: PEVP_PKEY; in_bio: PBIO; pcert: PX509): PBIO cdecl = nil;
+
+  PKCS7_add_signature: function(p7: PPKCS7; x509: PX509; pkey: PEVP_PKEY; const dgst: PEVP_MD): PPKCS7_SIGNER_INFO cdecl = nil;
+  PKCS7_cert_from_signer_info: function(p7: PPKCS7; si: PPKCS7_SIGNER_INFO): PX509 cdecl = nil;
+  PKCS7_set_digest: function(p7: PPKCS7; const md: PEVP_MD): TIdC_INT cdecl = nil;
+//  function PKCS7_get_signer_info(p7: PPKCS7): PSTACK_OF_PKCS7_SIGNER_INFO;
+
+  PKCS7_add_recipient: function(p7: PPKCS7; x509: PX509): PPKCS7_RECIP_INFO cdecl = nil;
+  PKCS7_SIGNER_INFO_get0_algs: procedure(si: PPKCS7_SIGNER_INFO; pk: PPEVP_PKEY; pdig: PPX509_ALGOR; psig: PPX509_ALGOR) cdecl = nil;
+  PKCS7_RECIP_INFO_get0_alg: procedure(ri: PPKCS7_RECIP_INFO; penc: PPX509_ALGOR) cdecl = nil;
+  PKCS7_add_recipient_info: function(p7: PPKCS7; ri: PPKCS7_RECIP_INFO): TIdC_INT cdecl = nil;
+  PKCS7_RECIP_INFO_set: function(p7i: PPKCS7_RECIP_INFO; x509: PX509): TIdC_INT cdecl = nil;
+  PKCS7_set_cipher: function(p7: PPKCS7; const cipher: PEVP_CIPHER): TIdC_INT cdecl = nil;
+  PKCS7_stream: function(boundary: PPPByte; p7: PPKCS7): TIdC_INT cdecl = nil;
+
+  PKCS7_get_issuer_and_serial: function(p7: PPKCS7; idx: TIdC_INT): PPKCS7_ISSUER_AND_SERIAL cdecl = nil;
+  //function PKCS7_digest_from_attributes(sk: Pointer{PSTACK_OF_X509_ATTRIBUTE}): PASN1_OCTET_STRING;
+  PKCS7_add_signed_attribute: function(p7si: PPKCS7_SIGNER_INFO; nid: TIdC_INT; &type: TIdC_INT; data: Pointer): TIdC_INT cdecl = nil;
+  PKCS7_add_attribute: function(p7si: PPKCS7_SIGNER_INFO; nid: TIdC_INT; atrtype: TIdC_INT; value: Pointer): TIdC_INT cdecl = nil;
+  PKCS7_get_attribute: function(si: PPKCS7_SIGNER_INFO; nid: TIdC_INT): PASN1_TYPE cdecl = nil;
+  PKCS7_get_signed_attribute: function(si: PPKCS7_SIGNER_INFO; nid: TIdC_INT): PASN1_TYPE cdecl = nil;
+  //function PKCS7_set_signed_attributes(p7si: PPKCS7_SIGNER_INFO; sk: PSTACK_OF_X509): TIdC_INT;
+  //function PKCS7_set_attributes(p7si: PPKCS7_SIGNER_INFO; sk: PSTACK_OF_X509_ATTRIBUTE): TIdC_INT;
+
+  //function PKCS7_sign(signcert: PX509; pkey: PEVP_PKEY; certs: PSTACK_OF_X509; data: PBIO; flags: TIdC_INT): PPKCS7;
+
+  PKCS7_sign_add_signer: function(p7: PPKCS7; signcert: PX509; pkey: PEVP_PKEY; const md: PEVP_MD; flags: TIdC_INT): PPKCS7_SIGNER_INFO cdecl = nil;
+
+  PKCS7_final: function(p7: PPKCS7; data: PBIO; flags: TIdC_INT): TIdC_INT cdecl = nil;
+  //function PKCS7_verify(p7: PPKCS7; certs: PSTACK_OF_X509; store: PX509_STORE; indata: PBIO; &out: PBIO; flags: TIdC_INT): TIdC_INT;
+  //function PKCS7_get0_signers(p7: PPKCS7; certs: PSTACK_OF_X509; flags: TIdC_INT): PSTACK_OF_X509;
+  //function PKCS7_encrypt(certs: PSTACK_OF_X509; &in: PBIO; const cipher: PEVP_CIPHER; flags: TIdC_INT): PPKCS7;
+  PKCS7_decrypt: function(p7: PPKCS7; pkey: PEVP_PKEY; cert: PX509; data: PBIO; flags: TIdC_INT): TIdC_INT cdecl = nil;
+
+  //function PKCS7_add_attrib_smimecap(si: PPKCS7_SIGNER_INFO; cap: PSTACK_OF_X509_ALGOR): TIdC_INT;
+  //function PKCS7_get_smimecap(si: PPKCS7_SIGNER_INFO): PSTACK_OF_X509_ALGOR;
+  //function PKCS7_simple_smimecap(sk: PSTACK_OF_X509_ALGOR; nid: TIdC_INT; arg: TIdC_INT): TIdC_INT;
+
+  PKCS7_add_attrib_content_type: function(si: PPKCS7_SIGNER_INFO; coid: PASN1_OBJECT): TIdC_INT cdecl = nil;
+  PKCS7_add0_attrib_signing_time: function(si: PPKCS7_SIGNER_INFO; t: PASN1_TIME): TIdC_INT cdecl = nil;
+  PKCS7_add1_attrib_digest: function(si: PPKCS7_SIGNER_INFO; const md: PByte; mdlen: TIdC_INT): TIdC_INT cdecl = nil;
+
+  SMIME_write_PKCS7: function(bio: PBIO; p7: PPKCS7; data: PBIO; flags: TIdC_INT): TIdC_INT cdecl = nil;
+  SMIME_read_PKCS7: function(bio: PBIO; bcont: PPBIO): PPKCS7 cdecl = nil;
+
+  BIO_new_PKCS7: function(&out: PBIO; p7: PPKCS7): PBIO cdecl = nil;
+
+implementation
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+
+  function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
+  begin
+    Result := LoadLibFunction(ADllHandle, AMethodName);
+    if not Assigned(Result) then
+      AFailed.Add(AMethodName);
+  end;
+
+begin
+  PKCS7_ISSUER_AND_SERIAL_digest := LoadFunction('PKCS7_ISSUER_AND_SERIAL_digest', AFailed);
+  PKCS7_dup := LoadFunction('PKCS7_dup', AFailed);
+  d2i_PKCS7_bio := LoadFunction('d2i_PKCS7_bio', AFailed);
+  i2d_PKCS7_bio := LoadFunction('i2d_PKCS7_bio', AFailed);
+  i2d_PKCS7_bio_stream := LoadFunction('i2d_PKCS7_bio_stream', AFailed);
+  PEM_write_bio_PKCS7_stream := LoadFunction('PEM_write_bio_PKCS7_stream', AFailed);
+  PKCS7_ctrl := LoadFunction('PKCS7_ctrl', AFailed);
+  PKCS7_set_type := LoadFunction('PKCS7_set_type', AFailed);
+  PKCS7_set0_type_other := LoadFunction('PKCS7_set0_type_other', AFailed);
+  PKCS7_set_content := LoadFunction('PKCS7_set_content', AFailed);
+  PKCS7_SIGNER_INFO_set := LoadFunction('PKCS7_SIGNER_INFO_set', AFailed);
+  PKCS7_SIGNER_INFO_sign := LoadFunction('PKCS7_SIGNER_INFO_sign', AFailed);
+  PKCS7_add_signer := LoadFunction('PKCS7_add_signer', AFailed);
+  PKCS7_add_certificate := LoadFunction('PKCS7_add_certificate', AFailed);
+  PKCS7_add_crl := LoadFunction('PKCS7_add_crl', AFailed);
+  PKCS7_content_new := LoadFunction('PKCS7_content_new', AFailed);
+  PKCS7_dataVerify := LoadFunction('PKCS7_dataVerify', AFailed);
+  PKCS7_signatureVerify := LoadFunction('PKCS7_signatureVerify', AFailed);
+  PKCS7_dataInit := LoadFunction('PKCS7_dataInit', AFailed);
+  PKCS7_dataFinal := LoadFunction('PKCS7_dataFinal', AFailed);
+  PKCS7_dataDecode := LoadFunction('PKCS7_dataDecode', AFailed);
+  PKCS7_add_signature := LoadFunction('PKCS7_add_signature', AFailed);
+  PKCS7_cert_from_signer_info := LoadFunction('PKCS7_cert_from_signer_info', AFailed);
+  PKCS7_set_digest := LoadFunction('PKCS7_set_digest', AFailed);
+  PKCS7_add_recipient := LoadFunction('PKCS7_add_recipient', AFailed);
+  PKCS7_SIGNER_INFO_get0_algs := LoadFunction('PKCS7_SIGNER_INFO_get0_algs', AFailed);
+  PKCS7_RECIP_INFO_get0_alg := LoadFunction('PKCS7_RECIP_INFO_get0_alg', AFailed);
+  PKCS7_add_recipient_info := LoadFunction('PKCS7_add_recipient_info', AFailed);
+  PKCS7_RECIP_INFO_set := LoadFunction('PKCS7_RECIP_INFO_set', AFailed);
+  PKCS7_set_cipher := LoadFunction('PKCS7_set_cipher', AFailed);
+  PKCS7_stream := LoadFunction('PKCS7_stream', AFailed);
+  PKCS7_get_issuer_and_serial := LoadFunction('PKCS7_get_issuer_and_serial', AFailed);
+  PKCS7_add_signed_attribute := LoadFunction('PKCS7_add_signed_attribute', AFailed);
+  PKCS7_add_attribute := LoadFunction('PKCS7_add_attribute', AFailed);
+  PKCS7_get_attribute := LoadFunction('PKCS7_get_attribute', AFailed);
+  PKCS7_get_signed_attribute := LoadFunction('PKCS7_get_signed_attribute', AFailed);
+  PKCS7_sign_add_signer := LoadFunction('PKCS7_sign_add_signer', AFailed);
+  PKCS7_final := LoadFunction('PKCS7_final', AFailed);
+  PKCS7_decrypt := LoadFunction('PKCS7_decrypt', AFailed);
+  PKCS7_add_attrib_content_type := LoadFunction('PKCS7_add_attrib_content_type', AFailed);
+  PKCS7_add0_attrib_signing_time := LoadFunction('PKCS7_add0_attrib_signing_time', AFailed);
+  PKCS7_add1_attrib_digest := LoadFunction('PKCS7_add1_attrib_digest', AFailed);
+  SMIME_write_PKCS7 := LoadFunction('SMIME_write_PKCS7', AFailed);
+  SMIME_read_PKCS7 := LoadFunction('SMIME_read_PKCS7', AFailed);
+  BIO_new_PKCS7 := LoadFunction('BIO_new_PKCS7', AFailed);
+end;
+
+procedure UnLoad;
+begin
+  PKCS7_ISSUER_AND_SERIAL_digest := nil;
+  PKCS7_dup := nil;
+  d2i_PKCS7_bio := nil;
+  i2d_PKCS7_bio := nil;
+  i2d_PKCS7_bio_stream := nil;
+  PEM_write_bio_PKCS7_stream := nil;
+  PKCS7_ctrl := nil;
+  PKCS7_set_type := nil;
+  PKCS7_set0_type_other := nil;
+  PKCS7_set_content := nil;
+  PKCS7_SIGNER_INFO_set := nil;
+  PKCS7_SIGNER_INFO_sign := nil;
+  PKCS7_add_signer := nil;
+  PKCS7_add_certificate := nil;
+  PKCS7_add_crl := nil;
+  PKCS7_content_new := nil;
+  PKCS7_dataVerify := nil;
+  PKCS7_signatureVerify := nil;
+  PKCS7_dataInit := nil;
+  PKCS7_dataFinal := nil;
+  PKCS7_dataDecode := nil;
+  PKCS7_add_signature := nil;
+  PKCS7_cert_from_signer_info := nil;
+  PKCS7_set_digest := nil;
+  PKCS7_add_recipient := nil;
+  PKCS7_SIGNER_INFO_get0_algs := nil;
+  PKCS7_RECIP_INFO_get0_alg := nil;
+  PKCS7_add_recipient_info := nil;
+  PKCS7_RECIP_INFO_set := nil;
+  PKCS7_set_cipher := nil;
+  PKCS7_stream := nil;
+  PKCS7_get_issuer_and_serial := nil;
+  PKCS7_add_signed_attribute := nil;
+  PKCS7_add_attribute := nil;
+  PKCS7_get_attribute := nil;
+  PKCS7_get_signed_attribute := nil;
+  PKCS7_sign_add_signer := nil;
+  PKCS7_final := nil;
+  PKCS7_decrypt := nil;
+  PKCS7_add_attrib_content_type := nil;
+  PKCS7_add0_attrib_signing_time := nil;
+  PKCS7_add1_attrib_digest := nil;
+  SMIME_write_PKCS7 := nil;
+  SMIME_read_PKCS7 := nil;
+  BIO_new_PKCS7 := nil;
+end;
+{$ENDREGION}
+
+end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_pkcs7err.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_pkcs7err.pas
new file mode 100644
index 000000000..e607492bd
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_pkcs7err.pas
@@ -0,0 +1,159 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 15:01:04
+
+unit IdOpenSSLHeaders_pkcs7err;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// pkcs7err.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  Classes,
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+const
+  (*
+   * PKCS7 function codes.
+   *)
+  PKCS7_F_DO_PKCS7_SIGNED_ATTRIB                     = 136;
+  PKCS7_F_PKCS7_ADD0_ATTRIB_SIGNING_TIME             = 135;
+  PKCS7_F_PKCS7_ADD_ATTRIB_SMIMECAP                  = 118;
+  PKCS7_F_PKCS7_ADD_CERTIFICATE                      = 100;
+  PKCS7_F_PKCS7_ADD_CRL                              = 101;
+  PKCS7_F_PKCS7_ADD_RECIPIENT_INFO                   = 102;
+  PKCS7_F_PKCS7_ADD_SIGNATURE                        = 131;
+  PKCS7_F_PKCS7_ADD_SIGNER                           = 103;
+  PKCS7_F_PKCS7_BIO_ADD_DIGEST                       = 125;
+  PKCS7_F_PKCS7_COPY_EXISTING_DIGEST                 = 138;
+  PKCS7_F_PKCS7_CTRL                                 = 104;
+  PKCS7_F_PKCS7_DATADECODE                           = 112;
+  PKCS7_F_PKCS7_DATAFINAL                            = 128;
+  PKCS7_F_PKCS7_DATAINIT                             = 105;
+  PKCS7_F_PKCS7_DATAVERIFY                           = 107;
+  PKCS7_F_PKCS7_DECRYPT                              = 114;
+  PKCS7_F_PKCS7_DECRYPT_RINFO                        = 133;
+  PKCS7_F_PKCS7_ENCODE_RINFO                         = 132;
+  PKCS7_F_PKCS7_ENCRYPT                              = 115;
+  PKCS7_F_PKCS7_FINAL                                = 134;
+  PKCS7_F_PKCS7_FIND_DIGEST                          = 127;
+  PKCS7_F_PKCS7_GET0_SIGNERS                         = 124;
+  PKCS7_F_PKCS7_RECIP_INFO_SET                       = 130;
+  PKCS7_F_PKCS7_SET_CIPHER                           = 108;
+  PKCS7_F_PKCS7_SET_CONTENT                          = 109;
+  PKCS7_F_PKCS7_SET_DIGEST                           = 126;
+  PKCS7_F_PKCS7_SET_TYPE                             = 110;
+  PKCS7_F_PKCS7_SIGN                                 = 116;
+  PKCS7_F_PKCS7_SIGNATUREVERIFY                      = 113;
+  PKCS7_F_PKCS7_SIGNER_INFO_SET                      = 129;
+  PKCS7_F_PKCS7_SIGNER_INFO_SIGN                     = 139;
+  PKCS7_F_PKCS7_SIGN_ADD_SIGNER                      = 137;
+  PKCS7_F_PKCS7_SIMPLE_SMIMECAP                      = 119;
+  PKCS7_F_PKCS7_VERIFY                               = 117;
+
+  (*
+   * PKCS7 reason codes.
+   *)
+  PKCS7_R_CERTIFICATE_VERIFY_ERROR                   = 117;
+  PKCS7_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER            = 144;
+  PKCS7_R_CIPHER_NOT_INITIALIZED                     = 116;
+  PKCS7_R_CONTENT_AND_DATA_PRESENT                   = 118;
+  PKCS7_R_CTRL_ERROR                                 = 152;
+  PKCS7_R_DECRYPT_ERROR                              = 119;
+  PKCS7_R_DIGEST_FAILURE                             = 101;
+  PKCS7_R_ENCRYPTION_CTRL_FAILURE                    = 149;
+  PKCS7_R_ENCRYPTION_NOT_SUPPORTED_FOR_THIS_KEY_TYPE = 150;
+  PKCS7_R_ERROR_ADDING_RECIPIENT                     = 120;
+  PKCS7_R_ERROR_SETTING_CIPHER                       = 121;
+  PKCS7_R_INVALID_NULL_POINTER                       = 143;
+  PKCS7_R_INVALID_SIGNED_DATA_TYPE                   = 155;
+  PKCS7_R_NO_CONTENT                                 = 122;
+  PKCS7_R_NO_DEFAULT_DIGEST                          = 151;
+  PKCS7_R_NO_MATCHING_DIGEST_TYPE_FOUND              = 154;
+  PKCS7_R_NO_RECIPIENT_MATCHES_CERTIFICATE           = 115;
+  PKCS7_R_NO_SIGNATURES_ON_DATA                      = 123;
+  PKCS7_R_NO_SIGNERS                                 = 142;
+  PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE       = 104;
+  PKCS7_R_PKCS7_ADD_SIGNATURE_ERROR                  = 124;
+  PKCS7_R_PKCS7_ADD_SIGNER_ERROR                     = 153;
+  PKCS7_R_PKCS7_DATASIGN                             = 145;
+  PKCS7_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE     = 127;
+  PKCS7_R_SIGNATURE_FAILURE                          = 105;
+  PKCS7_R_SIGNER_CERTIFICATE_NOT_FOUND               = 128;
+  PKCS7_R_SIGNING_CTRL_FAILURE                       = 147;
+  PKCS7_R_SIGNING_NOT_SUPPORTED_FOR_THIS_KEY_TYPE    = 148;
+  PKCS7_R_SMIME_TEXT_ERROR                           = 129;
+  PKCS7_R_UNABLE_TO_FIND_CERTIFICATE                 = 106;
+  PKCS7_R_UNABLE_TO_FIND_MEM_BIO                     = 107;
+  PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST              = 108;
+  PKCS7_R_UNKNOWN_DIGEST_TYPE                        = 109;
+  PKCS7_R_UNKNOWN_OPERATION                          = 110;
+  PKCS7_R_UNSUPPORTED_CIPHER_TYPE                    = 111;
+  PKCS7_R_UNSUPPORTED_CONTENT_TYPE                   = 112;
+  PKCS7_R_WRONG_CONTENT_TYPE                         = 113;
+  PKCS7_R_WRONG_PKCS7_TYPE                           = 114;
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+procedure UnLoad;
+{$ENDREGION}
+
+var
+  ERR_load_PKCS7_strings: function: TIdC_INT cdecl = nil;
+
+implementation
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+
+  function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
+  begin
+    Result := LoadLibFunction(ADllHandle, AMethodName);
+    if not Assigned(Result) then
+      AFailed.Add(AMethodName);
+  end;
+
+begin
+  ERR_load_PKCS7_strings := LoadFunction('ERR_load_PKCS7_strings', AFailed);
+end;
+
+procedure UnLoad;
+begin
+  ERR_load_PKCS7_strings := nil;
+end;
+{$ENDREGION}
+
+end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_rand.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_rand.pas
new file mode 100644
index 000000000..a0b34fb28
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_rand.pas
@@ -0,0 +1,147 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 15:01:04
+
+unit IdOpenSSLHeaders_rand;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// rand.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  Classes,
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts,
+  IdOpenSSLHeaders_ossl_typ;
+
+type
+  rand_meth_st_seed = function (const buf: Pointer; num: TIdC_INT): TIdC_INT; cdecl;
+  rand_meth_st_bytes = function (buf: PByte; num: TIdC_INT): TIdC_INT; cdecl;
+  rand_meth_st_cleanup = procedure; cdecl;
+  rand_meth_st_add = function (const buf: Pointer; num: TIdC_INT; randomness: TIdC_DOUBLE): TIdC_INT; cdecl;
+  rand_meth_st_pseudorand = function (buf: PByte; num: TIdC_INT): TIdC_INT; cdecl;
+  rand_meth_st_status = function: TIdC_INT; cdecl;
+
+  rand_meth_st = class
+    seed: rand_meth_st_seed;
+    bytes: rand_meth_st_bytes;
+    cleanup: rand_meth_st_cleanup;
+    add: rand_meth_st_add;
+    pseudorand: rand_meth_st_pseudorand;
+    status: rand_meth_st_status;
+  end;
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+procedure UnLoad;
+{$ENDREGION}
+
+var
+  RAND_set_rand_method: function(const meth: PRAND_METHOD): TIdC_INT cdecl = nil;
+  RAND_get_rand_method: function: PRAND_METHOD cdecl = nil;
+  RAND_set_rand_engine: function(engine: PENGINE): TIdC_INT cdecl = nil;
+
+  RAND_OpenSSL: function: PRAND_METHOD cdecl = nil;
+
+  RAND_bytes: function(buf: PByte; num: TIdC_INT): TIdC_INT cdecl = nil;
+  RAND_priv_bytes: function(buf: PByte; num: TIdC_INT): TIdC_INT cdecl = nil;
+
+  RAND_seed: procedure(const buf: Pointer; num: TIdC_INT) cdecl = nil;
+  RAND_keep_random_devices_open: procedure(keep: TIdC_INT) cdecl = nil;
+
+  RAND_add: procedure(const buf: Pointer; num: TIdC_INT; randomness: TIdC_DOUBLE) cdecl = nil;
+  RAND_load_file: function(const &file: PIdAnsiChar; max_bytes: TIdC_LONG): TIdC_INT cdecl = nil;
+  RAND_write_file: function(const &file: PIdAnsiChar): TIdC_INT cdecl = nil;
+  RAND_status: function: TIdC_INT cdecl = nil;
+
+  RAND_query_egd_bytes: function(const path: PIdAnsiChar; buf: PByte; bytes: TIdC_INT): TIdC_INT cdecl = nil;
+  RAND_egd: function(const path: PIdAnsiChar): TIdC_INT cdecl = nil;
+  RAND_egd_bytes: function(const path: PIdAnsiChar; bytes: TIdC_INT): TIdC_INT cdecl = nil;
+
+  RAND_poll: function: TIdC_INT cdecl = nil;
+
+implementation
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+
+  function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
+  begin
+    Result := LoadLibFunction(ADllHandle, AMethodName);
+    if not Assigned(Result) then
+      AFailed.Add(AMethodName);
+  end;
+
+begin
+  RAND_set_rand_method := LoadFunction('RAND_set_rand_method', AFailed);
+  RAND_get_rand_method := LoadFunction('RAND_get_rand_method', AFailed);
+  RAND_set_rand_engine := LoadFunction('RAND_set_rand_engine', AFailed);
+  RAND_OpenSSL := LoadFunction('RAND_OpenSSL', AFailed);
+  RAND_bytes := LoadFunction('RAND_bytes', AFailed);
+  RAND_priv_bytes := LoadFunction('RAND_priv_bytes', AFailed);
+  RAND_seed := LoadFunction('RAND_seed', AFailed);
+  RAND_keep_random_devices_open := LoadFunction('RAND_keep_random_devices_open', AFailed);
+  RAND_add := LoadFunction('RAND_add', AFailed);
+  RAND_load_file := LoadFunction('RAND_load_file', AFailed);
+  RAND_write_file := LoadFunction('RAND_write_file', AFailed);
+  RAND_status := LoadFunction('RAND_status', AFailed);
+  RAND_query_egd_bytes := LoadFunction('RAND_query_egd_bytes', AFailed);
+  RAND_egd := LoadFunction('RAND_egd', AFailed);
+  RAND_egd_bytes := LoadFunction('RAND_egd_bytes', AFailed);
+  RAND_poll := LoadFunction('RAND_poll', AFailed);
+end;
+
+procedure UnLoad;
+begin
+  RAND_set_rand_method := nil;
+  RAND_get_rand_method := nil;
+  RAND_set_rand_engine := nil;
+  RAND_OpenSSL := nil;
+  RAND_bytes := nil;
+  RAND_priv_bytes := nil;
+  RAND_seed := nil;
+  RAND_keep_random_devices_open := nil;
+  RAND_add := nil;
+  RAND_load_file := nil;
+  RAND_write_file := nil;
+  RAND_status := nil;
+  RAND_query_egd_bytes := nil;
+  RAND_egd := nil;
+  RAND_egd_bytes := nil;
+  RAND_poll := nil;
+end;
+{$ENDREGION}
+
+end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_randerr.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_randerr.pas
new file mode 100644
index 000000000..b3b0d22ea
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_randerr.pas
@@ -0,0 +1,150 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 15:01:04
+
+unit IdOpenSSLHeaders_randerr;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// randerr.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  Classes,
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+const
+  (*
+   * RAND function codes.
+   *)
+  RAND_F_DRBG_BYTES = 101;
+  RAND_F_DRBG_GET_ENTROPY = 105;
+  RAND_F_DRBG_SETUP = 117;
+  RAND_F_GET_ENTROPY = 106;
+  RAND_F_RAND_BYTES = 100;
+  RAND_F_RAND_DRBG_ENABLE_LOCKING = 119;
+  RAND_F_RAND_DRBG_GENERATE = 107;
+  RAND_F_RAND_DRBG_GET_ENTROPY = 120;
+  RAND_F_RAND_DRBG_GET_NONCE = 123;
+  RAND_F_RAND_DRBG_INSTANTIATE = 108;
+  RAND_F_RAND_DRBG_NEW = 109;
+  RAND_F_RAND_DRBG_RESEED = 110;
+  RAND_F_RAND_DRBG_RESTART = 102;
+  RAND_F_RAND_DRBG_SET = 104;
+  RAND_F_RAND_DRBG_SET_DEFAULTS = 121;
+  RAND_F_RAND_DRBG_UNINSTANTIATE = 118;
+  RAND_F_RAND_LOAD_FILE = 111;
+  RAND_F_RAND_POOL_ACQUIRE_ENTROPY = 122;
+  RAND_F_RAND_POOL_ADD = 103;
+  RAND_F_RAND_POOL_ADD_BEGIN = 113;
+  RAND_F_RAND_POOL_ADD_END = 114;
+  RAND_F_RAND_POOL_ATTACH = 124;
+  RAND_F_RAND_POOL_BYTES_NEEDED = 115;
+  RAND_F_RAND_POOL_GROW = 125;
+  RAND_F_RAND_POOL_NEW = 116;
+  RAND_F_RAND_WRITE_FILE = 112;
+
+  (*
+   * RAND reason codes.
+   *)
+  RAND_R_ADDITIONAL_INPUT_TOO_LONG = 102;
+  RAND_R_ALREADY_INSTANTIATED = 103;
+  RAND_R_ARGUMENT_OUT_OF_RANGE = 105;
+  RAND_R_CANNOT_OPEN_FILE = 121;
+  RAND_R_DRBG_ALREADY_INITIALIZED = 129;
+  RAND_R_DRBG_NOT_INITIALISED = 104;
+  RAND_R_ENTROPY_INPUT_TOO_LONG = 106;
+  RAND_R_ENTROPY_OUT_OF_RANGE = 124;
+  RAND_R_ERROR_ENTROPY_POOL_WAS_IGNORED = 127;
+  RAND_R_ERROR_INITIALISING_DRBG = 107;
+  RAND_R_ERROR_INSTANTIATING_DRBG = 108;
+  RAND_R_ERROR_RETRIEVING_ADDITIONAL_INPUT = 109;
+  RAND_R_ERROR_RETRIEVING_ENTROPY = 110;
+  RAND_R_ERROR_RETRIEVING_NONCE = 111;
+  RAND_R_FAILED_TO_CREATE_LOCK = 126;
+  RAND_R_FUNC_NOT_IMPLEMENTED = 101;
+  RAND_R_FWRITE_ERROR = 123;
+  RAND_R_GENERATE_ERROR = 112;
+  RAND_R_INTERNAL_ERROR = 113;
+  RAND_R_IN_ERROR_STATE = 114;
+  RAND_R_NOT_A_REGULAR_FILE = 122;
+  RAND_R_NOT_INSTANTIATED = 115;
+  RAND_R_NO_DRBG_IMPLEMENTATION_SELECTED = 128;
+  RAND_R_PARENT_LOCKING_NOT_ENABLED = 130;
+  RAND_R_PARENT_STRENGTH_TOO_WEAK = 131;
+  RAND_R_PERSONALISATION_STRING_TOO_LONG = 116;
+  RAND_R_PREDICTION_RESISTANCE_NOT_SUPPORTED = 133;
+  RAND_R_PRNG_NOT_SEEDED = 100;
+  RAND_R_RANDOM_POOL_OVERFLOW = 125;
+  RAND_R_RANDOM_POOL_UNDERFLOW = 134;
+  RAND_R_REQUEST_TOO_LARGE_FOR_DRBG = 117;
+  RAND_R_RESEED_ERROR = 118;
+  RAND_R_SELFTEST_FAILURE = 119;
+  RAND_R_TOO_LITTLE_NONCE_REQUESTED = 135;
+  RAND_R_TOO_MUCH_NONCE_REQUESTED = 136;
+  RAND_R_UNSUPPORTED_DRBG_FLAGS = 132;
+  RAND_R_UNSUPPORTED_DRBG_TYPE = 120;
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+procedure UnLoad;
+{$ENDREGION}
+
+var
+  ERR_load_RAND_strings: function: TIdC_INT cdecl = nil;
+
+implementation
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+
+  function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
+  begin
+    Result := LoadLibFunction(ADllHandle, AMethodName);
+    if not Assigned(Result) then
+      AFailed.Add(AMethodName);
+  end;
+
+begin
+  ERR_load_RAND_strings := LoadFunction('ERR_load_RAND_strings', AFailed);
+end;
+
+procedure UnLoad;
+begin
+  ERR_load_RAND_strings := nil;
+end;
+{$ENDREGION}
+
+end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_rsa.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_rsa.pas
new file mode 100644
index 000000000..9f633ff51
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_rsa.pas
@@ -0,0 +1,657 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 15:01:04
+
+unit IdOpenSSLHeaders_rsa;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// rsa.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  Classes,
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts,
+  IdOpenSSLHeaders_ossl_typ,
+  IdOpenSSLHeaders_evp;
+
+(* The types RSA and RSA_METHOD are defined in ossl_typ.h *)
+
+const
+  OPENSSL_RSA_MAX_MODULUS_BITS =  16384;
+  OPENSSL_RSA_FIPS_MIN_MODULUS_BITS = 1024;
+  OPENSSL_RSA_SMALL_MODULUS_BITS = 3072;
+  (* exponent limit enforced for "large" modulus only *)
+  OPENSSL_RSA_MAX_PUBEXP_BITS =  64;
+
+  RSA_3 =  TIdC_Long($3);
+  RSA_F4 = TIdC_Long($10001);
+
+  (* based on RFC 8017 appendix A.1.2 *)
+  RSA_ASN1_VERSION_DEFAULT = 0;
+  RSA_ASN1_VERSION_MULTI =   1;
+  RSA_DEFAULT_PRIME_NUM =    2;
+
+  RSA_METHOD_FLAG_NO_CHECK = $0001; (* don't check pub/private match *)
+  RSA_FLAG_CACHE_PUBLIC =    $0002;
+  RSA_FLAG_CACHE_PRIVATE =   $0004;
+  RSA_FLAG_BLINDING =        $0008;
+  RSA_FLAG_THREAD_SAFE =     $0010;
+  (*
+   * This flag means the private key operations will be handled by rsa_mod_exp
+   * and that they do not depend on the private key components being present:
+   * for example a key stored in external hardware. Without this flag
+   * bn_mod_exp gets called when private key components are absent.
+   *)
+  RSA_FLAG_EXT_PKEY =        $0020;
+  (*
+   * new with 0.9.6j and 0.9.7b; the built-in
+   * RSA implementation now uses blinding by
+   * default (ignoring RSA_FLAG_BLINDING),
+   * but other engines might not need it
+   *)
+  RSA_FLAG_NO_BLINDING =     $0080;
+  (*
+   * Does nothing. Previously this switched off constant time behaviour.
+   *)
+  RSA_FLAG_NO_CONSTTIME =    $0000;
+
+  (* Salt length matches digest *)
+  RSA_PSS_SALTLEN_DIGEST = -1;
+  (* Verify only: auto detect salt length *)
+  RSA_PSS_SALTLEN_AUTO = -2;
+  (* Set salt length to maximum possible *)
+  RSA_PSS_SALTLEN_MAX = -3;
+  (* Old compatible max salt length for sign only *)
+  RSA_PSS_SALTLEN_MAX_SIGN = -2;
+
+  EVP_PKEY_CTRL_RSA_PADDING = EVP_PKEY_ALG_CTRL + 1;
+  EVP_PKEY_CTRL_RSA_PSS_SALTLEN = EVP_PKEY_ALG_CTRL + 2;
+
+  EVP_PKEY_CTRL_RSA_KEYGEN_BITS = EVP_PKEY_ALG_CTRL + 3;
+  EVP_PKEY_CTRL_RSA_KEYGEN_PUBEXP = EVP_PKEY_ALG_CTRL + 4;
+  EVP_PKEY_CTRL_RSA_MGF1_MD = EVP_PKEY_ALG_CTRL + 5;
+
+  EVP_PKEY_CTRL_GET_RSA_PADDING =  EVP_PKEY_ALG_CTRL + 6;
+  EVP_PKEY_CTRL_GET_RSA_PSS_SALTLEN = EVP_PKEY_ALG_CTRL + 7;
+  EVP_PKEY_CTRL_GET_RSA_MGF1_MD =  EVP_PKEY_ALG_CTRL + 8;
+
+  EVP_PKEY_CTRL_RSA_OAEP_MD = EVP_PKEY_ALG_CTRL + 9;
+  EVP_PKEY_CTRL_RSA_OAEP_LABEL = EVP_PKEY_ALG_CTRL + 10;
+
+  EVP_PKEY_CTRL_GET_RSA_OAEP_MD = EVP_PKEY_ALG_CTRL + 11;
+  EVP_PKEY_CTRL_GET_RSA_OAEP_LABEL = EVP_PKEY_ALG_CTRL + 12;
+
+  EVP_PKEY_CTRL_RSA_KEYGEN_PRIMES = EVP_PKEY_ALG_CTRL + 13;
+
+  RSA_PKCS1_PADDING =   1;
+  RSA_SSLV23_PADDING =  2;
+  RSA_NO_PADDING =   3;
+  RSA_PKCS1_OAEP_PADDING = 4;
+  RSA_X931_PADDING =   5;
+  RSA_PKCS1_PSS_PADDING =  6; (* EVP_PKEY_ only *)
+  RSA_PKCS1_PADDING_SIZE = 11;
+
+  (*
+   * If this flag is set the RSA method is FIPS compliant and can be used in
+   * FIPS mode. This is set in the validated module method. If an application
+   * sets this flag in its own methods it is its responsibility to ensure the
+   * result is compliant.
+   *)
+  RSA_FLAG_FIPS_METHOD = $0400;
+  (*
+   * If this flag is set the operations normally disabled in FIPS mode are
+   * permitted it is then the applications responsibility to ensure that the
+   * usage is compliant.
+   *)
+  RSA_FLAG_NON_FIPS_ALLOW = $0400;
+  (*
+   * Application has decided PRNG is good enough to generate a key: don't
+   * check.
+   *)
+  RSA_FLAG_CHECKED = $0800;
+
+type
+  rsa_pss_params_st = record
+    hashAlgorithm: PX509_ALGOR;
+    maskGenAlgorithm: PX509_ALGOR;
+    saltLength: PASN1_INTEGER;
+    trailerField: PASN1_INTEGER;
+    (* Decoded hash algorithm from maskGenAlgorithm *)
+    maskHash: PX509_ALGOR;
+  end;
+  RSA_PSS_PARAMS = rsa_pss_params_st;
+  // DECLARE_ASN1_FUNCTIONS(RSA_PSS_PARAMS)
+
+  rsa_oaep_params_st = record
+    hashFunc: PX509_ALGOR;
+    maskGenFunc: PX509_ALGOR;
+    pSourceFunc: PX509_ALGOR;
+    (* Decoded hash algorithm from maskGenFunc *)
+    maskHash: PX509_ALGOR;
+  end;
+  RSA_OAEP_PARAMS = rsa_oaep_params_st;
+  //DECLARE_ASN1_FUNCTIONS(RSA_OAEP_PARAMS)
+
+  //DECLARE_ASN1_ENCODE_FUNCTIONS_const(RSA, RSAPublicKey)
+  //DECLARE_ASN1_ENCODE_FUNCTIONS_const(RSA, RSAPrivateKey)
+
+  RSA_meth_set_priv_dec_priv_dec = function(flen: TIdC_INT; const from: PByte;
+    &to: PByte; rsa: PRSA; padding: TIdC_INT): TIdC_INT; cdecl;
+
+  RSA_meth_set_mod_exp_mod_exp = function(r0: PBIGNUM; const i: PBIGNUM;
+    rsa: PRSA; ctx: PBN_CTX): TIdC_INT; cdecl;
+
+  RSA_meth_set_bn_mod_exp_bn_mod_exp = function(r: PBIGNUM; const a: PBIGNUM;
+    const p: PBIGNUM; const m: PBIGNUM; ctx: PBN_CTx; m_ctx: PBN_MONT_CTx): TIdC_INT; cdecl;
+
+  RSA_meth_set_init_init = function(rsa: PRSA): TIdC_INT; cdecl;
+
+  RSA_meth_set_finish_finish = function(rsa: PRSA): TIdC_INT; cdecl;
+
+  RSA_meth_set_sign_sign = function(&type: TIdC_INT; const m: PByte;
+    m_length: TIdC_UINT; sigret: PByte; siglen: PIdC_UINT; const rsa: PRSA): TIdC_INT; cdecl;
+
+  RSA_meth_set_verify_verify = function(dtype: TIdC_INT; const m: PByte;
+    m_length: TIdC_UINT; const sigbuf: PByte; siglen: TIdC_UINT; const rsa: PRSA): TIdC_INT; cdecl;
+
+  RSA_meth_set_keygen_keygen = function(rsa: PRSA; bits: TIdC_INT; e: PBIGNUM; cb: PBN_GENCb): TIdC_INT; cdecl;
+
+  RSA_meth_set_multi_prime_keygen_keygen = function(rsa: PRSA; bits: TIdC_INT;
+    primes: TIdC_INT; e: PBIGNUM; cb: PBN_GENCb): TIdC_INT; cdecl;
+
+//# define EVP_PKEY_CTX_set_rsa_padding(ctx, pad) \
+//        RSA_pkey_ctx_ctrl(ctx, -1, EVP_PKEY_CTRL_RSA_PADDING, pad, NULL)
+//
+//# define EVP_PKEY_CTX_get_rsa_padding(ctx, ppad) \
+//        RSA_pkey_ctx_ctrl(ctx, -1, EVP_PKEY_CTRL_GET_RSA_PADDING, 0, ppad)
+//
+//# define EVP_PKEY_CTX_set_rsa_pss_saltlen(ctx, len) \
+//        RSA_pkey_ctx_ctrl(ctx, (EVP_PKEY_OP_SIGN|EVP_PKEY_OP_VERIFY), \
+//                          EVP_PKEY_CTRL_RSA_PSS_SALTLEN, len, NULL)
+
+//# define EVP_PKEY_CTX_set_rsa_pss_keygen_saltlen(ctx, len) \
+//        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA_PSS, EVP_PKEY_OP_KEYGEN, \
+//                          EVP_PKEY_CTRL_RSA_PSS_SALTLEN, len, NULL)
+//
+//# define EVP_PKEY_CTX_get_rsa_pss_saltlen(ctx, plen) \
+//        RSA_pkey_ctx_ctrl(ctx, (EVP_PKEY_OP_SIGN|EVP_PKEY_OP_VERIFY), \
+//                          EVP_PKEY_CTRL_GET_RSA_PSS_SALTLEN, 0, plen)
+//
+//# define EVP_PKEY_CTX_set_rsa_keygen_bits(ctx, bits) \
+//        RSA_pkey_ctx_ctrl(ctx, EVP_PKEY_OP_KEYGEN, \
+//                          EVP_PKEY_CTRL_RSA_KEYGEN_BITS, bits, NULL)
+//
+//# define EVP_PKEY_CTX_set_rsa_keygen_pubexp(ctx, pubexp) \
+//        RSA_pkey_ctx_ctrl(ctx, EVP_PKEY_OP_KEYGEN, \
+//                          EVP_PKEY_CTRL_RSA_KEYGEN_PUBEXP, 0, pubexp)
+//
+//# define EVP_PKEY_CTX_set_rsa_keygen_primes(ctx, primes) \
+//        RSA_pkey_ctx_ctrl(ctx, EVP_PKEY_OP_KEYGEN, \
+//                          EVP_PKEY_CTRL_RSA_KEYGEN_PRIMES, primes, NULL)
+//
+//# define  EVP_PKEY_CTX_set_rsa_mgf1_md(ctx, md) \
+//        RSA_pkey_ctx_ctrl(ctx, EVP_PKEY_OP_TYPE_SIG | EVP_PKEY_OP_TYPE_CRYPT, \
+//                          EVP_PKEY_CTRL_RSA_MGF1_MD, 0, (void *)(md))
+//
+//# define  EVP_PKEY_CTX_set_rsa_pss_keygen_mgf1_md(ctx, md) \
+//        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA_PSS, EVP_PKEY_OP_KEYGEN, \
+//                          EVP_PKEY_CTRL_RSA_MGF1_MD, 0, (void *)(md))
+//
+//# define  EVP_PKEY_CTX_set_rsa_oaep_md(ctx, md) \
+//        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_TYPE_CRYPT,  \
+//                          EVP_PKEY_CTRL_RSA_OAEP_MD, 0, (void *)(md))
+//
+//# define  EVP_PKEY_CTX_get_rsa_mgf1_md(ctx, pmd) \
+//        RSA_pkey_ctx_ctrl(ctx, EVP_PKEY_OP_TYPE_SIG | EVP_PKEY_OP_TYPE_CRYPT, \
+//                          EVP_PKEY_CTRL_GET_RSA_MGF1_MD, 0, (void *)(pmd))
+//
+//# define  EVP_PKEY_CTX_get_rsa_oaep_md(ctx, pmd) \
+//        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_TYPE_CRYPT,  \
+//                          EVP_PKEY_CTRL_GET_RSA_OAEP_MD, 0, (void *)(pmd))
+//
+//# define  EVP_PKEY_CTX_set0_rsa_oaep_label(ctx, l, llen) \
+//        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_TYPE_CRYPT,  \
+//                          EVP_PKEY_CTRL_RSA_OAEP_LABEL, llen, (void *)(l))
+//
+//# define  EVP_PKEY_CTX_get0_rsa_oaep_label(ctx, l) \
+//        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_TYPE_CRYPT,  \
+//                          EVP_PKEY_CTRL_GET_RSA_OAEP_LABEL, 0, (void *)(l))
+//
+//# define  EVP_PKEY_CTX_set_rsa_pss_keygen_md(ctx, md) \
+//        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA_PSS,  \
+//                          EVP_PKEY_OP_KEYGEN, EVP_PKEY_CTRL_MD,  \
+//                          0, (void *)(md))
+
+//# define RSA_set_app_data(s,arg)         RSA_set_ex_data(s,0,arg)
+//# define RSA_get_app_data(s)             RSA_get_ex_data(s,0)
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+procedure UnLoad;
+{$ENDREGION}
+
+var
+  RSA_new: function: PRSA cdecl = nil;
+  RSA_new_method: function(engine: PENGINE): PRSA cdecl = nil;
+  RSA_bits: function(const rsa: PRSA): TIdC_INT cdecl = nil;
+  RSA_size: function(const rsa: PRSA): TIdC_INT cdecl = nil;
+  RSA_security_bits: function(const rsa: PRSA): TIdC_INT cdecl = nil;
+
+  RSA_set0_key: function(r: PRSA; n: PBIGNUM; e: PBIGNUM; d: PBIGNUM): TIdC_INT cdecl = nil;
+  RSA_set0_factors: function(r: PRSA; p: PBIGNUM; q: PBIGNUM): TIdC_INT cdecl = nil;
+  RSA_set0_crt_params: function(r: PRSA; dmp1: PBIGNUM; dmq1: PBIGNUM; iqmp: PBIGNUM): TIdC_INT cdecl = nil;
+  //function RSA_set0_multi_prime_params(r: PRSA; primes: array of PBIGNUM; exps: array of PBIGNUM; coeffs: array of PBIGNUM; pnum: TIdC_INT): TIdC_INT;
+
+  RSA_get0_key: procedure(const r: PRSA; const n: PPBIGNUM; const e: PPBIGNUM; const d: PPBIGNUM) cdecl = nil;
+  RSA_get0_factors: procedure(const r: PRSA; const p: PPBIGNUM; const q: PPBIGNUM) cdecl = nil;
+  RSA_get_multi_prime_extra_count: function(const r: PRSA): TIdC_INT cdecl = nil;
+  //function RSA_get0_multi_prime_factors(const r: PRSA; const primes: array of PBIGNUM): TIdC_INT;
+  RSA_get0_crt_params: procedure(const r: PRSA; const dmp1: PPBIGNUM; const dmq1: PPBIGNUM; const iqmp: PPBIGNUM) cdecl = nil;
+
+  //function RSA_get0_multi_prime_crt_params(const r: PRSA; const exps: array of PBIGNUM; const coeffs: array of PBIGNUM): TIdC_INT;
+
+  RSA_get0_n: function(const d: PRSA): PBIGNUM cdecl = nil;
+  RSA_get0_e: function(const d: PRSA): PBIGNUM cdecl = nil;
+  RSA_get0_d: function(const d: PRSA): PBIGNUM cdecl = nil;
+  RSA_get0_p: function(const d: PRSA): PBIGNUM cdecl = nil;
+  RSA_get0_q: function(const d: PRSA): PBIGNUM cdecl = nil;
+  RSA_get0_dmp1: function(const r: PRSA): PBIGNUM cdecl = nil;
+  RSA_get0_dmq1: function(const r: PRSA): PBIGNUM cdecl = nil;
+  RSA_get0_iqmp: function(const r: PRSA): PBIGNUM cdecl = nil;
+
+  RSA_clear_flags: procedure(r: PRSA; flags: TIdC_INT) cdecl = nil;
+  RSA_test_flags: function(const r: PRSA; flags: TIdC_INT): TIdC_INT cdecl = nil;
+  RSA_set_flags: procedure(r: PRSA; flags: TIdC_INT) cdecl = nil;
+  RSA_get_version: function(r: PRSA): TIdC_INT cdecl = nil;
+  RSA_get0_engine: function(const r: PRSA): PENGINE cdecl = nil;
+
+  (* New version *)
+  RSA_generate_key_ex: function(rsa: PRSA; bits: TIdC_INT; e: PBIGNUM; cb: PBN_GENCB): TIdC_INT cdecl = nil;
+  (* Multi-prime version *)
+  RSA_generate_multi_prime_key: function(rsa: PRSA; bits: TIdC_INT; primes: TIdC_INT; e: PBIGNUM; cb: PBN_GENCB): TIdC_INT cdecl = nil;
+  RSA_X931_derive_ex: function(rsa: PRSA; p1: PBIGNUM; p2: PBIGNUM; q1: PBIGNUM; q2: PBIGNUM; const Xp1: PBIGNUM; const Xp2: PBIGNUM; const Xp: PBIGNUM; const Xq1: PBIGNUM; const Xq2: PBIGNUM; const Xq: PBIGNUM; const e: PBIGNUM; cb: PBN_GENCB): TIdC_INT cdecl = nil;
+  RSA_X931_generate_key_ex: function(rsa: PRSA; bits: TIdC_INT; const e: PBIGNUM; cb: PBN_GENCB): TIdC_INT cdecl = nil;
+
+  RSA_check_key: function(const v1: PRSA): TIdC_INT cdecl = nil;
+  RSA_check_key_ex: function(const v1: PRSA; cb: BN_GENCB): TIdC_INT cdecl = nil;
+  (* next 4 return -1 on error *)
+  RSA_public_encrypt: function(flen: TIdC_INT; const from: PByte; &to: PByte; rsa: PRSA; padding: TIdC_INT): TIdC_INT cdecl = nil;
+  RSA_private_encrypt: function(flen: TIdC_INT; const from: PByte; &to: PByte; rsa: PRSA; padding: TIdC_INT): TIdC_INT cdecl = nil;
+  RSA_public_decrypt: function(flen: TIdC_INT; const from: PByte; &to: PByte; rsa: PRSA; padding: TIdC_INT): TIdC_INT cdecl = nil;
+  RSA_private_decrypt: function(flen: TIdC_INT; const from: PByte; &to: PByte; rsa: PRSA; padding: TIdC_INT): TIdC_INT cdecl = nil;
+
+  RSA_free: procedure(r: PRSA) cdecl = nil;
+  (* "up" the RSA object's reference count *)
+  RSA_up_ref: function(r: PRSA): TIdC_INT cdecl = nil;
+
+  RSA_flags: function(const r: PRSA): TIdC_INT cdecl = nil;
+
+  RSA_set_default_method: procedure(const meth: PRSA_METHOD) cdecl = nil;
+  RSA_get_default_method: function: PRSA_METHOD cdecl = nil;
+  RSA_null_method: function: PRSA_METHOD cdecl = nil;
+  RSA_get_method: function(const rsa: PRSA): PRSA_METHOD cdecl = nil;
+  RSA_set_method: function(rsa: PRSA; const meth: PRSA_METHOD): TIdC_INT cdecl = nil;
+
+  (* these are the actual RSA functions *)
+  RSA_PKCS1_OpenSSL: function: PRSA_METHOD cdecl = nil;
+
+  RSA_pkey_ctx_ctrl: function(ctx: PEVP_PKEY_CTX; optype: TIdC_INT; cmd: TIdC_INT; p1: TIdC_INT; p2: Pointer): TIdC_INT cdecl = nil;
+
+  RSA_print: function(bp: PBIO; const r: PRSA; offset: TIdC_INT): TIdC_INT cdecl = nil;
+
+  (*
+   * The following 2 functions sign and verify a X509_SIG ASN1 object inside
+   * PKCS#1 padded RSA encryption
+   *)
+  RSA_sign: function(&type: TIdC_INT; const m: PByte; m_length: TIdC_UINT; sigret: PByte; siglen: PIdC_UINT; rsa: PRSA): TIdC_INT cdecl = nil;
+  RSA_verify: function(&type: TIdC_INT; const m: PByte; m_length: TIdC_UINT; const sigbuf: PByte; siglen: TIdC_UINT; rsa: PRSA): TIdC_INT cdecl = nil;
+
+  (*
+   * The following 2 function sign and verify a ASN1_OCTET_STRING object inside
+   * PKCS#1 padded RSA encryption
+   *)
+  RSA_sign_ASN1_OCTET_STRING: function(&type: TIdC_INT; const m: PByte; m_length: TIdC_UINT; sigret: PByte; siglen: PIdC_UINT; rsa: PRSA): TIdC_INT cdecl = nil;
+  RSA_verify_ASN1_OCTET_STRING: function(&type: TIdC_INT; const m: PByte; m_length: TIdC_UINT; sigbuf: PByte; siglen: TIdC_UINT; rsa: PRSA): TIdC_INT cdecl = nil;
+
+  RSA_blinding_on: function(rsa: PRSA; ctx: PBN_CTX): TIdC_INT cdecl = nil;
+  RSA_blinding_off: procedure(rsa: PRSA) cdecl = nil;
+  RSA_setup_blinding: function(rsa: PRSA; ctx: PBN_CTX): PBN_BLINDING cdecl = nil;
+  RSA_padding_add_PKCS1_type_1: function(&to: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT): TIdC_INT cdecl = nil;
+  RSA_padding_check_PKCS1_type_1: function(&to: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT; rsa_len: TIdC_INT): TIdC_INT cdecl = nil;
+  RSA_padding_add_PKCS1_type_2: function(&to: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT): TIdC_INT cdecl = nil;
+  RSA_padding_check_PKCS1_type_2: function(&to: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT; rsa_len: TIdC_INT): TIdC_INT cdecl = nil;
+  PKCS1_MGF1: function(mask: PByte; len: TIdC_LONG; const seed: PByte; seedlen: TIdC_LONG; const dgst: PEVP_MD): TIdC_INT cdecl = nil;
+  RSA_padding_add_PKCS1_OAEP: function(&to: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT; const p: PByte; pl: TIdC_INT): TIdC_INT cdecl = nil;
+  RSA_padding_check_PKCS1_OAEP: function(&to: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT; rsa_len: TIdC_INT; const p: PByte; pl: TIdC_INT): TIdC_INT cdecl = nil;
+  RSA_padding_add_PKCS1_OAEP_mgf1: function(&to: PByte; tlen: TIdC_INT; const from: PByte; flen: TIdC_INT; const param: PByte; plen: TIdC_INT; const md: PEVP_MD; const mgf1md: PEVP_MD): TIdC_INT cdecl = nil;
+  RSA_padding_check_PKCS1_OAEP_mgf1: function(&to: PByte; tlen: TIdC_INT; const from: PByte; flen: TIdC_INT; num: TIdC_INT; const param: PByte; plen: TIdC_INT; const md: PEVP_MD; const mgf1md: PEVP_MD): TIdC_INT cdecl = nil;
+  RSA_padding_add_SSLv23: function(&to: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT): TIdC_INT cdecl = nil;
+  RSA_padding_check_SSLv23: function(&to: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT; rsa_len: TIdC_INT): TIdC_INT cdecl = nil;
+  RSA_padding_add_none: function(&to: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT): TIdC_INT cdecl = nil;
+  RSA_padding_check_none: function(&to: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT; rsa_len: TIdC_INT): TIdC_INT cdecl = nil;
+  RSA_padding_add_X931: function(&to: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT): TIdC_INT cdecl = nil;
+  RSA_padding_check_X931: function(&to: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT; rsa_len: TIdC_INT): TIdC_INT cdecl = nil;
+  RSA_X931_hash_id: function(nid: TIdC_INT): TIdC_INT cdecl = nil;
+
+  RSA_verify_PKCS1_PSS: function(rsa: PRSA; const mHash: PByte; const Hash: PEVP_MD; const EM: PByte; sLen: TIdC_INT): TIdC_INT cdecl = nil;
+  RSA_padding_add_PKCS1_PSS: function(rsa: PRSA; EM: PByte; const mHash: PByte; const Hash: PEVP_MD; sLen: TIdC_INT): TIdC_INT cdecl = nil;
+  RSA_verify_PKCS1_PSS_mgf1: function(rsa: PRSA; const mHash: PByte; const Hash: PEVP_MD; const mgf1Hash: PEVP_MD; const EM: PByte; sLen: TIdC_INT): TIdC_INT cdecl = nil;
+  RSA_padding_add_PKCS1_PSS_mgf1: function(rsa: PRSA; EM: PByte; const mHash: PByte; const Hash: PEVP_MD; const mgf1Hash: PEVP_MD; sLen: TIdC_INT): TIdC_INT cdecl = nil;
+
+  //#define RSA_get_ex_new_index(l, p, newf, dupf, freef) \
+  //    CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_RSA, l, p, newf, dupf, freef)
+
+  RSA_set_ex_data: function(r: PRSA; idx: TIdC_INT; arg: Pointer): TIdC_INT cdecl = nil;
+  RSA_get_ex_data: function(const r: PRSA; idx: TIdC_INT): Pointer cdecl = nil;
+  RSAPublicKey_dup: function(rsa: PRSA): PRSA cdecl = nil;
+  RSAPrivateKey_dup: function(rsa: PRSA): PRSA cdecl = nil;
+
+  RSA_meth_new: function(const name: PIdAnsiChar; flags: TIdC_INT): PRSA_METHOD cdecl = nil;
+  RSA_meth_free: procedure(meth: PRSA_METHOD) cdecl = nil;
+  RSA_meth_dup: function(const meth: PRSA_METHOD): PRSA_METHOD cdecl = nil;
+  RSA_meth_get0_name: function(const meth: PRSA_METHOD): PIdAnsiChar cdecl = nil;
+  RSA_meth_set1_name: function(meth: PRSA_METHOD; const name: PIdAnsiChar): TIdC_INT cdecl = nil;
+  RSA_meth_get_flags: function(const meth: PRSA_METHOD): TIdC_INT cdecl = nil;
+  RSA_meth_set_flags: function(meth: PRSA_METHOD; flags: TIdC_INT): TIdC_INT cdecl = nil;
+  RSA_meth_get0_app_data: function(const meth: PRSA_METHOD): Pointer cdecl = nil;
+  RSA_meth_set0_app_data: function(meth: PRSA_METHOD; app_data: Pointer): TIdC_INT cdecl = nil;
+
+  //int (*RSA_meth_get_pub_enc(const RSA_METHOD *meth))
+  //    (int flen, const unsigned char *from,
+  //     unsigned char *&to, RSA *rsa, int padding);
+  //int RSA_meth_set_pub_enc(RSA_METHOD *rsa,
+  //                         int (*pub_enc) (int flen, const unsigned char *from,
+  //                                         unsigned char *&to, RSA *rsa,
+  //                                         int padding));
+  //int (*RSA_meth_get_pub_dec(const RSA_METHOD *meth))
+  //    (int flen, const unsigned char *from,
+  //     unsigned char *&to, RSA *rsa, int padding);
+  //int RSA_meth_set_pub_dec(RSA_METHOD *rsa,
+  //                         int (*pub_dec) (int flen, const unsigned char *from,
+  //                                         unsigned char *&to, RSA *rsa,
+  //                                         int padding));
+  //int (*RSA_meth_get_priv_enc(const RSA_METHOD *meth))
+  //    (int flen, const unsigned char *from,
+  //     unsigned char *&to, RSA *rsa, int padding);
+  //int RSA_meth_set_priv_enc(RSA_METHOD *rsa,
+  //                          int (*priv_enc) (int flen, const unsigned char *from,
+  //                                           unsigned char *&to, RSA *rsa,
+  //                                           int padding));
+  //int (*RSA_meth_get_priv_dec(const RSA_METHOD *meth))
+  //    (int flen, const unsigned char *from,
+  //     unsigned char *&to, RSA *rsa, int padding);
+  RSA_meth_set_priv_dec: function(rsa: PRSA_METHOD; priv_dec: RSA_meth_set_priv_dec_priv_dec): TIdC_INT cdecl = nil;
+
+  //int (*RSA_meth_get_mod_exp(const RSA_METHOD *meth))
+  //    (BIGNUM *r0, const BIGNUM *i, RSA *rsa, BN_CTX *ctx);
+  RSA_meth_set_mod_exp: function(rsa: PRSA_METHOD; mod_exp: RSA_meth_set_mod_exp_mod_exp): TIdC_INT cdecl = nil;
+  //int (*RSA_meth_get_bn_mod_exp(const RSA_METHOD *meth))
+  //    (BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+  //     const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+  RSA_meth_set_bn_mod_exp: function(rsa: PRSA_METHOD; bn_mod_exp: RSA_meth_set_bn_mod_exp_bn_mod_exp): TIdC_INT cdecl = nil;
+  //int (*RSA_meth_get_init(const RSA_METHOD *meth)) (RSA *rsa);
+  RSA_meth_set_init: function(rsa: PRSA_METHOD; init: RSA_meth_set_init_init): TIdC_INT cdecl = nil;
+  //int (*RSA_meth_get_finish(const RSA_METHOD *meth)) (RSA *rsa);
+  RSA_meth_set_finish: function(rsa: PRSA_METHOD; finish: RSA_meth_set_finish_finish): TIdC_INT cdecl = nil;
+  //int (*RSA_meth_get_sign(const RSA_METHOD *meth))
+  //    (int &type,
+  //     const unsigned char *m, unsigned int m_length,
+  //     unsigned char *sigret, unsigned int *siglen,
+  //     const RSA *rsa);
+  RSA_meth_set_sign: function(rsa: PRSA_METHOD; sign: RSA_meth_set_sign_sign): TIdC_INT cdecl = nil;
+  //int (*RSA_meth_get_verify(const RSA_METHOD *meth))
+  //    (int dtype, const unsigned char *m,
+  //     unsigned int m_length, const unsigned char *sigbuf,
+  //     unsigned int siglen, const RSA *rsa);
+  RSA_meth_set_verify: function(rsa: PRSA_METHOD; verify: RSA_meth_set_verify_verify): TIdC_INT cdecl = nil;
+  //int (*RSA_meth_get_keygen(const RSA_METHOD *meth))
+  //    (RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb);
+  RSA_meth_set_keygen: function(rsa: PRSA_METHOD; keygen: RSA_meth_set_keygen_keygen): TIdC_INT cdecl = nil;
+  //int (*RSA_meth_get_multi_prime_keygen(const RSA_METHOD *meth))
+  //    (RSA *rsa, int bits, int primes, BIGNUM *e, BN_GENCB *cb);
+  RSA_meth_set_multi_prime_keygen: function(meth: PRSA_METHOD; keygen: RSA_meth_set_multi_prime_keygen_keygen): TIdC_INT cdecl = nil;
+
+implementation
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+
+  function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
+  begin
+    Result := LoadLibFunction(ADllHandle, AMethodName);
+    if not Assigned(Result) then
+      AFailed.Add(AMethodName);
+  end;
+
+begin
+  RSA_new := LoadFunction('RSA_new', AFailed);
+  RSA_new_method := LoadFunction('RSA_new_method', AFailed);
+  RSA_bits := LoadFunction('RSA_bits', AFailed);
+  RSA_size := LoadFunction('RSA_size', AFailed);
+  RSA_security_bits := LoadFunction('RSA_security_bits', AFailed);
+  RSA_set0_key := LoadFunction('RSA_set0_key', AFailed);
+  RSA_set0_factors := LoadFunction('RSA_set0_factors', AFailed);
+  RSA_set0_crt_params := LoadFunction('RSA_set0_crt_params', AFailed);
+  RSA_get0_key := LoadFunction('RSA_get0_key', AFailed);
+  RSA_get0_factors := LoadFunction('RSA_get0_factors', AFailed);
+  RSA_get_multi_prime_extra_count := LoadFunction('RSA_get_multi_prime_extra_count', AFailed);
+  RSA_get0_crt_params := LoadFunction('RSA_get0_crt_params', AFailed);
+  RSA_get0_n := LoadFunction('RSA_get0_n', AFailed);
+  RSA_get0_e := LoadFunction('RSA_get0_e', AFailed);
+  RSA_get0_d := LoadFunction('RSA_get0_d', AFailed);
+  RSA_get0_p := LoadFunction('RSA_get0_p', AFailed);
+  RSA_get0_q := LoadFunction('RSA_get0_q', AFailed);
+  RSA_get0_dmp1 := LoadFunction('RSA_get0_dmp1', AFailed);
+  RSA_get0_dmq1 := LoadFunction('RSA_get0_dmq1', AFailed);
+  RSA_get0_iqmp := LoadFunction('RSA_get0_iqmp', AFailed);
+  RSA_clear_flags := LoadFunction('RSA_clear_flags', AFailed);
+  RSA_test_flags := LoadFunction('RSA_test_flags', AFailed);
+  RSA_set_flags := LoadFunction('RSA_set_flags', AFailed);
+  RSA_get_version := LoadFunction('RSA_get_version', AFailed);
+  RSA_get0_engine := LoadFunction('RSA_get0_engine', AFailed);
+  RSA_generate_key_ex := LoadFunction('RSA_generate_key_ex', AFailed);
+  RSA_generate_multi_prime_key := LoadFunction('RSA_generate_multi_prime_key', AFailed);
+  RSA_X931_derive_ex := LoadFunction('RSA_X931_derive_ex', AFailed);
+  RSA_X931_generate_key_ex := LoadFunction('RSA_X931_generate_key_ex', AFailed);
+  RSA_check_key := LoadFunction('RSA_check_key', AFailed);
+  RSA_check_key_ex := LoadFunction('RSA_check_key_ex', AFailed);
+  RSA_public_encrypt := LoadFunction('RSA_public_encrypt', AFailed);
+  RSA_private_encrypt := LoadFunction('RSA_private_encrypt', AFailed);
+  RSA_public_decrypt := LoadFunction('RSA_public_decrypt', AFailed);
+  RSA_private_decrypt := LoadFunction('RSA_private_decrypt', AFailed);
+  RSA_free := LoadFunction('RSA_free', AFailed);
+  RSA_up_ref := LoadFunction('RSA_up_ref', AFailed);
+  RSA_flags := LoadFunction('RSA_flags', AFailed);
+  RSA_set_default_method := LoadFunction('RSA_set_default_method', AFailed);
+  RSA_get_default_method := LoadFunction('RSA_get_default_method', AFailed);
+  RSA_null_method := LoadFunction('RSA_null_method', AFailed);
+  RSA_get_method := LoadFunction('RSA_get_method', AFailed);
+  RSA_set_method := LoadFunction('RSA_set_method', AFailed);
+  RSA_PKCS1_OpenSSL := LoadFunction('RSA_PKCS1_OpenSSL', AFailed);
+  RSA_pkey_ctx_ctrl := LoadFunction('RSA_pkey_ctx_ctrl', AFailed);
+  RSA_print := LoadFunction('RSA_print', AFailed);
+  RSA_sign := LoadFunction('RSA_sign', AFailed);
+  RSA_verify := LoadFunction('RSA_verify', AFailed);
+  RSA_sign_ASN1_OCTET_STRING := LoadFunction('RSA_sign_ASN1_OCTET_STRING', AFailed);
+  RSA_verify_ASN1_OCTET_STRING := LoadFunction('RSA_verify_ASN1_OCTET_STRING', AFailed);
+  RSA_blinding_on := LoadFunction('RSA_blinding_on', AFailed);
+  RSA_blinding_off := LoadFunction('RSA_blinding_off', AFailed);
+  RSA_setup_blinding := LoadFunction('RSA_setup_blinding', AFailed);
+  RSA_padding_add_PKCS1_type_1 := LoadFunction('RSA_padding_add_PKCS1_type_1', AFailed);
+  RSA_padding_check_PKCS1_type_1 := LoadFunction('RSA_padding_check_PKCS1_type_1', AFailed);
+  RSA_padding_add_PKCS1_type_2 := LoadFunction('RSA_padding_add_PKCS1_type_2', AFailed);
+  RSA_padding_check_PKCS1_type_2 := LoadFunction('RSA_padding_check_PKCS1_type_2', AFailed);
+  PKCS1_MGF1 := LoadFunction('PKCS1_MGF1', AFailed);
+  RSA_padding_add_PKCS1_OAEP := LoadFunction('RSA_padding_add_PKCS1_OAEP', AFailed);
+  RSA_padding_check_PKCS1_OAEP := LoadFunction('RSA_padding_check_PKCS1_OAEP', AFailed);
+  RSA_padding_add_PKCS1_OAEP_mgf1 := LoadFunction('RSA_padding_add_PKCS1_OAEP_mgf1', AFailed);
+  RSA_padding_check_PKCS1_OAEP_mgf1 := LoadFunction('RSA_padding_check_PKCS1_OAEP_mgf1', AFailed);
+  RSA_padding_add_SSLv23 := LoadFunction('RSA_padding_add_SSLv23', AFailed);
+  RSA_padding_check_SSLv23 := LoadFunction('RSA_padding_check_SSLv23', AFailed);
+  RSA_padding_add_none := LoadFunction('RSA_padding_add_none', AFailed);
+  RSA_padding_check_none := LoadFunction('RSA_padding_check_none', AFailed);
+  RSA_padding_add_X931 := LoadFunction('RSA_padding_add_X931', AFailed);
+  RSA_padding_check_X931 := LoadFunction('RSA_padding_check_X931', AFailed);
+  RSA_X931_hash_id := LoadFunction('RSA_X931_hash_id', AFailed);
+  RSA_verify_PKCS1_PSS := LoadFunction('RSA_verify_PKCS1_PSS', AFailed);
+  RSA_padding_add_PKCS1_PSS := LoadFunction('RSA_padding_add_PKCS1_PSS', AFailed);
+  RSA_verify_PKCS1_PSS_mgf1 := LoadFunction('RSA_verify_PKCS1_PSS_mgf1', AFailed);
+  RSA_padding_add_PKCS1_PSS_mgf1 := LoadFunction('RSA_padding_add_PKCS1_PSS_mgf1', AFailed);
+  RSA_set_ex_data := LoadFunction('RSA_set_ex_data', AFailed);
+  RSA_get_ex_data := LoadFunction('RSA_get_ex_data', AFailed);
+  RSAPublicKey_dup := LoadFunction('RSAPublicKey_dup', AFailed);
+  RSAPrivateKey_dup := LoadFunction('RSAPrivateKey_dup', AFailed);
+  RSA_meth_new := LoadFunction('RSA_meth_new', AFailed);
+  RSA_meth_free := LoadFunction('RSA_meth_free', AFailed);
+  RSA_meth_dup := LoadFunction('RSA_meth_dup', AFailed);
+  RSA_meth_get0_name := LoadFunction('RSA_meth_get0_name', AFailed);
+  RSA_meth_set1_name := LoadFunction('RSA_meth_set1_name', AFailed);
+  RSA_meth_get_flags := LoadFunction('RSA_meth_get_flags', AFailed);
+  RSA_meth_set_flags := LoadFunction('RSA_meth_set_flags', AFailed);
+  RSA_meth_get0_app_data := LoadFunction('RSA_meth_get0_app_data', AFailed);
+  RSA_meth_set0_app_data := LoadFunction('RSA_meth_set0_app_data', AFailed);
+  RSA_meth_set_priv_dec := LoadFunction('RSA_meth_set_priv_dec', AFailed);
+  RSA_meth_set_mod_exp := LoadFunction('RSA_meth_set_mod_exp', AFailed);
+  RSA_meth_set_bn_mod_exp := LoadFunction('RSA_meth_set_bn_mod_exp', AFailed);
+  RSA_meth_set_init := LoadFunction('RSA_meth_set_init', AFailed);
+  RSA_meth_set_finish := LoadFunction('RSA_meth_set_finish', AFailed);
+  RSA_meth_set_sign := LoadFunction('RSA_meth_set_sign', AFailed);
+  RSA_meth_set_verify := LoadFunction('RSA_meth_set_verify', AFailed);
+  RSA_meth_set_keygen := LoadFunction('RSA_meth_set_keygen', AFailed);
+  RSA_meth_set_multi_prime_keygen := LoadFunction('RSA_meth_set_multi_prime_keygen', AFailed);
+end;
+
+procedure UnLoad;
+begin
+  RSA_new := nil;
+  RSA_new_method := nil;
+  RSA_bits := nil;
+  RSA_size := nil;
+  RSA_security_bits := nil;
+  RSA_set0_key := nil;
+  RSA_set0_factors := nil;
+  RSA_set0_crt_params := nil;
+  RSA_get0_key := nil;
+  RSA_get0_factors := nil;
+  RSA_get_multi_prime_extra_count := nil;
+  RSA_get0_crt_params := nil;
+  RSA_get0_n := nil;
+  RSA_get0_e := nil;
+  RSA_get0_d := nil;
+  RSA_get0_p := nil;
+  RSA_get0_q := nil;
+  RSA_get0_dmp1 := nil;
+  RSA_get0_dmq1 := nil;
+  RSA_get0_iqmp := nil;
+  RSA_clear_flags := nil;
+  RSA_test_flags := nil;
+  RSA_set_flags := nil;
+  RSA_get_version := nil;
+  RSA_get0_engine := nil;
+  RSA_generate_key_ex := nil;
+  RSA_generate_multi_prime_key := nil;
+  RSA_X931_derive_ex := nil;
+  RSA_X931_generate_key_ex := nil;
+  RSA_check_key := nil;
+  RSA_check_key_ex := nil;
+  RSA_public_encrypt := nil;
+  RSA_private_encrypt := nil;
+  RSA_public_decrypt := nil;
+  RSA_private_decrypt := nil;
+  RSA_free := nil;
+  RSA_up_ref := nil;
+  RSA_flags := nil;
+  RSA_set_default_method := nil;
+  RSA_get_default_method := nil;
+  RSA_null_method := nil;
+  RSA_get_method := nil;
+  RSA_set_method := nil;
+  RSA_PKCS1_OpenSSL := nil;
+  RSA_pkey_ctx_ctrl := nil;
+  RSA_print := nil;
+  RSA_sign := nil;
+  RSA_verify := nil;
+  RSA_sign_ASN1_OCTET_STRING := nil;
+  RSA_verify_ASN1_OCTET_STRING := nil;
+  RSA_blinding_on := nil;
+  RSA_blinding_off := nil;
+  RSA_setup_blinding := nil;
+  RSA_padding_add_PKCS1_type_1 := nil;
+  RSA_padding_check_PKCS1_type_1 := nil;
+  RSA_padding_add_PKCS1_type_2 := nil;
+  RSA_padding_check_PKCS1_type_2 := nil;
+  PKCS1_MGF1 := nil;
+  RSA_padding_add_PKCS1_OAEP := nil;
+  RSA_padding_check_PKCS1_OAEP := nil;
+  RSA_padding_add_PKCS1_OAEP_mgf1 := nil;
+  RSA_padding_check_PKCS1_OAEP_mgf1 := nil;
+  RSA_padding_add_SSLv23 := nil;
+  RSA_padding_check_SSLv23 := nil;
+  RSA_padding_add_none := nil;
+  RSA_padding_check_none := nil;
+  RSA_padding_add_X931 := nil;
+  RSA_padding_check_X931 := nil;
+  RSA_X931_hash_id := nil;
+  RSA_verify_PKCS1_PSS := nil;
+  RSA_padding_add_PKCS1_PSS := nil;
+  RSA_verify_PKCS1_PSS_mgf1 := nil;
+  RSA_padding_add_PKCS1_PSS_mgf1 := nil;
+  RSA_set_ex_data := nil;
+  RSA_get_ex_data := nil;
+  RSAPublicKey_dup := nil;
+  RSAPrivateKey_dup := nil;
+  RSA_meth_new := nil;
+  RSA_meth_free := nil;
+  RSA_meth_dup := nil;
+  RSA_meth_get0_name := nil;
+  RSA_meth_set1_name := nil;
+  RSA_meth_get_flags := nil;
+  RSA_meth_set_flags := nil;
+  RSA_meth_get0_app_data := nil;
+  RSA_meth_set0_app_data := nil;
+  RSA_meth_set_priv_dec := nil;
+  RSA_meth_set_mod_exp := nil;
+  RSA_meth_set_bn_mod_exp := nil;
+  RSA_meth_set_init := nil;
+  RSA_meth_set_finish := nil;
+  RSA_meth_set_sign := nil;
+  RSA_meth_set_verify := nil;
+  RSA_meth_set_keygen := nil;
+  RSA_meth_set_multi_prime_keygen := nil;
+end;
+{$ENDREGION}
+
+end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_rsaerr.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_rsaerr.pas
new file mode 100644
index 000000000..815a404f0
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_rsaerr.pas
@@ -0,0 +1,223 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 15:01:04
+
+unit IdOpenSSLHeaders_rsaerr;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// rsaerr.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  Classes,
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+const
+  (*
+   * RSA function codes.
+   *)
+  RSA_F_CHECK_PADDING_MD = 140;
+  RSA_F_ENCODE_PKCS1 = 146;
+  RSA_F_INT_RSA_VERIFY = 145;
+  RSA_F_OLD_RSA_PRIV_DECODE = 147;
+  RSA_F_PKEY_PSS_INIT = 165;
+  RSA_F_PKEY_RSA_CTRL = 143;
+  RSA_F_PKEY_RSA_CTRL_STR = 144;
+  RSA_F_PKEY_RSA_SIGN = 142;
+  RSA_F_PKEY_RSA_VERIFY = 149;
+  RSA_F_PKEY_RSA_VERIFYRECOVER = 141;
+  RSA_F_RSA_ALGOR_TO_MD = 156;
+  RSA_F_RSA_BUILTIN_KEYGEN = 129;
+  RSA_F_RSA_CHECK_KEY = 123;
+  RSA_F_RSA_CHECK_KEY_EX = 160;
+  RSA_F_RSA_CMS_DECRYPT = 159;
+  RSA_F_RSA_CMS_VERIFY = 158;
+  RSA_F_RSA_ITEM_VERIFY = 148;
+  RSA_F_RSA_METH_DUP = 161;
+  RSA_F_RSA_METH_NEW = 162;
+  RSA_F_RSA_METH_SET1_NAME = 163;
+  RSA_F_RSA_MGF1_TO_MD = 157;
+  RSA_F_RSA_MULTIP_INFO_NEW = 166;
+  RSA_F_RSA_NEW_METHOD = 106;
+  RSA_F_RSA_NULL = 124;
+  RSA_F_RSA_NULL_PRIVATE_DECRYPT = 132;
+  RSA_F_RSA_NULL_PRIVATE_ENCRYPT = 133;
+  RSA_F_RSA_NULL_PUBLIC_DECRYPT = 134;
+  RSA_F_RSA_NULL_PUBLIC_ENCRYPT = 135;
+  RSA_F_RSA_OSSL_PRIVATE_DECRYPT = 101;
+  RSA_F_RSA_OSSL_PRIVATE_ENCRYPT = 102;
+  RSA_F_RSA_OSSL_PUBLIC_DECRYPT = 103;
+  RSA_F_RSA_OSSL_PUBLIC_ENCRYPT = 104;
+  RSA_F_RSA_PADDING_ADD_NONE = 107;
+  RSA_F_RSA_PADDING_ADD_PKCS1_OAEP = 121;
+  RSA_F_RSA_PADDING_ADD_PKCS1_OAEP_MGF1 = 154;
+  RSA_F_RSA_PADDING_ADD_PKCS1_PSS = 125;
+  RSA_F_RSA_PADDING_ADD_PKCS1_PSS_MGF1 = 152;
+  RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1 = 108;
+  RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2 = 109;
+  RSA_F_RSA_PADDING_ADD_SSLV23 = 110;
+  RSA_F_RSA_PADDING_ADD_X931 = 127;
+  RSA_F_RSA_PADDING_CHECK_NONE = 111;
+  RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP = 122;
+  RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP_MGF1 = 153;
+  RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1 = 112;
+  RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2 = 113;
+  RSA_F_RSA_PADDING_CHECK_SSLV23 = 114;
+  RSA_F_RSA_PADDING_CHECK_X931 = 128;
+  RSA_F_RSA_PARAM_DECODE = 164;
+  RSA_F_RSA_PRINT = 115;
+  RSA_F_RSA_PRINT_FP = 116;
+  RSA_F_RSA_PRIV_DECODE = 150;
+  RSA_F_RSA_PRIV_ENCODE = 138;
+  RSA_F_RSA_PSS_GET_PARAM = 151;
+  RSA_F_RSA_PSS_TO_CTX = 155;
+  RSA_F_RSA_PUB_DECODE = 139;
+  RSA_F_RSA_SETUP_BLINDING = 136;
+  RSA_F_RSA_SIGN = 117;
+  RSA_F_RSA_SIGN_ASN1_OCTET_STRING = 118;
+  RSA_F_RSA_VERIFY = 119;
+  RSA_F_RSA_VERIFY_ASN1_OCTET_STRING = 120;
+  RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1 = 126;
+  RSA_F_SETUP_TBUF = 167;
+
+  (*
+   * RSA reason codes.
+   *)
+  RSA_R_ALGORITHM_MISMATCH = 100;
+  RSA_R_BAD_E_VALUE = 101;
+  RSA_R_BAD_FIXED_HEADER_DECRYPT = 102;
+  RSA_R_BAD_PAD_BYTE_COUNT = 103;
+  RSA_R_BAD_SIGNATURE = 104;
+  RSA_R_BLOCK_TYPE_IS_NOT_01 = 106;
+  RSA_R_BLOCK_TYPE_IS_NOT_02 = 107;
+  RSA_R_DATA_GREATER_THAN_MOD_LEN = 108;
+  RSA_R_DATA_TOO_LARGE = 109;
+  RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE = 110;
+  RSA_R_DATA_TOO_LARGE_FOR_MODULUS = 132;
+  RSA_R_DATA_TOO_SMALL = 111;
+  RSA_R_DATA_TOO_SMALL_FOR_KEY_SIZE = 122;
+  RSA_R_DIGEST_DOES_NOT_MATCH = 158;
+  RSA_R_DIGEST_NOT_ALLOWED = 145;
+  RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY = 112;
+  RSA_R_DMP1_NOT_CONGRUENT_TO_D = 124;
+  RSA_R_DMQ1_NOT_CONGRUENT_TO_D = 125;
+  RSA_R_D_E_NOT_CONGRUENT_TO_1 = 123;
+  RSA_R_FIRST_OCTET_INVALID = 133;
+  RSA_R_ILLEGAL_OR_UNSUPPORTED_PADDING_MODE = 144;
+  RSA_R_INVALID_DIGEST = 157;
+  RSA_R_INVALID_DIGEST_LENGTH = 143;
+  RSA_R_INVALID_HEADER = 137;
+  RSA_R_INVALID_LABEL = 160;
+  RSA_R_INVALID_MESSAGE_LENGTH = 131;
+  RSA_R_INVALID_MGF1_MD = 156;
+  RSA_R_INVALID_MULTI_PRIME_KEY = 167;
+  RSA_R_INVALID_OAEP_PARAMETERS = 161;
+  RSA_R_INVALID_PADDING = 138;
+  RSA_R_INVALID_PADDING_MODE = 141;
+  RSA_R_INVALID_PSS_PARAMETERS = 149;
+  RSA_R_INVALID_PSS_SALTLEN = 146;
+  RSA_R_INVALID_SALT_LENGTH = 150;
+  RSA_R_INVALID_TRAILER = 139;
+  RSA_R_INVALID_X931_DIGEST = 142;
+  RSA_R_IQMP_NOT_INVERSE_OF_Q = 126;
+  RSA_R_KEY_PRIME_NUM_INVALID = 165;
+  RSA_R_KEY_SIZE_TOO_SMALL = 120;
+  RSA_R_LAST_OCTET_INVALID = 134;
+  RSA_R_MISSING_PRIVATE_KEY = 179;
+  RSA_R_MGF1_DIGEST_NOT_ALLOWED = 152;
+  RSA_R_MODULUS_TOO_LARGE = 105;
+  RSA_R_MP_COEFFICIENT_NOT_INVERSE_OF_R = 168;
+  RSA_R_MP_EXPONENT_NOT_CONGRUENT_TO_D = 169;
+  RSA_R_MP_R_NOT_PRIME = 170;
+  RSA_R_NO_PUBLIC_EXPONENT = 140;
+  RSA_R_NULL_BEFORE_BLOCK_MISSING = 113;
+  RSA_R_N_DOES_NOT_EQUAL_PRODUCT_OF_PRIMES = 172;
+  RSA_R_N_DOES_NOT_EQUAL_P_Q = 127;
+  RSA_R_OAEP_DECODING_ERROR = 121;
+  RSA_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE = 148;
+  RSA_R_PADDING_CHECK_FAILED = 114;
+  RSA_R_PKCS_DECODING_ERROR = 159;
+  RSA_R_PSS_SALTLEN_TOO_SMALL = 164;
+  RSA_R_P_NOT_PRIME = 128;
+  RSA_R_Q_NOT_PRIME = 129;
+  RSA_R_RSA_OPERATIONS_NOT_SUPPORTED = 130;
+  RSA_R_SLEN_CHECK_FAILED = 136;
+  RSA_R_SLEN_RECOVERY_FAILED = 135;
+  RSA_R_SSLV3_ROLLBACK_ATTACK = 115;
+  RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD = 116;
+  RSA_R_UNKNOWN_ALGORITHM_TYPE = 117;
+  RSA_R_UNKNOWN_DIGEST = 166;
+  RSA_R_UNKNOWN_MASK_DIGEST = 151;
+  RSA_R_UNKNOWN_PADDING_TYPE = 118;
+  RSA_R_UNSUPPORTED_ENCRYPTION_TYPE = 162;
+  RSA_R_UNSUPPORTED_LABEL_SOURCE = 163;
+  RSA_R_UNSUPPORTED_MASK_ALGORITHM = 153;
+  RSA_R_UNSUPPORTED_MASK_PARAMETER = 154;
+  RSA_R_UNSUPPORTED_SIGNATURE_TYPE = 155;
+  RSA_R_VALUE_MISSING = 147;
+  RSA_R_WRONG_SIGNATURE_LENGTH = 119;
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+procedure UnLoad;
+{$ENDREGION}
+
+var
+  ERR_load_RSA_strings: function: TIdC_INT cdecl = nil;
+
+implementation
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+
+  function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
+  begin
+    Result := LoadLibFunction(ADllHandle, AMethodName);
+    if not Assigned(Result) then
+      AFailed.Add(AMethodName);
+  end;
+
+begin
+  ERR_load_RSA_strings := LoadFunction('ERR_load_RSA_strings', AFailed);
+end;
+
+procedure UnLoad;
+begin
+  ERR_load_RSA_strings := nil;
+end;
+{$ENDREGION}
+
+end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_sha.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_sha.pas
new file mode 100644
index 000000000..f43a5a697
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_sha.pas
@@ -0,0 +1,202 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 15:01:04
+
+unit IdOpenSSLHeaders_sha;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// sha.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  Classes,
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+const
+  SHA_LBLOCK = 16;
+  SHA_CBLOCK = SHA_LBLOCK * 4;
+
+  SHA_LAST_BLOCK = SHA_CBLOCK - 8;
+  SHA_DIGEST_LENGTH = 20;
+
+  SHA256_CBLOCK = SHA_LBLOCK * 4;
+
+  SHA224_DIGEST_LENGTH = 28;
+  SHA256_DIGEST_LENGTH = 32;
+  SHA384_DIGEST_LENGTH = 48;
+  SHA512_DIGEST_LENGTH = 64;
+
+  SHA512_CBLOCK = SHA_LBLOCK * 8;
+
+type
+  SHA_LONG = TIdC_UINT;
+
+  SHAstate_sf = record
+    h0, h1, h2, h3, h4: SHA_LONG;
+    Nl, Nh: SHA_LONG;
+    data: array[0 .. SHA_LAST_BLOCK - 1] of SHA_LONG;
+    num: TIdC_UINT;
+  end;
+  SHA_CTX = SHAstate_sf;
+  PSHA_CTX = ^SHA_CTX;
+
+  SHAstate256_sf = record
+    h: array[0..7] of SHA_LONG;
+    Nl, Nh: SHA_LONG;
+    data: array[0 .. SHA_LAST_BLOCK - 1] of SHA_LONG;
+    num, md_len: TIdC_UINT;
+  end;
+  SHA256_CTX = SHAstate256_sf;
+  PSHA256_CTX = ^SHA256_CTX;
+
+  SHA_LONG64 = TIdC_UINT64;
+
+  SHA512state_st_u = record
+    case Integer of
+    0: (d: array[0 .. SHA_LBLOCK - 1] of SHA_LONG64);
+    1: (p: array[0 .. SHA512_CBLOCK - 1] of Byte);
+  end;
+
+  SHA512state_st = record
+    h: array[0..7] of SHA_LONG64;
+    Nl, Nh: SHA_LONG64;
+    u: SHA512state_st_u;
+    num, md_len: TIdC_UINT;
+  end;
+  SHA512_CTX = SHA512state_st;
+  PSHA512_CTX = ^SHA512_CTX;
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+procedure UnLoad;
+{$ENDREGION}
+
+var
+  SHA1_Init: function(c: PSHA_CTX): TIdC_INT cdecl = nil;
+  SHA1_Update: function(c: PSHA_CTX; const data: Pointer; len: TIdC_SIZET): TIdC_INT cdecl = nil;
+  SHA1_Final: function(md: PByte; c: PSHA_CTX): TIdC_INT cdecl = nil;
+  SHA1: function(const d: PByte; n: TIdC_SIZET; md: PByte): PByte cdecl = nil;
+  SHA1_Transform: procedure(c: PSHA_CTX; const data: PByte) cdecl = nil;
+
+  SHA224_Init: function(c: PSHA256_CTX): TIdC_INT cdecl = nil;
+  SHA224_Update: function(c: PSHA256_CTX; const data: Pointer; len: TIdC_SIZET): TIdC_INT cdecl = nil;
+  SHA224_Final: function(md: PByte; c: PSHA256_CTX): TIdC_INT cdecl = nil;
+  SHA224: function(const d: PByte; n: TIdC_SIZET; md: PByte): PByte cdecl = nil;
+
+  SHA256_Init: function(c: PSHA256_CTX): TIdC_INT cdecl = nil;
+  SHA256_Update: function(c: PSHA256_CTX; const data: Pointer; len: TIdC_SIZET): TIdC_INT cdecl = nil;
+  SHA256_Final: function(md: PByte; c: PSHA256_CTX): TIdC_INT cdecl = nil;
+  SHA256: function(const d: PByte; n: TIdC_SIZET; md: PByte): PByte cdecl = nil;
+  SHA256_Transform: procedure(c: PSHA256_CTX; const data: PByte) cdecl = nil;
+
+  SHA384_Init: function(c: PSHA512_CTX): TIdC_INT cdecl = nil;
+  SHA384_Update: function(c: PSHA512_CTX; const data: Pointer; len: TIdC_SIZET): TIdC_INT cdecl = nil;
+  SHA384_Final: function(md: PByte; c: PSHA512_CTX): TIdC_INT cdecl = nil;
+  SHA384: function(const d: PByte; n: TIdC_SIZET; md: PByte): PByte cdecl = nil;
+
+  SHA512_Init: function(c: PSHA512_CTX): TIdC_INT cdecl = nil;
+  SHA512_Update: function(c: PSHA512_CTX; const data: Pointer; len: TIdC_SIZET): TIdC_INT cdecl = nil;
+  SHA512_Final: function(md: PByte; c: PSHA512_CTX): TIdC_INT cdecl = nil;
+  SHA512: function(const d: PByte; n: TIdC_SIZET; md: PByte): PByte cdecl = nil;
+  SHA512_Transform: procedure(c: PSHA512_CTX; const data: PByte) cdecl = nil;
+
+implementation
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+
+  function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
+  begin
+    Result := LoadLibFunction(ADllHandle, AMethodName);
+    if not Assigned(Result) then
+      AFailed.Add(AMethodName);
+  end;
+
+begin
+  SHA1_Init := LoadFunction('SHA1_Init', AFailed);
+  SHA1_Update := LoadFunction('SHA1_Update', AFailed);
+  SHA1_Final := LoadFunction('SHA1_Final', AFailed);
+  SHA1 := LoadFunction('SHA1', AFailed);
+  SHA1_Transform := LoadFunction('SHA1_Transform', AFailed);
+  SHA224_Init := LoadFunction('SHA224_Init', AFailed);
+  SHA224_Update := LoadFunction('SHA224_Update', AFailed);
+  SHA224_Final := LoadFunction('SHA224_Final', AFailed);
+  SHA224 := LoadFunction('SHA224', AFailed);
+  SHA256_Init := LoadFunction('SHA256_Init', AFailed);
+  SHA256_Update := LoadFunction('SHA256_Update', AFailed);
+  SHA256_Final := LoadFunction('SHA256_Final', AFailed);
+  SHA256 := LoadFunction('SHA256', AFailed);
+  SHA256_Transform := LoadFunction('SHA256_Transform', AFailed);
+  SHA384_Init := LoadFunction('SHA384_Init', AFailed);
+  SHA384_Update := LoadFunction('SHA384_Update', AFailed);
+  SHA384_Final := LoadFunction('SHA384_Final', AFailed);
+  SHA384 := LoadFunction('SHA384', AFailed);
+  SHA512_Init := LoadFunction('SHA512_Init', AFailed);
+  SHA512_Update := LoadFunction('SHA512_Update', AFailed);
+  SHA512_Final := LoadFunction('SHA512_Final', AFailed);
+  SHA512 := LoadFunction('SHA512', AFailed);
+  SHA512_Transform := LoadFunction('SHA512_Transform', AFailed);
+end;
+
+procedure UnLoad;
+begin
+  SHA1_Init := nil;
+  SHA1_Update := nil;
+  SHA1_Final := nil;
+  SHA1 := nil;
+  SHA1_Transform := nil;
+  SHA224_Init := nil;
+  SHA224_Update := nil;
+  SHA224_Final := nil;
+  SHA224 := nil;
+  SHA256_Init := nil;
+  SHA256_Update := nil;
+  SHA256_Final := nil;
+  SHA256 := nil;
+  SHA256_Transform := nil;
+  SHA384_Init := nil;
+  SHA384_Update := nil;
+  SHA384_Final := nil;
+  SHA384 := nil;
+  SHA512_Init := nil;
+  SHA512_Update := nil;
+  SHA512_Final := nil;
+  SHA512 := nil;
+  SHA512_Transform := nil;
+end;
+{$ENDREGION}
+
+end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_srtp.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_srtp.pas
new file mode 100644
index 000000000..3352b3833
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_srtp.pas
@@ -0,0 +1,100 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 15:01:04
+
+unit IdOpenSSLHeaders_srtp;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// srtp.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  Classes,
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts,
+  IdOpenSSLHeaders_ossl_typ,
+  IdOpenSSLHeaders_ssl;
+
+const
+  SRTP_AES128_CM_SHA1_80 = $0001;
+  SRTP_AES128_CM_SHA1_32 = $0002;
+  SRTP_AES128_F8_SHA1_80 = $0003;
+  SRTP_AES128_F8_SHA1_32 = $0004;
+  SRTP_NULL_SHA1_80      = $0005;
+  SRTP_NULL_SHA1_32      = $0006;
+
+  (* AEAD SRTP protection profiles from RFC 7714 *)
+  SRTP_AEAD_AES_128_GCM = $0007;
+  SRTP_AEAD_AES_256_GCM = $0008;
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+procedure UnLoad;
+{$ENDREGION}
+
+var
+  SSL_CTX_set_tlsext_use_srtp: function(ctx: PSSL_CTX; const profiles: PIdAnsiChar): TIdC_INT cdecl = nil;
+  SSL_set_tlsext_use_srtp: function(ctx: PSSL_CTX; const profiles: PIdAnsiChar): TIdC_INT cdecl = nil;
+
+  //function SSL_get_srtp_profiles(s: PSSL): PSTACK_OF_SRTP_PROTECTION_PROFILE;
+  SSL_get_selected_srtp_profile: function(s: PSSL): PSRTP_PROTECTION_PROFILE cdecl = nil;
+
+implementation
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+
+  function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
+  begin
+    Result := LoadLibFunction(ADllHandle, AMethodName);
+    if not Assigned(Result) then
+      AFailed.Add(AMethodName);
+  end;
+
+begin
+  SSL_CTX_set_tlsext_use_srtp := LoadFunction('SSL_CTX_set_tlsext_use_srtp', AFailed);
+  SSL_set_tlsext_use_srtp := LoadFunction('SSL_set_tlsext_use_srtp', AFailed);
+  SSL_get_selected_srtp_profile := LoadFunction('SSL_get_selected_srtp_profile', AFailed);
+end;
+
+procedure UnLoad;
+begin
+  SSL_CTX_set_tlsext_use_srtp := nil;
+  SSL_set_tlsext_use_srtp := nil;
+  SSL_get_selected_srtp_profile := nil;
+end;
+{$ENDREGION}
+
+end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ssl.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ssl.pas
new file mode 100644
index 000000000..813ae2c00
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ssl.pas
@@ -0,0 +1,3345 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 15:01:04
+
+unit IdOpenSSLHeaders_ssl;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// ssl.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  Classes,
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts,
+  IdOpenSSLHeaders_ossl_typ,
+  IdOpenSSLHeaders_async,
+  IdOpenSSLHeaders_bio,
+  IdOpenSSLHeaders_crypto,
+  IdOpenSSLHeaders_pem,
+  IdOpenSSLHeaders_tls1,
+  IdOpenSSLHeaders_ssl3,
+  IdOpenSSLHeaders_X509;
+
+{$MINENUMSIZE 4}
+
+const
+  (* OpenSSL version number for ASN.1 encoding of the session information *)
+  (*-
+   * Version 0 - initial version
+   * Version 1 - added the optional peer certificate
+   *)
+  SSL_SESSION_ASN1_VERSION = $0001;
+  
+  SSL_MAX_SSL_SESSION_ID_LENGTH = 32;
+  SSL_MAX_SID_CTX_LENGTH = 32;
+
+  SSL_MIN_RSA_MODULUS_LENGTH_IN_BYTES = 512/8;
+  SSL_MAX_KEY_ARG_LENGTH = 8;
+  SSL_MAX_MASTER_KEY_LENGTH = 48;
+
+  (* The maximum number of encrypt/decrypt pipelines we can support *)
+  SSL_MAX_PIPELINES = 32;
+
+  (* text strings for the ciphers *)
+
+  (* These are used to specify which ciphers to use and not to use *)
+
+  SSL_TXT_LOW = 'LOW';
+  SSL_TXT_MEDIUM = 'MEDIUM';
+  SSL_TXT_HIGH = 'HIGH';
+  SSL_TXT_FIPS = 'FIPS';
+
+  SSL_TXT_aNULL = 'aNULL';
+  SSL_TXT_eNULL = 'eNULL';
+  SSL_TXT_NULL = 'NULL';
+
+  SSL_TXT_kRSA = 'kRSA';
+  SSL_TXT_kDHr = 'kDHr';
+  SSL_TXT_kDHd = 'kDHd';
+  SSL_TXT_kDH = 'kDH';
+  SSL_TXT_kEDH = 'kEDH';
+  SSL_TXT_kDHE = 'kDHE';
+  SSL_TXT_kECDHr = 'kECDHr';
+//const SSL_TXT_kECDHe = 'kECDHe';
+  SSL_TXT_kECDH = 'kECDH';
+  SSL_TXT_kEECDH = 'kEECDH';
+  SSL_TXT_kECDHE = 'kECDHE';
+  SSL_TXT_kPSK = 'kPSK';
+  SSL_TXT_kRSAPSK = 'kRSAPSK';
+  SSL_TXT_kECDHEPSK = 'kECDHEPSK';
+  SSL_TXT_kDHEPSK = 'kDHEPSK';
+  SSL_TXT_kGOST = 'kGOST';
+  SSL_TXT_kSRP = 'kSRP';
+
+  SSL_TXT_aRSA = 'aRSA';
+  SSL_TXT_aDSS = 'aDSS';
+  SSL_TXT_aDH = 'aDH';
+  SSL_TXT_aECDH = 'aECDH';
+  SSL_TXT_aECDSA = 'aECDSA';
+  SSL_TXT_aPSK = 'aPSK';
+  SSL_TXT_aGOST94 = 'aGOST94';
+  SSL_TXT_aGOST01 = 'aGOST01';
+  SSL_TXT_aGOST12 = 'aGOST12';
+  SSL_TXT_aGOST = 'aGOST';
+  SSL_TXT_aSRP = 'aSRP';
+
+  SSL_TXT_DSS = 'DSS';
+  SSL_TXT_DH = 'DH';
+  SSL_TXT_DHE = 'DHE';
+  SSL_TXT_EDH = 'EDH';
+  //SSL_TXT_ADH = 'ADH';
+  SSL_TXT_RSA = 'RSA';
+  SSL_TXT_ECDH = 'ECDH';
+  SSL_TXT_EECDH = 'EECDH';
+  SSL_TXT_ECDHE = 'ECDHE';
+  //SSL_TXT_AECDH = 'AECDH';
+  SSL_TXT_ECDSA = 'ECDSA';
+  SSL_TXT_PSK = 'PSK';
+  SSL_TXT_SRP = 'SRP';
+
+  SSL_TXT_DES = 'DES';
+  SSL_TXT_3DES = '3DES';
+  SSL_TXT_RC4 = 'RC4';
+  SSL_TXT_RC2 = 'RC2';
+  SSL_TXT_IDEA = 'IDEA';
+  SSL_TXT_SEED = 'SEED';
+  SSL_TXT_AES128 = 'AES128';
+  SSL_TXT_AES256 = 'AES256';
+  SSL_TXT_AES = 'AES';
+  SSL_TXT_AES_GCM = 'AESGCM';
+  SSL_TXT_AES_CCM = 'AESCCM';
+  SSL_TXT_AES_CCM_8 = 'AESCCM8';
+  SSL_TXT_CAMELLIA128 = 'CAMELLIA128';
+  SSL_TXT_CAMELLIA256 = 'CAMELLIA256';
+  SSL_TXT_CAMELLIA = 'CAMELLIA';
+  SSL_TXT_CHACHA20 = 'CHACHA20';
+  SSL_TXT_GOST = 'GOST89';
+  SSL_TXT_ARIA = 'ARIA';
+  SSL_TXT_ARIA_GCM = 'ARIAGCM';
+  SSL_TXT_ARIA128 = 'ARIA128';
+  SSL_TXT_ARIA256 = 'ARIA256';
+
+  SSL_TXT_MD5 = 'MD5';
+  SSL_TXT_SHA1 = 'SHA1';
+  SSL_TXT_SHA = 'SHA';
+  SSL_TXT_GOST94 = 'GOST94';
+  SSL_TXT_GOST89MAC = 'GOST89MAC';
+  SSL_TXT_GOST12 = 'GOST12';
+  SSL_TXT_GOST89MAC12 = 'GOST89MAC12';
+  SSL_TXT_SHA256 = 'SHA256';
+  SSL_TXT_SHA384 = 'SHA384';
+
+  SSL_TXT_SSLV3 = 'SSLv3';
+  SSL_TXT_TLSV1 = 'TLSv1';
+  SSL_TXT_TLSV1_1 = 'TLSv1.1';
+  SSL_TXT_TLSV1_2 = 'TLSv1.2';
+
+  SSL_TXT_ALL = 'ALL';
+
+  (*-
+   * COMPLEMENTOF* definitions. These identifiers are used to (de-select)
+   * ciphers normally not being used.
+   * Example: "RC4" will activate all ciphers using RC4 including ciphers
+   * without authentication, which would normally disabled by DEFAULT (due
+   * the "!ADH" being part of default). Therefore "RC4:!COMPLEMENTOFDEFAULT"
+   * will make sure that it is also disabled in the specific selection.
+   * COMPLEMENTOF* identifiers are portable between version, as adjustments
+   * to the default cipher setup will also be included here.
+   *
+   * COMPLEMENTOFDEFAULT does not experience the same special treatment that
+   * DEFAULT gets, as only selection is being done and no sorting as needed
+   * for DEFAULT.
+   *)
+  SSL_TXT_CMPALL = 'COMPLEMENTOFALL';
+  SSL_TXT_CMPDEF = 'COMPLEMENTOFDEFAULT';
+
+  (*
+   * The following cipher list is used by default. It also is substituted when
+   * an application-defined cipher list string starts with 'DEFAULT'.
+   * This applies to ciphersuites for TLSv1.2 and below.
+   *)
+  SSL_DEFAULT_CIPHER_LIST = 'ALL:!COMPLEMENTOFDEFAULT:!eNULL';
+  (* This is the default set of TLSv1.3 ciphersuites *)
+  TLS_DEFAULT_CIPHERSUITES = 'TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256';
+
+  (*
+   * As of OpenSSL 1.0.0, ssl_create_cipher_list() in ssl/ssl_ciph.c always
+   * starts with a reasonable order, and all we have to do for DEFAULT is
+   * throwing out anonymous and unencrypted ciphersuites! (The latter are not
+   * actually enabled by ALL, but "ALL:RSA" would enable some of them.)
+   *)
+
+  (* Used in SSL_set_shutdown()/SSL_get_shutdown(); *)
+  SSL_SENT_SHUTDOWN = 1;
+  SSL_RECEIVED_SHUTDOWN = 2;
+
+  SSL_FILETYPE_ASN1 = X509_FILETYPE_ASN1;
+  SSL_FILETYPE_PEM = X509_FILETYPE_PEM;
+
+  (* Extension context codes *)
+  (* This extension is only allowed in TLS *)
+  SSL_EXT_TLS_ONLY = $0001;
+  (* This extension is only allowed in DTLS *)
+  SSL_EXT_DTLS_ONLY = $0002;
+  (* Some extensions may be allowed in DTLS but we don't implement them for it *)
+  SSL_EXT_TLS_IMPLEMENTATION_ONLY = $0004;
+  (* Most extensions are not defined for SSLv3 but EXT_TYPE_renegotiate is *)
+  SSL_EXT_SSL3_ALLOWED = $0008;
+  (* Extension is only defined for TLS1.2 and below *)
+  SSL_EXT_TLS1_2_AND_BELOW_ONLY = $0010;
+  (* Extension is only defined for TLS1.3 and above *)
+  SSL_EXT_TLS1_3_ONLY = $0020;
+  (* Ignore this extension during parsing if we are resuming *)
+  SSL_EXT_IGNORE_ON_RESUMPTION = $0040;
+  SSL_EXT_CLIENT_HELLO = $0080;
+  (* Really means TLS1.2 or below *)
+  SSL_EXT_TLS1_2_SERVER_HELLO = $0100;
+  SSL_EXT_TLS1_3_SERVER_HELLO = $0200;
+  SSL_EXT_TLS1_3_ENCRYPTED_EXTENSIONS = $0400;
+  SSL_EXT_TLS1_3_HELLO_RETRY_REQUEST = $0800;
+  SSL_EXT_TLS1_3_CERTIFICATE = $1000;
+  SSL_EXT_TLS1_3_NEW_SESSION_TICKET = $2000;
+  SSL_EXT_TLS1_3_CERTIFICATE_REQUEST = $4000;
+
+  (*
+   * Some values are reserved until OpenSSL 1.2.0 because they were previously
+   * included in SSL_OP_ALL in a 1.1.x release.
+   *
+   * Reserved value (until OpenSSL 1.2.0)                  $00000001U
+   * Reserved value (until OpenSSL 1.2.0)                  $00000002U
+   *)
+  (* Allow initial connection to servers that don't support RI *)
+  SSL_OP_LEGACY_SERVER_CONNECT = TIdC_UINT($00000004);
+
+  (* Reserved value (until OpenSSL 1.2.0)                  $00000008U *)
+  SSL_OP_TLSEXT_PADDING =      TIdC_UINT($00000010);
+  (* Reserved value (until OpenSSL 1.2.0)                  $00000020U *)
+  SSL_OP_SAFARI_ECDHE_ECDSA_BUG = TIdC_UINT($00000040);
+  (*
+   * Reserved value (until OpenSSL 1.2.0)                  $00000080U
+   * Reserved value (until OpenSSL 1.2.0)                  $00000100U
+   * Reserved value (until OpenSSL 1.2.0)                  $00000200U
+   *)
+
+  (* In TLSv1.3 allow a non-(ec)dhe based kex_mode *)
+  SSL_OP_ALLOW_NO_DHE_KEX                         = TIdC_UINT($00000400);
+
+  (*
+   * Disable SSL 3.0/TLS 1.0 CBC vulnerability workaround that was added in
+   * OpenSSL 0.9.6d.  Usually (depending on the application protocol) the
+   * workaround is not needed.  Unfortunately some broken SSL/TLS
+   * implementations cannot handle it at all, which is why we include it in
+   * SSL_OP_ALL. Added in 0.9.6e
+   *)
+  SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS              = TIdC_UINT($00000800);
+
+  (* DTLS options *)
+  SSL_OP_NO_QUERY_MTU                             = TIdC_UINT($00001000);
+  (* Turn on Cookie Exchange (on relevant for servers) *)
+  SSL_OP_COOKIE_EXCHANGE                          = TIdC_UINT($00002000);
+  (* Don't use RFC4507 ticket extension *)
+  SSL_OP_NO_TICKET                                = TIdC_UINT($00004000);
+  (* Use Cisco's "speshul" version of DTLS_BAD_VER
+   * (only with deprecated DTLSv1_client_method())  *)
+  SSL_OP_CISCO_ANYCONNECT                        = TIdC_UINT($00008000);
+
+  (* As server, disallow session resumption on renegotiation *)
+  SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION   = TIdC_UINT($00010000);
+  (* Don't use compression even if supported *)
+  SSL_OP_NO_COMPRESSION                           = TIdC_UINT($00020000);
+  (* Permit unsafe legacy renegotiation *)
+  SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION        = TIdC_UINT($00040000);
+  (* Disable encrypt-then-mac *)
+  SSL_OP_NO_ENCRYPT_THEN_MAC                      = TIdC_UINT($00080000);
+
+  (*
+   * Enable TLSv1.3 Compatibility mode. This is on by default. A future version
+   * of OpenSSL may have this disabled by default.
+   *)
+  SSL_OP_ENABLE_MIDDLEBOX_COMPAT                  = TIdC_UINT($00100000);
+
+  (* Prioritize Chacha20Poly1305 when client does.
+   * Modifies SSL_OP_CIPHER_SERVER_PREFERENCE *)
+  SSL_OP_PRIORITIZE_CHACHA                        = TIdC_UINT($00200000);
+
+  (*
+   * Set on servers to choose the cipher according to the server's preferences
+   *)
+  SSL_OP_CIPHER_SERVER_PREFERENCE                 = TIdC_UINT($00400000);
+  (*
+   * If set, a server will allow a client to issue a SSLv3.0 version number as
+   * latest version supported in the premaster secret, even when TLSv1.0
+   * (version 3.1) was announced in the client hello. Normally this is
+   * forbidden to prevent version rollback attacks.
+   *)
+  SSL_OP_TLS_ROLLBACK_BUG                         = TIdC_UINT($00800000);
+
+  (*
+   * Switches off automatic TLSv1.3 anti-replay protection for early data. This
+   * is a server-side option only (no effect on the client).
+   *)
+  SSL_OP_NO_ANTI_REPLAY                           = TIdC_UINT($01000000);
+
+  SSL_OP_NO_SSLv3                                 = TIdC_UINT($02000000);
+  SSL_OP_NO_TLSv1                                 = TIdC_UINT($04000000);
+  SSL_OP_NO_TLSv1_2                               = TIdC_UINT($08000000);
+  SSL_OP_NO_TLSv1_1                               = TIdC_UINT($10000000);
+  SSL_OP_NO_TLSv1_3                               = TIdC_UINT($20000000);
+
+  SSL_OP_NO_DTLSv1                                = TIdC_UINT($04000000);
+  SSL_OP_NO_DTLSv1_2                              = TIdC_UINT($08000000);
+
+  SSL_OP_NO_SSL_MASK = SSL_OP_NO_SSLv3 or SSL_OP_NO_TLSv1 or SSL_OP_NO_TLSv1_1
+    or SSL_OP_NO_TLSv1_2 or SSL_OP_NO_TLSv1_3;
+  SSL_OP_NO_DTLS_MASK = SSL_OP_NO_DTLSv1 or SSL_OP_NO_DTLSv1_2;
+
+  (* Disallow all renegotiation *)
+  SSL_OP_NO_RENEGOTIATION                         = TIdC_UINT($40000000);
+
+  (*
+   * Make server add server-hello extension from early version of cryptopro
+   * draft, when GOST ciphersuite is negotiated. Required for interoperability
+   * with CryptoPro CSP 3.x
+   *)
+  SSL_OP_CRYPTOPRO_TLSEXT_BUG                     = TIdC_UINT($80000000);
+
+  (*
+   * SSL_OP_ALL: various bug workarounds that should be rather harmless.
+   * This used to be $000FFFFFL before 0.9.7.
+   * This used to be $80000BFFU before 1.1.1.
+   *)
+  SSL_OP_ALL = SSL_OP_CRYPTOPRO_TLSEXT_BUG or SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS
+    or SSL_OP_LEGACY_SERVER_CONNECT or SSL_OP_TLSEXT_PADDING or SSL_OP_SAFARI_ECDHE_ECDSA_BUG;
+
+  (* OBSOLETE OPTIONS: retained for compatibility *)
+
+  (* Removed from OpenSSL 1.1.0. Was $00000001L *)
+  (* Related to removed SSLv2. *)
+  SSL_OP_MICROSOFT_SESS_ID_BUG                    = $0;
+  (* Removed from OpenSSL 1.1.0. Was $00000002L *)
+  (* Related to removed SSLv2. *)
+  SSL_OP_NETSCAPE_CHALLENGE_BUG                   = $0;
+  (* Removed from OpenSSL 0.9.8q and 1.0.0c. Was $00000008L *)
+  (* Dead forever, see CVE-2010-4180 *)
+  SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG         = $0;
+  (* Removed from OpenSSL 1.0.1h and 1.0.2. Was $00000010L *)
+  (* Refers to ancient SSLREF and SSLv2. *)
+  SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG              = $0;
+  (* Removed from OpenSSL 1.1.0. Was $00000020 *)
+  SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER               = $0;
+  (* Removed from OpenSSL 0.9.7h and 0.9.8b. Was $00000040L *)
+  SSL_OP_MSIE_SSLV2_RSA_PADDING                   = $0;
+  (* Removed from OpenSSL 1.1.0. Was $00000080 *)
+  (* Ancient SSLeay version. *)
+  SSL_OP_SSLEAY_080_CLIENT_DH_BUG                 = $0;
+  (* Removed from OpenSSL 1.1.0. Was $00000100L *)
+  SSL_OP_TLS_D5_BUG                               = $0;
+  (* Removed from OpenSSL 1.1.0. Was $00000200L *)
+  SSL_OP_TLS_BLOCK_PADDING_BUG                    = $0;
+  (* Removed from OpenSSL 1.1.0. Was $00080000L *)
+  SSL_OP_SINGLE_ECDH_USE                          = $0;
+  (* Removed from OpenSSL 1.1.0. Was $00100000L *)
+  SSL_OP_SINGLE_DH_USE                            = $0;
+  (* Removed from OpenSSL 1.0.1k and 1.0.2. Was $00200000L *)
+  SSL_OP_EPHEMERAL_RSA                            = $0;
+  (* Removed from OpenSSL 1.1.0. Was $01000000L *)
+  SSL_OP_NO_SSLv2                                 = $0;
+  (* Removed from OpenSSL 1.0.1. Was $08000000L *)
+  SSL_OP_PKCS1_CHECK_1                            = $0;
+  (* Removed from OpenSSL 1.0.1. Was $10000000L *)
+  SSL_OP_PKCS1_CHECK_2                            = $0;
+  (* Removed from OpenSSL 1.1.0. Was $20000000L *)
+  SSL_OP_NETSCAPE_CA_DN_BUG                       = $0;
+  (* Removed from OpenSSL 1.1.0. Was $40000000L *)
+  SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG          = $0;
+
+  (*
+   * Allow SSL_write(..., n) to return r with 0 < r < n (i.e. report success
+   * when just a single record has been written):
+   *)
+  SSL_MODE_ENABLE_PARTIAL_WRITE = TIdC_UINT($00000001);
+  (*
+   * Make it possible to retry SSL_write() with changed buffer location (buffer
+   * contents must stay the same!); this is not the default to avoid the
+   * misconception that non-blocking SSL_write() behaves like non-blocking
+   * write():
+   *)
+  SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER = TIdC_UINT($00000002);
+  (*
+   * Never bother the application with retries if the transport is blocking:
+   *)
+  SSL_MODE_AUTO_RETRY = TIdC_UINT($00000004);
+  (* Don't attempt to automatically build certificate chain *)
+  SSL_MODE_NO_AUTO_CHAIN = TIdC_UINT($00000008);
+  (*
+   * Save RAM by releasing read and write buffers when they're empty. (SSL3 and
+   * TLS only.) Released buffers are freed.
+   *)
+  SSL_MODE_RELEASE_BUFFERS = TIdC_UINT($00000010);
+  (*
+   * Send the current time in the Random fields of the ClientHello and
+   * ServerHello records for compatibility with hypothetical implementations
+   * that require it.
+   *)
+  SSL_MODE_SEND_CLIENTHELLO_TIME = TIdC_UINT($00000020);
+  SSL_MODE_SEND_SERVERHELLO_TIME = TIdC_UINT($00000040);
+  (*
+   * Send TLS_FALLBACK_SCSV in the ClientHello. To be set only by applications
+   * that reconnect with a downgraded protocol version; see
+   * draft-ietf-tls-downgrade-scsv-00 for details. DO NOT ENABLE THIS if your
+   * application attempts a normal handshake. Only use this in explicit
+   * fallback retries, following the guidance in
+   * draft-ietf-tls-downgrade-scsv-00.
+   *)
+  SSL_MODE_SEND_FALLBACK_SCSV = TIdC_UINT($00000080);
+  (*
+   * Support Asynchronous operation
+   *)
+  SSL_MODE_ASYNC = TIdC_UINT($00000100);
+
+  (*
+   * When using DTLS/SCTP, include the terminating zero in the label
+   * used for computing the endpoint-pair shared secret. Required for
+   * interoperability with implementations having this bug like these
+   * older version of OpenSSL:
+   * - OpenSSL 1.0.0 series
+   * - OpenSSL 1.0.1 series
+   * - OpenSSL 1.0.2 series
+   * - OpenSSL 1.1.0 series
+   * - OpenSSL 1.1.1 and 1.1.1a
+   *)
+  SSL_MODE_DTLS_SCTP_LABEL_LENGTH_BUG = TIdC_UINT($00000400);
+
+  (* Cert related flags *)
+  (*
+   * Many implementations ignore some aspects of the TLS standards such as
+   * enforcing certificate chain algorithms. When this is set we enforce them.
+   *)
+  SSL_CERT_FLAG_TLS_STRICT = TIdC_UINT($00000001);
+  (* Suite B modes, takes same values as certificate verify flags *)
+  SSL_CERT_FLAG_SUITEB_128_LOS_ONLY = $10000;
+  (* Suite B 192 bit only mode *)
+  SSL_CERT_FLAG_SUITEB_192_LOS = $20000;
+  (* Suite B 128 bit mode allowing 192 bit algorithms *)
+  SSL_CERT_FLAG_SUITEB_128_LOS = $30000;
+
+  (* Perform all sorts of protocol violations for testing purposes *)
+  SSL_CERT_FLAG_BROKEN_PROTOCOL = $10000000;
+
+  (* Flags for building certificate chains *)
+  (* Treat any existing certificates as untrusted CAs *)
+  SSL_BUILD_CHAIN_FLAG_UNTRUSTED = $1;
+  (* Don't include root CA in chain *)
+  SSL_BUILD_CHAIN_FLAG_NO_ROOT = $2;
+  (* Just check certificates already there *)
+  SSL_BUILD_CHAIN_FLAG_CHECK = $4;
+  (* Ignore verification errors *)
+  SSL_BUILD_CHAIN_FLAG_IGNORE_ERROR = $8;
+  (* Clear verification errors from queue *)
+  SSL_BUILD_CHAIN_FLAG_CLEAR_ERROR = $10;
+
+  (* Flags returned by SSL_check_chain *)
+  (* Certificate can be used with this session *)
+  CERT_PKEY_VALID = $1;
+  (* Certificate can also be used for signing *)
+  CERT_PKEY_SIGN = $2;
+  (* EE certificate signing algorithm OK *)
+  CERT_PKEY_EE_SIGNATURE = $10;
+  (* CA signature algorithms OK *)
+  CERT_PKEY_CA_SIGNATURE = $20;
+  (* EE certificate parameters OK *)
+  CERT_PKEY_EE_PARAM = $40;
+  (* CA certificate parameters OK *)
+  CERT_PKEY_CA_PARAM = $80;
+  (* Signing explicitly allowed as opposed to SHA1 fallback *)
+  CERT_PKEY_EXPLICIT_SIGN = $100;
+  (* Client CA issuer names match (always set for server cert) *)
+  CERT_PKEY_ISSUER_NAME = $200;
+  (* Cert type matches client types (always set for server cert) *)
+  CERT_PKEY_CERT_TYPE = $400;
+  (* Cert chain suitable to Suite B *)
+  CERT_PKEY_SUITEB = $800;
+
+  SSL_CONF_FLAG_CMDLINE = $1;
+  SSL_CONF_FLAG_FILE = $2;
+  SSL_CONF_FLAG_CLIENT = $4;
+  SSL_CONF_FLAG_SERVER = $8;
+  SSL_CONF_FLAG_SHOW_ERRORS = $10;
+  SSL_CONF_FLAG_CERTIFICATE = $20;
+  SSL_CONF_FLAG_REQUIRE_PRIVATE = $40;
+  (* Configuration value types *)
+  SSL_CONF_TYPE_UNKNOWN = $0;
+  SSL_CONF_TYPE_STRING = $1;
+  SSL_CONF_TYPE_FILE = $2;
+  SSL_CONF_TYPE_DIR = $3;
+  SSL_CONF_TYPE_NONE = $4;
+
+  (* Maximum length of the application-controlled segment of a a TLSv1.3 cookie *)
+  SSL_COOKIE_LENGTH = 4096;
+
+  (* 100k max cert list *)
+  SSL_MAX_CERT_LIST_DEFAULT = 1024 * 100;
+  SSL_SESSION_CACHE_MAX_SIZE_DEFAULT = 1024 * 20;
+
+  SSL_SESS_CACHE_OFF = $0000;
+  SSL_SESS_CACHE_CLIENT = $0001;
+  SSL_SESS_CACHE_SERVER = $0002;
+  SSL_SESS_CACHE_BOTH = (SSL_SESS_CACHE_CLIENT or SSL_SESS_CACHE_SERVER);
+  SSL_SESS_CACHE_NO_AUTO_CLEAR = $0080;
+  (* enough comments already ... see SSL_CTX_set_session_cache_mode(3) *)
+  SSL_SESS_CACHE_NO_INTERNAL_LOOKUP = $0100;
+  SSL_SESS_CACHE_NO_INTERNAL_STORE = $0200;
+  SSL_SESS_CACHE_NO_INTERNAL = (SSL_SESS_CACHE_NO_INTERNAL_LOOKUP or SSL_SESS_CACHE_NO_INTERNAL_STORE);
+
+  OPENSSL_NPN_UNSUPPORTED = 0;
+  OPENSSL_NPN_NEGOTIATED = 1;
+  OPENSSL_NPN_NO_OVERLAP = 2;
+
+  (*
+   * the maximum length of the buffer given to callbacks containing the
+   * resulting identity/psk
+   *)
+  PSK_MAX_IDENTITY_LEN = 128;
+  PSK_MAX_PSK_LEN = 256;
+
+  SSL_NOTHING = 1;
+  SSL_WRITING = 2;
+  SSL_READING = 3;
+  SSL_X509_LOOKUP = 4;
+  SSL_ASYNC_PAUSED = 5;
+  SSL_ASYNC_NO_JOBS = 6;
+  SSL_CLIENT_HELLO_CB = 7;
+
+  SSL_MAC_FLAG_READ_MAC_STREAM = 1;
+  SSL_MAC_FLAG_WRITE_MAC_STREAM = 2;
+
+  (* TLSv1.3 KeyUpdate message types *)
+  (* -1 used so that this is an invalid value for the on-the-wire protocol *)
+  SSL_KEY_UPDATE_NONE = -1;
+  (* Values as defined for the on-the-wire protocol *)
+  SSL_KEY_UPDATE_NOT_REQUESTED = 0;
+  SSL_KEY_UPDATE_REQUESTED = 1;
+
+  (*
+   * Most of the following state values are no longer used and are defined to be
+   * the closest equivalent value &in the current state machine code. Not all
+   * defines have an equivalent and are set to a dummy value (-1). SSL_ST_CONNECT
+   * and SSL_ST_ACCEPT are still &in use &in the definition of SSL_CB_ACCEPT_LOOP,
+   * SSL_CB_ACCEPT_EXIT, SSL_CB_CONNECT_LOOP and SSL_CB_CONNECT_EXIT.
+   *)
+  SSL_ST_CONNECT = $1000;
+  SSL_ST_ACCEPT = $2000;
+  
+  SSL_ST_MASK = $0FFF;
+  
+  SSL_CB_LOOP = $01;
+  SSL_CB_EXIT = $02;
+  SSL_CB_READ = $04;
+  SSL_CB_WRITE = $08;
+  SSL_CB_ALERT = $4000;
+  SSL_CB_READ_ALERT = SSL_CB_ALERT or SSL_CB_READ;
+  SSL_CB_WRITE_ALERT = SSL_CB_ALERT or SSL_CB_WRITE;
+  SSL_CB_ACCEPT_LOOP = SSL_ST_ACCEPT or SSL_CB_LOOP;
+  SSL_CB_ACCEPT_EXIT = SSL_ST_ACCEPT or SSL_CB_EXIT;
+  SSL_CB_CONNECT_LOOP = SSL_ST_CONNECT or SSL_CB_LOOP;
+  SSL_CB_CONNECT_EXIT = SSL_ST_CONNECT or SSL_CB_EXIT;
+  SSL_CB_HANDSHAKE_START = $10;
+  SSL_CB_HANDSHAKE_DONE = $20;
+
+  (*
+   * The following 3 states are kept in ssl->rlayer.rstate when reads fail, you
+   * should not need these
+   *)
+  SSL_ST_READ_HEADER = $F0;
+  SSL_ST_READ_BODY = $F1;
+  SSL_ST_READ_DONE = $F2;
+
+  (*
+   * use either SSL_VERIFY_NONE or SSL_VERIFY_PEER, the last 3 options are
+   * 'ored' with SSL_VERIFY_PEER if they are desired
+   *)
+  SSL_VERIFY_NONE = $00;
+  SSL_VERIFY_PEER = $01;
+  SSL_VERIFY_FAIL_IF_NO_PEER_CERT = $02;
+  SSL_VERIFY_CLIENT_ONCE = $04;
+  SSL_VERIFY_POST_HANDSHAKE = $08;
+
+  SSL_AD_REASON_OFFSET = 1000; (* offset to get SSL_R_... value
+                                * from SSL_AD_... *)
+  (* These alert types are for SSLv3 and TLSv1 *)
+  SSL_AD_CLOSE_NOTIFY = SSL3_AD_CLOSE_NOTIFY;
+  (* fatal *)
+  SSL_AD_UNEXPECTED_MESSAGE = SSL3_AD_UNEXPECTED_MESSAGE;
+  (* fatal *)
+  SSL_AD_BAD_RECORD_MAC = SSL3_AD_BAD_RECORD_MAC;
+  SSL_AD_DECRYPTION_FAILED = TLS1_AD_DECRYPTION_FAILED;
+  SSL_AD_RECORD_OVERFLOW = TLS1_AD_RECORD_OVERFLOW;
+  (* fatal *)
+  SSL_AD_DECOMPRESSION_FAILURE = SSL3_AD_DECOMPRESSION_FAILURE;
+  (* fatal *)
+  SSL_AD_HANDSHAKE_FAILURE = SSL3_AD_HANDSHAKE_FAILURE;
+  (* Not for TLS *)
+  SSL_AD_NO_CERTIFICATE = SSL3_AD_NO_CERTIFICATE;
+  SSL_AD_BAD_CERTIFICATE = SSL3_AD_BAD_CERTIFICATE;
+  SSL_AD_UNSUPPORTED_CERTIFICATE = SSL3_AD_UNSUPPORTED_CERTIFICATE;
+  SSL_AD_CERTIFICATE_REVOKED = SSL3_AD_CERTIFICATE_REVOKED;
+  SSL_AD_CERTIFICATE_EXPIRED = SSL3_AD_CERTIFICATE_EXPIRED;
+  SSL_AD_CERTIFICATE_UNKNOWN = SSL3_AD_CERTIFICATE_UNKNOWN;
+  (* fatal *)
+  SSL_AD_ILLEGAL_PARAMETER = SSL3_AD_ILLEGAL_PARAMETER;
+  (* fatal *)
+  SSL_AD_UNKNOWN_CA = TLS1_AD_UNKNOWN_CA;
+  (* fatal *)
+  SSL_AD_ACCESS_DENIED = TLS1_AD_ACCESS_DENIED;
+  (* fatal *)
+  SSL_AD_DECODE_ERROR = TLS1_AD_DECODE_ERROR;
+  SSL_AD_DECRYPT_ERROR = TLS1_AD_DECRYPT_ERROR;
+  (* fatal *)
+  SSL_AD_EXPORT_RESTRICTION = TLS1_AD_EXPORT_RESTRICTION;
+  (* fatal *)
+  SSL_AD_PROTOCOL_VERSION = TLS1_AD_PROTOCOL_VERSION;
+  (* fatal *)
+  SSL_AD_INSUFFICIENT_SECURITY = TLS1_AD_INSUFFICIENT_SECURITY;
+  (* fatal *)
+  SSL_AD_INTERNAL_ERROR = TLS1_AD_INTERNAL_ERROR;
+  SSL_AD_USER_CANCELLED = TLS1_AD_USER_CANCELLED;
+  SSL_AD_NO_RENEGOTIATION = TLS1_AD_NO_RENEGOTIATION;
+  SSL_AD_MISSING_EXTENSION = TLS13_AD_MISSING_EXTENSION;
+  SSL_AD_CERTIFICATE_REQUIRED = TLS13_AD_CERTIFICATE_REQUIRED;
+  SSL_AD_UNSUPPORTED_EXTENSION = TLS1_AD_UNSUPPORTED_EXTENSION;
+  SSL_AD_CERTIFICATE_UNOBTAINABLE = TLS1_AD_CERTIFICATE_UNOBTAINABLE;
+  SSL_AD_UNRECOGNIZED_NAME = TLS1_AD_UNRECOGNIZED_NAME;
+  SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE = TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE;
+  SSL_AD_BAD_CERTIFICATE_HASH_VALUE = TLS1_AD_BAD_CERTIFICATE_HASH_VALUE;
+  (* fatal *)
+  SSL_AD_UNKNOWN_PSK_IDENTITY = TLS1_AD_UNKNOWN_PSK_IDENTITY;
+  (* fatal *)
+  SSL_AD_INAPPROPRIATE_FALLBACK = TLS1_AD_INAPPROPRIATE_FALLBACK;
+  SSL_AD_NO_APPLICATION_PROTOCOL = TLS1_AD_NO_APPLICATION_PROTOCOL;
+  SSL_ERROR_NONE = 0;
+  SSL_ERROR_SSL = 1;
+  SSL_ERROR_WANT_READ = 2;
+  SSL_ERROR_WANT_WRITE = 3;
+  SSL_ERROR_WANT_X509_LOOKUP = 4;
+  SSL_ERROR_SYSCALL = 5; (* look at error stack/return
+                          * value/errno *)
+  SSL_ERROR_ZERO_RETURN = 6;
+  SSL_ERROR_WANT_CONNECT = 7;
+  SSL_ERROR_WANT_ACCEPT = 8;
+  SSL_ERROR_WANT_ASYNC = 9;
+  SSL_ERROR_WANT_ASYNC_JOB = 10;
+  SSL_ERROR_WANT_CLIENT_HELLO_CB = 11;
+  SSL_CTRL_SET_TMP_DH = 3;
+  SSL_CTRL_SET_TMP_ECDH = 4;
+  SSL_CTRL_SET_TMP_DH_CB = 6;
+  SSL_CTRL_GET_CLIENT_CERT_REQUEST = 9;
+  SSL_CTRL_GET_NUM_RENEGOTIATIONS = 10;
+  SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS = 11;
+  SSL_CTRL_GET_TOTAL_RENEGOTIATIONS = 12;
+  SSL_CTRL_GET_FLAGS = 13;
+  SSL_CTRL_EXTRA_CHAIN_CERT = 14;
+  SSL_CTRL_SET_MSG_CALLBACK = 15;
+  SSL_CTRL_SET_MSG_CALLBACK_ARG = 16;
+  (* only applies to datagram connections *)
+  SSL_CTRL_SET_MTU = 17;
+  (* Stats *)
+  SSL_CTRL_SESS_NUMBER = 20;
+  SSL_CTRL_SESS_CONNECT = 21;
+  SSL_CTRL_SESS_CONNECT_GOOD = 22;
+  SSL_CTRL_SESS_CONNECT_RENEGOTIATE = 23;
+  SSL_CTRL_SESS_ACCEPT = 24;
+  SSL_CTRL_SESS_ACCEPT_GOOD = 25;
+  SSL_CTRL_SESS_ACCEPT_RENEGOTIATE = 26;
+  SSL_CTRL_SESS_HIT = 27;
+  SSL_CTRL_SESS_CB_HIT = 28;
+  SSL_CTRL_SESS_MISSES = 29;
+  SSL_CTRL_SESS_TIMEOUTS = 30;
+  SSL_CTRL_SESS_CACHE_FULL = 31;
+  SSL_CTRL_MODE = 33;
+  SSL_CTRL_GET_READ_AHEAD = 40;
+  SSL_CTRL_SET_READ_AHEAD = 41;
+  SSL_CTRL_SET_SESS_CACHE_SIZE = 42;
+  SSL_CTRL_GET_SESS_CACHE_SIZE = 43;
+  SSL_CTRL_SET_SESS_CACHE_MODE = 44;
+  SSL_CTRL_GET_SESS_CACHE_MODE = 45;
+  SSL_CTRL_GET_MAX_CERT_LIST = 50;
+  SSL_CTRL_SET_MAX_CERT_LIST = 51;
+  SSL_CTRL_SET_MAX_SEND_FRAGMENT = 52;
+  (* see tls1.h for macros based on these *)
+  SSL_CTRL_SET_TLSEXT_SERVERNAME_CB = 53;
+  SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG = 54;
+  SSL_CTRL_SET_TLSEXT_HOSTNAME = 55;
+  SSL_CTRL_SET_TLSEXT_DEBUG_CB = 56;
+  SSL_CTRL_SET_TLSEXT_DEBUG_ARG = 57;
+  SSL_CTRL_GET_TLSEXT_TICKET_KEYS = 58;
+  SSL_CTRL_SET_TLSEXT_TICKET_KEYS = 59;
+  SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB = 63;
+  SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG = 64;
+  SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE = 65;
+  SSL_CTRL_GET_TLSEXT_STATUS_REQ_EXTS = 66;
+  SSL_CTRL_SET_TLSEXT_STATUS_REQ_EXTS = 67;
+  SSL_CTRL_GET_TLSEXT_STATUS_REQ_IDS = 68;
+  SSL_CTRL_SET_TLSEXT_STATUS_REQ_IDS = 69;
+  SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP = 70;
+  SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP = 71;
+  SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB = 72;
+  SSL_CTRL_SET_TLS_EXT_SRP_USERNAME_CB = 75;
+  SSL_CTRL_SET_SRP_VERIFY_PARAM_CB = 76;
+  SSL_CTRL_SET_SRP_GIVE_CLIENT_PWD_CB = 77;
+  SSL_CTRL_SET_SRP_ARG = 78;
+  SSL_CTRL_SET_TLS_EXT_SRP_USERNAME = 79;
+  SSL_CTRL_SET_TLS_EXT_SRP_STRENGTH = 80;
+  SSL_CTRL_SET_TLS_EXT_SRP_PASSWORD = 81;
+  SSL_CTRL_DTLS_EXT_SEND_HEARTBEAT = 85;
+  SSL_CTRL_GET_DTLS_EXT_HEARTBEAT_PENDING = 86;
+  SSL_CTRL_SET_DTLS_EXT_HEARTBEAT_NO_REQUESTS = 87;
+  DTLS_CTRL_GET_TIMEOUT = 73;
+  DTLS_CTRL_HANDLE_TIMEOUT = 74;
+  SSL_CTRL_GET_RI_SUPPORT = 76;
+  SSL_CTRL_CLEAR_MODE = 78;
+  SSL_CTRL_SET_NOT_RESUMABLE_SESS_CB = 79;
+  SSL_CTRL_GET_EXTRA_CHAIN_CERTS = 82;
+  SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS = 83;
+  SSL_CTRL_CHAIN = 88;
+  SSL_CTRL_CHAIN_CERT = 89;
+  SSL_CTRL_GET_GROUPS = 90;
+  SSL_CTRL_SET_GROUPS = 91;
+  SSL_CTRL_SET_GROUPS_LIST = 92;
+  SSL_CTRL_GET_SHARED_GROUP = 93;
+  SSL_CTRL_SET_SIGALGS = 97;
+  SSL_CTRL_SET_SIGALGS_LIST = 98;
+  SSL_CTRL_CERT_FLAGS = 99;
+  SSL_CTRL_CLEAR_CERT_FLAGS = 100;
+  SSL_CTRL_SET_CLIENT_SIGALGS = 101;
+  SSL_CTRL_SET_CLIENT_SIGALGS_LIST = 102;
+  SSL_CTRL_GET_CLIENT_CERT_TYPES = 103;
+  SSL_CTRL_SET_CLIENT_CERT_TYPES = 104;
+  SSL_CTRL_BUILD_CERT_CHAIN = 105;
+  SSL_CTRL_SET_VERIFY_CERT_STORE = 106;
+  SSL_CTRL_SET_CHAIN_CERT_STORE = 107;
+  SSL_CTRL_GET_PEER_SIGNATURE_NID = 108;
+  SSL_CTRL_GET_PEER_TMP_KEY = 109;
+  SSL_CTRL_GET_RAW_CIPHERLIST = 110;
+  SSL_CTRL_GET_EC_POINT_FORMATS = 111;
+  SSL_CTRL_GET_CHAIN_CERTS = 115;
+  SSL_CTRL_SELECT_CURRENT_CERT = 116;
+  SSL_CTRL_SET_CURRENT_CERT = 117;
+  SSL_CTRL_SET_DH_AUTO = 118;
+  DTLS_CTRL_SET_LINK_MTU = 120;
+  DTLS_CTRL_GET_LINK_MIN_MTU = 121;
+  SSL_CTRL_GET_EXTMS_SUPPORT = 122;
+  SSL_CTRL_SET_MIN_PROTO_VERSION = 123;
+  SSL_CTRL_SET_MAX_PROTO_VERSION = 124;
+  SSL_CTRL_SET_SPLIT_SEND_FRAGMENT = 125;
+  SSL_CTRL_SET_MAX_PIPELINES = 126;
+  SSL_CTRL_GET_TLSEXT_STATUS_REQ_TYPE = 127;
+  SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB = 128;
+  SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB_ARG = 129;
+  SSL_CTRL_GET_MIN_PROTO_VERSION = 130;
+  SSL_CTRL_GET_MAX_PROTO_VERSION = 131;
+  SSL_CTRL_GET_SIGNATURE_NID = 132;
+  SSL_CTRL_GET_TMP_KEY = 133;
+  SSL_CERT_SET_FIRST = 1;
+  SSL_CERT_SET_NEXT = 2;
+  SSL_CERT_SET_SERVER = 3;
+
+  (*
+   * The following symbol names are old and obsolete. They are kept
+   * for compatibility reasons only and should not be used anymore.
+   *)
+  SSL_CTRL_GET_CURVES = SSL_CTRL_GET_GROUPS;
+  SSL_CTRL_SET_CURVES = SSL_CTRL_SET_GROUPS;
+  SSL_CTRL_SET_CURVES_LIST = SSL_CTRL_SET_GROUPS_LIST;
+  SSL_CTRL_GET_SHARED_CURVE = SSL_CTRL_GET_SHARED_GROUP;
+  
+//  SSL_get1_curves = SSL_get1_groups;
+//  SSL_CTX_set1_curves = SSL_CTX_set1_groups;
+//  SSL_CTX_set1_curves_list = SSL_CTX_set1_groups_list;
+//  SSL_set1_curves = SSL_set1_groups;
+//  SSL_set1_curves_list = SSL_set1_groups_list;
+//  SSL_get_shared_curve = SSL_get_shared_group;
+
+  (* serverinfo file format versions *)
+  SSL_SERVERINFOV1 = 1;
+  SSL_SERVERINFOV2 = 2;
+
+  SSL_CLIENT_HELLO_SUCCESS = 1;
+  SSL_CLIENT_HELLO_ERROR = 0;
+  SSL_CLIENT_HELLO_RETRY = -1;
+
+  SSL_READ_EARLY_DATA_ERROR = 0;
+  SSL_READ_EARLY_DATA_SUCCESS = 1;
+  SSL_READ_EARLY_DATA_FINISH = 2;
+
+  SSL_EARLY_DATA_NOT_SENT = 0;
+  SSL_EARLY_DATA_REJECTED = 1;
+  SSL_EARLY_DATA_ACCEPTED = 2;
+
+  //SSLv23_method = TLS_method;
+  //SSLv23_server_method = TLS_server_method;
+  //SSLv23_client_method = TLS_client_method;
+
+  (* What the 'other' parameter contains &in security callback *)
+  (* Mask for type *)
+  SSL_SECOP_OTHER_TYPE = $ffff0000;
+  SSL_SECOP_OTHER_NONE = 0;
+  SSL_SECOP_OTHER_CIPHER = (1 shl 16);
+  SSL_SECOP_OTHER_CURVE = (2 shl 16);
+  SSL_SECOP_OTHER_DH = (3 shl 16);
+  SSL_SECOP_OTHER_PKEY = (4 shl 16);
+  SSL_SECOP_OTHER_SIGALG = (5 shl 16);
+  SSL_SECOP_OTHER_CERT = (6 shl 16);
+
+  (* Indicated operation refers to peer key or certificate *)
+  SSL_SECOP_PEER = $1000;
+
+  (* Values for "op" parameter in security callback *)
+
+  (* Called to filter ciphers *)
+  (* Ciphers client supports *)
+  SSL_SECOP_CIPHER_SUPPORTED = 1 or SSL_SECOP_OTHER_CIPHER;
+  (* Cipher shared by client/server *)
+  SSL_SECOP_CIPHER_SHARED = 2 or SSL_SECOP_OTHER_CIPHER;
+  (* Sanity check of cipher server selects *)
+  SSL_SECOP_CIPHER_CHECK = 3 or SSL_SECOP_OTHER_CIPHER;
+  (* Curves supported by client *)
+  SSL_SECOP_CURVE_SUPPORTED = 4 or SSL_SECOP_OTHER_CURVE;
+  (* Curves shared by client/server *)
+  SSL_SECOP_CURVE_SHARED = 5 or SSL_SECOP_OTHER_CURVE;
+  (* Sanity check of curve server selects *)
+  SSL_SECOP_CURVE_CHECK = 6 or SSL_SECOP_OTHER_CURVE;
+  (* Temporary DH key *)
+  SSL_SECOP_TMP_DH = 7 or SSL_SECOP_OTHER_PKEY;
+  (* SSL/TLS version *)
+  SSL_SECOP_VERSION = 9 or SSL_SECOP_OTHER_NONE;
+  (* Session tickets *)
+  SSL_SECOP_TICKET = 10 or SSL_SECOP_OTHER_NONE;
+  (* Supported signature algorithms sent to peer *)
+  SSL_SECOP_SIGALG_SUPPORTED = 11 or SSL_SECOP_OTHER_SIGALG;
+  (* Shared signature algorithm *)
+  SSL_SECOP_SIGALG_SHARED = 12 or SSL_SECOP_OTHER_SIGALG;
+  (* Sanity check signature algorithm allowed *)
+  SSL_SECOP_SIGALG_CHECK = 13 or SSL_SECOP_OTHER_SIGALG;
+  (* Used to get mask of supported public key signature algorithms *)
+  SSL_SECOP_SIGALG_MASK = 14 or SSL_SECOP_OTHER_SIGALG;
+  (* Use to see if compression is allowed *)
+  SSL_SECOP_COMPRESSION = 15 or SSL_SECOP_OTHER_NONE;
+  (* EE key in certificate *)
+  SSL_SECOP_EE_KEY = 16 or SSL_SECOP_OTHER_CERT;
+  (* CA key in certificate *)
+  SSL_SECOP_CA_KEY = 17 or SSL_SECOP_OTHER_CERT;
+  (* CA digest algorithm in certificate *)
+  SSL_SECOP_CA_MD = 18 or SSL_SECOP_OTHER_CERT;
+  (* Peer EE key in certificate *)
+  SSL_SECOP_PEER_EE_KEY = SSL_SECOP_EE_KEY or SSL_SECOP_PEER;
+  (* Peer CA key in certificate *)
+  SSL_SECOP_PEER_CA_KEY = SSL_SECOP_CA_KEY or SSL_SECOP_PEER;
+  (* Peer CA digest algorithm in certificate *)
+  SSL_SECOP_PEER_CA_MD = SSL_SECOP_CA_MD or SSL_SECOP_PEER;
+
+  (* OPENSSL_INIT flag 0x010000 reserved for internal use *)
+  OPENSSL_INIT_NO_LOAD_SSL_STRINGS = TIdC_LONG($00100000);
+  OPENSSL_INIT_LOAD_SSL_STRINGS = TIdC_LONG($00200000);
+  OPENSSL_INIT_SSL_DEFAULT = OPENSSL_INIT_LOAD_SSL_STRINGS or OPENSSL_INIT_LOAD_CRYPTO_STRINGS;
+
+  (* Support for ticket appdata *)
+  (* fatal error, malloc failure *)
+  SSL_TICKET_FATAL_ERR_MALLOC = 0;
+  (* fatal error, either from parsing or decrypting the ticket *)
+  SSL_TICKET_FATAL_ERR_OTHER = 1;
+  (* No ticket present *)
+  SSL_TICKET_NONE = 2;
+  (* Empty ticket present *)
+  SSL_TICKET_EMPTY = 3;
+  (* the ticket couldn't be decrypted *)
+  SSL_TICKET_NO_DECRYPT = 4;
+  (* a ticket was successfully decrypted *)
+  SSL_TICKET_SUCCESS = 5;
+  (* same as above but the ticket needs to be renewed *)
+  SSL_TICKET_SUCCESS_RENEW = 6;
+
+  (* An error occurred *)
+  SSL_TICKET_RETURN_ABORT = 0;
+  (* Do not use the ticket, do not send a renewed ticket to the client *)
+  SSL_TICKET_RETURN_IGNORE = 1;
+  (* Do not use the ticket, send a renewed ticket to the client *)
+  SSL_TICKET_RETURN_IGNORE_RENEW = 2;
+  (* Use the ticket, do not send a renewed ticket to the client *)
+  SSL_TICKET_RETURN_USE = 3;
+  (* Use the ticket, send a renewed ticket to the client *)
+  SSL_TICKET_RETURN_USE_RENEW = 4;
+
+type
+  (*
+   * This is needed to stop compilers complaining about the 'struct ssl_st *'
+   * function parameters used to prototype callbacks in SSL_CTX.
+   *)
+  ssl_crock_st = ^ssl_st;
+  TLS_SESSION_TICKET_EXT = tls_session_ticket_ext_st;
+  ssl_method_st = type Pointer;
+  SSL_METHOD = ssl_method_st;
+  PSSL_METHOD = ^SSL_METHOD;
+  ssl_session_st = type Pointer;
+  SSL_CIPHER = ssl_session_st;
+  PSSL_CIPHER = ^SSL_CIPHER;
+  SSL_SESSION = ssl_session_st;
+  PSSL_SESSION = ^SSL_SESSION;
+  PPSSL_SESSION = ^PSSL_SESSION;
+  tls_sigalgs_st = type Pointer;
+  TLS_SIGALGS = tls_sigalgs_st;
+  ssl_conf_ctx_st = type Pointer;
+  SSL_CONF_CTX = ssl_conf_ctx_st;
+  PSSL_CONF_CTX = ^SSL_CONF_CTX;
+  ssl_comp_st = type Pointer;
+  SSL_COMP = ssl_comp_st;
+
+  //STACK_OF(SSL_CIPHER);
+  //STACK_OF(SSL_COMP);
+
+  (* SRTP protection profiles for use with the use_srtp extension (RFC 5764)*)
+  srtp_protection_profile_st = record
+    name: PIdAnsiChar;
+    id: TIdC_ULONG;
+  end;
+  SRTP_PROTECTION_PROFILE = srtp_protection_profile_st;
+  PSRTP_PROTECTION_PROFILE = ^SRTP_PROTECTION_PROFILE;
+
+  //DEFINE_STACK_OF(SRTP_PROTECTION_PROFILE)
+
+  (* Typedefs for handling custom extensions *)
+  custom_ext_add_cb = function (s: PSSL; ext_type: TIdC_UINT; const &out: PByte; outlen: PIdC_SIZET; al: PIdC_INT; add_arg: Pointer): TIdC_INT; cdecl;
+  custom_ext_free_cb = procedure (s: PSSL; ext_type: TIdC_UINT; const &out: PByte; add_arg: Pointer); cdecl;
+  custom_ext_parse_cb = function (s: PSSL; ext_type: TIdC_UINT; const &in: PByte; inlen: TIdC_SIZET; al: PIdC_INT; parse_arg: Pointer): TIdC_INT; cdecl;
+
+  SSL_custom_ext_add_cb_ex = function (s: PSSL; ext_type: TIdC_UINT; context: TIdC_UINT; const &out: PByte; outlen: PIdC_SIZET; x: Px509; chainidx: TIdC_SIZET; al: PIdC_INT; add_arg: Pointer): TIdC_INT; cdecl;
+  SSL_custom_ext_free_cb_ex = procedure (s: PSSL; ext_type: TIdC_UINT; context: TIdC_UINT; const &out: PByte; add_arg: Pointer); cdecl;
+  SSL_custom_ext_parse_cb_ex = function (s: PSSL; ext_type: TIdC_UINT; context: TIdC_UINT; const &in: PByte; inlen: TIdC_SIZET; x: Px509; chainidx: TIdC_SIZET; al: PIdC_INT; parse_arg: Pointer): TIdC_INT; cdecl;
+
+  (* Typedef for verification callback *)
+  SSL_verify_cb = function (preverify_ok: TIdC_INT; x509_ctx: PX509_STORE_CTX): TIdC_INT; cdecl;
+
+  tls_session_ticket_ext_cb_fn = function (s: PSSL; const data: PByte; len: TIdC_INT; arg: Pointer): TIdC_INT; cdecl;
+
+  (*
+   * This callback type is used inside SSL_CTX, SSL, and &in the functions that
+   * set them. It is used to override the generation of SSL/TLS session IDs &in
+   * a server. Return value should be zero on an error, non-zero to proceed.
+   * Also, callbacks should themselves check if the id they generate is unique
+   * otherwise the SSL handshake will fail with an error - callbacks can do
+   * this using the 'ssl' value they're passed by;
+   * SSL_has_matching_session_id(ssl, id, *id_len) The length value passed &in
+   * is set at the maximum size the session ID can be. &in SSLv3/TLSv1 it is 32
+   * bytes. The callback can alter this length to be less if desired. It is
+   * also an error for the callback to set the size to zero.
+   *)
+  GEN_SESSION_CB = function (ssl: PSSL; id: PByte; id_len: PIdC_UINT): TIdC_INT; cdecl;
+
+  SSL_CTX_info_callback = procedure (const ssl: PSSL; &type: TIdC_INT; val: TIdC_INT); cdecl;
+  SSL_CTX_client_cert_cb = function (ssl: PSSL; x509: PPx509; pkey: PPEVP_PKEY): TIdC_INT; cdecl;
+
+  SSL_CTX_cookie_verify_cb = function (ssl: PSSL; cookie: PByte; cookie_len: PIdC_UINT): TIdC_INT; cdecl;
+  SSL_CTX_set_cookie_verify_cb_app_verify_cookie_cb = function (ssl: PSSL; const cookie: PByte; cookie_len: TIdC_UINT): TIdC_INT; cdecl;
+  SSL_CTX_set_stateless_cookie_generate_cb_gen_stateless_cookie_cb = function (ssl: PSSL; cookie: PByte; cookie_len: PIdC_SIZET): TIdC_INT; cdecl;
+  SSL_CTX_set_stateless_cookie_verify_cb_verify_stateless_cookie_cb = function (ssl: PSSL; const cookie: PByte; cookie_len: TIdC_SIZET): TIdC_INT; cdecl;
+
+  SSL_CTX_alpn_select_cb_func = function (ssl: PSSL; const &out: PPByte; outlen: PByte; const &in: PByte; inlen: TIdC_UINT; arg: Pointer): TIdC_INT; cdecl;
+  SSL_psk_client_cb_func = function (ssl: PSSL; const hint: PIdAnsiChar; identity: PIdAnsiChar; max_identity_len: TIdC_UINT; psk: PByte; max_psk_len: TIdC_UINT): TIdC_UINT; cdecl;
+  SSL_psk_server_cb_func = function (ssl: PSSL; const identity: PIdAnsiChar; psk: PByte; max_psk_len: TIdC_UINT): TIdC_UINT; cdecl;
+  SSL_psk_find_session_cb_func = function (ssl: PSSL; const identity: PByte; identity_len: TIdC_SIZET; sess: PPSSL_SESSION): TIdC_INT; cdecl;
+  SSL_psk_use_session_cb_func = function (ssl: PSSL; const md: PEVP_MD; const id: PPByte; idlen: PIdC_SIZET; sess: PPSSL_SESSION): TIdC_INT; cdecl;
+
+  (*
+   * A callback for logging out TLS key material. This callback should log out
+   * |line| followed by a newline.
+   *)
+  SSL_CTX_keylog_cb_func = procedure(const ssl: PSSL; const line: PIdAnsiChar); cdecl;
+
+  (*
+   * The valid handshake states (one for each type message sent and one for each
+   * type of message received). There are also two "special" states:
+   * TLS = TLS or DTLS state
+   * DTLS = DTLS specific state
+   * CR/SR = Client Read/Server Read
+   * CW/SW = Client Write/Server Write
+   *
+   * The "special" states are:
+   * TLS_ST_BEFORE = No handshake has been initiated yet
+   * TLS_ST_OK = A handshake has been successfully completed
+   *)
+  TLS_ST_OK = (
+    DTLS_ST_CR_HELLO_VERIFY_REQUEST,
+    TLS_ST_CR_SRVR_HELLO,
+    TLS_ST_CR_CERT,
+    TLS_ST_CR_CERT_STATUS,
+    TLS_ST_CR_KEY_EXCH,
+    TLS_ST_CR_CERT_REQ,
+    TLS_ST_CR_SRVR_DONE,
+    TLS_ST_CR_SESSION_TICKET,
+    TLS_ST_CR_CHANGE,
+    TLS_ST_CR_FINISHED,
+    TLS_ST_CW_CLNT_HELLO,
+    TLS_ST_CW_CERT,
+    TLS_ST_CW_KEY_EXCH,
+    TLS_ST_CW_CERT_VRFY,
+    TLS_ST_CW_CHANGE,
+    TLS_ST_CW_NEXT_PROTO,
+    TLS_ST_CW_FINISHED,
+    TLS_ST_SW_HELLO_REQ,
+    TLS_ST_SR_CLNT_HELLO,
+    DTLS_ST_SW_HELLO_VERIFY_REQUEST,
+    TLS_ST_SW_SRVR_HELLO,
+    TLS_ST_SW_CERT,
+    TLS_ST_SW_KEY_EXCH,
+    TLS_ST_SW_CERT_REQ,
+    TLS_ST_SW_SRVR_DONE,
+    TLS_ST_SR_CERT,
+    TLS_ST_SR_KEY_EXCH,
+    TLS_ST_SR_CERT_VRFY,
+    TLS_ST_SR_NEXT_PROTO,
+    TLS_ST_SR_CHANGE,
+    TLS_ST_SR_FINISHED,
+    TLS_ST_SW_SESSION_TICKET,
+    TLS_ST_SW_CERT_STATUS,
+    TLS_ST_SW_CHANGE,
+    TLS_ST_SW_FINISHED,
+    TLS_ST_SW_ENCRYPTED_EXTENSIONS,
+    TLS_ST_CR_ENCRYPTED_EXTENSIONS,
+    TLS_ST_CR_CERT_VRFY,
+    TLS_ST_SW_CERT_VRFY,
+    TLS_ST_CR_HELLO_REQ,
+    TLS_ST_SW_KEY_UPDATE,
+    TLS_ST_CW_KEY_UPDATE,
+    TLS_ST_SR_KEY_UPDATE,
+    TLS_ST_CR_KEY_UPDATE,
+    TLS_ST_EARLY_DATA,
+    TLS_ST_PENDING_EARLY_DATA_END,
+    TLS_ST_CW_END_OF_EARLY_DATA
+  );
+  OSSL_HANDSHAKE_STATE = TLS_ST_OK;
+
+  SSL_CTX_set_cert_verify_callback_cb = function (v1: PX509_STORE_CTX; v2: Pointer): TIdC_INT; cdecl;
+  SSL_CTX_set_cert_cb_cb = function (ssl: PSSL; arg: Pointer): TIdC_INT; cdecl;
+
+  SSL_CTX_set_srp_client_pwd_callback_cb = function (v1: PSSL; v2: Pointer): PIdAnsiChar; cdecl;
+  SSL_CTX_set_srp_verify_param_callback_cb = function (v1: PSSL; v2: Pointer): TIdC_INT; cdecl;
+  SSL_CTX_set_srp_username_callback_cb = function (v1: PSSL; v2: PIdC_INT; v3: Pointer): TIdC_INT; cdecl;
+  SSL_client_hello_cb_fn = function (s: PSSL; al: PIdC_INT; arg: Pointer): TIdC_INT; cdecl;
+  SSL_callback_ctrl_v3 = procedure; cdecl;
+  SSL_CTX_callback_ctrl_v3 = procedure; cdecl;
+  SSL_info_callback = procedure (const ssl: PSSL; &type: TIdC_INT; val: TIdC_INT); cdecl;
+
+  (* NB: the |keylength| is only applicable when is_export is true *)
+  SSL_CTX_set_tmp_dh_callback_dh = function (ssl: PSSL; is_export: TIdC_INT; keylength: TIdC_INT): PDH; cdecl;
+  SSL_set_tmp_dh_callback_dh = function (ssl: PSSL; is_export: TIdC_INT; keylength: TIdC_INT): PDH; cdecl;
+  SSL_CTX_set_not_resumable_session_callback_cb = function (ssl: PSSL; is_forward_secure: TIdC_INT): TIdC_INT; cdecl;
+  SSL_set_not_resumable_session_callback_cb = function (ssl: PSSL; is_forward_secure: TIdC_INT): TIdC_INT; cdecl;
+  SSL_CTX_set_record_padding_callback_cb = function (ssl: PSSL; &type: TIdC_INT; len: TIdC_SIZET; arg: Pointer): TIdC_SIZET; cdecl;
+  SSL_set_record_padding_callback_cb = function (ssl: PSSL; &type: TIdC_INT; len: TIdC_SIZET; arg: Pointer): TIdC_SIZET; cdecl;
+  
+  (*
+   * The validation type enumerates the available behaviours of the built-in SSL
+   * CT validation callback selected via SSL_enable_ct() and SSL_CTX_enable_ct().
+   * The underlying callback is a static function in libssl.
+   *)
+  SSL_CT_VALIDATION = (         
+    SSL_CT_VALIDATION_PERMISSIVE = 0,
+    SSL_CT_VALIDATION_STRICT
+  );
+  SSL_security_callback = function (const s: PSSL; const ctx: PSSL_CTX; op: TIdC_INT; bits: TIdC_INT; nid: TIdC_INT; other: Pointer; ex: Pointer): TIdC_INT; cdecl;
+
+  (* Status codes passed to the decrypt session ticket callback. Some of these
+   * are for internal use only and are never passed to the callback. *)
+  SSL_TICKET_STATUS = TIdC_INT;
+  SSL_TICKET_RETURN = TIdC_INT;
+
+  SSL_CTX_generate_session_ticket_fn = function(s: PSSL; arg: Pointer): TIdC_INT; cdecl;
+
+  SSL_CTX_decrypt_session_ticket_fn = function (s: PSSL; ss: PSSL_SESSION; const keyname: PByte; keyname_length: TIdC_SIZET; status: SSL_TICKET_STATUS; arg: Pointer): SSL_TICKET_RETURN; cdecl;
+
+  DTLS_timer_cb = function(s: PSSL; timer_us: TIdC_UINT): TIdC_UINT; cdecl;
+  SSL_allow_early_data_cb_fn = function(s: PSSL; arg: Pointer): TIdC_INT; cdecl;
+
+  SSL_CTX_sess_new_cb = function (ssl: PSSL; sess: PSSL_SESSION): TIdC_INT; cdecl;
+
+  SSL_CTX_sess_remove_cb = procedure(ctx: PSSL_CTX; sess: PSSL_SESSION); cdecl;
+
+{$REGION 'C compiler macros'}
+function SSL_CTX_set_mode(ctx: PSSL_CTX; op: TIdC_LONG): TIdC_LONG;
+function SSL_CTX_clear_mode(ctx: PSSL_CTX; op: TIdC_LONG): TIdC_LONG;
+
+function SSL_CTX_sess_set_cache_size(ctx: PSSL_CTX; t: TIdC_LONG): TIdC_LONG;
+function SSL_CTX_sess_get_cache_size(ctx: PSSL_CTX): TIdC_LONG;
+function SSL_CTX_set_session_cache_mode(ctx: PSSL_CTX; m: TIdC_LONG): TIdC_LONG;
+function SSL_CTX_get_session_cache_mode(ctx: PSSL_CTX): TIdC_LONG;
+
+function SSL_num_renegotiations(ssl: PSSL): TIdC_LONG;
+function SSL_clear_num_renegotiations(ssl: PSSL): TIdC_LONG;
+function SSL_total_renegotiations(ssl: PSSL): TIdC_LONG;
+function SSL_CTX_set_tmp_dh(ctx: PSSL_CTX; dh: PByte): TIdC_LONG;
+function SSL_CTX_set_tmp_ecdh(ctx: PSSL_CTX; ecdh: PByte): TIdC_LONG;
+function SSL_CTX_set_dh_auto(ctx: PSSL_CTX; onoff: TIdC_LONG): TIdC_LONG;
+function SSL_set_dh_auto(s: PSSL; onoff: TIdC_LONG): TIdC_LONG;
+function SSL_set_tmp_dh(ssl: PSSL; dh: PByte): TIdC_LONG;
+function SSL_set_tmp_ecdh(ssl: PSSL; ecdh: PByte): TIdC_LONG;
+function SSL_CTX_add_extra_chain_cert(ctx: PSSL_CTX; x509: PByte): TIdC_LONG;
+function SSL_CTX_get_extra_chain_certs(ctx: PSSL_CTX; px509: Pointer): TIdC_LONG;
+function SSL_CTX_get_extra_chain_certs_only(ctx: PSSL_CTX; px509: Pointer): TIdC_LONG;
+function SSL_CTX_clear_extra_chain_certs(ctx: PSSL_CTX): TIdC_LONG;
+function SSL_CTX_set0_chain(ctx: PSSL_CTX; sk: PByte): TIdC_LONG;
+function SSL_CTX_set1_chain(ctx: PSSL_CTX; sk: PByte): TIdC_LONG;
+function SSL_CTX_add0_chain_cert(ctx: PSSL_CTX; x509: PByte): TIdC_LONG;
+function SSL_CTX_add1_chain_cert(ctx: PSSL_CTX; x509: PByte): TIdC_LONG;
+function SSL_CTX_get0_chain_certs(ctx: PSSL_CTX; px509: Pointer): TIdC_LONG;
+function SSL_CTX_clear_chain_certs(ctx: PSSL_CTX): TIdC_LONG;
+function SSL_CTX_build_cert_chain(ctx: PSSL_CTX; flags: TIdC_LONG): TIdC_LONG;
+function SSL_CTX_select_current_cert(ctx: PSSL_CTX; x509: PByte): TIdC_LONG;
+function SSL_CTX_set_current_cert(ctx: PSSL_CTX; op: TIdC_LONG): TIdC_LONG;
+function SSL_CTX_set0_verify_cert_store(ctx: PSSL_CTX; st: Pointer): TIdC_LONG;
+function SSL_CTX_set1_verify_cert_store(ctx: PSSL_CTX; st: Pointer): TIdC_LONG;
+function SSL_CTX_set0_chain_cert_store(ctx: PSSL_CTX; st: Pointer): TIdC_LONG;
+function SSL_CTX_set1_chain_cert_store(ctx: PSSL_CTX; st: Pointer): TIdC_LONG;
+function SSL_set0_chain(s: PSSL; sk: PByte): TIdC_LONG;
+function SSL_set1_chain(s: PSSL; sk: PByte): TIdC_LONG;
+function SSL_add0_chain_cert(s: PSSL; x509: PByte): TIdC_LONG;
+function SSL_add1_chain_cert(s: PSSL; x509: PByte): TIdC_LONG;
+function SSL_get0_chain_certs(s: PSSL; px509: Pointer): TIdC_LONG;
+function SSL_clear_chain_certs(s: PSSL): TIdC_LONG;
+function SSL_build_cert_chain(s: PSSL; flags: TIdC_LONG): TIdC_LONG;
+function SSL_select_current_cert(s: PSSL; x509: PByte): TIdC_LONG;
+function SSL_set_current_cert(s: PSSL; op: TIdC_LONG): TIdC_LONG;
+function SSL_set0_verify_cert_store(s: PSSL; st: PByte): TIdC_LONG;
+function SSL_set1_verify_cert_store(s: PSSL; st: PByte): TIdC_LONG;
+function SSL_set0_chain_cert_store(s: PSSL; st: PByte): TIdC_LONG;
+function SSL_set1_chain_cert_store(s: PSSL; st: PByte): TIdC_LONG;
+function SSL_get1_groups(s: PSSL; glist: PIdC_INT): TIdC_LONG;
+function SSL_CTX_set1_groups(ctx: PSSL_CTX; glist: PByte; glistlen: TIdC_LONG): TIdC_LONG;
+function SSL_CTX_set1_groups_list(ctx: PSSL_CTX; s: PByte): TIdC_LONG;
+function SSL_set1_groups(s: PSSL; glist: PByte; glistlen: TIdC_LONG): TIdC_LONG;
+function SSL_set1_groups_list(s: PSSL; str: PByte): TIdC_LONG;
+function SSL_get_shared_group(s: PSSL; n: TIdC_LONG): TIdC_LONG;
+function SSL_CTX_set1_sigalgs(ctx: PSSL_CTX; slist: PIdC_INT; slistlen: TIdC_LONG): TIdC_LONG;
+function SSL_CTX_set1_sigalgs_list(ctx: PSSL_CTX; s: PByte): TIdC_LONG;
+function SSL_set1_sigalgs(s: PSSL; slist: PIdC_INT; slistlen: TIdC_LONG): TIdC_LONG;
+function SSL_set1_sigalgs_list(s: PSSL; str: PByte): TIdC_LONG;
+function SSL_CTX_set1_client_sigalgs(ctx: PSSL_CTX; slist: PIdC_INT; slistlen: TIdC_LONG): TIdC_LONG;
+function SSL_CTX_set1_client_sigalgs_list(ctx: PSSL_CTX; s: PByte): TIdC_LONG;
+function SSL_set1_client_sigalgs(s: PSSL; slist: PIdC_INT; slistlen: TIdC_LONG): TIdC_LONG;
+function SSL_set1_client_sigalgs_list(s: PSSL; str: PByte): TIdC_LONG;
+function SSL_get0_certificate_types(s: PSSL; clist: PByte): TIdC_LONG;
+function SSL_CTX_set1_client_certificate_types(ctx: PSSL_CTX; clist: PByte; clistlen: TIdC_LONG): TIdC_LONG;
+function SSL_set1_client_certificate_types(s: PSSL; clist: PByte; clistlen: TIdC_LONG): TIdC_LONG;
+function SSL_get_signature_nid(s: PSSL; pn: Pointer): TIdC_LONG;
+function SSL_get_peer_signature_nid(s: PSSL; pn: Pointer): TIdC_LONG;
+function SSL_get_peer_tmp_key(s: PSSL; pk: Pointer): TIdC_LONG;
+function SSL_get_tmp_key(s: PSSL; pk: Pointer): TIdC_LONG;
+function SSL_get0_raw_cipherlist(s: PSSL; plst: Pointer): TIdC_LONG;
+function SSL_get0_ec_point_formats(s: PSSL; plst: Pointer): TIdC_LONG;
+function SSL_CTX_set_min_proto_version(ctx: PSSL_CTX; version: TIdC_LONG): TIdC_LONG;
+function SSL_CTX_set_max_proto_version(ctx: PSSL_CTX; version: TIdC_LONG): TIdC_LONG;
+function SSL_CTX_get_min_proto_version(ctx: PSSL_CTX): TIdC_LONG;
+function SSL_CTX_get_max_proto_version(ctx: PSSL_CTX): TIdC_LONG;
+function SSL_set_min_proto_version(s: PSSL; version: TIdC_LONG): TIdC_LONG;
+function SSL_set_max_proto_version(s: PSSL; version: TIdC_LONG): TIdC_LONG;
+function SSL_get_min_proto_version(s: PSSL): TIdC_LONG;
+function SSL_get_max_proto_version(s: PSSL): TIdC_LONG;
+{$ENDREGION}
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+procedure UnLoad;
+{$ENDREGION}
+
+var
+  //typedef TIdC_INT (*tls_session_secret_cb_fn)(s: PSSL, void *secret, TIdC_INT *secret_len,
+  //                                        STACK_OF(SSL_CIPHER) *peer_ciphers,
+  //                                        const SSL_CIPHER **cipher, void *arg);
+
+  SSL_CTX_get_options: function(const ctx: PSSL_CTX): TIdC_ULONG cdecl = nil;
+  SSL_get_options: function(const s: PSSL): TIdC_ULONG cdecl = nil;
+  SSL_CTX_clear_options: function(ctx: PSSL_CTX; op: TIdC_ULONG): TIdC_ULONG cdecl = nil;
+  SSL_clear_options: function(s: PSSL; op: TIdC_ULONG): TIdC_ULONG cdecl = nil;
+  SSL_CTX_set_options: function(ctx: PSSL_CTX; op: TIdC_ULONG): TIdC_ULONG cdecl = nil;
+  SSL_set_options: function(s: PSSL; op: TIdC_ULONG): TIdC_ULONG cdecl = nil;
+
+  //# define SSL_CTX_set_mode(ctx,op) \
+  //        SSL_CTX_ctrl((ctx),SSL_CTRL_MODE,(op),NULL)
+  //# define SSL_CTX_clear_mode(ctx,op) \
+  //        SSL_CTX_ctrl((ctx),SSL_CTRL_CLEAR_MODE,(op),NULL)
+  //# define SSL_CTX_get_mode(ctx) \
+  //        SSL_CTX_ctrl((ctx),SSL_CTRL_MODE,0,NULL)
+  //# define SSL_clear_mode(ssl,op) \
+  //        SSL_ctrl((ssl),SSL_CTRL_CLEAR_MODE,(op),NULL)
+  //# define SSL_set_mode(ssl,op) \
+  //        SSL_ctrl((ssl),SSL_CTRL_MODE,(op),NULL)
+  //# define SSL_get_mode(ssl) \
+  //        SSL_ctrl((ssl),SSL_CTRL_MODE,0,NULL)
+  //# define SSL_set_mtu(ssl, mtu) \
+  //        SSL_ctrl((ssl),SSL_CTRL_SET_MTU,(mtu),NULL)
+  //# define DTLS_set_link_mtu(ssl, mtu) \
+  //        SSL_ctrl((ssl),DTLS_CTRL_SET_LINK_MTU,(mtu),NULL)
+  //# define DTLS_get_link_min_mtu(ssl) \
+  //        SSL_ctrl((ssl),DTLS_CTRL_GET_LINK_MIN_MTU,0,NULL)
+  //
+  //# define SSL_get_secure_renegotiation_support(ssl) \
+  //        SSL_ctrl((ssl), SSL_CTRL_GET_RI_SUPPORT, 0, NULL)
+  //
+  //# ifndef OPENSSL_NO_HEARTBEATS
+  //#  define SSL_heartbeat(ssl) \
+  //        SSL_ctrl((ssl),SSL_CTRL_DTLS_EXT_SEND_HEARTBEAT,0,NULL)
+  //# endif
+  //
+  //# define SSL_CTX_set_cert_flags(ctx,op) \
+  //        SSL_CTX_ctrl((ctx),SSL_CTRL_CERT_FLAGS,(op),NULL)
+  //# define SSL_set_cert_flags(s,op) \
+  //        SSL_ctrl((s),SSL_CTRL_CERT_FLAGS,(op),NULL)
+  //# define SSL_CTX_clear_cert_flags(ctx,op) \
+  //        SSL_CTX_ctrl((ctx),SSL_CTRL_CLEAR_CERT_FLAGS,(op),NULL)
+  //# define SSL_clear_cert_flags(s,op) \
+  //        SSL_ctrl((s),SSL_CTRL_CLEAR_CERT_FLAGS,(op),NULL)
+  //
+  //void SSL_CTX_set_msg_callback(ctx: PSSL_CTX,
+  //                              void (*cb) (TIdC_INT write_p, TIdC_INT version,
+  //                                          TIdC_INT content_type, const void *buf,
+  //                                          TIdC_SIZET len, ssl: PSSL, void *arg));
+  //void SSL_set_msg_callback(ssl: PSSL,
+  //                          void (*cb) (TIdC_INT write_p, TIdC_INT version,
+  //                                      TIdC_INT content_type, const void *buf,
+  //                                      TIdC_SIZET len, ssl: PSSL, void *arg));
+  //# define SSL_CTX_set_msg_callback_arg(ctx, arg) SSL_CTX_ctrl((ctx), SSL_CTRL_SET_MSG_CALLBACK_ARG, 0, (arg))
+  //# define SSL_set_msg_callback_arg(ssl, arg) SSL_ctrl((ssl), SSL_CTRL_SET_MSG_CALLBACK_ARG, 0, (arg))
+  //
+  //# define SSL_get_extms_support(s) \
+  //        SSL_ctrl((s),SSL_CTRL_GET_EXTMS_SUPPORT,0,NULL)
+  //
+  //# ifndef OPENSSL_NO_SRP
+
+  ///* see tls_srp.c */
+  //__owur TIdC_INT SSL_SRP_CTX_init(s: PSSL);
+  //__owur TIdC_INT SSL_CTX_SRP_CTX_init(ctx: PSSL_CTX);
+  //TIdC_INT SSL_SRP_CTX_free(SSL *ctx);
+  //TIdC_INT SSL_CTX_SRP_CTX_free(ctx: PSSL_CTX);
+  //__owur TIdC_INT SSL_srp_server_param_with_username(s: PSSL, TIdC_INT *ad);
+  //__owur TIdC_INT SRP_Calc_A_param(s: PSSL);
+
+  // # endif
+
+  // LHASH_OF(SSL_SESSION) *SSL_CTX_sessions(ctx: PSSL_CTX);
+  //# define SSL_CTX_sess_number(ctx) \
+  //        SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_NUMBER,0,NULL)
+  //# define SSL_CTX_sess_connect(ctx) \
+  //        SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CONNECT,0,NULL)
+  //# define SSL_CTX_sess_connect_good(ctx) \
+  //        SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CONNECT_GOOD,0,NULL)
+  //# define SSL_CTX_sess_connect_renegotiate(ctx) \
+  //        SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CONNECT_RENEGOTIATE,0,NULL)
+  //# define SSL_CTX_sess_accept(ctx) \
+  //        SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_ACCEPT,0,NULL)
+  //# define SSL_CTX_sess_accept_renegotiate(ctx) \
+  //        SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_ACCEPT_RENEGOTIATE,0,NULL)
+  //# define SSL_CTX_sess_accept_good(ctx) \
+  //        SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_ACCEPT_GOOD,0,NULL)
+  //# define SSL_CTX_sess_hits(ctx) \
+  //        SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_HIT,0,NULL)
+  //# define SSL_CTX_sess_cb_hits(ctx) \
+  //        SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CB_HIT,0,NULL)
+  //# define SSL_CTX_sess_misses(ctx) \
+  //        SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_MISSES,0,NULL)
+  //# define SSL_CTX_sess_timeouts(ctx) \
+  //        SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_TIMEOUTS,0,NULL)
+  //# define SSL_CTX_sess_cache_full(ctx) \
+  //        SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CACHE_FULL,0,NULL)
+
+  SSL_CTX_sess_set_new_cb: procedure(ctx: PSSL_CTX; new_session_cb: SSL_CTX_sess_new_cb) cdecl = nil;
+  SSL_CTX_sess_get_new_cb: function(ctx: PSSL_CTX): SSL_CTX_sess_new_cb cdecl = nil;
+  SSL_CTX_sess_set_remove_cb: procedure(ctx: PSSL_CTX; remove_session_cb: SSL_CTX_sess_remove_cb) cdecl = nil;
+  SSL_CTX_sess_get_remove_cb: function(ctx: PSSL_CTX): SSL_CTX_sess_remove_cb cdecl = nil;
+
+  //void SSL_CTX_sess_set_get_cb(ctx: PSSL_CTX,
+  //                             SSL_SESSION *(*get_session_cb) (struct ssl_st
+  //                                                             *ssl,
+  //                                                             const Byte
+  //                                                             *data, TIdC_INT len,
+  //                                                             TIdC_INT *copy));
+  //SSL_SESSION *(*SSL_CTX_sess_get_get_cb(ctx: PSSL_CTX)) (struct ssl_st *ssl,
+  //                                                       const d: PByteata,
+  //                                                       TIdC_INT len, TIdC_INT *copy);
+  SSL_CTX_set_info_callback: procedure(ctx: PSSL_CTX; cb: SSL_CTX_info_callback) cdecl = nil;
+  SSL_CTX_get_info_callback: function(ctx: PSSL_CTX): SSL_CTX_info_callback cdecl = nil;
+  SSL_CTX_set_client_cert_cb: procedure(ctx: PSSL_CTX; client_cert_cb: SSL_CTX_client_cert_cb) cdecl = nil;
+  SSL_CTX_get_client_cert_cb: function(ctx: PSSL_CTX): SSL_CTX_client_cert_cb cdecl = nil;
+  SSL_CTX_set_client_cert_engine: function(ctx: PSSL_CTX; e: PENGINE): TIdC_INT cdecl = nil;
+
+  SSL_CTX_set_cookie_generate_cb: procedure(ctx: PSSL_CTX; app_gen_cookie_cb: SSL_CTX_cookie_verify_cb) cdecl = nil;
+  SSL_CTX_set_cookie_verify_cb: procedure(ctx: PSSL_CTX; app_verify_cookie_cb: SSL_CTX_set_cookie_verify_cb_app_verify_cookie_cb) cdecl = nil;
+  SSL_CTX_set_stateless_cookie_generate_cb: procedure(ctx: PSSL_CTX; gen_stateless_cookie_cb: SSL_CTX_set_stateless_cookie_generate_cb_gen_stateless_cookie_cb) cdecl = nil;
+  SSL_CTX_set_stateless_cookie_verify_cb: procedure(ctx: PSSL_CTX; verify_stateless_cookie_cb: SSL_CTX_set_stateless_cookie_verify_cb_verify_stateless_cookie_cb) cdecl = nil;
+
+  //__owur TIdC_INT SSL_CTX_set_alpn_protos(ctx: PSSL_CTX, const Byte *protos,
+  //                                   TIdC_UINT protos_len);
+  //__owur TIdC_INT SSL_set_alpn_protos(ssl: PSSL, const Byte *protos,
+  //                               TIdC_UINT protos_len);
+
+  SSL_CTX_set_alpn_select_cb: procedure(ctx: PSSL_CTX; cb: SSL_CTX_alpn_select_cb_func; arg: Pointer) cdecl = nil;
+  SSL_get0_alpn_selected: procedure(const ssl: PSSL; const data: PPByte; len: PIdC_UINT) cdecl = nil;
+  SSL_CTX_set_psk_client_callback: procedure(ctx: PSSL_CTX; cb: SSL_psk_client_cb_func) cdecl = nil;
+  SSL_set_psk_client_callback: procedure(ssl: PSSL; cb: SSL_psk_client_cb_func) cdecl = nil;
+  SSL_CTX_set_psk_server_callback: procedure(ctx: PSSL_CTX; cb: SSL_psk_server_cb_func) cdecl = nil;
+  SSL_set_psk_server_callback: procedure(ssl: PSSL; cb: SSL_psk_server_cb_func) cdecl = nil;
+
+  //__owur TIdC_INT SSL_CTX_use_psk_identity_hint(ctx: PSSL_CTX, const PIdAnsiChar *identity_hint);
+  //__owur TIdC_INT SSL_use_psk_identity_hint(s: PSSL, const PIdAnsiChar *identity_hint);
+  //const PIdAnsiChar *SSL_get_psk_identity_hint(const s: PSSL);
+  //const PIdAnsiChar *SSL_get_psk_identity(const s: PSSL);
+
+  SSL_set_psk_find_session_callback: procedure(s: PSSL; cb: SSL_psk_find_session_cb_func) cdecl = nil;
+  SSL_CTX_set_psk_find_session_callback: procedure(ctx: PSSL_CTX; cb: SSL_psk_find_session_cb_func) cdecl = nil;
+  SSL_set_psk_use_session_callback: procedure(s: PSSL; cb: SSL_psk_use_session_cb_func) cdecl = nil;
+  SSL_CTX_set_psk_use_session_callback: procedure(ctx: PSSL_CTX; cb: SSL_psk_use_session_cb_func) cdecl = nil;
+
+  ///* Register callbacks to handle custom TLS Extensions for client or server. */
+
+  //__owur TIdC_INT SSL_CTX_has_client_custom_ext(const ctx: PSSL_CTX,
+  //                                         TIdC_UINT ext_type);
+  //
+  //__owur TIdC_INT SSL_CTX_add_client_custom_ext(ctx: PSSL_CTX,
+  //                                         TIdC_UINT ext_type,
+  //                                         custom_ext_add_cb add_cb,
+  //                                         custom_ext_free_cb free_cb,
+  //                                         void *add_arg,
+  //                                         custom_ext_parse_cb parse_cb,
+  //                                         void *parse_arg);
+  //
+  //__owur TIdC_INT SSL_CTX_add_server_custom_ext(ctx: PSSL_CTX,
+  //                                         TIdC_UINT ext_type,
+  //                                         custom_ext_add_cb add_cb,
+  //                                         custom_ext_free_cb free_cb,
+  //                                         void *add_arg,
+  //                                         custom_ext_parse_cb parse_cb,
+  //                                         void *parse_arg);
+  //
+  //__owur TIdC_INT SSL_CTX_add_custom_ext(ctx: PSSL_CTX, TIdC_UINT ext_type,
+  //                                  TIdC_UINT context,
+  //                                  SSL_custom_ext_add_cb_ex add_cb,
+  //                                  SSL_custom_ext_free_cb_ex free_cb,
+  //                                  void *add_arg,
+  //                                  SSL_custom_ext_parse_cb_ex parse_cb,
+  //                                  void *parse_arg);
+
+  //__owur TIdC_INT SSL_extension_supported(TIdC_UINT ext_type);
+
+
+  ///* These will only be used when doing non-blocking IO */
+  //# define SSL_want_nothing(s)         (SSL_want(s) == SSL_NOTHING)
+  //# define SSL_want_read(s)            (SSL_want(s) == SSL_READING)
+  //# define SSL_want_write(s)           (SSL_want(s) == SSL_WRITING)
+  //# define SSL_want_x509_lookup(s)     (SSL_want(s) == SSL_X509_LOOKUP)
+  //# define SSL_want_async(s)           (SSL_want(s) == SSL_ASYNC_PAUSED)
+  //# define SSL_want_async_job(s)       (SSL_want(s) == SSL_ASYNC_NO_JOBS)
+  //# define SSL_want_client_hello_cb(s) (SSL_want(s) == SSL_CLIENT_HELLO_CB)
+
+  (*
+   * SSL_CTX_set_keylog_callback configures a callback to log key material. This
+   * is intended for debugging use with tools like Wireshark. The cb function
+   * should log line followed by a newline.
+   *)
+  SSL_CTX_set_keylog_callback: procedure(ctx: PSSL_CTX; cb: SSL_CTX_keylog_cb_func) cdecl = nil;
+  (*
+   * SSL_CTX_get_keylog_callback returns the callback configured by
+   * SSL_CTX_set_keylog_callback.
+   *)
+  SSL_CTX_get_keylog_callback: function(const ctx: PSSL_CTX): SSL_CTX_keylog_cb_func cdecl = nil;
+  SSL_CTX_set_max_early_data: function(ctx: PSSL_CTX; max_early_data: TIdC_UINT32): TIdC_INT cdecl = nil;
+  SSL_CTX_get_max_early_data: function(const ctx: PSSL_CTX): TIdC_UINT32 cdecl = nil;
+  SSL_set_max_early_data: function(s: PSSL; max_early_data: TIdC_UINT32): TIdC_INT cdecl = nil;
+  SSL_get_max_early_data: function(const s: PSSL): TIdC_UINT32 cdecl = nil;
+  SSL_CTX_set_recv_max_early_data: function(ctx: PSSL_CTX; recv_max_early_data: TIdC_UINT32): TIdC_INT cdecl = nil;
+  SSL_CTX_get_recv_max_early_data: function(const ctx: PSSL_CTX): TIdC_UINT32 cdecl = nil;
+  SSL_set_recv_max_early_data: function(s: PSSL; recv_max_early_data: TIdC_UINT32): TIdC_INT cdecl = nil;
+  SSL_get_recv_max_early_data: function(const s: PSSL): TIdC_UINT32 cdecl = nil;
+
+  ///*
+  // * These need to be after the above set of includes due to a compiler bug
+  // * &in VisualStudio 2015
+  // */
+  //DEFINE_STACK_OF_CONST(SSL_CIPHER)
+  //DEFINE_STACK_OF(SSL_COMP)
+
+  ///* compatibility */
+  //# define SSL_set_app_data(s,arg)         (SSL_set_ex_data(s,0,(PIdAnsiChar *)(arg)))
+  //# define SSL_get_app_data(s)             (SSL_get_ex_data(s,0))
+  //# define SSL_SESSION_set_app_data(s,a)   (SSL_SESSION_set_ex_data(s,0, \
+  //                                                                  (PIdAnsiChar *)(a)))
+  //# define SSL_SESSION_get_app_data(s)     (SSL_SESSION_get_ex_data(s,0))
+  //# define SSL_CTX_get_app_data(ctx)       (SSL_CTX_get_ex_data(ctx,0))
+  //# define SSL_CTX_set_app_data(ctx,arg)   (SSL_CTX_set_ex_data(ctx,0, \
+  //                                                              (PIdAnsiChar *)(arg)))
+
+  ///* Is the SSL_connection established? */
+  //# define SSL_in_connect_init(a)          (SSL_in_init(a) && !SSL_is_server(a))
+  //# define SSL_in_accept_init(a)           (SSL_in_init(a) && SSL_is_server(a))
+  SSL_in_init: function(const s: PSSL): TIdC_INT cdecl = nil;
+  SSL_in_before: function(const s: PSSL): TIdC_INT cdecl = nil;
+  SSL_is_init_finished: function(const s: PSSL): TIdC_INT cdecl = nil;
+
+  (*-
+   * Obtain latest Finished message
+   *   -- that we sent (SSL_get_finished)
+   *   -- that we expected from peer (SSL_get_peer_finished).
+   * Returns length (0 == no Finished so far), copies up to 'count' bytes.
+   *)
+  SSL_get_finished: function(const s: PSSL; buf: Pointer; count: TIdC_SIZET): TIdC_SIZET cdecl = nil;
+  SSL_get_peer_finished: function(const s: PSSL; buf: Pointer; count: TIdC_SIZET): TIdC_SIZET cdecl = nil;
+
+  //# if OPENSSL_API_COMPAT < 0x10100000L
+  //#  define OpenSSL_add_ssl_algorithms()   SSL_library_init()
+  //#  define SSLeay_add_ssl_algorithms()    SSL_library_init()
+  //# endif
+
+  ///* More backward compatibility */
+  //# define SSL_get_cipher(s) \
+  //                SSL_CIPHER_get_name(SSL_get_current_cipher(s))
+  //# define SSL_get_cipher_bits(s,np) \
+  //                SSL_CIPHER_get_bits(SSL_get_current_cipher(s),np)
+  //# define SSL_get_cipher_version(s) \
+  //                SSL_CIPHER_get_version(SSL_get_current_cipher(s))
+  //# define SSL_get_cipher_name(s) \
+  //                SSL_CIPHER_get_name(SSL_get_current_cipher(s))
+  //# define SSL_get_time(a)         SSL_SESSION_get_time(a)
+  //# define SSL_set_time(a,b)       SSL_SESSION_set_time((a),(b))
+  //# define SSL_get_timeout(a)      SSL_SESSION_get_timeout(a)
+  //# define SSL_set_timeout(a,b)    SSL_SESSION_set_timeout((a),(b))
+  //
+  //# define d2i_SSL_SESSION_bio(bp,s_id) ASN1_d2i_bio_of(SSL_SESSION,SSL_SESSION_new,d2i_SSL_SESSION,bp,s_id)
+  //# define i2d_SSL_SESSION_bio(bp,s_id) ASN1_i2d_bio_of(SSL_SESSION,i2d_SSL_SESSION,bp,s_id)
+
+  //DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION)
+
+  //# define DTLSv1_get_timeout(ssl, arg) \
+  //        SSL_ctrl(ssl,DTLS_CTRL_GET_TIMEOUT,0, (void *)(arg))
+  //# define DTLSv1_handle_timeout(ssl) \
+  //        SSL_ctrl(ssl,DTLS_CTRL_HANDLE_TIMEOUT,0, NULL)
+  //
+  ///* Backwards compatibility, original 1.1.0 names */
+  //# define SSL_CTRL_GET_SERVER_TMP_KEY \
+  //         SSL_CTRL_GET_PEER_TMP_KEY
+  //# define SSL_get_server_tmp_key(s, pk) \
+  //         SSL_get_peer_tmp_key(s, pk)
+
+  //# if OPENSSL_API_COMPAT < 0x10100000L
+  //const SSL_CTX_need_tmp_RSA = (ctx)    0;
+  //const SSL_CTX_set_tmp_rsa = (ctx;rsa)   1;
+  //const SSL_need_tmp_RSA = (ssl)     0;
+  //const SSL_set_tmp_rsa = (ssl;rsa)    1;
+
+  //#  define SSL_CTX_set_ecdh_auto(dummy, onoff)      ((onoff) != 0)
+  //#  define SSL_set_ecdh_auto(dummy, onoff)          ((onoff) != 0)
+  ///*
+  // * We 'pretend' to call the callback to avoid warnings about unused static
+  // * functions.
+  // */
+  //#  define SSL_CTX_set_tmp_rsa_callback(ctx, cb)    while(0) (cb)(NULL, 0, 0)
+  //#  define SSL_set_tmp_rsa_callback(ssl, cb)        while(0) (cb)(NULL, 0, 0)
+  //# endif
+  //
+  BIO_f_ssl: function: PBIO_METHOD cdecl = nil;
+  BIO_new_ssl: function(ctx: PSSL_CTX; client: TIdC_INT): PBIO cdecl = nil;
+  BIO_new_ssl_connect: function(ctx: PSSL_CTX): PBIO cdecl = nil;
+  BIO_new_buffer_ssl_connect: function(ctx: PSSL_CTX): PBIO cdecl = nil;
+  BIO_ssl_copy_session_id: function(&to: PBIO; from: PBIO): TIdC_INT cdecl = nil;
+
+  SSL_CTX_set_cipher_list: function(v1: PSSL_CTX; const str: PIdAnsiChar): TIdC_INT cdecl = nil;
+  SSL_CTX_new: function(const meth: PSSL_METHOD): PSSL_CTX cdecl = nil;
+  SSL_CTX_set_timeout: function(ctx: PSSL_CTX; t: TIdC_LONG): TIdC_LONG cdecl = nil;
+  SSL_CTX_get_timeout: function(const ctx: PSSL_CTX): TIdC_LONG cdecl = nil;
+  SSL_CTX_get_cert_store: function(const v1: PSSL_CTX): PX509_STORE cdecl = nil;
+  SSL_want: function(const s: PSSL): TIdC_INT cdecl = nil;
+  SSL_clear: function(s: PSSL): TIdC_INT cdecl = nil;
+
+  BIO_ssl_shutdown: procedure(ssl_bio: PBIO) cdecl = nil;
+  SSL_CTX_up_ref: function(ctx: PSSL_CTX): TIdC_INT cdecl = nil;
+  SSL_CTX_free: procedure(v1: PSSL_CTX) cdecl = nil;
+  SSL_CTX_set_cert_store: procedure(v1: PSSL_CTX; v2: PX509_STORE) cdecl = nil;
+  SSL_CTX_set1_cert_store: procedure(v1: PSSL_CTX; v2: PX509_STORE) cdecl = nil;
+
+  SSL_CTX_flush_sessions: procedure(ctx: PSSL_CTX; tm: TIdC_LONG) cdecl = nil;
+
+  SSL_get_current_cipher: function(const s: PSSL): PSSL_CIPHER cdecl = nil;
+  SSL_get_pending_cipher: function(const s: PSSL): PSSL_CIPHER cdecl = nil;
+  SSL_CIPHER_get_bits: function(const c: PSSL_CIPHER; alg_bits: PIdC_INT): TIdC_INT cdecl = nil;
+  SSL_CIPHER_get_version: function(const c: PSSL_CIPHER): PIdAnsiChar cdecl = nil;
+  SSL_CIPHER_get_name: function(const c: PSSL_CIPHER): PIdAnsiChar cdecl = nil;
+  SSL_CIPHER_standard_name: function(const c: PSSL_CIPHER): PIdAnsiChar cdecl = nil;
+  OPENSSL_cipher_name: function(const rfc_name: PIdAnsiChar): PIdAnsiChar cdecl = nil;
+  SSL_CIPHER_get_id: function(const c: PSSL_CIPHER): TIdC_UINT32 cdecl = nil;
+  SSL_CIPHER_get_protocol_id: function(const c: PSSL_CIPHER): TIdC_UINT16 cdecl = nil;
+  SSL_CIPHER_get_kx_nid: function(const c: PSSL_CIPHER): TIdC_INT cdecl = nil;
+  SSL_CIPHER_get_auth_nid: function(const c: PSSL_CIPHER): TIdC_INT cdecl = nil;
+  SSL_CIPHER_get_handshake_digest: function(const c: PSSL_CIPHER): PEVP_MD cdecl = nil;
+  SSL_CIPHER_is_aead: function(const c: PSSL_CIPHER): TIdC_INT cdecl = nil;
+
+  SSL_get_fd: function(const s: PSSL): TIdC_INT cdecl = nil;
+  SSL_get_rfd: function(const s: PSSL): TIdC_INT cdecl = nil;
+  SSL_get_wfd: function(const s: PSSL): TIdC_INT cdecl = nil;
+  SSL_get_cipher_list: function(const s: PSSL; n: TIdC_INT): PIdAnsiChar cdecl = nil;
+  SSL_get_shared_ciphers: function(const s: PSSL; buf: PIdAnsiChar; size: TIdC_INT): PIdAnsiChar cdecl = nil;
+  SSL_get_read_ahead: function(const s: PSSL): TIdC_INT cdecl = nil;
+  SSL_pending: function(const s: PSSL): TIdC_INT cdecl = nil;
+  SSL_has_pending: function(const s: PSSL): TIdC_INT cdecl = nil;
+  SSL_set_fd: function(s: PSSL; fd: TIdC_INT): TIdC_INT cdecl = nil;
+  SSL_set_rfd: function(s: PSSL; fd: TIdC_INT): TIdC_INT cdecl = nil;
+  SSL_set_wfd: function(s: PSSL; fd: TIdC_INT): TIdC_INT cdecl = nil;
+  SSL_set0_rbio: procedure(s: PSSL; rbio: PBIO) cdecl = nil;
+  SSL_set0_wbio: procedure(s: PSSL; wbio: PBIO) cdecl = nil;
+  SSL_set_bio: procedure(s: PSSL; rbio: PBIO; wbio: PBIO) cdecl = nil;
+  SSL_get_rbio: function(const s: PSSL): PBIO cdecl = nil;
+  SSL_get_wbio: function(const s: PSSL): PBIO cdecl = nil;
+  SSL_set_cipher_list: function(s: PSSL; const str: PIdAnsiChar): TIdC_INT cdecl = nil;
+  SSL_CTX_set_ciphersuites: function(ctx: PSSL_CTX; const str: PIdAnsiChar): TIdC_INT cdecl = nil;
+  SSL_set_ciphersuites: function(s: PSSL; const str: PIdAnsiChar): TIdC_INT cdecl = nil;
+  SSL_get_verify_mode: function(const s: PSSL): TIdC_INT cdecl = nil;
+  SSL_get_verify_depth: function(const s: PSSL): TIdC_INT cdecl = nil;
+  SSL_get_verify_callback: function(const s: PSSL): SSL_verify_cb cdecl = nil;
+  SSL_set_read_ahead: procedure(s: PSSL; yes: TIdC_INT) cdecl = nil;
+  SSL_set_verify: procedure(s: PSSL; mode: TIdC_INT; callback: SSL_verify_cb) cdecl = nil;
+  SSL_set_verify_depth: procedure(s: PSSL; depth: TIdC_INT) cdecl = nil;
+  //void SSL_set_cert_cb(s: PSSL, TIdC_INT (*cb) (ssl: PSSL, void *arg), void *arg);
+
+  SSL_use_RSAPrivateKey: function(ssl: PSSL; rsa: PRSA): TIdC_INT cdecl = nil;
+  SSL_use_RSAPrivateKey_ASN1: function(ssl: PSSL; const d: PByte; len: TIdC_LONG): TIdC_INT cdecl = nil;
+  SSL_use_PrivateKey: function(ssl: PSSL; pkey: PEVP_PKEY): TIdC_INT cdecl = nil;
+  SSL_use_PrivateKey_ASN1: function(pk: TIdC_INT; ssl: PSSL; const d: PByte; len: TIdC_LONG): TIdC_INT cdecl = nil;
+  SSL_use_certificate: function(ssl: PSSL; x: PX509): TIdC_INT cdecl = nil;
+  SSL_use_certificate_ASN1: function(ssl: PSSL; const d: PByte; len: TIdC_INT): TIdC_INT cdecl = nil;
+  //__owur TIdC_INT SSL_use_cert_and_key(ssl: PSSL, x509: PX509, EVP_PKEY *privatekey,
+  //                                STACK_OF(X509) *chain, TIdC_INT override);
+
+  (* Set serverinfo data for the current active cert. *)
+  SSL_CTX_use_serverinfo: function(ctx: PSSL_CTX; const serverinfo: PByte; serverinfo_length: TIdC_SIZET): TIdC_INT cdecl = nil;
+  SSL_CTX_use_serverinfo_ex: function(ctx: PSSL_CTX; version: TIdC_UINT; const serverinfo: PByte; serverinfo_length: TIdC_SIZET): TIdC_INT cdecl = nil;
+  SSL_CTX_use_serverinfo_file: function(ctx: PSSL_CTX; const &file: PIdAnsiChar): TIdC_INT cdecl = nil;
+
+  SSL_use_RSAPrivateKey_file: function(ssl: PSSL; const &file: PIdAnsiChar; &type: TIdC_INT): TIdC_INT cdecl = nil;
+
+  SSL_use_PrivateKey_file: function(ssl: PSSL; const &file: PIdAnsiChar; &type: TIdC_INT): TIdC_INT cdecl = nil;
+  SSL_use_certificate_file: function(ssl: PSSL; const &file: PIdAnsiChar; &type: TIdC_INT): TIdC_INT cdecl = nil;
+
+  SSL_CTX_use_RSAPrivateKey_file: function(ctx: PSSL_CTX; const &file: PIdAnsiChar; &type: TIdC_INT): TIdC_INT cdecl = nil;
+
+  SSL_CTX_use_PrivateKey_file: function(ctx: PSSL_CTX; const &file: PIdAnsiChar; &type: TIdC_INT): TIdC_INT cdecl = nil;
+  SSL_CTX_use_certificate_file: function(ctx: PSSL_CTX; const &file: PIdAnsiChar; &type: TIdC_INT): TIdC_INT cdecl = nil;
+  (* PEM type *)
+  SSL_CTX_use_certificate_chain_file: function(ctx: PSSL_CTX; const &file: PIdAnsiChar): TIdC_INT cdecl = nil;
+  SSL_use_certificate_chain_file: function(ssl: PSSL; const &file: PIdAnsiChar): TIdC_INT cdecl = nil;
+  //__owur STACK_OF(X509_NAME) *SSL_load_client_CA_file(const PIdAnsiChar *file);
+  //__owur TIdC_INT SSL_add_file_cert_subjects_to_stack(STACK_OF(X509_NAME) *stackCAs,
+  //                                               const PIdAnsiChar *file);
+  //TIdC_INT SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stackCAs,
+  //                                       const PIdAnsiChar *dir);
+
+  //# if OPENSSL_API_COMPAT < 0x10100000L
+  //#  define SSL_load_error_strings() \
+  //    OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS \
+  //                     | OPENSSL_INIT_LOAD_CRYPTO_STRINGS, NULL)
+  //# endif
+
+  SSL_state_string: function(const s: PSSL): PIdAnsiChar cdecl = nil;
+  SSL_rstate_string: function(const s: PSSL): PIdAnsiChar cdecl = nil;
+  SSL_state_string_long: function(const s: PSSL): PIdAnsiChar cdecl = nil;
+  SSL_rstate_string_long: function(const s: PSSL): PIdAnsiChar cdecl = nil;
+  SSL_SESSION_get_time: function(const s: PSSL_SESSION): TIdC_LONG cdecl = nil;
+  SSL_SESSION_set_time: function(s: PSSL_SESSION; t: TIdC_LONG): TIdC_LONG cdecl = nil;
+  SSL_SESSION_get_timeout: function(const s: PSSL_SESSION): TIdC_LONG cdecl = nil;
+  SSL_SESSION_set_timeout: function(s: PSSL_SESSION; t: TIdC_LONG): TIdC_LONG cdecl = nil;
+  SSL_SESSION_get_protocol_version: function(const s: PSSL_SESSION): TIdC_INT cdecl = nil;
+  SSL_SESSION_set_protocol_version: function(s: PSSL_SESSION; version: TIdC_INT): TIdC_INT cdecl = nil;
+
+  SSL_SESSION_get0_hostname: function(const s: PSSL_SESSION): PIdAnsiChar cdecl = nil;
+  SSL_SESSION_set1_hostname: function(s: PSSL_SESSION; const hostname: PIdAnsiChar): TIdC_INT cdecl = nil;
+  SSL_SESSION_get0_alpn_selected: procedure(const s: PSSL_SESSION; const alpn: PPByte; len: PIdC_SIZET) cdecl = nil;
+  SSL_SESSION_set1_alpn_selected: function(s: PSSL_SESSION; const alpn: PByte; len: TIdC_SIZET): TIdC_INT cdecl = nil;
+  SSL_SESSION_get0_cipher: function(const s: PSSL_SESSION): PSSL_CIPHER cdecl = nil;
+  SSL_SESSION_set_cipher: function(s: PSSL_SESSION; const cipher: PSSL_CIPHER): TIdC_INT cdecl = nil;
+  SSL_SESSION_has_ticket: function(const s: PSSL_SESSION): TIdC_INT cdecl = nil;
+  SSL_SESSION_get_ticket_lifetime_hint: function(const s: PSSL_SESSION): TIdC_ULONG cdecl = nil;
+  SSL_SESSION_get0_ticket: procedure(const s: PSSL_SESSION; const tick: PPByte; len: PIdC_SIZET) cdecl = nil;
+  SSL_SESSION_get_max_early_data: function(const s: PSSL_SESSION): TIdC_UINT32 cdecl = nil;
+  SSL_SESSION_set_max_early_data: function(s: PSSL_SESSION; max_early_data: TIdC_UINT32): TIdC_INT cdecl = nil;
+  SSL_copy_session_id: function(&to: PSSL; const from: PSSL): TIdC_INT cdecl = nil;
+  SSL_SESSION_get0_peer: function(s: PSSL_SESSION): PX509 cdecl = nil;
+  SSL_SESSION_set1_id_context: function(s: PSSL_SESSION; const sid_ctx: PByte; sid_ctx_len: TIdC_UINT): TIdC_INT cdecl = nil;
+  SSL_SESSION_set1_id: function(s: PSSL_SESSION; const sid: PByte; sid_len: TIdC_UINT): TIdC_INT cdecl = nil;
+  SSL_SESSION_is_resumable: function(const s: PSSL_SESSION): TIdC_INT cdecl = nil;
+
+  SSL_SESSION_new: function: PSSL_SESSION cdecl = nil;
+  SSL_SESSION_dup: function(src: PSSL_SESSION): PSSL_SESSION cdecl = nil;
+  SSL_SESSION_get_id: function(const s: PSSL_SESSION; len: PIdC_UINT): PByte cdecl = nil;
+  SSL_SESSION_get0_id_context: function(const s: PSSL_SESSION; len: PIdC_UINT): PByte cdecl = nil;
+  SSL_SESSION_get_compress_id: function(const s: PSSL_SESSION): TIdC_UINT cdecl = nil;
+  SSL_SESSION_print: function(fp: PBIO; const ses: PSSL_SESSION): TIdC_INT cdecl = nil;
+  SSL_SESSION_print_keylog: function(bp: PBIO; const x: PSSL_SESSION): TIdC_INT cdecl = nil;
+  SSL_SESSION_up_ref: function(ses: PSSL_SESSION): TIdC_INT cdecl = nil;
+  SSL_SESSION_free: procedure(ses: PSSL_SESSION) cdecl = nil;
+  //__owur TIdC_INT i2d_SSL_SESSION(SSL_SESSION *&in, Byte **pp);
+  SSL_set_session: function(&to: PSSL; session: PSSL_SESSION): TIdC_INT cdecl = nil;
+  SSL_CTX_add_session: function(ctx: PSSL_CTX; session: PSSL_SESSION): TIdC_INT cdecl = nil;
+  SSL_CTX_remove_session: function(ctx: PSSL_CTX; session: PSSL_SESSION): TIdC_INT cdecl = nil;
+  SSL_CTX_set_generate_session_id: function(ctx: PSSL_CTX; cb: GEN_SESSION_CB): TIdC_INT cdecl = nil;
+  SSL_set_generate_session_id: function(s: PSSL; cb: GEN_SESSION_CB): TIdC_INT cdecl = nil;
+  SSL_has_matching_session_id: function(const s: PSSL; const id: PByte; id_len: TIdC_UINT): TIdC_INT cdecl = nil;
+  d2i_SSL_SESSION: function(a: PPSSL_SESSION; const pp: PPByte; length: TIdC_LONG): PSSL_SESSION cdecl = nil;
+
+  SSL_get_peer_certificate: function(const s: PSSL): PX509 cdecl = nil;
+
+  //__owur STACK_OF(X509) *SSL_get_peer_cert_chain(const s: PSSL);
+  //
+  SSL_CTX_get_verify_mode: function(const ctx: PSSL_CTX): TIdC_INT cdecl = nil;
+  SSL_CTX_get_verify_depth: function(const ctx: PSSL_CTX): TIdC_INT cdecl = nil;
+  SSL_CTX_get_verify_callback: function(const ctx: PSSL_CTX): SSL_verify_cb cdecl = nil;
+  SSL_CTX_set_verify: procedure(ctx: PSSL_CTX; mode: TIdC_INT; callback: SSL_verify_cb) cdecl = nil;
+  SSL_CTX_set_verify_depth: procedure(ctx: PSSL_CTX; depth: TIdC_INT) cdecl = nil;
+  SSL_CTX_set_cert_verify_callback: procedure(ctx: PSSL_CTX; cb: SSL_CTX_set_cert_verify_callback_cb; arg: Pointer) cdecl = nil;
+  SSL_CTX_set_cert_cb: procedure(c: PSSL_CTX; cb: SSL_CTX_set_cert_cb_cb; arg: Pointer) cdecl = nil;
+  SSL_CTX_use_RSAPrivateKey: function(ctx: PSSL_CTX; rsa: PRSA): TIdC_INT cdecl = nil;
+  SSL_CTX_use_RSAPrivateKey_ASN1: function(ctx: PSSL_CTX; const d: PByte; len: TIdC_LONG): TIdC_INT cdecl = nil;
+  SSL_CTX_use_PrivateKey: function(ctx: PSSL_CTX; pkey: PEVP_PKEY): TIdC_INT cdecl = nil;
+  SSL_CTX_use_PrivateKey_ASN1: function(pk: TIdC_INT; ctx: PSSL_CTX; const d: PByte; len: TIdC_LONG): TIdC_INT cdecl = nil;
+  SSL_CTX_use_certificate: function(ctx: PSSL_CTX; x: X509): TIdC_INT cdecl = nil;
+  SSL_CTX_use_certificate_ASN1: function(ctx: PSSL_CTX; len: TIdC_INT; const d: PByte): TIdC_INT cdecl = nil;
+  //function TIdC_INT SSL_CTX_use_cert_and_key(ctx: PSSL_CTX; x509: PX509; EVP_PKEY *privatekey; STACK_OF(X509) *chain; TIdC_INT override);
+
+  SSL_CTX_set_default_passwd_cb: procedure(ctx: PSSL_CTX; cb: pem_password_cb) cdecl = nil;
+  SSL_CTX_set_default_passwd_cb_userdata: procedure(ctx: PSSL_CTX; u: Pointer) cdecl = nil;
+  SSL_CTX_get_default_passwd_cb: function(ctx: PSSL_CTX): pem_password_cb cdecl = nil;
+  SSL_CTX_get_default_passwd_cb_userdata: function(ctx: PSSL_CTX): Pointer cdecl = nil;
+  SSL_set_default_passwd_cb: procedure(s: PSSL; cb: pem_password_cb) cdecl = nil;
+  SSL_set_default_passwd_cb_userdata: procedure(s: PSSL; u: Pointer) cdecl = nil;
+  SSL_get_default_passwd_cb: function(s: PSSL): pem_password_cb cdecl = nil;
+  SSL_get_default_passwd_cb_userdata: function(s: PSSL): Pointer cdecl = nil;
+
+  SSL_CTX_check_private_key: function(const ctx: PSSL_CTX): TIdC_INT cdecl = nil;
+  SSL_check_private_key: function(const ctx: PSSL): TIdC_INT cdecl = nil;
+
+  SSL_CTX_set_session_id_context: function(ctx: PSSL_CTX; const sid_ctx: PByte; sid_ctx_len: TIdC_UINT): TIdC_INT cdecl = nil;
+
+  SSL_new: function(ctx: PSSL_CTX): PSSL cdecl = nil;
+  SSL_up_ref: function(s: PSSL): TIdC_INT cdecl = nil;
+  SSL_is_dtls: function(const s: PSSL): TIdC_INT cdecl = nil;
+  SSL_set_session_id_context: function(ssl: PSSL; const sid_ctx: PByte; sid_ctx_len: TIdC_UINT): TIdC_INT cdecl = nil;
+
+  SSL_CTX_set_purpose: function(ctx: PSSL_CTX; purpose: TIdC_INT): TIdC_INT cdecl = nil;
+  SSL_set_purpose: function(ssl: PSSL; purpose: TIdC_INT): TIdC_INT cdecl = nil;
+  SSL_CTX_set_trust: function(ctx: PSSL_CTX; trust: TIdC_INT): TIdC_INT cdecl = nil;
+  SSL_set_trust: function(ssl: PSSL; trust: TIdC_INT): TIdC_INT cdecl = nil;
+
+  SSL_set1_host: function(s: PSSL; const hostname: PIdAnsiChar): TIdC_INT cdecl = nil;
+  SSL_add1_host: function(s: PSSL; const hostname: PIdAnsiChar): TIdC_INT cdecl = nil;
+  SSL_get0_peername: function(s: PSSL): PIdAnsiChar cdecl = nil;
+  SSL_set_hostflags: procedure(s: PSSL; flags: TIdC_UINT) cdecl = nil;
+
+  SSL_CTX_dane_enable: function(ctx: PSSL_CTX): TIdC_INT cdecl = nil;
+  SSL_CTX_dane_mtype_set: function(ctx: PSSL_CTX; const md: PEVP_MD; mtype: TIdC_UINT8; ord: TIdC_UINT8): TIdC_INT cdecl = nil;
+  SSL_dane_enable: function(s: PSSL; const basedomain: PIdAnsiChar): TIdC_INT cdecl = nil;
+  SSL_dane_tlsa_add: function(s: PSSL; usage: TIdC_UINT8; selector: TIdC_UINT8; mtype: TIdC_UINT8; const data: PByte; dlen: TIdC_SIZET): TIdC_INT cdecl = nil;
+  SSL_get0_dane_authority: function(s: PSSL; mcert: PPX509; mspki: PPEVP_PKEY): TIdC_INT cdecl = nil;
+  SSL_get0_dane_tlsa: function(s: PSSL; usage: PIdC_UINT8; selector: PIdC_UINT8; mtype: PIdC_UINT8; const data: PPByte; dlen: PIdC_SIZET): TIdC_INT cdecl = nil;
+  (*
+   * Bridge opacity barrier between libcrypt and libssl, also needed to support
+   * offline testing in test/danetest.c
+   *)
+  SSL_get0_dane: function(ssl: PSSL): PSSL_DANE cdecl = nil;
+
+  (*
+   * DANE flags
+   *)
+  SSL_CTX_dane_set_flags: function(ctx: PSSL_CTX; flags: TIdC_ULONG): TIdC_ULONG cdecl = nil;
+  SSL_CTX_dane_clear_flags: function(ctx: PSSL_CTX; flags: TIdC_ULONG): TIdC_ULONG cdecl = nil;
+  SSL_dane_set_flags: function(ssl: PSSL; flags: TIdC_ULONG): TIdC_ULONG cdecl = nil;
+  SSL_dane_clear_flags: function(ssl: PSSL; flags: TIdC_ULONG): TIdC_ULONG cdecl = nil;
+
+  SSL_CTX_set1_param: function(ctx: PSSL_CTX; vpm: PX509_VERIFY_PARAM): TIdC_INT cdecl = nil;
+  SSL_set1_param: function(ssl: PSSL; vpm: PX509_VERIFY_PARAM): TIdC_INT cdecl = nil;
+
+  SSL_CTX_get0_param: function(ctx: PSSL_CTX): PX509_VERIFY_PARAM cdecl = nil;
+  SSL_get0_param: function(ssl: PSSL): PX509_VERIFY_PARAM cdecl = nil;
+
+  SSL_CTX_set_srp_username: function(ctx: PSSL_CTX; name: PIdAnsiChar): TIdC_INT cdecl = nil;
+  SSL_CTX_set_srp_password: function(ctx: PSSL_CTX; password: PIdAnsiChar): TIdC_INT cdecl = nil;
+  SSL_CTX_set_srp_strength: function(ctx: PSSL_CTX; strength: TIdC_INT): TIdC_INT cdecl = nil;
+
+  SSL_CTX_set_srp_client_pwd_callback: function(ctx: PSSL_CTX; cb: SSL_CTX_set_srp_client_pwd_callback_cb): TIdC_INT cdecl = nil;
+  SSL_CTX_set_srp_verify_param_callback: function(ctx: PSSL_CTX; cb: SSL_CTX_set_srp_verify_param_callback_cb): TIdC_INT cdecl = nil;
+  SSL_CTX_set_srp_username_callback: function(ctx: PSSL_CTX; cb: SSL_CTX_set_srp_username_callback_cb): TIdC_INT cdecl = nil;
+
+  SSL_CTX_set_srp_cb_arg: function(ctx: PSSL_CTX; arg: Pointer): TIdC_INT cdecl = nil;
+  SSL_set_srp_server_param: function(s: PSSL; const N: PBIGNUm; const g: PBIGNUm; sa: PBIGNUm; v: PBIGNUm; info: PIdAnsiChar): TIdC_INT cdecl = nil;
+  SSL_set_srp_server_param_pw: function(s: PSSL; const user: PIdAnsiChar; const pass: PIdAnsiChar; const grp: PIdAnsiChar): TIdC_INT cdecl = nil;
+
+  //__owur BIGNUM *SSL_get_srp_g(s: PSSL);
+  //__owur BIGNUM *SSL_get_srp_N(s: PSSL);
+  //
+  //__owur PIdAnsiChar *SSL_get_srp_username(s: PSSL);
+  //__owur PIdAnsiChar *SSL_get_srp_userinfo(s: PSSL);
+  //
+  ///*
+  // * ClientHello callback and helpers.
+  // */
+  SSL_CTX_set_client_hello_cb: procedure(c: PSSL_CTX; cb: SSL_client_hello_cb_fn; arg: Pointer) cdecl = nil;
+  SSL_client_hello_isv2: function(s: PSSL): TIdC_INT cdecl = nil;
+  SSL_client_hello_get0_legacy_version: function(s: PSSL): TIdC_UINT cdecl = nil;
+  SSL_client_hello_get0_random: function(s: PSSL; const &out: PPByte): TIdC_SIZET cdecl = nil;
+  SSL_client_hello_get0_session_id: function(s: PSSL; const &out: PPByte): TIdC_SIZET cdecl = nil;
+  SSL_client_hello_get0_ciphers: function(s: PSSL; const &out: PPByte): TIdC_SIZET cdecl = nil;
+  SSL_client_hello_get0_compression_methods: function(s: PSSL; const &out: PPByte): TIdC_SIZET cdecl = nil;
+  SSL_client_hello_get1_extensions_present: function(s: PSSL; &out: PPIdC_INT; outlen: PIdC_SIZET): TIdC_INT cdecl = nil;
+  SSL_client_hello_get0_ext: function(s: PSSL; &type: TIdC_UINT; const &out: PPByte; outlen: PIdC_SIZET): TIdC_INT cdecl = nil;
+  SSL_certs_clear: procedure(s: PSSL) cdecl = nil;
+  SSL_free: procedure(ssl: PSSL) cdecl = nil;
+
+  (*
+   * Windows application developer has to include windows.h to use these.
+   *)
+  SSL_waiting_for_async: function(s: PSSL): TIdC_INT cdecl = nil;
+  SSL_get_all_async_fds: function(s: PSSL; fds: POSSL_ASYNC_FD; numfds: PIdC_SIZET): TIdC_INT cdecl = nil;
+  SSL_get_changed_async_fds: function(s: PSSL; addfd: POSSL_ASYNC_FD; numaddfds: PIdC_SIZET; delfd: POSSL_ASYNC_FD; numdelfds: PIdC_SIZET): TIdC_INT cdecl = nil;
+  SSL_accept: function(ssl: PSSL): TIdC_INT cdecl = nil;
+  SSL_stateless: function(s: PSSL): TIdC_INT cdecl = nil;
+  SSL_connect: function(ssl: PSSL): TIdC_INT cdecl = nil;
+  SSL_read: function(ssl: PSSL; buf: Pointer; num: TIdC_INT): TIdC_INT cdecl = nil;
+  SSL_read_ex: function(ssl: PSSL; buf: Pointer; num: TIdC_SIZET; readbytes: PIdC_SIZET): TIdC_INT cdecl = nil;
+
+  SSL_read_early_data: function(s: PSSL; buf: Pointer; num: TIdC_SIZET; readbytes: PIdC_SIZET): TIdC_INT cdecl = nil;
+  SSL_peek: function(ssl: PSSL; buf: Pointer; num: TIdC_INT): TIdC_INT cdecl = nil;
+  SSL_peek_ex: function(ssl: PSSL; buf: Pointer; num: TIdC_SIZET; readbytes: PIdC_SIZET): TIdC_INT cdecl = nil;
+  SSL_write: function(ssl: PSSL; const buf: Pointer; num: TIdC_INT): TIdC_INT cdecl = nil;
+  SSL_write_ex: function(s: PSSL; const buf: Pointer; num: TIdC_SIZET; written: PIdC_SIZET): TIdC_INT cdecl = nil;
+  SSL_write_early_data: function(s: PSSL; const buf: Pointer; num: TIdC_SIZET; written: PIdC_SIZET): TIdC_INT cdecl = nil;
+  SSL_callback_ctrl: function(v1: PSSL; v2: TIdC_INT; v3: SSL_callback_ctrl_v3): TIdC_LONG cdecl = nil;
+
+  SSL_ctrl: function(ssl: PSSL; cmd: TIdC_INT; larg: TIdC_LONG; parg: Pointer): TIdC_LONG cdecl = nil;
+  SSL_CTX_ctrl: function(ctx: PSSL_CTX; cmd: TIdC_INT; larg: TIdC_LONG; parg: Pointer): TIdC_LONG cdecl = nil;
+  SSL_CTX_callback_ctrl: function(v1: PSSL_CTX; v2: TIdC_INT; v3: SSL_CTX_callback_ctrl_v3): TIdC_LONG cdecl = nil;
+
+  SSL_get_early_data_status: function(const s: PSSL): TIdC_INT cdecl = nil;
+
+  SSL_get_error: function(const s: PSSL; ret_code: TIdC_INT): TIdC_INT cdecl = nil;
+  SSL_get_version: function(const s: PSSL): PIdAnsiChar cdecl = nil;
+
+  (* This sets the 'default' SSL version that SSL_new() will create *)
+  SSL_CTX_set_ssl_version: function(ctx: PSSL_CTX; const meth: PSSL_METHOD): TIdC_INT cdecl = nil;
+
+  ///* Negotiate highest available SSL/TLS version */
+  TLS_method: function: PSSL_METHOD cdecl = nil;
+  TLS_server_method: function: PSSL_METHOD cdecl = nil;
+  TLS_client_method: function: PSSL_METHOD cdecl = nil;
+
+  //__owur const SSL_METHOD *DTLS_method(void); /* DTLS 1.0 and 1.2 */
+  //__owur const SSL_METHOD *DTLS_server_method(void); /* DTLS 1.0 and 1.2 */
+  //__owur const SSL_METHOD *DTLS_client_method(void); /* DTLS 1.0 and 1.2 */
+  //
+  //__owur TIdC_SIZET DTLS_get_data_mtu(const s: PSSL);
+  //
+  //__owur STACK_OF(SSL_CIPHER) *SSL_get_ciphers(const s: PSSL);
+  //__owur STACK_OF(SSL_CIPHER) *SSL_CTX_get_ciphers(const ctx: PSSL_CTX);
+  //__owur STACK_OF(SSL_CIPHER) *SSL_get_client_ciphers(const s: PSSL);
+  //__owur STACK_OF(SSL_CIPHER) *SSL_get1_supported_ciphers(s: PSSL);
+  //
+  //__owur TIdC_INT SSL_do_handshake(s: PSSL);
+  SSL_key_update: function(s: PSSL; updatetype: TIdC_INT): TIdC_INT cdecl = nil;
+  SSL_get_key_update_type: function(const s: PSSL): TIdC_INT cdecl = nil;
+  SSL_renegotiate: function(s: PSSL): TIdC_INT cdecl = nil;
+  SSL_renegotiate_abbreviated: function(s: PSSL): TIdC_INT cdecl = nil;
+  SSL_shutdown: function(s: PSSL): TIdC_INT cdecl = nil;
+  SSL_CTX_set_post_handshake_auth: procedure(ctx: PSSL_CTX; val: TIdC_INT) cdecl = nil;
+  SSL_set_post_handshake_auth: procedure(s: PSSL; val: TIdC_INT) cdecl = nil;
+
+  SSL_renegotiate_pending: function(const s: PSSL): TIdC_INT cdecl = nil;
+  SSL_verify_client_post_handshake: function(s: PSSL): TIdC_INT cdecl = nil;
+
+  SSL_CTX_get_ssl_method: function(const ctx: PSSL_CTX): PSSL_METHOD cdecl = nil;
+  SSL_get_ssl_method: function(const s: PSSL): PSSL_METHOD cdecl = nil;
+  SSL_set_ssl_method: function(s: PSSL; const method: PSSL_METHOD): TIdC_INT cdecl = nil;
+  SSL_alert_type_string_long: function(value: TIdC_INT): PIdAnsiChar cdecl = nil;
+  SSL_alert_type_string: function(value: TIdC_INT): PIdAnsiChar cdecl = nil;
+  SSL_alert_desc_string_long: function(value: TIdC_INT): PIdAnsiChar cdecl = nil;
+  SSL_alert_desc_string: function(value: TIdC_INT): PIdAnsiChar cdecl = nil;
+
+  //void SSL_set0_CA_list(s: PSSL, STACK_OF(X509_NAME) *name_list);
+  //void SSL_CTX_set0_CA_list(ctx: PSSL_CTX, STACK_OF(X509_NAME) *name_list);
+  //__owur const STACK_OF(X509_NAME) *SSL_get0_CA_list(const s: PSSL);
+  //__owur const STACK_OF(X509_NAME) *SSL_CTX_get0_CA_list(const ctx: PSSL_CTX);
+  //__owur TIdC_INT SSL_add1_to_CA_list(ssl: PSSL, const X509 *x);
+  //__owur TIdC_INT SSL_CTX_add1_to_CA_list(ctx: PSSL_CTX, const X509 *x);
+  //__owur const STACK_OF(X509_NAME) *SSL_get0_peer_CA_list(const s: PSSL);
+
+  //void SSL_set_client_CA_list(s: PSSL, STACK_OF(X509_NAME) *name_list);
+  //void SSL_CTX_set_client_CA_list(ctx: PSSL_CTX, STACK_OF(X509_NAME) *name_list);
+  //__owur STACK_OF(X509_NAME) *SSL_get_client_CA_list(const s: PSSL);
+  //__owur STACK_OF(X509_NAME) *SSL_CTX_get_client_CA_list(const SSL_CTX *s);
+  SSL_add_client_CA: function(ssl: PSSL; x: PX509): TIdC_INT cdecl = nil;
+  SSL_CTX_add_client_CA: function(ctx: PSSL_CTX; x: PX509): TIdC_INT cdecl = nil;
+
+  SSL_set_connect_state: procedure(s: PSSL) cdecl = nil;
+  SSL_set_accept_state: procedure(s: PSSL) cdecl = nil;
+
+  //__owur TIdC_LONG SSL_get_default_timeout(const s: PSSL);
+  //
+  //# if OPENSSL_API_COMPAT < 0x10100000L
+  //#  define SSL_library_init() OPENSSL_init_ssl(0, NULL)
+  //# endif
+
+  //__owur PIdAnsiChar *SSL_CIPHER_description(const SSL_CIPHER *, PIdAnsiChar *buf, TIdC_INT size);
+  //__owur STACK_OF(X509_NAME) *SSL_dup_CA_list(const STACK_OF(X509_NAME) *sk);
+
+  SSL_dup: function(ssl: PSSL): PSSL cdecl = nil;
+
+  SSL_get_certificate: function(const ssl: PSSL): PX509 cdecl = nil;
+  (*
+   * EVP_PKEY
+   *)
+  SSL_get_privatekey: function(const ssl: PSSL): PEVP_PKEY cdecl = nil;
+
+  SSL_CTX_get0_certificate: function(const ctx: PSSL_CTX): PX509 cdecl = nil;
+  SSL_CTX_get0_privatekey: function(const ctx: PSSL_CTX): PEVP_PKEY cdecl = nil;
+
+  SSL_CTX_set_quiet_shutdown: procedure(ctx: PSSL_CTX; mode: TIdC_INT) cdecl = nil;
+  SSL_CTX_get_quiet_shutdown: function(const ctx: PSSL_CTX): TIdC_INT cdecl = nil;
+  SSL_set_quiet_shutdown: procedure(ssl: PSSL; mode: TIdC_INT) cdecl = nil;
+  SSL_get_quiet_shutdown: function(const ssl: PSSL): TIdC_INT cdecl = nil;
+  SSL_set_shutdown: procedure(ssl: PSSL; mode: TIdC_INT) cdecl = nil;
+  SSL_get_shutdown: function(const ssl: PSSL): TIdC_INT cdecl = nil;
+  SSL_version: function(const ssl: PSSL): TIdC_INT cdecl = nil;
+  SSL_client_version: function(const s: PSSL): TIdC_INT cdecl = nil;
+  SSL_CTX_set_default_verify_paths: function(ctx: PSSL_CTX): TIdC_INT cdecl = nil;
+  SSL_CTX_set_default_verify_dir: function(ctx: PSSL_CTX): TIdC_INT cdecl = nil;
+  SSL_CTX_set_default_verify_file: function(ctx: PSSL_CTX): TIdC_INT cdecl = nil;
+  SSL_CTX_load_verify_locations: function(ctx: PSSL_CTX; const CAfile: PIdAnsiChar; const CApath: PIdAnsiChar): TIdC_INT cdecl = nil;
+  //# define SSL_get0_session SSL_get_session/* just peek at pointer */
+  SSL_get_session: function(const ssl: PSSL): PSSL_SESSION cdecl = nil;
+  (* obtain a reference count *)
+  SSL_get1_session: function(ssl: PSSL): PSSL_SESSION cdecl = nil;
+  SSL_get_SSL_CTX: function(const ssl: PSSL): PSSL_CTX cdecl = nil;
+  SSL_set_SSL_CTX: function(ssl: PSSL; ctx: PSSL_CTX): PSSL_CTX cdecl = nil;
+  SSL_set_info_callback: procedure(ssl: PSSL; cb: SSL_info_callback) cdecl = nil;
+  SSL_get_info_callback: function(const ssl: PSSL): SSL_info_callback cdecl = nil;
+  SSL_get_state: function(const ssl: PSSL): OSSL_HANDSHAKE_STATE cdecl = nil;
+
+  SSL_set_verify_result: procedure(ssl: PSSL; v: TIdC_LONG) cdecl = nil;
+  SSL_get_verify_result: function(const ssl: PSSL): TIdC_LONG cdecl = nil;
+  //__owur STACK_OF(X509) *SSL_get0_verified_chain(const s: PSSL);
+
+  SSL_get_client_random: function(const ssl: PSSL; &out: PByte; outlen: TIdC_SIZET): TIdC_SIZET cdecl = nil;
+  SSL_get_server_random: function(const ssl: PSSL; &out: PByte; outlen: TIdC_SIZET): TIdC_SIZET cdecl = nil;
+  SSL_SESSION_get_master_key: function(const sess: PSSL_SESSION; &out: PByte; outlen: TIdC_SIZET): TIdC_SIZET cdecl = nil;
+  SSL_SESSION_set1_master_key: function(sess: PSSL_SESSION; const &in: PByte; len: TIdC_SIZET): TIdC_INT cdecl = nil;
+  SSL_SESSION_get_max_fragment_length: function(const sess: PSSL_SESSION): TIdC_UINT8 cdecl = nil;
+
+  //#define SSL_get_ex_new_index(l, p, newf, dupf, freef) \
+  //    CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL, l, p, newf, dupf, freef)
+  SSL_set_ex_data: function(ssl: PSSL; idx: TIdC_INT; data: Pointer): TIdC_INT cdecl = nil;
+  SSL_get_ex_data: function(const ssl: PSSL; idx: TIdC_INT): Pointer cdecl = nil;
+  //#define SSL_SESSION_get_ex_new_index(l, p, newf, dupf, freef) \
+  //    CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL_SESSION, l, p, newf, dupf, freef)
+  SSL_SESSION_set_ex_data: function(ss: PSSL_SESSION; idx: TIdC_INT; data: Pointer): TIdC_INT cdecl = nil;
+  SSL_SESSION_get_ex_data: function(const ss: PSSL_SESSION; idx: TIdC_INT): Pointer cdecl = nil;
+  //#define SSL_CTX_get_ex_new_index(l, p, newf, dupf, freef) \
+  //    CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL_CTX, l, p, newf, dupf, freef)
+  SSL_CTX_set_ex_data: function(ssl: PSSL_CTX; idx: TIdC_INT; data: Pointer): TIdC_INT cdecl = nil;
+  SSL_CTX_get_ex_data: function(const ssl: PSSL_CTX; idx: TIdC_INT): Pointer cdecl = nil;
+
+  SSL_get_ex_data_X509_STORE_CTX_idx: function: TIdC_INT cdecl = nil;
+
+  //# define SSL_CTX_get_default_read_ahead(ctx) SSL_CTX_get_read_ahead(ctx)
+  //# define SSL_CTX_set_default_read_ahead(ctx,m) SSL_CTX_set_read_ahead(ctx,m)
+  //# define SSL_CTX_get_read_ahead(ctx) \
+  //        SSL_CTX_ctrl(ctx,SSL_CTRL_GET_READ_AHEAD,0,NULL)
+  //# define SSL_CTX_set_read_ahead(ctx,m) \
+  //        SSL_CTX_ctrl(ctx,SSL_CTRL_SET_READ_AHEAD,m,NULL)
+  //# define SSL_CTX_get_max_cert_list(ctx) \
+  //        SSL_CTX_ctrl(ctx,SSL_CTRL_GET_MAX_CERT_LIST,0,NULL)
+  //# define SSL_CTX_set_max_cert_list(ctx,m) \
+  //        SSL_CTX_ctrl(ctx,SSL_CTRL_SET_MAX_CERT_LIST,m,NULL)
+  //# define SSL_get_max_cert_list(ssl) \
+  //        SSL_ctrl(ssl,SSL_CTRL_GET_MAX_CERT_LIST,0,NULL)
+  //# define SSL_set_max_cert_list(ssl,m) \
+  //        SSL_ctrl(ssl,SSL_CTRL_SET_MAX_CERT_LIST,m,NULL)
+  //
+  //# define SSL_CTX_set_max_send_fragment(ctx,m) \
+  //        SSL_CTX_ctrl(ctx,SSL_CTRL_SET_MAX_SEND_FRAGMENT,m,NULL)
+  //# define SSL_set_max_send_fragment(ssl,m) \
+  //        SSL_ctrl(ssl,SSL_CTRL_SET_MAX_SEND_FRAGMENT,m,NULL)
+  //# define SSL_CTX_set_split_send_fragment(ctx,m) \
+  //        SSL_CTX_ctrl(ctx,SSL_CTRL_SET_SPLIT_SEND_FRAGMENT,m,NULL)
+  //# define SSL_set_split_send_fragment(ssl,m) \
+  //        SSL_ctrl(ssl,SSL_CTRL_SET_SPLIT_SEND_FRAGMENT,m,NULL)
+  //# define SSL_CTX_set_max_pipelines(ctx,m) \
+  //        SSL_CTX_ctrl(ctx,SSL_CTRL_SET_MAX_PIPELINES,m,NULL)
+  //# define SSL_set_max_pipelines(ssl,m) \
+  //        SSL_ctrl(ssl,SSL_CTRL_SET_MAX_PIPELINES,m,NULL)
+
+  SSL_CTX_set_default_read_buffer_len: procedure(ctx: PSSL_CTX; len: TIdC_SIZET) cdecl = nil;
+  SSL_set_default_read_buffer_len: procedure(s: PSSL; len: TIdC_SIZET) cdecl = nil;
+
+  SSL_CTX_set_tmp_dh_callback: procedure(ctx: PSSL_CTX; dh: SSL_CTX_set_tmp_dh_callback_dh) cdecl = nil;
+  SSL_set_tmp_dh_callback: procedure(ssl: PSSL; dh: SSL_set_tmp_dh_callback_dh) cdecl = nil;
+
+  //__owur const COMP_METHOD *SSL_get_current_compression(const s: PSSL);
+  //__owur const COMP_METHOD *SSL_get_current_expansion(const s: PSSL);
+  //__owur const PIdAnsiChar *SSL_COMP_get_name(const COMP_METHOD *comp);
+  //__owur const PIdAnsiChar *SSL_COMP_get0_name(const SSL_COMP *comp);
+  //__owur TIdC_INT SSL_COMP_get_id(const SSL_COMP *comp);
+  //STACK_OF(SSL_COMP) *SSL_COMP_get_compression_methods(void);
+  //__owur STACK_OF(SSL_COMP) *SSL_COMP_set0_compression_methods(STACK_OF(SSL_COMP)
+  //                                                             *meths);
+  //# if OPENSSL_API_COMPAT < 0x10100000L
+  //#  define SSL_COMP_free_compression_methods() while(0) continue
+  //# endif
+  //__owur TIdC_INT SSL_COMP_add_compression_method(TIdC_INT id, COMP_METHOD *cm);
+
+  SSL_CIPHER_find: function(ssl: PSSL; const ptr: PByte): PSSL_CIPHER cdecl = nil;
+  SSL_CIPHER_get_cipher_nid: function(const c: PSSL_CIPHEr): TIdC_INT cdecl = nil;
+  SSL_CIPHER_get_digest_nid: function(const c: PSSL_CIPHEr): TIdC_INT cdecl = nil;
+  //TIdC_INT SSL_bytes_to_cipher_list(s: PSSL, const Byte *bytes, TIdC_SIZET len,
+  //                             TIdC_INT isv2format, STACK_OF(SSL_CIPHER) **sk,
+  //                             STACK_OF(SSL_CIPHER) **scsvs);
+
+  (* TLS extensions functions *)
+  SSL_set_session_ticket_ext: function(s: PSSL; ext_data: Pointer; ext_len: TIdC_INT): TIdC_INT cdecl = nil;
+  //
+  SSL_set_session_ticket_ext_cb: function(s: PSSL; cb: tls_session_ticket_ext_cb_fn; arg: Pointer): TIdC_INT cdecl = nil;
+
+  ///* Pre-shared secret session resumption functions */
+  //__owur TIdC_INT SSL_set_session_secret_cb(s: PSSL,
+  //                                     tls_session_secret_cb_fn session_secret_cb,
+  //                                     void *arg);
+
+  SSL_CTX_set_not_resumable_session_callback: procedure(ctx: PSSL_CTX; cb: SSL_CTX_set_not_resumable_session_callback_cb) cdecl = nil;
+  SSL_set_not_resumable_session_callback: procedure(ssl: PSSL; cb: SSL_set_not_resumable_session_callback_cb) cdecl = nil;
+  SSL_CTX_set_record_padding_callback: procedure(ctx: PSSL_CTX; cb: SSL_CTX_set_record_padding_callback_cb) cdecl = nil;
+
+  SSL_CTX_set_record_padding_callback_arg: procedure(ctx: PSSL_CTX; arg: Pointer) cdecl = nil;
+  SSL_CTX_get_record_padding_callback_arg: function(const ctx: PSSL_CTX): Pointer cdecl = nil;
+  SSL_CTX_set_block_padding: function(ctx: PSSL_CTX; block_size: TIdC_SIZET): TIdC_INT cdecl = nil;
+
+  SSL_set_record_padding_callback: procedure(ssl: PSSL; cb: SSL_set_record_padding_callback_cb) cdecl = nil;
+
+  SSL_set_record_padding_callback_arg: procedure(ssl: PSSL; arg: Pointer) cdecl = nil;
+  SSL_get_record_padding_callback_arg: function(const ssl: PSSL): Pointer cdecl = nil;
+  SSL_set_block_padding: function(ssl: PSSL; block_size: TIdC_SIZET): TIdC_INT cdecl = nil;
+  SSL_set_num_tickets: function(s: PSSL; num_tickets: TIdC_SIZET): TIdC_INT cdecl = nil;
+  SSL_get_num_tickets: function(const s: PSSL): TIdC_SIZET cdecl = nil;
+  SSL_CTX_set_num_tickets: function(ctx: PSSL_CTX; num_tickets: TIdC_SIZET): TIdC_INT cdecl = nil;
+  SSL_CTX_get_num_tickets: function(const ctx: PSSL_CTX): TIdC_SIZET cdecl = nil;
+
+  //# if OPENSSL_API_COMPAT < 0x10100000L
+  //#  define SSL_cache_hit(s) SSL_session_reused(s)
+  //# endif
+
+  SSL_session_reused: function(const s: PSSL): TIdC_INT cdecl = nil;
+  SSL_is_server: function(const s: PSSL): TIdC_INT cdecl = nil;
+
+  SSL_CONF_CTX_new: function: PSSL_CONF_CTX cdecl = nil;
+  SSL_CONF_CTX_finish: function(cctx: PSSL_CONF_CTX): TIdC_INT cdecl = nil;
+  SSL_CONF_CTX_free: procedure(cctx: PSSL_CONF_CTX) cdecl = nil;
+  SSL_CONF_CTX_set_flags: function(cctx: PSSL_CONF_CTX; flags: TIdC_UINT): TIdC_UINT cdecl = nil;
+  SSL_CONF_CTX_clear_flags: function(cctx: PSSL_CONF_CTX; flags: TIdC_UINT): TIdC_UINT cdecl = nil;
+  SSL_CONF_CTX_set1_prefix: function(cctx: PSSL_CONF_CTX; const pre: PIdAnsiChar): TIdC_INT cdecl = nil;
+  SSL_CONF_cmd: function(cctx: PSSL_CONF_CTX; const cmd: PIdAnsiChar; const value: PIdAnsiChar): TIdC_INT cdecl = nil;
+  SSL_CONF_cmd_argv: function(cctx: PSSL_CONF_CTX; pargc: PIdC_INT; pargv: PPPIdAnsiChar): TIdC_INT cdecl = nil;
+  SSL_CONF_cmd_value_type: function(cctx: PSSL_CONF_CTX; const cmd: PIdAnsiChar): TIdC_INT cdecl = nil;
+
+  SSL_CONF_CTX_set_ssl: procedure(cctx: PSSL_CONF_CTX; ssl: PSSL) cdecl = nil;
+  SSL_CONF_CTX_set_ssl_ctx: procedure(cctx: PSSL_CONF_CTX; ctx: PSSL_CTX) cdecl = nil;
+  SSL_add_ssl_module: procedure cdecl = nil;
+  SSL_config: function(s: PSSL; const name: PIdAnsiChar): TIdC_INT cdecl = nil;
+  SSL_CTX_config: function(ctx: PSSL_CTX; const name: PIdAnsiChar): TIdC_INT cdecl = nil;
+
+  SSL_trace: procedure(write_p: TIdC_INT; version: TIdC_INT; content_type: TIdC_INT; const buf: Pointer; len: TIdC_SIZET; ssl: PSSL; arg: Pointer) cdecl = nil;
+
+  DTLSv1_listen: function(s: PSSL; client: PBIO_ADDr): TIdC_INT cdecl = nil;
+
+  //# ifndef OPENSSL_NO_CT
+  //
+  ///*
+  // * A callback for verifying that the received SCTs are sufficient.
+  // * Expected to return 1 if they are sufficient, otherwise 0.
+  // * May return a negative integer if an error occurs.
+  // * A connection should be aborted if the SCTs are deemed insufficient.
+  // */
+  //typedef TIdC_INT (*ssl_ct_validation_cb)(const CT_POLICY_EVAL_CTX *ctx,
+  //                                    const STACK_OF(SCT) *scts, void *arg);
+
+  ///*
+  // * Sets a |callback| that is invoked upon receipt of ServerHelloDone to validate
+  // * the received SCTs.
+  // * If the callback returns a non-positive result, the connection is terminated.
+  // * Call this function before beginning a handshake.
+  // * If a NULL |callback| is provided, SCT validation is disabled.
+  // * |arg| is arbitrary userdata that will be passed to the callback whenever it
+  // * is invoked. Ownership of |arg| remains with the caller.
+  // *
+  // * NOTE: A side-effect of setting a CT callback is that an OCSP stapled response
+  // *       will be requested.
+  // */
+  //function SSL_set_ct_validation_callback(s: PSSL; callback: ssl_ct_validation_cb; arg: Pointer): TIdC_INT;
+  //function SSL_CTX_set_ct_validation_callback(ctx: PSSL_CTX; callback: ssl_ct_validation_cb; arg: Pointer): TIdC_INT;
+
+  //#define SSL_disable_ct(s) \
+  //        ((void) SSL_set_validation_callback((s), NULL, NULL))
+  //#define SSL_CTX_disable_ct(ctx) \
+  //        ((void) SSL_CTX_set_validation_callback((ctx), NULL, NULL))
+
+  ///*
+  // * The validation type enumerates the available behaviours of the built-&in SSL
+  // * CT validation callback selected via SSL_enable_ct() and SSL_CTX_enable_ct().
+  // * The underlying callback is a static function &in libssl.
+  // */
+
+  ///*
+  // * Enable CT by setting up a callback that implements one of the built-&in
+  // * validation variants.  The SSL_CT_VALIDATION_PERMISSIVE variant always
+  // * continues the handshake, the application can make appropriate decisions at
+  // * handshake completion.  The SSL_CT_VALIDATION_STRICT variant requires at
+  // * least one valid SCT, or else handshake termination will be requested.  The
+  // * handshake may continue anyway if SSL_VERIFY_NONE is &in effect.
+  // */
+  SSL_enable_ct: function(s: PSSL; validation_mode: TIdC_INT): TIdC_INT cdecl = nil;
+  SSL_CTX_enable_ct: function(ctx: PSSL_CTX; validation_mode: TIdC_INT): TIdC_INT cdecl = nil;
+
+  ///*
+  // * Report whether a non-NULL callback is enabled.
+  // */
+  SSL_ct_is_enabled: function(const s: PSSL): TIdC_INT cdecl = nil;
+  SSL_CTX_ct_is_enabled: function(const ctx: PSSL_CTX): TIdC_INT cdecl = nil;
+
+  ///* Gets the SCTs received from a connection */
+  //const STACK_OF(SCT) *SSL_get0_peer_scts(s: PSSL);
+
+  SSL_CTX_set_default_ctlog_list_file: function(ctx: PSSL_CTX): TIdC_INT cdecl = nil;
+  SSL_CTX_set_ctlog_list_file: function(ctx: PSSL_CTX; const path: PIdAnsiChar): TIdC_INT cdecl = nil;
+  SSL_CTX_set0_ctlog_store: procedure(ctx: PSSL_CTX; logs: PCTLOG_STORE) cdecl = nil;
+
+  // const CTLOG_STORE *SSL_CTX_get0_ctlog_store(const ctx: PSSL_CTX);
+
+  // # endif /* OPENSSL_NO_CT */
+
+  SSL_set_security_level: procedure(s: PSSL; level: TIdC_INT) cdecl = nil;
+
+  ////__owur TIdC_INT SSL_get_security_level(const s: PSSL);
+  SSL_set_security_callback: procedure(s: PSSL; cb: SSL_security_callback) cdecl = nil;
+  SSL_get_security_callback: function(const s: PSSL): SSL_security_callback cdecl = nil;
+  SSL_set0_security_ex_data: procedure(s: PSSL; ex: Pointer) cdecl = nil;
+  SSL_get0_security_ex_data: function(const s: PSSL): Pointer cdecl = nil;
+  SSL_CTX_set_security_level: procedure(ctx: PSSL_CTX; level: TIdC_INT) cdecl = nil;
+  SSL_CTX_get_security_level: function(const ctx: PSSL_CTX): TIdC_INT cdecl = nil;
+  //void SSL_CTX_set_security_callback(ctx: PSSL_CTX,
+  //                                   TIdC_INT (*cb) (const s: PSSL, const ctx: PSSL_CTX,
+  //                                              TIdC_INT op, TIdC_INT bits, TIdC_INT nid,
+  //                                              void *other, void *ex));
+  //TIdC_INT (*SSL_CTX_get_security_callback(const ctx: PSSL_CTX)) (const s: PSSL,
+  //                                                          const ctx: PSSL_CTX,
+  //                                                          TIdC_INT op, TIdC_INT bits,
+  //                                                          TIdC_INT nid,
+  //                                                          void *other,
+  //                                                          void *ex);
+
+  SSL_CTX_get0_security_ex_data: function(const ctx: PSSL_CTX): Pointer cdecl = nil;
+
+  SSL_CTX_set0_security_ex_data: procedure(ctx: PSSL_CTX; ex: Pointer) cdecl = nil;
+
+  OPENSSL_init_ssl: function(opts: TIdC_UINT64; const settings: POPENSSL_INIT_SETTINGS): TIdC_INT cdecl = nil;
+
+  //# ifndef OPENSSL_NO_UNIT_TEST
+  //__owur const struct openssl_ssl_test_functions *SSL_test_functions(void);
+  //# endif
+
+  SSL_free_buffers: function(ssl: PSSL): TIdC_INT cdecl = nil;
+  SSL_alloc_buffers: function(ssl: PSSL): TIdC_INT cdecl = nil;
+
+  SSL_CTX_set_session_ticket_cb: function(ctx: PSSL_CTX; gen_cb: SSL_CTX_generate_session_ticket_fn; dec_cb: SSL_CTX_decrypt_session_ticket_fn; arg: Pointer): TIdC_INT cdecl = nil;
+
+  SSL_SESSION_set1_ticket_appdata: function(ss: PSSL_SESSION; const data: Pointer; len: TIdC_SIZET): TIdC_INT cdecl = nil;
+  SSL_SESSION_get0_ticket_appdata: function(ss: PSSL_SESSION; data: PPointer; len: PIdC_SIZET): TIdC_INT cdecl = nil;
+
+  //extern const PIdAnsiChar SSL_version_str[];
+
+  DTLS_set_timer_cb: procedure(s: PSSL; cb: DTLS_timer_cb) cdecl = nil;
+  SSL_CTX_set_allow_early_data_cb: procedure(ctx: PSSL_CTX; cb: SSL_allow_early_data_cb_fN; arg: Pointer) cdecl = nil;
+  SSL_set_allow_early_data_cb: procedure(s: PSSL; cb: SSL_allow_early_data_cb_fN; arg: Pointer) cdecl = nil;
+
+implementation
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+
+  function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
+  begin
+    Result := LoadLibFunction(ADllHandle, AMethodName);
+    if not Assigned(Result) then
+      AFailed.Add(AMethodName);
+  end;
+
+begin
+  SSL_CTX_get_options := LoadFunction('SSL_CTX_get_options', AFailed);
+  SSL_get_options := LoadFunction('SSL_get_options', AFailed);
+  SSL_CTX_clear_options := LoadFunction('SSL_CTX_clear_options', AFailed);
+  SSL_clear_options := LoadFunction('SSL_clear_options', AFailed);
+  SSL_CTX_set_options := LoadFunction('SSL_CTX_set_options', AFailed);
+  SSL_set_options := LoadFunction('SSL_set_options', AFailed);
+  SSL_CTX_sess_set_new_cb := LoadFunction('SSL_CTX_sess_set_new_cb', AFailed);
+  SSL_CTX_sess_get_new_cb := LoadFunction('SSL_CTX_sess_get_new_cb', AFailed);
+  SSL_CTX_sess_set_remove_cb := LoadFunction('SSL_CTX_sess_set_remove_cb', AFailed);
+  SSL_CTX_sess_get_remove_cb := LoadFunction('SSL_CTX_sess_get_remove_cb', AFailed);
+  SSL_CTX_set_info_callback := LoadFunction('SSL_CTX_set_info_callback', AFailed);
+  SSL_CTX_get_info_callback := LoadFunction('SSL_CTX_get_info_callback', AFailed);
+  SSL_CTX_set_client_cert_cb := LoadFunction('SSL_CTX_set_client_cert_cb', AFailed);
+  SSL_CTX_get_client_cert_cb := LoadFunction('SSL_CTX_get_client_cert_cb', AFailed);
+  SSL_CTX_set_client_cert_engine := LoadFunction('SSL_CTX_set_client_cert_engine', AFailed);
+  SSL_CTX_set_cookie_generate_cb := LoadFunction('SSL_CTX_set_cookie_generate_cb', AFailed);
+  SSL_CTX_set_cookie_verify_cb := LoadFunction('SSL_CTX_set_cookie_verify_cb', AFailed);
+  SSL_CTX_set_stateless_cookie_generate_cb := LoadFunction('SSL_CTX_set_stateless_cookie_generate_cb', AFailed);
+  SSL_CTX_set_stateless_cookie_verify_cb := LoadFunction('SSL_CTX_set_stateless_cookie_verify_cb', AFailed);
+  SSL_CTX_set_alpn_select_cb := LoadFunction('SSL_CTX_set_alpn_select_cb', AFailed);
+  SSL_get0_alpn_selected := LoadFunction('SSL_get0_alpn_selected', AFailed);
+  SSL_CTX_set_psk_client_callback := LoadFunction('SSL_CTX_set_psk_client_callback', AFailed);
+  SSL_set_psk_client_callback := LoadFunction('SSL_set_psk_client_callback', AFailed);
+  SSL_CTX_set_psk_server_callback := LoadFunction('SSL_CTX_set_psk_server_callback', AFailed);
+  SSL_set_psk_server_callback := LoadFunction('SSL_set_psk_server_callback', AFailed);
+  SSL_set_psk_find_session_callback := LoadFunction('SSL_set_psk_find_session_callback', AFailed);
+  SSL_CTX_set_psk_find_session_callback := LoadFunction('SSL_CTX_set_psk_find_session_callback', AFailed);
+  SSL_set_psk_use_session_callback := LoadFunction('SSL_set_psk_use_session_callback', AFailed);
+  SSL_CTX_set_psk_use_session_callback := LoadFunction('SSL_CTX_set_psk_use_session_callback', AFailed);
+  SSL_CTX_set_keylog_callback := LoadFunction('SSL_CTX_set_keylog_callback', AFailed);
+  SSL_CTX_get_keylog_callback := LoadFunction('SSL_CTX_get_keylog_callback', AFailed);
+  SSL_CTX_set_max_early_data := LoadFunction('SSL_CTX_set_max_early_data', AFailed);
+  SSL_CTX_get_max_early_data := LoadFunction('SSL_CTX_get_max_early_data', AFailed);
+  SSL_set_max_early_data := LoadFunction('SSL_set_max_early_data', AFailed);
+  SSL_get_max_early_data := LoadFunction('SSL_get_max_early_data', AFailed);
+  SSL_CTX_set_recv_max_early_data := LoadFunction('SSL_CTX_set_recv_max_early_data', AFailed);
+  SSL_CTX_get_recv_max_early_data := LoadFunction('SSL_CTX_get_recv_max_early_data', AFailed);
+  SSL_set_recv_max_early_data := LoadFunction('SSL_set_recv_max_early_data', AFailed);
+  SSL_get_recv_max_early_data := LoadFunction('SSL_get_recv_max_early_data', AFailed);
+  SSL_in_init := LoadFunction('SSL_in_init', AFailed);
+  SSL_in_before := LoadFunction('SSL_in_before', AFailed);
+  SSL_is_init_finished := LoadFunction('SSL_is_init_finished', AFailed);
+  SSL_get_finished := LoadFunction('SSL_get_finished', AFailed);
+  SSL_get_peer_finished := LoadFunction('SSL_get_peer_finished', AFailed);
+  BIO_f_ssl := LoadFunction('BIO_f_ssl', AFailed);
+  BIO_new_ssl := LoadFunction('BIO_new_ssl', AFailed);
+  BIO_new_ssl_connect := LoadFunction('BIO_new_ssl_connect', AFailed);
+  BIO_new_buffer_ssl_connect := LoadFunction('BIO_new_buffer_ssl_connect', AFailed);
+  BIO_ssl_copy_session_id := LoadFunction('BIO_ssl_copy_session_id', AFailed);
+  SSL_CTX_set_cipher_list := LoadFunction('SSL_CTX_set_cipher_list', AFailed);
+  SSL_CTX_new := LoadFunction('SSL_CTX_new', AFailed);
+  SSL_CTX_set_timeout := LoadFunction('SSL_CTX_set_timeout', AFailed);
+  SSL_CTX_get_timeout := LoadFunction('SSL_CTX_get_timeout', AFailed);
+  SSL_CTX_get_cert_store := LoadFunction('SSL_CTX_get_cert_store', AFailed);
+  SSL_want := LoadFunction('SSL_want', AFailed);
+  SSL_clear := LoadFunction('SSL_clear', AFailed);
+  BIO_ssl_shutdown := LoadFunction('BIO_ssl_shutdown', AFailed);
+  SSL_CTX_up_ref := LoadFunction('SSL_CTX_up_ref', AFailed);
+  SSL_CTX_free := LoadFunction('SSL_CTX_free', AFailed);
+  SSL_CTX_set_cert_store := LoadFunction('SSL_CTX_set_cert_store', AFailed);
+  SSL_CTX_set1_cert_store := LoadFunction('SSL_CTX_set1_cert_store', AFailed);
+  SSL_CTX_flush_sessions := LoadFunction('SSL_CTX_flush_sessions', AFailed);
+  SSL_get_current_cipher := LoadFunction('SSL_get_current_cipher', AFailed);
+  SSL_get_pending_cipher := LoadFunction('SSL_get_pending_cipher', AFailed);
+  SSL_CIPHER_get_bits := LoadFunction('SSL_CIPHER_get_bits', AFailed);
+  SSL_CIPHER_get_version := LoadFunction('SSL_CIPHER_get_version', AFailed);
+  SSL_CIPHER_get_name := LoadFunction('SSL_CIPHER_get_name', AFailed);
+  SSL_CIPHER_standard_name := LoadFunction('SSL_CIPHER_standard_name', AFailed);
+  OPENSSL_cipher_name := LoadFunction('OPENSSL_cipher_name', AFailed);
+  SSL_CIPHER_get_id := LoadFunction('SSL_CIPHER_get_id', AFailed);
+  SSL_CIPHER_get_protocol_id := LoadFunction('SSL_CIPHER_get_protocol_id', AFailed);
+  SSL_CIPHER_get_kx_nid := LoadFunction('SSL_CIPHER_get_kx_nid', AFailed);
+  SSL_CIPHER_get_auth_nid := LoadFunction('SSL_CIPHER_get_auth_nid', AFailed);
+  SSL_CIPHER_get_handshake_digest := LoadFunction('SSL_CIPHER_get_handshake_digest', AFailed);
+  SSL_CIPHER_is_aead := LoadFunction('SSL_CIPHER_is_aead', AFailed);
+  SSL_get_fd := LoadFunction('SSL_get_fd', AFailed);
+  SSL_get_rfd := LoadFunction('SSL_get_rfd', AFailed);
+  SSL_get_wfd := LoadFunction('SSL_get_wfd', AFailed);
+  SSL_get_cipher_list := LoadFunction('SSL_get_cipher_list', AFailed);
+  SSL_get_shared_ciphers := LoadFunction('SSL_get_shared_ciphers', AFailed);
+  SSL_get_read_ahead := LoadFunction('SSL_get_read_ahead', AFailed);
+  SSL_pending := LoadFunction('SSL_pending', AFailed);
+  SSL_has_pending := LoadFunction('SSL_has_pending', AFailed);
+  SSL_set_fd := LoadFunction('SSL_set_fd', AFailed);
+  SSL_set_rfd := LoadFunction('SSL_set_rfd', AFailed);
+  SSL_set_wfd := LoadFunction('SSL_set_wfd', AFailed);
+  SSL_set0_rbio := LoadFunction('SSL_set0_rbio', AFailed);
+  SSL_set0_wbio := LoadFunction('SSL_set0_wbio', AFailed);
+  SSL_set_bio := LoadFunction('SSL_set_bio', AFailed);
+  SSL_get_rbio := LoadFunction('SSL_get_rbio', AFailed);
+  SSL_get_wbio := LoadFunction('SSL_get_wbio', AFailed);
+  SSL_set_cipher_list := LoadFunction('SSL_set_cipher_list', AFailed);
+  SSL_CTX_set_ciphersuites := LoadFunction('SSL_CTX_set_ciphersuites', AFailed);
+  SSL_set_ciphersuites := LoadFunction('SSL_set_ciphersuites', AFailed);
+  SSL_get_verify_mode := LoadFunction('SSL_get_verify_mode', AFailed);
+  SSL_get_verify_depth := LoadFunction('SSL_get_verify_depth', AFailed);
+  SSL_get_verify_callback := LoadFunction('SSL_get_verify_callback', AFailed);
+  SSL_set_read_ahead := LoadFunction('SSL_set_read_ahead', AFailed);
+  SSL_set_verify := LoadFunction('SSL_set_verify', AFailed);
+  SSL_set_verify_depth := LoadFunction('SSL_set_verify_depth', AFailed);
+  SSL_use_RSAPrivateKey := LoadFunction('SSL_use_RSAPrivateKey', AFailed);
+  SSL_use_RSAPrivateKey_ASN1 := LoadFunction('SSL_use_RSAPrivateKey_ASN1', AFailed);
+  SSL_use_PrivateKey := LoadFunction('SSL_use_PrivateKey', AFailed);
+  SSL_use_PrivateKey_ASN1 := LoadFunction('SSL_use_PrivateKey_ASN1', AFailed);
+  SSL_use_certificate := LoadFunction('SSL_use_certificate', AFailed);
+  SSL_use_certificate_ASN1 := LoadFunction('SSL_use_certificate_ASN1', AFailed);
+  SSL_CTX_use_serverinfo := LoadFunction('SSL_CTX_use_serverinfo', AFailed);
+  SSL_CTX_use_serverinfo_ex := LoadFunction('SSL_CTX_use_serverinfo_ex', AFailed);
+  SSL_CTX_use_serverinfo_file := LoadFunction('SSL_CTX_use_serverinfo_file', AFailed);
+  SSL_use_RSAPrivateKey_file := LoadFunction('SSL_use_RSAPrivateKey_file', AFailed);
+  SSL_use_PrivateKey_file := LoadFunction('SSL_use_PrivateKey_file', AFailed);
+  SSL_use_certificate_file := LoadFunction('SSL_use_certificate_file', AFailed);
+  SSL_CTX_use_RSAPrivateKey_file := LoadFunction('SSL_CTX_use_RSAPrivateKey_file', AFailed);
+  SSL_CTX_use_PrivateKey_file := LoadFunction('SSL_CTX_use_PrivateKey_file', AFailed);
+  SSL_CTX_use_certificate_file := LoadFunction('SSL_CTX_use_certificate_file', AFailed);
+  SSL_CTX_use_certificate_chain_file := LoadFunction('SSL_CTX_use_certificate_chain_file', AFailed);
+  SSL_use_certificate_chain_file := LoadFunction('SSL_use_certificate_chain_file', AFailed);
+  SSL_state_string := LoadFunction('SSL_state_string', AFailed);
+  SSL_rstate_string := LoadFunction('SSL_rstate_string', AFailed);
+  SSL_state_string_long := LoadFunction('SSL_state_string_long', AFailed);
+  SSL_rstate_string_long := LoadFunction('SSL_rstate_string_long', AFailed);
+  SSL_SESSION_get_time := LoadFunction('SSL_SESSION_get_time', AFailed);
+  SSL_SESSION_set_time := LoadFunction('SSL_SESSION_set_time', AFailed);
+  SSL_SESSION_get_timeout := LoadFunction('SSL_SESSION_get_timeout', AFailed);
+  SSL_SESSION_set_timeout := LoadFunction('SSL_SESSION_set_timeout', AFailed);
+  SSL_SESSION_get_protocol_version := LoadFunction('SSL_SESSION_get_protocol_version', AFailed);
+  SSL_SESSION_set_protocol_version := LoadFunction('SSL_SESSION_set_protocol_version', AFailed);
+  SSL_SESSION_get0_hostname := LoadFunction('SSL_SESSION_get0_hostname', AFailed);
+  SSL_SESSION_set1_hostname := LoadFunction('SSL_SESSION_set1_hostname', AFailed);
+  SSL_SESSION_get0_alpn_selected := LoadFunction('SSL_SESSION_get0_alpn_selected', AFailed);
+  SSL_SESSION_set1_alpn_selected := LoadFunction('SSL_SESSION_set1_alpn_selected', AFailed);
+  SSL_SESSION_get0_cipher := LoadFunction('SSL_SESSION_get0_cipher', AFailed);
+  SSL_SESSION_set_cipher := LoadFunction('SSL_SESSION_set_cipher', AFailed);
+  SSL_SESSION_has_ticket := LoadFunction('SSL_SESSION_has_ticket', AFailed);
+  SSL_SESSION_get_ticket_lifetime_hint := LoadFunction('SSL_SESSION_get_ticket_lifetime_hint', AFailed);
+  SSL_SESSION_get0_ticket := LoadFunction('SSL_SESSION_get0_ticket', AFailed);
+  SSL_SESSION_get_max_early_data := LoadFunction('SSL_SESSION_get_max_early_data', AFailed);
+  SSL_SESSION_set_max_early_data := LoadFunction('SSL_SESSION_set_max_early_data', AFailed);
+  SSL_copy_session_id := LoadFunction('SSL_copy_session_id', AFailed);
+  SSL_SESSION_get0_peer := LoadFunction('SSL_SESSION_get0_peer', AFailed);
+  SSL_SESSION_set1_id_context := LoadFunction('SSL_SESSION_set1_id_context', AFailed);
+  SSL_SESSION_set1_id := LoadFunction('SSL_SESSION_set1_id', AFailed);
+  SSL_SESSION_is_resumable := LoadFunction('SSL_SESSION_is_resumable', AFailed);
+  SSL_SESSION_new := LoadFunction('SSL_SESSION_new', AFailed);
+  SSL_SESSION_dup := LoadFunction('SSL_SESSION_dup', AFailed);
+  SSL_SESSION_get_id := LoadFunction('SSL_SESSION_get_id', AFailed);
+  SSL_SESSION_get0_id_context := LoadFunction('SSL_SESSION_get0_id_context', AFailed);
+  SSL_SESSION_get_compress_id := LoadFunction('SSL_SESSION_get_compress_id', AFailed);
+  SSL_SESSION_print := LoadFunction('SSL_SESSION_print', AFailed);
+  SSL_SESSION_print_keylog := LoadFunction('SSL_SESSION_print_keylog', AFailed);
+  SSL_SESSION_up_ref := LoadFunction('SSL_SESSION_up_ref', AFailed);
+  SSL_SESSION_free := LoadFunction('SSL_SESSION_free', AFailed);
+  SSL_set_session := LoadFunction('SSL_set_session', AFailed);
+  SSL_CTX_add_session := LoadFunction('SSL_CTX_add_session', AFailed);
+  SSL_CTX_remove_session := LoadFunction('SSL_CTX_remove_session', AFailed);
+  SSL_CTX_set_generate_session_id := LoadFunction('SSL_CTX_set_generate_session_id', AFailed);
+  SSL_set_generate_session_id := LoadFunction('SSL_set_generate_session_id', AFailed);
+  SSL_has_matching_session_id := LoadFunction('SSL_has_matching_session_id', AFailed);
+  d2i_SSL_SESSION := LoadFunction('d2i_SSL_SESSION', AFailed);
+  SSL_get_peer_certificate := LoadFunction('SSL_get_peer_certificate', AFailed);
+  SSL_CTX_get_verify_mode := LoadFunction('SSL_CTX_get_verify_mode', AFailed);
+  SSL_CTX_get_verify_depth := LoadFunction('SSL_CTX_get_verify_depth', AFailed);
+  SSL_CTX_get_verify_callback := LoadFunction('SSL_CTX_get_verify_callback', AFailed);
+  SSL_CTX_set_verify := LoadFunction('SSL_CTX_set_verify', AFailed);
+  SSL_CTX_set_verify_depth := LoadFunction('SSL_CTX_set_verify_depth', AFailed);
+  SSL_CTX_set_cert_verify_callback := LoadFunction('SSL_CTX_set_cert_verify_callback', AFailed);
+  SSL_CTX_set_cert_cb := LoadFunction('SSL_CTX_set_cert_cb', AFailed);
+  SSL_CTX_use_RSAPrivateKey := LoadFunction('SSL_CTX_use_RSAPrivateKey', AFailed);
+  SSL_CTX_use_RSAPrivateKey_ASN1 := LoadFunction('SSL_CTX_use_RSAPrivateKey_ASN1', AFailed);
+  SSL_CTX_use_PrivateKey := LoadFunction('SSL_CTX_use_PrivateKey', AFailed);
+  SSL_CTX_use_PrivateKey_ASN1 := LoadFunction('SSL_CTX_use_PrivateKey_ASN1', AFailed);
+  SSL_CTX_use_certificate := LoadFunction('SSL_CTX_use_certificate', AFailed);
+  SSL_CTX_use_certificate_ASN1 := LoadFunction('SSL_CTX_use_certificate_ASN1', AFailed);
+  SSL_CTX_set_default_passwd_cb := LoadFunction('SSL_CTX_set_default_passwd_cb', AFailed);
+  SSL_CTX_set_default_passwd_cb_userdata := LoadFunction('SSL_CTX_set_default_passwd_cb_userdata', AFailed);
+  SSL_CTX_get_default_passwd_cb := LoadFunction('SSL_CTX_get_default_passwd_cb', AFailed);
+  SSL_CTX_get_default_passwd_cb_userdata := LoadFunction('SSL_CTX_get_default_passwd_cb_userdata', AFailed);
+  SSL_set_default_passwd_cb := LoadFunction('SSL_set_default_passwd_cb', AFailed);
+  SSL_set_default_passwd_cb_userdata := LoadFunction('SSL_set_default_passwd_cb_userdata', AFailed);
+  SSL_get_default_passwd_cb := LoadFunction('SSL_get_default_passwd_cb', AFailed);
+  SSL_get_default_passwd_cb_userdata := LoadFunction('SSL_get_default_passwd_cb_userdata', AFailed);
+  SSL_CTX_check_private_key := LoadFunction('SSL_CTX_check_private_key', AFailed);
+  SSL_check_private_key := LoadFunction('SSL_check_private_key', AFailed);
+  SSL_CTX_set_session_id_context := LoadFunction('SSL_CTX_set_session_id_context', AFailed);
+  SSL_new := LoadFunction('SSL_new', AFailed);
+  SSL_up_ref := LoadFunction('SSL_up_ref', AFailed);
+  SSL_is_dtls := LoadFunction('SSL_is_dtls', AFailed);
+  SSL_set_session_id_context := LoadFunction('SSL_set_session_id_context', AFailed);
+  SSL_CTX_set_purpose := LoadFunction('SSL_CTX_set_purpose', AFailed);
+  SSL_set_purpose := LoadFunction('SSL_set_purpose', AFailed);
+  SSL_CTX_set_trust := LoadFunction('SSL_CTX_set_trust', AFailed);
+  SSL_set_trust := LoadFunction('SSL_set_trust', AFailed);
+  SSL_set1_host := LoadFunction('SSL_set1_host', AFailed);
+  SSL_add1_host := LoadFunction('SSL_add1_host', AFailed);
+  SSL_get0_peername := LoadFunction('SSL_get0_peername', AFailed);
+  SSL_set_hostflags := LoadFunction('SSL_set_hostflags', AFailed);
+  SSL_CTX_dane_enable := LoadFunction('SSL_CTX_dane_enable', AFailed);
+  SSL_CTX_dane_mtype_set := LoadFunction('SSL_CTX_dane_mtype_set', AFailed);
+  SSL_dane_enable := LoadFunction('SSL_dane_enable', AFailed);
+  SSL_dane_tlsa_add := LoadFunction('SSL_dane_tlsa_add', AFailed);
+  SSL_get0_dane_authority := LoadFunction('SSL_get0_dane_authority', AFailed);
+  SSL_get0_dane_tlsa := LoadFunction('SSL_get0_dane_tlsa', AFailed);
+  SSL_get0_dane := LoadFunction('SSL_get0_dane', AFailed);
+  SSL_CTX_dane_set_flags := LoadFunction('SSL_CTX_dane_set_flags', AFailed);
+  SSL_CTX_dane_clear_flags := LoadFunction('SSL_CTX_dane_clear_flags', AFailed);
+  SSL_dane_set_flags := LoadFunction('SSL_dane_set_flags', AFailed);
+  SSL_dane_clear_flags := LoadFunction('SSL_dane_clear_flags', AFailed);
+  SSL_CTX_set1_param := LoadFunction('SSL_CTX_set1_param', AFailed);
+  SSL_set1_param := LoadFunction('SSL_set1_param', AFailed);
+  SSL_CTX_get0_param := LoadFunction('SSL_CTX_get0_param', AFailed);
+  SSL_get0_param := LoadFunction('SSL_get0_param', AFailed);
+  SSL_CTX_set_srp_username := LoadFunction('SSL_CTX_set_srp_username', AFailed);
+  SSL_CTX_set_srp_password := LoadFunction('SSL_CTX_set_srp_password', AFailed);
+  SSL_CTX_set_srp_strength := LoadFunction('SSL_CTX_set_srp_strength', AFailed);
+  SSL_CTX_set_srp_client_pwd_callback := LoadFunction('SSL_CTX_set_srp_client_pwd_callback', AFailed);
+  SSL_CTX_set_srp_verify_param_callback := LoadFunction('SSL_CTX_set_srp_verify_param_callback', AFailed);
+  SSL_CTX_set_srp_username_callback := LoadFunction('SSL_CTX_set_srp_username_callback', AFailed);
+  SSL_CTX_set_srp_cb_arg := LoadFunction('SSL_CTX_set_srp_cb_arg', AFailed);
+  SSL_set_srp_server_param := LoadFunction('SSL_set_srp_server_param', AFailed);
+  SSL_set_srp_server_param_pw := LoadFunction('SSL_set_srp_server_param_pw', AFailed);
+  SSL_CTX_set_client_hello_cb := LoadFunction('SSL_CTX_set_client_hello_cb', AFailed);
+  SSL_client_hello_isv2 := LoadFunction('SSL_client_hello_isv2', AFailed);
+  SSL_client_hello_get0_legacy_version := LoadFunction('SSL_client_hello_get0_legacy_version', AFailed);
+  SSL_client_hello_get0_random := LoadFunction('SSL_client_hello_get0_random', AFailed);
+  SSL_client_hello_get0_session_id := LoadFunction('SSL_client_hello_get0_session_id', AFailed);
+  SSL_client_hello_get0_ciphers := LoadFunction('SSL_client_hello_get0_ciphers', AFailed);
+  SSL_client_hello_get0_compression_methods := LoadFunction('SSL_client_hello_get0_compression_methods', AFailed);
+  SSL_client_hello_get1_extensions_present := LoadFunction('SSL_client_hello_get1_extensions_present', AFailed);
+  SSL_client_hello_get0_ext := LoadFunction('SSL_client_hello_get0_ext', AFailed);
+  SSL_certs_clear := LoadFunction('SSL_certs_clear', AFailed);
+  SSL_free := LoadFunction('SSL_free', AFailed);
+  SSL_waiting_for_async := LoadFunction('SSL_waiting_for_async', AFailed);
+  SSL_get_all_async_fds := LoadFunction('SSL_get_all_async_fds', AFailed);
+  SSL_get_changed_async_fds := LoadFunction('SSL_get_changed_async_fds', AFailed);
+  SSL_accept := LoadFunction('SSL_accept', AFailed);
+  SSL_stateless := LoadFunction('SSL_stateless', AFailed);
+  SSL_connect := LoadFunction('SSL_connect', AFailed);
+  SSL_read := LoadFunction('SSL_read', AFailed);
+  SSL_read_ex := LoadFunction('SSL_read_ex', AFailed);
+  SSL_read_early_data := LoadFunction('SSL_read_early_data', AFailed);
+  SSL_peek := LoadFunction('SSL_peek', AFailed);
+  SSL_peek_ex := LoadFunction('SSL_peek_ex', AFailed);
+  SSL_write := LoadFunction('SSL_write', AFailed);
+  SSL_write_ex := LoadFunction('SSL_write_ex', AFailed);
+  SSL_write_early_data := LoadFunction('SSL_write_early_data', AFailed);
+  SSL_callback_ctrl := LoadFunction('SSL_callback_ctrl', AFailed);
+  SSL_ctrl := LoadFunction('SSL_ctrl', AFailed);
+  SSL_CTX_ctrl := LoadFunction('SSL_CTX_ctrl', AFailed);
+  SSL_CTX_callback_ctrl := LoadFunction('SSL_CTX_callback_ctrl', AFailed);
+  SSL_get_early_data_status := LoadFunction('SSL_get_early_data_status', AFailed);
+  SSL_get_error := LoadFunction('SSL_get_error', AFailed);
+  SSL_get_version := LoadFunction('SSL_get_version', AFailed);
+  SSL_CTX_set_ssl_version := LoadFunction('SSL_CTX_set_ssl_version', AFailed);
+  TLS_method := LoadFunction('TLS_method', AFailed);
+  TLS_server_method := LoadFunction('TLS_server_method', AFailed);
+  TLS_client_method := LoadFunction('TLS_client_method', AFailed);
+  SSL_key_update := LoadFunction('SSL_key_update', AFailed);
+  SSL_get_key_update_type := LoadFunction('SSL_get_key_update_type', AFailed);
+  SSL_renegotiate := LoadFunction('SSL_renegotiate', AFailed);
+  SSL_renegotiate_abbreviated := LoadFunction('SSL_renegotiate_abbreviated', AFailed);
+  SSL_shutdown := LoadFunction('SSL_shutdown', AFailed);
+  SSL_CTX_set_post_handshake_auth := LoadFunction('SSL_CTX_set_post_handshake_auth', AFailed);
+  SSL_set_post_handshake_auth := LoadFunction('SSL_set_post_handshake_auth', AFailed);
+  SSL_renegotiate_pending := LoadFunction('SSL_renegotiate_pending', AFailed);
+  SSL_verify_client_post_handshake := LoadFunction('SSL_verify_client_post_handshake', AFailed);
+  SSL_CTX_get_ssl_method := LoadFunction('SSL_CTX_get_ssl_method', AFailed);
+  SSL_get_ssl_method := LoadFunction('SSL_get_ssl_method', AFailed);
+  SSL_set_ssl_method := LoadFunction('SSL_set_ssl_method', AFailed);
+  SSL_alert_type_string_long := LoadFunction('SSL_alert_type_string_long', AFailed);
+  SSL_alert_type_string := LoadFunction('SSL_alert_type_string', AFailed);
+  SSL_alert_desc_string_long := LoadFunction('SSL_alert_desc_string_long', AFailed);
+  SSL_alert_desc_string := LoadFunction('SSL_alert_desc_string', AFailed);
+  SSL_add_client_CA := LoadFunction('SSL_add_client_CA', AFailed);
+  SSL_CTX_add_client_CA := LoadFunction('SSL_CTX_add_client_CA', AFailed);
+  SSL_set_connect_state := LoadFunction('SSL_set_connect_state', AFailed);
+  SSL_set_accept_state := LoadFunction('SSL_set_accept_state', AFailed);
+  SSL_dup := LoadFunction('SSL_dup', AFailed);
+  SSL_get_certificate := LoadFunction('SSL_get_certificate', AFailed);
+  SSL_get_privatekey := LoadFunction('SSL_get_privatekey', AFailed);
+  SSL_CTX_get0_certificate := LoadFunction('SSL_CTX_get0_certificate', AFailed);
+  SSL_CTX_get0_privatekey := LoadFunction('SSL_CTX_get0_privatekey', AFailed);
+  SSL_CTX_set_quiet_shutdown := LoadFunction('SSL_CTX_set_quiet_shutdown', AFailed);
+  SSL_CTX_get_quiet_shutdown := LoadFunction('SSL_CTX_get_quiet_shutdown', AFailed);
+  SSL_set_quiet_shutdown := LoadFunction('SSL_set_quiet_shutdown', AFailed);
+  SSL_get_quiet_shutdown := LoadFunction('SSL_get_quiet_shutdown', AFailed);
+  SSL_set_shutdown := LoadFunction('SSL_set_shutdown', AFailed);
+  SSL_get_shutdown := LoadFunction('SSL_get_shutdown', AFailed);
+  SSL_version := LoadFunction('SSL_version', AFailed);
+  SSL_client_version := LoadFunction('SSL_client_version', AFailed);
+  SSL_CTX_set_default_verify_paths := LoadFunction('SSL_CTX_set_default_verify_paths', AFailed);
+  SSL_CTX_set_default_verify_dir := LoadFunction('SSL_CTX_set_default_verify_dir', AFailed);
+  SSL_CTX_set_default_verify_file := LoadFunction('SSL_CTX_set_default_verify_file', AFailed);
+  SSL_CTX_load_verify_locations := LoadFunction('SSL_CTX_load_verify_locations', AFailed);
+  SSL_get_session := LoadFunction('SSL_get_session', AFailed);
+  SSL_get1_session := LoadFunction('SSL_get1_session', AFailed);
+  SSL_get_SSL_CTX := LoadFunction('SSL_get_SSL_CTX', AFailed);
+  SSL_set_SSL_CTX := LoadFunction('SSL_set_SSL_CTX', AFailed);
+  SSL_set_info_callback := LoadFunction('SSL_set_info_callback', AFailed);
+  SSL_get_info_callback := LoadFunction('SSL_get_info_callback', AFailed);
+  SSL_get_state := LoadFunction('SSL_get_state', AFailed);
+  SSL_set_verify_result := LoadFunction('SSL_set_verify_result', AFailed);
+  SSL_get_verify_result := LoadFunction('SSL_get_verify_result', AFailed);
+  SSL_get_client_random := LoadFunction('SSL_get_client_random', AFailed);
+  SSL_get_server_random := LoadFunction('SSL_get_server_random', AFailed);
+  SSL_SESSION_get_master_key := LoadFunction('SSL_SESSION_get_master_key', AFailed);
+  SSL_SESSION_set1_master_key := LoadFunction('SSL_SESSION_set1_master_key', AFailed);
+  SSL_SESSION_get_max_fragment_length := LoadFunction('SSL_SESSION_get_max_fragment_length', AFailed);
+  SSL_set_ex_data := LoadFunction('SSL_set_ex_data', AFailed);
+  SSL_get_ex_data := LoadFunction('SSL_get_ex_data', AFailed);
+  SSL_SESSION_set_ex_data := LoadFunction('SSL_SESSION_set_ex_data', AFailed);
+  SSL_SESSION_get_ex_data := LoadFunction('SSL_SESSION_get_ex_data', AFailed);
+  SSL_CTX_set_ex_data := LoadFunction('SSL_CTX_set_ex_data', AFailed);
+  SSL_CTX_get_ex_data := LoadFunction('SSL_CTX_get_ex_data', AFailed);
+  SSL_get_ex_data_X509_STORE_CTX_idx := LoadFunction('SSL_get_ex_data_X509_STORE_CTX_idx', AFailed);
+  SSL_CTX_set_default_read_buffer_len := LoadFunction('SSL_CTX_set_default_read_buffer_len', AFailed);
+  SSL_set_default_read_buffer_len := LoadFunction('SSL_set_default_read_buffer_len', AFailed);
+  SSL_CTX_set_tmp_dh_callback := LoadFunction('SSL_CTX_set_tmp_dh_callback', AFailed);
+  SSL_set_tmp_dh_callback := LoadFunction('SSL_set_tmp_dh_callback', AFailed);
+  SSL_CIPHER_find := LoadFunction('SSL_CIPHER_find', AFailed);
+  SSL_CIPHER_get_cipher_nid := LoadFunction('SSL_CIPHER_get_cipher_nid', AFailed);
+  SSL_CIPHER_get_digest_nid := LoadFunction('SSL_CIPHER_get_digest_nid', AFailed);
+  SSL_set_session_ticket_ext := LoadFunction('SSL_set_session_ticket_ext', AFailed);
+  SSL_set_session_ticket_ext_cb := LoadFunction('SSL_set_session_ticket_ext_cb', AFailed);
+  SSL_CTX_set_not_resumable_session_callback := LoadFunction('SSL_CTX_set_not_resumable_session_callback', AFailed);
+  SSL_set_not_resumable_session_callback := LoadFunction('SSL_set_not_resumable_session_callback', AFailed);
+  SSL_CTX_set_record_padding_callback := LoadFunction('SSL_CTX_set_record_padding_callback', AFailed);
+  SSL_CTX_set_record_padding_callback_arg := LoadFunction('SSL_CTX_set_record_padding_callback_arg', AFailed);
+  SSL_CTX_get_record_padding_callback_arg := LoadFunction('SSL_CTX_get_record_padding_callback_arg', AFailed);
+  SSL_CTX_set_block_padding := LoadFunction('SSL_CTX_set_block_padding', AFailed);
+  SSL_set_record_padding_callback := LoadFunction('SSL_set_record_padding_callback', AFailed);
+  SSL_set_record_padding_callback_arg := LoadFunction('SSL_set_record_padding_callback_arg', AFailed);
+  SSL_get_record_padding_callback_arg := LoadFunction('SSL_get_record_padding_callback_arg', AFailed);
+  SSL_set_block_padding := LoadFunction('SSL_set_block_padding', AFailed);
+  SSL_set_num_tickets := LoadFunction('SSL_set_num_tickets', AFailed);
+  SSL_get_num_tickets := LoadFunction('SSL_get_num_tickets', AFailed);
+  SSL_CTX_set_num_tickets := LoadFunction('SSL_CTX_set_num_tickets', AFailed);
+  SSL_CTX_get_num_tickets := LoadFunction('SSL_CTX_get_num_tickets', AFailed);
+  SSL_session_reused := LoadFunction('SSL_session_reused', AFailed);
+  SSL_is_server := LoadFunction('SSL_is_server', AFailed);
+  SSL_CONF_CTX_new := LoadFunction('SSL_CONF_CTX_new', AFailed);
+  SSL_CONF_CTX_finish := LoadFunction('SSL_CONF_CTX_finish', AFailed);
+  SSL_CONF_CTX_free := LoadFunction('SSL_CONF_CTX_free', AFailed);
+  SSL_CONF_CTX_set_flags := LoadFunction('SSL_CONF_CTX_set_flags', AFailed);
+  SSL_CONF_CTX_clear_flags := LoadFunction('SSL_CONF_CTX_clear_flags', AFailed);
+  SSL_CONF_CTX_set1_prefix := LoadFunction('SSL_CONF_CTX_set1_prefix', AFailed);
+  SSL_CONF_cmd := LoadFunction('SSL_CONF_cmd', AFailed);
+  SSL_CONF_cmd_argv := LoadFunction('SSL_CONF_cmd_argv', AFailed);
+  SSL_CONF_cmd_value_type := LoadFunction('SSL_CONF_cmd_value_type', AFailed);
+  SSL_CONF_CTX_set_ssl := LoadFunction('SSL_CONF_CTX_set_ssl', AFailed);
+  SSL_CONF_CTX_set_ssl_ctx := LoadFunction('SSL_CONF_CTX_set_ssl_ctx', AFailed);
+  SSL_add_ssl_module := LoadFunction('SSL_add_ssl_module', AFailed);
+  SSL_config := LoadFunction('SSL_config', AFailed);
+  SSL_CTX_config := LoadFunction('SSL_CTX_config', AFailed);
+  SSL_trace := LoadFunction('SSL_trace', AFailed);
+  DTLSv1_listen := LoadFunction('DTLSv1_listen', AFailed);
+  SSL_enable_ct := LoadFunction('SSL_enable_ct', AFailed);
+  SSL_CTX_enable_ct := LoadFunction('SSL_CTX_enable_ct', AFailed);
+  SSL_ct_is_enabled := LoadFunction('SSL_ct_is_enabled', AFailed);
+  SSL_CTX_ct_is_enabled := LoadFunction('SSL_CTX_ct_is_enabled', AFailed);
+  SSL_CTX_set_default_ctlog_list_file := LoadFunction('SSL_CTX_set_default_ctlog_list_file', AFailed);
+  SSL_CTX_set_ctlog_list_file := LoadFunction('SSL_CTX_set_ctlog_list_file', AFailed);
+  SSL_CTX_set0_ctlog_store := LoadFunction('SSL_CTX_set0_ctlog_store', AFailed);
+  SSL_set_security_level := LoadFunction('SSL_set_security_level', AFailed);
+  SSL_set_security_callback := LoadFunction('SSL_set_security_callback', AFailed);
+  SSL_get_security_callback := LoadFunction('SSL_get_security_callback', AFailed);
+  SSL_set0_security_ex_data := LoadFunction('SSL_set0_security_ex_data', AFailed);
+  SSL_get0_security_ex_data := LoadFunction('SSL_get0_security_ex_data', AFailed);
+  SSL_CTX_set_security_level := LoadFunction('SSL_CTX_set_security_level', AFailed);
+  SSL_CTX_get_security_level := LoadFunction('SSL_CTX_get_security_level', AFailed);
+  SSL_CTX_get0_security_ex_data := LoadFunction('SSL_CTX_get0_security_ex_data', AFailed);
+  SSL_CTX_set0_security_ex_data := LoadFunction('SSL_CTX_set0_security_ex_data', AFailed);
+  OPENSSL_init_ssl := LoadFunction('OPENSSL_init_ssl', AFailed);
+  SSL_free_buffers := LoadFunction('SSL_free_buffers', AFailed);
+  SSL_alloc_buffers := LoadFunction('SSL_alloc_buffers', AFailed);
+  SSL_CTX_set_session_ticket_cb := LoadFunction('SSL_CTX_set_session_ticket_cb', AFailed);
+  SSL_SESSION_set1_ticket_appdata := LoadFunction('SSL_SESSION_set1_ticket_appdata', AFailed);
+  SSL_SESSION_get0_ticket_appdata := LoadFunction('SSL_SESSION_get0_ticket_appdata', AFailed);
+  DTLS_set_timer_cb := LoadFunction('DTLS_set_timer_cb', AFailed);
+  SSL_CTX_set_allow_early_data_cb := LoadFunction('SSL_CTX_set_allow_early_data_cb', AFailed);
+  SSL_set_allow_early_data_cb := LoadFunction('SSL_set_allow_early_data_cb', AFailed);
+end;
+
+procedure UnLoad;
+begin
+  SSL_CTX_get_options := nil;
+  SSL_get_options := nil;
+  SSL_CTX_clear_options := nil;
+  SSL_clear_options := nil;
+  SSL_CTX_set_options := nil;
+  SSL_set_options := nil;
+  SSL_CTX_sess_set_new_cb := nil;
+  SSL_CTX_sess_get_new_cb := nil;
+  SSL_CTX_sess_set_remove_cb := nil;
+  SSL_CTX_sess_get_remove_cb := nil;
+  SSL_CTX_set_info_callback := nil;
+  SSL_CTX_get_info_callback := nil;
+  SSL_CTX_set_client_cert_cb := nil;
+  SSL_CTX_get_client_cert_cb := nil;
+  SSL_CTX_set_client_cert_engine := nil;
+  SSL_CTX_set_cookie_generate_cb := nil;
+  SSL_CTX_set_cookie_verify_cb := nil;
+  SSL_CTX_set_stateless_cookie_generate_cb := nil;
+  SSL_CTX_set_stateless_cookie_verify_cb := nil;
+  SSL_CTX_set_alpn_select_cb := nil;
+  SSL_get0_alpn_selected := nil;
+  SSL_CTX_set_psk_client_callback := nil;
+  SSL_set_psk_client_callback := nil;
+  SSL_CTX_set_psk_server_callback := nil;
+  SSL_set_psk_server_callback := nil;
+  SSL_set_psk_find_session_callback := nil;
+  SSL_CTX_set_psk_find_session_callback := nil;
+  SSL_set_psk_use_session_callback := nil;
+  SSL_CTX_set_psk_use_session_callback := nil;
+  SSL_CTX_set_keylog_callback := nil;
+  SSL_CTX_get_keylog_callback := nil;
+  SSL_CTX_set_max_early_data := nil;
+  SSL_CTX_get_max_early_data := nil;
+  SSL_set_max_early_data := nil;
+  SSL_get_max_early_data := nil;
+  SSL_CTX_set_recv_max_early_data := nil;
+  SSL_CTX_get_recv_max_early_data := nil;
+  SSL_set_recv_max_early_data := nil;
+  SSL_get_recv_max_early_data := nil;
+  SSL_in_init := nil;
+  SSL_in_before := nil;
+  SSL_is_init_finished := nil;
+  SSL_get_finished := nil;
+  SSL_get_peer_finished := nil;
+  BIO_f_ssl := nil;
+  BIO_new_ssl := nil;
+  BIO_new_ssl_connect := nil;
+  BIO_new_buffer_ssl_connect := nil;
+  BIO_ssl_copy_session_id := nil;
+  SSL_CTX_set_cipher_list := nil;
+  SSL_CTX_new := nil;
+  SSL_CTX_set_timeout := nil;
+  SSL_CTX_get_timeout := nil;
+  SSL_CTX_get_cert_store := nil;
+  SSL_want := nil;
+  SSL_clear := nil;
+  BIO_ssl_shutdown := nil;
+  SSL_CTX_up_ref := nil;
+  SSL_CTX_free := nil;
+  SSL_CTX_set_cert_store := nil;
+  SSL_CTX_set1_cert_store := nil;
+  SSL_CTX_flush_sessions := nil;
+  SSL_get_current_cipher := nil;
+  SSL_get_pending_cipher := nil;
+  SSL_CIPHER_get_bits := nil;
+  SSL_CIPHER_get_version := nil;
+  SSL_CIPHER_get_name := nil;
+  SSL_CIPHER_standard_name := nil;
+  OPENSSL_cipher_name := nil;
+  SSL_CIPHER_get_id := nil;
+  SSL_CIPHER_get_protocol_id := nil;
+  SSL_CIPHER_get_kx_nid := nil;
+  SSL_CIPHER_get_auth_nid := nil;
+  SSL_CIPHER_get_handshake_digest := nil;
+  SSL_CIPHER_is_aead := nil;
+  SSL_get_fd := nil;
+  SSL_get_rfd := nil;
+  SSL_get_wfd := nil;
+  SSL_get_cipher_list := nil;
+  SSL_get_shared_ciphers := nil;
+  SSL_get_read_ahead := nil;
+  SSL_pending := nil;
+  SSL_has_pending := nil;
+  SSL_set_fd := nil;
+  SSL_set_rfd := nil;
+  SSL_set_wfd := nil;
+  SSL_set0_rbio := nil;
+  SSL_set0_wbio := nil;
+  SSL_set_bio := nil;
+  SSL_get_rbio := nil;
+  SSL_get_wbio := nil;
+  SSL_set_cipher_list := nil;
+  SSL_CTX_set_ciphersuites := nil;
+  SSL_set_ciphersuites := nil;
+  SSL_get_verify_mode := nil;
+  SSL_get_verify_depth := nil;
+  SSL_get_verify_callback := nil;
+  SSL_set_read_ahead := nil;
+  SSL_set_verify := nil;
+  SSL_set_verify_depth := nil;
+  SSL_use_RSAPrivateKey := nil;
+  SSL_use_RSAPrivateKey_ASN1 := nil;
+  SSL_use_PrivateKey := nil;
+  SSL_use_PrivateKey_ASN1 := nil;
+  SSL_use_certificate := nil;
+  SSL_use_certificate_ASN1 := nil;
+  SSL_CTX_use_serverinfo := nil;
+  SSL_CTX_use_serverinfo_ex := nil;
+  SSL_CTX_use_serverinfo_file := nil;
+  SSL_use_RSAPrivateKey_file := nil;
+  SSL_use_PrivateKey_file := nil;
+  SSL_use_certificate_file := nil;
+  SSL_CTX_use_RSAPrivateKey_file := nil;
+  SSL_CTX_use_PrivateKey_file := nil;
+  SSL_CTX_use_certificate_file := nil;
+  SSL_CTX_use_certificate_chain_file := nil;
+  SSL_use_certificate_chain_file := nil;
+  SSL_state_string := nil;
+  SSL_rstate_string := nil;
+  SSL_state_string_long := nil;
+  SSL_rstate_string_long := nil;
+  SSL_SESSION_get_time := nil;
+  SSL_SESSION_set_time := nil;
+  SSL_SESSION_get_timeout := nil;
+  SSL_SESSION_set_timeout := nil;
+  SSL_SESSION_get_protocol_version := nil;
+  SSL_SESSION_set_protocol_version := nil;
+  SSL_SESSION_get0_hostname := nil;
+  SSL_SESSION_set1_hostname := nil;
+  SSL_SESSION_get0_alpn_selected := nil;
+  SSL_SESSION_set1_alpn_selected := nil;
+  SSL_SESSION_get0_cipher := nil;
+  SSL_SESSION_set_cipher := nil;
+  SSL_SESSION_has_ticket := nil;
+  SSL_SESSION_get_ticket_lifetime_hint := nil;
+  SSL_SESSION_get0_ticket := nil;
+  SSL_SESSION_get_max_early_data := nil;
+  SSL_SESSION_set_max_early_data := nil;
+  SSL_copy_session_id := nil;
+  SSL_SESSION_get0_peer := nil;
+  SSL_SESSION_set1_id_context := nil;
+  SSL_SESSION_set1_id := nil;
+  SSL_SESSION_is_resumable := nil;
+  SSL_SESSION_new := nil;
+  SSL_SESSION_dup := nil;
+  SSL_SESSION_get_id := nil;
+  SSL_SESSION_get0_id_context := nil;
+  SSL_SESSION_get_compress_id := nil;
+  SSL_SESSION_print := nil;
+  SSL_SESSION_print_keylog := nil;
+  SSL_SESSION_up_ref := nil;
+  SSL_SESSION_free := nil;
+  SSL_set_session := nil;
+  SSL_CTX_add_session := nil;
+  SSL_CTX_remove_session := nil;
+  SSL_CTX_set_generate_session_id := nil;
+  SSL_set_generate_session_id := nil;
+  SSL_has_matching_session_id := nil;
+  d2i_SSL_SESSION := nil;
+  SSL_get_peer_certificate := nil;
+  SSL_CTX_get_verify_mode := nil;
+  SSL_CTX_get_verify_depth := nil;
+  SSL_CTX_get_verify_callback := nil;
+  SSL_CTX_set_verify := nil;
+  SSL_CTX_set_verify_depth := nil;
+  SSL_CTX_set_cert_verify_callback := nil;
+  SSL_CTX_set_cert_cb := nil;
+  SSL_CTX_use_RSAPrivateKey := nil;
+  SSL_CTX_use_RSAPrivateKey_ASN1 := nil;
+  SSL_CTX_use_PrivateKey := nil;
+  SSL_CTX_use_PrivateKey_ASN1 := nil;
+  SSL_CTX_use_certificate := nil;
+  SSL_CTX_use_certificate_ASN1 := nil;
+  SSL_CTX_set_default_passwd_cb := nil;
+  SSL_CTX_set_default_passwd_cb_userdata := nil;
+  SSL_CTX_get_default_passwd_cb := nil;
+  SSL_CTX_get_default_passwd_cb_userdata := nil;
+  SSL_set_default_passwd_cb := nil;
+  SSL_set_default_passwd_cb_userdata := nil;
+  SSL_get_default_passwd_cb := nil;
+  SSL_get_default_passwd_cb_userdata := nil;
+  SSL_CTX_check_private_key := nil;
+  SSL_check_private_key := nil;
+  SSL_CTX_set_session_id_context := nil;
+  SSL_new := nil;
+  SSL_up_ref := nil;
+  SSL_is_dtls := nil;
+  SSL_set_session_id_context := nil;
+  SSL_CTX_set_purpose := nil;
+  SSL_set_purpose := nil;
+  SSL_CTX_set_trust := nil;
+  SSL_set_trust := nil;
+  SSL_set1_host := nil;
+  SSL_add1_host := nil;
+  SSL_get0_peername := nil;
+  SSL_set_hostflags := nil;
+  SSL_CTX_dane_enable := nil;
+  SSL_CTX_dane_mtype_set := nil;
+  SSL_dane_enable := nil;
+  SSL_dane_tlsa_add := nil;
+  SSL_get0_dane_authority := nil;
+  SSL_get0_dane_tlsa := nil;
+  SSL_get0_dane := nil;
+  SSL_CTX_dane_set_flags := nil;
+  SSL_CTX_dane_clear_flags := nil;
+  SSL_dane_set_flags := nil;
+  SSL_dane_clear_flags := nil;
+  SSL_CTX_set1_param := nil;
+  SSL_set1_param := nil;
+  SSL_CTX_get0_param := nil;
+  SSL_get0_param := nil;
+  SSL_CTX_set_srp_username := nil;
+  SSL_CTX_set_srp_password := nil;
+  SSL_CTX_set_srp_strength := nil;
+  SSL_CTX_set_srp_client_pwd_callback := nil;
+  SSL_CTX_set_srp_verify_param_callback := nil;
+  SSL_CTX_set_srp_username_callback := nil;
+  SSL_CTX_set_srp_cb_arg := nil;
+  SSL_set_srp_server_param := nil;
+  SSL_set_srp_server_param_pw := nil;
+  SSL_CTX_set_client_hello_cb := nil;
+  SSL_client_hello_isv2 := nil;
+  SSL_client_hello_get0_legacy_version := nil;
+  SSL_client_hello_get0_random := nil;
+  SSL_client_hello_get0_session_id := nil;
+  SSL_client_hello_get0_ciphers := nil;
+  SSL_client_hello_get0_compression_methods := nil;
+  SSL_client_hello_get1_extensions_present := nil;
+  SSL_client_hello_get0_ext := nil;
+  SSL_certs_clear := nil;
+  SSL_free := nil;
+  SSL_waiting_for_async := nil;
+  SSL_get_all_async_fds := nil;
+  SSL_get_changed_async_fds := nil;
+  SSL_accept := nil;
+  SSL_stateless := nil;
+  SSL_connect := nil;
+  SSL_read := nil;
+  SSL_read_ex := nil;
+  SSL_read_early_data := nil;
+  SSL_peek := nil;
+  SSL_peek_ex := nil;
+  SSL_write := nil;
+  SSL_write_ex := nil;
+  SSL_write_early_data := nil;
+  SSL_callback_ctrl := nil;
+  SSL_ctrl := nil;
+  SSL_CTX_ctrl := nil;
+  SSL_CTX_callback_ctrl := nil;
+  SSL_get_early_data_status := nil;
+  SSL_get_error := nil;
+  SSL_get_version := nil;
+  SSL_CTX_set_ssl_version := nil;
+  TLS_method := nil;
+  TLS_server_method := nil;
+  TLS_client_method := nil;
+  SSL_key_update := nil;
+  SSL_get_key_update_type := nil;
+  SSL_renegotiate := nil;
+  SSL_renegotiate_abbreviated := nil;
+  SSL_shutdown := nil;
+  SSL_CTX_set_post_handshake_auth := nil;
+  SSL_set_post_handshake_auth := nil;
+  SSL_renegotiate_pending := nil;
+  SSL_verify_client_post_handshake := nil;
+  SSL_CTX_get_ssl_method := nil;
+  SSL_get_ssl_method := nil;
+  SSL_set_ssl_method := nil;
+  SSL_alert_type_string_long := nil;
+  SSL_alert_type_string := nil;
+  SSL_alert_desc_string_long := nil;
+  SSL_alert_desc_string := nil;
+  SSL_add_client_CA := nil;
+  SSL_CTX_add_client_CA := nil;
+  SSL_set_connect_state := nil;
+  SSL_set_accept_state := nil;
+  SSL_dup := nil;
+  SSL_get_certificate := nil;
+  SSL_get_privatekey := nil;
+  SSL_CTX_get0_certificate := nil;
+  SSL_CTX_get0_privatekey := nil;
+  SSL_CTX_set_quiet_shutdown := nil;
+  SSL_CTX_get_quiet_shutdown := nil;
+  SSL_set_quiet_shutdown := nil;
+  SSL_get_quiet_shutdown := nil;
+  SSL_set_shutdown := nil;
+  SSL_get_shutdown := nil;
+  SSL_version := nil;
+  SSL_client_version := nil;
+  SSL_CTX_set_default_verify_paths := nil;
+  SSL_CTX_set_default_verify_dir := nil;
+  SSL_CTX_set_default_verify_file := nil;
+  SSL_CTX_load_verify_locations := nil;
+  SSL_get_session := nil;
+  SSL_get1_session := nil;
+  SSL_get_SSL_CTX := nil;
+  SSL_set_SSL_CTX := nil;
+  SSL_set_info_callback := nil;
+  SSL_get_info_callback := nil;
+  SSL_get_state := nil;
+  SSL_set_verify_result := nil;
+  SSL_get_verify_result := nil;
+  SSL_get_client_random := nil;
+  SSL_get_server_random := nil;
+  SSL_SESSION_get_master_key := nil;
+  SSL_SESSION_set1_master_key := nil;
+  SSL_SESSION_get_max_fragment_length := nil;
+  SSL_set_ex_data := nil;
+  SSL_get_ex_data := nil;
+  SSL_SESSION_set_ex_data := nil;
+  SSL_SESSION_get_ex_data := nil;
+  SSL_CTX_set_ex_data := nil;
+  SSL_CTX_get_ex_data := nil;
+  SSL_get_ex_data_X509_STORE_CTX_idx := nil;
+  SSL_CTX_set_default_read_buffer_len := nil;
+  SSL_set_default_read_buffer_len := nil;
+  SSL_CTX_set_tmp_dh_callback := nil;
+  SSL_set_tmp_dh_callback := nil;
+  SSL_CIPHER_find := nil;
+  SSL_CIPHER_get_cipher_nid := nil;
+  SSL_CIPHER_get_digest_nid := nil;
+  SSL_set_session_ticket_ext := nil;
+  SSL_set_session_ticket_ext_cb := nil;
+  SSL_CTX_set_not_resumable_session_callback := nil;
+  SSL_set_not_resumable_session_callback := nil;
+  SSL_CTX_set_record_padding_callback := nil;
+  SSL_CTX_set_record_padding_callback_arg := nil;
+  SSL_CTX_get_record_padding_callback_arg := nil;
+  SSL_CTX_set_block_padding := nil;
+  SSL_set_record_padding_callback := nil;
+  SSL_set_record_padding_callback_arg := nil;
+  SSL_get_record_padding_callback_arg := nil;
+  SSL_set_block_padding := nil;
+  SSL_set_num_tickets := nil;
+  SSL_get_num_tickets := nil;
+  SSL_CTX_set_num_tickets := nil;
+  SSL_CTX_get_num_tickets := nil;
+  SSL_session_reused := nil;
+  SSL_is_server := nil;
+  SSL_CONF_CTX_new := nil;
+  SSL_CONF_CTX_finish := nil;
+  SSL_CONF_CTX_free := nil;
+  SSL_CONF_CTX_set_flags := nil;
+  SSL_CONF_CTX_clear_flags := nil;
+  SSL_CONF_CTX_set1_prefix := nil;
+  SSL_CONF_cmd := nil;
+  SSL_CONF_cmd_argv := nil;
+  SSL_CONF_cmd_value_type := nil;
+  SSL_CONF_CTX_set_ssl := nil;
+  SSL_CONF_CTX_set_ssl_ctx := nil;
+  SSL_add_ssl_module := nil;
+  SSL_config := nil;
+  SSL_CTX_config := nil;
+  SSL_trace := nil;
+  DTLSv1_listen := nil;
+  SSL_enable_ct := nil;
+  SSL_CTX_enable_ct := nil;
+  SSL_ct_is_enabled := nil;
+  SSL_CTX_ct_is_enabled := nil;
+  SSL_CTX_set_default_ctlog_list_file := nil;
+  SSL_CTX_set_ctlog_list_file := nil;
+  SSL_CTX_set0_ctlog_store := nil;
+  SSL_set_security_level := nil;
+  SSL_set_security_callback := nil;
+  SSL_get_security_callback := nil;
+  SSL_set0_security_ex_data := nil;
+  SSL_get0_security_ex_data := nil;
+  SSL_CTX_set_security_level := nil;
+  SSL_CTX_get_security_level := nil;
+  SSL_CTX_get0_security_ex_data := nil;
+  SSL_CTX_set0_security_ex_data := nil;
+  OPENSSL_init_ssl := nil;
+  SSL_free_buffers := nil;
+  SSL_alloc_buffers := nil;
+  SSL_CTX_set_session_ticket_cb := nil;
+  SSL_SESSION_set1_ticket_appdata := nil;
+  SSL_SESSION_get0_ticket_appdata := nil;
+  DTLS_set_timer_cb := nil;
+  SSL_CTX_set_allow_early_data_cb := nil;
+  SSL_set_allow_early_data_cb := nil;
+end;
+{$ENDREGION}
+
+
+{$REGION 'C compiler macros'}
+
+//# define SSL_CTX_set_mode(ctx,op)      SSL_CTX_ctrl((ctx),SSL_CTRL_MODE,(op),NULL)
+function SSL_CTX_set_mode(ctx: PSSL_CTX; op: TIdC_LONG): TIdC_LONG;
+
+begin
+
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_MODE, op, nil);
+end;
+
+
+//# define SSL_CTX_clear_mode(ctx,op)   SSL_CTX_ctrl((ctx),SSL_CTRL_CLEAR_MODE,(op),NULL)
+function SSL_CTX_clear_mode(ctx: PSSL_CTX; op: TIdC_LONG): TIdC_LONG;
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_CLEAR_MODE, op, nil);
+end;
+
+//# define SSL_CTX_sess_set_cache_size(ctx,t)         SSL_CTX_ctrl(ctx,SSL_CTRL_SET_SESS_CACHE_SIZE,t,NULL)
+function SSL_CTX_sess_set_cache_size(ctx: PSSL_CTX; t: TIdC_LONG): TIdC_LONG;
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_SET_SESS_CACHE_SIZE, t, nil);
+end;
+
+//# define SSL_CTX_sess_get_cache_size(ctx)           SSL_CTX_ctrl(ctx,SSL_CTRL_GET_SESS_CACHE_SIZE,0,NULL)
+function SSL_CTX_sess_get_cache_size(ctx: PSSL_CTX): TIdC_LONG;
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_GET_SESS_CACHE_SIZE, 0, nil);
+end;
+
+//# define SSL_CTX_set_session_cache_mode(ctx,m)      SSL_CTX_ctrl(ctx,SSL_CTRL_SET_SESS_CACHE_MODE,m,NULL)
+function SSL_CTX_set_session_cache_mode(ctx: PSSL_CTX; m: TIdC_LONG): TIdC_LONG;
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_SET_SESS_CACHE_MODE, m, nil);
+end;
+
+//# define SSL_CTX_get_session_cache_mode(ctx)        SSL_CTX_ctrl(ctx,SSL_CTRL_GET_SESS_CACHE_MODE,0,NULL)
+function SSL_CTX_get_session_cache_mode(ctx: PSSL_CTX): TIdC_LONG;
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_GET_SESS_CACHE_MODE, 0, nil);
+end;
+
+//# define SSL_num_renegotiations(ssl)                       SSL_ctrl((ssl),SSL_CTRL_GET_NUM_RENEGOTIATIONS,0,NULL)
+function SSL_num_renegotiations(ssl: PSSL): TIdC_LONG;
+begin
+  Result := SSL_ctrl(ssl, SSL_CTRL_GET_NUM_RENEGOTIATIONS, 0, nil);
+end;
+
+//# define SSL_clear_num_renegotiations(ssl)                 SSL_ctrl((ssl),SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS,0,NULL)
+function SSL_clear_num_renegotiations(ssl: PSSL): TIdC_LONG;
+begin
+  Result := SSL_ctrl(ssl, SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS, 0, nil);
+end;
+
+//# define SSL_total_renegotiations(ssl)                     SSL_ctrl((ssl),SSL_CTRL_GET_TOTAL_RENEGOTIATIONS,0,NULL)
+function SSL_total_renegotiations(ssl: PSSL): TIdC_LONG;
+begin
+  Result := SSL_ctrl(ssl, SSL_CTRL_GET_TOTAL_RENEGOTIATIONS, 0, nil);
+end;
+
+//# define SSL_CTX_set_tmp_dh(ctx,dh)                        SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_DH,0,(char *)(dh))
+function SSL_CTX_set_tmp_dh(ctx: PSSL_CTX; dh: PByte): TIdC_LONG;
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_SET_TMP_DH, 0, dh);
+end;
+
+//# define SSL_CTX_set_tmp_ecdh(ctx,ecdh)                    SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_ECDH,0,(char *)(ecdh))
+function SSL_CTX_set_tmp_ecdh(ctx: PSSL_CTX; ecdh: PByte): TIdC_LONG;
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_SET_TMP_ECDH, 0, ecdh);
+end;
+
+//# define SSL_CTX_set_dh_auto(ctx, onoff)                   SSL_CTX_ctrl(ctx,SSL_CTRL_SET_DH_AUTO,onoff,NULL)
+function SSL_CTX_set_dh_auto(ctx: PSSL_CTX; onoff: TIdC_LONG): TIdC_LONG;
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_SET_DH_AUTO, onoff, nil);
+end;
+
+//# define SSL_set_dh_auto(s, onoff)                         SSL_ctrl(s,SSL_CTRL_SET_DH_AUTO,onoff,NULL)
+function SSL_set_dh_auto(s: PSSL; onoff: TIdC_LONG): TIdC_LONG;
+begin
+  Result := SSL_ctrl(s, SSL_CTRL_SET_DH_AUTO, onoff, nil);
+end;
+
+//# define SSL_set_tmp_dh(ssl,dh)                            SSL_ctrl(ssl,SSL_CTRL_SET_TMP_DH,0,(char *)(dh))
+function SSL_set_tmp_dh(ssl: PSSL; dh: PByte): TIdC_LONG;
+begin
+  Result := SSL_ctrl(ssl, SSL_CTRL_SET_TMP_DH, 0, dh);
+end;
+
+//# define SSL_set_tmp_ecdh(ssl,ecdh)                        SSL_ctrl(ssl,SSL_CTRL_SET_TMP_ECDH,0,(char *)(ecdh))
+function SSL_set_tmp_ecdh(ssl: PSSL; ecdh: PByte): TIdC_LONG;
+begin
+  Result := SSL_ctrl(ssl, SSL_CTRL_SET_TMP_ECDH, 0, ecdh);
+end;
+
+//# define SSL_CTX_add_extra_chain_cert(ctx,x509)            SSL_CTX_ctrl(ctx,SSL_CTRL_EXTRA_CHAIN_CERT,0,(char *)(x509))
+function SSL_CTX_add_extra_chain_cert(ctx: PSSL_CTX; x509: PByte): TIdC_LONG;
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_EXTRA_CHAIN_CERT, 0, x509);
+end;
+
+//# define SSL_CTX_get_extra_chain_certs(ctx,px509)          SSL_CTX_ctrl(ctx,SSL_CTRL_GET_EXTRA_CHAIN_CERTS,0,px509)
+function SSL_CTX_get_extra_chain_certs(ctx: PSSL_CTX; px509: Pointer): TIdC_LONG;
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_GET_EXTRA_CHAIN_CERTS, 0, px509);
+end;
+
+//# define SSL_CTX_get_extra_chain_certs_only(ctx,px509)     SSL_CTX_ctrl(ctx,SSL_CTRL_GET_EXTRA_CHAIN_CERTS,1,px509)
+function SSL_CTX_get_extra_chain_certs_only(ctx: PSSL_CTX; px509: Pointer): TIdC_LONG;
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_GET_EXTRA_CHAIN_CERTS, 1, px509);
+end;
+
+//# define SSL_CTX_clear_extra_chain_certs(ctx)              SSL_CTX_ctrl(ctx,SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS,0,NULL)
+function SSL_CTX_clear_extra_chain_certs(ctx: PSSL_CTX): TIdC_LONG;
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS, 0, nil);
+end;
+
+//# define SSL_CTX_set0_chain(ctx,sk)                        SSL_CTX_ctrl(ctx,SSL_CTRL_CHAIN,0,(char *)(sk))
+function SSL_CTX_set0_chain(ctx: PSSL_CTX; sk: PByte): TIdC_LONG;
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_CHAIN, 0, sk);
+end;
+
+//# define SSL_CTX_set1_chain(ctx,sk)                        SSL_CTX_ctrl(ctx,SSL_CTRL_CHAIN,1,(char *)(sk))
+function SSL_CTX_set1_chain(ctx: PSSL_CTX; sk: PByte): TIdC_LONG;
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_CHAIN, 1, sk);
+end;
+
+//# define SSL_CTX_add0_chain_cert(ctx,x509)                 SSL_CTX_ctrl(ctx,SSL_CTRL_CHAIN_CERT,0,(char *)(x509))
+function SSL_CTX_add0_chain_cert(ctx: PSSL_CTX; x509: PByte): TIdC_LONG;
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_CHAIN_CERT, 0, x509);
+end;
+
+//# define SSL_CTX_add1_chain_cert(ctx,x509)                 SSL_CTX_ctrl(ctx,SSL_CTRL_CHAIN_CERT,1,(char *)(x509))
+function SSL_CTX_add1_chain_cert(ctx: PSSL_CTX; x509: PByte): TIdC_LONG;
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_CHAIN_CERT, 1, x509);
+end;
+
+//# define SSL_CTX_get0_chain_certs(ctx,px509)               SSL_CTX_ctrl(ctx,SSL_CTRL_GET_CHAIN_CERTS,0,px509)
+function SSL_CTX_get0_chain_certs(ctx: PSSL_CTX; px509: Pointer): TIdC_LONG;
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_GET_CHAIN_CERTS, 0, px509);
+end;
+
+//# define SSL_CTX_clear_chain_certs(ctx)                    SSL_CTX_set0_chain(ctx,NULL)
+function SSL_CTX_clear_chain_certs(ctx: PSSL_CTX): TIdC_LONG;
+begin
+  Result := SSL_CTX_set0_chain(ctx, nil);
+end;
+
+//# define SSL_CTX_build_cert_chain(ctx, flags)              SSL_CTX_ctrl(ctx,SSL_CTRL_BUILD_CERT_CHAIN, flags, NULL)
+function SSL_CTX_build_cert_chain(ctx: PSSL_CTX; flags: TIdC_LONG): TIdC_LONG;
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_BUILD_CERT_CHAIN, flags, nil);
+end;
+
+//# define SSL_CTX_select_current_cert(ctx,x509)             SSL_CTX_ctrl(ctx,SSL_CTRL_SELECT_CURRENT_CERT,0,(char *)(x509))
+function SSL_CTX_select_current_cert(ctx: PSSL_CTX; x509: PByte): TIdC_LONG;
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_SELECT_CURRENT_CERT, 0, x509);
+end;
+
+//# define SSL_CTX_set_current_cert(ctx, op)                 SSL_CTX_ctrl(ctx,SSL_CTRL_SET_CURRENT_CERT, op, NULL)
+function SSL_CTX_set_current_cert(ctx: PSSL_CTX; op: TIdC_LONG): TIdC_LONG;
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_SET_CURRENT_CERT, op, nil);
+end;
+
+//# define SSL_CTX_set0_verify_cert_store(ctx,st)            SSL_CTX_ctrl(ctx,SSL_CTRL_SET_VERIFY_CERT_STORE,0,(char *)(st))
+function SSL_CTX_set0_verify_cert_store(ctx: PSSL_CTX; st: Pointer): TIdC_LONG;
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_SET_VERIFY_CERT_STORE, 0, st);
+end;
+
+//# define SSL_CTX_set1_verify_cert_store(ctx,st)            SSL_CTX_ctrl(ctx,SSL_CTRL_SET_VERIFY_CERT_STORE,1,(char *)(st))
+function SSL_CTX_set1_verify_cert_store(ctx: PSSL_CTX; st: Pointer): TIdC_LONG;
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_SET_VERIFY_CERT_STORE, 1, st);
+end;
+
+//# define SSL_CTX_set0_chain_cert_store(ctx,st)             SSL_CTX_ctrl(ctx,SSL_CTRL_SET_CHAIN_CERT_STORE,0,(char *)(st))
+function SSL_CTX_set0_chain_cert_store(ctx: PSSL_CTX; st: Pointer): TIdC_LONG;
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_SET_CHAIN_CERT_STORE, 0, st);
+end;
+
+//# define SSL_CTX_set1_chain_cert_store(ctx,st)             SSL_CTX_ctrl(ctx,SSL_CTRL_SET_CHAIN_CERT_STORE,1,(char *)(st))
+function SSL_CTX_set1_chain_cert_store(ctx: PSSL_CTX; st: Pointer): TIdC_LONG;
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_SET_CHAIN_CERT_STORE, 1, st);
+end;
+
+//# define SSL_set0_chain(s,sk)                              SSL_ctrl(s,SSL_CTRL_CHAIN,0,(char *)(sk))
+function SSL_set0_chain(s: PSSL; sk: PByte): TIdC_LONG;
+begin
+  Result := SSL_ctrl(s, SSL_CTRL_CHAIN, 0, sk);
+end;
+
+//# define SSL_set1_chain(s,sk)                              SSL_ctrl(s,SSL_CTRL_CHAIN,1,(char *)(sk))
+function SSL_set1_chain(s: PSSL; sk: PByte): TIdC_LONG;
+begin
+  Result := SSL_ctrl(s, SSL_CTRL_CHAIN, 1, sk);
+end;
+
+//# define SSL_add0_chain_cert(s,x509)                       SSL_ctrl(s,SSL_CTRL_CHAIN_CERT,0,(char *)(x509))
+function SSL_add0_chain_cert(s: PSSL; x509: PByte): TIdC_LONG;
+begin
+  Result := SSL_ctrl(s, SSL_CTRL_CHAIN_CERT, 0, x509);
+end;
+
+//# define SSL_add1_chain_cert(s,x509)                       SSL_ctrl(s,SSL_CTRL_CHAIN_CERT,1,(char *)(x509))
+function SSL_add1_chain_cert(s: PSSL; x509: PByte): TIdC_LONG;
+begin
+  Result := SSL_ctrl(s, SSL_CTRL_CHAIN_CERT, 1, x509);
+end;
+
+//# define SSL_get0_chain_certs(s,px509)                     SSL_ctrl(s,SSL_CTRL_GET_CHAIN_CERTS,0,px509)
+function SSL_get0_chain_certs(s: PSSL; px509: Pointer): TIdC_LONG;
+begin
+  Result := SSL_ctrl(s, SSL_CTRL_GET_CHAIN_CERTS, 0, px509);
+end;
+
+//# define SSL_clear_chain_certs(s)                          SSL_set0_chain(s,NULL)
+function SSL_clear_chain_certs(s: PSSL): TIdC_LONG;
+begin
+  Result := SSL_set0_chain(s, nil);
+end;
+
+//# define SSL_build_cert_chain(s, flags)                    SSL_ctrl(s,SSL_CTRL_BUILD_CERT_CHAIN, flags, NULL)
+function SSL_build_cert_chain(s: PSSL; flags: TIdC_LONG): TIdC_LONG;
+begin
+  Result := SSL_ctrl(s, SSL_CTRL_BUILD_CERT_CHAIN, flags, nil);
+end;
+
+//# define SSL_select_current_cert(s,x509)                   SSL_ctrl(s,SSL_CTRL_SELECT_CURRENT_CERT,0,(char *)(x509))
+function SSL_select_current_cert(s: PSSL; x509: PByte): TIdC_LONG;
+begin
+  Result := SSL_ctrl(s, SSL_CTRL_SELECT_CURRENT_CERT, 0, x509);
+end;
+
+//# define SSL_set_current_cert(s,op)                        SSL_ctrl(s,SSL_CTRL_SET_CURRENT_CERT, op, NULL)
+function SSL_set_current_cert(s: PSSL; op: TIdC_LONG): TIdC_LONG;
+begin
+  Result := SSL_ctrl(s, SSL_CTRL_SET_CURRENT_CERT, op, nil);
+end;
+
+//# define SSL_set0_verify_cert_store(s,st)                  SSL_ctrl(s,SSL_CTRL_SET_VERIFY_CERT_STORE,0,(char *)(st))
+function SSL_set0_verify_cert_store(s: PSSL; st: PByte): TIdC_LONG;
+begin
+  Result := SSL_ctrl(s, SSL_CTRL_SET_VERIFY_CERT_STORE, 0, st);
+end;
+
+//# define SSL_set1_verify_cert_store(s,st)                  SSL_ctrl(s,SSL_CTRL_SET_VERIFY_CERT_STORE,1,(char *)(st))
+function SSL_set1_verify_cert_store(s: PSSL; st: PByte): TIdC_LONG;
+begin
+  Result := SSL_ctrl(s, SSL_CTRL_SET_VERIFY_CERT_STORE, 1, st);
+end;
+
+//# define SSL_set0_chain_cert_store(s,st)                   SSL_ctrl(s,SSL_CTRL_SET_CHAIN_CERT_STORE,0,(char *)(st))
+function SSL_set0_chain_cert_store(s: PSSL; st: PByte): TIdC_LONG;
+begin
+  Result := SSL_ctrl(s, SSL_CTRL_SET_CHAIN_CERT_STORE, 0, st);
+end;
+
+//# define SSL_set1_chain_cert_store(s,st)                   SSL_ctrl(s,SSL_CTRL_SET_CHAIN_CERT_STORE,1,(char *)(st))
+function SSL_set1_chain_cert_store(s: PSSL; st: PByte): TIdC_LONG;
+begin
+  Result := SSL_ctrl(s, SSL_CTRL_SET_CHAIN_CERT_STORE, 1, st);
+end;
+
+//# define SSL_get1_groups(s, glist)                         SSL_ctrl(s,SSL_CTRL_GET_GROUPS,0,(TIdC_INT*)(glist))
+function SSL_get1_groups(s: PSSL; glist: PIdC_INT): TIdC_LONG;
+begin
+  Result := SSL_ctrl(s, SSL_CTRL_GET_GROUPS, 0, glist);
+end;
+
+//# define SSL_CTX_set1_groups(ctx, glist, glistlen)         SSL_CTX_ctrl(ctx,SSL_CTRL_SET_GROUPS,glistlen,(char *)(glist))
+function SSL_CTX_set1_groups(ctx: PSSL_CTX; glist: PByte; glistlen: TIdC_LONG): TIdC_LONG;
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_SET_GROUPS, glistlen, glist);
+end;
+
+//# define SSL_CTX_set1_groups_list(ctx, s)                  SSL_CTX_ctrl(ctx,SSL_CTRL_SET_GROUPS_LIST,0,(char *)(s))
+function SSL_CTX_set1_groups_list(ctx: PSSL_CTX; s: PByte): TIdC_LONG;
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_SET_GROUPS_LIST, 0, s);
+end;
+
+//# define SSL_set1_groups(s, glist, glistlen)               SSL_ctrl(s,SSL_CTRL_SET_GROUPS,glistlen,(char *)(glist))
+function SSL_set1_groups(s: PSSL; glist: PByte; glistlen: TIdC_LONG): TIdC_LONG;
+begin
+  Result := SSL_ctrl(s, SSL_CTRL_SET_GROUPS, glistlen, glist);
+end;
+
+//# define SSL_set1_groups_list(s, str)                      SSL_ctrl(s,SSL_CTRL_SET_GROUPS_LIST,0,(char *)(str))
+function SSL_set1_groups_list(s: PSSL; str: PByte): TIdC_LONG;
+begin
+  Result := SSL_ctrl(s, SSL_CTRL_SET_GROUPS_LIST, 0, str);
+end;
+
+//# define SSL_get_shared_group(s, n)                        SSL_ctrl(s,SSL_CTRL_GET_SHARED_GROUP,n,NULL)
+function SSL_get_shared_group(s: PSSL; n: TIdC_LONG): TIdC_LONG;
+begin
+  Result := SSL_ctrl(s, SSL_CTRL_GET_SHARED_GROUP, n, nil);
+end;
+
+//# define SSL_CTX_set1_sigalgs(ctx, slist, slistlen)        SSL_CTX_ctrl(ctx,SSL_CTRL_SET_SIGALGS,slistlen,(TIdC_INT *)(slist))
+function SSL_CTX_set1_sigalgs(ctx: PSSL_CTX; slist: PIdC_INT; slistlen: TIdC_LONG): TIdC_LONG;
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_SET_SIGALGS, slistlen, slist);
+end;
+
+//# define SSL_CTX_set1_sigalgs_list(ctx, s)                 SSL_CTX_ctrl(ctx,SSL_CTRL_SET_SIGALGS_LIST,0,(char *)(s))
+function SSL_CTX_set1_sigalgs_list(ctx: PSSL_CTX; s: PByte): TIdC_LONG;
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_SET_SIGALGS_LIST, 0, s);
+end;
+
+//# define SSL_set1_sigalgs(s, slist, slistlen)              SSL_ctrl(s,SSL_CTRL_SET_SIGALGS,slistlen,(TIdC_INT *)(slist))
+function SSL_set1_sigalgs(s: PSSL; slist: PIdC_INT; slistlen: TIdC_LONG): TIdC_LONG;
+begin
+  Result := SSL_ctrl(s, SSL_CTRL_SET_SIGALGS, slistlen, slist);
+end;
+
+//# define SSL_set1_sigalgs_list(s, str)                     SSL_ctrl(s,SSL_CTRL_SET_SIGALGS_LIST,0,(char *)(str))
+function SSL_set1_sigalgs_list(s: PSSL; str: PByte): TIdC_LONG;
+begin
+  Result := SSL_ctrl(s, SSL_CTRL_SET_SIGALGS_LIST, 0, str);
+end;
+
+//# define SSL_CTX_set1_client_sigalgs(ctx, slist, slistlen) SSL_CTX_ctrl(ctx,SSL_CTRL_SET_CLIENT_SIGALGS,slistlen,(TIdC_INT *)(slist))
+function SSL_CTX_set1_client_sigalgs(ctx: PSSL_CTX; slist: PIdC_INT; slistlen: TIdC_LONG): TIdC_LONG;
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_SET_CLIENT_SIGALGS, slistlen, slist);
+end;
+
+//# define SSL_CTX_set1_client_sigalgs_list(ctx, s)          SSL_CTX_ctrl(ctx,SSL_CTRL_SET_CLIENT_SIGALGS_LIST,0,(char *)(s))
+function SSL_CTX_set1_client_sigalgs_list(ctx: PSSL_CTX; s: PByte): TIdC_LONG;
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_SET_CLIENT_SIGALGS_LIST, 0, s);
+end;
+
+//# define SSL_set1_client_sigalgs(s, slist, slistlen)       SSL_ctrl(s,SSL_CTRL_SET_CLIENT_SIGALGS,slistlen,(TIdC_INT *)(slist))
+function SSL_set1_client_sigalgs(s: PSSL; slist: PIdC_INT; slistlen: TIdC_LONG): TIdC_LONG;
+begin
+  Result := SSL_ctrl(s, SSL_CTRL_SET_CLIENT_SIGALGS, slistlen, slist);
+end;
+
+//# define SSL_set1_client_sigalgs_list(s, str)              SSL_ctrl(s,SSL_CTRL_SET_CLIENT_SIGALGS_LIST,0,(char *)(str))
+function SSL_set1_client_sigalgs_list(s: PSSL; str: PByte): TIdC_LONG;
+begin
+  Result := SSL_ctrl(s, SSL_CTRL_SET_CLIENT_SIGALGS_LIST, 0, str);
+end;
+
+//# define SSL_get0_certificate_types(s, clist)              SSL_ctrl(s, SSL_CTRL_GET_CLIENT_CERT_TYPES, 0, (char *)(clist))
+function SSL_get0_certificate_types(s: PSSL; clist: PByte): TIdC_LONG;
+begin
+  Result := SSL_ctrl(s, SSL_CTRL_GET_CLIENT_CERT_TYPES, 0, clist);
+end;
+
+//# define SSL_CTX_set1_client_certificate_types(ctx, clist, clistlen)   SSL_CTX_ctrl(ctx,SSL_CTRL_SET_CLIENT_CERT_TYPES,clistlen, (char *)(clist))
+function SSL_CTX_set1_client_certificate_types(ctx: PSSL_CTX; clist: PByte; clistlen: TIdC_LONG): TIdC_LONG;
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_SET_CLIENT_CERT_TYPES, clistlen, clist);
+end;
+
+//# define SSL_set1_client_certificate_types(s, clist, clistlen)         SSL_ctrl(s,SSL_CTRL_SET_CLIENT_CERT_TYPES,clistlen,(char *)(clist))
+function SSL_set1_client_certificate_types(s: PSSL; clist: PByte; clistlen: TIdC_LONG): TIdC_LONG;
+begin
+  Result := SSL_ctrl(s, SSL_CTRL_SET_CLIENT_CERT_TYPES, clistlen, clist);
+end;
+
+//# define SSL_get_signature_nid(s, pn)                      SSL_ctrl(s,SSL_CTRL_GET_SIGNATURE_NID,0,pn)
+function SSL_get_signature_nid(s: PSSL; pn: Pointer): TIdC_LONG;
+begin
+  Result := SSL_ctrl(s, SSL_CTRL_GET_SIGNATURE_NID, 0, pn);
+end;
+
+//# define SSL_get_peer_signature_nid(s, pn)                 SSL_ctrl(s,SSL_CTRL_GET_PEER_SIGNATURE_NID,0,pn)
+function SSL_get_peer_signature_nid(s: PSSL; pn: Pointer): TIdC_LONG;
+begin
+  Result := SSL_ctrl(s, SSL_CTRL_GET_PEER_SIGNATURE_NID, 0, pn);
+end;
+
+//# define SSL_get_peer_tmp_key(s, pk)                       SSL_ctrl(s,SSL_CTRL_GET_PEER_TMP_KEY,0,pk)
+function SSL_get_peer_tmp_key(s: PSSL; pk: Pointer): TIdC_LONG;
+begin
+  Result := SSL_ctrl(s, SSL_CTRL_GET_PEER_TMP_KEY, 0, pk);
+end;
+
+//# define SSL_get_tmp_key(s, pk)                            SSL_ctrl(s,SSL_CTRL_GET_TMP_KEY,0,pk)
+function SSL_get_tmp_key(s: PSSL; pk: Pointer): TIdC_LONG;
+begin
+  Result := SSL_ctrl(s, SSL_CTRL_GET_TMP_KEY, 0, pk);
+end;
+
+//# define SSL_get0_raw_cipherlist(s, plst)                  SSL_ctrl(s,SSL_CTRL_GET_RAW_CIPHERLIST,0,plst)
+function SSL_get0_raw_cipherlist(s: PSSL; plst: Pointer): TIdC_LONG;
+begin
+  Result := SSL_ctrl(s, SSL_CTRL_GET_RAW_CIPHERLIST, 0, plst);
+end;
+
+//# define SSL_get0_ec_point_formats(s, plst)                SSL_ctrl(s,SSL_CTRL_GET_EC_POINT_FORMATS,0,plst)
+function SSL_get0_ec_point_formats(s: PSSL; plst: Pointer): TIdC_LONG;
+begin
+  Result := SSL_ctrl(s, SSL_CTRL_GET_EC_POINT_FORMATS, 0, plst);
+end;
+
+//# define SSL_CTX_set_min_proto_version(ctx, version)       SSL_CTX_ctrl(ctx, SSL_CTRL_SET_MIN_PROTO_VERSION, version, NULL)
+function SSL_CTX_set_min_proto_version(ctx: PSSL_CTX; version: TIdC_LONG): TIdC_LONG;
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_SET_MIN_PROTO_VERSION, version, nil);
+end;
+
+//# define SSL_CTX_set_max_proto_version(ctx, version)       SSL_CTX_ctrl(ctx, SSL_CTRL_SET_MAX_PROTO_VERSION, version, NULL)
+function SSL_CTX_set_max_proto_version(ctx: PSSL_CTX; version: TIdC_LONG): TIdC_LONG;
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_SET_MAX_PROTO_VERSION, version, nil);
+end;
+
+//# define SSL_CTX_get_min_proto_version(ctx)                SSL_CTX_ctrl(ctx, SSL_CTRL_GET_MIN_PROTO_VERSION, 0, NULL)
+function SSL_CTX_get_min_proto_version(ctx: PSSL_CTX): TIdC_LONG;
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_GET_MIN_PROTO_VERSION, 0, nil);
+end;
+
+//# define SSL_CTX_get_max_proto_version(ctx)                SSL_CTX_ctrl(ctx, SSL_CTRL_GET_MAX_PROTO_VERSION, 0, NULL)
+function SSL_CTX_get_max_proto_version(ctx: PSSL_CTX): TIdC_LONG;
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_GET_MAX_PROTO_VERSION, 0, nil);
+end;
+
+//# define SSL_set_min_proto_version(s, version)             SSL_ctrl(s, SSL_CTRL_SET_MIN_PROTO_VERSION, version, NULL)
+function SSL_set_min_proto_version(s: PSSL; version: TIdC_LONG): TIdC_LONG;
+begin
+  Result := SSL_ctrl(s, SSL_CTRL_SET_MIN_PROTO_VERSION, version, nil);
+end;
+
+//# define SSL_set_max_proto_version(s, version)             SSL_ctrl(s, SSL_CTRL_SET_MAX_PROTO_VERSION, version, NULL)
+function SSL_set_max_proto_version(s: PSSL; version: TIdC_LONG): TIdC_LONG;
+begin
+  Result := SSL_ctrl(s, SSL_CTRL_SET_MAX_PROTO_VERSION, version, nil);
+end;
+
+//# define SSL_get_min_proto_version(s)                      SSL_ctrl(s, SSL_CTRL_GET_MIN_PROTO_VERSION, 0, NULL)
+function SSL_get_min_proto_version(s: PSSL): TIdC_LONG;
+begin
+  Result := SSL_ctrl(s, SSL_CTRL_GET_MIN_PROTO_VERSION, 0, nil);
+end;
+
+//# define SSL_get_max_proto_version(s)                      SSL_ctrl(s, SSL_CTRL_GET_MAX_PROTO_VERSION, 0, NULL)
+function SSL_get_max_proto_version(s: PSSL): TIdC_LONG;
+begin
+  Result := SSL_ctrl(s, SSL_CTRL_GET_MAX_PROTO_VERSION, 0, nil);
+end;
+{$ENDREGION}
+
+end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ssl3.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ssl3.pas
new file mode 100644
index 000000000..1e1ce5546
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ssl3.pas
@@ -0,0 +1,332 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 15:01:04
+
+unit IdOpenSSLHeaders_ssl3;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// ssl3.h
+
+{$i IdCompilerDefines.inc}
+
+const
+  (*
+   * Signalling cipher suite value from RFC 5746
+   * (TLS_EMPTY_RENEGOTIATION_INFO_SCSV)
+   *)
+  SSL3_CK_SCSV = $030000FF;
+
+  (*
+  * Signalling cipher suite value from draft-ietf-tls-downgrade-scsv-00
+  * (TLS_FALLBACK_SCSV)
+  *)
+  SSL3_CK_FALLBACK_SCSV = $03005600;
+
+  SSL3_CK_RSA_NULL_MD5 = $03000001;
+  SSL3_CK_RSA_NULL_SHA = $03000002;
+  SSL3_CK_RSA_RC4_40_MD5 = $03000003;
+  SSL3_CK_RSA_RC4_128_MD5 = $03000004;
+  SSL3_CK_RSA_RC4_128_SHA = $03000005;
+  SSL3_CK_RSA_RC2_40_MD5 = $03000006;
+  SSL3_CK_RSA_IDEA_128_SHA = $03000007;
+  SSL3_CK_RSA_DES_40_CBC_SHA = $03000008;
+  SSL3_CK_RSA_DES_64_CBC_SHA = $03000009;
+  SSL3_CK_RSA_DES_192_CBC3_SHA = $0300000A;
+
+  SSL3_CK_DH_DSS_DES_40_CBC_SHA = $0300000B;
+  SSL3_CK_DH_DSS_DES_64_CBC_SHA = $0300000C;
+  SSL3_CK_DH_DSS_DES_192_CBC3_SHA = $0300000D;
+  SSL3_CK_DH_RSA_DES_40_CBC_SHA = $0300000E;
+  SSL3_CK_DH_RSA_DES_64_CBC_SHA = $0300000F;
+  SSL3_CK_DH_RSA_DES_192_CBC3_SHA = $03000010;
+
+  SSL3_CK_DHE_DSS_DES_40_CBC_SHA = $03000011;
+  SSL3_CK_EDH_DSS_DES_40_CBC_SHA = SSL3_CK_DHE_DSS_DES_40_CBC_SHA;
+  SSL3_CK_DHE_DSS_DES_64_CBC_SHA = $03000012;
+  SSL3_CK_EDH_DSS_DES_64_CBC_SHA = SSL3_CK_DHE_DSS_DES_64_CBC_SHA;
+  SSL3_CK_DHE_DSS_DES_192_CBC3_SHA = $03000013;
+  SSL3_CK_EDH_DSS_DES_192_CBC3_SHA = SSL3_CK_DHE_DSS_DES_192_CBC3_SHA;
+  SSL3_CK_DHE_RSA_DES_40_CBC_SHA = $03000014;
+  SSL3_CK_EDH_RSA_DES_40_CBC_SHA = SSL3_CK_DHE_RSA_DES_40_CBC_SHA;
+  SSL3_CK_DHE_RSA_DES_64_CBC_SHA = $03000015;
+  SSL3_CK_EDH_RSA_DES_64_CBC_SHA = SSL3_CK_DHE_RSA_DES_64_CBC_SHA;
+  SSL3_CK_DHE_RSA_DES_192_CBC3_SHA = $03000016;
+  SSL3_CK_EDH_RSA_DES_192_CBC3_SHA = SSL3_CK_DHE_RSA_DES_192_CBC3_SHA;
+
+  SSL3_CK_ADH_RC4_40_MD5 = $03000017;
+  SSL3_CK_ADH_RC4_128_MD5 = $03000018;
+  SSL3_CK_ADH_DES_40_CBC_SHA = $03000019;
+  SSL3_CK_ADH_DES_64_CBC_SHA = $0300001A;
+  SSL3_CK_ADH_DES_192_CBC_SHA = $0300001B;
+
+  (* a bundle of RFC standard cipher names, generated from ssl3_ciphers[] *)
+  SSL3_RFC_RSA_NULL_MD5 = 'TLS_RSA_WITH_NULL_MD5';
+  SSL3_RFC_RSA_NULL_SHA = 'TLS_RSA_WITH_NULL_SHA';
+  SSL3_RFC_RSA_DES_192_CBC3_SHA = 'TLS_RSA_WITH_3DES_EDE_CBC_SHA';
+  SSL3_RFC_DHE_DSS_DES_192_CBC3_SHA = 'TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA';
+  SSL3_RFC_DHE_RSA_DES_192_CBC3_SHA = 'TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA';
+  SSL3_RFC_ADH_DES_192_CBC_SHA = 'TLS_DH_anon_WITH_3DES_EDE_CBC_SHA';
+  SSL3_RFC_RSA_IDEA_128_SHA = 'TLS_RSA_WITH_IDEA_CBC_SHA';
+  SSL3_RFC_RSA_RC4_128_MD5 = 'TLS_RSA_WITH_RC4_128_MD5';
+  SSL3_RFC_RSA_RC4_128_SHA = 'TLS_RSA_WITH_RC4_128_SHA';
+  SSL3_RFC_ADH_RC4_128_MD5 = 'TLS_DH_anon_WITH_RC4_128_MD5';
+
+  SSL3_TXT_RSA_NULL_MD5 = 'NULL-MD5';
+  SSL3_TXT_RSA_NULL_SHA = 'NULL-SHA';
+  SSL3_TXT_RSA_RC4_40_MD5 = 'EXP-RC4-MD5';
+  SSL3_TXT_RSA_RC4_128_MD5 = 'RC4-MD5';
+  SSL3_TXT_RSA_RC4_128_SHA = 'RC4-SHA';
+  SSL3_TXT_RSA_RC2_40_MD5 = 'EXP-RC2-CBC-MD5';
+  SSL3_TXT_RSA_IDEA_128_SHA = 'IDEA-CBC-SHA';
+  SSL3_TXT_RSA_DES_40_CBC_SHA = 'EXP-DES-CBC-SHA';
+  SSL3_TXT_RSA_DES_64_CBC_SHA = 'DES-CBC-SHA';
+  SSL3_TXT_RSA_DES_192_CBC3_SHA = 'DES-CBC3-SHA';
+
+  SSL3_TXT_DH_DSS_DES_40_CBC_SHA = 'EXP-DH-DSS-DES-CBC-SHA';
+  SSL3_TXT_DH_DSS_DES_64_CBC_SHA = 'DH-DSS-DES-CBC-SHA';
+  SSL3_TXT_DH_DSS_DES_192_CBC3_SHA = 'DH-DSS-DES-CBC3-SHA';
+  SSL3_TXT_DH_RSA_DES_40_CBC_SHA = 'EXP-DH-RSA-DES-CBC-SHA';
+  SSL3_TXT_DH_RSA_DES_64_CBC_SHA = 'DH-RSA-DES-CBC-SHA';
+  SSL3_TXT_DH_RSA_DES_192_CBC3_SHA = 'DH-RSA-DES-CBC3-SHA';
+
+  SSL3_TXT_DHE_DSS_DES_40_CBC_SHA = 'EXP-DHE-DSS-DES-CBC-SHA';
+  SSL3_TXT_DHE_DSS_DES_64_CBC_SHA = 'DHE-DSS-DES-CBC-SHA';
+  SSL3_TXT_DHE_DSS_DES_192_CBC3_SHA = 'DHE-DSS-DES-CBC3-SHA';
+  SSL3_TXT_DHE_RSA_DES_40_CBC_SHA = 'EXP-DHE-RSA-DES-CBC-SHA';
+  SSL3_TXT_DHE_RSA_DES_64_CBC_SHA = 'DHE-RSA-DES-CBC-SHA';
+  SSL3_TXT_DHE_RSA_DES_192_CBC3_SHA = 'DHE-RSA-DES-CBC3-SHA';
+
+  (*
+   * This next block of six 'EDH' labels is for backward compatibility with
+   * older versions of OpenSSL.  New code should use the six 'DHE' labels above
+   * instead:
+   *)
+  SSL3_TXT_EDH_DSS_DES_40_CBC_SHA = 'EXP-EDH-DSS-DES-CBC-SHA';
+  SSL3_TXT_EDH_DSS_DES_64_CBC_SHA = 'EDH-DSS-DES-CBC-SHA';
+  SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA = 'EDH-DSS-DES-CBC3-SHA';
+  SSL3_TXT_EDH_RSA_DES_40_CBC_SHA = 'EXP-EDH-RSA-DES-CBC-SHA';
+  SSL3_TXT_EDH_RSA_DES_64_CBC_SHA = 'EDH-RSA-DES-CBC-SHA';
+  SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA = 'EDH-RSA-DES-CBC3-SHA';
+
+  SSL3_TXT_ADH_RC4_40_MD5 = 'EXP-ADH-RC4-MD5';
+  SSL3_TXT_ADH_RC4_128_MD5 = 'ADH-RC4-MD5';
+  SSL3_TXT_ADH_DES_40_CBC_SHA = 'EXP-ADH-DES-CBC-SHA';
+  SSL3_TXT_ADH_DES_64_CBC_SHA = 'ADH-DES-CBC-SHA';
+  SSL3_TXT_ADH_DES_192_CBC_SHA = 'ADH-DES-CBC3-SHA';
+
+  SSL3_SSL_SESSION_ID_LENGTH = 32;
+  SSL3_MAX_SSL_SESSION_ID_LENGTH = 32;
+
+  SSL3_MASTER_SECRET_SIZE = 48;
+  SSL3_RANDOM_SIZE = 32;
+  SSL3_SESSION_ID_SIZE = 32;
+  SSL3_RT_HEADER_LENGTH = 5;
+
+  SSL3_HM_HEADER_LENGTH = 4;
+
+  (*
+   * Some will argue that this increases memory footprint, but it's not
+   * actually true. Point is that malloc has to return at least 64-bit aligned
+   * pointers, meaning that allocating 5 bytes wastes 3 bytes in either case.
+   * Suggested pre-gaping simply moves these wasted bytes from the end of
+   * allocated region to its front, but makes data payload aligned, which
+   * improves performance:-)
+   *)
+  SSL3_ALIGN_PAYLOAD = 8;
+
+
+  (*
+   * This is the maximum MAC (digest) size used by the SSL library. Currently
+   * maximum of 20 is used by SHA1, but we reserve for future extension for
+   * 512-bit hashes.
+   *)
+  SSL3_RT_MAX_MD_SIZE = 64;
+
+  (*
+   * Maximum block size used in all ciphersuites. Currently 16 for AES.
+   *)
+  SSL_RT_MAX_CIPHER_BLOCK_SIZE = 16;
+  SSL3_RT_MAX_EXTRA = 16384;
+
+  (* Maximum plaintext length: defined by SSL/TLS standards *)
+  SSL3_RT_MAX_PLAIN_LENGTH = 16384;
+  (* Maximum compression overhead: defined by SSL/TLS standards *)
+  SSL3_RT_MAX_COMPRESSED_OVERHEAD = 1024;
+
+  (*
+   * The standards give a maximum encryption overhead of 1024 bytes. In
+   * practice the value is lower than this. The overhead is the maximum number
+   * of padding bytes (256) plus the mac size.
+   *)
+  SSL3_RT_MAX_ENCRYPTED_OVERHEAD = 256 + SSL3_RT_MAX_MD_SIZE;
+  SSL3_RT_MAX_TLS13_ENCRYPTED_OVERHEAD = 256;
+
+  (*
+   * OpenSSL currently only uses a padding length of at most one block so the
+   * send overhead is smaller.
+   *)
+  SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD = SSL_RT_MAX_CIPHER_BLOCK_SIZE + SSL3_RT_MAX_MD_SIZE;
+
+  (* If compression isn't used don't include the compression overhead *)
+  SSL3_RT_MAX_COMPRESSED_LENGTH = SSL3_RT_MAX_PLAIN_LENGTH;
+//  SSL3_RT_MAX_COMPRESSED_LENGTH = (SSL3_RT_MAX_PLAIN_LENGTH + SSL3_RT_MAX_COMPRESSED_OVERHEAD);
+
+  SSL3_RT_MAX_ENCRYPTED_LENGTH = SSL3_RT_MAX_ENCRYPTED_OVERHEAD + SSL3_RT_MAX_COMPRESSED_LENGTH;
+  SSL3_RT_MAX_TLS13_ENCRYPTED_LENGTH = SSL3_RT_MAX_PLAIN_LENGTH + SSL3_RT_MAX_TLS13_ENCRYPTED_OVERHEAD;
+  SSL3_RT_MAX_PACKET_SIZE = SSL3_RT_MAX_ENCRYPTED_LENGTH+SSL3_RT_HEADER_LENGTH;
+
+  SSL3_MD_CLIENT_FINISHED_= '\x43\x4C\x4E\x54';
+  SSL3_MD_SERVER_FINISHED_= '\x53\x52\x56\x52';
+
+  SSL3_VERSION = $0300;
+  SSL3_VERSION_MAJOR = $03;
+  SSL3_VERSION_MINOR = $00;
+
+  SSL3_RT_CHANGE_CIPHER_SPEC = 20;
+  SSL3_RT_ALERT = 21;
+  SSL3_RT_HANDSHAKE = 22;
+  SSL3_RT_APPLICATION_DATA = 23;
+  DTLS1_RT_HEARTBEAT = 24;
+
+  (* Pseudo content types to indicate additional parameters *)
+  TLS1_RT_CRYPTO = $1000;
+  TLS1_RT_CRYPTO_PREMASTER = TLS1_RT_CRYPTO or $1;
+  TLS1_RT_CRYPTO_CLIENT_RANDOM = TLS1_RT_CRYPTO or $2;
+  TLS1_RT_CRYPTO_SERVER_RANDOM = TLS1_RT_CRYPTO or $3;
+  TLS1_RT_CRYPTO_MASTER = TLS1_RT_CRYPTO or $4;
+
+  TLS1_RT_CRYPTO_READ = $0000;
+  TLS1_RT_CRYPTO_WRITE = $0100;
+  TLS1_RT_CRYPTO_MAC = TLS1_RT_CRYPTO or $5;
+  TLS1_RT_CRYPTO_KEY = TLS1_RT_CRYPTO or $6;
+  TLS1_RT_CRYPTO_IV = TLS1_RT_CRYPTO or $7;
+  TLS1_RT_CRYPTO_FIXED_IV = TLS1_RT_CRYPTO or $8;
+
+  (* Pseudo content types for SSL/TLS header info *)
+  SSL3_RT_HEADER = $100;
+  SSL3_RT_INNER_CONTENT_TYPE = $101;
+
+  SSL3_AL_WARNING = 1;
+  SSL3_AL_FATAL = 2;
+
+  SSL3_AD_CLOSE_NOTIFY = 0;
+  SSL3_AD_UNEXPECTED_MESSAGE = 10; (* fatal *)
+  SSL3_AD_BAD_RECORD_MAC = 20; (* fatal *)
+  SSL3_AD_DECOMPRESSION_FAILURE = 30; (* fatal *)
+  SSL3_AD_HANDSHAKE_FAILURE = 40; (* fatal *)
+  SSL3_AD_NO_CERTIFICATE = 41;
+  SSL3_AD_BAD_CERTIFICATE = 42;
+  SSL3_AD_UNSUPPORTED_CERTIFICATE = 43;
+  SSL3_AD_CERTIFICATE_REVOKED = 44;
+  SSL3_AD_CERTIFICATE_EXPIRED = 45;
+  SSL3_AD_CERTIFICATE_UNKNOWN = 46;
+  SSL3_AD_ILLEGAL_PARAMETER = 47; (* fatal *)
+
+  TLS1_HB_REQUEST = 1;
+  TLS1_HB_RESPONSE = 2;
+
+  SSL3_CT_RSA_SIGN = 1;
+  SSL3_CT_DSS_SIGN = 2;
+  SSL3_CT_RSA_FIXED_DH = 3;
+  SSL3_CT_DSS_FIXED_DH = 4;
+  SSL3_CT_RSA_EPHEMERAL_DH = 5;
+  SSL3_CT_DSS_EPHEMERAL_DH = 6;
+  SSL3_CT_FORTEZZA_DMS = 20;
+
+  (*
+   * SSL3_CT_NUMBER is used to size arrays and it must be large enough to
+   * contain all of the cert types defined for *either* SSLv3 and TLSv1.
+   *)
+  SSL3_CT_NUMBER = 10;
+
+  (* No longer used as of OpenSSL 1.1.1 *)
+  SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS = $0001;
+
+  (* Removed from OpenSSL 1.1.0 *)
+  TLS1_FLAGS_TLS_PADDING_BUG = $0;
+  TLS1_FLAGS_SKIP_CERT_VERIFY = $0010;
+
+  (* Set if we encrypt then mac instead of usual mac then encrypt *)
+  TLS1_FLAGS_ENCRYPT_THEN_MAC_READ = $0100;
+  TLS1_FLAGS_ENCRYPT_THEN_MAC = TLS1_FLAGS_ENCRYPT_THEN_MAC_READ;
+
+
+  (* Set if extended master secret extension received from peer *)
+  TLS1_FLAGS_RECEIVED_EXTMS = $0200;
+
+  TLS1_FLAGS_ENCRYPT_THEN_MAC_WRITE = $0400;
+
+  TLS1_FLAGS_STATELESS = $0800;
+
+  SSL3_MT_HELLO_REQUEST = 0;
+  SSL3_MT_CLIENT_HELLO = 1;
+  SSL3_MT_SERVER_HELLO = 2;
+  SSL3_MT_NEWSESSION_TICKET = 4;
+  SSL3_MT_END_OF_EARLY_DATA = 5;
+  SSL3_MT_ENCRYPTED_EXTENSIONS = 8;
+  SSL3_MT_CERTIFICATE = 11;
+  SSL3_MT_SERVER_KEY_EXCHANGE = 12;
+  SSL3_MT_CERTIFICATE_REQUEST = 13;
+  SSL3_MT_SERVER_DONE = 14;
+  SSL3_MT_CERTIFICATE_VERIFY = 15;
+  SSL3_MT_CLIENT_KEY_EXCHANGE = 16;
+  SSL3_MT_FINISHED = 20;
+  SSL3_MT_CERTIFICATE_URL = 21;
+  SSL3_MT_CERTIFICATE_STATUS = 22;
+  SSL3_MT_SUPPLEMENTAL_DATA = 23;
+  SSL3_MT_KEY_UPDATE = 24;
+  SSL3_MT_NEXT_PROTO = 67;
+  SSL3_MT_MESSAGE_HASH = 254;
+  DTLS1_MT_HELLO_VERIFY_REQUEST = 3;
+
+  (* Dummy message type for handling CCS like a normal handshake message *)
+  SSL3_MT_CHANGE_CIPHER_SPEC = $0101;
+
+  SSL3_MT_CCS = 1;
+
+  (* These are used when changing over to a new cipher *)
+  SSL3_CC_READ = $001;
+  SSL3_CC_WRITE = $002;
+  SSL3_CC_CLIENT = $010;
+  SSL3_CC_SERVER = $020;
+  SSL3_CC_EARLY = $040;
+  SSL3_CC_HANDSHAKE = $080;
+  SSL3_CC_APPLICATION = $100;
+  SSL3_CHANGE_CIPHER_CLIENT_WRITE = SSL3_CC_CLIENT or SSL3_CC_WRITE;
+  SSL3_CHANGE_CIPHER_SERVER_READ = SSL3_CC_SERVER or SSL3_CC_READ;
+  SSL3_CHANGE_CIPHER_CLIENT_READ = SSL3_CC_CLIENT or SSL3_CC_READ;
+  SSL3_CHANGE_CIPHER_SERVER_WRITE = SSL3_CC_SERVER or SSL3_CC_WRITE;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_sslerr.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_sslerr.pas
new file mode 100644
index 000000000..53029e008
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_sslerr.pas
@@ -0,0 +1,824 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 15:01:04
+
+unit IdOpenSSLHeaders_sslerr;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// sslerr.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  Classes,
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+(*
+ * SSL function codes.
+ *)
+const
+  SSL_F_ADD_CLIENT_KEY_SHARE_EXT = 438;
+  SSL_F_ADD_KEY_SHARE = 512;
+  SSL_F_BYTES_TO_CIPHER_LIST = 519;
+  SSL_F_CHECK_SUITEB_CIPHER_LIST = 331;
+  SSL_F_CIPHERSUITE_CB = 622;
+  SSL_F_CONSTRUCT_CA_NAMES = 552;
+  SSL_F_CONSTRUCT_KEY_EXCHANGE_TBS = 553;
+  SSL_F_CONSTRUCT_STATEFUL_TICKET = 636;
+  SSL_F_CONSTRUCT_STATELESS_TICKET = 637;
+  SSL_F_CREATE_SYNTHETIC_MESSAGE_HASH = 539;
+  SSL_F_CREATE_TICKET_PREQUEL = 638;
+  SSL_F_CT_MOVE_SCTS = 345;
+  SSL_F_CT_STRICT = 349;
+  SSL_F_CUSTOM_EXT_ADD = 554;
+  SSL_F_CUSTOM_EXT_PARSE = 555;
+  SSL_F_D2I_SSL_SESSION = 103;
+  SSL_F_DANE_CTX_ENABLE = 347;
+  SSL_F_DANE_MTYPE_SET = 393;
+  SSL_F_DANE_TLSA_ADD = 394;
+  SSL_F_DERIVE_SECRET_KEY_AND_IV = 514;
+  SSL_F_DO_DTLS1_WRITE = 245;
+  SSL_F_DO_SSL3_WRITE = 104;
+  SSL_F_DTLS1_BUFFER_RECORD = 247;
+  SSL_F_DTLS1_CHECK_TIMEOUT_NUM = 318;
+  SSL_F_DTLS1_HEARTBEAT = 305;
+  SSL_F_DTLS1_HM_FRAGMENT_NEW = 623;
+  SSL_F_DTLS1_PREPROCESS_FRAGMENT = 288;
+  SSL_F_DTLS1_PROCESS_BUFFERED_RECORDS = 424;
+  SSL_F_DTLS1_PROCESS_RECORD = 257;
+  SSL_F_DTLS1_READ_BYTES = 258;
+  SSL_F_DTLS1_READ_FAILED = 339;
+  SSL_F_DTLS1_RETRANSMIT_MESSAGE = 390;
+  SSL_F_DTLS1_WRITE_APP_DATA_BYTES = 268;
+  SSL_F_DTLS1_WRITE_BYTES = 545;
+  SSL_F_DTLSV1_LISTEN = 350;
+  SSL_F_DTLS_CONSTRUCT_CHANGE_CIPHER_SPEC = 371;
+  SSL_F_DTLS_CONSTRUCT_HELLO_VERIFY_REQUEST = 385;
+  SSL_F_DTLS_GET_REASSEMBLED_MESSAGE = 370;
+  SSL_F_DTLS_PROCESS_HELLO_VERIFY = 386;
+  SSL_F_DTLS_RECORD_LAYER_NEW = 635;
+  SSL_F_DTLS_WAIT_FOR_DRY = 592;
+  SSL_F_EARLY_DATA_COUNT_OK = 532;
+  SSL_F_FINAL_EARLY_DATA = 556;
+  SSL_F_FINAL_EC_PT_FORMATS = 485;
+  SSL_F_FINAL_EMS = 486;
+  SSL_F_FINAL_KEY_SHARE = 503;
+  SSL_F_FINAL_MAXFRAGMENTLEN = 557;
+  SSL_F_FINAL_RENEGOTIATE = 483;
+  SSL_F_FINAL_SERVER_NAME = 558;
+  SSL_F_FINAL_SIG_ALGS = 497;
+  SSL_F_GET_CERT_VERIFY_TBS_DATA = 588;
+  SSL_F_NSS_KEYLOG_INT = 500;
+  SSL_F_OPENSSL_INIT_SSL = 342;
+  SSL_F_OSSL_STATEM_CLIENT13_READ_TRANSITION = 436;
+  SSL_F_OSSL_STATEM_CLIENT13_WRITE_TRANSITION = 598;
+  SSL_F_OSSL_STATEM_CLIENT_CONSTRUCT_MESSAGE = 430;
+  SSL_F_OSSL_STATEM_CLIENT_POST_PROCESS_MESSAGE = 593;
+  SSL_F_OSSL_STATEM_CLIENT_PROCESS_MESSAGE = 594;
+  SSL_F_OSSL_STATEM_CLIENT_READ_TRANSITION = 417;
+  SSL_F_OSSL_STATEM_CLIENT_WRITE_TRANSITION = 599;
+  SSL_F_OSSL_STATEM_SERVER13_READ_TRANSITION = 437;
+  SSL_F_OSSL_STATEM_SERVER13_WRITE_TRANSITION = 600;
+  SSL_F_OSSL_STATEM_SERVER_CONSTRUCT_MESSAGE = 431;
+  SSL_F_OSSL_STATEM_SERVER_POST_PROCESS_MESSAGE = 601;
+  SSL_F_OSSL_STATEM_SERVER_POST_WORK = 602;
+  SSL_F_OSSL_STATEM_SERVER_PROCESS_MESSAGE = 603;
+  SSL_F_OSSL_STATEM_SERVER_READ_TRANSITION = 418;
+  SSL_F_OSSL_STATEM_SERVER_WRITE_TRANSITION = 604;
+  SSL_F_PARSE_CA_NAMES = 541;
+  SSL_F_PITEM_NEW = 624;
+  SSL_F_PQUEUE_NEW = 625;
+  SSL_F_PROCESS_KEY_SHARE_EXT = 439;
+  SSL_F_READ_STATE_MACHINE = 352;
+  SSL_F_SET_CLIENT_CIPHERSUITE = 540;
+  SSL_F_SRP_GENERATE_CLIENT_MASTER_SECRET = 595;
+  SSL_F_SRP_GENERATE_SERVER_MASTER_SECRET = 589;
+  SSL_F_SRP_VERIFY_SERVER_PARAM = 596;
+  SSL_F_SSL3_CHANGE_CIPHER_STATE = 129;
+  SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM = 130;
+  SSL_F_SSL3_CTRL = 213;
+  SSL_F_SSL3_CTX_CTRL = 133;
+  SSL_F_SSL3_DIGEST_CACHED_RECORDS = 293;
+  SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC = 292;
+  SSL_F_SSL3_ENC = 608;
+  SSL_F_SSL3_FINAL_FINISH_MAC = 285;
+  SSL_F_SSL3_FINISH_MAC = 587;
+  SSL_F_SSL3_GENERATE_KEY_BLOCK = 238;
+  SSL_F_SSL3_GENERATE_MASTER_SECRET = 388;
+  SSL_F_SSL3_GET_RECORD = 143;
+  SSL_F_SSL3_INIT_FINISHED_MAC = 397;
+  SSL_F_SSL3_OUTPUT_CERT_CHAIN = 147;
+  SSL_F_SSL3_READ_BYTES = 148;
+  SSL_F_SSL3_READ_N = 149;
+  SSL_F_SSL3_SETUP_KEY_BLOCK = 157;
+  SSL_F_SSL3_SETUP_READ_BUFFER = 156;
+  SSL_F_SSL3_SETUP_WRITE_BUFFER = 291;
+  SSL_F_SSL3_WRITE_BYTES = 158;
+  SSL_F_SSL3_WRITE_PENDING = 159;
+  SSL_F_SSL_ADD_CERT_CHAIN = 316;
+  SSL_F_SSL_ADD_CERT_TO_BUF = 319;
+  SSL_F_SSL_ADD_CERT_TO_WPACKET = 493;
+  SSL_F_SSL_ADD_CLIENTHELLO_RENEGOTIATE_EXT = 298;
+  SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT = 277;
+  SSL_F_SSL_ADD_CLIENTHELLO_USE_SRTP_EXT = 307;
+  SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK = 215;
+  SSL_F_SSL_ADD_FILE_CERT_SUBJECTS_TO_STACK = 216;
+  SSL_F_SSL_ADD_SERVERHELLO_RENEGOTIATE_EXT = 299;
+  SSL_F_SSL_ADD_SERVERHELLO_TLSEXT = 278;
+  SSL_F_SSL_ADD_SERVERHELLO_USE_SRTP_EXT = 308;
+  SSL_F_SSL_BAD_METHOD = 160;
+  SSL_F_SSL_BUILD_CERT_CHAIN = 332;
+  SSL_F_SSL_BYTES_TO_CIPHER_LIST = 161;
+  SSL_F_SSL_CACHE_CIPHERLIST = 520;
+  SSL_F_SSL_CERT_ADD0_CHAIN_CERT = 346;
+  SSL_F_SSL_CERT_DUP = 221;
+  SSL_F_SSL_CERT_NEW = 162;
+  SSL_F_SSL_CERT_SET0_CHAIN = 340;
+  SSL_F_SSL_CHECK_PRIVATE_KEY = 163;
+  SSL_F_SSL_CHECK_SERVERHELLO_TLSEXT = 280;
+  SSL_F_SSL_CHECK_SRP_EXT_CLIENTHELLO = 606;
+  SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG = 279;
+  SSL_F_SSL_CHOOSE_CLIENT_VERSION = 607;
+  SSL_F_SSL_CIPHER_DESCRIPTION = 626;
+  SSL_F_SSL_CIPHER_LIST_TO_BYTES = 425;
+  SSL_F_SSL_CIPHER_PROCESS_RULESTR = 230;
+  SSL_F_SSL_CIPHER_STRENGTH_SORT = 231;
+  SSL_F_SSL_CLEAR = 164;
+  SSL_F_SSL_CLIENT_HELLO_GET1_EXTENSIONS_PRESENT = 627;
+  SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD = 165;
+  SSL_F_SSL_CONF_CMD = 334;
+  SSL_F_SSL_CREATE_CIPHER_LIST = 166;
+  SSL_F_SSL_CTRL = 232;
+  SSL_F_SSL_CTX_CHECK_PRIVATE_KEY = 168;
+  SSL_F_SSL_CTX_ENABLE_CT = 398;
+  SSL_F_SSL_CTX_MAKE_PROFILES = 309;
+  SSL_F_SSL_CTX_NEW = 169;
+  SSL_F_SSL_CTX_SET_ALPN_PROTOS = 343;
+  SSL_F_SSL_CTX_SET_CIPHER_LIST = 269;
+  SSL_F_SSL_CTX_SET_CLIENT_CERT_ENGINE = 290;
+  SSL_F_SSL_CTX_SET_CT_VALIDATION_CALLBACK = 396;
+  SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT = 219;
+  SSL_F_SSL_CTX_SET_SSL_VERSION = 170;
+  SSL_F_SSL_CTX_SET_TLSEXT_MAX_FRAGMENT_LENGTH = 551;
+  SSL_F_SSL_CTX_USE_CERTIFICATE = 171;
+  SSL_F_SSL_CTX_USE_CERTIFICATE_ASN1 = 172;
+  SSL_F_SSL_CTX_USE_CERTIFICATE_FILE = 173;
+  SSL_F_SSL_CTX_USE_PRIVATEKEY = 174;
+  SSL_F_SSL_CTX_USE_PRIVATEKEY_ASN1 = 175;
+  SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE = 176;
+  SSL_F_SSL_CTX_USE_PSK_IDENTITY_HINT = 272;
+  SSL_F_SSL_CTX_USE_RSAPRIVATEKEY = 177;
+  SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_ASN1 = 178;
+  SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE = 179;
+  SSL_F_SSL_CTX_USE_SERVERINFO = 336;
+  SSL_F_SSL_CTX_USE_SERVERINFO_EX = 543;
+  SSL_F_SSL_CTX_USE_SERVERINFO_FILE = 337;
+  SSL_F_SSL_DANE_DUP = 403;
+  SSL_F_SSL_DANE_ENABLE = 395;
+  SSL_F_SSL_DERIVE = 590;
+  SSL_F_SSL_DO_CONFIG = 391;
+  SSL_F_SSL_DO_HANDSHAKE = 180;
+  SSL_F_SSL_DUP_CA_LIST = 408;
+  SSL_F_SSL_ENABLE_CT = 402;
+  SSL_F_SSL_GENERATE_PKEY_GROUP = 559;
+  SSL_F_SSL_GENERATE_SESSION_ID = 547;
+  SSL_F_SSL_GET_NEW_SESSION = 181;
+  SSL_F_SSL_GET_PREV_SESSION = 217;
+  SSL_F_SSL_GET_SERVER_CERT_INDEX = 322;
+  SSL_F_SSL_GET_SIGN_PKEY = 183;
+  SSL_F_SSL_HANDSHAKE_HASH = 560;
+  SSL_F_SSL_INIT_WBIO_BUFFER = 184;
+  SSL_F_SSL_KEY_UPDATE = 515;
+  SSL_F_SSL_LOAD_CLIENT_CA_FILE = 185;
+  SSL_F_SSL_LOG_MASTER_SECRET = 498;
+  SSL_F_SSL_LOG_RSA_CLIENT_KEY_EXCHANGE = 499;
+  SSL_F_SSL_MODULE_INIT = 392;
+  SSL_F_SSL_NEW = 186;
+  SSL_F_SSL_NEXT_PROTO_VALIDATE = 565;
+  SSL_F_SSL_PARSE_CLIENTHELLO_RENEGOTIATE_EXT = 300;
+  SSL_F_SSL_PARSE_CLIENTHELLO_TLSEXT = 302;
+  SSL_F_SSL_PARSE_CLIENTHELLO_USE_SRTP_EXT = 310;
+  SSL_F_SSL_PARSE_SERVERHELLO_RENEGOTIATE_EXT = 301;
+  SSL_F_SSL_PARSE_SERVERHELLO_TLSEXT = 303;
+  SSL_F_SSL_PARSE_SERVERHELLO_USE_SRTP_EXT = 311;
+  SSL_F_SSL_PEEK = 270;
+  SSL_F_SSL_PEEK_EX = 432;
+  SSL_F_SSL_PEEK_INTERNAL = 522;
+  SSL_F_SSL_READ = 223;
+  SSL_F_SSL_READ_EARLY_DATA = 529;
+  SSL_F_SSL_READ_EX = 434;
+  SSL_F_SSL_READ_INTERNAL = 523;
+  SSL_F_SSL_RENEGOTIATE = 516;
+  SSL_F_SSL_RENEGOTIATE_ABBREVIATED = 546;
+  SSL_F_SSL_SCAN_CLIENTHELLO_TLSEXT = 320;
+  SSL_F_SSL_SCAN_SERVERHELLO_TLSEXT = 321;
+  SSL_F_SSL_SESSION_DUP = 348;
+  SSL_F_SSL_SESSION_NEW = 189;
+  SSL_F_SSL_SESSION_PRINT_FP = 190;
+  SSL_F_SSL_SESSION_SET1_ID = 423;
+  SSL_F_SSL_SESSION_SET1_ID_CONTEXT = 312;
+  SSL_F_SSL_SET_ALPN_PROTOS = 344;
+  SSL_F_SSL_SET_CERT = 191;
+  SSL_F_SSL_SET_CERT_AND_KEY = 621;
+  SSL_F_SSL_SET_CIPHER_LIST = 271;
+  SSL_F_SSL_SET_CT_VALIDATION_CALLBACK = 399;
+  SSL_F_SSL_SET_FD = 192;
+  SSL_F_SSL_SET_PKEY = 193;
+  SSL_F_SSL_SET_RFD = 194;
+  SSL_F_SSL_SET_SESSION = 195;
+  SSL_F_SSL_SET_SESSION_ID_CONTEXT = 218;
+  SSL_F_SSL_SET_SESSION_TICKET_EXT = 294;
+  SSL_F_SSL_SET_TLSEXT_MAX_FRAGMENT_LENGTH = 550;
+  SSL_F_SSL_SET_WFD = 196;
+  SSL_F_SSL_SHUTDOWN = 224;
+  SSL_F_SSL_SRP_CTX_INIT = 313;
+  SSL_F_SSL_START_ASYNC_JOB = 389;
+  SSL_F_SSL_UNDEFINED_FUNCTION = 197;
+  SSL_F_SSL_UNDEFINED_VOID_FUNCTION = 244;
+  SSL_F_SSL_USE_CERTIFICATE = 198;
+  SSL_F_SSL_USE_CERTIFICATE_ASN1 = 199;
+  SSL_F_SSL_USE_CERTIFICATE_FILE = 200;
+  SSL_F_SSL_USE_PRIVATEKEY = 201;
+  SSL_F_SSL_USE_PRIVATEKEY_ASN1 = 202;
+  SSL_F_SSL_USE_PRIVATEKEY_FILE = 203;
+  SSL_F_SSL_USE_PSK_IDENTITY_HINT = 273;
+  SSL_F_SSL_USE_RSAPRIVATEKEY = 204;
+  SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1 = 205;
+  SSL_F_SSL_USE_RSAPRIVATEKEY_FILE = 206;
+  SSL_F_SSL_VALIDATE_CT = 400;
+  SSL_F_SSL_VERIFY_CERT_CHAIN = 207;
+  SSL_F_SSL_VERIFY_CLIENT_POST_HANDSHAKE = 616;
+  SSL_F_SSL_WRITE = 208;
+  SSL_F_SSL_WRITE_EARLY_DATA = 526;
+  SSL_F_SSL_WRITE_EARLY_FINISH = 527;
+  SSL_F_SSL_WRITE_EX = 433;
+  SSL_F_SSL_WRITE_INTERNAL = 524;
+  SSL_F_STATE_MACHINE = 353;
+  SSL_F_TLS12_CHECK_PEER_SIGALG = 333;
+  SSL_F_TLS12_COPY_SIGALGS = 533;
+  SSL_F_TLS13_CHANGE_CIPHER_STATE = 440;
+  SSL_F_TLS13_ENC = 609;
+  SSL_F_TLS13_FINAL_FINISH_MAC = 605;
+  SSL_F_TLS13_GENERATE_SECRET = 591;
+  SSL_F_TLS13_HKDF_EXPAND = 561;
+  SSL_F_TLS13_RESTORE_HANDSHAKE_DIGEST_FOR_PHA = 617;
+  SSL_F_TLS13_SAVE_HANDSHAKE_DIGEST_FOR_PHA = 618;
+  SSL_F_TLS13_SETUP_KEY_BLOCK = 441;
+  SSL_F_TLS1_CHANGE_CIPHER_STATE = 209;
+  SSL_F_TLS1_CHECK_DUPLICATE_EXTENSIONS = 341;
+  SSL_F_TLS1_ENC = 401;
+  SSL_F_TLS1_EXPORT_KEYING_MATERIAL = 314;
+  SSL_F_TLS1_GET_CURVELIST = 338;
+  SSL_F_TLS1_PRF = 284;
+  SSL_F_TLS1_SAVE_U16 = 628;
+  SSL_F_TLS1_SETUP_KEY_BLOCK = 211;
+  SSL_F_TLS1_SET_GROUPS = 629;
+  SSL_F_TLS1_SET_RAW_SIGALGS = 630;
+  SSL_F_TLS1_SET_SERVER_SIGALGS = 335;
+  SSL_F_TLS1_SET_SHARED_SIGALGS = 631;
+  SSL_F_TLS1_SET_SIGALGS = 632;
+  SSL_F_TLS_CHOOSE_SIGALG = 513;
+  SSL_F_TLS_CLIENT_KEY_EXCHANGE_POST_WORK = 354;
+  SSL_F_TLS_COLLECT_EXTENSIONS = 435;
+  SSL_F_TLS_CONSTRUCT_CERTIFICATE_AUTHORITIES = 542;
+  SSL_F_TLS_CONSTRUCT_CERTIFICATE_REQUEST = 372;
+  SSL_F_TLS_CONSTRUCT_CERT_STATUS = 429;
+  SSL_F_TLS_CONSTRUCT_CERT_STATUS_BODY = 494;
+  SSL_F_TLS_CONSTRUCT_CERT_VERIFY = 496;
+  SSL_F_TLS_CONSTRUCT_CHANGE_CIPHER_SPEC = 427;
+  SSL_F_TLS_CONSTRUCT_CKE_DHE = 404;
+  SSL_F_TLS_CONSTRUCT_CKE_ECDHE = 405;
+  SSL_F_TLS_CONSTRUCT_CKE_GOST = 406;
+  SSL_F_TLS_CONSTRUCT_CKE_PSK_PREAMBLE = 407;
+  SSL_F_TLS_CONSTRUCT_CKE_RSA = 409;
+  SSL_F_TLS_CONSTRUCT_CKE_SRP = 410;
+  SSL_F_TLS_CONSTRUCT_CLIENT_CERTIFICATE = 484;
+  SSL_F_TLS_CONSTRUCT_CLIENT_HELLO = 487;
+  SSL_F_TLS_CONSTRUCT_CLIENT_KEY_EXCHANGE = 488;
+  SSL_F_TLS_CONSTRUCT_CLIENT_VERIFY = 489;
+  SSL_F_TLS_CONSTRUCT_CTOS_ALPN = 466;
+  SSL_F_TLS_CONSTRUCT_CTOS_CERTIFICATE = 355;
+  SSL_F_TLS_CONSTRUCT_CTOS_COOKIE = 535;
+  SSL_F_TLS_CONSTRUCT_CTOS_EARLY_DATA = 530;
+  SSL_F_TLS_CONSTRUCT_CTOS_EC_PT_FORMATS = 467;
+  SSL_F_TLS_CONSTRUCT_CTOS_EMS = 468;
+  SSL_F_TLS_CONSTRUCT_CTOS_ETM = 469;
+  SSL_F_TLS_CONSTRUCT_CTOS_HELLO = 356;
+  SSL_F_TLS_CONSTRUCT_CTOS_KEY_EXCHANGE = 357;
+  SSL_F_TLS_CONSTRUCT_CTOS_KEY_SHARE = 470;
+  SSL_F_TLS_CONSTRUCT_CTOS_MAXFRAGMENTLEN = 549;
+  SSL_F_TLS_CONSTRUCT_CTOS_NPN = 471;
+  SSL_F_TLS_CONSTRUCT_CTOS_PADDING = 472;
+  SSL_F_TLS_CONSTRUCT_CTOS_POST_HANDSHAKE_AUTH = 619;
+  SSL_F_TLS_CONSTRUCT_CTOS_PSK = 501;
+  SSL_F_TLS_CONSTRUCT_CTOS_PSK_KEX_MODES = 509;
+  SSL_F_TLS_CONSTRUCT_CTOS_RENEGOTIATE = 473;
+  SSL_F_TLS_CONSTRUCT_CTOS_SCT = 474;
+  SSL_F_TLS_CONSTRUCT_CTOS_SERVER_NAME = 475;
+  SSL_F_TLS_CONSTRUCT_CTOS_SESSION_TICKET = 476;
+  SSL_F_TLS_CONSTRUCT_CTOS_SIG_ALGS = 477;
+  SSL_F_TLS_CONSTRUCT_CTOS_SRP = 478;
+  SSL_F_TLS_CONSTRUCT_CTOS_STATUS_REQUEST = 479;
+  SSL_F_TLS_CONSTRUCT_CTOS_SUPPORTED_GROUPS = 480;
+  SSL_F_TLS_CONSTRUCT_CTOS_SUPPORTED_VERSIONS = 481;
+  SSL_F_TLS_CONSTRUCT_CTOS_USE_SRTP = 482;
+  SSL_F_TLS_CONSTRUCT_CTOS_VERIFY = 358;
+  SSL_F_TLS_CONSTRUCT_ENCRYPTED_EXTENSIONS = 443;
+  SSL_F_TLS_CONSTRUCT_END_OF_EARLY_DATA = 536;
+  SSL_F_TLS_CONSTRUCT_EXTENSIONS = 447;
+  SSL_F_TLS_CONSTRUCT_FINISHED = 359;
+  SSL_F_TLS_CONSTRUCT_HELLO_REQUEST = 373;
+  SSL_F_TLS_CONSTRUCT_HELLO_RETRY_REQUEST = 510;
+  SSL_F_TLS_CONSTRUCT_KEY_UPDATE = 517;
+  SSL_F_TLS_CONSTRUCT_NEW_SESSION_TICKET = 428;
+  SSL_F_TLS_CONSTRUCT_NEXT_PROTO = 426;
+  SSL_F_TLS_CONSTRUCT_SERVER_CERTIFICATE = 490;
+  SSL_F_TLS_CONSTRUCT_SERVER_HELLO = 491;
+  SSL_F_TLS_CONSTRUCT_SERVER_KEY_EXCHANGE = 492;
+  SSL_F_TLS_CONSTRUCT_STOC_ALPN = 451;
+  SSL_F_TLS_CONSTRUCT_STOC_CERTIFICATE = 374;
+  SSL_F_TLS_CONSTRUCT_STOC_COOKIE = 613;
+  SSL_F_TLS_CONSTRUCT_STOC_CRYPTOPRO_BUG = 452;
+  SSL_F_TLS_CONSTRUCT_STOC_DONE = 375;
+  SSL_F_TLS_CONSTRUCT_STOC_EARLY_DATA = 531;
+  SSL_F_TLS_CONSTRUCT_STOC_EARLY_DATA_INFO = 525;
+  SSL_F_TLS_CONSTRUCT_STOC_EC_PT_FORMATS = 453;
+  SSL_F_TLS_CONSTRUCT_STOC_EMS = 454;
+  SSL_F_TLS_CONSTRUCT_STOC_ETM = 455;
+  SSL_F_TLS_CONSTRUCT_STOC_HELLO = 376;
+  SSL_F_TLS_CONSTRUCT_STOC_KEY_EXCHANGE = 377;
+  SSL_F_TLS_CONSTRUCT_STOC_KEY_SHARE = 456;
+  SSL_F_TLS_CONSTRUCT_STOC_MAXFRAGMENTLEN = 548;
+  SSL_F_TLS_CONSTRUCT_STOC_NEXT_PROTO_NEG = 457;
+  SSL_F_TLS_CONSTRUCT_STOC_PSK = 504;
+  SSL_F_TLS_CONSTRUCT_STOC_RENEGOTIATE = 458;
+  SSL_F_TLS_CONSTRUCT_STOC_SERVER_NAME = 459;
+  SSL_F_TLS_CONSTRUCT_STOC_SESSION_TICKET = 460;
+  SSL_F_TLS_CONSTRUCT_STOC_STATUS_REQUEST = 461;
+  SSL_F_TLS_CONSTRUCT_STOC_SUPPORTED_GROUPS = 544;
+  SSL_F_TLS_CONSTRUCT_STOC_SUPPORTED_VERSIONS = 611;
+  SSL_F_TLS_CONSTRUCT_STOC_USE_SRTP = 462;
+  SSL_F_TLS_EARLY_POST_PROCESS_CLIENT_HELLO = 521;
+  SSL_F_TLS_FINISH_HANDSHAKE = 597;
+  SSL_F_TLS_GET_MESSAGE_BODY = 351;
+  SSL_F_TLS_GET_MESSAGE_HEADER = 387;
+  SSL_F_TLS_HANDLE_ALPN = 562;
+  SSL_F_TLS_HANDLE_STATUS_REQUEST = 563;
+  SSL_F_TLS_PARSE_CERTIFICATE_AUTHORITIES = 566;
+  SSL_F_TLS_PARSE_CLIENTHELLO_TLSEXT = 449;
+  SSL_F_TLS_PARSE_CTOS_ALPN = 567;
+  SSL_F_TLS_PARSE_CTOS_COOKIE = 614;
+  SSL_F_TLS_PARSE_CTOS_EARLY_DATA = 568;
+  SSL_F_TLS_PARSE_CTOS_EC_PT_FORMATS = 569;
+  SSL_F_TLS_PARSE_CTOS_EMS = 570;
+  SSL_F_TLS_PARSE_CTOS_KEY_SHARE = 463;
+  SSL_F_TLS_PARSE_CTOS_MAXFRAGMENTLEN = 571;
+  SSL_F_TLS_PARSE_CTOS_POST_HANDSHAKE_AUTH = 620;
+  SSL_F_TLS_PARSE_CTOS_PSK = 505;
+  SSL_F_TLS_PARSE_CTOS_PSK_KEX_MODES = 572;
+  SSL_F_TLS_PARSE_CTOS_RENEGOTIATE = 464;
+  SSL_F_TLS_PARSE_CTOS_SERVER_NAME = 573;
+  SSL_F_TLS_PARSE_CTOS_SESSION_TICKET = 574;
+  SSL_F_TLS_PARSE_CTOS_SIG_ALGS = 575;
+  SSL_F_TLS_PARSE_CTOS_SIG_ALGS_CERT = 615;
+  SSL_F_TLS_PARSE_CTOS_SRP = 576;
+  SSL_F_TLS_PARSE_CTOS_STATUS_REQUEST = 577;
+  SSL_F_TLS_PARSE_CTOS_SUPPORTED_GROUPS = 578;
+  SSL_F_TLS_PARSE_CTOS_USE_SRTP = 465;
+  SSL_F_TLS_PARSE_STOC_ALPN = 579;
+  SSL_F_TLS_PARSE_STOC_COOKIE = 534;
+  SSL_F_TLS_PARSE_STOC_EARLY_DATA = 538;
+  SSL_F_TLS_PARSE_STOC_EARLY_DATA_INFO = 528;
+  SSL_F_TLS_PARSE_STOC_EC_PT_FORMATS = 580;
+  SSL_F_TLS_PARSE_STOC_KEY_SHARE = 445;
+  SSL_F_TLS_PARSE_STOC_MAXFRAGMENTLEN = 581;
+  SSL_F_TLS_PARSE_STOC_NPN = 582;
+  SSL_F_TLS_PARSE_STOC_PSK = 502;
+  SSL_F_TLS_PARSE_STOC_RENEGOTIATE = 448;
+  SSL_F_TLS_PARSE_STOC_SCT = 564;
+  SSL_F_TLS_PARSE_STOC_SERVER_NAME = 583;
+  SSL_F_TLS_PARSE_STOC_SESSION_TICKET = 584;
+  SSL_F_TLS_PARSE_STOC_STATUS_REQUEST = 585;
+  SSL_F_TLS_PARSE_STOC_SUPPORTED_VERSIONS = 612;
+  SSL_F_TLS_PARSE_STOC_USE_SRTP = 446;
+  SSL_F_TLS_POST_PROCESS_CLIENT_HELLO = 378;
+  SSL_F_TLS_POST_PROCESS_CLIENT_KEY_EXCHANGE = 384;
+  SSL_F_TLS_PREPARE_CLIENT_CERTIFICATE = 360;
+  SSL_F_TLS_PROCESS_AS_HELLO_RETRY_REQUEST = 610;
+  SSL_F_TLS_PROCESS_CERTIFICATE_REQUEST = 361;
+  SSL_F_TLS_PROCESS_CERT_STATUS = 362;
+  SSL_F_TLS_PROCESS_CERT_STATUS_BODY = 495;
+  SSL_F_TLS_PROCESS_CERT_VERIFY = 379;
+  SSL_F_TLS_PROCESS_CHANGE_CIPHER_SPEC = 363;
+  SSL_F_TLS_PROCESS_CKE_DHE = 411;
+  SSL_F_TLS_PROCESS_CKE_ECDHE = 412;
+  SSL_F_TLS_PROCESS_CKE_GOST = 413;
+  SSL_F_TLS_PROCESS_CKE_PSK_PREAMBLE = 414;
+  SSL_F_TLS_PROCESS_CKE_RSA = 415;
+  SSL_F_TLS_PROCESS_CKE_SRP = 416;
+  SSL_F_TLS_PROCESS_CLIENT_CERTIFICATE = 380;
+  SSL_F_TLS_PROCESS_CLIENT_HELLO = 381;
+  SSL_F_TLS_PROCESS_CLIENT_KEY_EXCHANGE = 382;
+  SSL_F_TLS_PROCESS_ENCRYPTED_EXTENSIONS = 444;
+  SSL_F_TLS_PROCESS_END_OF_EARLY_DATA = 537;
+  SSL_F_TLS_PROCESS_FINISHED = 364;
+  SSL_F_TLS_PROCESS_HELLO_REQ = 507;
+  SSL_F_TLS_PROCESS_HELLO_RETRY_REQUEST = 511;
+  SSL_F_TLS_PROCESS_INITIAL_SERVER_FLIGHT = 442;
+  SSL_F_TLS_PROCESS_KEY_EXCHANGE = 365;
+  SSL_F_TLS_PROCESS_KEY_UPDATE = 518;
+  SSL_F_TLS_PROCESS_NEW_SESSION_TICKET = 366;
+  SSL_F_TLS_PROCESS_NEXT_PROTO = 383;
+  SSL_F_TLS_PROCESS_SERVER_CERTIFICATE = 367;
+  SSL_F_TLS_PROCESS_SERVER_DONE = 368;
+  SSL_F_TLS_PROCESS_SERVER_HELLO = 369;
+  SSL_F_TLS_PROCESS_SKE_DHE = 419;
+  SSL_F_TLS_PROCESS_SKE_ECDHE = 420;
+  SSL_F_TLS_PROCESS_SKE_PSK_PREAMBLE = 421;
+  SSL_F_TLS_PROCESS_SKE_SRP = 422;
+  SSL_F_TLS_PSK_DO_BINDER = 506;
+  SSL_F_TLS_SCAN_CLIENTHELLO_TLSEXT = 450;
+  SSL_F_TLS_SETUP_HANDSHAKE = 508;
+  SSL_F_USE_CERTIFICATE_CHAIN_FILE = 220;
+  SSL_F_WPACKET_INTERN_INIT_LEN = 633;
+  SSL_F_WPACKET_START_SUB_PACKET_LEN__ = 634;
+  SSL_F_WRITE_STATE_MACHINE = 586;
+  SSL_R_APPLICATION_DATA_AFTER_CLOSE_NOTIFY = 291;
+  SSL_R_APP_DATA_IN_HANDSHAKE = 100;
+  SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT = 272;
+  SSL_R_AT_LEAST_TLS_1_0_NEEDED_IN_FIPS_MODE = 143;
+  SSL_R_AT_LEAST_TLS_1_2_NEEDED_IN_SUITEB_MODE = 158;
+  SSL_R_BAD_CHANGE_CIPHER_SPEC = 103;
+  SSL_R_BAD_CIPHER = 186;
+  SSL_R_BAD_DATA = 390;
+  SSL_R_BAD_DATA_RETURNED_BY_CALLBACK = 106;
+  SSL_R_BAD_DECOMPRESSION = 107;
+  SSL_R_BAD_DH_VALUE = 102;
+  SSL_R_BAD_DIGEST_LENGTH = 111;
+  SSL_R_BAD_EARLY_DATA = 233;
+  SSL_R_BAD_ECC_CERT = 304;
+  SSL_R_BAD_ECPOINT = 306;
+  SSL_R_BAD_EXTENSION = 110;
+  SSL_R_BAD_HANDSHAKE_LENGTH = 332;
+  SSL_R_BAD_HANDSHAKE_STATE = 236;
+  SSL_R_BAD_HELLO_REQUEST = 105;
+  SSL_R_BAD_HRR_VERSION = 263;
+  SSL_R_BAD_KEY_SHARE = 108;
+  SSL_R_BAD_KEY_UPDATE = 122;
+  SSL_R_BAD_LEGACY_VERSION = 292;
+  SSL_R_BAD_LENGTH = 271;
+  SSL_R_BAD_PACKET = 240;
+  SSL_R_BAD_PACKET_LENGTH = 115;
+  SSL_R_BAD_PROTOCOL_VERSION_NUMBER = 116;
+  SSL_R_BAD_PSK = 219;
+  SSL_R_BAD_PSK_IDENTITY = 114;
+  SSL_R_BAD_RECORD_TYPE = 443;
+  SSL_R_BAD_RSA_ENCRYPT = 119;
+  SSL_R_BAD_SIGNATURE = 123;
+  SSL_R_BAD_SRP_A_LENGTH = 347;
+  SSL_R_BAD_SRP_PARAMETERS = 371;
+  SSL_R_BAD_SRTP_MKI_VALUE = 352;
+  SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST = 353;
+  SSL_R_BAD_SSL_FILETYPE = 124;
+  SSL_R_BAD_VALUE = 384;
+  SSL_R_BAD_WRITE_RETRY = 127;
+  SSL_R_BINDER_DOES_NOT_VERIFY = 253;
+  SSL_R_BIO_NOT_SET = 128;
+  SSL_R_BLOCK_CIPHER_PAD_IS_WRONG = 129;
+  SSL_R_BN_LIB = 130;
+  SSL_R_CALLBACK_FAILED = 234;
+  SSL_R_CANNOT_CHANGE_CIPHER = 109;
+  SSL_R_CA_DN_LENGTH_MISMATCH = 131;
+  SSL_R_CA_KEY_TOO_SMALL = 397;
+  SSL_R_CA_MD_TOO_WEAK = 398;
+  SSL_R_CCS_RECEIVED_EARLY = 133;
+  SSL_R_CERTIFICATE_VERIFY_FAILED = 134;
+  SSL_R_CERT_CB_ERROR = 377;
+  SSL_R_CERT_LENGTH_MISMATCH = 135;
+  SSL_R_CIPHERSUITE_DIGEST_HAS_CHANGED = 218;
+  SSL_R_CIPHER_CODE_WRONG_LENGTH = 137;
+  SSL_R_CIPHER_OR_HASH_UNAVAILABLE = 138;
+  SSL_R_CLIENTHELLO_TLSEXT = 226;
+  SSL_R_COMPRESSED_LENGTH_TOO_LONG = 140;
+  SSL_R_COMPRESSION_DISABLED = 343;
+  SSL_R_COMPRESSION_FAILURE = 141;
+  SSL_R_COMPRESSION_ID_NOT_WITHIN_PRIVATE_RANGE = 307;
+  SSL_R_COMPRESSION_LIBRARY_ERROR = 142;
+  SSL_R_CONNECTION_TYPE_NOT_SET = 144;
+  SSL_R_CONTEXT_NOT_DANE_ENABLED = 167;
+  SSL_R_COOKIE_GEN_CALLBACK_FAILURE = 400;
+  SSL_R_COOKIE_MISMATCH = 308;
+  SSL_R_CUSTOM_EXT_HANDLER_ALREADY_INSTALLED = 206;
+  SSL_R_DANE_ALREADY_ENABLED = 172;
+  SSL_R_DANE_CANNOT_OVERRIDE_MTYPE_FULL = 173;
+  SSL_R_DANE_NOT_ENABLED = 175;
+  SSL_R_DANE_TLSA_BAD_CERTIFICATE = 180;
+  SSL_R_DANE_TLSA_BAD_CERTIFICATE_USAGE = 184;
+  SSL_R_DANE_TLSA_BAD_DATA_LENGTH = 189;
+  SSL_R_DANE_TLSA_BAD_DIGEST_LENGTH = 192;
+  SSL_R_DANE_TLSA_BAD_MATCHING_TYPE = 200;
+  SSL_R_DANE_TLSA_BAD_PUBLIC_KEY = 201;
+  SSL_R_DANE_TLSA_BAD_SELECTOR = 202;
+  SSL_R_DANE_TLSA_NULL_DATA = 203;
+  SSL_R_DATA_BETWEEN_CCS_AND_FINISHED = 145;
+  SSL_R_DATA_LENGTH_TOO_LONG = 146;
+  SSL_R_DECRYPTION_FAILED = 147;
+  SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC = 281;
+  SSL_R_DH_KEY_TOO_SMALL = 394;
+  SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG = 148;
+  SSL_R_DIGEST_CHECK_FAILED = 149;
+  SSL_R_DTLS_MESSAGE_TOO_BIG = 334;
+  SSL_R_DUPLICATE_COMPRESSION_ID = 309;
+  SSL_R_ECC_CERT_NOT_FOR_SIGNING = 318;
+  SSL_R_ECDH_REQUIRED_FOR_SUITEB_MODE = 374;
+  SSL_R_EE_KEY_TOO_SMALL = 399;
+  SSL_R_EMPTY_SRTP_PROTECTION_PROFILE_LIST = 354;
+  SSL_R_ENCRYPTED_LENGTH_TOO_LONG = 150;
+  SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST = 151;
+  SSL_R_ERROR_SETTING_TLSA_BASE_DOMAIN = 204;
+  SSL_R_EXCEEDS_MAX_FRAGMENT_SIZE = 194;
+  SSL_R_EXCESSIVE_MESSAGE_SIZE = 152;
+  SSL_R_EXTENSION_NOT_RECEIVED = 279;
+  SSL_R_EXTRA_DATA_IN_MESSAGE = 153;
+  SSL_R_EXT_LENGTH_MISMATCH = 163;
+  SSL_R_FAILED_TO_INIT_ASYNC = 405;
+  SSL_R_FRAGMENTED_CLIENT_HELLO = 401;
+  SSL_R_GOT_A_FIN_BEFORE_A_CCS = 154;
+  SSL_R_HTTPS_PROXY_REQUEST = 155;
+  SSL_R_HTTP_REQUEST = 156;
+  SSL_R_ILLEGAL_POINT_COMPRESSION = 162;
+  SSL_R_ILLEGAL_SUITEB_DIGEST = 380;
+  SSL_R_INAPPROPRIATE_FALLBACK = 373;
+  SSL_R_INCONSISTENT_COMPRESSION = 340;
+  SSL_R_INCONSISTENT_EARLY_DATA_ALPN = 222;
+  SSL_R_INCONSISTENT_EARLY_DATA_SNI = 231;
+  SSL_R_INCONSISTENT_EXTMS = 104;
+  SSL_R_INSUFFICIENT_SECURITY = 241;
+  SSL_R_INVALID_ALERT = 205;
+  SSL_R_INVALID_CCS_MESSAGE = 260;
+  SSL_R_INVALID_CERTIFICATE_OR_ALG = 238;
+  SSL_R_INVALID_COMMAND = 280;
+  SSL_R_INVALID_COMPRESSION_ALGORITHM = 341;
+  SSL_R_INVALID_CONFIG = 283;
+  SSL_R_INVALID_CONFIGURATION_NAME = 113;
+  SSL_R_INVALID_CONTEXT = 282;
+  SSL_R_INVALID_CT_VALIDATION_TYPE = 212;
+  SSL_R_INVALID_KEY_UPDATE_TYPE = 120;
+  SSL_R_INVALID_MAX_EARLY_DATA = 174;
+  SSL_R_INVALID_NULL_CMD_NAME = 385;
+  SSL_R_INVALID_SEQUENCE_NUMBER = 402;
+  SSL_R_INVALID_SERVERINFO_DATA = 388;
+  SSL_R_INVALID_SESSION_ID = 999;
+  SSL_R_INVALID_SRP_USERNAME = 357;
+  SSL_R_INVALID_STATUS_RESPONSE = 328;
+  SSL_R_INVALID_TICKET_KEYS_LENGTH = 325;
+  SSL_R_LENGTH_MISMATCH = 159;
+  SSL_R_LENGTH_TOO_LONG = 404;
+  SSL_R_LENGTH_TOO_SHORT = 160;
+  SSL_R_LIBRARY_BUG = 274;
+  SSL_R_LIBRARY_HAS_NO_CIPHERS = 161;
+  SSL_R_MISSING_DSA_SIGNING_CERT = 165;
+  SSL_R_MISSING_ECDSA_SIGNING_CERT = 381;
+  SSL_R_MISSING_FATAL = 256;
+  SSL_R_MISSING_PARAMETERS = 290;
+  SSL_R_MISSING_RSA_CERTIFICATE = 168;
+  SSL_R_MISSING_RSA_ENCRYPTING_CERT = 169;
+  SSL_R_MISSING_RSA_SIGNING_CERT = 170;
+  SSL_R_MISSING_SIGALGS_EXTENSION = 112;
+  SSL_R_MISSING_SIGNING_CERT = 221;
+  SSL_R_MISSING_SRP_PARAM = 358;
+  SSL_R_MISSING_SUPPORTED_GROUPS_EXTENSION = 209;
+  SSL_R_MISSING_TMP_DH_KEY = 171;
+  SSL_R_MISSING_TMP_ECDH_KEY = 311;
+  SSL_R_MIXED_HANDSHAKE_AND_NON_HANDSHAKE_DATA = 293;
+  SSL_R_NOT_ON_RECORD_BOUNDARY = 182;
+  SSL_R_NOT_REPLACING_CERTIFICATE = 289;
+  SSL_R_NOT_SERVER = 284;
+  SSL_R_NO_APPLICATION_PROTOCOL = 235;
+  SSL_R_NO_CERTIFICATES_RETURNED = 176;
+  SSL_R_NO_CERTIFICATE_ASSIGNED = 177;
+  SSL_R_NO_CERTIFICATE_SET = 179;
+  SSL_R_NO_CHANGE_FOLLOWING_HRR = 214;
+  SSL_R_NO_CIPHERS_AVAILABLE = 181;
+  SSL_R_NO_CIPHERS_SPECIFIED = 183;
+  SSL_R_NO_CIPHER_MATCH = 185;
+  SSL_R_NO_CLIENT_CERT_METHOD = 331;
+  SSL_R_NO_COMPRESSION_SPECIFIED = 187;
+  SSL_R_NO_COOKIE_CALLBACK_SET = 287;
+  SSL_R_NO_GOST_CERTIFICATE_SENT_BY_PEER = 330;
+  SSL_R_NO_METHOD_SPECIFIED = 188;
+  SSL_R_NO_PEM_EXTENSIONS = 389;
+  SSL_R_NO_PRIVATE_KEY_ASSIGNED = 190;
+  SSL_R_NO_PROTOCOLS_AVAILABLE = 191;
+  SSL_R_NO_RENEGOTIATION = 339;
+  SSL_R_NO_REQUIRED_DIGEST = 324;
+  SSL_R_NO_SHARED_CIPHER = 193;
+  SSL_R_NO_SHARED_GROUPS = 410;
+  SSL_R_NO_SHARED_SIGNATURE_ALGORITHMS = 376;
+  SSL_R_NO_SRTP_PROFILES = 359;
+  SSL_R_NO_SUITABLE_KEY_SHARE = 101;
+  SSL_R_NO_SUITABLE_SIGNATURE_ALGORITHM = 118;
+  SSL_R_NO_VALID_SCTS = 216;
+  SSL_R_NO_VERIFY_COOKIE_CALLBACK = 403;
+  SSL_R_NULL_SSL_CTX = 195;
+  SSL_R_NULL_SSL_METHOD_PASSED = 196;
+  SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED = 197;
+  SSL_R_OLD_SESSION_COMPRESSION_ALGORITHM_NOT_RETURNED = 344;
+  SSL_R_OVERFLOW_ERROR = 237;
+  SSL_R_PACKET_LENGTH_TOO_LONG = 198;
+  SSL_R_PARSE_TLSEXT = 227;
+  SSL_R_PATH_TOO_LONG = 270;
+  SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE = 199;
+  SSL_R_PEM_NAME_BAD_PREFIX = 391;
+  SSL_R_PEM_NAME_TOO_SHORT = 392;
+  SSL_R_PIPELINE_FAILURE = 406;
+  SSL_R_POST_HANDSHAKE_AUTH_ENCODING_ERR = 278;
+  SSL_R_PRIVATE_KEY_MISMATCH = 288;
+  SSL_R_PROTOCOL_IS_SHUTDOWN = 207;
+  SSL_R_PSK_IDENTITY_NOT_FOUND = 223;
+  SSL_R_PSK_NO_CLIENT_CB = 224;
+  SSL_R_PSK_NO_SERVER_CB = 225;
+  SSL_R_READ_BIO_NOT_SET = 211;
+  SSL_R_READ_TIMEOUT_EXPIRED = 312;
+  SSL_R_RECORD_LENGTH_MISMATCH = 213;
+  SSL_R_RECORD_TOO_SMALL = 298;
+  SSL_R_RENEGOTIATE_EXT_TOO_LONG = 335;
+  SSL_R_RENEGOTIATION_ENCODING_ERR = 336;
+  SSL_R_RENEGOTIATION_MISMATCH = 337;
+  SSL_R_REQUEST_PENDING = 285;
+  SSL_R_REQUEST_SENT = 286;
+  SSL_R_REQUIRED_CIPHER_MISSING = 215;
+  SSL_R_REQUIRED_COMPRESSION_ALGORITHM_MISSING = 342;
+  SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING = 345;
+  SSL_R_SCT_VERIFICATION_FAILED = 208;
+  SSL_R_SERVERHELLO_TLSEXT = 275;
+  SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED = 277;
+  SSL_R_SHUTDOWN_WHILE_IN_INIT = 407;
+  SSL_R_SIGNATURE_ALGORITHMS_ERROR = 360;
+  SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE = 220;
+  SSL_R_SRP_A_CALC = 361;
+  SSL_R_SRTP_COULD_NOT_ALLOCATE_PROFILES = 362;
+  SSL_R_SRTP_PROTECTION_PROFILE_LIST_TOO_LONG = 363;
+  SSL_R_SRTP_UNKNOWN_PROTECTION_PROFILE = 364;
+  SSL_R_SSL3_EXT_INVALID_MAX_FRAGMENT_LENGTH = 232;
+  SSL_R_SSL3_EXT_INVALID_SERVERNAME = 319;
+  SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE = 320;
+  SSL_R_SSL3_SESSION_ID_TOO_LONG = 300;
+  SSL_R_SSLV3_ALERT_BAD_CERTIFICATE = 1042;
+  SSL_R_SSLV3_ALERT_BAD_RECORD_MAC = 1020;
+  SSL_R_SSLV3_ALERT_CERTIFICATE_EXPIRED = 1045;
+  SSL_R_SSLV3_ALERT_CERTIFICATE_REVOKED = 1044;
+  SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN = 1046;
+  SSL_R_SSLV3_ALERT_DECOMPRESSION_FAILURE = 1030;
+  SSL_R_SSLV3_ALERT_HANDSHAKE_FAILURE = 1040;
+  SSL_R_SSLV3_ALERT_ILLEGAL_PARAMETER = 1047;
+  SSL_R_SSLV3_ALERT_NO_CERTIFICATE = 1041;
+  SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE = 1010;
+  SSL_R_SSLV3_ALERT_UNSUPPORTED_CERTIFICATE = 1043;
+  SSL_R_SSL_COMMAND_SECTION_EMPTY = 117;
+  SSL_R_SSL_COMMAND_SECTION_NOT_FOUND = 125;
+  SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION = 228;
+  SSL_R_SSL_HANDSHAKE_FAILURE = 229;
+  SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS = 230;
+  SSL_R_SSL_NEGATIVE_LENGTH = 372;
+  SSL_R_SSL_SECTION_EMPTY = 126;
+  SSL_R_SSL_SECTION_NOT_FOUND = 136;
+  SSL_R_SSL_SESSION_ID_CALLBACK_FAILED = 301;
+  SSL_R_SSL_SESSION_ID_CONFLICT = 302;
+  SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG = 273;
+  SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH = 303;
+  SSL_R_SSL_SESSION_ID_TOO_LONG = 408;
+  SSL_R_SSL_SESSION_VERSION_MISMATCH = 210;
+  SSL_R_STILL_IN_INIT = 121;
+  SSL_R_TLSV13_ALERT_CERTIFICATE_REQUIRED = 1116;
+  SSL_R_TLSV13_ALERT_MISSING_EXTENSION = 1109;
+  SSL_R_TLSV1_ALERT_ACCESS_DENIED = 1049;
+  SSL_R_TLSV1_ALERT_DECODE_ERROR = 1050;
+  SSL_R_TLSV1_ALERT_DECRYPTION_FAILED = 1021;
+  SSL_R_TLSV1_ALERT_DECRYPT_ERROR = 1051;
+  SSL_R_TLSV1_ALERT_EXPORT_RESTRICTION = 1060;
+  SSL_R_TLSV1_ALERT_INAPPROPRIATE_FALLBACK = 1086;
+  SSL_R_TLSV1_ALERT_INSUFFICIENT_SECURITY = 1071;
+  SSL_R_TLSV1_ALERT_INTERNAL_ERROR = 1080;
+  SSL_R_TLSV1_ALERT_NO_RENEGOTIATION = 1100;
+  SSL_R_TLSV1_ALERT_PROTOCOL_VERSION = 1070;
+  SSL_R_TLSV1_ALERT_RECORD_OVERFLOW = 1022;
+  SSL_R_TLSV1_ALERT_UNKNOWN_CA = 1048;
+  SSL_R_TLSV1_ALERT_USER_CANCELLED = 1090;
+  SSL_R_TLSV1_BAD_CERTIFICATE_HASH_VALUE = 1114;
+  SSL_R_TLSV1_BAD_CERTIFICATE_STATUS_RESPONSE = 1113;
+  SSL_R_TLSV1_CERTIFICATE_UNOBTAINABLE = 1111;
+  SSL_R_TLSV1_UNRECOGNIZED_NAME = 1112;
+  SSL_R_TLSV1_UNSUPPORTED_EXTENSION = 1110;
+  SSL_R_TLS_HEARTBEAT_PEER_DOESNT_ACCEPT = 365;
+  SSL_R_TLS_HEARTBEAT_PENDING = 366;
+  SSL_R_TLS_ILLEGAL_EXPORTER_LABEL = 367;
+  SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST = 157;
+  SSL_R_TOO_MANY_KEY_UPDATES = 132;
+  SSL_R_TOO_MANY_WARN_ALERTS = 409;
+  SSL_R_TOO_MUCH_EARLY_DATA = 164;
+  SSL_R_UNABLE_TO_FIND_ECDH_PARAMETERS = 314;
+  SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS = 239;
+  SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES = 242;
+  SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES = 243;
+  SSL_R_UNEXPECTED_CCS_MESSAGE = 262;
+  SSL_R_UNEXPECTED_END_OF_EARLY_DATA = 178;
+  SSL_R_UNEXPECTED_MESSAGE = 244;
+  SSL_R_UNEXPECTED_RECORD = 245;
+  SSL_R_UNINITIALIZED = 276;
+  SSL_R_UNKNOWN_ALERT_TYPE = 246;
+  SSL_R_UNKNOWN_CERTIFICATE_TYPE = 247;
+  SSL_R_UNKNOWN_CIPHER_RETURNED = 248;
+  SSL_R_UNKNOWN_CIPHER_TYPE = 249;
+  SSL_R_UNKNOWN_CMD_NAME = 386;
+  SSL_R_UNKNOWN_COMMAND = 139;
+  SSL_R_UNKNOWN_DIGEST = 368;
+  SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE = 250;
+  SSL_R_UNKNOWN_PKEY_TYPE = 251;
+  SSL_R_UNKNOWN_PROTOCOL = 252;
+  SSL_R_UNKNOWN_SSL_VERSION = 254;
+  SSL_R_UNKNOWN_STATE = 255;
+  SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED = 338;
+  SSL_R_UNSOLICITED_EXTENSION = 217;
+  SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM = 257;
+  SSL_R_UNSUPPORTED_ELLIPTIC_CURVE = 315;
+  SSL_R_UNSUPPORTED_PROTOCOL = 258;
+  SSL_R_UNSUPPORTED_SSL_VERSION = 259;
+  SSL_R_UNSUPPORTED_STATUS_TYPE = 329;
+  SSL_R_USE_SRTP_NOT_NEGOTIATED = 369;
+  SSL_R_VERSION_TOO_HIGH = 166;
+  SSL_R_VERSION_TOO_LOW = 396;
+  SSL_R_WRONG_CERTIFICATE_TYPE = 383;
+  SSL_R_WRONG_CIPHER_RETURNED = 261;
+  SSL_R_WRONG_CURVE = 378;
+  SSL_R_WRONG_SIGNATURE_LENGTH = 264;
+  SSL_R_WRONG_SIGNATURE_SIZE = 265;
+  SSL_R_WRONG_SIGNATURE_TYPE = 370;
+  SSL_R_WRONG_SSL_VERSION = 266;
+  SSL_R_WRONG_VERSION_NUMBER = 267;
+  SSL_R_X509_LIB = 268;
+  SSL_R_X509_VERIFICATION_SETUP_PROBLEMS = 269;
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+procedure UnLoad;
+{$ENDREGION}
+
+var
+  ERR_load_SSL_strings: function: TIdC_INT cdecl = nil;
+
+implementation
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+
+  function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
+  begin
+    Result := LoadLibFunction(ADllHandle, AMethodName);
+    if not Assigned(Result) then
+      AFailed.Add(AMethodName);
+  end;
+
+begin
+  ERR_load_SSL_strings := LoadFunction('ERR_load_SSL_strings', AFailed);
+end;
+
+procedure UnLoad;
+begin
+  ERR_load_SSL_strings := nil;
+end;
+{$ENDREGION}
+
+end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_storeerr.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_storeerr.pas
new file mode 100644
index 000000000..4cc2626d0
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_storeerr.pas
@@ -0,0 +1,148 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 15:01:04
+
+unit IdOpenSSLHeaders_storeerr;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// storeerr.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  Classes,
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+const
+  (*
+   * OSSL_STORE function codes.
+   *)
+  OSSL_STORE_F_FILE_CTRL = 129;
+  OSSL_STORE_F_FILE_FIND = 138;
+  OSSL_STORE_F_FILE_GET_PASS = 118;
+  OSSL_STORE_F_FILE_LOAD = 119;
+  OSSL_STORE_F_FILE_LOAD_TRY_DECODE = 124;
+  OSSL_STORE_F_FILE_NAME_TO_URI = 126;
+  OSSL_STORE_F_FILE_OPEN = 120;
+  OSSL_STORE_F_OSSL_STORE_ATTACH_PEM_BIO = 127;
+  OSSL_STORE_F_OSSL_STORE_EXPECT = 130;
+  OSSL_STORE_F_OSSL_STORE_FILE_ATTACH_PEM_BIO_INT = 128;
+  OSSL_STORE_F_OSSL_STORE_FIND = 131;
+  OSSL_STORE_F_OSSL_STORE_GET0_LOADER_INT = 100;
+  OSSL_STORE_F_OSSL_STORE_INFO_GET1_CERT = 101;
+  OSSL_STORE_F_OSSL_STORE_INFO_GET1_CRL = 102;
+  OSSL_STORE_F_OSSL_STORE_INFO_GET1_NAME = 103;
+  OSSL_STORE_F_OSSL_STORE_INFO_GET1_NAME_DESCRIPTION = 135;
+  OSSL_STORE_F_OSSL_STORE_INFO_GET1_PARAMS = 104;
+  OSSL_STORE_F_OSSL_STORE_INFO_GET1_PKEY = 105;
+  OSSL_STORE_F_OSSL_STORE_INFO_NEW_CERT = 106;
+  OSSL_STORE_F_OSSL_STORE_INFO_NEW_CRL = 107;
+  OSSL_STORE_F_OSSL_STORE_INFO_NEW_EMBEDDED = 123;
+  OSSL_STORE_F_OSSL_STORE_INFO_NEW_NAME = 109;
+  OSSL_STORE_F_OSSL_STORE_INFO_NEW_PARAMS = 110;
+  OSSL_STORE_F_OSSL_STORE_INFO_NEW_PKEY = 111;
+  OSSL_STORE_F_OSSL_STORE_INFO_SET0_NAME_DESCRIPTION = 134;
+  OSSL_STORE_F_OSSL_STORE_INIT_ONCE = 112;
+  OSSL_STORE_F_OSSL_STORE_LOADER_NEW = 113;
+  OSSL_STORE_F_OSSL_STORE_OPEN = 114;
+  OSSL_STORE_F_OSSL_STORE_OPEN_INT = 115;
+  OSSL_STORE_F_OSSL_STORE_REGISTER_LOADER_INT = 117;
+  OSSL_STORE_F_OSSL_STORE_SEARCH_BY_ALIAS = 132;
+  OSSL_STORE_F_OSSL_STORE_SEARCH_BY_ISSUER_SERIAL = 133;
+  OSSL_STORE_F_OSSL_STORE_SEARCH_BY_KEY_FINGERPRINT = 136;
+  OSSL_STORE_F_OSSL_STORE_SEARCH_BY_NAME = 137;
+  OSSL_STORE_F_OSSL_STORE_UNREGISTER_LOADER_INT = 116;
+  OSSL_STORE_F_TRY_DECODE_PARAMS = 121;
+  OSSL_STORE_F_TRY_DECODE_PKCS12 = 122;
+  OSSL_STORE_F_TRY_DECODE_PKCS8ENCRYPTED = 125;
+
+
+  (*
+   * OSSL_STORE reason codes.
+   *)
+  OSSL_STORE_R_AMBIGUOUS_CONTENT_TYPE = 107;
+  OSSL_STORE_R_BAD_PASSWORD_READ = 115;
+  OSSL_STORE_R_ERROR_VERIFYING_PKCS12_MAC = 113;
+  OSSL_STORE_R_FINGERPRINT_SIZE_DOES_NOT_MATCH_DIGEST = 121;
+  OSSL_STORE_R_INVALID_SCHEME = 106;
+  OSSL_STORE_R_IS_NOT_A = 112;
+  OSSL_STORE_R_LOADER_INCOMPLETE = 116;
+  OSSL_STORE_R_LOADING_STARTED = 117;
+  OSSL_STORE_R_NOT_A_CERTIFICATE = 100;
+  OSSL_STORE_R_NOT_A_CRL = 101;
+  OSSL_STORE_R_NOT_A_KEY = 102;
+  OSSL_STORE_R_NOT_A_NAME = 103;
+  OSSL_STORE_R_NOT_PARAMETERS = 104;
+  OSSL_STORE_R_PASSPHRASE_CALLBACK_ERROR = 114;
+  OSSL_STORE_R_PATH_MUST_BE_ABSOLUTE = 108;
+  OSSL_STORE_R_SEARCH_ONLY_SUPPORTED_FOR_DIRECTORIES = 119;
+  OSSL_STORE_R_UI_PROCESS_INTERRUPTED_OR_CANCELLED = 109;
+  OSSL_STORE_R_UNREGISTERED_SCHEME = 105;
+  OSSL_STORE_R_UNSUPPORTED_CONTENT_TYPE = 110;
+  OSSL_STORE_R_UNSUPPORTED_OPERATION = 118;
+  OSSL_STORE_R_UNSUPPORTED_SEARCH_TYPE = 120;
+  OSSL_STORE_R_URI_AUTHORITY_UNSUPPORTED = 111;
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+procedure UnLoad;
+{$ENDREGION}
+
+var
+  ERR_load_OSSL_STORE_strings: function: TIdC_INT cdecl = nil;
+
+implementation
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+
+  function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
+  begin
+    Result := LoadLibFunction(ADllHandle, AMethodName);
+    if not Assigned(Result) then
+      AFailed.Add(AMethodName);
+  end;
+
+begin
+  ERR_load_OSSL_STORE_strings := LoadFunction('ERR_load_OSSL_STORE_strings', AFailed);
+end;
+
+procedure UnLoad;
+begin
+  ERR_load_OSSL_STORE_strings := nil;
+end;
+{$ENDREGION}
+
+end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_tls1.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_tls1.pas
new file mode 100644
index 000000000..a1826d4c8
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_tls1.pas
@@ -0,0 +1,1258 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 15:01:04
+
+unit IdOpenSSLHeaders_tls1;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// tls1.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  Classes,
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts,
+  IdOpenSSLHeaders_ossl_typ;
+
+const
+  (* Default security level if not overridden at config time *)
+  OPENSSL_TLS_SECURITY_LEVEL = 1;
+
+  TLS1_VERSION = $0301;
+  TLS1_1_VERSION = $0302;
+  TLS1_2_VERSION = $0303;
+  TLS1_3_VERSION = $0304;
+  TLS_MAX_VERSION = TLS1_3_VERSION;
+
+  (* Special value for method supporting multiple versions *)
+  TLS_ANY_VERSION = $10000;
+
+  TLS1_VERSION_MAJOR = $03;
+  TLS1_VERSION_MINOR = $01;
+
+  TLS1_1_VERSION_MAJOR = $03;
+  TLS1_1_VERSION_MINOR = $02;
+
+  TLS1_2_VERSION_MAJOR = $03;
+  TLS1_2_VERSION_MINOR = $03;
+
+
+//# define TLS1_get_version(s) \
+//        ((SSL_version(s) >> 8) == TLS1_VERSION_MAJOR ? SSL_version(s) : 0)
+//
+//# define TLS1_get_client_version(s) \
+//        ((SSL_client_version(s) >> 8) == TLS1_VERSION_MAJOR ? SSL_client_version(s) : 0)
+
+  TLS1_AD_DECRYPTION_FAILED = 21;
+  TLS1_AD_RECORD_OVERFLOW = 22;
+  TLS1_AD_UNKNOWN_CA = 48; (* fatal *)
+  TLS1_AD_ACCESS_DENIED = 49; (* fatal *)
+  TLS1_AD_DECODE_ERROR = 50; (* fatal *)
+  TLS1_AD_DECRYPT_ERROR = 51;
+  TLS1_AD_EXPORT_RESTRICTION = 60; (* fatal *)
+  TLS1_AD_PROTOCOL_VERSION = 70; (* fatal *)
+  TLS1_AD_INSUFFICIENT_SECURITY = 71; (* fatal *)
+  TLS1_AD_INTERNAL_ERROR = 80; (* fatal *)
+  TLS1_AD_INAPPROPRIATE_FALLBACK = 86; (* fatal *)
+  TLS1_AD_USER_CANCELLED = 90;
+  TLS1_AD_NO_RENEGOTIATION = 100;
+  (* TLSv1.3 alerts *)
+  TLS13_AD_MISSING_EXTENSION = 109; (* fatal *)
+  TLS13_AD_CERTIFICATE_REQUIRED = 116; (* fatal *)
+  (* codes 110-114 are from RFC3546 *)
+  TLS1_AD_UNSUPPORTED_EXTENSION = 110;
+  TLS1_AD_CERTIFICATE_UNOBTAINABLE = 111;
+  TLS1_AD_UNRECOGNIZED_NAME = 112;
+  TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE = 113;
+  TLS1_AD_BAD_CERTIFICATE_HASH_VALUE = 114;
+  TLS1_AD_UNKNOWN_PSK_IDENTITY = 115; (* fatal *)
+  TLS1_AD_NO_APPLICATION_PROTOCOL = 120; (* fatal *)
+
+  (* ExtensionType values from RFC3546 / RFC4366 / RFC6066 *)
+  TLSEXT_TYPE_server_name = 0;
+  TLSEXT_TYPE_max_fragment_length = 1;
+  TLSEXT_TYPE_client_certificate_url = 2;
+  TLSEXT_TYPE_trusted_ca_keys = 3;
+  TLSEXT_TYPE_truncated_hmac = 4;
+  TLSEXT_TYPE_status_request = 5;
+  (* ExtensionType values from RFC4681 *)
+  TLSEXT_TYPE_user_mapping = 6;
+  (* ExtensionType values from RFC5878 *)
+  TLSEXT_TYPE_client_authz = 7;
+  TLSEXT_TYPE_server_authz = 8;
+  (* ExtensionType values from RFC6091 *)
+  TLSEXT_TYPE_cert_type = 9;
+
+  (* ExtensionType values from RFC4492 *)
+  (*
+   * Prior to TLSv1.3 the supported_groups extension was known as
+   * elliptic_curves
+   *)
+  TLSEXT_TYPE_supported_groups = 10;
+  TLSEXT_TYPE_elliptic_curves = TLSEXT_TYPE_supported_groups;
+  TLSEXT_TYPE_ec_poTIdC_INT_formats = 11;
+
+  (* ExtensionType value from RFC5054 *)
+  TLSEXT_TYPE_srp = 12;
+  (* ExtensionType values from RFC5246 *)
+  TLSEXT_TYPE_signature_algorithms = 13;
+
+  (* ExtensionType value from RFC5764 *)
+  TLSEXT_TYPE_use_srtp = 14;
+
+  (* ExtensionType value from RFC5620 *)
+  TLSEXT_TYPE_heartbeat = 15;
+
+  (* ExtensionType value from RFC7301 *)
+  TLSEXT_TYPE_application_layer_protocol_negotiation = 16;
+
+  (*
+   * Extension type for Certificate Transparency
+   * https://tools.ietf.org/html/rfc6962#section-3.3.1
+   *)
+  TLSEXT_TYPE_signed_certificate_timestamp = 18;
+
+  (*
+   * ExtensionType value for TLS padding extension.
+   * http://tools.ietf.org/html/draft-agl-tls-padding
+   *)
+  TLSEXT_TYPE_padding = 21;
+
+  (* ExtensionType value from RFC7366 *)
+  TLSEXT_TYPE_encrypt_then_mac = 22;
+
+  (* ExtensionType value from RFC7627 *)
+  TLSEXT_TYPE_extended_master_secret = 23;
+
+  (* ExtensionType value from RFC4507 *)
+  TLSEXT_TYPE_session_ticket = 35;
+
+  (* As defined for TLS1.3 *)
+  TLSEXT_TYPE_psk = 41;
+  TLSEXT_TYPE_early_data = 42;
+  TLSEXT_TYPE_supported_versions = 43;
+  TLSEXT_TYPE_cookie = 44;
+  TLSEXT_TYPE_psk_kex_modes = 45;
+  TLSEXT_TYPE_certificate_authorities = 47;
+  TLSEXT_TYPE_post_handshake_auth = 49;
+  TLSEXT_TYPE_signature_algorithms_cert = 50;
+  TLSEXT_TYPE_key_share = 51;
+
+  (* Temporary extension type *)
+  TLSEXT_TYPE_renegotiate = $ff01;
+
+  (* This is not an IANA defined extension number *)
+  TLSEXT_TYPE_next_proto_neg = 13172;
+
+  (* NameType value from RFC3546 *)
+  TLSEXT_NAMETYPE_host_name = 0;
+  (* status request value from RFC3546 *)
+  TLSEXT_STATUSTYPE_ocsp = 1;
+
+  (* ECPoTIdC_INTFormat values from RFC4492 *)
+  TLSEXT_ECPOTIdC_INTFORMAT_first = 0;
+  TLSEXT_ECPOTIdC_INTFORMAT_uncompressed = 0;
+  TLSEXT_ECPOTIdC_INTFORMAT_ansiX962_compressed_prime = 1;
+  TLSEXT_ECPOTIdC_INTFORMAT_ansiX962_compressed_PIdAnsiChar2 = 2;
+  TLSEXT_ECPOTIdC_INTFORMAT_last = 2;
+
+  (* Signature and hash algorithms from RFC5246 *)
+  TLSEXT_signature_anonymous = 0;
+  TLSEXT_signature_rsa = 1;
+  TLSEXT_signature_dsa = 2;
+  TLSEXT_signature_ecdsa = 3;
+  TLSEXT_signature_gostr34102001 = 237;
+  TLSEXT_signature_gostr34102012_256 = 238;
+  TLSEXT_signature_gostr34102012_512 = 239;
+
+  (* Total number of different signature algorithms *)
+  TLSEXT_signature_num = 7;
+
+  TLSEXT_hash_none = 0;
+  TLSEXT_hash_md5 = 1;
+  TLSEXT_hash_sha1 = 2;
+  TLSEXT_hash_sha224 = 3;
+  TLSEXT_hash_sha256 = 4;
+  TLSEXT_hash_sha384 = 5;
+  TLSEXT_hash_sha512 = 6;
+  TLSEXT_hash_gostr3411 = 237;
+  TLSEXT_hash_gostr34112012_256 = 238;
+  TLSEXT_hash_gostr34112012_512 = 239;
+
+  (* Total number of different digest algorithms *)
+  TLSEXT_hash_num = 10;
+
+  (* Flag set for unrecognised algorithms *)
+  TLSEXT_nid_unknown = $1000000;
+
+  (* ECC curves *)
+  TLSEXT_curve_P_256 = 23;
+  TLSEXT_curve_P_384 = 24;
+
+  (* OpenSSL value to disable maximum fragment length extension *)
+  TLSEXT_max_fragment_length_DISABLED = 0;
+  (* Allowed values for max fragment length extension *)
+  TLSEXT_max_fragment_length_512 = 1;
+  TLSEXT_max_fragment_length_1024 = 2;
+  TLSEXT_max_fragment_length_2048 = 3;
+  TLSEXT_max_fragment_length_4096 = 4;
+
+  TLSEXT_MAXLEN_host_name = 255;
+
+  SSL_TLSEXT_ERR_OK = 0;
+  SSL_TLSEXT_ERR_ALERT_WARNING = 1;
+  SSL_TLSEXT_ERR_ALERT_FATAL = 2;
+  SSL_TLSEXT_ERR_NOACK = 3;
+
+  SSL_DTLSEXT_HB_ENABLED = $01;
+  SSL_DTLSEXT_HB_DONT_SEND_REQUESTS = $02;
+  SSL_DTLSEXT_HB_DONT_RECV_REQUESTS = $04;
+
+  (* PSK ciphersuites from 4279 *)
+  TLS1_CK_PSK_WITH_RC4_128_SHA = $0300008A;
+  TLS1_CK_PSK_WITH_3DES_EDE_CBC_SHA = $0300008B;
+  TLS1_CK_PSK_WITH_AES_128_CBC_SHA = $0300008C;
+  TLS1_CK_PSK_WITH_AES_256_CBC_SHA = $0300008D;
+  TLS1_CK_DHE_PSK_WITH_RC4_128_SHA = $0300008E;
+  TLS1_CK_DHE_PSK_WITH_3DES_EDE_CBC_SHA = $0300008F;
+  TLS1_CK_DHE_PSK_WITH_AES_128_CBC_SHA = $03000090;
+  TLS1_CK_DHE_PSK_WITH_AES_256_CBC_SHA = $03000091;
+  TLS1_CK_RSA_PSK_WITH_RC4_128_SHA = $03000092;
+  TLS1_CK_RSA_PSK_WITH_3DES_EDE_CBC_SHA = $03000093;
+  TLS1_CK_RSA_PSK_WITH_AES_128_CBC_SHA = $03000094;
+  TLS1_CK_RSA_PSK_WITH_AES_256_CBC_SHA = $03000095;
+
+  (* PSK ciphersuites from 5487 *)
+  TLS1_CK_PSK_WITH_AES_128_GCM_SHA256 = $030000A8;
+  TLS1_CK_PSK_WITH_AES_256_GCM_SHA384 = $030000A9;
+  TLS1_CK_DHE_PSK_WITH_AES_128_GCM_SHA256 = $030000AA;
+  TLS1_CK_DHE_PSK_WITH_AES_256_GCM_SHA384 = $030000AB;
+  TLS1_CK_RSA_PSK_WITH_AES_128_GCM_SHA256 = $030000AC;
+  TLS1_CK_RSA_PSK_WITH_AES_256_GCM_SHA384 = $030000AD;
+  TLS1_CK_PSK_WITH_AES_128_CBC_SHA256 = $030000AE;
+  TLS1_CK_PSK_WITH_AES_256_CBC_SHA384 = $030000AF;
+  TLS1_CK_PSK_WITH_NULL_SHA256 = $030000B0;
+  TLS1_CK_PSK_WITH_NULL_SHA384 = $030000B1;
+  TLS1_CK_DHE_PSK_WITH_AES_128_CBC_SHA256 = $030000B2;
+  TLS1_CK_DHE_PSK_WITH_AES_256_CBC_SHA384 = $030000B3;
+  TLS1_CK_DHE_PSK_WITH_NULL_SHA256 = $030000B4;
+  TLS1_CK_DHE_PSK_WITH_NULL_SHA384 = $030000B5;
+  TLS1_CK_RSA_PSK_WITH_AES_128_CBC_SHA256 = $030000B6;
+  TLS1_CK_RSA_PSK_WITH_AES_256_CBC_SHA384 = $030000B7;
+  TLS1_CK_RSA_PSK_WITH_NULL_SHA256 = $030000B8;
+  TLS1_CK_RSA_PSK_WITH_NULL_SHA384 = $030000B9;
+
+  (* NULL PSK ciphersuites from RFC4785 *)
+  TLS1_CK_PSK_WITH_NULL_SHA = $0300002C;
+  TLS1_CK_DHE_PSK_WITH_NULL_SHA = $0300002D;
+  TLS1_CK_RSA_PSK_WITH_NULL_SHA = $0300002E;
+
+  (* AES ciphersuites from RFC3268 *)
+  TLS1_CK_RSA_WITH_AES_128_SHA = $0300002F;
+  TLS1_CK_DH_DSS_WITH_AES_128_SHA = $03000030;
+  TLS1_CK_DH_RSA_WITH_AES_128_SHA = $03000031;
+  TLS1_CK_DHE_DSS_WITH_AES_128_SHA = $03000032;
+  TLS1_CK_DHE_RSA_WITH_AES_128_SHA = $03000033;
+  TLS1_CK_ADH_WITH_AES_128_SHA = $03000034;
+  TLS1_CK_RSA_WITH_AES_256_SHA = $03000035;
+  TLS1_CK_DH_DSS_WITH_AES_256_SHA = $03000036;
+  TLS1_CK_DH_RSA_WITH_AES_256_SHA = $03000037;
+  TLS1_CK_DHE_DSS_WITH_AES_256_SHA = $03000038;
+  TLS1_CK_DHE_RSA_WITH_AES_256_SHA = $03000039;
+  TLS1_CK_ADH_WITH_AES_256_SHA = $0300003A;
+
+  (* TLS v1.2 ciphersuites *)
+  TLS1_CK_RSA_WITH_NULL_SHA256 = $0300003B;
+  TLS1_CK_RSA_WITH_AES_128_SHA256 = $0300003C;
+  TLS1_CK_RSA_WITH_AES_256_SHA256 = $0300003D;
+  TLS1_CK_DH_DSS_WITH_AES_128_SHA256 = $0300003E;
+  TLS1_CK_DH_RSA_WITH_AES_128_SHA256 = $0300003F;
+  TLS1_CK_DHE_DSS_WITH_AES_128_SHA256 = $03000040;
+
+  (* Camellia ciphersuites from RFC4132 *)
+  TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA = $03000041;
+  TLS1_CK_DH_DSS_WITH_CAMELLIA_128_CBC_SHA = $03000042;
+  TLS1_CK_DH_RSA_WITH_CAMELLIA_128_CBC_SHA = $03000043;
+  TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA = $03000044;
+  TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA = $03000045;
+  TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA = $03000046;
+
+  (* TLS v1.2 ciphersuites *)
+  TLS1_CK_DHE_RSA_WITH_AES_128_SHA256 = $03000067;
+  TLS1_CK_DH_DSS_WITH_AES_256_SHA256 = $03000068;
+  TLS1_CK_DH_RSA_WITH_AES_256_SHA256 = $03000069;
+  TLS1_CK_DHE_DSS_WITH_AES_256_SHA256 = $0300006A;
+  TLS1_CK_DHE_RSA_WITH_AES_256_SHA256 = $0300006B;
+  TLS1_CK_ADH_WITH_AES_128_SHA256 = $0300006C;
+  TLS1_CK_ADH_WITH_AES_256_SHA256 = $0300006D;
+
+  (* Camellia ciphersuites from RFC4132 *)
+  TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA = $03000084;
+  TLS1_CK_DH_DSS_WITH_CAMELLIA_256_CBC_SHA = $03000085;
+  TLS1_CK_DH_RSA_WITH_CAMELLIA_256_CBC_SHA = $03000086;
+  TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA = $03000087;
+  TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA = $03000088;
+  TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA = $03000089;
+
+  (* SEED ciphersuites from RFC4162 *)
+  TLS1_CK_RSA_WITH_SEED_SHA = $03000096;
+  TLS1_CK_DH_DSS_WITH_SEED_SHA = $03000097;
+  TLS1_CK_DH_RSA_WITH_SEED_SHA = $03000098;
+  TLS1_CK_DHE_DSS_WITH_SEED_SHA = $03000099;
+  TLS1_CK_DHE_RSA_WITH_SEED_SHA = $0300009A;
+  TLS1_CK_ADH_WITH_SEED_SHA = $0300009B;
+
+  (* TLS v1.2 GCM ciphersuites from RFC5288 *)
+  TLS1_CK_RSA_WITH_AES_128_GCM_SHA256 = $0300009C;
+  TLS1_CK_RSA_WITH_AES_256_GCM_SHA384 = $0300009D;
+  TLS1_CK_DHE_RSA_WITH_AES_128_GCM_SHA256 = $0300009E;
+  TLS1_CK_DHE_RSA_WITH_AES_256_GCM_SHA384 = $0300009F;
+  TLS1_CK_DH_RSA_WITH_AES_128_GCM_SHA256 = $030000A0;
+  TLS1_CK_DH_RSA_WITH_AES_256_GCM_SHA384 = $030000A1;
+  TLS1_CK_DHE_DSS_WITH_AES_128_GCM_SHA256 = $030000A2;
+  TLS1_CK_DHE_DSS_WITH_AES_256_GCM_SHA384 = $030000A3;
+  TLS1_CK_DH_DSS_WITH_AES_128_GCM_SHA256 = $030000A4;
+  TLS1_CK_DH_DSS_WITH_AES_256_GCM_SHA384 = $030000A5;
+  TLS1_CK_ADH_WITH_AES_128_GCM_SHA256 = $030000A6;
+  TLS1_CK_ADH_WITH_AES_256_GCM_SHA384 = $030000A7;
+
+  (* CCM ciphersuites from RFC6655 *)
+  TLS1_CK_RSA_WITH_AES_128_CCM = $0300C09C;
+  TLS1_CK_RSA_WITH_AES_256_CCM = $0300C09D;
+  TLS1_CK_DHE_RSA_WITH_AES_128_CCM = $0300C09E;
+  TLS1_CK_DHE_RSA_WITH_AES_256_CCM = $0300C09F;
+  TLS1_CK_RSA_WITH_AES_128_CCM_8 = $0300C0A0;
+  TLS1_CK_RSA_WITH_AES_256_CCM_8 = $0300C0A1;
+  TLS1_CK_DHE_RSA_WITH_AES_128_CCM_8 = $0300C0A2;
+  TLS1_CK_DHE_RSA_WITH_AES_256_CCM_8 = $0300C0A3;
+  TLS1_CK_PSK_WITH_AES_128_CCM = $0300C0A4;
+  TLS1_CK_PSK_WITH_AES_256_CCM = $0300C0A5;
+  TLS1_CK_DHE_PSK_WITH_AES_128_CCM = $0300C0A6;
+  TLS1_CK_DHE_PSK_WITH_AES_256_CCM = $0300C0A7;
+  TLS1_CK_PSK_WITH_AES_128_CCM_8 = $0300C0A8;
+  TLS1_CK_PSK_WITH_AES_256_CCM_8 = $0300C0A9;
+  TLS1_CK_DHE_PSK_WITH_AES_128_CCM_8 = $0300C0AA;
+  TLS1_CK_DHE_PSK_WITH_AES_256_CCM_8 = $0300C0AB;
+
+  (* CCM ciphersuites from RFC7251 *)
+  TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CCM = $0300C0AC;
+  TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CCM = $0300C0AD;
+  TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CCM_8 = $0300C0AE;
+  TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CCM_8 = $0300C0AF;
+
+  (* TLS 1.2 Camellia SHA-256 ciphersuites from RFC5932 *)
+  TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA256 = $030000BA;
+  TLS1_CK_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256 = $030000BB;
+  TLS1_CK_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256 = $030000BC;
+  TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256 = $030000BD;
+  TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 = $030000BE;
+  TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA256 = $030000BF;
+
+  TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA256 = $030000C0;
+  TLS1_CK_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256 = $030000C1;
+  TLS1_CK_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256 = $030000C2;
+  TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256 = $030000C3;
+  TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 = $030000C4;
+  TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA256 = $030000C5;
+
+  (* ECC ciphersuites from RFC4492 *)
+  TLS1_CK_ECDH_ECDSA_WITH_NULL_SHA = $0300C001;
+  TLS1_CK_ECDH_ECDSA_WITH_RC4_128_SHA = $0300C002;
+  TLS1_CK_ECDH_ECDSA_WITH_DES_192_CBC3_SHA = $0300C003;
+  TLS1_CK_ECDH_ECDSA_WITH_AES_128_CBC_SHA = $0300C004;
+  TLS1_CK_ECDH_ECDSA_WITH_AES_256_CBC_SHA = $0300C005;
+
+  TLS1_CK_ECDHE_ECDSA_WITH_NULL_SHA = $0300C006;
+  TLS1_CK_ECDHE_ECDSA_WITH_RC4_128_SHA = $0300C007;
+  TLS1_CK_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA = $0300C008;
+  TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CBC_SHA = $0300C009;
+  TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA = $0300C00A;
+
+  TLS1_CK_ECDH_RSA_WITH_NULL_SHA = $0300C00B;
+  TLS1_CK_ECDH_RSA_WITH_RC4_128_SHA = $0300C00C;
+  TLS1_CK_ECDH_RSA_WITH_DES_192_CBC3_SHA = $0300C00D;
+  TLS1_CK_ECDH_RSA_WITH_AES_128_CBC_SHA = $0300C00E;
+  TLS1_CK_ECDH_RSA_WITH_AES_256_CBC_SHA = $0300C00F;
+
+  TLS1_CK_ECDHE_RSA_WITH_NULL_SHA = $0300C010;
+  TLS1_CK_ECDHE_RSA_WITH_RC4_128_SHA = $0300C011;
+  TLS1_CK_ECDHE_RSA_WITH_DES_192_CBC3_SHA = $0300C012;
+  TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA = $0300C013;
+  TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA = $0300C014;
+
+  TLS1_CK_ECDH_anon_WITH_NULL_SHA = $0300C015;
+  TLS1_CK_ECDH_anon_WITH_RC4_128_SHA = $0300C016;
+  TLS1_CK_ECDH_anon_WITH_DES_192_CBC3_SHA = $0300C017;
+  TLS1_CK_ECDH_anon_WITH_AES_128_CBC_SHA = $0300C018;
+  TLS1_CK_ECDH_anon_WITH_AES_256_CBC_SHA = $0300C019;
+
+  (* SRP ciphersuites from RFC 5054 *)
+  TLS1_CK_SRP_SHA_WITH_3DES_EDE_CBC_SHA = $0300C01A;
+  TLS1_CK_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA = $0300C01B;
+  TLS1_CK_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA = $0300C01C;
+  TLS1_CK_SRP_SHA_WITH_AES_128_CBC_SHA = $0300C01D;
+  TLS1_CK_SRP_SHA_RSA_WITH_AES_128_CBC_SHA = $0300C01E;
+  TLS1_CK_SRP_SHA_DSS_WITH_AES_128_CBC_SHA = $0300C01F;
+  TLS1_CK_SRP_SHA_WITH_AES_256_CBC_SHA = $0300C020;
+  TLS1_CK_SRP_SHA_RSA_WITH_AES_256_CBC_SHA = $0300C021;
+  TLS1_CK_SRP_SHA_DSS_WITH_AES_256_CBC_SHA = $0300C022;
+
+  (* ECDH HMAC based ciphersuites from RFC5289 *)
+  TLS1_CK_ECDHE_ECDSA_WITH_AES_128_SHA256 = $0300C023;
+  TLS1_CK_ECDHE_ECDSA_WITH_AES_256_SHA384 = $0300C024;
+  TLS1_CK_ECDH_ECDSA_WITH_AES_128_SHA256 = $0300C025;
+  TLS1_CK_ECDH_ECDSA_WITH_AES_256_SHA384 = $0300C026;
+  TLS1_CK_ECDHE_RSA_WITH_AES_128_SHA256 = $0300C027;
+  TLS1_CK_ECDHE_RSA_WITH_AES_256_SHA384 = $0300C028;
+  TLS1_CK_ECDH_RSA_WITH_AES_128_SHA256 = $0300C029;
+  TLS1_CK_ECDH_RSA_WITH_AES_256_SHA384 = $0300C02A;
+
+  (* ECDH GCM based ciphersuites from RFC5289 *)
+  TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 = $0300C02B;
+  TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 = $0300C02C;
+  TLS1_CK_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 = $0300C02D;
+  TLS1_CK_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 = $0300C02E;
+  TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256 = $0300C02F;
+  TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384 = $0300C030;
+  TLS1_CK_ECDH_RSA_WITH_AES_128_GCM_SHA256 = $0300C031;
+  TLS1_CK_ECDH_RSA_WITH_AES_256_GCM_SHA384 = $0300C032;
+
+  (* ECDHE PSK ciphersuites from RFC5489 *)
+  TLS1_CK_ECDHE_PSK_WITH_RC4_128_SHA = $0300C033;
+  TLS1_CK_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA = $0300C034;
+  TLS1_CK_ECDHE_PSK_WITH_AES_128_CBC_SHA = $0300C035;
+  TLS1_CK_ECDHE_PSK_WITH_AES_256_CBC_SHA = $0300C036;
+  TLS1_CK_ECDHE_PSK_WITH_AES_128_CBC_SHA256 = $0300C037;
+  TLS1_CK_ECDHE_PSK_WITH_AES_256_CBC_SHA384 = $0300C038;
+  TLS1_CK_ECDHE_PSK_WITH_NULL_SHA = $0300C039;
+
+  TLS1_CK_ECDHE_PSK_WITH_NULL_SHA256 = $0300C03A;
+  TLS1_CK_ECDHE_PSK_WITH_NULL_SHA384 = $0300C03B;
+
+  (* Camellia-CBC ciphersuites from RFC6367 *)
+  TLS1_CK_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 = $0300C072;
+  TLS1_CK_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 = $0300C073;
+  TLS1_CK_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 = $0300C074;
+  TLS1_CK_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 = $0300C075;
+  TLS1_CK_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 = $0300C076;
+  TLS1_CK_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 = $0300C077;
+  TLS1_CK_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 = $0300C078;
+  TLS1_CK_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 = $0300C079;
+
+  TLS1_CK_PSK_WITH_CAMELLIA_128_CBC_SHA256 = $0300C094;
+  TLS1_CK_PSK_WITH_CAMELLIA_256_CBC_SHA384 = $0300C095;
+  TLS1_CK_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 = $0300C096;
+  TLS1_CK_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 = $0300C097;
+  TLS1_CK_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 = $0300C098;
+  TLS1_CK_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 = $0300C099;
+  TLS1_CK_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 = $0300C09A;
+  TLS1_CK_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 = $0300C09B;
+
+  (* draft-ietf-tls-chacha20-poly1305-03 *)
+  TLS1_CK_ECDHE_RSA_WITH_CHACHA20_POLY1305 = $0300CCA8;
+  TLS1_CK_ECDHE_ECDSA_WITH_CHACHA20_POLY1305 = $0300CCA9;
+  TLS1_CK_DHE_RSA_WITH_CHACHA20_POLY1305 = $0300CCAA;
+  TLS1_CK_PSK_WITH_CHACHA20_POLY1305 = $0300CCAB;
+  TLS1_CK_ECDHE_PSK_WITH_CHACHA20_POLY1305 = $0300CCAC;
+  TLS1_CK_DHE_PSK_WITH_CHACHA20_POLY1305 = $0300CCAD;
+  TLS1_CK_RSA_PSK_WITH_CHACHA20_POLY1305 = $0300CCAE;
+
+  (* TLS v1.3 ciphersuites *)
+  TLS1_3_CK_AES_128_GCM_SHA256 = $03001301;
+  TLS1_3_CK_AES_256_GCM_SHA384 = $03001302;
+  TLS1_3_CK_CHACHA20_POLY1305_SHA256 = $03001303;
+  TLS1_3_CK_AES_128_CCM_SHA256 = $03001304;
+  TLS1_3_CK_AES_128_CCM_8_SHA256 = $03001305;
+
+  (* Aria ciphersuites from RFC6209 *)
+  TLS1_CK_RSA_WITH_ARIA_128_GCM_SHA256 = $0300C050;
+  TLS1_CK_RSA_WITH_ARIA_256_GCM_SHA384 = $0300C051;
+  TLS1_CK_DHE_RSA_WITH_ARIA_128_GCM_SHA256 = $0300C052;
+  TLS1_CK_DHE_RSA_WITH_ARIA_256_GCM_SHA384 = $0300C053;
+  TLS1_CK_DH_RSA_WITH_ARIA_128_GCM_SHA256 = $0300C054;
+  TLS1_CK_DH_RSA_WITH_ARIA_256_GCM_SHA384 = $0300C055;
+  TLS1_CK_DHE_DSS_WITH_ARIA_128_GCM_SHA256 = $0300C056;
+  TLS1_CK_DHE_DSS_WITH_ARIA_256_GCM_SHA384 = $0300C057;
+  TLS1_CK_DH_DSS_WITH_ARIA_128_GCM_SHA256 = $0300C058;
+  TLS1_CK_DH_DSS_WITH_ARIA_256_GCM_SHA384 = $0300C059;
+  TLS1_CK_DH_anon_WITH_ARIA_128_GCM_SHA256 = $0300C05A;
+  TLS1_CK_DH_anon_WITH_ARIA_256_GCM_SHA384 = $0300C05B;
+  TLS1_CK_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256 = $0300C05C;
+  TLS1_CK_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384 = $0300C05D;
+  TLS1_CK_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256 = $0300C05E;
+  TLS1_CK_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384 = $0300C05F;
+  TLS1_CK_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 = $0300C060;
+  TLS1_CK_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 = $0300C061;
+  TLS1_CK_ECDH_RSA_WITH_ARIA_128_GCM_SHA256 = $0300C062;
+  TLS1_CK_ECDH_RSA_WITH_ARIA_256_GCM_SHA384 = $0300C063;
+  TLS1_CK_PSK_WITH_ARIA_128_GCM_SHA256 = $0300C06A;
+  TLS1_CK_PSK_WITH_ARIA_256_GCM_SHA384 = $0300C06B;
+  TLS1_CK_DHE_PSK_WITH_ARIA_128_GCM_SHA256 = $0300C06C;
+  TLS1_CK_DHE_PSK_WITH_ARIA_256_GCM_SHA384 = $0300C06D;
+  TLS1_CK_RSA_PSK_WITH_ARIA_128_GCM_SHA256 = $0300C06E;
+  TLS1_CK_RSA_PSK_WITH_ARIA_256_GCM_SHA384 = $0300C06F;
+
+  (* a bundle of RFC standard cipher names, generated from ssl3_ciphers[] *)
+  TLS1_RFC_RSA_WITH_AES_128_SHA = 'TLS_RSA_WITH_AES_128_CBC_SHA';
+  TLS1_RFC_DHE_DSS_WITH_AES_128_SHA = 'TLS_DHE_DSS_WITH_AES_128_CBC_SHA';
+  TLS1_RFC_DHE_RSA_WITH_AES_128_SHA = 'TLS_DHE_RSA_WITH_AES_128_CBC_SHA';
+  TLS1_RFC_ADH_WITH_AES_128_SHA = 'TLS_DH_anon_WITH_AES_128_CBC_SHA';
+  TLS1_RFC_RSA_WITH_AES_256_SHA = 'TLS_RSA_WITH_AES_256_CBC_SHA';
+  TLS1_RFC_DHE_DSS_WITH_AES_256_SHA = 'TLS_DHE_DSS_WITH_AES_256_CBC_SHA';
+  TLS1_RFC_DHE_RSA_WITH_AES_256_SHA = 'TLS_DHE_RSA_WITH_AES_256_CBC_SHA';
+  TLS1_RFC_ADH_WITH_AES_256_SHA = 'TLS_DH_anon_WITH_AES_256_CBC_SHA';
+  TLS1_RFC_RSA_WITH_NULL_SHA256 = 'TLS_RSA_WITH_NULL_SHA256';
+  TLS1_RFC_RSA_WITH_AES_128_SHA256 = 'TLS_RSA_WITH_AES_128_CBC_SHA256';
+  TLS1_RFC_RSA_WITH_AES_256_SHA256 = 'TLS_RSA_WITH_AES_256_CBC_SHA256';
+  TLS1_RFC_DHE_DSS_WITH_AES_128_SHA256 = 'TLS_DHE_DSS_WITH_AES_128_CBC_SHA256';
+  TLS1_RFC_DHE_RSA_WITH_AES_128_SHA256 = 'TLS_DHE_RSA_WITH_AES_128_CBC_SHA256';
+  TLS1_RFC_DHE_DSS_WITH_AES_256_SHA256 = 'TLS_DHE_DSS_WITH_AES_256_CBC_SHA256';
+  TLS1_RFC_DHE_RSA_WITH_AES_256_SHA256 = 'TLS_DHE_RSA_WITH_AES_256_CBC_SHA256';
+  TLS1_RFC_ADH_WITH_AES_128_SHA256 = 'TLS_DH_anon_WITH_AES_128_CBC_SHA256';
+  TLS1_RFC_ADH_WITH_AES_256_SHA256 = 'TLS_DH_anon_WITH_AES_256_CBC_SHA256';
+  TLS1_RFC_RSA_WITH_AES_128_GCM_SHA256 = 'TLS_RSA_WITH_AES_128_GCM_SHA256';
+  TLS1_RFC_RSA_WITH_AES_256_GCM_SHA384 = 'TLS_RSA_WITH_AES_256_GCM_SHA384';
+  TLS1_RFC_DHE_RSA_WITH_AES_128_GCM_SHA256 = 'TLS_DHE_RSA_WITH_AES_128_GCM_SHA256';
+  TLS1_RFC_DHE_RSA_WITH_AES_256_GCM_SHA384 = 'TLS_DHE_RSA_WITH_AES_256_GCM_SHA384';
+  TLS1_RFC_DHE_DSS_WITH_AES_128_GCM_SHA256 = 'TLS_DHE_DSS_WITH_AES_128_GCM_SHA256';
+  TLS1_RFC_DHE_DSS_WITH_AES_256_GCM_SHA384 = 'TLS_DHE_DSS_WITH_AES_256_GCM_SHA384';
+  TLS1_RFC_ADH_WITH_AES_128_GCM_SHA256 = 'TLS_DH_anon_WITH_AES_128_GCM_SHA256';
+  TLS1_RFC_ADH_WITH_AES_256_GCM_SHA384 = 'TLS_DH_anon_WITH_AES_256_GCM_SHA384';
+  TLS1_RFC_RSA_WITH_AES_128_CCM = 'TLS_RSA_WITH_AES_128_CCM';
+  TLS1_RFC_RSA_WITH_AES_256_CCM = 'TLS_RSA_WITH_AES_256_CCM';
+  TLS1_RFC_DHE_RSA_WITH_AES_128_CCM = 'TLS_DHE_RSA_WITH_AES_128_CCM';
+  TLS1_RFC_DHE_RSA_WITH_AES_256_CCM = 'TLS_DHE_RSA_WITH_AES_256_CCM';
+  TLS1_RFC_RSA_WITH_AES_128_CCM_8 = 'TLS_RSA_WITH_AES_128_CCM_8';
+  TLS1_RFC_RSA_WITH_AES_256_CCM_8 = 'TLS_RSA_WITH_AES_256_CCM_8';
+  TLS1_RFC_DHE_RSA_WITH_AES_128_CCM_8 = 'TLS_DHE_RSA_WITH_AES_128_CCM_8';
+  TLS1_RFC_DHE_RSA_WITH_AES_256_CCM_8 = 'TLS_DHE_RSA_WITH_AES_256_CCM_8';
+  TLS1_RFC_PSK_WITH_AES_128_CCM = 'TLS_PSK_WITH_AES_128_CCM';
+  TLS1_RFC_PSK_WITH_AES_256_CCM = 'TLS_PSK_WITH_AES_256_CCM';
+  TLS1_RFC_DHE_PSK_WITH_AES_128_CCM = 'TLS_DHE_PSK_WITH_AES_128_CCM';
+  TLS1_RFC_DHE_PSK_WITH_AES_256_CCM = 'TLS_DHE_PSK_WITH_AES_256_CCM';
+  TLS1_RFC_PSK_WITH_AES_128_CCM_8 = 'TLS_PSK_WITH_AES_128_CCM_8';
+  TLS1_RFC_PSK_WITH_AES_256_CCM_8 = 'TLS_PSK_WITH_AES_256_CCM_8';
+  TLS1_RFC_DHE_PSK_WITH_AES_128_CCM_8 = 'TLS_PSK_DHE_WITH_AES_128_CCM_8';
+  TLS1_RFC_DHE_PSK_WITH_AES_256_CCM_8 = 'TLS_PSK_DHE_WITH_AES_256_CCM_8';
+  TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_CCM = 'TLS_ECDHE_ECDSA_WITH_AES_128_CCM';
+  TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_CCM = 'TLS_ECDHE_ECDSA_WITH_AES_256_CCM';
+  TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_CCM_8 = 'TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8';
+  TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_CCM_8 = 'TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8';
+  TLS1_3_RFC_AES_128_GCM_SHA256 = 'TLS_AES_128_GCM_SHA256';
+  TLS1_3_RFC_AES_256_GCM_SHA384 = 'TLS_AES_256_GCM_SHA384';
+  TLS1_3_RFC_CHACHA20_POLY1305_SHA256 = 'TLS_CHACHA20_POLY1305_SHA256';
+  TLS1_3_RFC_AES_128_CCM_SHA256 = 'TLS_AES_128_CCM_SHA256';
+  TLS1_3_RFC_AES_128_CCM_8_SHA256 = 'TLS_AES_128_CCM_8_SHA256';
+  TLS1_RFC_ECDHE_ECDSA_WITH_NULL_SHA = 'TLS_ECDHE_ECDSA_WITH_NULL_SHA';
+  TLS1_RFC_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA = 'TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA';
+  TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_CBC_SHA = 'TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA';
+  TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_CBC_SHA = 'TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA';
+  TLS1_RFC_ECDHE_RSA_WITH_NULL_SHA = 'TLS_ECDHE_RSA_WITH_NULL_SHA';
+  TLS1_RFC_ECDHE_RSA_WITH_DES_192_CBC3_SHA = 'TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA';
+  TLS1_RFC_ECDHE_RSA_WITH_AES_128_CBC_SHA = 'TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA';
+  TLS1_RFC_ECDHE_RSA_WITH_AES_256_CBC_SHA = 'TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA';
+  TLS1_RFC_ECDH_anon_WITH_NULL_SHA = 'TLS_ECDH_anon_WITH_NULL_SHA';
+  TLS1_RFC_ECDH_anon_WITH_DES_192_CBC3_SHA = 'TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA';
+  TLS1_RFC_ECDH_anon_WITH_AES_128_CBC_SHA = 'TLS_ECDH_anon_WITH_AES_128_CBC_SHA';
+  TLS1_RFC_ECDH_anon_WITH_AES_256_CBC_SHA = 'TLS_ECDH_anon_WITH_AES_256_CBC_SHA';
+  TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_SHA256 = 'TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256';
+  TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_SHA384 = 'TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384';
+  TLS1_RFC_ECDHE_RSA_WITH_AES_128_SHA256 = 'TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256';
+  TLS1_RFC_ECDHE_RSA_WITH_AES_256_SHA384 = 'TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384';
+  TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 = 'TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256';
+  TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 = 'TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384';
+  TLS1_RFC_ECDHE_RSA_WITH_AES_128_GCM_SHA256 = 'TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256';
+  TLS1_RFC_ECDHE_RSA_WITH_AES_256_GCM_SHA384 = 'TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384';
+  TLS1_RFC_PSK_WITH_NULL_SHA = 'TLS_PSK_WITH_NULL_SHA';
+  TLS1_RFC_DHE_PSK_WITH_NULL_SHA = 'TLS_DHE_PSK_WITH_NULL_SHA';
+  TLS1_RFC_RSA_PSK_WITH_NULL_SHA = 'TLS_RSA_PSK_WITH_NULL_SHA';
+  TLS1_RFC_PSK_WITH_3DES_EDE_CBC_SHA = 'TLS_PSK_WITH_3DES_EDE_CBC_SHA';
+  TLS1_RFC_PSK_WITH_AES_128_CBC_SHA = 'TLS_PSK_WITH_AES_128_CBC_SHA';
+  TLS1_RFC_PSK_WITH_AES_256_CBC_SHA = 'TLS_PSK_WITH_AES_256_CBC_SHA';
+  TLS1_RFC_DHE_PSK_WITH_3DES_EDE_CBC_SHA = 'TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA';
+  TLS1_RFC_DHE_PSK_WITH_AES_128_CBC_SHA = 'TLS_DHE_PSK_WITH_AES_128_CBC_SHA';
+  TLS1_RFC_DHE_PSK_WITH_AES_256_CBC_SHA = 'TLS_DHE_PSK_WITH_AES_256_CBC_SHA';
+  TLS1_RFC_RSA_PSK_WITH_3DES_EDE_CBC_SHA = 'TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA';
+  TLS1_RFC_RSA_PSK_WITH_AES_128_CBC_SHA = 'TLS_RSA_PSK_WITH_AES_128_CBC_SHA';
+  TLS1_RFC_RSA_PSK_WITH_AES_256_CBC_SHA = 'TLS_RSA_PSK_WITH_AES_256_CBC_SHA';
+  TLS1_RFC_PSK_WITH_AES_128_GCM_SHA256 = 'TLS_PSK_WITH_AES_128_GCM_SHA256';
+  TLS1_RFC_PSK_WITH_AES_256_GCM_SHA384 = 'TLS_PSK_WITH_AES_256_GCM_SHA384';
+  TLS1_RFC_DHE_PSK_WITH_AES_128_GCM_SHA256 = 'TLS_DHE_PSK_WITH_AES_128_GCM_SHA256';
+  TLS1_RFC_DHE_PSK_WITH_AES_256_GCM_SHA384 = 'TLS_DHE_PSK_WITH_AES_256_GCM_SHA384';
+  TLS1_RFC_RSA_PSK_WITH_AES_128_GCM_SHA256 = 'TLS_RSA_PSK_WITH_AES_128_GCM_SHA256';
+  TLS1_RFC_RSA_PSK_WITH_AES_256_GCM_SHA384 = 'TLS_RSA_PSK_WITH_AES_256_GCM_SHA384';
+  TLS1_RFC_PSK_WITH_AES_128_CBC_SHA256 = 'TLS_PSK_WITH_AES_128_CBC_SHA256';
+  TLS1_RFC_PSK_WITH_AES_256_CBC_SHA384 = 'TLS_PSK_WITH_AES_256_CBC_SHA384';
+  TLS1_RFC_PSK_WITH_NULL_SHA256 = 'TLS_PSK_WITH_NULL_SHA256';
+  TLS1_RFC_PSK_WITH_NULL_SHA384 = 'TLS_PSK_WITH_NULL_SHA384';
+  TLS1_RFC_DHE_PSK_WITH_AES_128_CBC_SHA256 = 'TLS_DHE_PSK_WITH_AES_128_CBC_SHA256';
+  TLS1_RFC_DHE_PSK_WITH_AES_256_CBC_SHA384 = 'TLS_DHE_PSK_WITH_AES_256_CBC_SHA384';
+  TLS1_RFC_DHE_PSK_WITH_NULL_SHA256 = 'TLS_DHE_PSK_WITH_NULL_SHA256';
+  TLS1_RFC_DHE_PSK_WITH_NULL_SHA384 = 'TLS_DHE_PSK_WITH_NULL_SHA384';
+  TLS1_RFC_RSA_PSK_WITH_AES_128_CBC_SHA256 = 'TLS_RSA_PSK_WITH_AES_128_CBC_SHA256';
+  TLS1_RFC_RSA_PSK_WITH_AES_256_CBC_SHA384 = 'TLS_RSA_PSK_WITH_AES_256_CBC_SHA384';
+  TLS1_RFC_RSA_PSK_WITH_NULL_SHA256 = 'TLS_RSA_PSK_WITH_NULL_SHA256';
+  TLS1_RFC_RSA_PSK_WITH_NULL_SHA384 = 'TLS_RSA_PSK_WITH_NULL_SHA384';
+  TLS1_RFC_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA = 'TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA';
+  TLS1_RFC_ECDHE_PSK_WITH_AES_128_CBC_SHA = 'TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA';
+  TLS1_RFC_ECDHE_PSK_WITH_AES_256_CBC_SHA = 'TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA';
+  TLS1_RFC_ECDHE_PSK_WITH_AES_128_CBC_SHA256 = 'TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256';
+  TLS1_RFC_ECDHE_PSK_WITH_AES_256_CBC_SHA384 = 'TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384';
+  TLS1_RFC_ECDHE_PSK_WITH_NULL_SHA = 'TLS_ECDHE_PSK_WITH_NULL_SHA';
+  TLS1_RFC_ECDHE_PSK_WITH_NULL_SHA256 = 'TLS_ECDHE_PSK_WITH_NULL_SHA256';
+  TLS1_RFC_ECDHE_PSK_WITH_NULL_SHA384 = 'TLS_ECDHE_PSK_WITH_NULL_SHA384';
+  TLS1_RFC_SRP_SHA_WITH_3DES_EDE_CBC_SHA = 'TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA';
+  TLS1_RFC_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA = 'TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA';
+  TLS1_RFC_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA = 'TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA';
+  TLS1_RFC_SRP_SHA_WITH_AES_128_CBC_SHA = 'TLS_SRP_SHA_WITH_AES_128_CBC_SHA';
+  TLS1_RFC_SRP_SHA_RSA_WITH_AES_128_CBC_SHA = 'TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA';
+  TLS1_RFC_SRP_SHA_DSS_WITH_AES_128_CBC_SHA = 'TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA';
+  TLS1_RFC_SRP_SHA_WITH_AES_256_CBC_SHA = 'TLS_SRP_SHA_WITH_AES_256_CBC_SHA';
+  TLS1_RFC_SRP_SHA_RSA_WITH_AES_256_CBC_SHA = 'TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA';
+  TLS1_RFC_SRP_SHA_DSS_WITH_AES_256_CBC_SHA = 'TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA';
+  TLS1_RFC_DHE_RSA_WITH_CHACHA20_POLY1305 = 'TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256';
+  TLS1_RFC_ECDHE_RSA_WITH_CHACHA20_POLY1305 = 'TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256';
+  TLS1_RFC_ECDHE_ECDSA_WITH_CHACHA20_POLY1305 = 'TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256';
+  TLS1_RFC_PSK_WITH_CHACHA20_POLY1305 = 'TLS_PSK_WITH_CHACHA20_POLY1305_SHA256';
+  TLS1_RFC_ECDHE_PSK_WITH_CHACHA20_POLY1305 = 'TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256';
+  TLS1_RFC_DHE_PSK_WITH_CHACHA20_POLY1305 = 'TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256';
+  TLS1_RFC_RSA_PSK_WITH_CHACHA20_POLY1305 = 'TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256';
+  TLS1_RFC_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 'TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256';
+  TLS1_RFC_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256 = 'TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256';
+  TLS1_RFC_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 'TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256';
+  TLS1_RFC_ADH_WITH_CAMELLIA_128_CBC_SHA256 = 'TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256';
+  TLS1_RFC_RSA_WITH_CAMELLIA_256_CBC_SHA256 = 'TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256';
+  TLS1_RFC_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256 = 'TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256';
+  TLS1_RFC_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 = 'TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256';
+  TLS1_RFC_ADH_WITH_CAMELLIA_256_CBC_SHA256 = 'TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256';
+  TLS1_RFC_RSA_WITH_CAMELLIA_256_CBC_SHA = 'TLS_RSA_WITH_CAMELLIA_256_CBC_SHA';
+  TLS1_RFC_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA = 'TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA';
+  TLS1_RFC_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA = 'TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA';
+  TLS1_RFC_ADH_WITH_CAMELLIA_256_CBC_SHA = 'TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA';
+  TLS1_RFC_RSA_WITH_CAMELLIA_128_CBC_SHA = 'TLS_RSA_WITH_CAMELLIA_128_CBC_SHA';
+  TLS1_RFC_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA = 'TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA';
+  TLS1_RFC_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA = 'TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA';
+  TLS1_RFC_ADH_WITH_CAMELLIA_128_CBC_SHA = 'TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA';
+  TLS1_RFC_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 = 'TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256';
+  TLS1_RFC_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 = 'TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384';
+  TLS1_RFC_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 'TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256';
+  TLS1_RFC_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 = 'TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384';
+  TLS1_RFC_PSK_WITH_CAMELLIA_128_CBC_SHA256 = 'TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256';
+  TLS1_RFC_PSK_WITH_CAMELLIA_256_CBC_SHA384 = 'TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384';
+  TLS1_RFC_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 = 'TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256';
+  TLS1_RFC_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 = 'TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384';
+  TLS1_RFC_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 = 'TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256';
+  TLS1_RFC_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 = 'TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384';
+  TLS1_RFC_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 = 'TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256';
+  TLS1_RFC_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 = 'TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384';
+  TLS1_RFC_RSA_WITH_SEED_SHA = 'TLS_RSA_WITH_SEED_CBC_SHA';
+  TLS1_RFC_DHE_DSS_WITH_SEED_SHA = 'TLS_DHE_DSS_WITH_SEED_CBC_SHA';
+  TLS1_RFC_DHE_RSA_WITH_SEED_SHA = 'TLS_DHE_RSA_WITH_SEED_CBC_SHA';
+  TLS1_RFC_ADH_WITH_SEED_SHA = 'TLS_DH_anon_WITH_SEED_CBC_SHA';
+  TLS1_RFC_ECDHE_PSK_WITH_RC4_128_SHA = 'TLS_ECDHE_PSK_WITH_RC4_128_SHA';
+  TLS1_RFC_ECDH_anon_WITH_RC4_128_SHA = 'TLS_ECDH_anon_WITH_RC4_128_SHA';
+  TLS1_RFC_ECDHE_ECDSA_WITH_RC4_128_SHA = 'TLS_ECDHE_ECDSA_WITH_RC4_128_SHA';
+  TLS1_RFC_ECDHE_RSA_WITH_RC4_128_SHA = 'TLS_ECDHE_RSA_WITH_RC4_128_SHA';
+  TLS1_RFC_PSK_WITH_RC4_128_SHA = 'TLS_PSK_WITH_RC4_128_SHA';
+  TLS1_RFC_RSA_PSK_WITH_RC4_128_SHA = 'TLS_RSA_PSK_WITH_RC4_128_SHA';
+  TLS1_RFC_DHE_PSK_WITH_RC4_128_SHA = 'TLS_DHE_PSK_WITH_RC4_128_SHA';
+  TLS1_RFC_RSA_WITH_ARIA_128_GCM_SHA256 = 'TLS_RSA_WITH_ARIA_128_GCM_SHA256';
+  TLS1_RFC_RSA_WITH_ARIA_256_GCM_SHA384 = 'TLS_RSA_WITH_ARIA_256_GCM_SHA384';
+  TLS1_RFC_DHE_RSA_WITH_ARIA_128_GCM_SHA256 = 'TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256';
+  TLS1_RFC_DHE_RSA_WITH_ARIA_256_GCM_SHA384 = 'TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384';
+  TLS1_RFC_DH_RSA_WITH_ARIA_128_GCM_SHA256 = 'TLS_DH_RSA_WITH_ARIA_128_GCM_SHA256';
+  TLS1_RFC_DH_RSA_WITH_ARIA_256_GCM_SHA384 = 'TLS_DH_RSA_WITH_ARIA_256_GCM_SHA384';
+  TLS1_RFC_DHE_DSS_WITH_ARIA_128_GCM_SHA256 = 'TLS_DHE_DSS_WITH_ARIA_128_GCM_SHA256';
+  TLS1_RFC_DHE_DSS_WITH_ARIA_256_GCM_SHA384 = 'TLS_DHE_DSS_WITH_ARIA_256_GCM_SHA384';
+  TLS1_RFC_DH_DSS_WITH_ARIA_128_GCM_SHA256 = 'TLS_DH_DSS_WITH_ARIA_128_GCM_SHA256';
+  TLS1_RFC_DH_DSS_WITH_ARIA_256_GCM_SHA384 = 'TLS_DH_DSS_WITH_ARIA_256_GCM_SHA384';
+  TLS1_RFC_DH_anon_WITH_ARIA_128_GCM_SHA256 = 'TLS_DH_anon_WITH_ARIA_128_GCM_SHA256';
+  TLS1_RFC_DH_anon_WITH_ARIA_256_GCM_SHA384 = 'TLS_DH_anon_WITH_ARIA_256_GCM_SHA384';
+  TLS1_RFC_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256 = 'TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256';
+  TLS1_RFC_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384 = 'TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384';
+  TLS1_RFC_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256 = 'TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256';
+  TLS1_RFC_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384 = 'TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384';
+  TLS1_RFC_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 = 'TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256';
+  TLS1_RFC_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 = 'TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384';
+  TLS1_RFC_ECDH_RSA_WITH_ARIA_128_GCM_SHA256 = 'TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256';
+  TLS1_RFC_ECDH_RSA_WITH_ARIA_256_GCM_SHA384 = 'TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384';
+  TLS1_RFC_PSK_WITH_ARIA_128_GCM_SHA256 = 'TLS_PSK_WITH_ARIA_128_GCM_SHA256';
+  TLS1_RFC_PSK_WITH_ARIA_256_GCM_SHA384 = 'TLS_PSK_WITH_ARIA_256_GCM_SHA384';
+  TLS1_RFC_DHE_PSK_WITH_ARIA_128_GCM_SHA256 = 'TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256';
+  TLS1_RFC_DHE_PSK_WITH_ARIA_256_GCM_SHA384 = 'TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384';
+  TLS1_RFC_RSA_PSK_WITH_ARIA_128_GCM_SHA256 = 'TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256';
+  TLS1_RFC_RSA_PSK_WITH_ARIA_256_GCM_SHA384 = 'TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384';
+
+  (*
+   * XXX Backward compatibility alert: Older versions of OpenSSL gave some DHE
+   * ciphers names with "EDH" instead of "DHE".  Going forward, we should be
+   * using DHE everywhere, though we may indefinitely maTIdC_INTain aliases for
+   * users or configurations that used "EDH"
+   *)
+  TLS1_TXT_DHE_DSS_WITH_RC4_128_SHA = 'DHE-DSS-RC4-SHA';
+
+  TLS1_TXT_PSK_WITH_NULL_SHA = 'PSK-NULL-SHA';
+  TLS1_TXT_DHE_PSK_WITH_NULL_SHA = 'DHE-PSK-NULL-SHA';
+  TLS1_TXT_RSA_PSK_WITH_NULL_SHA = 'RSA-PSK-NULL-SHA';
+
+  (* AES ciphersuites from RFC3268 *)
+  TLS1_TXT_RSA_WITH_AES_128_SHA = 'AES128-SHA';
+  TLS1_TXT_DH_DSS_WITH_AES_128_SHA = 'DH-DSS-AES128-SHA';
+  TLS1_TXT_DH_RSA_WITH_AES_128_SHA = 'DH-RSA-AES128-SHA';
+  TLS1_TXT_DHE_DSS_WITH_AES_128_SHA = 'DHE-DSS-AES128-SHA';
+  TLS1_TXT_DHE_RSA_WITH_AES_128_SHA = 'DHE-RSA-AES128-SHA';
+  TLS1_TXT_ADH_WITH_AES_128_SHA = 'ADH-AES128-SHA';
+
+  TLS1_TXT_RSA_WITH_AES_256_SHA = 'AES256-SHA';
+  TLS1_TXT_DH_DSS_WITH_AES_256_SHA = 'DH-DSS-AES256-SHA';
+  TLS1_TXT_DH_RSA_WITH_AES_256_SHA = 'DH-RSA-AES256-SHA';
+  TLS1_TXT_DHE_DSS_WITH_AES_256_SHA = 'DHE-DSS-AES256-SHA';
+  TLS1_TXT_DHE_RSA_WITH_AES_256_SHA = 'DHE-RSA-AES256-SHA';
+  TLS1_TXT_ADH_WITH_AES_256_SHA = 'ADH-AES256-SHA';
+
+  (* ECC ciphersuites from RFC4492 *)
+  TLS1_TXT_ECDH_ECDSA_WITH_NULL_SHA = 'ECDH-ECDSA-NULL-SHA';
+  TLS1_TXT_ECDH_ECDSA_WITH_RC4_128_SHA = 'ECDH-ECDSA-RC4-SHA';
+  TLS1_TXT_ECDH_ECDSA_WITH_DES_192_CBC3_SHA = 'ECDH-ECDSA-DES-CBC3-SHA';
+  TLS1_TXT_ECDH_ECDSA_WITH_AES_128_CBC_SHA = 'ECDH-ECDSA-AES128-SHA';
+  TLS1_TXT_ECDH_ECDSA_WITH_AES_256_CBC_SHA = 'ECDH-ECDSA-AES256-SHA';
+
+  TLS1_TXT_ECDHE_ECDSA_WITH_NULL_SHA = 'ECDHE-ECDSA-NULL-SHA';
+  TLS1_TXT_ECDHE_ECDSA_WITH_RC4_128_SHA = 'ECDHE-ECDSA-RC4-SHA';
+  TLS1_TXT_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA = 'ECDHE-ECDSA-DES-CBC3-SHA';
+  TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CBC_SHA = 'ECDHE-ECDSA-AES128-SHA';
+  TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CBC_SHA = 'ECDHE-ECDSA-AES256-SHA';
+
+  TLS1_TXT_ECDH_RSA_WITH_NULL_SHA = 'ECDH-RSA-NULL-SHA';
+  TLS1_TXT_ECDH_RSA_WITH_RC4_128_SHA = 'ECDH-RSA-RC4-SHA';
+  TLS1_TXT_ECDH_RSA_WITH_DES_192_CBC3_SHA = 'ECDH-RSA-DES-CBC3-SHA';
+  TLS1_TXT_ECDH_RSA_WITH_AES_128_CBC_SHA = 'ECDH-RSA-AES128-SHA';
+  TLS1_TXT_ECDH_RSA_WITH_AES_256_CBC_SHA = 'ECDH-RSA-AES256-SHA';
+
+  TLS1_TXT_ECDHE_RSA_WITH_NULL_SHA = 'ECDHE-RSA-NULL-SHA';
+  TLS1_TXT_ECDHE_RSA_WITH_RC4_128_SHA = 'ECDHE-RSA-RC4-SHA';
+  TLS1_TXT_ECDHE_RSA_WITH_DES_192_CBC3_SHA = 'ECDHE-RSA-DES-CBC3-SHA';
+  TLS1_TXT_ECDHE_RSA_WITH_AES_128_CBC_SHA = 'ECDHE-RSA-AES128-SHA';
+  TLS1_TXT_ECDHE_RSA_WITH_AES_256_CBC_SHA = 'ECDHE-RSA-AES256-SHA';
+
+  TLS1_TXT_ECDH_anon_WITH_NULL_SHA = 'AECDH-NULL-SHA';
+  TLS1_TXT_ECDH_anon_WITH_RC4_128_SHA = 'AECDH-RC4-SHA';
+  TLS1_TXT_ECDH_anon_WITH_DES_192_CBC3_SHA = 'AECDH-DES-CBC3-SHA';
+  TLS1_TXT_ECDH_anon_WITH_AES_128_CBC_SHA = 'AECDH-AES128-SHA';
+  TLS1_TXT_ECDH_anon_WITH_AES_256_CBC_SHA = 'AECDH-AES256-SHA';
+
+  (* PSK ciphersuites from RFC 4279 *)
+  TLS1_TXT_PSK_WITH_RC4_128_SHA = 'PSK-RC4-SHA';
+  TLS1_TXT_PSK_WITH_3DES_EDE_CBC_SHA = 'PSK-3DES-EDE-CBC-SHA';
+  TLS1_TXT_PSK_WITH_AES_128_CBC_SHA = 'PSK-AES128-CBC-SHA';
+  TLS1_TXT_PSK_WITH_AES_256_CBC_SHA = 'PSK-AES256-CBC-SHA';
+
+  TLS1_TXT_DHE_PSK_WITH_RC4_128_SHA = 'DHE-PSK-RC4-SHA';
+  TLS1_TXT_DHE_PSK_WITH_3DES_EDE_CBC_SHA = 'DHE-PSK-3DES-EDE-CBC-SHA';
+  TLS1_TXT_DHE_PSK_WITH_AES_128_CBC_SHA = 'DHE-PSK-AES128-CBC-SHA';
+  TLS1_TXT_DHE_PSK_WITH_AES_256_CBC_SHA = 'DHE-PSK-AES256-CBC-SHA';
+  TLS1_TXT_RSA_PSK_WITH_RC4_128_SHA = 'RSA-PSK-RC4-SHA';
+  TLS1_TXT_RSA_PSK_WITH_3DES_EDE_CBC_SHA = 'RSA-PSK-3DES-EDE-CBC-SHA';
+  TLS1_TXT_RSA_PSK_WITH_AES_128_CBC_SHA = 'RSA-PSK-AES128-CBC-SHA';
+  TLS1_TXT_RSA_PSK_WITH_AES_256_CBC_SHA = 'RSA-PSK-AES256-CBC-SHA';
+
+  (* PSK ciphersuites from RFC 5487 *)
+  TLS1_TXT_PSK_WITH_AES_128_GCM_SHA256 = 'PSK-AES128-GCM-SHA256';
+  TLS1_TXT_PSK_WITH_AES_256_GCM_SHA384 = 'PSK-AES256-GCM-SHA384';
+  TLS1_TXT_DHE_PSK_WITH_AES_128_GCM_SHA256 = 'DHE-PSK-AES128-GCM-SHA256';
+  TLS1_TXT_DHE_PSK_WITH_AES_256_GCM_SHA384 = 'DHE-PSK-AES256-GCM-SHA384';
+  TLS1_TXT_RSA_PSK_WITH_AES_128_GCM_SHA256 = 'RSA-PSK-AES128-GCM-SHA256';
+  TLS1_TXT_RSA_PSK_WITH_AES_256_GCM_SHA384 = 'RSA-PSK-AES256-GCM-SHA384';
+
+  TLS1_TXT_PSK_WITH_AES_128_CBC_SHA256 = 'PSK-AES128-CBC-SHA256';
+  TLS1_TXT_PSK_WITH_AES_256_CBC_SHA384 = 'PSK-AES256-CBC-SHA384';
+  TLS1_TXT_PSK_WITH_NULL_SHA256 = 'PSK-NULL-SHA256';
+  TLS1_TXT_PSK_WITH_NULL_SHA384 = 'PSK-NULL-SHA384';
+
+  TLS1_TXT_DHE_PSK_WITH_AES_128_CBC_SHA256 = 'DHE-PSK-AES128-CBC-SHA256';
+  TLS1_TXT_DHE_PSK_WITH_AES_256_CBC_SHA384 = 'DHE-PSK-AES256-CBC-SHA384';
+  TLS1_TXT_DHE_PSK_WITH_NULL_SHA256 = 'DHE-PSK-NULL-SHA256';
+  TLS1_TXT_DHE_PSK_WITH_NULL_SHA384 = 'DHE-PSK-NULL-SHA384';
+
+  TLS1_TXT_RSA_PSK_WITH_AES_128_CBC_SHA256 = 'RSA-PSK-AES128-CBC-SHA256';
+  TLS1_TXT_RSA_PSK_WITH_AES_256_CBC_SHA384 = 'RSA-PSK-AES256-CBC-SHA384';
+  TLS1_TXT_RSA_PSK_WITH_NULL_SHA256 = 'RSA-PSK-NULL-SHA256';
+  TLS1_TXT_RSA_PSK_WITH_NULL_SHA384 = 'RSA-PSK-NULL-SHA384';
+
+  (* SRP ciphersuite from RFC 5054 *)
+  TLS1_TXT_SRP_SHA_WITH_3DES_EDE_CBC_SHA = 'SRP-3DES-EDE-CBC-SHA';
+  TLS1_TXT_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA = 'SRP-RSA-3DES-EDE-CBC-SHA';
+  TLS1_TXT_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA = 'SRP-DSS-3DES-EDE-CBC-SHA';
+  TLS1_TXT_SRP_SHA_WITH_AES_128_CBC_SHA = 'SRP-AES-128-CBC-SHA';
+  TLS1_TXT_SRP_SHA_RSA_WITH_AES_128_CBC_SHA = 'SRP-RSA-AES-128-CBC-SHA';
+  TLS1_TXT_SRP_SHA_DSS_WITH_AES_128_CBC_SHA = 'SRP-DSS-AES-128-CBC-SHA';
+  TLS1_TXT_SRP_SHA_WITH_AES_256_CBC_SHA = 'SRP-AES-256-CBC-SHA';
+  TLS1_TXT_SRP_SHA_RSA_WITH_AES_256_CBC_SHA = 'SRP-RSA-AES-256-CBC-SHA';
+  TLS1_TXT_SRP_SHA_DSS_WITH_AES_256_CBC_SHA = 'SRP-DSS-AES-256-CBC-SHA';
+
+  (* Camellia ciphersuites from RFC4132 *)
+  TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA = 'CAMELLIA128-SHA';
+  TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA = 'DH-DSS-CAMELLIA128-SHA';
+  TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA = 'DH-RSA-CAMELLIA128-SHA';
+  TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA = 'DHE-DSS-CAMELLIA128-SHA';
+  TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA = 'DHE-RSA-CAMELLIA128-SHA';
+  TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA = 'ADH-CAMELLIA128-SHA';
+
+  TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA = 'CAMELLIA256-SHA';
+  TLS1_TXT_DH_DSS_WITH_CAMELLIA_256_CBC_SHA = 'DH-DSS-CAMELLIA256-SHA';
+  TLS1_TXT_DH_RSA_WITH_CAMELLIA_256_CBC_SHA = 'DH-RSA-CAMELLIA256-SHA';
+  TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA = 'DHE-DSS-CAMELLIA256-SHA';
+  TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA = 'DHE-RSA-CAMELLIA256-SHA';
+  TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA = 'ADH-CAMELLIA256-SHA';
+
+  (* TLS 1.2 Camellia SHA-256 ciphersuites from RFC5932 *)
+  TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 'CAMELLIA128-SHA256';
+  TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256 = 'DH-DSS-CAMELLIA128-SHA256';
+  TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 'DH-RSA-CAMELLIA128-SHA256';
+  TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256 = 'DHE-DSS-CAMELLIA128-SHA256';
+  TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 'DHE-RSA-CAMELLIA128-SHA256';
+  TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA256 = 'ADH-CAMELLIA128-SHA256';
+
+  TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA256 = 'CAMELLIA256-SHA256';
+  TLS1_TXT_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256 = 'DH-DSS-CAMELLIA256-SHA256';
+  TLS1_TXT_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256 = 'DH-RSA-CAMELLIA256-SHA256';
+  TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256 = 'DHE-DSS-CAMELLIA256-SHA256';
+  TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 = 'DHE-RSA-CAMELLIA256-SHA256';
+  TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA256 = 'ADH-CAMELLIA256-SHA256';
+
+  TLS1_TXT_PSK_WITH_CAMELLIA_128_CBC_SHA256 = 'PSK-CAMELLIA128-SHA256';
+  TLS1_TXT_PSK_WITH_CAMELLIA_256_CBC_SHA384 = 'PSK-CAMELLIA256-SHA384';
+  TLS1_TXT_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 = 'DHE-PSK-CAMELLIA128-SHA256';
+  TLS1_TXT_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 = 'DHE-PSK-CAMELLIA256-SHA384';
+  TLS1_TXT_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 = 'RSA-PSK-CAMELLIA128-SHA256';
+  TLS1_TXT_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 = 'RSA-PSK-CAMELLIA256-SHA384';
+  TLS1_TXT_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 = 'ECDHE-PSK-CAMELLIA128-SHA256';
+  TLS1_TXT_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 = 'ECDHE-PSK-CAMELLIA256-SHA384';
+
+  (* SEED ciphersuites from RFC4162 *)
+  TLS1_TXT_RSA_WITH_SEED_SHA = 'SEED-SHA';
+  TLS1_TXT_DH_DSS_WITH_SEED_SHA = 'DH-DSS-SEED-SHA';
+  TLS1_TXT_DH_RSA_WITH_SEED_SHA = 'DH-RSA-SEED-SHA';
+  TLS1_TXT_DHE_DSS_WITH_SEED_SHA = 'DHE-DSS-SEED-SHA';
+  TLS1_TXT_DHE_RSA_WITH_SEED_SHA = 'DHE-RSA-SEED-SHA';
+  TLS1_TXT_ADH_WITH_SEED_SHA = 'ADH-SEED-SHA';
+
+  (* TLS v1.2 ciphersuites *)
+  TLS1_TXT_RSA_WITH_NULL_SHA256 = 'NULL-SHA256';
+  TLS1_TXT_RSA_WITH_AES_128_SHA256 = 'AES128-SHA256';
+  TLS1_TXT_RSA_WITH_AES_256_SHA256 = 'AES256-SHA256';
+  TLS1_TXT_DH_DSS_WITH_AES_128_SHA256 = 'DH-DSS-AES128-SHA256';
+  TLS1_TXT_DH_RSA_WITH_AES_128_SHA256 = 'DH-RSA-AES128-SHA256';
+  TLS1_TXT_DHE_DSS_WITH_AES_128_SHA256 = 'DHE-DSS-AES128-SHA256';
+  TLS1_TXT_DHE_RSA_WITH_AES_128_SHA256 = 'DHE-RSA-AES128-SHA256';
+  TLS1_TXT_DH_DSS_WITH_AES_256_SHA256 = 'DH-DSS-AES256-SHA256';
+  TLS1_TXT_DH_RSA_WITH_AES_256_SHA256 = 'DH-RSA-AES256-SHA256';
+  TLS1_TXT_DHE_DSS_WITH_AES_256_SHA256 = 'DHE-DSS-AES256-SHA256';
+  TLS1_TXT_DHE_RSA_WITH_AES_256_SHA256 = 'DHE-RSA-AES256-SHA256';
+  TLS1_TXT_ADH_WITH_AES_128_SHA256 = 'ADH-AES128-SHA256';
+  TLS1_TXT_ADH_WITH_AES_256_SHA256 = 'ADH-AES256-SHA256';
+
+  (* TLS v1.2 GCM ciphersuites from RFC5288 *)
+  TLS1_TXT_RSA_WITH_AES_128_GCM_SHA256 = 'AES128-GCM-SHA256';
+  TLS1_TXT_RSA_WITH_AES_256_GCM_SHA384 = 'AES256-GCM-SHA384';
+  TLS1_TXT_DHE_RSA_WITH_AES_128_GCM_SHA256 = 'DHE-RSA-AES128-GCM-SHA256';
+  TLS1_TXT_DHE_RSA_WITH_AES_256_GCM_SHA384 = 'DHE-RSA-AES256-GCM-SHA384';
+  TLS1_TXT_DH_RSA_WITH_AES_128_GCM_SHA256 = 'DH-RSA-AES128-GCM-SHA256';
+  TLS1_TXT_DH_RSA_WITH_AES_256_GCM_SHA384 = 'DH-RSA-AES256-GCM-SHA384';
+  TLS1_TXT_DHE_DSS_WITH_AES_128_GCM_SHA256 = 'DHE-DSS-AES128-GCM-SHA256';
+  TLS1_TXT_DHE_DSS_WITH_AES_256_GCM_SHA384 = 'DHE-DSS-AES256-GCM-SHA384';
+  TLS1_TXT_DH_DSS_WITH_AES_128_GCM_SHA256 = 'DH-DSS-AES128-GCM-SHA256';
+  TLS1_TXT_DH_DSS_WITH_AES_256_GCM_SHA384 = 'DH-DSS-AES256-GCM-SHA384';
+  TLS1_TXT_ADH_WITH_AES_128_GCM_SHA256 = 'ADH-AES128-GCM-SHA256';
+  TLS1_TXT_ADH_WITH_AES_256_GCM_SHA384 = 'ADH-AES256-GCM-SHA384';
+
+  (* CCM ciphersuites from RFC6655 *)
+  TLS1_TXT_RSA_WITH_AES_128_CCM = 'AES128-CCM';
+  TLS1_TXT_RSA_WITH_AES_256_CCM = 'AES256-CCM';
+  TLS1_TXT_DHE_RSA_WITH_AES_128_CCM = 'DHE-RSA-AES128-CCM';
+  TLS1_TXT_DHE_RSA_WITH_AES_256_CCM = 'DHE-RSA-AES256-CCM';
+
+  TLS1_TXT_RSA_WITH_AES_128_CCM_8 = 'AES128-CCM8';
+  TLS1_TXT_RSA_WITH_AES_256_CCM_8 = 'AES256-CCM8';
+  TLS1_TXT_DHE_RSA_WITH_AES_128_CCM_8 = 'DHE-RSA-AES128-CCM8';
+  TLS1_TXT_DHE_RSA_WITH_AES_256_CCM_8 = 'DHE-RSA-AES256-CCM8';
+
+  TLS1_TXT_PSK_WITH_AES_128_CCM = 'PSK-AES128-CCM';
+  TLS1_TXT_PSK_WITH_AES_256_CCM = 'PSK-AES256-CCM';
+  TLS1_TXT_DHE_PSK_WITH_AES_128_CCM = 'DHE-PSK-AES128-CCM';
+  TLS1_TXT_DHE_PSK_WITH_AES_256_CCM = 'DHE-PSK-AES256-CCM';
+
+  TLS1_TXT_PSK_WITH_AES_128_CCM_8 = 'PSK-AES128-CCM8';
+  TLS1_TXT_PSK_WITH_AES_256_CCM_8 = 'PSK-AES256-CCM8';
+  TLS1_TXT_DHE_PSK_WITH_AES_128_CCM_8 = 'DHE-PSK-AES128-CCM8';
+  TLS1_TXT_DHE_PSK_WITH_AES_256_CCM_8 = 'DHE-PSK-AES256-CCM8';
+
+  (* CCM ciphersuites from RFC7251 *)
+  TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CCM = 'ECDHE-ECDSA-AES128-CCM';
+  TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CCM = 'ECDHE-ECDSA-AES256-CCM';
+  TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CCM_8 = 'ECDHE-ECDSA-AES128-CCM8';
+  TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CCM_8 = 'ECDHE-ECDSA-AES256-CCM8';
+
+  (* ECDH HMAC based ciphersuites from RFC5289 *)
+  TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_SHA256 = 'ECDHE-ECDSA-AES128-SHA256';
+  TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_SHA384 = 'ECDHE-ECDSA-AES256-SHA384';
+  TLS1_TXT_ECDH_ECDSA_WITH_AES_128_SHA256 = 'ECDH-ECDSA-AES128-SHA256';
+  TLS1_TXT_ECDH_ECDSA_WITH_AES_256_SHA384 = 'ECDH-ECDSA-AES256-SHA384';
+  TLS1_TXT_ECDHE_RSA_WITH_AES_128_SHA256 = 'ECDHE-RSA-AES128-SHA256';
+  TLS1_TXT_ECDHE_RSA_WITH_AES_256_SHA384 = 'ECDHE-RSA-AES256-SHA384';
+  TLS1_TXT_ECDH_RSA_WITH_AES_128_SHA256 = 'ECDH-RSA-AES128-SHA256';
+  TLS1_TXT_ECDH_RSA_WITH_AES_256_SHA384 = 'ECDH-RSA-AES256-SHA384';
+
+  (* ECDH GCM based ciphersuites from RFC5289 *)
+  TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 = 'ECDHE-ECDSA-AES128-GCM-SHA256';
+  TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 = 'ECDHE-ECDSA-AES256-GCM-SHA384';
+  TLS1_TXT_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 = 'ECDH-ECDSA-AES128-GCM-SHA256';
+  TLS1_TXT_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 = 'ECDH-ECDSA-AES256-GCM-SHA384';
+  TLS1_TXT_ECDHE_RSA_WITH_AES_128_GCM_SHA256 = 'ECDHE-RSA-AES128-GCM-SHA256';
+  TLS1_TXT_ECDHE_RSA_WITH_AES_256_GCM_SHA384 = 'ECDHE-RSA-AES256-GCM-SHA384';
+  TLS1_TXT_ECDH_RSA_WITH_AES_128_GCM_SHA256 = 'ECDH-RSA-AES128-GCM-SHA256';
+  TLS1_TXT_ECDH_RSA_WITH_AES_256_GCM_SHA384 = 'ECDH-RSA-AES256-GCM-SHA384';
+
+  (* TLS v1.2 PSK GCM ciphersuites from RFC5487 *)
+  //TLS1_TXT_PSK_WITH_AES_128_GCM_SHA256 = 'PSK-AES128-GCM-SHA256';
+  //TLS1_TXT_PSK_WITH_AES_256_GCM_SHA384 = 'PSK-AES256-GCM-SHA384';
+
+  (* ECDHE PSK ciphersuites from RFC 5489 *)
+  TLS1_TXT_ECDHE_PSK_WITH_RC4_128_SHA = 'ECDHE-PSK-RC4-SHA';
+  TLS1_TXT_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA = 'ECDHE-PSK-3DES-EDE-CBC-SHA';
+  TLS1_TXT_ECDHE_PSK_WITH_AES_128_CBC_SHA = 'ECDHE-PSK-AES128-CBC-SHA';
+  TLS1_TXT_ECDHE_PSK_WITH_AES_256_CBC_SHA = 'ECDHE-PSK-AES256-CBC-SHA';
+
+  TLS1_TXT_ECDHE_PSK_WITH_AES_128_CBC_SHA256 = 'ECDHE-PSK-AES128-CBC-SHA256';
+  TLS1_TXT_ECDHE_PSK_WITH_AES_256_CBC_SHA384 = 'ECDHE-PSK-AES256-CBC-SHA384';
+
+  TLS1_TXT_ECDHE_PSK_WITH_NULL_SHA = 'ECDHE-PSK-NULL-SHA';
+  TLS1_TXT_ECDHE_PSK_WITH_NULL_SHA256 = 'ECDHE-PSK-NULL-SHA256';
+  TLS1_TXT_ECDHE_PSK_WITH_NULL_SHA384 = 'ECDHE-PSK-NULL-SHA384';
+
+  (* Camellia-CBC ciphersuites from RFC6367 *)
+  TLS1_TXT_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 = 'ECDHE-ECDSA-CAMELLIA128-SHA256';
+  TLS1_TXT_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 = 'ECDHE-ECDSA-CAMELLIA256-SHA384';
+  TLS1_TXT_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 = 'ECDH-ECDSA-CAMELLIA128-SHA256';
+  TLS1_TXT_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 = 'ECDH-ECDSA-CAMELLIA256-SHA384';
+  TLS1_TXT_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 'ECDHE-RSA-CAMELLIA128-SHA256';
+  TLS1_TXT_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 = 'ECDHE-RSA-CAMELLIA256-SHA384';
+  TLS1_TXT_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 'ECDH-RSA-CAMELLIA128-SHA256';
+  TLS1_TXT_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 = 'ECDH-RSA-CAMELLIA256-SHA384';
+
+  (* draft-ietf-tls-chacha20-poly1305-03 *)
+  TLS1_TXT_ECDHE_RSA_WITH_CHACHA20_POLY1305 = 'ECDHE-RSA-CHACHA20-POLY1305';
+  TLS1_TXT_ECDHE_ECDSA_WITH_CHACHA20_POLY1305 = 'ECDHE-ECDSA-CHACHA20-POLY1305';
+  TLS1_TXT_DHE_RSA_WITH_CHACHA20_POLY1305 = 'DHE-RSA-CHACHA20-POLY1305';
+  TLS1_TXT_PSK_WITH_CHACHA20_POLY1305 = 'PSK-CHACHA20-POLY1305';
+  TLS1_TXT_ECDHE_PSK_WITH_CHACHA20_POLY1305 = 'ECDHE-PSK-CHACHA20-POLY1305';
+  TLS1_TXT_DHE_PSK_WITH_CHACHA20_POLY1305 = 'DHE-PSK-CHACHA20-POLY1305';
+  TLS1_TXT_RSA_PSK_WITH_CHACHA20_POLY1305 = 'RSA-PSK-CHACHA20-POLY1305';
+
+  (* Aria ciphersuites from RFC6209 *)
+  TLS1_TXT_RSA_WITH_ARIA_128_GCM_SHA256 = 'ARIA128-GCM-SHA256';
+  TLS1_TXT_RSA_WITH_ARIA_256_GCM_SHA384 = 'ARIA256-GCM-SHA384';
+  TLS1_TXT_DHE_RSA_WITH_ARIA_128_GCM_SHA256 = 'DHE-RSA-ARIA128-GCM-SHA256';
+  TLS1_TXT_DHE_RSA_WITH_ARIA_256_GCM_SHA384 = 'DHE-RSA-ARIA256-GCM-SHA384';
+  TLS1_TXT_DH_RSA_WITH_ARIA_128_GCM_SHA256 = 'DH-RSA-ARIA128-GCM-SHA256';
+  TLS1_TXT_DH_RSA_WITH_ARIA_256_GCM_SHA384 = 'DH-RSA-ARIA256-GCM-SHA384';
+  TLS1_TXT_DHE_DSS_WITH_ARIA_128_GCM_SHA256 = 'DHE-DSS-ARIA128-GCM-SHA256';
+  TLS1_TXT_DHE_DSS_WITH_ARIA_256_GCM_SHA384 = 'DHE-DSS-ARIA256-GCM-SHA384';
+  TLS1_TXT_DH_DSS_WITH_ARIA_128_GCM_SHA256 = 'DH-DSS-ARIA128-GCM-SHA256';
+  TLS1_TXT_DH_DSS_WITH_ARIA_256_GCM_SHA384 = 'DH-DSS-ARIA256-GCM-SHA384';
+  TLS1_TXT_DH_anon_WITH_ARIA_128_GCM_SHA256 = 'ADH-ARIA128-GCM-SHA256';
+  TLS1_TXT_DH_anon_WITH_ARIA_256_GCM_SHA384 = 'ADH-ARIA256-GCM-SHA384';
+  TLS1_TXT_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256 = 'ECDHE-ECDSA-ARIA128-GCM-SHA256';
+  TLS1_TXT_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384 = 'ECDHE-ECDSA-ARIA256-GCM-SHA384';
+  TLS1_TXT_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256 = 'ECDH-ECDSA-ARIA128-GCM-SHA256';
+  TLS1_TXT_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384 = 'ECDH-ECDSA-ARIA256-GCM-SHA384';
+  TLS1_TXT_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 = 'ECDHE-ARIA128-GCM-SHA256';
+  TLS1_TXT_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 = 'ECDHE-ARIA256-GCM-SHA384';
+  TLS1_TXT_ECDH_RSA_WITH_ARIA_128_GCM_SHA256 = 'ECDH-ARIA128-GCM-SHA256';
+  TLS1_TXT_ECDH_RSA_WITH_ARIA_256_GCM_SHA384 = 'ECDH-ARIA256-GCM-SHA384';
+  TLS1_TXT_PSK_WITH_ARIA_128_GCM_SHA256 = 'PSK-ARIA128-GCM-SHA256';
+  TLS1_TXT_PSK_WITH_ARIA_256_GCM_SHA384 = 'PSK-ARIA256-GCM-SHA384';
+  TLS1_TXT_DHE_PSK_WITH_ARIA_128_GCM_SHA256 = 'DHE-PSK-ARIA128-GCM-SHA256';
+  TLS1_TXT_DHE_PSK_WITH_ARIA_256_GCM_SHA384 = 'DHE-PSK-ARIA256-GCM-SHA384';
+  TLS1_TXT_RSA_PSK_WITH_ARIA_128_GCM_SHA256 = 'RSA-PSK-ARIA128-GCM-SHA256';
+  TLS1_TXT_RSA_PSK_WITH_ARIA_256_GCM_SHA384 = 'RSA-PSK-ARIA256-GCM-SHA384';
+
+  TLS_CT_RSA_SIGN = 1;
+  TLS_CT_DSS_SIGN = 2;
+  TLS_CT_RSA_FIXED_DH = 3;
+  TLS_CT_DSS_FIXED_DH = 4;
+  TLS_CT_ECDSA_SIGN = 64;
+  TLS_CT_RSA_FIXED_ECDH = 65;
+  TLS_CT_ECDSA_FIXED_ECDH = 66;
+  TLS_CT_GOST01_SIGN = 22;
+  TLS_CT_GOST12_SIGN = 238;
+  TLS_CT_GOST12_512_SIGN = 239;
+
+  (*
+   * when correcting this number, correct also SSL3_CT_NUMBER in ssl3.h (see
+   * comment there)
+   *)
+  TLS_CT_NUMBER = 10;
+
+  TLS1_FINISH_MAC_LENGTH = 12;
+
+  TLS_MD_MAX_CONST_SIZE = 22;
+  TLS_MD_CLIENT_FINISH_CONST  = 'client finished';
+  TLS_MD_CLIENT_FINISH_CONST_SIZE = 15;
+  TLS_MD_SERVER_FINISH_CONST  = 'server finished';
+  TLS_MD_SERVER_FINISH_CONST_SIZE = 15;
+  TLS_MD_KEY_EXPANSION_CONST  = 'key expansion';
+  TLS_MD_KEY_EXPANSION_CONST_SIZE = 13;
+  TLS_MD_CLIENT_WRITE_KEY_CONST  = 'client write key';
+  TLS_MD_CLIENT_WRITE_KEY_CONST_SIZE = 16;
+  TLS_MD_SERVER_WRITE_KEY_CONST  = 'server write key';
+  TLS_MD_SERVER_WRITE_KEY_CONST_SIZE = 16;
+  TLS_MD_IV_BLOCK_CONST  = 'IV block';
+  TLS_MD_IV_BLOCK_CONST_SIZE = 8;
+  TLS_MD_MASTER_SECRET_CONST  = 'master secret';
+  TLS_MD_MASTER_SECRET_CONST_SIZE = 13;
+  TLS_MD_EXTENDED_MASTER_SECRET_CONST  = 'extended master secret';
+  TLS_MD_EXTENDED_MASTER_SECRET_CONST_SIZE = 22;
+
+//  (*
+//   * client finished
+//   *)
+//  TLS_MD_CLIENT_FINISH_CONST  = '\x63\x6c\x69\x65\x6e\x74\x20\x66\x69\x6e\x69\x73\x68\x65\x64';
+//
+//  (*
+//   * server finished
+//   *)
+//  TLS_MD_SERVER_FINISH_CONST  = '\x73\x65\x72\x76\x65\x72\x20\x66\x69\x6e\x69\x73\x68\x65\x64';
+//
+//  (*
+//   * server write key
+//   *)
+//  TLS_MD_SERVER_WRITE_KEY_CONST  = '\x73\x65\x72\x76\x65\x72\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79';
+//
+//  (*
+//   * key expansion
+//   *)
+//  TLS_MD_KEY_EXPANSION_CONST  = '\x6b\x65\x79\x20\x65\x78\x70\x61\x6e\x73\x69\x6f\x6e';
+//
+//  (*
+//   * client write key
+//   *)
+//  TLS_MD_CLIENT_WRITE_KEY_CONST  = '\x63\x6c\x69\x65\x6e\x74\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79';
+//
+//  (*
+//   * server write key
+//   *)
+//  TLS_MD_SERVER_WRITE_KEY_CONST  = '\x73\x65\x72\x76\x65\x72\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79';
+//
+//  (*
+//   * IV block
+//   *)
+//  TLS_MD_IV_BLOCK_CONST  = '\x49\x56\x20\x62\x6c\x6f\x63\x6b';
+//
+//
+//  (*
+//   * master secret
+//   *)
+//  TLS_MD_MASTER_SECRET_CONST  = '\x6d\x61\x73\x74\x65\x72\x20\x73\x65\x63\x72\x65\x74';
+//
+//  (*
+//   * extended master secret
+//   *)
+//  TLS_MD_EXTENDED_MASTER_SECRET_CONST  = '\x65\x78\x74\x65\x6e\x64\x65\x64\x20\x6d\x61\x73\x74\x65\x72\x20\x73\x65\x63\x72\x65\x74';
+
+type
+  (* TLS Session Ticket extension struct *)
+  tls_session_ticket_ext_st = record
+    length: TIdC_USHORT;
+    data: Pointer;
+  end;
+
+{$REGION 'C compiler macros'}
+function SSL_set_tlsext_host_name(s: PSSL; const name: PIdAnsiChar): TIdC_LONG;
+{$ENDREGION}
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+procedure UnLoad;
+{$ENDREGION}
+
+var
+  SSL_CTX_set_tlsext_max_fragment_length: function(ctx: PSSL_CTx; mode: TIdC_UINT8): TIdC_INT cdecl = nil;
+  SSL_set_tlsext_max_fragment_length: function(ssl: PSSL; mode: TIdC_UINT8): TIdC_INT cdecl = nil;
+
+  SSL_get_servername: function(const s: PSSL; const &type: TIdC_INT): PIdAnsiChar cdecl = nil;
+  SSL_get_servername_type: function(const s: PSSL): TIdC_INT cdecl = nil;
+  (*
+   * SSL_export_keying_material exports a value derived from the master secret,
+   * as specified in RFC 5705. It writes |olen| bytes to |out| given a label and
+   * optional context. (Since a zero length context is allowed, the |use_context|
+   * flag controls whether a context is included.) It returns 1 on success and
+   * 0 or -1 otherwise.
+   *)
+  SSL_export_keying_material: function(s: PSSL; &out: PByte; olen: TIdC_SIZET; const &label: PIdAnsiChar; llen: TIdC_SIZET; const context: PByte; contextlen: TIdC_SIZET; use_context: TIdC_INT): TIdC_INT cdecl = nil;
+
+  (*
+   * SSL_export_keying_material_early exports a value derived from the
+   * early exporter master secret, as specified in
+   * https://tools.ietf.org/html/draft-ietf-tls-tls13-23. It writes
+   * |olen| bytes to |out| given a label and optional context. It
+   * returns 1 on success and 0 otherwise.
+   *)
+  SSL_export_keying_material_early: function(s: PSSL; &out: PByte; olen: TIdC_SIZET; const &label: PIdAnsiChar; llen: TIdC_SIZET; const context: PByte; contextlen: TIdC_SIZET): TIdC_INT cdecl = nil;
+
+  SSL_get_peer_signature_type_nid: function(const s: PSSl; pnid: PIdC_INT): TIdC_INT cdecl = nil;
+  SSL_get_signature_type_nid: function(const s: PSSl; pnid: PIdC_INT): TIdC_INT cdecl = nil;
+  SSL_get_sigalgs: function(s: PSSl; idx: TIdC_INT; psign: PIdC_INT; phash: PIdC_INT; psignandhash: PIdC_INT; rsig: PByte; rhash: PByte): TIdC_INT cdecl = nil;
+  SSL_get_shared_sigalgs: function(s: PSSl; idx: TIdC_INT; psign: PIdC_INT; phash: PIdC_INT; psignandhash: PIdC_INT; rsig: PByte; rhash: PByte): TIdC_INT cdecl = nil;
+
+  //__owur TIdC_INT SSL_check_chain(s: PSSL, X509 *x, EVP_PKEY *pk, STACK_OF(X509) *chain);
+
+  //# define SSL_set_tlsext_debug_callback(ssl, cb) \
+  //        SSL_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_DEBUG_CB,\
+  //                (void (*)(void))cb)
+
+  //# define SSL_set_tlsext_debug_arg(ssl, arg) \
+  //        SSL_ctrl(ssl,SSL_CTRL_SET_TLSEXT_DEBUG_ARG,0,arg)
+  //
+  //# define SSL_get_tlsext_status_type(ssl) \
+  //        SSL_ctrl(ssl,SSL_CTRL_GET_TLSEXT_STATUS_REQ_TYPE,0,NULL)
+  //
+  //# define SSL_set_tlsext_status_type(ssl, type) \
+  //        SSL_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE,type,NULL)
+  //
+  //# define SSL_get_tlsext_status_exts(ssl, arg) \
+  //        SSL_ctrl(ssl,SSL_CTRL_GET_TLSEXT_STATUS_REQ_EXTS,0,arg)
+  //
+  //# define SSL_set_tlsext_status_exts(ssl, arg) \
+  //        SSL_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_EXTS,0,arg)
+  //
+  //# define SSL_get_tlsext_status_ids(ssl, arg) \
+  //        SSL_ctrl(ssl,SSL_CTRL_GET_TLSEXT_STATUS_REQ_IDS,0,arg)
+  //
+  //# define SSL_set_tlsext_status_ids(ssl, arg) \
+  //        SSL_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_IDS,0,arg)
+  //
+  //# define SSL_get_tlsext_status_ocsp_resp(ssl, arg) \
+  //        SSL_ctrl(ssl,SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP,0,arg)
+  //
+  //# define SSL_set_tlsext_status_ocsp_resp(ssl, arg, arglen) \
+  //        SSL_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP,arglen,arg)
+  //
+  //# define SSL_CTX_set_tlsext_servername_callback(ctx, cb) \
+  //        SSL_CTX_callback_ctrl(ctx,SSL_CTRL_SET_TLSEXT_SERVERNAME_CB,\
+  //                (void (*)(void))cb)
+
+  //# define SSL_CTX_set_tlsext_servername_arg(ctx, arg) \
+  //        SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG,0,arg)
+  //
+  //# define SSL_CTX_get_tlsext_ticket_keys(ctx, keys, keylen) \
+  //        SSL_CTX_ctrl(ctx,SSL_CTRL_GET_TLSEXT_TICKET_KEYS,keylen,keys)
+  //# define SSL_CTX_set_tlsext_ticket_keys(ctx, keys, keylen) \
+  //        SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TLSEXT_TICKET_KEYS,keylen,keys)
+  //
+  //# define SSL_CTX_get_tlsext_status_cb(ssl, cb) \
+  //        SSL_CTX_ctrl(ssl,SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB,0,(void *)cb)
+  //# define SSL_CTX_set_tlsext_status_cb(ssl, cb) \
+  //        SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB,\
+  //                (void (*)(void))cb)
+
+  //# define SSL_CTX_get_tlsext_status_arg(ssl, arg) \
+  //        SSL_CTX_ctrl(ssl,SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB_ARG,0,arg)
+  //# define SSL_CTX_set_tlsext_status_arg(ssl, arg) \
+  //        SSL_CTX_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG,0,arg)
+  //
+  //# define SSL_CTX_set_tlsext_status_type(ssl, type) \
+  //        SSL_CTX_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE,type,NULL)
+  //
+  //# define SSL_CTX_get_tlsext_status_type(ssl) \
+  //        SSL_CTX_ctrl(ssl,SSL_CTRL_GET_TLSEXT_STATUS_REQ_TYPE,0,NULL)
+  //
+  //# define SSL_CTX_set_tlsext_ticket_key_cb(ssl, cb) \
+  //        SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,\
+  //                (void (*)(void))cb)
+
+implementation
+
+uses
+  IdOpenSSLHeaders_ssl;
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+
+  function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
+  begin
+    Result := LoadLibFunction(ADllHandle, AMethodName);
+    if not Assigned(Result) then
+      AFailed.Add(AMethodName);
+  end;
+
+begin
+  SSL_CTX_set_tlsext_max_fragment_length := LoadFunction('SSL_CTX_set_tlsext_max_fragment_length', AFailed);
+  SSL_set_tlsext_max_fragment_length := LoadFunction('SSL_set_tlsext_max_fragment_length', AFailed);
+  SSL_get_servername := LoadFunction('SSL_get_servername', AFailed);
+  SSL_get_servername_type := LoadFunction('SSL_get_servername_type', AFailed);
+  SSL_export_keying_material := LoadFunction('SSL_export_keying_material', AFailed);
+  SSL_export_keying_material_early := LoadFunction('SSL_export_keying_material_early', AFailed);
+  SSL_get_peer_signature_type_nid := LoadFunction('SSL_get_peer_signature_type_nid', AFailed);
+  SSL_get_signature_type_nid := LoadFunction('SSL_get_signature_type_nid', AFailed);
+  SSL_get_sigalgs := LoadFunction('SSL_get_sigalgs', AFailed);
+  SSL_get_shared_sigalgs := LoadFunction('SSL_get_shared_sigalgs', AFailed);
+end;
+
+procedure UnLoad;
+begin
+  SSL_CTX_set_tlsext_max_fragment_length := nil;
+  SSL_set_tlsext_max_fragment_length := nil;
+  SSL_get_servername := nil;
+  SSL_get_servername_type := nil;
+  SSL_export_keying_material := nil;
+  SSL_export_keying_material_early := nil;
+  SSL_get_peer_signature_type_nid := nil;
+  SSL_get_signature_type_nid := nil;
+  SSL_get_sigalgs := nil;
+  SSL_get_shared_sigalgs := nil;
+end;
+{$ENDREGION}
+
+
+{$REGION 'C compiler macros'}
+//# define SSL_set_tlsext_host_name(s,name)         SSL_ctrl(s,SSL_CTRL_SET_TLSEXT_HOSTNAME,TLSEXT_NAMETYPE_host_name, (void *)name)
+function SSL_set_tlsext_host_name(s: PSSL; const name: PIdAnsiChar): TIdC_LONG;
+begin
+  Result := SSL_ctrl(s, SSL_CTRL_SET_TLSEXT_HOSTNAME, TLSEXT_NAMETYPE_host_name, Pointer(name));
+end;
+{$ENDREGION}
+
+end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ts.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ts.pas
new file mode 100644
index 000000000..bfb1713ea
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ts.pas
@@ -0,0 +1,963 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 15:01:04
+
+unit IdOpenSSLHeaders_ts;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// ts.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  Classes,
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts,
+  IdOpenSSLHeaders_asn1,
+  IdOpenSSLHeaders_bio,
+  IdOpenSSLHeaders_ossl_typ,
+  IdOpenSSLHeaders_pkcs7,
+  IdOpenSSLHeaders_rsa,
+  IdOpenSSLHeaders_tserr,
+  IdOpenSSLHeaders_x509,
+  IdOpenSSLHeaders_x509v3;
+
+const
+  (* Possible values for status. *)
+  TS_STATUS_GRANTED = 0;
+  TS_STATUS_GRANTED_WITH_MODS = 1;
+  TS_STATUS_REJECTION = 2;
+  TS_STATUS_WAITING = 3;
+  TS_STATUS_REVOCATION_WARNING = 4;
+  TS_STATUS_REVOCATION_NOTIFICATION = 5;
+
+
+  (* Possible values for failure_info. *)
+  TS_INFO_BAD_ALG = 0;
+  TS_INFO_BAD_REQUEST = 2;
+  TS_INFO_BAD_DATA_FORMAT = 5;
+  TS_INFO_TIME_NOT_AVAILABLE = 14;
+  TS_INFO_UNACCEPTED_POLICY = 15;
+  TS_INFO_UNACCEPTED_EXTENSION = 16;
+  TS_INFO_ADD_INFO_NOT_AVAILABLE = 17;
+  TS_INFO_SYSTEM_FAILURE = 25;
+
+  (* Optional flags for response generation. *)
+
+  (* Don't include the TSA name in response. *)
+  TS_TSA_NAME = $01;
+
+  (* Set ordering to true in response. *)
+  TS_ORDERING = $02;
+
+  (*
+   * Include the signer certificate and the other specified certificates in
+   * the ESS signing certificate attribute beside the PKCS7 signed data.
+   * Only the signer certificates is included by default.
+   *)
+  TS_ESS_CERT_ID_CHAIN = $04;
+
+  (* At most we accept usec precision. *)
+  TS_MAX_CLOCK_PRECISION_DIGITS = 6;
+
+  (* Maximum status message length *)
+  TS_MAX_STATUS_LENGTH = 1024 * 1024;
+
+  (* Verify the signer's certificate and the signature of the response. *)
+  TS_VFY_SIGNATURE = TIdC_UINT(1) shl 0;
+  (* Verify the version number of the response. *)
+  TS_VFY_VERSION = TIdC_UINT(1) shl 1;
+  (* Verify if the policy supplied by the user matches the policy of the TSA. *)
+  TS_VFY_POLICY = TIdC_UINT(1) shl 2;
+  (*
+   * Verify the message imprint provided by the user. This flag should not be
+   * specified with TS_VFY_DATA.
+   *)
+  TS_VFY_IMPRINT = TIdC_UINT(1) shl 3;
+  (*
+   * Verify the message imprint computed by the verify method from the user
+   * provided data and the MD algorithm of the response. This flag should not
+   * be specified with TS_VFY_IMPRINT.
+   *)
+  TS_VFY_DATA = TIdC_UINT(1) shl 4;
+  (* Verify the nonce value. *)
+  TS_VFY_NONCE = TIdC_UINT(1) shl 5;
+  (* Verify if the TSA name field matches the signer certificate. *)
+  TS_VFY_SIGNER = TIdC_UINT(1) shl 6;
+  (* Verify if the TSA name field equals to the user provided name. *)
+  TS_VFY_TSA_NAME = TIdC_UINT(1) shl 7;
+
+  (* You can use the following convenience constants. *)
+  TS_VFY_ALL_IMPRINT = TS_VFY_SIGNATURE or TS_VFY_VERSION or TS_VFY_POLICY
+    or TS_VFY_IMPRINT or TS_VFY_NONCE or TS_VFY_SIGNER or TS_VFY_TSA_NAME;
+
+  TS_VFY_ALL_DATA = TS_VFY_SIGNATURE or TS_VFY_VERSION or TS_VFY_POLICY
+    or TS_VFY_DATA or TS_VFY_NONCE or TS_VFY_SIGNER or TS_VFY_TSA_NAME;
+
+type
+  TS_msg_imprint_st = type Pointer;
+  TS_req_st = type Pointer;
+  TS_accuracy_st = type Pointer;
+  TS_tst_info_st = type Pointer;
+
+  TS_MSG_IMPRINT = TS_msg_imprint_st;
+  PTS_MSG_IMPRINT = ^TS_MSG_IMPRINT;
+  PPTS_MSG_IMPRINT = ^PTS_MSG_IMPRINT;
+
+  TS_REQ = TS_req_st;
+  PTS_REQ = ^TS_REQ;
+  PPTS_REQ = ^PTS_REQ;
+
+  TS_ACCURACY = TS_accuracy_st;
+  PTS_ACCURACY = ^TS_ACCURACY;
+  PPTS_ACCURACY = ^PTS_ACCURACY;
+
+  TS_TST_INFO = TS_tst_info_st;
+  PTS_TST_INFO = ^TS_TST_INFO;
+  PPTS_TST_INFO = ^PTS_TST_INFO;
+
+  TS_status_info_st = type Pointer;
+  ESS_issuer_serial_st = type Pointer;
+  ESS_cert_id_st = type Pointer;
+  ESS_signing_cert_st = type Pointer;
+  ESS_cert_id_v2_st = type Pointer;
+  ESS_signing_cert_v2_st = type Pointer;
+
+  TS_STATUS_INFO = TS_status_info_st;
+  PTS_STATUS_INFO = ^TS_STATUS_INFO;
+  PPTS_STATUS_INFO = ^PTS_STATUS_INFO;
+
+  ESS_ISSUER_SERIAL = ESS_issuer_serial_st;
+  PESS_ISSUER_SERIAL = ^ESS_ISSUER_SERIAL;
+  PPESS_ISSUER_SERIAL = ^PESS_ISSUER_SERIAL;
+
+  ESS_CERT_ID = ESS_cert_id_st;
+  PESS_CERT_ID = ^ESS_CERT_ID;
+  PPESS_CERT_ID = ^PESS_CERT_ID;
+
+  ESS_SIGNING_CERT = ESS_signing_cert_st;
+  PESS_SIGNING_CERT = ^ESS_SIGNING_CERT;
+  PPESS_SIGNING_CERT = ^PESS_SIGNING_CERT;
+
+// DEFINE_STACK_OF(ESS_CERT_ID)
+
+  ESS_CERT_ID_V2 = ESS_cert_id_v2_st;
+  PESS_CERT_ID_V2 = ^ESS_CERT_ID_V2;
+  PPESS_CERT_ID_V2 = ^PESS_CERT_ID_V2;
+
+  ESS_SIGNING_CERT_V2 = ESS_signing_cert_v2_st;
+  PESS_SIGNING_CERT_V2 = ^ESS_SIGNING_CERT_V2;
+  PPESS_SIGNING_CERT_V2 = ^PESS_SIGNING_CERT_V2;
+
+// DEFINE_STACK_OF(ESS_CERT_ID_V2)
+  TS_resp_st = type Pointer;
+  TS_RESP = TS_resp_st;
+  PTS_RESP = ^TS_RESP;
+  PPTS_RESP = ^PTS_RESP;
+
+  (* Forward declaration. *)
+  TS_resp_ctx = type Pointer;
+  PTS_resp_ctx = ^TS_resp_ctx;
+  PPTS_resp_ctx = ^PTS_resp_ctx;
+
+  (* This must return a unique number less than 160 bits long. *)
+  TS_serial_cb = function({struct} v1: PTS_resp_ctx; v2: Pointer): PASN1_INTEGER;
+
+  (*
+   * This must return the seconds and microseconds since Jan 1, 1970 in the sec
+   * and usec variables allocated by the caller. Return non-zero for success
+   * and zero for failure.
+   *)
+  TS_time_cb = function({struct} v1: PTS_resp_ctx; v2: Pointer; sec: PIdC_LONG; usec: PIdC_LONG): TIdC_INT;
+
+  (*
+   * This must process the given extension. It can modify the TS_TST_INFO
+   * object of the context. Return values: !0 (processed), 0 (error, it must
+   * set the status info/failure info of the response).
+   *)
+  TS_extension_cb = function({struct} v1: PTS_resp_ctx; v2: PX509_Extension; v3: Pointer): TIdC_INT;
+
+//  TS_VERIFY_CTX = TS_verify_ctx;
+  TS_VERIFY_CTX = type Pointer;
+  PTS_VERIFY_CTX = ^TS_VERIFY_CTX;
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+procedure UnLoad;
+{$ENDREGION}
+
+var
+  TS_REQ_new: function: PTS_REQ cdecl = nil;
+  TS_REQ_free: procedure(a: PTS_REQ) cdecl = nil;
+  i2d_TS_REQ: function(a: PTS_REQ; pp: PPByte): TIdC_INT cdecl = nil;
+  d2i_TS_REQ: function(a: PPTS_REQ; pp: PPByte; length: TIdC_LONG): PTS_REQ cdecl = nil;
+
+  TS_REQ_dup: function(a: PTS_REQ): PTS_REQ cdecl = nil;
+
+  d2i_TS_REQ_bio: function(fp: PBIO; a: PPTS_REQ): PTS_REQ cdecl = nil;
+  i2d_TS_REQ_bio: function(fp: PBIO; a: PTS_REQ): TIdC_INT cdecl = nil;
+
+  TS_MSG_IMPRINT_new: function: PTS_MSG_IMPRINT cdecl = nil;
+  TS_MSG_IMPRINT_free: procedure(a: PTS_MSG_IMPRINT) cdecl = nil;
+  i2d_TS_MSG_IMPRINT: function(a: PTS_MSG_IMPRINT; pp: PPByte): TIdC_INT cdecl = nil;
+  d2i_TS_MSG_IMPRINT: function(a: PPTS_MSG_IMPRINT; pp: PPByte; length: TIdC_LONG): PTS_MSG_IMPRINT cdecl = nil;
+
+  TS_MSG_IMPRINT_dup: function(a: PTS_MSG_IMPRINT): PTS_MSG_IMPRINT cdecl = nil;
+
+  d2i_TS_MSG_IMPRINT_bio: function(bio: PBIO; a: PPTS_MSG_IMPRINT): PTS_MSG_IMPRINT cdecl = nil;
+  i2d_TS_MSG_IMPRINT_bio: function(bio: PBIO; a: PTS_MSG_IMPRINT): TIdC_INT cdecl = nil;
+
+  TS_RESP_new: function: PTS_RESP cdecl = nil;
+  TS_RESP_free: procedure(a: PTS_RESP) cdecl = nil;
+  i2d_TS_RESP: function(a: PTS_RESP; pp: PPByte): TIdC_INT cdecl = nil;
+  d2i_TS_RESP: function(a: PPTS_RESP; pp: PPByte; length: TIdC_LONG): PTS_RESP cdecl = nil;
+  PKCS7_to_TS_TST_INFO: function(token: PPKCS7): PTS_TST_Info cdecl = nil;
+  TS_RESP_dup: function(a: PTS_RESP): PTS_RESP cdecl = nil;
+
+  d2i_TS_RESP_bio: function(bio: PBIO; a: PPTS_RESP): PTS_RESP cdecl = nil;
+  i2d_TS_RESP_bio: function(bio: PBIO; a: PTS_RESP): TIdC_INT cdecl = nil;
+
+  TS_STATUS_INFO_new: function: PTS_STATUS_INFO cdecl = nil;
+  TS_STATUS_INFO_free: procedure(a: PTS_STATUS_INFO) cdecl = nil;
+  i2d_TS_STATUS_INFO: function(a: PTS_STATUS_INFO; pp: PPByte): TIdC_INT cdecl = nil;
+  d2i_TS_STATUS_INFO: function(a: PPTS_STATUS_INFO; pp: PPByte; length: TIdC_LONG): PTS_STATUS_INFO cdecl = nil;
+  TS_STATUS_INFO_dup: function(a: PTS_STATUS_INFO): PTS_STATUS_INFO cdecl = nil;
+
+  TS_TST_INFO_new: function: PTS_TST_Info cdecl = nil;
+  TS_TST_INFO_free: procedure(a: PTS_TST_Info) cdecl = nil;
+  i2d_TS_TST_INFO: function(a: PTS_TST_Info; pp: PPByte): TIdC_INT cdecl = nil;
+  d2i_TS_TST_INFO: function(a: PPTS_TST_Info; pp: PPByte; length: TIdC_LONG): PTS_TST_Info cdecl = nil;
+  TS_TST_INFO_dup: function(a: PTS_TST_Info): PTS_TST_Info cdecl = nil;
+
+  d2i_TS_TST_INFO_bio: function(bio: PBIO; a: PPTS_TST_Info): PTS_TST_Info cdecl = nil;
+  i2d_TS_TST_INFO_bio: function(bio: PBIO; a: PTS_TST_Info): TIdC_INT cdecl = nil;
+
+  TS_ACCURACY_new: function: PTS_ACCURACY cdecl = nil;
+  TS_ACCURACY_free: procedure(a: PTS_ACCURACY) cdecl = nil;
+  i2d_TS_ACCURACY: function(a: PTS_ACCURACY; pp: PPByte): TIdC_INT cdecl = nil;
+  d2i_TS_ACCURACY: function(a: PPTS_ACCURACY; pp: PPByte; length: TIdC_LONG): PTS_ACCURACY cdecl = nil;
+  TS_ACCURACY_dup: function(a: PTS_ACCURACY): PTS_ACCURACY cdecl = nil;
+
+  ESS_ISSUER_SERIAL_new: function: PESS_ISSUER_SERIAL cdecl = nil;
+  ESS_ISSUER_SERIAL_free: procedure(a: PESS_ISSUER_SERIAL) cdecl = nil;
+  i2d_ESS_ISSUER_SERIAL: function( a: PESS_ISSUER_SERIAL; pp: PPByte): TIdC_INT cdecl = nil;
+  d2i_ESS_ISSUER_SERIAL: function(a: PPESS_ISSUER_SERIAL; pp: PPByte; length: TIdC_LONG): PESS_ISSUER_SERIAL cdecl = nil;
+  ESS_ISSUER_SERIAL_dup: function(a: PESS_ISSUER_SERIAL): PESS_ISSUER_SERIAL cdecl = nil;
+
+  ESS_CERT_ID_new: function: PESS_CERT_ID cdecl = nil;
+  ESS_CERT_ID_free: procedure(a: PESS_CERT_ID) cdecl = nil;
+  i2d_ESS_CERT_ID: function(a: PESS_CERT_ID; pp: PPByte): TIdC_INT cdecl = nil;
+  d2i_ESS_CERT_ID: function(a: PPESS_CERT_ID; pp: PPByte; length: TIdC_LONG): PESS_CERT_ID cdecl = nil;
+  ESS_CERT_ID_dup: function(a: PESS_CERT_ID): PESS_CERT_ID cdecl = nil;
+
+  ESS_SIGNING_CERT_new: function: PESS_SIGNING_Cert cdecl = nil;
+  ESS_SIGNING_CERT_free: procedure(a: PESS_SIGNING_Cert) cdecl = nil;
+  i2d_ESS_SIGNING_CERT: function( a: PESS_SIGNING_Cert; pp: PPByte): TIdC_INT cdecl = nil;
+  d2i_ESS_SIGNING_CERT: function(a: PPESS_SIGNING_Cert; pp: PPByte; length: TIdC_LONG): PESS_SIGNING_Cert cdecl = nil;
+  ESS_SIGNING_CERT_dup: function(a: PESS_SIGNING_Cert): PESS_SIGNING_Cert cdecl = nil;
+
+  ESS_CERT_ID_V2_new: function: PESS_CERT_ID_V2 cdecl = nil;
+  ESS_CERT_ID_V2_free: procedure(a: PESS_CERT_ID_V2) cdecl = nil;
+  i2d_ESS_CERT_ID_V2: function( a: PESS_CERT_ID_V2; pp: PPByte): TIdC_INT cdecl = nil;
+  d2i_ESS_CERT_ID_V2: function(a: PPESS_CERT_ID_V2; pp: PPByte; length: TIdC_LONG): PESS_CERT_ID_V2 cdecl = nil;
+  ESS_CERT_ID_V2_dup: function(a: PESS_CERT_ID_V2): PESS_CERT_ID_V2 cdecl = nil;
+
+  ESS_SIGNING_CERT_V2_new: function: PESS_SIGNING_CERT_V2 cdecl = nil;
+  ESS_SIGNING_CERT_V2_free: procedure(a: PESS_SIGNING_CERT_V2) cdecl = nil;
+  i2d_ESS_SIGNING_CERT_V2: function(a: PESS_SIGNING_CERT_V2; pp: PPByte): TIdC_INT cdecl = nil;
+  d2i_ESS_SIGNING_CERT_V2: function(a: PPESS_SIGNING_CERT_V2; pp: PPByte; length: TIdC_LONG): PESS_SIGNING_CERT_V2 cdecl = nil;
+  ESS_SIGNING_CERT_V2_dup: function(a: PESS_SIGNING_CERT_V2): PESS_SIGNING_CERT_V2 cdecl = nil;
+
+  TS_REQ_set_version: function(a: PTS_REQ; version: TIdC_LONG): TIdC_INT cdecl = nil;
+  TS_REQ_get_version: function(a: PTS_REQ): TIdC_LONG cdecl = nil;
+
+  TS_STATUS_INFO_set_status: function(a: PTS_STATUS_INFO; i: TIdC_INT): TIdC_INT cdecl = nil;
+  TS_STATUS_INFO_get0_status: function(const a: PTS_STATUS_INFO): PASN1_INTEGER cdecl = nil;
+
+  // const STACK_OF(ASN1_UTF8STRING) *TS_STATUS_INFO_get0_text(const TS_STATUS_INFO *a);
+
+  // const ASN1_BIT_STRING *TS_STATUS_INFO_get0_failure_info(const TS_STATUS_INFO *a);
+
+  TS_REQ_set_msg_imprint: function(a: PTS_REQ; msg_imprint: PTS_MSG_IMPRINT): TIdC_INT cdecl = nil;
+  TS_REQ_get_msg_imprint: function(a: PTS_REQ): PTS_MSG_IMPRINT cdecl = nil;
+
+  TS_MSG_IMPRINT_set_algo: function(a: PTS_MSG_IMPRINT; alg: PX509_ALGOr): TIdC_INT cdecl = nil;
+  TS_MSG_IMPRINT_get_algo: function(a: PTS_MSG_IMPRINT): PX509_ALGOr cdecl = nil;
+
+  TS_MSG_IMPRINT_set_msg: function(a: PTS_MSG_IMPRINT; d: PByte; len: TIdC_INT): TIdC_INT cdecl = nil;
+  TS_MSG_IMPRINT_get_msg: function(a: PTS_MSG_IMPRINT): PASN1_OCTET_STRING cdecl = nil;
+
+  TS_REQ_set_policy_id: function(a: PTS_REQ; policy: PASN1_OBJECT): TIdC_INT cdecl = nil;
+  TS_REQ_get_policy_id: function(a: PTS_REQ): PASN1_OBJECT cdecl = nil;
+
+  TS_REQ_set_nonce: function(a: PTS_REQ; nonce: PASN1_INTEGER): TIdC_INT cdecl = nil;
+  TS_REQ_get_nonce: function(const a: PTS_REQ): PASN1_INTEGER cdecl = nil;
+
+  TS_REQ_set_cert_req: function(a: PTS_REQ; cert_req: TIdC_INT): TIdC_INT cdecl = nil;
+  TS_REQ_get_cert_req: function(a: PTS_REQ): TIdC_INT cdecl = nil;
+
+  //STACK_OF(X509_EXTENSION) *TS_REQ_get_exts(TS_REQ *a);
+  TS_REQ_ext_free: procedure(a: PTS_REQ) cdecl = nil;
+  TS_REQ_get_ext_count: function(a: PTS_REQ): TIdC_INT cdecl = nil;
+  TS_REQ_get_ext_by_NID: function(a: PTS_REQ; nid: TIdC_INT; lastpos: TIdC_INT): TIdC_INT cdecl = nil;
+  TS_REQ_get_ext_by_OBJ: function(a: PTS_REQ; obj: PASN1_Object; lastpos: TIdC_INT): TIdC_INT cdecl = nil;
+  TS_REQ_get_ext_by_critical: function(a: PTS_REQ; crit: TIdC_INT; lastpos: TIdC_INT): TIdC_INT cdecl = nil;
+  TS_REQ_get_ext: function(a: PTS_REQ; loc: TIdC_INT): PX509_Extension cdecl = nil;
+  TS_REQ_delete_ext: function(a: PTS_REQ; loc: TIdC_INT): PX509_Extension cdecl = nil;
+  TS_REQ_add_ext: function(a: PTS_REQ; ex: PX509_Extension; loc: TIdC_INT): TIdC_INT cdecl = nil;
+  TS_REQ_get_ext_d2i: function(a: PTS_REQ; nid: TIdC_INT; crit: PIdC_INT; idx: PIdC_INT): Pointer cdecl = nil;
+
+  //* Function declarations for TS_REQ defined in ts/ts_req_print.c */
+
+  TS_REQ_print_bio: function(bio: PBIO; a: PTS_REQ): TIdC_INT cdecl = nil;
+
+  //* Function declarations for TS_RESP defined in ts/ts_resp_utils.c */
+
+  TS_RESP_set_status_info: function(a: PTS_RESP; info: PTS_STATUS_INFO): TIdC_INT cdecl = nil;
+  TS_RESP_get_status_info: function(a: PTS_RESP): PTS_STATUS_INFO cdecl = nil;
+
+  //* Caller loses ownership of PKCS7 and TS_TST_INFO objects. */
+  TS_RESP_set_tst_info: procedure(a: PTS_RESP; p7: PPKCS7; tst_info: PTS_TST_Info) cdecl = nil;
+  TS_RESP_get_token: function(a: PTS_RESP): PPKCS7 cdecl = nil;
+  TS_RESP_get_tst_info: function(a: PTS_RESP): PTS_TST_Info cdecl = nil;
+
+  TS_TST_INFO_set_version: function(a: PTS_TST_Info; version: TIdC_LONG): TIdC_INT cdecl = nil;
+  TS_TST_INFO_get_version: function(const a: PTS_TST_Info): TIdC_LONG cdecl = nil;
+
+  TS_TST_INFO_set_policy_id: function(a: PTS_TST_Info; policy_id: PASN1_Object): TIdC_INT cdecl = nil;
+  TS_TST_INFO_get_policy_id: function(a: PTS_TST_Info): PASN1_Object cdecl = nil;
+
+  TS_TST_INFO_set_msg_imprint: function(a: PTS_TST_Info; msg_imprint: PTS_MSG_IMPRINT): TIdC_INT cdecl = nil;
+  TS_TST_INFO_get_msg_imprint: function(a: PTS_TST_Info): PTS_MSG_IMPRINT cdecl = nil;
+
+  TS_TST_INFO_set_serial: function(a: PTS_TST_Info; const serial: PASN1_INTEGER): TIdC_INT cdecl = nil;
+  TS_TST_INFO_get_serial: function(const a: PTS_TST_INFO): PASN1_INTEGER cdecl = nil;
+
+  TS_TST_INFO_set_time: function(a: PTS_TST_Info; gtime: PASN1_GENERALIZEDTIME): TIdC_INT cdecl = nil;
+  TS_TST_INFO_get_time: function(const a: PTS_TST_INFO): PASN1_GENERALIZEDTIME cdecl = nil;
+
+  TS_TST_INFO_set_accuracy: function(a: PTS_TST_Info; accuracy: PTS_ACCURACY): TIdC_INT cdecl = nil;
+  TS_TST_INFO_get_accuracy: function(a: PTS_TST_Info): PTS_ACCURACY cdecl = nil;
+
+  TS_ACCURACY_set_seconds: function(a: PTS_ACCURACY; const seconds: PASN1_INTEGER): TIdC_INT cdecl = nil;
+  TS_ACCURACY_get_seconds: function(const a: PTS_ACCURACY): PASN1_INTEGER cdecl = nil;
+
+  TS_ACCURACY_set_millis: function(a: PTS_ACCURACY; const millis: PASN1_INTEGER): TIdC_INT cdecl = nil;
+  TS_ACCURACY_get_millis: function(const a: PTS_ACCURACY): PASN1_INTEGER cdecl = nil;
+
+  TS_ACCURACY_set_micros: function(a: PTS_ACCURACY; const micros: PASN1_INTEGER): TIdC_INT cdecl = nil;
+  TS_ACCURACY_get_micros: function(const a: PTS_ACCURACY): PASN1_INTEGER cdecl = nil;
+
+  TS_TST_INFO_set_ordering: function(a: PTS_TST_Info; ordering: TIdC_INT): TIdC_INT cdecl = nil;
+  TS_TST_INFO_get_ordering: function(const a: PTS_TST_Info): TIdC_INT cdecl = nil;
+
+  TS_TST_INFO_set_nonce: function(a: PTS_TST_Info; const nonce: PASN1_INTEGER): TIdC_INT cdecl = nil;
+  TS_TST_INFO_get_nonce: function(const a: PTS_TST_INFO): PASN1_INTEGER cdecl = nil;
+
+  TS_TST_INFO_set_tsa: function(a: PTS_TST_Info; tsa: PGENERAL_NAME): TIdC_INT cdecl = nil;
+  TS_TST_INFO_get_tsa: function(a: PTS_TST_Info): PGENERAL_NAME cdecl = nil;
+
+  //STACK_OF(X509_EXTENSION) *TS_TST_INFO_get_exts(TS_TST_INFO *a);
+  TS_TST_INFO_ext_free: procedure(a: PTS_TST_Info) cdecl = nil;
+  TS_TST_INFO_get_ext_count: function(a: PTS_TST_Info): TIdC_INT cdecl = nil;
+  TS_TST_INFO_get_ext_by_NID: function(a: PTS_TST_Info; nid: TIdC_INT; lastpos: TIdC_INT): TIdC_INT cdecl = nil;
+  TS_TST_INFO_get_ext_by_OBJ: function(a: PTS_TST_Info; const obj: PASN1_Object; lastpos: TIdC_INT): TIdC_INT cdecl = nil;
+  TS_TST_INFO_get_ext_by_critical: function(a: PTS_TST_Info; crit: TIdC_INT; lastpos: TIdC_INT): TIdC_INT cdecl = nil;
+  TS_TST_INFO_get_ext: function(a: PTS_TST_Info; loc: TIdC_INT): PX509_Extension cdecl = nil;
+  TS_TST_INFO_delete_ext: function(a: PTS_TST_Info; loc: TIdC_INT): PX509_Extension cdecl = nil;
+  TS_TST_INFO_add_ext: function(a: PTS_TST_Info; ex: PX509_Extension; loc: TIdC_INT): TIdC_INT cdecl = nil;
+  TS_TST_INFO_get_ext_d2i: function(a: PTS_TST_Info; nid: TIdC_INT; crit: PIdC_INT; idx: PIdC_INT): Pointer cdecl = nil;
+
+  (*
+   * Declarations related to response generation, defined in ts/ts_resp_sign.c.
+   *)
+
+  //DEFINE_STACK_OF_CONST(EVP_MD)
+
+  (* Creates a response context that can be used for generating responses. *)
+  TS_RESP_CTX_new: function: PTS_RESP_CTX cdecl = nil;
+  TS_RESP_CTX_free: procedure(ctx: PTS_RESP_CTX) cdecl = nil;
+
+  (* This parameter must be set. *)
+  TS_RESP_CTX_set_signer_cert: function(ctx: PTS_RESP_CTX; signer: PX509): TIdC_INT cdecl = nil;
+
+  (* This parameter must be set. *)
+  TS_RESP_CTX_set_signer_key: function(ctx: PTS_RESP_CTX; key: PEVP_PKEY): TIdC_INT cdecl = nil;
+
+  TS_RESP_CTX_set_signer_digest: function(ctx: PTS_RESP_CTX; signer_digest: PEVP_MD): TIdC_INT cdecl = nil;
+  TS_RESP_CTX_set_ess_cert_id_digest: function(ctx: PTS_RESP_CTX; md: PEVP_MD): TIdC_INT cdecl = nil;
+
+  (* This parameter must be set. *)
+  TS_RESP_CTX_set_def_policy: function(ctx: PTS_RESP_CTX; def_policy: PASN1_Object): TIdC_INT cdecl = nil;
+
+  (* No additional certs are included in the response by default. *)
+  // int TS_RESP_CTX_set_certs(TS_RESP_CTX *ctx, STACK_OF(X509) *certs);
+
+  (*
+   * Adds a new acceptable policy, only the default policy is accepted by
+   * default.
+   *)
+  TS_RESP_CTX_add_policy: function(ctx: PTS_RESP_CTX; const policy: PASN1_Object): TIdC_INT cdecl = nil;
+
+  (*
+   * Adds a new acceptable message digest. Note that no message digests are
+   * accepted by default. The md argument is shared with the caller.
+   *)
+  TS_RESP_CTX_add_md: function(ctx: PTS_RESP_CTX; const md: PEVP_MD): TIdC_INT cdecl = nil;
+
+  (* Accuracy is not included by default. *)
+  TS_RESP_CTX_set_accuracy: function(ctx: PTS_RESP_CTX; secs: TIdC_INT; millis: TIdC_INT; micros: TIdC_INT): TIdC_INT cdecl = nil;
+
+  (*
+   * Clock precision digits, i.e. the number of decimal digits: '0' means sec,
+   * '3' msec, '6' usec, and so on. Default is 0.
+   *)
+  TS_RESP_CTX_set_clock_precision_digits: function(ctx: PTS_RESP_CTX; clock_precision_digits: TIdC_UINT): TIdC_INT cdecl = nil;
+
+  (* No flags are set by default. *)
+  TS_RESP_CTX_add_flags: procedure(ctx: PTS_RESP_CTX; flags: TIdC_INT) cdecl = nil;
+
+  (* Default callback always returns a constant. *)
+  TS_RESP_CTX_set_serial_cb: procedure(ctx: PTS_RESP_CTX; cb: TS_serial_cb; data: Pointer) cdecl = nil;
+
+  (* Default callback uses the gettimeofday() and gmtime() system calls. *)
+  TS_RESP_CTX_set_time_cb: procedure(ctx: PTS_RESP_CTX; cb: TS_time_cb; data: Pointer) cdecl = nil;
+
+  (*
+   * Default callback rejects all extensions. The extension callback is called
+   * when the TS_TST_INFO object is already set up and not signed yet.
+   *)
+  (* FIXME: extension handling is not tested yet. *)
+  TS_RESP_CTX_set_extension_cb: procedure(ctx: PTS_RESP_CTX; cb: TS_extension_cb; data: Pointer) cdecl = nil;
+
+  (* The following methods can be used in the callbacks. *)
+  TS_RESP_CTX_set_status_info: function(ctx: PTS_RESP_CTX; status: TIdC_INT; text: PIdAnsiChar): TIdC_INT cdecl = nil;
+
+  (* Sets the status info only if it is still TS_STATUS_GRANTED. *)
+  TS_RESP_CTX_set_status_info_cond: function(ctx: PTS_RESP_CTX; status: TIdC_INT; text: PIdAnsiChar): TIdC_INT cdecl = nil;
+
+  TS_RESP_CTX_add_failure_info: function(ctx: PTS_RESP_CTX; failure: TIdC_INT): TIdC_INT cdecl = nil;
+
+  (* The get methods below can be used in the extension callback. *)
+  TS_RESP_CTX_get_request: function(ctx: PTS_RESP_CTX): PTS_REQ cdecl = nil;
+
+  TS_RESP_CTX_get_tst_info: function(ctx: PTS_RESP_CTX): PTS_TST_Info cdecl = nil;
+
+  (*
+   * Creates the signed TS_TST_INFO and puts it in TS_RESP.
+   * In case of errors it sets the status info properly.
+   * Returns NULL only in case of memory allocation/fatal error.
+   *)
+  TS_RESP_create_response: function(ctx: PTS_RESP_CTX; req_bio: PBIO): PTS_RESP cdecl = nil;
+
+  (*
+   * Declarations related to response verification,
+   * they are defined in ts/ts_resp_verify.c.
+   *)
+
+  //int TS_RESP_verify_signature(PKCS7 *token, STACK_OF(X509) *certs,
+  //                             X509_STORE *store, X509 **signer_out);
+
+  (* Context structure for the generic verify method. *)
+
+  TS_RESP_verify_response: function(ctx: PTS_VERIFY_CTX; response: PTS_RESP): TIdC_INT cdecl = nil;
+  TS_RESP_verify_token: function(ctx: PTS_VERIFY_CTX; token: PPKCS7): TIdC_INT cdecl = nil;
+
+  (*
+   * Declarations related to response verification context,
+   *)
+  TS_VERIFY_CTX_new: function: PTS_VERIFY_CTX cdecl = nil;
+  TS_VERIFY_CTX_init: procedure(ctx: PTS_VERIFY_CTX) cdecl = nil;
+  TS_VERIFY_CTX_free: procedure(ctx: PTS_VERIFY_CTX) cdecl = nil;
+  TS_VERIFY_CTX_cleanup: procedure(ctx: PTS_VERIFY_CTX) cdecl = nil;
+  TS_VERIFY_CTX_set_flags: function(ctx: PTS_VERIFY_CTX; f: TIdC_INT): TIdC_INT cdecl = nil;
+  TS_VERIFY_CTX_add_flags: function(ctx: PTS_VERIFY_CTX; f: TIdC_INT): TIdC_INT cdecl = nil;
+  TS_VERIFY_CTX_set_data: function(ctx: PTS_VERIFY_CTX; b: PBIO): PBIO cdecl = nil;
+  TS_VERIFY_CTX_set_imprint: function(ctx: PTS_VERIFY_CTX; hexstr: PByte; len: TIdC_LONG): PByte cdecl = nil;
+  TS_VERIFY_CTX_set_store: function(ctx: PTS_VERIFY_CTX; s: PX509_Store): PX509_Store cdecl = nil;
+  // STACK_OF(X509) *TS_VERIFY_CTS_set_certs(TS_VERIFY_CTX *ctx, STACK_OF(X509) *certs);
+
+  (*-
+   * If ctx is NULL, it allocates and returns a new object, otherwise
+   * it returns ctx. It initialises all the members as follows:
+   * flags = TS_VFY_ALL_IMPRINT & ~(TS_VFY_TSA_NAME | TS_VFY_SIGNATURE)
+   * certs = NULL
+   * store = NULL
+   * policy = policy from the request or NULL if absent (in this case
+   *      TS_VFY_POLICY is cleared from flags as well)
+   * md_alg = MD algorithm from request
+   * imprint, imprint_len = imprint from request
+   * data = NULL
+   * nonce, nonce_len = nonce from the request or NULL if absent (in this case
+   *      TS_VFY_NONCE is cleared from flags as well)
+   * tsa_name = NULL
+   * Important: after calling this method TS_VFY_SIGNATURE should be added!
+   *)
+  TS_REQ_to_TS_VERIFY_CTX: function(req: PTS_REQ; ctx: PTS_VERIFY_CTX): PTS_VERIFY_CTX cdecl = nil;
+
+  (* Function declarations for TS_RESP defined in ts/ts_resp_print.c *)
+
+  TS_RESP_print_bio: function(bio: PBIO; a: PTS_RESP): TIdC_INT cdecl = nil;
+  TS_STATUS_INFO_print_bio: function(bio: PBIO; a: PTS_STATUS_INFO): TIdC_INT cdecl = nil;
+  TS_TST_INFO_print_bio: function(bio: PBIO; a: PTS_TST_Info): TIdC_INT cdecl = nil;
+
+  (* Common utility functions defined in ts/ts_lib.c *)
+
+  TS_ASN1_INTEGER_print_bio: function(bio: PBIO; const num: PASN1_INTEGER): TIdC_INT cdecl = nil;
+  TS_OBJ_print_bio: function(bio: PBIO; const obj: PASN1_Object): TIdC_INT cdecl = nil;
+  //function TS_ext_print_bio(bio: PBIO; const STACK_OF(): X509_Extension * extensions): TIdC_INT;
+  TS_X509_ALGOR_print_bio: function(bio: PBIO; const alg: PX509_ALGOr): TIdC_INT cdecl = nil;
+  TS_MSG_IMPRINT_print_bio: function(bio: PBIO; msg: PTS_MSG_IMPRINT): TIdC_INT cdecl = nil;
+
+  (*
+   * Function declarations for handling configuration options, defined in
+   * ts/ts_conf.c
+   *)
+
+  TS_CONF_load_cert: function(&file: PIdAnsiChar): PX509 cdecl = nil;
+  TS_CONF_load_key: function( &file: PIdAnsiChar; pass: PIdAnsiChar): PEVP_PKey cdecl = nil;
+  TS_CONF_set_serial: function(conf: PCONF; section: PIdAnsiChar; cb: TS_serial_cb; ctx: PTS_RESP_CTX): TIdC_INT cdecl = nil;
+  //STACK_OF(X509) *TS_CONF_load_certs(const char *file);
+  TS_CONF_get_tsa_section: function(conf: PCONF; const section: PIdAnsiChar): PIdAnsiChar cdecl = nil;
+  TS_CONF_set_crypto_device: function(conf: PCONF; section: PIdAnsiChar; device: PIdAnsiChar): TIdC_INT cdecl = nil;
+  TS_CONF_set_default_engine: function(name: PIdAnsiChar): TIdC_INT cdecl = nil;
+  TS_CONF_set_signer_cert: function(conf: PCONF; section: PIdAnsiChar; cert: PIdAnsiChar; ctx: PTS_RESP_CTX): TIdC_INT cdecl = nil;
+  TS_CONF_set_certs: function(conf: PCONF; section: PIdAnsiChar; certs: PIdAnsiChar; ctx: PTS_RESP_CTX): TIdC_INT cdecl = nil;
+  TS_CONF_set_signer_key: function(conf: PCONF; const section: PIdAnsiChar; key: PIdAnsiChar; pass: PIdAnsiChar; ctx: PTS_RESP_CTX): TIdC_INT cdecl = nil;
+  TS_CONF_set_signer_digest: function(conf: PCONF; section: PIdAnsiChar; md: PIdAnsiChar; ctx: PTS_RESP_CTX): TIdC_INT cdecl = nil;
+  TS_CONF_set_def_policy: function(conf: PCONF; section: PIdAnsiChar; policy: PIdAnsiChar; ctx: PTS_RESP_CTX): TIdC_INT cdecl = nil;
+  TS_CONF_set_policies: function(conf: PCONF; section: PIdAnsiChar; ctx: PTS_RESP_CTX): TIdC_INT cdecl = nil;
+  TS_CONF_set_digests: function(conf: PCONF; section: PIdAnsiChar; ctx: PTS_RESP_CTX): TIdC_INT cdecl = nil;
+  TS_CONF_set_accuracy: function(conf: PCONF; section: PIdAnsiChar; ctx: PTS_RESP_CTX): TIdC_INT cdecl = nil;
+  TS_CONF_set_clock_precision_digits: function(conf: PCONF; section: PIdAnsiChar; ctx: PTS_RESP_CTX): TIdC_INT cdecl = nil;
+  TS_CONF_set_ordering: function(conf: PCONF; section: PIdAnsiChar; ctx: PTS_RESP_CTX): TIdC_INT cdecl = nil;
+  TS_CONF_set_tsa_name: function(conf: PCONF; section: PIdAnsiChar; ctx: PTS_RESP_CTX): TIdC_INT cdecl = nil;
+  TS_CONF_set_ess_cert_id_chain: function(conf: PCONF; section: PIdAnsiChar; ctx: PTS_RESP_CTX): TIdC_INT cdecl = nil;
+  TS_CONF_set_ess_cert_id_digest: function(conf: PCONF; section: PIdAnsiChar; ctx: PTS_RESP_CTX): TIdC_INT cdecl = nil;
+
+implementation
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+
+  function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
+  begin
+    Result := LoadLibFunction(ADllHandle, AMethodName);
+    if not Assigned(Result) then
+      AFailed.Add(AMethodName);
+  end;
+
+begin
+  TS_REQ_new := LoadFunction('TS_REQ_new', AFailed);
+  TS_REQ_free := LoadFunction('TS_REQ_free', AFailed);
+  i2d_TS_REQ := LoadFunction('i2d_TS_REQ', AFailed);
+  d2i_TS_REQ := LoadFunction('d2i_TS_REQ', AFailed);
+  TS_REQ_dup := LoadFunction('TS_REQ_dup', AFailed);
+  d2i_TS_REQ_bio := LoadFunction('d2i_TS_REQ_bio', AFailed);
+  i2d_TS_REQ_bio := LoadFunction('i2d_TS_REQ_bio', AFailed);
+  TS_MSG_IMPRINT_new := LoadFunction('TS_MSG_IMPRINT_new', AFailed);
+  TS_MSG_IMPRINT_free := LoadFunction('TS_MSG_IMPRINT_free', AFailed);
+  i2d_TS_MSG_IMPRINT := LoadFunction('i2d_TS_MSG_IMPRINT', AFailed);
+  d2i_TS_MSG_IMPRINT := LoadFunction('d2i_TS_MSG_IMPRINT', AFailed);
+  TS_MSG_IMPRINT_dup := LoadFunction('TS_MSG_IMPRINT_dup', AFailed);
+  d2i_TS_MSG_IMPRINT_bio := LoadFunction('d2i_TS_MSG_IMPRINT_bio', AFailed);
+  i2d_TS_MSG_IMPRINT_bio := LoadFunction('i2d_TS_MSG_IMPRINT_bio', AFailed);
+  TS_RESP_new := LoadFunction('TS_RESP_new', AFailed);
+  TS_RESP_free := LoadFunction('TS_RESP_free', AFailed);
+  i2d_TS_RESP := LoadFunction('i2d_TS_RESP', AFailed);
+  d2i_TS_RESP := LoadFunction('d2i_TS_RESP', AFailed);
+  PKCS7_to_TS_TST_INFO := LoadFunction('PKCS7_to_TS_TST_INFO', AFailed);
+  TS_RESP_dup := LoadFunction('TS_RESP_dup', AFailed);
+  d2i_TS_RESP_bio := LoadFunction('d2i_TS_RESP_bio', AFailed);
+  i2d_TS_RESP_bio := LoadFunction('i2d_TS_RESP_bio', AFailed);
+  TS_STATUS_INFO_new := LoadFunction('TS_STATUS_INFO_new', AFailed);
+  TS_STATUS_INFO_free := LoadFunction('TS_STATUS_INFO_free', AFailed);
+  i2d_TS_STATUS_INFO := LoadFunction('i2d_TS_STATUS_INFO', AFailed);
+  d2i_TS_STATUS_INFO := LoadFunction('d2i_TS_STATUS_INFO', AFailed);
+  TS_STATUS_INFO_dup := LoadFunction('TS_STATUS_INFO_dup', AFailed);
+  TS_TST_INFO_new := LoadFunction('TS_TST_INFO_new', AFailed);
+  TS_TST_INFO_free := LoadFunction('TS_TST_INFO_free', AFailed);
+  i2d_TS_TST_INFO := LoadFunction('i2d_TS_TST_INFO', AFailed);
+  d2i_TS_TST_INFO := LoadFunction('d2i_TS_TST_INFO', AFailed);
+  TS_TST_INFO_dup := LoadFunction('TS_TST_INFO_dup', AFailed);
+  d2i_TS_TST_INFO_bio := LoadFunction('d2i_TS_TST_INFO_bio', AFailed);
+  i2d_TS_TST_INFO_bio := LoadFunction('i2d_TS_TST_INFO_bio', AFailed);
+  TS_ACCURACY_new := LoadFunction('TS_ACCURACY_new', AFailed);
+  TS_ACCURACY_free := LoadFunction('TS_ACCURACY_free', AFailed);
+  i2d_TS_ACCURACY := LoadFunction('i2d_TS_ACCURACY', AFailed);
+  d2i_TS_ACCURACY := LoadFunction('d2i_TS_ACCURACY', AFailed);
+  TS_ACCURACY_dup := LoadFunction('TS_ACCURACY_dup', AFailed);
+  ESS_ISSUER_SERIAL_new := LoadFunction('ESS_ISSUER_SERIAL_new', AFailed);
+  ESS_ISSUER_SERIAL_free := LoadFunction('ESS_ISSUER_SERIAL_free', AFailed);
+  i2d_ESS_ISSUER_SERIAL := LoadFunction('i2d_ESS_ISSUER_SERIAL', AFailed);
+  d2i_ESS_ISSUER_SERIAL := LoadFunction('d2i_ESS_ISSUER_SERIAL', AFailed);
+  ESS_ISSUER_SERIAL_dup := LoadFunction('ESS_ISSUER_SERIAL_dup', AFailed);
+  ESS_CERT_ID_new := LoadFunction('ESS_CERT_ID_new', AFailed);
+  ESS_CERT_ID_free := LoadFunction('ESS_CERT_ID_free', AFailed);
+  i2d_ESS_CERT_ID := LoadFunction('i2d_ESS_CERT_ID', AFailed);
+  d2i_ESS_CERT_ID := LoadFunction('d2i_ESS_CERT_ID', AFailed);
+  ESS_CERT_ID_dup := LoadFunction('ESS_CERT_ID_dup', AFailed);
+  ESS_SIGNING_CERT_new := LoadFunction('ESS_SIGNING_CERT_new', AFailed);
+  ESS_SIGNING_CERT_free := LoadFunction('ESS_SIGNING_CERT_free', AFailed);
+  i2d_ESS_SIGNING_CERT := LoadFunction('i2d_ESS_SIGNING_CERT', AFailed);
+  d2i_ESS_SIGNING_CERT := LoadFunction('d2i_ESS_SIGNING_CERT', AFailed);
+  ESS_SIGNING_CERT_dup := LoadFunction('ESS_SIGNING_CERT_dup', AFailed);
+  ESS_CERT_ID_V2_new := LoadFunction('ESS_CERT_ID_V2_new', AFailed);
+  ESS_CERT_ID_V2_free := LoadFunction('ESS_CERT_ID_V2_free', AFailed);
+  i2d_ESS_CERT_ID_V2 := LoadFunction('i2d_ESS_CERT_ID_V2', AFailed);
+  d2i_ESS_CERT_ID_V2 := LoadFunction('d2i_ESS_CERT_ID_V2', AFailed);
+  ESS_CERT_ID_V2_dup := LoadFunction('ESS_CERT_ID_V2_dup', AFailed);
+  ESS_SIGNING_CERT_V2_new := LoadFunction('ESS_SIGNING_CERT_V2_new', AFailed);
+  ESS_SIGNING_CERT_V2_free := LoadFunction('ESS_SIGNING_CERT_V2_free', AFailed);
+  i2d_ESS_SIGNING_CERT_V2 := LoadFunction('i2d_ESS_SIGNING_CERT_V2', AFailed);
+  d2i_ESS_SIGNING_CERT_V2 := LoadFunction('d2i_ESS_SIGNING_CERT_V2', AFailed);
+  ESS_SIGNING_CERT_V2_dup := LoadFunction('ESS_SIGNING_CERT_V2_dup', AFailed);
+  TS_REQ_set_version := LoadFunction('TS_REQ_set_version', AFailed);
+  TS_REQ_get_version := LoadFunction('TS_REQ_get_version', AFailed);
+  TS_STATUS_INFO_set_status := LoadFunction('TS_STATUS_INFO_set_status', AFailed);
+  TS_STATUS_INFO_get0_status := LoadFunction('TS_STATUS_INFO_get0_status', AFailed);
+  TS_REQ_set_msg_imprint := LoadFunction('TS_REQ_set_msg_imprint', AFailed);
+  TS_REQ_get_msg_imprint := LoadFunction('TS_REQ_get_msg_imprint', AFailed);
+  TS_MSG_IMPRINT_set_algo := LoadFunction('TS_MSG_IMPRINT_set_algo', AFailed);
+  TS_MSG_IMPRINT_get_algo := LoadFunction('TS_MSG_IMPRINT_get_algo', AFailed);
+  TS_MSG_IMPRINT_set_msg := LoadFunction('TS_MSG_IMPRINT_set_msg', AFailed);
+  TS_MSG_IMPRINT_get_msg := LoadFunction('TS_MSG_IMPRINT_get_msg', AFailed);
+  TS_REQ_set_policy_id := LoadFunction('TS_REQ_set_policy_id', AFailed);
+  TS_REQ_get_policy_id := LoadFunction('TS_REQ_get_policy_id', AFailed);
+  TS_REQ_set_nonce := LoadFunction('TS_REQ_set_nonce', AFailed);
+  TS_REQ_get_nonce := LoadFunction('TS_REQ_get_nonce', AFailed);
+  TS_REQ_set_cert_req := LoadFunction('TS_REQ_set_cert_req', AFailed);
+  TS_REQ_get_cert_req := LoadFunction('TS_REQ_get_cert_req', AFailed);
+  TS_REQ_ext_free := LoadFunction('TS_REQ_ext_free', AFailed);
+  TS_REQ_get_ext_count := LoadFunction('TS_REQ_get_ext_count', AFailed);
+  TS_REQ_get_ext_by_NID := LoadFunction('TS_REQ_get_ext_by_NID', AFailed);
+  TS_REQ_get_ext_by_OBJ := LoadFunction('TS_REQ_get_ext_by_OBJ', AFailed);
+  TS_REQ_get_ext_by_critical := LoadFunction('TS_REQ_get_ext_by_critical', AFailed);
+  TS_REQ_get_ext := LoadFunction('TS_REQ_get_ext', AFailed);
+  TS_REQ_delete_ext := LoadFunction('TS_REQ_delete_ext', AFailed);
+  TS_REQ_add_ext := LoadFunction('TS_REQ_add_ext', AFailed);
+  TS_REQ_get_ext_d2i := LoadFunction('TS_REQ_get_ext_d2i', AFailed);
+  TS_REQ_print_bio := LoadFunction('TS_REQ_print_bio', AFailed);
+  TS_RESP_set_status_info := LoadFunction('TS_RESP_set_status_info', AFailed);
+  TS_RESP_get_status_info := LoadFunction('TS_RESP_get_status_info', AFailed);
+  TS_RESP_set_tst_info := LoadFunction('TS_RESP_set_tst_info', AFailed);
+  TS_RESP_get_token := LoadFunction('TS_RESP_get_token', AFailed);
+  TS_RESP_get_tst_info := LoadFunction('TS_RESP_get_tst_info', AFailed);
+  TS_TST_INFO_set_version := LoadFunction('TS_TST_INFO_set_version', AFailed);
+  TS_TST_INFO_get_version := LoadFunction('TS_TST_INFO_get_version', AFailed);
+  TS_TST_INFO_set_policy_id := LoadFunction('TS_TST_INFO_set_policy_id', AFailed);
+  TS_TST_INFO_get_policy_id := LoadFunction('TS_TST_INFO_get_policy_id', AFailed);
+  TS_TST_INFO_set_msg_imprint := LoadFunction('TS_TST_INFO_set_msg_imprint', AFailed);
+  TS_TST_INFO_get_msg_imprint := LoadFunction('TS_TST_INFO_get_msg_imprint', AFailed);
+  TS_TST_INFO_set_serial := LoadFunction('TS_TST_INFO_set_serial', AFailed);
+  TS_TST_INFO_get_serial := LoadFunction('TS_TST_INFO_get_serial', AFailed);
+  TS_TST_INFO_set_time := LoadFunction('TS_TST_INFO_set_time', AFailed);
+  TS_TST_INFO_get_time := LoadFunction('TS_TST_INFO_get_time', AFailed);
+  TS_TST_INFO_set_accuracy := LoadFunction('TS_TST_INFO_set_accuracy', AFailed);
+  TS_TST_INFO_get_accuracy := LoadFunction('TS_TST_INFO_get_accuracy', AFailed);
+  TS_ACCURACY_set_seconds := LoadFunction('TS_ACCURACY_set_seconds', AFailed);
+  TS_ACCURACY_get_seconds := LoadFunction('TS_ACCURACY_get_seconds', AFailed);
+  TS_ACCURACY_set_millis := LoadFunction('TS_ACCURACY_set_millis', AFailed);
+  TS_ACCURACY_get_millis := LoadFunction('TS_ACCURACY_get_millis', AFailed);
+  TS_ACCURACY_set_micros := LoadFunction('TS_ACCURACY_set_micros', AFailed);
+  TS_ACCURACY_get_micros := LoadFunction('TS_ACCURACY_get_micros', AFailed);
+  TS_TST_INFO_set_ordering := LoadFunction('TS_TST_INFO_set_ordering', AFailed);
+  TS_TST_INFO_get_ordering := LoadFunction('TS_TST_INFO_get_ordering', AFailed);
+  TS_TST_INFO_set_nonce := LoadFunction('TS_TST_INFO_set_nonce', AFailed);
+  TS_TST_INFO_get_nonce := LoadFunction('TS_TST_INFO_get_nonce', AFailed);
+  TS_TST_INFO_set_tsa := LoadFunction('TS_TST_INFO_set_tsa', AFailed);
+  TS_TST_INFO_get_tsa := LoadFunction('TS_TST_INFO_get_tsa', AFailed);
+  TS_TST_INFO_ext_free := LoadFunction('TS_TST_INFO_ext_free', AFailed);
+  TS_TST_INFO_get_ext_count := LoadFunction('TS_TST_INFO_get_ext_count', AFailed);
+  TS_TST_INFO_get_ext_by_NID := LoadFunction('TS_TST_INFO_get_ext_by_NID', AFailed);
+  TS_TST_INFO_get_ext_by_OBJ := LoadFunction('TS_TST_INFO_get_ext_by_OBJ', AFailed);
+  TS_TST_INFO_get_ext_by_critical := LoadFunction('TS_TST_INFO_get_ext_by_critical', AFailed);
+  TS_TST_INFO_get_ext := LoadFunction('TS_TST_INFO_get_ext', AFailed);
+  TS_TST_INFO_delete_ext := LoadFunction('TS_TST_INFO_delete_ext', AFailed);
+  TS_TST_INFO_add_ext := LoadFunction('TS_TST_INFO_add_ext', AFailed);
+  TS_TST_INFO_get_ext_d2i := LoadFunction('TS_TST_INFO_get_ext_d2i', AFailed);
+  TS_RESP_CTX_new := LoadFunction('TS_RESP_CTX_new', AFailed);
+  TS_RESP_CTX_free := LoadFunction('TS_RESP_CTX_free', AFailed);
+  TS_RESP_CTX_set_signer_cert := LoadFunction('TS_RESP_CTX_set_signer_cert', AFailed);
+  TS_RESP_CTX_set_signer_key := LoadFunction('TS_RESP_CTX_set_signer_key', AFailed);
+  TS_RESP_CTX_set_signer_digest := LoadFunction('TS_RESP_CTX_set_signer_digest', AFailed);
+  TS_RESP_CTX_set_ess_cert_id_digest := LoadFunction('TS_RESP_CTX_set_ess_cert_id_digest', AFailed);
+  TS_RESP_CTX_set_def_policy := LoadFunction('TS_RESP_CTX_set_def_policy', AFailed);
+  TS_RESP_CTX_add_policy := LoadFunction('TS_RESP_CTX_add_policy', AFailed);
+  TS_RESP_CTX_add_md := LoadFunction('TS_RESP_CTX_add_md', AFailed);
+  TS_RESP_CTX_set_accuracy := LoadFunction('TS_RESP_CTX_set_accuracy', AFailed);
+  TS_RESP_CTX_set_clock_precision_digits := LoadFunction('TS_RESP_CTX_set_clock_precision_digits', AFailed);
+  TS_RESP_CTX_add_flags := LoadFunction('TS_RESP_CTX_add_flags', AFailed);
+  TS_RESP_CTX_set_serial_cb := LoadFunction('TS_RESP_CTX_set_serial_cb', AFailed);
+  TS_RESP_CTX_set_time_cb := LoadFunction('TS_RESP_CTX_set_time_cb', AFailed);
+  TS_RESP_CTX_set_extension_cb := LoadFunction('TS_RESP_CTX_set_extension_cb', AFailed);
+  TS_RESP_CTX_set_status_info := LoadFunction('TS_RESP_CTX_set_status_info', AFailed);
+  TS_RESP_CTX_set_status_info_cond := LoadFunction('TS_RESP_CTX_set_status_info_cond', AFailed);
+  TS_RESP_CTX_add_failure_info := LoadFunction('TS_RESP_CTX_add_failure_info', AFailed);
+  TS_RESP_CTX_get_request := LoadFunction('TS_RESP_CTX_get_request', AFailed);
+  TS_RESP_CTX_get_tst_info := LoadFunction('TS_RESP_CTX_get_tst_info', AFailed);
+  TS_RESP_create_response := LoadFunction('TS_RESP_create_response', AFailed);
+  TS_RESP_verify_response := LoadFunction('TS_RESP_verify_response', AFailed);
+  TS_RESP_verify_token := LoadFunction('TS_RESP_verify_token', AFailed);
+  TS_VERIFY_CTX_new := LoadFunction('TS_VERIFY_CTX_new', AFailed);
+  TS_VERIFY_CTX_init := LoadFunction('TS_VERIFY_CTX_init', AFailed);
+  TS_VERIFY_CTX_free := LoadFunction('TS_VERIFY_CTX_free', AFailed);
+  TS_VERIFY_CTX_cleanup := LoadFunction('TS_VERIFY_CTX_cleanup', AFailed);
+  TS_VERIFY_CTX_set_flags := LoadFunction('TS_VERIFY_CTX_set_flags', AFailed);
+  TS_VERIFY_CTX_add_flags := LoadFunction('TS_VERIFY_CTX_add_flags', AFailed);
+  TS_VERIFY_CTX_set_data := LoadFunction('TS_VERIFY_CTX_set_data', AFailed);
+  TS_VERIFY_CTX_set_imprint := LoadFunction('TS_VERIFY_CTX_set_imprint', AFailed);
+  TS_VERIFY_CTX_set_store := LoadFunction('TS_VERIFY_CTX_set_store', AFailed);
+  TS_REQ_to_TS_VERIFY_CTX := LoadFunction('TS_REQ_to_TS_VERIFY_CTX', AFailed);
+  TS_RESP_print_bio := LoadFunction('TS_RESP_print_bio', AFailed);
+  TS_STATUS_INFO_print_bio := LoadFunction('TS_STATUS_INFO_print_bio', AFailed);
+  TS_TST_INFO_print_bio := LoadFunction('TS_TST_INFO_print_bio', AFailed);
+  TS_ASN1_INTEGER_print_bio := LoadFunction('TS_ASN1_INTEGER_print_bio', AFailed);
+  TS_OBJ_print_bio := LoadFunction('TS_OBJ_print_bio', AFailed);
+  TS_X509_ALGOR_print_bio := LoadFunction('TS_X509_ALGOR_print_bio', AFailed);
+  TS_MSG_IMPRINT_print_bio := LoadFunction('TS_MSG_IMPRINT_print_bio', AFailed);
+  TS_CONF_load_cert := LoadFunction('TS_CONF_load_cert', AFailed);
+  TS_CONF_load_key := LoadFunction('TS_CONF_load_key', AFailed);
+  TS_CONF_set_serial := LoadFunction('TS_CONF_set_serial', AFailed);
+  TS_CONF_get_tsa_section := LoadFunction('TS_CONF_get_tsa_section', AFailed);
+  TS_CONF_set_crypto_device := LoadFunction('TS_CONF_set_crypto_device', AFailed);
+  TS_CONF_set_default_engine := LoadFunction('TS_CONF_set_default_engine', AFailed);
+  TS_CONF_set_signer_cert := LoadFunction('TS_CONF_set_signer_cert', AFailed);
+  TS_CONF_set_certs := LoadFunction('TS_CONF_set_certs', AFailed);
+  TS_CONF_set_signer_key := LoadFunction('TS_CONF_set_signer_key', AFailed);
+  TS_CONF_set_signer_digest := LoadFunction('TS_CONF_set_signer_digest', AFailed);
+  TS_CONF_set_def_policy := LoadFunction('TS_CONF_set_def_policy', AFailed);
+  TS_CONF_set_policies := LoadFunction('TS_CONF_set_policies', AFailed);
+  TS_CONF_set_digests := LoadFunction('TS_CONF_set_digests', AFailed);
+  TS_CONF_set_accuracy := LoadFunction('TS_CONF_set_accuracy', AFailed);
+  TS_CONF_set_clock_precision_digits := LoadFunction('TS_CONF_set_clock_precision_digits', AFailed);
+  TS_CONF_set_ordering := LoadFunction('TS_CONF_set_ordering', AFailed);
+  TS_CONF_set_tsa_name := LoadFunction('TS_CONF_set_tsa_name', AFailed);
+  TS_CONF_set_ess_cert_id_chain := LoadFunction('TS_CONF_set_ess_cert_id_chain', AFailed);
+  TS_CONF_set_ess_cert_id_digest := LoadFunction('TS_CONF_set_ess_cert_id_digest', AFailed);
+end;
+
+procedure UnLoad;
+begin
+  TS_REQ_new := nil;
+  TS_REQ_free := nil;
+  i2d_TS_REQ := nil;
+  d2i_TS_REQ := nil;
+  TS_REQ_dup := nil;
+  d2i_TS_REQ_bio := nil;
+  i2d_TS_REQ_bio := nil;
+  TS_MSG_IMPRINT_new := nil;
+  TS_MSG_IMPRINT_free := nil;
+  i2d_TS_MSG_IMPRINT := nil;
+  d2i_TS_MSG_IMPRINT := nil;
+  TS_MSG_IMPRINT_dup := nil;
+  d2i_TS_MSG_IMPRINT_bio := nil;
+  i2d_TS_MSG_IMPRINT_bio := nil;
+  TS_RESP_new := nil;
+  TS_RESP_free := nil;
+  i2d_TS_RESP := nil;
+  d2i_TS_RESP := nil;
+  PKCS7_to_TS_TST_INFO := nil;
+  TS_RESP_dup := nil;
+  d2i_TS_RESP_bio := nil;
+  i2d_TS_RESP_bio := nil;
+  TS_STATUS_INFO_new := nil;
+  TS_STATUS_INFO_free := nil;
+  i2d_TS_STATUS_INFO := nil;
+  d2i_TS_STATUS_INFO := nil;
+  TS_STATUS_INFO_dup := nil;
+  TS_TST_INFO_new := nil;
+  TS_TST_INFO_free := nil;
+  i2d_TS_TST_INFO := nil;
+  d2i_TS_TST_INFO := nil;
+  TS_TST_INFO_dup := nil;
+  d2i_TS_TST_INFO_bio := nil;
+  i2d_TS_TST_INFO_bio := nil;
+  TS_ACCURACY_new := nil;
+  TS_ACCURACY_free := nil;
+  i2d_TS_ACCURACY := nil;
+  d2i_TS_ACCURACY := nil;
+  TS_ACCURACY_dup := nil;
+  ESS_ISSUER_SERIAL_new := nil;
+  ESS_ISSUER_SERIAL_free := nil;
+  i2d_ESS_ISSUER_SERIAL := nil;
+  d2i_ESS_ISSUER_SERIAL := nil;
+  ESS_ISSUER_SERIAL_dup := nil;
+  ESS_CERT_ID_new := nil;
+  ESS_CERT_ID_free := nil;
+  i2d_ESS_CERT_ID := nil;
+  d2i_ESS_CERT_ID := nil;
+  ESS_CERT_ID_dup := nil;
+  ESS_SIGNING_CERT_new := nil;
+  ESS_SIGNING_CERT_free := nil;
+  i2d_ESS_SIGNING_CERT := nil;
+  d2i_ESS_SIGNING_CERT := nil;
+  ESS_SIGNING_CERT_dup := nil;
+  ESS_CERT_ID_V2_new := nil;
+  ESS_CERT_ID_V2_free := nil;
+  i2d_ESS_CERT_ID_V2 := nil;
+  d2i_ESS_CERT_ID_V2 := nil;
+  ESS_CERT_ID_V2_dup := nil;
+  ESS_SIGNING_CERT_V2_new := nil;
+  ESS_SIGNING_CERT_V2_free := nil;
+  i2d_ESS_SIGNING_CERT_V2 := nil;
+  d2i_ESS_SIGNING_CERT_V2 := nil;
+  ESS_SIGNING_CERT_V2_dup := nil;
+  TS_REQ_set_version := nil;
+  TS_REQ_get_version := nil;
+  TS_STATUS_INFO_set_status := nil;
+  TS_STATUS_INFO_get0_status := nil;
+  TS_REQ_set_msg_imprint := nil;
+  TS_REQ_get_msg_imprint := nil;
+  TS_MSG_IMPRINT_set_algo := nil;
+  TS_MSG_IMPRINT_get_algo := nil;
+  TS_MSG_IMPRINT_set_msg := nil;
+  TS_MSG_IMPRINT_get_msg := nil;
+  TS_REQ_set_policy_id := nil;
+  TS_REQ_get_policy_id := nil;
+  TS_REQ_set_nonce := nil;
+  TS_REQ_get_nonce := nil;
+  TS_REQ_set_cert_req := nil;
+  TS_REQ_get_cert_req := nil;
+  TS_REQ_ext_free := nil;
+  TS_REQ_get_ext_count := nil;
+  TS_REQ_get_ext_by_NID := nil;
+  TS_REQ_get_ext_by_OBJ := nil;
+  TS_REQ_get_ext_by_critical := nil;
+  TS_REQ_get_ext := nil;
+  TS_REQ_delete_ext := nil;
+  TS_REQ_add_ext := nil;
+  TS_REQ_get_ext_d2i := nil;
+  TS_REQ_print_bio := nil;
+  TS_RESP_set_status_info := nil;
+  TS_RESP_get_status_info := nil;
+  TS_RESP_set_tst_info := nil;
+  TS_RESP_get_token := nil;
+  TS_RESP_get_tst_info := nil;
+  TS_TST_INFO_set_version := nil;
+  TS_TST_INFO_get_version := nil;
+  TS_TST_INFO_set_policy_id := nil;
+  TS_TST_INFO_get_policy_id := nil;
+  TS_TST_INFO_set_msg_imprint := nil;
+  TS_TST_INFO_get_msg_imprint := nil;
+  TS_TST_INFO_set_serial := nil;
+  TS_TST_INFO_get_serial := nil;
+  TS_TST_INFO_set_time := nil;
+  TS_TST_INFO_get_time := nil;
+  TS_TST_INFO_set_accuracy := nil;
+  TS_TST_INFO_get_accuracy := nil;
+  TS_ACCURACY_set_seconds := nil;
+  TS_ACCURACY_get_seconds := nil;
+  TS_ACCURACY_set_millis := nil;
+  TS_ACCURACY_get_millis := nil;
+  TS_ACCURACY_set_micros := nil;
+  TS_ACCURACY_get_micros := nil;
+  TS_TST_INFO_set_ordering := nil;
+  TS_TST_INFO_get_ordering := nil;
+  TS_TST_INFO_set_nonce := nil;
+  TS_TST_INFO_get_nonce := nil;
+  TS_TST_INFO_set_tsa := nil;
+  TS_TST_INFO_get_tsa := nil;
+  TS_TST_INFO_ext_free := nil;
+  TS_TST_INFO_get_ext_count := nil;
+  TS_TST_INFO_get_ext_by_NID := nil;
+  TS_TST_INFO_get_ext_by_OBJ := nil;
+  TS_TST_INFO_get_ext_by_critical := nil;
+  TS_TST_INFO_get_ext := nil;
+  TS_TST_INFO_delete_ext := nil;
+  TS_TST_INFO_add_ext := nil;
+  TS_TST_INFO_get_ext_d2i := nil;
+  TS_RESP_CTX_new := nil;
+  TS_RESP_CTX_free := nil;
+  TS_RESP_CTX_set_signer_cert := nil;
+  TS_RESP_CTX_set_signer_key := nil;
+  TS_RESP_CTX_set_signer_digest := nil;
+  TS_RESP_CTX_set_ess_cert_id_digest := nil;
+  TS_RESP_CTX_set_def_policy := nil;
+  TS_RESP_CTX_add_policy := nil;
+  TS_RESP_CTX_add_md := nil;
+  TS_RESP_CTX_set_accuracy := nil;
+  TS_RESP_CTX_set_clock_precision_digits := nil;
+  TS_RESP_CTX_add_flags := nil;
+  TS_RESP_CTX_set_serial_cb := nil;
+  TS_RESP_CTX_set_time_cb := nil;
+  TS_RESP_CTX_set_extension_cb := nil;
+  TS_RESP_CTX_set_status_info := nil;
+  TS_RESP_CTX_set_status_info_cond := nil;
+  TS_RESP_CTX_add_failure_info := nil;
+  TS_RESP_CTX_get_request := nil;
+  TS_RESP_CTX_get_tst_info := nil;
+  TS_RESP_create_response := nil;
+  TS_RESP_verify_response := nil;
+  TS_RESP_verify_token := nil;
+  TS_VERIFY_CTX_new := nil;
+  TS_VERIFY_CTX_init := nil;
+  TS_VERIFY_CTX_free := nil;
+  TS_VERIFY_CTX_cleanup := nil;
+  TS_VERIFY_CTX_set_flags := nil;
+  TS_VERIFY_CTX_add_flags := nil;
+  TS_VERIFY_CTX_set_data := nil;
+  TS_VERIFY_CTX_set_imprint := nil;
+  TS_VERIFY_CTX_set_store := nil;
+  TS_REQ_to_TS_VERIFY_CTX := nil;
+  TS_RESP_print_bio := nil;
+  TS_STATUS_INFO_print_bio := nil;
+  TS_TST_INFO_print_bio := nil;
+  TS_ASN1_INTEGER_print_bio := nil;
+  TS_OBJ_print_bio := nil;
+  TS_X509_ALGOR_print_bio := nil;
+  TS_MSG_IMPRINT_print_bio := nil;
+  TS_CONF_load_cert := nil;
+  TS_CONF_load_key := nil;
+  TS_CONF_set_serial := nil;
+  TS_CONF_get_tsa_section := nil;
+  TS_CONF_set_crypto_device := nil;
+  TS_CONF_set_default_engine := nil;
+  TS_CONF_set_signer_cert := nil;
+  TS_CONF_set_certs := nil;
+  TS_CONF_set_signer_key := nil;
+  TS_CONF_set_signer_digest := nil;
+  TS_CONF_set_def_policy := nil;
+  TS_CONF_set_policies := nil;
+  TS_CONF_set_digests := nil;
+  TS_CONF_set_accuracy := nil;
+  TS_CONF_set_clock_precision_digits := nil;
+  TS_CONF_set_ordering := nil;
+  TS_CONF_set_tsa_name := nil;
+  TS_CONF_set_ess_cert_id_chain := nil;
+  TS_CONF_set_ess_cert_id_digest := nil;
+end;
+{$ENDREGION}
+
+end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_tserr.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_tserr.pas
new file mode 100644
index 000000000..6024b16e8
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_tserr.pas
@@ -0,0 +1,183 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 15:01:04
+
+unit IdOpenSSLHeaders_tserr;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// tserr.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  Classes,
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+const
+  (*
+   * TS function codes.
+   *)
+  TS_F_DEF_SERIAL_CB = 110;
+  TS_F_DEF_TIME_CB = 111;
+  TS_F_ESS_ADD_SIGNING_CERT = 112;
+  TS_F_ESS_ADD_SIGNING_CERT_V2 = 147;
+  TS_F_ESS_CERT_ID_NEW_INIT = 113;
+  TS_F_ESS_CERT_ID_V2_NEW_INIT = 156;
+  TS_F_ESS_SIGNING_CERT_NEW_INIT = 114;
+  TS_F_ESS_SIGNING_CERT_V2_NEW_INIT = 157;
+  TS_F_INT_TS_RESP_VERIFY_TOKEN = 149;
+  TS_F_PKCS7_TO_TS_TST_INFO = 148;
+  TS_F_TS_ACCURACY_SET_MICROS = 115;
+  TS_F_TS_ACCURACY_SET_MILLIS = 116;
+  TS_F_TS_ACCURACY_SET_SECONDS = 117;
+  TS_F_TS_CHECK_IMPRINTS = 100;
+  TS_F_TS_CHECK_NONCES = 101;
+  TS_F_TS_CHECK_POLICY = 102;
+  TS_F_TS_CHECK_SIGNING_CERTS = 103;
+  TS_F_TS_CHECK_STATUS_INFO = 104;
+  TS_F_TS_COMPUTE_IMPRINT = 145;
+  TS_F_TS_CONF_INVALID = 151;
+  TS_F_TS_CONF_LOAD_CERT = 153;
+  TS_F_TS_CONF_LOAD_CERTS = 154;
+  TS_F_TS_CONF_LOAD_KEY = 155;
+  TS_F_TS_CONF_LOOKUP_FAIL = 152;
+  TS_F_TS_CONF_SET_DEFAULT_ENGINE = 146;
+  TS_F_TS_GET_STATUS_TEXT = 105;
+  TS_F_TS_MSG_IMPRINT_SET_ALGO = 118;
+  TS_F_TS_REQ_SET_MSG_IMPRINT = 119;
+  TS_F_TS_REQ_SET_NONCE = 120;
+  TS_F_TS_REQ_SET_POLICY_ID = 121;
+  TS_F_TS_RESP_CREATE_RESPONSE = 122;
+  TS_F_TS_RESP_CREATE_TST_INFO = 123;
+  TS_F_TS_RESP_CTX_ADD_FAILURE_INFO = 124;
+  TS_F_TS_RESP_CTX_ADD_MD = 125;
+  TS_F_TS_RESP_CTX_ADD_POLICY = 126;
+  TS_F_TS_RESP_CTX_NEW = 127;
+  TS_F_TS_RESP_CTX_SET_ACCURACY = 128;
+  TS_F_TS_RESP_CTX_SET_CERTS = 129;
+  TS_F_TS_RESP_CTX_SET_DEF_POLICY = 130;
+  TS_F_TS_RESP_CTX_SET_SIGNER_CERT = 131;
+  TS_F_TS_RESP_CTX_SET_STATUS_INFO = 132;
+  TS_F_TS_RESP_GET_POLICY = 133;
+  TS_F_TS_RESP_SET_GENTIME_WITH_PRECISION = 134;
+  TS_F_TS_RESP_SET_STATUS_INFO = 135;
+  TS_F_TS_RESP_SET_TST_INFO = 150;
+  TS_F_TS_RESP_SIGN = 136;
+  TS_F_TS_RESP_VERIFY_SIGNATURE = 106;
+  TS_F_TS_TST_INFO_SET_ACCURACY = 137;
+  TS_F_TS_TST_INFO_SET_MSG_IMPRINT = 138;
+  TS_F_TS_TST_INFO_SET_NONCE = 139;
+  TS_F_TS_TST_INFO_SET_POLICY_ID = 140;
+  TS_F_TS_TST_INFO_SET_SERIAL = 141;
+  TS_F_TS_TST_INFO_SET_TIME = 142;
+  TS_F_TS_TST_INFO_SET_TSA = 143;
+  TS_F_TS_VERIFY = 108;
+  TS_F_TS_VERIFY_CERT = 109;
+  TS_F_TS_VERIFY_CTX_NEW = 144;
+
+  (*
+   * TS reason codes.
+   *)
+  TS_R_BAD_PKCS7_TYPE = 132;
+  TS_R_BAD_TYPE = 133;
+  TS_R_CANNOT_LOAD_CERT = 137;
+  TS_R_CANNOT_LOAD_KEY = 138;
+  TS_R_CERTIFICATE_VERIFY_ERROR = 100;
+  TS_R_COULD_NOT_SET_ENGINE = 127;
+  TS_R_COULD_NOT_SET_TIME = 115;
+  TS_R_DETACHED_CONTENT = 134;
+  TS_R_ESS_ADD_SIGNING_CERT_ERROR = 116;
+  TS_R_ESS_ADD_SIGNING_CERT_V2_ERROR = 139;
+  TS_R_ESS_SIGNING_CERTIFICATE_ERROR = 101;
+  TS_R_INVALID_NULL_POINTER = 102;
+  TS_R_INVALID_SIGNER_CERTIFICATE_PURPOSE = 117;
+  TS_R_MESSAGE_IMPRINT_MISMATCH = 103;
+  TS_R_NONCE_MISMATCH = 104;
+  TS_R_NONCE_NOT_RETURNED = 105;
+  TS_R_NO_CONTENT = 106;
+  TS_R_NO_TIME_STAMP_TOKEN = 107;
+  TS_R_PKCS7_ADD_SIGNATURE_ERROR = 118;
+  TS_R_PKCS7_ADD_SIGNED_ATTR_ERROR = 119;
+  TS_R_PKCS7_TO_TS_TST_INFO_FAILED = 129;
+  TS_R_POLICY_MISMATCH = 108;
+  TS_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE = 120;
+  TS_R_RESPONSE_SETUP_ERROR = 121;
+  TS_R_SIGNATURE_FAILURE = 109;
+  TS_R_THERE_MUST_BE_ONE_SIGNER = 110;
+  TS_R_TIME_SYSCALL_ERROR = 122;
+  TS_R_TOKEN_NOT_PRESENT = 130;
+  TS_R_TOKEN_PRESENT = 131;
+  TS_R_TSA_NAME_MISMATCH = 111;
+  TS_R_TSA_UNTRUSTED = 112;
+  TS_R_TST_INFO_SETUP_ERROR = 123;
+  TS_R_TS_DATASIGN = 124;
+  TS_R_UNACCEPTABLE_POLICY = 125;
+  TS_R_UNSUPPORTED_MD_ALGORITHM = 126;
+  TS_R_UNSUPPORTED_VERSION = 113;
+  TS_R_VAR_BAD_VALUE = 135;
+  TS_R_VAR_LOOKUP_FAILURE = 136;
+  TS_R_WRONG_CONTENT_TYPE = 114;
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+procedure UnLoad;
+{$ENDREGION}
+
+var
+  ERR_load_TS_strings: function: TIdC_INT cdecl = nil;
+
+implementation
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+
+  function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
+  begin
+    Result := LoadLibFunction(ADllHandle, AMethodName);
+    if not Assigned(Result) then
+      AFailed.Add(AMethodName);
+  end;
+
+begin
+  ERR_load_TS_strings := LoadFunction('ERR_load_TS_strings', AFailed);
+end;
+
+procedure UnLoad;
+begin
+  ERR_load_TS_strings := nil;
+end;
+{$ENDREGION}
+
+end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_txt_db.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_txt_db.pas
new file mode 100644
index 000000000..5b0fb263a
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_txt_db.pas
@@ -0,0 +1,122 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 15:01:04
+
+unit IdOpenSSLHeaders_txt_db;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// txt_db.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  Classes,
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts,
+  IdOpenSSLHeaders_ossl_typ;
+
+const
+  DB_ERROR_OK = 0;
+  DB_ERROR_MALLOC = 1;
+  DB_ERROR_INDEX_CLASH = 2;
+  DB_ERROR_INDEX_OUT_OF_RANGE = 3;
+  DB_ERROR_NO_INDEX = 4;
+  DB_ERROR_INSERT_INDEX_CLASH = 5;
+  DB_ERROR_WRONG_NUM_FIELDS = 6;
+
+type
+  OPENSSL_STRING = type Pointer;
+  POPENSSL_STRING = ^OPENSSL_STRING;
+// DEFINE_SPECIAL_STACK_OF(OPENSSL_PSTRING, OPENSSL_STRING)
+
+  qual_func =  function (v1: POPENSSL_STRING): TIdC_INT;
+  txt_db_st = record
+    num_fields: TIdC_INT;
+    data: Pointer; // STACK_OF(OPENSSL_PSTRING) *
+    index: Pointer; // LHASH_OF(OPENSSL_STRING) **
+    qual: qual_func;
+    error: TIdC_LONG;
+    arg1: TIdC_LONG;
+    arg2: TIdC_LONG;
+    arg_row: POPENSSL_STRING;
+  end;
+  TXT_DB = txt_db_st;
+  PTXT_DB = ^TXT_DB;
+
+  TXT_DB_create_index_qual = function(v1: POPENSSL_STRING): TIdC_INT;
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+procedure UnLoad;
+{$ENDREGION}
+
+var
+  TXT_DB_read: function(&in: PBIO; num: TIdC_INT): PTXT_DB cdecl = nil;
+  TXT_DB_write: function(&out: PBIO; db: PTXT_DB): TIdC_LONG cdecl = nil;
+  //function TXT_DB_create_index(db: PTXT_DB; field: TIdC_INT; qual: TXT_DB_create_index_qual; hash: OPENSSL_LH_HashFunc; cmp: OPENSSL_LH_COMPFUNC): TIdC_INT;
+  TXT_DB_free: procedure(db: PTXT_DB) cdecl = nil;
+  TXT_DB_get_by_index: function(db: PTXT_DB; idx: TIdC_INT; value: POPENSSL_STRING): POPENSSL_STRING cdecl = nil;
+  TXT_DB_insert: function(db: PTXT_DB; value: POPENSSL_STRING): TIdC_INT cdecl = nil;
+
+implementation
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+
+  function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
+  begin
+    Result := LoadLibFunction(ADllHandle, AMethodName);
+    if not Assigned(Result) then
+      AFailed.Add(AMethodName);
+  end;
+
+begin
+  TXT_DB_read := LoadFunction('TXT_DB_read', AFailed);
+  TXT_DB_write := LoadFunction('TXT_DB_write', AFailed);
+  TXT_DB_free := LoadFunction('TXT_DB_free', AFailed);
+  TXT_DB_get_by_index := LoadFunction('TXT_DB_get_by_index', AFailed);
+  TXT_DB_insert := LoadFunction('TXT_DB_insert', AFailed);
+end;
+
+procedure UnLoad;
+begin
+  TXT_DB_read := nil;
+  TXT_DB_write := nil;
+  TXT_DB_free := nil;
+  TXT_DB_get_by_index := nil;
+  TXT_DB_insert := nil;
+end;
+{$ENDREGION}
+
+end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ui.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ui.pas
new file mode 100644
index 000000000..cafc88536
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ui.pas
@@ -0,0 +1,532 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 15:01:04
+
+unit IdOpenSSLHeaders_ui;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// ui.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  Classes,
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts,
+  IdOpenSSLHeaders_ossl_typ,
+  IdOpenSSLHeaders_crypto,
+  IdOpenSSLHeaders_pem,
+  IdOpenSSLHeaders_uierr;
+
+{$MINENUMSIZE 4}
+
+const
+  (* These are the possible flags.  They can be or'ed together. *)
+  (* Use to have echoing of input *)
+  UI_INPUT_FLAG_ECHO = $01;
+  (*
+   * Use a default password.  Where that password is found is completely up to
+   * the application, it might for example be in the user data set with
+   * UI_add_user_data().  It is not recommended to have more than one input in
+   * each UI being marked with this flag, or the application might get
+   * confused.
+   *)
+  UI_INPUT_FLAG_DEFAULT_PWD = $02;
+
+
+  (*
+   * The user of these routines may want to define flags of their own.  The core
+   * UI won't look at those, but will pass them on to the method routines.  They
+   * must use higher bits so they don't get confused with the UI bits above.
+   * UI_INPUT_FLAG_USER_BASE tells which is the lowest bit to use.  A good
+   * example of use is this:
+   *
+   *    #define MY_UI_FLAG1       (0x01 << UI_INPUT_FLAG_USER_BASE)
+   *
+  *)
+  UI_INPUT_FLAG_USER_BASE = 16;
+
+  (* The commands *)
+  (*
+   * Use UI_CONTROL_PRINT_ERRORS with the value 1 to have UI_process print the
+   * OpenSSL error stack before printing any info or added error messages and
+   * before any prompting.
+   *)
+  UI_CTRL_PRINT_ERRORS = 1;
+  (*
+   * Check if a UI_process() is possible to do again with the same instance of
+   * a user interface.  This makes UI_ctrl() return 1 if it is redoable, and 0
+   * if not.
+   *)
+  UI_CTRL_IS_REDOABLE = 2;
+
+type
+  (*
+   * Give a user interface parameterised control commands.  This can be used to
+   * send down an integer, a data pointer or a function pointer, as well as be
+   * used to get information from a UI.
+   *)
+  UI_ctrl_f = procedure;
+
+  (*
+   * The UI_STRING type is the data structure that contains all the needed info
+   * about a string or a prompt, including test data for a verification prompt.
+   *)
+  ui_string_st = type Pointer;
+  UI_STRING = ui_string_st;
+  PUI_STRING = ^UI_STRING;
+// DEFINE_STACK_OF(UI_STRING)
+
+  (*
+   * The different types of strings that are currently supported. This is only
+   * needed by method authors.
+   *)
+  UI_string_types = (
+    UIT_NONE = 0,
+    UIT_PROMPT,                 (* Prompt for a string *)
+    UIT_VERIFY,                 (* Prompt for a string and verify *)
+    UIT_BOOLEAN,                (* Prompt for a yes/no response *)
+    UIT_INFO,                   (* Send info to the user *)
+    UIT_ERROR                   (* Send an error message to the user *)
+  );
+
+  (* Create and manipulate methods *)
+  UI_method_opener_cb = function(ui: PUI): TIdC_INT;
+  UI_method_writer_cb = function(ui: PUI; uis: PUI_String): TIdC_INT;
+  UI_method_flusher_cb = function(ui: PUI): TIdC_INT;
+  UI_method_reader_cb = function(ui: PUI; uis: PUI_String): TIdC_INT;
+  UI_method_closer_cb = function(ui: PUI): TIdC_INT;
+  UI_method_data_duplicator_cb = function(ui: PUI; ui_data: Pointer): Pointer;
+  UI_method_data_destructor_cb = procedure(ui: PUI; ui_data: Pointer);
+  UI_method_prompt_constructor_cb = function(ui: PUI; const object_desc: PIdAnsiChar; const object_name: PIdAnsiChar): PIdAnsiChar;
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+procedure UnLoad;
+{$ENDREGION}
+
+var
+  (*
+   * All the following functions return -1 or NULL on error and in some cases
+   * (UI_process()) -2 if interrupted or in some other way cancelled. When
+   * everything is fine, they return 0, a positive value or a non-NULL pointer,
+   * all depending on their purpose.
+   *)
+
+  (* Creators and destructor.   *)
+  UI_new: function: PUI cdecl = nil;
+  UI_new_method: function(const method: PUI_Method): PUI cdecl = nil;
+  UI_free: procedure(ui: PUI) cdecl = nil;
+
+  (*
+   * The following functions are used to add strings to be printed and prompt
+   * strings to prompt for data.  The names are UI_{add,dup}_<function>_string
+   * and UI_{add,dup}_input_boolean.
+   *
+   * UI_{add,dup}_<function>_string have the following meanings:
+   *      add     add a text or prompt string.  The pointers given to these
+   *              functions are used verbatim, no copying is done.
+   *      dup     make a copy of the text or prompt string, then add the copy
+   *              to the collection of strings in the user interface.
+   *      <function>
+   *              The function is a name for the functionality that the given
+   *              string shall be used for.  It can be one of:
+   *                      input   use the string as data prompt.
+   *                      verify  use the string as verification prompt.  This
+   *                              is used to verify a previous input.
+   *                      info    use the string for informational output.
+   *                      error   use the string for error output.
+   * Honestly, there's currently no difference between info and error for the
+   * moment.
+   *
+   * UI_{add,dup}_input_boolean have the same semantics for "add" and "dup",
+   * and are typically used when one wants to prompt for a yes/no response.
+   *
+   * All of the functions in this group take a UI and a prompt string.
+   * The string input and verify addition functions also take a flag argument,
+   * a buffer for the result to end up with, a minimum input size and a maximum
+   * input size (the result buffer MUST be large enough to be able to contain
+   * the maximum number of characters).  Additionally, the verify addition
+   * functions takes another buffer to compare the result against.
+   * The boolean input functions take an action description string (which should
+   * be safe to ignore if the expected user action is obvious, for example with
+   * a dialog box with an OK button and a Cancel button), a string of acceptable
+   * characters to mean OK and to mean Cancel.  The two last strings are checked
+   * to make sure they don't have common characters.  Additionally, the same
+   * flag argument as for the string input is taken, as well as a result buffer.
+   * The result buffer is required to be at least one byte long.  Depending on
+   * the answer, the first character from the OK or the Cancel character strings
+   * will be stored in the first byte of the result buffer.  No NUL will be
+   * added, so the result is *not* a string.
+   *
+   * On success, the all return an index of the added information.  That index
+   * is useful when retrieving results with UI_get0_result(). *)
+
+  UI_add_input_string: function(ui: PUI; const prompt: PIdAnsiChar; flags: TIdC_INT; result_buf: PIdAnsiChar; minsize: TIdC_INT; maxsize: TIdC_INT): TIdC_INT cdecl = nil;
+  UI_dup_input_string: function(ui: PUI; const prompt: PIdAnsiChar; flags: TIdC_INT; result_buf: PIdAnsiChar; minsize: TIdC_INT; maxsize: TIdC_INT): TIdC_INT cdecl = nil;
+  UI_add_verify_string: function(ui: PUI; const prompt: PIdAnsiChar; flags: TIdC_INT; result_buf: PIdAnsiChar; minsize: TIdC_INT; maxsize: TIdC_INT; const test_buf: PIdAnsiChar): TIdC_INT cdecl = nil;
+  UI_dup_verify_string: function(ui: PUI; const prompt: PIdAnsiChar; flags: TIdC_INT; result_buf: PIdAnsiChar; minsize: TIdC_INT; maxsize: TIdC_INT; const test_buf: PIdAnsiChar): TIdC_INT cdecl = nil;
+  UI_add_input_boolean: function(ui: PUI; const prompt: PIdAnsiChar; const action_desc: PIdAnsiChar; const ok_chars: PIdAnsiChar; const cancel_chars: PIdAnsiChar; flags: TIdC_INT; result_buf: PIdAnsiChar): TIdC_INT cdecl = nil;
+  UI_dup_input_boolean: function(ui: PUI; const prompt: PIdAnsiChar; const action_desc: PIdAnsiChar; const ok_chars: PIdAnsiChar; const cancel_chars: PIdAnsiChar; flags: TIdC_INT; result_buf: PIdAnsiChar): TIdC_INT cdecl = nil;
+  UI_add_info_string: function(ui: PUI; const text: PIdAnsiChar): TIdC_INT cdecl = nil;
+  UI_dup_info_string: function(ui: PUI; const text: PIdAnsiChar): TIdC_INT cdecl = nil;
+  UI_add_error_string: function(ui: PUI; const text: PIdAnsiChar): TIdC_INT cdecl = nil;
+  UI_dup_error_string: function(ui: PUI; const text: PIdAnsiChar): TIdC_INT cdecl = nil;
+
+  (*
+   * The following function helps construct a prompt.  object_desc is a
+   * textual short description of the object, for example "pass phrase",
+   * and object_name is the name of the object (might be a card name or
+   * a file name.
+   * The returned string shall always be allocated on the heap with
+   * OPENSSL_malloc(), and need to be free'd with OPENSSL_free().
+   *
+   * If the ui_method doesn't contain a pointer to a user-defined prompt
+   * constructor, a default string is built, looking like this:
+   *
+   *       "Enter {object_desc} for {object_name}:"
+   *
+   * So, if object_desc has the value "pass phrase" and object_name has
+   * the value "foo.key", the resulting string is:
+   *
+   *       "Enter pass phrase for foo.key:"
+   *)
+  UI_construct_prompt: function(ui_method: PUI; const object_desc: PIdAnsiChar; const object_name: PIdAnsiChar): PIdAnsiChar cdecl = nil;
+
+  (*
+   * The following function is used to store a pointer to user-specific data.
+   * Any previous such pointer will be returned and replaced.
+   *
+   * For callback purposes, this function makes a lot more sense than using
+   * ex_data, since the latter requires that different parts of OpenSSL or
+   * applications share the same ex_data index.
+   *
+   * Note that the UI_OpenSSL() method completely ignores the user data. Other
+   * methods may not, however.
+   *)
+  UI_add_user_data: function(ui: PUI; user_data: Pointer): Pointer cdecl = nil;
+  (*
+   * Alternatively, this function is used to duplicate the user data.
+   * This uses the duplicator method function.  The destroy function will
+   * be used to free the user data in this case.
+   *)
+  UI_dup_user_data: function(ui: PUI; user_data: Pointer): TIdC_INT cdecl = nil;
+  (* We need a user data retrieving function as well.  *)
+  UI_get0_user_data: function(ui: PUI): Pointer cdecl = nil;
+
+  (* Return the result associated with a prompt given with the index i. *)
+  UI_get0_result: function(ui: PUI; i: TIdC_INT): PIdAnsiChar cdecl = nil;
+  UI_get_result_length: function(ui: PUI; i: TIdC_INT): TIdC_INT cdecl = nil;
+
+  (* When all strings have been added, process the whole thing. *)
+  UI_process: function(ui: PUI): TIdC_INT cdecl = nil;
+
+  (*
+   * Give a user interface parameterised control commands.  This can be used to
+   * send down an integer, a data pointer or a function pointer, as well as be
+   * used to get information from a UI.
+   *)
+  UI_ctrl: function(ui: PUI; cmd: TIdC_INT; i: TIdC_LONG; p: Pointer; f: UI_ctrl_f): TIdC_INT cdecl = nil;
+
+
+  (* Some methods may use extra data *)
+  //# define UI_set_app_data(s,arg)         UI_set_ex_data(s,0,arg)
+  //# define UI_get_app_data(s)             UI_get_ex_data(s,0)
+
+  //# define UI_get_ex_new_index(l, p, newf, dupf, freef) \
+  //    CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_UI, l, p, newf, dupf, freef)
+  UI_set_ex_data: function(r: PUI; idx: TIdC_INT; arg: Pointer): TIdC_INT cdecl = nil;
+  UI_get_ex_data: function(r: PUI; idx: TIdC_INT): Pointer cdecl = nil;
+
+  (* Use specific methods instead of the built-in one *)
+  UI_set_default_method: procedure(const meth: PUI_Method) cdecl = nil;
+  UI_get_default_method: function: PUI_METHOD cdecl = nil;
+  UI_get_method: function(ui: PUI): PUI_METHOD cdecl = nil;
+  UI_set_method: function(ui: PUI; const meth: PUI_METHOD): PUI_METHOD cdecl = nil;
+
+  (* The method with all the built-in thingies *)
+  UI_OpenSSL: function: PUI_Method cdecl = nil;
+
+  (*
+   * NULL method.  Literally does nothing, but may serve as a placeholder
+   * to avoid internal default.
+   *)
+  UI_null: function: PUI_METHOD cdecl = nil;
+
+  (* ---------- For method writers ---------- *)
+  (*
+     A method contains a number of functions that implement the low level
+     of the User Interface.  The functions are:
+
+          an opener       This function starts a session, maybe by opening
+                          a channel to a tty, or by opening a window.
+          a writer        This function is called to write a given string,
+                          maybe to the tty, maybe as a field label in a
+                          window.
+          a flusher       This function is called to flush everything that
+                          has been output so far.  It can be used to actually
+                          display a dialog box after it has been built.
+          a reader        This function is called to read a given prompt,
+                          maybe from the tty, maybe from a field in a
+                          window.  Note that it's called with all string
+                          structures, not only the prompt ones, so it must
+                          check such things itself.
+          a closer        This function closes the session, maybe by closing
+                          the channel to the tty, or closing the window.
+
+     All these functions are expected to return:
+
+          0       on error.
+          1       on success.
+          -1      on out-of-band events, for example if some prompting has
+                  been canceled (by pressing Ctrl-C, for example).  This is
+                  only checked when returned by the flusher or the reader.
+
+     The way this is used, the opener is first called, then the writer for all
+     strings, then the flusher, then the reader for all strings and finally the
+     closer.  Note that if you want to prompt from a terminal or other command
+     line interface, the best is to have the reader also write the prompts
+     instead of having the writer do it.  If you want to prompt from a dialog
+     box, the writer can be used to build up the contents of the box, and the
+     flusher to actually display the box and run the event loop until all data
+     has been given, after which the reader only grabs the given data and puts
+     them back into the UI strings.
+
+     All method functions take a UI as argument.  Additionally, the writer and
+     the reader take a UI_STRING.
+  *)
+
+  UI_create_method: function(const name: PIdAnsiChar): PUI_Method cdecl = nil;
+  UI_destroy_method: procedure(ui_method: PUI_Method) cdecl = nil;
+
+  UI_method_set_opener: function(method: PUI_Method; opener: UI_method_opener_cb): TIdC_INT cdecl = nil;
+  UI_method_set_writer: function(method: PUI_Method; writer: UI_method_writer_cb): TIdC_INT cdecl = nil;
+  UI_method_set_flusher: function(method: PUI_Method; flusher: UI_method_flusher_cb): TIdC_INT cdecl = nil;
+  UI_method_set_reader: function(method: PUI_Method; reader: UI_method_reader_cb): TIdC_INT cdecl = nil;
+  UI_method_set_closer: function(method: PUI_Method; closer: UI_method_closer_cb): TIdC_INT cdecl = nil;
+  UI_method_set_data_duplicator: function(method: PUI_Method; duplicator: UI_method_data_duplicator_cb; &destructor: UI_method_data_destructor_cb): TIdC_INT cdecl = nil;
+  UI_method_set_prompt_constructor: function(method: PUI_Method; prompt_constructor: UI_method_prompt_constructor_cb): TIdC_INT cdecl = nil;
+  UI_method_set_ex_data: function(method: PUI_Method; idx: TIdC_INT; data: Pointer): TIdC_INT cdecl = nil;
+
+  UI_method_get_opener: function(const method: PUI_METHOD): UI_method_opener_cb cdecl = nil;
+  UI_method_get_writer: function(const method: PUI_METHOD): UI_method_writer_cb cdecl = nil;
+  UI_method_get_flusher: function(const method: PUI_METHOD): UI_method_flusher_cb cdecl = nil;
+  UI_method_get_reader: function(const method: PUI_METHOD): UI_method_reader_cb cdecl = nil;
+  UI_method_get_closer: function(const method: PUI_METHOD): UI_method_closer_cb cdecl = nil;
+  UI_method_get_prompt_constructor: function(const method: PUI_METHOD): UI_method_prompt_constructor_cb cdecl = nil;
+  UI_method_get_data_duplicator: function(const method: PUI_METHOD): UI_method_data_duplicator_cb cdecl = nil;
+  UI_method_get_data_destructor: function(const method: PUI_METHOD): UI_method_data_destructor_cb cdecl = nil;
+  UI_method_get_ex_data: function(const method: PUI_METHOD; idx: TIdC_INT): Pointer cdecl = nil;
+
+  (*
+   * The following functions are helpers for method writers to access relevant
+   * data from a UI_STRING.
+   *)
+
+  (* Return type of the UI_STRING *)
+  UI_get_string_type: function(uis: PUI_String): UI_string_types cdecl = nil;
+  (* Return input flags of the UI_STRING *)
+  UI_get_input_flags: function(uis: PUI_String): TIdC_INT cdecl = nil;
+  (* Return the actual string to output (the prompt, info or error) *)
+  UI_get0_output_string: function(uis: PUI_String): PIdAnsiChar cdecl = nil;
+  (*
+   * Return the optional action string to output (the boolean prompt
+   * instruction)
+   *)
+  UI_get0_action_string: function(uis: PUI_String): PIdAnsiChar cdecl = nil;
+  (* Return the result of a prompt *)
+  UI_get0_result_string: function(uis: PUI_String): PIdAnsiChar cdecl = nil;
+  UI_get_result_string_length: function(uis: PUI_String): TIdC_INT cdecl = nil;
+  (*
+   * Return the string to test the result against.  Only useful with verifies.
+   *)
+  UI_get0_test_string: function(uis: PUI_String): PIdAnsiChar cdecl = nil;
+  (* Return the required minimum size of the result *)
+  UI_get_result_minsize: function(uis: PUI_String): TIdC_INT cdecl = nil;
+  (* Return the required maximum size of the result *)
+  UI_get_result_maxsize: function(uis: PUI_String): TIdC_INT cdecl = nil;
+  (* Set the result of a UI_STRING. *)
+  UI_set_result: function(ui: PUI; uis: PUI_String; const result: PIdAnsiChar): TIdC_INT cdecl = nil;
+  UI_set_result_ex: function(ui: PUI; uis: PUI_String; const result: PIdAnsiChar; len: TIdC_INT): TIdC_INT cdecl = nil;
+
+  (* A couple of popular utility functions *)
+  UI_UTIL_read_pw_string: function(buf: PIdAnsiChar; length: TIdC_INT; const prompt: PIdAnsiChar; verify: TIdC_INT): TIdC_INT cdecl = nil;
+  UI_UTIL_read_pw: function(buf: PIdAnsiChar; buff: PIdAnsiChar; size: TIdC_INT; const prompt: PIdAnsiChar; verify: TIdC_INT): TIdC_INT cdecl = nil;
+  UI_UTIL_wrap_read_pem_callback: function(cb: pem_password_cb; rwflag: TIdC_INT): PUI_Method cdecl = nil;
+
+implementation
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+
+  function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
+  begin
+    Result := LoadLibFunction(ADllHandle, AMethodName);
+    if not Assigned(Result) then
+      AFailed.Add(AMethodName);
+  end;
+
+begin
+  UI_new := LoadFunction('UI_new', AFailed);
+  UI_new_method := LoadFunction('UI_new_method', AFailed);
+  UI_free := LoadFunction('UI_free', AFailed);
+  UI_add_input_string := LoadFunction('UI_add_input_string', AFailed);
+  UI_dup_input_string := LoadFunction('UI_dup_input_string', AFailed);
+  UI_add_verify_string := LoadFunction('UI_add_verify_string', AFailed);
+  UI_dup_verify_string := LoadFunction('UI_dup_verify_string', AFailed);
+  UI_add_input_boolean := LoadFunction('UI_add_input_boolean', AFailed);
+  UI_dup_input_boolean := LoadFunction('UI_dup_input_boolean', AFailed);
+  UI_add_info_string := LoadFunction('UI_add_info_string', AFailed);
+  UI_dup_info_string := LoadFunction('UI_dup_info_string', AFailed);
+  UI_add_error_string := LoadFunction('UI_add_error_string', AFailed);
+  UI_dup_error_string := LoadFunction('UI_dup_error_string', AFailed);
+  UI_construct_prompt := LoadFunction('UI_construct_prompt', AFailed);
+  UI_add_user_data := LoadFunction('UI_add_user_data', AFailed);
+  UI_dup_user_data := LoadFunction('UI_dup_user_data', AFailed);
+  UI_get0_user_data := LoadFunction('UI_get0_user_data', AFailed);
+  UI_get0_result := LoadFunction('UI_get0_result', AFailed);
+  UI_get_result_length := LoadFunction('UI_get_result_length', AFailed);
+  UI_process := LoadFunction('UI_process', AFailed);
+  UI_ctrl := LoadFunction('UI_ctrl', AFailed);
+  UI_set_ex_data := LoadFunction('UI_set_ex_data', AFailed);
+  UI_get_ex_data := LoadFunction('UI_get_ex_data', AFailed);
+  UI_set_default_method := LoadFunction('UI_set_default_method', AFailed);
+  UI_get_default_method := LoadFunction('UI_get_default_method', AFailed);
+  UI_get_method := LoadFunction('UI_get_method', AFailed);
+  UI_set_method := LoadFunction('UI_set_method', AFailed);
+  UI_OpenSSL := LoadFunction('UI_OpenSSL', AFailed);
+  UI_null := LoadFunction('UI_null', AFailed);
+  UI_create_method := LoadFunction('UI_create_method', AFailed);
+  UI_destroy_method := LoadFunction('UI_destroy_method', AFailed);
+  UI_method_set_opener := LoadFunction('UI_method_set_opener', AFailed);
+  UI_method_set_writer := LoadFunction('UI_method_set_writer', AFailed);
+  UI_method_set_flusher := LoadFunction('UI_method_set_flusher', AFailed);
+  UI_method_set_reader := LoadFunction('UI_method_set_reader', AFailed);
+  UI_method_set_closer := LoadFunction('UI_method_set_closer', AFailed);
+  UI_method_set_data_duplicator := LoadFunction('UI_method_set_data_duplicator', AFailed);
+  UI_method_set_prompt_constructor := LoadFunction('UI_method_set_prompt_constructor', AFailed);
+  UI_method_set_ex_data := LoadFunction('UI_method_set_ex_data', AFailed);
+  UI_method_get_opener := LoadFunction('UI_method_get_opener', AFailed);
+  UI_method_get_writer := LoadFunction('UI_method_get_writer', AFailed);
+  UI_method_get_flusher := LoadFunction('UI_method_get_flusher', AFailed);
+  UI_method_get_reader := LoadFunction('UI_method_get_reader', AFailed);
+  UI_method_get_closer := LoadFunction('UI_method_get_closer', AFailed);
+  UI_method_get_prompt_constructor := LoadFunction('UI_method_get_prompt_constructor', AFailed);
+  UI_method_get_data_duplicator := LoadFunction('UI_method_get_data_duplicator', AFailed);
+  UI_method_get_data_destructor := LoadFunction('UI_method_get_data_destructor', AFailed);
+  UI_method_get_ex_data := LoadFunction('UI_method_get_ex_data', AFailed);
+  UI_get_string_type := LoadFunction('UI_get_string_type', AFailed);
+  UI_get_input_flags := LoadFunction('UI_get_input_flags', AFailed);
+  UI_get0_output_string := LoadFunction('UI_get0_output_string', AFailed);
+  UI_get0_action_string := LoadFunction('UI_get0_action_string', AFailed);
+  UI_get0_result_string := LoadFunction('UI_get0_result_string', AFailed);
+  UI_get_result_string_length := LoadFunction('UI_get_result_string_length', AFailed);
+  UI_get0_test_string := LoadFunction('UI_get0_test_string', AFailed);
+  UI_get_result_minsize := LoadFunction('UI_get_result_minsize', AFailed);
+  UI_get_result_maxsize := LoadFunction('UI_get_result_maxsize', AFailed);
+  UI_set_result := LoadFunction('UI_set_result', AFailed);
+  UI_set_result_ex := LoadFunction('UI_set_result_ex', AFailed);
+  UI_UTIL_read_pw_string := LoadFunction('UI_UTIL_read_pw_string', AFailed);
+  UI_UTIL_read_pw := LoadFunction('UI_UTIL_read_pw', AFailed);
+  UI_UTIL_wrap_read_pem_callback := LoadFunction('UI_UTIL_wrap_read_pem_callback', AFailed);
+end;
+
+procedure UnLoad;
+begin
+  UI_new := nil;
+  UI_new_method := nil;
+  UI_free := nil;
+  UI_add_input_string := nil;
+  UI_dup_input_string := nil;
+  UI_add_verify_string := nil;
+  UI_dup_verify_string := nil;
+  UI_add_input_boolean := nil;
+  UI_dup_input_boolean := nil;
+  UI_add_info_string := nil;
+  UI_dup_info_string := nil;
+  UI_add_error_string := nil;
+  UI_dup_error_string := nil;
+  UI_construct_prompt := nil;
+  UI_add_user_data := nil;
+  UI_dup_user_data := nil;
+  UI_get0_user_data := nil;
+  UI_get0_result := nil;
+  UI_get_result_length := nil;
+  UI_process := nil;
+  UI_ctrl := nil;
+  UI_set_ex_data := nil;
+  UI_get_ex_data := nil;
+  UI_set_default_method := nil;
+  UI_get_default_method := nil;
+  UI_get_method := nil;
+  UI_set_method := nil;
+  UI_OpenSSL := nil;
+  UI_null := nil;
+  UI_create_method := nil;
+  UI_destroy_method := nil;
+  UI_method_set_opener := nil;
+  UI_method_set_writer := nil;
+  UI_method_set_flusher := nil;
+  UI_method_set_reader := nil;
+  UI_method_set_closer := nil;
+  UI_method_set_data_duplicator := nil;
+  UI_method_set_prompt_constructor := nil;
+  UI_method_set_ex_data := nil;
+  UI_method_get_opener := nil;
+  UI_method_get_writer := nil;
+  UI_method_get_flusher := nil;
+  UI_method_get_reader := nil;
+  UI_method_get_closer := nil;
+  UI_method_get_prompt_constructor := nil;
+  UI_method_get_data_duplicator := nil;
+  UI_method_get_data_destructor := nil;
+  UI_method_get_ex_data := nil;
+  UI_get_string_type := nil;
+  UI_get_input_flags := nil;
+  UI_get0_output_string := nil;
+  UI_get0_action_string := nil;
+  UI_get0_result_string := nil;
+  UI_get_result_string_length := nil;
+  UI_get0_test_string := nil;
+  UI_get_result_minsize := nil;
+  UI_get_result_maxsize := nil;
+  UI_set_result := nil;
+  UI_set_result_ex := nil;
+  UI_UTIL_read_pw_string := nil;
+  UI_UTIL_read_pw := nil;
+  UI_UTIL_wrap_read_pem_callback := nil;
+end;
+{$ENDREGION}
+
+end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_uierr.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_uierr.pas
new file mode 100644
index 000000000..7bfe8a2ee
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_uierr.pas
@@ -0,0 +1,121 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 15:01:04
+
+unit IdOpenSSLHeaders_uierr;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// uierr.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  Classes,
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+const
+  (*
+   * UI function codes.
+   *)
+  UI_F_CLOSE_CONSOLE = 115;
+  UI_F_ECHO_CONSOLE = 116;
+  UI_F_GENERAL_ALLOCATE_BOOLEAN = 108;
+  UI_F_GENERAL_ALLOCATE_PROMPT = 109;
+  UI_F_NOECHO_CONSOLE = 117;
+  UI_F_OPEN_CONSOLE = 114;
+  UI_F_UI_CONSTRUCT_PROMPT = 121;
+  UI_F_UI_CREATE_METHOD = 112;
+  UI_F_UI_CTRL = 111;
+  UI_F_UI_DUP_ERROR_STRING = 101;
+  UI_F_UI_DUP_INFO_STRING = 102;
+  UI_F_UI_DUP_INPUT_BOOLEAN = 110;
+  UI_F_UI_DUP_INPUT_STRING = 103;
+  UI_F_UI_DUP_USER_DATA = 118;
+  UI_F_UI_DUP_VERIFY_STRING = 106;
+  UI_F_UI_GET0_RESULT = 107;
+  UI_F_UI_GET_RESULT_LENGTH = 119;
+  UI_F_UI_NEW_METHOD = 104;
+  UI_F_UI_PROCESS = 113;
+  UI_F_UI_SET_RESULT = 105;
+  UI_F_UI_SET_RESULT_EX = 120;
+
+  (*
+   * UI reason codes.
+   *)
+  UI_R_COMMON_OK_AND_CANCEL_CHARACTERS = 104;
+  UI_R_INDEX_TOO_LARGE = 102;
+  UI_R_INDEX_TOO_SMALL = 103;
+  UI_R_NO_RESULT_BUFFER = 105;
+  UI_R_PROCESSING_ERROR = 107;
+  UI_R_RESULT_TOO_LARGE = 100;
+  UI_R_RESULT_TOO_SMALL = 101;
+  UI_R_SYSASSIGN_ERROR = 109;
+  UI_R_SYSDASSGN_ERROR = 110;
+  UI_R_SYSQIOW_ERROR = 111;
+  UI_R_UNKNOWN_CONTROL_COMMAND = 106;
+  UI_R_UNKNOWN_TTYGET_ERRNO_VALUE = 108;
+  UI_R_USER_DATA_DUPLICATION_UNSUPPORTED = 112;
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+procedure UnLoad;
+{$ENDREGION}
+
+var
+  ERR_load_UI_strings: function: TIdC_INT cdecl = nil;
+
+implementation
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+
+  function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
+  begin
+    Result := LoadLibFunction(ADllHandle, AMethodName);
+    if not Assigned(Result) then
+      AFailed.Add(AMethodName);
+  end;
+
+begin
+  ERR_load_UI_strings := LoadFunction('ERR_load_UI_strings', AFailed);
+end;
+
+procedure UnLoad;
+begin
+  ERR_load_UI_strings := nil;
+end;
+{$ENDREGION}
+
+end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_whrlpool.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_whrlpool.pas
new file mode 100644
index 000000000..05282eb36
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_whrlpool.pas
@@ -0,0 +1,110 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 15:01:04
+
+unit IdOpenSSLHeaders_whrlpool;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// whrlpool.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  Classes,
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+const
+  WHIRLPOOL_DIGEST_LENGTH = 512 div 8;
+  WHIRLPOOL_BBLOCK = 512;
+  WHIRLPOOL_COUNTER = 256 div 8;
+
+type
+  WHIRLPOOL_CTX_union = record
+    case Byte of
+      0: (c: array[0 .. WHIRLPOOL_DIGEST_LENGTH -1] of Byte);
+      (* double q is here to ensure 64-bit alignment *)
+      1: (q: array[0 .. (WHIRLPOOL_DIGEST_LENGTH div SizeOf(TIdC_DOUBLE)) -1] of TIdC_DOUBLE);
+  end;
+  WHIRLPOOL_CTX = record
+    H: WHIRLPOOL_CTX_union;
+    data: array[0 .. (WHIRLPOOL_BBLOCK div 8) -1] of Byte;
+    bitoff: TIdC_UINT;
+    bitlen: array[0 .. (WHIRLPOOL_COUNTER div SizeOf(TIdC_SIZET)) -1] of TIdC_SIZET;
+  end;
+  PWHIRLPOOL_CTX = ^WHIRLPOOL_CTX;
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+procedure UnLoad;
+{$ENDREGION}
+
+var
+  WHIRLPOOL_Init: function(c: PWHIRLPOOL_CTX): TIdC_INT cdecl = nil;
+  WHIRLPOOL_Update: function(c: PWHIRLPOOL_CTX; inp: Pointer; bytes: TIdC_SIZET): TIdC_INT cdecl = nil;
+  WHIRLPOOL_BitUpdate: procedure(c: PWHIRLPOOL_CTX; inp: Pointer; bits: TIdC_SIZET) cdecl = nil;
+  WHIRLPOOL_Final: function(md: PByte; c: PWHIRLPOOL_CTX): TIdC_INT cdecl = nil;
+  WHIRLPOOL: function(inp: Pointer; bytes: TIdC_SIZET; md: PByte): PByte cdecl = nil;
+
+implementation
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+
+  function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
+  begin
+    Result := LoadLibFunction(ADllHandle, AMethodName);
+    if not Assigned(Result) then
+      AFailed.Add(AMethodName);
+  end;
+
+begin
+  WHIRLPOOL_Init := LoadFunction('WHIRLPOOL_Init', AFailed);
+  WHIRLPOOL_Update := LoadFunction('WHIRLPOOL_Update', AFailed);
+  WHIRLPOOL_BitUpdate := LoadFunction('WHIRLPOOL_BitUpdate', AFailed);
+  WHIRLPOOL_Final := LoadFunction('WHIRLPOOL_Final', AFailed);
+  WHIRLPOOL := LoadFunction('WHIRLPOOL', AFailed);
+end;
+
+procedure UnLoad;
+begin
+  WHIRLPOOL_Init := nil;
+  WHIRLPOOL_Update := nil;
+  WHIRLPOOL_BitUpdate := nil;
+  WHIRLPOOL_Final := nil;
+  WHIRLPOOL := nil;
+end;
+{$ENDREGION}
+
+end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_x509.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_x509.pas
new file mode 100644
index 000000000..32cf71111
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_x509.pas
@@ -0,0 +1,1751 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 15:01:04
+
+unit IdOpenSSLHeaders_x509;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// x509.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  Classes,
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts,
+  IdOpenSSLHeaders_asn1,
+  IdOpenSSLHeaders_bio,
+  IdOpenSSLHeaders_evp,
+  IdOpenSSLHeaders_ossl_typ;
+
+type
+  X509_ALGORS = type Pointer;
+
+const
+  (* Flags for X509_get_signature_info() *)
+  (* Signature info is valid *)
+  X509_SIG_INFO_VALID = $1;
+  (* Signature is suitable for TLS use *)
+  X509_SIG_INFO_TLS = $2;
+
+  X509_FILETYPE_PEM     = 1;
+  X509_FILETYPE_ASN1    = 2;
+  X509_FILETYPE_DEFAULT = 3;
+
+  X509v3_KU_DIGITAL_SIGNATURE = $0080;
+  X509v3_KU_NON_REPUDIATION   = $0040;
+  X509v3_KU_KEY_ENCIPHERMENT  = $0020;
+  X509v3_KU_DATA_ENCIPHERMENT = $0010;
+  X509v3_KU_KEY_AGREEMENT     = $0008;
+  X509v3_KU_KEY_CERT_SIGN     = $0004;
+  X509v3_KU_CRL_SIGN          = $0002;
+  X509v3_KU_ENCIPHER_ONLY     = $0001;
+  X509v3_KU_DECIPHER_ONLY     = $8000;
+  X509v3_KU_UNDEF             = $ffff;
+
+  X509_EX_V_NETSCAPE_HACK = $8000;
+  X509_EX_V_INIT          = $0001;
+
+
+  (* standard trust ids *)
+
+  X509_TRUST_DEFAULT      = 0; (* Only valid in purpose settings *)
+
+  X509_TRUST_COMPAT       = 1;
+  X509_TRUST_SSL_CLIENT   = 2;
+  X509_TRUST_SSL_SERVER   = 3;
+  X509_TRUST_EMAIL        = 4;
+  X509_TRUST_OBJECT_SIGN  = 5;
+  X509_TRUST_OCSP_SIGN    = 6;
+  X509_TRUST_OCSP_REQUEST = 7;
+  X509_TRUST_TSA          = 8;
+
+  (* Keep these up to date! *)
+  X509_TRUST_MIN          = 1;
+  X509_TRUST_MAX          = 8;
+
+  (* trust_flags values *)
+  X509_TRUST_DYNAMIC      = TIdC_UINT(1) shl 0;
+  X509_TRUST_DYNAMIC_NAME = TIdC_UINT(1) shl 1;
+  (* No compat trust if self-signed, preempts "DO_SS" *)
+  X509_TRUST_NO_SS_COMPAT = TIdC_UINT(1) shl 2;
+  (* Compat trust if no explicit accepted trust EKUs *)
+  X509_TRUST_DO_SS_COMPAT = TIdC_UINT(1) shl 3;
+  (* Accept "anyEKU" as a wildcard trust OID *)
+  X509_TRUST_OK_ANY_EKU   = TIdC_UINT(1) shl 4;
+
+  (* check_trust return codes *)
+
+  X509_TRUST_TRUSTED   = 1;
+  X509_TRUST_REJECTED  = 2;
+  X509_TRUST_UNTRUSTED = 3;
+
+  (* Flags for X509_print_ex() *)
+
+  X509_FLAG_COMPAT        = 0;
+  X509_FLAG_NO_HEADER     = TIdC_LONG(1);
+  X509_FLAG_NO_VERSION    = TIdC_LONG(1) shl 1;
+  X509_FLAG_NO_SERIAL     = TIdC_LONG(1) shl 2;
+  X509_FLAG_NO_SIGNAME    = TIdC_LONG(1) shl 3;
+  X509_FLAG_NO_ISSUER     = TIdC_LONG(1) shl 4;
+  X509_FLAG_NO_VALIDITY   = TIdC_LONG(1) shl 5;
+  X509_FLAG_NO_SUBJECT    = TIdC_LONG(1) shl 6;
+  X509_FLAG_NO_PUBKEY     = TIdC_LONG(1) shl 7;
+  X509_FLAG_NO_EXTENSIONS = TIdC_LONG(1) shl 8;
+  X509_FLAG_NO_SIGDUMP    = TIdC_LONG(1) shl 9;
+  X509_FLAG_NO_AUX        = TIdC_LONG(1) shl 10;
+  X509_FLAG_NO_ATTRIBUTES = TIdC_LONG(1) shl 11;
+  X509_FLAG_NO_IDS        = TIdC_LONG(1) shl 12;
+
+  (* Flags specific to X509_NAME_print_ex() *)
+
+  (* The field separator information *)
+
+  XN_FLAG_SEP_MASK       = $f shl 16;
+
+  XN_FLAG_COMPAT         = 0;(* Traditional; use old X509_NAME_print *)
+  XN_FLAG_SEP_COMMA_PLUS = 1 shl 16;(* RFC2253 ,+ *)
+  XN_FLAG_SEP_CPLUS_SPC  = 2 shl 16;(* ,+ spaced: more readable *)
+  XN_FLAG_SEP_SPLUS_SPC  = 3 shl 16;(* ;+ spaced *)
+  XN_FLAG_SEP_MULTILINE  = 4 shl 16;(* One line per field *)
+
+  XN_FLAG_DN_REV         = 1 shl 20;(* Reverse DN order *)
+
+  (* How the field name is shown *)
+
+  XN_FLAG_FN_MASK        = $3 shl 21;
+
+  XN_FLAG_FN_SN          = 0;(* Object short name *)
+  XN_FLAG_FN_LN          = 1 shl 21;(* Object long name *)
+  XN_FLAG_FN_OID         = 2 shl 21;(* Always use OIDs *)
+  XN_FLAG_FN_NONE        = 3 shl 21;(* No field names *)
+
+  XN_FLAG_SPC_EQ         = 1 shl 23;(* Put spaces round '=' *)
+
+  (*
+   * This determines if we dump fields we don't recognise: RFC2253 requires
+   * this.
+   *)
+
+  XN_FLAG_DUMP_UNKNOWN_FIELDS = 1 shl 24;
+
+  XN_FLAG_FN_ALIGN = 1 shl 25;(* Align field names to 20
+                                             * characters *)
+
+  (* Complete set of RFC2253 flags *)
+
+  XN_FLAG_RFC2253 = ASN1_STRFLGS_RFC2253 or XN_FLAG_SEP_COMMA_PLUS
+    or XN_FLAG_DN_REV or XN_FLAG_FN_SN or XN_FLAG_DUMP_UNKNOWN_FIELDS;
+
+  (* readable oneline form *)
+
+  XN_FLAG_ONELINE = ASN1_STRFLGS_RFC2253 or ASN1_STRFLGS_ESC_QUOTE
+    or XN_FLAG_SEP_CPLUS_SPC or XN_FLAG_SPC_EQ or XN_FLAG_FN_SN;
+
+  (* readable multiline form *)
+
+  XN_FLAG_MULTILINE = ASN1_STRFLGS_ESC_CTRL or ASN1_STRFLGS_ESC_MSB
+    or XN_FLAG_SEP_MULTILINE or XN_FLAG_SPC_EQ or XN_FLAG_FN_LN or XN_FLAG_FN_ALIGN;
+
+  X509_EXT_PACK_UNKNOWN = 1;
+  X509_EXT_PACK_STRING  = 2;
+
+type
+  X509_val_st = record
+    notBefore: PASN1_TIME;
+    notAfter: PASN1_TIME;
+  end;
+  X509_VAL = X509_val_st;
+  PX509_VAL = ^X509_VAL;
+  PPX509_VAL = ^PX509_VAL;
+
+  X509_SIG = type Pointer; // X509_sig_st
+  PX509_SIG = ^X509_SIG;
+  PPX509_SIG = ^PX509_SIG;
+
+  X509_NAME_ENTRY = type Pointer; // X509_name_entry_st
+  PX509_NAME_ENTRY = ^X509_NAME_ENTRY;
+  PPX509_NAME_ENTRY = ^PX509_NAME_ENTRY;
+
+  //DEFINE_STACK_OF(X509_NAME_ENTRY)
+  //
+  //DEFINE_STACK_OF(X509_NAME)
+
+  X509_EXTENSION = type Pointer; // X509_extension_st
+  PX509_EXTENSION = ^X509_EXTENSION;
+  PPX509_EXTENSION = ^PX509_EXTENSION;
+
+  //typedef STACK_OF(X509_EXTENSION) X509_EXTENSIONS;
+  //
+  //DEFINE_STACK_OF(X509_EXTENSION)
+
+  X509_ATTRIBUTE = type Pointer; // x509_attributes_st
+  PX509_ATTRIBUTE = ^X509_ATTRIBUTE;
+  PPX509_ATTRIBUTE = ^PX509_ATTRIBUTE;
+
+  //DEFINE_STACK_OF(X509_ATTRIBUTE)
+
+  X509_REQ_INFO = type Pointer; // X509_req_info_st
+  PX509_REQ_INFO = ^X509_REQ_INFO;
+  PPX509_REQ_INFO = ^PX509_REQ_INFO;
+
+  X509_CERT_AUX = type Pointer; // x509_cert_aux_st
+
+  X509_CINF = type Pointer; // x509_cinf_st
+
+  //DEFINE_STACK_OF(X509)
+
+  (* This is used for a table of trust checking functions *)
+
+  Px509_trust_st = ^x509_trust_st;
+  x509_trust_st = record
+    trust: TIdC_INT;
+    flags: TIdC_INT;
+    check_trust: function(v1: Px509_trust_st; v2: PX509; v3: TIdC_INT): TIdC_INT;
+    name: PIdAnsiChar;
+    arg1: TIdC_INT;
+    arg2: Pointer;
+  end;
+  X509_TRUST = x509_trust_st;
+  PX509_TRUST = ^X509_TRUST;
+
+  //DEFINE_STACK_OF(X509_TRUST)
+
+  //DEFINE_STACK_OF(X509_REVOKED)
+  X509_REVOKED = type Pointer;   //////////////////////////////////////////////
+  PX509_REVOKED = ^X509_REVOKED; //////////////////////////////////////////////
+  PPX509_REVOKED = ^PX509_REVOKED;/////////////////////////////////////////////
+
+  X509_CRL_INFO = type Pointer; // X509_crl_info_st
+  PX509_CRL_INFO = ^X509_CRL_INFO;
+  PPX509_CRL_INFO = ^PX509_CRL_INFO;
+
+  //DEFINE_STACK_OF(X509_CRL)
+
+  private_key_st = record
+    version: TIdC_INT;
+    (* The PKCS#8 data types *)
+    enc_algor: PX509_ALGOR;
+    enc_pkey: PASN1_OCTET_STRING; (* encrypted pub key *)
+    (* When decrypted, the following will not be NULL *)
+    dec_pkey: PEVP_PKEY;
+    (* used to encrypt and decrypt *)
+    key_length: TIdC_INT;
+    key_data: PIdAnsiChar;
+    key_free: TIdC_INT;               (* true if we should auto free key_data *)
+    (* expanded version of 'enc_algor' *)
+    cipher: EVP_CIPHER_INFO;
+  end;
+  X509_PKEY = private_key_st;
+  PX509_PKEY = ^X509_PKEY;
+
+  X509_info_st = record
+    x509: PX509;
+    crl: PX509_CRL;
+    x_pkey: PX509_PKEY;
+    enc_cipher: EVP_CIPHER_INFO;
+    enc_len: TIdC_INT;
+    enc_data: PIdAnsiChar;
+  end;
+  X509_INFO = X509_info_st;
+  PX509_INFO = ^X509_INFO;
+
+  //DEFINE_STACK_OF(X509_INFO)
+
+  (*
+   * The next 2 structures and their 8 routines are used to manipulate Netscape's
+   * spki structures - useful if you are writing a CA web page
+   *)
+  Netscape_spkac_st = record
+    pubkey: PX509_PUBKEY;
+    challenge: PASN1_IA5STRING;  (* challenge sent in atlas >= PR2 *)
+  end;
+  NETSCAPE_SPKAC = Netscape_spkac_st;
+  PNETSCAPE_SPKAC = ^NETSCAPE_SPKAC;
+
+  Netscape_spki_st = record
+    spkac: PNETSCAPE_SPKAC;      (* signed public key and challenge *)
+    sig_algor: X509_ALGOR;
+    signature: PASN1_BIT_STRING;
+  end;
+  NETSCAPE_SPKI = Netscape_spki_st;
+  PNETSCAPE_SPKI = ^NETSCAPE_SPKI;
+
+  (* Netscape certificate sequence structure *)
+//  Netscape_certificate_sequence: record
+//    &type: PASN1_OBJECT;
+//    certs: P --> STACK_OF(X509) <--;
+//  end;
+//  NETSCAPE_CERT_SEQUENCE = Netscape_certificate_sequence;
+
+  (*- Unused (and iv length is wrong)
+  typedef struct CBCParameter_st
+          {
+          unsigned char iv[8];
+          } CBC_PARAM;
+  *)
+
+  (* Password based encryption structure *)
+  PBEPARAM_st = record
+    salt: PASN1_OCTET_STRING;
+    iter: PASN1_INTEGER;
+  end;
+  PBEPARAM = PBEPARAM_st;
+
+  (* Password based encryption V2 structures *)
+  PBE2PARAM_st = record
+    keyfunc: PX509_ALGOR;
+    encryption: X509_ALGOR;
+  end;
+  PBE2PARAM = PBE2PARAM_st;
+
+  PBKDF2PARAM_st = record
+  (* Usually OCTET STRING but could be anything *)
+    salt: PASN1_TYPE;
+    iter: PASN1_INTEGER;
+    keylength: PASN1_INTEGER;
+    prf: X509_ALGOR;
+  end;
+  PBKDF2PARAM = PBKDF2PARAM_st;
+
+  SCRYPT_PARAMS_st = record
+    salt: PASN1_OCTET_STRING;
+    costParameter: PASN1_INTEGER;
+    blockSize: PASN1_INTEGER;
+    parallelizationParameter: PASN1_INTEGER;
+    keyLength: ASN1_INTEGER;
+  end;
+  SCRYPT_PARAMS = SCRYPT_PARAMS_st;
+
+  //# define         X509_extract_key(x)     X509_get_pubkey(x)(*****)
+  //# define         X509_REQ_extract_key(a) X509_REQ_get_pubkey(a)
+  //# define         X509_name_cmp(a,b)      X509_NAME_cmp((a),(b))
+  //
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+procedure UnLoad;
+{$ENDREGION}
+
+var
+  X509_CRL_set_default_method: procedure(const meth: PX509_CRL_METHOD) cdecl = nil;
+//  function X509_CRL_METHOD_new(crl_init: function(crl: X509_CRL): TIdC_INT;
+//    crl_free: function(crl: PX509_CRL): TIdC_INT;
+//    crl_lookup: function(crl: PX509_CRL; ret: PPX509_REVOKED; ser: PASN1_INTEGER; issuer: PX509_NAME): TIdC_INT;
+//    crl_verify: function(crl: PX509_CRL, pk: PEVP_PKEY): TIdC_INT): PX509_CRL_METHOD;
+  X509_CRL_METHOD_free: procedure(m: PX509_CRL_METHOD) cdecl = nil;
+
+  X509_CRL_set_meth_data: procedure(crl: PX509_CRL; dat: Pointer) cdecl = nil;
+  X509_CRL_get_meth_data: function(crl: PX509_CRL): Pointer cdecl = nil;
+
+  X509_verify_cert_error_string: function(n: TIdC_LONG): PIdAnsiChar cdecl = nil;
+
+  X509_verify: function(a: PX509; r: PEVP_PKEY): TIdC_INT cdecl = nil;
+
+  X509_REQ_verify: function(a: PX509_REQ; r: PEVP_PKEY): TIdC_INT cdecl = nil;
+  X509_CRL_verify: function(a: PX509_CRL; r: PEVP_PKEY): TIdC_INT cdecl = nil;
+  NETSCAPE_SPKI_verify: function(a: PNETSCAPE_SPKI; r: PEVP_PKEY): TIdC_INT cdecl = nil;
+
+  NETSCAPE_SPKI_b64_decode: function(const str: PIdAnsiChar; len: TIdC_INT): PNETSCAPE_SPKI cdecl = nil;
+  NETSCAPE_SPKI_b64_encode: function(x: PNETSCAPE_SPKI): PIdAnsiChar cdecl = nil;
+  NETSCAPE_SPKI_get_pubkey: function(x: PNETSCAPE_SPKI): PEVP_PKEY cdecl = nil;
+  NETSCAPE_SPKI_set_pubkey: function(x: PNETSCAPE_SPKI; pkey: PEVP_PKEY): TIdC_INT cdecl = nil;
+
+  NETSCAPE_SPKI_print: function(&out: PBIO; spki: PNETSCAPE_SPKI): TIdC_INT cdecl = nil;
+
+  X509_signature_dump: function(bp: PBIO; const sig: PASN1_STRING; indent: TIdC_INT): TIdC_INT cdecl = nil;
+  X509_signature_print: function(bp: PBIO; const alg: PX509_ALGOR; const sig: PASN1_STRING): TIdC_INT cdecl = nil;
+
+  X509_sign: function(x: PX509; pkey: PEVP_PKEY; const md: PEVP_MD): TIdC_INT cdecl = nil;
+  X509_sign_ctx: function(x: PX509; ctx: PEVP_MD_CTX): TIdC_INT cdecl = nil;
+
+  X509_http_nbio: function(rctx: POCSP_REQ_CTX; pcert: PPX509): TIdC_INT cdecl = nil;
+
+  X509_REQ_sign: function(x: PX509_REQ; pkey: PEVP_PKEY; const md: PEVP_MD): TIdC_INT cdecl = nil;
+  X509_REQ_sign_ctx: function(x: PX509_REQ; ctx: PEVP_MD_CTX): TIdC_INT cdecl = nil;
+  X509_CRL_sign: function(x: PX509_CRL; pkey: PEVP_PKEY; const md: PEVP_MD): TIdC_INT cdecl = nil;
+  X509_CRL_sign_ctx: function(x: PX509_CRL; ctx: PEVP_MD_CTX): TIdC_INT cdecl = nil;
+
+  X509_CRL_http_nbio: function(rctx: POCSP_REQ_CTX; pcrl: PPX509_CRL): TIdC_INT cdecl = nil;
+
+  NETSCAPE_SPKI_sign: function(x: PNETSCAPE_SPKI; pkey: PEVP_PKEY; const md: PEVP_MD): TIdC_INT cdecl = nil;
+
+  X509_pubkey_digest: function(const data: PX509; const &type: PEVP_MD; md: PByte; len: PIdC_UINT): TIdC_INT cdecl = nil;
+  X509_digest: function(const data: PX509; const &type: PEVP_MD; md: PByte; len: PIdC_UINT): TIdC_INT cdecl = nil;
+  X509_CRL_digest: function(const data: PX509_CRL; const &type: PEVP_MD; md: PByte; len: PIdC_UINT): TIdC_INT cdecl = nil;
+  X509_REQ_digest: function(const data: PX509_REQ; const &type: PEVP_MD; md: PByte; len: PIdC_UINT): TIdC_INT cdecl = nil;
+  X509_NAME_digest: function(const data: PX509_NAME; const &type: PEVP_MD; md: PByte; len: PIdC_UINT): TIdC_INT cdecl = nil;
+
+  //# ifndef OPENSSL_NO_STDIO
+  //X509 *d2i_X509_fp(FILE *fp, X509 **x509);
+  //TIdC_INT i2d_X509_fp(FILE *fp, X509 *x509);
+  //X509_CRL *d2i_X509_CRL_fp(FILE *fp, X509_CRL **crl);
+  //TIdC_INT i2d_X509_CRL_fp(FILE *fp, X509_CRL *crl);
+  //X509_REQ *d2i_X509_REQ_fp(FILE *fp, X509_REQ **req);
+  //TIdC_INT i2d_X509_REQ_fp(FILE *fp, X509_REQ *req);
+  //#  ifndef OPENSSL_NO_RSA
+  //RSA *d2i_RSAPrivateKey_fp(FILE *fp, RSA **rsa);
+  //TIdC_INT i2d_RSAPrivateKey_fp(FILE *fp, RSA *rsa);
+  //RSA *d2i_RSAPublicKey_fp(FILE *fp, RSA **rsa);
+  //TIdC_INT i2d_RSAPublicKey_fp(FILE *fp, RSA *rsa);
+  //RSA *d2i_RSA_PUBKEY_fp(FILE *fp, RSA **rsa);
+  //TIdC_INT i2d_RSA_PUBKEY_fp(FILE *fp, RSA *rsa);
+  //#  endif
+  //#  ifndef OPENSSL_NO_DSA
+  //DSA *d2i_DSA_PUBKEY_fp(FILE *fp, DSA **dsa);
+  //TIdC_INT i2d_DSA_PUBKEY_fp(FILE *fp, DSA *dsa);
+  //DSA *d2i_DSAPrivateKey_fp(FILE *fp, DSA **dsa);
+  //TIdC_INT i2d_DSAPrivateKey_fp(FILE *fp, DSA *dsa);
+  //#  endif
+  //#  ifndef OPENSSL_NO_EC
+  //EC_KEY *d2i_EC_PUBKEY_fp(FILE *fp, EC_KEY **eckey);
+  //TIdC_INT i2d_EC_PUBKEY_fp(FILE *fp, EC_KEY *eckey);
+  //EC_KEY *d2i_ECPrivateKey_fp(FILE *fp, EC_KEY **eckey);
+  //TIdC_INT i2d_ECPrivateKey_fp(FILE *fp, EC_KEY *eckey);
+  //#  endif
+  //X509_SIG *d2i_PKCS8_fp(FILE *fp, X509_SIG **p8);
+  //TIdC_INT i2d_PKCS8_fp(FILE *fp, X509_SIG *p8);
+  //PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_fp(FILE *fp,
+  //                                                PKCS8_PRIV_KEY_INFO **p8inf);
+  //TIdC_INT i2d_PKCS8_PRIV_KEY_INFO_fp(FILE *fp, PKCS8_PRIV_KEY_INFO *p8inf);
+  //TIdC_INT i2d_PKCS8PrivateKeyInfo_fp(FILE *fp, EVP_PKEY *key);
+  //TIdC_INT i2d_PrivateKey_fp(FILE *fp, EVP_PKEY *pkey);
+  //EVP_PKEY *d2i_PrivateKey_fp(FILE *fp, EVP_PKEY **a);
+  //TIdC_INT i2d_PUBKEY_fp(FILE *fp, EVP_PKEY *pkey);
+  //EVP_PKEY *d2i_PUBKEY_fp(FILE *fp, EVP_PKEY **a);
+  //# endif
+
+  d2i_X509_bio: function(bp: PBIO; x509: PPX509): PX509 cdecl = nil;
+  i2d_X509_bio: function(bp: PBIO; x509: PX509): TIdC_INT cdecl = nil;
+  d2i_X509_CRL_bio: function(bp: PBIO; crl: PPX509_CRL): PX509_CRL cdecl = nil;
+  i2d_X509_CRL_bio: function(bp: PBIO; crl: PX509_CRL): TIdC_INT cdecl = nil;
+  d2i_X509_REQ_bio: function(bp: PBIO; req: PPX509_REQ): PX509_REQ cdecl = nil;
+  i2d_X509_REQ_bio: function(bp: PBIO; req: PX509_REQ): TIdC_INT cdecl = nil;
+
+  d2i_RSAPrivateKey_bio: function(bp: PBIO; rsa: PPRSA): PRSA cdecl = nil;
+  i2d_RSAPrivateKey_bio: function(bp: PBIO; rsa: PRSA): TIdC_INT cdecl = nil;
+  d2i_RSAPublicKey_bio: function(bp: PBIO; rsa: PPRSA): PRSA cdecl = nil;
+  i2d_RSAPublicKey_bio: function(bp: PBIO; rsa: PRSA): TIdC_INT cdecl = nil;
+  d2i_RSA_PUBKEY_bio: function(bp: PBIO; rsa: PPRSA): PRSA cdecl = nil;
+  i2d_RSA_PUBKEY_bio: function(bp: PBIO; rsa: PRSA): TIdC_INT cdecl = nil;
+
+  d2i_DSA_PUBKEY_bio: function(bp: PBIO; dsa: PPDSA): DSA cdecl = nil;
+  i2d_DSA_PUBKEY_bio: function(bp: PBIO; dsa: PDSA): TIdC_INT cdecl = nil;
+  d2i_DSAPrivateKey_bio: function(bp: PBIO; dsa: PPDSA): PDSA cdecl = nil;
+  i2d_DSAPrivateKey_bio: function(bp: PBIO; dsa: PDSA): TIdC_INT cdecl = nil;
+
+  d2i_EC_PUBKEY_bio: function(bp: PBIO; eckey: PPEC_KEY): PEC_KEY cdecl = nil;
+  i2d_EC_PUBKEY_bio: function(bp: PBIO; eckey: PEC_KEY): TIdC_INT cdecl = nil;
+  d2i_ECPrivateKey_bio: function(bp: PBIO; eckey: PPEC_KEY): EC_KEY cdecl = nil;
+  i2d_ECPrivateKey_bio: function(bp: PBIO; eckey: PEC_KEY): TIdC_INT cdecl = nil;
+
+  d2i_PKCS8_bio: function(bp: PBIO; p8: PPX509_SIG): PX509_SIG cdecl = nil;
+  i2d_PKCS8_bio: function(bp: PBIO; p8: PX509_SIG): TIdC_INT cdecl = nil;
+  d2i_PKCS8_PRIV_KEY_INFO_bio: function(bp: PBIO; p8inf: PPPKCS8_PRIV_KEY_INFO): PPKCS8_PRIV_KEY_INFO cdecl = nil;
+  i2d_PKCS8_PRIV_KEY_INFO_bio: function(bp: PBIO; p8inf: PPKCS8_PRIV_KEY_INFO): TIdC_INT cdecl = nil;
+  i2d_PKCS8PrivateKeyInfo_bio: function(bp: PBIO; key: PEVP_PKEY): TIdC_INT cdecl = nil;
+  i2d_PrivateKey_bio: function(bp: PBIO; pkey: PEVP_PKEY): TIdC_INT cdecl = nil;
+  d2i_PrivateKey_bio: function(bp: PBIO; a: PPEVP_PKEY): PEVP_PKEY cdecl = nil;
+  i2d_PUBKEY_bio: function(bp: PBIO; pkey: PEVP_PKEY): TIdC_INT cdecl = nil;
+  d2i_PUBKEY_bio: function(bp: PBIO; a: PPEVP_PKEY): PEVP_PKEY cdecl = nil;
+
+  X509_dup: function(x509: PX509): PX509 cdecl = nil;
+  X509_ATTRIBUTE_dup: function(xa: PX509_ATTRIBUTE): PX509_ATTRIBUTE cdecl = nil;
+  X509_EXTENSION_dup: function(ex: PX509_EXTENSION): PX509_EXTENSION cdecl = nil;
+  X509_CRL_dup: function(crl: PX509_CRL): PX509_CRL cdecl = nil;
+  X509_REVOKED_dup: function(rev: PX509_REVOKED): PX509_REVOKED cdecl = nil;
+  X509_REQ_dup: function(req: PX509_REQ): PX509_REQ cdecl = nil;
+  X509_ALGOR_dup: function(xn: PX509_ALGOR): PX509_ALGOR cdecl = nil;
+  X509_ALGOR_set0: function(alg: PX509_ALGOR; aobj: PASN1_OBJECT; ptype: TIdC_INT; pval: Pointer): TIdC_INT cdecl = nil;
+  X509_ALGOR_get0: procedure(const paobj: PPASN1_OBJECT; pptype: PIdC_INT; const ppval: PPointer; const algor: PX509_ALGOR) cdecl = nil;
+  X509_ALGOR_set_md: procedure(alg: PX509_ALGOR; const md: PEVP_MD) cdecl = nil;
+  X509_ALGOR_cmp: function(const a: PX509_ALGOR; const b: PX509_ALGOR): TIdC_INT cdecl = nil;
+
+  X509_NAME_dup: function(xn: PX509_NAME): PX509_NAME cdecl = nil;
+  X509_NAME_ENTRY_dup: function(ne: PX509_NAME_ENTRY): PX509_NAME_ENTRY cdecl = nil;
+
+  X509_cmp_time: function(const s: PASN1_TIME; t: PIdC_TIMET): TIdC_INT cdecl = nil;
+  X509_cmp_current_time: function(const s: PASN1_TIME): TIdC_INT cdecl = nil;
+  X509_time_adj: function(s: PASN1_TIME; adj: TIdC_LONG; t: PIdC_TIMET): PASN1_TIME cdecl = nil;
+  X509_time_adj_ex: function(s: PASN1_TIME; offset_day: TIdC_INT; offset_sec: TIdC_LONG; t: PIdC_TIMET): PASN1_TIME cdecl = nil;
+  X509_gmtime_adj: function(s: PASN1_TIME; adj: TIdC_LONG): PASN1_TIME cdecl = nil;
+
+  X509_get_default_cert_area: function: PIdAnsiChar cdecl = nil;
+  X509_get_default_cert_dir: function: PIdAnsiChar cdecl = nil;
+  X509_get_default_cert_file: function: PIdAnsiChar cdecl = nil;
+  X509_get_default_cert_dir_env: function: PIdAnsiChar cdecl = nil;
+  X509_get_default_cert_file_env: function: PIdAnsiChar cdecl = nil;
+  X509_get_default_private_dir: function: PIdAnsiChar cdecl = nil;
+
+  X509_to_X509_REQ: function(x: PX509; pkey: PEVP_PKEY; const md: PEVP_MD): PX509_REQ cdecl = nil;
+  X509_REQ_to_X509: function(r: PX509_REQ; days: TIdC_INT; pkey: PEVP_PKEY): PX509 cdecl = nil;
+
+  X509_ALGOR_new: function: PX509_ALGOR cdecl = nil;
+  X509_ALGOR_free: procedure(v1: PX509_ALGOR) cdecl = nil;
+  d2i_X509_ALGOR: function(a: PPX509_ALGOR; const &in: PPByte; len: TIdC_LONG): PX509_ALGOR cdecl = nil;
+  i2d_X509_ALGOR: function(a: PX509_ALGOR; &out: PPByte): TIdC_INT cdecl = nil;
+  //DECLARE_ASN1_ENCODE_FUNCTIONS(X509_ALGORS, X509_ALGORS, X509_ALGORS)
+  X509_VAL_new: function: PX509_VAL cdecl = nil;
+  X509_VAL_free: procedure(v1: PX509_VAL) cdecl = nil;
+  d2i_X509_VAL: function(a: PPX509_VAL; const &in: PPByte; len: TIdC_LONG): PX509_VAL cdecl = nil;
+  i2d_X509_VAL: function(a: PX509_VAL; &out: PPByte): TIdC_INT cdecl = nil;
+
+  X509_PUBKEY_new: function: PX509_PUBKEY cdecl = nil;
+  X509_PUBKEY_free: procedure(v1: PX509_PUBKEY) cdecl = nil;
+  d2i_X509_PUBKEY: function(a: PPX509_PUBKEY; const &in: PPByte; len: TIdC_LONG): PX509_PUBKEY cdecl = nil;
+  i2d_X509_PUBKEY: function(a: PX509_PUBKEY; &out: PPByte): TIdC_INT cdecl = nil;
+
+  X509_PUBKEY_set: function(x: PPX509_PUBKEY; pkey: PEVP_PKEY): TIdC_INT cdecl = nil;
+  X509_PUBKEY_get0: function(key: PX509_PUBKEY): PEVP_PKEY cdecl = nil;
+  X509_PUBKEY_get: function(key: PX509_PUBKEY): PEVP_PKEY cdecl = nil;
+//  function X509_get_pubkey_parameters(pkey: PEVP_PKEY; chain: P STACK_OF(X509)): TIdC_INT;
+  X509_get_pathlen: function(x: PX509): TIdC_LONG cdecl = nil;
+  i2d_PUBKEY: function(a: PEVP_PKEY; pp: PPByte): TIdC_INT cdecl = nil;
+  d2i_PUBKEY: function(a: PPEVP_PKEY; const pp: PPByte; length: TIdC_LONG): PEVP_PKEY cdecl = nil;
+
+  i2d_RSA_PUBKEY: function(a: PRSA; pp: PPByte): TIdC_INT cdecl = nil;
+  d2i_RSA_PUBKEY: function(a: PPRSA; const pp: PPByte; length: TIdC_LONG): PRSA cdecl = nil;
+
+  i2d_DSA_PUBKEY: function(a: PDSA; pp: PPByte): TIdC_INT cdecl = nil;
+  d2i_DSA_PUBKEY: function(a: PPDSA; const pp: PPByte; length: TIdC_LONG): PDSA cdecl = nil;
+
+  i2d_EC_PUBKEY: function(a: EC_KEY; pp: PPByte): TIdC_INT cdecl = nil;
+  d2i_EC_PUBKEY: function(a: PPEC_KEY; const pp: PPByte; length: TIdC_LONG): PEC_KEY cdecl = nil;
+
+  X509_SIG_new: function: PX509_SIG cdecl = nil;
+  X509_SIG_free: procedure(v1: PX509_SIG) cdecl = nil;
+  d2i_X509_SIG: function(a: PPX509_SIG; const &in: PPByte; len: TIdC_LONG): PX509_SIG cdecl = nil;
+  i2d_X509_SIG: function(a: PX509_SIG; &out: PPByte): TIdC_INT cdecl = nil;
+  X509_SIG_get0: procedure(const sig: PX509_SIG; const palg: PPX509_ALGOR; const pdigest: PPASN1_OCTET_STRING) cdecl = nil;
+  X509_SIG_getm: procedure(sig: X509_SIG; palg: PPX509_ALGOR; pdigest: PPASN1_OCTET_STRING) cdecl = nil;
+
+  X509_REQ_INFO_new: function: PX509_REQ_INFO cdecl = nil;
+  X509_REQ_INFO_free: procedure(v1: PX509_REQ_INFO) cdecl = nil;
+  d2i_X509_REQ_INFO: function(a: PPX509_REQ_INFO; const &in: PPByte; len: TIdC_LONG): PX509_REQ_INFO cdecl = nil;
+  i2d_X509_REQ_INFO: function(a: PX509_REQ_INFO; &out: PPByte): TIdC_INT cdecl = nil;
+
+  X509_REQ_new: function: PX509_REQ cdecl = nil;
+  X509_REQ_free: procedure(v1: PX509_REQ) cdecl = nil;
+  d2i_X509_REQ: function(a: PPX509_REQ; const &in: PPByte; len: TIdC_LONG): PX509_REQ cdecl = nil;
+  i2d_X509_REQ: function(a: PX509_REQ; &out: PPByte): TIdC_INT cdecl = nil;
+
+  X509_ATTRIBUTE_new: function: PX509_ATTRIBUTE cdecl = nil;
+  X509_ATTRIBUTE_free: procedure(v1: PX509_ATTRIBUTE) cdecl = nil;
+  d2i_X509_ATTRIBUTE: function(a: PPX509_ATTRIBUTE; const &in: PPByte; len: TIdC_LONG): PX509_ATTRIBUTE cdecl = nil;
+  i2d_X509_ATTRIBUTE: function(a: PX509_ATTRIBUTE; &out: PPByte): TIdC_INT cdecl = nil;
+  X509_ATTRIBUTE_create: function(nid: TIdC_INT; trtype: TIdC_INT; value: Pointer): PX509_ATTRIBUTE cdecl = nil;
+
+  X509_EXTENSION_new: function: PX509_EXTENSION cdecl = nil;
+  X509_EXTENSION_free: procedure(v1: PX509_EXTENSION) cdecl = nil;
+  d2i_X509_EXTENSION: function(a: PPX509_EXTENSION; const &in: PPByte; len: TIdC_LONG): PX509_EXTENSION cdecl = nil;
+  i2d_X509_EXTENSION: function(a: PX509_EXTENSION; &out: PPByte): TIdC_INT cdecl = nil;
+  //DECLARE_ASN1_ENCODE_FUNCTIONS(X509_EXTENSIONS, X509_EXTENSIONS, X509_EXTENSIONS)
+
+  X509_NAME_ENTRY_new: function: PX509_NAME_ENTRY cdecl = nil;
+  X509_NAME_ENTRY_free: procedure(v1: PX509_NAME_ENTRY) cdecl = nil;
+  d2i_X509_NAME_ENTRY: function(a: PPX509_NAME_ENTRY; const &in: PPByte; len: TIdC_LONG): PX509_NAME_ENTRY cdecl = nil;
+  i2d_X509_NAME_ENTRY: function(a: PX509_NAME_ENTRY; &out: PPByte): TIdC_INT cdecl = nil;
+
+  X509_NAME_new: function: PX509_NAME cdecl = nil;
+  X509_NAME_free: procedure(v1: PX509_NAME) cdecl = nil;
+  d2i_X509_NAME: function(a: PPX509_NAME; const &in: PPByte; len: TIdC_LONG): PX509_NAME cdecl = nil;
+  i2d_X509_NAME: function(a: PX509_NAME; &out: PPByte): TIdC_INT cdecl = nil;
+
+  X509_NAME_set: function(xn: PPX509_NAME; name: PX509_NAME): TIdC_INT cdecl = nil;
+
+  //DECLARE_ASN1_FUNCTIONS(X509_CINF)
+
+  X509_new: function: PX509 cdecl = nil;
+  X509_free: procedure(v1: PX509) cdecl = nil;
+  d2i_X509: function(a: PPX509; const &in: PPByte; len: TIdC_LONG): PX509 cdecl = nil;
+  i2d_X509: function(a: PX509; &out: PPByte): TIdC_INT cdecl = nil;
+
+  //DECLARE_ASN1_FUNCTIONS(X509_CERT_AUX)
+  //
+  //#define X509_get_ex_new_index(l, p, newf, dupf, freef) \
+  //    CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_X509, l, p, newf, dupf, freef)
+  X509_set_ex_data: function(r: PX509; idx: TIdC_INT; arg: Pointer): TIdC_INT cdecl = nil;
+  X509_get_ex_data: function(r: PX509; idx: TIdC_INT): Pointer cdecl = nil;
+  i2d_X509_AUX: function(a: PX509; pp: PPByte): TIdC_INT cdecl = nil;
+  d2i_X509_AUX: function(a: PPX509; const pp: PPByte; length: TIdC_LONG): PX509 cdecl = nil;
+
+  i2d_re_X509_tbs: function(x: PX509; pp: PPByte): TIdC_INT cdecl = nil;
+
+  X509_SIG_INFO_get: function(const siginf: PX509_SIG_INFO; mdnid: PIdC_INT; pknid: PIdC_INT; secbits: PIdC_INT; flags: PIdC_UINT32): TIdC_INT cdecl = nil;
+  X509_SIG_INFO_set: procedure(siginf: PX509_SIG_INFO; mdnid: TIdC_INT; pknid: TIdC_INT; secbits: TIdC_INT; flags: TIdC_UINT32) cdecl = nil;
+
+  X509_get_signature_info: function(x: PX509; mdnid: PIdC_INT; pknid: PIdC_INT; secbits: PIdC_INT; flags: PIdC_UINT32): TIdC_INT cdecl = nil;
+
+  X509_get0_signature: procedure(const psig: PPASN1_BIT_STRING; const palg: PPX509_ALGOR; const x: PX509) cdecl = nil;
+  X509_get_signature_nid: function(const x: PX509): TIdC_INT cdecl = nil;
+
+  X509_trusted: function(const x: PX509): TIdC_INT cdecl = nil;
+  X509_alias_set1: function(x: PX509; const name: PByte; len: TIdC_INT): TIdC_INT cdecl = nil;
+  X509_keyid_set1: function(x: PX509; const id: PByte; len: TIdC_INT): TIdC_INT cdecl = nil;
+  X509_alias_get0: function(x: PX509; len: PIdC_INT): PByte cdecl = nil;
+  X509_keyid_get0: function(x: PX509; len: PIdC_INT): PByte cdecl = nil;
+//  TIdC_INT (*X509_TRUST_set_default(TIdC_INT (*trust) (TIdC_INT, X509 *, TIdC_INT))) (TIdC_INT, X509 *,
+//                                                                  TIdC_INT);
+  X509_TRUST_set: function(t: PIdC_INT; trust: TIdC_INT): TIdC_INT cdecl = nil;
+  X509_add1_trust_object: function(x: PX509; const obj: PASN1_OBJECT): TIdC_INT cdecl = nil;
+  X509_add1_reject_object: function(x: PX509; const obj: PASN1_OBJECT): TIdC_INT cdecl = nil;
+  X509_trust_clear: procedure(x: PX509) cdecl = nil;
+  X509_reject_clear: procedure(x: PX509) cdecl = nil;
+
+  //STACK_OF(ASN1_OBJECT) *X509_get0_trust_objects(X509 *x);
+  //STACK_OF(ASN1_OBJECT) *X509_get0_reject_objects(X509 *x);
+  //
+  X509_REVOKED_new: function: PX509_REVOKED cdecl = nil;
+  X509_REVOKED_free: procedure(v1: PX509_REVOKED) cdecl = nil;
+  d2i_X509_REVOKED: function(a: PPX509_REVOKED; const &in: PPByte; len: TIdC_LONG): PX509_REVOKED cdecl = nil;
+  i2d_X509_REVOKED: function(a: PX509_REVOKED; &out: PPByte): TIdC_INT cdecl = nil;
+  X509_CRL_INFO_new: function: PX509_CRL_INFO cdecl = nil;
+  X509_CRL_INFO_free: procedure(v1: PX509_CRL_INFO) cdecl = nil;
+  d2i_X509_CRL_INFO: function(a: PPX509_CRL_INFO; const &in: PPByte; len: TIdC_LONG): PX509_CRL_INFO cdecl = nil;
+  i2d_X509_CRL_INFO: function(a: PX509_CRL_INFO; &out: PPByte): TIdC_INT cdecl = nil;
+  X509_CRL_new: function: PX509_CRL cdecl = nil;
+  X509_CRL_free: procedure(v1: PX509_CRL) cdecl = nil;
+  d2i_X509_CRL: function(a: PPX509_CRL; const &in: PPByte; len: TIdC_LONG): PX509_CRL cdecl = nil;
+  i2d_X509_CRL: function(a: PX509_CRL; &out: PPByte): TIdC_INT cdecl = nil;
+
+  X509_CRL_add0_revoked: function(crl: PX509_CRL; rev: PX509_REVOKED): TIdC_INT cdecl = nil;
+  X509_CRL_get0_by_serial: function(crl: PX509_CRL; ret: PPX509_REVOKED; serial: PASN1_INTEGER): TIdC_INT cdecl = nil;
+  X509_CRL_get0_by_cert: function(crl: PX509_CRL; ret: PPX509_REVOKED; x: PX509): TIdC_INT cdecl = nil;
+
+  X509_PKEY_new: function: PX509_PKEY cdecl = nil;
+  X509_PKEY_free: procedure(a: PX509_PKEY) cdecl = nil;
+
+  //DECLARE_ASN1_FUNCTIONS(NETSCAPE_SPKI)
+  //DECLARE_ASN1_FUNCTIONS(NETSCAPE_SPKAC)
+  //DECLARE_ASN1_FUNCTIONS(NETSCAPE_CERT_SEQUENCE)
+
+  X509_INFO_new: function: PX509_INFO cdecl = nil;
+  X509_INFO_free: procedure(a: PX509_INFO) cdecl = nil;
+  X509_NAME_oneline: function(const a: PX509_NAME; buf: PIdAnsiChar; size: TIdC_INT): PIdAnsiChar cdecl = nil;
+
+//  function ASN1_verify(i2d: Pi2d_of_void; algor1: PX509_ALGOR;
+//    signature: PASN1_BIT_STRING; data: PIdAnsiChar; pkey: PEVP_PKEY): TIdC_INT;
+
+//  TIdC_INT ASN1_digest(i2d_of_void *i2d, const EVP_MD *type, char *data,
+//                  unsigned char *md, unsigned TIdC_INT *len);
+
+//  TIdC_INT ASN1_sign(i2d_of_void *i2d, X509_ALGOR *algor1,
+//                X509_ALGOR *algor2, ASN1_BIT_STRING *signature,
+//                char *data, EVP_PKEY *pkey, const EVP_MD *type);
+
+  ASN1_item_digest: function(const it: PASN1_ITEM; const &type: PEVP_MD; data: Pointer; md: PByte; len: PIdC_UINT): TIdC_INT cdecl = nil;
+
+  ASN1_item_verify: function(const it: PASN1_ITEM; algor1: PX509_ALGOR; signature: PASN1_BIT_STRING; data: Pointer; pkey: PEVP_PKEY): TIdC_INT cdecl = nil;
+
+  ASN1_item_sign: function(const it: PASN1_ITEM; algor1: PX509_ALGOR; algor2: PX509_ALGOR; signature: PASN1_BIT_STRING; data: Pointer; pkey: PEVP_PKEY; const &type: PEVP_MD): TIdC_INT cdecl = nil;
+  ASN1_item_sign_ctx: function(const it: PASN1_ITEM; algor1: PX509_ALGOR; algor2: PX509_ALGOR; signature: PASN1_BIT_STRING; asn: Pointer; ctx: PEVP_MD_CTX): TIdC_INT cdecl = nil;
+
+  X509_get_version: function(const x: PX509): TIdC_LONG cdecl = nil;
+  X509_set_version: function(x: PX509; version: TIdC_LONG): TIdC_INT cdecl = nil;
+  X509_set_serialNumber: function(x: PX509; serial: PASN1_INTEGER): TIdC_INT cdecl = nil;
+  X509_get_serialNumber: function(x: PX509): PASN1_INTEGER cdecl = nil;
+  X509_get0_serialNumber: function(const x: PX509): PASN1_INTEGER cdecl = nil;
+  X509_set_issuer_name: function(x: PX509; name: PX509_NAME): TIdC_INT cdecl = nil;
+  X509_get_issuer_name: function(const a: PX509): PX509_NAME cdecl = nil;
+  X509_set_subject_name: function(x: PX509; name: PX509_NAME): TIdC_INT cdecl = nil;
+  X509_get_subject_name: function(const a: PX509): PX509_NAME cdecl = nil;
+  X509_get0_notBefore: function(const x: PX509): PASN1_TIME cdecl = nil;
+  X509_getm_notBefore: function(const x: PX509): PASN1_TIME cdecl = nil;
+  X509_set1_notBefore: function(x: PX509; const tm: PASN1_TIME): TIdC_INT cdecl = nil;
+  X509_get0_notAfter: function(const x: PX509): PASN1_TIME cdecl = nil;
+  X509_getm_notAfter: function(const x: PX509): PASN1_TIME cdecl = nil;
+  X509_set1_notAfter: function(x: PX509; const tm: PASN1_TIME): TIdC_INT cdecl = nil;
+  X509_set_pubkey: function(x: PX509; pkey: PEVP_PKEY): TIdC_INT cdecl = nil;
+  X509_up_ref: function(x: PX509): TIdC_INT cdecl = nil;
+  X509_get_signature_type: function(const x: PX509): TIdC_INT cdecl = nil;
+
+  (*
+   * This one is only used so that a binary form can output, as in
+   * i2d_X509_PUBKEY(X509_get_X509_PUBKEY(x), &buf)
+   *)
+  X509_get_X509_PUBKEY: function(const x: PX509): PX509_PUBKEY cdecl = nil;
+//  const STACK_OF(X509_EXTENSION) *X509_get0_extensions(const X509 *x);
+  X509_get0_uids: procedure(const x: PX509; const piuid: PPASN1_BIT_STRING; const psuid: PPASN1_BIT_STRING) cdecl = nil;
+  X509_get0_tbs_sigalg: function(const x: PX509): PX509_ALGOR cdecl = nil;
+
+  X509_get0_pubkey: function(const x: PX509): PEVP_PKEY cdecl = nil;
+  X509_get_pubkey: function(x: PX509): PEVP_PKEY cdecl = nil;
+  X509_get0_pubkey_bitstr: function(const x: PX509): PASN1_BIT_STRING cdecl = nil;
+  X509_certificate_type: function(const x: PX509; const pubkey: PEVP_PKEY): TIdC_INT cdecl = nil;
+
+  X509_REQ_get_version: function(const req: PX509_REQ): TIdC_LONG cdecl = nil;
+  X509_REQ_set_version: function(x: PX509_REQ; version: TIdC_LONG): TIdC_INT cdecl = nil;
+  X509_REQ_get_subject_name: function(const req: PX509_REQ): PX509_NAME cdecl = nil;
+  X509_REQ_set_subject_name: function(req: PX509_REQ; name: PX509_NAME): TIdC_INT cdecl = nil;
+  X509_REQ_get0_signature: procedure(const req: PX509_REQ; const psig: PPASN1_BIT_STRING; const palg: PPX509_ALGOR) cdecl = nil;
+  X509_REQ_get_signature_nid: function(const req: PX509_REQ): TIdC_INT cdecl = nil;
+  i2d_re_X509_REQ_tbs: function(req: PX509_REQ; pp: PPByte): TIdC_INT cdecl = nil;
+  X509_REQ_set_pubkey: function(x: PX509_REQ; pkey: PEVP_PKEY): TIdC_INT cdecl = nil;
+  X509_REQ_get_pubkey: function(req: PX509_REQ): PEVP_PKEY cdecl = nil;
+  X509_REQ_get0_pubkey: function(req: PX509_REQ): PEVP_PKEY cdecl = nil;
+  X509_REQ_get_X509_PUBKEY: function(req: PX509_REQ): PX509_PUBKEY cdecl = nil;
+  X509_REQ_extension_nid: function(nid: TIdC_INT): TIdC_INT cdecl = nil;
+  X509_REQ_get_extension_nids: function: PIdC_INT cdecl = nil;
+  X509_REQ_set_extension_nids: procedure(nids: PIdC_INT) cdecl = nil;
+//  STACK_OF(X509_EXTENSION) *X509_REQ_get_extensions(X509_REQ *req);
+  //TIdC_INT X509_REQ_add_extensions_nid(X509_REQ *req, STACK_OF(X509_EXTENSION) *exts,
+  //                                TIdC_INT nid);
+  //TIdC_INT X509_REQ_add_extensions(X509_REQ *req, STACK_OF(X509_EXTENSION) *exts);
+  X509_REQ_get_attr_count: function(const req: PX509_REQ): TIdC_INT cdecl = nil;
+  X509_REQ_get_attr_by_NID: function(const req: PX509_REQ; nid: TIdC_INT; lastpos: TIdC_INT): TIdC_INT cdecl = nil;
+  X509_REQ_get_attr_by_OBJ: function(const req: PX509_REQ; const obj: ASN1_OBJECT; lastpos: TIdC_INT): TIdC_INT cdecl = nil;
+  X509_REQ_get_attr: function(const req: PX509_REQ; loc: TIdC_INT): PX509_ATTRIBUTE cdecl = nil;
+  X509_REQ_delete_attr: function(req: PX509_REQ; loc: TIdC_INT): PX509_ATTRIBUTE cdecl = nil;
+  X509_REQ_add1_attr: function(req: PX509_REQ; attr: PX509_ATTRIBUTE): TIdC_INT cdecl = nil;
+  X509_REQ_add1_attr_by_OBJ: function(req: PX509_REQ; const obj: PASN1_OBJECT; &type: TIdC_INT; const bytes: PByte; len: TIdC_INT): TIdC_INT cdecl = nil;
+  X509_REQ_add1_attr_by_NID: function(req: PX509_REQ; nid: TIdC_INT; &type: TIdC_INT; const bytes: PByte; len: TIdC_INT): TIdC_INT cdecl = nil;
+  X509_REQ_add1_attr_by_txt: function(req: PX509_REQ; const attrname: PIdAnsiChar; &type: TIdC_INT; const bytes: PByte; len: TIdC_INT): TIdC_INT cdecl = nil;
+
+  X509_CRL_set_version: function(x: PX509_CRL; version: TIdC_LONG): TIdC_INT cdecl = nil;
+  X509_CRL_set_issuer_name: function(x: PX509_CRL; name: PX509_NAME): TIdC_INT cdecl = nil;
+  X509_CRL_set1_lastUpdate: function(x: PX509_CRL; const tm: PASN1_TIME): TIdC_INT cdecl = nil;
+  X509_CRL_set1_nextUpdate: function(x: PX509_CRL; const tm: PASN1_TIME): TIdC_INT cdecl = nil;
+  X509_CRL_sort: function(crl: PX509_CRL): TIdC_INT cdecl = nil;
+  X509_CRL_up_ref: function(crl: PX509_CRL): TIdC_INT cdecl = nil;
+
+  X509_CRL_get_version: function(const crl: PX509_CRL): TIdC_LONG cdecl = nil;
+  X509_CRL_get0_lastUpdate: function(const crl: PX509_CRL): PASN1_TIME cdecl = nil;
+  X509_CRL_get0_nextUpdate: function(const crl: PX509_CRL): PASN1_TIME cdecl = nil;
+  X509_CRL_get_issuer: function(const crl: PX509_CRL): PX509_NAME cdecl = nil;
+  //const STACK_OF(X509_EXTENSION) *X509_CRL_get0_extensions(const X509_CRL *crl);
+  //STACK_OF(X509_REVOKED) *X509_CRL_get_REVOKED(X509_CRL *crl);
+  X509_CRL_get0_signature: procedure(const crl: PX509_CRL; const psig: PPASN1_BIT_STRING; const palg: PPX509_ALGOR) cdecl = nil;
+   X509_CRL_get_signature_nid: function(const crl: PX509_CRL): TIdC_INT cdecl = nil;
+  i2d_re_X509_CRL_tbs: function(req: PX509_CRL; pp: PPByte): TIdC_INT cdecl = nil;
+
+  X509_REVOKED_get0_serialNumber: function(const x: PX509_REVOKED): PASN1_INTEGER cdecl = nil;
+  X509_REVOKED_set_serialNumber: function(x: PX509_REVOKED; serial: PASN1_INTEGER): TIdC_INT cdecl = nil;
+  X509_REVOKED_get0_revocationDate: function(const x: PX509_REVOKED): PASN1_TIME cdecl = nil;
+  X509_REVOKED_set_revocationDate: function(r: PX509_REVOKED; tm: PASN1_TIME): TIdC_INT cdecl = nil;
+  //const STACK_OF(X509_EXTENSION) *
+  //X509_REVOKED_get0_extensions(const X509_REVOKED *r);
+
+  X509_CRL_diff: function(base: PX509_CRL; newer: PX509_CRL; skey: PEVP_PKEY; const md: PEVP_MD; flags: TIdC_UINT): PX509_CRL cdecl = nil;
+
+  X509_REQ_check_private_key: function(x509: PX509_REQ; pkey: PEVP_PKEY): TIdC_INT cdecl = nil;
+
+  X509_check_private_key: function(const x509: PX509; const pkey: PEVP_PKEY): TIdC_INT cdecl = nil;
+  //TIdC_INT X509_chain_check_suiteb(TIdC_INT *perror_depth,
+  //                            X509 *x, STACK_OF(X509) *chain,
+  //                            unsigned TIdC_LONG flags);
+  X509_CRL_check_suiteb: function(crl: PX509_CRL; pk: PEVP_PKEY; flags: TIdC_ULONG): TIdC_INT cdecl = nil;
+  //STACK_OF(X509) *X509_chain_up_ref(STACK_OF(X509) *chain);
+
+  X509_issuer_and_serial_cmp: function(const a: PX509; const b: PX509): TIdC_INT cdecl = nil;
+  X509_issuer_and_serial_hash: function(a: PX509): TIdC_ULONG cdecl = nil;
+
+  X509_issuer_name_cmp: function(const a: PX509; const b: PX509): TIdC_INT cdecl = nil;
+  X509_issuer_name_hash: function(a: PX509): TIdC_uLONG cdecl = nil;
+
+  X509_subject_name_cmp: function(const a: PX509; const b: PX509): TIdC_INT cdecl = nil;
+  X509_subject_name_hash: function(x: PX509): TIdC_ULONG cdecl = nil;
+
+  X509_cmp: function(const a: PX509; const b: PX509): TIdC_INT cdecl = nil;
+  X509_NAME_cmp: function(const a: PX509_NAME; const b: PX509_NAME): TIdC_INT cdecl = nil;
+  X509_NAME_hash: function(x: PX509_NAME): TIdC_ULONG cdecl = nil;
+  X509_NAME_hash_old: function(x: PX509_NAME): TIdC_ULONG cdecl = nil;
+
+  X509_CRL_cmp: function(const a: PX509_CRL; const b: PX509_CRL): TIdC_INT cdecl = nil;
+  X509_CRL_match: function(const a: PX509_CRL; const b: PX509_CRL): TIdC_INT cdecl = nil;
+  X509_aux_print: function(&out: PBIO; x: PX509; indent: TIdC_INT): TIdC_INT cdecl = nil;
+  //# ifndef OPENSSL_NO_STDIO
+  //TIdC_INT X509_print_ex_fp(FILE *bp, X509 *x, unsigned TIdC_LONG nmflag,
+  //                     unsigned TIdC_LONG cflag);
+  //TIdC_INT X509_print_fp(FILE *bp, X509 *x);
+  //TIdC_INT X509_CRL_print_fp(FILE *bp, X509_CRL *x);
+  //TIdC_INT X509_REQ_print_fp(FILE *bp, X509_REQ *req);
+  //TIdC_INT X509_NAME_print_ex_fp(FILE *fp, const X509_NAME *nm, TIdC_INT indent,
+  //                          unsigned TIdC_LONG flags);
+  //# endif
+
+  X509_NAME_print: function(bp: PBIO; const name: PX509_NAME; obase: TIdC_INT): TIdC_INT cdecl = nil;
+  X509_NAME_print_ex: function(&out: PBIO; const nm: PX509_NAME; indent: TIdC_INT; flags: TIdC_ULONG): TIdC_INT cdecl = nil;
+  X509_print_ex: function(bp: PBIO; x: PX509; nmflag: TIdC_ULONG; cflag: TIdC_ULONG): TIdC_INT cdecl = nil;
+  X509_print: function(bp: PBIO; x: PX509): TIdC_INT cdecl = nil;
+  X509_ocspid_print: function(bp: PBIO; x: PX509): TIdC_INT cdecl = nil;
+  X509_CRL_print_ex: function(&out: PBIO; x: PX509_CRL; nmflag: TIdC_ULONG): TIdC_INT cdecl = nil;
+  X509_CRL_print: function(bp: PBIO; x: PX509_CRL): TIdC_INT cdecl = nil;
+  X509_REQ_print_ex: function(bp: PBIO; x: PX509_REQ; nmflag: TIdC_ULONG; cflag: TIdC_ULONG): TIdC_INT cdecl = nil;
+  X509_REQ_print: function(bp: PBIO; req: PX509_REQ): TIdC_INT cdecl = nil;
+
+  X509_NAME_entry_count: function(const name: PX509_NAME): TIdC_INT cdecl = nil;
+  X509_NAME_get_text_by_NID: function(name: PX509_NAME; nid: TIdC_INT; buf: PIdAnsiChar; len: TIdC_INT): TIdC_INT cdecl = nil;
+  X509_NAME_get_text_by_OBJ: function(name: PX509_NAME; const obj: PASN1_OBJECT; buf: PIdAnsiChar; len: TIdC_INT): TIdC_INT cdecl = nil;
+
+  (*
+   * NOTE: you should be passing -1, not 0 as lastpos. The functions that use
+   * lastpos, search after that position on.
+   *)
+  X509_NAME_get_index_by_NID: function(name: PX509_NAME; nid: TIdC_INT; lastpos: TIdC_INT): TIdC_INT cdecl = nil;
+  X509_NAME_get_index_by_OBJ: function(name: PX509_NAME; const obj: PASN1_OBJECT; lastpos: TIdC_INT): TIdC_INT cdecl = nil;
+  X509_NAME_get_entry: function(const name: PX509_NAME; loc: TIdC_INT): PX509_NAME_ENTRY cdecl = nil;
+  X509_NAME_delete_entry: function(name: PX509_NAME; loc: TIdC_INT): pX509_NAME_ENTRY cdecl = nil;
+  X509_NAME_add_entry: function(name: PX509_NAME; const ne: PX509_NAME_ENTRY; loc: TIdC_INT; &set: TIdC_INT): TIdC_INT cdecl = nil;
+  X509_NAME_add_entry_by_OBJ: function(name: PX509_NAME; const obj: PASN1_OBJECT; &type: TIdC_INT; const bytes: PByte; len: TIdC_INT; loc: TIdC_INT; &set: TIdC_INT): TIdC_INT cdecl = nil;
+  X509_NAME_add_entry_by_NID: function(name: PX509_NAME; nid: TIdC_INT; &type: TIdC_INT; const bytes: PByte; len: TIdC_INT; loc: TIdC_INT; &set: TIdC_INT): TIdC_INT cdecl = nil;
+  X509_NAME_ENTRY_create_by_txt: function(ne: PPX509_NAME_ENTRY; const field: PIdAnsiChar; &type: TIdC_INT; const bytes: PByte; len: TIdC_INT): PX509_NAME_ENTRY cdecl = nil;
+  X509_NAME_ENTRY_create_by_NID: function(ne: PPX509_NAME_ENTRY; nid: TIdC_INT; &type: TIdC_INT; const bytes: PByte; len: TIdC_INT): PX509_NAME_ENTRY cdecl = nil;
+  X509_NAME_add_entry_by_txt: function(name: PX509_NAME; const field: PIdAnsiChar; &type: TIdC_INT; const bytes: PByte; len: TIdC_INT; loc: TIdC_INT; &set: TIdC_INT): TIdC_INT cdecl = nil;
+  X509_NAME_ENTRY_create_by_OBJ: function(ne: PPX509_NAME_ENTRY; const obj: PASN1_OBJECT; &type: TIdC_INT; const bytes: PByte; len: TIdC_INT): PX509_NAME_ENTRY cdecl = nil;
+  X509_NAME_ENTRY_set_object: function(ne: PX509_NAME_ENTRY; const obj: PASN1_OBJECT): TIdC_INT cdecl = nil;
+  X509_NAME_ENTRY_set_data: function(ne: PX509_NAME_ENTRY; &type: TIdC_INT; const bytes: PByte; len: TIdC_INT): TIdC_INT cdecl = nil;
+  X509_NAME_ENTRY_get_object: function(const ne: PX509_NAME_ENTRY): PASN1_OBJECT cdecl = nil;
+  X509_NAME_ENTRY_get_data: function(const ne: PX509_NAME_ENTRY): PASN1_STRING cdecl = nil;
+  X509_NAME_ENTRY_set: function(const ne: PX509_NAME_ENTRY): TIdC_INT cdecl = nil;
+
+  X509_NAME_get0_der: function(nm: PX509_NAME; const pder: PPByte; pderlen: PIdC_SIZET): TIdC_INT cdecl = nil;
+
+  //TIdC_INT X509v3_get_ext_count(const STACK_OF(X509_EXTENSION) *x);
+  //TIdC_INT X509v3_get_ext_by_NID(const STACK_OF(X509_EXTENSION) *x,
+  //                          TIdC_INT nid, TIdC_INT lastpos);
+  //TIdC_INT X509v3_get_ext_by_OBJ(const STACK_OF(X509_EXTENSION) *x,
+  //                          const ASN1_OBJECT *obj, TIdC_INT lastpos);
+  //TIdC_INT X509v3_get_ext_by_critical(const STACK_OF(X509_EXTENSION) *x,
+  //                               TIdC_INT crit, TIdC_INT lastpos);
+  //X509_EXTENSION *X509v3_get_ext(const STACK_OF(X509_EXTENSION) *x, TIdC_INT loc);
+  //X509_EXTENSION *X509v3_delete_ext(STACK_OF(X509_EXTENSION) *x, TIdC_INT loc);
+  //STACK_OF(X509_EXTENSION) *X509v3_add_ext(STACK_OF(X509_EXTENSION) **x,
+  //                                         X509_EXTENSION *ex, TIdC_INT loc);
+
+  X509_get_ext_count: function(const x: PX509): TIdC_INT cdecl = nil;
+  X509_get_ext_by_NID: function(const x: PX509; nid: TIdC_INT; lastpos: TIdC_INT): TIdC_INT cdecl = nil;
+  X509_get_ext_by_OBJ: function(const x: PX509; const obj: PASN1_OBJECT; lastpos: TIdC_INT): TIdC_INT cdecl = nil;
+  X509_get_ext_by_critical: function(const x: PX509; crit: TIdC_INT; lastpos: TIdC_INT): TIdC_INT cdecl = nil;
+  X509_get_ext: function(const x: PX509; loc: TIdC_INT): PX509_EXTENSION cdecl = nil;
+  X509_delete_ext: function(x: PX509; loc: TIdC_INT): PX509_EXTENSION cdecl = nil;
+  X509_add_ext: function(x: PX509; ex: PX509_EXTENSION; loc: TIdC_INT): TIdC_INT cdecl = nil;
+  X509_get_ext_d2i: function(const x: PX509; nid: TIdC_INT; crit: PIdC_INT; idx: PIdC_INT): Pointer cdecl = nil;
+  X509_add1_ext_i2d: function(x: PX509; nid: TIdC_INT; value: Pointer; crit: TIdC_INT; flags: TIdC_ULONG): TIdC_INT cdecl = nil;
+
+  X509_CRL_get_ext_count: function(const x: PX509_CRL): TIdC_INT cdecl = nil;
+  X509_CRL_get_ext_by_NID: function(const x: PX509_CRL; nid: TIdC_INT; lastpos: TIdC_INT): TIdC_INT cdecl = nil;
+  X509_CRL_get_ext_by_OBJ: function(const x: X509_CRL; const obj: PASN1_OBJECT; lastpos: TIdC_INT): TIdC_INT cdecl = nil;
+  X509_CRL_get_ext_by_critical: function(const x: PX509_CRL; crit: TIdC_INT; lastpos: TIdC_INT): TIdC_INT cdecl = nil;
+  X509_CRL_get_ext: function(const x: PX509_CRL; loc: TIdC_INT): PX509_EXTENSION cdecl = nil;
+  X509_CRL_delete_ext: function(x: PX509_CRL; loc: TIdC_INT): PX509_EXTENSION cdecl = nil;
+  X509_CRL_add_ext: function(x: PX509_CRL; ex: PX509_EXTENSION; loc: TIdC_INT): TIdC_INT cdecl = nil;
+  X509_CRL_get_ext_d2i: function(const x: PX509_CRL; nid: TIdC_INT; crit: PIdC_INT; idx: PIdC_INT): Pointer cdecl = nil;
+  X509_CRL_add1_ext_i2d: function(x: PX509_CRL; nid: TIdC_INT; value: Pointer; crit: TIdC_INT; flags: TIdC_ULONG): TIdC_INT cdecl = nil;
+
+  X509_REVOKED_get_ext_count: function(const x: PX509_REVOKED): TIdC_INT cdecl = nil;
+  X509_REVOKED_get_ext_by_NID: function(const x: PX509_REVOKED; nid: TIdC_INT; lastpos: TIdC_INT): TIdC_INT cdecl = nil;
+  X509_REVOKED_get_ext_by_OBJ: function(const x: PX509_REVOKED; const obj: PASN1_OBJECT; lastpos: TIdC_INT): TIdC_INT cdecl = nil;
+  X509_REVOKED_get_ext_by_critical: function(const x: PX509_REVOKED; crit: TIdC_INT; lastpos: TIdC_INT): TIdC_INT cdecl = nil;
+  X509_REVOKED_get_ext: function(const x: PX509_REVOKED; loc: TIdC_INT): PX509_EXTENSION cdecl = nil;
+  X509_REVOKED_delete_ext: function(x: PX509_REVOKED; loc: TIdC_INT): PX509_EXTENSION cdecl = nil;
+  X509_REVOKED_add_ext: function(x: PX509_REVOKED; ex: PX509_EXTENSION; loc: TIdC_INT): TIdC_INT cdecl = nil;
+  X509_REVOKED_get_ext_d2i: function(const x: PX509_REVOKED; nid: TIdC_INT; crit: PIdC_INT; idx: PIdC_INT): Pointer cdecl = nil;
+  X509_REVOKED_add1_ext_i2d: function(x: PX509_REVOKED; nid: TIdC_INT; value: Pointer; crit: TIdC_INT; flags: TIdC_ULONG): TIdC_INT cdecl = nil;
+
+  X509_EXTENSION_create_by_NID: function(ex: PPX509_EXTENSION; nid: TIdC_INT; crit: TIdC_INT; data: PASN1_OCTET_STRING): PX509_EXTENSION cdecl = nil;
+  X509_EXTENSION_create_by_OBJ: function(ex: PPX509_EXTENSION; const obj: PASN1_OBJECT; crit: TIdC_INT; data: PASN1_OCTET_STRING): PX509_EXTENSION cdecl = nil;
+  X509_EXTENSION_set_object: function(ex: PX509_EXTENSION; const obj: PASN1_OBJECT): TIdC_INT cdecl = nil;
+  X509_EXTENSION_set_critical: function(ex: PX509_EXTENSION; crit: TIdC_INT): TIdC_INT cdecl = nil;
+  X509_EXTENSION_set_data: function(ex: PX509_EXTENSION; data: PASN1_OCTET_STRING): TIdC_INT cdecl = nil;
+  X509_EXTENSION_get_object: function(ex: PX509_EXTENSION): PASN1_OBJECT cdecl = nil;
+  X509_EXTENSION_get_data: function(ne: PX509_EXTENSION): PASN1_OCTET_STRING cdecl = nil;
+  X509_EXTENSION_get_critical: function(const ex: PX509_EXTENSION): TIdC_INT cdecl = nil;
+
+  //TIdC_INT X509at_get_attr_count(const STACK_OF(X509_ATTRIBUTE) *x);
+  //TIdC_INT X509at_get_attr_by_NID(const STACK_OF(X509_ATTRIBUTE) *x, TIdC_INT nid,
+  //                           TIdC_INT lastpos);
+  //TIdC_INT X509at_get_attr_by_OBJ(const STACK_OF(X509_ATTRIBUTE) *sk,
+  //                           const ASN1_OBJECT *obj, TIdC_INT lastpos);
+  //X509_ATTRIBUTE *X509at_get_attr(const STACK_OF(X509_ATTRIBUTE) *x, TIdC_INT loc);
+  //X509_ATTRIBUTE *X509at_delete_attr(STACK_OF(X509_ATTRIBUTE) *x, TIdC_INT loc);
+  //STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr(STACK_OF(X509_ATTRIBUTE) **x,
+  //                                           X509_ATTRIBUTE *attr);
+  //STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_OBJ(STACK_OF(X509_ATTRIBUTE)
+  //                                                  **x, const ASN1_OBJECT *obj,
+  //                                                  TIdC_INT type,
+  //                                                  const unsigned char *bytes,
+  //                                                  TIdC_INT len);
+  //STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_NID(STACK_OF(X509_ATTRIBUTE)
+  //                                                  **x, TIdC_INT nid, TIdC_INT type,
+  //                                                  const unsigned char *bytes,
+  //                                                  TIdC_INT len);
+  //STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_txt(STACK_OF(X509_ATTRIBUTE)
+  //                                                  **x, const PIdAnsiChar *attrname,
+  //                                                  TIdC_INT type,
+  //                                                  const unsigned char *bytes,
+  //                                                  TIdC_INT len);
+  //void *X509at_get0_data_by_OBJ(STACK_OF(X509_ATTRIBUTE) *x,
+  //                              const ASN1_OBJECT *obj, TIdC_INT lastpos, TIdC_INT type);
+  X509_ATTRIBUTE_create_by_NID: function(attr: PPX509_ATTRIBUTE; nid: TIdC_INT; atrtype: TIdC_INT; const data: Pointer; len: TIdC_INT): PX509_ATTRIBUTE cdecl = nil;
+  X509_ATTRIBUTE_create_by_OBJ: function(attr: PPX509_ATTRIBUTE; const obj: PASN1_OBJECT; atrtype: TIdC_INT; const data: Pointer; len: TIdC_INT): PX509_ATTRIBUTE cdecl = nil;
+  X509_ATTRIBUTE_create_by_txt: function(attr: PPX509_ATTRIBUTE; const atrname: PIdAnsiChar; &type: TIdC_INT; const bytes: PByte; len: TIdC_INT): PX509_ATTRIBUTE cdecl = nil;
+  X509_ATTRIBUTE_set1_object: function(attr: PX509_ATTRIBUTE; const obj: PASN1_OBJECT): TIdC_INT cdecl = nil;
+  X509_ATTRIBUTE_set1_data: function(attr: PX509_ATTRIBUTE; attrtype: TIdC_INT; const data: Pointer; len: TIdC_INT): TIdC_INT cdecl = nil;
+  X509_ATTRIBUTE_get0_data: function(attr: PX509_ATTRIBUTE; idx: TIdC_INT; atrtype: TIdC_INT; data: Pointer): Pointer cdecl = nil;
+  X509_ATTRIBUTE_count: function(const attr: PX509_ATTRIBUTE): TIdC_INT cdecl = nil;
+  X509_ATTRIBUTE_get0_object: function(attr: PX509_ATTRIBUTE): PASN1_OBJECT cdecl = nil;
+  X509_ATTRIBUTE_get0_type: function(attr: PX509_ATTRIBUTE; idx: TIdC_INT): PASN1_TYPE cdecl = nil;
+
+  EVP_PKEY_get_attr_count: function(const key: PEVP_PKEY): TIdC_INT cdecl = nil;
+  EVP_PKEY_get_attr_by_NID: function(const key: PEVP_PKEY; nid: TIdC_INT; lastpos: TIdC_INT): TIdC_INT cdecl = nil;
+  EVP_PKEY_get_attr_by_OBJ: function(const key: PEVP_PKEY; const obj: PASN1_OBJECT; lastpos: TIdC_INT): TIdC_INT cdecl = nil;
+  EVP_PKEY_get_attr: function(const key: PEVP_PKEY; loc: TIdC_INT): PX509_ATTRIBUTE cdecl = nil;
+  EVP_PKEY_delete_attr: function(key: PEVP_PKEY; loc: TIdC_INT): PX509_ATTRIBUTE cdecl = nil;
+  EVP_PKEY_add1_attr: function(key: PEVP_PKEY; attr: PX509_ATTRIBUTE): TIdC_INT cdecl = nil;
+  EVP_PKEY_add1_attr_by_OBJ: function(key: PEVP_PKEY; const obj: PASN1_OBJECT; &type: TIdC_INT; const bytes: PByte; len: TIdC_INT): TIdC_INT cdecl = nil;
+  EVP_PKEY_add1_attr_by_NID: function(key: PEVP_PKEY; nid: TIdC_INT; &type: TIdC_INT; const bytes: PByte; len: TIdC_INT): TIdC_INT cdecl = nil;
+  EVP_PKEY_add1_attr_by_txt: function(key: PEVP_PKEY; const attrname: PIdAnsiChar; &type: TIdC_INT; const bytes: PByte; len: TIdC_INT): TIdC_INT cdecl = nil;
+
+  X509_verify_cert: function(ctx: PX509_STORE_CTX): TIdC_INT cdecl = nil;
+
+  (* lookup a cert from a X509 STACK *)
+//  function X509_find_by_issuer_and_serial(sk: P STACK_OF(X509); name: PX509_NAME; serial: PASN1_INTEGER): PX509;
+//  X509 *X509_find_by_subject(STACK_OF(X509) *sk, X509_NAME *name);
+
+  //DECLARE_ASN1_FUNCTIONS(PBEPARAM)
+  //DECLARE_ASN1_FUNCTIONS(PBE2PARAM)
+  //DECLARE_ASN1_FUNCTIONS(PBKDF2PARAM)
+  //#ifndef OPENSSL_NO_SCRYPT
+  //DECLARE_ASN1_FUNCTIONS(SCRYPT_PARAMS)
+  //#endif
+
+  PKCS5_pbe_set0_algor: function(algor: PX509_ALGOR; alg: TIdC_INT; iter: TIdC_INT; const salt: PByte; saltlen: TIdC_INT): TIdC_INT cdecl = nil;
+
+  PKCS5_pbe_set: function(alg: TIdC_INT; iter: TIdC_INT; const salt: PByte; saltlen: TIdC_INT): PX509_ALGOR cdecl = nil;
+  PKCS5_pbe2_set: function(const cipher: PEVP_CIPHER; iter: TIdC_INT; salt: PByte; saltlen: TIdC_INT): PX509_ALGOR cdecl = nil;
+  PKCS5_pbe2_set_iv: function(const cipher: PEVP_CIPHER; iter: TIdC_INT; salt: PByte; saltlen: TIdC_INT; aiv: PByte; prf_nid: TIdC_INT): PX509_ALGOR cdecl = nil;
+
+  PKCS5_pbe2_set_scrypt: function(const cipher: PEVP_CIPHER; const salt: PByte; saltlen: TIdC_INT; aiv: PByte; N: TIdC_UINT64; r: TIdC_UINT64; p: TIdC_UINT64): PX509_ALGOR cdecl = nil;
+
+  PKCS5_pbkdf2_set: function(iter: TIdC_INT; salt: PByte; saltlen: TIdC_INT; prf_nid: TIdC_INT; keylen: TIdC_INT): PX509_ALGOR cdecl = nil;
+
+  (* PKCS#8 utilities *)
+
+  //DECLARE_ASN1_FUNCTIONS(PKCS8_PRIV_KEY_INFO)
+
+  EVP_PKCS82PKEY: function(const p8: PPKCS8_PRIV_KEY_INFO): PEVP_PKEY cdecl = nil;
+  EVP_PKEY2PKCS8: function(pkey: PEVP_PKEY): PKCS8_PRIV_KEY_INFO cdecl = nil;
+
+  PKCS8_pkey_set0: function(priv: PPKCS8_PRIV_KEY_INFO; aobj: PASN1_OBJECT; version: TIdC_INT; ptype: TIdC_INT; pval: Pointer; penc: PByte; penclen: TIdC_INT): TIdC_INT cdecl = nil;
+  PKCS8_pkey_get0: function(const ppkalg: PPASN1_OBJECT; const pk: PPByte; ppklen: PIdC_INT; const pa: PPX509_ALGOR; const p8: PPKCS8_PRIV_KEY_INFO): TIdC_INT cdecl = nil;
+
+  //const STACK_OF(X509_ATTRIBUTE) *
+  //PKCS8_pkey_get0_attrs(const PKCS8_PRIV_KEY_INFO *p8);
+  PKCS8_pkey_add1_attr_by_NID: function(p8: PPKCS8_PRIV_KEY_INFO; nid: TIdC_INT; &type: TIdC_INT; const bytes: PByte; len: TIdC_INT): TIdC_INT cdecl = nil;
+
+  X509_PUBKEY_set0_param: function(pub: PX509_PUBKEY; aobj: PASN1_OBJECT; ptype: TIdC_INT; pval: Pointer; penc: PByte; penclen: TIdC_INT): TIdC_INT cdecl = nil;
+  X509_PUBKEY_get0_param: function(ppkalg: PPASN1_OBJECT; const pk: PPByte; ppklen: PIdC_INT; pa: PPX509_ALGOR; pub: PX509_PUBKEY): TIdC_INT cdecl = nil;
+
+  X509_check_trust: function(x: PX509; id: TIdC_INT; flags: TIdC_INT): TIdC_INT cdecl = nil;
+  X509_TRUST_get_count: function: TIdC_INT cdecl = nil;
+  X509_TRUST_get0: function(idx: TIdC_INT): PX509_TRUST cdecl = nil;
+  X509_TRUST_get_by_id: function(id: TIdC_INT): TIdC_INT cdecl = nil;
+//  TIdC_INT X509_TRUST_add(TIdC_INT id, TIdC_INT flags, TIdC_INT (*ck) (X509_TRUST *, X509 *, TIdC_INT),
+//                     const PIdAnsiChar *name, TIdC_INT arg1, void *arg2);
+  X509_TRUST_cleanup: procedure cdecl = nil;
+  X509_TRUST_get_flags: function(const xp: PX509_TRUST): TIdC_INT cdecl = nil;
+  X509_TRUST_get0_name: function(const xp: PX509_TRUST): PIdAnsiChar cdecl = nil;
+  X509_TRUST_get_trust: function(const xp: PX509_TRUST): TIdC_INT cdecl = nil;
+
+implementation
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+
+  function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
+  begin
+    Result := LoadLibFunction(ADllHandle, AMethodName);
+    if not Assigned(Result) then
+      AFailed.Add(AMethodName);
+  end;
+
+begin
+  X509_CRL_set_default_method := LoadFunction('X509_CRL_set_default_method', AFailed);
+  X509_CRL_METHOD_free := LoadFunction('X509_CRL_METHOD_free', AFailed);
+  X509_CRL_set_meth_data := LoadFunction('X509_CRL_set_meth_data', AFailed);
+  X509_CRL_get_meth_data := LoadFunction('X509_CRL_get_meth_data', AFailed);
+  X509_verify_cert_error_string := LoadFunction('X509_verify_cert_error_string', AFailed);
+  X509_verify := LoadFunction('X509_verify', AFailed);
+  X509_REQ_verify := LoadFunction('X509_REQ_verify', AFailed);
+  X509_CRL_verify := LoadFunction('X509_CRL_verify', AFailed);
+  NETSCAPE_SPKI_verify := LoadFunction('NETSCAPE_SPKI_verify', AFailed);
+  NETSCAPE_SPKI_b64_decode := LoadFunction('NETSCAPE_SPKI_b64_decode', AFailed);
+  NETSCAPE_SPKI_b64_encode := LoadFunction('NETSCAPE_SPKI_b64_encode', AFailed);
+  NETSCAPE_SPKI_get_pubkey := LoadFunction('NETSCAPE_SPKI_get_pubkey', AFailed);
+  NETSCAPE_SPKI_set_pubkey := LoadFunction('NETSCAPE_SPKI_set_pubkey', AFailed);
+  NETSCAPE_SPKI_print := LoadFunction('NETSCAPE_SPKI_print', AFailed);
+  X509_signature_dump := LoadFunction('X509_signature_dump', AFailed);
+  X509_signature_print := LoadFunction('X509_signature_print', AFailed);
+  X509_sign := LoadFunction('X509_sign', AFailed);
+  X509_sign_ctx := LoadFunction('X509_sign_ctx', AFailed);
+  X509_http_nbio := LoadFunction('X509_http_nbio', AFailed);
+  X509_REQ_sign := LoadFunction('X509_REQ_sign', AFailed);
+  X509_REQ_sign_ctx := LoadFunction('X509_REQ_sign_ctx', AFailed);
+  X509_CRL_sign := LoadFunction('X509_CRL_sign', AFailed);
+  X509_CRL_sign_ctx := LoadFunction('X509_CRL_sign_ctx', AFailed);
+  X509_CRL_http_nbio := LoadFunction('X509_CRL_http_nbio', AFailed);
+  NETSCAPE_SPKI_sign := LoadFunction('NETSCAPE_SPKI_sign', AFailed);
+  X509_pubkey_digest := LoadFunction('X509_pubkey_digest', AFailed);
+  X509_digest := LoadFunction('X509_digest', AFailed);
+  X509_CRL_digest := LoadFunction('X509_CRL_digest', AFailed);
+  X509_REQ_digest := LoadFunction('X509_REQ_digest', AFailed);
+  X509_NAME_digest := LoadFunction('X509_NAME_digest', AFailed);
+  d2i_X509_bio := LoadFunction('d2i_X509_bio', AFailed);
+  i2d_X509_bio := LoadFunction('i2d_X509_bio', AFailed);
+  d2i_X509_CRL_bio := LoadFunction('d2i_X509_CRL_bio', AFailed);
+  i2d_X509_CRL_bio := LoadFunction('i2d_X509_CRL_bio', AFailed);
+  d2i_X509_REQ_bio := LoadFunction('d2i_X509_REQ_bio', AFailed);
+  i2d_X509_REQ_bio := LoadFunction('i2d_X509_REQ_bio', AFailed);
+  d2i_RSAPrivateKey_bio := LoadFunction('d2i_RSAPrivateKey_bio', AFailed);
+  i2d_RSAPrivateKey_bio := LoadFunction('i2d_RSAPrivateKey_bio', AFailed);
+  d2i_RSAPublicKey_bio := LoadFunction('d2i_RSAPublicKey_bio', AFailed);
+  i2d_RSAPublicKey_bio := LoadFunction('i2d_RSAPublicKey_bio', AFailed);
+  d2i_RSA_PUBKEY_bio := LoadFunction('d2i_RSA_PUBKEY_bio', AFailed);
+  i2d_RSA_PUBKEY_bio := LoadFunction('i2d_RSA_PUBKEY_bio', AFailed);
+  d2i_DSA_PUBKEY_bio := LoadFunction('d2i_DSA_PUBKEY_bio', AFailed);
+  i2d_DSA_PUBKEY_bio := LoadFunction('i2d_DSA_PUBKEY_bio', AFailed);
+  d2i_DSAPrivateKey_bio := LoadFunction('d2i_DSAPrivateKey_bio', AFailed);
+  i2d_DSAPrivateKey_bio := LoadFunction('i2d_DSAPrivateKey_bio', AFailed);
+  d2i_EC_PUBKEY_bio := LoadFunction('d2i_EC_PUBKEY_bio', AFailed);
+  i2d_EC_PUBKEY_bio := LoadFunction('i2d_EC_PUBKEY_bio', AFailed);
+  d2i_ECPrivateKey_bio := LoadFunction('d2i_ECPrivateKey_bio', AFailed);
+  i2d_ECPrivateKey_bio := LoadFunction('i2d_ECPrivateKey_bio', AFailed);
+  d2i_PKCS8_bio := LoadFunction('d2i_PKCS8_bio', AFailed);
+  i2d_PKCS8_bio := LoadFunction('i2d_PKCS8_bio', AFailed);
+  d2i_PKCS8_PRIV_KEY_INFO_bio := LoadFunction('d2i_PKCS8_PRIV_KEY_INFO_bio', AFailed);
+  i2d_PKCS8_PRIV_KEY_INFO_bio := LoadFunction('i2d_PKCS8_PRIV_KEY_INFO_bio', AFailed);
+  i2d_PKCS8PrivateKeyInfo_bio := LoadFunction('i2d_PKCS8PrivateKeyInfo_bio', AFailed);
+  i2d_PrivateKey_bio := LoadFunction('i2d_PrivateKey_bio', AFailed);
+  d2i_PrivateKey_bio := LoadFunction('d2i_PrivateKey_bio', AFailed);
+  i2d_PUBKEY_bio := LoadFunction('i2d_PUBKEY_bio', AFailed);
+  d2i_PUBKEY_bio := LoadFunction('d2i_PUBKEY_bio', AFailed);
+  X509_dup := LoadFunction('X509_dup', AFailed);
+  X509_ATTRIBUTE_dup := LoadFunction('X509_ATTRIBUTE_dup', AFailed);
+  X509_EXTENSION_dup := LoadFunction('X509_EXTENSION_dup', AFailed);
+  X509_CRL_dup := LoadFunction('X509_CRL_dup', AFailed);
+  X509_REVOKED_dup := LoadFunction('X509_REVOKED_dup', AFailed);
+  X509_REQ_dup := LoadFunction('X509_REQ_dup', AFailed);
+  X509_ALGOR_dup := LoadFunction('X509_ALGOR_dup', AFailed);
+  X509_ALGOR_set0 := LoadFunction('X509_ALGOR_set0', AFailed);
+  X509_ALGOR_get0 := LoadFunction('X509_ALGOR_get0', AFailed);
+  X509_ALGOR_set_md := LoadFunction('X509_ALGOR_set_md', AFailed);
+  X509_ALGOR_cmp := LoadFunction('X509_ALGOR_cmp', AFailed);
+  X509_NAME_dup := LoadFunction('X509_NAME_dup', AFailed);
+  X509_NAME_ENTRY_dup := LoadFunction('X509_NAME_ENTRY_dup', AFailed);
+  X509_cmp_time := LoadFunction('X509_cmp_time', AFailed);
+  X509_cmp_current_time := LoadFunction('X509_cmp_current_time', AFailed);
+  X509_time_adj := LoadFunction('X509_time_adj', AFailed);
+  X509_time_adj_ex := LoadFunction('X509_time_adj_ex', AFailed);
+  X509_gmtime_adj := LoadFunction('X509_gmtime_adj', AFailed);
+  X509_get_default_cert_area := LoadFunction('X509_get_default_cert_area', AFailed);
+  X509_get_default_cert_dir := LoadFunction('X509_get_default_cert_dir', AFailed);
+  X509_get_default_cert_file := LoadFunction('X509_get_default_cert_file', AFailed);
+  X509_get_default_cert_dir_env := LoadFunction('X509_get_default_cert_dir_env', AFailed);
+  X509_get_default_cert_file_env := LoadFunction('X509_get_default_cert_file_env', AFailed);
+  X509_get_default_private_dir := LoadFunction('X509_get_default_private_dir', AFailed);
+  X509_to_X509_REQ := LoadFunction('X509_to_X509_REQ', AFailed);
+  X509_REQ_to_X509 := LoadFunction('X509_REQ_to_X509', AFailed);
+  X509_ALGOR_new := LoadFunction('X509_ALGOR_new', AFailed);
+  X509_ALGOR_free := LoadFunction('X509_ALGOR_free', AFailed);
+  d2i_X509_ALGOR := LoadFunction('d2i_X509_ALGOR', AFailed);
+  i2d_X509_ALGOR := LoadFunction('i2d_X509_ALGOR', AFailed);
+  X509_VAL_new := LoadFunction('X509_VAL_new', AFailed);
+  X509_VAL_free := LoadFunction('X509_VAL_free', AFailed);
+  d2i_X509_VAL := LoadFunction('d2i_X509_VAL', AFailed);
+  i2d_X509_VAL := LoadFunction('i2d_X509_VAL', AFailed);
+  X509_PUBKEY_new := LoadFunction('X509_PUBKEY_new', AFailed);
+  X509_PUBKEY_free := LoadFunction('X509_PUBKEY_free', AFailed);
+  d2i_X509_PUBKEY := LoadFunction('d2i_X509_PUBKEY', AFailed);
+  i2d_X509_PUBKEY := LoadFunction('i2d_X509_PUBKEY', AFailed);
+  X509_PUBKEY_set := LoadFunction('X509_PUBKEY_set', AFailed);
+  X509_PUBKEY_get0 := LoadFunction('X509_PUBKEY_get0', AFailed);
+  X509_PUBKEY_get := LoadFunction('X509_PUBKEY_get', AFailed);
+  X509_get_pathlen := LoadFunction('X509_get_pathlen', AFailed);
+  i2d_PUBKEY := LoadFunction('i2d_PUBKEY', AFailed);
+  d2i_PUBKEY := LoadFunction('d2i_PUBKEY', AFailed);
+  i2d_RSA_PUBKEY := LoadFunction('i2d_RSA_PUBKEY', AFailed);
+  d2i_RSA_PUBKEY := LoadFunction('d2i_RSA_PUBKEY', AFailed);
+  i2d_DSA_PUBKEY := LoadFunction('i2d_DSA_PUBKEY', AFailed);
+  d2i_DSA_PUBKEY := LoadFunction('d2i_DSA_PUBKEY', AFailed);
+  i2d_EC_PUBKEY := LoadFunction('i2d_EC_PUBKEY', AFailed);
+  d2i_EC_PUBKEY := LoadFunction('d2i_EC_PUBKEY', AFailed);
+  X509_SIG_new := LoadFunction('X509_SIG_new', AFailed);
+  X509_SIG_free := LoadFunction('X509_SIG_free', AFailed);
+  d2i_X509_SIG := LoadFunction('d2i_X509_SIG', AFailed);
+  i2d_X509_SIG := LoadFunction('i2d_X509_SIG', AFailed);
+  X509_SIG_get0 := LoadFunction('X509_SIG_get0', AFailed);
+  X509_SIG_getm := LoadFunction('X509_SIG_getm', AFailed);
+  X509_REQ_INFO_new := LoadFunction('X509_REQ_INFO_new', AFailed);
+  X509_REQ_INFO_free := LoadFunction('X509_REQ_INFO_free', AFailed);
+  d2i_X509_REQ_INFO := LoadFunction('d2i_X509_REQ_INFO', AFailed);
+  i2d_X509_REQ_INFO := LoadFunction('i2d_X509_REQ_INFO', AFailed);
+  X509_REQ_new := LoadFunction('X509_REQ_new', AFailed);
+  X509_REQ_free := LoadFunction('X509_REQ_free', AFailed);
+  d2i_X509_REQ := LoadFunction('d2i_X509_REQ', AFailed);
+  i2d_X509_REQ := LoadFunction('i2d_X509_REQ', AFailed);
+  X509_ATTRIBUTE_new := LoadFunction('X509_ATTRIBUTE_new', AFailed);
+  X509_ATTRIBUTE_free := LoadFunction('X509_ATTRIBUTE_free', AFailed);
+  d2i_X509_ATTRIBUTE := LoadFunction('d2i_X509_ATTRIBUTE', AFailed);
+  i2d_X509_ATTRIBUTE := LoadFunction('i2d_X509_ATTRIBUTE', AFailed);
+  X509_ATTRIBUTE_create := LoadFunction('X509_ATTRIBUTE_create', AFailed);
+  X509_EXTENSION_new := LoadFunction('X509_EXTENSION_new', AFailed);
+  X509_EXTENSION_free := LoadFunction('X509_EXTENSION_free', AFailed);
+  d2i_X509_EXTENSION := LoadFunction('d2i_X509_EXTENSION', AFailed);
+  i2d_X509_EXTENSION := LoadFunction('i2d_X509_EXTENSION', AFailed);
+  X509_NAME_ENTRY_new := LoadFunction('X509_NAME_ENTRY_new', AFailed);
+  X509_NAME_ENTRY_free := LoadFunction('X509_NAME_ENTRY_free', AFailed);
+  d2i_X509_NAME_ENTRY := LoadFunction('d2i_X509_NAME_ENTRY', AFailed);
+  i2d_X509_NAME_ENTRY := LoadFunction('i2d_X509_NAME_ENTRY', AFailed);
+  X509_NAME_new := LoadFunction('X509_NAME_new', AFailed);
+  X509_NAME_free := LoadFunction('X509_NAME_free', AFailed);
+  d2i_X509_NAME := LoadFunction('d2i_X509_NAME', AFailed);
+  i2d_X509_NAME := LoadFunction('i2d_X509_NAME', AFailed);
+  X509_NAME_set := LoadFunction('X509_NAME_set', AFailed);
+  X509_new := LoadFunction('X509_new', AFailed);
+  X509_free := LoadFunction('X509_free', AFailed);
+  d2i_X509 := LoadFunction('d2i_X509', AFailed);
+  i2d_X509 := LoadFunction('i2d_X509', AFailed);
+  X509_set_ex_data := LoadFunction('X509_set_ex_data', AFailed);
+  X509_get_ex_data := LoadFunction('X509_get_ex_data', AFailed);
+  i2d_X509_AUX := LoadFunction('i2d_X509_AUX', AFailed);
+  d2i_X509_AUX := LoadFunction('d2i_X509_AUX', AFailed);
+  i2d_re_X509_tbs := LoadFunction('i2d_re_X509_tbs', AFailed);
+  X509_SIG_INFO_get := LoadFunction('X509_SIG_INFO_get', AFailed);
+  X509_SIG_INFO_set := LoadFunction('X509_SIG_INFO_set', AFailed);
+  X509_get_signature_info := LoadFunction('X509_get_signature_info', AFailed);
+  X509_get0_signature := LoadFunction('X509_get0_signature', AFailed);
+  X509_get_signature_nid := LoadFunction('X509_get_signature_nid', AFailed);
+  X509_trusted := LoadFunction('X509_trusted', AFailed);
+  X509_alias_set1 := LoadFunction('X509_alias_set1', AFailed);
+  X509_keyid_set1 := LoadFunction('X509_keyid_set1', AFailed);
+  X509_alias_get0 := LoadFunction('X509_alias_get0', AFailed);
+  X509_keyid_get0 := LoadFunction('X509_keyid_get0', AFailed);
+  X509_TRUST_set := LoadFunction('X509_TRUST_set', AFailed);
+  X509_add1_trust_object := LoadFunction('X509_add1_trust_object', AFailed);
+  X509_add1_reject_object := LoadFunction('X509_add1_reject_object', AFailed);
+  X509_trust_clear := LoadFunction('X509_trust_clear', AFailed);
+  X509_reject_clear := LoadFunction('X509_reject_clear', AFailed);
+  X509_REVOKED_new := LoadFunction('X509_REVOKED_new', AFailed);
+  X509_REVOKED_free := LoadFunction('X509_REVOKED_free', AFailed);
+  d2i_X509_REVOKED := LoadFunction('d2i_X509_REVOKED', AFailed);
+  i2d_X509_REVOKED := LoadFunction('i2d_X509_REVOKED', AFailed);
+  X509_CRL_INFO_new := LoadFunction('X509_CRL_INFO_new', AFailed);
+  X509_CRL_INFO_free := LoadFunction('X509_CRL_INFO_free', AFailed);
+  d2i_X509_CRL_INFO := LoadFunction('d2i_X509_CRL_INFO', AFailed);
+  i2d_X509_CRL_INFO := LoadFunction('i2d_X509_CRL_INFO', AFailed);
+  X509_CRL_new := LoadFunction('X509_CRL_new', AFailed);
+  X509_CRL_free := LoadFunction('X509_CRL_free', AFailed);
+  d2i_X509_CRL := LoadFunction('d2i_X509_CRL', AFailed);
+  i2d_X509_CRL := LoadFunction('i2d_X509_CRL', AFailed);
+  X509_CRL_add0_revoked := LoadFunction('X509_CRL_add0_revoked', AFailed);
+  X509_CRL_get0_by_serial := LoadFunction('X509_CRL_get0_by_serial', AFailed);
+  X509_CRL_get0_by_cert := LoadFunction('X509_CRL_get0_by_cert', AFailed);
+  X509_PKEY_new := LoadFunction('X509_PKEY_new', AFailed);
+  X509_PKEY_free := LoadFunction('X509_PKEY_free', AFailed);
+  X509_INFO_new := LoadFunction('X509_INFO_new', AFailed);
+  X509_INFO_free := LoadFunction('X509_INFO_free', AFailed);
+  X509_NAME_oneline := LoadFunction('X509_NAME_oneline', AFailed);
+  ASN1_item_digest := LoadFunction('ASN1_item_digest', AFailed);
+  ASN1_item_verify := LoadFunction('ASN1_item_verify', AFailed);
+  ASN1_item_sign := LoadFunction('ASN1_item_sign', AFailed);
+  ASN1_item_sign_ctx := LoadFunction('ASN1_item_sign_ctx', AFailed);
+  X509_get_version := LoadFunction('X509_get_version', AFailed);
+  X509_set_version := LoadFunction('X509_set_version', AFailed);
+  X509_set_serialNumber := LoadFunction('X509_set_serialNumber', AFailed);
+  X509_get_serialNumber := LoadFunction('X509_get_serialNumber', AFailed);
+  X509_get0_serialNumber := LoadFunction('X509_get0_serialNumber', AFailed);
+  X509_set_issuer_name := LoadFunction('X509_set_issuer_name', AFailed);
+  X509_get_issuer_name := LoadFunction('X509_get_issuer_name', AFailed);
+  X509_set_subject_name := LoadFunction('X509_set_subject_name', AFailed);
+  X509_get_subject_name := LoadFunction('X509_get_subject_name', AFailed);
+  X509_get0_notBefore := LoadFunction('X509_get0_notBefore', AFailed);
+  X509_getm_notBefore := LoadFunction('X509_getm_notBefore', AFailed);
+  X509_set1_notBefore := LoadFunction('X509_set1_notBefore', AFailed);
+  X509_get0_notAfter := LoadFunction('X509_get0_notAfter', AFailed);
+  X509_getm_notAfter := LoadFunction('X509_getm_notAfter', AFailed);
+  X509_set1_notAfter := LoadFunction('X509_set1_notAfter', AFailed);
+  X509_set_pubkey := LoadFunction('X509_set_pubkey', AFailed);
+  X509_up_ref := LoadFunction('X509_up_ref', AFailed);
+  X509_get_signature_type := LoadFunction('X509_get_signature_type', AFailed);
+  X509_get_X509_PUBKEY := LoadFunction('X509_get_X509_PUBKEY', AFailed);
+  X509_get0_uids := LoadFunction('X509_get0_uids', AFailed);
+  X509_get0_tbs_sigalg := LoadFunction('X509_get0_tbs_sigalg', AFailed);
+  X509_get0_pubkey := LoadFunction('X509_get0_pubkey', AFailed);
+  X509_get_pubkey := LoadFunction('X509_get_pubkey', AFailed);
+  X509_get0_pubkey_bitstr := LoadFunction('X509_get0_pubkey_bitstr', AFailed);
+  X509_certificate_type := LoadFunction('X509_certificate_type', AFailed);
+  X509_REQ_get_version := LoadFunction('X509_REQ_get_version', AFailed);
+  X509_REQ_set_version := LoadFunction('X509_REQ_set_version', AFailed);
+  X509_REQ_get_subject_name := LoadFunction('X509_REQ_get_subject_name', AFailed);
+  X509_REQ_set_subject_name := LoadFunction('X509_REQ_set_subject_name', AFailed);
+  X509_REQ_get0_signature := LoadFunction('X509_REQ_get0_signature', AFailed);
+  X509_REQ_get_signature_nid := LoadFunction('X509_REQ_get_signature_nid', AFailed);
+  i2d_re_X509_REQ_tbs := LoadFunction('i2d_re_X509_REQ_tbs', AFailed);
+  X509_REQ_set_pubkey := LoadFunction('X509_REQ_set_pubkey', AFailed);
+  X509_REQ_get_pubkey := LoadFunction('X509_REQ_get_pubkey', AFailed);
+  X509_REQ_get0_pubkey := LoadFunction('X509_REQ_get0_pubkey', AFailed);
+  X509_REQ_get_X509_PUBKEY := LoadFunction('X509_REQ_get_X509_PUBKEY', AFailed);
+  X509_REQ_extension_nid := LoadFunction('X509_REQ_extension_nid', AFailed);
+  X509_REQ_get_extension_nids := LoadFunction('X509_REQ_get_extension_nids', AFailed);
+  X509_REQ_set_extension_nids := LoadFunction('X509_REQ_set_extension_nids', AFailed);
+  X509_REQ_get_attr_count := LoadFunction('X509_REQ_get_attr_count', AFailed);
+  X509_REQ_get_attr_by_NID := LoadFunction('X509_REQ_get_attr_by_NID', AFailed);
+  X509_REQ_get_attr_by_OBJ := LoadFunction('X509_REQ_get_attr_by_OBJ', AFailed);
+  X509_REQ_get_attr := LoadFunction('X509_REQ_get_attr', AFailed);
+  X509_REQ_delete_attr := LoadFunction('X509_REQ_delete_attr', AFailed);
+  X509_REQ_add1_attr := LoadFunction('X509_REQ_add1_attr', AFailed);
+  X509_REQ_add1_attr_by_OBJ := LoadFunction('X509_REQ_add1_attr_by_OBJ', AFailed);
+  X509_REQ_add1_attr_by_NID := LoadFunction('X509_REQ_add1_attr_by_NID', AFailed);
+  X509_REQ_add1_attr_by_txt := LoadFunction('X509_REQ_add1_attr_by_txt', AFailed);
+  X509_CRL_set_version := LoadFunction('X509_CRL_set_version', AFailed);
+  X509_CRL_set_issuer_name := LoadFunction('X509_CRL_set_issuer_name', AFailed);
+  X509_CRL_set1_lastUpdate := LoadFunction('X509_CRL_set1_lastUpdate', AFailed);
+  X509_CRL_set1_nextUpdate := LoadFunction('X509_CRL_set1_nextUpdate', AFailed);
+  X509_CRL_sort := LoadFunction('X509_CRL_sort', AFailed);
+  X509_CRL_up_ref := LoadFunction('X509_CRL_up_ref', AFailed);
+  X509_CRL_get_version := LoadFunction('X509_CRL_get_version', AFailed);
+  X509_CRL_get0_lastUpdate := LoadFunction('X509_CRL_get0_lastUpdate', AFailed);
+  X509_CRL_get0_nextUpdate := LoadFunction('X509_CRL_get0_nextUpdate', AFailed);
+  X509_CRL_get_issuer := LoadFunction('X509_CRL_get_issuer', AFailed);
+  X509_CRL_get0_signature := LoadFunction('X509_CRL_get0_signature', AFailed);
+  X509_CRL_get_signature_nid := LoadFunction('X509_CRL_get_signature_nid', AFailed);
+  i2d_re_X509_CRL_tbs := LoadFunction('i2d_re_X509_CRL_tbs', AFailed);
+  X509_REVOKED_get0_serialNumber := LoadFunction('X509_REVOKED_get0_serialNumber', AFailed);
+  X509_REVOKED_set_serialNumber := LoadFunction('X509_REVOKED_set_serialNumber', AFailed);
+  X509_REVOKED_get0_revocationDate := LoadFunction('X509_REVOKED_get0_revocationDate', AFailed);
+  X509_REVOKED_set_revocationDate := LoadFunction('X509_REVOKED_set_revocationDate', AFailed);
+  X509_CRL_diff := LoadFunction('X509_CRL_diff', AFailed);
+  X509_REQ_check_private_key := LoadFunction('X509_REQ_check_private_key', AFailed);
+  X509_check_private_key := LoadFunction('X509_check_private_key', AFailed);
+  X509_CRL_check_suiteb := LoadFunction('X509_CRL_check_suiteb', AFailed);
+  X509_issuer_and_serial_cmp := LoadFunction('X509_issuer_and_serial_cmp', AFailed);
+  X509_issuer_and_serial_hash := LoadFunction('X509_issuer_and_serial_hash', AFailed);
+  X509_issuer_name_cmp := LoadFunction('X509_issuer_name_cmp', AFailed);
+  X509_issuer_name_hash := LoadFunction('X509_issuer_name_hash', AFailed);
+  X509_subject_name_cmp := LoadFunction('X509_subject_name_cmp', AFailed);
+  X509_subject_name_hash := LoadFunction('X509_subject_name_hash', AFailed);
+  X509_cmp := LoadFunction('X509_cmp', AFailed);
+  X509_NAME_cmp := LoadFunction('X509_NAME_cmp', AFailed);
+  X509_NAME_hash := LoadFunction('X509_NAME_hash', AFailed);
+  X509_NAME_hash_old := LoadFunction('X509_NAME_hash_old', AFailed);
+  X509_CRL_cmp := LoadFunction('X509_CRL_cmp', AFailed);
+  X509_CRL_match := LoadFunction('X509_CRL_match', AFailed);
+  X509_aux_print := LoadFunction('X509_aux_print', AFailed);
+  X509_NAME_print := LoadFunction('X509_NAME_print', AFailed);
+  X509_NAME_print_ex := LoadFunction('X509_NAME_print_ex', AFailed);
+  X509_print_ex := LoadFunction('X509_print_ex', AFailed);
+  X509_print := LoadFunction('X509_print', AFailed);
+  X509_ocspid_print := LoadFunction('X509_ocspid_print', AFailed);
+  X509_CRL_print_ex := LoadFunction('X509_CRL_print_ex', AFailed);
+  X509_CRL_print := LoadFunction('X509_CRL_print', AFailed);
+  X509_REQ_print_ex := LoadFunction('X509_REQ_print_ex', AFailed);
+  X509_REQ_print := LoadFunction('X509_REQ_print', AFailed);
+  X509_NAME_entry_count := LoadFunction('X509_NAME_entry_count', AFailed);
+  X509_NAME_get_text_by_NID := LoadFunction('X509_NAME_get_text_by_NID', AFailed);
+  X509_NAME_get_text_by_OBJ := LoadFunction('X509_NAME_get_text_by_OBJ', AFailed);
+  X509_NAME_get_index_by_NID := LoadFunction('X509_NAME_get_index_by_NID', AFailed);
+  X509_NAME_get_index_by_OBJ := LoadFunction('X509_NAME_get_index_by_OBJ', AFailed);
+  X509_NAME_get_entry := LoadFunction('X509_NAME_get_entry', AFailed);
+  X509_NAME_delete_entry := LoadFunction('X509_NAME_delete_entry', AFailed);
+  X509_NAME_add_entry := LoadFunction('X509_NAME_add_entry', AFailed);
+  X509_NAME_add_entry_by_OBJ := LoadFunction('X509_NAME_add_entry_by_OBJ', AFailed);
+  X509_NAME_add_entry_by_NID := LoadFunction('X509_NAME_add_entry_by_NID', AFailed);
+  X509_NAME_ENTRY_create_by_txt := LoadFunction('X509_NAME_ENTRY_create_by_txt', AFailed);
+  X509_NAME_ENTRY_create_by_NID := LoadFunction('X509_NAME_ENTRY_create_by_NID', AFailed);
+  X509_NAME_add_entry_by_txt := LoadFunction('X509_NAME_add_entry_by_txt', AFailed);
+  X509_NAME_ENTRY_create_by_OBJ := LoadFunction('X509_NAME_ENTRY_create_by_OBJ', AFailed);
+  X509_NAME_ENTRY_set_object := LoadFunction('X509_NAME_ENTRY_set_object', AFailed);
+  X509_NAME_ENTRY_set_data := LoadFunction('X509_NAME_ENTRY_set_data', AFailed);
+  X509_NAME_ENTRY_get_object := LoadFunction('X509_NAME_ENTRY_get_object', AFailed);
+  X509_NAME_ENTRY_get_data := LoadFunction('X509_NAME_ENTRY_get_data', AFailed);
+  X509_NAME_ENTRY_set := LoadFunction('X509_NAME_ENTRY_set', AFailed);
+  X509_NAME_get0_der := LoadFunction('X509_NAME_get0_der', AFailed);
+  X509_get_ext_count := LoadFunction('X509_get_ext_count', AFailed);
+  X509_get_ext_by_NID := LoadFunction('X509_get_ext_by_NID', AFailed);
+  X509_get_ext_by_OBJ := LoadFunction('X509_get_ext_by_OBJ', AFailed);
+  X509_get_ext_by_critical := LoadFunction('X509_get_ext_by_critical', AFailed);
+  X509_get_ext := LoadFunction('X509_get_ext', AFailed);
+  X509_delete_ext := LoadFunction('X509_delete_ext', AFailed);
+  X509_add_ext := LoadFunction('X509_add_ext', AFailed);
+  X509_get_ext_d2i := LoadFunction('X509_get_ext_d2i', AFailed);
+  X509_add1_ext_i2d := LoadFunction('X509_add1_ext_i2d', AFailed);
+  X509_CRL_get_ext_count := LoadFunction('X509_CRL_get_ext_count', AFailed);
+  X509_CRL_get_ext_by_NID := LoadFunction('X509_CRL_get_ext_by_NID', AFailed);
+  X509_CRL_get_ext_by_OBJ := LoadFunction('X509_CRL_get_ext_by_OBJ', AFailed);
+  X509_CRL_get_ext_by_critical := LoadFunction('X509_CRL_get_ext_by_critical', AFailed);
+  X509_CRL_get_ext := LoadFunction('X509_CRL_get_ext', AFailed);
+  X509_CRL_delete_ext := LoadFunction('X509_CRL_delete_ext', AFailed);
+  X509_CRL_add_ext := LoadFunction('X509_CRL_add_ext', AFailed);
+  X509_CRL_get_ext_d2i := LoadFunction('X509_CRL_get_ext_d2i', AFailed);
+  X509_CRL_add1_ext_i2d := LoadFunction('X509_CRL_add1_ext_i2d', AFailed);
+  X509_REVOKED_get_ext_count := LoadFunction('X509_REVOKED_get_ext_count', AFailed);
+  X509_REVOKED_get_ext_by_NID := LoadFunction('X509_REVOKED_get_ext_by_NID', AFailed);
+  X509_REVOKED_get_ext_by_OBJ := LoadFunction('X509_REVOKED_get_ext_by_OBJ', AFailed);
+  X509_REVOKED_get_ext_by_critical := LoadFunction('X509_REVOKED_get_ext_by_critical', AFailed);
+  X509_REVOKED_get_ext := LoadFunction('X509_REVOKED_get_ext', AFailed);
+  X509_REVOKED_delete_ext := LoadFunction('X509_REVOKED_delete_ext', AFailed);
+  X509_REVOKED_add_ext := LoadFunction('X509_REVOKED_add_ext', AFailed);
+  X509_REVOKED_get_ext_d2i := LoadFunction('X509_REVOKED_get_ext_d2i', AFailed);
+  X509_REVOKED_add1_ext_i2d := LoadFunction('X509_REVOKED_add1_ext_i2d', AFailed);
+  X509_EXTENSION_create_by_NID := LoadFunction('X509_EXTENSION_create_by_NID', AFailed);
+  X509_EXTENSION_create_by_OBJ := LoadFunction('X509_EXTENSION_create_by_OBJ', AFailed);
+  X509_EXTENSION_set_object := LoadFunction('X509_EXTENSION_set_object', AFailed);
+  X509_EXTENSION_set_critical := LoadFunction('X509_EXTENSION_set_critical', AFailed);
+  X509_EXTENSION_set_data := LoadFunction('X509_EXTENSION_set_data', AFailed);
+  X509_EXTENSION_get_object := LoadFunction('X509_EXTENSION_get_object', AFailed);
+  X509_EXTENSION_get_data := LoadFunction('X509_EXTENSION_get_data', AFailed);
+  X509_EXTENSION_get_critical := LoadFunction('X509_EXTENSION_get_critical', AFailed);
+  X509_ATTRIBUTE_create_by_NID := LoadFunction('X509_ATTRIBUTE_create_by_NID', AFailed);
+  X509_ATTRIBUTE_create_by_OBJ := LoadFunction('X509_ATTRIBUTE_create_by_OBJ', AFailed);
+  X509_ATTRIBUTE_create_by_txt := LoadFunction('X509_ATTRIBUTE_create_by_txt', AFailed);
+  X509_ATTRIBUTE_set1_object := LoadFunction('X509_ATTRIBUTE_set1_object', AFailed);
+  X509_ATTRIBUTE_set1_data := LoadFunction('X509_ATTRIBUTE_set1_data', AFailed);
+  X509_ATTRIBUTE_get0_data := LoadFunction('X509_ATTRIBUTE_get0_data', AFailed);
+  X509_ATTRIBUTE_count := LoadFunction('X509_ATTRIBUTE_count', AFailed);
+  X509_ATTRIBUTE_get0_object := LoadFunction('X509_ATTRIBUTE_get0_object', AFailed);
+  X509_ATTRIBUTE_get0_type := LoadFunction('X509_ATTRIBUTE_get0_type', AFailed);
+  EVP_PKEY_get_attr_count := LoadFunction('EVP_PKEY_get_attr_count', AFailed);
+  EVP_PKEY_get_attr_by_NID := LoadFunction('EVP_PKEY_get_attr_by_NID', AFailed);
+  EVP_PKEY_get_attr_by_OBJ := LoadFunction('EVP_PKEY_get_attr_by_OBJ', AFailed);
+  EVP_PKEY_get_attr := LoadFunction('EVP_PKEY_get_attr', AFailed);
+  EVP_PKEY_delete_attr := LoadFunction('EVP_PKEY_delete_attr', AFailed);
+  EVP_PKEY_add1_attr := LoadFunction('EVP_PKEY_add1_attr', AFailed);
+  EVP_PKEY_add1_attr_by_OBJ := LoadFunction('EVP_PKEY_add1_attr_by_OBJ', AFailed);
+  EVP_PKEY_add1_attr_by_NID := LoadFunction('EVP_PKEY_add1_attr_by_NID', AFailed);
+  EVP_PKEY_add1_attr_by_txt := LoadFunction('EVP_PKEY_add1_attr_by_txt', AFailed);
+  X509_verify_cert := LoadFunction('X509_verify_cert', AFailed);
+  PKCS5_pbe_set0_algor := LoadFunction('PKCS5_pbe_set0_algor', AFailed);
+  PKCS5_pbe_set := LoadFunction('PKCS5_pbe_set', AFailed);
+  PKCS5_pbe2_set := LoadFunction('PKCS5_pbe2_set', AFailed);
+  PKCS5_pbe2_set_iv := LoadFunction('PKCS5_pbe2_set_iv', AFailed);
+  PKCS5_pbe2_set_scrypt := LoadFunction('PKCS5_pbe2_set_scrypt', AFailed);
+  PKCS5_pbkdf2_set := LoadFunction('PKCS5_pbkdf2_set', AFailed);
+  EVP_PKCS82PKEY := LoadFunction('EVP_PKCS82PKEY', AFailed);
+  EVP_PKEY2PKCS8 := LoadFunction('EVP_PKEY2PKCS8', AFailed);
+  PKCS8_pkey_set0 := LoadFunction('PKCS8_pkey_set0', AFailed);
+  PKCS8_pkey_get0 := LoadFunction('PKCS8_pkey_get0', AFailed);
+  PKCS8_pkey_add1_attr_by_NID := LoadFunction('PKCS8_pkey_add1_attr_by_NID', AFailed);
+  X509_PUBKEY_set0_param := LoadFunction('X509_PUBKEY_set0_param', AFailed);
+  X509_PUBKEY_get0_param := LoadFunction('X509_PUBKEY_get0_param', AFailed);
+  X509_check_trust := LoadFunction('X509_check_trust', AFailed);
+  X509_TRUST_get_count := LoadFunction('X509_TRUST_get_count', AFailed);
+  X509_TRUST_get0 := LoadFunction('X509_TRUST_get0', AFailed);
+  X509_TRUST_get_by_id := LoadFunction('X509_TRUST_get_by_id', AFailed);
+  X509_TRUST_cleanup := LoadFunction('X509_TRUST_cleanup', AFailed);
+  X509_TRUST_get_flags := LoadFunction('X509_TRUST_get_flags', AFailed);
+  X509_TRUST_get0_name := LoadFunction('X509_TRUST_get0_name', AFailed);
+  X509_TRUST_get_trust := LoadFunction('X509_TRUST_get_trust', AFailed);
+end;
+
+procedure UnLoad;
+begin
+  X509_CRL_set_default_method := nil;
+  X509_CRL_METHOD_free := nil;
+  X509_CRL_set_meth_data := nil;
+  X509_CRL_get_meth_data := nil;
+  X509_verify_cert_error_string := nil;
+  X509_verify := nil;
+  X509_REQ_verify := nil;
+  X509_CRL_verify := nil;
+  NETSCAPE_SPKI_verify := nil;
+  NETSCAPE_SPKI_b64_decode := nil;
+  NETSCAPE_SPKI_b64_encode := nil;
+  NETSCAPE_SPKI_get_pubkey := nil;
+  NETSCAPE_SPKI_set_pubkey := nil;
+  NETSCAPE_SPKI_print := nil;
+  X509_signature_dump := nil;
+  X509_signature_print := nil;
+  X509_sign := nil;
+  X509_sign_ctx := nil;
+  X509_http_nbio := nil;
+  X509_REQ_sign := nil;
+  X509_REQ_sign_ctx := nil;
+  X509_CRL_sign := nil;
+  X509_CRL_sign_ctx := nil;
+  X509_CRL_http_nbio := nil;
+  NETSCAPE_SPKI_sign := nil;
+  X509_pubkey_digest := nil;
+  X509_digest := nil;
+  X509_CRL_digest := nil;
+  X509_REQ_digest := nil;
+  X509_NAME_digest := nil;
+  d2i_X509_bio := nil;
+  i2d_X509_bio := nil;
+  d2i_X509_CRL_bio := nil;
+  i2d_X509_CRL_bio := nil;
+  d2i_X509_REQ_bio := nil;
+  i2d_X509_REQ_bio := nil;
+  d2i_RSAPrivateKey_bio := nil;
+  i2d_RSAPrivateKey_bio := nil;
+  d2i_RSAPublicKey_bio := nil;
+  i2d_RSAPublicKey_bio := nil;
+  d2i_RSA_PUBKEY_bio := nil;
+  i2d_RSA_PUBKEY_bio := nil;
+  d2i_DSA_PUBKEY_bio := nil;
+  i2d_DSA_PUBKEY_bio := nil;
+  d2i_DSAPrivateKey_bio := nil;
+  i2d_DSAPrivateKey_bio := nil;
+  d2i_EC_PUBKEY_bio := nil;
+  i2d_EC_PUBKEY_bio := nil;
+  d2i_ECPrivateKey_bio := nil;
+  i2d_ECPrivateKey_bio := nil;
+  d2i_PKCS8_bio := nil;
+  i2d_PKCS8_bio := nil;
+  d2i_PKCS8_PRIV_KEY_INFO_bio := nil;
+  i2d_PKCS8_PRIV_KEY_INFO_bio := nil;
+  i2d_PKCS8PrivateKeyInfo_bio := nil;
+  i2d_PrivateKey_bio := nil;
+  d2i_PrivateKey_bio := nil;
+  i2d_PUBKEY_bio := nil;
+  d2i_PUBKEY_bio := nil;
+  X509_dup := nil;
+  X509_ATTRIBUTE_dup := nil;
+  X509_EXTENSION_dup := nil;
+  X509_CRL_dup := nil;
+  X509_REVOKED_dup := nil;
+  X509_REQ_dup := nil;
+  X509_ALGOR_dup := nil;
+  X509_ALGOR_set0 := nil;
+  X509_ALGOR_get0 := nil;
+  X509_ALGOR_set_md := nil;
+  X509_ALGOR_cmp := nil;
+  X509_NAME_dup := nil;
+  X509_NAME_ENTRY_dup := nil;
+  X509_cmp_time := nil;
+  X509_cmp_current_time := nil;
+  X509_time_adj := nil;
+  X509_time_adj_ex := nil;
+  X509_gmtime_adj := nil;
+  X509_get_default_cert_area := nil;
+  X509_get_default_cert_dir := nil;
+  X509_get_default_cert_file := nil;
+  X509_get_default_cert_dir_env := nil;
+  X509_get_default_cert_file_env := nil;
+  X509_get_default_private_dir := nil;
+  X509_to_X509_REQ := nil;
+  X509_REQ_to_X509 := nil;
+  X509_ALGOR_new := nil;
+  X509_ALGOR_free := nil;
+  d2i_X509_ALGOR := nil;
+  i2d_X509_ALGOR := nil;
+  X509_VAL_new := nil;
+  X509_VAL_free := nil;
+  d2i_X509_VAL := nil;
+  i2d_X509_VAL := nil;
+  X509_PUBKEY_new := nil;
+  X509_PUBKEY_free := nil;
+  d2i_X509_PUBKEY := nil;
+  i2d_X509_PUBKEY := nil;
+  X509_PUBKEY_set := nil;
+  X509_PUBKEY_get0 := nil;
+  X509_PUBKEY_get := nil;
+  X509_get_pathlen := nil;
+  i2d_PUBKEY := nil;
+  d2i_PUBKEY := nil;
+  i2d_RSA_PUBKEY := nil;
+  d2i_RSA_PUBKEY := nil;
+  i2d_DSA_PUBKEY := nil;
+  d2i_DSA_PUBKEY := nil;
+  i2d_EC_PUBKEY := nil;
+  d2i_EC_PUBKEY := nil;
+  X509_SIG_new := nil;
+  X509_SIG_free := nil;
+  d2i_X509_SIG := nil;
+  i2d_X509_SIG := nil;
+  X509_SIG_get0 := nil;
+  X509_SIG_getm := nil;
+  X509_REQ_INFO_new := nil;
+  X509_REQ_INFO_free := nil;
+  d2i_X509_REQ_INFO := nil;
+  i2d_X509_REQ_INFO := nil;
+  X509_REQ_new := nil;
+  X509_REQ_free := nil;
+  d2i_X509_REQ := nil;
+  i2d_X509_REQ := nil;
+  X509_ATTRIBUTE_new := nil;
+  X509_ATTRIBUTE_free := nil;
+  d2i_X509_ATTRIBUTE := nil;
+  i2d_X509_ATTRIBUTE := nil;
+  X509_ATTRIBUTE_create := nil;
+  X509_EXTENSION_new := nil;
+  X509_EXTENSION_free := nil;
+  d2i_X509_EXTENSION := nil;
+  i2d_X509_EXTENSION := nil;
+  X509_NAME_ENTRY_new := nil;
+  X509_NAME_ENTRY_free := nil;
+  d2i_X509_NAME_ENTRY := nil;
+  i2d_X509_NAME_ENTRY := nil;
+  X509_NAME_new := nil;
+  X509_NAME_free := nil;
+  d2i_X509_NAME := nil;
+  i2d_X509_NAME := nil;
+  X509_NAME_set := nil;
+  X509_new := nil;
+  X509_free := nil;
+  d2i_X509 := nil;
+  i2d_X509 := nil;
+  X509_set_ex_data := nil;
+  X509_get_ex_data := nil;
+  i2d_X509_AUX := nil;
+  d2i_X509_AUX := nil;
+  i2d_re_X509_tbs := nil;
+  X509_SIG_INFO_get := nil;
+  X509_SIG_INFO_set := nil;
+  X509_get_signature_info := nil;
+  X509_get0_signature := nil;
+  X509_get_signature_nid := nil;
+  X509_trusted := nil;
+  X509_alias_set1 := nil;
+  X509_keyid_set1 := nil;
+  X509_alias_get0 := nil;
+  X509_keyid_get0 := nil;
+  X509_TRUST_set := nil;
+  X509_add1_trust_object := nil;
+  X509_add1_reject_object := nil;
+  X509_trust_clear := nil;
+  X509_reject_clear := nil;
+  X509_REVOKED_new := nil;
+  X509_REVOKED_free := nil;
+  d2i_X509_REVOKED := nil;
+  i2d_X509_REVOKED := nil;
+  X509_CRL_INFO_new := nil;
+  X509_CRL_INFO_free := nil;
+  d2i_X509_CRL_INFO := nil;
+  i2d_X509_CRL_INFO := nil;
+  X509_CRL_new := nil;
+  X509_CRL_free := nil;
+  d2i_X509_CRL := nil;
+  i2d_X509_CRL := nil;
+  X509_CRL_add0_revoked := nil;
+  X509_CRL_get0_by_serial := nil;
+  X509_CRL_get0_by_cert := nil;
+  X509_PKEY_new := nil;
+  X509_PKEY_free := nil;
+  X509_INFO_new := nil;
+  X509_INFO_free := nil;
+  X509_NAME_oneline := nil;
+  ASN1_item_digest := nil;
+  ASN1_item_verify := nil;
+  ASN1_item_sign := nil;
+  ASN1_item_sign_ctx := nil;
+  X509_get_version := nil;
+  X509_set_version := nil;
+  X509_set_serialNumber := nil;
+  X509_get_serialNumber := nil;
+  X509_get0_serialNumber := nil;
+  X509_set_issuer_name := nil;
+  X509_get_issuer_name := nil;
+  X509_set_subject_name := nil;
+  X509_get_subject_name := nil;
+  X509_get0_notBefore := nil;
+  X509_getm_notBefore := nil;
+  X509_set1_notBefore := nil;
+  X509_get0_notAfter := nil;
+  X509_getm_notAfter := nil;
+  X509_set1_notAfter := nil;
+  X509_set_pubkey := nil;
+  X509_up_ref := nil;
+  X509_get_signature_type := nil;
+  X509_get_X509_PUBKEY := nil;
+  X509_get0_uids := nil;
+  X509_get0_tbs_sigalg := nil;
+  X509_get0_pubkey := nil;
+  X509_get_pubkey := nil;
+  X509_get0_pubkey_bitstr := nil;
+  X509_certificate_type := nil;
+  X509_REQ_get_version := nil;
+  X509_REQ_set_version := nil;
+  X509_REQ_get_subject_name := nil;
+  X509_REQ_set_subject_name := nil;
+  X509_REQ_get0_signature := nil;
+  X509_REQ_get_signature_nid := nil;
+  i2d_re_X509_REQ_tbs := nil;
+  X509_REQ_set_pubkey := nil;
+  X509_REQ_get_pubkey := nil;
+  X509_REQ_get0_pubkey := nil;
+  X509_REQ_get_X509_PUBKEY := nil;
+  X509_REQ_extension_nid := nil;
+  X509_REQ_get_extension_nids := nil;
+  X509_REQ_set_extension_nids := nil;
+  X509_REQ_get_attr_count := nil;
+  X509_REQ_get_attr_by_NID := nil;
+  X509_REQ_get_attr_by_OBJ := nil;
+  X509_REQ_get_attr := nil;
+  X509_REQ_delete_attr := nil;
+  X509_REQ_add1_attr := nil;
+  X509_REQ_add1_attr_by_OBJ := nil;
+  X509_REQ_add1_attr_by_NID := nil;
+  X509_REQ_add1_attr_by_txt := nil;
+  X509_CRL_set_version := nil;
+  X509_CRL_set_issuer_name := nil;
+  X509_CRL_set1_lastUpdate := nil;
+  X509_CRL_set1_nextUpdate := nil;
+  X509_CRL_sort := nil;
+  X509_CRL_up_ref := nil;
+  X509_CRL_get_version := nil;
+  X509_CRL_get0_lastUpdate := nil;
+  X509_CRL_get0_nextUpdate := nil;
+  X509_CRL_get_issuer := nil;
+  X509_CRL_get0_signature := nil;
+  X509_CRL_get_signature_nid := nil;
+  i2d_re_X509_CRL_tbs := nil;
+  X509_REVOKED_get0_serialNumber := nil;
+  X509_REVOKED_set_serialNumber := nil;
+  X509_REVOKED_get0_revocationDate := nil;
+  X509_REVOKED_set_revocationDate := nil;
+  X509_CRL_diff := nil;
+  X509_REQ_check_private_key := nil;
+  X509_check_private_key := nil;
+  X509_CRL_check_suiteb := nil;
+  X509_issuer_and_serial_cmp := nil;
+  X509_issuer_and_serial_hash := nil;
+  X509_issuer_name_cmp := nil;
+  X509_issuer_name_hash := nil;
+  X509_subject_name_cmp := nil;
+  X509_subject_name_hash := nil;
+  X509_cmp := nil;
+  X509_NAME_cmp := nil;
+  X509_NAME_hash := nil;
+  X509_NAME_hash_old := nil;
+  X509_CRL_cmp := nil;
+  X509_CRL_match := nil;
+  X509_aux_print := nil;
+  X509_NAME_print := nil;
+  X509_NAME_print_ex := nil;
+  X509_print_ex := nil;
+  X509_print := nil;
+  X509_ocspid_print := nil;
+  X509_CRL_print_ex := nil;
+  X509_CRL_print := nil;
+  X509_REQ_print_ex := nil;
+  X509_REQ_print := nil;
+  X509_NAME_entry_count := nil;
+  X509_NAME_get_text_by_NID := nil;
+  X509_NAME_get_text_by_OBJ := nil;
+  X509_NAME_get_index_by_NID := nil;
+  X509_NAME_get_index_by_OBJ := nil;
+  X509_NAME_get_entry := nil;
+  X509_NAME_delete_entry := nil;
+  X509_NAME_add_entry := nil;
+  X509_NAME_add_entry_by_OBJ := nil;
+  X509_NAME_add_entry_by_NID := nil;
+  X509_NAME_ENTRY_create_by_txt := nil;
+  X509_NAME_ENTRY_create_by_NID := nil;
+  X509_NAME_add_entry_by_txt := nil;
+  X509_NAME_ENTRY_create_by_OBJ := nil;
+  X509_NAME_ENTRY_set_object := nil;
+  X509_NAME_ENTRY_set_data := nil;
+  X509_NAME_ENTRY_get_object := nil;
+  X509_NAME_ENTRY_get_data := nil;
+  X509_NAME_ENTRY_set := nil;
+  X509_NAME_get0_der := nil;
+  X509_get_ext_count := nil;
+  X509_get_ext_by_NID := nil;
+  X509_get_ext_by_OBJ := nil;
+  X509_get_ext_by_critical := nil;
+  X509_get_ext := nil;
+  X509_delete_ext := nil;
+  X509_add_ext := nil;
+  X509_get_ext_d2i := nil;
+  X509_add1_ext_i2d := nil;
+  X509_CRL_get_ext_count := nil;
+  X509_CRL_get_ext_by_NID := nil;
+  X509_CRL_get_ext_by_OBJ := nil;
+  X509_CRL_get_ext_by_critical := nil;
+  X509_CRL_get_ext := nil;
+  X509_CRL_delete_ext := nil;
+  X509_CRL_add_ext := nil;
+  X509_CRL_get_ext_d2i := nil;
+  X509_CRL_add1_ext_i2d := nil;
+  X509_REVOKED_get_ext_count := nil;
+  X509_REVOKED_get_ext_by_NID := nil;
+  X509_REVOKED_get_ext_by_OBJ := nil;
+  X509_REVOKED_get_ext_by_critical := nil;
+  X509_REVOKED_get_ext := nil;
+  X509_REVOKED_delete_ext := nil;
+  X509_REVOKED_add_ext := nil;
+  X509_REVOKED_get_ext_d2i := nil;
+  X509_REVOKED_add1_ext_i2d := nil;
+  X509_EXTENSION_create_by_NID := nil;
+  X509_EXTENSION_create_by_OBJ := nil;
+  X509_EXTENSION_set_object := nil;
+  X509_EXTENSION_set_critical := nil;
+  X509_EXTENSION_set_data := nil;
+  X509_EXTENSION_get_object := nil;
+  X509_EXTENSION_get_data := nil;
+  X509_EXTENSION_get_critical := nil;
+  X509_ATTRIBUTE_create_by_NID := nil;
+  X509_ATTRIBUTE_create_by_OBJ := nil;
+  X509_ATTRIBUTE_create_by_txt := nil;
+  X509_ATTRIBUTE_set1_object := nil;
+  X509_ATTRIBUTE_set1_data := nil;
+  X509_ATTRIBUTE_get0_data := nil;
+  X509_ATTRIBUTE_count := nil;
+  X509_ATTRIBUTE_get0_object := nil;
+  X509_ATTRIBUTE_get0_type := nil;
+  EVP_PKEY_get_attr_count := nil;
+  EVP_PKEY_get_attr_by_NID := nil;
+  EVP_PKEY_get_attr_by_OBJ := nil;
+  EVP_PKEY_get_attr := nil;
+  EVP_PKEY_delete_attr := nil;
+  EVP_PKEY_add1_attr := nil;
+  EVP_PKEY_add1_attr_by_OBJ := nil;
+  EVP_PKEY_add1_attr_by_NID := nil;
+  EVP_PKEY_add1_attr_by_txt := nil;
+  X509_verify_cert := nil;
+  PKCS5_pbe_set0_algor := nil;
+  PKCS5_pbe_set := nil;
+  PKCS5_pbe2_set := nil;
+  PKCS5_pbe2_set_iv := nil;
+  PKCS5_pbe2_set_scrypt := nil;
+  PKCS5_pbkdf2_set := nil;
+  EVP_PKCS82PKEY := nil;
+  EVP_PKEY2PKCS8 := nil;
+  PKCS8_pkey_set0 := nil;
+  PKCS8_pkey_get0 := nil;
+  PKCS8_pkey_add1_attr_by_NID := nil;
+  X509_PUBKEY_set0_param := nil;
+  X509_PUBKEY_get0_param := nil;
+  X509_check_trust := nil;
+  X509_TRUST_get_count := nil;
+  X509_TRUST_get0 := nil;
+  X509_TRUST_get_by_id := nil;
+  X509_TRUST_cleanup := nil;
+  X509_TRUST_get_flags := nil;
+  X509_TRUST_get0_name := nil;
+  X509_TRUST_get_trust := nil;
+end;
+{$ENDREGION}
+
+end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_x509_vfy.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_x509_vfy.pas
new file mode 100644
index 000000000..dc7f4d86a
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_x509_vfy.pas
@@ -0,0 +1,902 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 15:01:04
+
+unit IdOpenSSLHeaders_x509_vfy;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// x509_vfy.h
+
+{$i IdCompilerDefines.inc}
+
+{$MINENUMSIZE 4}
+
+uses
+  Classes,
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts,
+  IdOpenSSLHeaders_ossl_typ;
+
+const
+  X509_L_FILE_LOAD = 1;
+  X509_L_ADD_DIR   = 2;
+
+  X509_V_OK                                       = 0;
+  X509_V_ERR_UNSPECIFIED                          = 1;
+  X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT            = 2;
+  X509_V_ERR_UNABLE_TO_GET_CRL                    = 3;
+  X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE     = 4;
+  X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE      = 5;
+  X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY   = 6;
+  X509_V_ERR_CERT_SIGNATURE_FAILURE               = 7;
+  X509_V_ERR_CRL_SIGNATURE_FAILURE                = 8;
+  X509_V_ERR_CERT_NOT_YET_VALID                   = 9;
+  X509_V_ERR_CERT_HAS_EXPIRED                     = 10;
+  X509_V_ERR_CRL_NOT_YET_VALID                    = 11;
+  X509_V_ERR_CRL_HAS_EXPIRED                      = 12;
+  X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD       = 13;
+  X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD        = 14;
+  X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD       = 15;
+  X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD       = 16;
+  X509_V_ERR_OUT_OF_MEM                           = 17;
+  X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT          = 18;
+  X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN            = 19;
+  X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY    = 20;
+  X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE      = 21;
+  X509_V_ERR_CERT_CHAIN_TOO_LONG                  = 22;
+  X509_V_ERR_CERT_REVOKED                         = 23;
+  X509_V_ERR_INVALID_CA                           = 24;
+  X509_V_ERR_PATH_LENGTH_EXCEEDED                 = 25;
+  X509_V_ERR_INVALID_PURPOSE                      = 26;
+  X509_V_ERR_CERT_UNTRUSTED                       = 27;
+  X509_V_ERR_CERT_REJECTED                        = 28;
+  (* These are 'informational' when looking for issuer cert *)
+  X509_V_ERR_SUBJECT_ISSUER_MISMATCH              = 29;
+  X509_V_ERR_AKID_SKID_MISMATCH                   = 30;
+  X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH          = 31;
+  X509_V_ERR_KEYUSAGE_NO_CERTSIGN                 = 32;
+  X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER             = 33;
+  X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION         = 34;
+  X509_V_ERR_KEYUSAGE_NO_CRL_SIGN                 = 35;
+  X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION     = 36;
+  X509_V_ERR_INVALID_NON_CA                       = 37;
+  X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED           = 38;
+  X509_V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE        = 39;
+  X509_V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED       = 40;
+  X509_V_ERR_INVALID_EXTENSION                    = 41;
+  X509_V_ERR_INVALID_POLICY_EXTENSION             = 42;
+  X509_V_ERR_NO_EXPLICIT_POLICY                   = 43;
+  X509_V_ERR_DIFFERENT_CRL_SCOPE                  = 44;
+  X509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE        = 45;
+  X509_V_ERR_UNNESTED_RESOURCE                    = 46;
+  X509_V_ERR_PERMITTED_VIOLATION                  = 47;
+  X509_V_ERR_EXCLUDED_VIOLATION                   = 48;
+  X509_V_ERR_SUBTREE_MINMAX                       = 49;
+  (* The application is not happy *)
+  X509_V_ERR_APPLICATION_VERIFICATION             = 50;
+  X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE          = 51;
+  X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX        = 52;
+  X509_V_ERR_UNSUPPORTED_NAME_SYNTAX              = 53;
+  X509_V_ERR_CRL_PATH_VALIDATION_ERROR            = 54;
+  (* Another issuer check debug option *)
+  X509_V_ERR_PATH_LOOP                            = 55;
+  (* Suite B mode algorithm violation *)
+  X509_V_ERR_SUITE_B_INVALID_VERSION              = 56;
+  X509_V_ERR_SUITE_B_INVALID_ALGORITHM            = 57;
+  X509_V_ERR_SUITE_B_INVALID_CURVE                = 58;
+  X509_V_ERR_SUITE_B_INVALID_SIGNATURE_ALGORITHM  = 59;
+  X509_V_ERR_SUITE_B_LOS_NOT_ALLOWED              = 60;
+  X509_V_ERR_SUITE_B_CANNOT_SIGN_P_384_WITH_P_256 = 61;
+  (* Host, email and IP check errors *)
+  X509_V_ERR_HOSTNAME_MISMATCH                    = 62;
+  X509_V_ERR_EMAIL_MISMATCH                       = 63;
+  X509_V_ERR_IP_ADDRESS_MISMATCH                  = 64;
+  (* DANE TLSA errors *)
+  X509_V_ERR_DANE_NO_MATCH                        = 65;
+  (* security level errors *)
+  X509_V_ERR_EE_KEY_TOO_SMALL                     = 66;
+  X509_V_ERR_CA_KEY_TOO_SMALL                     = 67;
+  X509_V_ERR_CA_MD_TOO_WEAK                       = 68;
+  (* Caller error *)
+  X509_V_ERR_INVALID_CALL                         = 69;
+  (* Issuer lookup error *)
+  X509_V_ERR_STORE_LOOKUP                         = 70;
+  (* Certificate transparency *)
+  X509_V_ERR_NO_VALID_SCTS                        = 71;
+
+  X509_V_ERR_PROXY_SUBJECT_NAME_VIOLATION         = 72;
+  (* OCSP status errors *)
+  X509_V_ERR_OCSP_VERIFY_NEEDED                   = 73;  (* Need OCSP verification *)
+  X509_V_ERR_OCSP_VERIFY_FAILED                   = 74;  (* Couldn't verify cert through OCSP *)
+  X509_V_ERR_OCSP_CERT_UNKNOWN                    = 75;  (* Certificate wasn't recognized by the OCSP responder *)
+
+  (* Certificate verify flags *)
+
+  (* Use check time instead of current time *)
+  X509_V_FLAG_USE_CHECK_TIME       = $2;
+  (* Lookup CRLs *)
+  X509_V_FLAG_CRL_CHECK            = $4;
+  (* Lookup CRLs for whole chain *)
+  X509_V_FLAG_CRL_CHECK_ALL        = $8;
+  (* Ignore unhandled critical extensions *)
+  X509_V_FLAG_IGNORE_CRITICAL      = $10;
+  (* Disable workarounds for broken certificates *)
+  X509_V_FLAG_X509_STRICT          = $20;
+  (* Enable proxy certificate validation *)
+  X509_V_FLAG_ALLOW_PROXY_CERTS    = $40;
+  (* Enable policy checking *)
+  X509_V_FLAG_POLICY_CHECK         = $80;
+  (* Policy variable require-explicit-policy *)
+  X509_V_FLAG_EXPLICIT_POLICY      = $100;
+  (* Policy variable inhibit-any-policy *)
+  X509_V_FLAG_INHIBIT_ANY          = $200;
+  (* Policy variable inhibit-policy-mapping *)
+  X509_V_FLAG_INHIBIT_MAP          = $400;
+  (* Notify callback that policy is OK *)
+  X509_V_FLAG_NOTIFY_POLICY        = $800;
+  (* Extended CRL features such as indirect CRLs, alternate CRL signing keys *)
+  X509_V_FLAG_EXTENDED_CRL_SUPPORT = $1000;
+  (* Delta CRL support *)
+  X509_V_FLAG_USE_DELTAS           = $2000;
+  (* Check self-signed CA signature *)
+  X509_V_FLAG_CHECK_SS_SIGNATURE   = $4000;
+  (* Use trusted store first *)
+  X509_V_FLAG_TRUSTED_FIRST        = $8000;
+  (* Suite B 128 bit only mode: not normally used *)
+  X509_V_FLAG_SUITEB_128_LOS_ONLY  = $10000;
+  (* Suite B 192 bit only mode *)
+  X509_V_FLAG_SUITEB_192_LOS       = $20000;
+  (* Suite B 128 bit mode allowing 192 bit algorithms *)
+  X509_V_FLAG_SUITEB_128_LOS       = $30000;
+  (* Allow partial chains if at least one certificate is in trusted store *)
+  X509_V_FLAG_PARTIAL_CHAIN        = $80000;
+  (*
+   * If the initial chain is not trusted, do not attempt to build an alternative
+   * chain. Alternate chain checking was introduced in 1.1.0. Setting this flag
+   * will force the behaviour to match that of previous versions.
+   *)
+  X509_V_FLAG_NO_ALT_CHAINS        = $100000;
+  (* Do not check certificate/CRL validity against current time *)
+  X509_V_FLAG_NO_CHECK_TIME        = $200000;
+
+  X509_VP_FLAG_DEFAULT             = $1;
+  X509_VP_FLAG_OVERWRITE           = $2;
+  X509_VP_FLAG_RESET_FLAGS         = $4;
+  X509_VP_FLAG_LOCKED              = $8;
+  X509_VP_FLAG_ONCE                = $10;
+
+  (* Internal use: mask of policy related options *)
+  X509_V_FLAG_POLICY_MASK = X509_V_FLAG_POLICY_CHECK or X509_V_FLAG_EXPLICIT_POLICY
+    or X509_V_FLAG_INHIBIT_ANY or X509_V_FLAG_INHIBIT_MAP;
+
+
+  DANE_FLAG_NO_DANE_EE_NAMECHECKS = TIdC_Long(1) shl 0;
+
+  (* Non positive return values are errors *)
+  X509_PCY_TREE_FAILURE  = -2; (* Failure to satisfy explicit policy *)
+  X509_PCY_TREE_INVALID  = -1; (* Inconsistent or invalid extensions *)
+  X509_PCY_TREE_INTERNAL = 0; (* Internal error, most likely malloc *)
+
+  (*
+   * Positive return values form a bit mask, all but the first are internal to
+   * the library and don't appear in results from X509_policy_check().
+   *)
+  X509_PCY_TREE_VALID    = 1; (* The policy tree is valid *)
+  X509_PCY_TREE_EMPTY    = 2; (* The policy tree is empty *)
+  X509_PCY_TREE_EXPLICIT = 4; (* Explicit policy required *)
+
+type
+  (*-
+  SSL_CTX -> X509_STORE
+                  -> X509_LOOKUP
+                          ->X509_LOOKUP_METHOD
+                  -> X509_LOOKUP
+                          ->X509_LOOKUP_METHOD
+
+  SSL     -> X509_STORE_CTX
+                  ->X509_STORE
+
+  The X509_STORE holds the tables etc for verification stuff.
+  A X509_STORE_CTX is used while validating a single certificate.
+  The X509_STORE has X509_LOOKUPs for looking up certs.
+  The X509_STORE then calls a function to actually verify the
+  certificate chain.
+  *)
+
+  X509_LOOKUP_TYPE = (
+    X509_LU_NONE = 0,
+    X509_LU_X509,
+    X509_LU_CRL
+  );
+
+  X509_STORE_CTX_verify_cb = function(v1: TIdC_INT; v2: PX509_STORE_CTX): TIdC_INT;
+  X509_STORE_CTX_verify_fn = function(v1: PX509_STORE_CTX): TIdC_INT;
+  X509_STORE_CTX_get_issuer_fn = function(issuer: PPX509; ctx: PX509_STORE_CTX; x: PX509): TIdC_INT;
+  X509_STORE_CTX_check_issued_fn = function(ctx: PX509_STORE_CTX; x: PX509; issuer: PX509): TIdC_INT;
+  X509_STORE_CTX_check_revocation_fn = function(ctx: PX509_STORE_CTX): TIdC_INT;
+  X509_STORE_CTX_get_crl_fn = function(ctx: PX509_STORE_CTX; crl: PPX509_CRL; x: PX509): TIdC_INT;
+  X509_STORE_CTX_check_crl_fn = function(ctx: PX509_STORE_CTX; crl: PX509_CRL): TIdC_INT;
+  X509_STORE_CTX_cert_crl_fn = function(ctx: PX509_STORE_CTX; crl: PX509_CRL; x: PX509): TIdC_INT;
+  X509_STORE_CTX_check_policy_fn = function(ctx: PX509_STORE_CTX): TIdC_INT;
+//  typedef STACK_OF(X509) *(*X509_STORE_CTX_lookup_certs_fn)(X509_STORE_CTX *ctx,
+//                                                            X509_NAME *nm);
+//  typedef STACK_OF(X509_CRL) *(*X509_STORE_CTX_lookup_crls_fn)(X509_STORE_CTX *ctx,
+//                                                               X509_NAME *nm);
+  X509_STORE_CTX_cleanup_fn = function(ctx: PX509_STORE_CTX): TIdC_INT;
+
+  X509_LOOKUP_ctrl_fn = function(ctx: PX509_LOOKUP; cmd: TIdC_INT;
+    const argc: PIdAnsiChar; argl: TIdC_LONG; ret: PPIdAnsiChar): TIdC_INT;
+  X509_LOOKUP_get_by_subject_fn = function(ctx: PX509_LOOKUP;
+    &type: X509_LOOKUP_TYPE; name: PX509_NAME; ret: PX509_OBJECT): TIdC_INT;
+  X509_LOOKUP_get_by_issuer_serial_fn = function(ctx: PX509_LOOKUP;
+    &type: X509_LOOKUP_TYPE; name: PX509_NAME; serial: PASN1_INTEGER; ret: PX509_OBJECT): TIdC_INT;
+  X509_LOOKUP_get_by_fingerprint_fn = function(ctx: PX509_LOOKUP; &type: X509_LOOKUP_TYPE;
+    const bytes: PByte; len: TIdC_INT; ret: PX509_OBJECT): TIdC_INT;
+  X509_LOOKUP_get_by_alias_fn = function(ctx: PX509_LOOKUP; &type: X509_LOOKUP_TYPE;
+    const str: PIdAnsiChar; len: TIdC_INT; ret: PX509_OBJECT): TIdC_INT;
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+procedure UnLoad;
+{$ENDREGION}
+
+var
+  //DEFINE_STACK_OF(X509_LOOKUP)
+  //DEFINE_STACK_OF(X509_OBJECT)
+  //DEFINE_STACK_OF(X509_VERIFY_PARAM)
+
+  X509_STORE_set_depth: function(store: PX509_STORE; depth: TIdC_INT): TIdC_INT cdecl = nil;
+
+  X509_STORE_CTX_set_depth: procedure(ctx: PX509_STORE_CTX; depth: TIdC_INT) cdecl = nil;
+
+  //# define X509_STORE_CTX_set_app_data(ctx,data) \
+  //        X509_STORE_CTX_set_ex_data(ctx,0,data)
+  //# define X509_STORE_CTX_get_app_data(ctx) \
+  //        X509_STORE_CTX_get_ex_data(ctx,0)
+  //
+  //# define X509_LOOKUP_load_file(x,name,type) \
+  //                X509_LOOKUP_ctrl((x),X509_L_FILE_LOAD,(name),(TIdC_LONG)(type),NULL)
+  //
+  //# define X509_LOOKUP_add_dir(x,name,type) \
+  //                X509_LOOKUP_ctrl((x),X509_L_ADD_DIR,(name),(TIdC_LONG)(type),NULL)
+  //
+  //TIdC_INT X509_OBJECT_idx_by_subject(STACK_OF(X509_OBJECT) *h, X509_LOOKUP_TYPE type,
+  //                               X509_NAME *name);
+  //X509_OBJECT *X509_OBJECT_retrieve_by_subject(STACK_OF(X509_OBJECT) *h,
+  //                                             X509_LOOKUP_TYPE type,
+  //                                             X509_NAME *name);
+  //X509_OBJECT *X509_OBJECT_retrieve_match(STACK_OF(X509_OBJECT) *h,
+  //                                        X509_OBJECT *x);
+  X509_OBJECT_up_ref_count: function(a: PX509_OBJECT): TIdC_INT cdecl = nil;
+  X509_OBJECT_new: function: PX509_OBJECT cdecl = nil;
+  X509_OBJECT_free: procedure(a: PX509_OBJECT) cdecl = nil;
+  X509_OBJECT_get_type: function(const a: PX509_OBJECT): X509_LOOKUP_TYPE cdecl = nil;
+  X509_OBJECT_get0_X509: function(const a: PX509_OBJECT): PX509 cdecl = nil;
+  X509_OBJECT_set1_X509: function(a: PX509_OBJECT; obj: PX509): TIdC_INT cdecl = nil;
+  X509_OBJECT_get0_X509_CRL: function(a: PX509_OBJECT): PX509_CRL cdecl = nil;
+  X509_OBJECT_set1_X509_CRL: function(a: PX509_OBJECT; obj: PX509_CRL): TIdC_INT cdecl = nil;
+  X509_STORE_new: function: PX509_STORE cdecl = nil;
+  X509_STORE_free: procedure(v: PX509_STORE) cdecl = nil;
+  X509_STORE_lock: function(ctx: PX509_STORE): TIdC_INT cdecl = nil;
+  X509_STORE_unlock: function(ctx: PX509_STORE): TIdC_INT cdecl = nil;
+  X509_STORE_up_ref: function(v: PX509_STORE): TIdC_INT cdecl = nil;
+  //STACK_OF(X509_OBJECT) *X509_STORE_get0_objects(X509_STORE *v);
+
+  //STACK_OF(X509) *X509_STORE_CTX_get1_certs(X509_STORE_CTX *st, X509_NAME *nm);
+  //STACK_OF(X509_CRL) *X509_STORE_CTX_get1_crls(X509_STORE_CTX *st, X509_NAME *nm);
+  X509_STORE_set_flags: function(ctx: PX509_STORE; flags: TIdC_ULONG): TIdC_INT cdecl = nil;
+  X509_STORE_set_purpose: function(ctx: PX509_STORE; purpose: TIdC_INT): TIdC_INT cdecl = nil;
+  X509_STORE_set_trust: function(ctx: PX509_STORE; trust: TIdC_INT): TIdC_INT cdecl = nil;
+  X509_STORE_set1_param: function(ctx: PX509_STORE; pm: PX509_VERIFY_PARAM): TIdC_INT cdecl = nil;
+  X509_STORE_get0_param: function(ctx: PX509_STORE): PX509_VERIFY_PARAM cdecl = nil;
+
+  X509_STORE_set_verify: procedure(ctx: PX509_STORE; verify: X509_STORE_CTX_verify_fn) cdecl = nil;
+  //#define X509_STORE_set_verify_func(ctx, func) \
+  //            X509_STORE_set_verify((ctx),(func))
+  X509_STORE_CTX_set_verify: procedure(ctx: PX509_STORE_CTX; verify: X509_STORE_CTX_verify_fn) cdecl = nil;
+  X509_STORE_get_verify: function(ctx: PX509_STORE): X509_STORE_CTX_verify_fn cdecl = nil;
+  X509_STORE_set_verify_cb: procedure(ctx: PX509_STORE; verify_cb: X509_STORE_CTX_verify_cb) cdecl = nil;
+  //# define X509_STORE_set_verify_cb_func(ctx,func) \
+  //            X509_STORE_set_verify_cb((ctx),(func))
+  X509_STORE_get_verify_cb: function(ctx: PX509_STORE): X509_STORE_CTX_verify_cb cdecl = nil;
+  X509_STORE_set_get_issuer: procedure(ctx: PX509_STORE; get_issuer: X509_STORE_CTX_get_issuer_fn) cdecl = nil;
+  X509_STORE_get_get_issuer: function(ctx: PX509_STORE): X509_STORE_CTX_get_issuer_fn cdecl = nil;
+  X509_STORE_set_check_issued: procedure(ctx: PX509_STORE; check_issued: X509_STORE_CTX_check_issued_fn) cdecl = nil;
+  X509_STORE_get_check_issued: function(ctx: PX509_STORE): X509_STORE_CTX_check_issued_fn cdecl = nil;
+  X509_STORE_set_check_revocation: procedure(ctx: PX509_STORE; check_revocation: X509_STORE_CTX_check_revocation_fn) cdecl = nil;
+  X509_STORE_get_check_revocation: function(ctx: PX509_STORE): X509_STORE_CTX_check_revocation_fn cdecl = nil;
+  X509_STORE_set_get_crl: procedure(ctx: PX509_STORE; get_crl: X509_STORE_CTX_get_crl_fn) cdecl = nil;
+  X509_STORE_get_get_crl: function(ctx: PX509_STORE): X509_STORE_CTX_get_crl_fn cdecl = nil;
+  X509_STORE_set_check_crl: procedure(ctx: PX509_STORE; check_crl: X509_STORE_CTX_check_crl_fn) cdecl = nil;
+  X509_STORE_get_check_crl: function(ctx: PX509_STORE): X509_STORE_CTX_check_crl_fn cdecl = nil;
+  X509_STORE_set_cert_crl: procedure(ctx: PX509_STORE; cert_crl: X509_STORE_CTX_cert_crl_fn) cdecl = nil;
+  X509_STORE_get_cert_crl: function(ctx: PX509_STORE): X509_STORE_CTX_cert_crl_fn cdecl = nil;
+  X509_STORE_set_check_policy: procedure(ctx: PX509_STORE; check_policy: X509_STORE_CTX_check_policy_fn) cdecl = nil;
+  X509_STORE_get_check_policy: function(ctx: PX509_STORE): X509_STORE_CTX_check_policy_fn cdecl = nil;
+//  procedure X509_STORE_set_lookup_certs(ctx: PX509_STORE; lookup_certs: X509_STORE_CTX_lookup_certs_fn);
+//  function X509_STORE_get_lookup_certs(ctx: PX509_STORE): X509_STORE_CTX_lookup_certs_fn;
+//  procedure X509_STORE_set_lookup_crls(ctx: PX509_STORE; lookup_crls: X509_STORE_CTX_lookup_crls_fn);
+//  #define X509_STORE_set_lookup_crls_cb(ctx, func) \
+//      X509_STORE_set_lookup_crls((ctx), (func))
+//  function X509_STORE_get_lookup_crls(ctx: PX509_STORE): X509_STORE_CTX_lookup_crls_fn;
+  X509_STORE_set_cleanup: procedure(ctx: PX509_STORE; cleanup: X509_STORE_CTX_cleanup_fn) cdecl = nil;
+  X509_STORE_get_cleanup: function(ctx: PX509_STORE): X509_STORE_CTX_cleanup_fn cdecl = nil;
+
+  //#define X509_STORE_get_ex_new_index(l, p, newf, dupf, freef) \
+  //    CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_X509_STORE, l, p, newf, dupf, freef)
+  X509_STORE_set_ex_data: function(ctx: PX509_STORE; idx: TIdC_INT; data: Pointer): TIdC_INT cdecl = nil;
+  X509_STORE_get_ex_data: function(ctx: PX509_STORE; idx: TIdC_INT): Pointer cdecl = nil;
+
+  X509_STORE_CTX_new: function: PX509_STORE_CTX cdecl = nil;
+
+  X509_STORE_CTX_get1_issuer: function(issuer: PPX509; ctx: PX509_STORE_CTX; x: PX509): TIdC_INT cdecl = nil;
+
+  X509_STORE_CTX_free: procedure(ctx: PX509_STORE_CTX) cdecl = nil;
+//  TIdC_INT X509_STORE_CTX_init(ctx: PX509_STORE_CTX; store: PX509_STORE; x509: PX509; chain: P STACK_OF(X509));
+//  procedure X509_STORE_CTX_set0_trusted_stack(ctx: PX509_STORE_CTX; sk: P STACK_OF(X509));
+  X509_STORE_CTX_cleanup: procedure(ctx: PX509_STORE_CTX) cdecl = nil;
+
+  X509_STORE_CTX_get0_store: function(ctx: PX509_STORE_CTX): PX509_STORE cdecl = nil;
+  X509_STORE_CTX_get0_cert: function(ctx: PX509_STORE_CTX): PX509 cdecl = nil;
+  //STACK_OF(X509)* X509_STORE_CTX_get0_untrusted(X509_STORE_CTX *ctx);
+  //void X509_STORE_CTX_set0_untrusted(X509_STORE_CTX *ctx, STACK_OF(X509) *sk);
+  X509_STORE_CTX_set_verify_cb: procedure(ctx: PX509_STORE_CTX; verify: X509_STORE_CTX_verify_cb) cdecl = nil;
+  X509_STORE_CTX_get_verify_cb: function(ctx: PX509_STORE_CTX): X509_STORE_CTX_verify_cb cdecl = nil;
+  X509_STORE_CTX_get_verify: function(ctx: PX509_STORE_CTX): X509_STORE_CTX_verify_fn cdecl = nil;
+  X509_STORE_CTX_get_get_issuer: function(ctx: PX509_STORE_CTX): X509_STORE_CTX_get_issuer_fn cdecl = nil;
+  X509_STORE_CTX_get_check_issued: function(ctx: PX509_STORE_CTX): X509_STORE_CTX_check_issued_fn cdecl = nil;
+  X509_STORE_CTX_get_check_revocation: function(ctx: PX509_STORE_CTX): X509_STORE_CTX_check_revocation_fn cdecl = nil;
+  X509_STORE_CTX_get_get_crl: function(ctx: PX509_STORE_CTX): X509_STORE_CTX_get_crl_fn cdecl = nil;
+  X509_STORE_CTX_get_check_crl: function(ctx: PX509_STORE_CTX): X509_STORE_CTX_check_crl_fn cdecl = nil;
+  X509_STORE_CTX_get_cert_crl: function(ctx: PX509_STORE_CTX): X509_STORE_CTX_cert_crl_fn cdecl = nil;
+  X509_STORE_CTX_get_check_policy: function(ctx: PX509_STORE_CTX): X509_STORE_CTX_check_policy_fn cdecl = nil;
+//  function X509_STORE_CTX_get_lookup_certs(ctx: PX509_STORE_CTX): X509_STORE_CTX_lookup_certs_fn;
+//  function X509_STORE_CTX_get_lookup_crls(ctx: PX509_STORE_CTX): X509_STORE_CTX_lookup_crls_fn;
+  X509_STORE_CTX_get_cleanup: function(ctx: PX509_STORE_CTX): X509_STORE_CTX_cleanup_fn cdecl = nil;
+
+  X509_STORE_add_lookup: function(v: PX509_STORE; m: PX509_LOOKUP_METHOD): PX509_LOOKUP cdecl = nil;
+  X509_LOOKUP_hash_dir: function: PX509_LOOKUP_METHOD cdecl = nil;
+  X509_LOOKUP_file: function: PX509_LOOKUP_METHOD cdecl = nil;
+
+  X509_LOOKUP_meth_new: function(const name: PIdAnsiChar): PX509_LOOKUP_METHOD cdecl = nil;
+  X509_LOOKUP_meth_free: procedure(method: PX509_LOOKUP_METHOD) cdecl = nil;
+
+  //TIdC_INT X509_LOOKUP_meth_set_new_item(X509_LOOKUP_METHOD *method,
+  //                                  TIdC_INT (*new_item) (X509_LOOKUP *ctx));
+  //TIdC_INT (*X509_LOOKUP_meth_get_new_item(const X509_LOOKUP_METHOD* method))
+  //    (X509_LOOKUP *ctx);
+  //
+  //TIdC_INT X509_LOOKUP_meth_set_free(X509_LOOKUP_METHOD *method,
+  //                              void (*free_fn) (X509_LOOKUP *ctx));
+  //void (*X509_LOOKUP_meth_get_free(const X509_LOOKUP_METHOD* method))
+  //    (X509_LOOKUP *ctx);
+  //
+  //TIdC_INT X509_LOOKUP_meth_set_init(X509_LOOKUP_METHOD *method,
+  //                              TIdC_INT (*init) (X509_LOOKUP *ctx));
+  //TIdC_INT (*X509_LOOKUP_meth_get_init(const X509_LOOKUP_METHOD* method))
+  //    (X509_LOOKUP *ctx);
+  //
+  //TIdC_INT X509_LOOKUP_meth_set_shutdown(X509_LOOKUP_METHOD *method,
+  //                                  TIdC_INT (*shutdown) (X509_LOOKUP *ctx));
+  //TIdC_INT (*X509_LOOKUP_meth_get_shutdown(const X509_LOOKUP_METHOD* method))
+  //    (X509_LOOKUP *ctx);
+
+  X509_LOOKUP_meth_set_ctrl: function(method: PX509_LOOKUP_METHOD; ctrl_fn: X509_LOOKUP_ctrl_fn): TIdC_INT cdecl = nil;
+  X509_LOOKUP_meth_get_ctrl: function(const method: PX509_LOOKUP_METHOD): X509_LOOKUP_ctrl_fn cdecl = nil;
+
+  X509_LOOKUP_meth_set_get_by_subject: function(method: PX509_LOOKUP_METHOD; fn: X509_LOOKUP_get_by_subject_fn): TIdC_INT cdecl = nil;
+  X509_LOOKUP_meth_get_get_by_subject: function(const method: PX509_LOOKUP_METHOD): X509_LOOKUP_get_by_subject_fn cdecl = nil;
+
+  X509_LOOKUP_meth_set_get_by_issuer_serial: function(method: PX509_LOOKUP_METHOD; fn: X509_LOOKUP_get_by_issuer_serial_fn): TIdC_INT cdecl = nil;
+  X509_LOOKUP_meth_get_get_by_issuer_serial: function(const method: PX509_LOOKUP_METHOD): X509_LOOKUP_get_by_issuer_serial_fn cdecl = nil;
+
+  X509_LOOKUP_meth_set_get_by_fingerprint: function(method: PX509_LOOKUP_METHOD; fn: X509_LOOKUP_get_by_fingerprint_fn): TIdC_INT cdecl = nil;
+  X509_LOOKUP_meth_get_get_by_fingerprint: function(const method: PX509_LOOKUP_METHOD): X509_LOOKUP_get_by_fingerprint_fn cdecl = nil;
+
+  X509_LOOKUP_meth_set_get_by_alias: function(method: PX509_LOOKUP_METHOD; fn: X509_LOOKUP_get_by_alias_fn): TIdC_INT cdecl = nil;
+  X509_LOOKUP_meth_get_get_by_alias: function(const method: PX509_LOOKUP_METHOD): X509_LOOKUP_get_by_alias_fn cdecl = nil;
+
+  X509_STORE_add_cert: function(ctx: PX509_STORE; x: PX509): TIdC_INT cdecl = nil;
+  X509_STORE_add_crl: function(ctx: PX509_STORE; x: PX509_CRL): TIdC_INT cdecl = nil;
+
+  X509_STORE_CTX_get_by_subject: function(vs: PX509_STORE_CTX; &type: X509_LOOKUP_TYPE; name: PX509_NAME; ret: PX509_OBJECT): TIdC_INT cdecl = nil;
+  X509_STORE_CTX_get_obj_by_subject: function(vs: PX509_STORE_CTX; &type: X509_LOOKUP_TYPE; name: PX509_NAME): PX509_OBJECT cdecl = nil;
+
+  X509_LOOKUP_ctrl: function(ctx: PX509_LOOKUP; cmd: TIdC_INT; const argc: PIdAnsiChar; argl: TIdC_LONG; ret: PPIdAnsiChar): TIdC_INT cdecl = nil;
+
+  X509_load_cert_file: function(ctx: PX509_LOOKUP; const &file: PIdAnsiChar; &type: TIdC_INT): TIdC_INT cdecl = nil;
+  X509_load_crl_file: function(ctx: PX509_LOOKUP; const &file: PIdAnsiChar; &type: TIdC_INT): TIdC_INT cdecl = nil;
+  X509_load_cert_crl_file: function(ctx: PX509_LOOKUP; const &file: PIdAnsiChar; &type: TIdC_INT): TIdC_INT cdecl = nil;
+
+  X509_LOOKUP_new: function(method: PX509_LOOKUP_METHOD): PX509_LOOKUP cdecl = nil;
+  X509_LOOKUP_free: procedure(ctx: PX509_LOOKUP) cdecl = nil;
+  X509_LOOKUP_init: function(ctx: PX509_LOOKUP): TIdC_INT cdecl = nil;
+  X509_LOOKUP_by_subject: function(ctx: PX509_LOOKUP; &type: X509_LOOKUP_TYPE; name: PX509_NAME; ret: PX509_OBJECT): TIdC_INT cdecl = nil;
+  X509_LOOKUP_by_issuer_serial: function(ctx: PX509_LOOKUP; &type: X509_LOOKUP_TYPE; name: PX509_NAME; serial: PASN1_INTEGER; ret: PX509_OBJECT): TIdC_INT cdecl = nil;
+  X509_LOOKUP_by_fingerprint: function(ctx: PX509_LOOKUP; &type: X509_LOOKUP_TYPE; const bytes: PByte; len: TIdC_INT; ret: PX509_OBJECT): TIdC_INT cdecl = nil;
+  X509_LOOKUP_by_alias: function(ctx: PX509_LOOKUP; &type: X509_LOOKUP_TYPE; const str: PIdAnsiChar; len: TIdC_INT; ret: PX509_OBJECT): TIdC_INT cdecl = nil;
+  X509_LOOKUP_set_method_data: function(ctx: PX509_LOOKUP; data: Pointer): TIdC_INT cdecl = nil;
+  X509_LOOKUP_get_method_data: function(const ctx: PX509_LOOKUP): Pointer cdecl = nil;
+  X509_LOOKUP_get_store: function(const ctx: PX509_LOOKUP): PX509_STORE cdecl = nil;
+  X509_LOOKUP_shutdown: function(ctx: PX509_LOOKUP): TIdC_INT cdecl = nil;
+
+  X509_STORE_load_locations: function(ctx: PX509_STORE; const &file: PIdAnsiChar; const dir: PIdAnsiChar): TIdC_INT cdecl = nil;
+  X509_STORE_set_default_paths: function(ctx: PX509_STORE): TIdC_INT cdecl = nil;
+
+  //#define X509_STORE_CTX_get_ex_new_index(l, p, newf, dupf, freef) \
+  //    CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_X509_STORE_CTX, l, p, newf, dupf, freef)
+  X509_STORE_CTX_set_ex_data: function(ctx: PX509_STORE_CTX; idx: TIdC_INT; data: Pointer): TIdC_INT cdecl = nil;
+  X509_STORE_CTX_get_ex_data: function(ctx: PX509_STORE_CTX; idx: TIdC_INT): Pointer cdecl = nil;
+  X509_STORE_CTX_get_error: function(ctx: PX509_STORE_CTX): TIdC_INT cdecl = nil;
+  X509_STORE_CTX_set_error: procedure(ctx: X509_STORE_CTX; s: TIdC_INT) cdecl = nil;
+  X509_STORE_CTX_get_error_depth: function(ctx: PX509_STORE_CTX): TIdC_INT cdecl = nil;
+  X509_STORE_CTX_set_error_depth: procedure(ctx: PX509_STORE_CTX; depth: TIdC_INT) cdecl = nil;
+  X509_STORE_CTX_get_current_cert: function(ctx: PX509_STORE_CTX): PX509 cdecl = nil;
+  X509_STORE_CTX_set_current_cert: procedure(ctx: PX509_STORE_CTX; x: PX509) cdecl = nil;
+  X509_STORE_CTX_get0_current_issuer: function(ctx: PX509_STORE_CTX): PX509 cdecl = nil;
+  X509_STORE_CTX_get0_current_crl: function(ctx: PX509_STORE_CTX): PX509_CRL cdecl = nil;
+  X509_STORE_CTX_get0_parent_ctx: function(ctx: PX509_STORE_CTX): PX509_STORE_CTX cdecl = nil;
+//  STACK_OF(X509) *X509_STORE_CTX_get0_chain(X509_STORE_CTX *ctx);
+//  STACK_OF(X509) *X509_STORE_CTX_get1_chain(X509_STORE_CTX *ctx);
+  X509_STORE_CTX_set_cert: procedure(c: PX509_STORE_CTX; x: PX509) cdecl = nil;
+//  void X509_STORE_CTX_set0_verified_chain(X509_STORE_CTX *c, STACK_OF(X509) *sk);
+//  void X509_STORE_CTX_set0_crls(X509_STORE_CTX *c, STACK_OF(X509_CRL) *sk);
+  X509_STORE_CTX_set_purpose: function(ctx: PX509_STORE_CTX; purpose: TIdC_INT): TIdC_INT cdecl = nil;
+  X509_STORE_CTX_set_trust: function(ctx: PX509_STORE_CTX; trust: TIdC_INT): TIdC_INT cdecl = nil;
+  X509_STORE_CTX_purpose_inherit: function(ctx: PX509_STORE_CTX; def_purpose: TIdC_INT; purpose: TIdC_INT; trust: TIdC_INT): TIdC_INT cdecl = nil;
+  X509_STORE_CTX_set_flags: procedure(ctx: PX509_STORE_CTX; flags: TIdC_ULONG) cdecl = nil;
+//  procedure X509_STORE_CTX_set_time(ctx: PX509_STORE_CTX; flags: TIdC_ULONG; t: TIdC_TIMET);
+
+  X509_STORE_CTX_get0_policy_tree: function(ctx: PX509_STORE_CTX): PX509_POLICY_TREE cdecl = nil;
+  X509_STORE_CTX_get_explicit_policy: function(ctx: PX509_STORE_CTX): TIdC_INT cdecl = nil;
+  X509_STORE_CTX_get_num_untrusted: function(ctx: PX509_STORE_CTX): TIdC_INT cdecl = nil;
+
+  X509_STORE_CTX_get0_param: function(ctx: PX509_STORE_CTX): PX509_VERIFY_PARAM cdecl = nil;
+  X509_STORE_CTX_set0_param: procedure(ctx: PX509_STORE_CTX; param: PX509_VERIFY_PARAM) cdecl = nil;
+  X509_STORE_CTX_set_default: function(ctx: PX509_STORE_CTX; const name: PIdAnsiChar): TIdC_INT cdecl = nil;
+
+  (*
+   * Bridge opacity barrier between libcrypt and libssl, also needed to support
+   * offline testing in test/danetest.c
+   *)
+  X509_STORE_CTX_set0_dane: procedure(ctx: PX509_STORE_CTX; dane: PSSL_DANE) cdecl = nil;
+
+  (* X509_VERIFY_PARAM functions *)
+
+  X509_VERIFY_PARAM_new: function: PX509_VERIFY_PARAM cdecl = nil;
+  X509_VERIFY_PARAM_free: procedure(param: PX509_VERIFY_PARAM) cdecl = nil;
+  X509_VERIFY_PARAM_inherit: function(&to: PX509_VERIFY_PARAM; const from: PX509_VERIFY_PARAM): TIdC_INT cdecl = nil;
+  X509_VERIFY_PARAM_set1: function(&to: PX509_VERIFY_PARAM; const from: PX509_VERIFY_PARAM): TIdC_INT cdecl = nil;
+  X509_VERIFY_PARAM_set1_name: function(param: PX509_VERIFY_PARAM; const name: PIdAnsiChar): TIdC_INT cdecl = nil;
+  X509_VERIFY_PARAM_set_flags: function(param: PX509_VERIFY_PARAM; flags: TIdC_ULONG): TIdC_INT cdecl = nil;
+  X509_VERIFY_PARAM_clear_flags: function(param: PX509_VERIFY_PARAM; flags: TIdC_ULONG): TIdC_INT cdecl = nil;
+  X509_VERIFY_PARAM_get_flags: function(param: PX509_VERIFY_PARAM): TIdC_ULONG cdecl = nil;
+  X509_VERIFY_PARAM_set_purpose: function(param: PX509_VERIFY_PARAM; purpose: TIdC_INT): TIdC_INT cdecl = nil;
+  X509_VERIFY_PARAM_set_trust: function(param: PX509_VERIFY_PARAM; trust: TIdC_INT): TIdC_INT cdecl = nil;
+  X509_VERIFY_PARAM_set_depth: procedure(param: PX509_VERIFY_PARAM; depth: TIdC_INT) cdecl = nil;
+  X509_VERIFY_PARAM_set_auth_level: procedure(param: PX509_VERIFY_PARAM; auth_level: TIdC_INT) cdecl = nil;
+//  function X509_VERIFY_PARAM_get_time(const param: PX509_VERIFY_PARAM): TIdC_TIMET;
+//  procedure X509_VERIFY_PARAM_set_time(param: PX509_VERIFY_PARAM; t: TIdC_TIMET);
+  X509_VERIFY_PARAM_add0_policy: function(param: PX509_VERIFY_PARAM; policy: PASN1_OBJECT): TIdC_INT cdecl = nil;
+  //TIdC_INT X509_VERIFY_PARAM_set1_policies(X509_VERIFY_PARAM *param,
+  //                                    STACK_OF(ASN1_OBJECT) *policies);
+
+  X509_VERIFY_PARAM_set_inh_flags: function(param: PX509_VERIFY_PARAM; flags: TIdC_UINT32): TIdC_INT cdecl = nil;
+  X509_VERIFY_PARAM_get_inh_flags: function(const param: PX509_VERIFY_PARAM): TIdC_UINT32 cdecl = nil;
+
+  X509_VERIFY_PARAM_set1_host: function(param: PX509_VERIFY_PARAM; const name: PIdAnsiChar; namelen: TIdC_SIZET): TIdC_INT cdecl = nil;
+  X509_VERIFY_PARAM_add1_host: function(param: PX509_VERIFY_PARAM; const name: PIdAnsiChar; namelen: TIdC_SIZET): TIdC_INT cdecl = nil;
+  X509_VERIFY_PARAM_set_hostflags: procedure(param: PX509_VERIFY_PARAM; flags: TIdC_UINT) cdecl = nil;
+  X509_VERIFY_PARAM_get_hostflags: function(const param: PX509_VERIFY_PARAM): TIdC_UINT cdecl = nil;
+  X509_VERIFY_PARAM_get0_peername: function(v1: PX509_VERIFY_PARAM): PIdAnsiChar cdecl = nil;
+  X509_VERIFY_PARAM_move_peername: procedure(v1: PX509_VERIFY_PARAM; v2: PX509_VERIFY_PARAM) cdecl = nil;
+  X509_VERIFY_PARAM_set1_email: function(param: PX509_VERIFY_PARAM; const email: PIdAnsiChar; emaillen: TIdC_SIZET): TIdC_INT cdecl = nil;
+  X509_VERIFY_PARAM_set1_ip: function(param: PX509_VERIFY_PARAM; const ip: PByte; iplen: TIdC_SIZET): TIdC_INT cdecl = nil;
+  X509_VERIFY_PARAM_set1_ip_asc: function(param: PX509_VERIFY_PARAM; const ipasc: PIdAnsiChar): TIdC_INT cdecl = nil;
+
+  X509_VERIFY_PARAM_get_depth: function(const param: PX509_VERIFY_PARAM): TIdC_INT cdecl = nil;
+  X509_VERIFY_PARAM_get_auth_level: function(const param: PX509_VERIFY_PARAM): TIdC_INT cdecl = nil;
+  X509_VERIFY_PARAM_get0_name: function(const param: PX509_VERIFY_PARAM): PIdAnsiChar cdecl = nil;
+
+  X509_VERIFY_PARAM_add0_table: function(param: PX509_VERIFY_PARAM): TIdC_INT cdecl = nil;
+  X509_VERIFY_PARAM_get_count: function: TIdC_INT cdecl = nil;
+  X509_VERIFY_PARAM_get0: function(id: TIdC_INT): PX509_VERIFY_PARAM cdecl = nil;
+  X509_VERIFY_PARAM_lookup: function(const name: PIdAnsiChar): X509_VERIFY_PARAM cdecl = nil;
+  X509_VERIFY_PARAM_table_cleanup: procedure cdecl = nil;
+
+  //TIdC_INT X509_policy_check(X509_POLICY_TREE **ptree, TIdC_INT *pexplicit_policy,
+  //                      STACK_OF(X509) *certs,
+  //                      STACK_OF(ASN1_OBJECT) *policy_oids, TIdC_UINT flags);
+
+  X509_policy_tree_free: procedure(tree: PX509_POLICY_TREE) cdecl = nil;
+
+  X509_policy_tree_level_count: function(const tree: PX509_POLICY_TREE): TIdC_INT cdecl = nil;
+  X509_policy_tree_get0_level: function(const tree: PX509_POLICY_TREE; i: TIdC_INT): PX509_POLICY_LEVEL cdecl = nil;
+
+  //STACK_OF(X509_POLICY_NODE) *X509_policy_tree_get0_policies(const
+  //                                                           X509_POLICY_TREE
+  //                                                           *tree);
+  //
+  //STACK_OF(X509_POLICY_NODE) *X509_policy_tree_get0_user_policies(const
+  //                                                                X509_POLICY_TREE
+  //                                                                *tree);
+
+  X509_policy_level_node_count: function(level: PX509_POLICY_LEVEL): TIdC_INT cdecl = nil;
+
+  X509_policy_level_get0_node: function(level: PX509_POLICY_LEVEL; i: TIdC_INT): PX509_POLICY_NODE cdecl = nil;
+
+  X509_policy_node_get0_policy: function(const node: PX509_POLICY_NODE): PASN1_OBJECT cdecl = nil;
+
+  //STACK_OF(POLICYQUALINFO) *X509_policy_node_get0_qualifiers(const
+  //                                                           X509_POLICY_NODE
+  //                                                           *node);
+  X509_policy_node_get0_parent: function(const node: PX509_POLICY_NODE): PX509_POLICY_NODE cdecl = nil;
+
+implementation
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+
+  function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
+  begin
+    Result := LoadLibFunction(ADllHandle, AMethodName);
+    if not Assigned(Result) then
+      AFailed.Add(AMethodName);
+  end;
+
+begin
+  X509_STORE_set_depth := LoadFunction('X509_STORE_set_depth', AFailed);
+  X509_STORE_CTX_set_depth := LoadFunction('X509_STORE_CTX_set_depth', AFailed);
+  X509_OBJECT_up_ref_count := LoadFunction('X509_OBJECT_up_ref_count', AFailed);
+  X509_OBJECT_new := LoadFunction('X509_OBJECT_new', AFailed);
+  X509_OBJECT_free := LoadFunction('X509_OBJECT_free', AFailed);
+  X509_OBJECT_get_type := LoadFunction('X509_OBJECT_get_type', AFailed);
+  X509_OBJECT_get0_X509 := LoadFunction('X509_OBJECT_get0_X509', AFailed);
+  X509_OBJECT_set1_X509 := LoadFunction('X509_OBJECT_set1_X509', AFailed);
+  X509_OBJECT_get0_X509_CRL := LoadFunction('X509_OBJECT_get0_X509_CRL', AFailed);
+  X509_OBJECT_set1_X509_CRL := LoadFunction('X509_OBJECT_set1_X509_CRL', AFailed);
+  X509_STORE_new := LoadFunction('X509_STORE_new', AFailed);
+  X509_STORE_free := LoadFunction('X509_STORE_free', AFailed);
+  X509_STORE_lock := LoadFunction('X509_STORE_lock', AFailed);
+  X509_STORE_unlock := LoadFunction('X509_STORE_unlock', AFailed);
+  X509_STORE_up_ref := LoadFunction('X509_STORE_up_ref', AFailed);
+  X509_STORE_set_flags := LoadFunction('X509_STORE_set_flags', AFailed);
+  X509_STORE_set_purpose := LoadFunction('X509_STORE_set_purpose', AFailed);
+  X509_STORE_set_trust := LoadFunction('X509_STORE_set_trust', AFailed);
+  X509_STORE_set1_param := LoadFunction('X509_STORE_set1_param', AFailed);
+  X509_STORE_get0_param := LoadFunction('X509_STORE_get0_param', AFailed);
+  X509_STORE_set_verify := LoadFunction('X509_STORE_set_verify', AFailed);
+  X509_STORE_CTX_set_verify := LoadFunction('X509_STORE_CTX_set_verify', AFailed);
+  X509_STORE_get_verify := LoadFunction('X509_STORE_get_verify', AFailed);
+  X509_STORE_set_verify_cb := LoadFunction('X509_STORE_set_verify_cb', AFailed);
+  X509_STORE_get_verify_cb := LoadFunction('X509_STORE_get_verify_cb', AFailed);
+  X509_STORE_set_get_issuer := LoadFunction('X509_STORE_set_get_issuer', AFailed);
+  X509_STORE_get_get_issuer := LoadFunction('X509_STORE_get_get_issuer', AFailed);
+  X509_STORE_set_check_issued := LoadFunction('X509_STORE_set_check_issued', AFailed);
+  X509_STORE_get_check_issued := LoadFunction('X509_STORE_get_check_issued', AFailed);
+  X509_STORE_set_check_revocation := LoadFunction('X509_STORE_set_check_revocation', AFailed);
+  X509_STORE_get_check_revocation := LoadFunction('X509_STORE_get_check_revocation', AFailed);
+  X509_STORE_set_get_crl := LoadFunction('X509_STORE_set_get_crl', AFailed);
+  X509_STORE_get_get_crl := LoadFunction('X509_STORE_get_get_crl', AFailed);
+  X509_STORE_set_check_crl := LoadFunction('X509_STORE_set_check_crl', AFailed);
+  X509_STORE_get_check_crl := LoadFunction('X509_STORE_get_check_crl', AFailed);
+  X509_STORE_set_cert_crl := LoadFunction('X509_STORE_set_cert_crl', AFailed);
+  X509_STORE_get_cert_crl := LoadFunction('X509_STORE_get_cert_crl', AFailed);
+  X509_STORE_set_check_policy := LoadFunction('X509_STORE_set_check_policy', AFailed);
+  X509_STORE_get_check_policy := LoadFunction('X509_STORE_get_check_policy', AFailed);
+  X509_STORE_set_cleanup := LoadFunction('X509_STORE_set_cleanup', AFailed);
+  X509_STORE_get_cleanup := LoadFunction('X509_STORE_get_cleanup', AFailed);
+  X509_STORE_set_ex_data := LoadFunction('X509_STORE_set_ex_data', AFailed);
+  X509_STORE_get_ex_data := LoadFunction('X509_STORE_get_ex_data', AFailed);
+  X509_STORE_CTX_new := LoadFunction('X509_STORE_CTX_new', AFailed);
+  X509_STORE_CTX_get1_issuer := LoadFunction('X509_STORE_CTX_get1_issuer', AFailed);
+  X509_STORE_CTX_free := LoadFunction('X509_STORE_CTX_free', AFailed);
+  X509_STORE_CTX_cleanup := LoadFunction('X509_STORE_CTX_cleanup', AFailed);
+  X509_STORE_CTX_get0_store := LoadFunction('X509_STORE_CTX_get0_store', AFailed);
+  X509_STORE_CTX_get0_cert := LoadFunction('X509_STORE_CTX_get0_cert', AFailed);
+  X509_STORE_CTX_set_verify_cb := LoadFunction('X509_STORE_CTX_set_verify_cb', AFailed);
+  X509_STORE_CTX_get_verify_cb := LoadFunction('X509_STORE_CTX_get_verify_cb', AFailed);
+  X509_STORE_CTX_get_verify := LoadFunction('X509_STORE_CTX_get_verify', AFailed);
+  X509_STORE_CTX_get_get_issuer := LoadFunction('X509_STORE_CTX_get_get_issuer', AFailed);
+  X509_STORE_CTX_get_check_issued := LoadFunction('X509_STORE_CTX_get_check_issued', AFailed);
+  X509_STORE_CTX_get_check_revocation := LoadFunction('X509_STORE_CTX_get_check_revocation', AFailed);
+  X509_STORE_CTX_get_get_crl := LoadFunction('X509_STORE_CTX_get_get_crl', AFailed);
+  X509_STORE_CTX_get_check_crl := LoadFunction('X509_STORE_CTX_get_check_crl', AFailed);
+  X509_STORE_CTX_get_cert_crl := LoadFunction('X509_STORE_CTX_get_cert_crl', AFailed);
+  X509_STORE_CTX_get_check_policy := LoadFunction('X509_STORE_CTX_get_check_policy', AFailed);
+  X509_STORE_CTX_get_cleanup := LoadFunction('X509_STORE_CTX_get_cleanup', AFailed);
+  X509_STORE_add_lookup := LoadFunction('X509_STORE_add_lookup', AFailed);
+  X509_LOOKUP_hash_dir := LoadFunction('X509_LOOKUP_hash_dir', AFailed);
+  X509_LOOKUP_file := LoadFunction('X509_LOOKUP_file', AFailed);
+  X509_LOOKUP_meth_new := LoadFunction('X509_LOOKUP_meth_new', AFailed);
+  X509_LOOKUP_meth_free := LoadFunction('X509_LOOKUP_meth_free', AFailed);
+  X509_LOOKUP_meth_set_ctrl := LoadFunction('X509_LOOKUP_meth_set_ctrl', AFailed);
+  X509_LOOKUP_meth_get_ctrl := LoadFunction('X509_LOOKUP_meth_get_ctrl', AFailed);
+  X509_LOOKUP_meth_set_get_by_subject := LoadFunction('X509_LOOKUP_meth_set_get_by_subject', AFailed);
+  X509_LOOKUP_meth_get_get_by_subject := LoadFunction('X509_LOOKUP_meth_get_get_by_subject', AFailed);
+  X509_LOOKUP_meth_set_get_by_issuer_serial := LoadFunction('X509_LOOKUP_meth_set_get_by_issuer_serial', AFailed);
+  X509_LOOKUP_meth_get_get_by_issuer_serial := LoadFunction('X509_LOOKUP_meth_get_get_by_issuer_serial', AFailed);
+  X509_LOOKUP_meth_set_get_by_fingerprint := LoadFunction('X509_LOOKUP_meth_set_get_by_fingerprint', AFailed);
+  X509_LOOKUP_meth_get_get_by_fingerprint := LoadFunction('X509_LOOKUP_meth_get_get_by_fingerprint', AFailed);
+  X509_LOOKUP_meth_set_get_by_alias := LoadFunction('X509_LOOKUP_meth_set_get_by_alias', AFailed);
+  X509_LOOKUP_meth_get_get_by_alias := LoadFunction('X509_LOOKUP_meth_get_get_by_alias', AFailed);
+  X509_STORE_add_cert := LoadFunction('X509_STORE_add_cert', AFailed);
+  X509_STORE_add_crl := LoadFunction('X509_STORE_add_crl', AFailed);
+  X509_STORE_CTX_get_by_subject := LoadFunction('X509_STORE_CTX_get_by_subject', AFailed);
+  X509_STORE_CTX_get_obj_by_subject := LoadFunction('X509_STORE_CTX_get_obj_by_subject', AFailed);
+  X509_LOOKUP_ctrl := LoadFunction('X509_LOOKUP_ctrl', AFailed);
+  X509_load_cert_file := LoadFunction('X509_load_cert_file', AFailed);
+  X509_load_crl_file := LoadFunction('X509_load_crl_file', AFailed);
+  X509_load_cert_crl_file := LoadFunction('X509_load_cert_crl_file', AFailed);
+  X509_LOOKUP_new := LoadFunction('X509_LOOKUP_new', AFailed);
+  X509_LOOKUP_free := LoadFunction('X509_LOOKUP_free', AFailed);
+  X509_LOOKUP_init := LoadFunction('X509_LOOKUP_init', AFailed);
+  X509_LOOKUP_by_subject := LoadFunction('X509_LOOKUP_by_subject', AFailed);
+  X509_LOOKUP_by_issuer_serial := LoadFunction('X509_LOOKUP_by_issuer_serial', AFailed);
+  X509_LOOKUP_by_fingerprint := LoadFunction('X509_LOOKUP_by_fingerprint', AFailed);
+  X509_LOOKUP_by_alias := LoadFunction('X509_LOOKUP_by_alias', AFailed);
+  X509_LOOKUP_set_method_data := LoadFunction('X509_LOOKUP_set_method_data', AFailed);
+  X509_LOOKUP_get_method_data := LoadFunction('X509_LOOKUP_get_method_data', AFailed);
+  X509_LOOKUP_get_store := LoadFunction('X509_LOOKUP_get_store', AFailed);
+  X509_LOOKUP_shutdown := LoadFunction('X509_LOOKUP_shutdown', AFailed);
+  X509_STORE_load_locations := LoadFunction('X509_STORE_load_locations', AFailed);
+  X509_STORE_set_default_paths := LoadFunction('X509_STORE_set_default_paths', AFailed);
+  X509_STORE_CTX_set_ex_data := LoadFunction('X509_STORE_CTX_set_ex_data', AFailed);
+  X509_STORE_CTX_get_ex_data := LoadFunction('X509_STORE_CTX_get_ex_data', AFailed);
+  X509_STORE_CTX_get_error := LoadFunction('X509_STORE_CTX_get_error', AFailed);
+  X509_STORE_CTX_set_error := LoadFunction('X509_STORE_CTX_set_error', AFailed);
+  X509_STORE_CTX_get_error_depth := LoadFunction('X509_STORE_CTX_get_error_depth', AFailed);
+  X509_STORE_CTX_set_error_depth := LoadFunction('X509_STORE_CTX_set_error_depth', AFailed);
+  X509_STORE_CTX_get_current_cert := LoadFunction('X509_STORE_CTX_get_current_cert', AFailed);
+  X509_STORE_CTX_set_current_cert := LoadFunction('X509_STORE_CTX_set_current_cert', AFailed);
+  X509_STORE_CTX_get0_current_issuer := LoadFunction('X509_STORE_CTX_get0_current_issuer', AFailed);
+  X509_STORE_CTX_get0_current_crl := LoadFunction('X509_STORE_CTX_get0_current_crl', AFailed);
+  X509_STORE_CTX_get0_parent_ctx := LoadFunction('X509_STORE_CTX_get0_parent_ctx', AFailed);
+  X509_STORE_CTX_set_cert := LoadFunction('X509_STORE_CTX_set_cert', AFailed);
+  X509_STORE_CTX_set_purpose := LoadFunction('X509_STORE_CTX_set_purpose', AFailed);
+  X509_STORE_CTX_set_trust := LoadFunction('X509_STORE_CTX_set_trust', AFailed);
+  X509_STORE_CTX_purpose_inherit := LoadFunction('X509_STORE_CTX_purpose_inherit', AFailed);
+  X509_STORE_CTX_set_flags := LoadFunction('X509_STORE_CTX_set_flags', AFailed);
+  X509_STORE_CTX_get0_policy_tree := LoadFunction('X509_STORE_CTX_get0_policy_tree', AFailed);
+  X509_STORE_CTX_get_explicit_policy := LoadFunction('X509_STORE_CTX_get_explicit_policy', AFailed);
+  X509_STORE_CTX_get_num_untrusted := LoadFunction('X509_STORE_CTX_get_num_untrusted', AFailed);
+  X509_STORE_CTX_get0_param := LoadFunction('X509_STORE_CTX_get0_param', AFailed);
+  X509_STORE_CTX_set0_param := LoadFunction('X509_STORE_CTX_set0_param', AFailed);
+  X509_STORE_CTX_set_default := LoadFunction('X509_STORE_CTX_set_default', AFailed);
+  X509_STORE_CTX_set0_dane := LoadFunction('X509_STORE_CTX_set0_dane', AFailed);
+  X509_VERIFY_PARAM_new := LoadFunction('X509_VERIFY_PARAM_new', AFailed);
+  X509_VERIFY_PARAM_free := LoadFunction('X509_VERIFY_PARAM_free', AFailed);
+  X509_VERIFY_PARAM_inherit := LoadFunction('X509_VERIFY_PARAM_inherit', AFailed);
+  X509_VERIFY_PARAM_set1 := LoadFunction('X509_VERIFY_PARAM_set1', AFailed);
+  X509_VERIFY_PARAM_set1_name := LoadFunction('X509_VERIFY_PARAM_set1_name', AFailed);
+  X509_VERIFY_PARAM_set_flags := LoadFunction('X509_VERIFY_PARAM_set_flags', AFailed);
+  X509_VERIFY_PARAM_clear_flags := LoadFunction('X509_VERIFY_PARAM_clear_flags', AFailed);
+  X509_VERIFY_PARAM_get_flags := LoadFunction('X509_VERIFY_PARAM_get_flags', AFailed);
+  X509_VERIFY_PARAM_set_purpose := LoadFunction('X509_VERIFY_PARAM_set_purpose', AFailed);
+  X509_VERIFY_PARAM_set_trust := LoadFunction('X509_VERIFY_PARAM_set_trust', AFailed);
+  X509_VERIFY_PARAM_set_depth := LoadFunction('X509_VERIFY_PARAM_set_depth', AFailed);
+  X509_VERIFY_PARAM_set_auth_level := LoadFunction('X509_VERIFY_PARAM_set_auth_level', AFailed);
+  X509_VERIFY_PARAM_add0_policy := LoadFunction('X509_VERIFY_PARAM_add0_policy', AFailed);
+  X509_VERIFY_PARAM_set_inh_flags := LoadFunction('X509_VERIFY_PARAM_set_inh_flags', AFailed);
+  X509_VERIFY_PARAM_get_inh_flags := LoadFunction('X509_VERIFY_PARAM_get_inh_flags', AFailed);
+  X509_VERIFY_PARAM_set1_host := LoadFunction('X509_VERIFY_PARAM_set1_host', AFailed);
+  X509_VERIFY_PARAM_add1_host := LoadFunction('X509_VERIFY_PARAM_add1_host', AFailed);
+  X509_VERIFY_PARAM_set_hostflags := LoadFunction('X509_VERIFY_PARAM_set_hostflags', AFailed);
+  X509_VERIFY_PARAM_get_hostflags := LoadFunction('X509_VERIFY_PARAM_get_hostflags', AFailed);
+  X509_VERIFY_PARAM_get0_peername := LoadFunction('X509_VERIFY_PARAM_get0_peername', AFailed);
+  X509_VERIFY_PARAM_move_peername := LoadFunction('X509_VERIFY_PARAM_move_peername', AFailed);
+  X509_VERIFY_PARAM_set1_email := LoadFunction('X509_VERIFY_PARAM_set1_email', AFailed);
+  X509_VERIFY_PARAM_set1_ip := LoadFunction('X509_VERIFY_PARAM_set1_ip', AFailed);
+  X509_VERIFY_PARAM_set1_ip_asc := LoadFunction('X509_VERIFY_PARAM_set1_ip_asc', AFailed);
+  X509_VERIFY_PARAM_get_depth := LoadFunction('X509_VERIFY_PARAM_get_depth', AFailed);
+  X509_VERIFY_PARAM_get_auth_level := LoadFunction('X509_VERIFY_PARAM_get_auth_level', AFailed);
+  X509_VERIFY_PARAM_get0_name := LoadFunction('X509_VERIFY_PARAM_get0_name', AFailed);
+  X509_VERIFY_PARAM_add0_table := LoadFunction('X509_VERIFY_PARAM_add0_table', AFailed);
+  X509_VERIFY_PARAM_get_count := LoadFunction('X509_VERIFY_PARAM_get_count', AFailed);
+  X509_VERIFY_PARAM_get0 := LoadFunction('X509_VERIFY_PARAM_get0', AFailed);
+  X509_VERIFY_PARAM_lookup := LoadFunction('X509_VERIFY_PARAM_lookup', AFailed);
+  X509_VERIFY_PARAM_table_cleanup := LoadFunction('X509_VERIFY_PARAM_table_cleanup', AFailed);
+  X509_policy_tree_free := LoadFunction('X509_policy_tree_free', AFailed);
+  X509_policy_tree_level_count := LoadFunction('X509_policy_tree_level_count', AFailed);
+  X509_policy_tree_get0_level := LoadFunction('X509_policy_tree_get0_level', AFailed);
+  X509_policy_level_node_count := LoadFunction('X509_policy_level_node_count', AFailed);
+  X509_policy_level_get0_node := LoadFunction('X509_policy_level_get0_node', AFailed);
+  X509_policy_node_get0_policy := LoadFunction('X509_policy_node_get0_policy', AFailed);
+  X509_policy_node_get0_parent := LoadFunction('X509_policy_node_get0_parent', AFailed);
+end;
+
+procedure UnLoad;
+begin
+  X509_STORE_set_depth := nil;
+  X509_STORE_CTX_set_depth := nil;
+  X509_OBJECT_up_ref_count := nil;
+  X509_OBJECT_new := nil;
+  X509_OBJECT_free := nil;
+  X509_OBJECT_get_type := nil;
+  X509_OBJECT_get0_X509 := nil;
+  X509_OBJECT_set1_X509 := nil;
+  X509_OBJECT_get0_X509_CRL := nil;
+  X509_OBJECT_set1_X509_CRL := nil;
+  X509_STORE_new := nil;
+  X509_STORE_free := nil;
+  X509_STORE_lock := nil;
+  X509_STORE_unlock := nil;
+  X509_STORE_up_ref := nil;
+  X509_STORE_set_flags := nil;
+  X509_STORE_set_purpose := nil;
+  X509_STORE_set_trust := nil;
+  X509_STORE_set1_param := nil;
+  X509_STORE_get0_param := nil;
+  X509_STORE_set_verify := nil;
+  X509_STORE_CTX_set_verify := nil;
+  X509_STORE_get_verify := nil;
+  X509_STORE_set_verify_cb := nil;
+  X509_STORE_get_verify_cb := nil;
+  X509_STORE_set_get_issuer := nil;
+  X509_STORE_get_get_issuer := nil;
+  X509_STORE_set_check_issued := nil;
+  X509_STORE_get_check_issued := nil;
+  X509_STORE_set_check_revocation := nil;
+  X509_STORE_get_check_revocation := nil;
+  X509_STORE_set_get_crl := nil;
+  X509_STORE_get_get_crl := nil;
+  X509_STORE_set_check_crl := nil;
+  X509_STORE_get_check_crl := nil;
+  X509_STORE_set_cert_crl := nil;
+  X509_STORE_get_cert_crl := nil;
+  X509_STORE_set_check_policy := nil;
+  X509_STORE_get_check_policy := nil;
+  X509_STORE_set_cleanup := nil;
+  X509_STORE_get_cleanup := nil;
+  X509_STORE_set_ex_data := nil;
+  X509_STORE_get_ex_data := nil;
+  X509_STORE_CTX_new := nil;
+  X509_STORE_CTX_get1_issuer := nil;
+  X509_STORE_CTX_free := nil;
+  X509_STORE_CTX_cleanup := nil;
+  X509_STORE_CTX_get0_store := nil;
+  X509_STORE_CTX_get0_cert := nil;
+  X509_STORE_CTX_set_verify_cb := nil;
+  X509_STORE_CTX_get_verify_cb := nil;
+  X509_STORE_CTX_get_verify := nil;
+  X509_STORE_CTX_get_get_issuer := nil;
+  X509_STORE_CTX_get_check_issued := nil;
+  X509_STORE_CTX_get_check_revocation := nil;
+  X509_STORE_CTX_get_get_crl := nil;
+  X509_STORE_CTX_get_check_crl := nil;
+  X509_STORE_CTX_get_cert_crl := nil;
+  X509_STORE_CTX_get_check_policy := nil;
+  X509_STORE_CTX_get_cleanup := nil;
+  X509_STORE_add_lookup := nil;
+  X509_LOOKUP_hash_dir := nil;
+  X509_LOOKUP_file := nil;
+  X509_LOOKUP_meth_new := nil;
+  X509_LOOKUP_meth_free := nil;
+  X509_LOOKUP_meth_set_ctrl := nil;
+  X509_LOOKUP_meth_get_ctrl := nil;
+  X509_LOOKUP_meth_set_get_by_subject := nil;
+  X509_LOOKUP_meth_get_get_by_subject := nil;
+  X509_LOOKUP_meth_set_get_by_issuer_serial := nil;
+  X509_LOOKUP_meth_get_get_by_issuer_serial := nil;
+  X509_LOOKUP_meth_set_get_by_fingerprint := nil;
+  X509_LOOKUP_meth_get_get_by_fingerprint := nil;
+  X509_LOOKUP_meth_set_get_by_alias := nil;
+  X509_LOOKUP_meth_get_get_by_alias := nil;
+  X509_STORE_add_cert := nil;
+  X509_STORE_add_crl := nil;
+  X509_STORE_CTX_get_by_subject := nil;
+  X509_STORE_CTX_get_obj_by_subject := nil;
+  X509_LOOKUP_ctrl := nil;
+  X509_load_cert_file := nil;
+  X509_load_crl_file := nil;
+  X509_load_cert_crl_file := nil;
+  X509_LOOKUP_new := nil;
+  X509_LOOKUP_free := nil;
+  X509_LOOKUP_init := nil;
+  X509_LOOKUP_by_subject := nil;
+  X509_LOOKUP_by_issuer_serial := nil;
+  X509_LOOKUP_by_fingerprint := nil;
+  X509_LOOKUP_by_alias := nil;
+  X509_LOOKUP_set_method_data := nil;
+  X509_LOOKUP_get_method_data := nil;
+  X509_LOOKUP_get_store := nil;
+  X509_LOOKUP_shutdown := nil;
+  X509_STORE_load_locations := nil;
+  X509_STORE_set_default_paths := nil;
+  X509_STORE_CTX_set_ex_data := nil;
+  X509_STORE_CTX_get_ex_data := nil;
+  X509_STORE_CTX_get_error := nil;
+  X509_STORE_CTX_set_error := nil;
+  X509_STORE_CTX_get_error_depth := nil;
+  X509_STORE_CTX_set_error_depth := nil;
+  X509_STORE_CTX_get_current_cert := nil;
+  X509_STORE_CTX_set_current_cert := nil;
+  X509_STORE_CTX_get0_current_issuer := nil;
+  X509_STORE_CTX_get0_current_crl := nil;
+  X509_STORE_CTX_get0_parent_ctx := nil;
+  X509_STORE_CTX_set_cert := nil;
+  X509_STORE_CTX_set_purpose := nil;
+  X509_STORE_CTX_set_trust := nil;
+  X509_STORE_CTX_purpose_inherit := nil;
+  X509_STORE_CTX_set_flags := nil;
+  X509_STORE_CTX_get0_policy_tree := nil;
+  X509_STORE_CTX_get_explicit_policy := nil;
+  X509_STORE_CTX_get_num_untrusted := nil;
+  X509_STORE_CTX_get0_param := nil;
+  X509_STORE_CTX_set0_param := nil;
+  X509_STORE_CTX_set_default := nil;
+  X509_STORE_CTX_set0_dane := nil;
+  X509_VERIFY_PARAM_new := nil;
+  X509_VERIFY_PARAM_free := nil;
+  X509_VERIFY_PARAM_inherit := nil;
+  X509_VERIFY_PARAM_set1 := nil;
+  X509_VERIFY_PARAM_set1_name := nil;
+  X509_VERIFY_PARAM_set_flags := nil;
+  X509_VERIFY_PARAM_clear_flags := nil;
+  X509_VERIFY_PARAM_get_flags := nil;
+  X509_VERIFY_PARAM_set_purpose := nil;
+  X509_VERIFY_PARAM_set_trust := nil;
+  X509_VERIFY_PARAM_set_depth := nil;
+  X509_VERIFY_PARAM_set_auth_level := nil;
+  X509_VERIFY_PARAM_add0_policy := nil;
+  X509_VERIFY_PARAM_set_inh_flags := nil;
+  X509_VERIFY_PARAM_get_inh_flags := nil;
+  X509_VERIFY_PARAM_set1_host := nil;
+  X509_VERIFY_PARAM_add1_host := nil;
+  X509_VERIFY_PARAM_set_hostflags := nil;
+  X509_VERIFY_PARAM_get_hostflags := nil;
+  X509_VERIFY_PARAM_get0_peername := nil;
+  X509_VERIFY_PARAM_move_peername := nil;
+  X509_VERIFY_PARAM_set1_email := nil;
+  X509_VERIFY_PARAM_set1_ip := nil;
+  X509_VERIFY_PARAM_set1_ip_asc := nil;
+  X509_VERIFY_PARAM_get_depth := nil;
+  X509_VERIFY_PARAM_get_auth_level := nil;
+  X509_VERIFY_PARAM_get0_name := nil;
+  X509_VERIFY_PARAM_add0_table := nil;
+  X509_VERIFY_PARAM_get_count := nil;
+  X509_VERIFY_PARAM_get0 := nil;
+  X509_VERIFY_PARAM_lookup := nil;
+  X509_VERIFY_PARAM_table_cleanup := nil;
+  X509_policy_tree_free := nil;
+  X509_policy_tree_level_count := nil;
+  X509_policy_tree_get0_level := nil;
+  X509_policy_level_node_count := nil;
+  X509_policy_level_get0_node := nil;
+  X509_policy_node_get0_policy := nil;
+  X509_policy_node_get0_parent := nil;
+end;
+{$ENDREGION}
+
+end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_x509err.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_x509err.pas
new file mode 100644
index 000000000..d95f7ab3f
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_x509err.pas
@@ -0,0 +1,186 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 15:01:04
+
+unit IdOpenSSLHeaders_x509err;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// x509err.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  Classes,
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+const
+  (*
+   * X509 function codes.
+   *)
+  X509_F_ADD_CERT_DIR                       = 100;
+  X509_F_BUILD_CHAIN                        = 106;
+  X509_F_BY_FILE_CTRL                       = 101;
+  X509_F_CHECK_NAME_CONSTRAINTS             = 149;
+  X509_F_CHECK_POLICY                       = 145;
+  X509_F_DANE_I2D                           = 107;
+  X509_F_DIR_CTRL                           = 102;
+  X509_F_GET_CERT_BY_SUBJECT                = 103;
+  X509_F_I2D_X509_AUX                       = 151;
+  X509_F_LOOKUP_CERTS_SK                    = 152;
+  X509_F_NETSCAPE_SPKI_B64_DECODE           = 129;
+  X509_F_NETSCAPE_SPKI_B64_ENCODE           = 130;
+  X509_F_NEW_DIR                            = 153;
+  X509_F_X509AT_ADD1_ATTR                   = 135;
+  X509_F_X509V3_ADD_EXT                     = 104;
+  X509_F_X509_ATTRIBUTE_CREATE_BY_NID       = 136;
+  X509_F_X509_ATTRIBUTE_CREATE_BY_OBJ       = 137;
+  X509_F_X509_ATTRIBUTE_CREATE_BY_TXT       = 140;
+  X509_F_X509_ATTRIBUTE_GET0_DATA           = 139;
+  X509_F_X509_ATTRIBUTE_SET1_DATA           = 138;
+  X509_F_X509_CHECK_PRIVATE_KEY             = 128;
+  X509_F_X509_CRL_DIFF                      = 105;
+  X509_F_X509_CRL_METHOD_NEW                = 154;
+  X509_F_X509_CRL_PRINT_FP                  = 147;
+  X509_F_X509_EXTENSION_CREATE_BY_NID       = 108;
+  X509_F_X509_EXTENSION_CREATE_BY_OBJ       = 109;
+  X509_F_X509_GET_PUBKEY_PARAMETERS         = 110;
+  X509_F_X509_LOAD_CERT_CRL_FILE            = 132;
+  X509_F_X509_LOAD_CERT_FILE                = 111;
+  X509_F_X509_LOAD_CRL_FILE                 = 112;
+  X509_F_X509_LOOKUP_METH_NEW               = 160;
+  X509_F_X509_LOOKUP_NEW                    = 155;
+  X509_F_X509_NAME_ADD_ENTRY                = 113;
+  X509_F_X509_NAME_CANON                    = 156;
+  X509_F_X509_NAME_ENTRY_CREATE_BY_NID      = 114;
+  X509_F_X509_NAME_ENTRY_CREATE_BY_TXT      = 131;
+  X509_F_X509_NAME_ENTRY_SET_OBJECT         = 115;
+  X509_F_X509_NAME_ONELINE                  = 116;
+  X509_F_X509_NAME_PRINT                    = 117;
+  X509_F_X509_OBJECT_NEW                    = 150;
+  X509_F_X509_PRINT_EX_FP                   = 118;
+  X509_F_X509_PUBKEY_DECODE                 = 148;
+  X509_F_X509_PUBKEY_GET0                   = 119;
+  X509_F_X509_PUBKEY_SET                    = 120;
+  X509_F_X509_REQ_CHECK_PRIVATE_KEY         = 144;
+  X509_F_X509_REQ_PRINT_EX                  = 121;
+  X509_F_X509_REQ_PRINT_FP                  = 122;
+  X509_F_X509_REQ_TO_X509                   = 123;
+  X509_F_X509_STORE_ADD_CERT                = 124;
+  X509_F_X509_STORE_ADD_CRL                 = 125;
+  X509_F_X509_STORE_ADD_LOOKUP              = 157;
+  X509_F_X509_STORE_CTX_GET1_ISSUER         = 146;
+  X509_F_X509_STORE_CTX_INIT                = 143;
+  X509_F_X509_STORE_CTX_NEW                 = 142;
+  X509_F_X509_STORE_CTX_PURPOSE_INHERIT     = 134;
+  X509_F_X509_STORE_NEW                     = 158;
+  X509_F_X509_TO_X509_REQ                   = 126;
+  X509_F_X509_TRUST_ADD                     = 133;
+  X509_F_X509_TRUST_SET                     = 141;
+  X509_F_X509_VERIFY_CERT                   = 127;
+  X509_F_X509_VERIFY_PARAM_NEW              = 159;
+
+  (*
+   * X509 reason codes.
+   *)
+  X509_R_AKID_MISMATCH                      = 110;
+  X509_R_BAD_SELECTOR                       = 133;
+  X509_R_BAD_X509_FILETYPE                  = 100;
+  X509_R_BASE64_DECODE_ERROR                = 118;
+  X509_R_CANT_CHECK_DH_KEY                  = 114;
+  X509_R_CERT_ALREADY_IN_HASH_TABLE         = 101;
+  X509_R_CRL_ALREADY_DELTA                  = 127;
+  X509_R_CRL_VERIFY_FAILURE                 = 131;
+  X509_R_IDP_MISMATCH                       = 128;
+  X509_R_INVALID_ATTRIBUTES                 = 138;
+  X509_R_INVALID_DIRECTORY                  = 113;
+  X509_R_INVALID_FIELD_NAME                 = 119;
+  X509_R_INVALID_TRUST                      = 123;
+  X509_R_ISSUER_MISMATCH                    = 129;
+  X509_R_KEY_TYPE_MISMATCH                  = 115;
+  X509_R_KEY_VALUES_MISMATCH                = 116;
+  X509_R_LOADING_CERT_DIR                   = 103;
+  X509_R_LOADING_DEFAULTS                   = 104;
+  X509_R_METHOD_NOT_SUPPORTED               = 124;
+  X509_R_NAME_TOO_LONG                      = 134;
+  X509_R_NEWER_CRL_NOT_NEWER                = 132;
+  X509_R_NO_CERTIFICATE_FOUND               = 135;
+  X509_R_NO_CERTIFICATE_OR_CRL_FOUND        = 136;
+  X509_R_NO_CERT_SET_FOR_US_TO_VERIFY       = 105;
+  X509_R_NO_CRL_FOUND                       = 137;
+  X509_R_NO_CRL_NUMBER                      = 130;
+  X509_R_PUBLIC_KEY_DECODE_ERROR            = 125;
+  X509_R_PUBLIC_KEY_ENCODE_ERROR            = 126;
+  X509_R_SHOULD_RETRY                       = 106;
+  X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN = 107;
+  X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY     = 108;
+  X509_R_UNKNOWN_KEY_TYPE                   = 117;
+  X509_R_UNKNOWN_NID                        = 109;
+  X509_R_UNKNOWN_PURPOSE_ID                 = 121;
+  X509_R_UNKNOWN_TRUST_ID                   = 120;
+  X509_R_UNSUPPORTED_ALGORITHM              = 111;
+  X509_R_WRONG_LOOKUP_TYPE                  = 112;
+  X509_R_WRONG_TYPE                         = 122;
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+procedure UnLoad;
+{$ENDREGION}
+
+var
+  ERR_load_X509_strings: function: TIdC_INT cdecl = nil;
+
+implementation
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+
+  function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
+  begin
+    Result := LoadLibFunction(ADllHandle, AMethodName);
+    if not Assigned(Result) then
+      AFailed.Add(AMethodName);
+  end;
+
+begin
+  ERR_load_X509_strings := LoadFunction('ERR_load_X509_strings', AFailed);
+end;
+
+procedure UnLoad;
+begin
+  ERR_load_X509_strings := nil;
+end;
+{$ENDREGION}
+
+end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_x509v3.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_x509v3.pas
new file mode 100644
index 000000000..96dfdcb09
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_x509v3.pas
@@ -0,0 +1,1124 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 15:01:04
+
+unit IdOpenSSLHeaders_x509v3;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// x509v3.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  Classes,
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts,
+  IdOpenSSLHeaders_ossl_typ,
+  IdOpenSSLHeaders_asn1,
+  IdOpenSSLHeaders_asn1t,
+  IdOpenSSLHeaders_x509,
+  System.Types;
+
+const
+  (* ext_flags values *)
+  X509V3_EXT_DYNAMIC      = $1;
+  X509V3_EXT_CTX_DEP      = $2;
+  X509V3_EXT_MULTILINE    = $4;
+
+  // v3_ext_ctx
+  CTX_TEST = $1;
+  X509V3_CTX_REPLACE = $2;
+
+  // GENERAL_NAME_st
+  GEN_OTHERNAME   = 0;
+  GEN_EMAIL       = 1;
+  GEN_DNS         = 2;
+  GEN_X400        = 3;
+  GEN_DIRNAME     = 4;
+  GEN_EDIPARTY    = 5;
+  GEN_URI         = 6;
+  GEN_IPADD       = 7;
+  GEN_RID         = 8;
+
+  (* All existing reasons *)
+  CRLDP_ALL_REASONS       = $807f;
+
+  CRL_REASON_NONE                         = -1;
+  CRL_REASON_UNSPECIFIED                  = 0;
+  CRL_REASON_KEY_COMPROMISE               = 1;
+  CRL_REASON_CA_COMPROMISE                = 2;
+  CRL_REASON_AFFILIATION_CHANGED          = 3;
+  CRL_REASON_SUPERSEDED                   = 4;
+  CRL_REASON_CESSATION_OF_OPERATION       = 5;
+  CRL_REASON_CERTIFICATE_HOLD             = 6;
+  CRL_REASON_REMOVE_FROM_CRL              = 8;
+  CRL_REASON_PRIVILEGE_WITHDRAWN          = 9;
+  CRL_REASON_AA_COMPROMISE                = 10;
+
+  (* Values in idp_flags field *)
+  (* IDP present *)
+  IDP_PRESENT     = $1;
+  (* IDP values inconsistent *)
+  IDP_INVALID     = $2;
+  (* onlyuser true *)
+  IDP_ONLYUSER    = $4;
+  (* onlyCA true *)
+  IDP_ONLYCA      = $8;
+  (* onlyattr true *)
+  IDP_ONLYATTR    = $10;
+  (* indirectCRL true *)
+  IDP_INDIRECT    = $20;
+  (* onlysomereasons present *)
+  IDP_REASONS     = $40;
+
+  EXT_END: array[0..13] of TIdC_INT = (-1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0);
+
+  (* X509_PURPOSE stuff *)
+
+  EXFLAG_BCONS            = $1;
+  EXFLAG_KUSAGE           = $2;
+  EXFLAG_XKUSAGE          = $4;
+  EXFLAG_NSCERT           = $8;
+
+  EXFLAG_CA               = $10;
+  (* Really self issued not necessarily self signed *)
+  EXFLAG_SI               = $20;
+  EXFLAG_V1               = $40;
+  EXFLAG_INVALID          = $80;
+  (* EXFLAG_SET is set to indicate that some values have been precomputed *)
+  EXFLAG_SET              = $100;
+  EXFLAG_CRITICAL         = $200;
+  EXFLAG_PROXY            = $400;
+
+  EXFLAG_INVALID_POLICY   = $800;
+  EXFLAG_FRESHEST         = $1000;
+  (* Self signed *)
+  EXFLAG_SS               = $2000;
+
+  KU_DIGITAL_SIGNATURE    = $0080;
+  KU_NON_REPUDIATION      = $0040;
+  KU_KEY_ENCIPHERMENT     = $0020;
+  KU_DATA_ENCIPHERMENT    = $0010;
+  KU_KEY_AGREEMENT        = $0008;
+  KU_KEY_CERT_SIGN        = $0004;
+  KU_CRL_SIGN             = $0002;
+  KU_ENCIPHER_ONLY        = $0001;
+  KU_DECIPHER_ONLY        = $8000;
+
+  NS_SSL_CLIENT           = $80;
+  NS_SSL_SERVER           = $40;
+  NS_SMIME                = $20;
+  NS_OBJSIGN              = $10;
+  NS_SSL_CA               = $04;
+  NS_SMIME_CA             = $02;
+  NS_OBJSIGN_CA           = $01;
+  NS_ANY_CA               = NS_SSL_CA or NS_SMIME_CA or NS_OBJSIGN_CA;
+
+  XKU_SSL_SERVER          = $1;
+  XKU_SSL_CLIENT          = $2;
+  XKU_SMIME               = $4;
+  XKU_CODE_SIGN           = $8;
+  XKU_SGC                 = $10;
+  XKU_OCSP_SIGN           = $20;
+  XKU_TIMESTAMP           = $40;
+  XKU_DVCS                = $80;
+  XKU_ANYEKU              = $100;
+
+  X509_PURPOSE_DYNAMIC    = $1;
+  X509_PURPOSE_DYNAMIC_NAME       = $2;
+
+  X509_PURPOSE_SSL_CLIENT         = 1;
+  X509_PURPOSE_SSL_SERVER         = 2;
+  X509_PURPOSE_NS_SSL_SERVER      = 3;
+  X509_PURPOSE_SMIME_SIGN         = 4;
+  X509_PURPOSE_SMIME_ENCRYPT      = 5;
+  X509_PURPOSE_CRL_SIGN           = 6;
+  X509_PURPOSE_ANY                = 7;
+  X509_PURPOSE_OCSP_HELPER        = 8;
+  X509_PURPOSE_TIMESTAMP_SIGN     = 9;
+
+  X509_PURPOSE_MIN                = 1;
+  X509_PURPOSE_MAX                = 9;
+
+  (* Flags for X509V3_EXT_print() *)
+
+  X509V3_EXT_UNKNOWN_MASK         = TIdC_LONG($f) shl 16;
+  (* Return error for unknown extensions *)
+  X509V3_EXT_DEFAULT              = 0;
+  (* Print error for unknown extensions *)
+  X509V3_EXT_ERROR_UNKNOWN        = TIdC_LONG(1) shl 16;
+  (* ASN1 parse unknown extensions *)
+  X509V3_EXT_PARSE_UNKNOWN        = TIdC_LONG(2) shl 16;
+  (* BIO_dump unknown extensions *)
+  X509V3_EXT_DUMP_UNKNOWN         = TIdC_LONG(3) shl 16;
+
+  (* Flags for X509V3_add1_i2d *)
+
+  X509V3_ADD_OP_MASK              = TIdC_LONG($f);
+  X509V3_ADD_DEFAULT              = TIdC_LONG(0);
+  X509V3_ADD_APPEND               = TIdC_LONG(1);
+  X509V3_ADD_REPLACE              = TIdC_LONG(2);
+  X509V3_ADD_REPLACE_EXISTING     = TIdC_LONG(3);
+  X509V3_ADD_KEEP_EXISTING        = TIdC_LONG(4);
+  X509V3_ADD_DELETE               = TIdC_LONG(5);
+  X509V3_ADD_SILENT               = $10;
+
+  (* Flags for X509_check_* functions *)
+
+  (*
+   * Always check subject name for host match even if subject alt names present
+   *)
+  X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT    = $1;
+  (* Disable wildcard matching for dnsName fields and common name. *)
+  X509_CHECK_FLAG_NO_WILDCARDS    = $2;
+  (* Wildcards must not match a partial label. *)
+  X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS = $4;
+  (* Allow (non-partial) wildcards to match multiple labels. *)
+  X509_CHECK_FLAG_MULTI_LABEL_WILDCARDS = $8;
+  (* Constraint verifier subdomain patterns to match a single labels. *)
+  X509_CHECK_FLAG_SINGLE_LABEL_SUBDOMAINS = $10;
+  (* Never check the subject CN *)
+  X509_CHECK_FLAG_NEVER_CHECK_SUBJECT    = $20;
+  (*
+   * Match reference identifiers starting with "." to any sub-domain.
+   * This is a non-public flag, turned on implicitly when the subject
+   * reference identity is a DNS name.
+   *)
+  _X509_CHECK_FLAG_DOT_SUBDOMAINS = $8000;
+
+  ASIdOrRange_id          = 0;
+  ASIdOrRange_range       = 1;
+
+  ASIdentifierChoice_inherit              = 0;
+  ASIdentifierChoice_asIdsOrRanges        = 1;
+
+  IPAddressOrRange_addressPrefix  = 0;
+  IPAddressOrRange_addressRange   = 1;
+
+  IPAddressChoice_inherit                 = 0;
+  IPAddressChoice_addressesOrRanges       = 1;
+
+  (*
+   * API tag for elements of the ASIdentifer SEQUENCE.
+   *)
+  V3_ASID_ASNUM   = 0;
+  V3_ASID_RDI     = 1;
+
+  (*
+   * AFI values, assigned by IANA.  It'd be nice to make the AFI
+   * handling code totally generic, but there are too many little things
+   * that would need to be defined for other address families for it to
+   * be worth the trouble.
+   *)
+  IANA_AFI_IPV4   = 1;
+  IANA_AFI_IPV6   = 2;
+
+type
+  (* Forward reference *)
+  //Pv3_ext_method = ^v3_ext_method;
+  //Pv3_ext_ctx = ^v3_ext_ctx;
+
+  (* Useful typedefs *)
+
+  //X509V3_EXT_NEW = function: Pointer; cdecl;
+  //X509V3_EXT_FREE = procedure(v1: Pointer); cdecl;
+  //X509V3_EXT_D2I = function(v1: Pointer; v2: PPByte; v3: TIdC_Long): Pointer; cdecl;
+  //X509V3_EXT_I2D = function(v1: Pointer; v2: PPByte): TIdC_INT; cdecl;
+//  typedef STACK_OF(CONF_VALUE) *
+//      (*X509V3_EXT_I2V) (const struct v3_ext_method *method, void *ext,
+//                         STACK_OF(CONF_VALUE) *extlist);
+//  typedef void *(*X509V3_EXT_V2I)(const struct v3_ext_method *method,
+//                                  struct v3_ext_ctx *ctx,
+//                                  STACK_OF(CONF_VALUE) *values);
+  //X509V3_EXT_I2S = function(method: Pv3_ext_method; ext: Pointer): PIdAnsiChar; cdecl;
+  //X509V3_EXT_S2I = function(method: Pv3_ext_method; ctx: Pv3_ext_ctx; const str: PIdAnsiChar): Pointer; cdecl;
+  //X509V3_EXT_I2R = function(const method: Pv3_ext_method; ext: Pointer; &out: PBIO; indent: TIdC_INT): TIdC_INT; cdecl;
+  //X509V3_EXT_R2I = function(const method: Pv3_ext_method; ctx: Pv3_ext_ctx; const str: PIdAnsiChar): Pointer; cdecl;
+
+//  (* V3 extension structure *)
+//  v3_ext_method = record
+//    ext_nid: TIdC_INT;
+//    ext_flags: TIdC_INT;
+//(* If this is set the following four fields are ignored *)
+//    it: PASN1_ITEM_EXP;
+//(* Old style ASN1 calls *)
+//    ext_new: X509V3_EXT_NEW;
+//    ext_free: X509V3_EXT_FREE;
+//    d2i: X509V3_EXT_D2I;
+//    i2d: X509V3_EXT_I2D;
+//(* The following pair is used for string extensions *)
+//    i2s: X509V3_EXT_I2S;
+//    s2i: X509V3_EXT_S2I;
+//(* The following pair is used for multi-valued extensions *)
+//    i2v: X509V3_EXT_I2V;
+//    v2i: X509V3_EXT_V2I;
+//(* The following are used for raw extensions *)
+//    i2r: X509V3_EXT_I2R;
+//    r2i: X509V3_EXT_R2I;
+//    usr_data: Pointer;             (* Any extension specific data *)
+//  end;
+//  X509V3_EXT_METHOD = v3_ext_method;
+//  PX509V3_EXT_METHOD = ^X509V3_EXT_METHOD;
+//  DEFINE_STACK_OF(X509V3_EXT_METHOD)
+
+//  typedef struct X509V3_CONF_METHOD_st {
+//      PIdAnsiChar *(*get_string) (void *db, const section: PIdAnsiChar, const value: PIdAnsiChar);
+//      STACK_OF(CONF_VALUE) *(*get_section) (void *db, const section: PIdAnsiChar);
+//      void (*free_string) (void *db, PIdAnsiChar *string);
+//      void (*free_section) (void *db, STACK_OF(CONF_VALUE) *section);
+//  } X509V3_CONF_METHOD;
+
+// Moved to ossl_typ
+//  (* Context specific info *)
+//  v3_ext_ctx = record
+//    flags: TIdC_INT;
+//    issuer_cert: PX509;
+//    subject_cert: PX509;
+//    subject_req: PX509_REQ;
+//    crl: PX509_CRL;
+//    db_meth: PX509V3_CONF_METHOD;
+//    db: Pointer;
+//  (* Maybe more here *)
+//  end;
+
+  ENUMERATED_NAMES = BIT_STRING_BITNAME;
+
+  BASIC_CONSTRAINTS_st = record
+    ca: TIdC_INT;
+    pathlen: PASN1_INTEGER;
+  end;
+  BASIC_CONSTRAINTS = BASIC_CONSTRAINTS_st;
+  PBASIC_CONSTRAINTS = ^BASIC_CONSTRAINTS;
+
+  PKEY_USAGE_PERIOD_st = record
+    notBefore: PASN1_GENERALIZEDTIME;
+    notAfter: PASN1_GENERALIZEDTIME;
+  end;
+  PKEY_USAGE_PERIOD = PKEY_USAGE_PERIOD_st;
+  PPKEY_USAGE_PERIOD = ^PKEY_USAGE_PERIOD;
+
+  otherName_st = record
+    type_id: PASN1_OBJECT;
+    value: PASN1_TYPE;
+  end;
+  OTHERNAME = otherName_st;
+  POTHERNAME = ^OTHERNAME;
+
+  EDIPartyName_st  = record
+    nameAssigner: PASN1_STRING;
+    partyName: PASN1_STRING;
+  end;
+  EDIPARTYNAME = EDIPartyName_st;
+  PEDIPARTYNAME = ^EDIPARTYNAME;
+
+  GENERAL_NAME_st_union = record
+    case DWORD of
+      0: (ptr: PIdAnsiChar);
+      1: (otherName: POTHERNAME);   (* otherName *)
+      2: (rfc822Name: PASN1_IA5STRING);
+      3: (dNSName: PASN1_IA5STRING);
+      4: (x400Address: PASN1_TYPE);
+      5: (directoryName: PX509_NAME);
+      6: (ediPartyName: PEDIPARTYNAME);
+      7: (uniformResourceIdentifier: PASN1_IA5STRING);
+      8: (iPAddress: PASN1_OCTET_STRING);
+      9: (registeredID: PASN1_OBJECT);
+      (* Old names *)
+      10: (ip: PASN1_OCTET_STRING);  (* iPAddress *)
+      11: (dirn: PX509_NAME);        (* dirn *)
+      12: (ia5: PASN1_IA5STRING);    (* rfc822Name, dNSName,
+                                      * uniformResourceIdentifier *)
+      13: (rid: PASN1_OBJECT);       (* registeredID *)
+      14: (other: PASN1_TYPE);       (* x400Address *)
+  end;
+  GENERAL_NAME_st = record
+    &type: TIdC_INT;
+    d: GENERAL_NAME_st_union;
+  end;
+  GENERAL_NAME = GENERAL_NAME_st;
+  PGENERAL_NAME = ^GENERAL_NAME;
+
+  ACCESS_DESCRIPTION_st = record
+    method: PASN1_OBJECT;
+    location: PGENERAL_NAME;
+  end;
+  ACCESS_DESCRIPTION = ACCESS_DESCRIPTION_st;
+  PACCESS_DESCRIPTION = ^ACCESS_DESCRIPTION;
+
+//  typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS;
+
+//  typedef STACK_OF(ASN1_OBJECT) EXTENDED_KEY_USAGE;
+
+//  typedef STACK_OF(ASN1_INTEGER) TLS_FEATURE;
+
+//  DEFINE_STACK_OF(GENERAL_NAME)
+//  typedef STACK_OF(GENERAL_NAME) GENERAL_NAMES;
+//  DEFINE_STACK_OF(GENERAL_NAMES)
+
+//  DEFINE_STACK_OF(ACCESS_DESCRIPTION)
+//  DIST_POINT_NAME_st_union = record
+//    case DWord of
+//      0: (GENERAL_NAMES *fullname);
+//      1: (STACK_OF(X509_NAME_ENTRY) *relativename);
+//  end;
+  DIST_POINT_NAME_st = record
+    &type: TIdC_INT;
+    (* If relativename then this contains the full distribution point name *)
+    dpname: PX509_NAME;
+  end;
+  DIST_POINT_NAME = DIST_POINT_NAME_st;
+  PDIST_POINT_NAME = ^DIST_POINT_NAME;
+
+
+//  struct DIST_POINT_ST {
+//      DIST_POINT_NAME *distpoint;
+//      ASN1_BIT_STRING *reasons;
+//      GENERAL_NAMES *CRLissuer;
+//      TIdC_INT dp_reasons;
+//  };
+
+//  typedef STACK_OF(DIST_POINT) CRL_DIST_POINTS;
+
+//  DEFINE_STACK_OF(DIST_POINT)
+
+//  AUTHORITY_KEYID_st = record
+//    keyid: PASN1_OCTET_STRING;
+//    issuer: PGENERAL_NAMES;
+//    serial: PASN1_INTEGER;
+//  end;
+
+  (* Strong extranet structures *)
+
+  SXNET_ID_st = record
+    zone: PASN1_INTEGER;
+    user: PASN1_OCTET_STRING;
+  end;
+  SXNETID = SXNET_ID_st;
+  PSXNETID = ^SXNETID;
+//  DEFINE_STACK_OF(SXNETID)
+
+//  SXNET_st = record
+//    ASN1_INTEGER *version;
+//    STACK_OF(SXNETID) *ids;
+//  end;
+//  SXNET = SXNET_st;
+//  PSXNET = ^SXNET;
+
+//  NOTICEREF_st = record
+//    ASN1_STRING *organization;
+//    STACK_OF(ASN1_INTEGER) *noticenos;
+//  end;
+//  NOTICEREF = NOTICEREF_st;
+//  PNOTICEREF = ^NOTICEREF;
+
+//  USERNOTICE_st = record
+//    noticeref: PNOTICEREF;
+//    exptext: PASN1_STRING;
+//  end;
+//  USERNOTICE = USERNOTICE_st;
+//  PUSERNOTICE = ^USERNOTICE;
+
+//  POLICYQUALINFO_st_union = record
+//    case DWord of
+//      0: (cpsuri: PASN1_IA5STRING);
+//      1: (usernotice: PUSERNOTICE);
+//      2: (other: PASN1_TYPE);
+//  end;
+//  POLICYQUALINFO_st = record
+//    pqualid: PASN1_OBJECT;
+//    d: POLICYQUALINFO_st_union;
+//  end;
+//  POLICYQUALINFO = POLICYQUALINFO_st;
+//  PPOLICYQUALINFO = ^POLICYQUALINFO;
+//  DEFINE_STACK_OF(POLICYQUALINFO)
+
+//  POLICYINFO_st = record
+//    ASN1_OBJECT *policyid;
+//    STACK_OF(POLICYQUALINFO) *qualifiers;
+//  end;
+//  POLICYINFO = POLICYINFO_st;
+//  PPOLICYINFO = ^POLICYINFO;
+//  typedef STACK_OF(POLICYINFO) CERTIFICATEPOLICIES;
+//  DEFINE_STACK_OF(POLICYINFO)
+
+  POLICY_MAPPING_st = record
+    issuerDomainPolicy: PASN1_OBJECT;
+    subjectDomainPolicy: PASN1_OBJECT;
+  end;
+  POLICY_MAPPING = POLICY_MAPPING_st;
+  PPOLICY_MAPPING = ^POLICY_MAPPING;
+//  DEFINE_STACK_OF(POLICY_MAPPING)
+//  typedef STACK_OF(POLICY_MAPPING) POLICY_MAPPINGS;
+
+  GENERAL_SUBTREE_st = record
+    base: PGENERAL_NAME;
+    minimum: PASN1_INTEGER;
+    maximum: PASN1_INTEGER;
+  end;
+  GENERAL_SUBTREE = GENERAL_SUBTREE_st;
+  PGENERAL_SUBTREE = ^GENERAL_SUBTREE;
+//  DEFINE_STACK_OF(GENERAL_SUBTREE)
+
+//  NAME_CONSTRAINTS_st = record
+//    STACK_OF(GENERAL_SUBTREE) *permittedSubtrees;
+//    STACK_OF(GENERAL_SUBTREE) *excludedSubtrees;
+//  end;
+
+  POLICY_CONSTRAINTS_st = record
+    requireExplicitPolicy: PASN1_INTEGER;
+    inhibitPolicyMapping: PASN1_INTEGER;
+  end;
+  POLICY_CONSTRAINTS = POLICY_CONSTRAINTS_st;
+  PPOLICY_CONSTRAINTS = ^POLICY_CONSTRAINTS;
+
+  (* Proxy certificate structures, see RFC 3820 *)
+  PROXY_POLICY_st = record
+    policyLanguage: PASN1_OBJECT;
+    policy: PASN1_OCTET_STRING;
+  end;
+  PROXY_POLICY = PROXY_POLICY_st;
+  PPROXY_POLICY = ^PROXY_POLICY;
+//  DECLARE_ASN1_FUNCTIONS(PROXY_POLICY)
+
+  PROXY_CERT_INFO_EXTENSION_st = record
+    pcPathLengthConstraint: PASN1_INTEGER;
+    proxyPolicy: PPROXY_POLICY;
+  end;
+  PROXY_CERT_INFO_EXTENSION = PROXY_CERT_INFO_EXTENSION_st;
+  PPROXY_CERT_INFO_EXTENSION = ^PROXY_CERT_INFO_EXTENSION;
+//  DECLARE_ASN1_FUNCTIONS(PROXY_CERT_INFO_EXTENSION)
+
+//  ISSUING_DIST_POint_st = record
+//    distpoint: PDIST_POINT_NAME;
+//    TIdC_INT onlyuser;
+//    TIdC_INT onlyCA;
+//    onlysomereasons: PASN1_BIT_STRING;
+//    TIdC_INT indirectCRL;
+//    TIdC_INT onlyattr;
+//  end;
+
+//  # define X509V3_conf_err(val) ERR_add_error_data(6, \
+//                          "section:", (val)->section, \
+//                          ",name:", (val)->name, ",value:", (val)->value)
+//
+//  # define X509V3_set_ctx_test(ctx) \
+//                          X509V3_set_ctx(ctx, NULL, NULL, NULL, NULL, CTX_TEST)
+//  # define X509V3_set_ctx_nodb(ctx) (ctx)->db = NULL;
+//
+//  # define EXT_BITSTRING(nid, table) { nid, 0, ASN1_ITEM_ref(ASN1_BIT_STRING), \
+//                          0,0,0,0, \
+//                          0,0, \
+//                          (X509V3_EXT_I2V)i2v_ASN1_BIT_STRING, \
+//                          (X509V3_EXT_V2I)v2i_ASN1_BIT_STRING, \
+//                          NULL, NULL, \
+//                          table}
+//
+//  # define EXT_IA5STRING(nid) { nid, 0, ASN1_ITEM_ref(ASN1_IA5STRING), \
+//                          0,0,0,0, \
+//                          (X509V3_EXT_I2S)i2s_ASN1_IA5STRING, \
+//                          (X509V3_EXT_S2I)s2i_ASN1_IA5STRING, \
+//                          0,0,0,0, \
+//                          NULL}
+                         
+  PX509_PURPOSE = ^X509_PURPOSE;
+  x509_purpose_st = record
+    purpose: TIdC_INT;
+    trust: TIdC_INT;                  (* Default trust ID *)
+    flags: TIdC_INT;
+    check_purpose: function(const v1: PX509_PURPOSE; const v2: PX509; v3: TIdC_INT): TIdC_INT;
+    name: PIdAnsiChar;
+    sname: PIdAnsiChar;
+    usr_data: Pointer;
+  end;
+  X509_PURPOSE = x509_purpose_st;
+//  DEFINE_STACK_OF(X509_PURPOSE)
+
+//  DECLARE_ASN1_FUNCTIONS(BASIC_CONSTRAINTS_st)
+
+//  DECLARE_ASN1_FUNCTIONS(SXNET)
+//  DECLARE_ASN1_FUNCTIONS(SXNETID)
+
+  ASRange_st = record
+    min, max: PASN1_INTEGER;
+  end;
+  ASRange = ASRange_st;
+  PASRange = ^ASRange;
+
+  ASIdOrRange_st = record
+    &type: TIdC_INT;
+    case u: DWord of
+      0: (id: PASN1_INTEGER);
+      1: (range: PASRange);
+  end;
+  ASIdOrRange = ASIdOrRange_st;
+  PASIdOrRange = ^ASIdOrRange;
+//  typedef STACK_OF(ASIdOrRange) ASIdOrRanges;
+//  DEFINE_STACK_OF(ASIdOrRange)
+
+//  ASIdentifierChoice_st = record
+//    &type: TIdC_INT;
+//    case u: DWORD of
+//      0: (inherit: PASN1_NULL);
+//      1: (asIdsOrRanges: PASIdOrRanges);
+//  end;
+//  ASIdentifierChoice = ASIdentifierChoice_st;
+//  PASIdentifierChoice = ^ASIdentifierChoice;
+
+//  ASIdentifiers_st = record
+//    asnum, rdi: PASIdentifierChoice;
+//  end;
+//  ASIdentifiers = ASIdentifiers_st;
+//  PASIdentifiers = ^ASIdentifiers;
+
+//  DECLARE_ASN1_FUNCTIONS(ASRange)
+//  DECLARE_ASN1_FUNCTIONS(ASIdOrRange)
+//  DECLARE_ASN1_FUNCTIONS(ASIdentifierChoice)
+//  DECLARE_ASN1_FUNCTIONS(ASIdentifiers)
+
+  IPAddressRange_st = record
+    min, max: PASN1_BIT_STRING;
+  end;
+  IPAddressRange = IPAddressRange_st;
+  PIPAddressRange = ^IPAddressRange;
+
+  IPAddressOrRange_st = record
+    &type: TIdC_INT;
+    case u: DWORD of
+      0: (addressPrefix: PASN1_BIT_STRING);
+      1: (addressRange: PIPAddressRange);
+  end;
+  IPAddressOrRange = IPAddressOrRange_st;
+  PIPAddressOrRange = ^IPAddressOrRange;
+
+//  typedef STACK_OF(IPAddressOrRange) IPAddressOrRanges;
+//  DEFINE_STACK_OF(IPAddressOrRange)
+
+//  IPAddressChoice_st = record
+//    &type: TIdC_INT;
+//    case u: DWORD of
+//      0: (inherit: PASN1_NULL);
+//      1: (addressesOrRanges: PIPAddressOrRanges);
+//  end;
+//  IPAddressChoice = IPAddressChoice_st;
+//  PIPAddressChoice = ^IPAddressChoice;
+
+//  IPAddressFamily_st = record
+//    addressFamily: PASN1_OCTET_STRING;
+//    ipAddressChoice: PIPAddressChoice;
+//  end;
+//  IPAddressFamily = IPAddressFamily_st;
+//  PIPAddressFamily = ^IPAddressFamily;
+
+//  typedef STACK_OF(IPAddressFamily) IPAddrBlocks;
+//  DEFINE_STACK_OF(IPAddressFamily)
+
+//  DECLARE_ASN1_FUNCTIONS(IPAddressRange)
+//  DECLARE_ASN1_FUNCTIONS(IPAddressOrRange)
+//  DECLARE_ASN1_FUNCTIONS(IPAddressChoice)
+//  DECLARE_ASN1_FUNCTIONS(IPAddressFamily)
+
+  NamingAuthority_st = type Pointer;
+  NAMING_AUTHORITY = NamingAuthority_st;
+  PNAMING_AUTHORITY = ^NAMING_AUTHORITY;
+  
+  ProfessionInfo_st = type Pointer;
+  PROFESSION_INFO = ProfessionInfo_st;
+  PPROFESSION_INFO = ^PROFESSION_INFO;
+  
+  Admissions_st = type Pointer;
+  ADMISSIONS = Admissions_st;
+  PADMISSIONS = ^ADMISSIONS;
+  
+  AdmissionSyntax_st = type Pointer;
+  ADMISSION_SYNTAX = AdmissionSyntax_st;
+  PADMISSION_SYNTAX = ^ADMISSION_SYNTAX;
+//  DECLARE_ASN1_FUNCTIONS(NAMING_AUTHORITY)
+//  DECLARE_ASN1_FUNCTIONS(PROFESSION_INFO)
+//  DECLARE_ASN1_FUNCTIONS(ADMISSIONS)
+//  DECLARE_ASN1_FUNCTIONS(ADMISSION_SYNTAX)
+//  DEFINE_STACK_OF(ADMISSIONS)
+//  DEFINE_STACK_OF(PROFESSION_INFO)
+//  typedef STACK_OF(PROFESSION_INFO) PROFESSION_INFOS;
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+procedure UnLoad;
+{$ENDREGION}
+
+var
+//  function SXNET_add_id_asc(psx: PPSXNET; const zone: PIdAnsiChar; const user: PIdAnsiChar; userlen: TIdC_INT): TIdC_INT;
+//  function SXNET_add_id_ulong(psx: PPSXNET; lzone: TIdC_ULONG; const user: PIdAnsiChar; userlen: TIdC_INT): TIdC_INT;
+//  function SXNET_add_id_INTEGER(psx: PPSXNET; izone: PASN1_INTEGER; const user: PIdAnsiChar; userlen: TIdC_INT): TIdC_INT;
+
+//  function SXNET_get_id_asc(sx: PSXNET; const zone: PIdAnsiChar): PASN1_OCTET_STRING;
+//  function SXNET_get_id_ulong(sx: PSXNET; lzone: TIdC_ULONG): PASN1_OCTET_STRING;
+//  function SXNET_get_id_INTEGER(sx: PSXNET; zone: PASN1_INTEGER): PASN1_OCTET_STRING;
+
+//  DECLARE_ASN1_FUNCTIONS(AUTHORITY_KEYID)
+
+//  DECLARE_ASN1_FUNCTIONS(PKEY_USAGE_PERIOD)
+
+//  DECLARE_ASN1_FUNCTIONS(GENERAL_NAME)
+//  GENERAL_NAME *GENERAL_NAME_dup(a: PGENERAL_NAME);
+  GENERAL_NAME_cmp: function(a: PGENERAL_NAME; b: PGENERAL_NAME): TIdC_INT cdecl = nil;
+
+//  ASN1_BIT_STRING *v2i_ASN1_BIT_STRING(method: PX509V3_EXT_METHOD; ctx: PX509V3_CTX; STACK_OF(CONF_VALUE) *nval);
+//  STACK_OF(CONF_VALUE) *i2v_ASN1_BIT_STRING(method: PX509V3_EXT_METHOD; ASN1_BIT_STRING *bits; STACK_OF(CONF_VALUE) *extlist);
+  //function i2s_ASN1_IA5STRING(method: PX509V3_EXT_METHOD; ia5: PASN1_IA5STRING): PIdAnsiChar;
+  //function s2i_ASN1_IA5STRING(method: PX509V3_EXT_METHOD; ctx: PX509V3_CTX; const str: PIdAnsiChar): PASN1_IA5STRING;
+
+//  STACK_OF(CONF_VALUE) *i2v_GENERAL_NAME(method: PX509V3_EXT_METHOD; gen: PGENERAL_NAME; STACK_OF(CONF_VALUE) *ret);
+  GENERAL_NAME_print: function(&out: PBIO; gen: PGENERAL_NAME): TIdC_INT cdecl = nil;
+
+//  DECLARE_ASN1_FUNCTIONS(GENERAL_NAMES)
+
+//  STACK_OF(CONF_VALUE) *i2v_GENERAL_NAMES(method: PX509V3_EXT_METHOD, GENERAL_NAMES *gen, STACK_OF(CONF_VALUE) *extlist);
+//  GENERAL_NAMES *v2i_GENERAL_NAMES(const method: PX509V3_EXT_METHOD, ctx: PX509V3_CTX, STACK_OF(CONF_VALUE) *nval);
+
+//  DECLARE_ASN1_FUNCTIONS(OTHERNAME)
+//  DECLARE_ASN1_FUNCTIONS(EDIPARTYNAME)
+  OTHERNAME_cmp: function(a: POTHERNAME; b: POTHERNAME): TIdC_INT cdecl = nil;
+  GENERAL_NAME_set0_value: procedure(a: PGENERAL_NAME; &type: TIdC_INT; value: Pointer) cdecl = nil;
+  GENERAL_NAME_get0_value: function(const a: PGENERAL_NAME; ptype: PIdC_INT): Pointer cdecl = nil;
+  GENERAL_NAME_set0_othername: function(gen: PGENERAL_NAME; oid: PASN1_OBJECT; value: PASN1_TYPE): TIdC_INT cdecl = nil;
+  GENERAL_NAME_get0_otherName: function(const gen: PGENERAL_NAME; poid: PPASN1_OBJECT; pvalue: PPASN1_TYPE): TIdC_INT cdecl = nil;
+
+  //function i2s_ASN1_OCTET_STRING(method: PX509V3_EXT_METHOD; const ia5: PASN1_OCTET_STRING): PIdAnsiChar;
+  //function s2i_ASN1_OCTET_STRING(method: PX509V3_EXT_METHOD; ctx: PX509V3_CTX; const str: PIdAnsiChar): PASN1_OCTET_STRING;
+
+//  DECLARE_ASN1_FUNCTIONS(EXTENDED_KEY_USAGE)
+  i2a_ACCESS_DESCRIPTION: function(bp: PBIO; const a: PACCESS_DESCRIPTION): TIdC_INT cdecl = nil;
+
+//  DECLARE_ASN1_ALLOC_FUNCTIONS(TLS_FEATURE)
+
+//  DECLARE_ASN1_FUNCTIONS(CERTIFICATEPOLICIES)
+//  DECLARE_ASN1_FUNCTIONS(POLICYINFO)
+//  DECLARE_ASN1_FUNCTIONS(POLICYQUALINFO)
+//  DECLARE_ASN1_FUNCTIONS(USERNOTICE)
+//  DECLARE_ASN1_FUNCTIONS(NOTICEREF)
+
+//  DECLARE_ASN1_FUNCTIONS(CRL_DIST_POINTS)
+//  DECLARE_ASN1_FUNCTIONS(DIST_POINT)
+//  DECLARE_ASN1_FUNCTIONS(DIST_POINT_NAME)
+//  DECLARE_ASN1_FUNCTIONS(ISSUING_DIST_POINT)
+
+  DIST_POINT_set_dpname: function(dpn: PDIST_POINT_NAME; iname: PX509_NAME): TIdC_INT cdecl = nil;
+
+  NAME_CONSTRAINTS_check: function(x: PX509; nc: PNAME_CONSTRAINTS): TIdC_INT cdecl = nil;
+  NAME_CONSTRAINTS_check_CN: function(x: PX509; nc: PNAME_CONSTRAINTS): TIdC_INT cdecl = nil;
+
+//  DECLARE_ASN1_FUNCTIONS(ACCESS_DESCRIPTION)
+//  DECLARE_ASN1_FUNCTIONS(AUTHORITY_INFO_ACCESS)
+
+//  DECLARE_ASN1_ITEM(POLICY_MAPPING)
+//  DECLARE_ASN1_ALLOC_FUNCTIONS(POLICY_MAPPING)
+//  DECLARE_ASN1_ITEM(POLICY_MAPPINGS)
+
+//  DECLARE_ASN1_ITEM(GENERAL_SUBTREE)
+//  DECLARE_ASN1_ALLOC_FUNCTIONS(GENERAL_SUBTREE)
+
+//  DECLARE_ASN1_ITEM(NAME_CONSTRAINTS)
+//  DECLARE_ASN1_ALLOC_FUNCTIONS(NAME_CONSTRAINTS)
+
+//  DECLARE_ASN1_ALLOC_FUNCTIONS(POLICY_CONSTRAINTS)
+//  DECLARE_ASN1_ITEM(POLICY_CONSTRAINTS)
+
+  //function a2i_GENERAL_NAME(&out: PGENERAL_NAME; const method: PX509V3_EXT_METHOD; ctx: PX509V3_CTX; TIdC_INT gen_type; const value: PIdAnsiChar; is_nc: TIdC_INT): GENERAL_NAME;
+
+  //function v2i_GENERAL_NAME(const method: PX509V3_EXT_METHOD; ctx: PX509V3_CTX; cnf: PCONF_VALUE): PGENERAL_NAME;
+  //function v2i_GENERAL_NAME_ex(&out: PGENERAL_NAME; const method: PX509V3_EXT_METHOD; ctx: PX509V3_CTX; cnf: PCONF_VALUE; is_nc: TIdC_INT): PGENERAL_NAME;
+  //procedure X509V3_conf_free(val: PCONF_VALUE);
+
+  X509V3_EXT_nconf_nid: function(conf: PCONF; ctx: PX509V3_CTX; ext_nid: TIdC_INT; const value: PIdAnsiChar): PX509_EXTENSION cdecl = nil;
+  X509V3_EXT_nconf: function(conf: PCONF; ctx: PX509V3_CTX; const name: PIdAnsiChar; const value: PIdAnsiChar): PX509_EXTENSION cdecl = nil;
+//  TIdC_INT X509V3_EXT_add_nconf_sk(conf: PCONF; ctx: PX509V3_CTX; const section: PIdAnsiChar; STACK_OF(X509_EXTENSION) **sk);
+  X509V3_EXT_add_nconf: function(conf: PCONF; ctx: PX509V3_CTX; const section: PIdAnsiChar; cert: PX509): TIdC_INT cdecl = nil;
+  X509V3_EXT_REQ_add_nconf: function(conf: PCONF; ctx: PX509V3_CTX; const section: PIdAnsiChar; req: PX509_REQ): TIdC_INT cdecl = nil;
+  X509V3_EXT_CRL_add_nconf: function(conf: PCONF; ctx: PX509V3_CTX; const section: PIdAnsiChar; crl: PX509_CRL): TIdC_INT cdecl = nil;
+
+  X509V3_EXT_conf_nid: function(conf: Pointer; ctx: PX509V3_CTX; ext_nid: TIdC_INT; const value: PIdAnsiChar): PX509_EXTENSION cdecl = nil;
+//  X509_EXTENSION *X509V3_EXT_conf_nid(LHASH_OF(CONF_VALUE) *conf; ctx: PX509V3_CTX; ext_nid: TIdC_INT; const value: PIdAnsiChar);
+  X509V3_EXT_conf: function(conf: Pointer; ctx: PX509V3_CTX; const name: PIdAnsiChar; const value: PIdAnsiChar): PX509_EXTENSION cdecl = nil;
+//  X509_EXTENSION *X509V3_EXT_conf(LHASH_OF(CONF_VALUE) *conf; ctx: PX509V3_CTX; const name: PIdAnsiChar; const value: PIdAnsiChar);
+  X509V3_EXT_add_conf: function(conf: Pointer; ctx: PX509V3_CTX; const section: PIdAnsiChar; cert: PX509): TIdC_INT cdecl = nil;
+//  TIdC_INT X509V3_EXT_add_conf(LHASH_OF(CONF_VALUE) *conf; ctx: PX509V3_CTX; const section: PIdAnsiChar; cert: PX509);
+  X509V3_EXT_REQ_add_conf: function(conf: Pointer; ctx: PX509V3_CTX; const section: PIdAnsiChar; req: PX509_REQ): TIdC_INT cdecl = nil;
+//  TIdC_INT X509V3_EXT_REQ_add_conf(LHASH_OF(CONF_VALUE) *conf; ctx: PX509V3_CTX; const section: PIdAnsiChar; req: PX509_REQ);
+  X509V3_EXT_CRL_add_conf: function(conf: Pointer; ctx: PX509V3_CTX; const section: PIdAnsiChar; crl: PX509_CRL): TIdC_INT cdecl = nil;
+//  TIdC_INT X509V3_EXT_CRL_add_conf(LHASH_OF(CONF_VALUE) *conf; ctx: PX509V3_CTX; const section: PIdAnsiChar; crl: PX509_CRL);
+
+//  TIdC_INT X509V3_add_value_bool_nf(const name: PIdAnsiChar; TIdC_INT asn1_bool; STACK_OF(CONF_VALUE) **extlist);
+  //function X509V3_get_value_bool(const value: PCONF_VALUE; asn1_bool: PIdC_INT): TIdC_INT;
+  //function X509V3_get_value_int(const value: PCONF_VALUE; aint: PPASN1_INTEGER): TIdC_INT;
+  X509V3_set_nconf: procedure(ctx: PX509V3_CTX; conf: PCONF) cdecl = nil;
+//  void X509V3_set_conf_lhash(ctx: PX509V3_CTX; LHASH_OF(CONF_VALUE) *lhash);
+
+  X509V3_get_string: function(ctx: PX509V3_CTX; const name: PIdAnsiChar; const section: PIdAnsiChar): PIdAnsiChar cdecl = nil;
+//  STACK_OF(CONF_VALUE) *X509V3_get_section(ctx: PX509V3_CTX; const section: PIdAnsiChar);
+  X509V3_string_free: procedure(ctx: PX509V3_CTX; str: PIdAnsiChar) cdecl = nil;
+//  void X509V3_section_free(ctx: PX509V3_CTX; STACK_OF(CONF_VALUE) *section);
+  X509V3_set_ctx: procedure(ctx: PX509V3_CTX; issuer: PX509; subject: PX509; req: PX509_REQ; crl: PX509_CRL; flags: TIdC_INT) cdecl = nil;
+
+//  TIdC_INT X509V3_add_value(const name: PIdAnsiChar; const value: PIdAnsiChar; STACK_OF(CONF_VALUE) **extlist);
+//  TIdC_INT X509V3_add_value_uPIdAnsiChar(const name: PIdAnsiChar; const Byte *value; STACK_OF(CONF_VALUE) **extlist);
+//  TIdC_INT X509V3_add_value_bool(const name: PIdAnsiChar; TIdC_INT asn1_bool; STACK_OF(CONF_VALUE) **extlist);
+//  TIdC_INT X509V3_add_value_int(const name: PIdAnsiChar; const aint: PASN1_INTEGER; STACK_OF(CONF_VALUE) **extlist);
+  //function i2s_ASN1_INTEGER(meth: PX509V3_EXT_METHOD; const aint: PASN1_INTEGER): PIdAnsiChar;
+  //function s2i_ASN1_INTEGER(meth: PX509V3_EXT_METHOD; const value: PIdAnsiChar): PASN1_INTEGER;
+  //function i2s_ASN1_ENUMERATED(meth: PX509V3_EXT_METHOD; const aint: PASN1_ENUMERATED): PIdAnsiChar;
+  //function i2s_ASN1_ENUMERATED_TABLE(meth: PX509V3_EXT_METHOD; const aint: PASN1_ENUMERATED): PIdAnsiChar;
+  //function X509V3_EXT_add(ext: PX509V3_EXT_METHOD): TIdC_INT;
+  //function X509V3_EXT_add_list(extlist: PX509V3_EXT_METHOD): TIdC_INT;
+  X509V3_EXT_add_alias: function(nid_to: TIdC_INT; nid_from: TIdC_INT): TIdC_INT cdecl = nil;
+  X509V3_EXT_cleanup: procedure cdecl = nil;
+
+  //function X509V3_EXT_get(ext: PX509_EXTENSION): PX509V3_EXT_METHOD;
+  //function X509V3_EXT_get_nid(nid: TIdC_INT): PX509V3_EXT_METHOD;
+  X509V3_add_standard_extensions: function: TIdC_INT cdecl = nil;
+//  STACK_OF(CONF_VALUE) *X509V3_parse_list(const line: PIdAnsiChar);
+  X509V3_EXT_d2i: function(ext: PX509_EXTENSION): Pointer cdecl = nil;
+//  void *X509V3_get_d2i(const STACK_OF(X509_EXTENSION) *x; nid: TIdC_INT; TIdC_INT *crit; TIdC_INT *idx);
+
+  X509V3_EXT_i2d: function(ext_nid: TIdC_INT; crit: TIdC_INT; ext_struc: Pointer): PX509_EXTENSION cdecl = nil;
+//  TIdC_INT X509V3_add1_i2d(STACK_OF(X509_EXTENSION) **x; nid: TIdC_INT; value: Pointer; crit: TIdC_INT; TIdC_ULONG flags);
+
+//  void X509V3_EXT_val_prn(&out: PBIO; STACK_OF(CONF_VALUE) *val; indent: TIdC_INT; TIdC_INT ml);
+  X509V3_EXT_print: function(&out: PBIO; ext: PX509_EXTENSION; flag: TIdC_ULONG; indent: TIdC_INT): TIdC_INT cdecl = nil;
+//  TIdC_INT X509V3_extensions_print(&out: PBIO; const PIdAnsiChar *title; const STACK_OF(X509_EXTENSION) *exts; flag: TIdC_ULONG; indent: TIdC_INT);
+
+  X509_check_ca: function(x: PX509): TIdC_INT cdecl = nil;
+  X509_check_purpose: function(x: PX509; id: TIdC_INT; ca: TIdC_INT): TIdC_INT cdecl = nil;
+  X509_supported_extension: function(ex: PX509_EXTENSION): TIdC_INT cdecl = nil;
+  X509_PURPOSE_set: function(p: PIdC_INT; purpose: TIdC_INT): TIdC_INT cdecl = nil;
+  X509_check_issued: function(issuer: PX509; subject: PX509): TIdC_INT cdecl = nil;
+  X509_check_akid: function(issuer: PX509; akid: PAUTHORITY_KEYID): TIdC_INT cdecl = nil;
+  X509_set_proxy_flag: procedure(x: PX509) cdecl = nil;
+  X509_set_proxy_pathlen: procedure(x: PX509; l: TIdC_LONG) cdecl = nil;
+  X509_get_proxy_pathlen: function(x: PX509): TIdC_LONG cdecl = nil;
+
+  X509_get_extension_flags: function(x: PX509): TIdC_UINT32 cdecl = nil;
+  X509_get_key_usage: function(x: PX509): TIdC_UINT32 cdecl = nil;
+  X509_get_extended_key_usage: function(x: PX509): TIdC_UINT32 cdecl = nil;
+  X509_get0_subject_key_id: function(x: PX509): PASN1_OCTET_STRING cdecl = nil;
+  X509_get0_authority_key_id: function(x: PX509): PASN1_OCTET_STRING cdecl = nil;
+  //function X509_get0_authority_issuer(x: PX509): PGENERAL_NAMES;
+  X509_get0_authority_serial: function(x: PX509): PASN1_INTEGER cdecl = nil;
+
+  X509_PURPOSE_get_count: function: TIdC_INT cdecl = nil;
+  X509_PURPOSE_get0: function(idx: TIdC_INT): PX509_PURPOSE cdecl = nil;
+  X509_PURPOSE_get_by_sname: function(const sname: PIdAnsiChar): TIdC_INT cdecl = nil;
+  X509_PURPOSE_get_by_id: function(id: TIdC_INT): TIdC_INT cdecl = nil;
+//  TIdC_INT X509_PURPOSE_add(id: TIdC_INT, TIdC_INT trust, flags: TIdC_INT, TIdC_INT (*ck) (const X509_PURPOSE *, const X509 *, TIdC_INT), const name: PIdAnsiChar, const sname: PIdAnsiChar, void *arg);
+  X509_PURPOSE_get0_name: function(const xp: PX509_PURPOSE): PIdAnsiChar cdecl = nil;
+  X509_PURPOSE_get0_sname: function(const xp: PX509_PURPOSE): PIdAnsiChar cdecl = nil;
+  X509_PURPOSE_get_trust: function(const xp: PX509_PURPOSE): TIdC_INT cdecl = nil;
+  X509_PURPOSE_cleanup: procedure cdecl = nil;
+  X509_PURPOSE_get_id: function(const v1: PX509_PURPOSE): TIdC_INT cdecl = nil;
+
+//  STACK_OF(OPENSSL_STRING) *X509_get1_email(x: PX509);
+//  STACK_OF(OPENSSL_STRING) *X509_REQ_get1_email(X509_REQ *x);
+//  void X509_email_free(STACK_OF(OPENSSL_STRING) *sk);
+//  STACK_OF(OPENSSL_STRING) *X509_get1_ocsp(x: PX509);
+
+  X509_check_host: function(x: PX509; const chk: PIdAnsiChar; chklen: TIdC_SIZET; flags: TIdC_UINT; peername: PPIdAnsiChar): TIdC_INT cdecl = nil;
+  X509_check_email: function(x: PX509; const chk: PIdAnsiChar; chklen: TIdC_SIZET; flags: TIdC_UINT): TIdC_INT cdecl = nil;
+  X509_check_ip: function(x: PX509; const chk: PByte; chklen: TIdC_SIZET; flags: TIdC_UINT): TIdC_INT cdecl = nil;
+  X509_check_ip_asc: function(x: PX509; const ipasc: PIdAnsiChar; flags: TIdC_UINT): TIdC_INT cdecl = nil;
+
+  a2i_IPADDRESS: function(const ipasc: PIdAnsiChar): PASN1_OCTET_STRING cdecl = nil;
+  a2i_IPADDRESS_NC: function(const ipasc: PIdAnsiChar): PASN1_OCTET_STRING cdecl = nil;
+//  TIdC_INT X509V3_NAME_from_section(X509_NAME *nm; STACK_OF(CONF_VALUE) *dn_sk; TIdC_ULONG chtype);
+
+  X509_POLICY_NODE_print: procedure(&out: PBIO; node: PX509_POLICY_NODE; indent: TIdC_INT) cdecl = nil;
+//  DEFINE_STACK_OF(X509_POLICY_NODE)
+
+  (*
+   * Utilities to construct and extract values from RFC3779 extensions,
+   * since some of the encodings (particularly for IP address prefixes
+   * and ranges) are a bit tedious to work with directly.
+   *)
+  //function X509v3_asid_add_inherit(asid: PASIdentifiers; which: TIdC_INT): TIdC_INT;
+  //function X509v3_asid_add_id_or_range(asid: PASIdentifiers; which: TIdC_INT; min: PASN1_INTEGER; max: PASN1_INTEGER): TIdC_INT;
+  //function X509v3_addr_add_inherit(addr: PIPAddrBlocks; const afi: TIdC_UINT; const safi: PIdC_UINT): TIdC_INT;
+  //function X509v3_addr_add_prefix(addr: PIPAddrBlocks; const afi: TIdC_UINT; const safi: PIdC_UINT; a: PByte; const prefixlen: TIdC_INT): TIdC_INT;
+  //function X509v3_addr_add_range(addr: PIPAddrBlocks; const afi: TIdC_UINT; const safi: PIdC_UINT; min: PByte; max: PByte): TIdC_INT;
+  //function X509v3_addr_get_afi(const f: PIPAddressFamily): TIdC_UINT;
+  X509v3_addr_get_range: function(aor: PIPAddressOrRange; const afi: TIdC_UINT; min: PByte; max: Byte; const length: TIdC_INT): TIdC_INT cdecl = nil;
+
+  (*
+   * Canonical forms.
+   *)
+  //function X509v3_asid_is_canonical(asid: PASIdentifiers): TIdC_INT;
+  //function X509v3_addr_is_canonical(addr: PIPAddrBlocks): TIdC_INT;
+  //function X509v3_asid_canonize(asid: PASIdentifiers): TIdC_INT;
+  //function X509v3_addr_canonize(addr: PIPAddrBlocks): TIdC_INT;
+
+  (*
+   * Tests for inheritance and containment.
+   *)
+  //function X509v3_asid_inherits(asid: PASIdentifiers): TIdC_INT;
+  //function X509v3_addr_inherits(addr: PIPAddrBlocks): TIdC_INT;
+  //function X509v3_asid_subset(a: PASIdentifiers; b: PASIdentifiers): TIdC_INT;
+  //function X509v3_addr_subset(a: PIPAddrBlocks; b: PIPAddrBlocks): TIdC_INT;
+
+  (*
+   * Check whether RFC 3779 extensions nest properly in chains.
+   *)
+  X509v3_asid_validate_path: function(v1: PX509_STORE_CTX): TIdC_INT cdecl = nil;
+  X509v3_addr_validate_path: function(v1: PX509_STORE_CTX): TIdC_INT cdecl = nil;
+//  TIdC_INT X509v3_asid_validate_resource_set(STACK_OF(X509) *chain; ASIdentifiers *ext; TIdC_INT allow_inheritance);
+//  TIdC_INT X509v3_addr_validate_resource_set(STACK_OF(X509) *chain; IPAddrBlocks *ext; TIdC_INT allow_inheritance);
+
+
+//  DEFINE_STACK_OF(ASN1_STRING)
+
+  (*
+   * Admission Syntax
+   *)
+  NAMING_AUTHORITY_get0_authorityId: function(const n: PNAMING_AUTHORITY): PASN1_OBJECT cdecl = nil;
+  NAMING_AUTHORITY_get0_authorityURL: function(const n: PNAMING_AUTHORITY): PASN1_IA5STRING cdecl = nil;
+  NAMING_AUTHORITY_get0_authorityText: function(const n: PNAMING_AUTHORITY): PASN1_STRING cdecl = nil;
+  NAMING_AUTHORITY_set0_authorityId: procedure(n: PNAMING_AUTHORITY; namingAuthorityId: PASN1_OBJECT) cdecl = nil;
+  NAMING_AUTHORITY_set0_authorityURL: procedure(n: PNAMING_AUTHORITY; namingAuthorityUrl: PASN1_IA5STRING) cdecl = nil;
+  NAMING_AUTHORITY_set0_authorityText: procedure(n: PNAMING_AUTHORITY; namingAuthorityText: PASN1_STRING) cdecl = nil;
+
+  ADMISSION_SYNTAX_get0_admissionAuthority: function(const &as: ADMISSION_SYNTAX): PGENERAL_NAME cdecl = nil;
+  ADMISSION_SYNTAX_set0_admissionAuthority: procedure(&as: ADMISSION_SYNTAX; aa: PGENERAL_NAME) cdecl = nil;
+//  const STACK_OF(ADMISSIONS) *ADMISSION_SYNTAX_get0_contentsOfAdmissions(const &as: ADMISSION_SYNTAX);
+//  void ADMISSION_SYNTAX_set0_contentsOfAdmissions(&as: ADMISSION_SYNTAX; STACK_OF(ADMISSIONS) *a);
+  ADMISSIONS_get0_admissionAuthority: function(const a: PADMISSIONS): PGENERAL_NAME cdecl = nil;
+  ADMISSIONS_set0_admissionAuthority: procedure(a: PADMISSIONS; aa: PGENERAL_NAME) cdecl = nil;
+  ADMISSIONS_get0_namingAuthority: function(const a: PADMISSIONS): PNAMING_AUTHORITY cdecl = nil;
+  ADMISSIONS_set0_namingAuthority: procedure(a: PADMISSIONS; na: PNAMING_AUTHORITY) cdecl = nil;
+  //function ADMISSIONS_get0_professionInfos(const a: PADMISSIONS): PPROFESSION_INFOS;
+  //procedure ADMISSIONS_set0_professionInfos(a: PADMISSIONS; pi: PPROFESSION_INFOS);
+  PROFESSION_INFO_get0_addProfessionInfo: function(const pi: PPROFESSION_INFO): PASN1_OCTET_STRING cdecl = nil;
+  PROFESSION_INFO_set0_addProfessionInfo: procedure(pi: PPROFESSION_INFO; aos: PASN1_OCTET_STRING) cdecl = nil;
+  PROFESSION_INFO_get0_namingAuthority: function(const pi: PPROFESSION_INFO): PNAMING_AUTHORITY cdecl = nil;
+  PROFESSION_INFO_set0_namingAuthority: procedure(pi: PPROFESSION_INFO; na: PNAMING_AUTHORITY) cdecl = nil;
+//  const STACK_OF(ASN1_STRING) *PROFESSION_INFO_get0_professionItems(const pi: PPROFESSION_INFO);
+//  void PROFESSION_INFO_set0_professionItems(pi: PPROFESSION_INFO; STACK_OF(ASN1_STRING) *as);
+//  const STACK_OF(ASN1_OBJECT) *PROFESSION_INFO_get0_professionOIDs(const pi: PPROFESSION_INFO);
+//  void PROFESSION_INFO_set0_professionOIDs(pi: PPROFESSION_INFO; STACK_OF(ASN1_OBJECT) *po);
+  PROFESSION_INFO_get0_registrationNumber: function(const pi: PPROFESSION_INFO): PASN1_PRINTABLESTRING cdecl = nil;
+  PROFESSION_INFO_set0_registrationNumber: procedure(pi: PPROFESSION_INFO; rn: PASN1_PRINTABLESTRING) cdecl = nil;
+
+
+implementation
+
+{$REGION 'Generated loading and unloading methods'}
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+
+  function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
+  begin
+    Result := LoadLibFunction(ADllHandle, AMethodName);
+    if not Assigned(Result) then
+      AFailed.Add(AMethodName);
+  end;
+
+begin
+  GENERAL_NAME_cmp := LoadFunction('GENERAL_NAME_cmp', AFailed);
+  GENERAL_NAME_print := LoadFunction('GENERAL_NAME_print', AFailed);
+  OTHERNAME_cmp := LoadFunction('OTHERNAME_cmp', AFailed);
+  GENERAL_NAME_set0_value := LoadFunction('GENERAL_NAME_set0_value', AFailed);
+  GENERAL_NAME_get0_value := LoadFunction('GENERAL_NAME_get0_value', AFailed);
+  GENERAL_NAME_set0_othername := LoadFunction('GENERAL_NAME_set0_othername', AFailed);
+  GENERAL_NAME_get0_otherName := LoadFunction('GENERAL_NAME_get0_otherName', AFailed);
+  i2a_ACCESS_DESCRIPTION := LoadFunction('i2a_ACCESS_DESCRIPTION', AFailed);
+  DIST_POINT_set_dpname := LoadFunction('DIST_POINT_set_dpname', AFailed);
+  NAME_CONSTRAINTS_check := LoadFunction('NAME_CONSTRAINTS_check', AFailed);
+  NAME_CONSTRAINTS_check_CN := LoadFunction('NAME_CONSTRAINTS_check_CN', AFailed);
+  X509V3_EXT_nconf_nid := LoadFunction('X509V3_EXT_nconf_nid', AFailed);
+  X509V3_EXT_nconf := LoadFunction('X509V3_EXT_nconf', AFailed);
+  X509V3_EXT_add_nconf := LoadFunction('X509V3_EXT_add_nconf', AFailed);
+  X509V3_EXT_REQ_add_nconf := LoadFunction('X509V3_EXT_REQ_add_nconf', AFailed);
+  X509V3_EXT_CRL_add_nconf := LoadFunction('X509V3_EXT_CRL_add_nconf', AFailed);
+  X509V3_EXT_conf_nid := LoadFunction('X509V3_EXT_conf_nid', AFailed);
+  X509V3_EXT_conf := LoadFunction('X509V3_EXT_conf', AFailed);
+  X509V3_EXT_add_conf := LoadFunction('X509V3_EXT_add_conf', AFailed);
+  X509V3_EXT_REQ_add_conf := LoadFunction('X509V3_EXT_REQ_add_conf', AFailed);
+  X509V3_EXT_CRL_add_conf := LoadFunction('X509V3_EXT_CRL_add_conf', AFailed);
+  X509V3_set_nconf := LoadFunction('X509V3_set_nconf', AFailed);
+  X509V3_get_string := LoadFunction('X509V3_get_string', AFailed);
+  X509V3_string_free := LoadFunction('X509V3_string_free', AFailed);
+  X509V3_set_ctx := LoadFunction('X509V3_set_ctx', AFailed);
+  X509V3_EXT_add_alias := LoadFunction('X509V3_EXT_add_alias', AFailed);
+  X509V3_EXT_cleanup := LoadFunction('X509V3_EXT_cleanup', AFailed);
+  X509V3_add_standard_extensions := LoadFunction('X509V3_add_standard_extensions', AFailed);
+  X509V3_EXT_d2i := LoadFunction('X509V3_EXT_d2i', AFailed);
+  X509V3_EXT_i2d := LoadFunction('X509V3_EXT_i2d', AFailed);
+  X509V3_EXT_print := LoadFunction('X509V3_EXT_print', AFailed);
+  X509_check_ca := LoadFunction('X509_check_ca', AFailed);
+  X509_check_purpose := LoadFunction('X509_check_purpose', AFailed);
+  X509_supported_extension := LoadFunction('X509_supported_extension', AFailed);
+  X509_PURPOSE_set := LoadFunction('X509_PURPOSE_set', AFailed);
+  X509_check_issued := LoadFunction('X509_check_issued', AFailed);
+  X509_check_akid := LoadFunction('X509_check_akid', AFailed);
+  X509_set_proxy_flag := LoadFunction('X509_set_proxy_flag', AFailed);
+  X509_set_proxy_pathlen := LoadFunction('X509_set_proxy_pathlen', AFailed);
+  X509_get_proxy_pathlen := LoadFunction('X509_get_proxy_pathlen', AFailed);
+  X509_get_extension_flags := LoadFunction('X509_get_extension_flags', AFailed);
+  X509_get_key_usage := LoadFunction('X509_get_key_usage', AFailed);
+  X509_get_extended_key_usage := LoadFunction('X509_get_extended_key_usage', AFailed);
+  X509_get0_subject_key_id := LoadFunction('X509_get0_subject_key_id', AFailed);
+  X509_get0_authority_key_id := LoadFunction('X509_get0_authority_key_id', AFailed);
+  X509_get0_authority_serial := LoadFunction('X509_get0_authority_serial', AFailed);
+  X509_PURPOSE_get_count := LoadFunction('X509_PURPOSE_get_count', AFailed);
+  X509_PURPOSE_get0 := LoadFunction('X509_PURPOSE_get0', AFailed);
+  X509_PURPOSE_get_by_sname := LoadFunction('X509_PURPOSE_get_by_sname', AFailed);
+  X509_PURPOSE_get_by_id := LoadFunction('X509_PURPOSE_get_by_id', AFailed);
+  X509_PURPOSE_get0_name := LoadFunction('X509_PURPOSE_get0_name', AFailed);
+  X509_PURPOSE_get0_sname := LoadFunction('X509_PURPOSE_get0_sname', AFailed);
+  X509_PURPOSE_get_trust := LoadFunction('X509_PURPOSE_get_trust', AFailed);
+  X509_PURPOSE_cleanup := LoadFunction('X509_PURPOSE_cleanup', AFailed);
+  X509_PURPOSE_get_id := LoadFunction('X509_PURPOSE_get_id', AFailed);
+  X509_check_host := LoadFunction('X509_check_host', AFailed);
+  X509_check_email := LoadFunction('X509_check_email', AFailed);
+  X509_check_ip := LoadFunction('X509_check_ip', AFailed);
+  X509_check_ip_asc := LoadFunction('X509_check_ip_asc', AFailed);
+  a2i_IPADDRESS := LoadFunction('a2i_IPADDRESS', AFailed);
+  a2i_IPADDRESS_NC := LoadFunction('a2i_IPADDRESS_NC', AFailed);
+  X509_POLICY_NODE_print := LoadFunction('X509_POLICY_NODE_print', AFailed);
+  X509v3_addr_get_range := LoadFunction('X509v3_addr_get_range', AFailed);
+  X509v3_asid_validate_path := LoadFunction('X509v3_asid_validate_path', AFailed);
+  X509v3_addr_validate_path := LoadFunction('X509v3_addr_validate_path', AFailed);
+  NAMING_AUTHORITY_get0_authorityId := LoadFunction('NAMING_AUTHORITY_get0_authorityId', AFailed);
+  NAMING_AUTHORITY_get0_authorityURL := LoadFunction('NAMING_AUTHORITY_get0_authorityURL', AFailed);
+  NAMING_AUTHORITY_get0_authorityText := LoadFunction('NAMING_AUTHORITY_get0_authorityText', AFailed);
+  NAMING_AUTHORITY_set0_authorityId := LoadFunction('NAMING_AUTHORITY_set0_authorityId', AFailed);
+  NAMING_AUTHORITY_set0_authorityURL := LoadFunction('NAMING_AUTHORITY_set0_authorityURL', AFailed);
+  NAMING_AUTHORITY_set0_authorityText := LoadFunction('NAMING_AUTHORITY_set0_authorityText', AFailed);
+  ADMISSION_SYNTAX_get0_admissionAuthority := LoadFunction('ADMISSION_SYNTAX_get0_admissionAuthority', AFailed);
+  ADMISSION_SYNTAX_set0_admissionAuthority := LoadFunction('ADMISSION_SYNTAX_set0_admissionAuthority', AFailed);
+  ADMISSIONS_get0_admissionAuthority := LoadFunction('ADMISSIONS_get0_admissionAuthority', AFailed);
+  ADMISSIONS_set0_admissionAuthority := LoadFunction('ADMISSIONS_set0_admissionAuthority', AFailed);
+  ADMISSIONS_get0_namingAuthority := LoadFunction('ADMISSIONS_get0_namingAuthority', AFailed);
+  ADMISSIONS_set0_namingAuthority := LoadFunction('ADMISSIONS_set0_namingAuthority', AFailed);
+  PROFESSION_INFO_get0_addProfessionInfo := LoadFunction('PROFESSION_INFO_get0_addProfessionInfo', AFailed);
+  PROFESSION_INFO_set0_addProfessionInfo := LoadFunction('PROFESSION_INFO_set0_addProfessionInfo', AFailed);
+  PROFESSION_INFO_get0_namingAuthority := LoadFunction('PROFESSION_INFO_get0_namingAuthority', AFailed);
+  PROFESSION_INFO_set0_namingAuthority := LoadFunction('PROFESSION_INFO_set0_namingAuthority', AFailed);
+  PROFESSION_INFO_get0_registrationNumber := LoadFunction('PROFESSION_INFO_get0_registrationNumber', AFailed);
+  PROFESSION_INFO_set0_registrationNumber := LoadFunction('PROFESSION_INFO_set0_registrationNumber', AFailed);
+end;
+
+procedure UnLoad;
+begin
+  GENERAL_NAME_cmp := nil;
+  GENERAL_NAME_print := nil;
+  OTHERNAME_cmp := nil;
+  GENERAL_NAME_set0_value := nil;
+  GENERAL_NAME_get0_value := nil;
+  GENERAL_NAME_set0_othername := nil;
+  GENERAL_NAME_get0_otherName := nil;
+  i2a_ACCESS_DESCRIPTION := nil;
+  DIST_POINT_set_dpname := nil;
+  NAME_CONSTRAINTS_check := nil;
+  NAME_CONSTRAINTS_check_CN := nil;
+  X509V3_EXT_nconf_nid := nil;
+  X509V3_EXT_nconf := nil;
+  X509V3_EXT_add_nconf := nil;
+  X509V3_EXT_REQ_add_nconf := nil;
+  X509V3_EXT_CRL_add_nconf := nil;
+  X509V3_EXT_conf_nid := nil;
+  X509V3_EXT_conf := nil;
+  X509V3_EXT_add_conf := nil;
+  X509V3_EXT_REQ_add_conf := nil;
+  X509V3_EXT_CRL_add_conf := nil;
+  X509V3_set_nconf := nil;
+  X509V3_get_string := nil;
+  X509V3_string_free := nil;
+  X509V3_set_ctx := nil;
+  X509V3_EXT_add_alias := nil;
+  X509V3_EXT_cleanup := nil;
+  X509V3_add_standard_extensions := nil;
+  X509V3_EXT_d2i := nil;
+  X509V3_EXT_i2d := nil;
+  X509V3_EXT_print := nil;
+  X509_check_ca := nil;
+  X509_check_purpose := nil;
+  X509_supported_extension := nil;
+  X509_PURPOSE_set := nil;
+  X509_check_issued := nil;
+  X509_check_akid := nil;
+  X509_set_proxy_flag := nil;
+  X509_set_proxy_pathlen := nil;
+  X509_get_proxy_pathlen := nil;
+  X509_get_extension_flags := nil;
+  X509_get_key_usage := nil;
+  X509_get_extended_key_usage := nil;
+  X509_get0_subject_key_id := nil;
+  X509_get0_authority_key_id := nil;
+  X509_get0_authority_serial := nil;
+  X509_PURPOSE_get_count := nil;
+  X509_PURPOSE_get0 := nil;
+  X509_PURPOSE_get_by_sname := nil;
+  X509_PURPOSE_get_by_id := nil;
+  X509_PURPOSE_get0_name := nil;
+  X509_PURPOSE_get0_sname := nil;
+  X509_PURPOSE_get_trust := nil;
+  X509_PURPOSE_cleanup := nil;
+  X509_PURPOSE_get_id := nil;
+  X509_check_host := nil;
+  X509_check_email := nil;
+  X509_check_ip := nil;
+  X509_check_ip_asc := nil;
+  a2i_IPADDRESS := nil;
+  a2i_IPADDRESS_NC := nil;
+  X509_POLICY_NODE_print := nil;
+  X509v3_addr_get_range := nil;
+  X509v3_asid_validate_path := nil;
+  X509v3_addr_validate_path := nil;
+  NAMING_AUTHORITY_get0_authorityId := nil;
+  NAMING_AUTHORITY_get0_authorityURL := nil;
+  NAMING_AUTHORITY_get0_authorityText := nil;
+  NAMING_AUTHORITY_set0_authorityId := nil;
+  NAMING_AUTHORITY_set0_authorityURL := nil;
+  NAMING_AUTHORITY_set0_authorityText := nil;
+  ADMISSION_SYNTAX_get0_admissionAuthority := nil;
+  ADMISSION_SYNTAX_set0_admissionAuthority := nil;
+  ADMISSIONS_get0_admissionAuthority := nil;
+  ADMISSIONS_set0_admissionAuthority := nil;
+  ADMISSIONS_get0_namingAuthority := nil;
+  ADMISSIONS_set0_namingAuthority := nil;
+  PROFESSION_INFO_get0_addProfessionInfo := nil;
+  PROFESSION_INFO_set0_addProfessionInfo := nil;
+  PROFESSION_INFO_get0_namingAuthority := nil;
+  PROFESSION_INFO_set0_namingAuthority := nil;
+  PROFESSION_INFO_get0_registrationNumber := nil;
+  PROFESSION_INFO_set0_registrationNumber := nil;
+end;
+{$ENDREGION}
+
+end.
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_aes.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_aes.pas
new file mode 100644
index 000000000..fa9b59727
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_aes.pas
@@ -0,0 +1,92 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 14:51:27
+
+unit IdOpenSSLHeaders_aes;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// aes.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+const
+// Added '_CONST' to avoid name clashes
+  AES_ENCRYPT_CONST = 1;
+// Added '_CONST' to avoid name clashes
+  AES_DECRYPT_CONST = 0;
+  AES_MAXNR = 14;
+  AES_BLOCK_SIZE = 16;
+
+type
+  aes_key_st = record
+  // in old IdSSLOpenSSLHeaders.pas it was also TIdC_UINT ¯\_(ツ)_/¯
+//    {$IFDEF AES_LONG}
+//    rd_key: array[0..(4 * (AES_MAXNR + 1))] of TIdC_ULONG;
+//    {$ELSE}
+    rd_key: array[0..(4 * (AES_MAXNR + 1))] of TIdC_UINT;
+//    {$ENDIF}
+    rounds: TIdC_INT;
+  end;
+  AES_KEY = aes_key_st;
+  PAES_KEY = ^AES_KEY;
+
+  function AES_options: PIdAnsiChar cdecl; external CLibCrypto;
+
+  function AES_set_encrypt_key(const userKey: PByte; const bits: TIdC_INT; const key: PAES_KEY): TIdC_INT cdecl; external CLibCrypto;
+  function AES_set_decrypt_key(const userKey: PByte; const bits: TIdC_INT; const key: PAES_KEY): TIdC_INT cdecl; external CLibCrypto;
+
+  procedure AES_encrypt(const &in: PByte; &out: PByte; const key: PAES_KEY) cdecl; external CLibCrypto;
+  procedure AES_decrypt(const &in: PByte; &out: PByte; const key: PAES_KEY) cdecl; external CLibCrypto;
+
+  procedure AES_ecb_encrypt(const &in: PByte; &out: PByte; const key: PAES_KEY; const enc: TIdC_INT) cdecl; external CLibCrypto;
+  procedure AES_cbc_encrypt(const &in: PByte; &out: PByte; length: TIdC_SIZET; const key: PAES_KEY; ivec: PByte; const enc: TIdC_INT) cdecl; external CLibCrypto;
+  procedure AES_cfb128_encrypt(const &in: PByte; &out: PByte; length: TIdC_SIZET; const key: PAES_KEY; ivec: PByte; num: PIdC_INT; const enc: TIdC_INT) cdecl; external CLibCrypto;
+  procedure AES_cfb1_encrypt(const &in: PByte; &out: PByte; length: TIdC_SIZET; const key: PAES_KEY; ivec: PByte; num: PIdC_INT; const enc: TIdC_INT) cdecl; external CLibCrypto;
+  procedure AES_cfb8_encrypt(const &in: PByte; &out: PByte; length: TIdC_SIZET; const key: PAES_KEY; ivec: PByte; num: PIdC_INT; const enc: TIdC_INT) cdecl; external CLibCrypto;
+  procedure AES_ofb128_encrypt(const &in: PByte; &out: PByte; length: TIdC_SIZET; const key: PAES_KEY; ivec: PByte; num: PIdC_INT) cdecl; external CLibCrypto;
+  (* NB: the IV is _two_ blocks long *)
+  procedure AES_ige_encrypt(const &in: PByte; &out: PByte; length: TIdC_SIZET; const key: PAES_KEY; ivec: PByte; const enc: TIdC_INT) cdecl; external CLibCrypto;
+  (* NB: the IV is _four_ blocks long *)
+  procedure AES_bi_ige_encrypt(const &in: PByte; &out: PByte; length: TIdC_SIZET; const key: PAES_KEY; const key2: PAES_KEY; ivec: PByte; const enc: TIdC_INT) cdecl; external CLibCrypto;
+
+  function AES_wrap_key(key: PAES_KEY; const iv: PByte; &out: PByte; const &in: PByte; inlen: TIdC_UINT): TIdC_INT cdecl; external CLibCrypto;
+  function AES_unwrap_key(key: PAES_KEY; const iv: PByte; &out: PByte; const &in: PByte; inlen: TIdC_UINT): TIdC_INT cdecl; external CLibCrypto;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_asn1.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_asn1.pas
new file mode 100644
index 000000000..ba27618f9
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_asn1.pas
@@ -0,0 +1,781 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 14:51:27
+
+unit IdOpenSSLHeaders_asn1;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// asn1.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts,
+  IdOpenSSLHeaders_asn1t,
+  IdOpenSSLHeaders_bio,
+  IdOpenSSlHeaders_ossl_typ;
+
+{$MINENUMSIZE 4}
+
+const
+  (*
+   * NB the constants below are used internally by ASN1_INTEGER
+   * and ASN1_ENUMERATED to indicate the sign. They are *not* on
+   * the wire tag values.
+   *)
+
+  V_ASN1_NEG = $100;
+  V_ASN1_NEG_INTEGER = 2 or V_ASN1_NEG;
+  V_ASN1_NEG_ENUMERATED = 10 or V_ASN1_NEG;
+
+  (* For use with d2i_ASN1_type_bytes() *)
+  B_ASN1_NUMERICSTRING = $0001;
+  B_ASN1_PRINTABLESTRING = $0002;
+  B_ASN1_T61STRING = $0004;
+  B_ASN1_TELETEXSTRING = $0004;
+  B_ASN1_VIDEOTEXSTRING = $0008;
+  B_ASN1_IA5STRING = $0010;
+  B_ASN1_GRAPHICSTRING = $0020;
+  B_ASN1_ISO64STRING = $0040;
+  B_ASN1_VISIBLESTRING = $0040;
+  B_ASN1_GENERALSTRING = $0080;
+  B_ASN1_UNIVERSALSTRING = $0100;
+  B_ASN1_OCTET_STRING = $0200;
+  B_ASN1_BIT_STRING = $0400;
+  B_ASN1_BMPSTRING = $0800;
+  B_ASN1_UNKNOWN = $1000;
+  B_ASN1_UTF8STRING = $2000;
+  B_ASN1_UTCTIME = $4000;
+  B_ASN1_GENERALIZEDTIME = $8000;
+  B_ASN1_SEQUENCE = $10000;
+ (* For use with ASN1_mbstring_copy() *)
+  MBSTRING_FLAG = $1000;
+  MBSTRING_UTF8 = MBSTRING_FLAG;
+  MBSTRING_ASC = MBSTRING_FLAG or 1;
+  MBSTRING_BMP = MBSTRING_FLAG or 2;
+  MBSTRING_UNIV = MBSTRING_FLAG or 4;
+  SMIME_OLDMIME = $400;
+  SMIME_CRLFEOL = $800;
+  SMIME_STREAM = $1000;
+
+//    struct X509_algor_st;
+//DEFINE_STACK_OF(X509_ALGOR)
+
+  ASN1_STRING_FLAG_BITS_LEFT = $08;   (* Set if $07 has bits left value *)
+  (*
+   * This indicates that the ASN1_STRING is not a real value but just a place
+   * holder for the location where indefinite length constructed data should be
+   * inserted in the memory buffer
+   *)
+  ASN1_STRING_FLAG_NDEF = $010;
+
+  (*
+   * This flag is used by the CMS code to indicate that a string is not
+   * complete and is a place holder for content when it had all been accessed.
+   * The flag will be reset when content has been written to it.
+   *)
+
+  ASN1_STRING_FLAG_CONT = $020;
+  (*
+   * This flag is used by ASN1 code to indicate an ASN1_STRING is an MSTRING
+   * type.
+   *)
+  ASN1_STRING_FLAG_MSTRING = $040;
+  (* String is embedded and only content should be freed *)
+  ASN1_STRING_FLAG_EMBED = $080;
+  (* String should be parsed in RFC 5280's time format *)
+  ASN1_STRING_FLAG_X509_TIME = $100;
+
+  (* Used with ASN1 LONG type: if a long is set to this it is omitted *)
+  ASN1_LONG_UNDEF = TIdC_LONG($7fffffff);
+
+  STABLE_FLAGS_MALLOC = $01;
+  (*
+   * A zero passed to ASN1_STRING_TABLE_new_add for the flags is interpreted
+   * as "don't change" and STABLE_FLAGS_MALLOC is always set. By setting
+   * STABLE_FLAGS_MALLOC only we can clear the existing value. Use the alias
+   * STABLE_FLAGS_CLEAR to reflect this.
+   *)
+  STABLE_FLAGS_CLEAR = STABLE_FLAGS_MALLOC;
+  STABLE_NO_MASK = $02;
+  DIRSTRING_TYPE = B_ASN1_PRINTABLESTRING or B_ASN1_T61STRING or B_ASN1_BMPSTRING or B_ASN1_UTF8STRING;
+  PKCS9STRING_TYPE = DIRSTRING_TYPE or B_ASN1_IA5STRING;
+
+  (* size limits: this stuff is taken straight from RFC2459 *)
+  ub_name = 32768;
+  ub_common_name = 64;
+  ub_locality_name = 128;
+  ub_state_name = 128;
+  ub_organization_name = 64;
+  ub_organization_unit_name = 64;
+  ub_title = 64;
+  ub_email_address = 128;
+
+  (* Parameters used by ASN1_STRING_print_ex() *)
+
+  (*
+   * These determine which characters to escape: RFC2253 special characters,
+   * control characters and MSB set characters
+   *)
+  ASN1_STRFLGS_ESC_2253 = 1;
+  ASN1_STRFLGS_ESC_CTRL = 2;
+  ASN1_STRFLGS_ESC_MSB = 4;
+
+  (*
+   * This flag determines how we do escaping: normally RC2253 backslash only,
+   * set this to use backslash and quote.
+   *)
+
+  ASN1_STRFLGS_ESC_QUOTE = 8;
+
+  (* These three flags are internal use only. *)
+
+  (* Character is a valid PrintableString character *)
+  CHARTYPE_PRINTABLESTRING = $10;
+  (* Character needs escaping if it is the first character *)
+  CHARTYPE_FIRST_ESC_2253 = $20;
+  (* Character needs escaping if it is the last character *)
+  CHARTYPE_LAST_ESC_2253 = $40;
+
+  (*
+   * NB the internal flags are safely reused below by flags handled at the top
+   * level.
+   *)
+
+  (*
+   * If this is set we convert all character strings to UTF8 first
+   *)
+
+  ASN1_STRFLGS_UTF8_CONVERT = $10;
+
+  (*
+   * If this is set we don't attempt to interpret content: just assume all
+   * strings are 1 byte per character. This will produce some pretty odd
+   * looking output!
+   *)
+
+  ASN1_STRFLGS_IGNORE_TYPE = $20;
+
+  (* If this is set we include the string type in the output *)
+  ASN1_STRFLGS_SHOW_TYPE = $40;
+
+  (*
+   * This determines which strings to display and which to 'dump' (hex dump of
+   * content octets or DER encoding). We can only dump non character strings or
+   * everything. If we don't dump 'unknown' they are interpreted as character
+   * strings with 1 octet per character and are subject to the usual escaping
+   * options.
+   *)
+
+  ASN1_STRFLGS_DUMP_ALL = $80;
+  ASN1_STRFLGS_DUMP_UNKNOWN = $100;
+
+  (*
+   * These determine what 'dumping' does, we can dump the content octets or the
+   * DER encoding: both use the RFC2253 #XXXXX notation.
+   *)
+
+  ASN1_STRFLGS_DUMP_DER = $200;
+
+  (*
+   * This flag specifies that RC2254 escaping shall be performed.
+   *)
+
+  ASN1_STRFLGS_ESC_2254 = $400;
+
+  (*
+   * All the string flags consistent with RFC2253, escaping control characters
+   * isn't essential in RFC2253 but it is advisable anyway.
+   *)
+
+  ASN1_STRFLGS_RFC2253 = ASN1_STRFLGS_ESC_2253 or ASN1_STRFLGS_ESC_CTRL or
+    ASN1_STRFLGS_ESC_MSB or ASN1_STRFLGS_UTF8_CONVERT or
+    ASN1_STRFLGS_DUMP_UNKNOWN or ASN1_STRFLGS_DUMP_DER;
+
+  B_ASN1_TIME = B_ASN1_UTCTIME or B_ASN1_GENERALIZEDTIME;
+
+  B_ASN1_PRINTABLE = B_ASN1_NUMERICSTRING or B_ASN1_PRINTABLESTRING or
+    B_ASN1_T61STRING or B_ASN1_IA5STRING or B_ASN1_BIT_STRING or
+    B_ASN1_UNIVERSALSTRING or B_ASN1_BMPSTRING or B_ASN1_UTF8STRING or
+    B_ASN1_SEQUENCE or B_ASN1_UNKNOWN;
+
+  B_ASN1_DIRECTORYSTRING = B_ASN1_PRINTABLESTRING or B_ASN1_TELETEXSTRING or
+    B_ASN1_BMPSTRING or B_ASN1_UNIVERSALSTRING or B_ASN1_UTF8STRING;
+
+  B_ASN1_DISPLAYTEXT = B_ASN1_IA5STRING or B_ASN1_VISIBLESTRING or
+    B_ASN1_BMPSTRING or B_ASN1_UTF8STRING;
+
+  (* ASN1 Print flags *)
+  (* Indicate missing OPTIONAL fields *)
+  ASN1_PCTX_FLAGS_SHOW_ABSENT = $001;
+  (* Mark start and end of SEQUENCE *)
+  ASN1_PCTX_FLAGS_SHOW_SEQUENCE = $002;
+  (* Mark start and end of SEQUENCE/SET OF *)
+  ASN1_PCTX_FLAGS_SHOW_SSOF = $004;
+  (* Show the ASN1 type of primitives *)
+  ASN1_PCTX_FLAGS_SHOW_TYPE = $008;
+  (* Don't show ASN1 type of ANY *)
+  ASN1_PCTX_FLAGS_NO_ANY_TYPE = $010;
+  (* Don't show ASN1 type of MSTRINGs *)
+  ASN1_PCTX_FLAGS_NO_MSTRING_TYPE = $020;
+  (* Don't show field names in SEQUENCE *)
+  ASN1_PCTX_FLAGS_NO_FIELD_NAME = $040;
+  (* Show structure names of each SEQUENCE field *)
+  ASN1_PCTX_FLAGS_SHOW_FIELD_STRUCT_NAME = $080;
+  (* Don't show structure name even at top level *)
+  ASN1_PCTX_FLAGS_NO_STRUCT_NAME = $100;
+
+type
+// Moved to ossl_type to prevent circular references
+///(* This is the base type that holds just about everything :-) *)
+//  asn1_string_st = record
+//    length: TIdC_int;
+//    &type: TIdC_int;
+//    data: PByte;
+//    (*
+//     * The value of the following field depends on the type being held.  It
+//     * is mostly being used for BIT_STRING so if the input data has a
+//     * non-zero 'unused bits' value, it will be handled correctly
+//     *)
+//    flags: TIdC_long;
+//  end;
+
+  (*
+   * ASN1_ENCODING structure: this is used to save the received encoding of an
+   * ASN1 type. This is useful to get round problems with invalid encodings
+   * which can break signatures.
+   *)
+
+  ASN1_ENCODING_st = record
+    enc: PIdAnsiChar;           (* DER encoding *)
+    len: TIdC_LONG;                     (* Length of encoding *)
+    modified: TIdC_INT;                 (* set to 1 if 'enc' is invalid *)
+  end;
+  ASN1_ENCODING = ASN1_ENCODING_st;
+
+  asn1_string_table_st = record
+    nid: TIdC_INT;
+    minsize: TIdC_LONG;
+    maxsize: TIdC_LONG;
+    mask: TIdC_ULONG;
+    flags: TIdC_ULONG;
+  end;
+  ASN1_STRING_TABLE = asn1_string_table_st;
+  PASN1_STRING_TABLE = ^ASN1_STRING_TABLE;
+
+// DEFINE_STACK_OF(ASN1_STRING_TABLE)
+
+  (*                  !!!
+   * Declarations for template structures: for full definitions see asn1t.h
+   *)
+  (* This is just an opaque pointer *)
+// typedef struct ASN1_VALUE_st ASN1_VALUE;
+
+  (* Declare ASN1 functions: the implement macro in in asn1t.h *)
+
+//# define DECLARE_ASN1_FUNCTIONS(type) DECLARE_ASN1_FUNCTIONS_name(type, type)
+//
+//# define DECLARE_ASN1_ALLOC_FUNCTIONS(type) \
+//        DECLARE_ASN1_ALLOC_FUNCTIONS_name(type, type)
+//
+//# define DECLARE_ASN1_FUNCTIONS_name(type, name) \
+//        DECLARE_ASN1_ALLOC_FUNCTIONS_name(type, name) \
+//        DECLARE_ASN1_ENCODE_FUNCTIONS(type, name, name)
+//
+//# define DECLARE_ASN1_FUNCTIONS_fname(type, itname, name) \
+//        DECLARE_ASN1_ALLOC_FUNCTIONS_name(type, name) \
+//        DECLARE_ASN1_ENCODE_FUNCTIONS(type, itname, name)
+//
+//# define DECLARE_ASN1_ENCODE_FUNCTIONS(type, itname, name) \
+//        type *d2i_##name(type **a, const unsigned char **in, long len); \
+//        int i2d_##name(type *a, unsigned char **out); \
+//        DECLARE_ASN1_ITEM(itname)
+//
+//# define DECLARE_ASN1_ENCODE_FUNCTIONS_const(type, name) \
+//        type *d2i_##name(type **a, const unsigned char **in, long len); \
+//        int i2d_##name(const type *a, unsigned char **out); \
+//        DECLARE_ASN1_ITEM(name)
+//
+//# define DECLARE_ASN1_NDEF_FUNCTION(name) \
+//        int i2d_##name##_NDEF(name *a, unsigned char **out);
+//
+//# define DECLARE_ASN1_FUNCTIONS_const(name) \
+//        DECLARE_ASN1_ALLOC_FUNCTIONS(name) \
+//        DECLARE_ASN1_ENCODE_FUNCTIONS_const(name, name)
+//
+//# define DECLARE_ASN1_ALLOC_FUNCTIONS_name(type, name) \
+//        type *name##_new(void); \
+//        void name##_free(type *a);
+//
+//# define DECLARE_ASN1_PRINT_FUNCTION(stname) \
+//        DECLARE_ASN1_PRINT_FUNCTION_fname(stname, stname)
+//
+//# define DECLARE_ASN1_PRINT_FUNCTION_fname(stname, fname) \
+//        int fname##_print_ctx(BIO *out, stname *x, int indent, \
+//                                         const ASN1_PCTX *pctx);
+//
+//# define D2I_OF(type) type *(*)(type **,const unsigned char **,long)
+//# define I2D_OF(type) int (*)(type *,unsigned char **)
+//# define I2D_OF_const(type) int (*)(const type *,unsigned char **)
+//
+//# define CHECKED_D2I_OF(type, d2i) \
+//    ((d2i_of_void*) (1 ? d2i : ((D2I_OF(type))0)))
+//# define CHECKED_I2D_OF(type, i2d) \
+//    ((i2d_of_void*) (1 ? i2d : ((I2D_OF(type))0)))
+//# define CHECKED_NEW_OF(type, xnew) \
+//    ((void *(*)(void)) (1 ? xnew : ((type *(*)(void))0)))
+//# define CHECKED_PTR_OF(type, p) \
+//    ((void*) (1 ? p : (type*)0))
+//# define CHECKED_PPTR_OF(type, p) \
+//    ((void**) (1 ? p : (type**)0))
+//
+//# define TYPEDEF_D2I_OF(type) typedef type *d2i_of_##type(type **,const unsigned char **,long)
+//# define TYPEDEF_I2D_OF(type) typedef int i2d_of_##type(type *,unsigned char **)
+//# define TYPEDEF_D2I2D_OF(type) TYPEDEF_D2I_OF(type); TYPEDEF_I2D_OF(type)
+//
+//TYPEDEF_D2I2D_OF(void);
+
+  (*-
+   * The following macros and typedefs allow an ASN1_ITEM
+   * to be embedded in a structure and referenced. Since
+   * the ASN1_ITEM pointers need to be globally accessible
+   * (possibly from shared libraries) they may exist in
+   * different forms. On platforms that support it the
+   * ASN1_ITEM structure itself will be globally exported.
+   * Other platforms will export a function that returns
+   * an ASN1_ITEM pointer.
+   *
+   * To handle both cases transparently the macros below
+   * should be used instead of hard coding an ASN1_ITEM
+   * pointer in a structure.
+   *
+   * The structure will look like this:
+   *
+   * typedef struct SOMETHING_st {
+   *      ...
+   *      ASN1_ITEM_EXP *iptr;
+   *      ...
+   * } SOMETHING;
+   *
+   * It would be initialised as e.g.:
+   *
+   * SOMETHING somevar = {...,ASN1_ITEM_ref(X509),...};
+   *
+   * and the actual pointer extracted with:
+   *
+   * const ASN1_ITEM *it = ASN1_ITEM_ptr(somevar.iptr);
+   *
+   * Finally an ASN1_ITEM pointer can be extracted from an
+   * appropriate reference with: ASN1_ITEM_rptr(X509). This
+   * would be used when a function takes an ASN1_ITEM * argument.
+   *
+   *)
+		
+// # ifndef OPENSSL_EXPORT_VAR_AS_FUNCTION
+
+///(* ASN1_ITEM pointer exported type *)
+//typedef const ASN1_ITEM ASN1_ITEM_EXP;
+//
+///(* Macro to obtain ASN1_ITEM pointer from exported type *)
+//#  define ASN1_ITEM_ptr(iptr) (iptr)
+//
+// (* Macro to include ASN1_ITEM pointer from base type *)
+//#  define ASN1_ITEM_ref(iptr) (&(iptr##_it))
+//
+//#  define ASN1_ITEM_rptr(ref) (&(ref##_it))
+//
+//#  define DECLARE_ASN1_ITEM(name) \
+//        OPENSSL_EXTERN const ASN1_ITEM name##_it;
+//
+//# else
+
+// (*
+// * Platforms that can't easily handle shared global variables are declared as
+// * functions returning ASN1_ITEM pointers.
+// *)
+
+///(* ASN1_ITEM pointer exported type *)
+//typedef const ASN1_ITEM *ASN1_ITEM_EXP (void);
+//
+///(* Macro to obtain ASN1_ITEM pointer from exported type *)
+//#  define ASN1_ITEM_ptr(iptr) (iptr())
+//
+///(* Macro to include ASN1_ITEM pointer from base type *)
+//#  define ASN1_ITEM_ref(iptr) (iptr##_it)
+//
+//#  define ASN1_ITEM_rptr(ref) (ref##_it())
+//
+//#  define DECLARE_ASN1_ITEM(name) \
+//        const ASN1_ITEM * name##_it(void);
+//
+//# endif
+
+//DEFINE_STACK_OF(ASN1_INTEGER)
+//
+//DEFINE_STACK_OF(ASN1_GENERALSTRING)
+//
+//DEFINE_STACK_OF(ASN1_UTF8STRING)
+
+//DEFINE_STACK_OF(ASN1_TYPE)
+//
+//typedef STACK_OF(ASN1_TYPE) ASN1_SEQUENCE_ANY;
+//
+//DECLARE_ASN1_ENCODE_FUNCTIONS_const(ASN1_SEQUENCE_ANY, ASN1_SEQUENCE_ANY)
+//DECLARE_ASN1_ENCODE_FUNCTIONS_const(ASN1_SEQUENCE_ANY, ASN1_SET_ANY)
+
+  (* This is used to contain a list of bit names *)
+
+  BIT_STRING_BITNAME_st = record
+    bitnum: TIdC_INT;
+    lname: PIdAnsiChar;
+    sname: PIdAnsiChar;
+  end;
+  BIT_STRING_BITNAME = BIT_STRING_BITNAME_st;
+  PBIT_STRING_BITNAME = ^BIT_STRING_BITNAME;
+
+// DECLARE_ASN1_FUNCTIONS_fname(ASN1_TYPE, ASN1_ANY, ASN1_TYPE)
+  function ASN1_TYPE_get(const a: PASN1_TYPE): TIdC_INT cdecl; external CLibCrypto;
+  procedure ASN1_TYPE_set(a: PASN1_TYPE; &type: TIdC_INT; value: Pointer) cdecl; external CLibCrypto;
+  function ASN1_TYPE_set1(a: PASN1_TYPE; &type: TIdC_INT; const value: Pointer): TIdC_INT cdecl; external CLibCrypto;
+  function ASN1_TYPE_cmp(const a: PASN1_TYPE; const b: PASN1_TYPE): TIdC_INT cdecl; external CLibCrypto;
+
+  function ASN1_TYPE_pack_sequence(const it: PASN1_ITEM; s: Pointer; t: PPASN1_TYPE): PASN1_TYPE cdecl; external CLibCrypto;
+  function ASN1_TYPE_unpack_sequence(const it: PASN1_ITEM; const t: PASN1_TYPE): Pointer cdecl; external CLibCrypto;
+
+  function ASN1_OBJECT_new: PASN1_OBJECT cdecl; external CLibCrypto;
+  procedure ASN1_OBJECT_free(a: PASN1_OBJECT) cdecl; external CLibCrypto;
+  function i2d_ASN1_OBJECT(const a: PASN1_OBJECT; pp: PPByte): TIdC_INT cdecl; external CLibCrypto;
+  function d2i_ASN1_OBJECT(a: PPASN1_OBJECT; const pp: PPByte; length: TIdC_LONG): PASN1_OBJECT cdecl; external CLibCrypto;
+
+  //DECLARE_ASN1_ITEM(ASN1_OBJECT)
+  //
+  //DEFINE_STACK_OF(ASN1_OBJECT)
+
+  function ASN1_STRING_new: PASN1_STRING cdecl; external CLibCrypto;
+  procedure ASN1_STRING_free(a: PASN1_STRING) cdecl; external CLibCrypto;
+  procedure ASN1_STRING_clear_free(a: PASN1_STRING) cdecl; external CLibCrypto;
+  function ASN1_STRING_copy(dst: PASN1_STRING; const str: PASN1_STRING): TIdC_INT cdecl; external CLibCrypto;
+  function ASN1_STRING_dup(const a: PASN1_STRING): PASN1_STRING cdecl; external CLibCrypto;
+  function ASN1_STRING_type_new(&type: TIdC_INT): PASN1_STRING cdecl; external CLibCrypto;
+  function ASN1_STRING_cmp(const a: PASN1_STRING; const b: PASN1_STRING): TIdC_INT cdecl; external CLibCrypto;
+
+  (*
+   * Since this is used to store all sorts of things, via macros, for now,
+   * make its data void *
+   *)
+  function ASN1_STRING_set(str: PASN1_STRING; const data: Pointer; len: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  procedure ASN1_STRING_set0(str: PASN1_STRING; data: Pointer; len: TIdC_INT) cdecl; external CLibCrypto;
+  function ASN1_STRING_length(const x: PASN1_STRING): TIdC_INT cdecl; external CLibCrypto;
+  procedure ASN1_STRING_length_set(x: PASN1_STRING; n: TIdC_INT) cdecl; external CLibCrypto;
+  function ASN1_STRING_type(const x: PASN1_STRING): TIdC_INT cdecl; external CLibCrypto;
+  function ASN1_STRING_get0_data(const x: PASN1_STRING): PByte cdecl; external CLibCrypto;
+
+  //DECLARE_ASN1_FUNCTIONS(ASN1_BIT_STRING)
+  function ASN1_BIT_STRING_set(a: PASN1_BIT_STRING; d: PByte; length: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function ASN1_BIT_STRING_set_bit(a: PASN1_BIT_STRING; n: TIdC_INT; value: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function ASN1_BIT_STRING_get_bit(const a: PASN1_BIT_STRING; n: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function ASN1_BIT_STRING_check(const a: PASN1_BIT_STRING; const flags: PByte; flags_len: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+
+  function ASN1_BIT_STRING_name_print(&out: PBIO; bs: PASN1_BIT_STRING; tbl: PBIT_STRING_BITNAME; indent: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function ASN1_BIT_STRING_num_asc(const name: PIdAnsiChar; tbl: PBIT_STRING_BITNAME): TIdC_INT cdecl; external CLibCrypto;
+  function ASN1_BIT_STRING_set_asc(bs: PASN1_BIT_STRING; const name: PIdAnsiChar; value: TIdC_INT; tbl: PBIT_STRING_BITNAME): TIdC_INT cdecl; external CLibCrypto;
+
+  //DECLARE_ASN1_FUNCTIONS(ASN1_INTEGER)
+  function d2i_ASN1_UINTEGER(a: PPASN1_INTEGER; const pp: PPByte; length: TIdC_LONG): PASN1_INTEGER cdecl; external CLibCrypto;
+  function ASN1_INTEGER_dup(const x: PASN1_INTEGER): PASN1_INTEGER cdecl; external CLibCrypto;
+  function ASN1_INTEGER_cmp(const x: PASN1_INTEGER; const y: PASN1_INTEGER): TIdC_INT cdecl; external CLibCrypto;
+
+  // DECLARE_ASN1_FUNCTIONS(ASN1_ENUMERATED)
+
+  function ASN1_UTCTIME_check(const a: PASN1_UTCTIME): TIdC_INT cdecl; external CLibCrypto;
+  function ASN1_UTCTIME_set(s: PASN1_UTCTIME; t: TIdC_TIMET): PASN1_UTCTIME cdecl; external CLibCrypto;
+  function ASN1_UTCTIME_adj(s: PASN1_UTCTIME; t: TIdC_TIMET; offset_day: TIdC_INT; offset_sec: TIdC_LONG): PASN1_UTCTIME cdecl; external CLibCrypto;
+  function ASN1_UTCTIME_set_string(s: PASN1_UTCTIME; const str: PAnsiChar): TIdC_INT cdecl; external CLibCrypto;
+  function ASN1_UTCTIME_cmp_time_t(const s: PASN1_UTCTIME; t: TIdC_TIMET): TIdC_INT cdecl; external CLibCrypto;
+
+  function ASN1_GENERALIZEDTIME_check(const a: PASN1_GENERALIZEDTIME): TIdC_INT cdecl; external CLibCrypto;
+  function ASN1_GENERALIZEDTIME_set(s: PASN1_GENERALIZEDTIME; t: TIdC_TIMET): PASN1_GENERALIZEDTIME cdecl; external CLibCrypto;
+  function ASN1_GENERALIZEDTIME_adj(s: PASN1_GENERALIZEDTIME; t: TIdC_TIMET; offset_day: TIdC_INT; offset_sec: TIdC_LONG): PASN1_GENERALIZEDTIME cdecl; external CLibCrypto;
+  function ASN1_GENERALIZEDTIME_set_string(s: pASN1_GENERALIZEDTIME; const str: PAnsiChar): TIdC_INT cdecl; external CLibCrypto;
+
+  function ASN1_TIME_diff(pday: PIdC_INT; psec: PIdC_INT; const from: PASN1_TIME; const &to: PASN1_TIME): TIdC_INT cdecl; external CLibCrypto;
+
+  // DECLARE_ASN1_FUNCTIONS(ASN1_OCTET_STRING)
+  function ASN1_OCTET_STRING_dup(const a: PASN1_OCTET_STRING): PASN1_OCTET_STRING cdecl; external CLibCrypto;
+  function ASN1_OCTET_STRING_cmp(const a: PASN1_OCTET_STRING; const b: PASN1_OCTET_STRING): TIdC_INT cdecl; external CLibCrypto;
+  function ASN1_OCTET_STRING_set(str: PASN1_OCTET_STRING; const data: PByte; len: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+
+  //DECLARE_ASN1_FUNCTIONS(ASN1_VISIBLESTRING)
+  //DECLARE_ASN1_FUNCTIONS(ASN1_UNIVERSALSTRING)
+  //DECLARE_ASN1_FUNCTIONS(ASN1_UTF8STRING)
+  //DECLARE_ASN1_FUNCTIONS(ASN1_NULL)
+  //DECLARE_ASN1_FUNCTIONS(ASN1_BMPSTRING)
+
+  function UTF8_getc(const str: PByte; len: TIdC_INT; val: PIdC_ULONG): TIdC_INT cdecl; external CLibCrypto;
+  function UTF8_putc(str: PIdAnsiChar; len: TIdC_INT; value: TIdC_ULONG): TIdC_INT cdecl; external CLibCrypto;
+
+  //DECLARE_ASN1_FUNCTIONS_name(ASN1_STRING, ASN1_PRINTABLE)
+  //
+  //DECLARE_ASN1_FUNCTIONS_name(ASN1_STRING, DIRECTORYSTRING)
+  //DECLARE_ASN1_FUNCTIONS_name(ASN1_STRING, DISPLAYTEXT)
+  //DECLARE_ASN1_FUNCTIONS(ASN1_PRINTABLESTRING)
+  //DECLARE_ASN1_FUNCTIONS(ASN1_T61STRING)
+  //DECLARE_ASN1_FUNCTIONS(ASN1_IA5STRING)
+  //DECLARE_ASN1_FUNCTIONS(ASN1_GENERALSTRING)
+  //DECLARE_ASN1_FUNCTIONS(ASN1_UTCTIME)
+  //DECLARE_ASN1_FUNCTIONS(ASN1_GENERALIZEDTIME)
+  //DECLARE_ASN1_FUNCTIONS(ASN1_TIME)
+
+  // DECLARE_ASN1_ITEM(ASN1_OCTET_STRING_NDEF)
+
+  function ASN1_TIME_set(s: PASN1_TIME; t: TIdC_TIMET): PASN1_TIME cdecl; external CLibCrypto;
+  function ASN1_TIME_adj(s: PASN1_TIME; t: TIdC_TIMET; offset_day: TIdC_INT; offset_sec: TIdC_LONG): PASN1_TIME cdecl; external CLibCrypto;
+  function ASN1_TIME_check(const t: PASN1_TIME): TIdC_INT cdecl; external CLibCrypto;
+  function ASN1_TIME_to_generalizedtime(const t: PASN1_TIME; &out: PPASN1_GENERALIZEDTIME): PASN1_GENERALIZEDTIME cdecl; external CLibCrypto;
+  function ASN1_TIME_set_string(s: PASN1_TIME; const str: PIdAnsiChar): TIdC_INT cdecl; external CLibCrypto;
+  function ASN1_TIME_set_string_X509(s: PASN1_TIME; const str: PIdAnsiChar): TIdC_INT cdecl; external CLibCrypto;
+  function ASN1_TIME_to_tm(const s: PASN1_TIME; tm: PIdC_TM): TIdC_INT cdecl; external CLibCrypto;
+  function ASN1_TIME_normalize(s: PASN1_TIME): TIdC_INT cdecl; external CLibCrypto;
+  function ASN1_TIME_cmp_time_t(const s: PASN1_TIME; t: TIdC_TIMET): TIdC_INT cdecl; external CLibCrypto;
+  function ASN1_TIME_compare(const a: PASN1_TIME; const b: PASN1_TIME): TIdC_INT cdecl; external CLibCrypto;
+
+  function i2a_ASN1_INTEGER(bp: PBIO; const a: PASN1_INTEGER): TIdC_INT cdecl; external CLibCrypto;
+  function a2i_ASN1_INTEGER(bp: PBIO; bs: PASN1_INTEGER; buf: PIdAnsiChar; size: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function i2a_ASN1_ENUMERATED(bp: PBIO; const a: PASN1_ENUMERATED): TIdC_INT cdecl; external CLibCrypto;
+  function a2i_ASN1_ENUMERATED(bp: PBIO; bs: PASN1_ENUMERATED; buf: PIdAnsiChar; size: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function i2a_ASN1_OBJECT(bp: PBIO; const a: PASN1_OBJECT): TIdC_INT cdecl; external CLibCrypto;
+  function a2i_ASN1_STRING(bp: PBIO; bs: PASN1_STRING; buf: PAnsiChar; size: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function i2a_ASN1_STRING(bp: PBIO; const a: PASN1_STRING; &type: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function i2t_ASN1_OBJECT(buf: PAnsiChar; buf_len: TIdC_INT; const a: PASN1_OBJECT): TIdC_INT cdecl; external CLibCrypto;
+
+  function a2d_ASN1_OBJECT(&out: PByte; olen: TIdC_INT; const buf: PIdAnsiChar; num: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function ASN1_OBJECT_create(nid: TIdC_INT; data: PByte; len: TIdC_INT; const sn: PAnsiChar; const ln: PAnsiChar): PASN1_OBJECT cdecl; external CLibCrypto;
+
+  function ASN1_INTEGER_get_int64(pr: PIdC_Int64; const a: PASN1_INTEGER): TIdC_INT cdecl; external CLibCrypto;
+  function ASN1_INTEGER_set_int64(a: PASN1_INTEGER; r: TIdC_Int64): TIdC_INT cdecl; external CLibCrypto;
+  function ASN1_INTEGER_get_uint64(pr: PIdC_UInt64; const a: PASN1_INTEGER): TIdC_INT cdecl; external CLibCrypto;
+  function ASN1_INTEGER_set_uint64(a: PASN1_INTEGER; r: TIdC_UInt64): TIdC_INT cdecl; external CLibCrypto;
+
+  function ASN1_INTEGER_set(a: PASN1_INTEGER; v: TIdC_LONG): TIdC_INT cdecl; external CLibCrypto;
+  function ASN1_INTEGER_get(const a: PASN1_INTEGER): TIdC_LONG cdecl; external CLibCrypto;
+  function BN_to_ASN1_INTEGER(const bn: PBIGNUM; ai: PASN1_INTEGER): PASN1_INTEGER cdecl; external CLibCrypto;
+  function ASN1_INTEGER_to_BN(const ai: PASN1_INTEGER; bn: PBIGNUM): PBIGNUM cdecl; external CLibCrypto;
+
+  function ASN1_ENUMERATED_get_int64(pr: PIdC_Int64; const a: PASN1_ENUMERATED): TIdC_INT cdecl; external CLibCrypto;
+  function ASN1_ENUMERATED_set_int64(a: PASN1_ENUMERATED; r: TIdC_Int64): TIdC_INT cdecl; external CLibCrypto;
+
+
+  function ASN1_ENUMERATED_set(a: PASN1_ENUMERATED; v: TIdC_LONG): TIdC_INT cdecl; external CLibCrypto;
+  function ASN1_ENUMERATED_get(const a: PASN1_ENUMERATED): TIdC_LONG cdecl; external CLibCrypto;
+  function BN_to_ASN1_ENUMERATED(const bn: PBIGNUM; ai: PASN1_ENUMERATED): PASN1_ENUMERATED cdecl; external CLibCrypto;
+  function ASN1_ENUMERATED_to_BN(const ai: PASN1_ENUMERATED; bn: PBIGNUM): PBIGNUM cdecl; external CLibCrypto;
+
+  (* General *)
+  (* given a string, return the correct type, max is the maximum length *)
+  function ASN1_PRINTABLE_type(const s: PByte; max: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+
+  function ASN1_tag2bit(tag: TIdC_INT): TIdC_ULONG cdecl; external CLibCrypto;
+
+  (* SPECIALS *)
+  function ASN1_get_object(const pp: PPByte; plength: PIdC_LONG; ptag: PIdC_INT; pclass: PIdC_INT; omax: TIdC_LONG): TIdC_INT cdecl; external CLibCrypto;
+  function ASN1_check_infinite_end(p: PPByte; len: TIdC_LONG): TIdC_INT cdecl; external CLibCrypto;
+  function ASN1_const_check_infinite_end(const p: PPByte; len: TIdC_LONG): TIdC_INT cdecl; external CLibCrypto;
+  procedure ASN1_put_object(pp: PPByte; constructed: TIdC_INT; length: TIdC_INT; tag: TIdC_INT; xclass: TIdC_INT) cdecl; external CLibCrypto;
+  function ASN1_put_eoc(pp: PPByte): TIdC_INT cdecl; external CLibCrypto;
+  function ASN1_object_size(constructed: TIdC_INT; length: TIdC_INT; tag: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+
+  (* Used to implement other functions *)
+  //void *ASN1_dup(i2d_of_void *i2d, d2i_of_void *d2i, void *x);
+  //
+  //# define ASN1_dup_of(type,i2d,d2i,x) \
+  //    ((type*)ASN1_dup(CHECKED_I2D_OF(type, i2d), \
+  //                     CHECKED_D2I_OF(type, d2i), \
+  //                     CHECKED_PTR_OF(type, x)))
+  //
+  //# define ASN1_dup_of_const(type,i2d,d2i,x) \
+  //    ((type*)ASN1_dup(CHECKED_I2D_OF(const type, i2d), \
+  //                     CHECKED_D2I_OF(type, d2i), \
+  //                     CHECKED_PTR_OF(const type, x)))
+  //
+  function ASN1_item_dup(const it: PASN1_ITEM; x: Pointer): Pointer cdecl; external CLibCrypto;
+
+    (* ASN1 alloc/free macros for when a type is only used internally *)
+
+  //# define M_ASN1_new_of(type) (type *)ASN1_item_new(ASN1_ITEM_rptr(type))
+  //# define M_ASN1_free_of(x, type) \
+  //                ASN1_item_free(CHECKED_PTR_OF(type, x), ASN1_ITEM_rptr(type))
+  //
+  //# ifndef OPENSSL_NO_STDIO
+  //void *ASN1_d2i_fp(void *(*xnew) (void), d2i_of_void *d2i, FILE *in, void **x);
+
+  //#  define ASN1_d2i_fp_of(type,xnew,d2i,in,x) \
+  //    ((type*)ASN1_d2i_fp(CHECKED_NEW_OF(type, xnew), \
+  //                        CHECKED_D2I_OF(type, d2i), \
+  //                        in, \
+  //                        CHECKED_PPTR_OF(type, x)))
+  //
+  //function ASN1_item_d2i_fp(const it: PASN1_ITEM; &in: PFILE; x: Pointer): Pointer;
+  //function ASN1_i2d_fp(i2d: Pi2d_of_void; &out: PFILE; x: Pointer): TIdC_INT;
+  //
+  //#  define ASN1_i2d_fp_of(type,i2d,out,x) \
+  //    (ASN1_i2d_fp(CHECKED_I2D_OF(type, i2d), \
+  //                 out, \
+  //                 CHECKED_PTR_OF(type, x)))
+  //
+  //#  define ASN1_i2d_fp_of_const(type,i2d,out,x) \
+  //    (ASN1_i2d_fp(CHECKED_I2D_OF(const type, i2d), \
+  //                 out, \
+  //                 CHECKED_PTR_OF(const type, x)))
+  //
+  //function ASN1_item_i2d_fp(const it: PASN1_ITEM; &out: PFILE; x: Pointer): TIdC_INT;
+  //function ASN1_STRING_print_ex_fp(&fp: PFILE; const str: PASN1_STRING; flags: TIdC_ULONG): TIdC_INT;
+  //# endif
+
+  function ASN1_STRING_to_UTF8(&out: PPByte; const &in: PASN1_STRING): TIdC_INT cdecl; external CLibCrypto;
+
+  //void *ASN1_d2i_bio(void *(*xnew) (void), d2i_of_void *d2i, BIO *in, void **x);
+
+  //#  define ASN1_d2i_bio_of(type,xnew,d2i,in,x) \
+  //    ((type*)ASN1_d2i_bio( CHECKED_NEW_OF(type, xnew), \
+  //                          CHECKED_D2I_OF(type, d2i), \
+  //                          in, \
+  //                          CHECKED_PPTR_OF(type, x)))
+
+  function ASN1_item_d2i_bio(const it: PASN1_ITEM; &in: PBIO; x: Pointer): Pointer cdecl; external CLibCrypto;
+  function ASN1_i2d_bio(i2d: Pi2d_of_void; &out: PBIO; x: PByte): TIdC_INT cdecl; external CLibCrypto;
+
+  //#  define ASN1_i2d_bio_of(type,i2d,out,x) \
+  //    (ASN1_i2d_bio(CHECKED_I2D_OF(type, i2d), \
+  //                  out, \
+  //                  CHECKED_PTR_OF(type, x)))
+  //
+  //#  define ASN1_i2d_bio_of_const(type,i2d,out,x) \
+  //    (ASN1_i2d_bio(CHECKED_I2D_OF(const type, i2d), \
+  //                  out, \
+  //                  CHECKED_PTR_OF(const type, x)))
+
+  function ASN1_item_i2d_bio(const it: PASN1_ITEM; &out: PBIO; x: Pointer): TIdC_INT cdecl; external CLibCrypto;
+  function ASN1_UTCTIME_print(fp: PBIO; const a: PASN1_UTCTIME): TIdC_INT cdecl; external CLibCrypto;
+  function ASN1_GENERALIZEDTIME_print(fp: PBIO; const a: PASN1_GENERALIZEDTIME): TIdC_INT cdecl; external CLibCrypto;
+  function ASN1_TIME_print(fp: PBIO; const a: PASN1_TIME): TIdC_INT cdecl; external CLibCrypto;
+  function ASN1_STRING_print(bp: PBIO; const v: PASN1_STRING): TIdC_INT cdecl; external CLibCrypto;
+  function ASN1_STRING_print_ex(&out: PBIO; const str: PASN1_STRING; flags: TIdC_ULONG): TIdC_INT cdecl; external CLibCrypto;
+  function ASN1_buf_print(bp: PBIO; const buf: PByte; buflen: TIdC_SIZET; off: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function ASN1_bn_print(bp: PBIO; const number: PIdAnsiChar; const num: PBIGNUM; buf: PByte; off: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function ASN1_parse(bp: PBIO; const pp: PByte; len: TIdC_LONG; indent: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function ASN1_parse_dump(bp: PPBIO; const pp: PByte; len: TIdC_LONG; indent: TIdC_INT; dump: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function ASN1_tag2str(tag: TIdC_INT): PIdAnsiChar cdecl; external CLibCrypto;
+
+  (* Used to load and write Netscape format cert *)
+
+  function ASN1_UNIVERSALSTRING_to_string(s: PASN1_UNIVERSALSTRING): TIdC_INT cdecl; external CLibCrypto;
+
+  function ASN1_TYPE_set_octetstring(a: PASN1_TYPE; data: PByte; len: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function ASN1_TYPE_get_octetstring(const a: PASN1_TYPE; data: PByte; max_len: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function ASN1_TYPE_set_int_octetstring(a: PASN1_TYPE; num: TIdC_LONG; data: PByte; len: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function ASN1_TYPE_get_int_octetstring(const a: PASN1_TYPE; num: PIdC_LONG; data: PByte; max_len: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+
+  function ASN1_item_unpack(const oct: PASN1_STRING; const it: PASN1_ITEM): Pointer cdecl; external CLibCrypto;
+
+  function ASN1_item_pack(obj: Pointer; const it: PASN1_ITEM; oct: PPASN1_OCTET_STRING): PASN1_STRING cdecl; external CLibCrypto;
+
+  procedure ASN1_STRING_set_default_mask(mask: TIdC_ULONG) cdecl; external CLibCrypto;
+  function ASN1_STRING_set_default_mask_asc(const p: PAnsiChar): TIdC_INT cdecl; external CLibCrypto;
+  function ASN1_STRING_get_default_mask: TIdC_ULONG cdecl; external CLibCrypto;
+  function ASN1_mbstring_copy(&out: PPASN1_STRING; const &in: PByte; len: TIdC_INT; inform: TIdC_INT; mask: TIdC_ULONG): TIdC_INT cdecl; external CLibCrypto;
+  function ASN1_mbstring_ncopy(&out: PPASN1_STRING; const &in: PByte; len: TIdC_INT; inform: TIdC_INT; mask: TIdC_ULONG; minsize: TIdC_LONG; maxsize: TIdC_LONG): TIdC_INT cdecl; external CLibCrypto;
+
+  function ASN1_STRING_set_by_NID(&out: PPASN1_STRING; const &in: PByte; inlen: TIdC_INT; inform: TIdC_INT; nid: TIdC_INT): PASN1_STRING cdecl; external CLibCrypto;
+  function ASN1_STRING_TABLE_get(nid: TIdC_INT): PASN1_STRING_TABLE cdecl; external CLibCrypto;
+  function ASN1_STRING_TABLE_add(v1: TIdC_INT; v2: TIdC_LONG; v3: TIdC_LONG; v4: TIdC_ULONG; v5: TIdC_ULONG): TIdC_INT cdecl; external CLibCrypto;
+  procedure ASN1_STRING_TABLE_cleanup cdecl; external CLibCrypto;
+
+  (* ASN1 template functions *)
+
+  (* Old API compatible functions *)
+  function ASN1_item_new(const it: PASN1_ITEM): PASN1_VALUE cdecl; external CLibCrypto;
+  procedure ASN1_item_free(val: PASN1_VALUE; const it: PASN1_ITEM) cdecl; external CLibCrypto;
+  function ASN1_item_d2i(val: PPASN1_VALUE; const &in: PPByte; len: TIdC_LONG; const it: PASN1_ITEM): PASN1_VALUE cdecl; external CLibCrypto;
+  function ASN1_item_i2d(val: PASN1_VALUE; &out: PPByte; const it: PASN1_ITEM): TIdC_INT cdecl; external CLibCrypto;
+  function ASN1_item_ndef_i2d(val: PASN1_VALUE; &out: PPByte; const it: PASN1_ITEM): TIdC_INT cdecl; external CLibCrypto;
+
+  procedure ASN1_add_oid_module cdecl; external CLibCrypto;
+  procedure ASN1_add_stable_module cdecl; external CLibCrypto;
+
+  function ASN1_generate_nconf(const str: PAnsiChar; nconf: PCONF): PASN1_TYPE cdecl; external CLibCrypto;
+  function ASN1_generate_v3(const str: PAnsiChar; cnf: PX509V3_CTX): PASN1_TYPE cdecl; external CLibCrypto;
+  function ASN1_str2mask(const str: PByte; pmask: PIdC_ULONG): TIdC_INT cdecl; external CLibCrypto;
+
+  function ASN1_item_print(&out: PBIO; ifld: PASN1_VALUE; indent: TIdC_INT; const it: PASN1_ITEM; const pctx: PASN1_PCTX): TIdC_INT cdecl; external CLibCrypto;
+  function ASN1_PCTX_new: PASN1_PCTX cdecl; external CLibCrypto;
+  procedure ASN1_PCTX_free(p: PASN1_PCTX) cdecl; external CLibCrypto;
+  function ASN1_PCTX_get_flags(const p: PASN1_PCTX): TIdC_ULONG cdecl; external CLibCrypto;
+  procedure ASN1_PCTX_set_flags(p: PASN1_PCTX; flags: TIdC_ULONG) cdecl; external CLibCrypto;
+  function ASN1_PCTX_get_nm_flags(const p: PASN1_PCTX): TIdC_ULONG cdecl; external CLibCrypto;
+  procedure ASN1_PCTX_set_nm_flags(p: PASN1_PCTX; flags: TIdC_ULONG) cdecl; external CLibCrypto;
+  function ASN1_PCTX_get_cert_flags(const p: PASN1_PCTX): TIdC_ULONG cdecl; external CLibCrypto;
+  procedure ASN1_PCTX_set_cert_flags(p: PASN1_PCTX; flags: TIdC_ULONG) cdecl; external CLibCrypto;
+  function ASN1_PCTX_get_oid_flags(const p: PASN1_PCTX): TIdC_ULONG cdecl; external CLibCrypto;
+  procedure ASN1_PCTX_set_oid_flags(p: PASN1_PCTX; flags: TIdC_ULONG) cdecl; external CLibCrypto;
+  function ASN1_PCTX_get_str_flags(const p: PASN1_PCTX): TIdC_ULONG cdecl; external CLibCrypto;
+  procedure ASN1_PCTX_set_str_flags(p: PASN1_PCTX; flags: TIdC_ULONG) cdecl; external CLibCrypto;
+
+  //ASN1_SCTX *ASN1_SCTX_new(int (*scan_cb) (ASN1_SCTX *ctx));
+  procedure ASN1_SCTX_free(p: PASN1_SCTX) cdecl; external CLibCrypto;
+  function ASN1_SCTX_get_item(p: PASN1_SCTX): PASN1_ITEM cdecl; external CLibCrypto;
+  function ASN1_SCTX_get_template(p: PASN1_SCTX): PASN1_TEMPLATE cdecl; external CLibCrypto;
+  function ASN1_SCTX_get_flags(p: PASN1_SCTX): TIdC_ULONG cdecl; external CLibCrypto;
+  procedure ASN1_SCTX_set_app_data(p: PASN1_SCTX; data: Pointer) cdecl; external CLibCrypto;
+  function ASN1_SCTX_get_app_data(p: PASN1_SCTX): Pointer cdecl; external CLibCrypto;
+
+  function BIO_f_asn1: PBIO_METHOD cdecl; external CLibCrypto;
+
+  function BIO_new_NDEF(&out: PBIO; val: PASN1_VALUE; const it: PASN1_ITEM): PBIO cdecl; external CLibCrypto;
+
+  function i2d_ASN1_bio_stream(&out: PBIO; val: PASN1_VALUE; &in: PBIO; flags: TIdC_INT; const it: PASN1_ITEM): TIdC_INT cdecl; external CLibCrypto;
+  function PEM_write_bio_ASN1_stream(&out: PBIO; val: PASN1_VALUE; &in: PBIO; flags: TIdC_INT; const hdr: PAnsiChar; const it: PASN1_ITEM): TIdC_INT cdecl; external CLibCrypto;
+  //function SMIME_write_ASN1(bio: PBIO; val: PASN1_VALUE; data: PBIO; flags: TIdC_INT;
+  //                     ctype_nid: TIdC_INT; econt_nid: TIdC_INT;
+  //                     STACK_OF(X509_ALGOR) *mdalgs, const ASN1_ITEM *it): TIdC_INT;
+  function SMIME_read_ASN1(bio: PBIO; bcont: PPBIO; const it: PASN1_ITEM): PASN1_VALUE cdecl; external CLibCrypto;
+  function SMIME_crlf_copy(&in: PBIO; &out: PBIO; flags: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function SMIME_text(&in: PBIO; &out: PBIO): TIdC_INT cdecl; external CLibCrypto;
+
+  function ASN1_ITEM_lookup(const name: PIdAnsiChar): PASN1_ITEM cdecl; external CLibCrypto;
+  function ASN1_ITEM_get(i: TIdC_SIZET): PASN1_ITEM cdecl; external CLibCrypto;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_asn1_mac.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_asn1_mac.pas
new file mode 100644
index 000000000..a2f07b421
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_asn1_mac.pas
@@ -0,0 +1,46 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 14:51:27
+
+unit IdOpenSSLHeaders_asn1_mac;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// asn1_mac.h
+
+{.$i IdCompilerDefines.inc}
+
+//#error "This file is obsolete; please update your software."
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_asn1err.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_asn1err.pas
new file mode 100644
index 000000000..11f84826c
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_asn1err.pas
@@ -0,0 +1,282 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 14:51:27
+
+unit IdOpenSSLHeaders_asn1err;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// asn1err.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+const
+
+// ASN1 function codes.
+  ASN1_F_A2D_ASN1_OBJECT                          = 100;
+  ASN1_F_A2I_ASN1_INTEGER                         = 102;
+  ASN1_F_A2I_ASN1_STRING                          = 103;
+  ASN1_F_APPEND_EXP                               = 176;
+  ASN1_F_ASN1_BIO_INIT                            = 113;
+  ASN1_F_ASN1_BIT_STRING_SET_BIT                  = 183;
+  ASN1_F_ASN1_CB                                  = 177;
+  ASN1_F_ASN1_CHECK_TLEN                          = 104;
+  ASN1_F_ASN1_COLLECT                             = 106;
+  ASN1_F_ASN1_D2I_EX_PRIMITIVE                    = 108;
+  ASN1_F_ASN1_D2I_FP                              = 109;
+  ASN1_F_ASN1_D2I_READ_BIO                        = 107;
+  ASN1_F_ASN1_DIGEST                              = 184;
+  ASN1_F_ASN1_DO_ADB                              = 110;
+  ASN1_F_ASN1_DO_LOCK                             = 233;
+  ASN1_F_ASN1_DUP                                 = 111;
+  ASN1_F_ASN1_ENC_SAVE                            = 115;
+  ASN1_F_ASN1_EX_C2I                              = 204;
+  ASN1_F_ASN1_FIND_END                            = 190;
+  ASN1_F_ASN1_GENERALIZEDTIME_ADJ                 = 216;
+  ASN1_F_ASN1_GENERATE_V3                         = 178;
+  ASN1_F_ASN1_GET_INT64                           = 224;
+  ASN1_F_ASN1_GET_OBJECT                          = 114;
+  ASN1_F_ASN1_GET_UINT64                          = 225;
+  ASN1_F_ASN1_I2D_BIO                             = 116;
+  ASN1_F_ASN1_I2D_FP                              = 117;
+  ASN1_F_ASN1_ITEM_D2I_FP                         = 206;
+  ASN1_F_ASN1_ITEM_DUP                            = 191;
+  ASN1_F_ASN1_ITEM_EMBED_D2I                      = 120;
+  ASN1_F_ASN1_ITEM_EMBED_NEW                      = 121;
+  ASN1_F_ASN1_ITEM_FLAGS_I2D                      = 118;
+  ASN1_F_ASN1_ITEM_I2D_BIO                        = 192;
+  ASN1_F_ASN1_ITEM_I2D_FP                         = 193;
+  ASN1_F_ASN1_ITEM_PACK                           = 198;
+  ASN1_F_ASN1_ITEM_SIGN                           = 195;
+  ASN1_F_ASN1_ITEM_SIGN_CTX                       = 220;
+  ASN1_F_ASN1_ITEM_UNPACK                         = 199;
+  ASN1_F_ASN1_ITEM_VERIFY                         = 197;
+  ASN1_F_ASN1_MBSTRING_NCOPY                      = 122;
+  ASN1_F_ASN1_OBJECT_NEW                          = 123;
+  ASN1_F_ASN1_OUTPUT_DATA                         = 214;
+  ASN1_F_ASN1_PCTX_NEW                            = 205;
+  ASN1_F_ASN1_PRIMITIVE_NEW                       = 119;
+  ASN1_F_ASN1_SCTX_NEW                            = 221;
+  ASN1_F_ASN1_SIGN                                = 128;
+  ASN1_F_ASN1_STR2TYPE                            = 179;
+  ASN1_F_ASN1_STRING_GET_INT64                    = 227;
+  ASN1_F_ASN1_STRING_GET_UINT64                   = 230;
+  ASN1_F_ASN1_STRING_SET                          = 186;
+  ASN1_F_ASN1_STRING_TABLE_ADD                    = 129;
+  ASN1_F_ASN1_STRING_TO_BN                        = 228;
+  ASN1_F_ASN1_STRING_TYPE_NEW                     = 130;
+  ASN1_F_ASN1_TEMPLATE_EX_D2I                     = 132;
+  ASN1_F_ASN1_TEMPLATE_NEW                        = 133;
+  ASN1_F_ASN1_TEMPLATE_NOEXP_D2I                  = 131;
+  ASN1_F_ASN1_TIME_ADJ                            = 217;
+  ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING            = 134;
+  ASN1_F_ASN1_TYPE_GET_OCTETSTRING                = 135;
+  ASN1_F_ASN1_UTCTIME_ADJ                         = 218;
+  ASN1_F_ASN1_VERIFY                              = 137;
+  ASN1_F_B64_READ_ASN1                            = 209;
+  ASN1_F_B64_WRITE_ASN1                           = 210;
+  ASN1_F_BIO_NEW_NDEF                             = 208;
+  ASN1_F_BITSTR_CB                                = 180;
+  ASN1_F_BN_TO_ASN1_STRING                        = 229;
+  ASN1_F_C2I_ASN1_BIT_STRING                      = 189;
+  ASN1_F_C2I_ASN1_INTEGER                         = 194;
+  ASN1_F_C2I_ASN1_OBJECT                          = 196;
+  ASN1_F_C2I_IBUF                                 = 226;
+  ASN1_F_C2I_UINT64_INT                           = 101;
+  ASN1_F_COLLECT_DATA                             = 140;
+  ASN1_F_D2I_ASN1_OBJECT                          = 147;
+  ASN1_F_D2I_ASN1_UINTEGER                        = 150;
+  ASN1_F_D2I_AUTOPRIVATEKEY                       = 207;
+  ASN1_F_D2I_PRIVATEKEY                           = 154;
+  ASN1_F_D2I_PUBLICKEY                            = 155;
+  ASN1_F_DO_BUF                                   = 142;
+  ASN1_F_DO_CREATE                                = 124;
+  ASN1_F_DO_DUMP                                  = 125;
+  ASN1_F_DO_TCREATE                               = 222;
+  ASN1_F_I2A_ASN1_OBJECT                          = 126;
+  ASN1_F_I2D_ASN1_BIO_STREAM                      = 211;
+  ASN1_F_I2D_ASN1_OBJECT                          = 143;
+  ASN1_F_I2D_DSA_PUBKEY                           = 161;
+  ASN1_F_I2D_EC_PUBKEY                            = 181;
+  ASN1_F_I2D_PRIVATEKEY                           = 163;
+  ASN1_F_I2D_PUBLICKEY                            = 164;
+  ASN1_F_I2D_RSA_PUBKEY                           = 165;
+  ASN1_F_LONG_C2I                                 = 166;
+  ASN1_F_NDEF_PREFIX                              = 127;
+  ASN1_F_NDEF_SUFFIX                              = 136;
+  ASN1_F_OID_MODULE_INIT                          = 174;
+  ASN1_F_PARSE_TAGGING                            = 182;
+  ASN1_F_PKCS5_PBE2_SET_IV                        = 167;
+  ASN1_F_PKCS5_PBE2_SET_SCRYPT                    = 231;
+  ASN1_F_PKCS5_PBE_SET                            = 202;
+  ASN1_F_PKCS5_PBE_SET0_ALGOR                     = 215;
+  ASN1_F_PKCS5_PBKDF2_SET                         = 219;
+  ASN1_F_PKCS5_SCRYPT_SET                         = 232;
+  ASN1_F_SMIME_READ_ASN1                          = 212;
+  ASN1_F_SMIME_TEXT                               = 213;
+  ASN1_F_STABLE_GET                               = 138;
+  ASN1_F_STBL_MODULE_INIT                         = 223;
+  ASN1_F_UINT32_C2I                               = 105;
+  ASN1_F_UINT32_NEW                               = 139;
+  ASN1_F_UINT64_C2I                               = 112;
+  ASN1_F_UINT64_NEW                               = 141;
+  ASN1_F_X509_CRL_ADD0_REVOKED                    = 169;
+  ASN1_F_X509_INFO_NEW                            = 170;
+  ASN1_F_X509_NAME_ENCODE                         = 203;
+  ASN1_F_X509_NAME_EX_D2I                         = 158;
+  ASN1_F_X509_NAME_EX_NEW                         = 171;
+  ASN1_F_X509_PKEY_NEW                            = 173;
+
+// ASN1 reason codes.
+  ASN1_R_ADDING_OBJECT                            = 171;
+  ASN1_R_ASN1_PARSE_ERROR                         = 203;
+  ASN1_R_ASN1_SIG_PARSE_ERROR                     = 204;
+  ASN1_R_AUX_ERROR                                = 100;
+  ASN1_R_BAD_OBJECT_HEADER                        = 102;
+  ASN1_R_BMPSTRING_IS_WRONG_LENGTH                = 214;
+  ASN1_R_BN_LIB                                   = 105;
+  ASN1_R_BOOLEAN_IS_WRONG_LENGTH                  = 106;
+  ASN1_R_BUFFER_TOO_SMALL                         = 107;
+  ASN1_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER          = 108;
+  ASN1_R_CONTEXT_NOT_INITIALISED                  = 217;
+  ASN1_R_DATA_IS_WRONG                            = 109;
+  ASN1_R_DECODE_ERROR                             = 110;
+  ASN1_R_DEPTH_EXCEEDED                           = 174;
+  ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED        = 198;
+  ASN1_R_ENCODE_ERROR                             = 112;
+  ASN1_R_ERROR_GETTING_TIME                       = 173;
+  ASN1_R_ERROR_LOADING_SECTION                    = 172;
+  ASN1_R_ERROR_SETTING_CIPHER_PARAMS              = 114;
+  ASN1_R_EXPECTING_AN_INTEGER                     = 115;
+  ASN1_R_EXPECTING_AN_OBJECT                      = 116;
+  ASN1_R_EXPLICIT_LENGTH_MISMATCH                 = 119;
+  ASN1_R_EXPLICIT_TAG_NOT_CONSTRUCTED             = 120;
+  ASN1_R_FIELD_MISSING                            = 121;
+  ASN1_R_FIRST_NUM_TOO_LARGE                      = 122;
+  ASN1_R_HEADER_TOO_LONG                          = 123;
+  ASN1_R_ILLEGAL_BITSTRING_FORMAT                 = 175;
+  ASN1_R_ILLEGAL_BOOLEAN                          = 176;
+  ASN1_R_ILLEGAL_CHARACTERS                       = 124;
+  ASN1_R_ILLEGAL_FORMAT                           = 177;
+  ASN1_R_ILLEGAL_HEX                              = 178;
+  ASN1_R_ILLEGAL_IMPLICIT_TAG                     = 179;
+  ASN1_R_ILLEGAL_INTEGER                          = 180;
+  ASN1_R_ILLEGAL_NEGATIVE_VALUE                   = 226;
+  ASN1_R_ILLEGAL_NESTED_TAGGING                   = 181;
+  ASN1_R_ILLEGAL_NULL                             = 125;
+  ASN1_R_ILLEGAL_NULL_VALUE                       = 182;
+  ASN1_R_ILLEGAL_OBJECT                           = 183;
+  ASN1_R_ILLEGAL_OPTIONAL_ANY                     = 126;
+  ASN1_R_ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE         = 170;
+  ASN1_R_ILLEGAL_PADDING                          = 221;
+  ASN1_R_ILLEGAL_TAGGED_ANY                       = 127;
+  ASN1_R_ILLEGAL_TIME_VALUE                       = 184;
+  ASN1_R_ILLEGAL_ZERO_CONTENT                     = 222;
+  ASN1_R_INTEGER_NOT_ASCII_FORMAT                 = 185;
+  ASN1_R_INTEGER_TOO_LARGE_FOR_LONG               = 128;
+  ASN1_R_INVALID_BIT_STRING_BITS_LEFT             = 220;
+  ASN1_R_INVALID_BMPSTRING_LENGTH                 = 129;
+  ASN1_R_INVALID_DIGIT                            = 130;
+  ASN1_R_INVALID_MIME_TYPE                        = 205;
+  ASN1_R_INVALID_MODIFIER                         = 186;
+  ASN1_R_INVALID_NUMBER                           = 187;
+  ASN1_R_INVALID_OBJECT_ENCODING                  = 216;
+  ASN1_R_INVALID_SCRYPT_PARAMETERS                = 227;
+  ASN1_R_INVALID_SEPARATOR                        = 131;
+  ASN1_R_INVALID_STRING_TABLE_VALUE               = 218;
+  ASN1_R_INVALID_UNIVERSALSTRING_LENGTH           = 133;
+  ASN1_R_INVALID_UTF8STRING                       = 134;
+  ASN1_R_INVALID_VALUE                            = 219;
+  ASN1_R_LIST_ERROR                               = 188;
+  ASN1_R_MIME_NO_CONTENT_TYPE                     = 206;
+  ASN1_R_MIME_PARSE_ERROR                         = 207;
+  ASN1_R_MIME_SIG_PARSE_ERROR                     = 208;
+  ASN1_R_MISSING_EOC                              = 137;
+  ASN1_R_MISSING_SECOND_NUMBER                    = 138;
+  ASN1_R_MISSING_VALUE                            = 189;
+  ASN1_R_MSTRING_NOT_UNIVERSAL                    = 139;
+  ASN1_R_MSTRING_WRONG_TAG                        = 140;
+  ASN1_R_NESTED_ASN1_STRING                       = 197;
+  ASN1_R_NESTED_TOO_DEEP                          = 201;
+  ASN1_R_NON_HEX_CHARACTERS                       = 141;
+  ASN1_R_NOT_ASCII_FORMAT                         = 190;
+  ASN1_R_NOT_ENOUGH_DATA                          = 142;
+  ASN1_R_NO_CONTENT_TYPE                          = 209;
+  ASN1_R_NO_MATCHING_CHOICE_TYPE                  = 143;
+  ASN1_R_NO_MULTIPART_BODY_FAILURE                = 210;
+  ASN1_R_NO_MULTIPART_BOUNDARY                    = 211;
+  ASN1_R_NO_SIG_CONTENT_TYPE                      = 212;
+  ASN1_R_NULL_IS_WRONG_LENGTH                     = 144;
+  ASN1_R_OBJECT_NOT_ASCII_FORMAT                  = 191;
+  ASN1_R_ODD_NUMBER_OF_CHARS                      = 145;
+  ASN1_R_SECOND_NUMBER_TOO_LARGE                  = 147;
+  ASN1_R_SEQUENCE_LENGTH_MISMATCH                 = 148;
+  ASN1_R_SEQUENCE_NOT_CONSTRUCTED                 = 149;
+  ASN1_R_SEQUENCE_OR_SET_NEEDS_CONFIG             = 192;
+  ASN1_R_SHORT_LINE                               = 150;
+  ASN1_R_SIG_INVALID_MIME_TYPE                    = 213;
+  ASN1_R_STREAMING_NOT_SUPPORTED                  = 202;
+  ASN1_R_STRING_TOO_LONG                          = 151;
+  ASN1_R_STRING_TOO_SHORT                         = 152;
+  ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD = 154;
+  ASN1_R_TIME_NOT_ASCII_FORMAT                    = 193;
+  ASN1_R_TOO_LARGE                                = 223;
+  ASN1_R_TOO_LONG                                 = 155;
+  ASN1_R_TOO_SMALL                                = 224;
+  ASN1_R_TYPE_NOT_CONSTRUCTED                     = 156;
+  ASN1_R_TYPE_NOT_PRIMITIVE                       = 195;
+  ASN1_R_UNEXPECTED_EOC                           = 159;
+  ASN1_R_UNIVERSALSTRING_IS_WRONG_LENGTH          = 215;
+  ASN1_R_UNKNOWN_FORMAT                           = 160;
+  ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM         = 161;
+  ASN1_R_UNKNOWN_OBJECT_TYPE                      = 162;
+  ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE                  = 163;
+  ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM              = 199;
+  ASN1_R_UNKNOWN_TAG                              = 194;
+  ASN1_R_UNSUPPORTED_ANY_DEFINED_BY_TYPE          = 164;
+  ASN1_R_UNSUPPORTED_CIPHER                       = 228;
+  ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE              = 167;
+  ASN1_R_UNSUPPORTED_TYPE                         = 196;
+  ASN1_R_WRONG_INTEGER_TYPE                       = 225;
+  ASN1_R_WRONG_PUBLIC_KEY_TYPE                    = 200;
+  ASN1_R_WRONG_TAG                                = 168;
+
+  function ERR_load_ASN1_strings: TIdC_INT cdecl; external CLibCrypto;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_asn1t.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_asn1t.pas
new file mode 100644
index 000000000..2d753f62a
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_asn1t.pas
@@ -0,0 +1,996 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 14:51:27
+
+unit IdOpenSSLHeaders_asn1t;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// asn1t.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts,
+  IdOpenSSLHeaders_ossl_typ;
+  
+type
+  // moved from asn1
+  ASN1_ITEM_EXP = ASN1_ITEM;
+  PASN1_ITEM_EXP = ^ASN1_ITEM_EXP;
+
+//# ifndef OPENSSL_EXPORT_VAR_AS_FUNCTION
+//
+///// Macro to obtain ASN1_ADB pointer from a type (only used internally) ///
+//#  define ASN1_ADB_ptr(iptr) ((const ASN1_ADB //)(iptr))
+//
+///// Macros for start and end of ASN1_ITEM definition ///
+//
+//#  define ASN1_ITEM_start(itname) \
+//        const ASN1_ITEM itname##_it = {
+//
+//#  define static_ASN1_ITEM_start(itname) \
+//        static const ASN1_ITEM itname##_it = {
+//
+//#  define ASN1_ITEM_end(itname)                 \
+//                };
+//
+//# else
+//
+///// Macro to obtain ASN1_ADB pointer from a type (only used internally) ///
+//#  define ASN1_ADB_ptr(iptr) ((const ASN1_ADB //)((iptr)()))
+//
+///// Macros for start and end of ASN1_ITEM definition ///
+//
+//#  define ASN1_ITEM_start(itname) \
+//        const ASN1_ITEM // itname##_it(void) \
+//        { \
+//                static const ASN1_ITEM local_it = {
+//
+//#  define static_ASN1_ITEM_start(itname) \
+//        static ASN1_ITEM_start(itname)
+//
+//#  define ASN1_ITEM_end(itname) \
+//                }; \
+//        return &local_it; \
+//        }
+//
+//# endif
+//
+///// Macros to aid ASN1 template writing ///
+//
+//  ASN1_ITEM_TEMPLATE(tname) \
+//        static const PASN1_TEMPLATE tname##_item_tt
+//
+//  ASN1_ITEM_TEMPLATE_END(tname) \
+//        ;\
+//        ASN1_ITEM_start(tname) \
+//                ASN1_ITYPE_PRIMITIVE,\
+//                -1,\
+//                &tname##_item_tt,\
+//                0,\
+//                NULL,\
+//                0,\
+//                #tname \
+//        ASN1_ITEM_end(tname)
+//  static_ASN1_ITEM_TEMPLATE_END(tname) \
+//        ;\
+//        static_ASN1_ITEM_start(tname) \
+//                ASN1_ITYPE_PRIMITIVE,\
+//                -1,\
+//                &tname##_item_tt,\
+//                0,\
+//                NULL,\
+//                0,\
+//                #tname \
+//        ASN1_ITEM_end(tname)
+//
+///// This is a ASN1 type which just embeds a template ///
+//
+/////-
+// // This pair helps declare a SEQUENCE. We can do:
+// //
+// //      ASN1_SEQUENCE(stname) = {
+// //              ... SEQUENCE components ...
+// //      } ASN1_SEQUENCE_END(stname)
+// //
+// //      This will produce an ASN1_ITEM called stname_it
+// //      for a structure called stname.
+// //
+// //      If you want the same structure but a different
+// //      name then use:
+// //
+// //      ASN1_SEQUENCE(itname) = {
+// //              ... SEQUENCE components ...
+// //      } ASN1_SEQUENCE_END_name(stname, itname)
+// //
+// //      This will create an item called itname_it using
+// //      a structure called stname.
+// ///
+//
+//  ASN1_SEQUENCE(tname) \
+//        static const PASN1_TEMPLATE tname##_seq_tt[]
+//
+//  ASN1_SEQUENCE_END(stname) ASN1_SEQUENCE_END_name(stname, stname)
+//
+//  static_ASN1_SEQUENCE_END(stname) static_ASN1_SEQUENCE_END_name(stname, stname)
+//
+//  ASN1_SEQUENCE_END_name(stname, tname) \
+//        ;\
+//        ASN1_ITEM_start(tname) \
+//                ASN1_ITYPE_SEQUENCE,\
+//                V_ASN1_SEQUENCE,\
+//                tname##_seq_tt,\
+//                sizeof(tname##_seq_tt) / sizeof(PASN1_TEMPLATE),\
+//                NULL,\
+//                sizeof(stname),\
+//                #tname \
+//        ASN1_ITEM_end(tname)
+//
+//  static_ASN1_SEQUENCE_END_name(stname, tname) \
+//        ;\
+//        static_ASN1_ITEM_start(tname) \
+//                ASN1_ITYPE_SEQUENCE,\
+//                V_ASN1_SEQUENCE,\
+//                tname##_seq_tt,\
+//                sizeof(tname##_seq_tt) / sizeof(PASN1_TEMPLATE),\
+//                NULL,\
+//                sizeof(stname),\
+//                #stname \
+//        ASN1_ITEM_end(tname)
+//
+//  ASN1_NDEF_SEQUENCE(tname) \
+//        ASN1_SEQUENCE(tname)
+//
+//  ASN1_NDEF_SEQUENCE_cb(tname, cb) \
+//        ASN1_SEQUENCE_cb(tname, cb)
+//
+//  ASN1_SEQUENCE_cb(tname, cb) \
+//        static const ASN1_AUX tname##_aux = {NULL, 0, 0, 0, cb, 0}; \
+//        ASN1_SEQUENCE(tname)
+//
+//  ASN1_BROKEN_SEQUENCE(tname) \
+//        static const ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_BROKEN, 0, 0, 0, 0}; \
+//        ASN1_SEQUENCE(tname)
+//
+//  ASN1_SEQUENCE_ref(tname, cb) \
+//        static const ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_REFCOUNT, offsetof(tname, references), offsetof(tname, lock), cb, 0}; \
+//        ASN1_SEQUENCE(tname)
+//
+//  ASN1_SEQUENCE_enc(tname, enc, cb) \
+//        static const ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_ENCODING, 0, 0, cb, offsetof(tname, enc)}; \
+//        ASN1_SEQUENCE(tname)
+//
+//  ASN1_NDEF_SEQUENCE_END(tname) \
+//        ;\
+//        ASN1_ITEM_start(tname) \
+//                ASN1_ITYPE_NDEF_SEQUENCE,\
+//                V_ASN1_SEQUENCE,\
+//                tname##_seq_tt,\
+//                sizeof(tname##_seq_tt) / sizeof(PASN1_TEMPLATE),\
+//                NULL,\
+//                sizeof(tname),\
+//                #tname \
+//        ASN1_ITEM_end(tname)
+//  static_ASN1_NDEF_SEQUENCE_END(tname) \
+//        ;\
+//        static_ASN1_ITEM_start(tname) \
+//                ASN1_ITYPE_NDEF_SEQUENCE,\
+//                V_ASN1_SEQUENCE,\
+//                tname##_seq_tt,\
+//                sizeof(tname##_seq_tt) / sizeof(PASN1_TEMPLATE),\
+//                NULL,\
+//                sizeof(tname),\
+//                #tname \
+//        ASN1_ITEM_end(tname)
+//
+//  ASN1_BROKEN_SEQUENCE_END(stname) ASN1_SEQUENCE_END_ref(stname, stname)
+//  static_ASN1_BROKEN_SEQUENCE_END(stname) \
+//        static_ASN1_SEQUENCE_END_ref(stname, stname)
+//
+//  ASN1_SEQUENCE_END_enc(stname, tname) ASN1_SEQUENCE_END_ref(stname, tname)
+//
+//  ASN1_SEQUENCE_END_cb(stname, tname) ASN1_SEQUENCE_END_ref(stname, tname)
+//  static_ASN1_SEQUENCE_END_cb(stname, tname) static_ASN1_SEQUENCE_END_ref(stname, tname)
+//
+//  ASN1_SEQUENCE_END_ref(stname, tname) \
+//        ;\
+//        ASN1_ITEM_start(tname) \
+//                ASN1_ITYPE_SEQUENCE,\
+//                V_ASN1_SEQUENCE,\
+//                tname##_seq_tt,\
+//                sizeof(tname##_seq_tt) / sizeof(PASN1_TEMPLATE),\
+//                &tname##_aux,\
+//                sizeof(stname),\
+//                #tname \
+//        ASN1_ITEM_end(tname)
+//  static_ASN1_SEQUENCE_END_ref(stname, tname) \
+//        ;\
+//        static_ASN1_ITEM_start(tname) \
+//                ASN1_ITYPE_SEQUENCE,\
+//                V_ASN1_SEQUENCE,\
+//                tname##_seq_tt,\
+//                sizeof(tname##_seq_tt) / sizeof(PASN1_TEMPLATE),\
+//                &tname##_aux,\
+//                sizeof(stname),\
+//                #stname \
+//        ASN1_ITEM_end(tname)
+//
+//  ASN1_NDEF_SEQUENCE_END_cb(stname, tname) \
+//        ;\
+//        ASN1_ITEM_start(tname) \
+//                ASN1_ITYPE_NDEF_SEQUENCE,\
+//                V_ASN1_SEQUENCE,\
+//                tname##_seq_tt,\
+//                sizeof(tname##_seq_tt) / sizeof(PASN1_TEMPLATE),\
+//                &tname##_aux,\
+//                sizeof(stname),\
+//                #stname \
+//        ASN1_ITEM_end(tname)
+//
+/////-
+// // This pair helps declare a CHOICE type. We can do:
+// //
+// //      ASN1_CHOICE(chname) = {
+// //              ... CHOICE options ...
+// //      ASN1_CHOICE_END(chname)
+// //
+// //      This will produce an ASN1_ITEM called chname_it
+// //      for a structure called chname. The structure
+// //      definition must look like this:
+// //      typedef struct {
+// //              int type;
+// //              union {
+// //                      ASN1_SOMETHING //opt1;
+// //                      ASN1_SOMEOTHER //opt2;
+// //              } value;
+// //      } chname;
+// //
+// //      the name of the selector must be 'type'.
+// //      to use an alternative selector name use the
+// //      ASN1_CHOICE_END_selector() version.
+// ///
+//
+//  ASN1_CHOICE(tname) \
+//        static const PASN1_TEMPLATE tname##_ch_tt[]
+//
+//  ASN1_CHOICE_cb(tname, cb) \
+//        static const ASN1_AUX tname##_aux = {NULL, 0, 0, 0, cb, 0}; \
+//        ASN1_CHOICE(tname)
+//
+//  ASN1_CHOICE_END(stname) ASN1_CHOICE_END_name(stname, stname)
+//
+//  static_ASN1_CHOICE_END(stname) static_ASN1_CHOICE_END_name(stname, stname)
+//
+//  ASN1_CHOICE_END_name(stname, tname) ASN1_CHOICE_END_selector(stname, tname, type)
+//
+//  static_ASN1_CHOICE_END_name(stname, tname) static_ASN1_CHOICE_END_selector(stname, tname, type)
+//
+//  ASN1_CHOICE_END_selector(stname, tname, selname) \
+//        ;\
+//        ASN1_ITEM_start(tname) \
+//                ASN1_ITYPE_CHOICE,\
+//                offsetof(stname,selname) ,\
+//                tname##_ch_tt,\
+//                sizeof(tname##_ch_tt) / sizeof(PASN1_TEMPLATE),\
+//                NULL,\
+//                sizeof(stname),\
+//                #stname \
+//        ASN1_ITEM_end(tname)
+//
+//  static_ASN1_CHOICE_END_selector(stname, tname, selname) \
+//        ;\
+//        static_ASN1_ITEM_start(tname) \
+//                ASN1_ITYPE_CHOICE,\
+//                offsetof(stname,selname) ,\
+//                tname##_ch_tt,\
+//                sizeof(tname##_ch_tt) / sizeof(PASN1_TEMPLATE),\
+//                NULL,\
+//                sizeof(stname),\
+//                #stname \
+//        ASN1_ITEM_end(tname)
+//
+//  ASN1_CHOICE_END_cb(stname, tname, selname) \
+//        ;\
+//        ASN1_ITEM_start(tname) \
+//                ASN1_ITYPE_CHOICE,\
+//                offsetof(stname,selname) ,\
+//                tname##_ch_tt,\
+//                sizeof(tname##_ch_tt) / sizeof(PASN1_TEMPLATE),\
+//                &tname##_aux,\
+//                sizeof(stname),\
+//                #stname \
+//        ASN1_ITEM_end(tname)
+//
+///// This helps with the template wrapper form of ASN1_ITEM ///
+//
+//  ASN1_EX_TEMPLATE_TYPE(flags, tag, name, type) { \
+//        (flags), (tag), 0,\
+//        #name, ASN1_ITEM_ref(type) }
+//
+///// These help with SEQUENCE or CHOICE components ///
+//
+///// used to declare other types ///
+//
+//  ASN1_EX_TYPE(flags, tag, stname, field, type) { \
+//        (flags), (tag), offsetof(stname, field),\
+//        #field, ASN1_ITEM_ref(type) }
+//
+///// implicit and explicit helper macros ///
+//
+//  ASN1_IMP_EX(stname, field, type, tag, ex) \
+//         ASN1_EX_TYPE(ASN1_TFLG_IMPLICIT | (ex), tag, stname, field, type)
+//
+//  ASN1_EXP_EX(stname, field, type, tag, ex) \
+//         ASN1_EX_TYPE(ASN1_TFLG_EXPLICIT | (ex), tag, stname, field, type)
+//
+///// Any defined by macros: the field used is in the table itself ///
+//
+//# ifndef OPENSSL_EXPORT_VAR_AS_FUNCTION
+//#  define ASN1_ADB_OBJECT(tblname) { ASN1_TFLG_ADB_OID, -1, 0, #tblname, (const ASN1_ITEM //)&(tblname##_adb) }
+//#  define ASN1_ADB_INTEGER(tblname) { ASN1_TFLG_ADB_INT, -1, 0, #tblname, (const ASN1_ITEM //)&(tblname##_adb) }
+//# else
+//#  define ASN1_ADB_OBJECT(tblname) { ASN1_TFLG_ADB_OID, -1, 0, #tblname, tblname##_adb }
+//#  define ASN1_ADB_INTEGER(tblname) { ASN1_TFLG_ADB_INT, -1, 0, #tblname, tblname##_adb }
+//# endif
+///// Plain simple type ///
+//  ASN1_SIMPLE(stname, field, type) ASN1_EX_TYPE(0,0, stname, field, type)
+///// Embedded simple type ///
+//  ASN1_EMBED(stname, field, type) ASN1_EX_TYPE(ASN1_TFLG_EMBED,0, stname, field, type)
+//
+///// OPTIONAL simple type ///
+//  ASN1_OPT(stname, field, type) ASN1_EX_TYPE(ASN1_TFLG_OPTIONAL, 0, stname, field, type)
+//  ASN1_OPT_EMBED(stname, field, type) ASN1_EX_TYPE(ASN1_TFLG_OPTIONAL|ASN1_TFLG_EMBED, 0, stname, field, type)
+//
+///// IMPLICIT tagged simple type ///
+//  ASN1_IMP(stname, field, type, tag) ASN1_IMP_EX(stname, field, type, tag, 0)
+//  ASN1_IMP_EMBED(stname, field, type, tag) ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_EMBED)
+//
+///// IMPLICIT tagged OPTIONAL simple type ///
+//  ASN1_IMP_OPT(stname, field, type, tag) ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_OPTIONAL)
+//  ASN1_IMP_OPT_EMBED(stname, field, type, tag) ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_OPTIONAL|ASN1_TFLG_EMBED)
+//
+///// Same as above but EXPLICIT ///
+//
+//  ASN1_EXP(stname, field, type, tag) ASN1_EXP_EX(stname, field, type, tag, 0)
+//  ASN1_EXP_EMBED(stname, field, type, tag) ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_EMBED)
+//  ASN1_EXP_OPT(stname, field, type, tag) ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_OPTIONAL)
+//  ASN1_EXP_OPT_EMBED(stname, field, type, tag) ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_OPTIONAL|ASN1_TFLG_EMBED)
+//
+///// SEQUENCE OF type ///
+//  ASN1_SEQUENCE_OF(stname, field, type) \
+//                ASN1_EX_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, stname, field, type)
+//
+///// OPTIONAL SEQUENCE OF ///
+//  ASN1_SEQUENCE_OF_OPT(stname, field, type) \
+//                ASN1_EX_TYPE(ASN1_TFLG_SEQUENCE_OF|ASN1_TFLG_OPTIONAL, 0, stname, field, type)
+//
+///// Same as above but for SET OF ///
+//
+//  ASN1_SET_OF(stname, field, type) \
+//                ASN1_EX_TYPE(ASN1_TFLG_SET_OF, 0, stname, field, type)
+//
+//  ASN1_SET_OF_OPT(stname, field, type) \
+//                ASN1_EX_TYPE(ASN1_TFLG_SET_OF|ASN1_TFLG_OPTIONAL, 0, stname, field, type)
+//
+///// Finally compound types of SEQUENCE, SET, IMPLICIT, EXPLICIT and OPTIONAL ///
+//
+//  ASN1_IMP_SET_OF(stname, field, type, tag) \
+//                        ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_SET_OF)
+//
+//  ASN1_EXP_SET_OF(stname, field, type, tag) \
+//                        ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SET_OF)
+//
+//  ASN1_IMP_SET_OF_OPT(stname, field, type, tag) \
+//                        ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_SET_OF|ASN1_TFLG_OPTIONAL)
+//
+//  ASN1_EXP_SET_OF_OPT(stname, field, type, tag) \
+//                        ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SET_OF|ASN1_TFLG_OPTIONAL)
+//
+//  ASN1_IMP_SEQUENCE_OF(stname, field, type, tag) \
+//                        ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF)
+//
+//  ASN1_IMP_SEQUENCE_OF_OPT(stname, field, type, tag) \
+//                        ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF|ASN1_TFLG_OPTIONAL)
+//
+//  ASN1_EXP_SEQUENCE_OF(stname, field, type, tag) \
+//                        ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF)
+//
+//  ASN1_EXP_SEQUENCE_OF_OPT(stname, field, type, tag) \
+//                        ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF|ASN1_TFLG_OPTIONAL)
+//
+///// EXPLICIT using indefinite length constructed form ///
+//  ASN1_NDEF_EXP(stname, field, type, tag) \
+//                        ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_NDEF)
+//
+///// EXPLICIT OPTIONAL using indefinite length constructed form ///
+//  ASN1_NDEF_EXP_OPT(stname, field, type, tag) \
+//                        ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_OPTIONAL|ASN1_TFLG_NDEF)
+//
+///// Macros for the ASN1_ADB structure ///
+//
+//  ASN1_ADB(name) \
+//        static const ASN1_ADB_TABLE name##_adbtbl[]
+//
+//# ifndef OPENSSL_EXPORT_VAR_AS_FUNCTION
+//
+//#  define ASN1_ADB_END(name, flags, field, adb_cb, def, none) \
+//        ;\
+//        static const ASN1_ADB name##_adb = {\
+//                flags,\
+//                offsetof(name, field),\
+//                adb_cb,\
+//                name##_adbtbl,\
+//                sizeof(name##_adbtbl) / sizeof(ASN1_ADB_TABLE),\
+//                def,\
+//                none\
+//        }
+//
+//# else
+//
+//#  define ASN1_ADB_END(name, flags, field, adb_cb, def, none) \
+//        ;\
+//        static const ASN1_ITEM //name##_adb(void) \
+//        { \
+//        static const ASN1_ADB internal_adb = \
+//                {\
+//                flags,\
+//                offsetof(name, field),\
+//                adb_cb,\
+//                name##_adbtbl,\
+//                sizeof(name##_adbtbl) / sizeof(ASN1_ADB_TABLE),\
+//                def,\
+//                none\
+//                }; \
+//                return (const ASN1_ITEM //) &internal_adb; \
+//        } \
+//        void dummy_function(void)
+//
+//# endif
+//
+//  ADB_ENTRY(val, template) {val, template}
+//
+//  ASN1_ADB_TEMPLATE(name) \
+//        static const PASN1_TEMPLATE name##_tt
+//
+/////
+// // This is the ASN1 template structure that defines a wrapper round the
+// // actual type. It determines the actual position of the field in the value
+// // structure, various flags such as OPTIONAL and the field name.
+// ///
+
+type
+  ASN1_TEMPLATE_st = record
+    flags: TIdC_ULONG;
+    tag: TIdC_LONG;
+    offset: TIdC_ULONG;
+    fieldname: PIdAnsiChar;
+    item: PASN1_ITEM_EXP;
+  end;  
+  ASN1_TEMPLATE = ASN1_TEMPLATE_st;
+  PASN1_TEMPLATE = ^ASN1_TEMPLATE;
+
+///// Macro to extract ASN1_ITEM and ASN1_ADB pointer from PASN1_TEMPLATE ///
+//
+//  ASN1_TEMPLATE_item(t) (t->item_ptr)
+//  ASN1_TEMPLATE_adb(t) (t->item_ptr)
+
+  adb_cb_callback = function(psel: PIdC_LONG): TIdC_INT;
+
+  ASN1_ADB_TABLE_st = record
+    value: TIdC_LONG;
+    tt: PASN1_TEMPLATE;
+  end;
+
+  ASN1_ADB_TABLE = ASN1_ADB_TABLE_st;
+  PASN1_ADB_TABLE = ^ASN1_ADB_TABLE;
+  
+  ASN1_ADB_st = record
+    flags: TIdC_ULONG;
+    offset: TIdC_ULONG;
+    adb_cb: adb_cb_callback;
+    tbl: PASN1_ADB_TABLE;
+    tblcount: TIdC_LONG;
+    default_tt: PASN1_TEMPLATE;
+    null_tt: PASN1_TEMPLATE;
+  end;
+  ASN1_ADB = ASN1_ADB_st;
+
+const
+// template flags //
+
+// Field is optional //
+  ASN1_TFLG_OPTIONAL     = $1;
+
+// Field is a SET OF //
+  ASN1_TFLG_SET_OF       = ($1 shl 1);
+
+// Field is a SEQUENCE OF //
+  ASN1_TFLG_SEQUENCE_OF  = ($2 shl 1);
+
+//
+// Special case: this refers to a SET OF that will be sorted into DER order
+// when encoded /and/ the corresponding STACK will be modified to match the
+// new order.
+ //
+  ASN1_TFLG_SET_ORDER     = ($3 shl 1);
+
+// Mask for SET OF or SEQUENCE OF //
+  ASN1_TFLG_SK_MASK       = ($3 shl 1);
+
+//
+//  These flags mean the tag should be taken from the tag field. If EXPLICIT
+//  then the underlying type is used for the inner tag.
+ //
+
+// IMPLICIT tagging //
+  ASN1_TFLG_IMPTAG        = ($1 shl 3);
+
+// EXPLICIT tagging, inner tag from underlying type //
+  ASN1_TFLG_EXPTAG        = ($2 shl 3);
+
+  ASN1_TFLG_TAG_MASK      = ($3 shl 3);
+
+// context specific IMPLICIT //
+//   ASN1_TFLG_IMPLICIT      (ASN1_TFLG_IMPTAG|ASN1_TFLG_CONTEXT)
+
+// context specific EXPLICIT //
+//   ASN1_TFLG_EXPLICIT      (ASN1_TFLG_EXPTAG|ASN1_TFLG_CONTEXT)
+
+//
+// If tagging is in force these determine the type of tag to use. Otherwise
+// the tag is determined by the underlying type. These values reflect the
+// actual octet format.
+ //
+
+// Universal tag //
+  ASN1_TFLG_UNIVERSAL     = ($0 shl 6);
+// Application tag //
+  ASN1_TFLG_APPLICATION   = ($1 shl 6);
+// Context specific tag //
+  ASN1_TFLG_CONTEXT       = ($2 shl 6);
+// Private tag //
+  ASN1_TFLG_PRIVATE       = ($3 shl 6);
+
+  ASN1_TFLG_TAG_CLASS     = ($3 shl 6);
+
+//
+// These are for ANY DEFINED BY type. In this case the 'item' field points to
+// an ASN1_ADB structure which contains a table of values to decode the
+// relevant type
+ //
+
+  ASN1_TFLG_ADB_MASK      = ($3 shl 8);
+
+  ASN1_TFLG_ADB_OID       = ($1 shl 8);
+
+  ASN1_TFLG_ADB_INT       = ($1 shl 9);
+
+//
+// This flag when present in a SEQUENCE OF, SET OF or EXPLICIT causes
+// indefinite length constructed encoding to be used if required.
+ //
+
+  ASN1_TFLG_NDEF          = ($1 shl 11);
+
+// Field is embedded and not a pointer //
+  ASN1_TFLG_EMBED         = ($1 shl 12);
+
+// This is the actual ASN1 item itself //
+
+type
+  ASN1_ITEM_st = record
+    itype: AnsiChar;
+    utype: TIdC_LONG;
+    template: PASN1_TEMPLATE;
+    tcount: TIdC_LONG;
+    funcs: Pointer;
+    size: TIdC_LONG;
+    sname: PIdAnsiChar;
+  end;
+
+//-
+ // These are values for the itype field and
+ // determine how the type is interpreted.
+ //
+ // For PRIMITIVE types the underlying type
+ // determines the behaviour if items is NULL.
+ //
+ // Otherwise templates must contain a single
+ // template and the type is treated in the
+ // same way as the type specified in the template.
+ //
+ // For SEQUENCE types the templates field points
+ // to the members, the size field is the
+ // structure size.
+ //
+ // For CHOICE types the templates field points
+ // to each possible member (typically a union)
+ // and the 'size' field is the offset of the
+ // selector.
+ //
+ // The 'funcs' field is used for application
+ // specific functions.
+ //
+ // The EXTERN type uses a new style d2i/i2d.
+ // The new style should be used where possible
+ // because it avoids things like the d2i IMPLICIT
+ // hack.
+ //
+ // MSTRING is a multiple string type, it is used
+ // for a CHOICE of character strings where the
+ // actual strings all occupy an ASN1_STRING
+ // structure. In this case the 'utype' field
+ // has a special meaning, it is used as a mask
+ // of acceptable types using the B_ASN1 constants.
+ //
+ // NDEF_SEQUENCE is the same as SEQUENCE except
+ // that it will use indefinite length constructed
+ // encoding if requested.
+ //
+ //
+const
+  ASN1_ITYPE_PRIMITIVE            = $0;
+
+  ASN1_ITYPE_SEQUENCE             = $1;
+
+  ASN1_ITYPE_CHOICE               = $2;
+
+  ASN1_ITYPE_EXTERN               = $4;
+
+  ASN1_ITYPE_MSTRING              = $5;
+
+  ASN1_ITYPE_NDEF_SEQUENCE        = $6;
+
+//
+ // Cache for ASN1 tag and length, so we don't keep re-reading it for things
+ // like CHOICE
+ //
+
+type
+  ASN1_TLC_st = record
+    valid: AnsiChar;
+    ret: TIdC_INT;
+    plen: TIdC_LONG;
+    ptag: TIdC_INT;
+    pclass: TIdC_INT;
+    hdrlen: TIdC_INT;
+  end;
+  ASN1_TLC = ASN1_TLC_st;
+  PASN1_TLC = ^ASN1_TLC;
+
+  ASN1_ex_d2i = function(pval: PPASN1_VALUE; const AIn: PPByte; len: TIdC_LONG;
+    const it: PASN1_ITEM; tag: TIdC_INT; aclass: TIdC_INT;
+    opt: AnsiChar; ctx: PASN1_TLC): TIdC_INT;
+  PASN1_ex_d2i = ^ASN1_ex_d2i;
+
+  ASN1_ex_i2d = function(pval: PPASN1_VALUE; AOut: PPByte; const it: PASN1_ITEM;
+    tag: TIdC_INT; aclass: TIdC_INT): TIdC_INT;
+  PASN1_ex_i2d = ^ASN1_ex_i2d;
+
+  ASN1_ex_new_func = function(pval: PPASN1_VALUE; const it: PASN1_ITEM): TIdC_INT;
+  PASN1_ex_new_func = ^ASN1_ex_new_func;
+
+  ASN1_ex_free_func = procedure(pval: PPASN1_VALUE; const it: PASN1_ITEM);
+  PASN1_ex_free_func = ^ASN1_ex_free_func;
+
+  ASN1_ex_print_func = function(AOut: PBIO; pval: PPASN1_VALUE; indent: TIdC_INT;
+    const fname: PIdAnsiChar; const pctx: PASN1_PCTX): TIdC_INT;
+  PASN1_ex_print_func = ^ASN1_ex_print_func;
+
+  ASN1_primitive_i2c = function(pval: PPASN1_VALUE; const cont: PIdAnsiChar;
+    puttype: PIdC_INT; const it: PASN1_ITEM): TIdC_INT;
+  PASN1_primitive_i2c = ^ASN1_primitive_i2c;
+
+  ASN1_primitive_c2i = function(pval: PPASN1_VALUE; const cont: PByte;
+    len: TIdC_INT; utype: TIdC_INT; free_cont: PIdAnsiChar;
+    const it: PASN1_ITEM): TIdC_INT;
+  PASN1_primitive_c2i = ^ASN1_primitive_c2i;
+
+  ASN1_primitive_print = function(AOut: PBIO; pval: PPASN1_VALUE;
+    const it: PASN1_ITEM; indent: TIdC_INT; const pctx: PASN1_PCTX): TIdC_INT;
+  PASN1_primitive_print = ^ASN1_primitive_print;
+
+  ASN1_EXTERN_FUNCS_st = record
+    app_data: Pointer;
+    asn1_ex_new: PASN1_ex_new_func;
+    asn1_ex_free: PASN1_ex_free_func;
+    asn1_ex_clear: PASN1_ex_free_func;
+    asn1_ex_d2i: PASN1_ex_d2i;
+    asn1_ex_i2d: PASN1_ex_i2d;
+    asn1_ex_print: PASN1_ex_print_func;
+  end;
+
+  ASN1_EXTERN_FUNCS = ASN1_EXTERN_FUNCS_st;
+
+  ASN1_PRIMITIVE_FUNCS_st = record
+    app_data: Pointer;
+    flags: TIdC_ULONG;
+    prim_new: PASN1_ex_new_func;
+    prim_free: PASN1_ex_free_func;
+    prim_clear: PASN1_ex_free_func;
+    prim_c2i: PASN1_primitive_c2i;
+    prim_i2c: PASN1_primitive_i2c;
+    prim_print: PASN1_primitive_print;
+  end;
+
+  ASN1_PRIMITIVE_FUNCS = ASN1_PRIMITIVE_FUNCS_st;
+
+//
+ // This is the ASN1_AUX structure: it handles various miscellaneous
+ // requirements. For example the use of reference counts and an informational
+ // callback. The "informational callback" is called at various points during
+ // the ASN1 encoding and decoding. It can be used to provide minor
+ // customisation of the structures used. This is most useful where the
+ // supplied routines //almost// do the right thing but need some extra help at
+ // a few points. If the callback returns zero then it is assumed a fatal
+ // error has occurred and the main operation should be abandoned. If major
+ // changes in the default behaviour are required then an external type is
+ // more appropriate.
+ //
+
+  ASN1_aux_cb = function(operation: TIdC_INT; AIn: PASN1_VALUE; const it: PASN1_ITEM; exarg: Pointer): TIdC_INT;
+  PASN1_aux_cb = ^ASN1_aux_cb;
+
+  ASN1_AUX_st = record
+    app_data: Pointer;
+    flags: TIdC_INT;
+    ref_offset: TIdC_INT;
+    ref_lock: TIdC_INT;
+    asn1_cb: PASN1_aux_cb;
+    enc_offset: TidC_INT;
+  end;
+
+  ASN1_AUX = ASN1_AUX_st;
+
+// For print related callbacks exarg points to this structure
+
+  ASN1_PRINT_ARG_st = record
+    AOut: PBIO;
+    indent: TIdC_INT;
+    pctx: PASN1_PCTX;
+  end;
+
+  ASN1_PRINT_ARG = ASN1_PRINT_ARG_st;
+
+// For streaming related callbacks exarg points to this structure
+  ASN1_STREAM_ARG_st = record
+    // BIO to stream through
+    FOut: PBIO;
+    // BIO with filters appended
+    ndef_bio: PBIO;
+    // Streaming I/O boundary
+    boundary: PPByte;
+  end;
+
+  ASN1_STREAM_ARG = ASN1_STREAM_ARG_st;
+
+const
+/// Flags in ASN1_AUX ///
+
+/// Use a reference count ///
+  ASN1_AFLG_REFCOUNT      = 1;
+/// Save the encoding of structure (useful for signatures) ///
+  ASN1_AFLG_ENCODING      = 2;
+/// The Sequence length is invalid ///
+  ASN1_AFLG_BROKEN        = 4;
+
+/// operation values for asn1_cb ///
+
+  ASN1_OP_NEW_PRE         = 0;
+  ASN1_OP_NEW_POST        = 1;
+  ASN1_OP_FREE_PRE        = 2;
+  ASN1_OP_FREE_POST       = 3;
+  ASN1_OP_D2I_PRE         = 4;
+  ASN1_OP_D2I_POST        = 5;
+  ASN1_OP_I2D_PRE         = 6;
+  ASN1_OP_I2D_POST        = 7;
+  ASN1_OP_PRINT_PRE       = 8;
+  ASN1_OP_PRINT_POST      = 9;
+  ASN1_OP_STREAM_PRE      = 10;
+  ASN1_OP_STREAM_POST     = 11;
+  ASN1_OP_DETACHED_PRE    = 12;
+  ASN1_OP_DETACHED_POST   = 13;
+
+///* Macro to implement a primitive type */
+//# define IMPLEMENT_ASN1_TYPE(stname) IMPLEMENT_ASN1_TYPE_ex(stname, stname, 0)
+//# define IMPLEMENT_ASN1_TYPE_ex(itname, vname, ex) \
+//                                ASN1_ITEM_start(itname) \
+//                                        ASN1_ITYPE_PRIMITIVE, V_##vname, NULL, 0, NULL, ex, #itname \
+//                                ASN1_ITEM_end(itname)
+//
+///* Macro to implement a multi string type */
+//# define IMPLEMENT_ASN1_MSTRING(itname, mask) \
+//                                ASN1_ITEM_start(itname) \
+//                                        ASN1_ITYPE_MSTRING, mask, NULL, 0, NULL, sizeof(ASN1_STRING), #itname \
+//                                ASN1_ITEM_end(itname)
+//
+//# define IMPLEMENT_EXTERN_ASN1(sname, tag, fptrs) \
+//        ASN1_ITEM_start(sname) \
+//                ASN1_ITYPE_EXTERN, \
+//                tag, \
+//                NULL, \
+//                0, \
+//                &fptrs, \
+//                0, \
+//                #sname \
+//        ASN1_ITEM_end(sname)
+//
+///* Macro to implement standard functions in terms of ASN1_ITEM structures */
+//
+//# define IMPLEMENT_ASN1_FUNCTIONS(stname) IMPLEMENT_ASN1_FUNCTIONS_fname(stname, stname, stname)
+//
+//# define IMPLEMENT_ASN1_FUNCTIONS_name(stname, itname) IMPLEMENT_ASN1_FUNCTIONS_fname(stname, itname, itname)
+//
+//# define IMPLEMENT_ASN1_FUNCTIONS_ENCODE_name(stname, itname) \
+//                        IMPLEMENT_ASN1_FUNCTIONS_ENCODE_fname(stname, itname, itname)
+//
+//# define IMPLEMENT_STATIC_ASN1_ALLOC_FUNCTIONS(stname) \
+//                IMPLEMENT_ASN1_ALLOC_FUNCTIONS_pfname(static, stname, stname, stname)
+//
+//# define IMPLEMENT_ASN1_ALLOC_FUNCTIONS(stname) \
+//                IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, stname, stname)
+//
+//# define IMPLEMENT_ASN1_ALLOC_FUNCTIONS_pfname(pre, stname, itname, fname) \
+//        pre stname *fname##_new(void) \
+//        { \
+//                return (stname *)ASN1_item_new(ASN1_ITEM_rptr(itname)); \
+//        } \
+//        pre void fname##_free(stname *a) \
+//        { \
+//                ASN1_item_free((ASN1_VALUE *)a, ASN1_ITEM_rptr(itname)); \
+//        }
+//
+//# define IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, itname, fname) \
+//        stname *fname##_new(void) \
+//        { \
+//                return (stname *)ASN1_item_new(ASN1_ITEM_rptr(itname)); \
+//        } \
+//        void fname##_free(stname *a) \
+//        { \
+//                ASN1_item_free((ASN1_VALUE *)a, ASN1_ITEM_rptr(itname)); \
+//        }
+//
+//# define IMPLEMENT_ASN1_FUNCTIONS_fname(stname, itname, fname) \
+//        IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(stname, itname, fname) \
+//        IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, itname, fname)
+//
+//# define IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(stname, itname, fname) \
+//        stname *d2i_##fname(stname **a, const unsigned char **in, long len) \
+//        { \
+//                return (stname *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, ASN1_ITEM_rptr(itname));\
+//        } \
+//        int i2d_##fname(stname *a, unsigned char **out) \
+//        { \
+//                return ASN1_item_i2d((ASN1_VALUE *)a, out, ASN1_ITEM_rptr(itname));\
+//        }
+//
+//# define IMPLEMENT_ASN1_NDEF_FUNCTION(stname) \
+//        int i2d_##stname##_NDEF(stname *a, unsigned char **out) \
+//        { \
+//                return ASN1_item_ndef_i2d((ASN1_VALUE *)a, out, ASN1_ITEM_rptr(stname));\
+//        }
+//
+//# define IMPLEMENT_STATIC_ASN1_ENCODE_FUNCTIONS(stname) \
+//        static stname *d2i_##stname(stname **a, \
+//                                   const unsigned char **in, long len) \
+//        { \
+//                return (stname *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, \
+//                                               ASN1_ITEM_rptr(stname)); \
+//        } \
+//        static int i2d_##stname(stname *a, unsigned char **out) \
+//        { \
+//                return ASN1_item_i2d((ASN1_VALUE *)a, out, \
+//                                     ASN1_ITEM_rptr(stname)); \
+//        }
+//
+///*
+// * This includes evil casts to remove const: they will go away when full ASN1
+// * constification is done.
+// */
+//# define IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(stname, itname, fname) \
+//        stname *d2i_##fname(stname **a, const unsigned char **in, long len) \
+//        { \
+//                return (stname *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, ASN1_ITEM_rptr(itname));\
+//        } \
+//        int i2d_##fname(const stname *a, unsigned char **out) \
+//        { \
+//                return ASN1_item_i2d((ASN1_VALUE *)a, out, ASN1_ITEM_rptr(itname));\
+//        }
+//
+//# define IMPLEMENT_ASN1_DUP_FUNCTION(stname) \
+//        stname * stname##_dup(stname *x) \
+//        { \
+//        return ASN1_item_dup(ASN1_ITEM_rptr(stname), x); \
+//        }
+//
+//# define IMPLEMENT_ASN1_PRINT_FUNCTION(stname) \
+//        IMPLEMENT_ASN1_PRINT_FUNCTION_fname(stname, stname, stname)
+//
+//# define IMPLEMENT_ASN1_PRINT_FUNCTION_fname(stname, itname, fname) \
+//        int fname##_print_ctx(BIO *out, stname *x, int indent, \
+//                                                const ASN1_PCTX *pctx) \
+//        { \
+//                return ASN1_item_print(out, (ASN1_VALUE *)x, indent, \
+//                        ASN1_ITEM_rptr(itname), pctx); \
+//        }
+//
+//# define IMPLEMENT_ASN1_FUNCTIONS_const(name) \
+//                IMPLEMENT_ASN1_FUNCTIONS_const_fname(name, name, name)
+//
+//# define IMPLEMENT_ASN1_FUNCTIONS_const_fname(stname, itname, fname) \
+//        IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(stname, itname, fname) \
+//        IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, itname, fname)
+//
+//* external definitions for primitive types */
+
+//DECLARE_ASN1_ITEM(ASN1_BOOLEAN)
+//DECLARE_ASN1_ITEM(ASN1_TBOOLEAN)
+//DECLARE_ASN1_ITEM(ASN1_FBOOLEAN)
+//DECLARE_ASN1_ITEM(ASN1_SEQUENCE)
+//DECLARE_ASN1_ITEM(CBIGNUM)
+//DECLARE_ASN1_ITEM(BIGNUM)
+//DECLARE_ASN1_ITEM(INT32)
+//DECLARE_ASN1_ITEM(ZINT32)
+//DECLARE_ASN1_ITEM(UINT32)
+//DECLARE_ASN1_ITEM(ZUINT32)
+//DECLARE_ASN1_ITEM(INT64)
+//DECLARE_ASN1_ITEM(ZINT64)
+//DECLARE_ASN1_ITEM(UINT64)
+//DECLARE_ASN1_ITEM(ZUINT64)
+
+//# if OPENSSL_API_COMPAT < 0x10200000L
+///*
+// * LONG and ZLONG are strongly discouraged for use as stored data, as the
+// * underlying C type (long) differs in size depending on the architecture.
+// * They are designed with 32-bit longs in mind.
+// */
+//DECLARE_ASN1_ITEM(LONG)
+//DECLARE_ASN1_ITEM(ZLONG)
+//# endif
+
+//DEFINE_STACK_OF(ASN1_VALUE)
+
+//* Functions used internally by the ASN1 code */
+
+  function ASN1_item_ex_new(pval: PPASN1_VALUE; const it: PASN1_ITEM): TIdC_INT cdecl; external CLibCrypto;
+  procedure ASN1_item_ex_free(pval: PPASN1_VALUE; const it: PASN1_ITEM) cdecl; external CLibCrypto;
+
+  function ASN1_item_ex_d2i(pval: PPASN1_VALUE; const AIn: PPByte; len: TIdC_LONG; const it: PASN1_ITEM; tag: TIdC_INT; aclass: TIdC_INT; opt: AnsiChar; ctx: PASN1_TLC): TIdC_INT cdecl; external CLibCrypto;
+
+  function ASN1_item_ex_i2d(pval: PPASN1_VALUE; AOut: PPByte; const it: PASN1_ITEM; tag: TIdC_INT; aclass: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_async.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_async.pas
new file mode 100644
index 000000000..8e03a4085
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_async.pas
@@ -0,0 +1,93 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 14:51:27
+
+unit IdOpenSSLHeaders_async;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// async.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+const
+  ASYNC_ERR = 0;
+  ASYNC_NO_JOBS = 0;
+  ASYNC_PAUSE = 2;
+  ASYNC_FINISH = 3;
+
+type
+  async_job_st = type Pointer;
+  ASYNC_JOB = async_job_st;
+  PASYNC_JOB = ^ASYNC_JOB;
+  PPASYNC_JOB = ^PASYNC_JOB;
+  
+  async_wait_ctx_st = type Pointer;
+  ASYNC_WAIT_CTX = async_wait_ctx_st;
+  PASYNC_WAIT_CTX = ^ASYNC_WAIT_CTX;
+  
+  OSSL_ASYNC_FD = type TIdC_INT;
+  POSSL_ASYNC_FD = ^OSSL_ASYNC_FD;
+
+  ASYNC_WAIT_CTX_set_wait_fd_cleanup = procedure(v1: PASYNC_WAIT_CTX;
+    const v2: Pointer; v3: OSSL_ASYNC_FD; v4: Pointer);
+  ASYNC_start_job_cb = function(v1: Pointer): TIdC_INT;
+
+  function ASYNC_init_thread(max_size: TIdC_SIZET; init_size: TIdC_SIZET): TIdC_INT cdecl; external CLibCrypto;
+  procedure ASYNC_cleanup_thread cdecl; external CLibCrypto;
+
+  function ASYNC_WAIT_CTX_new: PASYNC_WAIT_CTX cdecl; external CLibCrypto;
+  procedure ASYNC_WAIT_CTX_free(ctx: PASYNC_WAIT_CTX) cdecl; external CLibCrypto;
+  function ASYNC_WAIT_CTX_set_wait_fd(ctx: PASYNC_WAIT_CTX; const key: Pointer; fd: OSSL_ASYNC_FD; custom_data: Pointer; cleanup_cb: ASYNC_WAIT_CTX_set_wait_fd_cleanup): TIdC_INT cdecl; external CLibCrypto;
+  function ASYNC_WAIT_CTX_get_fd(ctx: PASYNC_WAIT_CTX; const key: Pointer; fd: POSSL_ASYNC_FD; custom_data: PPointer): TIdC_INT cdecl; external CLibCrypto;
+  function ASYNC_WAIT_CTX_get_all_fds(ctx: PASYNC_WAIT_CTX; fd: POSSL_ASYNC_FD; numfds: PIdC_SIZET): TIdC_INT cdecl; external CLibCrypto;
+  function ASYNC_WAIT_CTX_get_changed_fds(ctx: PASYNC_WAIT_CTX; addfd: POSSL_ASYNC_FD; numaddfds: PIdC_SIZET; delfd: POSSL_ASYNC_FD; numdelfds: PIdC_SIZET): TIdC_INT cdecl; external CLibCrypto;
+  function ASYNC_WAIT_CTX_clear_fd(ctx: PASYNC_WAIT_CTX; const key: Pointer): TIdC_INT cdecl; external CLibCrypto;
+
+  function ASYNC_is_capable: TIdC_INT cdecl; external CLibCrypto;
+
+  function ASYNC_start_job(job: PPASYNC_JOB; ctx: PASYNC_WAIT_CTX; ret: PIdC_INT; func: ASYNC_start_job_cb; args: Pointer; size: TIdC_SIZET): TIdC_INT cdecl; external CLibCrypto;
+  function ASYNC_pause_job: TIdC_INT cdecl; external CLibCrypto;
+
+  function ASYNC_get_current_job: PASYNC_JOB cdecl; external CLibCrypto;
+  function ASYNC_get_wait_ctx(job: PASYNC_JOB): PASYNC_WAIT_CTX cdecl; external CLibCrypto;
+  procedure ASYNC_block_pause cdecl; external CLibCrypto;
+  procedure ASYNC_unblock_pause cdecl; external CLibCrypto;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_asyncerr.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_asyncerr.pas
new file mode 100644
index 000000000..5d05f407f
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_asyncerr.pas
@@ -0,0 +1,71 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 14:51:27
+
+unit IdOpenSSLHeaders_asyncerr;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// asyncerr.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+const
+  //
+  // ASYNC function codes.
+  //
+  ASYNC_F_ASYNC_CTX_NEW                            = 100;
+  ASYNC_F_ASYNC_INIT_THREAD                        = 101;
+  ASYNC_F_ASYNC_JOB_NEW                            = 102;
+  ASYNC_F_ASYNC_PAUSE_JOB                          = 103;
+  ASYNC_F_ASYNC_START_FUNC                         = 104;
+  ASYNC_F_ASYNC_START_JOB                          = 105;
+  ASYNC_F_ASYNC_WAIT_CTX_SET_WAIT_FD               = 106;
+
+  //
+  // ASYNC reason codes.
+  //
+  ASYNC_R_FAILED_TO_SET_POOL                       = 101;
+  ASYNC_R_FAILED_TO_SWAP_CONTEXT                   = 102;
+  ASYNC_R_INIT_FAILED                              = 105;
+  ASYNC_R_INVALID_POOL_SIZE                        = 103;
+
+  function ERR_load_ASYNC_strings: TIdC_INT cdecl; external CLibCrypto;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_bio.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_bio.pas
new file mode 100644
index 000000000..bdabf021b
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_bio.pas
@@ -0,0 +1,832 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 14:51:27
+
+unit IdOpenSSLHeaders_bio;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// bio.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts,
+  IdOpenSSlHeaders_ossl_typ;
+
+{$MINENUMSIZE 4}
+
+const
+  (* There are the classes of BIOs *)
+  {$REGION 'BIO_TYPE_*'}
+  BIO_TYPE_DESCRIPTOR = $0100;
+  BIO_TYPE_FILTER = $0200;
+  BIO_TYPE_SOURCE_SINK = $0400;
+  {$ENDREGION}
+
+  (* These are the 'types' of BIOs *)
+  {$REGION 'BIO_TYPE_*'}
+  BIO_TYPE_NONE = 0;
+  BIO_TYPE_MEM =  1 or BIO_TYPE_SOURCE_SINK;
+  BIO_TYPE_FILE =  2 or BIO_TYPE_SOURCE_SINK;
+
+  BIO_TYPE_FD          =  4 or BIO_TYPE_SOURCE_SINK or BIO_TYPE_DESCRIPTOR;
+  BIO_TYPE_SOCKET      =  5 or BIO_TYPE_SOURCE_SINK or BIO_TYPE_DESCRIPTOR;
+  BIO_TYPE_NULL        =  6 or BIO_TYPE_SOURCE_SINK;
+  BIO_TYPE_SSL         =  7 or BIO_TYPE_FILTER;
+  BIO_TYPE_MD          =  8 or BIO_TYPE_FILTER;
+  BIO_TYPE_BUFFER      =  9 or BIO_TYPE_FILTER;
+  BIO_TYPE_CIPHER      = 10 or BIO_TYPE_FILTER;
+  BIO_TYPE_BASE64      = 11 or BIO_TYPE_FILTER;
+  BIO_TYPE_CONNECT     = 12 or BIO_TYPE_SOURCE_SINK or BIO_TYPE_DESCRIPTOR;
+  BIO_TYPE_ACCEPT      = 13 or BIO_TYPE_SOURCE_SINK or BIO_TYPE_DESCRIPTOR;
+
+  BIO_TYPE_NBIO_TEST   = 16 or BIO_TYPE_FILTER;
+  BIO_TYPE_NULL_FILTER = 17 or BIO_TYPE_FILTER;
+  BIO_TYPE_BIO         = 19 or BIO_TYPE_SOURCE_SINK;
+  BIO_TYPE_LINEBUFFER  = 20 or BIO_TYPE_FILTER;
+  BIO_TYPE_DGRAM       = 21 or BIO_TYPE_SOURCE_SINK or BIO_TYPE_DESCRIPTOR;
+  BIO_TYPE_ASN1        = 22 or BIO_TYPE_FILTER;
+  BIO_TYPE_COMP        = 23 or BIO_TYPE_FILTER;
+  BIO_TYPE_DGRAM_SCTP  = 24 or BIO_TYPE_SOURCE_SINK or BIO_TYPE_DESCRIPTOR;
+  {$ENDREGION}
+
+  BIO_TYPE_START = 128;
+
+  (*
+   * BIO_FILENAME_READ|BIO_CLOSE to open or close on free.
+   * BIO_set_fp(in,stdin,BIO_NOCLOSE);
+   *)
+  {$REGION}
+  BIO_NOCLOSE = $00;
+  BIO_CLOSE   = $01;
+  {$ENDREGION}
+
+  (*
+   * These are used in the following macros and are passed to BIO_ctrl()
+   *)
+  {$REGION 'BIO_CTRL_*'}
+  BIO_CTRL_RESET        = 1;(* opt - rewind/zero etc *)
+  BIO_CTRL_EOF          = 2;(* opt - are we at the eof *)
+  BIO_CTRL_INFO         = 3;(* opt - extra tit-bits *)
+  BIO_CTRL_SET          = 4;(* man - set the 'IO' type *)
+  BIO_CTRL_GET          = 5;(* man - get the 'IO' type *)
+  BIO_CTRL_PUSH         = 6;(* opt - internal, used to signify change *)
+  BIO_CTRL_POP          = 7;(* opt - internal, used to signify change *)
+  BIO_CTRL_GET_CLOSE    = 8;(* man - set the 'close' on free *)
+  BIO_CTRL_SET_CLOSE    = 9;(* man - set the 'close' on free *)
+  // Added "_const" to prevent naming clashes
+  BIO_CTRL_PENDING_const      = 10;(* opt - is their more data buffered *)
+  BIO_CTRL_FLUSH        = 11;(* opt - 'flush' buffered output *)
+  BIO_CTRL_DUP          = 12;(* man - extra stuff for 'duped' BIO *)
+  // Added "_const" to prevent naming clashes
+  BIO_CTRL_WPENDING_const     = 13;(* opt - number of bytes still to write *)
+  BIO_CTRL_SET_CALLBACK = 14;(* opt - set callback function *)
+  BIO_CTRL_GET_CALLBACK = 15;(* opt - set callback function *)
+
+  BIO_CTRL_PEEK         = 29;(* BIO_f_buffer special *)
+  BIO_CTRL_SET_FILENAME = 30;(* BIO_s_file special *)
+
+  (* dgram BIO stuff *)
+  BIO_CTRL_DGRAM_CONNECT       = 31;(* BIO dgram special *)
+  BIO_CTRL_DGRAM_SET_CONNECTED = 32;(* allow for an externally connected
+                                           * socket to be passed in *)
+  BIO_CTRL_DGRAM_SET_RECV_TIMEOUT = 33;(* setsockopt, essentially *)
+  BIO_CTRL_DGRAM_GET_RECV_TIMEOUT = 34;(* getsockopt, essentially *)
+  BIO_CTRL_DGRAM_SET_SEND_TIMEOUT = 35;(* setsockopt, essentially *)
+  BIO_CTRL_DGRAM_GET_SEND_TIMEOUT = 36;(* getsockopt, essentially *)
+
+  BIO_CTRL_DGRAM_GET_RECV_TIMER_EXP = 37;(* flag whether the last *)
+  BIO_CTRL_DGRAM_GET_SEND_TIMER_EXP = 38;(* I/O operation tiemd out *)
+
+  BIO_CTRL_DGRAM_MTU_DISCOVER     = 39;(* set DF bit on egress packets *)
+
+  BIO_CTRL_DGRAM_QUERY_MTU        = 40;(* as kernel for current MTU *)
+  BIO_CTRL_DGRAM_GET_FALLBACK_MTU = 47;
+  BIO_CTRL_DGRAM_GET_MTU          = 41;(* get cached value for MTU *)
+  BIO_CTRL_DGRAM_SET_MTU          = 42;(* set cached value for MTU.
+                                                * want to use this if asking
+                                                * the kernel fails *)
+
+  BIO_CTRL_DGRAM_MTU_EXCEEDED     = 43;(* check whether the MTU was
+                                                * exceed in the previous write
+                                                * operation *)
+
+  BIO_CTRL_DGRAM_GET_PEER         = 46;
+  BIO_CTRL_DGRAM_SET_PEER         = 44;(* Destination for the data *)
+
+  BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT = 45;(* Next DTLS handshake timeout
+                                                * to adjust socket timeouts *)
+  BIO_CTRL_DGRAM_SET_DONT_FRAG    = 48;
+
+  BIO_CTRL_DGRAM_GET_MTU_OVERHEAD = 49;
+
+  (* Deliberately outside of OPENSSL_NO_SCTP - used in bss_dgram.c *)
+  BIO_CTRL_DGRAM_SCTP_SET_IN_HANDSHAKE  = 50;
+  (* SCTP stuff *)
+  BIO_CTRL_DGRAM_SCTP_ADD_AUTH_KEY      = 51;
+  BIO_CTRL_DGRAM_SCTP_NEXT_AUTH_KEY     = 52;
+  BIO_CTRL_DGRAM_SCTP_AUTH_CCS_RCVD     = 53;
+  BIO_CTRL_DGRAM_SCTP_GET_SNDINFO       = 60;
+  BIO_CTRL_DGRAM_SCTP_SET_SNDINFO       = 61;
+  BIO_CTRL_DGRAM_SCTP_GET_RCVINFO       = 62;
+  BIO_CTRL_DGRAM_SCTP_SET_RCVINFO       = 63;
+  BIO_CTRL_DGRAM_SCTP_GET_PRINFO        = 64;
+  BIO_CTRL_DGRAM_SCTP_SET_PRINFO        = 65;
+  BIO_CTRL_DGRAM_SCTP_SAVE_SHUTDOWN     = 70;
+
+  BIO_CTRL_DGRAM_SET_PEEK_MODE          = 71;
+  {$ENDREGION}
+
+  (* modifiers *)
+  BIO_FP_READ            = $02;
+  BIO_FP_WRITE           = $04;
+  BIO_FP_APPEND          = $08;
+  BIO_FP_TEXT            = $10;
+
+  {$REGION 'BIO_FLAGS_*}
+  BIO_FLAGS_READ         = $01;
+  BIO_FLAGS_WRITE        = $02;
+  BIO_FLAGS_IO_SPECIAL   = $04;
+  BIO_FLAGS_RWS          = BIO_FLAGS_READ or BIO_FLAGS_WRITE or BIO_FLAGS_IO_SPECIAL;
+  BIO_FLAGS_SHOULD_RETRY = $08;
+
+  BIO_FLAGS_BASE64_NO_NL = $100;
+
+  (*
+   * This is used with memory BIOs:
+   * BIO_FLAGS_MEM_RDONLY means we shouldn't free up or change the data in any way;
+   * BIO_FLAGS_NONCLEAR_RST means we shouldn't clear data on reset.
+   *)
+  BIO_FLAGS_MEM_RDONLY   = $200;
+  BIO_FLAGS_NONCLEAR_RST = $400;
+  {$ENDREGION}
+
+  {$REGION 'BIO_RR_*'}
+  BIO_RR_SSL_X509_LOOKUP = $01;
+  (* Returned from the connect BIO when a connect would have blocked *)
+  BIO_RR_CONNECT         = $02;
+  (* Returned from the accept BIO when an accept would have blocked *)
+  BIO_RR_ACCEPT          = $03;
+  {$ENDREGION}
+
+  (* These are passed by the BIO callback *)
+  {$REGION 'BIO_CB_*'}
+  BIO_CB_FREE  = $01;
+  BIO_CB_READ  = $02;
+  BIO_CB_WRITE = $03;
+  BIO_CB_PUTS  = $04;
+  BIO_CB_GETS  = $05;
+  BIO_CB_CTRL  = $06;
+///*
+// * The callback is called before and after the underling operation, The
+// * BIO_CB_RETURN flag indicates if it is after the call
+// */
+//# define BIO_CB_RETURN   0x80
+//# define BIO_CB_return(a) ((a)|BIO_CB_RETURN)
+//# define BIO_cb_pre(a)   (!((a)&BIO_CB_RETURN))
+//# define BIO_cb_post(a)  ((a)&BIO_CB_RETURN)
+  {$ENDREGION}
+
+  {$REGION 'BIO_C_*'}
+  BIO_C_SET_CONNECT                 = 100;
+  BIO_C_DO_STATE_MACHINE            = 101;
+  BIO_C_SET_NBIO                    = 102;
+  (* BIO_C_SET_PROXY_PARAM            = 103 *)
+  BIO_C_SET_FD                      = 104;
+  BIO_C_GET_FD                      = 105;
+  BIO_C_SET_FILE_PTR                = 106;
+  BIO_C_GET_FILE_PTR                = 107;
+  BIO_C_SET_FILENAME                = 108;
+  BIO_C_SET_SSL                     = 109;
+  BIO_C_GET_SSL                     = 110;
+  BIO_C_SET_MD                      = 111;
+  BIO_C_GET_MD                      = 112;
+  BIO_C_GET_CIPHER_STATUS           = 113;
+  BIO_C_SET_BUF_MEM                 = 114;
+  BIO_C_GET_BUF_MEM_PTR             = 115;
+  BIO_C_GET_BUFF_NUM_LINES          = 116;
+  BIO_C_SET_BUFF_SIZE               = 117;
+  BIO_C_SET_ACCEPT                  = 118;
+  BIO_C_SSL_MODE                    = 119;
+  BIO_C_GET_MD_CTX                  = 120;
+  (* BIO_C_GET_PROXY_PARAM             = 121 *)
+  BIO_C_SET_BUFF_READ_DATA          = 122;(* data to read first *)
+  BIO_C_GET_CONNECT                 = 123;
+  BIO_C_GET_ACCEPT                  = 124;
+  BIO_C_SET_SSL_RENEGOTIATE_BYTES   = 125;
+  BIO_C_GET_SSL_NUM_RENEGOTIATES    = 126;
+  BIO_C_SET_SSL_RENEGOTIATE_TIMEOUT = 127;
+  BIO_C_FILE_SEEK                   = 128;
+  BIO_C_GET_CIPHER_CTX              = 129;
+  BIO_C_SET_BUF_MEM_EOF_RETURN      = 130;(* return end of input
+                                                       * value *)
+  BIO_C_SET_BIND_MODE               = 131;
+  BIO_C_GET_BIND_MODE               = 132;
+  BIO_C_FILE_TELL                   = 133;
+  BIO_C_GET_SOCKS                   = 134;
+  BIO_C_SET_SOCKS                   = 135;
+
+  BIO_C_SET_WRITE_BUF_SIZE          = 136;(* for BIO_s_bio *)
+  BIO_C_GET_WRITE_BUF_SIZE          = 137;
+  BIO_C_MAKE_BIO_PAIR               = 138;
+  BIO_C_DESTROY_BIO_PAIR            = 139;
+  BIO_C_GET_WRITE_GUARANTEE         = 140;
+  BIO_C_GET_READ_REQUEST            = 141;
+  BIO_C_SHUTDOWN_WR                 = 142;
+  BIO_C_NREAD0                      = 143;
+  BIO_C_NREAD                       = 144;
+  BIO_C_NWRITE0                     = 145;
+  BIO_C_NWRITE                      = 146;
+  BIO_C_RESET_READ_REQUEST          = 147;
+  BIO_C_SET_MD_CTX                  = 148;
+
+  BIO_C_SET_PREFIX                  = 149;
+  BIO_C_GET_PREFIX                  = 150;
+  BIO_C_SET_SUFFIX                  = 151;
+  BIO_C_GET_SUFFIX                  = 152;
+
+  BIO_C_SET_EX_ARG                  = 153;
+  BIO_C_GET_EX_ARG                  = 154;
+
+  BIO_C_SET_CONNECT_MODE            = 155;
+  {$ENDREGION}
+
+  {$REGION 'BIO_SOCK_*'}
+  BIO_SOCK_REUSEADDR = $01;
+  BIO_SOCK_V6_ONLY   = $02;
+  BIO_SOCK_KEEPALIVE = $04;
+  BIO_SOCK_NONBLOCK  = $08;
+  BIO_SOCK_NODELAY   = $10;
+  {$ENDREGION}
+
+type
+  BIO_ADDR = Pointer; // bio_addr_st
+  PBIO_ADDR = ^BIO_ADDR;
+  BIO_ADDRINFO = Pointer; // bio_addrinfo_st
+  PBIO_ADDRINFO = ^BIO_ADDRINFO;
+  PPBIO_ADDRINFO = ^PBIO_ADDRINFO;
+  BIO_callback_fn = function(b: PBIO; oper: TIdC_INT; const argp: PIdAnsiChar; 
+    argi: TIdC_INT; argl: TIdC_LONG; ret: TIdC_LONG): TIdC_LONG;
+  BIO_callback_fn_ex = function(b: PBIO; oper: TIdC_INT; const argp: PIdAnsiChar; len: TIdC_SIZET; argi: TIdC_INT; argl: TIdC_LONG; ret: TIdC_INT; processed: PIdC_SIZET): TIdC_LONG;
+  BIO_METHOD = Pointer; // bio_method_st
+  PBIO_METHOD = ^BIO_METHOD;
+  BIO_info_cb = function(v1: PBIO; v2: TIdC_INT; v3: TIdC_INT): TIdC_INT;
+  PBIO_info_cb = ^BIO_info_cb;
+  asn1_ps_func = function(b: PBIO; pbuf: PPIdAnsiChar; plen: PIdC_INT; parg: Pointer): TIdC_INT;
+
+  bio_dgram_sctp_sndinfo = record
+    snd_sid: TIdC_UINT16;
+    snd_flags: TIdC_UINT16;
+    snd_ppid: TIdC_UINT32;
+    snd_context: TIdC_UINT32;
+  end;
+
+  bio_dgram_sctp_rcvinfo = record
+    rcv_sid: TIdC_UINT16;
+    rcv_ssn: TIdC_UINT16;
+    rcv_flags: TIdC_UINT16;
+    rcv_ppid: TIdC_UINT32;
+    rcv_tsn: TIdC_UINT32;
+    rcv_cumtsn: TIdC_UINT32;
+    rcv_context: TIdC_UINT32;
+  end;
+
+  bio_dgram_sctp_prinfo = record
+    pr_policy: TIdC_UINT16;
+    pr_value: TIdC_UINT32;
+  end;
+
+  BIO_hostserv_priorities = (BIO_PARSE_PRIO_HOST, BIO_PARSE_PRIO_SERV);
+
+  BIO_lookup_type = (BIO_LOOKUP_CLIENT, BIO_LOOKUP_SERVER);
+
+  BIO_sock_info_u = record
+    addr: PBIO_ADDR;
+  end;
+  PBIO_sock_info_u = ^BIO_sock_info_u;
+
+  BIO_sock_info_type = (BIO_SOCK_INFO_ADDRESS);
+
+function BIO_get_flags(const b: PBIO): TIdC_INT;
+procedure BIO_set_retry_special(b: PBIO);
+procedure BIO_set_retry_read(b: PBIO);
+procedure BIO_set_retry_write(b: PBIO);
+
+(* These are normally used internally in BIOs *)
+procedure BIO_clear_retry_flags(b: PBIO);
+function BIO_get_retry_flags(b: PBIO): TIdC_INT;
+
+(* These should be used by the application to tell why we should retry *)
+function BIO_should_read(b: PBIO): TIdC_INT;
+function BIO_should_write(b: PBIO): TIdC_INT;
+function BIO_should_io_special(b: PBIO): TIdC_INT;
+function BIO_retry_type(b: PBIO): TIdC_INT;
+function BIO_should_retry(b: PBIO): TIdC_INT;
+
+(* BIO_s_accept() and BIO_s_connect() *)
+function BIO_do_connect(b: PBIO): TIdC_LONG;
+function BIO_do_accept(b: PBIO): TIdC_LONG;
+function BIO_do_handshake(b: PBIO): TIdC_LONG;
+
+  function BIO_get_new_index: TIdC_INT cdecl; external CLibCrypto;
+  procedure BIO_set_flags(b: PBIO; flags: TIdC_INT) cdecl; external CLibCrypto;
+  function BIO_test_flags(const b: PBIO; flags: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  procedure BIO_clear_flags(b: PBIO; flags: TIdC_INT) cdecl; external CLibCrypto;
+
+  function BIO_get_callback(b: PBIO): BIO_callback_fn cdecl; external CLibCrypto;
+  procedure BIO_set_callback(b: PBIO; callback: BIO_callback_fn) cdecl; external CLibCrypto;
+
+  function BIO_get_callback_ex(b: PBIO): BIO_callback_fn_ex cdecl; external CLibCrypto;
+  procedure BIO_set_callback_ex(b: PBIO; callback: BIO_callback_fn_ex) cdecl; external CLibCrypto;
+
+  function BIO_get_callback_arg(const b: PBIO): PIdAnsiChar cdecl; external CLibCrypto;
+  procedure BIO_set_callback_arg(var b: PBIO; arg: PIdAnsiChar) cdecl; external CLibCrypto;
+
+  function BIO_method_name(const b: PBIO): PIdAnsiChar cdecl; external CLibCrypto;
+  function BIO_method_type(const b: PBIO): TIdC_INT cdecl; external CLibCrypto;
+
+//  {$HPPEMIT '# define BIO_set_app_data(s,arg)         BIO_set_ex_data(s,0,arg)'}
+//  {$HPPEMIT '# define BIO_get_app_data(s)             BIO_get_ex_data(s,0)'}
+//
+//  {$HPPEMIT '# define BIO_set_nbio(b,n)             BIO_ctrl(b,BIO_C_SET_NBIO,(n),NULL)'}
+//
+//  {$HPPEMIT '# ifndef OPENSSL_NO_SOCK'}
+//  (* IP families we support, for BIO_s_connect() and BIO_s_accept() *)
+//  (* Note: the underlying operating system may not support some of them *)
+//  {$HPPEMIT '#  define BIO_FAMILY_IPV4                         4'}
+//  {$HPPEMIT '#  define BIO_FAMILY_IPV6                         6'}
+//  {$HPPEMIT '#  define BIO_FAMILY_IPANY                        256'}
+//
+//  (* BIO_s_connect() *)
+//  {$HPPEMIT '#  define BIO_set_conn_hostname(b,name) BIO_ctrl(b,BIO_C_SET_CONNECT,0,'}
+//                                                   (char (name))
+//  {$HPPEMIT '#  define BIO_set_conn_port(b,port)     BIO_ctrl(b,BIO_C_SET_CONNECT,1,'}
+//                                                   (char (port))
+//  {$HPPEMIT '#  define BIO_set_conn_address(b,addr)  BIO_ctrl(b,BIO_C_SET_CONNECT,2,'}
+//                                                   (char (addr))
+//  {$HPPEMIT '#  define BIO_set_conn_ip_family(b,f)   BIO_int_ctrl(b,BIO_C_SET_CONNECT,3,f)'}
+//  {$HPPEMIT '#  define BIO_get_conn_hostname(b)      (( char )BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,0))'}
+//  {$HPPEMIT '#  define BIO_get_conn_port(b)          (( char )BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,1))'}
+//  {$HPPEMIT '#  define BIO_get_conn_address(b)       (( PBIO_ADDR )BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,2))'}
+//  {$HPPEMIT '#  define BIO_get_conn_ip_family(b)     BIO_ctrl(b,BIO_C_GET_CONNECT,3,NULL)'}
+//  {$HPPEMIT '#  define BIO_set_conn_mode(b,n)        BIO_ctrl(b,BIO_C_SET_CONNECT_MODE,(n),NULL)'}
+//
+//  (* BIO_s_accept() *)
+//  {$HPPEMIT '#  define BIO_set_accept_name(b,name)   BIO_ctrl(b,BIO_C_SET_ACCEPT,0,'}
+//  {$EXTERNALSYM PBIO}
+//                                                   (char (name))
+//  {$HPPEMIT '#  define BIO_set_accept_port(b,port)   BIO_ctrl(b,BIO_C_SET_ACCEPT,1,'}
+//                                                   (char (port))
+//  {$HPPEMIT '#  define BIO_get_accept_name(b)        (( char )BIO_ptr_ctrl(b,BIO_C_GET_ACCEPT,0))'}
+//  {$HPPEMIT '#  define BIO_get_accept_port(b)        (( char )BIO_ptr_ctrl(b,BIO_C_GET_ACCEPT,1))'}
+//  {$HPPEMIT '#  define BIO_get_peer_name(b)          (( char )BIO_ptr_ctrl(b,BIO_C_GET_ACCEPT,2))'}
+//  {$HPPEMIT '#  define BIO_get_peer_port(b)          (( char )BIO_ptr_ctrl(b,BIO_C_GET_ACCEPT,3))'}
+//  (* #define BIO_set_nbio(b,n)    BIO_ctrl(b,BIO_C_SET_NBIO,(n),NULL) *)
+//  {$HPPEMIT '#  define BIO_set_nbio_accept(b,n)      #  define BIO_set_nbio_accept(b,n)      BIO_ctrl(b,BIO_C_SET_ACCEPT,2,(n)?(procedure )'a':NULL)  BIO_ctrl(b,BIO_C_SET_ACCEPT,3,'}
+//                                                   (char (bio))
+//  {$HPPEMIT '#  define BIO_set_accept_ip_family(b,f) BIO_int_ctrl(b,BIO_C_SET_ACCEPT,4,f)'}
+//  {$HPPEMIT '#  define BIO_get_accept_ip_family(b)   BIO_ctrl(b,BIO_C_GET_ACCEPT,4,NULL)'}
+//
+//  (* Aliases kept for backward compatibility *)
+//  {$HPPEMIT '#  define BIO_BIND_NORMAL                 0'}
+//  {$HPPEMIT '#  define BIO_BIND_REUSEADDR              BIO_SOCK_REUSEADDR'}
+//  {$HPPEMIT '#  define BIO_BIND_REUSEADDR_IF_UNUSED    BIO_SOCK_REUSEADDR'}
+//  {$HPPEMIT '#  define BIO_set_bind_mode(b,mode) BIO_ctrl(b,BIO_C_SET_BIND_MODE,mode,NULL)'}
+//  {$HPPEMIT '#  define BIO_get_bind_mode(b)    BIO_ctrl(b,BIO_C_GET_BIND_MODE,0,NULL)'}
+//
+//  (* BIO_s_accept() and BIO_s_connect() *)
+//  {$HPPEMIT '#  define BIO_do_connect(b)       BIO_do_handshake(b)'}
+//  {$HPPEMIT '#  define BIO_do_accept(b)        BIO_do_handshake(b)'}
+//  {$HPPEMIT '# endif'}	(* OPENSSL_NO_SOCK *)
+//
+//  {$HPPEMIT '# define BIO_do_handshake(b)     BIO_ctrl(b,BIO_C_DO_STATE_MACHINE,0,NULL)'}
+//
+//  (* BIO_s_datagram(), BIO_s_fd(), BIO_s_socket(), BIO_s_accept() and BIO_s_connect() *)
+//  {$HPPEMIT '# define BIO_set_fd(b,fd,c)      BIO_int_ctrl(b,BIO_C_SET_FD,c,fd)'}
+//  {$HPPEMIT '# define BIO_get_fd(b,c)         BIO_ctrl(b,BIO_C_GET_FD,0,(char (c))'}
+//
+//  (* BIO_s_file() *)
+//  {$HPPEMIT '# define BIO_set_fp(b,fp,c)      BIO_ctrl(b,BIO_C_SET_FILE_PTR,c,(char (fp))'}
+//  {$HPPEMIT '# define BIO_get_fp(b,fpp)       BIO_ctrl(b,BIO_C_GET_FILE_PTR,0,(char (fpp))'}
+//
+//  (* BIO_s_fd() and BIO_s_file() *)
+//  {$HPPEMIT '# define BIO_seek(b,ofs(int)BIO_ctrl(b,BIO_C_FILE_SEEK,ofs,NULL)'}
+//  {$HPPEMIT '# define BIO_tell(b)     (int)BIO_ctrl(b,BIO_C_FILE_TELL,0,NULL)'}
+//
+//  (*
+//   * name is cast to lose , but might be better to route through a
+//   * cFunction so we can do it safely
+//   *)
+//  {$HPPEMIT '# ifdef CONST_STRICT'}
+//  (*
+//   * If you are wondering why this isn't defined, its because CONST_STRICT is
+//   * purely a compile-time kludge to allow  to be checked.
+//   *)
+////  function BIO_read_filename(b: PBIO; const name: PIdAnsiChar): TIdC_INT;
+//  {$HPPEMIT '# define BIO_write_filename(b,name(int)BIO_ctrl(b,BIO_C_SET_FILENAME,'}
+//                  BIO_CLOSE or BIO_FP_WRITE,name)
+//  {$HPPEMIT '# define BIO_append_filename(b,name(int)BIO_ctrl(b,BIO_C_SET_FILENAME,'}
+//                  BIO_CLOSE or BIO_FP_APPEND,name)
+//  {$HPPEMIT '# define BIO_rw_filename(b,name(int)BIO_ctrl(b,BIO_C_SET_FILENAME,'}
+//                  BIO_CLOSE or BIO_FP_READ or BIO_FP_WRITE,name)
+//
+//  (*
+//   * WARNING WARNING, this ups the reference count on the read bio of the SSL
+//   * structure.  This is because the ssl read PBIO is now pointed to by the
+//   * next_bio field in the bio.  So when you free the PBIO, make sure you are
+//   * doing a BIO_free_all() to catch the underlying PBIO.
+//   *)
+//  {$HPPEMIT '# define BIO_set_ssl(b,ssl,c)    BIO_ctrl(b,BIO_C_SET_SSL,c,(char (ssl))'}
+//  {$HPPEMIT '# define BIO_get_ssl(b,sslp)     BIO_ctrl(b,BIO_C_GET_SSL,0,(char (sslp))'}
+//  {$HPPEMIT '# define BIO_set_ssl_mode(b,client)      BIO_ctrl(b,BIO_C_SSL_MODE,client,NULL)'}
+//  {$HPPEMIT '# define BIO_set_ssl_renegotiate_bytes(b,num)'}
+//          BIO_ctrl(b,BIO_C_SET_SSL_RENEGOTIATE_BYTES,num,0)
+//  {$HPPEMIT '# define BIO_get_num_renegotiates(b)'}
+//          BIO_ctrl(b,BIO_C_GET_SSL_NUM_RENEGOTIATES,0,0)
+//  {$HPPEMIT '# define BIO_set_ssl_renegotiate_timeout(b,seconds)'}
+//          BIO_ctrl(b,BIO_C_SET_SSL_RENEGOTIATE_TIMEOUT,seconds,0)
+//
+//  (* defined in evp.h *)
+//  (* #define BIO_set_md(b,md)     BIO_ctrl(b,BIO_C_SET_MD,1,(char )(md)) *)
+//
+//  {$HPPEMIT '# define BIO_get_mem_data(b,pp)  BIO_ctrl(b,BIO_CTRL_INFO,0,(char (pp))'}
+//  {$HPPEMIT '# define BIO_set_mem_buf(b,bm,c) BIO_ctrl(b,BIO_C_SET_BUF_MEM,c,(char (bm))'}
+//  {$HPPEMIT '# define BIO_get_mem_ptr(b,pp)   BIO_ctrl(b,BIO_C_GET_BUF_MEM_PTR,0,'}
+//                                            (char (pp))
+//  {$HPPEMIT '# define BIO_set_mem_eof_return(b,v)'}
+//                                  BIO_ctrl(b,BIO_C_SET_BUF_MEM_EOF_RETURN,v,0)
+//
+//  (* For the BIO_f_buffer() type *)
+//  {$HPPEMIT '# define BIO_get_buffer_num_lines(b)     BIO_ctrl(b,BIO_C_GET_BUFF_NUM_LINES,0,NULL)'}
+//  {$HPPEMIT '# define BIO_set_buffer_size(b,size)     BIO_ctrl(b,BIO_C_SET_BUFF_SIZE,size,NULL)'}
+//  {$HPPEMIT '# define BIO_set_read_buffer_size(b,size) BIO_int_ctrl(b,BIO_C_SET_BUFF_SIZE,size,0)'}
+//  {$HPPEMIT '# define BIO_set_write_buffer_size(b,size) BIO_int_ctrl(b,BIO_C_SET_BUFF_SIZE,size,1)'}
+//  {$HPPEMIT '# define BIO_set_buffer_read_data(b,buf,num) BIO_ctrl(b,BIO_C_SET_BUFF_READ_DATA,num,buf)'}
+//
+//  (* Don't use the next one unless you know what you are doing :-) */
+//  {$HPPEMIT '# define BIO_dup_state(b,ret)    BIO_ctrl(b,BIO_CTRL_DUP,0,(char (ret))'}
+//
+//  {$HPPEMIT '# define BIO_reset(b)            (int)BIO_ctrl(b,BIO_CTRL_RESET,0,NULL)'}
+//  {$HPPEMIT '# define BIO_eof(b)              (int)BIO_ctrl(b,BIO_CTRL_EOF,0,NULL)'}
+//  {$HPPEMIT '# define BIO_set_close(b,c)      (int)BIO_ctrl(b,BIO_CTRL_SET_CLOSE,(c),NULL)'}
+//  {$HPPEMIT '# define BIO_get_close(b)        (int)BIO_ctrl(b,BIO_CTRL_GET_CLOSE,0,NULL)'}
+//  {$HPPEMIT '# define BIO_pending(b)          (int)BIO_ctrl(b,BIO_CTRL_PENDING,0,NULL)'}
+//  {$HPPEMIT '# define BIO_wpending(b)         (int)BIO_ctrl(b,BIO_CTRL_WPENDING,0,NULL)'}
+  (* ...pending macros have inappropriate return type *)
+  function BIO_ctrl_pending(b: PBIO): TIdC_SIZET cdecl; external CLibCrypto;
+  function BIO_ctrl_wpending(b: PBIO): TIdC_SIZET cdecl; external CLibCrypto;
+//  {$HPPEMIT '# define BIO_flush(b)            (int)BIO_ctrl(b,BIO_CTRL_FLUSH,0,NULL)'}
+//  {$HPPEMIT '# define BIO_get_info_callback(b,cbp(int)BIO_ctrl(b,BIO_CTRL_GET_CALLBACK,0,'}
+//                                                     cbp)
+//  {$HPPEMIT '# define BIO_set_info_callback(b,cb(int)BIO_callback_ctrl(b,BIO_CTRL_SET_CALLBACK,cb)'}
+//
+//  (* For the BIO_f_buffer() type *)
+//  {$HPPEMIT '# define BIO_buffer_get_num_lines(b) BIO_ctrl(b,BIO_CTRL_GET,0,NULL)'}
+//  {$HPPEMIT '# define BIO_buffer_peek(b,s,l) BIO_ctrl(b,BIO_CTRL_PEEK,(l),(s))'}
+//
+//  (* For BIO_s_bio() *)
+//  {$HPPEMIT '# define BIO_set_write_buf_size(b,size(int)BIO_ctrl(b,BIO_C_SET_WRITE_BUF_SIZE,size,NULL)'}
+//  {$HPPEMIT '# define BIO_get_write_buf_size(b,size(TIdC_SIZET)BIO_ctrl(b,BIO_C_GET_WRITE_BUF_SIZE,size,NULL)'}
+//  {$HPPEMIT '# define BIO_make_bio_pair(b1,b2)   (int)BIO_ctrl(b1,BIO_C_MAKE_BIO_PAIR,0,b2)'}
+//  {$HPPEMIT '# define BIO_destroy_bio_pair(b)    (int)BIO_ctrl(b,BIO_C_DESTROY_BIO_PAIR,0,NULL)'}
+//  {$HPPEMIT '# define BIO_shutdown_wr(b(int)BIO_ctrl(b, BIO_C_SHUTDOWN_WR, 0, NULL)'}
+//  (* macros with inappropriate type -- but ...pending macros use int too: *)
+//  {$HPPEMIT '# define BIO_get_write_guarantee(b(int)BIO_ctrl(b,BIO_C_GET_WRITE_GUARANTEE,0,NULL)'}
+//  {$HPPEMIT '# define BIO_get_read_request(b)    (int)BIO_ctrl(b,BIO_C_GET_READ_REQUEST,0,NULL)'}
+  function BIO_ctrl_get_write_guarantee(b: PBIO): TIdC_SIZET cdecl; external CLibCrypto;
+  function BIO_ctrl_get_read_request(b: PBIO): TIdC_SIZET cdecl; external CLibCrypto;
+  function BIO_ctrl_reset_read_request(b: PBIO): TIdC_INT cdecl; external CLibCrypto;
+
+  (* ctrl macros for dgram *)
+//  {$HPPEMIT '# define BIO_ctrl_dgram_connect(b,peer)'}
+//                       (TIdC_INT)BIO_ctrl(b,BIO_CTRL_DGRAM_CONNECT,0, (char (peer))
+//  {$HPPEMIT '# define BIO_ctrl_set_connected(b,peer)'}
+//           (TIdC_INT)BIO_ctrl(b, BIO_CTRL_DGRAM_SET_CONNECTED, 0, (char (peer))
+//  {$HPPEMIT '# define BIO_dgram_recv_timedout(b)'}
+//           (TIdC_INT)BIO_ctrl(b, BIO_CTRL_DGRAM_GET_RECV_TIMER_EXP, 0, 0)
+//  {$HPPEMIT '# define BIO_dgram_send_timedout(b)'}
+//           (TIdC_INT)BIO_ctrl(b, BIO_CTRL_DGRAM_GET_SEND_TIMER_EXP, 0, 0)
+//  {$HPPEMIT '# define BIO_dgram_get_peer(b,peer)'}
+//           (TIdC_INT)BIO_ctrl(b, BIO_CTRL_DGRAM_GET_PEER, 0, (char (peer))
+//  {$HPPEMIT '# define BIO_dgram_set_peer(b,peer)'}
+//           (TIdC_INT)BIO_ctrl(b, BIO_CTRL_DGRAM_SET_PEER, 0, (char (peer))
+//  {$HPPEMIT '# define BIO_dgram_get_mtu_overhead(b)'}
+//           (Cardinal)BIO_ctrl((b), BIO_CTRL_DGRAM_GET_MTU_OVERHEAD, 0, 0)
+
+//#define BIO_get_ex_new_index(l, p, newf, dupf, freef) \
+//    CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_BIO, l, p, newf, dupf, freef)
+
+  function BIO_set_ex_data(bio: PBIO; idx: TIdC_INT; data: Pointer): TIdC_INT cdecl; external CLibCrypto;
+  function BIO_get_ex_data(bio: PBIO; idx: TIdC_INT): Pointer cdecl; external CLibCrypto;
+  function BIO_number_read(bio: PBIO): TIdC_UINT64 cdecl; external CLibCrypto;
+  function BIO_number_written(bio: PBIO): TIdC_UINT64 cdecl; external CLibCrypto;
+
+  (* For BIO_f_asn1() *)
+//  function BIO_asn1_set_prefix(b: PBIO; prefix: ^asn1_ps_func; prefix_free: ^asn1_ps_func): TIdC_INT;
+//  function BIO_asn1_get_prefix(b: PBIO; pprefix: ^^asn1_ps_func; pprefix_free: ^^asn1_ps_func): TIdC_INT;
+//  function BIO_asn1_set_suffix(b: PBIO; suffix: ^asn1_ps_func; suffix_free: ^asn1_ps_func): TIdC_INT;
+//  function BIO_asn1_get_suffix(b: PBIO; psuffix: ^asn1_ps_func; psuffix_free: ^^asn1_ps_func): TIdC_INT;
+
+  function BIO_s_file: PBIO_METHOD cdecl; external CLibCrypto;
+  function BIO_new_file(const filename: PIdAnsiChar; const mode: PIdAnsiChar): PBIO cdecl; external CLibCrypto;
+//  function BIO_new_fp(stream: cFile; close_flag: TIdC_INT): PBIO;
+  function BIO_new(const cType: PBIO_METHOD): PBIO cdecl; external CLibCrypto;
+  function BIO_free(a: PBIO): TIdC_INT cdecl; external CLibCrypto;
+  procedure BIO_set_data(a: PBIO; ptr: Pointer) cdecl; external CLibCrypto;
+  function BIO_get_data(a: PBIO): Pointer cdecl; external CLibCrypto;
+  procedure BIO_set_init(a: PBIO; init: TIdC_INT) cdecl; external CLibCrypto;
+  function BIO_get_init(a: PBIO): TIdC_INT cdecl; external CLibCrypto;
+  procedure BIO_set_shutdown(a: PBIO; shut: TIdC_INT) cdecl; external CLibCrypto;
+  function BIO_get_shutdown(a: PBIO): TIdC_INT cdecl; external CLibCrypto;
+  procedure BIO_vfree(a: PBIO) cdecl; external CLibCrypto;
+  function BIO_up_ref(a: PBIO): TIdC_INT cdecl; external CLibCrypto;
+  function BIO_read(b: PBIO; data: Pointer; dlen: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function BIO_read_ex(b: PBIO; data: Pointer; dlen: TIdC_SIZET; readbytes: PIdC_SIZET): TIdC_INT cdecl; external CLibCrypto;
+  function BIO_gets( bp: PBIO; buf: PIdAnsiChar; size: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function BIO_write(b: PBIO; const data: Pointer; dlen: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function BIO_write_ex(b: PBIO; const data: Pointer; dlen: TIdC_SIZET; written: PIdC_SIZET): TIdC_INT cdecl; external CLibCrypto;
+  function BIO_puts(bp: PBIO; const buf: PIdAnsiChar): TIdC_INT cdecl; external CLibCrypto;
+  function BIO_indent(b: PBIO; indent: TIdC_INT; max: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function BIO_ctrl(bp: PBIO; cmd: TIdC_INT; larg: TIdC_LONG; parg: Pointer): TIdC_LONG cdecl; external CLibCrypto;
+  function BIO_callback_ctrl(b: PBIO; cmd: TIdC_INT; fp: PBIO_info_cb): TIdC_LONG cdecl; external CLibCrypto;
+  function BIO_ptr_ctrl(bp: PBIO; cmd: TIdC_INT; larg: TIdC_LONG): Pointer cdecl; external CLibCrypto;
+  function BIO_int_ctrl(bp: PBIO; cmd: TIdC_INT; larg: TIdC_LONG; iarg: TIdC_INT): TIdC_LONG cdecl; external CLibCrypto;
+  function BIO_push(b: PBIO; append: PBIO): PBIO cdecl; external CLibCrypto;
+  function BIO_pop(b: PBIO): PBIO cdecl; external CLibCrypto;
+  procedure BIO_free_all(a: PBIO) cdecl; external CLibCrypto;
+  function BIO_find_type(b: PBIO; bio_type: TIdC_INT): PBIO cdecl; external CLibCrypto;
+  function BIO_next(b: PBIO): PBIO cdecl; external CLibCrypto;
+  procedure BIO_set_next(b: PBIO; next: PBIO) cdecl; external CLibCrypto;
+  function BIO_get_retry_BIO(bio: PBIO; reason: TIdC_INT): PBIO cdecl; external CLibCrypto;
+  function BIO_get_retry_reason(bio: PBIO): TIdC_INT cdecl; external CLibCrypto;
+  procedure BIO_set_retry_reason(bio: PBIO; reason: TIdC_INT) cdecl; external CLibCrypto;
+  function BIO_dup_chain(&in: PBIO): PBIO cdecl; external CLibCrypto;
+
+  function BIO_nread0(bio: PBIO; buf: PPIdAnsiChar): TIdC_INT cdecl; external CLibCrypto;
+  function BIO_nread(bio: PBIO; buf: PPIdAnsiChar; num: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function BIO_nwrite0(bio: PBIO; buf: PPIdAnsiChar): TIdC_INT cdecl; external CLibCrypto;
+  function BIO_nwrite(bio: PBIO; buf: PPIdAnsiChar; num: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+
+  function BIO_debug_callback(bio: PBIO; cmd: TIdC_INT; const argp: PIdAnsiChar; argi: TIdC_INT; argl: TIdC_LONG; ret: TIdC_LONG): TIdC_LONG cdecl; external CLibCrypto;
+
+  function BIO_s_mem: BIO_METHOD cdecl; external CLibCrypto;
+  function BIO_s_secmem: BIO_METHOD cdecl; external CLibCrypto;
+  function BIO_new_mem_buf(const buf: Pointer; len: TIdC_INT): PBIO cdecl; external CLibCrypto;
+
+  function BIO_s_socket: BIO_METHOD cdecl; external CLibCrypto;
+  function BIO_s_connect: BIO_METHOD cdecl; external CLibCrypto;
+  function BIO_s_accept: BIO_METHOD cdecl; external CLibCrypto;
+
+  function BIO_s_fd: BIO_METHOD cdecl; external CLibCrypto;
+  function BIO_s_log: BIO_METHOD cdecl; external CLibCrypto;
+  function BIO_s_bio: BIO_METHOD cdecl; external CLibCrypto;
+  function BIO_s_null: BIO_METHOD cdecl; external CLibCrypto;
+  function BIO_f_null: BIO_METHOD cdecl; external CLibCrypto;
+  function BIO_f_buffer: BIO_METHOD cdecl; external CLibCrypto;
+  function BIO_f_linebuffer: BIO_METHOD cdecl; external CLibCrypto;
+  function BIO_f_nbio_test: BIO_METHOD cdecl; external CLibCrypto;
+  function BIO_s_datagram: BIO_METHOD cdecl; external CLibCrypto;
+  function BIO_dgram_non_fatal_error(error: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function BIO_new_dgram(fd: TIdC_INT; close_flag: TIdC_INT): PBIO cdecl; external CLibCrypto;
+
+  function BIO_s_datagram_sctp: BIO_METHOD cdecl; external CLibCrypto;
+  function BIO_new_dgram_sctp(fd: TIdC_INT; close_flag: TIdC_INT): PBIO cdecl; external CLibCrypto;
+  function BIO_dgram_is_sctp(bio: PBIO): TIdC_INT cdecl; external CLibCrypto;
+//  function BIO_dgram_sctp_notification_cb(bio: PBIO; handle_notifications(PBIO;
+//    context: Pointer;
+//    buf: Pointer): TIdC_INT, Pointer context);
+  function BIO_dgram_sctp_wait_for_dry(b: PBIO): TIdC_INT cdecl; external CLibCrypto;
+  function BIO_dgram_sctp_msg_waiting(b: PBIO): TIdC_INT cdecl; external CLibCrypto;
+
+  function BIO_sock_should_retry(i: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function BIO_sock_non_fatal_error(error: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+
+  function BIO_fd_should_retry(i: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function BIO_fd_non_fatal_error(error: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+//  function BIO_dump_cb(
+//    Pointer data: cb(;
+//    len: TIdC_SIZET;
+//    function: Pointer): u: TIdC_INT, Pointer function ,  PIdAnsiChar s, TIdC_INT len): u;
+//  function BIO_dump_indent_cb(TIdC_INT (cb( Pointer data, TIdC_SIZET len, Pointer function ): u: TIdC_INT, Pointer function ,  PIdAnsiChar s, TIdC_INT len, TIdC_INT indent): u;
+  function BIO_dump(b: PBIO; const bytes: PIdAnsiChar; len: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function BIO_dump_indent(b: PBIO; const bytes: PIdAnsiChar; len: TIdC_INT; indent: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+
+//  function BIO_dump_fp(fp: cFile; const s: PByte; len: TIdC_INT): TIdC_INT;
+//  function BIO_dump_indent_fp(fp: cFile; const s: PByte; len: TIdC_INT; indent: TIdC_INT): TIdC_INT;
+
+  function BIO_hex_string(&out: PBIO; indent: TIdC_INT; width: TIdC_INT; data: PByte; datalen: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+
+  function BIO_ADDR_new: PBIO_ADDR cdecl; external CLibCrypto;
+  function BIO_ADDR_rawmake(ap: PBIO_ADDR; familiy: TIdC_INT; const where: Pointer; wherelen: TIdC_SIZET; port: TIdC_SHORT): TIdC_INT cdecl; external CLibCrypto;
+  procedure BIO_ADDR_free(a: PBIO_ADDR) cdecl; external CLibCrypto;
+  procedure BIO_ADDR_clear(ap: PBIO_ADDR) cdecl; external CLibCrypto;
+  function BIO_ADDR_family(const ap: PBIO_ADDR): TIdC_INT cdecl; external CLibCrypto;
+  function BIO_ADDR_rawaddress(const ap: PBIO_ADDR; p: Pointer; l: PIdC_SIZET): TIdC_INT cdecl; external CLibCrypto;
+  function BIO_ADDR_rawport(const ap: PBIO_ADDR): TIdC_SHORT cdecl; external CLibCrypto;
+  function BIO_ADDR_hostname_string(const ap: PBIO_ADDR; numeric: TIdC_INT): PIdAnsiChar cdecl; external CLibCrypto;
+  function BIO_ADDR_service_string(const ap: PBIO_ADDR; numeric: TIdC_INT): PIdAnsiChar cdecl; external CLibCrypto;
+  function BIO_ADDR_path_string(const ap: PBIO_ADDR): PIdAnsiChar cdecl; external CLibCrypto;
+
+  function BIO_ADDRINFO_next(const bai: PBIO_ADDRINFO): PBIO_ADDRINFO cdecl; external CLibCrypto;
+  function BIO_ADDRINFO_family(const bai: PBIO_ADDRINFO): TIdC_INT cdecl; external CLibCrypto;
+  function BIO_ADDRINFO_socktype(const bai: PBIO_ADDRINFO): TIdC_INT cdecl; external CLibCrypto;
+  function BIO_ADDRINFO_protocol(const bai: PBIO_ADDRINFO): TIdC_INT cdecl; external CLibCrypto;
+  function BIO_ADDRINFO_address(const bai: PBIO_ADDRINFO): PBIO_ADDR cdecl; external CLibCrypto;
+  procedure BIO_ADDRINFO_free(bai: PBIO_ADDRINFO) cdecl; external CLibCrypto;
+
+  function BIO_parse_hostserv(const hostserv: PIdAnsiChar; host: PPIdAnsiChar; service: PPIdAnsiChar; hostserv_prio: BIO_hostserv_priorities): TIdC_INT cdecl; external CLibCrypto;
+
+  function BIO_lookup(const host: PIdAnsiChar; const service: PIdAnsiChar; lookup_type: BIO_lookup_type; family: TIdC_INT; socktype: TIdC_INT; res: PPBIO_ADDRINFO): TIdC_INT cdecl; external CLibCrypto;
+  function BIO_lookup_ex(const host: PIdAnsiChar; const service: PIdAnsiChar; lookup_type: TIdC_INT; family: TIdC_INT; socktype: TIdC_INT; protocol: TIdC_INT; res: PPBIO_ADDRINFO): TIdC_INT cdecl; external CLibCrypto;
+  function BIO_sock_error(sock: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function BIO_socket_ioctl(fd: TIdC_INT; cType: TIdC_LONG; arg: Pointer): TIdC_INT cdecl; external CLibCrypto;
+  function BIO_socket_nbio(fd: TIdC_INT; mode: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function BIO_sock_init: TIdC_INT cdecl; external CLibCrypto;
+
+  function BIO_set_tcp_ndelay(sock: TIdC_INT; turn_on: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+
+  function BIO_sock_info(sock: TIdC_INT; &type: BIO_sock_info_type; info: PBIO_sock_info_u): TIdC_INT cdecl; external CLibCrypto;
+
+  function BIO_socket(domain: TIdC_INT; socktype: TIdC_INT; protocol: TIdC_INT; options: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function BIO_connect(sock: TIdC_INT; const addr: PBIO_ADDR; options: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function BIO_bind(sock: TIdC_INT; const addr: PBIO_ADDR; options: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function BIO_listen(sock: TIdC_INT; const addr: PBIO_ADDR; options: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function BIO_accept_ex(accept_sock: TIdC_INT; addr: PBIO_ADDR; options: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function BIO_closesocket(sock: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+
+  function BIO_new_socket(sock: TIdC_INT; close_flag: TIdC_INT): PBIO cdecl; external CLibCrypto;
+  function BIO_new_connect(const host_port: PIdAnsiChar): PBIO cdecl; external CLibCrypto;
+  function BIO_new_accept(const host_port: PIdAnsiChar): PBIO cdecl; external CLibCrypto;
+
+  function BIO_new_fd(fd: TIdC_INT; close_flag: TIdC_INT): PBIO cdecl; external CLibCrypto;
+
+  function BIO_new_bio_pair(bio1: PPBIO; writebuf1: TIdC_SIZET; bio2: PPBIO; writebuf2: TIdC_SIZET): TIdC_INT cdecl; external CLibCrypto;
+  (*
+   * If successful, returns 1 and in *bio1, *bio2 two BIO pair endpoints.
+   * Otherwise returns 0 and sets *bio1 and *bio2 to NULL. Size 0 uses default
+   * value.
+   *)
+
+  procedure BIO_copy_next_retry(b: PBIO) cdecl; external CLibCrypto;
+
+//  BIO_METHOD *BIO_meth_new(int type, const char *name);
+//  void BIO_meth_free(BIO_METHOD *biom);
+//  int (*BIO_meth_get_write(const BIO_METHOD *biom)) (BIO *, const char *, int);
+//  int (*BIO_meth_get_write_ex(const BIO_METHOD *biom)) (BIO *, const char *, TIdC_SIZET,
+//                                                  TIdC_SIZET *);
+//  int BIO_meth_set_write(BIO_METHOD *biom,
+//                         int (*write) (BIO *, const char *, int));
+//  int BIO_meth_set_write_ex(BIO_METHOD *biom,
+//                         int (*bwrite) (BIO *, const char *, TIdC_SIZET, TIdC_SIZET *));
+//  int (*BIO_meth_get_read(const BIO_METHOD *biom)) (BIO *, char *, int);
+//  int (*BIO_meth_get_read_ex(const BIO_METHOD *biom)) (BIO *, char *, TIdC_SIZET, TIdC_SIZET *);
+//  int BIO_meth_set_read(BIO_METHOD *biom,
+//                        int (*read) (BIO *, char *, int));
+//  int BIO_meth_set_read_ex(BIO_METHOD *biom,
+//                           int (*bread) (BIO *, char *, TIdC_SIZET, TIdC_SIZET *));
+//  int (*BIO_meth_get_puts(const BIO_METHOD *biom)) (BIO *, const char *);
+//  int BIO_meth_set_puts(BIO_METHOD *biom,
+//                        int (*puts) (BIO *, const char *));
+//  int (*BIO_meth_get_gets(const BIO_METHOD *biom)) (BIO *, char *, int);
+//  int BIO_meth_set_gets(BIO_METHOD *biom,
+//                        int (*gets) (BIO *, char *, int));
+//  long (*BIO_meth_get_ctrl(const BIO_METHOD *biom)) (BIO *, int, long, void *);
+//  int BIO_meth_set_ctrl(BIO_METHOD *biom,
+//                        long (*ctrl) (BIO *, int, long, void *));
+//  int (*BIO_meth_get_create(const BIO_METHOD *bion)) (BIO *);
+//  int BIO_meth_set_create(BIO_METHOD *biom, int (*create) (BIO *));
+//  int (*BIO_meth_get_destroy(const BIO_METHOD *biom)) (BIO *);
+//  int BIO_meth_set_destroy(BIO_METHOD *biom, int (*destroy) (BIO *));
+//  long (*BIO_meth_get_callback_ctrl(const BIO_METHOD *biom))
+//                                   (BIO *, int, BIO_info_cb *);
+//  int BIO_meth_set_callback_ctrl(BIO_METHOD *biom,
+//                                 long (*callback_ctrl) (BIO *, int,
+//                                                        BIO_info_cb *));
+
+implementation
+
+{$REGION 'C compiler macros'}
+// # define BIO_get_flags(b) BIO_test_flags(b, ~(0x0))
+function BIO_get_flags(const b: PBIO): TIdC_INT;
+begin
+  Result := BIO_test_flags(b, not $0);
+end;
+
+//# define BIO_set_retry_special(b) \
+//                BIO_set_flags(b, (BIO_FLAGS_IO_SPECIAL|BIO_FLAGS_SHOULD_RETRY))
+procedure BIO_set_retry_special(b: PBIO);
+begin
+  BIO_set_flags(b, BIO_FLAGS_IO_SPECIAL or BIO_FLAGS_SHOULD_RETRY);
+end;
+
+//# define BIO_set_retry_read(b) \
+//                BIO_set_flags(b, (BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY))
+procedure BIO_set_retry_read(b: PBIO);
+begin
+  BIO_set_flags(b, BIO_FLAGS_READ or BIO_FLAGS_SHOULD_RETRY);
+end;
+
+//# define BIO_set_retry_write(b) \
+//                BIO_set_flags(b, (BIO_FLAGS_WRITE|BIO_FLAGS_SHOULD_RETRY))
+procedure BIO_set_retry_write(b: PBIO);
+begin
+  BIO_set_flags(b, BIO_FLAGS_WRITE or BIO_FLAGS_SHOULD_RETRY);
+end;
+
+//# define BIO_clear_retry_flags(b) \
+//                BIO_clear_flags(b, (BIO_FLAGS_RWS|BIO_FLAGS_SHOULD_RETRY))
+procedure BIO_clear_retry_flags(b: PBIO);
+begin
+  BIO_clear_flags(b, BIO_FLAGS_RWS or BIO_FLAGS_SHOULD_RETRY);
+end;
+
+//# define BIO_get_retry_flags(b) \
+//                BIO_test_flags(b, (BIO_FLAGS_RWS|BIO_FLAGS_SHOULD_RETRY))
+function BIO_get_retry_flags(b: PBIO): TIdC_INT;
+begin
+  Result := BIO_test_flags(b, BIO_FLAGS_RWS or BIO_FLAGS_SHOULD_RETRY);
+end;
+
+//# define BIO_should_read(a)              BIO_test_flags(a, BIO_FLAGS_READ)
+function BIO_should_read(b: PBIO): TIdC_INT;
+begin
+  Result := BIO_test_flags(b, BIO_FLAGS_READ);
+end;
+
+//# define BIO_should_write(a)             BIO_test_flags(a, BIO_FLAGS_WRITE)
+function BIO_should_write(b: PBIO): TIdC_INT;
+begin
+  Result := BIO_test_flags(b, BIO_FLAGS_WRITE);
+end;
+
+//# define BIO_should_io_special(a)        BIO_test_flags(a, BIO_FLAGS_IO_SPECIAL)
+function BIO_should_io_special(b: PBIO): TIdC_INT;
+begin
+  Result := BIO_test_flags(b, BIO_FLAGS_IO_SPECIAL);
+end;
+
+//# define BIO_retry_type(a)               BIO_test_flags(a, BIO_FLAGS_RWS)
+function BIO_retry_type(b: PBIO): TIdC_INT;
+begin
+  Result := BIO_test_flags(b, BIO_FLAGS_RWS);
+end;
+
+//# define BIO_should_retry(a)             BIO_test_flags(a, BIO_FLAGS_SHOULD_RETRY)
+function BIO_should_retry(b: PBIO): TIdC_INT;
+begin
+  Result := BIO_test_flags(b, BIO_FLAGS_SHOULD_RETRY);
+end;
+
+//#  define BIO_do_connect(b)       BIO_do_handshake(b)
+function BIO_do_connect(b: PBIO): TIdC_LONG;
+begin
+  Result := BIO_do_handshake(b);
+end;
+
+//#  define BIO_do_accept(b)        BIO_do_handshake(b)
+function BIO_do_accept(b: PBIO): TIdC_LONG;
+begin
+  Result := BIO_do_handshake(b);
+end;
+
+//# define BIO_do_handshake(b)     BIO_ctrl(b,BIO_C_DO_STATE_MACHINE,0,NULL)
+function BIO_do_handshake(b: PBIO): TIdC_LONG;
+begin
+  Result := BIO_ctrl(b, BIO_C_DO_STATE_MACHINE, 0, nil);
+end;
+{$ENDREGION}
+
+end.
+
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_bioerr.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_bioerr.pas
new file mode 100644
index 000000000..1a28ca986
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_bioerr.pas
@@ -0,0 +1,153 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 14:51:27
+
+unit IdOpenSSLHeaders_bioerr;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// bioerr.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+const
+  (*
+   * BIO function codes.
+   *)
+  BIO_F_ACPT_STATE = 100;
+  BIO_F_ADDRINFO_WRAP = 148;
+  BIO_F_ADDR_STRINGS = 134;
+  BIO_F_BIO_ACCEPT = 101;
+  BIO_F_BIO_ACCEPT_EX = 137;
+  BIO_F_BIO_ACCEPT_NEW = 152;
+  BIO_F_BIO_ADDR_NEW = 144;
+  BIO_F_BIO_BIND = 147;
+  BIO_F_BIO_CALLBACK_CTRL = 131;
+  BIO_F_BIO_CONNECT = 138;
+  BIO_F_BIO_CONNECT_NEW = 153;
+  BIO_F_BIO_CTRL = 103;
+  BIO_F_BIO_GETS = 104;
+  BIO_F_BIO_GET_HOST_IP = 106;
+  BIO_F_BIO_GET_NEW_INDEX = 102;
+  BIO_F_BIO_GET_PORT = 107;
+  BIO_F_BIO_LISTEN = 139;
+  BIO_F_BIO_LOOKUP = 135;
+  BIO_F_BIO_LOOKUP_EX = 143;
+  BIO_F_BIO_MAKE_PAIR = 121;
+  BIO_F_BIO_METH_NEW = 146;
+  BIO_F_BIO_NEW = 108;
+  BIO_F_BIO_NEW_DGRAM_SCTP = 145;
+  BIO_F_BIO_NEW_FILE = 109;
+  BIO_F_BIO_NEW_MEM_BUF = 126;
+  BIO_F_BIO_NREAD = 123;
+  BIO_F_BIO_NREAD0 = 124;
+  BIO_F_BIO_NWRITE = 125;
+  BIO_F_BIO_NWRITE0 = 122;
+  BIO_F_BIO_PARSE_HOSTSERV = 136;
+  BIO_F_BIO_PUTS = 110;
+  BIO_F_BIO_READ = 111;
+  BIO_F_BIO_READ_EX = 105;
+  BIO_F_BIO_READ_INTERN = 120;
+  BIO_F_BIO_SOCKET = 140;
+  BIO_F_BIO_SOCKET_NBIO = 142;
+  BIO_F_BIO_SOCK_INFO = 141;
+  BIO_F_BIO_SOCK_INIT = 112;
+  BIO_F_BIO_WRITE = 113;
+  BIO_F_BIO_WRITE_EX = 119;
+  BIO_F_BIO_WRITE_INTERN = 128;
+  BIO_F_BUFFER_CTRL = 114;
+  BIO_F_CONN_CTRL = 127;
+  BIO_F_CONN_STATE = 115;
+  BIO_F_DGRAM_SCTP_NEW = 149;
+  BIO_F_DGRAM_SCTP_READ = 132;
+  BIO_F_DGRAM_SCTP_WRITE = 133;
+  BIO_F_DOAPR_OUTCH = 150;
+  BIO_F_FILE_CTRL = 116;
+  BIO_F_FILE_READ = 130;
+  BIO_F_LINEBUFFER_CTRL = 129;
+  BIO_F_LINEBUFFER_NEW = 151;
+  BIO_F_MEM_WRITE = 117;
+  BIO_F_NBIOF_NEW = 154;
+  BIO_F_SLG_WRITE = 155;
+  BIO_F_SSL_NEW = 118;
+
+  (*
+   * BIO reason codes.
+   *)
+  BIO_R_ACCEPT_ERROR =   100;
+  BIO_R_ADDRINFO_ADDR_IS_NOT_AF_INET =  141;
+  BIO_R_AMBIGUOUS_HOST_OR_SERVICE =  129;
+  BIO_R_BAD_FOPEN_MODE =  101;
+  BIO_R_BROKEN_PIPE =   124;
+  BIO_R_CONNECT_ERROR =  103;
+  BIO_R_GETHOSTBYNAME_ADDR_IS_NOT_AF_INET = 107;
+  BIO_R_GETSOCKNAME_ERROR =  132;
+  BIO_R_GETSOCKNAME_TRUNCATED_ADDRESS = 133;
+  BIO_R_GETTING_SOCKTYPE =  134;
+  BIO_R_INVALID_ARGUMENT =  125;
+  BIO_R_INVALID_SOCKET =  135;
+  BIO_R_IN_USE =   123;
+  BIO_R_LENGTH_TOO_LONG =  102;
+  BIO_R_LISTEN_V6_ONLY =  136;
+  BIO_R_LOOKUP_RETURNED_NOTHING =  142;
+  BIO_R_MALFORMED_HOST_OR_SERVICE =  130;
+  BIO_R_NBIO_CONNECT_ERROR =  110;
+  BIO_R_NO_ACCEPT_ADDR_OR_SERVICE_SPECIFIED = 143;
+  BIO_R_NO_HOSTNAME_OR_SERVICE_SPECIFIED = 144;
+  BIO_R_NO_PORT_DEFINED =  113;
+  BIO_R_NO_SUCH_FILE =   128;
+  BIO_R_NULL_PARAMETER =  115;
+  BIO_R_UNABLE_TO_BIND_SOCKET =  117;
+  BIO_R_UNABLE_TO_CREATE_SOCKET =  118;
+  BIO_R_UNABLE_TO_KEEPALIVE =  137;
+  BIO_R_UNABLE_TO_LISTEN_SOCKET =  119;
+  BIO_R_UNABLE_TO_NODELAY =  138;
+  BIO_R_UNABLE_TO_REUSEADDR =  139;
+  BIO_R_UNAVAILABLE_IP_FAMILY =  145;
+  BIO_R_UNINITIALIZED =  120;
+  BIO_R_UNKNOWN_INFO_TYPE =  140;
+  BIO_R_UNSUPPORTED_IP_FAMILY =  146;
+  BIO_R_UNSUPPORTED_METHOD =  121;
+  BIO_R_UNSUPPORTED_PROTOCOL_FAMILY =  131;
+  BIO_R_WRITE_TO_READ_ONLY_BIO =  126;
+  BIO_R_WSASTARTUP =   122;
+  
+  function ERR_load_BIO_strings: TIdC_INT cdecl; external CLibCrypto;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_blowfish.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_blowfish.pas
new file mode 100644
index 000000000..9751871ef
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_blowfish.pas
@@ -0,0 +1,81 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 14:51:27
+
+unit IdOpenSSLHeaders_blowfish;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// blowfish.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+const
+  // Added '_CONST' to avoid name clashes
+  BF_ENCRYPT_CONST = 1;
+  // Added '_CONST' to avoid name clashes
+  BF_DECRYPT_CONST = 0;
+
+  BF_ROUNDS = 16;
+  BF_BLOCK  = 8;
+
+type
+  BF_LONG = TIdC_UINT;
+  PBF_LONG = ^BF_LONG;
+
+  bf_key_st = record
+    p: array[0 .. BF_ROUNDS + 2 - 1] of BF_LONG;
+    s: array[0 .. 4 * 256 - 1] of BF_LONG;
+  end;
+  BF_KEY = bf_key_st;
+  PBF_KEY = ^BF_KEY;
+
+  procedure BF_set_key(key: PBF_KEY; len: TIdC_INT; const data: PByte) cdecl; external CLibCrypto;
+
+  procedure BF_encrypt(data: PBF_LONG; const key: PBF_KEY) cdecl; external CLibCrypto;
+  procedure BF_decrypt(data: PBF_LONG; const key: PBF_KEY) cdecl; external CLibCrypto;
+
+  procedure BF_ecb_encrypt(const &in: PByte; &out: PByte; key: PBF_KEY; enc: TIdC_INT) cdecl; external CLibCrypto;
+  procedure BF_cbc_encrypt(const &in: PByte; &out: PByte; length: TIdC_LONG; schedule: PBF_KEY; ivec: PByte; enc: TIdC_INT) cdecl; external CLibCrypto;
+  procedure BF_cfb64_encrypt(const &in: PByte; &out: PByte; length: TIdC_LONG; schedule: PBF_KEY; ivec: PByte; num: PIdC_INT; enc: TIdC_INT) cdecl; external CLibCrypto;
+  procedure BF_ofb64_encrypt(const &in: PByte; &out: PByte; length: TIdC_LONG; schedule: PBF_KEY; ivec: PByte; num: PIdC_INT) cdecl; external CLibCrypto;
+
+  function BF_options: PIdAnsiChar cdecl; external CLibCrypto;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_bn.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_bn.pas
new file mode 100644
index 000000000..4e48aabf0
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_bn.pas
@@ -0,0 +1,434 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 14:51:27
+
+unit IdOpenSSLHeaders_bn;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// bn.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts,
+  IdOpenSSLHeaders_ossl_typ;
+
+const
+  BN_FLG_MALLOCED = $01;
+  BN_FLG_STATIC_DATA = $02;
+
+  (*
+   * avoid leaking exponent information through timing,
+   * BN_mod_exp_mont() will call BN_mod_exp_mont_consttime,
+   * BN_div() will call BN_div_no_branch,
+   * BN_mod_inverse() will call BN_mod_inverse_no_branch.
+   *)
+  BN_FLG_CONSTTIME = $04;
+  BN_FLG_SECURE = $08;
+
+  (* Values for |top| in BN_rand() *)
+  BN_RAND_TOP_ANY = -1;
+  BN_RAND_TOP_ONE = 0;
+  BN_RAND_TOP_TWO = 1;
+
+  (* Values for |bottom| in BN_rand() *)
+  BN_RAND_BOTTOM_ANY = 0;
+  BN_RAND_BOTTOM_ODD = 1;
+  
+  (* BN_BLINDING flags *)
+  BN_BLINDING_NO_UPDATE = $00000001;
+  BN_BLINDING_NO_RECREATE = $00000002;
+
+type
+  BN_ULONG = TIdC_ULONG;
+
+  BN_GENCB_set_old_cb = procedure (a: TIdC_INT; b: TIdC_INT; c: Pointer); cdecl;
+  BN_GENCB_set_cb = function (a: TIdC_INT; b: TIdC_INT; c: PBN_GENCB): TIdC_INT; cdecl;
+
+  procedure BN_set_flags(b: PBIGNUM; n: TIdC_INT) cdecl; external CLibCrypto;
+  function BN_get_flags(b: PBIGNUM; n: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+
+  (*
+   * get a clone of a BIGNUM with changed flags, for *temporary* use only (the
+   * two BIGNUMs cannot be used in parallel!). Also only for *read only* use. The
+   * value |dest| should be a newly allocated BIGNUM obtained via BN_new() that
+   * has not been otherwise initialised or used.
+   *)
+  procedure BN_with_flags(dest: PBIGNUM; b: PBIGNUM; flags: TIdC_INT) cdecl; external CLibCrypto;
+  (* Wrapper function to make using BN_GENCB easier *)
+  function BN_GENCB_call(cb: PBN_GENCB; a: TIdC_INT; b: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+
+  function BN_GENCB_new: PBN_GENCB cdecl; external CLibCrypto;
+  procedure BN_GENCB_free(cb: PBN_GENCB) cdecl; external CLibCrypto;
+
+  (* Populate a PBN_GENCB structure with an "old"-style callback *)
+  procedure BN_GENCB_set_old(gencb: PBN_GENCB; callback: BN_GENCB_set_old_cb; cb_arg: Pointer) cdecl; external CLibCrypto;
+
+  (* Populate a PBN_GENCB structure with a "new"-style callback *)
+  procedure BN_GENCB_set(gencb: PBN_GENCB; callback: BN_GENCB_set_cb; cb_arg: Pointer) cdecl; external CLibCrypto;
+
+  function BN_GENCB_get_arg(cb: PBN_GENCB): Pointer cdecl; external CLibCrypto;
+  
+  (*
+   * BN_prime_checks_for_size() returns the number of Miller-Rabin iterations
+   * that will be done for checking that a random number is probably prime. The
+   * error rate for accepting a composite number as prime depends on the size of
+   * the prime |b|. The error rates used are for calculating an RSA key with 2 primes,
+   * and so the level is what you would expect for a key of double the size of the
+   * prime.
+   *
+   * This table is generated using the algorithm of FIPS PUB 186-4
+   * Digital Signature Standard (DSS), section F.1, page 117.
+   * (https://dx.doi.org/10.6028/NIST.FIPS.186-4)
+   *
+   * The following magma script was used to generate the output:
+   * securitybits:=125;
+   * k:=1024;
+   * for t:=1 to 65 do
+   *   for M:=3 to Floor(2*Sqrt(k-1)-1) do
+   *     S:=0;
+   *     // Sum over m
+   *     for m:=3 to M do
+   *       s:=0;
+   *       // Sum over j
+   *       for j:=2 to m do
+   *         s+:=(RealField(32)!2)^-(j+(k-1)/j);
+   *       end for;
+   *       S+:=2^(m-(m-1)*t)*s;
+   *     end for;
+   *     A:=2^(k-2-M*t);
+   *     B:=8*(Pi(RealField(32))^2-6)/3*2^(k-2)*S;
+   *     pkt:=2.00743*Log(2)*k*2^-k*(A+B);
+   *     seclevel:=Floor(-Log(2,pkt));
+   *     if seclevel ge securitybits then
+   *       printf "k: %5o, security: %o bits  (t: %o, M: %o)\n",k,seclevel,t,M;
+   *       break;
+   *     end if;
+   *   end for;
+   *   if seclevel ge securitybits then break; end if;
+   * end for;
+   *
+   * It can be run online at:
+   * http://magma.maths.usyd.edu.au/calc
+   *
+   * And will output:
+   * k:  1024, security: 129 bits  (t: 6, M: 23)
+   *
+   * k is the number of bits of the prime, securitybits is the level we want to
+   * reach.
+   *
+   * prime length | RSA key size | # MR tests | security level
+   * -------------+--------------|------------+---------------
+   *  (b) >= 6394 |     >= 12788 |          3 |        256 bit
+   *  (b) >= 3747 |     >=  7494 |          3 |        192 bit
+   *  (b) >= 1345 |     >=  2690 |          4 |        128 bit
+   *  (b) >= 1080 |     >=  2160 |          5 |        128 bit
+   *  (b) >=  852 |     >=  1704 |          5 |        112 bit
+   *  (b) >=  476 |     >=   952 |          5 |         80 bit
+   *  (b) >=  400 |     >=   800 |          6 |         80 bit
+   *  (b) >=  347 |     >=   694 |          7 |         80 bit
+   *  (b) >=  308 |     >=   616 |          8 |         80 bit
+   *  (b) >=   55 |     >=   110 |         27 |         64 bit
+   *  (b) >=    6 |     >=    12 |         34 |         64 bit
+   *)
+
+//  # define BN_prime_checks_for_size(b) ((b) >= 3747 ?  3 : \
+//                                  (b) >=  1345 ?  4 : \
+//                                  (b) >=  476 ?  5 : \
+//                                  (b) >=  400 ?  6 : \
+//                                  (b) >=  347 ?  7 : \
+//                                  (b) >=  308 ?  8 : \
+//                                  (b) >=  55  ? 27 : \
+//                                  (* b >= 6 *) 34)
+//
+//  # define BN_num_bytes(a) ((BN_num_bits(a)+7)/8)
+
+  function BN_abs_is_word(a: PBIGNUM; w: BN_ULONG): TIdC_INT cdecl; external CLibCrypto;
+  function BN_is_zero(a: PBIGNUM): TIdC_INT cdecl; external CLibCrypto;
+  function BN_is_one(a: PBIGNUM): TIdC_INT cdecl; external CLibCrypto;
+  function BN_is_word(a: PBIGNUM; w: BN_ULONG): TIdC_INT cdecl; external CLibCrypto;
+  function BN_is_odd(a: PBIGNUM): TIdC_INT cdecl; external CLibCrypto;
+
+//  # define BN_one(a)       (BN_set_word((a),1))
+
+  procedure BN_zero_ex(a: PBIGNUM) cdecl; external CLibCrypto;
+
+  function BN_value_one: PBIGNUM cdecl; external CLibCrypto;
+  function BN_options: PIdAnsiChar cdecl; external CLibCrypto;
+  function BN_CTX_new: PBN_CTX cdecl; external CLibCrypto;
+  function BN_CTX_secure_new: PBN_CTX cdecl; external CLibCrypto;
+  procedure BN_CTX_free(c: PBN_CTX) cdecl; external CLibCrypto;
+  procedure BN_CTX_start(ctx: PBN_CTX) cdecl; external CLibCrypto;
+  function BN_CTX_get(ctx: PBN_CTX): PBIGNUM cdecl; external CLibCrypto;
+  procedure BN_CTX_end(ctx: PBN_CTX) cdecl; external CLibCrypto;
+  function BN_rand(rnd: PBIGNUM; bits: TIdC_INT; top: TIdC_INT; bottom: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function BN_priv_rand(rnd: PBIGNUM; bits: TIdC_INT; top: TIdC_INT; bottom: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function BN_rand_range(rnd: PBIGNUM; range: PBIGNUM): TIdC_INT cdecl; external CLibCrypto;
+  function BN_priv_rand_range(rnd: PBIGNUM; range: PBIGNUM): TIdC_INT cdecl; external CLibCrypto;
+  function BN_pseudo_rand(rnd: PBIGNUM; bits: TIdC_INT; top: TIdC_INT; bottom: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function BN_pseudo_rand_range(rnd: PBIGNUM; range: PBIGNUM): TIdC_INT cdecl; external CLibCrypto;
+  function BN_num_bits(a: PBIGNUM): TIdC_INT cdecl; external CLibCrypto;
+  function BN_num_bits_word(l: BN_ULONG): TIdC_INT cdecl; external CLibCrypto;
+  function BN_security_bits(L: TIdC_INT; N: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function BN_new: PBIGNUM cdecl; external CLibCrypto;
+  function BN_secure_new: PBIGNUM cdecl; external CLibCrypto;
+  procedure BN_clear_free(a: PBIGNUM) cdecl; external CLibCrypto;
+  function BN_copy(a: PBIGNUM; b: PBIGNUM): PBIGNUM cdecl; external CLibCrypto;
+  procedure BN_swap(a: PBIGNUM; b: PBIGNUM) cdecl; external CLibCrypto;
+  function BN_bin2bn(const s: PByte; len: TIdC_INT; ret: PBIGNUM): PBIGNUM cdecl; external CLibCrypto;
+  function BN_bn2bin(const a: PBIGNUM; &to: PByte): TIdC_INT cdecl; external CLibCrypto;
+  function BN_bn2binpad(const a: PBIGNUM; &to: PByte; tolen: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function BN_lebin2bn(const s: PByte; len: TIdC_INT; ret: PBIGNUM): PBIGNUM cdecl; external CLibCrypto;
+  function BN_bn2lebinpad(a: PBIGNUM; &to: PByte; tolen: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function BN_mpi2bn(const s: PByte; len: TIdC_INT; ret: PBIGNUM): PBIGNUM cdecl; external CLibCrypto;
+  function BN_bn2mpi(a: PBIGNUM; &to: PByte): TIdC_INT cdecl; external CLibCrypto;
+  function BN_sub(r: PBIGNUM; const a: PBIGNUM; const b: PBIGNUM): TIdC_INT cdecl; external CLibCrypto;
+  function BN_usub(r: PBIGNUM; const a: PBIGNUM; const b: PBIGNUM): TIdC_INT cdecl; external CLibCrypto;
+  function BN_uadd(r: PBIGNUM; const a: PBIGNUM; const b: PBIGNUM): TIdC_INT cdecl; external CLibCrypto;
+  function BN_add(r: PBIGNUM; const a: PBIGNUM; const b: PBIGNUM): TIdC_INT cdecl; external CLibCrypto;
+  function BN_mul(r: PBIGNUM; const a: PBIGNUM; const b: PBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function BN_sqr(r: PBIGNUM; const a: PBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl; external CLibCrypto;
+
+  (** BN_set_negative sets sign of a BIGNUM
+   * \param  b  pointer to the BIGNUM object
+   * \param  n  0 if the BIGNUM b should be positive and a value != 0 otherwise
+   *)
+  procedure BN_set_negative(b: PBIGNUM; n: TIdC_INT) cdecl; external CLibCrypto;
+  (** BN_is_negative returns 1 if the BIGNUM is negative
+   * \param  b  pointer to the BIGNUM object
+   * \return 1 if a < 0 and 0 otherwise
+   *)
+  function BN_is_negative(b: PBIGNUM): TIdC_INT cdecl; external CLibCrypto;
+
+  function BN_div(dv: PBIGNUM; rem: PBIGNUM; const m: PBIGNUM; const d: PBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl; external CLibCrypto;
+//  # define BN_mod(rem,m,d,ctx) BN_div(NULL,(rem),(m),(d),(ctx))
+  function BN_nnmod(r: PBIGNUM; const m: PBIGNUM; const d: PBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function BN_mod_add(r: PBIGNUM; const a: PBIGNUM; const b: PBIGNUM; const m: PBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function BN_mod_add_quick(r: PBIGNUM; const a: PBIGNUM; const b: PBIGNUM; const m: PBIGNUM): TIdC_INT cdecl; external CLibCrypto;
+  function BN_mod_sub(r: PBIGNUM; const a: PBIGNUM; const b: PBIGNUM; const m: PBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function BN_mod_sub_quick(r: PBIGNUM; const a: PBIGNUM; const b: PBIGNUM; const m: PBIGNUM): TIdC_INT cdecl; external CLibCrypto;
+  function BN_mod_mul(r: PBIGNUM; const a: PBIGNUM; const b: PBIGNUM; const m: PBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function BN_mod_sqr(r: PBIGNUM; const a: PBIGNUM; const m: PBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function BN_mod_lshift1(r: PBIGNUM; const a: PBIGNUM; const m: PBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function BN_mod_lshift1_quick(r: PBIGNUM; const a: PBIGNUM; const m: PBIGNUM): TIdC_INT cdecl; external CLibCrypto;
+  function BN_mod_lshift(r: PBIGNUM; const a: PBIGNUM; n: TIdC_INT; const m: PBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function BN_mod_lshift_quick(r: PBIGNUM; const a: PBIGNUM; n: TIdC_INT; const m: PBIGNUM): TIdC_INT cdecl; external CLibCrypto;
+
+  function BN_mod_word(const a: PBIGNUM; w: BN_ULONG): BN_ULONG cdecl; external CLibCrypto;
+  function BN_div_word(a: PBIGNUM; w: BN_ULONG): BN_ULONG cdecl; external CLibCrypto;
+  function BN_mul_word(a: PBIGNUM; w: BN_ULONG): TIdC_INT cdecl; external CLibCrypto;
+  function BN_add_word(a: PBIGNUM; w: BN_ULONG): TIdC_INT cdecl; external CLibCrypto;
+  function BN_sub_word(a: PBIGNUM; w: BN_ULONG): TIdC_INT cdecl; external CLibCrypto;
+  function BN_set_word(a: PBIGNUM; w: BN_ULONG): TIdC_INT cdecl; external CLibCrypto;
+  function BN_get_word(const a: PBIGNUM): BN_ULONG cdecl; external CLibCrypto;
+
+  function BN_cmp(const a: PBIGNUM; const b: PBIGNUM): TIdC_INT cdecl; external CLibCrypto;
+  procedure BN_free(a: PBIGNUM) cdecl; external CLibCrypto;
+  function BN_is_bit_set(const a: PBIGNUM; n: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function BN_lshift(r: PBIGNUM; const a: PBIGNUM; n: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function BN_lshift1(r: PBIGNUM; const a: PBIGNUM): TIdC_INT cdecl; external CLibCrypto;
+  function BN_exp(r: PBIGNUM; a: PBIGNUM; p: PBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl; external CLibCrypto;
+
+  function BN_mod_exp(r: PBIGNUM; a: PBIGNUM; p: PBIGNUM; const m: PBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function BN_mod_exp_mont(r: PBIGNUM; a: PBIGNUM; p: PBIGNUM; m: PBIGNUM; ctx: PBN_CTX; m_ctx: PBN_MONT_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function BN_mod_exp_mont_consttime(rr: PBIGNUM; a: PBIGNUM; p: PBIGNUM; m: PBIGNUM; ctx: PBN_CTX; in_mont: PBN_MONT_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function BN_mod_exp_mont_word(r: PBIGNUM; a: BN_ULONG; p: PBIGNUM; m: PBIGNUM; ctx: PBN_CTX; m_ctx: PBN_MONT_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function BN_mod_exp2_mont(r: PBIGNUM; const a1: PBIGNUM; const p1: PBIGNUM; const a2: PBIGNUM; const p2: PBIGNUM; const m: PBIGNUM; ctx: PBN_CTX; m_ctx: PBN_MONT_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function BN_mod_exp_simple(r: PBIGNUM; a: PBIGNUM; p: PBIGNUM; m: PBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl; external CLibCrypto;
+
+  function BN_mask_bits(a: PBIGNUM; n: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function BN_print(bio: PBIO; a: PBIGNUM): TIdC_INT cdecl; external CLibCrypto;
+  function BN_reciprocal(r: PBIGNUM; m: PBIGNUM; len: TIdC_INT; ctx: PBN_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function BN_rshift(r: PBIGNUM; a: PBIGNUM; n: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function BN_rshift1(r: PBIGNUM; a: PBIGNUM): TIdC_INT cdecl; external CLibCrypto;
+  procedure BN_clear(a: PBIGNUM) cdecl; external CLibCrypto;
+  function BN_dup(const a: PBIGNUM): PBIGNUM cdecl; external CLibCrypto;
+  function BN_ucmp(a: PBIGNUM; b: PBIGNUM): TIdC_INT cdecl; external CLibCrypto;
+  function BN_set_bit(a: PBIGNUM; n: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function BN_clear_bit(a: PBIGNUM; n: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function BN_bn2hex(a: PBIGNUM): PIdAnsiChar cdecl; external CLibCrypto;
+  function BN_bn2dec(a: PBIGNUM): PIdAnsiChar cdecl; external CLibCrypto;
+  function BN_hex2bn(a: PBIGNUM; str: PIdAnsiChar): TIdC_INT cdecl; external CLibCrypto;
+  function BN_dec2bn(a: PBIGNUM; str: PIdAnsiChar): TIdC_INT cdecl; external CLibCrypto;
+  function BN_asc2bn(a: PBIGNUM; str: PIdAnsiChar): TIdC_INT cdecl; external CLibCrypto;
+  function BN_gcd(r: PBIGNUM; a: PBIGNUM; b: PBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function BN_kronecker(a: PBIGNUM; b: PBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl; external CLibCrypto;
+
+  function BN_mod_inverse(ret: PBIGNUM; a: PBIGNUM; const n: PBIGNUM; ctx: PBN_CTX): PBIGNUM cdecl; external CLibCrypto;
+  function BN_mod_sqrt(ret: PBIGNUM; a: PBIGNUM; const n: PBIGNUM; ctx: PBN_CTX): PBIGNUM cdecl; external CLibCrypto;
+
+  procedure BN_consttime_swap(swap: BN_ULONG; a: PBIGNUM; b: PBIGNUM; nwords: TIdC_INT) cdecl; external CLibCrypto;
+
+  function BN_generate_prime_ex(ret: PBIGNUM; bits: TIdC_INT; safe: TIdC_INT; const add: PBIGNUM; const rem: PBIGNUM; cb: PBN_GENCB): TIdC_INT cdecl; external CLibCrypto;
+  function BN_is_prime_ex(const p: PBIGNUM; nchecks: TIdC_INT; ctx: PBN_CTX; cb: PBN_GENCB): TIdC_INT cdecl; external CLibCrypto;
+  function BN_is_prime_fasttest_ex(const p: PBIGNUM; nchecks: TIdC_INT; ctx: PBN_CTX; do_trial_division: TIdC_INT; cb: PBN_GENCB): TIdC_INT cdecl; external CLibCrypto;
+  function BN_X931_generate_Xpq(Xp: PBIGNUM; Xq: PBIGNUM; nbits: TIdC_INT; ctx: PBN_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function BN_X931_derive_prime_ex(p: PBIGNUM; p1: PBIGNUM; p2: PBIGNUM; const Xp: PBIGNUM; const Xp1: PBIGNUM; const Xp2: PBIGNUM; const e: PBIGNUM; ctx: PBN_CTX; cb: PBN_GENCB): TIdC_INT cdecl; external CLibCrypto;
+  function BN_X931_generate_prime_ex(p: PBIGNUM; p1: PBIGNUM; p2: PBIGNUM; Xp1: PBIGNUM; Xp2: PBIGNUM; Xp: PBIGNUM; const e: PBIGNUM; ctx: PBN_CTX; cb: PBN_GENCB): TIdC_INT cdecl; external CLibCrypto;
+  function BN_MONT_CTX_new: PBN_MONT_CTX cdecl; external CLibCrypto;
+  function BN_mod_mul_montgomery(r: PBIGNUM; const a: PBIGNUM; const b: PBIGNUM; mont: PBN_MONT_CTX; ctx: PBN_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function BN_to_montgomery(r: PBIGNUM; a: PBIGNUM; mont: PBN_MONT_CTX; ctx: PBN_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function BN_from_montgomery(r: PBIGNUM; a: PBIGNUM; mont: PBN_MONT_CTX; ctx: PBN_CTX): TIdC_INT cdecl; external CLibCrypto;
+  procedure BN_MONT_CTX_free(mont: PBN_MONT_CTX) cdecl; external CLibCrypto;
+  function BN_MONT_CTX_set(mont: PBN_MONT_CTX; &mod: PBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function BN_MONT_CTX_copy(&to: PBN_MONT_CTX; from: PBN_MONT_CTX): PBN_MONT_CTX cdecl; external CLibCrypto;
+//  function BN_MONT_CTX_set_locked(pmont: ^PBN_MONT_CTX; lock: CRYPTO_RWLOCK; &mod: PBIGNUM; ctx: PBN_CTX): PBN_MONT_CTX;
+
+  function BN_BLINDING_new(const A: PBIGNUM; const Ai: PBIGNUM; &mod: PBIGNUM): PBN_BLINDING cdecl; external CLibCrypto;
+  procedure BN_BLINDING_free(b: PBN_BLINDING) cdecl; external CLibCrypto;
+  function BN_BLINDING_update(b: PBN_BLINDING; ctx: PBN_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function BN_BLINDING_convert(n: PBIGNUM; b: PBN_BLINDING; ctx: PBN_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function BN_BLINDING_invert(n: PBIGNUM; b: PBN_BLINDING; ctx: PBN_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function BN_BLINDING_convert_ex(n: PBIGNUM; r: PBIGNUM; b: PBN_BLINDING; v4: PBN_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function BN_BLINDING_invert_ex(n: PBIGNUM; r: PBIGNUM; b: PBN_BLINDING; v2: PBN_CTX): TIdC_INT cdecl; external CLibCrypto;
+
+  function BN_BLINDING_is_current_thread(b: PBN_BLINDING): TIdC_INT cdecl; external CLibCrypto;
+  procedure BN_BLINDING_set_current_thread(b: PBN_BLINDING) cdecl; external CLibCrypto;
+  function BN_BLINDING_lock(b: PBN_BLINDING): TIdC_INT cdecl; external CLibCrypto;
+  function BN_BLINDING_unlock(b: PBN_BLINDING): TIdC_INT cdecl; external CLibCrypto;
+
+  function BN_BLINDING_get_flags(v1: PBN_BLINDING): TIdC_ULONG cdecl; external CLibCrypto;
+  procedure BN_BLINDING_set_flags(v1: PBN_BLINDING; v2: TIdC_ULONG) cdecl; external CLibCrypto;
+//  function BN_BLINDING_create_param(PBN_BLINDING *b,
+//                                         PBIGNUM *e, PBIGNUM *m, PBN_CTX *ctx,
+//                                        function (
+//    r: PBIGNUM;
+//    a: PBIGNUM;
+//    p: PBIGNUM;
+//    m: PBIGNUM;
+//    ctx: PBN_CTX;
+//    m_ctx: PBN_MONT_CTX): TIdC_INT,
+//                                        PBN_MONT_CTX *m_ctx): PBN_BLINDING;
+
+  procedure BN_RECP_CTX_free(recp: PBN_RECP_CTX) cdecl; external CLibCrypto;
+  function BN_RECP_CTX_set(recp: PBN_RECP_CTX; rdiv: PBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function BN_mod_mul_reciprocal(r: PBIGNUM; x: PBIGNUM; y: PBIGNUM; recp: PBN_RECP_CTX; ctx: PBN_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function BN_mod_exp_recp(r: PBIGNUM; a: PBIGNUM; p: PBIGNUM; m: PBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function BN_div_recp(dv: PBIGNUM; rem: PBIGNUM; m: PBIGNUM; recp: PBN_RECP_CTX; ctx: PBN_CTX): TIdC_INT cdecl; external CLibCrypto;
+
+  (*
+   * Functions for arithmetic over binary polynomials represented by BIGNUMs.
+   * The BIGNUM::neg property of BIGNUMs representing binary polynomials is
+   * ignored. Note that input arguments are not const so that their bit arrays
+   * can be expanded to the appropriate size if needed.
+   *)
+
+  (*
+   * r = a + b
+   *)
+  function BN_GF2m_add(r: PBIGNUM; a: PBIGNUM; b: PBIGNUM): TIdC_INT cdecl; external CLibCrypto;
+//  #  define BN_GF2m_sub(r, a, b) BN_GF2m_add(r, a, b)
+  (*
+   * r=a mod p
+   *)
+  function BN_GF2m_mod(r: PBIGNUM; a: PBIGNUM; p: PBIGNUM): TIdC_INT cdecl; external CLibCrypto;
+  (* r = (a * b) mod p *)
+  function BN_GF2m_mod_mul(r: PBIGNUM; a: PBIGNUM; b: PBIGNUM; p: PBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl; external CLibCrypto;
+  (* r = (a * a) mod p *)
+  function BN_GF2m_mod_sqr(r: PBIGNUM; a: PBIGNUM; p: PBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl; external CLibCrypto;
+  (* r = (1 / b) mod p *)
+  function BN_GF2m_mod_inv(r: PBIGNUM; b: PBIGNUM; p: PBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl; external CLibCrypto;
+  (* r = (a / b) mod p *)
+  function BN_GF2m_mod_div(r: PBIGNUM; a: PBIGNUM; b: PBIGNUM; p: PBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl; external CLibCrypto;
+  (* r = (a ^ b) mod p *)
+  function BN_GF2m_mod_exp(r: PBIGNUM; a: PBIGNUM; b: PBIGNUM; p: PBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl; external CLibCrypto;
+  (* r = sqrt(a) mod p *)
+  function BN_GF2m_mod_sqrt(r: PBIGNUM; a: PBIGNUM; p: PBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl; external CLibCrypto;
+  (* r^2 + r = a mod p *)
+  function BN_GF2m_mod_solve_quad(r: PBIGNUM; a: PBIGNUM; p: PBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl; external CLibCrypto;
+//  #  define BN_GF2m_cmp(a, b) BN_ucmp((a), (b))
+  (*-
+   * Some functions allow for representation of the irreducible polynomials
+   * as an unsigned int[], say p.  The irreducible f(t) is then of the form:
+   *     t^p[0] + t^p[1] + ... + t^p[k]
+   * where m = p[0] > p[1] > ... > p[k] = 0.
+   *)
+  (* r = a mod p *)
+//  function BN_GF2m_mod_arr(r: PBIGNUM; a: PBIGNUM; p: array of TIdC_INT): TIdC_INT;
+  (* r = (a * b) mod p *)
+//  function BN_GF2m_mod_mul_arr(r: PBIGNUM; a: PBIGNUM; p: PBIGNUM; p: array of TIdC_INT; ctx: PBN_CTX): TIdC_INT;
+  (* r = (a * a) mod p *)
+//  function BN_GF2m_mod_sqr_arr(r: PBIGNUM; a: PBIGNUM; p: array of TIdC_INT; ctx: PBN_CTX): TIdC_INT;
+  (* r = (1 / b) mod p *)
+//  function BN_GF2m_mod_inv_arr(r: PBIGNUM; b: PBIGNUM; p: array of TIdC_INT; ctx: PBN_CTX): TIdC_INT;
+  (* r = (a / b) mod p *)
+//  function BN_GF2m_mod_div_arr(r: PBIGNUM; a: PBIGNUM; b: PBIGNUM; p: array of TIdC_INT; ctx: PBN_CTX): TIdC_INT;
+  (* r = (a ^ b) mod p *)
+//  function BN_GF2m_mod_exp_arr(r: PBIGNUM; a: PBIGNUM; b: PBIGNUM; p: array of TIdC_INT; ctx: PBN_CTX): TIdC_INT;
+  (* r = sqrt(a) mod p *)
+//  function BN_GF2m_mod_sqrt_arr(r: PBIGNUM; a: PBIGNUM; p: array of TIdC_INT; ctx: PBN_CTX): TIdC_INT;
+  (* r^2 + r = a mod p *)
+//  function BN_GF2m_mod_solve_quad_arr(r: PBIGNUM; a: PBIGNUM; p: array of TIdC_INT; ctx: PBN_CTX): TIdC_INT;
+//  function BN_GF2m_poly2arr(a: PBIGNUM; p: array of TIdC_INT; max: TIdC_INT): TIdC_INT;
+//  function BN_GF2m_arr2poly(p: array of TIdC_INT; a: PBIGNUM): TIdC_INT;
+
+  (*
+   * faster mod functions for the 'NIST primes' 0 <= a < p^2
+   *)
+  function BN_nist_mod_192(r: PBIGNUM; a: PBIGNUM; p: PBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function BN_nist_mod_224(r: PBIGNUM; a: PBIGNUM; p: PBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function BN_nist_mod_256(r: PBIGNUM; a: PBIGNUM; p: PBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function BN_nist_mod_384(r: PBIGNUM; a: PBIGNUM; p: PBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function BN_nist_mod_521(r: PBIGNUM; a: PBIGNUM; p: PBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl; external CLibCrypto;
+
+  function BN_get0_nist_prime_192: PBIGNUM cdecl; external CLibCrypto;
+  function BN_get0_nist_prime_224: PBIGNUM cdecl; external CLibCrypto;
+  function BN_get0_nist_prime_256: PBIGNUM cdecl; external CLibCrypto;
+  function BN_get0_nist_prime_384: PBIGNUM cdecl; external CLibCrypto;
+  function BN_get0_nist_prime_521: PBIGNUM cdecl; external CLibCrypto;
+
+//int (*BN_nist_mod_func(const BIGNUM *p)) (BIGNUM *r, const BIGNUM *a,
+//                                          const BIGNUM *field, BN_CTX *ctx);
+
+  function BN_generate_dsa_nonce(&out: PBIGNUM; range: PBIGNUM; priv: PBIGNUM; const &message: PByte; message_len: TIdC_SIZET; ctx: PBN_CTX): TIdC_INT cdecl; external CLibCrypto;
+
+  (* Primes from RFC 2409 *)
+  function BN_get_rfc2409_prime_768(bn: PBIGNUM ): PBIGNUM cdecl; external CLibCrypto;
+  function BN_get_rfc2409_prime_1024(bn: PBIGNUM): PBIGNUM cdecl; external CLibCrypto;
+
+  (* Primes from RFC 3526 *)
+  function BN_get_rfc3526_prime_1536(bn: PBIGNUM): PBIGNUM cdecl; external CLibCrypto;
+  function BN_get_rfc3526_prime_2048(bn: PBIGNUM): PBIGNUM cdecl; external CLibCrypto;
+  function BN_get_rfc3526_prime_3072(bn: PBIGNUM): PBIGNUM cdecl; external CLibCrypto;
+  function BN_get_rfc3526_prime_4096(bn: PBIGNUM): PBIGNUM cdecl; external CLibCrypto;
+  function BN_get_rfc3526_prime_6144(bn: PBIGNUM): PBIGNUM cdecl; external CLibCrypto;
+  function BN_get_rfc3526_prime_8192(bn: PBIGNUM): PBIGNUM cdecl; external CLibCrypto;
+
+  function BN_bntest_rand(rnd: PBIGNUM; bits: TIdC_INT; top: TIdC_INT; bottom: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+
+implementation
+
+end.
+
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_bnerr.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_bnerr.pas
new file mode 100644
index 000000000..f2db68ddf
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_bnerr.pas
@@ -0,0 +1,129 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 14:51:27
+
+unit IdOpenSSLHeaders_bnerr;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// bnerr.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+const
+  (*
+   * BN function codes.
+   *)
+  BN_F_BNRAND = 127;
+  BN_F_BNRAND_RANGE = 138;
+  BN_F_BN_BLINDING_CONVERT_EX = 100;
+  BN_F_BN_BLINDING_CREATE_PARAM = 128;
+  BN_F_BN_BLINDING_INVERT_EX = 101;
+  BN_F_BN_BLINDING_NEW = 102;
+  BN_F_BN_BLINDING_UPDATE = 103;
+  BN_F_BN_BN2DEC = 104;
+  BN_F_BN_BN2HEX = 105;
+  BN_F_BN_COMPUTE_WNAF = 142;
+  BN_F_BN_CTX_GET = 116;
+  BN_F_BN_CTX_NEW = 106;
+  BN_F_BN_CTX_START = 129;
+  BN_F_BN_DIV = 107;
+  BN_F_BN_DIV_RECP = 130;
+  BN_F_BN_EXP = 123;
+  BN_F_BN_EXPAND_INTERNAL = 120;
+  BN_F_BN_GENCB_NEW = 143;
+  BN_F_BN_GENERATE_DSA_NONCE = 140;
+  BN_F_BN_GENERATE_PRIME_EX = 141;
+  BN_F_BN_GF2M_MOD = 131;
+  BN_F_BN_GF2M_MOD_EXP = 132;
+  BN_F_BN_GF2M_MOD_MUL = 133;
+  BN_F_BN_GF2M_MOD_SOLVE_QUAD = 134;
+  BN_F_BN_GF2M_MOD_SOLVE_QUAD_ARR = 135;
+  BN_F_BN_GF2M_MOD_SQR = 136;
+  BN_F_BN_GF2M_MOD_SQRT = 137;
+  BN_F_BN_LSHIFT = 145;
+  BN_F_BN_MOD_EXP2_MONT = 118;
+  BN_F_BN_MOD_EXP_MONT = 109;
+  BN_F_BN_MOD_EXP_MONT_CONSTTIME = 124;
+  BN_F_BN_MOD_EXP_MONT_WORD = 117;
+  BN_F_BN_MOD_EXP_RECP = 125;
+  BN_F_BN_MOD_EXP_SIMPLE = 126;
+  BN_F_BN_MOD_INVERSE = 110;
+  BN_F_BN_MOD_INVERSE_NO_BRANCH = 139;
+  BN_F_BN_MOD_LSHIFT_QUICK = 119;
+  BN_F_BN_MOD_SQRT = 121;
+  BN_F_BN_MONT_CTX_NEW = 149;
+  BN_F_BN_MPI2BN = 112;
+  BN_F_BN_NEW = 113;
+  BN_F_BN_POOL_GET = 147;
+  BN_F_BN_RAND = 114;
+  BN_F_BN_RAND_RANGE = 122;
+  BN_F_BN_RECP_CTX_NEW = 150;
+  BN_F_BN_RSHIFT = 146;
+  BN_F_BN_SET_WORDS = 144;
+  BN_F_BN_STACK_PUSH = 148;
+  BN_F_BN_USUB = 115;
+
+  (*
+   * BN reason codes.
+   *)
+  BN_R_ARG2_LT_ARG3 = 100;
+  BN_R_BAD_RECIPROCAL = 101;
+  BN_R_BIGNUM_TOO_LONG = 114;
+  BN_R_BITS_TOO_SMALL = 118;
+  BN_R_CALLED_WITH_EVEN_MODULUS = 102;
+  BN_R_DIV_BY_ZERO = 103;
+  BN_R_ENCODING_ERROR = 104;
+  BN_R_EXPAND_ON_STATIC_BIGNUM_DATA = 105;
+  BN_R_INPUT_NOT_REDUCED = 110;
+  BN_R_INVALID_LENGTH = 106;
+  BN_R_INVALID_RANGE = 115;
+  BN_R_INVALID_SHIFT = 119;
+  BN_R_NOT_A_SQUARE = 111;
+  BN_R_NOT_INITIALIZED = 107;
+  BN_R_NO_INVERSE = 108;
+  BN_R_NO_SOLUTION = 116;
+  BN_R_PRIVATE_KEY_TOO_LARGE = 117;
+  BN_R_P_IS_NOT_PRIME = 112;
+  BN_R_TOO_MANY_ITERATIONS = 113;
+  BN_R_TOO_MANY_TEMPORARY_VARIABLES = 109;
+
+  function ERR_load_BN_strings: TIdC_INT cdecl; external CLibCrypto;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_buffer.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_buffer.pas
new file mode 100644
index 000000000..dca44b08e
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_buffer.pas
@@ -0,0 +1,68 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 14:51:27
+
+unit IdOpenSSLHeaders_buffer;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// buffer.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts,
+  IdOpenSSLHeaders_ossl_typ;
+
+const
+  BUF_MEM_FLAG_SECURE = $01;
+
+type
+  buf_mem_st = record
+    length: TIdC_SIZET;
+    data: PIdAnsiChar;
+    max: TIdC_SIZET;
+    flags: TIdC_ULONG;
+  end;
+
+  function BUF_MEM_new: PBUF_MEM cdecl; external CLibCrypto;
+  function BUF_MEM_new_ex(flags: TIdC_ULONG): PBUF_MEM cdecl; external CLibCrypto;
+  procedure BUF_MEM_free(a: PBUF_MEM) cdecl; external CLibCrypto;
+  function BUF_MEM_grow(str: PBUF_MEM; len: TIdC_SIZET): TIdC_SIZET cdecl; external CLibCrypto;
+  function BUF_MEM_grow_clean(str: PBUF_MEM; len: TIdC_SIZET): TIdC_SIZET cdecl; external CLibCrypto;
+  procedure BUF_reverse(&out: PByte; const &in: PByte; siz: TIdC_SIZET) cdecl; external CLibCrypto;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_buffererr.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_buffererr.pas
new file mode 100644
index 000000000..88c354b34
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_buffererr.pas
@@ -0,0 +1,59 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 14:51:27
+
+unit IdOpenSSLHeaders_buffererr;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// buffererr.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+const
+// BUF function codes.
+  BUF_F_BUF_MEM_GROW = 100;
+  BUF_F_BUF_MEM_GROW_CLEAN = 105;
+  BUF_F_BUF_MEM_NEW = 101;
+
+// BUF reason codes.
+
+  function ERR_load_BUF_strings: TIdC_INT cdecl; external CLibCrypto;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_camellia.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_camellia.pas
new file mode 100644
index 000000000..1ce6f285e
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_camellia.pas
@@ -0,0 +1,92 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 14:51:27
+
+unit IdOpenSSLHeaders_camellia;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// camellia.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+const
+  // Added '_CONST' to avoid name clashes
+  CAMELLIA_ENCRYPT_CONST = 1;
+  // Added '_CONST' to avoid name clashes
+  CAMELLIA_DECRYPT_CONST = 0;
+
+  CAMELLIA_BLOCK_SIZE = 16;
+  CAMELLIA_TABLE_BYTE_LEN = 272;
+  CAMELLIA_TABLE_WORD_LEN = CAMELLIA_TABLE_BYTE_LEN div 4;
+
+type
+  KEY_TABLE_TYPE = array[0 .. CAMELLIA_TABLE_WORD_LEN - 1] of TIdC_UINT;
+
+  camellia_key_st_u = record
+    case Integer of
+    0: (d: TIdC_DOUBLE);
+    1: (rd_key: KEY_TABLE_TYPE);
+  end;
+
+  camellia_key_st = record
+    u: camellia_key_st_u;
+    grand_rounds: TIdC_INT;
+  end;
+
+  CAMELLIA_KEY = camellia_key_st;
+  PCAMELLIA_KEY = ^CAMELLIA_KEY;
+
+  TCamellia_ctr128_encrypt_ivec = array[0 .. CAMELLIA_TABLE_WORD_LEN - 1] of Byte;
+  TCamellia_ctr128_encrypt_ecount_buf = array[0 .. CAMELLIA_TABLE_WORD_LEN - 1] of Byte;
+
+  function Camellia_set_key(const userKey: PByte; const bits: TIdC_INT; key: PCAMELLIA_KEY): TIdC_INT cdecl; external CLibCrypto;
+
+  procedure Camellia_encrypt(const &in: PByte; const &out: PByte; const key: PCAMELLIA_KEY) cdecl; external CLibCrypto;
+  procedure Camellia_decrypt(const &in: PByte; const &out: PByte; const key: PCAMELLIA_KEY) cdecl; external CLibCrypto;
+
+  procedure Camellia_ecb_encrypt( const &in: PByte; const &out: PByte; const key: PCAMELLIA_KEY; const enc: TIdC_INT) cdecl; external CLibCrypto;
+  procedure Camellia_cbc_encrypt( const &in: PByte; const &out: PByte; length: TIdC_SIZET; const key: PCAMELLIA_KEY; ivec: PByte; const enc: TIdC_INT) cdecl; external CLibCrypto;
+  procedure Camellia_cfb128_encrypt( const &in: PByte; const &out: PByte; length: TIdC_SIZET; const key: PCAMELLIA_KEY; ivec: PByte; num: PIdC_INT; const enc: TIdC_INT) cdecl; external CLibCrypto;
+  procedure Camellia_cfb1_encrypt( const &in: PByte; const &out: PByte; length: TIdC_SIZET; const key: PCAMELLIA_KEY; ivec: PByte; num: PIdC_INT; const enc: TIdC_INT) cdecl; external CLibCrypto;
+  procedure Camellia_cfb8_encrypt( const &in: PByte; const &out: PByte; length: TIdC_SIZET; const key: PCAMELLIA_KEY; ivec: PByte; num: PIdC_INT; const enc: TIdC_INT) cdecl; external CLibCrypto;
+  procedure Camellia_ofb128_encrypt( const &in: PByte; const &out: PByte; length: TIdC_SIZET; const key: PCAMELLIA_KEY; ivec: PByte; num: PIdC_INT) cdecl; external CLibCrypto;
+  procedure Camellia_ctr128_encrypt( const &in: PByte; const &out: PByte; length: TIdC_SIZET; const key: PCAMELLIA_KEY; ivec: TCamellia_ctr128_encrypt_ivec; ecount_buf: TCamellia_ctr128_encrypt_ecount_buf; num: PIdC_INT) cdecl; external CLibCrypto;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_cast.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_cast.pas
new file mode 100644
index 000000000..9794e7e8d
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_cast.pas
@@ -0,0 +1,75 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 14:51:27
+
+unit IdOpenSSLHeaders_cast;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// cast.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+const
+  CAST_ENCRYPT_CONST =  1;
+  CAST_DECRYPT_CONST =  0;
+  CAST_BLOCK =  8;
+  CAST_KEY_LENGTH = 16;
+
+type
+  CAST_LONG = type TIdC_UINT;
+  PCAST_LONG = ^CAST_LONG;
+
+  cast_key_st = record
+    data: array of CAST_LONG;
+    short_key: TIdC_INT;              //* Use reduced rounds for short key */
+  end;
+
+  CAST_KEY = cast_key_st;
+  PCAST_KEY = ^CAST_KEY;
+
+  procedure CAST_set_key(key: PCast_Key; len: TIdC_INT; const data: PByte) cdecl; external CLibCrypto;
+  procedure CAST_ecb_encrypt(const &in: PByte; &out: PByte; const key: PCast_Key; enc: TIdC_INT) cdecl; external CLibCrypto;
+  procedure CAST_encrypt(data: PCAST_LONG; const key: PCast_Key) cdecl; external CLibCrypto;
+  procedure CAST_decrypt(data: PCAST_LONG; const key: PCast_Key) cdecl; external CLibCrypto;
+  procedure CAST_cbc_encrypt(const &in: PByte; &out: PByte; length: TIdC_LONG; const ks: PCast_Key; iv: PByte; enc: TIdC_INT) cdecl; external CLibCrypto;
+  procedure CAST_cfb64_encrypt(const &in: PByte; &out: PByte; length: TIdC_LONG; const schedule: PCast_Key; ivec: PByte; num: PIdC_INT; enc: TIdC_INT) cdecl; external CLibCrypto;
+  procedure CAST_ofb64_encrypt(const &in: PByte; &out: PByte; length: TIdC_LONG; const schedule: PCast_Key; ivec: PByte; num: PIdC_INT) cdecl; external CLibCrypto;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_cmac.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_cmac.pas
new file mode 100644
index 000000000..80dd04ca0
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_cmac.pas
@@ -0,0 +1,68 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 14:51:27
+
+unit IdOpenSSLHeaders_cmac;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// cmac.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts,
+  IdOpenSSLHeaders_evp,
+  IdOpenSSLHeaders_ossl_typ;
+
+//* Opaque */
+type
+  CMAC_CTX_st = type Pointer;
+  CMAC_CTX = CMAC_CTX_st;
+  PCMAC_CTX = ^CMAC_CTX;
+
+  function CMAC_CTX_new: PCMAC_CTX cdecl; external CLibCrypto;
+  procedure CMAC_CTX_cleanup(ctx: PCMAC_CTX) cdecl; external CLibCrypto;
+  procedure CMAC_CTX_free(ctx: PCMAC_CTX) cdecl; external CLibCrypto;
+  function CMAC_CTX_get0_cipher_ctx(ctx: PCMAC_CTX): PEVP_CIPHER_CTX cdecl; external CLibCrypto;
+  function CMAC_CTX_copy(out: PCMAC_CTX; const &in: PCMAC_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function CMAC_Init(ctx: PCMAC_CTX; const key: Pointer; keylen: TIdC_SIZET; const cipher: PEVP_Cipher; impl: PENGINe): TIdC_INT cdecl; external CLibCrypto;
+  function CMAC_Update(ctx: PCMAC_CTX; const data: Pointer; dlen: TIdC_SIZET): TIdC_INT cdecl; external CLibCrypto;
+  function CMAC_Final(ctx: PCMAC_CTX; &out: PByte; poutlen: PIdC_SIZET): TIdC_INT cdecl; external CLibCrypto;
+  function CMAC_resume(ctx: PCMAC_CTX): TIdC_INT cdecl; external CLibCrypto;
+
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_cms.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_cms.pas
new file mode 100644
index 000000000..c65422b6b
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_cms.pas
@@ -0,0 +1,297 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 14:51:27
+
+unit IdOpenSSLHeaders_cms;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// cms.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts,
+  IdOpenSSLHeaders_ossl_typ,
+  IdOpenSSLHeaders_x509;
+
+type
+  CMS_ContentInfo_st = type Pointer;
+  CMS_ContentInfo = CMS_ContentInfo_st;
+  PCMS_ContentInfo = ^CMS_ContentInfo;
+  PPCMS_ContentInfo = ^PCMS_ContentInfo;
+
+  CMS_SignerInfo_st = type Pointer;
+  CMS_SignerInfo = CMS_SignerInfo_st;
+  PCMS_SignerInfo = ^CMS_SignerInfo;
+
+  CMS_CertificateChoices_st = type Pointer;
+  CMS_CertificateChoices = CMS_CertificateChoices_st;
+  PCMS_CertificateChoices = ^CMS_CertificateChoices;
+
+  CMS_RevocationInfoChoice_st = type Pointer;
+  CMS_RevocationInfoChoice = CMS_RevocationInfoChoice_st;
+  PCMS_RevocationInfoChoice = ^CMS_RevocationInfoChoice;
+
+  CMS_RecipientInfo_st = type Pointer;
+  CMS_RecipientInfo = CMS_RecipientInfo_st;
+  PCMS_RecipientInfo = ^CMS_RecipientInfo;
+  PPCMS_RecipientInfo = ^PCMS_RecipientInfo;
+
+  CMS_ReceiptRequest_st = type Pointer;
+  CMS_ReceiptRequest = CMS_ReceiptRequest_st;
+  PCMS_ReceiptRequest = ^CMS_ReceiptRequest;
+  PPCMS_ReceiptRequest = ^PCMS_ReceiptRequest;
+
+  CMS_Receipt_st = type Pointer;
+  CMS_Receipt = CMS_Receipt_st;
+  PCMS_Receipt = ^CMS_Receipt;
+
+  CMS_RecipientEncryptedKey_st = type Pointer;
+  CMS_RecipientEncryptedKey = CMS_RecipientEncryptedKey_st;
+  PCMS_RecipientEncryptedKey = ^CMS_RecipientEncryptedKey;
+
+  CMS_OtherKeyAttribute_st = type Pointer;
+  CMS_OtherKeyAttribute = CMS_OtherKeyAttribute_st;
+  PCMS_OtherKeyAttribute = ^CMS_OtherKeyAttribute;
+  PPCMS_OtherKeyAttribute = ^PCMS_OtherKeyAttribute;
+
+//DEFINE_STACK_OF(CMS_SignerInfo)
+//DEFINE_STACK_OF(CMS_RecipientEncryptedKey)
+//DEFINE_STACK_OF(CMS_RecipientInfo)
+//DEFINE_STACK_OF(CMS_RevocationInfoChoice)
+//DECLARE_ASN1_FUNCTIONS(CMS_ContentInfo)
+//DECLARE_ASN1_FUNCTIONS(CMS_ReceiptRequest)
+//DECLARE_ASN1_PRINT_FUNCTION(CMS_ContentInfo)
+
+const
+  CMS_SIGNERINFO_ISSUER_SERIAL    = 0;
+  CMS_SIGNERINFO_KEYIDENTIFIER    = 1;
+
+  CMS_RECIPINFO_NONE              = -1;
+  CMS_RECIPINFO_TRANS             = 0;
+  CMS_RECIPINFO_AGREE             = 1;
+  CMS_RECIPINFO_KEK               = 2;
+  CMS_RECIPINFO_PASS              = 3;
+  CMS_RECIPINFO_OTHER             = 4;
+
+// S/MIME related flags /
+
+  CMS_TEXT                        = $1;
+  CMS_NOCERTS                     = $2;
+  CMS_NO_CONTENT_VERIFY           = $4;
+  CMS_NO_ATTR_VERIFY              = $8;
+  CMS_NOSIGS                      = (CMS_NO_CONTENT_VERIFY or CMS_NO_ATTR_VERIFY);
+  CMS_NOINTERN                    = $10;
+  CMS_NO_SIGNER_CERT_VERIFY       = $20;
+  CMS_NOVERIFY                    = $20;
+  CMS_DETACHED                    = $40;
+  CMS_BINARY                      = $80;
+  CMS_NOATTR                      = $100;
+  CMS_NOSMIMECAP                  = $200;
+  CMS_NOOLDMIMETYPE               = $400;
+  CMS_CRLFEOL                     = $800;
+  CMS_STREAM_CONST                = $1000;
+  CMS_NOCRL                       = $2000;
+  CMS_PARTIAL                     = $4000;
+  CMS_REUSE_DIGEST                = $8000;
+  CMS_USE_KEYID                   = $10000;
+  CMS_DEBUG_DECRYPT               = $20000;
+  CMS_KEY_PARAM                   = $40000;
+  CMS_ASCIICRLF                   = $80000;
+
+  function CMS_get0_type(const cms: PCMS_ContentInfo): PASN1_OBJECT cdecl; external CLibCrypto;
+
+  function CMS_dataInit(cms: PCMS_ContentInfo; icont: PBIO): PBIO cdecl; external CLibCrypto;
+  function CMS_dataFinal(cms: PCMS_ContentInfo; bio: PBIO): TIdC_INT cdecl; external CLibCrypto;
+
+  function CMS_get0_content(cms: PCMS_ContentInfo): PPASN1_OCTET_STRING cdecl; external CLibCrypto;
+  function CMS_is_detached(cms: PCMS_ContentInfo): TIdC_INT cdecl; external CLibCrypto;
+  function CMS_set_detached(cms: PCMS_ContentInfo; detached: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+
+  function CMS_stream(cms: PCMS_ContentInfo; boundary: PPPByte): TIdC_INT cdecl; external CLibCrypto;
+  function d2i_CMS_bio(bp: PBIO; cms: PPCMS_ContentInfo): PCMS_ContentInfo cdecl; external CLibCrypto;
+  function i2d_CMS_bio(bp: PBIO; cms: PCMS_ContentInfo): TIdC_INT cdecl; external CLibCrypto;
+
+  function BIO_new_CMS(&out: PBIO; cms: PCMS_ContentInfo): PBIO cdecl; external CLibCrypto;
+  function i2d_CMS_bio_stream(&out: PBIO; cms: PCMS_ContentInfo; &in: PBIO; flags: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function PEM_write_bio_CMS_stream(&out: PBIO; cms: PCMS_ContentInfo; &in: PBIO; flags: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function SMIME_read_CMS(bio: PBIO; bcont: PPBIO): PCMS_ContentInfo cdecl; external CLibCrypto;
+  function SMIME_write_CMS(bio: PBIO; cms: PCMS_ContentInfo; data: PBIO; flags: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+
+  function CMS_final(cms: PCMS_ContentInfo; data: PBIO; dcont: PBIO; flags: TIdC_UINT): TIdC_INT cdecl; external CLibCrypto;
+
+//  function CMS_sign(signcert: PX509; pkey: PEVP_PKEY; {STACK_OF(x509) *certs;} data: PBIO; flags: TIdC_UINT): PCMS_ContentInfo;
+
+//  function CMS_sign_receipt(si: PCMS_SignerInfo; signcert: PX509; pkey: PEVP_PKEY; {STACK_OF(X509) *certs;} flags: TIdC_UINT): PCMS_ContentInfo;
+
+  function CMS_data(cms: PCMS_ContentInfo; &out: PBIO; flags: TIdC_UINT): TIdC_INT cdecl; external CLibCrypto;
+  function CMS_data_create(&in: PBIO; flags: TIdC_UINT): PCMS_ContentInfo cdecl; external CLibCrypto;
+
+  function CMS_digest_verify(cms: PCMS_ContentInfo; dcont: PBIO; &out: PBIO; flags: TIdC_UINT): TIdC_INT cdecl; external CLibCrypto;
+  function CMS_digest_create(&in: PBIO; const md: PEVP_MD; flags: TIdC_UINT): PCMS_ContentInfo cdecl; external CLibCrypto;
+
+  function CMS_EncryptedData_decrypt(cms: PCMS_ContentInfo; const key: PByte; keylen: TIdC_SIZET; dcont: PBIO; &out: PBIO; flags: TIdC_UINT): TIdC_INT cdecl; external CLibCrypto;
+
+  function CMS_EncryptedData_encrypt(&in: PBIO; const cipher: PEVP_CIPHER; const key: PByte; keylen: TIdC_SIZET; flags: TIdC_UINT): PCMS_ContentInfo cdecl; external CLibCrypto;
+
+  function CMS_EncryptedData_set1_key(cms: PCMS_ContentInfo; const ciph: PEVP_CIPHER; const key: PByte; keylen: TIdC_SIZET): TIdC_INT cdecl; external CLibCrypto;
+
+//  function CMS_verify(cms: PCMS_ContentInfo; {STACK_OF(X509) *certs;} store: PX509_STORE; dcont: PBIO; &out: PBIO; flags: TIdC_UINT): TIdC_INT;
+
+//  function CMS_verify_receipt(rcms: PCMS_ContentInfo; ocms: PCMS_ContentInfo; {STACK_OF(x509) *certs;} store: PX509_STORE; flags: TIdC_UINT): TIdC_INT;
+
+  // STACK_OF(X509) *CMS_get0_signers(CMS_ContentInfo *cms);
+
+//  function CMS_encrypt({STACK_OF(x509) *certs;} &in: PBIO; const cipher: PEVP_CIPHER; flags: TIdC_UINT): PCMS_ContentInfo;
+
+  function CMS_decrypt(cms: PCMS_ContentInfo; pkey: PEVP_PKEY; cert: PX509; dcont: PBIO; &out: PBIO; flags: TIdC_UINT): TIdC_INT cdecl; external CLibCrypto;
+
+  function CMS_decrypt_set1_pkey(cms: PCMS_ContentInfo; pk: PEVP_PKEY; cert: PX509): TIdC_INT cdecl; external CLibCrypto;
+  function CMS_decrypt_set1_key(cms: PCMS_ContentInfo; key: PByte; keylen: TIdC_SIZET; const id: PByte; idlen: TIdC_SIZET): TIdC_INT cdecl; external CLibCrypto;
+  function CMS_decrypt_set1_password(cms: PCMS_ContentInfo; pass: PByte; passlen: ossl_ssize_t): TIdC_INT cdecl; external CLibCrypto;
+
+  //STACK_OF(CMS_RecipientInfo) *CMS_get0_RecipientInfos(CMS_ContentInfo *cms);
+  function CMS_RecipientInfo_type(ri: PCMS_RecipientInfo): TIdC_INT cdecl; external CLibCrypto;
+  function CMS_RecipientInfo_get0_pkey_ctx(ri: PCMS_RecipientInfo): PEVP_PKEY_CTX cdecl; external CLibCrypto;
+  function CMS_EnvelopedData_create(const cipher: PEVP_CIPHER): PCMS_ContentInfo cdecl; external CLibCrypto;
+  function CMS_add1_recipient_cert(cms: PCMS_ContentInfo; recip: PX509; flags: TIdC_UINT): PCMS_RecipientInfo cdecl; external CLibCrypto;
+  function CMS_RecipientInfo_set0_pkey(ri: PCMS_RecipientInfo; pkey: PEVP_PKEY): TIdC_INT cdecl; external CLibCrypto;
+  function CMS_RecipientInfo_ktri_cert_cmp(ri: PCMS_RecipientInfo; cert: PX509): TIdC_INT cdecl; external CLibCrypto;
+  function CMS_RecipientInfo_ktri_get0_algs(ri: PCMS_RecipientInfo; pk: PPEVP_PKEY; recip: PPX509; palg: PPX509_ALGOR): TIdC_INT cdecl; external CLibCrypto;
+  function CMS_RecipientInfo_ktri_get0_signer_id(ri: PPCMS_RecipientInfo; keyid: PPASN1_OCTET_STRING; issuer: PPX509_NAME; sno: PPASN1_INTEGER): TIdC_INT cdecl; external CLibCrypto;
+
+  function CMS_add0_recipient_key(cms: PCMS_ContentInfo; nid: TIdC_INT; key: PByte; keylen: TIdC_SIZET; id: PByte; idlen: TIdC_SIZET; date: PASN1_GENERALIZEDTIME; otherTypeId: PASN1_OBJECT; otherType: ASN1_TYPE): PCMS_RecipientInfo cdecl; external CLibCrypto;
+
+  function CMS_RecipientInfo_kekri_get0_id(ri: PCMS_RecipientInfo; palg: PPX509_ALGOR; pid: PPASN1_OCTET_STRING; pdate: PPASN1_GENERALIZEDTIME; potherid: PPASN1_OBJECT; pothertype: PASN1_TYPE): TIdC_INT cdecl; external CLibCrypto;
+
+  function CMS_RecipientInfo_set0_key(ri: PCMS_RecipientInfo; key: PByte; keylen: TIdC_SIZET): TIdC_INT cdecl; external CLibCrypto;
+
+  function CMS_RecipientInfo_kekri_id_cmp(ri: PCMS_RecipientInfo; const id: PByte; idlen: TIdC_SIZET): TIdC_INT cdecl; external CLibCrypto;
+
+  function CMS_RecipientInfo_set0_password(ri: PCMS_RecipientInfo; pass: PByte; passlen: ossl_ssize_t): TIdC_INT cdecl; external CLibCrypto;
+
+  function CMS_add0_recipient_password(cms: PCMS_ContentInfo; iter: TIdC_INT; wrap_nid: TIdC_INT; pbe_nid: TIdC_INT; pass: PByte; passlen: ossl_ssize_t; const kekciph: PEVP_CIPHER): PCMS_RecipientInfo cdecl; external CLibCrypto;
+
+  function CMS_RecipientInfo_decrypt(cms: PCMS_ContentInfo; ri: PCMS_RecipientInfo): TIdC_INT cdecl; external CLibCrypto;
+  function CMS_RecipientInfo_encrypt(cms: PCMS_ContentInfo; ri: PCMS_RecipientInfo): TIdC_INT cdecl; external CLibCrypto;
+
+  function CMS_uncompress(cms: PCMS_ContentInfo; dcont: PBIO; &out: PBIO; flags: TIdC_UINT): TIdC_INT cdecl; external CLibCrypto;
+  function CMS_compress(&in: PBIO; comp_nid: TIdC_INT; flags: TIdC_UINT): PCMS_ContentInfo cdecl; external CLibCrypto;
+
+  function CMS_set1_eContentType(cms: CMS_ContentInfo; const oit: PASN1_OBJECT): TIdC_INT cdecl; external CLibCrypto;
+  function CMS_get0_eContentType(cms: PCMS_ContentInfo): PASN1_OBJECT cdecl; external CLibCrypto;
+
+  function CMS_add0_CertificateChoices(cms: PCMS_ContentInfo): PCMS_CertificateChoices cdecl; external CLibCrypto;
+  function CMS_add0_cert(cms: PCMS_ContentInfo; cert: PX509): TIdC_INT cdecl; external CLibCrypto;
+  function CMS_add1_cert(cms: PCMS_ContentInfo; cert: PX509): TIdC_INT cdecl; external CLibCrypto;
+  // STACK_OF(X509) *CMS_get1_certs(CMS_ContentInfo *cms);
+
+  function CMS_add0_RevocationInfoChoice(cms: PCMS_ContentInfo): PCMS_RevocationInfoChoice cdecl; external CLibCrypto;
+  function CMS_add0_crl(cms: PCMS_ContentInfo; crl: PX509_CRL): TIdC_INT cdecl; external CLibCrypto;
+  function CMS_add1_crl(cms: PCMS_ContentInfo; crl: PX509_CRL): TIdC_INT cdecl; external CLibCrypto;
+  // STACK_OF(X509_CRL) *CMS_get1_crls(CMS_ContentInfo *cms);
+
+  function CMS_SignedData_init(cms: PCMS_ContentInfo): TIdC_INT cdecl; external CLibCrypto;
+  function CMS_add1_signer(cms: PCMS_ContentInfo; signer: PX509; pk: PEVP_PKEY; const md: PEVP_MD; flags: TIdC_UINT): PCMS_SignerInfo cdecl; external CLibCrypto;
+  function CMS_SignerInfo_get0_pkey_ctx(si: PCMS_SignerInfo): PEVP_PKEY_CTX cdecl; external CLibCrypto;
+  function CMS_SignerInfo_get0_md_ctx(si: PCMS_SignerInfo): PEVP_MD_CTX cdecl; external CLibCrypto;
+  // STACK_OF(CMS_SignerInfo) *CMS_get0_SignerInfos(CMS_ContentInfo *cms);
+
+  procedure CMS_SignerInfo_set1_signer_cert(si: PCMS_SignerInfo; signer: PX509) cdecl; external CLibCrypto;
+  function CMS_SignerInfo_get0_signer_id(si: PCMS_SignerInfo; keyid: PPASN1_OCTET_STRING; issuer: PPX509_NAME; sno: PPASN1_INTEGER): TIdC_INT cdecl; external CLibCrypto;
+  function CMS_SignerInfo_cert_cmp(si: PCMS_SignerInfo; cert: PX509): TIdC_INT cdecl; external CLibCrypto;
+//  function CMS_set1_signers_certs(cms: PCMS_ContentInfo; {STACK_OF(X509) *certs;} flags: TIdC_UINT): TIdC_INT;
+  procedure CMS_SignerInfo_get0_algs(si: PCMS_SignerInfo; pk: PPEVP_PKEY; signer: PPX509; pdig: PPX509_ALGOR; psig: PPX509_ALGOR) cdecl; external CLibCrypto;
+  function CMS_SignerInfo_get0_signature(si: PCMS_SignerInfo): PASN1_OCTET_STRING cdecl; external CLibCrypto;
+  function CMS_SignerInfo_sign(si: PCMS_SignerInfo): TIdC_INT cdecl; external CLibCrypto;
+  function CMS_SignerInfo_verify(si: PCMS_SignerInfo): TIdC_INT cdecl; external CLibCrypto;
+  function CMS_SignerInfo_verify_content(si: PCMS_SignerInfo; chain: PBIO): TIdC_INT cdecl; external CLibCrypto;
+
+//  function CMS_add_smimecap(si: PCMS_SignerInfo{; STACK_OF(X509_ALGOR) *algs}): TIdC_INT;
+//  function CMS_add_simple_smimecap({STACK_OF(X509_ALGOR) **algs;} algnid: TIdC_INT; keysize: TIdC_INT): TIdC_INT;
+//  function CMS_add_standard_smimecap({STACK_OF(X509_ALGOR) **smcap}): TIdC_INT;
+
+  function CMS_signed_get_attr_count(const si: PCMS_SignerInfo): TIdC_INT cdecl; external CLibCrypto;
+  function CMS_signed_get_attr_by_NID(const si: PCMS_SignerInfo; nid: TIdC_INT; lastpos: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function CMS_signed_get_attr_by_OBJ(const si: PCMS_SignerInfo; const obj: ASN1_OBJECT; lastpos: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function CMS_signed_get_attr(const si: PCMS_SignerInfo; loc: TIdC_INT): PX509_ATTRIBUTE cdecl; external CLibCrypto;
+  function CMS_signed_delete_attr(const si: PCMS_SignerInfo; loc: TIdC_INT): PX509_ATTRIBUTE cdecl; external CLibCrypto;
+  function CMS_signed_add1_attr(si: PCMS_SignerInfo; loc: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function CMS_signed_add1_attr_by_OBJ(si: PCMS_SignerInfo; const obj: PASN1_OBJECT; &type: TIdC_INT; const bytes: Pointer; len: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function CMS_signed_add1_attr_by_NID(si: PCMS_SignerInfo; nid: TIdC_INT; &type: TIdC_INT; const bytes: Pointer; len: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function CMS_signed_add1_attr_by_txt(si: PCMS_SignerInfo; const attrname: PAnsiChar; &type: TIdC_INT; const bytes: Pointer; len: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function CMS_signed_get0_data_by_OBJ(si: PCMS_SignerInfo; const oid: PASN1_OBJECT; lastpos: TIdC_INT; &type: TIdC_INT): Pointer cdecl; external CLibCrypto;
+
+  function CMS_unsigned_get_attr_count(const si: PCMS_SignerInfo): TIdC_INT cdecl; external CLibCrypto;
+  function CMS_unsigned_get_attr_by_NID(const si: PCMS_SignerInfo; nid: TIdC_INT; lastpos: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function CMS_unsigned_get_attr_by_OBJ(const si: PCMS_SignerInfo; const obj: PASN1_OBJECT; lastpos: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function CMS_unsigned_get_attr(const si: PCMS_SignerInfo; loc: TIdC_INT): PX509_ATTRIBUTE cdecl; external CLibCrypto;
+  function CMS_unsigned_delete_attr(si: PCMS_SignerInfo; loc: TIdC_INT): PX509_ATTRIBUTE cdecl; external CLibCrypto;
+  function CMS_unsigned_add1_attr(si: PCMS_SignerInfo; attr: PX509_ATTRIBUTE): TIdC_INT cdecl; external CLibCrypto;
+  function CMS_unsigned_add1_attr_by_OBJ(si: PCMS_SignerInfo; const obj: PASN1_OBJECT; &type: TIdC_INT; const bytes: Pointer; len: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function CMS_unsigned_add1_attr_by_NID(si: PCMS_SignerInfo; nid: TIdC_INT; &type: TIdC_INT; const bytes: Pointer; len: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function CMS_unsigned_add1_attr_by_txt(si: PCMS_SignerInfo; const attrname: PAnsiChar; &type: TIdC_INT; const bytes: Pointer; len: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function CMS_unsigned_get0_data_by_OBJ(si: PCMS_SignerInfo; oid: PASN1_OBJECT; lastpos: TIdC_INT; &type: TIdC_INT): Pointer cdecl; external CLibCrypto;
+
+  function CMS_get1_ReceiptRequest(si: PCMS_SignerInfo; prr: PPCMS_ReceiptRequest): TIdC_INT cdecl; external CLibCrypto;
+//  function CMS_ReceiptRequest_create0(id: PByte; idlen: TIdC_INT; allorfirst: TIdC_INT
+//    {;STACK_OF(GENERAL_NAMES) *receiptList;} {STACK_OF(GENERAL_NAMES) *receiptsTo}): PCMS_ReceiptRequest;
+  function CMS_add1_ReceiptRequest(si: PCMS_SignerInfo; rr: PCMS_ReceiptRequest): TIdC_INT cdecl; external CLibCrypto;
+//  procedure CMS_ReceiptRequest_get0_values(rr: PCMS_ReceiptRequest; pcid: PPASN1_STRING;
+//    pallorfirst: PIdC_INT {;STACK_OF(GENERAL_NAMES) **plist;}
+//    {STACK_OF(GENERAL_NAMES) **prto});
+//  function CMS_RecipientInfo_kari_get0_alg(ri: PCMS_RecipientInfo; palg: PPX509_ALGOR;
+//    pukm: PPASN1_OCTET_STRING): TIdC_INT;
+//  // STACK_OF(CMS_RecipientEncryptedKey) *CMS_RecipientInfo_kari_get0_reks(CMS_RecipientInfo *ri);
+
+  function CMS_RecipientInfo_kari_get0_orig_id(ri: PCMS_RecipientInfo; pubalg: PPX509_ALGOR; pubkey: PASN1_BIT_STRING; keyid: PPASN1_OCTET_STRING; issuer: PPX509_NAME; sno: PPASN1_INTEGER): TIdC_INT cdecl; external CLibCrypto;
+
+  function CMS_RecipientInfo_kari_orig_id_cmp(ri: PCMS_RecipientInfo; cert: PX509): TIdC_INT cdecl; external CLibCrypto;
+
+  function CMS_RecipientEncryptedKey_get0_id(rek: PCMS_RecipientEncryptedKey; keyid: PPASN1_OCTET_STRING; tm: PPASN1_GENERALIZEDTIME; other: PPCMS_OtherKeyAttribute; issuer: PPX509_NAME; sno: PPASN1_INTEGER): TIdC_INT cdecl; external CLibCrypto;
+  function CMS_RecipientEncryptedKey_cert_cmp(rek: PCMS_RecipientEncryptedKey; cert: PX509): TIdC_INT cdecl; external CLibCrypto;
+  function CMS_RecipientInfo_kari_set0_pkey(ri: PCMS_RecipientInfo; pk: PEVP_PKEY): TIdC_INT cdecl; external CLibCrypto;
+  function CMS_RecipientInfo_kari_get0_ctx(ri: PCMS_RecipientInfo): PEVP_CIPHER_CTX cdecl; external CLibCrypto;
+  function CMS_RecipientInfo_kari_decrypt(cms: PCMS_ContentInfo; ri: PCMS_RecipientInfo; rek: PCMS_RecipientEncryptedKey): TIdC_INT cdecl; external CLibCrypto;
+
+  function CMS_SharedInfo_encode(pder: PPByte; kekalg: PX509_ALGOR; ukm: PASN1_OCTET_STRING; keylen: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+
+  ///* Backward compatibility for spelling errors. */
+  //# define CMS_R_UNKNOWN_DIGEST_ALGORITM CMS_R_UNKNOWN_DIGEST_ALGORITHM
+  //# define CMS_R_UNSUPPORTED_RECPIENTINFO_TYPE \ CMS_R_UNSUPPORTED_RECIPIENTINFO_TYPE
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_cmserr.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_cmserr.pas
new file mode 100644
index 000000000..951ee6f95
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_cmserr.pas
@@ -0,0 +1,226 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 14:51:27
+
+unit IdOpenSSLHeaders_cmserr;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// cmserr.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+const
+  //
+  // CMS function codes.
+  //
+  CMS_F_CHECK_CONTENT                             = 99;
+  CMS_F_CMS_ADD0_CERT                             = 164;
+  CMS_F_CMS_ADD0_RECIPIENT_KEY                    = 100;
+  CMS_F_CMS_ADD0_RECIPIENT_PASSWORD               = 165;
+  CMS_F_CMS_ADD1_RECEIPTREQUEST                   = 158;
+  CMS_F_CMS_ADD1_RECIPIENT_CERT                   = 101;
+  CMS_F_CMS_ADD1_SIGNER                           = 102;
+  CMS_F_CMS_ADD1_SIGNINGTIME                      = 103;
+  CMS_F_CMS_COMPRESS                              = 104;
+  CMS_F_CMS_COMPRESSEDDATA_CREATE                 = 105;
+  CMS_F_CMS_COMPRESSEDDATA_INIT_BIO               = 106;
+  CMS_F_CMS_COPY_CONTENT                          = 107;
+  CMS_F_CMS_COPY_MESSAGEDIGEST                    = 108;
+  CMS_F_CMS_DATA                                  = 109;
+  CMS_F_CMS_DATAFINAL                             = 110;
+  CMS_F_CMS_DATAINIT                              = 111;
+  CMS_F_CMS_DECRYPT                               = 112;
+  CMS_F_CMS_DECRYPT_SET1_KEY                      = 113;
+  CMS_F_CMS_DECRYPT_SET1_PASSWORD                 = 166;
+  CMS_F_CMS_DECRYPT_SET1_PKEY                     = 114;
+  CMS_F_CMS_DIGESTALGORITHM_FIND_CTX              = 115;
+  CMS_F_CMS_DIGESTALGORITHM_INIT_BIO              = 116;
+  CMS_F_CMS_DIGESTEDDATA_DO_FINAL                 = 117;
+  CMS_F_CMS_DIGEST_VERIFY                         = 118;
+  CMS_F_CMS_ENCODE_RECEIPT                        = 161;
+  CMS_F_CMS_ENCRYPT                               = 119;
+  CMS_F_CMS_ENCRYPTEDCONTENT_INIT                 = 179;
+  CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO             = 120;
+  CMS_F_CMS_ENCRYPTEDDATA_DECRYPT                 = 121;
+  CMS_F_CMS_ENCRYPTEDDATA_ENCRYPT                 = 122;
+  CMS_F_CMS_ENCRYPTEDDATA_SET1_KEY                = 123;
+  CMS_F_CMS_ENVELOPEDDATA_CREATE                  = 124;
+  CMS_F_CMS_ENVELOPEDDATA_INIT_BIO                = 125;
+  CMS_F_CMS_ENVELOPED_DATA_INIT                   = 126;
+  CMS_F_CMS_ENV_ASN1_CTRL                         = 171;
+  CMS_F_CMS_FINAL                                 = 127;
+  CMS_F_CMS_GET0_CERTIFICATE_CHOICES              = 128;
+  CMS_F_CMS_GET0_CONTENT                          = 129;
+  CMS_F_CMS_GET0_ECONTENT_TYPE                    = 130;
+  CMS_F_CMS_GET0_ENVELOPED                        = 131;
+  CMS_F_CMS_GET0_REVOCATION_CHOICES               = 132;
+  CMS_F_CMS_GET0_SIGNED                           = 133;
+  CMS_F_CMS_MSGSIGDIGEST_ADD1                     = 162;
+  CMS_F_CMS_RECEIPTREQUEST_CREATE0                = 159;
+  CMS_F_CMS_RECEIPT_VERIFY                        = 160;
+  CMS_F_CMS_RECIPIENTINFO_DECRYPT                 = 134;
+  CMS_F_CMS_RECIPIENTINFO_ENCRYPT                 = 169;
+  CMS_F_CMS_RECIPIENTINFO_KARI_ENCRYPT            = 178;
+  CMS_F_CMS_RECIPIENTINFO_KARI_GET0_ALG           = 175;
+  CMS_F_CMS_RECIPIENTINFO_KARI_GET0_ORIG_ID       = 173;
+  CMS_F_CMS_RECIPIENTINFO_KARI_GET0_REKS          = 172;
+  CMS_F_CMS_RECIPIENTINFO_KARI_ORIG_ID_CMP        = 174;
+  CMS_F_CMS_RECIPIENTINFO_KEKRI_DECRYPT           = 135;
+  CMS_F_CMS_RECIPIENTINFO_KEKRI_ENCRYPT           = 136;
+  CMS_F_CMS_RECIPIENTINFO_KEKRI_GET0_ID           = 137;
+  CMS_F_CMS_RECIPIENTINFO_KEKRI_ID_CMP            = 138;
+  CMS_F_CMS_RECIPIENTINFO_KTRI_CERT_CMP           = 139;
+  CMS_F_CMS_RECIPIENTINFO_KTRI_DECRYPT            = 140;
+  CMS_F_CMS_RECIPIENTINFO_KTRI_ENCRYPT            = 141;
+  CMS_F_CMS_RECIPIENTINFO_KTRI_GET0_ALGS          = 142;
+  CMS_F_CMS_RECIPIENTINFO_KTRI_GET0_SIGNER_ID     = 143;
+  CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT              = 167;
+  CMS_F_CMS_RECIPIENTINFO_SET0_KEY                = 144;
+  CMS_F_CMS_RECIPIENTINFO_SET0_PASSWORD           = 168;
+  CMS_F_CMS_RECIPIENTINFO_SET0_PKEY               = 145;
+  CMS_F_CMS_SD_ASN1_CTRL                          = 170;
+  CMS_F_CMS_SET1_IAS                              = 176;
+  CMS_F_CMS_SET1_KEYID                            = 177;
+  CMS_F_CMS_SET1_SIGNERIDENTIFIER                 = 146;
+  CMS_F_CMS_SET_DETACHED                          = 147;
+  CMS_F_CMS_SIGN                                  = 148;
+  CMS_F_CMS_SIGNED_DATA_INIT                      = 149;
+  CMS_F_CMS_SIGNERINFO_CONTENT_SIGN               = 150;
+  CMS_F_CMS_SIGNERINFO_SIGN                       = 151;
+  CMS_F_CMS_SIGNERINFO_VERIFY                     = 152;
+  CMS_F_CMS_SIGNERINFO_VERIFY_CERT                = 153;
+  CMS_F_CMS_SIGNERINFO_VERIFY_CONTENT             = 154;
+  CMS_F_CMS_SIGN_RECEIPT                          = 163;
+  CMS_F_CMS_SI_CHECK_ATTRIBUTES                   = 183;
+  CMS_F_CMS_STREAM                                = 155;
+  CMS_F_CMS_UNCOMPRESS                            = 156;
+  CMS_F_CMS_VERIFY                                = 157;
+  CMS_F_KEK_UNWRAP_KEY                            = 180;
+
+  //
+  // CMS reason codes.
+  //
+  CMS_R_ADD_SIGNER_ERROR                          = 99;
+  CMS_R_ATTRIBUTE_ERROR                           = 161;
+  CMS_R_CERTIFICATE_ALREADY_PRESENT               = 175;
+  CMS_R_CERTIFICATE_HAS_NO_KEYID                  = 160;
+  CMS_R_CERTIFICATE_VERIFY_ERROR                  = 100;
+  CMS_R_CIPHER_INITIALISATION_ERROR               = 101;
+  CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR     = 102;
+  CMS_R_CMS_DATAFINAL_ERROR                       = 103;
+  CMS_R_CMS_LIB                                   = 104;
+  CMS_R_CONTENTIDENTIFIER_MISMATCH                = 170;
+  CMS_R_CONTENT_NOT_FOUND                         = 105;
+  CMS_R_CONTENT_TYPE_MISMATCH                     = 171;
+  CMS_R_CONTENT_TYPE_NOT_COMPRESSED_DATA          = 106;
+  CMS_R_CONTENT_TYPE_NOT_ENVELOPED_DATA           = 107;
+  CMS_R_CONTENT_TYPE_NOT_SIGNED_DATA              = 108;
+  CMS_R_CONTENT_VERIFY_ERROR                      = 109;
+  CMS_R_CTRL_ERROR                                = 110;
+  CMS_R_CTRL_FAILURE                              = 111;
+  CMS_R_DECRYPT_ERROR                             = 112;
+  CMS_R_ERROR_GETTING_PUBLIC_KEY                  = 113;
+  CMS_R_ERROR_READING_MESSAGEDIGEST_ATTRIBUTE     = 114;
+  CMS_R_ERROR_SETTING_KEY                         = 115;
+  CMS_R_ERROR_SETTING_RECIPIENTINFO               = 116;
+  CMS_R_INVALID_ENCRYPTED_KEY_LENGTH              = 117;
+  CMS_R_INVALID_KEY_ENCRYPTION_PARAMETER          = 176;
+  CMS_R_INVALID_KEY_LENGTH                        = 118;
+  CMS_R_MD_BIO_INIT_ERROR                         = 119;
+  CMS_R_MESSAGEDIGEST_ATTRIBUTE_WRONG_LENGTH      = 120;
+  CMS_R_MESSAGEDIGEST_WRONG_LENGTH                = 121;
+  CMS_R_MSGSIGDIGEST_ERROR                        = 172;
+  CMS_R_MSGSIGDIGEST_VERIFICATION_FAILURE         = 162;
+  CMS_R_MSGSIGDIGEST_WRONG_LENGTH                 = 163;
+  CMS_R_NEED_ONE_SIGNER                           = 164;
+  CMS_R_NOT_A_SIGNED_RECEIPT                      = 165;
+  CMS_R_NOT_ENCRYPTED_DATA                        = 122;
+  CMS_R_NOT_KEK                                   = 123;
+  CMS_R_NOT_KEY_AGREEMENT                         = 181;
+  CMS_R_NOT_KEY_TRANSPORT                         = 124;
+  CMS_R_NOT_PWRI                                  = 177;
+  CMS_R_NOT_SUPPORTED_FOR_THIS_KEY_TYPE           = 125;
+  CMS_R_NO_CIPHER                                 = 126;
+  CMS_R_NO_CONTENT                                = 127;
+  CMS_R_NO_CONTENT_TYPE                           = 173;
+  CMS_R_NO_DEFAULT_DIGEST                         = 128;
+  CMS_R_NO_DIGEST_SET                             = 129;
+  CMS_R_NO_KEY                                    = 130;
+  CMS_R_NO_KEY_OR_CERT                            = 174;
+  CMS_R_NO_MATCHING_DIGEST                        = 131;
+  CMS_R_NO_MATCHING_RECIPIENT                     = 132;
+  CMS_R_NO_MATCHING_SIGNATURE                     = 166;
+  CMS_R_NO_MSGSIGDIGEST                           = 167;
+  CMS_R_NO_PASSWORD                               = 178;
+  CMS_R_NO_PRIVATE_KEY                            = 133;
+  CMS_R_NO_PUBLIC_KEY                             = 134;
+  CMS_R_NO_RECEIPT_REQUEST                        = 168;
+  CMS_R_NO_SIGNERS                                = 135;
+  CMS_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE    = 136;
+  CMS_R_RECEIPT_DECODE_ERROR                      = 169;
+  CMS_R_RECIPIENT_ERROR                           = 137;
+  CMS_R_SIGNER_CERTIFICATE_NOT_FOUND              = 138;
+  CMS_R_SIGNFINAL_ERROR                           = 139;
+  CMS_R_SMIME_TEXT_ERROR                          = 140;
+  CMS_R_STORE_INIT_ERROR                          = 141;
+  CMS_R_TYPE_NOT_COMPRESSED_DATA                  = 142;
+  CMS_R_TYPE_NOT_DATA                             = 143;
+  CMS_R_TYPE_NOT_DIGESTED_DATA                    = 144;
+  CMS_R_TYPE_NOT_ENCRYPTED_DATA                   = 145;
+  CMS_R_TYPE_NOT_ENVELOPED_DATA                   = 146;
+  CMS_R_UNABLE_TO_FINALIZE_CONTEXT                = 147;
+  CMS_R_UNKNOWN_CIPHER                            = 148;
+  CMS_R_UNKNOWN_DIGEST_ALGORITHM                  = 149;
+  CMS_R_UNKNOWN_ID                                = 150;
+  CMS_R_UNSUPPORTED_COMPRESSION_ALGORITHM         = 151;
+  CMS_R_UNSUPPORTED_CONTENT_TYPE                  = 152;
+  CMS_R_UNSUPPORTED_KEK_ALGORITHM                 = 153;
+  CMS_R_UNSUPPORTED_KEY_ENCRYPTION_ALGORITHM      = 179;
+  CMS_R_UNSUPPORTED_RECIPIENTINFO_TYPE            = 155;
+  CMS_R_UNSUPPORTED_RECIPIENT_TYPE                = 154;
+  CMS_R_UNSUPPORTED_TYPE                          = 156;
+  CMS_R_UNWRAP_ERROR                              = 157;
+  CMS_R_UNWRAP_FAILURE                            = 180;
+  CMS_R_VERIFICATION_FAILURE                      = 158;
+  CMS_R_WRAP_ERROR                                = 159;
+
+  function ERR_load_CMS_strings: TIdC_INT cdecl; external CLibCrypto;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_comp.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_comp.pas
new file mode 100644
index 000000000..573a361f4
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_comp.pas
@@ -0,0 +1,65 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 14:51:27
+
+unit IdOpenSSLHeaders_comp;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// comp.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts,
+  IdOpenSSLHeaders_bio,
+  IdOpenSSLHeaders_ossl_typ;
+
+  function COMP_CTX_new(meth: PCOMP_METHOD): PCOMP_CTX cdecl; external CLibCrypto;
+  function COMP_CTX_get_method(const ctx: PCOMP_CTX): PCOMP_METHOD cdecl; external CLibCrypto;
+  function COMP_CTX_get_type(const comp: PCOMP_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function COMP_get_type(const meth: PCOMP_METHOD): TIdC_INT cdecl; external CLibCrypto;
+  function COMP_get_name(const meth: PCOMP_METHOD): PIdAnsiChar cdecl; external CLibCrypto;
+  procedure COMP_CTX_free(ctx: PCOMP_CTX) cdecl; external CLibCrypto;
+
+  function COMP_compress_block(ctx: PCOMP_CTX; &out: PByte; olen: TIdC_INT; &in: PByte; ilen: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function COMP_expand_block(ctx: PCOMP_CTX; &out: PByte; olen: TIdC_INT; &in: PByte; ilen: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+
+  function COMP_zlib: PCOMP_METHOD cdecl; external CLibCrypto;
+
+  function BIO_f_zlib: PBIO_METHOD cdecl; external CLibCrypto;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_comperr.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_comperr.pas
new file mode 100644
index 000000000..6c9c28e89
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_comperr.pas
@@ -0,0 +1,68 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 14:51:27
+
+unit IdOpenSSLHeaders_comperr;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// comperr.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+const
+///*
+// * COMP function codes.
+// */
+  COMP_F_BIO_ZLIB_FLUSH =      99;
+  COMP_F_BIO_ZLIB_NEW =        100;
+  COMP_F_BIO_ZLIB_READ =       101;
+  COMP_F_BIO_ZLIB_WRITE =      102;
+  COMP_F_COMP_CTX_NEW =        103;
+
+///*
+// * COMP reason codes.
+// */
+  COMP_R_ZLIB_DEFLATE_ERROR =  99;
+  COMP_R_ZLIB_INFLATE_ERROR =  100;
+  COMP_R_ZLIB_NOT_SUPPORTED =  101;
+
+  function ERR_load_COMP_strings: TIdC_INT cdecl; external CLibCrypto;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_conf.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_conf.pas
new file mode 100644
index 000000000..21e5fff1a
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_conf.pas
@@ -0,0 +1,189 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 14:51:27
+
+unit IdOpenSSLHeaders_conf;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// conf.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts,
+  IdOpenSSLHeaders_bio,
+  IdOpenSSLHeaders_ossl_typ;
+
+type
+  CONF_parse_list_list_cb = function (const elem: PAnsiChar; len: TIdC_INT; usr: Pointer): TIdC_INT;
+
+  CONF_VALUE = record
+    section: PAnsiChar;
+    name: PAnsiChar;
+    value: PAnsiChar;
+  end;
+  PCONF_VALUE = ^CONF_VALUE;
+
+//DEFINE_STACK_OF(CONF_VALUE)
+//DEFINE_LHASH_OF(CONF_VALUE);
+
+  conf_st = type Pointer;
+  conf_method_st = type Pointer;
+  CONF_METHOD = conf_method_st;
+  PCONF_METHOD = ^conf_method_st;
+  CONF = conf_st;
+  PCONF = ^CONF;
+
+  (*conf_method_st = record
+    const char *name;
+    CONF *(*create) (CONF_METHOD *meth);
+    int (*init) (CONF *conf);
+    int (*destroy) (CONF *conf);
+    int (*destroy_data) (CONF *conf);
+    int (*load_bio) (CONF *conf, BIO *bp, long *eline);
+    int (*dump) (const CONF *conf, BIO *bp);
+    int (*is_number) (const CONF *conf, char c);
+    int (*to_int) (const CONF *conf, char c);
+    int (*load) (CONF *conf, const char *name, long *eline);
+  end; *)
+
+//* Module definitions */
+
+  conf_imodule_st = type Pointer;
+  CONF_IMODULE = conf_imodule_st;
+  PCONF_IMODULE = ^CONF_IMODULE;
+  conf_module_st = type Pointer;
+  CONF_MODULE = conf_module_st;
+  PCONF_MODULE = ^CONF_MODULE;
+
+//DEFINE_STACK_OF(CONF_MODULE)
+//DEFINE_STACK_OF(CONF_IMODULE)
+
+//* DSO module function typedefs */
+  conf_init_func = function(md: PCONF_IMODULE; const cnf: PCONF): TIdC_INT;
+  conf_finish_func = procedure(md: PCONF_IMODULE);
+
+const
+  CONF_MFLAGS_IGNORE_ERRORS = $1;
+  CONF_MFLAGS_IGNORE_RETURN_CODES = $2;
+  CONF_MFLAGS_SILENT = $4;
+  CONF_MFLAGS_NO_DSO = $8;
+  CONF_MFLAGS_IGNORE_MISSING_FILE = $10;
+  CONF_MFLAGS_DEFAULT_SECTION = $20;
+
+  function CONF_set_default_method(meth: PCONF_METHOD): TIdC_INT cdecl; external CLibCrypto;
+//  (*
+//  void CONF_set_nconf(CONF *conf, LHASH_OF(CONF_VALUE) *hash);
+//  LHASH_OF(CONF_VALUE) *CONF_load(LHASH_OF(CONF_VALUE) *conf, const char *file, long *eline);
+//  {$ifndef OPENSSL_NO_STDIO}
+//  LHASH_OF(CONF_VALUE) *CONF_load_fp(LHASH_OF(CONF_VALUE) *conf, FILE *fp, long *eline);
+//  {$endif}
+//  LHASH_OF(CONF_VALUE) *CONF_load_bio(LHASH_OF(CONF_VALUE) *conf, BIO *bp,
+//                                      long *eline);
+//  STACK_OF(CONF_VALUE) *CONF_get_section(LHASH_OF(CONF_VALUE) *conf,
+//                                         const char *section);
+//  char *CONF_get_string(LHASH_OF(CONF_VALUE) *conf, const char *group,
+//                        const char *name);
+//  long CONF_get_number(LHASH_OF(CONF_VALUE) *conf, const char *group,
+//                       const char *name);
+//  void CONF_free(LHASH_OF(CONF_VALUE) *conf);
+//  #ifndef OPENSSL_NO_STDIO
+//  int CONF_dump_fp(LHASH_OF(CONF_VALUE) *conf, FILE *out);
+//  #endif
+//  int CONF_dump_bio(LHASH_OF(CONF_VALUE) *conf, BIO *out);
+//
+//  DEPRECATEDIN_1_1_0(void OPENSSL_config(const char *config_name))
+//
+//  #if OPENSSL_API_COMPAT < 0x10100000L
+//  # define OPENSSL_no_config() \
+//      OPENSSL_init_crypto(OPENSSL_INIT_NO_LOAD_CONFIG, NULL)
+//  #endif
+//  *)
+
+  (*
+   * New conf code.  The semantics are different from the functions above. If
+   * that wasn't the case, the above functions would have been replaced
+   *)
+
+  //type     Doppelt???
+  //  conf_st = record
+  //    CONF_METHOD *meth;
+  //    void *meth_data;
+  //    LHASH_OF(CONF_VALUE) *data;
+  //  end;
+
+  function NCONF_new(meth: PCONF_METHOD): PCONF cdecl; external CLibCrypto;
+  function NCONF_default: PCONF_METHOD cdecl; external CLibCrypto;
+  function NCONF_WIN32: PCONF_METHOD cdecl; external CLibCrypto;
+  procedure NCONF_free(conf: PCONF) cdecl; external CLibCrypto;
+  procedure NCONF_free_data(conf: PCONF) cdecl; external CLibCrypto;
+
+  function NCONF_load(conf: PCONF; const &file: PAnsiChar; eline: PIdC_LONG): TIdC_INT cdecl; external CLibCrypto;
+  function NCONF_load_bio(conf: PCONF; bp: PBIO; eline: PIdC_LONG): TIdC_INT cdecl; external CLibCrypto;
+  //STACK_OF(CONF_VALUE) *NCONF_get_section(const CONF *conf,
+  //                                        const char *section);
+  function NCONF_get_string(const conf: PCONF; const group: PAnsiChar; const name: PAnsiChar): PAnsiChar cdecl; external CLibCrypto;
+  function NCONF_get_number_e(const conf: PCONF; const group: PAnsiChar; const name: PAnsiChar; result: PIdC_LONG): TIdC_INT cdecl; external CLibCrypto;
+  function NCONF_dump_bio(const conf: PCONf; out: PBIO): TIdC_INT cdecl; external CLibCrypto;
+
+  //#define NCONF_get_number(c,g,n,r) NCONF_get_number_e(c,g,n,r)
+
+  //* Module functions */
+
+  function CONF_modules_load(const cnf: PCONF; const appname: PAnsiChar; flags: TIdC_ULONG): TIdC_INT cdecl; external CLibCrypto;
+  function CONF_modules_load_file(const filename: PAnsiChar; const appname: PAnsiChar; flags: TIdC_ULONG): TIdC_INT cdecl; external CLibCrypto;
+
+  procedure CONF_modules_unload(all: TIdC_INT) cdecl; external CLibCrypto;
+  procedure CONF_modules_finish cdecl; external CLibCrypto;
+  function CONF_module_add(const name: PAnsiChar; ifunc: conf_init_func; ffunc: conf_finish_func): TIdC_INT cdecl; external CLibCrypto;
+
+  //const char *CONF_imodule_get_name(const CONF_IMODULE *md);
+  //const char *CONF_imodule_get_value(const CONF_IMODULE *md);
+  function CONF_imodule_get_usr_data(const md: PCONF_IMODULE): Pointer cdecl; external CLibCrypto;
+  procedure CONF_imodule_set_usr_data(md: PCONF_IMODULE; usr_data: Pointer) cdecl; external CLibCrypto;
+  function CONF_imodule_get_module(const md: PCONF_IMODULE): PCONF_MODULE cdecl; external CLibCrypto;
+  function CONF_imodule_get_flags(const md: PCONF_IMODULE): TIdC_ULONG cdecl; external CLibCrypto;
+  procedure CONF_imodule_set_flags(md: PCONF_IMODULE; flags: TIdC_ULONG) cdecl; external CLibCrypto;
+  function CONF_module_get_usr_data(pmod: PCONF_MODULE): Pointer cdecl; external CLibCrypto;
+  procedure CONF_module_set_usr_data(pmod: PCONF_MODULE; usr_data: Pointer) cdecl; external CLibCrypto;
+
+  function CONF_get1_default_config_file: PAnsiChar cdecl; external CLibCrypto;
+  function CONF_parse_list(const list: PAnsiChar; sep: TIdC_INT; nospc: TIdC_INT; list_cb: CONF_parse_list_list_cb; arg: Pointer): TIdC_INT cdecl; external CLibCrypto;
+
+  procedure OPENSSL_load_builtin_modules cdecl; external CLibCrypto;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_conf_api.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_conf_api.pas
new file mode 100644
index 000000000..6dd16f7be
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_conf_api.pas
@@ -0,0 +1,66 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 14:51:27
+
+unit IdOpenSSLHeaders_conf_api;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// conf_api.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts,
+  IdOpenSSLHeaders_conf;
+
+  //* Up until OpenSSL 0.9.5a, this was new_section */
+  function _CONF_new_section(conf: PCONF; const section: PAnsiChar): PCONF_VALUE cdecl; external CLibCrypto;
+  //* Up until OpenSSL 0.9.5a, this was get_section */
+  function _CONF_get_section(const conf: PCONF; const section: PAnsiChar): PCONF_VALUE cdecl; external CLibCrypto;
+  //* Up until OpenSSL 0.9.5a, this was CONF_get_section */
+  //STACK_OF(CONF_VALUE) *_CONF_get_section_values(const CONF *conf,
+  //                                               const char *section);
+
+  function _CONF_add_string(conf: PCONF; section: PCONF_VALUE; value: PCONF_VALUE): TIdC_INT cdecl; external CLibCrypto;
+  function _CONF_get_string(const conf: PCONF; const section: PAnsiChar; const name: PAnsiChar): PAnsiChar cdecl; external CLibCrypto;
+  function _CONF_get_number(const conf: PCONF; const section: PAnsiChar; const name: PAnsiChar): TIdC_LONG cdecl; external CLibCrypto;
+
+  function _CONF_new_data(conf: PCONF): TIdC_INT cdecl; external CLibCrypto;
+  procedure _CONF_free_data(conf: PCONF) cdecl; external CLibCrypto;
+
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_conferr.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_conferr.pas
new file mode 100644
index 000000000..757afcc33
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_conferr.pas
@@ -0,0 +1,105 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 14:51:27
+
+unit IdOpenSSLHeaders_conferr;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// conferr.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+const
+  ///*
+  // * CONF function codes.
+  // */
+  CONF_F_CONF_DUMP_FP = 104;
+  CONF_F_CONF_LOAD = 100;
+  CONF_F_CONF_LOAD_FP = 103;
+  CONF_F_CONF_PARSE_LIST = 119;
+  CONF_F_DEF_LOAD = 120;
+  CONF_F_DEF_LOAD_BIO = 121;
+  CONF_F_GET_NEXT_FILE = 107;
+  CONF_F_MODULE_ADD = 122;
+  CONF_F_MODULE_INIT = 115;
+  CONF_F_MODULE_LOAD_DSO = 117;
+  CONF_F_MODULE_RUN = 118;
+  CONF_F_NCONF_DUMP_BIO = 105;
+  CONF_F_NCONF_DUMP_FP = 106;
+  CONF_F_NCONF_GET_NUMBER_E = 112;
+  CONF_F_NCONF_GET_SECTION = 108;
+  CONF_F_NCONF_GET_STRING = 109;
+  CONF_F_NCONF_LOAD = 113;
+  CONF_F_NCONF_LOAD_BIO = 110;
+  CONF_F_NCONF_LOAD_FP = 114;
+  CONF_F_NCONF_NEW = 111;
+  CONF_F_PROCESS_INCLUDE = 116;
+  CONF_F_SSL_MODULE_INIT = 123;
+  CONF_F_STR_COPY = 101;
+
+  ///*
+  // * CONF reason codes.
+  // */
+  CONF_R_ERROR_LOADING_DSO = 110;
+  CONF_R_LIST_CANNOT_BE_NULL = 115;
+  CONF_R_MISSING_CLOSE_SQUARE_BRACKET = 100;
+  CONF_R_MISSING_EQUAL_SIGN = 101;
+  CONF_R_MISSING_INIT_FUNCTION = 112;
+  CONF_R_MODULE_INITIALIZATION_ERROR = 109;
+  CONF_R_NO_CLOSE_BRACE = 102;
+  CONF_R_NO_CONF = 105;
+  CONF_R_NO_CONF_OR_ENVIRONMENT_VARIABLE = 106;
+  CONF_R_NO_SECTION = 107;
+  CONF_R_NO_SUCH_FILE = 114;
+  CONF_R_NO_VALUE = 108;
+  CONF_R_NUMBER_TOO_LARGE = 121;
+  CONF_R_RECURSIVE_DIRECTORY_INCLUDE = 111;
+  CONF_R_SSL_COMMAND_SECTION_EMPTY = 117;
+  CONF_R_SSL_COMMAND_SECTION_NOT_FOUND = 118;
+  CONF_R_SSL_SECTION_EMPTY = 119;
+  CONF_R_SSL_SECTION_NOT_FOUND = 120;
+  CONF_R_UNABLE_TO_CREATE_NEW_SECTION = 103;
+  CONF_R_UNKNOWN_MODULE_NAME = 113;
+  CONF_R_VARIABLE_EXPANSION_TOO_LONG = 116;
+  CONF_R_VARIABLE_HAS_NO_VALUE = 104;
+
+  function ERR_load_CONF_strings: TIdC_INT cdecl; external CLibCrypto;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_crypto.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_crypto.pas
new file mode 100644
index 000000000..6f6cfb9b7
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_crypto.pas
@@ -0,0 +1,446 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 14:51:27
+
+unit IdOpenSSLHeaders_crypto;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// crypto.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts,
+  IdOpenSSLHeaders_bio,
+  IdOpenSSLHeaders_ossl_typ,
+  System.Types;
+
+{$MINENUMSIZE 4}
+
+const
+  CRYPTO_MEM_CHECK_OFF = $0;   //* Control only */
+  CRYPTO_MEM_CHECK_ON = $1;   //* Control and mode bit */
+  CRYPTO_MEM_CHECK_ENABLE = $2;   //* Control and mode bit */
+  CRYPTO_MEM_CHECK_DISABLE = $3;   //* Control only */
+
+  CRYPTO_EX_INDEX_SSL = 0;
+  CRYPTO_EX_INDEX_SSL_CTX = 1;
+  CRYPTO_EX_INDEX_SSL_SESSION = 2;
+  CRYPTO_EX_INDEX_X509 = 3;
+  CRYPTO_EX_INDEX_X509_STORE = 4;
+  CRYPTO_EX_INDEX_X509_STORE_CTX = 5;
+  CRYPTO_EX_INDEX_DH = 6;
+  CRYPTO_EX_INDEX_DSA = 7;
+  CRYPTO_EX_INDEX_EC_KEY = 8;
+  CRYPTO_EX_INDEX_RSA = 9;
+  CRYPTO_EX_INDEX_ENGINE = 10;
+  CRYPTO_EX_INDEX_UI = 11;
+  CRYPTO_EX_INDEX_BIO = 12;
+  CRYPTO_EX_INDEX_APP = 13;
+  CRYPTO_EX_INDEX_UI_METHOD = 14;
+  CRYPTO_EX_INDEX_DRBG = 15;
+  CRYPTO_EX_INDEX__COUNT = 16;
+  
+  // Added _CONST to prevent nameclashes
+  OPENSSL_VERSION_CONST = 0;
+  OPENSSL_CFLAGS = 1;
+  OPENSSL_BUILT_ON = 2;
+  OPENSSL_PLATFORM = 3;
+  OPENSSL_DIR = 4;
+  OPENSSL_ENGINES_DIR = 5;
+
+  (*
+   * These defines where used in combination with the old locking callbacks,
+   * they are not called anymore, but old code that's not called might still
+   * use them.
+   *)
+  CRYPTO_LOCK = 1;
+  CRYPTO_UNLOCK = 2;
+  CRYPTO_READ = 4;
+  CRYPTO_WRITE = 8;
+
+  (* Standard initialisation options *)
+  OPENSSL_INIT_NO_LOAD_CRYPTO_STRINGS = TIdC_Long($00000001);
+  OPENSSL_INIT_LOAD_CRYPTO_STRINGS = TIdC_Long($00000002);
+  OPENSSL_INIT_ADD_ALL_CIPHERS = TIdC_Long($00000004);
+  OPENSSL_INIT_ADD_ALL_DIGESTS = TIdC_Long($00000008);
+  OPENSSL_INIT_NO_ADD_ALL_CIPHERS = TIdC_Long($00000010);
+  OPENSSL_INIT_NO_ADD_ALL_DIGESTS = TIdC_Long($00000020);
+  OPENSSL_INIT_LOAD_CONFIG = TIdC_Long($00000040);
+  OPENSSL_INIT_NO_LOAD_CONFIG = TIdC_Long($00000080);
+  OPENSSL_INIT_ASYNC = TIdC_Long($00000100);
+  OPENSSL_INIT_ENGINE_RDRAND = TIdC_Long($00000200);
+  OPENSSL_INIT_ENGINE_DYNAMIC = TIdC_Long($00000400);
+  OPENSSL_INIT_ENGINE_OPENSSL = TIdC_Long($00000800);
+  OPENSSL_INIT_ENGINE_CRYPTODEV = TIdC_Long($00001000);
+  OPENSSL_INIT_ENGINE_CAPI = TIdC_Long($00002000);
+  OPENSSL_INIT_ENGINE_PADLOCK = TIdC_Long($00004000);
+  OPENSSL_INIT_ENGINE_AFALG = TIdC_Long($00008000);
+  (* OPENSSL_INIT_ZLIB = TIdC_Long($00010000); *)
+  OPENSSL_INIT_ATFORK = TIdC_Long(00020000);
+  (* OPENSSL_INIT_BASE_ONLY = TIdC_Long(00040000); *)
+  OPENSSL_INIT_NO_ATEXIT = TIdC_Long(00080000);
+  (* OPENSSL_INIT flag range 0xfff00000 reserved for OPENSSL_init_ssl() *)
+  (* Max OPENSSL_INIT flag value is 0x80000000 *)
+
+  (* openssl and dasync not counted as builtin *)
+  OPENSSL_INIT_ENGINE_ALL_BUILTIN = OPENSSL_INIT_ENGINE_RDRAND
+    or OPENSSL_INIT_ENGINE_DYNAMIC or OPENSSL_INIT_ENGINE_CRYPTODEV
+    or OPENSSL_INIT_ENGINE_CAPI or OPENSSL_INIT_ENGINE_PADLOCK;
+
+  CRYPTO_ONCE_STATIC_INIT = 0;
+
+type
+  CRYPTO_RWLOCK = type Pointer;
+  PCRYPTO_RWLOCK = ^CRYPTO_RWLOCK;
+  //crypto_ex_data_st = record
+  //  sk: PStackOfVoid;
+  //end;
+  //DEFINE_STACK_OF(void)
+
+  // CRYPTO_EX_new = procedure(parent: Pointer; ptr: Pointer; CRYPTO_EX_DATA *ad; idx: TIdC_INT; argl: TIdC_LONG; argp: Pointer);
+  //  CRYPTO_EX_free = procedure(void *parent, void *ptr, CRYPTO_EX_DATA *ad,
+  //                             int idx, long argl, void *argp);
+  //typedef int CRYPTO_EX_dup (CRYPTO_EX_DATA *to, const CRYPTO_EX_DATA *from,
+  //                           void *from_d, int idx, long argl, void *argp);
+  //__owur int CRYPTO_get_ex_new_index(int class_index, long argl, void *argp,
+  //                            CRYPTO_EX_new *new_func, CRYPTO_EX_dup *dup_func,
+  //                            CRYPTO_EX_free *free_func);
+
+  CRYPTO_mem_leaks_cb_cb = function(const str: PIdAnsiChar; len: TIdC_SIZET; u: Pointer): TIdC_INT;
+  CRYPTO_THREAD_run_once_init = procedure;
+
+  CRYPTO_THREAD_LOCAL = type DWORD;
+  PCRYPTO_THREAD_LOCAL = ^CRYPTO_THREAD_LOCAL;
+  CRYPTO_THREAD_ID = type DWORD;
+  CRYPTO_ONCE = type TIdC_LONG;
+  PCRYPTO_ONCE = ^CRYPTO_ONCE;
+
+{$REGION 'C compiler macros'}
+function OPENSSL_malloc(num: TIdC_SIZET): Pointer;
+function OPENSSL_zalloc(num: TIdC_SIZET): Pointer;
+function OPENSSL_realloc(addr: Pointer; num: TIdC_SIZET): Pointer;
+function OPENSSL_clear_realloc(addr: Pointer; old_num: TIdC_SIZET; num: TIdC_SIZET): Pointer;
+procedure OPENSSL_clear_free(addr: Pointer; num: TIdC_SIZET);
+procedure OPENSSL_free(addr: Pointer);
+function OPENSSL_memdup(const str: Pointer; s: TIdC_SIZET): Pointer;
+function OPENSSL_strdup(const str: PAnsiChar): PAnsiChar;
+function OPENSSL_strndup(const str: PAnsiChar; n: TIdC_SIZET): PAnsiChar;
+function OPENSSL_secure_malloc(num: TIdC_SIZET): Pointer;
+function OPENSSL_secure_zalloc(num: TIdC_SIZET): Pointer;
+procedure OPENSSL_secure_free(addr: Pointer);
+procedure OPENSSL_secure_clear_free(addr: Pointer; num: TIdC_SIZET);
+function OPENSSL_secure_actual_size(ptr: Pointer): TIdC_SIZET;
+{$ENDREGION}
+
+  function CRYPTO_THREAD_lock_new: PCRYPTO_RWLOCK cdecl; external CLibCrypto;
+  function CRYPTO_THREAD_read_lock(lock: PCRYPTO_RWLOCK): TIdC_INT cdecl; external CLibCrypto;
+  function CRYPTO_THREAD_write_lock(lock: PCRYPTO_RWLOCK): TIdC_INT cdecl; external CLibCrypto;
+  function CRYPTO_THREAD_unlock(lock: PCRYPTO_RWLOCK): TIdC_INT cdecl; external CLibCrypto;
+  procedure CRYPTO_THREAD_lock_free(lock: PCRYPTO_RWLOCK) cdecl; external CLibCrypto;
+
+  function CRYPTO_atomic_add(val: PIdC_INT; amount: TIdC_INT; ret: PIdC_INT; lock: PCRYPTO_RWLOCK): TIdC_INT cdecl; external CLibCrypto;
+
+  function CRYPTO_mem_ctrl(mode: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+
+  function OPENSSL_strlcpy(dst: PIdAnsiChar; const src: PIdAnsiChar; siz: TIdC_SIZET): TIdC_SIZET cdecl; external CLibCrypto;
+  function OPENSSL_strlcat(dst: PIdAnsiChar; const src: PIdAnsiChar; siz: TIdC_SIZET): TIdC_SIZET cdecl; external CLibCrypto;
+  function OPENSSL_strnlen(const str: PIdAnsiChar; maxlen: TIdC_SIZET): TIdC_SIZET cdecl; external CLibCrypto;
+  function OPENSSL_buf2hexstr(const buffer: PByte; len: TIdC_LONG): PIdAnsiChar cdecl; external CLibCrypto;
+  function OPENSSL_hexstr2buf(const str: PIdAnsiChar; len: PIdC_LONG): PByte cdecl; external CLibCrypto;
+  function OPENSSL_hexchar2int(c: Byte): TIdC_INT cdecl; external CLibCrypto;
+
+  // # define OPENSSL_MALLOC_MAX_NELEMS(type)  (((1U<<(sizeof(int)*8-1))-1)/sizeof(type))
+
+  function OpenSSL_version_num: TIdC_ULONG cdecl; external CLibCrypto;
+  function OpenSSL_version(&type: TIdC_INT): PAnsiChar cdecl; external CLibCrypto;
+
+  function OPENSSL_issetugid: TIdC_INT cdecl; external CLibCrypto;
+
+  (* No longer use an index. *)
+  //function CRYPTO_free_ex_index(class_index: TIdC_INT; idx: TIdC_INT): TIdC_INT;
+
+  (*
+   * Initialise/duplicate/free CRYPTO_EX_DATA variables corresponding to a
+   * given class (invokes whatever per-class callbacks are applicable)
+   *)
+   function CRYPTO_new_ex_data(class_index: TIdC_INT; obj: Pointer; ad: PCRYPTO_EX_DATA): TIdC_INT cdecl; external CLibCrypto;
+   function CRYPTO_dup_ex_data(class_index: TIdC_INT; &to: PCRYPTO_EX_DATA; const from: PCRYPTO_EX_DATA): TIdC_INT cdecl; external CLibCrypto;
+
+   procedure CRYPTO_free_ex_data(class_index: TIdC_INT; obj: Pointer; ad: PCRYPTO_EX_DATA) cdecl; external CLibCrypto;
+
+  (*
+   * Get/set data in a CRYPTO_EX_DATA variable corresponding to a particular
+   * index (relative to the class type involved)
+   *)
+   function CRYPTO_set_ex_data(ad: PCRYPTO_EX_DATA; idx: TIdC_INT; val: Pointer): TIdC_INT cdecl; external CLibCrypto;
+   function CRYPTO_get_ex_data(const ad: PCRYPTO_EX_DATA; idx: TIdC_INT): Pointer cdecl; external CLibCrypto;
+
+  ///*
+  // * The old locking functions have been removed completely without compatibility
+  // * macros. This is because the old functions either could not properly report
+  // * errors, or the returned error values were not clearly documented.
+  // * Replacing the locking functions with no-ops would cause race condition
+  // * issues in the affected applications. It is far better for them to fail at
+  // * compile time.
+  // * On the other hand, the locking callbacks are no longer used.  Consequently,
+  // * the callback management functions can be safely replaced with no-op macros.
+  // */
+  //#  define CRYPTO_num_locks()            (1)
+  //#  define CRYPTO_set_locking_callback(func)
+  //#  define CRYPTO_get_locking_callback()         (NULL)
+  //#  define CRYPTO_set_add_lock_callback(func)
+  //#  define CRYPTO_get_add_lock_callback()        (NULL)
+
+  ///* Only use CRYPTO_THREADID_set_[numeric|pointer]() within callbacks */
+  //#  define CRYPTO_THREADID_set_numeric(id, val)
+  //#  define CRYPTO_THREADID_set_pointer(id, ptr)
+  //#  define CRYPTO_THREADID_set_callback(threadid_func)   (0)
+  //#  define CRYPTO_THREADID_get_callback()                (NULL)
+  //#  define CRYPTO_THREADID_current(id)
+  //#  define CRYPTO_THREADID_cmp(a, b)                     (-1)
+  //#  define CRYPTO_THREADID_cpy(dest, src)
+  //#  define CRYPTO_THREADID_hash(id)                      (0UL)
+  //
+  //#  define CRYPTO_set_dynlock_create_callback(dyn_create_function)
+  //#  define CRYPTO_set_dynlock_lock_callback(dyn_lock_function)
+  //#  define CRYPTO_set_dynlock_destroy_callback(dyn_destroy_function)
+  //#  define CRYPTO_get_dynlock_create_callback()          (NULL)
+  //#  define CRYPTO_get_dynlock_lock_callback()            (NULL)
+  //#  define CRYPTO_get_dynlock_destroy_callback()         (NULL)
+  //# endif /* OPENSSL_API_COMPAT < 0x10100000L */
+
+  //int CRYPTO_set_mem_functions(
+  //        void *(*m) (TIdC_SIZET, const char *, int),
+  //        void *(*r) (void *, TIdC_SIZET, const char *, int),
+  //        void (*f) (void *, const char *, int));
+  //int CRYPTO_set_mem_debug(int flag);
+  //void CRYPTO_get_mem_functions(
+  //        void *(**m) (TIdC_SIZET, const char *, int),
+  //        void *(**r) (void *, TIdC_SIZET, const char *, int),
+  //        void (**f) (void *, const char *, int));
+
+  function CRYPTO_malloc(num: TIdC_SIZET; const &file: PAnsiChar; line: TIdC_INT): Pointer cdecl; external CLibCrypto;
+  function CRYPTO_zalloc(num: TIdC_SIZET; const &file: PAnsiChar; line: TIdC_INT): Pointer cdecl; external CLibCrypto;
+  function CRYPTO_memdup(const str: Pointer; siz: TIdC_SIZET; const &file: PAnsiChar; line: TIdC_INT): Pointer cdecl; external CLibCrypto;
+  function CRYPTO_strdup(const str: PAnsiChar; const &file: PAnsiChar; line: TIdC_INT): PAnsiChar cdecl; external CLibCrypto;
+  function CRYPTO_strndup(const str: PAnsiChar; s: TIdC_SIZET; const &file: PAnsiChar; line: TIdC_INT): PAnsiChar cdecl; external CLibCrypto;
+  procedure CRYPTO_free(ptr: Pointer; const &file: PAnsiChar; line: TIdC_INT) cdecl; external CLibCrypto;
+  procedure CRYPTO_clear_free(ptr: Pointer; num: TIdC_SIZET; const &file: PAnsiChar; line: TIdC_INT) cdecl; external CLibCrypto;
+  function CRYPTO_realloc(addr: Pointer; num: TIdC_SIZET; const &file: PAnsiChar; line: TIdC_INT): Pointer cdecl; external CLibCrypto;
+  function CRYPTO_clear_realloc(addr: Pointer; old_num: TIdC_SIZET; num: TIdC_SIZET; const &file: PAnsiChar; line: TIdC_INT): Pointer cdecl; external CLibCrypto;
+
+  function CRYPTO_secure_malloc_init(sz: TIdC_SIZET; minsize: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function CRYPTO_secure_malloc_done: TIdC_INT cdecl; external CLibCrypto;
+  function CRYPTO_secure_malloc(num: TIdC_SIZET; const &file: PAnsiChar; line: TIdC_INT): Pointer cdecl; external CLibCrypto;
+  function CRYPTO_secure_zalloc(num: TIdC_SIZET; const &file: PAnsiChar; line: TIdC_INT): Pointer cdecl; external CLibCrypto;
+  procedure CRYPTO_secure_free(ptr: Pointer; const &file: PAnsiChar; line: TIdC_INT) cdecl; external CLibCrypto;
+  procedure CRYPTO_secure_clear_free(ptr: Pointer; num: TIdC_SIZET; const &file: PAnsiChar; line: TIdC_INT) cdecl; external CLibCrypto;
+  function CRYPTO_secure_allocated(const ptr: Pointer): TIdC_INT cdecl; external CLibCrypto;
+  function CRYPTO_secure_malloc_initialized: TIdC_INT cdecl; external CLibCrypto;
+  function CRYPTO_secure_actual_size(ptr: Pointer): TIdC_SIZET cdecl; external CLibCrypto;
+  function CRYPTO_secure_used: TIdC_SIZET cdecl; external CLibCrypto;
+
+  procedure OPENSSL_cleanse(ptr: Pointer; len: TIdC_SIZET) cdecl; external CLibCrypto;
+
+  function CRYPTO_mem_debug_push(const info: PAnsiChar; const &file: PAnsiChar; line: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function CRYPTO_mem_debug_pop: TIdC_INT cdecl; external CLibCrypto;
+  procedure CRYPTO_get_alloc_counts(mcount: PIdC_INT; rcount: PIdC_INT; fcount: PIdC_INT) cdecl; external CLibCrypto;
+
+  (*
+   * Debugging functions (enabled by CRYPTO_set_mem_debug(1))
+   * The flag argument has the following significance:
+   *   0:   called before the actual memory allocation has taken place
+   *   1:   called after the actual memory allocation has taken place
+   *)
+  procedure CRYPTO_mem_debug_malloc(addr: Pointer; num: TIdC_SIZET; flag: TIdC_INT; const &file: PAnsiChar; line: TIdC_INT) cdecl; external CLibCrypto;
+  procedure CRYPTO_mem_debug_realloc(addr1: Pointer; addr2: Pointer; num: TIdC_SIZET; flag: TIdC_INT; const &file: PAnsiChar; line: TIdC_INT) cdecl; external CLibCrypto;
+  procedure CRYPTO_mem_debug_free(addr: Pointer; flag: TIdC_INT; const &file: PAnsiChar; line: TIdC_INT) cdecl; external CLibCrypto;
+
+  function CRYPTO_mem_leaks_cb(cb: CRYPTO_mem_leaks_cb_cb; u: Pointer): TIdC_INT cdecl; external CLibCrypto;
+
+//  function CRYPTO_mem_leaks_fp(&FILE: Pointer): TIdC_INT;
+  function CRYPTO_mem_leaks(BIO: PBIO): TIdC_INT cdecl; external CLibCrypto;
+
+  //* die if we have to */
+  //ossl_noreturn void OPENSSL_die(const char *assertion, const char *file, int line);
+
+  //# define OPENSSL_assert(e) \
+  //    (void)((e) ? 0 : (OPENSSL_die("assertion failed: " #e, OPENSSL_FILE, OPENSSL_LINE), 1))
+
+  function OPENSSL_isservice: TIdC_INT cdecl; external CLibCrypto;
+
+  function FIPS_mode: TIdC_INT cdecl; external CLibCrypto;
+  function FIPS_mode_set(r: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+
+  procedure OPENSSL_init cdecl; external CLibCrypto;
+
+  // struct tm *OPENSSL_gmtime(const TIdC_TIMET *timer, struct tm *result);
+
+  //function OPENSSL_gmtime_adj(struct tm *tm, int offset_day, long offset_sec): TIdC_INT;
+  //function OPENSSL_gmtime_diff(int *pday, int *psec, const struct tm *from, const struct tm *to): TIdC_INT;
+
+  (*
+   * CRYPTO_memcmp returns zero iff the |len| bytes at |a| and |b| are equal.
+   * It takes an amount of time dependent on |len|, but independent of the
+   * contents of |a| and |b|. Unlike memcmp, it cannot be used to put elements
+   * into a defined order as the return value when a != b is undefined, other
+   * than to be non-zero.
+   *)
+  function CRYPTO_memcmp(const in_a: Pointer; const in_b: Pointer; len: TIdC_SIZET): TIdC_INT cdecl; external CLibCrypto;
+
+  (* Library initialisation functions *)
+  procedure OPENSSL_cleanup cdecl; external CLibCrypto;
+  function OPENSSL_init_crypto(opts: TIdC_UINT64; const settings: POPENSSL_INIT_SETTINGS): TIdC_INT cdecl; external CLibCrypto;
+  // int OPENSSL_atexit(void (*handler)(void));
+  procedure OPENSSL_thread_stop cdecl; external CLibCrypto;
+
+  (* Low-level control of initialization *)
+  function OPENSSL_INIT_new: POPENSSL_INIT_SETTINGS cdecl; external CLibCrypto;
+  //int OPENSSL_INIT_set_config_filename(OPENSSL_INIT_SETTINGS *settings,
+  //                                     const char *config_filename);
+  //void OPENSSL_INIT_set_config_file_flags(OPENSSL_INIT_SETTINGS *settings,
+  //                                        unsigned long flags);
+  //int OPENSSL_INIT_set_config_appname(OPENSSL_INIT_SETTINGS *settings,
+  //                                    const char *config_appname);
+  procedure OPENSSL_INIT_free(settings: POPENSSL_INIT_SETTINGS) cdecl; external CLibCrypto;
+
+  function CRYPTO_THREAD_run_once(once: PCRYPTO_ONCE; init: CRYPTO_THREAD_run_once_init): TIdC_INT cdecl; external CLibCrypto;
+
+  //type
+  //  CRYPTO_THREAD_init_local_cleanup = procedure(v1: Pointer);
+  //
+  //function CRYPTO_THREAD_init_local(key: PCRYPTO_THREAD_LOCAL; cleanup: CRYPTO_THREAD_init_local_cleanup): TIdC_INT;
+  function CRYPTO_THREAD_get_local(key: PCRYPTO_THREAD_LOCAL): Pointer cdecl; external CLibCrypto;
+  function CRYPTO_THREAD_set_local(key: PCRYPTO_THREAD_LOCAL; val: Pointer): TIdC_INT cdecl; external CLibCrypto;
+  function CRYPTO_THREAD_cleanup_local(key: PCRYPTO_THREAD_LOCAL): TidC_INT cdecl; external CLibCrypto;
+
+  function CRYPTO_THREAD_get_current_id: CRYPTO_THREAD_ID cdecl; external CLibCrypto;
+  function CRYPTO_THREAD_compare_id(a: CRYPTO_THREAD_ID; b: CRYPTO_THREAD_ID): TIdC_INT cdecl; external CLibCrypto;
+
+implementation
+
+{$REGION 'C compiler macros'}
+// OPENSSL_FILE = __FILE__ = C preprocessor macro
+// OPENSSL_LINE = __LINE__ = C preprocessor macro
+// FPC hase an equivalent with {$I %FILE%} and {$I %LINE%}, see https://www.freepascal.org/docs-html/prog/progsu41.html#x47-460001.1.41
+// Delphi has nothing :(
+
+//# define OPENSSL_malloc(num) CRYPTO_malloc(num, OPENSSL_FILE, OPENSSL_LINE)
+function OPENSSL_malloc(num: TIdC_SIZET): Pointer;
+begin
+  Result := CRYPTO_malloc(num, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINE%}{$ENDIF});
+end;
+
+//# define OPENSSL_zalloc(num) CRYPTO_zalloc(num, OPENSSL_FILE, OPENSSL_LINE)
+function OPENSSL_zalloc(num: TIdC_SIZET): Pointer;
+begin
+  Result := CRYPTO_zalloc(num, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINE%}{$ENDIF});
+end;
+
+//# define OPENSSL_realloc(addr, num) CRYPTO_realloc(addr, num, OPENSSL_FILE, OPENSSL_LINE)
+function OPENSSL_realloc(addr: Pointer; num: TIdC_SIZET): Pointer;
+begin
+  Result := CRYPTO_realloc(addr, num, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINE%}{$ENDIF});
+end;
+
+//# define OPENSSL_clear_realloc(addr, old_num, num) CRYPTO_clear_realloc(addr, old_num, num, OPENSSL_FILE, OPENSSL_LINE)
+function OPENSSL_clear_realloc(addr: Pointer; old_num: TIdC_SIZET; num: TIdC_SIZET): Pointer;
+begin
+  Result := CRYPTO_clear_realloc(addr, old_num, num, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINE%}{$ENDIF});
+end;
+
+//# define OPENSSL_clear_free(addr, num) CRYPTO_clear_free(addr, num, OPENSSL_FILE, OPENSSL_LINE)
+procedure OPENSSL_clear_free(addr: Pointer; num: TIdC_SIZET);
+begin
+  CRYPTO_clear_free(addr, num, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINE%}{$ENDIF});
+end;
+
+//# define OPENSSL_free(addr) CRYPTO_free(addr, OPENSSL_FILE, OPENSSL_LINE)
+procedure OPENSSL_free(addr: Pointer);
+begin
+  CRYPTO_free(addr, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINE%}{$ENDIF});
+end;
+
+//# define OPENSSL_memdup(str, s) CRYPTO_memdup((str), s, OPENSSL_FILE, OPENSSL_LINE)
+function OPENSSL_memdup(const str: Pointer; s: TIdC_SIZET): Pointer;
+begin
+  Result := CRYPTO_memdup(str, s, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINE%}{$ENDIF});
+end;
+
+//# define OPENSSL_strdup(str) CRYPTO_strdup(str, OPENSSL_FILE, OPENSSL_LINE)
+function OPENSSL_strdup(const str: PAnsiChar): PAnsiChar;
+begin
+  Result := CRYPTO_strdup(str, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINE%}{$ENDIF});
+end;
+
+//# define OPENSSL_strndup(str, n) CRYPTO_strndup(str, n, OPENSSL_FILE, OPENSSL_LINE)
+function OPENSSL_strndup(const str: PAnsiChar; n: TIdC_SIZET): PAnsiChar;
+begin
+  Result := CRYPTO_strndup(str, n, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINE%}{$ENDIF});
+end;
+
+//# define OPENSSL_secure_malloc(num) CRYPTO_secure_malloc(num, OPENSSL_FILE, OPENSSL_LINE)
+function OPENSSL_secure_malloc(num: TIdC_SIZET): Pointer;
+begin
+  Result := CRYPTO_secure_malloc(num, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINE%}{$ENDIF});
+end;
+
+//# define OPENSSL_secure_zalloc(num) CRYPTO_secure_zalloc(num, OPENSSL_FILE, OPENSSL_LINE)
+function OPENSSL_secure_zalloc(num: TIdC_SIZET): Pointer;
+begin
+  Result := CRYPTO_secure_zalloc(num, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINE%}{$ENDIF});
+end;
+
+//# define OPENSSL_secure_free(addr) CRYPTO_secure_free(addr, OPENSSL_FILE, OPENSSL_LINE)
+procedure OPENSSL_secure_free(addr: Pointer);
+begin
+  CRYPTO_secure_free(addr, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINE%}{$ENDIF});
+end;
+
+//# define OPENSSL_secure_clear_free(addr, num) CRYPTO_secure_clear_free(addr, num, OPENSSL_FILE, OPENSSL_LINE)
+procedure OPENSSL_secure_clear_free(addr: Pointer; num: TIdC_SIZET);
+begin
+  CRYPTO_secure_clear_free(addr, num, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINE%}{$ENDIF});
+end;
+
+//# define OPENSSL_secure_actual_size(ptr) CRYPTO_secure_actual_size(ptr)
+function OPENSSL_secure_actual_size(ptr: Pointer): TIdC_SIZET;
+begin
+  Result := CRYPTO_secure_actual_size(ptr);
+end;
+{$ENDREGION}
+
+end.
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_cryptoerr.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_cryptoerr.pas
new file mode 100644
index 000000000..ac7ac0334
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_cryptoerr.pas
@@ -0,0 +1,86 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 14:51:27
+
+unit IdOpenSSLHeaders_cryptoerr;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// cryptoerr.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+const
+  (*
+   * CRYPTO function codes.
+   *)
+  CRYPTO_F_CMAC_CTX_NEW = 120;
+  CRYPTO_F_CRYPTO_DUP_EX_DATA = 110;
+  CRYPTO_F_CRYPTO_FREE_EX_DATA = 111;
+  CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX = 100;
+  CRYPTO_F_CRYPTO_MEMDUP = 115;
+  CRYPTO_F_CRYPTO_NEW_EX_DATA = 112;
+  CRYPTO_F_CRYPTO_OCB128_COPY_CTX = 121;
+  CRYPTO_F_CRYPTO_OCB128_INIT = 122;
+  CRYPTO_F_CRYPTO_SET_EX_DATA = 102;
+  CRYPTO_F_FIPS_MODE_SET = 109;
+  CRYPTO_F_GET_AND_LOCK = 113;
+  CRYPTO_F_OPENSSL_ATEXIT = 114;
+  CRYPTO_F_OPENSSL_BUF2HEXSTR = 117;
+  CRYPTO_F_OPENSSL_FOPEN = 119;
+  CRYPTO_F_OPENSSL_HEXSTR2BUF = 118;
+  CRYPTO_F_OPENSSL_INIT_CRYPTO = 116;
+  CRYPTO_F_OPENSSL_LH_NEW = 126;
+  CRYPTO_F_OPENSSL_SK_DEEP_COPY = 127;
+  CRYPTO_F_OPENSSL_SK_DUP = 128;
+  CRYPTO_F_PKEY_HMAC_INIT = 123;
+  CRYPTO_F_PKEY_POLY1305_INIT = 124;
+  CRYPTO_F_PKEY_SIPHASH_INIT = 125;
+  CRYPTO_F_SK_RESERVE = 129;
+
+  (*
+   * CRYPTO reason codes.
+   *)
+  CRYPTO_R_FIPS_MODE_NOT_SUPPORTED = 101;
+  CRYPTO_R_ILLEGAL_HEX_DIGIT = 102;
+  CRYPTO_R_ODD_NUMBER_OF_DIGITS = 103;
+
+  function ERR_load_CRYPTO_strings: TIdC_INT cdecl; external CLibCrypto;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_cterr.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_cterr.pas
new file mode 100644
index 000000000..c495f127d
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_cterr.pas
@@ -0,0 +1,106 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 14:51:27
+
+unit IdOpenSSLHeaders_cterr;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// cterr.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+const
+  ///*
+  // * CT function codes.
+  // */
+  CT_F_CTLOG_NEW = 117;
+  CT_F_CTLOG_NEW_FROM_BASE64 = 118;
+  CT_F_CTLOG_NEW_FROM_CONF = 119;
+  CT_F_CTLOG_STORE_LOAD_CTX_NEW = 122;
+  CT_F_CTLOG_STORE_LOAD_FILE = 123;
+  CT_F_CTLOG_STORE_LOAD_LOG = 130;
+  CT_F_CTLOG_STORE_NEW = 131;
+  CT_F_CT_BASE64_DECODE = 124;
+  CT_F_CT_POLICY_EVAL_CTX_NEW = 133;
+  CT_F_CT_V1_LOG_ID_FROM_PKEY = 125;
+  CT_F_I2O_SCT = 107;
+  CT_F_I2O_SCT_LIST = 108;
+  CT_F_I2O_SCT_SIGNATURE = 109;
+  CT_F_O2I_SCT = 110;
+  CT_F_O2I_SCT_LIST = 111;
+  CT_F_O2I_SCT_SIGNATURE = 112;
+  CT_F_SCT_CTX_NEW = 126;
+  CT_F_SCT_CTX_VERIFY = 128;
+  CT_F_SCT_NEW = 100;
+  CT_F_SCT_NEW_FROM_BASE64 = 127;
+  CT_F_SCT_SET0_LOG_ID = 101;
+  CT_F_SCT_SET1_EXTENSIONS = 114;
+  CT_F_SCT_SET1_LOG_ID = 115;
+  CT_F_SCT_SET1_SIGNATURE = 116;
+  CT_F_SCT_SET_LOG_ENTRY_TYPE = 102;
+  CT_F_SCT_SET_SIGNATURE_NID = 103;
+  CT_F_SCT_SET_VERSION = 104;
+
+
+  ///*
+  // * CT reason codes.
+  // */
+  CT_R_BASE64_DECODE_ERROR =  108;
+  CT_R_INVALID_LOG_ID_LENGTH =  100;
+  CT_R_LOG_CONF_INVALID =  109;
+  CT_R_LOG_CONF_INVALID_KEY =  110;
+  CT_R_LOG_CONF_MISSING_DESCRIPTION =  111;
+  CT_R_LOG_CONF_MISSING_KEY =  112;
+  CT_R_LOG_KEY_INVALID =  113;
+  CT_R_SCT_FUTURE_TIMESTAMP =  116;
+  CT_R_SCT_INVALID =   104;
+  CT_R_SCT_INVALID_SIGNATURE =  107;
+  CT_R_SCT_LIST_INVALID =  105;
+  CT_R_SCT_LOG_ID_MISMATCH =  114;
+  CT_R_SCT_NOT_SET =   106;
+  CT_R_SCT_UNSUPPORTED_VERSION =  115;
+  CT_R_UNRECOGNIZED_SIGNATURE_NID =  101;
+  CT_R_UNSUPPORTED_ENTRY_TYPE =  102;
+  CT_R_UNSUPPORTED_VERSION =  103;
+
+  function ERR_load_CT_strings: TIdC_INT cdecl; external CLibCrypto;
+
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_dh.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_dh.pas
new file mode 100644
index 000000000..008b7e656
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_dh.pas
@@ -0,0 +1,306 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 14:51:27
+
+unit IdOpenSSLHeaders_dh;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// dh.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts,
+  IdOpenSSLHeaders_ossl_typ,
+  IdOpenSSLHeaders_evp;
+
+const
+  OPENSSL_DH_MAX_MODULUS_BITS      = 10000;
+  OPENSSL_DH_FIPS_MIN_MODULUS_BITS =  1024;
+
+  DH_FLAG_CACHE_MONT_P   =   $01;
+  DH_FLAG_FIPS_METHOD    = $0400;
+  DH_FLAG_NON_FIPS_ALLOW = $0400;
+
+  DH_GENERATOR_2 = 2;
+  DH_GENERATOR_5 = 5;
+
+  DH_CHECK_P_NOT_PRIME         = $01;
+  DH_CHECK_P_NOT_SAFE_PRIME    = $02;
+  DH_UNABLE_TO_CHECK_GENERATOR = $04;
+  DH_NOT_SUITABLE_GENERATOR    = $08;
+  DH_CHECK_Q_NOT_PRIME         = $10;
+  DH_CHECK_INVALID_Q_VALUE     = $20;
+  DH_CHECK_INVALID_J_VALUE     = $40;
+  DH_CHECK_PUBKEY_TOO_SMALL    = $01;
+  DH_CHECK_PUBKEY_TOO_LARGE    = $02;
+  DH_CHECK_PUBKEY_INVALID      = $04;
+  DH_CHECK_P_NOT_STRONG_PRIME  = DH_CHECK_P_NOT_SAFE_PRIME;
+
+  EVP_PKEY_DH_KDF_NONE  = 1;
+  EVP_PKEY_DH_KDF_X9_42 = 2;
+
+  EVP_PKEY_CTRL_DH_PARAMGEN_PRIME_LEN    = (EVP_PKEY_ALG_CTRL + 1);
+  EVP_PKEY_CTRL_DH_PARAMGEN_GENERATOR    = (EVP_PKEY_ALG_CTRL + 2);
+  EVP_PKEY_CTRL_DH_RFC5114               = (EVP_PKEY_ALG_CTRL + 3);
+  EVP_PKEY_CTRL_DH_PARAMGEN_SUBPRIME_LEN = (EVP_PKEY_ALG_CTRL + 4);
+  EVP_PKEY_CTRL_DH_PARAMGEN_TYPE         = (EVP_PKEY_ALG_CTRL + 5);
+  EVP_PKEY_CTRL_DH_KDF_TYPE              = (EVP_PKEY_ALG_CTRL + 6);
+  EVP_PKEY_CTRL_DH_KDF_MD                = (EVP_PKEY_ALG_CTRL + 7);
+  EVP_PKEY_CTRL_GET_DH_KDF_MD            = (EVP_PKEY_ALG_CTRL + 8);
+  EVP_PKEY_CTRL_DH_KDF_OUTLEN            = (EVP_PKEY_ALG_CTRL + 9);
+  EVP_PKEY_CTRL_GET_DH_KDF_OUTLEN        = (EVP_PKEY_ALG_CTRL + 10);
+  EVP_PKEY_CTRL_DH_KDF_UKM               = (EVP_PKEY_ALG_CTRL + 11);
+  EVP_PKEY_CTRL_GET_DH_KDF_UKM           = (EVP_PKEY_ALG_CTRL + 12);
+  EVP_PKEY_CTRL_DH_KDF_OID               = (EVP_PKEY_ALG_CTRL + 13);
+  EVP_PKEY_CTRL_GET_DH_KDF_OID           = (EVP_PKEY_ALG_CTRL + 14);
+  EVP_PKEY_CTRL_DH_NID                   = (EVP_PKEY_ALG_CTRL + 15);
+  EVP_PKEY_CTRL_DH_PAD                   = (EVP_PKEY_ALG_CTRL + 16);
+
+type
+  DH_meth_generate_key_cb = function(dh: PDH): TIdC_INT;
+  DH_meth_compute_key_cb = function(key: PByte; const pub_key: PBIGNUM; dh: PDH): TIdC_INT;
+  DH_meth_bn_mod_exp_cb = function(
+    const dh: PDH; r: PBIGNUM; const a: PBIGNUM;
+    const p: PBIGNUM; const m: PBIGNUM;
+    ctx: PBN_CTX; m_ctx: PBN_MONT_CTX): TIdC_INT;
+  DH_meth_init_cb = function(dh: PDH): TIdC_INT;
+  DH_meth_finish_cb = function(dh: PDH): TIdC_INT;
+  DH_meth_generate_params_cb = function(dh: PDH; prime_len: TIdC_INT; generator: TIdC_INT; cb: PBN_GENCB): TIdC_INT;
+
+{
+  # define DH_CHECK_P_NOT_STRONG_PRIME     DH_CHECK_P_NOT_SAFE_PRIME
+
+  # define d2i_DHparams_fp(fp,x) \
+      (DH *)ASN1_d2i_fp((char *(*)())DH_new, \
+                        (char *(*)())d2i_DHparams, \
+                        (fp), \
+                        (unsigned char **)(x))
+  # define i2d_DHparams_fp(fp,x) \
+      ASN1_i2d_fp(i2d_DHparams,(fp), (unsigned char *)(x))
+  # define d2i_DHparams_bio(bp,x) \
+      ASN1_d2i_bio_of(DH, DH_new, d2i_DHparams, bp, x)
+  # define i2d_DHparams_bio(bp,x) \
+      ASN1_i2d_bio_of_const(DH,i2d_DHparams,bp,x)
+
+  # define d2i_DHxparams_fp(fp,x) \
+      (DH *)ASN1_d2i_fp((char *(*)())DH_new, \
+                        (char *(*)())d2i_DHxparams, \
+                        (fp), \
+                        (unsigned char **)(x))
+  # define i2d_DHxparams_fp(fp,x) \
+      ASN1_i2d_fp(i2d_DHxparams,(fp), (unsigned char *)(x))
+  # define d2i_DHxparams_bio(bp,x) \
+      ASN1_d2i_bio_of(DH, DH_new, d2i_DHxparams, bp, x)
+  # define i2d_DHxparams_bio(bp,x) \
+      ASN1_i2d_bio_of_const(DH, i2d_DHxparams, bp, x)
+}
+
+  function DHparams_dup(dh: PDH): PDH cdecl; external CLibCrypto;
+
+  function DH_OpenSSL: PDH_Method cdecl; external CLibCrypto;
+
+  procedure DH_set_default_method(const meth: PDH_Method) cdecl; external CLibCrypto;
+  function DH_get_default_method: PDH_Method cdecl; external CLibCrypto;
+  function DH_set_method(dh: PDH; const meth: PDH_Method): TIdC_INT cdecl; external CLibCrypto;
+  function DH_new_method(engine: PENGINE): PDH cdecl; external CLibCrypto;
+
+  function DH_new: PDH cdecl; external CLibCrypto;
+  procedure DH_free(dh: PDH) cdecl; external CLibCrypto;
+  function DH_up_ref(dh: PDH): TIdC_INT cdecl; external CLibCrypto;
+  function DH_bits(const dh: PDH): TIdC_INT cdecl; external CLibCrypto;
+  function DH_size(const dh: PDH): TIdC_INT cdecl; external CLibCrypto;
+  function DH_security_bits(const dh: PDH): TIdC_INT cdecl; external CLibCrypto;
+  function DH_set_ex_data(d: PDH; idx: TIdC_INT; arg: Pointer): TIdC_INT cdecl; external CLibCrypto;
+  function DH_get_ex_data(d: PDH; idx: TIdC_INT): Pointer cdecl; external CLibCrypto;
+
+  function DH_generate_parameters_ex(dh: PDH; prime_len: TIdC_INT; generator: TIdC_INT; cb: PBN_GENCB): TIdC_INT cdecl; external CLibCrypto;
+
+  function DH_check_params_ex(const dh: PDH): TIdC_INT cdecl; external CLibCrypto;
+  function DH_check_ex(const dh: PDH): TIdC_INT cdecl; external CLibCrypto;
+  function DH_check_pub_key_ex(const dh: PDH; const pub_key: PBIGNUM): TIdC_INT cdecl; external CLibCrypto;
+  function DH_check_params(const dh: PDH; ret: PIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function DH_check(const dh: PDH; codes: PIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function DH_check_pub_key(const dh: PDH; const pub_key: PBIGNUM; codes: PIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function DH_generate_key(dh: PDH): TIdC_INT cdecl; external CLibCrypto;
+  function DH_compute_key(key: PByte; const pub_key: PBIGNUM; dh: PDH): TIdC_INT cdecl; external CLibCrypto;
+  function DH_compute_key_padded(key: PByte; const pub_key: PBIGNUM; dh: PDH): TIdC_INT cdecl; external CLibCrypto;
+  function d2i_DHparams(a: PPDH; const pp: PPByte; length: TIdC_LONG): PDH cdecl; external CLibCrypto;
+  function i2d_DHparams(const a: PDH; pp: PPByte): TIdC_INT cdecl; external CLibCrypto;
+  function d2i_DHxparams(a: PPDH; const pp: PPByte; length: TIdC_LONG): PDH cdecl; external CLibCrypto;
+  function i2d_DHxparams(const a: PDH; pp: PPByte): TIdC_INT cdecl; external CLibCrypto;
+  function DHparams_print(bp: PBIO; const x: PDH): TIdC_INT cdecl; external CLibCrypto;
+
+  function DH_get_1024_160: PDH cdecl; external CLibCrypto;
+  function DH_get_2048_224: PDH cdecl; external CLibCrypto;
+  function DH_get_2048_256: PDH cdecl; external CLibCrypto;
+
+  function DH_new_by_nid(nid: TIdC_INT): PDH cdecl; external CLibCrypto;
+  function DH_get_nid(const dh: PDH): TIdC_INT cdecl; external CLibCrypto;
+
+  function DH_KDF_X9_42( &out: PByte; outlen: TIdC_SIZET; const Z: PByte; Zlen: TIdC_SIZET; key_oid: PASN1_OBJECT; const ukm: PByte; ukmlen: TIdC_SIZET; const md: PEVP_MD): TIdC_INT cdecl; external CLibCrypto;
+
+  procedure DH_get0_pqg(const dh: PDH; const p: PPBIGNUM; const q: PPBIGNUM; const g: PPBIGNUM) cdecl; external CLibCrypto;
+  function DH_set0_pqg(dh: PDH; p: PBIGNUM; q: PBIGNUM; g: PBIGNUM): TIdC_INT cdecl; external CLibCrypto;
+  procedure DH_get0_key(const dh: PDH; const pub_key: PPBIGNUM; const priv_key: PPBIGNUM) cdecl; external CLibCrypto;
+  function DH_set0_key(dh: PDH; pub_key: PBIGNUM; priv_key: PBIGNUM): TIdC_INT cdecl; external CLibCrypto;
+  function DH_get0_p(const dh: PDH): PBIGNUM cdecl; external CLibCrypto;
+  function DH_get0_q(const dh: PDH): PBIGNUM cdecl; external CLibCrypto;
+  function DH_get0_g(const dh: PDH): PBIGNUM cdecl; external CLibCrypto;
+  function DH_get0_priv_key(const dh: PDH): PBIGNUM cdecl; external CLibCrypto;
+  function DH_get0_pub_key(const dh: PDH): PBIGNUM cdecl; external CLibCrypto;
+  procedure DH_clear_flags(dh: PDH; flags: TIdC_INT) cdecl; external CLibCrypto;
+  function DH_test_flags(const dh: PDH; flags: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  procedure DH_set_flags(dh: PDH; flags: TIdC_INT) cdecl; external CLibCrypto;
+  function DH_get0_engine(d: PDH): PENGINE cdecl; external CLibCrypto;
+  function DH_get_length(const dh: PDH): TIdC_LONG cdecl; external CLibCrypto;
+  function DH_set_length(dh: PDH; length: TIdC_LONG): TIdC_INT cdecl; external CLibCrypto;
+
+  function DH_meth_new(const name: PIdAnsiChar; flags: TIdC_INT): PDH_Method cdecl; external CLibCrypto;
+  procedure DH_meth_free(dhm: PDH_Method) cdecl; external CLibCrypto;
+  function DH_meth_dup(const dhm: PDH_Method): PDH_Method cdecl; external CLibCrypto;
+  function DH_meth_get0_name(const dhm: PDH_Method): PIdAnsiChar cdecl; external CLibCrypto;
+  function DH_meth_set1_name(dhm: PDH_Method; const name: PIdAnsiChar): TIdC_INT cdecl; external CLibCrypto;
+  function DH_meth_get_flags(const dhm: PDH_Method): TIdC_INT cdecl; external CLibCrypto;
+  function DH_meth_set_flags(const dhm: PDH_Method; flags: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function DH_meth_get0_app_data(const dhm: PDH_Method): Pointer cdecl; external CLibCrypto;
+  function DH_meth_set0_app_data(const dhm: PDH_Method; app_data: Pointer): TIdC_INT cdecl; external CLibCrypto;
+
+  function DH_meth_get_generate_key(const dhm: PDH_Method): DH_meth_generate_key_cb cdecl; external CLibCrypto;
+  function DH_meth_set_generate_key(const dhm: PDH_Method; generate_key: DH_meth_generate_key_cb): TIdC_INT cdecl; external CLibCrypto;
+
+  function DH_meth_get_compute_key(const dhm: PDH_Method): DH_meth_compute_key_cb cdecl; external CLibCrypto;
+  function DH_meth_set_compute_key(const dhm: PDH_Method; compute_key: DH_meth_compute_key_cb): TIdC_INT cdecl; external CLibCrypto;
+
+  function DH_meth_get_bn_mod_exp(const dhm: PDH_Method): DH_meth_bn_mod_exp_cb cdecl; external CLibCrypto;
+  function DH_meth_set_bn_mod_exp(const dhm: PDH_Method; bn_mod_expr: DH_meth_bn_mod_exp_cb): TIdC_INT cdecl; external CLibCrypto;
+
+  function DH_meth_get_init(const dhm: PDH_Method): DH_meth_init_cb cdecl; external CLibCrypto;
+  function DH_meth_set_init(const dhm: PDH_Method; init: DH_meth_init_cb): TIdC_INT cdecl; external CLibCrypto;
+
+  function DH_meth_get_finish(const dhm: PDH_Method): DH_meth_finish_cb cdecl; external CLibCrypto;
+  function DH_meth_set_finish(const dhm: PDH_Method; finish: DH_meth_finish_cb): TIdC_INT cdecl; external CLibCrypto;
+
+  function DH_meth_get_generate_params(const dhm: PDH_Method): DH_meth_generate_params_cb cdecl; external CLibCrypto;
+  function DH_meth_set_generate_params(const dhm: PDH_Method; generate_params: DH_meth_generate_params_cb): TIdC_INT cdecl; external CLibCrypto;
+
+{
+# define EVP_PKEY_CTX_set_dh_paramgen_prime_len(ctx, len) \
+        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN, \
+                        EVP_PKEY_CTRL_DH_PARAMGEN_PRIME_LEN, len, NULL)
+
+# define EVP_PKEY_CTX_set_dh_paramgen_subprime_len(ctx, len) \
+        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN, \
+                        EVP_PKEY_CTRL_DH_PARAMGEN_SUBPRIME_LEN, len, NULL)
+
+# define EVP_PKEY_CTX_set_dh_paramgen_type(ctx, typ) \
+        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN, \
+                        EVP_PKEY_CTRL_DH_PARAMGEN_TYPE, typ, NULL)
+
+# define EVP_PKEY_CTX_set_dh_paramgen_generator(ctx, gen) \
+        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN, \
+                        EVP_PKEY_CTRL_DH_PARAMGEN_GENERATOR, gen, NULL)
+
+# define EVP_PKEY_CTX_set_dh_rfc5114(ctx, gen) \
+        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, EVP_PKEY_OP_PARAMGEN, \
+                        EVP_PKEY_CTRL_DH_RFC5114, gen, NULL)
+
+# define EVP_PKEY_CTX_set_dhx_rfc5114(ctx, gen) \
+        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, EVP_PKEY_OP_PARAMGEN, \
+                        EVP_PKEY_CTRL_DH_RFC5114, gen, NULL)
+
+# define EVP_PKEY_CTX_set_dh_nid(ctx, nid) \
+        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, \
+                        EVP_PKEY_OP_PARAMGEN | EVP_PKEY_OP_KEYGEN, \
+                        EVP_PKEY_CTRL_DH_NID, nid, NULL)
+
+# define EVP_PKEY_CTX_set_dh_pad(ctx, pad) \
+        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_DERIVE, \
+                          EVP_PKEY_CTRL_DH_PAD, pad, NULL)
+
+# define EVP_PKEY_CTX_set_dh_kdf_type(ctx, kdf) \
+        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
+                                EVP_PKEY_OP_DERIVE, \
+                                EVP_PKEY_CTRL_DH_KDF_TYPE, kdf, NULL)
+
+# define EVP_PKEY_CTX_get_dh_kdf_type(ctx) \
+        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
+                                EVP_PKEY_OP_DERIVE, \
+                                EVP_PKEY_CTRL_DH_KDF_TYPE, -2, NULL)
+
+# define EVP_PKEY_CTX_set0_dh_kdf_oid(ctx, oid) \
+        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
+                                EVP_PKEY_OP_DERIVE, \
+                                EVP_PKEY_CTRL_DH_KDF_OID, 0, (void *)(oid))
+
+# define EVP_PKEY_CTX_get0_dh_kdf_oid(ctx, poid) \
+        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
+                                EVP_PKEY_OP_DERIVE, \
+                                EVP_PKEY_CTRL_GET_DH_KDF_OID, 0, (void *)(poid))
+
+# define EVP_PKEY_CTX_set_dh_kdf_md(ctx, md) \
+        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
+                                EVP_PKEY_OP_DERIVE, \
+                                EVP_PKEY_CTRL_DH_KDF_MD, 0, (void *)(md))
+
+# define EVP_PKEY_CTX_get_dh_kdf_md(ctx, pmd) \
+        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
+                                EVP_PKEY_OP_DERIVE, \
+                                EVP_PKEY_CTRL_GET_DH_KDF_MD, 0, (void *)(pmd))
+
+# define EVP_PKEY_CTX_set_dh_kdf_outlen(ctx, len) \
+        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
+                                EVP_PKEY_OP_DERIVE, \
+                                EVP_PKEY_CTRL_DH_KDF_OUTLEN, len, NULL)
+
+# define EVP_PKEY_CTX_get_dh_kdf_outlen(ctx, plen) \
+        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
+                                EVP_PKEY_OP_DERIVE, \
+                        EVP_PKEY_CTRL_GET_DH_KDF_OUTLEN, 0, (void *)(plen))
+
+# define EVP_PKEY_CTX_set0_dh_kdf_ukm(ctx, p, plen) \
+        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
+                                EVP_PKEY_OP_DERIVE, \
+                                EVP_PKEY_CTRL_DH_KDF_UKM, plen, (void *)(p))
+
+# define EVP_PKEY_CTX_get0_dh_kdf_ukm(ctx, p) \
+        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
+                                EVP_PKEY_OP_DERIVE, \
+                                EVP_PKEY_CTRL_GET_DH_KDF_UKM, 0, (void *)(p))
+}
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_dherr.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_dherr.pas
new file mode 100644
index 000000000..7adcfac0f
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_dherr.pas
@@ -0,0 +1,108 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 14:51:27
+
+unit IdOpenSSLHeaders_dherr;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// dherr.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+const
+  // DH function codes
+  DH_F_COMPUTE_KEY               = 102;
+  DH_F_DHPARAMS_PRINT_FP         = 101;
+  DH_F_DH_BUILTIN_GENPARAMS      = 106;
+  DH_F_DH_CHECK_EX               = 121;
+  DH_F_DH_CHECK_PARAMS_EX        = 122;
+  DH_F_DH_CHECK_PUB_KEY_EX       = 123;
+  DH_F_DH_CMS_DECRYPT            = 114;
+  DH_F_DH_CMS_SET_PEERKEY        = 115;
+  DH_F_DH_CMS_SET_SHARED_INFO    = 116;
+  DH_F_DH_METH_DUP               = 117;
+  DH_F_DH_METH_NEW               = 118;
+  DH_F_DH_METH_SET1_NAME         = 119;
+  DH_F_DH_NEW_BY_NID             = 104;
+  DH_F_DH_NEW_METHOD             = 105;
+  DH_F_DH_PARAM_DECODE           = 107;
+  DH_F_DH_PKEY_PUBLIC_CHECK      = 124;
+  DH_F_DH_PRIV_DECODE            = 110;
+  DH_F_DH_PRIV_ENCODE            = 111;
+  DH_F_DH_PUB_DECODE             = 108;
+  DH_F_DH_PUB_ENCODE             = 109;
+  DH_F_DO_DH_PRINT               = 100;
+  DH_F_GENERATE_KEY              = 103;
+  DH_F_PKEY_DH_CTRL_STR          = 120;
+  DH_F_PKEY_DH_DERIVE            = 112;
+  DH_F_PKEY_DH_INIT              = 125;
+  DH_F_PKEY_DH_KEYGEN            = 113;
+
+  // DH reason codes
+  DH_R_BAD_GENERATOR             = 101;
+  DH_R_BN_DECODE_ERROR           = 109;
+  DH_R_BN_ERROR                  = 106;
+  DH_R_CHECK_INVALID_J_VALUE     = 115;
+  DH_R_CHECK_INVALID_Q_VALUE     = 116;
+  DH_R_CHECK_PUBKEY_INVALID      = 122;
+  DH_R_CHECK_PUBKEY_TOO_LARGE    = 123;
+  DH_R_CHECK_PUBKEY_TOO_SMALL    = 124;
+  DH_R_CHECK_P_NOT_PRIME         = 117;
+  DH_R_CHECK_P_NOT_SAFE_PRIME    = 118;
+  DH_R_CHECK_Q_NOT_PRIME         = 119;
+  DH_R_DECODE_ERROR              = 104;
+  DH_R_INVALID_PARAMETER_NAME    = 110;
+  DH_R_INVALID_PARAMETER_NID     = 114;
+  DH_R_INVALID_PUBKEY            = 102;
+  DH_R_KDF_PARAMETER_ERROR       = 112;
+  DH_R_KEYS_NOT_SET              = 108;
+  DH_R_MISSING_PUBKEY            = 125;
+  DH_R_MODULUS_TOO_LARGE         = 103;
+  DH_R_NOT_SUITABLE_GENERATOR    = 120;
+  DH_R_NO_PARAMETERS_SET         = 107;
+  DH_R_NO_PRIVATE_VALUE          = 100;
+  DH_R_PARAMETER_ENCODING_ERROR  = 105;
+  DH_R_PEER_KEY_ERROR            = 111;
+  DH_R_SHARED_INFO_ERROR         = 113;
+  DH_R_UNABLE_TO_CHECK_GENERATOR = 121;
+
+  function ERR_load_DH_strings: TIdC_INT cdecl; external CLibCrypto;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_dsa.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_dsa.pas
new file mode 100644
index 000000000..be8eff5c2
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_dsa.pas
@@ -0,0 +1,203 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 14:51:27
+
+unit IdOpenSSLHeaders_dsa;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// dsa.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts,
+  IdOpenSSLHeaders_ossl_typ,
+  IdOpenSSLHeaders_evp;
+
+const
+  OPENSSL_DSA_MAX_MODULUS_BITS = 10000;
+  OPENSSL_DSA_FIPS_MIN_MODULUS_BITS = 1024;
+  DSA_FLAG_CACHE_MONT_P = $01;
+  DSA_FLAG_NO_EXP_CONSTTIME = $00;
+  DSA_FLAG_FIPS_METHOD = $0400;
+  DSA_FLAG_NON_FIPS_ALLOW = $0400;
+  DSA_FLAG_FIPS_CHECKED = $0800;
+
+  DSS_prime_checks = 64;
+
+  EVP_PKEY_CTRL_DSA_PARAMGEN_BITS = EVP_PKEY_ALG_CTRL + 1;
+  EVP_PKEY_CTRL_DSA_PARAMGEN_Q_BITS = EVP_PKEY_ALG_CTRL + 2;
+  EVP_PKEY_CTRL_DSA_PARAMGEN_MD = EVP_PKEY_ALG_CTRL + 3;
+
+type
+  DSA_SIG = type Pointer; // DSA_SIG_st
+  PDSA_SIG = ^DSA_SIG;
+  PPDSA_SIG = ^PDSA_SIG;
+
+  DSA_meth_sign_cb = function (const v1: PByte; v2: TIdC_INT; v3: PDSA): PDSA_SIG cdecl;
+  DSA_meth_sign_setup_cb = function (v1: PDSA; v2: PBN_CTX;
+    v3: PPBIGNUM; v4: PPBIGNUM): TIdC_INT cdecl;
+  DSA_meth_verify_cb = function (const v1: PByte; v2: TIdC_INT;
+    v3: PDSA_SIG; v4: PDSA): TIdC_INT cdecl;
+  DSA_meth_mod_exp_cb = function (v1: PDSA; v2: PBIGNUM;
+    const v3: PBIGNUM; const v4: PBIGNUM; const v5: PBIGNUM; const v6: PBIGNUM;
+    const v7: PBIGNUM; v8: PBN_CTX; v9: PBN_MONT_CTX): TIdC_INT cdecl;
+  DSA_meth_bn_mod_exp_cb = function (v1: PDSA; v2: PBIGNUM;
+    const v3: PBIGNUM; const v4: PBIGNUM; const v5: PBIGNUM; v6: PBN_CTX; v7: PBN_MONT_CTX): TIdC_INT cdecl;
+  DSA_meth_init_cb = function(v1: PDSA): TIdC_INT cdecl;
+  DSA_meth_finish_cb = function (v1: PDSA): TIdC_INT cdecl;
+  DSA_meth_paramgen_cb = function (v1: PDSA; v2: TIdC_INT;
+    const v3: PByte; v4: TIdC_INT; v5: PIdC_INT; v6: PIdC_ULONG; v7: PBN_GENCB): TIdC_INT cdecl;
+  DSA_meth_keygen_cb = function (v1: PDSA): TIdC_INT cdecl;
+
+//# define d2i_DSAparams_fp(fp,x) (DSA *)ASN1_d2i_fp((char *(*)())DSA_new, \
+//                (char *(*)())d2i_DSAparams,(fp),(unsigned char **)(x))
+//# define i2d_DSAparams_fp(fp,x) ASN1_i2d_fp(i2d_DSAparams,(fp), \
+//                (unsigned char *)(x))
+//# define d2i_DSAparams_bio(bp,x) ASN1_d2i_bio_of(DSA,DSA_new,d2i_DSAparams,bp,x)
+//# define i2d_DSAparams_bio(bp,x) ASN1_i2d_bio_of_const(DSA,i2d_DSAparams,bp,x)
+
+  function DSAparams_dup(x: PDSA): PDSA cdecl; external CLibCrypto;
+  function DSA_SIG_new: PDSA_SIG cdecl; external CLibCrypto;
+  procedure DSA_SIG_free(a: PDSA_SIG) cdecl; external CLibCrypto;
+  function i2d_DSA_SIG(const a: PDSA_SIG; pp: PPByte): TIdC_INT cdecl; external CLibCrypto;
+  function d2i_DSA_SIG(v: PPDSA_SIG; const pp: PPByte; length: TIdC_LONG): PDSA_SIG cdecl; external CLibCrypto;
+  procedure DSA_SIG_get0(const sig: PDSA_SIG; const pr: PPBIGNUM; const ps: PPBIGNUM) cdecl; external CLibCrypto;
+  function DSA_SIG_set0(sig: PDSA_SIG; r: PBIGNUM; s: PBIGNUM): TIdC_INT cdecl; external CLibCrypto;
+  
+  function DSA_do_sign(const dgst: PByte; dlen: TIdC_INT; dsa: PDSA): PDSA_SIG cdecl; external CLibCrypto;
+  function DSA_do_verify(const dgst: PByte; dgst_len: TIdC_INT; sig: PDSA_SIG; dsa: PDSA): TIdC_INT cdecl; external CLibCrypto;
+  
+  function DSA_OpenSSL: PDSA_METHOD cdecl; external CLibCrypto;
+  procedure DSA_set_default_method(const v1: PDSA_METHOD) cdecl; external CLibCrypto;
+  function DSA_get_default_method: PDSA_METHOD cdecl; external CLibCrypto;
+  function DSA_set_method(dsa: PDSA; const v1: PDSA_METHOD): TIdC_INT cdecl; external CLibCrypto;
+  function DSA_get_method(d: PDSA): PDSA_METHOD cdecl; external CLibCrypto;
+
+  function DSA_new: PDSA cdecl; external CLibCrypto;
+  function DSA_new_method(engine: PENGINE): PDSA cdecl; external CLibCrypto;
+  procedure DSA_free(r: PDSA) cdecl; external CLibCrypto;
+  (* "up" the DSA object's reference count *)
+  function DSA_up_ref(r: PDSA): TIdC_INT cdecl; external CLibCrypto;
+  function DSA_size(const v1: PDSA): TIdC_INT cdecl; external CLibCrypto;
+  function DSA_bits(const d: PDSA): TIdC_INT cdecl; external CLibCrypto;
+  function DSA_security_bits(const d: PDSA): TIdC_INT cdecl; external CLibCrypto;
+  function DSA_sign(&type: TIdC_INT; const dgst: PByte; dlen: TIdC_INT; sig: PByte; siglen: PIdC_UINT; dsa: PDSA): TIdC_INT cdecl; external CLibCrypto;
+  function DSA_verify(&type: TIdC_INT; const dgst: PByte; dgst_len: TIdC_INT; const sigbuf: PByte; siglen: TIdC_INT; dsa: PDSA): TIdC_INT cdecl; external CLibCrypto;
+  //#define DSA_get_ex_new_index(l, p, newf, dupf, freef) \
+  //    CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_DSA, l, p, newf, dupf, freef)
+  function DSA_set_ex_data(d: PDSA; idx: TIdC_INT; arg: Pointer): TIdC_INT cdecl; external CLibCrypto;
+  function DSA_get_ex_data(d: PDSA; idx: TIdC_INT): Pointer cdecl; external CLibCrypto;
+  
+  function d2i_DSAPublicKey(a: PPDSA; const pp: PPByte; length: TIdC_LONG): PDSA cdecl; external CLibCrypto;
+  function d2i_DSAPrivateKey(a: PPDSA; const pp: PPByte; length: TIdC_LONG): PDSA cdecl; external CLibCrypto;
+  function d2i_DSAparams(a: PPDSA; const pp: PPByte; length: TIdC_LONG): PDSA cdecl; external CLibCrypto;
+
+  function DSA_generate_parameters_ex(dsa: PDSA; bits: TIdC_INT; const seed: PByte; seed_len: TIdC_INT; counter_ret: PIdC_INT; h_ret: PIdC_ULONG; cb: PBN_GENCB): TIdC_INT cdecl; external CLibCrypto;
+
+  function DSA_generate_key(a: PDSA): TIdC_INT cdecl; external CLibCrypto;
+  function i2d_DSAPublicKey(const a: PDSA; pp: PPByte): TIdC_INT cdecl; external CLibCrypto;
+  function i2d_DSAPrivateKey(const a: PDSA; pp: PPByte): TIdC_INT cdecl; external CLibCrypto;
+  function i2d_DSAparams(const a: PDSA; pp: PPByte): TIdC_INT cdecl; external CLibCrypto;
+  
+  function DSAparams_print(bp: PBIO; const x: PDSA): TIdC_INT cdecl; external CLibCrypto;
+  function DSA_print(bp: PBIO; const x: PDSA; off: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+//  function DSAparams_print_fp(fp: PFile; const x: PDSA): TIdC_INT;
+//  function DSA_print_fp(bp: PFile; const x: PDSA; off: TIdC_INT): TIdC_INT;
+
+  //# define DSA_is_prime(n, callback, cb_arg) \
+  //        BN_is_prime(n, DSS_prime_checks, callback, NULL, cb_arg)
+
+  (*
+   * Convert DSA structure (key or just parameters) into DH structure (be
+   * careful to avoid small subgroup attacks when using this!)
+   *)
+  function DSA_dup_DH(const r: PDSA): PDH cdecl; external CLibCrypto;
+
+  //# define EVP_PKEY_CTX_set_dsa_paramgen_bits(ctx, nbits) \
+  //        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DSA, EVP_PKEY_OP_PARAMGEN, \
+  //                                EVP_PKEY_CTRL_DSA_PARAMGEN_BITS, nbits, NULL)
+  //# define EVP_PKEY_CTX_set_dsa_paramgen_q_bits(ctx, qbits) \
+  //        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DSA, EVP_PKEY_OP_PARAMGEN, \
+  //                                EVP_PKEY_CTRL_DSA_PARAMGEN_Q_BITS, qbits, NULL)
+  //# define EVP_PKEY_CTX_set_dsa_paramgen_md(ctx, md) \
+  //        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DSA, EVP_PKEY_OP_PARAMGEN, \
+  //                                EVP_PKEY_CTRL_DSA_PARAMGEN_MD, 0, (void *)(md))
+
+  procedure DSA_get0_pqg(const d: PDSA; const p: PPBIGNUM; const q: PPBIGNUM; const g: PPBIGNUM) cdecl; external CLibCrypto;
+  function DSA_set0_pqg(d: PDSA; p: PBIGNUM; q: PBIGNUM; g: PBIGNUM): TIdC_INT cdecl; external CLibCrypto;
+  procedure DSA_get0_key(const d: PDSA; const pub_key: PPBIGNUM; const priv_key: PPBIGNUM) cdecl; external CLibCrypto;
+  function DSA_set0_key(d: PDSA; pub_key: PBIGNUM; priv_key: PBIGNUM): TIdC_INT cdecl; external CLibCrypto;
+  function DSA_get0_p(const d: PDSA): PBIGNUM cdecl; external CLibCrypto;
+  function DSA_get0_q(const d: PDSA): PBIGNUM cdecl; external CLibCrypto;
+  function DSA_get0_g(const d: PDSA): PBIGNUM cdecl; external CLibCrypto;
+  function DSA_get0_pub_key(const d: PDSA): PBIGNUM cdecl; external CLibCrypto;
+  function DSA_get0_priv_key(const d: PDSA): PBIGNUM cdecl; external CLibCrypto;
+  procedure DSA_clear_flags(d: PDSA; flags: TIdC_INT) cdecl; external CLibCrypto;
+  function DSA_test_flags(const d: PDSA; flags: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  procedure DSA_set_flags(d: PDSA; flags: TIdC_INT) cdecl; external CLibCrypto;
+  function DSA_get0_engine(d: PDSA): PENGINE cdecl; external CLibCrypto;
+  
+  function DSA_meth_new(const name: PIdAnsiChar; flags: TIdC_INT): PDSA_METHOD cdecl; external CLibCrypto;
+  procedure DSA_meth_free(dsam: PDSA_METHOD) cdecl; external CLibCrypto;
+  function DSA_meth_dup(const dsam: PDSA_METHOD): PDSA_METHOD cdecl; external CLibCrypto;
+  function DSA_meth_get0_name(const dsam: PDSA_METHOD): PIdAnsiChar cdecl; external CLibCrypto;
+  function DSA_meth_set1_name(dsam: PDSA_METHOD; const name: PIdAnsiChar): TIdC_INT cdecl; external CLibCrypto;
+  function DSA_meth_get_flags(const dsam: PDSA_METHOD): TIdC_INT cdecl; external CLibCrypto;
+  function DSA_meth_set_flags(dsam: PDSA_METHOD; flags: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function DSA_meth_get0_app_data(const dsam: PDSA_METHOD): Pointer cdecl; external CLibCrypto;
+  function DSA_meth_set0_app_data(dsam: PDSA_METHOD; app_data: Pointer): TIdC_INT cdecl; external CLibCrypto;
+  function DSA_meth_get_sign(const dsam: PDSA_METHOD): DSA_meth_sign_cb cdecl; external CLibCrypto;
+  function DSA_meth_set_sign(dsam: PDSA_METHOD; sign: DSA_meth_sign_cb): TIdC_INT cdecl; external CLibCrypto;
+  function DSA_meth_get_sign_setup(const dsam: PDSA_METHOD): DSA_meth_sign_setup_cb cdecl; external CLibCrypto;
+  function DSA_meth_set_sign_setup(dsam: PDSA_METHOD; sign_setup: DSA_meth_sign_setup_cb): TIdC_INT cdecl; external CLibCrypto;
+  function DSA_meth_get_verify(const dsam: PDSA_METHOD): DSA_meth_verify_cb cdecl; external CLibCrypto;
+  function DSA_meth_set_verify(dsam: PDSA_METHOD; verify: DSA_meth_verify_cb): TIdC_INT cdecl; external CLibCrypto;
+  function DSA_meth_get_mod_exp(const dsam: PDSA_METHOD): DSA_meth_mod_exp_cb cdecl; external CLibCrypto;
+  function DSA_meth_set_mod_exp(dsam: PDSA_METHOD; mod_exp: DSA_meth_mod_exp_cb): TIdC_INT cdecl; external CLibCrypto;
+  function DSA_meth_get_bn_mod_exp(const dsam: PDSA_METHOD): DSA_meth_bn_mod_exp_cb cdecl; external CLibCrypto;
+  function DSA_meth_set_bn_mod_exp(dsam: PDSA_METHOD; bn_mod_exp: DSA_meth_bn_mod_exp_cb): TIdC_INT cdecl; external CLibCrypto;
+  function DSA_meth_get_init(const dsam: PDSA_METHOD): DSA_meth_init_cb cdecl; external CLibCrypto;
+  function DSA_meth_set_init(dsam: PDSA_METHOD; init: DSA_meth_init_cb): TIdC_INT cdecl; external CLibCrypto;
+  function DSA_meth_get_finish(const dsam: PDSA_METHOD): DSA_meth_finish_cb cdecl; external CLibCrypto;
+  function DSA_meth_set_finish(dsam: PDSA_METHOD; finish: DSA_meth_finish_cb): TIdC_INT cdecl; external CLibCrypto;
+  function DSA_meth_get_paramgen(const dsam: PDSA_METHOD): DSA_meth_paramgen_cb cdecl; external CLibCrypto;
+  function DSA_meth_set_paramgen(dsam: PDSA_METHOD; paramgen: DSA_meth_paramgen_cb): TIdC_INT cdecl; external CLibCrypto;
+  function DSA_meth_get_keygen(const dsam: PDSA_METHOD): DSA_meth_keygen_cb cdecl; external CLibCrypto;
+  function DSA_meth_set_keygen(dsam: PDSA_METHOD; keygen: DSA_meth_keygen_cb): TIdC_INT cdecl; external CLibCrypto;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_dsaerr.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_dsaerr.pas
new file mode 100644
index 000000000..8eba69e4a
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_dsaerr.pas
@@ -0,0 +1,96 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 14:51:27
+
+unit IdOpenSSLHeaders_dsaerr;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// dsaerr.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+const
+  ///*
+  // * DSA function codes.
+  // */
+  DSA_F_DSAPARAMS_PRINT = 100;
+  DSA_F_DSAPARAMS_PRINT_FP = 101;
+  DSA_F_DSA_BUILTIN_PARAMGEN = 125;
+  DSA_F_DSA_BUILTIN_PARAMGEN2 = 126;
+  DSA_F_DSA_DO_SIGN = 112;
+  DSA_F_DSA_DO_VERIFY = 113;
+  DSA_F_DSA_METH_DUP = 127;
+  DSA_F_DSA_METH_NEW = 128;
+  DSA_F_DSA_METH_SET1_NAME = 129;
+  DSA_F_DSA_NEW_METHOD = 103;
+  DSA_F_DSA_PARAM_DECODE = 119;
+  DSA_F_DSA_PRINT_FP = 105;
+  DSA_F_DSA_PRIV_DECODE = 115;
+  DSA_F_DSA_PRIV_ENCODE = 116;
+  DSA_F_DSA_PUB_DECODE = 117;
+  DSA_F_DSA_PUB_ENCODE = 118;
+  DSA_F_DSA_SIGN = 106;
+  DSA_F_DSA_SIGN_SETUP = 107;
+  DSA_F_DSA_SIG_NEW = 102;
+  DSA_F_OLD_DSA_PRIV_DECODE = 122;
+  DSA_F_PKEY_DSA_CTRL = 120;
+  DSA_F_PKEY_DSA_CTRL_STR = 104;
+  DSA_F_PKEY_DSA_KEYGEN = 121;
+
+  ///*
+  // * DSA reason codes.
+  // */
+  DSA_R_BAD_Q_VALUE = 102;
+  DSA_R_BN_DECODE_ERROR = 108;
+  DSA_R_BN_ERROR = 109;
+  DSA_R_DECODE_ERROR = 104;
+  DSA_R_INVALID_DIGEST_TYPE = 106;
+  DSA_R_INVALID_PARAMETERS = 112;
+  DSA_R_MISSING_PARAMETERS = 101;
+  DSA_R_MISSING_PRIVATE_KEY = 111;
+  DSA_R_MODULUS_TOO_LARGE = 103;
+  DSA_R_NO_PARAMETERS_SET = 107;
+  DSA_R_PARAMETER_ENCODING_ERROR = 105;
+  DSA_R_Q_NOT_PRIME = 113;
+  DSA_R_SEED_LEN_SMALL = 110;
+
+  function ERR_load_DSA_strings: TIdC_INT cdecl; external CLibCrypto;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ebcdic.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ebcdic.pas
new file mode 100644
index 000000000..d5b5ce0e5
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ebcdic.pas
@@ -0,0 +1,56 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 14:51:27
+
+unit IdOpenSSLHeaders_ebcdic;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// ebcdic.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+
+  //extern const unsigned char os_toascii[256];
+  //extern const unsigned char os_toebcdic[256];
+
+  function ebcdic2ascii(dest: Pointer; const srce: Pointer; count: TIdC_SIZET): Pointer cdecl; external CLibCrypto;
+  function ascii2ebcdic(dest: Pointer; const srce: Pointer; count: TIdC_SIZET): Pointer cdecl; external CLibCrypto;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ec.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ec.pas
new file mode 100644
index 000000000..25f2424cf
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ec.pas
@@ -0,0 +1,352 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 14:51:27
+
+unit IdOpenSSLHeaders_ec;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// ec.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts,
+  IdOpenSSLHeaders_ossl_typ,
+  IdOpenSSLHeaders_evp;
+
+const
+  OPENSSL_EC_EXPLICIT_CURVE = $000;
+  OPENSSL_EC_NAMED_CURVE    = $001;
+  EC_PKEY_NO_PARAMETERS = $001;
+  EC_PKEY_NO_PUBKEY     = $002;
+  EC_FLAG_NON_FIPS_ALLOW = $1;
+  EC_FLAG_FIPS_CHECKED   = $2;
+  EC_FLAG_COFACTOR_ECDH  = $1000;
+  EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID = (EVP_PKEY_ALG_CTRL + 1);
+  EVP_PKEY_CTRL_EC_PARAM_ENC          = (EVP_PKEY_ALG_CTRL + 2);
+  EVP_PKEY_CTRL_EC_ECDH_COFACTOR      = (EVP_PKEY_ALG_CTRL + 3);
+  EVP_PKEY_CTRL_EC_KDF_TYPE           = (EVP_PKEY_ALG_CTRL + 4);
+  EVP_PKEY_CTRL_EC_KDF_MD             = (EVP_PKEY_ALG_CTRL + 5);
+  EVP_PKEY_CTRL_GET_EC_KDF_MD         = (EVP_PKEY_ALG_CTRL + 6);
+  EVP_PKEY_CTRL_EC_KDF_OUTLEN         = (EVP_PKEY_ALG_CTRL + 7);
+  EVP_PKEY_CTRL_GET_EC_KDF_OUTLEN     = (EVP_PKEY_ALG_CTRL + 8);
+  EVP_PKEY_CTRL_EC_KDF_UKM            = (EVP_PKEY_ALG_CTRL + 9);
+  EVP_PKEY_CTRL_GET_EC_KDF_UKM        = (EVP_PKEY_ALG_CTRL + 10);
+  EVP_PKEY_CTRL_SET1_ID               = (EVP_PKEY_ALG_CTRL + 11);
+  EVP_PKEY_CTRL_GET1_ID               = (EVP_PKEY_ALG_CTRL + 12);
+  EVP_PKEY_CTRL_GET1_ID_LEN           = (EVP_PKEY_ALG_CTRL + 13);
+  EVP_PKEY_ECDH_KDF_NONE              = 1;
+  EVP_PKEY_ECDH_KDF_X9_63             = 2;
+  EVP_PKEY_ECDH_KDF_X9_62             = EVP_PKEY_ECDH_KDF_X9_63;
+
+type
+  {$MINENUMSIZE 4}
+  point_conversion_form_t = (
+    POINT_CONVERSION_COMPRESSED = 2,
+    POINT_CONVERSION_UNCOMPRESSED = 4,
+    POINT_CONVERSION_HYBRID = 6
+  );
+
+  EC_METHOD = type Pointer; // ec_method_st
+  PEC_METHOD = ^EC_METHOD;
+  
+  EC_GROUP = type Pointer; // ec_group_st
+  PEC_GROUP = ^EC_GROUP;
+  PPEC_GROUP = ^PEC_GROUP;
+  
+  EC_POINT = type Pointer; // ec_point_st
+  PEC_POINT = ^EC_POINT;
+  PPEC_POINT = ^PEC_POINT;
+  
+  ECPKPARAMETERS = type Pointer; // ecpk_parameters_st
+  PECPKPARAMETERS = ^ECPKPARAMETERS;
+  
+  ECPARAMETERS = type Pointer; // ec_parameters_st
+  PECPARAMETERS = ^ECPARAMETERS;
+
+  EC_builtin_curve = record
+    nid: TIdC_INT;
+    comment: PIdAnsiChar;
+  end;
+  PEC_builtin_curve = ^EC_builtin_curve;
+
+  ECDSA_SIG = type Pointer; // ECDSA_SIG_st
+  PECDSA_SIG = ^ECDSA_SIG;
+  PPECDSA_SIG = ^PECDSA_SIG;
+
+  ECDH_compute_key_KDF = function(const &in: Pointer; inlen: TIdC_SIZET; &out: Pointer; outlen: PIdC_SIZET): Pointer; cdecl;
+
+  EC_KEY_METHOD_init_init = function(key: PEC_KEY): TIdC_INT; cdecl;
+  EC_KEY_METHOD_init_finish = procedure(key: PEC_KEY); cdecl;
+  EC_KEY_METHOD_init_copy = function(dest: PEC_KEY; const src: PEC_KEY): TIdC_INT; cdecl;
+  EC_KEY_METHOD_init_set_group = function(key: PEC_KEY; const grp: PEC_GROUP): TIdC_INT; cdecl;
+  EC_KEY_METHOD_init_set_private = function(key: PEC_KEY; const priv_key: PBIGNUM): TIdC_INT; cdecl;
+  EC_KEY_METHOD_init_set_public = function(key: PEC_KEY; const pub_key: PEC_POINT): TIdC_INT; cdecl;
+
+  EC_KEY_METHOD_keygen_keygen = function(key: PEC_KEY): TIdC_INT; cdecl;
+
+  EC_KEY_METHOD_compute_key_ckey = function(psec: PPByte; pseclen: PIdC_SIZET; const pub_key: PEC_POINT; const ecdh: PEC_KEY): TIdC_INT; cdecl;
+
+  EC_KEY_METHOD_sign_sign = function(&type: TIdC_INT; const dgst: PByte; dlen: TIdC_INT; sig: PByte; siglen: PIdC_UINT; const kinv: PBIGNUM; const r: PBIGNUM; eckey: PEC_KEY): TIdC_INT; cdecl;
+  EC_KEY_METHOD_sign_sign_setup = function(eckey: PEC_KEY; ctx_in: PBN_CTX; kinvp: PPBIGNUM; rp: PPBIGNUM): TIdC_INT; cdecl;
+  EC_KEY_METHOD_sign_sign_sig = function(const dgst: PByte; dgst_len: TIdC_INT; const in_kinv: PBIGNUM; const in_r: PBIGNUM; eckey: PEC_KEY): PECDSA_SIG; cdecl;
+
+  EC_KEY_METHOD_verify_verify = function(&type: TIdC_INT; const dgst: PByte; dgst_len: TIdC_INT; const sigbuf: PByte; sig_len: TIdC_INT; eckey: PEC_KEY): TIdC_INT; cdecl;
+  EC_KEY_METHOD_verify_verify_sig = function(const dgst: PByte; dgst_len: TIdC_INT; const sig: PECDSA_SIG; eckey: PEC_KEY): TIdC_INT; cdecl;
+
+  PEC_KEY_METHOD_init_init = ^EC_KEY_METHOD_init_init;
+  PEC_KEY_METHOD_init_finish = ^EC_KEY_METHOD_init_finish;
+  PEC_KEY_METHOD_init_copy = ^EC_KEY_METHOD_init_copy;
+  PEC_KEY_METHOD_init_set_group = ^EC_KEY_METHOD_init_set_group;
+  PEC_KEY_METHOD_init_set_private = ^EC_KEY_METHOD_init_set_private;
+  PEC_KEY_METHOD_init_set_public = ^EC_KEY_METHOD_init_set_public;
+
+  PEC_KEY_METHOD_keygen_keygen = ^EC_KEY_METHOD_keygen_keygen;
+
+  PEC_KEY_METHOD_compute_key_ckey = ^EC_KEY_METHOD_compute_key_ckey;
+
+  PEC_KEY_METHOD_sign_sign = ^EC_KEY_METHOD_sign_sign;
+  PEC_KEY_METHOD_sign_sign_setup = ^EC_KEY_METHOD_sign_sign_setup;
+  PEC_KEY_METHOD_sign_sign_sig = ^EC_KEY_METHOD_sign_sign_sig;
+
+  PEC_KEY_METHOD_verify_verify = ^EC_KEY_METHOD_verify_verify;
+  PEC_KEY_METHOD_verify_verify_sig = ^EC_KEY_METHOD_verify_verify_sig;
+
+  function EC_GFp_simple_method: PEC_METHOD cdecl; external CLibCrypto;
+  function EC_GFp_mont_method: PEC_METHOD cdecl; external CLibCrypto;
+  function EC_GFp_nist_method: PEC_METHOD cdecl; external CLibCrypto;
+  function EC_GFp_nistp224_method: PEC_METHOD cdecl; external CLibCrypto;
+  function EC_GFp_nistp256_method: PEC_METHOD cdecl; external CLibCrypto;
+  function EC_GFp_nistp521_method: PEC_METHOD cdecl; external CLibCrypto;
+
+  function EC_GF2m_simple_method: PEC_METHOD cdecl; external CLibCrypto;
+
+  function EC_GROUP_new(const meth: PEC_METHOD): PEC_GROUP cdecl; external CLibCrypto;
+  procedure EC_GROUP_free(group: PEC_GROUP) cdecl; external CLibCrypto;
+  procedure EC_GROUP_clear_free(group: PEC_GROUP) cdecl; external CLibCrypto;
+  function EC_GROUP_copy(dst: PEC_GROUP; const src: PEC_GROUP): TIdC_INT cdecl; external CLibCrypto;
+  function EC_GROUP_dup(const src: PEC_GROUP): PEC_GROUP cdecl; external CLibCrypto;
+  function EC_GROUP_method_of(const group: PEC_GROUP): PEC_GROUP cdecl; external CLibCrypto;
+  function EC_METHOD_get_field_type(const meth: PEC_METHOD): TIdC_INT cdecl; external CLibCrypto;
+  function EC_GROUP_set_generator(group: PEC_GROUP; const generator: PEC_POINT; const order: PBIGNUM; const cofactor: PBIGNUM): TIdC_INT cdecl; external CLibCrypto;
+  function EC_GROUP_get0_generator(const group: PEC_GROUP): PEC_POINT cdecl; external CLibCrypto;
+  function EC_GROUP_get_mont_data(const group: PEC_GROUP): PBN_MONT_CTX cdecl; external CLibCrypto;
+  function EC_GROUP_get_order(const group: PEC_GROUP; order: PBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function EC_GROUP_get0_order(const group: PEC_GROUP): PBIGNUM cdecl; external CLibCrypto;
+  function EC_GROUP_order_bits(const group: PEC_GROUP): TIdC_INT cdecl; external CLibCrypto;
+  function EC_GROUP_get_cofactor(const group: PEC_GROUP; cofactor: PBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function EC_GROUP_get0_cofactor(const group: PEC_GROUP): PBIGNUM cdecl; external CLibCrypto;
+  procedure EC_GROUP_set_curve_name(group: PEC_GROUP; nid: TIdC_INT) cdecl; external CLibCrypto;
+  function EC_GROUP_get_curve_name(const group: PEC_GROUP): TIdC_INT cdecl; external CLibCrypto;
+
+  procedure EC_GROUP_set_asn1_flag(group: PEC_GROUP; flag: TIdC_INT) cdecl; external CLibCrypto;
+  function EC_GROUP_get_asn1_flag(const group: PEC_GROUP): TIdC_INT cdecl; external CLibCrypto;
+
+  procedure EC_GROUP_set_point_conversion_form(group: PEC_GROUP; form: point_conversion_form_t) cdecl; external CLibCrypto;
+  function EC_GROUP_get_point_conversion_form(const group: PEC_GROUP): point_conversion_form_t cdecl; external CLibCrypto;
+
+  function EC_GROUP_get0_seed(const x: PEC_GROUP): PByte cdecl; external CLibCrypto;
+  function EC_GROUP_get_seed_len(const x: PEC_GROUP): TIdC_SIZET cdecl; external CLibCrypto;
+  function EC_GROUP_set_seed(x: PEC_GROUP; const p: PByte; len: TIdC_SIZET): TIdC_SIZET cdecl; external CLibCrypto;
+
+  function EC_GROUP_set_curve(group: PEC_GROUP; const p: PBIGNUM; const a: PBIGNUM; const b: PBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function EC_GROUP_get_curve(const group: PEC_GROUP; p: PBIGNUM; a: PBIGNUM; b: PBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function EC_GROUP_set_curve_GFp(group: PEC_GROUP; const p: PBIGNUM; const a: PBIGNUM; const b: PBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function EC_GROUP_get_curve_GFp(const group: PEC_GROUP; p: PBIGNUM; a: PBIGNUM; b: PBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function EC_GROUP_set_curve_GF2m(group: PEC_GROUP; const p: PBIGNUM; const a: PBIGNUM; const b:PBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function EC_GROUP_get_curve_GF2m(const group: PEC_GROUP; p: PBIGNUM; a: PBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl; external CLibCrypto;
+
+  function EC_GROUP_get_degree(const group: PEC_GROUP): TIdC_INT cdecl; external CLibCrypto;
+  function EC_GROUP_check(const group: PEC_GROUP; ctx: PBN_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function EC_GROUP_check_discriminant(const group: PEC_GROUP; ctx: PBN_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function EC_GROUP_cmp(const a: PEC_GROUP; const b: PEC_GROUP; ctx: PBN_CTX): TIdC_INT cdecl; external CLibCrypto;
+
+  function EC_GROUP_new_curve_GFp(const p: PBIGNUM; const a: PBIGNUM; const b: PBIGNUM; ctx: PBN_CTX): PEC_GROUP cdecl; external CLibCrypto;
+  function EC_GROUP_new_curve_GF2m(const p: PBIGNUM; const a: PBIGNUM; const b: PBIGNUM; ctx: PBN_CTX): PEC_GROUP cdecl; external CLibCrypto;
+  function EC_GROUP_new_by_curve_name(nid: TIdC_INT): PEC_GROUP cdecl; external CLibCrypto;
+  function EC_GROUP_new_from_ecparameters(const params: PECPARAMETERS): PEC_GROUP cdecl; external CLibCrypto;
+  function EC_GROUP_get_ecparameters(const group: PEC_GROUP; params: PECPARAMETERS): PECPARAMETERS cdecl; external CLibCrypto;
+  function EC_GROUP_new_from_ecpkparameters(const params: PECPKPARAMETERS): PEC_GROUP cdecl; external CLibCrypto;
+  function EC_GROUP_get_ecpkparameters(const group: PEC_GROUP; params: PECPKPARAMETERS): PECPKPARAMETERS cdecl; external CLibCrypto;
+
+  function EC_get_builtin_curves(r: PEC_builtin_curve; nitems: TIdC_SIZET): TIdC_SIZET cdecl; external CLibCrypto;
+
+  function EC_curve_nid2nist(nid: TIdC_INT): PIdAnsiChar cdecl; external CLibCrypto;
+  function EC_curve_nist2nid(const name: PIdAnsiChar): TIdC_INT cdecl; external CLibCrypto;
+
+  function EC_POINT_new(const group: PEC_GROUP): PEC_POINT cdecl; external CLibCrypto;
+  procedure EC_POINT_free(point: PEC_POINT) cdecl; external CLibCrypto;
+  procedure EC_POINT_clear_free(point: PEC_POINT) cdecl; external CLibCrypto;
+  function EC_POINT_copy(dst: PEC_POINT; const src: PEC_POINT): TIdC_INT cdecl; external CLibCrypto;
+  function EC_POINT_dup(const src: PEC_POINT; const group: PEC_GROUP): PEC_POINT cdecl; external CLibCrypto;
+  function EC_POINT_method_of(const point: PEC_POINT): PEC_METHOD cdecl; external CLibCrypto;
+  function EC_POINT_set_to_infinity(const group: PEC_GROUP; point: PEC_POINT): TIdC_INT cdecl; external CLibCrypto;
+  function EC_POINT_set_Jprojective_coordinates_GFp(const group: PEC_GROUP; p: PEC_POINT; const x: PBIGNUM; const y: PBIGNUM; const z: PBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function EC_POINT_get_Jprojective_coordinates_GFp(const group: PEC_METHOD; const p: PEC_POINT; x: PBIGNUM; y: PBIGNUM; z: PBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function EC_POINT_set_affine_coordinates(const group: PEC_GROUP; p: PEC_POINT; const x: PBIGNUM; const y: PBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function EC_POINT_get_affine_coordinates(const group: PEC_GROUP; const p: PEC_POINT; x: PBIGNUM; y: PBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function EC_POINT_set_affine_coordinates_GFp(const group: PEC_GROUP; p: PEC_POINT; const x: PBIGNUM; const y: PBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function EC_POINT_get_affine_coordinates_GFp(const group: PEC_GROUP; const p: PEC_POINT; x: PBIGNUM; y: PBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function EC_POINT_set_compressed_coordinates(const group: PEC_GROUP; p: PEC_POINT; x: PBIGNUM; y_bit: TIdC_INT; ctx: PBN_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function EC_POINT_set_compressed_coordinates_GFp(const group: PEC_GROUP; p: PEC_POINT; const x: PBIGNUM; y_bit: TIdC_INT; ctx: PBN_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function EC_POINT_set_affine_coordinates_GF2m(const group: PEC_GROUP; p: PEC_POINT; const x: PBIGNUM; const y: PBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function EC_POINT_get_affine_coordinates_GF2m(const group: PEC_GROUP; p: PEC_POINT; x: PBIGNUM; y: PBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function EC_POINT_set_compressed_coordinates_GF2m(const group: PEC_GROUP; p: PEC_POINT; const x: PBIGNUM; y_bit: TIdC_INT; ctx: PBN_CTX): TIdC_INT cdecl; external CLibCrypto;
+
+  function EC_POINT_point2oct(const group: PEC_GROUP; const p: PEC_POINT; form: point_conversion_form_t; buf: PByte; len: TIdC_SIZET; ctx: PBN_CTX): TIdC_SIZET cdecl; external CLibCrypto;
+  function EC_POINT_oct2point(const group: PEC_GROUP; p: PEC_POINT; const buf: PByte; len: TIdC_SIZET; ctx: PBN_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function EC_POINT_point2buf(const group: PEC_GROUP; const point: PEC_POINT; form: point_conversion_form_t; pbuf: PPByte; ctx: PBN_CTX): TIdC_SIZET cdecl; external CLibCrypto;
+  function EC_POINT_point2bn(const group: PEC_GROUP; const p: PEC_POINT; form: point_conversion_form_t; bn: PBIGNUM; ctx: PBN_CTX): PBIGNUM cdecl; external CLibCrypto;
+  function EC_POINT_bn2point(const group: PEC_GROUP; const bn: PBIGNUM; p: PEC_POINT; ctx: PBN_CTX): PEC_POINT cdecl; external CLibCrypto;
+  function EC_POINT_point2hex(const group: PEC_GROUP; const p: PEC_POINT; form: point_conversion_form_t; ctx: PBN_CTX): PIdAnsiChar cdecl; external CLibCrypto;
+  function EC_POINT_hex2point(const group: PEC_GROUP; const buf: PIdAnsiChar; p: PEC_POINT; ctx: PBN_CTX): PEC_POINT cdecl; external CLibCrypto;
+
+  function EC_POINT_add(const group: PEC_GROUP; r: PEC_POINT; const a: PEC_POINT; const b: PEC_POINT; ctx: PBN_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function EC_POINT_dbl(const group: PEC_GROUP; r: PEC_POINT; const a: PEC_POINT; ctx: PBN_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function EC_POINT_invert(const group: PEC_GROUP; a: PEC_POINT; ctx: PBN_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function EC_POINT_is_at_infinity(const group: PEC_GROUP; const p: PEC_POINT): TIdC_INT cdecl; external CLibCrypto;
+  function EC_POINT_is_on_curve(const group: PEC_GROUP; const point: PEC_POINT; ctx: PBN_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function EC_POINT_cmp(const group: PEC_GROUP; const a: PEC_POINT; const b: PEC_POINT; ctx: PBN_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function EC_POINT_make_affine(const group: PEC_GROUP; point: PEC_POINT; ctx: PBN_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function EC_POINTs_make_affine(const group: PEC_METHOD; num: TIdC_SIZET; points: PPEC_POINT; ctx: PBN_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function EC_POINTs_mul(const group: PEC_GROUP; r: PEC_POINT; const n: PBIGNUM; num: TIdC_SIZET; const p: PPEC_POINT; const m: PPBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function EC_POINT_mul(const group: PEC_GROUP; r: PEC_POINT; const n: PBIGNUM; const q: PEC_POINT; const m: PBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl; external CLibCrypto;
+
+  function EC_GROUP_precompute_mult(group: PEC_GROUP; ctx: PBN_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function EC_GROUP_have_precompute_mult(const group: PEC_GROUP): TIdC_INT cdecl; external CLibCrypto;
+
+  function ECPKPARAMETERS_it: PASN1_ITEM cdecl; external CLibCrypto;
+  function ECPKPARAMETERS_new: PECPKPARAMETERS cdecl; external CLibCrypto;
+  procedure ECPKPARAMETERS_free(a: PECPKPARAMETERS) cdecl; external CLibCrypto;
+
+  function ECPARAMETERS_it: PASN1_ITEM cdecl; external CLibCrypto;
+  function ECPARAMETERS_new: PECPARAMETERS cdecl; external CLibCrypto;
+  procedure ECPARAMETERS_free(a: PECPARAMETERS) cdecl; external CLibCrypto;
+
+  function EC_GROUP_get_basis_type(const group: PEC_GROUP): TIdC_INT cdecl; external CLibCrypto;
+  function EC_GROUP_get_trinomial_basis(const group: PEC_GROUP; k: PIdC_UINT): TIdC_INT cdecl; external CLibCrypto;
+  function EC_GROUP_get_pentanomial_basis(const group: PEC_GROUP; k1: PIdC_UINT; k2: PIdC_UINT; k3: PIdC_UINT): TIdC_INT cdecl; external CLibCrypto;
+
+  function d2i_ECPKParameters(group: PPEC_GROUP; const &in: PPByte; len: TIdC_LONG): PEC_GROUP cdecl; external CLibCrypto;
+  function i2d_ECPKParameters(const group: PEC_GROUP; &out: PPByte): TIdC_INT cdecl; external CLibCrypto;
+
+  function ECPKParameters_print(bp: PBIO; const x: PEC_GROUP; off: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+
+  function EC_KEY_new: PEC_KEY cdecl; external CLibCrypto;
+  function EC_KEY_get_flags(const key: PEC_KEY): TIdC_INT cdecl; external CLibCrypto;
+  procedure EC_KEY_set_flags(key: PEC_KEY; flags: TIdC_INT) cdecl; external CLibCrypto;
+  procedure EC_KEY_clear_flags(key: PEC_KEY; flags: TIdC_INT) cdecl; external CLibCrypto;
+  function EC_KEY_new_by_curve_name(nid: TIdC_INT): PEC_KEY cdecl; external CLibCrypto;
+  procedure EC_KEY_free(key: PEC_KEY) cdecl; external CLibCrypto;
+  function EC_KEY_copy(dst: PEC_KEY; const src: PEC_KEY): PEC_KEY cdecl; external CLibCrypto;
+  function EC_KEY_dup(const src: PEC_KEY): PEC_KEY cdecl; external CLibCrypto;
+  function EC_KEY_up_ref(key: PEC_KEY): TIdC_INT cdecl; external CLibCrypto;
+  function EC_KEY_get0_engine(const eckey: PEC_KEY): PENGINE cdecl; external CLibCrypto;
+  function EC_KEY_get0_group(const key: PEC_KEY): PEC_GROUP cdecl; external CLibCrypto;
+  function EC_KEY_set_group(key: PEC_KEY; const group: PEC_GROUP): TIdC_INT cdecl; external CLibCrypto;
+  function EC_KEY_get0_private_key(const key: PEC_KEY): PBIGNUM cdecl; external CLibCrypto;
+  function EC_KEY_set_private_key(const key: PEC_KEY; const prv: PBIGNUM): TIdC_INT cdecl; external CLibCrypto;
+  function EC_KEY_get0_public_key(const key: PEC_KEY): PEC_POINT cdecl; external CLibCrypto;
+  function EC_KEY_set_public_key(key: PEC_KEY; const pub: PEC_POINT): TIdC_INT cdecl; external CLibCrypto;
+  function EC_KEY_get_enc_flags(const key: PEC_KEY): TIdC_UINT cdecl; external CLibCrypto;
+  procedure EC_KEY_set_enc_flags(eckey: PEC_KEY; flags: TIdC_UINT) cdecl; external CLibCrypto;
+  function EC_KEY_get_conv_form(const key: Pec_key_st): point_conversion_form_t cdecl; external CLibCrypto;
+  procedure EC_KEY_set_conv_form(eckey: PEC_KEY; cform: point_conversion_form_t) cdecl; external CLibCrypto;
+  function EC_KEY_set_ex_data(key: PEC_KEY; idx: TIdC_INT; arg: Pointer): TIdC_INT cdecl; external CLibCrypto;
+  function EC_KEY_get_ex_data(const key: PEC_KEY; idx: TIdC_INT): Pointer cdecl; external CLibCrypto;
+  procedure EC_KEY_set_asn1_flag(eckey: PEC_KEY; asn1_flag: TIdC_INT) cdecl; external CLibCrypto;
+  function EC_KEY_precompute_mult(key: PEC_KEY; ctx: PBN_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function EC_KEY_generate_key(key: PEC_KEY): TIdC_INT cdecl; external CLibCrypto;
+  function EC_KEY_check_key(const key: PEC_KEY): TIdC_INT cdecl; external CLibCrypto;
+  function EC_KEY_can_sign(const eckey: PEC_KEY): TIdC_INT cdecl; external CLibCrypto;
+  function EC_KEY_set_public_key_affine_coordinates(key: PEC_KEY; x: PBIGNUM; y: PBIGNUM): TIdC_INT cdecl; external CLibCrypto;
+  function EC_KEY_key2buf(const key: PEC_KEY; form: point_conversion_form_t; pbuf: PPByte; ctx: PBN_CTX): TIdC_SIZET cdecl; external CLibCrypto;
+  function EC_KEY_oct2key(key: PEC_KEY; const buf: PByte; len: TIdC_SIZET; ctx: PBN_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function EC_KEY_oct2priv(key: PEC_KEY; const buf: PByte; len: TIdC_SIZET): TIdC_INT cdecl; external CLibCrypto;
+  function EC_KEY_priv2oct(const key: PEC_KEY; buf: PByte; len: TIdC_SIZET): TIdC_SIZET cdecl; external CLibCrypto;
+  function EC_KEY_priv2buf(const eckey: PEC_KEY; buf: PPByte): TIdC_SIZET cdecl; external CLibCrypto;
+
+  function d2i_ECPrivateKey(key: PPEC_KEY; const &in: PPByte; len: TIdC_LONG): PEC_KEY cdecl; external CLibCrypto;
+  function i2d_ECPrivateKey(key: PEC_KEY; &out: PPByte): TIdC_INT cdecl; external CLibCrypto;
+  function o2i_ECPublicKey(key: PPEC_KEY; const &in: PPByte; len: TIdC_LONG): PEC_KEY cdecl; external CLibCrypto;
+  function i2o_ECPublicKey(const key: PEC_KEY; &out: PPByte): TIdC_INT cdecl; external CLibCrypto;
+
+  function ECParameters_print(bp: PBIO; const key: PEC_KEY): TIdC_INT cdecl; external CLibCrypto;
+  function EC_KEY_print(bp: PBIO; const key: PEC_KEY; off: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+
+  function EC_KEY_OpenSSL: PEC_KEY_METHOD cdecl; external CLibCrypto;
+  function EC_KEY_get_default_method: PEC_KEY_METHOD cdecl; external CLibCrypto;
+  procedure EC_KEY_set_default_method(const meth: PEC_KEY_METHOD) cdecl; external CLibCrypto;
+  function EC_KEY_get_method(const key: PEC_KEY): PEC_KEY_METHOD cdecl; external CLibCrypto;
+  function EC_KEY_set_method(key: PEC_KEY; const meth: PEC_KEY_METHOD): TIdC_INT cdecl; external CLibCrypto;
+  function EC_KEY_new_method(engine: PENGINE): PEC_KEY cdecl; external CLibCrypto;
+
+  function ECDH_KDF_X9_62(&out: PByte; outlen: TIdC_SIZET; const Z: PByte; Zlen: TIdC_SIZET; const sinfo: PByte; sinfolen: TIdC_SIZET; const md: PEVP_MD): TIdC_INT cdecl; external CLibCrypto;
+  function ECDH_compute_key(&out: Pointer; oulen: TIdC_SIZET; const pub_key: PEC_POINT; const ecdh: PEC_KEY; kdf: ECDH_compute_key_KDF): TIdC_INT cdecl; external CLibCrypto;
+
+  function ECDSA_SIG_new: PECDSA_SIG cdecl; external CLibCrypto;
+  procedure ECDSA_SIG_free(sig: PECDSA_SIG) cdecl; external CLibCrypto;
+  function i2d_ECDSA_SIG(const sig: PECDSA_SIG; pp: PPByte): TIdC_INT cdecl; external CLibCrypto;
+  function d2i_ECDSA_SIG(sig: PPECDSA_SIG; const pp: PPByte; len: TIdC_LONG): PECDSA_SIG cdecl; external CLibCrypto;
+  procedure ECDSA_SIG_get0(const sig: PECDSA_SIG; const pr: PPBIGNUM; const ps: PPBIGNUM) cdecl; external CLibCrypto;
+  function ECDSA_SIG_get0_r(const sig: PECDSA_SIG): PBIGNUM cdecl; external CLibCrypto;
+  function ECDSA_SIG_get0_s(const sig: PECDSA_SIG): PBIGNUM cdecl; external CLibCrypto;
+  function ECDSA_SIG_set0(sig: PECDSA_SIG; r: PBIGNUM; s: PBIGNUM): TIdC_INT cdecl; external CLibCrypto;
+  function ECDSA_do_sign(const dgst: PByte; dgst_len: TIdC_INT; eckey: PEC_KEY): PECDSA_SIG cdecl; external CLibCrypto;
+  function ECDSA_do_sign_ex(const dgst: PByte; dgst_len: TIdC_INT; const kinv: PBIGNUM; const rp: PBIGNUM; eckey: PEC_KEY): PECDSA_SIG cdecl; external CLibCrypto;
+  function ECDSA_do_verify(const dgst: PByte; dgst_len: TIdC_INT; const sig: PECDSA_SIG; eckey: PEC_KEY): TIdC_INT cdecl; external CLibCrypto;
+  function ECDSA_sign_setup(eckey: PEC_KEY; ctx: PBN_CTX; kiv: PPBIGNUM; rp: PPBIGNUM): TIdC_INT cdecl; external CLibCrypto;
+  function ECDSA_sign(&type: TIdC_INT; const dgst: PByte; dgstlen: TIdC_INT; sig: PByte; siglen: PIdC_UINT; eckey: PEC_KEY): TIdC_INT cdecl; external CLibCrypto;
+  function ECDSA_sign_ex(&type: TIdC_INT; const dgst: PByte; dgstlen: TIdC_INT; sig: PByte; siglen: PIdC_UINT; const kinv: PBIGNUM; const rp: PBIGNUM; eckey: PEC_KEY): TIdC_INT cdecl; external CLibCrypto;
+  function ECDSA_verify(&type: TIdC_INT; const dgst: PByte; dgstlen: TIdC_INT; const sig: PByte; siglen: TIdC_INT; eckey: PEC_KEY): TIdC_INT cdecl; external CLibCrypto;
+  function ECDSA_size(const eckey: PEC_KEY): TIdC_INT cdecl; external CLibCrypto;
+
+  function EC_KEY_METHOD_new(const meth: PEC_KEY_METHOD): PEC_KEY_METHOD cdecl; external CLibCrypto;
+  procedure EC_KEY_METHOD_free(meth: PEC_KEY_METHOD) cdecl; external CLibCrypto;
+  procedure EC_KEY_METHOD_set_init(meth: PEC_KEY_METHOD; init: EC_KEY_METHOD_init_init; finish: EC_KEY_METHOD_init_finish; copy: EC_KEY_METHOD_init_copy; set_group: EC_KEY_METHOD_init_set_group; set_private: EC_KEY_METHOD_init_set_private; set_public: EC_KEY_METHOD_init_set_public) cdecl; external CLibCrypto;
+  procedure EC_KEY_METHOD_set_keygen(meth: PEC_KEY_METHOD; keygen: EC_KEY_METHOD_keygen_keygen) cdecl; external CLibCrypto;
+  procedure EC_KEY_METHOD_set_compute_key(meth: PEC_KEY_METHOD; ckey: EC_KEY_METHOD_compute_key_ckey) cdecl; external CLibCrypto;
+  procedure EC_KEY_METHOD_set_sign(meth: PEC_KEY_METHOD; sign: EC_KEY_METHOD_sign_sign; sign_setup: EC_KEY_METHOD_sign_sign_setup; sign_sig: EC_KEY_METHOD_sign_sign_sig) cdecl; external CLibCrypto;
+  procedure EC_KEY_METHOD_set_verify(meth: PEC_KEY_METHOD; verify: EC_KEY_METHOD_verify_verify; verify_sig: EC_KEY_METHOD_verify_verify_sig) cdecl; external CLibCrypto;
+
+  procedure EC_KEY_METHOD_get_init(const meth: PEC_KEY_METHOD; pinit: PEC_KEY_METHOD_init_init; pfinish: PEC_KEY_METHOD_init_finish; pcopy: PEC_KEY_METHOD_init_copy; pset_group: PEC_KEY_METHOD_init_set_group; pset_private: PEC_KEY_METHOD_init_set_private; pset_public: PEC_KEY_METHOD_init_set_public) cdecl; external CLibCrypto;
+  procedure EC_KEY_METHOD_get_keygen(const meth: PEC_KEY_METHOD; pkeygen: PEC_KEY_METHOD_keygen_keygen) cdecl; external CLibCrypto;
+  procedure EC_KEY_METHOD_get_compute_key(const meth: PEC_KEY_METHOD; pck: PEC_KEY_METHOD_compute_key_ckey) cdecl; external CLibCrypto;
+  procedure EC_KEY_METHOD_get_sign(const meth: PEC_KEY_METHOD; psign: PEC_KEY_METHOD_sign_sign; psign_setup: PEC_KEY_METHOD_sign_sign_setup; psign_sig: PEC_KEY_METHOD_sign_sign_sig) cdecl; external CLibCrypto;
+  procedure EC_KEY_METHOD_get_verify(const meth: PEC_KEY_METHOD; pverify: PEC_KEY_METHOD_verify_verify; pverify_sig: PEC_KEY_METHOD_verify_verify_sig) cdecl; external CLibCrypto;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ecerr.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ecerr.pas
new file mode 100644
index 000000000..0ceba4530
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ecerr.pas
@@ -0,0 +1,299 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 14:51:27
+
+unit IdOpenSSLHeaders_ecerr;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// ecerr.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+const
+  (*
+   * EC function codes.
+   *)
+  EC_F_BN_TO_FELEM = 224;
+  EC_F_D2I_ECPARAMETERS = 144;
+  EC_F_D2I_ECPKPARAMETERS = 145;
+  EC_F_D2I_ECPRIVATEKEY = 146;
+  EC_F_DO_EC_KEY_PRINT = 221;
+  EC_F_ECDH_CMS_DECRYPT = 238;
+  EC_F_ECDH_CMS_SET_SHARED_INFO = 239;
+  EC_F_ECDH_COMPUTE_KEY = 246;
+  EC_F_ECDH_SIMPLE_COMPUTE_KEY = 257;
+  EC_F_ECDSA_DO_SIGN_EX = 251;
+  EC_F_ECDSA_DO_VERIFY = 252;
+  EC_F_ECDSA_SIGN_EX = 254;
+  EC_F_ECDSA_SIGN_SETUP = 248;
+  EC_F_ECDSA_SIG_NEW = 265;
+  EC_F_ECDSA_VERIFY = 253;
+  EC_F_ECD_ITEM_VERIFY = 270;
+  EC_F_ECKEY_PARAM2TYPE = 223;
+  EC_F_ECKEY_PARAM_DECODE = 212;
+  EC_F_ECKEY_PRIV_DECODE = 213;
+  EC_F_ECKEY_PRIV_ENCODE = 214;
+  EC_F_ECKEY_PUB_DECODE = 215;
+  EC_F_ECKEY_PUB_ENCODE = 216;
+  EC_F_ECKEY_TYPE2PARAM = 220;
+  EC_F_ECPARAMETERS_PRINT = 147;
+  EC_F_ECPARAMETERS_PRINT_FP = 148;
+  EC_F_ECPKPARAMETERS_PRINT = 149;
+  EC_F_ECPKPARAMETERS_PRINT_FP = 150;
+  EC_F_ECP_NISTZ256_GET_AFFINE = 240;
+  EC_F_ECP_NISTZ256_INV_MOD_ORD = 275;
+  EC_F_ECP_NISTZ256_MULT_PRECOMPUTE = 243;
+  EC_F_ECP_NISTZ256_POINTS_MUL = 241;
+  EC_F_ECP_NISTZ256_PRE_COMP_NEW = 244;
+  EC_F_ECP_NISTZ256_WINDOWED_MUL = 242;
+  EC_F_ECX_KEY_OP = 266;
+  EC_F_ECX_PRIV_ENCODE = 267;
+  EC_F_ECX_PUB_ENCODE = 268;
+  EC_F_EC_ASN1_GROUP2CURVE = 153;
+  EC_F_EC_ASN1_GROUP2FIELDID = 154;
+  EC_F_EC_GF2M_MONTGOMERY_POINT_MULTIPLY = 208;
+  EC_F_EC_GF2M_SIMPLE_FIELD_INV = 296;
+  EC_F_EC_GF2M_SIMPLE_GROUP_CHECK_DISCRIMINANT = 159;
+  EC_F_EC_GF2M_SIMPLE_GROUP_SET_CURVE = 195;
+  EC_F_EC_GF2M_SIMPLE_LADDER_POST = 285;
+  EC_F_EC_GF2M_SIMPLE_LADDER_PRE = 288;
+  EC_F_EC_GF2M_SIMPLE_OCT2POINT = 160;
+  EC_F_EC_GF2M_SIMPLE_POINT2OCT = 161;
+  EC_F_EC_GF2M_SIMPLE_POINTS_MUL = 289;
+  EC_F_EC_GF2M_SIMPLE_POINT_GET_AFFINE_COORDINATES = 162;
+  EC_F_EC_GF2M_SIMPLE_POINT_SET_AFFINE_COORDINATES = 163;
+  EC_F_EC_GF2M_SIMPLE_SET_COMPRESSED_COORDINATES = 164;
+  EC_F_EC_GFP_MONT_FIELD_DECODE = 133;
+  EC_F_EC_GFP_MONT_FIELD_ENCODE = 134;
+  EC_F_EC_GFP_MONT_FIELD_INV = 297;
+  EC_F_EC_GFP_MONT_FIELD_MUL = 131;
+  EC_F_EC_GFP_MONT_FIELD_SET_TO_ONE = 209;
+  EC_F_EC_GFP_MONT_FIELD_SQR = 132;
+  EC_F_EC_GFP_MONT_GROUP_SET_CURVE = 189;
+  EC_F_EC_GFP_NISTP224_GROUP_SET_CURVE = 225;
+  EC_F_EC_GFP_NISTP224_POINTS_MUL = 228;
+  EC_F_EC_GFP_NISTP224_POINT_GET_AFFINE_COORDINATES = 226;
+  EC_F_EC_GFP_NISTP256_GROUP_SET_CURVE = 230;
+  EC_F_EC_GFP_NISTP256_POINTS_MUL = 231;
+  EC_F_EC_GFP_NISTP256_POINT_GET_AFFINE_COORDINATES = 232;
+  EC_F_EC_GFP_NISTP521_GROUP_SET_CURVE = 233;
+  EC_F_EC_GFP_NISTP521_POINTS_MUL = 234;
+  EC_F_EC_GFP_NISTP521_POINT_GET_AFFINE_COORDINATES = 235;
+  EC_F_EC_GFP_NIST_FIELD_MUL = 200;
+  EC_F_EC_GFP_NIST_FIELD_SQR = 201;
+  EC_F_EC_GFP_NIST_GROUP_SET_CURVE = 202;
+  EC_F_EC_GFP_SIMPLE_BLIND_COORDINATES = 287;
+  EC_F_EC_GFP_SIMPLE_FIELD_INV = 298;
+  EC_F_EC_GFP_SIMPLE_GROUP_CHECK_DISCRIMINANT = 165;
+  EC_F_EC_GFP_SIMPLE_GROUP_SET_CURVE = 166;
+  EC_F_EC_GFP_SIMPLE_MAKE_AFFINE = 102;
+  EC_F_EC_GFP_SIMPLE_OCT2POINT = 103;
+  EC_F_EC_GFP_SIMPLE_POINT2OCT = 104;
+  EC_F_EC_GFP_SIMPLE_POINTS_MAKE_AFFINE = 137;
+  EC_F_EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES = 167;
+  EC_F_EC_GFP_SIMPLE_POINT_SET_AFFINE_COORDINATES = 168;
+  EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES = 169;
+  EC_F_EC_GROUP_CHECK = 170;
+  EC_F_EC_GROUP_CHECK_DISCRIMINANT = 171;
+  EC_F_EC_GROUP_COPY = 106;
+  EC_F_EC_GROUP_GET_CURVE = 291;
+  EC_F_EC_GROUP_GET_CURVE_GF2M = 172;
+  EC_F_EC_GROUP_GET_CURVE_GFP = 130;
+  EC_F_EC_GROUP_GET_DEGREE = 173;
+  EC_F_EC_GROUP_GET_ECPARAMETERS = 261;
+  EC_F_EC_GROUP_GET_ECPKPARAMETERS = 262;
+  EC_F_EC_GROUP_GET_PENTANOMIAL_BASIS = 193;
+  EC_F_EC_GROUP_GET_TRINOMIAL_BASIS = 194;
+  EC_F_EC_GROUP_NEW = 108;
+  EC_F_EC_GROUP_NEW_BY_CURVE_NAME = 174;
+  EC_F_EC_GROUP_NEW_FROM_DATA = 175;
+  EC_F_EC_GROUP_NEW_FROM_ECPARAMETERS = 263;
+  EC_F_EC_GROUP_NEW_FROM_ECPKPARAMETERS = 264;
+  EC_F_EC_GROUP_SET_CURVE = 292;
+  EC_F_EC_GROUP_SET_CURVE_GF2M = 176;
+  EC_F_EC_GROUP_SET_CURVE_GFP = 109;
+  EC_F_EC_GROUP_SET_GENERATOR = 111;
+  EC_F_EC_GROUP_SET_SEED = 286;
+  EC_F_EC_KEY_CHECK_KEY = 177;
+  EC_F_EC_KEY_COPY = 178;
+  EC_F_EC_KEY_GENERATE_KEY = 179;
+  EC_F_EC_KEY_NEW = 182;
+  EC_F_EC_KEY_NEW_METHOD = 245;
+  EC_F_EC_KEY_OCT2PRIV = 255;
+  EC_F_EC_KEY_PRINT = 180;
+  EC_F_EC_KEY_PRINT_FP = 181;
+  EC_F_EC_KEY_PRIV2BUF = 279;
+  EC_F_EC_KEY_PRIV2OCT = 256;
+  EC_F_EC_KEY_SET_PUBLIC_KEY_AFFINE_COORDINATES = 229;
+  EC_F_EC_KEY_SIMPLE_CHECK_KEY = 258;
+  EC_F_EC_KEY_SIMPLE_OCT2PRIV = 259;
+  EC_F_EC_KEY_SIMPLE_PRIV2OCT = 260;
+  EC_F_EC_PKEY_CHECK = 273;
+  EC_F_EC_PKEY_PARAM_CHECK = 274;
+  EC_F_EC_POINTS_MAKE_AFFINE = 136;
+  EC_F_EC_POINTS_MUL = 290;
+  EC_F_EC_POINT_ADD = 112;
+  EC_F_EC_POINT_BN2POINT = 280;
+  EC_F_EC_POINT_CMP = 113;
+  EC_F_EC_POINT_COPY = 114;
+  EC_F_EC_POINT_DBL = 115;
+  EC_F_EC_POINT_GET_AFFINE_COORDINATES = 293;
+  EC_F_EC_POINT_GET_AFFINE_COORDINATES_GF2M = 183;
+  EC_F_EC_POINT_GET_AFFINE_COORDINATES_GFP = 116;
+  EC_F_EC_POINT_GET_JPROJECTIVE_COORDINATES_GFP = 117;
+  EC_F_EC_POINT_INVERT = 210;
+  EC_F_EC_POINT_IS_AT_INFINITY = 118;
+  EC_F_EC_POINT_IS_ON_CURVE = 119;
+  EC_F_EC_POINT_MAKE_AFFINE = 120;
+  EC_F_EC_POINT_NEW = 121;
+  EC_F_EC_POINT_OCT2POINT = 122;
+  EC_F_EC_POINT_POINT2BUF = 281;
+  EC_F_EC_POINT_POINT2OCT = 123;
+  EC_F_EC_POINT_SET_AFFINE_COORDINATES = 294;
+  EC_F_EC_POINT_SET_AFFINE_COORDINATES_GF2M = 185;
+  EC_F_EC_POINT_SET_AFFINE_COORDINATES_GFP = 124;
+  EC_F_EC_POINT_SET_COMPRESSED_COORDINATES = 295;
+  EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GF2M = 186;
+  EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GFP = 125;
+  EC_F_EC_POINT_SET_JPROJECTIVE_COORDINATES_GFP = 126;
+  EC_F_EC_POINT_SET_TO_INFINITY = 127;
+  EC_F_EC_PRE_COMP_NEW = 196;
+  EC_F_EC_SCALAR_MUL_LADDER = 284;
+  EC_F_EC_WNAF_MUL = 187;
+  EC_F_EC_WNAF_PRECOMPUTE_MULT = 188;
+  EC_F_I2D_ECPARAMETERS = 190;
+  EC_F_I2D_ECPKPARAMETERS = 191;
+  EC_F_I2D_ECPRIVATEKEY = 192;
+  EC_F_I2O_ECPUBLICKEY = 151;
+  EC_F_NISTP224_PRE_COMP_NEW = 227;
+  EC_F_NISTP256_PRE_COMP_NEW = 236;
+  EC_F_NISTP521_PRE_COMP_NEW = 237;
+  EC_F_O2I_ECPUBLICKEY = 152;
+  EC_F_OLD_EC_PRIV_DECODE = 222;
+  EC_F_OSSL_ECDH_COMPUTE_KEY = 247;
+  EC_F_OSSL_ECDSA_SIGN_SIG = 249;
+  EC_F_OSSL_ECDSA_VERIFY_SIG = 250;
+  EC_F_PKEY_ECD_CTRL = 271;
+  EC_F_PKEY_ECD_DIGESTSIGN = 272;
+  EC_F_PKEY_ECD_DIGESTSIGN25519 = 276;
+  EC_F_PKEY_ECD_DIGESTSIGN448 = 277;
+  EC_F_PKEY_ECX_DERIVE = 269;
+  EC_F_PKEY_EC_CTRL = 197;
+  EC_F_PKEY_EC_CTRL_STR = 198;
+  EC_F_PKEY_EC_DERIVE = 217;
+  EC_F_PKEY_EC_INIT = 282;
+  EC_F_PKEY_EC_KDF_DERIVE = 283;
+  EC_F_PKEY_EC_KEYGEN = 199;
+  EC_F_PKEY_EC_PARAMGEN = 219;
+  EC_F_PKEY_EC_SIGN = 218;
+  EC_F_VALIDATE_ECX_DERIVE = 278;
+
+  (*
+   * EC reason codes.
+   *)
+  EC_R_ASN1_ERROR =   115;
+  EC_R_BAD_SIGNATURE =   156;
+  EC_R_BIGNUM_OUT_OF_RANGE =  144;
+  EC_R_BUFFER_TOO_SMALL =  100;
+  EC_R_CANNOT_INVERT =   165;
+  EC_R_COORDINATES_OUT_OF_RANGE =  146;
+  EC_R_CURVE_DOES_NOT_SUPPORT_ECDH =  160;
+  EC_R_CURVE_DOES_NOT_SUPPORT_SIGNING = 159;
+  EC_R_D2I_ECPKPARAMETERS_FAILURE =  117;
+  EC_R_DECODE_ERROR =   142;
+  EC_R_DISCRIMINANT_IS_ZERO =  118;
+  EC_R_EC_GROUP_NEW_BY_NAME_FAILURE =  119;
+  EC_R_FIELD_TOO_LARGE =  143;
+  EC_R_GF2M_NOT_SUPPORTED =  147;
+  EC_R_GROUP2PKPARAMETERS_FAILURE =  120;
+  EC_R_I2D_ECPKPARAMETERS_FAILURE =  121;
+  EC_R_INCOMPATIBLE_OBJECTS =  101;
+  EC_R_INVALID_ARGUMENT =  112;
+  EC_R_INVALID_COMPRESSED_POINT =  110;
+  EC_R_INVALID_COMPRESSION_BIT =  109;
+  EC_R_INVALID_CURVE =   141;
+  EC_R_INVALID_DIGEST =  151;
+  EC_R_INVALID_DIGEST_TYPE =  138;
+  EC_R_INVALID_ENCODING =  102;
+  EC_R_INVALID_FIELD =   103;
+  EC_R_INVALID_FORM =   104;
+  EC_R_INVALID_GROUP_ORDER =  122;
+  EC_R_INVALID_KEY =   116;
+  EC_R_INVALID_OUTPUT_LENGTH =  161;
+  EC_R_INVALID_PEER_KEY =  133;
+  EC_R_INVALID_PENTANOMIAL_BASIS =  132;
+  EC_R_INVALID_PRIVATE_KEY =  123;
+  EC_R_INVALID_TRINOMIAL_BASIS =  137;
+  EC_R_KDF_PARAMETER_ERROR =  148;
+  EC_R_KEYS_NOT_SET =   140;
+  EC_R_LADDER_POST_FAILURE =  136;
+  EC_R_LADDER_PRE_FAILURE =  153;
+  EC_R_LADDER_STEP_FAILURE =  162;
+  EC_R_MISSING_PARAMETERS =  124;
+  EC_R_MISSING_PRIVATE_KEY =  125;
+  EC_R_NEED_NEW_SETUP_VALUES =  157;
+  EC_R_NOT_A_NIST_PRIME =  135;
+  EC_R_NOT_IMPLEMENTED =  126;
+  EC_R_NOT_INITIALIZED =  111;
+  EC_R_NO_PARAMETERS_SET =  139;
+  EC_R_NO_PRIVATE_VALUE =  154;
+  EC_R_OPERATION_NOT_SUPPORTED =  152;
+  EC_R_PASSED_NULL_PARAMETER =  134;
+  EC_R_PEER_KEY_ERROR =  149;
+  EC_R_PKPARAMETERS2GROUP_FAILURE =  127;
+  EC_R_POINT_ARITHMETIC_FAILURE =  155;
+  EC_R_POINT_AT_INFINITY =  106;
+  EC_R_POINT_COORDINATES_BLIND_FAILURE = 163;
+  EC_R_POINT_IS_NOT_ON_CURVE =  107;
+  EC_R_RANDOM_NUMBER_GENERATION_FAILED = 158;
+  EC_R_SHARED_INFO_ERROR =  150;
+  EC_R_SLOT_FULL =   108;
+  EC_R_UNDEFINED_GENERATOR =  113;
+  EC_R_UNDEFINED_ORDER =  128;
+  EC_R_UNKNOWN_COFACTOR =  164;
+  EC_R_UNKNOWN_GROUP =   129;
+  EC_R_UNKNOWN_ORDER =   114;
+  EC_R_UNSUPPORTED_FIELD =  131;
+  EC_R_WRONG_CURVE_PARAMETERS =  145;
+  EC_R_WRONG_ORDER =   130;
+
+  function ERR_load_EC_strings: TIdC_INT cdecl; external CLibCrypto;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_engine.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_engine.pas
new file mode 100644
index 000000000..6c5273b9f
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_engine.pas
@@ -0,0 +1,718 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 14:51:27
+
+unit IdOpenSSLHeaders_engine;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// engine.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts,
+  IdOpenSSLHeaders_ossl_typ,
+  IdOpenSSLHeaders_ec;
+
+const
+  (*
+   * These flags are used to control combinations of algorithm (methods) by
+   * bitwise "OR"ing.
+   *)
+  ENGINE_METHOD_RSA               = TIdC_UINT($0001);
+  ENGINE_METHOD_DSA               = TIdC_UINT($0002);
+  ENGINE_METHOD_DH                = TIdC_UINT($0004);
+  ENGINE_METHOD_RAND              = TIdC_UINT($0008);
+  ENGINE_METHOD_CIPHERS           = TIdC_UINT($0040);
+  ENGINE_METHOD_DIGESTS           = TIdC_UINT($0080);
+  ENGINE_METHOD_PKEY_METHS        = TIdC_UINT($0200);
+  ENGINE_METHOD_PKEY_ASN1_METHS   = TIdC_UINT($0400);
+  ENGINE_METHOD_EC                = TIdC_UINT($0800);
+  (* Obvious all-or-nothing cases. *)
+  ENGINE_METHOD_ALL               = TIdC_UINT($FFFF);
+  ENGINE_METHOD_NONE              = TIdC_UINT($0000);
+
+  //
+  // This(ese) flag(s) controls behaviour of the ENGINE_TABLE mechanism used
+  // internally to control registration of ENGINE implementations, and can be
+  // set by ENGINE_set_table_flags(). The "NOINIT" flag prevents attempts to
+  // initialise registered ENGINEs if they are not already initialised.
+  //
+  ENGINE_TABLE_FLAG_NOINIT        = TIdC_UINT($0001);
+
+  //
+  // This flag is for ENGINEs that wish to handle the various 'CMD'-related
+  // control commands on their own. Without this flag, ENGINE_ctrl() handles
+  // these control commands on behalf of the ENGINE using their "cmd_defns"
+  // data.
+  //
+  ENGINE_FLAGS_MANUAL_CMD_CTRL    = TIdC_INT($0002);
+
+  //
+  // This flag is for ENGINEs who return new duplicate structures when found
+  // via "ENGINE_by_id()". When an ENGINE must store state (eg. if
+  // ENGINE_ctrl() commands are called in sequence as part of some stateful
+  // process like key-generation setup and execution), it can set this flag -
+  // then each attempt to obtain the ENGINE will result in it being copied intoo
+  // a new structure. Normally, ENGINEs don't declare this flag so
+  // ENGINE_by_id() just increments the existing ENGINE's structural reference
+  // count.
+  //
+  ENGINE_FLAGS_BY_ID_COPY         = TIdC_INT($0004);
+
+  //
+  // This flag if for an ENGINE that does not want its methods registered as
+  // part of ENGINE_register_all_complete() for example if the methods are not
+  // usable as default methods.
+  //
+
+  ENGINE_FLAGS_NO_REGISTER_ALL    = TIdC_INT($0008);
+
+  //
+  // ENGINEs can support their own command types, and these flags are used in
+  // ENGINE_CTRL_GET_CMD_FLAGS to indicate to the caller what kind of input
+  // each command expects. Currently only numeric and string input is
+  // supported. If a control command supports none of the _NUMERIC, _STRING, or
+  // _NO_INPUT options, then it is regarded as an "internal" control command -
+  // and not for use in config setting situations. As such, they're not
+  // available to the ENGINE_ctrl_cmd_string() function, only raw ENGINE_ctrl()
+  // access. Changes to this list of 'command types' should be reflected
+  // carefully in ENGINE_cmd_is_executable() and ENGINE_ctrl_cmd_string().
+  //
+
+  // accepts a 'long' input value (3rd parameter to ENGINE_ctrl) */
+  ENGINE_CMD_FLAG_NUMERIC         = TIdC_UINT($0001);
+  //
+  // accepts string input (cast from 'void*' to 'const char *', 4th parameter
+  // to ENGINE_ctrl)
+  //
+  ENGINE_CMD_FLAG_STRING          = TIdC_UINT($0002);
+  //
+  // Indicates that the control command takes *no* input. Ie. the control
+  // command is unparameterised.
+  //
+  ENGINE_CMD_FLAG_NO_INPUT        = TIdC_UINT($0004);
+  //
+  // Indicates that the control command is internal. This control command won't
+  // be shown in any output, and is only usable through the ENGINE_ctrl_cmd()
+  // function.
+  //
+  ENGINE_CMD_FLAG_INTERNAL        = TIdC_UINT($0008);
+
+  //
+  // NB: These 3 control commands are deprecated and should not be used.
+  // ENGINEs relying on these commands should compile conditional support for
+  // compatibility (eg. if these symbols are defined) but should also migrate
+  // the same functionality to their own ENGINE-specific control functions that
+  // can be "discovered" by calling applications. The fact these control
+  // commands wouldn't be "executable" (ie. usable by text-based config)
+  // doesn't change the fact that application code can find and use them
+  // without requiring per-ENGINE hacking.
+  //
+
+  //
+  // These flags are used to tell the ctrl function what should be done. All
+  // command numbers are shared between all engines, even if some don't make
+  // sense to some engines.  In such a case, they do nothing but return the
+  // error ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED.
+  //
+  ENGINE_CTRL_SET_LOGSTREAM              = 1;
+  ENGINE_CTRL_SET_PASSWORD_CALLBACK      = 2;
+  ENGINE_CTRL_HUP                        = 3;// Close and reinitialise
+                                             // any handles/connections
+                                             // etc.
+  ENGINE_CTRL_SET_USER_INTERFACE         = 4;// Alternative to callback
+  ENGINE_CTRL_SET_CALLBACK_DATA          = 5;// User-specific data, used
+                                             // when calling the password
+                                             // callback and the user
+                                             // interface
+  ENGINE_CTRL_LOAD_CONFIGURATION         = 6;// Load a configuration,
+                                             // given a string that
+                                             // represents a file name
+                                             // or so
+  ENGINE_CTRL_LOAD_SECTION               = 7;// Load data from a given
+                                             // section in the already
+                                             // loaded configuration
+
+  //
+  // These control commands allow an application to deal with an arbitrary
+  // engine in a dynamic way. Warn: Negative return values indicate errors FOR
+  // THESE COMMANDS because zero is used to indicate 'end-of-list'. Other
+  // commands, including ENGINE-specific command types, return zero for an
+  // error. An ENGINE can choose to implement these ctrl functions, and can
+  // internally manage things however it chooses - it does so by setting the
+  // ENGINE_FLAGS_MANUAL_CMD_CTRL flag (using ENGINE_set_flags()). Otherwise
+  // the ENGINE_ctrl() code handles this on the ENGINE's behalf using the
+  // cmd_defns data (set using ENGINE_set_cmd_defns()). This means an ENGINE's
+  // ctrl() handler need only implement its own commands - the above "meta"
+  // commands will be taken care of.
+  //
+
+  //
+  // Returns non-zero if the supplied ENGINE has a ctrl() handler. If "not",
+  // then all the remaining control commands will return failure, so it is
+  // worth checking this first if the caller is trying to "discover" the
+  // engine's capabilities and doesn't want errors generated unnecessarily.
+  //
+  ENGINE_CTRL_HAS_CTRL_FUNCTION          = 10;
+  //
+  // Returns a positive command number for the first command supported by the
+  // engine. Returns zero if no ctrl commands are supported.
+  //
+  ENGINE_CTRL_GET_FIRST_CMD_TYPE         = 11;
+  //
+  // The 'long' argument specifies a command implemented by the engine, and the
+  // return value is the next command supported, or zero if there are no more.
+  //
+  ENGINE_CTRL_GET_NEXT_CMD_TYPE          = 12;
+  //
+  // The 'void*' argument is a command name (cast from 'const char *'), and the
+  // return value is the command that corresponds to it.
+  //
+  ENGINE_CTRL_GET_CMD_FROM_NAME          = 13;
+  //
+  // The next two allow a command to be converted into its corresponding string
+  // form. In each case, the 'long' argument supplies the command. In the
+  // NAME_LEN case, the return value is the length of the command name (not
+  // counting a trailing EOL). In the NAME case, the 'void*' argument must be a
+  // string buffer large enough, and it will be populated with the name of the
+  // command (WITH a trailing EOL).
+  //
+  ENGINE_CTRL_GET_NAME_LEN_FROM_CMD      = 14;
+  ENGINE_CTRL_GET_NAME_FROM_CMD          = 15;
+  // The next two are similar but give a "short description" of a command. */
+  ENGINE_CTRL_GET_DESC_LEN_FROM_CMD      = 16;
+  ENGINE_CTRL_GET_DESC_FROM_CMD          = 17;
+  //
+  // With this command, the return value is the OR'd combination of
+  // ENGINE_CMD_FLAG_*** values that indicate what kind of input a given
+  // engine-specific ctrl command expects.
+  //
+  ENGINE_CTRL_GET_CMD_FLAGS              = 18;
+
+  //
+  // ENGINE implementations should start the numbering of their own control
+  // commands from this value. (ie. ENGINE_CMD_BASE, ENGINE_CMD_BASE += 1, etc).
+  //
+  ENGINE_CMD_BASE                        = 200;
+
+  //
+  // NB: These 2 nCipher "chil" control commands are deprecated, and their
+  // functionality is now available through ENGINE-specific control commands
+  // (exposed through the above-mentioned 'CMD'-handling). Code using these 2
+  // commands should be migrated to the more general command handling before
+  // these are removed.
+  //
+
+  // Flags specific to the nCipher "chil" engine */
+  ENGINE_CTRL_CHIL_SET_FORKCHECK         = 100;
+  //
+  // Depending on the value of the (long)i argument, this sets or
+  // unsets the SimpleForkCheck flag in the CHIL API to enable or
+  // disable checking and workarounds for applications that fork().
+  //
+  ENGINE_CTRL_CHIL_NO_LOCKING            = 101;
+  //
+  // This prevents the initialisation function from providing mutex
+  // callbacks to the nCipher library.
+  //
+
+type
+  //
+  // If an ENGINE supports its own specific control commands and wishes the
+  // framework to handle the above 'ENGINE_CMD_***'-manipulation commands on
+  // its behalf, it should supply a null-terminated array of ENGINE_CMD_DEFN
+  // entries to ENGINE_set_cmd_defns(). It should also implement a ctrl()
+  // handler that supports the stated commands (ie. the "cmd_num" entries as
+  // described by the array). NB: The array must be ordered in increasing order
+  // of cmd_num. "null-terminated" means that the last ENGINE_CMD_DEFN element
+  // has cmd_num set to zero and/or cmd_name set to NULL.
+  //
+  ENGINE_CMD_DEFN_st = record
+    cmd_num: TIdC_UINT;
+    cmd_name: PIdAnsiChar;
+    cmd_desc: PIdAnsiChar;
+    cmd_flags: TIdC_UINT;
+  end;
+  ENGINE_CMD_DEFN = ENGINE_CMD_DEFN_st;
+  PENGINE_CMD_DEFN = ^ENGINE_CMD_DEFN;
+
+  // Generic function pointer */
+  ENGINE_GEN_FUNC_PTR = function: TIdC_INT; cdecl;
+  // Generic function pointer taking no arguments */
+  ENGINE_GEN_INT_FUNC_PTR = function(v1: PENGINE): TIdC_INT; cdecl;
+  // Specific control function pointer */
+  f = procedure; cdecl;
+  ENGINE_CTRL_FUNC_PTR = function(v1: PENGINE; v2: TIdC_INT; v3: TIdC_LONG; v4: Pointer; v5: f): TIdC_INT; cdecl;
+  // Generic load_key function pointer */
+  ENGINE_LOAD_KEY_PTR = function(v1: PENGINE; const v2: PIdAnsiChar;
+    ui_method: PUI_METHOD; callback_data: Pointer): PEVP_PKEY; cdecl;
+  //ENGINE_SSL_CLIENT_CERT_PTR = function(v1: PENGINE; ssl: PSSL;
+  //  {STACK_OF(X509_NAME) *ca_dn;} pcert: PPX509; pkey: PPEVP_PKEY;
+  //  {STACK_OF(X509) **pother;} ui_method: PUI_METHOD; callback_data: Pointer): TIdC_INT; cdecl;
+
+  //
+  // These callback types are for an ENGINE's handler for cipher and digest logic.
+  // These handlers have these prototypes;
+  //   int foo(ENGINE *e, const EVP_CIPHER **cipher, const int **nids, int nid);
+  //   int foo(ENGINE *e, const EVP_MD **digest, const int **nids, int nid);
+  // Looking at how to implement these handlers in the case of cipher support, if
+  // the framework wants the EVP_CIPHER for 'nid', it will call;
+  //   foo(e, &p_evp_cipher, NULL, nid);    (return zero for failure)
+  // If the framework wants a list of supported 'nid's, it will call;
+  //   foo(e, NULL, &p_nids, 0); (returns number of 'nids' or -1 for error)
+  //
+  //
+  // Returns to a pointer to the array of supported cipher 'nid's. If the
+  // second parameter is non-NULL it is set to the size of the returned array.
+  //
+  ENGINE_CIPHERS_PTR = function(v1: PENGINE; const v2: PPEVP_CIPHER;
+    const v3: PPIdC_INT; v4: TIdC_INT): TIdC_INT; cdecl;
+  ENGINE_DIGESTS_PTR = function(v1: PENGINE; const v2: PPEVP_MD;
+    const v3: PPIdC_INT; v4: TIdC_INT): TIdC_INT; cdecl;
+  ENGINE_PKEY_METHS_PTR = function(v1: PENGINE; v2: PPEVP_PKEY_METHOD;
+    const v3: PPIdC_INT; v4: TIdC_INT): TIdC_INT; cdecl;
+  ENGINE_PKEY_ASN1_METHS_PTR = function(v1: PENGINE; v2: PPEVP_PKEY_ASN1_METHOD;
+    const v3: PPIdC_INT; v4: TIdC_INT): TIdC_INT; cdecl;
+
+  dyn_MEM_malloc_fn = function(v1: TIdC_SIZET; const v2: PIdAnsiChar; v3: TIdC_INT): Pointer; cdecl;
+  dyn_MEM_realloc_fn = function(v1: Pointer; v2: TIdC_SIZET; const v3: PIdAnsiChar; v4: TIdC_INT): Pointer; cdecl;
+  dyn_MEM_free_fn = procedure(v1: Pointer; const v2: PIdAnsiChar; v3: TIdC_INT); cdecl;
+
+  st_dynamic_MEM_fns = record
+    malloc_fn: dyn_MEM_malloc_fn;
+    realloc_fn: dyn_MEM_realloc_fn;
+    free_fn: dyn_MEM_free_fn;
+  end;
+  dynamic_MEM_fns = st_dynamic_MEM_fns;
+  
+  //*
+  // * FIXME: Perhaps the memory and locking code (crypto.h) should declare and
+  // * use these types so we (and any other dependent code) can simplify a bit??
+  // */
+  //* The top-level structure */
+  st_dynamic_fns = record
+    static_state: Pointer;
+    mem_fns: dynamic_MEM_fns;
+  end;
+  dynamic_fns = st_dynamic_fns;
+
+  //*
+  // * The version checking function should be of this prototype. NB: The
+  // * ossl_version value passed in is the OSSL_DYNAMIC_VERSION of the loading
+  // * code. If this function returns zero, it indicates a (potential) version
+  // * incompatibility and the loaded library doesn't believe it can proceed.
+  // * Otherwise, the returned value is the (latest) version supported by the
+  // * loading library. The loader may still decide that the loaded code's
+  // * version is unsatisfactory and could veto the load. The function is
+  // * expected to be implemented with the symbol name "v_check", and a default
+  // * implementation can be fully instantiated with
+  // * IMPLEMENT_DYNAMIC_CHECK_FN().
+  // */
+  dynamic_v_check_fn = function(ossl_version: TIdC_ULONG): TIdC_ULONG; cdecl;
+  //# define IMPLEMENT_DYNAMIC_CHECK_FN() \
+  //        OPENSSL_EXPORT unsigned long v_check(unsigned long v); \
+  //        OPENSSL_EXPORT unsigned long v_check(unsigned long v) { \
+  //                if (v >= OSSL_DYNAMIC_OLDEST) return OSSL_DYNAMIC_VERSION; \
+  //                return 0; }
+
+  //*
+  // * This function is passed the ENGINE structure to initialise with its own
+  // * function and command settings. It should not adjust the structural or
+  // * functional reference counts. If this function returns zero, (a) the load
+  // * will be aborted, (b) the previous ENGINE state will be memcpy'd back onto
+  // * the structure, and (c) the shared library will be unloaded. So
+  // * implementations should do their own internal cleanup in failure
+  // * circumstances otherwise they could leak. The 'id' parameter, if non-NULL,
+  // * represents the ENGINE id that the loader is looking for. If this is NULL,
+  // * the shared library can choose to return failure or to initialise a
+  // * 'default' ENGINE. If non-NULL, the shared library must initialise only an
+  // * ENGINE matching the passed 'id'. The function is expected to be
+  // * implemented with the symbol name "bind_engine". A standard implementation
+  // * can be instantiated with IMPLEMENT_DYNAMIC_BIND_FN(fn) where the parameter
+  // * 'fn' is a callback function that populates the ENGINE structure and
+  // * returns an int value (zero for failure). 'fn' should have prototype;
+  // * [static] int fn(ENGINE *e, const char *id);
+  // */
+  dynamic_bind_engine = function(e: PENGINE; const id: PIdAnsiChar;
+    const fns: dynamic_fns): TIdC_INT; cdecl;
+
+  //
+  // STRUCTURE functions ... all of these functions deal with pointers to
+  // ENGINE structures where the pointers have a "structural reference". This
+  // means that their reference is to allowed access to the structure but it
+  // does not imply that the structure is functional. To simply increment or
+  // decrement the structural reference count, use ENGINE_by_id and
+  // ENGINE_free. NB: This is not required when iterating using ENGINE_get_next
+  // as it will automatically decrement the structural reference count of the
+  // "current" ENGINE and increment the structural reference count of the
+  // ENGINE it returns (unless it is NULL).
+  //
+  // Get the first/last "ENGINE" type available. */
+  function ENGINE_get_first: PENGINE cdecl; external CLibCrypto;
+  function ENGINE_get_last: PENGINE cdecl; external CLibCrypto;
+  function ENGINE_get_next(e: PENGINE): PENGINE cdecl; external CLibCrypto;
+  function ENGINE_get_prev(e: PENGINE): PENGINE cdecl; external CLibCrypto;
+  function ENGINE_add(e: PENGINE): TIdC_INT cdecl; external CLibCrypto;
+  function ENGINE_remove(e: PENGINE): TIdC_INT cdecl; external CLibCrypto;
+  function ENGINE_by_id(const id: PIdAnsiChar): PENGINE cdecl; external CLibCrypto;
+
+  procedure ENGINE_load_builtin_engines cdecl; external CLibCrypto;
+
+  //
+  // Get and set global flags (ENGINE_TABLE_FLAG_***) for the implementation
+  // "registry" handling.
+  //
+  function ENGINE_get_table_flags: TIdC_UINT cdecl; external CLibCrypto;
+  procedure ENGINE_set_table_flags(flags: TIdC_UINT) cdecl; external CLibCrypto;
+
+  //- Manage registration of ENGINEs per "table". For each type, there are 3
+  // functions;
+  //   ENGINE_register_***(e) - registers the implementation from 'e' (if it has one)
+  //   ENGINE_unregister_***(e) - unregister the implementation from 'e'
+  //   ENGINE_register_all_***() - call ENGINE_register_***() for each 'e' in the list
+  // Cleanup is automatically registered from each table when required.
+  //
+
+  function ENGINE_register_RSA(e: PENGINE): TIdC_INT cdecl; external CLibCrypto;
+  procedure ENGINE_unregister_RSA(e: PENGINE) cdecl; external CLibCrypto;
+  procedure ENGINE_register_all_RSA cdecl; external CLibCrypto;
+
+  function ENGINE_register_DSA(e: PENGINE): TIdC_INT cdecl; external CLibCrypto;
+  procedure ENGINE_unregister_DSA(e: PENGINE) cdecl; external CLibCrypto;
+  procedure ENGINE_register_all_DSA cdecl; external CLibCrypto;
+
+  function ENGINE_register_EC(e: PENGINE): TIdC_INT cdecl; external CLibCrypto;
+  procedure ENGINE_unregister_EC(e: PENGINE) cdecl; external CLibCrypto;
+  procedure ENGINE_register_all_EC cdecl; external CLibCrypto;
+
+  function ENGINE_register_DH(e: PENGINE): TIdC_INT cdecl; external CLibCrypto;
+  procedure ENGINE_unregister_DH(e: PENGINE) cdecl; external CLibCrypto;
+  procedure ENGINE_register_all_DH cdecl; external CLibCrypto;
+
+  function ENGINE_register_RAND(e: PENGINE): TIdC_INT cdecl; external CLibCrypto;
+  procedure ENGINE_unregister_RAND(e: PENGINE) cdecl; external CLibCrypto;
+  procedure ENGINE_register_all_RAND cdecl; external CLibCrypto;
+
+  function ENGINE_register_ciphers(e: PENGINE): TIdC_INT cdecl; external CLibCrypto;
+  procedure ENGINE_unregister_ciphers(e: PENGINE) cdecl; external CLibCrypto;
+  procedure ENGINE_register_all_ciphers cdecl; external CLibCrypto;
+
+  function ENGINE_register_digests(e: PENGINE): TIdC_INT cdecl; external CLibCrypto;
+  procedure ENGINE_unregister_digests(e: PENGINE) cdecl; external CLibCrypto;
+  procedure ENGINE_register_all_digests cdecl; external CLibCrypto;
+
+  function ENGINE_register_pkey_meths(e: PENGINE): TIdC_INT cdecl; external CLibCrypto;
+  procedure ENGINE_unregister_pkey_meths(e: PENGINE) cdecl; external CLibCrypto;
+  procedure ENGINE_register_all_pkey_meths cdecl; external CLibCrypto;
+
+  function ENGINE_register_pkey_asn1_meths(e: PENGINE): TIdC_INT cdecl; external CLibCrypto;
+  procedure ENGINE_unregister_pkey_asn1_meths(e: PENGINE) cdecl; external CLibCrypto;
+  procedure ENGINE_register_all_pkey_asn1_meths cdecl; external CLibCrypto;
+
+  //
+  // These functions register all support from the above categories. Note, use
+  // of these functions can result in static linkage of code your application
+  // may not need. If you only need a subset of functionality, consider using
+  // more selective initialisation.
+  //
+  function ENGINE_register_complete(e: PENGINE): TIdC_INT cdecl; external CLibCrypto;
+  function ENGINE_register_all_complete: TIdC_INT cdecl; external CLibCrypto;
+
+  //
+  // Send parameterised control commands to the engine. The possibilities to
+  // send down an integer, a pointer to data or a function pointer are
+  // provided. Any of the parameters may or may not be NULL, depending on the
+  // command number. In actuality, this function only requires a structural
+  // (rather than functional) reference to an engine, but many control commands
+  // may require the engine be functional. The caller should be aware of trying
+  // commands that require an operational ENGINE, and only use functional
+  // references in such situations.
+  //
+  function ENGINE_ctrl(e: PENGINE; cmd: TIdC_INT; i: TIdC_LONG; p: Pointer; v1: f): TIdC_INT cdecl; external CLibCrypto;
+
+  //
+  // This function tests if an ENGINE-specific command is usable as a
+  // "setting". Eg. in an application's config file that gets processed through
+  // ENGINE_ctrl_cmd_string(). If this returns zero, it is not available to
+  // ENGINE_ctrl_cmd_string(), only ENGINE_ctrl().
+  //
+  function ENGINE_cmd_is_executable(e: PENGINE; cmd: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+
+  //
+  // This function works like ENGINE_ctrl() with the exception of taking a
+  // command name instead of a command number, and can handle optional
+  // commands. See the comment on ENGINE_ctrl_cmd_string() for an explanation
+  // on how to use the cmd_name and cmd_optional.
+  //
+  function ENGINE_ctrl_cmd(e: PENGINE; const cmd_name: PIdAnsiChar; i: TIdC_LONG; p: Pointer; v1: f; cmd_optional: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+
+  //
+  // This function passes a command-name and argument to an ENGINE. The
+  // cmd_name is converted to a command number and the control command is
+  // called using 'arg' as an argument (unless the ENGINE doesn't support such
+  // a command, in which case no control command is called). The command is
+  // checked for input flags, and if necessary the argument will be converted
+  // to a numeric value. If cmd_optional is non-zero, then if the ENGINE
+  // doesn't support the given cmd_name the return value will be success
+  // anyway. This function is intended for applications to use so that users
+  // (or config files) can supply engine-specific config data to the ENGINE at
+  // run-time to control behaviour of specific engines. As such, it shouldn't
+  // be used for calling ENGINE_ctrl() functions that return data, deal with
+  // binary data, or that are otherwise supposed to be used directly through
+  // ENGINE_ctrl() in application code. Any "return" data from an ENGINE_ctrl()
+  // operation in this function will be lost - the return value is interpreted
+  // as failure if the return value is zero, success otherwise, and this
+  // function returns a boolean value as a result. In other words, vendors of
+  // 'ENGINE'-enabled devices should write ENGINE implementations with
+  // parameterisations that work in this scheme, so that compliant ENGINE-based
+  // applications can work consistently with the same configuration for the
+  // same ENGINE-enabled devices, across applications.
+  //
+  function ENGINE_ctrl_cmd_string(e: PENGINE; const cmd_name: PIdAnsiChar; const arg: PIdAnsiChar; cmd_optional: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+
+  //
+  // These functions are useful for manufacturing new ENGINE structures. They
+  // don't address reference counting at all - one uses them to populate an
+  // ENGINE structure with personalised implementations of things prior to
+  // using it directly or adding it to the builtin ENGINE list in OpenSSL.
+  // These are also here so that the ENGINE structure doesn't have to be
+  // exposed and break binary compatibility!
+  //
+  function ENGINE_new: PENGINE cdecl; external CLibCrypto;
+  function ENGINE_free(e: PENGINE): TIdC_INT cdecl; external CLibCrypto;
+  function ENGINE_up_ref(e: PENGINE): TIdC_INT cdecl; external CLibCrypto;
+  function ENGINE_set_id(e: PENGINE; const id: PIdAnsiChar): TIdC_INT cdecl; external CLibCrypto;
+  function ENGINE_set_name(e: PENGINE; const name: PIdAnsiChar): TIdC_INT cdecl; external CLibCrypto;
+  function ENGINE_set_RSA(e: PENGINE; const rsa_meth: PRSA_METHOD): TIdC_INT cdecl; external CLibCrypto;
+  function ENGINE_set_DSA(e: PENGINE; const dsa_meth: PDSA_METHOD): TIdC_INT cdecl; external CLibCrypto;
+  function ENGINE_set_EC(e: PENGINE; const ecdsa_meth: PEC_KEY_METHOD): TIdC_INT cdecl; external CLibCrypto;
+  function ENGINE_set_DH(e: PENGINE; const dh_meth: PDH_METHOD): TIdC_INT cdecl; external CLibCrypto;
+  function ENGINE_set_RAND(e: PENGINE; const rand_meth: PRAND_METHOD): TIdC_INT cdecl; external CLibCrypto;
+  function ENGINE_set_destroy_function(e: PENGINE; destroy_f: ENGINE_GEN_INT_FUNC_PTR): TIdC_INT cdecl; external CLibCrypto;
+  function ENGINE_set_init_function(e: PENGINE; init_f: ENGINE_GEN_INT_FUNC_PTR): TIdC_INT cdecl; external CLibCrypto;
+  function ENGINE_set_finish_function(e: PENGINE; finish_f: ENGINE_GEN_INT_FUNC_PTR): TIdC_INT cdecl; external CLibCrypto;
+  function ENGINE_set_ctrl_function(e: PENGINE; ctrl_f: ENGINE_CTRL_FUNC_PTR): TIdC_INT cdecl; external CLibCrypto;
+  function ENGINE_set_load_privkey_function(e: PENGINE; loadpriv_f: ENGINE_LOAD_KEY_PTR): TIdC_INT cdecl; external CLibCrypto;
+  function ENGINE_set_load_pubkey_function(e: PENGINE; loadpub_f: ENGINE_LOAD_KEY_PTR): TIdC_INT cdecl; external CLibCrypto;
+  //function ENGINE_set_load_ssl_client_cert_function(e: PENGINE; loadssl_f: ENGINE_SSL_CLIENT_CERT_PTR): TIdC_INT;
+  function ENGINE_set_ciphers(e: PENGINE; f: ENGINE_CIPHERS_PTR): TIdC_INT cdecl; external CLibCrypto;
+  function ENGINE_set_digests(e: PENGINE; f: ENGINE_DIGESTS_PTR): TIdC_INT cdecl; external CLibCrypto;
+  function ENGINE_set_pkey_meths(e: PENGINE; f: ENGINE_PKEY_METHS_PTR): TIdC_INT cdecl; external CLibCrypto;
+  function ENGINE_set_pkey_asn1_meths(e: PENGINE; f: ENGINE_PKEY_ASN1_METHS_PTR): TIdC_INT cdecl; external CLibCrypto;
+  function ENGINE_set_flags(e: PENGINE; flags: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function ENGINE_set_cmd_defns(e: PENGINE; const defns: PENGINE_CMD_DEFN): TIdC_INT cdecl; external CLibCrypto;
+  // These functions allow control over any per-structure ENGINE data. */
+  //#define ENGINE_get_ex_new_index(l, p, newf, dupf, freef) CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_ENGINE, l, p, newf, dupf, freef)
+  function ENGINE_set_ex_data(e: PENGINE; idx: TIdC_INT; arg: Pointer): TIdC_INT cdecl; external CLibCrypto;
+  function ENGINE_get_ex_data(const e: PENGINE; idx: TIdC_INT): Pointer cdecl; external CLibCrypto;
+
+  //
+  // These return values from within the ENGINE structure. These can be useful
+  // with functional references as well as structural references - it depends
+  // which you obtained. Using the result for functional purposes if you only
+  // obtained a structural reference may be problematic!
+  //
+  function ENGINE_get_id(const e: PENGINE): PIdAnsiChar cdecl; external CLibCrypto;
+  function ENGINE_get_name(const e: PENGINE): PIdAnsiChar cdecl; external CLibCrypto;
+  function ENGINE_get_RSA(const e: PENGINE): PRSA_METHOD cdecl; external CLibCrypto;
+  function ENGINE_get_DSA(const e: PENGINE): PDSA_METHOD cdecl; external CLibCrypto;
+  function ENGINE_get_EC(const e: PENGINE): PEC_METHOD cdecl; external CLibCrypto;
+  function ENGINE_get_DH(const e: PENGINE): PDH_METHOD cdecl; external CLibCrypto;
+  function ENGINE_get_RAND(const e: PENGINE): PRAND_METHOD cdecl; external CLibCrypto;
+  function ENGINE_get_destroy_function(const e: PENGINE): ENGINE_GEN_INT_FUNC_PTR cdecl; external CLibCrypto;
+  function ENGINE_get_init_function(const e: PENGINE): ENGINE_GEN_INT_FUNC_PTR cdecl; external CLibCrypto;
+  function ENGINE_get_finish_function(const e: PENGINE): ENGINE_GEN_INT_FUNC_PTR cdecl; external CLibCrypto;
+  function ENGINE_get_ctrl_function(const e: PENGINE): ENGINE_CTRL_FUNC_PTR cdecl; external CLibCrypto;
+  function ENGINE_get_load_privkey_function(const e: PENGINE): ENGINE_LOAD_KEY_PTR cdecl; external CLibCrypto;
+  function ENGINE_get_load_pubkey_function(const e: PENGINE): ENGINE_LOAD_KEY_PTR cdecl; external CLibCrypto;
+  //function ENGINE_get_ssl_client_cert_function(const e: PENGINE): ENGINE_SSL_CLIENT_CERT_PTR;
+  
+  function ENGINE_get_ciphers(const e: PENGINE): ENGINE_CIPHERS_PTR cdecl; external CLibCrypto;
+  function ENGINE_get_digests(const e: PENGINE): ENGINE_DIGESTS_PTR cdecl; external CLibCrypto;
+  function ENGINE_get_pkey_meths(const e: PENGINE): ENGINE_PKEY_METHS_PTR cdecl; external CLibCrypto;
+  function ENGINE_get_pkey_asn1_meths(const e: PENGINE): ENGINE_PKEY_ASN1_METHS_PTR cdecl; external CLibCrypto;
+  function ENGINE_get_cipher(e: PENGINE; nid: TIdC_INT): PEVP_CIPHER cdecl; external CLibCrypto;
+  function ENGINE_get_digest(e: PENGINE; nid: TIdC_INT): PEVP_MD cdecl; external CLibCrypto;
+  function ENGINE_get_pkey_meth(e: PENGINE; nid: TIdC_INT): PEVP_PKEY_METHOD cdecl; external CLibCrypto;
+  function ENGINE_get_pkey_asn1_meth(e: PENGINE; nid: TIdC_INT): PEVP_PKEY_ASN1_METHOD cdecl; external CLibCrypto;
+  function ENGINE_get_pkey_asn1_meth_str(e: PENGINE; const str: PIdAnsiChar; len: TIdC_INT): PEVP_PKEY_ASN1_METHOD cdecl; external CLibCrypto;
+  function ENGINE_pkey_asn1_find_str(pe: PPENGINE; const str: PIdAnsiChar; len: TIdC_INT): PEVP_PKEY_ASN1_METHOD cdecl; external CLibCrypto;
+  function ENGINE_get_cmd_defns(const e: PENGINE): PENGINE_CMD_DEFN cdecl; external CLibCrypto;
+  function ENGINE_get_flags(const e: PENGINE): TIdC_INT cdecl; external CLibCrypto;
+
+  ///*
+  // * FUNCTIONAL functions. These functions deal with ENGINE structures that
+  // * have (or will) be initialised for use. Broadly speaking, the structural
+  // * functions are useful for iterating the list of available engine types,
+  // * creating new engine types, and other "list" operations. These functions
+  // * actually deal with ENGINEs that are to be used. As such these functions
+  // * can fail (if applicable) when particular engines are unavailable - eg. if
+  // * a hardware accelerator is not attached or not functioning correctly. Each
+  // * ENGINE has 2 reference counts; structural and functional. Every time a
+  // * functional reference is obtained or released, a corresponding structural
+  // * reference is automatically obtained or released too.
+  // */
+
+  ///*
+  // * Initialise a engine type for use (or up its reference count if it's
+  // * already in use). This will fail if the engine is not currently operational
+  // * and cannot initialise.
+  // */
+  function ENGINE_init(e: PENGINE): TIdC_INT cdecl; external CLibCrypto;
+  ///*
+  // * Free a functional reference to a engine type. This does not require a
+  // * corresponding call to ENGINE_free as it also releases a structural
+  // * reference.
+  // */
+  function ENGINE_finish(e: PENGINE): TIdC_INT cdecl; external CLibCrypto;
+
+  ///*
+  // * The following functions handle keys that are stored in some secondary
+  // * location, handled by the engine.  The storage may be on a card or
+  // * whatever.
+  // */
+  function ENGINE_load_private_key(e: PENGINE; const key_id: PIdAnsiChar; ui_method: PUI_METHOD; callback_data: Pointer): PEVP_PKEY cdecl; external CLibCrypto;
+  function ENGINE_load_public_key(e: PENGINE; const key_id: PIdAnsiChar; ui_method: PUI_METHOD; callback_data: Pointer): PEVP_PKEY cdecl; external CLibCrypto;
+  //function ENGINE_load_ssl_client_cert(e: PENGINE; s: PSSL;
+  //  {STACK_OF(X509) *ca_dn;} {STACK_OF(X509) **pother;} ui_method: PUI_METHOD;
+  //  callback_data: Pointer): TIdC_INT;
+
+  ///*
+  // * This returns a pointer for the current ENGINE structure that is (by
+  // * default) performing any RSA operations. The value returned is an
+  // * incremented reference, so it should be free'd (ENGINE_finish) before it is
+  // * discarded.
+  // */
+  function ENGINE_get_default_RSA: PENGINE cdecl; external CLibCrypto;
+  //* Same for the other "methods" */
+  function ENGINE_get_default_DSA: PENGINE cdecl; external CLibCrypto;
+  function ENGINE_get_default_EC: PENGINE cdecl; external CLibCrypto;
+  function ENGINE_get_default_DH: PENGINE cdecl; external CLibCrypto;
+  function ENGINE_get_default_RAND: PENGINE cdecl; external CLibCrypto;
+  ///*
+  // * These functions can be used to get a functional reference to perform
+  // * ciphering or digesting corresponding to "nid".
+  // */
+  function ENGINE_get_cipher_engine(nid: TIdC_INT): PENGINE cdecl; external CLibCrypto;
+  function ENGINE_get_digest_engine(nid: TIdC_INT): PENGINE cdecl; external CLibCrypto;
+  function ENGINE_get_pkey_meth_engine(nid: TIdC_INT): PENGINE cdecl; external CLibCrypto;
+  function ENGINE_get_pkey_asn1_meth_engine(nid: TIdC_INT): PENGINE cdecl; external CLibCrypto;
+  ///*
+  // * This sets a new default ENGINE structure for performing RSA operations. If
+  // * the result is non-zero (success) then the ENGINE structure will have had
+  // * its reference count up'd so the caller should still free their own
+  // * reference 'e'.
+  // */
+  function ENGINE_set_default_RSA(e: PENGINE): TIdC_INT cdecl; external CLibCrypto;
+  function ENGINE_set_default_string(e: PENGINE; const def_list: PIdAnsiChar): TIdC_INT cdecl; external CLibCrypto;
+  // Same for the other "methods"
+  function ENGINE_set_default_DSA(e: PENGINE): TIdC_INT cdecl; external CLibCrypto;
+  function ENGINE_set_default_EC(e: PENGINE): TIdC_INT cdecl; external CLibCrypto;
+  function ENGINE_set_default_DH(e: PENGINE): TIdC_INT cdecl; external CLibCrypto;
+  function ENGINE_set_default_RAND(e: PENGINE): TIdC_INT cdecl; external CLibCrypto;
+  function ENGINE_set_default_ciphers(e: PENGINE): TIdC_INT cdecl; external CLibCrypto;
+  function ENGINE_set_default_digests(e: PENGINE): TIdC_INT cdecl; external CLibCrypto;
+  function ENGINE_set_default_pkey_meths(e: PENGINE): TIdC_INT cdecl; external CLibCrypto;
+  function ENGINE_set_default_pkey_asn1_meths(e: PENGINE): TIdC_INT cdecl; external CLibCrypto;
+
+  ///*
+  // * The combination "set" - the flags are bitwise "OR"d from the
+  // * ENGINE_METHOD_*** defines above. As with the "ENGINE_register_complete()"
+  // * function, this function can result in unnecessary static linkage. If your
+  // * application requires only specific functionality, consider using more
+  // * selective functions.
+  // */
+  function ENGINE_set_default(e: PENGINE; flags: TIdC_ULONG): TIdC_INT cdecl; external CLibCrypto;
+
+  procedure ENGINE_add_conf_module cdecl; external CLibCrypto;
+
+  ///* Deprecated functions ... */
+  ///* int ENGINE_clear_defaults(void); */
+  //
+  //**************************/
+  //* DYNAMIC ENGINE SUPPORT */
+  //**************************/
+  //
+  //* Binary/behaviour compatibility levels */
+  //# define OSSL_DYNAMIC_VERSION            (unsigned long)0x00030000
+  //*
+  // * Binary versions older than this are too old for us (whether we're a loader
+  // * or a loadee)
+  // */
+  //# define OSSL_DYNAMIC_OLDEST             (unsigned long)0x00030000
+  //
+  //*
+  // * When compiling an ENGINE entirely as an external shared library, loadable
+  // * by the "dynamic" ENGINE, these types are needed. The 'dynamic_fns'
+  // * structure type provides the calling application's (or library's) error
+  // * functionality and memory management function pointers to the loaded
+  // * library. These should be used/set in the loaded library code so that the
+  // * loading application's 'state' will be used/changed in all operations. The
+  // * 'static_state' pointer allows the loaded library to know if it shares the
+  // * same static data as the calling application (or library), and thus whether
+  // * these callbacks need to be set or not.
+  // */
+
+
+  //# define IMPLEMENT_DYNAMIC_BIND_FN(fn) \
+  //        OPENSSL_EXPORT \
+  //        int bind_engine(ENGINE *e, const char *id, const dynamic_fns *fns); \
+  //        OPENSSL_EXPORT \
+  //        int bind_engine(ENGINE *e, const char *id, const dynamic_fns *fns) { \
+  //            if (ENGINE_get_static_state() == fns->static_state) goto skip_cbs; \
+  //            CRYPTO_set_mem_functions(fns->mem_fns.malloc_fn, \
+  //                                     fns->mem_fns.realloc_fn, \
+  //                                     fns->mem_fns.free_fn); \
+  //        skip_cbs: \
+  //            if (!fn(e, id)) return 0; \
+  //            return 1; }
+  //
+  //*
+  // * If the loading application (or library) and the loaded ENGINE library
+  // * share the same static data (eg. they're both dynamically linked to the
+  // * same libcrypto.so) we need a way to avoid trying to set system callbacks -
+  // * this would fail, and for the same reason that it's unnecessary to try. If
+  // * the loaded ENGINE has (or gets from through the loader) its own copy of
+  // * the libcrypto static data, we will need to set the callbacks. The easiest
+  // * way to detect this is to have a function that returns a pointer to some
+  // * static data and let the loading application and loaded ENGINE compare
+  // * their respective values.
+  // */
+  function ENGINE_get_static_state: Pointer cdecl; external CLibCrypto;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_engineerr.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_engineerr.pas
new file mode 100644
index 000000000..f29edc147
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_engineerr.pas
@@ -0,0 +1,135 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 14:51:27
+
+unit IdOpenSSLHeaders_engineerr;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// engineerr.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+const
+  (*
+   * ENGINE function codes.
+   *)
+  ENGINE_F_DIGEST_UPDATE = 198;
+  ENGINE_F_DYNAMIC_CTRL = 180;
+  ENGINE_F_DYNAMIC_GET_DATA_CTX = 181;
+  ENGINE_F_DYNAMIC_LOAD = 182;
+  ENGINE_F_DYNAMIC_SET_DATA_CTX = 183;
+  ENGINE_F_ENGINE_ADD = 105;
+  ENGINE_F_ENGINE_BY_ID = 106;
+  ENGINE_F_ENGINE_CMD_IS_EXECUTABLE = 170;
+  ENGINE_F_ENGINE_CTRL = 142;
+  ENGINE_F_ENGINE_CTRL_CMD = 178;
+  ENGINE_F_ENGINE_CTRL_CMD_STRING = 171;
+  ENGINE_F_ENGINE_FINISH = 107;
+  ENGINE_F_ENGINE_GET_CIPHER = 185;
+  ENGINE_F_ENGINE_GET_DIGEST = 186;
+  ENGINE_F_ENGINE_GET_FIRST = 195;
+  ENGINE_F_ENGINE_GET_LAST = 196;
+  ENGINE_F_ENGINE_GET_NEXT = 115;
+  ENGINE_F_ENGINE_GET_PKEY_ASN1_METH = 193;
+  ENGINE_F_ENGINE_GET_PKEY_METH = 192;
+  ENGINE_F_ENGINE_GET_PREV = 116;
+  ENGINE_F_ENGINE_INIT = 119;
+  ENGINE_F_ENGINE_LIST_ADD = 120;
+  ENGINE_F_ENGINE_LIST_REMOVE = 121;
+  ENGINE_F_ENGINE_LOAD_PRIVATE_KEY = 150;
+  ENGINE_F_ENGINE_LOAD_PUBLIC_KEY = 151;
+  ENGINE_F_ENGINE_LOAD_SSL_CLIENT_CERT = 194;
+  ENGINE_F_ENGINE_NEW = 122;
+  ENGINE_F_ENGINE_PKEY_ASN1_FIND_STR = 197;
+  ENGINE_F_ENGINE_REMOVE = 123;
+  ENGINE_F_ENGINE_SET_DEFAULT_STRING = 189;
+  ENGINE_F_ENGINE_SET_ID = 129;
+  ENGINE_F_ENGINE_SET_NAME = 130;
+  ENGINE_F_ENGINE_TABLE_REGISTER = 184;
+  ENGINE_F_ENGINE_UNLOCKED_FINISH = 191;
+  ENGINE_F_ENGINE_UP_REF = 190;
+  ENGINE_F_INT_CLEANUP_ITEM = 199;
+  ENGINE_F_INT_CTRL_HELPER = 172;
+  ENGINE_F_INT_ENGINE_CONFIGURE = 188;
+  ENGINE_F_INT_ENGINE_MODULE_INIT = 187;
+  ENGINE_F_OSSL_HMAC_INIT = 200;
+
+  (*
+   * ENGINE reason codes.
+   *)
+  ENGINE_R_ALREADY_LOADED = 100;
+  ENGINE_R_ARGUMENT_IS_NOT_A_NUMBER = 133;
+  ENGINE_R_CMD_NOT_EXECUTABLE = 134;
+  ENGINE_R_COMMAND_TAKES_INPUT = 135;
+  ENGINE_R_COMMAND_TAKES_NO_INPUT = 136;
+  ENGINE_R_CONFLICTING_ENGINE_ID = 103;
+  ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED = 119;
+  ENGINE_R_DSO_FAILURE = 104;
+  ENGINE_R_DSO_NOT_FOUND = 132;
+  ENGINE_R_ENGINES_SECTION_ERROR = 148;
+  ENGINE_R_ENGINE_CONFIGURATION_ERROR = 102;
+  ENGINE_R_ENGINE_IS_NOT_IN_LIST = 105;
+  ENGINE_R_ENGINE_SECTION_ERROR = 149;
+  ENGINE_R_FAILED_LOADING_PRIVATE_KEY = 128;
+  ENGINE_R_FAILED_LOADING_PUBLIC_KEY = 129;
+  ENGINE_R_FINISH_FAILED = 106;
+  ENGINE_R_ID_OR_NAME_MISSING = 108;
+  ENGINE_R_INIT_FAILED = 109;
+  ENGINE_R_INTERNAL_LIST_ERROR = 110;
+  ENGINE_R_INVALID_ARGUMENT = 143;
+  ENGINE_R_INVALID_CMD_NAME = 137;
+  ENGINE_R_INVALID_CMD_NUMBER = 138;
+  ENGINE_R_INVALID_INIT_VALUE = 151;
+  ENGINE_R_INVALID_STRING = 150;
+  ENGINE_R_NOT_INITIALISED = 117;
+  ENGINE_R_NOT_LOADED = 112;
+  ENGINE_R_NO_CONTROL_FUNCTION = 120;
+  ENGINE_R_NO_INDEX = 144;
+  ENGINE_R_NO_LOAD_FUNCTION = 125;
+  ENGINE_R_NO_REFERENCE = 130;
+  ENGINE_R_NO_SUCH_ENGINE = 116;
+  ENGINE_R_UNIMPLEMENTED_CIPHER = 146;
+  ENGINE_R_UNIMPLEMENTED_DIGEST = 147;
+  ENGINE_R_UNIMPLEMENTED_PUBLIC_KEY_METHOD = 101;
+  ENGINE_R_VERSION_INCOMPATIBILITY = 145;
+
+  function ERR_load_ENGINE_strings: TIdC_INT cdecl; external CLibCrypto;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_err.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_err.pas
new file mode 100644
index 000000000..f2c21cb03
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_err.pas
@@ -0,0 +1,232 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 14:51:27
+
+unit IdOpenSSLHeaders_err;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// err.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts,
+  IdOpenSSLHeaders_ossl_typ;
+
+const
+  ERR_TXT_MALLOCED = $01;
+  ERR_TXT_STRING = $02;
+  ERR_FLAG_MARK = $01;
+  ERR_FLAG_CLEAR = $02;
+
+  ERR_NUM_ERRORS = 16;
+
+//* library */
+  ERR_LIB_SYS =    2;
+  ERR_LIB_BN =    3;
+  ERR_LIB_RSA =    4;
+  ERR_LIB_DH =    5;
+  ERR_LIB_EVP =    6;
+  ERR_LIB_BUF =    7;
+  ERR_LIB_OBJ =    8;
+  ERR_LIB_PEM =    9;
+  ERR_LIB_DSA =    10;
+  ERR_LIB_X509 =    11;
+  // ERR_LIB_METH         12
+  ERR_LIB_ASN1 =    13;
+  ERR_LIB_CONF =    14;
+  ERR_LIB_CRYPTO =   15;
+  ERR_LIB_EC =    16;
+  ERR_LIB_SSL =    20;
+(* #define ERR_LIB_SSL23        21 *)
+(* #define ERR_LIB_SSL2         22 *)
+(* #define ERR_LIB_SSL3         23 *)
+(* #define ERR_LIB_RSAREF       30 *)
+(* #define ERR_LIB_PROXY        31 *)
+  ERR_LIB_BIO =    32;
+  ERR_LIB_PKCS7 =    33;
+  ERR_LIB_X509V3 =   34;
+  ERR_LIB_PKCS12 =   35;
+  ERR_LIB_RAND =    36;
+  ERR_LIB_DSO =    37;
+  ERR_LIB_ENGINE =   38;
+  ERR_LIB_OCSP =    39;
+  ERR_LIB_UI =    40;
+  ERR_LIB_COMP =    41;
+  ERR_LIB_ECDSA =    42;
+  ERR_LIB_ECDH =    43;
+  ERR_LIB_OSSL_STORE =  44;
+  ERR_LIB_FIPS =    45;
+  ERR_LIB_CMS =    46;
+  ERR_LIB_TS =    47;
+  ERR_LIB_HMAC =    48;
+(* # define ERR_LIB_JPAKE       49 *)
+  ERR_LIB_CT =    50;
+  ERR_LIB_ASYNC =    51;
+  ERR_LIB_KDF =    52;
+  ERR_LIB_SM2 =    53;
+  ERR_LIB_USER =    128;
+  
+//* OS functions */
+  SYS_F_FOPEN = 1;
+  SYS_F_CONNECT = 2;
+  SYS_F_GETSERVBYNAME = 3;
+  SYS_F_SOCKET = 4;
+  SYS_F_IOCTLSOCKET = 5;
+  SYS_F_BIND = 6;
+  SYS_F_LISTEN = 7;
+  SYS_F_ACCEPT = 8;
+  SYS_F_WSASTARTUP = 9; (* Winsock stuff *)
+  SYS_F_OPENDIR = 10;
+  SYS_F_FREAD = 11;
+  SYS_F_GETADDRINFO = 12;
+  SYS_F_GETNAMEINFO = 13;
+  SYS_F_SETSOCKOPT = 14;
+  SYS_F_GETSOCKOPT = 15;
+  SYS_F_GETSOCKNAME = 16;
+  SYS_F_GETHOSTBYNAME = 17;
+  SYS_F_FFLUSH = 18;
+  SYS_F_OPEN = 19;
+  SYS_F_CLOSE = 20;
+  SYS_F_IOCTL = 21;
+  SYS_F_STAT = 22;
+  SYS_F_FCNTL = 23;
+  SYS_F_FSTAT = 24;
+
+//* reasons */
+  ERR_R_SYS_LIB = ERR_LIB_SYS; //2
+  ERR_R_BN_LIB = ERR_LIB_BN; //3
+  ERR_R_RSA_LIB = ERR_LIB_RSA; //4
+  ERR_R_DH_LIB = ERR_LIB_DH; //5
+  ERR_R_EVP_LIB = ERR_LIB_EVP; //6
+  ERR_R_BUF_LIB = ERR_LIB_BUF; //7
+  ERR_R_OBJ_LIB = ERR_LIB_OBJ; //8
+  ERR_R_PEM_LIB = ERR_LIB_PEM; //9
+  ERR_R_DSA_LIB = ERR_LIB_DSA; //10
+  ERR_R_X509_LIB = ERR_LIB_X509; //11
+  ERR_R_ASN1_LIB = ERR_LIB_ASN1; //13
+  ERR_R_EC_LIB = ERR_LIB_EC; //16
+  ERR_R_BIO_LIB = ERR_LIB_BIO; //32
+  ERR_R_PKCS7_LIB = ERR_LIB_PKCS7; //33
+  ERR_R_X509V3_LIB = ERR_LIB_X509V3; //34
+  ERR_R_ENGINE_LIB = ERR_LIB_ENGINE; //38
+  ERR_R_UI_LIB = ERR_LIB_UI; //40
+  ERR_R_ECDSA_LIB = ERR_LIB_ECDSA; //42
+  ERR_R_OSSL_STORE_LIB = ERR_LIB_OSSL_STORE; //44
+
+  ERR_R_NESTED_ASN1_ERROR =  58;
+  ERR_R_MISSING_ASN1_EOS =  63;
+
+  //* fatal error */
+  ERR_R_FATAL =  64;
+  ERR_R_MALLOC_FAILURE = (1 or ERR_R_FATAL);
+  ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED = (2 or ERR_R_FATAL);
+  ERR_R_PASSED_NULL_PARAMETER = (3 or ERR_R_FATAL);
+  ERR_R_INTERNAL_ERROR = (4 or ERR_R_FATAL);
+  ERR_R_DISABLED = (5 or ERR_R_FATAL);
+  ERR_R_INIT_FAIL = (6 or ERR_R_FATAL);
+  ERR_R_PASSED_INVALID_ARGUMENT = (7);
+  ERR_R_OPERATION_FAIL = (8 or ERR_R_FATAL);
+
+
+(*
+ * 99 is the maximum possible ERR_R_... code, higher values are reserved for
+ * the individual libraries
+ *)
+
+type
+  err_state_st = record
+    err_flags: array[0..ERR_NUM_ERRORS -1] of TIdC_INT;
+    err_buffer: array[0..ERR_NUM_ERRORS -1] of TIdC_ULONG;
+    err_data: array[0..ERR_NUM_ERRORS -1] of PIdAnsiChar;
+    err_data_flags: array[0..ERR_NUM_ERRORS -1] of TIdC_INT;
+    err_file: array[0..ERR_NUM_ERRORS -1] of PIdAnsiChar;
+    err_line: array[0..ERR_NUM_ERRORS -1] of TIdC_INT;
+    top, bottom: TIdC_INT;
+  end;
+  ERR_STATE = err_state_st;
+  PERR_STATE = ^ERR_STATE;
+
+  ERR_string_data_st = record
+    error: TIdC_ULONG;
+    &string: PIdAnsiChar;
+  end;
+  ERR_STRING_DATA = ERR_string_data_st;
+  PERR_STRING_DATA = ^ERR_STRING_DATA;
+
+  ERR_print_errors_cb_cb = function(str: PIdAnsiChar; len: TIdC_SIZET; u: Pointer): TIdC_INT; cdecl;
+
+// DEFINE_LHASH_OF(ERR_STRING_DATA);
+
+  procedure ERR_put_error(lib: TIdC_INT; func: TIdC_INT; reason: TIdC_INT; &file: PIdAnsiChar; line: TIdC_INT) cdecl; external CLibCrypto;
+  procedure ERR_set_error_data(data: PIdAnsiChar; flags: TIdC_INT) cdecl; external CLibCrypto;
+  
+  function ERR_get_error: TIdC_ULONG cdecl; external CLibCrypto;
+  function ERR_get_error_line(&file: PPIdAnsiChar; line: PIdC_INT): TIdC_ULONG cdecl; external CLibCrypto;
+  function ERR_get_error_line_data(&file: PPIdAnsiChar; line: PIdC_INT; data: PPIdAnsiChar; flags: PIdC_INT): TIdC_ULONG cdecl; external CLibCrypto;
+
+  function ERR_peek_error: TIdC_ULONG cdecl; external CLibCrypto;
+  function ERR_peek_error_line(&file: PPIdAnsiChar; line: PIdC_INT): TIdC_ULONG cdecl; external CLibCrypto;
+  function ERR_peek_error_line_data(&file: PPIdAnsiChar; line: PIdC_INT; data: PPIdAnsiChar; flags: PIdC_INT): TIdC_ULONG cdecl; external CLibCrypto;
+
+  function ERR_peek_last_error: TIdC_ULONG cdecl; external CLibCrypto;
+  function ERR_peek_last_error_line(&file: PPIdAnsiChar; line: PIdC_INT): TIdC_ULONG cdecl; external CLibCrypto;
+  function ERR_peek_last_error_line_data(&file: PPIdAnsiChar; line: PIdC_INT; data: PPIdAnsiChar; flags: PIdC_INT): TIdC_ULONG cdecl; external CLibCrypto;
+
+  procedure ERR_clear_error cdecl; external CLibCrypto;
+  function ERR_error_string(e: TIdC_ULONG; buf: PIdAnsiChar): PIdAnsiChar cdecl; external CLibCrypto;
+  procedure ERR_error_string_n(e: TIdC_ULONG; buf: PIdAnsiChar; len: TIdC_SIZET) cdecl; external CLibCrypto;
+  function ERR_lib_error_string(e: TIdC_ULONG): PIdAnsiChar cdecl; external CLibCrypto;
+  function ERR_func_error_string(e: TIdC_ULONG): PIdAnsiChar cdecl; external CLibCrypto;
+  function ERR_reason_error_string(e: TIdC_ULONG): PIdAnsiChar cdecl; external CLibCrypto;
+  procedure ERR_print_errors_cb(cb: ERR_print_errors_cb_cb; u: Pointer) cdecl; external CLibCrypto;
+
+  procedure ERR_print_errors(bp: PBIO) cdecl; external CLibCrypto;
+  // void ERR_add_error_data(int num, ...);
+  // procedure ERR_add_error_vdata(num: TIdC_INT; args: va_list);
+  function ERR_load_strings(lib: TIdC_INT; str: PERR_STRING_DATA): TIdC_INT cdecl; external CLibCrypto;
+  function ERR_load_strings_const(str: PERR_STRING_DATA): TIdC_INT cdecl; external CLibCrypto;
+  function ERR_unload_strings(lib: TIdC_INT; str: PERR_STRING_DATA): TIdC_INT cdecl; external CLibCrypto;
+  function ERR_load_ERR_strings: TIdC_INT cdecl; external CLibCrypto;
+
+  function ERR_get_state: PERR_STATE cdecl; external CLibCrypto;
+  function ERR_get_next_error_library: TIdC_INT cdecl; external CLibCrypto;
+  function ERR_set_mark: TIdC_INT cdecl; external CLibCrypto;
+  function ERR_pop_to_mark: TIdC_INT cdecl; external CLibCrypto;
+  function ERR_clear_last_mark: TIdC_INT cdecl; external CLibCrypto;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_evp.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_evp.pas
new file mode 100644
index 000000000..85e55e05e
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_evp.pas
@@ -0,0 +1,1341 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 14:51:27
+
+unit IdOpenSSLHeaders_evp;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// evp.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts,
+  IdOpenSSlHeaders_bio,
+  IdOpenSSLHeaders_obj_mac,
+  IdOpenSSlHeaders_ossl_typ;
+
+const
+  EVP_MAX_MD_SIZE = 64; // longest known is SHA512
+  EVP_MAX_KEY_LENGTH = 64;
+  EVP_MAX_IV_LENGTH = 16;
+  EVP_MAX_BLOCK_LENGTH = 32;
+  PKCS5_SALT_LEN = 8;
+  // Default PKCS#5 iteration count
+  PKCS5_DEFAULT_ITER = 2048;
+  EVP_PK_RSA = $0001;
+  EVP_PK_DSA = $0002;
+  EVP_PK_DH  = $0004;
+  EVP_PK_EC = $0008;
+  EVP_PKT_SIGN = $0010;
+  EVP_PKT_ENC = $0020;
+  EVP_PKT_EXCH = $0040;
+  EVP_PKS_RSA = $0100;
+  EVP_PKS_DSA = $0200;
+  EVP_PKS_EC = $0400;
+
+  EVP_PKEY_NONE = NID_undef;
+  EVP_PKEY_RSA = NID_rsaEncryption;
+  EVP_PKEY_RSA2 = NID_rsa;
+  EVP_PKEY_RSA_PSS = NID_rsassaPss;
+  EVP_PKEY_DSA = NID_dsa;
+  EVP_PKEY_DSA1 = NID_dsa_2;
+  EVP_PKEY_DSA2 = NID_dsaWithSHA;
+  EVP_PKEY_DSA3 = NID_dsaWithSHA1;
+  EVP_PKEY_DSA4 = NID_dsaWithSHA1_2;
+  EVP_PKEY_DH = NID_dhKeyAgreement;
+  EVP_PKEY_DHX = NID_dhpublicnumber;
+  EVP_PKEY_EC = NID_X9_62_id_ecPublicKey;
+  EVP_PKEY_SM2 = NID_sm2;
+  EVP_PKEY_HMAC = NID_hmac;
+  EVP_PKEY_CMAC = NID_cmac;
+  EVP_PKEY_SCRYPT = NID_id_scrypt;
+  EVP_PKEY_TLS1_PRF = NID_tls1_prf;
+  EVP_PKEY_HKDF = NID_hkdf;
+  EVP_PKEY_POLY1305 = NID_poly1305;
+  EVP_PKEY_SIPHASH = NID_siphash;
+  EVP_PKEY_X25519 = NID_X25519;
+  EVP_PKEY_ED25519 = NID_ED25519;
+  EVP_PKEY_X448 = NID_X448;
+  EVP_PKEY_ED448 = NID_ED448;
+
+  EVP_PKEY_MO_SIGN = $0001;
+  EVP_PKEY_MO_VERIFY = $0002;
+  EVP_PKEY_MO_ENCRYPT = $0004;
+  EVP_PKEY_MO_DECRYPT = $0008;
+
+// digest can only handle a single block ///
+  EVP_MD_FLAG_ONESHOT = $0001;
+
+// digest is extensible-output function; XOF ///
+
+  EVP_MD_FLAG_XOF = $0002;
+
+// DigestAlgorithmIdentifier flags... ///
+
+  EVP_MD_FLAG_DIGALGID_MASK = $0018;
+
+// NULL or absent parameter accepted. Use NULL ///
+
+  EVP_MD_FLAG_DIGALGID_NULL = $0000;
+
+// NULL or absent parameter accepted. Use NULL for PKCS#1 otherwise absent ///
+
+  EVP_MD_FLAG_DIGALGID_ABSENT = $0008;
+
+// Custom handling via ctrl ///
+
+  EVP_MD_FLAG_DIGALGID_CUSTOM = $0018;
+
+// Note if suitable for use in FIPS mode ///
+
+  EVP_MD_FLAG_FIPS = $0400;
+
+// Digest ctrls ///
+
+  EVP_MD_CTRL_DIGALGID = $1;
+  EVP_MD_CTRL_MICALG = $2;
+  EVP_MD_CTRL_XOF_LEN = $3;
+
+// Minimum Algorithm specific ctrl value ///
+
+  EVP_MD_CTRL_ALG_CTRL = $1000;
+ // not EVP_MD ///
+
+// values for EVP_MD_CTX flags ///
+  EVP_MD_CTX_FLAG_ONESHOT = $0001;
+  EVP_MD_CTX_FLAG_CLEANED = $0002;
+  EVP_MD_CTX_FLAG_REUSE = $0004;
+//
+ // FIPS and pad options are ignored in 1.0.0; definitions are here so we
+ // don't accidentally reuse the values for other purposes.
+ ///
+
+  EVP_MD_CTX_FLAG_NON_FIPS_ALLOW = $0008;
+
+//
+ // The following PAD options are also currently ignored in 1.0.0; digest
+ // parameters are handled through EVP_DigestSign//() and EVP_DigestVerify//()
+ // instead.
+ ///
+  EVP_MD_CTX_FLAG_PAD_MASK = $F0;
+  EVP_MD_CTX_FLAG_PAD_PKCS1 = $00;
+  EVP_MD_CTX_FLAG_PAD_X931 = $10;
+  EVP_MD_CTX_FLAG_PAD_PSS = $20;
+
+  EVP_MD_CTX_FLAG_NO_INIT = $0100;
+//
+ // Some functions such as EVP_DigestSign only finalise copies of internal
+ // contexts so additional data can be included after the finalisation call.
+ // This is inefficient if this functionality is not required: it is disabled
+ // if the following flag is set.
+ ///
+  EVP_MD_CTX_FLAG_FINALISE = $0200;
+
+
+// NOTE: $0400 is reserved for internal usage ///
+// Values for cipher flags ///
+
+// Modes for ciphers ///
+
+  EVP_CIPH_STREAM_CIPHER = $0;
+  EVP_CIPH_ECB_MODE = $1;
+  EVP_CIPHC_MODE = $2;
+  EVP_CIPH_CFB_MODE = $3;
+  EVP_CIPH_OFB_MODE = $4;
+  EVP_CIPH_CTR_MODE = $5;
+  EVP_CIPH_GCM_MODE = $6;
+  EVP_CIPH_CCM_MODE = $7;
+  EVP_CIPH_XTS_MODE = $10001;
+  EVP_CIPH_WRAP_MODE = $10002;
+  EVP_CIPH_OCB_MODE = $10003;
+  EVP_CIPH_MODE = $F0007;
+// Set if variable length cipher ///
+  EVP_CIPH_VARIABLE_LENGTH = $8;
+// Set if the iv handling should be done by the cipher itself ///
+  EVP_CIPH_CUSTOM_IV = $10;
+// Set if the cipher's init() function should be called if key is NULL ///
+  EVP_CIPH_ALWAYS_CALL_INIT = $20;
+// Call ctrl() to init cipher parameters ///
+  EVP_CIPH_CTRL_INIT = $40;
+// Don't use standard key length function ///
+  EVP_CIPH_CUSTOM_KEY_LENGTH = $80;
+// Don't use standard block padding ///
+  EVP_CIPH_NO_PADDING = $100;
+// cipher handles random key generation ///
+  EVP_CIPH_RAND_KEY = $200;
+// cipher has its own additional copying logic ///
+  EVP_CIPH_CUSTOM_COPY = $400;
+// Don't use standard iv length function ///
+  EVP_CIPH_CUSTOM_IV_LENGTH = $800;
+// Allow use default ASN1 get/set iv ///
+  EVP_CIPH_FLAG_DEFAULT_ASN1 = $1000;
+// Buffer length in bits not bytes: CFB1 mode only ///
+  EVP_CIPH_FLAG_LENGTH_BITS = $2000;
+// Note if suitable for use in FIPS mode ///
+  EVP_CIPH_FLAG_FIPS = $4000;
+// Allow non FIPS cipher in FIPS mode ///
+  EVP_CIPH_FLAG_NON_FIPS_ALLOW = $8000;
+//
+ // Cipher handles any and all padding logic as well as finalisation.
+ ///
+  EVP_CIPH_FLAG_CUSTOM_CIPHER = $100000;
+  EVP_CIPH_FLAG_AEAD_CIPHER = $200000;
+  EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK = $400000;
+// Cipher can handle pipeline operations ///
+  EVP_CIPH_FLAG_PIPELINE = $800000;
+
+//
+ // Cipher context flag to indicate we can handle wrap mode: if allowed in
+ // older applications it could overflow buffers.
+ ///
+
+  EVP_CIPHER_CTX_FLAG_WRAP_ALLOW = $1;
+
+// ctrl() values ///
+
+  EVP_CTRL_INIT = $0;
+  EVP_CTRL_SET_KEY_LENGTH = $1;
+  EVP_CTRL_GET_RC2_KEY_BITS = $2;
+  EVP_CTRL_SET_RC2_KEY_BITS = $3;
+  EVP_CTRL_GET_RC5_ROUNDS = $4;
+  EVP_CTRL_SET_RC5_ROUNDS = $5;
+  EVP_CTRL_RAND_KEY = $6;
+  EVP_CTRL_PBE_PRF_NID = $7;
+  EVP_CTRL_COPY = $8;
+  EVP_CTRL_AEAD_SET_IVLEN = $9;
+  EVP_CTRL_AEAD_GET_TAG = $10;
+  EVP_CTRL_AEAD_SET_TAG = $11;
+  EVP_CTRL_AEAD_SET_IV_FIXED = $12;
+  EVP_CTRL_GCM_SET_IVLEN = EVP_CTRL_AEAD_SET_IVLEN;
+  EVP_CTRL_GCM_GET_TAG = EVP_CTRL_AEAD_GET_TAG;
+  EVP_CTRL_GCM_SET_TAG = EVP_CTRL_AEAD_SET_TAG;
+  EVP_CTRL_GCM_SET_IV_FIXED = EVP_CTRL_AEAD_SET_IV_FIXED;
+  EVP_CTRL_GCM_IV_GEN = $13;
+  EVP_CTRL_CCM_SET_IVLEN = EVP_CTRL_AEAD_SET_IVLEN;
+  EVP_CTRL_CCM_GET_TAG = EVP_CTRL_AEAD_GET_TAG;
+  EVP_CTRL_CCM_SET_TAG = EVP_CTRL_AEAD_SET_TAG;
+  EVP_CTRL_CCM_SET_IV_FIXED = EVP_CTRL_AEAD_SET_IV_FIXED;
+  EVP_CTRL_CCM_SET_L = $14;
+  EVP_CTRL_CCM_SET_MSGLEN = $15;
+//
+ // AEAD cipher deduces payload length and returns number of bytes required to
+ // store MAC and eventual padding. Subsequent call to EVP_Cipher even
+ // appends/verifies MAC.
+ ///
+  EVP_CTRL_AEAD_TLS1_AAD = $16;
+// Used by composite AEAD ciphers; no-op in GCM; CCM... ///
+  EVP_CTRL_AEAD_SET_MAC_KEY = $17;
+// Set the GCM invocation field; decrypt only ///
+  EVP_CTRL_GCM_SET_IV_INV = $18;
+
+  EVP_CTRL_TLS1_1_MULTIBLOCK_AAD = $19;
+  EVP_CTRL_TLS1_1_MULTIBLOCK_ENCRYPT = $1a;
+  EVP_CTRL_TLS1_1_MULTIBLOCK_DECRYPT = $1b;
+  EVP_CTRL_TLS1_1_MULTIBLOCK_MAX_BUFSIZE = $1c;
+
+  EVP_CTRL_SSL3_MASTER_SECRET = $1d;
+
+// EVP_CTRL_SET_SBOX takes the PIdAnsiChar// specifying S-boxes///
+  EVP_CTRL_SET_SBOX = $1e;
+//
+// EVP_CTRL_SBOX_USED takes a 'TIdC_SIZET' and 'PIdAnsiChar//'; pointing at a
+// pre-allocated buffer with specified size
+///
+  EVP_CTRL_SBOX_USED = $1f;
+// EVP_CTRL_KEY_MESH takes 'TIdC_SIZET' number of bytes to mesh the key after;
+// 0 switches meshing off
+///
+  EVP_CTRL_KEY_MESH = $20;
+// EVP_CTRL_BLOCK_PADDING_MODE takes the padding mode///
+  EVP_CTRL_BLOCK_PADDING_MODE = $21;
+
+// Set the output buffers to use for a pipelined operation///
+  EVP_CTRL_SET_PIPELINE_OUTPUT_BUFS = $22;
+// Set the input buffers to use for a pipelined operation///
+  EVP_CTRL_SET_PIPELINE_INPUT_BUFS = $23;
+// Set the input buffer lengths to use for a pipelined operation///
+  EVP_CTRL_SET_PIPELINE_INPUT_LENS = $24;
+
+  EVP_CTRL_GET_IVLEN = $25;
+
+// Padding modes///
+  EVP_PADDING_PKCS7 = 1;
+  EVP_PADDING_ISO7816_4 = 2;
+  EVP_PADDING_ANSI923 = 3;
+  EVP_PADDING_ISO10126 = 4;
+  EVP_PADDING_ZERO = 5;
+
+// RFC 5246 defines additional data to be 13 bytes in length///
+  EVP_AEAD_TLS1_AAD_LEN = 13;
+
+// GCM TLS constants///
+// Length of fixed part of IV derived from PRF///
+  EVP_GCM_TLS_FIXED_IV_LEN = 4;
+// Length of explicit part of IV part of TLS records///
+  EVP_GCM_TLS_EXPLICIT_IV_LEN = 8;
+// Length of tag for TLS
+  EVP_GCM_TLS_TAG_LEN = 16;
+
+/// CCM TLS constants ///
+/// Length of fixed part of IV derived from PRF ///
+  EVP_CCM_TLS_FIXED_IV_LEN = 4;
+/// Length of explicit part of IV part of TLS records ///
+  EVP_CCM_TLS_EXPLICIT_IV_LEN = 8;
+/// Total length of CCM IV length for TLS ///
+  EVP_CCM_TLS_IV_LEN = 12;
+/// Length of tag for TLS ///
+  EVP_CCM_TLS_TAG_LEN = 16;
+/// Length of CCM8 tag for TLS ///
+  EVP_CCM8_TLS_TAG_LEN = 8;
+
+/// Length of tag for TLS ///
+  EVP_CHACHAPOLY_TLS_TAG_LEN = 16;
+
+(* Can appear as the outermost AlgorithmIdentifier *)
+  EVP_PBE_TYPE_OUTER = $0;
+(* Is an PRF type OID *)
+  EVP_PBE_TYPE_PRF = $1;
+(* Is a PKCS#5 v2.0 KDF *)
+  EVP_PBE_TYPE_KDF = $2;
+
+  ASN1_PKEY_ALIAS = $1;
+  ASN1_PKEY_DYNAMIC = $2;
+  ASN1_PKEY_SIGPARAM_NULL = $4;
+
+  ASN1_PKEY_CTRL_PKCS7_SIGN = $1;
+  ASN1_PKEY_CTRL_PKCS7_ENCRYPT = $2;
+  ASN1_PKEY_CTRL_DEFAULT_MD_NID = $3;
+  ASN1_PKEY_CTRL_CMS_SIGN = $5;
+  ASN1_PKEY_CTRL_CMS_ENVELOPE = $7;
+  ASN1_PKEY_CTRL_CMS_RI_TYPE = $8;
+
+  ASN1_PKEY_CTRL_SET1_TLS_ENCPT = $9;
+  ASN1_PKEY_CTRL_GET1_TLS_ENCPT = $a;
+
+  EVP_PKEY_OP_UNDEFINED = 0;
+  EVP_PKEY_OP_PARAMGEN = (1 shl 1);
+  EVP_PKEY_OP_KEYGEN = (1 shl 2);
+  EVP_PKEY_OP_SIGN = (1 shl 3);
+  EVP_PKEY_OP_VERIFY = (1 shl 4);
+  EVP_PKEY_OP_VERIFYRECOVER = (1 shl 5);
+  EVP_PKEY_OP_SIGNCTX = (1 shl 6);
+  EVP_PKEY_OP_VERIFYCTX = (1 shl 7);
+  EVP_PKEY_OP_ENCRYPT = (1 shl 8);
+  EVP_PKEY_OP_DECRYPT = (1 shl 9);
+  EVP_PKEY_OP_DERIVE = (1 shl 10);
+
+  EVP_PKEY_OP_TYPE_SIG = EVP_PKEY_OP_SIGN or EVP_PKEY_OP_VERIFY
+    or EVP_PKEY_OP_VERIFYRECOVER or EVP_PKEY_OP_SIGNCTX or EVP_PKEY_OP_VERIFYCTX;
+
+  EVP_PKEY_OP_TYPE_CRYPT = EVP_PKEY_OP_ENCRYPT or EVP_PKEY_OP_DECRYPT;
+
+  EVP_PKEY_OP_TYPE_NOGEN = EVP_PKEY_OP_TYPE_SIG or EVP_PKEY_OP_TYPE_CRYPT or EVP_PKEY_OP_DERIVE;
+
+  EVP_PKEY_OP_TYPE_GEN = EVP_PKEY_OP_PARAMGEN or EVP_PKEY_OP_KEYGEN;
+
+  EVP_PKEY_CTRL_MD = 1;
+  EVP_PKEY_CTRL_PEER_KEY = 2;
+
+  EVP_PKEY_CTRL_PKCS7_ENCRYPT = 3;
+  EVP_PKEY_CTRL_PKCS7_DECRYPT = 4;
+
+  EVP_PKEY_CTRL_PKCS7_SIGN = 5;
+
+  EVP_PKEY_CTRL_SET_MAC_KEY = 6;
+
+  EVP_PKEY_CTRL_DIGESTINIT = 7;
+
+(* Used by GOST key encryption in TLS *)
+  EVP_PKEY_CTRL_SET_IV = 8;
+
+  EVP_PKEY_CTRL_CMS_ENCRYPT = 9;
+  EVP_PKEY_CTRL_CMS_DECRYPT = 10;
+  EVP_PKEY_CTRL_CMS_SIGN = 11;
+
+  EVP_PKEY_CTRL_CIPHER = 12;
+
+  EVP_PKEY_CTRL_GET_MD = 13;
+
+  EVP_PKEY_CTRL_SET_DIGEST_SIZE = 14;
+
+  EVP_PKEY_ALG_CTRL = $1000;
+
+  EVP_PKEY_FLAG_AUTOARGLEN = 2;
+  //
+ // Method handles all operations: don't assume any digest related defaults.
+ //
+  EVP_PKEY_FLAG_SIGCTX_CUSTOM = 4;
+
+type
+  EVP_MD_meth_init = function(ctx: PEVP_MD_CTX): TIdC_INT; cdecl;
+  EVP_MD_meth_update = function(ctx: PEVP_MD_CTX; const data: Pointer;
+    count: TIdC_SIZET): TIdC_INT; cdecl;
+  EVP_MD_meth_final = function(ctx: PEVP_MD_CTX; const md: PByte): TIdC_INT; cdecl;
+  EVP_MD_meth_copy = function(&to: PEVP_MD_CTX; const from: PEVP_MD_CTX): TIdC_INT; cdecl;
+  EVP_MD_meth_cleanup = function(ctx: PEVP_MD_CTX): TIdC_INT; cdecl;
+  EVP_MD_meth_ctrl = function(ctx: PEVP_MD_CTX; cmd: TIdC_INT; p1: TIdC_INT;
+    p2: Pointer): TIdC_INT; cdecl;
+
+  EVP_CIPHER_meth_init = function(ctx: PEVP_CIPHER_CTX; const key: PByte;
+    const iv: PByte; enc: TIdC_SIZET): TIdC_INT; cdecl;
+  EVP_CIPHER_meth_do_cipher = function(ctx: PEVP_CIPHER_CTX; &out: PByte;
+    const &in: PByte; inl: TIdC_SIZET): TIdC_INT; cdecl;
+  EVP_CIPHER_meth_cleanup = function(v1: PEVP_CIPHER_CTX): TIdC_INT; cdecl;
+  EVP_CIPHER_meth_set_asn1_params = function(v1: PEVP_CIPHER_CTX;
+    v2: PASN1_TYPE): TIdC_INT; cdecl;
+  EVP_CIPHER_meth_get_asn1_params = function(v1: PEVP_CIPHER_CTX;
+    v2: PASN1_TYPE): TIdC_INT; cdecl;
+  EVP_CIPHER_meth_ctrl = function(v1: PEVP_CIPHER_CTX; &type: TIdC_INT;
+    arg: TIdC_INT; ptr: Pointer): TIdC_INT; cdecl;
+
+  EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM = record
+    &out: PByte;
+    inp: PByte;
+    len: TIdC_SIZET;
+    interleave: TidC_UINT;
+  end;
+
+  evp_cipher_info_st = record
+    cipher: PEVP_CIPHER;
+    iv: array[0 .. EVP_MAX_IV_LENGTH - 1] of PByte;
+  end;
+  EVP_CIPHER_INFO = evp_cipher_info_st;
+
+  EVP_MD_CTX_update = function(ctx: PEVP_MD_CTX; const data: Pointer; count: TIdC_SIZET): TIdC_INT; cdecl;
+
+  fn = procedure(const ciph: PEVP_CIPHER; const from: PIdAnsiChar; const &to: PIdAnsiChar; x: Pointer); cdecl;
+
+  rsa_st = type Pointer;
+  Prsa_st = ^rsa_st;
+
+  dsa_st = type Pointer;
+
+  Pdsa_st = ^dsa_st;
+
+  dh_st = type Pointer;
+
+  Pdh_st = ^dh_st;
+  ec_key_st = type Pointer;
+
+  Pec_key_st = ^ec_key_st;
+
+  pub_decode = function(pk: PEVP_PKEY; pub: PX509_PUBKEY): TIdC_INT; cdecl;
+  pub_encode = function(pub: PX509_PUBKEY; const pk: PEVP_PKEY): TIdC_INT; cdecl;
+  pub_cmd = function(const a: PEVP_PKEY; const b: PEVP_PKEY): TIdC_INT; cdecl;
+  pub_print = function(&out: PBIO; const pkey: PEVP_PKEY; indent: TIdC_INT; pctx: PASN1_PCTX): TIdC_INT; cdecl;
+  pkey_size = function(const pk: PEVP_PKEY): TIdC_INT; cdecl;
+  pkey_bits = function(const pk: PEVP_PKEY): TIdC_INT; cdecl;
+
+  priv_decode = function(pk: PEVP_PKEY; const p8inf: PKCS8_PRIV_KEY_INFO): TIdC_INT; cdecl;
+  priv_encode = function(p8: PPKCS8_PRIV_KEY_INFO; const pk: PEVP_PKEY): TIdC_INT; cdecl;
+  priv_print = function(&out: PBIO; const pkea: PEVP_PKEY; indent: TIdC_INT; pctx: PASN1_PCTX): TIdC_INT; cdecl;
+
+  param_decode = function(pkey: PEVP_PKEY; const pder: PPByte; derlen: TIdC_INT): TIdC_INT; cdecl;
+  param_encode = function(const pkey: PEVP_PKEY; pder: PPByte): TIdC_INT; cdecl;
+  param_missing = function(const pk: PEVP_PKEY): TIdC_INT; cdecl;
+  param_copy = function(&to: PEVP_PKEY; const from: PEVP_PKEY): TIdC_INT; cdecl;
+  param_cmp = function(const a: PEVP_PKEY; const b: PEVP_PKEY): TIdC_INT; cdecl;
+  param_print = function(&out: PBIO; const pkey: PEVP_PKEY; indent: TIdC_INT; pctx: PASN1_PCTX): TIdC_INT; cdecl;
+
+  pkey_free = procedure(pkey: PEVP_PKEY); cdecl;
+  pkey_ctrl = function(pkey: PEVP_PKEY; op: TIdC_INT; arg1: TIdC_LONG; arg2: Pointer): TIdC_INT; cdecl;
+  item_verify = function(ctx: PEVP_MD_CTX; const it: PASN1_ITEM; asn: Pointer;
+    a: PX509_ALGOR; sig: PASN1_BIT_STRING; pkey: PEVP_PKEY): TIdC_INT; cdecl;
+  item_sign = function(ctx: PEVP_MD_CTX; const it: PASN1_ITEM; asn: Pointer;
+    alg1: PX509_ALGOR; alg2: PX509_ALGOR; sig: PASN1_BIT_STRING): TIdC_INT; cdecl;
+  siginf_set = function(siginf: PX509_SIG_INFO; const alg: PX509_ALGOR; const sig: PASN1_STRING): TIdC_INT; cdecl;
+  pkey_check = function(const pk: PEVP_PKEY): TIdC_INT; cdecl;
+  pkey_pub_check = function(const pk: PEVP_PKEY): TIdC_INT; cdecl;
+  pkey_param_check = function(const pk: PEVP_PKEY): TIdC_INT; cdecl;
+  set_priv_key = function(pk: PEVP_PKEY; const priv: PByte; len: TIdC_SIZET): TIdC_INT; cdecl;
+  set_pub_key = function(pk: PEVP_PKEY; const pub: PByte; len: TIdC_SIZET): TIdC_INT; cdecl;
+  get_priv_key = function(const pk: PEVP_PKEY; priv: PByte; len: PIdC_SIZET): TIdC_INT; cdecl;
+  get_pub_key = function(const pk: PEVP_PKEY; pub: PByte; len: PIdC_SIZET): TIdC_INT; cdecl;
+  pkey_security_bits = function(const pk: PEVP_PKEY): TIdC_INT; cdecl;
+
+  EVP_PKEY_gen_cb = function(ctx: PEVP_PKEY_CTX): TIdC_INT; cdecl;
+//  PEVP_PKEY_gen_cb = ^EVP_PKEY_gen_cb;
+
+  EVP_PKEY_meth_init = function(ctx: PEVP_PKEY_CTX): TIdC_INT; cdecl;
+  PEVP_PKEY_meth_init = ^EVP_PKEY_meth_init;
+  EVP_PKEY_meth_copy_cb = function(dst: PEVP_PKEY_CTX; src: PEVP_PKEY_CTX): TIdC_INT; cdecl;
+  PEVP_PKEY_meth_copy = ^EVP_PKEY_meth_copy_cb;
+  EVP_PKEY_meth_cleanup = procedure(ctx: PEVP_PKEY_CTX); cdecl;
+  PEVP_PKEY_meth_cleanup = ^EVP_PKEY_meth_cleanup;
+  EVP_PKEY_meth_paramgen_init = function(ctx: PEVP_PKEY_CTX): TIdC_INT; cdecl;
+  PEVP_PKEY_meth_paramgen_init = ^EVP_PKEY_meth_paramgen_init;
+  EVP_PKEY_meth_paramgen = function(ctx: PEVP_PKEY_CTX; pkey: PEVP_PKEY): TIdC_INT; cdecl;
+  PEVP_PKEY_meth_paramgen = ^EVP_PKEY_meth_paramgen;
+  EVP_PKEY_meth_keygen_init = function(ctx: PEVP_PKEY_CTX): TIdC_INT; cdecl;
+  PEVP_PKEY_meth_keygen_init = ^EVP_PKEY_meth_keygen_init;
+  EVP_PKEY_meth_keygen = function(ctx: PEVP_PKEY_CTX; pkey: PEVP_PKEY): TIdC_INT; cdecl;
+  PEVP_PKEY_meth_keygen = ^EVP_PKEY_meth_keygen;
+  EVP_PKEY_meth_sign_init = function(ctx: PEVP_PKEY_CTX): TIdC_INT; cdecl;
+  PEVP_PKEY_meth_sign_init = ^EVP_PKEY_meth_sign_init;
+  EVP_PKEY_meth_sign = function(ctx: PEVP_PKEY_CTX; sig: PByte; siglen: TIdC_SIZET;
+    const tbs: PByte; tbslen: TIdC_SIZET): TIdC_INT; cdecl;
+  PEVP_PKEY_meth_sign = ^EVP_PKEY_meth_sign;
+  EVP_PKEY_meth_verify_init = function(ctx: PEVP_PKEY_CTX): TIdC_INT; cdecl;
+  PEVP_PKEY_meth_verify_init = ^EVP_PKEY_meth_verify_init;
+  EVP_PKEY_meth_verify = function(ctx: PEVP_PKEY_CTX; const sig: PByte;
+    siglen: TIdC_SIZET; const tbs: PByte; tbslen: TIdC_SIZET): TIdC_INT; cdecl;
+  PEVP_PKEY_meth_verify = ^EVP_PKEY_meth_verify;
+  EVP_PKEY_meth_verify_recover_init = function(ctx: PEVP_PKEY_CTX): TIdC_INT; cdecl;
+  PEVP_PKEY_meth_verify_recover_init = ^EVP_PKEY_meth_verify_recover_init;
+  EVP_PKEY_meth_verify_recover = function(ctx: PEVP_PKEY_CTX; sig: PByte;
+    siglen: TIdC_SIZET; const tbs: PByte; tbslen: TIdC_SIZET): TIdC_INT; cdecl;
+  PEVP_PKEY_meth_verify_recover = ^EVP_PKEY_meth_verify_recover;
+  EVP_PKEY_meth_signctx_init = function(ctx: PEVP_PKEY_CTX): TIdC_INT; cdecl;
+  PEVP_PKEY_meth_signctx_init = ^EVP_PKEY_meth_signctx_init;
+  EVP_PKEY_meth_signctx = function(ctx: PEVP_PKEY_CTX; sig: Pbyte;
+    siglen: TIdC_SIZET; mctx: PEVP_MD_CTX): TIdC_INT; cdecl;
+  PEVP_PKEY_meth_signctx = ^EVP_PKEY_meth_signctx;
+  EVP_PKEY_meth_verifyctx_init = function(ctx: PEVP_PKEY_CTX; mctx: PEVP_MD_CTX): TIdC_INT; cdecl;
+  PEVP_PKEY_meth_verifyctx_init = ^EVP_PKEY_meth_verifyctx_init;
+  EVP_PKEY_meth_verifyctx = function(ctx: PEVP_PKEY_CTX; const sig: PByte;
+    siglen: TIdC_INT; mctx: PEVP_MD_CTX): TIdC_INT; cdecl;
+  PEVP_PKEY_meth_verifyctx = ^EVP_PKEY_meth_verifyctx;
+  EVP_PKEY_meth_encrypt_init = function(ctx: PEVP_PKEY_CTX): TIdC_INT; cdecl;
+  PEVP_PKEY_meth_encrypt_init = ^EVP_PKEY_meth_encrypt_init;
+  EVP_PKEY_meth_encrypt = function(ctx: PEVP_PKEY_CTX; &out: PByte;
+    outlen: TIdC_SIZET; const &in: PByte): TIdC_INT; cdecl;
+  PEVP_PKEY_meth_encrypt = ^ EVP_PKEY_meth_encrypt;
+  EVP_PKEY_meth_decrypt_init = function(ctx: PEVP_PKEY_CTX): TIdC_INT; cdecl;
+  PEVP_PKEY_meth_decrypt_init = ^EVP_PKEY_meth_decrypt_init;
+  EVP_PKEY_meth_decrypt = function(ctx: PEVP_PKEY_CTX; &out: PByte;
+    outlen: TIdC_SIZET; const &in: PByte; inlen: TIdC_SIZET): TIdC_INT; cdecl;
+  PEVP_PKEY_meth_decrypt = ^EVP_PKEY_meth_decrypt;
+  EVP_PKEY_meth_derive_init = function(ctx: PEVP_PKEY_CTX): TIdC_INT; cdecl;
+  PEVP_PKEY_meth_derive_init = ^EVP_PKEY_meth_derive_init;
+  EVP_PKEY_meth_derive = function(ctx: PEVP_PKEY_CTX; key: PByte; keylen: PIdC_SIZET): TIdC_INT; cdecl;
+  PEVP_PKEY_meth_derive = ^EVP_PKEY_meth_derive;
+  EVP_PKEY_meth_ctrl = function(ctx: PEVP_PKEY_CTX; &type: TIdC_INT; p1: TIdC_INT; p2: Pointer): TIdC_INT; cdecl;
+  PEVP_PKEY_meth_ctrl = ^EVP_PKEY_meth_ctrl;
+  EVP_PKEY_meth_ctrl_str = function(ctx: PEVP_PKEY_CTX; key: PByte; keylen: PIdC_SIZET): TIdC_INT; cdecl;
+  PEVP_PKEY_meth_ctrl_str = ^EVP_PKEY_meth_ctrl_str;
+  EVP_PKEY_meth_digestsign = function(ctx: PEVP_PKEY_CTX; sig: PByte;
+    siglen: PIdC_SIZET; const tbs: PByte; tbslen: TIdC_SIZET): TIdC_INT; cdecl;
+  PEVP_PKEY_meth_digestsign = ^EVP_PKEY_meth_digestsign;
+  EVP_PKEY_meth_digestverify = function(ctx: PEVP_MD_CTX; const sig: PByte;
+    siglen: TIdC_SIZET; const tbs: PByte; tbslen: TIdC_SIZET): TIdC_INT; cdecl;
+  PEVP_PKEY_meth_digestverify = ^EVP_PKEY_meth_digestverify;
+  EVP_PKEY_meth_check = function(pkey: PEVP_PKEY): TIdC_INT; cdecl;
+  PEVP_PKEY_meth_check = ^EVP_PKEY_meth_check;
+  EVP_PKEY_meth_public_check = function(pkey: PEVP_PKEY): TIdC_INT; cdecl;
+  PEVP_PKEY_meth_public_check = ^EVP_PKEY_meth_public_check;
+  EVP_PKEY_meth_param_check = function(pkey: PEVP_PKEY): TIdC_INT; cdecl;
+  PEVP_PKEY_meth_param_check = ^EVP_PKEY_meth_param_check;
+  EVP_PKEY_meth_digest_custom = function(pkey: PEVP_PKEY; mctx: PEVP_MD_CTX): TIdC_INT; cdecl;
+  PEVP_PKEY_meth_digest_custom = ^EVP_PKEY_meth_digest_custom;
+
+  // Password based encryption function
+  EVP_PBE_KEYGEN = function(ctx: PEVP_CIPHER_CTX; const pass: PIdAnsiChar;
+    passlen: TIdC_INT; param: PASN1_TYPE; const cipher: PEVP_CIPHER;
+    const md: PEVP_MD; en_de: TIdC_INT): TIdC_INT; cdecl;
+  PEVP_PBE_KEYGEN = ^EVP_PBE_KEYGEN;
+  PPEVP_PBE_KEYGEN = ^PEVP_PBE_KEYGEN;
+
+{$REGION 'C compiler macros'}
+function EVP_PKEY_assign_RSA(pkey: PEVP_PKEY; rsa: Pointer): TIdC_INT;
+function EVP_PKEY_assign_DSA(pkey: PEVP_PKEY; dsa: Pointer): TIdC_INT;
+function EVP_PKEY_assign_DH(pkey: PEVP_PKEY; dh: Pointer): TIdC_INT;
+function EVP_PKEY_assign_EC_KEY(pkey: PEVP_PKEY; eckey: Pointer): TIdC_INT;
+function EVP_PKEY_assign_SIPHASH(pkey: PEVP_PKEY; shkey: Pointer): TIdC_INT;
+function EVP_PKEY_assign_POLY1305(pkey: PEVP_PKEY; polykey: Pointer): TIdC_INT;
+{$ENDREGION}
+
+  function EVP_MD_meth_new(md_type: TIdC_INT; pkey_type: TIdC_INT): PEVP_MD cdecl; external CLibCrypto;
+  function EVP_MD_meth_dup(const md: PEVP_MD): PEVP_MD cdecl; external CLibCrypto;
+  procedure EVP_MD_meth_free(md: PEVP_MD) cdecl; external CLibCrypto;
+
+  function EVP_MD_meth_set_input_blocksize(md: PEVP_MD; blocksize: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_MD_meth_set_result_size(md: PEVP_MD; resultsize: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_MD_meth_set_app_datasize(md: PEVP_MD; datasize: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_MD_meth_set_flags(md: PEVP_MD; flags: TIdC_ULONG): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_MD_meth_set_init(md: PEVP_MD; init: EVP_MD_meth_init): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_MD_meth_set_update(md: PEVP_MD; update: EVP_MD_meth_update): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_MD_meth_set_final(md: PEVP_MD; &final: EVP_MD_meth_final): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_MD_meth_set_copy(md: PEVP_MD; copy: EVP_MD_meth_copy): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_MD_meth_set_cleanup(md: PEVP_MD; cleanup: EVP_MD_meth_cleanup): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_MD_meth_set_ctrl(md: PEVP_MD; ctrl: EVP_MD_meth_ctrl): TIdC_INT cdecl; external CLibCrypto;
+
+  function EVP_MD_meth_get_input_blocksize(const md: PEVP_MD): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_MD_meth_get_result_size(const md: PEVP_MD): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_MD_meth_get_app_datasize(const md: PEVP_MD): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_MD_meth_get_flags(const md: PEVP_MD): TIdC_ULONG cdecl; external CLibCrypto;
+  function EVP_MD_meth_get_init(const md: PEVP_MD): EVP_MD_meth_init cdecl; external CLibCrypto;
+  function EVP_MD_meth_get_update(const md: PEVP_MD): EVP_MD_meth_update cdecl; external CLibCrypto;
+  function EVP_MD_meth_get_final(const md: PEVP_MD): EVP_MD_meth_final cdecl; external CLibCrypto;
+  function EVP_MD_meth_get_copy(const md: PEVP_MD): EVP_MD_meth_copy cdecl; external CLibCrypto;
+  function EVP_MD_meth_get_cleanup(const md: PEVP_MD): EVP_MD_meth_cleanup cdecl; external CLibCrypto;
+  function EVP_MD_meth_get_ctrl(const md: PEVP_MD): EVP_MD_meth_ctrl cdecl; external CLibCrypto;
+
+  function EVP_CIPHER_meth_new(cipher_type: TIdC_INT; block_size: TIdC_INT; key_len: TIdC_INT): PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_CIPHER_meth_dup(const cipher: PEVP_CIPHER): PEVP_CIPHER cdecl; external CLibCrypto;
+  procedure EVP_CIPHER_meth_free(cipher: PEVP_CIPHER) cdecl; external CLibCrypto;
+
+  function EVP_CIPHER_meth_set_iv_length(cipher: PEVP_CIPHER; iv_len: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_CIPHER_meth_set_flags(cipher: PEVP_CIPHER; flags: TIdC_ULONG): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_CIPHER_meth_set_impl_ctx_size(cipher: PEVP_CIPHER; ctx_size: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_CIPHER_meth_set_init(cipher: PEVP_CIPHER; init: EVP_CIPHER_meth_init): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_CIPHER_meth_set_do_cipher(cipher: PEVP_CIPHER; do_cipher: EVP_CIPHER_meth_do_cipher): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_CIPHER_meth_set_cleanup(cipher: PEVP_CIPHER; cleanup: EVP_CIPHER_meth_cleanup): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_CIPHER_meth_set_set_asn1_params(cipher: PEVP_CIPHER; set_asn1_parameters: EVP_CIPHER_meth_set_asn1_params): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_CIPHER_meth_set_get_asn1_params(cipher: PEVP_CIPHER; get_asn1_parameters: EVP_CIPHER_meth_get_asn1_params): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_CIPHER_meth_set_ctrl(cipher: PEVP_CIPHER; ctrl: EVP_CIPHER_meth_ctrl): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_CIPHER_meth_get_init(const cipher: PEVP_CIPHER): EVP_CIPHER_meth_init cdecl; external CLibCrypto;
+  function EVP_CIPHER_meth_get_do_cipher(const cipher: PEVP_CIPHER): EVP_CIPHER_meth_do_cipher cdecl; external CLibCrypto;
+  function EVP_CIPHER_meth_get_cleanup(const cipher: PEVP_CIPHER): EVP_CIPHER_meth_cleanup cdecl; external CLibCrypto;
+  function EVP_CIPHER_meth_get_set_asn1_params(const cipher: PEVP_CIPHER): EVP_CIPHER_meth_set_asn1_params cdecl; external CLibCrypto;
+  function EVP_CIPHER_meth_get_get_asn1_params(const cipher: PEVP_CIPHER): EVP_CIPHER_meth_get_asn1_params cdecl; external CLibCrypto;
+  function EVP_CIPHER_meth_get_ctrl(const cipher: PEVP_CIPHER): EVP_CIPHER_meth_ctrl cdecl; external CLibCrypto;
+
+  /// Add some extra combinations ///
+  //# define EVP_get_digestbynid(a) EVP_get_digestbyname(OBJ_nid2sn(a));
+  //# define EVP_get_digestbyobj(a) EVP_get_digestbynid(OBJ_obj2nid(a));
+  //# define EVP_get_cipherbynid(a) EVP_get_cipherbyname(OBJ_nid2sn(a));
+  //# define EVP_get_cipherbyobj(a) EVP_get_cipherbynid(OBJ_obj2nid(a));
+
+  function EVP_MD_type(const md: PEVP_MD): TIdC_INT cdecl; external CLibCrypto;
+  //# define EVP_MD_nid(e)                   EVP_MD_type(e)
+  //# define EVP_MD_name(e)                  OBJ_nid2sn(EVP_MD_nid(e))
+  function EVP_MD_pkey_type(const md: PEVP_MD): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_MD_size(const md: PEVP_MD): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_MD_block_size(const md: PEVP_MD): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_MD_flags(const md: PEVP_MD): PIdC_ULONG cdecl; external CLibCrypto;
+
+  function EVP_MD_CTX_md(ctx: PEVP_MD_CTX): PEVP_MD cdecl; external CLibCrypto;
+  function EVP_MD_CTX_update_fn(ctx: PEVP_MD_CTX): EVP_MD_CTX_update cdecl; external CLibCrypto;
+  procedure EVP_MD_CTX_set_update_fn(ctx: PEVP_MD_CTX; update: EVP_MD_CTX_update) cdecl; external CLibCrypto;
+  //  EVP_MD_CTX_size(e)              EVP_MD_size(EVP_MD_CTX_md(e))
+  //  EVP_MD_CTX_block_size(e)        EVP_MD_block_size(EVP_MD_CTX_md(e))
+  //  EVP_MD_CTX_type(e)              EVP_MD_type(EVP_MD_CTX_md(e))
+  function EVP_MD_CTX_pkey_ctx(const ctx: PEVP_MD_CTX): PEVP_PKEY_CTX cdecl; external CLibCrypto;
+  procedure EVP_MD_CTX_set_pkey_ctx(ctx: PEVP_MD_CTX; pctx: PEVP_PKEY_CTX) cdecl; external CLibCrypto;
+  function EVP_MD_CTX_md_data(const ctx: PEVP_MD_CTX): Pointer cdecl; external CLibCrypto;
+
+  function EVP_CIPHER_nid(const ctx: PEVP_MD_CTX): TIdC_INT cdecl; external CLibCrypto;
+  //# define EVP_CIPHER_name(e)              OBJ_nid2sn(EVP_CIPHER_nid(e))
+  function EVP_CIPHER_block_size(const cipher: PEVP_CIPHER): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_CIPHER_impl_ctx_size(const cipher: PEVP_CIPHER): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_CIPHER_key_length(const cipher: PEVP_CIPHER): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_CIPHER_iv_length(const cipher: PEVP_CIPHER): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_CIPHER_flags(const cipher: PEVP_CIPHER): TIdC_ULONG cdecl; external CLibCrypto;
+  //# define EVP_CIPHER_mode(e)              (EVP_CIPHER_flags(e) & EVP_CIPH_MODE)
+
+  function EVP_CIPHER_CTX_cipher(const ctx: PEVP_CIPHER_CTX): PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_CIPHER_CTX_encrypting(const ctx: PEVP_CIPHER_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_CIPHER_CTX_nid(const ctx: PEVP_CIPHER_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_CIPHER_CTX_block_size(const ctx: PEVP_CIPHER_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_CIPHER_CTX_key_length(const ctx: PEVP_CIPHER_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_CIPHER_CTX_iv_length(const ctx: PEVP_CIPHER_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_CIPHER_CTX_iv(const ctx: PEVP_CIPHER_CTX): PByte cdecl; external CLibCrypto;
+  function EVP_CIPHER_CTX_original_iv(const ctx: PEVP_CIPHER_CTX): PByte cdecl; external CLibCrypto;
+  function EVP_CIPHER_CTX_iv_noconst(ctx: PEVP_CIPHER_CTX): PByte cdecl; external CLibCrypto;
+  function EVP_CIPHER_CTX_buf_noconst(ctx: PEVP_CIPHER_CTX): PByte cdecl; external CLibCrypto;
+  function EVP_CIPHER_CTX_num(const ctx: PEVP_CIPHER_CTX): TIdC_INT cdecl; external CLibCrypto;
+  procedure EVP_CIPHER_CTX_set_num(ctx: PEVP_CIPHER_CTX; num: TIdC_INT) cdecl; external CLibCrypto;
+  function EVP_CIPHER_CTX_copy(&out: PEVP_CIPHER_CTX; const &in: PEVP_CIPHER_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_CIPHER_CTX_get_app_data(const ctx: PEVP_CIPHER_CTX): Pointer cdecl; external CLibCrypto;
+  procedure EVP_CIPHER_CTX_set_app_data(ctx: PEVP_CIPHER_CTX; data: Pointer) cdecl; external CLibCrypto;
+  function EVP_CIPHER_CTX_get_cipher_data(const ctx: PEVP_CIPHER_CTX): Pointer cdecl; external CLibCrypto;
+  function EVP_CIPHER_CTX_set_cipher_data(ctx: PEVP_CIPHER_CTX; cipher_data: Pointer): Pointer cdecl; external CLibCrypto;
+
+  //# define EVP_CIPHER_CTX_type(c)         EVP_CIPHER_type(EVP_CIPHER_CTX_cipher(c))
+  //# if OPENSSL_API_COMPAT < 0x10100000L
+  //#  define EVP_CIPHER_CTX_flags(c)       EVP_CIPHER_flags(EVP_CIPHER_CTX_cipher(c))
+  //# endif
+  //# define EVP_CIPHER_CTX_mode(c)         EVP_CIPHER_mode(EVP_CIPHER_CTX_cipher(c))
+  //
+  //# define EVP_ENCODE_LENGTH(l)    ((((l)+2)/3*4)+((l)/48+1)*2+80)
+  //# define EVP_DECODE_LENGTH(l)    (((l)+3)/4*3+80)
+  //
+  //# define EVP_SignInit_ex(a;b;c)          EVP_DigestInit_ex(a;b;c)
+  //# define EVP_SignInit(a;b)               EVP_DigestInit(a;b)
+  //# define EVP_SignUpdate(a;b;c)           EVP_DigestUpdate(a;b;c)
+  //# define EVP_VerifyInit_ex(a;b;c)        EVP_DigestInit_ex(a;b;c)
+  //# define EVP_VerifyInit(a;b)             EVP_DigestInit(a;b)
+  //# define EVP_VerifyUpdate(a;b;c)         EVP_DigestUpdate(a;b;c)
+  //# define EVP_OpenUpdate(a;b;c;d;e)       EVP_DecryptUpdate(a;b;c;d;e)
+  //# define EVP_SealUpdate(a;b;c;d;e)       EVP_EncryptUpdate(a;b;c;d;e)
+  //# define EVP_DigestSignUpdate(a;b;c)     EVP_DigestUpdate(a;b;c)
+  //# define EVP_DigestVerifyUpdate(a;b;c)   EVP_DigestUpdate(a;b;c)
+
+  procedure BIO_set_md(v1: PBIO; const md: PEVP_MD) cdecl; external CLibCrypto;
+  //# define BIO_get_md(b;mdp)          BIO_ctrl(b;BIO_C_GET_MD;0;(PIdAnsiChar)(mdp))
+  //# define BIO_get_md_ctx(b;mdcp)     BIO_ctrl(b;BIO_C_GET_MD_CTX;0; (PIdAnsiChar)(mdcp))
+  //# define BIO_set_md_ctx(b;mdcp)     BIO_ctrl(b;BIO_C_SET_MD_CTX;0; (PIdAnsiChar)(mdcp))
+  //# define BIO_get_cipher_status(b)   BIO_ctrl(b;BIO_C_GET_CIPHER_STATUS;0;NULL)
+  //# define BIO_get_cipher_ctx(b;c_pp) BIO_ctrl(b;BIO_C_GET_CIPHER_CTX;0; (PIdAnsiChar)(c_pp))
+
+  //function EVP_Cipher(c: PEVP_CIPHER_CTX; &out: PByte; const &in: PByte; in1: TIdC_UINT): TIdC_INT;
+
+  //# define EVP_add_cipher_alias(n;alias) OBJ_NAME_add((alias);OBJ_NAME_TYPE_CIPHER_METH|OBJ_NAME_ALIAS;(n))
+  //# define EVP_add_digest_alias(n;alias) OBJ_NAME_add((alias);OBJ_NAME_TYPE_MD_METH|OBJ_NAME_ALIAS;(n))
+  //# define EVP_delete_cipher_alias(alias) OBJ_NAME_remove(alias;OBJ_NAME_TYPE_CIPHER_METH|OBJ_NAME_ALIAS);
+  //# define EVP_delete_digest_alias(alias) OBJ_NAME_remove(alias;OBJ_NAME_TYPE_MD_METH|OBJ_NAME_ALIAS);
+
+  function EVP_MD_CTX_ctrl(ctx: PEVP_MD_CTX; cmd: TIdC_INT; p1: TIdC_INT; p2: Pointer): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_MD_CTX_new: PEVP_MD_CTX cdecl; external CLibCrypto;
+  function EVP_MD_CTX_reset(ctx: PEVP_MD_CTX): TIdC_INT cdecl; external CLibCrypto;
+  procedure EVP_MD_CTX_free(ctx: PEVP_MD_CTX) cdecl; external CLibCrypto;
+  //# define EVP_MD_CTX_create()     EVP_MD_CTX_new()
+  //# define EVP_MD_CTX_init(ctx)    EVP_MD_CTX_reset((ctx))
+  //# define EVP_MD_CTX_destroy(ctx) EVP_MD_CTX_free((ctx))
+  function EVP_MD_CTX_copy_ex(&out: PEVP_MD_CTX; const &in: PEVP_MD_CTX): TIdC_INT cdecl; external CLibCrypto;
+  procedure EVP_MD_CTX_set_flags(ctx: PEVP_MD_CTX; flags: TIdC_INT) cdecl; external CLibCrypto;
+  procedure EVP_MD_CTX_clear_flags(ctx: PEVP_MD_CTX; flags: TIdC_INT) cdecl; external CLibCrypto;
+  function EVP_MD_CTX_test_flags(const ctx: PEVP_MD_CTX; flags: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_DigestInit_ex(ctx: PEVP_MD_CTX; const &type: PEVP_MD; impl: PENGINE): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_DigestUpdate(ctx: PEVP_MD_CTX; const d: Pointer; cnt: TIdC_SIZET): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_DigestFinal_ex(ctx: PEVP_MD_CTX; md: PByte; s: PIdC_UINT): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_Digest(const data: Pointer; count: TIdC_SIZET; md: PByte; size: PIdC_UINT; const &type: PEVP_MD; impl: PENGINE): TIdC_INT cdecl; external CLibCrypto;
+
+  function EVP_MD_CTX_copy(&out: PEVP_MD_CTX; const &in: PEVP_MD_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_DigestInit(ctx: PEVP_MD_CTX; const &type: PEVP_MD): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_DigestFinal(ctx: PEVP_MD_CTX; md: PByte; s: PIdC_UINT): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_DigestFinalXOF(ctx: PEVP_MD_CTX; md: PByte; len: TIdC_SIZET): TIdC_INT cdecl; external CLibCrypto;
+
+  function EVP_read_pw_string(buf: PIdAnsiChar; length: TIdC_INT; const prompt: PIdAnsiChar; verify: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_read_pw_string_min(buf: PIdAnsiChar; minlen: TIdC_INT; maxlen: TIdC_INT; const prompt: PIdAnsiChar; verify: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  procedure EVP_set_pw_prompt(const prompt: PIdAnsiChar) cdecl; external CLibCrypto;
+  function EVP_get_pw_prompt: PIdAnsiChar cdecl; external CLibCrypto;
+  function EVP_BytesToKey(const &type: PEVP_CIPHER; const md: PEVP_MD; const salt: PByte; const data: PByte; data1: TIdC_INT; count: TIdC_INT; key: PByte; iv: PByte): TIdC_INT cdecl; external CLibCrypto;
+
+  procedure EVP_CIPHER_CTX_set_flags(ctx: PEVP_CIPHER_CTX; flags: TIdC_INT) cdecl; external CLibCrypto;
+  procedure EVP_CIPHER_CTX_clear_flags(ctx: PEVP_CIPHER_CTX; flags: TIdC_INT) cdecl; external CLibCrypto;
+  function EVP_CIPHER_CTX_test_flags(const ctx: PEVP_CIPHER_CTX; flags: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+
+  function EVP_EncryptInit(ctx: PEVP_CIPHER_CTX; const cipher: PEVP_CIPHER; const key: PByte; const iv: PByte): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_EncryptInit_ex(ctx: PEVP_CIPHER_CTX; const cipher: PEVP_CIPHER; impl: PENGINE; const key: PByte; const iv: PByte): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_EncryptUpdate(ctx: PEVP_CIPHER_CTX; &out: PByte; out1: PIdC_INT; const &in: PByte; &in1: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_EncryptFinal_ex(ctx: PEVP_CIPHER_CTX; &out: PByte; out1: PIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_EncryptFinal(ctx: PEVP_CIPHER_CTX; &out: PByte; out1: PIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+
+  function EVP_DecryptInit(ctx: PEVP_CIPHER_CTX; &out: PByte; out1: PidC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_DecryptInit_ex(ctx: PEVP_CIPHER_CTX; const cipher: PEVP_CIPHER; impl: PENGINE; const key: PByte; const iv: PByte): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_DecryptUpdate(ctx: PEVP_CIPHER_CTX; &out: PByte; out1: PIdC_INT; const &in: PByte; &in1: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_DecryptFinal(ctx: PEVP_CIPHER_CTX; outm: PByte; out1: PIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_DecryptFinal_ex(ctx: PEVP_MD_CTX; outm: PByte; out1: PIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+
+  function EVP_CipherInit(ctx: PEVP_CIPHER_CTX; const cipher: PEVP_CIPHER; const key: PByte; const iv: PByte; enc: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_CipherInit_ex(ctx: PEVP_CIPHER_CTX; const cipher: PEVP_CIPHER; impl: PENGINE; const key: PByte; const iv: PByte; enc: TidC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_CipherUpdate(ctx: PEVP_CIPHER_CTX; &out: PByte; out1: PIdC_INT; const &in: PByte; in1: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_CipherFinal(ctx: PEVP_CIPHER_CTX; outm: PByte; out1: PIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_CipherFinal_ex(ctx: PEVP_CIPHER_CTX; outm: PByte; out1: PIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+
+  function EVP_SignFinal(ctx: PEVP_CIPHER_CTX; md: PByte; s: PIdC_UINT; pkey: PEVP_PKEY): TIdC_INT cdecl; external CLibCrypto;
+
+  function EVP_DigestSign(ctx: PEVP_CIPHER_CTX; sigret: PByte; siglen: PIdC_SIZET; const tbs: PByte; tbslen: TIdC_SIZET): TIdC_INT cdecl; external CLibCrypto;
+
+  function EVP_VerifyFinal(ctx: PEVP_MD_CTX; const sigbuf: PByte; siglen: TIdC_UINT; pkey: PEVP_PKEY): TIdC_INT cdecl; external CLibCrypto;
+
+  function EVP_DigestVerify(ctx: PEVP_CIPHER_CTX; const sigret: PByte; siglen: TIdC_SIZET; const tbs: PByte; tbslen: TIdC_SIZET): TIdC_INT cdecl; external CLibCrypto;
+
+  function EVP_DigestSignInit(ctx: PEVP_CIPHER_CTX; pctx: PPEVP_PKEY_CTX; const &type: PEVP_MD; e: PENGINE; pkey: PEVP_PKEY): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_DigestSignFinal(ctx: PEVP_CIPHER_CTX; sigret: PByte; siglen: PIdC_SIZET): TIdC_INT cdecl; external CLibCrypto;
+
+  function EVP_DigestVerifyInit(ctx: PEVP_MD_CTX; ppctx: PPEVP_PKEY_CTX; const &type: PEVP_MD; e: PENGINE; pkey: PEVP_PKEY): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_DigestVerifyFinal(ctx: PEVP_MD_CTX; const sig: PByte; siglen: TIdC_SIZET): TIdC_INT cdecl; external CLibCrypto;
+
+  function EVP_OpenInit(ctx: PEVP_CIPHER_CTX; const &type: PEVP_CIPHER; const ek: PByte; ek1: TIdC_INT; const iv: PByte; priv: PEVP_PKEY): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_OpenFinal(ctx: PEVP_CIPHER_CTX; &out: PByte; out1: PIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+
+  function EVP_SealInit(ctx: PEVP_CIPHER_CTX; const &type: EVP_CIPHER; ek: PPByte; ek1: PIdC_INT; iv: PByte; pubk: PPEVP_PKEY; npubk: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_SealFinal(ctx: PEVP_CIPHER_CTX; &out: PByte; out1: PIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+
+  function EVP_ENCODE_CTX_new: PEVP_ENCODE_CTX cdecl; external CLibCrypto;
+  procedure EVP_ENCODE_CTX_free(ctx: PEVP_ENCODE_CTX) cdecl; external CLibCrypto;
+  function EVP_ENCODE_CTX_copy(dctx: PEVP_ENCODE_CTX; sctx: PEVP_ENCODE_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_ENCODE_CTX_num(ctx: PEVP_ENCODE_CTX): TIdC_INT cdecl; external CLibCrypto;
+  procedure EVP_EncodeInit(ctx: PEVP_ENCODE_CTX) cdecl; external CLibCrypto;
+  function EVP_EncodeUpdate(ctx: PEVP_ENCODE_CTX; &out: PByte; out1: PIdC_INT; const &in: PByte; in1: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  procedure EVP_EncodeFinal(ctx: PEVP_ENCODE_CTX; &out: PByte; out1: PIdC_INT) cdecl; external CLibCrypto;
+  function EVP_EncodeBlock(t: PByte; const f: PByte; n: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+
+  procedure EVP_DecodeInit(ctx: PEVP_ENCODE_CTX) cdecl; external CLibCrypto;
+  function EVP_DecodeUpdate(ctx: PEVP_ENCODE_CTX; &out: PByte; out1: PIdC_INT; const &in: PByte; in1: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_DecodeFinal(ctx: PEVP_ENCODE_CTX; &out: PByte; out1: PIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_DecodeBlock(t: PByte; const f: PByte; n: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+
+  function EVP_CIPHER_CTX_new: PEVP_CIPHER_CTX cdecl; external CLibCrypto;
+  function EVP_CIPHER_CTX_reset(c: PEVP_CIPHER_CTX): TIdC_INT cdecl; external CLibCrypto;
+  procedure EVP_CIPHER_CTX_free(c: PEVP_CIPHER_CTX) cdecl; external CLibCrypto;
+  function EVP_CIPHER_CTX_set_key_length(x: PEVP_CIPHER_CTX; keylen: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_CIPHER_CTX_set_padding(c: PEVP_CIPHER_CTX; pad: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_CIPHER_CTX_ctrl(ctx: PEVP_CIPHER_CTX; &type: TIdC_INT; arg: TIdC_INT; ptr: Pointer): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_CIPHER_CTX_rand_key(ctx: PEVP_CIPHER_CTX; key: PByte): TIdC_INT cdecl; external CLibCrypto;
+
+  function BIO_f_md: PBIO_METHOD cdecl; external CLibCrypto;
+  function BIO_f_base64: PBIO_METHOD cdecl; external CLibCrypto;
+  function BIO_f_cipher: PBIO_METHOD cdecl; external CLibCrypto;
+  function BIO_f_reliable: PBIO_METHOD cdecl; external CLibCrypto;
+  function BIO_set_cipher(b: PBIO; c: PEVP_CIPHER; const k: PByte; const i: PByte; enc: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+
+  function EVP_md_null: PEVP_MD cdecl; external CLibCrypto;
+
+  function EVP_md5: PEVP_MD cdecl; external CLibCrypto;
+  function EVP_md5_sha1: PEVP_MD cdecl; external CLibCrypto;
+
+  function EVP_sha1: PEVP_MD cdecl; external CLibCrypto;
+  function EVP_sha224: PEVP_MD cdecl; external CLibCrypto;
+  function EVP_sha256: PEVP_MD cdecl; external CLibCrypto;
+  function EVP_sha384: PEVP_MD cdecl; external CLibCrypto;
+  function EVP_sha512: PEVP_MD cdecl; external CLibCrypto;
+  function EVP_sha512_224: PEVP_MD cdecl; external CLibCrypto;
+  function EVP_sha512_256: PEVP_MD cdecl; external CLibCrypto;
+  function EVP_sha3_224: PEVP_MD cdecl; external CLibCrypto;
+  function EVP_sha3_256: PEVP_MD cdecl; external CLibCrypto;
+  function EVP_sha3_384: PEVP_MD cdecl; external CLibCrypto;
+  function EVP_sha3_512: PEVP_MD cdecl; external CLibCrypto;
+  function EVP_shake128: PEVP_MD cdecl; external CLibCrypto;
+  function EVP_shake256: PEVP_MD cdecl; external CLibCrypto;
+
+  (* does nothing :-) *)
+  function EVP_enc_null: PEVP_CIPHER cdecl; external CLibCrypto;
+
+  function EVP_des_ecb: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_des_ede: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_des_ede3: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_des_ede_ecb: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_des_ede3_ecb: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_des_cfb64: PEVP_CIPHER cdecl; external CLibCrypto;
+  //EVP_des_cfb EVP_des_cfb64
+  function EVP_des_cfb1: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_des_cfb8: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_des_ede_cfb64: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_des_ede3_cfb64: PEVP_CIPHER cdecl; external CLibCrypto;
+  //EVP_des_ede3_cfb EVP_des_ede3_cfb64
+  function EVP_des_ede3_cfb1: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_des_ede3_cfb8: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_des_ofb: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_des_ede_ofb: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_des_ede3_ofb: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_des_cbc: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_des_ede_cbc: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_des_ede3_cbc: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_desx_cbc: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_des_ede3_wrap: PEVP_CIPHER cdecl; external CLibCrypto;
+  //
+  // This should now be supported through the dev_crypto ENGINE. But also, why
+  // are rc4 and md5 declarations made here inside a "NO_DES" precompiler
+  // branch?
+  //
+  function EVP_rc4: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_rc4_40: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_idea_ecb: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_idea_cfb64: PEVP_CIPHER cdecl; external CLibCrypto;
+  //EVP_idea_cfb EVP_idea_cfb64
+  function EVP_idea_ofb: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_idea_cbc: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_rc2_ecb: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_rc2_cbc: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_rc2_40_cbc: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_rc2_64_cbc: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_rc2_cfb64: PEVP_CIPHER cdecl; external CLibCrypto;
+  //EVP_rc2_cfb EVP_rc2_cfb64
+  function EVP_rc2_ofb: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_bf_ecb: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_bf_cbc: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_bf_cfb64: PEVP_CIPHER cdecl; external CLibCrypto;
+  //EVP_bf_cfb EVP_bf_cfb64
+  function EVP_bf_ofb: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_cast5_ecb: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_cast5_cbc: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_cast5_cfb64: PEVP_CIPHER cdecl; external CLibCrypto;
+  //EVP_cast5_cfb EVP_cast5_cfb64
+  function EVP_cast5_ofb: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_rc5_32_12_16_cbc: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_rc5_32_12_16_ecb: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_rc5_32_12_16_cfb64: PEVP_CIPHER cdecl; external CLibCrypto;
+  //EVP_rc5_32_12_16_cfb EVP_rc5_32_12_16_cfb64
+  function EVP_rc5_32_12_16_ofb: PEVP_CIPHER cdecl; external CLibCrypto;
+
+  function EVP_aes_128_ecb: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_aes_128_cbc: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_aes_128_cfb1: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_aes_128_cfb8: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_aes_128_cfb128: PEVP_CIPHER cdecl; external CLibCrypto;
+  //EVP_aes_128_cfb EVP_aes_128_cfb128
+  function EVP_aes_128_ofb: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_aes_128_ctr: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_aes_128_ccm: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_aes_128_gcm: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_aes_128_xts: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_aes_128_wrap: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_aes_128_wrap_pad: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_aes_128_ocb: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_aes_192_ecb: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_aes_192_cbc: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_aes_192_cfb1: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_aes_192_cfb8: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_aes_192_cfb128: PEVP_CIPHER cdecl; external CLibCrypto;
+  //EVP_aes_192_cfb EVP_aes_192_cfb128
+  function EVP_aes_192_ofb: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_aes_192_ctr: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_aes_192_ccm: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_aes_192_gcm: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_aes_192_wrap: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_aes_192_wrap_pad: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_aes_192_ocb: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_aes_256_ecb: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_aes_256_cbc: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_aes_256_cfb1: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_aes_256_cfb8: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_aes_256_cfb128: PEVP_CIPHER cdecl; external CLibCrypto;
+  //EVP_aes_256_cfb EVP_aes_256_cfb128
+  function EVP_aes_256_ofb: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_aes_256_ctr: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_aes_256_ccm: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_aes_256_gcm: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_aes_256_xts: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_aes_256_wrap: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_aes_256_wrap_pad: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_aes_256_ocb: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_aes_128_cbc_hmac_sha1: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_aes_256_cbc_hmac_sha1: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_aes_128_cbc_hmac_sha256: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_aes_256_cbc_hmac_sha256: PEVP_CIPHER cdecl; external CLibCrypto;
+
+  function EVP_aria_128_ecb: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_aria_128_cbc: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_aria_128_cfb1: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_aria_128_cfb8: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_aria_128_cfb128: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_aria_128_ctr: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_aria_128_ofb: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_aria_128_gcm: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_aria_128_ccm: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_aria_192_ecb: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_aria_192_cbc: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_aria_192_cfb1: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_aria_192_cfb8: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_aria_192_cfb128: PEVP_CIPHER cdecl; external CLibCrypto;
+  //EVP_aria_192_cfb EVP_aria_192_cfb128
+  function EVP_aria_192_ctr: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_aria_192_ofb: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_aria_192_gcm: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_aria_192_ccm: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_aria_256_ecb: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_aria_256_cbc: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_aria_256_cfb1: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_aria_256_cfb8: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_aria_256_cfb128: PEVP_CIPHER cdecl; external CLibCrypto;
+  //EVP_aria_256_cfb EVP_aria_256_cfb128
+  function EVP_aria_256_ctr: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_aria_256_ofb: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_aria_256_gcm: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_aria_256_ccm: PEVP_CIPHER cdecl; external CLibCrypto;
+
+  function EVP_camellia_128_ecb: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_camellia_128_cbc: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_camellia_128_cfb1: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_camellia_128_cfb8: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_camellia_128_cfb128: PEVP_CIPHER cdecl; external CLibCrypto;
+  //EVP_camellia_128_cfb EVP_camellia_128_cfb128
+  function EVP_camellia_128_ofb: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_camellia_128_ctr: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_camellia_192_ecb: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_camellia_192_cbc: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_camellia_192_cfb1: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_camellia_192_cfb8: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_camellia_192_cfb128: PEVP_CIPHER cdecl; external CLibCrypto;
+  //EVP_camellia_192_cfb EVP_camellia_192_cfb128
+  function EVP_camellia_192_ofb: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_camellia_192_ctr: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_camellia_256_ecb: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_camellia_256_cbc: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_camellia_256_cfb1: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_camellia_256_cfb8: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_camellia_256_cfb128: PEVP_CIPHER cdecl; external CLibCrypto;
+  //EVP_camellia_256_cfb EVP_camellia_256_cfb128
+  function EVP_camellia_256_ofb: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_camellia_256_ctr: PEVP_CIPHER cdecl; external CLibCrypto;
+
+  function EVP_chacha20: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_chacha20_poly1305: PEVP_CIPHER cdecl; external CLibCrypto;
+
+  function EVP_seed_ecb: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_seed_cbc: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_seed_cfb128: PEVP_CIPHER cdecl; external CLibCrypto;
+  //EVP_seed_cfb EVP_seed_cfb128
+  function EVP_seed_ofb: PEVP_CIPHER cdecl; external CLibCrypto;
+
+  function EVP_sm4_ecb: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_sm4_cbc: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_sm4_cfb128: PEVP_CIPHER cdecl; external CLibCrypto;
+  //EVP_sm4_cfb EVP_sm4_cfb128
+  function EVP_sm4_ofb: PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_sm4_ctr: PEVP_CIPHER cdecl; external CLibCrypto;
+
+  function EVP_add_cipher(const cipher: PEVP_CIPHER): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_add_digest(const digest: PEVP_MD): TIdC_INT cdecl; external CLibCrypto;
+
+  function EVP_get_cipherbyname(const name: PIdAnsiChar): PEVP_CIPHER cdecl; external CLibCrypto;
+  function EVP_get_digestbyname(const name: PIdAnsiChar): PEVP_MD cdecl; external CLibCrypto;
+
+  procedure EVP_CIPHER_do_all(AFn: fn; arg: Pointer) cdecl; external CLibCrypto;
+  procedure EVP_CIPHER_do_all_sorted(AFn: fn; arg: Pointer) cdecl; external CLibCrypto;
+
+  procedure EVP_MD_do_all(AFn: fn; arg: Pointer) cdecl; external CLibCrypto;
+  procedure EVP_MD_do_all_sorted(AFn: fn; arg: Pointer) cdecl; external CLibCrypto;
+
+  function EVP_PKEY_decrypt_old(dec_key: PByte; const enc_key: PByte; enc_key_len: TIdC_INT; private_key: PEVP_PKEY): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_PKEY_encrypt_old(dec_key: PByte; const enc_key: PByte; key_len: TIdC_INT; pub_key: PEVP_PKEY): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_PKEY_type(&type: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_PKEY_id(const pkey: PEVP_PKEY): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_PKEY_base_id(const pkey: PEVP_PKEY): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_PKEY_bits(const pkey: PEVP_PKEY): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_PKEY_security_bits(const pkey: PEVP_PKEY): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_PKEY_size(const pkey: PEVP_PKEY): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_PKEY_set_type(pkey: PEVP_PKEY): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_PKEY_set_type_str(pkey: PEVP_PKEY; const str: PIdAnsiChar; len: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_PKEY_set_alias_type(pkey: PEVP_PKEY; &type: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+
+  function EVP_PKEY_set1_engine(pkey: PEVP_PKEY; e: PENGINE): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_PKEY_get0_engine(const pkey: PEVP_PKEY): PENGINE cdecl; external CLibCrypto;
+
+  function EVP_PKEY_assign(pkey: PEVP_PKEY; &type: TIdC_INT; key: Pointer): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_PKEY_get0(const pkey: PEVP_PKEY): Pointer cdecl; external CLibCrypto;
+  function EVP_PKEY_get0_hmac(const pkey: PEVP_PKEY; len: PIdC_SIZET): PByte cdecl; external CLibCrypto;
+  function EVP_PKEY_get0_poly1305(const pkey: PEVP_PKEY; len: PIdC_SIZET): PByte cdecl; external CLibCrypto;
+  function EVP_PKEY_get0_siphash(const pkey: PEVP_PKEY; len: PIdC_SIZET): PByte cdecl; external CLibCrypto;
+
+  function EVP_PKEY_set1_RSA(pkey: PEVP_PKEY): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_PKEY_get0_RSA(pkey: PEVP_PKEY): Prsa_st cdecl; external CLibCrypto;
+  function EVP_PKEY_get1_RSA(pkey: PEVP_PKEY): Prsa_st cdecl; external CLibCrypto;
+
+  function EVP_PKEY_set1_DSA(pkey: PEVP_PKEY): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_PKEY_get0_DSA(pkey: PEVP_PKEY): Pdsa_st cdecl; external CLibCrypto;
+  function EVP_PKEY_get1_DSA(pkey: PEVP_PKEY): Pdsa_st cdecl; external CLibCrypto;
+
+  function EVP_PKEY_set1_DH(pkey: PEVP_PKEY; key: Pdh_st): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_PKEY_get0_DH(pkey: PEVP_PKEY): Pdh_st cdecl; external CLibCrypto;
+  function EVP_PKEY_get1_DH(pkey: PEVP_PKEY): Pdh_st cdecl; external CLibCrypto;
+
+  function EVP_PKEY_set1_EC_KEY(pkey: PEVP_PKEY; key: Pec_key_st): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_PKEY_get0_EC_KEY(pkey: PEVP_PKEY): Pec_key_st cdecl; external CLibCrypto;
+  function EVP_PKEY_get1_EC_KEY(pkey: PEVP_PKEY): Pec_key_st cdecl; external CLibCrypto;
+
+  function EVP_PKEY_new: PEVP_PKEY cdecl; external CLibCrypto;
+  function EVP_PKEY_up_ref(pkey: PEVP_PKEY): TIdC_INT cdecl; external CLibCrypto;
+  procedure EVP_PKEY_free(pkey: PEVP_PKEY) cdecl; external CLibCrypto;
+
+  function d2i_PublicKey(&type: TIdC_INT; a: PPEVP_PKEY; const pp: PPByte; length: TIdC_LONG): PEVP_PKEY cdecl; external CLibCrypto;
+  function i2d_PublicKey(a: PEVP_PKEY; pp: PPByte): TIdC_INT cdecl; external CLibCrypto;
+
+  function d2i_PrivateKey(&type: TIdC_INT; a: PEVP_PKEY; const pp: PPByte; length: TIdC_LONG): PEVP_PKEY cdecl; external CLibCrypto;
+  function d2i_AutoPrivateKey(a: PPEVP_PKEY; const pp: PPByte; length: TIdC_LONG): PEVP_PKEY cdecl; external CLibCrypto;
+  function i2d_PrivateKey(a: PEVP_PKEY; pp: PPByte): TIdC_INT cdecl; external CLibCrypto;
+
+  function EVP_PKEY_copy_parameters(&to: PEVP_PKEY; const from: PEVP_PKEY): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_PKEY_missing_parameters(const pkey: PEVP_PKEY): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_PKEY_save_parameters(pkey: PEVP_PKEY; mode: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_PKEY_cmp_parameters(const a: PEVP_PKEY; const b: PEVP_PKEY): TIdC_INT cdecl; external CLibCrypto;
+
+  function EVP_PKEY_cmp(const a: PEVP_PKEY; const b: PEVP_PKEY): TIdC_INT cdecl; external CLibCrypto;
+
+  function EVP_PKEY_print_public(&out: PBIO; const pkey: PEVP_PKEY; indent: TIdC_INT; pctx: PASN1_PCTX): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_PKEY_print_private(&out: PBIO; const pkey: PEVP_PKEY; indent: TIdC_INT; pctx: PASN1_PCTX): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_PKEY_print_params(&out: PBIO; const pkey: PEVP_PKEY; indent: TIdC_INT; pctx: PASN1_PCTX): TIdC_INT cdecl; external CLibCrypto;
+
+  function EVP_PKEY_get_default_digest_nid(pkey: PEVP_PKEY; pnid: PIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+
+  function EVP_PKEY_set1_tls_encodedpoint(pkey: PEVP_PKEY; const pt: PByte; ptlen: TIdC_SIZET): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_PKEY_get1_tls_encodedpoint(pkey: PEVP_PKEY; ppt: PPByte): TIdC_SIZET cdecl; external CLibCrypto;
+
+  function EVP_CIPHER_type(const ctx: PEVP_CIPHER): TIdC_INT cdecl; external CLibCrypto;
+
+  (* calls methods *)
+  function EVP_CIPHER_param_to_asn1(c: PEVP_CIPHER_CTX; &type: PASN1_TYPE): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_CIPHER_asn1_to_param(c: PEVP_CIPHER_CTX; &type: PASN1_TYPE): TIdC_INT cdecl; external CLibCrypto;
+
+  (* These are used by EVP_CIPHER methods *)
+  function EVP_CIPHER_set_asn1_iv(c: PEVP_CIPHER_CTX; &type: PASN1_TYPE): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_CIPHER_get_asn1_iv(c: PEVP_CIPHER_CTX; &type: PASN1_TYPE): TIdC_INT cdecl; external CLibCrypto;
+
+  (* PKCS5 password based encryption *)
+  function PKCS5_PBE_keyivgen(ctx: PEVP_CIPHER_CTX; const pass: PIdAnsiChar; passlen: TIdC_INT; param: PASN1_TYPE; const cipher: PEVP_CIPHER; const md: PEVP_MD; en_de: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function PKCS5_PBKDF2_HMAC_SHA1(const pass: PIdAnsiChar; passlen: TIdC_INT; const salt: PByte; saltlen: TIdC_INT; iter: TIdC_INT; keylen: TIdC_INT; &out: PByte): TIdC_INT cdecl; external CLibCrypto;
+  function PKCS5_PBKDF2_HMAC(const pass: PIdAnsiChar; passlen: TIdC_INT; const salt: PByte; saltlen: TIdC_INT; iter: TIdC_INT; const digest: PEVP_MD; keylen: TIdC_INT; &out: PByte): TIdC_INT cdecl; external CLibCrypto;
+  function PKCS5_v2_PBE_keyivgen(ctx: PEVP_CIPHER_CTX; const pass: PIdAnsiChar; passlen: TIdC_INT; param: PASN1_TYPE; const cipher: PEVP_CIPHER; const md: PEVP_MD; en_de: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+
+  function EVP_PBE_scrypt(const pass: PIdAnsiChar; passlen: TIdC_SIZET; const salt: PByte; saltlen: TIdC_SIZET; N: TIdC_UINT64; r: TIdC_UINT64; p: TIdC_UINT64; maxmem: TIdC_UINT64; key: PByte; keylen: TIdC_SIZET): TIdC_INT cdecl; external CLibCrypto;
+
+  function PKCS5_v2_scrypt_keyivgen(ctx: PEVP_CIPHER_CTX; const pass: PIdAnsiChar; passlen: TIdC_INT; param: PASN1_TYPE; const c: PEVP_CIPHER; const md: PEVP_MD; en_de: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+
+  procedure PKCS5_PBE_add cdecl; external CLibCrypto;
+
+  function EVP_PBE_CipherInit(pbe_obj: PASN1_OBJECT; const pass: PIdAnsiChar; passlen: TIdC_INT; param: PASN1_TYPE; ctx: PEVP_CIPHER_CTX; en_de: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+
+  (* PBE type *)
+  function EVP_PBE_alg_add_type(pbe_type: TIdC_INT; pbe_nid: TIdC_INT; cipher_nid: TIdC_INT; md_nid: TIdC_INT; keygen: PEVP_PBE_KEYGEN): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_PBE_alg_add(nid: TIdC_INT; const cipher: PEVP_CIPHER; const md: PEVP_MD; keygen: PEVP_PBE_KEYGEN): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_PBE_find(&type: TIdC_INT; pbe_nid: TIdC_INT; pcnid: PIdC_INT; pmnid: PIdC_INT; pkeygen: PPEVP_PBE_KEYGEN): TIdC_INT cdecl; external CLibCrypto;
+  procedure EVP_PBE_cleanup cdecl; external CLibCrypto;
+  function EVP_PBE_get(ptype: PIdC_INT; ppbe_nid: PIdC_INT; num: TIdC_SIZET): TIdC_INT cdecl; external CLibCrypto;
+
+  function EVP_PKEY_asn1_get_count: TIdC_INT cdecl; external CLibCrypto;
+  function EVP_PKEY_asn1_get0(idx: TIdC_INT): PEVP_PKEY_ASN1_METHOD cdecl; external CLibCrypto;
+  function EVP_PKEY_asn1_find(pe: PPENGINE; &type: TIdC_INT): PEVP_PKEY_ASN1_METHOD cdecl; external CLibCrypto;
+  function EVP_PKEY_asn1_find_str(pe: PPENGINE; const str: PIdAnsiChar; len: TIdC_INT): PEVP_PKEY_ASN1_METHOD cdecl; external CLibCrypto;
+  function EVP_PKEY_asn1_add0(const ameth: PEVP_PKEY_ASN1_METHOD): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_PKEY_asn1_add_alias(&to: TIdC_INT; from: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_PKEY_asn1_get0_info(ppkey_id: PIdC_INT; pkey_base_id: PIdC_INT; ppkey_flags: PIdC_INT; const pinfo: PPIdAnsiChar; const ppem_str: PPIdAnsiChar; const ameth: PEVP_PKEY_ASN1_METHOD): TIdC_INT cdecl; external CLibCrypto;
+
+  function EVP_PKEY_get0_asn1(const pkey: PEVP_PKEY): PEVP_PKEY_ASN1_METHOD cdecl; external CLibCrypto;
+  function EVP_PKEY_asn1_new(id: TIdC_INT; flags: TIdC_INT; const pem_str: PIdAnsiChar; const info: PIdAnsiChar): PEVP_PKEY_ASN1_METHOD cdecl; external CLibCrypto;
+  procedure EVP_PKEY_asn1_copy(dst: PEVP_PKEY_ASN1_METHOD; const src: PEVP_PKEY_ASN1_METHOD) cdecl; external CLibCrypto;
+  procedure EVP_PKEY_asn1_free(ameth: PEVP_PKEY_ASN1_METHOD) cdecl; external CLibCrypto;
+
+  procedure EVP_PKEY_asn1_set_public(ameth: PEVP_PKEY_ASN1_METHOD; APub_decode: pub_decode; APub_encode: pub_encode; APub_cmd: pub_cmd; APub_print: pub_print; APkey_size: pkey_size; APkey_bits: pkey_bits) cdecl; external CLibCrypto;
+  procedure EVP_PKEY_asn1_set_private(ameth: PEVP_PKEY_ASN1_METHOD; APriv_decode: priv_decode; APriv_encode: priv_encode; APriv_print: priv_print) cdecl; external CLibCrypto;
+  procedure EVP_PKEY_asn1_set_param(ameth: PEVP_PKEY_ASN1_METHOD; AParam_decode: param_decode; AParam_encode: param_encode; AParam_missing: param_missing; AParam_copy: param_copy; AParam_cmp: param_cmp; AParam_print: param_print) cdecl; external CLibCrypto;
+
+  procedure EVP_PKEY_asn1_set_free(ameth: PEVP_PKEY_ASN1_METHOD; APkey_free: pkey_free) cdecl; external CLibCrypto;
+  procedure EVP_PKEY_asn1_set_ctrl(ameth: PEVP_PKEY_ASN1_METHOD; APkey_ctrl: pkey_ctrl) cdecl; external CLibCrypto;
+  procedure EVP_PKEY_asn1_set_item(ameth: PEVP_PKEY_ASN1_METHOD; AItem_verify: item_verify; AItem_sign: item_sign) cdecl; external CLibCrypto;
+
+  procedure EVP_PKEY_asn1_set_siginf(ameth: PEVP_PKEY_ASN1_METHOD; ASiginf_set: siginf_set) cdecl; external CLibCrypto;
+
+  procedure EVP_PKEY_asn1_set_check(ameth: PEVP_PKEY_ASN1_METHOD; APkey_check: pkey_check) cdecl; external CLibCrypto;
+
+  procedure EVP_PKEY_asn1_set_public_check(ameth: PEVP_PKEY_ASN1_METHOD; APkey_pub_check: pkey_pub_check) cdecl; external CLibCrypto;
+
+  procedure EVP_PKEY_asn1_set_param_check(ameth: PEVP_PKEY_ASN1_METHOD; APkey_param_check: pkey_param_check) cdecl; external CLibCrypto;
+
+  procedure EVP_PKEY_asn1_set_set_priv_key(ameth: PEVP_PKEY_ASN1_METHOD; ASet_priv_key: set_priv_key) cdecl; external CLibCrypto;
+  procedure EVP_PKEY_asn1_set_set_pub_key(ameth: PEVP_PKEY_ASN1_METHOD; ASet_pub_key: set_pub_key) cdecl; external CLibCrypto;
+  procedure EVP_PKEY_asn1_set_get_priv_key(ameth: PEVP_PKEY_ASN1_METHOD; AGet_priv_key: get_priv_key) cdecl; external CLibCrypto;
+  procedure EVP_PKEY_asn1_set_get_pub_key(ameth: PEVP_PKEY_ASN1_METHOD; AGet_pub_key: get_pub_key) cdecl; external CLibCrypto;
+
+  procedure EVP_PKEY_asn1_set_security_bits(ameth: PEVP_PKEY_ASN1_METHOD; APkey_security_bits: pkey_security_bits) cdecl; external CLibCrypto;
+
+  function EVP_PKEY_meth_find(&type: TIdC_INT): PEVP_PKEY_METHOD cdecl; external CLibCrypto;
+  function EVP_PKEY_meth_new(id: TIdC_INT; flags: TIdC_INT): PEVP_PKEY_METHOD cdecl; external CLibCrypto;
+  procedure EVP_PKEY_meth_get0_info(ppkey_id: PIdC_INT; pflags: PIdC_INT; const meth: PEVP_PKEY_METHOD) cdecl; external CLibCrypto;
+  procedure EVP_PKEY_meth_copy(dst: PEVP_PKEY_METHOD; const src: PEVP_PKEY_METHOD) cdecl; external CLibCrypto;
+  procedure EVP_PKEY_meth_free(pmeth: PEVP_PKEY_METHOD) cdecl; external CLibCrypto;
+  function EVP_PKEY_meth_add0(const pmeth: PEVP_PKEY_METHOD): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_PKEY_meth_remove(const pmeth: PEVP_PKEY_METHOD): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_PKEY_meth_get_count: TIdC_SIZET cdecl; external CLibCrypto;
+  function EVP_PKEY_meth_get0(idx: TIdC_SIZET): PEVP_PKEY_METHOD cdecl; external CLibCrypto;
+
+  function EVP_PKEY_CTX_new(pkey: PEVP_PKEY; e: PENGINE): PEVP_PKEY_CTX cdecl; external CLibCrypto;
+  function EVP_PKEY_CTX_new_id(id: TIdC_INT; e: PENGINE): PEVP_PKEY_CTX cdecl; external CLibCrypto;
+  function EVP_PKEY_CTX_dup(ctx: PEVP_PKEY_CTX): PEVP_PKEY_CTX cdecl; external CLibCrypto;
+  procedure EVP_PKEY_CTX_free(ctx: PEVP_PKEY_CTX) cdecl; external CLibCrypto;
+
+  function EVP_PKEY_CTX_ctrl(ctx: PEVP_PKEY_CTX; keytype: TIdC_INT; optype: TIdC_INT; cmd: TIdC_INT; p1: TIdC_INT; p2: Pointer): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_PKEY_CTX_ctrl_str(ctx: PEVP_PKEY_CTX; const &type: PIdAnsiChar; const value: PIdAnsiChar): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_PKEY_CTX_ctrl_uint64(ctx: PEVP_PKEY_CTX; keytype: TIdC_INT; optype: TIdC_INT; cmd: TIdC_INT; value: TIdC_UINT64): TIdC_INT cdecl; external CLibCrypto;
+
+  function EVP_PKEY_CTX_str2ctrl(ctx: PEVP_PKEY_CTX; cmd: TIdC_INT; const str: PIdAnsiChar): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_PKEY_CTX_hex2ctrl(ctx: PEVP_PKEY_CTX; cmd: TIdC_INT; const hex: PIdAnsiChar): TIdC_INT cdecl; external CLibCrypto;
+
+  function EVP_PKEY_CTX_md(ctx: PEVP_PKEY_CTX; optype: TIdC_INT; cmd: TIdC_INT; const md: PIdAnsiChar): TIdC_INT cdecl; external CLibCrypto;
+
+  function EVP_PKEY_CTX_get_operation(ctx: PEVP_PKEY_CTX): TIdC_INT cdecl; external CLibCrypto;
+  procedure EVP_PKEY_CTX_set0_keygen_info(ctx: PEVP_PKEY_CTX; dat: PIdC_INT; datlen: TIdC_INT) cdecl; external CLibCrypto;
+
+  function EVP_PKEY_new_mac_key(&type: TIdC_INT; e: PENGINE; const key: PByte; keylen: TIdC_INT): PEVP_PKEY cdecl; external CLibCrypto;
+  function EVP_PKEY_new_raw_private_key(&type: TIdC_INT; e: PENGINE; const priv: PByte; len: TIdC_SIZET): PEVP_PKEY cdecl; external CLibCrypto;
+  function EVP_PKEY_new_raw_public_key(&type: TIdC_INT; e: PENGINE; const pub: PByte; len: TIdC_SIZET): PEVP_PKEY cdecl; external CLibCrypto;
+  function EVP_PKEY_get_raw_private_key(const pkey: PEVP_PKEY; priv: PByte; len: PIdC_SIZET): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_PKEY_get_raw_public_key(const pkey: PEVP_PKEY; pub: PByte; len: PIdC_SIZET): TIdC_INT cdecl; external CLibCrypto;
+
+  function EVP_PKEY_new_CMAC_key(e: PENGINE; const priv: PByte; len: TIdC_SIZET; const cipher: PEVP_CIPHER): PEVP_PKEY cdecl; external CLibCrypto;
+
+  procedure EVP_PKEY_CTX_set_data(ctx: PEVP_PKEY_CTX; data: Pointer) cdecl; external CLibCrypto;
+  function EVP_PKEY_CTX_get_data(ctx: PEVP_PKEY_CTX): Pointer cdecl; external CLibCrypto;
+  function EVP_PKEY_CTX_get0_pkey(ctx: PEVP_PKEY_CTX): PEVP_PKEY cdecl; external CLibCrypto;
+
+  function EVP_PKEY_CTX_get0_peerkey(ctx: PEVP_PKEY_CTX): PEVP_PKEY cdecl; external CLibCrypto;
+
+  procedure EVP_PKEY_CTX_set_app_data(ctx: PEVP_PKEY_CTX; data: Pointer) cdecl; external CLibCrypto;
+  function EVP_PKEY_CTX_get_app_data(ctx: PEVP_PKEY_CTX): Pointer cdecl; external CLibCrypto;
+
+  function EVP_PKEY_sign_init(ctx: PEVP_PKEY_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_PKEY_sign(ctx: PEVP_PKEY_CTX; sig: PByte; siglen: PIdC_SIZET; const tbs: PByte; tbslen: TIdC_SIZET): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_PKEY_verify_init(ctx: PEVP_PKEY_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_PKEY_verify(ctx: PEVP_PKEY_CTX; const sig: PByte; siglen: TIdC_SIZET; const tbs: PByte; tbslen: TIdC_SIZET): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_PKEY_verify_recover_init(ctx: PEVP_PKEY_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_PKEY_verify_recover(ctx: PEVP_PKEY_CTX; rout: PByte; routlen: PIdC_SIZET; const sig: PByte; siglen: TIdC_SIZET): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_PKEY_encrypt_init(ctx: PEVP_PKEY_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_PKEY_encrypt(ctx: PEVP_PKEY_CTX; &out: PByte; outlen: PIdC_SIZET; const &in: PByte; inlen: TIdC_SIZET): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_PKEY_decrypt_init(ctx: PEVP_PKEY_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_PKEY_decrypt(ctx: PEVP_PKEY_CTX; &out: PByte; outlen: PIdC_SIZET; const &in: PByte; inlen: TIdC_SIZET): TIdC_INT cdecl; external CLibCrypto;
+
+  function EVP_PKEY_derive_init(ctx: PEVP_PKEY_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_PKEY_derive_set_peer(ctx: PEVP_PKEY_CTX; peer: PEVP_PKEY): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_PKEY_derive(ctx: PEVP_PKEY_CTX; key: PByte; keylen: PIdC_SIZET): TIdC_INT cdecl; external CLibCrypto;
+
+  function EVP_PKEY_paramgen_init(ctx: PEVP_PKEY_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_PKEY_paramgen(ctx: PEVP_PKEY_CTX; ppkey: PPEVP_PKEY): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_PKEY_keygen_init(ctx: PEVP_PKEY_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_PKEY_keygen(ctx: PEVP_PKEY_CTX; ppkey: PPEVP_PKEY): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_PKEY_check(ctx: PEVP_PKEY_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_PKEY_public_check(ctx: PEVP_PKEY_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_PKEY_param_check(ctx: PEVP_PKEY_CTX): TIdC_INT cdecl; external CLibCrypto;
+
+  procedure EVP_PKEY_CTX_set_cb(ctx: PEVP_PKEY_CTX; cb: EVP_PKEY_gen_cb) cdecl; external CLibCrypto;
+  function EVP_PKEY_CTX_get_cb(ctx: PEVP_PKEY_CTX): EVP_PKEY_gen_cb cdecl; external CLibCrypto;
+
+  function EVP_PKEY_CTX_get_keygen_info(ctx: PEVP_PKEY_CTX; idx: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+
+  procedure EVP_PKEY_meth_set_init(pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_init: EVP_PKEY_meth_init) cdecl; external CLibCrypto;
+
+  procedure EVP_PKEY_meth_set_copy(pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_copy_cb: EVP_PKEY_meth_copy_cb) cdecl; external CLibCrypto;
+
+  procedure EVP_PKEY_meth_set_cleanup(pmeth: PEVP_PKEY_METHOD; PEVP_PKEY_meth_cleanup: EVP_PKEY_meth_cleanup) cdecl; external CLibCrypto;
+
+  procedure EVP_PKEY_meth_set_paramgen(pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_paramgen_init: EVP_PKEY_meth_paramgen_init; AEVP_PKEY_meth_paramgen: EVP_PKEY_meth_paramgen_init) cdecl; external CLibCrypto;
+
+  procedure EVP_PKEY_meth_set_keygen(pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_keygen_init: EVP_PKEY_meth_keygen_init; AEVP_PKEY_meth_keygen: EVP_PKEY_meth_keygen) cdecl; external CLibCrypto;
+
+  procedure EVP_PKEY_meth_set_sign(pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_sign_init: EVP_PKEY_meth_sign_init; AEVP_PKEY_meth_sign: EVP_PKEY_meth_sign) cdecl; external CLibCrypto;
+
+  procedure EVP_PKEY_meth_set_verify(pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_verify_init: EVP_PKEY_meth_verify_init; AEVP_PKEY_meth_verify: EVP_PKEY_meth_verify_init) cdecl; external CLibCrypto;
+
+  procedure EVP_PKEY_meth_set_verify_recover(pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_verify_recover_init: EVP_PKEY_meth_verify_recover_init; AEVP_PKEY_meth_verify_recover: EVP_PKEY_meth_verify_recover_init) cdecl; external CLibCrypto;
+
+  procedure EVP_PKEY_meth_set_signctx(pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_signctx_init: EVP_PKEY_meth_signctx_init; AEVP_PKEY_meth_signctx: EVP_PKEY_meth_signctx) cdecl; external CLibCrypto;
+
+  procedure EVP_PKEY_meth_set_verifyctx(pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_verifyctx_init: EVP_PKEY_meth_verifyctx_init; AEVP_PKEY_meth_verifyctx: EVP_PKEY_meth_verifyctx) cdecl; external CLibCrypto;
+
+  procedure EVP_PKEY_meth_set_encrypt(pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_encrypt_init: EVP_PKEY_meth_encrypt_init; AEVP_PKEY_meth_encrypt: EVP_PKEY_meth_encrypt) cdecl; external CLibCrypto;
+
+  procedure EVP_PKEY_meth_set_decrypt(pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_decrypt_init: EVP_PKEY_meth_decrypt_init; AEVP_PKEY_meth_decrypt: EVP_PKEY_meth_decrypt) cdecl; external CLibCrypto;
+
+  procedure EVP_PKEY_meth_set_derive(pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_derive_init: EVP_PKEY_meth_derive_init; AEVP_PKEY_meth_derive: EVP_PKEY_meth_derive) cdecl; external CLibCrypto;
+
+  procedure EVP_PKEY_meth_set_ctrl(pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_ctrl: EVP_PKEY_meth_ctrl; AEVP_PKEY_meth_ctrl_str: EVP_PKEY_meth_ctrl_str) cdecl; external CLibCrypto;
+
+  procedure EVP_PKEY_meth_set_digestsign(pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_digestsign: EVP_PKEY_meth_digestsign) cdecl; external CLibCrypto;
+
+  procedure EVP_PKEY_meth_set_digestverify(pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_digestverify: EVP_PKEY_meth_digestverify) cdecl; external CLibCrypto;
+
+  procedure EVP_PKEY_meth_set_check(pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_check: EVP_PKEY_meth_check) cdecl; external CLibCrypto;
+
+  procedure EVP_PKEY_meth_set_public_check(pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_public_check: EVP_PKEY_meth_public_check) cdecl; external CLibCrypto;
+
+  procedure EVP_PKEY_meth_set_param_check(pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_param_check: EVP_PKEY_meth_param_check) cdecl; external CLibCrypto;
+
+  procedure EVP_PKEY_meth_set_digest_custom(pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_digest_custom: EVP_PKEY_meth_digest_custom) cdecl; external CLibCrypto;
+
+  procedure EVP_PKEY_meth_get_init(const pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_init: PEVP_PKEY_meth_init) cdecl; external CLibCrypto;
+
+  procedure EVP_PKEY_meth_get_copy(const pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_copy: PEVP_PKEY_meth_copy) cdecl; external CLibCrypto;
+
+  procedure EVP_PKEY_meth_get_cleanup(const pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_cleanup: PEVP_PKEY_meth_cleanup) cdecl; external CLibCrypto;
+
+  procedure EVP_PKEY_meth_get_paramgen(const pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_paramgen_init: EVP_PKEY_meth_paramgen_init; AEVP_PKEY_meth_paramgen: PEVP_PKEY_meth_paramgen) cdecl; external CLibCrypto;
+
+  procedure EVP_PKEY_meth_get_keygen(const pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_keygen_init: EVP_PKEY_meth_keygen_init; AEVP_PKEY_meth_keygen: PEVP_PKEY_meth_keygen) cdecl; external CLibCrypto;
+
+  procedure EVP_PKEY_meth_get_sign(const pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_sign_init: PEVP_PKEY_meth_sign_init; AEVP_PKEY_meth_sign: PEVP_PKEY_meth_sign) cdecl; external CLibCrypto;
+
+  procedure EVP_PKEY_meth_get_verify(pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_verify_init: PEVP_PKEY_meth_verify_init; AEVP_PKEY_meth_verify: PEVP_PKEY_meth_verify_init) cdecl; external CLibCrypto;
+
+  procedure EVP_PKEY_meth_get_verify_recover(pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_verify_recover_init: PEVP_PKEY_meth_verify_recover_init; AEVP_PKEY_meth_verify_recover: PEVP_PKEY_meth_verify_recover_init) cdecl; external CLibCrypto;
+
+  procedure EVP_PKEY_meth_get_signctx(pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_signctx_init: PEVP_PKEY_meth_signctx_init; AEVP_PKEY_meth_signctx: PEVP_PKEY_meth_signctx) cdecl; external CLibCrypto;
+
+  procedure EVP_PKEY_meth_get_verifyctx(pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_verifyctx_init: PEVP_PKEY_meth_verifyctx_init; AEVP_PKEY_meth_verifyctx: PEVP_PKEY_meth_verifyctx) cdecl; external CLibCrypto;
+
+  procedure EVP_PKEY_meth_get_encrypt(pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_encrypt_init: PEVP_PKEY_meth_encrypt_init; AEVP_PKEY_meth_encrypt: PEVP_PKEY_meth_encrypt) cdecl; external CLibCrypto;
+
+  procedure EVP_PKEY_meth_get_decrypt(pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_decrypt_init: PEVP_PKEY_meth_decrypt_init; AEVP_PKEY_meth_decrypt: PEVP_PKEY_meth_decrypt) cdecl; external CLibCrypto;
+
+  procedure EVP_PKEY_meth_get_derive(pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_derive_init: PEVP_PKEY_meth_derive_init; AEVP_PKEY_meth_derive: PEVP_PKEY_meth_derive) cdecl; external CLibCrypto;
+
+  procedure EVP_PKEY_meth_get_ctrl(pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_ctrl: PEVP_PKEY_meth_ctrl; AEVP_PKEY_meth_ctrl_str: PEVP_PKEY_meth_ctrl_str) cdecl; external CLibCrypto;
+
+  procedure EVP_PKEY_meth_get_digestsign(pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_digestsign: PEVP_PKEY_meth_digestsign) cdecl; external CLibCrypto;
+
+  procedure EVP_PKEY_meth_get_digestverify(pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_digestverify: PEVP_PKEY_meth_digestverify) cdecl; external CLibCrypto;
+
+  procedure EVP_PKEY_meth_get_check(pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_check: PEVP_PKEY_meth_check) cdecl; external CLibCrypto;
+
+  procedure EVP_PKEY_meth_get_public_check(pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_public_check: PEVP_PKEY_meth_public_check) cdecl; external CLibCrypto;
+
+  procedure EVP_PKEY_meth_get_param_check(pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_param_check: PEVP_PKEY_meth_param_check) cdecl; external CLibCrypto;
+
+  procedure EVP_PKEY_meth_get_digest_custom(pmeth: PEVP_PKEY_METHOD; AEVP_PKEY_meth_digest_custom: PEVP_PKEY_meth_digest_custom) cdecl; external CLibCrypto;
+
+  procedure EVP_add_alg_module cdecl; external CLibCrypto;
+
+implementation
+
+{$REGION 'C compiler macros'}
+//#  define EVP_PKEY_assign_RSA(pkey,rsa) EVP_PKEY_assign((pkey),EVP_PKEY_RSA, (char *)(rsa))
+function EVP_PKEY_assign_RSA(pkey: PEVP_PKEY; rsa: Pointer): TIdC_INT;
+begin
+  Result := EVP_PKEY_assign(pkey, EVP_PKEY_RSA, rsa);
+end;
+
+//#  define EVP_PKEY_assign_DSA(pkey,dsa) EVP_PKEY_assign((pkey),EVP_PKEY_DSA, (char *)(dsa))
+function EVP_PKEY_assign_DSA(pkey: PEVP_PKEY; dsa: Pointer): TIdC_INT;
+begin
+  Result := EVP_PKEY_assign(pkey, EVP_PKEY_DSA, dsa);
+end;
+
+//#  define EVP_PKEY_assign_DH(pkey,dh) EVP_PKEY_assign((pkey),EVP_PKEY_DH, (char *)(dh))
+function EVP_PKEY_assign_DH(pkey: PEVP_PKEY; dh: Pointer): TIdC_INT;
+begin
+  Result := EVP_PKEY_assign(pkey, EVP_PKEY_DH, dh);
+end;
+
+//#  define EVP_PKEY_assign_EC_KEY(pkey,eckey) EVP_PKEY_assign((pkey),EVP_PKEY_EC, (char *)(eckey))
+function EVP_PKEY_assign_EC_KEY(pkey: PEVP_PKEY; eckey: Pointer): TIdC_INT;
+begin
+  Result := EVP_PKEY_assign(pkey, EVP_PKEY_EC, eckey);
+end;
+
+//#  define EVP_PKEY_assign_SIPHASH(pkey,shkey) EVP_PKEY_assign((pkey),EVP_PKEY_SIPHASH, (char *)(shkey))
+function EVP_PKEY_assign_SIPHASH(pkey: PEVP_PKEY; shkey: Pointer): TIdC_INT;
+begin
+  Result := EVP_PKEY_assign(pkey, EVP_PKEY_SIPHASH, shkey);
+end;
+
+//#  define EVP_PKEY_assign_POLY1305(pkey,polykey) EVP_PKEY_assign((pkey),EVP_PKEY_POLY1305, (char *)(polykey))
+function EVP_PKEY_assign_POLY1305(pkey: PEVP_PKEY; polykey: Pointer): TIdC_INT;
+begin
+  Result := EVP_PKEY_assign(pkey, EVP_PKEY_POLY1305, polykey);
+end;
+{$ENDREGION}
+
+end.
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_evperr.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_evperr.pas
new file mode 100644
index 000000000..39944a41c
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_evperr.pas
@@ -0,0 +1,233 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 14:51:27
+
+unit IdOpenSSLHeaders_evperr;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// evperr.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+const
+  (*
+   * EVP function codes.
+   *)
+  EVP_F_AESNI_INIT_KEY =        165;
+  EVP_F_AESNI_XTS_INIT_KEY =       207;
+  EVP_F_AES_GCM_CTRL =         196;
+  EVP_F_AES_INIT_KEY =         133;
+  EVP_F_AES_OCB_CIPHER =        169;
+  EVP_F_AES_T4_INIT_KEY =        178;
+  EVP_F_AES_T4_XTS_INIT_KEY =       208;
+  EVP_F_AES_WRAP_CIPHER =        170;
+  EVP_F_AES_XTS_INIT_KEY =        209;
+  EVP_F_ALG_MODULE_INIT =        177;
+  EVP_F_ARIA_CCM_INIT_KEY =       175;
+  EVP_F_ARIA_GCM_CTRL =        197;
+  EVP_F_ARIA_GCM_INIT_KEY =       176;
+  EVP_F_ARIA_INIT_KEY =        185;
+  EVP_F_B64_NEW =          198;
+  EVP_F_CAMELLIA_INIT_KEY =       159;
+  EVP_F_CHACHA20_POLY1305_CTRL =      182;
+  EVP_F_CMLL_T4_INIT_KEY =        179;
+  EVP_F_DES_EDE3_WRAP_CIPHER =       171;
+  EVP_F_DO_SIGVER_INIT =        161;
+  EVP_F_ENC_NEW =          199;
+  EVP_F_EVP_CIPHERINIT_EX =       123;
+  EVP_F_EVP_CIPHER_ASN1_TO_PARAM =      204;
+  EVP_F_EVP_CIPHER_CTX_COPY =       163;
+  EVP_F_EVP_CIPHER_CTX_CTRL =       124;
+  EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH =    122;
+  EVP_F_EVP_CIPHER_PARAM_TO_ASN1 =      205;
+  EVP_F_EVP_DECRYPTFINAL_EX =       101;
+  EVP_F_EVP_DECRYPTUPDATE =       166;
+  EVP_F_EVP_DIGESTFINALXOF =       174;
+  EVP_F_EVP_DIGESTINIT_EX =       128;
+  EVP_F_EVP_ENCRYPTDECRYPTUPDATE =      219;
+  EVP_F_EVP_ENCRYPTFINAL_EX =       127;
+  EVP_F_EVP_ENCRYPTUPDATE =       167;
+  EVP_F_EVP_MD_CTX_COPY_EX =       110;
+  EVP_F_EVP_MD_SIZE =         162;
+  EVP_F_EVP_OPENINIT =         102;
+  EVP_F_EVP_PBE_ALG_ADD =        115;
+  EVP_F_EVP_PBE_ALG_ADD_TYPE =       160;
+  EVP_F_EVP_PBE_CIPHERINIT =       116;
+  EVP_F_EVP_PBE_SCRYPT =        181;
+  EVP_F_EVP_PKCS82PKEY =        111;
+  EVP_F_EVP_PKEY2PKCS8 =        113;
+  EVP_F_EVP_PKEY_ASN1_ADD0 =       188;
+  EVP_F_EVP_PKEY_CHECK =        186;
+  EVP_F_EVP_PKEY_COPY_PARAMETERS =      103;
+  EVP_F_EVP_PKEY_CTX_CTRL =       137;
+  EVP_F_EVP_PKEY_CTX_CTRL_STR =      150;
+  EVP_F_EVP_PKEY_CTX_DUP =        156;
+  EVP_F_EVP_PKEY_CTX_MD =        168;
+  EVP_F_EVP_PKEY_DECRYPT =        104;
+  EVP_F_EVP_PKEY_DECRYPT_INIT =      138;
+  EVP_F_EVP_PKEY_DECRYPT_OLD =       151;
+  EVP_F_EVP_PKEY_DERIVE =        153;
+  EVP_F_EVP_PKEY_DERIVE_INIT =       154;
+  EVP_F_EVP_PKEY_DERIVE_SET_PEER =      155;
+  EVP_F_EVP_PKEY_ENCRYPT =        105;
+  EVP_F_EVP_PKEY_ENCRYPT_INIT =      139;
+  EVP_F_EVP_PKEY_ENCRYPT_OLD =       152;
+  EVP_F_EVP_PKEY_GET0_DH =        119;
+  EVP_F_EVP_PKEY_GET0_DSA =       120;
+  EVP_F_EVP_PKEY_GET0_EC_KEY =       131;
+  EVP_F_EVP_PKEY_GET0_HMAC =       183;
+  EVP_F_EVP_PKEY_GET0_POLY1305 =      184;
+  EVP_F_EVP_PKEY_GET0_RSA =       121;
+  EVP_F_EVP_PKEY_GET0_SIPHASH =      172;
+  EVP_F_EVP_PKEY_GET_RAW_PRIVATE_KEY =     202;
+  EVP_F_EVP_PKEY_GET_RAW_PUBLIC_KEY =     203;
+  EVP_F_EVP_PKEY_KEYGEN =        146;
+  EVP_F_EVP_PKEY_KEYGEN_INIT =       147;
+  EVP_F_EVP_PKEY_METH_ADD0 =       194;
+  EVP_F_EVP_PKEY_METH_NEW =       195;
+  EVP_F_EVP_PKEY_NEW =         106;
+  EVP_F_EVP_PKEY_NEW_CMAC_KEY =      193;
+  EVP_F_EVP_PKEY_NEW_RAW_PRIVATE_KEY =     191;
+  EVP_F_EVP_PKEY_NEW_RAW_PUBLIC_KEY =     192;
+  EVP_F_EVP_PKEY_PARAMGEN =       148;
+  EVP_F_EVP_PKEY_PARAMGEN_INIT =      149;
+  EVP_F_EVP_PKEY_PARAM_CHECK =       189;
+  EVP_F_EVP_PKEY_PUBLIC_CHECK =      190;
+  EVP_F_EVP_PKEY_SET1_ENGINE =       187;
+  EVP_F_EVP_PKEY_SET_ALIAS_TYPE =      206;
+  EVP_F_EVP_PKEY_SIGN =        140;
+  EVP_F_EVP_PKEY_SIGN_INIT =       141;
+  EVP_F_EVP_PKEY_VERIFY =        142;
+  EVP_F_EVP_PKEY_VERIFY_INIT =       143;
+  EVP_F_EVP_PKEY_VERIFY_RECOVER =      144;
+  EVP_F_EVP_PKEY_VERIFY_RECOVER_INIT =     145;
+  EVP_F_EVP_SIGNFINAL =        107;
+  EVP_F_EVP_VERIFYFINAL =        108;
+  EVP_F_INT_CTX_NEW =         157;
+  EVP_F_OK_NEW =          200;
+  EVP_F_PKCS5_PBE_KEYIVGEN =       117;
+  EVP_F_PKCS5_V2_PBE_KEYIVGEN =      118;
+  EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN =      164;
+  EVP_F_PKCS5_V2_SCRYPT_KEYIVGEN =      180;
+  EVP_F_PKEY_SET_TYPE =        158;
+  EVP_F_RC2_MAGIC_TO_METH =       109;
+  EVP_F_RC5_CTRL =          125;
+  EVP_F_R_32_12_16_INIT_KEY =       242;
+  EVP_F_S390X_AES_GCM_CTRL =       201;
+  EVP_F_UPDATE =          173;
+
+  (*
+   * EVP reason codes.
+   *)
+  EVP_R_AES_KEY_SETUP_FAILED = 143;
+  EVP_R_ARIA_KEY_SETUP_FAILED = 176;
+  EVP_R_BAD_DECRYPT = 100;
+  EVP_R_BAD_KEY_LENGTH = 195;
+  EVP_R_BUFFER_TOO_SMALL = 155;
+  EVP_R_CAMELLIA_KEY_SETUP_FAILED = 157;
+  EVP_R_CIPHER_PARAMETER_ERROR = 122;
+  EVP_R_COMMAND_NOT_SUPPORTED = 147;
+  EVP_R_COPY_ERROR = 173;
+  EVP_R_CTRL_NOT_IMPLEMENTED = 132;
+  EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED = 133;
+  EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH = 138;
+  EVP_R_DECODE_ERROR = 114;
+  EVP_R_DIFFERENT_KEY_TYPES = 101;
+  EVP_R_DIFFERENT_PARAMETERS = 153;
+  EVP_R_ERROR_LOADING_SECTION = 165;
+  EVP_R_ERROR_SETTING_FIPS_MODE = 166;
+  EVP_R_EXPECTING_AN_HMAC_KEY = 174;
+  EVP_R_EXPECTING_AN_RSA_KEY = 127;
+  EVP_R_EXPECTING_A_DH_KEY = 128;
+  EVP_R_EXPECTING_A_DSA_KEY = 129;
+  EVP_R_EXPECTING_A_EC_KEY = 142;
+  EVP_R_EXPECTING_A_POLY1305_KEY = 164;
+  EVP_R_EXPECTING_A_SIPHASH_KEY = 175;
+  EVP_R_FIPS_MODE_NOT_SUPPORTED = 167;
+  EVP_R_GET_RAW_KEY_FAILED = 182;
+  EVP_R_ILLEGAL_SCRYPT_PARAMETERS = 171;
+  EVP_R_INITIALIZATION_ERROR = 134;
+  EVP_R_INPUT_NOT_INITIALIZED = 111;
+  EVP_R_INVALID_DIGEST = 152;
+  EVP_R_INVALID_FIPS_MODE = 168;
+  EVP_R_INVALID_KEY = 163;
+  EVP_R_INVALID_KEY_LENGTH = 130;
+  EVP_R_INVALID_OPERATION = 148;
+  EVP_R_KEYGEN_FAILURE = 120;
+  EVP_R_KEY_SETUP_FAILED = 180;
+  EVP_R_MEMORY_LIMIT_EXCEEDED = 172;
+  EVP_R_MESSAGE_DIGEST_IS_NULL = 159;
+  EVP_R_METHOD_NOT_SUPPORTED = 144;
+  EVP_R_MISSING_PARAMETERS = 103;
+  EVP_R_NOT_XOF_OR_INVALID_LENGTH = 178;
+  EVP_R_NO_CIPHER_SET = 131;
+  EVP_R_NO_DEFAULT_DIGEST = 158;
+  EVP_R_NO_DIGEST_SET = 139;
+  EVP_R_NO_KEY_SET = 154;
+  EVP_R_NO_OPERATION_SET = 149;
+  EVP_R_ONLY_ONESHOT_SUPPORTED = 177;
+  EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE = 150;
+  EVP_R_OPERATON_NOT_INITIALIZED = 151;
+  EVP_R_PARTIALLY_OVERLAPPING = 162;
+  EVP_R_PBKDF2_ERROR = 181;
+  EVP_R_PKEY_APPLICATION_ASN1_METHOD_ALREADY_REGISTERED = 179;
+  EVP_R_PRIVATE_KEY_DECODE_ERROR = 145;
+  EVP_R_PRIVATE_KEY_ENCODE_ERROR = 146;
+  EVP_R_PUBLIC_KEY_NOT_RSA = 106;
+  EVP_R_UNKNOWN_CIPHER = 160;
+  EVP_R_UNKNOWN_DIGEST = 161;
+  EVP_R_UNKNOWN_OPTION = 169;
+  EVP_R_UNKNOWN_PBE_ALGORITHM = 121;
+  EVP_R_UNSUPPORTED_ALGORITHM = 156;
+  EVP_R_UNSUPPORTED_CIPHER = 107;
+  EVP_R_UNSUPPORTED_KEYLENGTH = 123;
+  EVP_R_UNSUPPORTED_KEY_DERIVATION_FUNCTION = 124;
+  EVP_R_UNSUPPORTED_KEY_SIZE = 108;
+  EVP_R_UNSUPPORTED_NUMBER_OF_ROUNDS = 135;
+  EVP_R_UNSUPPORTED_PRF = 125;
+  EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM = 118;
+  EVP_R_UNSUPPORTED_SALT_TYPE = 126;
+  EVP_R_WRAP_MODE_NOT_ALLOWED = 170;
+  EVP_R_WRONG_FINAL_BLOCK_LENGTH = 109;
+  EVP_R_XTS_DUPLICATED_KEYS = 183;
+
+  function ERR_load_EVP_strings: TIdC_INT cdecl; external CLibCrypto;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_hmac.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_hmac.pas
new file mode 100644
index 000000000..827efd0ff
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_hmac.pas
@@ -0,0 +1,64 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 14:51:27
+
+unit IdOpenSSLHeaders_hmac;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// hmac.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts,
+  IdOpenSSLHeaders_ossl_typ;
+
+  function HMAC_size(const e: PHMAC_CTX): TIdC_SIZET cdecl; external CLibCrypto;
+  function HMAC_CTX_new: PHMAC_CTX cdecl; external CLibCrypto;
+  function HMAC_CTX_reset(ctx: PHMAC_CTX): TIdC_INT cdecl; external CLibCrypto;
+  procedure HMAC_CTX_free(ctx: PHMAC_CTX) cdecl; external CLibCrypto;
+
+  function HMAC_Init_ex(ctx: PHMAC_CTX; const key: Pointer; len: TIdC_INT; const md: PEVP_MD; impl: PENGINE): TIdC_INT cdecl; external CLibCrypto;
+  function HMAC_Update(ctx: PHMAC_CTX; const data: PByte; len: TIdC_SIZET): TIdC_INT cdecl; external CLibCrypto;
+  function HMAC_Final(ctx: PHMAC_CTX; md: PByte; len: PByte): TIdC_INT cdecl; external CLibCrypto;
+  function HMAC(const evp_md: PEVP_MD; const key: Pointer; key_len: TIdC_INT; const d: PByte; n: TIdC_SIZET; md: PByte; md_len: PIdC_INT): PByte cdecl; external CLibCrypto;
+  function HMAC_CTX_copy(dctx: PHMAC_CTX; sctx: PHMAC_CTX): TIdC_INT cdecl; external CLibCrypto;
+
+  procedure HMAC_CTX_set_flags(ctx: PHMAC_CTX; flags: TIdC_ULONG) cdecl; external CLibCrypto;
+  function HMAC_CTX_get_md(const ctx: PHMAC_CTX): PEVP_MD cdecl; external CLibCrypto;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_idea.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_idea.pas
new file mode 100644
index 000000000..837d01cbd
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_idea.pas
@@ -0,0 +1,76 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 14:51:27
+
+unit IdOpenSSLHeaders_idea;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// idea.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+const
+  // Added '_CONST' to avoid name clashes
+  IDEA_ENCRYPT_CONST = 1;
+  // Added '_CONST' to avoid name clashes
+  IDEA_DECRYPT_CONST = 0;
+
+  IDEA_BLOCK      = 8;
+  IDEA_KEY_LENGTH = 16;
+
+type
+  IDEA_INT = type TIdC_INT;
+
+  idea_key_st = record
+    data: array[0..8, 0..5] of IDEA_INT;
+  end;
+  IDEA_KEY_SCHEDULE = idea_key_st;
+  PIDEA_KEY_SCHEDULE = ^IDEA_KEY_SCHEDULE;
+
+  function IDEA_options: PIdAnsiChar cdecl; external CLibCrypto;
+  procedure IDEA_ecb_encrypt(const &in: PByte; &out: PByte; ks: PIDEA_KEY_SCHEDULE) cdecl; external CLibCrypto;
+  procedure IDEA_set_encrypt_key(const key: PByte; ks: PIDEA_KEY_SCHEDULE) cdecl; external CLibCrypto;
+  procedure IDEA_set_decrypt_key(ek: PIDEA_KEY_SCHEDULE; dk: PIDEA_KEY_SCHEDULE) cdecl; external CLibCrypto;
+  procedure IDEA_cbc_encrypt(const &in: PByte; &out: PByte; length: TIdC_LONG; ks: PIDEA_KEY_SCHEDULE; iv: PByte; enc: TIdC_INT) cdecl; external CLibCrypto;
+  procedure IDEA_cfb64_encrypt(const &in: PByte; &out: PByte; length: TIdC_LONG; ks: PIDEA_KEY_SCHEDULE; iv: PByte; num: PIdC_INT; enc: TIdC_INT) cdecl; external CLibCrypto;
+  procedure IDEA_ofb64_encrypt(const &in: PByte; &out: PByte; length: TIdC_LONG; ks: PIDEA_KEY_SCHEDULE; iv: PByte; num: PIdC_INT) cdecl; external CLibCrypto;
+  procedure IDEA_encrypt(&in: PIdC_LONG; ks: PIDEA_KEY_SCHEDULE) cdecl; external CLibCrypto;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_kdferr.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_kdferr.pas
new file mode 100644
index 000000000..c27878647
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_kdferr.pas
@@ -0,0 +1,84 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 14:51:27
+
+unit IdOpenSSLHeaders_kdferr;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// kdferr.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+const
+  (*
+   * KDF function codes.
+   *)
+  KDF_F_PKEY_HKDF_CTRL_STR = 103;
+  KDF_F_PKEY_HKDF_DERIVE = 102;
+  KDF_F_PKEY_HKDF_INIT = 108;
+  KDF_F_PKEY_SCRYPT_CTRL_STR = 104;
+  KDF_F_PKEY_SCRYPT_CTRL_UINT64 = 105;
+  KDF_F_PKEY_SCRYPT_DERIVE = 109;
+  KDF_F_PKEY_SCRYPT_INIT = 106;
+  KDF_F_PKEY_SCRYPT_SET_MEMBUF = 107;
+  KDF_F_PKEY_TLS1_PRF_CTRL_STR = 100;
+  KDF_F_PKEY_TLS1_PRF_DERIVE = 101;
+  KDF_F_PKEY_TLS1_PRF_INIT = 110;
+  KDF_F_TLS1_PRF_ALG = 111;
+
+  (*
+   * KDF reason codes.
+   *)
+  KDF_R_INVALID_DIGEST = 100;
+  KDF_R_MISSING_ITERATION_COUNT = 109;
+  KDF_R_MISSING_KEY = 104;
+  KDF_R_MISSING_MESSAGE_DIGEST = 105;
+  KDF_R_MISSING_PARAMETER = 101;
+  KDF_R_MISSING_PASS = 110;
+  KDF_R_MISSING_SALT = 111;
+  KDF_R_MISSING_SECRET = 107;
+  KDF_R_MISSING_SEED = 106;
+  KDF_R_UNKNOWN_PARAMETER_TYPE = 103;
+  KDF_R_VALUE_ERROR = 108;
+  KDF_R_VALUE_MISSING = 102;
+
+  function ERR_load_KDF_strings: TIdC_INT cdecl; external CLibCrypto;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_obj_mac.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_obj_mac.pas
new file mode 100644
index 000000000..e09a90af3
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_obj_mac.pas
@@ -0,0 +1,2921 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 14:51:27
+
+unit IdOpenSSLHeaders_obj_mac;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// obj_mac.h
+
+{$i IdCompilerDefines.inc}
+
+const
+  SN_undef =       'UNDEF';
+  LN_undef =       'undefined';
+  NID_undef =       0;
+  SN_itu_t =     'ITU-T';
+  LN_itu_t =     'itu-t';
+  NID_itu_t =     645;
+  NID_ccitt =     404;
+  SN_iso =   'ISO';
+  LN_iso =   'iso';
+  NID_iso =   181;
+  SN_joint_iso_itu_t =    'JOINT-ISO-ITU-T';
+  LN_joint_iso_itu_t =    'joint-iso-itu-t';
+  NID_joint_iso_itu_t =    646;
+  NID_joint_iso_ccitt =    393;
+  SN_member_body =   'member-body';
+  LN_member_body =   'ISO Member Body';
+  NID_member_body =   182;
+  SN_identified_organization =    'identified-organization';
+  NID_identified_organization =    676;
+  SN_hmac_md5 =    'HMAC-MD5';
+  LN_hmac_md5 =    'hmac-md5';
+  NID_hmac_md5 =    780;
+  SN_hmac_sha1 =    'HMAC-SHA1';
+  LN_hmac_sha1 =    'hmac-sha1';
+  NID_hmac_sha1 =    781;
+  SN_x509ExtAdmission =    'x509ExtAdmission';
+  LN_x509ExtAdmission =    'Professional Information or basis for Admission';
+  NID_x509ExtAdmission =    1093;
+  SN_certicom_arc =   'certicom-arc';
+  NID_certicom_arc =     677;
+  SN_ieee =   'ieee';
+  NID_ieee =     1170;
+  SN_ieee_siswg =    'ieee-siswg';
+  LN_ieee_siswg =    'IEEE Security in Storage Working Group';
+  NID_ieee_siswg =   1171;
+  SN_international_organizations =   'international-organizations';
+  LN_international_organizations =   'International Organizations';
+  NID_international_organizations =   647;
+  SN_wap =   'wap';
+  NID_wap =   678;
+  SN_wap_wsg =    'wap-wsg';
+  NID_wap_wsg =    679;
+  SN_selected_attribute_types =    'selected-attribute-types';
+  LN_selected_attribute_types =    'Selected Attribute Types';
+  NID_selected_attribute_types =    394;
+  SN_clearance =    'clearance';
+  NID_clearance =    395;
+  SN_ISO_US =     'ISO-US';
+  LN_ISO_US =     'ISO US Member Body';
+  NID_ISO_US =    183;
+  SN_X9_57 =     'X9-57';
+  LN_X9_57 =     'X9.57';
+  NID_X9_57 =     184;
+  SN_X9cm =   'X9cm';
+  LN_X9cm =   'X9.57 CM ?';
+  NID_X9cm =     185;
+  SN_ISO_CN =     'ISO-CN';
+  LN_ISO_CN =     'ISO CN Member Body';
+  NID_ISO_CN =    1140;
+  SN_oscca =     'oscca';
+  NID_oscca =     1141;
+  SN_sm_scheme =    'sm-scheme';
+  NID_sm_scheme =    1142;
+  SN_dsa =   'DSA';
+  LN_dsa =   'dsaEncryption';
+  NID_dsa =   116;
+  SN_dsaWithSHA1 =   'DSA-SHA1';
+  LN_dsaWithSHA1 =   'dsaWithSHA1';
+  NID_dsaWithSHA1 =   113;
+  SN_ansi_X9_62 =    'ansi-X9-62';
+  LN_ansi_X9_62 =    'ANSI X9.62';
+  NID_ansi_X9_62 =   405;
+  SN_X9_62_prime_field =    'prime-field';
+  NID_X9_62_prime_field =    406;
+  SN_X9_62_characteristic_two_field =     'characteristic-two-field';
+  NID_X9_62_characteristic_two_field =    407;
+  SN_X9_62_id_characteristic_two_basis =    'id-characteristic-two-basis';
+  NID_X9_62_id_characteristic_two_basis =    680;
+  SN_X9_62_onBasis =     'onBasis';
+  NID_X9_62_onBasis =     681;
+  SN_X9_62_tpBasis =     'tpBasis';
+  NID_X9_62_tpBasis =     682;
+  SN_X9_62_ppBasis =     'ppBasis';
+  NID_X9_62_ppBasis =     683;
+  SN_X9_62_id_ecPublicKey =   'id-ecPublicKey';
+  NID_X9_62_id_ecPublicKey =     408;
+  SN_X9_62_c2pnb163v1 =    'c2pnb163v1';
+  NID_X9_62_c2pnb163v1 =    684;
+  SN_X9_62_c2pnb163v2 =    'c2pnb163v2';
+  NID_X9_62_c2pnb163v2 =    685;
+  SN_X9_62_c2pnb163v3 =    'c2pnb163v3';
+  NID_X9_62_c2pnb163v3 =    686;
+  SN_X9_62_c2pnb176v1 =    'c2pnb176v1';
+  NID_X9_62_c2pnb176v1 =    687;
+  SN_X9_62_c2tnb191v1 =    'c2tnb191v1';
+  NID_X9_62_c2tnb191v1 =    688;
+  SN_X9_62_c2tnb191v2 =    'c2tnb191v2';
+  NID_X9_62_c2tnb191v2 =    689;
+  SN_X9_62_c2tnb191v3 =    'c2tnb191v3';
+  NID_X9_62_c2tnb191v3 =    690;
+  SN_X9_62_c2onb191v4 =    'c2onb191v4';
+  NID_X9_62_c2onb191v4 =    691;
+  SN_X9_62_c2onb191v5 =    'c2onb191v5';
+  NID_X9_62_c2onb191v5 =    692;
+  SN_X9_62_c2pnb208w1 =    'c2pnb208w1';
+  NID_X9_62_c2pnb208w1 =    693;
+  SN_X9_62_c2tnb239v1 =    'c2tnb239v1';
+  NID_X9_62_c2tnb239v1 =    694;
+  SN_X9_62_c2tnb239v2 =    'c2tnb239v2';
+  NID_X9_62_c2tnb239v2 =    695;
+  SN_X9_62_c2tnb239v3 =    'c2tnb239v3';
+  NID_X9_62_c2tnb239v3 =    696;
+  SN_X9_62_c2onb239v4 =    'c2onb239v4';
+  NID_X9_62_c2onb239v4 =    697;
+  SN_X9_62_c2onb239v5 =    'c2onb239v5';
+  NID_X9_62_c2onb239v5 =    698;
+  SN_X9_62_c2pnb272w1 =    'c2pnb272w1';
+  NID_X9_62_c2pnb272w1 =    699;
+  SN_X9_62_c2pnb304w1 =    'c2pnb304w1';
+  NID_X9_62_c2pnb304w1 =    700;
+  SN_X9_62_c2tnb359v1 =    'c2tnb359v1';
+  NID_X9_62_c2tnb359v1 =    701;
+  SN_X9_62_c2pnb368w1 =    'c2pnb368w1';
+  NID_X9_62_c2pnb368w1 =    702;
+  SN_X9_62_c2tnb431r1 =    'c2tnb431r1';
+  NID_X9_62_c2tnb431r1 =    703;
+  SN_X9_62_prime192v1 =    'prime192v1';
+  NID_X9_62_prime192v1 =    409;
+  SN_X9_62_prime192v2 =    'prime192v2';
+  NID_X9_62_prime192v2 =    410;
+  SN_X9_62_prime192v3 =    'prime192v3';
+  NID_X9_62_prime192v3 =    411;
+  SN_X9_62_prime239v1 =    'prime239v1';
+  NID_X9_62_prime239v1 =    412;
+  SN_X9_62_prime239v2 =    'prime239v2';
+  NID_X9_62_prime239v2 =    413;
+  SN_X9_62_prime239v3 =    'prime239v3';
+  NID_X9_62_prime239v3 =    414;
+  SN_X9_62_prime256v1 =    'prime256v1';
+  NID_X9_62_prime256v1 =    415;
+  SN_ecdsa_with_SHA1 =    'ecdsa-with-SHA1';
+  NID_ecdsa_with_SHA1 =    416;
+  SN_ecdsa_with_Recommended =     'ecdsa-with-Recommended';
+  NID_ecdsa_with_Recommended =    791;
+  SN_ecdsa_with_Specified =   'ecdsa-with-Specified';
+  NID_ecdsa_with_Specified =     792;
+  SN_ecdsa_with_SHA224 =    'ecdsa-with-SHA224';
+  NID_ecdsa_with_SHA224 =    793;
+  SN_ecdsa_with_SHA256 =    'ecdsa-with-SHA256';
+  NID_ecdsa_with_SHA256 =    794;
+  SN_ecdsa_with_SHA384 =    'ecdsa-with-SHA384';
+  NID_ecdsa_with_SHA384 =    795;
+  SN_ecdsa_with_SHA512 =    'ecdsa-with-SHA512';
+  NID_ecdsa_with_SHA512 =    796;
+  SN_secp112r1 =    'secp112r1';
+  NID_secp112r1 =    704;
+  SN_secp112r2 =    'secp112r2';
+  NID_secp112r2 =    705;
+  SN_secp128r1 =    'secp128r1';
+  NID_secp128r1 =    706;
+  SN_secp128r2 =    'secp128r2';
+  NID_secp128r2 =    707;
+  SN_secp160k1 =    'secp160k1';
+  NID_secp160k1 =    708;
+  SN_secp160r1 =    'secp160r1';
+  NID_secp160r1 =    709;
+  SN_secp160r2 =    'secp160r2';
+  NID_secp160r2 =    710;
+  SN_secp192k1 =    'secp192k1';
+  NID_secp192k1 =    711;
+  SN_secp224k1 =    'secp224k1';
+  NID_secp224k1 =    712;
+  SN_secp224r1 =    'secp224r1';
+  NID_secp224r1 =    713;
+  SN_secp256k1 =    'secp256k1';
+  NID_secp256k1 =    714;
+  SN_secp384r1 =    'secp384r1';
+  NID_secp384r1 =    715;
+  SN_secp521r1 =    'secp521r1';
+  NID_secp521r1 =    716;
+  SN_sect113r1 =    'sect113r1';
+  NID_sect113r1 =    717;
+  SN_sect113r2 =    'sect113r2';
+  NID_sect113r2 =    718;
+  SN_sect131r1 =    'sect131r1';
+  NID_sect131r1 =    719;
+  SN_sect131r2 =    'sect131r2';
+  NID_sect131r2 =    720;
+  SN_sect163k1 =    'sect163k1';
+  NID_sect163k1 =    721;
+  SN_sect163r1 =    'sect163r1';
+  NID_sect163r1 =    722;
+  SN_sect163r2 =    'sect163r2';
+  NID_sect163r2 =    723;
+  SN_sect193r1 =    'sect193r1';
+  NID_sect193r1 =    724;
+  SN_sect193r2 =    'sect193r2';
+  NID_sect193r2 =    725;
+  SN_sect233k1 =    'sect233k1';
+  NID_sect233k1 =    726;
+  SN_sect233r1 =    'sect233r1';
+  NID_sect233r1 =    727;
+  SN_sect239k1 =    'sect239k1';
+  NID_sect239k1 =    728;
+  SN_sect283k1 =    'sect283k1';
+  NID_sect283k1 =    729;
+  SN_sect283r1 =    'sect283r1';
+  NID_sect283r1 =    730;
+  SN_sect409k1 =    'sect409k1';
+  NID_sect409k1 =    731;
+  SN_sect409r1 =    'sect409r1';
+  NID_sect409r1 =    732;
+  SN_sect571k1 =    'sect571k1';
+  NID_sect571k1 =    733;
+  SN_sect571r1 =    'sect571r1';
+  NID_sect571r1 =    734;
+  SN_wap_wsg_idm_ecid_wtls1 =     'wap-wsg-idm-ecid-wtls1';
+  NID_wap_wsg_idm_ecid_wtls1 =    735;
+  SN_wap_wsg_idm_ecid_wtls3 =     'wap-wsg-idm-ecid-wtls3';
+  NID_wap_wsg_idm_ecid_wtls3 =    736;
+  SN_wap_wsg_idm_ecid_wtls4 =     'wap-wsg-idm-ecid-wtls4';
+  NID_wap_wsg_idm_ecid_wtls4 =    737;
+  SN_wap_wsg_idm_ecid_wtls5 =     'wap-wsg-idm-ecid-wtls5';
+  NID_wap_wsg_idm_ecid_wtls5 =    738;
+  SN_wap_wsg_idm_ecid_wtls6 =     'wap-wsg-idm-ecid-wtls6';
+  NID_wap_wsg_idm_ecid_wtls6 =    739;
+  SN_wap_wsg_idm_ecid_wtls7 =     'wap-wsg-idm-ecid-wtls7';
+  NID_wap_wsg_idm_ecid_wtls7 =    740;
+  SN_wap_wsg_idm_ecid_wtls8 =     'wap-wsg-idm-ecid-wtls8';
+  NID_wap_wsg_idm_ecid_wtls8 =    741;
+  SN_wap_wsg_idm_ecid_wtls9 =     'wap-wsg-idm-ecid-wtls9';
+  NID_wap_wsg_idm_ecid_wtls9 =    742;
+  SN_wap_wsg_idm_ecid_wtls10 =    'wap-wsg-idm-ecid-wtls10';
+  NID_wap_wsg_idm_ecid_wtls10 =    743;
+  SN_wap_wsg_idm_ecid_wtls11 =    'wap-wsg-idm-ecid-wtls11';
+  NID_wap_wsg_idm_ecid_wtls11 =    744;
+  SN_wap_wsg_idm_ecid_wtls12 =    'wap-wsg-idm-ecid-wtls12';
+  NID_wap_wsg_idm_ecid_wtls12 =    745;
+  SN_cast5_cbc =    'CAST5-CBC';
+  LN_cast5_cbc =    'cast5-cbc';
+  NID_cast5_cbc =    108;
+  SN_cast5_ecb =    'CAST5-ECB';
+  LN_cast5_ecb =    'cast5-ecb';
+  NID_cast5_ecb =    109;
+  SN_cast5_cfb64 =   'CAST5-CFB';
+  LN_cast5_cfb64 =   'cast5-cfb';
+  NID_cast5_cfb64 =   110;
+  SN_cast5_ofb64 =   'CAST5-OFB';
+  LN_cast5_ofb64 =   'cast5-ofb';
+  NID_cast5_ofb64 =   111;
+  LN_pbeWithMD5AndCast5_CBC =     'pbeWithMD5AndCast5CBC';
+  NID_pbeWithMD5AndCast5_CBC =    112;
+  SN_id_PasswordBasedMAC =   'id-PasswordBasedMAC';
+  LN_id_PasswordBasedMAC =   'password based MAC';
+  NID_id_PasswordBasedMAC =   782;
+  SN_id_DHBasedMac =     'id-DHBasedMac';
+  LN_id_DHBasedMac =     'Diffie-Hellman based MAC';
+  NID_id_DHBasedMac =     783;
+  SN_rsadsi =     'rsadsi';
+  LN_rsadsi =     'RSA Data Security; Inc.';
+  NID_rsadsi =    1;
+  SN_pkcs =   'pkcs';
+  LN_pkcs =   'RSA Data Security; Inc. PKCS';
+  NID_pkcs =     2;
+  SN_pkcs1 =     'pkcs1';
+  NID_pkcs1 =     186;
+  LN_rsaEncryption =     'rsaEncryption';
+  NID_rsaEncryption =     6;
+  SN_md2WithRSAEncryption =   'RSA-MD2';
+  LN_md2WithRSAEncryption =   'md2WithRSAEncryption';
+  NID_md2WithRSAEncryption =     7;
+  SN_md4WithRSAEncryption =   'RSA-MD4';
+  LN_md4WithRSAEncryption =   'md4WithRSAEncryption';
+  NID_md4WithRSAEncryption =     396;
+  SN_md5WithRSAEncryption =   'RSA-MD5';
+  LN_md5WithRSAEncryption =   'md5WithRSAEncryption';
+  NID_md5WithRSAEncryption =     8;
+  SN_sha1WithRSAEncryption =     'RSA-SHA1';
+  LN_sha1WithRSAEncryption =     'sha1WithRSAEncryption';
+  NID_sha1WithRSAEncryption =     65;
+  SN_rsaesOaep =    'RSAES-OAEP';
+  LN_rsaesOaep =    'rsaesOaep';
+  NID_rsaesOaep =    919;
+  SN_mgf1 =   'MGF1';
+  LN_mgf1 =   'mgf1';
+  NID_mgf1 =     911;
+  SN_pSpecified =    'PSPECIFIED';
+  LN_pSpecified =    'pSpecified';
+  NID_pSpecified =   935;
+  SN_rsassaPss =    'RSASSA-PSS';
+  LN_rsassaPss =    'rsassaPss';
+  NID_rsassaPss =    912;
+  SN_sha256WithRSAEncryption =    'RSA-SHA256';
+  LN_sha256WithRSAEncryption =    'sha256WithRSAEncryption';
+  NID_sha256WithRSAEncryption =    668;
+  SN_sha384WithRSAEncryption =    'RSA-SHA384';
+  LN_sha384WithRSAEncryption =    'sha384WithRSAEncryption';
+  NID_sha384WithRSAEncryption =    669;
+  SN_sha512WithRSAEncryption =    'RSA-SHA512';
+  LN_sha512WithRSAEncryption =    'sha512WithRSAEncryption';
+  NID_sha512WithRSAEncryption =    670;
+  SN_sha224WithRSAEncryption =    'RSA-SHA224';
+  LN_sha224WithRSAEncryption =    'sha224WithRSAEncryption';
+  NID_sha224WithRSAEncryption =    671;
+  SN_sha512_224WithRSAEncryption =   'RSA-SHA512/224';
+  LN_sha512_224WithRSAEncryption =   'sha512-224WithRSAEncryption';
+  NID_sha512_224WithRSAEncryption =   1145;
+  SN_sha512_256WithRSAEncryption =   'RSA-SHA512/256';
+  LN_sha512_256WithRSAEncryption =   'sha512-256WithRSAEncryption';
+  NID_sha512_256WithRSAEncryption =   1146;
+  SN_pkcs3 =     'pkcs3';
+  NID_pkcs3 =     27;
+  LN_dhKeyAgreement =     'dhKeyAgreement';
+  NID_dhKeyAgreement =    28;
+  SN_pkcs5 =     'pkcs5';
+  NID_pkcs5 =     187;
+  SN_pbeWithMD2AndDES_CBC =   'PBE-MD2-DES';
+  LN_pbeWithMD2AndDES_CBC =   'pbeWithMD2AndDES-CBC';
+  NID_pbeWithMD2AndDES_CBC =     9;
+  SN_pbeWithMD5AndDES_CBC =   'PBE-MD5-DES';
+  LN_pbeWithMD5AndDES_CBC =   'pbeWithMD5AndDES-CBC';
+  NID_pbeWithMD5AndDES_CBC =     10;
+  SN_pbeWithMD2AndRC2_CBC =   'PBE-MD2-RC2-64';
+  LN_pbeWithMD2AndRC2_CBC =   'pbeWithMD2AndRC2-CBC';
+  NID_pbeWithMD2AndRC2_CBC =     168;
+  SN_pbeWithMD5AndRC2_CBC =   'PBE-MD5-RC2-64';
+  LN_pbeWithMD5AndRC2_CBC =   'pbeWithMD5AndRC2-CBC';
+  NID_pbeWithMD5AndRC2_CBC =     169;
+  SN_pbeWithSHA1AndDES_CBC =     'PBE-SHA1-DES';
+  LN_pbeWithSHA1AndDES_CBC =     'pbeWithSHA1AndDES-CBC';
+  NID_pbeWithSHA1AndDES_CBC =     170;
+  SN_pbeWithSHA1AndRC2_CBC =     'PBE-SHA1-RC2-64';
+  LN_pbeWithSHA1AndRC2_CBC =     'pbeWithSHA1AndRC2-CBC';
+  NID_pbeWithSHA1AndRC2_CBC =     68;
+  LN_id_pbkdf2 =    'PBKDF2';
+  NID_id_pbkdf2 =    69;
+  LN_pbes2 =     'PBES2';
+  NID_pbes2 =     161;
+  LN_pbmac1 =     'PBMAC1';
+  NID_pbmac1 =    162;
+  SN_pkcs7 =     'pkcs7';
+  NID_pkcs7 =     20;
+  LN_pkcs7_data =    'pkcs7-data';
+  NID_pkcs7_data =   21;
+  LN_pkcs7_signed =   'pkcs7-signedData';
+  NID_pkcs7_signed =     22;
+  LN_pkcs7_enveloped =    'pkcs7-envelopedData';
+  NID_pkcs7_enveloped =    23;
+  LN_pkcs7_signedAndEnveloped =    'pkcs7-signedAndEnvelopedData';
+  NID_pkcs7_signedAndEnveloped =    24;
+  LN_pkcs7_digest =   'pkcs7-digestData';
+  NID_pkcs7_digest =     25;
+  LN_pkcs7_encrypted =    'pkcs7-encryptedData';
+  NID_pkcs7_encrypted =    26;
+  SN_pkcs9 =     'pkcs9';
+  NID_pkcs9 =     47;
+  LN_pkcs9_emailAddress =    'emailAddress';
+  NID_pkcs9_emailAddress =   48;
+  LN_pkcs9_unstructuredName =     'unstructuredName';
+  NID_pkcs9_unstructuredName =    49;
+  LN_pkcs9_contentType =    'contentType';
+  NID_pkcs9_contentType =    50;
+  LN_pkcs9_messageDigest =   'messageDigest';
+  NID_pkcs9_messageDigest =   51;
+  LN_pkcs9_signingTime =    'signingTime';
+  NID_pkcs9_signingTime =    52;
+  LN_pkcs9_countersignature =     'countersignature';
+  NID_pkcs9_countersignature =    53;
+  LN_pkcs9_challengePassword =    'challengePassword';
+  NID_pkcs9_challengePassword =    54;
+  LN_pkcs9_unstructuredAddress =    'unstructuredAddress';
+  NID_pkcs9_unstructuredAddress =    55;
+  LN_pkcs9_extCertAttributes =    'extendedCertificateAttributes';
+  NID_pkcs9_extCertAttributes =    56;
+  SN_ext_req =    'extReq';
+  LN_ext_req =    'Extension Request';
+  NID_ext_req =    172;
+  SN_SMIMECapabilities =    'SMIME-CAPS';
+  LN_SMIMECapabilities =    'S/MIME Capabilities';
+  NID_SMIMECapabilities =    167;
+  SN_SMIME =     'SMIME';
+  LN_SMIME =     'S/MIME';
+  NID_SMIME =     188;
+  SN_id_smime_mod =   'id-smime-mod';
+  NID_id_smime_mod =     189;
+  SN_id_smime_ct =   'id-smime-ct';
+  NID_id_smime_ct =   190;
+  SN_id_smime_aa =   'id-smime-aa';
+  NID_id_smime_aa =   191;
+  SN_id_smime_alg =   'id-smime-alg';
+  NID_id_smime_alg =     192;
+  SN_id_smime_cd =   'id-smime-cd';
+  NID_id_smime_cd =   193;
+  SN_id_smime_spq =   'id-smime-spq';
+  NID_id_smime_spq =     194;
+  SN_id_smime_cti =   'id-smime-cti';
+  NID_id_smime_cti =     195;
+  SN_id_smime_mod_cms =    'id-smime-mod-cms';
+  NID_id_smime_mod_cms =    196;
+  SN_id_smime_mod_ess =    'id-smime-mod-ess';
+  NID_id_smime_mod_ess =    197;
+  SN_id_smime_mod_oid =    'id-smime-mod-oid';
+  NID_id_smime_mod_oid =    198;
+  SN_id_smime_mod_msg_v3 =   'id-smime-mod-msg-v3';
+  NID_id_smime_mod_msg_v3 =   199;
+  SN_id_smime_mod_ets_eSignature_88 =     'id-smime-mod-ets-eSignature-88';
+  NID_id_smime_mod_ets_eSignature_88 =    200;
+  SN_id_smime_mod_ets_eSignature_97 =     'id-smime-mod-ets-eSignature-97';
+  NID_id_smime_mod_ets_eSignature_97 =    201;
+  SN_id_smime_mod_ets_eSigPolicy_88 =     'id-smime-mod-ets-eSigPolicy-88';
+  NID_id_smime_mod_ets_eSigPolicy_88 =    202;
+  SN_id_smime_mod_ets_eSigPolicy_97 =     'id-smime-mod-ets-eSigPolicy-97';
+  NID_id_smime_mod_ets_eSigPolicy_97 =    203;
+  SN_id_smime_ct_receipt =   'id-smime-ct-receipt';
+  NID_id_smime_ct_receipt =   204;
+  SN_id_smime_ct_authData =   'id-smime-ct-authData';
+  NID_id_smime_ct_authData =     205;
+  SN_id_smime_ct_publishCert =    'id-smime-ct-publishCert';
+  NID_id_smime_ct_publishCert =    206;
+  SN_id_smime_ct_TSTInfo =   'id-smime-ct-TSTInfo';
+  NID_id_smime_ct_TSTInfo =   207;
+  SN_id_smime_ct_TDTInfo =   'id-smime-ct-TDTInfo';
+  NID_id_smime_ct_TDTInfo =   208;
+  SN_id_smime_ct_contentInfo =    'id-smime-ct-contentInfo';
+  NID_id_smime_ct_contentInfo =    209;
+  SN_id_smime_ct_DVCSRequestData =   'id-smime-ct-DVCSRequestData';
+  NID_id_smime_ct_DVCSRequestData =   210;
+  SN_id_smime_ct_DVCSResponseData =   'id-smime-ct-DVCSResponseData';
+  NID_id_smime_ct_DVCSResponseData =     211;
+  SN_id_smime_ct_compressedData =    'id-smime-ct-compressedData';
+  NID_id_smime_ct_compressedData =   786;
+  SN_id_smime_ct_contentCollection =     'id-smime-ct-contentCollection';
+  NID_id_smime_ct_contentCollection =     1058;
+  SN_id_smime_ct_authEnvelopedData =     'id-smime-ct-authEnvelopedData';
+  NID_id_smime_ct_authEnvelopedData =     1059;
+  SN_id_ct_asciiTextWithCRLF =    'id-ct-asciiTextWithCRLF';
+  NID_id_ct_asciiTextWithCRLF =    787;
+  SN_id_ct_xml =    'id-ct-xml';
+  NID_id_ct_xml =    1060;
+  SN_id_smime_aa_receiptRequest =    'id-smime-aa-receiptRequest';
+  NID_id_smime_aa_receiptRequest =   212;
+  SN_id_smime_aa_securityLabel =    'id-smime-aa-securityLabel';
+  NID_id_smime_aa_securityLabel =    213;
+  SN_id_smime_aa_mlExpandHistory =   'id-smime-aa-mlExpandHistory';
+  NID_id_smime_aa_mlExpandHistory =   214;
+  SN_id_smime_aa_contentHint =    'id-smime-aa-contentHint';
+  NID_id_smime_aa_contentHint =    215;
+  SN_id_smime_aa_msgSigDigest =    'id-smime-aa-msgSigDigest';
+  NID_id_smime_aa_msgSigDigest =    216;
+  SN_id_smime_aa_encapContentType =   'id-smime-aa-encapContentType';
+  NID_id_smime_aa_encapContentType =     217;
+  SN_id_smime_aa_contentIdentifier =     'id-smime-aa-contentIdentifier';
+  NID_id_smime_aa_contentIdentifier =     218;
+  SN_id_smime_aa_macValue =   'id-smime-aa-macValue';
+  NID_id_smime_aa_macValue =     219;
+  SN_id_smime_aa_equivalentLabels =   'id-smime-aa-equivalentLabels';
+  NID_id_smime_aa_equivalentLabels =     220;
+  SN_id_smime_aa_contentReference =   'id-smime-aa-contentReference';
+  NID_id_smime_aa_contentReference =     221;
+  SN_id_smime_aa_encrypKeyPref =    'id-smime-aa-encrypKeyPref';
+  NID_id_smime_aa_encrypKeyPref =    222;
+  SN_id_smime_aa_signingCertificate =     'id-smime-aa-signingCertificate';
+  NID_id_smime_aa_signingCertificate =    223;
+  SN_id_smime_aa_smimeEncryptCerts =     'id-smime-aa-smimeEncryptCerts';
+  NID_id_smime_aa_smimeEncryptCerts =     224;
+  SN_id_smime_aa_timeStampToken =    'id-smime-aa-timeStampToken';
+  NID_id_smime_aa_timeStampToken =   225;
+  SN_id_smime_aa_ets_sigPolicyId =   'id-smime-aa-ets-sigPolicyId';
+  NID_id_smime_aa_ets_sigPolicyId =   226;
+  SN_id_smime_aa_ets_commitmentType =     'id-smime-aa-ets-commitmentType';
+  NID_id_smime_aa_ets_commitmentType =    227;
+  SN_id_smime_aa_ets_signerLocation =     'id-smime-aa-ets-signerLocation';
+  NID_id_smime_aa_ets_signerLocation =    228;
+  SN_id_smime_aa_ets_signerAttr =    'id-smime-aa-ets-signerAttr';
+  NID_id_smime_aa_ets_signerAttr =   229;
+  SN_id_smime_aa_ets_otherSigCert =   'id-smime-aa-ets-otherSigCert';
+  NID_id_smime_aa_ets_otherSigCert =     230;
+  SN_id_smime_aa_ets_contentTimestamp =    'id-smime-aa-ets-contentTimestamp';
+  NID_id_smime_aa_ets_contentTimestamp =    231;
+  SN_id_smime_aa_ets_CertificateRefs =    'id-smime-aa-ets-CertificateRefs';
+  NID_id_smime_aa_ets_CertificateRefs =    232;
+  SN_id_smime_aa_ets_RevocationRefs =     'id-smime-aa-ets-RevocationRefs';
+  NID_id_smime_aa_ets_RevocationRefs =    233;
+  SN_id_smime_aa_ets_certValues =    'id-smime-aa-ets-certValues';
+  NID_id_smime_aa_ets_certValues =   234;
+  SN_id_smime_aa_ets_revocationValues =    'id-smime-aa-ets-revocationValues';
+  NID_id_smime_aa_ets_revocationValues =    235;
+  SN_id_smime_aa_ets_escTimeStamp =   'id-smime-aa-ets-escTimeStamp';
+  NID_id_smime_aa_ets_escTimeStamp =     236;
+  SN_id_smime_aa_ets_certCRLTimestamp =    'id-smime-aa-ets-certCRLTimestamp';
+  NID_id_smime_aa_ets_certCRLTimestamp =    237;
+  SN_id_smime_aa_ets_archiveTimeStamp =    'id-smime-aa-ets-archiveTimeStamp';
+  NID_id_smime_aa_ets_archiveTimeStamp =    238;
+  SN_id_smime_aa_signatureType =    'id-smime-aa-signatureType';
+  NID_id_smime_aa_signatureType =    239;
+  SN_id_smime_aa_dvcs_dvc =   'id-smime-aa-dvcs-dvc';
+  NID_id_smime_aa_dvcs_dvc =     240;
+  SN_id_smime_aa_signingCertificateV2 =    'id-smime-aa-signingCertificateV2';
+  NID_id_smime_aa_signingCertificateV2 =    1086;
+  SN_id_smime_alg_ESDHwith3DES =    'id-smime-alg-ESDHwith3DES';
+  NID_id_smime_alg_ESDHwith3DES =    241;
+  SN_id_smime_alg_ESDHwithRC2 =    'id-smime-alg-ESDHwithRC2';
+  NID_id_smime_alg_ESDHwithRC2 =    242;
+  SN_id_smime_alg_3DESwrap =     'id-smime-alg-3DESwrap';
+  NID_id_smime_alg_3DESwrap =     243;
+  SN_id_smime_alg_RC2wrap =   'id-smime-alg-RC2wrap';
+  NID_id_smime_alg_RC2wrap =     244;
+  SN_id_smime_alg_ESDH =    'id-smime-alg-ESDH';
+  NID_id_smime_alg_ESDH =    245;
+  SN_id_smime_alg_CMS3DESwrap =    'id-smime-alg-CMS3DESwrap';
+  NID_id_smime_alg_CMS3DESwrap =    246;
+  SN_id_smime_alg_CMSRC2wrap =    'id-smime-alg-CMSRC2wrap';
+  NID_id_smime_alg_CMSRC2wrap =    247;
+  SN_id_alg_PWRI_KEK =    'id-alg-PWRI-KEK';
+  NID_id_alg_PWRI_KEK =    893;
+  SN_id_smime_cd_ldap =    'id-smime-cd-ldap';
+  NID_id_smime_cd_ldap =    248;
+  SN_id_smime_spq_ets_sqt_uri =    'id-smime-spq-ets-sqt-uri';
+  NID_id_smime_spq_ets_sqt_uri =    249;
+  SN_id_smime_spq_ets_sqt_unotice =   'id-smime-spq-ets-sqt-unotice';
+  NID_id_smime_spq_ets_sqt_unotice =     250;
+  SN_id_smime_cti_ets_proofOfOrigin =     'id-smime-cti-ets-proofOfOrigin';
+  NID_id_smime_cti_ets_proofOfOrigin =    251;
+  SN_id_smime_cti_ets_proofOfReceipt =    'id-smime-cti-ets-proofOfReceipt';
+  NID_id_smime_cti_ets_proofOfReceipt =    252;
+  SN_id_smime_cti_ets_proofOfDelivery =    'id-smime-cti-ets-proofOfDelivery';
+  NID_id_smime_cti_ets_proofOfDelivery =    253;
+  SN_id_smime_cti_ets_proofOfSender =     'id-smime-cti-ets-proofOfSender';
+  NID_id_smime_cti_ets_proofOfSender =    254;
+  SN_id_smime_cti_ets_proofOfApproval =    'id-smime-cti-ets-proofOfApproval';
+  NID_id_smime_cti_ets_proofOfApproval =    255;
+  SN_id_smime_cti_ets_proofOfCreation =    'id-smime-cti-ets-proofOfCreation';
+  NID_id_smime_cti_ets_proofOfCreation =    256;
+  LN_friendlyName =   'friendlyName';
+  NID_friendlyName =     156;
+  LN_localKeyID =    'localKeyID';
+  NID_localKeyID =   157;
+  SN_ms_csp_name =   'CSPName';
+  LN_ms_csp_name =   'Microsoft CSP Name';
+  NID_ms_csp_name =   417;
+  SN_LocalKeySet =   'LocalKeySet';
+  LN_LocalKeySet =   'Microsoft Local Key set';
+  NID_LocalKeySet =   856;
+  LN_x509Certificate =    'x509Certificate';
+  NID_x509Certificate =    158;
+  LN_sdsiCertificate =    'sdsiCertificate';
+  NID_sdsiCertificate =    159;
+  LN_x509Crl =    'x509Crl';
+  NID_x509Crl =    160;
+  SN_pbe_WithSHA1And128BitRC4 =    'PBE-SHA1-RC4-128';
+  LN_pbe_WithSHA1And128BitRC4 =    'pbeWithSHA1And128BitRC4';
+  NID_pbe_WithSHA1And128BitRC4 =    144;
+  SN_pbe_WithSHA1And40BitRC4 =    'PBE-SHA1-RC4-40';
+  LN_pbe_WithSHA1And40BitRC4 =    'pbeWithSHA1And40BitRC4';
+  NID_pbe_WithSHA1And40BitRC4 =    145;
+  SN_pbe_WithSHA1And3_Key_TripleDES_CBC =    'PBE-SHA1-3DES';
+  LN_pbe_WithSHA1And3_Key_TripleDES_CBC =    'pbeWithSHA1And3-KeyTripleDES-CBC';
+  NID_pbe_WithSHA1And3_Key_TripleDES_CBC =   146;
+  SN_pbe_WithSHA1And2_Key_TripleDES_CBC =    'PBE-SHA1-2DES';
+  LN_pbe_WithSHA1And2_Key_TripleDES_CBC =    'pbeWithSHA1And2-KeyTripleDES-CBC';
+  NID_pbe_WithSHA1And2_Key_TripleDES_CBC =   147;
+  SN_pbe_WithSHA1And128BitRC2_CBC =   'PBE-SHA1-RC2-128';
+  LN_pbe_WithSHA1And128BitRC2_CBC =   'pbeWithSHA1And128BitRC2-CBC';
+  NID_pbe_WithSHA1And128BitRC2_CBC =     148;
+  SN_pbe_WithSHA1And40BitRC2_CBC =   'PBE-SHA1-RC2-40';
+  LN_pbe_WithSHA1And40BitRC2_CBC =   'pbeWithSHA1And40BitRC2-CBC';
+  NID_pbe_WithSHA1And40BitRC2_CBC =   149;
+  LN_keyBag =     'keyBag';
+  NID_keyBag =    150;
+  LN_pkcs8ShroudedKeyBag =   'pkcs8ShroudedKeyBag';
+  NID_pkcs8ShroudedKeyBag =   151;
+  LN_certBag =    'certBag';
+  NID_certBag =    152;
+  LN_crlBag =     'crlBag';
+  NID_crlBag =    153;
+  LN_secretBag =    'secretBag';
+  NID_secretBag =    154;
+  LN_safeContentsBag =    'safeContentsBag';
+  NID_safeContentsBag =    155;
+  SN_md2 =   'MD2';
+  LN_md2 =   'md2';
+  NID_md2 =   3;
+  SN_md4 =   'MD4';
+  LN_md4 =   'md4';
+  NID_md4 =   257;
+  SN_md5 =   'MD5';
+  LN_md5 =   'md5';
+  NID_md5 =   4;
+  SN_md5_sha1 =    'MD5-SHA1';
+  LN_md5_sha1 =    'md5-sha1';
+  NID_md5_sha1 =    114;
+  LN_hmacWithMD5 =   'hmacWithMD5';
+  NID_hmacWithMD5 =   797;
+  LN_hmacWithSHA1 =   'hmacWithSHA1';
+  NID_hmacWithSHA1 =     163;
+  SN_sm2 =   'SM2';
+  LN_sm2 =   'sm2';
+  NID_sm2 =   1172;
+  SN_sm3 =   'SM3';
+  LN_sm3 =   'sm3';
+  NID_sm3 =   1143;
+  SN_sm3WithRSAEncryption =   'RSA-SM3';
+  LN_sm3WithRSAEncryption =   'sm3WithRSAEncryption';
+  NID_sm3WithRSAEncryption =     1144;
+  LN_hmacWithSHA224 =     'hmacWithSHA224';
+  NID_hmacWithSHA224 =    798;
+  LN_hmacWithSHA256 =     'hmacWithSHA256';
+  NID_hmacWithSHA256 =    799;
+  LN_hmacWithSHA384 =     'hmacWithSHA384';
+  NID_hmacWithSHA384 =    800;
+  LN_hmacWithSHA512 =     'hmacWithSHA512';
+  NID_hmacWithSHA512 =    801;
+  LN_hmacWithSHA512_224 =    'hmacWithSHA512-224';
+  NID_hmacWithSHA512_224 =   1193;
+  LN_hmacWithSHA512_256 =    'hmacWithSHA512-256';
+  NID_hmacWithSHA512_256 =   1194;
+  SN_rc2_cbc =    'RC2-CBC';
+  LN_rc2_cbc =    'rc2-cbc';
+  NID_rc2_cbc =    37;
+  SN_rc2_ecb =    'RC2-ECB';
+  LN_rc2_ecb =    'rc2-ecb';
+  NID_rc2_ecb =    38;
+  SN_rc2_cfb64 =    'RC2-CFB';
+  LN_rc2_cfb64 =    'rc2-cfb';
+  NID_rc2_cfb64 =    39;
+  SN_rc2_ofb64 =    'RC2-OFB';
+  LN_rc2_ofb64 =    'rc2-ofb';
+  NID_rc2_ofb64 =    40;
+  SN_rc2_40_cbc =    'RC2-40-CBC';
+  LN_rc2_40_cbc =    'rc2-40-cbc';
+  NID_rc2_40_cbc =   98;
+  SN_rc2_64_cbc =    'RC2-64-CBC';
+  LN_rc2_64_cbc =    'rc2-64-cbc';
+  NID_rc2_64_cbc =   166;
+  SN_rc4 =   'RC4';
+  LN_rc4 =   'rc4';
+  NID_rc4 =   5;
+  SN_rc4_40 =     'RC4-40';
+  LN_rc4_40 =     'rc4-40';
+  NID_rc4_40 =    97;
+  SN_des_ede3_cbc =   'DES-EDE3-CBC';
+  LN_des_ede3_cbc =   'des-ede3-cbc';
+  NID_des_ede3_cbc =     44;
+  SN_rc5_cbc =    'RC5-CBC';
+  LN_rc5_cbc =    'rc5-cbc';
+  NID_rc5_cbc =    120;
+  SN_rc5_ecb =    'RC5-ECB';
+  LN_rc5_ecb =    'rc5-ecb';
+  NID_rc5_ecb =    121;
+  SN_rc5_cfb64 =    'RC5-CFB';
+  LN_rc5_cfb64 =    'rc5-cfb';
+  NID_rc5_cfb64 =    122;
+  SN_rc5_ofb64 =    'RC5-OFB';
+  LN_rc5_ofb64 =    'rc5-ofb';
+  NID_rc5_ofb64 =    123;
+  SN_ms_ext_req =    'msExtReq';
+  LN_ms_ext_req =    'Microsoft Extension Request';
+  NID_ms_ext_req =   171;
+  SN_ms_code_ind =   'msCodeInd';
+  LN_ms_code_ind =   'Microsoft Individual Code Signing';
+  NID_ms_code_ind =   134;
+  SN_ms_code_com =   'msCodeCom';
+  LN_ms_code_com =   'Microsoft Commercial Code Signing';
+  NID_ms_code_com =   135;
+  SN_ms_ctl_sign =   'msCTLSign';
+  LN_ms_ctl_sign =   'Microsoft Trust List Signing';
+  NID_ms_ctl_sign =   136;
+  SN_ms_sgc =     'msSGC';
+  LN_ms_sgc =     'Microsoft Server Gated Crypto';
+  NID_ms_sgc =    137;
+  SN_ms_efs =     'msEFS';
+  LN_ms_efs =     'Microsoft Encrypted File System';
+  NID_ms_efs =    138;
+  SN_ms_smartcard_login =    'msSmartcardLogin';
+  LN_ms_smartcard_login =    'Microsoft Smartcard Login';
+  NID_ms_smartcard_login =   648;
+  SN_ms_upn =     'msUPN';
+  LN_ms_upn =     'Microsoft User Principal Name';
+  NID_ms_upn =    649;
+  SN_idea_cbc =    'IDEA-CBC';
+  LN_idea_cbc =    'idea-cbc';
+  NID_idea_cbc =    34;
+  SN_idea_ecb =    'IDEA-ECB';
+  LN_idea_ecb =    'idea-ecb';
+  NID_idea_ecb =    36;
+  SN_idea_cfb64 =    'IDEA-CFB';
+  LN_idea_cfb64 =    'idea-cfb';
+  NID_idea_cfb64 =   35;
+  SN_idea_ofb64 =    'IDEA-OFB';
+  LN_idea_ofb64 =    'idea-ofb';
+  NID_idea_ofb64 =   46;
+  SN_bf_cbc =     'BF-CBC';
+  LN_bf_cbc =     'bf-cbc';
+  NID_bf_cbc =    91;
+  SN_bf_ecb =     'BF-ECB';
+  LN_bf_ecb =     'bf-ecb';
+  NID_bf_ecb =    92;
+  SN_bf_cfb64 =    'BF-CFB';
+  LN_bf_cfb64 =    'bf-cfb';
+  NID_bf_cfb64 =    93;
+  SN_bf_ofb64 =    'BF-OFB';
+  LN_bf_ofb64 =    'bf-ofb';
+  NID_bf_ofb64 =    94;
+  SN_id_pkix =    'PKIX';
+  NID_id_pkix =    127;
+  SN_id_pkix_mod =   'id-pkix-mod';
+  NID_id_pkix_mod =   258;
+  SN_id_pe =     'id-pe';
+  NID_id_pe =     175;
+  SN_id_qt =     'id-qt';
+  NID_id_qt =     259;
+  SN_id_kp =     'id-kp';
+  NID_id_kp =     128;
+  SN_id_it =     'id-it';
+  NID_id_it =     260;
+  SN_id_pkip =    'id-pkip';
+  NID_id_pkip =    261;
+  SN_id_alg =     'id-alg';
+  NID_id_alg =    262;
+  SN_id_cmc =     'id-cmc';
+  NID_id_cmc =    263;
+  SN_id_on =     'id-on';
+  NID_id_on =     264;
+  SN_id_pda =     'id-pda';
+  NID_id_pda =    265;
+  SN_id_aca =     'id-aca';
+  NID_id_aca =    266;
+  SN_id_qcs =     'id-qcs';
+  NID_id_qcs =    267;
+  SN_id_cct =     'id-cct';
+  NID_id_cct =    268;
+  SN_id_ppl =     'id-ppl';
+  NID_id_ppl =    662;
+  SN_id_ad =     'id-ad';
+  NID_id_ad =     176;
+  SN_id_pkix1_explicit_88 =   'id-pkix1-explicit-88';
+  NID_id_pkix1_explicit_88 =     269;
+  SN_id_pkix1_implicit_88 =   'id-pkix1-implicit-88';
+  NID_id_pkix1_implicit_88 =     270;
+  SN_id_pkix1_explicit_93 =   'id-pkix1-explicit-93';
+  NID_id_pkix1_explicit_93 =     271;
+  SN_id_pkix1_implicit_93 =   'id-pkix1-implicit-93';
+  NID_id_pkix1_implicit_93 =     272;
+  SN_id_mod_crmf =   'id-mod-crmf';
+  NID_id_mod_crmf =   273;
+  SN_id_mod_cmc =    'id-mod-cmc';
+  NID_id_mod_cmc =   274;
+  SN_id_mod_kea_profile_88 =     'id-mod-kea-profile-88';
+  NID_id_mod_kea_profile_88 =     275;
+  SN_id_mod_kea_profile_93 =     'id-mod-kea-profile-93';
+  NID_id_mod_kea_profile_93 =     276;
+  SN_id_mod_cmp =    'id-mod-cmp';
+  NID_id_mod_cmp =   277;
+  SN_id_mod_qualified_cert_88 =    'id-mod-qualified-cert-88';
+  NID_id_mod_qualified_cert_88 =    278;
+  SN_id_mod_qualified_cert_93 =    'id-mod-qualified-cert-93';
+  NID_id_mod_qualified_cert_93 =    279;
+  SN_id_mod_attribute_cert =     'id-mod-attribute-cert';
+  NID_id_mod_attribute_cert =     280;
+  SN_id_mod_timestamp_protocol =    'id-mod-timestamp-protocol';
+  NID_id_mod_timestamp_protocol =    281;
+  SN_id_mod_ocsp =   'id-mod-ocsp';
+  NID_id_mod_ocsp =   282;
+  SN_id_mod_dvcs =   'id-mod-dvcs';
+  NID_id_mod_dvcs =   283;
+  SN_id_mod_cmp2000 =     'id-mod-cmp2000';
+  NID_id_mod_cmp2000 =    284;
+  SN_info_access =   'authorityInfoAccess';
+  LN_info_access =   'Authority Information Access';
+  NID_info_access =   177;
+  SN_biometricInfo =     'biometricInfo';
+  LN_biometricInfo =     'Biometric Info';
+  NID_biometricInfo =     285;
+  SN_qcStatements =   'qcStatements';
+  NID_qcStatements =     286;
+  SN_ac_auditEntity =     'ac-auditEntity';
+  NID_ac_auditEntity =    287;
+  SN_ac_targeting =   'ac-targeting';
+  NID_ac_targeting =     288;
+  SN_aaControls =    'aaControls';
+  NID_aaControls =   289;
+  SN_sbgp_ipAddrBlock =    'sbgp-ipAddrBlock';
+  NID_sbgp_ipAddrBlock =    290;
+  SN_sbgp_autonomousSysNum =     'sbgp-autonomousSysNum';
+  NID_sbgp_autonomousSysNum =     291;
+  SN_sbgp_routerIdentifier =     'sbgp-routerIdentifier';
+  NID_sbgp_routerIdentifier =     292;
+  SN_ac_proxying =   'ac-proxying';
+  NID_ac_proxying =   397;
+  SN_sinfo_access =   'subjectInfoAccess';
+  LN_sinfo_access =   'Subject Information Access';
+  NID_sinfo_access =     398;
+  SN_proxyCertInfo =     'proxyCertInfo';
+  LN_proxyCertInfo =     'Proxy Certificate Information';
+  NID_proxyCertInfo =     663;
+  SN_tlsfeature =    'tlsfeature';
+  LN_tlsfeature =    'TLS Feature';
+  NID_tlsfeature =   1020;
+  SN_id_qt_cps =    'id-qt-cps';
+  LN_id_qt_cps =    'Policy Qualifier CPS';
+  NID_id_qt_cps =    164;
+  SN_id_qt_unotice =     'id-qt-unotice';
+  LN_id_qt_unotice =     'Policy Qualifier User Notice';
+  NID_id_qt_unotice =     165;
+  SN_textNotice =    'textNotice';
+  NID_textNotice =   293;
+  SN_server_auth =   'serverAuth';
+  LN_server_auth =   'TLS Web Server Authentication';
+  NID_server_auth =   129;
+  SN_client_auth =   'clientAuth';
+  LN_client_auth =   'TLS Web Client Authentication';
+  NID_client_auth =   130;
+  SN_code_sign =    'codeSigning';
+  LN_code_sign =    'Code Signing';
+  NID_code_sign =    131;
+  SN_email_protect =     'emailProtection';
+  LN_email_protect =     'E-mail Protection';
+  NID_email_protect =     132;
+  SN_ipsecEndSystem =     'ipsecEndSystem';
+  LN_ipsecEndSystem =     'IPSec End System';
+  NID_ipsecEndSystem =    294;
+  SN_ipsecTunnel =   'ipsecTunnel';
+  LN_ipsecTunnel =   'IPSec Tunnel';
+  NID_ipsecTunnel =   295;
+  SN_ipsecUser =    'ipsecUser';
+  LN_ipsecUser =    'IPSec User';
+  NID_ipsecUser =    296;
+  SN_time_stamp =    'timeStamping';
+  LN_time_stamp =    'Time Stamping';
+  NID_time_stamp =   133;
+  SN_OCSP_sign =    'OCSPSigning';
+  LN_OCSP_sign =    'OCSP Signing';
+  NID_OCSP_sign =    180;
+  SN_dvcs =   'DVCS';
+  LN_dvcs =   'dvcs';
+  NID_dvcs =     297;
+  SN_ipsec_IKE =    'ipsecIKE';
+  LN_ipsec_IKE =    'ipsec Internet Key Exchange';
+  NID_ipsec_IKE =    1022;
+  SN_capwapAC =    'capwapAC';
+  LN_capwapAC =    'Ctrl/provision WAP Access';
+  NID_capwapAC =    1023;
+  SN_capwapWTP =    'capwapWTP';
+  LN_capwapWTP =    'Ctrl/Provision WAP Termination';
+  NID_capwapWTP =    1024;
+  SN_sshClient =    'secureShellClient';
+  LN_sshClient =    'SSH Client';
+  NID_sshClient =    1025;
+  SN_sshServer =    'secureShellServer';
+  LN_sshServer =    'SSH Server';
+  NID_sshServer =    1026;
+  SN_sendRouter =    'sendRouter';
+  LN_sendRouter =    'Send Router';
+  NID_sendRouter =   1027;
+  SN_sendProxiedRouter =    'sendProxiedRouter';
+  LN_sendProxiedRouter =    'Send Proxied Router';
+  NID_sendProxiedRouter =    1028;
+  SN_sendOwner =    'sendOwner';
+  LN_sendOwner =    'Send Owner';
+  NID_sendOwner =    1029;
+  SN_sendProxiedOwner =    'sendProxiedOwner';
+  LN_sendProxiedOwner =    'Send Proxied Owner';
+  NID_sendProxiedOwner =    1030;
+  SN_cmcCA =     'cmcCA';
+  LN_cmcCA =     'CMC Certificate Authority';
+  NID_cmcCA =     1131;
+  SN_cmcRA =     'cmcRA';
+  LN_cmcRA =     'CMC Registration Authority';
+  NID_cmcRA =     1132;
+  SN_id_it_caProtEncCert =   'id-it-caProtEncCert';
+  NID_id_it_caProtEncCert =   298;
+  SN_id_it_signKeyPairTypes =     'id-it-signKeyPairTypes';
+  NID_id_it_signKeyPairTypes =    299;
+  SN_id_it_encKeyPairTypes =     'id-it-encKeyPairTypes';
+  NID_id_it_encKeyPairTypes =     300;
+  SN_id_it_preferredSymmAlg =     'id-it-preferredSymmAlg';
+  NID_id_it_preferredSymmAlg =    301;
+  SN_id_it_caKeyUpdateInfo =     'id-it-caKeyUpdateInfo';
+  NID_id_it_caKeyUpdateInfo =     302;
+  SN_id_it_currentCRL =    'id-it-currentCRL';
+  NID_id_it_currentCRL =    303;
+  SN_id_it_unsupportedOIDs =     'id-it-unsupportedOIDs';
+  NID_id_it_unsupportedOIDs =     304;
+  SN_id_it_subscriptionRequest =    'id-it-subscriptionRequest';
+  NID_id_it_subscriptionRequest =    305;
+  SN_id_it_subscriptionResponse =    'id-it-subscriptionResponse';
+  NID_id_it_subscriptionResponse =   306;
+  SN_id_it_keyPairParamReq =     'id-it-keyPairParamReq';
+  NID_id_it_keyPairParamReq =     307;
+  SN_id_it_keyPairParamRep =     'id-it-keyPairParamRep';
+  NID_id_it_keyPairParamRep =     308;
+  SN_id_it_revPassphrase =   'id-it-revPassphrase';
+  NID_id_it_revPassphrase =   309;
+  SN_id_it_implicitConfirm =     'id-it-implicitConfirm';
+  NID_id_it_implicitConfirm =     310;
+  SN_id_it_confirmWaitTime =     'id-it-confirmWaitTime';
+  NID_id_it_confirmWaitTime =     311;
+  SN_id_it_origPKIMessage =   'id-it-origPKIMessage';
+  NID_id_it_origPKIMessage =     312;
+  SN_id_it_suppLangTags =    'id-it-suppLangTags';
+  NID_id_it_suppLangTags =   784;
+  SN_id_regCtrl =    'id-regCtrl';
+  NID_id_regCtrl =   313;
+  SN_id_regInfo =    'id-regInfo';
+  NID_id_regInfo =   314;
+  SN_id_regCtrl_regToken =   'id-regCtrl-regToken';
+  NID_id_regCtrl_regToken =   315;
+  SN_id_regCtrl_authenticator =    'id-regCtrl-authenticator';
+  NID_id_regCtrl_authenticator =    316;
+  SN_id_regCtrl_pkiPublicationInfo =     'id-regCtrl-pkiPublicationInfo';
+  NID_id_regCtrl_pkiPublicationInfo =     317;
+  SN_id_regCtrl_pkiArchiveOptions =   'id-regCtrl-pkiArchiveOptions';
+  NID_id_regCtrl_pkiArchiveOptions =     318;
+  SN_id_regCtrl_oldCertID =   'id-regCtrl-oldCertID';
+  NID_id_regCtrl_oldCertID =     319;
+  SN_id_regCtrl_protocolEncrKey =    'id-regCtrl-protocolEncrKey';
+  NID_id_regCtrl_protocolEncrKey =   320;
+  SN_id_regInfo_utf8Pairs =   'id-regInfo-utf8Pairs';
+  NID_id_regInfo_utf8Pairs =     321;
+  SN_id_regInfo_certReq =    'id-regInfo-certReq';
+  NID_id_regInfo_certReq =   322;
+  SN_id_alg_des40 =   'id-alg-des40';
+  NID_id_alg_des40 =     323;
+  SN_id_alg_noSignature =    'id-alg-noSignature';
+  NID_id_alg_noSignature =   324;
+  SN_id_alg_dh_sig_hmac_sha1 =    'id-alg-dh-sig-hmac-sha1';
+  NID_id_alg_dh_sig_hmac_sha1 =    325;
+  SN_id_alg_dh_pop =     'id-alg-dh-pop';
+  NID_id_alg_dh_pop =     326;
+  SN_id_cmc_statusInfo =    'id-cmc-statusInfo';
+  NID_id_cmc_statusInfo =    327;
+  SN_id_cmc_identification =     'id-cmc-identification';
+  NID_id_cmc_identification =     328;
+  SN_id_cmc_identityProof =   'id-cmc-identityProof';
+  NID_id_cmc_identityProof =     329;
+  SN_id_cmc_dataReturn =    'id-cmc-dataReturn';
+  NID_id_cmc_dataReturn =    330;
+  SN_id_cmc_transactionId =   'id-cmc-transactionId';
+  NID_id_cmc_transactionId =     331;
+  SN_id_cmc_senderNonce =    'id-cmc-senderNonce';
+  NID_id_cmc_senderNonce =   332;
+  SN_id_cmc_recipientNonce =     'id-cmc-recipientNonce';
+  NID_id_cmc_recipientNonce =     333;
+  SN_id_cmc_addExtensions =   'id-cmc-addExtensions';
+  NID_id_cmc_addExtensions =     334;
+  SN_id_cmc_encryptedPOP =   'id-cmc-encryptedPOP';
+  NID_id_cmc_encryptedPOP =   335;
+  SN_id_cmc_decryptedPOP =   'id-cmc-decryptedPOP';
+  NID_id_cmc_decryptedPOP =   336;
+  SN_id_cmc_lraPOPWitness =   'id-cmc-lraPOPWitness';
+  NID_id_cmc_lraPOPWitness =     337;
+  SN_id_cmc_getCert =     'id-cmc-getCert';
+  NID_id_cmc_getCert =    338;
+  SN_id_cmc_getCRL =     'id-cmc-getCRL';
+  NID_id_cmc_getCRL =     339;
+  SN_id_cmc_revokeRequest =   'id-cmc-revokeRequest';
+  NID_id_cmc_revokeRequest =     340;
+  SN_id_cmc_regInfo =     'id-cmc-regInfo';
+  NID_id_cmc_regInfo =    341;
+  SN_id_cmc_responseInfo =   'id-cmc-responseInfo';
+  NID_id_cmc_responseInfo =   342;
+  SN_id_cmc_queryPending =   'id-cmc-queryPending';
+  NID_id_cmc_queryPending =   343;
+  SN_id_cmc_popLinkRandom =   'id-cmc-popLinkRandom';
+  NID_id_cmc_popLinkRandom =     344;
+  SN_id_cmc_popLinkWitness =     'id-cmc-popLinkWitness';
+  NID_id_cmc_popLinkWitness =     345;
+  SN_id_cmc_confirmCertAcceptance =   'id-cmc-confirmCertAcceptance';
+  NID_id_cmc_confirmCertAcceptance =     346;
+  SN_id_on_personalData =    'id-on-personalData';
+  NID_id_on_personalData =   347;
+  SN_id_on_permanentIdentifier =    'id-on-permanentIdentifier';
+  LN_id_on_permanentIdentifier =    'Permanent Identifier';
+  NID_id_on_permanentIdentifier =    858;
+  SN_id_pda_dateOfBirth =    'id-pda-dateOfBirth';
+  NID_id_pda_dateOfBirth =   348;
+  SN_id_pda_placeOfBirth =   'id-pda-placeOfBirth';
+  NID_id_pda_placeOfBirth =   349;
+  SN_id_pda_gender =     'id-pda-gender';
+  NID_id_pda_gender =     351;
+  SN_id_pda_countryOfCitizenship =   'id-pda-countryOfCitizenship';
+  NID_id_pda_countryOfCitizenship =   352;
+  SN_id_pda_countryOfResidence =    'id-pda-countryOfResidence';
+  NID_id_pda_countryOfResidence =    353;
+  SN_id_aca_authenticationInfo =    'id-aca-authenticationInfo';
+  NID_id_aca_authenticationInfo =    354;
+  SN_id_aca_accessIdentity =     'id-aca-accessIdentity';
+  NID_id_aca_accessIdentity =     355;
+  SN_id_aca_chargingIdentity =    'id-aca-chargingIdentity';
+  NID_id_aca_chargingIdentity =    356;
+  SN_id_aca_group =   'id-aca-group';
+  NID_id_aca_group =     357;
+  SN_id_aca_role =   'id-aca-role';
+  NID_id_aca_role =   358;
+  SN_id_aca_encAttrs =    'id-aca-encAttrs';
+  NID_id_aca_encAttrs =    399;
+  SN_id_qcs_pkixQCSyntax_v1 =     'id-qcs-pkixQCSyntax-v1';
+  NID_id_qcs_pkixQCSyntax_v1 =    359;
+  SN_id_cct_crs =    'id-cct-crs';
+  NID_id_cct_crs =   360;
+  SN_id_cct_PKIData =     'id-cct-PKIData';
+  NID_id_cct_PKIData =    361;
+  SN_id_cct_PKIResponse =    'id-cct-PKIResponse';
+  NID_id_cct_PKIResponse =   362;
+  SN_id_ppl_anyLanguage =    'id-ppl-anyLanguage';
+  LN_id_ppl_anyLanguage =    'Any language';
+  NID_id_ppl_anyLanguage =   664;
+  SN_id_ppl_inheritAll =    'id-ppl-inheritAll';
+  LN_id_ppl_inheritAll =    'Inherit all';
+  NID_id_ppl_inheritAll =    665;
+  SN_Independent =   'id-ppl-independent';
+  LN_Independent =   'Independent';
+  NID_Independent =   667;
+  SN_ad_OCSP =    'OCSP';
+  LN_ad_OCSP =    'OCSP';
+  NID_ad_OCSP =    178;
+  SN_ad_ca_issuers =     'caIssuers';
+  LN_ad_ca_issuers =     'CA Issuers';
+  NID_ad_ca_issuers =     179;
+  SN_ad_timeStamping =    'ad_timestamping';
+  LN_ad_timeStamping =    'AD Time Stamping';
+  NID_ad_timeStamping =    363;
+  SN_ad_dvcs =    'AD_DVCS';
+  LN_ad_dvcs =    'ad dvcs';
+  NID_ad_dvcs =    364;
+  SN_caRepository =   'caRepository';
+  LN_caRepository =   'CA Repository';
+  NID_caRepository =     785;
+  SN_id_pkix_OCSP_basic =    'basicOCSPResponse';
+  LN_id_pkix_OCSP_basic =    'Basic OCSP Response';
+  NID_id_pkix_OCSP_basic =   365;
+  SN_id_pkix_OCSP_Nonce =    'Nonce';
+  LN_id_pkix_OCSP_Nonce =    'OCSP Nonce';
+  NID_id_pkix_OCSP_Nonce =   366;
+  SN_id_pkix_OCSP_CrlID =    'CrlID';
+  LN_id_pkix_OCSP_CrlID =    'OCSP CRL ID';
+  NID_id_pkix_OCSP_CrlID =   367;
+  SN_id_pkix_OCSP_acceptableResponses =    'acceptableResponses';
+  LN_id_pkix_OCSP_acceptableResponses =    'Acceptable OCSP Responses';
+  NID_id_pkix_OCSP_acceptableResponses =    368;
+  SN_id_pkix_OCSP_noCheck =   'noCheck';
+  LN_id_pkix_OCSP_noCheck =   'OCSP No Check';
+  NID_id_pkix_OCSP_noCheck =     369;
+  SN_id_pkix_OCSP_archiveCutoff =    'archiveCutoff';
+  LN_id_pkix_OCSP_archiveCutoff =    'OCSP Archive Cutoff';
+  NID_id_pkix_OCSP_archiveCutoff =   370;
+  SN_id_pkix_OCSP_serviceLocator =   'serviceLocator';
+  LN_id_pkix_OCSP_serviceLocator =   'OCSP Service Locator';
+  NID_id_pkix_OCSP_serviceLocator =   371;
+  SN_id_pkix_OCSP_extendedStatus =   'extendedStatus';
+  LN_id_pkix_OCSP_extendedStatus =   'Extended OCSP Status';
+  NID_id_pkix_OCSP_extendedStatus =   372;
+  SN_id_pkix_OCSP_valid =    'valid';
+  NID_id_pkix_OCSP_valid =   373;
+  SN_id_pkix_OCSP_path =    'path';
+  NID_id_pkix_OCSP_path =    374;
+  SN_id_pkix_OCSP_trustRoot =     'trustRoot';
+  LN_id_pkix_OCSP_trustRoot =     'Trust Root';
+  NID_id_pkix_OCSP_trustRoot =    375;
+  SN_algorithm =    'algorithm';
+  LN_algorithm =    'algorithm';
+  NID_algorithm =    376;
+  SN_md5WithRSA =    'RSA-NP-MD5';
+  LN_md5WithRSA =    'md5WithRSA';
+  NID_md5WithRSA =   104;
+  SN_des_ecb =    'DES-ECB';
+  LN_des_ecb =    'des-ecb';
+  NID_des_ecb =    29;
+  SN_des_cbc =    'DES-CBC';
+  LN_des_cbc =    'des-cbc';
+  NID_des_cbc =    31;
+  SN_des_ofb64 =    'DES-OFB';
+  LN_des_ofb64 =    'des-ofb';
+  NID_des_ofb64 =    45;
+  SN_des_cfb64 =    'DES-CFB';
+  LN_des_cfb64 =    'des-cfb';
+  NID_des_cfb64 =    30;
+  SN_rsaSignature =   'rsaSignature';
+  NID_rsaSignature =     377;
+  SN_dsa_2 =     'DSA-old';
+  LN_dsa_2 =     'dsaEncryption-old';
+  NID_dsa_2 =     67;
+  SN_dsaWithSHA =    'DSA-SHA';
+  LN_dsaWithSHA =    'dsaWithSHA';
+  NID_dsaWithSHA =   66;
+  SN_shaWithRSAEncryption =   'RSA-SHA';
+  LN_shaWithRSAEncryption =   'shaWithRSAEncryption';
+  NID_shaWithRSAEncryption =     42;
+  SN_des_ede_ecb =   'DES-EDE';
+  LN_des_ede_ecb =   'des-ede';
+  NID_des_ede_ecb =   32;
+  SN_des_ede3_ecb =   'DES-EDE3';
+  LN_des_ede3_ecb =   'des-ede3';
+  NID_des_ede3_ecb =     33;
+  SN_des_ede_cbc =   'DES-EDE-CBC';
+  LN_des_ede_cbc =   'des-ede-cbc';
+  NID_des_ede_cbc =   43;
+  SN_des_ede_cfb64 =     'DES-EDE-CFB';
+  LN_des_ede_cfb64 =     'des-ede-cfb';
+  NID_des_ede_cfb64 =     60;
+  SN_des_ede3_cfb64 =     'DES-EDE3-CFB';
+  LN_des_ede3_cfb64 =     'des-ede3-cfb';
+  NID_des_ede3_cfb64 =    61;
+  SN_des_ede_ofb64 =     'DES-EDE-OFB';
+  LN_des_ede_ofb64 =     'des-ede-ofb';
+  NID_des_ede_ofb64 =     62;
+  SN_des_ede3_ofb64 =     'DES-EDE3-OFB';
+  LN_des_ede3_ofb64 =     'des-ede3-ofb';
+  NID_des_ede3_ofb64 =    63;
+  SN_desx_cbc =    'DESX-CBC';
+  LN_desx_cbc =    'desx-cbc';
+  NID_desx_cbc =    80;
+  SN_sha =   'SHA';
+  LN_sha =   'sha';
+  NID_sha =   41;
+  SN_sha1 =   'SHA1';
+  LN_sha1 =   'sha1';
+  NID_sha1 =     64;
+  SN_dsaWithSHA1_2 =     'DSA-SHA1-old';
+  LN_dsaWithSHA1_2 =     'dsaWithSHA1-old';
+  NID_dsaWithSHA1_2 =     70;
+  SN_sha1WithRSA =   'RSA-SHA1-2';
+  LN_sha1WithRSA =   'sha1WithRSA';
+  NID_sha1WithRSA =   115;
+  SN_ripemd160 =    'RIPEMD160';
+  LN_ripemd160 =    'ripemd160';
+  NID_ripemd160 =    117;
+  SN_ripemd160WithRSA =    'RSA-RIPEMD160';
+  LN_ripemd160WithRSA =    'ripemd160WithRSA';
+  NID_ripemd160WithRSA =    119;
+  SN_blake2b512 =    'BLAKE2b512';
+  LN_blake2b512 =    'blake2b512';
+  NID_blake2b512 =   1056;
+  SN_blake2s256 =    'BLAKE2s256';
+  LN_blake2s256 =    'blake2s256';
+  NID_blake2s256 =   1057;
+  SN_sxnet =     'SXNetID';
+  LN_sxnet =     'Strong Extranet ID';
+  NID_sxnet =     143;
+  SN_X500 =   'X500';
+  LN_X500 =   'directory services(X.500)';
+  NID_X500 =     11;
+  SN_X509 =   'X509';
+  NID_X509 =     12;
+  SN_commonName =    'CN';
+  LN_commonName =    'commonName';
+  NID_commonName =   13;
+  SN_surname =    'SN';
+  LN_surname =    'surname';
+  NID_surname =    100;
+  LN_serialNumber =   'serialNumber';
+  NID_serialNumber =     105;
+  SN_countryName =   'C';
+  LN_countryName =   'countryName';
+  NID_countryName =   14;
+  SN_localityName =   'L';
+  LN_localityName =   'localityName';
+  NID_localityName =     15;
+  SN_stateOrProvinceName =   'ST';
+  LN_stateOrProvinceName =   'stateOrProvinceName';
+  NID_stateOrProvinceName =   16;
+  SN_streetAddress =     'street';
+  LN_streetAddress =     'streetAddress';
+  NID_streetAddress =     660;
+  SN_organizationName =    'O';
+  LN_organizationName =    'organizationName';
+  NID_organizationName =    17;
+  SN_organizationalUnitName =     'OU';
+  LN_organizationalUnitName =     'organizationalUnitName';
+  NID_organizationalUnitName =    18;
+  SN_title =     'title';
+  LN_title =     'title';
+  NID_title =     106;
+  LN_description =   'description';
+  NID_description =   107;
+  LN_searchGuide =   'searchGuide';
+  NID_searchGuide =   859;
+  LN_businessCategory =    'businessCategory';
+  NID_businessCategory =    860;
+  LN_postalAddress =     'postalAddress';
+  NID_postalAddress =     861;
+  LN_postalCode =    'postalCode';
+  NID_postalCode =   661;
+  LN_postOfficeBox =     'postOfficeBox';
+  NID_postOfficeBox =     862;
+  LN_physicalDeliveryOfficeName =    'physicalDeliveryOfficeName';
+  NID_physicalDeliveryOfficeName =   863;
+  LN_telephoneNumber =    'telephoneNumber';
+  NID_telephoneNumber =    864;
+  LN_telexNumber =   'telexNumber';
+  NID_telexNumber =   865;
+  LN_teletexTerminalIdentifier =    'teletexTerminalIdentifier';
+  NID_teletexTerminalIdentifier =    866;
+  LN_facsimileTelephoneNumber =    'facsimileTelephoneNumber';
+  NID_facsimileTelephoneNumber =    867;
+  LN_x121Address =   'x121Address';
+  NID_x121Address =   868;
+  LN_internationaliSDNNumber =    'internationaliSDNNumber';
+  NID_internationaliSDNNumber =    869;
+  LN_registeredAddress =    'registeredAddress';
+  NID_registeredAddress =    870;
+  LN_destinationIndicator =   'destinationIndicator';
+  NID_destinationIndicator =     871;
+  LN_preferredDeliveryMethod =    'preferredDeliveryMethod';
+  NID_preferredDeliveryMethod =    872;
+  LN_presentationAddress =   'presentationAddress';
+  NID_presentationAddress =   873;
+  LN_supportedApplicationContext =   'supportedApplicationContext';
+  NID_supportedApplicationContext =   874;
+  SN_member =     'member';
+  NID_member =    875;
+  SN_owner =     'owner';
+  NID_owner =     876;
+  LN_roleOccupant =   'roleOccupant';
+  NID_roleOccupant =     877;
+  SN_seeAlso =    'seeAlso';
+  NID_seeAlso =    878;
+  LN_userPassword =   'userPassword';
+  NID_userPassword =     879;
+  LN_userCertificate =    'userCertificate';
+  NID_userCertificate =    880;
+  LN_cACertificate =     'cACertificate';
+  NID_cACertificate =     881;
+  LN_authorityRevocationList =    'authorityRevocationList';
+  NID_authorityRevocationList =    882;
+  LN_certificateRevocationList =    'certificateRevocationList';
+  NID_certificateRevocationList =    883;
+  LN_crossCertificatePair =   'crossCertificatePair';
+  NID_crossCertificatePair =     884;
+  SN_name =   'name';
+  LN_name =   'name';
+  NID_name =     173;
+  SN_givenName =    'GN';
+  LN_givenName =    'givenName';
+  NID_givenName =    99;
+  SN_initials =    'initials';
+  LN_initials =    'initials';
+  NID_initials =    101;
+  LN_generationQualifier =   'generationQualifier';
+  NID_generationQualifier =   509;
+  LN_x500UniqueIdentifier =   'x500UniqueIdentifier';
+  NID_x500UniqueIdentifier =     503;
+  SN_dnQualifier =   'dnQualifier';
+  LN_dnQualifier =   'dnQualifier';
+  NID_dnQualifier =   174;
+  LN_enhancedSearchGuide =   'enhancedSearchGuide';
+  NID_enhancedSearchGuide =   885;
+  LN_protocolInformation =   'protocolInformation';
+  NID_protocolInformation =   886;
+  LN_distinguishedName =    'distinguishedName';
+  NID_distinguishedName =    887;
+  LN_uniqueMember =   'uniqueMember';
+  NID_uniqueMember =     888;
+  LN_houseIdentifier =    'houseIdentifier';
+  NID_houseIdentifier =    889;
+  LN_supportedAlgorithms =   'supportedAlgorithms';
+  NID_supportedAlgorithms =   890;
+  LN_deltaRevocationList =   'deltaRevocationList';
+  NID_deltaRevocationList =   891;
+  SN_dmdName =    'dmdName';
+  NID_dmdName =    892;
+  LN_pseudonym =    'pseudonym';
+  NID_pseudonym =    510;
+  SN_role =   'role';
+  LN_role =   'role';
+  NID_role =     400;
+  LN_organizationIdentifier =     'organizationIdentifier';
+  NID_organizationIdentifier =    1089;
+  SN_countryCode3c =     'c3';
+  LN_countryCode3c =     'countryCode3c';
+  NID_countryCode3c =     1090;
+  SN_countryCode3n =     'n3';
+  LN_countryCode3n =     'countryCode3n';
+  NID_countryCode3n =     1091;
+  LN_dnsName =    'dnsName';
+  NID_dnsName =    1092;
+  SN_X500algorithms =     'X500algorithms';
+  LN_X500algorithms =     'directory services - algorithms';
+  NID_X500algorithms =    378;
+  SN_rsa =   'RSA';
+  LN_rsa =   'rsa';
+  NID_rsa =   19;
+  SN_mdc2WithRSA =   'RSA-MDC2';
+  LN_mdc2WithRSA =   'mdc2WithRSA';
+  NID_mdc2WithRSA =   96;
+  SN_mdc2 =   'MDC2';
+  LN_mdc2 =   'mdc2';
+  NID_mdc2 =     95;
+  SN_id_ce =     'id-ce';
+  NID_id_ce =     81;
+  SN_subject_directory_attributes =   'subjectDirectoryAttributes';
+  LN_subject_directory_attributes =   'X509v3 Subject Directory Attributes';
+  NID_subject_directory_attributes =     769;
+  SN_subject_key_identifier =     'subjectKeyIdentifier';
+  LN_subject_key_identifier =     'X509v3 Subject Key Identifier';
+  NID_subject_key_identifier =    82;
+  SN_key_usage =    'keyUsage';
+  LN_key_usage =    'X509v3 Key Usage';
+  NID_key_usage =    83;
+  SN_private_key_usage_period =    'privateKeyUsagePeriod';
+  LN_private_key_usage_period =    'X509v3 Private Key Usage Period';
+  NID_private_key_usage_period =    84;
+  SN_subject_alt_name =    'subjectAltName';
+  LN_subject_alt_name =    'X509v3 Subject Alternative Name';
+  NID_subject_alt_name =    85;
+  SN_issuer_alt_name =    'issuerAltName';
+  LN_issuer_alt_name =    'X509v3 Issuer Alternative Name';
+  NID_issuer_alt_name =    86;
+  SN_basic_constraints =    'basicConstraints';
+  LN_basic_constraints =    'X509v3 Basic Constraints';
+  NID_basic_constraints =    87;
+  SN_crl_number =    'crlNumber';
+  LN_crl_number =    'X509v3 CRL Number';
+  NID_crl_number =   88;
+  SN_crl_reason =    'CRLReason';
+  LN_crl_reason =    'X509v3 CRL Reason Code';
+  NID_crl_reason =   141;
+  SN_invalidity_date =    'invalidityDate';
+  LN_invalidity_date =    'Invalidity Date';
+  NID_invalidity_date =    142;
+  SN_delta_crl =    'deltaCRL';
+  LN_delta_crl =    'X509v3 Delta CRL Indicator';
+  NID_delta_crl =    140;
+  SN_issuing_distribution_point =    'issuingDistributionPoint';
+  LN_issuing_distribution_point =    'X509v3 Issuing Distribution Point';
+  NID_issuing_distribution_point =   770;
+  SN_certificate_issuer =    'certificateIssuer';
+  LN_certificate_issuer =    'X509v3 Certificate Issuer';
+  NID_certificate_issuer =   771;
+  SN_name_constraints =    'nameConstraints';
+  LN_name_constraints =    'X509v3 Name Constraints';
+  NID_name_constraints =    666;
+  SN_crl_distribution_points =    'crlDistributionPoints';
+  LN_crl_distribution_points =    'X509v3 CRL Distribution Points';
+  NID_crl_distribution_points =    103;
+  SN_certificate_policies =   'certificatePolicies';
+  LN_certificate_policies =   'X509v3 Certificate Policies';
+  NID_certificate_policies =     89;
+  SN_any_policy =    'anyPolicy';
+  LN_any_policy =    'X509v3 Any Policy';
+  NID_any_policy =   746;
+  SN_policy_mappings =    'policyMappings';
+  LN_policy_mappings =    'X509v3 Policy Mappings';
+  NID_policy_mappings =    747;
+  SN_authority_key_identifier =    'authorityKeyIdentifier';
+  LN_authority_key_identifier =    'X509v3 Authority Key Identifier';
+  NID_authority_key_identifier =    90;
+  SN_policy_constraints =    'policyConstraints';
+  LN_policy_constraints =    'X509v3 Policy Constraints';
+  NID_policy_constraints =   401;
+  SN_ext_key_usage =     'extendedKeyUsage';
+  LN_ext_key_usage =     'X509v3 Extended Key Usage';
+  NID_ext_key_usage =     126;
+  SN_freshest_crl =   'freshestCRL';
+  LN_freshest_crl =   'X509v3 Freshest CRL';
+  NID_freshest_crl =     857;
+  SN_inhibit_any_policy =    'inhibitAnyPolicy';
+  LN_inhibit_any_policy =    'X509v3 Inhibit Any Policy';
+  NID_inhibit_any_policy =   748;
+  SN_target_information =    'targetInformation';
+  LN_target_information =    'X509v3 AC Targeting';
+  NID_target_information =   402;
+  SN_no_rev_avail =   'noRevAvail';
+  LN_no_rev_avail =   'X509v3 No Revocation Available';
+  NID_no_rev_avail =     403;
+  SN_anyExtendedKeyUsage =   'anyExtendedKeyUsage';
+  LN_anyExtendedKeyUsage =   'Any Extended Key Usage';
+  NID_anyExtendedKeyUsage =   910;
+  SN_netscape =    'Netscape';
+  LN_netscape =    'Netscape Communications Corp.';
+  NID_netscape =    57;
+  SN_netscape_cert_extension =    'nsCertExt';
+  LN_netscape_cert_extension =    'Netscape Certificate Extension';
+  NID_netscape_cert_extension =    58;
+  SN_netscape_data_type =    'nsDataType';
+  LN_netscape_data_type =    'Netscape Data Type';
+  NID_netscape_data_type =   59;
+  SN_netscape_cert_type =    'nsCertType';
+  LN_netscape_cert_type =    'Netscape Cert Type';
+  NID_netscape_cert_type =   71;
+  SN_netscape_base_url =    'nsBaseUrl';
+  LN_netscape_base_url =    'Netscape Base Url';
+  NID_netscape_base_url =    72;
+  SN_netscape_revocation_url =    'nsRevocationUrl';
+  LN_netscape_revocation_url =    'Netscape Revocation Url';
+  NID_netscape_revocation_url =    73;
+  SN_netscape_ca_revocation_url =    'nsCaRevocationUrl';
+  LN_netscape_ca_revocation_url =    'Netscape CA Revocation Url';
+  NID_netscape_ca_revocation_url =   74;
+  SN_netscape_renewal_url =   'nsRenewalUrl';
+  LN_netscape_renewal_url =   'Netscape Renewal Url';
+  NID_netscape_renewal_url =     75;
+  SN_netscape_ca_policy_url =     'nsCaPolicyUrl';
+  LN_netscape_ca_policy_url =     'Netscape CA Policy Url';
+  NID_netscape_ca_policy_url =    76;
+  SN_netscape_ssl_server_name =    'nsSslServerName';
+  LN_netscape_ssl_server_name =    'Netscape Server: SSl Name';
+  NID_netscape_ssl_server_name =    77;
+  SN_netscape_comment =    'nsComment';
+  LN_netscape_comment =    'Netscape Comment';
+  NID_netscape_comment =    78;
+  SN_netscape_cert_sequence =     'nsCertSequence';
+  LN_netscape_cert_sequence =     'Netscape Certificate Sequence';
+  NID_netscape_cert_sequence =    79;
+  SN_ns_sgc =     'nsSGC';
+  LN_ns_sgc =     'Netscape Server Gated Crypto';
+  NID_ns_sgc =    139;
+  SN_org =   'ORG';
+  LN_org =   'org';
+  NID_org =   379;
+  SN_dod =   'DOD';
+  LN_dod =   'dod';
+  NID_dod =   380;
+  SN_iana =   'IANA';
+  LN_iana =   'iana';
+  NID_iana =     381;
+  SN_Directory =    'directory';
+  LN_Directory =    'Directory';
+  NID_Directory =    382;
+  SN_Management =    'mgmt';
+  LN_Management =    'Management';
+  NID_Management =   383;
+  SN_Experimental =   'experimental';
+  LN_Experimental =   'Experimental';
+  NID_Experimental =     384;
+  SN_Private =    'private';
+  LN_Private =    'Private';
+  NID_Private =    385;
+  SN_Security =    'security';
+  LN_Security =    'Security';
+  NID_Security =    386;
+  SN_SNMPv2 =     'snmpv2';
+  LN_SNMPv2 =     'SNMPv2';
+  NID_SNMPv2 =    387;
+  LN_Mail =   'Mail';
+  NID_Mail =     388;
+  SN_Enterprises =   'enterprises';
+  LN_Enterprises =   'Enterprises';
+  NID_Enterprises =   389;
+  SN_dcObject =    'dcobject';
+  LN_dcObject =    'dcObject';
+  NID_dcObject =    390;
+  SN_mime_mhs =    'mime-mhs';
+  LN_mime_mhs =    'MIME MHS';
+  NID_mime_mhs =    504;
+  SN_mime_mhs_headings =    'mime-mhs-headings';
+  LN_mime_mhs_headings =    'mime-mhs-headings';
+  NID_mime_mhs_headings =    505;
+  SN_mime_mhs_bodies =    'mime-mhs-bodies';
+  LN_mime_mhs_bodies =    'mime-mhs-bodies';
+  NID_mime_mhs_bodies =    506;
+  SN_id_hex_partial_message =     'id-hex-partial-message';
+  LN_id_hex_partial_message =     'id-hex-partial-message';
+  NID_id_hex_partial_message =    507;
+  SN_id_hex_multipart_message =    'id-hex-multipart-message';
+  LN_id_hex_multipart_message =    'id-hex-multipart-message';
+  NID_id_hex_multipart_message =    508;
+  SN_zlib_compression =    'ZLIB';
+  LN_zlib_compression =    'zlib compression';
+  NID_zlib_compression =    125;
+  SN_aes_128_ecb =   'AES-128-ECB';
+  LN_aes_128_ecb =   'aes-128-ecb';
+  NID_aes_128_ecb =   418;
+  SN_aes_128_cbc =   'AES-128-CBC';
+  LN_aes_128_cbc =   'aes-128-cbc';
+  NID_aes_128_cbc =   419;
+  SN_aes_128_ofb128 =     'AES-128-OFB';
+  LN_aes_128_ofb128 =     'aes-128-ofb';
+  NID_aes_128_ofb128 =    420;
+  SN_aes_128_cfb128 =     'AES-128-CFB';
+  LN_aes_128_cfb128 =     'aes-128-cfb';
+  NID_aes_128_cfb128 =    421;
+  SN_id_aes128_wrap =     'id-aes128-wrap';
+  NID_id_aes128_wrap =    788;
+  SN_aes_128_gcm =   'id-aes128-GCM';
+  LN_aes_128_gcm =   'aes-128-gcm';
+  NID_aes_128_gcm =   895;
+  SN_aes_128_ccm =   'id-aes128-CCM';
+  LN_aes_128_ccm =   'aes-128-ccm';
+  NID_aes_128_ccm =   896;
+  SN_id_aes128_wrap_pad =    'id-aes128-wrap-pad';
+  NID_id_aes128_wrap_pad =   897;
+  SN_aes_192_ecb =   'AES-192-ECB';
+  LN_aes_192_ecb =   'aes-192-ecb';
+  NID_aes_192_ecb =   422;
+  SN_aes_192_cbc =   'AES-192-CBC';
+  LN_aes_192_cbc =   'aes-192-cbc';
+  NID_aes_192_cbc =   423;
+  SN_aes_192_ofb128 =     'AES-192-OFB';
+  LN_aes_192_ofb128 =     'aes-192-ofb';
+  NID_aes_192_ofb128 =    424;
+  SN_aes_192_cfb128 =     'AES-192-CFB';
+  LN_aes_192_cfb128 =     'aes-192-cfb';
+  NID_aes_192_cfb128 =    425;
+  SN_id_aes192_wrap =     'id-aes192-wrap';
+  NID_id_aes192_wrap =    789;
+  SN_aes_192_gcm =   'id-aes192-GCM';
+  LN_aes_192_gcm =   'aes-192-gcm';
+  NID_aes_192_gcm =   898;
+  SN_aes_192_ccm =   'id-aes192-CCM';
+  LN_aes_192_ccm =   'aes-192-ccm';
+  NID_aes_192_ccm =   899;
+  SN_id_aes192_wrap_pad =    'id-aes192-wrap-pad';
+  NID_id_aes192_wrap_pad =   900;
+  SN_aes_256_ecb =   'AES-256-ECB';
+  LN_aes_256_ecb =   'aes-256-ecb';
+  NID_aes_256_ecb =   426;
+  SN_aes_256_cbc =   'AES-256-CBC';
+  LN_aes_256_cbc =   'aes-256-cbc';
+  NID_aes_256_cbc =   427;
+  SN_aes_256_ofb128 =     'AES-256-OFB';
+  LN_aes_256_ofb128 =     'aes-256-ofb';
+  NID_aes_256_ofb128 =    428;
+  SN_aes_256_cfb128 =     'AES-256-CFB';
+  LN_aes_256_cfb128 =     'aes-256-cfb';
+  NID_aes_256_cfb128 =    429;
+  SN_id_aes256_wrap =     'id-aes256-wrap';
+  NID_id_aes256_wrap =    790;
+  SN_aes_256_gcm =   'id-aes256-GCM';
+  LN_aes_256_gcm =   'aes-256-gcm';
+  NID_aes_256_gcm =   901;
+  SN_aes_256_ccm =   'id-aes256-CCM';
+  LN_aes_256_ccm =   'aes-256-ccm';
+  NID_aes_256_ccm =   902;
+  SN_id_aes256_wrap_pad =    'id-aes256-wrap-pad';
+  NID_id_aes256_wrap_pad =   903;
+  SN_aes_128_xts =   'AES-128-XTS';
+  LN_aes_128_xts =   'aes-128-xts';
+  NID_aes_128_xts =   913;
+  SN_aes_256_xts =   'AES-256-XTS';
+  LN_aes_256_xts =   'aes-256-xts';
+  NID_aes_256_xts =   914;
+  SN_aes_128_cfb1 =   'AES-128-CFB1';
+  LN_aes_128_cfb1 =   'aes-128-cfb1';
+  NID_aes_128_cfb1 =     650;
+  SN_aes_192_cfb1 =   'AES-192-CFB1';
+  LN_aes_192_cfb1 =   'aes-192-cfb1';
+  NID_aes_192_cfb1 =     651;
+  SN_aes_256_cfb1 =   'AES-256-CFB1';
+  LN_aes_256_cfb1 =   'aes-256-cfb1';
+  NID_aes_256_cfb1 =     652;
+  SN_aes_128_cfb8 =   'AES-128-CFB8';
+  LN_aes_128_cfb8 =   'aes-128-cfb8';
+  NID_aes_128_cfb8 =     653;
+  SN_aes_192_cfb8 =   'AES-192-CFB8';
+  LN_aes_192_cfb8 =   'aes-192-cfb8';
+  NID_aes_192_cfb8 =     654;
+  SN_aes_256_cfb8 =   'AES-256-CFB8';
+  LN_aes_256_cfb8 =   'aes-256-cfb8';
+  NID_aes_256_cfb8 =     655;
+  SN_aes_128_ctr =   'AES-128-CTR';
+  LN_aes_128_ctr =   'aes-128-ctr';
+  NID_aes_128_ctr =   904;
+  SN_aes_192_ctr =   'AES-192-CTR';
+  LN_aes_192_ctr =   'aes-192-ctr';
+  NID_aes_192_ctr =   905;
+  SN_aes_256_ctr =   'AES-256-CTR';
+  LN_aes_256_ctr =   'aes-256-ctr';
+  NID_aes_256_ctr =   906;
+  SN_aes_128_ocb =   'AES-128-OCB';
+  LN_aes_128_ocb =   'aes-128-ocb';
+  NID_aes_128_ocb =   958;
+  SN_aes_192_ocb =   'AES-192-OCB';
+  LN_aes_192_ocb =   'aes-192-ocb';
+  NID_aes_192_ocb =   959;
+  SN_aes_256_ocb =   'AES-256-OCB';
+  LN_aes_256_ocb =   'aes-256-ocb';
+  NID_aes_256_ocb =   960;
+  SN_des_cfb1 =    'DES-CFB1';
+  LN_des_cfb1 =    'des-cfb1';
+  NID_des_cfb1 =    656;
+  SN_des_cfb8 =    'DES-CFB8';
+  LN_des_cfb8 =    'des-cfb8';
+  NID_des_cfb8 =    657;
+  SN_des_ede3_cfb1 =     'DES-EDE3-CFB1';
+  LN_des_ede3_cfb1 =     'des-ede3-cfb1';
+  NID_des_ede3_cfb1 =     658;
+  SN_des_ede3_cfb8 =     'DES-EDE3-CFB8';
+  LN_des_ede3_cfb8 =     'des-ede3-cfb8';
+  NID_des_ede3_cfb8 =     659;
+  SN_sha256 =     'SHA256';
+  LN_sha256 =     'sha256';
+  NID_sha256 =    672;
+  SN_sha384 =     'SHA384';
+  LN_sha384 =     'sha384';
+  NID_sha384 =    673;
+  SN_sha512 =     'SHA512';
+  LN_sha512 =     'sha512';
+  NID_sha512 =    674;
+  SN_sha224 =     'SHA224';
+  LN_sha224 =     'sha224';
+  NID_sha224 =    675;
+  SN_sha512_224 =    'SHA512-224';
+  LN_sha512_224 =    'sha512-224';
+  NID_sha512_224 =   1094;
+  SN_sha512_256 =    'SHA512-256';
+  LN_sha512_256 =    'sha512-256';
+  NID_sha512_256 =   1095;
+  SN_sha3_224 =    'SHA3-224';
+  LN_sha3_224 =    'sha3-224';
+  NID_sha3_224 =    1096;
+  SN_sha3_256 =    'SHA3-256';
+  LN_sha3_256 =    'sha3-256';
+  NID_sha3_256 =    1097;
+  SN_sha3_384 =    'SHA3-384';
+  LN_sha3_384 =    'sha3-384';
+  NID_sha3_384 =    1098;
+  SN_sha3_512 =    'SHA3-512';
+  LN_sha3_512 =    'sha3-512';
+  NID_sha3_512 =    1099;
+  SN_shake128 =    'SHAKE128';
+  LN_shake128 =    'shake128';
+  NID_shake128 =    1100;
+  SN_shake256 =    'SHAKE256';
+  LN_shake256 =    'shake256';
+  NID_shake256 =    1101;
+  SN_hmac_sha3_224 =     'id-hmacWithSHA3-224';
+  LN_hmac_sha3_224 =     'hmac-sha3-224';
+  NID_hmac_sha3_224 =     1102;
+  SN_hmac_sha3_256 =     'id-hmacWithSHA3-256';
+  LN_hmac_sha3_256 =     'hmac-sha3-256';
+  NID_hmac_sha3_256 =     1103;
+  SN_hmac_sha3_384 =     'id-hmacWithSHA3-384';
+  LN_hmac_sha3_384 =     'hmac-sha3-384';
+  NID_hmac_sha3_384 =     1104;
+  SN_hmac_sha3_512 =     'id-hmacWithSHA3-512';
+  LN_hmac_sha3_512 =     'hmac-sha3-512';
+  NID_hmac_sha3_512 =     1105;
+  SN_dsa_with_SHA224 =    'dsa_with_SHA224';
+  NID_dsa_with_SHA224 =    802;
+  SN_dsa_with_SHA256 =    'dsa_with_SHA256';
+  NID_dsa_with_SHA256 =    803;
+  SN_dsa_with_SHA384 =    'id-dsa-with-sha384';
+  LN_dsa_with_SHA384 =    'dsa_with_SHA384';
+  NID_dsa_with_SHA384 =    1106;
+  SN_dsa_with_SHA512 =    'id-dsa-with-sha512';
+  LN_dsa_with_SHA512 =    'dsa_with_SHA512';
+  NID_dsa_with_SHA512 =    1107;
+  SN_dsa_with_SHA3_224 =    'id-dsa-with-sha3-224';
+  LN_dsa_with_SHA3_224 =    'dsa_with_SHA3-224';
+  NID_dsa_with_SHA3_224 =    1108;
+  SN_dsa_with_SHA3_256 =    'id-dsa-with-sha3-256';
+  LN_dsa_with_SHA3_256 =    'dsa_with_SHA3-256';
+  NID_dsa_with_SHA3_256 =    1109;
+  SN_dsa_with_SHA3_384 =    'id-dsa-with-sha3-384';
+  LN_dsa_with_SHA3_384 =    'dsa_with_SHA3-384';
+  NID_dsa_with_SHA3_384 =    1110;
+  SN_dsa_with_SHA3_512 =    'id-dsa-with-sha3-512';
+  LN_dsa_with_SHA3_512 =    'dsa_with_SHA3-512';
+  NID_dsa_with_SHA3_512 =    1111;
+  SN_ecdsa_with_SHA3_224 =   'id-ecdsa-with-sha3-224';
+  LN_ecdsa_with_SHA3_224 =   'ecdsa_with_SHA3-224';
+  NID_ecdsa_with_SHA3_224 =   1112;
+  SN_ecdsa_with_SHA3_256 =   'id-ecdsa-with-sha3-256';
+  LN_ecdsa_with_SHA3_256 =   'ecdsa_with_SHA3-256';
+  NID_ecdsa_with_SHA3_256 =   1113;
+  SN_ecdsa_with_SHA3_384 =   'id-ecdsa-with-sha3-384';
+  LN_ecdsa_with_SHA3_384 =   'ecdsa_with_SHA3-384';
+  NID_ecdsa_with_SHA3_384 =   1114;
+  SN_ecdsa_with_SHA3_512 =   'id-ecdsa-with-sha3-512';
+  LN_ecdsa_with_SHA3_512 =   'ecdsa_with_SHA3-512';
+  NID_ecdsa_with_SHA3_512 =   1115;
+  SN_RSA_SHA3_224 =   'id-rsassa-pkcs1-v1_5-with-sha3-224';
+  LN_RSA_SHA3_224 =   'RSA-SHA3-224';
+  NID_RSA_SHA3_224 =     1116;
+  SN_RSA_SHA3_256 =   'id-rsassa-pkcs1-v1_5-with-sha3-256';
+  LN_RSA_SHA3_256 =   'RSA-SHA3-256';
+  NID_RSA_SHA3_256 =     1117;
+  SN_RSA_SHA3_384 =   'id-rsassa-pkcs1-v1_5-with-sha3-384';
+  LN_RSA_SHA3_384 =   'RSA-SHA3-384';
+  NID_RSA_SHA3_384 =     1118;
+  SN_RSA_SHA3_512 =   'id-rsassa-pkcs1-v1_5-with-sha3-512';
+  LN_RSA_SHA3_512 =   'RSA-SHA3-512';
+  NID_RSA_SHA3_512 =     1119;
+  SN_hold_instruction_code =     'holdInstructionCode';
+  LN_hold_instruction_code =     'Hold Instruction Code';
+  NID_hold_instruction_code =     430;
+  SN_hold_instruction_none =     'holdInstructionNone';
+  LN_hold_instruction_none =     'Hold Instruction None';
+  NID_hold_instruction_none =     431;
+  SN_hold_instruction_call_issuer =   'holdInstructionCallIssuer';
+  LN_hold_instruction_call_issuer =   'Hold Instruction Call Issuer';
+  NID_hold_instruction_call_issuer =     432;
+  SN_hold_instruction_reject =    'holdInstructionReject';
+  LN_hold_instruction_reject =    'Hold Instruction Reject';
+  NID_hold_instruction_reject =    433;
+  SN_data =   'data';
+  NID_data =     434;
+  SN_pss =   'pss';
+  NID_pss =   435;
+  SN_ucl =   'ucl';
+  NID_ucl =   436;
+  SN_pilot =     'pilot';
+  NID_pilot =     437;
+  LN_pilotAttributeType =    'pilotAttributeType';
+  NID_pilotAttributeType =   438;
+  LN_pilotAttributeSyntax =   'pilotAttributeSyntax';
+  NID_pilotAttributeSyntax =     439;
+  LN_pilotObjectClass =    'pilotObjectClass';
+  NID_pilotObjectClass =    440;
+  LN_pilotGroups =   'pilotGroups';
+  NID_pilotGroups =   441;
+  LN_iA5StringSyntax =    'iA5StringSyntax';
+  NID_iA5StringSyntax =    442;
+  LN_caseIgnoreIA5StringSyntax =    'caseIgnoreIA5StringSyntax';
+  NID_caseIgnoreIA5StringSyntax =    443;
+  LN_pilotObject =   'pilotObject';
+  NID_pilotObject =   444;
+  LN_pilotPerson =   'pilotPerson';
+  NID_pilotPerson =   445;
+  SN_account =    'account';
+  NID_account =    446;
+  SN_document =    'document';
+  NID_document =    447;
+  SN_room =   'room';
+  NID_room =     448;
+  LN_documentSeries =     'documentSeries';
+  NID_documentSeries =    449;
+  SN_Domain =     'domain';
+  LN_Domain =     'Domain';
+  NID_Domain =    392;
+  LN_rFC822localPart =    'rFC822localPart';
+  NID_rFC822localPart =    450;
+  LN_dNSDomain =    'dNSDomain';
+  NID_dNSDomain =    451;
+  LN_domainRelatedObject =   'domainRelatedObject';
+  NID_domainRelatedObject =   452;
+  LN_friendlyCountry =    'friendlyCountry';
+  NID_friendlyCountry =    453;
+  LN_simpleSecurityObject =   'simpleSecurityObject';
+  NID_simpleSecurityObject =     454;
+  LN_pilotOrganization =    'pilotOrganization';
+  NID_pilotOrganization =    455;
+  LN_pilotDSA =    'pilotDSA';
+  NID_pilotDSA =    456;
+  LN_qualityLabelledData =   'qualityLabelledData';
+  NID_qualityLabelledData =   457;
+  SN_userId =     'UID';
+  LN_userId =     'userId';
+  NID_userId =    458;
+  LN_textEncodedORAddress =   'textEncodedORAddress';
+  NID_textEncodedORAddress =     459;
+  SN_rfc822Mailbox =     'mail';
+  LN_rfc822Mailbox =     'rfc822Mailbox';
+  NID_rfc822Mailbox =     460;
+  SN_info =   'info';
+  NID_info =     461;
+  LN_favouriteDrink =     'favouriteDrink';
+  NID_favouriteDrink =    462;
+  LN_roomNumber =    'roomNumber';
+  NID_roomNumber =   463;
+  SN_photo =     'photo';
+  NID_photo =     464;
+  LN_userClass =    'userClass';
+  NID_userClass =    465;
+  SN_host =   'host';
+  NID_host =     466;
+  SN_manager =    'manager';
+  NID_manager =    467;
+  LN_documentIdentifier =    'documentIdentifier';
+  NID_documentIdentifier =   468;
+  LN_documentTitle =     'documentTitle';
+  NID_documentTitle =     469;
+  LN_documentVersion =    'documentVersion';
+  NID_documentVersion =    470;
+  LN_documentAuthor =     'documentAuthor';
+  NID_documentAuthor =    471;
+  LN_documentLocation =    'documentLocation';
+  NID_documentLocation =    472;
+  LN_homeTelephoneNumber =   'homeTelephoneNumber';
+  NID_homeTelephoneNumber =   473;
+  SN_secretary =    'secretary';
+  NID_secretary =    474;
+  LN_otherMailbox =   'otherMailbox';
+  NID_otherMailbox =     475;
+  LN_lastModifiedTime =    'lastModifiedTime';
+  NID_lastModifiedTime =    476;
+  LN_lastModifiedBy =     'lastModifiedBy';
+  NID_lastModifiedBy =    477;
+  SN_domainComponent =    'DC';
+  LN_domainComponent =    'domainComponent';
+  NID_domainComponent =    391;
+  LN_aRecord =    'aRecord';
+  NID_aRecord =    478;
+  LN_pilotAttributeType27 =   'pilotAttributeType27';
+  NID_pilotAttributeType27 =     479;
+  LN_mXRecord =    'mXRecord';
+  NID_mXRecord =    480;
+  LN_nSRecord =    'nSRecord';
+  NID_nSRecord =    481;
+  LN_sOARecord =    'sOARecord';
+  NID_sOARecord =    482;
+  LN_cNAMERecord =   'cNAMERecord';
+  NID_cNAMERecord =   483;
+  LN_associatedDomain =    'associatedDomain';
+  NID_associatedDomain =    484;
+  LN_associatedName =     'associatedName';
+  NID_associatedName =    485;
+  LN_homePostalAddress =    'homePostalAddress';
+  NID_homePostalAddress =    486;
+  LN_personalTitle =     'personalTitle';
+  NID_personalTitle =     487;
+  LN_mobileTelephoneNumber =     'mobileTelephoneNumber';
+  NID_mobileTelephoneNumber =     488;
+  LN_pagerTelephoneNumber =   'pagerTelephoneNumber';
+  NID_pagerTelephoneNumber =     489;
+  LN_friendlyCountryName =   'friendlyCountryName';
+  NID_friendlyCountryName =   490;
+  SN_uniqueIdentifier =    'uid';
+  LN_uniqueIdentifier =    'uniqueIdentifier';
+  NID_uniqueIdentifier =    102;
+  LN_organizationalStatus =   'organizationalStatus';
+  NID_organizationalStatus =     491;
+  LN_janetMailbox =   'janetMailbox';
+  NID_janetMailbox =     492;
+  LN_mailPreferenceOption =   'mailPreferenceOption';
+  NID_mailPreferenceOption =     493;
+  LN_buildingName =   'buildingName';
+  NID_buildingName =     494;
+  LN_dSAQuality =    'dSAQuality';
+  NID_dSAQuality =   495;
+  LN_singleLevelQuality =    'singleLevelQuality';
+  NID_singleLevelQuality =   496;
+  LN_subtreeMinimumQuality =     'subtreeMinimumQuality';
+  NID_subtreeMinimumQuality =     497;
+  LN_subtreeMaximumQuality =     'subtreeMaximumQuality';
+  NID_subtreeMaximumQuality =     498;
+  LN_personalSignature =    'personalSignature';
+  NID_personalSignature =    499;
+  LN_dITRedirect =   'dITRedirect';
+  NID_dITRedirect =   500;
+  SN_audio =     'audio';
+  NID_audio =     501;
+  LN_documentPublisher =    'documentPublisher';
+  NID_documentPublisher =    502;
+  SN_id_set =     'id-set';
+  LN_id_set =     'Secure Electronic Transactions';
+  NID_id_set =    512;
+  SN_set_ctype =    'set-ctype';
+  LN_set_ctype =    'content types';
+  NID_set_ctype =    513;
+  SN_set_msgExt =    'set-msgExt';
+  LN_set_msgExt =    'message extensions';
+  NID_set_msgExt =   514;
+  SN_set_attr =    'set-attr';
+  NID_set_attr =    515;
+  SN_set_policy =    'set-policy';
+  NID_set_policy =   516;
+  SN_set_certExt =   'set-certExt';
+  LN_set_certExt =   'certificate extensions';
+  NID_set_certExt =   517;
+  SN_set_brand =    'set-brand';
+  NID_set_brand =    518;
+  SN_setct_PANData =     'setct-PANData';
+  NID_setct_PANData =     519;
+  SN_setct_PANToken =     'setct-PANToken';
+  NID_setct_PANToken =    520;
+  SN_setct_PANOnly =     'setct-PANOnly';
+  NID_setct_PANOnly =     521;
+  SN_setct_OIData =   'setct-OIData';
+  NID_setct_OIData =     522;
+  SN_setct_PI =    'setct-PI';
+  NID_setct_PI =    523;
+  SN_setct_PIData =   'setct-PIData';
+  NID_setct_PIData =     524;
+  SN_setct_PIDataUnsigned =   'setct-PIDataUnsigned';
+  NID_setct_PIDataUnsigned =     525;
+  SN_setct_HODInput =     'setct-HODInput';
+  NID_setct_HODInput =    526;
+  SN_setct_AuthResBaggage =   'setct-AuthResBaggage';
+  NID_setct_AuthResBaggage =     527;
+  SN_setct_AuthRevReqBaggage =    'setct-AuthRevReqBaggage';
+  NID_setct_AuthRevReqBaggage =    528;
+  SN_setct_AuthRevResBaggage =    'setct-AuthRevResBaggage';
+  NID_setct_AuthRevResBaggage =    529;
+  SN_setct_CapTokenSeq =    'setct-CapTokenSeq';
+  NID_setct_CapTokenSeq =    530;
+  SN_setct_PInitResData =    'setct-PInitResData';
+  NID_setct_PInitResData =   531;
+  SN_setct_PI_TBS =   'setct-PI-TBS';
+  NID_setct_PI_TBS =     532;
+  SN_setct_PResData =     'setct-PResData';
+  NID_setct_PResData =    533;
+  SN_setct_AuthReqTBS =    'setct-AuthReqTBS';
+  NID_setct_AuthReqTBS =    534;
+  SN_setct_AuthResTBS =    'setct-AuthResTBS';
+  NID_setct_AuthResTBS =    535;
+  SN_setct_AuthResTBSX =    'setct-AuthResTBSX';
+  NID_setct_AuthResTBSX =    536;
+  SN_setct_AuthTokenTBS =    'setct-AuthTokenTBS';
+  NID_setct_AuthTokenTBS =   537;
+  SN_setct_CapTokenData =    'setct-CapTokenData';
+  NID_setct_CapTokenData =   538;
+  SN_setct_CapTokenTBS =    'setct-CapTokenTBS';
+  NID_setct_CapTokenTBS =    539;
+  SN_setct_AcqCardCodeMsg =   'setct-AcqCardCodeMsg';
+  NID_setct_AcqCardCodeMsg =     540;
+  SN_setct_AuthRevReqTBS =   'setct-AuthRevReqTBS';
+  NID_setct_AuthRevReqTBS =   541;
+  SN_setct_AuthRevResData =   'setct-AuthRevResData';
+  NID_setct_AuthRevResData =     542;
+  SN_setct_AuthRevResTBS =   'setct-AuthRevResTBS';
+  NID_setct_AuthRevResTBS =   543;
+  SN_setct_CapReqTBS =    'setct-CapReqTBS';
+  NID_setct_CapReqTBS =    544;
+  SN_setct_CapReqTBSX =    'setct-CapReqTBSX';
+  NID_setct_CapReqTBSX =    545;
+  SN_setct_CapResData =    'setct-CapResData';
+  NID_setct_CapResData =    546;
+  SN_setct_CapRevReqTBS =    'setct-CapRevReqTBS';
+  NID_setct_CapRevReqTBS =   547;
+  SN_setct_CapRevReqTBSX =   'setct-CapRevReqTBSX';
+  NID_setct_CapRevReqTBSX =   548;
+  SN_setct_CapRevResData =   'setct-CapRevResData';
+  NID_setct_CapRevResData =   549;
+  SN_setct_CredReqTBS =    'setct-CredReqTBS';
+  NID_setct_CredReqTBS =    550;
+  SN_setct_CredReqTBSX =    'setct-CredReqTBSX';
+  NID_setct_CredReqTBSX =    551;
+  SN_setct_CredResData =    'setct-CredResData';
+  NID_setct_CredResData =    552;
+  SN_setct_CredRevReqTBS =   'setct-CredRevReqTBS';
+  NID_setct_CredRevReqTBS =   553;
+  SN_setct_CredRevReqTBSX =   'setct-CredRevReqTBSX';
+  NID_setct_CredRevReqTBSX =     554;
+  SN_setct_CredRevResData =   'setct-CredRevResData';
+  NID_setct_CredRevResData =     555;
+  SN_setct_PCertReqData =    'setct-PCertReqData';
+  NID_setct_PCertReqData =   556;
+  SN_setct_PCertResTBS =    'setct-PCertResTBS';
+  NID_setct_PCertResTBS =    557;
+  SN_setct_BatchAdminReqData =    'setct-BatchAdminReqData';
+  NID_setct_BatchAdminReqData =    558;
+  SN_setct_BatchAdminResData =    'setct-BatchAdminResData';
+  NID_setct_BatchAdminResData =    559;
+  SN_setct_CardCInitResTBS =     'setct-CardCInitResTBS';
+  NID_setct_CardCInitResTBS =     560;
+  SN_setct_MeAqCInitResTBS =     'setct-MeAqCInitResTBS';
+  NID_setct_MeAqCInitResTBS =     561;
+  SN_setct_RegFormResTBS =   'setct-RegFormResTBS';
+  NID_setct_RegFormResTBS =   562;
+  SN_setct_CertReqData =    'setct-CertReqData';
+  NID_setct_CertReqData =    563;
+  SN_setct_CertReqTBS =    'setct-CertReqTBS';
+  NID_setct_CertReqTBS =    564;
+  SN_setct_CertResData =    'setct-CertResData';
+  NID_setct_CertResData =    565;
+  SN_setct_CertInqReqTBS =   'setct-CertInqReqTBS';
+  NID_setct_CertInqReqTBS =   566;
+  SN_setct_ErrorTBS =     'setct-ErrorTBS';
+  NID_setct_ErrorTBS =    567;
+  SN_setct_PIDualSignedTBE =     'setct-PIDualSignedTBE';
+  NID_setct_PIDualSignedTBE =     568;
+  SN_setct_PIUnsignedTBE =   'setct-PIUnsignedTBE';
+  NID_setct_PIUnsignedTBE =   569;
+  SN_setct_AuthReqTBE =    'setct-AuthReqTBE';
+  NID_setct_AuthReqTBE =    570;
+  SN_setct_AuthResTBE =    'setct-AuthResTBE';
+  NID_setct_AuthResTBE =    571;
+  SN_setct_AuthResTBEX =    'setct-AuthResTBEX';
+  NID_setct_AuthResTBEX =    572;
+  SN_setct_AuthTokenTBE =    'setct-AuthTokenTBE';
+  NID_setct_AuthTokenTBE =   573;
+  SN_setct_CapTokenTBE =    'setct-CapTokenTBE';
+  NID_setct_CapTokenTBE =    574;
+  SN_setct_CapTokenTBEX =    'setct-CapTokenTBEX';
+  NID_setct_CapTokenTBEX =   575;
+  SN_setct_AcqCardCodeMsgTBE =    'setct-AcqCardCodeMsgTBE';
+  NID_setct_AcqCardCodeMsgTBE =    576;
+  SN_setct_AuthRevReqTBE =   'setct-AuthRevReqTBE';
+  NID_setct_AuthRevReqTBE =   577;
+  SN_setct_AuthRevResTBE =   'setct-AuthRevResTBE';
+  NID_setct_AuthRevResTBE =   578;
+  SN_setct_AuthRevResTBEB =   'setct-AuthRevResTBEB';
+  NID_setct_AuthRevResTBEB =     579;
+  SN_setct_CapReqTBE =    'setct-CapReqTBE';
+  NID_setct_CapReqTBE =    580;
+  SN_setct_CapReqTBEX =    'setct-CapReqTBEX';
+  NID_setct_CapReqTBEX =    581;
+  SN_setct_CapResTBE =    'setct-CapResTBE';
+  NID_setct_CapResTBE =    582;
+  SN_setct_CapRevReqTBE =    'setct-CapRevReqTBE';
+  NID_setct_CapRevReqTBE =   583;
+  SN_setct_CapRevReqTBEX =   'setct-CapRevReqTBEX';
+  NID_setct_CapRevReqTBEX =   584;
+  SN_setct_CapRevResTBE =    'setct-CapRevResTBE';
+  NID_setct_CapRevResTBE =   585;
+  SN_setct_CredReqTBE =    'setct-CredReqTBE';
+  NID_setct_CredReqTBE =    586;
+  SN_setct_CredReqTBEX =    'setct-CredReqTBEX';
+  NID_setct_CredReqTBEX =    587;
+  SN_setct_CredResTBE =    'setct-CredResTBE';
+  NID_setct_CredResTBE =    588;
+  SN_setct_CredRevReqTBE =   'setct-CredRevReqTBE';
+  NID_setct_CredRevReqTBE =   589;
+  SN_setct_CredRevReqTBEX =   'setct-CredRevReqTBEX';
+  NID_setct_CredRevReqTBEX =     590;
+  SN_setct_CredRevResTBE =   'setct-CredRevResTBE';
+  NID_setct_CredRevResTBE =   591;
+  SN_setct_BatchAdminReqTBE =     'setct-BatchAdminReqTBE';
+  NID_setct_BatchAdminReqTBE =    592;
+  SN_setct_BatchAdminResTBE =     'setct-BatchAdminResTBE';
+  NID_setct_BatchAdminResTBE =    593;
+  SN_setct_RegFormReqTBE =   'setct-RegFormReqTBE';
+  NID_setct_RegFormReqTBE =   594;
+  SN_setct_CertReqTBE =    'setct-CertReqTBE';
+  NID_setct_CertReqTBE =    595;
+  SN_setct_CertReqTBEX =    'setct-CertReqTBEX';
+  NID_setct_CertReqTBEX =    596;
+  SN_setct_CertResTBE =    'setct-CertResTBE';
+  NID_setct_CertResTBE =    597;
+  SN_setct_CRLNotificationTBS =    'setct-CRLNotificationTBS';
+  NID_setct_CRLNotificationTBS =    598;
+  SN_setct_CRLNotificationResTBS =   'setct-CRLNotificationResTBS';
+  NID_setct_CRLNotificationResTBS =   599;
+  SN_setct_BCIDistributionTBS =    'setct-BCIDistributionTBS';
+  NID_setct_BCIDistributionTBS =    600;
+  SN_setext_genCrypt =    'setext-genCrypt';
+  LN_setext_genCrypt =    'generic cryptogram';
+  NID_setext_genCrypt =    601;
+  SN_setext_miAuth =     'setext-miAuth';
+  LN_setext_miAuth =     'merchant initiated auth';
+  NID_setext_miAuth =     602;
+  SN_setext_pinSecure =    'setext-pinSecure';
+  NID_setext_pinSecure =    603;
+  SN_setext_pinAny =     'setext-pinAny';
+  NID_setext_pinAny =     604;
+  SN_setext_track2 =     'setext-track2';
+  NID_setext_track2 =     605;
+  SN_setext_cv =    'setext-cv';
+  LN_setext_cv =    'additional verification';
+  NID_setext_cv =    606;
+  SN_set_policy_root =    'set-policy-root';
+  NID_set_policy_root =    607;
+  SN_setCext_hashedRoot =    'setCext-hashedRoot';
+  NID_setCext_hashedRoot =   608;
+  SN_setCext_certType =    'setCext-certType';
+  NID_setCext_certType =    609;
+  SN_setCext_merchData =    'setCext-merchData';
+  NID_setCext_merchData =    610;
+  SN_setCext_cCertRequired =     'setCext-cCertRequired';
+  NID_setCext_cCertRequired =     611;
+  SN_setCext_tunneling =    'setCext-tunneling';
+  NID_setCext_tunneling =    612;
+  SN_setCext_setExt =     'setCext-setExt';
+  NID_setCext_setExt =    613;
+  SN_setCext_setQualf =    'setCext-setQualf';
+  NID_setCext_setQualf =    614;
+  SN_setCext_PGWYcapabilities =    'setCext-PGWYcapabilities';
+  NID_setCext_PGWYcapabilities =    615;
+  SN_setCext_TokenIdentifier =    'setCext-TokenIdentifier';
+  NID_setCext_TokenIdentifier =    616;
+  SN_setCext_Track2Data =    'setCext-Track2Data';
+  NID_setCext_Track2Data =   617;
+  SN_setCext_TokenType =    'setCext-TokenType';
+  NID_setCext_TokenType =    618;
+  SN_setCext_IssuerCapabilities =    'setCext-IssuerCapabilities';
+  NID_setCext_IssuerCapabilities =   619;
+  SN_setAttr_Cert =   'setAttr-Cert';
+  NID_setAttr_Cert =     620;
+  SN_setAttr_PGWYcap =    'setAttr-PGWYcap';
+  LN_setAttr_PGWYcap =    'payment gateway capabilities';
+  NID_setAttr_PGWYcap =    621;
+  SN_setAttr_TokenType =    'setAttr-TokenType';
+  NID_setAttr_TokenType =    622;
+  SN_setAttr_IssCap =     'setAttr-IssCap';
+  LN_setAttr_IssCap =     'issuer capabilities';
+  NID_setAttr_IssCap =    623;
+  SN_set_rootKeyThumb =    'set-rootKeyThumb';
+  NID_set_rootKeyThumb =    624;
+  SN_set_addPolicy =     'set-addPolicy';
+  NID_set_addPolicy =     625;
+  SN_setAttr_Token_EMV =    'setAttr-Token-EMV';
+  NID_setAttr_Token_EMV =    626;
+  SN_setAttr_Token_B0Prime =     'setAttr-Token-B0Prime';
+  NID_setAttr_Token_B0Prime =     627;
+  SN_setAttr_IssCap_CVM =    'setAttr-IssCap-CVM';
+  NID_setAttr_IssCap_CVM =   628;
+  SN_setAttr_IssCap_T2 =    'setAttr-IssCap-T2';
+  NID_setAttr_IssCap_T2 =    629;
+  SN_setAttr_IssCap_Sig =    'setAttr-IssCap-Sig';
+  NID_setAttr_IssCap_Sig =   630;
+  SN_setAttr_GenCryptgrm =   'setAttr-GenCryptgrm';
+  LN_setAttr_GenCryptgrm =   'generate cryptogram';
+  NID_setAttr_GenCryptgrm =   631;
+  SN_setAttr_T2Enc =     'setAttr-T2Enc';
+  LN_setAttr_T2Enc =     'encrypted track 2';
+  NID_setAttr_T2Enc =     632;
+  SN_setAttr_T2cleartxt =    'setAttr-T2cleartxt';
+  LN_setAttr_T2cleartxt =    'cleartext track 2';
+  NID_setAttr_T2cleartxt =   633;
+  SN_setAttr_TokICCsig =    'setAttr-TokICCsig';
+  LN_setAttr_TokICCsig =    'ICC or token signature';
+  NID_setAttr_TokICCsig =    634;
+  SN_setAttr_SecDevSig =    'setAttr-SecDevSig';
+  LN_setAttr_SecDevSig =    'secure device signature';
+  NID_setAttr_SecDevSig =    635;
+  SN_set_brand_IATA_ATA =    'set-brand-IATA-ATA';
+  NID_set_brand_IATA_ATA =   636;
+  SN_set_brand_Diners =    'set-brand-Diners';
+  NID_set_brand_Diners =    637;
+  SN_set_brand_AmericanExpress =    'set-brand-AmericanExpress';
+  NID_set_brand_AmericanExpress =    638;
+  SN_set_brand_JCB =     'set-brand-JCB';
+  NID_set_brand_JCB =     639;
+  SN_set_brand_Visa =     'set-brand-Visa';
+  NID_set_brand_Visa =    640;
+  SN_set_brand_MasterCard =   'set-brand-MasterCard';
+  NID_set_brand_MasterCard =     641;
+  SN_set_brand_Novus =    'set-brand-Novus';
+  NID_set_brand_Novus =    642;
+  SN_des_cdmf =    'DES-CDMF';
+  LN_des_cdmf =    'des-cdmf';
+  NID_des_cdmf =    643;
+  SN_rsaOAEPEncryptionSET =   'rsaOAEPEncryptionSET';
+  NID_rsaOAEPEncryptionSET =     644;
+  SN_ipsec3 =     'Oakley-EC2N-3';
+  LN_ipsec3 =     'ipsec3';
+  NID_ipsec3 =    749;
+  SN_ipsec4 =     'Oakley-EC2N-4';
+  LN_ipsec4 =     'ipsec4';
+  NID_ipsec4 =    750;
+  SN_whirlpool =    'whirlpool';
+  NID_whirlpool =    804;
+  SN_cryptopro =    'cryptopro';
+  NID_cryptopro =    805;
+  SN_cryptocom =    'cryptocom';
+  NID_cryptocom =    806;
+  SN_id_tc26 =    'id-tc26';
+  NID_id_tc26 =    974;
+  SN_id_GostR3411_94_with_GostR3410_2001 =   'id-GostR3411-94-with-GostR3410-2001';
+  LN_id_GostR3411_94_with_GostR3410_2001 =   'GOST R 34.11-94 with GOST R 34.10-2001';
+  NID_id_GostR3411_94_with_GostR3410_2001 =   807;
+  SN_id_GostR3411_94_with_GostR3410_94 =    'id-GostR3411-94-with-GostR3410-94';
+  LN_id_GostR3411_94_with_GostR3410_94 =    'GOST R 34.11-94 with GOST R 34.10-94';
+  NID_id_GostR3411_94_with_GostR3410_94 =    808;
+  SN_id_GostR3411_94 =    'md_gost94';
+  LN_id_GostR3411_94 =    'GOST R 34.11-94';
+  NID_id_GostR3411_94 =    809;
+  SN_id_HMACGostR3411_94 =   'id-HMACGostR3411-94';
+  LN_id_HMACGostR3411_94 =   'HMAC GOST 34.11-94';
+  NID_id_HMACGostR3411_94 =   810;
+  SN_id_GostR3410_2001 =    'gost2001';
+  LN_id_GostR3410_2001 =    'GOST R 34.10-2001';
+  NID_id_GostR3410_2001 =    811;
+  SN_id_GostR3410_94 =    'gost94';
+  LN_id_GostR3410_94 =    'GOST R 34.10-94';
+  NID_id_GostR3410_94 =    812;
+  SN_id_Gost28147_89 =    'gost89';
+  LN_id_Gost28147_89 =    'GOST 28147-89';
+  NID_id_Gost28147_89 =    813;
+  SN_gost89_cnt =    'gost89-cnt';
+  NID_gost89_cnt =   814;
+  SN_gost89_cnt_12 =     'gost89-cnt-12';
+  NID_gost89_cnt_12 =     975;
+  SN_gost89_cbc =    'gost89-cbc';
+  NID_gost89_cbc =   1009;
+  SN_gost89_ecb =    'gost89-ecb';
+  NID_gost89_ecb =   1010;
+  SN_gost89_ctr =    'gost89-ctr';
+  NID_gost89_ctr =   1011;
+  SN_id_Gost28147_89_MAC =   'gost-mac';
+  LN_id_Gost28147_89_MAC =   'GOST 28147-89 MAC';
+  NID_id_Gost28147_89_MAC =   815;
+  SN_gost_mac_12 =   'gost-mac-12';
+  NID_gost_mac_12 =   976;
+  SN_id_GostR3411_94_prf =   'prf-gostr3411-94';
+  LN_id_GostR3411_94_prf =   'GOST R 34.11-94 PRF';
+  NID_id_GostR3411_94_prf =   816;
+  SN_id_GostR3410_2001DH =   'id-GostR3410-2001DH';
+  LN_id_GostR3410_2001DH =   'GOST R 34.10-2001 DH';
+  NID_id_GostR3410_2001DH =   817;
+  SN_id_GostR3410_94DH =    'id-GostR3410-94DH';
+  LN_id_GostR3410_94DH =    'GOST R 34.10-94 DH';
+  NID_id_GostR3410_94DH =    818;
+  SN_id_Gost28147_89_CryptoPro_KeyMeshing =   'id-Gost28147-89-CryptoPro-KeyMeshing';
+  NID_id_Gost28147_89_CryptoPro_KeyMeshing =     819;
+  SN_id_Gost28147_89_None_KeyMeshing =    'id-Gost28147-89-None-KeyMeshing';
+  NID_id_Gost28147_89_None_KeyMeshing =    820;
+  SN_id_GostR3411_94_TestParamSet =   'id-GostR3411-94-TestParamSet';
+  NID_id_GostR3411_94_TestParamSet =     821;
+  SN_id_GostR3411_94_CryptoProParamSet =    'id-GostR3411-94-CryptoProParamSet';
+  NID_id_GostR3411_94_CryptoProParamSet =    822;
+  SN_id_Gost28147_89_TestParamSet =   'id-Gost28147-89-TestParamSet';
+  NID_id_Gost28147_89_TestParamSet =     823;
+  SN_id_Gost28147_89_CryptoPro_A_ParamSet =   'id-Gost28147-89-CryptoPro-A-ParamSet';
+  NID_id_Gost28147_89_CryptoPro_A_ParamSet =     824;
+  SN_id_Gost28147_89_CryptoPro_B_ParamSet =   'id-Gost28147-89-CryptoPro-B-ParamSet';
+  NID_id_Gost28147_89_CryptoPro_B_ParamSet =     825;
+  SN_id_Gost28147_89_CryptoPro_C_ParamSet =   'id-Gost28147-89-CryptoPro-C-ParamSet';
+  NID_id_Gost28147_89_CryptoPro_C_ParamSet =     826;
+  SN_id_Gost28147_89_CryptoPro_D_ParamSet =   'id-Gost28147-89-CryptoPro-D-ParamSet';
+  NID_id_Gost28147_89_CryptoPro_D_ParamSet =     827;
+  SN_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet =   'id-Gost28147-89-CryptoPro-Oscar-1-1-ParamSet';
+  NID_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet =     828;
+  SN_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet =   'id-Gost28147-89-CryptoPro-Oscar-1-0-ParamSet';
+  NID_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet =     829;
+  SN_id_Gost28147_89_CryptoPro_RIC_1_ParamSet =    'id-Gost28147-89-CryptoPro-RIC-1-ParamSet';
+  NID_id_Gost28147_89_CryptoPro_RIC_1_ParamSet =    830;
+  SN_id_GostR3410_94_TestParamSet =   'id-GostR3410-94-TestParamSet';
+  NID_id_GostR3410_94_TestParamSet =     831;
+  SN_id_GostR3410_94_CryptoPro_A_ParamSet =   'id-GostR3410-94-CryptoPro-A-ParamSet';
+  NID_id_GostR3410_94_CryptoPro_A_ParamSet =     832;
+  SN_id_GostR3410_94_CryptoPro_B_ParamSet =   'id-GostR3410-94-CryptoPro-B-ParamSet';
+  NID_id_GostR3410_94_CryptoPro_B_ParamSet =     833;
+  SN_id_GostR3410_94_CryptoPro_C_ParamSet =   'id-GostR3410-94-CryptoPro-C-ParamSet';
+  NID_id_GostR3410_94_CryptoPro_C_ParamSet =     834;
+  SN_id_GostR3410_94_CryptoPro_D_ParamSet =   'id-GostR3410-94-CryptoPro-D-ParamSet';
+  NID_id_GostR3410_94_CryptoPro_D_ParamSet =     835;
+  SN_id_GostR3410_94_CryptoPro_XchA_ParamSet =    'id-GostR3410-94-CryptoPro-XchA-ParamSet';
+  NID_id_GostR3410_94_CryptoPro_XchA_ParamSet =    836;
+  SN_id_GostR3410_94_CryptoPro_XchB_ParamSet =    'id-GostR3410-94-CryptoPro-XchB-ParamSet';
+  NID_id_GostR3410_94_CryptoPro_XchB_ParamSet =    837;
+  SN_id_GostR3410_94_CryptoPro_XchC_ParamSet =    'id-GostR3410-94-CryptoPro-XchC-ParamSet';
+  NID_id_GostR3410_94_CryptoPro_XchC_ParamSet =    838;
+  SN_id_GostR3410_2001_TestParamSet =     'id-GostR3410-2001-TestParamSet';
+  NID_id_GostR3410_2001_TestParamSet =    839;
+  SN_id_GostR3410_2001_CryptoPro_A_ParamSet =     'id-GostR3410-2001-CryptoPro-A-ParamSet';
+  NID_id_GostR3410_2001_CryptoPro_A_ParamSet =    840;
+  SN_id_GostR3410_2001_CryptoPro_B_ParamSet =     'id-GostR3410-2001-CryptoPro-B-ParamSet';
+  NID_id_GostR3410_2001_CryptoPro_B_ParamSet =    841;
+  SN_id_GostR3410_2001_CryptoPro_C_ParamSet =     'id-GostR3410-2001-CryptoPro-C-ParamSet';
+  NID_id_GostR3410_2001_CryptoPro_C_ParamSet =    842;
+  SN_id_GostR3410_2001_CryptoPro_XchA_ParamSet =    'id-GostR3410-2001-CryptoPro-XchA-ParamSet';
+  NID_id_GostR3410_2001_CryptoPro_XchA_ParamSet =    843;
+  SN_id_GostR3410_2001_CryptoPro_XchB_ParamSet =    'id-GostR3410-2001-CryptoPro-XchB-ParamSet';
+  NID_id_GostR3410_2001_CryptoPro_XchB_ParamSet =    844;
+  SN_id_GostR3410_94_a =    'id-GostR3410-94-a';
+  NID_id_GostR3410_94_a =    845;
+  SN_id_GostR3410_94_aBis =   'id-GostR3410-94-aBis';
+  NID_id_GostR3410_94_aBis =     846;
+  SN_id_GostR3410_94_b =    'id-GostR3410-94-b';
+  NID_id_GostR3410_94_b =    847;
+  SN_id_GostR3410_94_bBis =   'id-GostR3410-94-bBis';
+  NID_id_GostR3410_94_bBis =     848;
+  SN_id_Gost28147_89_cc =    'id-Gost28147-89-cc';
+  LN_id_Gost28147_89_cc =    'GOST 28147-89 Cryptocom ParamSet';
+  NID_id_Gost28147_89_cc =   849;
+  SN_id_GostR3410_94_cc =    'gost94cc';
+  LN_id_GostR3410_94_cc =    'GOST 34.10-94 Cryptocom';
+  NID_id_GostR3410_94_cc =   850;
+  SN_id_GostR3410_2001_cc =   'gost2001cc';
+  LN_id_GostR3410_2001_cc =   'GOST 34.10-2001 Cryptocom';
+  NID_id_GostR3410_2001_cc =     851;
+  SN_id_GostR3411_94_with_GostR3410_94_cc =   'id-GostR3411-94-with-GostR3410-94-cc';
+  LN_id_GostR3411_94_with_GostR3410_94_cc =   'GOST R 34.11-94 with GOST R 34.10-94 Cryptocom';
+  NID_id_GostR3411_94_with_GostR3410_94_cc =     852;
+  SN_id_GostR3411_94_with_GostR3410_2001_cc =     'id-GostR3411-94-with-GostR3410-2001-cc';
+  LN_id_GostR3411_94_with_GostR3410_2001_cc =     'GOST R 34.11-94 with GOST R 34.10-2001 Cryptocom';
+  NID_id_GostR3411_94_with_GostR3410_2001_cc =    853;
+  SN_id_GostR3410_2001_ParamSet_cc =     'id-GostR3410-2001-ParamSet-cc';
+  LN_id_GostR3410_2001_ParamSet_cc =     'GOST R 3410-2001 Parameter Set Cryptocom';
+  NID_id_GostR3410_2001_ParamSet_cc =     854;
+  SN_id_tc26_algorithms =    'id-tc26-algorithms';
+  NID_id_tc26_algorithms =   977;
+  SN_id_tc26_sign =   'id-tc26-sign';
+  NID_id_tc26_sign =     978;
+  SN_id_GostR3410_2012_256 =     'gost2012_256';
+  LN_id_GostR3410_2012_256 =     'GOST R 34.10-2012 with 256 bit modulus';
+  NID_id_GostR3410_2012_256 =     979;
+  SN_id_GostR3410_2012_512 =     'gost2012_512';
+  LN_id_GostR3410_2012_512 =     'GOST R 34.10-2012 with 512 bit modulus';
+  NID_id_GostR3410_2012_512 =     980;
+  SN_id_tc26_digest =     'id-tc26-digest';
+  NID_id_tc26_digest =    981;
+  SN_id_GostR3411_2012_256 =     'md_gost12_256';
+  LN_id_GostR3411_2012_256 =     'GOST R 34.11-2012 with 256 bit hash';
+  NID_id_GostR3411_2012_256 =     982;
+  SN_id_GostR3411_2012_512 =     'md_gost12_512';
+  LN_id_GostR3411_2012_512 =     'GOST R 34.11-2012 with 512 bit hash';
+  NID_id_GostR3411_2012_512 =     983;
+  SN_id_tc26_signwithdigest =     'id-tc26-signwithdigest';
+  NID_id_tc26_signwithdigest =    984;
+  SN_id_tc26_signwithdigest_gost3410_2012_256 =    'id-tc26-signwithdigest-gost3410-2012-256';
+  LN_id_tc26_signwithdigest_gost3410_2012_256 =    'GOST R 34.10-2012 with GOST R 34.11-2012(256 bit)';
+  NID_id_tc26_signwithdigest_gost3410_2012_256 =    985;
+  SN_id_tc26_signwithdigest_gost3410_2012_512 =    'id-tc26-signwithdigest-gost3410-2012-512';
+  LN_id_tc26_signwithdigest_gost3410_2012_512 =    'GOST R 34.10-2012 with GOST R 34.11-2012(512 bit)';
+  NID_id_tc26_signwithdigest_gost3410_2012_512 =    986;
+  SN_id_tc26_mac =   'id-tc26-mac';
+  NID_id_tc26_mac =   987;
+  SN_id_tc26_hmac_gost_3411_2012_256 =    'id-tc26-hmac-gost-3411-2012-256';
+  LN_id_tc26_hmac_gost_3411_2012_256 =    'HMAC GOST 34.11-2012 256 bit';
+  NID_id_tc26_hmac_gost_3411_2012_256 =    988;
+  SN_id_tc26_hmac_gost_3411_2012_512 =    'id-tc26-hmac-gost-3411-2012-512';
+  LN_id_tc26_hmac_gost_3411_2012_512 =    'HMAC GOST 34.11-2012 512 bit';
+  NID_id_tc26_hmac_gost_3411_2012_512 =    989;
+  SN_id_tc26_cipher =     'id-tc26-cipher';
+  NID_id_tc26_cipher =    990;
+  SN_id_tc26_cipher_gostr3412_2015_magma =   'id-tc26-cipher-gostr3412-2015-magma';
+  NID_id_tc26_cipher_gostr3412_2015_magma =   1173;
+  SN_id_tc26_cipher_gostr3412_2015_magma_ctracpkm =   'id-tc26-cipher-gostr3412-2015-magma-ctracpkm';
+  NID_id_tc26_cipher_gostr3412_2015_magma_ctracpkm =     1174;
+  SN_id_tc26_cipher_gostr3412_2015_magma_ctracpkm_omac =    'id-tc26-cipher-gostr3412-2015-magma-ctracpkm-omac';
+  NID_id_tc26_cipher_gostr3412_2015_magma_ctracpkm_omac =    1175;
+  SN_id_tc26_cipher_gostr3412_2015_kuznyechik =    'id-tc26-cipher-gostr3412-2015-kuznyechik';
+  NID_id_tc26_cipher_gostr3412_2015_kuznyechik =    1176;
+  SN_id_tc26_cipher_gostr3412_2015_kuznyechik_ctracpkm =    'id-tc26-cipher-gostr3412-2015-kuznyechik-ctracpkm';
+  NID_id_tc26_cipher_gostr3412_2015_kuznyechik_ctracpkm =    1177;
+  SN_id_tc26_cipher_gostr3412_2015_kuznyechik_ctracpkm_omac =     'id-tc26-cipher-gostr3412-2015-kuznyechik-ctracpkm-omac';
+  NID_id_tc26_cipher_gostr3412_2015_kuznyechik_ctracpkm_omac =    1178;
+  SN_id_tc26_agreement =    'id-tc26-agreement';
+  NID_id_tc26_agreement =    991;
+  SN_id_tc26_agreement_gost_3410_2012_256 =   'id-tc26-agreement-gost-3410-2012-256';
+  NID_id_tc26_agreement_gost_3410_2012_256 =     992;
+  SN_id_tc26_agreement_gost_3410_2012_512 =   'id-tc26-agreement-gost-3410-2012-512';
+  NID_id_tc26_agreement_gost_3410_2012_512 =     993;
+  SN_id_tc26_wrap =   'id-tc26-wrap';
+  NID_id_tc26_wrap =     1179;
+  SN_id_tc26_wrap_gostr3412_2015_magma =    'id-tc26-wrap-gostr3412-2015-magma';
+  NID_id_tc26_wrap_gostr3412_2015_magma =    1180;
+  SN_id_tc26_wrap_gostr3412_2015_magma_kexp15 =    'id-tc26-wrap-gostr3412-2015-magma-kexp15';
+  NID_id_tc26_wrap_gostr3412_2015_magma_kexp15 =    1181;
+  SN_id_tc26_wrap_gostr3412_2015_kuznyechik =     'id-tc26-wrap-gostr3412-2015-kuznyechik';
+  NID_id_tc26_wrap_gostr3412_2015_kuznyechik =    1182;
+  SN_id_tc26_wrap_gostr3412_2015_kuznyechik_kexp15 =     'id-tc26-wrap-gostr3412-2015-kuznyechik-kexp15';
+  NID_id_tc26_wrap_gostr3412_2015_kuznyechik_kexp15 =     1183;
+  SN_id_tc26_constants =    'id-tc26-constants';
+  NID_id_tc26_constants =    994;
+  SN_id_tc26_sign_constants =     'id-tc26-sign-constants';
+  NID_id_tc26_sign_constants =    995;
+  SN_id_tc26_gost_3410_2012_256_constants =   'id-tc26-gost-3410-2012-256-constants';
+  NID_id_tc26_gost_3410_2012_256_constants =     1147;
+  SN_id_tc26_gost_3410_2012_256_paramSetA =   'id-tc26-gost-3410-2012-256-paramSetA';
+  LN_id_tc26_gost_3410_2012_256_paramSetA =   'GOST R 34.10-2012(256 bit)ParamSet A';
+  NID_id_tc26_gost_3410_2012_256_paramSetA =     1148;
+  SN_id_tc26_gost_3410_2012_256_paramSetB =   'id-tc26-gost-3410-2012-256-paramSetB';
+  LN_id_tc26_gost_3410_2012_256_paramSetB =   'GOST R 34.10-2012(256 bit)ParamSet B';
+  NID_id_tc26_gost_3410_2012_256_paramSetB =     1184;
+  SN_id_tc26_gost_3410_2012_256_paramSetC =   'id-tc26-gost-3410-2012-256-paramSetC';
+  LN_id_tc26_gost_3410_2012_256_paramSetC =   'GOST R 34.10-2012(256 bit)ParamSet C';
+  NID_id_tc26_gost_3410_2012_256_paramSetC =     1185;
+  SN_id_tc26_gost_3410_2012_256_paramSetD =   'id-tc26-gost-3410-2012-256-paramSetD';
+  LN_id_tc26_gost_3410_2012_256_paramSetD =   'GOST R 34.10-2012(256 bit)ParamSet D';
+  NID_id_tc26_gost_3410_2012_256_paramSetD =     1186;
+  SN_id_tc26_gost_3410_2012_512_constants =   'id-tc26-gost-3410-2012-512-constants';
+  NID_id_tc26_gost_3410_2012_512_constants =     996;
+  SN_id_tc26_gost_3410_2012_512_paramSetTest =    'id-tc26-gost-3410-2012-512-paramSetTest';
+  LN_id_tc26_gost_3410_2012_512_paramSetTest =    'GOST R 34.10-2012(512 bit)testing parameter set';
+  NID_id_tc26_gost_3410_2012_512_paramSetTest =    997;
+  SN_id_tc26_gost_3410_2012_512_paramSetA =   'id-tc26-gost-3410-2012-512-paramSetA';
+  LN_id_tc26_gost_3410_2012_512_paramSetA =   'GOST R 34.10-2012(512 bit)ParamSet A';
+  NID_id_tc26_gost_3410_2012_512_paramSetA =     998;
+  SN_id_tc26_gost_3410_2012_512_paramSetB =   'id-tc26-gost-3410-2012-512-paramSetB';
+  LN_id_tc26_gost_3410_2012_512_paramSetB =   'GOST R 34.10-2012(512 bit)ParamSet B';
+  NID_id_tc26_gost_3410_2012_512_paramSetB =     999;
+  SN_id_tc26_gost_3410_2012_512_paramSetC =   'id-tc26-gost-3410-2012-512-paramSetC';
+  LN_id_tc26_gost_3410_2012_512_paramSetC =   'GOST R 34.10-2012(512 bit)ParamSet C';
+  NID_id_tc26_gost_3410_2012_512_paramSetC =     1149;
+  SN_id_tc26_digest_constants =    'id-tc26-digest-constants';
+  NID_id_tc26_digest_constants =    1000;
+  SN_id_tc26_cipher_constants =    'id-tc26-cipher-constants';
+  NID_id_tc26_cipher_constants =    1001;
+  SN_id_tc26_gost_28147_constants =   'id-tc26-gost-28147-constants';
+  NID_id_tc26_gost_28147_constants =     1002;
+  SN_id_tc26_gost_28147_param_Z =    'id-tc26-gost-28147-param-Z';
+  LN_id_tc26_gost_28147_param_Z =    'GOST 28147-89 TC26 parameter set';
+  NID_id_tc26_gost_28147_param_Z =   1003;
+  SN_INN =   'INN';
+  LN_INN =   'INN';
+  NID_INN =   1004;
+  SN_OGRN =   'OGRN';
+  LN_OGRN =   'OGRN';
+  NID_OGRN =     1005;
+  SN_SNILS =     'SNILS';
+  LN_SNILS =     'SNILS';
+  NID_SNILS =     1006;
+  SN_subjectSignTool =    'subjectSignTool';
+  LN_subjectSignTool =    'Signing Tool of Subject';
+  NID_subjectSignTool =    1007;
+  SN_issuerSignTool =     'issuerSignTool';
+  LN_issuerSignTool =     'Signing Tool of Issuer';
+  NID_issuerSignTool =    1008;
+  SN_grasshopper_ecb =    'grasshopper-ecb';
+  NID_grasshopper_ecb =    1012;
+  SN_grasshopper_ctr =    'grasshopper-ctr';
+  NID_grasshopper_ctr =    1013;
+  SN_grasshopper_ofb =    'grasshopper-ofb';
+  NID_grasshopper_ofb =    1014;
+  SN_grasshopper_cbc =    'grasshopper-cbc';
+  NID_grasshopper_cbc =    1015;
+  SN_grasshopper_cfb =    'grasshopper-cfb';
+  NID_grasshopper_cfb =    1016;
+  SN_grasshopper_mac =    'grasshopper-mac';
+  NID_grasshopper_mac =    1017;
+  SN_magma_ecb =    'magma-ecb';
+  NID_magma_ecb =    1187;
+  SN_magma_ctr =    'magma-ctr';
+  NID_magma_ctr =    1188;
+  SN_magma_ofb =    'magma-ofb';
+  NID_magma_ofb =    1189;
+  SN_magma_cbc =    'magma-cbc';
+  NID_magma_cbc =    1190;
+  SN_magma_cfb =    'magma-cfb';
+  NID_magma_cfb =    1191;
+  SN_magma_mac =    'magma-mac';
+  NID_magma_mac =    1192;
+  SN_camellia_128_cbc =    'CAMELLIA-128-CBC';
+  LN_camellia_128_cbc =    'camellia-128-cbc';
+  NID_camellia_128_cbc =    751;
+  SN_camellia_192_cbc =    'CAMELLIA-192-CBC';
+  LN_camellia_192_cbc =    'camellia-192-cbc';
+  NID_camellia_192_cbc =    752;
+  SN_camellia_256_cbc =    'CAMELLIA-256-CBC';
+  LN_camellia_256_cbc =    'camellia-256-cbc';
+  NID_camellia_256_cbc =    753;
+  SN_id_camellia128_wrap =   'id-camellia128-wrap';
+  NID_id_camellia128_wrap =   907;
+  SN_id_camellia192_wrap =   'id-camellia192-wrap';
+  NID_id_camellia192_wrap =   908;
+  SN_id_camellia256_wrap =   'id-camellia256-wrap';
+  NID_id_camellia256_wrap =   909;
+  SN_camellia_128_ecb =    'CAMELLIA-128-ECB';
+  LN_camellia_128_ecb =    'camellia-128-ecb';
+  NID_camellia_128_ecb =    754;
+  SN_camellia_128_ofb128 =   'CAMELLIA-128-OFB';
+  LN_camellia_128_ofb128 =   'camellia-128-ofb';
+  NID_camellia_128_ofb128 =   766;
+  SN_camellia_128_cfb128 =   'CAMELLIA-128-CFB';
+  LN_camellia_128_cfb128 =   'camellia-128-cfb';
+  NID_camellia_128_cfb128 =   757;
+  SN_camellia_128_gcm =    'CAMELLIA-128-GCM';
+  LN_camellia_128_gcm =    'camellia-128-gcm';
+  NID_camellia_128_gcm =    961;
+  SN_camellia_128_ccm =    'CAMELLIA-128-CCM';
+  LN_camellia_128_ccm =    'camellia-128-ccm';
+  NID_camellia_128_ccm =    962;
+  SN_camellia_128_ctr =    'CAMELLIA-128-CTR';
+  LN_camellia_128_ctr =    'camellia-128-ctr';
+  NID_camellia_128_ctr =    963;
+  SN_camellia_128_cmac =    'CAMELLIA-128-CMAC';
+  LN_camellia_128_cmac =    'camellia-128-cmac';
+  NID_camellia_128_cmac =    964;
+  SN_camellia_192_ecb =    'CAMELLIA-192-ECB';
+  LN_camellia_192_ecb =    'camellia-192-ecb';
+  NID_camellia_192_ecb =    755;
+  SN_camellia_192_ofb128 =   'CAMELLIA-192-OFB';
+  LN_camellia_192_ofb128 =   'camellia-192-ofb';
+  NID_camellia_192_ofb128 =   767;
+  SN_camellia_192_cfb128 =   'CAMELLIA-192-CFB';
+  LN_camellia_192_cfb128 =   'camellia-192-cfb';
+  NID_camellia_192_cfb128 =   758;
+  SN_camellia_192_gcm =    'CAMELLIA-192-GCM';
+  LN_camellia_192_gcm =    'camellia-192-gcm';
+  NID_camellia_192_gcm =    965;
+  SN_camellia_192_ccm =    'CAMELLIA-192-CCM';
+  LN_camellia_192_ccm =    'camellia-192-ccm';
+  NID_camellia_192_ccm =    966;
+  SN_camellia_192_ctr =    'CAMELLIA-192-CTR';
+  LN_camellia_192_ctr =    'camellia-192-ctr';
+  NID_camellia_192_ctr =    967;
+  SN_camellia_192_cmac =    'CAMELLIA-192-CMAC';
+  LN_camellia_192_cmac =    'camellia-192-cmac';
+  NID_camellia_192_cmac =    968;
+  SN_camellia_256_ecb =    'CAMELLIA-256-ECB';
+  LN_camellia_256_ecb =    'camellia-256-ecb';
+  NID_camellia_256_ecb =    756;
+  SN_camellia_256_ofb128 =   'CAMELLIA-256-OFB';
+  LN_camellia_256_ofb128 =   'camellia-256-ofb';
+  NID_camellia_256_ofb128 =   768;
+  SN_camellia_256_cfb128 =   'CAMELLIA-256-CFB';
+  LN_camellia_256_cfb128 =   'camellia-256-cfb';
+  NID_camellia_256_cfb128 =   759;
+  SN_camellia_256_gcm =    'CAMELLIA-256-GCM';
+  LN_camellia_256_gcm =    'camellia-256-gcm';
+  NID_camellia_256_gcm =    969;
+  SN_camellia_256_ccm =    'CAMELLIA-256-CCM';
+  LN_camellia_256_ccm =    'camellia-256-ccm';
+  NID_camellia_256_ccm =    970;
+  SN_camellia_256_ctr =    'CAMELLIA-256-CTR';
+  LN_camellia_256_ctr =    'camellia-256-ctr';
+  NID_camellia_256_ctr =    971;
+  SN_camellia_256_cmac =    'CAMELLIA-256-CMAC';
+  LN_camellia_256_cmac =    'camellia-256-cmac';
+  NID_camellia_256_cmac =    972;
+  SN_camellia_128_cfb1 =    'CAMELLIA-128-CFB1';
+  LN_camellia_128_cfb1 =    'camellia-128-cfb1';
+  NID_camellia_128_cfb1 =    760;
+  SN_camellia_192_cfb1 =    'CAMELLIA-192-CFB1';
+  LN_camellia_192_cfb1 =    'camellia-192-cfb1';
+  NID_camellia_192_cfb1 =    761;
+  SN_camellia_256_cfb1 =    'CAMELLIA-256-CFB1';
+  LN_camellia_256_cfb1 =    'camellia-256-cfb1';
+  NID_camellia_256_cfb1 =    762;
+  SN_camellia_128_cfb8 =    'CAMELLIA-128-CFB8';
+  LN_camellia_128_cfb8 =    'camellia-128-cfb8';
+  NID_camellia_128_cfb8 =    763;
+  SN_camellia_192_cfb8 =    'CAMELLIA-192-CFB8';
+  LN_camellia_192_cfb8 =    'camellia-192-cfb8';
+  NID_camellia_192_cfb8 =    764;
+  SN_camellia_256_cfb8 =    'CAMELLIA-256-CFB8';
+  LN_camellia_256_cfb8 =    'camellia-256-cfb8';
+  NID_camellia_256_cfb8 =    765;
+  SN_aria_128_ecb =   'ARIA-128-ECB';
+  LN_aria_128_ecb =   'aria-128-ecb';
+  NID_aria_128_ecb =     1065;
+  SN_aria_128_cbc =   'ARIA-128-CBC';
+  LN_aria_128_cbc =   'aria-128-cbc';
+  NID_aria_128_cbc =     1066;
+  SN_aria_128_cfb128 =    'ARIA-128-CFB';
+  LN_aria_128_cfb128 =    'aria-128-cfb';
+  NID_aria_128_cfb128 =    1067;
+  SN_aria_128_ofb128 =    'ARIA-128-OFB';
+  LN_aria_128_ofb128 =    'aria-128-ofb';
+  NID_aria_128_ofb128 =    1068;
+  SN_aria_128_ctr =   'ARIA-128-CTR';
+  LN_aria_128_ctr =   'aria-128-ctr';
+  NID_aria_128_ctr =     1069;
+  SN_aria_192_ecb =   'ARIA-192-ECB';
+  LN_aria_192_ecb =   'aria-192-ecb';
+  NID_aria_192_ecb =     1070;
+  SN_aria_192_cbc =   'ARIA-192-CBC';
+  LN_aria_192_cbc =   'aria-192-cbc';
+  NID_aria_192_cbc =     1071;
+  SN_aria_192_cfb128 =    'ARIA-192-CFB';
+  LN_aria_192_cfb128 =    'aria-192-cfb';
+  NID_aria_192_cfb128 =    1072;
+  SN_aria_192_ofb128 =    'ARIA-192-OFB';
+  LN_aria_192_ofb128 =    'aria-192-ofb';
+  NID_aria_192_ofb128 =    1073;
+  SN_aria_192_ctr =   'ARIA-192-CTR';
+  LN_aria_192_ctr =   'aria-192-ctr';
+  NID_aria_192_ctr =     1074;
+  SN_aria_256_ecb =   'ARIA-256-ECB';
+  LN_aria_256_ecb =   'aria-256-ecb';
+  NID_aria_256_ecb =     1075;
+  SN_aria_256_cbc =   'ARIA-256-CBC';
+  LN_aria_256_cbc =   'aria-256-cbc';
+  NID_aria_256_cbc =     1076;
+  SN_aria_256_cfb128 =    'ARIA-256-CFB';
+  LN_aria_256_cfb128 =    'aria-256-cfb';
+  NID_aria_256_cfb128 =    1077;
+  SN_aria_256_ofb128 =    'ARIA-256-OFB';
+  LN_aria_256_ofb128 =    'aria-256-ofb';
+  NID_aria_256_ofb128 =    1078;
+  SN_aria_256_ctr =   'ARIA-256-CTR';
+  LN_aria_256_ctr =   'aria-256-ctr';
+  NID_aria_256_ctr =     1079;
+  SN_aria_128_cfb1 =     'ARIA-128-CFB1';
+  LN_aria_128_cfb1 =     'aria-128-cfb1';
+  NID_aria_128_cfb1 =     1080;
+  SN_aria_192_cfb1 =     'ARIA-192-CFB1';
+  LN_aria_192_cfb1 =     'aria-192-cfb1';
+  NID_aria_192_cfb1 =     1081;
+  SN_aria_256_cfb1 =     'ARIA-256-CFB1';
+  LN_aria_256_cfb1 =     'aria-256-cfb1';
+  NID_aria_256_cfb1 =     1082;
+  SN_aria_128_cfb8 =     'ARIA-128-CFB8';
+  LN_aria_128_cfb8 =     'aria-128-cfb8';
+  NID_aria_128_cfb8 =     1083;
+  SN_aria_192_cfb8 =     'ARIA-192-CFB8';
+  LN_aria_192_cfb8 =     'aria-192-cfb8';
+  NID_aria_192_cfb8 =     1084;
+  SN_aria_256_cfb8 =     'ARIA-256-CFB8';
+  LN_aria_256_cfb8 =     'aria-256-cfb8';
+  NID_aria_256_cfb8 =     1085;
+  SN_aria_128_ccm =   'ARIA-128-CCM';
+  LN_aria_128_ccm =   'aria-128-ccm';
+  NID_aria_128_ccm =     1120;
+  SN_aria_192_ccm =   'ARIA-192-CCM';
+  LN_aria_192_ccm =   'aria-192-ccm';
+  NID_aria_192_ccm =     1121;
+  SN_aria_256_ccm =   'ARIA-256-CCM';
+  LN_aria_256_ccm =   'aria-256-ccm';
+  NID_aria_256_ccm =     1122;
+  SN_aria_128_gcm =   'ARIA-128-GCM';
+  LN_aria_128_gcm =   'aria-128-gcm';
+  NID_aria_128_gcm =     1123;
+  SN_aria_192_gcm =   'ARIA-192-GCM';
+  LN_aria_192_gcm =   'aria-192-gcm';
+  NID_aria_192_gcm =     1124;
+  SN_aria_256_gcm =   'ARIA-256-GCM';
+  LN_aria_256_gcm =   'aria-256-gcm';
+  NID_aria_256_gcm =     1125;
+  SN_kisa =   'KISA';
+  LN_kisa =   'kisa';
+  NID_kisa =     773;
+  SN_seed_ecb =    'SEED-ECB';
+  LN_seed_ecb =    'seed-ecb';
+  NID_seed_ecb =    776;
+  SN_seed_cbc =    'SEED-CBC';
+  LN_seed_cbc =    'seed-cbc';
+  NID_seed_cbc =    777;
+  SN_seed_cfb128 =   'SEED-CFB';
+  LN_seed_cfb128 =   'seed-cfb';
+  NID_seed_cfb128 =   779;
+  SN_seed_ofb128 =   'SEED-OFB';
+  LN_seed_ofb128 =   'seed-ofb';
+  NID_seed_ofb128 =   778;
+  SN_sm4_ecb =    'SM4-ECB';
+  LN_sm4_ecb =    'sm4-ecb';
+  NID_sm4_ecb =    1133;
+  SN_sm4_cbc =    'SM4-CBC';
+  LN_sm4_cbc =    'sm4-cbc';
+  NID_sm4_cbc =    1134;
+  SN_sm4_ofb128 =    'SM4-OFB';
+  LN_sm4_ofb128 =    'sm4-ofb';
+  NID_sm4_ofb128 =   1135;
+  SN_sm4_cfb128 =    'SM4-CFB';
+  LN_sm4_cfb128 =    'sm4-cfb';
+  NID_sm4_cfb128 =   1137;
+  SN_sm4_cfb1 =    'SM4-CFB1';
+  LN_sm4_cfb1 =    'sm4-cfb1';
+  NID_sm4_cfb1 =    1136;
+  SN_sm4_cfb8 =    'SM4-CFB8';
+  LN_sm4_cfb8 =    'sm4-cfb8';
+  NID_sm4_cfb8 =    1138;
+  SN_sm4_ctr =    'SM4-CTR';
+  LN_sm4_ctr =    'sm4-ctr';
+  NID_sm4_ctr =    1139;
+  SN_hmac =   'HMAC';
+  LN_hmac =   'hmac';
+  NID_hmac =     855;
+  SN_cmac =   'CMAC';
+  LN_cmac =   'cmac';
+  NID_cmac =     894;
+  SN_rc4_hmac_md5 =   'RC4-HMAC-MD5';
+  LN_rc4_hmac_md5 =   'rc4-hmac-md5';
+  NID_rc4_hmac_md5 =     915;
+  SN_aes_128_cbc_hmac_sha1 =     'AES-128-CBC-HMAC-SHA1';
+  LN_aes_128_cbc_hmac_sha1 =     'aes-128-cbc-hmac-sha1';
+  NID_aes_128_cbc_hmac_sha1 =     916;
+  SN_aes_192_cbc_hmac_sha1 =     'AES-192-CBC-HMAC-SHA1';
+  LN_aes_192_cbc_hmac_sha1 =     'aes-192-cbc-hmac-sha1';
+  NID_aes_192_cbc_hmac_sha1 =     917;
+  SN_aes_256_cbc_hmac_sha1 =     'AES-256-CBC-HMAC-SHA1';
+  LN_aes_256_cbc_hmac_sha1 =     'aes-256-cbc-hmac-sha1';
+  NID_aes_256_cbc_hmac_sha1 =     918;
+  SN_aes_128_cbc_hmac_sha256 =    'AES-128-CBC-HMAC-SHA256';
+  LN_aes_128_cbc_hmac_sha256 =    'aes-128-cbc-hmac-sha256';
+  NID_aes_128_cbc_hmac_sha256 =    948;
+  SN_aes_192_cbc_hmac_sha256 =    'AES-192-CBC-HMAC-SHA256';
+  LN_aes_192_cbc_hmac_sha256 =    'aes-192-cbc-hmac-sha256';
+  NID_aes_192_cbc_hmac_sha256 =    949;
+  SN_aes_256_cbc_hmac_sha256 =    'AES-256-CBC-HMAC-SHA256';
+  LN_aes_256_cbc_hmac_sha256 =    'aes-256-cbc-hmac-sha256';
+  NID_aes_256_cbc_hmac_sha256 =    950;
+  SN_chacha20_poly1305 =    'ChaCha20-Poly1305';
+  LN_chacha20_poly1305 =    'chacha20-poly1305';
+  NID_chacha20_poly1305 =    1018;
+  SN_chacha20 =    'ChaCha20';
+  LN_chacha20 =    'chacha20';
+  NID_chacha20 =    1019;
+  SN_dhpublicnumber =     'dhpublicnumber';
+  LN_dhpublicnumber =     'X9.42 DH';
+  NID_dhpublicnumber =    920;
+  SN_brainpoolP160r1 =    'brainpoolP160r1';
+  NID_brainpoolP160r1 =    921;
+  SN_brainpoolP160t1 =    'brainpoolP160t1';
+  NID_brainpoolP160t1 =    922;
+  SN_brainpoolP192r1 =    'brainpoolP192r1';
+  NID_brainpoolP192r1 =    923;
+  SN_brainpoolP192t1 =    'brainpoolP192t1';
+  NID_brainpoolP192t1 =    924;
+  SN_brainpoolP224r1 =    'brainpoolP224r1';
+  NID_brainpoolP224r1 =    925;
+  SN_brainpoolP224t1 =    'brainpoolP224t1';
+  NID_brainpoolP224t1 =    926;
+  SN_brainpoolP256r1 =    'brainpoolP256r1';
+  NID_brainpoolP256r1 =    927;
+  SN_brainpoolP256t1 =    'brainpoolP256t1';
+  NID_brainpoolP256t1 =    928;
+  SN_brainpoolP320r1 =    'brainpoolP320r1';
+  NID_brainpoolP320r1 =    929;
+  SN_brainpoolP320t1 =    'brainpoolP320t1';
+  NID_brainpoolP320t1 =    930;
+  SN_brainpoolP384r1 =    'brainpoolP384r1';
+  NID_brainpoolP384r1 =    931;
+  SN_brainpoolP384t1 =    'brainpoolP384t1';
+  NID_brainpoolP384t1 =    932;
+  SN_brainpoolP512r1 =    'brainpoolP512r1';
+  NID_brainpoolP512r1 =    933;
+  SN_brainpoolP512t1 =    'brainpoolP512t1';
+  NID_brainpoolP512t1 =    934;
+  SN_dhSinglePass_stdDH_sha1kdf_scheme =    'dhSinglePass-stdDH-sha1kdf-scheme';
+  NID_dhSinglePass_stdDH_sha1kdf_scheme =    936;
+  SN_dhSinglePass_stdDH_sha224kdf_scheme =   'dhSinglePass-stdDH-sha224kdf-scheme';
+  NID_dhSinglePass_stdDH_sha224kdf_scheme =   937;
+  SN_dhSinglePass_stdDH_sha256kdf_scheme =   'dhSinglePass-stdDH-sha256kdf-scheme';
+  NID_dhSinglePass_stdDH_sha256kdf_scheme =   938;
+  SN_dhSinglePass_stdDH_sha384kdf_scheme =   'dhSinglePass-stdDH-sha384kdf-scheme';
+  NID_dhSinglePass_stdDH_sha384kdf_scheme =   939;
+  SN_dhSinglePass_stdDH_sha512kdf_scheme =   'dhSinglePass-stdDH-sha512kdf-scheme';
+  NID_dhSinglePass_stdDH_sha512kdf_scheme =   940;
+  SN_dhSinglePass_cofactorDH_sha1kdf_scheme =     'dhSinglePass-cofactorDH-sha1kdf-scheme';
+  NID_dhSinglePass_cofactorDH_sha1kdf_scheme =    941;
+  SN_dhSinglePass_cofactorDH_sha224kdf_scheme =    'dhSinglePass-cofactorDH-sha224kdf-scheme';
+  NID_dhSinglePass_cofactorDH_sha224kdf_scheme =    942;
+  SN_dhSinglePass_cofactorDH_sha256kdf_scheme =    'dhSinglePass-cofactorDH-sha256kdf-scheme';
+  NID_dhSinglePass_cofactorDH_sha256kdf_scheme =    943;
+  SN_dhSinglePass_cofactorDH_sha384kdf_scheme =    'dhSinglePass-cofactorDH-sha384kdf-scheme';
+  NID_dhSinglePass_cofactorDH_sha384kdf_scheme =    944;
+  SN_dhSinglePass_cofactorDH_sha512kdf_scheme =    'dhSinglePass-cofactorDH-sha512kdf-scheme';
+  NID_dhSinglePass_cofactorDH_sha512kdf_scheme =    945;
+  SN_dh_std_kdf =    'dh-std-kdf';
+  NID_dh_std_kdf =   946;
+  SN_dh_cofactor_kdf =    'dh-cofactor-kdf';
+  NID_dh_cofactor_kdf =    947;
+  SN_ct_precert_scts =    'ct_precert_scts';
+  LN_ct_precert_scts =    'CT Precertificate SCTs';
+  NID_ct_precert_scts =    951;
+  SN_ct_precert_poison =    'ct_precert_poison';
+  LN_ct_precert_poison =    'CT Precertificate Poison';
+  NID_ct_precert_poison =    952;
+  SN_ct_precert_signer =    'ct_precert_signer';
+  LN_ct_precert_signer =    'CT Precertificate Signer';
+  NID_ct_precert_signer =    953;
+  SN_ct_cert_scts =   'ct_cert_scts';
+  LN_ct_cert_scts =   'CT Certificate SCTs';
+  NID_ct_cert_scts =     954;
+  SN_jurisdictionLocalityName =    'jurisdictionL';
+  LN_jurisdictionLocalityName =    'jurisdictionLocalityName';
+  NID_jurisdictionLocalityName =    955;
+  SN_jurisdictionStateOrProvinceName =    'jurisdictionST';
+  LN_jurisdictionStateOrProvinceName =    'jurisdictionStateOrProvinceName';
+  NID_jurisdictionStateOrProvinceName =    956;
+  SN_jurisdictionCountryName =    'jurisdictionC';
+  LN_jurisdictionCountryName =    'jurisdictionCountryName';
+  NID_jurisdictionCountryName =    957;
+  SN_id_scrypt =    'id-scrypt';
+  LN_id_scrypt =    'scrypt';
+  NID_id_scrypt =    973;
+  SN_tls1_prf =    'TLS1-PRF';
+  LN_tls1_prf =    'tls1-prf';
+  NID_tls1_prf =    1021;
+  SN_hkdf =   'HKDF';
+  LN_hkdf =   'hkdf';
+  NID_hkdf =     1036;
+  SN_id_pkinit =    'id-pkinit';
+  NID_id_pkinit =    1031;
+  SN_pkInitClientAuth =    'pkInitClientAuth';
+  LN_pkInitClientAuth =    'PKINIT Client Auth';
+  NID_pkInitClientAuth =    1032;
+  SN_pkInitKDC =    'pkInitKDC';
+  LN_pkInitKDC =    'Signing KDC Response';
+  NID_pkInitKDC =    1033;
+  SN_X25519 =     'X25519';
+  NID_X25519 =    1034;
+  SN_X448 =   'X448';
+  NID_X448 =     1035;
+  SN_ED25519 =    'ED25519';
+  NID_ED25519 =    1087;
+  SN_ED448 =     'ED448';
+  NID_ED448 =     1088;
+  SN_kx_rsa =     'KxRSA';
+  LN_kx_rsa =     'kx-rsa';
+  NID_kx_rsa =    1037;
+  SN_kx_ecdhe =    'KxECDHE';
+  LN_kx_ecdhe =    'kx-ecdhe';
+  NID_kx_ecdhe =    1038;
+  SN_kx_dhe =     'KxDHE';
+  LN_kx_dhe =     'kx-dhe';
+  NID_kx_dhe =    1039;
+  SN_kx_ecdhe_psk =   'KxECDHE-PSK';
+  LN_kx_ecdhe_psk =   'kx-ecdhe-psk';
+  NID_kx_ecdhe_psk =     1040;
+  SN_kx_dhe_psk =    'KxDHE-PSK';
+  LN_kx_dhe_psk =    'kx-dhe-psk';
+  NID_kx_dhe_psk =   1041;
+  SN_kx_rsa_psk =    'KxRSA_PSK';
+  LN_kx_rsa_psk =    'kx-rsa-psk';
+  NID_kx_rsa_psk =   1042;
+  SN_kx_psk =     'KxPSK';
+  LN_kx_psk =     'kx-psk';
+  NID_kx_psk =    1043;
+  SN_kx_srp =     'KxSRP';
+  LN_kx_srp =     'kx-srp';
+  NID_kx_srp =    1044;
+  SN_kx_gost =    'KxGOST';
+  LN_kx_gost =    'kx-gost';
+  NID_kx_gost =    1045;
+  SN_kx_any =     'KxANY';
+  LN_kx_any =     'kx-any';
+  NID_kx_any =    1063;
+  SN_auth_rsa =    'AuthRSA';
+  LN_auth_rsa =    'auth-rsa';
+  NID_auth_rsa =    1046;
+  SN_auth_ecdsa =    'AuthECDSA';
+  LN_auth_ecdsa =    'auth-ecdsa';
+  NID_auth_ecdsa =   1047;
+  SN_auth_psk =    'AuthPSK';
+  LN_auth_psk =    'auth-psk';
+  NID_auth_psk =    1048;
+  SN_auth_dss =    'AuthDSS';
+  LN_auth_dss =    'auth-dss';
+  NID_auth_dss =    1049;
+  SN_auth_gost01 =   'AuthGOST01';
+  LN_auth_gost01 =   'auth-gost01';
+  NID_auth_gost01 =   1050;
+  SN_auth_gost12 =   'AuthGOST12';
+  LN_auth_gost12 =   'auth-gost12';
+  NID_auth_gost12 =   1051;
+  SN_auth_srp =    'AuthSRP';
+  LN_auth_srp =    'auth-srp';
+  NID_auth_srp =    1052;
+  SN_auth_null =    'AuthNULL';
+  LN_auth_null =    'auth-null';
+  NID_auth_null =    1053;
+  SN_auth_any =    'AuthANY';
+  LN_auth_any =    'auth-any';
+  NID_auth_any =    1064;
+  SN_poly1305 =    'Poly1305';
+  LN_poly1305 =    'poly1305';
+  NID_poly1305 =    1061;
+  SN_siphash =    'SipHash';
+  LN_siphash =    'siphash';
+  NID_siphash =    1062;
+  SN_ffdhe2048 =    'ffdhe2048';
+  NID_ffdhe2048 =    1126;
+  SN_ffdhe3072 =    'ffdhe3072';
+  NID_ffdhe3072 =    1127;
+  SN_ffdhe4096 =    'ffdhe4096';
+  NID_ffdhe4096 =    1128;
+  SN_ffdhe6144 =    'ffdhe6144';
+  NID_ffdhe6144 =    1129;
+  SN_ffdhe8192 =    'ffdhe8192';
+  NID_ffdhe8192 =    1130;
+  SN_ISO_UA =     'ISO-UA';
+  NID_ISO_UA =    1150;
+  SN_ua_pki =     'ua-pki';
+  NID_ua_pki =    1151;
+  SN_dstu28147 =    'dstu28147';
+  LN_dstu28147 =    'DSTU Gost 28147-2009';
+  NID_dstu28147 =    1152;
+  SN_dstu28147_ofb =     'dstu28147-ofb';
+  LN_dstu28147_ofb =     'DSTU Gost 28147-2009 OFB mode';
+  NID_dstu28147_ofb =     1153;
+  SN_dstu28147_cfb =     'dstu28147-cfb';
+  LN_dstu28147_cfb =     'DSTU Gost 28147-2009 CFB mode';
+  NID_dstu28147_cfb =     1154;
+  SN_dstu28147_wrap =     'dstu28147-wrap';
+  LN_dstu28147_wrap =     'DSTU Gost 28147-2009 key wrap';
+  NID_dstu28147_wrap =    1155;
+  SN_hmacWithDstu34311 =    'hmacWithDstu34311';
+  LN_hmacWithDstu34311 =    'HMAC DSTU Gost 34311-95';
+  NID_hmacWithDstu34311 =    1156;
+  SN_dstu34311 =    'dstu34311';
+  LN_dstu34311 =    'DSTU Gost 34311-95';
+  NID_dstu34311 =    1157;
+  SN_dstu4145le =    'dstu4145le';
+  LN_dstu4145le =    'DSTU 4145-2002 little endian';
+  NID_dstu4145le =   1158;
+  SN_dstu4145be =    'dstu4145be';
+  LN_dstu4145be =    'DSTU 4145-2002 big endian';
+  NID_dstu4145be =   1159;
+  SN_uacurve0 =    'uacurve0';
+  LN_uacurve0 =    'DSTU curve 0';
+  NID_uacurve0 =    1160;
+  SN_uacurve1 =    'uacurve1';
+  LN_uacurve1 =    'DSTU curve 1';
+  NID_uacurve1 =    1161;
+  SN_uacurve2 =    'uacurve2';
+  LN_uacurve2 =    'DSTU curve 2';
+  NID_uacurve2 =    1162;
+  SN_uacurve3 =    'uacurve3';
+  LN_uacurve3 =    'DSTU curve 3';
+  NID_uacurve3 =    1163;
+  SN_uacurve4 =    'uacurve4';
+  LN_uacurve4 =    'DSTU curve 4';
+  NID_uacurve4 =    1164;
+  SN_uacurve5 =    'uacurve5';
+  LN_uacurve5 =    'DSTU curve 5';
+  NID_uacurve5 =    1165;
+  SN_uacurve6 =    'uacurve6';
+  LN_uacurve6 =    'DSTU curve 6';
+  NID_uacurve6 =    1166;
+  SN_uacurve7 =    'uacurve7';
+  LN_uacurve7 =    'DSTU curve 7';
+  NID_uacurve7 =    1167;
+  SN_uacurve8 =    'uacurve8';
+  LN_uacurve8 =    'DSTU curve 8';
+  NID_uacurve8 =    1168;
+  SN_uacurve9 =    'uacurve9';
+  LN_uacurve9 =    'DSTU curve 9';
+  NID_uacurve9 =    1169;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_objects.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_objects.pas
new file mode 100644
index 000000000..414cb4bc8
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_objects.pas
@@ -0,0 +1,186 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 14:51:27
+
+unit IdOpenSSLHeaders_objects;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// objects.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts,
+  IdOpenSSLHeaders_ossl_typ;
+
+type
+  obj_name_st = record
+    &type: TIdC_INT;
+    alias: TIdC_INT;
+    name: PIdAnsiChar;
+    data: PIdAnsiChar;
+  end;
+  OBJ_NAME = obj_name_st;
+  POBJ_NAME = ^OBJ_NAME;
+
+//# define         OBJ_create_and_add_object(a,b,c) OBJ_create(a,b,c)
+
+  function OBJ_NAME_init: TIdC_INT cdecl; external CLibCrypto;
+  //TIdC_INT OBJ_NAME_new_index(TIdC_ULONG (*hash_func) (const PIdAnsiChar *);
+  //                       TIdC_INT (*cmp_func) (const PIdAnsiChar *; const PIdAnsiChar *);
+  //                       void (*free_func) (const PIdAnsiChar *; TIdC_INT; const PIdAnsiChar *));
+  function OBJ_NAME_get(const name: PIdAnsiChar; &type: TIdC_INT): PIdAnsiChar cdecl; external CLibCrypto;
+  function OBJ_NAME_add(const name: PIdAnsiChar; &type: TIdC_INT; const data: PIdAnsiChar): TIdC_INT cdecl; external CLibCrypto;
+  function OBJ_NAME_remove(const name: PIdAnsiChar; &type: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  procedure OBJ_NAME_cleanup(&type: TIdC_INT) cdecl; external CLibCrypto;
+//  void OBJ_NAME_do_all(TIdC_INT &type; void (*fn) (const OBJ_NAME *; void *arg);
+//                       void *arg);
+//  void OBJ_NAME_do_all_sorted(TIdC_INT &type;
+//                              void (*fn) (const OBJ_NAME *; void *arg);
+//                              void *arg);
+
+  function OBJ_dup(const o: PASN1_OBJECT): PASN1_OBJECT cdecl; external CLibCrypto;
+  function OBJ_nid2obj(n: TIdC_INT): PASN1_OBJECT cdecl; external CLibCrypto;
+  function OBJ_nid2ln(n: TIdC_INT): PIdAnsiChar cdecl; external CLibCrypto;
+  function OBJ_nid2sn(n: TIdC_INT): PIdAnsiChar cdecl; external CLibCrypto;
+  function OBJ_obj2nid(const o: PASN1_OBJECT): TIdC_INT cdecl; external CLibCrypto;
+  function OBJ_txt2obj(const s: PIdAnsiChar; no_name: TIdC_INT): PASN1_OBJECT cdecl; external CLibCrypto;
+  function OBJ_obj2txt(buf: PIdAnsiChar; buf_len: TIdC_INT; const a: PASN1_OBJECT; no_name: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function OBJ_txt2nid(const s: PIdAnsiChar): TIdC_INT cdecl; external CLibCrypto;
+  function OBJ_ln2nid(const s: PIdAnsiChar): TIdC_INT cdecl; external CLibCrypto;
+  function OBJ_sn2nid(const s: PIdAnsiChar): TIdC_INT cdecl; external CLibCrypto;
+  function OBJ_cmp(const a: PASN1_OBJECT; const b: PASN1_OBJECT): TIdC_INT cdecl; external CLibCrypto;
+//  const void *OBJ_bsearch_(const void *key; const void *base; TIdC_INT num; TIdC_INT size;
+//                           TIdC_INT (*cmp) (const void *; const void *));
+//  const void *OBJ_bsearch_ex_(const void *key; const void *base; TIdC_INT num;
+//                              TIdC_INT size;
+//                              TIdC_INT (*cmp) (const void *; const void *);
+//                              TIdC_INT flags);
+
+  //# define _DECLARE_OBJ_BSEARCH_CMP_FN(scope; type1; type2; nm)    \
+  //  static TIdC_INT nm##_cmp_BSEARCH_CMP_FN(const void *; const void *); \
+  //  static TIdC_INT nm##_cmp(type1 const *; type2 const *); \
+  //  scope type2 * OBJ_bsearch_##nm(type1 *key; type2 const *base; TIdC_INT num)
+  //
+  //# define DECLARE_OBJ_BSEARCH_CMP_FN(type1; type2; cmp)   \
+  //  _DECLARE_OBJ_BSEARCH_CMP_FN(static; type1; type2; cmp)
+  //# define DECLARE_OBJ_BSEARCH_GLOBAL_CMP_FN(type1; type2; nm)     \
+  //  type2 * OBJ_bsearch_##nm(type1 *key; type2 const *base; TIdC_INT num)
+
+  (*
+   * Unsolved problem: if a type is actually a pointer type, like
+   * nid_triple is, then its impossible to get a const where you need
+   * it. Consider:
+   *
+   * typedef TIdC_INT nid_triple[3];
+   * const void *a_;
+   * const nid_triple const *a = a_;
+   *
+   * The assignment discards a const because what you really want is:
+   *
+   * const TIdC_INT const * const *a = a_;
+   *
+   * But if you do that, you lose the fact that a is an array of 3 ints,
+   * which breaks comparison functions.
+   *
+   * Thus we end up having to cast, sadly, or unpack the
+   * declarations. Or, as I finally did in this case, declare nid_triple
+   * to be a struct, which it should have been in the first place.
+   *
+   * Ben, August 2008.
+   *
+   * Also, strictly speaking not all types need be const, but handling
+   * the non-constness means a lot of complication, and in practice
+   * comparison routines do always not touch their arguments.
+   *)
+
+  //# define IMPLEMENT_OBJ_BSEARCH_CMP_FN(type1, type2, nm)  \
+  //  static TIdC_INT nm##_cmp_BSEARCH_CMP_FN(const void *a_; const void *b_)    \
+  //      { \
+  //      type1 const *a = a_; \
+  //      type2 const *b = b_; \
+  //      return nm##_cmp(a;b); \
+  //      } \
+  //  static type2 *OBJ_bsearch_##nm(type1 *key; type2 const *base; TIdC_INT num) \
+  //      { \
+  //      return (type2 *)OBJ_bsearch_(key; base; num; sizeof(type2); \
+  //                                        nm##_cmp_BSEARCH_CMP_FN); \
+  //      } \
+  //      extern void dummy_prototype(void)
+  //
+  //# define IMPLEMENT_OBJ_BSEARCH_GLOBAL_CMP_FN(type1; type2; nm)   \
+  //  static TIdC_INT nm##_cmp_BSEARCH_CMP_FN(const void *a_; const void *b_)    \
+  //      { \
+  //      type1 const *a = a_; \
+  //      type2 const *b = b_; \
+  //      return nm##_cmp(a;b); \
+  //      } \
+  //  type2 *OBJ_bsearch_##nm(type1 *key; type2 const *base; TIdC_INT num) \
+  //      { \
+  //      return (type2 *)OBJ_bsearch_(key; base; num; sizeof(type2); \
+  //                                        nm##_cmp_BSEARCH_CMP_FN); \
+  //      } \
+  //      extern void dummy_prototype(void)
+  //
+  //# define OBJ_bsearch(type1;key;type2;base;num;cmp)                              \
+  //  ((type2 *)OBJ_bsearch_(CHECKED_PTR_OF(type1;key);CHECKED_PTR_OF(type2;base); \
+  //                         num;sizeof(type2);                             \
+  //                         ((void)CHECKED_PTR_OF(type1;cmp##_type_1);     \
+  //                          (void)CHECKED_PTR_OF(type2;cmp##_type_2);     \
+  //                          cmp##_BSEARCH_CMP_FN)))
+  //
+  //# define OBJ_bsearch_ex(type1;key;type2;base;num;cmp;flags)                      \
+  //  ((type2 *)OBJ_bsearch_ex_(CHECKED_PTR_OF(type1;key);CHECKED_PTR_OF(type2;base); \
+  //                         num;sizeof(type2);                             \
+  //                         ((void)CHECKED_PTR_OF(type1;cmp##_type_1);     \
+  //                          (void)type_2=CHECKED_PTR_OF(type2;cmp##_type_2); \
+  //                          cmp##_BSEARCH_CMP_FN));flags)
+
+  function OBJ_new_nid(num: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function OBJ_add_object(const obj: PASN1_OBJECT): TIdC_INT cdecl; external CLibCrypto;
+  function OBJ_create(const oid: PIdAnsiChar; const sn: PIdAnsiChar; const ln: PIdAnsiChar): TIdC_INT cdecl; external CLibCrypto;
+  function OBJ_create_objects(&in: PBIO): TIdC_INT cdecl; external CLibCrypto;
+
+  function OBJ_length(const obj: PASN1_OBJECT): TIdC_SIZET cdecl; external CLibCrypto;
+  function OBJ_get0_data(const obj: PASN1_OBJECT): PByte cdecl; external CLibCrypto;
+
+  function OBJ_find_sigid_algs(signid: TIdC_INT; pdig_nid: PIdC_INT; ppkey_nid: PIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function OBJ_find_sigid_by_algs(psignid: PIdC_INT; dig_nid: TIdC_INT; pkey_nid: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function OBJ_add_sigid(signid: TIdC_INT; dig_id: TIdC_INT; pkey_id: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  procedure OBJ_sigid_free cdecl; external CLibCrypto;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_objectserr.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_objectserr.pas
new file mode 100644
index 000000000..99a6934b1
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_objectserr.pas
@@ -0,0 +1,71 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 14:51:27
+
+unit IdOpenSSLHeaders_objectserr;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// objectserr.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+const
+  (*
+   * OBJ function codes.
+   *)
+  OBJ_F_OBJ_ADD_OBJECT =  105;
+  OBJ_F_OBJ_ADD_SIGID =  107;
+  OBJ_F_OBJ_CREATE =   100;
+  OBJ_F_OBJ_DUP =   101;
+  OBJ_F_OBJ_NAME_NEW_INDEX =  106;
+  OBJ_F_OBJ_NID2LN =   102;
+  OBJ_F_OBJ_NID2OBJ =   103;
+  OBJ_F_OBJ_NID2SN =   104;
+  OBJ_F_OBJ_TXT2OBJ =   108;
+
+  (*
+   * OBJ reason codes.
+   *)
+  OBJ_R_OID_EXISTS = 102;
+  OBJ_R_UNKNOWN_NID = 101;
+
+  function ERR_load_OBJ_strings: TIdC_INT cdecl; external CLibCrypto;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ocsperr.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ocsperr.pas
new file mode 100644
index 000000000..3b7fc32c9
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ocsperr.pas
@@ -0,0 +1,102 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 14:51:27
+
+unit IdOpenSSLHeaders_ocsperr;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// ocsperr.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+const
+  (*
+   * OCSP function codes.
+   *)
+  OCSP_F_D2I_OCSP_NONCE = 102;
+  OCSP_F_OCSP_BASIC_ADD1_STATUS = 103;
+  OCSP_F_OCSP_BASIC_SIGN = 104;
+  OCSP_F_OCSP_BASIC_SIGN_CTX = 119;
+  OCSP_F_OCSP_BASIC_VERIFY = 105;
+  OCSP_F_OCSP_CERT_ID_NEW = 101;
+  OCSP_F_OCSP_CHECK_DELEGATED = 106;
+  OCSP_F_OCSP_CHECK_IDS = 107;
+  OCSP_F_OCSP_CHECK_ISSUER = 108;
+  OCSP_F_OCSP_CHECK_VALIDITY = 115;
+  OCSP_F_OCSP_MATCH_ISSUERID = 109;
+  OCSP_F_OCSP_PARSE_URL = 114;
+  OCSP_F_OCSP_REQUEST_SIGN = 110;
+  OCSP_F_OCSP_REQUEST_VERIFY = 116;
+  OCSP_F_OCSP_RESPONSE_GET1_BASIC = 111;
+  OCSP_F_PARSE_HTTP_LINE1 = 118;
+
+  (*
+   * OCSP reason codes.
+   *)
+  OCSP_R_CERTIFICATE_VERIFY_ERROR = 101;
+  OCSP_R_DIGEST_ERR = 102;
+  OCSP_R_ERROR_IN_NEXTUPDATE_FIELD = 122;
+  OCSP_R_ERROR_IN_THISUPDATE_FIELD = 123;
+  OCSP_R_ERROR_PARSING_URL = 121;
+  OCSP_R_MISSING_OCSPSIGNING_USAGE = 103;
+  OCSP_R_NEXTUPDATE_BEFORE_THISUPDATE = 124;
+  OCSP_R_NOT_BASIC_RESPONSE = 104;
+  OCSP_R_NO_CERTIFICATES_IN_CHAIN = 105;
+  OCSP_R_NO_RESPONSE_DATA = 108;
+  OCSP_R_NO_REVOKED_TIME = 109;
+  OCSP_R_NO_SIGNER_KEY = 130;
+  OCSP_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE = 110;
+  OCSP_R_REQUEST_NOT_SIGNED = 128;
+  OCSP_R_RESPONSE_CONTAINS_NO_REVOCATION_DATA = 111;
+  OCSP_R_ROOT_CA_NOT_TRUSTED = 112;
+  OCSP_R_SERVER_RESPONSE_ERROR = 114;
+  OCSP_R_SERVER_RESPONSE_PARSE_ERROR = 115;
+  OCSP_R_SIGNATURE_FAILURE = 117;
+  OCSP_R_SIGNER_CERTIFICATE_NOT_FOUND = 118;
+  OCSP_R_STATUS_EXPIRED = 125;
+  OCSP_R_STATUS_NOT_YET_VALID = 126;
+  OCSP_R_STATUS_TOO_OLD = 127;
+  OCSP_R_UNKNOWN_MESSAGE_DIGEST = 119;
+  OCSP_R_UNKNOWN_NID = 120;
+  OCSP_R_UNSUPPORTED_REQUESTORNAME_TYPE = 129;
+
+  function ERR_load_OCSP_strings: TIdC_INT cdecl; external CLibCrypto;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ossl_typ.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ossl_typ.pas
new file mode 100644
index 000000000..a813e76c1
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ossl_typ.pas
@@ -0,0 +1,536 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 14:51:27
+
+unit IdOpenSSLHeaders_ossl_typ;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// ossl_typ.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+type
+{$REGION 'moved from unit "asn1" to prevent circular references'}
+  asn1_string_st = record
+    length: TIdC_INT;
+    &type: TIdC_INT;
+    data: PByte;
+    (*
+     * The value of the following field depends on the type being held.  It
+     * is mostly being used for BIT_STRING so if the input data has a
+     * non-zero 'unused bits' value, it will be handled correctly
+     *)
+    flags: TIdC_LONG;
+  end;
+{$ENDREGION}
+
+  // moved from asn1  
+  ASN1_VALUE_st = type Pointer;
+  ASN1_VALUE = ASN1_VALUE_st;
+  PASN1_VALUE = ^ASN1_VALUE;
+  PPASN1_VALUE = ^PASN1_VALUE;
+
+  // moved from e_os2
+  ossl_ssize_t = type {$IFDEF WIN64}TIdC_INT64{$ELSE}TIdC_INT{$ENDIF};
+
+  asn1_object_st = type Pointer;
+  ASN1_OBJECT = asn1_object_st;
+  PASN1_OBJECT = ^ASN1_OBJECT;
+  PPASN1_OBJECT = ^PASN1_OBJECT;
+
+  ASN1_INTEGER = type asn1_string_st;
+  PASN1_INTEGER = ^ASN1_INTEGER;
+  PPASN1_INTEGER = ^PASN1_INTEGER;
+
+  ASN1_ENUMERATED = type asn1_string_st;
+  PASN1_ENUMERATED = ^ASN1_ENUMERATED;
+
+  ASN1_BIT_STRING = type asn1_string_st;
+  PASN1_BIT_STRING = ^ASN1_BIT_STRING;
+  PPASN1_BIT_STRING = ^PASN1_BIT_STRING;
+
+  ASN1_OCTET_STRING = type asn1_string_st;
+  PASN1_OCTET_STRING = ^ASN1_OCTET_STRING;
+  PPASN1_OCTET_STRING = ^PASN1_OCTET_STRING;
+
+  ASN1_PRINTABLESTRING = type asn1_string_st;
+  PASN1_PRINTABLESTRING = ^ASN1_PRINTABLESTRING;
+
+  ASN1_T61STRING = type asn1_string_st;
+  PASN1_T61STRING = ^ASN1_T61STRING;
+
+  ASN1_IA5STRING = type asn1_string_st;
+  PASN1_IA5STRING = ^ASN1_IA5STRING;
+
+  ASN1_GENERALSTRING = type asn1_string_st;
+  PASN1_GENERALSTRING = ^ASN1_GENERALSTRING;
+
+  ASN1_UNIVERSALSTRING = type asn1_string_st;
+  PASN1_UNIVERSALSTRING = ^ASN1_UNIVERSALSTRING;
+
+  ASN1_BMPSTRING = type asn1_string_st;
+  PASN1_BMPSTRING = ^ASN1_BMPSTRING;
+
+  ASN1_UTCTIME = type asn1_string_st;
+  PASN1_UTCTIME = ^ASN1_UTCTIME;
+
+  ASN1_TIME = type asn1_string_st;
+  PASN1_TIME = ^ASN1_TIME;
+
+  ASN1_GENERALIZEDTIME = type asn1_string_st;
+  PASN1_GENERALIZEDTIME = ^ASN1_GENERALIZEDTIME;
+  PPASN1_GENERALIZEDTIME = ^PASN1_GENERALIZEDTIME;
+
+  ASN1_VISIBLESTRING = type asn1_string_st;
+  PASN1_VISIBLESTRING = ^ASN1_VISIBLESTRING;
+
+  ASN1_UTF8STRING = type asn1_string_st;
+  PASN1_UTF8STRING = ^ASN1_UTF8STRING;
+
+  ASN1_STRING = type asn1_string_st;
+  PASN1_STRING = ^ASN1_STRING;
+  PPASN1_STRING = ^PASN1_STRING;
+
+  ASN1_BOOLEAN = type TIdC_INT;
+  PASN1_BOOLEAN = ^ASN1_BOOLEAN;
+
+  ASN1_NULL = type TIdC_INT;
+  PASN1_NULL = ^ASN1_NULL;
+
+  
+  ASN1_ITEM_st = type Pointer;
+  ASN1_ITEM = ASN1_ITEM_st;
+  PASN1_ITEM = ^ASN1_ITEM;
+  
+  asn1_pctx_st = type Pointer;
+  ASN1_PCTX = asn1_pctx_st;
+  PASN1_PCTX = ^ASN1_PCTX;
+  
+  asn1_sctx_st = type Pointer;
+  ASN1_SCTX = asn1_sctx_st;
+  PASN1_SCTX = ^ASN1_SCTX;
+
+  dane_st = type Pointer;
+  bio_st = type Pointer;
+  BIO = bio_st;
+  PBIO = ^BIO;
+  PPBIO  = ^PBIO;
+  bignum_st = type Pointer;
+  BIGNUM = bignum_st;
+  PBIGNUM = ^BIGNUM;
+  PPBIGNUM  = ^PBIGNUM;
+  bignum_ctx = type Pointer;
+  BN_CTX = bignum_ctx;
+  PBN_CTX = ^BN_CTX;
+  bn_blinding_st = type Pointer;
+  BN_BLINDING = bn_blinding_st;
+  PBN_BLINDING = ^BN_BLINDING;
+  bn_mont_ctx_st = type Pointer;
+  BN_MONT_CTX = bn_mont_ctx_st;
+  PBN_MONT_CTX = ^BN_MONT_CTX;
+  bn_recp_ctx_st = type Pointer;
+  BN_RECP_CTX = bn_recp_ctx_st;
+  PBN_RECP_CTX = ^BN_RECP_CTX;
+  bn_gencb_st = type Pointer;
+  BN_GENCB = bn_gencb_st;
+  PBN_GENCB = ^BN_GENCB;
+  
+  buf_mem_st = type Pointer;
+  BUF_MEM = buf_mem_st;
+  PBUF_MEM = ^BUF_MEM;
+
+  evp_cipher_st = type Pointer;
+  EVP_CIPHER = evp_cipher_st;
+  PEVP_CIPHER = ^EVP_CIPHER;
+  PPEVP_CIPHER = ^PEVP_CIPHER;
+  evp_cipher_ctx_st = type Pointer;
+  EVP_CIPHER_CTX = evp_cipher_ctx_st;
+  PEVP_CIPHER_CTX = ^EVP_CIPHER_CTX;
+  evp_md_st = type Pointer;
+  EVP_MD = evp_md_st;
+  PEVP_MD = ^EVP_MD;
+  PPEVP_MD = ^PEVP_MD;
+  evp_md_ctx_st = type Pointer;
+  EVP_MD_CTX = evp_md_ctx_st;
+  PEVP_MD_CTX = ^EVP_MD_CTX;
+  evp_pkey_st = type Pointer;
+  EVP_PKEY = evp_pkey_st;
+  PEVP_PKEY = ^EVP_PKEY;
+  PPEVP_PKEY = ^PEVP_PKEY;
+  
+  evp_pkey_asn1_method_st = type Pointer;
+  EVP_PKEY_ASN1_METHOD = evp_pkey_asn1_method_st;
+  PEVP_PKEY_ASN1_METHOD = ^EVP_PKEY_ASN1_METHOD;
+  PPEVP_PKEY_ASN1_METHOD = ^PEVP_PKEY_ASN1_METHOD;
+  
+  evp_pkey_method_st = type Pointer;
+  EVP_PKEY_METHOD = evp_pkey_method_st;
+  PEVP_PKEY_METHOD = ^EVP_PKEY_METHOD;
+  PPEVP_PKEY_METHOD = ^PEVP_PKEY_METHOD;
+  evp_pkey_ctx_st = type Pointer;
+  EVP_PKEY_CTX = evp_pkey_ctx_st;
+  PEVP_PKEY_CTX = ^EVP_PKEY_CTX;
+  PPEVP_PKEY_CTX = ^PEVP_PKEY_CTX;
+  
+  evp_Encode_Ctx_st = type Pointer;
+  EVP_ENCODE_CTX = evp_Encode_Ctx_st;
+  PEVP_ENCODE_CTX = ^EVP_ENCODE_CTX;
+
+  hmac_ctx_st = type Pointer;
+  HMAC_CTX = hmac_ctx_st;
+  PHMAC_CTX = ^HMAC_CTX;
+  
+  dh_st = type Pointer;
+  DH = dh_st;
+  PDH = ^DH;
+  PPDH = ^PDH;
+  dh_method_st = type Pointer;
+  DH_METHOD = dh_method_st;
+  PDH_METHOD = ^DH_METHOD;
+  
+  dsa_st = type Pointer;
+  DSA = dsa_st;
+  PDSA = ^DSA;
+  PPDSA = ^PDSA;
+  dsa_method_st = type Pointer;
+  DSA_METHOD = dsa_method_st;
+  PDSA_METHOD = ^DSA_METHOD;
+  
+  rsa_st = type Pointer;
+  RSA = rsa_st;
+  PRSA = ^RSA;
+  PPRSA = ^PRSA;
+  rsa_meth_st = type Pointer;
+  RSA_METHOD = rsa_meth_st;
+  PRSA_METHOD = ^RSA_METHOD;
+
+  ec_key_st = type Pointer;
+  EC_KEY = ec_key_st;
+  PEC_KEY = ^EC_KEY;
+  PPEC_KEY = ^PEC_KEY;
+  ec_key_method_st = type Pointer;
+  EC_KEY_METHOD = ec_key_method_st;
+  PEC_KEY_METHOD = ^EC_KEY_METHOD;
+  
+  rand_meth_st = type Pointer;
+  RAND_METHOD = rand_meth_st;
+  PRAND_METHOD = ^RAND_METHOD;
+  rand_drbg_st = type Pointer;
+  RAND_DRBG = rand_drbg_st;
+  PRAND_DRBG = ^RAND_DRBG;
+  
+  ssl_dane_st = type Pointer;
+  SSL_DANE = ssl_dane_st;
+  PSSL_DANE = ^SSL_DANE;
+  x509_st = type Pointer;
+  X509 = x509_st;
+  PX509 = ^X509;
+  PPX509 = ^PX509;
+  X509_crl_st = type Pointer;
+  X509_CRL = X509_crl_st;
+  PX509_CRL = ^X509_CRL;
+  PPX509_CRL = ^PX509_CRL;
+  x509_crl_method_st = type Pointer;
+  X509_CRL_METHOD = x509_crl_method_st;
+  PX509_CRL_METHOD = ^X509_CRL_METHOD;
+  x509_revoked_st = type Pointer;
+  X509_REVOKED = x509_revoked_st;
+  PX509_REVOKED = ^X509_REVOKED;
+  X509_name_st = type Pointer;
+  X509_NAME = X509_name_st;
+  PX509_NAME = ^X509_NAME;
+  PPX509_NAME = ^PX509_NAME;
+  X509_pubkey_st = type Pointer;
+  X509_PUBKEY = X509_pubkey_st;
+  PX509_PUBKEY = ^X509_PUBKEY;
+  PPX509_PUBKEY = ^PX509_PUBKEY;
+  x509_store_st = type Pointer;
+  X509_STORE = x509_store_st;
+  PX509_STORE = ^X509_STORE;
+  x509_store_ctx_st = type Pointer;
+  X509_STORE_CTX = x509_store_ctx_st;
+  PX509_STORE_CTX = ^X509_STORE_CTX;
+  
+  x509_object_st = type Pointer;
+  X509_OBJECT = x509_object_st;
+  PX509_OBJECT = ^X509_OBJECT;
+  x509_lookup_st = type Pointer;
+  X509_LOOKUP = x509_lookup_st;
+  PX509_LOOKUP = ^X509_LOOKUP;
+  x509_lookup_method_st = type Pointer;
+  X509_LOOKUP_METHOD = x509_lookup_method_st;
+  PX509_LOOKUP_METHOD = ^X509_LOOKUP_METHOD;
+  X509_VERIFY_PARAM_st = type Pointer;
+  X509_VERIFY_PARAM = X509_VERIFY_PARAM_st;
+  PX509_VERIFY_PARAM = ^X509_VERIFY_PARAM;
+  
+  x509_sig_info_st = type Pointer;
+  X509_SIG_INFO = x509_sig_info_st;
+  PX509_SIG_INFO = ^X509_SIG_INFO;
+
+  pkcs8_priv_key_info_st = type Pointer;
+  PKCS8_PRIV_KEY_INFO = pkcs8_priv_key_info_st;
+  PPKCS8_PRIV_KEY_INFO = ^PKCS8_PRIV_KEY_INFO;
+  PPPKCS8_PRIV_KEY_INFO = ^PPKCS8_PRIV_KEY_INFO;
+
+// moved from x509 to prevent circular references
+  X509_REQ = type Pointer; // X509_req_st
+  PX509_REQ = ^X509_REQ;
+  PPX509_REQ = ^PX509_REQ;
+
+// moved from x509v3 to prevent circular references
+  (* Context specific info *)
+  v3_ext_ctx = record
+    flags: TIdC_INT;
+    issuer_cert: PX509;
+    subject_cert: PX509;
+    subject_req: PX509_REQ;
+    crl: PX509_CRL;
+    db_meth: Pointer; //PX509V3_CONF_METHOD;
+    db: Pointer;
+  (* Maybe more here *)
+  end;
+//  v3_ext_ctx = type Pointer;
+  X509V3_CTX = v3_ext_ctx;
+  PX509V3_CTX = ^X509V3_CTX;
+  conf_st = type Pointer;
+  CONF = conf_st;
+  PCONF = ^CONF;
+  ossl_init_settings_st = type Pointer;
+  OPENSSL_INIT_SETTINGS = ossl_init_settings_st;
+  POPENSSL_INIT_SETTINGS = ^OPENSSL_INIT_SETTINGS;
+
+  ui_st = type Pointer;
+  UI = ui_st;
+  PUI = ^UI;
+  ui_method_st = type Pointer;
+  UI_METHOD = ui_method_st;
+  PUI_METHOD = ^UI_METHOD;
+  
+  engine_st = type Pointer;
+  ENGINE = engine_st;
+  PENGINE = ^ENGINE;
+  PPENGINE = ^PENGINE;
+  ssl_st = type Pointer;
+  SSL = ssl_st;
+  PSSL = ^SSL;
+  ssl_ctx_st = type Pointer;
+  SSL_CTX = ssl_ctx_st;
+  PSSL_CTX = ^SSL_CTX;
+  PPSSL_CTX  = ^PSSL_CTX;
+  
+  comp_ctx_st = type Pointer;
+  COMP_CTX = comp_ctx_st;
+  PCOMP_CTX = ^COMP_CTX;
+  comp_method_st = type Pointer;
+  COMP_METHOD = comp_method_st;
+  PCOMP_METHOD = ^COMP_METHOD;
+  
+  X509_POLICY_NODE_st = type Pointer;
+  X509_POLICY_NODE = X509_POLICY_NODE_st;
+  PX509_POLICY_NODE = ^X509_POLICY_NODE;
+  X509_POLICY_LEVEL_st = type Pointer;
+  X509_POLICY_LEVEL = X509_POLICY_LEVEL_st;
+  PX509_POLICY_LEVEL = ^X509_POLICY_LEVEL;
+  X509_POLICY_TREE_st = type Pointer;
+  X509_POLICY_TREE = X509_POLICY_TREE_st;
+  PX509_POLICY_TREE = ^X509_POLICY_TREE;
+  X509_POLICY_CACHE_st = type Pointer;
+  X509_POLICY_CACHE = X509_POLICY_CACHE_st;
+  PX509_POLICY_CACHE = ^X509_POLICY_CACHE;
+  
+  AUTHORITY_KEYID_st = type Pointer;
+  AUTHORITY_KEYID = AUTHORITY_KEYID_st;
+  PAUTHORITY_KEYID = ^AUTHORITY_KEYID;
+  DIST_POINT_st = type Pointer;
+  DIST_POINT = DIST_POINT_st;
+  PDIST_POINT = ^DIST_POINT;
+  ISSUING_DIST_POINT_st = type Pointer;
+  ISSUING_DIST_POINT = ISSUING_DIST_POINT_st;
+  PISSUING_DIST_POINT = ^ISSUING_DIST_POINT;
+  NAME_CONSTRAINTS_st = type Pointer;
+  NAME_CONSTRAINTS = NAME_CONSTRAINTS_st;
+  PNAME_CONSTRAINTS = ^NAME_CONSTRAINTS;
+  
+  crypto_ex_data_st = type Pointer;
+  CRYPTO_EX_DATA = crypto_ex_data_st;
+  PCRYPTO_EX_DATA = ^CRYPTO_EX_DATA;
+  
+  ocsp_req_ctx_st = type Pointer;
+  OCSP_REQ_CTX = ocsp_req_ctx_st;
+  POCSP_REQ_CTX = ^OCSP_REQ_CTX;
+  ocsp_response_st = type Pointer;
+  OCSP_RESPONSE = ocsp_response_st;
+  POCSP_RESPONSE = ^OCSP_RESPONSE;
+  ocsp_responder_id_st = type Pointer;
+  OCSP_RESPID = ocsp_responder_id_st;
+  POCSP_RESPID = ^OCSP_RESPID;
+  
+  sct_st = type Pointer;
+  SCT = sct_st;
+  PSCT = ^SCT;
+  sct_ctx_st = type Pointer;
+  SCT_CTX = sct_ctx_st;
+  PSCT_CTX = ^SCT_CTX;
+  ctlog_st = type Pointer;
+  CTLOG = ctlog_st;
+  PCTLOG = ^CTLOG;
+  ctlog_store_st = type Pointer;
+  CTLOG_STORE = ctlog_store_st;
+  PCTLOG_STORE = ^CTLOG_STORE;
+  ct_policy_eval_ctx_st = type Pointer;
+  CT_POLICY_EVAL_CTX = ct_policy_eval_ctx_st;
+  PCT_POLICY_EVAL_CTX = ^CT_POLICY_EVAL_CTX;
+  
+  ossl_store_info_st = type Pointer;
+  OSSL_STORE_INFO = ossl_store_info_st;
+  POSSL_STORE_INFO = ^OSSL_STORE_INFO;
+  ossl_store_search_st = type Pointer;
+  OSSL_STORE_SEARCH = ossl_store_search_st;
+  POSSL_STORE_SEARCH = ^OSSL_STORE_SEARCH;
+
+{$REGION 'moved from unit "asn1" to prevent circular references'}
+const
+  V_ASN1_UNIVERSAL = $00;
+  V_ASN1_APPLICATION = $40;
+  V_ASN1_CONTEXT_SPECIFIC = $80;
+  V_ASN1_PRIVATE = $c0;
+
+  V_ASN1_CONSTRUCTED = $20;
+  V_ASN1_PRIMITIVE_TAG = $1f;
+  V_ASN1_PRIMATIVE_TAG = V_ASN1_PRIMITIVE_TAG;
+
+  V_ASN1_APP_CHOOSE = -2; (* let the recipient choose *)
+  V_ASN1_OTHER = -3;      (* used in ASN1_TYPE *)
+  V_ASN1_ANY = -4;        (* used in ASN1 template code *)
+
+  V_ASN1_UNDEF = -1;
+  V_ASN1_EOC =  0;
+  V_ASN1_BOOLEAN = 1;
+  V_ASN1_INTEGER = 2;
+  V_ASN1_BIT_STRING = 3;
+  V_ASN1_OCTET_STRING = 4;
+  V_ASN1_NULL = 5;
+  V_ASN1_OBJECT = 6;
+  V_ASN1_OBJECT_DESCRIPTOR = 7;
+  V_ASN1_EXTERNAL = 8;
+  V_ASN1_REAL = 9;
+  V_ASN1_ENUMERATED = 10;
+  V_ASN1_UTF8STRING = 12;
+  V_ASN1_SEQUENCE = 16;
+  V_ASN1_SET = 17;
+  V_ASN1_NUMERICSTRING = 18;
+  V_ASN1_PRINTABLESTRING = 19;
+  V_ASN1_T61STRING = 20;
+  V_ASN1_TELETEXSTRING = 20;
+  V_ASN1_VIDEOTEXSTRING = 21;
+  V_ASN1_IA5STRING = 22;
+  V_ASN1_UTCTIME = 23;
+  V_ASN1_GENERALIZEDTIME = 24;
+  V_ASN1_GRAPHICSTRING = 25;
+  V_ASN1_ISO64STRING = 26;
+  V_ASN1_VISIBLESTRING = 26;
+  V_ASN1_GENERALSTRING = 27;
+  V_ASN1_UNIVERSALSTRING = 28;
+  V_ASN1_BMPSTRING = 30;
+
+type
+  asn1_type_st = record
+    case &type: TIdC_INT of
+//      (ptr: PIdAnsichar);
+      V_ASN1_BOOLEAN: (boolean: ASN1_BOOLEAN);
+//      (asn1_string: PASN1_STRING);
+      V_ASN1_OBJECT: (&object: PASN1_OBJECT);
+      V_ASN1_INTEGER: (integer: PASN1_INTEGER);
+      V_ASN1_ENUMERATED: (enumerated: PASN1_ENUMERATED);
+      V_ASN1_BIT_STRING: (bit_string: PASN1_BIT_STRING);
+      V_ASN1_OCTET_STRING: (octet_string: PASN1_OCTET_STRING);
+      V_ASN1_PRINTABLESTRING: (printablestring: PASN1_PRINTABLESTRING);
+      V_ASN1_T61STRING: (t61string: PASN1_T61STRING);
+      V_ASN1_IA5STRING: (ia5string: PASN1_IA5STRING);
+      V_ASN1_GENERALSTRING: (generalstring: PASN1_GENERALSTRING);
+      V_ASN1_BMPSTRING: (bmpstring: PASN1_BMPSTRING);
+      V_ASN1_UNIVERSALSTRING: (universalstring: PASN1_UNIVERSALSTRING);
+      V_ASN1_UTCTIME: (utctime: PASN1_UTCTIME);
+      V_ASN1_GENERALIZEDTIME: (generalizedtime: PASN1_GENERALIZEDTIME);
+      V_ASN1_VISIBLESTRING: (visiblestring: PASN1_VISIBLESTRING);
+      V_ASN1_UTF8STRING: (utf8string: PASN1_UTF8STRING);
+      (*
+       * set and sequence are left complete and still contain the set or
+       * sequence bytes
+       *)
+      V_ASN1_SET: (&set: PASN1_STRING);
+      V_ASN1_SEQUENCE: (sequence: PASN1_STRING);
+//      (asn1_value: PASN1_VALUE);
+
+//      V_ASN1_UNDEF: ;
+//      V_ASN1_EOC: ;
+//      V_ASN1_NULL: ;
+//      V_ASN1_OBJECT_DESCRIPTOR: ;
+//      V_ASN1_EXTERNAL: ;
+//      V_ASN1_REAL: ;
+//      V_ASN1_NUMERICSTRING: ;
+//      V_ASN1_TELETEXSTRING: ;
+//      V_ASN1_VIDEOTEXSTRING: ;
+//      V_ASN1_GRAPHICSTRING: ;
+//      V_ASN1_ISO64STRING: ;
+  end;
+  ASN1_TYPE = asn1_type_st;
+  PASN1_TYPE = ^ASN1_TYPE;
+  PPASN1_TYPE = ^PASN1_TYPE;
+{$ENDREGION}
+
+{$REGION 'moved from unit "x509" to prevent circular references'}
+  X509_algor_st = record
+    algorithm: PASN1_OBJECT;
+    parameter: PASN1_TYPE;
+  end; (* X509_ALGOR *)
+{$ENDREGION}
+  X509_ALGOR = X509_algor_st;
+  PX509_ALGOR = ^X509_ALGOR;
+  PPX509_ALGOR = ^PX509_ALGOR;
+  
+  i2d_of_void = type Pointer;
+  Pi2d_of_void = ^i2d_of_void;
+
+  d2i_of_void = type Pointer;
+  Pd2i_of_void = ^d2i_of_void;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_pem.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_pem.pas
new file mode 100644
index 000000000..7e39d4135
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_pem.pas
@@ -0,0 +1,212 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 14:51:27
+
+unit IdOpenSSLHeaders_pem;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// pem.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts,
+  IdOpenSSLHeaders_ec,
+  IdOpenSSLHeaders_ossl_typ,
+  IdOpenSSLHeaders_pkcs7,
+  IdOpenSSLHeaders_x509;
+  
+type
+  EVP_CIPHER_INFO = type Pointer;
+  PEVP_CIPHER_INFO = ^EVP_CIPHER_INFO;
+
+const
+  PEM_BUFSIZE             = 1024;
+
+  PEM_STRING_X509_OLD     = 'X509 CERTIFICATE';
+  PEM_STRING_X509         = 'CERTIFICATE';
+  PEM_STRING_X509_TRUSTED = 'TRUSTED CERTIFICATE';
+  PEM_STRING_X509_REQ_OLD = 'NEW CERTIFICATE REQUEST';
+  PEM_STRING_X509_REQ     = 'CERTIFICATE REQUEST';
+  PEM_STRING_X509_CRL     = 'X509 CRL';
+  PEM_STRING_EVP_PKEY     = 'ANY PRIVATE KEY';
+  PEM_STRING_PUBLIC       = 'PUBLIC KEY';
+  PEM_STRING_RSA          = 'RSA PRIVATE KEY';
+  PEM_STRING_RSA_PUBLIC   = 'RSA PUBLIC KEY';
+  PEM_STRING_DSA          = 'DSA PRIVATE KEY';
+  PEM_STRING_DSA_PUBLIC   = 'DSA PUBLIC KEY';
+  PEM_STRING_PKCS7        = 'PKCS7';
+  PEM_STRING_PKCS7_SIGNED = 'PKCS #7 SIGNED DATA';
+  PEM_STRING_PKCS8        = 'ENCRYPTED PRIVATE KEY';
+  PEM_STRING_PKCS8INF     = 'PRIVATE KEY';
+  PEM_STRING_DHPARAMS     = 'DH PARAMETERS';
+  PEM_STRING_DHXPARAMS    = 'X9.42 DH PARAMETERS';
+  PEM_STRING_SSL_SESSION  = 'SSL SESSION PARAMETERS';
+  PEM_STRING_DSAPARAMS    = 'DSA PARAMETERS';
+  PEM_STRING_ECDSA_PUBLIC = 'ECDSA PUBLIC KEY';
+  PEM_STRING_ECPARAMETERS = 'EC PARAMETERS';
+  PEM_STRING_ECPRIVATEKEY = 'EC PRIVATE KEY';
+  PEM_STRING_PARAMETERS   = 'PARAMETERS';
+  PEM_STRING_CMS          = 'CMS';
+
+  PEM_TYPE_ENCRYPTED      = 10;
+  PEM_TYPE_MIC_ONLY       = 20;
+  PEM_TYPE_MIC_CLEAR      = 30;
+  PEM_TYPE_CLEAR          = 40;
+
+  PEM_FLAG_SECURE         = $1;
+  PEM_FLAG_EAY_COMPATIBLE = $2;
+  PEM_FLAG_ONLY_B64       = $4;
+
+type
+  pem_password_cb = function(buf: PIdAnsiChar; size: TIdC_INT; rwflag: TIdC_INT; userdata: Pointer): TIdC_INT; cdecl;
+
+  function PEM_get_EVP_CIPHER_INFO(header: PIdAnsiChar; cipher: PEVP_CIPHER_INFO): TIdC_INT cdecl; external CLibCrypto;
+  function PEM_do_header(cipher: PEVP_CIPHER_INFO; data: PByte; len: PIdC_LONG; callback: pem_password_cb; u: Pointer): TIdC_INT cdecl; external CLibCrypto;
+
+  function PEM_read_bio(bp: PBIO; name: PPIdAnsiChar; header: PPIdAnsiChar; data: PPByte; len: PIdC_LONG): TIdC_INT cdecl; external CLibCrypto;
+  function PEM_read_bio_ex(bp: PBIO; name: PPIdAnsiChar; header: PPIdAnsiChar; data: PPByte; len: PIdC_LONG; flags: TIdC_UINT): TIdC_INT cdecl; external CLibCrypto;
+  function PEM_bytes_read_bio_secmem(pdata: PPByte; plen: PIdC_LONG; pnm: PPIdAnsiChar; const name: PIdAnsiChar; bp: PBIO; cb: pem_password_cb; u: Pointer): TIdC_INT cdecl; external CLibCrypto;
+  function PEM_write_bio(bp: PBIO; const name: PIdAnsiChar; const hdr: PIdAnsiChar; const data: PByte; len: TIdC_LONG): TIdC_INT cdecl; external CLibCrypto;
+  function PEM_bytes_read_bio(pdata: PPByte; plen: PIdC_LONG; pnm: PPIdAnsiChar; const name: PIdAnsiChar; bp: PBIO; cb: pem_password_cb; u: Pointer): TIdC_INT cdecl; external CLibCrypto;
+  function PEM_ASN1_read_bio(d2i: d2i_of_void; const name: PIdAnsiChar; bp: PBIO; x: PPointer; cb: pem_password_cb; u: Pointer): Pointer cdecl; external CLibCrypto;
+  function PEM_ASN1_write_bio(i2d: i2d_of_void; const name: PIdAnsiChar; bp: PBIO; x: Pointer; const enc: PEVP_CIPHER; kstr: PByte; klen: TIdC_INT; cb: pem_password_cb; u: Pointer): TIdC_INT cdecl; external CLibCrypto;
+
+  //function PEM_X509_INFO_read_bio(bp: PBIO; sk: PSTACK_OF_X509_INFO; cb: pem_password_cb; u: Pointer): PSTACK_OF_X509_INFO;
+  function PEM_X509_INFO_write_bio(bp: PBIO; xi: PX509_INFO; enc: PEVP_CIPHER; kstr: PByte; klen: TIdC_INT; cd: pem_password_cb; u: Pointer): TIdC_INT cdecl; external CLibCrypto;
+
+  function PEM_SignInit(ctx: PEVP_MD_CTX; &type: PEVP_MD): TIdC_INT cdecl; external CLibCrypto;
+  function PEM_SignUpdate(ctx: PEVP_MD_CTX; d: PByte; cnt: Byte): TIdC_INT cdecl; external CLibCrypto;
+  function PEM_SignFinal(ctx: PEVP_MD_CTX; sigret: PByte; siglen: PIdC_UINT; pkey: PEVP_PKEY): TIdC_INT cdecl; external CLibCrypto;
+
+  (* The default pem_password_cb that's used internally *)
+  function PEM_def_callback(buf: PIdAnsiChar; num: TIdC_INT; rwflag: TIdC_INT; userdata: Pointer): TIdC_INT cdecl; external CLibCrypto;
+  procedure PEM_proc_type(buf: PIdAnsiChar; &type: TIdC_INT) cdecl; external CLibCrypto;
+  procedure PEM_dek_info(buf: PIdAnsiChar; const &type: PIdAnsiChar; len: TIdC_INT; str: PIdAnsiChar) cdecl; external CLibCrypto;
+
+  function PEM_read_bio_X509(bp: PBIO; x: PPX509; cb: pem_password_cb; u: Pointer): PX509 cdecl; external CLibCrypto;
+  function PEM_write_bio_X509(bp: PBIO; x: PX509): TIdC_INT cdecl; external CLibCrypto;
+
+  function PEM_read_bio_X509_AUX(bp: PBIO; x: PPX509; cb: pem_password_cb; u: Pointer): PX509 cdecl; external CLibCrypto;
+  function PEM_write_bio_X509_AUX(bp: PBIO; x: PX509): TIdC_INT cdecl; external CLibCrypto;
+
+  function PEM_read_bio_X509_REQ(bp: PBIO; x: PPX509_REQ; cb: pem_password_cb; u: Pointer): PX509_REQ cdecl; external CLibCrypto;
+  function PEM_write_bio_X509_REQ(bp: PBIO; x: PX509_REQ): TIdC_INT cdecl; external CLibCrypto;
+
+  function PEM_write_bio_X509_REQ_NEW(bp: PBIO; x: PX509_REQ): TIdC_INT cdecl; external CLibCrypto;
+
+  function PEM_read_bio_X509_CRL(bp: PBIO; x: PPX509_CRL; cb: pem_password_cb; u: Pointer): PX509_CRL cdecl; external CLibCrypto;
+  function PEM_write_bio_X509_CRL(bp: PBIO; x: PX509_CRL): TIdC_INT cdecl; external CLibCrypto;
+
+  function PEM_read_bio_PKCS7(bp: PBIO; x: PPPKCS7; cb: pem_password_cb; u: Pointer): PPKCS7 cdecl; external CLibCrypto;
+  function PEM_write_bio_PKCS7(bp: PBIO; x: PPKCS7): TIdC_INT cdecl; external CLibCrypto;
+
+//  function PEM_read_bio_NETSCAPE_CERT_SEQUENCE(bp: PBIO; x: PPNETSCAPE_CERT_SEQUENCE; cb: pem_password_cb; u: Pointer): PNETSCAPE_CERT_SEQUENCE;
+//  function PEM_write_bio_NETSCAPE_CERT_SEQUENCE(bp: PBIO; x: PNETSCAPE_CERT_SEQUENCE): TIdC_INT;
+
+  function PEM_read_bio_PKCS8(bp: PBIO; x: PPX509_SIG; cb: pem_password_cb; u: Pointer): PX509_SIG cdecl; external CLibCrypto;
+  function PEM_write_bio_PKCS8(bp: PBIO; x: PX509_SIG): TIdC_INT cdecl; external CLibCrypto;
+
+  function PEM_read_bio_PKCS8_PRIV_KEY_INFO(bp: PBIO; x: PPPKCS8_PRIV_KEY_INFO; cb: pem_password_cb; u: Pointer): PPKCS8_PRIV_KEY_INFO cdecl; external CLibCrypto;
+  function PEM_write_bio_PKCS8_PRIV_KEY_INFO(bp: PBIO; x: PPKCS8_PRIV_KEY_INFO): TIdC_INT cdecl; external CLibCrypto;
+
+  // RSA
+  function PEM_read_bio_RSAPrivateKey(bp: PBIO; x: PPRSA; cb: pem_password_cb; u: Pointer): PRSA cdecl; external CLibCrypto;
+  function PEM_write_bio_RSAPrivateKey(bp: PBIO; x: PRSA; const enc: PEVP_CIPHER; kstr: PByte; klen: TIdC_INT; cb: pem_password_cb; u: Pointer): TIdC_INT cdecl; external CLibCrypto;
+
+  function PEM_read_bio_RSAPublicKey(bp: PBIO; x: PPRSA; cb: pem_password_cb; u: Pointer): PRSA cdecl; external CLibCrypto;
+  function PEM_write_bio_RSAPublicKey(bp: PBIO; const x: PRSA): TIdC_INT cdecl; external CLibCrypto;
+
+  function PEM_read_bio_RSA_PUBKEY(bp: PBIO; x: PPRSA; cb: pem_password_cb; u: Pointer): PRSA cdecl; external CLibCrypto;
+  function PEM_write_bio_RSA_PUBKEY(bp: PBIO; x: PRSA): TIdC_INT cdecl; external CLibCrypto;
+  // ~RSA
+
+  // DSA
+  function PEM_read_bio_DSAPrivateKey(bp: PBIO; x: PPDSA; cb: pem_password_cb; u: Pointer): PDSA cdecl; external CLibCrypto;
+  function PEM_write_bio_DSAPrivateKey(bp: PBIO; x: PDSA; const enc: PEVP_CIPHER; kstr: PByte; klen: TIdC_INT; cb: pem_password_cb; u: Pointer): TIdC_INT cdecl; external CLibCrypto;
+
+  function PEM_read_bio_DSA_PUBKEY(bp: PBIO; x: PPDSA; cb: pem_password_cb; u: Pointer): PDSA cdecl; external CLibCrypto;
+  function PEM_write_bio_DSA_PUBKEY(bp: PBIO; x: PDSA): TIdC_INT cdecl; external CLibCrypto;
+
+  function PEM_read_bio_DSAparams(bp: PBIO; x: PPDSA; cb: pem_password_cb; u: Pointer): PDSA cdecl; external CLibCrypto;
+  function PEM_write_bio_DSAparams(bp: PBIO; const x: PDSA): TIdC_INT cdecl; external CLibCrypto;
+  // ~DSA
+
+  // EC
+  function PEM_read_bio_ECPKParameters(bp: PBIO; x: PPEC_GROUP; cb: pem_password_cb; u: Pointer): PEC_GROUP cdecl; external CLibCrypto;
+  function PEM_write_bio_ECPKParameters(bp: PBIO; const x: PEC_GROUP): TIdC_INT cdecl; external CLibCrypto;
+
+  function PEM_read_bio_ECPrivateKey(bp: PBIO; x: PPEC_KEY; cb: pem_password_cb; u: Pointer): PEC_KEY cdecl; external CLibCrypto;
+  function PEM_write_bio_ECPrivateKey(bp: PBIO; x: PEC_KEY; const enc: PEVP_CIPHER; kstr: PByte; klen: TIdC_INT; cb: pem_password_cb; u: Pointer): TIdC_INT cdecl; external CLibCrypto;
+
+  function PEM_read_bio_EC_PUBKEY(bp: PBIO; x: PPEC_KEY; cb: pem_password_cb; u: Pointer): PEC_KEY cdecl; external CLibCrypto;
+  function PEM_write_bio_EC_PUBKEY(bp: PBIO; x: PEC_KEY): TIdC_INT cdecl; external CLibCrypto;
+  // ~EC
+
+  // DH
+  function PEM_read_bio_DHparams(bp: PBIO; x: PPDH; cb: pem_password_cb; u: Pointer): PDH cdecl; external CLibCrypto;
+  function PEM_write_bio_DHparams(bp: PBIO; const x: PDH): TIdC_INT cdecl; external CLibCrypto;
+
+  function PEM_write_bio_DHxparams(bp: PBIO; const x: PDH): TIdC_INT cdecl; external CLibCrypto;
+  // ~DH
+
+  function PEM_read_bio_PrivateKey(bp: PBIO; x: PPEVP_PKEY; cb: pem_password_cb; u: Pointer): PEVP_PKEY cdecl; external CLibCrypto;
+  function PEM_write_bio_PrivateKey(bp: PBIO; x: PEVP_PKEY; const enc: PEVP_CIPHER; kstr: PByte; klen: TIdC_INT; cb: pem_password_cb; u: Pointer): TIdC_INT cdecl; external CLibCrypto;
+
+  function PEM_read_bio_PUBKEY(bp: PBIO; x: PPEVP_PKEY; cb: pem_password_cb; u: Pointer): PEVP_PKEY cdecl; external CLibCrypto;
+  function PEM_write_bio_PUBKEY(bp: PBIO; x: PEVP_PKEY): TIdC_INT cdecl; external CLibCrypto;
+
+  function PEM_write_bio_PrivateKey_traditional(bp: PBIO; x: PEVP_PKEY; const enc: PEVP_CIPHER; kstr: PByte; klen: TIdC_INT; cb: pem_password_cb; u: Pointer): TIdC_INT cdecl; external CLibCrypto;
+  function PEM_write_bio_PKCS8PrivateKey_nid(bp: PBIO; x: PEVP_PKEY; nid: TIdC_INT; kstr: PIdAnsiChar; klen: TIdC_INT; cb: pem_password_cb; u: Pointer): TIdC_INT cdecl; external CLibCrypto;
+  function PEM_write_bio_PKCS8PrivateKey(bp: PBIO; x: PEVP_PKEY_METHOD; const enc: PEVP_CIPHER; kstr: PIdAnsiChar; klen: TIdC_INT; cb: pem_password_cb; u: Pointer): TIdC_INT cdecl; external CLibCrypto;
+  function i2d_PKCS8PrivateKey_bio(bp: PBIO; x: PEVP_PKEY; const enc: PEVP_CIPHER_CTX; kstr: PIdAnsiChar; klen: TIdC_INT; cb: pem_password_cb; u: Pointer): TIdC_INT cdecl; external CLibCrypto;
+  function i2d_PKCS8PrivateKey_nid_bio(bp: PBIO; x: PEVP_PKEY; nid: TIdC_INT; kstr: PIdAnsiChar; klen: TIdC_INT; cb: pem_password_cb; u: Pointer): TIdC_INT cdecl; external CLibCrypto;
+  function d2i_PKCS8PrivateKey_bio(bp: PBIO; x: PPEVP_PKEY_CTX; cb: pem_password_cb; u: Pointer): PEVP_PKEY cdecl; external CLibCrypto;
+
+  function PEM_read_bio_Parameters(bp: PBIO; x: PPEVP_PKEY): PEVP_PKEY cdecl; external CLibCrypto;
+  function PEM_write_bio_Parameters(bp: PBIO; x: PEVP_PKEY): TIdC_INT cdecl; external CLibCrypto;
+
+  function b2i_PrivateKey(const &in: PPByte; length: TIdC_LONG): PEVP_PKEY cdecl; external CLibCrypto;
+  function b2i_PublicKey(const &in: PPByte; length: TIdC_LONG): PEVP_PKEY cdecl; external CLibCrypto;
+  function b2i_PrivateKey_bio(&in: PBIO): PEVP_PKEY cdecl; external CLibCrypto;
+  function b2i_PublicKey_bio(&in: PBIO): PEVP_PKEY cdecl; external CLibCrypto;
+  function i2b_PrivateKey_bio(&out: PBIO; pk: PEVP_PKEY): TIdC_INT cdecl; external CLibCrypto;
+  function i2b_PublicKey_bio(&out: PBIO; pk: PEVP_PKEY): TIdC_INT cdecl; external CLibCrypto;
+  function b2i_PVK_bio(&in: PBIO; cb: pem_password_cb; u: Pointer): PEVP_PKEY cdecl; external CLibCrypto;
+  function i2b_PVK_bio(&out: PBIO; pk: PEVP_PKEY; enclevel: TIdC_INT; cb: pem_password_cb; u: Pointer): TIdC_INT cdecl; external CLibCrypto;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_pemerr.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_pemerr.pas
new file mode 100644
index 000000000..dd0ca8fcd
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_pemerr.pas
@@ -0,0 +1,127 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 14:51:27
+
+unit IdOpenSSLHeaders_pemerr;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// pemerr.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+const
+  // PEM function codes
+  PEM_F_B2I_DSS                      = 127;
+  PEM_F_B2I_PVK_BIO                  = 128;
+  PEM_F_B2I_RSA                      = 129;
+  PEM_F_CHECK_BITLEN_DSA             = 130;
+  PEM_F_CHECK_BITLEN_RSA             = 131;
+  PEM_F_D2I_PKCS8PRIVATEKEY_BIO      = 120;
+  PEM_F_D2I_PKCS8PRIVATEKEY_FP       = 121;
+  PEM_F_DO_B2I                       = 132;
+  PEM_F_DO_B2I_BIO                   = 133;
+  PEM_F_DO_BLOB_HEADER               = 134;
+  PEM_F_DO_I2B                       = 146;
+  PEM_F_DO_PK8PKEY                   = 126;
+  PEM_F_DO_PK8PKEY_FP                = 125;
+  PEM_F_DO_PVK_BODY                  = 135;
+  PEM_F_DO_PVK_HEADER                = 136;
+  PEM_F_GET_HEADER_AND_DATA          = 143;
+  PEM_F_GET_NAME                     = 144;
+  PEM_F_I2B_PVK                      = 137;
+  PEM_F_I2B_PVK_BIO                  = 138;
+  PEM_F_LOAD_IV                      = 101;
+  PEM_F_PEM_ASN1_READ                = 102;
+  PEM_F_PEM_ASN1_READ_BIO            = 103;
+  PEM_F_PEM_ASN1_WRITE               = 104;
+  PEM_F_PEM_ASN1_WRITE_BIO           = 105;
+  PEM_F_PEM_DEF_CALLBACK             = 100;
+  PEM_F_PEM_DO_HEADER                = 106;
+  PEM_F_PEM_GET_EVP_CIPHER_INFO      = 107;
+  PEM_F_PEM_READ                     = 108;
+  PEM_F_PEM_READ_BIO                 = 109;
+  PEM_F_PEM_READ_BIO_DHPARAMS        = 141;
+  PEM_F_PEM_READ_BIO_EX              = 145;
+  PEM_F_PEM_READ_BIO_PARAMETERS      = 140;
+  PEM_F_PEM_READ_BIO_PRIVATEKEY      = 123;
+  PEM_F_PEM_READ_DHPARAMS            = 142;
+  PEM_F_PEM_READ_PRIVATEKEY          = 124;
+  PEM_F_PEM_SIGNFINAL                = 112;
+  PEM_F_PEM_WRITE                    = 113;
+  PEM_F_PEM_WRITE_BIO                = 114;
+  PEM_F_PEM_WRITE_PRIVATEKEY         = 139;
+  PEM_F_PEM_X509_INFO_READ           = 115;
+  PEM_F_PEM_X509_INFO_READ_BIO       = 116;
+  PEM_F_PEM_X509_INFO_WRITE_BIO      = 117;
+  // PEM reason codes
+  PEM_R_BAD_BASE64_DECODE            = 100;
+  PEM_R_BAD_DECRYPT                  = 101;
+  PEM_R_BAD_END_LINE                 = 102;
+  PEM_R_BAD_IV_CHARS                 = 103;
+  PEM_R_BAD_MAGIC_NUMBER             = 116;
+  PEM_R_BAD_PASSWORD_READ            = 104;
+  PEM_R_BAD_VERSION_NUMBER           = 117;
+  PEM_R_BIO_WRITE_FAILURE            = 118;
+  PEM_R_CIPHER_IS_NULL               = 127;
+  PEM_R_ERROR_CONVERTING_PRIVATE_KEY = 115;
+  PEM_R_EXPECTING_PRIVATE_KEY_BLOB   = 119;
+  PEM_R_EXPECTING_PUBLIC_KEY_BLOB    = 120;
+  PEM_R_HEADER_TOO_LONG              = 128;
+  PEM_R_INCONSISTENT_HEADER          = 121;
+  PEM_R_KEYBLOB_HEADER_PARSE_ERROR   = 122;
+  PEM_R_KEYBLOB_TOO_SHORT            = 123;
+  PEM_R_MISSING_DEK_IV               = 129;
+  PEM_R_NOT_DEK_INFO                 = 105;
+  PEM_R_NOT_ENCRYPTED                = 106;
+  PEM_R_NOT_PROC_TYPE                = 107;
+  PEM_R_NO_START_LINE                = 108;
+  PEM_R_PROBLEMS_GETTING_PASSWORD    = 109;
+  PEM_R_PVK_DATA_TOO_SHORT           = 124;
+  PEM_R_PVK_TOO_SHORT                = 125;
+  PEM_R_READ_KEY                     = 111;
+  PEM_R_SHORT_HEADER                 = 112;
+  PEM_R_UNEXPECTED_DEK_IV            = 130;
+  PEM_R_UNSUPPORTED_CIPHER           = 113;
+  PEM_R_UNSUPPORTED_ENCRYPTION       = 114;
+  PEM_R_UNSUPPORTED_KEY_COMPONENTS   = 126;
+
+  function ERR_load_PEM_strings: TIdC_INT cdecl; external CLibCrypto;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_pkcs7.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_pkcs7.pas
new file mode 100644
index 000000000..9b39010fc
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_pkcs7.pas
@@ -0,0 +1,352 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 14:51:27
+
+unit IdOpenSSLHeaders_pkcs7;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// pkcs7.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts,
+  IdOpenSSLHeaders_ossl_typ;
+
+const
+  PKCS7_S_HEADER = 0;
+  PKCS7_S_BODY   = 1;
+  PKCS7_S_TAIL   = 2;
+
+  PKCS7_OP_SET_DETACHED_SIGNATURE = 1;
+  PKCS7_OP_GET_DETACHED_SIGNATURE = 2;
+
+  (* S/MIME related flags *)
+  PKCS7_TEXT            =     $1;
+  PKCS7_NOCERTS         =     $2;
+  PKCS7_NOSIGS          =     $4;
+  PKCS7_NOCHAIN         =     $8;
+  PKCS7_NOINTERN        =    $10;
+  PKCS7_NOVERIFY        =    $20;
+  PKCS7_DETACHED        =    $40;
+  PKCS7_BINARY          =    $80;
+  PKCS7_NOATTR          =   $100;
+  PKCS7_NOSMIMECAP      =   $200;
+  PKCS7_NOOLDMIMETYPE   =   $400;
+  PKCS7_CRLFEOL         =   $800;
+  // Added '_CONST' to avoid name clashes
+  PKCS7_STREAM_CONST    =  $1000;
+  PKCS7_NOCRL           =  $2000;
+  PKCS7_PARTIAL         =  $4000;
+  PKCS7_REUSE_DIGEST    =  $8000;
+  PKCS7_NO_DUAL_CONTENT = $10000;
+
+  (* Flags: for compatibility with older code *)
+  SMIME_TEXT      = PKCS7_TEXT;
+  SMIME_NOCERTS   = PKCS7_NOCERTS;
+  SMIME_NOSIGS    = PKCS7_NOSIGS;
+  SMIME_NOCHAIN   = PKCS7_NOCHAIN;
+  SMIME_NOINTERN  = PKCS7_NOINTERN;
+  SMIME_NOVERIFY  = PKCS7_NOVERIFY;
+  SMIME_DETACHED  = PKCS7_DETACHED;
+  SMIME_BINARY    = PKCS7_BINARY;
+  SMIME_NOATTR    = PKCS7_NOATTR;
+
+  (* CRLF ASCII canonicalisation *)
+  SMIME_ASCIICRLF = $80000;
+
+type
+  PPKCS7 = ^PKCS7;
+  PPPKCS7 = ^PPKCS7;
+
+  PPKCS7_DIGEST = ^PKCS7_DIGEST;
+  PPPKCS7_DIGEST = ^PPKCS7_DIGEST;
+
+  pkcs7_issuer_and_serial_st = record
+    issue: PX509_NAME;
+    serial: PASN1_INTEGER;
+  end;
+  PKCS7_ISSUER_AND_SERIAL = pkcs7_issuer_and_serial_st;
+  PPKCS7_ISSUER_AND_SERIAL = ^PKCS7_ISSUER_AND_SERIAL;
+  PPPKCS7_ISSUER_AND_SERIAL = ^PPKCS7_ISSUER_AND_SERIAL;
+
+  pkcs7_signer_info_st = record
+    version: PASN1_INTEGER;
+    issuer_and_serial: PPKCS7_ISSUER_AND_SERIAL;
+    digest_alg: PX509_ALGOR;
+    auth_attr: Pointer; //PSTACK_OF_X509_ATTRIBUTE;
+    digest_enc_alg: PX509_ALGOR;
+    enc_digest: PASN1_OCTET_STRING;
+    unauth_attr: Pointer; //PSTACK_OF_X509_ATTRIBUTE;
+    pkey: PEVP_PKEY;
+  end;
+  PKCS7_SIGNER_INFO = pkcs7_issuer_and_serial_st;
+  PPKCS7_SIGNER_INFO = ^PKCS7_SIGNER_INFO;
+  PPPKCS7_SIGNER_INFO = ^PPKCS7_SIGNER_INFO;
+
+  pkcs7_recip_info_st = record
+    version: PASN1_INTEGER;
+    issuer_and_serial: PPKCS7_ISSUER_AND_SERIAL;
+    key_enc_algor: PX509_ALGOR;
+    enc_key: PASN1_OCTET_STRING;
+    cert: PX509;
+  end;
+  PKCS7_RECIP_INFO = pkcs7_recip_info_st;
+  PPKCS7_RECIP_INFO = ^PKCS7_RECIP_INFO;
+  PPPKCS7_RECIP_INFO = ^PPKCS7_RECIP_INFO;
+
+  pkcs7_signed_st = record
+    version: PASN1_INTEGER;
+    md_algs: Pointer; //PSTACK_OF_X509_ALGOR;
+    cert: Pointer; //PSTACK_OF_X509;
+    crl: Pointer; //PSTACK_OF_X509_CRL;
+    signer_info: Pointer; //PSTACK_OF_PKCS7_SIGNER_INFO;
+    contents: PPKCS7;
+  end;
+  PKCS7_SIGNED = pkcs7_signed_st;
+  PPKCS7_SIGNED = ^PKCS7_SIGNED;
+  PPPKCS7_SIGNED = ^PPKCS7_SIGNED;
+
+  pkcs7_enc_content_st = record
+    content_type: PASN1_OBJECT;
+    algorithm: PX509_ALGOR;
+    enc_data: PASN1_OCTET_STRING;
+    cipher: PEVP_CIPHER;
+  end;
+  PKCS7_ENC_CONTENT = pkcs7_enc_content_st;
+  PPKCS7_ENC_CONTENT = ^PKCS7_ENC_CONTENT;
+  PPPKCS7_ENC_CONTENT = ^PPKCS7_ENC_CONTENT;
+
+  pkcs7_enveloped_st = record
+    version: PASN1_INTEGER;
+    recipientinfo: Pointer; //PSTACK_OF_PKCS7_RECIP_INFO;
+    enc_data: PPKCS7_ENC_CONTENT;
+  end;
+  PKCS7_ENVELOPE = pkcs7_enveloped_st;
+  PPKCS7_ENVELOPE = ^PKCS7_ENVELOPE;
+  PPPKCS7_ENVELOPE = ^PPKCS7_ENVELOPE;
+
+  pkcs7_signedandenveloped_st = record
+    version: PASN1_INTEGER;
+    md_algs: Pointer; //PSTACK_OF_X509_ALGOR;
+    cert: Pointer; //PSTACK_OF_X509;
+    crl: Pointer; //PSTACK_OF_X509_CRL;
+    signer_info: Pointer; //PSTACK_OF_PKCS7_SIGNER_INFO;
+    enc_data: PPKCS7_ENC_CONTENT;
+    recipientinfo: Pointer; //PSTACK_OF_PKCS7_RECIP_INFO;
+  end;
+  PKCS7_SIGN_ENVELOPE = pkcs7_signedandenveloped_st;
+  PPKCS7_SIGN_ENVELOPE = ^PKCS7_SIGN_ENVELOPE;
+  PPPKCS7_SIGN_ENVELOPE = ^PPKCS7_SIGN_ENVELOPE;
+
+  pkcs7_encrypted_st = record
+    version: PASN1_INTEGER;
+    enc_data: PPKCS7_ENC_CONTENT;
+  end;
+  // Added '_STRUCT' to avoid name clashes
+  PKCS7_ENCRYPT_STRUCT = pkcs7_encrypted_st;
+  PPKCS7_ENCRYPT_STRUCT = ^PKCS7_ENCRYPT_STRUCT;
+  PPPKCS7_ENCRYPT_STRUCT = ^PPKCS7_ENCRYPT_STRUCT;
+
+  pkcs7_st_d = record
+    case Integer of
+    0: (ptr: PIdAnsiChar);
+    1: (data: PASN1_OCTET_STRING);
+    2: (sign: PPKCS7_SIGNED);
+    3: (enveloped: PPKCS7_ENVELOPE);
+    4: (signed_and_enveloped: PPKCS7_SIGN_ENVELOPE);
+    5: (digest: PPKCS7_DIGEST);
+    6: (encrypted: PPKCS7_ENCRYPT_STRUCT);
+    7: (other: PASN1_TYPE);
+  end;
+  pkcs7_st = record
+    asn1: PByte;
+    length: TIdC_LONG;
+    state: TIdC_INT;
+    detached: TIdC_INT;
+    &type: PASN1_OBJECT;
+    d: pkcs7_st_d;
+  end;
+  PKCS7 = pkcs7_st;
+
+  pkcs7_digest_st = record
+    version: PASN1_INTEGER;
+    md: PX509_ALGOR;
+    contents: PPKCS7;
+    digest: PASN1_OCTET_STRING;
+  end;
+  PKCS7_DIGEST = pkcs7_digest_st;
+
+  //function PKCS7_ISSUER_AND_SERIAL_new: PPKCS7_ISSUER_AND_SERIAL;
+  //procedure PKCS7_ISSUER_AND_SERIAL_free(a: PPKCS7_ISSUER_AND_SERIAL);
+  //function d2i_PKCS7_ISSUER_AND_SERIAL(a: PPPKCS7_ISSUER_AND_SERIAL; const &in: PByte; len: TIdC_LONG): PPKCS7_ISSUER_AND_SERIAL;
+  //function i2d_PKCS7_ISSUER_AND_SERIAL(const a: PPKCS7_ISSUER_AND_SERIAL; &out: PByte): TIdC_INT;
+  //function PKCS7_ISSUER_AND_SERIAL_it: PASN1_ITEM;
+
+  function PKCS7_ISSUER_AND_SERIAL_digest(data: PPKCS7_ISSUER_AND_SERIAL; const &type: PEVP_MD; md: PByte; len: PIdC_UINT): TIdC_INT cdecl; external CLibCrypto;
+
+  function PKCS7_dup(p7: PPKCS7): PPKCS7 cdecl; external CLibCrypto;
+  function d2i_PKCS7_bio(bp: PBIO; p7: PPPKCS7): PPKCS7 cdecl; external CLibCrypto;
+  function i2d_PKCS7_bio(bp: PBIO; p7: PPKCS7): TIdC_INT cdecl; external CLibCrypto;
+  function i2d_PKCS7_bio_stream(&out: PBIO; p7: PPKCS7; &in: PBIO; flags: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function PEM_write_bio_PKCS7_stream(&out: PBIO; p7: PPKCS7; &in: PBIO; flags: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+
+//  function PKCS7_SIGNER_INFO_new: PPKCS7_SIGNER_INFO;
+//  procedure PKCS7_SIGNER_INFO_free(a: PPKCS7_SIGNER_INFO);
+//  function d2i_PKCS7_SIGNER_INFO(a: PPPKCS7_SIGNER_INFO; const &in: PByte; len: TIdC_LONG): PPKCS7_SIGNER_INFO;
+//  function i2d_PKCS7_SIGNER_INFO(const a: PPKCS7_SIGNER_INFO; &out: PByte): TIdC_INT;
+//  function PKCS7_SIGNER_INFO_it: PASN1_ITEM;
+//
+//  function PKCS7_RECIP_INFO_new: PPKCS7_RECIP_INFO;
+//  procedure PKCS7_RECIP_INFO_free(a: PPKCS7_RECIP_INFO);
+//  function d2i_PKCS7_RECIP_INFO(a: PPPKCS7_RECIP_INFO; const &in: PByte; len: TIdC_LONG): PPKCS7_RECIP_INFO;
+//  function i2d_PKCS7_RECIP_INFO(const a: PPKCS7_RECIP_INFO; &out: PByte): TIdC_INT;
+//  function PKCS7_RECIP_INFO_it: PASN1_ITEM;
+//
+//  function PKCS7_SIGNED_new: PPKCS7_SIGNED;
+//  procedure PKCS7_SIGNED_free(a: PPKCS7_SIGNED);
+//  function d2i_PKCS7_SIGNED(a: PPPKCS7_SIGNED; const &in: PByte; len: TIdC_LONG): PPKCS7_SIGNED;
+//  function i2d_PKCS7_SIGNED(const a: PPKCS7_SIGNED; &out: PByte): TIdC_INT;
+//  function PKCS7_SIGNED_it: PASN1_ITEM;
+//
+//  function PKCS7_ENC_CONTENT_new: PPKCS7_ENC_CONTENT;
+//  procedure PKCS7_ENC_CONTENT_free(a: PPKCS7_ENC_CONTENT);
+//  function d2i_PKCS7_ENC_CONTENT(a: PPPKCS7_ENC_CONTENT; const &in: PByte; len: TIdC_LONG): PPKCS7_ENC_CONTENT;
+//  function i2d_PKCS7_ENC_CONTENT(const a: PPKCS7_ENC_CONTENT; &out: PByte): TIdC_INT;
+//  function PKCS7_ENC_CONTENT_it: PASN1_ITEM;
+//
+//  function PKCS7_ENVELOPE_new: PPKCS7_ENVELOPE;
+//  procedure PKCS7_ENVELOPE_free(a: PPKCS7_ENVELOPE);
+//  function d2i_PKCS7_ENVELOPE(a: PPPKCS7_ENVELOPE; const &in: PByte; len: TIdC_LONG): PPKCS7_ENVELOPE;
+//  function i2d_PKCS7_ENVELOPE(const a: PPKCS7_ENVELOPE; &out: PByte): TIdC_INT;
+//  function PKCS7_ENVELOPE_it: PASN1_ITEM;
+//
+//  function PKCS7_SIGN_ENVELOPE_new: PPKCS7_SIGN_ENVELOPE;
+//  procedure PKCS7_SIGN_ENVELOPE_free(a: PPKCS7_SIGN_ENVELOPE);
+//  function d2i_PKCS7_SIGN_ENVELOPE(a: PPPKCS7_SIGN_ENVELOPE; const &in: PByte; len: TIdC_LONG): PPKCS7_SIGN_ENVELOPE;
+//  function i2d_PKCS7_SIGN_ENVELOPE(const a: PPKCS7_SIGN_ENVELOPE; &out: PByte): TIdC_INT;
+//  function PKCS7_SIGN_ENVELOPE_it: PASN1_ITEM;
+//
+//  function PKCS7_DIGEST_new: PPKCS7_DIGEST;
+//  procedure PKCS7_DIGEST_free(a: PPKCS7_DIGEST);
+//  function d2i_PKCS7_DIGEST(a: PPPKCS7_DIGEST; const &in: PByte; len: TIdC_LONG): PPKCS7_DIGEST;
+//  function i2d_PKCS7_DIGEST(const a: PPKCS7_DIGEST; &out: PByte): TIdC_INT;
+//  function PKCS7_DIGEST_it: PASN1_ITEM;
+//
+//  function PKCS7_ENCRYPT_new: PPKCS7_ENCRYPT_STRUCT;
+//  procedure PKCS7_ENCRYPT_free(a: PPKCS7_ENCRYPT_STRUCT);
+//  function d2i_PKCS7_ENCRYPT(a: PPPKCS7_ENCRYPT_STRUCT; const &in: PByte; len: TIdC_LONG): PPKCS7_ENCRYPT_STRUCT;
+//  function i2d_PKCS7_ENCRYPT(const a: PPKCS7_ENCRYPT_STRUCT; &out: PByte): TIdC_INT;
+//  function PKCS7_ENCRYPT_it: PASN1_ITEM;
+//
+//  function PKCS7_new: PPKCS7;
+//  procedure PKCS7_free(a: PPKCS7);
+//  function d2i_PKCS7(a: PPPKCS7; const &in: PByte; len: TIdC_LONG): PPKCS7;
+//  function i2d_PKCS7(const a: PPKCS7; &out: PByte): TIdC_INT;
+//  function PKCS7_it: PASN1_ITEM;
+//
+//  function PKCS7_ATTR_SIGN_it: PASN1_ITEM;
+//
+//  function PKCS7_ATTR_VERIFY_it: PASN1_ITEM;
+//
+//  function i2d_PKCS7_NDEF(const a: PPKCS7; &out: PPByte): TIdC_INT;
+//  function PKCS7_print_ctx(&out: PBIO; const x: PPKCS7; indent: TIdC_INT; const pctx: PASN1_PCTX): TIdC_INT;
+
+  function PKCS7_ctrl(p7: PPKCS7; cmd: TIdC_INT; larg: TIdC_LONG; parg: PIdAnsiChar): TIdC_LONG cdecl; external CLibCrypto;
+
+  function PKCS7_set_type(p7: PPKCS7; &type: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function PKCS7_set0_type_other(p7: PPKCS7; &type: TIdC_INT; other: PASN1_TYPE): TIdC_INT cdecl; external CLibCrypto;
+  function PKCS7_set_content(p7: PPKCS7; p7_data: PPKCS7): TIdC_INT cdecl; external CLibCrypto;
+  function PKCS7_SIGNER_INFO_set(p7i: PPKCS7_SIGNER_INFO; x509: PX509; pkey: PEVP_PKEY; const dgst: PEVP_MD): TIdC_INT cdecl; external CLibCrypto;
+  function PKCS7_SIGNER_INFO_sign(si: PPKCS7_SIGNER_INFO): TIdC_INT cdecl; external CLibCrypto;
+  function PKCS7_add_signer(p7: PPKCS7; p7i: PPKCS7_SIGNER_INFO): TIdC_INT cdecl; external CLibCrypto;
+  function PKCS7_add_certificate(p7: PPKCS7; x509: PX509): TIdC_INT cdecl; external CLibCrypto;
+  function PKCS7_add_crl(p7: PPKCS7; x509: PX509_CRL): TIdC_INT cdecl; external CLibCrypto;
+  function PKCS7_content_new(p7: PPKCS7; nid: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function PKCS7_dataVerify(cert_store: PX509_STORE; ctx: PX509_STORE_CTX; bio: PBIO; p7: PPKCS7; si: PPKCS7_SIGNER_INFO): TIdC_INT cdecl; external CLibCrypto;
+  function PKCS7_signatureVerify(bio: PBIO; p7: PPKCS7; si: PPKCS7_SIGNER_INFO; x509: PX509): TIdC_INT cdecl; external CLibCrypto;
+
+  function PKCS7_dataInit(p7: PPKCS7; bio: PBIO): PBIO cdecl; external CLibCrypto;
+  function PKCS7_dataFinal(p7: PPKCS7; bio: PBIO): TIdC_INT cdecl; external CLibCrypto;
+  function PKCS7_dataDecode(p7: PPKCS7; pkey: PEVP_PKEY; in_bio: PBIO; pcert: PX509): PBIO cdecl; external CLibCrypto;
+
+  function PKCS7_add_signature(p7: PPKCS7; x509: PX509; pkey: PEVP_PKEY; const dgst: PEVP_MD): PPKCS7_SIGNER_INFO cdecl; external CLibCrypto;
+  function PKCS7_cert_from_signer_info(p7: PPKCS7; si: PPKCS7_SIGNER_INFO): PX509 cdecl; external CLibCrypto;
+  function PKCS7_set_digest(p7: PPKCS7; const md: PEVP_MD): TIdC_INT cdecl; external CLibCrypto;
+//  function PKCS7_get_signer_info(p7: PPKCS7): PSTACK_OF_PKCS7_SIGNER_INFO;
+
+  function PKCS7_add_recipient(p7: PPKCS7; x509: PX509): PPKCS7_RECIP_INFO cdecl; external CLibCrypto;
+  procedure PKCS7_SIGNER_INFO_get0_algs(si: PPKCS7_SIGNER_INFO; pk: PPEVP_PKEY; pdig: PPX509_ALGOR; psig: PPX509_ALGOR) cdecl; external CLibCrypto;
+  procedure PKCS7_RECIP_INFO_get0_alg(ri: PPKCS7_RECIP_INFO; penc: PPX509_ALGOR) cdecl; external CLibCrypto;
+  function PKCS7_add_recipient_info(p7: PPKCS7; ri: PPKCS7_RECIP_INFO): TIdC_INT cdecl; external CLibCrypto;
+  function PKCS7_RECIP_INFO_set(p7i: PPKCS7_RECIP_INFO; x509: PX509): TIdC_INT cdecl; external CLibCrypto;
+  function PKCS7_set_cipher(p7: PPKCS7; const cipher: PEVP_CIPHER): TIdC_INT cdecl; external CLibCrypto;
+  function PKCS7_stream(boundary: PPPByte; p7: PPKCS7): TIdC_INT cdecl; external CLibCrypto;
+
+  function PKCS7_get_issuer_and_serial(p7: PPKCS7; idx: TIdC_INT): PPKCS7_ISSUER_AND_SERIAL cdecl; external CLibCrypto;
+  //function PKCS7_digest_from_attributes(sk: Pointer{PSTACK_OF_X509_ATTRIBUTE}): PASN1_OCTET_STRING;
+  function PKCS7_add_signed_attribute(p7si: PPKCS7_SIGNER_INFO; nid: TIdC_INT; &type: TIdC_INT; data: Pointer): TIdC_INT cdecl; external CLibCrypto;
+  function PKCS7_add_attribute(p7si: PPKCS7_SIGNER_INFO; nid: TIdC_INT; atrtype: TIdC_INT; value: Pointer): TIdC_INT cdecl; external CLibCrypto;
+  function PKCS7_get_attribute(si: PPKCS7_SIGNER_INFO; nid: TIdC_INT): PASN1_TYPE cdecl; external CLibCrypto;
+  function PKCS7_get_signed_attribute(si: PPKCS7_SIGNER_INFO; nid: TIdC_INT): PASN1_TYPE cdecl; external CLibCrypto;
+  //function PKCS7_set_signed_attributes(p7si: PPKCS7_SIGNER_INFO; sk: PSTACK_OF_X509): TIdC_INT;
+  //function PKCS7_set_attributes(p7si: PPKCS7_SIGNER_INFO; sk: PSTACK_OF_X509_ATTRIBUTE): TIdC_INT;
+
+  //function PKCS7_sign(signcert: PX509; pkey: PEVP_PKEY; certs: PSTACK_OF_X509; data: PBIO; flags: TIdC_INT): PPKCS7;
+
+  function PKCS7_sign_add_signer(p7: PPKCS7; signcert: PX509; pkey: PEVP_PKEY; const md: PEVP_MD; flags: TIdC_INT): PPKCS7_SIGNER_INFO cdecl; external CLibCrypto;
+
+  function PKCS7_final(p7: PPKCS7; data: PBIO; flags: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  //function PKCS7_verify(p7: PPKCS7; certs: PSTACK_OF_X509; store: PX509_STORE; indata: PBIO; &out: PBIO; flags: TIdC_INT): TIdC_INT;
+  //function PKCS7_get0_signers(p7: PPKCS7; certs: PSTACK_OF_X509; flags: TIdC_INT): PSTACK_OF_X509;
+  //function PKCS7_encrypt(certs: PSTACK_OF_X509; &in: PBIO; const cipher: PEVP_CIPHER; flags: TIdC_INT): PPKCS7;
+  function PKCS7_decrypt(p7: PPKCS7; pkey: PEVP_PKEY; cert: PX509; data: PBIO; flags: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+
+  //function PKCS7_add_attrib_smimecap(si: PPKCS7_SIGNER_INFO; cap: PSTACK_OF_X509_ALGOR): TIdC_INT;
+  //function PKCS7_get_smimecap(si: PPKCS7_SIGNER_INFO): PSTACK_OF_X509_ALGOR;
+  //function PKCS7_simple_smimecap(sk: PSTACK_OF_X509_ALGOR; nid: TIdC_INT; arg: TIdC_INT): TIdC_INT;
+
+  function PKCS7_add_attrib_content_type(si: PPKCS7_SIGNER_INFO; coid: PASN1_OBJECT): TIdC_INT cdecl; external CLibCrypto;
+  function PKCS7_add0_attrib_signing_time(si: PPKCS7_SIGNER_INFO; t: PASN1_TIME): TIdC_INT cdecl; external CLibCrypto;
+  function PKCS7_add1_attrib_digest(si: PPKCS7_SIGNER_INFO; const md: PByte; mdlen: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+
+  function SMIME_write_PKCS7(bio: PBIO; p7: PPKCS7; data: PBIO; flags: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function SMIME_read_PKCS7(bio: PBIO; bcont: PPBIO): PPKCS7 cdecl; external CLibCrypto;
+
+  function BIO_new_PKCS7(&out: PBIO; p7: PPKCS7): PBIO cdecl; external CLibCrypto;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_pkcs7err.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_pkcs7err.pas
new file mode 100644
index 000000000..080f4ee1c
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_pkcs7err.pas
@@ -0,0 +1,132 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 14:51:27
+
+unit IdOpenSSLHeaders_pkcs7err;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// pkcs7err.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+const
+  (*
+   * PKCS7 function codes.
+   *)
+  PKCS7_F_DO_PKCS7_SIGNED_ATTRIB                     = 136;
+  PKCS7_F_PKCS7_ADD0_ATTRIB_SIGNING_TIME             = 135;
+  PKCS7_F_PKCS7_ADD_ATTRIB_SMIMECAP                  = 118;
+  PKCS7_F_PKCS7_ADD_CERTIFICATE                      = 100;
+  PKCS7_F_PKCS7_ADD_CRL                              = 101;
+  PKCS7_F_PKCS7_ADD_RECIPIENT_INFO                   = 102;
+  PKCS7_F_PKCS7_ADD_SIGNATURE                        = 131;
+  PKCS7_F_PKCS7_ADD_SIGNER                           = 103;
+  PKCS7_F_PKCS7_BIO_ADD_DIGEST                       = 125;
+  PKCS7_F_PKCS7_COPY_EXISTING_DIGEST                 = 138;
+  PKCS7_F_PKCS7_CTRL                                 = 104;
+  PKCS7_F_PKCS7_DATADECODE                           = 112;
+  PKCS7_F_PKCS7_DATAFINAL                            = 128;
+  PKCS7_F_PKCS7_DATAINIT                             = 105;
+  PKCS7_F_PKCS7_DATAVERIFY                           = 107;
+  PKCS7_F_PKCS7_DECRYPT                              = 114;
+  PKCS7_F_PKCS7_DECRYPT_RINFO                        = 133;
+  PKCS7_F_PKCS7_ENCODE_RINFO                         = 132;
+  PKCS7_F_PKCS7_ENCRYPT                              = 115;
+  PKCS7_F_PKCS7_FINAL                                = 134;
+  PKCS7_F_PKCS7_FIND_DIGEST                          = 127;
+  PKCS7_F_PKCS7_GET0_SIGNERS                         = 124;
+  PKCS7_F_PKCS7_RECIP_INFO_SET                       = 130;
+  PKCS7_F_PKCS7_SET_CIPHER                           = 108;
+  PKCS7_F_PKCS7_SET_CONTENT                          = 109;
+  PKCS7_F_PKCS7_SET_DIGEST                           = 126;
+  PKCS7_F_PKCS7_SET_TYPE                             = 110;
+  PKCS7_F_PKCS7_SIGN                                 = 116;
+  PKCS7_F_PKCS7_SIGNATUREVERIFY                      = 113;
+  PKCS7_F_PKCS7_SIGNER_INFO_SET                      = 129;
+  PKCS7_F_PKCS7_SIGNER_INFO_SIGN                     = 139;
+  PKCS7_F_PKCS7_SIGN_ADD_SIGNER                      = 137;
+  PKCS7_F_PKCS7_SIMPLE_SMIMECAP                      = 119;
+  PKCS7_F_PKCS7_VERIFY                               = 117;
+
+  (*
+   * PKCS7 reason codes.
+   *)
+  PKCS7_R_CERTIFICATE_VERIFY_ERROR                   = 117;
+  PKCS7_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER            = 144;
+  PKCS7_R_CIPHER_NOT_INITIALIZED                     = 116;
+  PKCS7_R_CONTENT_AND_DATA_PRESENT                   = 118;
+  PKCS7_R_CTRL_ERROR                                 = 152;
+  PKCS7_R_DECRYPT_ERROR                              = 119;
+  PKCS7_R_DIGEST_FAILURE                             = 101;
+  PKCS7_R_ENCRYPTION_CTRL_FAILURE                    = 149;
+  PKCS7_R_ENCRYPTION_NOT_SUPPORTED_FOR_THIS_KEY_TYPE = 150;
+  PKCS7_R_ERROR_ADDING_RECIPIENT                     = 120;
+  PKCS7_R_ERROR_SETTING_CIPHER                       = 121;
+  PKCS7_R_INVALID_NULL_POINTER                       = 143;
+  PKCS7_R_INVALID_SIGNED_DATA_TYPE                   = 155;
+  PKCS7_R_NO_CONTENT                                 = 122;
+  PKCS7_R_NO_DEFAULT_DIGEST                          = 151;
+  PKCS7_R_NO_MATCHING_DIGEST_TYPE_FOUND              = 154;
+  PKCS7_R_NO_RECIPIENT_MATCHES_CERTIFICATE           = 115;
+  PKCS7_R_NO_SIGNATURES_ON_DATA                      = 123;
+  PKCS7_R_NO_SIGNERS                                 = 142;
+  PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE       = 104;
+  PKCS7_R_PKCS7_ADD_SIGNATURE_ERROR                  = 124;
+  PKCS7_R_PKCS7_ADD_SIGNER_ERROR                     = 153;
+  PKCS7_R_PKCS7_DATASIGN                             = 145;
+  PKCS7_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE     = 127;
+  PKCS7_R_SIGNATURE_FAILURE                          = 105;
+  PKCS7_R_SIGNER_CERTIFICATE_NOT_FOUND               = 128;
+  PKCS7_R_SIGNING_CTRL_FAILURE                       = 147;
+  PKCS7_R_SIGNING_NOT_SUPPORTED_FOR_THIS_KEY_TYPE    = 148;
+  PKCS7_R_SMIME_TEXT_ERROR                           = 129;
+  PKCS7_R_UNABLE_TO_FIND_CERTIFICATE                 = 106;
+  PKCS7_R_UNABLE_TO_FIND_MEM_BIO                     = 107;
+  PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST              = 108;
+  PKCS7_R_UNKNOWN_DIGEST_TYPE                        = 109;
+  PKCS7_R_UNKNOWN_OPERATION                          = 110;
+  PKCS7_R_UNSUPPORTED_CIPHER_TYPE                    = 111;
+  PKCS7_R_UNSUPPORTED_CONTENT_TYPE                   = 112;
+  PKCS7_R_WRONG_CONTENT_TYPE                         = 113;
+  PKCS7_R_WRONG_PKCS7_TYPE                           = 114;
+
+  function ERR_load_PKCS7_strings: TIdC_INT cdecl; external CLibCrypto;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_rand.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_rand.pas
new file mode 100644
index 000000000..26861d84d
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_rand.pas
@@ -0,0 +1,90 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 14:51:27
+
+unit IdOpenSSLHeaders_rand;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// rand.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts,
+  IdOpenSSLHeaders_ossl_typ;
+
+type
+  rand_meth_st_seed = function (const buf: Pointer; num: TIdC_INT): TIdC_INT; cdecl;
+  rand_meth_st_bytes = function (buf: PByte; num: TIdC_INT): TIdC_INT; cdecl;
+  rand_meth_st_cleanup = procedure; cdecl;
+  rand_meth_st_add = function (const buf: Pointer; num: TIdC_INT; randomness: TIdC_DOUBLE): TIdC_INT; cdecl;
+  rand_meth_st_pseudorand = function (buf: PByte; num: TIdC_INT): TIdC_INT; cdecl;
+  rand_meth_st_status = function: TIdC_INT; cdecl;
+
+  rand_meth_st = class
+    seed: rand_meth_st_seed;
+    bytes: rand_meth_st_bytes;
+    cleanup: rand_meth_st_cleanup;
+    add: rand_meth_st_add;
+    pseudorand: rand_meth_st_pseudorand;
+    status: rand_meth_st_status;
+  end;
+
+  function RAND_set_rand_method(const meth: PRAND_METHOD): TIdC_INT cdecl; external CLibCrypto;
+  function RAND_get_rand_method: PRAND_METHOD cdecl; external CLibCrypto;
+  function RAND_set_rand_engine(engine: PENGINE): TIdC_INT cdecl; external CLibCrypto;
+
+  function RAND_OpenSSL: PRAND_METHOD cdecl; external CLibCrypto;
+
+  function RAND_bytes(buf: PByte; num: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function RAND_priv_bytes(buf: PByte; num: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+
+  procedure RAND_seed(const buf: Pointer; num: TIdC_INT) cdecl; external CLibCrypto;
+  procedure RAND_keep_random_devices_open(keep: TIdC_INT) cdecl; external CLibCrypto;
+
+  procedure RAND_add(const buf: Pointer; num: TIdC_INT; randomness: TIdC_DOUBLE) cdecl; external CLibCrypto;
+  function RAND_load_file(const &file: PIdAnsiChar; max_bytes: TIdC_LONG): TIdC_INT cdecl; external CLibCrypto;
+  function RAND_write_file(const &file: PIdAnsiChar): TIdC_INT cdecl; external CLibCrypto;
+  function RAND_status: TIdC_INT cdecl; external CLibCrypto;
+
+  function RAND_query_egd_bytes(const path: PIdAnsiChar; buf: PByte; bytes: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function RAND_egd(const path: PIdAnsiChar): TIdC_INT cdecl; external CLibCrypto;
+  function RAND_egd_bytes(const path: PIdAnsiChar; bytes: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+
+  function RAND_poll: TIdC_INT cdecl; external CLibCrypto;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_randerr.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_randerr.pas
new file mode 100644
index 000000000..9a17c4cc9
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_randerr.pas
@@ -0,0 +1,123 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 14:51:27
+
+unit IdOpenSSLHeaders_randerr;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// randerr.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+const
+  (*
+   * RAND function codes.
+   *)
+  RAND_F_DRBG_BYTES = 101;
+  RAND_F_DRBG_GET_ENTROPY = 105;
+  RAND_F_DRBG_SETUP = 117;
+  RAND_F_GET_ENTROPY = 106;
+  RAND_F_RAND_BYTES = 100;
+  RAND_F_RAND_DRBG_ENABLE_LOCKING = 119;
+  RAND_F_RAND_DRBG_GENERATE = 107;
+  RAND_F_RAND_DRBG_GET_ENTROPY = 120;
+  RAND_F_RAND_DRBG_GET_NONCE = 123;
+  RAND_F_RAND_DRBG_INSTANTIATE = 108;
+  RAND_F_RAND_DRBG_NEW = 109;
+  RAND_F_RAND_DRBG_RESEED = 110;
+  RAND_F_RAND_DRBG_RESTART = 102;
+  RAND_F_RAND_DRBG_SET = 104;
+  RAND_F_RAND_DRBG_SET_DEFAULTS = 121;
+  RAND_F_RAND_DRBG_UNINSTANTIATE = 118;
+  RAND_F_RAND_LOAD_FILE = 111;
+  RAND_F_RAND_POOL_ACQUIRE_ENTROPY = 122;
+  RAND_F_RAND_POOL_ADD = 103;
+  RAND_F_RAND_POOL_ADD_BEGIN = 113;
+  RAND_F_RAND_POOL_ADD_END = 114;
+  RAND_F_RAND_POOL_ATTACH = 124;
+  RAND_F_RAND_POOL_BYTES_NEEDED = 115;
+  RAND_F_RAND_POOL_GROW = 125;
+  RAND_F_RAND_POOL_NEW = 116;
+  RAND_F_RAND_WRITE_FILE = 112;
+
+  (*
+   * RAND reason codes.
+   *)
+  RAND_R_ADDITIONAL_INPUT_TOO_LONG = 102;
+  RAND_R_ALREADY_INSTANTIATED = 103;
+  RAND_R_ARGUMENT_OUT_OF_RANGE = 105;
+  RAND_R_CANNOT_OPEN_FILE = 121;
+  RAND_R_DRBG_ALREADY_INITIALIZED = 129;
+  RAND_R_DRBG_NOT_INITIALISED = 104;
+  RAND_R_ENTROPY_INPUT_TOO_LONG = 106;
+  RAND_R_ENTROPY_OUT_OF_RANGE = 124;
+  RAND_R_ERROR_ENTROPY_POOL_WAS_IGNORED = 127;
+  RAND_R_ERROR_INITIALISING_DRBG = 107;
+  RAND_R_ERROR_INSTANTIATING_DRBG = 108;
+  RAND_R_ERROR_RETRIEVING_ADDITIONAL_INPUT = 109;
+  RAND_R_ERROR_RETRIEVING_ENTROPY = 110;
+  RAND_R_ERROR_RETRIEVING_NONCE = 111;
+  RAND_R_FAILED_TO_CREATE_LOCK = 126;
+  RAND_R_FUNC_NOT_IMPLEMENTED = 101;
+  RAND_R_FWRITE_ERROR = 123;
+  RAND_R_GENERATE_ERROR = 112;
+  RAND_R_INTERNAL_ERROR = 113;
+  RAND_R_IN_ERROR_STATE = 114;
+  RAND_R_NOT_A_REGULAR_FILE = 122;
+  RAND_R_NOT_INSTANTIATED = 115;
+  RAND_R_NO_DRBG_IMPLEMENTATION_SELECTED = 128;
+  RAND_R_PARENT_LOCKING_NOT_ENABLED = 130;
+  RAND_R_PARENT_STRENGTH_TOO_WEAK = 131;
+  RAND_R_PERSONALISATION_STRING_TOO_LONG = 116;
+  RAND_R_PREDICTION_RESISTANCE_NOT_SUPPORTED = 133;
+  RAND_R_PRNG_NOT_SEEDED = 100;
+  RAND_R_RANDOM_POOL_OVERFLOW = 125;
+  RAND_R_RANDOM_POOL_UNDERFLOW = 134;
+  RAND_R_REQUEST_TOO_LARGE_FOR_DRBG = 117;
+  RAND_R_RESEED_ERROR = 118;
+  RAND_R_SELFTEST_FAILURE = 119;
+  RAND_R_TOO_LITTLE_NONCE_REQUESTED = 135;
+  RAND_R_TOO_MUCH_NONCE_REQUESTED = 136;
+  RAND_R_UNSUPPORTED_DRBG_FLAGS = 132;
+  RAND_R_UNSUPPORTED_DRBG_TYPE = 120;
+
+  function ERR_load_RAND_strings: TIdC_INT cdecl; external CLibCrypto;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_rsa.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_rsa.pas
new file mode 100644
index 000000000..2e7165662
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_rsa.pas
@@ -0,0 +1,442 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 14:51:27
+
+unit IdOpenSSLHeaders_rsa;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// rsa.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts,
+  IdOpenSSLHeaders_ossl_typ,
+  IdOpenSSLHeaders_evp;
+
+(* The types RSA and RSA_METHOD are defined in ossl_typ.h *)
+
+const
+  OPENSSL_RSA_MAX_MODULUS_BITS =  16384;
+  OPENSSL_RSA_FIPS_MIN_MODULUS_BITS = 1024;
+  OPENSSL_RSA_SMALL_MODULUS_BITS = 3072;
+  (* exponent limit enforced for "large" modulus only *)
+  OPENSSL_RSA_MAX_PUBEXP_BITS =  64;
+
+  RSA_3 =  TIdC_Long($3);
+  RSA_F4 = TIdC_Long($10001);
+
+  (* based on RFC 8017 appendix A.1.2 *)
+  RSA_ASN1_VERSION_DEFAULT = 0;
+  RSA_ASN1_VERSION_MULTI =   1;
+  RSA_DEFAULT_PRIME_NUM =    2;
+
+  RSA_METHOD_FLAG_NO_CHECK = $0001; (* don't check pub/private match *)
+  RSA_FLAG_CACHE_PUBLIC =    $0002;
+  RSA_FLAG_CACHE_PRIVATE =   $0004;
+  RSA_FLAG_BLINDING =        $0008;
+  RSA_FLAG_THREAD_SAFE =     $0010;
+  (*
+   * This flag means the private key operations will be handled by rsa_mod_exp
+   * and that they do not depend on the private key components being present:
+   * for example a key stored in external hardware. Without this flag
+   * bn_mod_exp gets called when private key components are absent.
+   *)
+  RSA_FLAG_EXT_PKEY =        $0020;
+  (*
+   * new with 0.9.6j and 0.9.7b; the built-in
+   * RSA implementation now uses blinding by
+   * default (ignoring RSA_FLAG_BLINDING),
+   * but other engines might not need it
+   *)
+  RSA_FLAG_NO_BLINDING =     $0080;
+  (*
+   * Does nothing. Previously this switched off constant time behaviour.
+   *)
+  RSA_FLAG_NO_CONSTTIME =    $0000;
+
+  (* Salt length matches digest *)
+  RSA_PSS_SALTLEN_DIGEST = -1;
+  (* Verify only: auto detect salt length *)
+  RSA_PSS_SALTLEN_AUTO = -2;
+  (* Set salt length to maximum possible *)
+  RSA_PSS_SALTLEN_MAX = -3;
+  (* Old compatible max salt length for sign only *)
+  RSA_PSS_SALTLEN_MAX_SIGN = -2;
+
+  EVP_PKEY_CTRL_RSA_PADDING = EVP_PKEY_ALG_CTRL + 1;
+  EVP_PKEY_CTRL_RSA_PSS_SALTLEN = EVP_PKEY_ALG_CTRL + 2;
+
+  EVP_PKEY_CTRL_RSA_KEYGEN_BITS = EVP_PKEY_ALG_CTRL + 3;
+  EVP_PKEY_CTRL_RSA_KEYGEN_PUBEXP = EVP_PKEY_ALG_CTRL + 4;
+  EVP_PKEY_CTRL_RSA_MGF1_MD = EVP_PKEY_ALG_CTRL + 5;
+
+  EVP_PKEY_CTRL_GET_RSA_PADDING =  EVP_PKEY_ALG_CTRL + 6;
+  EVP_PKEY_CTRL_GET_RSA_PSS_SALTLEN = EVP_PKEY_ALG_CTRL + 7;
+  EVP_PKEY_CTRL_GET_RSA_MGF1_MD =  EVP_PKEY_ALG_CTRL + 8;
+
+  EVP_PKEY_CTRL_RSA_OAEP_MD = EVP_PKEY_ALG_CTRL + 9;
+  EVP_PKEY_CTRL_RSA_OAEP_LABEL = EVP_PKEY_ALG_CTRL + 10;
+
+  EVP_PKEY_CTRL_GET_RSA_OAEP_MD = EVP_PKEY_ALG_CTRL + 11;
+  EVP_PKEY_CTRL_GET_RSA_OAEP_LABEL = EVP_PKEY_ALG_CTRL + 12;
+
+  EVP_PKEY_CTRL_RSA_KEYGEN_PRIMES = EVP_PKEY_ALG_CTRL + 13;
+
+  RSA_PKCS1_PADDING =   1;
+  RSA_SSLV23_PADDING =  2;
+  RSA_NO_PADDING =   3;
+  RSA_PKCS1_OAEP_PADDING = 4;
+  RSA_X931_PADDING =   5;
+  RSA_PKCS1_PSS_PADDING =  6; (* EVP_PKEY_ only *)
+  RSA_PKCS1_PADDING_SIZE = 11;
+
+  (*
+   * If this flag is set the RSA method is FIPS compliant and can be used in
+   * FIPS mode. This is set in the validated module method. If an application
+   * sets this flag in its own methods it is its responsibility to ensure the
+   * result is compliant.
+   *)
+  RSA_FLAG_FIPS_METHOD = $0400;
+  (*
+   * If this flag is set the operations normally disabled in FIPS mode are
+   * permitted it is then the applications responsibility to ensure that the
+   * usage is compliant.
+   *)
+  RSA_FLAG_NON_FIPS_ALLOW = $0400;
+  (*
+   * Application has decided PRNG is good enough to generate a key: don't
+   * check.
+   *)
+  RSA_FLAG_CHECKED = $0800;
+
+type
+  rsa_pss_params_st = record
+    hashAlgorithm: PX509_ALGOR;
+    maskGenAlgorithm: PX509_ALGOR;
+    saltLength: PASN1_INTEGER;
+    trailerField: PASN1_INTEGER;
+    (* Decoded hash algorithm from maskGenAlgorithm *)
+    maskHash: PX509_ALGOR;
+  end;
+  RSA_PSS_PARAMS = rsa_pss_params_st;
+  // DECLARE_ASN1_FUNCTIONS(RSA_PSS_PARAMS)
+
+  rsa_oaep_params_st = record
+    hashFunc: PX509_ALGOR;
+    maskGenFunc: PX509_ALGOR;
+    pSourceFunc: PX509_ALGOR;
+    (* Decoded hash algorithm from maskGenFunc *)
+    maskHash: PX509_ALGOR;
+  end;
+  RSA_OAEP_PARAMS = rsa_oaep_params_st;
+  //DECLARE_ASN1_FUNCTIONS(RSA_OAEP_PARAMS)
+
+  //DECLARE_ASN1_ENCODE_FUNCTIONS_const(RSA, RSAPublicKey)
+  //DECLARE_ASN1_ENCODE_FUNCTIONS_const(RSA, RSAPrivateKey)
+
+  RSA_meth_set_priv_dec_priv_dec = function(flen: TIdC_INT; const from: PByte;
+    &to: PByte; rsa: PRSA; padding: TIdC_INT): TIdC_INT; cdecl;
+
+  RSA_meth_set_mod_exp_mod_exp = function(r0: PBIGNUM; const i: PBIGNUM;
+    rsa: PRSA; ctx: PBN_CTX): TIdC_INT; cdecl;
+
+  RSA_meth_set_bn_mod_exp_bn_mod_exp = function(r: PBIGNUM; const a: PBIGNUM;
+    const p: PBIGNUM; const m: PBIGNUM; ctx: PBN_CTx; m_ctx: PBN_MONT_CTx): TIdC_INT; cdecl;
+
+  RSA_meth_set_init_init = function(rsa: PRSA): TIdC_INT; cdecl;
+
+  RSA_meth_set_finish_finish = function(rsa: PRSA): TIdC_INT; cdecl;
+
+  RSA_meth_set_sign_sign = function(&type: TIdC_INT; const m: PByte;
+    m_length: TIdC_UINT; sigret: PByte; siglen: PIdC_UINT; const rsa: PRSA): TIdC_INT; cdecl;
+
+  RSA_meth_set_verify_verify = function(dtype: TIdC_INT; const m: PByte;
+    m_length: TIdC_UINT; const sigbuf: PByte; siglen: TIdC_UINT; const rsa: PRSA): TIdC_INT; cdecl;
+
+  RSA_meth_set_keygen_keygen = function(rsa: PRSA; bits: TIdC_INT; e: PBIGNUM; cb: PBN_GENCb): TIdC_INT; cdecl;
+
+  RSA_meth_set_multi_prime_keygen_keygen = function(rsa: PRSA; bits: TIdC_INT;
+    primes: TIdC_INT; e: PBIGNUM; cb: PBN_GENCb): TIdC_INT; cdecl;
+
+//# define EVP_PKEY_CTX_set_rsa_padding(ctx, pad) \
+//        RSA_pkey_ctx_ctrl(ctx, -1, EVP_PKEY_CTRL_RSA_PADDING, pad, NULL)
+//
+//# define EVP_PKEY_CTX_get_rsa_padding(ctx, ppad) \
+//        RSA_pkey_ctx_ctrl(ctx, -1, EVP_PKEY_CTRL_GET_RSA_PADDING, 0, ppad)
+//
+//# define EVP_PKEY_CTX_set_rsa_pss_saltlen(ctx, len) \
+//        RSA_pkey_ctx_ctrl(ctx, (EVP_PKEY_OP_SIGN|EVP_PKEY_OP_VERIFY), \
+//                          EVP_PKEY_CTRL_RSA_PSS_SALTLEN, len, NULL)
+
+//# define EVP_PKEY_CTX_set_rsa_pss_keygen_saltlen(ctx, len) \
+//        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA_PSS, EVP_PKEY_OP_KEYGEN, \
+//                          EVP_PKEY_CTRL_RSA_PSS_SALTLEN, len, NULL)
+//
+//# define EVP_PKEY_CTX_get_rsa_pss_saltlen(ctx, plen) \
+//        RSA_pkey_ctx_ctrl(ctx, (EVP_PKEY_OP_SIGN|EVP_PKEY_OP_VERIFY), \
+//                          EVP_PKEY_CTRL_GET_RSA_PSS_SALTLEN, 0, plen)
+//
+//# define EVP_PKEY_CTX_set_rsa_keygen_bits(ctx, bits) \
+//        RSA_pkey_ctx_ctrl(ctx, EVP_PKEY_OP_KEYGEN, \
+//                          EVP_PKEY_CTRL_RSA_KEYGEN_BITS, bits, NULL)
+//
+//# define EVP_PKEY_CTX_set_rsa_keygen_pubexp(ctx, pubexp) \
+//        RSA_pkey_ctx_ctrl(ctx, EVP_PKEY_OP_KEYGEN, \
+//                          EVP_PKEY_CTRL_RSA_KEYGEN_PUBEXP, 0, pubexp)
+//
+//# define EVP_PKEY_CTX_set_rsa_keygen_primes(ctx, primes) \
+//        RSA_pkey_ctx_ctrl(ctx, EVP_PKEY_OP_KEYGEN, \
+//                          EVP_PKEY_CTRL_RSA_KEYGEN_PRIMES, primes, NULL)
+//
+//# define  EVP_PKEY_CTX_set_rsa_mgf1_md(ctx, md) \
+//        RSA_pkey_ctx_ctrl(ctx, EVP_PKEY_OP_TYPE_SIG | EVP_PKEY_OP_TYPE_CRYPT, \
+//                          EVP_PKEY_CTRL_RSA_MGF1_MD, 0, (void *)(md))
+//
+//# define  EVP_PKEY_CTX_set_rsa_pss_keygen_mgf1_md(ctx, md) \
+//        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA_PSS, EVP_PKEY_OP_KEYGEN, \
+//                          EVP_PKEY_CTRL_RSA_MGF1_MD, 0, (void *)(md))
+//
+//# define  EVP_PKEY_CTX_set_rsa_oaep_md(ctx, md) \
+//        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_TYPE_CRYPT,  \
+//                          EVP_PKEY_CTRL_RSA_OAEP_MD, 0, (void *)(md))
+//
+//# define  EVP_PKEY_CTX_get_rsa_mgf1_md(ctx, pmd) \
+//        RSA_pkey_ctx_ctrl(ctx, EVP_PKEY_OP_TYPE_SIG | EVP_PKEY_OP_TYPE_CRYPT, \
+//                          EVP_PKEY_CTRL_GET_RSA_MGF1_MD, 0, (void *)(pmd))
+//
+//# define  EVP_PKEY_CTX_get_rsa_oaep_md(ctx, pmd) \
+//        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_TYPE_CRYPT,  \
+//                          EVP_PKEY_CTRL_GET_RSA_OAEP_MD, 0, (void *)(pmd))
+//
+//# define  EVP_PKEY_CTX_set0_rsa_oaep_label(ctx, l, llen) \
+//        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_TYPE_CRYPT,  \
+//                          EVP_PKEY_CTRL_RSA_OAEP_LABEL, llen, (void *)(l))
+//
+//# define  EVP_PKEY_CTX_get0_rsa_oaep_label(ctx, l) \
+//        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_TYPE_CRYPT,  \
+//                          EVP_PKEY_CTRL_GET_RSA_OAEP_LABEL, 0, (void *)(l))
+//
+//# define  EVP_PKEY_CTX_set_rsa_pss_keygen_md(ctx, md) \
+//        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA_PSS,  \
+//                          EVP_PKEY_OP_KEYGEN, EVP_PKEY_CTRL_MD,  \
+//                          0, (void *)(md))
+
+//# define RSA_set_app_data(s,arg)         RSA_set_ex_data(s,0,arg)
+//# define RSA_get_app_data(s)             RSA_get_ex_data(s,0)
+
+  function RSA_new: PRSA cdecl; external CLibCrypto;
+  function RSA_new_method(engine: PENGINE): PRSA cdecl; external CLibCrypto;
+  function RSA_bits(const rsa: PRSA): TIdC_INT cdecl; external CLibCrypto;
+  function RSA_size(const rsa: PRSA): TIdC_INT cdecl; external CLibCrypto;
+  function RSA_security_bits(const rsa: PRSA): TIdC_INT cdecl; external CLibCrypto;
+
+  function RSA_set0_key(r: PRSA; n: PBIGNUM; e: PBIGNUM; d: PBIGNUM): TIdC_INT cdecl; external CLibCrypto;
+  function RSA_set0_factors(r: PRSA; p: PBIGNUM; q: PBIGNUM): TIdC_INT cdecl; external CLibCrypto;
+  function RSA_set0_crt_params(r: PRSA; dmp1: PBIGNUM; dmq1: PBIGNUM; iqmp: PBIGNUM): TIdC_INT cdecl; external CLibCrypto;
+  //function RSA_set0_multi_prime_params(r: PRSA; primes: array of PBIGNUM; exps: array of PBIGNUM; coeffs: array of PBIGNUM; pnum: TIdC_INT): TIdC_INT;
+
+  procedure RSA_get0_key(const r: PRSA; const n: PPBIGNUM; const e: PPBIGNUM; const d: PPBIGNUM) cdecl; external CLibCrypto;
+  procedure RSA_get0_factors(const r: PRSA; const p: PPBIGNUM; const q: PPBIGNUM) cdecl; external CLibCrypto;
+  function RSA_get_multi_prime_extra_count(const r: PRSA): TIdC_INT cdecl; external CLibCrypto;
+  //function RSA_get0_multi_prime_factors(const r: PRSA; const primes: array of PBIGNUM): TIdC_INT;
+  procedure RSA_get0_crt_params(const r: PRSA; const dmp1: PPBIGNUM; const dmq1: PPBIGNUM; const iqmp: PPBIGNUM) cdecl; external CLibCrypto;
+
+  //function RSA_get0_multi_prime_crt_params(const r: PRSA; const exps: array of PBIGNUM; const coeffs: array of PBIGNUM): TIdC_INT;
+
+  function RSA_get0_n(const d: PRSA): PBIGNUM cdecl; external CLibCrypto;
+  function RSA_get0_e(const d: PRSA): PBIGNUM cdecl; external CLibCrypto;
+  function RSA_get0_d(const d: PRSA): PBIGNUM cdecl; external CLibCrypto;
+  function RSA_get0_p(const d: PRSA): PBIGNUM cdecl; external CLibCrypto;
+  function RSA_get0_q(const d: PRSA): PBIGNUM cdecl; external CLibCrypto;
+  function RSA_get0_dmp1(const r: PRSA): PBIGNUM cdecl; external CLibCrypto;
+  function RSA_get0_dmq1(const r: PRSA): PBIGNUM cdecl; external CLibCrypto;
+  function RSA_get0_iqmp(const r: PRSA): PBIGNUM cdecl; external CLibCrypto;
+
+  procedure RSA_clear_flags(r: PRSA; flags: TIdC_INT) cdecl; external CLibCrypto;
+  function RSA_test_flags(const r: PRSA; flags: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  procedure RSA_set_flags(r: PRSA; flags: TIdC_INT) cdecl; external CLibCrypto;
+  function RSA_get_version(r: PRSA): TIdC_INT cdecl; external CLibCrypto;
+  function RSA_get0_engine(const r: PRSA): PENGINE cdecl; external CLibCrypto;
+
+  (* New version *)
+  function RSA_generate_key_ex(rsa: PRSA; bits: TIdC_INT; e: PBIGNUM; cb: PBN_GENCB): TIdC_INT cdecl; external CLibCrypto;
+  (* Multi-prime version *)
+  function RSA_generate_multi_prime_key(rsa: PRSA; bits: TIdC_INT; primes: TIdC_INT; e: PBIGNUM; cb: PBN_GENCB): TIdC_INT cdecl; external CLibCrypto;
+  function RSA_X931_derive_ex(rsa: PRSA; p1: PBIGNUM; p2: PBIGNUM; q1: PBIGNUM; q2: PBIGNUM; const Xp1: PBIGNUM; const Xp2: PBIGNUM; const Xp: PBIGNUM; const Xq1: PBIGNUM; const Xq2: PBIGNUM; const Xq: PBIGNUM; const e: PBIGNUM; cb: PBN_GENCB): TIdC_INT cdecl; external CLibCrypto;
+  function RSA_X931_generate_key_ex(rsa: PRSA; bits: TIdC_INT; const e: PBIGNUM; cb: PBN_GENCB): TIdC_INT cdecl; external CLibCrypto;
+
+  function RSA_check_key(const v1: PRSA): TIdC_INT cdecl; external CLibCrypto;
+  function RSA_check_key_ex(const v1: PRSA; cb: BN_GENCB): TIdC_INT cdecl; external CLibCrypto;
+  (* next 4 return -1 on error *)
+  function RSA_public_encrypt(flen: TIdC_INT; const from: PByte; &to: PByte; rsa: PRSA; padding: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function RSA_private_encrypt(flen: TIdC_INT; const from: PByte; &to: PByte; rsa: PRSA; padding: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function RSA_public_decrypt(flen: TIdC_INT; const from: PByte; &to: PByte; rsa: PRSA; padding: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function RSA_private_decrypt(flen: TIdC_INT; const from: PByte; &to: PByte; rsa: PRSA; padding: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+
+  procedure RSA_free(r: PRSA) cdecl; external CLibCrypto;
+  (* "up" the RSA object's reference count *)
+  function RSA_up_ref(r: PRSA): TIdC_INT cdecl; external CLibCrypto;
+
+  function RSA_flags(const r: PRSA): TIdC_INT cdecl; external CLibCrypto;
+
+  procedure RSA_set_default_method(const meth: PRSA_METHOD) cdecl; external CLibCrypto;
+  function RSA_get_default_method: PRSA_METHOD cdecl; external CLibCrypto;
+  function RSA_null_method: PRSA_METHOD cdecl; external CLibCrypto;
+  function RSA_get_method(const rsa: PRSA): PRSA_METHOD cdecl; external CLibCrypto;
+  function RSA_set_method(rsa: PRSA; const meth: PRSA_METHOD): TIdC_INT cdecl; external CLibCrypto;
+
+  (* these are the actual RSA functions *)
+  function RSA_PKCS1_OpenSSL: PRSA_METHOD cdecl; external CLibCrypto;
+
+  function RSA_pkey_ctx_ctrl(ctx: PEVP_PKEY_CTX; optype: TIdC_INT; cmd: TIdC_INT; p1: TIdC_INT; p2: Pointer): TIdC_INT cdecl; external CLibCrypto;
+
+  function RSA_print(bp: PBIO; const r: PRSA; offset: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+
+  (*
+   * The following 2 functions sign and verify a X509_SIG ASN1 object inside
+   * PKCS#1 padded RSA encryption
+   *)
+  function RSA_sign(&type: TIdC_INT; const m: PByte; m_length: TIdC_UINT; sigret: PByte; siglen: PIdC_UINT; rsa: PRSA): TIdC_INT cdecl; external CLibCrypto;
+  function RSA_verify(&type: TIdC_INT; const m: PByte; m_length: TIdC_UINT; const sigbuf: PByte; siglen: TIdC_UINT; rsa: PRSA): TIdC_INT cdecl; external CLibCrypto;
+
+  (*
+   * The following 2 function sign and verify a ASN1_OCTET_STRING object inside
+   * PKCS#1 padded RSA encryption
+   *)
+  function RSA_sign_ASN1_OCTET_STRING(&type: TIdC_INT; const m: PByte; m_length: TIdC_UINT; sigret: PByte; siglen: PIdC_UINT; rsa: PRSA): TIdC_INT cdecl; external CLibCrypto;
+  function RSA_verify_ASN1_OCTET_STRING(&type: TIdC_INT; const m: PByte; m_length: TIdC_UINT; sigbuf: PByte; siglen: TIdC_UINT; rsa: PRSA): TIdC_INT cdecl; external CLibCrypto;
+
+  function RSA_blinding_on(rsa: PRSA; ctx: PBN_CTX): TIdC_INT cdecl; external CLibCrypto;
+  procedure RSA_blinding_off(rsa: PRSA) cdecl; external CLibCrypto;
+  function RSA_setup_blinding(rsa: PRSA; ctx: PBN_CTX): PBN_BLINDING cdecl; external CLibCrypto;
+  function RSA_padding_add_PKCS1_type_1(&to: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function RSA_padding_check_PKCS1_type_1(&to: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT; rsa_len: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function RSA_padding_add_PKCS1_type_2(&to: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function RSA_padding_check_PKCS1_type_2(&to: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT; rsa_len: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function PKCS1_MGF1(mask: PByte; len: TIdC_LONG; const seed: PByte; seedlen: TIdC_LONG; const dgst: PEVP_MD): TIdC_INT cdecl; external CLibCrypto;
+  function RSA_padding_add_PKCS1_OAEP(&to: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT; const p: PByte; pl: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function RSA_padding_check_PKCS1_OAEP(&to: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT; rsa_len: TIdC_INT; const p: PByte; pl: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function RSA_padding_add_PKCS1_OAEP_mgf1(&to: PByte; tlen: TIdC_INT; const from: PByte; flen: TIdC_INT; const param: PByte; plen: TIdC_INT; const md: PEVP_MD; const mgf1md: PEVP_MD): TIdC_INT cdecl; external CLibCrypto;
+  function RSA_padding_check_PKCS1_OAEP_mgf1(&to: PByte; tlen: TIdC_INT; const from: PByte; flen: TIdC_INT; num: TIdC_INT; const param: PByte; plen: TIdC_INT; const md: PEVP_MD; const mgf1md: PEVP_MD): TIdC_INT cdecl; external CLibCrypto;
+  function RSA_padding_add_SSLv23(&to: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function RSA_padding_check_SSLv23(&to: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT; rsa_len: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function RSA_padding_add_none(&to: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function RSA_padding_check_none(&to: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT; rsa_len: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function RSA_padding_add_X931(&to: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function RSA_padding_check_X931(&to: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT; rsa_len: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function RSA_X931_hash_id(nid: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+
+  function RSA_verify_PKCS1_PSS(rsa: PRSA; const mHash: PByte; const Hash: PEVP_MD; const EM: PByte; sLen: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function RSA_padding_add_PKCS1_PSS(rsa: PRSA; EM: PByte; const mHash: PByte; const Hash: PEVP_MD; sLen: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function RSA_verify_PKCS1_PSS_mgf1(rsa: PRSA; const mHash: PByte; const Hash: PEVP_MD; const mgf1Hash: PEVP_MD; const EM: PByte; sLen: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function RSA_padding_add_PKCS1_PSS_mgf1(rsa: PRSA; EM: PByte; const mHash: PByte; const Hash: PEVP_MD; const mgf1Hash: PEVP_MD; sLen: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+
+  //#define RSA_get_ex_new_index(l, p, newf, dupf, freef) \
+  //    CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_RSA, l, p, newf, dupf, freef)
+
+  function RSA_set_ex_data(r: PRSA; idx: TIdC_INT; arg: Pointer): TIdC_INT cdecl; external CLibCrypto;
+  function RSA_get_ex_data(const r: PRSA; idx: TIdC_INT): Pointer cdecl; external CLibCrypto;
+  function RSAPublicKey_dup(rsa: PRSA): PRSA cdecl; external CLibCrypto;
+  function RSAPrivateKey_dup(rsa: PRSA): PRSA cdecl; external CLibCrypto;
+
+  function RSA_meth_new(const name: PIdAnsiChar; flags: TIdC_INT): PRSA_METHOD cdecl; external CLibCrypto;
+  procedure RSA_meth_free(meth: PRSA_METHOD) cdecl; external CLibCrypto;
+  function RSA_meth_dup(const meth: PRSA_METHOD): PRSA_METHOD cdecl; external CLibCrypto;
+  function RSA_meth_get0_name(const meth: PRSA_METHOD): PIdAnsiChar cdecl; external CLibCrypto;
+  function RSA_meth_set1_name(meth: PRSA_METHOD; const name: PIdAnsiChar): TIdC_INT cdecl; external CLibCrypto;
+  function RSA_meth_get_flags(const meth: PRSA_METHOD): TIdC_INT cdecl; external CLibCrypto;
+  function RSA_meth_set_flags(meth: PRSA_METHOD; flags: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function RSA_meth_get0_app_data(const meth: PRSA_METHOD): Pointer cdecl; external CLibCrypto;
+  function RSA_meth_set0_app_data(meth: PRSA_METHOD; app_data: Pointer): TIdC_INT cdecl; external CLibCrypto;
+
+  //int (*RSA_meth_get_pub_enc(const RSA_METHOD *meth))
+  //    (int flen, const unsigned char *from,
+  //     unsigned char *&to, RSA *rsa, int padding);
+  //int RSA_meth_set_pub_enc(RSA_METHOD *rsa,
+  //                         int (*pub_enc) (int flen, const unsigned char *from,
+  //                                         unsigned char *&to, RSA *rsa,
+  //                                         int padding));
+  //int (*RSA_meth_get_pub_dec(const RSA_METHOD *meth))
+  //    (int flen, const unsigned char *from,
+  //     unsigned char *&to, RSA *rsa, int padding);
+  //int RSA_meth_set_pub_dec(RSA_METHOD *rsa,
+  //                         int (*pub_dec) (int flen, const unsigned char *from,
+  //                                         unsigned char *&to, RSA *rsa,
+  //                                         int padding));
+  //int (*RSA_meth_get_priv_enc(const RSA_METHOD *meth))
+  //    (int flen, const unsigned char *from,
+  //     unsigned char *&to, RSA *rsa, int padding);
+  //int RSA_meth_set_priv_enc(RSA_METHOD *rsa,
+  //                          int (*priv_enc) (int flen, const unsigned char *from,
+  //                                           unsigned char *&to, RSA *rsa,
+  //                                           int padding));
+  //int (*RSA_meth_get_priv_dec(const RSA_METHOD *meth))
+  //    (int flen, const unsigned char *from,
+  //     unsigned char *&to, RSA *rsa, int padding);
+  function RSA_meth_set_priv_dec(rsa: PRSA_METHOD; priv_dec: RSA_meth_set_priv_dec_priv_dec): TIdC_INT cdecl; external CLibCrypto;
+
+  //int (*RSA_meth_get_mod_exp(const RSA_METHOD *meth))
+  //    (BIGNUM *r0, const BIGNUM *i, RSA *rsa, BN_CTX *ctx);
+  function RSA_meth_set_mod_exp(rsa: PRSA_METHOD; mod_exp: RSA_meth_set_mod_exp_mod_exp): TIdC_INT cdecl; external CLibCrypto;
+  //int (*RSA_meth_get_bn_mod_exp(const RSA_METHOD *meth))
+  //    (BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+  //     const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+  function RSA_meth_set_bn_mod_exp(rsa: PRSA_METHOD; bn_mod_exp: RSA_meth_set_bn_mod_exp_bn_mod_exp): TIdC_INT cdecl; external CLibCrypto;
+  //int (*RSA_meth_get_init(const RSA_METHOD *meth)) (RSA *rsa);
+  function RSA_meth_set_init(rsa: PRSA_METHOD; init: RSA_meth_set_init_init): TIdC_INT cdecl; external CLibCrypto;
+  //int (*RSA_meth_get_finish(const RSA_METHOD *meth)) (RSA *rsa);
+  function RSA_meth_set_finish(rsa: PRSA_METHOD; finish: RSA_meth_set_finish_finish): TIdC_INT cdecl; external CLibCrypto;
+  //int (*RSA_meth_get_sign(const RSA_METHOD *meth))
+  //    (int &type,
+  //     const unsigned char *m, unsigned int m_length,
+  //     unsigned char *sigret, unsigned int *siglen,
+  //     const RSA *rsa);
+  function RSA_meth_set_sign(rsa: PRSA_METHOD; sign: RSA_meth_set_sign_sign): TIdC_INT cdecl; external CLibCrypto;
+  //int (*RSA_meth_get_verify(const RSA_METHOD *meth))
+  //    (int dtype, const unsigned char *m,
+  //     unsigned int m_length, const unsigned char *sigbuf,
+  //     unsigned int siglen, const RSA *rsa);
+  function RSA_meth_set_verify(rsa: PRSA_METHOD; verify: RSA_meth_set_verify_verify): TIdC_INT cdecl; external CLibCrypto;
+  //int (*RSA_meth_get_keygen(const RSA_METHOD *meth))
+  //    (RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb);
+  function RSA_meth_set_keygen(rsa: PRSA_METHOD; keygen: RSA_meth_set_keygen_keygen): TIdC_INT cdecl; external CLibCrypto;
+  //int (*RSA_meth_get_multi_prime_keygen(const RSA_METHOD *meth))
+  //    (RSA *rsa, int bits, int primes, BIGNUM *e, BN_GENCB *cb);
+  function RSA_meth_set_multi_prime_keygen(meth: PRSA_METHOD; keygen: RSA_meth_set_multi_prime_keygen_keygen): TIdC_INT cdecl; external CLibCrypto;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_rsaerr.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_rsaerr.pas
new file mode 100644
index 000000000..f9e251335
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_rsaerr.pas
@@ -0,0 +1,196 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 14:51:27
+
+unit IdOpenSSLHeaders_rsaerr;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// rsaerr.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+const
+  (*
+   * RSA function codes.
+   *)
+  RSA_F_CHECK_PADDING_MD = 140;
+  RSA_F_ENCODE_PKCS1 = 146;
+  RSA_F_INT_RSA_VERIFY = 145;
+  RSA_F_OLD_RSA_PRIV_DECODE = 147;
+  RSA_F_PKEY_PSS_INIT = 165;
+  RSA_F_PKEY_RSA_CTRL = 143;
+  RSA_F_PKEY_RSA_CTRL_STR = 144;
+  RSA_F_PKEY_RSA_SIGN = 142;
+  RSA_F_PKEY_RSA_VERIFY = 149;
+  RSA_F_PKEY_RSA_VERIFYRECOVER = 141;
+  RSA_F_RSA_ALGOR_TO_MD = 156;
+  RSA_F_RSA_BUILTIN_KEYGEN = 129;
+  RSA_F_RSA_CHECK_KEY = 123;
+  RSA_F_RSA_CHECK_KEY_EX = 160;
+  RSA_F_RSA_CMS_DECRYPT = 159;
+  RSA_F_RSA_CMS_VERIFY = 158;
+  RSA_F_RSA_ITEM_VERIFY = 148;
+  RSA_F_RSA_METH_DUP = 161;
+  RSA_F_RSA_METH_NEW = 162;
+  RSA_F_RSA_METH_SET1_NAME = 163;
+  RSA_F_RSA_MGF1_TO_MD = 157;
+  RSA_F_RSA_MULTIP_INFO_NEW = 166;
+  RSA_F_RSA_NEW_METHOD = 106;
+  RSA_F_RSA_NULL = 124;
+  RSA_F_RSA_NULL_PRIVATE_DECRYPT = 132;
+  RSA_F_RSA_NULL_PRIVATE_ENCRYPT = 133;
+  RSA_F_RSA_NULL_PUBLIC_DECRYPT = 134;
+  RSA_F_RSA_NULL_PUBLIC_ENCRYPT = 135;
+  RSA_F_RSA_OSSL_PRIVATE_DECRYPT = 101;
+  RSA_F_RSA_OSSL_PRIVATE_ENCRYPT = 102;
+  RSA_F_RSA_OSSL_PUBLIC_DECRYPT = 103;
+  RSA_F_RSA_OSSL_PUBLIC_ENCRYPT = 104;
+  RSA_F_RSA_PADDING_ADD_NONE = 107;
+  RSA_F_RSA_PADDING_ADD_PKCS1_OAEP = 121;
+  RSA_F_RSA_PADDING_ADD_PKCS1_OAEP_MGF1 = 154;
+  RSA_F_RSA_PADDING_ADD_PKCS1_PSS = 125;
+  RSA_F_RSA_PADDING_ADD_PKCS1_PSS_MGF1 = 152;
+  RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1 = 108;
+  RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2 = 109;
+  RSA_F_RSA_PADDING_ADD_SSLV23 = 110;
+  RSA_F_RSA_PADDING_ADD_X931 = 127;
+  RSA_F_RSA_PADDING_CHECK_NONE = 111;
+  RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP = 122;
+  RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP_MGF1 = 153;
+  RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1 = 112;
+  RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2 = 113;
+  RSA_F_RSA_PADDING_CHECK_SSLV23 = 114;
+  RSA_F_RSA_PADDING_CHECK_X931 = 128;
+  RSA_F_RSA_PARAM_DECODE = 164;
+  RSA_F_RSA_PRINT = 115;
+  RSA_F_RSA_PRINT_FP = 116;
+  RSA_F_RSA_PRIV_DECODE = 150;
+  RSA_F_RSA_PRIV_ENCODE = 138;
+  RSA_F_RSA_PSS_GET_PARAM = 151;
+  RSA_F_RSA_PSS_TO_CTX = 155;
+  RSA_F_RSA_PUB_DECODE = 139;
+  RSA_F_RSA_SETUP_BLINDING = 136;
+  RSA_F_RSA_SIGN = 117;
+  RSA_F_RSA_SIGN_ASN1_OCTET_STRING = 118;
+  RSA_F_RSA_VERIFY = 119;
+  RSA_F_RSA_VERIFY_ASN1_OCTET_STRING = 120;
+  RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1 = 126;
+  RSA_F_SETUP_TBUF = 167;
+
+  (*
+   * RSA reason codes.
+   *)
+  RSA_R_ALGORITHM_MISMATCH = 100;
+  RSA_R_BAD_E_VALUE = 101;
+  RSA_R_BAD_FIXED_HEADER_DECRYPT = 102;
+  RSA_R_BAD_PAD_BYTE_COUNT = 103;
+  RSA_R_BAD_SIGNATURE = 104;
+  RSA_R_BLOCK_TYPE_IS_NOT_01 = 106;
+  RSA_R_BLOCK_TYPE_IS_NOT_02 = 107;
+  RSA_R_DATA_GREATER_THAN_MOD_LEN = 108;
+  RSA_R_DATA_TOO_LARGE = 109;
+  RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE = 110;
+  RSA_R_DATA_TOO_LARGE_FOR_MODULUS = 132;
+  RSA_R_DATA_TOO_SMALL = 111;
+  RSA_R_DATA_TOO_SMALL_FOR_KEY_SIZE = 122;
+  RSA_R_DIGEST_DOES_NOT_MATCH = 158;
+  RSA_R_DIGEST_NOT_ALLOWED = 145;
+  RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY = 112;
+  RSA_R_DMP1_NOT_CONGRUENT_TO_D = 124;
+  RSA_R_DMQ1_NOT_CONGRUENT_TO_D = 125;
+  RSA_R_D_E_NOT_CONGRUENT_TO_1 = 123;
+  RSA_R_FIRST_OCTET_INVALID = 133;
+  RSA_R_ILLEGAL_OR_UNSUPPORTED_PADDING_MODE = 144;
+  RSA_R_INVALID_DIGEST = 157;
+  RSA_R_INVALID_DIGEST_LENGTH = 143;
+  RSA_R_INVALID_HEADER = 137;
+  RSA_R_INVALID_LABEL = 160;
+  RSA_R_INVALID_MESSAGE_LENGTH = 131;
+  RSA_R_INVALID_MGF1_MD = 156;
+  RSA_R_INVALID_MULTI_PRIME_KEY = 167;
+  RSA_R_INVALID_OAEP_PARAMETERS = 161;
+  RSA_R_INVALID_PADDING = 138;
+  RSA_R_INVALID_PADDING_MODE = 141;
+  RSA_R_INVALID_PSS_PARAMETERS = 149;
+  RSA_R_INVALID_PSS_SALTLEN = 146;
+  RSA_R_INVALID_SALT_LENGTH = 150;
+  RSA_R_INVALID_TRAILER = 139;
+  RSA_R_INVALID_X931_DIGEST = 142;
+  RSA_R_IQMP_NOT_INVERSE_OF_Q = 126;
+  RSA_R_KEY_PRIME_NUM_INVALID = 165;
+  RSA_R_KEY_SIZE_TOO_SMALL = 120;
+  RSA_R_LAST_OCTET_INVALID = 134;
+  RSA_R_MISSING_PRIVATE_KEY = 179;
+  RSA_R_MGF1_DIGEST_NOT_ALLOWED = 152;
+  RSA_R_MODULUS_TOO_LARGE = 105;
+  RSA_R_MP_COEFFICIENT_NOT_INVERSE_OF_R = 168;
+  RSA_R_MP_EXPONENT_NOT_CONGRUENT_TO_D = 169;
+  RSA_R_MP_R_NOT_PRIME = 170;
+  RSA_R_NO_PUBLIC_EXPONENT = 140;
+  RSA_R_NULL_BEFORE_BLOCK_MISSING = 113;
+  RSA_R_N_DOES_NOT_EQUAL_PRODUCT_OF_PRIMES = 172;
+  RSA_R_N_DOES_NOT_EQUAL_P_Q = 127;
+  RSA_R_OAEP_DECODING_ERROR = 121;
+  RSA_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE = 148;
+  RSA_R_PADDING_CHECK_FAILED = 114;
+  RSA_R_PKCS_DECODING_ERROR = 159;
+  RSA_R_PSS_SALTLEN_TOO_SMALL = 164;
+  RSA_R_P_NOT_PRIME = 128;
+  RSA_R_Q_NOT_PRIME = 129;
+  RSA_R_RSA_OPERATIONS_NOT_SUPPORTED = 130;
+  RSA_R_SLEN_CHECK_FAILED = 136;
+  RSA_R_SLEN_RECOVERY_FAILED = 135;
+  RSA_R_SSLV3_ROLLBACK_ATTACK = 115;
+  RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD = 116;
+  RSA_R_UNKNOWN_ALGORITHM_TYPE = 117;
+  RSA_R_UNKNOWN_DIGEST = 166;
+  RSA_R_UNKNOWN_MASK_DIGEST = 151;
+  RSA_R_UNKNOWN_PADDING_TYPE = 118;
+  RSA_R_UNSUPPORTED_ENCRYPTION_TYPE = 162;
+  RSA_R_UNSUPPORTED_LABEL_SOURCE = 163;
+  RSA_R_UNSUPPORTED_MASK_ALGORITHM = 153;
+  RSA_R_UNSUPPORTED_MASK_PARAMETER = 154;
+  RSA_R_UNSUPPORTED_SIGNATURE_TYPE = 155;
+  RSA_R_VALUE_MISSING = 147;
+  RSA_R_WRONG_SIGNATURE_LENGTH = 119;
+
+  function ERR_load_RSA_strings: TIdC_INT cdecl; external CLibCrypto;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_sha.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_sha.pas
new file mode 100644
index 000000000..5e4f2f809
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_sha.pas
@@ -0,0 +1,131 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 14:51:27
+
+unit IdOpenSSLHeaders_sha;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// sha.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+const
+  SHA_LBLOCK = 16;
+  SHA_CBLOCK = SHA_LBLOCK * 4;
+
+  SHA_LAST_BLOCK = SHA_CBLOCK - 8;
+  SHA_DIGEST_LENGTH = 20;
+
+  SHA256_CBLOCK = SHA_LBLOCK * 4;
+
+  SHA224_DIGEST_LENGTH = 28;
+  SHA256_DIGEST_LENGTH = 32;
+  SHA384_DIGEST_LENGTH = 48;
+  SHA512_DIGEST_LENGTH = 64;
+
+  SHA512_CBLOCK = SHA_LBLOCK * 8;
+
+type
+  SHA_LONG = TIdC_UINT;
+
+  SHAstate_sf = record
+    h0, h1, h2, h3, h4: SHA_LONG;
+    Nl, Nh: SHA_LONG;
+    data: array[0 .. SHA_LAST_BLOCK - 1] of SHA_LONG;
+    num: TIdC_UINT;
+  end;
+  SHA_CTX = SHAstate_sf;
+  PSHA_CTX = ^SHA_CTX;
+
+  SHAstate256_sf = record
+    h: array[0..7] of SHA_LONG;
+    Nl, Nh: SHA_LONG;
+    data: array[0 .. SHA_LAST_BLOCK - 1] of SHA_LONG;
+    num, md_len: TIdC_UINT;
+  end;
+  SHA256_CTX = SHAstate256_sf;
+  PSHA256_CTX = ^SHA256_CTX;
+
+  SHA_LONG64 = TIdC_UINT64;
+
+  SHA512state_st_u = record
+    case Integer of
+    0: (d: array[0 .. SHA_LBLOCK - 1] of SHA_LONG64);
+    1: (p: array[0 .. SHA512_CBLOCK - 1] of Byte);
+  end;
+
+  SHA512state_st = record
+    h: array[0..7] of SHA_LONG64;
+    Nl, Nh: SHA_LONG64;
+    u: SHA512state_st_u;
+    num, md_len: TIdC_UINT;
+  end;
+  SHA512_CTX = SHA512state_st;
+  PSHA512_CTX = ^SHA512_CTX;
+
+  function SHA1_Init(c: PSHA_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function SHA1_Update(c: PSHA_CTX; const data: Pointer; len: TIdC_SIZET): TIdC_INT cdecl; external CLibCrypto;
+  function SHA1_Final(md: PByte; c: PSHA_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function SHA1(const d: PByte; n: TIdC_SIZET; md: PByte): PByte cdecl; external CLibCrypto;
+  procedure SHA1_Transform(c: PSHA_CTX; const data: PByte) cdecl; external CLibCrypto;
+
+  function SHA224_Init(c: PSHA256_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function SHA224_Update(c: PSHA256_CTX; const data: Pointer; len: TIdC_SIZET): TIdC_INT cdecl; external CLibCrypto;
+  function SHA224_Final(md: PByte; c: PSHA256_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function SHA224(const d: PByte; n: TIdC_SIZET; md: PByte): PByte cdecl; external CLibCrypto;
+
+  function SHA256_Init(c: PSHA256_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function SHA256_Update(c: PSHA256_CTX; const data: Pointer; len: TIdC_SIZET): TIdC_INT cdecl; external CLibCrypto;
+  function SHA256_Final(md: PByte; c: PSHA256_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function SHA256(const d: PByte; n: TIdC_SIZET; md: PByte): PByte cdecl; external CLibCrypto;
+  procedure SHA256_Transform(c: PSHA256_CTX; const data: PByte) cdecl; external CLibCrypto;
+
+  function SHA384_Init(c: PSHA512_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function SHA384_Update(c: PSHA512_CTX; const data: Pointer; len: TIdC_SIZET): TIdC_INT cdecl; external CLibCrypto;
+  function SHA384_Final(md: PByte; c: PSHA512_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function SHA384(const d: PByte; n: TIdC_SIZET; md: PByte): PByte cdecl; external CLibCrypto;
+
+  function SHA512_Init(c: PSHA512_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function SHA512_Update(c: PSHA512_CTX; const data: Pointer; len: TIdC_SIZET): TIdC_INT cdecl; external CLibCrypto;
+  function SHA512_Final(md: PByte; c: PSHA512_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function SHA512(const d: PByte; n: TIdC_SIZET; md: PByte): PByte cdecl; external CLibCrypto;
+  procedure SHA512_Transform(c: PSHA512_CTX; const data: PByte) cdecl; external CLibCrypto;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_srtp.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_srtp.pas
new file mode 100644
index 000000000..43ca73357
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_srtp.pas
@@ -0,0 +1,69 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 14:51:27
+
+unit IdOpenSSLHeaders_srtp;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// srtp.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts,
+  IdOpenSSLHeaders_ossl_typ,
+  IdOpenSSLHeaders_ssl;
+
+const
+  SRTP_AES128_CM_SHA1_80 = $0001;
+  SRTP_AES128_CM_SHA1_32 = $0002;
+  SRTP_AES128_F8_SHA1_80 = $0003;
+  SRTP_AES128_F8_SHA1_32 = $0004;
+  SRTP_NULL_SHA1_80      = $0005;
+  SRTP_NULL_SHA1_32      = $0006;
+
+  (* AEAD SRTP protection profiles from RFC 7714 *)
+  SRTP_AEAD_AES_128_GCM = $0007;
+  SRTP_AEAD_AES_256_GCM = $0008;
+
+  function SSL_CTX_set_tlsext_use_srtp(ctx: PSSL_CTX; const profiles: PIdAnsiChar): TIdC_INT cdecl; external CLibCrypto;
+  function SSL_set_tlsext_use_srtp(ctx: PSSL_CTX; const profiles: PIdAnsiChar): TIdC_INT cdecl; external CLibCrypto;
+
+  //function SSL_get_srtp_profiles(s: PSSL): PSTACK_OF_SRTP_PROTECTION_PROFILE;
+  function SSL_get_selected_srtp_profile(s: PSSL): PSRTP_PROTECTION_PROFILE cdecl; external CLibCrypto;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ssl.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ssl.pas
new file mode 100644
index 000000000..a020944c5
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ssl.pas
@@ -0,0 +1,2560 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 14:51:27
+
+unit IdOpenSSLHeaders_ssl;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// ssl.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts,
+  IdOpenSSLHeaders_ossl_typ,
+  IdOpenSSLHeaders_async,
+  IdOpenSSLHeaders_bio,
+  IdOpenSSLHeaders_crypto,
+  IdOpenSSLHeaders_pem,
+  IdOpenSSLHeaders_tls1,
+  IdOpenSSLHeaders_ssl3,
+  IdOpenSSLHeaders_X509;
+
+{$MINENUMSIZE 4}
+
+const
+  (* OpenSSL version number for ASN.1 encoding of the session information *)
+  (*-
+   * Version 0 - initial version
+   * Version 1 - added the optional peer certificate
+   *)
+  SSL_SESSION_ASN1_VERSION = $0001;
+  
+  SSL_MAX_SSL_SESSION_ID_LENGTH = 32;
+  SSL_MAX_SID_CTX_LENGTH = 32;
+
+  SSL_MIN_RSA_MODULUS_LENGTH_IN_BYTES = 512/8;
+  SSL_MAX_KEY_ARG_LENGTH = 8;
+  SSL_MAX_MASTER_KEY_LENGTH = 48;
+
+  (* The maximum number of encrypt/decrypt pipelines we can support *)
+  SSL_MAX_PIPELINES = 32;
+
+  (* text strings for the ciphers *)
+
+  (* These are used to specify which ciphers to use and not to use *)
+
+  SSL_TXT_LOW = 'LOW';
+  SSL_TXT_MEDIUM = 'MEDIUM';
+  SSL_TXT_HIGH = 'HIGH';
+  SSL_TXT_FIPS = 'FIPS';
+
+  SSL_TXT_aNULL = 'aNULL';
+  SSL_TXT_eNULL = 'eNULL';
+  SSL_TXT_NULL = 'NULL';
+
+  SSL_TXT_kRSA = 'kRSA';
+  SSL_TXT_kDHr = 'kDHr';
+  SSL_TXT_kDHd = 'kDHd';
+  SSL_TXT_kDH = 'kDH';
+  SSL_TXT_kEDH = 'kEDH';
+  SSL_TXT_kDHE = 'kDHE';
+  SSL_TXT_kECDHr = 'kECDHr';
+//const SSL_TXT_kECDHe = 'kECDHe';
+  SSL_TXT_kECDH = 'kECDH';
+  SSL_TXT_kEECDH = 'kEECDH';
+  SSL_TXT_kECDHE = 'kECDHE';
+  SSL_TXT_kPSK = 'kPSK';
+  SSL_TXT_kRSAPSK = 'kRSAPSK';
+  SSL_TXT_kECDHEPSK = 'kECDHEPSK';
+  SSL_TXT_kDHEPSK = 'kDHEPSK';
+  SSL_TXT_kGOST = 'kGOST';
+  SSL_TXT_kSRP = 'kSRP';
+
+  SSL_TXT_aRSA = 'aRSA';
+  SSL_TXT_aDSS = 'aDSS';
+  SSL_TXT_aDH = 'aDH';
+  SSL_TXT_aECDH = 'aECDH';
+  SSL_TXT_aECDSA = 'aECDSA';
+  SSL_TXT_aPSK = 'aPSK';
+  SSL_TXT_aGOST94 = 'aGOST94';
+  SSL_TXT_aGOST01 = 'aGOST01';
+  SSL_TXT_aGOST12 = 'aGOST12';
+  SSL_TXT_aGOST = 'aGOST';
+  SSL_TXT_aSRP = 'aSRP';
+
+  SSL_TXT_DSS = 'DSS';
+  SSL_TXT_DH = 'DH';
+  SSL_TXT_DHE = 'DHE';
+  SSL_TXT_EDH = 'EDH';
+  //SSL_TXT_ADH = 'ADH';
+  SSL_TXT_RSA = 'RSA';
+  SSL_TXT_ECDH = 'ECDH';
+  SSL_TXT_EECDH = 'EECDH';
+  SSL_TXT_ECDHE = 'ECDHE';
+  //SSL_TXT_AECDH = 'AECDH';
+  SSL_TXT_ECDSA = 'ECDSA';
+  SSL_TXT_PSK = 'PSK';
+  SSL_TXT_SRP = 'SRP';
+
+  SSL_TXT_DES = 'DES';
+  SSL_TXT_3DES = '3DES';
+  SSL_TXT_RC4 = 'RC4';
+  SSL_TXT_RC2 = 'RC2';
+  SSL_TXT_IDEA = 'IDEA';
+  SSL_TXT_SEED = 'SEED';
+  SSL_TXT_AES128 = 'AES128';
+  SSL_TXT_AES256 = 'AES256';
+  SSL_TXT_AES = 'AES';
+  SSL_TXT_AES_GCM = 'AESGCM';
+  SSL_TXT_AES_CCM = 'AESCCM';
+  SSL_TXT_AES_CCM_8 = 'AESCCM8';
+  SSL_TXT_CAMELLIA128 = 'CAMELLIA128';
+  SSL_TXT_CAMELLIA256 = 'CAMELLIA256';
+  SSL_TXT_CAMELLIA = 'CAMELLIA';
+  SSL_TXT_CHACHA20 = 'CHACHA20';
+  SSL_TXT_GOST = 'GOST89';
+  SSL_TXT_ARIA = 'ARIA';
+  SSL_TXT_ARIA_GCM = 'ARIAGCM';
+  SSL_TXT_ARIA128 = 'ARIA128';
+  SSL_TXT_ARIA256 = 'ARIA256';
+
+  SSL_TXT_MD5 = 'MD5';
+  SSL_TXT_SHA1 = 'SHA1';
+  SSL_TXT_SHA = 'SHA';
+  SSL_TXT_GOST94 = 'GOST94';
+  SSL_TXT_GOST89MAC = 'GOST89MAC';
+  SSL_TXT_GOST12 = 'GOST12';
+  SSL_TXT_GOST89MAC12 = 'GOST89MAC12';
+  SSL_TXT_SHA256 = 'SHA256';
+  SSL_TXT_SHA384 = 'SHA384';
+
+  SSL_TXT_SSLV3 = 'SSLv3';
+  SSL_TXT_TLSV1 = 'TLSv1';
+  SSL_TXT_TLSV1_1 = 'TLSv1.1';
+  SSL_TXT_TLSV1_2 = 'TLSv1.2';
+
+  SSL_TXT_ALL = 'ALL';
+
+  (*-
+   * COMPLEMENTOF* definitions. These identifiers are used to (de-select)
+   * ciphers normally not being used.
+   * Example: "RC4" will activate all ciphers using RC4 including ciphers
+   * without authentication, which would normally disabled by DEFAULT (due
+   * the "!ADH" being part of default). Therefore "RC4:!COMPLEMENTOFDEFAULT"
+   * will make sure that it is also disabled in the specific selection.
+   * COMPLEMENTOF* identifiers are portable between version, as adjustments
+   * to the default cipher setup will also be included here.
+   *
+   * COMPLEMENTOFDEFAULT does not experience the same special treatment that
+   * DEFAULT gets, as only selection is being done and no sorting as needed
+   * for DEFAULT.
+   *)
+  SSL_TXT_CMPALL = 'COMPLEMENTOFALL';
+  SSL_TXT_CMPDEF = 'COMPLEMENTOFDEFAULT';
+
+  (*
+   * The following cipher list is used by default. It also is substituted when
+   * an application-defined cipher list string starts with 'DEFAULT'.
+   * This applies to ciphersuites for TLSv1.2 and below.
+   *)
+  SSL_DEFAULT_CIPHER_LIST = 'ALL:!COMPLEMENTOFDEFAULT:!eNULL';
+  (* This is the default set of TLSv1.3 ciphersuites *)
+  TLS_DEFAULT_CIPHERSUITES = 'TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256';
+
+  (*
+   * As of OpenSSL 1.0.0, ssl_create_cipher_list() in ssl/ssl_ciph.c always
+   * starts with a reasonable order, and all we have to do for DEFAULT is
+   * throwing out anonymous and unencrypted ciphersuites! (The latter are not
+   * actually enabled by ALL, but "ALL:RSA" would enable some of them.)
+   *)
+
+  (* Used in SSL_set_shutdown()/SSL_get_shutdown(); *)
+  SSL_SENT_SHUTDOWN = 1;
+  SSL_RECEIVED_SHUTDOWN = 2;
+
+  SSL_FILETYPE_ASN1 = X509_FILETYPE_ASN1;
+  SSL_FILETYPE_PEM = X509_FILETYPE_PEM;
+
+  (* Extension context codes *)
+  (* This extension is only allowed in TLS *)
+  SSL_EXT_TLS_ONLY = $0001;
+  (* This extension is only allowed in DTLS *)
+  SSL_EXT_DTLS_ONLY = $0002;
+  (* Some extensions may be allowed in DTLS but we don't implement them for it *)
+  SSL_EXT_TLS_IMPLEMENTATION_ONLY = $0004;
+  (* Most extensions are not defined for SSLv3 but EXT_TYPE_renegotiate is *)
+  SSL_EXT_SSL3_ALLOWED = $0008;
+  (* Extension is only defined for TLS1.2 and below *)
+  SSL_EXT_TLS1_2_AND_BELOW_ONLY = $0010;
+  (* Extension is only defined for TLS1.3 and above *)
+  SSL_EXT_TLS1_3_ONLY = $0020;
+  (* Ignore this extension during parsing if we are resuming *)
+  SSL_EXT_IGNORE_ON_RESUMPTION = $0040;
+  SSL_EXT_CLIENT_HELLO = $0080;
+  (* Really means TLS1.2 or below *)
+  SSL_EXT_TLS1_2_SERVER_HELLO = $0100;
+  SSL_EXT_TLS1_3_SERVER_HELLO = $0200;
+  SSL_EXT_TLS1_3_ENCRYPTED_EXTENSIONS = $0400;
+  SSL_EXT_TLS1_3_HELLO_RETRY_REQUEST = $0800;
+  SSL_EXT_TLS1_3_CERTIFICATE = $1000;
+  SSL_EXT_TLS1_3_NEW_SESSION_TICKET = $2000;
+  SSL_EXT_TLS1_3_CERTIFICATE_REQUEST = $4000;
+
+  (*
+   * Some values are reserved until OpenSSL 1.2.0 because they were previously
+   * included in SSL_OP_ALL in a 1.1.x release.
+   *
+   * Reserved value (until OpenSSL 1.2.0)                  $00000001U
+   * Reserved value (until OpenSSL 1.2.0)                  $00000002U
+   *)
+  (* Allow initial connection to servers that don't support RI *)
+  SSL_OP_LEGACY_SERVER_CONNECT = TIdC_UINT($00000004);
+
+  (* Reserved value (until OpenSSL 1.2.0)                  $00000008U *)
+  SSL_OP_TLSEXT_PADDING =      TIdC_UINT($00000010);
+  (* Reserved value (until OpenSSL 1.2.0)                  $00000020U *)
+  SSL_OP_SAFARI_ECDHE_ECDSA_BUG = TIdC_UINT($00000040);
+  (*
+   * Reserved value (until OpenSSL 1.2.0)                  $00000080U
+   * Reserved value (until OpenSSL 1.2.0)                  $00000100U
+   * Reserved value (until OpenSSL 1.2.0)                  $00000200U
+   *)
+
+  (* In TLSv1.3 allow a non-(ec)dhe based kex_mode *)
+  SSL_OP_ALLOW_NO_DHE_KEX                         = TIdC_UINT($00000400);
+
+  (*
+   * Disable SSL 3.0/TLS 1.0 CBC vulnerability workaround that was added in
+   * OpenSSL 0.9.6d.  Usually (depending on the application protocol) the
+   * workaround is not needed.  Unfortunately some broken SSL/TLS
+   * implementations cannot handle it at all, which is why we include it in
+   * SSL_OP_ALL. Added in 0.9.6e
+   *)
+  SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS              = TIdC_UINT($00000800);
+
+  (* DTLS options *)
+  SSL_OP_NO_QUERY_MTU                             = TIdC_UINT($00001000);
+  (* Turn on Cookie Exchange (on relevant for servers) *)
+  SSL_OP_COOKIE_EXCHANGE                          = TIdC_UINT($00002000);
+  (* Don't use RFC4507 ticket extension *)
+  SSL_OP_NO_TICKET                                = TIdC_UINT($00004000);
+  (* Use Cisco's "speshul" version of DTLS_BAD_VER
+   * (only with deprecated DTLSv1_client_method())  *)
+  SSL_OP_CISCO_ANYCONNECT                        = TIdC_UINT($00008000);
+
+  (* As server, disallow session resumption on renegotiation *)
+  SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION   = TIdC_UINT($00010000);
+  (* Don't use compression even if supported *)
+  SSL_OP_NO_COMPRESSION                           = TIdC_UINT($00020000);
+  (* Permit unsafe legacy renegotiation *)
+  SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION        = TIdC_UINT($00040000);
+  (* Disable encrypt-then-mac *)
+  SSL_OP_NO_ENCRYPT_THEN_MAC                      = TIdC_UINT($00080000);
+
+  (*
+   * Enable TLSv1.3 Compatibility mode. This is on by default. A future version
+   * of OpenSSL may have this disabled by default.
+   *)
+  SSL_OP_ENABLE_MIDDLEBOX_COMPAT                  = TIdC_UINT($00100000);
+
+  (* Prioritize Chacha20Poly1305 when client does.
+   * Modifies SSL_OP_CIPHER_SERVER_PREFERENCE *)
+  SSL_OP_PRIORITIZE_CHACHA                        = TIdC_UINT($00200000);
+
+  (*
+   * Set on servers to choose the cipher according to the server's preferences
+   *)
+  SSL_OP_CIPHER_SERVER_PREFERENCE                 = TIdC_UINT($00400000);
+  (*
+   * If set, a server will allow a client to issue a SSLv3.0 version number as
+   * latest version supported in the premaster secret, even when TLSv1.0
+   * (version 3.1) was announced in the client hello. Normally this is
+   * forbidden to prevent version rollback attacks.
+   *)
+  SSL_OP_TLS_ROLLBACK_BUG                         = TIdC_UINT($00800000);
+
+  (*
+   * Switches off automatic TLSv1.3 anti-replay protection for early data. This
+   * is a server-side option only (no effect on the client).
+   *)
+  SSL_OP_NO_ANTI_REPLAY                           = TIdC_UINT($01000000);
+
+  SSL_OP_NO_SSLv3                                 = TIdC_UINT($02000000);
+  SSL_OP_NO_TLSv1                                 = TIdC_UINT($04000000);
+  SSL_OP_NO_TLSv1_2                               = TIdC_UINT($08000000);
+  SSL_OP_NO_TLSv1_1                               = TIdC_UINT($10000000);
+  SSL_OP_NO_TLSv1_3                               = TIdC_UINT($20000000);
+
+  SSL_OP_NO_DTLSv1                                = TIdC_UINT($04000000);
+  SSL_OP_NO_DTLSv1_2                              = TIdC_UINT($08000000);
+
+  SSL_OP_NO_SSL_MASK = SSL_OP_NO_SSLv3 or SSL_OP_NO_TLSv1 or SSL_OP_NO_TLSv1_1
+    or SSL_OP_NO_TLSv1_2 or SSL_OP_NO_TLSv1_3;
+  SSL_OP_NO_DTLS_MASK = SSL_OP_NO_DTLSv1 or SSL_OP_NO_DTLSv1_2;
+
+  (* Disallow all renegotiation *)
+  SSL_OP_NO_RENEGOTIATION                         = TIdC_UINT($40000000);
+
+  (*
+   * Make server add server-hello extension from early version of cryptopro
+   * draft, when GOST ciphersuite is negotiated. Required for interoperability
+   * with CryptoPro CSP 3.x
+   *)
+  SSL_OP_CRYPTOPRO_TLSEXT_BUG                     = TIdC_UINT($80000000);
+
+  (*
+   * SSL_OP_ALL: various bug workarounds that should be rather harmless.
+   * This used to be $000FFFFFL before 0.9.7.
+   * This used to be $80000BFFU before 1.1.1.
+   *)
+  SSL_OP_ALL = SSL_OP_CRYPTOPRO_TLSEXT_BUG or SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS
+    or SSL_OP_LEGACY_SERVER_CONNECT or SSL_OP_TLSEXT_PADDING or SSL_OP_SAFARI_ECDHE_ECDSA_BUG;
+
+  (* OBSOLETE OPTIONS: retained for compatibility *)
+
+  (* Removed from OpenSSL 1.1.0. Was $00000001L *)
+  (* Related to removed SSLv2. *)
+  SSL_OP_MICROSOFT_SESS_ID_BUG                    = $0;
+  (* Removed from OpenSSL 1.1.0. Was $00000002L *)
+  (* Related to removed SSLv2. *)
+  SSL_OP_NETSCAPE_CHALLENGE_BUG                   = $0;
+  (* Removed from OpenSSL 0.9.8q and 1.0.0c. Was $00000008L *)
+  (* Dead forever, see CVE-2010-4180 *)
+  SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG         = $0;
+  (* Removed from OpenSSL 1.0.1h and 1.0.2. Was $00000010L *)
+  (* Refers to ancient SSLREF and SSLv2. *)
+  SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG              = $0;
+  (* Removed from OpenSSL 1.1.0. Was $00000020 *)
+  SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER               = $0;
+  (* Removed from OpenSSL 0.9.7h and 0.9.8b. Was $00000040L *)
+  SSL_OP_MSIE_SSLV2_RSA_PADDING                   = $0;
+  (* Removed from OpenSSL 1.1.0. Was $00000080 *)
+  (* Ancient SSLeay version. *)
+  SSL_OP_SSLEAY_080_CLIENT_DH_BUG                 = $0;
+  (* Removed from OpenSSL 1.1.0. Was $00000100L *)
+  SSL_OP_TLS_D5_BUG                               = $0;
+  (* Removed from OpenSSL 1.1.0. Was $00000200L *)
+  SSL_OP_TLS_BLOCK_PADDING_BUG                    = $0;
+  (* Removed from OpenSSL 1.1.0. Was $00080000L *)
+  SSL_OP_SINGLE_ECDH_USE                          = $0;
+  (* Removed from OpenSSL 1.1.0. Was $00100000L *)
+  SSL_OP_SINGLE_DH_USE                            = $0;
+  (* Removed from OpenSSL 1.0.1k and 1.0.2. Was $00200000L *)
+  SSL_OP_EPHEMERAL_RSA                            = $0;
+  (* Removed from OpenSSL 1.1.0. Was $01000000L *)
+  SSL_OP_NO_SSLv2                                 = $0;
+  (* Removed from OpenSSL 1.0.1. Was $08000000L *)
+  SSL_OP_PKCS1_CHECK_1                            = $0;
+  (* Removed from OpenSSL 1.0.1. Was $10000000L *)
+  SSL_OP_PKCS1_CHECK_2                            = $0;
+  (* Removed from OpenSSL 1.1.0. Was $20000000L *)
+  SSL_OP_NETSCAPE_CA_DN_BUG                       = $0;
+  (* Removed from OpenSSL 1.1.0. Was $40000000L *)
+  SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG          = $0;
+
+  (*
+   * Allow SSL_write(..., n) to return r with 0 < r < n (i.e. report success
+   * when just a single record has been written):
+   *)
+  SSL_MODE_ENABLE_PARTIAL_WRITE = TIdC_UINT($00000001);
+  (*
+   * Make it possible to retry SSL_write() with changed buffer location (buffer
+   * contents must stay the same!); this is not the default to avoid the
+   * misconception that non-blocking SSL_write() behaves like non-blocking
+   * write():
+   *)
+  SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER = TIdC_UINT($00000002);
+  (*
+   * Never bother the application with retries if the transport is blocking:
+   *)
+  SSL_MODE_AUTO_RETRY = TIdC_UINT($00000004);
+  (* Don't attempt to automatically build certificate chain *)
+  SSL_MODE_NO_AUTO_CHAIN = TIdC_UINT($00000008);
+  (*
+   * Save RAM by releasing read and write buffers when they're empty. (SSL3 and
+   * TLS only.) Released buffers are freed.
+   *)
+  SSL_MODE_RELEASE_BUFFERS = TIdC_UINT($00000010);
+  (*
+   * Send the current time in the Random fields of the ClientHello and
+   * ServerHello records for compatibility with hypothetical implementations
+   * that require it.
+   *)
+  SSL_MODE_SEND_CLIENTHELLO_TIME = TIdC_UINT($00000020);
+  SSL_MODE_SEND_SERVERHELLO_TIME = TIdC_UINT($00000040);
+  (*
+   * Send TLS_FALLBACK_SCSV in the ClientHello. To be set only by applications
+   * that reconnect with a downgraded protocol version; see
+   * draft-ietf-tls-downgrade-scsv-00 for details. DO NOT ENABLE THIS if your
+   * application attempts a normal handshake. Only use this in explicit
+   * fallback retries, following the guidance in
+   * draft-ietf-tls-downgrade-scsv-00.
+   *)
+  SSL_MODE_SEND_FALLBACK_SCSV = TIdC_UINT($00000080);
+  (*
+   * Support Asynchronous operation
+   *)
+  SSL_MODE_ASYNC = TIdC_UINT($00000100);
+
+  (*
+   * When using DTLS/SCTP, include the terminating zero in the label
+   * used for computing the endpoint-pair shared secret. Required for
+   * interoperability with implementations having this bug like these
+   * older version of OpenSSL:
+   * - OpenSSL 1.0.0 series
+   * - OpenSSL 1.0.1 series
+   * - OpenSSL 1.0.2 series
+   * - OpenSSL 1.1.0 series
+   * - OpenSSL 1.1.1 and 1.1.1a
+   *)
+  SSL_MODE_DTLS_SCTP_LABEL_LENGTH_BUG = TIdC_UINT($00000400);
+
+  (* Cert related flags *)
+  (*
+   * Many implementations ignore some aspects of the TLS standards such as
+   * enforcing certificate chain algorithms. When this is set we enforce them.
+   *)
+  SSL_CERT_FLAG_TLS_STRICT = TIdC_UINT($00000001);
+  (* Suite B modes, takes same values as certificate verify flags *)
+  SSL_CERT_FLAG_SUITEB_128_LOS_ONLY = $10000;
+  (* Suite B 192 bit only mode *)
+  SSL_CERT_FLAG_SUITEB_192_LOS = $20000;
+  (* Suite B 128 bit mode allowing 192 bit algorithms *)
+  SSL_CERT_FLAG_SUITEB_128_LOS = $30000;
+
+  (* Perform all sorts of protocol violations for testing purposes *)
+  SSL_CERT_FLAG_BROKEN_PROTOCOL = $10000000;
+
+  (* Flags for building certificate chains *)
+  (* Treat any existing certificates as untrusted CAs *)
+  SSL_BUILD_CHAIN_FLAG_UNTRUSTED = $1;
+  (* Don't include root CA in chain *)
+  SSL_BUILD_CHAIN_FLAG_NO_ROOT = $2;
+  (* Just check certificates already there *)
+  SSL_BUILD_CHAIN_FLAG_CHECK = $4;
+  (* Ignore verification errors *)
+  SSL_BUILD_CHAIN_FLAG_IGNORE_ERROR = $8;
+  (* Clear verification errors from queue *)
+  SSL_BUILD_CHAIN_FLAG_CLEAR_ERROR = $10;
+
+  (* Flags returned by SSL_check_chain *)
+  (* Certificate can be used with this session *)
+  CERT_PKEY_VALID = $1;
+  (* Certificate can also be used for signing *)
+  CERT_PKEY_SIGN = $2;
+  (* EE certificate signing algorithm OK *)
+  CERT_PKEY_EE_SIGNATURE = $10;
+  (* CA signature algorithms OK *)
+  CERT_PKEY_CA_SIGNATURE = $20;
+  (* EE certificate parameters OK *)
+  CERT_PKEY_EE_PARAM = $40;
+  (* CA certificate parameters OK *)
+  CERT_PKEY_CA_PARAM = $80;
+  (* Signing explicitly allowed as opposed to SHA1 fallback *)
+  CERT_PKEY_EXPLICIT_SIGN = $100;
+  (* Client CA issuer names match (always set for server cert) *)
+  CERT_PKEY_ISSUER_NAME = $200;
+  (* Cert type matches client types (always set for server cert) *)
+  CERT_PKEY_CERT_TYPE = $400;
+  (* Cert chain suitable to Suite B *)
+  CERT_PKEY_SUITEB = $800;
+
+  SSL_CONF_FLAG_CMDLINE = $1;
+  SSL_CONF_FLAG_FILE = $2;
+  SSL_CONF_FLAG_CLIENT = $4;
+  SSL_CONF_FLAG_SERVER = $8;
+  SSL_CONF_FLAG_SHOW_ERRORS = $10;
+  SSL_CONF_FLAG_CERTIFICATE = $20;
+  SSL_CONF_FLAG_REQUIRE_PRIVATE = $40;
+  (* Configuration value types *)
+  SSL_CONF_TYPE_UNKNOWN = $0;
+  SSL_CONF_TYPE_STRING = $1;
+  SSL_CONF_TYPE_FILE = $2;
+  SSL_CONF_TYPE_DIR = $3;
+  SSL_CONF_TYPE_NONE = $4;
+
+  (* Maximum length of the application-controlled segment of a a TLSv1.3 cookie *)
+  SSL_COOKIE_LENGTH = 4096;
+
+  (* 100k max cert list *)
+  SSL_MAX_CERT_LIST_DEFAULT = 1024 * 100;
+  SSL_SESSION_CACHE_MAX_SIZE_DEFAULT = 1024 * 20;
+
+  SSL_SESS_CACHE_OFF = $0000;
+  SSL_SESS_CACHE_CLIENT = $0001;
+  SSL_SESS_CACHE_SERVER = $0002;
+  SSL_SESS_CACHE_BOTH = (SSL_SESS_CACHE_CLIENT or SSL_SESS_CACHE_SERVER);
+  SSL_SESS_CACHE_NO_AUTO_CLEAR = $0080;
+  (* enough comments already ... see SSL_CTX_set_session_cache_mode(3) *)
+  SSL_SESS_CACHE_NO_INTERNAL_LOOKUP = $0100;
+  SSL_SESS_CACHE_NO_INTERNAL_STORE = $0200;
+  SSL_SESS_CACHE_NO_INTERNAL = (SSL_SESS_CACHE_NO_INTERNAL_LOOKUP or SSL_SESS_CACHE_NO_INTERNAL_STORE);
+
+  OPENSSL_NPN_UNSUPPORTED = 0;
+  OPENSSL_NPN_NEGOTIATED = 1;
+  OPENSSL_NPN_NO_OVERLAP = 2;
+
+  (*
+   * the maximum length of the buffer given to callbacks containing the
+   * resulting identity/psk
+   *)
+  PSK_MAX_IDENTITY_LEN = 128;
+  PSK_MAX_PSK_LEN = 256;
+
+  SSL_NOTHING = 1;
+  SSL_WRITING = 2;
+  SSL_READING = 3;
+  SSL_X509_LOOKUP = 4;
+  SSL_ASYNC_PAUSED = 5;
+  SSL_ASYNC_NO_JOBS = 6;
+  SSL_CLIENT_HELLO_CB = 7;
+
+  SSL_MAC_FLAG_READ_MAC_STREAM = 1;
+  SSL_MAC_FLAG_WRITE_MAC_STREAM = 2;
+
+  (* TLSv1.3 KeyUpdate message types *)
+  (* -1 used so that this is an invalid value for the on-the-wire protocol *)
+  SSL_KEY_UPDATE_NONE = -1;
+  (* Values as defined for the on-the-wire protocol *)
+  SSL_KEY_UPDATE_NOT_REQUESTED = 0;
+  SSL_KEY_UPDATE_REQUESTED = 1;
+
+  (*
+   * Most of the following state values are no longer used and are defined to be
+   * the closest equivalent value &in the current state machine code. Not all
+   * defines have an equivalent and are set to a dummy value (-1). SSL_ST_CONNECT
+   * and SSL_ST_ACCEPT are still &in use &in the definition of SSL_CB_ACCEPT_LOOP,
+   * SSL_CB_ACCEPT_EXIT, SSL_CB_CONNECT_LOOP and SSL_CB_CONNECT_EXIT.
+   *)
+  SSL_ST_CONNECT = $1000;
+  SSL_ST_ACCEPT = $2000;
+  
+  SSL_ST_MASK = $0FFF;
+  
+  SSL_CB_LOOP = $01;
+  SSL_CB_EXIT = $02;
+  SSL_CB_READ = $04;
+  SSL_CB_WRITE = $08;
+  SSL_CB_ALERT = $4000;
+  SSL_CB_READ_ALERT = SSL_CB_ALERT or SSL_CB_READ;
+  SSL_CB_WRITE_ALERT = SSL_CB_ALERT or SSL_CB_WRITE;
+  SSL_CB_ACCEPT_LOOP = SSL_ST_ACCEPT or SSL_CB_LOOP;
+  SSL_CB_ACCEPT_EXIT = SSL_ST_ACCEPT or SSL_CB_EXIT;
+  SSL_CB_CONNECT_LOOP = SSL_ST_CONNECT or SSL_CB_LOOP;
+  SSL_CB_CONNECT_EXIT = SSL_ST_CONNECT or SSL_CB_EXIT;
+  SSL_CB_HANDSHAKE_START = $10;
+  SSL_CB_HANDSHAKE_DONE = $20;
+
+  (*
+   * The following 3 states are kept in ssl->rlayer.rstate when reads fail, you
+   * should not need these
+   *)
+  SSL_ST_READ_HEADER = $F0;
+  SSL_ST_READ_BODY = $F1;
+  SSL_ST_READ_DONE = $F2;
+
+  (*
+   * use either SSL_VERIFY_NONE or SSL_VERIFY_PEER, the last 3 options are
+   * 'ored' with SSL_VERIFY_PEER if they are desired
+   *)
+  SSL_VERIFY_NONE = $00;
+  SSL_VERIFY_PEER = $01;
+  SSL_VERIFY_FAIL_IF_NO_PEER_CERT = $02;
+  SSL_VERIFY_CLIENT_ONCE = $04;
+  SSL_VERIFY_POST_HANDSHAKE = $08;
+
+  SSL_AD_REASON_OFFSET = 1000; (* offset to get SSL_R_... value
+                                * from SSL_AD_... *)
+  (* These alert types are for SSLv3 and TLSv1 *)
+  SSL_AD_CLOSE_NOTIFY = SSL3_AD_CLOSE_NOTIFY;
+  (* fatal *)
+  SSL_AD_UNEXPECTED_MESSAGE = SSL3_AD_UNEXPECTED_MESSAGE;
+  (* fatal *)
+  SSL_AD_BAD_RECORD_MAC = SSL3_AD_BAD_RECORD_MAC;
+  SSL_AD_DECRYPTION_FAILED = TLS1_AD_DECRYPTION_FAILED;
+  SSL_AD_RECORD_OVERFLOW = TLS1_AD_RECORD_OVERFLOW;
+  (* fatal *)
+  SSL_AD_DECOMPRESSION_FAILURE = SSL3_AD_DECOMPRESSION_FAILURE;
+  (* fatal *)
+  SSL_AD_HANDSHAKE_FAILURE = SSL3_AD_HANDSHAKE_FAILURE;
+  (* Not for TLS *)
+  SSL_AD_NO_CERTIFICATE = SSL3_AD_NO_CERTIFICATE;
+  SSL_AD_BAD_CERTIFICATE = SSL3_AD_BAD_CERTIFICATE;
+  SSL_AD_UNSUPPORTED_CERTIFICATE = SSL3_AD_UNSUPPORTED_CERTIFICATE;
+  SSL_AD_CERTIFICATE_REVOKED = SSL3_AD_CERTIFICATE_REVOKED;
+  SSL_AD_CERTIFICATE_EXPIRED = SSL3_AD_CERTIFICATE_EXPIRED;
+  SSL_AD_CERTIFICATE_UNKNOWN = SSL3_AD_CERTIFICATE_UNKNOWN;
+  (* fatal *)
+  SSL_AD_ILLEGAL_PARAMETER = SSL3_AD_ILLEGAL_PARAMETER;
+  (* fatal *)
+  SSL_AD_UNKNOWN_CA = TLS1_AD_UNKNOWN_CA;
+  (* fatal *)
+  SSL_AD_ACCESS_DENIED = TLS1_AD_ACCESS_DENIED;
+  (* fatal *)
+  SSL_AD_DECODE_ERROR = TLS1_AD_DECODE_ERROR;
+  SSL_AD_DECRYPT_ERROR = TLS1_AD_DECRYPT_ERROR;
+  (* fatal *)
+  SSL_AD_EXPORT_RESTRICTION = TLS1_AD_EXPORT_RESTRICTION;
+  (* fatal *)
+  SSL_AD_PROTOCOL_VERSION = TLS1_AD_PROTOCOL_VERSION;
+  (* fatal *)
+  SSL_AD_INSUFFICIENT_SECURITY = TLS1_AD_INSUFFICIENT_SECURITY;
+  (* fatal *)
+  SSL_AD_INTERNAL_ERROR = TLS1_AD_INTERNAL_ERROR;
+  SSL_AD_USER_CANCELLED = TLS1_AD_USER_CANCELLED;
+  SSL_AD_NO_RENEGOTIATION = TLS1_AD_NO_RENEGOTIATION;
+  SSL_AD_MISSING_EXTENSION = TLS13_AD_MISSING_EXTENSION;
+  SSL_AD_CERTIFICATE_REQUIRED = TLS13_AD_CERTIFICATE_REQUIRED;
+  SSL_AD_UNSUPPORTED_EXTENSION = TLS1_AD_UNSUPPORTED_EXTENSION;
+  SSL_AD_CERTIFICATE_UNOBTAINABLE = TLS1_AD_CERTIFICATE_UNOBTAINABLE;
+  SSL_AD_UNRECOGNIZED_NAME = TLS1_AD_UNRECOGNIZED_NAME;
+  SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE = TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE;
+  SSL_AD_BAD_CERTIFICATE_HASH_VALUE = TLS1_AD_BAD_CERTIFICATE_HASH_VALUE;
+  (* fatal *)
+  SSL_AD_UNKNOWN_PSK_IDENTITY = TLS1_AD_UNKNOWN_PSK_IDENTITY;
+  (* fatal *)
+  SSL_AD_INAPPROPRIATE_FALLBACK = TLS1_AD_INAPPROPRIATE_FALLBACK;
+  SSL_AD_NO_APPLICATION_PROTOCOL = TLS1_AD_NO_APPLICATION_PROTOCOL;
+  SSL_ERROR_NONE = 0;
+  SSL_ERROR_SSL = 1;
+  SSL_ERROR_WANT_READ = 2;
+  SSL_ERROR_WANT_WRITE = 3;
+  SSL_ERROR_WANT_X509_LOOKUP = 4;
+  SSL_ERROR_SYSCALL = 5; (* look at error stack/return
+                          * value/errno *)
+  SSL_ERROR_ZERO_RETURN = 6;
+  SSL_ERROR_WANT_CONNECT = 7;
+  SSL_ERROR_WANT_ACCEPT = 8;
+  SSL_ERROR_WANT_ASYNC = 9;
+  SSL_ERROR_WANT_ASYNC_JOB = 10;
+  SSL_ERROR_WANT_CLIENT_HELLO_CB = 11;
+  SSL_CTRL_SET_TMP_DH = 3;
+  SSL_CTRL_SET_TMP_ECDH = 4;
+  SSL_CTRL_SET_TMP_DH_CB = 6;
+  SSL_CTRL_GET_CLIENT_CERT_REQUEST = 9;
+  SSL_CTRL_GET_NUM_RENEGOTIATIONS = 10;
+  SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS = 11;
+  SSL_CTRL_GET_TOTAL_RENEGOTIATIONS = 12;
+  SSL_CTRL_GET_FLAGS = 13;
+  SSL_CTRL_EXTRA_CHAIN_CERT = 14;
+  SSL_CTRL_SET_MSG_CALLBACK = 15;
+  SSL_CTRL_SET_MSG_CALLBACK_ARG = 16;
+  (* only applies to datagram connections *)
+  SSL_CTRL_SET_MTU = 17;
+  (* Stats *)
+  SSL_CTRL_SESS_NUMBER = 20;
+  SSL_CTRL_SESS_CONNECT = 21;
+  SSL_CTRL_SESS_CONNECT_GOOD = 22;
+  SSL_CTRL_SESS_CONNECT_RENEGOTIATE = 23;
+  SSL_CTRL_SESS_ACCEPT = 24;
+  SSL_CTRL_SESS_ACCEPT_GOOD = 25;
+  SSL_CTRL_SESS_ACCEPT_RENEGOTIATE = 26;
+  SSL_CTRL_SESS_HIT = 27;
+  SSL_CTRL_SESS_CB_HIT = 28;
+  SSL_CTRL_SESS_MISSES = 29;
+  SSL_CTRL_SESS_TIMEOUTS = 30;
+  SSL_CTRL_SESS_CACHE_FULL = 31;
+  SSL_CTRL_MODE = 33;
+  SSL_CTRL_GET_READ_AHEAD = 40;
+  SSL_CTRL_SET_READ_AHEAD = 41;
+  SSL_CTRL_SET_SESS_CACHE_SIZE = 42;
+  SSL_CTRL_GET_SESS_CACHE_SIZE = 43;
+  SSL_CTRL_SET_SESS_CACHE_MODE = 44;
+  SSL_CTRL_GET_SESS_CACHE_MODE = 45;
+  SSL_CTRL_GET_MAX_CERT_LIST = 50;
+  SSL_CTRL_SET_MAX_CERT_LIST = 51;
+  SSL_CTRL_SET_MAX_SEND_FRAGMENT = 52;
+  (* see tls1.h for macros based on these *)
+  SSL_CTRL_SET_TLSEXT_SERVERNAME_CB = 53;
+  SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG = 54;
+  SSL_CTRL_SET_TLSEXT_HOSTNAME = 55;
+  SSL_CTRL_SET_TLSEXT_DEBUG_CB = 56;
+  SSL_CTRL_SET_TLSEXT_DEBUG_ARG = 57;
+  SSL_CTRL_GET_TLSEXT_TICKET_KEYS = 58;
+  SSL_CTRL_SET_TLSEXT_TICKET_KEYS = 59;
+  SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB = 63;
+  SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG = 64;
+  SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE = 65;
+  SSL_CTRL_GET_TLSEXT_STATUS_REQ_EXTS = 66;
+  SSL_CTRL_SET_TLSEXT_STATUS_REQ_EXTS = 67;
+  SSL_CTRL_GET_TLSEXT_STATUS_REQ_IDS = 68;
+  SSL_CTRL_SET_TLSEXT_STATUS_REQ_IDS = 69;
+  SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP = 70;
+  SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP = 71;
+  SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB = 72;
+  SSL_CTRL_SET_TLS_EXT_SRP_USERNAME_CB = 75;
+  SSL_CTRL_SET_SRP_VERIFY_PARAM_CB = 76;
+  SSL_CTRL_SET_SRP_GIVE_CLIENT_PWD_CB = 77;
+  SSL_CTRL_SET_SRP_ARG = 78;
+  SSL_CTRL_SET_TLS_EXT_SRP_USERNAME = 79;
+  SSL_CTRL_SET_TLS_EXT_SRP_STRENGTH = 80;
+  SSL_CTRL_SET_TLS_EXT_SRP_PASSWORD = 81;
+  SSL_CTRL_DTLS_EXT_SEND_HEARTBEAT = 85;
+  SSL_CTRL_GET_DTLS_EXT_HEARTBEAT_PENDING = 86;
+  SSL_CTRL_SET_DTLS_EXT_HEARTBEAT_NO_REQUESTS = 87;
+  DTLS_CTRL_GET_TIMEOUT = 73;
+  DTLS_CTRL_HANDLE_TIMEOUT = 74;
+  SSL_CTRL_GET_RI_SUPPORT = 76;
+  SSL_CTRL_CLEAR_MODE = 78;
+  SSL_CTRL_SET_NOT_RESUMABLE_SESS_CB = 79;
+  SSL_CTRL_GET_EXTRA_CHAIN_CERTS = 82;
+  SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS = 83;
+  SSL_CTRL_CHAIN = 88;
+  SSL_CTRL_CHAIN_CERT = 89;
+  SSL_CTRL_GET_GROUPS = 90;
+  SSL_CTRL_SET_GROUPS = 91;
+  SSL_CTRL_SET_GROUPS_LIST = 92;
+  SSL_CTRL_GET_SHARED_GROUP = 93;
+  SSL_CTRL_SET_SIGALGS = 97;
+  SSL_CTRL_SET_SIGALGS_LIST = 98;
+  SSL_CTRL_CERT_FLAGS = 99;
+  SSL_CTRL_CLEAR_CERT_FLAGS = 100;
+  SSL_CTRL_SET_CLIENT_SIGALGS = 101;
+  SSL_CTRL_SET_CLIENT_SIGALGS_LIST = 102;
+  SSL_CTRL_GET_CLIENT_CERT_TYPES = 103;
+  SSL_CTRL_SET_CLIENT_CERT_TYPES = 104;
+  SSL_CTRL_BUILD_CERT_CHAIN = 105;
+  SSL_CTRL_SET_VERIFY_CERT_STORE = 106;
+  SSL_CTRL_SET_CHAIN_CERT_STORE = 107;
+  SSL_CTRL_GET_PEER_SIGNATURE_NID = 108;
+  SSL_CTRL_GET_PEER_TMP_KEY = 109;
+  SSL_CTRL_GET_RAW_CIPHERLIST = 110;
+  SSL_CTRL_GET_EC_POINT_FORMATS = 111;
+  SSL_CTRL_GET_CHAIN_CERTS = 115;
+  SSL_CTRL_SELECT_CURRENT_CERT = 116;
+  SSL_CTRL_SET_CURRENT_CERT = 117;
+  SSL_CTRL_SET_DH_AUTO = 118;
+  DTLS_CTRL_SET_LINK_MTU = 120;
+  DTLS_CTRL_GET_LINK_MIN_MTU = 121;
+  SSL_CTRL_GET_EXTMS_SUPPORT = 122;
+  SSL_CTRL_SET_MIN_PROTO_VERSION = 123;
+  SSL_CTRL_SET_MAX_PROTO_VERSION = 124;
+  SSL_CTRL_SET_SPLIT_SEND_FRAGMENT = 125;
+  SSL_CTRL_SET_MAX_PIPELINES = 126;
+  SSL_CTRL_GET_TLSEXT_STATUS_REQ_TYPE = 127;
+  SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB = 128;
+  SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB_ARG = 129;
+  SSL_CTRL_GET_MIN_PROTO_VERSION = 130;
+  SSL_CTRL_GET_MAX_PROTO_VERSION = 131;
+  SSL_CTRL_GET_SIGNATURE_NID = 132;
+  SSL_CTRL_GET_TMP_KEY = 133;
+  SSL_CERT_SET_FIRST = 1;
+  SSL_CERT_SET_NEXT = 2;
+  SSL_CERT_SET_SERVER = 3;
+
+  (*
+   * The following symbol names are old and obsolete. They are kept
+   * for compatibility reasons only and should not be used anymore.
+   *)
+  SSL_CTRL_GET_CURVES = SSL_CTRL_GET_GROUPS;
+  SSL_CTRL_SET_CURVES = SSL_CTRL_SET_GROUPS;
+  SSL_CTRL_SET_CURVES_LIST = SSL_CTRL_SET_GROUPS_LIST;
+  SSL_CTRL_GET_SHARED_CURVE = SSL_CTRL_GET_SHARED_GROUP;
+  
+//  SSL_get1_curves = SSL_get1_groups;
+//  SSL_CTX_set1_curves = SSL_CTX_set1_groups;
+//  SSL_CTX_set1_curves_list = SSL_CTX_set1_groups_list;
+//  SSL_set1_curves = SSL_set1_groups;
+//  SSL_set1_curves_list = SSL_set1_groups_list;
+//  SSL_get_shared_curve = SSL_get_shared_group;
+
+  (* serverinfo file format versions *)
+  SSL_SERVERINFOV1 = 1;
+  SSL_SERVERINFOV2 = 2;
+
+  SSL_CLIENT_HELLO_SUCCESS = 1;
+  SSL_CLIENT_HELLO_ERROR = 0;
+  SSL_CLIENT_HELLO_RETRY = -1;
+
+  SSL_READ_EARLY_DATA_ERROR = 0;
+  SSL_READ_EARLY_DATA_SUCCESS = 1;
+  SSL_READ_EARLY_DATA_FINISH = 2;
+
+  SSL_EARLY_DATA_NOT_SENT = 0;
+  SSL_EARLY_DATA_REJECTED = 1;
+  SSL_EARLY_DATA_ACCEPTED = 2;
+
+  //SSLv23_method = TLS_method;
+  //SSLv23_server_method = TLS_server_method;
+  //SSLv23_client_method = TLS_client_method;
+
+  (* What the 'other' parameter contains &in security callback *)
+  (* Mask for type *)
+  SSL_SECOP_OTHER_TYPE = $ffff0000;
+  SSL_SECOP_OTHER_NONE = 0;
+  SSL_SECOP_OTHER_CIPHER = (1 shl 16);
+  SSL_SECOP_OTHER_CURVE = (2 shl 16);
+  SSL_SECOP_OTHER_DH = (3 shl 16);
+  SSL_SECOP_OTHER_PKEY = (4 shl 16);
+  SSL_SECOP_OTHER_SIGALG = (5 shl 16);
+  SSL_SECOP_OTHER_CERT = (6 shl 16);
+
+  (* Indicated operation refers to peer key or certificate *)
+  SSL_SECOP_PEER = $1000;
+
+  (* Values for "op" parameter in security callback *)
+
+  (* Called to filter ciphers *)
+  (* Ciphers client supports *)
+  SSL_SECOP_CIPHER_SUPPORTED = 1 or SSL_SECOP_OTHER_CIPHER;
+  (* Cipher shared by client/server *)
+  SSL_SECOP_CIPHER_SHARED = 2 or SSL_SECOP_OTHER_CIPHER;
+  (* Sanity check of cipher server selects *)
+  SSL_SECOP_CIPHER_CHECK = 3 or SSL_SECOP_OTHER_CIPHER;
+  (* Curves supported by client *)
+  SSL_SECOP_CURVE_SUPPORTED = 4 or SSL_SECOP_OTHER_CURVE;
+  (* Curves shared by client/server *)
+  SSL_SECOP_CURVE_SHARED = 5 or SSL_SECOP_OTHER_CURVE;
+  (* Sanity check of curve server selects *)
+  SSL_SECOP_CURVE_CHECK = 6 or SSL_SECOP_OTHER_CURVE;
+  (* Temporary DH key *)
+  SSL_SECOP_TMP_DH = 7 or SSL_SECOP_OTHER_PKEY;
+  (* SSL/TLS version *)
+  SSL_SECOP_VERSION = 9 or SSL_SECOP_OTHER_NONE;
+  (* Session tickets *)
+  SSL_SECOP_TICKET = 10 or SSL_SECOP_OTHER_NONE;
+  (* Supported signature algorithms sent to peer *)
+  SSL_SECOP_SIGALG_SUPPORTED = 11 or SSL_SECOP_OTHER_SIGALG;
+  (* Shared signature algorithm *)
+  SSL_SECOP_SIGALG_SHARED = 12 or SSL_SECOP_OTHER_SIGALG;
+  (* Sanity check signature algorithm allowed *)
+  SSL_SECOP_SIGALG_CHECK = 13 or SSL_SECOP_OTHER_SIGALG;
+  (* Used to get mask of supported public key signature algorithms *)
+  SSL_SECOP_SIGALG_MASK = 14 or SSL_SECOP_OTHER_SIGALG;
+  (* Use to see if compression is allowed *)
+  SSL_SECOP_COMPRESSION = 15 or SSL_SECOP_OTHER_NONE;
+  (* EE key in certificate *)
+  SSL_SECOP_EE_KEY = 16 or SSL_SECOP_OTHER_CERT;
+  (* CA key in certificate *)
+  SSL_SECOP_CA_KEY = 17 or SSL_SECOP_OTHER_CERT;
+  (* CA digest algorithm in certificate *)
+  SSL_SECOP_CA_MD = 18 or SSL_SECOP_OTHER_CERT;
+  (* Peer EE key in certificate *)
+  SSL_SECOP_PEER_EE_KEY = SSL_SECOP_EE_KEY or SSL_SECOP_PEER;
+  (* Peer CA key in certificate *)
+  SSL_SECOP_PEER_CA_KEY = SSL_SECOP_CA_KEY or SSL_SECOP_PEER;
+  (* Peer CA digest algorithm in certificate *)
+  SSL_SECOP_PEER_CA_MD = SSL_SECOP_CA_MD or SSL_SECOP_PEER;
+
+  (* OPENSSL_INIT flag 0x010000 reserved for internal use *)
+  OPENSSL_INIT_NO_LOAD_SSL_STRINGS = TIdC_LONG($00100000);
+  OPENSSL_INIT_LOAD_SSL_STRINGS = TIdC_LONG($00200000);
+  OPENSSL_INIT_SSL_DEFAULT = OPENSSL_INIT_LOAD_SSL_STRINGS or OPENSSL_INIT_LOAD_CRYPTO_STRINGS;
+
+  (* Support for ticket appdata *)
+  (* fatal error, malloc failure *)
+  SSL_TICKET_FATAL_ERR_MALLOC = 0;
+  (* fatal error, either from parsing or decrypting the ticket *)
+  SSL_TICKET_FATAL_ERR_OTHER = 1;
+  (* No ticket present *)
+  SSL_TICKET_NONE = 2;
+  (* Empty ticket present *)
+  SSL_TICKET_EMPTY = 3;
+  (* the ticket couldn't be decrypted *)
+  SSL_TICKET_NO_DECRYPT = 4;
+  (* a ticket was successfully decrypted *)
+  SSL_TICKET_SUCCESS = 5;
+  (* same as above but the ticket needs to be renewed *)
+  SSL_TICKET_SUCCESS_RENEW = 6;
+
+  (* An error occurred *)
+  SSL_TICKET_RETURN_ABORT = 0;
+  (* Do not use the ticket, do not send a renewed ticket to the client *)
+  SSL_TICKET_RETURN_IGNORE = 1;
+  (* Do not use the ticket, send a renewed ticket to the client *)
+  SSL_TICKET_RETURN_IGNORE_RENEW = 2;
+  (* Use the ticket, do not send a renewed ticket to the client *)
+  SSL_TICKET_RETURN_USE = 3;
+  (* Use the ticket, send a renewed ticket to the client *)
+  SSL_TICKET_RETURN_USE_RENEW = 4;
+
+type
+  (*
+   * This is needed to stop compilers complaining about the 'struct ssl_st *'
+   * function parameters used to prototype callbacks in SSL_CTX.
+   *)
+  ssl_crock_st = ^ssl_st;
+  TLS_SESSION_TICKET_EXT = tls_session_ticket_ext_st;
+  ssl_method_st = type Pointer;
+  SSL_METHOD = ssl_method_st;
+  PSSL_METHOD = ^SSL_METHOD;
+  ssl_session_st = type Pointer;
+  SSL_CIPHER = ssl_session_st;
+  PSSL_CIPHER = ^SSL_CIPHER;
+  SSL_SESSION = ssl_session_st;
+  PSSL_SESSION = ^SSL_SESSION;
+  PPSSL_SESSION = ^PSSL_SESSION;
+  tls_sigalgs_st = type Pointer;
+  TLS_SIGALGS = tls_sigalgs_st;
+  ssl_conf_ctx_st = type Pointer;
+  SSL_CONF_CTX = ssl_conf_ctx_st;
+  PSSL_CONF_CTX = ^SSL_CONF_CTX;
+  ssl_comp_st = type Pointer;
+  SSL_COMP = ssl_comp_st;
+
+  //STACK_OF(SSL_CIPHER);
+  //STACK_OF(SSL_COMP);
+
+  (* SRTP protection profiles for use with the use_srtp extension (RFC 5764)*)
+  srtp_protection_profile_st = record
+    name: PIdAnsiChar;
+    id: TIdC_ULONG;
+  end;
+  SRTP_PROTECTION_PROFILE = srtp_protection_profile_st;
+  PSRTP_PROTECTION_PROFILE = ^SRTP_PROTECTION_PROFILE;
+
+  //DEFINE_STACK_OF(SRTP_PROTECTION_PROFILE)
+
+  (* Typedefs for handling custom extensions *)
+  custom_ext_add_cb = function (s: PSSL; ext_type: TIdC_UINT; const &out: PByte; outlen: PIdC_SIZET; al: PIdC_INT; add_arg: Pointer): TIdC_INT; cdecl;
+  custom_ext_free_cb = procedure (s: PSSL; ext_type: TIdC_UINT; const &out: PByte; add_arg: Pointer); cdecl;
+  custom_ext_parse_cb = function (s: PSSL; ext_type: TIdC_UINT; const &in: PByte; inlen: TIdC_SIZET; al: PIdC_INT; parse_arg: Pointer): TIdC_INT; cdecl;
+
+  SSL_custom_ext_add_cb_ex = function (s: PSSL; ext_type: TIdC_UINT; context: TIdC_UINT; const &out: PByte; outlen: PIdC_SIZET; x: Px509; chainidx: TIdC_SIZET; al: PIdC_INT; add_arg: Pointer): TIdC_INT; cdecl;
+  SSL_custom_ext_free_cb_ex = procedure (s: PSSL; ext_type: TIdC_UINT; context: TIdC_UINT; const &out: PByte; add_arg: Pointer); cdecl;
+  SSL_custom_ext_parse_cb_ex = function (s: PSSL; ext_type: TIdC_UINT; context: TIdC_UINT; const &in: PByte; inlen: TIdC_SIZET; x: Px509; chainidx: TIdC_SIZET; al: PIdC_INT; parse_arg: Pointer): TIdC_INT; cdecl;
+
+  (* Typedef for verification callback *)
+  SSL_verify_cb = function (preverify_ok: TIdC_INT; x509_ctx: PX509_STORE_CTX): TIdC_INT; cdecl;
+
+  tls_session_ticket_ext_cb_fn = function (s: PSSL; const data: PByte; len: TIdC_INT; arg: Pointer): TIdC_INT; cdecl;
+
+  (*
+   * This callback type is used inside SSL_CTX, SSL, and &in the functions that
+   * set them. It is used to override the generation of SSL/TLS session IDs &in
+   * a server. Return value should be zero on an error, non-zero to proceed.
+   * Also, callbacks should themselves check if the id they generate is unique
+   * otherwise the SSL handshake will fail with an error - callbacks can do
+   * this using the 'ssl' value they're passed by;
+   * SSL_has_matching_session_id(ssl, id, *id_len) The length value passed &in
+   * is set at the maximum size the session ID can be. &in SSLv3/TLSv1 it is 32
+   * bytes. The callback can alter this length to be less if desired. It is
+   * also an error for the callback to set the size to zero.
+   *)
+  GEN_SESSION_CB = function (ssl: PSSL; id: PByte; id_len: PIdC_UINT): TIdC_INT; cdecl;
+
+  SSL_CTX_info_callback = procedure (const ssl: PSSL; &type: TIdC_INT; val: TIdC_INT); cdecl;
+  SSL_CTX_client_cert_cb = function (ssl: PSSL; x509: PPx509; pkey: PPEVP_PKEY): TIdC_INT; cdecl;
+
+  SSL_CTX_cookie_verify_cb = function (ssl: PSSL; cookie: PByte; cookie_len: PIdC_UINT): TIdC_INT; cdecl;
+  SSL_CTX_set_cookie_verify_cb_app_verify_cookie_cb = function (ssl: PSSL; const cookie: PByte; cookie_len: TIdC_UINT): TIdC_INT; cdecl;
+  SSL_CTX_set_stateless_cookie_generate_cb_gen_stateless_cookie_cb = function (ssl: PSSL; cookie: PByte; cookie_len: PIdC_SIZET): TIdC_INT; cdecl;
+  SSL_CTX_set_stateless_cookie_verify_cb_verify_stateless_cookie_cb = function (ssl: PSSL; const cookie: PByte; cookie_len: TIdC_SIZET): TIdC_INT; cdecl;
+
+  SSL_CTX_alpn_select_cb_func = function (ssl: PSSL; const &out: PPByte; outlen: PByte; const &in: PByte; inlen: TIdC_UINT; arg: Pointer): TIdC_INT; cdecl;
+  SSL_psk_client_cb_func = function (ssl: PSSL; const hint: PIdAnsiChar; identity: PIdAnsiChar; max_identity_len: TIdC_UINT; psk: PByte; max_psk_len: TIdC_UINT): TIdC_UINT; cdecl;
+  SSL_psk_server_cb_func = function (ssl: PSSL; const identity: PIdAnsiChar; psk: PByte; max_psk_len: TIdC_UINT): TIdC_UINT; cdecl;
+  SSL_psk_find_session_cb_func = function (ssl: PSSL; const identity: PByte; identity_len: TIdC_SIZET; sess: PPSSL_SESSION): TIdC_INT; cdecl;
+  SSL_psk_use_session_cb_func = function (ssl: PSSL; const md: PEVP_MD; const id: PPByte; idlen: PIdC_SIZET; sess: PPSSL_SESSION): TIdC_INT; cdecl;
+
+  (*
+   * A callback for logging out TLS key material. This callback should log out
+   * |line| followed by a newline.
+   *)
+  SSL_CTX_keylog_cb_func = procedure(const ssl: PSSL; const line: PIdAnsiChar); cdecl;
+
+  (*
+   * The valid handshake states (one for each type message sent and one for each
+   * type of message received). There are also two "special" states:
+   * TLS = TLS or DTLS state
+   * DTLS = DTLS specific state
+   * CR/SR = Client Read/Server Read
+   * CW/SW = Client Write/Server Write
+   *
+   * The "special" states are:
+   * TLS_ST_BEFORE = No handshake has been initiated yet
+   * TLS_ST_OK = A handshake has been successfully completed
+   *)
+  TLS_ST_OK = (
+    DTLS_ST_CR_HELLO_VERIFY_REQUEST,
+    TLS_ST_CR_SRVR_HELLO,
+    TLS_ST_CR_CERT,
+    TLS_ST_CR_CERT_STATUS,
+    TLS_ST_CR_KEY_EXCH,
+    TLS_ST_CR_CERT_REQ,
+    TLS_ST_CR_SRVR_DONE,
+    TLS_ST_CR_SESSION_TICKET,
+    TLS_ST_CR_CHANGE,
+    TLS_ST_CR_FINISHED,
+    TLS_ST_CW_CLNT_HELLO,
+    TLS_ST_CW_CERT,
+    TLS_ST_CW_KEY_EXCH,
+    TLS_ST_CW_CERT_VRFY,
+    TLS_ST_CW_CHANGE,
+    TLS_ST_CW_NEXT_PROTO,
+    TLS_ST_CW_FINISHED,
+    TLS_ST_SW_HELLO_REQ,
+    TLS_ST_SR_CLNT_HELLO,
+    DTLS_ST_SW_HELLO_VERIFY_REQUEST,
+    TLS_ST_SW_SRVR_HELLO,
+    TLS_ST_SW_CERT,
+    TLS_ST_SW_KEY_EXCH,
+    TLS_ST_SW_CERT_REQ,
+    TLS_ST_SW_SRVR_DONE,
+    TLS_ST_SR_CERT,
+    TLS_ST_SR_KEY_EXCH,
+    TLS_ST_SR_CERT_VRFY,
+    TLS_ST_SR_NEXT_PROTO,
+    TLS_ST_SR_CHANGE,
+    TLS_ST_SR_FINISHED,
+    TLS_ST_SW_SESSION_TICKET,
+    TLS_ST_SW_CERT_STATUS,
+    TLS_ST_SW_CHANGE,
+    TLS_ST_SW_FINISHED,
+    TLS_ST_SW_ENCRYPTED_EXTENSIONS,
+    TLS_ST_CR_ENCRYPTED_EXTENSIONS,
+    TLS_ST_CR_CERT_VRFY,
+    TLS_ST_SW_CERT_VRFY,
+    TLS_ST_CR_HELLO_REQ,
+    TLS_ST_SW_KEY_UPDATE,
+    TLS_ST_CW_KEY_UPDATE,
+    TLS_ST_SR_KEY_UPDATE,
+    TLS_ST_CR_KEY_UPDATE,
+    TLS_ST_EARLY_DATA,
+    TLS_ST_PENDING_EARLY_DATA_END,
+    TLS_ST_CW_END_OF_EARLY_DATA
+  );
+  OSSL_HANDSHAKE_STATE = TLS_ST_OK;
+
+  SSL_CTX_set_cert_verify_callback_cb = function (v1: PX509_STORE_CTX; v2: Pointer): TIdC_INT; cdecl;
+  SSL_CTX_set_cert_cb_cb = function (ssl: PSSL; arg: Pointer): TIdC_INT; cdecl;
+
+  SSL_CTX_set_srp_client_pwd_callback_cb = function (v1: PSSL; v2: Pointer): PIdAnsiChar; cdecl;
+  SSL_CTX_set_srp_verify_param_callback_cb = function (v1: PSSL; v2: Pointer): TIdC_INT; cdecl;
+  SSL_CTX_set_srp_username_callback_cb = function (v1: PSSL; v2: PIdC_INT; v3: Pointer): TIdC_INT; cdecl;
+  SSL_client_hello_cb_fn = function (s: PSSL; al: PIdC_INT; arg: Pointer): TIdC_INT; cdecl;
+  SSL_callback_ctrl_v3 = procedure; cdecl;
+  SSL_CTX_callback_ctrl_v3 = procedure; cdecl;
+  SSL_info_callback = procedure (const ssl: PSSL; &type: TIdC_INT; val: TIdC_INT); cdecl;
+
+  (* NB: the |keylength| is only applicable when is_export is true *)
+  SSL_CTX_set_tmp_dh_callback_dh = function (ssl: PSSL; is_export: TIdC_INT; keylength: TIdC_INT): PDH; cdecl;
+  SSL_set_tmp_dh_callback_dh = function (ssl: PSSL; is_export: TIdC_INT; keylength: TIdC_INT): PDH; cdecl;
+  SSL_CTX_set_not_resumable_session_callback_cb = function (ssl: PSSL; is_forward_secure: TIdC_INT): TIdC_INT; cdecl;
+  SSL_set_not_resumable_session_callback_cb = function (ssl: PSSL; is_forward_secure: TIdC_INT): TIdC_INT; cdecl;
+  SSL_CTX_set_record_padding_callback_cb = function (ssl: PSSL; &type: TIdC_INT; len: TIdC_SIZET; arg: Pointer): TIdC_SIZET; cdecl;
+  SSL_set_record_padding_callback_cb = function (ssl: PSSL; &type: TIdC_INT; len: TIdC_SIZET; arg: Pointer): TIdC_SIZET; cdecl;
+  
+  (*
+   * The validation type enumerates the available behaviours of the built-in SSL
+   * CT validation callback selected via SSL_enable_ct() and SSL_CTX_enable_ct().
+   * The underlying callback is a static function in libssl.
+   *)
+  SSL_CT_VALIDATION = (         
+    SSL_CT_VALIDATION_PERMISSIVE = 0,
+    SSL_CT_VALIDATION_STRICT
+  );
+  SSL_security_callback = function (const s: PSSL; const ctx: PSSL_CTX; op: TIdC_INT; bits: TIdC_INT; nid: TIdC_INT; other: Pointer; ex: Pointer): TIdC_INT; cdecl;
+
+  (* Status codes passed to the decrypt session ticket callback. Some of these
+   * are for internal use only and are never passed to the callback. *)
+  SSL_TICKET_STATUS = TIdC_INT;
+  SSL_TICKET_RETURN = TIdC_INT;
+
+  SSL_CTX_generate_session_ticket_fn = function(s: PSSL; arg: Pointer): TIdC_INT; cdecl;
+
+  SSL_CTX_decrypt_session_ticket_fn = function (s: PSSL; ss: PSSL_SESSION; const keyname: PByte; keyname_length: TIdC_SIZET; status: SSL_TICKET_STATUS; arg: Pointer): SSL_TICKET_RETURN; cdecl;
+
+  DTLS_timer_cb = function(s: PSSL; timer_us: TIdC_UINT): TIdC_UINT; cdecl;
+  SSL_allow_early_data_cb_fn = function(s: PSSL; arg: Pointer): TIdC_INT; cdecl;
+
+  SSL_CTX_sess_new_cb = function (ssl: PSSL; sess: PSSL_SESSION): TIdC_INT; cdecl;
+
+  SSL_CTX_sess_remove_cb = procedure(ctx: PSSL_CTX; sess: PSSL_SESSION); cdecl;
+
+{$REGION 'C compiler macros'}
+function SSL_CTX_set_mode(ctx: PSSL_CTX; op: TIdC_LONG): TIdC_LONG;
+function SSL_CTX_clear_mode(ctx: PSSL_CTX; op: TIdC_LONG): TIdC_LONG;
+
+function SSL_CTX_sess_set_cache_size(ctx: PSSL_CTX; t: TIdC_LONG): TIdC_LONG;
+function SSL_CTX_sess_get_cache_size(ctx: PSSL_CTX): TIdC_LONG;
+function SSL_CTX_set_session_cache_mode(ctx: PSSL_CTX; m: TIdC_LONG): TIdC_LONG;
+function SSL_CTX_get_session_cache_mode(ctx: PSSL_CTX): TIdC_LONG;
+
+function SSL_num_renegotiations(ssl: PSSL): TIdC_LONG;
+function SSL_clear_num_renegotiations(ssl: PSSL): TIdC_LONG;
+function SSL_total_renegotiations(ssl: PSSL): TIdC_LONG;
+function SSL_CTX_set_tmp_dh(ctx: PSSL_CTX; dh: PByte): TIdC_LONG;
+function SSL_CTX_set_tmp_ecdh(ctx: PSSL_CTX; ecdh: PByte): TIdC_LONG;
+function SSL_CTX_set_dh_auto(ctx: PSSL_CTX; onoff: TIdC_LONG): TIdC_LONG;
+function SSL_set_dh_auto(s: PSSL; onoff: TIdC_LONG): TIdC_LONG;
+function SSL_set_tmp_dh(ssl: PSSL; dh: PByte): TIdC_LONG;
+function SSL_set_tmp_ecdh(ssl: PSSL; ecdh: PByte): TIdC_LONG;
+function SSL_CTX_add_extra_chain_cert(ctx: PSSL_CTX; x509: PByte): TIdC_LONG;
+function SSL_CTX_get_extra_chain_certs(ctx: PSSL_CTX; px509: Pointer): TIdC_LONG;
+function SSL_CTX_get_extra_chain_certs_only(ctx: PSSL_CTX; px509: Pointer): TIdC_LONG;
+function SSL_CTX_clear_extra_chain_certs(ctx: PSSL_CTX): TIdC_LONG;
+function SSL_CTX_set0_chain(ctx: PSSL_CTX; sk: PByte): TIdC_LONG;
+function SSL_CTX_set1_chain(ctx: PSSL_CTX; sk: PByte): TIdC_LONG;
+function SSL_CTX_add0_chain_cert(ctx: PSSL_CTX; x509: PByte): TIdC_LONG;
+function SSL_CTX_add1_chain_cert(ctx: PSSL_CTX; x509: PByte): TIdC_LONG;
+function SSL_CTX_get0_chain_certs(ctx: PSSL_CTX; px509: Pointer): TIdC_LONG;
+function SSL_CTX_clear_chain_certs(ctx: PSSL_CTX): TIdC_LONG;
+function SSL_CTX_build_cert_chain(ctx: PSSL_CTX; flags: TIdC_LONG): TIdC_LONG;
+function SSL_CTX_select_current_cert(ctx: PSSL_CTX; x509: PByte): TIdC_LONG;
+function SSL_CTX_set_current_cert(ctx: PSSL_CTX; op: TIdC_LONG): TIdC_LONG;
+function SSL_CTX_set0_verify_cert_store(ctx: PSSL_CTX; st: Pointer): TIdC_LONG;
+function SSL_CTX_set1_verify_cert_store(ctx: PSSL_CTX; st: Pointer): TIdC_LONG;
+function SSL_CTX_set0_chain_cert_store(ctx: PSSL_CTX; st: Pointer): TIdC_LONG;
+function SSL_CTX_set1_chain_cert_store(ctx: PSSL_CTX; st: Pointer): TIdC_LONG;
+function SSL_set0_chain(s: PSSL; sk: PByte): TIdC_LONG;
+function SSL_set1_chain(s: PSSL; sk: PByte): TIdC_LONG;
+function SSL_add0_chain_cert(s: PSSL; x509: PByte): TIdC_LONG;
+function SSL_add1_chain_cert(s: PSSL; x509: PByte): TIdC_LONG;
+function SSL_get0_chain_certs(s: PSSL; px509: Pointer): TIdC_LONG;
+function SSL_clear_chain_certs(s: PSSL): TIdC_LONG;
+function SSL_build_cert_chain(s: PSSL; flags: TIdC_LONG): TIdC_LONG;
+function SSL_select_current_cert(s: PSSL; x509: PByte): TIdC_LONG;
+function SSL_set_current_cert(s: PSSL; op: TIdC_LONG): TIdC_LONG;
+function SSL_set0_verify_cert_store(s: PSSL; st: PByte): TIdC_LONG;
+function SSL_set1_verify_cert_store(s: PSSL; st: PByte): TIdC_LONG;
+function SSL_set0_chain_cert_store(s: PSSL; st: PByte): TIdC_LONG;
+function SSL_set1_chain_cert_store(s: PSSL; st: PByte): TIdC_LONG;
+function SSL_get1_groups(s: PSSL; glist: PIdC_INT): TIdC_LONG;
+function SSL_CTX_set1_groups(ctx: PSSL_CTX; glist: PByte; glistlen: TIdC_LONG): TIdC_LONG;
+function SSL_CTX_set1_groups_list(ctx: PSSL_CTX; s: PByte): TIdC_LONG;
+function SSL_set1_groups(s: PSSL; glist: PByte; glistlen: TIdC_LONG): TIdC_LONG;
+function SSL_set1_groups_list(s: PSSL; str: PByte): TIdC_LONG;
+function SSL_get_shared_group(s: PSSL; n: TIdC_LONG): TIdC_LONG;
+function SSL_CTX_set1_sigalgs(ctx: PSSL_CTX; slist: PIdC_INT; slistlen: TIdC_LONG): TIdC_LONG;
+function SSL_CTX_set1_sigalgs_list(ctx: PSSL_CTX; s: PByte): TIdC_LONG;
+function SSL_set1_sigalgs(s: PSSL; slist: PIdC_INT; slistlen: TIdC_LONG): TIdC_LONG;
+function SSL_set1_sigalgs_list(s: PSSL; str: PByte): TIdC_LONG;
+function SSL_CTX_set1_client_sigalgs(ctx: PSSL_CTX; slist: PIdC_INT; slistlen: TIdC_LONG): TIdC_LONG;
+function SSL_CTX_set1_client_sigalgs_list(ctx: PSSL_CTX; s: PByte): TIdC_LONG;
+function SSL_set1_client_sigalgs(s: PSSL; slist: PIdC_INT; slistlen: TIdC_LONG): TIdC_LONG;
+function SSL_set1_client_sigalgs_list(s: PSSL; str: PByte): TIdC_LONG;
+function SSL_get0_certificate_types(s: PSSL; clist: PByte): TIdC_LONG;
+function SSL_CTX_set1_client_certificate_types(ctx: PSSL_CTX; clist: PByte; clistlen: TIdC_LONG): TIdC_LONG;
+function SSL_set1_client_certificate_types(s: PSSL; clist: PByte; clistlen: TIdC_LONG): TIdC_LONG;
+function SSL_get_signature_nid(s: PSSL; pn: Pointer): TIdC_LONG;
+function SSL_get_peer_signature_nid(s: PSSL; pn: Pointer): TIdC_LONG;
+function SSL_get_peer_tmp_key(s: PSSL; pk: Pointer): TIdC_LONG;
+function SSL_get_tmp_key(s: PSSL; pk: Pointer): TIdC_LONG;
+function SSL_get0_raw_cipherlist(s: PSSL; plst: Pointer): TIdC_LONG;
+function SSL_get0_ec_point_formats(s: PSSL; plst: Pointer): TIdC_LONG;
+function SSL_CTX_set_min_proto_version(ctx: PSSL_CTX; version: TIdC_LONG): TIdC_LONG;
+function SSL_CTX_set_max_proto_version(ctx: PSSL_CTX; version: TIdC_LONG): TIdC_LONG;
+function SSL_CTX_get_min_proto_version(ctx: PSSL_CTX): TIdC_LONG;
+function SSL_CTX_get_max_proto_version(ctx: PSSL_CTX): TIdC_LONG;
+function SSL_set_min_proto_version(s: PSSL; version: TIdC_LONG): TIdC_LONG;
+function SSL_set_max_proto_version(s: PSSL; version: TIdC_LONG): TIdC_LONG;
+function SSL_get_min_proto_version(s: PSSL): TIdC_LONG;
+function SSL_get_max_proto_version(s: PSSL): TIdC_LONG;
+{$ENDREGION}
+
+  //typedef TIdC_INT (*tls_session_secret_cb_fn)(s: PSSL, void *secret, TIdC_INT *secret_len,
+  //                                        STACK_OF(SSL_CIPHER) *peer_ciphers,
+  //                                        const SSL_CIPHER **cipher, void *arg);
+
+  function SSL_CTX_get_options(const ctx: PSSL_CTX): TIdC_ULONG cdecl; external CLibSSL;
+  function SSL_get_options(const s: PSSL): TIdC_ULONG cdecl; external CLibSSL;
+  function SSL_CTX_clear_options(ctx: PSSL_CTX; op: TIdC_ULONG): TIdC_ULONG cdecl; external CLibSSL;
+  function SSL_clear_options(s: PSSL; op: TIdC_ULONG): TIdC_ULONG cdecl; external CLibSSL;
+  function SSL_CTX_set_options(ctx: PSSL_CTX; op: TIdC_ULONG): TIdC_ULONG cdecl; external CLibSSL;
+  function SSL_set_options(s: PSSL; op: TIdC_ULONG): TIdC_ULONG cdecl; external CLibSSL;
+
+  //# define SSL_CTX_set_mode(ctx,op) \
+  //        SSL_CTX_ctrl((ctx),SSL_CTRL_MODE,(op),NULL)
+  //# define SSL_CTX_clear_mode(ctx,op) \
+  //        SSL_CTX_ctrl((ctx),SSL_CTRL_CLEAR_MODE,(op),NULL)
+  //# define SSL_CTX_get_mode(ctx) \
+  //        SSL_CTX_ctrl((ctx),SSL_CTRL_MODE,0,NULL)
+  //# define SSL_clear_mode(ssl,op) \
+  //        SSL_ctrl((ssl),SSL_CTRL_CLEAR_MODE,(op),NULL)
+  //# define SSL_set_mode(ssl,op) \
+  //        SSL_ctrl((ssl),SSL_CTRL_MODE,(op),NULL)
+  //# define SSL_get_mode(ssl) \
+  //        SSL_ctrl((ssl),SSL_CTRL_MODE,0,NULL)
+  //# define SSL_set_mtu(ssl, mtu) \
+  //        SSL_ctrl((ssl),SSL_CTRL_SET_MTU,(mtu),NULL)
+  //# define DTLS_set_link_mtu(ssl, mtu) \
+  //        SSL_ctrl((ssl),DTLS_CTRL_SET_LINK_MTU,(mtu),NULL)
+  //# define DTLS_get_link_min_mtu(ssl) \
+  //        SSL_ctrl((ssl),DTLS_CTRL_GET_LINK_MIN_MTU,0,NULL)
+  //
+  //# define SSL_get_secure_renegotiation_support(ssl) \
+  //        SSL_ctrl((ssl), SSL_CTRL_GET_RI_SUPPORT, 0, NULL)
+  //
+  //# ifndef OPENSSL_NO_HEARTBEATS
+  //#  define SSL_heartbeat(ssl) \
+  //        SSL_ctrl((ssl),SSL_CTRL_DTLS_EXT_SEND_HEARTBEAT,0,NULL)
+  //# endif
+  //
+  //# define SSL_CTX_set_cert_flags(ctx,op) \
+  //        SSL_CTX_ctrl((ctx),SSL_CTRL_CERT_FLAGS,(op),NULL)
+  //# define SSL_set_cert_flags(s,op) \
+  //        SSL_ctrl((s),SSL_CTRL_CERT_FLAGS,(op),NULL)
+  //# define SSL_CTX_clear_cert_flags(ctx,op) \
+  //        SSL_CTX_ctrl((ctx),SSL_CTRL_CLEAR_CERT_FLAGS,(op),NULL)
+  //# define SSL_clear_cert_flags(s,op) \
+  //        SSL_ctrl((s),SSL_CTRL_CLEAR_CERT_FLAGS,(op),NULL)
+  //
+  //void SSL_CTX_set_msg_callback(ctx: PSSL_CTX,
+  //                              void (*cb) (TIdC_INT write_p, TIdC_INT version,
+  //                                          TIdC_INT content_type, const void *buf,
+  //                                          TIdC_SIZET len, ssl: PSSL, void *arg));
+  //void SSL_set_msg_callback(ssl: PSSL,
+  //                          void (*cb) (TIdC_INT write_p, TIdC_INT version,
+  //                                      TIdC_INT content_type, const void *buf,
+  //                                      TIdC_SIZET len, ssl: PSSL, void *arg));
+  //# define SSL_CTX_set_msg_callback_arg(ctx, arg) SSL_CTX_ctrl((ctx), SSL_CTRL_SET_MSG_CALLBACK_ARG, 0, (arg))
+  //# define SSL_set_msg_callback_arg(ssl, arg) SSL_ctrl((ssl), SSL_CTRL_SET_MSG_CALLBACK_ARG, 0, (arg))
+  //
+  //# define SSL_get_extms_support(s) \
+  //        SSL_ctrl((s),SSL_CTRL_GET_EXTMS_SUPPORT,0,NULL)
+  //
+  //# ifndef OPENSSL_NO_SRP
+
+  ///* see tls_srp.c */
+  //__owur TIdC_INT SSL_SRP_CTX_init(s: PSSL);
+  //__owur TIdC_INT SSL_CTX_SRP_CTX_init(ctx: PSSL_CTX);
+  //TIdC_INT SSL_SRP_CTX_free(SSL *ctx);
+  //TIdC_INT SSL_CTX_SRP_CTX_free(ctx: PSSL_CTX);
+  //__owur TIdC_INT SSL_srp_server_param_with_username(s: PSSL, TIdC_INT *ad);
+  //__owur TIdC_INT SRP_Calc_A_param(s: PSSL);
+
+  // # endif
+
+  // LHASH_OF(SSL_SESSION) *SSL_CTX_sessions(ctx: PSSL_CTX);
+  //# define SSL_CTX_sess_number(ctx) \
+  //        SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_NUMBER,0,NULL)
+  //# define SSL_CTX_sess_connect(ctx) \
+  //        SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CONNECT,0,NULL)
+  //# define SSL_CTX_sess_connect_good(ctx) \
+  //        SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CONNECT_GOOD,0,NULL)
+  //# define SSL_CTX_sess_connect_renegotiate(ctx) \
+  //        SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CONNECT_RENEGOTIATE,0,NULL)
+  //# define SSL_CTX_sess_accept(ctx) \
+  //        SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_ACCEPT,0,NULL)
+  //# define SSL_CTX_sess_accept_renegotiate(ctx) \
+  //        SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_ACCEPT_RENEGOTIATE,0,NULL)
+  //# define SSL_CTX_sess_accept_good(ctx) \
+  //        SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_ACCEPT_GOOD,0,NULL)
+  //# define SSL_CTX_sess_hits(ctx) \
+  //        SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_HIT,0,NULL)
+  //# define SSL_CTX_sess_cb_hits(ctx) \
+  //        SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CB_HIT,0,NULL)
+  //# define SSL_CTX_sess_misses(ctx) \
+  //        SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_MISSES,0,NULL)
+  //# define SSL_CTX_sess_timeouts(ctx) \
+  //        SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_TIMEOUTS,0,NULL)
+  //# define SSL_CTX_sess_cache_full(ctx) \
+  //        SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CACHE_FULL,0,NULL)
+
+  procedure SSL_CTX_sess_set_new_cb(ctx: PSSL_CTX; new_session_cb: SSL_CTX_sess_new_cb) cdecl; external CLibSSL;
+  function SSL_CTX_sess_get_new_cb(ctx: PSSL_CTX): SSL_CTX_sess_new_cb cdecl; external CLibSSL;
+  procedure SSL_CTX_sess_set_remove_cb(ctx: PSSL_CTX; remove_session_cb: SSL_CTX_sess_remove_cb) cdecl; external CLibSSL;
+  function SSL_CTX_sess_get_remove_cb(ctx: PSSL_CTX): SSL_CTX_sess_remove_cb cdecl; external CLibSSL;
+
+  //void SSL_CTX_sess_set_get_cb(ctx: PSSL_CTX,
+  //                             SSL_SESSION *(*get_session_cb) (struct ssl_st
+  //                                                             *ssl,
+  //                                                             const Byte
+  //                                                             *data, TIdC_INT len,
+  //                                                             TIdC_INT *copy));
+  //SSL_SESSION *(*SSL_CTX_sess_get_get_cb(ctx: PSSL_CTX)) (struct ssl_st *ssl,
+  //                                                       const d: PByteata,
+  //                                                       TIdC_INT len, TIdC_INT *copy);
+  procedure SSL_CTX_set_info_callback(ctx: PSSL_CTX; cb: SSL_CTX_info_callback) cdecl; external CLibSSL;
+  function SSL_CTX_get_info_callback(ctx: PSSL_CTX): SSL_CTX_info_callback cdecl; external CLibSSL;
+  procedure SSL_CTX_set_client_cert_cb(ctx: PSSL_CTX; client_cert_cb: SSL_CTX_client_cert_cb) cdecl; external CLibSSL;
+  function SSL_CTX_get_client_cert_cb(ctx: PSSL_CTX): SSL_CTX_client_cert_cb cdecl; external CLibSSL;
+  function SSL_CTX_set_client_cert_engine(ctx: PSSL_CTX; e: PENGINE): TIdC_INT cdecl; external CLibSSL;
+
+  procedure SSL_CTX_set_cookie_generate_cb(ctx: PSSL_CTX; app_gen_cookie_cb: SSL_CTX_cookie_verify_cb) cdecl; external CLibSSL;
+  procedure SSL_CTX_set_cookie_verify_cb(ctx: PSSL_CTX; app_verify_cookie_cb: SSL_CTX_set_cookie_verify_cb_app_verify_cookie_cb) cdecl; external CLibSSL;
+  procedure SSL_CTX_set_stateless_cookie_generate_cb(ctx: PSSL_CTX; gen_stateless_cookie_cb: SSL_CTX_set_stateless_cookie_generate_cb_gen_stateless_cookie_cb) cdecl; external CLibSSL;
+  procedure SSL_CTX_set_stateless_cookie_verify_cb(ctx: PSSL_CTX; verify_stateless_cookie_cb: SSL_CTX_set_stateless_cookie_verify_cb_verify_stateless_cookie_cb) cdecl; external CLibSSL;
+
+  //__owur TIdC_INT SSL_CTX_set_alpn_protos(ctx: PSSL_CTX, const Byte *protos,
+  //                                   TIdC_UINT protos_len);
+  //__owur TIdC_INT SSL_set_alpn_protos(ssl: PSSL, const Byte *protos,
+  //                               TIdC_UINT protos_len);
+
+  procedure SSL_CTX_set_alpn_select_cb(ctx: PSSL_CTX; cb: SSL_CTX_alpn_select_cb_func; arg: Pointer) cdecl; external CLibSSL;
+  procedure SSL_get0_alpn_selected(const ssl: PSSL; const data: PPByte; len: PIdC_UINT) cdecl; external CLibSSL;
+  procedure SSL_CTX_set_psk_client_callback(ctx: PSSL_CTX; cb: SSL_psk_client_cb_func) cdecl; external CLibSSL;
+  procedure SSL_set_psk_client_callback(ssl: PSSL; cb: SSL_psk_client_cb_func) cdecl; external CLibSSL;
+  procedure SSL_CTX_set_psk_server_callback(ctx: PSSL_CTX; cb: SSL_psk_server_cb_func) cdecl; external CLibSSL;
+  procedure SSL_set_psk_server_callback(ssl: PSSL; cb: SSL_psk_server_cb_func) cdecl; external CLibSSL;
+
+  //__owur TIdC_INT SSL_CTX_use_psk_identity_hint(ctx: PSSL_CTX, const PIdAnsiChar *identity_hint);
+  //__owur TIdC_INT SSL_use_psk_identity_hint(s: PSSL, const PIdAnsiChar *identity_hint);
+  //const PIdAnsiChar *SSL_get_psk_identity_hint(const s: PSSL);
+  //const PIdAnsiChar *SSL_get_psk_identity(const s: PSSL);
+
+  procedure SSL_set_psk_find_session_callback(s: PSSL; cb: SSL_psk_find_session_cb_func) cdecl; external CLibSSL;
+  procedure SSL_CTX_set_psk_find_session_callback(ctx: PSSL_CTX; cb: SSL_psk_find_session_cb_func) cdecl; external CLibSSL;
+  procedure SSL_set_psk_use_session_callback(s: PSSL; cb: SSL_psk_use_session_cb_func) cdecl; external CLibSSL;
+  procedure SSL_CTX_set_psk_use_session_callback(ctx: PSSL_CTX; cb: SSL_psk_use_session_cb_func) cdecl; external CLibSSL;
+
+  ///* Register callbacks to handle custom TLS Extensions for client or server. */
+
+  //__owur TIdC_INT SSL_CTX_has_client_custom_ext(const ctx: PSSL_CTX,
+  //                                         TIdC_UINT ext_type);
+  //
+  //__owur TIdC_INT SSL_CTX_add_client_custom_ext(ctx: PSSL_CTX,
+  //                                         TIdC_UINT ext_type,
+  //                                         custom_ext_add_cb add_cb,
+  //                                         custom_ext_free_cb free_cb,
+  //                                         void *add_arg,
+  //                                         custom_ext_parse_cb parse_cb,
+  //                                         void *parse_arg);
+  //
+  //__owur TIdC_INT SSL_CTX_add_server_custom_ext(ctx: PSSL_CTX,
+  //                                         TIdC_UINT ext_type,
+  //                                         custom_ext_add_cb add_cb,
+  //                                         custom_ext_free_cb free_cb,
+  //                                         void *add_arg,
+  //                                         custom_ext_parse_cb parse_cb,
+  //                                         void *parse_arg);
+  //
+  //__owur TIdC_INT SSL_CTX_add_custom_ext(ctx: PSSL_CTX, TIdC_UINT ext_type,
+  //                                  TIdC_UINT context,
+  //                                  SSL_custom_ext_add_cb_ex add_cb,
+  //                                  SSL_custom_ext_free_cb_ex free_cb,
+  //                                  void *add_arg,
+  //                                  SSL_custom_ext_parse_cb_ex parse_cb,
+  //                                  void *parse_arg);
+
+  //__owur TIdC_INT SSL_extension_supported(TIdC_UINT ext_type);
+
+
+  ///* These will only be used when doing non-blocking IO */
+  //# define SSL_want_nothing(s)         (SSL_want(s) == SSL_NOTHING)
+  //# define SSL_want_read(s)            (SSL_want(s) == SSL_READING)
+  //# define SSL_want_write(s)           (SSL_want(s) == SSL_WRITING)
+  //# define SSL_want_x509_lookup(s)     (SSL_want(s) == SSL_X509_LOOKUP)
+  //# define SSL_want_async(s)           (SSL_want(s) == SSL_ASYNC_PAUSED)
+  //# define SSL_want_async_job(s)       (SSL_want(s) == SSL_ASYNC_NO_JOBS)
+  //# define SSL_want_client_hello_cb(s) (SSL_want(s) == SSL_CLIENT_HELLO_CB)
+
+  (*
+   * SSL_CTX_set_keylog_callback configures a callback to log key material. This
+   * is intended for debugging use with tools like Wireshark. The cb function
+   * should log line followed by a newline.
+   *)
+  procedure SSL_CTX_set_keylog_callback(ctx: PSSL_CTX; cb: SSL_CTX_keylog_cb_func) cdecl; external CLibSSL;
+  (*
+   * SSL_CTX_get_keylog_callback returns the callback configured by
+   * SSL_CTX_set_keylog_callback.
+   *)
+  function SSL_CTX_get_keylog_callback(const ctx: PSSL_CTX): SSL_CTX_keylog_cb_func cdecl; external CLibSSL;
+  function SSL_CTX_set_max_early_data(ctx: PSSL_CTX; max_early_data: TIdC_UINT32): TIdC_INT cdecl; external CLibSSL;
+  function SSL_CTX_get_max_early_data(const ctx: PSSL_CTX): TIdC_UINT32 cdecl; external CLibSSL;
+  function SSL_set_max_early_data(s: PSSL; max_early_data: TIdC_UINT32): TIdC_INT cdecl; external CLibSSL;
+  function SSL_get_max_early_data(const s: PSSL): TIdC_UINT32 cdecl; external CLibSSL;
+  function SSL_CTX_set_recv_max_early_data(ctx: PSSL_CTX; recv_max_early_data: TIdC_UINT32): TIdC_INT cdecl; external CLibSSL;
+  function SSL_CTX_get_recv_max_early_data(const ctx: PSSL_CTX): TIdC_UINT32 cdecl; external CLibSSL;
+  function SSL_set_recv_max_early_data(s: PSSL; recv_max_early_data: TIdC_UINT32): TIdC_INT cdecl; external CLibSSL;
+  function SSL_get_recv_max_early_data(const s: PSSL): TIdC_UINT32 cdecl; external CLibSSL;
+
+  ///*
+  // * These need to be after the above set of includes due to a compiler bug
+  // * &in VisualStudio 2015
+  // */
+  //DEFINE_STACK_OF_CONST(SSL_CIPHER)
+  //DEFINE_STACK_OF(SSL_COMP)
+
+  ///* compatibility */
+  //# define SSL_set_app_data(s,arg)         (SSL_set_ex_data(s,0,(PIdAnsiChar *)(arg)))
+  //# define SSL_get_app_data(s)             (SSL_get_ex_data(s,0))
+  //# define SSL_SESSION_set_app_data(s,a)   (SSL_SESSION_set_ex_data(s,0, \
+  //                                                                  (PIdAnsiChar *)(a)))
+  //# define SSL_SESSION_get_app_data(s)     (SSL_SESSION_get_ex_data(s,0))
+  //# define SSL_CTX_get_app_data(ctx)       (SSL_CTX_get_ex_data(ctx,0))
+  //# define SSL_CTX_set_app_data(ctx,arg)   (SSL_CTX_set_ex_data(ctx,0, \
+  //                                                              (PIdAnsiChar *)(arg)))
+
+  ///* Is the SSL_connection established? */
+  //# define SSL_in_connect_init(a)          (SSL_in_init(a) && !SSL_is_server(a))
+  //# define SSL_in_accept_init(a)           (SSL_in_init(a) && SSL_is_server(a))
+  function SSL_in_init(const s: PSSL): TIdC_INT cdecl; external CLibSSL;
+  function SSL_in_before(const s: PSSL): TIdC_INT cdecl; external CLibSSL;
+  function SSL_is_init_finished(const s: PSSL): TIdC_INT cdecl; external CLibSSL;
+
+  (*-
+   * Obtain latest Finished message
+   *   -- that we sent (SSL_get_finished)
+   *   -- that we expected from peer (SSL_get_peer_finished).
+   * Returns length (0 == no Finished so far), copies up to 'count' bytes.
+   *)
+  function SSL_get_finished(const s: PSSL; buf: Pointer; count: TIdC_SIZET): TIdC_SIZET cdecl; external CLibSSL;
+  function SSL_get_peer_finished(const s: PSSL; buf: Pointer; count: TIdC_SIZET): TIdC_SIZET cdecl; external CLibSSL;
+
+  //# if OPENSSL_API_COMPAT < 0x10100000L
+  //#  define OpenSSL_add_ssl_algorithms()   SSL_library_init()
+  //#  define SSLeay_add_ssl_algorithms()    SSL_library_init()
+  //# endif
+
+  ///* More backward compatibility */
+  //# define SSL_get_cipher(s) \
+  //                SSL_CIPHER_get_name(SSL_get_current_cipher(s))
+  //# define SSL_get_cipher_bits(s,np) \
+  //                SSL_CIPHER_get_bits(SSL_get_current_cipher(s),np)
+  //# define SSL_get_cipher_version(s) \
+  //                SSL_CIPHER_get_version(SSL_get_current_cipher(s))
+  //# define SSL_get_cipher_name(s) \
+  //                SSL_CIPHER_get_name(SSL_get_current_cipher(s))
+  //# define SSL_get_time(a)         SSL_SESSION_get_time(a)
+  //# define SSL_set_time(a,b)       SSL_SESSION_set_time((a),(b))
+  //# define SSL_get_timeout(a)      SSL_SESSION_get_timeout(a)
+  //# define SSL_set_timeout(a,b)    SSL_SESSION_set_timeout((a),(b))
+  //
+  //# define d2i_SSL_SESSION_bio(bp,s_id) ASN1_d2i_bio_of(SSL_SESSION,SSL_SESSION_new,d2i_SSL_SESSION,bp,s_id)
+  //# define i2d_SSL_SESSION_bio(bp,s_id) ASN1_i2d_bio_of(SSL_SESSION,i2d_SSL_SESSION,bp,s_id)
+
+  //DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION)
+
+  //# define DTLSv1_get_timeout(ssl, arg) \
+  //        SSL_ctrl(ssl,DTLS_CTRL_GET_TIMEOUT,0, (void *)(arg))
+  //# define DTLSv1_handle_timeout(ssl) \
+  //        SSL_ctrl(ssl,DTLS_CTRL_HANDLE_TIMEOUT,0, NULL)
+  //
+  ///* Backwards compatibility, original 1.1.0 names */
+  //# define SSL_CTRL_GET_SERVER_TMP_KEY \
+  //         SSL_CTRL_GET_PEER_TMP_KEY
+  //# define SSL_get_server_tmp_key(s, pk) \
+  //         SSL_get_peer_tmp_key(s, pk)
+
+  //# if OPENSSL_API_COMPAT < 0x10100000L
+  //const SSL_CTX_need_tmp_RSA = (ctx)    0;
+  //const SSL_CTX_set_tmp_rsa = (ctx;rsa)   1;
+  //const SSL_need_tmp_RSA = (ssl)     0;
+  //const SSL_set_tmp_rsa = (ssl;rsa)    1;
+
+  //#  define SSL_CTX_set_ecdh_auto(dummy, onoff)      ((onoff) != 0)
+  //#  define SSL_set_ecdh_auto(dummy, onoff)          ((onoff) != 0)
+  ///*
+  // * We 'pretend' to call the callback to avoid warnings about unused static
+  // * functions.
+  // */
+  //#  define SSL_CTX_set_tmp_rsa_callback(ctx, cb)    while(0) (cb)(NULL, 0, 0)
+  //#  define SSL_set_tmp_rsa_callback(ssl, cb)        while(0) (cb)(NULL, 0, 0)
+  //# endif
+  //
+  function BIO_f_ssl: PBIO_METHOD cdecl; external CLibSSL;
+  function BIO_new_ssl(ctx: PSSL_CTX; client: TIdC_INT): PBIO cdecl; external CLibSSL;
+  function BIO_new_ssl_connect(ctx: PSSL_CTX): PBIO cdecl; external CLibSSL;
+  function BIO_new_buffer_ssl_connect(ctx: PSSL_CTX): PBIO cdecl; external CLibSSL;
+  function BIO_ssl_copy_session_id(&to: PBIO; from: PBIO): TIdC_INT cdecl; external CLibSSL;
+
+  function SSL_CTX_set_cipher_list(v1: PSSL_CTX; const str: PIdAnsiChar): TIdC_INT cdecl; external CLibSSL;
+  function SSL_CTX_new(const meth: PSSL_METHOD): PSSL_CTX cdecl; external CLibSSL;
+  function SSL_CTX_set_timeout(ctx: PSSL_CTX; t: TIdC_LONG): TIdC_LONG cdecl; external CLibSSL;
+  function SSL_CTX_get_timeout(const ctx: PSSL_CTX): TIdC_LONG cdecl; external CLibSSL;
+  function SSL_CTX_get_cert_store(const v1: PSSL_CTX): PX509_STORE cdecl; external CLibSSL;
+  function SSL_want(const s: PSSL): TIdC_INT cdecl; external CLibSSL;
+  function SSL_clear(s: PSSL): TIdC_INT cdecl; external CLibSSL;
+
+  procedure BIO_ssl_shutdown(ssl_bio: PBIO) cdecl; external CLibSSL;
+  function SSL_CTX_up_ref(ctx: PSSL_CTX): TIdC_INT cdecl; external CLibSSL;
+  procedure SSL_CTX_free(v1: PSSL_CTX) cdecl; external CLibSSL;
+  procedure SSL_CTX_set_cert_store(v1: PSSL_CTX; v2: PX509_STORE) cdecl; external CLibSSL;
+  procedure SSL_CTX_set1_cert_store(v1: PSSL_CTX; v2: PX509_STORE) cdecl; external CLibSSL;
+
+  procedure SSL_CTX_flush_sessions(ctx: PSSL_CTX; tm: TIdC_LONG) cdecl; external CLibSSL;
+
+  function SSL_get_current_cipher(const s: PSSL): PSSL_CIPHER cdecl; external CLibSSL;
+  function SSL_get_pending_cipher(const s: PSSL): PSSL_CIPHER cdecl; external CLibSSL;
+  function SSL_CIPHER_get_bits(const c: PSSL_CIPHER; alg_bits: PIdC_INT): TIdC_INT cdecl; external CLibSSL;
+  function SSL_CIPHER_get_version(const c: PSSL_CIPHER): PIdAnsiChar cdecl; external CLibSSL;
+  function SSL_CIPHER_get_name(const c: PSSL_CIPHER): PIdAnsiChar cdecl; external CLibSSL;
+  function SSL_CIPHER_standard_name(const c: PSSL_CIPHER): PIdAnsiChar cdecl; external CLibSSL;
+  function OPENSSL_cipher_name(const rfc_name: PIdAnsiChar): PIdAnsiChar cdecl; external CLibSSL;
+  function SSL_CIPHER_get_id(const c: PSSL_CIPHER): TIdC_UINT32 cdecl; external CLibSSL;
+  function SSL_CIPHER_get_protocol_id(const c: PSSL_CIPHER): TIdC_UINT16 cdecl; external CLibSSL;
+  function SSL_CIPHER_get_kx_nid(const c: PSSL_CIPHER): TIdC_INT cdecl; external CLibSSL;
+  function SSL_CIPHER_get_auth_nid(const c: PSSL_CIPHER): TIdC_INT cdecl; external CLibSSL;
+  function SSL_CIPHER_get_handshake_digest(const c: PSSL_CIPHER): PEVP_MD cdecl; external CLibSSL;
+  function SSL_CIPHER_is_aead(const c: PSSL_CIPHER): TIdC_INT cdecl; external CLibSSL;
+
+  function SSL_get_fd(const s: PSSL): TIdC_INT cdecl; external CLibSSL;
+  function SSL_get_rfd(const s: PSSL): TIdC_INT cdecl; external CLibSSL;
+  function SSL_get_wfd(const s: PSSL): TIdC_INT cdecl; external CLibSSL;
+  function SSL_get_cipher_list(const s: PSSL; n: TIdC_INT): PIdAnsiChar cdecl; external CLibSSL;
+  function SSL_get_shared_ciphers(const s: PSSL; buf: PIdAnsiChar; size: TIdC_INT): PIdAnsiChar cdecl; external CLibSSL;
+  function SSL_get_read_ahead(const s: PSSL): TIdC_INT cdecl; external CLibSSL;
+  function SSL_pending(const s: PSSL): TIdC_INT cdecl; external CLibSSL;
+  function SSL_has_pending(const s: PSSL): TIdC_INT cdecl; external CLibSSL;
+  function SSL_set_fd(s: PSSL; fd: TIdC_INT): TIdC_INT cdecl; external CLibSSL;
+  function SSL_set_rfd(s: PSSL; fd: TIdC_INT): TIdC_INT cdecl; external CLibSSL;
+  function SSL_set_wfd(s: PSSL; fd: TIdC_INT): TIdC_INT cdecl; external CLibSSL;
+  procedure SSL_set0_rbio(s: PSSL; rbio: PBIO) cdecl; external CLibSSL;
+  procedure SSL_set0_wbio(s: PSSL; wbio: PBIO) cdecl; external CLibSSL;
+  procedure SSL_set_bio(s: PSSL; rbio: PBIO; wbio: PBIO) cdecl; external CLibSSL;
+  function SSL_get_rbio(const s: PSSL): PBIO cdecl; external CLibSSL;
+  function SSL_get_wbio(const s: PSSL): PBIO cdecl; external CLibSSL;
+  function SSL_set_cipher_list(s: PSSL; const str: PIdAnsiChar): TIdC_INT cdecl; external CLibSSL;
+  function SSL_CTX_set_ciphersuites(ctx: PSSL_CTX; const str: PIdAnsiChar): TIdC_INT cdecl; external CLibSSL;
+  function SSL_set_ciphersuites(s: PSSL; const str: PIdAnsiChar): TIdC_INT cdecl; external CLibSSL;
+  function SSL_get_verify_mode(const s: PSSL): TIdC_INT cdecl; external CLibSSL;
+  function SSL_get_verify_depth(const s: PSSL): TIdC_INT cdecl; external CLibSSL;
+  function SSL_get_verify_callback(const s: PSSL): SSL_verify_cb cdecl; external CLibSSL;
+  procedure SSL_set_read_ahead(s: PSSL; yes: TIdC_INT) cdecl; external CLibSSL;
+  procedure SSL_set_verify(s: PSSL; mode: TIdC_INT; callback: SSL_verify_cb) cdecl; external CLibSSL;
+  procedure SSL_set_verify_depth(s: PSSL; depth: TIdC_INT) cdecl; external CLibSSL;
+  //void SSL_set_cert_cb(s: PSSL, TIdC_INT (*cb) (ssl: PSSL, void *arg), void *arg);
+
+  function SSL_use_RSAPrivateKey(ssl: PSSL; rsa: PRSA): TIdC_INT cdecl; external CLibSSL;
+  function SSL_use_RSAPrivateKey_ASN1(ssl: PSSL; const d: PByte; len: TIdC_LONG): TIdC_INT cdecl; external CLibSSL;
+  function SSL_use_PrivateKey(ssl: PSSL; pkey: PEVP_PKEY): TIdC_INT cdecl; external CLibSSL;
+  function SSL_use_PrivateKey_ASN1(pk: TIdC_INT; ssl: PSSL; const d: PByte; len: TIdC_LONG): TIdC_INT cdecl; external CLibSSL;
+  function SSL_use_certificate(ssl: PSSL; x: PX509): TIdC_INT cdecl; external CLibSSL;
+  function SSL_use_certificate_ASN1(ssl: PSSL; const d: PByte; len: TIdC_INT): TIdC_INT cdecl; external CLibSSL;
+  //__owur TIdC_INT SSL_use_cert_and_key(ssl: PSSL, x509: PX509, EVP_PKEY *privatekey,
+  //                                STACK_OF(X509) *chain, TIdC_INT override);
+
+  (* Set serverinfo data for the current active cert. *)
+  function SSL_CTX_use_serverinfo(ctx: PSSL_CTX; const serverinfo: PByte; serverinfo_length: TIdC_SIZET): TIdC_INT cdecl; external CLibSSL;
+  function SSL_CTX_use_serverinfo_ex(ctx: PSSL_CTX; version: TIdC_UINT; const serverinfo: PByte; serverinfo_length: TIdC_SIZET): TIdC_INT cdecl; external CLibSSL;
+  function SSL_CTX_use_serverinfo_file(ctx: PSSL_CTX; const &file: PIdAnsiChar): TIdC_INT cdecl; external CLibSSL;
+
+  function SSL_use_RSAPrivateKey_file(ssl: PSSL; const &file: PIdAnsiChar; &type: TIdC_INT): TIdC_INT cdecl; external CLibSSL;
+
+  function SSL_use_PrivateKey_file(ssl: PSSL; const &file: PIdAnsiChar; &type: TIdC_INT): TIdC_INT cdecl; external CLibSSL;
+  function SSL_use_certificate_file(ssl: PSSL; const &file: PIdAnsiChar; &type: TIdC_INT): TIdC_INT cdecl; external CLibSSL;
+
+  function SSL_CTX_use_RSAPrivateKey_file(ctx: PSSL_CTX; const &file: PIdAnsiChar; &type: TIdC_INT): TIdC_INT cdecl; external CLibSSL;
+
+  function SSL_CTX_use_PrivateKey_file(ctx: PSSL_CTX; const &file: PIdAnsiChar; &type: TIdC_INT): TIdC_INT cdecl; external CLibSSL;
+  function SSL_CTX_use_certificate_file(ctx: PSSL_CTX; const &file: PIdAnsiChar; &type: TIdC_INT): TIdC_INT cdecl; external CLibSSL;
+  (* PEM type *)
+  function SSL_CTX_use_certificate_chain_file(ctx: PSSL_CTX; const &file: PIdAnsiChar): TIdC_INT cdecl; external CLibSSL;
+  function SSL_use_certificate_chain_file(ssl: PSSL; const &file: PIdAnsiChar): TIdC_INT cdecl; external CLibSSL;
+  //__owur STACK_OF(X509_NAME) *SSL_load_client_CA_file(const PIdAnsiChar *file);
+  //__owur TIdC_INT SSL_add_file_cert_subjects_to_stack(STACK_OF(X509_NAME) *stackCAs,
+  //                                               const PIdAnsiChar *file);
+  //TIdC_INT SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stackCAs,
+  //                                       const PIdAnsiChar *dir);
+
+  //# if OPENSSL_API_COMPAT < 0x10100000L
+  //#  define SSL_load_error_strings() \
+  //    OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS \
+  //                     | OPENSSL_INIT_LOAD_CRYPTO_STRINGS, NULL)
+  //# endif
+
+  function SSL_state_string(const s: PSSL): PIdAnsiChar cdecl; external CLibSSL;
+  function SSL_rstate_string(const s: PSSL): PIdAnsiChar cdecl; external CLibSSL;
+  function SSL_state_string_long(const s: PSSL): PIdAnsiChar cdecl; external CLibSSL;
+  function SSL_rstate_string_long(const s: PSSL): PIdAnsiChar cdecl; external CLibSSL;
+  function SSL_SESSION_get_time(const s: PSSL_SESSION): TIdC_LONG cdecl; external CLibSSL;
+  function SSL_SESSION_set_time(s: PSSL_SESSION; t: TIdC_LONG): TIdC_LONG cdecl; external CLibSSL;
+  function SSL_SESSION_get_timeout(const s: PSSL_SESSION): TIdC_LONG cdecl; external CLibSSL;
+  function SSL_SESSION_set_timeout(s: PSSL_SESSION; t: TIdC_LONG): TIdC_LONG cdecl; external CLibSSL;
+  function SSL_SESSION_get_protocol_version(const s: PSSL_SESSION): TIdC_INT cdecl; external CLibSSL;
+  function SSL_SESSION_set_protocol_version(s: PSSL_SESSION; version: TIdC_INT): TIdC_INT cdecl; external CLibSSL;
+
+  function SSL_SESSION_get0_hostname(const s: PSSL_SESSION): PIdAnsiChar cdecl; external CLibSSL;
+  function SSL_SESSION_set1_hostname(s: PSSL_SESSION; const hostname: PIdAnsiChar): TIdC_INT cdecl; external CLibSSL;
+  procedure SSL_SESSION_get0_alpn_selected(const s: PSSL_SESSION; const alpn: PPByte; len: PIdC_SIZET) cdecl; external CLibSSL;
+  function SSL_SESSION_set1_alpn_selected(s: PSSL_SESSION; const alpn: PByte; len: TIdC_SIZET): TIdC_INT cdecl; external CLibSSL;
+  function SSL_SESSION_get0_cipher(const s: PSSL_SESSION): PSSL_CIPHER cdecl; external CLibSSL;
+  function SSL_SESSION_set_cipher(s: PSSL_SESSION; const cipher: PSSL_CIPHER): TIdC_INT cdecl; external CLibSSL;
+  function SSL_SESSION_has_ticket(const s: PSSL_SESSION): TIdC_INT cdecl; external CLibSSL;
+  function SSL_SESSION_get_ticket_lifetime_hint(const s: PSSL_SESSION): TIdC_ULONG cdecl; external CLibSSL;
+  procedure SSL_SESSION_get0_ticket(const s: PSSL_SESSION; const tick: PPByte; len: PIdC_SIZET) cdecl; external CLibSSL;
+  function SSL_SESSION_get_max_early_data(const s: PSSL_SESSION): TIdC_UINT32 cdecl; external CLibSSL;
+  function SSL_SESSION_set_max_early_data(s: PSSL_SESSION; max_early_data: TIdC_UINT32): TIdC_INT cdecl; external CLibSSL;
+  function SSL_copy_session_id(&to: PSSL; const from: PSSL): TIdC_INT cdecl; external CLibSSL;
+  function SSL_SESSION_get0_peer(s: PSSL_SESSION): PX509 cdecl; external CLibSSL;
+  function SSL_SESSION_set1_id_context(s: PSSL_SESSION; const sid_ctx: PByte; sid_ctx_len: TIdC_UINT): TIdC_INT cdecl; external CLibSSL;
+  function SSL_SESSION_set1_id(s: PSSL_SESSION; const sid: PByte; sid_len: TIdC_UINT): TIdC_INT cdecl; external CLibSSL;
+  function SSL_SESSION_is_resumable(const s: PSSL_SESSION): TIdC_INT cdecl; external CLibSSL;
+
+  function SSL_SESSION_new: PSSL_SESSION cdecl; external CLibSSL;
+  function SSL_SESSION_dup(src: PSSL_SESSION): PSSL_SESSION cdecl; external CLibSSL;
+  function SSL_SESSION_get_id(const s: PSSL_SESSION; len: PIdC_UINT): PByte cdecl; external CLibSSL;
+  function SSL_SESSION_get0_id_context(const s: PSSL_SESSION; len: PIdC_UINT): PByte cdecl; external CLibSSL;
+  function SSL_SESSION_get_compress_id(const s: PSSL_SESSION): TIdC_UINT cdecl; external CLibSSL;
+  function SSL_SESSION_print(fp: PBIO; const ses: PSSL_SESSION): TIdC_INT cdecl; external CLibSSL;
+  function SSL_SESSION_print_keylog(bp: PBIO; const x: PSSL_SESSION): TIdC_INT cdecl; external CLibSSL;
+  function SSL_SESSION_up_ref(ses: PSSL_SESSION): TIdC_INT cdecl; external CLibSSL;
+  procedure SSL_SESSION_free(ses: PSSL_SESSION) cdecl; external CLibSSL;
+  //__owur TIdC_INT i2d_SSL_SESSION(SSL_SESSION *&in, Byte **pp);
+  function SSL_set_session(&to: PSSL; session: PSSL_SESSION): TIdC_INT cdecl; external CLibSSL;
+  function SSL_CTX_add_session(ctx: PSSL_CTX; session: PSSL_SESSION): TIdC_INT cdecl; external CLibSSL;
+  function SSL_CTX_remove_session(ctx: PSSL_CTX; session: PSSL_SESSION): TIdC_INT cdecl; external CLibSSL;
+  function SSL_CTX_set_generate_session_id(ctx: PSSL_CTX; cb: GEN_SESSION_CB): TIdC_INT cdecl; external CLibSSL;
+  function SSL_set_generate_session_id(s: PSSL; cb: GEN_SESSION_CB): TIdC_INT cdecl; external CLibSSL;
+  function SSL_has_matching_session_id(const s: PSSL; const id: PByte; id_len: TIdC_UINT): TIdC_INT cdecl; external CLibSSL;
+  function d2i_SSL_SESSION(a: PPSSL_SESSION; const pp: PPByte; length: TIdC_LONG): PSSL_SESSION cdecl; external CLibSSL;
+
+  function SSL_get_peer_certificate(const s: PSSL): PX509 cdecl; external CLibSSL;
+
+  //__owur STACK_OF(X509) *SSL_get_peer_cert_chain(const s: PSSL);
+  //
+  function SSL_CTX_get_verify_mode(const ctx: PSSL_CTX): TIdC_INT cdecl; external CLibSSL;
+  function SSL_CTX_get_verify_depth(const ctx: PSSL_CTX): TIdC_INT cdecl; external CLibSSL;
+  function SSL_CTX_get_verify_callback(const ctx: PSSL_CTX): SSL_verify_cb cdecl; external CLibSSL;
+  procedure SSL_CTX_set_verify(ctx: PSSL_CTX; mode: TIdC_INT; callback: SSL_verify_cb) cdecl; external CLibSSL;
+  procedure SSL_CTX_set_verify_depth(ctx: PSSL_CTX; depth: TIdC_INT) cdecl; external CLibSSL;
+  procedure SSL_CTX_set_cert_verify_callback(ctx: PSSL_CTX; cb: SSL_CTX_set_cert_verify_callback_cb; arg: Pointer) cdecl; external CLibSSL;
+  procedure SSL_CTX_set_cert_cb(c: PSSL_CTX; cb: SSL_CTX_set_cert_cb_cb; arg: Pointer) cdecl; external CLibSSL;
+  function SSL_CTX_use_RSAPrivateKey(ctx: PSSL_CTX; rsa: PRSA): TIdC_INT cdecl; external CLibSSL;
+  function SSL_CTX_use_RSAPrivateKey_ASN1(ctx: PSSL_CTX; const d: PByte; len: TIdC_LONG): TIdC_INT cdecl; external CLibSSL;
+  function SSL_CTX_use_PrivateKey(ctx: PSSL_CTX; pkey: PEVP_PKEY): TIdC_INT cdecl; external CLibSSL;
+  function SSL_CTX_use_PrivateKey_ASN1(pk: TIdC_INT; ctx: PSSL_CTX; const d: PByte; len: TIdC_LONG): TIdC_INT cdecl; external CLibSSL;
+  function SSL_CTX_use_certificate(ctx: PSSL_CTX; x: X509): TIdC_INT cdecl; external CLibSSL;
+  function SSL_CTX_use_certificate_ASN1(ctx: PSSL_CTX; len: TIdC_INT; const d: PByte): TIdC_INT cdecl; external CLibSSL;
+  //function TIdC_INT SSL_CTX_use_cert_and_key(ctx: PSSL_CTX; x509: PX509; EVP_PKEY *privatekey; STACK_OF(X509) *chain; TIdC_INT override);
+
+  procedure SSL_CTX_set_default_passwd_cb(ctx: PSSL_CTX; cb: pem_password_cb) cdecl; external CLibSSL;
+  procedure SSL_CTX_set_default_passwd_cb_userdata(ctx: PSSL_CTX; u: Pointer) cdecl; external CLibSSL;
+  function SSL_CTX_get_default_passwd_cb(ctx: PSSL_CTX): pem_password_cb cdecl; external CLibSSL;
+  function SSL_CTX_get_default_passwd_cb_userdata(ctx: PSSL_CTX): Pointer cdecl; external CLibSSL;
+  procedure SSL_set_default_passwd_cb(s: PSSL; cb: pem_password_cb) cdecl; external CLibSSL;
+  procedure SSL_set_default_passwd_cb_userdata(s: PSSL; u: Pointer) cdecl; external CLibSSL;
+  function SSL_get_default_passwd_cb(s: PSSL): pem_password_cb cdecl; external CLibSSL;
+  function SSL_get_default_passwd_cb_userdata(s: PSSL): Pointer cdecl; external CLibSSL;
+
+  function SSL_CTX_check_private_key(const ctx: PSSL_CTX): TIdC_INT cdecl; external CLibSSL;
+  function SSL_check_private_key(const ctx: PSSL): TIdC_INT cdecl; external CLibSSL;
+
+  function SSL_CTX_set_session_id_context(ctx: PSSL_CTX; const sid_ctx: PByte; sid_ctx_len: TIdC_UINT): TIdC_INT cdecl; external CLibSSL;
+
+  function SSL_new(ctx: PSSL_CTX): PSSL cdecl; external CLibSSL;
+  function SSL_up_ref(s: PSSL): TIdC_INT cdecl; external CLibSSL;
+  function SSL_is_dtls(const s: PSSL): TIdC_INT cdecl; external CLibSSL;
+  function SSL_set_session_id_context(ssl: PSSL; const sid_ctx: PByte; sid_ctx_len: TIdC_UINT): TIdC_INT cdecl; external CLibSSL;
+
+  function SSL_CTX_set_purpose(ctx: PSSL_CTX; purpose: TIdC_INT): TIdC_INT cdecl; external CLibSSL;
+  function SSL_set_purpose(ssl: PSSL; purpose: TIdC_INT): TIdC_INT cdecl; external CLibSSL;
+  function SSL_CTX_set_trust(ctx: PSSL_CTX; trust: TIdC_INT): TIdC_INT cdecl; external CLibSSL;
+  function SSL_set_trust(ssl: PSSL; trust: TIdC_INT): TIdC_INT cdecl; external CLibSSL;
+
+  function SSL_set1_host(s: PSSL; const hostname: PIdAnsiChar): TIdC_INT cdecl; external CLibSSL;
+  function SSL_add1_host(s: PSSL; const hostname: PIdAnsiChar): TIdC_INT cdecl; external CLibSSL;
+  function SSL_get0_peername(s: PSSL): PIdAnsiChar cdecl; external CLibSSL;
+  procedure SSL_set_hostflags(s: PSSL; flags: TIdC_UINT) cdecl; external CLibSSL;
+
+  function SSL_CTX_dane_enable(ctx: PSSL_CTX): TIdC_INT cdecl; external CLibSSL;
+  function SSL_CTX_dane_mtype_set(ctx: PSSL_CTX; const md: PEVP_MD; mtype: TIdC_UINT8; ord: TIdC_UINT8): TIdC_INT cdecl; external CLibSSL;
+  function SSL_dane_enable(s: PSSL; const basedomain: PIdAnsiChar): TIdC_INT cdecl; external CLibSSL;
+  function SSL_dane_tlsa_add(s: PSSL; usage: TIdC_UINT8; selector: TIdC_UINT8; mtype: TIdC_UINT8; const data: PByte; dlen: TIdC_SIZET): TIdC_INT cdecl; external CLibSSL;
+  function SSL_get0_dane_authority(s: PSSL; mcert: PPX509; mspki: PPEVP_PKEY): TIdC_INT cdecl; external CLibSSL;
+  function SSL_get0_dane_tlsa(s: PSSL; usage: PIdC_UINT8; selector: PIdC_UINT8; mtype: PIdC_UINT8; const data: PPByte; dlen: PIdC_SIZET): TIdC_INT cdecl; external CLibSSL;
+  (*
+   * Bridge opacity barrier between libcrypt and libssl, also needed to support
+   * offline testing in test/danetest.c
+   *)
+  function SSL_get0_dane(ssl: PSSL): PSSL_DANE cdecl; external CLibSSL;
+
+  (*
+   * DANE flags
+   *)
+  function SSL_CTX_dane_set_flags(ctx: PSSL_CTX; flags: TIdC_ULONG): TIdC_ULONG cdecl; external CLibSSL;
+  function SSL_CTX_dane_clear_flags(ctx: PSSL_CTX; flags: TIdC_ULONG): TIdC_ULONG cdecl; external CLibSSL;
+  function SSL_dane_set_flags(ssl: PSSL; flags: TIdC_ULONG): TIdC_ULONG cdecl; external CLibSSL;
+  function SSL_dane_clear_flags(ssl: PSSL; flags: TIdC_ULONG): TIdC_ULONG cdecl; external CLibSSL;
+
+  function SSL_CTX_set1_param(ctx: PSSL_CTX; vpm: PX509_VERIFY_PARAM): TIdC_INT cdecl; external CLibSSL;
+  function SSL_set1_param(ssl: PSSL; vpm: PX509_VERIFY_PARAM): TIdC_INT cdecl; external CLibSSL;
+
+  function SSL_CTX_get0_param(ctx: PSSL_CTX): PX509_VERIFY_PARAM cdecl; external CLibSSL;
+  function SSL_get0_param(ssl: PSSL): PX509_VERIFY_PARAM cdecl; external CLibSSL;
+
+  function SSL_CTX_set_srp_username(ctx: PSSL_CTX; name: PIdAnsiChar): TIdC_INT cdecl; external CLibSSL;
+  function SSL_CTX_set_srp_password(ctx: PSSL_CTX; password: PIdAnsiChar): TIdC_INT cdecl; external CLibSSL;
+  function SSL_CTX_set_srp_strength(ctx: PSSL_CTX; strength: TIdC_INT): TIdC_INT cdecl; external CLibSSL;
+
+  function SSL_CTX_set_srp_client_pwd_callback(ctx: PSSL_CTX; cb: SSL_CTX_set_srp_client_pwd_callback_cb): TIdC_INT cdecl; external CLibSSL;
+  function SSL_CTX_set_srp_verify_param_callback(ctx: PSSL_CTX; cb: SSL_CTX_set_srp_verify_param_callback_cb): TIdC_INT cdecl; external CLibSSL;
+  function SSL_CTX_set_srp_username_callback(ctx: PSSL_CTX; cb: SSL_CTX_set_srp_username_callback_cb): TIdC_INT cdecl; external CLibSSL;
+
+  function SSL_CTX_set_srp_cb_arg(ctx: PSSL_CTX; arg: Pointer): TIdC_INT cdecl; external CLibSSL;
+  function SSL_set_srp_server_param(s: PSSL; const N: PBIGNUm; const g: PBIGNUm; sa: PBIGNUm; v: PBIGNUm; info: PIdAnsiChar): TIdC_INT cdecl; external CLibSSL;
+  function SSL_set_srp_server_param_pw(s: PSSL; const user: PIdAnsiChar; const pass: PIdAnsiChar; const grp: PIdAnsiChar): TIdC_INT cdecl; external CLibSSL;
+
+  //__owur BIGNUM *SSL_get_srp_g(s: PSSL);
+  //__owur BIGNUM *SSL_get_srp_N(s: PSSL);
+  //
+  //__owur PIdAnsiChar *SSL_get_srp_username(s: PSSL);
+  //__owur PIdAnsiChar *SSL_get_srp_userinfo(s: PSSL);
+  //
+  ///*
+  // * ClientHello callback and helpers.
+  // */
+  procedure SSL_CTX_set_client_hello_cb(c: PSSL_CTX; cb: SSL_client_hello_cb_fn; arg: Pointer) cdecl; external CLibSSL;
+  function SSL_client_hello_isv2(s: PSSL): TIdC_INT cdecl; external CLibSSL;
+  function SSL_client_hello_get0_legacy_version(s: PSSL): TIdC_UINT cdecl; external CLibSSL;
+  function SSL_client_hello_get0_random(s: PSSL; const &out: PPByte): TIdC_SIZET cdecl; external CLibSSL;
+  function SSL_client_hello_get0_session_id(s: PSSL; const &out: PPByte): TIdC_SIZET cdecl; external CLibSSL;
+  function SSL_client_hello_get0_ciphers(s: PSSL; const &out: PPByte): TIdC_SIZET cdecl; external CLibSSL;
+  function SSL_client_hello_get0_compression_methods(s: PSSL; const &out: PPByte): TIdC_SIZET cdecl; external CLibSSL;
+  function SSL_client_hello_get1_extensions_present(s: PSSL; &out: PPIdC_INT; outlen: PIdC_SIZET): TIdC_INT cdecl; external CLibSSL;
+  function SSL_client_hello_get0_ext(s: PSSL; &type: TIdC_UINT; const &out: PPByte; outlen: PIdC_SIZET): TIdC_INT cdecl; external CLibSSL;
+  procedure SSL_certs_clear(s: PSSL) cdecl; external CLibSSL;
+  procedure SSL_free(ssl: PSSL) cdecl; external CLibSSL;
+
+  (*
+   * Windows application developer has to include windows.h to use these.
+   *)
+  function SSL_waiting_for_async(s: PSSL): TIdC_INT cdecl; external CLibSSL;
+  function SSL_get_all_async_fds(s: PSSL; fds: POSSL_ASYNC_FD; numfds: PIdC_SIZET): TIdC_INT cdecl; external CLibSSL;
+  function SSL_get_changed_async_fds(s: PSSL; addfd: POSSL_ASYNC_FD; numaddfds: PIdC_SIZET; delfd: POSSL_ASYNC_FD; numdelfds: PIdC_SIZET): TIdC_INT cdecl; external CLibSSL;
+  function SSL_accept(ssl: PSSL): TIdC_INT cdecl; external CLibSSL;
+  function SSL_stateless(s: PSSL): TIdC_INT cdecl; external CLibSSL;
+  function SSL_connect(ssl: PSSL): TIdC_INT cdecl; external CLibSSL;
+  function SSL_read(ssl: PSSL; buf: Pointer; num: TIdC_INT): TIdC_INT cdecl; external CLibSSL;
+  function SSL_read_ex(ssl: PSSL; buf: Pointer; num: TIdC_SIZET; readbytes: PIdC_SIZET): TIdC_INT cdecl; external CLibSSL;
+
+  function SSL_read_early_data(s: PSSL; buf: Pointer; num: TIdC_SIZET; readbytes: PIdC_SIZET): TIdC_INT cdecl; external CLibSSL;
+  function SSL_peek(ssl: PSSL; buf: Pointer; num: TIdC_INT): TIdC_INT cdecl; external CLibSSL;
+  function SSL_peek_ex(ssl: PSSL; buf: Pointer; num: TIdC_SIZET; readbytes: PIdC_SIZET): TIdC_INT cdecl; external CLibSSL;
+  function SSL_write(ssl: PSSL; const buf: Pointer; num: TIdC_INT): TIdC_INT cdecl; external CLibSSL;
+  function SSL_write_ex(s: PSSL; const buf: Pointer; num: TIdC_SIZET; written: PIdC_SIZET): TIdC_INT cdecl; external CLibSSL;
+  function SSL_write_early_data(s: PSSL; const buf: Pointer; num: TIdC_SIZET; written: PIdC_SIZET): TIdC_INT cdecl; external CLibSSL;
+  function SSL_callback_ctrl(v1: PSSL; v2: TIdC_INT; v3: SSL_callback_ctrl_v3): TIdC_LONG cdecl; external CLibSSL;
+
+  function SSL_ctrl(ssl: PSSL; cmd: TIdC_INT; larg: TIdC_LONG; parg: Pointer): TIdC_LONG cdecl; external CLibSSL;
+  function SSL_CTX_ctrl(ctx: PSSL_CTX; cmd: TIdC_INT; larg: TIdC_LONG; parg: Pointer): TIdC_LONG cdecl; external CLibSSL;
+  function SSL_CTX_callback_ctrl(v1: PSSL_CTX; v2: TIdC_INT; v3: SSL_CTX_callback_ctrl_v3): TIdC_LONG cdecl; external CLibSSL;
+
+  function SSL_get_early_data_status(const s: PSSL): TIdC_INT cdecl; external CLibSSL;
+
+  function SSL_get_error(const s: PSSL; ret_code: TIdC_INT): TIdC_INT cdecl; external CLibSSL;
+  function SSL_get_version(const s: PSSL): PIdAnsiChar cdecl; external CLibSSL;
+
+  (* This sets the 'default' SSL version that SSL_new() will create *)
+  function SSL_CTX_set_ssl_version(ctx: PSSL_CTX; const meth: PSSL_METHOD): TIdC_INT cdecl; external CLibSSL;
+
+  ///* Negotiate highest available SSL/TLS version */
+  function TLS_method: PSSL_METHOD cdecl; external CLibSSL;
+  function TLS_server_method: PSSL_METHOD cdecl; external CLibSSL;
+  function TLS_client_method: PSSL_METHOD cdecl; external CLibSSL;
+
+  //__owur const SSL_METHOD *DTLS_method(void); /* DTLS 1.0 and 1.2 */
+  //__owur const SSL_METHOD *DTLS_server_method(void); /* DTLS 1.0 and 1.2 */
+  //__owur const SSL_METHOD *DTLS_client_method(void); /* DTLS 1.0 and 1.2 */
+  //
+  //__owur TIdC_SIZET DTLS_get_data_mtu(const s: PSSL);
+  //
+  //__owur STACK_OF(SSL_CIPHER) *SSL_get_ciphers(const s: PSSL);
+  //__owur STACK_OF(SSL_CIPHER) *SSL_CTX_get_ciphers(const ctx: PSSL_CTX);
+  //__owur STACK_OF(SSL_CIPHER) *SSL_get_client_ciphers(const s: PSSL);
+  //__owur STACK_OF(SSL_CIPHER) *SSL_get1_supported_ciphers(s: PSSL);
+  //
+  //__owur TIdC_INT SSL_do_handshake(s: PSSL);
+  function SSL_key_update(s: PSSL; updatetype: TIdC_INT): TIdC_INT cdecl; external CLibSSL;
+  function SSL_get_key_update_type(const s: PSSL): TIdC_INT cdecl; external CLibSSL;
+  function SSL_renegotiate(s: PSSL): TIdC_INT cdecl; external CLibSSL;
+  function SSL_renegotiate_abbreviated(s: PSSL): TIdC_INT cdecl; external CLibSSL;
+  function SSL_shutdown(s: PSSL): TIdC_INT cdecl; external CLibSSL;
+  procedure SSL_CTX_set_post_handshake_auth(ctx: PSSL_CTX; val: TIdC_INT) cdecl; external CLibSSL;
+  procedure SSL_set_post_handshake_auth(s: PSSL; val: TIdC_INT) cdecl; external CLibSSL;
+
+  function SSL_renegotiate_pending(const s: PSSL): TIdC_INT cdecl; external CLibSSL;
+  function SSL_verify_client_post_handshake(s: PSSL): TIdC_INT cdecl; external CLibSSL;
+
+  function SSL_CTX_get_ssl_method(const ctx: PSSL_CTX): PSSL_METHOD cdecl; external CLibSSL;
+  function SSL_get_ssl_method(const s: PSSL): PSSL_METHOD cdecl; external CLibSSL;
+  function SSL_set_ssl_method(s: PSSL; const method: PSSL_METHOD): TIdC_INT cdecl; external CLibSSL;
+  function SSL_alert_type_string_long(value: TIdC_INT): PIdAnsiChar cdecl; external CLibSSL;
+  function SSL_alert_type_string(value: TIdC_INT): PIdAnsiChar cdecl; external CLibSSL;
+  function SSL_alert_desc_string_long(value: TIdC_INT): PIdAnsiChar cdecl; external CLibSSL;
+  function SSL_alert_desc_string(value: TIdC_INT): PIdAnsiChar cdecl; external CLibSSL;
+
+  //void SSL_set0_CA_list(s: PSSL, STACK_OF(X509_NAME) *name_list);
+  //void SSL_CTX_set0_CA_list(ctx: PSSL_CTX, STACK_OF(X509_NAME) *name_list);
+  //__owur const STACK_OF(X509_NAME) *SSL_get0_CA_list(const s: PSSL);
+  //__owur const STACK_OF(X509_NAME) *SSL_CTX_get0_CA_list(const ctx: PSSL_CTX);
+  //__owur TIdC_INT SSL_add1_to_CA_list(ssl: PSSL, const X509 *x);
+  //__owur TIdC_INT SSL_CTX_add1_to_CA_list(ctx: PSSL_CTX, const X509 *x);
+  //__owur const STACK_OF(X509_NAME) *SSL_get0_peer_CA_list(const s: PSSL);
+
+  //void SSL_set_client_CA_list(s: PSSL, STACK_OF(X509_NAME) *name_list);
+  //void SSL_CTX_set_client_CA_list(ctx: PSSL_CTX, STACK_OF(X509_NAME) *name_list);
+  //__owur STACK_OF(X509_NAME) *SSL_get_client_CA_list(const s: PSSL);
+  //__owur STACK_OF(X509_NAME) *SSL_CTX_get_client_CA_list(const SSL_CTX *s);
+  function SSL_add_client_CA(ssl: PSSL; x: PX509): TIdC_INT cdecl; external CLibSSL;
+  function SSL_CTX_add_client_CA(ctx: PSSL_CTX; x: PX509): TIdC_INT cdecl; external CLibSSL;
+
+  procedure SSL_set_connect_state(s: PSSL) cdecl; external CLibSSL;
+  procedure SSL_set_accept_state(s: PSSL) cdecl; external CLibSSL;
+
+  //__owur TIdC_LONG SSL_get_default_timeout(const s: PSSL);
+  //
+  //# if OPENSSL_API_COMPAT < 0x10100000L
+  //#  define SSL_library_init() OPENSSL_init_ssl(0, NULL)
+  //# endif
+
+  //__owur PIdAnsiChar *SSL_CIPHER_description(const SSL_CIPHER *, PIdAnsiChar *buf, TIdC_INT size);
+  //__owur STACK_OF(X509_NAME) *SSL_dup_CA_list(const STACK_OF(X509_NAME) *sk);
+
+  function SSL_dup(ssl: PSSL): PSSL cdecl; external CLibSSL;
+
+  function SSL_get_certificate(const ssl: PSSL): PX509 cdecl; external CLibSSL;
+  (*
+   * EVP_PKEY
+   *)
+  function SSL_get_privatekey(const ssl: PSSL): PEVP_PKEY cdecl; external CLibSSL;
+
+  function SSL_CTX_get0_certificate(const ctx: PSSL_CTX): PX509 cdecl; external CLibSSL;
+  function SSL_CTX_get0_privatekey(const ctx: PSSL_CTX): PEVP_PKEY cdecl; external CLibSSL;
+
+  procedure SSL_CTX_set_quiet_shutdown(ctx: PSSL_CTX; mode: TIdC_INT) cdecl; external CLibSSL;
+  function SSL_CTX_get_quiet_shutdown(const ctx: PSSL_CTX): TIdC_INT cdecl; external CLibSSL;
+  procedure SSL_set_quiet_shutdown(ssl: PSSL; mode: TIdC_INT) cdecl; external CLibSSL;
+  function SSL_get_quiet_shutdown(const ssl: PSSL): TIdC_INT cdecl; external CLibSSL;
+  procedure SSL_set_shutdown(ssl: PSSL; mode: TIdC_INT) cdecl; external CLibSSL;
+  function SSL_get_shutdown(const ssl: PSSL): TIdC_INT cdecl; external CLibSSL;
+  function SSL_version(const ssl: PSSL): TIdC_INT cdecl; external CLibSSL;
+  function SSL_client_version(const s: PSSL): TIdC_INT cdecl; external CLibSSL;
+  function SSL_CTX_set_default_verify_paths(ctx: PSSL_CTX): TIdC_INT cdecl; external CLibSSL;
+  function SSL_CTX_set_default_verify_dir(ctx: PSSL_CTX): TIdC_INT cdecl; external CLibSSL;
+  function SSL_CTX_set_default_verify_file(ctx: PSSL_CTX): TIdC_INT cdecl; external CLibSSL;
+  function SSL_CTX_load_verify_locations(ctx: PSSL_CTX; const CAfile: PIdAnsiChar; const CApath: PIdAnsiChar): TIdC_INT cdecl; external CLibSSL;
+  //# define SSL_get0_session SSL_get_session/* just peek at pointer */
+  function SSL_get_session(const ssl: PSSL): PSSL_SESSION cdecl; external CLibSSL;
+  (* obtain a reference count *)
+  function SSL_get1_session(ssl: PSSL): PSSL_SESSION cdecl; external CLibSSL;
+  function SSL_get_SSL_CTX(const ssl: PSSL): PSSL_CTX cdecl; external CLibSSL;
+  function SSL_set_SSL_CTX(ssl: PSSL; ctx: PSSL_CTX): PSSL_CTX cdecl; external CLibSSL;
+  procedure SSL_set_info_callback(ssl: PSSL; cb: SSL_info_callback) cdecl; external CLibSSL;
+  function SSL_get_info_callback(const ssl: PSSL): SSL_info_callback cdecl; external CLibSSL;
+  function SSL_get_state(const ssl: PSSL): OSSL_HANDSHAKE_STATE cdecl; external CLibSSL;
+
+  procedure SSL_set_verify_result(ssl: PSSL; v: TIdC_LONG) cdecl; external CLibSSL;
+  function SSL_get_verify_result(const ssl: PSSL): TIdC_LONG cdecl; external CLibSSL;
+  //__owur STACK_OF(X509) *SSL_get0_verified_chain(const s: PSSL);
+
+  function SSL_get_client_random(const ssl: PSSL; &out: PByte; outlen: TIdC_SIZET): TIdC_SIZET cdecl; external CLibSSL;
+  function SSL_get_server_random(const ssl: PSSL; &out: PByte; outlen: TIdC_SIZET): TIdC_SIZET cdecl; external CLibSSL;
+  function SSL_SESSION_get_master_key(const sess: PSSL_SESSION; &out: PByte; outlen: TIdC_SIZET): TIdC_SIZET cdecl; external CLibSSL;
+  function SSL_SESSION_set1_master_key(sess: PSSL_SESSION; const &in: PByte; len: TIdC_SIZET): TIdC_INT cdecl; external CLibSSL;
+  function SSL_SESSION_get_max_fragment_length(const sess: PSSL_SESSION): TIdC_UINT8 cdecl; external CLibSSL;
+
+  //#define SSL_get_ex_new_index(l, p, newf, dupf, freef) \
+  //    CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL, l, p, newf, dupf, freef)
+  function SSL_set_ex_data(ssl: PSSL; idx: TIdC_INT; data: Pointer): TIdC_INT cdecl; external CLibSSL;
+  function SSL_get_ex_data(const ssl: PSSL; idx: TIdC_INT): Pointer cdecl; external CLibSSL;
+  //#define SSL_SESSION_get_ex_new_index(l, p, newf, dupf, freef) \
+  //    CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL_SESSION, l, p, newf, dupf, freef)
+  function SSL_SESSION_set_ex_data(ss: PSSL_SESSION; idx: TIdC_INT; data: Pointer): TIdC_INT cdecl; external CLibSSL;
+  function SSL_SESSION_get_ex_data(const ss: PSSL_SESSION; idx: TIdC_INT): Pointer cdecl; external CLibSSL;
+  //#define SSL_CTX_get_ex_new_index(l, p, newf, dupf, freef) \
+  //    CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL_CTX, l, p, newf, dupf, freef)
+  function SSL_CTX_set_ex_data(ssl: PSSL_CTX; idx: TIdC_INT; data: Pointer): TIdC_INT cdecl; external CLibSSL;
+  function SSL_CTX_get_ex_data(const ssl: PSSL_CTX; idx: TIdC_INT): Pointer cdecl; external CLibSSL;
+
+  function SSL_get_ex_data_X509_STORE_CTX_idx: TIdC_INT cdecl; external CLibSSL;
+
+  //# define SSL_CTX_get_default_read_ahead(ctx) SSL_CTX_get_read_ahead(ctx)
+  //# define SSL_CTX_set_default_read_ahead(ctx,m) SSL_CTX_set_read_ahead(ctx,m)
+  //# define SSL_CTX_get_read_ahead(ctx) \
+  //        SSL_CTX_ctrl(ctx,SSL_CTRL_GET_READ_AHEAD,0,NULL)
+  //# define SSL_CTX_set_read_ahead(ctx,m) \
+  //        SSL_CTX_ctrl(ctx,SSL_CTRL_SET_READ_AHEAD,m,NULL)
+  //# define SSL_CTX_get_max_cert_list(ctx) \
+  //        SSL_CTX_ctrl(ctx,SSL_CTRL_GET_MAX_CERT_LIST,0,NULL)
+  //# define SSL_CTX_set_max_cert_list(ctx,m) \
+  //        SSL_CTX_ctrl(ctx,SSL_CTRL_SET_MAX_CERT_LIST,m,NULL)
+  //# define SSL_get_max_cert_list(ssl) \
+  //        SSL_ctrl(ssl,SSL_CTRL_GET_MAX_CERT_LIST,0,NULL)
+  //# define SSL_set_max_cert_list(ssl,m) \
+  //        SSL_ctrl(ssl,SSL_CTRL_SET_MAX_CERT_LIST,m,NULL)
+  //
+  //# define SSL_CTX_set_max_send_fragment(ctx,m) \
+  //        SSL_CTX_ctrl(ctx,SSL_CTRL_SET_MAX_SEND_FRAGMENT,m,NULL)
+  //# define SSL_set_max_send_fragment(ssl,m) \
+  //        SSL_ctrl(ssl,SSL_CTRL_SET_MAX_SEND_FRAGMENT,m,NULL)
+  //# define SSL_CTX_set_split_send_fragment(ctx,m) \
+  //        SSL_CTX_ctrl(ctx,SSL_CTRL_SET_SPLIT_SEND_FRAGMENT,m,NULL)
+  //# define SSL_set_split_send_fragment(ssl,m) \
+  //        SSL_ctrl(ssl,SSL_CTRL_SET_SPLIT_SEND_FRAGMENT,m,NULL)
+  //# define SSL_CTX_set_max_pipelines(ctx,m) \
+  //        SSL_CTX_ctrl(ctx,SSL_CTRL_SET_MAX_PIPELINES,m,NULL)
+  //# define SSL_set_max_pipelines(ssl,m) \
+  //        SSL_ctrl(ssl,SSL_CTRL_SET_MAX_PIPELINES,m,NULL)
+
+  procedure SSL_CTX_set_default_read_buffer_len(ctx: PSSL_CTX; len: TIdC_SIZET) cdecl; external CLibSSL;
+  procedure SSL_set_default_read_buffer_len(s: PSSL; len: TIdC_SIZET) cdecl; external CLibSSL;
+
+  procedure SSL_CTX_set_tmp_dh_callback(ctx: PSSL_CTX; dh: SSL_CTX_set_tmp_dh_callback_dh) cdecl; external CLibSSL;
+  procedure SSL_set_tmp_dh_callback(ssl: PSSL; dh: SSL_set_tmp_dh_callback_dh) cdecl; external CLibSSL;
+
+  //__owur const COMP_METHOD *SSL_get_current_compression(const s: PSSL);
+  //__owur const COMP_METHOD *SSL_get_current_expansion(const s: PSSL);
+  //__owur const PIdAnsiChar *SSL_COMP_get_name(const COMP_METHOD *comp);
+  //__owur const PIdAnsiChar *SSL_COMP_get0_name(const SSL_COMP *comp);
+  //__owur TIdC_INT SSL_COMP_get_id(const SSL_COMP *comp);
+  //STACK_OF(SSL_COMP) *SSL_COMP_get_compression_methods(void);
+  //__owur STACK_OF(SSL_COMP) *SSL_COMP_set0_compression_methods(STACK_OF(SSL_COMP)
+  //                                                             *meths);
+  //# if OPENSSL_API_COMPAT < 0x10100000L
+  //#  define SSL_COMP_free_compression_methods() while(0) continue
+  //# endif
+  //__owur TIdC_INT SSL_COMP_add_compression_method(TIdC_INT id, COMP_METHOD *cm);
+
+  function SSL_CIPHER_find(ssl: PSSL; const ptr: PByte): PSSL_CIPHER cdecl; external CLibSSL;
+  function SSL_CIPHER_get_cipher_nid(const c: PSSL_CIPHEr): TIdC_INT cdecl; external CLibSSL;
+  function SSL_CIPHER_get_digest_nid(const c: PSSL_CIPHEr): TIdC_INT cdecl; external CLibSSL;
+  //TIdC_INT SSL_bytes_to_cipher_list(s: PSSL, const Byte *bytes, TIdC_SIZET len,
+  //                             TIdC_INT isv2format, STACK_OF(SSL_CIPHER) **sk,
+  //                             STACK_OF(SSL_CIPHER) **scsvs);
+
+  (* TLS extensions functions *)
+  function SSL_set_session_ticket_ext(s: PSSL; ext_data: Pointer; ext_len: TIdC_INT): TIdC_INT cdecl; external CLibSSL;
+  //
+  function SSL_set_session_ticket_ext_cb(s: PSSL; cb: tls_session_ticket_ext_cb_fn; arg: Pointer): TIdC_INT cdecl; external CLibSSL;
+
+  ///* Pre-shared secret session resumption functions */
+  //__owur TIdC_INT SSL_set_session_secret_cb(s: PSSL,
+  //                                     tls_session_secret_cb_fn session_secret_cb,
+  //                                     void *arg);
+
+  procedure SSL_CTX_set_not_resumable_session_callback(ctx: PSSL_CTX; cb: SSL_CTX_set_not_resumable_session_callback_cb) cdecl; external CLibSSL;
+  procedure SSL_set_not_resumable_session_callback(ssl: PSSL; cb: SSL_set_not_resumable_session_callback_cb) cdecl; external CLibSSL;
+  procedure SSL_CTX_set_record_padding_callback(ctx: PSSL_CTX; cb: SSL_CTX_set_record_padding_callback_cb) cdecl; external CLibSSL;
+
+  procedure SSL_CTX_set_record_padding_callback_arg(ctx: PSSL_CTX; arg: Pointer) cdecl; external CLibSSL;
+  function SSL_CTX_get_record_padding_callback_arg(const ctx: PSSL_CTX): Pointer cdecl; external CLibSSL;
+  function SSL_CTX_set_block_padding(ctx: PSSL_CTX; block_size: TIdC_SIZET): TIdC_INT cdecl; external CLibSSL;
+
+  procedure SSL_set_record_padding_callback(ssl: PSSL; cb: SSL_set_record_padding_callback_cb) cdecl; external CLibSSL;
+
+  procedure SSL_set_record_padding_callback_arg(ssl: PSSL; arg: Pointer) cdecl; external CLibSSL;
+  function SSL_get_record_padding_callback_arg(const ssl: PSSL): Pointer cdecl; external CLibSSL;
+  function SSL_set_block_padding(ssl: PSSL; block_size: TIdC_SIZET): TIdC_INT cdecl; external CLibSSL;
+  function SSL_set_num_tickets(s: PSSL; num_tickets: TIdC_SIZET): TIdC_INT cdecl; external CLibSSL;
+  function SSL_get_num_tickets(const s: PSSL): TIdC_SIZET cdecl; external CLibSSL;
+  function SSL_CTX_set_num_tickets(ctx: PSSL_CTX; num_tickets: TIdC_SIZET): TIdC_INT cdecl; external CLibSSL;
+  function SSL_CTX_get_num_tickets(const ctx: PSSL_CTX): TIdC_SIZET cdecl; external CLibSSL;
+
+  //# if OPENSSL_API_COMPAT < 0x10100000L
+  //#  define SSL_cache_hit(s) SSL_session_reused(s)
+  //# endif
+
+  function SSL_session_reused(const s: PSSL): TIdC_INT cdecl; external CLibSSL;
+  function SSL_is_server(const s: PSSL): TIdC_INT cdecl; external CLibSSL;
+
+  function SSL_CONF_CTX_new: PSSL_CONF_CTX cdecl; external CLibSSL;
+  function SSL_CONF_CTX_finish(cctx: PSSL_CONF_CTX): TIdC_INT cdecl; external CLibSSL;
+  procedure SSL_CONF_CTX_free(cctx: PSSL_CONF_CTX) cdecl; external CLibSSL;
+  function SSL_CONF_CTX_set_flags(cctx: PSSL_CONF_CTX; flags: TIdC_UINT): TIdC_UINT cdecl; external CLibSSL;
+  function SSL_CONF_CTX_clear_flags(cctx: PSSL_CONF_CTX; flags: TIdC_UINT): TIdC_UINT cdecl; external CLibSSL;
+  function SSL_CONF_CTX_set1_prefix(cctx: PSSL_CONF_CTX; const pre: PIdAnsiChar): TIdC_INT cdecl; external CLibSSL;
+  function SSL_CONF_cmd(cctx: PSSL_CONF_CTX; const cmd: PIdAnsiChar; const value: PIdAnsiChar): TIdC_INT cdecl; external CLibSSL;
+  function SSL_CONF_cmd_argv(cctx: PSSL_CONF_CTX; pargc: PIdC_INT; pargv: PPPIdAnsiChar): TIdC_INT cdecl; external CLibSSL;
+  function SSL_CONF_cmd_value_type(cctx: PSSL_CONF_CTX; const cmd: PIdAnsiChar): TIdC_INT cdecl; external CLibSSL;
+
+  procedure SSL_CONF_CTX_set_ssl(cctx: PSSL_CONF_CTX; ssl: PSSL) cdecl; external CLibSSL;
+  procedure SSL_CONF_CTX_set_ssl_ctx(cctx: PSSL_CONF_CTX; ctx: PSSL_CTX) cdecl; external CLibSSL;
+  procedure SSL_add_ssl_module cdecl; external CLibSSL;
+  function SSL_config(s: PSSL; const name: PIdAnsiChar): TIdC_INT cdecl; external CLibSSL;
+  function SSL_CTX_config(ctx: PSSL_CTX; const name: PIdAnsiChar): TIdC_INT cdecl; external CLibSSL;
+
+  procedure SSL_trace(write_p: TIdC_INT; version: TIdC_INT; content_type: TIdC_INT; const buf: Pointer; len: TIdC_SIZET; ssl: PSSL; arg: Pointer) cdecl; external CLibSSL;
+
+  function DTLSv1_listen(s: PSSL; client: PBIO_ADDr): TIdC_INT cdecl; external CLibSSL;
+
+  //# ifndef OPENSSL_NO_CT
+  //
+  ///*
+  // * A callback for verifying that the received SCTs are sufficient.
+  // * Expected to return 1 if they are sufficient, otherwise 0.
+  // * May return a negative integer if an error occurs.
+  // * A connection should be aborted if the SCTs are deemed insufficient.
+  // */
+  //typedef TIdC_INT (*ssl_ct_validation_cb)(const CT_POLICY_EVAL_CTX *ctx,
+  //                                    const STACK_OF(SCT) *scts, void *arg);
+
+  ///*
+  // * Sets a |callback| that is invoked upon receipt of ServerHelloDone to validate
+  // * the received SCTs.
+  // * If the callback returns a non-positive result, the connection is terminated.
+  // * Call this function before beginning a handshake.
+  // * If a NULL |callback| is provided, SCT validation is disabled.
+  // * |arg| is arbitrary userdata that will be passed to the callback whenever it
+  // * is invoked. Ownership of |arg| remains with the caller.
+  // *
+  // * NOTE: A side-effect of setting a CT callback is that an OCSP stapled response
+  // *       will be requested.
+  // */
+  //function SSL_set_ct_validation_callback(s: PSSL; callback: ssl_ct_validation_cb; arg: Pointer): TIdC_INT;
+  //function SSL_CTX_set_ct_validation_callback(ctx: PSSL_CTX; callback: ssl_ct_validation_cb; arg: Pointer): TIdC_INT;
+
+  //#define SSL_disable_ct(s) \
+  //        ((void) SSL_set_validation_callback((s), NULL, NULL))
+  //#define SSL_CTX_disable_ct(ctx) \
+  //        ((void) SSL_CTX_set_validation_callback((ctx), NULL, NULL))
+
+  ///*
+  // * The validation type enumerates the available behaviours of the built-&in SSL
+  // * CT validation callback selected via SSL_enable_ct() and SSL_CTX_enable_ct().
+  // * The underlying callback is a static function &in libssl.
+  // */
+
+  ///*
+  // * Enable CT by setting up a callback that implements one of the built-&in
+  // * validation variants.  The SSL_CT_VALIDATION_PERMISSIVE variant always
+  // * continues the handshake, the application can make appropriate decisions at
+  // * handshake completion.  The SSL_CT_VALIDATION_STRICT variant requires at
+  // * least one valid SCT, or else handshake termination will be requested.  The
+  // * handshake may continue anyway if SSL_VERIFY_NONE is &in effect.
+  // */
+  function SSL_enable_ct(s: PSSL; validation_mode: TIdC_INT): TIdC_INT cdecl; external CLibSSL;
+  function SSL_CTX_enable_ct(ctx: PSSL_CTX; validation_mode: TIdC_INT): TIdC_INT cdecl; external CLibSSL;
+
+  ///*
+  // * Report whether a non-NULL callback is enabled.
+  // */
+  function SSL_ct_is_enabled(const s: PSSL): TIdC_INT cdecl; external CLibSSL;
+  function SSL_CTX_ct_is_enabled(const ctx: PSSL_CTX): TIdC_INT cdecl; external CLibSSL;
+
+  ///* Gets the SCTs received from a connection */
+  //const STACK_OF(SCT) *SSL_get0_peer_scts(s: PSSL);
+
+  function SSL_CTX_set_default_ctlog_list_file(ctx: PSSL_CTX): TIdC_INT cdecl; external CLibSSL;
+  function SSL_CTX_set_ctlog_list_file(ctx: PSSL_CTX; const path: PIdAnsiChar): TIdC_INT cdecl; external CLibSSL;
+  procedure SSL_CTX_set0_ctlog_store(ctx: PSSL_CTX; logs: PCTLOG_STORE) cdecl; external CLibSSL;
+
+  // const CTLOG_STORE *SSL_CTX_get0_ctlog_store(const ctx: PSSL_CTX);
+
+  // # endif /* OPENSSL_NO_CT */
+
+  procedure SSL_set_security_level(s: PSSL; level: TIdC_INT) cdecl; external CLibSSL;
+
+  ////__owur TIdC_INT SSL_get_security_level(const s: PSSL);
+  procedure SSL_set_security_callback(s: PSSL; cb: SSL_security_callback) cdecl; external CLibSSL;
+  function SSL_get_security_callback(const s: PSSL): SSL_security_callback cdecl; external CLibSSL;
+  procedure SSL_set0_security_ex_data(s: PSSL; ex: Pointer) cdecl; external CLibSSL;
+  function SSL_get0_security_ex_data(const s: PSSL): Pointer cdecl; external CLibSSL;
+  procedure SSL_CTX_set_security_level(ctx: PSSL_CTX; level: TIdC_INT) cdecl; external CLibSSL;
+  function SSL_CTX_get_security_level(const ctx: PSSL_CTX): TIdC_INT cdecl; external CLibSSL;
+  //void SSL_CTX_set_security_callback(ctx: PSSL_CTX,
+  //                                   TIdC_INT (*cb) (const s: PSSL, const ctx: PSSL_CTX,
+  //                                              TIdC_INT op, TIdC_INT bits, TIdC_INT nid,
+  //                                              void *other, void *ex));
+  //TIdC_INT (*SSL_CTX_get_security_callback(const ctx: PSSL_CTX)) (const s: PSSL,
+  //                                                          const ctx: PSSL_CTX,
+  //                                                          TIdC_INT op, TIdC_INT bits,
+  //                                                          TIdC_INT nid,
+  //                                                          void *other,
+  //                                                          void *ex);
+
+  function SSL_CTX_get0_security_ex_data(const ctx: PSSL_CTX): Pointer cdecl; external CLibSSL;
+
+  procedure SSL_CTX_set0_security_ex_data(ctx: PSSL_CTX; ex: Pointer) cdecl; external CLibSSL;
+
+  function OPENSSL_init_ssl(opts: TIdC_UINT64; const settings: POPENSSL_INIT_SETTINGS): TIdC_INT cdecl; external CLibSSL;
+
+  //# ifndef OPENSSL_NO_UNIT_TEST
+  //__owur const struct openssl_ssl_test_functions *SSL_test_functions(void);
+  //# endif
+
+  function SSL_free_buffers(ssl: PSSL): TIdC_INT cdecl; external CLibSSL;
+  function SSL_alloc_buffers(ssl: PSSL): TIdC_INT cdecl; external CLibSSL;
+
+  function SSL_CTX_set_session_ticket_cb(ctx: PSSL_CTX; gen_cb: SSL_CTX_generate_session_ticket_fn; dec_cb: SSL_CTX_decrypt_session_ticket_fn; arg: Pointer): TIdC_INT cdecl; external CLibSSL;
+
+  function SSL_SESSION_set1_ticket_appdata(ss: PSSL_SESSION; const data: Pointer; len: TIdC_SIZET): TIdC_INT cdecl; external CLibSSL;
+  function SSL_SESSION_get0_ticket_appdata(ss: PSSL_SESSION; data: PPointer; len: PIdC_SIZET): TIdC_INT cdecl; external CLibSSL;
+
+  //extern const PIdAnsiChar SSL_version_str[];
+
+  procedure DTLS_set_timer_cb(s: PSSL; cb: DTLS_timer_cb) cdecl; external CLibSSL;
+  procedure SSL_CTX_set_allow_early_data_cb(ctx: PSSL_CTX; cb: SSL_allow_early_data_cb_fN; arg: Pointer) cdecl; external CLibSSL;
+  procedure SSL_set_allow_early_data_cb(s: PSSL; cb: SSL_allow_early_data_cb_fN; arg: Pointer) cdecl; external CLibSSL;
+
+implementation
+
+
+{$REGION 'C compiler macros'}
+
+//# define SSL_CTX_set_mode(ctx,op)      SSL_CTX_ctrl((ctx),SSL_CTRL_MODE,(op),NULL)
+function SSL_CTX_set_mode(ctx: PSSL_CTX; op: TIdC_LONG): TIdC_LONG;
+
+begin
+
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_MODE, op, nil);
+end;
+
+
+//# define SSL_CTX_clear_mode(ctx,op)   SSL_CTX_ctrl((ctx),SSL_CTRL_CLEAR_MODE,(op),NULL)
+function SSL_CTX_clear_mode(ctx: PSSL_CTX; op: TIdC_LONG): TIdC_LONG;
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_CLEAR_MODE, op, nil);
+end;
+
+//# define SSL_CTX_sess_set_cache_size(ctx,t)         SSL_CTX_ctrl(ctx,SSL_CTRL_SET_SESS_CACHE_SIZE,t,NULL)
+function SSL_CTX_sess_set_cache_size(ctx: PSSL_CTX; t: TIdC_LONG): TIdC_LONG;
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_SET_SESS_CACHE_SIZE, t, nil);
+end;
+
+//# define SSL_CTX_sess_get_cache_size(ctx)           SSL_CTX_ctrl(ctx,SSL_CTRL_GET_SESS_CACHE_SIZE,0,NULL)
+function SSL_CTX_sess_get_cache_size(ctx: PSSL_CTX): TIdC_LONG;
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_GET_SESS_CACHE_SIZE, 0, nil);
+end;
+
+//# define SSL_CTX_set_session_cache_mode(ctx,m)      SSL_CTX_ctrl(ctx,SSL_CTRL_SET_SESS_CACHE_MODE,m,NULL)
+function SSL_CTX_set_session_cache_mode(ctx: PSSL_CTX; m: TIdC_LONG): TIdC_LONG;
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_SET_SESS_CACHE_MODE, m, nil);
+end;
+
+//# define SSL_CTX_get_session_cache_mode(ctx)        SSL_CTX_ctrl(ctx,SSL_CTRL_GET_SESS_CACHE_MODE,0,NULL)
+function SSL_CTX_get_session_cache_mode(ctx: PSSL_CTX): TIdC_LONG;
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_GET_SESS_CACHE_MODE, 0, nil);
+end;
+
+//# define SSL_num_renegotiations(ssl)                       SSL_ctrl((ssl),SSL_CTRL_GET_NUM_RENEGOTIATIONS,0,NULL)
+function SSL_num_renegotiations(ssl: PSSL): TIdC_LONG;
+begin
+  Result := SSL_ctrl(ssl, SSL_CTRL_GET_NUM_RENEGOTIATIONS, 0, nil);
+end;
+
+//# define SSL_clear_num_renegotiations(ssl)                 SSL_ctrl((ssl),SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS,0,NULL)
+function SSL_clear_num_renegotiations(ssl: PSSL): TIdC_LONG;
+begin
+  Result := SSL_ctrl(ssl, SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS, 0, nil);
+end;
+
+//# define SSL_total_renegotiations(ssl)                     SSL_ctrl((ssl),SSL_CTRL_GET_TOTAL_RENEGOTIATIONS,0,NULL)
+function SSL_total_renegotiations(ssl: PSSL): TIdC_LONG;
+begin
+  Result := SSL_ctrl(ssl, SSL_CTRL_GET_TOTAL_RENEGOTIATIONS, 0, nil);
+end;
+
+//# define SSL_CTX_set_tmp_dh(ctx,dh)                        SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_DH,0,(char *)(dh))
+function SSL_CTX_set_tmp_dh(ctx: PSSL_CTX; dh: PByte): TIdC_LONG;
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_SET_TMP_DH, 0, dh);
+end;
+
+//# define SSL_CTX_set_tmp_ecdh(ctx,ecdh)                    SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_ECDH,0,(char *)(ecdh))
+function SSL_CTX_set_tmp_ecdh(ctx: PSSL_CTX; ecdh: PByte): TIdC_LONG;
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_SET_TMP_ECDH, 0, ecdh);
+end;
+
+//# define SSL_CTX_set_dh_auto(ctx, onoff)                   SSL_CTX_ctrl(ctx,SSL_CTRL_SET_DH_AUTO,onoff,NULL)
+function SSL_CTX_set_dh_auto(ctx: PSSL_CTX; onoff: TIdC_LONG): TIdC_LONG;
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_SET_DH_AUTO, onoff, nil);
+end;
+
+//# define SSL_set_dh_auto(s, onoff)                         SSL_ctrl(s,SSL_CTRL_SET_DH_AUTO,onoff,NULL)
+function SSL_set_dh_auto(s: PSSL; onoff: TIdC_LONG): TIdC_LONG;
+begin
+  Result := SSL_ctrl(s, SSL_CTRL_SET_DH_AUTO, onoff, nil);
+end;
+
+//# define SSL_set_tmp_dh(ssl,dh)                            SSL_ctrl(ssl,SSL_CTRL_SET_TMP_DH,0,(char *)(dh))
+function SSL_set_tmp_dh(ssl: PSSL; dh: PByte): TIdC_LONG;
+begin
+  Result := SSL_ctrl(ssl, SSL_CTRL_SET_TMP_DH, 0, dh);
+end;
+
+//# define SSL_set_tmp_ecdh(ssl,ecdh)                        SSL_ctrl(ssl,SSL_CTRL_SET_TMP_ECDH,0,(char *)(ecdh))
+function SSL_set_tmp_ecdh(ssl: PSSL; ecdh: PByte): TIdC_LONG;
+begin
+  Result := SSL_ctrl(ssl, SSL_CTRL_SET_TMP_ECDH, 0, ecdh);
+end;
+
+//# define SSL_CTX_add_extra_chain_cert(ctx,x509)            SSL_CTX_ctrl(ctx,SSL_CTRL_EXTRA_CHAIN_CERT,0,(char *)(x509))
+function SSL_CTX_add_extra_chain_cert(ctx: PSSL_CTX; x509: PByte): TIdC_LONG;
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_EXTRA_CHAIN_CERT, 0, x509);
+end;
+
+//# define SSL_CTX_get_extra_chain_certs(ctx,px509)          SSL_CTX_ctrl(ctx,SSL_CTRL_GET_EXTRA_CHAIN_CERTS,0,px509)
+function SSL_CTX_get_extra_chain_certs(ctx: PSSL_CTX; px509: Pointer): TIdC_LONG;
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_GET_EXTRA_CHAIN_CERTS, 0, px509);
+end;
+
+//# define SSL_CTX_get_extra_chain_certs_only(ctx,px509)     SSL_CTX_ctrl(ctx,SSL_CTRL_GET_EXTRA_CHAIN_CERTS,1,px509)
+function SSL_CTX_get_extra_chain_certs_only(ctx: PSSL_CTX; px509: Pointer): TIdC_LONG;
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_GET_EXTRA_CHAIN_CERTS, 1, px509);
+end;
+
+//# define SSL_CTX_clear_extra_chain_certs(ctx)              SSL_CTX_ctrl(ctx,SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS,0,NULL)
+function SSL_CTX_clear_extra_chain_certs(ctx: PSSL_CTX): TIdC_LONG;
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS, 0, nil);
+end;
+
+//# define SSL_CTX_set0_chain(ctx,sk)                        SSL_CTX_ctrl(ctx,SSL_CTRL_CHAIN,0,(char *)(sk))
+function SSL_CTX_set0_chain(ctx: PSSL_CTX; sk: PByte): TIdC_LONG;
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_CHAIN, 0, sk);
+end;
+
+//# define SSL_CTX_set1_chain(ctx,sk)                        SSL_CTX_ctrl(ctx,SSL_CTRL_CHAIN,1,(char *)(sk))
+function SSL_CTX_set1_chain(ctx: PSSL_CTX; sk: PByte): TIdC_LONG;
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_CHAIN, 1, sk);
+end;
+
+//# define SSL_CTX_add0_chain_cert(ctx,x509)                 SSL_CTX_ctrl(ctx,SSL_CTRL_CHAIN_CERT,0,(char *)(x509))
+function SSL_CTX_add0_chain_cert(ctx: PSSL_CTX; x509: PByte): TIdC_LONG;
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_CHAIN_CERT, 0, x509);
+end;
+
+//# define SSL_CTX_add1_chain_cert(ctx,x509)                 SSL_CTX_ctrl(ctx,SSL_CTRL_CHAIN_CERT,1,(char *)(x509))
+function SSL_CTX_add1_chain_cert(ctx: PSSL_CTX; x509: PByte): TIdC_LONG;
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_CHAIN_CERT, 1, x509);
+end;
+
+//# define SSL_CTX_get0_chain_certs(ctx,px509)               SSL_CTX_ctrl(ctx,SSL_CTRL_GET_CHAIN_CERTS,0,px509)
+function SSL_CTX_get0_chain_certs(ctx: PSSL_CTX; px509: Pointer): TIdC_LONG;
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_GET_CHAIN_CERTS, 0, px509);
+end;
+
+//# define SSL_CTX_clear_chain_certs(ctx)                    SSL_CTX_set0_chain(ctx,NULL)
+function SSL_CTX_clear_chain_certs(ctx: PSSL_CTX): TIdC_LONG;
+begin
+  Result := SSL_CTX_set0_chain(ctx, nil);
+end;
+
+//# define SSL_CTX_build_cert_chain(ctx, flags)              SSL_CTX_ctrl(ctx,SSL_CTRL_BUILD_CERT_CHAIN, flags, NULL)
+function SSL_CTX_build_cert_chain(ctx: PSSL_CTX; flags: TIdC_LONG): TIdC_LONG;
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_BUILD_CERT_CHAIN, flags, nil);
+end;
+
+//# define SSL_CTX_select_current_cert(ctx,x509)             SSL_CTX_ctrl(ctx,SSL_CTRL_SELECT_CURRENT_CERT,0,(char *)(x509))
+function SSL_CTX_select_current_cert(ctx: PSSL_CTX; x509: PByte): TIdC_LONG;
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_SELECT_CURRENT_CERT, 0, x509);
+end;
+
+//# define SSL_CTX_set_current_cert(ctx, op)                 SSL_CTX_ctrl(ctx,SSL_CTRL_SET_CURRENT_CERT, op, NULL)
+function SSL_CTX_set_current_cert(ctx: PSSL_CTX; op: TIdC_LONG): TIdC_LONG;
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_SET_CURRENT_CERT, op, nil);
+end;
+
+//# define SSL_CTX_set0_verify_cert_store(ctx,st)            SSL_CTX_ctrl(ctx,SSL_CTRL_SET_VERIFY_CERT_STORE,0,(char *)(st))
+function SSL_CTX_set0_verify_cert_store(ctx: PSSL_CTX; st: Pointer): TIdC_LONG;
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_SET_VERIFY_CERT_STORE, 0, st);
+end;
+
+//# define SSL_CTX_set1_verify_cert_store(ctx,st)            SSL_CTX_ctrl(ctx,SSL_CTRL_SET_VERIFY_CERT_STORE,1,(char *)(st))
+function SSL_CTX_set1_verify_cert_store(ctx: PSSL_CTX; st: Pointer): TIdC_LONG;
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_SET_VERIFY_CERT_STORE, 1, st);
+end;
+
+//# define SSL_CTX_set0_chain_cert_store(ctx,st)             SSL_CTX_ctrl(ctx,SSL_CTRL_SET_CHAIN_CERT_STORE,0,(char *)(st))
+function SSL_CTX_set0_chain_cert_store(ctx: PSSL_CTX; st: Pointer): TIdC_LONG;
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_SET_CHAIN_CERT_STORE, 0, st);
+end;
+
+//# define SSL_CTX_set1_chain_cert_store(ctx,st)             SSL_CTX_ctrl(ctx,SSL_CTRL_SET_CHAIN_CERT_STORE,1,(char *)(st))
+function SSL_CTX_set1_chain_cert_store(ctx: PSSL_CTX; st: Pointer): TIdC_LONG;
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_SET_CHAIN_CERT_STORE, 1, st);
+end;
+
+//# define SSL_set0_chain(s,sk)                              SSL_ctrl(s,SSL_CTRL_CHAIN,0,(char *)(sk))
+function SSL_set0_chain(s: PSSL; sk: PByte): TIdC_LONG;
+begin
+  Result := SSL_ctrl(s, SSL_CTRL_CHAIN, 0, sk);
+end;
+
+//# define SSL_set1_chain(s,sk)                              SSL_ctrl(s,SSL_CTRL_CHAIN,1,(char *)(sk))
+function SSL_set1_chain(s: PSSL; sk: PByte): TIdC_LONG;
+begin
+  Result := SSL_ctrl(s, SSL_CTRL_CHAIN, 1, sk);
+end;
+
+//# define SSL_add0_chain_cert(s,x509)                       SSL_ctrl(s,SSL_CTRL_CHAIN_CERT,0,(char *)(x509))
+function SSL_add0_chain_cert(s: PSSL; x509: PByte): TIdC_LONG;
+begin
+  Result := SSL_ctrl(s, SSL_CTRL_CHAIN_CERT, 0, x509);
+end;
+
+//# define SSL_add1_chain_cert(s,x509)                       SSL_ctrl(s,SSL_CTRL_CHAIN_CERT,1,(char *)(x509))
+function SSL_add1_chain_cert(s: PSSL; x509: PByte): TIdC_LONG;
+begin
+  Result := SSL_ctrl(s, SSL_CTRL_CHAIN_CERT, 1, x509);
+end;
+
+//# define SSL_get0_chain_certs(s,px509)                     SSL_ctrl(s,SSL_CTRL_GET_CHAIN_CERTS,0,px509)
+function SSL_get0_chain_certs(s: PSSL; px509: Pointer): TIdC_LONG;
+begin
+  Result := SSL_ctrl(s, SSL_CTRL_GET_CHAIN_CERTS, 0, px509);
+end;
+
+//# define SSL_clear_chain_certs(s)                          SSL_set0_chain(s,NULL)
+function SSL_clear_chain_certs(s: PSSL): TIdC_LONG;
+begin
+  Result := SSL_set0_chain(s, nil);
+end;
+
+//# define SSL_build_cert_chain(s, flags)                    SSL_ctrl(s,SSL_CTRL_BUILD_CERT_CHAIN, flags, NULL)
+function SSL_build_cert_chain(s: PSSL; flags: TIdC_LONG): TIdC_LONG;
+begin
+  Result := SSL_ctrl(s, SSL_CTRL_BUILD_CERT_CHAIN, flags, nil);
+end;
+
+//# define SSL_select_current_cert(s,x509)                   SSL_ctrl(s,SSL_CTRL_SELECT_CURRENT_CERT,0,(char *)(x509))
+function SSL_select_current_cert(s: PSSL; x509: PByte): TIdC_LONG;
+begin
+  Result := SSL_ctrl(s, SSL_CTRL_SELECT_CURRENT_CERT, 0, x509);
+end;
+
+//# define SSL_set_current_cert(s,op)                        SSL_ctrl(s,SSL_CTRL_SET_CURRENT_CERT, op, NULL)
+function SSL_set_current_cert(s: PSSL; op: TIdC_LONG): TIdC_LONG;
+begin
+  Result := SSL_ctrl(s, SSL_CTRL_SET_CURRENT_CERT, op, nil);
+end;
+
+//# define SSL_set0_verify_cert_store(s,st)                  SSL_ctrl(s,SSL_CTRL_SET_VERIFY_CERT_STORE,0,(char *)(st))
+function SSL_set0_verify_cert_store(s: PSSL; st: PByte): TIdC_LONG;
+begin
+  Result := SSL_ctrl(s, SSL_CTRL_SET_VERIFY_CERT_STORE, 0, st);
+end;
+
+//# define SSL_set1_verify_cert_store(s,st)                  SSL_ctrl(s,SSL_CTRL_SET_VERIFY_CERT_STORE,1,(char *)(st))
+function SSL_set1_verify_cert_store(s: PSSL; st: PByte): TIdC_LONG;
+begin
+  Result := SSL_ctrl(s, SSL_CTRL_SET_VERIFY_CERT_STORE, 1, st);
+end;
+
+//# define SSL_set0_chain_cert_store(s,st)                   SSL_ctrl(s,SSL_CTRL_SET_CHAIN_CERT_STORE,0,(char *)(st))
+function SSL_set0_chain_cert_store(s: PSSL; st: PByte): TIdC_LONG;
+begin
+  Result := SSL_ctrl(s, SSL_CTRL_SET_CHAIN_CERT_STORE, 0, st);
+end;
+
+//# define SSL_set1_chain_cert_store(s,st)                   SSL_ctrl(s,SSL_CTRL_SET_CHAIN_CERT_STORE,1,(char *)(st))
+function SSL_set1_chain_cert_store(s: PSSL; st: PByte): TIdC_LONG;
+begin
+  Result := SSL_ctrl(s, SSL_CTRL_SET_CHAIN_CERT_STORE, 1, st);
+end;
+
+//# define SSL_get1_groups(s, glist)                         SSL_ctrl(s,SSL_CTRL_GET_GROUPS,0,(TIdC_INT*)(glist))
+function SSL_get1_groups(s: PSSL; glist: PIdC_INT): TIdC_LONG;
+begin
+  Result := SSL_ctrl(s, SSL_CTRL_GET_GROUPS, 0, glist);
+end;
+
+//# define SSL_CTX_set1_groups(ctx, glist, glistlen)         SSL_CTX_ctrl(ctx,SSL_CTRL_SET_GROUPS,glistlen,(char *)(glist))
+function SSL_CTX_set1_groups(ctx: PSSL_CTX; glist: PByte; glistlen: TIdC_LONG): TIdC_LONG;
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_SET_GROUPS, glistlen, glist);
+end;
+
+//# define SSL_CTX_set1_groups_list(ctx, s)                  SSL_CTX_ctrl(ctx,SSL_CTRL_SET_GROUPS_LIST,0,(char *)(s))
+function SSL_CTX_set1_groups_list(ctx: PSSL_CTX; s: PByte): TIdC_LONG;
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_SET_GROUPS_LIST, 0, s);
+end;
+
+//# define SSL_set1_groups(s, glist, glistlen)               SSL_ctrl(s,SSL_CTRL_SET_GROUPS,glistlen,(char *)(glist))
+function SSL_set1_groups(s: PSSL; glist: PByte; glistlen: TIdC_LONG): TIdC_LONG;
+begin
+  Result := SSL_ctrl(s, SSL_CTRL_SET_GROUPS, glistlen, glist);
+end;
+
+//# define SSL_set1_groups_list(s, str)                      SSL_ctrl(s,SSL_CTRL_SET_GROUPS_LIST,0,(char *)(str))
+function SSL_set1_groups_list(s: PSSL; str: PByte): TIdC_LONG;
+begin
+  Result := SSL_ctrl(s, SSL_CTRL_SET_GROUPS_LIST, 0, str);
+end;
+
+//# define SSL_get_shared_group(s, n)                        SSL_ctrl(s,SSL_CTRL_GET_SHARED_GROUP,n,NULL)
+function SSL_get_shared_group(s: PSSL; n: TIdC_LONG): TIdC_LONG;
+begin
+  Result := SSL_ctrl(s, SSL_CTRL_GET_SHARED_GROUP, n, nil);
+end;
+
+//# define SSL_CTX_set1_sigalgs(ctx, slist, slistlen)        SSL_CTX_ctrl(ctx,SSL_CTRL_SET_SIGALGS,slistlen,(TIdC_INT *)(slist))
+function SSL_CTX_set1_sigalgs(ctx: PSSL_CTX; slist: PIdC_INT; slistlen: TIdC_LONG): TIdC_LONG;
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_SET_SIGALGS, slistlen, slist);
+end;
+
+//# define SSL_CTX_set1_sigalgs_list(ctx, s)                 SSL_CTX_ctrl(ctx,SSL_CTRL_SET_SIGALGS_LIST,0,(char *)(s))
+function SSL_CTX_set1_sigalgs_list(ctx: PSSL_CTX; s: PByte): TIdC_LONG;
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_SET_SIGALGS_LIST, 0, s);
+end;
+
+//# define SSL_set1_sigalgs(s, slist, slistlen)              SSL_ctrl(s,SSL_CTRL_SET_SIGALGS,slistlen,(TIdC_INT *)(slist))
+function SSL_set1_sigalgs(s: PSSL; slist: PIdC_INT; slistlen: TIdC_LONG): TIdC_LONG;
+begin
+  Result := SSL_ctrl(s, SSL_CTRL_SET_SIGALGS, slistlen, slist);
+end;
+
+//# define SSL_set1_sigalgs_list(s, str)                     SSL_ctrl(s,SSL_CTRL_SET_SIGALGS_LIST,0,(char *)(str))
+function SSL_set1_sigalgs_list(s: PSSL; str: PByte): TIdC_LONG;
+begin
+  Result := SSL_ctrl(s, SSL_CTRL_SET_SIGALGS_LIST, 0, str);
+end;
+
+//# define SSL_CTX_set1_client_sigalgs(ctx, slist, slistlen) SSL_CTX_ctrl(ctx,SSL_CTRL_SET_CLIENT_SIGALGS,slistlen,(TIdC_INT *)(slist))
+function SSL_CTX_set1_client_sigalgs(ctx: PSSL_CTX; slist: PIdC_INT; slistlen: TIdC_LONG): TIdC_LONG;
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_SET_CLIENT_SIGALGS, slistlen, slist);
+end;
+
+//# define SSL_CTX_set1_client_sigalgs_list(ctx, s)          SSL_CTX_ctrl(ctx,SSL_CTRL_SET_CLIENT_SIGALGS_LIST,0,(char *)(s))
+function SSL_CTX_set1_client_sigalgs_list(ctx: PSSL_CTX; s: PByte): TIdC_LONG;
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_SET_CLIENT_SIGALGS_LIST, 0, s);
+end;
+
+//# define SSL_set1_client_sigalgs(s, slist, slistlen)       SSL_ctrl(s,SSL_CTRL_SET_CLIENT_SIGALGS,slistlen,(TIdC_INT *)(slist))
+function SSL_set1_client_sigalgs(s: PSSL; slist: PIdC_INT; slistlen: TIdC_LONG): TIdC_LONG;
+begin
+  Result := SSL_ctrl(s, SSL_CTRL_SET_CLIENT_SIGALGS, slistlen, slist);
+end;
+
+//# define SSL_set1_client_sigalgs_list(s, str)              SSL_ctrl(s,SSL_CTRL_SET_CLIENT_SIGALGS_LIST,0,(char *)(str))
+function SSL_set1_client_sigalgs_list(s: PSSL; str: PByte): TIdC_LONG;
+begin
+  Result := SSL_ctrl(s, SSL_CTRL_SET_CLIENT_SIGALGS_LIST, 0, str);
+end;
+
+//# define SSL_get0_certificate_types(s, clist)              SSL_ctrl(s, SSL_CTRL_GET_CLIENT_CERT_TYPES, 0, (char *)(clist))
+function SSL_get0_certificate_types(s: PSSL; clist: PByte): TIdC_LONG;
+begin
+  Result := SSL_ctrl(s, SSL_CTRL_GET_CLIENT_CERT_TYPES, 0, clist);
+end;
+
+//# define SSL_CTX_set1_client_certificate_types(ctx, clist, clistlen)   SSL_CTX_ctrl(ctx,SSL_CTRL_SET_CLIENT_CERT_TYPES,clistlen, (char *)(clist))
+function SSL_CTX_set1_client_certificate_types(ctx: PSSL_CTX; clist: PByte; clistlen: TIdC_LONG): TIdC_LONG;
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_SET_CLIENT_CERT_TYPES, clistlen, clist);
+end;
+
+//# define SSL_set1_client_certificate_types(s, clist, clistlen)         SSL_ctrl(s,SSL_CTRL_SET_CLIENT_CERT_TYPES,clistlen,(char *)(clist))
+function SSL_set1_client_certificate_types(s: PSSL; clist: PByte; clistlen: TIdC_LONG): TIdC_LONG;
+begin
+  Result := SSL_ctrl(s, SSL_CTRL_SET_CLIENT_CERT_TYPES, clistlen, clist);
+end;
+
+//# define SSL_get_signature_nid(s, pn)                      SSL_ctrl(s,SSL_CTRL_GET_SIGNATURE_NID,0,pn)
+function SSL_get_signature_nid(s: PSSL; pn: Pointer): TIdC_LONG;
+begin
+  Result := SSL_ctrl(s, SSL_CTRL_GET_SIGNATURE_NID, 0, pn);
+end;
+
+//# define SSL_get_peer_signature_nid(s, pn)                 SSL_ctrl(s,SSL_CTRL_GET_PEER_SIGNATURE_NID,0,pn)
+function SSL_get_peer_signature_nid(s: PSSL; pn: Pointer): TIdC_LONG;
+begin
+  Result := SSL_ctrl(s, SSL_CTRL_GET_PEER_SIGNATURE_NID, 0, pn);
+end;
+
+//# define SSL_get_peer_tmp_key(s, pk)                       SSL_ctrl(s,SSL_CTRL_GET_PEER_TMP_KEY,0,pk)
+function SSL_get_peer_tmp_key(s: PSSL; pk: Pointer): TIdC_LONG;
+begin
+  Result := SSL_ctrl(s, SSL_CTRL_GET_PEER_TMP_KEY, 0, pk);
+end;
+
+//# define SSL_get_tmp_key(s, pk)                            SSL_ctrl(s,SSL_CTRL_GET_TMP_KEY,0,pk)
+function SSL_get_tmp_key(s: PSSL; pk: Pointer): TIdC_LONG;
+begin
+  Result := SSL_ctrl(s, SSL_CTRL_GET_TMP_KEY, 0, pk);
+end;
+
+//# define SSL_get0_raw_cipherlist(s, plst)                  SSL_ctrl(s,SSL_CTRL_GET_RAW_CIPHERLIST,0,plst)
+function SSL_get0_raw_cipherlist(s: PSSL; plst: Pointer): TIdC_LONG;
+begin
+  Result := SSL_ctrl(s, SSL_CTRL_GET_RAW_CIPHERLIST, 0, plst);
+end;
+
+//# define SSL_get0_ec_point_formats(s, plst)                SSL_ctrl(s,SSL_CTRL_GET_EC_POINT_FORMATS,0,plst)
+function SSL_get0_ec_point_formats(s: PSSL; plst: Pointer): TIdC_LONG;
+begin
+  Result := SSL_ctrl(s, SSL_CTRL_GET_EC_POINT_FORMATS, 0, plst);
+end;
+
+//# define SSL_CTX_set_min_proto_version(ctx, version)       SSL_CTX_ctrl(ctx, SSL_CTRL_SET_MIN_PROTO_VERSION, version, NULL)
+function SSL_CTX_set_min_proto_version(ctx: PSSL_CTX; version: TIdC_LONG): TIdC_LONG;
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_SET_MIN_PROTO_VERSION, version, nil);
+end;
+
+//# define SSL_CTX_set_max_proto_version(ctx, version)       SSL_CTX_ctrl(ctx, SSL_CTRL_SET_MAX_PROTO_VERSION, version, NULL)
+function SSL_CTX_set_max_proto_version(ctx: PSSL_CTX; version: TIdC_LONG): TIdC_LONG;
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_SET_MAX_PROTO_VERSION, version, nil);
+end;
+
+//# define SSL_CTX_get_min_proto_version(ctx)                SSL_CTX_ctrl(ctx, SSL_CTRL_GET_MIN_PROTO_VERSION, 0, NULL)
+function SSL_CTX_get_min_proto_version(ctx: PSSL_CTX): TIdC_LONG;
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_GET_MIN_PROTO_VERSION, 0, nil);
+end;
+
+//# define SSL_CTX_get_max_proto_version(ctx)                SSL_CTX_ctrl(ctx, SSL_CTRL_GET_MAX_PROTO_VERSION, 0, NULL)
+function SSL_CTX_get_max_proto_version(ctx: PSSL_CTX): TIdC_LONG;
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_GET_MAX_PROTO_VERSION, 0, nil);
+end;
+
+//# define SSL_set_min_proto_version(s, version)             SSL_ctrl(s, SSL_CTRL_SET_MIN_PROTO_VERSION, version, NULL)
+function SSL_set_min_proto_version(s: PSSL; version: TIdC_LONG): TIdC_LONG;
+begin
+  Result := SSL_ctrl(s, SSL_CTRL_SET_MIN_PROTO_VERSION, version, nil);
+end;
+
+//# define SSL_set_max_proto_version(s, version)             SSL_ctrl(s, SSL_CTRL_SET_MAX_PROTO_VERSION, version, NULL)
+function SSL_set_max_proto_version(s: PSSL; version: TIdC_LONG): TIdC_LONG;
+begin
+  Result := SSL_ctrl(s, SSL_CTRL_SET_MAX_PROTO_VERSION, version, nil);
+end;
+
+//# define SSL_get_min_proto_version(s)                      SSL_ctrl(s, SSL_CTRL_GET_MIN_PROTO_VERSION, 0, NULL)
+function SSL_get_min_proto_version(s: PSSL): TIdC_LONG;
+begin
+  Result := SSL_ctrl(s, SSL_CTRL_GET_MIN_PROTO_VERSION, 0, nil);
+end;
+
+//# define SSL_get_max_proto_version(s)                      SSL_ctrl(s, SSL_CTRL_GET_MAX_PROTO_VERSION, 0, NULL)
+function SSL_get_max_proto_version(s: PSSL): TIdC_LONG;
+begin
+  Result := SSL_ctrl(s, SSL_CTRL_GET_MAX_PROTO_VERSION, 0, nil);
+end;
+{$ENDREGION}
+
+end.
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ssl3.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ssl3.pas
new file mode 100644
index 000000000..07d9a6007
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ssl3.pas
@@ -0,0 +1,332 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 14:51:27
+
+unit IdOpenSSLHeaders_ssl3;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// ssl3.h
+
+{$i IdCompilerDefines.inc}
+
+const
+  (*
+   * Signalling cipher suite value from RFC 5746
+   * (TLS_EMPTY_RENEGOTIATION_INFO_SCSV)
+   *)
+  SSL3_CK_SCSV = $030000FF;
+
+  (*
+  * Signalling cipher suite value from draft-ietf-tls-downgrade-scsv-00
+  * (TLS_FALLBACK_SCSV)
+  *)
+  SSL3_CK_FALLBACK_SCSV = $03005600;
+
+  SSL3_CK_RSA_NULL_MD5 = $03000001;
+  SSL3_CK_RSA_NULL_SHA = $03000002;
+  SSL3_CK_RSA_RC4_40_MD5 = $03000003;
+  SSL3_CK_RSA_RC4_128_MD5 = $03000004;
+  SSL3_CK_RSA_RC4_128_SHA = $03000005;
+  SSL3_CK_RSA_RC2_40_MD5 = $03000006;
+  SSL3_CK_RSA_IDEA_128_SHA = $03000007;
+  SSL3_CK_RSA_DES_40_CBC_SHA = $03000008;
+  SSL3_CK_RSA_DES_64_CBC_SHA = $03000009;
+  SSL3_CK_RSA_DES_192_CBC3_SHA = $0300000A;
+
+  SSL3_CK_DH_DSS_DES_40_CBC_SHA = $0300000B;
+  SSL3_CK_DH_DSS_DES_64_CBC_SHA = $0300000C;
+  SSL3_CK_DH_DSS_DES_192_CBC3_SHA = $0300000D;
+  SSL3_CK_DH_RSA_DES_40_CBC_SHA = $0300000E;
+  SSL3_CK_DH_RSA_DES_64_CBC_SHA = $0300000F;
+  SSL3_CK_DH_RSA_DES_192_CBC3_SHA = $03000010;
+
+  SSL3_CK_DHE_DSS_DES_40_CBC_SHA = $03000011;
+  SSL3_CK_EDH_DSS_DES_40_CBC_SHA = SSL3_CK_DHE_DSS_DES_40_CBC_SHA;
+  SSL3_CK_DHE_DSS_DES_64_CBC_SHA = $03000012;
+  SSL3_CK_EDH_DSS_DES_64_CBC_SHA = SSL3_CK_DHE_DSS_DES_64_CBC_SHA;
+  SSL3_CK_DHE_DSS_DES_192_CBC3_SHA = $03000013;
+  SSL3_CK_EDH_DSS_DES_192_CBC3_SHA = SSL3_CK_DHE_DSS_DES_192_CBC3_SHA;
+  SSL3_CK_DHE_RSA_DES_40_CBC_SHA = $03000014;
+  SSL3_CK_EDH_RSA_DES_40_CBC_SHA = SSL3_CK_DHE_RSA_DES_40_CBC_SHA;
+  SSL3_CK_DHE_RSA_DES_64_CBC_SHA = $03000015;
+  SSL3_CK_EDH_RSA_DES_64_CBC_SHA = SSL3_CK_DHE_RSA_DES_64_CBC_SHA;
+  SSL3_CK_DHE_RSA_DES_192_CBC3_SHA = $03000016;
+  SSL3_CK_EDH_RSA_DES_192_CBC3_SHA = SSL3_CK_DHE_RSA_DES_192_CBC3_SHA;
+
+  SSL3_CK_ADH_RC4_40_MD5 = $03000017;
+  SSL3_CK_ADH_RC4_128_MD5 = $03000018;
+  SSL3_CK_ADH_DES_40_CBC_SHA = $03000019;
+  SSL3_CK_ADH_DES_64_CBC_SHA = $0300001A;
+  SSL3_CK_ADH_DES_192_CBC_SHA = $0300001B;
+
+  (* a bundle of RFC standard cipher names, generated from ssl3_ciphers[] *)
+  SSL3_RFC_RSA_NULL_MD5 = 'TLS_RSA_WITH_NULL_MD5';
+  SSL3_RFC_RSA_NULL_SHA = 'TLS_RSA_WITH_NULL_SHA';
+  SSL3_RFC_RSA_DES_192_CBC3_SHA = 'TLS_RSA_WITH_3DES_EDE_CBC_SHA';
+  SSL3_RFC_DHE_DSS_DES_192_CBC3_SHA = 'TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA';
+  SSL3_RFC_DHE_RSA_DES_192_CBC3_SHA = 'TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA';
+  SSL3_RFC_ADH_DES_192_CBC_SHA = 'TLS_DH_anon_WITH_3DES_EDE_CBC_SHA';
+  SSL3_RFC_RSA_IDEA_128_SHA = 'TLS_RSA_WITH_IDEA_CBC_SHA';
+  SSL3_RFC_RSA_RC4_128_MD5 = 'TLS_RSA_WITH_RC4_128_MD5';
+  SSL3_RFC_RSA_RC4_128_SHA = 'TLS_RSA_WITH_RC4_128_SHA';
+  SSL3_RFC_ADH_RC4_128_MD5 = 'TLS_DH_anon_WITH_RC4_128_MD5';
+
+  SSL3_TXT_RSA_NULL_MD5 = 'NULL-MD5';
+  SSL3_TXT_RSA_NULL_SHA = 'NULL-SHA';
+  SSL3_TXT_RSA_RC4_40_MD5 = 'EXP-RC4-MD5';
+  SSL3_TXT_RSA_RC4_128_MD5 = 'RC4-MD5';
+  SSL3_TXT_RSA_RC4_128_SHA = 'RC4-SHA';
+  SSL3_TXT_RSA_RC2_40_MD5 = 'EXP-RC2-CBC-MD5';
+  SSL3_TXT_RSA_IDEA_128_SHA = 'IDEA-CBC-SHA';
+  SSL3_TXT_RSA_DES_40_CBC_SHA = 'EXP-DES-CBC-SHA';
+  SSL3_TXT_RSA_DES_64_CBC_SHA = 'DES-CBC-SHA';
+  SSL3_TXT_RSA_DES_192_CBC3_SHA = 'DES-CBC3-SHA';
+
+  SSL3_TXT_DH_DSS_DES_40_CBC_SHA = 'EXP-DH-DSS-DES-CBC-SHA';
+  SSL3_TXT_DH_DSS_DES_64_CBC_SHA = 'DH-DSS-DES-CBC-SHA';
+  SSL3_TXT_DH_DSS_DES_192_CBC3_SHA = 'DH-DSS-DES-CBC3-SHA';
+  SSL3_TXT_DH_RSA_DES_40_CBC_SHA = 'EXP-DH-RSA-DES-CBC-SHA';
+  SSL3_TXT_DH_RSA_DES_64_CBC_SHA = 'DH-RSA-DES-CBC-SHA';
+  SSL3_TXT_DH_RSA_DES_192_CBC3_SHA = 'DH-RSA-DES-CBC3-SHA';
+
+  SSL3_TXT_DHE_DSS_DES_40_CBC_SHA = 'EXP-DHE-DSS-DES-CBC-SHA';
+  SSL3_TXT_DHE_DSS_DES_64_CBC_SHA = 'DHE-DSS-DES-CBC-SHA';
+  SSL3_TXT_DHE_DSS_DES_192_CBC3_SHA = 'DHE-DSS-DES-CBC3-SHA';
+  SSL3_TXT_DHE_RSA_DES_40_CBC_SHA = 'EXP-DHE-RSA-DES-CBC-SHA';
+  SSL3_TXT_DHE_RSA_DES_64_CBC_SHA = 'DHE-RSA-DES-CBC-SHA';
+  SSL3_TXT_DHE_RSA_DES_192_CBC3_SHA = 'DHE-RSA-DES-CBC3-SHA';
+
+  (*
+   * This next block of six 'EDH' labels is for backward compatibility with
+   * older versions of OpenSSL.  New code should use the six 'DHE' labels above
+   * instead:
+   *)
+  SSL3_TXT_EDH_DSS_DES_40_CBC_SHA = 'EXP-EDH-DSS-DES-CBC-SHA';
+  SSL3_TXT_EDH_DSS_DES_64_CBC_SHA = 'EDH-DSS-DES-CBC-SHA';
+  SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA = 'EDH-DSS-DES-CBC3-SHA';
+  SSL3_TXT_EDH_RSA_DES_40_CBC_SHA = 'EXP-EDH-RSA-DES-CBC-SHA';
+  SSL3_TXT_EDH_RSA_DES_64_CBC_SHA = 'EDH-RSA-DES-CBC-SHA';
+  SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA = 'EDH-RSA-DES-CBC3-SHA';
+
+  SSL3_TXT_ADH_RC4_40_MD5 = 'EXP-ADH-RC4-MD5';
+  SSL3_TXT_ADH_RC4_128_MD5 = 'ADH-RC4-MD5';
+  SSL3_TXT_ADH_DES_40_CBC_SHA = 'EXP-ADH-DES-CBC-SHA';
+  SSL3_TXT_ADH_DES_64_CBC_SHA = 'ADH-DES-CBC-SHA';
+  SSL3_TXT_ADH_DES_192_CBC_SHA = 'ADH-DES-CBC3-SHA';
+
+  SSL3_SSL_SESSION_ID_LENGTH = 32;
+  SSL3_MAX_SSL_SESSION_ID_LENGTH = 32;
+
+  SSL3_MASTER_SECRET_SIZE = 48;
+  SSL3_RANDOM_SIZE = 32;
+  SSL3_SESSION_ID_SIZE = 32;
+  SSL3_RT_HEADER_LENGTH = 5;
+
+  SSL3_HM_HEADER_LENGTH = 4;
+
+  (*
+   * Some will argue that this increases memory footprint, but it's not
+   * actually true. Point is that malloc has to return at least 64-bit aligned
+   * pointers, meaning that allocating 5 bytes wastes 3 bytes in either case.
+   * Suggested pre-gaping simply moves these wasted bytes from the end of
+   * allocated region to its front, but makes data payload aligned, which
+   * improves performance:-)
+   *)
+  SSL3_ALIGN_PAYLOAD = 8;
+
+
+  (*
+   * This is the maximum MAC (digest) size used by the SSL library. Currently
+   * maximum of 20 is used by SHA1, but we reserve for future extension for
+   * 512-bit hashes.
+   *)
+  SSL3_RT_MAX_MD_SIZE = 64;
+
+  (*
+   * Maximum block size used in all ciphersuites. Currently 16 for AES.
+   *)
+  SSL_RT_MAX_CIPHER_BLOCK_SIZE = 16;
+  SSL3_RT_MAX_EXTRA = 16384;
+
+  (* Maximum plaintext length: defined by SSL/TLS standards *)
+  SSL3_RT_MAX_PLAIN_LENGTH = 16384;
+  (* Maximum compression overhead: defined by SSL/TLS standards *)
+  SSL3_RT_MAX_COMPRESSED_OVERHEAD = 1024;
+
+  (*
+   * The standards give a maximum encryption overhead of 1024 bytes. In
+   * practice the value is lower than this. The overhead is the maximum number
+   * of padding bytes (256) plus the mac size.
+   *)
+  SSL3_RT_MAX_ENCRYPTED_OVERHEAD = 256 + SSL3_RT_MAX_MD_SIZE;
+  SSL3_RT_MAX_TLS13_ENCRYPTED_OVERHEAD = 256;
+
+  (*
+   * OpenSSL currently only uses a padding length of at most one block so the
+   * send overhead is smaller.
+   *)
+  SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD = SSL_RT_MAX_CIPHER_BLOCK_SIZE + SSL3_RT_MAX_MD_SIZE;
+
+  (* If compression isn't used don't include the compression overhead *)
+  SSL3_RT_MAX_COMPRESSED_LENGTH = SSL3_RT_MAX_PLAIN_LENGTH;
+//  SSL3_RT_MAX_COMPRESSED_LENGTH = (SSL3_RT_MAX_PLAIN_LENGTH + SSL3_RT_MAX_COMPRESSED_OVERHEAD);
+
+  SSL3_RT_MAX_ENCRYPTED_LENGTH = SSL3_RT_MAX_ENCRYPTED_OVERHEAD + SSL3_RT_MAX_COMPRESSED_LENGTH;
+  SSL3_RT_MAX_TLS13_ENCRYPTED_LENGTH = SSL3_RT_MAX_PLAIN_LENGTH + SSL3_RT_MAX_TLS13_ENCRYPTED_OVERHEAD;
+  SSL3_RT_MAX_PACKET_SIZE = SSL3_RT_MAX_ENCRYPTED_LENGTH+SSL3_RT_HEADER_LENGTH;
+
+  SSL3_MD_CLIENT_FINISHED_= '\x43\x4C\x4E\x54';
+  SSL3_MD_SERVER_FINISHED_= '\x53\x52\x56\x52';
+
+  SSL3_VERSION = $0300;
+  SSL3_VERSION_MAJOR = $03;
+  SSL3_VERSION_MINOR = $00;
+
+  SSL3_RT_CHANGE_CIPHER_SPEC = 20;
+  SSL3_RT_ALERT = 21;
+  SSL3_RT_HANDSHAKE = 22;
+  SSL3_RT_APPLICATION_DATA = 23;
+  DTLS1_RT_HEARTBEAT = 24;
+
+  (* Pseudo content types to indicate additional parameters *)
+  TLS1_RT_CRYPTO = $1000;
+  TLS1_RT_CRYPTO_PREMASTER = TLS1_RT_CRYPTO or $1;
+  TLS1_RT_CRYPTO_CLIENT_RANDOM = TLS1_RT_CRYPTO or $2;
+  TLS1_RT_CRYPTO_SERVER_RANDOM = TLS1_RT_CRYPTO or $3;
+  TLS1_RT_CRYPTO_MASTER = TLS1_RT_CRYPTO or $4;
+
+  TLS1_RT_CRYPTO_READ = $0000;
+  TLS1_RT_CRYPTO_WRITE = $0100;
+  TLS1_RT_CRYPTO_MAC = TLS1_RT_CRYPTO or $5;
+  TLS1_RT_CRYPTO_KEY = TLS1_RT_CRYPTO or $6;
+  TLS1_RT_CRYPTO_IV = TLS1_RT_CRYPTO or $7;
+  TLS1_RT_CRYPTO_FIXED_IV = TLS1_RT_CRYPTO or $8;
+
+  (* Pseudo content types for SSL/TLS header info *)
+  SSL3_RT_HEADER = $100;
+  SSL3_RT_INNER_CONTENT_TYPE = $101;
+
+  SSL3_AL_WARNING = 1;
+  SSL3_AL_FATAL = 2;
+
+  SSL3_AD_CLOSE_NOTIFY = 0;
+  SSL3_AD_UNEXPECTED_MESSAGE = 10; (* fatal *)
+  SSL3_AD_BAD_RECORD_MAC = 20; (* fatal *)
+  SSL3_AD_DECOMPRESSION_FAILURE = 30; (* fatal *)
+  SSL3_AD_HANDSHAKE_FAILURE = 40; (* fatal *)
+  SSL3_AD_NO_CERTIFICATE = 41;
+  SSL3_AD_BAD_CERTIFICATE = 42;
+  SSL3_AD_UNSUPPORTED_CERTIFICATE = 43;
+  SSL3_AD_CERTIFICATE_REVOKED = 44;
+  SSL3_AD_CERTIFICATE_EXPIRED = 45;
+  SSL3_AD_CERTIFICATE_UNKNOWN = 46;
+  SSL3_AD_ILLEGAL_PARAMETER = 47; (* fatal *)
+
+  TLS1_HB_REQUEST = 1;
+  TLS1_HB_RESPONSE = 2;
+
+  SSL3_CT_RSA_SIGN = 1;
+  SSL3_CT_DSS_SIGN = 2;
+  SSL3_CT_RSA_FIXED_DH = 3;
+  SSL3_CT_DSS_FIXED_DH = 4;
+  SSL3_CT_RSA_EPHEMERAL_DH = 5;
+  SSL3_CT_DSS_EPHEMERAL_DH = 6;
+  SSL3_CT_FORTEZZA_DMS = 20;
+
+  (*
+   * SSL3_CT_NUMBER is used to size arrays and it must be large enough to
+   * contain all of the cert types defined for *either* SSLv3 and TLSv1.
+   *)
+  SSL3_CT_NUMBER = 10;
+
+  (* No longer used as of OpenSSL 1.1.1 *)
+  SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS = $0001;
+
+  (* Removed from OpenSSL 1.1.0 *)
+  TLS1_FLAGS_TLS_PADDING_BUG = $0;
+  TLS1_FLAGS_SKIP_CERT_VERIFY = $0010;
+
+  (* Set if we encrypt then mac instead of usual mac then encrypt *)
+  TLS1_FLAGS_ENCRYPT_THEN_MAC_READ = $0100;
+  TLS1_FLAGS_ENCRYPT_THEN_MAC = TLS1_FLAGS_ENCRYPT_THEN_MAC_READ;
+
+
+  (* Set if extended master secret extension received from peer *)
+  TLS1_FLAGS_RECEIVED_EXTMS = $0200;
+
+  TLS1_FLAGS_ENCRYPT_THEN_MAC_WRITE = $0400;
+
+  TLS1_FLAGS_STATELESS = $0800;
+
+  SSL3_MT_HELLO_REQUEST = 0;
+  SSL3_MT_CLIENT_HELLO = 1;
+  SSL3_MT_SERVER_HELLO = 2;
+  SSL3_MT_NEWSESSION_TICKET = 4;
+  SSL3_MT_END_OF_EARLY_DATA = 5;
+  SSL3_MT_ENCRYPTED_EXTENSIONS = 8;
+  SSL3_MT_CERTIFICATE = 11;
+  SSL3_MT_SERVER_KEY_EXCHANGE = 12;
+  SSL3_MT_CERTIFICATE_REQUEST = 13;
+  SSL3_MT_SERVER_DONE = 14;
+  SSL3_MT_CERTIFICATE_VERIFY = 15;
+  SSL3_MT_CLIENT_KEY_EXCHANGE = 16;
+  SSL3_MT_FINISHED = 20;
+  SSL3_MT_CERTIFICATE_URL = 21;
+  SSL3_MT_CERTIFICATE_STATUS = 22;
+  SSL3_MT_SUPPLEMENTAL_DATA = 23;
+  SSL3_MT_KEY_UPDATE = 24;
+  SSL3_MT_NEXT_PROTO = 67;
+  SSL3_MT_MESSAGE_HASH = 254;
+  DTLS1_MT_HELLO_VERIFY_REQUEST = 3;
+
+  (* Dummy message type for handling CCS like a normal handshake message *)
+  SSL3_MT_CHANGE_CIPHER_SPEC = $0101;
+
+  SSL3_MT_CCS = 1;
+
+  (* These are used when changing over to a new cipher *)
+  SSL3_CC_READ = $001;
+  SSL3_CC_WRITE = $002;
+  SSL3_CC_CLIENT = $010;
+  SSL3_CC_SERVER = $020;
+  SSL3_CC_EARLY = $040;
+  SSL3_CC_HANDSHAKE = $080;
+  SSL3_CC_APPLICATION = $100;
+  SSL3_CHANGE_CIPHER_CLIENT_WRITE = SSL3_CC_CLIENT or SSL3_CC_WRITE;
+  SSL3_CHANGE_CIPHER_SERVER_READ = SSL3_CC_SERVER or SSL3_CC_READ;
+  SSL3_CHANGE_CIPHER_CLIENT_READ = SSL3_CC_CLIENT or SSL3_CC_READ;
+  SSL3_CHANGE_CIPHER_SERVER_WRITE = SSL3_CC_SERVER or SSL3_CC_WRITE;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_sslerr.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_sslerr.pas
new file mode 100644
index 000000000..48dd80095
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_sslerr.pas
@@ -0,0 +1,797 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 14:51:27
+
+unit IdOpenSSLHeaders_sslerr;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// sslerr.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+(*
+ * SSL function codes.
+ *)
+const
+  SSL_F_ADD_CLIENT_KEY_SHARE_EXT = 438;
+  SSL_F_ADD_KEY_SHARE = 512;
+  SSL_F_BYTES_TO_CIPHER_LIST = 519;
+  SSL_F_CHECK_SUITEB_CIPHER_LIST = 331;
+  SSL_F_CIPHERSUITE_CB = 622;
+  SSL_F_CONSTRUCT_CA_NAMES = 552;
+  SSL_F_CONSTRUCT_KEY_EXCHANGE_TBS = 553;
+  SSL_F_CONSTRUCT_STATEFUL_TICKET = 636;
+  SSL_F_CONSTRUCT_STATELESS_TICKET = 637;
+  SSL_F_CREATE_SYNTHETIC_MESSAGE_HASH = 539;
+  SSL_F_CREATE_TICKET_PREQUEL = 638;
+  SSL_F_CT_MOVE_SCTS = 345;
+  SSL_F_CT_STRICT = 349;
+  SSL_F_CUSTOM_EXT_ADD = 554;
+  SSL_F_CUSTOM_EXT_PARSE = 555;
+  SSL_F_D2I_SSL_SESSION = 103;
+  SSL_F_DANE_CTX_ENABLE = 347;
+  SSL_F_DANE_MTYPE_SET = 393;
+  SSL_F_DANE_TLSA_ADD = 394;
+  SSL_F_DERIVE_SECRET_KEY_AND_IV = 514;
+  SSL_F_DO_DTLS1_WRITE = 245;
+  SSL_F_DO_SSL3_WRITE = 104;
+  SSL_F_DTLS1_BUFFER_RECORD = 247;
+  SSL_F_DTLS1_CHECK_TIMEOUT_NUM = 318;
+  SSL_F_DTLS1_HEARTBEAT = 305;
+  SSL_F_DTLS1_HM_FRAGMENT_NEW = 623;
+  SSL_F_DTLS1_PREPROCESS_FRAGMENT = 288;
+  SSL_F_DTLS1_PROCESS_BUFFERED_RECORDS = 424;
+  SSL_F_DTLS1_PROCESS_RECORD = 257;
+  SSL_F_DTLS1_READ_BYTES = 258;
+  SSL_F_DTLS1_READ_FAILED = 339;
+  SSL_F_DTLS1_RETRANSMIT_MESSAGE = 390;
+  SSL_F_DTLS1_WRITE_APP_DATA_BYTES = 268;
+  SSL_F_DTLS1_WRITE_BYTES = 545;
+  SSL_F_DTLSV1_LISTEN = 350;
+  SSL_F_DTLS_CONSTRUCT_CHANGE_CIPHER_SPEC = 371;
+  SSL_F_DTLS_CONSTRUCT_HELLO_VERIFY_REQUEST = 385;
+  SSL_F_DTLS_GET_REASSEMBLED_MESSAGE = 370;
+  SSL_F_DTLS_PROCESS_HELLO_VERIFY = 386;
+  SSL_F_DTLS_RECORD_LAYER_NEW = 635;
+  SSL_F_DTLS_WAIT_FOR_DRY = 592;
+  SSL_F_EARLY_DATA_COUNT_OK = 532;
+  SSL_F_FINAL_EARLY_DATA = 556;
+  SSL_F_FINAL_EC_PT_FORMATS = 485;
+  SSL_F_FINAL_EMS = 486;
+  SSL_F_FINAL_KEY_SHARE = 503;
+  SSL_F_FINAL_MAXFRAGMENTLEN = 557;
+  SSL_F_FINAL_RENEGOTIATE = 483;
+  SSL_F_FINAL_SERVER_NAME = 558;
+  SSL_F_FINAL_SIG_ALGS = 497;
+  SSL_F_GET_CERT_VERIFY_TBS_DATA = 588;
+  SSL_F_NSS_KEYLOG_INT = 500;
+  SSL_F_OPENSSL_INIT_SSL = 342;
+  SSL_F_OSSL_STATEM_CLIENT13_READ_TRANSITION = 436;
+  SSL_F_OSSL_STATEM_CLIENT13_WRITE_TRANSITION = 598;
+  SSL_F_OSSL_STATEM_CLIENT_CONSTRUCT_MESSAGE = 430;
+  SSL_F_OSSL_STATEM_CLIENT_POST_PROCESS_MESSAGE = 593;
+  SSL_F_OSSL_STATEM_CLIENT_PROCESS_MESSAGE = 594;
+  SSL_F_OSSL_STATEM_CLIENT_READ_TRANSITION = 417;
+  SSL_F_OSSL_STATEM_CLIENT_WRITE_TRANSITION = 599;
+  SSL_F_OSSL_STATEM_SERVER13_READ_TRANSITION = 437;
+  SSL_F_OSSL_STATEM_SERVER13_WRITE_TRANSITION = 600;
+  SSL_F_OSSL_STATEM_SERVER_CONSTRUCT_MESSAGE = 431;
+  SSL_F_OSSL_STATEM_SERVER_POST_PROCESS_MESSAGE = 601;
+  SSL_F_OSSL_STATEM_SERVER_POST_WORK = 602;
+  SSL_F_OSSL_STATEM_SERVER_PROCESS_MESSAGE = 603;
+  SSL_F_OSSL_STATEM_SERVER_READ_TRANSITION = 418;
+  SSL_F_OSSL_STATEM_SERVER_WRITE_TRANSITION = 604;
+  SSL_F_PARSE_CA_NAMES = 541;
+  SSL_F_PITEM_NEW = 624;
+  SSL_F_PQUEUE_NEW = 625;
+  SSL_F_PROCESS_KEY_SHARE_EXT = 439;
+  SSL_F_READ_STATE_MACHINE = 352;
+  SSL_F_SET_CLIENT_CIPHERSUITE = 540;
+  SSL_F_SRP_GENERATE_CLIENT_MASTER_SECRET = 595;
+  SSL_F_SRP_GENERATE_SERVER_MASTER_SECRET = 589;
+  SSL_F_SRP_VERIFY_SERVER_PARAM = 596;
+  SSL_F_SSL3_CHANGE_CIPHER_STATE = 129;
+  SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM = 130;
+  SSL_F_SSL3_CTRL = 213;
+  SSL_F_SSL3_CTX_CTRL = 133;
+  SSL_F_SSL3_DIGEST_CACHED_RECORDS = 293;
+  SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC = 292;
+  SSL_F_SSL3_ENC = 608;
+  SSL_F_SSL3_FINAL_FINISH_MAC = 285;
+  SSL_F_SSL3_FINISH_MAC = 587;
+  SSL_F_SSL3_GENERATE_KEY_BLOCK = 238;
+  SSL_F_SSL3_GENERATE_MASTER_SECRET = 388;
+  SSL_F_SSL3_GET_RECORD = 143;
+  SSL_F_SSL3_INIT_FINISHED_MAC = 397;
+  SSL_F_SSL3_OUTPUT_CERT_CHAIN = 147;
+  SSL_F_SSL3_READ_BYTES = 148;
+  SSL_F_SSL3_READ_N = 149;
+  SSL_F_SSL3_SETUP_KEY_BLOCK = 157;
+  SSL_F_SSL3_SETUP_READ_BUFFER = 156;
+  SSL_F_SSL3_SETUP_WRITE_BUFFER = 291;
+  SSL_F_SSL3_WRITE_BYTES = 158;
+  SSL_F_SSL3_WRITE_PENDING = 159;
+  SSL_F_SSL_ADD_CERT_CHAIN = 316;
+  SSL_F_SSL_ADD_CERT_TO_BUF = 319;
+  SSL_F_SSL_ADD_CERT_TO_WPACKET = 493;
+  SSL_F_SSL_ADD_CLIENTHELLO_RENEGOTIATE_EXT = 298;
+  SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT = 277;
+  SSL_F_SSL_ADD_CLIENTHELLO_USE_SRTP_EXT = 307;
+  SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK = 215;
+  SSL_F_SSL_ADD_FILE_CERT_SUBJECTS_TO_STACK = 216;
+  SSL_F_SSL_ADD_SERVERHELLO_RENEGOTIATE_EXT = 299;
+  SSL_F_SSL_ADD_SERVERHELLO_TLSEXT = 278;
+  SSL_F_SSL_ADD_SERVERHELLO_USE_SRTP_EXT = 308;
+  SSL_F_SSL_BAD_METHOD = 160;
+  SSL_F_SSL_BUILD_CERT_CHAIN = 332;
+  SSL_F_SSL_BYTES_TO_CIPHER_LIST = 161;
+  SSL_F_SSL_CACHE_CIPHERLIST = 520;
+  SSL_F_SSL_CERT_ADD0_CHAIN_CERT = 346;
+  SSL_F_SSL_CERT_DUP = 221;
+  SSL_F_SSL_CERT_NEW = 162;
+  SSL_F_SSL_CERT_SET0_CHAIN = 340;
+  SSL_F_SSL_CHECK_PRIVATE_KEY = 163;
+  SSL_F_SSL_CHECK_SERVERHELLO_TLSEXT = 280;
+  SSL_F_SSL_CHECK_SRP_EXT_CLIENTHELLO = 606;
+  SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG = 279;
+  SSL_F_SSL_CHOOSE_CLIENT_VERSION = 607;
+  SSL_F_SSL_CIPHER_DESCRIPTION = 626;
+  SSL_F_SSL_CIPHER_LIST_TO_BYTES = 425;
+  SSL_F_SSL_CIPHER_PROCESS_RULESTR = 230;
+  SSL_F_SSL_CIPHER_STRENGTH_SORT = 231;
+  SSL_F_SSL_CLEAR = 164;
+  SSL_F_SSL_CLIENT_HELLO_GET1_EXTENSIONS_PRESENT = 627;
+  SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD = 165;
+  SSL_F_SSL_CONF_CMD = 334;
+  SSL_F_SSL_CREATE_CIPHER_LIST = 166;
+  SSL_F_SSL_CTRL = 232;
+  SSL_F_SSL_CTX_CHECK_PRIVATE_KEY = 168;
+  SSL_F_SSL_CTX_ENABLE_CT = 398;
+  SSL_F_SSL_CTX_MAKE_PROFILES = 309;
+  SSL_F_SSL_CTX_NEW = 169;
+  SSL_F_SSL_CTX_SET_ALPN_PROTOS = 343;
+  SSL_F_SSL_CTX_SET_CIPHER_LIST = 269;
+  SSL_F_SSL_CTX_SET_CLIENT_CERT_ENGINE = 290;
+  SSL_F_SSL_CTX_SET_CT_VALIDATION_CALLBACK = 396;
+  SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT = 219;
+  SSL_F_SSL_CTX_SET_SSL_VERSION = 170;
+  SSL_F_SSL_CTX_SET_TLSEXT_MAX_FRAGMENT_LENGTH = 551;
+  SSL_F_SSL_CTX_USE_CERTIFICATE = 171;
+  SSL_F_SSL_CTX_USE_CERTIFICATE_ASN1 = 172;
+  SSL_F_SSL_CTX_USE_CERTIFICATE_FILE = 173;
+  SSL_F_SSL_CTX_USE_PRIVATEKEY = 174;
+  SSL_F_SSL_CTX_USE_PRIVATEKEY_ASN1 = 175;
+  SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE = 176;
+  SSL_F_SSL_CTX_USE_PSK_IDENTITY_HINT = 272;
+  SSL_F_SSL_CTX_USE_RSAPRIVATEKEY = 177;
+  SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_ASN1 = 178;
+  SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE = 179;
+  SSL_F_SSL_CTX_USE_SERVERINFO = 336;
+  SSL_F_SSL_CTX_USE_SERVERINFO_EX = 543;
+  SSL_F_SSL_CTX_USE_SERVERINFO_FILE = 337;
+  SSL_F_SSL_DANE_DUP = 403;
+  SSL_F_SSL_DANE_ENABLE = 395;
+  SSL_F_SSL_DERIVE = 590;
+  SSL_F_SSL_DO_CONFIG = 391;
+  SSL_F_SSL_DO_HANDSHAKE = 180;
+  SSL_F_SSL_DUP_CA_LIST = 408;
+  SSL_F_SSL_ENABLE_CT = 402;
+  SSL_F_SSL_GENERATE_PKEY_GROUP = 559;
+  SSL_F_SSL_GENERATE_SESSION_ID = 547;
+  SSL_F_SSL_GET_NEW_SESSION = 181;
+  SSL_F_SSL_GET_PREV_SESSION = 217;
+  SSL_F_SSL_GET_SERVER_CERT_INDEX = 322;
+  SSL_F_SSL_GET_SIGN_PKEY = 183;
+  SSL_F_SSL_HANDSHAKE_HASH = 560;
+  SSL_F_SSL_INIT_WBIO_BUFFER = 184;
+  SSL_F_SSL_KEY_UPDATE = 515;
+  SSL_F_SSL_LOAD_CLIENT_CA_FILE = 185;
+  SSL_F_SSL_LOG_MASTER_SECRET = 498;
+  SSL_F_SSL_LOG_RSA_CLIENT_KEY_EXCHANGE = 499;
+  SSL_F_SSL_MODULE_INIT = 392;
+  SSL_F_SSL_NEW = 186;
+  SSL_F_SSL_NEXT_PROTO_VALIDATE = 565;
+  SSL_F_SSL_PARSE_CLIENTHELLO_RENEGOTIATE_EXT = 300;
+  SSL_F_SSL_PARSE_CLIENTHELLO_TLSEXT = 302;
+  SSL_F_SSL_PARSE_CLIENTHELLO_USE_SRTP_EXT = 310;
+  SSL_F_SSL_PARSE_SERVERHELLO_RENEGOTIATE_EXT = 301;
+  SSL_F_SSL_PARSE_SERVERHELLO_TLSEXT = 303;
+  SSL_F_SSL_PARSE_SERVERHELLO_USE_SRTP_EXT = 311;
+  SSL_F_SSL_PEEK = 270;
+  SSL_F_SSL_PEEK_EX = 432;
+  SSL_F_SSL_PEEK_INTERNAL = 522;
+  SSL_F_SSL_READ = 223;
+  SSL_F_SSL_READ_EARLY_DATA = 529;
+  SSL_F_SSL_READ_EX = 434;
+  SSL_F_SSL_READ_INTERNAL = 523;
+  SSL_F_SSL_RENEGOTIATE = 516;
+  SSL_F_SSL_RENEGOTIATE_ABBREVIATED = 546;
+  SSL_F_SSL_SCAN_CLIENTHELLO_TLSEXT = 320;
+  SSL_F_SSL_SCAN_SERVERHELLO_TLSEXT = 321;
+  SSL_F_SSL_SESSION_DUP = 348;
+  SSL_F_SSL_SESSION_NEW = 189;
+  SSL_F_SSL_SESSION_PRINT_FP = 190;
+  SSL_F_SSL_SESSION_SET1_ID = 423;
+  SSL_F_SSL_SESSION_SET1_ID_CONTEXT = 312;
+  SSL_F_SSL_SET_ALPN_PROTOS = 344;
+  SSL_F_SSL_SET_CERT = 191;
+  SSL_F_SSL_SET_CERT_AND_KEY = 621;
+  SSL_F_SSL_SET_CIPHER_LIST = 271;
+  SSL_F_SSL_SET_CT_VALIDATION_CALLBACK = 399;
+  SSL_F_SSL_SET_FD = 192;
+  SSL_F_SSL_SET_PKEY = 193;
+  SSL_F_SSL_SET_RFD = 194;
+  SSL_F_SSL_SET_SESSION = 195;
+  SSL_F_SSL_SET_SESSION_ID_CONTEXT = 218;
+  SSL_F_SSL_SET_SESSION_TICKET_EXT = 294;
+  SSL_F_SSL_SET_TLSEXT_MAX_FRAGMENT_LENGTH = 550;
+  SSL_F_SSL_SET_WFD = 196;
+  SSL_F_SSL_SHUTDOWN = 224;
+  SSL_F_SSL_SRP_CTX_INIT = 313;
+  SSL_F_SSL_START_ASYNC_JOB = 389;
+  SSL_F_SSL_UNDEFINED_FUNCTION = 197;
+  SSL_F_SSL_UNDEFINED_VOID_FUNCTION = 244;
+  SSL_F_SSL_USE_CERTIFICATE = 198;
+  SSL_F_SSL_USE_CERTIFICATE_ASN1 = 199;
+  SSL_F_SSL_USE_CERTIFICATE_FILE = 200;
+  SSL_F_SSL_USE_PRIVATEKEY = 201;
+  SSL_F_SSL_USE_PRIVATEKEY_ASN1 = 202;
+  SSL_F_SSL_USE_PRIVATEKEY_FILE = 203;
+  SSL_F_SSL_USE_PSK_IDENTITY_HINT = 273;
+  SSL_F_SSL_USE_RSAPRIVATEKEY = 204;
+  SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1 = 205;
+  SSL_F_SSL_USE_RSAPRIVATEKEY_FILE = 206;
+  SSL_F_SSL_VALIDATE_CT = 400;
+  SSL_F_SSL_VERIFY_CERT_CHAIN = 207;
+  SSL_F_SSL_VERIFY_CLIENT_POST_HANDSHAKE = 616;
+  SSL_F_SSL_WRITE = 208;
+  SSL_F_SSL_WRITE_EARLY_DATA = 526;
+  SSL_F_SSL_WRITE_EARLY_FINISH = 527;
+  SSL_F_SSL_WRITE_EX = 433;
+  SSL_F_SSL_WRITE_INTERNAL = 524;
+  SSL_F_STATE_MACHINE = 353;
+  SSL_F_TLS12_CHECK_PEER_SIGALG = 333;
+  SSL_F_TLS12_COPY_SIGALGS = 533;
+  SSL_F_TLS13_CHANGE_CIPHER_STATE = 440;
+  SSL_F_TLS13_ENC = 609;
+  SSL_F_TLS13_FINAL_FINISH_MAC = 605;
+  SSL_F_TLS13_GENERATE_SECRET = 591;
+  SSL_F_TLS13_HKDF_EXPAND = 561;
+  SSL_F_TLS13_RESTORE_HANDSHAKE_DIGEST_FOR_PHA = 617;
+  SSL_F_TLS13_SAVE_HANDSHAKE_DIGEST_FOR_PHA = 618;
+  SSL_F_TLS13_SETUP_KEY_BLOCK = 441;
+  SSL_F_TLS1_CHANGE_CIPHER_STATE = 209;
+  SSL_F_TLS1_CHECK_DUPLICATE_EXTENSIONS = 341;
+  SSL_F_TLS1_ENC = 401;
+  SSL_F_TLS1_EXPORT_KEYING_MATERIAL = 314;
+  SSL_F_TLS1_GET_CURVELIST = 338;
+  SSL_F_TLS1_PRF = 284;
+  SSL_F_TLS1_SAVE_U16 = 628;
+  SSL_F_TLS1_SETUP_KEY_BLOCK = 211;
+  SSL_F_TLS1_SET_GROUPS = 629;
+  SSL_F_TLS1_SET_RAW_SIGALGS = 630;
+  SSL_F_TLS1_SET_SERVER_SIGALGS = 335;
+  SSL_F_TLS1_SET_SHARED_SIGALGS = 631;
+  SSL_F_TLS1_SET_SIGALGS = 632;
+  SSL_F_TLS_CHOOSE_SIGALG = 513;
+  SSL_F_TLS_CLIENT_KEY_EXCHANGE_POST_WORK = 354;
+  SSL_F_TLS_COLLECT_EXTENSIONS = 435;
+  SSL_F_TLS_CONSTRUCT_CERTIFICATE_AUTHORITIES = 542;
+  SSL_F_TLS_CONSTRUCT_CERTIFICATE_REQUEST = 372;
+  SSL_F_TLS_CONSTRUCT_CERT_STATUS = 429;
+  SSL_F_TLS_CONSTRUCT_CERT_STATUS_BODY = 494;
+  SSL_F_TLS_CONSTRUCT_CERT_VERIFY = 496;
+  SSL_F_TLS_CONSTRUCT_CHANGE_CIPHER_SPEC = 427;
+  SSL_F_TLS_CONSTRUCT_CKE_DHE = 404;
+  SSL_F_TLS_CONSTRUCT_CKE_ECDHE = 405;
+  SSL_F_TLS_CONSTRUCT_CKE_GOST = 406;
+  SSL_F_TLS_CONSTRUCT_CKE_PSK_PREAMBLE = 407;
+  SSL_F_TLS_CONSTRUCT_CKE_RSA = 409;
+  SSL_F_TLS_CONSTRUCT_CKE_SRP = 410;
+  SSL_F_TLS_CONSTRUCT_CLIENT_CERTIFICATE = 484;
+  SSL_F_TLS_CONSTRUCT_CLIENT_HELLO = 487;
+  SSL_F_TLS_CONSTRUCT_CLIENT_KEY_EXCHANGE = 488;
+  SSL_F_TLS_CONSTRUCT_CLIENT_VERIFY = 489;
+  SSL_F_TLS_CONSTRUCT_CTOS_ALPN = 466;
+  SSL_F_TLS_CONSTRUCT_CTOS_CERTIFICATE = 355;
+  SSL_F_TLS_CONSTRUCT_CTOS_COOKIE = 535;
+  SSL_F_TLS_CONSTRUCT_CTOS_EARLY_DATA = 530;
+  SSL_F_TLS_CONSTRUCT_CTOS_EC_PT_FORMATS = 467;
+  SSL_F_TLS_CONSTRUCT_CTOS_EMS = 468;
+  SSL_F_TLS_CONSTRUCT_CTOS_ETM = 469;
+  SSL_F_TLS_CONSTRUCT_CTOS_HELLO = 356;
+  SSL_F_TLS_CONSTRUCT_CTOS_KEY_EXCHANGE = 357;
+  SSL_F_TLS_CONSTRUCT_CTOS_KEY_SHARE = 470;
+  SSL_F_TLS_CONSTRUCT_CTOS_MAXFRAGMENTLEN = 549;
+  SSL_F_TLS_CONSTRUCT_CTOS_NPN = 471;
+  SSL_F_TLS_CONSTRUCT_CTOS_PADDING = 472;
+  SSL_F_TLS_CONSTRUCT_CTOS_POST_HANDSHAKE_AUTH = 619;
+  SSL_F_TLS_CONSTRUCT_CTOS_PSK = 501;
+  SSL_F_TLS_CONSTRUCT_CTOS_PSK_KEX_MODES = 509;
+  SSL_F_TLS_CONSTRUCT_CTOS_RENEGOTIATE = 473;
+  SSL_F_TLS_CONSTRUCT_CTOS_SCT = 474;
+  SSL_F_TLS_CONSTRUCT_CTOS_SERVER_NAME = 475;
+  SSL_F_TLS_CONSTRUCT_CTOS_SESSION_TICKET = 476;
+  SSL_F_TLS_CONSTRUCT_CTOS_SIG_ALGS = 477;
+  SSL_F_TLS_CONSTRUCT_CTOS_SRP = 478;
+  SSL_F_TLS_CONSTRUCT_CTOS_STATUS_REQUEST = 479;
+  SSL_F_TLS_CONSTRUCT_CTOS_SUPPORTED_GROUPS = 480;
+  SSL_F_TLS_CONSTRUCT_CTOS_SUPPORTED_VERSIONS = 481;
+  SSL_F_TLS_CONSTRUCT_CTOS_USE_SRTP = 482;
+  SSL_F_TLS_CONSTRUCT_CTOS_VERIFY = 358;
+  SSL_F_TLS_CONSTRUCT_ENCRYPTED_EXTENSIONS = 443;
+  SSL_F_TLS_CONSTRUCT_END_OF_EARLY_DATA = 536;
+  SSL_F_TLS_CONSTRUCT_EXTENSIONS = 447;
+  SSL_F_TLS_CONSTRUCT_FINISHED = 359;
+  SSL_F_TLS_CONSTRUCT_HELLO_REQUEST = 373;
+  SSL_F_TLS_CONSTRUCT_HELLO_RETRY_REQUEST = 510;
+  SSL_F_TLS_CONSTRUCT_KEY_UPDATE = 517;
+  SSL_F_TLS_CONSTRUCT_NEW_SESSION_TICKET = 428;
+  SSL_F_TLS_CONSTRUCT_NEXT_PROTO = 426;
+  SSL_F_TLS_CONSTRUCT_SERVER_CERTIFICATE = 490;
+  SSL_F_TLS_CONSTRUCT_SERVER_HELLO = 491;
+  SSL_F_TLS_CONSTRUCT_SERVER_KEY_EXCHANGE = 492;
+  SSL_F_TLS_CONSTRUCT_STOC_ALPN = 451;
+  SSL_F_TLS_CONSTRUCT_STOC_CERTIFICATE = 374;
+  SSL_F_TLS_CONSTRUCT_STOC_COOKIE = 613;
+  SSL_F_TLS_CONSTRUCT_STOC_CRYPTOPRO_BUG = 452;
+  SSL_F_TLS_CONSTRUCT_STOC_DONE = 375;
+  SSL_F_TLS_CONSTRUCT_STOC_EARLY_DATA = 531;
+  SSL_F_TLS_CONSTRUCT_STOC_EARLY_DATA_INFO = 525;
+  SSL_F_TLS_CONSTRUCT_STOC_EC_PT_FORMATS = 453;
+  SSL_F_TLS_CONSTRUCT_STOC_EMS = 454;
+  SSL_F_TLS_CONSTRUCT_STOC_ETM = 455;
+  SSL_F_TLS_CONSTRUCT_STOC_HELLO = 376;
+  SSL_F_TLS_CONSTRUCT_STOC_KEY_EXCHANGE = 377;
+  SSL_F_TLS_CONSTRUCT_STOC_KEY_SHARE = 456;
+  SSL_F_TLS_CONSTRUCT_STOC_MAXFRAGMENTLEN = 548;
+  SSL_F_TLS_CONSTRUCT_STOC_NEXT_PROTO_NEG = 457;
+  SSL_F_TLS_CONSTRUCT_STOC_PSK = 504;
+  SSL_F_TLS_CONSTRUCT_STOC_RENEGOTIATE = 458;
+  SSL_F_TLS_CONSTRUCT_STOC_SERVER_NAME = 459;
+  SSL_F_TLS_CONSTRUCT_STOC_SESSION_TICKET = 460;
+  SSL_F_TLS_CONSTRUCT_STOC_STATUS_REQUEST = 461;
+  SSL_F_TLS_CONSTRUCT_STOC_SUPPORTED_GROUPS = 544;
+  SSL_F_TLS_CONSTRUCT_STOC_SUPPORTED_VERSIONS = 611;
+  SSL_F_TLS_CONSTRUCT_STOC_USE_SRTP = 462;
+  SSL_F_TLS_EARLY_POST_PROCESS_CLIENT_HELLO = 521;
+  SSL_F_TLS_FINISH_HANDSHAKE = 597;
+  SSL_F_TLS_GET_MESSAGE_BODY = 351;
+  SSL_F_TLS_GET_MESSAGE_HEADER = 387;
+  SSL_F_TLS_HANDLE_ALPN = 562;
+  SSL_F_TLS_HANDLE_STATUS_REQUEST = 563;
+  SSL_F_TLS_PARSE_CERTIFICATE_AUTHORITIES = 566;
+  SSL_F_TLS_PARSE_CLIENTHELLO_TLSEXT = 449;
+  SSL_F_TLS_PARSE_CTOS_ALPN = 567;
+  SSL_F_TLS_PARSE_CTOS_COOKIE = 614;
+  SSL_F_TLS_PARSE_CTOS_EARLY_DATA = 568;
+  SSL_F_TLS_PARSE_CTOS_EC_PT_FORMATS = 569;
+  SSL_F_TLS_PARSE_CTOS_EMS = 570;
+  SSL_F_TLS_PARSE_CTOS_KEY_SHARE = 463;
+  SSL_F_TLS_PARSE_CTOS_MAXFRAGMENTLEN = 571;
+  SSL_F_TLS_PARSE_CTOS_POST_HANDSHAKE_AUTH = 620;
+  SSL_F_TLS_PARSE_CTOS_PSK = 505;
+  SSL_F_TLS_PARSE_CTOS_PSK_KEX_MODES = 572;
+  SSL_F_TLS_PARSE_CTOS_RENEGOTIATE = 464;
+  SSL_F_TLS_PARSE_CTOS_SERVER_NAME = 573;
+  SSL_F_TLS_PARSE_CTOS_SESSION_TICKET = 574;
+  SSL_F_TLS_PARSE_CTOS_SIG_ALGS = 575;
+  SSL_F_TLS_PARSE_CTOS_SIG_ALGS_CERT = 615;
+  SSL_F_TLS_PARSE_CTOS_SRP = 576;
+  SSL_F_TLS_PARSE_CTOS_STATUS_REQUEST = 577;
+  SSL_F_TLS_PARSE_CTOS_SUPPORTED_GROUPS = 578;
+  SSL_F_TLS_PARSE_CTOS_USE_SRTP = 465;
+  SSL_F_TLS_PARSE_STOC_ALPN = 579;
+  SSL_F_TLS_PARSE_STOC_COOKIE = 534;
+  SSL_F_TLS_PARSE_STOC_EARLY_DATA = 538;
+  SSL_F_TLS_PARSE_STOC_EARLY_DATA_INFO = 528;
+  SSL_F_TLS_PARSE_STOC_EC_PT_FORMATS = 580;
+  SSL_F_TLS_PARSE_STOC_KEY_SHARE = 445;
+  SSL_F_TLS_PARSE_STOC_MAXFRAGMENTLEN = 581;
+  SSL_F_TLS_PARSE_STOC_NPN = 582;
+  SSL_F_TLS_PARSE_STOC_PSK = 502;
+  SSL_F_TLS_PARSE_STOC_RENEGOTIATE = 448;
+  SSL_F_TLS_PARSE_STOC_SCT = 564;
+  SSL_F_TLS_PARSE_STOC_SERVER_NAME = 583;
+  SSL_F_TLS_PARSE_STOC_SESSION_TICKET = 584;
+  SSL_F_TLS_PARSE_STOC_STATUS_REQUEST = 585;
+  SSL_F_TLS_PARSE_STOC_SUPPORTED_VERSIONS = 612;
+  SSL_F_TLS_PARSE_STOC_USE_SRTP = 446;
+  SSL_F_TLS_POST_PROCESS_CLIENT_HELLO = 378;
+  SSL_F_TLS_POST_PROCESS_CLIENT_KEY_EXCHANGE = 384;
+  SSL_F_TLS_PREPARE_CLIENT_CERTIFICATE = 360;
+  SSL_F_TLS_PROCESS_AS_HELLO_RETRY_REQUEST = 610;
+  SSL_F_TLS_PROCESS_CERTIFICATE_REQUEST = 361;
+  SSL_F_TLS_PROCESS_CERT_STATUS = 362;
+  SSL_F_TLS_PROCESS_CERT_STATUS_BODY = 495;
+  SSL_F_TLS_PROCESS_CERT_VERIFY = 379;
+  SSL_F_TLS_PROCESS_CHANGE_CIPHER_SPEC = 363;
+  SSL_F_TLS_PROCESS_CKE_DHE = 411;
+  SSL_F_TLS_PROCESS_CKE_ECDHE = 412;
+  SSL_F_TLS_PROCESS_CKE_GOST = 413;
+  SSL_F_TLS_PROCESS_CKE_PSK_PREAMBLE = 414;
+  SSL_F_TLS_PROCESS_CKE_RSA = 415;
+  SSL_F_TLS_PROCESS_CKE_SRP = 416;
+  SSL_F_TLS_PROCESS_CLIENT_CERTIFICATE = 380;
+  SSL_F_TLS_PROCESS_CLIENT_HELLO = 381;
+  SSL_F_TLS_PROCESS_CLIENT_KEY_EXCHANGE = 382;
+  SSL_F_TLS_PROCESS_ENCRYPTED_EXTENSIONS = 444;
+  SSL_F_TLS_PROCESS_END_OF_EARLY_DATA = 537;
+  SSL_F_TLS_PROCESS_FINISHED = 364;
+  SSL_F_TLS_PROCESS_HELLO_REQ = 507;
+  SSL_F_TLS_PROCESS_HELLO_RETRY_REQUEST = 511;
+  SSL_F_TLS_PROCESS_INITIAL_SERVER_FLIGHT = 442;
+  SSL_F_TLS_PROCESS_KEY_EXCHANGE = 365;
+  SSL_F_TLS_PROCESS_KEY_UPDATE = 518;
+  SSL_F_TLS_PROCESS_NEW_SESSION_TICKET = 366;
+  SSL_F_TLS_PROCESS_NEXT_PROTO = 383;
+  SSL_F_TLS_PROCESS_SERVER_CERTIFICATE = 367;
+  SSL_F_TLS_PROCESS_SERVER_DONE = 368;
+  SSL_F_TLS_PROCESS_SERVER_HELLO = 369;
+  SSL_F_TLS_PROCESS_SKE_DHE = 419;
+  SSL_F_TLS_PROCESS_SKE_ECDHE = 420;
+  SSL_F_TLS_PROCESS_SKE_PSK_PREAMBLE = 421;
+  SSL_F_TLS_PROCESS_SKE_SRP = 422;
+  SSL_F_TLS_PSK_DO_BINDER = 506;
+  SSL_F_TLS_SCAN_CLIENTHELLO_TLSEXT = 450;
+  SSL_F_TLS_SETUP_HANDSHAKE = 508;
+  SSL_F_USE_CERTIFICATE_CHAIN_FILE = 220;
+  SSL_F_WPACKET_INTERN_INIT_LEN = 633;
+  SSL_F_WPACKET_START_SUB_PACKET_LEN__ = 634;
+  SSL_F_WRITE_STATE_MACHINE = 586;
+  SSL_R_APPLICATION_DATA_AFTER_CLOSE_NOTIFY = 291;
+  SSL_R_APP_DATA_IN_HANDSHAKE = 100;
+  SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT = 272;
+  SSL_R_AT_LEAST_TLS_1_0_NEEDED_IN_FIPS_MODE = 143;
+  SSL_R_AT_LEAST_TLS_1_2_NEEDED_IN_SUITEB_MODE = 158;
+  SSL_R_BAD_CHANGE_CIPHER_SPEC = 103;
+  SSL_R_BAD_CIPHER = 186;
+  SSL_R_BAD_DATA = 390;
+  SSL_R_BAD_DATA_RETURNED_BY_CALLBACK = 106;
+  SSL_R_BAD_DECOMPRESSION = 107;
+  SSL_R_BAD_DH_VALUE = 102;
+  SSL_R_BAD_DIGEST_LENGTH = 111;
+  SSL_R_BAD_EARLY_DATA = 233;
+  SSL_R_BAD_ECC_CERT = 304;
+  SSL_R_BAD_ECPOINT = 306;
+  SSL_R_BAD_EXTENSION = 110;
+  SSL_R_BAD_HANDSHAKE_LENGTH = 332;
+  SSL_R_BAD_HANDSHAKE_STATE = 236;
+  SSL_R_BAD_HELLO_REQUEST = 105;
+  SSL_R_BAD_HRR_VERSION = 263;
+  SSL_R_BAD_KEY_SHARE = 108;
+  SSL_R_BAD_KEY_UPDATE = 122;
+  SSL_R_BAD_LEGACY_VERSION = 292;
+  SSL_R_BAD_LENGTH = 271;
+  SSL_R_BAD_PACKET = 240;
+  SSL_R_BAD_PACKET_LENGTH = 115;
+  SSL_R_BAD_PROTOCOL_VERSION_NUMBER = 116;
+  SSL_R_BAD_PSK = 219;
+  SSL_R_BAD_PSK_IDENTITY = 114;
+  SSL_R_BAD_RECORD_TYPE = 443;
+  SSL_R_BAD_RSA_ENCRYPT = 119;
+  SSL_R_BAD_SIGNATURE = 123;
+  SSL_R_BAD_SRP_A_LENGTH = 347;
+  SSL_R_BAD_SRP_PARAMETERS = 371;
+  SSL_R_BAD_SRTP_MKI_VALUE = 352;
+  SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST = 353;
+  SSL_R_BAD_SSL_FILETYPE = 124;
+  SSL_R_BAD_VALUE = 384;
+  SSL_R_BAD_WRITE_RETRY = 127;
+  SSL_R_BINDER_DOES_NOT_VERIFY = 253;
+  SSL_R_BIO_NOT_SET = 128;
+  SSL_R_BLOCK_CIPHER_PAD_IS_WRONG = 129;
+  SSL_R_BN_LIB = 130;
+  SSL_R_CALLBACK_FAILED = 234;
+  SSL_R_CANNOT_CHANGE_CIPHER = 109;
+  SSL_R_CA_DN_LENGTH_MISMATCH = 131;
+  SSL_R_CA_KEY_TOO_SMALL = 397;
+  SSL_R_CA_MD_TOO_WEAK = 398;
+  SSL_R_CCS_RECEIVED_EARLY = 133;
+  SSL_R_CERTIFICATE_VERIFY_FAILED = 134;
+  SSL_R_CERT_CB_ERROR = 377;
+  SSL_R_CERT_LENGTH_MISMATCH = 135;
+  SSL_R_CIPHERSUITE_DIGEST_HAS_CHANGED = 218;
+  SSL_R_CIPHER_CODE_WRONG_LENGTH = 137;
+  SSL_R_CIPHER_OR_HASH_UNAVAILABLE = 138;
+  SSL_R_CLIENTHELLO_TLSEXT = 226;
+  SSL_R_COMPRESSED_LENGTH_TOO_LONG = 140;
+  SSL_R_COMPRESSION_DISABLED = 343;
+  SSL_R_COMPRESSION_FAILURE = 141;
+  SSL_R_COMPRESSION_ID_NOT_WITHIN_PRIVATE_RANGE = 307;
+  SSL_R_COMPRESSION_LIBRARY_ERROR = 142;
+  SSL_R_CONNECTION_TYPE_NOT_SET = 144;
+  SSL_R_CONTEXT_NOT_DANE_ENABLED = 167;
+  SSL_R_COOKIE_GEN_CALLBACK_FAILURE = 400;
+  SSL_R_COOKIE_MISMATCH = 308;
+  SSL_R_CUSTOM_EXT_HANDLER_ALREADY_INSTALLED = 206;
+  SSL_R_DANE_ALREADY_ENABLED = 172;
+  SSL_R_DANE_CANNOT_OVERRIDE_MTYPE_FULL = 173;
+  SSL_R_DANE_NOT_ENABLED = 175;
+  SSL_R_DANE_TLSA_BAD_CERTIFICATE = 180;
+  SSL_R_DANE_TLSA_BAD_CERTIFICATE_USAGE = 184;
+  SSL_R_DANE_TLSA_BAD_DATA_LENGTH = 189;
+  SSL_R_DANE_TLSA_BAD_DIGEST_LENGTH = 192;
+  SSL_R_DANE_TLSA_BAD_MATCHING_TYPE = 200;
+  SSL_R_DANE_TLSA_BAD_PUBLIC_KEY = 201;
+  SSL_R_DANE_TLSA_BAD_SELECTOR = 202;
+  SSL_R_DANE_TLSA_NULL_DATA = 203;
+  SSL_R_DATA_BETWEEN_CCS_AND_FINISHED = 145;
+  SSL_R_DATA_LENGTH_TOO_LONG = 146;
+  SSL_R_DECRYPTION_FAILED = 147;
+  SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC = 281;
+  SSL_R_DH_KEY_TOO_SMALL = 394;
+  SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG = 148;
+  SSL_R_DIGEST_CHECK_FAILED = 149;
+  SSL_R_DTLS_MESSAGE_TOO_BIG = 334;
+  SSL_R_DUPLICATE_COMPRESSION_ID = 309;
+  SSL_R_ECC_CERT_NOT_FOR_SIGNING = 318;
+  SSL_R_ECDH_REQUIRED_FOR_SUITEB_MODE = 374;
+  SSL_R_EE_KEY_TOO_SMALL = 399;
+  SSL_R_EMPTY_SRTP_PROTECTION_PROFILE_LIST = 354;
+  SSL_R_ENCRYPTED_LENGTH_TOO_LONG = 150;
+  SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST = 151;
+  SSL_R_ERROR_SETTING_TLSA_BASE_DOMAIN = 204;
+  SSL_R_EXCEEDS_MAX_FRAGMENT_SIZE = 194;
+  SSL_R_EXCESSIVE_MESSAGE_SIZE = 152;
+  SSL_R_EXTENSION_NOT_RECEIVED = 279;
+  SSL_R_EXTRA_DATA_IN_MESSAGE = 153;
+  SSL_R_EXT_LENGTH_MISMATCH = 163;
+  SSL_R_FAILED_TO_INIT_ASYNC = 405;
+  SSL_R_FRAGMENTED_CLIENT_HELLO = 401;
+  SSL_R_GOT_A_FIN_BEFORE_A_CCS = 154;
+  SSL_R_HTTPS_PROXY_REQUEST = 155;
+  SSL_R_HTTP_REQUEST = 156;
+  SSL_R_ILLEGAL_POINT_COMPRESSION = 162;
+  SSL_R_ILLEGAL_SUITEB_DIGEST = 380;
+  SSL_R_INAPPROPRIATE_FALLBACK = 373;
+  SSL_R_INCONSISTENT_COMPRESSION = 340;
+  SSL_R_INCONSISTENT_EARLY_DATA_ALPN = 222;
+  SSL_R_INCONSISTENT_EARLY_DATA_SNI = 231;
+  SSL_R_INCONSISTENT_EXTMS = 104;
+  SSL_R_INSUFFICIENT_SECURITY = 241;
+  SSL_R_INVALID_ALERT = 205;
+  SSL_R_INVALID_CCS_MESSAGE = 260;
+  SSL_R_INVALID_CERTIFICATE_OR_ALG = 238;
+  SSL_R_INVALID_COMMAND = 280;
+  SSL_R_INVALID_COMPRESSION_ALGORITHM = 341;
+  SSL_R_INVALID_CONFIG = 283;
+  SSL_R_INVALID_CONFIGURATION_NAME = 113;
+  SSL_R_INVALID_CONTEXT = 282;
+  SSL_R_INVALID_CT_VALIDATION_TYPE = 212;
+  SSL_R_INVALID_KEY_UPDATE_TYPE = 120;
+  SSL_R_INVALID_MAX_EARLY_DATA = 174;
+  SSL_R_INVALID_NULL_CMD_NAME = 385;
+  SSL_R_INVALID_SEQUENCE_NUMBER = 402;
+  SSL_R_INVALID_SERVERINFO_DATA = 388;
+  SSL_R_INVALID_SESSION_ID = 999;
+  SSL_R_INVALID_SRP_USERNAME = 357;
+  SSL_R_INVALID_STATUS_RESPONSE = 328;
+  SSL_R_INVALID_TICKET_KEYS_LENGTH = 325;
+  SSL_R_LENGTH_MISMATCH = 159;
+  SSL_R_LENGTH_TOO_LONG = 404;
+  SSL_R_LENGTH_TOO_SHORT = 160;
+  SSL_R_LIBRARY_BUG = 274;
+  SSL_R_LIBRARY_HAS_NO_CIPHERS = 161;
+  SSL_R_MISSING_DSA_SIGNING_CERT = 165;
+  SSL_R_MISSING_ECDSA_SIGNING_CERT = 381;
+  SSL_R_MISSING_FATAL = 256;
+  SSL_R_MISSING_PARAMETERS = 290;
+  SSL_R_MISSING_RSA_CERTIFICATE = 168;
+  SSL_R_MISSING_RSA_ENCRYPTING_CERT = 169;
+  SSL_R_MISSING_RSA_SIGNING_CERT = 170;
+  SSL_R_MISSING_SIGALGS_EXTENSION = 112;
+  SSL_R_MISSING_SIGNING_CERT = 221;
+  SSL_R_MISSING_SRP_PARAM = 358;
+  SSL_R_MISSING_SUPPORTED_GROUPS_EXTENSION = 209;
+  SSL_R_MISSING_TMP_DH_KEY = 171;
+  SSL_R_MISSING_TMP_ECDH_KEY = 311;
+  SSL_R_MIXED_HANDSHAKE_AND_NON_HANDSHAKE_DATA = 293;
+  SSL_R_NOT_ON_RECORD_BOUNDARY = 182;
+  SSL_R_NOT_REPLACING_CERTIFICATE = 289;
+  SSL_R_NOT_SERVER = 284;
+  SSL_R_NO_APPLICATION_PROTOCOL = 235;
+  SSL_R_NO_CERTIFICATES_RETURNED = 176;
+  SSL_R_NO_CERTIFICATE_ASSIGNED = 177;
+  SSL_R_NO_CERTIFICATE_SET = 179;
+  SSL_R_NO_CHANGE_FOLLOWING_HRR = 214;
+  SSL_R_NO_CIPHERS_AVAILABLE = 181;
+  SSL_R_NO_CIPHERS_SPECIFIED = 183;
+  SSL_R_NO_CIPHER_MATCH = 185;
+  SSL_R_NO_CLIENT_CERT_METHOD = 331;
+  SSL_R_NO_COMPRESSION_SPECIFIED = 187;
+  SSL_R_NO_COOKIE_CALLBACK_SET = 287;
+  SSL_R_NO_GOST_CERTIFICATE_SENT_BY_PEER = 330;
+  SSL_R_NO_METHOD_SPECIFIED = 188;
+  SSL_R_NO_PEM_EXTENSIONS = 389;
+  SSL_R_NO_PRIVATE_KEY_ASSIGNED = 190;
+  SSL_R_NO_PROTOCOLS_AVAILABLE = 191;
+  SSL_R_NO_RENEGOTIATION = 339;
+  SSL_R_NO_REQUIRED_DIGEST = 324;
+  SSL_R_NO_SHARED_CIPHER = 193;
+  SSL_R_NO_SHARED_GROUPS = 410;
+  SSL_R_NO_SHARED_SIGNATURE_ALGORITHMS = 376;
+  SSL_R_NO_SRTP_PROFILES = 359;
+  SSL_R_NO_SUITABLE_KEY_SHARE = 101;
+  SSL_R_NO_SUITABLE_SIGNATURE_ALGORITHM = 118;
+  SSL_R_NO_VALID_SCTS = 216;
+  SSL_R_NO_VERIFY_COOKIE_CALLBACK = 403;
+  SSL_R_NULL_SSL_CTX = 195;
+  SSL_R_NULL_SSL_METHOD_PASSED = 196;
+  SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED = 197;
+  SSL_R_OLD_SESSION_COMPRESSION_ALGORITHM_NOT_RETURNED = 344;
+  SSL_R_OVERFLOW_ERROR = 237;
+  SSL_R_PACKET_LENGTH_TOO_LONG = 198;
+  SSL_R_PARSE_TLSEXT = 227;
+  SSL_R_PATH_TOO_LONG = 270;
+  SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE = 199;
+  SSL_R_PEM_NAME_BAD_PREFIX = 391;
+  SSL_R_PEM_NAME_TOO_SHORT = 392;
+  SSL_R_PIPELINE_FAILURE = 406;
+  SSL_R_POST_HANDSHAKE_AUTH_ENCODING_ERR = 278;
+  SSL_R_PRIVATE_KEY_MISMATCH = 288;
+  SSL_R_PROTOCOL_IS_SHUTDOWN = 207;
+  SSL_R_PSK_IDENTITY_NOT_FOUND = 223;
+  SSL_R_PSK_NO_CLIENT_CB = 224;
+  SSL_R_PSK_NO_SERVER_CB = 225;
+  SSL_R_READ_BIO_NOT_SET = 211;
+  SSL_R_READ_TIMEOUT_EXPIRED = 312;
+  SSL_R_RECORD_LENGTH_MISMATCH = 213;
+  SSL_R_RECORD_TOO_SMALL = 298;
+  SSL_R_RENEGOTIATE_EXT_TOO_LONG = 335;
+  SSL_R_RENEGOTIATION_ENCODING_ERR = 336;
+  SSL_R_RENEGOTIATION_MISMATCH = 337;
+  SSL_R_REQUEST_PENDING = 285;
+  SSL_R_REQUEST_SENT = 286;
+  SSL_R_REQUIRED_CIPHER_MISSING = 215;
+  SSL_R_REQUIRED_COMPRESSION_ALGORITHM_MISSING = 342;
+  SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING = 345;
+  SSL_R_SCT_VERIFICATION_FAILED = 208;
+  SSL_R_SERVERHELLO_TLSEXT = 275;
+  SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED = 277;
+  SSL_R_SHUTDOWN_WHILE_IN_INIT = 407;
+  SSL_R_SIGNATURE_ALGORITHMS_ERROR = 360;
+  SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE = 220;
+  SSL_R_SRP_A_CALC = 361;
+  SSL_R_SRTP_COULD_NOT_ALLOCATE_PROFILES = 362;
+  SSL_R_SRTP_PROTECTION_PROFILE_LIST_TOO_LONG = 363;
+  SSL_R_SRTP_UNKNOWN_PROTECTION_PROFILE = 364;
+  SSL_R_SSL3_EXT_INVALID_MAX_FRAGMENT_LENGTH = 232;
+  SSL_R_SSL3_EXT_INVALID_SERVERNAME = 319;
+  SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE = 320;
+  SSL_R_SSL3_SESSION_ID_TOO_LONG = 300;
+  SSL_R_SSLV3_ALERT_BAD_CERTIFICATE = 1042;
+  SSL_R_SSLV3_ALERT_BAD_RECORD_MAC = 1020;
+  SSL_R_SSLV3_ALERT_CERTIFICATE_EXPIRED = 1045;
+  SSL_R_SSLV3_ALERT_CERTIFICATE_REVOKED = 1044;
+  SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN = 1046;
+  SSL_R_SSLV3_ALERT_DECOMPRESSION_FAILURE = 1030;
+  SSL_R_SSLV3_ALERT_HANDSHAKE_FAILURE = 1040;
+  SSL_R_SSLV3_ALERT_ILLEGAL_PARAMETER = 1047;
+  SSL_R_SSLV3_ALERT_NO_CERTIFICATE = 1041;
+  SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE = 1010;
+  SSL_R_SSLV3_ALERT_UNSUPPORTED_CERTIFICATE = 1043;
+  SSL_R_SSL_COMMAND_SECTION_EMPTY = 117;
+  SSL_R_SSL_COMMAND_SECTION_NOT_FOUND = 125;
+  SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION = 228;
+  SSL_R_SSL_HANDSHAKE_FAILURE = 229;
+  SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS = 230;
+  SSL_R_SSL_NEGATIVE_LENGTH = 372;
+  SSL_R_SSL_SECTION_EMPTY = 126;
+  SSL_R_SSL_SECTION_NOT_FOUND = 136;
+  SSL_R_SSL_SESSION_ID_CALLBACK_FAILED = 301;
+  SSL_R_SSL_SESSION_ID_CONFLICT = 302;
+  SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG = 273;
+  SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH = 303;
+  SSL_R_SSL_SESSION_ID_TOO_LONG = 408;
+  SSL_R_SSL_SESSION_VERSION_MISMATCH = 210;
+  SSL_R_STILL_IN_INIT = 121;
+  SSL_R_TLSV13_ALERT_CERTIFICATE_REQUIRED = 1116;
+  SSL_R_TLSV13_ALERT_MISSING_EXTENSION = 1109;
+  SSL_R_TLSV1_ALERT_ACCESS_DENIED = 1049;
+  SSL_R_TLSV1_ALERT_DECODE_ERROR = 1050;
+  SSL_R_TLSV1_ALERT_DECRYPTION_FAILED = 1021;
+  SSL_R_TLSV1_ALERT_DECRYPT_ERROR = 1051;
+  SSL_R_TLSV1_ALERT_EXPORT_RESTRICTION = 1060;
+  SSL_R_TLSV1_ALERT_INAPPROPRIATE_FALLBACK = 1086;
+  SSL_R_TLSV1_ALERT_INSUFFICIENT_SECURITY = 1071;
+  SSL_R_TLSV1_ALERT_INTERNAL_ERROR = 1080;
+  SSL_R_TLSV1_ALERT_NO_RENEGOTIATION = 1100;
+  SSL_R_TLSV1_ALERT_PROTOCOL_VERSION = 1070;
+  SSL_R_TLSV1_ALERT_RECORD_OVERFLOW = 1022;
+  SSL_R_TLSV1_ALERT_UNKNOWN_CA = 1048;
+  SSL_R_TLSV1_ALERT_USER_CANCELLED = 1090;
+  SSL_R_TLSV1_BAD_CERTIFICATE_HASH_VALUE = 1114;
+  SSL_R_TLSV1_BAD_CERTIFICATE_STATUS_RESPONSE = 1113;
+  SSL_R_TLSV1_CERTIFICATE_UNOBTAINABLE = 1111;
+  SSL_R_TLSV1_UNRECOGNIZED_NAME = 1112;
+  SSL_R_TLSV1_UNSUPPORTED_EXTENSION = 1110;
+  SSL_R_TLS_HEARTBEAT_PEER_DOESNT_ACCEPT = 365;
+  SSL_R_TLS_HEARTBEAT_PENDING = 366;
+  SSL_R_TLS_ILLEGAL_EXPORTER_LABEL = 367;
+  SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST = 157;
+  SSL_R_TOO_MANY_KEY_UPDATES = 132;
+  SSL_R_TOO_MANY_WARN_ALERTS = 409;
+  SSL_R_TOO_MUCH_EARLY_DATA = 164;
+  SSL_R_UNABLE_TO_FIND_ECDH_PARAMETERS = 314;
+  SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS = 239;
+  SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES = 242;
+  SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES = 243;
+  SSL_R_UNEXPECTED_CCS_MESSAGE = 262;
+  SSL_R_UNEXPECTED_END_OF_EARLY_DATA = 178;
+  SSL_R_UNEXPECTED_MESSAGE = 244;
+  SSL_R_UNEXPECTED_RECORD = 245;
+  SSL_R_UNINITIALIZED = 276;
+  SSL_R_UNKNOWN_ALERT_TYPE = 246;
+  SSL_R_UNKNOWN_CERTIFICATE_TYPE = 247;
+  SSL_R_UNKNOWN_CIPHER_RETURNED = 248;
+  SSL_R_UNKNOWN_CIPHER_TYPE = 249;
+  SSL_R_UNKNOWN_CMD_NAME = 386;
+  SSL_R_UNKNOWN_COMMAND = 139;
+  SSL_R_UNKNOWN_DIGEST = 368;
+  SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE = 250;
+  SSL_R_UNKNOWN_PKEY_TYPE = 251;
+  SSL_R_UNKNOWN_PROTOCOL = 252;
+  SSL_R_UNKNOWN_SSL_VERSION = 254;
+  SSL_R_UNKNOWN_STATE = 255;
+  SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED = 338;
+  SSL_R_UNSOLICITED_EXTENSION = 217;
+  SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM = 257;
+  SSL_R_UNSUPPORTED_ELLIPTIC_CURVE = 315;
+  SSL_R_UNSUPPORTED_PROTOCOL = 258;
+  SSL_R_UNSUPPORTED_SSL_VERSION = 259;
+  SSL_R_UNSUPPORTED_STATUS_TYPE = 329;
+  SSL_R_USE_SRTP_NOT_NEGOTIATED = 369;
+  SSL_R_VERSION_TOO_HIGH = 166;
+  SSL_R_VERSION_TOO_LOW = 396;
+  SSL_R_WRONG_CERTIFICATE_TYPE = 383;
+  SSL_R_WRONG_CIPHER_RETURNED = 261;
+  SSL_R_WRONG_CURVE = 378;
+  SSL_R_WRONG_SIGNATURE_LENGTH = 264;
+  SSL_R_WRONG_SIGNATURE_SIZE = 265;
+  SSL_R_WRONG_SIGNATURE_TYPE = 370;
+  SSL_R_WRONG_SSL_VERSION = 266;
+  SSL_R_WRONG_VERSION_NUMBER = 267;
+  SSL_R_X509_LIB = 268;
+  SSL_R_X509_VERIFICATION_SETUP_PROBLEMS = 269;
+
+  function ERR_load_SSL_strings: TIdC_INT cdecl; external CLibSSL;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_storeerr.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_storeerr.pas
new file mode 100644
index 000000000..fef077c2c
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_storeerr.pas
@@ -0,0 +1,121 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 14:51:27
+
+unit IdOpenSSLHeaders_storeerr;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// storeerr.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+const
+  (*
+   * OSSL_STORE function codes.
+   *)
+  OSSL_STORE_F_FILE_CTRL = 129;
+  OSSL_STORE_F_FILE_FIND = 138;
+  OSSL_STORE_F_FILE_GET_PASS = 118;
+  OSSL_STORE_F_FILE_LOAD = 119;
+  OSSL_STORE_F_FILE_LOAD_TRY_DECODE = 124;
+  OSSL_STORE_F_FILE_NAME_TO_URI = 126;
+  OSSL_STORE_F_FILE_OPEN = 120;
+  OSSL_STORE_F_OSSL_STORE_ATTACH_PEM_BIO = 127;
+  OSSL_STORE_F_OSSL_STORE_EXPECT = 130;
+  OSSL_STORE_F_OSSL_STORE_FILE_ATTACH_PEM_BIO_INT = 128;
+  OSSL_STORE_F_OSSL_STORE_FIND = 131;
+  OSSL_STORE_F_OSSL_STORE_GET0_LOADER_INT = 100;
+  OSSL_STORE_F_OSSL_STORE_INFO_GET1_CERT = 101;
+  OSSL_STORE_F_OSSL_STORE_INFO_GET1_CRL = 102;
+  OSSL_STORE_F_OSSL_STORE_INFO_GET1_NAME = 103;
+  OSSL_STORE_F_OSSL_STORE_INFO_GET1_NAME_DESCRIPTION = 135;
+  OSSL_STORE_F_OSSL_STORE_INFO_GET1_PARAMS = 104;
+  OSSL_STORE_F_OSSL_STORE_INFO_GET1_PKEY = 105;
+  OSSL_STORE_F_OSSL_STORE_INFO_NEW_CERT = 106;
+  OSSL_STORE_F_OSSL_STORE_INFO_NEW_CRL = 107;
+  OSSL_STORE_F_OSSL_STORE_INFO_NEW_EMBEDDED = 123;
+  OSSL_STORE_F_OSSL_STORE_INFO_NEW_NAME = 109;
+  OSSL_STORE_F_OSSL_STORE_INFO_NEW_PARAMS = 110;
+  OSSL_STORE_F_OSSL_STORE_INFO_NEW_PKEY = 111;
+  OSSL_STORE_F_OSSL_STORE_INFO_SET0_NAME_DESCRIPTION = 134;
+  OSSL_STORE_F_OSSL_STORE_INIT_ONCE = 112;
+  OSSL_STORE_F_OSSL_STORE_LOADER_NEW = 113;
+  OSSL_STORE_F_OSSL_STORE_OPEN = 114;
+  OSSL_STORE_F_OSSL_STORE_OPEN_INT = 115;
+  OSSL_STORE_F_OSSL_STORE_REGISTER_LOADER_INT = 117;
+  OSSL_STORE_F_OSSL_STORE_SEARCH_BY_ALIAS = 132;
+  OSSL_STORE_F_OSSL_STORE_SEARCH_BY_ISSUER_SERIAL = 133;
+  OSSL_STORE_F_OSSL_STORE_SEARCH_BY_KEY_FINGERPRINT = 136;
+  OSSL_STORE_F_OSSL_STORE_SEARCH_BY_NAME = 137;
+  OSSL_STORE_F_OSSL_STORE_UNREGISTER_LOADER_INT = 116;
+  OSSL_STORE_F_TRY_DECODE_PARAMS = 121;
+  OSSL_STORE_F_TRY_DECODE_PKCS12 = 122;
+  OSSL_STORE_F_TRY_DECODE_PKCS8ENCRYPTED = 125;
+
+
+  (*
+   * OSSL_STORE reason codes.
+   *)
+  OSSL_STORE_R_AMBIGUOUS_CONTENT_TYPE = 107;
+  OSSL_STORE_R_BAD_PASSWORD_READ = 115;
+  OSSL_STORE_R_ERROR_VERIFYING_PKCS12_MAC = 113;
+  OSSL_STORE_R_FINGERPRINT_SIZE_DOES_NOT_MATCH_DIGEST = 121;
+  OSSL_STORE_R_INVALID_SCHEME = 106;
+  OSSL_STORE_R_IS_NOT_A = 112;
+  OSSL_STORE_R_LOADER_INCOMPLETE = 116;
+  OSSL_STORE_R_LOADING_STARTED = 117;
+  OSSL_STORE_R_NOT_A_CERTIFICATE = 100;
+  OSSL_STORE_R_NOT_A_CRL = 101;
+  OSSL_STORE_R_NOT_A_KEY = 102;
+  OSSL_STORE_R_NOT_A_NAME = 103;
+  OSSL_STORE_R_NOT_PARAMETERS = 104;
+  OSSL_STORE_R_PASSPHRASE_CALLBACK_ERROR = 114;
+  OSSL_STORE_R_PATH_MUST_BE_ABSOLUTE = 108;
+  OSSL_STORE_R_SEARCH_ONLY_SUPPORTED_FOR_DIRECTORIES = 119;
+  OSSL_STORE_R_UI_PROCESS_INTERRUPTED_OR_CANCELLED = 109;
+  OSSL_STORE_R_UNREGISTERED_SCHEME = 105;
+  OSSL_STORE_R_UNSUPPORTED_CONTENT_TYPE = 110;
+  OSSL_STORE_R_UNSUPPORTED_OPERATION = 118;
+  OSSL_STORE_R_UNSUPPORTED_SEARCH_TYPE = 120;
+  OSSL_STORE_R_URI_AUTHORITY_UNSUPPORTED = 111;
+
+  function ERR_load_OSSL_STORE_strings: TIdC_INT cdecl; external CLibCrypto;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_tls1.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_tls1.pas
new file mode 100644
index 000000000..b637216c6
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_tls1.pas
@@ -0,0 +1,1213 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 14:51:27
+
+unit IdOpenSSLHeaders_tls1;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// tls1.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts,
+  IdOpenSSLHeaders_ossl_typ;
+
+const
+  (* Default security level if not overridden at config time *)
+  OPENSSL_TLS_SECURITY_LEVEL = 1;
+
+  TLS1_VERSION = $0301;
+  TLS1_1_VERSION = $0302;
+  TLS1_2_VERSION = $0303;
+  TLS1_3_VERSION = $0304;
+  TLS_MAX_VERSION = TLS1_3_VERSION;
+
+  (* Special value for method supporting multiple versions *)
+  TLS_ANY_VERSION = $10000;
+
+  TLS1_VERSION_MAJOR = $03;
+  TLS1_VERSION_MINOR = $01;
+
+  TLS1_1_VERSION_MAJOR = $03;
+  TLS1_1_VERSION_MINOR = $02;
+
+  TLS1_2_VERSION_MAJOR = $03;
+  TLS1_2_VERSION_MINOR = $03;
+
+
+//# define TLS1_get_version(s) \
+//        ((SSL_version(s) >> 8) == TLS1_VERSION_MAJOR ? SSL_version(s) : 0)
+//
+//# define TLS1_get_client_version(s) \
+//        ((SSL_client_version(s) >> 8) == TLS1_VERSION_MAJOR ? SSL_client_version(s) : 0)
+
+  TLS1_AD_DECRYPTION_FAILED = 21;
+  TLS1_AD_RECORD_OVERFLOW = 22;
+  TLS1_AD_UNKNOWN_CA = 48; (* fatal *)
+  TLS1_AD_ACCESS_DENIED = 49; (* fatal *)
+  TLS1_AD_DECODE_ERROR = 50; (* fatal *)
+  TLS1_AD_DECRYPT_ERROR = 51;
+  TLS1_AD_EXPORT_RESTRICTION = 60; (* fatal *)
+  TLS1_AD_PROTOCOL_VERSION = 70; (* fatal *)
+  TLS1_AD_INSUFFICIENT_SECURITY = 71; (* fatal *)
+  TLS1_AD_INTERNAL_ERROR = 80; (* fatal *)
+  TLS1_AD_INAPPROPRIATE_FALLBACK = 86; (* fatal *)
+  TLS1_AD_USER_CANCELLED = 90;
+  TLS1_AD_NO_RENEGOTIATION = 100;
+  (* TLSv1.3 alerts *)
+  TLS13_AD_MISSING_EXTENSION = 109; (* fatal *)
+  TLS13_AD_CERTIFICATE_REQUIRED = 116; (* fatal *)
+  (* codes 110-114 are from RFC3546 *)
+  TLS1_AD_UNSUPPORTED_EXTENSION = 110;
+  TLS1_AD_CERTIFICATE_UNOBTAINABLE = 111;
+  TLS1_AD_UNRECOGNIZED_NAME = 112;
+  TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE = 113;
+  TLS1_AD_BAD_CERTIFICATE_HASH_VALUE = 114;
+  TLS1_AD_UNKNOWN_PSK_IDENTITY = 115; (* fatal *)
+  TLS1_AD_NO_APPLICATION_PROTOCOL = 120; (* fatal *)
+
+  (* ExtensionType values from RFC3546 / RFC4366 / RFC6066 *)
+  TLSEXT_TYPE_server_name = 0;
+  TLSEXT_TYPE_max_fragment_length = 1;
+  TLSEXT_TYPE_client_certificate_url = 2;
+  TLSEXT_TYPE_trusted_ca_keys = 3;
+  TLSEXT_TYPE_truncated_hmac = 4;
+  TLSEXT_TYPE_status_request = 5;
+  (* ExtensionType values from RFC4681 *)
+  TLSEXT_TYPE_user_mapping = 6;
+  (* ExtensionType values from RFC5878 *)
+  TLSEXT_TYPE_client_authz = 7;
+  TLSEXT_TYPE_server_authz = 8;
+  (* ExtensionType values from RFC6091 *)
+  TLSEXT_TYPE_cert_type = 9;
+
+  (* ExtensionType values from RFC4492 *)
+  (*
+   * Prior to TLSv1.3 the supported_groups extension was known as
+   * elliptic_curves
+   *)
+  TLSEXT_TYPE_supported_groups = 10;
+  TLSEXT_TYPE_elliptic_curves = TLSEXT_TYPE_supported_groups;
+  TLSEXT_TYPE_ec_poTIdC_INT_formats = 11;
+
+  (* ExtensionType value from RFC5054 *)
+  TLSEXT_TYPE_srp = 12;
+  (* ExtensionType values from RFC5246 *)
+  TLSEXT_TYPE_signature_algorithms = 13;
+
+  (* ExtensionType value from RFC5764 *)
+  TLSEXT_TYPE_use_srtp = 14;
+
+  (* ExtensionType value from RFC5620 *)
+  TLSEXT_TYPE_heartbeat = 15;
+
+  (* ExtensionType value from RFC7301 *)
+  TLSEXT_TYPE_application_layer_protocol_negotiation = 16;
+
+  (*
+   * Extension type for Certificate Transparency
+   * https://tools.ietf.org/html/rfc6962#section-3.3.1
+   *)
+  TLSEXT_TYPE_signed_certificate_timestamp = 18;
+
+  (*
+   * ExtensionType value for TLS padding extension.
+   * http://tools.ietf.org/html/draft-agl-tls-padding
+   *)
+  TLSEXT_TYPE_padding = 21;
+
+  (* ExtensionType value from RFC7366 *)
+  TLSEXT_TYPE_encrypt_then_mac = 22;
+
+  (* ExtensionType value from RFC7627 *)
+  TLSEXT_TYPE_extended_master_secret = 23;
+
+  (* ExtensionType value from RFC4507 *)
+  TLSEXT_TYPE_session_ticket = 35;
+
+  (* As defined for TLS1.3 *)
+  TLSEXT_TYPE_psk = 41;
+  TLSEXT_TYPE_early_data = 42;
+  TLSEXT_TYPE_supported_versions = 43;
+  TLSEXT_TYPE_cookie = 44;
+  TLSEXT_TYPE_psk_kex_modes = 45;
+  TLSEXT_TYPE_certificate_authorities = 47;
+  TLSEXT_TYPE_post_handshake_auth = 49;
+  TLSEXT_TYPE_signature_algorithms_cert = 50;
+  TLSEXT_TYPE_key_share = 51;
+
+  (* Temporary extension type *)
+  TLSEXT_TYPE_renegotiate = $ff01;
+
+  (* This is not an IANA defined extension number *)
+  TLSEXT_TYPE_next_proto_neg = 13172;
+
+  (* NameType value from RFC3546 *)
+  TLSEXT_NAMETYPE_host_name = 0;
+  (* status request value from RFC3546 *)
+  TLSEXT_STATUSTYPE_ocsp = 1;
+
+  (* ECPoTIdC_INTFormat values from RFC4492 *)
+  TLSEXT_ECPOTIdC_INTFORMAT_first = 0;
+  TLSEXT_ECPOTIdC_INTFORMAT_uncompressed = 0;
+  TLSEXT_ECPOTIdC_INTFORMAT_ansiX962_compressed_prime = 1;
+  TLSEXT_ECPOTIdC_INTFORMAT_ansiX962_compressed_PIdAnsiChar2 = 2;
+  TLSEXT_ECPOTIdC_INTFORMAT_last = 2;
+
+  (* Signature and hash algorithms from RFC5246 *)
+  TLSEXT_signature_anonymous = 0;
+  TLSEXT_signature_rsa = 1;
+  TLSEXT_signature_dsa = 2;
+  TLSEXT_signature_ecdsa = 3;
+  TLSEXT_signature_gostr34102001 = 237;
+  TLSEXT_signature_gostr34102012_256 = 238;
+  TLSEXT_signature_gostr34102012_512 = 239;
+
+  (* Total number of different signature algorithms *)
+  TLSEXT_signature_num = 7;
+
+  TLSEXT_hash_none = 0;
+  TLSEXT_hash_md5 = 1;
+  TLSEXT_hash_sha1 = 2;
+  TLSEXT_hash_sha224 = 3;
+  TLSEXT_hash_sha256 = 4;
+  TLSEXT_hash_sha384 = 5;
+  TLSEXT_hash_sha512 = 6;
+  TLSEXT_hash_gostr3411 = 237;
+  TLSEXT_hash_gostr34112012_256 = 238;
+  TLSEXT_hash_gostr34112012_512 = 239;
+
+  (* Total number of different digest algorithms *)
+  TLSEXT_hash_num = 10;
+
+  (* Flag set for unrecognised algorithms *)
+  TLSEXT_nid_unknown = $1000000;
+
+  (* ECC curves *)
+  TLSEXT_curve_P_256 = 23;
+  TLSEXT_curve_P_384 = 24;
+
+  (* OpenSSL value to disable maximum fragment length extension *)
+  TLSEXT_max_fragment_length_DISABLED = 0;
+  (* Allowed values for max fragment length extension *)
+  TLSEXT_max_fragment_length_512 = 1;
+  TLSEXT_max_fragment_length_1024 = 2;
+  TLSEXT_max_fragment_length_2048 = 3;
+  TLSEXT_max_fragment_length_4096 = 4;
+
+  TLSEXT_MAXLEN_host_name = 255;
+
+  SSL_TLSEXT_ERR_OK = 0;
+  SSL_TLSEXT_ERR_ALERT_WARNING = 1;
+  SSL_TLSEXT_ERR_ALERT_FATAL = 2;
+  SSL_TLSEXT_ERR_NOACK = 3;
+
+  SSL_DTLSEXT_HB_ENABLED = $01;
+  SSL_DTLSEXT_HB_DONT_SEND_REQUESTS = $02;
+  SSL_DTLSEXT_HB_DONT_RECV_REQUESTS = $04;
+
+  (* PSK ciphersuites from 4279 *)
+  TLS1_CK_PSK_WITH_RC4_128_SHA = $0300008A;
+  TLS1_CK_PSK_WITH_3DES_EDE_CBC_SHA = $0300008B;
+  TLS1_CK_PSK_WITH_AES_128_CBC_SHA = $0300008C;
+  TLS1_CK_PSK_WITH_AES_256_CBC_SHA = $0300008D;
+  TLS1_CK_DHE_PSK_WITH_RC4_128_SHA = $0300008E;
+  TLS1_CK_DHE_PSK_WITH_3DES_EDE_CBC_SHA = $0300008F;
+  TLS1_CK_DHE_PSK_WITH_AES_128_CBC_SHA = $03000090;
+  TLS1_CK_DHE_PSK_WITH_AES_256_CBC_SHA = $03000091;
+  TLS1_CK_RSA_PSK_WITH_RC4_128_SHA = $03000092;
+  TLS1_CK_RSA_PSK_WITH_3DES_EDE_CBC_SHA = $03000093;
+  TLS1_CK_RSA_PSK_WITH_AES_128_CBC_SHA = $03000094;
+  TLS1_CK_RSA_PSK_WITH_AES_256_CBC_SHA = $03000095;
+
+  (* PSK ciphersuites from 5487 *)
+  TLS1_CK_PSK_WITH_AES_128_GCM_SHA256 = $030000A8;
+  TLS1_CK_PSK_WITH_AES_256_GCM_SHA384 = $030000A9;
+  TLS1_CK_DHE_PSK_WITH_AES_128_GCM_SHA256 = $030000AA;
+  TLS1_CK_DHE_PSK_WITH_AES_256_GCM_SHA384 = $030000AB;
+  TLS1_CK_RSA_PSK_WITH_AES_128_GCM_SHA256 = $030000AC;
+  TLS1_CK_RSA_PSK_WITH_AES_256_GCM_SHA384 = $030000AD;
+  TLS1_CK_PSK_WITH_AES_128_CBC_SHA256 = $030000AE;
+  TLS1_CK_PSK_WITH_AES_256_CBC_SHA384 = $030000AF;
+  TLS1_CK_PSK_WITH_NULL_SHA256 = $030000B0;
+  TLS1_CK_PSK_WITH_NULL_SHA384 = $030000B1;
+  TLS1_CK_DHE_PSK_WITH_AES_128_CBC_SHA256 = $030000B2;
+  TLS1_CK_DHE_PSK_WITH_AES_256_CBC_SHA384 = $030000B3;
+  TLS1_CK_DHE_PSK_WITH_NULL_SHA256 = $030000B4;
+  TLS1_CK_DHE_PSK_WITH_NULL_SHA384 = $030000B5;
+  TLS1_CK_RSA_PSK_WITH_AES_128_CBC_SHA256 = $030000B6;
+  TLS1_CK_RSA_PSK_WITH_AES_256_CBC_SHA384 = $030000B7;
+  TLS1_CK_RSA_PSK_WITH_NULL_SHA256 = $030000B8;
+  TLS1_CK_RSA_PSK_WITH_NULL_SHA384 = $030000B9;
+
+  (* NULL PSK ciphersuites from RFC4785 *)
+  TLS1_CK_PSK_WITH_NULL_SHA = $0300002C;
+  TLS1_CK_DHE_PSK_WITH_NULL_SHA = $0300002D;
+  TLS1_CK_RSA_PSK_WITH_NULL_SHA = $0300002E;
+
+  (* AES ciphersuites from RFC3268 *)
+  TLS1_CK_RSA_WITH_AES_128_SHA = $0300002F;
+  TLS1_CK_DH_DSS_WITH_AES_128_SHA = $03000030;
+  TLS1_CK_DH_RSA_WITH_AES_128_SHA = $03000031;
+  TLS1_CK_DHE_DSS_WITH_AES_128_SHA = $03000032;
+  TLS1_CK_DHE_RSA_WITH_AES_128_SHA = $03000033;
+  TLS1_CK_ADH_WITH_AES_128_SHA = $03000034;
+  TLS1_CK_RSA_WITH_AES_256_SHA = $03000035;
+  TLS1_CK_DH_DSS_WITH_AES_256_SHA = $03000036;
+  TLS1_CK_DH_RSA_WITH_AES_256_SHA = $03000037;
+  TLS1_CK_DHE_DSS_WITH_AES_256_SHA = $03000038;
+  TLS1_CK_DHE_RSA_WITH_AES_256_SHA = $03000039;
+  TLS1_CK_ADH_WITH_AES_256_SHA = $0300003A;
+
+  (* TLS v1.2 ciphersuites *)
+  TLS1_CK_RSA_WITH_NULL_SHA256 = $0300003B;
+  TLS1_CK_RSA_WITH_AES_128_SHA256 = $0300003C;
+  TLS1_CK_RSA_WITH_AES_256_SHA256 = $0300003D;
+  TLS1_CK_DH_DSS_WITH_AES_128_SHA256 = $0300003E;
+  TLS1_CK_DH_RSA_WITH_AES_128_SHA256 = $0300003F;
+  TLS1_CK_DHE_DSS_WITH_AES_128_SHA256 = $03000040;
+
+  (* Camellia ciphersuites from RFC4132 *)
+  TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA = $03000041;
+  TLS1_CK_DH_DSS_WITH_CAMELLIA_128_CBC_SHA = $03000042;
+  TLS1_CK_DH_RSA_WITH_CAMELLIA_128_CBC_SHA = $03000043;
+  TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA = $03000044;
+  TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA = $03000045;
+  TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA = $03000046;
+
+  (* TLS v1.2 ciphersuites *)
+  TLS1_CK_DHE_RSA_WITH_AES_128_SHA256 = $03000067;
+  TLS1_CK_DH_DSS_WITH_AES_256_SHA256 = $03000068;
+  TLS1_CK_DH_RSA_WITH_AES_256_SHA256 = $03000069;
+  TLS1_CK_DHE_DSS_WITH_AES_256_SHA256 = $0300006A;
+  TLS1_CK_DHE_RSA_WITH_AES_256_SHA256 = $0300006B;
+  TLS1_CK_ADH_WITH_AES_128_SHA256 = $0300006C;
+  TLS1_CK_ADH_WITH_AES_256_SHA256 = $0300006D;
+
+  (* Camellia ciphersuites from RFC4132 *)
+  TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA = $03000084;
+  TLS1_CK_DH_DSS_WITH_CAMELLIA_256_CBC_SHA = $03000085;
+  TLS1_CK_DH_RSA_WITH_CAMELLIA_256_CBC_SHA = $03000086;
+  TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA = $03000087;
+  TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA = $03000088;
+  TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA = $03000089;
+
+  (* SEED ciphersuites from RFC4162 *)
+  TLS1_CK_RSA_WITH_SEED_SHA = $03000096;
+  TLS1_CK_DH_DSS_WITH_SEED_SHA = $03000097;
+  TLS1_CK_DH_RSA_WITH_SEED_SHA = $03000098;
+  TLS1_CK_DHE_DSS_WITH_SEED_SHA = $03000099;
+  TLS1_CK_DHE_RSA_WITH_SEED_SHA = $0300009A;
+  TLS1_CK_ADH_WITH_SEED_SHA = $0300009B;
+
+  (* TLS v1.2 GCM ciphersuites from RFC5288 *)
+  TLS1_CK_RSA_WITH_AES_128_GCM_SHA256 = $0300009C;
+  TLS1_CK_RSA_WITH_AES_256_GCM_SHA384 = $0300009D;
+  TLS1_CK_DHE_RSA_WITH_AES_128_GCM_SHA256 = $0300009E;
+  TLS1_CK_DHE_RSA_WITH_AES_256_GCM_SHA384 = $0300009F;
+  TLS1_CK_DH_RSA_WITH_AES_128_GCM_SHA256 = $030000A0;
+  TLS1_CK_DH_RSA_WITH_AES_256_GCM_SHA384 = $030000A1;
+  TLS1_CK_DHE_DSS_WITH_AES_128_GCM_SHA256 = $030000A2;
+  TLS1_CK_DHE_DSS_WITH_AES_256_GCM_SHA384 = $030000A3;
+  TLS1_CK_DH_DSS_WITH_AES_128_GCM_SHA256 = $030000A4;
+  TLS1_CK_DH_DSS_WITH_AES_256_GCM_SHA384 = $030000A5;
+  TLS1_CK_ADH_WITH_AES_128_GCM_SHA256 = $030000A6;
+  TLS1_CK_ADH_WITH_AES_256_GCM_SHA384 = $030000A7;
+
+  (* CCM ciphersuites from RFC6655 *)
+  TLS1_CK_RSA_WITH_AES_128_CCM = $0300C09C;
+  TLS1_CK_RSA_WITH_AES_256_CCM = $0300C09D;
+  TLS1_CK_DHE_RSA_WITH_AES_128_CCM = $0300C09E;
+  TLS1_CK_DHE_RSA_WITH_AES_256_CCM = $0300C09F;
+  TLS1_CK_RSA_WITH_AES_128_CCM_8 = $0300C0A0;
+  TLS1_CK_RSA_WITH_AES_256_CCM_8 = $0300C0A1;
+  TLS1_CK_DHE_RSA_WITH_AES_128_CCM_8 = $0300C0A2;
+  TLS1_CK_DHE_RSA_WITH_AES_256_CCM_8 = $0300C0A3;
+  TLS1_CK_PSK_WITH_AES_128_CCM = $0300C0A4;
+  TLS1_CK_PSK_WITH_AES_256_CCM = $0300C0A5;
+  TLS1_CK_DHE_PSK_WITH_AES_128_CCM = $0300C0A6;
+  TLS1_CK_DHE_PSK_WITH_AES_256_CCM = $0300C0A7;
+  TLS1_CK_PSK_WITH_AES_128_CCM_8 = $0300C0A8;
+  TLS1_CK_PSK_WITH_AES_256_CCM_8 = $0300C0A9;
+  TLS1_CK_DHE_PSK_WITH_AES_128_CCM_8 = $0300C0AA;
+  TLS1_CK_DHE_PSK_WITH_AES_256_CCM_8 = $0300C0AB;
+
+  (* CCM ciphersuites from RFC7251 *)
+  TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CCM = $0300C0AC;
+  TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CCM = $0300C0AD;
+  TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CCM_8 = $0300C0AE;
+  TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CCM_8 = $0300C0AF;
+
+  (* TLS 1.2 Camellia SHA-256 ciphersuites from RFC5932 *)
+  TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA256 = $030000BA;
+  TLS1_CK_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256 = $030000BB;
+  TLS1_CK_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256 = $030000BC;
+  TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256 = $030000BD;
+  TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 = $030000BE;
+  TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA256 = $030000BF;
+
+  TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA256 = $030000C0;
+  TLS1_CK_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256 = $030000C1;
+  TLS1_CK_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256 = $030000C2;
+  TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256 = $030000C3;
+  TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 = $030000C4;
+  TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA256 = $030000C5;
+
+  (* ECC ciphersuites from RFC4492 *)
+  TLS1_CK_ECDH_ECDSA_WITH_NULL_SHA = $0300C001;
+  TLS1_CK_ECDH_ECDSA_WITH_RC4_128_SHA = $0300C002;
+  TLS1_CK_ECDH_ECDSA_WITH_DES_192_CBC3_SHA = $0300C003;
+  TLS1_CK_ECDH_ECDSA_WITH_AES_128_CBC_SHA = $0300C004;
+  TLS1_CK_ECDH_ECDSA_WITH_AES_256_CBC_SHA = $0300C005;
+
+  TLS1_CK_ECDHE_ECDSA_WITH_NULL_SHA = $0300C006;
+  TLS1_CK_ECDHE_ECDSA_WITH_RC4_128_SHA = $0300C007;
+  TLS1_CK_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA = $0300C008;
+  TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CBC_SHA = $0300C009;
+  TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA = $0300C00A;
+
+  TLS1_CK_ECDH_RSA_WITH_NULL_SHA = $0300C00B;
+  TLS1_CK_ECDH_RSA_WITH_RC4_128_SHA = $0300C00C;
+  TLS1_CK_ECDH_RSA_WITH_DES_192_CBC3_SHA = $0300C00D;
+  TLS1_CK_ECDH_RSA_WITH_AES_128_CBC_SHA = $0300C00E;
+  TLS1_CK_ECDH_RSA_WITH_AES_256_CBC_SHA = $0300C00F;
+
+  TLS1_CK_ECDHE_RSA_WITH_NULL_SHA = $0300C010;
+  TLS1_CK_ECDHE_RSA_WITH_RC4_128_SHA = $0300C011;
+  TLS1_CK_ECDHE_RSA_WITH_DES_192_CBC3_SHA = $0300C012;
+  TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA = $0300C013;
+  TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA = $0300C014;
+
+  TLS1_CK_ECDH_anon_WITH_NULL_SHA = $0300C015;
+  TLS1_CK_ECDH_anon_WITH_RC4_128_SHA = $0300C016;
+  TLS1_CK_ECDH_anon_WITH_DES_192_CBC3_SHA = $0300C017;
+  TLS1_CK_ECDH_anon_WITH_AES_128_CBC_SHA = $0300C018;
+  TLS1_CK_ECDH_anon_WITH_AES_256_CBC_SHA = $0300C019;
+
+  (* SRP ciphersuites from RFC 5054 *)
+  TLS1_CK_SRP_SHA_WITH_3DES_EDE_CBC_SHA = $0300C01A;
+  TLS1_CK_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA = $0300C01B;
+  TLS1_CK_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA = $0300C01C;
+  TLS1_CK_SRP_SHA_WITH_AES_128_CBC_SHA = $0300C01D;
+  TLS1_CK_SRP_SHA_RSA_WITH_AES_128_CBC_SHA = $0300C01E;
+  TLS1_CK_SRP_SHA_DSS_WITH_AES_128_CBC_SHA = $0300C01F;
+  TLS1_CK_SRP_SHA_WITH_AES_256_CBC_SHA = $0300C020;
+  TLS1_CK_SRP_SHA_RSA_WITH_AES_256_CBC_SHA = $0300C021;
+  TLS1_CK_SRP_SHA_DSS_WITH_AES_256_CBC_SHA = $0300C022;
+
+  (* ECDH HMAC based ciphersuites from RFC5289 *)
+  TLS1_CK_ECDHE_ECDSA_WITH_AES_128_SHA256 = $0300C023;
+  TLS1_CK_ECDHE_ECDSA_WITH_AES_256_SHA384 = $0300C024;
+  TLS1_CK_ECDH_ECDSA_WITH_AES_128_SHA256 = $0300C025;
+  TLS1_CK_ECDH_ECDSA_WITH_AES_256_SHA384 = $0300C026;
+  TLS1_CK_ECDHE_RSA_WITH_AES_128_SHA256 = $0300C027;
+  TLS1_CK_ECDHE_RSA_WITH_AES_256_SHA384 = $0300C028;
+  TLS1_CK_ECDH_RSA_WITH_AES_128_SHA256 = $0300C029;
+  TLS1_CK_ECDH_RSA_WITH_AES_256_SHA384 = $0300C02A;
+
+  (* ECDH GCM based ciphersuites from RFC5289 *)
+  TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 = $0300C02B;
+  TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 = $0300C02C;
+  TLS1_CK_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 = $0300C02D;
+  TLS1_CK_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 = $0300C02E;
+  TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256 = $0300C02F;
+  TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384 = $0300C030;
+  TLS1_CK_ECDH_RSA_WITH_AES_128_GCM_SHA256 = $0300C031;
+  TLS1_CK_ECDH_RSA_WITH_AES_256_GCM_SHA384 = $0300C032;
+
+  (* ECDHE PSK ciphersuites from RFC5489 *)
+  TLS1_CK_ECDHE_PSK_WITH_RC4_128_SHA = $0300C033;
+  TLS1_CK_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA = $0300C034;
+  TLS1_CK_ECDHE_PSK_WITH_AES_128_CBC_SHA = $0300C035;
+  TLS1_CK_ECDHE_PSK_WITH_AES_256_CBC_SHA = $0300C036;
+  TLS1_CK_ECDHE_PSK_WITH_AES_128_CBC_SHA256 = $0300C037;
+  TLS1_CK_ECDHE_PSK_WITH_AES_256_CBC_SHA384 = $0300C038;
+  TLS1_CK_ECDHE_PSK_WITH_NULL_SHA = $0300C039;
+
+  TLS1_CK_ECDHE_PSK_WITH_NULL_SHA256 = $0300C03A;
+  TLS1_CK_ECDHE_PSK_WITH_NULL_SHA384 = $0300C03B;
+
+  (* Camellia-CBC ciphersuites from RFC6367 *)
+  TLS1_CK_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 = $0300C072;
+  TLS1_CK_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 = $0300C073;
+  TLS1_CK_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 = $0300C074;
+  TLS1_CK_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 = $0300C075;
+  TLS1_CK_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 = $0300C076;
+  TLS1_CK_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 = $0300C077;
+  TLS1_CK_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 = $0300C078;
+  TLS1_CK_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 = $0300C079;
+
+  TLS1_CK_PSK_WITH_CAMELLIA_128_CBC_SHA256 = $0300C094;
+  TLS1_CK_PSK_WITH_CAMELLIA_256_CBC_SHA384 = $0300C095;
+  TLS1_CK_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 = $0300C096;
+  TLS1_CK_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 = $0300C097;
+  TLS1_CK_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 = $0300C098;
+  TLS1_CK_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 = $0300C099;
+  TLS1_CK_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 = $0300C09A;
+  TLS1_CK_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 = $0300C09B;
+
+  (* draft-ietf-tls-chacha20-poly1305-03 *)
+  TLS1_CK_ECDHE_RSA_WITH_CHACHA20_POLY1305 = $0300CCA8;
+  TLS1_CK_ECDHE_ECDSA_WITH_CHACHA20_POLY1305 = $0300CCA9;
+  TLS1_CK_DHE_RSA_WITH_CHACHA20_POLY1305 = $0300CCAA;
+  TLS1_CK_PSK_WITH_CHACHA20_POLY1305 = $0300CCAB;
+  TLS1_CK_ECDHE_PSK_WITH_CHACHA20_POLY1305 = $0300CCAC;
+  TLS1_CK_DHE_PSK_WITH_CHACHA20_POLY1305 = $0300CCAD;
+  TLS1_CK_RSA_PSK_WITH_CHACHA20_POLY1305 = $0300CCAE;
+
+  (* TLS v1.3 ciphersuites *)
+  TLS1_3_CK_AES_128_GCM_SHA256 = $03001301;
+  TLS1_3_CK_AES_256_GCM_SHA384 = $03001302;
+  TLS1_3_CK_CHACHA20_POLY1305_SHA256 = $03001303;
+  TLS1_3_CK_AES_128_CCM_SHA256 = $03001304;
+  TLS1_3_CK_AES_128_CCM_8_SHA256 = $03001305;
+
+  (* Aria ciphersuites from RFC6209 *)
+  TLS1_CK_RSA_WITH_ARIA_128_GCM_SHA256 = $0300C050;
+  TLS1_CK_RSA_WITH_ARIA_256_GCM_SHA384 = $0300C051;
+  TLS1_CK_DHE_RSA_WITH_ARIA_128_GCM_SHA256 = $0300C052;
+  TLS1_CK_DHE_RSA_WITH_ARIA_256_GCM_SHA384 = $0300C053;
+  TLS1_CK_DH_RSA_WITH_ARIA_128_GCM_SHA256 = $0300C054;
+  TLS1_CK_DH_RSA_WITH_ARIA_256_GCM_SHA384 = $0300C055;
+  TLS1_CK_DHE_DSS_WITH_ARIA_128_GCM_SHA256 = $0300C056;
+  TLS1_CK_DHE_DSS_WITH_ARIA_256_GCM_SHA384 = $0300C057;
+  TLS1_CK_DH_DSS_WITH_ARIA_128_GCM_SHA256 = $0300C058;
+  TLS1_CK_DH_DSS_WITH_ARIA_256_GCM_SHA384 = $0300C059;
+  TLS1_CK_DH_anon_WITH_ARIA_128_GCM_SHA256 = $0300C05A;
+  TLS1_CK_DH_anon_WITH_ARIA_256_GCM_SHA384 = $0300C05B;
+  TLS1_CK_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256 = $0300C05C;
+  TLS1_CK_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384 = $0300C05D;
+  TLS1_CK_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256 = $0300C05E;
+  TLS1_CK_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384 = $0300C05F;
+  TLS1_CK_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 = $0300C060;
+  TLS1_CK_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 = $0300C061;
+  TLS1_CK_ECDH_RSA_WITH_ARIA_128_GCM_SHA256 = $0300C062;
+  TLS1_CK_ECDH_RSA_WITH_ARIA_256_GCM_SHA384 = $0300C063;
+  TLS1_CK_PSK_WITH_ARIA_128_GCM_SHA256 = $0300C06A;
+  TLS1_CK_PSK_WITH_ARIA_256_GCM_SHA384 = $0300C06B;
+  TLS1_CK_DHE_PSK_WITH_ARIA_128_GCM_SHA256 = $0300C06C;
+  TLS1_CK_DHE_PSK_WITH_ARIA_256_GCM_SHA384 = $0300C06D;
+  TLS1_CK_RSA_PSK_WITH_ARIA_128_GCM_SHA256 = $0300C06E;
+  TLS1_CK_RSA_PSK_WITH_ARIA_256_GCM_SHA384 = $0300C06F;
+
+  (* a bundle of RFC standard cipher names, generated from ssl3_ciphers[] *)
+  TLS1_RFC_RSA_WITH_AES_128_SHA = 'TLS_RSA_WITH_AES_128_CBC_SHA';
+  TLS1_RFC_DHE_DSS_WITH_AES_128_SHA = 'TLS_DHE_DSS_WITH_AES_128_CBC_SHA';
+  TLS1_RFC_DHE_RSA_WITH_AES_128_SHA = 'TLS_DHE_RSA_WITH_AES_128_CBC_SHA';
+  TLS1_RFC_ADH_WITH_AES_128_SHA = 'TLS_DH_anon_WITH_AES_128_CBC_SHA';
+  TLS1_RFC_RSA_WITH_AES_256_SHA = 'TLS_RSA_WITH_AES_256_CBC_SHA';
+  TLS1_RFC_DHE_DSS_WITH_AES_256_SHA = 'TLS_DHE_DSS_WITH_AES_256_CBC_SHA';
+  TLS1_RFC_DHE_RSA_WITH_AES_256_SHA = 'TLS_DHE_RSA_WITH_AES_256_CBC_SHA';
+  TLS1_RFC_ADH_WITH_AES_256_SHA = 'TLS_DH_anon_WITH_AES_256_CBC_SHA';
+  TLS1_RFC_RSA_WITH_NULL_SHA256 = 'TLS_RSA_WITH_NULL_SHA256';
+  TLS1_RFC_RSA_WITH_AES_128_SHA256 = 'TLS_RSA_WITH_AES_128_CBC_SHA256';
+  TLS1_RFC_RSA_WITH_AES_256_SHA256 = 'TLS_RSA_WITH_AES_256_CBC_SHA256';
+  TLS1_RFC_DHE_DSS_WITH_AES_128_SHA256 = 'TLS_DHE_DSS_WITH_AES_128_CBC_SHA256';
+  TLS1_RFC_DHE_RSA_WITH_AES_128_SHA256 = 'TLS_DHE_RSA_WITH_AES_128_CBC_SHA256';
+  TLS1_RFC_DHE_DSS_WITH_AES_256_SHA256 = 'TLS_DHE_DSS_WITH_AES_256_CBC_SHA256';
+  TLS1_RFC_DHE_RSA_WITH_AES_256_SHA256 = 'TLS_DHE_RSA_WITH_AES_256_CBC_SHA256';
+  TLS1_RFC_ADH_WITH_AES_128_SHA256 = 'TLS_DH_anon_WITH_AES_128_CBC_SHA256';
+  TLS1_RFC_ADH_WITH_AES_256_SHA256 = 'TLS_DH_anon_WITH_AES_256_CBC_SHA256';
+  TLS1_RFC_RSA_WITH_AES_128_GCM_SHA256 = 'TLS_RSA_WITH_AES_128_GCM_SHA256';
+  TLS1_RFC_RSA_WITH_AES_256_GCM_SHA384 = 'TLS_RSA_WITH_AES_256_GCM_SHA384';
+  TLS1_RFC_DHE_RSA_WITH_AES_128_GCM_SHA256 = 'TLS_DHE_RSA_WITH_AES_128_GCM_SHA256';
+  TLS1_RFC_DHE_RSA_WITH_AES_256_GCM_SHA384 = 'TLS_DHE_RSA_WITH_AES_256_GCM_SHA384';
+  TLS1_RFC_DHE_DSS_WITH_AES_128_GCM_SHA256 = 'TLS_DHE_DSS_WITH_AES_128_GCM_SHA256';
+  TLS1_RFC_DHE_DSS_WITH_AES_256_GCM_SHA384 = 'TLS_DHE_DSS_WITH_AES_256_GCM_SHA384';
+  TLS1_RFC_ADH_WITH_AES_128_GCM_SHA256 = 'TLS_DH_anon_WITH_AES_128_GCM_SHA256';
+  TLS1_RFC_ADH_WITH_AES_256_GCM_SHA384 = 'TLS_DH_anon_WITH_AES_256_GCM_SHA384';
+  TLS1_RFC_RSA_WITH_AES_128_CCM = 'TLS_RSA_WITH_AES_128_CCM';
+  TLS1_RFC_RSA_WITH_AES_256_CCM = 'TLS_RSA_WITH_AES_256_CCM';
+  TLS1_RFC_DHE_RSA_WITH_AES_128_CCM = 'TLS_DHE_RSA_WITH_AES_128_CCM';
+  TLS1_RFC_DHE_RSA_WITH_AES_256_CCM = 'TLS_DHE_RSA_WITH_AES_256_CCM';
+  TLS1_RFC_RSA_WITH_AES_128_CCM_8 = 'TLS_RSA_WITH_AES_128_CCM_8';
+  TLS1_RFC_RSA_WITH_AES_256_CCM_8 = 'TLS_RSA_WITH_AES_256_CCM_8';
+  TLS1_RFC_DHE_RSA_WITH_AES_128_CCM_8 = 'TLS_DHE_RSA_WITH_AES_128_CCM_8';
+  TLS1_RFC_DHE_RSA_WITH_AES_256_CCM_8 = 'TLS_DHE_RSA_WITH_AES_256_CCM_8';
+  TLS1_RFC_PSK_WITH_AES_128_CCM = 'TLS_PSK_WITH_AES_128_CCM';
+  TLS1_RFC_PSK_WITH_AES_256_CCM = 'TLS_PSK_WITH_AES_256_CCM';
+  TLS1_RFC_DHE_PSK_WITH_AES_128_CCM = 'TLS_DHE_PSK_WITH_AES_128_CCM';
+  TLS1_RFC_DHE_PSK_WITH_AES_256_CCM = 'TLS_DHE_PSK_WITH_AES_256_CCM';
+  TLS1_RFC_PSK_WITH_AES_128_CCM_8 = 'TLS_PSK_WITH_AES_128_CCM_8';
+  TLS1_RFC_PSK_WITH_AES_256_CCM_8 = 'TLS_PSK_WITH_AES_256_CCM_8';
+  TLS1_RFC_DHE_PSK_WITH_AES_128_CCM_8 = 'TLS_PSK_DHE_WITH_AES_128_CCM_8';
+  TLS1_RFC_DHE_PSK_WITH_AES_256_CCM_8 = 'TLS_PSK_DHE_WITH_AES_256_CCM_8';
+  TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_CCM = 'TLS_ECDHE_ECDSA_WITH_AES_128_CCM';
+  TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_CCM = 'TLS_ECDHE_ECDSA_WITH_AES_256_CCM';
+  TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_CCM_8 = 'TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8';
+  TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_CCM_8 = 'TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8';
+  TLS1_3_RFC_AES_128_GCM_SHA256 = 'TLS_AES_128_GCM_SHA256';
+  TLS1_3_RFC_AES_256_GCM_SHA384 = 'TLS_AES_256_GCM_SHA384';
+  TLS1_3_RFC_CHACHA20_POLY1305_SHA256 = 'TLS_CHACHA20_POLY1305_SHA256';
+  TLS1_3_RFC_AES_128_CCM_SHA256 = 'TLS_AES_128_CCM_SHA256';
+  TLS1_3_RFC_AES_128_CCM_8_SHA256 = 'TLS_AES_128_CCM_8_SHA256';
+  TLS1_RFC_ECDHE_ECDSA_WITH_NULL_SHA = 'TLS_ECDHE_ECDSA_WITH_NULL_SHA';
+  TLS1_RFC_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA = 'TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA';
+  TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_CBC_SHA = 'TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA';
+  TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_CBC_SHA = 'TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA';
+  TLS1_RFC_ECDHE_RSA_WITH_NULL_SHA = 'TLS_ECDHE_RSA_WITH_NULL_SHA';
+  TLS1_RFC_ECDHE_RSA_WITH_DES_192_CBC3_SHA = 'TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA';
+  TLS1_RFC_ECDHE_RSA_WITH_AES_128_CBC_SHA = 'TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA';
+  TLS1_RFC_ECDHE_RSA_WITH_AES_256_CBC_SHA = 'TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA';
+  TLS1_RFC_ECDH_anon_WITH_NULL_SHA = 'TLS_ECDH_anon_WITH_NULL_SHA';
+  TLS1_RFC_ECDH_anon_WITH_DES_192_CBC3_SHA = 'TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA';
+  TLS1_RFC_ECDH_anon_WITH_AES_128_CBC_SHA = 'TLS_ECDH_anon_WITH_AES_128_CBC_SHA';
+  TLS1_RFC_ECDH_anon_WITH_AES_256_CBC_SHA = 'TLS_ECDH_anon_WITH_AES_256_CBC_SHA';
+  TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_SHA256 = 'TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256';
+  TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_SHA384 = 'TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384';
+  TLS1_RFC_ECDHE_RSA_WITH_AES_128_SHA256 = 'TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256';
+  TLS1_RFC_ECDHE_RSA_WITH_AES_256_SHA384 = 'TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384';
+  TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 = 'TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256';
+  TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 = 'TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384';
+  TLS1_RFC_ECDHE_RSA_WITH_AES_128_GCM_SHA256 = 'TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256';
+  TLS1_RFC_ECDHE_RSA_WITH_AES_256_GCM_SHA384 = 'TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384';
+  TLS1_RFC_PSK_WITH_NULL_SHA = 'TLS_PSK_WITH_NULL_SHA';
+  TLS1_RFC_DHE_PSK_WITH_NULL_SHA = 'TLS_DHE_PSK_WITH_NULL_SHA';
+  TLS1_RFC_RSA_PSK_WITH_NULL_SHA = 'TLS_RSA_PSK_WITH_NULL_SHA';
+  TLS1_RFC_PSK_WITH_3DES_EDE_CBC_SHA = 'TLS_PSK_WITH_3DES_EDE_CBC_SHA';
+  TLS1_RFC_PSK_WITH_AES_128_CBC_SHA = 'TLS_PSK_WITH_AES_128_CBC_SHA';
+  TLS1_RFC_PSK_WITH_AES_256_CBC_SHA = 'TLS_PSK_WITH_AES_256_CBC_SHA';
+  TLS1_RFC_DHE_PSK_WITH_3DES_EDE_CBC_SHA = 'TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA';
+  TLS1_RFC_DHE_PSK_WITH_AES_128_CBC_SHA = 'TLS_DHE_PSK_WITH_AES_128_CBC_SHA';
+  TLS1_RFC_DHE_PSK_WITH_AES_256_CBC_SHA = 'TLS_DHE_PSK_WITH_AES_256_CBC_SHA';
+  TLS1_RFC_RSA_PSK_WITH_3DES_EDE_CBC_SHA = 'TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA';
+  TLS1_RFC_RSA_PSK_WITH_AES_128_CBC_SHA = 'TLS_RSA_PSK_WITH_AES_128_CBC_SHA';
+  TLS1_RFC_RSA_PSK_WITH_AES_256_CBC_SHA = 'TLS_RSA_PSK_WITH_AES_256_CBC_SHA';
+  TLS1_RFC_PSK_WITH_AES_128_GCM_SHA256 = 'TLS_PSK_WITH_AES_128_GCM_SHA256';
+  TLS1_RFC_PSK_WITH_AES_256_GCM_SHA384 = 'TLS_PSK_WITH_AES_256_GCM_SHA384';
+  TLS1_RFC_DHE_PSK_WITH_AES_128_GCM_SHA256 = 'TLS_DHE_PSK_WITH_AES_128_GCM_SHA256';
+  TLS1_RFC_DHE_PSK_WITH_AES_256_GCM_SHA384 = 'TLS_DHE_PSK_WITH_AES_256_GCM_SHA384';
+  TLS1_RFC_RSA_PSK_WITH_AES_128_GCM_SHA256 = 'TLS_RSA_PSK_WITH_AES_128_GCM_SHA256';
+  TLS1_RFC_RSA_PSK_WITH_AES_256_GCM_SHA384 = 'TLS_RSA_PSK_WITH_AES_256_GCM_SHA384';
+  TLS1_RFC_PSK_WITH_AES_128_CBC_SHA256 = 'TLS_PSK_WITH_AES_128_CBC_SHA256';
+  TLS1_RFC_PSK_WITH_AES_256_CBC_SHA384 = 'TLS_PSK_WITH_AES_256_CBC_SHA384';
+  TLS1_RFC_PSK_WITH_NULL_SHA256 = 'TLS_PSK_WITH_NULL_SHA256';
+  TLS1_RFC_PSK_WITH_NULL_SHA384 = 'TLS_PSK_WITH_NULL_SHA384';
+  TLS1_RFC_DHE_PSK_WITH_AES_128_CBC_SHA256 = 'TLS_DHE_PSK_WITH_AES_128_CBC_SHA256';
+  TLS1_RFC_DHE_PSK_WITH_AES_256_CBC_SHA384 = 'TLS_DHE_PSK_WITH_AES_256_CBC_SHA384';
+  TLS1_RFC_DHE_PSK_WITH_NULL_SHA256 = 'TLS_DHE_PSK_WITH_NULL_SHA256';
+  TLS1_RFC_DHE_PSK_WITH_NULL_SHA384 = 'TLS_DHE_PSK_WITH_NULL_SHA384';
+  TLS1_RFC_RSA_PSK_WITH_AES_128_CBC_SHA256 = 'TLS_RSA_PSK_WITH_AES_128_CBC_SHA256';
+  TLS1_RFC_RSA_PSK_WITH_AES_256_CBC_SHA384 = 'TLS_RSA_PSK_WITH_AES_256_CBC_SHA384';
+  TLS1_RFC_RSA_PSK_WITH_NULL_SHA256 = 'TLS_RSA_PSK_WITH_NULL_SHA256';
+  TLS1_RFC_RSA_PSK_WITH_NULL_SHA384 = 'TLS_RSA_PSK_WITH_NULL_SHA384';
+  TLS1_RFC_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA = 'TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA';
+  TLS1_RFC_ECDHE_PSK_WITH_AES_128_CBC_SHA = 'TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA';
+  TLS1_RFC_ECDHE_PSK_WITH_AES_256_CBC_SHA = 'TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA';
+  TLS1_RFC_ECDHE_PSK_WITH_AES_128_CBC_SHA256 = 'TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256';
+  TLS1_RFC_ECDHE_PSK_WITH_AES_256_CBC_SHA384 = 'TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384';
+  TLS1_RFC_ECDHE_PSK_WITH_NULL_SHA = 'TLS_ECDHE_PSK_WITH_NULL_SHA';
+  TLS1_RFC_ECDHE_PSK_WITH_NULL_SHA256 = 'TLS_ECDHE_PSK_WITH_NULL_SHA256';
+  TLS1_RFC_ECDHE_PSK_WITH_NULL_SHA384 = 'TLS_ECDHE_PSK_WITH_NULL_SHA384';
+  TLS1_RFC_SRP_SHA_WITH_3DES_EDE_CBC_SHA = 'TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA';
+  TLS1_RFC_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA = 'TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA';
+  TLS1_RFC_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA = 'TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA';
+  TLS1_RFC_SRP_SHA_WITH_AES_128_CBC_SHA = 'TLS_SRP_SHA_WITH_AES_128_CBC_SHA';
+  TLS1_RFC_SRP_SHA_RSA_WITH_AES_128_CBC_SHA = 'TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA';
+  TLS1_RFC_SRP_SHA_DSS_WITH_AES_128_CBC_SHA = 'TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA';
+  TLS1_RFC_SRP_SHA_WITH_AES_256_CBC_SHA = 'TLS_SRP_SHA_WITH_AES_256_CBC_SHA';
+  TLS1_RFC_SRP_SHA_RSA_WITH_AES_256_CBC_SHA = 'TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA';
+  TLS1_RFC_SRP_SHA_DSS_WITH_AES_256_CBC_SHA = 'TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA';
+  TLS1_RFC_DHE_RSA_WITH_CHACHA20_POLY1305 = 'TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256';
+  TLS1_RFC_ECDHE_RSA_WITH_CHACHA20_POLY1305 = 'TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256';
+  TLS1_RFC_ECDHE_ECDSA_WITH_CHACHA20_POLY1305 = 'TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256';
+  TLS1_RFC_PSK_WITH_CHACHA20_POLY1305 = 'TLS_PSK_WITH_CHACHA20_POLY1305_SHA256';
+  TLS1_RFC_ECDHE_PSK_WITH_CHACHA20_POLY1305 = 'TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256';
+  TLS1_RFC_DHE_PSK_WITH_CHACHA20_POLY1305 = 'TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256';
+  TLS1_RFC_RSA_PSK_WITH_CHACHA20_POLY1305 = 'TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256';
+  TLS1_RFC_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 'TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256';
+  TLS1_RFC_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256 = 'TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256';
+  TLS1_RFC_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 'TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256';
+  TLS1_RFC_ADH_WITH_CAMELLIA_128_CBC_SHA256 = 'TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256';
+  TLS1_RFC_RSA_WITH_CAMELLIA_256_CBC_SHA256 = 'TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256';
+  TLS1_RFC_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256 = 'TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256';
+  TLS1_RFC_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 = 'TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256';
+  TLS1_RFC_ADH_WITH_CAMELLIA_256_CBC_SHA256 = 'TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256';
+  TLS1_RFC_RSA_WITH_CAMELLIA_256_CBC_SHA = 'TLS_RSA_WITH_CAMELLIA_256_CBC_SHA';
+  TLS1_RFC_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA = 'TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA';
+  TLS1_RFC_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA = 'TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA';
+  TLS1_RFC_ADH_WITH_CAMELLIA_256_CBC_SHA = 'TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA';
+  TLS1_RFC_RSA_WITH_CAMELLIA_128_CBC_SHA = 'TLS_RSA_WITH_CAMELLIA_128_CBC_SHA';
+  TLS1_RFC_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA = 'TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA';
+  TLS1_RFC_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA = 'TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA';
+  TLS1_RFC_ADH_WITH_CAMELLIA_128_CBC_SHA = 'TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA';
+  TLS1_RFC_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 = 'TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256';
+  TLS1_RFC_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 = 'TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384';
+  TLS1_RFC_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 'TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256';
+  TLS1_RFC_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 = 'TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384';
+  TLS1_RFC_PSK_WITH_CAMELLIA_128_CBC_SHA256 = 'TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256';
+  TLS1_RFC_PSK_WITH_CAMELLIA_256_CBC_SHA384 = 'TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384';
+  TLS1_RFC_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 = 'TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256';
+  TLS1_RFC_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 = 'TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384';
+  TLS1_RFC_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 = 'TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256';
+  TLS1_RFC_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 = 'TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384';
+  TLS1_RFC_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 = 'TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256';
+  TLS1_RFC_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 = 'TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384';
+  TLS1_RFC_RSA_WITH_SEED_SHA = 'TLS_RSA_WITH_SEED_CBC_SHA';
+  TLS1_RFC_DHE_DSS_WITH_SEED_SHA = 'TLS_DHE_DSS_WITH_SEED_CBC_SHA';
+  TLS1_RFC_DHE_RSA_WITH_SEED_SHA = 'TLS_DHE_RSA_WITH_SEED_CBC_SHA';
+  TLS1_RFC_ADH_WITH_SEED_SHA = 'TLS_DH_anon_WITH_SEED_CBC_SHA';
+  TLS1_RFC_ECDHE_PSK_WITH_RC4_128_SHA = 'TLS_ECDHE_PSK_WITH_RC4_128_SHA';
+  TLS1_RFC_ECDH_anon_WITH_RC4_128_SHA = 'TLS_ECDH_anon_WITH_RC4_128_SHA';
+  TLS1_RFC_ECDHE_ECDSA_WITH_RC4_128_SHA = 'TLS_ECDHE_ECDSA_WITH_RC4_128_SHA';
+  TLS1_RFC_ECDHE_RSA_WITH_RC4_128_SHA = 'TLS_ECDHE_RSA_WITH_RC4_128_SHA';
+  TLS1_RFC_PSK_WITH_RC4_128_SHA = 'TLS_PSK_WITH_RC4_128_SHA';
+  TLS1_RFC_RSA_PSK_WITH_RC4_128_SHA = 'TLS_RSA_PSK_WITH_RC4_128_SHA';
+  TLS1_RFC_DHE_PSK_WITH_RC4_128_SHA = 'TLS_DHE_PSK_WITH_RC4_128_SHA';
+  TLS1_RFC_RSA_WITH_ARIA_128_GCM_SHA256 = 'TLS_RSA_WITH_ARIA_128_GCM_SHA256';
+  TLS1_RFC_RSA_WITH_ARIA_256_GCM_SHA384 = 'TLS_RSA_WITH_ARIA_256_GCM_SHA384';
+  TLS1_RFC_DHE_RSA_WITH_ARIA_128_GCM_SHA256 = 'TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256';
+  TLS1_RFC_DHE_RSA_WITH_ARIA_256_GCM_SHA384 = 'TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384';
+  TLS1_RFC_DH_RSA_WITH_ARIA_128_GCM_SHA256 = 'TLS_DH_RSA_WITH_ARIA_128_GCM_SHA256';
+  TLS1_RFC_DH_RSA_WITH_ARIA_256_GCM_SHA384 = 'TLS_DH_RSA_WITH_ARIA_256_GCM_SHA384';
+  TLS1_RFC_DHE_DSS_WITH_ARIA_128_GCM_SHA256 = 'TLS_DHE_DSS_WITH_ARIA_128_GCM_SHA256';
+  TLS1_RFC_DHE_DSS_WITH_ARIA_256_GCM_SHA384 = 'TLS_DHE_DSS_WITH_ARIA_256_GCM_SHA384';
+  TLS1_RFC_DH_DSS_WITH_ARIA_128_GCM_SHA256 = 'TLS_DH_DSS_WITH_ARIA_128_GCM_SHA256';
+  TLS1_RFC_DH_DSS_WITH_ARIA_256_GCM_SHA384 = 'TLS_DH_DSS_WITH_ARIA_256_GCM_SHA384';
+  TLS1_RFC_DH_anon_WITH_ARIA_128_GCM_SHA256 = 'TLS_DH_anon_WITH_ARIA_128_GCM_SHA256';
+  TLS1_RFC_DH_anon_WITH_ARIA_256_GCM_SHA384 = 'TLS_DH_anon_WITH_ARIA_256_GCM_SHA384';
+  TLS1_RFC_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256 = 'TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256';
+  TLS1_RFC_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384 = 'TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384';
+  TLS1_RFC_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256 = 'TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256';
+  TLS1_RFC_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384 = 'TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384';
+  TLS1_RFC_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 = 'TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256';
+  TLS1_RFC_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 = 'TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384';
+  TLS1_RFC_ECDH_RSA_WITH_ARIA_128_GCM_SHA256 = 'TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256';
+  TLS1_RFC_ECDH_RSA_WITH_ARIA_256_GCM_SHA384 = 'TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384';
+  TLS1_RFC_PSK_WITH_ARIA_128_GCM_SHA256 = 'TLS_PSK_WITH_ARIA_128_GCM_SHA256';
+  TLS1_RFC_PSK_WITH_ARIA_256_GCM_SHA384 = 'TLS_PSK_WITH_ARIA_256_GCM_SHA384';
+  TLS1_RFC_DHE_PSK_WITH_ARIA_128_GCM_SHA256 = 'TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256';
+  TLS1_RFC_DHE_PSK_WITH_ARIA_256_GCM_SHA384 = 'TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384';
+  TLS1_RFC_RSA_PSK_WITH_ARIA_128_GCM_SHA256 = 'TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256';
+  TLS1_RFC_RSA_PSK_WITH_ARIA_256_GCM_SHA384 = 'TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384';
+
+  (*
+   * XXX Backward compatibility alert: Older versions of OpenSSL gave some DHE
+   * ciphers names with "EDH" instead of "DHE".  Going forward, we should be
+   * using DHE everywhere, though we may indefinitely maTIdC_INTain aliases for
+   * users or configurations that used "EDH"
+   *)
+  TLS1_TXT_DHE_DSS_WITH_RC4_128_SHA = 'DHE-DSS-RC4-SHA';
+
+  TLS1_TXT_PSK_WITH_NULL_SHA = 'PSK-NULL-SHA';
+  TLS1_TXT_DHE_PSK_WITH_NULL_SHA = 'DHE-PSK-NULL-SHA';
+  TLS1_TXT_RSA_PSK_WITH_NULL_SHA = 'RSA-PSK-NULL-SHA';
+
+  (* AES ciphersuites from RFC3268 *)
+  TLS1_TXT_RSA_WITH_AES_128_SHA = 'AES128-SHA';
+  TLS1_TXT_DH_DSS_WITH_AES_128_SHA = 'DH-DSS-AES128-SHA';
+  TLS1_TXT_DH_RSA_WITH_AES_128_SHA = 'DH-RSA-AES128-SHA';
+  TLS1_TXT_DHE_DSS_WITH_AES_128_SHA = 'DHE-DSS-AES128-SHA';
+  TLS1_TXT_DHE_RSA_WITH_AES_128_SHA = 'DHE-RSA-AES128-SHA';
+  TLS1_TXT_ADH_WITH_AES_128_SHA = 'ADH-AES128-SHA';
+
+  TLS1_TXT_RSA_WITH_AES_256_SHA = 'AES256-SHA';
+  TLS1_TXT_DH_DSS_WITH_AES_256_SHA = 'DH-DSS-AES256-SHA';
+  TLS1_TXT_DH_RSA_WITH_AES_256_SHA = 'DH-RSA-AES256-SHA';
+  TLS1_TXT_DHE_DSS_WITH_AES_256_SHA = 'DHE-DSS-AES256-SHA';
+  TLS1_TXT_DHE_RSA_WITH_AES_256_SHA = 'DHE-RSA-AES256-SHA';
+  TLS1_TXT_ADH_WITH_AES_256_SHA = 'ADH-AES256-SHA';
+
+  (* ECC ciphersuites from RFC4492 *)
+  TLS1_TXT_ECDH_ECDSA_WITH_NULL_SHA = 'ECDH-ECDSA-NULL-SHA';
+  TLS1_TXT_ECDH_ECDSA_WITH_RC4_128_SHA = 'ECDH-ECDSA-RC4-SHA';
+  TLS1_TXT_ECDH_ECDSA_WITH_DES_192_CBC3_SHA = 'ECDH-ECDSA-DES-CBC3-SHA';
+  TLS1_TXT_ECDH_ECDSA_WITH_AES_128_CBC_SHA = 'ECDH-ECDSA-AES128-SHA';
+  TLS1_TXT_ECDH_ECDSA_WITH_AES_256_CBC_SHA = 'ECDH-ECDSA-AES256-SHA';
+
+  TLS1_TXT_ECDHE_ECDSA_WITH_NULL_SHA = 'ECDHE-ECDSA-NULL-SHA';
+  TLS1_TXT_ECDHE_ECDSA_WITH_RC4_128_SHA = 'ECDHE-ECDSA-RC4-SHA';
+  TLS1_TXT_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA = 'ECDHE-ECDSA-DES-CBC3-SHA';
+  TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CBC_SHA = 'ECDHE-ECDSA-AES128-SHA';
+  TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CBC_SHA = 'ECDHE-ECDSA-AES256-SHA';
+
+  TLS1_TXT_ECDH_RSA_WITH_NULL_SHA = 'ECDH-RSA-NULL-SHA';
+  TLS1_TXT_ECDH_RSA_WITH_RC4_128_SHA = 'ECDH-RSA-RC4-SHA';
+  TLS1_TXT_ECDH_RSA_WITH_DES_192_CBC3_SHA = 'ECDH-RSA-DES-CBC3-SHA';
+  TLS1_TXT_ECDH_RSA_WITH_AES_128_CBC_SHA = 'ECDH-RSA-AES128-SHA';
+  TLS1_TXT_ECDH_RSA_WITH_AES_256_CBC_SHA = 'ECDH-RSA-AES256-SHA';
+
+  TLS1_TXT_ECDHE_RSA_WITH_NULL_SHA = 'ECDHE-RSA-NULL-SHA';
+  TLS1_TXT_ECDHE_RSA_WITH_RC4_128_SHA = 'ECDHE-RSA-RC4-SHA';
+  TLS1_TXT_ECDHE_RSA_WITH_DES_192_CBC3_SHA = 'ECDHE-RSA-DES-CBC3-SHA';
+  TLS1_TXT_ECDHE_RSA_WITH_AES_128_CBC_SHA = 'ECDHE-RSA-AES128-SHA';
+  TLS1_TXT_ECDHE_RSA_WITH_AES_256_CBC_SHA = 'ECDHE-RSA-AES256-SHA';
+
+  TLS1_TXT_ECDH_anon_WITH_NULL_SHA = 'AECDH-NULL-SHA';
+  TLS1_TXT_ECDH_anon_WITH_RC4_128_SHA = 'AECDH-RC4-SHA';
+  TLS1_TXT_ECDH_anon_WITH_DES_192_CBC3_SHA = 'AECDH-DES-CBC3-SHA';
+  TLS1_TXT_ECDH_anon_WITH_AES_128_CBC_SHA = 'AECDH-AES128-SHA';
+  TLS1_TXT_ECDH_anon_WITH_AES_256_CBC_SHA = 'AECDH-AES256-SHA';
+
+  (* PSK ciphersuites from RFC 4279 *)
+  TLS1_TXT_PSK_WITH_RC4_128_SHA = 'PSK-RC4-SHA';
+  TLS1_TXT_PSK_WITH_3DES_EDE_CBC_SHA = 'PSK-3DES-EDE-CBC-SHA';
+  TLS1_TXT_PSK_WITH_AES_128_CBC_SHA = 'PSK-AES128-CBC-SHA';
+  TLS1_TXT_PSK_WITH_AES_256_CBC_SHA = 'PSK-AES256-CBC-SHA';
+
+  TLS1_TXT_DHE_PSK_WITH_RC4_128_SHA = 'DHE-PSK-RC4-SHA';
+  TLS1_TXT_DHE_PSK_WITH_3DES_EDE_CBC_SHA = 'DHE-PSK-3DES-EDE-CBC-SHA';
+  TLS1_TXT_DHE_PSK_WITH_AES_128_CBC_SHA = 'DHE-PSK-AES128-CBC-SHA';
+  TLS1_TXT_DHE_PSK_WITH_AES_256_CBC_SHA = 'DHE-PSK-AES256-CBC-SHA';
+  TLS1_TXT_RSA_PSK_WITH_RC4_128_SHA = 'RSA-PSK-RC4-SHA';
+  TLS1_TXT_RSA_PSK_WITH_3DES_EDE_CBC_SHA = 'RSA-PSK-3DES-EDE-CBC-SHA';
+  TLS1_TXT_RSA_PSK_WITH_AES_128_CBC_SHA = 'RSA-PSK-AES128-CBC-SHA';
+  TLS1_TXT_RSA_PSK_WITH_AES_256_CBC_SHA = 'RSA-PSK-AES256-CBC-SHA';
+
+  (* PSK ciphersuites from RFC 5487 *)
+  TLS1_TXT_PSK_WITH_AES_128_GCM_SHA256 = 'PSK-AES128-GCM-SHA256';
+  TLS1_TXT_PSK_WITH_AES_256_GCM_SHA384 = 'PSK-AES256-GCM-SHA384';
+  TLS1_TXT_DHE_PSK_WITH_AES_128_GCM_SHA256 = 'DHE-PSK-AES128-GCM-SHA256';
+  TLS1_TXT_DHE_PSK_WITH_AES_256_GCM_SHA384 = 'DHE-PSK-AES256-GCM-SHA384';
+  TLS1_TXT_RSA_PSK_WITH_AES_128_GCM_SHA256 = 'RSA-PSK-AES128-GCM-SHA256';
+  TLS1_TXT_RSA_PSK_WITH_AES_256_GCM_SHA384 = 'RSA-PSK-AES256-GCM-SHA384';
+
+  TLS1_TXT_PSK_WITH_AES_128_CBC_SHA256 = 'PSK-AES128-CBC-SHA256';
+  TLS1_TXT_PSK_WITH_AES_256_CBC_SHA384 = 'PSK-AES256-CBC-SHA384';
+  TLS1_TXT_PSK_WITH_NULL_SHA256 = 'PSK-NULL-SHA256';
+  TLS1_TXT_PSK_WITH_NULL_SHA384 = 'PSK-NULL-SHA384';
+
+  TLS1_TXT_DHE_PSK_WITH_AES_128_CBC_SHA256 = 'DHE-PSK-AES128-CBC-SHA256';
+  TLS1_TXT_DHE_PSK_WITH_AES_256_CBC_SHA384 = 'DHE-PSK-AES256-CBC-SHA384';
+  TLS1_TXT_DHE_PSK_WITH_NULL_SHA256 = 'DHE-PSK-NULL-SHA256';
+  TLS1_TXT_DHE_PSK_WITH_NULL_SHA384 = 'DHE-PSK-NULL-SHA384';
+
+  TLS1_TXT_RSA_PSK_WITH_AES_128_CBC_SHA256 = 'RSA-PSK-AES128-CBC-SHA256';
+  TLS1_TXT_RSA_PSK_WITH_AES_256_CBC_SHA384 = 'RSA-PSK-AES256-CBC-SHA384';
+  TLS1_TXT_RSA_PSK_WITH_NULL_SHA256 = 'RSA-PSK-NULL-SHA256';
+  TLS1_TXT_RSA_PSK_WITH_NULL_SHA384 = 'RSA-PSK-NULL-SHA384';
+
+  (* SRP ciphersuite from RFC 5054 *)
+  TLS1_TXT_SRP_SHA_WITH_3DES_EDE_CBC_SHA = 'SRP-3DES-EDE-CBC-SHA';
+  TLS1_TXT_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA = 'SRP-RSA-3DES-EDE-CBC-SHA';
+  TLS1_TXT_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA = 'SRP-DSS-3DES-EDE-CBC-SHA';
+  TLS1_TXT_SRP_SHA_WITH_AES_128_CBC_SHA = 'SRP-AES-128-CBC-SHA';
+  TLS1_TXT_SRP_SHA_RSA_WITH_AES_128_CBC_SHA = 'SRP-RSA-AES-128-CBC-SHA';
+  TLS1_TXT_SRP_SHA_DSS_WITH_AES_128_CBC_SHA = 'SRP-DSS-AES-128-CBC-SHA';
+  TLS1_TXT_SRP_SHA_WITH_AES_256_CBC_SHA = 'SRP-AES-256-CBC-SHA';
+  TLS1_TXT_SRP_SHA_RSA_WITH_AES_256_CBC_SHA = 'SRP-RSA-AES-256-CBC-SHA';
+  TLS1_TXT_SRP_SHA_DSS_WITH_AES_256_CBC_SHA = 'SRP-DSS-AES-256-CBC-SHA';
+
+  (* Camellia ciphersuites from RFC4132 *)
+  TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA = 'CAMELLIA128-SHA';
+  TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA = 'DH-DSS-CAMELLIA128-SHA';
+  TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA = 'DH-RSA-CAMELLIA128-SHA';
+  TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA = 'DHE-DSS-CAMELLIA128-SHA';
+  TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA = 'DHE-RSA-CAMELLIA128-SHA';
+  TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA = 'ADH-CAMELLIA128-SHA';
+
+  TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA = 'CAMELLIA256-SHA';
+  TLS1_TXT_DH_DSS_WITH_CAMELLIA_256_CBC_SHA = 'DH-DSS-CAMELLIA256-SHA';
+  TLS1_TXT_DH_RSA_WITH_CAMELLIA_256_CBC_SHA = 'DH-RSA-CAMELLIA256-SHA';
+  TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA = 'DHE-DSS-CAMELLIA256-SHA';
+  TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA = 'DHE-RSA-CAMELLIA256-SHA';
+  TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA = 'ADH-CAMELLIA256-SHA';
+
+  (* TLS 1.2 Camellia SHA-256 ciphersuites from RFC5932 *)
+  TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 'CAMELLIA128-SHA256';
+  TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256 = 'DH-DSS-CAMELLIA128-SHA256';
+  TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 'DH-RSA-CAMELLIA128-SHA256';
+  TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256 = 'DHE-DSS-CAMELLIA128-SHA256';
+  TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 'DHE-RSA-CAMELLIA128-SHA256';
+  TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA256 = 'ADH-CAMELLIA128-SHA256';
+
+  TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA256 = 'CAMELLIA256-SHA256';
+  TLS1_TXT_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256 = 'DH-DSS-CAMELLIA256-SHA256';
+  TLS1_TXT_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256 = 'DH-RSA-CAMELLIA256-SHA256';
+  TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256 = 'DHE-DSS-CAMELLIA256-SHA256';
+  TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 = 'DHE-RSA-CAMELLIA256-SHA256';
+  TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA256 = 'ADH-CAMELLIA256-SHA256';
+
+  TLS1_TXT_PSK_WITH_CAMELLIA_128_CBC_SHA256 = 'PSK-CAMELLIA128-SHA256';
+  TLS1_TXT_PSK_WITH_CAMELLIA_256_CBC_SHA384 = 'PSK-CAMELLIA256-SHA384';
+  TLS1_TXT_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 = 'DHE-PSK-CAMELLIA128-SHA256';
+  TLS1_TXT_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 = 'DHE-PSK-CAMELLIA256-SHA384';
+  TLS1_TXT_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 = 'RSA-PSK-CAMELLIA128-SHA256';
+  TLS1_TXT_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 = 'RSA-PSK-CAMELLIA256-SHA384';
+  TLS1_TXT_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 = 'ECDHE-PSK-CAMELLIA128-SHA256';
+  TLS1_TXT_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 = 'ECDHE-PSK-CAMELLIA256-SHA384';
+
+  (* SEED ciphersuites from RFC4162 *)
+  TLS1_TXT_RSA_WITH_SEED_SHA = 'SEED-SHA';
+  TLS1_TXT_DH_DSS_WITH_SEED_SHA = 'DH-DSS-SEED-SHA';
+  TLS1_TXT_DH_RSA_WITH_SEED_SHA = 'DH-RSA-SEED-SHA';
+  TLS1_TXT_DHE_DSS_WITH_SEED_SHA = 'DHE-DSS-SEED-SHA';
+  TLS1_TXT_DHE_RSA_WITH_SEED_SHA = 'DHE-RSA-SEED-SHA';
+  TLS1_TXT_ADH_WITH_SEED_SHA = 'ADH-SEED-SHA';
+
+  (* TLS v1.2 ciphersuites *)
+  TLS1_TXT_RSA_WITH_NULL_SHA256 = 'NULL-SHA256';
+  TLS1_TXT_RSA_WITH_AES_128_SHA256 = 'AES128-SHA256';
+  TLS1_TXT_RSA_WITH_AES_256_SHA256 = 'AES256-SHA256';
+  TLS1_TXT_DH_DSS_WITH_AES_128_SHA256 = 'DH-DSS-AES128-SHA256';
+  TLS1_TXT_DH_RSA_WITH_AES_128_SHA256 = 'DH-RSA-AES128-SHA256';
+  TLS1_TXT_DHE_DSS_WITH_AES_128_SHA256 = 'DHE-DSS-AES128-SHA256';
+  TLS1_TXT_DHE_RSA_WITH_AES_128_SHA256 = 'DHE-RSA-AES128-SHA256';
+  TLS1_TXT_DH_DSS_WITH_AES_256_SHA256 = 'DH-DSS-AES256-SHA256';
+  TLS1_TXT_DH_RSA_WITH_AES_256_SHA256 = 'DH-RSA-AES256-SHA256';
+  TLS1_TXT_DHE_DSS_WITH_AES_256_SHA256 = 'DHE-DSS-AES256-SHA256';
+  TLS1_TXT_DHE_RSA_WITH_AES_256_SHA256 = 'DHE-RSA-AES256-SHA256';
+  TLS1_TXT_ADH_WITH_AES_128_SHA256 = 'ADH-AES128-SHA256';
+  TLS1_TXT_ADH_WITH_AES_256_SHA256 = 'ADH-AES256-SHA256';
+
+  (* TLS v1.2 GCM ciphersuites from RFC5288 *)
+  TLS1_TXT_RSA_WITH_AES_128_GCM_SHA256 = 'AES128-GCM-SHA256';
+  TLS1_TXT_RSA_WITH_AES_256_GCM_SHA384 = 'AES256-GCM-SHA384';
+  TLS1_TXT_DHE_RSA_WITH_AES_128_GCM_SHA256 = 'DHE-RSA-AES128-GCM-SHA256';
+  TLS1_TXT_DHE_RSA_WITH_AES_256_GCM_SHA384 = 'DHE-RSA-AES256-GCM-SHA384';
+  TLS1_TXT_DH_RSA_WITH_AES_128_GCM_SHA256 = 'DH-RSA-AES128-GCM-SHA256';
+  TLS1_TXT_DH_RSA_WITH_AES_256_GCM_SHA384 = 'DH-RSA-AES256-GCM-SHA384';
+  TLS1_TXT_DHE_DSS_WITH_AES_128_GCM_SHA256 = 'DHE-DSS-AES128-GCM-SHA256';
+  TLS1_TXT_DHE_DSS_WITH_AES_256_GCM_SHA384 = 'DHE-DSS-AES256-GCM-SHA384';
+  TLS1_TXT_DH_DSS_WITH_AES_128_GCM_SHA256 = 'DH-DSS-AES128-GCM-SHA256';
+  TLS1_TXT_DH_DSS_WITH_AES_256_GCM_SHA384 = 'DH-DSS-AES256-GCM-SHA384';
+  TLS1_TXT_ADH_WITH_AES_128_GCM_SHA256 = 'ADH-AES128-GCM-SHA256';
+  TLS1_TXT_ADH_WITH_AES_256_GCM_SHA384 = 'ADH-AES256-GCM-SHA384';
+
+  (* CCM ciphersuites from RFC6655 *)
+  TLS1_TXT_RSA_WITH_AES_128_CCM = 'AES128-CCM';
+  TLS1_TXT_RSA_WITH_AES_256_CCM = 'AES256-CCM';
+  TLS1_TXT_DHE_RSA_WITH_AES_128_CCM = 'DHE-RSA-AES128-CCM';
+  TLS1_TXT_DHE_RSA_WITH_AES_256_CCM = 'DHE-RSA-AES256-CCM';
+
+  TLS1_TXT_RSA_WITH_AES_128_CCM_8 = 'AES128-CCM8';
+  TLS1_TXT_RSA_WITH_AES_256_CCM_8 = 'AES256-CCM8';
+  TLS1_TXT_DHE_RSA_WITH_AES_128_CCM_8 = 'DHE-RSA-AES128-CCM8';
+  TLS1_TXT_DHE_RSA_WITH_AES_256_CCM_8 = 'DHE-RSA-AES256-CCM8';
+
+  TLS1_TXT_PSK_WITH_AES_128_CCM = 'PSK-AES128-CCM';
+  TLS1_TXT_PSK_WITH_AES_256_CCM = 'PSK-AES256-CCM';
+  TLS1_TXT_DHE_PSK_WITH_AES_128_CCM = 'DHE-PSK-AES128-CCM';
+  TLS1_TXT_DHE_PSK_WITH_AES_256_CCM = 'DHE-PSK-AES256-CCM';
+
+  TLS1_TXT_PSK_WITH_AES_128_CCM_8 = 'PSK-AES128-CCM8';
+  TLS1_TXT_PSK_WITH_AES_256_CCM_8 = 'PSK-AES256-CCM8';
+  TLS1_TXT_DHE_PSK_WITH_AES_128_CCM_8 = 'DHE-PSK-AES128-CCM8';
+  TLS1_TXT_DHE_PSK_WITH_AES_256_CCM_8 = 'DHE-PSK-AES256-CCM8';
+
+  (* CCM ciphersuites from RFC7251 *)
+  TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CCM = 'ECDHE-ECDSA-AES128-CCM';
+  TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CCM = 'ECDHE-ECDSA-AES256-CCM';
+  TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CCM_8 = 'ECDHE-ECDSA-AES128-CCM8';
+  TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CCM_8 = 'ECDHE-ECDSA-AES256-CCM8';
+
+  (* ECDH HMAC based ciphersuites from RFC5289 *)
+  TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_SHA256 = 'ECDHE-ECDSA-AES128-SHA256';
+  TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_SHA384 = 'ECDHE-ECDSA-AES256-SHA384';
+  TLS1_TXT_ECDH_ECDSA_WITH_AES_128_SHA256 = 'ECDH-ECDSA-AES128-SHA256';
+  TLS1_TXT_ECDH_ECDSA_WITH_AES_256_SHA384 = 'ECDH-ECDSA-AES256-SHA384';
+  TLS1_TXT_ECDHE_RSA_WITH_AES_128_SHA256 = 'ECDHE-RSA-AES128-SHA256';
+  TLS1_TXT_ECDHE_RSA_WITH_AES_256_SHA384 = 'ECDHE-RSA-AES256-SHA384';
+  TLS1_TXT_ECDH_RSA_WITH_AES_128_SHA256 = 'ECDH-RSA-AES128-SHA256';
+  TLS1_TXT_ECDH_RSA_WITH_AES_256_SHA384 = 'ECDH-RSA-AES256-SHA384';
+
+  (* ECDH GCM based ciphersuites from RFC5289 *)
+  TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 = 'ECDHE-ECDSA-AES128-GCM-SHA256';
+  TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 = 'ECDHE-ECDSA-AES256-GCM-SHA384';
+  TLS1_TXT_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 = 'ECDH-ECDSA-AES128-GCM-SHA256';
+  TLS1_TXT_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 = 'ECDH-ECDSA-AES256-GCM-SHA384';
+  TLS1_TXT_ECDHE_RSA_WITH_AES_128_GCM_SHA256 = 'ECDHE-RSA-AES128-GCM-SHA256';
+  TLS1_TXT_ECDHE_RSA_WITH_AES_256_GCM_SHA384 = 'ECDHE-RSA-AES256-GCM-SHA384';
+  TLS1_TXT_ECDH_RSA_WITH_AES_128_GCM_SHA256 = 'ECDH-RSA-AES128-GCM-SHA256';
+  TLS1_TXT_ECDH_RSA_WITH_AES_256_GCM_SHA384 = 'ECDH-RSA-AES256-GCM-SHA384';
+
+  (* TLS v1.2 PSK GCM ciphersuites from RFC5487 *)
+  //TLS1_TXT_PSK_WITH_AES_128_GCM_SHA256 = 'PSK-AES128-GCM-SHA256';
+  //TLS1_TXT_PSK_WITH_AES_256_GCM_SHA384 = 'PSK-AES256-GCM-SHA384';
+
+  (* ECDHE PSK ciphersuites from RFC 5489 *)
+  TLS1_TXT_ECDHE_PSK_WITH_RC4_128_SHA = 'ECDHE-PSK-RC4-SHA';
+  TLS1_TXT_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA = 'ECDHE-PSK-3DES-EDE-CBC-SHA';
+  TLS1_TXT_ECDHE_PSK_WITH_AES_128_CBC_SHA = 'ECDHE-PSK-AES128-CBC-SHA';
+  TLS1_TXT_ECDHE_PSK_WITH_AES_256_CBC_SHA = 'ECDHE-PSK-AES256-CBC-SHA';
+
+  TLS1_TXT_ECDHE_PSK_WITH_AES_128_CBC_SHA256 = 'ECDHE-PSK-AES128-CBC-SHA256';
+  TLS1_TXT_ECDHE_PSK_WITH_AES_256_CBC_SHA384 = 'ECDHE-PSK-AES256-CBC-SHA384';
+
+  TLS1_TXT_ECDHE_PSK_WITH_NULL_SHA = 'ECDHE-PSK-NULL-SHA';
+  TLS1_TXT_ECDHE_PSK_WITH_NULL_SHA256 = 'ECDHE-PSK-NULL-SHA256';
+  TLS1_TXT_ECDHE_PSK_WITH_NULL_SHA384 = 'ECDHE-PSK-NULL-SHA384';
+
+  (* Camellia-CBC ciphersuites from RFC6367 *)
+  TLS1_TXT_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 = 'ECDHE-ECDSA-CAMELLIA128-SHA256';
+  TLS1_TXT_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 = 'ECDHE-ECDSA-CAMELLIA256-SHA384';
+  TLS1_TXT_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 = 'ECDH-ECDSA-CAMELLIA128-SHA256';
+  TLS1_TXT_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 = 'ECDH-ECDSA-CAMELLIA256-SHA384';
+  TLS1_TXT_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 'ECDHE-RSA-CAMELLIA128-SHA256';
+  TLS1_TXT_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 = 'ECDHE-RSA-CAMELLIA256-SHA384';
+  TLS1_TXT_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 'ECDH-RSA-CAMELLIA128-SHA256';
+  TLS1_TXT_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 = 'ECDH-RSA-CAMELLIA256-SHA384';
+
+  (* draft-ietf-tls-chacha20-poly1305-03 *)
+  TLS1_TXT_ECDHE_RSA_WITH_CHACHA20_POLY1305 = 'ECDHE-RSA-CHACHA20-POLY1305';
+  TLS1_TXT_ECDHE_ECDSA_WITH_CHACHA20_POLY1305 = 'ECDHE-ECDSA-CHACHA20-POLY1305';
+  TLS1_TXT_DHE_RSA_WITH_CHACHA20_POLY1305 = 'DHE-RSA-CHACHA20-POLY1305';
+  TLS1_TXT_PSK_WITH_CHACHA20_POLY1305 = 'PSK-CHACHA20-POLY1305';
+  TLS1_TXT_ECDHE_PSK_WITH_CHACHA20_POLY1305 = 'ECDHE-PSK-CHACHA20-POLY1305';
+  TLS1_TXT_DHE_PSK_WITH_CHACHA20_POLY1305 = 'DHE-PSK-CHACHA20-POLY1305';
+  TLS1_TXT_RSA_PSK_WITH_CHACHA20_POLY1305 = 'RSA-PSK-CHACHA20-POLY1305';
+
+  (* Aria ciphersuites from RFC6209 *)
+  TLS1_TXT_RSA_WITH_ARIA_128_GCM_SHA256 = 'ARIA128-GCM-SHA256';
+  TLS1_TXT_RSA_WITH_ARIA_256_GCM_SHA384 = 'ARIA256-GCM-SHA384';
+  TLS1_TXT_DHE_RSA_WITH_ARIA_128_GCM_SHA256 = 'DHE-RSA-ARIA128-GCM-SHA256';
+  TLS1_TXT_DHE_RSA_WITH_ARIA_256_GCM_SHA384 = 'DHE-RSA-ARIA256-GCM-SHA384';
+  TLS1_TXT_DH_RSA_WITH_ARIA_128_GCM_SHA256 = 'DH-RSA-ARIA128-GCM-SHA256';
+  TLS1_TXT_DH_RSA_WITH_ARIA_256_GCM_SHA384 = 'DH-RSA-ARIA256-GCM-SHA384';
+  TLS1_TXT_DHE_DSS_WITH_ARIA_128_GCM_SHA256 = 'DHE-DSS-ARIA128-GCM-SHA256';
+  TLS1_TXT_DHE_DSS_WITH_ARIA_256_GCM_SHA384 = 'DHE-DSS-ARIA256-GCM-SHA384';
+  TLS1_TXT_DH_DSS_WITH_ARIA_128_GCM_SHA256 = 'DH-DSS-ARIA128-GCM-SHA256';
+  TLS1_TXT_DH_DSS_WITH_ARIA_256_GCM_SHA384 = 'DH-DSS-ARIA256-GCM-SHA384';
+  TLS1_TXT_DH_anon_WITH_ARIA_128_GCM_SHA256 = 'ADH-ARIA128-GCM-SHA256';
+  TLS1_TXT_DH_anon_WITH_ARIA_256_GCM_SHA384 = 'ADH-ARIA256-GCM-SHA384';
+  TLS1_TXT_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256 = 'ECDHE-ECDSA-ARIA128-GCM-SHA256';
+  TLS1_TXT_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384 = 'ECDHE-ECDSA-ARIA256-GCM-SHA384';
+  TLS1_TXT_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256 = 'ECDH-ECDSA-ARIA128-GCM-SHA256';
+  TLS1_TXT_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384 = 'ECDH-ECDSA-ARIA256-GCM-SHA384';
+  TLS1_TXT_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 = 'ECDHE-ARIA128-GCM-SHA256';
+  TLS1_TXT_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 = 'ECDHE-ARIA256-GCM-SHA384';
+  TLS1_TXT_ECDH_RSA_WITH_ARIA_128_GCM_SHA256 = 'ECDH-ARIA128-GCM-SHA256';
+  TLS1_TXT_ECDH_RSA_WITH_ARIA_256_GCM_SHA384 = 'ECDH-ARIA256-GCM-SHA384';
+  TLS1_TXT_PSK_WITH_ARIA_128_GCM_SHA256 = 'PSK-ARIA128-GCM-SHA256';
+  TLS1_TXT_PSK_WITH_ARIA_256_GCM_SHA384 = 'PSK-ARIA256-GCM-SHA384';
+  TLS1_TXT_DHE_PSK_WITH_ARIA_128_GCM_SHA256 = 'DHE-PSK-ARIA128-GCM-SHA256';
+  TLS1_TXT_DHE_PSK_WITH_ARIA_256_GCM_SHA384 = 'DHE-PSK-ARIA256-GCM-SHA384';
+  TLS1_TXT_RSA_PSK_WITH_ARIA_128_GCM_SHA256 = 'RSA-PSK-ARIA128-GCM-SHA256';
+  TLS1_TXT_RSA_PSK_WITH_ARIA_256_GCM_SHA384 = 'RSA-PSK-ARIA256-GCM-SHA384';
+
+  TLS_CT_RSA_SIGN = 1;
+  TLS_CT_DSS_SIGN = 2;
+  TLS_CT_RSA_FIXED_DH = 3;
+  TLS_CT_DSS_FIXED_DH = 4;
+  TLS_CT_ECDSA_SIGN = 64;
+  TLS_CT_RSA_FIXED_ECDH = 65;
+  TLS_CT_ECDSA_FIXED_ECDH = 66;
+  TLS_CT_GOST01_SIGN = 22;
+  TLS_CT_GOST12_SIGN = 238;
+  TLS_CT_GOST12_512_SIGN = 239;
+
+  (*
+   * when correcting this number, correct also SSL3_CT_NUMBER in ssl3.h (see
+   * comment there)
+   *)
+  TLS_CT_NUMBER = 10;
+
+  TLS1_FINISH_MAC_LENGTH = 12;
+
+  TLS_MD_MAX_CONST_SIZE = 22;
+  TLS_MD_CLIENT_FINISH_CONST  = 'client finished';
+  TLS_MD_CLIENT_FINISH_CONST_SIZE = 15;
+  TLS_MD_SERVER_FINISH_CONST  = 'server finished';
+  TLS_MD_SERVER_FINISH_CONST_SIZE = 15;
+  TLS_MD_KEY_EXPANSION_CONST  = 'key expansion';
+  TLS_MD_KEY_EXPANSION_CONST_SIZE = 13;
+  TLS_MD_CLIENT_WRITE_KEY_CONST  = 'client write key';
+  TLS_MD_CLIENT_WRITE_KEY_CONST_SIZE = 16;
+  TLS_MD_SERVER_WRITE_KEY_CONST  = 'server write key';
+  TLS_MD_SERVER_WRITE_KEY_CONST_SIZE = 16;
+  TLS_MD_IV_BLOCK_CONST  = 'IV block';
+  TLS_MD_IV_BLOCK_CONST_SIZE = 8;
+  TLS_MD_MASTER_SECRET_CONST  = 'master secret';
+  TLS_MD_MASTER_SECRET_CONST_SIZE = 13;
+  TLS_MD_EXTENDED_MASTER_SECRET_CONST  = 'extended master secret';
+  TLS_MD_EXTENDED_MASTER_SECRET_CONST_SIZE = 22;
+
+//  (*
+//   * client finished
+//   *)
+//  TLS_MD_CLIENT_FINISH_CONST  = '\x63\x6c\x69\x65\x6e\x74\x20\x66\x69\x6e\x69\x73\x68\x65\x64';
+//
+//  (*
+//   * server finished
+//   *)
+//  TLS_MD_SERVER_FINISH_CONST  = '\x73\x65\x72\x76\x65\x72\x20\x66\x69\x6e\x69\x73\x68\x65\x64';
+//
+//  (*
+//   * server write key
+//   *)
+//  TLS_MD_SERVER_WRITE_KEY_CONST  = '\x73\x65\x72\x76\x65\x72\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79';
+//
+//  (*
+//   * key expansion
+//   *)
+//  TLS_MD_KEY_EXPANSION_CONST  = '\x6b\x65\x79\x20\x65\x78\x70\x61\x6e\x73\x69\x6f\x6e';
+//
+//  (*
+//   * client write key
+//   *)
+//  TLS_MD_CLIENT_WRITE_KEY_CONST  = '\x63\x6c\x69\x65\x6e\x74\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79';
+//
+//  (*
+//   * server write key
+//   *)
+//  TLS_MD_SERVER_WRITE_KEY_CONST  = '\x73\x65\x72\x76\x65\x72\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79';
+//
+//  (*
+//   * IV block
+//   *)
+//  TLS_MD_IV_BLOCK_CONST  = '\x49\x56\x20\x62\x6c\x6f\x63\x6b';
+//
+//
+//  (*
+//   * master secret
+//   *)
+//  TLS_MD_MASTER_SECRET_CONST  = '\x6d\x61\x73\x74\x65\x72\x20\x73\x65\x63\x72\x65\x74';
+//
+//  (*
+//   * extended master secret
+//   *)
+//  TLS_MD_EXTENDED_MASTER_SECRET_CONST  = '\x65\x78\x74\x65\x6e\x64\x65\x64\x20\x6d\x61\x73\x74\x65\x72\x20\x73\x65\x63\x72\x65\x74';
+
+type
+  (* TLS Session Ticket extension struct *)
+  tls_session_ticket_ext_st = record
+    length: TIdC_USHORT;
+    data: Pointer;
+  end;
+
+{$REGION 'C compiler macros'}
+function SSL_set_tlsext_host_name(s: PSSL; const name: PIdAnsiChar): TIdC_LONG;
+{$ENDREGION}
+
+  function SSL_CTX_set_tlsext_max_fragment_length(ctx: PSSL_CTx; mode: TIdC_UINT8): TIdC_INT cdecl; external CLibSSL;
+  function SSL_set_tlsext_max_fragment_length(ssl: PSSL; mode: TIdC_UINT8): TIdC_INT cdecl; external CLibSSL;
+
+  function SSL_get_servername(const s: PSSL; const &type: TIdC_INT): PIdAnsiChar cdecl; external CLibSSL;
+  function SSL_get_servername_type(const s: PSSL): TIdC_INT cdecl; external CLibSSL;
+  (*
+   * SSL_export_keying_material exports a value derived from the master secret,
+   * as specified in RFC 5705. It writes |olen| bytes to |out| given a label and
+   * optional context. (Since a zero length context is allowed, the |use_context|
+   * flag controls whether a context is included.) It returns 1 on success and
+   * 0 or -1 otherwise.
+   *)
+  function SSL_export_keying_material(s: PSSL; &out: PByte; olen: TIdC_SIZET; const &label: PIdAnsiChar; llen: TIdC_SIZET; const context: PByte; contextlen: TIdC_SIZET; use_context: TIdC_INT): TIdC_INT cdecl; external CLibSSL;
+
+  (*
+   * SSL_export_keying_material_early exports a value derived from the
+   * early exporter master secret, as specified in
+   * https://tools.ietf.org/html/draft-ietf-tls-tls13-23. It writes
+   * |olen| bytes to |out| given a label and optional context. It
+   * returns 1 on success and 0 otherwise.
+   *)
+  function SSL_export_keying_material_early(s: PSSL; &out: PByte; olen: TIdC_SIZET; const &label: PIdAnsiChar; llen: TIdC_SIZET; const context: PByte; contextlen: TIdC_SIZET): TIdC_INT cdecl; external CLibSSL;
+
+  function SSL_get_peer_signature_type_nid(const s: PSSl; pnid: PIdC_INT): TIdC_INT cdecl; external CLibSSL;
+  function SSL_get_signature_type_nid(const s: PSSl; pnid: PIdC_INT): TIdC_INT cdecl; external CLibSSL;
+  function SSL_get_sigalgs(s: PSSl; idx: TIdC_INT; psign: PIdC_INT; phash: PIdC_INT; psignandhash: PIdC_INT; rsig: PByte; rhash: PByte): TIdC_INT cdecl; external CLibSSL;
+  function SSL_get_shared_sigalgs(s: PSSl; idx: TIdC_INT; psign: PIdC_INT; phash: PIdC_INT; psignandhash: PIdC_INT; rsig: PByte; rhash: PByte): TIdC_INT cdecl; external CLibSSL;
+
+  //__owur TIdC_INT SSL_check_chain(s: PSSL, X509 *x, EVP_PKEY *pk, STACK_OF(X509) *chain);
+
+  //# define SSL_set_tlsext_debug_callback(ssl, cb) \
+  //        SSL_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_DEBUG_CB,\
+  //                (void (*)(void))cb)
+
+  //# define SSL_set_tlsext_debug_arg(ssl, arg) \
+  //        SSL_ctrl(ssl,SSL_CTRL_SET_TLSEXT_DEBUG_ARG,0,arg)
+  //
+  //# define SSL_get_tlsext_status_type(ssl) \
+  //        SSL_ctrl(ssl,SSL_CTRL_GET_TLSEXT_STATUS_REQ_TYPE,0,NULL)
+  //
+  //# define SSL_set_tlsext_status_type(ssl, type) \
+  //        SSL_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE,type,NULL)
+  //
+  //# define SSL_get_tlsext_status_exts(ssl, arg) \
+  //        SSL_ctrl(ssl,SSL_CTRL_GET_TLSEXT_STATUS_REQ_EXTS,0,arg)
+  //
+  //# define SSL_set_tlsext_status_exts(ssl, arg) \
+  //        SSL_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_EXTS,0,arg)
+  //
+  //# define SSL_get_tlsext_status_ids(ssl, arg) \
+  //        SSL_ctrl(ssl,SSL_CTRL_GET_TLSEXT_STATUS_REQ_IDS,0,arg)
+  //
+  //# define SSL_set_tlsext_status_ids(ssl, arg) \
+  //        SSL_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_IDS,0,arg)
+  //
+  //# define SSL_get_tlsext_status_ocsp_resp(ssl, arg) \
+  //        SSL_ctrl(ssl,SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP,0,arg)
+  //
+  //# define SSL_set_tlsext_status_ocsp_resp(ssl, arg, arglen) \
+  //        SSL_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP,arglen,arg)
+  //
+  //# define SSL_CTX_set_tlsext_servername_callback(ctx, cb) \
+  //        SSL_CTX_callback_ctrl(ctx,SSL_CTRL_SET_TLSEXT_SERVERNAME_CB,\
+  //                (void (*)(void))cb)
+
+  //# define SSL_CTX_set_tlsext_servername_arg(ctx, arg) \
+  //        SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG,0,arg)
+  //
+  //# define SSL_CTX_get_tlsext_ticket_keys(ctx, keys, keylen) \
+  //        SSL_CTX_ctrl(ctx,SSL_CTRL_GET_TLSEXT_TICKET_KEYS,keylen,keys)
+  //# define SSL_CTX_set_tlsext_ticket_keys(ctx, keys, keylen) \
+  //        SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TLSEXT_TICKET_KEYS,keylen,keys)
+  //
+  //# define SSL_CTX_get_tlsext_status_cb(ssl, cb) \
+  //        SSL_CTX_ctrl(ssl,SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB,0,(void *)cb)
+  //# define SSL_CTX_set_tlsext_status_cb(ssl, cb) \
+  //        SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB,\
+  //                (void (*)(void))cb)
+
+  //# define SSL_CTX_get_tlsext_status_arg(ssl, arg) \
+  //        SSL_CTX_ctrl(ssl,SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB_ARG,0,arg)
+  //# define SSL_CTX_set_tlsext_status_arg(ssl, arg) \
+  //        SSL_CTX_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG,0,arg)
+  //
+  //# define SSL_CTX_set_tlsext_status_type(ssl, type) \
+  //        SSL_CTX_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE,type,NULL)
+  //
+  //# define SSL_CTX_get_tlsext_status_type(ssl) \
+  //        SSL_CTX_ctrl(ssl,SSL_CTRL_GET_TLSEXT_STATUS_REQ_TYPE,0,NULL)
+  //
+  //# define SSL_CTX_set_tlsext_ticket_key_cb(ssl, cb) \
+  //        SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,\
+  //                (void (*)(void))cb)
+
+implementation
+
+uses
+  IdOpenSSLHeaders_ssl;
+
+
+{$REGION 'C compiler macros'}
+//# define SSL_set_tlsext_host_name(s,name)         SSL_ctrl(s,SSL_CTRL_SET_TLSEXT_HOSTNAME,TLSEXT_NAMETYPE_host_name, (void *)name)
+function SSL_set_tlsext_host_name(s: PSSL; const name: PIdAnsiChar): TIdC_LONG;
+begin
+  Result := SSL_ctrl(s, SSL_CTRL_SET_TLSEXT_HOSTNAME, TLSEXT_NAMETYPE_host_name, Pointer(name));
+end;
+{$ENDREGION}
+
+end.
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ts.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ts.pas
new file mode 100644
index 000000000..083608075
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ts.pas
@@ -0,0 +1,564 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 14:51:27
+
+unit IdOpenSSLHeaders_ts;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// ts.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts,
+  IdOpenSSLHeaders_asn1,
+  IdOpenSSLHeaders_bio,
+  IdOpenSSLHeaders_ossl_typ,
+  IdOpenSSLHeaders_pkcs7,
+  IdOpenSSLHeaders_rsa,
+  IdOpenSSLHeaders_tserr,
+  IdOpenSSLHeaders_x509,
+  IdOpenSSLHeaders_x509v3;
+
+const
+  (* Possible values for status. *)
+  TS_STATUS_GRANTED = 0;
+  TS_STATUS_GRANTED_WITH_MODS = 1;
+  TS_STATUS_REJECTION = 2;
+  TS_STATUS_WAITING = 3;
+  TS_STATUS_REVOCATION_WARNING = 4;
+  TS_STATUS_REVOCATION_NOTIFICATION = 5;
+
+
+  (* Possible values for failure_info. *)
+  TS_INFO_BAD_ALG = 0;
+  TS_INFO_BAD_REQUEST = 2;
+  TS_INFO_BAD_DATA_FORMAT = 5;
+  TS_INFO_TIME_NOT_AVAILABLE = 14;
+  TS_INFO_UNACCEPTED_POLICY = 15;
+  TS_INFO_UNACCEPTED_EXTENSION = 16;
+  TS_INFO_ADD_INFO_NOT_AVAILABLE = 17;
+  TS_INFO_SYSTEM_FAILURE = 25;
+
+  (* Optional flags for response generation. *)
+
+  (* Don't include the TSA name in response. *)
+  TS_TSA_NAME = $01;
+
+  (* Set ordering to true in response. *)
+  TS_ORDERING = $02;
+
+  (*
+   * Include the signer certificate and the other specified certificates in
+   * the ESS signing certificate attribute beside the PKCS7 signed data.
+   * Only the signer certificates is included by default.
+   *)
+  TS_ESS_CERT_ID_CHAIN = $04;
+
+  (* At most we accept usec precision. *)
+  TS_MAX_CLOCK_PRECISION_DIGITS = 6;
+
+  (* Maximum status message length *)
+  TS_MAX_STATUS_LENGTH = 1024 * 1024;
+
+  (* Verify the signer's certificate and the signature of the response. *)
+  TS_VFY_SIGNATURE = TIdC_UINT(1) shl 0;
+  (* Verify the version number of the response. *)
+  TS_VFY_VERSION = TIdC_UINT(1) shl 1;
+  (* Verify if the policy supplied by the user matches the policy of the TSA. *)
+  TS_VFY_POLICY = TIdC_UINT(1) shl 2;
+  (*
+   * Verify the message imprint provided by the user. This flag should not be
+   * specified with TS_VFY_DATA.
+   *)
+  TS_VFY_IMPRINT = TIdC_UINT(1) shl 3;
+  (*
+   * Verify the message imprint computed by the verify method from the user
+   * provided data and the MD algorithm of the response. This flag should not
+   * be specified with TS_VFY_IMPRINT.
+   *)
+  TS_VFY_DATA = TIdC_UINT(1) shl 4;
+  (* Verify the nonce value. *)
+  TS_VFY_NONCE = TIdC_UINT(1) shl 5;
+  (* Verify if the TSA name field matches the signer certificate. *)
+  TS_VFY_SIGNER = TIdC_UINT(1) shl 6;
+  (* Verify if the TSA name field equals to the user provided name. *)
+  TS_VFY_TSA_NAME = TIdC_UINT(1) shl 7;
+
+  (* You can use the following convenience constants. *)
+  TS_VFY_ALL_IMPRINT = TS_VFY_SIGNATURE or TS_VFY_VERSION or TS_VFY_POLICY
+    or TS_VFY_IMPRINT or TS_VFY_NONCE or TS_VFY_SIGNER or TS_VFY_TSA_NAME;
+
+  TS_VFY_ALL_DATA = TS_VFY_SIGNATURE or TS_VFY_VERSION or TS_VFY_POLICY
+    or TS_VFY_DATA or TS_VFY_NONCE or TS_VFY_SIGNER or TS_VFY_TSA_NAME;
+
+type
+  TS_msg_imprint_st = type Pointer;
+  TS_req_st = type Pointer;
+  TS_accuracy_st = type Pointer;
+  TS_tst_info_st = type Pointer;
+
+  TS_MSG_IMPRINT = TS_msg_imprint_st;
+  PTS_MSG_IMPRINT = ^TS_MSG_IMPRINT;
+  PPTS_MSG_IMPRINT = ^PTS_MSG_IMPRINT;
+
+  TS_REQ = TS_req_st;
+  PTS_REQ = ^TS_REQ;
+  PPTS_REQ = ^PTS_REQ;
+
+  TS_ACCURACY = TS_accuracy_st;
+  PTS_ACCURACY = ^TS_ACCURACY;
+  PPTS_ACCURACY = ^PTS_ACCURACY;
+
+  TS_TST_INFO = TS_tst_info_st;
+  PTS_TST_INFO = ^TS_TST_INFO;
+  PPTS_TST_INFO = ^PTS_TST_INFO;
+
+  TS_status_info_st = type Pointer;
+  ESS_issuer_serial_st = type Pointer;
+  ESS_cert_id_st = type Pointer;
+  ESS_signing_cert_st = type Pointer;
+  ESS_cert_id_v2_st = type Pointer;
+  ESS_signing_cert_v2_st = type Pointer;
+
+  TS_STATUS_INFO = TS_status_info_st;
+  PTS_STATUS_INFO = ^TS_STATUS_INFO;
+  PPTS_STATUS_INFO = ^PTS_STATUS_INFO;
+
+  ESS_ISSUER_SERIAL = ESS_issuer_serial_st;
+  PESS_ISSUER_SERIAL = ^ESS_ISSUER_SERIAL;
+  PPESS_ISSUER_SERIAL = ^PESS_ISSUER_SERIAL;
+
+  ESS_CERT_ID = ESS_cert_id_st;
+  PESS_CERT_ID = ^ESS_CERT_ID;
+  PPESS_CERT_ID = ^PESS_CERT_ID;
+
+  ESS_SIGNING_CERT = ESS_signing_cert_st;
+  PESS_SIGNING_CERT = ^ESS_SIGNING_CERT;
+  PPESS_SIGNING_CERT = ^PESS_SIGNING_CERT;
+
+// DEFINE_STACK_OF(ESS_CERT_ID)
+
+  ESS_CERT_ID_V2 = ESS_cert_id_v2_st;
+  PESS_CERT_ID_V2 = ^ESS_CERT_ID_V2;
+  PPESS_CERT_ID_V2 = ^PESS_CERT_ID_V2;
+
+  ESS_SIGNING_CERT_V2 = ESS_signing_cert_v2_st;
+  PESS_SIGNING_CERT_V2 = ^ESS_SIGNING_CERT_V2;
+  PPESS_SIGNING_CERT_V2 = ^PESS_SIGNING_CERT_V2;
+
+// DEFINE_STACK_OF(ESS_CERT_ID_V2)
+  TS_resp_st = type Pointer;
+  TS_RESP = TS_resp_st;
+  PTS_RESP = ^TS_RESP;
+  PPTS_RESP = ^PTS_RESP;
+
+  (* Forward declaration. *)
+  TS_resp_ctx = type Pointer;
+  PTS_resp_ctx = ^TS_resp_ctx;
+  PPTS_resp_ctx = ^PTS_resp_ctx;
+
+  (* This must return a unique number less than 160 bits long. *)
+  TS_serial_cb = function({struct} v1: PTS_resp_ctx; v2: Pointer): PASN1_INTEGER;
+
+  (*
+   * This must return the seconds and microseconds since Jan 1, 1970 in the sec
+   * and usec variables allocated by the caller. Return non-zero for success
+   * and zero for failure.
+   *)
+  TS_time_cb = function({struct} v1: PTS_resp_ctx; v2: Pointer; sec: PIdC_LONG; usec: PIdC_LONG): TIdC_INT;
+
+  (*
+   * This must process the given extension. It can modify the TS_TST_INFO
+   * object of the context. Return values: !0 (processed), 0 (error, it must
+   * set the status info/failure info of the response).
+   *)
+  TS_extension_cb = function({struct} v1: PTS_resp_ctx; v2: PX509_Extension; v3: Pointer): TIdC_INT;
+
+//  TS_VERIFY_CTX = TS_verify_ctx;
+  TS_VERIFY_CTX = type Pointer;
+  PTS_VERIFY_CTX = ^TS_VERIFY_CTX;
+
+  function TS_REQ_new: PTS_REQ cdecl; external CLibCrypto;
+  procedure TS_REQ_free(a: PTS_REQ) cdecl; external CLibCrypto;
+  function i2d_TS_REQ(a: PTS_REQ; pp: PPByte): TIdC_INT cdecl; external CLibCrypto;
+  function d2i_TS_REQ(a: PPTS_REQ; pp: PPByte; length: TIdC_LONG): PTS_REQ cdecl; external CLibCrypto;
+
+  function TS_REQ_dup(a: PTS_REQ): PTS_REQ cdecl; external CLibCrypto;
+
+  function d2i_TS_REQ_bio(fp: PBIO; a: PPTS_REQ): PTS_REQ cdecl; external CLibCrypto;
+  function i2d_TS_REQ_bio(fp: PBIO; a: PTS_REQ): TIdC_INT cdecl; external CLibCrypto;
+
+  function TS_MSG_IMPRINT_new: PTS_MSG_IMPRINT cdecl; external CLibCrypto;
+  procedure TS_MSG_IMPRINT_free(a: PTS_MSG_IMPRINT) cdecl; external CLibCrypto;
+  function i2d_TS_MSG_IMPRINT(a: PTS_MSG_IMPRINT; pp: PPByte): TIdC_INT cdecl; external CLibCrypto;
+  function d2i_TS_MSG_IMPRINT(a: PPTS_MSG_IMPRINT; pp: PPByte; length: TIdC_LONG): PTS_MSG_IMPRINT cdecl; external CLibCrypto;
+
+  function TS_MSG_IMPRINT_dup(a: PTS_MSG_IMPRINT): PTS_MSG_IMPRINT cdecl; external CLibCrypto;
+
+  function d2i_TS_MSG_IMPRINT_bio(bio: PBIO; a: PPTS_MSG_IMPRINT): PTS_MSG_IMPRINT cdecl; external CLibCrypto;
+  function i2d_TS_MSG_IMPRINT_bio(bio: PBIO; a: PTS_MSG_IMPRINT): TIdC_INT cdecl; external CLibCrypto;
+
+  function TS_RESP_new: PTS_RESP cdecl; external CLibCrypto;
+  procedure TS_RESP_free(a: PTS_RESP) cdecl; external CLibCrypto;
+  function i2d_TS_RESP(a: PTS_RESP; pp: PPByte): TIdC_INT cdecl; external CLibCrypto;
+  function d2i_TS_RESP(a: PPTS_RESP; pp: PPByte; length: TIdC_LONG): PTS_RESP cdecl; external CLibCrypto;
+  function PKCS7_to_TS_TST_INFO(token: PPKCS7): PTS_TST_Info cdecl; external CLibCrypto;
+  function TS_RESP_dup(a: PTS_RESP): PTS_RESP cdecl; external CLibCrypto;
+
+  function d2i_TS_RESP_bio(bio: PBIO; a: PPTS_RESP): PTS_RESP cdecl; external CLibCrypto;
+  function i2d_TS_RESP_bio(bio: PBIO; a: PTS_RESP): TIdC_INT cdecl; external CLibCrypto;
+
+  function TS_STATUS_INFO_new: PTS_STATUS_INFO cdecl; external CLibCrypto;
+  procedure TS_STATUS_INFO_free(a: PTS_STATUS_INFO) cdecl; external CLibCrypto;
+  function i2d_TS_STATUS_INFO(a: PTS_STATUS_INFO; pp: PPByte): TIdC_INT cdecl; external CLibCrypto;
+  function d2i_TS_STATUS_INFO(a: PPTS_STATUS_INFO; pp: PPByte; length: TIdC_LONG): PTS_STATUS_INFO cdecl; external CLibCrypto;
+  function TS_STATUS_INFO_dup(a: PTS_STATUS_INFO): PTS_STATUS_INFO cdecl; external CLibCrypto;
+
+  function TS_TST_INFO_new: PTS_TST_Info cdecl; external CLibCrypto;
+  procedure TS_TST_INFO_free(a: PTS_TST_Info) cdecl; external CLibCrypto;
+  function i2d_TS_TST_INFO(a: PTS_TST_Info; pp: PPByte): TIdC_INT cdecl; external CLibCrypto;
+  function d2i_TS_TST_INFO(a: PPTS_TST_Info; pp: PPByte; length: TIdC_LONG): PTS_TST_Info cdecl; external CLibCrypto;
+  function TS_TST_INFO_dup(a: PTS_TST_Info): PTS_TST_Info cdecl; external CLibCrypto;
+
+  function d2i_TS_TST_INFO_bio(bio: PBIO; a: PPTS_TST_Info): PTS_TST_Info cdecl; external CLibCrypto;
+  function i2d_TS_TST_INFO_bio(bio: PBIO; a: PTS_TST_Info): TIdC_INT cdecl; external CLibCrypto;
+
+  function TS_ACCURACY_new: PTS_ACCURACY cdecl; external CLibCrypto;
+  procedure TS_ACCURACY_free(a: PTS_ACCURACY) cdecl; external CLibCrypto;
+  function i2d_TS_ACCURACY(a: PTS_ACCURACY; pp: PPByte): TIdC_INT cdecl; external CLibCrypto;
+  function d2i_TS_ACCURACY(a: PPTS_ACCURACY; pp: PPByte; length: TIdC_LONG): PTS_ACCURACY cdecl; external CLibCrypto;
+  function TS_ACCURACY_dup(a: PTS_ACCURACY): PTS_ACCURACY cdecl; external CLibCrypto;
+
+  function ESS_ISSUER_SERIAL_new: PESS_ISSUER_SERIAL cdecl; external CLibCrypto;
+  procedure ESS_ISSUER_SERIAL_free(a: PESS_ISSUER_SERIAL) cdecl; external CLibCrypto;
+  function i2d_ESS_ISSUER_SERIAL( a: PESS_ISSUER_SERIAL; pp: PPByte): TIdC_INT cdecl; external CLibCrypto;
+  function d2i_ESS_ISSUER_SERIAL(a: PPESS_ISSUER_SERIAL; pp: PPByte; length: TIdC_LONG): PESS_ISSUER_SERIAL cdecl; external CLibCrypto;
+  function ESS_ISSUER_SERIAL_dup(a: PESS_ISSUER_SERIAL): PESS_ISSUER_SERIAL cdecl; external CLibCrypto;
+
+  function ESS_CERT_ID_new: PESS_CERT_ID cdecl; external CLibCrypto;
+  procedure ESS_CERT_ID_free(a: PESS_CERT_ID) cdecl; external CLibCrypto;
+  function i2d_ESS_CERT_ID(a: PESS_CERT_ID; pp: PPByte): TIdC_INT cdecl; external CLibCrypto;
+  function d2i_ESS_CERT_ID(a: PPESS_CERT_ID; pp: PPByte; length: TIdC_LONG): PESS_CERT_ID cdecl; external CLibCrypto;
+  function ESS_CERT_ID_dup(a: PESS_CERT_ID): PESS_CERT_ID cdecl; external CLibCrypto;
+
+  function ESS_SIGNING_CERT_new: PESS_SIGNING_Cert cdecl; external CLibCrypto;
+  procedure ESS_SIGNING_CERT_free(a: PESS_SIGNING_Cert) cdecl; external CLibCrypto;
+  function i2d_ESS_SIGNING_CERT( a: PESS_SIGNING_Cert; pp: PPByte): TIdC_INT cdecl; external CLibCrypto;
+  function d2i_ESS_SIGNING_CERT(a: PPESS_SIGNING_Cert; pp: PPByte; length: TIdC_LONG): PESS_SIGNING_Cert cdecl; external CLibCrypto;
+  function ESS_SIGNING_CERT_dup(a: PESS_SIGNING_Cert): PESS_SIGNING_Cert cdecl; external CLibCrypto;
+
+  function ESS_CERT_ID_V2_new: PESS_CERT_ID_V2 cdecl; external CLibCrypto;
+  procedure ESS_CERT_ID_V2_free(a: PESS_CERT_ID_V2) cdecl; external CLibCrypto;
+  function i2d_ESS_CERT_ID_V2( a: PESS_CERT_ID_V2; pp: PPByte): TIdC_INT cdecl; external CLibCrypto;
+  function d2i_ESS_CERT_ID_V2(a: PPESS_CERT_ID_V2; pp: PPByte; length: TIdC_LONG): PESS_CERT_ID_V2 cdecl; external CLibCrypto;
+  function ESS_CERT_ID_V2_dup(a: PESS_CERT_ID_V2): PESS_CERT_ID_V2 cdecl; external CLibCrypto;
+
+  function ESS_SIGNING_CERT_V2_new: PESS_SIGNING_CERT_V2 cdecl; external CLibCrypto;
+  procedure ESS_SIGNING_CERT_V2_free(a: PESS_SIGNING_CERT_V2) cdecl; external CLibCrypto;
+  function i2d_ESS_SIGNING_CERT_V2(a: PESS_SIGNING_CERT_V2; pp: PPByte): TIdC_INT cdecl; external CLibCrypto;
+  function d2i_ESS_SIGNING_CERT_V2(a: PPESS_SIGNING_CERT_V2; pp: PPByte; length: TIdC_LONG): PESS_SIGNING_CERT_V2 cdecl; external CLibCrypto;
+  function ESS_SIGNING_CERT_V2_dup(a: PESS_SIGNING_CERT_V2): PESS_SIGNING_CERT_V2 cdecl; external CLibCrypto;
+
+  function TS_REQ_set_version(a: PTS_REQ; version: TIdC_LONG): TIdC_INT cdecl; external CLibCrypto;
+  function TS_REQ_get_version(a: PTS_REQ): TIdC_LONG cdecl; external CLibCrypto;
+
+  function TS_STATUS_INFO_set_status(a: PTS_STATUS_INFO; i: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function TS_STATUS_INFO_get0_status(const a: PTS_STATUS_INFO): PASN1_INTEGER cdecl; external CLibCrypto;
+
+  // const STACK_OF(ASN1_UTF8STRING) *TS_STATUS_INFO_get0_text(const TS_STATUS_INFO *a);
+
+  // const ASN1_BIT_STRING *TS_STATUS_INFO_get0_failure_info(const TS_STATUS_INFO *a);
+
+  function TS_REQ_set_msg_imprint(a: PTS_REQ; msg_imprint: PTS_MSG_IMPRINT): TIdC_INT cdecl; external CLibCrypto;
+  function TS_REQ_get_msg_imprint(a: PTS_REQ): PTS_MSG_IMPRINT cdecl; external CLibCrypto;
+
+  function TS_MSG_IMPRINT_set_algo(a: PTS_MSG_IMPRINT; alg: PX509_ALGOr): TIdC_INT cdecl; external CLibCrypto;
+  function TS_MSG_IMPRINT_get_algo(a: PTS_MSG_IMPRINT): PX509_ALGOr cdecl; external CLibCrypto;
+
+  function TS_MSG_IMPRINT_set_msg(a: PTS_MSG_IMPRINT; d: PByte; len: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function TS_MSG_IMPRINT_get_msg(a: PTS_MSG_IMPRINT): PASN1_OCTET_STRING cdecl; external CLibCrypto;
+
+  function TS_REQ_set_policy_id(a: PTS_REQ; policy: PASN1_OBJECT): TIdC_INT cdecl; external CLibCrypto;
+  function TS_REQ_get_policy_id(a: PTS_REQ): PASN1_OBJECT cdecl; external CLibCrypto;
+
+  function TS_REQ_set_nonce(a: PTS_REQ; nonce: PASN1_INTEGER): TIdC_INT cdecl; external CLibCrypto;
+  function TS_REQ_get_nonce(const a: PTS_REQ): PASN1_INTEGER cdecl; external CLibCrypto;
+
+  function TS_REQ_set_cert_req(a: PTS_REQ; cert_req: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function TS_REQ_get_cert_req(a: PTS_REQ): TIdC_INT cdecl; external CLibCrypto;
+
+  //STACK_OF(X509_EXTENSION) *TS_REQ_get_exts(TS_REQ *a);
+  procedure TS_REQ_ext_free(a: PTS_REQ) cdecl; external CLibCrypto;
+  function TS_REQ_get_ext_count(a: PTS_REQ): TIdC_INT cdecl; external CLibCrypto;
+  function TS_REQ_get_ext_by_NID(a: PTS_REQ; nid: TIdC_INT; lastpos: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function TS_REQ_get_ext_by_OBJ(a: PTS_REQ; obj: PASN1_Object; lastpos: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function TS_REQ_get_ext_by_critical(a: PTS_REQ; crit: TIdC_INT; lastpos: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function TS_REQ_get_ext(a: PTS_REQ; loc: TIdC_INT): PX509_Extension cdecl; external CLibCrypto;
+  function TS_REQ_delete_ext(a: PTS_REQ; loc: TIdC_INT): PX509_Extension cdecl; external CLibCrypto;
+  function TS_REQ_add_ext(a: PTS_REQ; ex: PX509_Extension; loc: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function TS_REQ_get_ext_d2i(a: PTS_REQ; nid: TIdC_INT; crit: PIdC_INT; idx: PIdC_INT): Pointer cdecl; external CLibCrypto;
+
+  //* Function declarations for TS_REQ defined in ts/ts_req_print.c */
+
+  function TS_REQ_print_bio(bio: PBIO; a: PTS_REQ): TIdC_INT cdecl; external CLibCrypto;
+
+  //* Function declarations for TS_RESP defined in ts/ts_resp_utils.c */
+
+  function TS_RESP_set_status_info(a: PTS_RESP; info: PTS_STATUS_INFO): TIdC_INT cdecl; external CLibCrypto;
+  function TS_RESP_get_status_info(a: PTS_RESP): PTS_STATUS_INFO cdecl; external CLibCrypto;
+
+  //* Caller loses ownership of PKCS7 and TS_TST_INFO objects. */
+  procedure TS_RESP_set_tst_info(a: PTS_RESP; p7: PPKCS7; tst_info: PTS_TST_Info) cdecl; external CLibCrypto;
+  function TS_RESP_get_token(a: PTS_RESP): PPKCS7 cdecl; external CLibCrypto;
+  function TS_RESP_get_tst_info(a: PTS_RESP): PTS_TST_Info cdecl; external CLibCrypto;
+
+  function TS_TST_INFO_set_version(a: PTS_TST_Info; version: TIdC_LONG): TIdC_INT cdecl; external CLibCrypto;
+  function TS_TST_INFO_get_version(const a: PTS_TST_Info): TIdC_LONG cdecl; external CLibCrypto;
+
+  function TS_TST_INFO_set_policy_id(a: PTS_TST_Info; policy_id: PASN1_Object): TIdC_INT cdecl; external CLibCrypto;
+  function TS_TST_INFO_get_policy_id(a: PTS_TST_Info): PASN1_Object cdecl; external CLibCrypto;
+
+  function TS_TST_INFO_set_msg_imprint(a: PTS_TST_Info; msg_imprint: PTS_MSG_IMPRINT): TIdC_INT cdecl; external CLibCrypto;
+  function TS_TST_INFO_get_msg_imprint(a: PTS_TST_Info): PTS_MSG_IMPRINT cdecl; external CLibCrypto;
+
+  function TS_TST_INFO_set_serial(a: PTS_TST_Info; const serial: PASN1_INTEGER): TIdC_INT cdecl; external CLibCrypto;
+  function TS_TST_INFO_get_serial(const a: PTS_TST_INFO): PASN1_INTEGER cdecl; external CLibCrypto;
+
+  function TS_TST_INFO_set_time(a: PTS_TST_Info; gtime: PASN1_GENERALIZEDTIME): TIdC_INT cdecl; external CLibCrypto;
+  function TS_TST_INFO_get_time(const a: PTS_TST_INFO): PASN1_GENERALIZEDTIME cdecl; external CLibCrypto;
+
+  function TS_TST_INFO_set_accuracy(a: PTS_TST_Info; accuracy: PTS_ACCURACY): TIdC_INT cdecl; external CLibCrypto;
+  function TS_TST_INFO_get_accuracy(a: PTS_TST_Info): PTS_ACCURACY cdecl; external CLibCrypto;
+
+  function TS_ACCURACY_set_seconds(a: PTS_ACCURACY; const seconds: PASN1_INTEGER): TIdC_INT cdecl; external CLibCrypto;
+  function TS_ACCURACY_get_seconds(const a: PTS_ACCURACY): PASN1_INTEGER cdecl; external CLibCrypto;
+
+  function TS_ACCURACY_set_millis(a: PTS_ACCURACY; const millis: PASN1_INTEGER): TIdC_INT cdecl; external CLibCrypto;
+  function TS_ACCURACY_get_millis(const a: PTS_ACCURACY): PASN1_INTEGER cdecl; external CLibCrypto;
+
+  function TS_ACCURACY_set_micros(a: PTS_ACCURACY; const micros: PASN1_INTEGER): TIdC_INT cdecl; external CLibCrypto;
+  function TS_ACCURACY_get_micros(const a: PTS_ACCURACY): PASN1_INTEGER cdecl; external CLibCrypto;
+
+  function TS_TST_INFO_set_ordering(a: PTS_TST_Info; ordering: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function TS_TST_INFO_get_ordering(const a: PTS_TST_Info): TIdC_INT cdecl; external CLibCrypto;
+
+  function TS_TST_INFO_set_nonce(a: PTS_TST_Info; const nonce: PASN1_INTEGER): TIdC_INT cdecl; external CLibCrypto;
+  function TS_TST_INFO_get_nonce(const a: PTS_TST_INFO): PASN1_INTEGER cdecl; external CLibCrypto;
+
+  function TS_TST_INFO_set_tsa(a: PTS_TST_Info; tsa: PGENERAL_NAME): TIdC_INT cdecl; external CLibCrypto;
+  function TS_TST_INFO_get_tsa(a: PTS_TST_Info): PGENERAL_NAME cdecl; external CLibCrypto;
+
+  //STACK_OF(X509_EXTENSION) *TS_TST_INFO_get_exts(TS_TST_INFO *a);
+  procedure TS_TST_INFO_ext_free(a: PTS_TST_Info) cdecl; external CLibCrypto;
+  function TS_TST_INFO_get_ext_count(a: PTS_TST_Info): TIdC_INT cdecl; external CLibCrypto;
+  function TS_TST_INFO_get_ext_by_NID(a: PTS_TST_Info; nid: TIdC_INT; lastpos: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function TS_TST_INFO_get_ext_by_OBJ(a: PTS_TST_Info; const obj: PASN1_Object; lastpos: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function TS_TST_INFO_get_ext_by_critical(a: PTS_TST_Info; crit: TIdC_INT; lastpos: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function TS_TST_INFO_get_ext(a: PTS_TST_Info; loc: TIdC_INT): PX509_Extension cdecl; external CLibCrypto;
+  function TS_TST_INFO_delete_ext(a: PTS_TST_Info; loc: TIdC_INT): PX509_Extension cdecl; external CLibCrypto;
+  function TS_TST_INFO_add_ext(a: PTS_TST_Info; ex: PX509_Extension; loc: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function TS_TST_INFO_get_ext_d2i(a: PTS_TST_Info; nid: TIdC_INT; crit: PIdC_INT; idx: PIdC_INT): Pointer cdecl; external CLibCrypto;
+
+  (*
+   * Declarations related to response generation, defined in ts/ts_resp_sign.c.
+   *)
+
+  //DEFINE_STACK_OF_CONST(EVP_MD)
+
+  (* Creates a response context that can be used for generating responses. *)
+  function TS_RESP_CTX_new: PTS_RESP_CTX cdecl; external CLibCrypto;
+  procedure TS_RESP_CTX_free(ctx: PTS_RESP_CTX) cdecl; external CLibCrypto;
+
+  (* This parameter must be set. *)
+  function TS_RESP_CTX_set_signer_cert(ctx: PTS_RESP_CTX; signer: PX509): TIdC_INT cdecl; external CLibCrypto;
+
+  (* This parameter must be set. *)
+  function TS_RESP_CTX_set_signer_key(ctx: PTS_RESP_CTX; key: PEVP_PKEY): TIdC_INT cdecl; external CLibCrypto;
+
+  function TS_RESP_CTX_set_signer_digest(ctx: PTS_RESP_CTX; signer_digest: PEVP_MD): TIdC_INT cdecl; external CLibCrypto;
+  function TS_RESP_CTX_set_ess_cert_id_digest(ctx: PTS_RESP_CTX; md: PEVP_MD): TIdC_INT cdecl; external CLibCrypto;
+
+  (* This parameter must be set. *)
+  function TS_RESP_CTX_set_def_policy(ctx: PTS_RESP_CTX; def_policy: PASN1_Object): TIdC_INT cdecl; external CLibCrypto;
+
+  (* No additional certs are included in the response by default. *)
+  // int TS_RESP_CTX_set_certs(TS_RESP_CTX *ctx, STACK_OF(X509) *certs);
+
+  (*
+   * Adds a new acceptable policy, only the default policy is accepted by
+   * default.
+   *)
+  function TS_RESP_CTX_add_policy(ctx: PTS_RESP_CTX; const policy: PASN1_Object): TIdC_INT cdecl; external CLibCrypto;
+
+  (*
+   * Adds a new acceptable message digest. Note that no message digests are
+   * accepted by default. The md argument is shared with the caller.
+   *)
+  function TS_RESP_CTX_add_md(ctx: PTS_RESP_CTX; const md: PEVP_MD): TIdC_INT cdecl; external CLibCrypto;
+
+  (* Accuracy is not included by default. *)
+  function TS_RESP_CTX_set_accuracy(ctx: PTS_RESP_CTX; secs: TIdC_INT; millis: TIdC_INT; micros: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+
+  (*
+   * Clock precision digits, i.e. the number of decimal digits: '0' means sec,
+   * '3' msec, '6' usec, and so on. Default is 0.
+   *)
+  function TS_RESP_CTX_set_clock_precision_digits(ctx: PTS_RESP_CTX; clock_precision_digits: TIdC_UINT): TIdC_INT cdecl; external CLibCrypto;
+
+  (* No flags are set by default. *)
+  procedure TS_RESP_CTX_add_flags(ctx: PTS_RESP_CTX; flags: TIdC_INT) cdecl; external CLibCrypto;
+
+  (* Default callback always returns a constant. *)
+  procedure TS_RESP_CTX_set_serial_cb(ctx: PTS_RESP_CTX; cb: TS_serial_cb; data: Pointer) cdecl; external CLibCrypto;
+
+  (* Default callback uses the gettimeofday() and gmtime() system calls. *)
+  procedure TS_RESP_CTX_set_time_cb(ctx: PTS_RESP_CTX; cb: TS_time_cb; data: Pointer) cdecl; external CLibCrypto;
+
+  (*
+   * Default callback rejects all extensions. The extension callback is called
+   * when the TS_TST_INFO object is already set up and not signed yet.
+   *)
+  (* FIXME: extension handling is not tested yet. *)
+  procedure TS_RESP_CTX_set_extension_cb(ctx: PTS_RESP_CTX; cb: TS_extension_cb; data: Pointer) cdecl; external CLibCrypto;
+
+  (* The following methods can be used in the callbacks. *)
+  function TS_RESP_CTX_set_status_info(ctx: PTS_RESP_CTX; status: TIdC_INT; text: PIdAnsiChar): TIdC_INT cdecl; external CLibCrypto;
+
+  (* Sets the status info only if it is still TS_STATUS_GRANTED. *)
+  function TS_RESP_CTX_set_status_info_cond(ctx: PTS_RESP_CTX; status: TIdC_INT; text: PIdAnsiChar): TIdC_INT cdecl; external CLibCrypto;
+
+  function TS_RESP_CTX_add_failure_info(ctx: PTS_RESP_CTX; failure: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+
+  (* The get methods below can be used in the extension callback. *)
+  function TS_RESP_CTX_get_request(ctx: PTS_RESP_CTX): PTS_REQ cdecl; external CLibCrypto;
+
+  function TS_RESP_CTX_get_tst_info(ctx: PTS_RESP_CTX): PTS_TST_Info cdecl; external CLibCrypto;
+
+  (*
+   * Creates the signed TS_TST_INFO and puts it in TS_RESP.
+   * In case of errors it sets the status info properly.
+   * Returns NULL only in case of memory allocation/fatal error.
+   *)
+  function TS_RESP_create_response(ctx: PTS_RESP_CTX; req_bio: PBIO): PTS_RESP cdecl; external CLibCrypto;
+
+  (*
+   * Declarations related to response verification,
+   * they are defined in ts/ts_resp_verify.c.
+   *)
+
+  //int TS_RESP_verify_signature(PKCS7 *token, STACK_OF(X509) *certs,
+  //                             X509_STORE *store, X509 **signer_out);
+
+  (* Context structure for the generic verify method. *)
+
+  function TS_RESP_verify_response(ctx: PTS_VERIFY_CTX; response: PTS_RESP): TIdC_INT cdecl; external CLibCrypto;
+  function TS_RESP_verify_token(ctx: PTS_VERIFY_CTX; token: PPKCS7): TIdC_INT cdecl; external CLibCrypto;
+
+  (*
+   * Declarations related to response verification context,
+   *)
+  function TS_VERIFY_CTX_new: PTS_VERIFY_CTX cdecl; external CLibCrypto;
+  procedure TS_VERIFY_CTX_init(ctx: PTS_VERIFY_CTX) cdecl; external CLibCrypto;
+  procedure TS_VERIFY_CTX_free(ctx: PTS_VERIFY_CTX) cdecl; external CLibCrypto;
+  procedure TS_VERIFY_CTX_cleanup(ctx: PTS_VERIFY_CTX) cdecl; external CLibCrypto;
+  function TS_VERIFY_CTX_set_flags(ctx: PTS_VERIFY_CTX; f: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function TS_VERIFY_CTX_add_flags(ctx: PTS_VERIFY_CTX; f: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function TS_VERIFY_CTX_set_data(ctx: PTS_VERIFY_CTX; b: PBIO): PBIO cdecl; external CLibCrypto;
+  function TS_VERIFY_CTX_set_imprint(ctx: PTS_VERIFY_CTX; hexstr: PByte; len: TIdC_LONG): PByte cdecl; external CLibCrypto;
+  function TS_VERIFY_CTX_set_store(ctx: PTS_VERIFY_CTX; s: PX509_Store): PX509_Store cdecl; external CLibCrypto;
+  // STACK_OF(X509) *TS_VERIFY_CTS_set_certs(TS_VERIFY_CTX *ctx, STACK_OF(X509) *certs);
+
+  (*-
+   * If ctx is NULL, it allocates and returns a new object, otherwise
+   * it returns ctx. It initialises all the members as follows:
+   * flags = TS_VFY_ALL_IMPRINT & ~(TS_VFY_TSA_NAME | TS_VFY_SIGNATURE)
+   * certs = NULL
+   * store = NULL
+   * policy = policy from the request or NULL if absent (in this case
+   *      TS_VFY_POLICY is cleared from flags as well)
+   * md_alg = MD algorithm from request
+   * imprint, imprint_len = imprint from request
+   * data = NULL
+   * nonce, nonce_len = nonce from the request or NULL if absent (in this case
+   *      TS_VFY_NONCE is cleared from flags as well)
+   * tsa_name = NULL
+   * Important: after calling this method TS_VFY_SIGNATURE should be added!
+   *)
+  function TS_REQ_to_TS_VERIFY_CTX(req: PTS_REQ; ctx: PTS_VERIFY_CTX): PTS_VERIFY_CTX cdecl; external CLibCrypto;
+
+  (* Function declarations for TS_RESP defined in ts/ts_resp_print.c *)
+
+  function TS_RESP_print_bio(bio: PBIO; a: PTS_RESP): TIdC_INT cdecl; external CLibCrypto;
+  function TS_STATUS_INFO_print_bio(bio: PBIO; a: PTS_STATUS_INFO): TIdC_INT cdecl; external CLibCrypto;
+  function TS_TST_INFO_print_bio(bio: PBIO; a: PTS_TST_Info): TIdC_INT cdecl; external CLibCrypto;
+
+  (* Common utility functions defined in ts/ts_lib.c *)
+
+  function TS_ASN1_INTEGER_print_bio(bio: PBIO; const num: PASN1_INTEGER): TIdC_INT cdecl; external CLibCrypto;
+  function TS_OBJ_print_bio(bio: PBIO; const obj: PASN1_Object): TIdC_INT cdecl; external CLibCrypto;
+  //function TS_ext_print_bio(bio: PBIO; const STACK_OF(): X509_Extension * extensions): TIdC_INT;
+  function TS_X509_ALGOR_print_bio(bio: PBIO; const alg: PX509_ALGOr): TIdC_INT cdecl; external CLibCrypto;
+  function TS_MSG_IMPRINT_print_bio(bio: PBIO; msg: PTS_MSG_IMPRINT): TIdC_INT cdecl; external CLibCrypto;
+
+  (*
+   * Function declarations for handling configuration options, defined in
+   * ts/ts_conf.c
+   *)
+
+  function TS_CONF_load_cert(&file: PIdAnsiChar): PX509 cdecl; external CLibCrypto;
+  function TS_CONF_load_key( &file: PIdAnsiChar; pass: PIdAnsiChar): PEVP_PKey cdecl; external CLibCrypto;
+  function TS_CONF_set_serial(conf: PCONF; section: PIdAnsiChar; cb: TS_serial_cb; ctx: PTS_RESP_CTX): TIdC_INT cdecl; external CLibCrypto;
+  //STACK_OF(X509) *TS_CONF_load_certs(const char *file);
+  function TS_CONF_get_tsa_section(conf: PCONF; const section: PIdAnsiChar): PIdAnsiChar cdecl; external CLibCrypto;
+  function TS_CONF_set_crypto_device(conf: PCONF; section: PIdAnsiChar; device: PIdAnsiChar): TIdC_INT cdecl; external CLibCrypto;
+  function TS_CONF_set_default_engine(name: PIdAnsiChar): TIdC_INT cdecl; external CLibCrypto;
+  function TS_CONF_set_signer_cert(conf: PCONF; section: PIdAnsiChar; cert: PIdAnsiChar; ctx: PTS_RESP_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function TS_CONF_set_certs(conf: PCONF; section: PIdAnsiChar; certs: PIdAnsiChar; ctx: PTS_RESP_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function TS_CONF_set_signer_key(conf: PCONF; const section: PIdAnsiChar; key: PIdAnsiChar; pass: PIdAnsiChar; ctx: PTS_RESP_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function TS_CONF_set_signer_digest(conf: PCONF; section: PIdAnsiChar; md: PIdAnsiChar; ctx: PTS_RESP_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function TS_CONF_set_def_policy(conf: PCONF; section: PIdAnsiChar; policy: PIdAnsiChar; ctx: PTS_RESP_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function TS_CONF_set_policies(conf: PCONF; section: PIdAnsiChar; ctx: PTS_RESP_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function TS_CONF_set_digests(conf: PCONF; section: PIdAnsiChar; ctx: PTS_RESP_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function TS_CONF_set_accuracy(conf: PCONF; section: PIdAnsiChar; ctx: PTS_RESP_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function TS_CONF_set_clock_precision_digits(conf: PCONF; section: PIdAnsiChar; ctx: PTS_RESP_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function TS_CONF_set_ordering(conf: PCONF; section: PIdAnsiChar; ctx: PTS_RESP_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function TS_CONF_set_tsa_name(conf: PCONF; section: PIdAnsiChar; ctx: PTS_RESP_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function TS_CONF_set_ess_cert_id_chain(conf: PCONF; section: PIdAnsiChar; ctx: PTS_RESP_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function TS_CONF_set_ess_cert_id_digest(conf: PCONF; section: PIdAnsiChar; ctx: PTS_RESP_CTX): TIdC_INT cdecl; external CLibCrypto;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_tserr.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_tserr.pas
new file mode 100644
index 000000000..92d1b7429
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_tserr.pas
@@ -0,0 +1,156 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 14:51:27
+
+unit IdOpenSSLHeaders_tserr;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// tserr.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+const
+  (*
+   * TS function codes.
+   *)
+  TS_F_DEF_SERIAL_CB = 110;
+  TS_F_DEF_TIME_CB = 111;
+  TS_F_ESS_ADD_SIGNING_CERT = 112;
+  TS_F_ESS_ADD_SIGNING_CERT_V2 = 147;
+  TS_F_ESS_CERT_ID_NEW_INIT = 113;
+  TS_F_ESS_CERT_ID_V2_NEW_INIT = 156;
+  TS_F_ESS_SIGNING_CERT_NEW_INIT = 114;
+  TS_F_ESS_SIGNING_CERT_V2_NEW_INIT = 157;
+  TS_F_INT_TS_RESP_VERIFY_TOKEN = 149;
+  TS_F_PKCS7_TO_TS_TST_INFO = 148;
+  TS_F_TS_ACCURACY_SET_MICROS = 115;
+  TS_F_TS_ACCURACY_SET_MILLIS = 116;
+  TS_F_TS_ACCURACY_SET_SECONDS = 117;
+  TS_F_TS_CHECK_IMPRINTS = 100;
+  TS_F_TS_CHECK_NONCES = 101;
+  TS_F_TS_CHECK_POLICY = 102;
+  TS_F_TS_CHECK_SIGNING_CERTS = 103;
+  TS_F_TS_CHECK_STATUS_INFO = 104;
+  TS_F_TS_COMPUTE_IMPRINT = 145;
+  TS_F_TS_CONF_INVALID = 151;
+  TS_F_TS_CONF_LOAD_CERT = 153;
+  TS_F_TS_CONF_LOAD_CERTS = 154;
+  TS_F_TS_CONF_LOAD_KEY = 155;
+  TS_F_TS_CONF_LOOKUP_FAIL = 152;
+  TS_F_TS_CONF_SET_DEFAULT_ENGINE = 146;
+  TS_F_TS_GET_STATUS_TEXT = 105;
+  TS_F_TS_MSG_IMPRINT_SET_ALGO = 118;
+  TS_F_TS_REQ_SET_MSG_IMPRINT = 119;
+  TS_F_TS_REQ_SET_NONCE = 120;
+  TS_F_TS_REQ_SET_POLICY_ID = 121;
+  TS_F_TS_RESP_CREATE_RESPONSE = 122;
+  TS_F_TS_RESP_CREATE_TST_INFO = 123;
+  TS_F_TS_RESP_CTX_ADD_FAILURE_INFO = 124;
+  TS_F_TS_RESP_CTX_ADD_MD = 125;
+  TS_F_TS_RESP_CTX_ADD_POLICY = 126;
+  TS_F_TS_RESP_CTX_NEW = 127;
+  TS_F_TS_RESP_CTX_SET_ACCURACY = 128;
+  TS_F_TS_RESP_CTX_SET_CERTS = 129;
+  TS_F_TS_RESP_CTX_SET_DEF_POLICY = 130;
+  TS_F_TS_RESP_CTX_SET_SIGNER_CERT = 131;
+  TS_F_TS_RESP_CTX_SET_STATUS_INFO = 132;
+  TS_F_TS_RESP_GET_POLICY = 133;
+  TS_F_TS_RESP_SET_GENTIME_WITH_PRECISION = 134;
+  TS_F_TS_RESP_SET_STATUS_INFO = 135;
+  TS_F_TS_RESP_SET_TST_INFO = 150;
+  TS_F_TS_RESP_SIGN = 136;
+  TS_F_TS_RESP_VERIFY_SIGNATURE = 106;
+  TS_F_TS_TST_INFO_SET_ACCURACY = 137;
+  TS_F_TS_TST_INFO_SET_MSG_IMPRINT = 138;
+  TS_F_TS_TST_INFO_SET_NONCE = 139;
+  TS_F_TS_TST_INFO_SET_POLICY_ID = 140;
+  TS_F_TS_TST_INFO_SET_SERIAL = 141;
+  TS_F_TS_TST_INFO_SET_TIME = 142;
+  TS_F_TS_TST_INFO_SET_TSA = 143;
+  TS_F_TS_VERIFY = 108;
+  TS_F_TS_VERIFY_CERT = 109;
+  TS_F_TS_VERIFY_CTX_NEW = 144;
+
+  (*
+   * TS reason codes.
+   *)
+  TS_R_BAD_PKCS7_TYPE = 132;
+  TS_R_BAD_TYPE = 133;
+  TS_R_CANNOT_LOAD_CERT = 137;
+  TS_R_CANNOT_LOAD_KEY = 138;
+  TS_R_CERTIFICATE_VERIFY_ERROR = 100;
+  TS_R_COULD_NOT_SET_ENGINE = 127;
+  TS_R_COULD_NOT_SET_TIME = 115;
+  TS_R_DETACHED_CONTENT = 134;
+  TS_R_ESS_ADD_SIGNING_CERT_ERROR = 116;
+  TS_R_ESS_ADD_SIGNING_CERT_V2_ERROR = 139;
+  TS_R_ESS_SIGNING_CERTIFICATE_ERROR = 101;
+  TS_R_INVALID_NULL_POINTER = 102;
+  TS_R_INVALID_SIGNER_CERTIFICATE_PURPOSE = 117;
+  TS_R_MESSAGE_IMPRINT_MISMATCH = 103;
+  TS_R_NONCE_MISMATCH = 104;
+  TS_R_NONCE_NOT_RETURNED = 105;
+  TS_R_NO_CONTENT = 106;
+  TS_R_NO_TIME_STAMP_TOKEN = 107;
+  TS_R_PKCS7_ADD_SIGNATURE_ERROR = 118;
+  TS_R_PKCS7_ADD_SIGNED_ATTR_ERROR = 119;
+  TS_R_PKCS7_TO_TS_TST_INFO_FAILED = 129;
+  TS_R_POLICY_MISMATCH = 108;
+  TS_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE = 120;
+  TS_R_RESPONSE_SETUP_ERROR = 121;
+  TS_R_SIGNATURE_FAILURE = 109;
+  TS_R_THERE_MUST_BE_ONE_SIGNER = 110;
+  TS_R_TIME_SYSCALL_ERROR = 122;
+  TS_R_TOKEN_NOT_PRESENT = 130;
+  TS_R_TOKEN_PRESENT = 131;
+  TS_R_TSA_NAME_MISMATCH = 111;
+  TS_R_TSA_UNTRUSTED = 112;
+  TS_R_TST_INFO_SETUP_ERROR = 123;
+  TS_R_TS_DATASIGN = 124;
+  TS_R_UNACCEPTABLE_POLICY = 125;
+  TS_R_UNSUPPORTED_MD_ALGORITHM = 126;
+  TS_R_UNSUPPORTED_VERSION = 113;
+  TS_R_VAR_BAD_VALUE = 135;
+  TS_R_VAR_LOOKUP_FAILURE = 136;
+  TS_R_WRONG_CONTENT_TYPE = 114;
+
+  function ERR_load_TS_strings: TIdC_INT cdecl; external CLibCrypto;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_txt_db.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_txt_db.pas
new file mode 100644
index 000000000..2d0ebe4f4
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_txt_db.pas
@@ -0,0 +1,87 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 14:51:27
+
+unit IdOpenSSLHeaders_txt_db;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// txt_db.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts,
+  IdOpenSSLHeaders_ossl_typ;
+
+const
+  DB_ERROR_OK = 0;
+  DB_ERROR_MALLOC = 1;
+  DB_ERROR_INDEX_CLASH = 2;
+  DB_ERROR_INDEX_OUT_OF_RANGE = 3;
+  DB_ERROR_NO_INDEX = 4;
+  DB_ERROR_INSERT_INDEX_CLASH = 5;
+  DB_ERROR_WRONG_NUM_FIELDS = 6;
+
+type
+  OPENSSL_STRING = type Pointer;
+  POPENSSL_STRING = ^OPENSSL_STRING;
+// DEFINE_SPECIAL_STACK_OF(OPENSSL_PSTRING, OPENSSL_STRING)
+
+  qual_func =  function (v1: POPENSSL_STRING): TIdC_INT;
+  txt_db_st = record
+    num_fields: TIdC_INT;
+    data: Pointer; // STACK_OF(OPENSSL_PSTRING) *
+    index: Pointer; // LHASH_OF(OPENSSL_STRING) **
+    qual: qual_func;
+    error: TIdC_LONG;
+    arg1: TIdC_LONG;
+    arg2: TIdC_LONG;
+    arg_row: POPENSSL_STRING;
+  end;
+  TXT_DB = txt_db_st;
+  PTXT_DB = ^TXT_DB;
+
+  TXT_DB_create_index_qual = function(v1: POPENSSL_STRING): TIdC_INT;
+
+  function TXT_DB_read(&in: PBIO; num: TIdC_INT): PTXT_DB cdecl; external CLibCrypto;
+  function TXT_DB_write(&out: PBIO; db: PTXT_DB): TIdC_LONG cdecl; external CLibCrypto;
+  //function TXT_DB_create_index(db: PTXT_DB; field: TIdC_INT; qual: TXT_DB_create_index_qual; hash: OPENSSL_LH_HashFunc; cmp: OPENSSL_LH_COMPFUNC): TIdC_INT;
+  procedure TXT_DB_free(db: PTXT_DB) cdecl; external CLibCrypto;
+  function TXT_DB_get_by_index(db: PTXT_DB; idx: TIdC_INT; value: POPENSSL_STRING): POPENSSL_STRING cdecl; external CLibCrypto;
+  function TXT_DB_insert(db: PTXT_DB; value: POPENSSL_STRING): TIdC_INT cdecl; external CLibCrypto;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ui.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ui.pas
new file mode 100644
index 000000000..2bfb06369
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ui.pas
@@ -0,0 +1,383 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 14:51:27
+
+unit IdOpenSSLHeaders_ui;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// ui.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts,
+  IdOpenSSLHeaders_ossl_typ,
+  IdOpenSSLHeaders_crypto,
+  IdOpenSSLHeaders_pem,
+  IdOpenSSLHeaders_uierr;
+
+{$MINENUMSIZE 4}
+
+const
+  (* These are the possible flags.  They can be or'ed together. *)
+  (* Use to have echoing of input *)
+  UI_INPUT_FLAG_ECHO = $01;
+  (*
+   * Use a default password.  Where that password is found is completely up to
+   * the application, it might for example be in the user data set with
+   * UI_add_user_data().  It is not recommended to have more than one input in
+   * each UI being marked with this flag, or the application might get
+   * confused.
+   *)
+  UI_INPUT_FLAG_DEFAULT_PWD = $02;
+
+
+  (*
+   * The user of these routines may want to define flags of their own.  The core
+   * UI won't look at those, but will pass them on to the method routines.  They
+   * must use higher bits so they don't get confused with the UI bits above.
+   * UI_INPUT_FLAG_USER_BASE tells which is the lowest bit to use.  A good
+   * example of use is this:
+   *
+   *    #define MY_UI_FLAG1       (0x01 << UI_INPUT_FLAG_USER_BASE)
+   *
+  *)
+  UI_INPUT_FLAG_USER_BASE = 16;
+
+  (* The commands *)
+  (*
+   * Use UI_CONTROL_PRINT_ERRORS with the value 1 to have UI_process print the
+   * OpenSSL error stack before printing any info or added error messages and
+   * before any prompting.
+   *)
+  UI_CTRL_PRINT_ERRORS = 1;
+  (*
+   * Check if a UI_process() is possible to do again with the same instance of
+   * a user interface.  This makes UI_ctrl() return 1 if it is redoable, and 0
+   * if not.
+   *)
+  UI_CTRL_IS_REDOABLE = 2;
+
+type
+  (*
+   * Give a user interface parameterised control commands.  This can be used to
+   * send down an integer, a data pointer or a function pointer, as well as be
+   * used to get information from a UI.
+   *)
+  UI_ctrl_f = procedure;
+
+  (*
+   * The UI_STRING type is the data structure that contains all the needed info
+   * about a string or a prompt, including test data for a verification prompt.
+   *)
+  ui_string_st = type Pointer;
+  UI_STRING = ui_string_st;
+  PUI_STRING = ^UI_STRING;
+// DEFINE_STACK_OF(UI_STRING)
+
+  (*
+   * The different types of strings that are currently supported. This is only
+   * needed by method authors.
+   *)
+  UI_string_types = (
+    UIT_NONE = 0,
+    UIT_PROMPT,                 (* Prompt for a string *)
+    UIT_VERIFY,                 (* Prompt for a string and verify *)
+    UIT_BOOLEAN,                (* Prompt for a yes/no response *)
+    UIT_INFO,                   (* Send info to the user *)
+    UIT_ERROR                   (* Send an error message to the user *)
+  );
+
+  (* Create and manipulate methods *)
+  UI_method_opener_cb = function(ui: PUI): TIdC_INT;
+  UI_method_writer_cb = function(ui: PUI; uis: PUI_String): TIdC_INT;
+  UI_method_flusher_cb = function(ui: PUI): TIdC_INT;
+  UI_method_reader_cb = function(ui: PUI; uis: PUI_String): TIdC_INT;
+  UI_method_closer_cb = function(ui: PUI): TIdC_INT;
+  UI_method_data_duplicator_cb = function(ui: PUI; ui_data: Pointer): Pointer;
+  UI_method_data_destructor_cb = procedure(ui: PUI; ui_data: Pointer);
+  UI_method_prompt_constructor_cb = function(ui: PUI; const object_desc: PIdAnsiChar; const object_name: PIdAnsiChar): PIdAnsiChar;
+
+  (*
+   * All the following functions return -1 or NULL on error and in some cases
+   * (UI_process()) -2 if interrupted or in some other way cancelled. When
+   * everything is fine, they return 0, a positive value or a non-NULL pointer,
+   * all depending on their purpose.
+   *)
+
+  (* Creators and destructor.   *)
+  function UI_new: PUI cdecl; external CLibCrypto;
+  function UI_new_method(const method: PUI_Method): PUI cdecl; external CLibCrypto;
+  procedure UI_free(ui: PUI) cdecl; external CLibCrypto;
+
+  (*
+   * The following functions are used to add strings to be printed and prompt
+   * strings to prompt for data.  The names are UI_{add,dup}_<function>_string
+   * and UI_{add,dup}_input_boolean.
+   *
+   * UI_{add,dup}_<function>_string have the following meanings:
+   *      add     add a text or prompt string.  The pointers given to these
+   *              functions are used verbatim, no copying is done.
+   *      dup     make a copy of the text or prompt string, then add the copy
+   *              to the collection of strings in the user interface.
+   *      <function>
+   *              The function is a name for the functionality that the given
+   *              string shall be used for.  It can be one of:
+   *                      input   use the string as data prompt.
+   *                      verify  use the string as verification prompt.  This
+   *                              is used to verify a previous input.
+   *                      info    use the string for informational output.
+   *                      error   use the string for error output.
+   * Honestly, there's currently no difference between info and error for the
+   * moment.
+   *
+   * UI_{add,dup}_input_boolean have the same semantics for "add" and "dup",
+   * and are typically used when one wants to prompt for a yes/no response.
+   *
+   * All of the functions in this group take a UI and a prompt string.
+   * The string input and verify addition functions also take a flag argument,
+   * a buffer for the result to end up with, a minimum input size and a maximum
+   * input size (the result buffer MUST be large enough to be able to contain
+   * the maximum number of characters).  Additionally, the verify addition
+   * functions takes another buffer to compare the result against.
+   * The boolean input functions take an action description string (which should
+   * be safe to ignore if the expected user action is obvious, for example with
+   * a dialog box with an OK button and a Cancel button), a string of acceptable
+   * characters to mean OK and to mean Cancel.  The two last strings are checked
+   * to make sure they don't have common characters.  Additionally, the same
+   * flag argument as for the string input is taken, as well as a result buffer.
+   * The result buffer is required to be at least one byte long.  Depending on
+   * the answer, the first character from the OK or the Cancel character strings
+   * will be stored in the first byte of the result buffer.  No NUL will be
+   * added, so the result is *not* a string.
+   *
+   * On success, the all return an index of the added information.  That index
+   * is useful when retrieving results with UI_get0_result(). *)
+
+  function UI_add_input_string(ui: PUI; const prompt: PIdAnsiChar; flags: TIdC_INT; result_buf: PIdAnsiChar; minsize: TIdC_INT; maxsize: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function UI_dup_input_string(ui: PUI; const prompt: PIdAnsiChar; flags: TIdC_INT; result_buf: PIdAnsiChar; minsize: TIdC_INT; maxsize: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function UI_add_verify_string(ui: PUI; const prompt: PIdAnsiChar; flags: TIdC_INT; result_buf: PIdAnsiChar; minsize: TIdC_INT; maxsize: TIdC_INT; const test_buf: PIdAnsiChar): TIdC_INT cdecl; external CLibCrypto;
+  function UI_dup_verify_string(ui: PUI; const prompt: PIdAnsiChar; flags: TIdC_INT; result_buf: PIdAnsiChar; minsize: TIdC_INT; maxsize: TIdC_INT; const test_buf: PIdAnsiChar): TIdC_INT cdecl; external CLibCrypto;
+  function UI_add_input_boolean(ui: PUI; const prompt: PIdAnsiChar; const action_desc: PIdAnsiChar; const ok_chars: PIdAnsiChar; const cancel_chars: PIdAnsiChar; flags: TIdC_INT; result_buf: PIdAnsiChar): TIdC_INT cdecl; external CLibCrypto;
+  function UI_dup_input_boolean(ui: PUI; const prompt: PIdAnsiChar; const action_desc: PIdAnsiChar; const ok_chars: PIdAnsiChar; const cancel_chars: PIdAnsiChar; flags: TIdC_INT; result_buf: PIdAnsiChar): TIdC_INT cdecl; external CLibCrypto;
+  function UI_add_info_string(ui: PUI; const text: PIdAnsiChar): TIdC_INT cdecl; external CLibCrypto;
+  function UI_dup_info_string(ui: PUI; const text: PIdAnsiChar): TIdC_INT cdecl; external CLibCrypto;
+  function UI_add_error_string(ui: PUI; const text: PIdAnsiChar): TIdC_INT cdecl; external CLibCrypto;
+  function UI_dup_error_string(ui: PUI; const text: PIdAnsiChar): TIdC_INT cdecl; external CLibCrypto;
+
+  (*
+   * The following function helps construct a prompt.  object_desc is a
+   * textual short description of the object, for example "pass phrase",
+   * and object_name is the name of the object (might be a card name or
+   * a file name.
+   * The returned string shall always be allocated on the heap with
+   * OPENSSL_malloc(), and need to be free'd with OPENSSL_free().
+   *
+   * If the ui_method doesn't contain a pointer to a user-defined prompt
+   * constructor, a default string is built, looking like this:
+   *
+   *       "Enter {object_desc} for {object_name}:"
+   *
+   * So, if object_desc has the value "pass phrase" and object_name has
+   * the value "foo.key", the resulting string is:
+   *
+   *       "Enter pass phrase for foo.key:"
+   *)
+  function UI_construct_prompt(ui_method: PUI; const object_desc: PIdAnsiChar; const object_name: PIdAnsiChar): PIdAnsiChar cdecl; external CLibCrypto;
+
+  (*
+   * The following function is used to store a pointer to user-specific data.
+   * Any previous such pointer will be returned and replaced.
+   *
+   * For callback purposes, this function makes a lot more sense than using
+   * ex_data, since the latter requires that different parts of OpenSSL or
+   * applications share the same ex_data index.
+   *
+   * Note that the UI_OpenSSL() method completely ignores the user data. Other
+   * methods may not, however.
+   *)
+  function UI_add_user_data(ui: PUI; user_data: Pointer): Pointer cdecl; external CLibCrypto;
+  (*
+   * Alternatively, this function is used to duplicate the user data.
+   * This uses the duplicator method function.  The destroy function will
+   * be used to free the user data in this case.
+   *)
+  function UI_dup_user_data(ui: PUI; user_data: Pointer): TIdC_INT cdecl; external CLibCrypto;
+  (* We need a user data retrieving function as well.  *)
+  function UI_get0_user_data(ui: PUI): Pointer cdecl; external CLibCrypto;
+
+  (* Return the result associated with a prompt given with the index i. *)
+  function UI_get0_result(ui: PUI; i: TIdC_INT): PIdAnsiChar cdecl; external CLibCrypto;
+  function UI_get_result_length(ui: PUI; i: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+
+  (* When all strings have been added, process the whole thing. *)
+  function UI_process(ui: PUI): TIdC_INT cdecl; external CLibCrypto;
+
+  (*
+   * Give a user interface parameterised control commands.  This can be used to
+   * send down an integer, a data pointer or a function pointer, as well as be
+   * used to get information from a UI.
+   *)
+  function UI_ctrl(ui: PUI; cmd: TIdC_INT; i: TIdC_LONG; p: Pointer; f: UI_ctrl_f): TIdC_INT cdecl; external CLibCrypto;
+
+
+  (* Some methods may use extra data *)
+  //# define UI_set_app_data(s,arg)         UI_set_ex_data(s,0,arg)
+  //# define UI_get_app_data(s)             UI_get_ex_data(s,0)
+
+  //# define UI_get_ex_new_index(l, p, newf, dupf, freef) \
+  //    CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_UI, l, p, newf, dupf, freef)
+  function UI_set_ex_data(r: PUI; idx: TIdC_INT; arg: Pointer): TIdC_INT cdecl; external CLibCrypto;
+  function UI_get_ex_data(r: PUI; idx: TIdC_INT): Pointer cdecl; external CLibCrypto;
+
+  (* Use specific methods instead of the built-in one *)
+  procedure UI_set_default_method(const meth: PUI_Method) cdecl; external CLibCrypto;
+  function UI_get_default_method: PUI_METHOD cdecl; external CLibCrypto;
+  function UI_get_method(ui: PUI): PUI_METHOD cdecl; external CLibCrypto;
+  function UI_set_method(ui: PUI; const meth: PUI_METHOD): PUI_METHOD cdecl; external CLibCrypto;
+
+  (* The method with all the built-in thingies *)
+  function UI_OpenSSL: PUI_Method cdecl; external CLibCrypto;
+
+  (*
+   * NULL method.  Literally does nothing, but may serve as a placeholder
+   * to avoid internal default.
+   *)
+  function UI_null: PUI_METHOD cdecl; external CLibCrypto;
+
+  (* ---------- For method writers ---------- *)
+  (*
+     A method contains a number of functions that implement the low level
+     of the User Interface.  The functions are:
+
+          an opener       This function starts a session, maybe by opening
+                          a channel to a tty, or by opening a window.
+          a writer        This function is called to write a given string,
+                          maybe to the tty, maybe as a field label in a
+                          window.
+          a flusher       This function is called to flush everything that
+                          has been output so far.  It can be used to actually
+                          display a dialog box after it has been built.
+          a reader        This function is called to read a given prompt,
+                          maybe from the tty, maybe from a field in a
+                          window.  Note that it's called with all string
+                          structures, not only the prompt ones, so it must
+                          check such things itself.
+          a closer        This function closes the session, maybe by closing
+                          the channel to the tty, or closing the window.
+
+     All these functions are expected to return:
+
+          0       on error.
+          1       on success.
+          -1      on out-of-band events, for example if some prompting has
+                  been canceled (by pressing Ctrl-C, for example).  This is
+                  only checked when returned by the flusher or the reader.
+
+     The way this is used, the opener is first called, then the writer for all
+     strings, then the flusher, then the reader for all strings and finally the
+     closer.  Note that if you want to prompt from a terminal or other command
+     line interface, the best is to have the reader also write the prompts
+     instead of having the writer do it.  If you want to prompt from a dialog
+     box, the writer can be used to build up the contents of the box, and the
+     flusher to actually display the box and run the event loop until all data
+     has been given, after which the reader only grabs the given data and puts
+     them back into the UI strings.
+
+     All method functions take a UI as argument.  Additionally, the writer and
+     the reader take a UI_STRING.
+  *)
+
+  function UI_create_method(const name: PIdAnsiChar): PUI_Method cdecl; external CLibCrypto;
+  procedure UI_destroy_method(ui_method: PUI_Method) cdecl; external CLibCrypto;
+
+  function UI_method_set_opener(method: PUI_Method; opener: UI_method_opener_cb): TIdC_INT cdecl; external CLibCrypto;
+  function UI_method_set_writer(method: PUI_Method; writer: UI_method_writer_cb): TIdC_INT cdecl; external CLibCrypto;
+  function UI_method_set_flusher(method: PUI_Method; flusher: UI_method_flusher_cb): TIdC_INT cdecl; external CLibCrypto;
+  function UI_method_set_reader(method: PUI_Method; reader: UI_method_reader_cb): TIdC_INT cdecl; external CLibCrypto;
+  function UI_method_set_closer(method: PUI_Method; closer: UI_method_closer_cb): TIdC_INT cdecl; external CLibCrypto;
+  function UI_method_set_data_duplicator(method: PUI_Method; duplicator: UI_method_data_duplicator_cb; &destructor: UI_method_data_destructor_cb): TIdC_INT cdecl; external CLibCrypto;
+  function UI_method_set_prompt_constructor(method: PUI_Method; prompt_constructor: UI_method_prompt_constructor_cb): TIdC_INT cdecl; external CLibCrypto;
+  function UI_method_set_ex_data(method: PUI_Method; idx: TIdC_INT; data: Pointer): TIdC_INT cdecl; external CLibCrypto;
+
+  function UI_method_get_opener(const method: PUI_METHOD): UI_method_opener_cb cdecl; external CLibCrypto;
+  function UI_method_get_writer(const method: PUI_METHOD): UI_method_writer_cb cdecl; external CLibCrypto;
+  function UI_method_get_flusher(const method: PUI_METHOD): UI_method_flusher_cb cdecl; external CLibCrypto;
+  function UI_method_get_reader(const method: PUI_METHOD): UI_method_reader_cb cdecl; external CLibCrypto;
+  function UI_method_get_closer(const method: PUI_METHOD): UI_method_closer_cb cdecl; external CLibCrypto;
+  function UI_method_get_prompt_constructor(const method: PUI_METHOD): UI_method_prompt_constructor_cb cdecl; external CLibCrypto;
+  function UI_method_get_data_duplicator(const method: PUI_METHOD): UI_method_data_duplicator_cb cdecl; external CLibCrypto;
+  function UI_method_get_data_destructor(const method: PUI_METHOD): UI_method_data_destructor_cb cdecl; external CLibCrypto;
+  function UI_method_get_ex_data(const method: PUI_METHOD; idx: TIdC_INT): Pointer cdecl; external CLibCrypto;
+
+  (*
+   * The following functions are helpers for method writers to access relevant
+   * data from a UI_STRING.
+   *)
+
+  (* Return type of the UI_STRING *)
+  function UI_get_string_type(uis: PUI_String): UI_string_types cdecl; external CLibCrypto;
+  (* Return input flags of the UI_STRING *)
+  function UI_get_input_flags(uis: PUI_String): TIdC_INT cdecl; external CLibCrypto;
+  (* Return the actual string to output (the prompt, info or error) *)
+  function UI_get0_output_string(uis: PUI_String): PIdAnsiChar cdecl; external CLibCrypto;
+  (*
+   * Return the optional action string to output (the boolean prompt
+   * instruction)
+   *)
+  function UI_get0_action_string(uis: PUI_String): PIdAnsiChar cdecl; external CLibCrypto;
+  (* Return the result of a prompt *)
+  function UI_get0_result_string(uis: PUI_String): PIdAnsiChar cdecl; external CLibCrypto;
+  function UI_get_result_string_length(uis: PUI_String): TIdC_INT cdecl; external CLibCrypto;
+  (*
+   * Return the string to test the result against.  Only useful with verifies.
+   *)
+  function UI_get0_test_string(uis: PUI_String): PIdAnsiChar cdecl; external CLibCrypto;
+  (* Return the required minimum size of the result *)
+  function UI_get_result_minsize(uis: PUI_String): TIdC_INT cdecl; external CLibCrypto;
+  (* Return the required maximum size of the result *)
+  function UI_get_result_maxsize(uis: PUI_String): TIdC_INT cdecl; external CLibCrypto;
+  (* Set the result of a UI_STRING. *)
+  function UI_set_result(ui: PUI; uis: PUI_String; const result: PIdAnsiChar): TIdC_INT cdecl; external CLibCrypto;
+  function UI_set_result_ex(ui: PUI; uis: PUI_String; const result: PIdAnsiChar; len: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+
+  (* A couple of popular utility functions *)
+  function UI_UTIL_read_pw_string(buf: PIdAnsiChar; length: TIdC_INT; const prompt: PIdAnsiChar; verify: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function UI_UTIL_read_pw(buf: PIdAnsiChar; buff: PIdAnsiChar; size: TIdC_INT; const prompt: PIdAnsiChar; verify: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function UI_UTIL_wrap_read_pem_callback(cb: pem_password_cb; rwflag: TIdC_INT): PUI_Method cdecl; external CLibCrypto;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_uierr.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_uierr.pas
new file mode 100644
index 000000000..5ab95af7a
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_uierr.pas
@@ -0,0 +1,94 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 14:51:27
+
+unit IdOpenSSLHeaders_uierr;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// uierr.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+const
+  (*
+   * UI function codes.
+   *)
+  UI_F_CLOSE_CONSOLE = 115;
+  UI_F_ECHO_CONSOLE = 116;
+  UI_F_GENERAL_ALLOCATE_BOOLEAN = 108;
+  UI_F_GENERAL_ALLOCATE_PROMPT = 109;
+  UI_F_NOECHO_CONSOLE = 117;
+  UI_F_OPEN_CONSOLE = 114;
+  UI_F_UI_CONSTRUCT_PROMPT = 121;
+  UI_F_UI_CREATE_METHOD = 112;
+  UI_F_UI_CTRL = 111;
+  UI_F_UI_DUP_ERROR_STRING = 101;
+  UI_F_UI_DUP_INFO_STRING = 102;
+  UI_F_UI_DUP_INPUT_BOOLEAN = 110;
+  UI_F_UI_DUP_INPUT_STRING = 103;
+  UI_F_UI_DUP_USER_DATA = 118;
+  UI_F_UI_DUP_VERIFY_STRING = 106;
+  UI_F_UI_GET0_RESULT = 107;
+  UI_F_UI_GET_RESULT_LENGTH = 119;
+  UI_F_UI_NEW_METHOD = 104;
+  UI_F_UI_PROCESS = 113;
+  UI_F_UI_SET_RESULT = 105;
+  UI_F_UI_SET_RESULT_EX = 120;
+
+  (*
+   * UI reason codes.
+   *)
+  UI_R_COMMON_OK_AND_CANCEL_CHARACTERS = 104;
+  UI_R_INDEX_TOO_LARGE = 102;
+  UI_R_INDEX_TOO_SMALL = 103;
+  UI_R_NO_RESULT_BUFFER = 105;
+  UI_R_PROCESSING_ERROR = 107;
+  UI_R_RESULT_TOO_LARGE = 100;
+  UI_R_RESULT_TOO_SMALL = 101;
+  UI_R_SYSASSIGN_ERROR = 109;
+  UI_R_SYSDASSGN_ERROR = 110;
+  UI_R_SYSQIOW_ERROR = 111;
+  UI_R_UNKNOWN_CONTROL_COMMAND = 106;
+  UI_R_UNKNOWN_TTYGET_ERRNO_VALUE = 108;
+  UI_R_USER_DATA_DUPLICATION_UNSUPPORTED = 112;
+
+  function ERR_load_UI_strings: TIdC_INT cdecl; external CLibCrypto;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_whrlpool.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_whrlpool.pas
new file mode 100644
index 000000000..afafe9550
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_whrlpool.pas
@@ -0,0 +1,75 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 14:51:27
+
+unit IdOpenSSLHeaders_whrlpool;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// whrlpool.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+const
+  WHIRLPOOL_DIGEST_LENGTH = 512 div 8;
+  WHIRLPOOL_BBLOCK = 512;
+  WHIRLPOOL_COUNTER = 256 div 8;
+
+type
+  WHIRLPOOL_CTX_union = record
+    case Byte of
+      0: (c: array[0 .. WHIRLPOOL_DIGEST_LENGTH -1] of Byte);
+      (* double q is here to ensure 64-bit alignment *)
+      1: (q: array[0 .. (WHIRLPOOL_DIGEST_LENGTH div SizeOf(TIdC_DOUBLE)) -1] of TIdC_DOUBLE);
+  end;
+  WHIRLPOOL_CTX = record
+    H: WHIRLPOOL_CTX_union;
+    data: array[0 .. (WHIRLPOOL_BBLOCK div 8) -1] of Byte;
+    bitoff: TIdC_UINT;
+    bitlen: array[0 .. (WHIRLPOOL_COUNTER div SizeOf(TIdC_SIZET)) -1] of TIdC_SIZET;
+  end;
+  PWHIRLPOOL_CTX = ^WHIRLPOOL_CTX;
+
+  function WHIRLPOOL_Init(c: PWHIRLPOOL_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function WHIRLPOOL_Update(c: PWHIRLPOOL_CTX; inp: Pointer; bytes: TIdC_SIZET): TIdC_INT cdecl; external CLibCrypto;
+  procedure WHIRLPOOL_BitUpdate(c: PWHIRLPOOL_CTX; inp: Pointer; bits: TIdC_SIZET) cdecl; external CLibCrypto;
+  function WHIRLPOOL_Final(md: PByte; c: PWHIRLPOOL_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function WHIRLPOOL(inp: Pointer; bytes: TIdC_SIZET; md: PByte): PByte cdecl; external CLibCrypto;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_x509.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_x509.pas
new file mode 100644
index 000000000..3731de768
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_x509.pas
@@ -0,0 +1,976 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 14:51:27
+
+unit IdOpenSSLHeaders_x509;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// x509.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts,
+  IdOpenSSLHeaders_asn1,
+  IdOpenSSLHeaders_bio,
+  IdOpenSSLHeaders_evp,
+  IdOpenSSLHeaders_ossl_typ;
+
+type
+  X509_ALGORS = type Pointer;
+
+const
+  (* Flags for X509_get_signature_info() *)
+  (* Signature info is valid *)
+  X509_SIG_INFO_VALID = $1;
+  (* Signature is suitable for TLS use *)
+  X509_SIG_INFO_TLS = $2;
+
+  X509_FILETYPE_PEM     = 1;
+  X509_FILETYPE_ASN1    = 2;
+  X509_FILETYPE_DEFAULT = 3;
+
+  X509v3_KU_DIGITAL_SIGNATURE = $0080;
+  X509v3_KU_NON_REPUDIATION   = $0040;
+  X509v3_KU_KEY_ENCIPHERMENT  = $0020;
+  X509v3_KU_DATA_ENCIPHERMENT = $0010;
+  X509v3_KU_KEY_AGREEMENT     = $0008;
+  X509v3_KU_KEY_CERT_SIGN     = $0004;
+  X509v3_KU_CRL_SIGN          = $0002;
+  X509v3_KU_ENCIPHER_ONLY     = $0001;
+  X509v3_KU_DECIPHER_ONLY     = $8000;
+  X509v3_KU_UNDEF             = $ffff;
+
+  X509_EX_V_NETSCAPE_HACK = $8000;
+  X509_EX_V_INIT          = $0001;
+
+
+  (* standard trust ids *)
+
+  X509_TRUST_DEFAULT      = 0; (* Only valid in purpose settings *)
+
+  X509_TRUST_COMPAT       = 1;
+  X509_TRUST_SSL_CLIENT   = 2;
+  X509_TRUST_SSL_SERVER   = 3;
+  X509_TRUST_EMAIL        = 4;
+  X509_TRUST_OBJECT_SIGN  = 5;
+  X509_TRUST_OCSP_SIGN    = 6;
+  X509_TRUST_OCSP_REQUEST = 7;
+  X509_TRUST_TSA          = 8;
+
+  (* Keep these up to date! *)
+  X509_TRUST_MIN          = 1;
+  X509_TRUST_MAX          = 8;
+
+  (* trust_flags values *)
+  X509_TRUST_DYNAMIC      = TIdC_UINT(1) shl 0;
+  X509_TRUST_DYNAMIC_NAME = TIdC_UINT(1) shl 1;
+  (* No compat trust if self-signed, preempts "DO_SS" *)
+  X509_TRUST_NO_SS_COMPAT = TIdC_UINT(1) shl 2;
+  (* Compat trust if no explicit accepted trust EKUs *)
+  X509_TRUST_DO_SS_COMPAT = TIdC_UINT(1) shl 3;
+  (* Accept "anyEKU" as a wildcard trust OID *)
+  X509_TRUST_OK_ANY_EKU   = TIdC_UINT(1) shl 4;
+
+  (* check_trust return codes *)
+
+  X509_TRUST_TRUSTED   = 1;
+  X509_TRUST_REJECTED  = 2;
+  X509_TRUST_UNTRUSTED = 3;
+
+  (* Flags for X509_print_ex() *)
+
+  X509_FLAG_COMPAT        = 0;
+  X509_FLAG_NO_HEADER     = TIdC_LONG(1);
+  X509_FLAG_NO_VERSION    = TIdC_LONG(1) shl 1;
+  X509_FLAG_NO_SERIAL     = TIdC_LONG(1) shl 2;
+  X509_FLAG_NO_SIGNAME    = TIdC_LONG(1) shl 3;
+  X509_FLAG_NO_ISSUER     = TIdC_LONG(1) shl 4;
+  X509_FLAG_NO_VALIDITY   = TIdC_LONG(1) shl 5;
+  X509_FLAG_NO_SUBJECT    = TIdC_LONG(1) shl 6;
+  X509_FLAG_NO_PUBKEY     = TIdC_LONG(1) shl 7;
+  X509_FLAG_NO_EXTENSIONS = TIdC_LONG(1) shl 8;
+  X509_FLAG_NO_SIGDUMP    = TIdC_LONG(1) shl 9;
+  X509_FLAG_NO_AUX        = TIdC_LONG(1) shl 10;
+  X509_FLAG_NO_ATTRIBUTES = TIdC_LONG(1) shl 11;
+  X509_FLAG_NO_IDS        = TIdC_LONG(1) shl 12;
+
+  (* Flags specific to X509_NAME_print_ex() *)
+
+  (* The field separator information *)
+
+  XN_FLAG_SEP_MASK       = $f shl 16;
+
+  XN_FLAG_COMPAT         = 0;(* Traditional; use old X509_NAME_print *)
+  XN_FLAG_SEP_COMMA_PLUS = 1 shl 16;(* RFC2253 ,+ *)
+  XN_FLAG_SEP_CPLUS_SPC  = 2 shl 16;(* ,+ spaced: more readable *)
+  XN_FLAG_SEP_SPLUS_SPC  = 3 shl 16;(* ;+ spaced *)
+  XN_FLAG_SEP_MULTILINE  = 4 shl 16;(* One line per field *)
+
+  XN_FLAG_DN_REV         = 1 shl 20;(* Reverse DN order *)
+
+  (* How the field name is shown *)
+
+  XN_FLAG_FN_MASK        = $3 shl 21;
+
+  XN_FLAG_FN_SN          = 0;(* Object short name *)
+  XN_FLAG_FN_LN          = 1 shl 21;(* Object long name *)
+  XN_FLAG_FN_OID         = 2 shl 21;(* Always use OIDs *)
+  XN_FLAG_FN_NONE        = 3 shl 21;(* No field names *)
+
+  XN_FLAG_SPC_EQ         = 1 shl 23;(* Put spaces round '=' *)
+
+  (*
+   * This determines if we dump fields we don't recognise: RFC2253 requires
+   * this.
+   *)
+
+  XN_FLAG_DUMP_UNKNOWN_FIELDS = 1 shl 24;
+
+  XN_FLAG_FN_ALIGN = 1 shl 25;(* Align field names to 20
+                                             * characters *)
+
+  (* Complete set of RFC2253 flags *)
+
+  XN_FLAG_RFC2253 = ASN1_STRFLGS_RFC2253 or XN_FLAG_SEP_COMMA_PLUS
+    or XN_FLAG_DN_REV or XN_FLAG_FN_SN or XN_FLAG_DUMP_UNKNOWN_FIELDS;
+
+  (* readable oneline form *)
+
+  XN_FLAG_ONELINE = ASN1_STRFLGS_RFC2253 or ASN1_STRFLGS_ESC_QUOTE
+    or XN_FLAG_SEP_CPLUS_SPC or XN_FLAG_SPC_EQ or XN_FLAG_FN_SN;
+
+  (* readable multiline form *)
+
+  XN_FLAG_MULTILINE = ASN1_STRFLGS_ESC_CTRL or ASN1_STRFLGS_ESC_MSB
+    or XN_FLAG_SEP_MULTILINE or XN_FLAG_SPC_EQ or XN_FLAG_FN_LN or XN_FLAG_FN_ALIGN;
+
+  X509_EXT_PACK_UNKNOWN = 1;
+  X509_EXT_PACK_STRING  = 2;
+
+type
+  X509_val_st = record
+    notBefore: PASN1_TIME;
+    notAfter: PASN1_TIME;
+  end;
+  X509_VAL = X509_val_st;
+  PX509_VAL = ^X509_VAL;
+  PPX509_VAL = ^PX509_VAL;
+
+  X509_SIG = type Pointer; // X509_sig_st
+  PX509_SIG = ^X509_SIG;
+  PPX509_SIG = ^PX509_SIG;
+
+  X509_NAME_ENTRY = type Pointer; // X509_name_entry_st
+  PX509_NAME_ENTRY = ^X509_NAME_ENTRY;
+  PPX509_NAME_ENTRY = ^PX509_NAME_ENTRY;
+
+  //DEFINE_STACK_OF(X509_NAME_ENTRY)
+  //
+  //DEFINE_STACK_OF(X509_NAME)
+
+  X509_EXTENSION = type Pointer; // X509_extension_st
+  PX509_EXTENSION = ^X509_EXTENSION;
+  PPX509_EXTENSION = ^PX509_EXTENSION;
+
+  //typedef STACK_OF(X509_EXTENSION) X509_EXTENSIONS;
+  //
+  //DEFINE_STACK_OF(X509_EXTENSION)
+
+  X509_ATTRIBUTE = type Pointer; // x509_attributes_st
+  PX509_ATTRIBUTE = ^X509_ATTRIBUTE;
+  PPX509_ATTRIBUTE = ^PX509_ATTRIBUTE;
+
+  //DEFINE_STACK_OF(X509_ATTRIBUTE)
+
+  X509_REQ_INFO = type Pointer; // X509_req_info_st
+  PX509_REQ_INFO = ^X509_REQ_INFO;
+  PPX509_REQ_INFO = ^PX509_REQ_INFO;
+
+  X509_CERT_AUX = type Pointer; // x509_cert_aux_st
+
+  X509_CINF = type Pointer; // x509_cinf_st
+
+  //DEFINE_STACK_OF(X509)
+
+  (* This is used for a table of trust checking functions *)
+
+  Px509_trust_st = ^x509_trust_st;
+  x509_trust_st = record
+    trust: TIdC_INT;
+    flags: TIdC_INT;
+    check_trust: function(v1: Px509_trust_st; v2: PX509; v3: TIdC_INT): TIdC_INT;
+    name: PIdAnsiChar;
+    arg1: TIdC_INT;
+    arg2: Pointer;
+  end;
+  X509_TRUST = x509_trust_st;
+  PX509_TRUST = ^X509_TRUST;
+
+  //DEFINE_STACK_OF(X509_TRUST)
+
+  //DEFINE_STACK_OF(X509_REVOKED)
+  X509_REVOKED = type Pointer;   //////////////////////////////////////////////
+  PX509_REVOKED = ^X509_REVOKED; //////////////////////////////////////////////
+  PPX509_REVOKED = ^PX509_REVOKED;/////////////////////////////////////////////
+
+  X509_CRL_INFO = type Pointer; // X509_crl_info_st
+  PX509_CRL_INFO = ^X509_CRL_INFO;
+  PPX509_CRL_INFO = ^PX509_CRL_INFO;
+
+  //DEFINE_STACK_OF(X509_CRL)
+
+  private_key_st = record
+    version: TIdC_INT;
+    (* The PKCS#8 data types *)
+    enc_algor: PX509_ALGOR;
+    enc_pkey: PASN1_OCTET_STRING; (* encrypted pub key *)
+    (* When decrypted, the following will not be NULL *)
+    dec_pkey: PEVP_PKEY;
+    (* used to encrypt and decrypt *)
+    key_length: TIdC_INT;
+    key_data: PIdAnsiChar;
+    key_free: TIdC_INT;               (* true if we should auto free key_data *)
+    (* expanded version of 'enc_algor' *)
+    cipher: EVP_CIPHER_INFO;
+  end;
+  X509_PKEY = private_key_st;
+  PX509_PKEY = ^X509_PKEY;
+
+  X509_info_st = record
+    x509: PX509;
+    crl: PX509_CRL;
+    x_pkey: PX509_PKEY;
+    enc_cipher: EVP_CIPHER_INFO;
+    enc_len: TIdC_INT;
+    enc_data: PIdAnsiChar;
+  end;
+  X509_INFO = X509_info_st;
+  PX509_INFO = ^X509_INFO;
+
+  //DEFINE_STACK_OF(X509_INFO)
+
+  (*
+   * The next 2 structures and their 8 routines are used to manipulate Netscape's
+   * spki structures - useful if you are writing a CA web page
+   *)
+  Netscape_spkac_st = record
+    pubkey: PX509_PUBKEY;
+    challenge: PASN1_IA5STRING;  (* challenge sent in atlas >= PR2 *)
+  end;
+  NETSCAPE_SPKAC = Netscape_spkac_st;
+  PNETSCAPE_SPKAC = ^NETSCAPE_SPKAC;
+
+  Netscape_spki_st = record
+    spkac: PNETSCAPE_SPKAC;      (* signed public key and challenge *)
+    sig_algor: X509_ALGOR;
+    signature: PASN1_BIT_STRING;
+  end;
+  NETSCAPE_SPKI = Netscape_spki_st;
+  PNETSCAPE_SPKI = ^NETSCAPE_SPKI;
+
+  (* Netscape certificate sequence structure *)
+//  Netscape_certificate_sequence: record
+//    &type: PASN1_OBJECT;
+//    certs: P --> STACK_OF(X509) <--;
+//  end;
+//  NETSCAPE_CERT_SEQUENCE = Netscape_certificate_sequence;
+
+  (*- Unused (and iv length is wrong)
+  typedef struct CBCParameter_st
+          {
+          unsigned char iv[8];
+          } CBC_PARAM;
+  *)
+
+  (* Password based encryption structure *)
+  PBEPARAM_st = record
+    salt: PASN1_OCTET_STRING;
+    iter: PASN1_INTEGER;
+  end;
+  PBEPARAM = PBEPARAM_st;
+
+  (* Password based encryption V2 structures *)
+  PBE2PARAM_st = record
+    keyfunc: PX509_ALGOR;
+    encryption: X509_ALGOR;
+  end;
+  PBE2PARAM = PBE2PARAM_st;
+
+  PBKDF2PARAM_st = record
+  (* Usually OCTET STRING but could be anything *)
+    salt: PASN1_TYPE;
+    iter: PASN1_INTEGER;
+    keylength: PASN1_INTEGER;
+    prf: X509_ALGOR;
+  end;
+  PBKDF2PARAM = PBKDF2PARAM_st;
+
+  SCRYPT_PARAMS_st = record
+    salt: PASN1_OCTET_STRING;
+    costParameter: PASN1_INTEGER;
+    blockSize: PASN1_INTEGER;
+    parallelizationParameter: PASN1_INTEGER;
+    keyLength: ASN1_INTEGER;
+  end;
+  SCRYPT_PARAMS = SCRYPT_PARAMS_st;
+
+  //# define         X509_extract_key(x)     X509_get_pubkey(x)(*****)
+  //# define         X509_REQ_extract_key(a) X509_REQ_get_pubkey(a)
+  //# define         X509_name_cmp(a,b)      X509_NAME_cmp((a),(b))
+  //
+
+  procedure X509_CRL_set_default_method(const meth: PX509_CRL_METHOD) cdecl; external CLibCrypto;
+//  function X509_CRL_METHOD_new(crl_init: function(crl: X509_CRL): TIdC_INT;
+//    crl_free: function(crl: PX509_CRL): TIdC_INT;
+//    crl_lookup: function(crl: PX509_CRL; ret: PPX509_REVOKED; ser: PASN1_INTEGER; issuer: PX509_NAME): TIdC_INT;
+//    crl_verify: function(crl: PX509_CRL, pk: PEVP_PKEY): TIdC_INT): PX509_CRL_METHOD;
+  procedure X509_CRL_METHOD_free(m: PX509_CRL_METHOD) cdecl; external CLibCrypto;
+
+  procedure X509_CRL_set_meth_data(crl: PX509_CRL; dat: Pointer) cdecl; external CLibCrypto;
+  function X509_CRL_get_meth_data(crl: PX509_CRL): Pointer cdecl; external CLibCrypto;
+
+  function X509_verify_cert_error_string(n: TIdC_LONG): PIdAnsiChar cdecl; external CLibCrypto;
+
+  function X509_verify(a: PX509; r: PEVP_PKEY): TIdC_INT cdecl; external CLibCrypto;
+
+  function X509_REQ_verify(a: PX509_REQ; r: PEVP_PKEY): TIdC_INT cdecl; external CLibCrypto;
+  function X509_CRL_verify(a: PX509_CRL; r: PEVP_PKEY): TIdC_INT cdecl; external CLibCrypto;
+  function NETSCAPE_SPKI_verify(a: PNETSCAPE_SPKI; r: PEVP_PKEY): TIdC_INT cdecl; external CLibCrypto;
+
+  function NETSCAPE_SPKI_b64_decode(const str: PIdAnsiChar; len: TIdC_INT): PNETSCAPE_SPKI cdecl; external CLibCrypto;
+  function NETSCAPE_SPKI_b64_encode(x: PNETSCAPE_SPKI): PIdAnsiChar cdecl; external CLibCrypto;
+  function NETSCAPE_SPKI_get_pubkey(x: PNETSCAPE_SPKI): PEVP_PKEY cdecl; external CLibCrypto;
+  function NETSCAPE_SPKI_set_pubkey(x: PNETSCAPE_SPKI; pkey: PEVP_PKEY): TIdC_INT cdecl; external CLibCrypto;
+
+  function NETSCAPE_SPKI_print(&out: PBIO; spki: PNETSCAPE_SPKI): TIdC_INT cdecl; external CLibCrypto;
+
+  function X509_signature_dump(bp: PBIO; const sig: PASN1_STRING; indent: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function X509_signature_print(bp: PBIO; const alg: PX509_ALGOR; const sig: PASN1_STRING): TIdC_INT cdecl; external CLibCrypto;
+
+  function X509_sign(x: PX509; pkey: PEVP_PKEY; const md: PEVP_MD): TIdC_INT cdecl; external CLibCrypto;
+  function X509_sign_ctx(x: PX509; ctx: PEVP_MD_CTX): TIdC_INT cdecl; external CLibCrypto;
+
+  function X509_http_nbio(rctx: POCSP_REQ_CTX; pcert: PPX509): TIdC_INT cdecl; external CLibCrypto;
+
+  function X509_REQ_sign(x: PX509_REQ; pkey: PEVP_PKEY; const md: PEVP_MD): TIdC_INT cdecl; external CLibCrypto;
+  function X509_REQ_sign_ctx(x: PX509_REQ; ctx: PEVP_MD_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function X509_CRL_sign(x: PX509_CRL; pkey: PEVP_PKEY; const md: PEVP_MD): TIdC_INT cdecl; external CLibCrypto;
+  function X509_CRL_sign_ctx(x: PX509_CRL; ctx: PEVP_MD_CTX): TIdC_INT cdecl; external CLibCrypto;
+
+  function X509_CRL_http_nbio(rctx: POCSP_REQ_CTX; pcrl: PPX509_CRL): TIdC_INT cdecl; external CLibCrypto;
+
+  function NETSCAPE_SPKI_sign(x: PNETSCAPE_SPKI; pkey: PEVP_PKEY; const md: PEVP_MD): TIdC_INT cdecl; external CLibCrypto;
+
+  function X509_pubkey_digest(const data: PX509; const &type: PEVP_MD; md: PByte; len: PIdC_UINT): TIdC_INT cdecl; external CLibCrypto;
+  function X509_digest(const data: PX509; const &type: PEVP_MD; md: PByte; len: PIdC_UINT): TIdC_INT cdecl; external CLibCrypto;
+  function X509_CRL_digest(const data: PX509_CRL; const &type: PEVP_MD; md: PByte; len: PIdC_UINT): TIdC_INT cdecl; external CLibCrypto;
+  function X509_REQ_digest(const data: PX509_REQ; const &type: PEVP_MD; md: PByte; len: PIdC_UINT): TIdC_INT cdecl; external CLibCrypto;
+  function X509_NAME_digest(const data: PX509_NAME; const &type: PEVP_MD; md: PByte; len: PIdC_UINT): TIdC_INT cdecl; external CLibCrypto;
+
+  //# ifndef OPENSSL_NO_STDIO
+  //X509 *d2i_X509_fp(FILE *fp, X509 **x509);
+  //TIdC_INT i2d_X509_fp(FILE *fp, X509 *x509);
+  //X509_CRL *d2i_X509_CRL_fp(FILE *fp, X509_CRL **crl);
+  //TIdC_INT i2d_X509_CRL_fp(FILE *fp, X509_CRL *crl);
+  //X509_REQ *d2i_X509_REQ_fp(FILE *fp, X509_REQ **req);
+  //TIdC_INT i2d_X509_REQ_fp(FILE *fp, X509_REQ *req);
+  //#  ifndef OPENSSL_NO_RSA
+  //RSA *d2i_RSAPrivateKey_fp(FILE *fp, RSA **rsa);
+  //TIdC_INT i2d_RSAPrivateKey_fp(FILE *fp, RSA *rsa);
+  //RSA *d2i_RSAPublicKey_fp(FILE *fp, RSA **rsa);
+  //TIdC_INT i2d_RSAPublicKey_fp(FILE *fp, RSA *rsa);
+  //RSA *d2i_RSA_PUBKEY_fp(FILE *fp, RSA **rsa);
+  //TIdC_INT i2d_RSA_PUBKEY_fp(FILE *fp, RSA *rsa);
+  //#  endif
+  //#  ifndef OPENSSL_NO_DSA
+  //DSA *d2i_DSA_PUBKEY_fp(FILE *fp, DSA **dsa);
+  //TIdC_INT i2d_DSA_PUBKEY_fp(FILE *fp, DSA *dsa);
+  //DSA *d2i_DSAPrivateKey_fp(FILE *fp, DSA **dsa);
+  //TIdC_INT i2d_DSAPrivateKey_fp(FILE *fp, DSA *dsa);
+  //#  endif
+  //#  ifndef OPENSSL_NO_EC
+  //EC_KEY *d2i_EC_PUBKEY_fp(FILE *fp, EC_KEY **eckey);
+  //TIdC_INT i2d_EC_PUBKEY_fp(FILE *fp, EC_KEY *eckey);
+  //EC_KEY *d2i_ECPrivateKey_fp(FILE *fp, EC_KEY **eckey);
+  //TIdC_INT i2d_ECPrivateKey_fp(FILE *fp, EC_KEY *eckey);
+  //#  endif
+  //X509_SIG *d2i_PKCS8_fp(FILE *fp, X509_SIG **p8);
+  //TIdC_INT i2d_PKCS8_fp(FILE *fp, X509_SIG *p8);
+  //PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_fp(FILE *fp,
+  //                                                PKCS8_PRIV_KEY_INFO **p8inf);
+  //TIdC_INT i2d_PKCS8_PRIV_KEY_INFO_fp(FILE *fp, PKCS8_PRIV_KEY_INFO *p8inf);
+  //TIdC_INT i2d_PKCS8PrivateKeyInfo_fp(FILE *fp, EVP_PKEY *key);
+  //TIdC_INT i2d_PrivateKey_fp(FILE *fp, EVP_PKEY *pkey);
+  //EVP_PKEY *d2i_PrivateKey_fp(FILE *fp, EVP_PKEY **a);
+  //TIdC_INT i2d_PUBKEY_fp(FILE *fp, EVP_PKEY *pkey);
+  //EVP_PKEY *d2i_PUBKEY_fp(FILE *fp, EVP_PKEY **a);
+  //# endif
+
+  function d2i_X509_bio(bp: PBIO; x509: PPX509): PX509 cdecl; external CLibCrypto;
+  function i2d_X509_bio(bp: PBIO; x509: PX509): TIdC_INT cdecl; external CLibCrypto;
+  function d2i_X509_CRL_bio(bp: PBIO; crl: PPX509_CRL): PX509_CRL cdecl; external CLibCrypto;
+  function i2d_X509_CRL_bio(bp: PBIO; crl: PX509_CRL): TIdC_INT cdecl; external CLibCrypto;
+  function d2i_X509_REQ_bio(bp: PBIO; req: PPX509_REQ): PX509_REQ cdecl; external CLibCrypto;
+  function i2d_X509_REQ_bio(bp: PBIO; req: PX509_REQ): TIdC_INT cdecl; external CLibCrypto;
+
+  function d2i_RSAPrivateKey_bio(bp: PBIO; rsa: PPRSA): PRSA cdecl; external CLibCrypto;
+  function i2d_RSAPrivateKey_bio(bp: PBIO; rsa: PRSA): TIdC_INT cdecl; external CLibCrypto;
+  function d2i_RSAPublicKey_bio(bp: PBIO; rsa: PPRSA): PRSA cdecl; external CLibCrypto;
+  function i2d_RSAPublicKey_bio(bp: PBIO; rsa: PRSA): TIdC_INT cdecl; external CLibCrypto;
+  function d2i_RSA_PUBKEY_bio(bp: PBIO; rsa: PPRSA): PRSA cdecl; external CLibCrypto;
+  function i2d_RSA_PUBKEY_bio(bp: PBIO; rsa: PRSA): TIdC_INT cdecl; external CLibCrypto;
+
+  function d2i_DSA_PUBKEY_bio(bp: PBIO; dsa: PPDSA): DSA cdecl; external CLibCrypto;
+  function i2d_DSA_PUBKEY_bio(bp: PBIO; dsa: PDSA): TIdC_INT cdecl; external CLibCrypto;
+  function d2i_DSAPrivateKey_bio(bp: PBIO; dsa: PPDSA): PDSA cdecl; external CLibCrypto;
+  function i2d_DSAPrivateKey_bio(bp: PBIO; dsa: PDSA): TIdC_INT cdecl; external CLibCrypto;
+
+  function d2i_EC_PUBKEY_bio(bp: PBIO; eckey: PPEC_KEY): PEC_KEY cdecl; external CLibCrypto;
+  function i2d_EC_PUBKEY_bio(bp: PBIO; eckey: PEC_KEY): TIdC_INT cdecl; external CLibCrypto;
+  function d2i_ECPrivateKey_bio(bp: PBIO; eckey: PPEC_KEY): EC_KEY cdecl; external CLibCrypto;
+  function i2d_ECPrivateKey_bio(bp: PBIO; eckey: PEC_KEY): TIdC_INT cdecl; external CLibCrypto;
+
+  function d2i_PKCS8_bio(bp: PBIO; p8: PPX509_SIG): PX509_SIG cdecl; external CLibCrypto;
+  function i2d_PKCS8_bio(bp: PBIO; p8: PX509_SIG): TIdC_INT cdecl; external CLibCrypto;
+  function d2i_PKCS8_PRIV_KEY_INFO_bio(bp: PBIO; p8inf: PPPKCS8_PRIV_KEY_INFO): PPKCS8_PRIV_KEY_INFO cdecl; external CLibCrypto;
+  function i2d_PKCS8_PRIV_KEY_INFO_bio(bp: PBIO; p8inf: PPKCS8_PRIV_KEY_INFO): TIdC_INT cdecl; external CLibCrypto;
+  function i2d_PKCS8PrivateKeyInfo_bio(bp: PBIO; key: PEVP_PKEY): TIdC_INT cdecl; external CLibCrypto;
+  function i2d_PrivateKey_bio(bp: PBIO; pkey: PEVP_PKEY): TIdC_INT cdecl; external CLibCrypto;
+  function d2i_PrivateKey_bio(bp: PBIO; a: PPEVP_PKEY): PEVP_PKEY cdecl; external CLibCrypto;
+  function i2d_PUBKEY_bio(bp: PBIO; pkey: PEVP_PKEY): TIdC_INT cdecl; external CLibCrypto;
+  function d2i_PUBKEY_bio(bp: PBIO; a: PPEVP_PKEY): PEVP_PKEY cdecl; external CLibCrypto;
+
+  function X509_dup(x509: PX509): PX509 cdecl; external CLibCrypto;
+  function X509_ATTRIBUTE_dup(xa: PX509_ATTRIBUTE): PX509_ATTRIBUTE cdecl; external CLibCrypto;
+  function X509_EXTENSION_dup(ex: PX509_EXTENSION): PX509_EXTENSION cdecl; external CLibCrypto;
+  function X509_CRL_dup(crl: PX509_CRL): PX509_CRL cdecl; external CLibCrypto;
+  function X509_REVOKED_dup(rev: PX509_REVOKED): PX509_REVOKED cdecl; external CLibCrypto;
+  function X509_REQ_dup(req: PX509_REQ): PX509_REQ cdecl; external CLibCrypto;
+  function X509_ALGOR_dup(xn: PX509_ALGOR): PX509_ALGOR cdecl; external CLibCrypto;
+  function X509_ALGOR_set0(alg: PX509_ALGOR; aobj: PASN1_OBJECT; ptype: TIdC_INT; pval: Pointer): TIdC_INT cdecl; external CLibCrypto;
+  procedure X509_ALGOR_get0(const paobj: PPASN1_OBJECT; pptype: PIdC_INT; const ppval: PPointer; const algor: PX509_ALGOR) cdecl; external CLibCrypto;
+  procedure X509_ALGOR_set_md(alg: PX509_ALGOR; const md: PEVP_MD) cdecl; external CLibCrypto;
+  function X509_ALGOR_cmp(const a: PX509_ALGOR; const b: PX509_ALGOR): TIdC_INT cdecl; external CLibCrypto;
+
+  function X509_NAME_dup(xn: PX509_NAME): PX509_NAME cdecl; external CLibCrypto;
+  function X509_NAME_ENTRY_dup(ne: PX509_NAME_ENTRY): PX509_NAME_ENTRY cdecl; external CLibCrypto;
+
+  function X509_cmp_time(const s: PASN1_TIME; t: PIdC_TIMET): TIdC_INT cdecl; external CLibCrypto;
+  function X509_cmp_current_time(const s: PASN1_TIME): TIdC_INT cdecl; external CLibCrypto;
+  function X509_time_adj(s: PASN1_TIME; adj: TIdC_LONG; t: PIdC_TIMET): PASN1_TIME cdecl; external CLibCrypto;
+  function X509_time_adj_ex(s: PASN1_TIME; offset_day: TIdC_INT; offset_sec: TIdC_LONG; t: PIdC_TIMET): PASN1_TIME cdecl; external CLibCrypto;
+  function X509_gmtime_adj(s: PASN1_TIME; adj: TIdC_LONG): PASN1_TIME cdecl; external CLibCrypto;
+
+  function X509_get_default_cert_area: PIdAnsiChar cdecl; external CLibCrypto;
+  function X509_get_default_cert_dir: PIdAnsiChar cdecl; external CLibCrypto;
+  function X509_get_default_cert_file: PIdAnsiChar cdecl; external CLibCrypto;
+  function X509_get_default_cert_dir_env: PIdAnsiChar cdecl; external CLibCrypto;
+  function X509_get_default_cert_file_env: PIdAnsiChar cdecl; external CLibCrypto;
+  function X509_get_default_private_dir: PIdAnsiChar cdecl; external CLibCrypto;
+
+  function X509_to_X509_REQ(x: PX509; pkey: PEVP_PKEY; const md: PEVP_MD): PX509_REQ cdecl; external CLibCrypto;
+  function X509_REQ_to_X509(r: PX509_REQ; days: TIdC_INT; pkey: PEVP_PKEY): PX509 cdecl; external CLibCrypto;
+
+  function X509_ALGOR_new: PX509_ALGOR cdecl; external CLibCrypto;
+  procedure X509_ALGOR_free(v1: PX509_ALGOR) cdecl; external CLibCrypto;
+  function d2i_X509_ALGOR(a: PPX509_ALGOR; const &in: PPByte; len: TIdC_LONG): PX509_ALGOR cdecl; external CLibCrypto;
+  function i2d_X509_ALGOR(a: PX509_ALGOR; &out: PPByte): TIdC_INT cdecl; external CLibCrypto;
+  //DECLARE_ASN1_ENCODE_FUNCTIONS(X509_ALGORS, X509_ALGORS, X509_ALGORS)
+  function X509_VAL_new: PX509_VAL cdecl; external CLibCrypto;
+  procedure X509_VAL_free(v1: PX509_VAL) cdecl; external CLibCrypto;
+  function d2i_X509_VAL(a: PPX509_VAL; const &in: PPByte; len: TIdC_LONG): PX509_VAL cdecl; external CLibCrypto;
+  function i2d_X509_VAL(a: PX509_VAL; &out: PPByte): TIdC_INT cdecl; external CLibCrypto;
+
+  function X509_PUBKEY_new: PX509_PUBKEY cdecl; external CLibCrypto;
+  procedure X509_PUBKEY_free(v1: PX509_PUBKEY) cdecl; external CLibCrypto;
+  function d2i_X509_PUBKEY(a: PPX509_PUBKEY; const &in: PPByte; len: TIdC_LONG): PX509_PUBKEY cdecl; external CLibCrypto;
+  function i2d_X509_PUBKEY(a: PX509_PUBKEY; &out: PPByte): TIdC_INT cdecl; external CLibCrypto;
+
+  function X509_PUBKEY_set(x: PPX509_PUBKEY; pkey: PEVP_PKEY): TIdC_INT cdecl; external CLibCrypto;
+  function X509_PUBKEY_get0(key: PX509_PUBKEY): PEVP_PKEY cdecl; external CLibCrypto;
+  function X509_PUBKEY_get(key: PX509_PUBKEY): PEVP_PKEY cdecl; external CLibCrypto;
+//  function X509_get_pubkey_parameters(pkey: PEVP_PKEY; chain: P STACK_OF(X509)): TIdC_INT;
+  function X509_get_pathlen(x: PX509): TIdC_LONG cdecl; external CLibCrypto;
+  function i2d_PUBKEY(a: PEVP_PKEY; pp: PPByte): TIdC_INT cdecl; external CLibCrypto;
+  function d2i_PUBKEY(a: PPEVP_PKEY; const pp: PPByte; length: TIdC_LONG): PEVP_PKEY cdecl; external CLibCrypto;
+
+  function i2d_RSA_PUBKEY(a: PRSA; pp: PPByte): TIdC_INT cdecl; external CLibCrypto;
+  function d2i_RSA_PUBKEY(a: PPRSA; const pp: PPByte; length: TIdC_LONG): PRSA cdecl; external CLibCrypto;
+
+  function i2d_DSA_PUBKEY(a: PDSA; pp: PPByte): TIdC_INT cdecl; external CLibCrypto;
+  function d2i_DSA_PUBKEY(a: PPDSA; const pp: PPByte; length: TIdC_LONG): PDSA cdecl; external CLibCrypto;
+
+  function i2d_EC_PUBKEY(a: EC_KEY; pp: PPByte): TIdC_INT cdecl; external CLibCrypto;
+  function d2i_EC_PUBKEY(a: PPEC_KEY; const pp: PPByte; length: TIdC_LONG): PEC_KEY cdecl; external CLibCrypto;
+
+  function X509_SIG_new: PX509_SIG cdecl; external CLibCrypto;
+  procedure X509_SIG_free(v1: PX509_SIG) cdecl; external CLibCrypto;
+  function d2i_X509_SIG(a: PPX509_SIG; const &in: PPByte; len: TIdC_LONG): PX509_SIG cdecl; external CLibCrypto;
+  function i2d_X509_SIG(a: PX509_SIG; &out: PPByte): TIdC_INT cdecl; external CLibCrypto;
+  procedure X509_SIG_get0(const sig: PX509_SIG; const palg: PPX509_ALGOR; const pdigest: PPASN1_OCTET_STRING) cdecl; external CLibCrypto;
+  procedure X509_SIG_getm(sig: X509_SIG; palg: PPX509_ALGOR; pdigest: PPASN1_OCTET_STRING) cdecl; external CLibCrypto;
+
+  function X509_REQ_INFO_new: PX509_REQ_INFO cdecl; external CLibCrypto;
+  procedure X509_REQ_INFO_free(v1: PX509_REQ_INFO) cdecl; external CLibCrypto;
+  function d2i_X509_REQ_INFO(a: PPX509_REQ_INFO; const &in: PPByte; len: TIdC_LONG): PX509_REQ_INFO cdecl; external CLibCrypto;
+  function i2d_X509_REQ_INFO(a: PX509_REQ_INFO; &out: PPByte): TIdC_INT cdecl; external CLibCrypto;
+
+  function X509_REQ_new: PX509_REQ cdecl; external CLibCrypto;
+  procedure X509_REQ_free(v1: PX509_REQ) cdecl; external CLibCrypto;
+  function d2i_X509_REQ(a: PPX509_REQ; const &in: PPByte; len: TIdC_LONG): PX509_REQ cdecl; external CLibCrypto;
+  function i2d_X509_REQ(a: PX509_REQ; &out: PPByte): TIdC_INT cdecl; external CLibCrypto;
+
+  function X509_ATTRIBUTE_new: PX509_ATTRIBUTE cdecl; external CLibCrypto;
+  procedure X509_ATTRIBUTE_free(v1: PX509_ATTRIBUTE) cdecl; external CLibCrypto;
+  function d2i_X509_ATTRIBUTE(a: PPX509_ATTRIBUTE; const &in: PPByte; len: TIdC_LONG): PX509_ATTRIBUTE cdecl; external CLibCrypto;
+  function i2d_X509_ATTRIBUTE(a: PX509_ATTRIBUTE; &out: PPByte): TIdC_INT cdecl; external CLibCrypto;
+  function X509_ATTRIBUTE_create(nid: TIdC_INT; trtype: TIdC_INT; value: Pointer): PX509_ATTRIBUTE cdecl; external CLibCrypto;
+
+  function X509_EXTENSION_new: PX509_EXTENSION cdecl; external CLibCrypto;
+  procedure X509_EXTENSION_free(v1: PX509_EXTENSION) cdecl; external CLibCrypto;
+  function d2i_X509_EXTENSION(a: PPX509_EXTENSION; const &in: PPByte; len: TIdC_LONG): PX509_EXTENSION cdecl; external CLibCrypto;
+  function i2d_X509_EXTENSION(a: PX509_EXTENSION; &out: PPByte): TIdC_INT cdecl; external CLibCrypto;
+  //DECLARE_ASN1_ENCODE_FUNCTIONS(X509_EXTENSIONS, X509_EXTENSIONS, X509_EXTENSIONS)
+
+  function X509_NAME_ENTRY_new: PX509_NAME_ENTRY cdecl; external CLibCrypto;
+  procedure X509_NAME_ENTRY_free(v1: PX509_NAME_ENTRY) cdecl; external CLibCrypto;
+  function d2i_X509_NAME_ENTRY(a: PPX509_NAME_ENTRY; const &in: PPByte; len: TIdC_LONG): PX509_NAME_ENTRY cdecl; external CLibCrypto;
+  function i2d_X509_NAME_ENTRY(a: PX509_NAME_ENTRY; &out: PPByte): TIdC_INT cdecl; external CLibCrypto;
+
+  function X509_NAME_new: PX509_NAME cdecl; external CLibCrypto;
+  procedure X509_NAME_free(v1: PX509_NAME) cdecl; external CLibCrypto;
+  function d2i_X509_NAME(a: PPX509_NAME; const &in: PPByte; len: TIdC_LONG): PX509_NAME cdecl; external CLibCrypto;
+  function i2d_X509_NAME(a: PX509_NAME; &out: PPByte): TIdC_INT cdecl; external CLibCrypto;
+
+  function X509_NAME_set(xn: PPX509_NAME; name: PX509_NAME): TIdC_INT cdecl; external CLibCrypto;
+
+  //DECLARE_ASN1_FUNCTIONS(X509_CINF)
+
+  function X509_new: PX509 cdecl; external CLibCrypto;
+  procedure X509_free(v1: PX509) cdecl; external CLibCrypto;
+  function d2i_X509(a: PPX509; const &in: PPByte; len: TIdC_LONG): PX509 cdecl; external CLibCrypto;
+  function i2d_X509(a: PX509; &out: PPByte): TIdC_INT cdecl; external CLibCrypto;
+
+  //DECLARE_ASN1_FUNCTIONS(X509_CERT_AUX)
+  //
+  //#define X509_get_ex_new_index(l, p, newf, dupf, freef) \
+  //    CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_X509, l, p, newf, dupf, freef)
+  function X509_set_ex_data(r: PX509; idx: TIdC_INT; arg: Pointer): TIdC_INT cdecl; external CLibCrypto;
+  function X509_get_ex_data(r: PX509; idx: TIdC_INT): Pointer cdecl; external CLibCrypto;
+  function i2d_X509_AUX(a: PX509; pp: PPByte): TIdC_INT cdecl; external CLibCrypto;
+  function d2i_X509_AUX(a: PPX509; const pp: PPByte; length: TIdC_LONG): PX509 cdecl; external CLibCrypto;
+
+  function i2d_re_X509_tbs(x: PX509; pp: PPByte): TIdC_INT cdecl; external CLibCrypto;
+
+  function X509_SIG_INFO_get(const siginf: PX509_SIG_INFO; mdnid: PIdC_INT; pknid: PIdC_INT; secbits: PIdC_INT; flags: PIdC_UINT32): TIdC_INT cdecl; external CLibCrypto;
+  procedure X509_SIG_INFO_set(siginf: PX509_SIG_INFO; mdnid: TIdC_INT; pknid: TIdC_INT; secbits: TIdC_INT; flags: TIdC_UINT32) cdecl; external CLibCrypto;
+
+  function X509_get_signature_info(x: PX509; mdnid: PIdC_INT; pknid: PIdC_INT; secbits: PIdC_INT; flags: PIdC_UINT32): TIdC_INT cdecl; external CLibCrypto;
+
+  procedure X509_get0_signature(const psig: PPASN1_BIT_STRING; const palg: PPX509_ALGOR; const x: PX509) cdecl; external CLibCrypto;
+  function X509_get_signature_nid(const x: PX509): TIdC_INT cdecl; external CLibCrypto;
+
+  function X509_trusted(const x: PX509): TIdC_INT cdecl; external CLibCrypto;
+  function X509_alias_set1(x: PX509; const name: PByte; len: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function X509_keyid_set1(x: PX509; const id: PByte; len: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function X509_alias_get0(x: PX509; len: PIdC_INT): PByte cdecl; external CLibCrypto;
+  function X509_keyid_get0(x: PX509; len: PIdC_INT): PByte cdecl; external CLibCrypto;
+//  TIdC_INT (*X509_TRUST_set_default(TIdC_INT (*trust) (TIdC_INT, X509 *, TIdC_INT))) (TIdC_INT, X509 *,
+//                                                                  TIdC_INT);
+  function X509_TRUST_set(t: PIdC_INT; trust: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function X509_add1_trust_object(x: PX509; const obj: PASN1_OBJECT): TIdC_INT cdecl; external CLibCrypto;
+  function X509_add1_reject_object(x: PX509; const obj: PASN1_OBJECT): TIdC_INT cdecl; external CLibCrypto;
+  procedure X509_trust_clear(x: PX509) cdecl; external CLibCrypto;
+  procedure X509_reject_clear(x: PX509) cdecl; external CLibCrypto;
+
+  //STACK_OF(ASN1_OBJECT) *X509_get0_trust_objects(X509 *x);
+  //STACK_OF(ASN1_OBJECT) *X509_get0_reject_objects(X509 *x);
+  //
+  function X509_REVOKED_new: PX509_REVOKED cdecl; external CLibCrypto;
+  procedure X509_REVOKED_free(v1: PX509_REVOKED) cdecl; external CLibCrypto;
+  function d2i_X509_REVOKED(a: PPX509_REVOKED; const &in: PPByte; len: TIdC_LONG): PX509_REVOKED cdecl; external CLibCrypto;
+  function i2d_X509_REVOKED(a: PX509_REVOKED; &out: PPByte): TIdC_INT cdecl; external CLibCrypto;
+  function X509_CRL_INFO_new: PX509_CRL_INFO cdecl; external CLibCrypto;
+  procedure X509_CRL_INFO_free(v1: PX509_CRL_INFO) cdecl; external CLibCrypto;
+  function d2i_X509_CRL_INFO(a: PPX509_CRL_INFO; const &in: PPByte; len: TIdC_LONG): PX509_CRL_INFO cdecl; external CLibCrypto;
+  function i2d_X509_CRL_INFO(a: PX509_CRL_INFO; &out: PPByte): TIdC_INT cdecl; external CLibCrypto;
+  function X509_CRL_new: PX509_CRL cdecl; external CLibCrypto;
+  procedure X509_CRL_free(v1: PX509_CRL) cdecl; external CLibCrypto;
+  function d2i_X509_CRL(a: PPX509_CRL; const &in: PPByte; len: TIdC_LONG): PX509_CRL cdecl; external CLibCrypto;
+  function i2d_X509_CRL(a: PX509_CRL; &out: PPByte): TIdC_INT cdecl; external CLibCrypto;
+
+  function X509_CRL_add0_revoked(crl: PX509_CRL; rev: PX509_REVOKED): TIdC_INT cdecl; external CLibCrypto;
+  function X509_CRL_get0_by_serial(crl: PX509_CRL; ret: PPX509_REVOKED; serial: PASN1_INTEGER): TIdC_INT cdecl; external CLibCrypto;
+  function X509_CRL_get0_by_cert(crl: PX509_CRL; ret: PPX509_REVOKED; x: PX509): TIdC_INT cdecl; external CLibCrypto;
+
+  function X509_PKEY_new: PX509_PKEY cdecl; external CLibCrypto;
+  procedure X509_PKEY_free(a: PX509_PKEY) cdecl; external CLibCrypto;
+
+  //DECLARE_ASN1_FUNCTIONS(NETSCAPE_SPKI)
+  //DECLARE_ASN1_FUNCTIONS(NETSCAPE_SPKAC)
+  //DECLARE_ASN1_FUNCTIONS(NETSCAPE_CERT_SEQUENCE)
+
+  function X509_INFO_new: PX509_INFO cdecl; external CLibCrypto;
+  procedure X509_INFO_free(a: PX509_INFO) cdecl; external CLibCrypto;
+  function X509_NAME_oneline(const a: PX509_NAME; buf: PIdAnsiChar; size: TIdC_INT): PIdAnsiChar cdecl; external CLibCrypto;
+
+//  function ASN1_verify(i2d: Pi2d_of_void; algor1: PX509_ALGOR;
+//    signature: PASN1_BIT_STRING; data: PIdAnsiChar; pkey: PEVP_PKEY): TIdC_INT;
+
+//  TIdC_INT ASN1_digest(i2d_of_void *i2d, const EVP_MD *type, char *data,
+//                  unsigned char *md, unsigned TIdC_INT *len);
+
+//  TIdC_INT ASN1_sign(i2d_of_void *i2d, X509_ALGOR *algor1,
+//                X509_ALGOR *algor2, ASN1_BIT_STRING *signature,
+//                char *data, EVP_PKEY *pkey, const EVP_MD *type);
+
+  function ASN1_item_digest(const it: PASN1_ITEM; const &type: PEVP_MD; data: Pointer; md: PByte; len: PIdC_UINT): TIdC_INT cdecl; external CLibCrypto;
+
+  function ASN1_item_verify(const it: PASN1_ITEM; algor1: PX509_ALGOR; signature: PASN1_BIT_STRING; data: Pointer; pkey: PEVP_PKEY): TIdC_INT cdecl; external CLibCrypto;
+
+  function ASN1_item_sign(const it: PASN1_ITEM; algor1: PX509_ALGOR; algor2: PX509_ALGOR; signature: PASN1_BIT_STRING; data: Pointer; pkey: PEVP_PKEY; const &type: PEVP_MD): TIdC_INT cdecl; external CLibCrypto;
+  function ASN1_item_sign_ctx(const it: PASN1_ITEM; algor1: PX509_ALGOR; algor2: PX509_ALGOR; signature: PASN1_BIT_STRING; asn: Pointer; ctx: PEVP_MD_CTX): TIdC_INT cdecl; external CLibCrypto;
+
+  function X509_get_version(const x: PX509): TIdC_LONG cdecl; external CLibCrypto;
+  function X509_set_version(x: PX509; version: TIdC_LONG): TIdC_INT cdecl; external CLibCrypto;
+  function X509_set_serialNumber(x: PX509; serial: PASN1_INTEGER): TIdC_INT cdecl; external CLibCrypto;
+  function X509_get_serialNumber(x: PX509): PASN1_INTEGER cdecl; external CLibCrypto;
+  function X509_get0_serialNumber(const x: PX509): PASN1_INTEGER cdecl; external CLibCrypto;
+  function X509_set_issuer_name(x: PX509; name: PX509_NAME): TIdC_INT cdecl; external CLibCrypto;
+  function X509_get_issuer_name(const a: PX509): PX509_NAME cdecl; external CLibCrypto;
+  function X509_set_subject_name(x: PX509; name: PX509_NAME): TIdC_INT cdecl; external CLibCrypto;
+  function X509_get_subject_name(const a: PX509): PX509_NAME cdecl; external CLibCrypto;
+  function X509_get0_notBefore(const x: PX509): PASN1_TIME cdecl; external CLibCrypto;
+  function X509_getm_notBefore(const x: PX509): PASN1_TIME cdecl; external CLibCrypto;
+  function X509_set1_notBefore(x: PX509; const tm: PASN1_TIME): TIdC_INT cdecl; external CLibCrypto;
+  function X509_get0_notAfter(const x: PX509): PASN1_TIME cdecl; external CLibCrypto;
+  function X509_getm_notAfter(const x: PX509): PASN1_TIME cdecl; external CLibCrypto;
+  function X509_set1_notAfter(x: PX509; const tm: PASN1_TIME): TIdC_INT cdecl; external CLibCrypto;
+  function X509_set_pubkey(x: PX509; pkey: PEVP_PKEY): TIdC_INT cdecl; external CLibCrypto;
+  function X509_up_ref(x: PX509): TIdC_INT cdecl; external CLibCrypto;
+  function X509_get_signature_type(const x: PX509): TIdC_INT cdecl; external CLibCrypto;
+
+  (*
+   * This one is only used so that a binary form can output, as in
+   * i2d_X509_PUBKEY(X509_get_X509_PUBKEY(x), &buf)
+   *)
+  function X509_get_X509_PUBKEY(const x: PX509): PX509_PUBKEY cdecl; external CLibCrypto;
+//  const STACK_OF(X509_EXTENSION) *X509_get0_extensions(const X509 *x);
+  procedure X509_get0_uids(const x: PX509; const piuid: PPASN1_BIT_STRING; const psuid: PPASN1_BIT_STRING) cdecl; external CLibCrypto;
+  function X509_get0_tbs_sigalg(const x: PX509): PX509_ALGOR cdecl; external CLibCrypto;
+
+  function X509_get0_pubkey(const x: PX509): PEVP_PKEY cdecl; external CLibCrypto;
+  function X509_get_pubkey(x: PX509): PEVP_PKEY cdecl; external CLibCrypto;
+  function X509_get0_pubkey_bitstr(const x: PX509): PASN1_BIT_STRING cdecl; external CLibCrypto;
+  function X509_certificate_type(const x: PX509; const pubkey: PEVP_PKEY): TIdC_INT cdecl; external CLibCrypto;
+
+  function X509_REQ_get_version(const req: PX509_REQ): TIdC_LONG cdecl; external CLibCrypto;
+  function X509_REQ_set_version(x: PX509_REQ; version: TIdC_LONG): TIdC_INT cdecl; external CLibCrypto;
+  function X509_REQ_get_subject_name(const req: PX509_REQ): PX509_NAME cdecl; external CLibCrypto;
+  function X509_REQ_set_subject_name(req: PX509_REQ; name: PX509_NAME): TIdC_INT cdecl; external CLibCrypto;
+  procedure X509_REQ_get0_signature(const req: PX509_REQ; const psig: PPASN1_BIT_STRING; const palg: PPX509_ALGOR) cdecl; external CLibCrypto;
+  function X509_REQ_get_signature_nid(const req: PX509_REQ): TIdC_INT cdecl; external CLibCrypto;
+  function i2d_re_X509_REQ_tbs(req: PX509_REQ; pp: PPByte): TIdC_INT cdecl; external CLibCrypto;
+  function X509_REQ_set_pubkey(x: PX509_REQ; pkey: PEVP_PKEY): TIdC_INT cdecl; external CLibCrypto;
+  function X509_REQ_get_pubkey(req: PX509_REQ): PEVP_PKEY cdecl; external CLibCrypto;
+  function X509_REQ_get0_pubkey(req: PX509_REQ): PEVP_PKEY cdecl; external CLibCrypto;
+  function X509_REQ_get_X509_PUBKEY(req: PX509_REQ): PX509_PUBKEY cdecl; external CLibCrypto;
+  function X509_REQ_extension_nid(nid: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function X509_REQ_get_extension_nids: PIdC_INT cdecl; external CLibCrypto;
+  procedure X509_REQ_set_extension_nids(nids: PIdC_INT) cdecl; external CLibCrypto;
+//  STACK_OF(X509_EXTENSION) *X509_REQ_get_extensions(X509_REQ *req);
+  //TIdC_INT X509_REQ_add_extensions_nid(X509_REQ *req, STACK_OF(X509_EXTENSION) *exts,
+  //                                TIdC_INT nid);
+  //TIdC_INT X509_REQ_add_extensions(X509_REQ *req, STACK_OF(X509_EXTENSION) *exts);
+  function X509_REQ_get_attr_count(const req: PX509_REQ): TIdC_INT cdecl; external CLibCrypto;
+  function X509_REQ_get_attr_by_NID(const req: PX509_REQ; nid: TIdC_INT; lastpos: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function X509_REQ_get_attr_by_OBJ(const req: PX509_REQ; const obj: ASN1_OBJECT; lastpos: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function X509_REQ_get_attr(const req: PX509_REQ; loc: TIdC_INT): PX509_ATTRIBUTE cdecl; external CLibCrypto;
+  function X509_REQ_delete_attr(req: PX509_REQ; loc: TIdC_INT): PX509_ATTRIBUTE cdecl; external CLibCrypto;
+  function X509_REQ_add1_attr(req: PX509_REQ; attr: PX509_ATTRIBUTE): TIdC_INT cdecl; external CLibCrypto;
+  function X509_REQ_add1_attr_by_OBJ(req: PX509_REQ; const obj: PASN1_OBJECT; &type: TIdC_INT; const bytes: PByte; len: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function X509_REQ_add1_attr_by_NID(req: PX509_REQ; nid: TIdC_INT; &type: TIdC_INT; const bytes: PByte; len: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function X509_REQ_add1_attr_by_txt(req: PX509_REQ; const attrname: PIdAnsiChar; &type: TIdC_INT; const bytes: PByte; len: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+
+  function X509_CRL_set_version(x: PX509_CRL; version: TIdC_LONG): TIdC_INT cdecl; external CLibCrypto;
+  function X509_CRL_set_issuer_name(x: PX509_CRL; name: PX509_NAME): TIdC_INT cdecl; external CLibCrypto;
+  function X509_CRL_set1_lastUpdate(x: PX509_CRL; const tm: PASN1_TIME): TIdC_INT cdecl; external CLibCrypto;
+  function X509_CRL_set1_nextUpdate(x: PX509_CRL; const tm: PASN1_TIME): TIdC_INT cdecl; external CLibCrypto;
+  function X509_CRL_sort(crl: PX509_CRL): TIdC_INT cdecl; external CLibCrypto;
+  function X509_CRL_up_ref(crl: PX509_CRL): TIdC_INT cdecl; external CLibCrypto;
+
+  function X509_CRL_get_version(const crl: PX509_CRL): TIdC_LONG cdecl; external CLibCrypto;
+  function X509_CRL_get0_lastUpdate(const crl: PX509_CRL): PASN1_TIME cdecl; external CLibCrypto;
+  function X509_CRL_get0_nextUpdate(const crl: PX509_CRL): PASN1_TIME cdecl; external CLibCrypto;
+  function X509_CRL_get_issuer(const crl: PX509_CRL): PX509_NAME cdecl; external CLibCrypto;
+  //const STACK_OF(X509_EXTENSION) *X509_CRL_get0_extensions(const X509_CRL *crl);
+  //STACK_OF(X509_REVOKED) *X509_CRL_get_REVOKED(X509_CRL *crl);
+  procedure X509_CRL_get0_signature(const crl: PX509_CRL; const psig: PPASN1_BIT_STRING; const palg: PPX509_ALGOR) cdecl; external CLibCrypto;
+  function  X509_CRL_get_signature_nid(const crl: PX509_CRL): TIdC_INT cdecl; external CLibCrypto;
+  function i2d_re_X509_CRL_tbs(req: PX509_CRL; pp: PPByte): TIdC_INT cdecl; external CLibCrypto;
+
+  function X509_REVOKED_get0_serialNumber(const x: PX509_REVOKED): PASN1_INTEGER cdecl; external CLibCrypto;
+  function X509_REVOKED_set_serialNumber(x: PX509_REVOKED; serial: PASN1_INTEGER): TIdC_INT cdecl; external CLibCrypto;
+  function X509_REVOKED_get0_revocationDate(const x: PX509_REVOKED): PASN1_TIME cdecl; external CLibCrypto;
+  function X509_REVOKED_set_revocationDate(r: PX509_REVOKED; tm: PASN1_TIME): TIdC_INT cdecl; external CLibCrypto;
+  //const STACK_OF(X509_EXTENSION) *
+  //X509_REVOKED_get0_extensions(const X509_REVOKED *r);
+
+  function X509_CRL_diff(base: PX509_CRL; newer: PX509_CRL; skey: PEVP_PKEY; const md: PEVP_MD; flags: TIdC_UINT): PX509_CRL cdecl; external CLibCrypto;
+
+  function X509_REQ_check_private_key(x509: PX509_REQ; pkey: PEVP_PKEY): TIdC_INT cdecl; external CLibCrypto;
+
+  function X509_check_private_key(const x509: PX509; const pkey: PEVP_PKEY): TIdC_INT cdecl; external CLibCrypto;
+  //TIdC_INT X509_chain_check_suiteb(TIdC_INT *perror_depth,
+  //                            X509 *x, STACK_OF(X509) *chain,
+  //                            unsigned TIdC_LONG flags);
+  function X509_CRL_check_suiteb(crl: PX509_CRL; pk: PEVP_PKEY; flags: TIdC_ULONG): TIdC_INT cdecl; external CLibCrypto;
+  //STACK_OF(X509) *X509_chain_up_ref(STACK_OF(X509) *chain);
+
+  function X509_issuer_and_serial_cmp(const a: PX509; const b: PX509): TIdC_INT cdecl; external CLibCrypto;
+  function X509_issuer_and_serial_hash(a: PX509): TIdC_ULONG cdecl; external CLibCrypto;
+
+  function X509_issuer_name_cmp(const a: PX509; const b: PX509): TIdC_INT cdecl; external CLibCrypto;
+  function X509_issuer_name_hash(a: PX509): TIdC_uLONG cdecl; external CLibCrypto;
+
+  function X509_subject_name_cmp(const a: PX509; const b: PX509): TIdC_INT cdecl; external CLibCrypto;
+  function X509_subject_name_hash(x: PX509): TIdC_ULONG cdecl; external CLibCrypto;
+
+  function X509_cmp(const a: PX509; const b: PX509): TIdC_INT cdecl; external CLibCrypto;
+  function X509_NAME_cmp(const a: PX509_NAME; const b: PX509_NAME): TIdC_INT cdecl; external CLibCrypto;
+  function X509_NAME_hash(x: PX509_NAME): TIdC_ULONG cdecl; external CLibCrypto;
+  function X509_NAME_hash_old(x: PX509_NAME): TIdC_ULONG cdecl; external CLibCrypto;
+
+  function X509_CRL_cmp(const a: PX509_CRL; const b: PX509_CRL): TIdC_INT cdecl; external CLibCrypto;
+  function X509_CRL_match(const a: PX509_CRL; const b: PX509_CRL): TIdC_INT cdecl; external CLibCrypto;
+  function X509_aux_print(&out: PBIO; x: PX509; indent: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  //# ifndef OPENSSL_NO_STDIO
+  //TIdC_INT X509_print_ex_fp(FILE *bp, X509 *x, unsigned TIdC_LONG nmflag,
+  //                     unsigned TIdC_LONG cflag);
+  //TIdC_INT X509_print_fp(FILE *bp, X509 *x);
+  //TIdC_INT X509_CRL_print_fp(FILE *bp, X509_CRL *x);
+  //TIdC_INT X509_REQ_print_fp(FILE *bp, X509_REQ *req);
+  //TIdC_INT X509_NAME_print_ex_fp(FILE *fp, const X509_NAME *nm, TIdC_INT indent,
+  //                          unsigned TIdC_LONG flags);
+  //# endif
+
+  function X509_NAME_print(bp: PBIO; const name: PX509_NAME; obase: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function X509_NAME_print_ex(&out: PBIO; const nm: PX509_NAME; indent: TIdC_INT; flags: TIdC_ULONG): TIdC_INT cdecl; external CLibCrypto;
+  function X509_print_ex(bp: PBIO; x: PX509; nmflag: TIdC_ULONG; cflag: TIdC_ULONG): TIdC_INT cdecl; external CLibCrypto;
+  function X509_print(bp: PBIO; x: PX509): TIdC_INT cdecl; external CLibCrypto;
+  function X509_ocspid_print(bp: PBIO; x: PX509): TIdC_INT cdecl; external CLibCrypto;
+  function X509_CRL_print_ex(&out: PBIO; x: PX509_CRL; nmflag: TIdC_ULONG): TIdC_INT cdecl; external CLibCrypto;
+  function X509_CRL_print(bp: PBIO; x: PX509_CRL): TIdC_INT cdecl; external CLibCrypto;
+  function X509_REQ_print_ex(bp: PBIO; x: PX509_REQ; nmflag: TIdC_ULONG; cflag: TIdC_ULONG): TIdC_INT cdecl; external CLibCrypto;
+  function X509_REQ_print(bp: PBIO; req: PX509_REQ): TIdC_INT cdecl; external CLibCrypto;
+
+  function X509_NAME_entry_count(const name: PX509_NAME): TIdC_INT cdecl; external CLibCrypto;
+  function X509_NAME_get_text_by_NID(name: PX509_NAME; nid: TIdC_INT; buf: PIdAnsiChar; len: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function X509_NAME_get_text_by_OBJ(name: PX509_NAME; const obj: PASN1_OBJECT; buf: PIdAnsiChar; len: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+
+  (*
+   * NOTE: you should be passing -1, not 0 as lastpos. The functions that use
+   * lastpos, search after that position on.
+   *)
+  function X509_NAME_get_index_by_NID(name: PX509_NAME; nid: TIdC_INT; lastpos: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function X509_NAME_get_index_by_OBJ(name: PX509_NAME; const obj: PASN1_OBJECT; lastpos: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function X509_NAME_get_entry(const name: PX509_NAME; loc: TIdC_INT): PX509_NAME_ENTRY cdecl; external CLibCrypto;
+  function X509_NAME_delete_entry(name: PX509_NAME; loc: TIdC_INT): pX509_NAME_ENTRY cdecl; external CLibCrypto;
+  function X509_NAME_add_entry(name: PX509_NAME; const ne: PX509_NAME_ENTRY; loc: TIdC_INT; &set: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function X509_NAME_add_entry_by_OBJ(name: PX509_NAME; const obj: PASN1_OBJECT; &type: TIdC_INT; const bytes: PByte; len: TIdC_INT; loc: TIdC_INT; &set: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function X509_NAME_add_entry_by_NID(name: PX509_NAME; nid: TIdC_INT; &type: TIdC_INT; const bytes: PByte; len: TIdC_INT; loc: TIdC_INT; &set: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function X509_NAME_ENTRY_create_by_txt(ne: PPX509_NAME_ENTRY; const field: PIdAnsiChar; &type: TIdC_INT; const bytes: PByte; len: TIdC_INT): PX509_NAME_ENTRY cdecl; external CLibCrypto;
+  function X509_NAME_ENTRY_create_by_NID(ne: PPX509_NAME_ENTRY; nid: TIdC_INT; &type: TIdC_INT; const bytes: PByte; len: TIdC_INT): PX509_NAME_ENTRY cdecl; external CLibCrypto;
+  function X509_NAME_add_entry_by_txt(name: PX509_NAME; const field: PIdAnsiChar; &type: TIdC_INT; const bytes: PByte; len: TIdC_INT; loc: TIdC_INT; &set: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function X509_NAME_ENTRY_create_by_OBJ(ne: PPX509_NAME_ENTRY; const obj: PASN1_OBJECT; &type: TIdC_INT; const bytes: PByte; len: TIdC_INT): PX509_NAME_ENTRY cdecl; external CLibCrypto;
+  function X509_NAME_ENTRY_set_object(ne: PX509_NAME_ENTRY; const obj: PASN1_OBJECT): TIdC_INT cdecl; external CLibCrypto;
+  function X509_NAME_ENTRY_set_data(ne: PX509_NAME_ENTRY; &type: TIdC_INT; const bytes: PByte; len: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function X509_NAME_ENTRY_get_object(const ne: PX509_NAME_ENTRY): PASN1_OBJECT cdecl; external CLibCrypto;
+  function X509_NAME_ENTRY_get_data(const ne: PX509_NAME_ENTRY): PASN1_STRING cdecl; external CLibCrypto;
+  function X509_NAME_ENTRY_set(const ne: PX509_NAME_ENTRY): TIdC_INT cdecl; external CLibCrypto;
+
+  function X509_NAME_get0_der(nm: PX509_NAME; const pder: PPByte; pderlen: PIdC_SIZET): TIdC_INT cdecl; external CLibCrypto;
+
+  //TIdC_INT X509v3_get_ext_count(const STACK_OF(X509_EXTENSION) *x);
+  //TIdC_INT X509v3_get_ext_by_NID(const STACK_OF(X509_EXTENSION) *x,
+  //                          TIdC_INT nid, TIdC_INT lastpos);
+  //TIdC_INT X509v3_get_ext_by_OBJ(const STACK_OF(X509_EXTENSION) *x,
+  //                          const ASN1_OBJECT *obj, TIdC_INT lastpos);
+  //TIdC_INT X509v3_get_ext_by_critical(const STACK_OF(X509_EXTENSION) *x,
+  //                               TIdC_INT crit, TIdC_INT lastpos);
+  //X509_EXTENSION *X509v3_get_ext(const STACK_OF(X509_EXTENSION) *x, TIdC_INT loc);
+  //X509_EXTENSION *X509v3_delete_ext(STACK_OF(X509_EXTENSION) *x, TIdC_INT loc);
+  //STACK_OF(X509_EXTENSION) *X509v3_add_ext(STACK_OF(X509_EXTENSION) **x,
+  //                                         X509_EXTENSION *ex, TIdC_INT loc);
+
+  function X509_get_ext_count(const x: PX509): TIdC_INT cdecl; external CLibCrypto;
+  function X509_get_ext_by_NID(const x: PX509; nid: TIdC_INT; lastpos: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function X509_get_ext_by_OBJ(const x: PX509; const obj: PASN1_OBJECT; lastpos: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function X509_get_ext_by_critical(const x: PX509; crit: TIdC_INT; lastpos: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function X509_get_ext(const x: PX509; loc: TIdC_INT): PX509_EXTENSION cdecl; external CLibCrypto;
+  function X509_delete_ext(x: PX509; loc: TIdC_INT): PX509_EXTENSION cdecl; external CLibCrypto;
+  function X509_add_ext(x: PX509; ex: PX509_EXTENSION; loc: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function X509_get_ext_d2i(const x: PX509; nid: TIdC_INT; crit: PIdC_INT; idx: PIdC_INT): Pointer cdecl; external CLibCrypto;
+  function X509_add1_ext_i2d(x: PX509; nid: TIdC_INT; value: Pointer; crit: TIdC_INT; flags: TIdC_ULONG): TIdC_INT cdecl; external CLibCrypto;
+
+  function X509_CRL_get_ext_count(const x: PX509_CRL): TIdC_INT cdecl; external CLibCrypto;
+  function X509_CRL_get_ext_by_NID(const x: PX509_CRL; nid: TIdC_INT; lastpos: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function X509_CRL_get_ext_by_OBJ(const x: X509_CRL; const obj: PASN1_OBJECT; lastpos: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function X509_CRL_get_ext_by_critical(const x: PX509_CRL; crit: TIdC_INT; lastpos: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function X509_CRL_get_ext(const x: PX509_CRL; loc: TIdC_INT): PX509_EXTENSION cdecl; external CLibCrypto;
+  function X509_CRL_delete_ext(x: PX509_CRL; loc: TIdC_INT): PX509_EXTENSION cdecl; external CLibCrypto;
+  function X509_CRL_add_ext(x: PX509_CRL; ex: PX509_EXTENSION; loc: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function X509_CRL_get_ext_d2i(const x: PX509_CRL; nid: TIdC_INT; crit: PIdC_INT; idx: PIdC_INT): Pointer cdecl; external CLibCrypto;
+  function X509_CRL_add1_ext_i2d(x: PX509_CRL; nid: TIdC_INT; value: Pointer; crit: TIdC_INT; flags: TIdC_ULONG): TIdC_INT cdecl; external CLibCrypto;
+
+  function X509_REVOKED_get_ext_count(const x: PX509_REVOKED): TIdC_INT cdecl; external CLibCrypto;
+  function X509_REVOKED_get_ext_by_NID(const x: PX509_REVOKED; nid: TIdC_INT; lastpos: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function X509_REVOKED_get_ext_by_OBJ(const x: PX509_REVOKED; const obj: PASN1_OBJECT; lastpos: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function X509_REVOKED_get_ext_by_critical(const x: PX509_REVOKED; crit: TIdC_INT; lastpos: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function X509_REVOKED_get_ext(const x: PX509_REVOKED; loc: TIdC_INT): PX509_EXTENSION cdecl; external CLibCrypto;
+  function X509_REVOKED_delete_ext(x: PX509_REVOKED; loc: TIdC_INT): PX509_EXTENSION cdecl; external CLibCrypto;
+  function X509_REVOKED_add_ext(x: PX509_REVOKED; ex: PX509_EXTENSION; loc: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function X509_REVOKED_get_ext_d2i(const x: PX509_REVOKED; nid: TIdC_INT; crit: PIdC_INT; idx: PIdC_INT): Pointer cdecl; external CLibCrypto;
+  function X509_REVOKED_add1_ext_i2d(x: PX509_REVOKED; nid: TIdC_INT; value: Pointer; crit: TIdC_INT; flags: TIdC_ULONG): TIdC_INT cdecl; external CLibCrypto;
+
+  function X509_EXTENSION_create_by_NID(ex: PPX509_EXTENSION; nid: TIdC_INT; crit: TIdC_INT; data: PASN1_OCTET_STRING): PX509_EXTENSION cdecl; external CLibCrypto;
+  function X509_EXTENSION_create_by_OBJ(ex: PPX509_EXTENSION; const obj: PASN1_OBJECT; crit: TIdC_INT; data: PASN1_OCTET_STRING): PX509_EXTENSION cdecl; external CLibCrypto;
+  function X509_EXTENSION_set_object(ex: PX509_EXTENSION; const obj: PASN1_OBJECT): TIdC_INT cdecl; external CLibCrypto;
+  function X509_EXTENSION_set_critical(ex: PX509_EXTENSION; crit: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function X509_EXTENSION_set_data(ex: PX509_EXTENSION; data: PASN1_OCTET_STRING): TIdC_INT cdecl; external CLibCrypto;
+  function X509_EXTENSION_get_object(ex: PX509_EXTENSION): PASN1_OBJECT cdecl; external CLibCrypto;
+  function X509_EXTENSION_get_data(ne: PX509_EXTENSION): PASN1_OCTET_STRING cdecl; external CLibCrypto;
+  function X509_EXTENSION_get_critical(const ex: PX509_EXTENSION): TIdC_INT cdecl; external CLibCrypto;
+
+  //TIdC_INT X509at_get_attr_count(const STACK_OF(X509_ATTRIBUTE) *x);
+  //TIdC_INT X509at_get_attr_by_NID(const STACK_OF(X509_ATTRIBUTE) *x, TIdC_INT nid,
+  //                           TIdC_INT lastpos);
+  //TIdC_INT X509at_get_attr_by_OBJ(const STACK_OF(X509_ATTRIBUTE) *sk,
+  //                           const ASN1_OBJECT *obj, TIdC_INT lastpos);
+  //X509_ATTRIBUTE *X509at_get_attr(const STACK_OF(X509_ATTRIBUTE) *x, TIdC_INT loc);
+  //X509_ATTRIBUTE *X509at_delete_attr(STACK_OF(X509_ATTRIBUTE) *x, TIdC_INT loc);
+  //STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr(STACK_OF(X509_ATTRIBUTE) **x,
+  //                                           X509_ATTRIBUTE *attr);
+  //STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_OBJ(STACK_OF(X509_ATTRIBUTE)
+  //                                                  **x, const ASN1_OBJECT *obj,
+  //                                                  TIdC_INT type,
+  //                                                  const unsigned char *bytes,
+  //                                                  TIdC_INT len);
+  //STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_NID(STACK_OF(X509_ATTRIBUTE)
+  //                                                  **x, TIdC_INT nid, TIdC_INT type,
+  //                                                  const unsigned char *bytes,
+  //                                                  TIdC_INT len);
+  //STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_txt(STACK_OF(X509_ATTRIBUTE)
+  //                                                  **x, const PIdAnsiChar *attrname,
+  //                                                  TIdC_INT type,
+  //                                                  const unsigned char *bytes,
+  //                                                  TIdC_INT len);
+  //void *X509at_get0_data_by_OBJ(STACK_OF(X509_ATTRIBUTE) *x,
+  //                              const ASN1_OBJECT *obj, TIdC_INT lastpos, TIdC_INT type);
+  function X509_ATTRIBUTE_create_by_NID(attr: PPX509_ATTRIBUTE; nid: TIdC_INT; atrtype: TIdC_INT; const data: Pointer; len: TIdC_INT): PX509_ATTRIBUTE cdecl; external CLibCrypto;
+  function X509_ATTRIBUTE_create_by_OBJ(attr: PPX509_ATTRIBUTE; const obj: PASN1_OBJECT; atrtype: TIdC_INT; const data: Pointer; len: TIdC_INT): PX509_ATTRIBUTE cdecl; external CLibCrypto;
+  function X509_ATTRIBUTE_create_by_txt(attr: PPX509_ATTRIBUTE; const atrname: PIdAnsiChar; &type: TIdC_INT; const bytes: PByte; len: TIdC_INT): PX509_ATTRIBUTE cdecl; external CLibCrypto;
+  function X509_ATTRIBUTE_set1_object(attr: PX509_ATTRIBUTE; const obj: PASN1_OBJECT): TIdC_INT cdecl; external CLibCrypto;
+  function X509_ATTRIBUTE_set1_data(attr: PX509_ATTRIBUTE; attrtype: TIdC_INT; const data: Pointer; len: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function X509_ATTRIBUTE_get0_data(attr: PX509_ATTRIBUTE; idx: TIdC_INT; atrtype: TIdC_INT; data: Pointer): Pointer cdecl; external CLibCrypto;
+  function X509_ATTRIBUTE_count(const attr: PX509_ATTRIBUTE): TIdC_INT cdecl; external CLibCrypto;
+  function X509_ATTRIBUTE_get0_object(attr: PX509_ATTRIBUTE): PASN1_OBJECT cdecl; external CLibCrypto;
+  function X509_ATTRIBUTE_get0_type(attr: PX509_ATTRIBUTE; idx: TIdC_INT): PASN1_TYPE cdecl; external CLibCrypto;
+
+  function EVP_PKEY_get_attr_count(const key: PEVP_PKEY): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_PKEY_get_attr_by_NID(const key: PEVP_PKEY; nid: TIdC_INT; lastpos: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_PKEY_get_attr_by_OBJ(const key: PEVP_PKEY; const obj: PASN1_OBJECT; lastpos: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_PKEY_get_attr(const key: PEVP_PKEY; loc: TIdC_INT): PX509_ATTRIBUTE cdecl; external CLibCrypto;
+  function EVP_PKEY_delete_attr(key: PEVP_PKEY; loc: TIdC_INT): PX509_ATTRIBUTE cdecl; external CLibCrypto;
+  function EVP_PKEY_add1_attr(key: PEVP_PKEY; attr: PX509_ATTRIBUTE): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_PKEY_add1_attr_by_OBJ(key: PEVP_PKEY; const obj: PASN1_OBJECT; &type: TIdC_INT; const bytes: PByte; len: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_PKEY_add1_attr_by_NID(key: PEVP_PKEY; nid: TIdC_INT; &type: TIdC_INT; const bytes: PByte; len: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_PKEY_add1_attr_by_txt(key: PEVP_PKEY; const attrname: PIdAnsiChar; &type: TIdC_INT; const bytes: PByte; len: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+
+  function X509_verify_cert(ctx: PX509_STORE_CTX): TIdC_INT cdecl; external CLibCrypto;
+
+  (* lookup a cert from a X509 STACK *)
+//  function X509_find_by_issuer_and_serial(sk: P STACK_OF(X509); name: PX509_NAME; serial: PASN1_INTEGER): PX509;
+//  X509 *X509_find_by_subject(STACK_OF(X509) *sk, X509_NAME *name);
+
+  //DECLARE_ASN1_FUNCTIONS(PBEPARAM)
+  //DECLARE_ASN1_FUNCTIONS(PBE2PARAM)
+  //DECLARE_ASN1_FUNCTIONS(PBKDF2PARAM)
+  //#ifndef OPENSSL_NO_SCRYPT
+  //DECLARE_ASN1_FUNCTIONS(SCRYPT_PARAMS)
+  //#endif
+
+  function PKCS5_pbe_set0_algor(algor: PX509_ALGOR; alg: TIdC_INT; iter: TIdC_INT; const salt: PByte; saltlen: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+
+  function PKCS5_pbe_set(alg: TIdC_INT; iter: TIdC_INT; const salt: PByte; saltlen: TIdC_INT): PX509_ALGOR cdecl; external CLibCrypto;
+  function PKCS5_pbe2_set(const cipher: PEVP_CIPHER; iter: TIdC_INT; salt: PByte; saltlen: TIdC_INT): PX509_ALGOR cdecl; external CLibCrypto;
+  function PKCS5_pbe2_set_iv(const cipher: PEVP_CIPHER; iter: TIdC_INT; salt: PByte; saltlen: TIdC_INT; aiv: PByte; prf_nid: TIdC_INT): PX509_ALGOR cdecl; external CLibCrypto;
+
+  function PKCS5_pbe2_set_scrypt(const cipher: PEVP_CIPHER; const salt: PByte; saltlen: TIdC_INT; aiv: PByte; N: TIdC_UINT64; r: TIdC_UINT64; p: TIdC_UINT64): PX509_ALGOR cdecl; external CLibCrypto;
+
+  function PKCS5_pbkdf2_set(iter: TIdC_INT; salt: PByte; saltlen: TIdC_INT; prf_nid: TIdC_INT; keylen: TIdC_INT): PX509_ALGOR cdecl; external CLibCrypto;
+
+  (* PKCS#8 utilities *)
+
+  //DECLARE_ASN1_FUNCTIONS(PKCS8_PRIV_KEY_INFO)
+
+  function EVP_PKCS82PKEY(const p8: PPKCS8_PRIV_KEY_INFO): PEVP_PKEY cdecl; external CLibCrypto;
+  function EVP_PKEY2PKCS8(pkey: PEVP_PKEY): PKCS8_PRIV_KEY_INFO cdecl; external CLibCrypto;
+
+  function PKCS8_pkey_set0(priv: PPKCS8_PRIV_KEY_INFO; aobj: PASN1_OBJECT; version: TIdC_INT; ptype: TIdC_INT; pval: Pointer; penc: PByte; penclen: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function PKCS8_pkey_get0(const ppkalg: PPASN1_OBJECT; const pk: PPByte; ppklen: PIdC_INT; const pa: PPX509_ALGOR; const p8: PPKCS8_PRIV_KEY_INFO): TIdC_INT cdecl; external CLibCrypto;
+
+  //const STACK_OF(X509_ATTRIBUTE) *
+  //PKCS8_pkey_get0_attrs(const PKCS8_PRIV_KEY_INFO *p8);
+  function PKCS8_pkey_add1_attr_by_NID(p8: PPKCS8_PRIV_KEY_INFO; nid: TIdC_INT; &type: TIdC_INT; const bytes: PByte; len: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+
+  function X509_PUBKEY_set0_param(pub: PX509_PUBKEY; aobj: PASN1_OBJECT; ptype: TIdC_INT; pval: Pointer; penc: PByte; penclen: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function X509_PUBKEY_get0_param(ppkalg: PPASN1_OBJECT; const pk: PPByte; ppklen: PIdC_INT; pa: PPX509_ALGOR; pub: PX509_PUBKEY): TIdC_INT cdecl; external CLibCrypto;
+
+  function X509_check_trust(x: PX509; id: TIdC_INT; flags: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function X509_TRUST_get_count: TIdC_INT cdecl; external CLibCrypto;
+  function X509_TRUST_get0(idx: TIdC_INT): PX509_TRUST cdecl; external CLibCrypto;
+  function X509_TRUST_get_by_id(id: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+//  TIdC_INT X509_TRUST_add(TIdC_INT id, TIdC_INT flags, TIdC_INT (*ck) (X509_TRUST *, X509 *, TIdC_INT),
+//                     const PIdAnsiChar *name, TIdC_INT arg1, void *arg2);
+  procedure X509_TRUST_cleanup cdecl; external CLibCrypto;
+  function X509_TRUST_get_flags(const xp: PX509_TRUST): TIdC_INT cdecl; external CLibCrypto;
+  function X509_TRUST_get0_name(const xp: PX509_TRUST): PIdAnsiChar cdecl; external CLibCrypto;
+  function X509_TRUST_get_trust(const xp: PX509_TRUST): TIdC_INT cdecl; external CLibCrypto;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_x509_vfy.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_x509_vfy.pas
new file mode 100644
index 000000000..c322b24e2
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_x509_vfy.pas
@@ -0,0 +1,561 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 14:51:27
+
+unit IdOpenSSLHeaders_x509_vfy;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// x509_vfy.h
+
+{$i IdCompilerDefines.inc}
+
+{$MINENUMSIZE 4}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts,
+  IdOpenSSLHeaders_ossl_typ;
+
+const
+  X509_L_FILE_LOAD = 1;
+  X509_L_ADD_DIR   = 2;
+
+  X509_V_OK                                       = 0;
+  X509_V_ERR_UNSPECIFIED                          = 1;
+  X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT            = 2;
+  X509_V_ERR_UNABLE_TO_GET_CRL                    = 3;
+  X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE     = 4;
+  X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE      = 5;
+  X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY   = 6;
+  X509_V_ERR_CERT_SIGNATURE_FAILURE               = 7;
+  X509_V_ERR_CRL_SIGNATURE_FAILURE                = 8;
+  X509_V_ERR_CERT_NOT_YET_VALID                   = 9;
+  X509_V_ERR_CERT_HAS_EXPIRED                     = 10;
+  X509_V_ERR_CRL_NOT_YET_VALID                    = 11;
+  X509_V_ERR_CRL_HAS_EXPIRED                      = 12;
+  X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD       = 13;
+  X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD        = 14;
+  X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD       = 15;
+  X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD       = 16;
+  X509_V_ERR_OUT_OF_MEM                           = 17;
+  X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT          = 18;
+  X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN            = 19;
+  X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY    = 20;
+  X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE      = 21;
+  X509_V_ERR_CERT_CHAIN_TOO_LONG                  = 22;
+  X509_V_ERR_CERT_REVOKED                         = 23;
+  X509_V_ERR_INVALID_CA                           = 24;
+  X509_V_ERR_PATH_LENGTH_EXCEEDED                 = 25;
+  X509_V_ERR_INVALID_PURPOSE                      = 26;
+  X509_V_ERR_CERT_UNTRUSTED                       = 27;
+  X509_V_ERR_CERT_REJECTED                        = 28;
+  (* These are 'informational' when looking for issuer cert *)
+  X509_V_ERR_SUBJECT_ISSUER_MISMATCH              = 29;
+  X509_V_ERR_AKID_SKID_MISMATCH                   = 30;
+  X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH          = 31;
+  X509_V_ERR_KEYUSAGE_NO_CERTSIGN                 = 32;
+  X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER             = 33;
+  X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION         = 34;
+  X509_V_ERR_KEYUSAGE_NO_CRL_SIGN                 = 35;
+  X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION     = 36;
+  X509_V_ERR_INVALID_NON_CA                       = 37;
+  X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED           = 38;
+  X509_V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE        = 39;
+  X509_V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED       = 40;
+  X509_V_ERR_INVALID_EXTENSION                    = 41;
+  X509_V_ERR_INVALID_POLICY_EXTENSION             = 42;
+  X509_V_ERR_NO_EXPLICIT_POLICY                   = 43;
+  X509_V_ERR_DIFFERENT_CRL_SCOPE                  = 44;
+  X509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE        = 45;
+  X509_V_ERR_UNNESTED_RESOURCE                    = 46;
+  X509_V_ERR_PERMITTED_VIOLATION                  = 47;
+  X509_V_ERR_EXCLUDED_VIOLATION                   = 48;
+  X509_V_ERR_SUBTREE_MINMAX                       = 49;
+  (* The application is not happy *)
+  X509_V_ERR_APPLICATION_VERIFICATION             = 50;
+  X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE          = 51;
+  X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX        = 52;
+  X509_V_ERR_UNSUPPORTED_NAME_SYNTAX              = 53;
+  X509_V_ERR_CRL_PATH_VALIDATION_ERROR            = 54;
+  (* Another issuer check debug option *)
+  X509_V_ERR_PATH_LOOP                            = 55;
+  (* Suite B mode algorithm violation *)
+  X509_V_ERR_SUITE_B_INVALID_VERSION              = 56;
+  X509_V_ERR_SUITE_B_INVALID_ALGORITHM            = 57;
+  X509_V_ERR_SUITE_B_INVALID_CURVE                = 58;
+  X509_V_ERR_SUITE_B_INVALID_SIGNATURE_ALGORITHM  = 59;
+  X509_V_ERR_SUITE_B_LOS_NOT_ALLOWED              = 60;
+  X509_V_ERR_SUITE_B_CANNOT_SIGN_P_384_WITH_P_256 = 61;
+  (* Host, email and IP check errors *)
+  X509_V_ERR_HOSTNAME_MISMATCH                    = 62;
+  X509_V_ERR_EMAIL_MISMATCH                       = 63;
+  X509_V_ERR_IP_ADDRESS_MISMATCH                  = 64;
+  (* DANE TLSA errors *)
+  X509_V_ERR_DANE_NO_MATCH                        = 65;
+  (* security level errors *)
+  X509_V_ERR_EE_KEY_TOO_SMALL                     = 66;
+  X509_V_ERR_CA_KEY_TOO_SMALL                     = 67;
+  X509_V_ERR_CA_MD_TOO_WEAK                       = 68;
+  (* Caller error *)
+  X509_V_ERR_INVALID_CALL                         = 69;
+  (* Issuer lookup error *)
+  X509_V_ERR_STORE_LOOKUP                         = 70;
+  (* Certificate transparency *)
+  X509_V_ERR_NO_VALID_SCTS                        = 71;
+
+  X509_V_ERR_PROXY_SUBJECT_NAME_VIOLATION         = 72;
+  (* OCSP status errors *)
+  X509_V_ERR_OCSP_VERIFY_NEEDED                   = 73;  (* Need OCSP verification *)
+  X509_V_ERR_OCSP_VERIFY_FAILED                   = 74;  (* Couldn't verify cert through OCSP *)
+  X509_V_ERR_OCSP_CERT_UNKNOWN                    = 75;  (* Certificate wasn't recognized by the OCSP responder *)
+
+  (* Certificate verify flags *)
+
+  (* Use check time instead of current time *)
+  X509_V_FLAG_USE_CHECK_TIME       = $2;
+  (* Lookup CRLs *)
+  X509_V_FLAG_CRL_CHECK            = $4;
+  (* Lookup CRLs for whole chain *)
+  X509_V_FLAG_CRL_CHECK_ALL        = $8;
+  (* Ignore unhandled critical extensions *)
+  X509_V_FLAG_IGNORE_CRITICAL      = $10;
+  (* Disable workarounds for broken certificates *)
+  X509_V_FLAG_X509_STRICT          = $20;
+  (* Enable proxy certificate validation *)
+  X509_V_FLAG_ALLOW_PROXY_CERTS    = $40;
+  (* Enable policy checking *)
+  X509_V_FLAG_POLICY_CHECK         = $80;
+  (* Policy variable require-explicit-policy *)
+  X509_V_FLAG_EXPLICIT_POLICY      = $100;
+  (* Policy variable inhibit-any-policy *)
+  X509_V_FLAG_INHIBIT_ANY          = $200;
+  (* Policy variable inhibit-policy-mapping *)
+  X509_V_FLAG_INHIBIT_MAP          = $400;
+  (* Notify callback that policy is OK *)
+  X509_V_FLAG_NOTIFY_POLICY        = $800;
+  (* Extended CRL features such as indirect CRLs, alternate CRL signing keys *)
+  X509_V_FLAG_EXTENDED_CRL_SUPPORT = $1000;
+  (* Delta CRL support *)
+  X509_V_FLAG_USE_DELTAS           = $2000;
+  (* Check self-signed CA signature *)
+  X509_V_FLAG_CHECK_SS_SIGNATURE   = $4000;
+  (* Use trusted store first *)
+  X509_V_FLAG_TRUSTED_FIRST        = $8000;
+  (* Suite B 128 bit only mode: not normally used *)
+  X509_V_FLAG_SUITEB_128_LOS_ONLY  = $10000;
+  (* Suite B 192 bit only mode *)
+  X509_V_FLAG_SUITEB_192_LOS       = $20000;
+  (* Suite B 128 bit mode allowing 192 bit algorithms *)
+  X509_V_FLAG_SUITEB_128_LOS       = $30000;
+  (* Allow partial chains if at least one certificate is in trusted store *)
+  X509_V_FLAG_PARTIAL_CHAIN        = $80000;
+  (*
+   * If the initial chain is not trusted, do not attempt to build an alternative
+   * chain. Alternate chain checking was introduced in 1.1.0. Setting this flag
+   * will force the behaviour to match that of previous versions.
+   *)
+  X509_V_FLAG_NO_ALT_CHAINS        = $100000;
+  (* Do not check certificate/CRL validity against current time *)
+  X509_V_FLAG_NO_CHECK_TIME        = $200000;
+
+  X509_VP_FLAG_DEFAULT             = $1;
+  X509_VP_FLAG_OVERWRITE           = $2;
+  X509_VP_FLAG_RESET_FLAGS         = $4;
+  X509_VP_FLAG_LOCKED              = $8;
+  X509_VP_FLAG_ONCE                = $10;
+
+  (* Internal use: mask of policy related options *)
+  X509_V_FLAG_POLICY_MASK = X509_V_FLAG_POLICY_CHECK or X509_V_FLAG_EXPLICIT_POLICY
+    or X509_V_FLAG_INHIBIT_ANY or X509_V_FLAG_INHIBIT_MAP;
+
+
+  DANE_FLAG_NO_DANE_EE_NAMECHECKS = TIdC_Long(1) shl 0;
+
+  (* Non positive return values are errors *)
+  X509_PCY_TREE_FAILURE  = -2; (* Failure to satisfy explicit policy *)
+  X509_PCY_TREE_INVALID  = -1; (* Inconsistent or invalid extensions *)
+  X509_PCY_TREE_INTERNAL = 0; (* Internal error, most likely malloc *)
+
+  (*
+   * Positive return values form a bit mask, all but the first are internal to
+   * the library and don't appear in results from X509_policy_check().
+   *)
+  X509_PCY_TREE_VALID    = 1; (* The policy tree is valid *)
+  X509_PCY_TREE_EMPTY    = 2; (* The policy tree is empty *)
+  X509_PCY_TREE_EXPLICIT = 4; (* Explicit policy required *)
+
+type
+  (*-
+  SSL_CTX -> X509_STORE
+                  -> X509_LOOKUP
+                          ->X509_LOOKUP_METHOD
+                  -> X509_LOOKUP
+                          ->X509_LOOKUP_METHOD
+
+  SSL     -> X509_STORE_CTX
+                  ->X509_STORE
+
+  The X509_STORE holds the tables etc for verification stuff.
+  A X509_STORE_CTX is used while validating a single certificate.
+  The X509_STORE has X509_LOOKUPs for looking up certs.
+  The X509_STORE then calls a function to actually verify the
+  certificate chain.
+  *)
+
+  X509_LOOKUP_TYPE = (
+    X509_LU_NONE = 0,
+    X509_LU_X509,
+    X509_LU_CRL
+  );
+
+  X509_STORE_CTX_verify_cb = function(v1: TIdC_INT; v2: PX509_STORE_CTX): TIdC_INT;
+  X509_STORE_CTX_verify_fn = function(v1: PX509_STORE_CTX): TIdC_INT;
+  X509_STORE_CTX_get_issuer_fn = function(issuer: PPX509; ctx: PX509_STORE_CTX; x: PX509): TIdC_INT;
+  X509_STORE_CTX_check_issued_fn = function(ctx: PX509_STORE_CTX; x: PX509; issuer: PX509): TIdC_INT;
+  X509_STORE_CTX_check_revocation_fn = function(ctx: PX509_STORE_CTX): TIdC_INT;
+  X509_STORE_CTX_get_crl_fn = function(ctx: PX509_STORE_CTX; crl: PPX509_CRL; x: PX509): TIdC_INT;
+  X509_STORE_CTX_check_crl_fn = function(ctx: PX509_STORE_CTX; crl: PX509_CRL): TIdC_INT;
+  X509_STORE_CTX_cert_crl_fn = function(ctx: PX509_STORE_CTX; crl: PX509_CRL; x: PX509): TIdC_INT;
+  X509_STORE_CTX_check_policy_fn = function(ctx: PX509_STORE_CTX): TIdC_INT;
+//  typedef STACK_OF(X509) *(*X509_STORE_CTX_lookup_certs_fn)(X509_STORE_CTX *ctx,
+//                                                            X509_NAME *nm);
+//  typedef STACK_OF(X509_CRL) *(*X509_STORE_CTX_lookup_crls_fn)(X509_STORE_CTX *ctx,
+//                                                               X509_NAME *nm);
+  X509_STORE_CTX_cleanup_fn = function(ctx: PX509_STORE_CTX): TIdC_INT;
+
+  X509_LOOKUP_ctrl_fn = function(ctx: PX509_LOOKUP; cmd: TIdC_INT;
+    const argc: PIdAnsiChar; argl: TIdC_LONG; ret: PPIdAnsiChar): TIdC_INT;
+  X509_LOOKUP_get_by_subject_fn = function(ctx: PX509_LOOKUP;
+    &type: X509_LOOKUP_TYPE; name: PX509_NAME; ret: PX509_OBJECT): TIdC_INT;
+  X509_LOOKUP_get_by_issuer_serial_fn = function(ctx: PX509_LOOKUP;
+    &type: X509_LOOKUP_TYPE; name: PX509_NAME; serial: PASN1_INTEGER; ret: PX509_OBJECT): TIdC_INT;
+  X509_LOOKUP_get_by_fingerprint_fn = function(ctx: PX509_LOOKUP; &type: X509_LOOKUP_TYPE;
+    const bytes: PByte; len: TIdC_INT; ret: PX509_OBJECT): TIdC_INT;
+  X509_LOOKUP_get_by_alias_fn = function(ctx: PX509_LOOKUP; &type: X509_LOOKUP_TYPE;
+    const str: PIdAnsiChar; len: TIdC_INT; ret: PX509_OBJECT): TIdC_INT;
+
+  //DEFINE_STACK_OF(X509_LOOKUP)
+  //DEFINE_STACK_OF(X509_OBJECT)
+  //DEFINE_STACK_OF(X509_VERIFY_PARAM)
+
+  function X509_STORE_set_depth(store: PX509_STORE; depth: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+
+  procedure X509_STORE_CTX_set_depth(ctx: PX509_STORE_CTX; depth: TIdC_INT) cdecl; external CLibCrypto;
+
+  //# define X509_STORE_CTX_set_app_data(ctx,data) \
+  //        X509_STORE_CTX_set_ex_data(ctx,0,data)
+  //# define X509_STORE_CTX_get_app_data(ctx) \
+  //        X509_STORE_CTX_get_ex_data(ctx,0)
+  //
+  //# define X509_LOOKUP_load_file(x,name,type) \
+  //                X509_LOOKUP_ctrl((x),X509_L_FILE_LOAD,(name),(TIdC_LONG)(type),NULL)
+  //
+  //# define X509_LOOKUP_add_dir(x,name,type) \
+  //                X509_LOOKUP_ctrl((x),X509_L_ADD_DIR,(name),(TIdC_LONG)(type),NULL)
+  //
+  //TIdC_INT X509_OBJECT_idx_by_subject(STACK_OF(X509_OBJECT) *h, X509_LOOKUP_TYPE type,
+  //                               X509_NAME *name);
+  //X509_OBJECT *X509_OBJECT_retrieve_by_subject(STACK_OF(X509_OBJECT) *h,
+  //                                             X509_LOOKUP_TYPE type,
+  //                                             X509_NAME *name);
+  //X509_OBJECT *X509_OBJECT_retrieve_match(STACK_OF(X509_OBJECT) *h,
+  //                                        X509_OBJECT *x);
+  function X509_OBJECT_up_ref_count(a: PX509_OBJECT): TIdC_INT cdecl; external CLibCrypto;
+  function X509_OBJECT_new: PX509_OBJECT cdecl; external CLibCrypto;
+  procedure X509_OBJECT_free(a: PX509_OBJECT) cdecl; external CLibCrypto;
+  function X509_OBJECT_get_type(const a: PX509_OBJECT): X509_LOOKUP_TYPE cdecl; external CLibCrypto;
+  function X509_OBJECT_get0_X509(const a: PX509_OBJECT): PX509 cdecl; external CLibCrypto;
+  function X509_OBJECT_set1_X509(a: PX509_OBJECT; obj: PX509): TIdC_INT cdecl; external CLibCrypto;
+  function X509_OBJECT_get0_X509_CRL(a: PX509_OBJECT): PX509_CRL cdecl; external CLibCrypto;
+  function X509_OBJECT_set1_X509_CRL(a: PX509_OBJECT; obj: PX509_CRL): TIdC_INT cdecl; external CLibCrypto;
+  function X509_STORE_new: PX509_STORE cdecl; external CLibCrypto;
+  procedure X509_STORE_free(v: PX509_STORE) cdecl; external CLibCrypto;
+  function X509_STORE_lock(ctx: PX509_STORE): TIdC_INT cdecl; external CLibCrypto;
+  function X509_STORE_unlock(ctx: PX509_STORE): TIdC_INT cdecl; external CLibCrypto;
+  function X509_STORE_up_ref(v: PX509_STORE): TIdC_INT cdecl; external CLibCrypto;
+  //STACK_OF(X509_OBJECT) *X509_STORE_get0_objects(X509_STORE *v);
+
+  //STACK_OF(X509) *X509_STORE_CTX_get1_certs(X509_STORE_CTX *st, X509_NAME *nm);
+  //STACK_OF(X509_CRL) *X509_STORE_CTX_get1_crls(X509_STORE_CTX *st, X509_NAME *nm);
+  function X509_STORE_set_flags(ctx: PX509_STORE; flags: TIdC_ULONG): TIdC_INT cdecl; external CLibCrypto;
+  function X509_STORE_set_purpose(ctx: PX509_STORE; purpose: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function X509_STORE_set_trust(ctx: PX509_STORE; trust: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function X509_STORE_set1_param(ctx: PX509_STORE; pm: PX509_VERIFY_PARAM): TIdC_INT cdecl; external CLibCrypto;
+  function X509_STORE_get0_param(ctx: PX509_STORE): PX509_VERIFY_PARAM cdecl; external CLibCrypto;
+
+  procedure X509_STORE_set_verify(ctx: PX509_STORE; verify: X509_STORE_CTX_verify_fn) cdecl; external CLibCrypto;
+  //#define X509_STORE_set_verify_func(ctx, func) \
+  //            X509_STORE_set_verify((ctx),(func))
+  procedure X509_STORE_CTX_set_verify(ctx: PX509_STORE_CTX; verify: X509_STORE_CTX_verify_fn) cdecl; external CLibCrypto;
+  function X509_STORE_get_verify(ctx: PX509_STORE): X509_STORE_CTX_verify_fn cdecl; external CLibCrypto;
+  procedure X509_STORE_set_verify_cb(ctx: PX509_STORE; verify_cb: X509_STORE_CTX_verify_cb) cdecl; external CLibCrypto;
+  //# define X509_STORE_set_verify_cb_func(ctx,func) \
+  //            X509_STORE_set_verify_cb((ctx),(func))
+  function X509_STORE_get_verify_cb(ctx: PX509_STORE): X509_STORE_CTX_verify_cb cdecl; external CLibCrypto;
+  procedure X509_STORE_set_get_issuer(ctx: PX509_STORE; get_issuer: X509_STORE_CTX_get_issuer_fn) cdecl; external CLibCrypto;
+  function X509_STORE_get_get_issuer(ctx: PX509_STORE): X509_STORE_CTX_get_issuer_fn cdecl; external CLibCrypto;
+  procedure X509_STORE_set_check_issued(ctx: PX509_STORE; check_issued: X509_STORE_CTX_check_issued_fn) cdecl; external CLibCrypto;
+  function X509_STORE_get_check_issued(ctx: PX509_STORE): X509_STORE_CTX_check_issued_fn cdecl; external CLibCrypto;
+  procedure X509_STORE_set_check_revocation(ctx: PX509_STORE; check_revocation: X509_STORE_CTX_check_revocation_fn) cdecl; external CLibCrypto;
+  function X509_STORE_get_check_revocation(ctx: PX509_STORE): X509_STORE_CTX_check_revocation_fn cdecl; external CLibCrypto;
+  procedure X509_STORE_set_get_crl(ctx: PX509_STORE; get_crl: X509_STORE_CTX_get_crl_fn) cdecl; external CLibCrypto;
+  function X509_STORE_get_get_crl(ctx: PX509_STORE): X509_STORE_CTX_get_crl_fn cdecl; external CLibCrypto;
+  procedure X509_STORE_set_check_crl(ctx: PX509_STORE; check_crl: X509_STORE_CTX_check_crl_fn) cdecl; external CLibCrypto;
+  function X509_STORE_get_check_crl(ctx: PX509_STORE): X509_STORE_CTX_check_crl_fn cdecl; external CLibCrypto;
+  procedure X509_STORE_set_cert_crl(ctx: PX509_STORE; cert_crl: X509_STORE_CTX_cert_crl_fn) cdecl; external CLibCrypto;
+  function X509_STORE_get_cert_crl(ctx: PX509_STORE): X509_STORE_CTX_cert_crl_fn cdecl; external CLibCrypto;
+  procedure X509_STORE_set_check_policy(ctx: PX509_STORE; check_policy: X509_STORE_CTX_check_policy_fn) cdecl; external CLibCrypto;
+  function X509_STORE_get_check_policy(ctx: PX509_STORE): X509_STORE_CTX_check_policy_fn cdecl; external CLibCrypto;
+//  procedure X509_STORE_set_lookup_certs(ctx: PX509_STORE; lookup_certs: X509_STORE_CTX_lookup_certs_fn);
+//  function X509_STORE_get_lookup_certs(ctx: PX509_STORE): X509_STORE_CTX_lookup_certs_fn;
+//  procedure X509_STORE_set_lookup_crls(ctx: PX509_STORE; lookup_crls: X509_STORE_CTX_lookup_crls_fn);
+//  #define X509_STORE_set_lookup_crls_cb(ctx, func) \
+//      X509_STORE_set_lookup_crls((ctx), (func))
+//  function X509_STORE_get_lookup_crls(ctx: PX509_STORE): X509_STORE_CTX_lookup_crls_fn;
+  procedure X509_STORE_set_cleanup(ctx: PX509_STORE; cleanup: X509_STORE_CTX_cleanup_fn) cdecl; external CLibCrypto;
+  function X509_STORE_get_cleanup(ctx: PX509_STORE): X509_STORE_CTX_cleanup_fn cdecl; external CLibCrypto;
+
+  //#define X509_STORE_get_ex_new_index(l, p, newf, dupf, freef) \
+  //    CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_X509_STORE, l, p, newf, dupf, freef)
+  function X509_STORE_set_ex_data(ctx: PX509_STORE; idx: TIdC_INT; data: Pointer): TIdC_INT cdecl; external CLibCrypto;
+  function X509_STORE_get_ex_data(ctx: PX509_STORE; idx: TIdC_INT): Pointer cdecl; external CLibCrypto;
+
+  function X509_STORE_CTX_new: PX509_STORE_CTX cdecl; external CLibCrypto;
+
+  function X509_STORE_CTX_get1_issuer(issuer: PPX509; ctx: PX509_STORE_CTX; x: PX509): TIdC_INT cdecl; external CLibCrypto;
+
+  procedure X509_STORE_CTX_free(ctx: PX509_STORE_CTX) cdecl; external CLibCrypto;
+//  TIdC_INT X509_STORE_CTX_init(ctx: PX509_STORE_CTX; store: PX509_STORE; x509: PX509; chain: P STACK_OF(X509));
+//  procedure X509_STORE_CTX_set0_trusted_stack(ctx: PX509_STORE_CTX; sk: P STACK_OF(X509));
+  procedure X509_STORE_CTX_cleanup(ctx: PX509_STORE_CTX) cdecl; external CLibCrypto;
+
+  function X509_STORE_CTX_get0_store(ctx: PX509_STORE_CTX): PX509_STORE cdecl; external CLibCrypto;
+  function X509_STORE_CTX_get0_cert(ctx: PX509_STORE_CTX): PX509 cdecl; external CLibCrypto;
+  //STACK_OF(X509)* X509_STORE_CTX_get0_untrusted(X509_STORE_CTX *ctx);
+  //void X509_STORE_CTX_set0_untrusted(X509_STORE_CTX *ctx, STACK_OF(X509) *sk);
+  procedure X509_STORE_CTX_set_verify_cb(ctx: PX509_STORE_CTX; verify: X509_STORE_CTX_verify_cb) cdecl; external CLibCrypto;
+  function X509_STORE_CTX_get_verify_cb(ctx: PX509_STORE_CTX): X509_STORE_CTX_verify_cb cdecl; external CLibCrypto;
+  function X509_STORE_CTX_get_verify(ctx: PX509_STORE_CTX): X509_STORE_CTX_verify_fn cdecl; external CLibCrypto;
+  function X509_STORE_CTX_get_get_issuer(ctx: PX509_STORE_CTX): X509_STORE_CTX_get_issuer_fn cdecl; external CLibCrypto;
+  function X509_STORE_CTX_get_check_issued(ctx: PX509_STORE_CTX): X509_STORE_CTX_check_issued_fn cdecl; external CLibCrypto;
+  function X509_STORE_CTX_get_check_revocation(ctx: PX509_STORE_CTX): X509_STORE_CTX_check_revocation_fn cdecl; external CLibCrypto;
+  function X509_STORE_CTX_get_get_crl(ctx: PX509_STORE_CTX): X509_STORE_CTX_get_crl_fn cdecl; external CLibCrypto;
+  function X509_STORE_CTX_get_check_crl(ctx: PX509_STORE_CTX): X509_STORE_CTX_check_crl_fn cdecl; external CLibCrypto;
+  function X509_STORE_CTX_get_cert_crl(ctx: PX509_STORE_CTX): X509_STORE_CTX_cert_crl_fn cdecl; external CLibCrypto;
+  function X509_STORE_CTX_get_check_policy(ctx: PX509_STORE_CTX): X509_STORE_CTX_check_policy_fn cdecl; external CLibCrypto;
+//  function X509_STORE_CTX_get_lookup_certs(ctx: PX509_STORE_CTX): X509_STORE_CTX_lookup_certs_fn;
+//  function X509_STORE_CTX_get_lookup_crls(ctx: PX509_STORE_CTX): X509_STORE_CTX_lookup_crls_fn;
+  function X509_STORE_CTX_get_cleanup(ctx: PX509_STORE_CTX): X509_STORE_CTX_cleanup_fn cdecl; external CLibCrypto;
+
+  function X509_STORE_add_lookup(v: PX509_STORE; m: PX509_LOOKUP_METHOD): PX509_LOOKUP cdecl; external CLibCrypto;
+  function X509_LOOKUP_hash_dir: PX509_LOOKUP_METHOD cdecl; external CLibCrypto;
+  function X509_LOOKUP_file: PX509_LOOKUP_METHOD cdecl; external CLibCrypto;
+
+  function X509_LOOKUP_meth_new(const name: PIdAnsiChar): PX509_LOOKUP_METHOD cdecl; external CLibCrypto;
+  procedure X509_LOOKUP_meth_free(method: PX509_LOOKUP_METHOD) cdecl; external CLibCrypto;
+
+  //TIdC_INT X509_LOOKUP_meth_set_new_item(X509_LOOKUP_METHOD *method,
+  //                                  TIdC_INT (*new_item) (X509_LOOKUP *ctx));
+  //TIdC_INT (*X509_LOOKUP_meth_get_new_item(const X509_LOOKUP_METHOD* method))
+  //    (X509_LOOKUP *ctx);
+  //
+  //TIdC_INT X509_LOOKUP_meth_set_free(X509_LOOKUP_METHOD *method,
+  //                              void (*free_fn) (X509_LOOKUP *ctx));
+  //void (*X509_LOOKUP_meth_get_free(const X509_LOOKUP_METHOD* method))
+  //    (X509_LOOKUP *ctx);
+  //
+  //TIdC_INT X509_LOOKUP_meth_set_init(X509_LOOKUP_METHOD *method,
+  //                              TIdC_INT (*init) (X509_LOOKUP *ctx));
+  //TIdC_INT (*X509_LOOKUP_meth_get_init(const X509_LOOKUP_METHOD* method))
+  //    (X509_LOOKUP *ctx);
+  //
+  //TIdC_INT X509_LOOKUP_meth_set_shutdown(X509_LOOKUP_METHOD *method,
+  //                                  TIdC_INT (*shutdown) (X509_LOOKUP *ctx));
+  //TIdC_INT (*X509_LOOKUP_meth_get_shutdown(const X509_LOOKUP_METHOD* method))
+  //    (X509_LOOKUP *ctx);
+
+  function X509_LOOKUP_meth_set_ctrl(method: PX509_LOOKUP_METHOD; ctrl_fn: X509_LOOKUP_ctrl_fn): TIdC_INT cdecl; external CLibCrypto;
+  function X509_LOOKUP_meth_get_ctrl(const method: PX509_LOOKUP_METHOD): X509_LOOKUP_ctrl_fn cdecl; external CLibCrypto;
+
+  function X509_LOOKUP_meth_set_get_by_subject(method: PX509_LOOKUP_METHOD; fn: X509_LOOKUP_get_by_subject_fn): TIdC_INT cdecl; external CLibCrypto;
+  function X509_LOOKUP_meth_get_get_by_subject(const method: PX509_LOOKUP_METHOD): X509_LOOKUP_get_by_subject_fn cdecl; external CLibCrypto;
+
+  function X509_LOOKUP_meth_set_get_by_issuer_serial(method: PX509_LOOKUP_METHOD; fn: X509_LOOKUP_get_by_issuer_serial_fn): TIdC_INT cdecl; external CLibCrypto;
+  function X509_LOOKUP_meth_get_get_by_issuer_serial(const method: PX509_LOOKUP_METHOD): X509_LOOKUP_get_by_issuer_serial_fn cdecl; external CLibCrypto;
+
+  function X509_LOOKUP_meth_set_get_by_fingerprint(method: PX509_LOOKUP_METHOD; fn: X509_LOOKUP_get_by_fingerprint_fn): TIdC_INT cdecl; external CLibCrypto;
+  function X509_LOOKUP_meth_get_get_by_fingerprint(const method: PX509_LOOKUP_METHOD): X509_LOOKUP_get_by_fingerprint_fn cdecl; external CLibCrypto;
+
+  function X509_LOOKUP_meth_set_get_by_alias(method: PX509_LOOKUP_METHOD; fn: X509_LOOKUP_get_by_alias_fn): TIdC_INT cdecl; external CLibCrypto;
+  function X509_LOOKUP_meth_get_get_by_alias(const method: PX509_LOOKUP_METHOD): X509_LOOKUP_get_by_alias_fn cdecl; external CLibCrypto;
+
+  function X509_STORE_add_cert(ctx: PX509_STORE; x: PX509): TIdC_INT cdecl; external CLibCrypto;
+  function X509_STORE_add_crl(ctx: PX509_STORE; x: PX509_CRL): TIdC_INT cdecl; external CLibCrypto;
+
+  function X509_STORE_CTX_get_by_subject(vs: PX509_STORE_CTX; &type: X509_LOOKUP_TYPE; name: PX509_NAME; ret: PX509_OBJECT): TIdC_INT cdecl; external CLibCrypto;
+  function X509_STORE_CTX_get_obj_by_subject(vs: PX509_STORE_CTX; &type: X509_LOOKUP_TYPE; name: PX509_NAME): PX509_OBJECT cdecl; external CLibCrypto;
+
+  function X509_LOOKUP_ctrl(ctx: PX509_LOOKUP; cmd: TIdC_INT; const argc: PIdAnsiChar; argl: TIdC_LONG; ret: PPIdAnsiChar): TIdC_INT cdecl; external CLibCrypto;
+
+  function X509_load_cert_file(ctx: PX509_LOOKUP; const &file: PIdAnsiChar; &type: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function X509_load_crl_file(ctx: PX509_LOOKUP; const &file: PIdAnsiChar; &type: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function X509_load_cert_crl_file(ctx: PX509_LOOKUP; const &file: PIdAnsiChar; &type: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+
+  function X509_LOOKUP_new(method: PX509_LOOKUP_METHOD): PX509_LOOKUP cdecl; external CLibCrypto;
+  procedure X509_LOOKUP_free(ctx: PX509_LOOKUP) cdecl; external CLibCrypto;
+  function X509_LOOKUP_init(ctx: PX509_LOOKUP): TIdC_INT cdecl; external CLibCrypto;
+  function X509_LOOKUP_by_subject(ctx: PX509_LOOKUP; &type: X509_LOOKUP_TYPE; name: PX509_NAME; ret: PX509_OBJECT): TIdC_INT cdecl; external CLibCrypto;
+  function X509_LOOKUP_by_issuer_serial(ctx: PX509_LOOKUP; &type: X509_LOOKUP_TYPE; name: PX509_NAME; serial: PASN1_INTEGER; ret: PX509_OBJECT): TIdC_INT cdecl; external CLibCrypto;
+  function X509_LOOKUP_by_fingerprint(ctx: PX509_LOOKUP; &type: X509_LOOKUP_TYPE; const bytes: PByte; len: TIdC_INT; ret: PX509_OBJECT): TIdC_INT cdecl; external CLibCrypto;
+  function X509_LOOKUP_by_alias(ctx: PX509_LOOKUP; &type: X509_LOOKUP_TYPE; const str: PIdAnsiChar; len: TIdC_INT; ret: PX509_OBJECT): TIdC_INT cdecl; external CLibCrypto;
+  function X509_LOOKUP_set_method_data(ctx: PX509_LOOKUP; data: Pointer): TIdC_INT cdecl; external CLibCrypto;
+  function X509_LOOKUP_get_method_data(const ctx: PX509_LOOKUP): Pointer cdecl; external CLibCrypto;
+  function X509_LOOKUP_get_store(const ctx: PX509_LOOKUP): PX509_STORE cdecl; external CLibCrypto;
+  function X509_LOOKUP_shutdown(ctx: PX509_LOOKUP): TIdC_INT cdecl; external CLibCrypto;
+
+  function X509_STORE_load_locations(ctx: PX509_STORE; const &file: PIdAnsiChar; const dir: PIdAnsiChar): TIdC_INT cdecl; external CLibCrypto;
+  function X509_STORE_set_default_paths(ctx: PX509_STORE): TIdC_INT cdecl; external CLibCrypto;
+
+  //#define X509_STORE_CTX_get_ex_new_index(l, p, newf, dupf, freef) \
+  //    CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_X509_STORE_CTX, l, p, newf, dupf, freef)
+  function X509_STORE_CTX_set_ex_data(ctx: PX509_STORE_CTX; idx: TIdC_INT; data: Pointer): TIdC_INT cdecl; external CLibCrypto;
+  function X509_STORE_CTX_get_ex_data(ctx: PX509_STORE_CTX; idx: TIdC_INT): Pointer cdecl; external CLibCrypto;
+  function X509_STORE_CTX_get_error(ctx: PX509_STORE_CTX): TIdC_INT cdecl; external CLibCrypto;
+  procedure X509_STORE_CTX_set_error(ctx: X509_STORE_CTX; s: TIdC_INT) cdecl; external CLibCrypto;
+  function X509_STORE_CTX_get_error_depth(ctx: PX509_STORE_CTX): TIdC_INT cdecl; external CLibCrypto;
+  procedure X509_STORE_CTX_set_error_depth(ctx: PX509_STORE_CTX; depth: TIdC_INT) cdecl; external CLibCrypto;
+  function X509_STORE_CTX_get_current_cert(ctx: PX509_STORE_CTX): PX509 cdecl; external CLibCrypto;
+  procedure X509_STORE_CTX_set_current_cert(ctx: PX509_STORE_CTX; x: PX509) cdecl; external CLibCrypto;
+  function X509_STORE_CTX_get0_current_issuer(ctx: PX509_STORE_CTX): PX509 cdecl; external CLibCrypto;
+  function X509_STORE_CTX_get0_current_crl(ctx: PX509_STORE_CTX): PX509_CRL cdecl; external CLibCrypto;
+  function X509_STORE_CTX_get0_parent_ctx(ctx: PX509_STORE_CTX): PX509_STORE_CTX cdecl; external CLibCrypto;
+//  STACK_OF(X509) *X509_STORE_CTX_get0_chain(X509_STORE_CTX *ctx);
+//  STACK_OF(X509) *X509_STORE_CTX_get1_chain(X509_STORE_CTX *ctx);
+  procedure X509_STORE_CTX_set_cert(c: PX509_STORE_CTX; x: PX509) cdecl; external CLibCrypto;
+//  void X509_STORE_CTX_set0_verified_chain(X509_STORE_CTX *c, STACK_OF(X509) *sk);
+//  void X509_STORE_CTX_set0_crls(X509_STORE_CTX *c, STACK_OF(X509_CRL) *sk);
+  function X509_STORE_CTX_set_purpose(ctx: PX509_STORE_CTX; purpose: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function X509_STORE_CTX_set_trust(ctx: PX509_STORE_CTX; trust: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function X509_STORE_CTX_purpose_inherit(ctx: PX509_STORE_CTX; def_purpose: TIdC_INT; purpose: TIdC_INT; trust: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  procedure X509_STORE_CTX_set_flags(ctx: PX509_STORE_CTX; flags: TIdC_ULONG) cdecl; external CLibCrypto;
+//  procedure X509_STORE_CTX_set_time(ctx: PX509_STORE_CTX; flags: TIdC_ULONG; t: TIdC_TIMET);
+
+  function X509_STORE_CTX_get0_policy_tree(ctx: PX509_STORE_CTX): PX509_POLICY_TREE cdecl; external CLibCrypto;
+  function X509_STORE_CTX_get_explicit_policy(ctx: PX509_STORE_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function X509_STORE_CTX_get_num_untrusted(ctx: PX509_STORE_CTX): TIdC_INT cdecl; external CLibCrypto;
+
+  function X509_STORE_CTX_get0_param(ctx: PX509_STORE_CTX): PX509_VERIFY_PARAM cdecl; external CLibCrypto;
+  procedure X509_STORE_CTX_set0_param(ctx: PX509_STORE_CTX; param: PX509_VERIFY_PARAM) cdecl; external CLibCrypto;
+  function X509_STORE_CTX_set_default(ctx: PX509_STORE_CTX; const name: PIdAnsiChar): TIdC_INT cdecl; external CLibCrypto;
+
+  (*
+   * Bridge opacity barrier between libcrypt and libssl, also needed to support
+   * offline testing in test/danetest.c
+   *)
+  procedure X509_STORE_CTX_set0_dane(ctx: PX509_STORE_CTX; dane: PSSL_DANE) cdecl; external CLibCrypto;
+
+  (* X509_VERIFY_PARAM functions *)
+
+  function X509_VERIFY_PARAM_new: PX509_VERIFY_PARAM cdecl; external CLibCrypto;
+  procedure X509_VERIFY_PARAM_free(param: PX509_VERIFY_PARAM) cdecl; external CLibCrypto;
+  function X509_VERIFY_PARAM_inherit(&to: PX509_VERIFY_PARAM; const from: PX509_VERIFY_PARAM): TIdC_INT cdecl; external CLibCrypto;
+  function X509_VERIFY_PARAM_set1(&to: PX509_VERIFY_PARAM; const from: PX509_VERIFY_PARAM): TIdC_INT cdecl; external CLibCrypto;
+  function X509_VERIFY_PARAM_set1_name(param: PX509_VERIFY_PARAM; const name: PIdAnsiChar): TIdC_INT cdecl; external CLibCrypto;
+  function X509_VERIFY_PARAM_set_flags(param: PX509_VERIFY_PARAM; flags: TIdC_ULONG): TIdC_INT cdecl; external CLibCrypto;
+  function X509_VERIFY_PARAM_clear_flags(param: PX509_VERIFY_PARAM; flags: TIdC_ULONG): TIdC_INT cdecl; external CLibCrypto;
+  function X509_VERIFY_PARAM_get_flags(param: PX509_VERIFY_PARAM): TIdC_ULONG cdecl; external CLibCrypto;
+  function X509_VERIFY_PARAM_set_purpose(param: PX509_VERIFY_PARAM; purpose: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function X509_VERIFY_PARAM_set_trust(param: PX509_VERIFY_PARAM; trust: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  procedure X509_VERIFY_PARAM_set_depth(param: PX509_VERIFY_PARAM; depth: TIdC_INT) cdecl; external CLibCrypto;
+  procedure X509_VERIFY_PARAM_set_auth_level(param: PX509_VERIFY_PARAM; auth_level: TIdC_INT) cdecl; external CLibCrypto;
+//  function X509_VERIFY_PARAM_get_time(const param: PX509_VERIFY_PARAM): TIdC_TIMET;
+//  procedure X509_VERIFY_PARAM_set_time(param: PX509_VERIFY_PARAM; t: TIdC_TIMET);
+  function X509_VERIFY_PARAM_add0_policy(param: PX509_VERIFY_PARAM; policy: PASN1_OBJECT): TIdC_INT cdecl; external CLibCrypto;
+  //TIdC_INT X509_VERIFY_PARAM_set1_policies(X509_VERIFY_PARAM *param,
+  //                                    STACK_OF(ASN1_OBJECT) *policies);
+
+  function X509_VERIFY_PARAM_set_inh_flags(param: PX509_VERIFY_PARAM; flags: TIdC_UINT32): TIdC_INT cdecl; external CLibCrypto;
+  function X509_VERIFY_PARAM_get_inh_flags(const param: PX509_VERIFY_PARAM): TIdC_UINT32 cdecl; external CLibCrypto;
+
+  function X509_VERIFY_PARAM_set1_host(param: PX509_VERIFY_PARAM; const name: PIdAnsiChar; namelen: TIdC_SIZET): TIdC_INT cdecl; external CLibCrypto;
+  function X509_VERIFY_PARAM_add1_host(param: PX509_VERIFY_PARAM; const name: PIdAnsiChar; namelen: TIdC_SIZET): TIdC_INT cdecl; external CLibCrypto;
+  procedure X509_VERIFY_PARAM_set_hostflags(param: PX509_VERIFY_PARAM; flags: TIdC_UINT) cdecl; external CLibCrypto;
+  function X509_VERIFY_PARAM_get_hostflags(const param: PX509_VERIFY_PARAM): TIdC_UINT cdecl; external CLibCrypto;
+  function X509_VERIFY_PARAM_get0_peername(v1: PX509_VERIFY_PARAM): PIdAnsiChar cdecl; external CLibCrypto;
+  procedure X509_VERIFY_PARAM_move_peername(v1: PX509_VERIFY_PARAM; v2: PX509_VERIFY_PARAM) cdecl; external CLibCrypto;
+  function X509_VERIFY_PARAM_set1_email(param: PX509_VERIFY_PARAM; const email: PIdAnsiChar; emaillen: TIdC_SIZET): TIdC_INT cdecl; external CLibCrypto;
+  function X509_VERIFY_PARAM_set1_ip(param: PX509_VERIFY_PARAM; const ip: PByte; iplen: TIdC_SIZET): TIdC_INT cdecl; external CLibCrypto;
+  function X509_VERIFY_PARAM_set1_ip_asc(param: PX509_VERIFY_PARAM; const ipasc: PIdAnsiChar): TIdC_INT cdecl; external CLibCrypto;
+
+  function X509_VERIFY_PARAM_get_depth(const param: PX509_VERIFY_PARAM): TIdC_INT cdecl; external CLibCrypto;
+  function X509_VERIFY_PARAM_get_auth_level(const param: PX509_VERIFY_PARAM): TIdC_INT cdecl; external CLibCrypto;
+  function X509_VERIFY_PARAM_get0_name(const param: PX509_VERIFY_PARAM): PIdAnsiChar cdecl; external CLibCrypto;
+
+  function X509_VERIFY_PARAM_add0_table(param: PX509_VERIFY_PARAM): TIdC_INT cdecl; external CLibCrypto;
+  function X509_VERIFY_PARAM_get_count: TIdC_INT cdecl; external CLibCrypto;
+  function X509_VERIFY_PARAM_get0(id: TIdC_INT): PX509_VERIFY_PARAM cdecl; external CLibCrypto;
+  function X509_VERIFY_PARAM_lookup(const name: PIdAnsiChar): X509_VERIFY_PARAM cdecl; external CLibCrypto;
+  procedure X509_VERIFY_PARAM_table_cleanup cdecl; external CLibCrypto;
+
+  //TIdC_INT X509_policy_check(X509_POLICY_TREE **ptree, TIdC_INT *pexplicit_policy,
+  //                      STACK_OF(X509) *certs,
+  //                      STACK_OF(ASN1_OBJECT) *policy_oids, TIdC_UINT flags);
+
+  procedure X509_policy_tree_free(tree: PX509_POLICY_TREE) cdecl; external CLibCrypto;
+
+  function X509_policy_tree_level_count(const tree: PX509_POLICY_TREE): TIdC_INT cdecl; external CLibCrypto;
+  function X509_policy_tree_get0_level(const tree: PX509_POLICY_TREE; i: TIdC_INT): PX509_POLICY_LEVEL cdecl; external CLibCrypto;
+
+  //STACK_OF(X509_POLICY_NODE) *X509_policy_tree_get0_policies(const
+  //                                                           X509_POLICY_TREE
+  //                                                           *tree);
+  //
+  //STACK_OF(X509_POLICY_NODE) *X509_policy_tree_get0_user_policies(const
+  //                                                                X509_POLICY_TREE
+  //                                                                *tree);
+
+  function X509_policy_level_node_count(level: PX509_POLICY_LEVEL): TIdC_INT cdecl; external CLibCrypto;
+
+  function X509_policy_level_get0_node(level: PX509_POLICY_LEVEL; i: TIdC_INT): PX509_POLICY_NODE cdecl; external CLibCrypto;
+
+  function X509_policy_node_get0_policy(const node: PX509_POLICY_NODE): PASN1_OBJECT cdecl; external CLibCrypto;
+
+  //STACK_OF(POLICYQUALINFO) *X509_policy_node_get0_qualifiers(const
+  //                                                           X509_POLICY_NODE
+  //                                                           *node);
+  function X509_policy_node_get0_parent(const node: PX509_POLICY_NODE): PX509_POLICY_NODE cdecl; external CLibCrypto;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_x509err.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_x509err.pas
new file mode 100644
index 000000000..bae16d0f2
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_x509err.pas
@@ -0,0 +1,159 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 14:51:27
+
+unit IdOpenSSLHeaders_x509err;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// x509err.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+const
+  (*
+   * X509 function codes.
+   *)
+  X509_F_ADD_CERT_DIR                       = 100;
+  X509_F_BUILD_CHAIN                        = 106;
+  X509_F_BY_FILE_CTRL                       = 101;
+  X509_F_CHECK_NAME_CONSTRAINTS             = 149;
+  X509_F_CHECK_POLICY                       = 145;
+  X509_F_DANE_I2D                           = 107;
+  X509_F_DIR_CTRL                           = 102;
+  X509_F_GET_CERT_BY_SUBJECT                = 103;
+  X509_F_I2D_X509_AUX                       = 151;
+  X509_F_LOOKUP_CERTS_SK                    = 152;
+  X509_F_NETSCAPE_SPKI_B64_DECODE           = 129;
+  X509_F_NETSCAPE_SPKI_B64_ENCODE           = 130;
+  X509_F_NEW_DIR                            = 153;
+  X509_F_X509AT_ADD1_ATTR                   = 135;
+  X509_F_X509V3_ADD_EXT                     = 104;
+  X509_F_X509_ATTRIBUTE_CREATE_BY_NID       = 136;
+  X509_F_X509_ATTRIBUTE_CREATE_BY_OBJ       = 137;
+  X509_F_X509_ATTRIBUTE_CREATE_BY_TXT       = 140;
+  X509_F_X509_ATTRIBUTE_GET0_DATA           = 139;
+  X509_F_X509_ATTRIBUTE_SET1_DATA           = 138;
+  X509_F_X509_CHECK_PRIVATE_KEY             = 128;
+  X509_F_X509_CRL_DIFF                      = 105;
+  X509_F_X509_CRL_METHOD_NEW                = 154;
+  X509_F_X509_CRL_PRINT_FP                  = 147;
+  X509_F_X509_EXTENSION_CREATE_BY_NID       = 108;
+  X509_F_X509_EXTENSION_CREATE_BY_OBJ       = 109;
+  X509_F_X509_GET_PUBKEY_PARAMETERS         = 110;
+  X509_F_X509_LOAD_CERT_CRL_FILE            = 132;
+  X509_F_X509_LOAD_CERT_FILE                = 111;
+  X509_F_X509_LOAD_CRL_FILE                 = 112;
+  X509_F_X509_LOOKUP_METH_NEW               = 160;
+  X509_F_X509_LOOKUP_NEW                    = 155;
+  X509_F_X509_NAME_ADD_ENTRY                = 113;
+  X509_F_X509_NAME_CANON                    = 156;
+  X509_F_X509_NAME_ENTRY_CREATE_BY_NID      = 114;
+  X509_F_X509_NAME_ENTRY_CREATE_BY_TXT      = 131;
+  X509_F_X509_NAME_ENTRY_SET_OBJECT         = 115;
+  X509_F_X509_NAME_ONELINE                  = 116;
+  X509_F_X509_NAME_PRINT                    = 117;
+  X509_F_X509_OBJECT_NEW                    = 150;
+  X509_F_X509_PRINT_EX_FP                   = 118;
+  X509_F_X509_PUBKEY_DECODE                 = 148;
+  X509_F_X509_PUBKEY_GET0                   = 119;
+  X509_F_X509_PUBKEY_SET                    = 120;
+  X509_F_X509_REQ_CHECK_PRIVATE_KEY         = 144;
+  X509_F_X509_REQ_PRINT_EX                  = 121;
+  X509_F_X509_REQ_PRINT_FP                  = 122;
+  X509_F_X509_REQ_TO_X509                   = 123;
+  X509_F_X509_STORE_ADD_CERT                = 124;
+  X509_F_X509_STORE_ADD_CRL                 = 125;
+  X509_F_X509_STORE_ADD_LOOKUP              = 157;
+  X509_F_X509_STORE_CTX_GET1_ISSUER         = 146;
+  X509_F_X509_STORE_CTX_INIT                = 143;
+  X509_F_X509_STORE_CTX_NEW                 = 142;
+  X509_F_X509_STORE_CTX_PURPOSE_INHERIT     = 134;
+  X509_F_X509_STORE_NEW                     = 158;
+  X509_F_X509_TO_X509_REQ                   = 126;
+  X509_F_X509_TRUST_ADD                     = 133;
+  X509_F_X509_TRUST_SET                     = 141;
+  X509_F_X509_VERIFY_CERT                   = 127;
+  X509_F_X509_VERIFY_PARAM_NEW              = 159;
+
+  (*
+   * X509 reason codes.
+   *)
+  X509_R_AKID_MISMATCH                      = 110;
+  X509_R_BAD_SELECTOR                       = 133;
+  X509_R_BAD_X509_FILETYPE                  = 100;
+  X509_R_BASE64_DECODE_ERROR                = 118;
+  X509_R_CANT_CHECK_DH_KEY                  = 114;
+  X509_R_CERT_ALREADY_IN_HASH_TABLE         = 101;
+  X509_R_CRL_ALREADY_DELTA                  = 127;
+  X509_R_CRL_VERIFY_FAILURE                 = 131;
+  X509_R_IDP_MISMATCH                       = 128;
+  X509_R_INVALID_ATTRIBUTES                 = 138;
+  X509_R_INVALID_DIRECTORY                  = 113;
+  X509_R_INVALID_FIELD_NAME                 = 119;
+  X509_R_INVALID_TRUST                      = 123;
+  X509_R_ISSUER_MISMATCH                    = 129;
+  X509_R_KEY_TYPE_MISMATCH                  = 115;
+  X509_R_KEY_VALUES_MISMATCH                = 116;
+  X509_R_LOADING_CERT_DIR                   = 103;
+  X509_R_LOADING_DEFAULTS                   = 104;
+  X509_R_METHOD_NOT_SUPPORTED               = 124;
+  X509_R_NAME_TOO_LONG                      = 134;
+  X509_R_NEWER_CRL_NOT_NEWER                = 132;
+  X509_R_NO_CERTIFICATE_FOUND               = 135;
+  X509_R_NO_CERTIFICATE_OR_CRL_FOUND        = 136;
+  X509_R_NO_CERT_SET_FOR_US_TO_VERIFY       = 105;
+  X509_R_NO_CRL_FOUND                       = 137;
+  X509_R_NO_CRL_NUMBER                      = 130;
+  X509_R_PUBLIC_KEY_DECODE_ERROR            = 125;
+  X509_R_PUBLIC_KEY_ENCODE_ERROR            = 126;
+  X509_R_SHOULD_RETRY                       = 106;
+  X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN = 107;
+  X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY     = 108;
+  X509_R_UNKNOWN_KEY_TYPE                   = 117;
+  X509_R_UNKNOWN_NID                        = 109;
+  X509_R_UNKNOWN_PURPOSE_ID                 = 121;
+  X509_R_UNKNOWN_TRUST_ID                   = 120;
+  X509_R_UNSUPPORTED_ALGORITHM              = 111;
+  X509_R_WRONG_LOOKUP_TYPE                  = 112;
+  X509_R_WRONG_TYPE                         = 122;
+
+  function ERR_load_X509_strings: TIdC_INT cdecl; external CLibCrypto;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_x509v3.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_x509v3.pas
new file mode 100644
index 000000000..8d9ea662a
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_x509v3.pas
@@ -0,0 +1,933 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 27.04.2020 14:51:27
+
+unit IdOpenSSLHeaders_x509v3;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// x509v3.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts,
+  IdOpenSSLHeaders_ossl_typ,
+  IdOpenSSLHeaders_asn1,
+  IdOpenSSLHeaders_asn1t,
+  IdOpenSSLHeaders_x509,
+  System.Types;
+
+const
+  (* ext_flags values *)
+  X509V3_EXT_DYNAMIC      = $1;
+  X509V3_EXT_CTX_DEP      = $2;
+  X509V3_EXT_MULTILINE    = $4;
+
+  // v3_ext_ctx
+  CTX_TEST = $1;
+  X509V3_CTX_REPLACE = $2;
+
+  // GENERAL_NAME_st
+  GEN_OTHERNAME   = 0;
+  GEN_EMAIL       = 1;
+  GEN_DNS         = 2;
+  GEN_X400        = 3;
+  GEN_DIRNAME     = 4;
+  GEN_EDIPARTY    = 5;
+  GEN_URI         = 6;
+  GEN_IPADD       = 7;
+  GEN_RID         = 8;
+
+  (* All existing reasons *)
+  CRLDP_ALL_REASONS       = $807f;
+
+  CRL_REASON_NONE                         = -1;
+  CRL_REASON_UNSPECIFIED                  = 0;
+  CRL_REASON_KEY_COMPROMISE               = 1;
+  CRL_REASON_CA_COMPROMISE                = 2;
+  CRL_REASON_AFFILIATION_CHANGED          = 3;
+  CRL_REASON_SUPERSEDED                   = 4;
+  CRL_REASON_CESSATION_OF_OPERATION       = 5;
+  CRL_REASON_CERTIFICATE_HOLD             = 6;
+  CRL_REASON_REMOVE_FROM_CRL              = 8;
+  CRL_REASON_PRIVILEGE_WITHDRAWN          = 9;
+  CRL_REASON_AA_COMPROMISE                = 10;
+
+  (* Values in idp_flags field *)
+  (* IDP present *)
+  IDP_PRESENT     = $1;
+  (* IDP values inconsistent *)
+  IDP_INVALID     = $2;
+  (* onlyuser true *)
+  IDP_ONLYUSER    = $4;
+  (* onlyCA true *)
+  IDP_ONLYCA      = $8;
+  (* onlyattr true *)
+  IDP_ONLYATTR    = $10;
+  (* indirectCRL true *)
+  IDP_INDIRECT    = $20;
+  (* onlysomereasons present *)
+  IDP_REASONS     = $40;
+
+  EXT_END: array[0..13] of TIdC_INT = (-1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0);
+
+  (* X509_PURPOSE stuff *)
+
+  EXFLAG_BCONS            = $1;
+  EXFLAG_KUSAGE           = $2;
+  EXFLAG_XKUSAGE          = $4;
+  EXFLAG_NSCERT           = $8;
+
+  EXFLAG_CA               = $10;
+  (* Really self issued not necessarily self signed *)
+  EXFLAG_SI               = $20;
+  EXFLAG_V1               = $40;
+  EXFLAG_INVALID          = $80;
+  (* EXFLAG_SET is set to indicate that some values have been precomputed *)
+  EXFLAG_SET              = $100;
+  EXFLAG_CRITICAL         = $200;
+  EXFLAG_PROXY            = $400;
+
+  EXFLAG_INVALID_POLICY   = $800;
+  EXFLAG_FRESHEST         = $1000;
+  (* Self signed *)
+  EXFLAG_SS               = $2000;
+
+  KU_DIGITAL_SIGNATURE    = $0080;
+  KU_NON_REPUDIATION      = $0040;
+  KU_KEY_ENCIPHERMENT     = $0020;
+  KU_DATA_ENCIPHERMENT    = $0010;
+  KU_KEY_AGREEMENT        = $0008;
+  KU_KEY_CERT_SIGN        = $0004;
+  KU_CRL_SIGN             = $0002;
+  KU_ENCIPHER_ONLY        = $0001;
+  KU_DECIPHER_ONLY        = $8000;
+
+  NS_SSL_CLIENT           = $80;
+  NS_SSL_SERVER           = $40;
+  NS_SMIME                = $20;
+  NS_OBJSIGN              = $10;
+  NS_SSL_CA               = $04;
+  NS_SMIME_CA             = $02;
+  NS_OBJSIGN_CA           = $01;
+  NS_ANY_CA               = NS_SSL_CA or NS_SMIME_CA or NS_OBJSIGN_CA;
+
+  XKU_SSL_SERVER          = $1;
+  XKU_SSL_CLIENT          = $2;
+  XKU_SMIME               = $4;
+  XKU_CODE_SIGN           = $8;
+  XKU_SGC                 = $10;
+  XKU_OCSP_SIGN           = $20;
+  XKU_TIMESTAMP           = $40;
+  XKU_DVCS                = $80;
+  XKU_ANYEKU              = $100;
+
+  X509_PURPOSE_DYNAMIC    = $1;
+  X509_PURPOSE_DYNAMIC_NAME       = $2;
+
+  X509_PURPOSE_SSL_CLIENT         = 1;
+  X509_PURPOSE_SSL_SERVER         = 2;
+  X509_PURPOSE_NS_SSL_SERVER      = 3;
+  X509_PURPOSE_SMIME_SIGN         = 4;
+  X509_PURPOSE_SMIME_ENCRYPT      = 5;
+  X509_PURPOSE_CRL_SIGN           = 6;
+  X509_PURPOSE_ANY                = 7;
+  X509_PURPOSE_OCSP_HELPER        = 8;
+  X509_PURPOSE_TIMESTAMP_SIGN     = 9;
+
+  X509_PURPOSE_MIN                = 1;
+  X509_PURPOSE_MAX                = 9;
+
+  (* Flags for X509V3_EXT_print() *)
+
+  X509V3_EXT_UNKNOWN_MASK         = TIdC_LONG($f) shl 16;
+  (* Return error for unknown extensions *)
+  X509V3_EXT_DEFAULT              = 0;
+  (* Print error for unknown extensions *)
+  X509V3_EXT_ERROR_UNKNOWN        = TIdC_LONG(1) shl 16;
+  (* ASN1 parse unknown extensions *)
+  X509V3_EXT_PARSE_UNKNOWN        = TIdC_LONG(2) shl 16;
+  (* BIO_dump unknown extensions *)
+  X509V3_EXT_DUMP_UNKNOWN         = TIdC_LONG(3) shl 16;
+
+  (* Flags for X509V3_add1_i2d *)
+
+  X509V3_ADD_OP_MASK              = TIdC_LONG($f);
+  X509V3_ADD_DEFAULT              = TIdC_LONG(0);
+  X509V3_ADD_APPEND               = TIdC_LONG(1);
+  X509V3_ADD_REPLACE              = TIdC_LONG(2);
+  X509V3_ADD_REPLACE_EXISTING     = TIdC_LONG(3);
+  X509V3_ADD_KEEP_EXISTING        = TIdC_LONG(4);
+  X509V3_ADD_DELETE               = TIdC_LONG(5);
+  X509V3_ADD_SILENT               = $10;
+
+  (* Flags for X509_check_* functions *)
+
+  (*
+   * Always check subject name for host match even if subject alt names present
+   *)
+  X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT    = $1;
+  (* Disable wildcard matching for dnsName fields and common name. *)
+  X509_CHECK_FLAG_NO_WILDCARDS    = $2;
+  (* Wildcards must not match a partial label. *)
+  X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS = $4;
+  (* Allow (non-partial) wildcards to match multiple labels. *)
+  X509_CHECK_FLAG_MULTI_LABEL_WILDCARDS = $8;
+  (* Constraint verifier subdomain patterns to match a single labels. *)
+  X509_CHECK_FLAG_SINGLE_LABEL_SUBDOMAINS = $10;
+  (* Never check the subject CN *)
+  X509_CHECK_FLAG_NEVER_CHECK_SUBJECT    = $20;
+  (*
+   * Match reference identifiers starting with "." to any sub-domain.
+   * This is a non-public flag, turned on implicitly when the subject
+   * reference identity is a DNS name.
+   *)
+  _X509_CHECK_FLAG_DOT_SUBDOMAINS = $8000;
+
+  ASIdOrRange_id          = 0;
+  ASIdOrRange_range       = 1;
+
+  ASIdentifierChoice_inherit              = 0;
+  ASIdentifierChoice_asIdsOrRanges        = 1;
+
+  IPAddressOrRange_addressPrefix  = 0;
+  IPAddressOrRange_addressRange   = 1;
+
+  IPAddressChoice_inherit                 = 0;
+  IPAddressChoice_addressesOrRanges       = 1;
+
+  (*
+   * API tag for elements of the ASIdentifer SEQUENCE.
+   *)
+  V3_ASID_ASNUM   = 0;
+  V3_ASID_RDI     = 1;
+
+  (*
+   * AFI values, assigned by IANA.  It'd be nice to make the AFI
+   * handling code totally generic, but there are too many little things
+   * that would need to be defined for other address families for it to
+   * be worth the trouble.
+   *)
+  IANA_AFI_IPV4   = 1;
+  IANA_AFI_IPV6   = 2;
+
+type
+  (* Forward reference *)
+  //Pv3_ext_method = ^v3_ext_method;
+  //Pv3_ext_ctx = ^v3_ext_ctx;
+
+  (* Useful typedefs *)
+
+  //X509V3_EXT_NEW = function: Pointer; cdecl;
+  //X509V3_EXT_FREE = procedure(v1: Pointer); cdecl;
+  //X509V3_EXT_D2I = function(v1: Pointer; v2: PPByte; v3: TIdC_Long): Pointer; cdecl;
+  //X509V3_EXT_I2D = function(v1: Pointer; v2: PPByte): TIdC_INT; cdecl;
+//  typedef STACK_OF(CONF_VALUE) *
+//      (*X509V3_EXT_I2V) (const struct v3_ext_method *method, void *ext,
+//                         STACK_OF(CONF_VALUE) *extlist);
+//  typedef void *(*X509V3_EXT_V2I)(const struct v3_ext_method *method,
+//                                  struct v3_ext_ctx *ctx,
+//                                  STACK_OF(CONF_VALUE) *values);
+  //X509V3_EXT_I2S = function(method: Pv3_ext_method; ext: Pointer): PIdAnsiChar; cdecl;
+  //X509V3_EXT_S2I = function(method: Pv3_ext_method; ctx: Pv3_ext_ctx; const str: PIdAnsiChar): Pointer; cdecl;
+  //X509V3_EXT_I2R = function(const method: Pv3_ext_method; ext: Pointer; &out: PBIO; indent: TIdC_INT): TIdC_INT; cdecl;
+  //X509V3_EXT_R2I = function(const method: Pv3_ext_method; ctx: Pv3_ext_ctx; const str: PIdAnsiChar): Pointer; cdecl;
+
+//  (* V3 extension structure *)
+//  v3_ext_method = record
+//    ext_nid: TIdC_INT;
+//    ext_flags: TIdC_INT;
+//(* If this is set the following four fields are ignored *)
+//    it: PASN1_ITEM_EXP;
+//(* Old style ASN1 calls *)
+//    ext_new: X509V3_EXT_NEW;
+//    ext_free: X509V3_EXT_FREE;
+//    d2i: X509V3_EXT_D2I;
+//    i2d: X509V3_EXT_I2D;
+//(* The following pair is used for string extensions *)
+//    i2s: X509V3_EXT_I2S;
+//    s2i: X509V3_EXT_S2I;
+//(* The following pair is used for multi-valued extensions *)
+//    i2v: X509V3_EXT_I2V;
+//    v2i: X509V3_EXT_V2I;
+//(* The following are used for raw extensions *)
+//    i2r: X509V3_EXT_I2R;
+//    r2i: X509V3_EXT_R2I;
+//    usr_data: Pointer;             (* Any extension specific data *)
+//  end;
+//  X509V3_EXT_METHOD = v3_ext_method;
+//  PX509V3_EXT_METHOD = ^X509V3_EXT_METHOD;
+//  DEFINE_STACK_OF(X509V3_EXT_METHOD)
+
+//  typedef struct X509V3_CONF_METHOD_st {
+//      PIdAnsiChar *(*get_string) (void *db, const section: PIdAnsiChar, const value: PIdAnsiChar);
+//      STACK_OF(CONF_VALUE) *(*get_section) (void *db, const section: PIdAnsiChar);
+//      void (*free_string) (void *db, PIdAnsiChar *string);
+//      void (*free_section) (void *db, STACK_OF(CONF_VALUE) *section);
+//  } X509V3_CONF_METHOD;
+
+// Moved to ossl_typ
+//  (* Context specific info *)
+//  v3_ext_ctx = record
+//    flags: TIdC_INT;
+//    issuer_cert: PX509;
+//    subject_cert: PX509;
+//    subject_req: PX509_REQ;
+//    crl: PX509_CRL;
+//    db_meth: PX509V3_CONF_METHOD;
+//    db: Pointer;
+//  (* Maybe more here *)
+//  end;
+
+  ENUMERATED_NAMES = BIT_STRING_BITNAME;
+
+  BASIC_CONSTRAINTS_st = record
+    ca: TIdC_INT;
+    pathlen: PASN1_INTEGER;
+  end;
+  BASIC_CONSTRAINTS = BASIC_CONSTRAINTS_st;
+  PBASIC_CONSTRAINTS = ^BASIC_CONSTRAINTS;
+
+  PKEY_USAGE_PERIOD_st = record
+    notBefore: PASN1_GENERALIZEDTIME;
+    notAfter: PASN1_GENERALIZEDTIME;
+  end;
+  PKEY_USAGE_PERIOD = PKEY_USAGE_PERIOD_st;
+  PPKEY_USAGE_PERIOD = ^PKEY_USAGE_PERIOD;
+
+  otherName_st = record
+    type_id: PASN1_OBJECT;
+    value: PASN1_TYPE;
+  end;
+  OTHERNAME = otherName_st;
+  POTHERNAME = ^OTHERNAME;
+
+  EDIPartyName_st  = record
+    nameAssigner: PASN1_STRING;
+    partyName: PASN1_STRING;
+  end;
+  EDIPARTYNAME = EDIPartyName_st;
+  PEDIPARTYNAME = ^EDIPARTYNAME;
+
+  GENERAL_NAME_st_union = record
+    case DWORD of
+      0: (ptr: PIdAnsiChar);
+      1: (otherName: POTHERNAME);   (* otherName *)
+      2: (rfc822Name: PASN1_IA5STRING);
+      3: (dNSName: PASN1_IA5STRING);
+      4: (x400Address: PASN1_TYPE);
+      5: (directoryName: PX509_NAME);
+      6: (ediPartyName: PEDIPARTYNAME);
+      7: (uniformResourceIdentifier: PASN1_IA5STRING);
+      8: (iPAddress: PASN1_OCTET_STRING);
+      9: (registeredID: PASN1_OBJECT);
+      (* Old names *)
+      10: (ip: PASN1_OCTET_STRING);  (* iPAddress *)
+      11: (dirn: PX509_NAME);        (* dirn *)
+      12: (ia5: PASN1_IA5STRING);    (* rfc822Name, dNSName,
+                                      * uniformResourceIdentifier *)
+      13: (rid: PASN1_OBJECT);       (* registeredID *)
+      14: (other: PASN1_TYPE);       (* x400Address *)
+  end;
+  GENERAL_NAME_st = record
+    &type: TIdC_INT;
+    d: GENERAL_NAME_st_union;
+  end;
+  GENERAL_NAME = GENERAL_NAME_st;
+  PGENERAL_NAME = ^GENERAL_NAME;
+
+  ACCESS_DESCRIPTION_st = record
+    method: PASN1_OBJECT;
+    location: PGENERAL_NAME;
+  end;
+  ACCESS_DESCRIPTION = ACCESS_DESCRIPTION_st;
+  PACCESS_DESCRIPTION = ^ACCESS_DESCRIPTION;
+
+//  typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS;
+
+//  typedef STACK_OF(ASN1_OBJECT) EXTENDED_KEY_USAGE;
+
+//  typedef STACK_OF(ASN1_INTEGER) TLS_FEATURE;
+
+//  DEFINE_STACK_OF(GENERAL_NAME)
+//  typedef STACK_OF(GENERAL_NAME) GENERAL_NAMES;
+//  DEFINE_STACK_OF(GENERAL_NAMES)
+
+//  DEFINE_STACK_OF(ACCESS_DESCRIPTION)
+//  DIST_POINT_NAME_st_union = record
+//    case DWord of
+//      0: (GENERAL_NAMES *fullname);
+//      1: (STACK_OF(X509_NAME_ENTRY) *relativename);
+//  end;
+  DIST_POINT_NAME_st = record
+    &type: TIdC_INT;
+    (* If relativename then this contains the full distribution point name *)
+    dpname: PX509_NAME;
+  end;
+  DIST_POINT_NAME = DIST_POINT_NAME_st;
+  PDIST_POINT_NAME = ^DIST_POINT_NAME;
+
+
+//  struct DIST_POINT_ST {
+//      DIST_POINT_NAME *distpoint;
+//      ASN1_BIT_STRING *reasons;
+//      GENERAL_NAMES *CRLissuer;
+//      TIdC_INT dp_reasons;
+//  };
+
+//  typedef STACK_OF(DIST_POINT) CRL_DIST_POINTS;
+
+//  DEFINE_STACK_OF(DIST_POINT)
+
+//  AUTHORITY_KEYID_st = record
+//    keyid: PASN1_OCTET_STRING;
+//    issuer: PGENERAL_NAMES;
+//    serial: PASN1_INTEGER;
+//  end;
+
+  (* Strong extranet structures *)
+
+  SXNET_ID_st = record
+    zone: PASN1_INTEGER;
+    user: PASN1_OCTET_STRING;
+  end;
+  SXNETID = SXNET_ID_st;
+  PSXNETID = ^SXNETID;
+//  DEFINE_STACK_OF(SXNETID)
+
+//  SXNET_st = record
+//    ASN1_INTEGER *version;
+//    STACK_OF(SXNETID) *ids;
+//  end;
+//  SXNET = SXNET_st;
+//  PSXNET = ^SXNET;
+
+//  NOTICEREF_st = record
+//    ASN1_STRING *organization;
+//    STACK_OF(ASN1_INTEGER) *noticenos;
+//  end;
+//  NOTICEREF = NOTICEREF_st;
+//  PNOTICEREF = ^NOTICEREF;
+
+//  USERNOTICE_st = record
+//    noticeref: PNOTICEREF;
+//    exptext: PASN1_STRING;
+//  end;
+//  USERNOTICE = USERNOTICE_st;
+//  PUSERNOTICE = ^USERNOTICE;
+
+//  POLICYQUALINFO_st_union = record
+//    case DWord of
+//      0: (cpsuri: PASN1_IA5STRING);
+//      1: (usernotice: PUSERNOTICE);
+//      2: (other: PASN1_TYPE);
+//  end;
+//  POLICYQUALINFO_st = record
+//    pqualid: PASN1_OBJECT;
+//    d: POLICYQUALINFO_st_union;
+//  end;
+//  POLICYQUALINFO = POLICYQUALINFO_st;
+//  PPOLICYQUALINFO = ^POLICYQUALINFO;
+//  DEFINE_STACK_OF(POLICYQUALINFO)
+
+//  POLICYINFO_st = record
+//    ASN1_OBJECT *policyid;
+//    STACK_OF(POLICYQUALINFO) *qualifiers;
+//  end;
+//  POLICYINFO = POLICYINFO_st;
+//  PPOLICYINFO = ^POLICYINFO;
+//  typedef STACK_OF(POLICYINFO) CERTIFICATEPOLICIES;
+//  DEFINE_STACK_OF(POLICYINFO)
+
+  POLICY_MAPPING_st = record
+    issuerDomainPolicy: PASN1_OBJECT;
+    subjectDomainPolicy: PASN1_OBJECT;
+  end;
+  POLICY_MAPPING = POLICY_MAPPING_st;
+  PPOLICY_MAPPING = ^POLICY_MAPPING;
+//  DEFINE_STACK_OF(POLICY_MAPPING)
+//  typedef STACK_OF(POLICY_MAPPING) POLICY_MAPPINGS;
+
+  GENERAL_SUBTREE_st = record
+    base: PGENERAL_NAME;
+    minimum: PASN1_INTEGER;
+    maximum: PASN1_INTEGER;
+  end;
+  GENERAL_SUBTREE = GENERAL_SUBTREE_st;
+  PGENERAL_SUBTREE = ^GENERAL_SUBTREE;
+//  DEFINE_STACK_OF(GENERAL_SUBTREE)
+
+//  NAME_CONSTRAINTS_st = record
+//    STACK_OF(GENERAL_SUBTREE) *permittedSubtrees;
+//    STACK_OF(GENERAL_SUBTREE) *excludedSubtrees;
+//  end;
+
+  POLICY_CONSTRAINTS_st = record
+    requireExplicitPolicy: PASN1_INTEGER;
+    inhibitPolicyMapping: PASN1_INTEGER;
+  end;
+  POLICY_CONSTRAINTS = POLICY_CONSTRAINTS_st;
+  PPOLICY_CONSTRAINTS = ^POLICY_CONSTRAINTS;
+
+  (* Proxy certificate structures, see RFC 3820 *)
+  PROXY_POLICY_st = record
+    policyLanguage: PASN1_OBJECT;
+    policy: PASN1_OCTET_STRING;
+  end;
+  PROXY_POLICY = PROXY_POLICY_st;
+  PPROXY_POLICY = ^PROXY_POLICY;
+//  DECLARE_ASN1_FUNCTIONS(PROXY_POLICY)
+
+  PROXY_CERT_INFO_EXTENSION_st = record
+    pcPathLengthConstraint: PASN1_INTEGER;
+    proxyPolicy: PPROXY_POLICY;
+  end;
+  PROXY_CERT_INFO_EXTENSION = PROXY_CERT_INFO_EXTENSION_st;
+  PPROXY_CERT_INFO_EXTENSION = ^PROXY_CERT_INFO_EXTENSION;
+//  DECLARE_ASN1_FUNCTIONS(PROXY_CERT_INFO_EXTENSION)
+
+//  ISSUING_DIST_POint_st = record
+//    distpoint: PDIST_POINT_NAME;
+//    TIdC_INT onlyuser;
+//    TIdC_INT onlyCA;
+//    onlysomereasons: PASN1_BIT_STRING;
+//    TIdC_INT indirectCRL;
+//    TIdC_INT onlyattr;
+//  end;
+
+//  # define X509V3_conf_err(val) ERR_add_error_data(6, \
+//                          "section:", (val)->section, \
+//                          ",name:", (val)->name, ",value:", (val)->value)
+//
+//  # define X509V3_set_ctx_test(ctx) \
+//                          X509V3_set_ctx(ctx, NULL, NULL, NULL, NULL, CTX_TEST)
+//  # define X509V3_set_ctx_nodb(ctx) (ctx)->db = NULL;
+//
+//  # define EXT_BITSTRING(nid, table) { nid, 0, ASN1_ITEM_ref(ASN1_BIT_STRING), \
+//                          0,0,0,0, \
+//                          0,0, \
+//                          (X509V3_EXT_I2V)i2v_ASN1_BIT_STRING, \
+//                          (X509V3_EXT_V2I)v2i_ASN1_BIT_STRING, \
+//                          NULL, NULL, \
+//                          table}
+//
+//  # define EXT_IA5STRING(nid) { nid, 0, ASN1_ITEM_ref(ASN1_IA5STRING), \
+//                          0,0,0,0, \
+//                          (X509V3_EXT_I2S)i2s_ASN1_IA5STRING, \
+//                          (X509V3_EXT_S2I)s2i_ASN1_IA5STRING, \
+//                          0,0,0,0, \
+//                          NULL}
+                         
+  PX509_PURPOSE = ^X509_PURPOSE;
+  x509_purpose_st = record
+    purpose: TIdC_INT;
+    trust: TIdC_INT;                  (* Default trust ID *)
+    flags: TIdC_INT;
+    check_purpose: function(const v1: PX509_PURPOSE; const v2: PX509; v3: TIdC_INT): TIdC_INT;
+    name: PIdAnsiChar;
+    sname: PIdAnsiChar;
+    usr_data: Pointer;
+  end;
+  X509_PURPOSE = x509_purpose_st;
+//  DEFINE_STACK_OF(X509_PURPOSE)
+
+//  DECLARE_ASN1_FUNCTIONS(BASIC_CONSTRAINTS_st)
+
+//  DECLARE_ASN1_FUNCTIONS(SXNET)
+//  DECLARE_ASN1_FUNCTIONS(SXNETID)
+
+  ASRange_st = record
+    min, max: PASN1_INTEGER;
+  end;
+  ASRange = ASRange_st;
+  PASRange = ^ASRange;
+
+  ASIdOrRange_st = record
+    &type: TIdC_INT;
+    case u: DWord of
+      0: (id: PASN1_INTEGER);
+      1: (range: PASRange);
+  end;
+  ASIdOrRange = ASIdOrRange_st;
+  PASIdOrRange = ^ASIdOrRange;
+//  typedef STACK_OF(ASIdOrRange) ASIdOrRanges;
+//  DEFINE_STACK_OF(ASIdOrRange)
+
+//  ASIdentifierChoice_st = record
+//    &type: TIdC_INT;
+//    case u: DWORD of
+//      0: (inherit: PASN1_NULL);
+//      1: (asIdsOrRanges: PASIdOrRanges);
+//  end;
+//  ASIdentifierChoice = ASIdentifierChoice_st;
+//  PASIdentifierChoice = ^ASIdentifierChoice;
+
+//  ASIdentifiers_st = record
+//    asnum, rdi: PASIdentifierChoice;
+//  end;
+//  ASIdentifiers = ASIdentifiers_st;
+//  PASIdentifiers = ^ASIdentifiers;
+
+//  DECLARE_ASN1_FUNCTIONS(ASRange)
+//  DECLARE_ASN1_FUNCTIONS(ASIdOrRange)
+//  DECLARE_ASN1_FUNCTIONS(ASIdentifierChoice)
+//  DECLARE_ASN1_FUNCTIONS(ASIdentifiers)
+
+  IPAddressRange_st = record
+    min, max: PASN1_BIT_STRING;
+  end;
+  IPAddressRange = IPAddressRange_st;
+  PIPAddressRange = ^IPAddressRange;
+
+  IPAddressOrRange_st = record
+    &type: TIdC_INT;
+    case u: DWORD of
+      0: (addressPrefix: PASN1_BIT_STRING);
+      1: (addressRange: PIPAddressRange);
+  end;
+  IPAddressOrRange = IPAddressOrRange_st;
+  PIPAddressOrRange = ^IPAddressOrRange;
+
+//  typedef STACK_OF(IPAddressOrRange) IPAddressOrRanges;
+//  DEFINE_STACK_OF(IPAddressOrRange)
+
+//  IPAddressChoice_st = record
+//    &type: TIdC_INT;
+//    case u: DWORD of
+//      0: (inherit: PASN1_NULL);
+//      1: (addressesOrRanges: PIPAddressOrRanges);
+//  end;
+//  IPAddressChoice = IPAddressChoice_st;
+//  PIPAddressChoice = ^IPAddressChoice;
+
+//  IPAddressFamily_st = record
+//    addressFamily: PASN1_OCTET_STRING;
+//    ipAddressChoice: PIPAddressChoice;
+//  end;
+//  IPAddressFamily = IPAddressFamily_st;
+//  PIPAddressFamily = ^IPAddressFamily;
+
+//  typedef STACK_OF(IPAddressFamily) IPAddrBlocks;
+//  DEFINE_STACK_OF(IPAddressFamily)
+
+//  DECLARE_ASN1_FUNCTIONS(IPAddressRange)
+//  DECLARE_ASN1_FUNCTIONS(IPAddressOrRange)
+//  DECLARE_ASN1_FUNCTIONS(IPAddressChoice)
+//  DECLARE_ASN1_FUNCTIONS(IPAddressFamily)
+
+  NamingAuthority_st = type Pointer;
+  NAMING_AUTHORITY = NamingAuthority_st;
+  PNAMING_AUTHORITY = ^NAMING_AUTHORITY;
+  
+  ProfessionInfo_st = type Pointer;
+  PROFESSION_INFO = ProfessionInfo_st;
+  PPROFESSION_INFO = ^PROFESSION_INFO;
+  
+  Admissions_st = type Pointer;
+  ADMISSIONS = Admissions_st;
+  PADMISSIONS = ^ADMISSIONS;
+  
+  AdmissionSyntax_st = type Pointer;
+  ADMISSION_SYNTAX = AdmissionSyntax_st;
+  PADMISSION_SYNTAX = ^ADMISSION_SYNTAX;
+//  DECLARE_ASN1_FUNCTIONS(NAMING_AUTHORITY)
+//  DECLARE_ASN1_FUNCTIONS(PROFESSION_INFO)
+//  DECLARE_ASN1_FUNCTIONS(ADMISSIONS)
+//  DECLARE_ASN1_FUNCTIONS(ADMISSION_SYNTAX)
+//  DEFINE_STACK_OF(ADMISSIONS)
+//  DEFINE_STACK_OF(PROFESSION_INFO)
+//  typedef STACK_OF(PROFESSION_INFO) PROFESSION_INFOS;
+
+//  function SXNET_add_id_asc(psx: PPSXNET; const zone: PIdAnsiChar; const user: PIdAnsiChar; userlen: TIdC_INT): TIdC_INT;
+//  function SXNET_add_id_ulong(psx: PPSXNET; lzone: TIdC_ULONG; const user: PIdAnsiChar; userlen: TIdC_INT): TIdC_INT;
+//  function SXNET_add_id_INTEGER(psx: PPSXNET; izone: PASN1_INTEGER; const user: PIdAnsiChar; userlen: TIdC_INT): TIdC_INT;
+
+//  function SXNET_get_id_asc(sx: PSXNET; const zone: PIdAnsiChar): PASN1_OCTET_STRING;
+//  function SXNET_get_id_ulong(sx: PSXNET; lzone: TIdC_ULONG): PASN1_OCTET_STRING;
+//  function SXNET_get_id_INTEGER(sx: PSXNET; zone: PASN1_INTEGER): PASN1_OCTET_STRING;
+
+//  DECLARE_ASN1_FUNCTIONS(AUTHORITY_KEYID)
+
+//  DECLARE_ASN1_FUNCTIONS(PKEY_USAGE_PERIOD)
+
+//  DECLARE_ASN1_FUNCTIONS(GENERAL_NAME)
+//  GENERAL_NAME *GENERAL_NAME_dup(a: PGENERAL_NAME);
+  function GENERAL_NAME_cmp(a: PGENERAL_NAME; b: PGENERAL_NAME): TIdC_INT cdecl; external CLibCrypto;
+
+//  ASN1_BIT_STRING *v2i_ASN1_BIT_STRING(method: PX509V3_EXT_METHOD; ctx: PX509V3_CTX; STACK_OF(CONF_VALUE) *nval);
+//  STACK_OF(CONF_VALUE) *i2v_ASN1_BIT_STRING(method: PX509V3_EXT_METHOD; ASN1_BIT_STRING *bits; STACK_OF(CONF_VALUE) *extlist);
+  //function i2s_ASN1_IA5STRING(method: PX509V3_EXT_METHOD; ia5: PASN1_IA5STRING): PIdAnsiChar;
+  //function s2i_ASN1_IA5STRING(method: PX509V3_EXT_METHOD; ctx: PX509V3_CTX; const str: PIdAnsiChar): PASN1_IA5STRING;
+
+//  STACK_OF(CONF_VALUE) *i2v_GENERAL_NAME(method: PX509V3_EXT_METHOD; gen: PGENERAL_NAME; STACK_OF(CONF_VALUE) *ret);
+  function GENERAL_NAME_print(&out: PBIO; gen: PGENERAL_NAME): TIdC_INT cdecl; external CLibCrypto;
+
+//  DECLARE_ASN1_FUNCTIONS(GENERAL_NAMES)
+
+//  STACK_OF(CONF_VALUE) *i2v_GENERAL_NAMES(method: PX509V3_EXT_METHOD, GENERAL_NAMES *gen, STACK_OF(CONF_VALUE) *extlist);
+//  GENERAL_NAMES *v2i_GENERAL_NAMES(const method: PX509V3_EXT_METHOD, ctx: PX509V3_CTX, STACK_OF(CONF_VALUE) *nval);
+
+//  DECLARE_ASN1_FUNCTIONS(OTHERNAME)
+//  DECLARE_ASN1_FUNCTIONS(EDIPARTYNAME)
+  function OTHERNAME_cmp(a: POTHERNAME; b: POTHERNAME): TIdC_INT cdecl; external CLibCrypto;
+  procedure GENERAL_NAME_set0_value(a: PGENERAL_NAME; &type: TIdC_INT; value: Pointer) cdecl; external CLibCrypto;
+  function GENERAL_NAME_get0_value(const a: PGENERAL_NAME; ptype: PIdC_INT): Pointer cdecl; external CLibCrypto;
+  function GENERAL_NAME_set0_othername(gen: PGENERAL_NAME; oid: PASN1_OBJECT; value: PASN1_TYPE): TIdC_INT cdecl; external CLibCrypto;
+  function GENERAL_NAME_get0_otherName(const gen: PGENERAL_NAME; poid: PPASN1_OBJECT; pvalue: PPASN1_TYPE): TIdC_INT cdecl; external CLibCrypto;
+
+  //function i2s_ASN1_OCTET_STRING(method: PX509V3_EXT_METHOD; const ia5: PASN1_OCTET_STRING): PIdAnsiChar;
+  //function s2i_ASN1_OCTET_STRING(method: PX509V3_EXT_METHOD; ctx: PX509V3_CTX; const str: PIdAnsiChar): PASN1_OCTET_STRING;
+
+//  DECLARE_ASN1_FUNCTIONS(EXTENDED_KEY_USAGE)
+  function i2a_ACCESS_DESCRIPTION(bp: PBIO; const a: PACCESS_DESCRIPTION): TIdC_INT cdecl; external CLibCrypto;
+
+//  DECLARE_ASN1_ALLOC_FUNCTIONS(TLS_FEATURE)
+
+//  DECLARE_ASN1_FUNCTIONS(CERTIFICATEPOLICIES)
+//  DECLARE_ASN1_FUNCTIONS(POLICYINFO)
+//  DECLARE_ASN1_FUNCTIONS(POLICYQUALINFO)
+//  DECLARE_ASN1_FUNCTIONS(USERNOTICE)
+//  DECLARE_ASN1_FUNCTIONS(NOTICEREF)
+
+//  DECLARE_ASN1_FUNCTIONS(CRL_DIST_POINTS)
+//  DECLARE_ASN1_FUNCTIONS(DIST_POINT)
+//  DECLARE_ASN1_FUNCTIONS(DIST_POINT_NAME)
+//  DECLARE_ASN1_FUNCTIONS(ISSUING_DIST_POINT)
+
+  function DIST_POINT_set_dpname(dpn: PDIST_POINT_NAME; iname: PX509_NAME): TIdC_INT cdecl; external CLibCrypto;
+
+  function NAME_CONSTRAINTS_check(x: PX509; nc: PNAME_CONSTRAINTS): TIdC_INT cdecl; external CLibCrypto;
+  function NAME_CONSTRAINTS_check_CN(x: PX509; nc: PNAME_CONSTRAINTS): TIdC_INT cdecl; external CLibCrypto;
+
+//  DECLARE_ASN1_FUNCTIONS(ACCESS_DESCRIPTION)
+//  DECLARE_ASN1_FUNCTIONS(AUTHORITY_INFO_ACCESS)
+
+//  DECLARE_ASN1_ITEM(POLICY_MAPPING)
+//  DECLARE_ASN1_ALLOC_FUNCTIONS(POLICY_MAPPING)
+//  DECLARE_ASN1_ITEM(POLICY_MAPPINGS)
+
+//  DECLARE_ASN1_ITEM(GENERAL_SUBTREE)
+//  DECLARE_ASN1_ALLOC_FUNCTIONS(GENERAL_SUBTREE)
+
+//  DECLARE_ASN1_ITEM(NAME_CONSTRAINTS)
+//  DECLARE_ASN1_ALLOC_FUNCTIONS(NAME_CONSTRAINTS)
+
+//  DECLARE_ASN1_ALLOC_FUNCTIONS(POLICY_CONSTRAINTS)
+//  DECLARE_ASN1_ITEM(POLICY_CONSTRAINTS)
+
+  //function a2i_GENERAL_NAME(&out: PGENERAL_NAME; const method: PX509V3_EXT_METHOD; ctx: PX509V3_CTX; TIdC_INT gen_type; const value: PIdAnsiChar; is_nc: TIdC_INT): GENERAL_NAME;
+
+  //function v2i_GENERAL_NAME(const method: PX509V3_EXT_METHOD; ctx: PX509V3_CTX; cnf: PCONF_VALUE): PGENERAL_NAME;
+  //function v2i_GENERAL_NAME_ex(&out: PGENERAL_NAME; const method: PX509V3_EXT_METHOD; ctx: PX509V3_CTX; cnf: PCONF_VALUE; is_nc: TIdC_INT): PGENERAL_NAME;
+  //procedure X509V3_conf_free(val: PCONF_VALUE);
+
+  function X509V3_EXT_nconf_nid(conf: PCONF; ctx: PX509V3_CTX; ext_nid: TIdC_INT; const value: PIdAnsiChar): PX509_EXTENSION cdecl; external CLibCrypto;
+  function X509V3_EXT_nconf(conf: PCONF; ctx: PX509V3_CTX; const name: PIdAnsiChar; const value: PIdAnsiChar): PX509_EXTENSION cdecl; external CLibCrypto;
+//  TIdC_INT X509V3_EXT_add_nconf_sk(conf: PCONF; ctx: PX509V3_CTX; const section: PIdAnsiChar; STACK_OF(X509_EXTENSION) **sk);
+  function X509V3_EXT_add_nconf(conf: PCONF; ctx: PX509V3_CTX; const section: PIdAnsiChar; cert: PX509): TIdC_INT cdecl; external CLibCrypto;
+  function X509V3_EXT_REQ_add_nconf(conf: PCONF; ctx: PX509V3_CTX; const section: PIdAnsiChar; req: PX509_REQ): TIdC_INT cdecl; external CLibCrypto;
+  function X509V3_EXT_CRL_add_nconf(conf: PCONF; ctx: PX509V3_CTX; const section: PIdAnsiChar; crl: PX509_CRL): TIdC_INT cdecl; external CLibCrypto;
+
+  function X509V3_EXT_conf_nid(conf: Pointer; ctx: PX509V3_CTX; ext_nid: TIdC_INT; const value: PIdAnsiChar): PX509_EXTENSION cdecl; external CLibCrypto;
+//  X509_EXTENSION *X509V3_EXT_conf_nid(LHASH_OF(CONF_VALUE) *conf; ctx: PX509V3_CTX; ext_nid: TIdC_INT; const value: PIdAnsiChar);
+  function X509V3_EXT_conf(conf: Pointer; ctx: PX509V3_CTX; const name: PIdAnsiChar; const value: PIdAnsiChar): PX509_EXTENSION cdecl; external CLibCrypto;
+//  X509_EXTENSION *X509V3_EXT_conf(LHASH_OF(CONF_VALUE) *conf; ctx: PX509V3_CTX; const name: PIdAnsiChar; const value: PIdAnsiChar);
+  function X509V3_EXT_add_conf(conf: Pointer; ctx: PX509V3_CTX; const section: PIdAnsiChar; cert: PX509): TIdC_INT cdecl; external CLibCrypto;
+//  TIdC_INT X509V3_EXT_add_conf(LHASH_OF(CONF_VALUE) *conf; ctx: PX509V3_CTX; const section: PIdAnsiChar; cert: PX509);
+  function X509V3_EXT_REQ_add_conf(conf: Pointer; ctx: PX509V3_CTX; const section: PIdAnsiChar; req: PX509_REQ): TIdC_INT cdecl; external CLibCrypto;
+//  TIdC_INT X509V3_EXT_REQ_add_conf(LHASH_OF(CONF_VALUE) *conf; ctx: PX509V3_CTX; const section: PIdAnsiChar; req: PX509_REQ);
+  function X509V3_EXT_CRL_add_conf(conf: Pointer; ctx: PX509V3_CTX; const section: PIdAnsiChar; crl: PX509_CRL): TIdC_INT cdecl; external CLibCrypto;
+//  TIdC_INT X509V3_EXT_CRL_add_conf(LHASH_OF(CONF_VALUE) *conf; ctx: PX509V3_CTX; const section: PIdAnsiChar; crl: PX509_CRL);
+
+//  TIdC_INT X509V3_add_value_bool_nf(const name: PIdAnsiChar; TIdC_INT asn1_bool; STACK_OF(CONF_VALUE) **extlist);
+  //function X509V3_get_value_bool(const value: PCONF_VALUE; asn1_bool: PIdC_INT): TIdC_INT;
+  //function X509V3_get_value_int(const value: PCONF_VALUE; aint: PPASN1_INTEGER): TIdC_INT;
+  procedure X509V3_set_nconf(ctx: PX509V3_CTX; conf: PCONF) cdecl; external CLibCrypto;
+//  void X509V3_set_conf_lhash(ctx: PX509V3_CTX; LHASH_OF(CONF_VALUE) *lhash);
+
+  function X509V3_get_string(ctx: PX509V3_CTX; const name: PIdAnsiChar; const section: PIdAnsiChar): PIdAnsiChar cdecl; external CLibCrypto;
+//  STACK_OF(CONF_VALUE) *X509V3_get_section(ctx: PX509V3_CTX; const section: PIdAnsiChar);
+  procedure X509V3_string_free(ctx: PX509V3_CTX; str: PIdAnsiChar) cdecl; external CLibCrypto;
+//  void X509V3_section_free(ctx: PX509V3_CTX; STACK_OF(CONF_VALUE) *section);
+  procedure X509V3_set_ctx(ctx: PX509V3_CTX; issuer: PX509; subject: PX509; req: PX509_REQ; crl: PX509_CRL; flags: TIdC_INT) cdecl; external CLibCrypto;
+
+//  TIdC_INT X509V3_add_value(const name: PIdAnsiChar; const value: PIdAnsiChar; STACK_OF(CONF_VALUE) **extlist);
+//  TIdC_INT X509V3_add_value_uPIdAnsiChar(const name: PIdAnsiChar; const Byte *value; STACK_OF(CONF_VALUE) **extlist);
+//  TIdC_INT X509V3_add_value_bool(const name: PIdAnsiChar; TIdC_INT asn1_bool; STACK_OF(CONF_VALUE) **extlist);
+//  TIdC_INT X509V3_add_value_int(const name: PIdAnsiChar; const aint: PASN1_INTEGER; STACK_OF(CONF_VALUE) **extlist);
+  //function i2s_ASN1_INTEGER(meth: PX509V3_EXT_METHOD; const aint: PASN1_INTEGER): PIdAnsiChar;
+  //function s2i_ASN1_INTEGER(meth: PX509V3_EXT_METHOD; const value: PIdAnsiChar): PASN1_INTEGER;
+  //function i2s_ASN1_ENUMERATED(meth: PX509V3_EXT_METHOD; const aint: PASN1_ENUMERATED): PIdAnsiChar;
+  //function i2s_ASN1_ENUMERATED_TABLE(meth: PX509V3_EXT_METHOD; const aint: PASN1_ENUMERATED): PIdAnsiChar;
+  //function X509V3_EXT_add(ext: PX509V3_EXT_METHOD): TIdC_INT;
+  //function X509V3_EXT_add_list(extlist: PX509V3_EXT_METHOD): TIdC_INT;
+  function X509V3_EXT_add_alias(nid_to: TIdC_INT; nid_from: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  procedure X509V3_EXT_cleanup cdecl; external CLibCrypto;
+
+  //function X509V3_EXT_get(ext: PX509_EXTENSION): PX509V3_EXT_METHOD;
+  //function X509V3_EXT_get_nid(nid: TIdC_INT): PX509V3_EXT_METHOD;
+  function X509V3_add_standard_extensions: TIdC_INT cdecl; external CLibCrypto;
+//  STACK_OF(CONF_VALUE) *X509V3_parse_list(const line: PIdAnsiChar);
+  function X509V3_EXT_d2i(ext: PX509_EXTENSION): Pointer cdecl; external CLibCrypto;
+//  void *X509V3_get_d2i(const STACK_OF(X509_EXTENSION) *x; nid: TIdC_INT; TIdC_INT *crit; TIdC_INT *idx);
+
+  function X509V3_EXT_i2d(ext_nid: TIdC_INT; crit: TIdC_INT; ext_struc: Pointer): PX509_EXTENSION cdecl; external CLibCrypto;
+//  TIdC_INT X509V3_add1_i2d(STACK_OF(X509_EXTENSION) **x; nid: TIdC_INT; value: Pointer; crit: TIdC_INT; TIdC_ULONG flags);
+
+//  void X509V3_EXT_val_prn(&out: PBIO; STACK_OF(CONF_VALUE) *val; indent: TIdC_INT; TIdC_INT ml);
+  function X509V3_EXT_print(&out: PBIO; ext: PX509_EXTENSION; flag: TIdC_ULONG; indent: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+//  TIdC_INT X509V3_extensions_print(&out: PBIO; const PIdAnsiChar *title; const STACK_OF(X509_EXTENSION) *exts; flag: TIdC_ULONG; indent: TIdC_INT);
+
+  function X509_check_ca(x: PX509): TIdC_INT cdecl; external CLibCrypto;
+  function X509_check_purpose(x: PX509; id: TIdC_INT; ca: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function X509_supported_extension(ex: PX509_EXTENSION): TIdC_INT cdecl; external CLibCrypto;
+  function X509_PURPOSE_set(p: PIdC_INT; purpose: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function X509_check_issued(issuer: PX509; subject: PX509): TIdC_INT cdecl; external CLibCrypto;
+  function X509_check_akid(issuer: PX509; akid: PAUTHORITY_KEYID): TIdC_INT cdecl; external CLibCrypto;
+  procedure X509_set_proxy_flag(x: PX509) cdecl; external CLibCrypto;
+  procedure X509_set_proxy_pathlen(x: PX509; l: TIdC_LONG) cdecl; external CLibCrypto;
+  function X509_get_proxy_pathlen(x: PX509): TIdC_LONG cdecl; external CLibCrypto;
+
+  function X509_get_extension_flags(x: PX509): TIdC_UINT32 cdecl; external CLibCrypto;
+  function X509_get_key_usage(x: PX509): TIdC_UINT32 cdecl; external CLibCrypto;
+  function X509_get_extended_key_usage(x: PX509): TIdC_UINT32 cdecl; external CLibCrypto;
+  function X509_get0_subject_key_id(x: PX509): PASN1_OCTET_STRING cdecl; external CLibCrypto;
+  function X509_get0_authority_key_id(x: PX509): PASN1_OCTET_STRING cdecl; external CLibCrypto;
+  //function X509_get0_authority_issuer(x: PX509): PGENERAL_NAMES;
+  function X509_get0_authority_serial(x: PX509): PASN1_INTEGER cdecl; external CLibCrypto;
+
+  function X509_PURPOSE_get_count: TIdC_INT cdecl; external CLibCrypto;
+  function X509_PURPOSE_get0(idx: TIdC_INT): PX509_PURPOSE cdecl; external CLibCrypto;
+  function X509_PURPOSE_get_by_sname(const sname: PIdAnsiChar): TIdC_INT cdecl; external CLibCrypto;
+  function X509_PURPOSE_get_by_id(id: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+//  TIdC_INT X509_PURPOSE_add(id: TIdC_INT, TIdC_INT trust, flags: TIdC_INT, TIdC_INT (*ck) (const X509_PURPOSE *, const X509 *, TIdC_INT), const name: PIdAnsiChar, const sname: PIdAnsiChar, void *arg);
+  function X509_PURPOSE_get0_name(const xp: PX509_PURPOSE): PIdAnsiChar cdecl; external CLibCrypto;
+  function X509_PURPOSE_get0_sname(const xp: PX509_PURPOSE): PIdAnsiChar cdecl; external CLibCrypto;
+  function X509_PURPOSE_get_trust(const xp: PX509_PURPOSE): TIdC_INT cdecl; external CLibCrypto;
+  procedure X509_PURPOSE_cleanup cdecl; external CLibCrypto;
+  function X509_PURPOSE_get_id(const v1: PX509_PURPOSE): TIdC_INT cdecl; external CLibCrypto;
+
+//  STACK_OF(OPENSSL_STRING) *X509_get1_email(x: PX509);
+//  STACK_OF(OPENSSL_STRING) *X509_REQ_get1_email(X509_REQ *x);
+//  void X509_email_free(STACK_OF(OPENSSL_STRING) *sk);
+//  STACK_OF(OPENSSL_STRING) *X509_get1_ocsp(x: PX509);
+
+  function X509_check_host(x: PX509; const chk: PIdAnsiChar; chklen: TIdC_SIZET; flags: TIdC_UINT; peername: PPIdAnsiChar): TIdC_INT cdecl; external CLibCrypto;
+  function X509_check_email(x: PX509; const chk: PIdAnsiChar; chklen: TIdC_SIZET; flags: TIdC_UINT): TIdC_INT cdecl; external CLibCrypto;
+  function X509_check_ip(x: PX509; const chk: PByte; chklen: TIdC_SIZET; flags: TIdC_UINT): TIdC_INT cdecl; external CLibCrypto;
+  function X509_check_ip_asc(x: PX509; const ipasc: PIdAnsiChar; flags: TIdC_UINT): TIdC_INT cdecl; external CLibCrypto;
+
+  function a2i_IPADDRESS(const ipasc: PIdAnsiChar): PASN1_OCTET_STRING cdecl; external CLibCrypto;
+  function a2i_IPADDRESS_NC(const ipasc: PIdAnsiChar): PASN1_OCTET_STRING cdecl; external CLibCrypto;
+//  TIdC_INT X509V3_NAME_from_section(X509_NAME *nm; STACK_OF(CONF_VALUE) *dn_sk; TIdC_ULONG chtype);
+
+  procedure X509_POLICY_NODE_print(&out: PBIO; node: PX509_POLICY_NODE; indent: TIdC_INT) cdecl; external CLibCrypto;
+//  DEFINE_STACK_OF(X509_POLICY_NODE)
+
+  (*
+   * Utilities to construct and extract values from RFC3779 extensions,
+   * since some of the encodings (particularly for IP address prefixes
+   * and ranges) are a bit tedious to work with directly.
+   *)
+  //function X509v3_asid_add_inherit(asid: PASIdentifiers; which: TIdC_INT): TIdC_INT;
+  //function X509v3_asid_add_id_or_range(asid: PASIdentifiers; which: TIdC_INT; min: PASN1_INTEGER; max: PASN1_INTEGER): TIdC_INT;
+  //function X509v3_addr_add_inherit(addr: PIPAddrBlocks; const afi: TIdC_UINT; const safi: PIdC_UINT): TIdC_INT;
+  //function X509v3_addr_add_prefix(addr: PIPAddrBlocks; const afi: TIdC_UINT; const safi: PIdC_UINT; a: PByte; const prefixlen: TIdC_INT): TIdC_INT;
+  //function X509v3_addr_add_range(addr: PIPAddrBlocks; const afi: TIdC_UINT; const safi: PIdC_UINT; min: PByte; max: PByte): TIdC_INT;
+  //function X509v3_addr_get_afi(const f: PIPAddressFamily): TIdC_UINT;
+  function X509v3_addr_get_range(aor: PIPAddressOrRange; const afi: TIdC_UINT; min: PByte; max: Byte; const length: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+
+  (*
+   * Canonical forms.
+   *)
+  //function X509v3_asid_is_canonical(asid: PASIdentifiers): TIdC_INT;
+  //function X509v3_addr_is_canonical(addr: PIPAddrBlocks): TIdC_INT;
+  //function X509v3_asid_canonize(asid: PASIdentifiers): TIdC_INT;
+  //function X509v3_addr_canonize(addr: PIPAddrBlocks): TIdC_INT;
+
+  (*
+   * Tests for inheritance and containment.
+   *)
+  //function X509v3_asid_inherits(asid: PASIdentifiers): TIdC_INT;
+  //function X509v3_addr_inherits(addr: PIPAddrBlocks): TIdC_INT;
+  //function X509v3_asid_subset(a: PASIdentifiers; b: PASIdentifiers): TIdC_INT;
+  //function X509v3_addr_subset(a: PIPAddrBlocks; b: PIPAddrBlocks): TIdC_INT;
+
+  (*
+   * Check whether RFC 3779 extensions nest properly in chains.
+   *)
+  function X509v3_asid_validate_path(v1: PX509_STORE_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function X509v3_addr_validate_path(v1: PX509_STORE_CTX): TIdC_INT cdecl; external CLibCrypto;
+//  TIdC_INT X509v3_asid_validate_resource_set(STACK_OF(X509) *chain; ASIdentifiers *ext; TIdC_INT allow_inheritance);
+//  TIdC_INT X509v3_addr_validate_resource_set(STACK_OF(X509) *chain; IPAddrBlocks *ext; TIdC_INT allow_inheritance);
+
+
+//  DEFINE_STACK_OF(ASN1_STRING)
+
+  (*
+   * Admission Syntax
+   *)
+  function NAMING_AUTHORITY_get0_authorityId(const n: PNAMING_AUTHORITY): PASN1_OBJECT cdecl; external CLibCrypto;
+  function NAMING_AUTHORITY_get0_authorityURL(const n: PNAMING_AUTHORITY): PASN1_IA5STRING cdecl; external CLibCrypto;
+  function NAMING_AUTHORITY_get0_authorityText(const n: PNAMING_AUTHORITY): PASN1_STRING cdecl; external CLibCrypto;
+  procedure NAMING_AUTHORITY_set0_authorityId(n: PNAMING_AUTHORITY; namingAuthorityId: PASN1_OBJECT) cdecl; external CLibCrypto;
+  procedure NAMING_AUTHORITY_set0_authorityURL(n: PNAMING_AUTHORITY; namingAuthorityUrl: PASN1_IA5STRING) cdecl; external CLibCrypto;
+  procedure NAMING_AUTHORITY_set0_authorityText(n: PNAMING_AUTHORITY; namingAuthorityText: PASN1_STRING) cdecl; external CLibCrypto;
+
+  function ADMISSION_SYNTAX_get0_admissionAuthority(const &as: ADMISSION_SYNTAX): PGENERAL_NAME cdecl; external CLibCrypto;
+  procedure ADMISSION_SYNTAX_set0_admissionAuthority(&as: ADMISSION_SYNTAX; aa: PGENERAL_NAME) cdecl; external CLibCrypto;
+//  const STACK_OF(ADMISSIONS) *ADMISSION_SYNTAX_get0_contentsOfAdmissions(const &as: ADMISSION_SYNTAX);
+//  void ADMISSION_SYNTAX_set0_contentsOfAdmissions(&as: ADMISSION_SYNTAX; STACK_OF(ADMISSIONS) *a);
+  function ADMISSIONS_get0_admissionAuthority(const a: PADMISSIONS): PGENERAL_NAME cdecl; external CLibCrypto;
+  procedure ADMISSIONS_set0_admissionAuthority(a: PADMISSIONS; aa: PGENERAL_NAME) cdecl; external CLibCrypto;
+  function ADMISSIONS_get0_namingAuthority(const a: PADMISSIONS): PNAMING_AUTHORITY cdecl; external CLibCrypto;
+  procedure ADMISSIONS_set0_namingAuthority(a: PADMISSIONS; na: PNAMING_AUTHORITY) cdecl; external CLibCrypto;
+  //function ADMISSIONS_get0_professionInfos(const a: PADMISSIONS): PPROFESSION_INFOS;
+  //procedure ADMISSIONS_set0_professionInfos(a: PADMISSIONS; pi: PPROFESSION_INFOS);
+  function PROFESSION_INFO_get0_addProfessionInfo(const pi: PPROFESSION_INFO): PASN1_OCTET_STRING cdecl; external CLibCrypto;
+  procedure PROFESSION_INFO_set0_addProfessionInfo(pi: PPROFESSION_INFO; aos: PASN1_OCTET_STRING) cdecl; external CLibCrypto;
+  function PROFESSION_INFO_get0_namingAuthority(const pi: PPROFESSION_INFO): PNAMING_AUTHORITY cdecl; external CLibCrypto;
+  procedure PROFESSION_INFO_set0_namingAuthority(pi: PPROFESSION_INFO; na: PNAMING_AUTHORITY) cdecl; external CLibCrypto;
+//  const STACK_OF(ASN1_STRING) *PROFESSION_INFO_get0_professionItems(const pi: PPROFESSION_INFO);
+//  void PROFESSION_INFO_set0_professionItems(pi: PPROFESSION_INFO; STACK_OF(ASN1_STRING) *as);
+//  const STACK_OF(ASN1_OBJECT) *PROFESSION_INFO_get0_professionOIDs(const pi: PPROFESSION_INFO);
+//  void PROFESSION_INFO_set0_professionOIDs(pi: PPROFESSION_INFO; STACK_OF(ASN1_OBJECT) *po);
+  function PROFESSION_INFO_get0_registrationNumber(const pi: PPROFESSION_INFO): PASN1_PRINTABLESTRING cdecl; external CLibCrypto;
+  procedure PROFESSION_INFO_set0_registrationNumber(pi: PPROFESSION_INFO; rn: PASN1_PRINTABLESTRING) cdecl; external CLibCrypto;
+
+
+implementation
+
+end.

From 8f89f7f9a00d95247fdc2e834836178ba894bf8a Mon Sep 17 00:00:00 2001
From: "Fabian S. Biehn" <fbiehn@aagon.com>
Date: Wed, 27 May 2020 17:07:32 +0200
Subject: [PATCH 02/64] Added results of an internal review

---
 Lib/Protocols/OpenSSL/IdOpenSSLContext.pas    |    7 +-
 .../OpenSSL/IdOpenSSLContextServer.pas        |   61 +-
 Lib/Protocols/OpenSSL/IdOpenSSLLoader.pas     |    4 +-
 Lib/Protocols/OpenSSL/IdOpenSSLUtils.pas      |    6 +-
 Lib/Protocols/OpenSSL/IdOpenSSLX509.pas       |   53 +-
 .../IntermediateCode/IdOpenSSLHeaders_dh.pas  |   12 +-
 .../IdOpenSSLHeaders_obj_mac.pas              | 6934 +++++++++-------
 .../IntermediateCode/IdOpenSSLHeaders_pem.pas |   50 +-
 .../IdOpenSSLHeaders_rand.pas                 |    2 +-
 .../IntermediateCode/IdOpenSSLHeaders_ssl.pas |  190 +-
 .../IdOpenSSLHeaders_ssl3.pas                 |   95 +-
 .../IdOpenSSLHeaders_tls1.pas                 |  905 ++-
 .../IdOpenSSLHeaders_x509.pas                 |    2 +-
 .../IdOpenSSLHeaders_x509v3.pas               |    2 +-
 .../OpenSSL/dynamic/IdOpenSSLHeaders_dh.pas   |   14 +-
 .../dynamic/IdOpenSSLHeaders_obj_mac.pas      | 6936 ++++++++++-------
 .../OpenSSL/dynamic/IdOpenSSLHeaders_pem.pas  |   52 +-
 .../OpenSSL/dynamic/IdOpenSSLHeaders_rand.pas |    4 +-
 .../OpenSSL/dynamic/IdOpenSSLHeaders_ssl.pas  |  192 +-
 .../OpenSSL/dynamic/IdOpenSSLHeaders_ssl3.pas |  105 +-
 .../OpenSSL/dynamic/IdOpenSSLHeaders_tls1.pas |  907 ++-
 .../OpenSSL/dynamic/IdOpenSSLHeaders_x509.pas |    4 +-
 .../dynamic/IdOpenSSLHeaders_x509v3.pas       |    4 +-
 .../OpenSSL/static/IdOpenSSLHeaders_dherr.pas |    2 +-
 .../static/IdOpenSSLHeaders_objects.pas       |    2 +-
 .../OpenSSL/static/IdOpenSSLHeaders_pem.pas   |   52 +-
 .../OpenSSL/static/IdOpenSSLHeaders_rand.pas  |    4 +-
 .../OpenSSL/static/IdOpenSSLHeaders_ssl.pas   |  192 +-
 .../OpenSSL/static/IdOpenSSLHeaders_ssl3.pas  |  105 +-
 .../OpenSSL/static/IdOpenSSLHeaders_tls1.pas  |  907 ++-
 .../OpenSSL/static/IdOpenSSLHeaders_x509.pas  |    4 +-
 .../static/IdOpenSSLHeaders_x509v3.pas        |    4 +-
 32 files changed, 10095 insertions(+), 7718 deletions(-)

diff --git a/Lib/Protocols/OpenSSL/IdOpenSSLContext.pas b/Lib/Protocols/OpenSSL/IdOpenSSLContext.pas
index 73b6b97a1..d79180e37 100644
--- a/Lib/Protocols/OpenSSL/IdOpenSSLContext.pas
+++ b/Lib/Protocols/OpenSSL/IdOpenSSLContext.pas
@@ -111,7 +111,7 @@ implementation
   Math,
   SysUtils;
 
-function FreeString(const Value: string): Boolean;
+function TryFinalizeString(const Value: string): Boolean;
 var
   refCount: Integer;
 begin
@@ -154,13 +154,13 @@ function GetPasswordCallback(buf: PIdAnsiChar; size: TIdC_INT; rwflag: TIdC_INT;
 
   // Override memory to prevent reading password via memory dump
   FillChar(LPasswordBytes[0], LPasswordByteLength, 0);
-  FreeString(LPassword);
+  TryFinalizeString(LPassword);
 
   buf[size-1] := #0; // RLebeau: truncate the password if needed
   Result := IndyMin(LPasswordByteLength, size);
 end;
 
-function VerifyCallback(preverify_ok: TIdC_INT; x509_ctx: PX509_STORE_CTX): TIdC_INT; cdecl;
+function VerifyCallback(preverify_ok: TIdC_INT; x509_ctx: PX509_STORE_CTX): TIdC_INT; cdecl; //FI:C103
 var
   LCertOpenSSL: PX509;
   LCertIndy: TIdOpenSSLX509;
@@ -249,7 +249,6 @@ function TIdOpenSSLContext.Init(const AOptions: TIdOpenSSLOptionsBase): Boolean;
 
   FreeContext(FContext);
   FContext := SSL_CTX_new(TLS_method());
-//  FContext := SSL_CTX_new(TLS_method());
   if not Assigned(FContext) then
     EIdOpenSSLNewSSLCtxError.&Raise(RIdOpenSSLNewSSLCtxError);
 
diff --git a/Lib/Protocols/OpenSSL/IdOpenSSLContextServer.pas b/Lib/Protocols/OpenSSL/IdOpenSSLContextServer.pas
index 879285088..76dc51e2b 100644
--- a/Lib/Protocols/OpenSSL/IdOpenSSLContextServer.pas
+++ b/Lib/Protocols/OpenSSL/IdOpenSSLContextServer.pas
@@ -53,6 +53,8 @@   TIdOpenSSLContextServer = class(TIdOpenSSLContext)
   protected
     function GetVerifyMode(const AOptions: TIdOpenSSLOptionsBase): TIdC_INT; override;
   public
+    constructor Create;
+
     function Init(const AOptions: TIdOpenSSLOptionsServer): Boolean;
     function CreateSocket: TIdOpenSSLSocket; override;
   end;
@@ -70,6 +72,12 @@ implementation
 
 { TIdOpenSSLContextServer }
 
+constructor TIdOpenSSLContextServer.Create;
+begin
+  inherited;
+  FSessionIdCtxFallback := -1;
+end;
+
 function TIdOpenSSLContextServer.CreateSocket: TIdOpenSSLSocket;
 begin
   Result := TIdOpenSSLSocketServer.Create(OpenSSLContext);
@@ -131,42 +139,41 @@ procedure TIdOpenSSLContextServer.SetSessionContext(
 var
   LBio: PBIO;
   LX509: PX509;
+  LSessionContext: PByte;
   LLen: Integer;
 begin
-  if ACAFile = '' then
-  begin
-    Randomize();
-    FSessionIdCtxFallback := Random(High(Integer));
-    if SSL_CTX_set_session_id_context(
-      AContext,
-      PByte(@FSessionIdCtxFallback),
-      SizeOf(FSessionIdCtxFallback)) <> 1 then
-    begin
-      EIdOpenSSLSessionIdContextError.&Raise();
-    end;
-    Exit;
-  end;
-
-  LBio := BIO_new_file(GetPAnsiChar(ACAFile), 'r');
-  if not Assigned(LBio) then
-    EIdOpenSSLSessionIdContextError.&Raise();
+  LX509 := nil;
+  LBio := nil;
   try
-    LX509 := PEM_read_bio_X509(LBio, nil, nil, nil);
-    if not Assigned(LX509) then
-      EIdOpenSSLSessionIdContextError.&Raise();
-    try
+    if ACAFile <> '' then
+    begin
+      LSessionContext := @FSessionIdCtx[0];
       LLen := SSL_MAX_SID_CTX_LENGTH;
-      FillChar(FSessionIdCtx[0], LLen, 0);
-      if X509_digest(LX509, EVP_sha1, @FSessionIdCtx[0], @LLen) <> 1 then
+
+      LBio := BIO_new_file(GetPAnsiChar(ACAFile), 'r');
+      if not Assigned(LBio) then
         EIdOpenSSLSessionIdContextError.&Raise();
 
-      if SSL_CTX_set_session_id_context(AContext, @FSessionIdCtx[0], LLen) <> 1 then
+      LX509 := PEM_read_bio_X509(LBio, nil, nil, nil);
+      if not Assigned(LX509) then
         EIdOpenSSLSessionIdContextError.&Raise();
-    finally
-      X509_free(LX509);
+
+      FillChar(FSessionIdCtx[0], LLen, 0);
+      if X509_digest(LX509, EVP_sha1, @FSessionIdCtx[0], @LLen) <> 1 then
+        EIdOpenSSLSessionIdContextError.&Raise();
+    end
+    else
+    begin
+      LSessionContext := @FSessionIdCtxFallback;
+      LLen := SizeOf(FSessionIdCtxFallback);
     end;
+
+    if SSL_CTX_set_session_id_context(AContext, LSessionContext, LLen) <> 1 then
+      EIdOpenSSLSessionIdContextError.&Raise();
   finally
-    BIO_free(LBio);
+    // Both are nil-safe
+    X509_free(LX509);
+    BIO_vfree(LBio);
   end;
 end;
 
diff --git a/Lib/Protocols/OpenSSL/IdOpenSSLLoader.pas b/Lib/Protocols/OpenSSL/IdOpenSSLLoader.pas
index f5b6cbf1e..50ee1a646 100644
--- a/Lib/Protocols/OpenSSL/IdOpenSSLLoader.pas
+++ b/Lib/Protocols/OpenSSL/IdOpenSSLLoader.pas
@@ -161,7 +161,7 @@ function TOpenSSLLoader.GetOpenSSLPath: string;
 function TOpenSSLLoader.Load: Boolean;
 var
   LLibCrypto, LLibSSL: TIdLibHandle;
-begin
+begin                                  //FI:C101
   Result := True;
   FLoadCount.Lock();
   try
@@ -256,7 +256,7 @@ procedure TOpenSSLLoader.SetOpenSSLPath(const Value: string);
 end;
 
 procedure TOpenSSLLoader.Unload;
-begin
+begin                            //FI:C101
   FLoadCount.Lock();
   try
     FLoadCount.Decrement();
diff --git a/Lib/Protocols/OpenSSL/IdOpenSSLUtils.pas b/Lib/Protocols/OpenSSL/IdOpenSSLUtils.pas
index 784eb9e4a..b97ea73d4 100644
--- a/Lib/Protocols/OpenSSL/IdOpenSSLUtils.pas
+++ b/Lib/Protocols/OpenSSL/IdOpenSSLUtils.pas
@@ -102,10 +102,10 @@ function BoolToInt(const ABool: Boolean): Integer;
 
 function IntToBool(const AInt: Integer): Boolean;
 begin
-  if BoolConverter[True] = AInt then
-    Result := True
+  if BoolConverter[False] = AInt then
+    Result := False
   else
-    Result := False;
+    Result := True;
 end;
 
 end.
diff --git a/Lib/Protocols/OpenSSL/IdOpenSSLX509.pas b/Lib/Protocols/OpenSSL/IdOpenSSLX509.pas
index e19241ecb..1d544d359 100644
--- a/Lib/Protocols/OpenSSL/IdOpenSSLX509.pas
+++ b/Lib/Protocols/OpenSSL/IdOpenSSLX509.pas
@@ -304,43 +304,40 @@ function TIdOpenSSLX509Name.GetL: string;
 end;
 
 function TIdOpenSSLX509Name.GetNameEntry(const nid: TIdC_INT): string;
+
+  function TryGetPosition(const name: PX509_NAME; const nid: TIdC_INT; var lastpos: TIdC_INT): Boolean;
+  begin
+    lastpos := X509_NAME_get_index_by_NID(name, nid, lastpos);
+    Result := not (lastpos = -1);
+  end;
+
 var
   LPos: TIdC_INT;
   LEntry: PX509_NAME_ENTRY;
   LString: PASN1_STRING;
-  LBuffer: PPByte;
+  LBuffer: PByte;
   LReturn: TIdC_INT;
 begin
   Result := '';
-  New(LBuffer);
-  try
-    // First Entry
-    LPos := X509_NAME_get_index_by_NID(FName, nid, -1);
-    if LPos = -1 then
+
+  LPos := -1;
+  while TryGetPosition(FName, nid, LPos) do
+  begin
+    LEntry := X509_NAME_get_entry(FName, LPos);
+    if not Assigned(LEntry) then
       Exit;
+    LString := X509_NAME_ENTRY_get_data(LEntry);
 
-    repeat
-      LEntry := X509_NAME_get_entry(FName, LPos);
-      if not Assigned(LEntry) then
-        Exit;
-      LString := X509_NAME_ENTRY_get_data(LEntry);
-
-      LReturn := ASN1_STRING_to_UTF8(LBuffer, LString);
-      if LReturn < 0 then
-        Exit;
-      try
-        if not (Result = '') then
-          Result := Result + ' ';
-        Result := Result + GetString(PIdAnsiChar(LBuffer^));
-      finally
-        OPENSSL_free(LBuffer^);
-      end;
-
-      // Next Entry
-      LPos := X509_NAME_get_index_by_NID(FName, nid, LPos);
-    until LPos = -1;
-  finally
-    Dispose(LBuffer);
+    LReturn := ASN1_STRING_to_UTF8(@LBuffer, LString);
+    if LReturn < 0 then
+      Exit;
+    try
+      if not (Result = '') then
+        Result := Result + ' ';
+      Result := Result + GetString(PIdAnsiChar(LBuffer));
+    finally
+      OPENSSL_free(LBuffer);
+    end;
   end;
 end;
 
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_dh.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_dh.pas
index 146ea6c1a..e9b0e7060 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_dh.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_dh.pas
@@ -84,15 +84,15 @@ interface
   EVP_PKEY_CTRL_DH_PAD                   = (EVP_PKEY_ALG_CTRL + 16);
 
 type
-  DH_meth_generate_key_cb = function(dh: PDH): TIdC_INT;
-  DH_meth_compute_key_cb = function(key: PByte; const pub_key: PBIGNUM; dh: PDH): TIdC_INT;
+  DH_meth_generate_key_cb = function(dh: PDH): TIdC_INT cdecl;
+  DH_meth_compute_key_cb = function(key: PByte; const pub_key: PBIGNUM; dh: PDH): TIdC_INT cdecl;
   DH_meth_bn_mod_exp_cb = function(
     const dh: PDH; r: PBIGNUM; const a: PBIGNUM;
     const p: PBIGNUM; const m: PBIGNUM;
-    ctx: PBN_CTX; m_ctx: PBN_MONT_CTX): TIdC_INT;
-  DH_meth_init_cb = function(dh: PDH): TIdC_INT;
-  DH_meth_finish_cb = function(dh: PDH): TIdC_INT;
-  DH_meth_generate_params_cb = function(dh: PDH; prime_len: TIdC_INT; generator: TIdC_INT; cb: PBN_GENCB): TIdC_INT;
+    ctx: PBN_CTX; m_ctx: PBN_MONT_CTX): TIdC_INT cdecl;
+  DH_meth_init_cb = function(dh: PDH): TIdC_INT cdecl;
+  DH_meth_finish_cb = function(dh: PDH): TIdC_INT cdecl;
+  DH_meth_generate_params_cb = function(dh: PDH; prime_len: TIdC_INT; generator: TIdC_INT; cb: PBN_GENCB): TIdC_INT cdecl;
 
 var
 {
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_obj_mac.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_obj_mac.pas
index bf4095581..ca87391a9 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_obj_mac.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_obj_mac.pas
@@ -34,2881 +34,4065 @@ interface
 {$i IdCompilerDefines.inc}
 
 const
-  SN_undef =       'UNDEF';
-  LN_undef =       'undefined';
-  NID_undef =       0;
-  SN_itu_t =     'ITU-T';
-  LN_itu_t =     'itu-t';
-  NID_itu_t =     645;
-  NID_ccitt =     404;
-  SN_iso =   'ISO';
-  LN_iso =   'iso';
-  NID_iso =   181;
-  SN_joint_iso_itu_t =    'JOINT-ISO-ITU-T';
-  LN_joint_iso_itu_t =    'joint-iso-itu-t';
-  NID_joint_iso_itu_t =    646;
-  NID_joint_iso_ccitt =    393;
-  SN_member_body =   'member-body';
-  LN_member_body =   'ISO Member Body';
-  NID_member_body =   182;
-  SN_identified_organization =    'identified-organization';
-  NID_identified_organization =    676;
-  SN_hmac_md5 =    'HMAC-MD5';
-  LN_hmac_md5 =    'hmac-md5';
-  NID_hmac_md5 =    780;
-  SN_hmac_sha1 =    'HMAC-SHA1';
-  LN_hmac_sha1 =    'hmac-sha1';
-  NID_hmac_sha1 =    781;
-  SN_x509ExtAdmission =    'x509ExtAdmission';
-  LN_x509ExtAdmission =    'Professional Information or basis for Admission';
-  NID_x509ExtAdmission =    1093;
-  SN_certicom_arc =   'certicom-arc';
-  NID_certicom_arc =     677;
-  SN_ieee =   'ieee';
-  NID_ieee =     1170;
-  SN_ieee_siswg =    'ieee-siswg';
-  LN_ieee_siswg =    'IEEE Security in Storage Working Group';
-  NID_ieee_siswg =   1171;
-  SN_international_organizations =   'international-organizations';
-  LN_international_organizations =   'International Organizations';
-  NID_international_organizations =   647;
-  SN_wap =   'wap';
-  NID_wap =   678;
-  SN_wap_wsg =    'wap-wsg';
-  NID_wap_wsg =    679;
-  SN_selected_attribute_types =    'selected-attribute-types';
-  LN_selected_attribute_types =    'Selected Attribute Types';
-  NID_selected_attribute_types =    394;
-  SN_clearance =    'clearance';
-  NID_clearance =    395;
-  SN_ISO_US =     'ISO-US';
-  LN_ISO_US =     'ISO US Member Body';
-  NID_ISO_US =    183;
-  SN_X9_57 =     'X9-57';
-  LN_X9_57 =     'X9.57';
-  NID_X9_57 =     184;
-  SN_X9cm =   'X9cm';
-  LN_X9cm =   'X9.57 CM ?';
-  NID_X9cm =     185;
-  SN_ISO_CN =     'ISO-CN';
-  LN_ISO_CN =     'ISO CN Member Body';
-  NID_ISO_CN =    1140;
-  SN_oscca =     'oscca';
-  NID_oscca =     1141;
-  SN_sm_scheme =    'sm-scheme';
-  NID_sm_scheme =    1142;
-  SN_dsa =   'DSA';
-  LN_dsa =   'dsaEncryption';
-  NID_dsa =   116;
-  SN_dsaWithSHA1 =   'DSA-SHA1';
-  LN_dsaWithSHA1 =   'dsaWithSHA1';
-  NID_dsaWithSHA1 =   113;
-  SN_ansi_X9_62 =    'ansi-X9-62';
-  LN_ansi_X9_62 =    'ANSI X9.62';
-  NID_ansi_X9_62 =   405;
-  SN_X9_62_prime_field =    'prime-field';
-  NID_X9_62_prime_field =    406;
-  SN_X9_62_characteristic_two_field =     'characteristic-two-field';
-  NID_X9_62_characteristic_two_field =    407;
-  SN_X9_62_id_characteristic_two_basis =    'id-characteristic-two-basis';
-  NID_X9_62_id_characteristic_two_basis =    680;
-  SN_X9_62_onBasis =     'onBasis';
-  NID_X9_62_onBasis =     681;
-  SN_X9_62_tpBasis =     'tpBasis';
-  NID_X9_62_tpBasis =     682;
-  SN_X9_62_ppBasis =     'ppBasis';
-  NID_X9_62_ppBasis =     683;
-  SN_X9_62_id_ecPublicKey =   'id-ecPublicKey';
-  NID_X9_62_id_ecPublicKey =     408;
-  SN_X9_62_c2pnb163v1 =    'c2pnb163v1';
-  NID_X9_62_c2pnb163v1 =    684;
-  SN_X9_62_c2pnb163v2 =    'c2pnb163v2';
-  NID_X9_62_c2pnb163v2 =    685;
-  SN_X9_62_c2pnb163v3 =    'c2pnb163v3';
-  NID_X9_62_c2pnb163v3 =    686;
-  SN_X9_62_c2pnb176v1 =    'c2pnb176v1';
-  NID_X9_62_c2pnb176v1 =    687;
-  SN_X9_62_c2tnb191v1 =    'c2tnb191v1';
-  NID_X9_62_c2tnb191v1 =    688;
-  SN_X9_62_c2tnb191v2 =    'c2tnb191v2';
-  NID_X9_62_c2tnb191v2 =    689;
-  SN_X9_62_c2tnb191v3 =    'c2tnb191v3';
-  NID_X9_62_c2tnb191v3 =    690;
-  SN_X9_62_c2onb191v4 =    'c2onb191v4';
-  NID_X9_62_c2onb191v4 =    691;
-  SN_X9_62_c2onb191v5 =    'c2onb191v5';
-  NID_X9_62_c2onb191v5 =    692;
-  SN_X9_62_c2pnb208w1 =    'c2pnb208w1';
-  NID_X9_62_c2pnb208w1 =    693;
-  SN_X9_62_c2tnb239v1 =    'c2tnb239v1';
-  NID_X9_62_c2tnb239v1 =    694;
-  SN_X9_62_c2tnb239v2 =    'c2tnb239v2';
-  NID_X9_62_c2tnb239v2 =    695;
-  SN_X9_62_c2tnb239v3 =    'c2tnb239v3';
-  NID_X9_62_c2tnb239v3 =    696;
-  SN_X9_62_c2onb239v4 =    'c2onb239v4';
-  NID_X9_62_c2onb239v4 =    697;
-  SN_X9_62_c2onb239v5 =    'c2onb239v5';
-  NID_X9_62_c2onb239v5 =    698;
-  SN_X9_62_c2pnb272w1 =    'c2pnb272w1';
-  NID_X9_62_c2pnb272w1 =    699;
-  SN_X9_62_c2pnb304w1 =    'c2pnb304w1';
-  NID_X9_62_c2pnb304w1 =    700;
-  SN_X9_62_c2tnb359v1 =    'c2tnb359v1';
-  NID_X9_62_c2tnb359v1 =    701;
-  SN_X9_62_c2pnb368w1 =    'c2pnb368w1';
-  NID_X9_62_c2pnb368w1 =    702;
-  SN_X9_62_c2tnb431r1 =    'c2tnb431r1';
-  NID_X9_62_c2tnb431r1 =    703;
-  SN_X9_62_prime192v1 =    'prime192v1';
-  NID_X9_62_prime192v1 =    409;
-  SN_X9_62_prime192v2 =    'prime192v2';
-  NID_X9_62_prime192v2 =    410;
-  SN_X9_62_prime192v3 =    'prime192v3';
-  NID_X9_62_prime192v3 =    411;
-  SN_X9_62_prime239v1 =    'prime239v1';
-  NID_X9_62_prime239v1 =    412;
-  SN_X9_62_prime239v2 =    'prime239v2';
-  NID_X9_62_prime239v2 =    413;
-  SN_X9_62_prime239v3 =    'prime239v3';
-  NID_X9_62_prime239v3 =    414;
-  SN_X9_62_prime256v1 =    'prime256v1';
-  NID_X9_62_prime256v1 =    415;
-  SN_ecdsa_with_SHA1 =    'ecdsa-with-SHA1';
-  NID_ecdsa_with_SHA1 =    416;
-  SN_ecdsa_with_Recommended =     'ecdsa-with-Recommended';
-  NID_ecdsa_with_Recommended =    791;
-  SN_ecdsa_with_Specified =   'ecdsa-with-Specified';
-  NID_ecdsa_with_Specified =     792;
-  SN_ecdsa_with_SHA224 =    'ecdsa-with-SHA224';
-  NID_ecdsa_with_SHA224 =    793;
-  SN_ecdsa_with_SHA256 =    'ecdsa-with-SHA256';
-  NID_ecdsa_with_SHA256 =    794;
-  SN_ecdsa_with_SHA384 =    'ecdsa-with-SHA384';
-  NID_ecdsa_with_SHA384 =    795;
-  SN_ecdsa_with_SHA512 =    'ecdsa-with-SHA512';
-  NID_ecdsa_with_SHA512 =    796;
-  SN_secp112r1 =    'secp112r1';
-  NID_secp112r1 =    704;
-  SN_secp112r2 =    'secp112r2';
-  NID_secp112r2 =    705;
-  SN_secp128r1 =    'secp128r1';
-  NID_secp128r1 =    706;
-  SN_secp128r2 =    'secp128r2';
-  NID_secp128r2 =    707;
-  SN_secp160k1 =    'secp160k1';
-  NID_secp160k1 =    708;
-  SN_secp160r1 =    'secp160r1';
-  NID_secp160r1 =    709;
-  SN_secp160r2 =    'secp160r2';
-  NID_secp160r2 =    710;
-  SN_secp192k1 =    'secp192k1';
-  NID_secp192k1 =    711;
-  SN_secp224k1 =    'secp224k1';
-  NID_secp224k1 =    712;
-  SN_secp224r1 =    'secp224r1';
-  NID_secp224r1 =    713;
-  SN_secp256k1 =    'secp256k1';
-  NID_secp256k1 =    714;
-  SN_secp384r1 =    'secp384r1';
-  NID_secp384r1 =    715;
-  SN_secp521r1 =    'secp521r1';
-  NID_secp521r1 =    716;
-  SN_sect113r1 =    'sect113r1';
-  NID_sect113r1 =    717;
-  SN_sect113r2 =    'sect113r2';
-  NID_sect113r2 =    718;
-  SN_sect131r1 =    'sect131r1';
-  NID_sect131r1 =    719;
-  SN_sect131r2 =    'sect131r2';
-  NID_sect131r2 =    720;
-  SN_sect163k1 =    'sect163k1';
-  NID_sect163k1 =    721;
-  SN_sect163r1 =    'sect163r1';
-  NID_sect163r1 =    722;
-  SN_sect163r2 =    'sect163r2';
-  NID_sect163r2 =    723;
-  SN_sect193r1 =    'sect193r1';
-  NID_sect193r1 =    724;
-  SN_sect193r2 =    'sect193r2';
-  NID_sect193r2 =    725;
-  SN_sect233k1 =    'sect233k1';
-  NID_sect233k1 =    726;
-  SN_sect233r1 =    'sect233r1';
-  NID_sect233r1 =    727;
-  SN_sect239k1 =    'sect239k1';
-  NID_sect239k1 =    728;
-  SN_sect283k1 =    'sect283k1';
-  NID_sect283k1 =    729;
-  SN_sect283r1 =    'sect283r1';
-  NID_sect283r1 =    730;
-  SN_sect409k1 =    'sect409k1';
-  NID_sect409k1 =    731;
-  SN_sect409r1 =    'sect409r1';
-  NID_sect409r1 =    732;
-  SN_sect571k1 =    'sect571k1';
-  NID_sect571k1 =    733;
-  SN_sect571r1 =    'sect571r1';
-  NID_sect571r1 =    734;
-  SN_wap_wsg_idm_ecid_wtls1 =     'wap-wsg-idm-ecid-wtls1';
-  NID_wap_wsg_idm_ecid_wtls1 =    735;
-  SN_wap_wsg_idm_ecid_wtls3 =     'wap-wsg-idm-ecid-wtls3';
-  NID_wap_wsg_idm_ecid_wtls3 =    736;
-  SN_wap_wsg_idm_ecid_wtls4 =     'wap-wsg-idm-ecid-wtls4';
-  NID_wap_wsg_idm_ecid_wtls4 =    737;
-  SN_wap_wsg_idm_ecid_wtls5 =     'wap-wsg-idm-ecid-wtls5';
-  NID_wap_wsg_idm_ecid_wtls5 =    738;
-  SN_wap_wsg_idm_ecid_wtls6 =     'wap-wsg-idm-ecid-wtls6';
-  NID_wap_wsg_idm_ecid_wtls6 =    739;
-  SN_wap_wsg_idm_ecid_wtls7 =     'wap-wsg-idm-ecid-wtls7';
-  NID_wap_wsg_idm_ecid_wtls7 =    740;
-  SN_wap_wsg_idm_ecid_wtls8 =     'wap-wsg-idm-ecid-wtls8';
-  NID_wap_wsg_idm_ecid_wtls8 =    741;
-  SN_wap_wsg_idm_ecid_wtls9 =     'wap-wsg-idm-ecid-wtls9';
-  NID_wap_wsg_idm_ecid_wtls9 =    742;
-  SN_wap_wsg_idm_ecid_wtls10 =    'wap-wsg-idm-ecid-wtls10';
-  NID_wap_wsg_idm_ecid_wtls10 =    743;
-  SN_wap_wsg_idm_ecid_wtls11 =    'wap-wsg-idm-ecid-wtls11';
-  NID_wap_wsg_idm_ecid_wtls11 =    744;
-  SN_wap_wsg_idm_ecid_wtls12 =    'wap-wsg-idm-ecid-wtls12';
-  NID_wap_wsg_idm_ecid_wtls12 =    745;
-  SN_cast5_cbc =    'CAST5-CBC';
-  LN_cast5_cbc =    'cast5-cbc';
-  NID_cast5_cbc =    108;
-  SN_cast5_ecb =    'CAST5-ECB';
-  LN_cast5_ecb =    'cast5-ecb';
-  NID_cast5_ecb =    109;
-  SN_cast5_cfb64 =   'CAST5-CFB';
-  LN_cast5_cfb64 =   'cast5-cfb';
-  NID_cast5_cfb64 =   110;
-  SN_cast5_ofb64 =   'CAST5-OFB';
-  LN_cast5_ofb64 =   'cast5-ofb';
-  NID_cast5_ofb64 =   111;
-  LN_pbeWithMD5AndCast5_CBC =     'pbeWithMD5AndCast5CBC';
-  NID_pbeWithMD5AndCast5_CBC =    112;
-  SN_id_PasswordBasedMAC =   'id-PasswordBasedMAC';
-  LN_id_PasswordBasedMAC =   'password based MAC';
-  NID_id_PasswordBasedMAC =   782;
-  SN_id_DHBasedMac =     'id-DHBasedMac';
-  LN_id_DHBasedMac =     'Diffie-Hellman based MAC';
-  NID_id_DHBasedMac =     783;
-  SN_rsadsi =     'rsadsi';
-  LN_rsadsi =     'RSA Data Security; Inc.';
-  NID_rsadsi =    1;
-  SN_pkcs =   'pkcs';
-  LN_pkcs =   'RSA Data Security; Inc. PKCS';
-  NID_pkcs =     2;
-  SN_pkcs1 =     'pkcs1';
-  NID_pkcs1 =     186;
-  LN_rsaEncryption =     'rsaEncryption';
-  NID_rsaEncryption =     6;
-  SN_md2WithRSAEncryption =   'RSA-MD2';
-  LN_md2WithRSAEncryption =   'md2WithRSAEncryption';
-  NID_md2WithRSAEncryption =     7;
-  SN_md4WithRSAEncryption =   'RSA-MD4';
-  LN_md4WithRSAEncryption =   'md4WithRSAEncryption';
-  NID_md4WithRSAEncryption =     396;
-  SN_md5WithRSAEncryption =   'RSA-MD5';
-  LN_md5WithRSAEncryption =   'md5WithRSAEncryption';
-  NID_md5WithRSAEncryption =     8;
-  SN_sha1WithRSAEncryption =     'RSA-SHA1';
-  LN_sha1WithRSAEncryption =     'sha1WithRSAEncryption';
-  NID_sha1WithRSAEncryption =     65;
-  SN_rsaesOaep =    'RSAES-OAEP';
-  LN_rsaesOaep =    'rsaesOaep';
-  NID_rsaesOaep =    919;
-  SN_mgf1 =   'MGF1';
-  LN_mgf1 =   'mgf1';
-  NID_mgf1 =     911;
-  SN_pSpecified =    'PSPECIFIED';
-  LN_pSpecified =    'pSpecified';
-  NID_pSpecified =   935;
-  SN_rsassaPss =    'RSASSA-PSS';
-  LN_rsassaPss =    'rsassaPss';
-  NID_rsassaPss =    912;
-  SN_sha256WithRSAEncryption =    'RSA-SHA256';
-  LN_sha256WithRSAEncryption =    'sha256WithRSAEncryption';
-  NID_sha256WithRSAEncryption =    668;
-  SN_sha384WithRSAEncryption =    'RSA-SHA384';
-  LN_sha384WithRSAEncryption =    'sha384WithRSAEncryption';
-  NID_sha384WithRSAEncryption =    669;
-  SN_sha512WithRSAEncryption =    'RSA-SHA512';
-  LN_sha512WithRSAEncryption =    'sha512WithRSAEncryption';
-  NID_sha512WithRSAEncryption =    670;
-  SN_sha224WithRSAEncryption =    'RSA-SHA224';
-  LN_sha224WithRSAEncryption =    'sha224WithRSAEncryption';
-  NID_sha224WithRSAEncryption =    671;
-  SN_sha512_224WithRSAEncryption =   'RSA-SHA512/224';
-  LN_sha512_224WithRSAEncryption =   'sha512-224WithRSAEncryption';
-  NID_sha512_224WithRSAEncryption =   1145;
-  SN_sha512_256WithRSAEncryption =   'RSA-SHA512/256';
-  LN_sha512_256WithRSAEncryption =   'sha512-256WithRSAEncryption';
-  NID_sha512_256WithRSAEncryption =   1146;
-  SN_pkcs3 =     'pkcs3';
-  NID_pkcs3 =     27;
-  LN_dhKeyAgreement =     'dhKeyAgreement';
-  NID_dhKeyAgreement =    28;
-  SN_pkcs5 =     'pkcs5';
-  NID_pkcs5 =     187;
-  SN_pbeWithMD2AndDES_CBC =   'PBE-MD2-DES';
-  LN_pbeWithMD2AndDES_CBC =   'pbeWithMD2AndDES-CBC';
-  NID_pbeWithMD2AndDES_CBC =     9;
-  SN_pbeWithMD5AndDES_CBC =   'PBE-MD5-DES';
-  LN_pbeWithMD5AndDES_CBC =   'pbeWithMD5AndDES-CBC';
-  NID_pbeWithMD5AndDES_CBC =     10;
-  SN_pbeWithMD2AndRC2_CBC =   'PBE-MD2-RC2-64';
-  LN_pbeWithMD2AndRC2_CBC =   'pbeWithMD2AndRC2-CBC';
-  NID_pbeWithMD2AndRC2_CBC =     168;
-  SN_pbeWithMD5AndRC2_CBC =   'PBE-MD5-RC2-64';
-  LN_pbeWithMD5AndRC2_CBC =   'pbeWithMD5AndRC2-CBC';
-  NID_pbeWithMD5AndRC2_CBC =     169;
-  SN_pbeWithSHA1AndDES_CBC =     'PBE-SHA1-DES';
-  LN_pbeWithSHA1AndDES_CBC =     'pbeWithSHA1AndDES-CBC';
-  NID_pbeWithSHA1AndDES_CBC =     170;
-  SN_pbeWithSHA1AndRC2_CBC =     'PBE-SHA1-RC2-64';
-  LN_pbeWithSHA1AndRC2_CBC =     'pbeWithSHA1AndRC2-CBC';
-  NID_pbeWithSHA1AndRC2_CBC =     68;
-  LN_id_pbkdf2 =    'PBKDF2';
-  NID_id_pbkdf2 =    69;
-  LN_pbes2 =     'PBES2';
-  NID_pbes2 =     161;
-  LN_pbmac1 =     'PBMAC1';
-  NID_pbmac1 =    162;
-  SN_pkcs7 =     'pkcs7';
-  NID_pkcs7 =     20;
-  LN_pkcs7_data =    'pkcs7-data';
-  NID_pkcs7_data =   21;
-  LN_pkcs7_signed =   'pkcs7-signedData';
-  NID_pkcs7_signed =     22;
-  LN_pkcs7_enveloped =    'pkcs7-envelopedData';
-  NID_pkcs7_enveloped =    23;
-  LN_pkcs7_signedAndEnveloped =    'pkcs7-signedAndEnvelopedData';
-  NID_pkcs7_signedAndEnveloped =    24;
-  LN_pkcs7_digest =   'pkcs7-digestData';
-  NID_pkcs7_digest =     25;
-  LN_pkcs7_encrypted =    'pkcs7-encryptedData';
-  NID_pkcs7_encrypted =    26;
-  SN_pkcs9 =     'pkcs9';
-  NID_pkcs9 =     47;
-  LN_pkcs9_emailAddress =    'emailAddress';
-  NID_pkcs9_emailAddress =   48;
-  LN_pkcs9_unstructuredName =     'unstructuredName';
-  NID_pkcs9_unstructuredName =    49;
-  LN_pkcs9_contentType =    'contentType';
-  NID_pkcs9_contentType =    50;
-  LN_pkcs9_messageDigest =   'messageDigest';
-  NID_pkcs9_messageDigest =   51;
-  LN_pkcs9_signingTime =    'signingTime';
-  NID_pkcs9_signingTime =    52;
-  LN_pkcs9_countersignature =     'countersignature';
-  NID_pkcs9_countersignature =    53;
-  LN_pkcs9_challengePassword =    'challengePassword';
-  NID_pkcs9_challengePassword =    54;
-  LN_pkcs9_unstructuredAddress =    'unstructuredAddress';
-  NID_pkcs9_unstructuredAddress =    55;
-  LN_pkcs9_extCertAttributes =    'extendedCertificateAttributes';
-  NID_pkcs9_extCertAttributes =    56;
-  SN_ext_req =    'extReq';
-  LN_ext_req =    'Extension Request';
-  NID_ext_req =    172;
-  SN_SMIMECapabilities =    'SMIME-CAPS';
-  LN_SMIMECapabilities =    'S/MIME Capabilities';
-  NID_SMIMECapabilities =    167;
-  SN_SMIME =     'SMIME';
-  LN_SMIME =     'S/MIME';
-  NID_SMIME =     188;
-  SN_id_smime_mod =   'id-smime-mod';
-  NID_id_smime_mod =     189;
-  SN_id_smime_ct =   'id-smime-ct';
-  NID_id_smime_ct =   190;
-  SN_id_smime_aa =   'id-smime-aa';
-  NID_id_smime_aa =   191;
-  SN_id_smime_alg =   'id-smime-alg';
-  NID_id_smime_alg =     192;
-  SN_id_smime_cd =   'id-smime-cd';
-  NID_id_smime_cd =   193;
-  SN_id_smime_spq =   'id-smime-spq';
-  NID_id_smime_spq =     194;
-  SN_id_smime_cti =   'id-smime-cti';
-  NID_id_smime_cti =     195;
-  SN_id_smime_mod_cms =    'id-smime-mod-cms';
-  NID_id_smime_mod_cms =    196;
-  SN_id_smime_mod_ess =    'id-smime-mod-ess';
-  NID_id_smime_mod_ess =    197;
-  SN_id_smime_mod_oid =    'id-smime-mod-oid';
-  NID_id_smime_mod_oid =    198;
-  SN_id_smime_mod_msg_v3 =   'id-smime-mod-msg-v3';
-  NID_id_smime_mod_msg_v3 =   199;
-  SN_id_smime_mod_ets_eSignature_88 =     'id-smime-mod-ets-eSignature-88';
-  NID_id_smime_mod_ets_eSignature_88 =    200;
-  SN_id_smime_mod_ets_eSignature_97 =     'id-smime-mod-ets-eSignature-97';
-  NID_id_smime_mod_ets_eSignature_97 =    201;
-  SN_id_smime_mod_ets_eSigPolicy_88 =     'id-smime-mod-ets-eSigPolicy-88';
-  NID_id_smime_mod_ets_eSigPolicy_88 =    202;
-  SN_id_smime_mod_ets_eSigPolicy_97 =     'id-smime-mod-ets-eSigPolicy-97';
-  NID_id_smime_mod_ets_eSigPolicy_97 =    203;
-  SN_id_smime_ct_receipt =   'id-smime-ct-receipt';
-  NID_id_smime_ct_receipt =   204;
-  SN_id_smime_ct_authData =   'id-smime-ct-authData';
-  NID_id_smime_ct_authData =     205;
-  SN_id_smime_ct_publishCert =    'id-smime-ct-publishCert';
-  NID_id_smime_ct_publishCert =    206;
-  SN_id_smime_ct_TSTInfo =   'id-smime-ct-TSTInfo';
-  NID_id_smime_ct_TSTInfo =   207;
-  SN_id_smime_ct_TDTInfo =   'id-smime-ct-TDTInfo';
-  NID_id_smime_ct_TDTInfo =   208;
-  SN_id_smime_ct_contentInfo =    'id-smime-ct-contentInfo';
-  NID_id_smime_ct_contentInfo =    209;
-  SN_id_smime_ct_DVCSRequestData =   'id-smime-ct-DVCSRequestData';
-  NID_id_smime_ct_DVCSRequestData =   210;
-  SN_id_smime_ct_DVCSResponseData =   'id-smime-ct-DVCSResponseData';
-  NID_id_smime_ct_DVCSResponseData =     211;
-  SN_id_smime_ct_compressedData =    'id-smime-ct-compressedData';
-  NID_id_smime_ct_compressedData =   786;
-  SN_id_smime_ct_contentCollection =     'id-smime-ct-contentCollection';
-  NID_id_smime_ct_contentCollection =     1058;
-  SN_id_smime_ct_authEnvelopedData =     'id-smime-ct-authEnvelopedData';
-  NID_id_smime_ct_authEnvelopedData =     1059;
-  SN_id_ct_asciiTextWithCRLF =    'id-ct-asciiTextWithCRLF';
-  NID_id_ct_asciiTextWithCRLF =    787;
-  SN_id_ct_xml =    'id-ct-xml';
-  NID_id_ct_xml =    1060;
-  SN_id_smime_aa_receiptRequest =    'id-smime-aa-receiptRequest';
-  NID_id_smime_aa_receiptRequest =   212;
-  SN_id_smime_aa_securityLabel =    'id-smime-aa-securityLabel';
-  NID_id_smime_aa_securityLabel =    213;
-  SN_id_smime_aa_mlExpandHistory =   'id-smime-aa-mlExpandHistory';
-  NID_id_smime_aa_mlExpandHistory =   214;
-  SN_id_smime_aa_contentHint =    'id-smime-aa-contentHint';
-  NID_id_smime_aa_contentHint =    215;
-  SN_id_smime_aa_msgSigDigest =    'id-smime-aa-msgSigDigest';
-  NID_id_smime_aa_msgSigDigest =    216;
-  SN_id_smime_aa_encapContentType =   'id-smime-aa-encapContentType';
-  NID_id_smime_aa_encapContentType =     217;
-  SN_id_smime_aa_contentIdentifier =     'id-smime-aa-contentIdentifier';
-  NID_id_smime_aa_contentIdentifier =     218;
-  SN_id_smime_aa_macValue =   'id-smime-aa-macValue';
-  NID_id_smime_aa_macValue =     219;
-  SN_id_smime_aa_equivalentLabels =   'id-smime-aa-equivalentLabels';
-  NID_id_smime_aa_equivalentLabels =     220;
-  SN_id_smime_aa_contentReference =   'id-smime-aa-contentReference';
-  NID_id_smime_aa_contentReference =     221;
-  SN_id_smime_aa_encrypKeyPref =    'id-smime-aa-encrypKeyPref';
-  NID_id_smime_aa_encrypKeyPref =    222;
-  SN_id_smime_aa_signingCertificate =     'id-smime-aa-signingCertificate';
-  NID_id_smime_aa_signingCertificate =    223;
-  SN_id_smime_aa_smimeEncryptCerts =     'id-smime-aa-smimeEncryptCerts';
-  NID_id_smime_aa_smimeEncryptCerts =     224;
-  SN_id_smime_aa_timeStampToken =    'id-smime-aa-timeStampToken';
-  NID_id_smime_aa_timeStampToken =   225;
-  SN_id_smime_aa_ets_sigPolicyId =   'id-smime-aa-ets-sigPolicyId';
-  NID_id_smime_aa_ets_sigPolicyId =   226;
-  SN_id_smime_aa_ets_commitmentType =     'id-smime-aa-ets-commitmentType';
-  NID_id_smime_aa_ets_commitmentType =    227;
-  SN_id_smime_aa_ets_signerLocation =     'id-smime-aa-ets-signerLocation';
-  NID_id_smime_aa_ets_signerLocation =    228;
-  SN_id_smime_aa_ets_signerAttr =    'id-smime-aa-ets-signerAttr';
-  NID_id_smime_aa_ets_signerAttr =   229;
-  SN_id_smime_aa_ets_otherSigCert =   'id-smime-aa-ets-otherSigCert';
-  NID_id_smime_aa_ets_otherSigCert =     230;
-  SN_id_smime_aa_ets_contentTimestamp =    'id-smime-aa-ets-contentTimestamp';
-  NID_id_smime_aa_ets_contentTimestamp =    231;
-  SN_id_smime_aa_ets_CertificateRefs =    'id-smime-aa-ets-CertificateRefs';
-  NID_id_smime_aa_ets_CertificateRefs =    232;
-  SN_id_smime_aa_ets_RevocationRefs =     'id-smime-aa-ets-RevocationRefs';
-  NID_id_smime_aa_ets_RevocationRefs =    233;
-  SN_id_smime_aa_ets_certValues =    'id-smime-aa-ets-certValues';
-  NID_id_smime_aa_ets_certValues =   234;
-  SN_id_smime_aa_ets_revocationValues =    'id-smime-aa-ets-revocationValues';
-  NID_id_smime_aa_ets_revocationValues =    235;
-  SN_id_smime_aa_ets_escTimeStamp =   'id-smime-aa-ets-escTimeStamp';
-  NID_id_smime_aa_ets_escTimeStamp =     236;
-  SN_id_smime_aa_ets_certCRLTimestamp =    'id-smime-aa-ets-certCRLTimestamp';
-  NID_id_smime_aa_ets_certCRLTimestamp =    237;
-  SN_id_smime_aa_ets_archiveTimeStamp =    'id-smime-aa-ets-archiveTimeStamp';
-  NID_id_smime_aa_ets_archiveTimeStamp =    238;
-  SN_id_smime_aa_signatureType =    'id-smime-aa-signatureType';
-  NID_id_smime_aa_signatureType =    239;
-  SN_id_smime_aa_dvcs_dvc =   'id-smime-aa-dvcs-dvc';
-  NID_id_smime_aa_dvcs_dvc =     240;
-  SN_id_smime_aa_signingCertificateV2 =    'id-smime-aa-signingCertificateV2';
-  NID_id_smime_aa_signingCertificateV2 =    1086;
-  SN_id_smime_alg_ESDHwith3DES =    'id-smime-alg-ESDHwith3DES';
-  NID_id_smime_alg_ESDHwith3DES =    241;
-  SN_id_smime_alg_ESDHwithRC2 =    'id-smime-alg-ESDHwithRC2';
-  NID_id_smime_alg_ESDHwithRC2 =    242;
-  SN_id_smime_alg_3DESwrap =     'id-smime-alg-3DESwrap';
-  NID_id_smime_alg_3DESwrap =     243;
-  SN_id_smime_alg_RC2wrap =   'id-smime-alg-RC2wrap';
-  NID_id_smime_alg_RC2wrap =     244;
-  SN_id_smime_alg_ESDH =    'id-smime-alg-ESDH';
-  NID_id_smime_alg_ESDH =    245;
-  SN_id_smime_alg_CMS3DESwrap =    'id-smime-alg-CMS3DESwrap';
-  NID_id_smime_alg_CMS3DESwrap =    246;
-  SN_id_smime_alg_CMSRC2wrap =    'id-smime-alg-CMSRC2wrap';
-  NID_id_smime_alg_CMSRC2wrap =    247;
-  SN_id_alg_PWRI_KEK =    'id-alg-PWRI-KEK';
-  NID_id_alg_PWRI_KEK =    893;
-  SN_id_smime_cd_ldap =    'id-smime-cd-ldap';
-  NID_id_smime_cd_ldap =    248;
-  SN_id_smime_spq_ets_sqt_uri =    'id-smime-spq-ets-sqt-uri';
-  NID_id_smime_spq_ets_sqt_uri =    249;
-  SN_id_smime_spq_ets_sqt_unotice =   'id-smime-spq-ets-sqt-unotice';
-  NID_id_smime_spq_ets_sqt_unotice =     250;
-  SN_id_smime_cti_ets_proofOfOrigin =     'id-smime-cti-ets-proofOfOrigin';
-  NID_id_smime_cti_ets_proofOfOrigin =    251;
-  SN_id_smime_cti_ets_proofOfReceipt =    'id-smime-cti-ets-proofOfReceipt';
-  NID_id_smime_cti_ets_proofOfReceipt =    252;
-  SN_id_smime_cti_ets_proofOfDelivery =    'id-smime-cti-ets-proofOfDelivery';
-  NID_id_smime_cti_ets_proofOfDelivery =    253;
-  SN_id_smime_cti_ets_proofOfSender =     'id-smime-cti-ets-proofOfSender';
-  NID_id_smime_cti_ets_proofOfSender =    254;
-  SN_id_smime_cti_ets_proofOfApproval =    'id-smime-cti-ets-proofOfApproval';
-  NID_id_smime_cti_ets_proofOfApproval =    255;
-  SN_id_smime_cti_ets_proofOfCreation =    'id-smime-cti-ets-proofOfCreation';
-  NID_id_smime_cti_ets_proofOfCreation =    256;
-  LN_friendlyName =   'friendlyName';
-  NID_friendlyName =     156;
-  LN_localKeyID =    'localKeyID';
-  NID_localKeyID =   157;
-  SN_ms_csp_name =   'CSPName';
-  LN_ms_csp_name =   'Microsoft CSP Name';
-  NID_ms_csp_name =   417;
-  SN_LocalKeySet =   'LocalKeySet';
-  LN_LocalKeySet =   'Microsoft Local Key set';
-  NID_LocalKeySet =   856;
-  LN_x509Certificate =    'x509Certificate';
-  NID_x509Certificate =    158;
-  LN_sdsiCertificate =    'sdsiCertificate';
-  NID_sdsiCertificate =    159;
-  LN_x509Crl =    'x509Crl';
-  NID_x509Crl =    160;
-  SN_pbe_WithSHA1And128BitRC4 =    'PBE-SHA1-RC4-128';
-  LN_pbe_WithSHA1And128BitRC4 =    'pbeWithSHA1And128BitRC4';
-  NID_pbe_WithSHA1And128BitRC4 =    144;
-  SN_pbe_WithSHA1And40BitRC4 =    'PBE-SHA1-RC4-40';
-  LN_pbe_WithSHA1And40BitRC4 =    'pbeWithSHA1And40BitRC4';
-  NID_pbe_WithSHA1And40BitRC4 =    145;
-  SN_pbe_WithSHA1And3_Key_TripleDES_CBC =    'PBE-SHA1-3DES';
-  LN_pbe_WithSHA1And3_Key_TripleDES_CBC =    'pbeWithSHA1And3-KeyTripleDES-CBC';
-  NID_pbe_WithSHA1And3_Key_TripleDES_CBC =   146;
-  SN_pbe_WithSHA1And2_Key_TripleDES_CBC =    'PBE-SHA1-2DES';
-  LN_pbe_WithSHA1And2_Key_TripleDES_CBC =    'pbeWithSHA1And2-KeyTripleDES-CBC';
-  NID_pbe_WithSHA1And2_Key_TripleDES_CBC =   147;
-  SN_pbe_WithSHA1And128BitRC2_CBC =   'PBE-SHA1-RC2-128';
-  LN_pbe_WithSHA1And128BitRC2_CBC =   'pbeWithSHA1And128BitRC2-CBC';
-  NID_pbe_WithSHA1And128BitRC2_CBC =     148;
-  SN_pbe_WithSHA1And40BitRC2_CBC =   'PBE-SHA1-RC2-40';
-  LN_pbe_WithSHA1And40BitRC2_CBC =   'pbeWithSHA1And40BitRC2-CBC';
-  NID_pbe_WithSHA1And40BitRC2_CBC =   149;
-  LN_keyBag =     'keyBag';
-  NID_keyBag =    150;
-  LN_pkcs8ShroudedKeyBag =   'pkcs8ShroudedKeyBag';
-  NID_pkcs8ShroudedKeyBag =   151;
-  LN_certBag =    'certBag';
-  NID_certBag =    152;
-  LN_crlBag =     'crlBag';
-  NID_crlBag =    153;
-  LN_secretBag =    'secretBag';
-  NID_secretBag =    154;
-  LN_safeContentsBag =    'safeContentsBag';
-  NID_safeContentsBag =    155;
-  SN_md2 =   'MD2';
-  LN_md2 =   'md2';
-  NID_md2 =   3;
-  SN_md4 =   'MD4';
-  LN_md4 =   'md4';
-  NID_md4 =   257;
-  SN_md5 =   'MD5';
-  LN_md5 =   'md5';
-  NID_md5 =   4;
-  SN_md5_sha1 =    'MD5-SHA1';
-  LN_md5_sha1 =    'md5-sha1';
-  NID_md5_sha1 =    114;
-  LN_hmacWithMD5 =   'hmacWithMD5';
-  NID_hmacWithMD5 =   797;
-  LN_hmacWithSHA1 =   'hmacWithSHA1';
-  NID_hmacWithSHA1 =     163;
-  SN_sm2 =   'SM2';
-  LN_sm2 =   'sm2';
-  NID_sm2 =   1172;
-  SN_sm3 =   'SM3';
-  LN_sm3 =   'sm3';
-  NID_sm3 =   1143;
-  SN_sm3WithRSAEncryption =   'RSA-SM3';
-  LN_sm3WithRSAEncryption =   'sm3WithRSAEncryption';
-  NID_sm3WithRSAEncryption =     1144;
-  LN_hmacWithSHA224 =     'hmacWithSHA224';
-  NID_hmacWithSHA224 =    798;
-  LN_hmacWithSHA256 =     'hmacWithSHA256';
-  NID_hmacWithSHA256 =    799;
-  LN_hmacWithSHA384 =     'hmacWithSHA384';
-  NID_hmacWithSHA384 =    800;
-  LN_hmacWithSHA512 =     'hmacWithSHA512';
-  NID_hmacWithSHA512 =    801;
-  LN_hmacWithSHA512_224 =    'hmacWithSHA512-224';
-  NID_hmacWithSHA512_224 =   1193;
-  LN_hmacWithSHA512_256 =    'hmacWithSHA512-256';
-  NID_hmacWithSHA512_256 =   1194;
-  SN_rc2_cbc =    'RC2-CBC';
-  LN_rc2_cbc =    'rc2-cbc';
-  NID_rc2_cbc =    37;
-  SN_rc2_ecb =    'RC2-ECB';
-  LN_rc2_ecb =    'rc2-ecb';
-  NID_rc2_ecb =    38;
-  SN_rc2_cfb64 =    'RC2-CFB';
-  LN_rc2_cfb64 =    'rc2-cfb';
-  NID_rc2_cfb64 =    39;
-  SN_rc2_ofb64 =    'RC2-OFB';
-  LN_rc2_ofb64 =    'rc2-ofb';
-  NID_rc2_ofb64 =    40;
-  SN_rc2_40_cbc =    'RC2-40-CBC';
-  LN_rc2_40_cbc =    'rc2-40-cbc';
-  NID_rc2_40_cbc =   98;
-  SN_rc2_64_cbc =    'RC2-64-CBC';
-  LN_rc2_64_cbc =    'rc2-64-cbc';
-  NID_rc2_64_cbc =   166;
-  SN_rc4 =   'RC4';
-  LN_rc4 =   'rc4';
-  NID_rc4 =   5;
-  SN_rc4_40 =     'RC4-40';
-  LN_rc4_40 =     'rc4-40';
-  NID_rc4_40 =    97;
-  SN_des_ede3_cbc =   'DES-EDE3-CBC';
-  LN_des_ede3_cbc =   'des-ede3-cbc';
-  NID_des_ede3_cbc =     44;
-  SN_rc5_cbc =    'RC5-CBC';
-  LN_rc5_cbc =    'rc5-cbc';
-  NID_rc5_cbc =    120;
-  SN_rc5_ecb =    'RC5-ECB';
-  LN_rc5_ecb =    'rc5-ecb';
-  NID_rc5_ecb =    121;
-  SN_rc5_cfb64 =    'RC5-CFB';
-  LN_rc5_cfb64 =    'rc5-cfb';
-  NID_rc5_cfb64 =    122;
-  SN_rc5_ofb64 =    'RC5-OFB';
-  LN_rc5_ofb64 =    'rc5-ofb';
-  NID_rc5_ofb64 =    123;
-  SN_ms_ext_req =    'msExtReq';
-  LN_ms_ext_req =    'Microsoft Extension Request';
-  NID_ms_ext_req =   171;
-  SN_ms_code_ind =   'msCodeInd';
-  LN_ms_code_ind =   'Microsoft Individual Code Signing';
-  NID_ms_code_ind =   134;
-  SN_ms_code_com =   'msCodeCom';
-  LN_ms_code_com =   'Microsoft Commercial Code Signing';
-  NID_ms_code_com =   135;
-  SN_ms_ctl_sign =   'msCTLSign';
-  LN_ms_ctl_sign =   'Microsoft Trust List Signing';
-  NID_ms_ctl_sign =   136;
-  SN_ms_sgc =     'msSGC';
-  LN_ms_sgc =     'Microsoft Server Gated Crypto';
-  NID_ms_sgc =    137;
-  SN_ms_efs =     'msEFS';
-  LN_ms_efs =     'Microsoft Encrypted File System';
-  NID_ms_efs =    138;
-  SN_ms_smartcard_login =    'msSmartcardLogin';
-  LN_ms_smartcard_login =    'Microsoft Smartcard Login';
-  NID_ms_smartcard_login =   648;
-  SN_ms_upn =     'msUPN';
-  LN_ms_upn =     'Microsoft User Principal Name';
-  NID_ms_upn =    649;
-  SN_idea_cbc =    'IDEA-CBC';
-  LN_idea_cbc =    'idea-cbc';
-  NID_idea_cbc =    34;
-  SN_idea_ecb =    'IDEA-ECB';
-  LN_idea_ecb =    'idea-ecb';
-  NID_idea_ecb =    36;
-  SN_idea_cfb64 =    'IDEA-CFB';
-  LN_idea_cfb64 =    'idea-cfb';
-  NID_idea_cfb64 =   35;
-  SN_idea_ofb64 =    'IDEA-OFB';
-  LN_idea_ofb64 =    'idea-ofb';
-  NID_idea_ofb64 =   46;
-  SN_bf_cbc =     'BF-CBC';
-  LN_bf_cbc =     'bf-cbc';
-  NID_bf_cbc =    91;
-  SN_bf_ecb =     'BF-ECB';
-  LN_bf_ecb =     'bf-ecb';
-  NID_bf_ecb =    92;
-  SN_bf_cfb64 =    'BF-CFB';
-  LN_bf_cfb64 =    'bf-cfb';
-  NID_bf_cfb64 =    93;
-  SN_bf_ofb64 =    'BF-OFB';
-  LN_bf_ofb64 =    'bf-ofb';
-  NID_bf_ofb64 =    94;
-  SN_id_pkix =    'PKIX';
-  NID_id_pkix =    127;
-  SN_id_pkix_mod =   'id-pkix-mod';
-  NID_id_pkix_mod =   258;
-  SN_id_pe =     'id-pe';
-  NID_id_pe =     175;
-  SN_id_qt =     'id-qt';
-  NID_id_qt =     259;
-  SN_id_kp =     'id-kp';
-  NID_id_kp =     128;
-  SN_id_it =     'id-it';
-  NID_id_it =     260;
-  SN_id_pkip =    'id-pkip';
-  NID_id_pkip =    261;
-  SN_id_alg =     'id-alg';
-  NID_id_alg =    262;
-  SN_id_cmc =     'id-cmc';
-  NID_id_cmc =    263;
-  SN_id_on =     'id-on';
-  NID_id_on =     264;
-  SN_id_pda =     'id-pda';
-  NID_id_pda =    265;
-  SN_id_aca =     'id-aca';
-  NID_id_aca =    266;
-  SN_id_qcs =     'id-qcs';
-  NID_id_qcs =    267;
-  SN_id_cct =     'id-cct';
-  NID_id_cct =    268;
-  SN_id_ppl =     'id-ppl';
-  NID_id_ppl =    662;
-  SN_id_ad =     'id-ad';
-  NID_id_ad =     176;
-  SN_id_pkix1_explicit_88 =   'id-pkix1-explicit-88';
-  NID_id_pkix1_explicit_88 =     269;
-  SN_id_pkix1_implicit_88 =   'id-pkix1-implicit-88';
-  NID_id_pkix1_implicit_88 =     270;
-  SN_id_pkix1_explicit_93 =   'id-pkix1-explicit-93';
-  NID_id_pkix1_explicit_93 =     271;
-  SN_id_pkix1_implicit_93 =   'id-pkix1-implicit-93';
-  NID_id_pkix1_implicit_93 =     272;
-  SN_id_mod_crmf =   'id-mod-crmf';
-  NID_id_mod_crmf =   273;
-  SN_id_mod_cmc =    'id-mod-cmc';
-  NID_id_mod_cmc =   274;
-  SN_id_mod_kea_profile_88 =     'id-mod-kea-profile-88';
-  NID_id_mod_kea_profile_88 =     275;
-  SN_id_mod_kea_profile_93 =     'id-mod-kea-profile-93';
-  NID_id_mod_kea_profile_93 =     276;
-  SN_id_mod_cmp =    'id-mod-cmp';
-  NID_id_mod_cmp =   277;
-  SN_id_mod_qualified_cert_88 =    'id-mod-qualified-cert-88';
-  NID_id_mod_qualified_cert_88 =    278;
-  SN_id_mod_qualified_cert_93 =    'id-mod-qualified-cert-93';
-  NID_id_mod_qualified_cert_93 =    279;
-  SN_id_mod_attribute_cert =     'id-mod-attribute-cert';
-  NID_id_mod_attribute_cert =     280;
-  SN_id_mod_timestamp_protocol =    'id-mod-timestamp-protocol';
-  NID_id_mod_timestamp_protocol =    281;
-  SN_id_mod_ocsp =   'id-mod-ocsp';
-  NID_id_mod_ocsp =   282;
-  SN_id_mod_dvcs =   'id-mod-dvcs';
-  NID_id_mod_dvcs =   283;
-  SN_id_mod_cmp2000 =     'id-mod-cmp2000';
-  NID_id_mod_cmp2000 =    284;
-  SN_info_access =   'authorityInfoAccess';
-  LN_info_access =   'Authority Information Access';
-  NID_info_access =   177;
-  SN_biometricInfo =     'biometricInfo';
-  LN_biometricInfo =     'Biometric Info';
-  NID_biometricInfo =     285;
-  SN_qcStatements =   'qcStatements';
-  NID_qcStatements =     286;
-  SN_ac_auditEntity =     'ac-auditEntity';
-  NID_ac_auditEntity =    287;
-  SN_ac_targeting =   'ac-targeting';
-  NID_ac_targeting =     288;
-  SN_aaControls =    'aaControls';
-  NID_aaControls =   289;
-  SN_sbgp_ipAddrBlock =    'sbgp-ipAddrBlock';
-  NID_sbgp_ipAddrBlock =    290;
-  SN_sbgp_autonomousSysNum =     'sbgp-autonomousSysNum';
-  NID_sbgp_autonomousSysNum =     291;
-  SN_sbgp_routerIdentifier =     'sbgp-routerIdentifier';
-  NID_sbgp_routerIdentifier =     292;
-  SN_ac_proxying =   'ac-proxying';
-  NID_ac_proxying =   397;
-  SN_sinfo_access =   'subjectInfoAccess';
-  LN_sinfo_access =   'Subject Information Access';
-  NID_sinfo_access =     398;
-  SN_proxyCertInfo =     'proxyCertInfo';
-  LN_proxyCertInfo =     'Proxy Certificate Information';
-  NID_proxyCertInfo =     663;
-  SN_tlsfeature =    'tlsfeature';
-  LN_tlsfeature =    'TLS Feature';
-  NID_tlsfeature =   1020;
-  SN_id_qt_cps =    'id-qt-cps';
-  LN_id_qt_cps =    'Policy Qualifier CPS';
-  NID_id_qt_cps =    164;
-  SN_id_qt_unotice =     'id-qt-unotice';
-  LN_id_qt_unotice =     'Policy Qualifier User Notice';
-  NID_id_qt_unotice =     165;
-  SN_textNotice =    'textNotice';
-  NID_textNotice =   293;
-  SN_server_auth =   'serverAuth';
-  LN_server_auth =   'TLS Web Server Authentication';
-  NID_server_auth =   129;
-  SN_client_auth =   'clientAuth';
-  LN_client_auth =   'TLS Web Client Authentication';
-  NID_client_auth =   130;
-  SN_code_sign =    'codeSigning';
-  LN_code_sign =    'Code Signing';
-  NID_code_sign =    131;
-  SN_email_protect =     'emailProtection';
-  LN_email_protect =     'E-mail Protection';
-  NID_email_protect =     132;
-  SN_ipsecEndSystem =     'ipsecEndSystem';
-  LN_ipsecEndSystem =     'IPSec End System';
-  NID_ipsecEndSystem =    294;
-  SN_ipsecTunnel =   'ipsecTunnel';
-  LN_ipsecTunnel =   'IPSec Tunnel';
-  NID_ipsecTunnel =   295;
-  SN_ipsecUser =    'ipsecUser';
-  LN_ipsecUser =    'IPSec User';
-  NID_ipsecUser =    296;
-  SN_time_stamp =    'timeStamping';
-  LN_time_stamp =    'Time Stamping';
-  NID_time_stamp =   133;
-  SN_OCSP_sign =    'OCSPSigning';
-  LN_OCSP_sign =    'OCSP Signing';
-  NID_OCSP_sign =    180;
-  SN_dvcs =   'DVCS';
-  LN_dvcs =   'dvcs';
-  NID_dvcs =     297;
-  SN_ipsec_IKE =    'ipsecIKE';
-  LN_ipsec_IKE =    'ipsec Internet Key Exchange';
-  NID_ipsec_IKE =    1022;
-  SN_capwapAC =    'capwapAC';
-  LN_capwapAC =    'Ctrl/provision WAP Access';
-  NID_capwapAC =    1023;
-  SN_capwapWTP =    'capwapWTP';
-  LN_capwapWTP =    'Ctrl/Provision WAP Termination';
-  NID_capwapWTP =    1024;
-  SN_sshClient =    'secureShellClient';
-  LN_sshClient =    'SSH Client';
-  NID_sshClient =    1025;
-  SN_sshServer =    'secureShellServer';
-  LN_sshServer =    'SSH Server';
-  NID_sshServer =    1026;
-  SN_sendRouter =    'sendRouter';
-  LN_sendRouter =    'Send Router';
-  NID_sendRouter =   1027;
-  SN_sendProxiedRouter =    'sendProxiedRouter';
-  LN_sendProxiedRouter =    'Send Proxied Router';
-  NID_sendProxiedRouter =    1028;
-  SN_sendOwner =    'sendOwner';
-  LN_sendOwner =    'Send Owner';
-  NID_sendOwner =    1029;
-  SN_sendProxiedOwner =    'sendProxiedOwner';
-  LN_sendProxiedOwner =    'Send Proxied Owner';
-  NID_sendProxiedOwner =    1030;
-  SN_cmcCA =     'cmcCA';
-  LN_cmcCA =     'CMC Certificate Authority';
-  NID_cmcCA =     1131;
-  SN_cmcRA =     'cmcRA';
-  LN_cmcRA =     'CMC Registration Authority';
-  NID_cmcRA =     1132;
-  SN_id_it_caProtEncCert =   'id-it-caProtEncCert';
-  NID_id_it_caProtEncCert =   298;
-  SN_id_it_signKeyPairTypes =     'id-it-signKeyPairTypes';
-  NID_id_it_signKeyPairTypes =    299;
-  SN_id_it_encKeyPairTypes =     'id-it-encKeyPairTypes';
-  NID_id_it_encKeyPairTypes =     300;
-  SN_id_it_preferredSymmAlg =     'id-it-preferredSymmAlg';
-  NID_id_it_preferredSymmAlg =    301;
-  SN_id_it_caKeyUpdateInfo =     'id-it-caKeyUpdateInfo';
-  NID_id_it_caKeyUpdateInfo =     302;
-  SN_id_it_currentCRL =    'id-it-currentCRL';
-  NID_id_it_currentCRL =    303;
-  SN_id_it_unsupportedOIDs =     'id-it-unsupportedOIDs';
-  NID_id_it_unsupportedOIDs =     304;
-  SN_id_it_subscriptionRequest =    'id-it-subscriptionRequest';
-  NID_id_it_subscriptionRequest =    305;
-  SN_id_it_subscriptionResponse =    'id-it-subscriptionResponse';
-  NID_id_it_subscriptionResponse =   306;
-  SN_id_it_keyPairParamReq =     'id-it-keyPairParamReq';
-  NID_id_it_keyPairParamReq =     307;
-  SN_id_it_keyPairParamRep =     'id-it-keyPairParamRep';
-  NID_id_it_keyPairParamRep =     308;
-  SN_id_it_revPassphrase =   'id-it-revPassphrase';
-  NID_id_it_revPassphrase =   309;
-  SN_id_it_implicitConfirm =     'id-it-implicitConfirm';
-  NID_id_it_implicitConfirm =     310;
-  SN_id_it_confirmWaitTime =     'id-it-confirmWaitTime';
-  NID_id_it_confirmWaitTime =     311;
-  SN_id_it_origPKIMessage =   'id-it-origPKIMessage';
-  NID_id_it_origPKIMessage =     312;
-  SN_id_it_suppLangTags =    'id-it-suppLangTags';
-  NID_id_it_suppLangTags =   784;
-  SN_id_regCtrl =    'id-regCtrl';
-  NID_id_regCtrl =   313;
-  SN_id_regInfo =    'id-regInfo';
-  NID_id_regInfo =   314;
-  SN_id_regCtrl_regToken =   'id-regCtrl-regToken';
-  NID_id_regCtrl_regToken =   315;
-  SN_id_regCtrl_authenticator =    'id-regCtrl-authenticator';
-  NID_id_regCtrl_authenticator =    316;
-  SN_id_regCtrl_pkiPublicationInfo =     'id-regCtrl-pkiPublicationInfo';
-  NID_id_regCtrl_pkiPublicationInfo =     317;
-  SN_id_regCtrl_pkiArchiveOptions =   'id-regCtrl-pkiArchiveOptions';
-  NID_id_regCtrl_pkiArchiveOptions =     318;
-  SN_id_regCtrl_oldCertID =   'id-regCtrl-oldCertID';
-  NID_id_regCtrl_oldCertID =     319;
-  SN_id_regCtrl_protocolEncrKey =    'id-regCtrl-protocolEncrKey';
-  NID_id_regCtrl_protocolEncrKey =   320;
-  SN_id_regInfo_utf8Pairs =   'id-regInfo-utf8Pairs';
-  NID_id_regInfo_utf8Pairs =     321;
-  SN_id_regInfo_certReq =    'id-regInfo-certReq';
-  NID_id_regInfo_certReq =   322;
-  SN_id_alg_des40 =   'id-alg-des40';
-  NID_id_alg_des40 =     323;
-  SN_id_alg_noSignature =    'id-alg-noSignature';
-  NID_id_alg_noSignature =   324;
-  SN_id_alg_dh_sig_hmac_sha1 =    'id-alg-dh-sig-hmac-sha1';
-  NID_id_alg_dh_sig_hmac_sha1 =    325;
-  SN_id_alg_dh_pop =     'id-alg-dh-pop';
-  NID_id_alg_dh_pop =     326;
-  SN_id_cmc_statusInfo =    'id-cmc-statusInfo';
-  NID_id_cmc_statusInfo =    327;
-  SN_id_cmc_identification =     'id-cmc-identification';
-  NID_id_cmc_identification =     328;
-  SN_id_cmc_identityProof =   'id-cmc-identityProof';
-  NID_id_cmc_identityProof =     329;
-  SN_id_cmc_dataReturn =    'id-cmc-dataReturn';
-  NID_id_cmc_dataReturn =    330;
-  SN_id_cmc_transactionId =   'id-cmc-transactionId';
-  NID_id_cmc_transactionId =     331;
-  SN_id_cmc_senderNonce =    'id-cmc-senderNonce';
-  NID_id_cmc_senderNonce =   332;
-  SN_id_cmc_recipientNonce =     'id-cmc-recipientNonce';
-  NID_id_cmc_recipientNonce =     333;
-  SN_id_cmc_addExtensions =   'id-cmc-addExtensions';
-  NID_id_cmc_addExtensions =     334;
-  SN_id_cmc_encryptedPOP =   'id-cmc-encryptedPOP';
-  NID_id_cmc_encryptedPOP =   335;
-  SN_id_cmc_decryptedPOP =   'id-cmc-decryptedPOP';
-  NID_id_cmc_decryptedPOP =   336;
-  SN_id_cmc_lraPOPWitness =   'id-cmc-lraPOPWitness';
-  NID_id_cmc_lraPOPWitness =     337;
-  SN_id_cmc_getCert =     'id-cmc-getCert';
-  NID_id_cmc_getCert =    338;
-  SN_id_cmc_getCRL =     'id-cmc-getCRL';
-  NID_id_cmc_getCRL =     339;
-  SN_id_cmc_revokeRequest =   'id-cmc-revokeRequest';
-  NID_id_cmc_revokeRequest =     340;
-  SN_id_cmc_regInfo =     'id-cmc-regInfo';
-  NID_id_cmc_regInfo =    341;
-  SN_id_cmc_responseInfo =   'id-cmc-responseInfo';
-  NID_id_cmc_responseInfo =   342;
-  SN_id_cmc_queryPending =   'id-cmc-queryPending';
-  NID_id_cmc_queryPending =   343;
-  SN_id_cmc_popLinkRandom =   'id-cmc-popLinkRandom';
-  NID_id_cmc_popLinkRandom =     344;
-  SN_id_cmc_popLinkWitness =     'id-cmc-popLinkWitness';
-  NID_id_cmc_popLinkWitness =     345;
-  SN_id_cmc_confirmCertAcceptance =   'id-cmc-confirmCertAcceptance';
-  NID_id_cmc_confirmCertAcceptance =     346;
-  SN_id_on_personalData =    'id-on-personalData';
-  NID_id_on_personalData =   347;
-  SN_id_on_permanentIdentifier =    'id-on-permanentIdentifier';
-  LN_id_on_permanentIdentifier =    'Permanent Identifier';
-  NID_id_on_permanentIdentifier =    858;
-  SN_id_pda_dateOfBirth =    'id-pda-dateOfBirth';
-  NID_id_pda_dateOfBirth =   348;
-  SN_id_pda_placeOfBirth =   'id-pda-placeOfBirth';
-  NID_id_pda_placeOfBirth =   349;
-  SN_id_pda_gender =     'id-pda-gender';
-  NID_id_pda_gender =     351;
-  SN_id_pda_countryOfCitizenship =   'id-pda-countryOfCitizenship';
-  NID_id_pda_countryOfCitizenship =   352;
-  SN_id_pda_countryOfResidence =    'id-pda-countryOfResidence';
-  NID_id_pda_countryOfResidence =    353;
-  SN_id_aca_authenticationInfo =    'id-aca-authenticationInfo';
-  NID_id_aca_authenticationInfo =    354;
-  SN_id_aca_accessIdentity =     'id-aca-accessIdentity';
-  NID_id_aca_accessIdentity =     355;
-  SN_id_aca_chargingIdentity =    'id-aca-chargingIdentity';
-  NID_id_aca_chargingIdentity =    356;
-  SN_id_aca_group =   'id-aca-group';
-  NID_id_aca_group =     357;
-  SN_id_aca_role =   'id-aca-role';
-  NID_id_aca_role =   358;
-  SN_id_aca_encAttrs =    'id-aca-encAttrs';
-  NID_id_aca_encAttrs =    399;
-  SN_id_qcs_pkixQCSyntax_v1 =     'id-qcs-pkixQCSyntax-v1';
-  NID_id_qcs_pkixQCSyntax_v1 =    359;
-  SN_id_cct_crs =    'id-cct-crs';
-  NID_id_cct_crs =   360;
-  SN_id_cct_PKIData =     'id-cct-PKIData';
-  NID_id_cct_PKIData =    361;
-  SN_id_cct_PKIResponse =    'id-cct-PKIResponse';
-  NID_id_cct_PKIResponse =   362;
-  SN_id_ppl_anyLanguage =    'id-ppl-anyLanguage';
-  LN_id_ppl_anyLanguage =    'Any language';
-  NID_id_ppl_anyLanguage =   664;
-  SN_id_ppl_inheritAll =    'id-ppl-inheritAll';
-  LN_id_ppl_inheritAll =    'Inherit all';
-  NID_id_ppl_inheritAll =    665;
-  SN_Independent =   'id-ppl-independent';
-  LN_Independent =   'Independent';
-  NID_Independent =   667;
-  SN_ad_OCSP =    'OCSP';
-  LN_ad_OCSP =    'OCSP';
-  NID_ad_OCSP =    178;
-  SN_ad_ca_issuers =     'caIssuers';
-  LN_ad_ca_issuers =     'CA Issuers';
-  NID_ad_ca_issuers =     179;
-  SN_ad_timeStamping =    'ad_timestamping';
-  LN_ad_timeStamping =    'AD Time Stamping';
-  NID_ad_timeStamping =    363;
-  SN_ad_dvcs =    'AD_DVCS';
-  LN_ad_dvcs =    'ad dvcs';
-  NID_ad_dvcs =    364;
-  SN_caRepository =   'caRepository';
-  LN_caRepository =   'CA Repository';
-  NID_caRepository =     785;
-  SN_id_pkix_OCSP_basic =    'basicOCSPResponse';
-  LN_id_pkix_OCSP_basic =    'Basic OCSP Response';
-  NID_id_pkix_OCSP_basic =   365;
-  SN_id_pkix_OCSP_Nonce =    'Nonce';
-  LN_id_pkix_OCSP_Nonce =    'OCSP Nonce';
-  NID_id_pkix_OCSP_Nonce =   366;
-  SN_id_pkix_OCSP_CrlID =    'CrlID';
-  LN_id_pkix_OCSP_CrlID =    'OCSP CRL ID';
-  NID_id_pkix_OCSP_CrlID =   367;
-  SN_id_pkix_OCSP_acceptableResponses =    'acceptableResponses';
-  LN_id_pkix_OCSP_acceptableResponses =    'Acceptable OCSP Responses';
-  NID_id_pkix_OCSP_acceptableResponses =    368;
-  SN_id_pkix_OCSP_noCheck =   'noCheck';
-  LN_id_pkix_OCSP_noCheck =   'OCSP No Check';
-  NID_id_pkix_OCSP_noCheck =     369;
-  SN_id_pkix_OCSP_archiveCutoff =    'archiveCutoff';
-  LN_id_pkix_OCSP_archiveCutoff =    'OCSP Archive Cutoff';
-  NID_id_pkix_OCSP_archiveCutoff =   370;
-  SN_id_pkix_OCSP_serviceLocator =   'serviceLocator';
-  LN_id_pkix_OCSP_serviceLocator =   'OCSP Service Locator';
-  NID_id_pkix_OCSP_serviceLocator =   371;
-  SN_id_pkix_OCSP_extendedStatus =   'extendedStatus';
-  LN_id_pkix_OCSP_extendedStatus =   'Extended OCSP Status';
-  NID_id_pkix_OCSP_extendedStatus =   372;
-  SN_id_pkix_OCSP_valid =    'valid';
-  NID_id_pkix_OCSP_valid =   373;
-  SN_id_pkix_OCSP_path =    'path';
-  NID_id_pkix_OCSP_path =    374;
-  SN_id_pkix_OCSP_trustRoot =     'trustRoot';
-  LN_id_pkix_OCSP_trustRoot =     'Trust Root';
-  NID_id_pkix_OCSP_trustRoot =    375;
-  SN_algorithm =    'algorithm';
-  LN_algorithm =    'algorithm';
-  NID_algorithm =    376;
-  SN_md5WithRSA =    'RSA-NP-MD5';
-  LN_md5WithRSA =    'md5WithRSA';
-  NID_md5WithRSA =   104;
-  SN_des_ecb =    'DES-ECB';
-  LN_des_ecb =    'des-ecb';
-  NID_des_ecb =    29;
-  SN_des_cbc =    'DES-CBC';
-  LN_des_cbc =    'des-cbc';
-  NID_des_cbc =    31;
-  SN_des_ofb64 =    'DES-OFB';
-  LN_des_ofb64 =    'des-ofb';
-  NID_des_ofb64 =    45;
-  SN_des_cfb64 =    'DES-CFB';
-  LN_des_cfb64 =    'des-cfb';
-  NID_des_cfb64 =    30;
-  SN_rsaSignature =   'rsaSignature';
-  NID_rsaSignature =     377;
-  SN_dsa_2 =     'DSA-old';
-  LN_dsa_2 =     'dsaEncryption-old';
-  NID_dsa_2 =     67;
-  SN_dsaWithSHA =    'DSA-SHA';
-  LN_dsaWithSHA =    'dsaWithSHA';
-  NID_dsaWithSHA =   66;
-  SN_shaWithRSAEncryption =   'RSA-SHA';
-  LN_shaWithRSAEncryption =   'shaWithRSAEncryption';
-  NID_shaWithRSAEncryption =     42;
-  SN_des_ede_ecb =   'DES-EDE';
-  LN_des_ede_ecb =   'des-ede';
-  NID_des_ede_ecb =   32;
-  SN_des_ede3_ecb =   'DES-EDE3';
-  LN_des_ede3_ecb =   'des-ede3';
-  NID_des_ede3_ecb =     33;
-  SN_des_ede_cbc =   'DES-EDE-CBC';
-  LN_des_ede_cbc =   'des-ede-cbc';
-  NID_des_ede_cbc =   43;
-  SN_des_ede_cfb64 =     'DES-EDE-CFB';
-  LN_des_ede_cfb64 =     'des-ede-cfb';
-  NID_des_ede_cfb64 =     60;
-  SN_des_ede3_cfb64 =     'DES-EDE3-CFB';
-  LN_des_ede3_cfb64 =     'des-ede3-cfb';
-  NID_des_ede3_cfb64 =    61;
-  SN_des_ede_ofb64 =     'DES-EDE-OFB';
-  LN_des_ede_ofb64 =     'des-ede-ofb';
-  NID_des_ede_ofb64 =     62;
-  SN_des_ede3_ofb64 =     'DES-EDE3-OFB';
-  LN_des_ede3_ofb64 =     'des-ede3-ofb';
-  NID_des_ede3_ofb64 =    63;
-  SN_desx_cbc =    'DESX-CBC';
-  LN_desx_cbc =    'desx-cbc';
-  NID_desx_cbc =    80;
-  SN_sha =   'SHA';
-  LN_sha =   'sha';
-  NID_sha =   41;
-  SN_sha1 =   'SHA1';
-  LN_sha1 =   'sha1';
-  NID_sha1 =     64;
-  SN_dsaWithSHA1_2 =     'DSA-SHA1-old';
-  LN_dsaWithSHA1_2 =     'dsaWithSHA1-old';
-  NID_dsaWithSHA1_2 =     70;
-  SN_sha1WithRSA =   'RSA-SHA1-2';
-  LN_sha1WithRSA =   'sha1WithRSA';
-  NID_sha1WithRSA =   115;
-  SN_ripemd160 =    'RIPEMD160';
-  LN_ripemd160 =    'ripemd160';
-  NID_ripemd160 =    117;
-  SN_ripemd160WithRSA =    'RSA-RIPEMD160';
-  LN_ripemd160WithRSA =    'ripemd160WithRSA';
-  NID_ripemd160WithRSA =    119;
-  SN_blake2b512 =    'BLAKE2b512';
-  LN_blake2b512 =    'blake2b512';
-  NID_blake2b512 =   1056;
-  SN_blake2s256 =    'BLAKE2s256';
-  LN_blake2s256 =    'blake2s256';
-  NID_blake2s256 =   1057;
-  SN_sxnet =     'SXNetID';
-  LN_sxnet =     'Strong Extranet ID';
-  NID_sxnet =     143;
-  SN_X500 =   'X500';
-  LN_X500 =   'directory services(X.500)';
-  NID_X500 =     11;
-  SN_X509 =   'X509';
-  NID_X509 =     12;
-  SN_commonName =    'CN';
-  LN_commonName =    'commonName';
-  NID_commonName =   13;
-  SN_surname =    'SN';
-  LN_surname =    'surname';
-  NID_surname =    100;
-  LN_serialNumber =   'serialNumber';
-  NID_serialNumber =     105;
-  SN_countryName =   'C';
-  LN_countryName =   'countryName';
-  NID_countryName =   14;
-  SN_localityName =   'L';
-  LN_localityName =   'localityName';
-  NID_localityName =     15;
-  SN_stateOrProvinceName =   'ST';
-  LN_stateOrProvinceName =   'stateOrProvinceName';
-  NID_stateOrProvinceName =   16;
-  SN_streetAddress =     'street';
-  LN_streetAddress =     'streetAddress';
-  NID_streetAddress =     660;
-  SN_organizationName =    'O';
-  LN_organizationName =    'organizationName';
-  NID_organizationName =    17;
-  SN_organizationalUnitName =     'OU';
-  LN_organizationalUnitName =     'organizationalUnitName';
-  NID_organizationalUnitName =    18;
-  SN_title =     'title';
-  LN_title =     'title';
-  NID_title =     106;
-  LN_description =   'description';
-  NID_description =   107;
-  LN_searchGuide =   'searchGuide';
-  NID_searchGuide =   859;
-  LN_businessCategory =    'businessCategory';
-  NID_businessCategory =    860;
-  LN_postalAddress =     'postalAddress';
-  NID_postalAddress =     861;
-  LN_postalCode =    'postalCode';
-  NID_postalCode =   661;
-  LN_postOfficeBox =     'postOfficeBox';
-  NID_postOfficeBox =     862;
-  LN_physicalDeliveryOfficeName =    'physicalDeliveryOfficeName';
-  NID_physicalDeliveryOfficeName =   863;
-  LN_telephoneNumber =    'telephoneNumber';
-  NID_telephoneNumber =    864;
-  LN_telexNumber =   'telexNumber';
-  NID_telexNumber =   865;
-  LN_teletexTerminalIdentifier =    'teletexTerminalIdentifier';
-  NID_teletexTerminalIdentifier =    866;
-  LN_facsimileTelephoneNumber =    'facsimileTelephoneNumber';
-  NID_facsimileTelephoneNumber =    867;
-  LN_x121Address =   'x121Address';
-  NID_x121Address =   868;
-  LN_internationaliSDNNumber =    'internationaliSDNNumber';
-  NID_internationaliSDNNumber =    869;
-  LN_registeredAddress =    'registeredAddress';
-  NID_registeredAddress =    870;
-  LN_destinationIndicator =   'destinationIndicator';
-  NID_destinationIndicator =     871;
-  LN_preferredDeliveryMethod =    'preferredDeliveryMethod';
-  NID_preferredDeliveryMethod =    872;
-  LN_presentationAddress =   'presentationAddress';
-  NID_presentationAddress =   873;
-  LN_supportedApplicationContext =   'supportedApplicationContext';
-  NID_supportedApplicationContext =   874;
-  SN_member =     'member';
-  NID_member =    875;
-  SN_owner =     'owner';
-  NID_owner =     876;
-  LN_roleOccupant =   'roleOccupant';
-  NID_roleOccupant =     877;
-  SN_seeAlso =    'seeAlso';
-  NID_seeAlso =    878;
-  LN_userPassword =   'userPassword';
-  NID_userPassword =     879;
-  LN_userCertificate =    'userCertificate';
-  NID_userCertificate =    880;
-  LN_cACertificate =     'cACertificate';
-  NID_cACertificate =     881;
-  LN_authorityRevocationList =    'authorityRevocationList';
-  NID_authorityRevocationList =    882;
-  LN_certificateRevocationList =    'certificateRevocationList';
-  NID_certificateRevocationList =    883;
-  LN_crossCertificatePair =   'crossCertificatePair';
-  NID_crossCertificatePair =     884;
-  SN_name =   'name';
-  LN_name =   'name';
-  NID_name =     173;
-  SN_givenName =    'GN';
-  LN_givenName =    'givenName';
-  NID_givenName =    99;
-  SN_initials =    'initials';
-  LN_initials =    'initials';
-  NID_initials =    101;
-  LN_generationQualifier =   'generationQualifier';
-  NID_generationQualifier =   509;
-  LN_x500UniqueIdentifier =   'x500UniqueIdentifier';
-  NID_x500UniqueIdentifier =     503;
-  SN_dnQualifier =   'dnQualifier';
-  LN_dnQualifier =   'dnQualifier';
-  NID_dnQualifier =   174;
-  LN_enhancedSearchGuide =   'enhancedSearchGuide';
-  NID_enhancedSearchGuide =   885;
-  LN_protocolInformation =   'protocolInformation';
-  NID_protocolInformation =   886;
-  LN_distinguishedName =    'distinguishedName';
-  NID_distinguishedName =    887;
-  LN_uniqueMember =   'uniqueMember';
-  NID_uniqueMember =     888;
-  LN_houseIdentifier =    'houseIdentifier';
-  NID_houseIdentifier =    889;
-  LN_supportedAlgorithms =   'supportedAlgorithms';
-  NID_supportedAlgorithms =   890;
-  LN_deltaRevocationList =   'deltaRevocationList';
-  NID_deltaRevocationList =   891;
-  SN_dmdName =    'dmdName';
-  NID_dmdName =    892;
-  LN_pseudonym =    'pseudonym';
-  NID_pseudonym =    510;
-  SN_role =   'role';
-  LN_role =   'role';
-  NID_role =     400;
-  LN_organizationIdentifier =     'organizationIdentifier';
-  NID_organizationIdentifier =    1089;
-  SN_countryCode3c =     'c3';
-  LN_countryCode3c =     'countryCode3c';
-  NID_countryCode3c =     1090;
-  SN_countryCode3n =     'n3';
-  LN_countryCode3n =     'countryCode3n';
-  NID_countryCode3n =     1091;
-  LN_dnsName =    'dnsName';
-  NID_dnsName =    1092;
-  SN_X500algorithms =     'X500algorithms';
-  LN_X500algorithms =     'directory services - algorithms';
-  NID_X500algorithms =    378;
-  SN_rsa =   'RSA';
-  LN_rsa =   'rsa';
-  NID_rsa =   19;
-  SN_mdc2WithRSA =   'RSA-MDC2';
-  LN_mdc2WithRSA =   'mdc2WithRSA';
-  NID_mdc2WithRSA =   96;
-  SN_mdc2 =   'MDC2';
-  LN_mdc2 =   'mdc2';
-  NID_mdc2 =     95;
-  SN_id_ce =     'id-ce';
-  NID_id_ce =     81;
-  SN_subject_directory_attributes =   'subjectDirectoryAttributes';
-  LN_subject_directory_attributes =   'X509v3 Subject Directory Attributes';
-  NID_subject_directory_attributes =     769;
-  SN_subject_key_identifier =     'subjectKeyIdentifier';
-  LN_subject_key_identifier =     'X509v3 Subject Key Identifier';
-  NID_subject_key_identifier =    82;
-  SN_key_usage =    'keyUsage';
-  LN_key_usage =    'X509v3 Key Usage';
-  NID_key_usage =    83;
-  SN_private_key_usage_period =    'privateKeyUsagePeriod';
-  LN_private_key_usage_period =    'X509v3 Private Key Usage Period';
-  NID_private_key_usage_period =    84;
-  SN_subject_alt_name =    'subjectAltName';
-  LN_subject_alt_name =    'X509v3 Subject Alternative Name';
-  NID_subject_alt_name =    85;
-  SN_issuer_alt_name =    'issuerAltName';
-  LN_issuer_alt_name =    'X509v3 Issuer Alternative Name';
-  NID_issuer_alt_name =    86;
-  SN_basic_constraints =    'basicConstraints';
-  LN_basic_constraints =    'X509v3 Basic Constraints';
-  NID_basic_constraints =    87;
-  SN_crl_number =    'crlNumber';
-  LN_crl_number =    'X509v3 CRL Number';
-  NID_crl_number =   88;
-  SN_crl_reason =    'CRLReason';
-  LN_crl_reason =    'X509v3 CRL Reason Code';
-  NID_crl_reason =   141;
-  SN_invalidity_date =    'invalidityDate';
-  LN_invalidity_date =    'Invalidity Date';
-  NID_invalidity_date =    142;
-  SN_delta_crl =    'deltaCRL';
-  LN_delta_crl =    'X509v3 Delta CRL Indicator';
-  NID_delta_crl =    140;
-  SN_issuing_distribution_point =    'issuingDistributionPoint';
-  LN_issuing_distribution_point =    'X509v3 Issuing Distribution Point';
-  NID_issuing_distribution_point =   770;
-  SN_certificate_issuer =    'certificateIssuer';
-  LN_certificate_issuer =    'X509v3 Certificate Issuer';
-  NID_certificate_issuer =   771;
-  SN_name_constraints =    'nameConstraints';
-  LN_name_constraints =    'X509v3 Name Constraints';
-  NID_name_constraints =    666;
-  SN_crl_distribution_points =    'crlDistributionPoints';
-  LN_crl_distribution_points =    'X509v3 CRL Distribution Points';
-  NID_crl_distribution_points =    103;
-  SN_certificate_policies =   'certificatePolicies';
-  LN_certificate_policies =   'X509v3 Certificate Policies';
-  NID_certificate_policies =     89;
-  SN_any_policy =    'anyPolicy';
-  LN_any_policy =    'X509v3 Any Policy';
-  NID_any_policy =   746;
-  SN_policy_mappings =    'policyMappings';
-  LN_policy_mappings =    'X509v3 Policy Mappings';
-  NID_policy_mappings =    747;
-  SN_authority_key_identifier =    'authorityKeyIdentifier';
-  LN_authority_key_identifier =    'X509v3 Authority Key Identifier';
-  NID_authority_key_identifier =    90;
-  SN_policy_constraints =    'policyConstraints';
-  LN_policy_constraints =    'X509v3 Policy Constraints';
-  NID_policy_constraints =   401;
-  SN_ext_key_usage =     'extendedKeyUsage';
-  LN_ext_key_usage =     'X509v3 Extended Key Usage';
-  NID_ext_key_usage =     126;
-  SN_freshest_crl =   'freshestCRL';
-  LN_freshest_crl =   'X509v3 Freshest CRL';
-  NID_freshest_crl =     857;
-  SN_inhibit_any_policy =    'inhibitAnyPolicy';
-  LN_inhibit_any_policy =    'X509v3 Inhibit Any Policy';
-  NID_inhibit_any_policy =   748;
-  SN_target_information =    'targetInformation';
-  LN_target_information =    'X509v3 AC Targeting';
-  NID_target_information =   402;
-  SN_no_rev_avail =   'noRevAvail';
-  LN_no_rev_avail =   'X509v3 No Revocation Available';
-  NID_no_rev_avail =     403;
-  SN_anyExtendedKeyUsage =   'anyExtendedKeyUsage';
-  LN_anyExtendedKeyUsage =   'Any Extended Key Usage';
-  NID_anyExtendedKeyUsage =   910;
-  SN_netscape =    'Netscape';
-  LN_netscape =    'Netscape Communications Corp.';
-  NID_netscape =    57;
-  SN_netscape_cert_extension =    'nsCertExt';
-  LN_netscape_cert_extension =    'Netscape Certificate Extension';
-  NID_netscape_cert_extension =    58;
-  SN_netscape_data_type =    'nsDataType';
-  LN_netscape_data_type =    'Netscape Data Type';
-  NID_netscape_data_type =   59;
-  SN_netscape_cert_type =    'nsCertType';
-  LN_netscape_cert_type =    'Netscape Cert Type';
-  NID_netscape_cert_type =   71;
-  SN_netscape_base_url =    'nsBaseUrl';
-  LN_netscape_base_url =    'Netscape Base Url';
-  NID_netscape_base_url =    72;
-  SN_netscape_revocation_url =    'nsRevocationUrl';
-  LN_netscape_revocation_url =    'Netscape Revocation Url';
-  NID_netscape_revocation_url =    73;
-  SN_netscape_ca_revocation_url =    'nsCaRevocationUrl';
-  LN_netscape_ca_revocation_url =    'Netscape CA Revocation Url';
-  NID_netscape_ca_revocation_url =   74;
-  SN_netscape_renewal_url =   'nsRenewalUrl';
-  LN_netscape_renewal_url =   'Netscape Renewal Url';
-  NID_netscape_renewal_url =     75;
-  SN_netscape_ca_policy_url =     'nsCaPolicyUrl';
-  LN_netscape_ca_policy_url =     'Netscape CA Policy Url';
-  NID_netscape_ca_policy_url =    76;
-  SN_netscape_ssl_server_name =    'nsSslServerName';
-  LN_netscape_ssl_server_name =    'Netscape Server: SSl Name';
-  NID_netscape_ssl_server_name =    77;
-  SN_netscape_comment =    'nsComment';
-  LN_netscape_comment =    'Netscape Comment';
-  NID_netscape_comment =    78;
-  SN_netscape_cert_sequence =     'nsCertSequence';
-  LN_netscape_cert_sequence =     'Netscape Certificate Sequence';
-  NID_netscape_cert_sequence =    79;
-  SN_ns_sgc =     'nsSGC';
-  LN_ns_sgc =     'Netscape Server Gated Crypto';
-  NID_ns_sgc =    139;
-  SN_org =   'ORG';
-  LN_org =   'org';
-  NID_org =   379;
-  SN_dod =   'DOD';
-  LN_dod =   'dod';
-  NID_dod =   380;
-  SN_iana =   'IANA';
-  LN_iana =   'iana';
-  NID_iana =     381;
-  SN_Directory =    'directory';
-  LN_Directory =    'Directory';
-  NID_Directory =    382;
-  SN_Management =    'mgmt';
-  LN_Management =    'Management';
-  NID_Management =   383;
-  SN_Experimental =   'experimental';
-  LN_Experimental =   'Experimental';
-  NID_Experimental =     384;
-  SN_Private =    'private';
-  LN_Private =    'Private';
-  NID_Private =    385;
-  SN_Security =    'security';
-  LN_Security =    'Security';
-  NID_Security =    386;
-  SN_SNMPv2 =     'snmpv2';
-  LN_SNMPv2 =     'SNMPv2';
-  NID_SNMPv2 =    387;
-  LN_Mail =   'Mail';
-  NID_Mail =     388;
-  SN_Enterprises =   'enterprises';
-  LN_Enterprises =   'Enterprises';
-  NID_Enterprises =   389;
-  SN_dcObject =    'dcobject';
-  LN_dcObject =    'dcObject';
-  NID_dcObject =    390;
-  SN_mime_mhs =    'mime-mhs';
-  LN_mime_mhs =    'MIME MHS';
-  NID_mime_mhs =    504;
-  SN_mime_mhs_headings =    'mime-mhs-headings';
-  LN_mime_mhs_headings =    'mime-mhs-headings';
-  NID_mime_mhs_headings =    505;
-  SN_mime_mhs_bodies =    'mime-mhs-bodies';
-  LN_mime_mhs_bodies =    'mime-mhs-bodies';
-  NID_mime_mhs_bodies =    506;
-  SN_id_hex_partial_message =     'id-hex-partial-message';
-  LN_id_hex_partial_message =     'id-hex-partial-message';
-  NID_id_hex_partial_message =    507;
-  SN_id_hex_multipart_message =    'id-hex-multipart-message';
-  LN_id_hex_multipart_message =    'id-hex-multipart-message';
-  NID_id_hex_multipart_message =    508;
-  SN_zlib_compression =    'ZLIB';
-  LN_zlib_compression =    'zlib compression';
-  NID_zlib_compression =    125;
-  SN_aes_128_ecb =   'AES-128-ECB';
-  LN_aes_128_ecb =   'aes-128-ecb';
-  NID_aes_128_ecb =   418;
-  SN_aes_128_cbc =   'AES-128-CBC';
-  LN_aes_128_cbc =   'aes-128-cbc';
-  NID_aes_128_cbc =   419;
-  SN_aes_128_ofb128 =     'AES-128-OFB';
-  LN_aes_128_ofb128 =     'aes-128-ofb';
-  NID_aes_128_ofb128 =    420;
-  SN_aes_128_cfb128 =     'AES-128-CFB';
-  LN_aes_128_cfb128 =     'aes-128-cfb';
-  NID_aes_128_cfb128 =    421;
-  SN_id_aes128_wrap =     'id-aes128-wrap';
-  NID_id_aes128_wrap =    788;
-  SN_aes_128_gcm =   'id-aes128-GCM';
-  LN_aes_128_gcm =   'aes-128-gcm';
-  NID_aes_128_gcm =   895;
-  SN_aes_128_ccm =   'id-aes128-CCM';
-  LN_aes_128_ccm =   'aes-128-ccm';
-  NID_aes_128_ccm =   896;
-  SN_id_aes128_wrap_pad =    'id-aes128-wrap-pad';
-  NID_id_aes128_wrap_pad =   897;
-  SN_aes_192_ecb =   'AES-192-ECB';
-  LN_aes_192_ecb =   'aes-192-ecb';
-  NID_aes_192_ecb =   422;
-  SN_aes_192_cbc =   'AES-192-CBC';
-  LN_aes_192_cbc =   'aes-192-cbc';
-  NID_aes_192_cbc =   423;
-  SN_aes_192_ofb128 =     'AES-192-OFB';
-  LN_aes_192_ofb128 =     'aes-192-ofb';
-  NID_aes_192_ofb128 =    424;
-  SN_aes_192_cfb128 =     'AES-192-CFB';
-  LN_aes_192_cfb128 =     'aes-192-cfb';
-  NID_aes_192_cfb128 =    425;
-  SN_id_aes192_wrap =     'id-aes192-wrap';
-  NID_id_aes192_wrap =    789;
-  SN_aes_192_gcm =   'id-aes192-GCM';
-  LN_aes_192_gcm =   'aes-192-gcm';
-  NID_aes_192_gcm =   898;
-  SN_aes_192_ccm =   'id-aes192-CCM';
-  LN_aes_192_ccm =   'aes-192-ccm';
-  NID_aes_192_ccm =   899;
-  SN_id_aes192_wrap_pad =    'id-aes192-wrap-pad';
-  NID_id_aes192_wrap_pad =   900;
-  SN_aes_256_ecb =   'AES-256-ECB';
-  LN_aes_256_ecb =   'aes-256-ecb';
-  NID_aes_256_ecb =   426;
-  SN_aes_256_cbc =   'AES-256-CBC';
-  LN_aes_256_cbc =   'aes-256-cbc';
-  NID_aes_256_cbc =   427;
-  SN_aes_256_ofb128 =     'AES-256-OFB';
-  LN_aes_256_ofb128 =     'aes-256-ofb';
-  NID_aes_256_ofb128 =    428;
-  SN_aes_256_cfb128 =     'AES-256-CFB';
-  LN_aes_256_cfb128 =     'aes-256-cfb';
-  NID_aes_256_cfb128 =    429;
-  SN_id_aes256_wrap =     'id-aes256-wrap';
-  NID_id_aes256_wrap =    790;
-  SN_aes_256_gcm =   'id-aes256-GCM';
-  LN_aes_256_gcm =   'aes-256-gcm';
-  NID_aes_256_gcm =   901;
-  SN_aes_256_ccm =   'id-aes256-CCM';
-  LN_aes_256_ccm =   'aes-256-ccm';
-  NID_aes_256_ccm =   902;
-  SN_id_aes256_wrap_pad =    'id-aes256-wrap-pad';
-  NID_id_aes256_wrap_pad =   903;
-  SN_aes_128_xts =   'AES-128-XTS';
-  LN_aes_128_xts =   'aes-128-xts';
-  NID_aes_128_xts =   913;
-  SN_aes_256_xts =   'AES-256-XTS';
-  LN_aes_256_xts =   'aes-256-xts';
-  NID_aes_256_xts =   914;
-  SN_aes_128_cfb1 =   'AES-128-CFB1';
-  LN_aes_128_cfb1 =   'aes-128-cfb1';
-  NID_aes_128_cfb1 =     650;
-  SN_aes_192_cfb1 =   'AES-192-CFB1';
-  LN_aes_192_cfb1 =   'aes-192-cfb1';
-  NID_aes_192_cfb1 =     651;
-  SN_aes_256_cfb1 =   'AES-256-CFB1';
-  LN_aes_256_cfb1 =   'aes-256-cfb1';
-  NID_aes_256_cfb1 =     652;
-  SN_aes_128_cfb8 =   'AES-128-CFB8';
-  LN_aes_128_cfb8 =   'aes-128-cfb8';
-  NID_aes_128_cfb8 =     653;
-  SN_aes_192_cfb8 =   'AES-192-CFB8';
-  LN_aes_192_cfb8 =   'aes-192-cfb8';
-  NID_aes_192_cfb8 =     654;
-  SN_aes_256_cfb8 =   'AES-256-CFB8';
-  LN_aes_256_cfb8 =   'aes-256-cfb8';
-  NID_aes_256_cfb8 =     655;
-  SN_aes_128_ctr =   'AES-128-CTR';
-  LN_aes_128_ctr =   'aes-128-ctr';
-  NID_aes_128_ctr =   904;
-  SN_aes_192_ctr =   'AES-192-CTR';
-  LN_aes_192_ctr =   'aes-192-ctr';
-  NID_aes_192_ctr =   905;
-  SN_aes_256_ctr =   'AES-256-CTR';
-  LN_aes_256_ctr =   'aes-256-ctr';
-  NID_aes_256_ctr =   906;
-  SN_aes_128_ocb =   'AES-128-OCB';
-  LN_aes_128_ocb =   'aes-128-ocb';
-  NID_aes_128_ocb =   958;
-  SN_aes_192_ocb =   'AES-192-OCB';
-  LN_aes_192_ocb =   'aes-192-ocb';
-  NID_aes_192_ocb =   959;
-  SN_aes_256_ocb =   'AES-256-OCB';
-  LN_aes_256_ocb =   'aes-256-ocb';
-  NID_aes_256_ocb =   960;
-  SN_des_cfb1 =    'DES-CFB1';
-  LN_des_cfb1 =    'des-cfb1';
-  NID_des_cfb1 =    656;
-  SN_des_cfb8 =    'DES-CFB8';
-  LN_des_cfb8 =    'des-cfb8';
-  NID_des_cfb8 =    657;
-  SN_des_ede3_cfb1 =     'DES-EDE3-CFB1';
-  LN_des_ede3_cfb1 =     'des-ede3-cfb1';
-  NID_des_ede3_cfb1 =     658;
-  SN_des_ede3_cfb8 =     'DES-EDE3-CFB8';
-  LN_des_ede3_cfb8 =     'des-ede3-cfb8';
-  NID_des_ede3_cfb8 =     659;
-  SN_sha256 =     'SHA256';
-  LN_sha256 =     'sha256';
-  NID_sha256 =    672;
-  SN_sha384 =     'SHA384';
-  LN_sha384 =     'sha384';
-  NID_sha384 =    673;
-  SN_sha512 =     'SHA512';
-  LN_sha512 =     'sha512';
-  NID_sha512 =    674;
-  SN_sha224 =     'SHA224';
-  LN_sha224 =     'sha224';
-  NID_sha224 =    675;
-  SN_sha512_224 =    'SHA512-224';
-  LN_sha512_224 =    'sha512-224';
-  NID_sha512_224 =   1094;
-  SN_sha512_256 =    'SHA512-256';
-  LN_sha512_256 =    'sha512-256';
-  NID_sha512_256 =   1095;
-  SN_sha3_224 =    'SHA3-224';
-  LN_sha3_224 =    'sha3-224';
-  NID_sha3_224 =    1096;
-  SN_sha3_256 =    'SHA3-256';
-  LN_sha3_256 =    'sha3-256';
-  NID_sha3_256 =    1097;
-  SN_sha3_384 =    'SHA3-384';
-  LN_sha3_384 =    'sha3-384';
-  NID_sha3_384 =    1098;
-  SN_sha3_512 =    'SHA3-512';
-  LN_sha3_512 =    'sha3-512';
-  NID_sha3_512 =    1099;
-  SN_shake128 =    'SHAKE128';
-  LN_shake128 =    'shake128';
-  NID_shake128 =    1100;
-  SN_shake256 =    'SHAKE256';
-  LN_shake256 =    'shake256';
-  NID_shake256 =    1101;
-  SN_hmac_sha3_224 =     'id-hmacWithSHA3-224';
-  LN_hmac_sha3_224 =     'hmac-sha3-224';
-  NID_hmac_sha3_224 =     1102;
-  SN_hmac_sha3_256 =     'id-hmacWithSHA3-256';
-  LN_hmac_sha3_256 =     'hmac-sha3-256';
-  NID_hmac_sha3_256 =     1103;
-  SN_hmac_sha3_384 =     'id-hmacWithSHA3-384';
-  LN_hmac_sha3_384 =     'hmac-sha3-384';
-  NID_hmac_sha3_384 =     1104;
-  SN_hmac_sha3_512 =     'id-hmacWithSHA3-512';
-  LN_hmac_sha3_512 =     'hmac-sha3-512';
-  NID_hmac_sha3_512 =     1105;
-  SN_dsa_with_SHA224 =    'dsa_with_SHA224';
-  NID_dsa_with_SHA224 =    802;
-  SN_dsa_with_SHA256 =    'dsa_with_SHA256';
-  NID_dsa_with_SHA256 =    803;
-  SN_dsa_with_SHA384 =    'id-dsa-with-sha384';
-  LN_dsa_with_SHA384 =    'dsa_with_SHA384';
-  NID_dsa_with_SHA384 =    1106;
-  SN_dsa_with_SHA512 =    'id-dsa-with-sha512';
-  LN_dsa_with_SHA512 =    'dsa_with_SHA512';
-  NID_dsa_with_SHA512 =    1107;
-  SN_dsa_with_SHA3_224 =    'id-dsa-with-sha3-224';
-  LN_dsa_with_SHA3_224 =    'dsa_with_SHA3-224';
-  NID_dsa_with_SHA3_224 =    1108;
-  SN_dsa_with_SHA3_256 =    'id-dsa-with-sha3-256';
-  LN_dsa_with_SHA3_256 =    'dsa_with_SHA3-256';
-  NID_dsa_with_SHA3_256 =    1109;
-  SN_dsa_with_SHA3_384 =    'id-dsa-with-sha3-384';
-  LN_dsa_with_SHA3_384 =    'dsa_with_SHA3-384';
-  NID_dsa_with_SHA3_384 =    1110;
-  SN_dsa_with_SHA3_512 =    'id-dsa-with-sha3-512';
-  LN_dsa_with_SHA3_512 =    'dsa_with_SHA3-512';
-  NID_dsa_with_SHA3_512 =    1111;
-  SN_ecdsa_with_SHA3_224 =   'id-ecdsa-with-sha3-224';
-  LN_ecdsa_with_SHA3_224 =   'ecdsa_with_SHA3-224';
-  NID_ecdsa_with_SHA3_224 =   1112;
-  SN_ecdsa_with_SHA3_256 =   'id-ecdsa-with-sha3-256';
-  LN_ecdsa_with_SHA3_256 =   'ecdsa_with_SHA3-256';
-  NID_ecdsa_with_SHA3_256 =   1113;
-  SN_ecdsa_with_SHA3_384 =   'id-ecdsa-with-sha3-384';
-  LN_ecdsa_with_SHA3_384 =   'ecdsa_with_SHA3-384';
-  NID_ecdsa_with_SHA3_384 =   1114;
-  SN_ecdsa_with_SHA3_512 =   'id-ecdsa-with-sha3-512';
-  LN_ecdsa_with_SHA3_512 =   'ecdsa_with_SHA3-512';
-  NID_ecdsa_with_SHA3_512 =   1115;
-  SN_RSA_SHA3_224 =   'id-rsassa-pkcs1-v1_5-with-sha3-224';
-  LN_RSA_SHA3_224 =   'RSA-SHA3-224';
-  NID_RSA_SHA3_224 =     1116;
-  SN_RSA_SHA3_256 =   'id-rsassa-pkcs1-v1_5-with-sha3-256';
-  LN_RSA_SHA3_256 =   'RSA-SHA3-256';
-  NID_RSA_SHA3_256 =     1117;
-  SN_RSA_SHA3_384 =   'id-rsassa-pkcs1-v1_5-with-sha3-384';
-  LN_RSA_SHA3_384 =   'RSA-SHA3-384';
-  NID_RSA_SHA3_384 =     1118;
-  SN_RSA_SHA3_512 =   'id-rsassa-pkcs1-v1_5-with-sha3-512';
-  LN_RSA_SHA3_512 =   'RSA-SHA3-512';
-  NID_RSA_SHA3_512 =     1119;
-  SN_hold_instruction_code =     'holdInstructionCode';
-  LN_hold_instruction_code =     'Hold Instruction Code';
-  NID_hold_instruction_code =     430;
-  SN_hold_instruction_none =     'holdInstructionNone';
-  LN_hold_instruction_none =     'Hold Instruction None';
-  NID_hold_instruction_none =     431;
-  SN_hold_instruction_call_issuer =   'holdInstructionCallIssuer';
-  LN_hold_instruction_call_issuer =   'Hold Instruction Call Issuer';
-  NID_hold_instruction_call_issuer =     432;
-  SN_hold_instruction_reject =    'holdInstructionReject';
-  LN_hold_instruction_reject =    'Hold Instruction Reject';
-  NID_hold_instruction_reject =    433;
-  SN_data =   'data';
-  NID_data =     434;
-  SN_pss =   'pss';
-  NID_pss =   435;
-  SN_ucl =   'ucl';
-  NID_ucl =   436;
-  SN_pilot =     'pilot';
-  NID_pilot =     437;
-  LN_pilotAttributeType =    'pilotAttributeType';
-  NID_pilotAttributeType =   438;
-  LN_pilotAttributeSyntax =   'pilotAttributeSyntax';
-  NID_pilotAttributeSyntax =     439;
-  LN_pilotObjectClass =    'pilotObjectClass';
-  NID_pilotObjectClass =    440;
-  LN_pilotGroups =   'pilotGroups';
-  NID_pilotGroups =   441;
-  LN_iA5StringSyntax =    'iA5StringSyntax';
-  NID_iA5StringSyntax =    442;
-  LN_caseIgnoreIA5StringSyntax =    'caseIgnoreIA5StringSyntax';
-  NID_caseIgnoreIA5StringSyntax =    443;
-  LN_pilotObject =   'pilotObject';
-  NID_pilotObject =   444;
-  LN_pilotPerson =   'pilotPerson';
-  NID_pilotPerson =   445;
-  SN_account =    'account';
-  NID_account =    446;
-  SN_document =    'document';
-  NID_document =    447;
-  SN_room =   'room';
-  NID_room =     448;
-  LN_documentSeries =     'documentSeries';
-  NID_documentSeries =    449;
-  SN_Domain =     'domain';
-  LN_Domain =     'Domain';
-  NID_Domain =    392;
-  LN_rFC822localPart =    'rFC822localPart';
-  NID_rFC822localPart =    450;
-  LN_dNSDomain =    'dNSDomain';
-  NID_dNSDomain =    451;
-  LN_domainRelatedObject =   'domainRelatedObject';
-  NID_domainRelatedObject =   452;
-  LN_friendlyCountry =    'friendlyCountry';
-  NID_friendlyCountry =    453;
-  LN_simpleSecurityObject =   'simpleSecurityObject';
-  NID_simpleSecurityObject =     454;
-  LN_pilotOrganization =    'pilotOrganization';
-  NID_pilotOrganization =    455;
-  LN_pilotDSA =    'pilotDSA';
-  NID_pilotDSA =    456;
-  LN_qualityLabelledData =   'qualityLabelledData';
-  NID_qualityLabelledData =   457;
-  SN_userId =     'UID';
-  LN_userId =     'userId';
-  NID_userId =    458;
-  LN_textEncodedORAddress =   'textEncodedORAddress';
-  NID_textEncodedORAddress =     459;
-  SN_rfc822Mailbox =     'mail';
-  LN_rfc822Mailbox =     'rfc822Mailbox';
-  NID_rfc822Mailbox =     460;
-  SN_info =   'info';
-  NID_info =     461;
-  LN_favouriteDrink =     'favouriteDrink';
-  NID_favouriteDrink =    462;
-  LN_roomNumber =    'roomNumber';
-  NID_roomNumber =   463;
-  SN_photo =     'photo';
-  NID_photo =     464;
-  LN_userClass =    'userClass';
-  NID_userClass =    465;
-  SN_host =   'host';
-  NID_host =     466;
-  SN_manager =    'manager';
-  NID_manager =    467;
-  LN_documentIdentifier =    'documentIdentifier';
-  NID_documentIdentifier =   468;
-  LN_documentTitle =     'documentTitle';
-  NID_documentTitle =     469;
-  LN_documentVersion =    'documentVersion';
-  NID_documentVersion =    470;
-  LN_documentAuthor =     'documentAuthor';
-  NID_documentAuthor =    471;
-  LN_documentLocation =    'documentLocation';
-  NID_documentLocation =    472;
-  LN_homeTelephoneNumber =   'homeTelephoneNumber';
-  NID_homeTelephoneNumber =   473;
-  SN_secretary =    'secretary';
-  NID_secretary =    474;
-  LN_otherMailbox =   'otherMailbox';
-  NID_otherMailbox =     475;
-  LN_lastModifiedTime =    'lastModifiedTime';
-  NID_lastModifiedTime =    476;
-  LN_lastModifiedBy =     'lastModifiedBy';
-  NID_lastModifiedBy =    477;
-  SN_domainComponent =    'DC';
-  LN_domainComponent =    'domainComponent';
-  NID_domainComponent =    391;
-  LN_aRecord =    'aRecord';
-  NID_aRecord =    478;
-  LN_pilotAttributeType27 =   'pilotAttributeType27';
-  NID_pilotAttributeType27 =     479;
-  LN_mXRecord =    'mXRecord';
-  NID_mXRecord =    480;
-  LN_nSRecord =    'nSRecord';
-  NID_nSRecord =    481;
-  LN_sOARecord =    'sOARecord';
-  NID_sOARecord =    482;
-  LN_cNAMERecord =   'cNAMERecord';
-  NID_cNAMERecord =   483;
-  LN_associatedDomain =    'associatedDomain';
-  NID_associatedDomain =    484;
-  LN_associatedName =     'associatedName';
-  NID_associatedName =    485;
-  LN_homePostalAddress =    'homePostalAddress';
-  NID_homePostalAddress =    486;
-  LN_personalTitle =     'personalTitle';
-  NID_personalTitle =     487;
-  LN_mobileTelephoneNumber =     'mobileTelephoneNumber';
-  NID_mobileTelephoneNumber =     488;
-  LN_pagerTelephoneNumber =   'pagerTelephoneNumber';
-  NID_pagerTelephoneNumber =     489;
-  LN_friendlyCountryName =   'friendlyCountryName';
-  NID_friendlyCountryName =   490;
-  SN_uniqueIdentifier =    'uid';
-  LN_uniqueIdentifier =    'uniqueIdentifier';
-  NID_uniqueIdentifier =    102;
-  LN_organizationalStatus =   'organizationalStatus';
-  NID_organizationalStatus =     491;
-  LN_janetMailbox =   'janetMailbox';
-  NID_janetMailbox =     492;
-  LN_mailPreferenceOption =   'mailPreferenceOption';
-  NID_mailPreferenceOption =     493;
-  LN_buildingName =   'buildingName';
-  NID_buildingName =     494;
-  LN_dSAQuality =    'dSAQuality';
-  NID_dSAQuality =   495;
-  LN_singleLevelQuality =    'singleLevelQuality';
-  NID_singleLevelQuality =   496;
-  LN_subtreeMinimumQuality =     'subtreeMinimumQuality';
-  NID_subtreeMinimumQuality =     497;
-  LN_subtreeMaximumQuality =     'subtreeMaximumQuality';
-  NID_subtreeMaximumQuality =     498;
-  LN_personalSignature =    'personalSignature';
-  NID_personalSignature =    499;
-  LN_dITRedirect =   'dITRedirect';
-  NID_dITRedirect =   500;
-  SN_audio =     'audio';
-  NID_audio =     501;
-  LN_documentPublisher =    'documentPublisher';
-  NID_documentPublisher =    502;
-  SN_id_set =     'id-set';
-  LN_id_set =     'Secure Electronic Transactions';
-  NID_id_set =    512;
-  SN_set_ctype =    'set-ctype';
-  LN_set_ctype =    'content types';
-  NID_set_ctype =    513;
-  SN_set_msgExt =    'set-msgExt';
-  LN_set_msgExt =    'message extensions';
-  NID_set_msgExt =   514;
-  SN_set_attr =    'set-attr';
-  NID_set_attr =    515;
-  SN_set_policy =    'set-policy';
-  NID_set_policy =   516;
-  SN_set_certExt =   'set-certExt';
-  LN_set_certExt =   'certificate extensions';
-  NID_set_certExt =   517;
-  SN_set_brand =    'set-brand';
-  NID_set_brand =    518;
-  SN_setct_PANData =     'setct-PANData';
-  NID_setct_PANData =     519;
-  SN_setct_PANToken =     'setct-PANToken';
-  NID_setct_PANToken =    520;
-  SN_setct_PANOnly =     'setct-PANOnly';
-  NID_setct_PANOnly =     521;
-  SN_setct_OIData =   'setct-OIData';
-  NID_setct_OIData =     522;
-  SN_setct_PI =    'setct-PI';
-  NID_setct_PI =    523;
-  SN_setct_PIData =   'setct-PIData';
-  NID_setct_PIData =     524;
-  SN_setct_PIDataUnsigned =   'setct-PIDataUnsigned';
-  NID_setct_PIDataUnsigned =     525;
-  SN_setct_HODInput =     'setct-HODInput';
-  NID_setct_HODInput =    526;
-  SN_setct_AuthResBaggage =   'setct-AuthResBaggage';
-  NID_setct_AuthResBaggage =     527;
-  SN_setct_AuthRevReqBaggage =    'setct-AuthRevReqBaggage';
-  NID_setct_AuthRevReqBaggage =    528;
-  SN_setct_AuthRevResBaggage =    'setct-AuthRevResBaggage';
-  NID_setct_AuthRevResBaggage =    529;
-  SN_setct_CapTokenSeq =    'setct-CapTokenSeq';
-  NID_setct_CapTokenSeq =    530;
-  SN_setct_PInitResData =    'setct-PInitResData';
-  NID_setct_PInitResData =   531;
-  SN_setct_PI_TBS =   'setct-PI-TBS';
-  NID_setct_PI_TBS =     532;
-  SN_setct_PResData =     'setct-PResData';
-  NID_setct_PResData =    533;
-  SN_setct_AuthReqTBS =    'setct-AuthReqTBS';
-  NID_setct_AuthReqTBS =    534;
-  SN_setct_AuthResTBS =    'setct-AuthResTBS';
-  NID_setct_AuthResTBS =    535;
-  SN_setct_AuthResTBSX =    'setct-AuthResTBSX';
-  NID_setct_AuthResTBSX =    536;
-  SN_setct_AuthTokenTBS =    'setct-AuthTokenTBS';
-  NID_setct_AuthTokenTBS =   537;
-  SN_setct_CapTokenData =    'setct-CapTokenData';
-  NID_setct_CapTokenData =   538;
-  SN_setct_CapTokenTBS =    'setct-CapTokenTBS';
-  NID_setct_CapTokenTBS =    539;
-  SN_setct_AcqCardCodeMsg =   'setct-AcqCardCodeMsg';
-  NID_setct_AcqCardCodeMsg =     540;
-  SN_setct_AuthRevReqTBS =   'setct-AuthRevReqTBS';
-  NID_setct_AuthRevReqTBS =   541;
-  SN_setct_AuthRevResData =   'setct-AuthRevResData';
-  NID_setct_AuthRevResData =     542;
-  SN_setct_AuthRevResTBS =   'setct-AuthRevResTBS';
-  NID_setct_AuthRevResTBS =   543;
-  SN_setct_CapReqTBS =    'setct-CapReqTBS';
-  NID_setct_CapReqTBS =    544;
-  SN_setct_CapReqTBSX =    'setct-CapReqTBSX';
-  NID_setct_CapReqTBSX =    545;
-  SN_setct_CapResData =    'setct-CapResData';
-  NID_setct_CapResData =    546;
-  SN_setct_CapRevReqTBS =    'setct-CapRevReqTBS';
-  NID_setct_CapRevReqTBS =   547;
-  SN_setct_CapRevReqTBSX =   'setct-CapRevReqTBSX';
-  NID_setct_CapRevReqTBSX =   548;
-  SN_setct_CapRevResData =   'setct-CapRevResData';
-  NID_setct_CapRevResData =   549;
-  SN_setct_CredReqTBS =    'setct-CredReqTBS';
-  NID_setct_CredReqTBS =    550;
-  SN_setct_CredReqTBSX =    'setct-CredReqTBSX';
-  NID_setct_CredReqTBSX =    551;
-  SN_setct_CredResData =    'setct-CredResData';
-  NID_setct_CredResData =    552;
-  SN_setct_CredRevReqTBS =   'setct-CredRevReqTBS';
-  NID_setct_CredRevReqTBS =   553;
-  SN_setct_CredRevReqTBSX =   'setct-CredRevReqTBSX';
-  NID_setct_CredRevReqTBSX =     554;
-  SN_setct_CredRevResData =   'setct-CredRevResData';
-  NID_setct_CredRevResData =     555;
-  SN_setct_PCertReqData =    'setct-PCertReqData';
-  NID_setct_PCertReqData =   556;
-  SN_setct_PCertResTBS =    'setct-PCertResTBS';
-  NID_setct_PCertResTBS =    557;
-  SN_setct_BatchAdminReqData =    'setct-BatchAdminReqData';
-  NID_setct_BatchAdminReqData =    558;
-  SN_setct_BatchAdminResData =    'setct-BatchAdminResData';
-  NID_setct_BatchAdminResData =    559;
-  SN_setct_CardCInitResTBS =     'setct-CardCInitResTBS';
-  NID_setct_CardCInitResTBS =     560;
-  SN_setct_MeAqCInitResTBS =     'setct-MeAqCInitResTBS';
-  NID_setct_MeAqCInitResTBS =     561;
-  SN_setct_RegFormResTBS =   'setct-RegFormResTBS';
-  NID_setct_RegFormResTBS =   562;
-  SN_setct_CertReqData =    'setct-CertReqData';
-  NID_setct_CertReqData =    563;
-  SN_setct_CertReqTBS =    'setct-CertReqTBS';
-  NID_setct_CertReqTBS =    564;
-  SN_setct_CertResData =    'setct-CertResData';
-  NID_setct_CertResData =    565;
-  SN_setct_CertInqReqTBS =   'setct-CertInqReqTBS';
-  NID_setct_CertInqReqTBS =   566;
-  SN_setct_ErrorTBS =     'setct-ErrorTBS';
-  NID_setct_ErrorTBS =    567;
-  SN_setct_PIDualSignedTBE =     'setct-PIDualSignedTBE';
-  NID_setct_PIDualSignedTBE =     568;
-  SN_setct_PIUnsignedTBE =   'setct-PIUnsignedTBE';
-  NID_setct_PIUnsignedTBE =   569;
-  SN_setct_AuthReqTBE =    'setct-AuthReqTBE';
-  NID_setct_AuthReqTBE =    570;
-  SN_setct_AuthResTBE =    'setct-AuthResTBE';
-  NID_setct_AuthResTBE =    571;
-  SN_setct_AuthResTBEX =    'setct-AuthResTBEX';
-  NID_setct_AuthResTBEX =    572;
-  SN_setct_AuthTokenTBE =    'setct-AuthTokenTBE';
-  NID_setct_AuthTokenTBE =   573;
-  SN_setct_CapTokenTBE =    'setct-CapTokenTBE';
-  NID_setct_CapTokenTBE =    574;
-  SN_setct_CapTokenTBEX =    'setct-CapTokenTBEX';
-  NID_setct_CapTokenTBEX =   575;
-  SN_setct_AcqCardCodeMsgTBE =    'setct-AcqCardCodeMsgTBE';
-  NID_setct_AcqCardCodeMsgTBE =    576;
-  SN_setct_AuthRevReqTBE =   'setct-AuthRevReqTBE';
-  NID_setct_AuthRevReqTBE =   577;
-  SN_setct_AuthRevResTBE =   'setct-AuthRevResTBE';
-  NID_setct_AuthRevResTBE =   578;
-  SN_setct_AuthRevResTBEB =   'setct-AuthRevResTBEB';
-  NID_setct_AuthRevResTBEB =     579;
-  SN_setct_CapReqTBE =    'setct-CapReqTBE';
-  NID_setct_CapReqTBE =    580;
-  SN_setct_CapReqTBEX =    'setct-CapReqTBEX';
-  NID_setct_CapReqTBEX =    581;
-  SN_setct_CapResTBE =    'setct-CapResTBE';
-  NID_setct_CapResTBE =    582;
-  SN_setct_CapRevReqTBE =    'setct-CapRevReqTBE';
-  NID_setct_CapRevReqTBE =   583;
-  SN_setct_CapRevReqTBEX =   'setct-CapRevReqTBEX';
-  NID_setct_CapRevReqTBEX =   584;
-  SN_setct_CapRevResTBE =    'setct-CapRevResTBE';
-  NID_setct_CapRevResTBE =   585;
-  SN_setct_CredReqTBE =    'setct-CredReqTBE';
-  NID_setct_CredReqTBE =    586;
-  SN_setct_CredReqTBEX =    'setct-CredReqTBEX';
-  NID_setct_CredReqTBEX =    587;
-  SN_setct_CredResTBE =    'setct-CredResTBE';
-  NID_setct_CredResTBE =    588;
-  SN_setct_CredRevReqTBE =   'setct-CredRevReqTBE';
-  NID_setct_CredRevReqTBE =   589;
-  SN_setct_CredRevReqTBEX =   'setct-CredRevReqTBEX';
-  NID_setct_CredRevReqTBEX =     590;
-  SN_setct_CredRevResTBE =   'setct-CredRevResTBE';
-  NID_setct_CredRevResTBE =   591;
-  SN_setct_BatchAdminReqTBE =     'setct-BatchAdminReqTBE';
-  NID_setct_BatchAdminReqTBE =    592;
-  SN_setct_BatchAdminResTBE =     'setct-BatchAdminResTBE';
-  NID_setct_BatchAdminResTBE =    593;
-  SN_setct_RegFormReqTBE =   'setct-RegFormReqTBE';
-  NID_setct_RegFormReqTBE =   594;
-  SN_setct_CertReqTBE =    'setct-CertReqTBE';
-  NID_setct_CertReqTBE =    595;
-  SN_setct_CertReqTBEX =    'setct-CertReqTBEX';
-  NID_setct_CertReqTBEX =    596;
-  SN_setct_CertResTBE =    'setct-CertResTBE';
-  NID_setct_CertResTBE =    597;
-  SN_setct_CRLNotificationTBS =    'setct-CRLNotificationTBS';
-  NID_setct_CRLNotificationTBS =    598;
-  SN_setct_CRLNotificationResTBS =   'setct-CRLNotificationResTBS';
-  NID_setct_CRLNotificationResTBS =   599;
-  SN_setct_BCIDistributionTBS =    'setct-BCIDistributionTBS';
-  NID_setct_BCIDistributionTBS =    600;
-  SN_setext_genCrypt =    'setext-genCrypt';
-  LN_setext_genCrypt =    'generic cryptogram';
-  NID_setext_genCrypt =    601;
-  SN_setext_miAuth =     'setext-miAuth';
-  LN_setext_miAuth =     'merchant initiated auth';
-  NID_setext_miAuth =     602;
-  SN_setext_pinSecure =    'setext-pinSecure';
-  NID_setext_pinSecure =    603;
-  SN_setext_pinAny =     'setext-pinAny';
-  NID_setext_pinAny =     604;
-  SN_setext_track2 =     'setext-track2';
-  NID_setext_track2 =     605;
-  SN_setext_cv =    'setext-cv';
-  LN_setext_cv =    'additional verification';
-  NID_setext_cv =    606;
-  SN_set_policy_root =    'set-policy-root';
-  NID_set_policy_root =    607;
-  SN_setCext_hashedRoot =    'setCext-hashedRoot';
-  NID_setCext_hashedRoot =   608;
-  SN_setCext_certType =    'setCext-certType';
-  NID_setCext_certType =    609;
-  SN_setCext_merchData =    'setCext-merchData';
-  NID_setCext_merchData =    610;
-  SN_setCext_cCertRequired =     'setCext-cCertRequired';
-  NID_setCext_cCertRequired =     611;
-  SN_setCext_tunneling =    'setCext-tunneling';
-  NID_setCext_tunneling =    612;
-  SN_setCext_setExt =     'setCext-setExt';
-  NID_setCext_setExt =    613;
-  SN_setCext_setQualf =    'setCext-setQualf';
-  NID_setCext_setQualf =    614;
-  SN_setCext_PGWYcapabilities =    'setCext-PGWYcapabilities';
-  NID_setCext_PGWYcapabilities =    615;
-  SN_setCext_TokenIdentifier =    'setCext-TokenIdentifier';
-  NID_setCext_TokenIdentifier =    616;
-  SN_setCext_Track2Data =    'setCext-Track2Data';
-  NID_setCext_Track2Data =   617;
-  SN_setCext_TokenType =    'setCext-TokenType';
-  NID_setCext_TokenType =    618;
-  SN_setCext_IssuerCapabilities =    'setCext-IssuerCapabilities';
-  NID_setCext_IssuerCapabilities =   619;
-  SN_setAttr_Cert =   'setAttr-Cert';
-  NID_setAttr_Cert =     620;
-  SN_setAttr_PGWYcap =    'setAttr-PGWYcap';
-  LN_setAttr_PGWYcap =    'payment gateway capabilities';
-  NID_setAttr_PGWYcap =    621;
-  SN_setAttr_TokenType =    'setAttr-TokenType';
-  NID_setAttr_TokenType =    622;
-  SN_setAttr_IssCap =     'setAttr-IssCap';
-  LN_setAttr_IssCap =     'issuer capabilities';
-  NID_setAttr_IssCap =    623;
-  SN_set_rootKeyThumb =    'set-rootKeyThumb';
-  NID_set_rootKeyThumb =    624;
-  SN_set_addPolicy =     'set-addPolicy';
-  NID_set_addPolicy =     625;
-  SN_setAttr_Token_EMV =    'setAttr-Token-EMV';
-  NID_setAttr_Token_EMV =    626;
-  SN_setAttr_Token_B0Prime =     'setAttr-Token-B0Prime';
-  NID_setAttr_Token_B0Prime =     627;
-  SN_setAttr_IssCap_CVM =    'setAttr-IssCap-CVM';
-  NID_setAttr_IssCap_CVM =   628;
-  SN_setAttr_IssCap_T2 =    'setAttr-IssCap-T2';
-  NID_setAttr_IssCap_T2 =    629;
-  SN_setAttr_IssCap_Sig =    'setAttr-IssCap-Sig';
-  NID_setAttr_IssCap_Sig =   630;
-  SN_setAttr_GenCryptgrm =   'setAttr-GenCryptgrm';
-  LN_setAttr_GenCryptgrm =   'generate cryptogram';
-  NID_setAttr_GenCryptgrm =   631;
-  SN_setAttr_T2Enc =     'setAttr-T2Enc';
-  LN_setAttr_T2Enc =     'encrypted track 2';
-  NID_setAttr_T2Enc =     632;
-  SN_setAttr_T2cleartxt =    'setAttr-T2cleartxt';
-  LN_setAttr_T2cleartxt =    'cleartext track 2';
-  NID_setAttr_T2cleartxt =   633;
-  SN_setAttr_TokICCsig =    'setAttr-TokICCsig';
-  LN_setAttr_TokICCsig =    'ICC or token signature';
-  NID_setAttr_TokICCsig =    634;
-  SN_setAttr_SecDevSig =    'setAttr-SecDevSig';
-  LN_setAttr_SecDevSig =    'secure device signature';
-  NID_setAttr_SecDevSig =    635;
-  SN_set_brand_IATA_ATA =    'set-brand-IATA-ATA';
-  NID_set_brand_IATA_ATA =   636;
-  SN_set_brand_Diners =    'set-brand-Diners';
-  NID_set_brand_Diners =    637;
-  SN_set_brand_AmericanExpress =    'set-brand-AmericanExpress';
-  NID_set_brand_AmericanExpress =    638;
-  SN_set_brand_JCB =     'set-brand-JCB';
-  NID_set_brand_JCB =     639;
-  SN_set_brand_Visa =     'set-brand-Visa';
-  NID_set_brand_Visa =    640;
-  SN_set_brand_MasterCard =   'set-brand-MasterCard';
-  NID_set_brand_MasterCard =     641;
-  SN_set_brand_Novus =    'set-brand-Novus';
-  NID_set_brand_Novus =    642;
-  SN_des_cdmf =    'DES-CDMF';
-  LN_des_cdmf =    'des-cdmf';
-  NID_des_cdmf =    643;
-  SN_rsaOAEPEncryptionSET =   'rsaOAEPEncryptionSET';
-  NID_rsaOAEPEncryptionSET =     644;
-  SN_ipsec3 =     'Oakley-EC2N-3';
-  LN_ipsec3 =     'ipsec3';
-  NID_ipsec3 =    749;
-  SN_ipsec4 =     'Oakley-EC2N-4';
-  LN_ipsec4 =     'ipsec4';
-  NID_ipsec4 =    750;
-  SN_whirlpool =    'whirlpool';
-  NID_whirlpool =    804;
-  SN_cryptopro =    'cryptopro';
-  NID_cryptopro =    805;
-  SN_cryptocom =    'cryptocom';
-  NID_cryptocom =    806;
-  SN_id_tc26 =    'id-tc26';
-  NID_id_tc26 =    974;
-  SN_id_GostR3411_94_with_GostR3410_2001 =   'id-GostR3411-94-with-GostR3410-2001';
-  LN_id_GostR3411_94_with_GostR3410_2001 =   'GOST R 34.11-94 with GOST R 34.10-2001';
-  NID_id_GostR3411_94_with_GostR3410_2001 =   807;
-  SN_id_GostR3411_94_with_GostR3410_94 =    'id-GostR3411-94-with-GostR3410-94';
-  LN_id_GostR3411_94_with_GostR3410_94 =    'GOST R 34.11-94 with GOST R 34.10-94';
-  NID_id_GostR3411_94_with_GostR3410_94 =    808;
-  SN_id_GostR3411_94 =    'md_gost94';
-  LN_id_GostR3411_94 =    'GOST R 34.11-94';
-  NID_id_GostR3411_94 =    809;
-  SN_id_HMACGostR3411_94 =   'id-HMACGostR3411-94';
-  LN_id_HMACGostR3411_94 =   'HMAC GOST 34.11-94';
-  NID_id_HMACGostR3411_94 =   810;
-  SN_id_GostR3410_2001 =    'gost2001';
-  LN_id_GostR3410_2001 =    'GOST R 34.10-2001';
-  NID_id_GostR3410_2001 =    811;
-  SN_id_GostR3410_94 =    'gost94';
-  LN_id_GostR3410_94 =    'GOST R 34.10-94';
-  NID_id_GostR3410_94 =    812;
-  SN_id_Gost28147_89 =    'gost89';
-  LN_id_Gost28147_89 =    'GOST 28147-89';
-  NID_id_Gost28147_89 =    813;
-  SN_gost89_cnt =    'gost89-cnt';
-  NID_gost89_cnt =   814;
-  SN_gost89_cnt_12 =     'gost89-cnt-12';
-  NID_gost89_cnt_12 =     975;
-  SN_gost89_cbc =    'gost89-cbc';
-  NID_gost89_cbc =   1009;
-  SN_gost89_ecb =    'gost89-ecb';
-  NID_gost89_ecb =   1010;
-  SN_gost89_ctr =    'gost89-ctr';
-  NID_gost89_ctr =   1011;
-  SN_id_Gost28147_89_MAC =   'gost-mac';
-  LN_id_Gost28147_89_MAC =   'GOST 28147-89 MAC';
-  NID_id_Gost28147_89_MAC =   815;
-  SN_gost_mac_12 =   'gost-mac-12';
-  NID_gost_mac_12 =   976;
-  SN_id_GostR3411_94_prf =   'prf-gostr3411-94';
-  LN_id_GostR3411_94_prf =   'GOST R 34.11-94 PRF';
-  NID_id_GostR3411_94_prf =   816;
-  SN_id_GostR3410_2001DH =   'id-GostR3410-2001DH';
-  LN_id_GostR3410_2001DH =   'GOST R 34.10-2001 DH';
-  NID_id_GostR3410_2001DH =   817;
-  SN_id_GostR3410_94DH =    'id-GostR3410-94DH';
-  LN_id_GostR3410_94DH =    'GOST R 34.10-94 DH';
-  NID_id_GostR3410_94DH =    818;
-  SN_id_Gost28147_89_CryptoPro_KeyMeshing =   'id-Gost28147-89-CryptoPro-KeyMeshing';
-  NID_id_Gost28147_89_CryptoPro_KeyMeshing =     819;
-  SN_id_Gost28147_89_None_KeyMeshing =    'id-Gost28147-89-None-KeyMeshing';
-  NID_id_Gost28147_89_None_KeyMeshing =    820;
-  SN_id_GostR3411_94_TestParamSet =   'id-GostR3411-94-TestParamSet';
-  NID_id_GostR3411_94_TestParamSet =     821;
-  SN_id_GostR3411_94_CryptoProParamSet =    'id-GostR3411-94-CryptoProParamSet';
-  NID_id_GostR3411_94_CryptoProParamSet =    822;
-  SN_id_Gost28147_89_TestParamSet =   'id-Gost28147-89-TestParamSet';
-  NID_id_Gost28147_89_TestParamSet =     823;
-  SN_id_Gost28147_89_CryptoPro_A_ParamSet =   'id-Gost28147-89-CryptoPro-A-ParamSet';
-  NID_id_Gost28147_89_CryptoPro_A_ParamSet =     824;
-  SN_id_Gost28147_89_CryptoPro_B_ParamSet =   'id-Gost28147-89-CryptoPro-B-ParamSet';
-  NID_id_Gost28147_89_CryptoPro_B_ParamSet =     825;
-  SN_id_Gost28147_89_CryptoPro_C_ParamSet =   'id-Gost28147-89-CryptoPro-C-ParamSet';
-  NID_id_Gost28147_89_CryptoPro_C_ParamSet =     826;
-  SN_id_Gost28147_89_CryptoPro_D_ParamSet =   'id-Gost28147-89-CryptoPro-D-ParamSet';
-  NID_id_Gost28147_89_CryptoPro_D_ParamSet =     827;
-  SN_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet =   'id-Gost28147-89-CryptoPro-Oscar-1-1-ParamSet';
-  NID_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet =     828;
-  SN_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet =   'id-Gost28147-89-CryptoPro-Oscar-1-0-ParamSet';
-  NID_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet =     829;
-  SN_id_Gost28147_89_CryptoPro_RIC_1_ParamSet =    'id-Gost28147-89-CryptoPro-RIC-1-ParamSet';
-  NID_id_Gost28147_89_CryptoPro_RIC_1_ParamSet =    830;
-  SN_id_GostR3410_94_TestParamSet =   'id-GostR3410-94-TestParamSet';
-  NID_id_GostR3410_94_TestParamSet =     831;
-  SN_id_GostR3410_94_CryptoPro_A_ParamSet =   'id-GostR3410-94-CryptoPro-A-ParamSet';
-  NID_id_GostR3410_94_CryptoPro_A_ParamSet =     832;
-  SN_id_GostR3410_94_CryptoPro_B_ParamSet =   'id-GostR3410-94-CryptoPro-B-ParamSet';
-  NID_id_GostR3410_94_CryptoPro_B_ParamSet =     833;
-  SN_id_GostR3410_94_CryptoPro_C_ParamSet =   'id-GostR3410-94-CryptoPro-C-ParamSet';
-  NID_id_GostR3410_94_CryptoPro_C_ParamSet =     834;
-  SN_id_GostR3410_94_CryptoPro_D_ParamSet =   'id-GostR3410-94-CryptoPro-D-ParamSet';
-  NID_id_GostR3410_94_CryptoPro_D_ParamSet =     835;
-  SN_id_GostR3410_94_CryptoPro_XchA_ParamSet =    'id-GostR3410-94-CryptoPro-XchA-ParamSet';
-  NID_id_GostR3410_94_CryptoPro_XchA_ParamSet =    836;
-  SN_id_GostR3410_94_CryptoPro_XchB_ParamSet =    'id-GostR3410-94-CryptoPro-XchB-ParamSet';
-  NID_id_GostR3410_94_CryptoPro_XchB_ParamSet =    837;
-  SN_id_GostR3410_94_CryptoPro_XchC_ParamSet =    'id-GostR3410-94-CryptoPro-XchC-ParamSet';
-  NID_id_GostR3410_94_CryptoPro_XchC_ParamSet =    838;
-  SN_id_GostR3410_2001_TestParamSet =     'id-GostR3410-2001-TestParamSet';
-  NID_id_GostR3410_2001_TestParamSet =    839;
-  SN_id_GostR3410_2001_CryptoPro_A_ParamSet =     'id-GostR3410-2001-CryptoPro-A-ParamSet';
-  NID_id_GostR3410_2001_CryptoPro_A_ParamSet =    840;
-  SN_id_GostR3410_2001_CryptoPro_B_ParamSet =     'id-GostR3410-2001-CryptoPro-B-ParamSet';
-  NID_id_GostR3410_2001_CryptoPro_B_ParamSet =    841;
-  SN_id_GostR3410_2001_CryptoPro_C_ParamSet =     'id-GostR3410-2001-CryptoPro-C-ParamSet';
-  NID_id_GostR3410_2001_CryptoPro_C_ParamSet =    842;
-  SN_id_GostR3410_2001_CryptoPro_XchA_ParamSet =    'id-GostR3410-2001-CryptoPro-XchA-ParamSet';
-  NID_id_GostR3410_2001_CryptoPro_XchA_ParamSet =    843;
-  SN_id_GostR3410_2001_CryptoPro_XchB_ParamSet =    'id-GostR3410-2001-CryptoPro-XchB-ParamSet';
-  NID_id_GostR3410_2001_CryptoPro_XchB_ParamSet =    844;
-  SN_id_GostR3410_94_a =    'id-GostR3410-94-a';
-  NID_id_GostR3410_94_a =    845;
-  SN_id_GostR3410_94_aBis =   'id-GostR3410-94-aBis';
-  NID_id_GostR3410_94_aBis =     846;
-  SN_id_GostR3410_94_b =    'id-GostR3410-94-b';
-  NID_id_GostR3410_94_b =    847;
-  SN_id_GostR3410_94_bBis =   'id-GostR3410-94-bBis';
-  NID_id_GostR3410_94_bBis =     848;
-  SN_id_Gost28147_89_cc =    'id-Gost28147-89-cc';
-  LN_id_Gost28147_89_cc =    'GOST 28147-89 Cryptocom ParamSet';
-  NID_id_Gost28147_89_cc =   849;
-  SN_id_GostR3410_94_cc =    'gost94cc';
-  LN_id_GostR3410_94_cc =    'GOST 34.10-94 Cryptocom';
-  NID_id_GostR3410_94_cc =   850;
-  SN_id_GostR3410_2001_cc =   'gost2001cc';
-  LN_id_GostR3410_2001_cc =   'GOST 34.10-2001 Cryptocom';
-  NID_id_GostR3410_2001_cc =     851;
-  SN_id_GostR3411_94_with_GostR3410_94_cc =   'id-GostR3411-94-with-GostR3410-94-cc';
-  LN_id_GostR3411_94_with_GostR3410_94_cc =   'GOST R 34.11-94 with GOST R 34.10-94 Cryptocom';
-  NID_id_GostR3411_94_with_GostR3410_94_cc =     852;
-  SN_id_GostR3411_94_with_GostR3410_2001_cc =     'id-GostR3411-94-with-GostR3410-2001-cc';
-  LN_id_GostR3411_94_with_GostR3410_2001_cc =     'GOST R 34.11-94 with GOST R 34.10-2001 Cryptocom';
-  NID_id_GostR3411_94_with_GostR3410_2001_cc =    853;
-  SN_id_GostR3410_2001_ParamSet_cc =     'id-GostR3410-2001-ParamSet-cc';
-  LN_id_GostR3410_2001_ParamSet_cc =     'GOST R 3410-2001 Parameter Set Cryptocom';
-  NID_id_GostR3410_2001_ParamSet_cc =     854;
-  SN_id_tc26_algorithms =    'id-tc26-algorithms';
-  NID_id_tc26_algorithms =   977;
-  SN_id_tc26_sign =   'id-tc26-sign';
-  NID_id_tc26_sign =     978;
-  SN_id_GostR3410_2012_256 =     'gost2012_256';
-  LN_id_GostR3410_2012_256 =     'GOST R 34.10-2012 with 256 bit modulus';
-  NID_id_GostR3410_2012_256 =     979;
-  SN_id_GostR3410_2012_512 =     'gost2012_512';
-  LN_id_GostR3410_2012_512 =     'GOST R 34.10-2012 with 512 bit modulus';
-  NID_id_GostR3410_2012_512 =     980;
-  SN_id_tc26_digest =     'id-tc26-digest';
-  NID_id_tc26_digest =    981;
-  SN_id_GostR3411_2012_256 =     'md_gost12_256';
-  LN_id_GostR3411_2012_256 =     'GOST R 34.11-2012 with 256 bit hash';
-  NID_id_GostR3411_2012_256 =     982;
-  SN_id_GostR3411_2012_512 =     'md_gost12_512';
-  LN_id_GostR3411_2012_512 =     'GOST R 34.11-2012 with 512 bit hash';
-  NID_id_GostR3411_2012_512 =     983;
-  SN_id_tc26_signwithdigest =     'id-tc26-signwithdigest';
-  NID_id_tc26_signwithdigest =    984;
-  SN_id_tc26_signwithdigest_gost3410_2012_256 =    'id-tc26-signwithdigest-gost3410-2012-256';
-  LN_id_tc26_signwithdigest_gost3410_2012_256 =    'GOST R 34.10-2012 with GOST R 34.11-2012(256 bit)';
-  NID_id_tc26_signwithdigest_gost3410_2012_256 =    985;
-  SN_id_tc26_signwithdigest_gost3410_2012_512 =    'id-tc26-signwithdigest-gost3410-2012-512';
-  LN_id_tc26_signwithdigest_gost3410_2012_512 =    'GOST R 34.10-2012 with GOST R 34.11-2012(512 bit)';
-  NID_id_tc26_signwithdigest_gost3410_2012_512 =    986;
-  SN_id_tc26_mac =   'id-tc26-mac';
-  NID_id_tc26_mac =   987;
-  SN_id_tc26_hmac_gost_3411_2012_256 =    'id-tc26-hmac-gost-3411-2012-256';
-  LN_id_tc26_hmac_gost_3411_2012_256 =    'HMAC GOST 34.11-2012 256 bit';
-  NID_id_tc26_hmac_gost_3411_2012_256 =    988;
-  SN_id_tc26_hmac_gost_3411_2012_512 =    'id-tc26-hmac-gost-3411-2012-512';
-  LN_id_tc26_hmac_gost_3411_2012_512 =    'HMAC GOST 34.11-2012 512 bit';
-  NID_id_tc26_hmac_gost_3411_2012_512 =    989;
-  SN_id_tc26_cipher =     'id-tc26-cipher';
-  NID_id_tc26_cipher =    990;
-  SN_id_tc26_cipher_gostr3412_2015_magma =   'id-tc26-cipher-gostr3412-2015-magma';
-  NID_id_tc26_cipher_gostr3412_2015_magma =   1173;
-  SN_id_tc26_cipher_gostr3412_2015_magma_ctracpkm =   'id-tc26-cipher-gostr3412-2015-magma-ctracpkm';
-  NID_id_tc26_cipher_gostr3412_2015_magma_ctracpkm =     1174;
-  SN_id_tc26_cipher_gostr3412_2015_magma_ctracpkm_omac =    'id-tc26-cipher-gostr3412-2015-magma-ctracpkm-omac';
-  NID_id_tc26_cipher_gostr3412_2015_magma_ctracpkm_omac =    1175;
-  SN_id_tc26_cipher_gostr3412_2015_kuznyechik =    'id-tc26-cipher-gostr3412-2015-kuznyechik';
-  NID_id_tc26_cipher_gostr3412_2015_kuznyechik =    1176;
-  SN_id_tc26_cipher_gostr3412_2015_kuznyechik_ctracpkm =    'id-tc26-cipher-gostr3412-2015-kuznyechik-ctracpkm';
-  NID_id_tc26_cipher_gostr3412_2015_kuznyechik_ctracpkm =    1177;
-  SN_id_tc26_cipher_gostr3412_2015_kuznyechik_ctracpkm_omac =     'id-tc26-cipher-gostr3412-2015-kuznyechik-ctracpkm-omac';
-  NID_id_tc26_cipher_gostr3412_2015_kuznyechik_ctracpkm_omac =    1178;
-  SN_id_tc26_agreement =    'id-tc26-agreement';
-  NID_id_tc26_agreement =    991;
-  SN_id_tc26_agreement_gost_3410_2012_256 =   'id-tc26-agreement-gost-3410-2012-256';
-  NID_id_tc26_agreement_gost_3410_2012_256 =     992;
-  SN_id_tc26_agreement_gost_3410_2012_512 =   'id-tc26-agreement-gost-3410-2012-512';
-  NID_id_tc26_agreement_gost_3410_2012_512 =     993;
-  SN_id_tc26_wrap =   'id-tc26-wrap';
-  NID_id_tc26_wrap =     1179;
-  SN_id_tc26_wrap_gostr3412_2015_magma =    'id-tc26-wrap-gostr3412-2015-magma';
-  NID_id_tc26_wrap_gostr3412_2015_magma =    1180;
-  SN_id_tc26_wrap_gostr3412_2015_magma_kexp15 =    'id-tc26-wrap-gostr3412-2015-magma-kexp15';
-  NID_id_tc26_wrap_gostr3412_2015_magma_kexp15 =    1181;
-  SN_id_tc26_wrap_gostr3412_2015_kuznyechik =     'id-tc26-wrap-gostr3412-2015-kuznyechik';
-  NID_id_tc26_wrap_gostr3412_2015_kuznyechik =    1182;
-  SN_id_tc26_wrap_gostr3412_2015_kuznyechik_kexp15 =     'id-tc26-wrap-gostr3412-2015-kuznyechik-kexp15';
-  NID_id_tc26_wrap_gostr3412_2015_kuznyechik_kexp15 =     1183;
-  SN_id_tc26_constants =    'id-tc26-constants';
-  NID_id_tc26_constants =    994;
-  SN_id_tc26_sign_constants =     'id-tc26-sign-constants';
-  NID_id_tc26_sign_constants =    995;
-  SN_id_tc26_gost_3410_2012_256_constants =   'id-tc26-gost-3410-2012-256-constants';
-  NID_id_tc26_gost_3410_2012_256_constants =     1147;
-  SN_id_tc26_gost_3410_2012_256_paramSetA =   'id-tc26-gost-3410-2012-256-paramSetA';
-  LN_id_tc26_gost_3410_2012_256_paramSetA =   'GOST R 34.10-2012(256 bit)ParamSet A';
-  NID_id_tc26_gost_3410_2012_256_paramSetA =     1148;
-  SN_id_tc26_gost_3410_2012_256_paramSetB =   'id-tc26-gost-3410-2012-256-paramSetB';
-  LN_id_tc26_gost_3410_2012_256_paramSetB =   'GOST R 34.10-2012(256 bit)ParamSet B';
-  NID_id_tc26_gost_3410_2012_256_paramSetB =     1184;
-  SN_id_tc26_gost_3410_2012_256_paramSetC =   'id-tc26-gost-3410-2012-256-paramSetC';
-  LN_id_tc26_gost_3410_2012_256_paramSetC =   'GOST R 34.10-2012(256 bit)ParamSet C';
-  NID_id_tc26_gost_3410_2012_256_paramSetC =     1185;
-  SN_id_tc26_gost_3410_2012_256_paramSetD =   'id-tc26-gost-3410-2012-256-paramSetD';
-  LN_id_tc26_gost_3410_2012_256_paramSetD =   'GOST R 34.10-2012(256 bit)ParamSet D';
-  NID_id_tc26_gost_3410_2012_256_paramSetD =     1186;
-  SN_id_tc26_gost_3410_2012_512_constants =   'id-tc26-gost-3410-2012-512-constants';
-  NID_id_tc26_gost_3410_2012_512_constants =     996;
-  SN_id_tc26_gost_3410_2012_512_paramSetTest =    'id-tc26-gost-3410-2012-512-paramSetTest';
-  LN_id_tc26_gost_3410_2012_512_paramSetTest =    'GOST R 34.10-2012(512 bit)testing parameter set';
-  NID_id_tc26_gost_3410_2012_512_paramSetTest =    997;
-  SN_id_tc26_gost_3410_2012_512_paramSetA =   'id-tc26-gost-3410-2012-512-paramSetA';
-  LN_id_tc26_gost_3410_2012_512_paramSetA =   'GOST R 34.10-2012(512 bit)ParamSet A';
-  NID_id_tc26_gost_3410_2012_512_paramSetA =     998;
-  SN_id_tc26_gost_3410_2012_512_paramSetB =   'id-tc26-gost-3410-2012-512-paramSetB';
-  LN_id_tc26_gost_3410_2012_512_paramSetB =   'GOST R 34.10-2012(512 bit)ParamSet B';
-  NID_id_tc26_gost_3410_2012_512_paramSetB =     999;
-  SN_id_tc26_gost_3410_2012_512_paramSetC =   'id-tc26-gost-3410-2012-512-paramSetC';
-  LN_id_tc26_gost_3410_2012_512_paramSetC =   'GOST R 34.10-2012(512 bit)ParamSet C';
-  NID_id_tc26_gost_3410_2012_512_paramSetC =     1149;
-  SN_id_tc26_digest_constants =    'id-tc26-digest-constants';
-  NID_id_tc26_digest_constants =    1000;
-  SN_id_tc26_cipher_constants =    'id-tc26-cipher-constants';
-  NID_id_tc26_cipher_constants =    1001;
-  SN_id_tc26_gost_28147_constants =   'id-tc26-gost-28147-constants';
-  NID_id_tc26_gost_28147_constants =     1002;
-  SN_id_tc26_gost_28147_param_Z =    'id-tc26-gost-28147-param-Z';
-  LN_id_tc26_gost_28147_param_Z =    'GOST 28147-89 TC26 parameter set';
-  NID_id_tc26_gost_28147_param_Z =   1003;
-  SN_INN =   'INN';
-  LN_INN =   'INN';
-  NID_INN =   1004;
-  SN_OGRN =   'OGRN';
-  LN_OGRN =   'OGRN';
-  NID_OGRN =     1005;
-  SN_SNILS =     'SNILS';
-  LN_SNILS =     'SNILS';
-  NID_SNILS =     1006;
-  SN_subjectSignTool =    'subjectSignTool';
-  LN_subjectSignTool =    'Signing Tool of Subject';
-  NID_subjectSignTool =    1007;
-  SN_issuerSignTool =     'issuerSignTool';
-  LN_issuerSignTool =     'Signing Tool of Issuer';
-  NID_issuerSignTool =    1008;
-  SN_grasshopper_ecb =    'grasshopper-ecb';
-  NID_grasshopper_ecb =    1012;
-  SN_grasshopper_ctr =    'grasshopper-ctr';
-  NID_grasshopper_ctr =    1013;
-  SN_grasshopper_ofb =    'grasshopper-ofb';
-  NID_grasshopper_ofb =    1014;
-  SN_grasshopper_cbc =    'grasshopper-cbc';
-  NID_grasshopper_cbc =    1015;
-  SN_grasshopper_cfb =    'grasshopper-cfb';
-  NID_grasshopper_cfb =    1016;
-  SN_grasshopper_mac =    'grasshopper-mac';
-  NID_grasshopper_mac =    1017;
-  SN_magma_ecb =    'magma-ecb';
-  NID_magma_ecb =    1187;
-  SN_magma_ctr =    'magma-ctr';
-  NID_magma_ctr =    1188;
-  SN_magma_ofb =    'magma-ofb';
-  NID_magma_ofb =    1189;
-  SN_magma_cbc =    'magma-cbc';
-  NID_magma_cbc =    1190;
-  SN_magma_cfb =    'magma-cfb';
-  NID_magma_cfb =    1191;
-  SN_magma_mac =    'magma-mac';
-  NID_magma_mac =    1192;
-  SN_camellia_128_cbc =    'CAMELLIA-128-CBC';
-  LN_camellia_128_cbc =    'camellia-128-cbc';
-  NID_camellia_128_cbc =    751;
-  SN_camellia_192_cbc =    'CAMELLIA-192-CBC';
-  LN_camellia_192_cbc =    'camellia-192-cbc';
-  NID_camellia_192_cbc =    752;
-  SN_camellia_256_cbc =    'CAMELLIA-256-CBC';
-  LN_camellia_256_cbc =    'camellia-256-cbc';
-  NID_camellia_256_cbc =    753;
-  SN_id_camellia128_wrap =   'id-camellia128-wrap';
-  NID_id_camellia128_wrap =   907;
-  SN_id_camellia192_wrap =   'id-camellia192-wrap';
-  NID_id_camellia192_wrap =   908;
-  SN_id_camellia256_wrap =   'id-camellia256-wrap';
-  NID_id_camellia256_wrap =   909;
-  SN_camellia_128_ecb =    'CAMELLIA-128-ECB';
-  LN_camellia_128_ecb =    'camellia-128-ecb';
-  NID_camellia_128_ecb =    754;
-  SN_camellia_128_ofb128 =   'CAMELLIA-128-OFB';
-  LN_camellia_128_ofb128 =   'camellia-128-ofb';
-  NID_camellia_128_ofb128 =   766;
-  SN_camellia_128_cfb128 =   'CAMELLIA-128-CFB';
-  LN_camellia_128_cfb128 =   'camellia-128-cfb';
-  NID_camellia_128_cfb128 =   757;
-  SN_camellia_128_gcm =    'CAMELLIA-128-GCM';
-  LN_camellia_128_gcm =    'camellia-128-gcm';
-  NID_camellia_128_gcm =    961;
-  SN_camellia_128_ccm =    'CAMELLIA-128-CCM';
-  LN_camellia_128_ccm =    'camellia-128-ccm';
-  NID_camellia_128_ccm =    962;
-  SN_camellia_128_ctr =    'CAMELLIA-128-CTR';
-  LN_camellia_128_ctr =    'camellia-128-ctr';
-  NID_camellia_128_ctr =    963;
-  SN_camellia_128_cmac =    'CAMELLIA-128-CMAC';
-  LN_camellia_128_cmac =    'camellia-128-cmac';
-  NID_camellia_128_cmac =    964;
-  SN_camellia_192_ecb =    'CAMELLIA-192-ECB';
-  LN_camellia_192_ecb =    'camellia-192-ecb';
-  NID_camellia_192_ecb =    755;
-  SN_camellia_192_ofb128 =   'CAMELLIA-192-OFB';
-  LN_camellia_192_ofb128 =   'camellia-192-ofb';
-  NID_camellia_192_ofb128 =   767;
-  SN_camellia_192_cfb128 =   'CAMELLIA-192-CFB';
-  LN_camellia_192_cfb128 =   'camellia-192-cfb';
-  NID_camellia_192_cfb128 =   758;
-  SN_camellia_192_gcm =    'CAMELLIA-192-GCM';
-  LN_camellia_192_gcm =    'camellia-192-gcm';
-  NID_camellia_192_gcm =    965;
-  SN_camellia_192_ccm =    'CAMELLIA-192-CCM';
-  LN_camellia_192_ccm =    'camellia-192-ccm';
-  NID_camellia_192_ccm =    966;
-  SN_camellia_192_ctr =    'CAMELLIA-192-CTR';
-  LN_camellia_192_ctr =    'camellia-192-ctr';
-  NID_camellia_192_ctr =    967;
-  SN_camellia_192_cmac =    'CAMELLIA-192-CMAC';
-  LN_camellia_192_cmac =    'camellia-192-cmac';
-  NID_camellia_192_cmac =    968;
-  SN_camellia_256_ecb =    'CAMELLIA-256-ECB';
-  LN_camellia_256_ecb =    'camellia-256-ecb';
-  NID_camellia_256_ecb =    756;
-  SN_camellia_256_ofb128 =   'CAMELLIA-256-OFB';
-  LN_camellia_256_ofb128 =   'camellia-256-ofb';
-  NID_camellia_256_ofb128 =   768;
-  SN_camellia_256_cfb128 =   'CAMELLIA-256-CFB';
-  LN_camellia_256_cfb128 =   'camellia-256-cfb';
-  NID_camellia_256_cfb128 =   759;
-  SN_camellia_256_gcm =    'CAMELLIA-256-GCM';
-  LN_camellia_256_gcm =    'camellia-256-gcm';
-  NID_camellia_256_gcm =    969;
-  SN_camellia_256_ccm =    'CAMELLIA-256-CCM';
-  LN_camellia_256_ccm =    'camellia-256-ccm';
-  NID_camellia_256_ccm =    970;
-  SN_camellia_256_ctr =    'CAMELLIA-256-CTR';
-  LN_camellia_256_ctr =    'camellia-256-ctr';
-  NID_camellia_256_ctr =    971;
-  SN_camellia_256_cmac =    'CAMELLIA-256-CMAC';
-  LN_camellia_256_cmac =    'camellia-256-cmac';
-  NID_camellia_256_cmac =    972;
-  SN_camellia_128_cfb1 =    'CAMELLIA-128-CFB1';
-  LN_camellia_128_cfb1 =    'camellia-128-cfb1';
-  NID_camellia_128_cfb1 =    760;
-  SN_camellia_192_cfb1 =    'CAMELLIA-192-CFB1';
-  LN_camellia_192_cfb1 =    'camellia-192-cfb1';
-  NID_camellia_192_cfb1 =    761;
-  SN_camellia_256_cfb1 =    'CAMELLIA-256-CFB1';
-  LN_camellia_256_cfb1 =    'camellia-256-cfb1';
-  NID_camellia_256_cfb1 =    762;
-  SN_camellia_128_cfb8 =    'CAMELLIA-128-CFB8';
-  LN_camellia_128_cfb8 =    'camellia-128-cfb8';
-  NID_camellia_128_cfb8 =    763;
-  SN_camellia_192_cfb8 =    'CAMELLIA-192-CFB8';
-  LN_camellia_192_cfb8 =    'camellia-192-cfb8';
-  NID_camellia_192_cfb8 =    764;
-  SN_camellia_256_cfb8 =    'CAMELLIA-256-CFB8';
-  LN_camellia_256_cfb8 =    'camellia-256-cfb8';
-  NID_camellia_256_cfb8 =    765;
-  SN_aria_128_ecb =   'ARIA-128-ECB';
-  LN_aria_128_ecb =   'aria-128-ecb';
-  NID_aria_128_ecb =     1065;
-  SN_aria_128_cbc =   'ARIA-128-CBC';
-  LN_aria_128_cbc =   'aria-128-cbc';
-  NID_aria_128_cbc =     1066;
-  SN_aria_128_cfb128 =    'ARIA-128-CFB';
-  LN_aria_128_cfb128 =    'aria-128-cfb';
-  NID_aria_128_cfb128 =    1067;
-  SN_aria_128_ofb128 =    'ARIA-128-OFB';
-  LN_aria_128_ofb128 =    'aria-128-ofb';
-  NID_aria_128_ofb128 =    1068;
-  SN_aria_128_ctr =   'ARIA-128-CTR';
-  LN_aria_128_ctr =   'aria-128-ctr';
-  NID_aria_128_ctr =     1069;
-  SN_aria_192_ecb =   'ARIA-192-ECB';
-  LN_aria_192_ecb =   'aria-192-ecb';
-  NID_aria_192_ecb =     1070;
-  SN_aria_192_cbc =   'ARIA-192-CBC';
-  LN_aria_192_cbc =   'aria-192-cbc';
-  NID_aria_192_cbc =     1071;
-  SN_aria_192_cfb128 =    'ARIA-192-CFB';
-  LN_aria_192_cfb128 =    'aria-192-cfb';
-  NID_aria_192_cfb128 =    1072;
-  SN_aria_192_ofb128 =    'ARIA-192-OFB';
-  LN_aria_192_ofb128 =    'aria-192-ofb';
-  NID_aria_192_ofb128 =    1073;
-  SN_aria_192_ctr =   'ARIA-192-CTR';
-  LN_aria_192_ctr =   'aria-192-ctr';
-  NID_aria_192_ctr =     1074;
-  SN_aria_256_ecb =   'ARIA-256-ECB';
-  LN_aria_256_ecb =   'aria-256-ecb';
-  NID_aria_256_ecb =     1075;
-  SN_aria_256_cbc =   'ARIA-256-CBC';
-  LN_aria_256_cbc =   'aria-256-cbc';
-  NID_aria_256_cbc =     1076;
-  SN_aria_256_cfb128 =    'ARIA-256-CFB';
-  LN_aria_256_cfb128 =    'aria-256-cfb';
-  NID_aria_256_cfb128 =    1077;
-  SN_aria_256_ofb128 =    'ARIA-256-OFB';
-  LN_aria_256_ofb128 =    'aria-256-ofb';
-  NID_aria_256_ofb128 =    1078;
-  SN_aria_256_ctr =   'ARIA-256-CTR';
-  LN_aria_256_ctr =   'aria-256-ctr';
-  NID_aria_256_ctr =     1079;
-  SN_aria_128_cfb1 =     'ARIA-128-CFB1';
-  LN_aria_128_cfb1 =     'aria-128-cfb1';
-  NID_aria_128_cfb1 =     1080;
-  SN_aria_192_cfb1 =     'ARIA-192-CFB1';
-  LN_aria_192_cfb1 =     'aria-192-cfb1';
-  NID_aria_192_cfb1 =     1081;
-  SN_aria_256_cfb1 =     'ARIA-256-CFB1';
-  LN_aria_256_cfb1 =     'aria-256-cfb1';
-  NID_aria_256_cfb1 =     1082;
-  SN_aria_128_cfb8 =     'ARIA-128-CFB8';
-  LN_aria_128_cfb8 =     'aria-128-cfb8';
-  NID_aria_128_cfb8 =     1083;
-  SN_aria_192_cfb8 =     'ARIA-192-CFB8';
-  LN_aria_192_cfb8 =     'aria-192-cfb8';
-  NID_aria_192_cfb8 =     1084;
-  SN_aria_256_cfb8 =     'ARIA-256-CFB8';
-  LN_aria_256_cfb8 =     'aria-256-cfb8';
-  NID_aria_256_cfb8 =     1085;
-  SN_aria_128_ccm =   'ARIA-128-CCM';
-  LN_aria_128_ccm =   'aria-128-ccm';
-  NID_aria_128_ccm =     1120;
-  SN_aria_192_ccm =   'ARIA-192-CCM';
-  LN_aria_192_ccm =   'aria-192-ccm';
-  NID_aria_192_ccm =     1121;
-  SN_aria_256_ccm =   'ARIA-256-CCM';
-  LN_aria_256_ccm =   'aria-256-ccm';
-  NID_aria_256_ccm =     1122;
-  SN_aria_128_gcm =   'ARIA-128-GCM';
-  LN_aria_128_gcm =   'aria-128-gcm';
-  NID_aria_128_gcm =     1123;
-  SN_aria_192_gcm =   'ARIA-192-GCM';
-  LN_aria_192_gcm =   'aria-192-gcm';
-  NID_aria_192_gcm =     1124;
-  SN_aria_256_gcm =   'ARIA-256-GCM';
-  LN_aria_256_gcm =   'aria-256-gcm';
-  NID_aria_256_gcm =     1125;
-  SN_kisa =   'KISA';
-  LN_kisa =   'kisa';
-  NID_kisa =     773;
-  SN_seed_ecb =    'SEED-ECB';
-  LN_seed_ecb =    'seed-ecb';
-  NID_seed_ecb =    776;
-  SN_seed_cbc =    'SEED-CBC';
-  LN_seed_cbc =    'seed-cbc';
-  NID_seed_cbc =    777;
-  SN_seed_cfb128 =   'SEED-CFB';
-  LN_seed_cfb128 =   'seed-cfb';
-  NID_seed_cfb128 =   779;
-  SN_seed_ofb128 =   'SEED-OFB';
-  LN_seed_ofb128 =   'seed-ofb';
-  NID_seed_ofb128 =   778;
-  SN_sm4_ecb =    'SM4-ECB';
-  LN_sm4_ecb =    'sm4-ecb';
-  NID_sm4_ecb =    1133;
-  SN_sm4_cbc =    'SM4-CBC';
-  LN_sm4_cbc =    'sm4-cbc';
-  NID_sm4_cbc =    1134;
-  SN_sm4_ofb128 =    'SM4-OFB';
-  LN_sm4_ofb128 =    'sm4-ofb';
-  NID_sm4_ofb128 =   1135;
-  SN_sm4_cfb128 =    'SM4-CFB';
-  LN_sm4_cfb128 =    'sm4-cfb';
-  NID_sm4_cfb128 =   1137;
-  SN_sm4_cfb1 =    'SM4-CFB1';
-  LN_sm4_cfb1 =    'sm4-cfb1';
-  NID_sm4_cfb1 =    1136;
-  SN_sm4_cfb8 =    'SM4-CFB8';
-  LN_sm4_cfb8 =    'sm4-cfb8';
-  NID_sm4_cfb8 =    1138;
-  SN_sm4_ctr =    'SM4-CTR';
-  LN_sm4_ctr =    'sm4-ctr';
-  NID_sm4_ctr =    1139;
-  SN_hmac =   'HMAC';
-  LN_hmac =   'hmac';
-  NID_hmac =     855;
-  SN_cmac =   'CMAC';
-  LN_cmac =   'cmac';
-  NID_cmac =     894;
-  SN_rc4_hmac_md5 =   'RC4-HMAC-MD5';
-  LN_rc4_hmac_md5 =   'rc4-hmac-md5';
-  NID_rc4_hmac_md5 =     915;
-  SN_aes_128_cbc_hmac_sha1 =     'AES-128-CBC-HMAC-SHA1';
-  LN_aes_128_cbc_hmac_sha1 =     'aes-128-cbc-hmac-sha1';
-  NID_aes_128_cbc_hmac_sha1 =     916;
-  SN_aes_192_cbc_hmac_sha1 =     'AES-192-CBC-HMAC-SHA1';
-  LN_aes_192_cbc_hmac_sha1 =     'aes-192-cbc-hmac-sha1';
-  NID_aes_192_cbc_hmac_sha1 =     917;
-  SN_aes_256_cbc_hmac_sha1 =     'AES-256-CBC-HMAC-SHA1';
-  LN_aes_256_cbc_hmac_sha1 =     'aes-256-cbc-hmac-sha1';
-  NID_aes_256_cbc_hmac_sha1 =     918;
-  SN_aes_128_cbc_hmac_sha256 =    'AES-128-CBC-HMAC-SHA256';
-  LN_aes_128_cbc_hmac_sha256 =    'aes-128-cbc-hmac-sha256';
-  NID_aes_128_cbc_hmac_sha256 =    948;
-  SN_aes_192_cbc_hmac_sha256 =    'AES-192-CBC-HMAC-SHA256';
-  LN_aes_192_cbc_hmac_sha256 =    'aes-192-cbc-hmac-sha256';
-  NID_aes_192_cbc_hmac_sha256 =    949;
-  SN_aes_256_cbc_hmac_sha256 =    'AES-256-CBC-HMAC-SHA256';
-  LN_aes_256_cbc_hmac_sha256 =    'aes-256-cbc-hmac-sha256';
-  NID_aes_256_cbc_hmac_sha256 =    950;
-  SN_chacha20_poly1305 =    'ChaCha20-Poly1305';
-  LN_chacha20_poly1305 =    'chacha20-poly1305';
-  NID_chacha20_poly1305 =    1018;
-  SN_chacha20 =    'ChaCha20';
-  LN_chacha20 =    'chacha20';
-  NID_chacha20 =    1019;
-  SN_dhpublicnumber =     'dhpublicnumber';
-  LN_dhpublicnumber =     'X9.42 DH';
-  NID_dhpublicnumber =    920;
-  SN_brainpoolP160r1 =    'brainpoolP160r1';
-  NID_brainpoolP160r1 =    921;
-  SN_brainpoolP160t1 =    'brainpoolP160t1';
-  NID_brainpoolP160t1 =    922;
-  SN_brainpoolP192r1 =    'brainpoolP192r1';
-  NID_brainpoolP192r1 =    923;
-  SN_brainpoolP192t1 =    'brainpoolP192t1';
-  NID_brainpoolP192t1 =    924;
-  SN_brainpoolP224r1 =    'brainpoolP224r1';
-  NID_brainpoolP224r1 =    925;
-  SN_brainpoolP224t1 =    'brainpoolP224t1';
-  NID_brainpoolP224t1 =    926;
-  SN_brainpoolP256r1 =    'brainpoolP256r1';
-  NID_brainpoolP256r1 =    927;
-  SN_brainpoolP256t1 =    'brainpoolP256t1';
-  NID_brainpoolP256t1 =    928;
-  SN_brainpoolP320r1 =    'brainpoolP320r1';
-  NID_brainpoolP320r1 =    929;
-  SN_brainpoolP320t1 =    'brainpoolP320t1';
-  NID_brainpoolP320t1 =    930;
-  SN_brainpoolP384r1 =    'brainpoolP384r1';
-  NID_brainpoolP384r1 =    931;
-  SN_brainpoolP384t1 =    'brainpoolP384t1';
-  NID_brainpoolP384t1 =    932;
-  SN_brainpoolP512r1 =    'brainpoolP512r1';
-  NID_brainpoolP512r1 =    933;
-  SN_brainpoolP512t1 =    'brainpoolP512t1';
-  NID_brainpoolP512t1 =    934;
-  SN_dhSinglePass_stdDH_sha1kdf_scheme =    'dhSinglePass-stdDH-sha1kdf-scheme';
-  NID_dhSinglePass_stdDH_sha1kdf_scheme =    936;
-  SN_dhSinglePass_stdDH_sha224kdf_scheme =   'dhSinglePass-stdDH-sha224kdf-scheme';
-  NID_dhSinglePass_stdDH_sha224kdf_scheme =   937;
-  SN_dhSinglePass_stdDH_sha256kdf_scheme =   'dhSinglePass-stdDH-sha256kdf-scheme';
-  NID_dhSinglePass_stdDH_sha256kdf_scheme =   938;
-  SN_dhSinglePass_stdDH_sha384kdf_scheme =   'dhSinglePass-stdDH-sha384kdf-scheme';
-  NID_dhSinglePass_stdDH_sha384kdf_scheme =   939;
-  SN_dhSinglePass_stdDH_sha512kdf_scheme =   'dhSinglePass-stdDH-sha512kdf-scheme';
-  NID_dhSinglePass_stdDH_sha512kdf_scheme =   940;
-  SN_dhSinglePass_cofactorDH_sha1kdf_scheme =     'dhSinglePass-cofactorDH-sha1kdf-scheme';
-  NID_dhSinglePass_cofactorDH_sha1kdf_scheme =    941;
-  SN_dhSinglePass_cofactorDH_sha224kdf_scheme =    'dhSinglePass-cofactorDH-sha224kdf-scheme';
-  NID_dhSinglePass_cofactorDH_sha224kdf_scheme =    942;
-  SN_dhSinglePass_cofactorDH_sha256kdf_scheme =    'dhSinglePass-cofactorDH-sha256kdf-scheme';
-  NID_dhSinglePass_cofactorDH_sha256kdf_scheme =    943;
-  SN_dhSinglePass_cofactorDH_sha384kdf_scheme =    'dhSinglePass-cofactorDH-sha384kdf-scheme';
-  NID_dhSinglePass_cofactorDH_sha384kdf_scheme =    944;
-  SN_dhSinglePass_cofactorDH_sha512kdf_scheme =    'dhSinglePass-cofactorDH-sha512kdf-scheme';
-  NID_dhSinglePass_cofactorDH_sha512kdf_scheme =    945;
-  SN_dh_std_kdf =    'dh-std-kdf';
-  NID_dh_std_kdf =   946;
-  SN_dh_cofactor_kdf =    'dh-cofactor-kdf';
-  NID_dh_cofactor_kdf =    947;
-  SN_ct_precert_scts =    'ct_precert_scts';
-  LN_ct_precert_scts =    'CT Precertificate SCTs';
-  NID_ct_precert_scts =    951;
-  SN_ct_precert_poison =    'ct_precert_poison';
-  LN_ct_precert_poison =    'CT Precertificate Poison';
-  NID_ct_precert_poison =    952;
-  SN_ct_precert_signer =    'ct_precert_signer';
-  LN_ct_precert_signer =    'CT Precertificate Signer';
-  NID_ct_precert_signer =    953;
-  SN_ct_cert_scts =   'ct_cert_scts';
-  LN_ct_cert_scts =   'CT Certificate SCTs';
-  NID_ct_cert_scts =     954;
-  SN_jurisdictionLocalityName =    'jurisdictionL';
-  LN_jurisdictionLocalityName =    'jurisdictionLocalityName';
-  NID_jurisdictionLocalityName =    955;
-  SN_jurisdictionStateOrProvinceName =    'jurisdictionST';
-  LN_jurisdictionStateOrProvinceName =    'jurisdictionStateOrProvinceName';
-  NID_jurisdictionStateOrProvinceName =    956;
-  SN_jurisdictionCountryName =    'jurisdictionC';
-  LN_jurisdictionCountryName =    'jurisdictionCountryName';
-  NID_jurisdictionCountryName =    957;
-  SN_id_scrypt =    'id-scrypt';
-  LN_id_scrypt =    'scrypt';
-  NID_id_scrypt =    973;
-  SN_tls1_prf =    'TLS1-PRF';
-  LN_tls1_prf =    'tls1-prf';
-  NID_tls1_prf =    1021;
-  SN_hkdf =   'HKDF';
-  LN_hkdf =   'hkdf';
-  NID_hkdf =     1036;
-  SN_id_pkinit =    'id-pkinit';
-  NID_id_pkinit =    1031;
-  SN_pkInitClientAuth =    'pkInitClientAuth';
-  LN_pkInitClientAuth =    'PKINIT Client Auth';
-  NID_pkInitClientAuth =    1032;
-  SN_pkInitKDC =    'pkInitKDC';
-  LN_pkInitKDC =    'Signing KDC Response';
-  NID_pkInitKDC =    1033;
-  SN_X25519 =     'X25519';
-  NID_X25519 =    1034;
-  SN_X448 =   'X448';
-  NID_X448 =     1035;
-  SN_ED25519 =    'ED25519';
-  NID_ED25519 =    1087;
-  SN_ED448 =     'ED448';
-  NID_ED448 =     1088;
-  SN_kx_rsa =     'KxRSA';
-  LN_kx_rsa =     'kx-rsa';
-  NID_kx_rsa =    1037;
-  SN_kx_ecdhe =    'KxECDHE';
-  LN_kx_ecdhe =    'kx-ecdhe';
-  NID_kx_ecdhe =    1038;
-  SN_kx_dhe =     'KxDHE';
-  LN_kx_dhe =     'kx-dhe';
-  NID_kx_dhe =    1039;
-  SN_kx_ecdhe_psk =   'KxECDHE-PSK';
-  LN_kx_ecdhe_psk =   'kx-ecdhe-psk';
-  NID_kx_ecdhe_psk =     1040;
-  SN_kx_dhe_psk =    'KxDHE-PSK';
-  LN_kx_dhe_psk =    'kx-dhe-psk';
-  NID_kx_dhe_psk =   1041;
-  SN_kx_rsa_psk =    'KxRSA_PSK';
-  LN_kx_rsa_psk =    'kx-rsa-psk';
-  NID_kx_rsa_psk =   1042;
-  SN_kx_psk =     'KxPSK';
-  LN_kx_psk =     'kx-psk';
-  NID_kx_psk =    1043;
-  SN_kx_srp =     'KxSRP';
-  LN_kx_srp =     'kx-srp';
-  NID_kx_srp =    1044;
-  SN_kx_gost =    'KxGOST';
-  LN_kx_gost =    'kx-gost';
-  NID_kx_gost =    1045;
-  SN_kx_any =     'KxANY';
-  LN_kx_any =     'kx-any';
-  NID_kx_any =    1063;
-  SN_auth_rsa =    'AuthRSA';
-  LN_auth_rsa =    'auth-rsa';
-  NID_auth_rsa =    1046;
-  SN_auth_ecdsa =    'AuthECDSA';
-  LN_auth_ecdsa =    'auth-ecdsa';
-  NID_auth_ecdsa =   1047;
-  SN_auth_psk =    'AuthPSK';
-  LN_auth_psk =    'auth-psk';
-  NID_auth_psk =    1048;
-  SN_auth_dss =    'AuthDSS';
-  LN_auth_dss =    'auth-dss';
-  NID_auth_dss =    1049;
-  SN_auth_gost01 =   'AuthGOST01';
-  LN_auth_gost01 =   'auth-gost01';
-  NID_auth_gost01 =   1050;
-  SN_auth_gost12 =   'AuthGOST12';
-  LN_auth_gost12 =   'auth-gost12';
-  NID_auth_gost12 =   1051;
-  SN_auth_srp =    'AuthSRP';
-  LN_auth_srp =    'auth-srp';
-  NID_auth_srp =    1052;
-  SN_auth_null =    'AuthNULL';
-  LN_auth_null =    'auth-null';
-  NID_auth_null =    1053;
-  SN_auth_any =    'AuthANY';
-  LN_auth_any =    'auth-any';
-  NID_auth_any =    1064;
-  SN_poly1305 =    'Poly1305';
-  LN_poly1305 =    'poly1305';
-  NID_poly1305 =    1061;
-  SN_siphash =    'SipHash';
-  LN_siphash =    'siphash';
-  NID_siphash =    1062;
-  SN_ffdhe2048 =    'ffdhe2048';
-  NID_ffdhe2048 =    1126;
-  SN_ffdhe3072 =    'ffdhe3072';
-  NID_ffdhe3072 =    1127;
-  SN_ffdhe4096 =    'ffdhe4096';
-  NID_ffdhe4096 =    1128;
-  SN_ffdhe6144 =    'ffdhe6144';
-  NID_ffdhe6144 =    1129;
-  SN_ffdhe8192 =    'ffdhe8192';
-  NID_ffdhe8192 =    1130;
-  SN_ISO_UA =     'ISO-UA';
-  NID_ISO_UA =    1150;
-  SN_ua_pki =     'ua-pki';
-  NID_ua_pki =    1151;
-  SN_dstu28147 =    'dstu28147';
-  LN_dstu28147 =    'DSTU Gost 28147-2009';
-  NID_dstu28147 =    1152;
-  SN_dstu28147_ofb =     'dstu28147-ofb';
-  LN_dstu28147_ofb =     'DSTU Gost 28147-2009 OFB mode';
-  NID_dstu28147_ofb =     1153;
-  SN_dstu28147_cfb =     'dstu28147-cfb';
-  LN_dstu28147_cfb =     'DSTU Gost 28147-2009 CFB mode';
-  NID_dstu28147_cfb =     1154;
-  SN_dstu28147_wrap =     'dstu28147-wrap';
-  LN_dstu28147_wrap =     'DSTU Gost 28147-2009 key wrap';
-  NID_dstu28147_wrap =    1155;
-  SN_hmacWithDstu34311 =    'hmacWithDstu34311';
-  LN_hmacWithDstu34311 =    'HMAC DSTU Gost 34311-95';
-  NID_hmacWithDstu34311 =    1156;
-  SN_dstu34311 =    'dstu34311';
-  LN_dstu34311 =    'DSTU Gost 34311-95';
-  NID_dstu34311 =    1157;
-  SN_dstu4145le =    'dstu4145le';
-  LN_dstu4145le =    'DSTU 4145-2002 little endian';
-  NID_dstu4145le =   1158;
-  SN_dstu4145be =    'dstu4145be';
-  LN_dstu4145be =    'DSTU 4145-2002 big endian';
-  NID_dstu4145be =   1159;
-  SN_uacurve0 =    'uacurve0';
-  LN_uacurve0 =    'DSTU curve 0';
-  NID_uacurve0 =    1160;
-  SN_uacurve1 =    'uacurve1';
-  LN_uacurve1 =    'DSTU curve 1';
-  NID_uacurve1 =    1161;
-  SN_uacurve2 =    'uacurve2';
-  LN_uacurve2 =    'DSTU curve 2';
-  NID_uacurve2 =    1162;
-  SN_uacurve3 =    'uacurve3';
-  LN_uacurve3 =    'DSTU curve 3';
-  NID_uacurve3 =    1163;
-  SN_uacurve4 =    'uacurve4';
-  LN_uacurve4 =    'DSTU curve 4';
-  NID_uacurve4 =    1164;
-  SN_uacurve5 =    'uacurve5';
-  LN_uacurve5 =    'DSTU curve 5';
-  NID_uacurve5 =    1165;
-  SN_uacurve6 =    'uacurve6';
-  LN_uacurve6 =    'DSTU curve 6';
-  NID_uacurve6 =    1166;
-  SN_uacurve7 =    'uacurve7';
-  LN_uacurve7 =    'DSTU curve 7';
-  NID_uacurve7 =    1167;
-  SN_uacurve8 =    'uacurve8';
-  LN_uacurve8 =    'DSTU curve 8';
-  NID_uacurve8 =    1168;
-  SN_uacurve9 =    'uacurve9';
-  LN_uacurve9 =    'DSTU curve 9';
-  NID_uacurve9 =    1169;
+  SN_undef = AnsiString('UNDEF');
+  LN_undef = AnsiString('undefined');
+  NID_undef = 0;
+
+  SN_itu_t = AnsiString('ITU-T');
+  LN_itu_t = AnsiString('itu-t');
+  NID_itu_t = 645;
+
+  NID_ccitt = 404;
+
+  SN_iso = AnsiString('ISO');
+  LN_iso = AnsiString('iso');
+  NID_iso = 181;
+
+  SN_joint_iso_itu_t = AnsiString('JOINT-ISO-ITU-T');
+  LN_joint_iso_itu_t = AnsiString('joint-iso-itu-t');
+  NID_joint_iso_itu_t = 646;
+
+  NID_joint_iso_ccitt = 393;
+
+  SN_member_body = AnsiString('member-body');
+  LN_member_body = AnsiString('ISO Member Body');
+  NID_member_body = 182;
+
+  SN_identified_organization = AnsiString('identified-organization');
+  NID_identified_organization = 676;
+
+  SN_hmac_md5 = AnsiString('HMAC-MD5');
+  LN_hmac_md5 = AnsiString('hmac-md5');
+  NID_hmac_md5 = 780;
+
+  SN_hmac_sha1 = AnsiString('HMAC-SHA1');
+  LN_hmac_sha1 = AnsiString('hmac-sha1');
+  NID_hmac_sha1 = 781;
+
+  SN_x509ExtAdmission = AnsiString('x509ExtAdmission');
+  LN_x509ExtAdmission = AnsiString('Professional Information or basis for Admission');
+  NID_x509ExtAdmission = 1093;
+
+  SN_certicom_arc = AnsiString('certicom-arc');
+  NID_certicom_arc = 677;
+
+  SN_ieee = AnsiString('ieee');
+  NID_ieee = 1170;
+
+  SN_ieee_siswg = AnsiString('ieee-siswg');
+  LN_ieee_siswg = AnsiString('IEEE Security in Storage Working Group');
+  NID_ieee_siswg = 1171;
+
+  SN_international_organizations = AnsiString('international-organizations');
+  LN_international_organizations = AnsiString('International Organizations');
+  NID_international_organizations = 647;
+
+  SN_wap = AnsiString('wap');
+  NID_wap = 678;
+
+  SN_wap_wsg = AnsiString('wap-wsg');
+  NID_wap_wsg = 679;
+
+  SN_selected_attribute_types = AnsiString('selected-attribute-types');
+  LN_selected_attribute_types = AnsiString('Selected Attribute Types');
+  NID_selected_attribute_types = 394;
+
+  SN_clearance = AnsiString('clearance');
+  NID_clearance = 395;
+
+  SN_ISO_US = AnsiString('ISO-US');
+  LN_ISO_US = AnsiString('ISO US Member Body');
+  NID_ISO_US = 183;
+
+  SN_X9_57 = AnsiString('X9-57');
+  LN_X9_57 = AnsiString('X9.57');
+  NID_X9_57 = 184;
+
+  SN_X9cm = AnsiString('X9cm');
+  LN_X9cm = AnsiString('X9.57 CM ?');
+  NID_X9cm = 185;
+
+  SN_ISO_CN = AnsiString('ISO-CN');
+  LN_ISO_CN = AnsiString('ISO CN Member Body');
+  NID_ISO_CN = 1140;
+
+  SN_oscca = AnsiString('oscca');
+  NID_oscca = 1141;
+
+  SN_sm_scheme = AnsiString('sm-scheme');
+  NID_sm_scheme = 1142;
+
+  SN_dsa = AnsiString('DSA');
+  LN_dsa = AnsiString('dsaEncryption');
+  NID_dsa = 116;
+
+  SN_dsaWithSHA1 = AnsiString('DSA-SHA1');
+  LN_dsaWithSHA1 = AnsiString('dsaWithSHA1');
+  NID_dsaWithSHA1 = 113;
+
+  SN_ansi_X9_62 = AnsiString('ansi-X9-62');
+  LN_ansi_X9_62 = AnsiString('ANSI X9.62');
+  NID_ansi_X9_62 = 405;
+
+  SN_X9_62_prime_field = AnsiString('prime-field');
+  NID_X9_62_prime_field = 406;
+
+  SN_X9_62_characteristic_two_field = AnsiString('characteristic-two-field');
+  NID_X9_62_characteristic_two_field = 407;
+
+  SN_X9_62_id_characteristic_two_basis = AnsiString('id-characteristic-two-basis');
+  NID_X9_62_id_characteristic_two_basis = 680;
+
+  SN_X9_62_onBasis = AnsiString('onBasis');
+  NID_X9_62_onBasis = 681;
+
+  SN_X9_62_tpBasis = AnsiString('tpBasis');
+  NID_X9_62_tpBasis = 682;
+
+  SN_X9_62_ppBasis = AnsiString('ppBasis');
+  NID_X9_62_ppBasis = 683;
+
+  SN_X9_62_id_ecPublicKey = AnsiString('id-ecPublicKey');
+  NID_X9_62_id_ecPublicKey = 408;
+
+  SN_X9_62_c2pnb163v1 = AnsiString('c2pnb163v1');
+  NID_X9_62_c2pnb163v1 = 684;
+
+  SN_X9_62_c2pnb163v2 = AnsiString('c2pnb163v2');
+  NID_X9_62_c2pnb163v2 = 685;
+
+  SN_X9_62_c2pnb163v3 = AnsiString('c2pnb163v3');
+  NID_X9_62_c2pnb163v3 = 686;
+
+  SN_X9_62_c2pnb176v1 = AnsiString('c2pnb176v1');
+  NID_X9_62_c2pnb176v1 = 687;
+
+  SN_X9_62_c2tnb191v1 = AnsiString('c2tnb191v1');
+  NID_X9_62_c2tnb191v1 = 688;
+
+  SN_X9_62_c2tnb191v2 = AnsiString('c2tnb191v2');
+  NID_X9_62_c2tnb191v2 = 689;
+
+  SN_X9_62_c2tnb191v3 = AnsiString('c2tnb191v3');
+  NID_X9_62_c2tnb191v3 = 690;
+
+  SN_X9_62_c2onb191v4 = AnsiString('c2onb191v4');
+  NID_X9_62_c2onb191v4 = 691;
+
+  SN_X9_62_c2onb191v5 = AnsiString('c2onb191v5');
+  NID_X9_62_c2onb191v5 = 692;
+
+  SN_X9_62_c2pnb208w1 = AnsiString('c2pnb208w1');
+  NID_X9_62_c2pnb208w1 = 693;
+
+  SN_X9_62_c2tnb239v1 = AnsiString('c2tnb239v1');
+  NID_X9_62_c2tnb239v1 = 694;
+
+  SN_X9_62_c2tnb239v2 = AnsiString('c2tnb239v2');
+  NID_X9_62_c2tnb239v2 = 695;
+
+  SN_X9_62_c2tnb239v3 = AnsiString('c2tnb239v3');
+  NID_X9_62_c2tnb239v3 = 696;
+
+  SN_X9_62_c2onb239v4 = AnsiString('c2onb239v4');
+  NID_X9_62_c2onb239v4 = 697;
+
+  SN_X9_62_c2onb239v5 = AnsiString('c2onb239v5');
+  NID_X9_62_c2onb239v5 = 698;
+
+  SN_X9_62_c2pnb272w1 = AnsiString('c2pnb272w1');
+  NID_X9_62_c2pnb272w1 = 699;
+
+  SN_X9_62_c2pnb304w1 = AnsiString('c2pnb304w1');
+  NID_X9_62_c2pnb304w1 = 700;
+
+  SN_X9_62_c2tnb359v1 = AnsiString('c2tnb359v1');
+  NID_X9_62_c2tnb359v1 = 701;
+
+  SN_X9_62_c2pnb368w1 = AnsiString('c2pnb368w1');
+  NID_X9_62_c2pnb368w1 = 702;
+
+  SN_X9_62_c2tnb431r1 = AnsiString('c2tnb431r1');
+  NID_X9_62_c2tnb431r1 = 703;
+
+  SN_X9_62_prime192v1 = AnsiString('prime192v1');
+  NID_X9_62_prime192v1 = 409;
+
+  SN_X9_62_prime192v2 = AnsiString('prime192v2');
+  NID_X9_62_prime192v2 = 410;
+
+  SN_X9_62_prime192v3 = AnsiString('prime192v3');
+  NID_X9_62_prime192v3 = 411;
+
+  SN_X9_62_prime239v1 = AnsiString('prime239v1');
+  NID_X9_62_prime239v1 = 412;
+
+  SN_X9_62_prime239v2 = AnsiString('prime239v2');
+  NID_X9_62_prime239v2 = 413;
+
+  SN_X9_62_prime239v3 = AnsiString('prime239v3');
+  NID_X9_62_prime239v3 = 414;
+
+  SN_X9_62_prime256v1 = AnsiString('prime256v1');
+  NID_X9_62_prime256v1 = 415;
+
+  SN_ecdsa_with_SHA1 = AnsiString('ecdsa-with-SHA1');
+  NID_ecdsa_with_SHA1 = 416;
+
+  SN_ecdsa_with_Recommended = AnsiString('ecdsa-with-Recommended');
+  NID_ecdsa_with_Recommended = 791;
+
+  SN_ecdsa_with_Specified = AnsiString('ecdsa-with-Specified');
+  NID_ecdsa_with_Specified = 792;
+
+  SN_ecdsa_with_SHA224 = AnsiString('ecdsa-with-SHA224');
+  NID_ecdsa_with_SHA224 = 793;
+
+  SN_ecdsa_with_SHA256 = AnsiString('ecdsa-with-SHA256');
+  NID_ecdsa_with_SHA256 = 794;
+
+  SN_ecdsa_with_SHA384 = AnsiString('ecdsa-with-SHA384');
+  NID_ecdsa_with_SHA384 = 795;
+
+  SN_ecdsa_with_SHA512 = AnsiString('ecdsa-with-SHA512');
+  NID_ecdsa_with_SHA512 = 796;
+
+  SN_secp112r1 = AnsiString('secp112r1');
+  NID_secp112r1 = 704;
+
+  SN_secp112r2 = AnsiString('secp112r2');
+  NID_secp112r2 = 705;
+
+  SN_secp128r1 = AnsiString('secp128r1');
+  NID_secp128r1 = 706;
+
+  SN_secp128r2 = AnsiString('secp128r2');
+  NID_secp128r2 = 707;
+
+  SN_secp160k1 = AnsiString('secp160k1');
+  NID_secp160k1 = 708;
+
+  SN_secp160r1 = AnsiString('secp160r1');
+  NID_secp160r1 = 709;
+
+  SN_secp160r2 = AnsiString('secp160r2');
+  NID_secp160r2 = 710;
+
+  SN_secp192k1 = AnsiString('secp192k1');
+  NID_secp192k1 = 711;
+
+  SN_secp224k1 = AnsiString('secp224k1');
+  NID_secp224k1 = 712;
+
+  SN_secp224r1 = AnsiString('secp224r1');
+  NID_secp224r1 = 713;
+
+  SN_secp256k1 = AnsiString('secp256k1');
+  NID_secp256k1 = 714;
+
+  SN_secp384r1 = AnsiString('secp384r1');
+  NID_secp384r1 = 715;
+
+  SN_secp521r1 = AnsiString('secp521r1');
+  NID_secp521r1 = 716;
+
+  SN_sect113r1 = AnsiString('sect113r1');
+  NID_sect113r1 = 717;
+
+  SN_sect113r2 = AnsiString('sect113r2');
+  NID_sect113r2 = 718;
+
+  SN_sect131r1 = AnsiString('sect131r1');
+  NID_sect131r1 = 719;
+
+  SN_sect131r2 = AnsiString('sect131r2');
+  NID_sect131r2 = 720;
+
+  SN_sect163k1 = AnsiString('sect163k1');
+  NID_sect163k1 = 721;
+
+  SN_sect163r1 = AnsiString('sect163r1');
+  NID_sect163r1 = 722;
+
+  SN_sect163r2 = AnsiString('sect163r2');
+  NID_sect163r2 = 723;
+
+  SN_sect193r1 = AnsiString('sect193r1');
+  NID_sect193r1 = 724;
+
+  SN_sect193r2 = AnsiString('sect193r2');
+  NID_sect193r2 = 725;
+
+  SN_sect233k1 = AnsiString('sect233k1');
+  NID_sect233k1 = 726;
+
+  SN_sect233r1 = AnsiString('sect233r1');
+  NID_sect233r1 = 727;
+
+  SN_sect239k1 = AnsiString('sect239k1');
+  NID_sect239k1 = 728;
+
+  SN_sect283k1 = AnsiString('sect283k1');
+  NID_sect283k1 = 729;
+
+  SN_sect283r1 = AnsiString('sect283r1');
+  NID_sect283r1 = 730;
+
+  SN_sect409k1 = AnsiString('sect409k1');
+  NID_sect409k1 = 731;
+
+  SN_sect409r1 = AnsiString('sect409r1');
+  NID_sect409r1 = 732;
+
+  SN_sect571k1 = AnsiString('sect571k1');
+  NID_sect571k1 = 733;
+
+  SN_sect571r1 = AnsiString('sect571r1');
+  NID_sect571r1 = 734;
+
+  SN_wap_wsg_idm_ecid_wtls1 = AnsiString('wap-wsg-idm-ecid-wtls1');
+  NID_wap_wsg_idm_ecid_wtls1 = 735;
+
+  SN_wap_wsg_idm_ecid_wtls3 = AnsiString('wap-wsg-idm-ecid-wtls3');
+  NID_wap_wsg_idm_ecid_wtls3 = 736;
+
+  SN_wap_wsg_idm_ecid_wtls4 = AnsiString('wap-wsg-idm-ecid-wtls4');
+  NID_wap_wsg_idm_ecid_wtls4 = 737;
+
+  SN_wap_wsg_idm_ecid_wtls5 = AnsiString('wap-wsg-idm-ecid-wtls5');
+  NID_wap_wsg_idm_ecid_wtls5 = 738;
+
+  SN_wap_wsg_idm_ecid_wtls6 = AnsiString('wap-wsg-idm-ecid-wtls6');
+  NID_wap_wsg_idm_ecid_wtls6 = 739;
+
+  SN_wap_wsg_idm_ecid_wtls7 = AnsiString('wap-wsg-idm-ecid-wtls7');
+  NID_wap_wsg_idm_ecid_wtls7 = 740;
+
+  SN_wap_wsg_idm_ecid_wtls8 = AnsiString('wap-wsg-idm-ecid-wtls8');
+  NID_wap_wsg_idm_ecid_wtls8 = 741;
+
+  SN_wap_wsg_idm_ecid_wtls9 = AnsiString('wap-wsg-idm-ecid-wtls9');
+  NID_wap_wsg_idm_ecid_wtls9 = 742;
+
+  SN_wap_wsg_idm_ecid_wtls10 = AnsiString('wap-wsg-idm-ecid-wtls10');
+  NID_wap_wsg_idm_ecid_wtls10 = 743;
+
+  SN_wap_wsg_idm_ecid_wtls11 = AnsiString('wap-wsg-idm-ecid-wtls11');
+  NID_wap_wsg_idm_ecid_wtls11 = 744;
+
+  SN_wap_wsg_idm_ecid_wtls12 = AnsiString('wap-wsg-idm-ecid-wtls12');
+  NID_wap_wsg_idm_ecid_wtls12 = 745;
+
+  SN_cast5_cbc = AnsiString('CAST5-CBC');
+  LN_cast5_cbc = AnsiString('cast5-cbc');
+  NID_cast5_cbc = 108;
+
+  SN_cast5_ecb = AnsiString('CAST5-ECB');
+  LN_cast5_ecb = AnsiString('cast5-ecb');
+  NID_cast5_ecb = 109;
+
+  SN_cast5_cfb64 = AnsiString('CAST5-CFB');
+  LN_cast5_cfb64 = AnsiString('cast5-cfb');
+  NID_cast5_cfb64 = 110;
+
+  SN_cast5_ofb64 = AnsiString('CAST5-OFB');
+  LN_cast5_ofb64 = AnsiString('cast5-ofb');
+  NID_cast5_ofb64 = 111;
+
+  LN_pbeWithMD5AndCast5_CBC = AnsiString('pbeWithMD5AndCast5CBC');
+  NID_pbeWithMD5AndCast5_CBC = 112;
+
+  SN_id_PasswordBasedMAC = AnsiString('id-PasswordBasedMAC');
+  LN_id_PasswordBasedMAC = AnsiString('password based MAC');
+  NID_id_PasswordBasedMAC = 782;
+
+  SN_id_DHBasedMac = AnsiString('id-DHBasedMac');
+  LN_id_DHBasedMac = AnsiString('Diffie-Hellman based MAC');
+  NID_id_DHBasedMac = 783;
+
+  SN_rsadsi = AnsiString('rsadsi');
+  LN_rsadsi = AnsiString('RSA Data Security; Inc.');
+  NID_rsadsi = 1;
+
+  SN_pkcs = AnsiString('pkcs');
+  LN_pkcs = AnsiString('RSA Data Security; Inc. PKCS');
+  NID_pkcs = 2;
+
+  SN_pkcs1 = AnsiString('pkcs1');
+  NID_pkcs1 = 186;
+
+  LN_rsaEncryption = AnsiString('rsaEncryption');
+  NID_rsaEncryption = 6;
+
+  SN_md2WithRSAEncryption = AnsiString('RSA-MD2');
+  LN_md2WithRSAEncryption = AnsiString('md2WithRSAEncryption');
+  NID_md2WithRSAEncryption = 7;
+
+  SN_md4WithRSAEncryption = AnsiString('RSA-MD4');
+  LN_md4WithRSAEncryption = AnsiString('md4WithRSAEncryption');
+  NID_md4WithRSAEncryption = 396;
+
+  SN_md5WithRSAEncryption = AnsiString('RSA-MD5');
+  LN_md5WithRSAEncryption = AnsiString('md5WithRSAEncryption');
+  NID_md5WithRSAEncryption = 8;
+
+  SN_sha1WithRSAEncryption = AnsiString('RSA-SHA1');
+  LN_sha1WithRSAEncryption = AnsiString('sha1WithRSAEncryption');
+  NID_sha1WithRSAEncryption = 65;
+
+  SN_rsaesOaep = AnsiString('RSAES-OAEP');
+  LN_rsaesOaep = AnsiString('rsaesOaep');
+  NID_rsaesOaep = 919;
+
+  SN_mgf1 = AnsiString('MGF1');
+  LN_mgf1 = AnsiString('mgf1');
+  NID_mgf1 = 911;
+
+  SN_pSpecified = AnsiString('PSPECIFIED');
+  LN_pSpecified = AnsiString('pSpecified');
+  NID_pSpecified = 935;
+
+  SN_rsassaPss = AnsiString('RSASSA-PSS');
+  LN_rsassaPss = AnsiString('rsassaPss');
+  NID_rsassaPss = 912;
+
+  SN_sha256WithRSAEncryption = AnsiString('RSA-SHA256');
+  LN_sha256WithRSAEncryption = AnsiString('sha256WithRSAEncryption');
+  NID_sha256WithRSAEncryption = 668;
+
+  SN_sha384WithRSAEncryption = AnsiString('RSA-SHA384');
+  LN_sha384WithRSAEncryption = AnsiString('sha384WithRSAEncryption');
+  NID_sha384WithRSAEncryption = 669;
+
+  SN_sha512WithRSAEncryption = AnsiString('RSA-SHA512');
+  LN_sha512WithRSAEncryption = AnsiString('sha512WithRSAEncryption');
+  NID_sha512WithRSAEncryption = 670;
+
+  SN_sha224WithRSAEncryption = AnsiString('RSA-SHA224');
+  LN_sha224WithRSAEncryption = AnsiString('sha224WithRSAEncryption');
+  NID_sha224WithRSAEncryption = 671;
+
+  SN_sha512_224WithRSAEncryption = AnsiString('RSA-SHA512/224');
+  LN_sha512_224WithRSAEncryption = AnsiString('sha512-224WithRSAEncryption');
+  NID_sha512_224WithRSAEncryption = 1145;
+
+  SN_sha512_256WithRSAEncryption = AnsiString('RSA-SHA512/256');
+  LN_sha512_256WithRSAEncryption = AnsiString('sha512-256WithRSAEncryption');
+  NID_sha512_256WithRSAEncryption = 1146;
+
+  SN_pkcs3 = AnsiString('pkcs3');
+  NID_pkcs3 = 27;
+
+  LN_dhKeyAgreement = AnsiString('dhKeyAgreement');
+  NID_dhKeyAgreement = 28;
+
+  SN_pkcs5 = AnsiString('pkcs5');
+  NID_pkcs5 = 187;
+
+  SN_pbeWithMD2AndDES_CBC = AnsiString('PBE-MD2-DES');
+  LN_pbeWithMD2AndDES_CBC = AnsiString('pbeWithMD2AndDES-CBC');
+  NID_pbeWithMD2AndDES_CBC = 9;
+
+  SN_pbeWithMD5AndDES_CBC = AnsiString('PBE-MD5-DES');
+  LN_pbeWithMD5AndDES_CBC = AnsiString('pbeWithMD5AndDES-CBC');
+  NID_pbeWithMD5AndDES_CBC = 10;
+
+  SN_pbeWithMD2AndRC2_CBC = AnsiString('PBE-MD2-RC2-64');
+  LN_pbeWithMD2AndRC2_CBC = AnsiString('pbeWithMD2AndRC2-CBC');
+  NID_pbeWithMD2AndRC2_CBC = 168;
+
+  SN_pbeWithMD5AndRC2_CBC = AnsiString('PBE-MD5-RC2-64');
+  LN_pbeWithMD5AndRC2_CBC = AnsiString('pbeWithMD5AndRC2-CBC');
+  NID_pbeWithMD5AndRC2_CBC = 169;
+
+  SN_pbeWithSHA1AndDES_CBC = AnsiString('PBE-SHA1-DES');
+  LN_pbeWithSHA1AndDES_CBC = AnsiString('pbeWithSHA1AndDES-CBC');
+  NID_pbeWithSHA1AndDES_CBC = 170;
+
+  SN_pbeWithSHA1AndRC2_CBC = AnsiString('PBE-SHA1-RC2-64');
+  LN_pbeWithSHA1AndRC2_CBC = AnsiString('pbeWithSHA1AndRC2-CBC');
+  NID_pbeWithSHA1AndRC2_CBC = 68;
+
+  LN_id_pbkdf2 = AnsiString('PBKDF2');
+  NID_id_pbkdf2 = 69;
+
+  LN_pbes2 = AnsiString('PBES2');
+  NID_pbes2 = 161;
+
+  LN_pbmac1 = AnsiString('PBMAC1');
+  NID_pbmac1 = 162;
+
+  SN_pkcs7 = AnsiString('pkcs7');
+  NID_pkcs7 = 20;
+
+  LN_pkcs7_data = AnsiString('pkcs7-data');
+  NID_pkcs7_data = 21;
+
+  LN_pkcs7_signed = AnsiString('pkcs7-signedData');
+  NID_pkcs7_signed = 22;
+
+  LN_pkcs7_enveloped = AnsiString('pkcs7-envelopedData');
+  NID_pkcs7_enveloped = 23;
+
+  LN_pkcs7_signedAndEnveloped = AnsiString('pkcs7-signedAndEnvelopedData');
+  NID_pkcs7_signedAndEnveloped = 24;
+
+  LN_pkcs7_digest = AnsiString('pkcs7-digestData');
+  NID_pkcs7_digest = 25;
+
+  LN_pkcs7_encrypted = AnsiString('pkcs7-encryptedData');
+  NID_pkcs7_encrypted = 26;
+
+  SN_pkcs9 = AnsiString('pkcs9');
+  NID_pkcs9 = 47;
+
+  LN_pkcs9_emailAddress = AnsiString('emailAddress');
+  NID_pkcs9_emailAddress = 48;
+
+  LN_pkcs9_unstructuredName = AnsiString('unstructuredName');
+  NID_pkcs9_unstructuredName = 49;
+
+  LN_pkcs9_contentType = AnsiString('contentType');
+  NID_pkcs9_contentType = 50;
+
+  LN_pkcs9_messageDigest = AnsiString('messageDigest');
+  NID_pkcs9_messageDigest = 51;
+
+  LN_pkcs9_signingTime = AnsiString('signingTime');
+  NID_pkcs9_signingTime = 52;
+
+  LN_pkcs9_countersignature = AnsiString('countersignature');
+  NID_pkcs9_countersignature = 53;
+
+  LN_pkcs9_challengePassword = AnsiString('challengePassword');
+  NID_pkcs9_challengePassword = 54;
+
+  LN_pkcs9_unstructuredAddress = AnsiString('unstructuredAddress');
+  NID_pkcs9_unstructuredAddress = 55;
+
+  LN_pkcs9_extCertAttributes = AnsiString('extendedCertificateAttributes');
+  NID_pkcs9_extCertAttributes = 56;
+
+  SN_ext_req = AnsiString('extReq');
+  LN_ext_req = AnsiString('Extension Request');
+  NID_ext_req = 172;
+
+  SN_SMIMECapabilities = AnsiString('SMIME-CAPS');
+  LN_SMIMECapabilities = AnsiString('S/MIME Capabilities');
+  NID_SMIMECapabilities = 167;
+
+  SN_SMIME = AnsiString('SMIME');
+  LN_SMIME = AnsiString('S/MIME');
+  NID_SMIME = 188;
+
+  SN_id_smime_mod = AnsiString('id-smime-mod');
+  NID_id_smime_mod = 189;
+
+  SN_id_smime_ct = AnsiString('id-smime-ct');
+  NID_id_smime_ct = 190;
+
+  SN_id_smime_aa = AnsiString('id-smime-aa');
+  NID_id_smime_aa = 191;
+
+  SN_id_smime_alg = AnsiString('id-smime-alg');
+  NID_id_smime_alg = 192;
+
+  SN_id_smime_cd = AnsiString('id-smime-cd');
+  NID_id_smime_cd = 193;
+
+  SN_id_smime_spq = AnsiString('id-smime-spq');
+  NID_id_smime_spq = 194;
+
+  SN_id_smime_cti = AnsiString('id-smime-cti');
+  NID_id_smime_cti = 195;
+
+  SN_id_smime_mod_cms = AnsiString('id-smime-mod-cms');
+  NID_id_smime_mod_cms = 196;
+
+  SN_id_smime_mod_ess = AnsiString('id-smime-mod-ess');
+  NID_id_smime_mod_ess = 197;
+
+  SN_id_smime_mod_oid = AnsiString('id-smime-mod-oid');
+  NID_id_smime_mod_oid = 198;
+
+  SN_id_smime_mod_msg_v3 = AnsiString('id-smime-mod-msg-v3');
+  NID_id_smime_mod_msg_v3 = 199;
+
+  SN_id_smime_mod_ets_eSignature_88 = AnsiString('id-smime-mod-ets-eSignature-88');
+  NID_id_smime_mod_ets_eSignature_88 = 200;
+
+  SN_id_smime_mod_ets_eSignature_97 = AnsiString('id-smime-mod-ets-eSignature-97');
+  NID_id_smime_mod_ets_eSignature_97 = 201;
+
+  SN_id_smime_mod_ets_eSigPolicy_88 = AnsiString('id-smime-mod-ets-eSigPolicy-88');
+  NID_id_smime_mod_ets_eSigPolicy_88 = 202;
+
+  SN_id_smime_mod_ets_eSigPolicy_97 = AnsiString('id-smime-mod-ets-eSigPolicy-97');
+  NID_id_smime_mod_ets_eSigPolicy_97 = 203;
+
+  SN_id_smime_ct_receipt = AnsiString('id-smime-ct-receipt');
+  NID_id_smime_ct_receipt = 204;
+
+  SN_id_smime_ct_authData = AnsiString('id-smime-ct-authData');
+  NID_id_smime_ct_authData = 205;
+
+  SN_id_smime_ct_publishCert = AnsiString('id-smime-ct-publishCert');
+  NID_id_smime_ct_publishCert = 206;
+
+  SN_id_smime_ct_TSTInfo = AnsiString('id-smime-ct-TSTInfo');
+  NID_id_smime_ct_TSTInfo = 207;
+
+  SN_id_smime_ct_TDTInfo = AnsiString('id-smime-ct-TDTInfo');
+  NID_id_smime_ct_TDTInfo = 208;
+
+  SN_id_smime_ct_contentInfo = AnsiString('id-smime-ct-contentInfo');
+  NID_id_smime_ct_contentInfo = 209;
+
+  SN_id_smime_ct_DVCSRequestData = AnsiString('id-smime-ct-DVCSRequestData');
+  NID_id_smime_ct_DVCSRequestData = 210;
+
+  SN_id_smime_ct_DVCSResponseData = AnsiString('id-smime-ct-DVCSResponseData');
+  NID_id_smime_ct_DVCSResponseData = 211;
+
+  SN_id_smime_ct_compressedData = AnsiString('id-smime-ct-compressedData');
+  NID_id_smime_ct_compressedData = 786;
+
+  SN_id_smime_ct_contentCollection = AnsiString('id-smime-ct-contentCollection');
+  NID_id_smime_ct_contentCollection = 1058;
+
+  SN_id_smime_ct_authEnvelopedData = AnsiString('id-smime-ct-authEnvelopedData');
+  NID_id_smime_ct_authEnvelopedData = 1059;
+
+  SN_id_ct_asciiTextWithCRLF = AnsiString('id-ct-asciiTextWithCRLF');
+  NID_id_ct_asciiTextWithCRLF = 787;
+
+  SN_id_ct_xml = AnsiString('id-ct-xml');
+  NID_id_ct_xml = 1060;
+
+  SN_id_smime_aa_receiptRequest = AnsiString('id-smime-aa-receiptRequest');
+  NID_id_smime_aa_receiptRequest = 212;
+
+  SN_id_smime_aa_securityLabel = AnsiString('id-smime-aa-securityLabel');
+  NID_id_smime_aa_securityLabel = 213;
+
+  SN_id_smime_aa_mlExpandHistory = AnsiString('id-smime-aa-mlExpandHistory');
+  NID_id_smime_aa_mlExpandHistory = 214;
+
+  SN_id_smime_aa_contentHint = AnsiString('id-smime-aa-contentHint');
+  NID_id_smime_aa_contentHint = 215;
+
+  SN_id_smime_aa_msgSigDigest = AnsiString('id-smime-aa-msgSigDigest');
+  NID_id_smime_aa_msgSigDigest = 216;
+
+  SN_id_smime_aa_encapContentType = AnsiString('id-smime-aa-encapContentType');
+  NID_id_smime_aa_encapContentType = 217;
+
+  SN_id_smime_aa_contentIdentifier = AnsiString('id-smime-aa-contentIdentifier');
+  NID_id_smime_aa_contentIdentifier = 218;
+
+  SN_id_smime_aa_macValue = AnsiString('id-smime-aa-macValue');
+  NID_id_smime_aa_macValue = 219;
+
+  SN_id_smime_aa_equivalentLabels = AnsiString('id-smime-aa-equivalentLabels');
+  NID_id_smime_aa_equivalentLabels = 220;
+
+  SN_id_smime_aa_contentReference = AnsiString('id-smime-aa-contentReference');
+  NID_id_smime_aa_contentReference = 221;
+
+  SN_id_smime_aa_encrypKeyPref = AnsiString('id-smime-aa-encrypKeyPref');
+  NID_id_smime_aa_encrypKeyPref = 222;
+
+  SN_id_smime_aa_signingCertificate = AnsiString('id-smime-aa-signingCertificate');
+  NID_id_smime_aa_signingCertificate = 223;
+
+  SN_id_smime_aa_smimeEncryptCerts = AnsiString('id-smime-aa-smimeEncryptCerts');
+  NID_id_smime_aa_smimeEncryptCerts = 224;
+
+  SN_id_smime_aa_timeStampToken = AnsiString('id-smime-aa-timeStampToken');
+  NID_id_smime_aa_timeStampToken = 225;
+
+  SN_id_smime_aa_ets_sigPolicyId = AnsiString('id-smime-aa-ets-sigPolicyId');
+  NID_id_smime_aa_ets_sigPolicyId = 226;
+
+  SN_id_smime_aa_ets_commitmentType = AnsiString('id-smime-aa-ets-commitmentType');
+  NID_id_smime_aa_ets_commitmentType = 227;
+
+  SN_id_smime_aa_ets_signerLocation = AnsiString('id-smime-aa-ets-signerLocation');
+  NID_id_smime_aa_ets_signerLocation = 228;
+
+  SN_id_smime_aa_ets_signerAttr = AnsiString('id-smime-aa-ets-signerAttr');
+  NID_id_smime_aa_ets_signerAttr = 229;
+
+  SN_id_smime_aa_ets_otherSigCert = AnsiString('id-smime-aa-ets-otherSigCert');
+  NID_id_smime_aa_ets_otherSigCert = 230;
+
+  SN_id_smime_aa_ets_contentTimestamp = AnsiString('id-smime-aa-ets-contentTimestamp');
+  NID_id_smime_aa_ets_contentTimestamp = 231;
+
+  SN_id_smime_aa_ets_CertificateRefs = AnsiString('id-smime-aa-ets-CertificateRefs');
+  NID_id_smime_aa_ets_CertificateRefs = 232;
+
+  SN_id_smime_aa_ets_RevocationRefs = AnsiString('id-smime-aa-ets-RevocationRefs');
+  NID_id_smime_aa_ets_RevocationRefs = 233;
+
+  SN_id_smime_aa_ets_certValues = AnsiString('id-smime-aa-ets-certValues');
+  NID_id_smime_aa_ets_certValues = 234;
+
+  SN_id_smime_aa_ets_revocationValues = AnsiString('id-smime-aa-ets-revocationValues');
+  NID_id_smime_aa_ets_revocationValues = 235;
+
+  SN_id_smime_aa_ets_escTimeStamp = AnsiString('id-smime-aa-ets-escTimeStamp');
+  NID_id_smime_aa_ets_escTimeStamp = 236;
+
+  SN_id_smime_aa_ets_certCRLTimestamp = AnsiString('id-smime-aa-ets-certCRLTimestamp');
+  NID_id_smime_aa_ets_certCRLTimestamp = 237;
+
+  SN_id_smime_aa_ets_archiveTimeStamp = AnsiString('id-smime-aa-ets-archiveTimeStamp');
+  NID_id_smime_aa_ets_archiveTimeStamp = 238;
+
+  SN_id_smime_aa_signatureType = AnsiString('id-smime-aa-signatureType');
+  NID_id_smime_aa_signatureType = 239;
+
+  SN_id_smime_aa_dvcs_dvc = AnsiString('id-smime-aa-dvcs-dvc');
+  NID_id_smime_aa_dvcs_dvc = 240;
+
+  SN_id_smime_aa_signingCertificateV2 = AnsiString('id-smime-aa-signingCertificateV2');
+  NID_id_smime_aa_signingCertificateV2 = 1086;
+
+  SN_id_smime_alg_ESDHwith3DES = AnsiString('id-smime-alg-ESDHwith3DES');
+  NID_id_smime_alg_ESDHwith3DES = 241;
+
+  SN_id_smime_alg_ESDHwithRC2 = AnsiString('id-smime-alg-ESDHwithRC2');
+  NID_id_smime_alg_ESDHwithRC2 = 242;
+
+  SN_id_smime_alg_3DESwrap = AnsiString('id-smime-alg-3DESwrap');
+  NID_id_smime_alg_3DESwrap = 243;
+
+  SN_id_smime_alg_RC2wrap = AnsiString('id-smime-alg-RC2wrap');
+  NID_id_smime_alg_RC2wrap = 244;
+
+  SN_id_smime_alg_ESDH = AnsiString('id-smime-alg-ESDH');
+  NID_id_smime_alg_ESDH = 245;
+
+  SN_id_smime_alg_CMS3DESwrap = AnsiString('id-smime-alg-CMS3DESwrap');
+  NID_id_smime_alg_CMS3DESwrap = 246;
+
+  SN_id_smime_alg_CMSRC2wrap = AnsiString('id-smime-alg-CMSRC2wrap');
+  NID_id_smime_alg_CMSRC2wrap = 247;
+
+  SN_id_alg_PWRI_KEK = AnsiString('id-alg-PWRI-KEK');
+  NID_id_alg_PWRI_KEK = 893;
+
+  SN_id_smime_cd_ldap = AnsiString('id-smime-cd-ldap');
+  NID_id_smime_cd_ldap = 248;
+
+  SN_id_smime_spq_ets_sqt_uri = AnsiString('id-smime-spq-ets-sqt-uri');
+  NID_id_smime_spq_ets_sqt_uri = 249;
+
+  SN_id_smime_spq_ets_sqt_unotice = AnsiString('id-smime-spq-ets-sqt-unotice');
+  NID_id_smime_spq_ets_sqt_unotice = 250;
+
+  SN_id_smime_cti_ets_proofOfOrigin = AnsiString('id-smime-cti-ets-proofOfOrigin');
+  NID_id_smime_cti_ets_proofOfOrigin = 251;
+
+  SN_id_smime_cti_ets_proofOfReceipt = AnsiString('id-smime-cti-ets-proofOfReceipt');
+  NID_id_smime_cti_ets_proofOfReceipt = 252;
+
+  SN_id_smime_cti_ets_proofOfDelivery = AnsiString('id-smime-cti-ets-proofOfDelivery');
+  NID_id_smime_cti_ets_proofOfDelivery = 253;
+
+  SN_id_smime_cti_ets_proofOfSender = AnsiString('id-smime-cti-ets-proofOfSender');
+  NID_id_smime_cti_ets_proofOfSender = 254;
+
+  SN_id_smime_cti_ets_proofOfApproval = AnsiString('id-smime-cti-ets-proofOfApproval');
+  NID_id_smime_cti_ets_proofOfApproval = 255;
+
+  SN_id_smime_cti_ets_proofOfCreation = AnsiString('id-smime-cti-ets-proofOfCreation');
+  NID_id_smime_cti_ets_proofOfCreation = 256;
+
+  LN_friendlyName = AnsiString('friendlyName');
+  NID_friendlyName = 156;
+
+  LN_localKeyID = AnsiString('localKeyID');
+  NID_localKeyID = 157;
+
+  SN_ms_csp_name = AnsiString('CSPName');
+  LN_ms_csp_name = AnsiString('Microsoft CSP Name');
+  NID_ms_csp_name = 417;
+
+  SN_LocalKeySet = AnsiString('LocalKeySet');
+  LN_LocalKeySet = AnsiString('Microsoft Local Key set');
+  NID_LocalKeySet = 856;
+
+  LN_x509Certificate = AnsiString('x509Certificate');
+  NID_x509Certificate = 158;
+
+  LN_sdsiCertificate = AnsiString('sdsiCertificate');
+  NID_sdsiCertificate = 159;
+
+  LN_x509Crl = AnsiString('x509Crl');
+  NID_x509Crl = 160;
+
+  SN_pbe_WithSHA1And128BitRC4 = AnsiString('PBE-SHA1-RC4-128');
+  LN_pbe_WithSHA1And128BitRC4 = AnsiString('pbeWithSHA1And128BitRC4');
+  NID_pbe_WithSHA1And128BitRC4 = 144;
+
+  SN_pbe_WithSHA1And40BitRC4 = AnsiString('PBE-SHA1-RC4-40');
+  LN_pbe_WithSHA1And40BitRC4 = AnsiString('pbeWithSHA1And40BitRC4');
+  NID_pbe_WithSHA1And40BitRC4 = 145;
+
+  SN_pbe_WithSHA1And3_Key_TripleDES_CBC = AnsiString('PBE-SHA1-3DES');
+  LN_pbe_WithSHA1And3_Key_TripleDES_CBC = AnsiString('pbeWithSHA1And3-KeyTripleDES-CBC');
+  NID_pbe_WithSHA1And3_Key_TripleDES_CBC = 146;
+
+  SN_pbe_WithSHA1And2_Key_TripleDES_CBC = AnsiString('PBE-SHA1-2DES');
+  LN_pbe_WithSHA1And2_Key_TripleDES_CBC = AnsiString('pbeWithSHA1And2-KeyTripleDES-CBC');
+  NID_pbe_WithSHA1And2_Key_TripleDES_CBC = 147;
+
+  SN_pbe_WithSHA1And128BitRC2_CBC = AnsiString('PBE-SHA1-RC2-128');
+  LN_pbe_WithSHA1And128BitRC2_CBC = AnsiString('pbeWithSHA1And128BitRC2-CBC');
+  NID_pbe_WithSHA1And128BitRC2_CBC = 148;
+
+  SN_pbe_WithSHA1And40BitRC2_CBC = AnsiString('PBE-SHA1-RC2-40');
+  LN_pbe_WithSHA1And40BitRC2_CBC = AnsiString('pbeWithSHA1And40BitRC2-CBC');
+  NID_pbe_WithSHA1And40BitRC2_CBC = 149;
+
+  LN_keyBag = AnsiString('keyBag');
+  NID_keyBag = 150;
+
+  LN_pkcs8ShroudedKeyBag = AnsiString('pkcs8ShroudedKeyBag');
+  NID_pkcs8ShroudedKeyBag = 151;
+
+  LN_certBag = AnsiString('certBag');
+  NID_certBag = 152;
+
+  LN_crlBag = AnsiString('crlBag');
+  NID_crlBag = 153;
+
+  LN_secretBag = AnsiString('secretBag');
+  NID_secretBag = 154;
+
+  LN_safeContentsBag = AnsiString('safeContentsBag');
+  NID_safeContentsBag = 155;
+
+  SN_md2 = AnsiString('MD2');
+  LN_md2 = AnsiString('md2');
+  NID_md2 = 3;
+
+  SN_md4 = AnsiString('MD4');
+  LN_md4 = AnsiString('md4');
+  NID_md4 = 257;
+
+  SN_md5 = AnsiString('MD5');
+  LN_md5 = AnsiString('md5');
+  NID_md5 = 4;
+
+  SN_md5_sha1 = AnsiString('MD5-SHA1');
+  LN_md5_sha1 = AnsiString('md5-sha1');
+  NID_md5_sha1 = 114;
+
+  LN_hmacWithMD5 = AnsiString('hmacWithMD5');
+  NID_hmacWithMD5 = 797;
+
+  LN_hmacWithSHA1 = AnsiString('hmacWithSHA1');
+  NID_hmacWithSHA1 = 163;
+
+  SN_sm2 = AnsiString('SM2');
+  LN_sm2 = AnsiString('sm2');
+  NID_sm2 = 1172;
+
+  SN_sm3 = AnsiString('SM3');
+  LN_sm3 = AnsiString('sm3');
+  NID_sm3 = 1143;
+
+  SN_sm3WithRSAEncryption = AnsiString('RSA-SM3');
+  LN_sm3WithRSAEncryption = AnsiString('sm3WithRSAEncryption');
+  NID_sm3WithRSAEncryption = 1144;
+
+  LN_hmacWithSHA224 = AnsiString('hmacWithSHA224');
+  NID_hmacWithSHA224 = 798;
+
+  LN_hmacWithSHA256 = AnsiString('hmacWithSHA256');
+  NID_hmacWithSHA256 = 799;
+
+  LN_hmacWithSHA384 = AnsiString('hmacWithSHA384');
+  NID_hmacWithSHA384 = 800;
+
+  LN_hmacWithSHA512 = AnsiString('hmacWithSHA512');
+  NID_hmacWithSHA512 = 801;
+
+  LN_hmacWithSHA512_224 = AnsiString('hmacWithSHA512-224');
+  NID_hmacWithSHA512_224 = 1193;
+
+  LN_hmacWithSHA512_256 = AnsiString('hmacWithSHA512-256');
+  NID_hmacWithSHA512_256 = 1194;
+
+  SN_rc2_cbc = AnsiString('RC2-CBC');
+  LN_rc2_cbc = AnsiString('rc2-cbc');
+  NID_rc2_cbc = 37;
+
+  SN_rc2_ecb = AnsiString('RC2-ECB');
+  LN_rc2_ecb = AnsiString('rc2-ecb');
+  NID_rc2_ecb = 38;
+
+  SN_rc2_cfb64 = AnsiString('RC2-CFB');
+  LN_rc2_cfb64 = AnsiString('rc2-cfb');
+  NID_rc2_cfb64 = 39;
+
+  SN_rc2_ofb64 = AnsiString('RC2-OFB');
+  LN_rc2_ofb64 = AnsiString('rc2-ofb');
+  NID_rc2_ofb64 = 40;
+
+  SN_rc2_40_cbc = AnsiString('RC2-40-CBC');
+  LN_rc2_40_cbc = AnsiString('rc2-40-cbc');
+  NID_rc2_40_cbc = 98;
+
+  SN_rc2_64_cbc = AnsiString('RC2-64-CBC');
+  LN_rc2_64_cbc = AnsiString('rc2-64-cbc');
+  NID_rc2_64_cbc = 166;
+
+  SN_rc4 = AnsiString('RC4');
+  LN_rc4 = AnsiString('rc4');
+  NID_rc4 = 5;
+
+  SN_rc4_40 = AnsiString('RC4-40');
+  LN_rc4_40 = AnsiString('rc4-40');
+  NID_rc4_40 = 97;
+
+  SN_des_ede3_cbc = AnsiString('DES-EDE3-CBC');
+  LN_des_ede3_cbc = AnsiString('des-ede3-cbc');
+  NID_des_ede3_cbc = 44;
+
+  SN_rc5_cbc = AnsiString('RC5-CBC');
+  LN_rc5_cbc = AnsiString('rc5-cbc');
+  NID_rc5_cbc = 120;
+
+  SN_rc5_ecb = AnsiString('RC5-ECB');
+  LN_rc5_ecb = AnsiString('rc5-ecb');
+  NID_rc5_ecb = 121;
+
+  SN_rc5_cfb64 = AnsiString('RC5-CFB');
+  LN_rc5_cfb64 = AnsiString('rc5-cfb');
+  NID_rc5_cfb64 = 122;
+
+  SN_rc5_ofb64 = AnsiString('RC5-OFB');
+  LN_rc5_ofb64 = AnsiString('rc5-ofb');
+  NID_rc5_ofb64 = 123;
+
+  SN_ms_ext_req = AnsiString('msExtReq');
+  LN_ms_ext_req = AnsiString('Microsoft Extension Request');
+  NID_ms_ext_req = 171;
+
+  SN_ms_code_ind = AnsiString('msCodeInd');
+  LN_ms_code_ind = AnsiString('Microsoft Individual Code Signing');
+  NID_ms_code_ind = 134;
+
+  SN_ms_code_com = AnsiString('msCodeCom');
+  LN_ms_code_com = AnsiString('Microsoft Commercial Code Signing');
+  NID_ms_code_com = 135;
+
+  SN_ms_ctl_sign = AnsiString('msCTLSign');
+  LN_ms_ctl_sign = AnsiString('Microsoft Trust List Signing');
+  NID_ms_ctl_sign = 136;
+
+  SN_ms_sgc = AnsiString('msSGC');
+  LN_ms_sgc = AnsiString('Microsoft Server Gated Crypto');
+  NID_ms_sgc = 137;
+
+  SN_ms_efs = AnsiString('msEFS');
+  LN_ms_efs = AnsiString('Microsoft Encrypted File System');
+  NID_ms_efs = 138;
+
+  SN_ms_smartcard_login = AnsiString('msSmartcardLogin');
+  LN_ms_smartcard_login = AnsiString('Microsoft Smartcard Login');
+  NID_ms_smartcard_login = 648;
+
+  SN_ms_upn = AnsiString('msUPN');
+  LN_ms_upn = AnsiString('Microsoft User Principal Name');
+  NID_ms_upn = 649;
+
+  SN_idea_cbc = AnsiString('IDEA-CBC');
+  LN_idea_cbc = AnsiString('idea-cbc');
+  NID_idea_cbc = 34;
+
+  SN_idea_ecb = AnsiString('IDEA-ECB');
+  LN_idea_ecb = AnsiString('idea-ecb');
+  NID_idea_ecb = 36;
+
+  SN_idea_cfb64 = AnsiString('IDEA-CFB');
+  LN_idea_cfb64 = AnsiString('idea-cfb');
+  NID_idea_cfb64 = 35;
+
+  SN_idea_ofb64 = AnsiString('IDEA-OFB');
+  LN_idea_ofb64 = AnsiString('idea-ofb');
+  NID_idea_ofb64 = 46;
+
+  SN_bf_cbc = AnsiString('BF-CBC');
+  LN_bf_cbc = AnsiString('bf-cbc');
+  NID_bf_cbc = 91;
+
+  SN_bf_ecb = AnsiString('BF-ECB');
+  LN_bf_ecb = AnsiString('bf-ecb');
+  NID_bf_ecb = 92;
+
+  SN_bf_cfb64 = AnsiString('BF-CFB');
+  LN_bf_cfb64 = AnsiString('bf-cfb');
+  NID_bf_cfb64 = 93;
+
+  SN_bf_ofb64 = AnsiString('BF-OFB');
+  LN_bf_ofb64 = AnsiString('bf-ofb');
+  NID_bf_ofb64 = 94;
+
+  SN_id_pkix = AnsiString('PKIX');
+  NID_id_pkix = 127;
+
+  SN_id_pkix_mod = AnsiString('id-pkix-mod');
+  NID_id_pkix_mod = 258;
+
+  SN_id_pe = AnsiString('id-pe');
+  NID_id_pe = 175;
+
+  SN_id_qt = AnsiString('id-qt');
+  NID_id_qt = 259;
+
+  SN_id_kp = AnsiString('id-kp');
+  NID_id_kp = 128;
+
+  SN_id_it = AnsiString('id-it');
+  NID_id_it = 260;
+
+  SN_id_pkip = AnsiString('id-pkip');
+  NID_id_pkip = 261;
+
+  SN_id_alg = AnsiString('id-alg');
+  NID_id_alg = 262;
+
+  SN_id_cmc = AnsiString('id-cmc');
+  NID_id_cmc = 263;
+
+  SN_id_on = AnsiString('id-on');
+  NID_id_on = 264;
+
+  SN_id_pda = AnsiString('id-pda');
+  NID_id_pda = 265;
+
+  SN_id_aca = AnsiString('id-aca');
+  NID_id_aca = 266;
+
+  SN_id_qcs = AnsiString('id-qcs');
+  NID_id_qcs = 267;
+
+  SN_id_cct = AnsiString('id-cct');
+  NID_id_cct = 268;
+
+  SN_id_ppl = AnsiString('id-ppl');
+  NID_id_ppl = 662;
+
+  SN_id_ad = AnsiString('id-ad');
+  NID_id_ad = 176;
+
+  SN_id_pkix1_explicit_88 = AnsiString('id-pkix1-explicit-88');
+  NID_id_pkix1_explicit_88 = 269;
+
+  SN_id_pkix1_implicit_88 = AnsiString('id-pkix1-implicit-88');
+  NID_id_pkix1_implicit_88 = 270;
+
+  SN_id_pkix1_explicit_93 = AnsiString('id-pkix1-explicit-93');
+  NID_id_pkix1_explicit_93 = 271;
+
+  SN_id_pkix1_implicit_93 = AnsiString('id-pkix1-implicit-93');
+  NID_id_pkix1_implicit_93 = 272;
+
+  SN_id_mod_crmf = AnsiString('id-mod-crmf');
+  NID_id_mod_crmf = 273;
+
+  SN_id_mod_cmc = AnsiString('id-mod-cmc');
+  NID_id_mod_cmc = 274;
+
+  SN_id_mod_kea_profile_88 = AnsiString('id-mod-kea-profile-88');
+  NID_id_mod_kea_profile_88 = 275;
+
+  SN_id_mod_kea_profile_93 = AnsiString('id-mod-kea-profile-93');
+  NID_id_mod_kea_profile_93 = 276;
+
+  SN_id_mod_cmp = AnsiString('id-mod-cmp');
+  NID_id_mod_cmp = 277;
+
+  SN_id_mod_qualified_cert_88 = AnsiString('id-mod-qualified-cert-88');
+  NID_id_mod_qualified_cert_88 = 278;
+
+  SN_id_mod_qualified_cert_93 = AnsiString('id-mod-qualified-cert-93');
+  NID_id_mod_qualified_cert_93 = 279;
+
+  SN_id_mod_attribute_cert = AnsiString('id-mod-attribute-cert');
+  NID_id_mod_attribute_cert = 280;
+
+  SN_id_mod_timestamp_protocol = AnsiString('id-mod-timestamp-protocol');
+  NID_id_mod_timestamp_protocol = 281;
+
+  SN_id_mod_ocsp = AnsiString('id-mod-ocsp');
+  NID_id_mod_ocsp = 282;
+
+  SN_id_mod_dvcs = AnsiString('id-mod-dvcs');
+  NID_id_mod_dvcs = 283;
+
+  SN_id_mod_cmp2000 = AnsiString('id-mod-cmp2000');
+  NID_id_mod_cmp2000 = 284;
+
+  SN_info_access = AnsiString('authorityInfoAccess');
+  LN_info_access = AnsiString('Authority Information Access');
+  NID_info_access = 177;
+
+  SN_biometricInfo = AnsiString('biometricInfo');
+  LN_biometricInfo = AnsiString('Biometric Info');
+  NID_biometricInfo = 285;
+
+  SN_qcStatements = AnsiString('qcStatements');
+  NID_qcStatements = 286;
+
+  SN_ac_auditEntity = AnsiString('ac-auditEntity');
+  NID_ac_auditEntity = 287;
+
+  SN_ac_targeting = AnsiString('ac-targeting');
+  NID_ac_targeting = 288;
+
+  SN_aaControls = AnsiString('aaControls');
+  NID_aaControls = 289;
+
+  SN_sbgp_ipAddrBlock = AnsiString('sbgp-ipAddrBlock');
+  NID_sbgp_ipAddrBlock = 290;
+
+  SN_sbgp_autonomousSysNum = AnsiString('sbgp-autonomousSysNum');
+  NID_sbgp_autonomousSysNum = 291;
+
+  SN_sbgp_routerIdentifier = AnsiString('sbgp-routerIdentifier');
+  NID_sbgp_routerIdentifier = 292;
+
+  SN_ac_proxying = AnsiString('ac-proxying');
+  NID_ac_proxying = 397;
+
+  SN_sinfo_access = AnsiString('subjectInfoAccess');
+  LN_sinfo_access = AnsiString('Subject Information Access');
+  NID_sinfo_access = 398;
+
+  SN_proxyCertInfo = AnsiString('proxyCertInfo');
+  LN_proxyCertInfo = AnsiString('Proxy Certificate Information');
+  NID_proxyCertInfo = 663;
+
+  SN_tlsfeature = AnsiString('tlsfeature');
+  LN_tlsfeature = AnsiString('TLS Feature');
+  NID_tlsfeature = 1020;
+
+  SN_id_qt_cps = AnsiString('id-qt-cps');
+  LN_id_qt_cps = AnsiString('Policy Qualifier CPS');
+  NID_id_qt_cps = 164;
+
+  SN_id_qt_unotice = AnsiString('id-qt-unotice');
+  LN_id_qt_unotice = AnsiString('Policy Qualifier User Notice');
+  NID_id_qt_unotice = 165;
+
+  SN_textNotice = AnsiString('textNotice');
+  NID_textNotice = 293;
+
+  SN_server_auth = AnsiString('serverAuth');
+  LN_server_auth = AnsiString('TLS Web Server Authentication');
+  NID_server_auth = 129;
+
+  SN_client_auth = AnsiString('clientAuth');
+  LN_client_auth = AnsiString('TLS Web Client Authentication');
+  NID_client_auth = 130;
+
+  SN_code_sign = AnsiString('codeSigning');
+  LN_code_sign = AnsiString('Code Signing');
+  NID_code_sign = 131;
+
+  SN_email_protect = AnsiString('emailProtection');
+  LN_email_protect = AnsiString('E-mail Protection');
+  NID_email_protect = 132;
+
+  SN_ipsecEndSystem = AnsiString('ipsecEndSystem');
+  LN_ipsecEndSystem = AnsiString('IPSec End System');
+  NID_ipsecEndSystem = 294;
+
+  SN_ipsecTunnel = AnsiString('ipsecTunnel');
+  LN_ipsecTunnel = AnsiString('IPSec Tunnel');
+  NID_ipsecTunnel = 295;
+
+  SN_ipsecUser = AnsiString('ipsecUser');
+  LN_ipsecUser = AnsiString('IPSec User');
+  NID_ipsecUser = 296;
+
+  SN_time_stamp = AnsiString('timeStamping');
+  LN_time_stamp = AnsiString('Time Stamping');
+  NID_time_stamp = 133;
+
+  SN_OCSP_sign = AnsiString('OCSPSigning');
+  LN_OCSP_sign = AnsiString('OCSP Signing');
+  NID_OCSP_sign = 180;
+
+  SN_dvcs = AnsiString('DVCS');
+  LN_dvcs = AnsiString('dvcs');
+  NID_dvcs = 297;
+
+  SN_ipsec_IKE = AnsiString('ipsecIKE');
+  LN_ipsec_IKE = AnsiString('ipsec Internet Key Exchange');
+  NID_ipsec_IKE = 1022;
+
+  SN_capwapAC = AnsiString('capwapAC');
+  LN_capwapAC = AnsiString('Ctrl/provision WAP Access');
+  NID_capwapAC = 1023;
+
+  SN_capwapWTP = AnsiString('capwapWTP');
+  LN_capwapWTP = AnsiString('Ctrl/Provision WAP Termination');
+  NID_capwapWTP = 1024;
+
+  SN_sshClient = AnsiString('secureShellClient');
+  LN_sshClient = AnsiString('SSH Client');
+  NID_sshClient = 1025;
+
+  SN_sshServer = AnsiString('secureShellServer');
+  LN_sshServer = AnsiString('SSH Server');
+  NID_sshServer = 1026;
+
+  SN_sendRouter = AnsiString('sendRouter');
+  LN_sendRouter = AnsiString('Send Router');
+  NID_sendRouter = 1027;
+
+  SN_sendProxiedRouter = AnsiString('sendProxiedRouter');
+  LN_sendProxiedRouter = AnsiString('Send Proxied Router');
+  NID_sendProxiedRouter = 1028;
+
+  SN_sendOwner = AnsiString('sendOwner');
+  LN_sendOwner = AnsiString('Send Owner');
+  NID_sendOwner = 1029;
+
+  SN_sendProxiedOwner = AnsiString('sendProxiedOwner');
+  LN_sendProxiedOwner = AnsiString('Send Proxied Owner');
+  NID_sendProxiedOwner = 1030;
+
+  SN_cmcCA = AnsiString('cmcCA');
+  LN_cmcCA = AnsiString('CMC Certificate Authority');
+  NID_cmcCA = 1131;
+
+  SN_cmcRA = AnsiString('cmcRA');
+  LN_cmcRA = AnsiString('CMC Registration Authority');
+  NID_cmcRA = 1132;
+
+  SN_id_it_caProtEncCert = AnsiString('id-it-caProtEncCert');
+  NID_id_it_caProtEncCert = 298;
+
+  SN_id_it_signKeyPairTypes = AnsiString('id-it-signKeyPairTypes');
+  NID_id_it_signKeyPairTypes = 299;
+
+  SN_id_it_encKeyPairTypes = AnsiString('id-it-encKeyPairTypes');
+  NID_id_it_encKeyPairTypes = 300;
+
+  SN_id_it_preferredSymmAlg = AnsiString('id-it-preferredSymmAlg');
+  NID_id_it_preferredSymmAlg = 301;
+
+  SN_id_it_caKeyUpdateInfo = AnsiString('id-it-caKeyUpdateInfo');
+  NID_id_it_caKeyUpdateInfo = 302;
+
+  SN_id_it_currentCRL = AnsiString('id-it-currentCRL');
+  NID_id_it_currentCRL = 303;
+
+  SN_id_it_unsupportedOIDs = AnsiString('id-it-unsupportedOIDs');
+  NID_id_it_unsupportedOIDs = 304;
+
+  SN_id_it_subscriptionRequest = AnsiString('id-it-subscriptionRequest');
+  NID_id_it_subscriptionRequest = 305;
+
+  SN_id_it_subscriptionResponse = AnsiString('id-it-subscriptionResponse');
+  NID_id_it_subscriptionResponse = 306;
+
+  SN_id_it_keyPairParamReq = AnsiString('id-it-keyPairParamReq');
+  NID_id_it_keyPairParamReq = 307;
+
+  SN_id_it_keyPairParamRep = AnsiString('id-it-keyPairParamRep');
+  NID_id_it_keyPairParamRep = 308;
+
+  SN_id_it_revPassphrase = AnsiString('id-it-revPassphrase');
+  NID_id_it_revPassphrase = 309;
+
+  SN_id_it_implicitConfirm = AnsiString('id-it-implicitConfirm');
+  NID_id_it_implicitConfirm = 310;
+
+  SN_id_it_confirmWaitTime = AnsiString('id-it-confirmWaitTime');
+  NID_id_it_confirmWaitTime = 311;
+
+  SN_id_it_origPKIMessage = AnsiString('id-it-origPKIMessage');
+  NID_id_it_origPKIMessage = 312;
+
+  SN_id_it_suppLangTags = AnsiString('id-it-suppLangTags');
+  NID_id_it_suppLangTags = 784;
+
+  SN_id_regCtrl = AnsiString('id-regCtrl');
+  NID_id_regCtrl = 313;
+
+  SN_id_regInfo = AnsiString('id-regInfo');
+  NID_id_regInfo = 314;
+
+  SN_id_regCtrl_regToken = AnsiString('id-regCtrl-regToken');
+  NID_id_regCtrl_regToken = 315;
+
+  SN_id_regCtrl_authenticator = AnsiString('id-regCtrl-authenticator');
+  NID_id_regCtrl_authenticator = 316;
+
+  SN_id_regCtrl_pkiPublicationInfo = AnsiString('id-regCtrl-pkiPublicationInfo');
+  NID_id_regCtrl_pkiPublicationInfo = 317;
+
+  SN_id_regCtrl_pkiArchiveOptions = AnsiString('id-regCtrl-pkiArchiveOptions');
+  NID_id_regCtrl_pkiArchiveOptions = 318;
+
+  SN_id_regCtrl_oldCertID = AnsiString('id-regCtrl-oldCertID');
+  NID_id_regCtrl_oldCertID = 319;
+
+  SN_id_regCtrl_protocolEncrKey = AnsiString('id-regCtrl-protocolEncrKey');
+  NID_id_regCtrl_protocolEncrKey = 320;
+
+  SN_id_regInfo_utf8Pairs = AnsiString('id-regInfo-utf8Pairs');
+  NID_id_regInfo_utf8Pairs = 321;
+
+  SN_id_regInfo_certReq = AnsiString('id-regInfo-certReq');
+  NID_id_regInfo_certReq = 322;
+
+  SN_id_alg_des40 = AnsiString('id-alg-des40');
+  NID_id_alg_des40 = 323;
+
+  SN_id_alg_noSignature = AnsiString('id-alg-noSignature');
+  NID_id_alg_noSignature = 324;
+
+  SN_id_alg_dh_sig_hmac_sha1 = AnsiString('id-alg-dh-sig-hmac-sha1');
+  NID_id_alg_dh_sig_hmac_sha1 = 325;
+
+  SN_id_alg_dh_pop = AnsiString('id-alg-dh-pop');
+  NID_id_alg_dh_pop = 326;
+
+  SN_id_cmc_statusInfo = AnsiString('id-cmc-statusInfo');
+  NID_id_cmc_statusInfo = 327;
+
+  SN_id_cmc_identification = AnsiString('id-cmc-identification');
+  NID_id_cmc_identification = 328;
+
+  SN_id_cmc_identityProof = AnsiString('id-cmc-identityProof');
+  NID_id_cmc_identityProof = 329;
+
+  SN_id_cmc_dataReturn = AnsiString('id-cmc-dataReturn');
+  NID_id_cmc_dataReturn = 330;
+
+  SN_id_cmc_transactionId = AnsiString('id-cmc-transactionId');
+  NID_id_cmc_transactionId = 331;
+
+  SN_id_cmc_senderNonce = AnsiString('id-cmc-senderNonce');
+  NID_id_cmc_senderNonce = 332;
+
+  SN_id_cmc_recipientNonce = AnsiString('id-cmc-recipientNonce');
+  NID_id_cmc_recipientNonce = 333;
+
+  SN_id_cmc_addExtensions = AnsiString('id-cmc-addExtensions');
+  NID_id_cmc_addExtensions = 334;
+
+  SN_id_cmc_encryptedPOP = AnsiString('id-cmc-encryptedPOP');
+  NID_id_cmc_encryptedPOP = 335;
+
+  SN_id_cmc_decryptedPOP = AnsiString('id-cmc-decryptedPOP');
+  NID_id_cmc_decryptedPOP = 336;
+
+  SN_id_cmc_lraPOPWitness = AnsiString('id-cmc-lraPOPWitness');
+  NID_id_cmc_lraPOPWitness = 337;
+
+  SN_id_cmc_getCert = AnsiString('id-cmc-getCert');
+  NID_id_cmc_getCert = 338;
+
+  SN_id_cmc_getCRL = AnsiString('id-cmc-getCRL');
+  NID_id_cmc_getCRL = 339;
+
+  SN_id_cmc_revokeRequest = AnsiString('id-cmc-revokeRequest');
+  NID_id_cmc_revokeRequest = 340;
+
+  SN_id_cmc_regInfo = AnsiString('id-cmc-regInfo');
+  NID_id_cmc_regInfo = 341;
+
+  SN_id_cmc_responseInfo = AnsiString('id-cmc-responseInfo');
+  NID_id_cmc_responseInfo = 342;
+
+  SN_id_cmc_queryPending = AnsiString('id-cmc-queryPending');
+  NID_id_cmc_queryPending = 343;
+
+  SN_id_cmc_popLinkRandom = AnsiString('id-cmc-popLinkRandom');
+  NID_id_cmc_popLinkRandom = 344;
+
+  SN_id_cmc_popLinkWitness = AnsiString('id-cmc-popLinkWitness');
+  NID_id_cmc_popLinkWitness = 345;
+
+  SN_id_cmc_confirmCertAcceptance = AnsiString('id-cmc-confirmCertAcceptance');
+  NID_id_cmc_confirmCertAcceptance = 346;
+
+  SN_id_on_personalData = AnsiString('id-on-personalData');
+  NID_id_on_personalData = 347;
+
+  SN_id_on_permanentIdentifier = AnsiString('id-on-permanentIdentifier');
+  LN_id_on_permanentIdentifier = AnsiString('Permanent Identifier');
+  NID_id_on_permanentIdentifier = 858;
+
+  SN_id_pda_dateOfBirth = AnsiString('id-pda-dateOfBirth');
+  NID_id_pda_dateOfBirth = 348;
+
+  SN_id_pda_placeOfBirth = AnsiString('id-pda-placeOfBirth');
+  NID_id_pda_placeOfBirth = 349;
+
+  SN_id_pda_gender = AnsiString('id-pda-gender');
+  NID_id_pda_gender = 351;
+
+  SN_id_pda_countryOfCitizenship = AnsiString('id-pda-countryOfCitizenship');
+  NID_id_pda_countryOfCitizenship = 352;
+
+  SN_id_pda_countryOfResidence = AnsiString('id-pda-countryOfResidence');
+  NID_id_pda_countryOfResidence = 353;
+
+  SN_id_aca_authenticationInfo = AnsiString('id-aca-authenticationInfo');
+  NID_id_aca_authenticationInfo = 354;
+
+  SN_id_aca_accessIdentity = AnsiString('id-aca-accessIdentity');
+  NID_id_aca_accessIdentity = 355;
+
+  SN_id_aca_chargingIdentity = AnsiString('id-aca-chargingIdentity');
+  NID_id_aca_chargingIdentity = 356;
+
+  SN_id_aca_group = AnsiString('id-aca-group');
+  NID_id_aca_group = 357;
+
+  SN_id_aca_role = AnsiString('id-aca-role');
+  NID_id_aca_role = 358;
+
+  SN_id_aca_encAttrs = AnsiString('id-aca-encAttrs');
+  NID_id_aca_encAttrs = 399;
+
+  SN_id_qcs_pkixQCSyntax_v1 = AnsiString('id-qcs-pkixQCSyntax-v1');
+  NID_id_qcs_pkixQCSyntax_v1 = 359;
+
+  SN_id_cct_crs = AnsiString('id-cct-crs');
+  NID_id_cct_crs = 360;
+
+  SN_id_cct_PKIData = AnsiString('id-cct-PKIData');
+  NID_id_cct_PKIData = 361;
+
+  SN_id_cct_PKIResponse = AnsiString('id-cct-PKIResponse');
+  NID_id_cct_PKIResponse = 362;
+
+  SN_id_ppl_anyLanguage = AnsiString('id-ppl-anyLanguage');
+  LN_id_ppl_anyLanguage = AnsiString('Any language');
+
+  NID_id_ppl_anyLanguage = 664;
+  SN_id_ppl_inheritAll = AnsiString('id-ppl-inheritAll');
+
+  LN_id_ppl_inheritAll = AnsiString('Inherit all');
+  NID_id_ppl_inheritAll = 665;
+
+  SN_Independent = AnsiString('id-ppl-independent');
+  LN_Independent = AnsiString('Independent');
+  NID_Independent = 667;
+
+  SN_ad_OCSP = AnsiString('OCSP');
+  LN_ad_OCSP = AnsiString('OCSP');
+  NID_ad_OCSP = 178;
+
+  SN_ad_ca_issuers = AnsiString('caIssuers');
+  LN_ad_ca_issuers = AnsiString('CA Issuers');
+  NID_ad_ca_issuers = 179;
+
+  SN_ad_timeStamping = AnsiString('ad_timestamping');
+  LN_ad_timeStamping = AnsiString('AD Time Stamping');
+  NID_ad_timeStamping = 363;
+
+  SN_ad_dvcs = AnsiString('AD_DVCS');
+  LN_ad_dvcs = AnsiString('ad dvcs');
+  NID_ad_dvcs = 364;
+
+  SN_caRepository = AnsiString('caRepository');
+  LN_caRepository = AnsiString('CA Repository');
+  NID_caRepository = 785;
+
+  SN_id_pkix_OCSP_basic = AnsiString('basicOCSPResponse');
+  LN_id_pkix_OCSP_basic = AnsiString('Basic OCSP Response');
+  NID_id_pkix_OCSP_basic = 365;
+
+  SN_id_pkix_OCSP_Nonce = AnsiString('Nonce');
+  LN_id_pkix_OCSP_Nonce = AnsiString('OCSP Nonce');
+  NID_id_pkix_OCSP_Nonce = 366;
+
+  SN_id_pkix_OCSP_CrlID = AnsiString('CrlID');
+  LN_id_pkix_OCSP_CrlID = AnsiString('OCSP CRL ID');
+  NID_id_pkix_OCSP_CrlID = 367;
+
+  SN_id_pkix_OCSP_acceptableResponses = AnsiString('acceptableResponses');
+  LN_id_pkix_OCSP_acceptableResponses = AnsiString('Acceptable OCSP Responses');
+  NID_id_pkix_OCSP_acceptableResponses = 368;
+
+  SN_id_pkix_OCSP_noCheck = AnsiString('noCheck');
+  LN_id_pkix_OCSP_noCheck = AnsiString('OCSP No Check');
+  NID_id_pkix_OCSP_noCheck = 369;
+
+  SN_id_pkix_OCSP_archiveCutoff = AnsiString('archiveCutoff');
+  LN_id_pkix_OCSP_archiveCutoff = AnsiString('OCSP Archive Cutoff');
+  NID_id_pkix_OCSP_archiveCutoff = 370;
+
+  SN_id_pkix_OCSP_serviceLocator = AnsiString('serviceLocator');
+  LN_id_pkix_OCSP_serviceLocator = AnsiString('OCSP Service Locator');
+  NID_id_pkix_OCSP_serviceLocator = 371;
+
+  SN_id_pkix_OCSP_extendedStatus = AnsiString('extendedStatus');
+  LN_id_pkix_OCSP_extendedStatus = AnsiString('Extended OCSP Status');
+  NID_id_pkix_OCSP_extendedStatus = 372;
+
+  SN_id_pkix_OCSP_valid = AnsiString('valid');
+  NID_id_pkix_OCSP_valid = 373;
+
+  SN_id_pkix_OCSP_path = AnsiString('path');
+  NID_id_pkix_OCSP_path = 374;
+
+  SN_id_pkix_OCSP_trustRoot = AnsiString('trustRoot');
+  LN_id_pkix_OCSP_trustRoot = AnsiString('Trust Root');
+  NID_id_pkix_OCSP_trustRoot = 375;
+
+  SN_algorithm = AnsiString('algorithm');
+  LN_algorithm = AnsiString('algorithm');
+  NID_algorithm = 376;
+
+  SN_md5WithRSA = AnsiString('RSA-NP-MD5');
+  LN_md5WithRSA = AnsiString('md5WithRSA');
+  NID_md5WithRSA = 104;
+
+  SN_des_ecb = AnsiString('DES-ECB');
+  LN_des_ecb = AnsiString('des-ecb');
+  NID_des_ecb = 29;
+
+  SN_des_cbc = AnsiString('DES-CBC');
+  LN_des_cbc = AnsiString('des-cbc');
+  NID_des_cbc = 31;
+
+  SN_des_ofb64 = AnsiString('DES-OFB');
+  LN_des_ofb64 = AnsiString('des-ofb');
+  NID_des_ofb64 = 45;
+
+  SN_des_cfb64 = AnsiString('DES-CFB');
+  LN_des_cfb64 = AnsiString('des-cfb');
+  NID_des_cfb64 = 30;
+
+  SN_rsaSignature = AnsiString('rsaSignature');
+  NID_rsaSignature = 377;
+
+  SN_dsa_2 = AnsiString('DSA-old');
+  LN_dsa_2 = AnsiString('dsaEncryption-old');
+  NID_dsa_2 = 67;
+
+  SN_dsaWithSHA = AnsiString('DSA-SHA');
+  LN_dsaWithSHA = AnsiString('dsaWithSHA');
+  NID_dsaWithSHA = 66;
+
+  SN_shaWithRSAEncryption = AnsiString('RSA-SHA');
+  LN_shaWithRSAEncryption = AnsiString('shaWithRSAEncryption');
+  NID_shaWithRSAEncryption = 42;
+
+  SN_des_ede_ecb = AnsiString('DES-EDE');
+  LN_des_ede_ecb = AnsiString('des-ede');
+  NID_des_ede_ecb = 32;
+
+  SN_des_ede3_ecb = AnsiString('DES-EDE3');
+  LN_des_ede3_ecb = AnsiString('des-ede3');
+  NID_des_ede3_ecb = 33;
+
+  SN_des_ede_cbc = AnsiString('DES-EDE-CBC');
+  LN_des_ede_cbc = AnsiString('des-ede-cbc');
+  NID_des_ede_cbc = 43;
+
+  SN_des_ede_cfb64 = AnsiString('DES-EDE-CFB');
+  LN_des_ede_cfb64 = AnsiString('des-ede-cfb');
+  NID_des_ede_cfb64 = 60;
+
+  SN_des_ede3_cfb64 = AnsiString('DES-EDE3-CFB');
+  LN_des_ede3_cfb64 = AnsiString('des-ede3-cfb');
+  NID_des_ede3_cfb64 = 61;
+
+  SN_des_ede_ofb64 = AnsiString('DES-EDE-OFB');
+  LN_des_ede_ofb64 = AnsiString('des-ede-ofb');
+  NID_des_ede_ofb64 = 62;
+
+  SN_des_ede3_ofb64 = AnsiString('DES-EDE3-OFB');
+  LN_des_ede3_ofb64 = AnsiString('des-ede3-ofb');
+  NID_des_ede3_ofb64 = 63;
+
+  SN_desx_cbc = AnsiString('DESX-CBC');
+  LN_desx_cbc = AnsiString('desx-cbc');
+  NID_desx_cbc = 80;
+
+  SN_sha = AnsiString('SHA');
+  LN_sha = AnsiString('sha');
+  NID_sha = 41;
+
+  SN_sha1 = AnsiString('SHA1');
+  LN_sha1 = AnsiString('sha1');
+  NID_sha1 = 64;
+
+  SN_dsaWithSHA1_2 = AnsiString('DSA-SHA1-old');
+  LN_dsaWithSHA1_2 = AnsiString('dsaWithSHA1-old');
+  NID_dsaWithSHA1_2 = 70;
+
+  SN_sha1WithRSA = AnsiString('RSA-SHA1-2');
+  LN_sha1WithRSA = AnsiString('sha1WithRSA');
+  NID_sha1WithRSA = 115;
+
+  SN_ripemd160 = AnsiString('RIPEMD160');
+  LN_ripemd160 = AnsiString('ripemd160');
+  NID_ripemd160 = 117;
+
+  SN_ripemd160WithRSA = AnsiString('RSA-RIPEMD160');
+  LN_ripemd160WithRSA = AnsiString('ripemd160WithRSA');
+  NID_ripemd160WithRSA = 119;
+
+  SN_blake2b512 = AnsiString('BLAKE2b512');
+  LN_blake2b512 = AnsiString('blake2b512');
+  NID_blake2b512 = 1056;
+
+  SN_blake2s256 = AnsiString('BLAKE2s256');
+  LN_blake2s256 = AnsiString('blake2s256');
+  NID_blake2s256 = 1057;
+
+  SN_sxnet = AnsiString('SXNetID');
+  LN_sxnet = AnsiString('Strong Extranet ID');
+  NID_sxnet = 143;
+
+  SN_X500 = AnsiString('X500');
+  LN_X500 = AnsiString('directory services(X.500)');
+  NID_X500 = 11;
+
+  SN_X509 = AnsiString('X509');
+  NID_X509 = 12;
+
+  SN_commonName = AnsiString('CN');
+  LN_commonName = AnsiString('commonName');
+  NID_commonName = 13;
+
+  SN_surname = AnsiString('SN');
+  LN_surname = AnsiString('surname');
+  NID_surname = 100;
+
+  LN_serialNumber = AnsiString('serialNumber');
+  NID_serialNumber = 105;
+
+  SN_countryName = AnsiString('C');
+  LN_countryName = AnsiString('countryName');
+  NID_countryName = 14;
+
+  SN_localityName = AnsiString('L');
+  LN_localityName = AnsiString('localityName');
+  NID_localityName = 15;
+
+  SN_stateOrProvinceName = AnsiString('ST');
+  LN_stateOrProvinceName = AnsiString('stateOrProvinceName');
+  NID_stateOrProvinceName = 16;
+
+  SN_streetAddress = AnsiString('street');
+  LN_streetAddress = AnsiString('streetAddress');
+  NID_streetAddress = 660;
+
+  SN_organizationName = AnsiString('O');
+  LN_organizationName = AnsiString('organizationName');
+  NID_organizationName = 17;
+
+  SN_organizationalUnitName = AnsiString('OU');
+  LN_organizationalUnitName = AnsiString('organizationalUnitName');
+  NID_organizationalUnitName = 18;
+
+  SN_title = AnsiString('title');
+  LN_title = AnsiString('title');
+  NID_title = 106;
+
+  LN_description = AnsiString('description');
+  NID_description = 107;
+
+  LN_searchGuide = AnsiString('searchGuide');
+  NID_searchGuide = 859;
+  LN_businessCategory = AnsiString('businessCategory');
+  NID_businessCategory = 860;
+
+  LN_postalAddress = AnsiString('postalAddress');
+  NID_postalAddress = 861;
+
+  LN_postalCode = AnsiString('postalCode');
+  NID_postalCode = 661;
+
+  LN_postOfficeBox = AnsiString('postOfficeBox');
+  NID_postOfficeBox = 862;
+
+  LN_physicalDeliveryOfficeName = AnsiString('physicalDeliveryOfficeName');
+  NID_physicalDeliveryOfficeName = 863;
+
+  LN_telephoneNumber = AnsiString('telephoneNumber');
+  NID_telephoneNumber = 864;
+
+  LN_telexNumber = AnsiString('telexNumber');
+  NID_telexNumber = 865;
+
+  LN_teletexTerminalIdentifier = AnsiString('teletexTerminalIdentifier');
+  NID_teletexTerminalIdentifier = 866;
+
+  LN_facsimileTelephoneNumber = AnsiString('facsimileTelephoneNumber');
+  NID_facsimileTelephoneNumber = 867;
+
+  LN_x121Address = AnsiString('x121Address');
+  NID_x121Address = 868;
+
+  LN_internationaliSDNNumber = AnsiString('internationaliSDNNumber');
+  NID_internationaliSDNNumber = 869;
+
+  LN_registeredAddress = AnsiString('registeredAddress');
+  NID_registeredAddress = 870;
+
+  LN_destinationIndicator = AnsiString('destinationIndicator');
+  NID_destinationIndicator = 871;
+
+  LN_preferredDeliveryMethod = AnsiString('preferredDeliveryMethod');
+  NID_preferredDeliveryMethod = 872;
+
+  LN_presentationAddress = AnsiString('presentationAddress');
+  NID_presentationAddress = 873;
+
+  LN_supportedApplicationContext = AnsiString('supportedApplicationContext');
+  NID_supportedApplicationContext = 874;
+
+  SN_member = AnsiString('member');
+  NID_member = 875;
+
+  SN_owner = AnsiString('owner');
+  NID_owner = 876;
+
+  LN_roleOccupant = AnsiString('roleOccupant');
+  NID_roleOccupant = 877;
+
+  SN_seeAlso = AnsiString('seeAlso');
+  NID_seeAlso = 878;
+
+  LN_userPassword = AnsiString('userPassword');
+  NID_userPassword = 879;
+
+  LN_userCertificate = AnsiString('userCertificate');
+  NID_userCertificate = 880;
+
+  LN_cACertificate = AnsiString('cACertificate');
+  NID_cACertificate = 881;
+
+  LN_authorityRevocationList = AnsiString('authorityRevocationList');
+  NID_authorityRevocationList = 882;
+
+  LN_certificateRevocationList = AnsiString('certificateRevocationList');
+  NID_certificateRevocationList = 883;
+
+  LN_crossCertificatePair = AnsiString('crossCertificatePair');
+  NID_crossCertificatePair = 884;
+
+  SN_name = AnsiString('name');
+  LN_name = AnsiString('name');
+  NID_name = 173;
+
+  SN_givenName = AnsiString('GN');
+  LN_givenName = AnsiString('givenName');
+  NID_givenName = 99;
+
+  SN_initials = AnsiString('initials');
+  LN_initials = AnsiString('initials');
+  NID_initials = 101;
+
+  LN_generationQualifier = AnsiString('generationQualifier');
+  NID_generationQualifier = 509;
+
+  LN_x500UniqueIdentifier = AnsiString('x500UniqueIdentifier');
+  NID_x500UniqueIdentifier = 503;
+
+  SN_dnQualifier = AnsiString('dnQualifier');
+  LN_dnQualifier = AnsiString('dnQualifier');
+  NID_dnQualifier = 174;
+
+  LN_enhancedSearchGuide = AnsiString('enhancedSearchGuide');
+  NID_enhancedSearchGuide = 885;
+
+  LN_protocolInformation = AnsiString('protocolInformation');
+  NID_protocolInformation = 886;
+
+  LN_distinguishedName = AnsiString('distinguishedName');
+  NID_distinguishedName = 887;
+
+  LN_uniqueMember = AnsiString('uniqueMember');
+  NID_uniqueMember = 888;
+
+  LN_houseIdentifier = AnsiString('houseIdentifier');
+  NID_houseIdentifier = 889;
+
+  LN_supportedAlgorithms = AnsiString('supportedAlgorithms');
+  NID_supportedAlgorithms = 890;
+
+  LN_deltaRevocationList = AnsiString('deltaRevocationList');
+  NID_deltaRevocationList = 891;
+
+  SN_dmdName = AnsiString('dmdName');
+  NID_dmdName = 892;
+
+  LN_pseudonym = AnsiString('pseudonym');
+  NID_pseudonym = 510;
+
+  SN_role = AnsiString('role');
+  LN_role = AnsiString('role');
+  NID_role = 400;
+
+  LN_organizationIdentifier = AnsiString('organizationIdentifier');
+  NID_organizationIdentifier = 1089;
+
+  SN_countryCode3c = AnsiString('c3');
+  LN_countryCode3c = AnsiString('countryCode3c');
+  NID_countryCode3c = 1090;
+
+  SN_countryCode3n = AnsiString('n3');
+  LN_countryCode3n = AnsiString('countryCode3n');
+  NID_countryCode3n = 1091;
+
+  LN_dnsName = AnsiString('dnsName');
+  NID_dnsName = 1092;
+
+  SN_X500algorithms = AnsiString('X500algorithms');
+  LN_X500algorithms = AnsiString('directory services - algorithms');
+  NID_X500algorithms = 378;
+
+  SN_rsa = AnsiString('RSA');
+  LN_rsa = AnsiString('rsa');
+  NID_rsa = 19;
+
+  SN_mdc2WithRSA = AnsiString('RSA-MDC2');
+  LN_mdc2WithRSA = AnsiString('mdc2WithRSA');
+  NID_mdc2WithRSA = 96;
+
+  SN_mdc2 = AnsiString('MDC2');
+  LN_mdc2 = AnsiString('mdc2');
+  NID_mdc2 = 95;
+
+  SN_id_ce = AnsiString('id-ce');
+  NID_id_ce = 81;
+
+  SN_subject_directory_attributes = AnsiString('subjectDirectoryAttributes');
+  LN_subject_directory_attributes = AnsiString('X509v3 Subject Directory Attributes');
+  NID_subject_directory_attributes = 769;
+
+  SN_subject_key_identifier = AnsiString('subjectKeyIdentifier');
+  LN_subject_key_identifier = AnsiString('X509v3 Subject Key Identifier');
+  NID_subject_key_identifier = 82;
+
+  SN_key_usage = AnsiString('keyUsage');
+  LN_key_usage = AnsiString('X509v3 Key Usage');
+  NID_key_usage = 83;
+
+  SN_private_key_usage_period = AnsiString('privateKeyUsagePeriod');
+  LN_private_key_usage_period = AnsiString('X509v3 Private Key Usage Period');
+  NID_private_key_usage_period = 84;
+
+  SN_subject_alt_name = AnsiString('subjectAltName');
+  LN_subject_alt_name = AnsiString('X509v3 Subject Alternative Name');
+  NID_subject_alt_name = 85;
+
+  SN_issuer_alt_name = AnsiString('issuerAltName');
+  LN_issuer_alt_name = AnsiString('X509v3 Issuer Alternative Name');
+  NID_issuer_alt_name = 86;
+
+  SN_basic_constraints = AnsiString('basicConstraints');
+  LN_basic_constraints = AnsiString('X509v3 Basic Constraints');
+  NID_basic_constraints = 87;
+
+  SN_crl_number = AnsiString('crlNumber');
+  LN_crl_number = AnsiString('X509v3 CRL Number');
+  NID_crl_number = 88;
+
+  SN_crl_reason = AnsiString('CRLReason');
+  LN_crl_reason = AnsiString('X509v3 CRL Reason Code');
+  NID_crl_reason = 141;
+
+  SN_invalidity_date = AnsiString('invalidityDate');
+  LN_invalidity_date = AnsiString('Invalidity Date');
+  NID_invalidity_date = 142;
+
+  SN_delta_crl = AnsiString('deltaCRL');
+  LN_delta_crl = AnsiString('X509v3 Delta CRL Indicator');
+  NID_delta_crl = 140;
+
+  SN_issuing_distribution_point = AnsiString('issuingDistributionPoint');
+  LN_issuing_distribution_point = AnsiString('X509v3 Issuing Distribution Point');
+  NID_issuing_distribution_point = 770;
+
+  SN_certificate_issuer = AnsiString('certificateIssuer');
+  LN_certificate_issuer = AnsiString('X509v3 Certificate Issuer');
+  NID_certificate_issuer = 771;
+
+  SN_name_constraints = AnsiString('nameConstraints');
+  LN_name_constraints = AnsiString('X509v3 Name Constraints');
+  NID_name_constraints = 666;
+
+  SN_crl_distribution_points = AnsiString('crlDistributionPoints');
+  LN_crl_distribution_points = AnsiString('X509v3 CRL Distribution Points');
+  NID_crl_distribution_points = 103;
+
+  SN_certificate_policies = AnsiString('certificatePolicies');
+  LN_certificate_policies = AnsiString('X509v3 Certificate Policies');
+  NID_certificate_policies = 89;
+
+  SN_any_policy = AnsiString('anyPolicy');
+  LN_any_policy = AnsiString('X509v3 Any Policy');
+  NID_any_policy = 746;
+
+  SN_policy_mappings = AnsiString('policyMappings');
+  LN_policy_mappings = AnsiString('X509v3 Policy Mappings');
+  NID_policy_mappings = 747;
+
+  SN_authority_key_identifier = AnsiString('authorityKeyIdentifier');
+  LN_authority_key_identifier = AnsiString('X509v3 Authority Key Identifier');
+  NID_authority_key_identifier = 90;
+
+  SN_policy_constraints = AnsiString('policyConstraints');
+  LN_policy_constraints = AnsiString('X509v3 Policy Constraints');
+  NID_policy_constraints = 401;
+
+  SN_ext_key_usage = AnsiString('extendedKeyUsage');
+  LN_ext_key_usage = AnsiString('X509v3 Extended Key Usage');
+  NID_ext_key_usage = 126;
+
+  SN_freshest_crl = AnsiString('freshestCRL');
+  LN_freshest_crl = AnsiString('X509v3 Freshest CRL');
+  NID_freshest_crl = 857;
+
+  SN_inhibit_any_policy = AnsiString('inhibitAnyPolicy');
+  LN_inhibit_any_policy = AnsiString('X509v3 Inhibit Any Policy');
+  NID_inhibit_any_policy = 748;
+
+  SN_target_information = AnsiString('targetInformation');
+  LN_target_information = AnsiString('X509v3 AC Targeting');
+  NID_target_information = 402;
+
+  SN_no_rev_avail = AnsiString('noRevAvail');
+  LN_no_rev_avail = AnsiString('X509v3 No Revocation Available');
+  NID_no_rev_avail = 403;
+
+  SN_anyExtendedKeyUsage = AnsiString('anyExtendedKeyUsage');
+  LN_anyExtendedKeyUsage = AnsiString('Any Extended Key Usage');
+  NID_anyExtendedKeyUsage = 910;
+
+  SN_netscape = AnsiString('Netscape');
+  LN_netscape = AnsiString('Netscape Communications Corp.');
+  NID_netscape = 57;
+
+  SN_netscape_cert_extension = AnsiString('nsCertExt');
+  LN_netscape_cert_extension = AnsiString('Netscape Certificate Extension');
+  NID_netscape_cert_extension = 58;
+
+  SN_netscape_data_type = AnsiString('nsDataType');
+  LN_netscape_data_type = AnsiString('Netscape Data Type');
+  NID_netscape_data_type = 59;
+
+  SN_netscape_cert_type = AnsiString('nsCertType');
+  LN_netscape_cert_type = AnsiString('Netscape Cert Type');
+  NID_netscape_cert_type = 71;
+
+  SN_netscape_base_url = AnsiString('nsBaseUrl');
+  LN_netscape_base_url = AnsiString('Netscape Base Url');
+  NID_netscape_base_url = 72;
+
+  SN_netscape_revocation_url = AnsiString('nsRevocationUrl');
+  LN_netscape_revocation_url = AnsiString('Netscape Revocation Url');
+  NID_netscape_revocation_url = 73;
+
+  SN_netscape_ca_revocation_url = AnsiString('nsCaRevocationUrl');
+  LN_netscape_ca_revocation_url = AnsiString('Netscape CA Revocation Url');
+  NID_netscape_ca_revocation_url = 74;
+
+  SN_netscape_renewal_url = AnsiString('nsRenewalUrl');
+  LN_netscape_renewal_url = AnsiString('Netscape Renewal Url');
+  NID_netscape_renewal_url = 75;
+
+  SN_netscape_ca_policy_url = AnsiString('nsCaPolicyUrl');
+  LN_netscape_ca_policy_url = AnsiString('Netscape CA Policy Url');
+  NID_netscape_ca_policy_url = 76;
+
+  SN_netscape_ssl_server_name = AnsiString('nsSslServerName');
+  LN_netscape_ssl_server_name = AnsiString('Netscape Server: SSl Name');
+  NID_netscape_ssl_server_name = 77;
+
+  SN_netscape_comment = AnsiString('nsComment');
+  LN_netscape_comment = AnsiString('Netscape Comment');
+  NID_netscape_comment = 78;
+
+  SN_netscape_cert_sequence = AnsiString('nsCertSequence');
+  LN_netscape_cert_sequence = AnsiString('Netscape Certificate Sequence');
+  NID_netscape_cert_sequence = 79;
+
+  SN_ns_sgc = AnsiString('nsSGC');
+  LN_ns_sgc = AnsiString('Netscape Server Gated Crypto');
+  NID_ns_sgc = 139;
+
+  SN_org = AnsiString('ORG');
+  LN_org = AnsiString('org');
+  NID_org = 379;
+
+  SN_dod = AnsiString('DOD');
+  LN_dod = AnsiString('dod');
+  NID_dod = 380;
+
+  SN_iana = AnsiString('IANA');
+  LN_iana = AnsiString('iana');
+  NID_iana = 381;
+
+  SN_Directory = AnsiString('directory');
+  LN_Directory = AnsiString('Directory');
+  NID_Directory = 382;
+
+  SN_Management = AnsiString('mgmt');
+  LN_Management = AnsiString('Management');
+  NID_Management = 383;
+
+  SN_Experimental = AnsiString('experimental');
+  LN_Experimental = AnsiString('Experimental');
+  NID_Experimental = 384;
+
+  SN_Private = AnsiString('private');
+  LN_Private = AnsiString('Private');
+  NID_Private = 385;
+
+  SN_Security = AnsiString('security');
+  LN_Security = AnsiString('Security');
+  NID_Security = 386;
+
+  SN_SNMPv2 = AnsiString('snmpv2');
+  LN_SNMPv2 = AnsiString('SNMPv2');
+  NID_SNMPv2 = 387;
+
+  LN_Mail = AnsiString('Mail');
+  NID_Mail = 388;
+
+  SN_Enterprises = AnsiString('enterprises');
+  LN_Enterprises = AnsiString('Enterprises');
+  NID_Enterprises = 389;
+
+  SN_dcObject = AnsiString('dcobject');
+  LN_dcObject = AnsiString('dcObject');
+  NID_dcObject = 390;
+
+  SN_mime_mhs = AnsiString('mime-mhs');
+  LN_mime_mhs = AnsiString('MIME MHS');
+  NID_mime_mhs = 504;
+
+  SN_mime_mhs_headings = AnsiString('mime-mhs-headings');
+  LN_mime_mhs_headings = AnsiString('mime-mhs-headings');
+  NID_mime_mhs_headings = 505;
+
+  SN_mime_mhs_bodies = AnsiString('mime-mhs-bodies');
+  LN_mime_mhs_bodies = AnsiString('mime-mhs-bodies');
+  NID_mime_mhs_bodies = 506;
+
+  SN_id_hex_partial_message = AnsiString('id-hex-partial-message');
+  LN_id_hex_partial_message = AnsiString('id-hex-partial-message');
+  NID_id_hex_partial_message = 507;
+
+  SN_id_hex_multipart_message = AnsiString('id-hex-multipart-message');
+  LN_id_hex_multipart_message = AnsiString('id-hex-multipart-message');
+  NID_id_hex_multipart_message = 508;
+
+  SN_zlib_compression = AnsiString('ZLIB');
+  LN_zlib_compression = AnsiString('zlib compression');
+  NID_zlib_compression = 125;
+
+  SN_aes_128_ecb = AnsiString('AES-128-ECB');
+  LN_aes_128_ecb = AnsiString('aes-128-ecb');
+  NID_aes_128_ecb = 418;
+
+  SN_aes_128_cbc = AnsiString('AES-128-CBC');
+  LN_aes_128_cbc = AnsiString('aes-128-cbc');
+  NID_aes_128_cbc = 419;
+
+  SN_aes_128_ofb128 = AnsiString('AES-128-OFB');
+  LN_aes_128_ofb128 = AnsiString('aes-128-ofb');
+  NID_aes_128_ofb128 = 420;
+
+  SN_aes_128_cfb128 = AnsiString('AES-128-CFB');
+  LN_aes_128_cfb128 = AnsiString('aes-128-cfb');
+  NID_aes_128_cfb128 = 421;
+
+  SN_id_aes128_wrap = AnsiString('id-aes128-wrap');
+  NID_id_aes128_wrap = 788;
+
+  SN_aes_128_gcm = AnsiString('id-aes128-GCM');
+  LN_aes_128_gcm = AnsiString('aes-128-gcm');
+  NID_aes_128_gcm = 895;
+
+  SN_aes_128_ccm = AnsiString('id-aes128-CCM');
+  LN_aes_128_ccm = AnsiString('aes-128-ccm');
+  NID_aes_128_ccm = 896;
+
+  SN_id_aes128_wrap_pad = AnsiString('id-aes128-wrap-pad');
+  NID_id_aes128_wrap_pad = 897;
+
+  SN_aes_192_ecb = AnsiString('AES-192-ECB');
+  LN_aes_192_ecb = AnsiString('aes-192-ecb');
+  NID_aes_192_ecb = 422;
+
+  SN_aes_192_cbc = AnsiString('AES-192-CBC');
+  LN_aes_192_cbc = AnsiString('aes-192-cbc');
+  NID_aes_192_cbc = 423;
+
+  SN_aes_192_ofb128 = AnsiString('AES-192-OFB');
+  LN_aes_192_ofb128 = AnsiString('aes-192-ofb');
+  NID_aes_192_ofb128 = 424;
+
+  SN_aes_192_cfb128 = AnsiString('AES-192-CFB');
+  LN_aes_192_cfb128 = AnsiString('aes-192-cfb');
+  NID_aes_192_cfb128 = 425;
+
+  SN_id_aes192_wrap = AnsiString('id-aes192-wrap');
+  NID_id_aes192_wrap = 789;
+
+  SN_aes_192_gcm = AnsiString('id-aes192-GCM');
+  LN_aes_192_gcm = AnsiString('aes-192-gcm');
+  NID_aes_192_gcm = 898;
+
+  SN_aes_192_ccm = AnsiString('id-aes192-CCM');
+  LN_aes_192_ccm = AnsiString('aes-192-ccm');
+  NID_aes_192_ccm = 899;
+
+  SN_id_aes192_wrap_pad = AnsiString('id-aes192-wrap-pad');
+  NID_id_aes192_wrap_pad = 900;
+
+  SN_aes_256_ecb = AnsiString('AES-256-ECB');
+  LN_aes_256_ecb = AnsiString('aes-256-ecb');
+  NID_aes_256_ecb = 426;
+
+  SN_aes_256_cbc = AnsiString('AES-256-CBC');
+  LN_aes_256_cbc = AnsiString('aes-256-cbc');
+  NID_aes_256_cbc = 427;
+
+  SN_aes_256_ofb128 = AnsiString('AES-256-OFB');
+  LN_aes_256_ofb128 = AnsiString('aes-256-ofb');
+  NID_aes_256_ofb128 = 428;
+
+  SN_aes_256_cfb128 = AnsiString('AES-256-CFB');
+  LN_aes_256_cfb128 = AnsiString('aes-256-cfb');
+  NID_aes_256_cfb128 = 429;
+
+  SN_id_aes256_wrap = AnsiString('id-aes256-wrap');
+  NID_id_aes256_wrap = 790;
+
+  SN_aes_256_gcm = AnsiString('id-aes256-GCM');
+  LN_aes_256_gcm = AnsiString('aes-256-gcm');
+  NID_aes_256_gcm = 901;
+
+  SN_aes_256_ccm = AnsiString('id-aes256-CCM');
+  LN_aes_256_ccm = AnsiString('aes-256-ccm');
+  NID_aes_256_ccm = 902;
+
+  SN_id_aes256_wrap_pad = AnsiString('id-aes256-wrap-pad');
+  NID_id_aes256_wrap_pad = 903;
+
+  SN_aes_128_xts = AnsiString('AES-128-XTS');
+  LN_aes_128_xts = AnsiString('aes-128-xts');
+  NID_aes_128_xts = 913;
+
+  SN_aes_256_xts = AnsiString('AES-256-XTS');
+  LN_aes_256_xts = AnsiString('aes-256-xts');
+  NID_aes_256_xts = 914;
+
+  SN_aes_128_cfb1 = AnsiString('AES-128-CFB1');
+  LN_aes_128_cfb1 = AnsiString('aes-128-cfb1');
+  NID_aes_128_cfb1 = 650;
+
+  SN_aes_192_cfb1 = AnsiString('AES-192-CFB1');
+  LN_aes_192_cfb1 = AnsiString('aes-192-cfb1');
+  NID_aes_192_cfb1 = 651;
+
+  SN_aes_256_cfb1 = AnsiString('AES-256-CFB1');
+  LN_aes_256_cfb1 = AnsiString('aes-256-cfb1');
+  NID_aes_256_cfb1 = 652;
+
+  SN_aes_128_cfb8 = AnsiString('AES-128-CFB8');
+  LN_aes_128_cfb8 = AnsiString('aes-128-cfb8');
+  NID_aes_128_cfb8 = 653;
+
+  SN_aes_192_cfb8 = AnsiString('AES-192-CFB8');
+  LN_aes_192_cfb8 = AnsiString('aes-192-cfb8');
+  NID_aes_192_cfb8 = 654;
+
+  SN_aes_256_cfb8 = AnsiString('AES-256-CFB8');
+  LN_aes_256_cfb8 = AnsiString('aes-256-cfb8');
+  NID_aes_256_cfb8 = 655;
+
+  SN_aes_128_ctr = AnsiString('AES-128-CTR');
+  LN_aes_128_ctr = AnsiString('aes-128-ctr');
+  NID_aes_128_ctr = 904;
+
+  SN_aes_192_ctr = AnsiString('AES-192-CTR');
+  LN_aes_192_ctr = AnsiString('aes-192-ctr');
+  NID_aes_192_ctr = 905;
+
+  SN_aes_256_ctr = AnsiString('AES-256-CTR');
+  LN_aes_256_ctr = AnsiString('aes-256-ctr');
+  NID_aes_256_ctr = 906;
+
+  SN_aes_128_ocb = AnsiString('AES-128-OCB');
+  LN_aes_128_ocb = AnsiString('aes-128-ocb');
+  NID_aes_128_ocb = 958;
+
+  SN_aes_192_ocb = AnsiString('AES-192-OCB');
+  LN_aes_192_ocb = AnsiString('aes-192-ocb');
+  NID_aes_192_ocb = 959;
+
+  SN_aes_256_ocb = AnsiString('AES-256-OCB');
+  LN_aes_256_ocb = AnsiString('aes-256-ocb');
+  NID_aes_256_ocb = 960;
+
+  SN_des_cfb1 = AnsiString('DES-CFB1');
+  LN_des_cfb1 = AnsiString('des-cfb1');
+  NID_des_cfb1 = 656;
+
+  SN_des_cfb8 = AnsiString('DES-CFB8');
+  LN_des_cfb8 = AnsiString('des-cfb8');
+  NID_des_cfb8 = 657;
+
+  SN_des_ede3_cfb1 = AnsiString('DES-EDE3-CFB1');
+  LN_des_ede3_cfb1 = AnsiString('des-ede3-cfb1');
+  NID_des_ede3_cfb1 = 658;
+
+  SN_des_ede3_cfb8 = AnsiString('DES-EDE3-CFB8');
+  LN_des_ede3_cfb8 = AnsiString('des-ede3-cfb8');
+  NID_des_ede3_cfb8 = 659;
+
+  SN_sha256 = AnsiString('SHA256');
+  LN_sha256 = AnsiString('sha256');
+  NID_sha256 = 672;
+
+  SN_sha384 = AnsiString('SHA384');
+  LN_sha384 = AnsiString('sha384');
+  NID_sha384 = 673;
+
+  SN_sha512 = AnsiString('SHA512');
+  LN_sha512 = AnsiString('sha512');
+  NID_sha512 = 674;
+
+  SN_sha224 = AnsiString('SHA224');
+  LN_sha224 = AnsiString('sha224');
+  NID_sha224 = 675;
+
+  SN_sha512_224 = AnsiString('SHA512-224');
+  LN_sha512_224 = AnsiString('sha512-224');
+  NID_sha512_224 = 1094;
+
+  SN_sha512_256 = AnsiString('SHA512-256');
+  LN_sha512_256 = AnsiString('sha512-256');
+  NID_sha512_256 = 1095;
+
+  SN_sha3_224 = AnsiString('SHA3-224');
+  LN_sha3_224 = AnsiString('sha3-224');
+  NID_sha3_224 = 1096;
+
+  SN_sha3_256 = AnsiString('SHA3-256');
+  LN_sha3_256 = AnsiString('sha3-256');
+  NID_sha3_256 = 1097;
+
+  SN_sha3_384 = AnsiString('SHA3-384');
+  LN_sha3_384 = AnsiString('sha3-384');
+  NID_sha3_384 = 1098;
+
+  SN_sha3_512 = AnsiString('SHA3-512');
+  LN_sha3_512 = AnsiString('sha3-512');
+  NID_sha3_512 = 1099;
+
+  SN_shake128 = AnsiString('SHAKE128');
+  LN_shake128 = AnsiString('shake128');
+  NID_shake128 = 1100;
+
+  SN_shake256 = AnsiString('SHAKE256');
+  LN_shake256 = AnsiString('shake256');
+  NID_shake256 = 1101;
+
+  SN_hmac_sha3_224 = AnsiString('id-hmacWithSHA3-224');
+  LN_hmac_sha3_224 = AnsiString('hmac-sha3-224');
+  NID_hmac_sha3_224 = 1102;
+
+  SN_hmac_sha3_256 = AnsiString('id-hmacWithSHA3-256');
+  LN_hmac_sha3_256 = AnsiString('hmac-sha3-256');
+  NID_hmac_sha3_256 = 1103;
+
+  SN_hmac_sha3_384 = AnsiString('id-hmacWithSHA3-384');
+  LN_hmac_sha3_384 = AnsiString('hmac-sha3-384');
+  NID_hmac_sha3_384 = 1104;
+
+  SN_hmac_sha3_512 = AnsiString('id-hmacWithSHA3-512');
+  LN_hmac_sha3_512 = AnsiString('hmac-sha3-512');
+  NID_hmac_sha3_512 = 1105;
+
+  SN_dsa_with_SHA224 = AnsiString('dsa_with_SHA224');
+  NID_dsa_with_SHA224 = 802;
+
+  SN_dsa_with_SHA256 = AnsiString('dsa_with_SHA256');
+  NID_dsa_with_SHA256 = 803;
+
+  SN_dsa_with_SHA384 = AnsiString('id-dsa-with-sha384');
+  LN_dsa_with_SHA384 = AnsiString('dsa_with_SHA384');
+  NID_dsa_with_SHA384 = 1106;
+
+  SN_dsa_with_SHA512 = AnsiString('id-dsa-with-sha512');
+  LN_dsa_with_SHA512 = AnsiString('dsa_with_SHA512');
+  NID_dsa_with_SHA512 = 1107;
+
+  SN_dsa_with_SHA3_224 = AnsiString('id-dsa-with-sha3-224');
+  LN_dsa_with_SHA3_224 = AnsiString('dsa_with_SHA3-224');
+  NID_dsa_with_SHA3_224 = 1108;
+
+  SN_dsa_with_SHA3_256 = AnsiString('id-dsa-with-sha3-256');
+  LN_dsa_with_SHA3_256 = AnsiString('dsa_with_SHA3-256');
+  NID_dsa_with_SHA3_256 = 1109;
+
+  SN_dsa_with_SHA3_384 = AnsiString('id-dsa-with-sha3-384');
+  LN_dsa_with_SHA3_384 = AnsiString('dsa_with_SHA3-384');
+  NID_dsa_with_SHA3_384 = 1110;
+
+  SN_dsa_with_SHA3_512 = AnsiString('id-dsa-with-sha3-512');
+  LN_dsa_with_SHA3_512 = AnsiString('dsa_with_SHA3-512');
+  NID_dsa_with_SHA3_512 = 1111;
+
+  SN_ecdsa_with_SHA3_224 = AnsiString('id-ecdsa-with-sha3-224');
+  LN_ecdsa_with_SHA3_224 = AnsiString('ecdsa_with_SHA3-224');
+  NID_ecdsa_with_SHA3_224 = 1112;
+
+  SN_ecdsa_with_SHA3_256 = AnsiString('id-ecdsa-with-sha3-256');
+  LN_ecdsa_with_SHA3_256 = AnsiString('ecdsa_with_SHA3-256');
+  NID_ecdsa_with_SHA3_256 = 1113;
+
+  SN_ecdsa_with_SHA3_384 = AnsiString('id-ecdsa-with-sha3-384');
+  LN_ecdsa_with_SHA3_384 = AnsiString('ecdsa_with_SHA3-384');
+  NID_ecdsa_with_SHA3_384 = 1114;
+
+  SN_ecdsa_with_SHA3_512 = AnsiString('id-ecdsa-with-sha3-512');
+  LN_ecdsa_with_SHA3_512 = AnsiString('ecdsa_with_SHA3-512');
+  NID_ecdsa_with_SHA3_512 = 1115;
+
+  SN_RSA_SHA3_224 = AnsiString('id-rsassa-pkcs1-v1_5-with-sha3-224');
+  LN_RSA_SHA3_224 = AnsiString('RSA-SHA3-224');
+  NID_RSA_SHA3_224 = 1116;
+
+  SN_RSA_SHA3_256 = AnsiString('id-rsassa-pkcs1-v1_5-with-sha3-256');
+  LN_RSA_SHA3_256 = AnsiString('RSA-SHA3-256');
+  NID_RSA_SHA3_256 = 1117;
+
+  SN_RSA_SHA3_384 = AnsiString('id-rsassa-pkcs1-v1_5-with-sha3-384');
+  LN_RSA_SHA3_384 = AnsiString('RSA-SHA3-384');
+  NID_RSA_SHA3_384 = 1118;
+
+  SN_RSA_SHA3_512 = AnsiString('id-rsassa-pkcs1-v1_5-with-sha3-512');
+  LN_RSA_SHA3_512 = AnsiString('RSA-SHA3-512');
+  NID_RSA_SHA3_512 = 1119;
+
+  SN_hold_instruction_code = AnsiString('holdInstructionCode');
+  LN_hold_instruction_code = AnsiString('Hold Instruction Code');
+  NID_hold_instruction_code = 430;
+
+  SN_hold_instruction_none = AnsiString('holdInstructionNone');
+  LN_hold_instruction_none = AnsiString('Hold Instruction None');
+  NID_hold_instruction_none = 431;
+
+  SN_hold_instruction_call_issuer = AnsiString('holdInstructionCallIssuer');
+  LN_hold_instruction_call_issuer = AnsiString('Hold Instruction Call Issuer');
+  NID_hold_instruction_call_issuer = 432;
+
+  SN_hold_instruction_reject = AnsiString('holdInstructionReject');
+  LN_hold_instruction_reject = AnsiString('Hold Instruction Reject');
+  NID_hold_instruction_reject = 433;
+
+  SN_data = AnsiString('data');
+  NID_data = 434;
+
+  SN_pss = AnsiString('pss');
+  NID_pss = 435;
+
+  SN_ucl = AnsiString('ucl');
+  NID_ucl = 436;
+
+  SN_pilot = AnsiString('pilot');
+  NID_pilot = 437;
+
+  LN_pilotAttributeType = AnsiString('pilotAttributeType');
+  NID_pilotAttributeType = 438;
+
+  LN_pilotAttributeSyntax = AnsiString('pilotAttributeSyntax');
+  NID_pilotAttributeSyntax = 439;
+
+  LN_pilotObjectClass = AnsiString('pilotObjectClass');
+  NID_pilotObjectClass = 440;
+
+  LN_pilotGroups = AnsiString('pilotGroups');
+  NID_pilotGroups = 441;
+
+  LN_iA5StringSyntax = AnsiString('iA5StringSyntax');
+  NID_iA5StringSyntax = 442;
+
+  LN_caseIgnoreIA5StringSyntax = AnsiString('caseIgnoreIA5StringSyntax');
+  NID_caseIgnoreIA5StringSyntax = 443;
+
+  LN_pilotObject = AnsiString('pilotObject');
+  NID_pilotObject = 444;
+
+  LN_pilotPerson = AnsiString('pilotPerson');
+  NID_pilotPerson = 445;
+
+  SN_account = AnsiString('account');
+  NID_account = 446;
+
+  SN_document = AnsiString('document');
+  NID_document = 447;
+
+  SN_room = AnsiString('room');
+  NID_room = 448;
+
+  LN_documentSeries = AnsiString('documentSeries');
+  NID_documentSeries = 449;
+
+  SN_Domain = AnsiString('domain');
+  LN_Domain = AnsiString('Domain');
+  NID_Domain = 392;
+
+  LN_rFC822localPart = AnsiString('rFC822localPart');
+  NID_rFC822localPart = 450;
+
+  LN_dNSDomain = AnsiString('dNSDomain');
+  NID_dNSDomain = 451;
+
+  LN_domainRelatedObject = AnsiString('domainRelatedObject');
+  NID_domainRelatedObject = 452;
+
+  LN_friendlyCountry = AnsiString('friendlyCountry');
+  NID_friendlyCountry = 453;
+
+  LN_simpleSecurityObject = AnsiString('simpleSecurityObject');
+  NID_simpleSecurityObject = 454;
+
+  LN_pilotOrganization = AnsiString('pilotOrganization');
+  NID_pilotOrganization = 455;
+
+  LN_pilotDSA = AnsiString('pilotDSA');
+  NID_pilotDSA = 456;
+
+  LN_qualityLabelledData = AnsiString('qualityLabelledData');
+  NID_qualityLabelledData = 457;
+
+  SN_userId = AnsiString('UID');
+  LN_userId = AnsiString('userId');
+  NID_userId = 458;
+
+  LN_textEncodedORAddress = AnsiString('textEncodedORAddress');
+  NID_textEncodedORAddress = 459;
+
+  SN_rfc822Mailbox = AnsiString('mail');
+  LN_rfc822Mailbox = AnsiString('rfc822Mailbox');
+  NID_rfc822Mailbox = 460;
+
+  SN_info = AnsiString('info');
+  NID_info = 461;
+
+  LN_favouriteDrink = AnsiString('favouriteDrink');
+  NID_favouriteDrink = 462;
+
+  LN_roomNumber = AnsiString('roomNumber');
+  NID_roomNumber = 463;
+
+  SN_photo = AnsiString('photo');
+  NID_photo = 464;
+
+  LN_userClass = AnsiString('userClass');
+  NID_userClass = 465;
+
+  SN_host = AnsiString('host');
+  NID_host = 466;
+
+  SN_manager = AnsiString('manager');
+  NID_manager = 467;
+
+  LN_documentIdentifier = AnsiString('documentIdentifier');
+  NID_documentIdentifier = 468;
+
+  LN_documentTitle = AnsiString('documentTitle');
+  NID_documentTitle = 469;
+
+  LN_documentVersion = AnsiString('documentVersion');
+  NID_documentVersion = 470;
+
+  LN_documentAuthor = AnsiString('documentAuthor');
+  NID_documentAuthor = 471;
+
+  LN_documentLocation = AnsiString('documentLocation');
+  NID_documentLocation = 472;
+
+  LN_homeTelephoneNumber = AnsiString('homeTelephoneNumber');
+  NID_homeTelephoneNumber = 473;
+
+  SN_secretary = AnsiString('secretary');
+  NID_secretary = 474;
+
+  LN_otherMailbox = AnsiString('otherMailbox');
+  NID_otherMailbox = 475;
+
+  LN_lastModifiedTime = AnsiString('lastModifiedTime');
+  NID_lastModifiedTime = 476;
+
+  LN_lastModifiedBy = AnsiString('lastModifiedBy');
+  NID_lastModifiedBy = 477;
+
+  SN_domainComponent = AnsiString('DC');
+  LN_domainComponent = AnsiString('domainComponent');
+  NID_domainComponent = 391;
+
+  LN_aRecord = AnsiString('aRecord');
+  NID_aRecord = 478;
+
+  LN_pilotAttributeType27 = AnsiString('pilotAttributeType27');
+  NID_pilotAttributeType27 = 479;
+
+  LN_mXRecord = AnsiString('mXRecord');
+  NID_mXRecord = 480;
+
+  LN_nSRecord = AnsiString('nSRecord');
+  NID_nSRecord = 481;
+
+  LN_sOARecord = AnsiString('sOARecord');
+  NID_sOARecord = 482;
+
+  LN_cNAMERecord = AnsiString('cNAMERecord');
+  NID_cNAMERecord = 483;
+
+  LN_associatedDomain = AnsiString('associatedDomain');
+  NID_associatedDomain = 484;
+
+  LN_associatedName = AnsiString('associatedName');
+  NID_associatedName = 485;
+
+  LN_homePostalAddress = AnsiString('homePostalAddress');
+  NID_homePostalAddress = 486;
+
+  LN_personalTitle = AnsiString('personalTitle');
+  NID_personalTitle = 487;
+
+  LN_mobileTelephoneNumber = AnsiString('mobileTelephoneNumber');
+  NID_mobileTelephoneNumber = 488;
+
+  LN_pagerTelephoneNumber = AnsiString('pagerTelephoneNumber');
+  NID_pagerTelephoneNumber = 489;
+
+  LN_friendlyCountryName = AnsiString('friendlyCountryName');
+  NID_friendlyCountryName = 490;
+
+  SN_uniqueIdentifier = AnsiString('uid');
+  LN_uniqueIdentifier = AnsiString('uniqueIdentifier');
+  NID_uniqueIdentifier = 102;
+
+  LN_organizationalStatus = AnsiString('organizationalStatus');
+  NID_organizationalStatus = 491;
+
+  LN_janetMailbox = AnsiString('janetMailbox');
+  NID_janetMailbox = 492;
+  LN_mailPreferenceOption = AnsiString('mailPreferenceOption');
+  NID_mailPreferenceOption = 493;
+
+  LN_buildingName = AnsiString('buildingName');
+  NID_buildingName = 494;
+
+  LN_dSAQuality = AnsiString('dSAQuality');
+  NID_dSAQuality = 495;
+
+  LN_singleLevelQuality = AnsiString('singleLevelQuality');
+  NID_singleLevelQuality = 496;
+
+  LN_subtreeMinimumQuality = AnsiString('subtreeMinimumQuality');
+  NID_subtreeMinimumQuality = 497;
+
+  LN_subtreeMaximumQuality = AnsiString('subtreeMaximumQuality');
+  NID_subtreeMaximumQuality = 498;
+
+  LN_personalSignature = AnsiString('personalSignature');
+  NID_personalSignature = 499;
+
+  LN_dITRedirect = AnsiString('dITRedirect');
+  NID_dITRedirect = 500;
+
+  SN_audio = AnsiString('audio');
+  NID_audio = 501;
+
+  LN_documentPublisher = AnsiString('documentPublisher');
+  NID_documentPublisher = 502;
+
+  SN_id_set = AnsiString('id-set');
+  LN_id_set = AnsiString('Secure Electronic Transactions');
+  NID_id_set = 512;
+
+  SN_set_ctype = AnsiString('set-ctype');
+  LN_set_ctype = AnsiString('content types');
+  NID_set_ctype = 513;
+
+  SN_set_msgExt = AnsiString('set-msgExt');
+  LN_set_msgExt = AnsiString('message extensions');
+  NID_set_msgExt = 514;
+
+  SN_set_attr = AnsiString('set-attr');
+  NID_set_attr = 515;
+
+  SN_set_policy = AnsiString('set-policy');
+  NID_set_policy = 516;
+
+  SN_set_certExt = AnsiString('set-certExt');
+  LN_set_certExt = AnsiString('certificate extensions');
+  NID_set_certExt = 517;
+
+  SN_set_brand = AnsiString('set-brand');
+  NID_set_brand = 518;
+
+  SN_setct_PANData = AnsiString('setct-PANData');
+  NID_setct_PANData = 519;
+
+  SN_setct_PANToken = AnsiString('setct-PANToken');
+  NID_setct_PANToken = 520;
+
+  SN_setct_PANOnly = AnsiString('setct-PANOnly');
+  NID_setct_PANOnly = 521;
+
+  SN_setct_OIData = AnsiString('setct-OIData');
+  NID_setct_OIData = 522;
+
+  SN_setct_PI = AnsiString('setct-PI');
+  NID_setct_PI = 523;
+
+  SN_setct_PIData = AnsiString('setct-PIData');
+  NID_setct_PIData = 524;
+
+  SN_setct_PIDataUnsigned = AnsiString('setct-PIDataUnsigned');
+  NID_setct_PIDataUnsigned = 525;
+
+  SN_setct_HODInput = AnsiString('setct-HODInput');
+  NID_setct_HODInput = 526;
+
+  SN_setct_AuthResBaggage = AnsiString('setct-AuthResBaggage');
+  NID_setct_AuthResBaggage = 527;
+
+  SN_setct_AuthRevReqBaggage = AnsiString('setct-AuthRevReqBaggage');
+  NID_setct_AuthRevReqBaggage = 528;
+
+  SN_setct_AuthRevResBaggage = AnsiString('setct-AuthRevResBaggage');
+  NID_setct_AuthRevResBaggage = 529;
+
+  SN_setct_CapTokenSeq = AnsiString('setct-CapTokenSeq');
+  NID_setct_CapTokenSeq = 530;
+
+  SN_setct_PInitResData = AnsiString('setct-PInitResData');
+  NID_setct_PInitResData = 531;
+
+  SN_setct_PI_TBS = AnsiString('setct-PI-TBS');
+  NID_setct_PI_TBS = 532;
+
+  SN_setct_PResData = AnsiString('setct-PResData');
+  NID_setct_PResData = 533;
+
+  SN_setct_AuthReqTBS = AnsiString('setct-AuthReqTBS');
+  NID_setct_AuthReqTBS = 534;
+
+  SN_setct_AuthResTBS = AnsiString('setct-AuthResTBS');
+  NID_setct_AuthResTBS = 535;
+
+  SN_setct_AuthResTBSX = AnsiString('setct-AuthResTBSX');
+  NID_setct_AuthResTBSX = 536;
+
+  SN_setct_AuthTokenTBS = AnsiString('setct-AuthTokenTBS');
+  NID_setct_AuthTokenTBS = 537;
+
+  SN_setct_CapTokenData = AnsiString('setct-CapTokenData');
+  NID_setct_CapTokenData = 538;
+
+  SN_setct_CapTokenTBS = AnsiString('setct-CapTokenTBS');
+  NID_setct_CapTokenTBS = 539;
+
+  SN_setct_AcqCardCodeMsg = AnsiString('setct-AcqCardCodeMsg');
+  NID_setct_AcqCardCodeMsg = 540;
+
+  SN_setct_AuthRevReqTBS = AnsiString('setct-AuthRevReqTBS');
+  NID_setct_AuthRevReqTBS = 541;
+
+  SN_setct_AuthRevResData = AnsiString('setct-AuthRevResData');
+  NID_setct_AuthRevResData = 542;
+
+  SN_setct_AuthRevResTBS = AnsiString('setct-AuthRevResTBS');
+  NID_setct_AuthRevResTBS = 543;
+
+  SN_setct_CapReqTBS = AnsiString('setct-CapReqTBS');
+  NID_setct_CapReqTBS = 544;
+
+  SN_setct_CapReqTBSX = AnsiString('setct-CapReqTBSX');
+  NID_setct_CapReqTBSX = 545;
+
+  SN_setct_CapResData = AnsiString('setct-CapResData');
+  NID_setct_CapResData = 546;
+
+  SN_setct_CapRevReqTBS = AnsiString('setct-CapRevReqTBS');
+  NID_setct_CapRevReqTBS = 547;
+
+  SN_setct_CapRevReqTBSX = AnsiString('setct-CapRevReqTBSX');
+  NID_setct_CapRevReqTBSX = 548;
+
+  SN_setct_CapRevResData = AnsiString('setct-CapRevResData');
+  NID_setct_CapRevResData = 549;
+
+  SN_setct_CredReqTBS = AnsiString('setct-CredReqTBS');
+  NID_setct_CredReqTBS = 550;
+
+  SN_setct_CredReqTBSX = AnsiString('setct-CredReqTBSX');
+  NID_setct_CredReqTBSX = 551;
+
+  SN_setct_CredResData = AnsiString('setct-CredResData');
+  NID_setct_CredResData = 552;
+
+  SN_setct_CredRevReqTBS = AnsiString('setct-CredRevReqTBS');
+  NID_setct_CredRevReqTBS = 553;
+
+  SN_setct_CredRevReqTBSX = AnsiString('setct-CredRevReqTBSX');
+  NID_setct_CredRevReqTBSX = 554;
+
+  SN_setct_CredRevResData = AnsiString('setct-CredRevResData');
+  NID_setct_CredRevResData = 555;
+
+  SN_setct_PCertReqData = AnsiString('setct-PCertReqData');
+  NID_setct_PCertReqData = 556;
+
+  SN_setct_PCertResTBS = AnsiString('setct-PCertResTBS');
+  NID_setct_PCertResTBS = 557;
+
+  SN_setct_BatchAdminReqData = AnsiString('setct-BatchAdminReqData');
+  NID_setct_BatchAdminReqData = 558;
+
+  SN_setct_BatchAdminResData = AnsiString('setct-BatchAdminResData');
+  NID_setct_BatchAdminResData = 559;
+
+  SN_setct_CardCInitResTBS = AnsiString('setct-CardCInitResTBS');
+  NID_setct_CardCInitResTBS = 560;
+
+  SN_setct_MeAqCInitResTBS = AnsiString('setct-MeAqCInitResTBS');
+  NID_setct_MeAqCInitResTBS = 561;
+
+  SN_setct_RegFormResTBS = AnsiString('setct-RegFormResTBS');
+  NID_setct_RegFormResTBS = 562;
+
+  SN_setct_CertReqData = AnsiString('setct-CertReqData');
+  NID_setct_CertReqData = 563;
+
+  SN_setct_CertReqTBS = AnsiString('setct-CertReqTBS');
+  NID_setct_CertReqTBS = 564;
+
+  SN_setct_CertResData = AnsiString('setct-CertResData');
+  NID_setct_CertResData = 565;
+
+  SN_setct_CertInqReqTBS = AnsiString('setct-CertInqReqTBS');
+  NID_setct_CertInqReqTBS = 566;
+
+  SN_setct_ErrorTBS = AnsiString('setct-ErrorTBS');
+  NID_setct_ErrorTBS = 567;
+
+  SN_setct_PIDualSignedTBE = AnsiString('setct-PIDualSignedTBE');
+  NID_setct_PIDualSignedTBE = 568;
+
+  SN_setct_PIUnsignedTBE = AnsiString('setct-PIUnsignedTBE');
+  NID_setct_PIUnsignedTBE = 569;
+
+  SN_setct_AuthReqTBE = AnsiString('setct-AuthReqTBE');
+  NID_setct_AuthReqTBE = 570;
+
+  SN_setct_AuthResTBE = AnsiString('setct-AuthResTBE');
+  NID_setct_AuthResTBE = 571;
+
+  SN_setct_AuthResTBEX = AnsiString('setct-AuthResTBEX');
+  NID_setct_AuthResTBEX = 572;
+
+  SN_setct_AuthTokenTBE = AnsiString('setct-AuthTokenTBE');
+  NID_setct_AuthTokenTBE = 573;
+
+  SN_setct_CapTokenTBE = AnsiString('setct-CapTokenTBE');
+  NID_setct_CapTokenTBE = 574;
+
+  SN_setct_CapTokenTBEX = AnsiString('setct-CapTokenTBEX');
+  NID_setct_CapTokenTBEX = 575;
+
+  SN_setct_AcqCardCodeMsgTBE = AnsiString('setct-AcqCardCodeMsgTBE');
+  NID_setct_AcqCardCodeMsgTBE = 576;
+
+  SN_setct_AuthRevReqTBE = AnsiString('setct-AuthRevReqTBE');
+  NID_setct_AuthRevReqTBE = 577;
+
+  SN_setct_AuthRevResTBE = AnsiString('setct-AuthRevResTBE');
+  NID_setct_AuthRevResTBE = 578;
+
+  SN_setct_AuthRevResTBEB = AnsiString('setct-AuthRevResTBEB');
+  NID_setct_AuthRevResTBEB = 579;
+
+  SN_setct_CapReqTBE = AnsiString('setct-CapReqTBE');
+  NID_setct_CapReqTBE = 580;
+
+  SN_setct_CapReqTBEX = AnsiString('setct-CapReqTBEX');
+  NID_setct_CapReqTBEX = 581;
+
+  SN_setct_CapResTBE = AnsiString('setct-CapResTBE');
+  NID_setct_CapResTBE = 582;
+
+  SN_setct_CapRevReqTBE = AnsiString('setct-CapRevReqTBE');
+  NID_setct_CapRevReqTBE = 583;
+
+  SN_setct_CapRevReqTBEX = AnsiString('setct-CapRevReqTBEX');
+  NID_setct_CapRevReqTBEX = 584;
+
+  SN_setct_CapRevResTBE = AnsiString('setct-CapRevResTBE');
+  NID_setct_CapRevResTBE = 585;
+
+  SN_setct_CredReqTBE = AnsiString('setct-CredReqTBE');
+  NID_setct_CredReqTBE = 586;
+
+  SN_setct_CredReqTBEX = AnsiString('setct-CredReqTBEX');
+  NID_setct_CredReqTBEX = 587;
+
+  SN_setct_CredResTBE = AnsiString('setct-CredResTBE');
+  NID_setct_CredResTBE = 588;
+
+  SN_setct_CredRevReqTBE = AnsiString('setct-CredRevReqTBE');
+  NID_setct_CredRevReqTBE = 589;
+
+  SN_setct_CredRevReqTBEX = AnsiString('setct-CredRevReqTBEX');
+  NID_setct_CredRevReqTBEX = 590;
+
+  SN_setct_CredRevResTBE = AnsiString('setct-CredRevResTBE');
+  NID_setct_CredRevResTBE = 591;
+
+  SN_setct_BatchAdminReqTBE = AnsiString('setct-BatchAdminReqTBE');
+  NID_setct_BatchAdminReqTBE = 592;
+
+  SN_setct_BatchAdminResTBE = AnsiString('setct-BatchAdminResTBE');
+  NID_setct_BatchAdminResTBE = 593;
+
+  SN_setct_RegFormReqTBE = AnsiString('setct-RegFormReqTBE');
+  NID_setct_RegFormReqTBE = 594;
+
+  SN_setct_CertReqTBE = AnsiString('setct-CertReqTBE');
+  NID_setct_CertReqTBE = 595;
+
+  SN_setct_CertReqTBEX = AnsiString('setct-CertReqTBEX');
+  NID_setct_CertReqTBEX = 596;
+
+  SN_setct_CertResTBE = AnsiString('setct-CertResTBE');
+  NID_setct_CertResTBE = 597;
+
+  SN_setct_CRLNotificationTBS = AnsiString('setct-CRLNotificationTBS');
+  NID_setct_CRLNotificationTBS = 598;
+
+  SN_setct_CRLNotificationResTBS = AnsiString('setct-CRLNotificationResTBS');
+  NID_setct_CRLNotificationResTBS = 599;
+
+  SN_setct_BCIDistributionTBS = AnsiString('setct-BCIDistributionTBS');
+  NID_setct_BCIDistributionTBS = 600;
+
+  SN_setext_genCrypt = AnsiString('setext-genCrypt');
+  LN_setext_genCrypt = AnsiString('generic cryptogram');
+  NID_setext_genCrypt = 601;
+
+  SN_setext_miAuth = AnsiString('setext-miAuth');
+  LN_setext_miAuth = AnsiString('merchant initiated auth');
+  NID_setext_miAuth = 602;
+
+  SN_setext_pinSecure = AnsiString('setext-pinSecure');
+  NID_setext_pinSecure = 603;
+
+  SN_setext_pinAny = AnsiString('setext-pinAny');
+  NID_setext_pinAny = 604;
+
+  SN_setext_track2 = AnsiString('setext-track2');
+  NID_setext_track2 = 605;
+
+  SN_setext_cv = AnsiString('setext-cv');
+  LN_setext_cv = AnsiString('additional verification');
+  NID_setext_cv = 606;
+
+  SN_set_policy_root = AnsiString('set-policy-root');
+  NID_set_policy_root = 607;
+
+  SN_setCext_hashedRoot = AnsiString('setCext-hashedRoot');
+  NID_setCext_hashedRoot = 608;
+
+  SN_setCext_certType = AnsiString('setCext-certType');
+  NID_setCext_certType = 609;
+
+  SN_setCext_merchData = AnsiString('setCext-merchData');
+  NID_setCext_merchData = 610;
+
+  SN_setCext_cCertRequired = AnsiString('setCext-cCertRequired');
+  NID_setCext_cCertRequired = 611;
+
+  SN_setCext_tunneling = AnsiString('setCext-tunneling');
+  NID_setCext_tunneling = 612;
+
+  SN_setCext_setExt = AnsiString('setCext-setExt');
+  NID_setCext_setExt = 613;
+
+  SN_setCext_setQualf = AnsiString('setCext-setQualf');
+  NID_setCext_setQualf = 614;
+
+  SN_setCext_PGWYcapabilities = AnsiString('setCext-PGWYcapabilities');
+  NID_setCext_PGWYcapabilities = 615;
+
+  SN_setCext_TokenIdentifier = AnsiString('setCext-TokenIdentifier');
+  NID_setCext_TokenIdentifier = 616;
+
+  SN_setCext_Track2Data = AnsiString('setCext-Track2Data');
+  NID_setCext_Track2Data = 617;
+
+  SN_setCext_TokenType = AnsiString('setCext-TokenType');
+  NID_setCext_TokenType = 618;
+
+  SN_setCext_IssuerCapabilities = AnsiString('setCext-IssuerCapabilities');
+  NID_setCext_IssuerCapabilities = 619;
+
+  SN_setAttr_Cert = AnsiString('setAttr-Cert');
+  NID_setAttr_Cert = 620;
+
+  SN_setAttr_PGWYcap = AnsiString('setAttr-PGWYcap');
+  LN_setAttr_PGWYcap = AnsiString('payment gateway capabilities');
+  NID_setAttr_PGWYcap = 621;
+
+  SN_setAttr_TokenType = AnsiString('setAttr-TokenType');
+  NID_setAttr_TokenType = 622;
+
+  SN_setAttr_IssCap = AnsiString('setAttr-IssCap');
+  LN_setAttr_IssCap = AnsiString('issuer capabilities');
+  NID_setAttr_IssCap = 623;
+
+  SN_set_rootKeyThumb = AnsiString('set-rootKeyThumb');
+  NID_set_rootKeyThumb = 624;
+
+  SN_set_addPolicy = AnsiString('set-addPolicy');
+  NID_set_addPolicy = 625;
+
+  SN_setAttr_Token_EMV = AnsiString('setAttr-Token-EMV');
+  NID_setAttr_Token_EMV = 626;
+
+  SN_setAttr_Token_B0Prime = AnsiString('setAttr-Token-B0Prime');
+  NID_setAttr_Token_B0Prime = 627;
+
+  SN_setAttr_IssCap_CVM = AnsiString('setAttr-IssCap-CVM');
+  NID_setAttr_IssCap_CVM = 628;
+
+  SN_setAttr_IssCap_T2 = AnsiString('setAttr-IssCap-T2');
+  NID_setAttr_IssCap_T2 = 629;
+
+  SN_setAttr_IssCap_Sig = AnsiString('setAttr-IssCap-Sig');
+  NID_setAttr_IssCap_Sig = 630;
+
+  SN_setAttr_GenCryptgrm = AnsiString('setAttr-GenCryptgrm');
+  LN_setAttr_GenCryptgrm = AnsiString('generate cryptogram');
+  NID_setAttr_GenCryptgrm = 631;
+
+  SN_setAttr_T2Enc = AnsiString('setAttr-T2Enc');
+  LN_setAttr_T2Enc = AnsiString('encrypted track 2');
+  NID_setAttr_T2Enc = 632;
+
+  SN_setAttr_T2cleartxt = AnsiString('setAttr-T2cleartxt');
+  LN_setAttr_T2cleartxt = AnsiString('cleartext track 2');
+  NID_setAttr_T2cleartxt = 633;
+
+  SN_setAttr_TokICCsig = AnsiString('setAttr-TokICCsig');
+  LN_setAttr_TokICCsig = AnsiString('ICC or token signature');
+  NID_setAttr_TokICCsig = 634;
+
+  SN_setAttr_SecDevSig = AnsiString('setAttr-SecDevSig');
+  LN_setAttr_SecDevSig = AnsiString('secure device signature');
+  NID_setAttr_SecDevSig = 635;
+
+  SN_set_brand_IATA_ATA = AnsiString('set-brand-IATA-ATA');
+  NID_set_brand_IATA_ATA = 636;
+
+  SN_set_brand_Diners = AnsiString('set-brand-Diners');
+  NID_set_brand_Diners = 637;
+
+  SN_set_brand_AmericanExpress = AnsiString('set-brand-AmericanExpress');
+  NID_set_brand_AmericanExpress = 638;
+
+  SN_set_brand_JCB = AnsiString('set-brand-JCB');
+  NID_set_brand_JCB = 639;
+
+  SN_set_brand_Visa = AnsiString('set-brand-Visa');
+  NID_set_brand_Visa = 640;
+
+  SN_set_brand_MasterCard = AnsiString('set-brand-MasterCard');
+  NID_set_brand_MasterCard = 641;
+
+  SN_set_brand_Novus = AnsiString('set-brand-Novus');
+  NID_set_brand_Novus = 642;
+
+  SN_des_cdmf = AnsiString('DES-CDMF');
+  LN_des_cdmf = AnsiString('des-cdmf');
+  NID_des_cdmf = 643;
+
+  SN_rsaOAEPEncryptionSET = AnsiString('rsaOAEPEncryptionSET');
+  NID_rsaOAEPEncryptionSET = 644;
+
+  SN_ipsec3 = AnsiString('Oakley-EC2N-3');
+  LN_ipsec3 = AnsiString('ipsec3');
+  NID_ipsec3 = 749;
+
+  SN_ipsec4 = AnsiString('Oakley-EC2N-4');
+  LN_ipsec4 = AnsiString('ipsec4');
+  NID_ipsec4 = 750;
+
+  SN_whirlpool = AnsiString('whirlpool');
+  NID_whirlpool = 804;
+
+  SN_cryptopro = AnsiString('cryptopro');
+  NID_cryptopro = 805;
+
+  SN_cryptocom = AnsiString('cryptocom');
+  NID_cryptocom = 806;
+
+  SN_id_tc26 = AnsiString('id-tc26');
+  NID_id_tc26 = 974;
+
+  SN_id_GostR3411_94_with_GostR3410_2001 = AnsiString('id-GostR3411-94-with-GostR3410-2001');
+  LN_id_GostR3411_94_with_GostR3410_2001 = AnsiString('GOST R 34.11-94 with GOST R 34.10-2001');
+  NID_id_GostR3411_94_with_GostR3410_2001 = 807;
+
+  SN_id_GostR3411_94_with_GostR3410_94 = AnsiString('id-GostR3411-94-with-GostR3410-94');
+  LN_id_GostR3411_94_with_GostR3410_94 = AnsiString('GOST R 34.11-94 with GOST R 34.10-94');
+  NID_id_GostR3411_94_with_GostR3410_94 = 808;
+
+  SN_id_GostR3411_94 = AnsiString('md_gost94');
+  LN_id_GostR3411_94 = AnsiString('GOST R 34.11-94');
+  NID_id_GostR3411_94 = 809;
+
+  SN_id_HMACGostR3411_94 = AnsiString('id-HMACGostR3411-94');
+  LN_id_HMACGostR3411_94 = AnsiString('HMAC GOST 34.11-94');
+  NID_id_HMACGostR3411_94 = 810;
+
+  SN_id_GostR3410_2001 = AnsiString('gost2001');
+  LN_id_GostR3410_2001 = AnsiString('GOST R 34.10-2001');
+  NID_id_GostR3410_2001 = 811;
+
+  SN_id_GostR3410_94 = AnsiString('gost94');
+  LN_id_GostR3410_94 = AnsiString('GOST R 34.10-94');
+  NID_id_GostR3410_94 = 812;
+
+  SN_id_Gost28147_89 = AnsiString('gost89');
+  LN_id_Gost28147_89 = AnsiString('GOST 28147-89');
+  NID_id_Gost28147_89 = 813;
+
+  SN_gost89_cnt = AnsiString('gost89-cnt');
+  NID_gost89_cnt = 814;
+
+  SN_gost89_cnt_12 = AnsiString('gost89-cnt-12');
+  NID_gost89_cnt_12 = 975;
+
+  SN_gost89_cbc = AnsiString('gost89-cbc');
+  NID_gost89_cbc = 1009;
+
+  SN_gost89_ecb = AnsiString('gost89-ecb');
+  NID_gost89_ecb = 1010;
+
+  SN_gost89_ctr = AnsiString('gost89-ctr');
+  NID_gost89_ctr = 1011;
+
+  SN_id_Gost28147_89_MAC = AnsiString('gost-mac');
+  LN_id_Gost28147_89_MAC = AnsiString('GOST 28147-89 MAC');
+  NID_id_Gost28147_89_MAC = 815;
+
+  SN_gost_mac_12 = AnsiString('gost-mac-12');
+  NID_gost_mac_12 = 976;
+
+  SN_id_GostR3411_94_prf = AnsiString('prf-gostr3411-94');
+  LN_id_GostR3411_94_prf = AnsiString('GOST R 34.11-94 PRF');
+  NID_id_GostR3411_94_prf = 816;
+
+  SN_id_GostR3410_2001DH = AnsiString('id-GostR3410-2001DH');
+  LN_id_GostR3410_2001DH = AnsiString('GOST R 34.10-2001 DH');
+  NID_id_GostR3410_2001DH = 817;
+
+  SN_id_GostR3410_94DH = AnsiString('id-GostR3410-94DH');
+  LN_id_GostR3410_94DH = AnsiString('GOST R 34.10-94 DH');
+  NID_id_GostR3410_94DH = 818;
+
+  SN_id_Gost28147_89_CryptoPro_KeyMeshing = AnsiString('id-Gost28147-89-CryptoPro-KeyMeshing');
+  NID_id_Gost28147_89_CryptoPro_KeyMeshing = 819;
+
+  SN_id_Gost28147_89_None_KeyMeshing = AnsiString('id-Gost28147-89-None-KeyMeshing');
+  NID_id_Gost28147_89_None_KeyMeshing = 820;
+
+  SN_id_GostR3411_94_TestParamSet = AnsiString('id-GostR3411-94-TestParamSet');
+  NID_id_GostR3411_94_TestParamSet = 821;
+
+  SN_id_GostR3411_94_CryptoProParamSet = AnsiString('id-GostR3411-94-CryptoProParamSet');
+  NID_id_GostR3411_94_CryptoProParamSet = 822;
+
+  SN_id_Gost28147_89_TestParamSet = AnsiString('id-Gost28147-89-TestParamSet');
+  NID_id_Gost28147_89_TestParamSet = 823;
+
+  SN_id_Gost28147_89_CryptoPro_A_ParamSet = AnsiString('id-Gost28147-89-CryptoPro-A-ParamSet');
+  NID_id_Gost28147_89_CryptoPro_A_ParamSet = 824;
+
+  SN_id_Gost28147_89_CryptoPro_B_ParamSet = AnsiString('id-Gost28147-89-CryptoPro-B-ParamSet');
+  NID_id_Gost28147_89_CryptoPro_B_ParamSet = 825;
+
+  SN_id_Gost28147_89_CryptoPro_C_ParamSet = AnsiString('id-Gost28147-89-CryptoPro-C-ParamSet');
+  NID_id_Gost28147_89_CryptoPro_C_ParamSet = 826;
+
+  SN_id_Gost28147_89_CryptoPro_D_ParamSet = AnsiString('id-Gost28147-89-CryptoPro-D-ParamSet');
+  NID_id_Gost28147_89_CryptoPro_D_ParamSet = 827;
+
+  SN_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet = AnsiString('id-Gost28147-89-CryptoPro-Oscar-1-1-ParamSet');
+  NID_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet = 828;
+
+  SN_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet = AnsiString('id-Gost28147-89-CryptoPro-Oscar-1-0-ParamSet');
+  NID_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet = 829;
+
+  SN_id_Gost28147_89_CryptoPro_RIC_1_ParamSet = AnsiString('id-Gost28147-89-CryptoPro-RIC-1-ParamSet');
+  NID_id_Gost28147_89_CryptoPro_RIC_1_ParamSet = 830;
+
+  SN_id_GostR3410_94_TestParamSet = AnsiString('id-GostR3410-94-TestParamSet');
+  NID_id_GostR3410_94_TestParamSet = 831;
+
+  SN_id_GostR3410_94_CryptoPro_A_ParamSet = AnsiString('id-GostR3410-94-CryptoPro-A-ParamSet');
+  NID_id_GostR3410_94_CryptoPro_A_ParamSet = 832;
+
+  SN_id_GostR3410_94_CryptoPro_B_ParamSet = AnsiString('id-GostR3410-94-CryptoPro-B-ParamSet');
+  NID_id_GostR3410_94_CryptoPro_B_ParamSet = 833;
+
+  SN_id_GostR3410_94_CryptoPro_C_ParamSet = AnsiString('id-GostR3410-94-CryptoPro-C-ParamSet');
+  NID_id_GostR3410_94_CryptoPro_C_ParamSet = 834;
+
+  SN_id_GostR3410_94_CryptoPro_D_ParamSet = AnsiString('id-GostR3410-94-CryptoPro-D-ParamSet');
+  NID_id_GostR3410_94_CryptoPro_D_ParamSet = 835;
+
+  SN_id_GostR3410_94_CryptoPro_XchA_ParamSet = AnsiString('id-GostR3410-94-CryptoPro-XchA-ParamSet');
+  NID_id_GostR3410_94_CryptoPro_XchA_ParamSet = 836;
+
+  SN_id_GostR3410_94_CryptoPro_XchB_ParamSet = AnsiString('id-GostR3410-94-CryptoPro-XchB-ParamSet');
+  NID_id_GostR3410_94_CryptoPro_XchB_ParamSet = 837;
+
+  SN_id_GostR3410_94_CryptoPro_XchC_ParamSet = AnsiString('id-GostR3410-94-CryptoPro-XchC-ParamSet');
+  NID_id_GostR3410_94_CryptoPro_XchC_ParamSet = 838;
+
+  SN_id_GostR3410_2001_TestParamSet = AnsiString('id-GostR3410-2001-TestParamSet');
+  NID_id_GostR3410_2001_TestParamSet = 839;
+
+  SN_id_GostR3410_2001_CryptoPro_A_ParamSet = AnsiString('id-GostR3410-2001-CryptoPro-A-ParamSet');
+  NID_id_GostR3410_2001_CryptoPro_A_ParamSet = 840;
+
+  SN_id_GostR3410_2001_CryptoPro_B_ParamSet = AnsiString('id-GostR3410-2001-CryptoPro-B-ParamSet');
+  NID_id_GostR3410_2001_CryptoPro_B_ParamSet = 841;
+
+  SN_id_GostR3410_2001_CryptoPro_C_ParamSet = AnsiString('id-GostR3410-2001-CryptoPro-C-ParamSet');
+  NID_id_GostR3410_2001_CryptoPro_C_ParamSet = 842;
+
+  SN_id_GostR3410_2001_CryptoPro_XchA_ParamSet = AnsiString('id-GostR3410-2001-CryptoPro-XchA-ParamSet');
+  NID_id_GostR3410_2001_CryptoPro_XchA_ParamSet = 843;
+
+  SN_id_GostR3410_2001_CryptoPro_XchB_ParamSet = AnsiString('id-GostR3410-2001-CryptoPro-XchB-ParamSet');
+  NID_id_GostR3410_2001_CryptoPro_XchB_ParamSet = 844;
+
+  SN_id_GostR3410_94_a = AnsiString('id-GostR3410-94-a');
+  NID_id_GostR3410_94_a = 845;
+
+  SN_id_GostR3410_94_aBis = AnsiString('id-GostR3410-94-aBis');
+  NID_id_GostR3410_94_aBis = 846;
+
+  SN_id_GostR3410_94_b = AnsiString('id-GostR3410-94-b');
+  NID_id_GostR3410_94_b = 847;
+
+  SN_id_GostR3410_94_bBis = AnsiString('id-GostR3410-94-bBis');
+  NID_id_GostR3410_94_bBis = 848;
+
+  SN_id_Gost28147_89_cc = AnsiString('id-Gost28147-89-cc');
+  LN_id_Gost28147_89_cc = AnsiString('GOST 28147-89 Cryptocom ParamSet');
+  NID_id_Gost28147_89_cc = 849;
+
+  SN_id_GostR3410_94_cc = AnsiString('gost94cc');
+  LN_id_GostR3410_94_cc = AnsiString('GOST 34.10-94 Cryptocom');
+  NID_id_GostR3410_94_cc = 850;
+
+  SN_id_GostR3410_2001_cc = AnsiString('gost2001cc');
+  LN_id_GostR3410_2001_cc = AnsiString('GOST 34.10-2001 Cryptocom');
+  NID_id_GostR3410_2001_cc = 851;
+
+  SN_id_GostR3411_94_with_GostR3410_94_cc = AnsiString('id-GostR3411-94-with-GostR3410-94-cc');
+  LN_id_GostR3411_94_with_GostR3410_94_cc = AnsiString('GOST R 34.11-94 with GOST R 34.10-94 Cryptocom');
+  NID_id_GostR3411_94_with_GostR3410_94_cc = 852;
+
+  SN_id_GostR3411_94_with_GostR3410_2001_cc = AnsiString('id-GostR3411-94-with-GostR3410-2001-cc');
+  LN_id_GostR3411_94_with_GostR3410_2001_cc = AnsiString('GOST R 34.11-94 with GOST R 34.10-2001 Cryptocom');
+  NID_id_GostR3411_94_with_GostR3410_2001_cc = 853;
+
+  SN_id_GostR3410_2001_ParamSet_cc = AnsiString('id-GostR3410-2001-ParamSet-cc');
+  LN_id_GostR3410_2001_ParamSet_cc = AnsiString('GOST R 3410-2001 Parameter Set Cryptocom');
+  NID_id_GostR3410_2001_ParamSet_cc = 854;
+
+  SN_id_tc26_algorithms = AnsiString('id-tc26-algorithms');
+  NID_id_tc26_algorithms = 977;
+
+  SN_id_tc26_sign = AnsiString('id-tc26-sign');
+  NID_id_tc26_sign = 978;
+
+  SN_id_GostR3410_2012_256 = AnsiString('gost2012_256');
+  LN_id_GostR3410_2012_256 = AnsiString('GOST R 34.10-2012 with 256 bit modulus');
+  NID_id_GostR3410_2012_256 = 979;
+
+  SN_id_GostR3410_2012_512 = AnsiString('gost2012_512');
+  LN_id_GostR3410_2012_512 = AnsiString('GOST R 34.10-2012 with 512 bit modulus');
+  NID_id_GostR3410_2012_512 = 980;
+
+  SN_id_tc26_digest = AnsiString('id-tc26-digest');
+  NID_id_tc26_digest = 981;
+
+  SN_id_GostR3411_2012_256 = AnsiString('md_gost12_256');
+  LN_id_GostR3411_2012_256 = AnsiString('GOST R 34.11-2012 with 256 bit hash');
+  NID_id_GostR3411_2012_256 = 982;
+
+  SN_id_GostR3411_2012_512 = AnsiString('md_gost12_512');
+  LN_id_GostR3411_2012_512 = AnsiString('GOST R 34.11-2012 with 512 bit hash');
+  NID_id_GostR3411_2012_512 = 983;
+
+  SN_id_tc26_signwithdigest = AnsiString('id-tc26-signwithdigest');
+  NID_id_tc26_signwithdigest = 984;
+
+  SN_id_tc26_signwithdigest_gost3410_2012_256 = AnsiString('id-tc26-signwithdigest-gost3410-2012-256');
+  LN_id_tc26_signwithdigest_gost3410_2012_256 = AnsiString('GOST R 34.10-2012 with GOST R 34.11-2012(256 bit)');
+  NID_id_tc26_signwithdigest_gost3410_2012_256 = 985;
+
+  SN_id_tc26_signwithdigest_gost3410_2012_512 = AnsiString('id-tc26-signwithdigest-gost3410-2012-512');
+  LN_id_tc26_signwithdigest_gost3410_2012_512 = AnsiString('GOST R 34.10-2012 with GOST R 34.11-2012(512 bit)');
+  NID_id_tc26_signwithdigest_gost3410_2012_512 = 986;
+
+  SN_id_tc26_mac = AnsiString('id-tc26-mac');
+  NID_id_tc26_mac = 987;
+
+  SN_id_tc26_hmac_gost_3411_2012_256 = AnsiString('id-tc26-hmac-gost-3411-2012-256');
+  LN_id_tc26_hmac_gost_3411_2012_256 = AnsiString('HMAC GOST 34.11-2012 256 bit');
+  NID_id_tc26_hmac_gost_3411_2012_256 = 988;
+
+  SN_id_tc26_hmac_gost_3411_2012_512 = AnsiString('id-tc26-hmac-gost-3411-2012-512');
+  LN_id_tc26_hmac_gost_3411_2012_512 = AnsiString('HMAC GOST 34.11-2012 512 bit');
+  NID_id_tc26_hmac_gost_3411_2012_512 = 989;
+
+  SN_id_tc26_cipher = AnsiString('id-tc26-cipher');
+  NID_id_tc26_cipher = 990;
+
+  SN_id_tc26_cipher_gostr3412_2015_magma = AnsiString('id-tc26-cipher-gostr3412-2015-magma');
+  NID_id_tc26_cipher_gostr3412_2015_magma = 1173;
+
+  SN_id_tc26_cipher_gostr3412_2015_magma_ctracpkm = AnsiString('id-tc26-cipher-gostr3412-2015-magma-ctracpkm');
+  NID_id_tc26_cipher_gostr3412_2015_magma_ctracpkm = 1174;
+
+  SN_id_tc26_cipher_gostr3412_2015_magma_ctracpkm_omac = AnsiString('id-tc26-cipher-gostr3412-2015-magma-ctracpkm-omac');
+  NID_id_tc26_cipher_gostr3412_2015_magma_ctracpkm_omac = 1175;
+
+  SN_id_tc26_cipher_gostr3412_2015_kuznyechik = AnsiString('id-tc26-cipher-gostr3412-2015-kuznyechik');
+  NID_id_tc26_cipher_gostr3412_2015_kuznyechik = 1176;
+
+  SN_id_tc26_cipher_gostr3412_2015_kuznyechik_ctracpkm = AnsiString('id-tc26-cipher-gostr3412-2015-kuznyechik-ctracpkm');
+  NID_id_tc26_cipher_gostr3412_2015_kuznyechik_ctracpkm = 1177;
+
+  SN_id_tc26_cipher_gostr3412_2015_kuznyechik_ctracpkm_omac = AnsiString('id-tc26-cipher-gostr3412-2015-kuznyechik-ctracpkm-omac');
+  NID_id_tc26_cipher_gostr3412_2015_kuznyechik_ctracpkm_omac = 1178;
+
+  SN_id_tc26_agreement = AnsiString('id-tc26-agreement');
+  NID_id_tc26_agreement = 991;
+
+  SN_id_tc26_agreement_gost_3410_2012_256 = AnsiString('id-tc26-agreement-gost-3410-2012-256');
+  NID_id_tc26_agreement_gost_3410_2012_256 = 992;
+
+  SN_id_tc26_agreement_gost_3410_2012_512 = AnsiString('id-tc26-agreement-gost-3410-2012-512');
+  NID_id_tc26_agreement_gost_3410_2012_512 = 993;
+
+  SN_id_tc26_wrap = AnsiString('id-tc26-wrap');
+  NID_id_tc26_wrap = 1179;
+
+  SN_id_tc26_wrap_gostr3412_2015_magma = AnsiString('id-tc26-wrap-gostr3412-2015-magma');
+  NID_id_tc26_wrap_gostr3412_2015_magma = 1180;
+
+  SN_id_tc26_wrap_gostr3412_2015_magma_kexp15 = AnsiString('id-tc26-wrap-gostr3412-2015-magma-kexp15');
+  NID_id_tc26_wrap_gostr3412_2015_magma_kexp15 = 1181;
+
+  SN_id_tc26_wrap_gostr3412_2015_kuznyechik = AnsiString('id-tc26-wrap-gostr3412-2015-kuznyechik');
+  NID_id_tc26_wrap_gostr3412_2015_kuznyechik = 1182;
+
+  SN_id_tc26_wrap_gostr3412_2015_kuznyechik_kexp15 = AnsiString('id-tc26-wrap-gostr3412-2015-kuznyechik-kexp15');
+  NID_id_tc26_wrap_gostr3412_2015_kuznyechik_kexp15 = 1183;
+
+  SN_id_tc26_constants = AnsiString('id-tc26-constants');
+  NID_id_tc26_constants = 994;
+
+  SN_id_tc26_sign_constants = AnsiString('id-tc26-sign-constants');
+  NID_id_tc26_sign_constants = 995;
+
+  SN_id_tc26_gost_3410_2012_256_constants = AnsiString('id-tc26-gost-3410-2012-256-constants');
+  NID_id_tc26_gost_3410_2012_256_constants = 1147;
+
+  SN_id_tc26_gost_3410_2012_256_paramSetA = AnsiString('id-tc26-gost-3410-2012-256-paramSetA');
+  LN_id_tc26_gost_3410_2012_256_paramSetA = AnsiString('GOST R 34.10-2012(256 bit)ParamSet A');
+  NID_id_tc26_gost_3410_2012_256_paramSetA = 1148;
+
+  SN_id_tc26_gost_3410_2012_256_paramSetB = AnsiString('id-tc26-gost-3410-2012-256-paramSetB');
+  LN_id_tc26_gost_3410_2012_256_paramSetB = AnsiString('GOST R 34.10-2012(256 bit)ParamSet B');
+  NID_id_tc26_gost_3410_2012_256_paramSetB = 1184;
+
+  SN_id_tc26_gost_3410_2012_256_paramSetC = AnsiString('id-tc26-gost-3410-2012-256-paramSetC');
+  LN_id_tc26_gost_3410_2012_256_paramSetC = AnsiString('GOST R 34.10-2012(256 bit)ParamSet C');
+  NID_id_tc26_gost_3410_2012_256_paramSetC = 1185;
+
+  SN_id_tc26_gost_3410_2012_256_paramSetD = AnsiString('id-tc26-gost-3410-2012-256-paramSetD');
+  LN_id_tc26_gost_3410_2012_256_paramSetD = AnsiString('GOST R 34.10-2012(256 bit)ParamSet D');
+  NID_id_tc26_gost_3410_2012_256_paramSetD = 1186;
+
+  SN_id_tc26_gost_3410_2012_512_constants = AnsiString('id-tc26-gost-3410-2012-512-constants');
+  NID_id_tc26_gost_3410_2012_512_constants = 996;
+
+  SN_id_tc26_gost_3410_2012_512_paramSetTest = AnsiString('id-tc26-gost-3410-2012-512-paramSetTest');
+  LN_id_tc26_gost_3410_2012_512_paramSetTest = AnsiString('GOST R 34.10-2012(512 bit)testing parameter set');
+  NID_id_tc26_gost_3410_2012_512_paramSetTest = 997;
+
+  SN_id_tc26_gost_3410_2012_512_paramSetA = AnsiString('id-tc26-gost-3410-2012-512-paramSetA');
+  LN_id_tc26_gost_3410_2012_512_paramSetA = AnsiString('GOST R 34.10-2012(512 bit)ParamSet A');
+  NID_id_tc26_gost_3410_2012_512_paramSetA = 998;
+
+  SN_id_tc26_gost_3410_2012_512_paramSetB = AnsiString('id-tc26-gost-3410-2012-512-paramSetB');
+  LN_id_tc26_gost_3410_2012_512_paramSetB = AnsiString('GOST R 34.10-2012(512 bit)ParamSet B');
+  NID_id_tc26_gost_3410_2012_512_paramSetB = 999;
+
+  SN_id_tc26_gost_3410_2012_512_paramSetC = AnsiString('id-tc26-gost-3410-2012-512-paramSetC');
+  LN_id_tc26_gost_3410_2012_512_paramSetC = AnsiString('GOST R 34.10-2012(512 bit)ParamSet C');
+  NID_id_tc26_gost_3410_2012_512_paramSetC = 1149;
+
+  SN_id_tc26_digest_constants = AnsiString('id-tc26-digest-constants');
+  NID_id_tc26_digest_constants = 1000;
+
+  SN_id_tc26_cipher_constants = AnsiString('id-tc26-cipher-constants');
+  NID_id_tc26_cipher_constants = 1001;
+
+  SN_id_tc26_gost_28147_constants = AnsiString('id-tc26-gost-28147-constants');
+  NID_id_tc26_gost_28147_constants = 1002;
+
+  SN_id_tc26_gost_28147_param_Z = AnsiString('id-tc26-gost-28147-param-Z');
+  LN_id_tc26_gost_28147_param_Z = AnsiString('GOST 28147-89 TC26 parameter set');
+  NID_id_tc26_gost_28147_param_Z = 1003;
+
+  SN_INN = AnsiString('INN');
+  LN_INN = AnsiString('INN');
+  NID_INN = 1004;
+
+  SN_OGRN = AnsiString('OGRN');
+  LN_OGRN = AnsiString('OGRN');
+  NID_OGRN = 1005;
+
+  SN_SNILS = AnsiString('SNILS');
+  LN_SNILS = AnsiString('SNILS');
+  NID_SNILS = 1006;
+
+  SN_subjectSignTool = AnsiString('subjectSignTool');
+  LN_subjectSignTool = AnsiString('Signing Tool of Subject');
+  NID_subjectSignTool = 1007;
+
+  SN_issuerSignTool = AnsiString('issuerSignTool');
+  LN_issuerSignTool = AnsiString('Signing Tool of Issuer');
+  NID_issuerSignTool = 1008;
+
+  SN_grasshopper_ecb = AnsiString('grasshopper-ecb');
+  NID_grasshopper_ecb = 1012;
+
+  SN_grasshopper_ctr = AnsiString('grasshopper-ctr');
+  NID_grasshopper_ctr = 1013;
+
+  SN_grasshopper_ofb = AnsiString('grasshopper-ofb');
+  NID_grasshopper_ofb = 1014;
+
+  SN_grasshopper_cbc = AnsiString('grasshopper-cbc');
+  NID_grasshopper_cbc = 1015;
+
+  SN_grasshopper_cfb = AnsiString('grasshopper-cfb');
+  NID_grasshopper_cfb = 1016;
+
+  SN_grasshopper_mac = AnsiString('grasshopper-mac');
+  NID_grasshopper_mac = 1017;
+
+  SN_magma_ecb = AnsiString('magma-ecb');
+  NID_magma_ecb = 1187;
+
+  SN_magma_ctr = AnsiString('magma-ctr');
+  NID_magma_ctr = 1188;
+
+  SN_magma_ofb = AnsiString('magma-ofb');
+  NID_magma_ofb = 1189;
+
+  SN_magma_cbc = AnsiString('magma-cbc');
+  NID_magma_cbc = 1190;
+
+  SN_magma_cfb = AnsiString('magma-cfb');
+  NID_magma_cfb = 1191;
+
+  SN_magma_mac = AnsiString('magma-mac');
+  NID_magma_mac = 1192;
+
+  SN_camellia_128_cbc = AnsiString('CAMELLIA-128-CBC');
+  LN_camellia_128_cbc = AnsiString('camellia-128-cbc');
+  NID_camellia_128_cbc = 751;
+
+  SN_camellia_192_cbc = AnsiString('CAMELLIA-192-CBC');
+  LN_camellia_192_cbc = AnsiString('camellia-192-cbc');
+  NID_camellia_192_cbc = 752;
+
+  SN_camellia_256_cbc = AnsiString('CAMELLIA-256-CBC');
+  LN_camellia_256_cbc = AnsiString('camellia-256-cbc');
+  NID_camellia_256_cbc = 753;
+
+  SN_id_camellia128_wrap = AnsiString('id-camellia128-wrap');
+  NID_id_camellia128_wrap = 907;
+
+  SN_id_camellia192_wrap = AnsiString('id-camellia192-wrap');
+  NID_id_camellia192_wrap = 908;
+
+  SN_id_camellia256_wrap = AnsiString('id-camellia256-wrap');
+  NID_id_camellia256_wrap = 909;
+
+  SN_camellia_128_ecb = AnsiString('CAMELLIA-128-ECB');
+  LN_camellia_128_ecb = AnsiString('camellia-128-ecb');
+  NID_camellia_128_ecb = 754;
+
+  SN_camellia_128_ofb128 = AnsiString('CAMELLIA-128-OFB');
+  LN_camellia_128_ofb128 = AnsiString('camellia-128-ofb');
+  NID_camellia_128_ofb128 = 766;
+
+  SN_camellia_128_cfb128 = AnsiString('CAMELLIA-128-CFB');
+  LN_camellia_128_cfb128 = AnsiString('camellia-128-cfb');
+  NID_camellia_128_cfb128 = 757;
+
+  SN_camellia_128_gcm = AnsiString('CAMELLIA-128-GCM');
+  LN_camellia_128_gcm = AnsiString('camellia-128-gcm');
+  NID_camellia_128_gcm = 961;
+
+  SN_camellia_128_ccm = AnsiString('CAMELLIA-128-CCM');
+  LN_camellia_128_ccm = AnsiString('camellia-128-ccm');
+  NID_camellia_128_ccm = 962;
+
+  SN_camellia_128_ctr = AnsiString('CAMELLIA-128-CTR');
+  LN_camellia_128_ctr = AnsiString('camellia-128-ctr');
+  NID_camellia_128_ctr = 963;
+
+  SN_camellia_128_cmac = AnsiString('CAMELLIA-128-CMAC');
+  LN_camellia_128_cmac = AnsiString('camellia-128-cmac');
+  NID_camellia_128_cmac = 964;
+
+  SN_camellia_192_ecb = AnsiString('CAMELLIA-192-ECB');
+  LN_camellia_192_ecb = AnsiString('camellia-192-ecb');
+  NID_camellia_192_ecb = 755;
+
+  SN_camellia_192_ofb128 = AnsiString('CAMELLIA-192-OFB');
+  LN_camellia_192_ofb128 = AnsiString('camellia-192-ofb');
+  NID_camellia_192_ofb128 = 767;
+
+  SN_camellia_192_cfb128 = AnsiString('CAMELLIA-192-CFB');
+  LN_camellia_192_cfb128 = AnsiString('camellia-192-cfb');
+  NID_camellia_192_cfb128 = 758;
+
+  SN_camellia_192_gcm = AnsiString('CAMELLIA-192-GCM');
+  LN_camellia_192_gcm = AnsiString('camellia-192-gcm');
+  NID_camellia_192_gcm = 965;
+
+  SN_camellia_192_ccm = AnsiString('CAMELLIA-192-CCM');
+  LN_camellia_192_ccm = AnsiString('camellia-192-ccm');
+  NID_camellia_192_ccm = 966;
+
+  SN_camellia_192_ctr = AnsiString('CAMELLIA-192-CTR');
+  LN_camellia_192_ctr = AnsiString('camellia-192-ctr');
+  NID_camellia_192_ctr = 967;
+
+  SN_camellia_192_cmac = AnsiString('CAMELLIA-192-CMAC');
+  LN_camellia_192_cmac = AnsiString('camellia-192-cmac');
+  NID_camellia_192_cmac = 968;
+
+  SN_camellia_256_ecb = AnsiString('CAMELLIA-256-ECB');
+  LN_camellia_256_ecb = AnsiString('camellia-256-ecb');
+  NID_camellia_256_ecb = 756;
+
+  SN_camellia_256_ofb128 = AnsiString('CAMELLIA-256-OFB');
+  LN_camellia_256_ofb128 = AnsiString('camellia-256-ofb');
+  NID_camellia_256_ofb128 = 768;
+
+  SN_camellia_256_cfb128 = AnsiString('CAMELLIA-256-CFB');
+  LN_camellia_256_cfb128 = AnsiString('camellia-256-cfb');
+  NID_camellia_256_cfb128 = 759;
+
+  SN_camellia_256_gcm = AnsiString('CAMELLIA-256-GCM');
+  LN_camellia_256_gcm = AnsiString('camellia-256-gcm');
+  NID_camellia_256_gcm = 969;
+
+  SN_camellia_256_ccm = AnsiString('CAMELLIA-256-CCM');
+  LN_camellia_256_ccm = AnsiString('camellia-256-ccm');
+  NID_camellia_256_ccm = 970;
+
+  SN_camellia_256_ctr = AnsiString('CAMELLIA-256-CTR');
+  LN_camellia_256_ctr = AnsiString('camellia-256-ctr');
+  NID_camellia_256_ctr = 971;
+
+  SN_camellia_256_cmac = AnsiString('CAMELLIA-256-CMAC');
+  LN_camellia_256_cmac = AnsiString('camellia-256-cmac');
+  NID_camellia_256_cmac = 972;
+
+  SN_camellia_128_cfb1 = AnsiString('CAMELLIA-128-CFB1');
+  LN_camellia_128_cfb1 = AnsiString('camellia-128-cfb1');
+  NID_camellia_128_cfb1 = 760;
+
+  SN_camellia_192_cfb1 = AnsiString('CAMELLIA-192-CFB1');
+  LN_camellia_192_cfb1 = AnsiString('camellia-192-cfb1');
+  NID_camellia_192_cfb1 = 761;
+
+  SN_camellia_256_cfb1 = AnsiString('CAMELLIA-256-CFB1');
+  LN_camellia_256_cfb1 = AnsiString('camellia-256-cfb1');
+  NID_camellia_256_cfb1 = 762;
+
+  SN_camellia_128_cfb8 = AnsiString('CAMELLIA-128-CFB8');
+  LN_camellia_128_cfb8 = AnsiString('camellia-128-cfb8');
+  NID_camellia_128_cfb8 = 763;
+
+  SN_camellia_192_cfb8 = AnsiString('CAMELLIA-192-CFB8');
+  LN_camellia_192_cfb8 = AnsiString('camellia-192-cfb8');
+  NID_camellia_192_cfb8 = 764;
+
+  SN_camellia_256_cfb8 = AnsiString('CAMELLIA-256-CFB8');
+  LN_camellia_256_cfb8 = AnsiString('camellia-256-cfb8');
+  NID_camellia_256_cfb8 = 765;
+
+  SN_aria_128_ecb = AnsiString('ARIA-128-ECB');
+  LN_aria_128_ecb = AnsiString('aria-128-ecb');
+  NID_aria_128_ecb = 1065;
+
+  SN_aria_128_cbc = AnsiString('ARIA-128-CBC');
+  LN_aria_128_cbc = AnsiString('aria-128-cbc');
+  NID_aria_128_cbc = 1066;
+
+  SN_aria_128_cfb128 = AnsiString('ARIA-128-CFB');
+  LN_aria_128_cfb128 = AnsiString('aria-128-cfb');
+  NID_aria_128_cfb128 = 1067;
+
+  SN_aria_128_ofb128 = AnsiString('ARIA-128-OFB');
+  LN_aria_128_ofb128 = AnsiString('aria-128-ofb');
+  NID_aria_128_ofb128 = 1068;
+
+  SN_aria_128_ctr = AnsiString('ARIA-128-CTR');
+  LN_aria_128_ctr = AnsiString('aria-128-ctr');
+  NID_aria_128_ctr = 1069;
+
+  SN_aria_192_ecb = AnsiString('ARIA-192-ECB');
+  LN_aria_192_ecb = AnsiString('aria-192-ecb');
+  NID_aria_192_ecb = 1070;
+
+  SN_aria_192_cbc = AnsiString('ARIA-192-CBC');
+  LN_aria_192_cbc = AnsiString('aria-192-cbc');
+  NID_aria_192_cbc = 1071;
+
+  SN_aria_192_cfb128 = AnsiString('ARIA-192-CFB');
+  LN_aria_192_cfb128 = AnsiString('aria-192-cfb');
+  NID_aria_192_cfb128 = 1072;
+
+  SN_aria_192_ofb128 = AnsiString('ARIA-192-OFB');
+  LN_aria_192_ofb128 = AnsiString('aria-192-ofb');
+  NID_aria_192_ofb128 = 1073;
+
+  SN_aria_192_ctr = AnsiString('ARIA-192-CTR');
+  LN_aria_192_ctr = AnsiString('aria-192-ctr');
+  NID_aria_192_ctr = 1074;
+
+  SN_aria_256_ecb = AnsiString('ARIA-256-ECB');
+  LN_aria_256_ecb = AnsiString('aria-256-ecb');
+  NID_aria_256_ecb = 1075;
+
+  SN_aria_256_cbc = AnsiString('ARIA-256-CBC');
+  LN_aria_256_cbc = AnsiString('aria-256-cbc');
+  NID_aria_256_cbc = 1076;
+
+  SN_aria_256_cfb128 = AnsiString('ARIA-256-CFB');
+  LN_aria_256_cfb128 = AnsiString('aria-256-cfb');
+  NID_aria_256_cfb128 = 1077;
+
+  SN_aria_256_ofb128 = AnsiString('ARIA-256-OFB');
+  LN_aria_256_ofb128 = AnsiString('aria-256-ofb');
+  NID_aria_256_ofb128 = 1078;
+
+  SN_aria_256_ctr = AnsiString('ARIA-256-CTR');
+  LN_aria_256_ctr = AnsiString('aria-256-ctr');
+  NID_aria_256_ctr = 1079;
+
+  SN_aria_128_cfb1 = AnsiString('ARIA-128-CFB1');
+  LN_aria_128_cfb1 = AnsiString('aria-128-cfb1');
+  NID_aria_128_cfb1 = 1080;
+
+  SN_aria_192_cfb1 = AnsiString('ARIA-192-CFB1');
+  LN_aria_192_cfb1 = AnsiString('aria-192-cfb1');
+  NID_aria_192_cfb1 = 1081;
+
+  SN_aria_256_cfb1 = AnsiString('ARIA-256-CFB1');
+  LN_aria_256_cfb1 = AnsiString('aria-256-cfb1');
+  NID_aria_256_cfb1 = 1082;
+
+  SN_aria_128_cfb8 = AnsiString('ARIA-128-CFB8');
+  LN_aria_128_cfb8 = AnsiString('aria-128-cfb8');
+  NID_aria_128_cfb8 = 1083;
+
+  SN_aria_192_cfb8 = AnsiString('ARIA-192-CFB8');
+  LN_aria_192_cfb8 = AnsiString('aria-192-cfb8');
+  NID_aria_192_cfb8 = 1084;
+
+  SN_aria_256_cfb8 = AnsiString('ARIA-256-CFB8');
+  LN_aria_256_cfb8 = AnsiString('aria-256-cfb8');
+  NID_aria_256_cfb8 = 1085;
+
+  SN_aria_128_ccm = AnsiString('ARIA-128-CCM');
+  LN_aria_128_ccm = AnsiString('aria-128-ccm');
+  NID_aria_128_ccm = 1120;
+
+  SN_aria_192_ccm = AnsiString('ARIA-192-CCM');
+  LN_aria_192_ccm = AnsiString('aria-192-ccm');
+  NID_aria_192_ccm = 1121;
+
+  SN_aria_256_ccm = AnsiString('ARIA-256-CCM');
+  LN_aria_256_ccm = AnsiString('aria-256-ccm');
+  NID_aria_256_ccm = 1122;
+
+  SN_aria_128_gcm = AnsiString('ARIA-128-GCM');
+  LN_aria_128_gcm = AnsiString('aria-128-gcm');
+  NID_aria_128_gcm = 1123;
+
+  SN_aria_192_gcm = AnsiString('ARIA-192-GCM');
+  LN_aria_192_gcm = AnsiString('aria-192-gcm');
+  NID_aria_192_gcm = 1124;
+
+  SN_aria_256_gcm = AnsiString('ARIA-256-GCM');
+  LN_aria_256_gcm = AnsiString('aria-256-gcm');
+  NID_aria_256_gcm = 1125;
+
+  SN_kisa = AnsiString('KISA');
+  LN_kisa = AnsiString('kisa');
+  NID_kisa = 773;
+
+  SN_seed_ecb = AnsiString('SEED-ECB');
+  LN_seed_ecb = AnsiString('seed-ecb');
+  NID_seed_ecb = 776;
+
+  SN_seed_cbc = AnsiString('SEED-CBC');
+  LN_seed_cbc = AnsiString('seed-cbc');
+  NID_seed_cbc = 777;
+
+  SN_seed_cfb128 = AnsiString('SEED-CFB');
+  LN_seed_cfb128 = AnsiString('seed-cfb');
+  NID_seed_cfb128 = 779;
+
+  SN_seed_ofb128 = AnsiString('SEED-OFB');
+  LN_seed_ofb128 = AnsiString('seed-ofb');
+  NID_seed_ofb128 = 778;
+
+  SN_sm4_ecb = AnsiString('SM4-ECB');
+  LN_sm4_ecb = AnsiString('sm4-ecb');
+  NID_sm4_ecb = 1133;
+
+  SN_sm4_cbc = AnsiString('SM4-CBC');
+  LN_sm4_cbc = AnsiString('sm4-cbc');
+  NID_sm4_cbc = 1134;
+
+  SN_sm4_ofb128 = AnsiString('SM4-OFB');
+  LN_sm4_ofb128 = AnsiString('sm4-ofb');
+  NID_sm4_ofb128 = 1135;
+
+  SN_sm4_cfb128 = AnsiString('SM4-CFB');
+  LN_sm4_cfb128 = AnsiString('sm4-cfb');
+  NID_sm4_cfb128 = 1137;
+
+  SN_sm4_cfb1 = AnsiString('SM4-CFB1');
+  LN_sm4_cfb1 = AnsiString('sm4-cfb1');
+  NID_sm4_cfb1 = 1136;
+
+  SN_sm4_cfb8 = AnsiString('SM4-CFB8');
+  LN_sm4_cfb8 = AnsiString('sm4-cfb8');
+  NID_sm4_cfb8 = 1138;
+
+  SN_sm4_ctr = AnsiString('SM4-CTR');
+  LN_sm4_ctr = AnsiString('sm4-ctr');
+  NID_sm4_ctr = 1139;
+
+  SN_hmac = AnsiString('HMAC');
+  LN_hmac = AnsiString('hmac');
+  NID_hmac = 855;
+
+  SN_cmac = AnsiString('CMAC');
+  LN_cmac = AnsiString('cmac');
+  NID_cmac = 894;
+
+  SN_rc4_hmac_md5 = AnsiString('RC4-HMAC-MD5');
+  LN_rc4_hmac_md5 = AnsiString('rc4-hmac-md5');
+  NID_rc4_hmac_md5 = 915;
+
+  SN_aes_128_cbc_hmac_sha1 = AnsiString('AES-128-CBC-HMAC-SHA1');
+  LN_aes_128_cbc_hmac_sha1 = AnsiString('aes-128-cbc-hmac-sha1');
+  NID_aes_128_cbc_hmac_sha1 = 916;
+
+  SN_aes_192_cbc_hmac_sha1 = AnsiString('AES-192-CBC-HMAC-SHA1');
+  LN_aes_192_cbc_hmac_sha1 = AnsiString('aes-192-cbc-hmac-sha1');
+  NID_aes_192_cbc_hmac_sha1 = 917;
+
+  SN_aes_256_cbc_hmac_sha1 = AnsiString('AES-256-CBC-HMAC-SHA1');
+  LN_aes_256_cbc_hmac_sha1 = AnsiString('aes-256-cbc-hmac-sha1');
+  NID_aes_256_cbc_hmac_sha1 = 918;
+
+  SN_aes_128_cbc_hmac_sha256 = AnsiString('AES-128-CBC-HMAC-SHA256');
+  LN_aes_128_cbc_hmac_sha256 = AnsiString('aes-128-cbc-hmac-sha256');
+  NID_aes_128_cbc_hmac_sha256 = 948;
+
+  SN_aes_192_cbc_hmac_sha256 = AnsiString('AES-192-CBC-HMAC-SHA256');
+  LN_aes_192_cbc_hmac_sha256 = AnsiString('aes-192-cbc-hmac-sha256');
+  NID_aes_192_cbc_hmac_sha256 = 949;
+
+  SN_aes_256_cbc_hmac_sha256 = AnsiString('AES-256-CBC-HMAC-SHA256');
+  LN_aes_256_cbc_hmac_sha256 = AnsiString('aes-256-cbc-hmac-sha256');
+  NID_aes_256_cbc_hmac_sha256 = 950;
+
+  SN_chacha20_poly1305 = AnsiString('ChaCha20-Poly1305');
+  LN_chacha20_poly1305 = AnsiString('chacha20-poly1305');
+  NID_chacha20_poly1305 = 1018;
+
+  SN_chacha20 = AnsiString('ChaCha20');
+  LN_chacha20 = AnsiString('chacha20');
+  NID_chacha20 = 1019;
+
+  SN_dhpublicnumber = AnsiString('dhpublicnumber');
+  LN_dhpublicnumber = AnsiString('X9.42 DH');
+  NID_dhpublicnumber = 920;
+
+  SN_brainpoolP160r1 = AnsiString('brainpoolP160r1');
+  NID_brainpoolP160r1 = 921;
+
+  SN_brainpoolP160t1 = AnsiString('brainpoolP160t1');
+  NID_brainpoolP160t1 = 922;
+
+  SN_brainpoolP192r1 = AnsiString('brainpoolP192r1');
+  NID_brainpoolP192r1 = 923;
+
+  SN_brainpoolP192t1 = AnsiString('brainpoolP192t1');
+  NID_brainpoolP192t1 = 924;
+
+  SN_brainpoolP224r1 = AnsiString('brainpoolP224r1');
+  NID_brainpoolP224r1 = 925;
+
+  SN_brainpoolP224t1 = AnsiString('brainpoolP224t1');
+  NID_brainpoolP224t1 = 926;
+
+  SN_brainpoolP256r1 = AnsiString('brainpoolP256r1');
+  NID_brainpoolP256r1 = 927;
+
+  SN_brainpoolP256t1 = AnsiString('brainpoolP256t1');
+  NID_brainpoolP256t1 = 928;
+
+  SN_brainpoolP320r1 = AnsiString('brainpoolP320r1');
+  NID_brainpoolP320r1 = 929;
+
+  SN_brainpoolP320t1 = AnsiString('brainpoolP320t1');
+  NID_brainpoolP320t1 = 930;
+
+  SN_brainpoolP384r1 = AnsiString('brainpoolP384r1');
+  NID_brainpoolP384r1 = 931;
+
+  SN_brainpoolP384t1 = AnsiString('brainpoolP384t1');
+  NID_brainpoolP384t1 = 932;
+
+  SN_brainpoolP512r1 = AnsiString('brainpoolP512r1');
+  NID_brainpoolP512r1 = 933;
+
+  SN_brainpoolP512t1 = AnsiString('brainpoolP512t1');
+  NID_brainpoolP512t1 = 934;
+
+  SN_dhSinglePass_stdDH_sha1kdf_scheme = AnsiString('dhSinglePass-stdDH-sha1kdf-scheme');
+  NID_dhSinglePass_stdDH_sha1kdf_scheme = 936;
+
+  SN_dhSinglePass_stdDH_sha224kdf_scheme = AnsiString('dhSinglePass-stdDH-sha224kdf-scheme');
+  NID_dhSinglePass_stdDH_sha224kdf_scheme = 937;
+
+  SN_dhSinglePass_stdDH_sha256kdf_scheme = AnsiString('dhSinglePass-stdDH-sha256kdf-scheme');
+  NID_dhSinglePass_stdDH_sha256kdf_scheme = 938;
+
+  SN_dhSinglePass_stdDH_sha384kdf_scheme = AnsiString('dhSinglePass-stdDH-sha384kdf-scheme');
+  NID_dhSinglePass_stdDH_sha384kdf_scheme = 939;
+
+  SN_dhSinglePass_stdDH_sha512kdf_scheme = AnsiString('dhSinglePass-stdDH-sha512kdf-scheme');
+  NID_dhSinglePass_stdDH_sha512kdf_scheme = 940;
+
+  SN_dhSinglePass_cofactorDH_sha1kdf_scheme = AnsiString('dhSinglePass-cofactorDH-sha1kdf-scheme');
+  NID_dhSinglePass_cofactorDH_sha1kdf_scheme = 941;
+
+  SN_dhSinglePass_cofactorDH_sha224kdf_scheme = AnsiString('dhSinglePass-cofactorDH-sha224kdf-scheme');
+  NID_dhSinglePass_cofactorDH_sha224kdf_scheme = 942;
+
+  SN_dhSinglePass_cofactorDH_sha256kdf_scheme = AnsiString('dhSinglePass-cofactorDH-sha256kdf-scheme');
+  NID_dhSinglePass_cofactorDH_sha256kdf_scheme = 943;
+
+  SN_dhSinglePass_cofactorDH_sha384kdf_scheme = AnsiString('dhSinglePass-cofactorDH-sha384kdf-scheme');
+  NID_dhSinglePass_cofactorDH_sha384kdf_scheme = 944;
+
+  SN_dhSinglePass_cofactorDH_sha512kdf_scheme = AnsiString('dhSinglePass-cofactorDH-sha512kdf-scheme');
+  NID_dhSinglePass_cofactorDH_sha512kdf_scheme = 945;
+
+  SN_dh_std_kdf = AnsiString('dh-std-kdf');
+  NID_dh_std_kdf = 946;
+
+  SN_dh_cofactor_kdf = AnsiString('dh-cofactor-kdf');
+  NID_dh_cofactor_kdf = 947;
+
+  SN_ct_precert_scts = AnsiString('ct_precert_scts');
+  LN_ct_precert_scts = AnsiString('CT Precertificate SCTs');
+  NID_ct_precert_scts = 951;
+
+  SN_ct_precert_poison = AnsiString('ct_precert_poison');
+  LN_ct_precert_poison = AnsiString('CT Precertificate Poison');
+  NID_ct_precert_poison = 952;
+
+  SN_ct_precert_signer = AnsiString('ct_precert_signer');
+  LN_ct_precert_signer = AnsiString('CT Precertificate Signer');
+  NID_ct_precert_signer = 953;
+
+  SN_ct_cert_scts = AnsiString('ct_cert_scts');
+  LN_ct_cert_scts = AnsiString('CT Certificate SCTs');
+  NID_ct_cert_scts = 954;
+
+  SN_jurisdictionLocalityName = AnsiString('jurisdictionL');
+  LN_jurisdictionLocalityName = AnsiString('jurisdictionLocalityName');
+  NID_jurisdictionLocalityName = 955;
+
+  SN_jurisdictionStateOrProvinceName = AnsiString('jurisdictionST');
+  LN_jurisdictionStateOrProvinceName = AnsiString('jurisdictionStateOrProvinceName');
+  NID_jurisdictionStateOrProvinceName = 956;
+
+  SN_jurisdictionCountryName = AnsiString('jurisdictionC');
+  LN_jurisdictionCountryName = AnsiString('jurisdictionCountryName');
+  NID_jurisdictionCountryName = 957;
+
+  SN_id_scrypt = AnsiString('id-scrypt');
+  LN_id_scrypt = AnsiString('scrypt');
+  NID_id_scrypt = 973;
+
+  SN_tls1_prf = AnsiString('TLS1-PRF');
+  LN_tls1_prf = AnsiString('tls1-prf');
+  NID_tls1_prf = 1021;
+
+  SN_hkdf = AnsiString('HKDF');
+  LN_hkdf = AnsiString('hkdf');
+  NID_hkdf = 1036;
+
+  SN_id_pkinit = AnsiString('id-pkinit');
+  NID_id_pkinit = 1031;
+
+  SN_pkInitClientAuth = AnsiString('pkInitClientAuth');
+  LN_pkInitClientAuth = AnsiString('PKINIT Client Auth');
+  NID_pkInitClientAuth = 1032;
+
+  SN_pkInitKDC = AnsiString('pkInitKDC');
+  LN_pkInitKDC = AnsiString('Signing KDC Response');
+  NID_pkInitKDC = 1033;
+
+  SN_X25519 = AnsiString('X25519');
+  NID_X25519 = 1034;
+
+  SN_X448 = AnsiString('X448');
+  NID_X448 = 1035;
+
+  SN_ED25519 = AnsiString('ED25519');
+  NID_ED25519 = 1087;
+
+  SN_ED448 = AnsiString('ED448');
+  NID_ED448 = 1088;
+
+  SN_kx_rsa = AnsiString('KxRSA');
+  LN_kx_rsa = AnsiString('kx-rsa');
+  NID_kx_rsa = 1037;
+
+  SN_kx_ecdhe = AnsiString('KxECDHE');
+  LN_kx_ecdhe = AnsiString('kx-ecdhe');
+  NID_kx_ecdhe = 1038;
+
+  SN_kx_dhe = AnsiString('KxDHE');
+  LN_kx_dhe = AnsiString('kx-dhe');
+  NID_kx_dhe = 1039;
+
+  SN_kx_ecdhe_psk = AnsiString('KxECDHE-PSK');
+  LN_kx_ecdhe_psk = AnsiString('kx-ecdhe-psk');
+  NID_kx_ecdhe_psk = 1040;
+
+  SN_kx_dhe_psk = AnsiString('KxDHE-PSK');
+  LN_kx_dhe_psk = AnsiString('kx-dhe-psk');
+  NID_kx_dhe_psk = 1041;
+
+  SN_kx_rsa_psk = AnsiString('KxRSA_PSK');
+  LN_kx_rsa_psk = AnsiString('kx-rsa-psk');
+  NID_kx_rsa_psk = 1042;
+
+  SN_kx_psk = AnsiString('KxPSK');
+  LN_kx_psk = AnsiString('kx-psk');
+  NID_kx_psk = 1043;
+
+  SN_kx_srp = AnsiString('KxSRP');
+  LN_kx_srp = AnsiString('kx-srp');
+  NID_kx_srp = 1044;
+
+  SN_kx_gost = AnsiString('KxGOST');
+  LN_kx_gost = AnsiString('kx-gost');
+  NID_kx_gost = 1045;
+
+  SN_kx_any = AnsiString('KxANY');
+  LN_kx_any = AnsiString('kx-any');
+  NID_kx_any = 1063;
+
+  SN_auth_rsa = AnsiString('AuthRSA');
+  LN_auth_rsa = AnsiString('auth-rsa');
+  NID_auth_rsa = 1046;
+
+  SN_auth_ecdsa = AnsiString('AuthECDSA');
+  LN_auth_ecdsa = AnsiString('auth-ecdsa');
+  NID_auth_ecdsa = 1047;
+
+  SN_auth_psk = AnsiString('AuthPSK');
+  LN_auth_psk = AnsiString('auth-psk');
+  NID_auth_psk = 1048;
+
+  SN_auth_dss = AnsiString('AuthDSS');
+  LN_auth_dss = AnsiString('auth-dss');
+  NID_auth_dss = 1049;
+
+  SN_auth_gost01 = AnsiString('AuthGOST01');
+  LN_auth_gost01 = AnsiString('auth-gost01');
+  NID_auth_gost01 = 1050;
+
+  SN_auth_gost12 = AnsiString('AuthGOST12');
+  LN_auth_gost12 = AnsiString('auth-gost12');
+  NID_auth_gost12 = 1051;
+
+  SN_auth_srp = AnsiString('AuthSRP');
+  LN_auth_srp = AnsiString('auth-srp');
+  NID_auth_srp = 1052;
+
+  SN_auth_null = AnsiString('AuthNULL');
+  LN_auth_null = AnsiString('auth-null');
+  NID_auth_null = 1053;
+
+  SN_auth_any = AnsiString('AuthANY');
+  LN_auth_any = AnsiString('auth-any');
+  NID_auth_any = 1064;
+
+  SN_poly1305 = AnsiString('Poly1305');
+  LN_poly1305 = AnsiString('poly1305');
+  NID_poly1305 = 1061;
+
+  SN_siphash = AnsiString('SipHash');
+  LN_siphash = AnsiString('siphash');
+  NID_siphash = 1062;
+
+  SN_ffdhe2048 = AnsiString('ffdhe2048');
+  NID_ffdhe2048 = 1126;
+
+  SN_ffdhe3072 = AnsiString('ffdhe3072');
+  NID_ffdhe3072 = 1127;
+
+  SN_ffdhe4096 = AnsiString('ffdhe4096');
+  NID_ffdhe4096 = 1128;
+
+  SN_ffdhe6144 = AnsiString('ffdhe6144');
+  NID_ffdhe6144 = 1129;
+
+  SN_ffdhe8192 = AnsiString('ffdhe8192');
+  NID_ffdhe8192 = 1130;
+
+  SN_ISO_UA = AnsiString('ISO-UA');
+  NID_ISO_UA = 1150;
+
+  SN_ua_pki = AnsiString('ua-pki');
+  NID_ua_pki = 1151;
+
+  SN_dstu28147 = AnsiString('dstu28147');
+  LN_dstu28147 = AnsiString('DSTU Gost 28147-2009');
+  NID_dstu28147 = 1152;
+
+  SN_dstu28147_ofb = AnsiString('dstu28147-ofb');
+  LN_dstu28147_ofb = AnsiString('DSTU Gost 28147-2009 OFB mode');
+  NID_dstu28147_ofb = 1153;
+
+  SN_dstu28147_cfb = AnsiString('dstu28147-cfb');
+  LN_dstu28147_cfb = AnsiString('DSTU Gost 28147-2009 CFB mode');
+  NID_dstu28147_cfb = 1154;
+
+  SN_dstu28147_wrap = AnsiString('dstu28147-wrap');
+  LN_dstu28147_wrap = AnsiString('DSTU Gost 28147-2009 key wrap');
+  NID_dstu28147_wrap = 1155;
+
+  SN_hmacWithDstu34311 = AnsiString('hmacWithDstu34311');
+  LN_hmacWithDstu34311 = AnsiString('HMAC DSTU Gost 34311-95');
+  NID_hmacWithDstu34311 = 1156;
+
+  SN_dstu34311 = AnsiString('dstu34311');
+  LN_dstu34311 = AnsiString('DSTU Gost 34311-95');
+  NID_dstu34311 = 1157;
+
+  SN_dstu4145le = AnsiString('dstu4145le');
+  LN_dstu4145le = AnsiString('DSTU 4145-2002 little endian');
+  NID_dstu4145le = 1158;
+
+  SN_dstu4145be = AnsiString('dstu4145be');
+  LN_dstu4145be = AnsiString('DSTU 4145-2002 big endian');
+  NID_dstu4145be = 1159;
+
+  SN_uacurve0 = AnsiString('uacurve0');
+  LN_uacurve0 = AnsiString('DSTU curve 0');
+  NID_uacurve0 = 1160;
+
+  SN_uacurve1 = AnsiString('uacurve1');
+  LN_uacurve1 = AnsiString('DSTU curve 1');
+  NID_uacurve1 = 1161;
+
+  SN_uacurve2 = AnsiString('uacurve2');
+  LN_uacurve2 = AnsiString('DSTU curve 2');
+  NID_uacurve2 = 1162;
+
+  SN_uacurve3 = AnsiString('uacurve3');
+  LN_uacurve3 = AnsiString('DSTU curve 3');
+  NID_uacurve3 = 1163;
+
+  SN_uacurve4 = AnsiString('uacurve4');
+  LN_uacurve4 = AnsiString('DSTU curve 4');
+  NID_uacurve4 = 1164;
+
+  SN_uacurve5 = AnsiString('uacurve5');
+  LN_uacurve5 = AnsiString('DSTU curve 5');
+  NID_uacurve5 = 1165;
+
+  SN_uacurve6 = AnsiString('uacurve6');
+  LN_uacurve6 = AnsiString('DSTU curve 6');
+  NID_uacurve6 = 1166;
+
+  SN_uacurve7 = AnsiString('uacurve7');
+  LN_uacurve7 = AnsiString('DSTU curve 7');
+  NID_uacurve7 = 1167;
+
+  SN_uacurve8 = AnsiString('uacurve8');
+  LN_uacurve8 = AnsiString('DSTU curve 8');
+  NID_uacurve8 = 1168;
+
+  SN_uacurve9 = AnsiString('uacurve9');
+  LN_uacurve9 = AnsiString('DSTU curve 9');
+  NID_uacurve9 = 1169;
 
 implementation
 
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_pem.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_pem.pas
index befcea269..b87481978 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_pem.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_pem.pas
@@ -49,31 +49,31 @@ interface
 const
   PEM_BUFSIZE             = 1024;
 
-  PEM_STRING_X509_OLD     = 'X509 CERTIFICATE';
-  PEM_STRING_X509         = 'CERTIFICATE';
-  PEM_STRING_X509_TRUSTED = 'TRUSTED CERTIFICATE';
-  PEM_STRING_X509_REQ_OLD = 'NEW CERTIFICATE REQUEST';
-  PEM_STRING_X509_REQ     = 'CERTIFICATE REQUEST';
-  PEM_STRING_X509_CRL     = 'X509 CRL';
-  PEM_STRING_EVP_PKEY     = 'ANY PRIVATE KEY';
-  PEM_STRING_PUBLIC       = 'PUBLIC KEY';
-  PEM_STRING_RSA          = 'RSA PRIVATE KEY';
-  PEM_STRING_RSA_PUBLIC   = 'RSA PUBLIC KEY';
-  PEM_STRING_DSA          = 'DSA PRIVATE KEY';
-  PEM_STRING_DSA_PUBLIC   = 'DSA PUBLIC KEY';
-  PEM_STRING_PKCS7        = 'PKCS7';
-  PEM_STRING_PKCS7_SIGNED = 'PKCS #7 SIGNED DATA';
-  PEM_STRING_PKCS8        = 'ENCRYPTED PRIVATE KEY';
-  PEM_STRING_PKCS8INF     = 'PRIVATE KEY';
-  PEM_STRING_DHPARAMS     = 'DH PARAMETERS';
-  PEM_STRING_DHXPARAMS    = 'X9.42 DH PARAMETERS';
-  PEM_STRING_SSL_SESSION  = 'SSL SESSION PARAMETERS';
-  PEM_STRING_DSAPARAMS    = 'DSA PARAMETERS';
-  PEM_STRING_ECDSA_PUBLIC = 'ECDSA PUBLIC KEY';
-  PEM_STRING_ECPARAMETERS = 'EC PARAMETERS';
-  PEM_STRING_ECPRIVATEKEY = 'EC PRIVATE KEY';
-  PEM_STRING_PARAMETERS   = 'PARAMETERS';
-  PEM_STRING_CMS          = 'CMS';
+  PEM_STRING_X509_OLD     = AnsiString('X509 CERTIFICATE');
+  PEM_STRING_X509         = AnsiString('CERTIFICATE');
+  PEM_STRING_X509_TRUSTED = AnsiString('TRUSTED CERTIFICATE');
+  PEM_STRING_X509_REQ_OLD = AnsiString('NEW CERTIFICATE REQUEST');
+  PEM_STRING_X509_REQ     = AnsiString('CERTIFICATE REQUEST');
+  PEM_STRING_X509_CRL     = AnsiString('X509 CRL');
+  PEM_STRING_EVP_PKEY     = AnsiString('ANY PRIVATE KEY');
+  PEM_STRING_PUBLIC       = AnsiString('PUBLIC KEY');
+  PEM_STRING_RSA          = AnsiString('RSA PRIVATE KEY');
+  PEM_STRING_RSA_PUBLIC   = AnsiString('RSA PUBLIC KEY');
+  PEM_STRING_DSA          = AnsiString('DSA PRIVATE KEY');
+  PEM_STRING_DSA_PUBLIC   = AnsiString('DSA PUBLIC KEY');
+  PEM_STRING_PKCS7        = AnsiString('PKCS7');
+  PEM_STRING_PKCS7_SIGNED = AnsiString('PKCS #7 SIGNED DATA');
+  PEM_STRING_PKCS8        = AnsiString('ENCRYPTED PRIVATE KEY');
+  PEM_STRING_PKCS8INF     = AnsiString('PRIVATE KEY');
+  PEM_STRING_DHPARAMS     = AnsiString('DH PARAMETERS');
+  PEM_STRING_DHXPARAMS    = AnsiString('X9.42 DH PARAMETERS');
+  PEM_STRING_SSL_SESSION  = AnsiString('SSL SESSION PARAMETERS');
+  PEM_STRING_DSAPARAMS    = AnsiString('DSA PARAMETERS');
+  PEM_STRING_ECDSA_PUBLIC = AnsiString('ECDSA PUBLIC KEY');
+  PEM_STRING_ECPARAMETERS = AnsiString('EC PARAMETERS');
+  PEM_STRING_ECPRIVATEKEY = AnsiString('EC PRIVATE KEY');
+  PEM_STRING_PARAMETERS   = AnsiString('PARAMETERS');
+  PEM_STRING_CMS          = AnsiString('CMS');
 
   PEM_TYPE_ENCRYPTED      = 10;
   PEM_TYPE_MIC_ONLY       = 20;
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_rand.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_rand.pas
index f135a4c3b..b8cfea1f0 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_rand.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_rand.pas
@@ -47,7 +47,7 @@ interface
   rand_meth_st_pseudorand = function (buf: PByte; num: TIdC_INT): TIdC_INT; cdecl;
   rand_meth_st_status = function: TIdC_INT; cdecl;
 
-  rand_meth_st = class
+  rand_meth_st = record
     seed: rand_meth_st_seed;
     bytes: rand_meth_st_bytes;
     cleanup: rand_meth_st_cleanup;
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ssl.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ssl.pas
index 496d52029..1942c475d 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ssl.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ssl.pas
@@ -70,97 +70,97 @@ interface
 
   (* These are used to specify which ciphers to use and not to use *)
 
-  SSL_TXT_LOW = 'LOW';
-  SSL_TXT_MEDIUM = 'MEDIUM';
-  SSL_TXT_HIGH = 'HIGH';
-  SSL_TXT_FIPS = 'FIPS';
-
-  SSL_TXT_aNULL = 'aNULL';
-  SSL_TXT_eNULL = 'eNULL';
-  SSL_TXT_NULL = 'NULL';
-
-  SSL_TXT_kRSA = 'kRSA';
-  SSL_TXT_kDHr = 'kDHr';
-  SSL_TXT_kDHd = 'kDHd';
-  SSL_TXT_kDH = 'kDH';
-  SSL_TXT_kEDH = 'kEDH';
-  SSL_TXT_kDHE = 'kDHE';
-  SSL_TXT_kECDHr = 'kECDHr';
-//const SSL_TXT_kECDHe = 'kECDHe';
-  SSL_TXT_kECDH = 'kECDH';
-  SSL_TXT_kEECDH = 'kEECDH';
-  SSL_TXT_kECDHE = 'kECDHE';
-  SSL_TXT_kPSK = 'kPSK';
-  SSL_TXT_kRSAPSK = 'kRSAPSK';
-  SSL_TXT_kECDHEPSK = 'kECDHEPSK';
-  SSL_TXT_kDHEPSK = 'kDHEPSK';
-  SSL_TXT_kGOST = 'kGOST';
-  SSL_TXT_kSRP = 'kSRP';
-
-  SSL_TXT_aRSA = 'aRSA';
-  SSL_TXT_aDSS = 'aDSS';
-  SSL_TXT_aDH = 'aDH';
-  SSL_TXT_aECDH = 'aECDH';
-  SSL_TXT_aECDSA = 'aECDSA';
-  SSL_TXT_aPSK = 'aPSK';
-  SSL_TXT_aGOST94 = 'aGOST94';
-  SSL_TXT_aGOST01 = 'aGOST01';
-  SSL_TXT_aGOST12 = 'aGOST12';
-  SSL_TXT_aGOST = 'aGOST';
-  SSL_TXT_aSRP = 'aSRP';
-
-  SSL_TXT_DSS = 'DSS';
-  SSL_TXT_DH = 'DH';
-  SSL_TXT_DHE = 'DHE';
-  SSL_TXT_EDH = 'EDH';
-  //SSL_TXT_ADH = 'ADH';
-  SSL_TXT_RSA = 'RSA';
-  SSL_TXT_ECDH = 'ECDH';
-  SSL_TXT_EECDH = 'EECDH';
-  SSL_TXT_ECDHE = 'ECDHE';
-  //SSL_TXT_AECDH = 'AECDH';
-  SSL_TXT_ECDSA = 'ECDSA';
-  SSL_TXT_PSK = 'PSK';
-  SSL_TXT_SRP = 'SRP';
-
-  SSL_TXT_DES = 'DES';
-  SSL_TXT_3DES = '3DES';
-  SSL_TXT_RC4 = 'RC4';
-  SSL_TXT_RC2 = 'RC2';
-  SSL_TXT_IDEA = 'IDEA';
-  SSL_TXT_SEED = 'SEED';
-  SSL_TXT_AES128 = 'AES128';
-  SSL_TXT_AES256 = 'AES256';
-  SSL_TXT_AES = 'AES';
-  SSL_TXT_AES_GCM = 'AESGCM';
-  SSL_TXT_AES_CCM = 'AESCCM';
-  SSL_TXT_AES_CCM_8 = 'AESCCM8';
-  SSL_TXT_CAMELLIA128 = 'CAMELLIA128';
-  SSL_TXT_CAMELLIA256 = 'CAMELLIA256';
-  SSL_TXT_CAMELLIA = 'CAMELLIA';
-  SSL_TXT_CHACHA20 = 'CHACHA20';
-  SSL_TXT_GOST = 'GOST89';
-  SSL_TXT_ARIA = 'ARIA';
-  SSL_TXT_ARIA_GCM = 'ARIAGCM';
-  SSL_TXT_ARIA128 = 'ARIA128';
-  SSL_TXT_ARIA256 = 'ARIA256';
-
-  SSL_TXT_MD5 = 'MD5';
-  SSL_TXT_SHA1 = 'SHA1';
-  SSL_TXT_SHA = 'SHA';
-  SSL_TXT_GOST94 = 'GOST94';
-  SSL_TXT_GOST89MAC = 'GOST89MAC';
-  SSL_TXT_GOST12 = 'GOST12';
-  SSL_TXT_GOST89MAC12 = 'GOST89MAC12';
-  SSL_TXT_SHA256 = 'SHA256';
-  SSL_TXT_SHA384 = 'SHA384';
-
-  SSL_TXT_SSLV3 = 'SSLv3';
-  SSL_TXT_TLSV1 = 'TLSv1';
-  SSL_TXT_TLSV1_1 = 'TLSv1.1';
-  SSL_TXT_TLSV1_2 = 'TLSv1.2';
-
-  SSL_TXT_ALL = 'ALL';
+  SSL_TXT_LOW = AnsiString('LOW');
+  SSL_TXT_MEDIUM = AnsiString('MEDIUM');
+  SSL_TXT_HIGH = AnsiString('HIGH');
+  SSL_TXT_FIPS = AnsiString('FIPS');
+
+  SSL_TXT_aNULL = AnsiString('aNULL');
+  SSL_TXT_eNULL = AnsiString('eNULL');
+  SSL_TXT_NULL = AnsiString('NULL');
+
+  SSL_TXT_kRSA = AnsiString('kRSA');
+  SSL_TXT_kDHr = AnsiString('kDHr');
+  SSL_TXT_kDHd = AnsiString('kDHd');
+  SSL_TXT_kDH = AnsiString('kDH');
+  SSL_TXT_kEDH = AnsiString('kEDH');
+  SSL_TXT_kDHE = AnsiString('kDHE');
+  SSL_TXT_kECDHr = AnsiString('kECDHr');
+//const SSL_TXT_kECDHe = AnsiString('kECDHe');
+  SSL_TXT_kECDH = AnsiString('kECDH');
+  SSL_TXT_kEECDH = AnsiString('kEECDH');
+  SSL_TXT_kECDHE = AnsiString('kECDHE');
+  SSL_TXT_kPSK = AnsiString('kPSK');
+  SSL_TXT_kRSAPSK = AnsiString('kRSAPSK');
+  SSL_TXT_kECDHEPSK = AnsiString('kECDHEPSK');
+  SSL_TXT_kDHEPSK = AnsiString('kDHEPSK');
+  SSL_TXT_kGOST = AnsiString('kGOST');
+  SSL_TXT_kSRP = AnsiString('kSRP');
+
+  SSL_TXT_aRSA = AnsiString('aRSA');
+  SSL_TXT_aDSS = AnsiString('aDSS');
+  SSL_TXT_aDH = AnsiString('aDH');
+  SSL_TXT_aECDH = AnsiString('aECDH');
+  SSL_TXT_aECDSA = AnsiString('aECDSA');
+  SSL_TXT_aPSK = AnsiString('aPSK');
+  SSL_TXT_aGOST94 = AnsiString('aGOST94');
+  SSL_TXT_aGOST01 = AnsiString('aGOST01');
+  SSL_TXT_aGOST12 = AnsiString('aGOST12');
+  SSL_TXT_aGOST = AnsiString('aGOST');
+  SSL_TXT_aSRP = AnsiString('aSRP');
+
+  SSL_TXT_DSS = AnsiString('DSS');
+  SSL_TXT_DH = AnsiString('DH');
+  SSL_TXT_DHE = AnsiString('DHE');
+  SSL_TXT_EDH = AnsiString('EDH');
+  //SSL_TXT_ADH = AnsiString('ADH');
+  SSL_TXT_RSA = AnsiString('RSA');
+  SSL_TXT_ECDH = AnsiString('ECDH');
+  SSL_TXT_EECDH = AnsiString('EECDH');
+  SSL_TXT_ECDHE = AnsiString('ECDHE');
+  //SSL_TXT_AECDH = AnsiString('AECDH');
+  SSL_TXT_ECDSA = AnsiString('ECDSA');
+  SSL_TXT_PSK = AnsiString('PSK');
+  SSL_TXT_SRP = AnsiString('SRP');
+
+  SSL_TXT_DES = AnsiString('DES');
+  SSL_TXT_3DES = AnsiString('3DES');
+  SSL_TXT_RC4 = AnsiString('RC4');
+  SSL_TXT_RC2 = AnsiString('RC2');
+  SSL_TXT_IDEA = AnsiString('IDEA');
+  SSL_TXT_SEED = AnsiString('SEED');
+  SSL_TXT_AES128 = AnsiString('AES128');
+  SSL_TXT_AES256 = AnsiString('AES256');
+  SSL_TXT_AES = AnsiString('AES');
+  SSL_TXT_AES_GCM = AnsiString('AESGCM');
+  SSL_TXT_AES_CCM = AnsiString('AESCCM');
+  SSL_TXT_AES_CCM_8 = AnsiString('AESCCM8');
+  SSL_TXT_CAMELLIA128 = AnsiString('CAMELLIA128');
+  SSL_TXT_CAMELLIA256 = AnsiString('CAMELLIA256');
+  SSL_TXT_CAMELLIA = AnsiString('CAMELLIA');
+  SSL_TXT_CHACHA20 = AnsiString('CHACHA20');
+  SSL_TXT_GOST = AnsiString('GOST89');
+  SSL_TXT_ARIA = AnsiString('ARIA');
+  SSL_TXT_ARIA_GCM = AnsiString('ARIAGCM');
+  SSL_TXT_ARIA128 = AnsiString('ARIA128');
+  SSL_TXT_ARIA256 = AnsiString('ARIA256');
+
+  SSL_TXT_MD5 = AnsiString('MD5');
+  SSL_TXT_SHA1 = AnsiString('SHA1');
+  SSL_TXT_SHA = AnsiString('SHA');
+  SSL_TXT_GOST94 = AnsiString('GOST94');
+  SSL_TXT_GOST89MAC = AnsiString('GOST89MAC');
+  SSL_TXT_GOST12 = AnsiString('GOST12');
+  SSL_TXT_GOST89MAC12 = AnsiString('GOST89MAC12');
+  SSL_TXT_SHA256 = AnsiString('SHA256');
+  SSL_TXT_SHA384 = AnsiString('SHA384');
+
+  SSL_TXT_SSLV3 = AnsiString('SSLv3');
+  SSL_TXT_TLSV1 = AnsiString('TLSv1');
+  SSL_TXT_TLSV1_1 = AnsiString('TLSv1.1');
+  SSL_TXT_TLSV1_2 = AnsiString('TLSv1.2');
+
+  SSL_TXT_ALL = AnsiString('ALL');
 
   (*-
    * COMPLEMENTOF* definitions. These identifiers are used to (de-select)
@@ -176,17 +176,17 @@ interface
    * DEFAULT gets, as only selection is being done and no sorting as needed
    * for DEFAULT.
    *)
-  SSL_TXT_CMPALL = 'COMPLEMENTOFALL';
-  SSL_TXT_CMPDEF = 'COMPLEMENTOFDEFAULT';
+  SSL_TXT_CMPALL = AnsiString('COMPLEMENTOFALL');
+  SSL_TXT_CMPDEF = AnsiString('COMPLEMENTOFDEFAULT');
 
   (*
    * The following cipher list is used by default. It also is substituted when
    * an application-defined cipher list string starts with 'DEFAULT'.
    * This applies to ciphersuites for TLSv1.2 and below.
    *)
-  SSL_DEFAULT_CIPHER_LIST = 'ALL:!COMPLEMENTOFDEFAULT:!eNULL';
+  SSL_DEFAULT_CIPHER_LIST = AnsiString('ALL:!COMPLEMENTOFDEFAULT:!eNULL');
   (* This is the default set of TLSv1.3 ciphersuites *)
-  TLS_DEFAULT_CIPHERSUITES = 'TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256';
+  TLS_DEFAULT_CIPHERSUITES = AnsiString('TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256');
 
   (*
    * As of OpenSSL 1.0.0, ssl_create_cipher_list() in ssl/ssl_ciph.c always
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ssl3.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ssl3.pas
index d47015345..e2116f151 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ssl3.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ssl3.pas
@@ -33,6 +33,9 @@ interface
 
 {$i IdCompilerDefines.inc}
 
+uses
+  IdGlobal;
+
 const
   (*
    * Signalling cipher suite value from RFC 5746
@@ -84,59 +87,59 @@ interface
   SSL3_CK_ADH_DES_192_CBC_SHA = $0300001B;
 
   (* a bundle of RFC standard cipher names, generated from ssl3_ciphers[] *)
-  SSL3_RFC_RSA_NULL_MD5 = 'TLS_RSA_WITH_NULL_MD5';
-  SSL3_RFC_RSA_NULL_SHA = 'TLS_RSA_WITH_NULL_SHA';
-  SSL3_RFC_RSA_DES_192_CBC3_SHA = 'TLS_RSA_WITH_3DES_EDE_CBC_SHA';
-  SSL3_RFC_DHE_DSS_DES_192_CBC3_SHA = 'TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA';
-  SSL3_RFC_DHE_RSA_DES_192_CBC3_SHA = 'TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA';
-  SSL3_RFC_ADH_DES_192_CBC_SHA = 'TLS_DH_anon_WITH_3DES_EDE_CBC_SHA';
-  SSL3_RFC_RSA_IDEA_128_SHA = 'TLS_RSA_WITH_IDEA_CBC_SHA';
-  SSL3_RFC_RSA_RC4_128_MD5 = 'TLS_RSA_WITH_RC4_128_MD5';
-  SSL3_RFC_RSA_RC4_128_SHA = 'TLS_RSA_WITH_RC4_128_SHA';
-  SSL3_RFC_ADH_RC4_128_MD5 = 'TLS_DH_anon_WITH_RC4_128_MD5';
+  SSL3_RFC_RSA_NULL_MD5 = AnsiString('TLS_RSA_WITH_NULL_MD5');
+  SSL3_RFC_RSA_NULL_SHA = AnsiString('TLS_RSA_WITH_NULL_SHA');
+  SSL3_RFC_RSA_DES_192_CBC3_SHA = AnsiString('TLS_RSA_WITH_3DES_EDE_CBC_SHA');
+  SSL3_RFC_DHE_DSS_DES_192_CBC3_SHA = AnsiString('TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA');
+  SSL3_RFC_DHE_RSA_DES_192_CBC3_SHA = AnsiString('TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA');
+  SSL3_RFC_ADH_DES_192_CBC_SHA = AnsiString('TLS_DH_anon_WITH_3DES_EDE_CBC_SHA');
+  SSL3_RFC_RSA_IDEA_128_SHA = AnsiString('TLS_RSA_WITH_IDEA_CBC_SHA');
+  SSL3_RFC_RSA_RC4_128_MD5 = AnsiString('TLS_RSA_WITH_RC4_128_MD5');
+  SSL3_RFC_RSA_RC4_128_SHA = AnsiString('TLS_RSA_WITH_RC4_128_SHA');
+  SSL3_RFC_ADH_RC4_128_MD5 = AnsiString('TLS_DH_anon_WITH_RC4_128_MD5');
 
-  SSL3_TXT_RSA_NULL_MD5 = 'NULL-MD5';
-  SSL3_TXT_RSA_NULL_SHA = 'NULL-SHA';
-  SSL3_TXT_RSA_RC4_40_MD5 = 'EXP-RC4-MD5';
-  SSL3_TXT_RSA_RC4_128_MD5 = 'RC4-MD5';
-  SSL3_TXT_RSA_RC4_128_SHA = 'RC4-SHA';
-  SSL3_TXT_RSA_RC2_40_MD5 = 'EXP-RC2-CBC-MD5';
-  SSL3_TXT_RSA_IDEA_128_SHA = 'IDEA-CBC-SHA';
-  SSL3_TXT_RSA_DES_40_CBC_SHA = 'EXP-DES-CBC-SHA';
-  SSL3_TXT_RSA_DES_64_CBC_SHA = 'DES-CBC-SHA';
-  SSL3_TXT_RSA_DES_192_CBC3_SHA = 'DES-CBC3-SHA';
+  SSL3_TXT_RSA_NULL_MD5 = AnsiString('NULL-MD5');
+  SSL3_TXT_RSA_NULL_SHA = AnsiString('NULL-SHA');
+  SSL3_TXT_RSA_RC4_40_MD5 = AnsiString('EXP-RC4-MD5');
+  SSL3_TXT_RSA_RC4_128_MD5 = AnsiString('RC4-MD5');
+  SSL3_TXT_RSA_RC4_128_SHA = AnsiString('RC4-SHA');
+  SSL3_TXT_RSA_RC2_40_MD5 = AnsiString('EXP-RC2-CBC-MD5');
+  SSL3_TXT_RSA_IDEA_128_SHA = AnsiString('IDEA-CBC-SHA');
+  SSL3_TXT_RSA_DES_40_CBC_SHA = AnsiString('EXP-DES-CBC-SHA');
+  SSL3_TXT_RSA_DES_64_CBC_SHA = AnsiString('DES-CBC-SHA');
+  SSL3_TXT_RSA_DES_192_CBC3_SHA = AnsiString('DES-CBC3-SHA');
 
-  SSL3_TXT_DH_DSS_DES_40_CBC_SHA = 'EXP-DH-DSS-DES-CBC-SHA';
-  SSL3_TXT_DH_DSS_DES_64_CBC_SHA = 'DH-DSS-DES-CBC-SHA';
-  SSL3_TXT_DH_DSS_DES_192_CBC3_SHA = 'DH-DSS-DES-CBC3-SHA';
-  SSL3_TXT_DH_RSA_DES_40_CBC_SHA = 'EXP-DH-RSA-DES-CBC-SHA';
-  SSL3_TXT_DH_RSA_DES_64_CBC_SHA = 'DH-RSA-DES-CBC-SHA';
-  SSL3_TXT_DH_RSA_DES_192_CBC3_SHA = 'DH-RSA-DES-CBC3-SHA';
+  SSL3_TXT_DH_DSS_DES_40_CBC_SHA = AnsiString('EXP-DH-DSS-DES-CBC-SHA');
+  SSL3_TXT_DH_DSS_DES_64_CBC_SHA = AnsiString('DH-DSS-DES-CBC-SHA');
+  SSL3_TXT_DH_DSS_DES_192_CBC3_SHA = AnsiString('DH-DSS-DES-CBC3-SHA');
+  SSL3_TXT_DH_RSA_DES_40_CBC_SHA = AnsiString('EXP-DH-RSA-DES-CBC-SHA');
+  SSL3_TXT_DH_RSA_DES_64_CBC_SHA = AnsiString('DH-RSA-DES-CBC-SHA');
+  SSL3_TXT_DH_RSA_DES_192_CBC3_SHA = AnsiString('DH-RSA-DES-CBC3-SHA');
 
-  SSL3_TXT_DHE_DSS_DES_40_CBC_SHA = 'EXP-DHE-DSS-DES-CBC-SHA';
-  SSL3_TXT_DHE_DSS_DES_64_CBC_SHA = 'DHE-DSS-DES-CBC-SHA';
-  SSL3_TXT_DHE_DSS_DES_192_CBC3_SHA = 'DHE-DSS-DES-CBC3-SHA';
-  SSL3_TXT_DHE_RSA_DES_40_CBC_SHA = 'EXP-DHE-RSA-DES-CBC-SHA';
-  SSL3_TXT_DHE_RSA_DES_64_CBC_SHA = 'DHE-RSA-DES-CBC-SHA';
-  SSL3_TXT_DHE_RSA_DES_192_CBC3_SHA = 'DHE-RSA-DES-CBC3-SHA';
+  SSL3_TXT_DHE_DSS_DES_40_CBC_SHA = AnsiString('EXP-DHE-DSS-DES-CBC-SHA');
+  SSL3_TXT_DHE_DSS_DES_64_CBC_SHA = AnsiString('DHE-DSS-DES-CBC-SHA');
+  SSL3_TXT_DHE_DSS_DES_192_CBC3_SHA = AnsiString('DHE-DSS-DES-CBC3-SHA');
+  SSL3_TXT_DHE_RSA_DES_40_CBC_SHA = AnsiString('EXP-DHE-RSA-DES-CBC-SHA');
+  SSL3_TXT_DHE_RSA_DES_64_CBC_SHA = AnsiString('DHE-RSA-DES-CBC-SHA');
+  SSL3_TXT_DHE_RSA_DES_192_CBC3_SHA = AnsiString('DHE-RSA-DES-CBC3-SHA');
 
   (*
    * This next block of six 'EDH' labels is for backward compatibility with
    * older versions of OpenSSL.  New code should use the six 'DHE' labels above
    * instead:
    *)
-  SSL3_TXT_EDH_DSS_DES_40_CBC_SHA = 'EXP-EDH-DSS-DES-CBC-SHA';
-  SSL3_TXT_EDH_DSS_DES_64_CBC_SHA = 'EDH-DSS-DES-CBC-SHA';
-  SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA = 'EDH-DSS-DES-CBC3-SHA';
-  SSL3_TXT_EDH_RSA_DES_40_CBC_SHA = 'EXP-EDH-RSA-DES-CBC-SHA';
-  SSL3_TXT_EDH_RSA_DES_64_CBC_SHA = 'EDH-RSA-DES-CBC-SHA';
-  SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA = 'EDH-RSA-DES-CBC3-SHA';
+  SSL3_TXT_EDH_DSS_DES_40_CBC_SHA = AnsiString('EXP-EDH-DSS-DES-CBC-SHA');
+  SSL3_TXT_EDH_DSS_DES_64_CBC_SHA = AnsiString('EDH-DSS-DES-CBC-SHA');
+  SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA = AnsiString('EDH-DSS-DES-CBC3-SHA');
+  SSL3_TXT_EDH_RSA_DES_40_CBC_SHA = AnsiString('EXP-EDH-RSA-DES-CBC-SHA');
+  SSL3_TXT_EDH_RSA_DES_64_CBC_SHA = AnsiString('EDH-RSA-DES-CBC-SHA');
+  SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA = AnsiString('EDH-RSA-DES-CBC3-SHA');
 
-  SSL3_TXT_ADH_RC4_40_MD5 = 'EXP-ADH-RC4-MD5';
-  SSL3_TXT_ADH_RC4_128_MD5 = 'ADH-RC4-MD5';
-  SSL3_TXT_ADH_DES_40_CBC_SHA = 'EXP-ADH-DES-CBC-SHA';
-  SSL3_TXT_ADH_DES_64_CBC_SHA = 'ADH-DES-CBC-SHA';
-  SSL3_TXT_ADH_DES_192_CBC_SHA = 'ADH-DES-CBC3-SHA';
+  SSL3_TXT_ADH_RC4_40_MD5 = AnsiString('EXP-ADH-RC4-MD5');
+  SSL3_TXT_ADH_RC4_128_MD5 = AnsiString('ADH-RC4-MD5');
+  SSL3_TXT_ADH_DES_40_CBC_SHA = AnsiString('EXP-ADH-DES-CBC-SHA');
+  SSL3_TXT_ADH_DES_64_CBC_SHA = AnsiString('ADH-DES-CBC-SHA');
+  SSL3_TXT_ADH_DES_192_CBC_SHA = AnsiString('ADH-DES-CBC3-SHA');
 
   SSL3_SSL_SESSION_ID_LENGTH = 32;
   SSL3_MAX_SSL_SESSION_ID_LENGTH = 32;
@@ -197,10 +200,10 @@ interface
 
   SSL3_RT_MAX_ENCRYPTED_LENGTH = SSL3_RT_MAX_ENCRYPTED_OVERHEAD + SSL3_RT_MAX_COMPRESSED_LENGTH;
   SSL3_RT_MAX_TLS13_ENCRYPTED_LENGTH = SSL3_RT_MAX_PLAIN_LENGTH + SSL3_RT_MAX_TLS13_ENCRYPTED_OVERHEAD;
-  SSL3_RT_MAX_PACKET_SIZE = SSL3_RT_MAX_ENCRYPTED_LENGTH+SSL3_RT_HEADER_LENGTH;
+  SSL3_RT_MAX_PACKET_SIZE = SSL3_RT_MAX_ENCRYPTED_LENGTH + SSL3_RT_HEADER_LENGTH;
 
-  SSL3_MD_CLIENT_FINISHED_= '\x43\x4C\x4E\x54';
-  SSL3_MD_SERVER_FINISHED_= '\x53\x52\x56\x52';
+  SSL3_MD_CLIENT_FINISHED_= TIdAnsiChar($43) + TIdAnsiChar($4C) + TIdAnsiChar($4E) + TIdAnsiChar($54);
+  SSL3_MD_SERVER_FINISHED_= TIdAnsiChar($53) + TIdAnsiChar($52) + TIdAnsiChar($56) + TIdAnsiChar($52);
 
   SSL3_VERSION = $0300;
   SSL3_VERSION_MAJOR = $03;
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_tls1.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_tls1.pas
index 74e7112ca..33076c49b 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_tls1.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_tls1.pas
@@ -518,195 +518,195 @@ interface
   TLS1_CK_RSA_PSK_WITH_ARIA_256_GCM_SHA384 = $0300C06F;
 
   (* a bundle of RFC standard cipher names, generated from ssl3_ciphers[] *)
-  TLS1_RFC_RSA_WITH_AES_128_SHA = 'TLS_RSA_WITH_AES_128_CBC_SHA';
-  TLS1_RFC_DHE_DSS_WITH_AES_128_SHA = 'TLS_DHE_DSS_WITH_AES_128_CBC_SHA';
-  TLS1_RFC_DHE_RSA_WITH_AES_128_SHA = 'TLS_DHE_RSA_WITH_AES_128_CBC_SHA';
-  TLS1_RFC_ADH_WITH_AES_128_SHA = 'TLS_DH_anon_WITH_AES_128_CBC_SHA';
-  TLS1_RFC_RSA_WITH_AES_256_SHA = 'TLS_RSA_WITH_AES_256_CBC_SHA';
-  TLS1_RFC_DHE_DSS_WITH_AES_256_SHA = 'TLS_DHE_DSS_WITH_AES_256_CBC_SHA';
-  TLS1_RFC_DHE_RSA_WITH_AES_256_SHA = 'TLS_DHE_RSA_WITH_AES_256_CBC_SHA';
-  TLS1_RFC_ADH_WITH_AES_256_SHA = 'TLS_DH_anon_WITH_AES_256_CBC_SHA';
-  TLS1_RFC_RSA_WITH_NULL_SHA256 = 'TLS_RSA_WITH_NULL_SHA256';
-  TLS1_RFC_RSA_WITH_AES_128_SHA256 = 'TLS_RSA_WITH_AES_128_CBC_SHA256';
-  TLS1_RFC_RSA_WITH_AES_256_SHA256 = 'TLS_RSA_WITH_AES_256_CBC_SHA256';
-  TLS1_RFC_DHE_DSS_WITH_AES_128_SHA256 = 'TLS_DHE_DSS_WITH_AES_128_CBC_SHA256';
-  TLS1_RFC_DHE_RSA_WITH_AES_128_SHA256 = 'TLS_DHE_RSA_WITH_AES_128_CBC_SHA256';
-  TLS1_RFC_DHE_DSS_WITH_AES_256_SHA256 = 'TLS_DHE_DSS_WITH_AES_256_CBC_SHA256';
-  TLS1_RFC_DHE_RSA_WITH_AES_256_SHA256 = 'TLS_DHE_RSA_WITH_AES_256_CBC_SHA256';
-  TLS1_RFC_ADH_WITH_AES_128_SHA256 = 'TLS_DH_anon_WITH_AES_128_CBC_SHA256';
-  TLS1_RFC_ADH_WITH_AES_256_SHA256 = 'TLS_DH_anon_WITH_AES_256_CBC_SHA256';
-  TLS1_RFC_RSA_WITH_AES_128_GCM_SHA256 = 'TLS_RSA_WITH_AES_128_GCM_SHA256';
-  TLS1_RFC_RSA_WITH_AES_256_GCM_SHA384 = 'TLS_RSA_WITH_AES_256_GCM_SHA384';
-  TLS1_RFC_DHE_RSA_WITH_AES_128_GCM_SHA256 = 'TLS_DHE_RSA_WITH_AES_128_GCM_SHA256';
-  TLS1_RFC_DHE_RSA_WITH_AES_256_GCM_SHA384 = 'TLS_DHE_RSA_WITH_AES_256_GCM_SHA384';
-  TLS1_RFC_DHE_DSS_WITH_AES_128_GCM_SHA256 = 'TLS_DHE_DSS_WITH_AES_128_GCM_SHA256';
-  TLS1_RFC_DHE_DSS_WITH_AES_256_GCM_SHA384 = 'TLS_DHE_DSS_WITH_AES_256_GCM_SHA384';
-  TLS1_RFC_ADH_WITH_AES_128_GCM_SHA256 = 'TLS_DH_anon_WITH_AES_128_GCM_SHA256';
-  TLS1_RFC_ADH_WITH_AES_256_GCM_SHA384 = 'TLS_DH_anon_WITH_AES_256_GCM_SHA384';
-  TLS1_RFC_RSA_WITH_AES_128_CCM = 'TLS_RSA_WITH_AES_128_CCM';
-  TLS1_RFC_RSA_WITH_AES_256_CCM = 'TLS_RSA_WITH_AES_256_CCM';
-  TLS1_RFC_DHE_RSA_WITH_AES_128_CCM = 'TLS_DHE_RSA_WITH_AES_128_CCM';
-  TLS1_RFC_DHE_RSA_WITH_AES_256_CCM = 'TLS_DHE_RSA_WITH_AES_256_CCM';
-  TLS1_RFC_RSA_WITH_AES_128_CCM_8 = 'TLS_RSA_WITH_AES_128_CCM_8';
-  TLS1_RFC_RSA_WITH_AES_256_CCM_8 = 'TLS_RSA_WITH_AES_256_CCM_8';
-  TLS1_RFC_DHE_RSA_WITH_AES_128_CCM_8 = 'TLS_DHE_RSA_WITH_AES_128_CCM_8';
-  TLS1_RFC_DHE_RSA_WITH_AES_256_CCM_8 = 'TLS_DHE_RSA_WITH_AES_256_CCM_8';
-  TLS1_RFC_PSK_WITH_AES_128_CCM = 'TLS_PSK_WITH_AES_128_CCM';
-  TLS1_RFC_PSK_WITH_AES_256_CCM = 'TLS_PSK_WITH_AES_256_CCM';
-  TLS1_RFC_DHE_PSK_WITH_AES_128_CCM = 'TLS_DHE_PSK_WITH_AES_128_CCM';
-  TLS1_RFC_DHE_PSK_WITH_AES_256_CCM = 'TLS_DHE_PSK_WITH_AES_256_CCM';
-  TLS1_RFC_PSK_WITH_AES_128_CCM_8 = 'TLS_PSK_WITH_AES_128_CCM_8';
-  TLS1_RFC_PSK_WITH_AES_256_CCM_8 = 'TLS_PSK_WITH_AES_256_CCM_8';
-  TLS1_RFC_DHE_PSK_WITH_AES_128_CCM_8 = 'TLS_PSK_DHE_WITH_AES_128_CCM_8';
-  TLS1_RFC_DHE_PSK_WITH_AES_256_CCM_8 = 'TLS_PSK_DHE_WITH_AES_256_CCM_8';
-  TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_CCM = 'TLS_ECDHE_ECDSA_WITH_AES_128_CCM';
-  TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_CCM = 'TLS_ECDHE_ECDSA_WITH_AES_256_CCM';
-  TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_CCM_8 = 'TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8';
-  TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_CCM_8 = 'TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8';
-  TLS1_3_RFC_AES_128_GCM_SHA256 = 'TLS_AES_128_GCM_SHA256';
-  TLS1_3_RFC_AES_256_GCM_SHA384 = 'TLS_AES_256_GCM_SHA384';
-  TLS1_3_RFC_CHACHA20_POLY1305_SHA256 = 'TLS_CHACHA20_POLY1305_SHA256';
-  TLS1_3_RFC_AES_128_CCM_SHA256 = 'TLS_AES_128_CCM_SHA256';
-  TLS1_3_RFC_AES_128_CCM_8_SHA256 = 'TLS_AES_128_CCM_8_SHA256';
-  TLS1_RFC_ECDHE_ECDSA_WITH_NULL_SHA = 'TLS_ECDHE_ECDSA_WITH_NULL_SHA';
-  TLS1_RFC_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA = 'TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA';
-  TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_CBC_SHA = 'TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA';
-  TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_CBC_SHA = 'TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA';
-  TLS1_RFC_ECDHE_RSA_WITH_NULL_SHA = 'TLS_ECDHE_RSA_WITH_NULL_SHA';
-  TLS1_RFC_ECDHE_RSA_WITH_DES_192_CBC3_SHA = 'TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA';
-  TLS1_RFC_ECDHE_RSA_WITH_AES_128_CBC_SHA = 'TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA';
-  TLS1_RFC_ECDHE_RSA_WITH_AES_256_CBC_SHA = 'TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA';
-  TLS1_RFC_ECDH_anon_WITH_NULL_SHA = 'TLS_ECDH_anon_WITH_NULL_SHA';
-  TLS1_RFC_ECDH_anon_WITH_DES_192_CBC3_SHA = 'TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA';
-  TLS1_RFC_ECDH_anon_WITH_AES_128_CBC_SHA = 'TLS_ECDH_anon_WITH_AES_128_CBC_SHA';
-  TLS1_RFC_ECDH_anon_WITH_AES_256_CBC_SHA = 'TLS_ECDH_anon_WITH_AES_256_CBC_SHA';
-  TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_SHA256 = 'TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256';
-  TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_SHA384 = 'TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384';
-  TLS1_RFC_ECDHE_RSA_WITH_AES_128_SHA256 = 'TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256';
-  TLS1_RFC_ECDHE_RSA_WITH_AES_256_SHA384 = 'TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384';
-  TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 = 'TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256';
-  TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 = 'TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384';
-  TLS1_RFC_ECDHE_RSA_WITH_AES_128_GCM_SHA256 = 'TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256';
-  TLS1_RFC_ECDHE_RSA_WITH_AES_256_GCM_SHA384 = 'TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384';
-  TLS1_RFC_PSK_WITH_NULL_SHA = 'TLS_PSK_WITH_NULL_SHA';
-  TLS1_RFC_DHE_PSK_WITH_NULL_SHA = 'TLS_DHE_PSK_WITH_NULL_SHA';
-  TLS1_RFC_RSA_PSK_WITH_NULL_SHA = 'TLS_RSA_PSK_WITH_NULL_SHA';
-  TLS1_RFC_PSK_WITH_3DES_EDE_CBC_SHA = 'TLS_PSK_WITH_3DES_EDE_CBC_SHA';
-  TLS1_RFC_PSK_WITH_AES_128_CBC_SHA = 'TLS_PSK_WITH_AES_128_CBC_SHA';
-  TLS1_RFC_PSK_WITH_AES_256_CBC_SHA = 'TLS_PSK_WITH_AES_256_CBC_SHA';
-  TLS1_RFC_DHE_PSK_WITH_3DES_EDE_CBC_SHA = 'TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA';
-  TLS1_RFC_DHE_PSK_WITH_AES_128_CBC_SHA = 'TLS_DHE_PSK_WITH_AES_128_CBC_SHA';
-  TLS1_RFC_DHE_PSK_WITH_AES_256_CBC_SHA = 'TLS_DHE_PSK_WITH_AES_256_CBC_SHA';
-  TLS1_RFC_RSA_PSK_WITH_3DES_EDE_CBC_SHA = 'TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA';
-  TLS1_RFC_RSA_PSK_WITH_AES_128_CBC_SHA = 'TLS_RSA_PSK_WITH_AES_128_CBC_SHA';
-  TLS1_RFC_RSA_PSK_WITH_AES_256_CBC_SHA = 'TLS_RSA_PSK_WITH_AES_256_CBC_SHA';
-  TLS1_RFC_PSK_WITH_AES_128_GCM_SHA256 = 'TLS_PSK_WITH_AES_128_GCM_SHA256';
-  TLS1_RFC_PSK_WITH_AES_256_GCM_SHA384 = 'TLS_PSK_WITH_AES_256_GCM_SHA384';
-  TLS1_RFC_DHE_PSK_WITH_AES_128_GCM_SHA256 = 'TLS_DHE_PSK_WITH_AES_128_GCM_SHA256';
-  TLS1_RFC_DHE_PSK_WITH_AES_256_GCM_SHA384 = 'TLS_DHE_PSK_WITH_AES_256_GCM_SHA384';
-  TLS1_RFC_RSA_PSK_WITH_AES_128_GCM_SHA256 = 'TLS_RSA_PSK_WITH_AES_128_GCM_SHA256';
-  TLS1_RFC_RSA_PSK_WITH_AES_256_GCM_SHA384 = 'TLS_RSA_PSK_WITH_AES_256_GCM_SHA384';
-  TLS1_RFC_PSK_WITH_AES_128_CBC_SHA256 = 'TLS_PSK_WITH_AES_128_CBC_SHA256';
-  TLS1_RFC_PSK_WITH_AES_256_CBC_SHA384 = 'TLS_PSK_WITH_AES_256_CBC_SHA384';
-  TLS1_RFC_PSK_WITH_NULL_SHA256 = 'TLS_PSK_WITH_NULL_SHA256';
-  TLS1_RFC_PSK_WITH_NULL_SHA384 = 'TLS_PSK_WITH_NULL_SHA384';
-  TLS1_RFC_DHE_PSK_WITH_AES_128_CBC_SHA256 = 'TLS_DHE_PSK_WITH_AES_128_CBC_SHA256';
-  TLS1_RFC_DHE_PSK_WITH_AES_256_CBC_SHA384 = 'TLS_DHE_PSK_WITH_AES_256_CBC_SHA384';
-  TLS1_RFC_DHE_PSK_WITH_NULL_SHA256 = 'TLS_DHE_PSK_WITH_NULL_SHA256';
-  TLS1_RFC_DHE_PSK_WITH_NULL_SHA384 = 'TLS_DHE_PSK_WITH_NULL_SHA384';
-  TLS1_RFC_RSA_PSK_WITH_AES_128_CBC_SHA256 = 'TLS_RSA_PSK_WITH_AES_128_CBC_SHA256';
-  TLS1_RFC_RSA_PSK_WITH_AES_256_CBC_SHA384 = 'TLS_RSA_PSK_WITH_AES_256_CBC_SHA384';
-  TLS1_RFC_RSA_PSK_WITH_NULL_SHA256 = 'TLS_RSA_PSK_WITH_NULL_SHA256';
-  TLS1_RFC_RSA_PSK_WITH_NULL_SHA384 = 'TLS_RSA_PSK_WITH_NULL_SHA384';
-  TLS1_RFC_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA = 'TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA';
-  TLS1_RFC_ECDHE_PSK_WITH_AES_128_CBC_SHA = 'TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA';
-  TLS1_RFC_ECDHE_PSK_WITH_AES_256_CBC_SHA = 'TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA';
-  TLS1_RFC_ECDHE_PSK_WITH_AES_128_CBC_SHA256 = 'TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256';
-  TLS1_RFC_ECDHE_PSK_WITH_AES_256_CBC_SHA384 = 'TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384';
-  TLS1_RFC_ECDHE_PSK_WITH_NULL_SHA = 'TLS_ECDHE_PSK_WITH_NULL_SHA';
-  TLS1_RFC_ECDHE_PSK_WITH_NULL_SHA256 = 'TLS_ECDHE_PSK_WITH_NULL_SHA256';
-  TLS1_RFC_ECDHE_PSK_WITH_NULL_SHA384 = 'TLS_ECDHE_PSK_WITH_NULL_SHA384';
-  TLS1_RFC_SRP_SHA_WITH_3DES_EDE_CBC_SHA = 'TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA';
-  TLS1_RFC_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA = 'TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA';
-  TLS1_RFC_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA = 'TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA';
-  TLS1_RFC_SRP_SHA_WITH_AES_128_CBC_SHA = 'TLS_SRP_SHA_WITH_AES_128_CBC_SHA';
-  TLS1_RFC_SRP_SHA_RSA_WITH_AES_128_CBC_SHA = 'TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA';
-  TLS1_RFC_SRP_SHA_DSS_WITH_AES_128_CBC_SHA = 'TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA';
-  TLS1_RFC_SRP_SHA_WITH_AES_256_CBC_SHA = 'TLS_SRP_SHA_WITH_AES_256_CBC_SHA';
-  TLS1_RFC_SRP_SHA_RSA_WITH_AES_256_CBC_SHA = 'TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA';
-  TLS1_RFC_SRP_SHA_DSS_WITH_AES_256_CBC_SHA = 'TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA';
-  TLS1_RFC_DHE_RSA_WITH_CHACHA20_POLY1305 = 'TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256';
-  TLS1_RFC_ECDHE_RSA_WITH_CHACHA20_POLY1305 = 'TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256';
-  TLS1_RFC_ECDHE_ECDSA_WITH_CHACHA20_POLY1305 = 'TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256';
-  TLS1_RFC_PSK_WITH_CHACHA20_POLY1305 = 'TLS_PSK_WITH_CHACHA20_POLY1305_SHA256';
-  TLS1_RFC_ECDHE_PSK_WITH_CHACHA20_POLY1305 = 'TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256';
-  TLS1_RFC_DHE_PSK_WITH_CHACHA20_POLY1305 = 'TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256';
-  TLS1_RFC_RSA_PSK_WITH_CHACHA20_POLY1305 = 'TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256';
-  TLS1_RFC_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 'TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256';
-  TLS1_RFC_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256 = 'TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256';
-  TLS1_RFC_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 'TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256';
-  TLS1_RFC_ADH_WITH_CAMELLIA_128_CBC_SHA256 = 'TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256';
-  TLS1_RFC_RSA_WITH_CAMELLIA_256_CBC_SHA256 = 'TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256';
-  TLS1_RFC_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256 = 'TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256';
-  TLS1_RFC_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 = 'TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256';
-  TLS1_RFC_ADH_WITH_CAMELLIA_256_CBC_SHA256 = 'TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256';
-  TLS1_RFC_RSA_WITH_CAMELLIA_256_CBC_SHA = 'TLS_RSA_WITH_CAMELLIA_256_CBC_SHA';
-  TLS1_RFC_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA = 'TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA';
-  TLS1_RFC_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA = 'TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA';
-  TLS1_RFC_ADH_WITH_CAMELLIA_256_CBC_SHA = 'TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA';
-  TLS1_RFC_RSA_WITH_CAMELLIA_128_CBC_SHA = 'TLS_RSA_WITH_CAMELLIA_128_CBC_SHA';
-  TLS1_RFC_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA = 'TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA';
-  TLS1_RFC_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA = 'TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA';
-  TLS1_RFC_ADH_WITH_CAMELLIA_128_CBC_SHA = 'TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA';
-  TLS1_RFC_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 = 'TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256';
-  TLS1_RFC_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 = 'TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384';
-  TLS1_RFC_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 'TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256';
-  TLS1_RFC_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 = 'TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384';
-  TLS1_RFC_PSK_WITH_CAMELLIA_128_CBC_SHA256 = 'TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256';
-  TLS1_RFC_PSK_WITH_CAMELLIA_256_CBC_SHA384 = 'TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384';
-  TLS1_RFC_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 = 'TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256';
-  TLS1_RFC_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 = 'TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384';
-  TLS1_RFC_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 = 'TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256';
-  TLS1_RFC_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 = 'TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384';
-  TLS1_RFC_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 = 'TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256';
-  TLS1_RFC_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 = 'TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384';
-  TLS1_RFC_RSA_WITH_SEED_SHA = 'TLS_RSA_WITH_SEED_CBC_SHA';
-  TLS1_RFC_DHE_DSS_WITH_SEED_SHA = 'TLS_DHE_DSS_WITH_SEED_CBC_SHA';
-  TLS1_RFC_DHE_RSA_WITH_SEED_SHA = 'TLS_DHE_RSA_WITH_SEED_CBC_SHA';
-  TLS1_RFC_ADH_WITH_SEED_SHA = 'TLS_DH_anon_WITH_SEED_CBC_SHA';
-  TLS1_RFC_ECDHE_PSK_WITH_RC4_128_SHA = 'TLS_ECDHE_PSK_WITH_RC4_128_SHA';
-  TLS1_RFC_ECDH_anon_WITH_RC4_128_SHA = 'TLS_ECDH_anon_WITH_RC4_128_SHA';
-  TLS1_RFC_ECDHE_ECDSA_WITH_RC4_128_SHA = 'TLS_ECDHE_ECDSA_WITH_RC4_128_SHA';
-  TLS1_RFC_ECDHE_RSA_WITH_RC4_128_SHA = 'TLS_ECDHE_RSA_WITH_RC4_128_SHA';
-  TLS1_RFC_PSK_WITH_RC4_128_SHA = 'TLS_PSK_WITH_RC4_128_SHA';
-  TLS1_RFC_RSA_PSK_WITH_RC4_128_SHA = 'TLS_RSA_PSK_WITH_RC4_128_SHA';
-  TLS1_RFC_DHE_PSK_WITH_RC4_128_SHA = 'TLS_DHE_PSK_WITH_RC4_128_SHA';
-  TLS1_RFC_RSA_WITH_ARIA_128_GCM_SHA256 = 'TLS_RSA_WITH_ARIA_128_GCM_SHA256';
-  TLS1_RFC_RSA_WITH_ARIA_256_GCM_SHA384 = 'TLS_RSA_WITH_ARIA_256_GCM_SHA384';
-  TLS1_RFC_DHE_RSA_WITH_ARIA_128_GCM_SHA256 = 'TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256';
-  TLS1_RFC_DHE_RSA_WITH_ARIA_256_GCM_SHA384 = 'TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384';
-  TLS1_RFC_DH_RSA_WITH_ARIA_128_GCM_SHA256 = 'TLS_DH_RSA_WITH_ARIA_128_GCM_SHA256';
-  TLS1_RFC_DH_RSA_WITH_ARIA_256_GCM_SHA384 = 'TLS_DH_RSA_WITH_ARIA_256_GCM_SHA384';
-  TLS1_RFC_DHE_DSS_WITH_ARIA_128_GCM_SHA256 = 'TLS_DHE_DSS_WITH_ARIA_128_GCM_SHA256';
-  TLS1_RFC_DHE_DSS_WITH_ARIA_256_GCM_SHA384 = 'TLS_DHE_DSS_WITH_ARIA_256_GCM_SHA384';
-  TLS1_RFC_DH_DSS_WITH_ARIA_128_GCM_SHA256 = 'TLS_DH_DSS_WITH_ARIA_128_GCM_SHA256';
-  TLS1_RFC_DH_DSS_WITH_ARIA_256_GCM_SHA384 = 'TLS_DH_DSS_WITH_ARIA_256_GCM_SHA384';
-  TLS1_RFC_DH_anon_WITH_ARIA_128_GCM_SHA256 = 'TLS_DH_anon_WITH_ARIA_128_GCM_SHA256';
-  TLS1_RFC_DH_anon_WITH_ARIA_256_GCM_SHA384 = 'TLS_DH_anon_WITH_ARIA_256_GCM_SHA384';
-  TLS1_RFC_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256 = 'TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256';
-  TLS1_RFC_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384 = 'TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384';
-  TLS1_RFC_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256 = 'TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256';
-  TLS1_RFC_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384 = 'TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384';
-  TLS1_RFC_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 = 'TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256';
-  TLS1_RFC_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 = 'TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384';
-  TLS1_RFC_ECDH_RSA_WITH_ARIA_128_GCM_SHA256 = 'TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256';
-  TLS1_RFC_ECDH_RSA_WITH_ARIA_256_GCM_SHA384 = 'TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384';
-  TLS1_RFC_PSK_WITH_ARIA_128_GCM_SHA256 = 'TLS_PSK_WITH_ARIA_128_GCM_SHA256';
-  TLS1_RFC_PSK_WITH_ARIA_256_GCM_SHA384 = 'TLS_PSK_WITH_ARIA_256_GCM_SHA384';
-  TLS1_RFC_DHE_PSK_WITH_ARIA_128_GCM_SHA256 = 'TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256';
-  TLS1_RFC_DHE_PSK_WITH_ARIA_256_GCM_SHA384 = 'TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384';
-  TLS1_RFC_RSA_PSK_WITH_ARIA_128_GCM_SHA256 = 'TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256';
-  TLS1_RFC_RSA_PSK_WITH_ARIA_256_GCM_SHA384 = 'TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384';
+  TLS1_RFC_RSA_WITH_AES_128_SHA = AnsiString('TLS_RSA_WITH_AES_128_CBC_SHA');
+  TLS1_RFC_DHE_DSS_WITH_AES_128_SHA = AnsiString('TLS_DHE_DSS_WITH_AES_128_CBC_SHA');
+  TLS1_RFC_DHE_RSA_WITH_AES_128_SHA = AnsiString('TLS_DHE_RSA_WITH_AES_128_CBC_SHA');
+  TLS1_RFC_ADH_WITH_AES_128_SHA = AnsiString('TLS_DH_anon_WITH_AES_128_CBC_SHA');
+  TLS1_RFC_RSA_WITH_AES_256_SHA = AnsiString('TLS_RSA_WITH_AES_256_CBC_SHA');
+  TLS1_RFC_DHE_DSS_WITH_AES_256_SHA = AnsiString('TLS_DHE_DSS_WITH_AES_256_CBC_SHA');
+  TLS1_RFC_DHE_RSA_WITH_AES_256_SHA = AnsiString('TLS_DHE_RSA_WITH_AES_256_CBC_SHA');
+  TLS1_RFC_ADH_WITH_AES_256_SHA = AnsiString('TLS_DH_anon_WITH_AES_256_CBC_SHA');
+  TLS1_RFC_RSA_WITH_NULL_SHA256 = AnsiString('TLS_RSA_WITH_NULL_SHA256');
+  TLS1_RFC_RSA_WITH_AES_128_SHA256 = AnsiString('TLS_RSA_WITH_AES_128_CBC_SHA256');
+  TLS1_RFC_RSA_WITH_AES_256_SHA256 = AnsiString('TLS_RSA_WITH_AES_256_CBC_SHA256');
+  TLS1_RFC_DHE_DSS_WITH_AES_128_SHA256 = AnsiString('TLS_DHE_DSS_WITH_AES_128_CBC_SHA256');
+  TLS1_RFC_DHE_RSA_WITH_AES_128_SHA256 = AnsiString('TLS_DHE_RSA_WITH_AES_128_CBC_SHA256');
+  TLS1_RFC_DHE_DSS_WITH_AES_256_SHA256 = AnsiString('TLS_DHE_DSS_WITH_AES_256_CBC_SHA256');
+  TLS1_RFC_DHE_RSA_WITH_AES_256_SHA256 = AnsiString('TLS_DHE_RSA_WITH_AES_256_CBC_SHA256');
+  TLS1_RFC_ADH_WITH_AES_128_SHA256 = AnsiString('TLS_DH_anon_WITH_AES_128_CBC_SHA256');
+  TLS1_RFC_ADH_WITH_AES_256_SHA256 = AnsiString('TLS_DH_anon_WITH_AES_256_CBC_SHA256');
+  TLS1_RFC_RSA_WITH_AES_128_GCM_SHA256 = AnsiString('TLS_RSA_WITH_AES_128_GCM_SHA256');
+  TLS1_RFC_RSA_WITH_AES_256_GCM_SHA384 = AnsiString('TLS_RSA_WITH_AES_256_GCM_SHA384');
+  TLS1_RFC_DHE_RSA_WITH_AES_128_GCM_SHA256 = AnsiString('TLS_DHE_RSA_WITH_AES_128_GCM_SHA256');
+  TLS1_RFC_DHE_RSA_WITH_AES_256_GCM_SHA384 = AnsiString('TLS_DHE_RSA_WITH_AES_256_GCM_SHA384');
+  TLS1_RFC_DHE_DSS_WITH_AES_128_GCM_SHA256 = AnsiString('TLS_DHE_DSS_WITH_AES_128_GCM_SHA256');
+  TLS1_RFC_DHE_DSS_WITH_AES_256_GCM_SHA384 = AnsiString('TLS_DHE_DSS_WITH_AES_256_GCM_SHA384');
+  TLS1_RFC_ADH_WITH_AES_128_GCM_SHA256 = AnsiString('TLS_DH_anon_WITH_AES_128_GCM_SHA256');
+  TLS1_RFC_ADH_WITH_AES_256_GCM_SHA384 = AnsiString('TLS_DH_anon_WITH_AES_256_GCM_SHA384');
+  TLS1_RFC_RSA_WITH_AES_128_CCM = AnsiString('TLS_RSA_WITH_AES_128_CCM');
+  TLS1_RFC_RSA_WITH_AES_256_CCM = AnsiString('TLS_RSA_WITH_AES_256_CCM');
+  TLS1_RFC_DHE_RSA_WITH_AES_128_CCM = AnsiString('TLS_DHE_RSA_WITH_AES_128_CCM');
+  TLS1_RFC_DHE_RSA_WITH_AES_256_CCM = AnsiString('TLS_DHE_RSA_WITH_AES_256_CCM');
+  TLS1_RFC_RSA_WITH_AES_128_CCM_8 = AnsiString('TLS_RSA_WITH_AES_128_CCM_8');
+  TLS1_RFC_RSA_WITH_AES_256_CCM_8 = AnsiString('TLS_RSA_WITH_AES_256_CCM_8');
+  TLS1_RFC_DHE_RSA_WITH_AES_128_CCM_8 = AnsiString('TLS_DHE_RSA_WITH_AES_128_CCM_8');
+  TLS1_RFC_DHE_RSA_WITH_AES_256_CCM_8 = AnsiString('TLS_DHE_RSA_WITH_AES_256_CCM_8');
+  TLS1_RFC_PSK_WITH_AES_128_CCM = AnsiString('TLS_PSK_WITH_AES_128_CCM');
+  TLS1_RFC_PSK_WITH_AES_256_CCM = AnsiString('TLS_PSK_WITH_AES_256_CCM');
+  TLS1_RFC_DHE_PSK_WITH_AES_128_CCM = AnsiString('TLS_DHE_PSK_WITH_AES_128_CCM');
+  TLS1_RFC_DHE_PSK_WITH_AES_256_CCM = AnsiString('TLS_DHE_PSK_WITH_AES_256_CCM');
+  TLS1_RFC_PSK_WITH_AES_128_CCM_8 = AnsiString('TLS_PSK_WITH_AES_128_CCM_8');
+  TLS1_RFC_PSK_WITH_AES_256_CCM_8 = AnsiString('TLS_PSK_WITH_AES_256_CCM_8');
+  TLS1_RFC_DHE_PSK_WITH_AES_128_CCM_8 = AnsiString('TLS_PSK_DHE_WITH_AES_128_CCM_8');
+  TLS1_RFC_DHE_PSK_WITH_AES_256_CCM_8 = AnsiString('TLS_PSK_DHE_WITH_AES_256_CCM_8');
+  TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_CCM = AnsiString('TLS_ECDHE_ECDSA_WITH_AES_128_CCM');
+  TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_CCM = AnsiString('TLS_ECDHE_ECDSA_WITH_AES_256_CCM');
+  TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_CCM_8 = AnsiString('TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8');
+  TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_CCM_8 = AnsiString('TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8');
+  TLS1_3_RFC_AES_128_GCM_SHA256 = AnsiString('TLS_AES_128_GCM_SHA256');
+  TLS1_3_RFC_AES_256_GCM_SHA384 = AnsiString('TLS_AES_256_GCM_SHA384');
+  TLS1_3_RFC_CHACHA20_POLY1305_SHA256 = AnsiString('TLS_CHACHA20_POLY1305_SHA256');
+  TLS1_3_RFC_AES_128_CCM_SHA256 = AnsiString('TLS_AES_128_CCM_SHA256');
+  TLS1_3_RFC_AES_128_CCM_8_SHA256 = AnsiString('TLS_AES_128_CCM_8_SHA256');
+  TLS1_RFC_ECDHE_ECDSA_WITH_NULL_SHA = AnsiString('TLS_ECDHE_ECDSA_WITH_NULL_SHA');
+  TLS1_RFC_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA = AnsiString('TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA');
+  TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_CBC_SHA = AnsiString('TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA');
+  TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_CBC_SHA = AnsiString('TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA');
+  TLS1_RFC_ECDHE_RSA_WITH_NULL_SHA = AnsiString('TLS_ECDHE_RSA_WITH_NULL_SHA');
+  TLS1_RFC_ECDHE_RSA_WITH_DES_192_CBC3_SHA = AnsiString('TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA');
+  TLS1_RFC_ECDHE_RSA_WITH_AES_128_CBC_SHA = AnsiString('TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA');
+  TLS1_RFC_ECDHE_RSA_WITH_AES_256_CBC_SHA = AnsiString('TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA');
+  TLS1_RFC_ECDH_anon_WITH_NULL_SHA = AnsiString('TLS_ECDH_anon_WITH_NULL_SHA');
+  TLS1_RFC_ECDH_anon_WITH_DES_192_CBC3_SHA = AnsiString('TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA');
+  TLS1_RFC_ECDH_anon_WITH_AES_128_CBC_SHA = AnsiString('TLS_ECDH_anon_WITH_AES_128_CBC_SHA');
+  TLS1_RFC_ECDH_anon_WITH_AES_256_CBC_SHA = AnsiString('TLS_ECDH_anon_WITH_AES_256_CBC_SHA');
+  TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_SHA256 = AnsiString('TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256');
+  TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_SHA384 = AnsiString('TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384');
+  TLS1_RFC_ECDHE_RSA_WITH_AES_128_SHA256 = AnsiString('TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256');
+  TLS1_RFC_ECDHE_RSA_WITH_AES_256_SHA384 = AnsiString('TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384');
+  TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 = AnsiString('TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256');
+  TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 = AnsiString('TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384');
+  TLS1_RFC_ECDHE_RSA_WITH_AES_128_GCM_SHA256 = AnsiString('TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256');
+  TLS1_RFC_ECDHE_RSA_WITH_AES_256_GCM_SHA384 = AnsiString('TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384');
+  TLS1_RFC_PSK_WITH_NULL_SHA = AnsiString('TLS_PSK_WITH_NULL_SHA');
+  TLS1_RFC_DHE_PSK_WITH_NULL_SHA = AnsiString('TLS_DHE_PSK_WITH_NULL_SHA');
+  TLS1_RFC_RSA_PSK_WITH_NULL_SHA = AnsiString('TLS_RSA_PSK_WITH_NULL_SHA');
+  TLS1_RFC_PSK_WITH_3DES_EDE_CBC_SHA = AnsiString('TLS_PSK_WITH_3DES_EDE_CBC_SHA');
+  TLS1_RFC_PSK_WITH_AES_128_CBC_SHA = AnsiString('TLS_PSK_WITH_AES_128_CBC_SHA');
+  TLS1_RFC_PSK_WITH_AES_256_CBC_SHA = AnsiString('TLS_PSK_WITH_AES_256_CBC_SHA');
+  TLS1_RFC_DHE_PSK_WITH_3DES_EDE_CBC_SHA = AnsiString('TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA');
+  TLS1_RFC_DHE_PSK_WITH_AES_128_CBC_SHA = AnsiString('TLS_DHE_PSK_WITH_AES_128_CBC_SHA');
+  TLS1_RFC_DHE_PSK_WITH_AES_256_CBC_SHA = AnsiString('TLS_DHE_PSK_WITH_AES_256_CBC_SHA');
+  TLS1_RFC_RSA_PSK_WITH_3DES_EDE_CBC_SHA = AnsiString('TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA');
+  TLS1_RFC_RSA_PSK_WITH_AES_128_CBC_SHA = AnsiString('TLS_RSA_PSK_WITH_AES_128_CBC_SHA');
+  TLS1_RFC_RSA_PSK_WITH_AES_256_CBC_SHA = AnsiString('TLS_RSA_PSK_WITH_AES_256_CBC_SHA');
+  TLS1_RFC_PSK_WITH_AES_128_GCM_SHA256 = AnsiString('TLS_PSK_WITH_AES_128_GCM_SHA256');
+  TLS1_RFC_PSK_WITH_AES_256_GCM_SHA384 = AnsiString('TLS_PSK_WITH_AES_256_GCM_SHA384');
+  TLS1_RFC_DHE_PSK_WITH_AES_128_GCM_SHA256 = AnsiString('TLS_DHE_PSK_WITH_AES_128_GCM_SHA256');
+  TLS1_RFC_DHE_PSK_WITH_AES_256_GCM_SHA384 = AnsiString('TLS_DHE_PSK_WITH_AES_256_GCM_SHA384');
+  TLS1_RFC_RSA_PSK_WITH_AES_128_GCM_SHA256 = AnsiString('TLS_RSA_PSK_WITH_AES_128_GCM_SHA256');
+  TLS1_RFC_RSA_PSK_WITH_AES_256_GCM_SHA384 = AnsiString('TLS_RSA_PSK_WITH_AES_256_GCM_SHA384');
+  TLS1_RFC_PSK_WITH_AES_128_CBC_SHA256 = AnsiString('TLS_PSK_WITH_AES_128_CBC_SHA256');
+  TLS1_RFC_PSK_WITH_AES_256_CBC_SHA384 = AnsiString('TLS_PSK_WITH_AES_256_CBC_SHA384');
+  TLS1_RFC_PSK_WITH_NULL_SHA256 = AnsiString('TLS_PSK_WITH_NULL_SHA256');
+  TLS1_RFC_PSK_WITH_NULL_SHA384 = AnsiString('TLS_PSK_WITH_NULL_SHA384');
+  TLS1_RFC_DHE_PSK_WITH_AES_128_CBC_SHA256 = AnsiString('TLS_DHE_PSK_WITH_AES_128_CBC_SHA256');
+  TLS1_RFC_DHE_PSK_WITH_AES_256_CBC_SHA384 = AnsiString('TLS_DHE_PSK_WITH_AES_256_CBC_SHA384');
+  TLS1_RFC_DHE_PSK_WITH_NULL_SHA256 = AnsiString('TLS_DHE_PSK_WITH_NULL_SHA256');
+  TLS1_RFC_DHE_PSK_WITH_NULL_SHA384 = AnsiString('TLS_DHE_PSK_WITH_NULL_SHA384');
+  TLS1_RFC_RSA_PSK_WITH_AES_128_CBC_SHA256 = AnsiString('TLS_RSA_PSK_WITH_AES_128_CBC_SHA256');
+  TLS1_RFC_RSA_PSK_WITH_AES_256_CBC_SHA384 = AnsiString('TLS_RSA_PSK_WITH_AES_256_CBC_SHA384');
+  TLS1_RFC_RSA_PSK_WITH_NULL_SHA256 = AnsiString('TLS_RSA_PSK_WITH_NULL_SHA256');
+  TLS1_RFC_RSA_PSK_WITH_NULL_SHA384 = AnsiString('TLS_RSA_PSK_WITH_NULL_SHA384');
+  TLS1_RFC_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA = AnsiString('TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA');
+  TLS1_RFC_ECDHE_PSK_WITH_AES_128_CBC_SHA = AnsiString('TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA');
+  TLS1_RFC_ECDHE_PSK_WITH_AES_256_CBC_SHA = AnsiString('TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA');
+  TLS1_RFC_ECDHE_PSK_WITH_AES_128_CBC_SHA256 = AnsiString('TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256');
+  TLS1_RFC_ECDHE_PSK_WITH_AES_256_CBC_SHA384 = AnsiString('TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384');
+  TLS1_RFC_ECDHE_PSK_WITH_NULL_SHA = AnsiString('TLS_ECDHE_PSK_WITH_NULL_SHA');
+  TLS1_RFC_ECDHE_PSK_WITH_NULL_SHA256 = AnsiString('TLS_ECDHE_PSK_WITH_NULL_SHA256');
+  TLS1_RFC_ECDHE_PSK_WITH_NULL_SHA384 = AnsiString('TLS_ECDHE_PSK_WITH_NULL_SHA384');
+  TLS1_RFC_SRP_SHA_WITH_3DES_EDE_CBC_SHA = AnsiString('TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA');
+  TLS1_RFC_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA = AnsiString('TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA');
+  TLS1_RFC_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA = AnsiString('TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA');
+  TLS1_RFC_SRP_SHA_WITH_AES_128_CBC_SHA = AnsiString('TLS_SRP_SHA_WITH_AES_128_CBC_SHA');
+  TLS1_RFC_SRP_SHA_RSA_WITH_AES_128_CBC_SHA = AnsiString('TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA');
+  TLS1_RFC_SRP_SHA_DSS_WITH_AES_128_CBC_SHA = AnsiString('TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA');
+  TLS1_RFC_SRP_SHA_WITH_AES_256_CBC_SHA = AnsiString('TLS_SRP_SHA_WITH_AES_256_CBC_SHA');
+  TLS1_RFC_SRP_SHA_RSA_WITH_AES_256_CBC_SHA = AnsiString('TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA');
+  TLS1_RFC_SRP_SHA_DSS_WITH_AES_256_CBC_SHA = AnsiString('TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA');
+  TLS1_RFC_DHE_RSA_WITH_CHACHA20_POLY1305 = AnsiString('TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256');
+  TLS1_RFC_ECDHE_RSA_WITH_CHACHA20_POLY1305 = AnsiString('TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256');
+  TLS1_RFC_ECDHE_ECDSA_WITH_CHACHA20_POLY1305 = AnsiString('TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256');
+  TLS1_RFC_PSK_WITH_CHACHA20_POLY1305 = AnsiString('TLS_PSK_WITH_CHACHA20_POLY1305_SHA256');
+  TLS1_RFC_ECDHE_PSK_WITH_CHACHA20_POLY1305 = AnsiString('TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256');
+  TLS1_RFC_DHE_PSK_WITH_CHACHA20_POLY1305 = AnsiString('TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256');
+  TLS1_RFC_RSA_PSK_WITH_CHACHA20_POLY1305 = AnsiString('TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256');
+  TLS1_RFC_RSA_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256');
+  TLS1_RFC_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256');
+  TLS1_RFC_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256');
+  TLS1_RFC_ADH_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256');
+  TLS1_RFC_RSA_WITH_CAMELLIA_256_CBC_SHA256 = AnsiString('TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256');
+  TLS1_RFC_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256 = AnsiString('TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256');
+  TLS1_RFC_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 = AnsiString('TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256');
+  TLS1_RFC_ADH_WITH_CAMELLIA_256_CBC_SHA256 = AnsiString('TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256');
+  TLS1_RFC_RSA_WITH_CAMELLIA_256_CBC_SHA = AnsiString('TLS_RSA_WITH_CAMELLIA_256_CBC_SHA');
+  TLS1_RFC_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA = AnsiString('TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA');
+  TLS1_RFC_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA = AnsiString('TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA');
+  TLS1_RFC_ADH_WITH_CAMELLIA_256_CBC_SHA = AnsiString('TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA');
+  TLS1_RFC_RSA_WITH_CAMELLIA_128_CBC_SHA = AnsiString('TLS_RSA_WITH_CAMELLIA_128_CBC_SHA');
+  TLS1_RFC_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA = AnsiString('TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA');
+  TLS1_RFC_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA = AnsiString('TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA');
+  TLS1_RFC_ADH_WITH_CAMELLIA_128_CBC_SHA = AnsiString('TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA');
+  TLS1_RFC_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256');
+  TLS1_RFC_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 = AnsiString('TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384');
+  TLS1_RFC_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256');
+  TLS1_RFC_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 = AnsiString('TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384');
+  TLS1_RFC_PSK_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256');
+  TLS1_RFC_PSK_WITH_CAMELLIA_256_CBC_SHA384 = AnsiString('TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384');
+  TLS1_RFC_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256');
+  TLS1_RFC_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 = AnsiString('TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384');
+  TLS1_RFC_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256');
+  TLS1_RFC_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 = AnsiString('TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384');
+  TLS1_RFC_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256');
+  TLS1_RFC_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 = AnsiString('TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384');
+  TLS1_RFC_RSA_WITH_SEED_SHA = AnsiString('TLS_RSA_WITH_SEED_CBC_SHA');
+  TLS1_RFC_DHE_DSS_WITH_SEED_SHA = AnsiString('TLS_DHE_DSS_WITH_SEED_CBC_SHA');
+  TLS1_RFC_DHE_RSA_WITH_SEED_SHA = AnsiString('TLS_DHE_RSA_WITH_SEED_CBC_SHA');
+  TLS1_RFC_ADH_WITH_SEED_SHA = AnsiString('TLS_DH_anon_WITH_SEED_CBC_SHA');
+  TLS1_RFC_ECDHE_PSK_WITH_RC4_128_SHA = AnsiString('TLS_ECDHE_PSK_WITH_RC4_128_SHA');
+  TLS1_RFC_ECDH_anon_WITH_RC4_128_SHA = AnsiString('TLS_ECDH_anon_WITH_RC4_128_SHA');
+  TLS1_RFC_ECDHE_ECDSA_WITH_RC4_128_SHA = AnsiString('TLS_ECDHE_ECDSA_WITH_RC4_128_SHA');
+  TLS1_RFC_ECDHE_RSA_WITH_RC4_128_SHA = AnsiString('TLS_ECDHE_RSA_WITH_RC4_128_SHA');
+  TLS1_RFC_PSK_WITH_RC4_128_SHA = AnsiString('TLS_PSK_WITH_RC4_128_SHA');
+  TLS1_RFC_RSA_PSK_WITH_RC4_128_SHA = AnsiString('TLS_RSA_PSK_WITH_RC4_128_SHA');
+  TLS1_RFC_DHE_PSK_WITH_RC4_128_SHA = AnsiString('TLS_DHE_PSK_WITH_RC4_128_SHA');
+  TLS1_RFC_RSA_WITH_ARIA_128_GCM_SHA256 = AnsiString('TLS_RSA_WITH_ARIA_128_GCM_SHA256');
+  TLS1_RFC_RSA_WITH_ARIA_256_GCM_SHA384 = AnsiString('TLS_RSA_WITH_ARIA_256_GCM_SHA384');
+  TLS1_RFC_DHE_RSA_WITH_ARIA_128_GCM_SHA256 = AnsiString('TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256');
+  TLS1_RFC_DHE_RSA_WITH_ARIA_256_GCM_SHA384 = AnsiString('TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384');
+  TLS1_RFC_DH_RSA_WITH_ARIA_128_GCM_SHA256 = AnsiString('TLS_DH_RSA_WITH_ARIA_128_GCM_SHA256');
+  TLS1_RFC_DH_RSA_WITH_ARIA_256_GCM_SHA384 = AnsiString('TLS_DH_RSA_WITH_ARIA_256_GCM_SHA384');
+  TLS1_RFC_DHE_DSS_WITH_ARIA_128_GCM_SHA256 = AnsiString('TLS_DHE_DSS_WITH_ARIA_128_GCM_SHA256');
+  TLS1_RFC_DHE_DSS_WITH_ARIA_256_GCM_SHA384 = AnsiString('TLS_DHE_DSS_WITH_ARIA_256_GCM_SHA384');
+  TLS1_RFC_DH_DSS_WITH_ARIA_128_GCM_SHA256 = AnsiString('TLS_DH_DSS_WITH_ARIA_128_GCM_SHA256');
+  TLS1_RFC_DH_DSS_WITH_ARIA_256_GCM_SHA384 = AnsiString('TLS_DH_DSS_WITH_ARIA_256_GCM_SHA384');
+  TLS1_RFC_DH_anon_WITH_ARIA_128_GCM_SHA256 = AnsiString('TLS_DH_anon_WITH_ARIA_128_GCM_SHA256');
+  TLS1_RFC_DH_anon_WITH_ARIA_256_GCM_SHA384 = AnsiString('TLS_DH_anon_WITH_ARIA_256_GCM_SHA384');
+  TLS1_RFC_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256 = AnsiString('TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256');
+  TLS1_RFC_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384 = AnsiString('TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384');
+  TLS1_RFC_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256 = AnsiString('TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256');
+  TLS1_RFC_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384 = AnsiString('TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384');
+  TLS1_RFC_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 = AnsiString('TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256');
+  TLS1_RFC_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 = AnsiString('TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384');
+  TLS1_RFC_ECDH_RSA_WITH_ARIA_128_GCM_SHA256 = AnsiString('TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256');
+  TLS1_RFC_ECDH_RSA_WITH_ARIA_256_GCM_SHA384 = AnsiString('TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384');
+  TLS1_RFC_PSK_WITH_ARIA_128_GCM_SHA256 = AnsiString('TLS_PSK_WITH_ARIA_128_GCM_SHA256');
+  TLS1_RFC_PSK_WITH_ARIA_256_GCM_SHA384 = AnsiString('TLS_PSK_WITH_ARIA_256_GCM_SHA384');
+  TLS1_RFC_DHE_PSK_WITH_ARIA_128_GCM_SHA256 = AnsiString('TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256');
+  TLS1_RFC_DHE_PSK_WITH_ARIA_256_GCM_SHA384 = AnsiString('TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384');
+  TLS1_RFC_RSA_PSK_WITH_ARIA_128_GCM_SHA256 = AnsiString('TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256');
+  TLS1_RFC_RSA_PSK_WITH_ARIA_256_GCM_SHA384 = AnsiString('TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384');
 
   (*
    * XXX Backward compatibility alert: Older versions of OpenSSL gave some DHE
@@ -714,293 +714,293 @@ interface
    * using DHE everywhere, though we may indefinitely maTIdC_INTain aliases for
    * users or configurations that used "EDH"
    *)
-  TLS1_TXT_DHE_DSS_WITH_RC4_128_SHA = 'DHE-DSS-RC4-SHA';
+  TLS1_TXT_DHE_DSS_WITH_RC4_128_SHA = AnsiString('DHE-DSS-RC4-SHA');
 
-  TLS1_TXT_PSK_WITH_NULL_SHA = 'PSK-NULL-SHA';
-  TLS1_TXT_DHE_PSK_WITH_NULL_SHA = 'DHE-PSK-NULL-SHA';
-  TLS1_TXT_RSA_PSK_WITH_NULL_SHA = 'RSA-PSK-NULL-SHA';
+  TLS1_TXT_PSK_WITH_NULL_SHA = AnsiString('PSK-NULL-SHA');
+  TLS1_TXT_DHE_PSK_WITH_NULL_SHA = AnsiString('DHE-PSK-NULL-SHA');
+  TLS1_TXT_RSA_PSK_WITH_NULL_SHA = AnsiString('RSA-PSK-NULL-SHA');
 
   (* AES ciphersuites from RFC3268 *)
-  TLS1_TXT_RSA_WITH_AES_128_SHA = 'AES128-SHA';
-  TLS1_TXT_DH_DSS_WITH_AES_128_SHA = 'DH-DSS-AES128-SHA';
-  TLS1_TXT_DH_RSA_WITH_AES_128_SHA = 'DH-RSA-AES128-SHA';
-  TLS1_TXT_DHE_DSS_WITH_AES_128_SHA = 'DHE-DSS-AES128-SHA';
-  TLS1_TXT_DHE_RSA_WITH_AES_128_SHA = 'DHE-RSA-AES128-SHA';
-  TLS1_TXT_ADH_WITH_AES_128_SHA = 'ADH-AES128-SHA';
-
-  TLS1_TXT_RSA_WITH_AES_256_SHA = 'AES256-SHA';
-  TLS1_TXT_DH_DSS_WITH_AES_256_SHA = 'DH-DSS-AES256-SHA';
-  TLS1_TXT_DH_RSA_WITH_AES_256_SHA = 'DH-RSA-AES256-SHA';
-  TLS1_TXT_DHE_DSS_WITH_AES_256_SHA = 'DHE-DSS-AES256-SHA';
-  TLS1_TXT_DHE_RSA_WITH_AES_256_SHA = 'DHE-RSA-AES256-SHA';
-  TLS1_TXT_ADH_WITH_AES_256_SHA = 'ADH-AES256-SHA';
+  TLS1_TXT_RSA_WITH_AES_128_SHA = AnsiString('AES128-SHA');
+  TLS1_TXT_DH_DSS_WITH_AES_128_SHA = AnsiString('DH-DSS-AES128-SHA');
+  TLS1_TXT_DH_RSA_WITH_AES_128_SHA = AnsiString('DH-RSA-AES128-SHA');
+  TLS1_TXT_DHE_DSS_WITH_AES_128_SHA = AnsiString('DHE-DSS-AES128-SHA');
+  TLS1_TXT_DHE_RSA_WITH_AES_128_SHA = AnsiString('DHE-RSA-AES128-SHA');
+  TLS1_TXT_ADH_WITH_AES_128_SHA = AnsiString('ADH-AES128-SHA');
+
+  TLS1_TXT_RSA_WITH_AES_256_SHA = AnsiString('AES256-SHA');
+  TLS1_TXT_DH_DSS_WITH_AES_256_SHA = AnsiString('DH-DSS-AES256-SHA');
+  TLS1_TXT_DH_RSA_WITH_AES_256_SHA = AnsiString('DH-RSA-AES256-SHA');
+  TLS1_TXT_DHE_DSS_WITH_AES_256_SHA = AnsiString('DHE-DSS-AES256-SHA');
+  TLS1_TXT_DHE_RSA_WITH_AES_256_SHA = AnsiString('DHE-RSA-AES256-SHA');
+  TLS1_TXT_ADH_WITH_AES_256_SHA = AnsiString('ADH-AES256-SHA');
 
   (* ECC ciphersuites from RFC4492 *)
-  TLS1_TXT_ECDH_ECDSA_WITH_NULL_SHA = 'ECDH-ECDSA-NULL-SHA';
-  TLS1_TXT_ECDH_ECDSA_WITH_RC4_128_SHA = 'ECDH-ECDSA-RC4-SHA';
-  TLS1_TXT_ECDH_ECDSA_WITH_DES_192_CBC3_SHA = 'ECDH-ECDSA-DES-CBC3-SHA';
-  TLS1_TXT_ECDH_ECDSA_WITH_AES_128_CBC_SHA = 'ECDH-ECDSA-AES128-SHA';
-  TLS1_TXT_ECDH_ECDSA_WITH_AES_256_CBC_SHA = 'ECDH-ECDSA-AES256-SHA';
-
-  TLS1_TXT_ECDHE_ECDSA_WITH_NULL_SHA = 'ECDHE-ECDSA-NULL-SHA';
-  TLS1_TXT_ECDHE_ECDSA_WITH_RC4_128_SHA = 'ECDHE-ECDSA-RC4-SHA';
-  TLS1_TXT_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA = 'ECDHE-ECDSA-DES-CBC3-SHA';
-  TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CBC_SHA = 'ECDHE-ECDSA-AES128-SHA';
-  TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CBC_SHA = 'ECDHE-ECDSA-AES256-SHA';
-
-  TLS1_TXT_ECDH_RSA_WITH_NULL_SHA = 'ECDH-RSA-NULL-SHA';
-  TLS1_TXT_ECDH_RSA_WITH_RC4_128_SHA = 'ECDH-RSA-RC4-SHA';
-  TLS1_TXT_ECDH_RSA_WITH_DES_192_CBC3_SHA = 'ECDH-RSA-DES-CBC3-SHA';
-  TLS1_TXT_ECDH_RSA_WITH_AES_128_CBC_SHA = 'ECDH-RSA-AES128-SHA';
-  TLS1_TXT_ECDH_RSA_WITH_AES_256_CBC_SHA = 'ECDH-RSA-AES256-SHA';
-
-  TLS1_TXT_ECDHE_RSA_WITH_NULL_SHA = 'ECDHE-RSA-NULL-SHA';
-  TLS1_TXT_ECDHE_RSA_WITH_RC4_128_SHA = 'ECDHE-RSA-RC4-SHA';
-  TLS1_TXT_ECDHE_RSA_WITH_DES_192_CBC3_SHA = 'ECDHE-RSA-DES-CBC3-SHA';
-  TLS1_TXT_ECDHE_RSA_WITH_AES_128_CBC_SHA = 'ECDHE-RSA-AES128-SHA';
-  TLS1_TXT_ECDHE_RSA_WITH_AES_256_CBC_SHA = 'ECDHE-RSA-AES256-SHA';
-
-  TLS1_TXT_ECDH_anon_WITH_NULL_SHA = 'AECDH-NULL-SHA';
-  TLS1_TXT_ECDH_anon_WITH_RC4_128_SHA = 'AECDH-RC4-SHA';
-  TLS1_TXT_ECDH_anon_WITH_DES_192_CBC3_SHA = 'AECDH-DES-CBC3-SHA';
-  TLS1_TXT_ECDH_anon_WITH_AES_128_CBC_SHA = 'AECDH-AES128-SHA';
-  TLS1_TXT_ECDH_anon_WITH_AES_256_CBC_SHA = 'AECDH-AES256-SHA';
+  TLS1_TXT_ECDH_ECDSA_WITH_NULL_SHA = AnsiString('ECDH-ECDSA-NULL-SHA');
+  TLS1_TXT_ECDH_ECDSA_WITH_RC4_128_SHA = AnsiString('ECDH-ECDSA-RC4-SHA');
+  TLS1_TXT_ECDH_ECDSA_WITH_DES_192_CBC3_SHA = AnsiString('ECDH-ECDSA-DES-CBC3-SHA');
+  TLS1_TXT_ECDH_ECDSA_WITH_AES_128_CBC_SHA = AnsiString('ECDH-ECDSA-AES128-SHA');
+  TLS1_TXT_ECDH_ECDSA_WITH_AES_256_CBC_SHA = AnsiString('ECDH-ECDSA-AES256-SHA');
+
+  TLS1_TXT_ECDHE_ECDSA_WITH_NULL_SHA = AnsiString('ECDHE-ECDSA-NULL-SHA');
+  TLS1_TXT_ECDHE_ECDSA_WITH_RC4_128_SHA = AnsiString('ECDHE-ECDSA-RC4-SHA');
+  TLS1_TXT_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA = AnsiString('ECDHE-ECDSA-DES-CBC3-SHA');
+  TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CBC_SHA = AnsiString('ECDHE-ECDSA-AES128-SHA');
+  TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CBC_SHA = AnsiString('ECDHE-ECDSA-AES256-SHA');
+
+  TLS1_TXT_ECDH_RSA_WITH_NULL_SHA = AnsiString('ECDH-RSA-NULL-SHA');
+  TLS1_TXT_ECDH_RSA_WITH_RC4_128_SHA = AnsiString('ECDH-RSA-RC4-SHA');
+  TLS1_TXT_ECDH_RSA_WITH_DES_192_CBC3_SHA = AnsiString('ECDH-RSA-DES-CBC3-SHA');
+  TLS1_TXT_ECDH_RSA_WITH_AES_128_CBC_SHA = AnsiString('ECDH-RSA-AES128-SHA');
+  TLS1_TXT_ECDH_RSA_WITH_AES_256_CBC_SHA = AnsiString('ECDH-RSA-AES256-SHA');
+
+  TLS1_TXT_ECDHE_RSA_WITH_NULL_SHA = AnsiString('ECDHE-RSA-NULL-SHA');
+  TLS1_TXT_ECDHE_RSA_WITH_RC4_128_SHA = AnsiString('ECDHE-RSA-RC4-SHA');
+  TLS1_TXT_ECDHE_RSA_WITH_DES_192_CBC3_SHA = AnsiString('ECDHE-RSA-DES-CBC3-SHA');
+  TLS1_TXT_ECDHE_RSA_WITH_AES_128_CBC_SHA = AnsiString('ECDHE-RSA-AES128-SHA');
+  TLS1_TXT_ECDHE_RSA_WITH_AES_256_CBC_SHA = AnsiString('ECDHE-RSA-AES256-SHA');
+
+  TLS1_TXT_ECDH_anon_WITH_NULL_SHA = AnsiString('AECDH-NULL-SHA');
+  TLS1_TXT_ECDH_anon_WITH_RC4_128_SHA = AnsiString('AECDH-RC4-SHA');
+  TLS1_TXT_ECDH_anon_WITH_DES_192_CBC3_SHA = AnsiString('AECDH-DES-CBC3-SHA');
+  TLS1_TXT_ECDH_anon_WITH_AES_128_CBC_SHA = AnsiString('AECDH-AES128-SHA');
+  TLS1_TXT_ECDH_anon_WITH_AES_256_CBC_SHA = AnsiString('AECDH-AES256-SHA');
 
   (* PSK ciphersuites from RFC 4279 *)
-  TLS1_TXT_PSK_WITH_RC4_128_SHA = 'PSK-RC4-SHA';
-  TLS1_TXT_PSK_WITH_3DES_EDE_CBC_SHA = 'PSK-3DES-EDE-CBC-SHA';
-  TLS1_TXT_PSK_WITH_AES_128_CBC_SHA = 'PSK-AES128-CBC-SHA';
-  TLS1_TXT_PSK_WITH_AES_256_CBC_SHA = 'PSK-AES256-CBC-SHA';
-
-  TLS1_TXT_DHE_PSK_WITH_RC4_128_SHA = 'DHE-PSK-RC4-SHA';
-  TLS1_TXT_DHE_PSK_WITH_3DES_EDE_CBC_SHA = 'DHE-PSK-3DES-EDE-CBC-SHA';
-  TLS1_TXT_DHE_PSK_WITH_AES_128_CBC_SHA = 'DHE-PSK-AES128-CBC-SHA';
-  TLS1_TXT_DHE_PSK_WITH_AES_256_CBC_SHA = 'DHE-PSK-AES256-CBC-SHA';
-  TLS1_TXT_RSA_PSK_WITH_RC4_128_SHA = 'RSA-PSK-RC4-SHA';
-  TLS1_TXT_RSA_PSK_WITH_3DES_EDE_CBC_SHA = 'RSA-PSK-3DES-EDE-CBC-SHA';
-  TLS1_TXT_RSA_PSK_WITH_AES_128_CBC_SHA = 'RSA-PSK-AES128-CBC-SHA';
-  TLS1_TXT_RSA_PSK_WITH_AES_256_CBC_SHA = 'RSA-PSK-AES256-CBC-SHA';
+  TLS1_TXT_PSK_WITH_RC4_128_SHA = AnsiString('PSK-RC4-SHA');
+  TLS1_TXT_PSK_WITH_3DES_EDE_CBC_SHA = AnsiString('PSK-3DES-EDE-CBC-SHA');
+  TLS1_TXT_PSK_WITH_AES_128_CBC_SHA = AnsiString('PSK-AES128-CBC-SHA');
+  TLS1_TXT_PSK_WITH_AES_256_CBC_SHA = AnsiString('PSK-AES256-CBC-SHA');
+
+  TLS1_TXT_DHE_PSK_WITH_RC4_128_SHA = AnsiString('DHE-PSK-RC4-SHA');
+  TLS1_TXT_DHE_PSK_WITH_3DES_EDE_CBC_SHA = AnsiString('DHE-PSK-3DES-EDE-CBC-SHA');
+  TLS1_TXT_DHE_PSK_WITH_AES_128_CBC_SHA = AnsiString('DHE-PSK-AES128-CBC-SHA');
+  TLS1_TXT_DHE_PSK_WITH_AES_256_CBC_SHA = AnsiString('DHE-PSK-AES256-CBC-SHA');
+  TLS1_TXT_RSA_PSK_WITH_RC4_128_SHA = AnsiString('RSA-PSK-RC4-SHA');
+  TLS1_TXT_RSA_PSK_WITH_3DES_EDE_CBC_SHA = AnsiString('RSA-PSK-3DES-EDE-CBC-SHA');
+  TLS1_TXT_RSA_PSK_WITH_AES_128_CBC_SHA = AnsiString('RSA-PSK-AES128-CBC-SHA');
+  TLS1_TXT_RSA_PSK_WITH_AES_256_CBC_SHA = AnsiString('RSA-PSK-AES256-CBC-SHA');
 
   (* PSK ciphersuites from RFC 5487 *)
-  TLS1_TXT_PSK_WITH_AES_128_GCM_SHA256 = 'PSK-AES128-GCM-SHA256';
-  TLS1_TXT_PSK_WITH_AES_256_GCM_SHA384 = 'PSK-AES256-GCM-SHA384';
-  TLS1_TXT_DHE_PSK_WITH_AES_128_GCM_SHA256 = 'DHE-PSK-AES128-GCM-SHA256';
-  TLS1_TXT_DHE_PSK_WITH_AES_256_GCM_SHA384 = 'DHE-PSK-AES256-GCM-SHA384';
-  TLS1_TXT_RSA_PSK_WITH_AES_128_GCM_SHA256 = 'RSA-PSK-AES128-GCM-SHA256';
-  TLS1_TXT_RSA_PSK_WITH_AES_256_GCM_SHA384 = 'RSA-PSK-AES256-GCM-SHA384';
-
-  TLS1_TXT_PSK_WITH_AES_128_CBC_SHA256 = 'PSK-AES128-CBC-SHA256';
-  TLS1_TXT_PSK_WITH_AES_256_CBC_SHA384 = 'PSK-AES256-CBC-SHA384';
-  TLS1_TXT_PSK_WITH_NULL_SHA256 = 'PSK-NULL-SHA256';
-  TLS1_TXT_PSK_WITH_NULL_SHA384 = 'PSK-NULL-SHA384';
-
-  TLS1_TXT_DHE_PSK_WITH_AES_128_CBC_SHA256 = 'DHE-PSK-AES128-CBC-SHA256';
-  TLS1_TXT_DHE_PSK_WITH_AES_256_CBC_SHA384 = 'DHE-PSK-AES256-CBC-SHA384';
-  TLS1_TXT_DHE_PSK_WITH_NULL_SHA256 = 'DHE-PSK-NULL-SHA256';
-  TLS1_TXT_DHE_PSK_WITH_NULL_SHA384 = 'DHE-PSK-NULL-SHA384';
-
-  TLS1_TXT_RSA_PSK_WITH_AES_128_CBC_SHA256 = 'RSA-PSK-AES128-CBC-SHA256';
-  TLS1_TXT_RSA_PSK_WITH_AES_256_CBC_SHA384 = 'RSA-PSK-AES256-CBC-SHA384';
-  TLS1_TXT_RSA_PSK_WITH_NULL_SHA256 = 'RSA-PSK-NULL-SHA256';
-  TLS1_TXT_RSA_PSK_WITH_NULL_SHA384 = 'RSA-PSK-NULL-SHA384';
+  TLS1_TXT_PSK_WITH_AES_128_GCM_SHA256 = AnsiString('PSK-AES128-GCM-SHA256');
+  TLS1_TXT_PSK_WITH_AES_256_GCM_SHA384 = AnsiString('PSK-AES256-GCM-SHA384');
+  TLS1_TXT_DHE_PSK_WITH_AES_128_GCM_SHA256 = AnsiString('DHE-PSK-AES128-GCM-SHA256');
+  TLS1_TXT_DHE_PSK_WITH_AES_256_GCM_SHA384 = AnsiString('DHE-PSK-AES256-GCM-SHA384');
+  TLS1_TXT_RSA_PSK_WITH_AES_128_GCM_SHA256 = AnsiString('RSA-PSK-AES128-GCM-SHA256');
+  TLS1_TXT_RSA_PSK_WITH_AES_256_GCM_SHA384 = AnsiString('RSA-PSK-AES256-GCM-SHA384');
+
+  TLS1_TXT_PSK_WITH_AES_128_CBC_SHA256 = AnsiString('PSK-AES128-CBC-SHA256');
+  TLS1_TXT_PSK_WITH_AES_256_CBC_SHA384 = AnsiString('PSK-AES256-CBC-SHA384');
+  TLS1_TXT_PSK_WITH_NULL_SHA256 = AnsiString('PSK-NULL-SHA256');
+  TLS1_TXT_PSK_WITH_NULL_SHA384 = AnsiString('PSK-NULL-SHA384');
+
+  TLS1_TXT_DHE_PSK_WITH_AES_128_CBC_SHA256 = AnsiString('DHE-PSK-AES128-CBC-SHA256');
+  TLS1_TXT_DHE_PSK_WITH_AES_256_CBC_SHA384 = AnsiString('DHE-PSK-AES256-CBC-SHA384');
+  TLS1_TXT_DHE_PSK_WITH_NULL_SHA256 = AnsiString('DHE-PSK-NULL-SHA256');
+  TLS1_TXT_DHE_PSK_WITH_NULL_SHA384 = AnsiString('DHE-PSK-NULL-SHA384');
+
+  TLS1_TXT_RSA_PSK_WITH_AES_128_CBC_SHA256 = AnsiString('RSA-PSK-AES128-CBC-SHA256');
+  TLS1_TXT_RSA_PSK_WITH_AES_256_CBC_SHA384 = AnsiString('RSA-PSK-AES256-CBC-SHA384');
+  TLS1_TXT_RSA_PSK_WITH_NULL_SHA256 = AnsiString('RSA-PSK-NULL-SHA256');
+  TLS1_TXT_RSA_PSK_WITH_NULL_SHA384 = AnsiString('RSA-PSK-NULL-SHA384');
 
   (* SRP ciphersuite from RFC 5054 *)
-  TLS1_TXT_SRP_SHA_WITH_3DES_EDE_CBC_SHA = 'SRP-3DES-EDE-CBC-SHA';
-  TLS1_TXT_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA = 'SRP-RSA-3DES-EDE-CBC-SHA';
-  TLS1_TXT_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA = 'SRP-DSS-3DES-EDE-CBC-SHA';
-  TLS1_TXT_SRP_SHA_WITH_AES_128_CBC_SHA = 'SRP-AES-128-CBC-SHA';
-  TLS1_TXT_SRP_SHA_RSA_WITH_AES_128_CBC_SHA = 'SRP-RSA-AES-128-CBC-SHA';
-  TLS1_TXT_SRP_SHA_DSS_WITH_AES_128_CBC_SHA = 'SRP-DSS-AES-128-CBC-SHA';
-  TLS1_TXT_SRP_SHA_WITH_AES_256_CBC_SHA = 'SRP-AES-256-CBC-SHA';
-  TLS1_TXT_SRP_SHA_RSA_WITH_AES_256_CBC_SHA = 'SRP-RSA-AES-256-CBC-SHA';
-  TLS1_TXT_SRP_SHA_DSS_WITH_AES_256_CBC_SHA = 'SRP-DSS-AES-256-CBC-SHA';
+  TLS1_TXT_SRP_SHA_WITH_3DES_EDE_CBC_SHA = AnsiString('SRP-3DES-EDE-CBC-SHA');
+  TLS1_TXT_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA = AnsiString('SRP-RSA-3DES-EDE-CBC-SHA');
+  TLS1_TXT_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA = AnsiString('SRP-DSS-3DES-EDE-CBC-SHA');
+  TLS1_TXT_SRP_SHA_WITH_AES_128_CBC_SHA = AnsiString('SRP-AES-128-CBC-SHA');
+  TLS1_TXT_SRP_SHA_RSA_WITH_AES_128_CBC_SHA = AnsiString('SRP-RSA-AES-128-CBC-SHA');
+  TLS1_TXT_SRP_SHA_DSS_WITH_AES_128_CBC_SHA = AnsiString('SRP-DSS-AES-128-CBC-SHA');
+  TLS1_TXT_SRP_SHA_WITH_AES_256_CBC_SHA = AnsiString('SRP-AES-256-CBC-SHA');
+  TLS1_TXT_SRP_SHA_RSA_WITH_AES_256_CBC_SHA = AnsiString('SRP-RSA-AES-256-CBC-SHA');
+  TLS1_TXT_SRP_SHA_DSS_WITH_AES_256_CBC_SHA = AnsiString('SRP-DSS-AES-256-CBC-SHA');
 
   (* Camellia ciphersuites from RFC4132 *)
-  TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA = 'CAMELLIA128-SHA';
-  TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA = 'DH-DSS-CAMELLIA128-SHA';
-  TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA = 'DH-RSA-CAMELLIA128-SHA';
-  TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA = 'DHE-DSS-CAMELLIA128-SHA';
-  TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA = 'DHE-RSA-CAMELLIA128-SHA';
-  TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA = 'ADH-CAMELLIA128-SHA';
-
-  TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA = 'CAMELLIA256-SHA';
-  TLS1_TXT_DH_DSS_WITH_CAMELLIA_256_CBC_SHA = 'DH-DSS-CAMELLIA256-SHA';
-  TLS1_TXT_DH_RSA_WITH_CAMELLIA_256_CBC_SHA = 'DH-RSA-CAMELLIA256-SHA';
-  TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA = 'DHE-DSS-CAMELLIA256-SHA';
-  TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA = 'DHE-RSA-CAMELLIA256-SHA';
-  TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA = 'ADH-CAMELLIA256-SHA';
+  TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA = AnsiString('CAMELLIA128-SHA');
+  TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA = AnsiString('DH-DSS-CAMELLIA128-SHA');
+  TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA = AnsiString('DH-RSA-CAMELLIA128-SHA');
+  TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA = AnsiString('DHE-DSS-CAMELLIA128-SHA');
+  TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA = AnsiString('DHE-RSA-CAMELLIA128-SHA');
+  TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA = AnsiString('ADH-CAMELLIA128-SHA');
+
+  TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA = AnsiString('CAMELLIA256-SHA');
+  TLS1_TXT_DH_DSS_WITH_CAMELLIA_256_CBC_SHA = AnsiString('DH-DSS-CAMELLIA256-SHA');
+  TLS1_TXT_DH_RSA_WITH_CAMELLIA_256_CBC_SHA = AnsiString('DH-RSA-CAMELLIA256-SHA');
+  TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA = AnsiString('DHE-DSS-CAMELLIA256-SHA');
+  TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA = AnsiString('DHE-RSA-CAMELLIA256-SHA');
+  TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA = AnsiString('ADH-CAMELLIA256-SHA');
 
   (* TLS 1.2 Camellia SHA-256 ciphersuites from RFC5932 *)
-  TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 'CAMELLIA128-SHA256';
-  TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256 = 'DH-DSS-CAMELLIA128-SHA256';
-  TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 'DH-RSA-CAMELLIA128-SHA256';
-  TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256 = 'DHE-DSS-CAMELLIA128-SHA256';
-  TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 'DHE-RSA-CAMELLIA128-SHA256';
-  TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA256 = 'ADH-CAMELLIA128-SHA256';
-
-  TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA256 = 'CAMELLIA256-SHA256';
-  TLS1_TXT_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256 = 'DH-DSS-CAMELLIA256-SHA256';
-  TLS1_TXT_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256 = 'DH-RSA-CAMELLIA256-SHA256';
-  TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256 = 'DHE-DSS-CAMELLIA256-SHA256';
-  TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 = 'DHE-RSA-CAMELLIA256-SHA256';
-  TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA256 = 'ADH-CAMELLIA256-SHA256';
-
-  TLS1_TXT_PSK_WITH_CAMELLIA_128_CBC_SHA256 = 'PSK-CAMELLIA128-SHA256';
-  TLS1_TXT_PSK_WITH_CAMELLIA_256_CBC_SHA384 = 'PSK-CAMELLIA256-SHA384';
-  TLS1_TXT_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 = 'DHE-PSK-CAMELLIA128-SHA256';
-  TLS1_TXT_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 = 'DHE-PSK-CAMELLIA256-SHA384';
-  TLS1_TXT_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 = 'RSA-PSK-CAMELLIA128-SHA256';
-  TLS1_TXT_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 = 'RSA-PSK-CAMELLIA256-SHA384';
-  TLS1_TXT_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 = 'ECDHE-PSK-CAMELLIA128-SHA256';
-  TLS1_TXT_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 = 'ECDHE-PSK-CAMELLIA256-SHA384';
+  TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('CAMELLIA128-SHA256');
+  TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('DH-DSS-CAMELLIA128-SHA256');
+  TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('DH-RSA-CAMELLIA128-SHA256');
+  TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('DHE-DSS-CAMELLIA128-SHA256');
+  TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('DHE-RSA-CAMELLIA128-SHA256');
+  TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('ADH-CAMELLIA128-SHA256');
+
+  TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA256 = AnsiString('CAMELLIA256-SHA256');
+  TLS1_TXT_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256 = AnsiString('DH-DSS-CAMELLIA256-SHA256');
+  TLS1_TXT_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256 = AnsiString('DH-RSA-CAMELLIA256-SHA256');
+  TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256 = AnsiString('DHE-DSS-CAMELLIA256-SHA256');
+  TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 = AnsiString('DHE-RSA-CAMELLIA256-SHA256');
+  TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA256 = AnsiString('ADH-CAMELLIA256-SHA256');
+
+  TLS1_TXT_PSK_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('PSK-CAMELLIA128-SHA256');
+  TLS1_TXT_PSK_WITH_CAMELLIA_256_CBC_SHA384 = AnsiString('PSK-CAMELLIA256-SHA384');
+  TLS1_TXT_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('DHE-PSK-CAMELLIA128-SHA256');
+  TLS1_TXT_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 = AnsiString('DHE-PSK-CAMELLIA256-SHA384');
+  TLS1_TXT_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('RSA-PSK-CAMELLIA128-SHA256');
+  TLS1_TXT_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 = AnsiString('RSA-PSK-CAMELLIA256-SHA384');
+  TLS1_TXT_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('ECDHE-PSK-CAMELLIA128-SHA256');
+  TLS1_TXT_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 = AnsiString('ECDHE-PSK-CAMELLIA256-SHA384');
 
   (* SEED ciphersuites from RFC4162 *)
-  TLS1_TXT_RSA_WITH_SEED_SHA = 'SEED-SHA';
-  TLS1_TXT_DH_DSS_WITH_SEED_SHA = 'DH-DSS-SEED-SHA';
-  TLS1_TXT_DH_RSA_WITH_SEED_SHA = 'DH-RSA-SEED-SHA';
-  TLS1_TXT_DHE_DSS_WITH_SEED_SHA = 'DHE-DSS-SEED-SHA';
-  TLS1_TXT_DHE_RSA_WITH_SEED_SHA = 'DHE-RSA-SEED-SHA';
-  TLS1_TXT_ADH_WITH_SEED_SHA = 'ADH-SEED-SHA';
+  TLS1_TXT_RSA_WITH_SEED_SHA = AnsiString('SEED-SHA');
+  TLS1_TXT_DH_DSS_WITH_SEED_SHA = AnsiString('DH-DSS-SEED-SHA');
+  TLS1_TXT_DH_RSA_WITH_SEED_SHA = AnsiString('DH-RSA-SEED-SHA');
+  TLS1_TXT_DHE_DSS_WITH_SEED_SHA = AnsiString('DHE-DSS-SEED-SHA');
+  TLS1_TXT_DHE_RSA_WITH_SEED_SHA = AnsiString('DHE-RSA-SEED-SHA');
+  TLS1_TXT_ADH_WITH_SEED_SHA = AnsiString('ADH-SEED-SHA');
 
   (* TLS v1.2 ciphersuites *)
-  TLS1_TXT_RSA_WITH_NULL_SHA256 = 'NULL-SHA256';
-  TLS1_TXT_RSA_WITH_AES_128_SHA256 = 'AES128-SHA256';
-  TLS1_TXT_RSA_WITH_AES_256_SHA256 = 'AES256-SHA256';
-  TLS1_TXT_DH_DSS_WITH_AES_128_SHA256 = 'DH-DSS-AES128-SHA256';
-  TLS1_TXT_DH_RSA_WITH_AES_128_SHA256 = 'DH-RSA-AES128-SHA256';
-  TLS1_TXT_DHE_DSS_WITH_AES_128_SHA256 = 'DHE-DSS-AES128-SHA256';
-  TLS1_TXT_DHE_RSA_WITH_AES_128_SHA256 = 'DHE-RSA-AES128-SHA256';
-  TLS1_TXT_DH_DSS_WITH_AES_256_SHA256 = 'DH-DSS-AES256-SHA256';
-  TLS1_TXT_DH_RSA_WITH_AES_256_SHA256 = 'DH-RSA-AES256-SHA256';
-  TLS1_TXT_DHE_DSS_WITH_AES_256_SHA256 = 'DHE-DSS-AES256-SHA256';
-  TLS1_TXT_DHE_RSA_WITH_AES_256_SHA256 = 'DHE-RSA-AES256-SHA256';
-  TLS1_TXT_ADH_WITH_AES_128_SHA256 = 'ADH-AES128-SHA256';
-  TLS1_TXT_ADH_WITH_AES_256_SHA256 = 'ADH-AES256-SHA256';
+  TLS1_TXT_RSA_WITH_NULL_SHA256 = AnsiString('NULL-SHA256');
+  TLS1_TXT_RSA_WITH_AES_128_SHA256 = AnsiString('AES128-SHA256');
+  TLS1_TXT_RSA_WITH_AES_256_SHA256 = AnsiString('AES256-SHA256');
+  TLS1_TXT_DH_DSS_WITH_AES_128_SHA256 = AnsiString('DH-DSS-AES128-SHA256');
+  TLS1_TXT_DH_RSA_WITH_AES_128_SHA256 = AnsiString('DH-RSA-AES128-SHA256');
+  TLS1_TXT_DHE_DSS_WITH_AES_128_SHA256 = AnsiString('DHE-DSS-AES128-SHA256');
+  TLS1_TXT_DHE_RSA_WITH_AES_128_SHA256 = AnsiString('DHE-RSA-AES128-SHA256');
+  TLS1_TXT_DH_DSS_WITH_AES_256_SHA256 = AnsiString('DH-DSS-AES256-SHA256');
+  TLS1_TXT_DH_RSA_WITH_AES_256_SHA256 = AnsiString('DH-RSA-AES256-SHA256');
+  TLS1_TXT_DHE_DSS_WITH_AES_256_SHA256 = AnsiString('DHE-DSS-AES256-SHA256');
+  TLS1_TXT_DHE_RSA_WITH_AES_256_SHA256 = AnsiString('DHE-RSA-AES256-SHA256');
+  TLS1_TXT_ADH_WITH_AES_128_SHA256 = AnsiString('ADH-AES128-SHA256');
+  TLS1_TXT_ADH_WITH_AES_256_SHA256 = AnsiString('ADH-AES256-SHA256');
 
   (* TLS v1.2 GCM ciphersuites from RFC5288 *)
-  TLS1_TXT_RSA_WITH_AES_128_GCM_SHA256 = 'AES128-GCM-SHA256';
-  TLS1_TXT_RSA_WITH_AES_256_GCM_SHA384 = 'AES256-GCM-SHA384';
-  TLS1_TXT_DHE_RSA_WITH_AES_128_GCM_SHA256 = 'DHE-RSA-AES128-GCM-SHA256';
-  TLS1_TXT_DHE_RSA_WITH_AES_256_GCM_SHA384 = 'DHE-RSA-AES256-GCM-SHA384';
-  TLS1_TXT_DH_RSA_WITH_AES_128_GCM_SHA256 = 'DH-RSA-AES128-GCM-SHA256';
-  TLS1_TXT_DH_RSA_WITH_AES_256_GCM_SHA384 = 'DH-RSA-AES256-GCM-SHA384';
-  TLS1_TXT_DHE_DSS_WITH_AES_128_GCM_SHA256 = 'DHE-DSS-AES128-GCM-SHA256';
-  TLS1_TXT_DHE_DSS_WITH_AES_256_GCM_SHA384 = 'DHE-DSS-AES256-GCM-SHA384';
-  TLS1_TXT_DH_DSS_WITH_AES_128_GCM_SHA256 = 'DH-DSS-AES128-GCM-SHA256';
-  TLS1_TXT_DH_DSS_WITH_AES_256_GCM_SHA384 = 'DH-DSS-AES256-GCM-SHA384';
-  TLS1_TXT_ADH_WITH_AES_128_GCM_SHA256 = 'ADH-AES128-GCM-SHA256';
-  TLS1_TXT_ADH_WITH_AES_256_GCM_SHA384 = 'ADH-AES256-GCM-SHA384';
+  TLS1_TXT_RSA_WITH_AES_128_GCM_SHA256 = AnsiString('AES128-GCM-SHA256');
+  TLS1_TXT_RSA_WITH_AES_256_GCM_SHA384 = AnsiString('AES256-GCM-SHA384');
+  TLS1_TXT_DHE_RSA_WITH_AES_128_GCM_SHA256 = AnsiString('DHE-RSA-AES128-GCM-SHA256');
+  TLS1_TXT_DHE_RSA_WITH_AES_256_GCM_SHA384 = AnsiString('DHE-RSA-AES256-GCM-SHA384');
+  TLS1_TXT_DH_RSA_WITH_AES_128_GCM_SHA256 = AnsiString('DH-RSA-AES128-GCM-SHA256');
+  TLS1_TXT_DH_RSA_WITH_AES_256_GCM_SHA384 = AnsiString('DH-RSA-AES256-GCM-SHA384');
+  TLS1_TXT_DHE_DSS_WITH_AES_128_GCM_SHA256 = AnsiString('DHE-DSS-AES128-GCM-SHA256');
+  TLS1_TXT_DHE_DSS_WITH_AES_256_GCM_SHA384 = AnsiString('DHE-DSS-AES256-GCM-SHA384');
+  TLS1_TXT_DH_DSS_WITH_AES_128_GCM_SHA256 = AnsiString('DH-DSS-AES128-GCM-SHA256');
+  TLS1_TXT_DH_DSS_WITH_AES_256_GCM_SHA384 = AnsiString('DH-DSS-AES256-GCM-SHA384');
+  TLS1_TXT_ADH_WITH_AES_128_GCM_SHA256 = AnsiString('ADH-AES128-GCM-SHA256');
+  TLS1_TXT_ADH_WITH_AES_256_GCM_SHA384 = AnsiString('ADH-AES256-GCM-SHA384');
 
   (* CCM ciphersuites from RFC6655 *)
-  TLS1_TXT_RSA_WITH_AES_128_CCM = 'AES128-CCM';
-  TLS1_TXT_RSA_WITH_AES_256_CCM = 'AES256-CCM';
-  TLS1_TXT_DHE_RSA_WITH_AES_128_CCM = 'DHE-RSA-AES128-CCM';
-  TLS1_TXT_DHE_RSA_WITH_AES_256_CCM = 'DHE-RSA-AES256-CCM';
-
-  TLS1_TXT_RSA_WITH_AES_128_CCM_8 = 'AES128-CCM8';
-  TLS1_TXT_RSA_WITH_AES_256_CCM_8 = 'AES256-CCM8';
-  TLS1_TXT_DHE_RSA_WITH_AES_128_CCM_8 = 'DHE-RSA-AES128-CCM8';
-  TLS1_TXT_DHE_RSA_WITH_AES_256_CCM_8 = 'DHE-RSA-AES256-CCM8';
-
-  TLS1_TXT_PSK_WITH_AES_128_CCM = 'PSK-AES128-CCM';
-  TLS1_TXT_PSK_WITH_AES_256_CCM = 'PSK-AES256-CCM';
-  TLS1_TXT_DHE_PSK_WITH_AES_128_CCM = 'DHE-PSK-AES128-CCM';
-  TLS1_TXT_DHE_PSK_WITH_AES_256_CCM = 'DHE-PSK-AES256-CCM';
-
-  TLS1_TXT_PSK_WITH_AES_128_CCM_8 = 'PSK-AES128-CCM8';
-  TLS1_TXT_PSK_WITH_AES_256_CCM_8 = 'PSK-AES256-CCM8';
-  TLS1_TXT_DHE_PSK_WITH_AES_128_CCM_8 = 'DHE-PSK-AES128-CCM8';
-  TLS1_TXT_DHE_PSK_WITH_AES_256_CCM_8 = 'DHE-PSK-AES256-CCM8';
+  TLS1_TXT_RSA_WITH_AES_128_CCM = AnsiString('AES128-CCM');
+  TLS1_TXT_RSA_WITH_AES_256_CCM = AnsiString('AES256-CCM');
+  TLS1_TXT_DHE_RSA_WITH_AES_128_CCM = AnsiString('DHE-RSA-AES128-CCM');
+  TLS1_TXT_DHE_RSA_WITH_AES_256_CCM = AnsiString('DHE-RSA-AES256-CCM');
+
+  TLS1_TXT_RSA_WITH_AES_128_CCM_8 = AnsiString('AES128-CCM8');
+  TLS1_TXT_RSA_WITH_AES_256_CCM_8 = AnsiString('AES256-CCM8');
+  TLS1_TXT_DHE_RSA_WITH_AES_128_CCM_8 = AnsiString('DHE-RSA-AES128-CCM8');
+  TLS1_TXT_DHE_RSA_WITH_AES_256_CCM_8 = AnsiString('DHE-RSA-AES256-CCM8');
+
+  TLS1_TXT_PSK_WITH_AES_128_CCM = AnsiString('PSK-AES128-CCM');
+  TLS1_TXT_PSK_WITH_AES_256_CCM = AnsiString('PSK-AES256-CCM');
+  TLS1_TXT_DHE_PSK_WITH_AES_128_CCM = AnsiString('DHE-PSK-AES128-CCM');
+  TLS1_TXT_DHE_PSK_WITH_AES_256_CCM = AnsiString('DHE-PSK-AES256-CCM');
+
+  TLS1_TXT_PSK_WITH_AES_128_CCM_8 = AnsiString('PSK-AES128-CCM8');
+  TLS1_TXT_PSK_WITH_AES_256_CCM_8 = AnsiString('PSK-AES256-CCM8');
+  TLS1_TXT_DHE_PSK_WITH_AES_128_CCM_8 = AnsiString('DHE-PSK-AES128-CCM8');
+  TLS1_TXT_DHE_PSK_WITH_AES_256_CCM_8 = AnsiString('DHE-PSK-AES256-CCM8');
 
   (* CCM ciphersuites from RFC7251 *)
-  TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CCM = 'ECDHE-ECDSA-AES128-CCM';
-  TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CCM = 'ECDHE-ECDSA-AES256-CCM';
-  TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CCM_8 = 'ECDHE-ECDSA-AES128-CCM8';
-  TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CCM_8 = 'ECDHE-ECDSA-AES256-CCM8';
+  TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CCM = AnsiString('ECDHE-ECDSA-AES128-CCM');
+  TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CCM = AnsiString('ECDHE-ECDSA-AES256-CCM');
+  TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CCM_8 = AnsiString('ECDHE-ECDSA-AES128-CCM8');
+  TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CCM_8 = AnsiString('ECDHE-ECDSA-AES256-CCM8');
 
   (* ECDH HMAC based ciphersuites from RFC5289 *)
-  TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_SHA256 = 'ECDHE-ECDSA-AES128-SHA256';
-  TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_SHA384 = 'ECDHE-ECDSA-AES256-SHA384';
-  TLS1_TXT_ECDH_ECDSA_WITH_AES_128_SHA256 = 'ECDH-ECDSA-AES128-SHA256';
-  TLS1_TXT_ECDH_ECDSA_WITH_AES_256_SHA384 = 'ECDH-ECDSA-AES256-SHA384';
-  TLS1_TXT_ECDHE_RSA_WITH_AES_128_SHA256 = 'ECDHE-RSA-AES128-SHA256';
-  TLS1_TXT_ECDHE_RSA_WITH_AES_256_SHA384 = 'ECDHE-RSA-AES256-SHA384';
-  TLS1_TXT_ECDH_RSA_WITH_AES_128_SHA256 = 'ECDH-RSA-AES128-SHA256';
-  TLS1_TXT_ECDH_RSA_WITH_AES_256_SHA384 = 'ECDH-RSA-AES256-SHA384';
+  TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_SHA256 = AnsiString('ECDHE-ECDSA-AES128-SHA256');
+  TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_SHA384 = AnsiString('ECDHE-ECDSA-AES256-SHA384');
+  TLS1_TXT_ECDH_ECDSA_WITH_AES_128_SHA256 = AnsiString('ECDH-ECDSA-AES128-SHA256');
+  TLS1_TXT_ECDH_ECDSA_WITH_AES_256_SHA384 = AnsiString('ECDH-ECDSA-AES256-SHA384');
+  TLS1_TXT_ECDHE_RSA_WITH_AES_128_SHA256 = AnsiString('ECDHE-RSA-AES128-SHA256');
+  TLS1_TXT_ECDHE_RSA_WITH_AES_256_SHA384 = AnsiString('ECDHE-RSA-AES256-SHA384');
+  TLS1_TXT_ECDH_RSA_WITH_AES_128_SHA256 = AnsiString('ECDH-RSA-AES128-SHA256');
+  TLS1_TXT_ECDH_RSA_WITH_AES_256_SHA384 = AnsiString('ECDH-RSA-AES256-SHA384');
 
   (* ECDH GCM based ciphersuites from RFC5289 *)
-  TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 = 'ECDHE-ECDSA-AES128-GCM-SHA256';
-  TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 = 'ECDHE-ECDSA-AES256-GCM-SHA384';
-  TLS1_TXT_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 = 'ECDH-ECDSA-AES128-GCM-SHA256';
-  TLS1_TXT_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 = 'ECDH-ECDSA-AES256-GCM-SHA384';
-  TLS1_TXT_ECDHE_RSA_WITH_AES_128_GCM_SHA256 = 'ECDHE-RSA-AES128-GCM-SHA256';
-  TLS1_TXT_ECDHE_RSA_WITH_AES_256_GCM_SHA384 = 'ECDHE-RSA-AES256-GCM-SHA384';
-  TLS1_TXT_ECDH_RSA_WITH_AES_128_GCM_SHA256 = 'ECDH-RSA-AES128-GCM-SHA256';
-  TLS1_TXT_ECDH_RSA_WITH_AES_256_GCM_SHA384 = 'ECDH-RSA-AES256-GCM-SHA384';
+  TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 = AnsiString('ECDHE-ECDSA-AES128-GCM-SHA256');
+  TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 = AnsiString('ECDHE-ECDSA-AES256-GCM-SHA384');
+  TLS1_TXT_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 = AnsiString('ECDH-ECDSA-AES128-GCM-SHA256');
+  TLS1_TXT_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 = AnsiString('ECDH-ECDSA-AES256-GCM-SHA384');
+  TLS1_TXT_ECDHE_RSA_WITH_AES_128_GCM_SHA256 = AnsiString('ECDHE-RSA-AES128-GCM-SHA256');
+  TLS1_TXT_ECDHE_RSA_WITH_AES_256_GCM_SHA384 = AnsiString('ECDHE-RSA-AES256-GCM-SHA384');
+  TLS1_TXT_ECDH_RSA_WITH_AES_128_GCM_SHA256 = AnsiString('ECDH-RSA-AES128-GCM-SHA256');
+  TLS1_TXT_ECDH_RSA_WITH_AES_256_GCM_SHA384 = AnsiString('ECDH-RSA-AES256-GCM-SHA384');
 
   (* TLS v1.2 PSK GCM ciphersuites from RFC5487 *)
-  //TLS1_TXT_PSK_WITH_AES_128_GCM_SHA256 = 'PSK-AES128-GCM-SHA256';
-  //TLS1_TXT_PSK_WITH_AES_256_GCM_SHA384 = 'PSK-AES256-GCM-SHA384';
+  //TLS1_TXT_PSK_WITH_AES_128_GCM_SHA256 = AnsiString('PSK-AES128-GCM-SHA256');
+  //TLS1_TXT_PSK_WITH_AES_256_GCM_SHA384 = AnsiString('PSK-AES256-GCM-SHA384');
 
   (* ECDHE PSK ciphersuites from RFC 5489 *)
-  TLS1_TXT_ECDHE_PSK_WITH_RC4_128_SHA = 'ECDHE-PSK-RC4-SHA';
-  TLS1_TXT_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA = 'ECDHE-PSK-3DES-EDE-CBC-SHA';
-  TLS1_TXT_ECDHE_PSK_WITH_AES_128_CBC_SHA = 'ECDHE-PSK-AES128-CBC-SHA';
-  TLS1_TXT_ECDHE_PSK_WITH_AES_256_CBC_SHA = 'ECDHE-PSK-AES256-CBC-SHA';
+  TLS1_TXT_ECDHE_PSK_WITH_RC4_128_SHA = AnsiString('ECDHE-PSK-RC4-SHA');
+  TLS1_TXT_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA = AnsiString('ECDHE-PSK-3DES-EDE-CBC-SHA');
+  TLS1_TXT_ECDHE_PSK_WITH_AES_128_CBC_SHA = AnsiString('ECDHE-PSK-AES128-CBC-SHA');
+  TLS1_TXT_ECDHE_PSK_WITH_AES_256_CBC_SHA = AnsiString('ECDHE-PSK-AES256-CBC-SHA');
 
-  TLS1_TXT_ECDHE_PSK_WITH_AES_128_CBC_SHA256 = 'ECDHE-PSK-AES128-CBC-SHA256';
-  TLS1_TXT_ECDHE_PSK_WITH_AES_256_CBC_SHA384 = 'ECDHE-PSK-AES256-CBC-SHA384';
+  TLS1_TXT_ECDHE_PSK_WITH_AES_128_CBC_SHA256 = AnsiString('ECDHE-PSK-AES128-CBC-SHA256');
+  TLS1_TXT_ECDHE_PSK_WITH_AES_256_CBC_SHA384 = AnsiString('ECDHE-PSK-AES256-CBC-SHA384');
 
-  TLS1_TXT_ECDHE_PSK_WITH_NULL_SHA = 'ECDHE-PSK-NULL-SHA';
-  TLS1_TXT_ECDHE_PSK_WITH_NULL_SHA256 = 'ECDHE-PSK-NULL-SHA256';
-  TLS1_TXT_ECDHE_PSK_WITH_NULL_SHA384 = 'ECDHE-PSK-NULL-SHA384';
+  TLS1_TXT_ECDHE_PSK_WITH_NULL_SHA = AnsiString('ECDHE-PSK-NULL-SHA');
+  TLS1_TXT_ECDHE_PSK_WITH_NULL_SHA256 = AnsiString('ECDHE-PSK-NULL-SHA256');
+  TLS1_TXT_ECDHE_PSK_WITH_NULL_SHA384 = AnsiString('ECDHE-PSK-NULL-SHA384');
 
   (* Camellia-CBC ciphersuites from RFC6367 *)
-  TLS1_TXT_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 = 'ECDHE-ECDSA-CAMELLIA128-SHA256';
-  TLS1_TXT_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 = 'ECDHE-ECDSA-CAMELLIA256-SHA384';
-  TLS1_TXT_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 = 'ECDH-ECDSA-CAMELLIA128-SHA256';
-  TLS1_TXT_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 = 'ECDH-ECDSA-CAMELLIA256-SHA384';
-  TLS1_TXT_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 'ECDHE-RSA-CAMELLIA128-SHA256';
-  TLS1_TXT_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 = 'ECDHE-RSA-CAMELLIA256-SHA384';
-  TLS1_TXT_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 'ECDH-RSA-CAMELLIA128-SHA256';
-  TLS1_TXT_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 = 'ECDH-RSA-CAMELLIA256-SHA384';
+  TLS1_TXT_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('ECDHE-ECDSA-CAMELLIA128-SHA256');
+  TLS1_TXT_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 = AnsiString('ECDHE-ECDSA-CAMELLIA256-SHA384');
+  TLS1_TXT_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('ECDH-ECDSA-CAMELLIA128-SHA256');
+  TLS1_TXT_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 = AnsiString('ECDH-ECDSA-CAMELLIA256-SHA384');
+  TLS1_TXT_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('ECDHE-RSA-CAMELLIA128-SHA256');
+  TLS1_TXT_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 = AnsiString('ECDHE-RSA-CAMELLIA256-SHA384');
+  TLS1_TXT_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('ECDH-RSA-CAMELLIA128-SHA256');
+  TLS1_TXT_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 = AnsiString('ECDH-RSA-CAMELLIA256-SHA384');
 
   (* draft-ietf-tls-chacha20-poly1305-03 *)
-  TLS1_TXT_ECDHE_RSA_WITH_CHACHA20_POLY1305 = 'ECDHE-RSA-CHACHA20-POLY1305';
-  TLS1_TXT_ECDHE_ECDSA_WITH_CHACHA20_POLY1305 = 'ECDHE-ECDSA-CHACHA20-POLY1305';
-  TLS1_TXT_DHE_RSA_WITH_CHACHA20_POLY1305 = 'DHE-RSA-CHACHA20-POLY1305';
-  TLS1_TXT_PSK_WITH_CHACHA20_POLY1305 = 'PSK-CHACHA20-POLY1305';
-  TLS1_TXT_ECDHE_PSK_WITH_CHACHA20_POLY1305 = 'ECDHE-PSK-CHACHA20-POLY1305';
-  TLS1_TXT_DHE_PSK_WITH_CHACHA20_POLY1305 = 'DHE-PSK-CHACHA20-POLY1305';
-  TLS1_TXT_RSA_PSK_WITH_CHACHA20_POLY1305 = 'RSA-PSK-CHACHA20-POLY1305';
+  TLS1_TXT_ECDHE_RSA_WITH_CHACHA20_POLY1305 = AnsiString('ECDHE-RSA-CHACHA20-POLY1305');
+  TLS1_TXT_ECDHE_ECDSA_WITH_CHACHA20_POLY1305 = AnsiString('ECDHE-ECDSA-CHACHA20-POLY1305');
+  TLS1_TXT_DHE_RSA_WITH_CHACHA20_POLY1305 = AnsiString('DHE-RSA-CHACHA20-POLY1305');
+  TLS1_TXT_PSK_WITH_CHACHA20_POLY1305 = AnsiString('PSK-CHACHA20-POLY1305');
+  TLS1_TXT_ECDHE_PSK_WITH_CHACHA20_POLY1305 = AnsiString('ECDHE-PSK-CHACHA20-POLY1305');
+  TLS1_TXT_DHE_PSK_WITH_CHACHA20_POLY1305 = AnsiString('DHE-PSK-CHACHA20-POLY1305');
+  TLS1_TXT_RSA_PSK_WITH_CHACHA20_POLY1305 = AnsiString('RSA-PSK-CHACHA20-POLY1305');
 
   (* Aria ciphersuites from RFC6209 *)
-  TLS1_TXT_RSA_WITH_ARIA_128_GCM_SHA256 = 'ARIA128-GCM-SHA256';
-  TLS1_TXT_RSA_WITH_ARIA_256_GCM_SHA384 = 'ARIA256-GCM-SHA384';
-  TLS1_TXT_DHE_RSA_WITH_ARIA_128_GCM_SHA256 = 'DHE-RSA-ARIA128-GCM-SHA256';
-  TLS1_TXT_DHE_RSA_WITH_ARIA_256_GCM_SHA384 = 'DHE-RSA-ARIA256-GCM-SHA384';
-  TLS1_TXT_DH_RSA_WITH_ARIA_128_GCM_SHA256 = 'DH-RSA-ARIA128-GCM-SHA256';
-  TLS1_TXT_DH_RSA_WITH_ARIA_256_GCM_SHA384 = 'DH-RSA-ARIA256-GCM-SHA384';
-  TLS1_TXT_DHE_DSS_WITH_ARIA_128_GCM_SHA256 = 'DHE-DSS-ARIA128-GCM-SHA256';
-  TLS1_TXT_DHE_DSS_WITH_ARIA_256_GCM_SHA384 = 'DHE-DSS-ARIA256-GCM-SHA384';
-  TLS1_TXT_DH_DSS_WITH_ARIA_128_GCM_SHA256 = 'DH-DSS-ARIA128-GCM-SHA256';
-  TLS1_TXT_DH_DSS_WITH_ARIA_256_GCM_SHA384 = 'DH-DSS-ARIA256-GCM-SHA384';
-  TLS1_TXT_DH_anon_WITH_ARIA_128_GCM_SHA256 = 'ADH-ARIA128-GCM-SHA256';
-  TLS1_TXT_DH_anon_WITH_ARIA_256_GCM_SHA384 = 'ADH-ARIA256-GCM-SHA384';
-  TLS1_TXT_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256 = 'ECDHE-ECDSA-ARIA128-GCM-SHA256';
-  TLS1_TXT_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384 = 'ECDHE-ECDSA-ARIA256-GCM-SHA384';
-  TLS1_TXT_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256 = 'ECDH-ECDSA-ARIA128-GCM-SHA256';
-  TLS1_TXT_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384 = 'ECDH-ECDSA-ARIA256-GCM-SHA384';
-  TLS1_TXT_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 = 'ECDHE-ARIA128-GCM-SHA256';
-  TLS1_TXT_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 = 'ECDHE-ARIA256-GCM-SHA384';
-  TLS1_TXT_ECDH_RSA_WITH_ARIA_128_GCM_SHA256 = 'ECDH-ARIA128-GCM-SHA256';
-  TLS1_TXT_ECDH_RSA_WITH_ARIA_256_GCM_SHA384 = 'ECDH-ARIA256-GCM-SHA384';
-  TLS1_TXT_PSK_WITH_ARIA_128_GCM_SHA256 = 'PSK-ARIA128-GCM-SHA256';
-  TLS1_TXT_PSK_WITH_ARIA_256_GCM_SHA384 = 'PSK-ARIA256-GCM-SHA384';
-  TLS1_TXT_DHE_PSK_WITH_ARIA_128_GCM_SHA256 = 'DHE-PSK-ARIA128-GCM-SHA256';
-  TLS1_TXT_DHE_PSK_WITH_ARIA_256_GCM_SHA384 = 'DHE-PSK-ARIA256-GCM-SHA384';
-  TLS1_TXT_RSA_PSK_WITH_ARIA_128_GCM_SHA256 = 'RSA-PSK-ARIA128-GCM-SHA256';
-  TLS1_TXT_RSA_PSK_WITH_ARIA_256_GCM_SHA384 = 'RSA-PSK-ARIA256-GCM-SHA384';
+  TLS1_TXT_RSA_WITH_ARIA_128_GCM_SHA256 = AnsiString('ARIA128-GCM-SHA256');
+  TLS1_TXT_RSA_WITH_ARIA_256_GCM_SHA384 = AnsiString('ARIA256-GCM-SHA384');
+  TLS1_TXT_DHE_RSA_WITH_ARIA_128_GCM_SHA256 = AnsiString('DHE-RSA-ARIA128-GCM-SHA256');
+  TLS1_TXT_DHE_RSA_WITH_ARIA_256_GCM_SHA384 = AnsiString('DHE-RSA-ARIA256-GCM-SHA384');
+  TLS1_TXT_DH_RSA_WITH_ARIA_128_GCM_SHA256 = AnsiString('DH-RSA-ARIA128-GCM-SHA256');
+  TLS1_TXT_DH_RSA_WITH_ARIA_256_GCM_SHA384 = AnsiString('DH-RSA-ARIA256-GCM-SHA384');
+  TLS1_TXT_DHE_DSS_WITH_ARIA_128_GCM_SHA256 = AnsiString('DHE-DSS-ARIA128-GCM-SHA256');
+  TLS1_TXT_DHE_DSS_WITH_ARIA_256_GCM_SHA384 = AnsiString('DHE-DSS-ARIA256-GCM-SHA384');
+  TLS1_TXT_DH_DSS_WITH_ARIA_128_GCM_SHA256 = AnsiString('DH-DSS-ARIA128-GCM-SHA256');
+  TLS1_TXT_DH_DSS_WITH_ARIA_256_GCM_SHA384 = AnsiString('DH-DSS-ARIA256-GCM-SHA384');
+  TLS1_TXT_DH_anon_WITH_ARIA_128_GCM_SHA256 = AnsiString('ADH-ARIA128-GCM-SHA256');
+  TLS1_TXT_DH_anon_WITH_ARIA_256_GCM_SHA384 = AnsiString('ADH-ARIA256-GCM-SHA384');
+  TLS1_TXT_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256 = AnsiString('ECDHE-ECDSA-ARIA128-GCM-SHA256');
+  TLS1_TXT_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384 = AnsiString('ECDHE-ECDSA-ARIA256-GCM-SHA384');
+  TLS1_TXT_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256 = AnsiString('ECDH-ECDSA-ARIA128-GCM-SHA256');
+  TLS1_TXT_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384 = AnsiString('ECDH-ECDSA-ARIA256-GCM-SHA384');
+  TLS1_TXT_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 = AnsiString('ECDHE-ARIA128-GCM-SHA256');
+  TLS1_TXT_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 = AnsiString('ECDHE-ARIA256-GCM-SHA384');
+  TLS1_TXT_ECDH_RSA_WITH_ARIA_128_GCM_SHA256 = AnsiString('ECDH-ARIA128-GCM-SHA256');
+  TLS1_TXT_ECDH_RSA_WITH_ARIA_256_GCM_SHA384 = AnsiString('ECDH-ARIA256-GCM-SHA384');
+  TLS1_TXT_PSK_WITH_ARIA_128_GCM_SHA256 = AnsiString('PSK-ARIA128-GCM-SHA256');
+  TLS1_TXT_PSK_WITH_ARIA_256_GCM_SHA384 = AnsiString('PSK-ARIA256-GCM-SHA384');
+  TLS1_TXT_DHE_PSK_WITH_ARIA_128_GCM_SHA256 = AnsiString('DHE-PSK-ARIA128-GCM-SHA256');
+  TLS1_TXT_DHE_PSK_WITH_ARIA_256_GCM_SHA384 = AnsiString('DHE-PSK-ARIA256-GCM-SHA384');
+  TLS1_TXT_RSA_PSK_WITH_ARIA_128_GCM_SHA256 = AnsiString('RSA-PSK-ARIA128-GCM-SHA256');
+  TLS1_TXT_RSA_PSK_WITH_ARIA_256_GCM_SHA384 = AnsiString('RSA-PSK-ARIA256-GCM-SHA384');
 
   TLS_CT_RSA_SIGN = 1;
   TLS_CT_DSS_SIGN = 2;
@@ -1022,68 +1022,67 @@ interface
   TLS1_FINISH_MAC_LENGTH = 12;
 
   TLS_MD_MAX_CONST_SIZE = 22;
-  TLS_MD_CLIENT_FINISH_CONST  = 'client finished';
+  TLS_MD_CLIENT_FINISH_CONST  = AnsiString('client finished');
   TLS_MD_CLIENT_FINISH_CONST_SIZE = 15;
-  TLS_MD_SERVER_FINISH_CONST  = 'server finished';
+  TLS_MD_SERVER_FINISH_CONST  = AnsiString('server finished');
   TLS_MD_SERVER_FINISH_CONST_SIZE = 15;
-  TLS_MD_KEY_EXPANSION_CONST  = 'key expansion';
+  TLS_MD_KEY_EXPANSION_CONST  = AnsiString('key expansion');
   TLS_MD_KEY_EXPANSION_CONST_SIZE = 13;
-  TLS_MD_CLIENT_WRITE_KEY_CONST  = 'client write key';
+  TLS_MD_CLIENT_WRITE_KEY_CONST  = AnsiString('client write key');
   TLS_MD_CLIENT_WRITE_KEY_CONST_SIZE = 16;
-  TLS_MD_SERVER_WRITE_KEY_CONST  = 'server write key';
+  TLS_MD_SERVER_WRITE_KEY_CONST  = AnsiString('server write key');
   TLS_MD_SERVER_WRITE_KEY_CONST_SIZE = 16;
-  TLS_MD_IV_BLOCK_CONST  = 'IV block';
+  TLS_MD_IV_BLOCK_CONST  = AnsiString('IV block');
   TLS_MD_IV_BLOCK_CONST_SIZE = 8;
-  TLS_MD_MASTER_SECRET_CONST  = 'master secret';
+  TLS_MD_MASTER_SECRET_CONST  = AnsiString('master secret');
   TLS_MD_MASTER_SECRET_CONST_SIZE = 13;
-  TLS_MD_EXTENDED_MASTER_SECRET_CONST  = 'extended master secret';
+  TLS_MD_EXTENDED_MASTER_SECRET_CONST  = AnsiString('extended master secret');
   TLS_MD_EXTENDED_MASTER_SECRET_CONST_SIZE = 22;
 
 //  (*
 //   * client finished
 //   *)
-//  TLS_MD_CLIENT_FINISH_CONST  = '\x63\x6c\x69\x65\x6e\x74\x20\x66\x69\x6e\x69\x73\x68\x65\x64';
+//  TLS_MD_CLIENT_FINISH_CONST = TIdAnsiChar($63) + TIdAnsiChar($6c) + TIdAnsiChar($69) + TIdAnsiChar($65) + TIdAnsiChar($6e) + TIdAnsiChar($74) + TIdAnsiChar($20) + TIdAnsiChar($66) + TIdAnsiChar($69) + TIdAnsiChar($6e) + TIdAnsiChar($69) + TIdAnsiChar($73) + TIdAnsiChar($68) + TIdAnsiChar($65) + TIdAnsiChar($64);
 //
 //  (*
 //   * server finished
 //   *)
-//  TLS_MD_SERVER_FINISH_CONST  = '\x73\x65\x72\x76\x65\x72\x20\x66\x69\x6e\x69\x73\x68\x65\x64';
+//  TLS_MD_SERVER_FINISH_CONST = TIdAnsiChar($73) + TIdAnsiChar($65) + TIdAnsiChar($72) + TIdAnsiChar($76) + TIdAnsiChar($65) + TIdAnsiChar($72) + TIdAnsiChar($20) + TIdAnsiChar($66) + TIdAnsiChar($69) + TIdAnsiChar($6e) + TIdAnsiChar($69) + TIdAnsiChar($73) + TIdAnsiChar($68) + TIdAnsiChar($65) + TIdAnsiChar($64);
 //
 //  (*
 //   * server write key
 //   *)
-//  TLS_MD_SERVER_WRITE_KEY_CONST  = '\x73\x65\x72\x76\x65\x72\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79';
+//  TLS_MD_SERVER_WRITE_KEY_CONST = TIdAnsiChar($73) + TIdAnsiChar($65) + TIdAnsiChar($72) + TIdAnsiChar($76) + TIdAnsiChar($65) + TIdAnsiChar($72) + TIdAnsiChar($20) + TIdAnsiChar($77) + TIdAnsiChar($72) + TIdAnsiChar($69) + TIdAnsiChar($74) + TIdAnsiChar($65) + TIdAnsiChar($20) + TIdAnsiChar($6b) + TIdAnsiChar($65) + TIdAnsiChar($79);
 //
 //  (*
 //   * key expansion
 //   *)
-//  TLS_MD_KEY_EXPANSION_CONST  = '\x6b\x65\x79\x20\x65\x78\x70\x61\x6e\x73\x69\x6f\x6e';
+//  TLS_MD_KEY_EXPANSION_CONST = TIdAnsiChar($6b) + TIdAnsiChar($65) + TIdAnsiChar($79) + TIdAnsiChar($20) + TIdAnsiChar($65) + TIdAnsiChar($78) + TIdAnsiChar($70) + TIdAnsiChar($61) + TIdAnsiChar($6e) + TIdAnsiChar($73) + TIdAnsiChar($69) + TIdAnsiChar($6f) + TIdAnsiChar($6e);
 //
 //  (*
 //   * client write key
 //   *)
-//  TLS_MD_CLIENT_WRITE_KEY_CONST  = '\x63\x6c\x69\x65\x6e\x74\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79';
+//  TLS_MD_CLIENT_WRITE_KEY_CONST = TIdAnsiChar($63) + TIdAnsiChar($6c) + TIdAnsiChar($69) + TIdAnsiChar($65) + TIdAnsiChar($6e) + TIdAnsiChar($74) + TIdAnsiChar($20) + TIdAnsiChar($77) + TIdAnsiChar($72) + TIdAnsiChar($69) + TIdAnsiChar($74) + TIdAnsiChar($65) + TIdAnsiChar($20) + TIdAnsiChar($6b) + TIdAnsiChar($65) + TIdAnsiChar($79);
 //
 //  (*
 //   * server write key
 //   *)
-//  TLS_MD_SERVER_WRITE_KEY_CONST  = '\x73\x65\x72\x76\x65\x72\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79';
+//  TLS_MD_SERVER_WRITE_KEY_CONST = TIdAnsiChar($73) + TIdAnsiChar($65) + TIdAnsiChar($72) + TIdAnsiChar($76) + TIdAnsiChar($65) + TIdAnsiChar($72) + TIdAnsiChar($20) + TIdAnsiChar($77) + TIdAnsiChar($72) + TIdAnsiChar($69) + TIdAnsiChar($74) + TIdAnsiChar($65) + TIdAnsiChar($20) + TIdAnsiChar($6b) + TIdAnsiChar($65) + TIdAnsiChar($79);
 //
 //  (*
 //   * IV block
 //   *)
-//  TLS_MD_IV_BLOCK_CONST  = '\x49\x56\x20\x62\x6c\x6f\x63\x6b';
-//
+//  TLS_MD_IV_BLOCK_CONST = TIdAnsiChar($49) + TIdAnsiChar($56) + TIdAnsiChar($20) + TIdAnsiChar($62) + TIdAnsiChar($6c) + TIdAnsiChar($6f) + TIdAnsiChar($63) + TIdAnsiChar($6b);
 //
 //  (*
 //   * master secret
 //   *)
-//  TLS_MD_MASTER_SECRET_CONST  = '\x6d\x61\x73\x74\x65\x72\x20\x73\x65\x63\x72\x65\x74';
+//  TLS_MD_MASTER_SECRET_CONST = TIdAnsiChar($6d) + TIdAnsiChar($61) + TIdAnsiChar($73) + TIdAnsiChar($74) + TIdAnsiChar($65) + TIdAnsiChar($72) + TIdAnsiChar($20) + TIdAnsiChar($73) + TIdAnsiChar($65) + TIdAnsiChar($63) + TIdAnsiChar($72) + TIdAnsiChar($65) + TIdAnsiChar($74);
 //
 //  (*
 //   * extended master secret
 //   *)
-//  TLS_MD_EXTENDED_MASTER_SECRET_CONST  = '\x65\x78\x74\x65\x6e\x64\x65\x64\x20\x6d\x61\x73\x74\x65\x72\x20\x73\x65\x63\x72\x65\x74';
+//  TLS_MD_EXTENDED_MASTER_SECRET_CONST = TIdAnsiChar($65) + TIdAnsiChar($78) + TIdAnsiChar($74) + TIdAnsiChar($65) + TIdAnsiChar($6e) + TIdAnsiChar($64) + TIdAnsiChar($65) + TIdAnsiChar($64) + TIdAnsiChar($20) + TIdAnsiChar($6d) + TIdAnsiChar($61) + TIdAnsiChar($73) + TIdAnsiChar($74) + TIdAnsiChar($65) + TIdAnsiChar($72) + TIdAnsiChar($20) + TIdAnsiChar($73) + TIdAnsiChar($65) + TIdAnsiChar($63) + TIdAnsiChar($72) + TIdAnsiChar($65) + TIdAnsiChar($74);
 
 type
   (* TLS Session Ticket extension struct *)
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_x509.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_x509.pas
index 5fdc36b9e..166facb2c 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_x509.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_x509.pas
@@ -225,7 +225,7 @@   X509_val_st = record
   x509_trust_st = record
     trust: TIdC_INT;
     flags: TIdC_INT;
-    check_trust: function(v1: Px509_trust_st; v2: PX509; v3: TIdC_INT): TIdC_INT;
+    check_trust: function(v1: Px509_trust_st; v2: PX509; v3: TIdC_INT): TIdC_INT; cdecl;
     name: PIdAnsiChar;
     arg1: TIdC_INT;
     arg2: Pointer;
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_x509v3.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_x509v3.pas
index 16bdf8aa8..1539aaf05 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_x509v3.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_x509v3.pas
@@ -549,7 +549,7 @@   x509_purpose_st = record
     purpose: TIdC_INT;
     trust: TIdC_INT;                  (* Default trust ID *)
     flags: TIdC_INT;
-    check_purpose: function(const v1: PX509_PURPOSE; const v2: PX509; v3: TIdC_INT): TIdC_INT;
+    check_purpose: function(const v1: PX509_PURPOSE; const v2: PX509; v3: TIdC_INT): TIdC_INT; cdecl;
     name: PIdAnsiChar;
     sname: PIdAnsiChar;
     usr_data: Pointer;
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_dh.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_dh.pas
index 1ba2f8f94..898ad5118 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_dh.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_dh.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 15:01:04
+// Generation date: 11.05.2020 08:36:42
 
 unit IdOpenSSLHeaders_dh;
 
@@ -91,15 +91,15 @@ interface
   EVP_PKEY_CTRL_DH_PAD                   = (EVP_PKEY_ALG_CTRL + 16);
 
 type
-  DH_meth_generate_key_cb = function(dh: PDH): TIdC_INT;
-  DH_meth_compute_key_cb = function(key: PByte; const pub_key: PBIGNUM; dh: PDH): TIdC_INT;
+  DH_meth_generate_key_cb = function(dh: PDH): TIdC_INT cdecl;
+  DH_meth_compute_key_cb = function(key: PByte; const pub_key: PBIGNUM; dh: PDH): TIdC_INT cdecl;
   DH_meth_bn_mod_exp_cb = function(
     const dh: PDH; r: PBIGNUM; const a: PBIGNUM;
     const p: PBIGNUM; const m: PBIGNUM;
-    ctx: PBN_CTX; m_ctx: PBN_MONT_CTX): TIdC_INT;
-  DH_meth_init_cb = function(dh: PDH): TIdC_INT;
-  DH_meth_finish_cb = function(dh: PDH): TIdC_INT;
-  DH_meth_generate_params_cb = function(dh: PDH; prime_len: TIdC_INT; generator: TIdC_INT; cb: PBN_GENCB): TIdC_INT;
+    ctx: PBN_CTX; m_ctx: PBN_MONT_CTX): TIdC_INT cdecl;
+  DH_meth_init_cb = function(dh: PDH): TIdC_INT cdecl;
+  DH_meth_finish_cb = function(dh: PDH): TIdC_INT cdecl;
+  DH_meth_generate_params_cb = function(dh: PDH; prime_len: TIdC_INT; generator: TIdC_INT; cb: PBN_GENCB): TIdC_INT cdecl;
 
 {$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_obj_mac.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_obj_mac.pas
index 389f5a5b7..8d802a81c 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_obj_mac.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_obj_mac.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 15:01:04
+// Generation date: 11.05.2020 08:36:42
 
 unit IdOpenSSLHeaders_obj_mac;
 
@@ -40,2881 +40,4065 @@ interface
 {$i IdCompilerDefines.inc}
 
 const
-  SN_undef =       'UNDEF';
-  LN_undef =       'undefined';
-  NID_undef =       0;
-  SN_itu_t =     'ITU-T';
-  LN_itu_t =     'itu-t';
-  NID_itu_t =     645;
-  NID_ccitt =     404;
-  SN_iso =   'ISO';
-  LN_iso =   'iso';
-  NID_iso =   181;
-  SN_joint_iso_itu_t =    'JOINT-ISO-ITU-T';
-  LN_joint_iso_itu_t =    'joint-iso-itu-t';
-  NID_joint_iso_itu_t =    646;
-  NID_joint_iso_ccitt =    393;
-  SN_member_body =   'member-body';
-  LN_member_body =   'ISO Member Body';
-  NID_member_body =   182;
-  SN_identified_organization =    'identified-organization';
-  NID_identified_organization =    676;
-  SN_hmac_md5 =    'HMAC-MD5';
-  LN_hmac_md5 =    'hmac-md5';
-  NID_hmac_md5 =    780;
-  SN_hmac_sha1 =    'HMAC-SHA1';
-  LN_hmac_sha1 =    'hmac-sha1';
-  NID_hmac_sha1 =    781;
-  SN_x509ExtAdmission =    'x509ExtAdmission';
-  LN_x509ExtAdmission =    'Professional Information or basis for Admission';
-  NID_x509ExtAdmission =    1093;
-  SN_certicom_arc =   'certicom-arc';
-  NID_certicom_arc =     677;
-  SN_ieee =   'ieee';
-  NID_ieee =     1170;
-  SN_ieee_siswg =    'ieee-siswg';
-  LN_ieee_siswg =    'IEEE Security in Storage Working Group';
-  NID_ieee_siswg =   1171;
-  SN_international_organizations =   'international-organizations';
-  LN_international_organizations =   'International Organizations';
-  NID_international_organizations =   647;
-  SN_wap =   'wap';
-  NID_wap =   678;
-  SN_wap_wsg =    'wap-wsg';
-  NID_wap_wsg =    679;
-  SN_selected_attribute_types =    'selected-attribute-types';
-  LN_selected_attribute_types =    'Selected Attribute Types';
-  NID_selected_attribute_types =    394;
-  SN_clearance =    'clearance';
-  NID_clearance =    395;
-  SN_ISO_US =     'ISO-US';
-  LN_ISO_US =     'ISO US Member Body';
-  NID_ISO_US =    183;
-  SN_X9_57 =     'X9-57';
-  LN_X9_57 =     'X9.57';
-  NID_X9_57 =     184;
-  SN_X9cm =   'X9cm';
-  LN_X9cm =   'X9.57 CM ?';
-  NID_X9cm =     185;
-  SN_ISO_CN =     'ISO-CN';
-  LN_ISO_CN =     'ISO CN Member Body';
-  NID_ISO_CN =    1140;
-  SN_oscca =     'oscca';
-  NID_oscca =     1141;
-  SN_sm_scheme =    'sm-scheme';
-  NID_sm_scheme =    1142;
-  SN_dsa =   'DSA';
-  LN_dsa =   'dsaEncryption';
-  NID_dsa =   116;
-  SN_dsaWithSHA1 =   'DSA-SHA1';
-  LN_dsaWithSHA1 =   'dsaWithSHA1';
-  NID_dsaWithSHA1 =   113;
-  SN_ansi_X9_62 =    'ansi-X9-62';
-  LN_ansi_X9_62 =    'ANSI X9.62';
-  NID_ansi_X9_62 =   405;
-  SN_X9_62_prime_field =    'prime-field';
-  NID_X9_62_prime_field =    406;
-  SN_X9_62_characteristic_two_field =     'characteristic-two-field';
-  NID_X9_62_characteristic_two_field =    407;
-  SN_X9_62_id_characteristic_two_basis =    'id-characteristic-two-basis';
-  NID_X9_62_id_characteristic_two_basis =    680;
-  SN_X9_62_onBasis =     'onBasis';
-  NID_X9_62_onBasis =     681;
-  SN_X9_62_tpBasis =     'tpBasis';
-  NID_X9_62_tpBasis =     682;
-  SN_X9_62_ppBasis =     'ppBasis';
-  NID_X9_62_ppBasis =     683;
-  SN_X9_62_id_ecPublicKey =   'id-ecPublicKey';
-  NID_X9_62_id_ecPublicKey =     408;
-  SN_X9_62_c2pnb163v1 =    'c2pnb163v1';
-  NID_X9_62_c2pnb163v1 =    684;
-  SN_X9_62_c2pnb163v2 =    'c2pnb163v2';
-  NID_X9_62_c2pnb163v2 =    685;
-  SN_X9_62_c2pnb163v3 =    'c2pnb163v3';
-  NID_X9_62_c2pnb163v3 =    686;
-  SN_X9_62_c2pnb176v1 =    'c2pnb176v1';
-  NID_X9_62_c2pnb176v1 =    687;
-  SN_X9_62_c2tnb191v1 =    'c2tnb191v1';
-  NID_X9_62_c2tnb191v1 =    688;
-  SN_X9_62_c2tnb191v2 =    'c2tnb191v2';
-  NID_X9_62_c2tnb191v2 =    689;
-  SN_X9_62_c2tnb191v3 =    'c2tnb191v3';
-  NID_X9_62_c2tnb191v3 =    690;
-  SN_X9_62_c2onb191v4 =    'c2onb191v4';
-  NID_X9_62_c2onb191v4 =    691;
-  SN_X9_62_c2onb191v5 =    'c2onb191v5';
-  NID_X9_62_c2onb191v5 =    692;
-  SN_X9_62_c2pnb208w1 =    'c2pnb208w1';
-  NID_X9_62_c2pnb208w1 =    693;
-  SN_X9_62_c2tnb239v1 =    'c2tnb239v1';
-  NID_X9_62_c2tnb239v1 =    694;
-  SN_X9_62_c2tnb239v2 =    'c2tnb239v2';
-  NID_X9_62_c2tnb239v2 =    695;
-  SN_X9_62_c2tnb239v3 =    'c2tnb239v3';
-  NID_X9_62_c2tnb239v3 =    696;
-  SN_X9_62_c2onb239v4 =    'c2onb239v4';
-  NID_X9_62_c2onb239v4 =    697;
-  SN_X9_62_c2onb239v5 =    'c2onb239v5';
-  NID_X9_62_c2onb239v5 =    698;
-  SN_X9_62_c2pnb272w1 =    'c2pnb272w1';
-  NID_X9_62_c2pnb272w1 =    699;
-  SN_X9_62_c2pnb304w1 =    'c2pnb304w1';
-  NID_X9_62_c2pnb304w1 =    700;
-  SN_X9_62_c2tnb359v1 =    'c2tnb359v1';
-  NID_X9_62_c2tnb359v1 =    701;
-  SN_X9_62_c2pnb368w1 =    'c2pnb368w1';
-  NID_X9_62_c2pnb368w1 =    702;
-  SN_X9_62_c2tnb431r1 =    'c2tnb431r1';
-  NID_X9_62_c2tnb431r1 =    703;
-  SN_X9_62_prime192v1 =    'prime192v1';
-  NID_X9_62_prime192v1 =    409;
-  SN_X9_62_prime192v2 =    'prime192v2';
-  NID_X9_62_prime192v2 =    410;
-  SN_X9_62_prime192v3 =    'prime192v3';
-  NID_X9_62_prime192v3 =    411;
-  SN_X9_62_prime239v1 =    'prime239v1';
-  NID_X9_62_prime239v1 =    412;
-  SN_X9_62_prime239v2 =    'prime239v2';
-  NID_X9_62_prime239v2 =    413;
-  SN_X9_62_prime239v3 =    'prime239v3';
-  NID_X9_62_prime239v3 =    414;
-  SN_X9_62_prime256v1 =    'prime256v1';
-  NID_X9_62_prime256v1 =    415;
-  SN_ecdsa_with_SHA1 =    'ecdsa-with-SHA1';
-  NID_ecdsa_with_SHA1 =    416;
-  SN_ecdsa_with_Recommended =     'ecdsa-with-Recommended';
-  NID_ecdsa_with_Recommended =    791;
-  SN_ecdsa_with_Specified =   'ecdsa-with-Specified';
-  NID_ecdsa_with_Specified =     792;
-  SN_ecdsa_with_SHA224 =    'ecdsa-with-SHA224';
-  NID_ecdsa_with_SHA224 =    793;
-  SN_ecdsa_with_SHA256 =    'ecdsa-with-SHA256';
-  NID_ecdsa_with_SHA256 =    794;
-  SN_ecdsa_with_SHA384 =    'ecdsa-with-SHA384';
-  NID_ecdsa_with_SHA384 =    795;
-  SN_ecdsa_with_SHA512 =    'ecdsa-with-SHA512';
-  NID_ecdsa_with_SHA512 =    796;
-  SN_secp112r1 =    'secp112r1';
-  NID_secp112r1 =    704;
-  SN_secp112r2 =    'secp112r2';
-  NID_secp112r2 =    705;
-  SN_secp128r1 =    'secp128r1';
-  NID_secp128r1 =    706;
-  SN_secp128r2 =    'secp128r2';
-  NID_secp128r2 =    707;
-  SN_secp160k1 =    'secp160k1';
-  NID_secp160k1 =    708;
-  SN_secp160r1 =    'secp160r1';
-  NID_secp160r1 =    709;
-  SN_secp160r2 =    'secp160r2';
-  NID_secp160r2 =    710;
-  SN_secp192k1 =    'secp192k1';
-  NID_secp192k1 =    711;
-  SN_secp224k1 =    'secp224k1';
-  NID_secp224k1 =    712;
-  SN_secp224r1 =    'secp224r1';
-  NID_secp224r1 =    713;
-  SN_secp256k1 =    'secp256k1';
-  NID_secp256k1 =    714;
-  SN_secp384r1 =    'secp384r1';
-  NID_secp384r1 =    715;
-  SN_secp521r1 =    'secp521r1';
-  NID_secp521r1 =    716;
-  SN_sect113r1 =    'sect113r1';
-  NID_sect113r1 =    717;
-  SN_sect113r2 =    'sect113r2';
-  NID_sect113r2 =    718;
-  SN_sect131r1 =    'sect131r1';
-  NID_sect131r1 =    719;
-  SN_sect131r2 =    'sect131r2';
-  NID_sect131r2 =    720;
-  SN_sect163k1 =    'sect163k1';
-  NID_sect163k1 =    721;
-  SN_sect163r1 =    'sect163r1';
-  NID_sect163r1 =    722;
-  SN_sect163r2 =    'sect163r2';
-  NID_sect163r2 =    723;
-  SN_sect193r1 =    'sect193r1';
-  NID_sect193r1 =    724;
-  SN_sect193r2 =    'sect193r2';
-  NID_sect193r2 =    725;
-  SN_sect233k1 =    'sect233k1';
-  NID_sect233k1 =    726;
-  SN_sect233r1 =    'sect233r1';
-  NID_sect233r1 =    727;
-  SN_sect239k1 =    'sect239k1';
-  NID_sect239k1 =    728;
-  SN_sect283k1 =    'sect283k1';
-  NID_sect283k1 =    729;
-  SN_sect283r1 =    'sect283r1';
-  NID_sect283r1 =    730;
-  SN_sect409k1 =    'sect409k1';
-  NID_sect409k1 =    731;
-  SN_sect409r1 =    'sect409r1';
-  NID_sect409r1 =    732;
-  SN_sect571k1 =    'sect571k1';
-  NID_sect571k1 =    733;
-  SN_sect571r1 =    'sect571r1';
-  NID_sect571r1 =    734;
-  SN_wap_wsg_idm_ecid_wtls1 =     'wap-wsg-idm-ecid-wtls1';
-  NID_wap_wsg_idm_ecid_wtls1 =    735;
-  SN_wap_wsg_idm_ecid_wtls3 =     'wap-wsg-idm-ecid-wtls3';
-  NID_wap_wsg_idm_ecid_wtls3 =    736;
-  SN_wap_wsg_idm_ecid_wtls4 =     'wap-wsg-idm-ecid-wtls4';
-  NID_wap_wsg_idm_ecid_wtls4 =    737;
-  SN_wap_wsg_idm_ecid_wtls5 =     'wap-wsg-idm-ecid-wtls5';
-  NID_wap_wsg_idm_ecid_wtls5 =    738;
-  SN_wap_wsg_idm_ecid_wtls6 =     'wap-wsg-idm-ecid-wtls6';
-  NID_wap_wsg_idm_ecid_wtls6 =    739;
-  SN_wap_wsg_idm_ecid_wtls7 =     'wap-wsg-idm-ecid-wtls7';
-  NID_wap_wsg_idm_ecid_wtls7 =    740;
-  SN_wap_wsg_idm_ecid_wtls8 =     'wap-wsg-idm-ecid-wtls8';
-  NID_wap_wsg_idm_ecid_wtls8 =    741;
-  SN_wap_wsg_idm_ecid_wtls9 =     'wap-wsg-idm-ecid-wtls9';
-  NID_wap_wsg_idm_ecid_wtls9 =    742;
-  SN_wap_wsg_idm_ecid_wtls10 =    'wap-wsg-idm-ecid-wtls10';
-  NID_wap_wsg_idm_ecid_wtls10 =    743;
-  SN_wap_wsg_idm_ecid_wtls11 =    'wap-wsg-idm-ecid-wtls11';
-  NID_wap_wsg_idm_ecid_wtls11 =    744;
-  SN_wap_wsg_idm_ecid_wtls12 =    'wap-wsg-idm-ecid-wtls12';
-  NID_wap_wsg_idm_ecid_wtls12 =    745;
-  SN_cast5_cbc =    'CAST5-CBC';
-  LN_cast5_cbc =    'cast5-cbc';
-  NID_cast5_cbc =    108;
-  SN_cast5_ecb =    'CAST5-ECB';
-  LN_cast5_ecb =    'cast5-ecb';
-  NID_cast5_ecb =    109;
-  SN_cast5_cfb64 =   'CAST5-CFB';
-  LN_cast5_cfb64 =   'cast5-cfb';
-  NID_cast5_cfb64 =   110;
-  SN_cast5_ofb64 =   'CAST5-OFB';
-  LN_cast5_ofb64 =   'cast5-ofb';
-  NID_cast5_ofb64 =   111;
-  LN_pbeWithMD5AndCast5_CBC =     'pbeWithMD5AndCast5CBC';
-  NID_pbeWithMD5AndCast5_CBC =    112;
-  SN_id_PasswordBasedMAC =   'id-PasswordBasedMAC';
-  LN_id_PasswordBasedMAC =   'password based MAC';
-  NID_id_PasswordBasedMAC =   782;
-  SN_id_DHBasedMac =     'id-DHBasedMac';
-  LN_id_DHBasedMac =     'Diffie-Hellman based MAC';
-  NID_id_DHBasedMac =     783;
-  SN_rsadsi =     'rsadsi';
-  LN_rsadsi =     'RSA Data Security; Inc.';
-  NID_rsadsi =    1;
-  SN_pkcs =   'pkcs';
-  LN_pkcs =   'RSA Data Security; Inc. PKCS';
-  NID_pkcs =     2;
-  SN_pkcs1 =     'pkcs1';
-  NID_pkcs1 =     186;
-  LN_rsaEncryption =     'rsaEncryption';
-  NID_rsaEncryption =     6;
-  SN_md2WithRSAEncryption =   'RSA-MD2';
-  LN_md2WithRSAEncryption =   'md2WithRSAEncryption';
-  NID_md2WithRSAEncryption =     7;
-  SN_md4WithRSAEncryption =   'RSA-MD4';
-  LN_md4WithRSAEncryption =   'md4WithRSAEncryption';
-  NID_md4WithRSAEncryption =     396;
-  SN_md5WithRSAEncryption =   'RSA-MD5';
-  LN_md5WithRSAEncryption =   'md5WithRSAEncryption';
-  NID_md5WithRSAEncryption =     8;
-  SN_sha1WithRSAEncryption =     'RSA-SHA1';
-  LN_sha1WithRSAEncryption =     'sha1WithRSAEncryption';
-  NID_sha1WithRSAEncryption =     65;
-  SN_rsaesOaep =    'RSAES-OAEP';
-  LN_rsaesOaep =    'rsaesOaep';
-  NID_rsaesOaep =    919;
-  SN_mgf1 =   'MGF1';
-  LN_mgf1 =   'mgf1';
-  NID_mgf1 =     911;
-  SN_pSpecified =    'PSPECIFIED';
-  LN_pSpecified =    'pSpecified';
-  NID_pSpecified =   935;
-  SN_rsassaPss =    'RSASSA-PSS';
-  LN_rsassaPss =    'rsassaPss';
-  NID_rsassaPss =    912;
-  SN_sha256WithRSAEncryption =    'RSA-SHA256';
-  LN_sha256WithRSAEncryption =    'sha256WithRSAEncryption';
-  NID_sha256WithRSAEncryption =    668;
-  SN_sha384WithRSAEncryption =    'RSA-SHA384';
-  LN_sha384WithRSAEncryption =    'sha384WithRSAEncryption';
-  NID_sha384WithRSAEncryption =    669;
-  SN_sha512WithRSAEncryption =    'RSA-SHA512';
-  LN_sha512WithRSAEncryption =    'sha512WithRSAEncryption';
-  NID_sha512WithRSAEncryption =    670;
-  SN_sha224WithRSAEncryption =    'RSA-SHA224';
-  LN_sha224WithRSAEncryption =    'sha224WithRSAEncryption';
-  NID_sha224WithRSAEncryption =    671;
-  SN_sha512_224WithRSAEncryption =   'RSA-SHA512/224';
-  LN_sha512_224WithRSAEncryption =   'sha512-224WithRSAEncryption';
-  NID_sha512_224WithRSAEncryption =   1145;
-  SN_sha512_256WithRSAEncryption =   'RSA-SHA512/256';
-  LN_sha512_256WithRSAEncryption =   'sha512-256WithRSAEncryption';
-  NID_sha512_256WithRSAEncryption =   1146;
-  SN_pkcs3 =     'pkcs3';
-  NID_pkcs3 =     27;
-  LN_dhKeyAgreement =     'dhKeyAgreement';
-  NID_dhKeyAgreement =    28;
-  SN_pkcs5 =     'pkcs5';
-  NID_pkcs5 =     187;
-  SN_pbeWithMD2AndDES_CBC =   'PBE-MD2-DES';
-  LN_pbeWithMD2AndDES_CBC =   'pbeWithMD2AndDES-CBC';
-  NID_pbeWithMD2AndDES_CBC =     9;
-  SN_pbeWithMD5AndDES_CBC =   'PBE-MD5-DES';
-  LN_pbeWithMD5AndDES_CBC =   'pbeWithMD5AndDES-CBC';
-  NID_pbeWithMD5AndDES_CBC =     10;
-  SN_pbeWithMD2AndRC2_CBC =   'PBE-MD2-RC2-64';
-  LN_pbeWithMD2AndRC2_CBC =   'pbeWithMD2AndRC2-CBC';
-  NID_pbeWithMD2AndRC2_CBC =     168;
-  SN_pbeWithMD5AndRC2_CBC =   'PBE-MD5-RC2-64';
-  LN_pbeWithMD5AndRC2_CBC =   'pbeWithMD5AndRC2-CBC';
-  NID_pbeWithMD5AndRC2_CBC =     169;
-  SN_pbeWithSHA1AndDES_CBC =     'PBE-SHA1-DES';
-  LN_pbeWithSHA1AndDES_CBC =     'pbeWithSHA1AndDES-CBC';
-  NID_pbeWithSHA1AndDES_CBC =     170;
-  SN_pbeWithSHA1AndRC2_CBC =     'PBE-SHA1-RC2-64';
-  LN_pbeWithSHA1AndRC2_CBC =     'pbeWithSHA1AndRC2-CBC';
-  NID_pbeWithSHA1AndRC2_CBC =     68;
-  LN_id_pbkdf2 =    'PBKDF2';
-  NID_id_pbkdf2 =    69;
-  LN_pbes2 =     'PBES2';
-  NID_pbes2 =     161;
-  LN_pbmac1 =     'PBMAC1';
-  NID_pbmac1 =    162;
-  SN_pkcs7 =     'pkcs7';
-  NID_pkcs7 =     20;
-  LN_pkcs7_data =    'pkcs7-data';
-  NID_pkcs7_data =   21;
-  LN_pkcs7_signed =   'pkcs7-signedData';
-  NID_pkcs7_signed =     22;
-  LN_pkcs7_enveloped =    'pkcs7-envelopedData';
-  NID_pkcs7_enveloped =    23;
-  LN_pkcs7_signedAndEnveloped =    'pkcs7-signedAndEnvelopedData';
-  NID_pkcs7_signedAndEnveloped =    24;
-  LN_pkcs7_digest =   'pkcs7-digestData';
-  NID_pkcs7_digest =     25;
-  LN_pkcs7_encrypted =    'pkcs7-encryptedData';
-  NID_pkcs7_encrypted =    26;
-  SN_pkcs9 =     'pkcs9';
-  NID_pkcs9 =     47;
-  LN_pkcs9_emailAddress =    'emailAddress';
-  NID_pkcs9_emailAddress =   48;
-  LN_pkcs9_unstructuredName =     'unstructuredName';
-  NID_pkcs9_unstructuredName =    49;
-  LN_pkcs9_contentType =    'contentType';
-  NID_pkcs9_contentType =    50;
-  LN_pkcs9_messageDigest =   'messageDigest';
-  NID_pkcs9_messageDigest =   51;
-  LN_pkcs9_signingTime =    'signingTime';
-  NID_pkcs9_signingTime =    52;
-  LN_pkcs9_countersignature =     'countersignature';
-  NID_pkcs9_countersignature =    53;
-  LN_pkcs9_challengePassword =    'challengePassword';
-  NID_pkcs9_challengePassword =    54;
-  LN_pkcs9_unstructuredAddress =    'unstructuredAddress';
-  NID_pkcs9_unstructuredAddress =    55;
-  LN_pkcs9_extCertAttributes =    'extendedCertificateAttributes';
-  NID_pkcs9_extCertAttributes =    56;
-  SN_ext_req =    'extReq';
-  LN_ext_req =    'Extension Request';
-  NID_ext_req =    172;
-  SN_SMIMECapabilities =    'SMIME-CAPS';
-  LN_SMIMECapabilities =    'S/MIME Capabilities';
-  NID_SMIMECapabilities =    167;
-  SN_SMIME =     'SMIME';
-  LN_SMIME =     'S/MIME';
-  NID_SMIME =     188;
-  SN_id_smime_mod =   'id-smime-mod';
-  NID_id_smime_mod =     189;
-  SN_id_smime_ct =   'id-smime-ct';
-  NID_id_smime_ct =   190;
-  SN_id_smime_aa =   'id-smime-aa';
-  NID_id_smime_aa =   191;
-  SN_id_smime_alg =   'id-smime-alg';
-  NID_id_smime_alg =     192;
-  SN_id_smime_cd =   'id-smime-cd';
-  NID_id_smime_cd =   193;
-  SN_id_smime_spq =   'id-smime-spq';
-  NID_id_smime_spq =     194;
-  SN_id_smime_cti =   'id-smime-cti';
-  NID_id_smime_cti =     195;
-  SN_id_smime_mod_cms =    'id-smime-mod-cms';
-  NID_id_smime_mod_cms =    196;
-  SN_id_smime_mod_ess =    'id-smime-mod-ess';
-  NID_id_smime_mod_ess =    197;
-  SN_id_smime_mod_oid =    'id-smime-mod-oid';
-  NID_id_smime_mod_oid =    198;
-  SN_id_smime_mod_msg_v3 =   'id-smime-mod-msg-v3';
-  NID_id_smime_mod_msg_v3 =   199;
-  SN_id_smime_mod_ets_eSignature_88 =     'id-smime-mod-ets-eSignature-88';
-  NID_id_smime_mod_ets_eSignature_88 =    200;
-  SN_id_smime_mod_ets_eSignature_97 =     'id-smime-mod-ets-eSignature-97';
-  NID_id_smime_mod_ets_eSignature_97 =    201;
-  SN_id_smime_mod_ets_eSigPolicy_88 =     'id-smime-mod-ets-eSigPolicy-88';
-  NID_id_smime_mod_ets_eSigPolicy_88 =    202;
-  SN_id_smime_mod_ets_eSigPolicy_97 =     'id-smime-mod-ets-eSigPolicy-97';
-  NID_id_smime_mod_ets_eSigPolicy_97 =    203;
-  SN_id_smime_ct_receipt =   'id-smime-ct-receipt';
-  NID_id_smime_ct_receipt =   204;
-  SN_id_smime_ct_authData =   'id-smime-ct-authData';
-  NID_id_smime_ct_authData =     205;
-  SN_id_smime_ct_publishCert =    'id-smime-ct-publishCert';
-  NID_id_smime_ct_publishCert =    206;
-  SN_id_smime_ct_TSTInfo =   'id-smime-ct-TSTInfo';
-  NID_id_smime_ct_TSTInfo =   207;
-  SN_id_smime_ct_TDTInfo =   'id-smime-ct-TDTInfo';
-  NID_id_smime_ct_TDTInfo =   208;
-  SN_id_smime_ct_contentInfo =    'id-smime-ct-contentInfo';
-  NID_id_smime_ct_contentInfo =    209;
-  SN_id_smime_ct_DVCSRequestData =   'id-smime-ct-DVCSRequestData';
-  NID_id_smime_ct_DVCSRequestData =   210;
-  SN_id_smime_ct_DVCSResponseData =   'id-smime-ct-DVCSResponseData';
-  NID_id_smime_ct_DVCSResponseData =     211;
-  SN_id_smime_ct_compressedData =    'id-smime-ct-compressedData';
-  NID_id_smime_ct_compressedData =   786;
-  SN_id_smime_ct_contentCollection =     'id-smime-ct-contentCollection';
-  NID_id_smime_ct_contentCollection =     1058;
-  SN_id_smime_ct_authEnvelopedData =     'id-smime-ct-authEnvelopedData';
-  NID_id_smime_ct_authEnvelopedData =     1059;
-  SN_id_ct_asciiTextWithCRLF =    'id-ct-asciiTextWithCRLF';
-  NID_id_ct_asciiTextWithCRLF =    787;
-  SN_id_ct_xml =    'id-ct-xml';
-  NID_id_ct_xml =    1060;
-  SN_id_smime_aa_receiptRequest =    'id-smime-aa-receiptRequest';
-  NID_id_smime_aa_receiptRequest =   212;
-  SN_id_smime_aa_securityLabel =    'id-smime-aa-securityLabel';
-  NID_id_smime_aa_securityLabel =    213;
-  SN_id_smime_aa_mlExpandHistory =   'id-smime-aa-mlExpandHistory';
-  NID_id_smime_aa_mlExpandHistory =   214;
-  SN_id_smime_aa_contentHint =    'id-smime-aa-contentHint';
-  NID_id_smime_aa_contentHint =    215;
-  SN_id_smime_aa_msgSigDigest =    'id-smime-aa-msgSigDigest';
-  NID_id_smime_aa_msgSigDigest =    216;
-  SN_id_smime_aa_encapContentType =   'id-smime-aa-encapContentType';
-  NID_id_smime_aa_encapContentType =     217;
-  SN_id_smime_aa_contentIdentifier =     'id-smime-aa-contentIdentifier';
-  NID_id_smime_aa_contentIdentifier =     218;
-  SN_id_smime_aa_macValue =   'id-smime-aa-macValue';
-  NID_id_smime_aa_macValue =     219;
-  SN_id_smime_aa_equivalentLabels =   'id-smime-aa-equivalentLabels';
-  NID_id_smime_aa_equivalentLabels =     220;
-  SN_id_smime_aa_contentReference =   'id-smime-aa-contentReference';
-  NID_id_smime_aa_contentReference =     221;
-  SN_id_smime_aa_encrypKeyPref =    'id-smime-aa-encrypKeyPref';
-  NID_id_smime_aa_encrypKeyPref =    222;
-  SN_id_smime_aa_signingCertificate =     'id-smime-aa-signingCertificate';
-  NID_id_smime_aa_signingCertificate =    223;
-  SN_id_smime_aa_smimeEncryptCerts =     'id-smime-aa-smimeEncryptCerts';
-  NID_id_smime_aa_smimeEncryptCerts =     224;
-  SN_id_smime_aa_timeStampToken =    'id-smime-aa-timeStampToken';
-  NID_id_smime_aa_timeStampToken =   225;
-  SN_id_smime_aa_ets_sigPolicyId =   'id-smime-aa-ets-sigPolicyId';
-  NID_id_smime_aa_ets_sigPolicyId =   226;
-  SN_id_smime_aa_ets_commitmentType =     'id-smime-aa-ets-commitmentType';
-  NID_id_smime_aa_ets_commitmentType =    227;
-  SN_id_smime_aa_ets_signerLocation =     'id-smime-aa-ets-signerLocation';
-  NID_id_smime_aa_ets_signerLocation =    228;
-  SN_id_smime_aa_ets_signerAttr =    'id-smime-aa-ets-signerAttr';
-  NID_id_smime_aa_ets_signerAttr =   229;
-  SN_id_smime_aa_ets_otherSigCert =   'id-smime-aa-ets-otherSigCert';
-  NID_id_smime_aa_ets_otherSigCert =     230;
-  SN_id_smime_aa_ets_contentTimestamp =    'id-smime-aa-ets-contentTimestamp';
-  NID_id_smime_aa_ets_contentTimestamp =    231;
-  SN_id_smime_aa_ets_CertificateRefs =    'id-smime-aa-ets-CertificateRefs';
-  NID_id_smime_aa_ets_CertificateRefs =    232;
-  SN_id_smime_aa_ets_RevocationRefs =     'id-smime-aa-ets-RevocationRefs';
-  NID_id_smime_aa_ets_RevocationRefs =    233;
-  SN_id_smime_aa_ets_certValues =    'id-smime-aa-ets-certValues';
-  NID_id_smime_aa_ets_certValues =   234;
-  SN_id_smime_aa_ets_revocationValues =    'id-smime-aa-ets-revocationValues';
-  NID_id_smime_aa_ets_revocationValues =    235;
-  SN_id_smime_aa_ets_escTimeStamp =   'id-smime-aa-ets-escTimeStamp';
-  NID_id_smime_aa_ets_escTimeStamp =     236;
-  SN_id_smime_aa_ets_certCRLTimestamp =    'id-smime-aa-ets-certCRLTimestamp';
-  NID_id_smime_aa_ets_certCRLTimestamp =    237;
-  SN_id_smime_aa_ets_archiveTimeStamp =    'id-smime-aa-ets-archiveTimeStamp';
-  NID_id_smime_aa_ets_archiveTimeStamp =    238;
-  SN_id_smime_aa_signatureType =    'id-smime-aa-signatureType';
-  NID_id_smime_aa_signatureType =    239;
-  SN_id_smime_aa_dvcs_dvc =   'id-smime-aa-dvcs-dvc';
-  NID_id_smime_aa_dvcs_dvc =     240;
-  SN_id_smime_aa_signingCertificateV2 =    'id-smime-aa-signingCertificateV2';
-  NID_id_smime_aa_signingCertificateV2 =    1086;
-  SN_id_smime_alg_ESDHwith3DES =    'id-smime-alg-ESDHwith3DES';
-  NID_id_smime_alg_ESDHwith3DES =    241;
-  SN_id_smime_alg_ESDHwithRC2 =    'id-smime-alg-ESDHwithRC2';
-  NID_id_smime_alg_ESDHwithRC2 =    242;
-  SN_id_smime_alg_3DESwrap =     'id-smime-alg-3DESwrap';
-  NID_id_smime_alg_3DESwrap =     243;
-  SN_id_smime_alg_RC2wrap =   'id-smime-alg-RC2wrap';
-  NID_id_smime_alg_RC2wrap =     244;
-  SN_id_smime_alg_ESDH =    'id-smime-alg-ESDH';
-  NID_id_smime_alg_ESDH =    245;
-  SN_id_smime_alg_CMS3DESwrap =    'id-smime-alg-CMS3DESwrap';
-  NID_id_smime_alg_CMS3DESwrap =    246;
-  SN_id_smime_alg_CMSRC2wrap =    'id-smime-alg-CMSRC2wrap';
-  NID_id_smime_alg_CMSRC2wrap =    247;
-  SN_id_alg_PWRI_KEK =    'id-alg-PWRI-KEK';
-  NID_id_alg_PWRI_KEK =    893;
-  SN_id_smime_cd_ldap =    'id-smime-cd-ldap';
-  NID_id_smime_cd_ldap =    248;
-  SN_id_smime_spq_ets_sqt_uri =    'id-smime-spq-ets-sqt-uri';
-  NID_id_smime_spq_ets_sqt_uri =    249;
-  SN_id_smime_spq_ets_sqt_unotice =   'id-smime-spq-ets-sqt-unotice';
-  NID_id_smime_spq_ets_sqt_unotice =     250;
-  SN_id_smime_cti_ets_proofOfOrigin =     'id-smime-cti-ets-proofOfOrigin';
-  NID_id_smime_cti_ets_proofOfOrigin =    251;
-  SN_id_smime_cti_ets_proofOfReceipt =    'id-smime-cti-ets-proofOfReceipt';
-  NID_id_smime_cti_ets_proofOfReceipt =    252;
-  SN_id_smime_cti_ets_proofOfDelivery =    'id-smime-cti-ets-proofOfDelivery';
-  NID_id_smime_cti_ets_proofOfDelivery =    253;
-  SN_id_smime_cti_ets_proofOfSender =     'id-smime-cti-ets-proofOfSender';
-  NID_id_smime_cti_ets_proofOfSender =    254;
-  SN_id_smime_cti_ets_proofOfApproval =    'id-smime-cti-ets-proofOfApproval';
-  NID_id_smime_cti_ets_proofOfApproval =    255;
-  SN_id_smime_cti_ets_proofOfCreation =    'id-smime-cti-ets-proofOfCreation';
-  NID_id_smime_cti_ets_proofOfCreation =    256;
-  LN_friendlyName =   'friendlyName';
-  NID_friendlyName =     156;
-  LN_localKeyID =    'localKeyID';
-  NID_localKeyID =   157;
-  SN_ms_csp_name =   'CSPName';
-  LN_ms_csp_name =   'Microsoft CSP Name';
-  NID_ms_csp_name =   417;
-  SN_LocalKeySet =   'LocalKeySet';
-  LN_LocalKeySet =   'Microsoft Local Key set';
-  NID_LocalKeySet =   856;
-  LN_x509Certificate =    'x509Certificate';
-  NID_x509Certificate =    158;
-  LN_sdsiCertificate =    'sdsiCertificate';
-  NID_sdsiCertificate =    159;
-  LN_x509Crl =    'x509Crl';
-  NID_x509Crl =    160;
-  SN_pbe_WithSHA1And128BitRC4 =    'PBE-SHA1-RC4-128';
-  LN_pbe_WithSHA1And128BitRC4 =    'pbeWithSHA1And128BitRC4';
-  NID_pbe_WithSHA1And128BitRC4 =    144;
-  SN_pbe_WithSHA1And40BitRC4 =    'PBE-SHA1-RC4-40';
-  LN_pbe_WithSHA1And40BitRC4 =    'pbeWithSHA1And40BitRC4';
-  NID_pbe_WithSHA1And40BitRC4 =    145;
-  SN_pbe_WithSHA1And3_Key_TripleDES_CBC =    'PBE-SHA1-3DES';
-  LN_pbe_WithSHA1And3_Key_TripleDES_CBC =    'pbeWithSHA1And3-KeyTripleDES-CBC';
-  NID_pbe_WithSHA1And3_Key_TripleDES_CBC =   146;
-  SN_pbe_WithSHA1And2_Key_TripleDES_CBC =    'PBE-SHA1-2DES';
-  LN_pbe_WithSHA1And2_Key_TripleDES_CBC =    'pbeWithSHA1And2-KeyTripleDES-CBC';
-  NID_pbe_WithSHA1And2_Key_TripleDES_CBC =   147;
-  SN_pbe_WithSHA1And128BitRC2_CBC =   'PBE-SHA1-RC2-128';
-  LN_pbe_WithSHA1And128BitRC2_CBC =   'pbeWithSHA1And128BitRC2-CBC';
-  NID_pbe_WithSHA1And128BitRC2_CBC =     148;
-  SN_pbe_WithSHA1And40BitRC2_CBC =   'PBE-SHA1-RC2-40';
-  LN_pbe_WithSHA1And40BitRC2_CBC =   'pbeWithSHA1And40BitRC2-CBC';
-  NID_pbe_WithSHA1And40BitRC2_CBC =   149;
-  LN_keyBag =     'keyBag';
-  NID_keyBag =    150;
-  LN_pkcs8ShroudedKeyBag =   'pkcs8ShroudedKeyBag';
-  NID_pkcs8ShroudedKeyBag =   151;
-  LN_certBag =    'certBag';
-  NID_certBag =    152;
-  LN_crlBag =     'crlBag';
-  NID_crlBag =    153;
-  LN_secretBag =    'secretBag';
-  NID_secretBag =    154;
-  LN_safeContentsBag =    'safeContentsBag';
-  NID_safeContentsBag =    155;
-  SN_md2 =   'MD2';
-  LN_md2 =   'md2';
-  NID_md2 =   3;
-  SN_md4 =   'MD4';
-  LN_md4 =   'md4';
-  NID_md4 =   257;
-  SN_md5 =   'MD5';
-  LN_md5 =   'md5';
-  NID_md5 =   4;
-  SN_md5_sha1 =    'MD5-SHA1';
-  LN_md5_sha1 =    'md5-sha1';
-  NID_md5_sha1 =    114;
-  LN_hmacWithMD5 =   'hmacWithMD5';
-  NID_hmacWithMD5 =   797;
-  LN_hmacWithSHA1 =   'hmacWithSHA1';
-  NID_hmacWithSHA1 =     163;
-  SN_sm2 =   'SM2';
-  LN_sm2 =   'sm2';
-  NID_sm2 =   1172;
-  SN_sm3 =   'SM3';
-  LN_sm3 =   'sm3';
-  NID_sm3 =   1143;
-  SN_sm3WithRSAEncryption =   'RSA-SM3';
-  LN_sm3WithRSAEncryption =   'sm3WithRSAEncryption';
-  NID_sm3WithRSAEncryption =     1144;
-  LN_hmacWithSHA224 =     'hmacWithSHA224';
-  NID_hmacWithSHA224 =    798;
-  LN_hmacWithSHA256 =     'hmacWithSHA256';
-  NID_hmacWithSHA256 =    799;
-  LN_hmacWithSHA384 =     'hmacWithSHA384';
-  NID_hmacWithSHA384 =    800;
-  LN_hmacWithSHA512 =     'hmacWithSHA512';
-  NID_hmacWithSHA512 =    801;
-  LN_hmacWithSHA512_224 =    'hmacWithSHA512-224';
-  NID_hmacWithSHA512_224 =   1193;
-  LN_hmacWithSHA512_256 =    'hmacWithSHA512-256';
-  NID_hmacWithSHA512_256 =   1194;
-  SN_rc2_cbc =    'RC2-CBC';
-  LN_rc2_cbc =    'rc2-cbc';
-  NID_rc2_cbc =    37;
-  SN_rc2_ecb =    'RC2-ECB';
-  LN_rc2_ecb =    'rc2-ecb';
-  NID_rc2_ecb =    38;
-  SN_rc2_cfb64 =    'RC2-CFB';
-  LN_rc2_cfb64 =    'rc2-cfb';
-  NID_rc2_cfb64 =    39;
-  SN_rc2_ofb64 =    'RC2-OFB';
-  LN_rc2_ofb64 =    'rc2-ofb';
-  NID_rc2_ofb64 =    40;
-  SN_rc2_40_cbc =    'RC2-40-CBC';
-  LN_rc2_40_cbc =    'rc2-40-cbc';
-  NID_rc2_40_cbc =   98;
-  SN_rc2_64_cbc =    'RC2-64-CBC';
-  LN_rc2_64_cbc =    'rc2-64-cbc';
-  NID_rc2_64_cbc =   166;
-  SN_rc4 =   'RC4';
-  LN_rc4 =   'rc4';
-  NID_rc4 =   5;
-  SN_rc4_40 =     'RC4-40';
-  LN_rc4_40 =     'rc4-40';
-  NID_rc4_40 =    97;
-  SN_des_ede3_cbc =   'DES-EDE3-CBC';
-  LN_des_ede3_cbc =   'des-ede3-cbc';
-  NID_des_ede3_cbc =     44;
-  SN_rc5_cbc =    'RC5-CBC';
-  LN_rc5_cbc =    'rc5-cbc';
-  NID_rc5_cbc =    120;
-  SN_rc5_ecb =    'RC5-ECB';
-  LN_rc5_ecb =    'rc5-ecb';
-  NID_rc5_ecb =    121;
-  SN_rc5_cfb64 =    'RC5-CFB';
-  LN_rc5_cfb64 =    'rc5-cfb';
-  NID_rc5_cfb64 =    122;
-  SN_rc5_ofb64 =    'RC5-OFB';
-  LN_rc5_ofb64 =    'rc5-ofb';
-  NID_rc5_ofb64 =    123;
-  SN_ms_ext_req =    'msExtReq';
-  LN_ms_ext_req =    'Microsoft Extension Request';
-  NID_ms_ext_req =   171;
-  SN_ms_code_ind =   'msCodeInd';
-  LN_ms_code_ind =   'Microsoft Individual Code Signing';
-  NID_ms_code_ind =   134;
-  SN_ms_code_com =   'msCodeCom';
-  LN_ms_code_com =   'Microsoft Commercial Code Signing';
-  NID_ms_code_com =   135;
-  SN_ms_ctl_sign =   'msCTLSign';
-  LN_ms_ctl_sign =   'Microsoft Trust List Signing';
-  NID_ms_ctl_sign =   136;
-  SN_ms_sgc =     'msSGC';
-  LN_ms_sgc =     'Microsoft Server Gated Crypto';
-  NID_ms_sgc =    137;
-  SN_ms_efs =     'msEFS';
-  LN_ms_efs =     'Microsoft Encrypted File System';
-  NID_ms_efs =    138;
-  SN_ms_smartcard_login =    'msSmartcardLogin';
-  LN_ms_smartcard_login =    'Microsoft Smartcard Login';
-  NID_ms_smartcard_login =   648;
-  SN_ms_upn =     'msUPN';
-  LN_ms_upn =     'Microsoft User Principal Name';
-  NID_ms_upn =    649;
-  SN_idea_cbc =    'IDEA-CBC';
-  LN_idea_cbc =    'idea-cbc';
-  NID_idea_cbc =    34;
-  SN_idea_ecb =    'IDEA-ECB';
-  LN_idea_ecb =    'idea-ecb';
-  NID_idea_ecb =    36;
-  SN_idea_cfb64 =    'IDEA-CFB';
-  LN_idea_cfb64 =    'idea-cfb';
-  NID_idea_cfb64 =   35;
-  SN_idea_ofb64 =    'IDEA-OFB';
-  LN_idea_ofb64 =    'idea-ofb';
-  NID_idea_ofb64 =   46;
-  SN_bf_cbc =     'BF-CBC';
-  LN_bf_cbc =     'bf-cbc';
-  NID_bf_cbc =    91;
-  SN_bf_ecb =     'BF-ECB';
-  LN_bf_ecb =     'bf-ecb';
-  NID_bf_ecb =    92;
-  SN_bf_cfb64 =    'BF-CFB';
-  LN_bf_cfb64 =    'bf-cfb';
-  NID_bf_cfb64 =    93;
-  SN_bf_ofb64 =    'BF-OFB';
-  LN_bf_ofb64 =    'bf-ofb';
-  NID_bf_ofb64 =    94;
-  SN_id_pkix =    'PKIX';
-  NID_id_pkix =    127;
-  SN_id_pkix_mod =   'id-pkix-mod';
-  NID_id_pkix_mod =   258;
-  SN_id_pe =     'id-pe';
-  NID_id_pe =     175;
-  SN_id_qt =     'id-qt';
-  NID_id_qt =     259;
-  SN_id_kp =     'id-kp';
-  NID_id_kp =     128;
-  SN_id_it =     'id-it';
-  NID_id_it =     260;
-  SN_id_pkip =    'id-pkip';
-  NID_id_pkip =    261;
-  SN_id_alg =     'id-alg';
-  NID_id_alg =    262;
-  SN_id_cmc =     'id-cmc';
-  NID_id_cmc =    263;
-  SN_id_on =     'id-on';
-  NID_id_on =     264;
-  SN_id_pda =     'id-pda';
-  NID_id_pda =    265;
-  SN_id_aca =     'id-aca';
-  NID_id_aca =    266;
-  SN_id_qcs =     'id-qcs';
-  NID_id_qcs =    267;
-  SN_id_cct =     'id-cct';
-  NID_id_cct =    268;
-  SN_id_ppl =     'id-ppl';
-  NID_id_ppl =    662;
-  SN_id_ad =     'id-ad';
-  NID_id_ad =     176;
-  SN_id_pkix1_explicit_88 =   'id-pkix1-explicit-88';
-  NID_id_pkix1_explicit_88 =     269;
-  SN_id_pkix1_implicit_88 =   'id-pkix1-implicit-88';
-  NID_id_pkix1_implicit_88 =     270;
-  SN_id_pkix1_explicit_93 =   'id-pkix1-explicit-93';
-  NID_id_pkix1_explicit_93 =     271;
-  SN_id_pkix1_implicit_93 =   'id-pkix1-implicit-93';
-  NID_id_pkix1_implicit_93 =     272;
-  SN_id_mod_crmf =   'id-mod-crmf';
-  NID_id_mod_crmf =   273;
-  SN_id_mod_cmc =    'id-mod-cmc';
-  NID_id_mod_cmc =   274;
-  SN_id_mod_kea_profile_88 =     'id-mod-kea-profile-88';
-  NID_id_mod_kea_profile_88 =     275;
-  SN_id_mod_kea_profile_93 =     'id-mod-kea-profile-93';
-  NID_id_mod_kea_profile_93 =     276;
-  SN_id_mod_cmp =    'id-mod-cmp';
-  NID_id_mod_cmp =   277;
-  SN_id_mod_qualified_cert_88 =    'id-mod-qualified-cert-88';
-  NID_id_mod_qualified_cert_88 =    278;
-  SN_id_mod_qualified_cert_93 =    'id-mod-qualified-cert-93';
-  NID_id_mod_qualified_cert_93 =    279;
-  SN_id_mod_attribute_cert =     'id-mod-attribute-cert';
-  NID_id_mod_attribute_cert =     280;
-  SN_id_mod_timestamp_protocol =    'id-mod-timestamp-protocol';
-  NID_id_mod_timestamp_protocol =    281;
-  SN_id_mod_ocsp =   'id-mod-ocsp';
-  NID_id_mod_ocsp =   282;
-  SN_id_mod_dvcs =   'id-mod-dvcs';
-  NID_id_mod_dvcs =   283;
-  SN_id_mod_cmp2000 =     'id-mod-cmp2000';
-  NID_id_mod_cmp2000 =    284;
-  SN_info_access =   'authorityInfoAccess';
-  LN_info_access =   'Authority Information Access';
-  NID_info_access =   177;
-  SN_biometricInfo =     'biometricInfo';
-  LN_biometricInfo =     'Biometric Info';
-  NID_biometricInfo =     285;
-  SN_qcStatements =   'qcStatements';
-  NID_qcStatements =     286;
-  SN_ac_auditEntity =     'ac-auditEntity';
-  NID_ac_auditEntity =    287;
-  SN_ac_targeting =   'ac-targeting';
-  NID_ac_targeting =     288;
-  SN_aaControls =    'aaControls';
-  NID_aaControls =   289;
-  SN_sbgp_ipAddrBlock =    'sbgp-ipAddrBlock';
-  NID_sbgp_ipAddrBlock =    290;
-  SN_sbgp_autonomousSysNum =     'sbgp-autonomousSysNum';
-  NID_sbgp_autonomousSysNum =     291;
-  SN_sbgp_routerIdentifier =     'sbgp-routerIdentifier';
-  NID_sbgp_routerIdentifier =     292;
-  SN_ac_proxying =   'ac-proxying';
-  NID_ac_proxying =   397;
-  SN_sinfo_access =   'subjectInfoAccess';
-  LN_sinfo_access =   'Subject Information Access';
-  NID_sinfo_access =     398;
-  SN_proxyCertInfo =     'proxyCertInfo';
-  LN_proxyCertInfo =     'Proxy Certificate Information';
-  NID_proxyCertInfo =     663;
-  SN_tlsfeature =    'tlsfeature';
-  LN_tlsfeature =    'TLS Feature';
-  NID_tlsfeature =   1020;
-  SN_id_qt_cps =    'id-qt-cps';
-  LN_id_qt_cps =    'Policy Qualifier CPS';
-  NID_id_qt_cps =    164;
-  SN_id_qt_unotice =     'id-qt-unotice';
-  LN_id_qt_unotice =     'Policy Qualifier User Notice';
-  NID_id_qt_unotice =     165;
-  SN_textNotice =    'textNotice';
-  NID_textNotice =   293;
-  SN_server_auth =   'serverAuth';
-  LN_server_auth =   'TLS Web Server Authentication';
-  NID_server_auth =   129;
-  SN_client_auth =   'clientAuth';
-  LN_client_auth =   'TLS Web Client Authentication';
-  NID_client_auth =   130;
-  SN_code_sign =    'codeSigning';
-  LN_code_sign =    'Code Signing';
-  NID_code_sign =    131;
-  SN_email_protect =     'emailProtection';
-  LN_email_protect =     'E-mail Protection';
-  NID_email_protect =     132;
-  SN_ipsecEndSystem =     'ipsecEndSystem';
-  LN_ipsecEndSystem =     'IPSec End System';
-  NID_ipsecEndSystem =    294;
-  SN_ipsecTunnel =   'ipsecTunnel';
-  LN_ipsecTunnel =   'IPSec Tunnel';
-  NID_ipsecTunnel =   295;
-  SN_ipsecUser =    'ipsecUser';
-  LN_ipsecUser =    'IPSec User';
-  NID_ipsecUser =    296;
-  SN_time_stamp =    'timeStamping';
-  LN_time_stamp =    'Time Stamping';
-  NID_time_stamp =   133;
-  SN_OCSP_sign =    'OCSPSigning';
-  LN_OCSP_sign =    'OCSP Signing';
-  NID_OCSP_sign =    180;
-  SN_dvcs =   'DVCS';
-  LN_dvcs =   'dvcs';
-  NID_dvcs =     297;
-  SN_ipsec_IKE =    'ipsecIKE';
-  LN_ipsec_IKE =    'ipsec Internet Key Exchange';
-  NID_ipsec_IKE =    1022;
-  SN_capwapAC =    'capwapAC';
-  LN_capwapAC =    'Ctrl/provision WAP Access';
-  NID_capwapAC =    1023;
-  SN_capwapWTP =    'capwapWTP';
-  LN_capwapWTP =    'Ctrl/Provision WAP Termination';
-  NID_capwapWTP =    1024;
-  SN_sshClient =    'secureShellClient';
-  LN_sshClient =    'SSH Client';
-  NID_sshClient =    1025;
-  SN_sshServer =    'secureShellServer';
-  LN_sshServer =    'SSH Server';
-  NID_sshServer =    1026;
-  SN_sendRouter =    'sendRouter';
-  LN_sendRouter =    'Send Router';
-  NID_sendRouter =   1027;
-  SN_sendProxiedRouter =    'sendProxiedRouter';
-  LN_sendProxiedRouter =    'Send Proxied Router';
-  NID_sendProxiedRouter =    1028;
-  SN_sendOwner =    'sendOwner';
-  LN_sendOwner =    'Send Owner';
-  NID_sendOwner =    1029;
-  SN_sendProxiedOwner =    'sendProxiedOwner';
-  LN_sendProxiedOwner =    'Send Proxied Owner';
-  NID_sendProxiedOwner =    1030;
-  SN_cmcCA =     'cmcCA';
-  LN_cmcCA =     'CMC Certificate Authority';
-  NID_cmcCA =     1131;
-  SN_cmcRA =     'cmcRA';
-  LN_cmcRA =     'CMC Registration Authority';
-  NID_cmcRA =     1132;
-  SN_id_it_caProtEncCert =   'id-it-caProtEncCert';
-  NID_id_it_caProtEncCert =   298;
-  SN_id_it_signKeyPairTypes =     'id-it-signKeyPairTypes';
-  NID_id_it_signKeyPairTypes =    299;
-  SN_id_it_encKeyPairTypes =     'id-it-encKeyPairTypes';
-  NID_id_it_encKeyPairTypes =     300;
-  SN_id_it_preferredSymmAlg =     'id-it-preferredSymmAlg';
-  NID_id_it_preferredSymmAlg =    301;
-  SN_id_it_caKeyUpdateInfo =     'id-it-caKeyUpdateInfo';
-  NID_id_it_caKeyUpdateInfo =     302;
-  SN_id_it_currentCRL =    'id-it-currentCRL';
-  NID_id_it_currentCRL =    303;
-  SN_id_it_unsupportedOIDs =     'id-it-unsupportedOIDs';
-  NID_id_it_unsupportedOIDs =     304;
-  SN_id_it_subscriptionRequest =    'id-it-subscriptionRequest';
-  NID_id_it_subscriptionRequest =    305;
-  SN_id_it_subscriptionResponse =    'id-it-subscriptionResponse';
-  NID_id_it_subscriptionResponse =   306;
-  SN_id_it_keyPairParamReq =     'id-it-keyPairParamReq';
-  NID_id_it_keyPairParamReq =     307;
-  SN_id_it_keyPairParamRep =     'id-it-keyPairParamRep';
-  NID_id_it_keyPairParamRep =     308;
-  SN_id_it_revPassphrase =   'id-it-revPassphrase';
-  NID_id_it_revPassphrase =   309;
-  SN_id_it_implicitConfirm =     'id-it-implicitConfirm';
-  NID_id_it_implicitConfirm =     310;
-  SN_id_it_confirmWaitTime =     'id-it-confirmWaitTime';
-  NID_id_it_confirmWaitTime =     311;
-  SN_id_it_origPKIMessage =   'id-it-origPKIMessage';
-  NID_id_it_origPKIMessage =     312;
-  SN_id_it_suppLangTags =    'id-it-suppLangTags';
-  NID_id_it_suppLangTags =   784;
-  SN_id_regCtrl =    'id-regCtrl';
-  NID_id_regCtrl =   313;
-  SN_id_regInfo =    'id-regInfo';
-  NID_id_regInfo =   314;
-  SN_id_regCtrl_regToken =   'id-regCtrl-regToken';
-  NID_id_regCtrl_regToken =   315;
-  SN_id_regCtrl_authenticator =    'id-regCtrl-authenticator';
-  NID_id_regCtrl_authenticator =    316;
-  SN_id_regCtrl_pkiPublicationInfo =     'id-regCtrl-pkiPublicationInfo';
-  NID_id_regCtrl_pkiPublicationInfo =     317;
-  SN_id_regCtrl_pkiArchiveOptions =   'id-regCtrl-pkiArchiveOptions';
-  NID_id_regCtrl_pkiArchiveOptions =     318;
-  SN_id_regCtrl_oldCertID =   'id-regCtrl-oldCertID';
-  NID_id_regCtrl_oldCertID =     319;
-  SN_id_regCtrl_protocolEncrKey =    'id-regCtrl-protocolEncrKey';
-  NID_id_regCtrl_protocolEncrKey =   320;
-  SN_id_regInfo_utf8Pairs =   'id-regInfo-utf8Pairs';
-  NID_id_regInfo_utf8Pairs =     321;
-  SN_id_regInfo_certReq =    'id-regInfo-certReq';
-  NID_id_regInfo_certReq =   322;
-  SN_id_alg_des40 =   'id-alg-des40';
-  NID_id_alg_des40 =     323;
-  SN_id_alg_noSignature =    'id-alg-noSignature';
-  NID_id_alg_noSignature =   324;
-  SN_id_alg_dh_sig_hmac_sha1 =    'id-alg-dh-sig-hmac-sha1';
-  NID_id_alg_dh_sig_hmac_sha1 =    325;
-  SN_id_alg_dh_pop =     'id-alg-dh-pop';
-  NID_id_alg_dh_pop =     326;
-  SN_id_cmc_statusInfo =    'id-cmc-statusInfo';
-  NID_id_cmc_statusInfo =    327;
-  SN_id_cmc_identification =     'id-cmc-identification';
-  NID_id_cmc_identification =     328;
-  SN_id_cmc_identityProof =   'id-cmc-identityProof';
-  NID_id_cmc_identityProof =     329;
-  SN_id_cmc_dataReturn =    'id-cmc-dataReturn';
-  NID_id_cmc_dataReturn =    330;
-  SN_id_cmc_transactionId =   'id-cmc-transactionId';
-  NID_id_cmc_transactionId =     331;
-  SN_id_cmc_senderNonce =    'id-cmc-senderNonce';
-  NID_id_cmc_senderNonce =   332;
-  SN_id_cmc_recipientNonce =     'id-cmc-recipientNonce';
-  NID_id_cmc_recipientNonce =     333;
-  SN_id_cmc_addExtensions =   'id-cmc-addExtensions';
-  NID_id_cmc_addExtensions =     334;
-  SN_id_cmc_encryptedPOP =   'id-cmc-encryptedPOP';
-  NID_id_cmc_encryptedPOP =   335;
-  SN_id_cmc_decryptedPOP =   'id-cmc-decryptedPOP';
-  NID_id_cmc_decryptedPOP =   336;
-  SN_id_cmc_lraPOPWitness =   'id-cmc-lraPOPWitness';
-  NID_id_cmc_lraPOPWitness =     337;
-  SN_id_cmc_getCert =     'id-cmc-getCert';
-  NID_id_cmc_getCert =    338;
-  SN_id_cmc_getCRL =     'id-cmc-getCRL';
-  NID_id_cmc_getCRL =     339;
-  SN_id_cmc_revokeRequest =   'id-cmc-revokeRequest';
-  NID_id_cmc_revokeRequest =     340;
-  SN_id_cmc_regInfo =     'id-cmc-regInfo';
-  NID_id_cmc_regInfo =    341;
-  SN_id_cmc_responseInfo =   'id-cmc-responseInfo';
-  NID_id_cmc_responseInfo =   342;
-  SN_id_cmc_queryPending =   'id-cmc-queryPending';
-  NID_id_cmc_queryPending =   343;
-  SN_id_cmc_popLinkRandom =   'id-cmc-popLinkRandom';
-  NID_id_cmc_popLinkRandom =     344;
-  SN_id_cmc_popLinkWitness =     'id-cmc-popLinkWitness';
-  NID_id_cmc_popLinkWitness =     345;
-  SN_id_cmc_confirmCertAcceptance =   'id-cmc-confirmCertAcceptance';
-  NID_id_cmc_confirmCertAcceptance =     346;
-  SN_id_on_personalData =    'id-on-personalData';
-  NID_id_on_personalData =   347;
-  SN_id_on_permanentIdentifier =    'id-on-permanentIdentifier';
-  LN_id_on_permanentIdentifier =    'Permanent Identifier';
-  NID_id_on_permanentIdentifier =    858;
-  SN_id_pda_dateOfBirth =    'id-pda-dateOfBirth';
-  NID_id_pda_dateOfBirth =   348;
-  SN_id_pda_placeOfBirth =   'id-pda-placeOfBirth';
-  NID_id_pda_placeOfBirth =   349;
-  SN_id_pda_gender =     'id-pda-gender';
-  NID_id_pda_gender =     351;
-  SN_id_pda_countryOfCitizenship =   'id-pda-countryOfCitizenship';
-  NID_id_pda_countryOfCitizenship =   352;
-  SN_id_pda_countryOfResidence =    'id-pda-countryOfResidence';
-  NID_id_pda_countryOfResidence =    353;
-  SN_id_aca_authenticationInfo =    'id-aca-authenticationInfo';
-  NID_id_aca_authenticationInfo =    354;
-  SN_id_aca_accessIdentity =     'id-aca-accessIdentity';
-  NID_id_aca_accessIdentity =     355;
-  SN_id_aca_chargingIdentity =    'id-aca-chargingIdentity';
-  NID_id_aca_chargingIdentity =    356;
-  SN_id_aca_group =   'id-aca-group';
-  NID_id_aca_group =     357;
-  SN_id_aca_role =   'id-aca-role';
-  NID_id_aca_role =   358;
-  SN_id_aca_encAttrs =    'id-aca-encAttrs';
-  NID_id_aca_encAttrs =    399;
-  SN_id_qcs_pkixQCSyntax_v1 =     'id-qcs-pkixQCSyntax-v1';
-  NID_id_qcs_pkixQCSyntax_v1 =    359;
-  SN_id_cct_crs =    'id-cct-crs';
-  NID_id_cct_crs =   360;
-  SN_id_cct_PKIData =     'id-cct-PKIData';
-  NID_id_cct_PKIData =    361;
-  SN_id_cct_PKIResponse =    'id-cct-PKIResponse';
-  NID_id_cct_PKIResponse =   362;
-  SN_id_ppl_anyLanguage =    'id-ppl-anyLanguage';
-  LN_id_ppl_anyLanguage =    'Any language';
-  NID_id_ppl_anyLanguage =   664;
-  SN_id_ppl_inheritAll =    'id-ppl-inheritAll';
-  LN_id_ppl_inheritAll =    'Inherit all';
-  NID_id_ppl_inheritAll =    665;
-  SN_Independent =   'id-ppl-independent';
-  LN_Independent =   'Independent';
-  NID_Independent =   667;
-  SN_ad_OCSP =    'OCSP';
-  LN_ad_OCSP =    'OCSP';
-  NID_ad_OCSP =    178;
-  SN_ad_ca_issuers =     'caIssuers';
-  LN_ad_ca_issuers =     'CA Issuers';
-  NID_ad_ca_issuers =     179;
-  SN_ad_timeStamping =    'ad_timestamping';
-  LN_ad_timeStamping =    'AD Time Stamping';
-  NID_ad_timeStamping =    363;
-  SN_ad_dvcs =    'AD_DVCS';
-  LN_ad_dvcs =    'ad dvcs';
-  NID_ad_dvcs =    364;
-  SN_caRepository =   'caRepository';
-  LN_caRepository =   'CA Repository';
-  NID_caRepository =     785;
-  SN_id_pkix_OCSP_basic =    'basicOCSPResponse';
-  LN_id_pkix_OCSP_basic =    'Basic OCSP Response';
-  NID_id_pkix_OCSP_basic =   365;
-  SN_id_pkix_OCSP_Nonce =    'Nonce';
-  LN_id_pkix_OCSP_Nonce =    'OCSP Nonce';
-  NID_id_pkix_OCSP_Nonce =   366;
-  SN_id_pkix_OCSP_CrlID =    'CrlID';
-  LN_id_pkix_OCSP_CrlID =    'OCSP CRL ID';
-  NID_id_pkix_OCSP_CrlID =   367;
-  SN_id_pkix_OCSP_acceptableResponses =    'acceptableResponses';
-  LN_id_pkix_OCSP_acceptableResponses =    'Acceptable OCSP Responses';
-  NID_id_pkix_OCSP_acceptableResponses =    368;
-  SN_id_pkix_OCSP_noCheck =   'noCheck';
-  LN_id_pkix_OCSP_noCheck =   'OCSP No Check';
-  NID_id_pkix_OCSP_noCheck =     369;
-  SN_id_pkix_OCSP_archiveCutoff =    'archiveCutoff';
-  LN_id_pkix_OCSP_archiveCutoff =    'OCSP Archive Cutoff';
-  NID_id_pkix_OCSP_archiveCutoff =   370;
-  SN_id_pkix_OCSP_serviceLocator =   'serviceLocator';
-  LN_id_pkix_OCSP_serviceLocator =   'OCSP Service Locator';
-  NID_id_pkix_OCSP_serviceLocator =   371;
-  SN_id_pkix_OCSP_extendedStatus =   'extendedStatus';
-  LN_id_pkix_OCSP_extendedStatus =   'Extended OCSP Status';
-  NID_id_pkix_OCSP_extendedStatus =   372;
-  SN_id_pkix_OCSP_valid =    'valid';
-  NID_id_pkix_OCSP_valid =   373;
-  SN_id_pkix_OCSP_path =    'path';
-  NID_id_pkix_OCSP_path =    374;
-  SN_id_pkix_OCSP_trustRoot =     'trustRoot';
-  LN_id_pkix_OCSP_trustRoot =     'Trust Root';
-  NID_id_pkix_OCSP_trustRoot =    375;
-  SN_algorithm =    'algorithm';
-  LN_algorithm =    'algorithm';
-  NID_algorithm =    376;
-  SN_md5WithRSA =    'RSA-NP-MD5';
-  LN_md5WithRSA =    'md5WithRSA';
-  NID_md5WithRSA =   104;
-  SN_des_ecb =    'DES-ECB';
-  LN_des_ecb =    'des-ecb';
-  NID_des_ecb =    29;
-  SN_des_cbc =    'DES-CBC';
-  LN_des_cbc =    'des-cbc';
-  NID_des_cbc =    31;
-  SN_des_ofb64 =    'DES-OFB';
-  LN_des_ofb64 =    'des-ofb';
-  NID_des_ofb64 =    45;
-  SN_des_cfb64 =    'DES-CFB';
-  LN_des_cfb64 =    'des-cfb';
-  NID_des_cfb64 =    30;
-  SN_rsaSignature =   'rsaSignature';
-  NID_rsaSignature =     377;
-  SN_dsa_2 =     'DSA-old';
-  LN_dsa_2 =     'dsaEncryption-old';
-  NID_dsa_2 =     67;
-  SN_dsaWithSHA =    'DSA-SHA';
-  LN_dsaWithSHA =    'dsaWithSHA';
-  NID_dsaWithSHA =   66;
-  SN_shaWithRSAEncryption =   'RSA-SHA';
-  LN_shaWithRSAEncryption =   'shaWithRSAEncryption';
-  NID_shaWithRSAEncryption =     42;
-  SN_des_ede_ecb =   'DES-EDE';
-  LN_des_ede_ecb =   'des-ede';
-  NID_des_ede_ecb =   32;
-  SN_des_ede3_ecb =   'DES-EDE3';
-  LN_des_ede3_ecb =   'des-ede3';
-  NID_des_ede3_ecb =     33;
-  SN_des_ede_cbc =   'DES-EDE-CBC';
-  LN_des_ede_cbc =   'des-ede-cbc';
-  NID_des_ede_cbc =   43;
-  SN_des_ede_cfb64 =     'DES-EDE-CFB';
-  LN_des_ede_cfb64 =     'des-ede-cfb';
-  NID_des_ede_cfb64 =     60;
-  SN_des_ede3_cfb64 =     'DES-EDE3-CFB';
-  LN_des_ede3_cfb64 =     'des-ede3-cfb';
-  NID_des_ede3_cfb64 =    61;
-  SN_des_ede_ofb64 =     'DES-EDE-OFB';
-  LN_des_ede_ofb64 =     'des-ede-ofb';
-  NID_des_ede_ofb64 =     62;
-  SN_des_ede3_ofb64 =     'DES-EDE3-OFB';
-  LN_des_ede3_ofb64 =     'des-ede3-ofb';
-  NID_des_ede3_ofb64 =    63;
-  SN_desx_cbc =    'DESX-CBC';
-  LN_desx_cbc =    'desx-cbc';
-  NID_desx_cbc =    80;
-  SN_sha =   'SHA';
-  LN_sha =   'sha';
-  NID_sha =   41;
-  SN_sha1 =   'SHA1';
-  LN_sha1 =   'sha1';
-  NID_sha1 =     64;
-  SN_dsaWithSHA1_2 =     'DSA-SHA1-old';
-  LN_dsaWithSHA1_2 =     'dsaWithSHA1-old';
-  NID_dsaWithSHA1_2 =     70;
-  SN_sha1WithRSA =   'RSA-SHA1-2';
-  LN_sha1WithRSA =   'sha1WithRSA';
-  NID_sha1WithRSA =   115;
-  SN_ripemd160 =    'RIPEMD160';
-  LN_ripemd160 =    'ripemd160';
-  NID_ripemd160 =    117;
-  SN_ripemd160WithRSA =    'RSA-RIPEMD160';
-  LN_ripemd160WithRSA =    'ripemd160WithRSA';
-  NID_ripemd160WithRSA =    119;
-  SN_blake2b512 =    'BLAKE2b512';
-  LN_blake2b512 =    'blake2b512';
-  NID_blake2b512 =   1056;
-  SN_blake2s256 =    'BLAKE2s256';
-  LN_blake2s256 =    'blake2s256';
-  NID_blake2s256 =   1057;
-  SN_sxnet =     'SXNetID';
-  LN_sxnet =     'Strong Extranet ID';
-  NID_sxnet =     143;
-  SN_X500 =   'X500';
-  LN_X500 =   'directory services(X.500)';
-  NID_X500 =     11;
-  SN_X509 =   'X509';
-  NID_X509 =     12;
-  SN_commonName =    'CN';
-  LN_commonName =    'commonName';
-  NID_commonName =   13;
-  SN_surname =    'SN';
-  LN_surname =    'surname';
-  NID_surname =    100;
-  LN_serialNumber =   'serialNumber';
-  NID_serialNumber =     105;
-  SN_countryName =   'C';
-  LN_countryName =   'countryName';
-  NID_countryName =   14;
-  SN_localityName =   'L';
-  LN_localityName =   'localityName';
-  NID_localityName =     15;
-  SN_stateOrProvinceName =   'ST';
-  LN_stateOrProvinceName =   'stateOrProvinceName';
-  NID_stateOrProvinceName =   16;
-  SN_streetAddress =     'street';
-  LN_streetAddress =     'streetAddress';
-  NID_streetAddress =     660;
-  SN_organizationName =    'O';
-  LN_organizationName =    'organizationName';
-  NID_organizationName =    17;
-  SN_organizationalUnitName =     'OU';
-  LN_organizationalUnitName =     'organizationalUnitName';
-  NID_organizationalUnitName =    18;
-  SN_title =     'title';
-  LN_title =     'title';
-  NID_title =     106;
-  LN_description =   'description';
-  NID_description =   107;
-  LN_searchGuide =   'searchGuide';
-  NID_searchGuide =   859;
-  LN_businessCategory =    'businessCategory';
-  NID_businessCategory =    860;
-  LN_postalAddress =     'postalAddress';
-  NID_postalAddress =     861;
-  LN_postalCode =    'postalCode';
-  NID_postalCode =   661;
-  LN_postOfficeBox =     'postOfficeBox';
-  NID_postOfficeBox =     862;
-  LN_physicalDeliveryOfficeName =    'physicalDeliveryOfficeName';
-  NID_physicalDeliveryOfficeName =   863;
-  LN_telephoneNumber =    'telephoneNumber';
-  NID_telephoneNumber =    864;
-  LN_telexNumber =   'telexNumber';
-  NID_telexNumber =   865;
-  LN_teletexTerminalIdentifier =    'teletexTerminalIdentifier';
-  NID_teletexTerminalIdentifier =    866;
-  LN_facsimileTelephoneNumber =    'facsimileTelephoneNumber';
-  NID_facsimileTelephoneNumber =    867;
-  LN_x121Address =   'x121Address';
-  NID_x121Address =   868;
-  LN_internationaliSDNNumber =    'internationaliSDNNumber';
-  NID_internationaliSDNNumber =    869;
-  LN_registeredAddress =    'registeredAddress';
-  NID_registeredAddress =    870;
-  LN_destinationIndicator =   'destinationIndicator';
-  NID_destinationIndicator =     871;
-  LN_preferredDeliveryMethod =    'preferredDeliveryMethod';
-  NID_preferredDeliveryMethod =    872;
-  LN_presentationAddress =   'presentationAddress';
-  NID_presentationAddress =   873;
-  LN_supportedApplicationContext =   'supportedApplicationContext';
-  NID_supportedApplicationContext =   874;
-  SN_member =     'member';
-  NID_member =    875;
-  SN_owner =     'owner';
-  NID_owner =     876;
-  LN_roleOccupant =   'roleOccupant';
-  NID_roleOccupant =     877;
-  SN_seeAlso =    'seeAlso';
-  NID_seeAlso =    878;
-  LN_userPassword =   'userPassword';
-  NID_userPassword =     879;
-  LN_userCertificate =    'userCertificate';
-  NID_userCertificate =    880;
-  LN_cACertificate =     'cACertificate';
-  NID_cACertificate =     881;
-  LN_authorityRevocationList =    'authorityRevocationList';
-  NID_authorityRevocationList =    882;
-  LN_certificateRevocationList =    'certificateRevocationList';
-  NID_certificateRevocationList =    883;
-  LN_crossCertificatePair =   'crossCertificatePair';
-  NID_crossCertificatePair =     884;
-  SN_name =   'name';
-  LN_name =   'name';
-  NID_name =     173;
-  SN_givenName =    'GN';
-  LN_givenName =    'givenName';
-  NID_givenName =    99;
-  SN_initials =    'initials';
-  LN_initials =    'initials';
-  NID_initials =    101;
-  LN_generationQualifier =   'generationQualifier';
-  NID_generationQualifier =   509;
-  LN_x500UniqueIdentifier =   'x500UniqueIdentifier';
-  NID_x500UniqueIdentifier =     503;
-  SN_dnQualifier =   'dnQualifier';
-  LN_dnQualifier =   'dnQualifier';
-  NID_dnQualifier =   174;
-  LN_enhancedSearchGuide =   'enhancedSearchGuide';
-  NID_enhancedSearchGuide =   885;
-  LN_protocolInformation =   'protocolInformation';
-  NID_protocolInformation =   886;
-  LN_distinguishedName =    'distinguishedName';
-  NID_distinguishedName =    887;
-  LN_uniqueMember =   'uniqueMember';
-  NID_uniqueMember =     888;
-  LN_houseIdentifier =    'houseIdentifier';
-  NID_houseIdentifier =    889;
-  LN_supportedAlgorithms =   'supportedAlgorithms';
-  NID_supportedAlgorithms =   890;
-  LN_deltaRevocationList =   'deltaRevocationList';
-  NID_deltaRevocationList =   891;
-  SN_dmdName =    'dmdName';
-  NID_dmdName =    892;
-  LN_pseudonym =    'pseudonym';
-  NID_pseudonym =    510;
-  SN_role =   'role';
-  LN_role =   'role';
-  NID_role =     400;
-  LN_organizationIdentifier =     'organizationIdentifier';
-  NID_organizationIdentifier =    1089;
-  SN_countryCode3c =     'c3';
-  LN_countryCode3c =     'countryCode3c';
-  NID_countryCode3c =     1090;
-  SN_countryCode3n =     'n3';
-  LN_countryCode3n =     'countryCode3n';
-  NID_countryCode3n =     1091;
-  LN_dnsName =    'dnsName';
-  NID_dnsName =    1092;
-  SN_X500algorithms =     'X500algorithms';
-  LN_X500algorithms =     'directory services - algorithms';
-  NID_X500algorithms =    378;
-  SN_rsa =   'RSA';
-  LN_rsa =   'rsa';
-  NID_rsa =   19;
-  SN_mdc2WithRSA =   'RSA-MDC2';
-  LN_mdc2WithRSA =   'mdc2WithRSA';
-  NID_mdc2WithRSA =   96;
-  SN_mdc2 =   'MDC2';
-  LN_mdc2 =   'mdc2';
-  NID_mdc2 =     95;
-  SN_id_ce =     'id-ce';
-  NID_id_ce =     81;
-  SN_subject_directory_attributes =   'subjectDirectoryAttributes';
-  LN_subject_directory_attributes =   'X509v3 Subject Directory Attributes';
-  NID_subject_directory_attributes =     769;
-  SN_subject_key_identifier =     'subjectKeyIdentifier';
-  LN_subject_key_identifier =     'X509v3 Subject Key Identifier';
-  NID_subject_key_identifier =    82;
-  SN_key_usage =    'keyUsage';
-  LN_key_usage =    'X509v3 Key Usage';
-  NID_key_usage =    83;
-  SN_private_key_usage_period =    'privateKeyUsagePeriod';
-  LN_private_key_usage_period =    'X509v3 Private Key Usage Period';
-  NID_private_key_usage_period =    84;
-  SN_subject_alt_name =    'subjectAltName';
-  LN_subject_alt_name =    'X509v3 Subject Alternative Name';
-  NID_subject_alt_name =    85;
-  SN_issuer_alt_name =    'issuerAltName';
-  LN_issuer_alt_name =    'X509v3 Issuer Alternative Name';
-  NID_issuer_alt_name =    86;
-  SN_basic_constraints =    'basicConstraints';
-  LN_basic_constraints =    'X509v3 Basic Constraints';
-  NID_basic_constraints =    87;
-  SN_crl_number =    'crlNumber';
-  LN_crl_number =    'X509v3 CRL Number';
-  NID_crl_number =   88;
-  SN_crl_reason =    'CRLReason';
-  LN_crl_reason =    'X509v3 CRL Reason Code';
-  NID_crl_reason =   141;
-  SN_invalidity_date =    'invalidityDate';
-  LN_invalidity_date =    'Invalidity Date';
-  NID_invalidity_date =    142;
-  SN_delta_crl =    'deltaCRL';
-  LN_delta_crl =    'X509v3 Delta CRL Indicator';
-  NID_delta_crl =    140;
-  SN_issuing_distribution_point =    'issuingDistributionPoint';
-  LN_issuing_distribution_point =    'X509v3 Issuing Distribution Point';
-  NID_issuing_distribution_point =   770;
-  SN_certificate_issuer =    'certificateIssuer';
-  LN_certificate_issuer =    'X509v3 Certificate Issuer';
-  NID_certificate_issuer =   771;
-  SN_name_constraints =    'nameConstraints';
-  LN_name_constraints =    'X509v3 Name Constraints';
-  NID_name_constraints =    666;
-  SN_crl_distribution_points =    'crlDistributionPoints';
-  LN_crl_distribution_points =    'X509v3 CRL Distribution Points';
-  NID_crl_distribution_points =    103;
-  SN_certificate_policies =   'certificatePolicies';
-  LN_certificate_policies =   'X509v3 Certificate Policies';
-  NID_certificate_policies =     89;
-  SN_any_policy =    'anyPolicy';
-  LN_any_policy =    'X509v3 Any Policy';
-  NID_any_policy =   746;
-  SN_policy_mappings =    'policyMappings';
-  LN_policy_mappings =    'X509v3 Policy Mappings';
-  NID_policy_mappings =    747;
-  SN_authority_key_identifier =    'authorityKeyIdentifier';
-  LN_authority_key_identifier =    'X509v3 Authority Key Identifier';
-  NID_authority_key_identifier =    90;
-  SN_policy_constraints =    'policyConstraints';
-  LN_policy_constraints =    'X509v3 Policy Constraints';
-  NID_policy_constraints =   401;
-  SN_ext_key_usage =     'extendedKeyUsage';
-  LN_ext_key_usage =     'X509v3 Extended Key Usage';
-  NID_ext_key_usage =     126;
-  SN_freshest_crl =   'freshestCRL';
-  LN_freshest_crl =   'X509v3 Freshest CRL';
-  NID_freshest_crl =     857;
-  SN_inhibit_any_policy =    'inhibitAnyPolicy';
-  LN_inhibit_any_policy =    'X509v3 Inhibit Any Policy';
-  NID_inhibit_any_policy =   748;
-  SN_target_information =    'targetInformation';
-  LN_target_information =    'X509v3 AC Targeting';
-  NID_target_information =   402;
-  SN_no_rev_avail =   'noRevAvail';
-  LN_no_rev_avail =   'X509v3 No Revocation Available';
-  NID_no_rev_avail =     403;
-  SN_anyExtendedKeyUsage =   'anyExtendedKeyUsage';
-  LN_anyExtendedKeyUsage =   'Any Extended Key Usage';
-  NID_anyExtendedKeyUsage =   910;
-  SN_netscape =    'Netscape';
-  LN_netscape =    'Netscape Communications Corp.';
-  NID_netscape =    57;
-  SN_netscape_cert_extension =    'nsCertExt';
-  LN_netscape_cert_extension =    'Netscape Certificate Extension';
-  NID_netscape_cert_extension =    58;
-  SN_netscape_data_type =    'nsDataType';
-  LN_netscape_data_type =    'Netscape Data Type';
-  NID_netscape_data_type =   59;
-  SN_netscape_cert_type =    'nsCertType';
-  LN_netscape_cert_type =    'Netscape Cert Type';
-  NID_netscape_cert_type =   71;
-  SN_netscape_base_url =    'nsBaseUrl';
-  LN_netscape_base_url =    'Netscape Base Url';
-  NID_netscape_base_url =    72;
-  SN_netscape_revocation_url =    'nsRevocationUrl';
-  LN_netscape_revocation_url =    'Netscape Revocation Url';
-  NID_netscape_revocation_url =    73;
-  SN_netscape_ca_revocation_url =    'nsCaRevocationUrl';
-  LN_netscape_ca_revocation_url =    'Netscape CA Revocation Url';
-  NID_netscape_ca_revocation_url =   74;
-  SN_netscape_renewal_url =   'nsRenewalUrl';
-  LN_netscape_renewal_url =   'Netscape Renewal Url';
-  NID_netscape_renewal_url =     75;
-  SN_netscape_ca_policy_url =     'nsCaPolicyUrl';
-  LN_netscape_ca_policy_url =     'Netscape CA Policy Url';
-  NID_netscape_ca_policy_url =    76;
-  SN_netscape_ssl_server_name =    'nsSslServerName';
-  LN_netscape_ssl_server_name =    'Netscape Server: SSl Name';
-  NID_netscape_ssl_server_name =    77;
-  SN_netscape_comment =    'nsComment';
-  LN_netscape_comment =    'Netscape Comment';
-  NID_netscape_comment =    78;
-  SN_netscape_cert_sequence =     'nsCertSequence';
-  LN_netscape_cert_sequence =     'Netscape Certificate Sequence';
-  NID_netscape_cert_sequence =    79;
-  SN_ns_sgc =     'nsSGC';
-  LN_ns_sgc =     'Netscape Server Gated Crypto';
-  NID_ns_sgc =    139;
-  SN_org =   'ORG';
-  LN_org =   'org';
-  NID_org =   379;
-  SN_dod =   'DOD';
-  LN_dod =   'dod';
-  NID_dod =   380;
-  SN_iana =   'IANA';
-  LN_iana =   'iana';
-  NID_iana =     381;
-  SN_Directory =    'directory';
-  LN_Directory =    'Directory';
-  NID_Directory =    382;
-  SN_Management =    'mgmt';
-  LN_Management =    'Management';
-  NID_Management =   383;
-  SN_Experimental =   'experimental';
-  LN_Experimental =   'Experimental';
-  NID_Experimental =     384;
-  SN_Private =    'private';
-  LN_Private =    'Private';
-  NID_Private =    385;
-  SN_Security =    'security';
-  LN_Security =    'Security';
-  NID_Security =    386;
-  SN_SNMPv2 =     'snmpv2';
-  LN_SNMPv2 =     'SNMPv2';
-  NID_SNMPv2 =    387;
-  LN_Mail =   'Mail';
-  NID_Mail =     388;
-  SN_Enterprises =   'enterprises';
-  LN_Enterprises =   'Enterprises';
-  NID_Enterprises =   389;
-  SN_dcObject =    'dcobject';
-  LN_dcObject =    'dcObject';
-  NID_dcObject =    390;
-  SN_mime_mhs =    'mime-mhs';
-  LN_mime_mhs =    'MIME MHS';
-  NID_mime_mhs =    504;
-  SN_mime_mhs_headings =    'mime-mhs-headings';
-  LN_mime_mhs_headings =    'mime-mhs-headings';
-  NID_mime_mhs_headings =    505;
-  SN_mime_mhs_bodies =    'mime-mhs-bodies';
-  LN_mime_mhs_bodies =    'mime-mhs-bodies';
-  NID_mime_mhs_bodies =    506;
-  SN_id_hex_partial_message =     'id-hex-partial-message';
-  LN_id_hex_partial_message =     'id-hex-partial-message';
-  NID_id_hex_partial_message =    507;
-  SN_id_hex_multipart_message =    'id-hex-multipart-message';
-  LN_id_hex_multipart_message =    'id-hex-multipart-message';
-  NID_id_hex_multipart_message =    508;
-  SN_zlib_compression =    'ZLIB';
-  LN_zlib_compression =    'zlib compression';
-  NID_zlib_compression =    125;
-  SN_aes_128_ecb =   'AES-128-ECB';
-  LN_aes_128_ecb =   'aes-128-ecb';
-  NID_aes_128_ecb =   418;
-  SN_aes_128_cbc =   'AES-128-CBC';
-  LN_aes_128_cbc =   'aes-128-cbc';
-  NID_aes_128_cbc =   419;
-  SN_aes_128_ofb128 =     'AES-128-OFB';
-  LN_aes_128_ofb128 =     'aes-128-ofb';
-  NID_aes_128_ofb128 =    420;
-  SN_aes_128_cfb128 =     'AES-128-CFB';
-  LN_aes_128_cfb128 =     'aes-128-cfb';
-  NID_aes_128_cfb128 =    421;
-  SN_id_aes128_wrap =     'id-aes128-wrap';
-  NID_id_aes128_wrap =    788;
-  SN_aes_128_gcm =   'id-aes128-GCM';
-  LN_aes_128_gcm =   'aes-128-gcm';
-  NID_aes_128_gcm =   895;
-  SN_aes_128_ccm =   'id-aes128-CCM';
-  LN_aes_128_ccm =   'aes-128-ccm';
-  NID_aes_128_ccm =   896;
-  SN_id_aes128_wrap_pad =    'id-aes128-wrap-pad';
-  NID_id_aes128_wrap_pad =   897;
-  SN_aes_192_ecb =   'AES-192-ECB';
-  LN_aes_192_ecb =   'aes-192-ecb';
-  NID_aes_192_ecb =   422;
-  SN_aes_192_cbc =   'AES-192-CBC';
-  LN_aes_192_cbc =   'aes-192-cbc';
-  NID_aes_192_cbc =   423;
-  SN_aes_192_ofb128 =     'AES-192-OFB';
-  LN_aes_192_ofb128 =     'aes-192-ofb';
-  NID_aes_192_ofb128 =    424;
-  SN_aes_192_cfb128 =     'AES-192-CFB';
-  LN_aes_192_cfb128 =     'aes-192-cfb';
-  NID_aes_192_cfb128 =    425;
-  SN_id_aes192_wrap =     'id-aes192-wrap';
-  NID_id_aes192_wrap =    789;
-  SN_aes_192_gcm =   'id-aes192-GCM';
-  LN_aes_192_gcm =   'aes-192-gcm';
-  NID_aes_192_gcm =   898;
-  SN_aes_192_ccm =   'id-aes192-CCM';
-  LN_aes_192_ccm =   'aes-192-ccm';
-  NID_aes_192_ccm =   899;
-  SN_id_aes192_wrap_pad =    'id-aes192-wrap-pad';
-  NID_id_aes192_wrap_pad =   900;
-  SN_aes_256_ecb =   'AES-256-ECB';
-  LN_aes_256_ecb =   'aes-256-ecb';
-  NID_aes_256_ecb =   426;
-  SN_aes_256_cbc =   'AES-256-CBC';
-  LN_aes_256_cbc =   'aes-256-cbc';
-  NID_aes_256_cbc =   427;
-  SN_aes_256_ofb128 =     'AES-256-OFB';
-  LN_aes_256_ofb128 =     'aes-256-ofb';
-  NID_aes_256_ofb128 =    428;
-  SN_aes_256_cfb128 =     'AES-256-CFB';
-  LN_aes_256_cfb128 =     'aes-256-cfb';
-  NID_aes_256_cfb128 =    429;
-  SN_id_aes256_wrap =     'id-aes256-wrap';
-  NID_id_aes256_wrap =    790;
-  SN_aes_256_gcm =   'id-aes256-GCM';
-  LN_aes_256_gcm =   'aes-256-gcm';
-  NID_aes_256_gcm =   901;
-  SN_aes_256_ccm =   'id-aes256-CCM';
-  LN_aes_256_ccm =   'aes-256-ccm';
-  NID_aes_256_ccm =   902;
-  SN_id_aes256_wrap_pad =    'id-aes256-wrap-pad';
-  NID_id_aes256_wrap_pad =   903;
-  SN_aes_128_xts =   'AES-128-XTS';
-  LN_aes_128_xts =   'aes-128-xts';
-  NID_aes_128_xts =   913;
-  SN_aes_256_xts =   'AES-256-XTS';
-  LN_aes_256_xts =   'aes-256-xts';
-  NID_aes_256_xts =   914;
-  SN_aes_128_cfb1 =   'AES-128-CFB1';
-  LN_aes_128_cfb1 =   'aes-128-cfb1';
-  NID_aes_128_cfb1 =     650;
-  SN_aes_192_cfb1 =   'AES-192-CFB1';
-  LN_aes_192_cfb1 =   'aes-192-cfb1';
-  NID_aes_192_cfb1 =     651;
-  SN_aes_256_cfb1 =   'AES-256-CFB1';
-  LN_aes_256_cfb1 =   'aes-256-cfb1';
-  NID_aes_256_cfb1 =     652;
-  SN_aes_128_cfb8 =   'AES-128-CFB8';
-  LN_aes_128_cfb8 =   'aes-128-cfb8';
-  NID_aes_128_cfb8 =     653;
-  SN_aes_192_cfb8 =   'AES-192-CFB8';
-  LN_aes_192_cfb8 =   'aes-192-cfb8';
-  NID_aes_192_cfb8 =     654;
-  SN_aes_256_cfb8 =   'AES-256-CFB8';
-  LN_aes_256_cfb8 =   'aes-256-cfb8';
-  NID_aes_256_cfb8 =     655;
-  SN_aes_128_ctr =   'AES-128-CTR';
-  LN_aes_128_ctr =   'aes-128-ctr';
-  NID_aes_128_ctr =   904;
-  SN_aes_192_ctr =   'AES-192-CTR';
-  LN_aes_192_ctr =   'aes-192-ctr';
-  NID_aes_192_ctr =   905;
-  SN_aes_256_ctr =   'AES-256-CTR';
-  LN_aes_256_ctr =   'aes-256-ctr';
-  NID_aes_256_ctr =   906;
-  SN_aes_128_ocb =   'AES-128-OCB';
-  LN_aes_128_ocb =   'aes-128-ocb';
-  NID_aes_128_ocb =   958;
-  SN_aes_192_ocb =   'AES-192-OCB';
-  LN_aes_192_ocb =   'aes-192-ocb';
-  NID_aes_192_ocb =   959;
-  SN_aes_256_ocb =   'AES-256-OCB';
-  LN_aes_256_ocb =   'aes-256-ocb';
-  NID_aes_256_ocb =   960;
-  SN_des_cfb1 =    'DES-CFB1';
-  LN_des_cfb1 =    'des-cfb1';
-  NID_des_cfb1 =    656;
-  SN_des_cfb8 =    'DES-CFB8';
-  LN_des_cfb8 =    'des-cfb8';
-  NID_des_cfb8 =    657;
-  SN_des_ede3_cfb1 =     'DES-EDE3-CFB1';
-  LN_des_ede3_cfb1 =     'des-ede3-cfb1';
-  NID_des_ede3_cfb1 =     658;
-  SN_des_ede3_cfb8 =     'DES-EDE3-CFB8';
-  LN_des_ede3_cfb8 =     'des-ede3-cfb8';
-  NID_des_ede3_cfb8 =     659;
-  SN_sha256 =     'SHA256';
-  LN_sha256 =     'sha256';
-  NID_sha256 =    672;
-  SN_sha384 =     'SHA384';
-  LN_sha384 =     'sha384';
-  NID_sha384 =    673;
-  SN_sha512 =     'SHA512';
-  LN_sha512 =     'sha512';
-  NID_sha512 =    674;
-  SN_sha224 =     'SHA224';
-  LN_sha224 =     'sha224';
-  NID_sha224 =    675;
-  SN_sha512_224 =    'SHA512-224';
-  LN_sha512_224 =    'sha512-224';
-  NID_sha512_224 =   1094;
-  SN_sha512_256 =    'SHA512-256';
-  LN_sha512_256 =    'sha512-256';
-  NID_sha512_256 =   1095;
-  SN_sha3_224 =    'SHA3-224';
-  LN_sha3_224 =    'sha3-224';
-  NID_sha3_224 =    1096;
-  SN_sha3_256 =    'SHA3-256';
-  LN_sha3_256 =    'sha3-256';
-  NID_sha3_256 =    1097;
-  SN_sha3_384 =    'SHA3-384';
-  LN_sha3_384 =    'sha3-384';
-  NID_sha3_384 =    1098;
-  SN_sha3_512 =    'SHA3-512';
-  LN_sha3_512 =    'sha3-512';
-  NID_sha3_512 =    1099;
-  SN_shake128 =    'SHAKE128';
-  LN_shake128 =    'shake128';
-  NID_shake128 =    1100;
-  SN_shake256 =    'SHAKE256';
-  LN_shake256 =    'shake256';
-  NID_shake256 =    1101;
-  SN_hmac_sha3_224 =     'id-hmacWithSHA3-224';
-  LN_hmac_sha3_224 =     'hmac-sha3-224';
-  NID_hmac_sha3_224 =     1102;
-  SN_hmac_sha3_256 =     'id-hmacWithSHA3-256';
-  LN_hmac_sha3_256 =     'hmac-sha3-256';
-  NID_hmac_sha3_256 =     1103;
-  SN_hmac_sha3_384 =     'id-hmacWithSHA3-384';
-  LN_hmac_sha3_384 =     'hmac-sha3-384';
-  NID_hmac_sha3_384 =     1104;
-  SN_hmac_sha3_512 =     'id-hmacWithSHA3-512';
-  LN_hmac_sha3_512 =     'hmac-sha3-512';
-  NID_hmac_sha3_512 =     1105;
-  SN_dsa_with_SHA224 =    'dsa_with_SHA224';
-  NID_dsa_with_SHA224 =    802;
-  SN_dsa_with_SHA256 =    'dsa_with_SHA256';
-  NID_dsa_with_SHA256 =    803;
-  SN_dsa_with_SHA384 =    'id-dsa-with-sha384';
-  LN_dsa_with_SHA384 =    'dsa_with_SHA384';
-  NID_dsa_with_SHA384 =    1106;
-  SN_dsa_with_SHA512 =    'id-dsa-with-sha512';
-  LN_dsa_with_SHA512 =    'dsa_with_SHA512';
-  NID_dsa_with_SHA512 =    1107;
-  SN_dsa_with_SHA3_224 =    'id-dsa-with-sha3-224';
-  LN_dsa_with_SHA3_224 =    'dsa_with_SHA3-224';
-  NID_dsa_with_SHA3_224 =    1108;
-  SN_dsa_with_SHA3_256 =    'id-dsa-with-sha3-256';
-  LN_dsa_with_SHA3_256 =    'dsa_with_SHA3-256';
-  NID_dsa_with_SHA3_256 =    1109;
-  SN_dsa_with_SHA3_384 =    'id-dsa-with-sha3-384';
-  LN_dsa_with_SHA3_384 =    'dsa_with_SHA3-384';
-  NID_dsa_with_SHA3_384 =    1110;
-  SN_dsa_with_SHA3_512 =    'id-dsa-with-sha3-512';
-  LN_dsa_with_SHA3_512 =    'dsa_with_SHA3-512';
-  NID_dsa_with_SHA3_512 =    1111;
-  SN_ecdsa_with_SHA3_224 =   'id-ecdsa-with-sha3-224';
-  LN_ecdsa_with_SHA3_224 =   'ecdsa_with_SHA3-224';
-  NID_ecdsa_with_SHA3_224 =   1112;
-  SN_ecdsa_with_SHA3_256 =   'id-ecdsa-with-sha3-256';
-  LN_ecdsa_with_SHA3_256 =   'ecdsa_with_SHA3-256';
-  NID_ecdsa_with_SHA3_256 =   1113;
-  SN_ecdsa_with_SHA3_384 =   'id-ecdsa-with-sha3-384';
-  LN_ecdsa_with_SHA3_384 =   'ecdsa_with_SHA3-384';
-  NID_ecdsa_with_SHA3_384 =   1114;
-  SN_ecdsa_with_SHA3_512 =   'id-ecdsa-with-sha3-512';
-  LN_ecdsa_with_SHA3_512 =   'ecdsa_with_SHA3-512';
-  NID_ecdsa_with_SHA3_512 =   1115;
-  SN_RSA_SHA3_224 =   'id-rsassa-pkcs1-v1_5-with-sha3-224';
-  LN_RSA_SHA3_224 =   'RSA-SHA3-224';
-  NID_RSA_SHA3_224 =     1116;
-  SN_RSA_SHA3_256 =   'id-rsassa-pkcs1-v1_5-with-sha3-256';
-  LN_RSA_SHA3_256 =   'RSA-SHA3-256';
-  NID_RSA_SHA3_256 =     1117;
-  SN_RSA_SHA3_384 =   'id-rsassa-pkcs1-v1_5-with-sha3-384';
-  LN_RSA_SHA3_384 =   'RSA-SHA3-384';
-  NID_RSA_SHA3_384 =     1118;
-  SN_RSA_SHA3_512 =   'id-rsassa-pkcs1-v1_5-with-sha3-512';
-  LN_RSA_SHA3_512 =   'RSA-SHA3-512';
-  NID_RSA_SHA3_512 =     1119;
-  SN_hold_instruction_code =     'holdInstructionCode';
-  LN_hold_instruction_code =     'Hold Instruction Code';
-  NID_hold_instruction_code =     430;
-  SN_hold_instruction_none =     'holdInstructionNone';
-  LN_hold_instruction_none =     'Hold Instruction None';
-  NID_hold_instruction_none =     431;
-  SN_hold_instruction_call_issuer =   'holdInstructionCallIssuer';
-  LN_hold_instruction_call_issuer =   'Hold Instruction Call Issuer';
-  NID_hold_instruction_call_issuer =     432;
-  SN_hold_instruction_reject =    'holdInstructionReject';
-  LN_hold_instruction_reject =    'Hold Instruction Reject';
-  NID_hold_instruction_reject =    433;
-  SN_data =   'data';
-  NID_data =     434;
-  SN_pss =   'pss';
-  NID_pss =   435;
-  SN_ucl =   'ucl';
-  NID_ucl =   436;
-  SN_pilot =     'pilot';
-  NID_pilot =     437;
-  LN_pilotAttributeType =    'pilotAttributeType';
-  NID_pilotAttributeType =   438;
-  LN_pilotAttributeSyntax =   'pilotAttributeSyntax';
-  NID_pilotAttributeSyntax =     439;
-  LN_pilotObjectClass =    'pilotObjectClass';
-  NID_pilotObjectClass =    440;
-  LN_pilotGroups =   'pilotGroups';
-  NID_pilotGroups =   441;
-  LN_iA5StringSyntax =    'iA5StringSyntax';
-  NID_iA5StringSyntax =    442;
-  LN_caseIgnoreIA5StringSyntax =    'caseIgnoreIA5StringSyntax';
-  NID_caseIgnoreIA5StringSyntax =    443;
-  LN_pilotObject =   'pilotObject';
-  NID_pilotObject =   444;
-  LN_pilotPerson =   'pilotPerson';
-  NID_pilotPerson =   445;
-  SN_account =    'account';
-  NID_account =    446;
-  SN_document =    'document';
-  NID_document =    447;
-  SN_room =   'room';
-  NID_room =     448;
-  LN_documentSeries =     'documentSeries';
-  NID_documentSeries =    449;
-  SN_Domain =     'domain';
-  LN_Domain =     'Domain';
-  NID_Domain =    392;
-  LN_rFC822localPart =    'rFC822localPart';
-  NID_rFC822localPart =    450;
-  LN_dNSDomain =    'dNSDomain';
-  NID_dNSDomain =    451;
-  LN_domainRelatedObject =   'domainRelatedObject';
-  NID_domainRelatedObject =   452;
-  LN_friendlyCountry =    'friendlyCountry';
-  NID_friendlyCountry =    453;
-  LN_simpleSecurityObject =   'simpleSecurityObject';
-  NID_simpleSecurityObject =     454;
-  LN_pilotOrganization =    'pilotOrganization';
-  NID_pilotOrganization =    455;
-  LN_pilotDSA =    'pilotDSA';
-  NID_pilotDSA =    456;
-  LN_qualityLabelledData =   'qualityLabelledData';
-  NID_qualityLabelledData =   457;
-  SN_userId =     'UID';
-  LN_userId =     'userId';
-  NID_userId =    458;
-  LN_textEncodedORAddress =   'textEncodedORAddress';
-  NID_textEncodedORAddress =     459;
-  SN_rfc822Mailbox =     'mail';
-  LN_rfc822Mailbox =     'rfc822Mailbox';
-  NID_rfc822Mailbox =     460;
-  SN_info =   'info';
-  NID_info =     461;
-  LN_favouriteDrink =     'favouriteDrink';
-  NID_favouriteDrink =    462;
-  LN_roomNumber =    'roomNumber';
-  NID_roomNumber =   463;
-  SN_photo =     'photo';
-  NID_photo =     464;
-  LN_userClass =    'userClass';
-  NID_userClass =    465;
-  SN_host =   'host';
-  NID_host =     466;
-  SN_manager =    'manager';
-  NID_manager =    467;
-  LN_documentIdentifier =    'documentIdentifier';
-  NID_documentIdentifier =   468;
-  LN_documentTitle =     'documentTitle';
-  NID_documentTitle =     469;
-  LN_documentVersion =    'documentVersion';
-  NID_documentVersion =    470;
-  LN_documentAuthor =     'documentAuthor';
-  NID_documentAuthor =    471;
-  LN_documentLocation =    'documentLocation';
-  NID_documentLocation =    472;
-  LN_homeTelephoneNumber =   'homeTelephoneNumber';
-  NID_homeTelephoneNumber =   473;
-  SN_secretary =    'secretary';
-  NID_secretary =    474;
-  LN_otherMailbox =   'otherMailbox';
-  NID_otherMailbox =     475;
-  LN_lastModifiedTime =    'lastModifiedTime';
-  NID_lastModifiedTime =    476;
-  LN_lastModifiedBy =     'lastModifiedBy';
-  NID_lastModifiedBy =    477;
-  SN_domainComponent =    'DC';
-  LN_domainComponent =    'domainComponent';
-  NID_domainComponent =    391;
-  LN_aRecord =    'aRecord';
-  NID_aRecord =    478;
-  LN_pilotAttributeType27 =   'pilotAttributeType27';
-  NID_pilotAttributeType27 =     479;
-  LN_mXRecord =    'mXRecord';
-  NID_mXRecord =    480;
-  LN_nSRecord =    'nSRecord';
-  NID_nSRecord =    481;
-  LN_sOARecord =    'sOARecord';
-  NID_sOARecord =    482;
-  LN_cNAMERecord =   'cNAMERecord';
-  NID_cNAMERecord =   483;
-  LN_associatedDomain =    'associatedDomain';
-  NID_associatedDomain =    484;
-  LN_associatedName =     'associatedName';
-  NID_associatedName =    485;
-  LN_homePostalAddress =    'homePostalAddress';
-  NID_homePostalAddress =    486;
-  LN_personalTitle =     'personalTitle';
-  NID_personalTitle =     487;
-  LN_mobileTelephoneNumber =     'mobileTelephoneNumber';
-  NID_mobileTelephoneNumber =     488;
-  LN_pagerTelephoneNumber =   'pagerTelephoneNumber';
-  NID_pagerTelephoneNumber =     489;
-  LN_friendlyCountryName =   'friendlyCountryName';
-  NID_friendlyCountryName =   490;
-  SN_uniqueIdentifier =    'uid';
-  LN_uniqueIdentifier =    'uniqueIdentifier';
-  NID_uniqueIdentifier =    102;
-  LN_organizationalStatus =   'organizationalStatus';
-  NID_organizationalStatus =     491;
-  LN_janetMailbox =   'janetMailbox';
-  NID_janetMailbox =     492;
-  LN_mailPreferenceOption =   'mailPreferenceOption';
-  NID_mailPreferenceOption =     493;
-  LN_buildingName =   'buildingName';
-  NID_buildingName =     494;
-  LN_dSAQuality =    'dSAQuality';
-  NID_dSAQuality =   495;
-  LN_singleLevelQuality =    'singleLevelQuality';
-  NID_singleLevelQuality =   496;
-  LN_subtreeMinimumQuality =     'subtreeMinimumQuality';
-  NID_subtreeMinimumQuality =     497;
-  LN_subtreeMaximumQuality =     'subtreeMaximumQuality';
-  NID_subtreeMaximumQuality =     498;
-  LN_personalSignature =    'personalSignature';
-  NID_personalSignature =    499;
-  LN_dITRedirect =   'dITRedirect';
-  NID_dITRedirect =   500;
-  SN_audio =     'audio';
-  NID_audio =     501;
-  LN_documentPublisher =    'documentPublisher';
-  NID_documentPublisher =    502;
-  SN_id_set =     'id-set';
-  LN_id_set =     'Secure Electronic Transactions';
-  NID_id_set =    512;
-  SN_set_ctype =    'set-ctype';
-  LN_set_ctype =    'content types';
-  NID_set_ctype =    513;
-  SN_set_msgExt =    'set-msgExt';
-  LN_set_msgExt =    'message extensions';
-  NID_set_msgExt =   514;
-  SN_set_attr =    'set-attr';
-  NID_set_attr =    515;
-  SN_set_policy =    'set-policy';
-  NID_set_policy =   516;
-  SN_set_certExt =   'set-certExt';
-  LN_set_certExt =   'certificate extensions';
-  NID_set_certExt =   517;
-  SN_set_brand =    'set-brand';
-  NID_set_brand =    518;
-  SN_setct_PANData =     'setct-PANData';
-  NID_setct_PANData =     519;
-  SN_setct_PANToken =     'setct-PANToken';
-  NID_setct_PANToken =    520;
-  SN_setct_PANOnly =     'setct-PANOnly';
-  NID_setct_PANOnly =     521;
-  SN_setct_OIData =   'setct-OIData';
-  NID_setct_OIData =     522;
-  SN_setct_PI =    'setct-PI';
-  NID_setct_PI =    523;
-  SN_setct_PIData =   'setct-PIData';
-  NID_setct_PIData =     524;
-  SN_setct_PIDataUnsigned =   'setct-PIDataUnsigned';
-  NID_setct_PIDataUnsigned =     525;
-  SN_setct_HODInput =     'setct-HODInput';
-  NID_setct_HODInput =    526;
-  SN_setct_AuthResBaggage =   'setct-AuthResBaggage';
-  NID_setct_AuthResBaggage =     527;
-  SN_setct_AuthRevReqBaggage =    'setct-AuthRevReqBaggage';
-  NID_setct_AuthRevReqBaggage =    528;
-  SN_setct_AuthRevResBaggage =    'setct-AuthRevResBaggage';
-  NID_setct_AuthRevResBaggage =    529;
-  SN_setct_CapTokenSeq =    'setct-CapTokenSeq';
-  NID_setct_CapTokenSeq =    530;
-  SN_setct_PInitResData =    'setct-PInitResData';
-  NID_setct_PInitResData =   531;
-  SN_setct_PI_TBS =   'setct-PI-TBS';
-  NID_setct_PI_TBS =     532;
-  SN_setct_PResData =     'setct-PResData';
-  NID_setct_PResData =    533;
-  SN_setct_AuthReqTBS =    'setct-AuthReqTBS';
-  NID_setct_AuthReqTBS =    534;
-  SN_setct_AuthResTBS =    'setct-AuthResTBS';
-  NID_setct_AuthResTBS =    535;
-  SN_setct_AuthResTBSX =    'setct-AuthResTBSX';
-  NID_setct_AuthResTBSX =    536;
-  SN_setct_AuthTokenTBS =    'setct-AuthTokenTBS';
-  NID_setct_AuthTokenTBS =   537;
-  SN_setct_CapTokenData =    'setct-CapTokenData';
-  NID_setct_CapTokenData =   538;
-  SN_setct_CapTokenTBS =    'setct-CapTokenTBS';
-  NID_setct_CapTokenTBS =    539;
-  SN_setct_AcqCardCodeMsg =   'setct-AcqCardCodeMsg';
-  NID_setct_AcqCardCodeMsg =     540;
-  SN_setct_AuthRevReqTBS =   'setct-AuthRevReqTBS';
-  NID_setct_AuthRevReqTBS =   541;
-  SN_setct_AuthRevResData =   'setct-AuthRevResData';
-  NID_setct_AuthRevResData =     542;
-  SN_setct_AuthRevResTBS =   'setct-AuthRevResTBS';
-  NID_setct_AuthRevResTBS =   543;
-  SN_setct_CapReqTBS =    'setct-CapReqTBS';
-  NID_setct_CapReqTBS =    544;
-  SN_setct_CapReqTBSX =    'setct-CapReqTBSX';
-  NID_setct_CapReqTBSX =    545;
-  SN_setct_CapResData =    'setct-CapResData';
-  NID_setct_CapResData =    546;
-  SN_setct_CapRevReqTBS =    'setct-CapRevReqTBS';
-  NID_setct_CapRevReqTBS =   547;
-  SN_setct_CapRevReqTBSX =   'setct-CapRevReqTBSX';
-  NID_setct_CapRevReqTBSX =   548;
-  SN_setct_CapRevResData =   'setct-CapRevResData';
-  NID_setct_CapRevResData =   549;
-  SN_setct_CredReqTBS =    'setct-CredReqTBS';
-  NID_setct_CredReqTBS =    550;
-  SN_setct_CredReqTBSX =    'setct-CredReqTBSX';
-  NID_setct_CredReqTBSX =    551;
-  SN_setct_CredResData =    'setct-CredResData';
-  NID_setct_CredResData =    552;
-  SN_setct_CredRevReqTBS =   'setct-CredRevReqTBS';
-  NID_setct_CredRevReqTBS =   553;
-  SN_setct_CredRevReqTBSX =   'setct-CredRevReqTBSX';
-  NID_setct_CredRevReqTBSX =     554;
-  SN_setct_CredRevResData =   'setct-CredRevResData';
-  NID_setct_CredRevResData =     555;
-  SN_setct_PCertReqData =    'setct-PCertReqData';
-  NID_setct_PCertReqData =   556;
-  SN_setct_PCertResTBS =    'setct-PCertResTBS';
-  NID_setct_PCertResTBS =    557;
-  SN_setct_BatchAdminReqData =    'setct-BatchAdminReqData';
-  NID_setct_BatchAdminReqData =    558;
-  SN_setct_BatchAdminResData =    'setct-BatchAdminResData';
-  NID_setct_BatchAdminResData =    559;
-  SN_setct_CardCInitResTBS =     'setct-CardCInitResTBS';
-  NID_setct_CardCInitResTBS =     560;
-  SN_setct_MeAqCInitResTBS =     'setct-MeAqCInitResTBS';
-  NID_setct_MeAqCInitResTBS =     561;
-  SN_setct_RegFormResTBS =   'setct-RegFormResTBS';
-  NID_setct_RegFormResTBS =   562;
-  SN_setct_CertReqData =    'setct-CertReqData';
-  NID_setct_CertReqData =    563;
-  SN_setct_CertReqTBS =    'setct-CertReqTBS';
-  NID_setct_CertReqTBS =    564;
-  SN_setct_CertResData =    'setct-CertResData';
-  NID_setct_CertResData =    565;
-  SN_setct_CertInqReqTBS =   'setct-CertInqReqTBS';
-  NID_setct_CertInqReqTBS =   566;
-  SN_setct_ErrorTBS =     'setct-ErrorTBS';
-  NID_setct_ErrorTBS =    567;
-  SN_setct_PIDualSignedTBE =     'setct-PIDualSignedTBE';
-  NID_setct_PIDualSignedTBE =     568;
-  SN_setct_PIUnsignedTBE =   'setct-PIUnsignedTBE';
-  NID_setct_PIUnsignedTBE =   569;
-  SN_setct_AuthReqTBE =    'setct-AuthReqTBE';
-  NID_setct_AuthReqTBE =    570;
-  SN_setct_AuthResTBE =    'setct-AuthResTBE';
-  NID_setct_AuthResTBE =    571;
-  SN_setct_AuthResTBEX =    'setct-AuthResTBEX';
-  NID_setct_AuthResTBEX =    572;
-  SN_setct_AuthTokenTBE =    'setct-AuthTokenTBE';
-  NID_setct_AuthTokenTBE =   573;
-  SN_setct_CapTokenTBE =    'setct-CapTokenTBE';
-  NID_setct_CapTokenTBE =    574;
-  SN_setct_CapTokenTBEX =    'setct-CapTokenTBEX';
-  NID_setct_CapTokenTBEX =   575;
-  SN_setct_AcqCardCodeMsgTBE =    'setct-AcqCardCodeMsgTBE';
-  NID_setct_AcqCardCodeMsgTBE =    576;
-  SN_setct_AuthRevReqTBE =   'setct-AuthRevReqTBE';
-  NID_setct_AuthRevReqTBE =   577;
-  SN_setct_AuthRevResTBE =   'setct-AuthRevResTBE';
-  NID_setct_AuthRevResTBE =   578;
-  SN_setct_AuthRevResTBEB =   'setct-AuthRevResTBEB';
-  NID_setct_AuthRevResTBEB =     579;
-  SN_setct_CapReqTBE =    'setct-CapReqTBE';
-  NID_setct_CapReqTBE =    580;
-  SN_setct_CapReqTBEX =    'setct-CapReqTBEX';
-  NID_setct_CapReqTBEX =    581;
-  SN_setct_CapResTBE =    'setct-CapResTBE';
-  NID_setct_CapResTBE =    582;
-  SN_setct_CapRevReqTBE =    'setct-CapRevReqTBE';
-  NID_setct_CapRevReqTBE =   583;
-  SN_setct_CapRevReqTBEX =   'setct-CapRevReqTBEX';
-  NID_setct_CapRevReqTBEX =   584;
-  SN_setct_CapRevResTBE =    'setct-CapRevResTBE';
-  NID_setct_CapRevResTBE =   585;
-  SN_setct_CredReqTBE =    'setct-CredReqTBE';
-  NID_setct_CredReqTBE =    586;
-  SN_setct_CredReqTBEX =    'setct-CredReqTBEX';
-  NID_setct_CredReqTBEX =    587;
-  SN_setct_CredResTBE =    'setct-CredResTBE';
-  NID_setct_CredResTBE =    588;
-  SN_setct_CredRevReqTBE =   'setct-CredRevReqTBE';
-  NID_setct_CredRevReqTBE =   589;
-  SN_setct_CredRevReqTBEX =   'setct-CredRevReqTBEX';
-  NID_setct_CredRevReqTBEX =     590;
-  SN_setct_CredRevResTBE =   'setct-CredRevResTBE';
-  NID_setct_CredRevResTBE =   591;
-  SN_setct_BatchAdminReqTBE =     'setct-BatchAdminReqTBE';
-  NID_setct_BatchAdminReqTBE =    592;
-  SN_setct_BatchAdminResTBE =     'setct-BatchAdminResTBE';
-  NID_setct_BatchAdminResTBE =    593;
-  SN_setct_RegFormReqTBE =   'setct-RegFormReqTBE';
-  NID_setct_RegFormReqTBE =   594;
-  SN_setct_CertReqTBE =    'setct-CertReqTBE';
-  NID_setct_CertReqTBE =    595;
-  SN_setct_CertReqTBEX =    'setct-CertReqTBEX';
-  NID_setct_CertReqTBEX =    596;
-  SN_setct_CertResTBE =    'setct-CertResTBE';
-  NID_setct_CertResTBE =    597;
-  SN_setct_CRLNotificationTBS =    'setct-CRLNotificationTBS';
-  NID_setct_CRLNotificationTBS =    598;
-  SN_setct_CRLNotificationResTBS =   'setct-CRLNotificationResTBS';
-  NID_setct_CRLNotificationResTBS =   599;
-  SN_setct_BCIDistributionTBS =    'setct-BCIDistributionTBS';
-  NID_setct_BCIDistributionTBS =    600;
-  SN_setext_genCrypt =    'setext-genCrypt';
-  LN_setext_genCrypt =    'generic cryptogram';
-  NID_setext_genCrypt =    601;
-  SN_setext_miAuth =     'setext-miAuth';
-  LN_setext_miAuth =     'merchant initiated auth';
-  NID_setext_miAuth =     602;
-  SN_setext_pinSecure =    'setext-pinSecure';
-  NID_setext_pinSecure =    603;
-  SN_setext_pinAny =     'setext-pinAny';
-  NID_setext_pinAny =     604;
-  SN_setext_track2 =     'setext-track2';
-  NID_setext_track2 =     605;
-  SN_setext_cv =    'setext-cv';
-  LN_setext_cv =    'additional verification';
-  NID_setext_cv =    606;
-  SN_set_policy_root =    'set-policy-root';
-  NID_set_policy_root =    607;
-  SN_setCext_hashedRoot =    'setCext-hashedRoot';
-  NID_setCext_hashedRoot =   608;
-  SN_setCext_certType =    'setCext-certType';
-  NID_setCext_certType =    609;
-  SN_setCext_merchData =    'setCext-merchData';
-  NID_setCext_merchData =    610;
-  SN_setCext_cCertRequired =     'setCext-cCertRequired';
-  NID_setCext_cCertRequired =     611;
-  SN_setCext_tunneling =    'setCext-tunneling';
-  NID_setCext_tunneling =    612;
-  SN_setCext_setExt =     'setCext-setExt';
-  NID_setCext_setExt =    613;
-  SN_setCext_setQualf =    'setCext-setQualf';
-  NID_setCext_setQualf =    614;
-  SN_setCext_PGWYcapabilities =    'setCext-PGWYcapabilities';
-  NID_setCext_PGWYcapabilities =    615;
-  SN_setCext_TokenIdentifier =    'setCext-TokenIdentifier';
-  NID_setCext_TokenIdentifier =    616;
-  SN_setCext_Track2Data =    'setCext-Track2Data';
-  NID_setCext_Track2Data =   617;
-  SN_setCext_TokenType =    'setCext-TokenType';
-  NID_setCext_TokenType =    618;
-  SN_setCext_IssuerCapabilities =    'setCext-IssuerCapabilities';
-  NID_setCext_IssuerCapabilities =   619;
-  SN_setAttr_Cert =   'setAttr-Cert';
-  NID_setAttr_Cert =     620;
-  SN_setAttr_PGWYcap =    'setAttr-PGWYcap';
-  LN_setAttr_PGWYcap =    'payment gateway capabilities';
-  NID_setAttr_PGWYcap =    621;
-  SN_setAttr_TokenType =    'setAttr-TokenType';
-  NID_setAttr_TokenType =    622;
-  SN_setAttr_IssCap =     'setAttr-IssCap';
-  LN_setAttr_IssCap =     'issuer capabilities';
-  NID_setAttr_IssCap =    623;
-  SN_set_rootKeyThumb =    'set-rootKeyThumb';
-  NID_set_rootKeyThumb =    624;
-  SN_set_addPolicy =     'set-addPolicy';
-  NID_set_addPolicy =     625;
-  SN_setAttr_Token_EMV =    'setAttr-Token-EMV';
-  NID_setAttr_Token_EMV =    626;
-  SN_setAttr_Token_B0Prime =     'setAttr-Token-B0Prime';
-  NID_setAttr_Token_B0Prime =     627;
-  SN_setAttr_IssCap_CVM =    'setAttr-IssCap-CVM';
-  NID_setAttr_IssCap_CVM =   628;
-  SN_setAttr_IssCap_T2 =    'setAttr-IssCap-T2';
-  NID_setAttr_IssCap_T2 =    629;
-  SN_setAttr_IssCap_Sig =    'setAttr-IssCap-Sig';
-  NID_setAttr_IssCap_Sig =   630;
-  SN_setAttr_GenCryptgrm =   'setAttr-GenCryptgrm';
-  LN_setAttr_GenCryptgrm =   'generate cryptogram';
-  NID_setAttr_GenCryptgrm =   631;
-  SN_setAttr_T2Enc =     'setAttr-T2Enc';
-  LN_setAttr_T2Enc =     'encrypted track 2';
-  NID_setAttr_T2Enc =     632;
-  SN_setAttr_T2cleartxt =    'setAttr-T2cleartxt';
-  LN_setAttr_T2cleartxt =    'cleartext track 2';
-  NID_setAttr_T2cleartxt =   633;
-  SN_setAttr_TokICCsig =    'setAttr-TokICCsig';
-  LN_setAttr_TokICCsig =    'ICC or token signature';
-  NID_setAttr_TokICCsig =    634;
-  SN_setAttr_SecDevSig =    'setAttr-SecDevSig';
-  LN_setAttr_SecDevSig =    'secure device signature';
-  NID_setAttr_SecDevSig =    635;
-  SN_set_brand_IATA_ATA =    'set-brand-IATA-ATA';
-  NID_set_brand_IATA_ATA =   636;
-  SN_set_brand_Diners =    'set-brand-Diners';
-  NID_set_brand_Diners =    637;
-  SN_set_brand_AmericanExpress =    'set-brand-AmericanExpress';
-  NID_set_brand_AmericanExpress =    638;
-  SN_set_brand_JCB =     'set-brand-JCB';
-  NID_set_brand_JCB =     639;
-  SN_set_brand_Visa =     'set-brand-Visa';
-  NID_set_brand_Visa =    640;
-  SN_set_brand_MasterCard =   'set-brand-MasterCard';
-  NID_set_brand_MasterCard =     641;
-  SN_set_brand_Novus =    'set-brand-Novus';
-  NID_set_brand_Novus =    642;
-  SN_des_cdmf =    'DES-CDMF';
-  LN_des_cdmf =    'des-cdmf';
-  NID_des_cdmf =    643;
-  SN_rsaOAEPEncryptionSET =   'rsaOAEPEncryptionSET';
-  NID_rsaOAEPEncryptionSET =     644;
-  SN_ipsec3 =     'Oakley-EC2N-3';
-  LN_ipsec3 =     'ipsec3';
-  NID_ipsec3 =    749;
-  SN_ipsec4 =     'Oakley-EC2N-4';
-  LN_ipsec4 =     'ipsec4';
-  NID_ipsec4 =    750;
-  SN_whirlpool =    'whirlpool';
-  NID_whirlpool =    804;
-  SN_cryptopro =    'cryptopro';
-  NID_cryptopro =    805;
-  SN_cryptocom =    'cryptocom';
-  NID_cryptocom =    806;
-  SN_id_tc26 =    'id-tc26';
-  NID_id_tc26 =    974;
-  SN_id_GostR3411_94_with_GostR3410_2001 =   'id-GostR3411-94-with-GostR3410-2001';
-  LN_id_GostR3411_94_with_GostR3410_2001 =   'GOST R 34.11-94 with GOST R 34.10-2001';
-  NID_id_GostR3411_94_with_GostR3410_2001 =   807;
-  SN_id_GostR3411_94_with_GostR3410_94 =    'id-GostR3411-94-with-GostR3410-94';
-  LN_id_GostR3411_94_with_GostR3410_94 =    'GOST R 34.11-94 with GOST R 34.10-94';
-  NID_id_GostR3411_94_with_GostR3410_94 =    808;
-  SN_id_GostR3411_94 =    'md_gost94';
-  LN_id_GostR3411_94 =    'GOST R 34.11-94';
-  NID_id_GostR3411_94 =    809;
-  SN_id_HMACGostR3411_94 =   'id-HMACGostR3411-94';
-  LN_id_HMACGostR3411_94 =   'HMAC GOST 34.11-94';
-  NID_id_HMACGostR3411_94 =   810;
-  SN_id_GostR3410_2001 =    'gost2001';
-  LN_id_GostR3410_2001 =    'GOST R 34.10-2001';
-  NID_id_GostR3410_2001 =    811;
-  SN_id_GostR3410_94 =    'gost94';
-  LN_id_GostR3410_94 =    'GOST R 34.10-94';
-  NID_id_GostR3410_94 =    812;
-  SN_id_Gost28147_89 =    'gost89';
-  LN_id_Gost28147_89 =    'GOST 28147-89';
-  NID_id_Gost28147_89 =    813;
-  SN_gost89_cnt =    'gost89-cnt';
-  NID_gost89_cnt =   814;
-  SN_gost89_cnt_12 =     'gost89-cnt-12';
-  NID_gost89_cnt_12 =     975;
-  SN_gost89_cbc =    'gost89-cbc';
-  NID_gost89_cbc =   1009;
-  SN_gost89_ecb =    'gost89-ecb';
-  NID_gost89_ecb =   1010;
-  SN_gost89_ctr =    'gost89-ctr';
-  NID_gost89_ctr =   1011;
-  SN_id_Gost28147_89_MAC =   'gost-mac';
-  LN_id_Gost28147_89_MAC =   'GOST 28147-89 MAC';
-  NID_id_Gost28147_89_MAC =   815;
-  SN_gost_mac_12 =   'gost-mac-12';
-  NID_gost_mac_12 =   976;
-  SN_id_GostR3411_94_prf =   'prf-gostr3411-94';
-  LN_id_GostR3411_94_prf =   'GOST R 34.11-94 PRF';
-  NID_id_GostR3411_94_prf =   816;
-  SN_id_GostR3410_2001DH =   'id-GostR3410-2001DH';
-  LN_id_GostR3410_2001DH =   'GOST R 34.10-2001 DH';
-  NID_id_GostR3410_2001DH =   817;
-  SN_id_GostR3410_94DH =    'id-GostR3410-94DH';
-  LN_id_GostR3410_94DH =    'GOST R 34.10-94 DH';
-  NID_id_GostR3410_94DH =    818;
-  SN_id_Gost28147_89_CryptoPro_KeyMeshing =   'id-Gost28147-89-CryptoPro-KeyMeshing';
-  NID_id_Gost28147_89_CryptoPro_KeyMeshing =     819;
-  SN_id_Gost28147_89_None_KeyMeshing =    'id-Gost28147-89-None-KeyMeshing';
-  NID_id_Gost28147_89_None_KeyMeshing =    820;
-  SN_id_GostR3411_94_TestParamSet =   'id-GostR3411-94-TestParamSet';
-  NID_id_GostR3411_94_TestParamSet =     821;
-  SN_id_GostR3411_94_CryptoProParamSet =    'id-GostR3411-94-CryptoProParamSet';
-  NID_id_GostR3411_94_CryptoProParamSet =    822;
-  SN_id_Gost28147_89_TestParamSet =   'id-Gost28147-89-TestParamSet';
-  NID_id_Gost28147_89_TestParamSet =     823;
-  SN_id_Gost28147_89_CryptoPro_A_ParamSet =   'id-Gost28147-89-CryptoPro-A-ParamSet';
-  NID_id_Gost28147_89_CryptoPro_A_ParamSet =     824;
-  SN_id_Gost28147_89_CryptoPro_B_ParamSet =   'id-Gost28147-89-CryptoPro-B-ParamSet';
-  NID_id_Gost28147_89_CryptoPro_B_ParamSet =     825;
-  SN_id_Gost28147_89_CryptoPro_C_ParamSet =   'id-Gost28147-89-CryptoPro-C-ParamSet';
-  NID_id_Gost28147_89_CryptoPro_C_ParamSet =     826;
-  SN_id_Gost28147_89_CryptoPro_D_ParamSet =   'id-Gost28147-89-CryptoPro-D-ParamSet';
-  NID_id_Gost28147_89_CryptoPro_D_ParamSet =     827;
-  SN_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet =   'id-Gost28147-89-CryptoPro-Oscar-1-1-ParamSet';
-  NID_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet =     828;
-  SN_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet =   'id-Gost28147-89-CryptoPro-Oscar-1-0-ParamSet';
-  NID_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet =     829;
-  SN_id_Gost28147_89_CryptoPro_RIC_1_ParamSet =    'id-Gost28147-89-CryptoPro-RIC-1-ParamSet';
-  NID_id_Gost28147_89_CryptoPro_RIC_1_ParamSet =    830;
-  SN_id_GostR3410_94_TestParamSet =   'id-GostR3410-94-TestParamSet';
-  NID_id_GostR3410_94_TestParamSet =     831;
-  SN_id_GostR3410_94_CryptoPro_A_ParamSet =   'id-GostR3410-94-CryptoPro-A-ParamSet';
-  NID_id_GostR3410_94_CryptoPro_A_ParamSet =     832;
-  SN_id_GostR3410_94_CryptoPro_B_ParamSet =   'id-GostR3410-94-CryptoPro-B-ParamSet';
-  NID_id_GostR3410_94_CryptoPro_B_ParamSet =     833;
-  SN_id_GostR3410_94_CryptoPro_C_ParamSet =   'id-GostR3410-94-CryptoPro-C-ParamSet';
-  NID_id_GostR3410_94_CryptoPro_C_ParamSet =     834;
-  SN_id_GostR3410_94_CryptoPro_D_ParamSet =   'id-GostR3410-94-CryptoPro-D-ParamSet';
-  NID_id_GostR3410_94_CryptoPro_D_ParamSet =     835;
-  SN_id_GostR3410_94_CryptoPro_XchA_ParamSet =    'id-GostR3410-94-CryptoPro-XchA-ParamSet';
-  NID_id_GostR3410_94_CryptoPro_XchA_ParamSet =    836;
-  SN_id_GostR3410_94_CryptoPro_XchB_ParamSet =    'id-GostR3410-94-CryptoPro-XchB-ParamSet';
-  NID_id_GostR3410_94_CryptoPro_XchB_ParamSet =    837;
-  SN_id_GostR3410_94_CryptoPro_XchC_ParamSet =    'id-GostR3410-94-CryptoPro-XchC-ParamSet';
-  NID_id_GostR3410_94_CryptoPro_XchC_ParamSet =    838;
-  SN_id_GostR3410_2001_TestParamSet =     'id-GostR3410-2001-TestParamSet';
-  NID_id_GostR3410_2001_TestParamSet =    839;
-  SN_id_GostR3410_2001_CryptoPro_A_ParamSet =     'id-GostR3410-2001-CryptoPro-A-ParamSet';
-  NID_id_GostR3410_2001_CryptoPro_A_ParamSet =    840;
-  SN_id_GostR3410_2001_CryptoPro_B_ParamSet =     'id-GostR3410-2001-CryptoPro-B-ParamSet';
-  NID_id_GostR3410_2001_CryptoPro_B_ParamSet =    841;
-  SN_id_GostR3410_2001_CryptoPro_C_ParamSet =     'id-GostR3410-2001-CryptoPro-C-ParamSet';
-  NID_id_GostR3410_2001_CryptoPro_C_ParamSet =    842;
-  SN_id_GostR3410_2001_CryptoPro_XchA_ParamSet =    'id-GostR3410-2001-CryptoPro-XchA-ParamSet';
-  NID_id_GostR3410_2001_CryptoPro_XchA_ParamSet =    843;
-  SN_id_GostR3410_2001_CryptoPro_XchB_ParamSet =    'id-GostR3410-2001-CryptoPro-XchB-ParamSet';
-  NID_id_GostR3410_2001_CryptoPro_XchB_ParamSet =    844;
-  SN_id_GostR3410_94_a =    'id-GostR3410-94-a';
-  NID_id_GostR3410_94_a =    845;
-  SN_id_GostR3410_94_aBis =   'id-GostR3410-94-aBis';
-  NID_id_GostR3410_94_aBis =     846;
-  SN_id_GostR3410_94_b =    'id-GostR3410-94-b';
-  NID_id_GostR3410_94_b =    847;
-  SN_id_GostR3410_94_bBis =   'id-GostR3410-94-bBis';
-  NID_id_GostR3410_94_bBis =     848;
-  SN_id_Gost28147_89_cc =    'id-Gost28147-89-cc';
-  LN_id_Gost28147_89_cc =    'GOST 28147-89 Cryptocom ParamSet';
-  NID_id_Gost28147_89_cc =   849;
-  SN_id_GostR3410_94_cc =    'gost94cc';
-  LN_id_GostR3410_94_cc =    'GOST 34.10-94 Cryptocom';
-  NID_id_GostR3410_94_cc =   850;
-  SN_id_GostR3410_2001_cc =   'gost2001cc';
-  LN_id_GostR3410_2001_cc =   'GOST 34.10-2001 Cryptocom';
-  NID_id_GostR3410_2001_cc =     851;
-  SN_id_GostR3411_94_with_GostR3410_94_cc =   'id-GostR3411-94-with-GostR3410-94-cc';
-  LN_id_GostR3411_94_with_GostR3410_94_cc =   'GOST R 34.11-94 with GOST R 34.10-94 Cryptocom';
-  NID_id_GostR3411_94_with_GostR3410_94_cc =     852;
-  SN_id_GostR3411_94_with_GostR3410_2001_cc =     'id-GostR3411-94-with-GostR3410-2001-cc';
-  LN_id_GostR3411_94_with_GostR3410_2001_cc =     'GOST R 34.11-94 with GOST R 34.10-2001 Cryptocom';
-  NID_id_GostR3411_94_with_GostR3410_2001_cc =    853;
-  SN_id_GostR3410_2001_ParamSet_cc =     'id-GostR3410-2001-ParamSet-cc';
-  LN_id_GostR3410_2001_ParamSet_cc =     'GOST R 3410-2001 Parameter Set Cryptocom';
-  NID_id_GostR3410_2001_ParamSet_cc =     854;
-  SN_id_tc26_algorithms =    'id-tc26-algorithms';
-  NID_id_tc26_algorithms =   977;
-  SN_id_tc26_sign =   'id-tc26-sign';
-  NID_id_tc26_sign =     978;
-  SN_id_GostR3410_2012_256 =     'gost2012_256';
-  LN_id_GostR3410_2012_256 =     'GOST R 34.10-2012 with 256 bit modulus';
-  NID_id_GostR3410_2012_256 =     979;
-  SN_id_GostR3410_2012_512 =     'gost2012_512';
-  LN_id_GostR3410_2012_512 =     'GOST R 34.10-2012 with 512 bit modulus';
-  NID_id_GostR3410_2012_512 =     980;
-  SN_id_tc26_digest =     'id-tc26-digest';
-  NID_id_tc26_digest =    981;
-  SN_id_GostR3411_2012_256 =     'md_gost12_256';
-  LN_id_GostR3411_2012_256 =     'GOST R 34.11-2012 with 256 bit hash';
-  NID_id_GostR3411_2012_256 =     982;
-  SN_id_GostR3411_2012_512 =     'md_gost12_512';
-  LN_id_GostR3411_2012_512 =     'GOST R 34.11-2012 with 512 bit hash';
-  NID_id_GostR3411_2012_512 =     983;
-  SN_id_tc26_signwithdigest =     'id-tc26-signwithdigest';
-  NID_id_tc26_signwithdigest =    984;
-  SN_id_tc26_signwithdigest_gost3410_2012_256 =    'id-tc26-signwithdigest-gost3410-2012-256';
-  LN_id_tc26_signwithdigest_gost3410_2012_256 =    'GOST R 34.10-2012 with GOST R 34.11-2012(256 bit)';
-  NID_id_tc26_signwithdigest_gost3410_2012_256 =    985;
-  SN_id_tc26_signwithdigest_gost3410_2012_512 =    'id-tc26-signwithdigest-gost3410-2012-512';
-  LN_id_tc26_signwithdigest_gost3410_2012_512 =    'GOST R 34.10-2012 with GOST R 34.11-2012(512 bit)';
-  NID_id_tc26_signwithdigest_gost3410_2012_512 =    986;
-  SN_id_tc26_mac =   'id-tc26-mac';
-  NID_id_tc26_mac =   987;
-  SN_id_tc26_hmac_gost_3411_2012_256 =    'id-tc26-hmac-gost-3411-2012-256';
-  LN_id_tc26_hmac_gost_3411_2012_256 =    'HMAC GOST 34.11-2012 256 bit';
-  NID_id_tc26_hmac_gost_3411_2012_256 =    988;
-  SN_id_tc26_hmac_gost_3411_2012_512 =    'id-tc26-hmac-gost-3411-2012-512';
-  LN_id_tc26_hmac_gost_3411_2012_512 =    'HMAC GOST 34.11-2012 512 bit';
-  NID_id_tc26_hmac_gost_3411_2012_512 =    989;
-  SN_id_tc26_cipher =     'id-tc26-cipher';
-  NID_id_tc26_cipher =    990;
-  SN_id_tc26_cipher_gostr3412_2015_magma =   'id-tc26-cipher-gostr3412-2015-magma';
-  NID_id_tc26_cipher_gostr3412_2015_magma =   1173;
-  SN_id_tc26_cipher_gostr3412_2015_magma_ctracpkm =   'id-tc26-cipher-gostr3412-2015-magma-ctracpkm';
-  NID_id_tc26_cipher_gostr3412_2015_magma_ctracpkm =     1174;
-  SN_id_tc26_cipher_gostr3412_2015_magma_ctracpkm_omac =    'id-tc26-cipher-gostr3412-2015-magma-ctracpkm-omac';
-  NID_id_tc26_cipher_gostr3412_2015_magma_ctracpkm_omac =    1175;
-  SN_id_tc26_cipher_gostr3412_2015_kuznyechik =    'id-tc26-cipher-gostr3412-2015-kuznyechik';
-  NID_id_tc26_cipher_gostr3412_2015_kuznyechik =    1176;
-  SN_id_tc26_cipher_gostr3412_2015_kuznyechik_ctracpkm =    'id-tc26-cipher-gostr3412-2015-kuznyechik-ctracpkm';
-  NID_id_tc26_cipher_gostr3412_2015_kuznyechik_ctracpkm =    1177;
-  SN_id_tc26_cipher_gostr3412_2015_kuznyechik_ctracpkm_omac =     'id-tc26-cipher-gostr3412-2015-kuznyechik-ctracpkm-omac';
-  NID_id_tc26_cipher_gostr3412_2015_kuznyechik_ctracpkm_omac =    1178;
-  SN_id_tc26_agreement =    'id-tc26-agreement';
-  NID_id_tc26_agreement =    991;
-  SN_id_tc26_agreement_gost_3410_2012_256 =   'id-tc26-agreement-gost-3410-2012-256';
-  NID_id_tc26_agreement_gost_3410_2012_256 =     992;
-  SN_id_tc26_agreement_gost_3410_2012_512 =   'id-tc26-agreement-gost-3410-2012-512';
-  NID_id_tc26_agreement_gost_3410_2012_512 =     993;
-  SN_id_tc26_wrap =   'id-tc26-wrap';
-  NID_id_tc26_wrap =     1179;
-  SN_id_tc26_wrap_gostr3412_2015_magma =    'id-tc26-wrap-gostr3412-2015-magma';
-  NID_id_tc26_wrap_gostr3412_2015_magma =    1180;
-  SN_id_tc26_wrap_gostr3412_2015_magma_kexp15 =    'id-tc26-wrap-gostr3412-2015-magma-kexp15';
-  NID_id_tc26_wrap_gostr3412_2015_magma_kexp15 =    1181;
-  SN_id_tc26_wrap_gostr3412_2015_kuznyechik =     'id-tc26-wrap-gostr3412-2015-kuznyechik';
-  NID_id_tc26_wrap_gostr3412_2015_kuznyechik =    1182;
-  SN_id_tc26_wrap_gostr3412_2015_kuznyechik_kexp15 =     'id-tc26-wrap-gostr3412-2015-kuznyechik-kexp15';
-  NID_id_tc26_wrap_gostr3412_2015_kuznyechik_kexp15 =     1183;
-  SN_id_tc26_constants =    'id-tc26-constants';
-  NID_id_tc26_constants =    994;
-  SN_id_tc26_sign_constants =     'id-tc26-sign-constants';
-  NID_id_tc26_sign_constants =    995;
-  SN_id_tc26_gost_3410_2012_256_constants =   'id-tc26-gost-3410-2012-256-constants';
-  NID_id_tc26_gost_3410_2012_256_constants =     1147;
-  SN_id_tc26_gost_3410_2012_256_paramSetA =   'id-tc26-gost-3410-2012-256-paramSetA';
-  LN_id_tc26_gost_3410_2012_256_paramSetA =   'GOST R 34.10-2012(256 bit)ParamSet A';
-  NID_id_tc26_gost_3410_2012_256_paramSetA =     1148;
-  SN_id_tc26_gost_3410_2012_256_paramSetB =   'id-tc26-gost-3410-2012-256-paramSetB';
-  LN_id_tc26_gost_3410_2012_256_paramSetB =   'GOST R 34.10-2012(256 bit)ParamSet B';
-  NID_id_tc26_gost_3410_2012_256_paramSetB =     1184;
-  SN_id_tc26_gost_3410_2012_256_paramSetC =   'id-tc26-gost-3410-2012-256-paramSetC';
-  LN_id_tc26_gost_3410_2012_256_paramSetC =   'GOST R 34.10-2012(256 bit)ParamSet C';
-  NID_id_tc26_gost_3410_2012_256_paramSetC =     1185;
-  SN_id_tc26_gost_3410_2012_256_paramSetD =   'id-tc26-gost-3410-2012-256-paramSetD';
-  LN_id_tc26_gost_3410_2012_256_paramSetD =   'GOST R 34.10-2012(256 bit)ParamSet D';
-  NID_id_tc26_gost_3410_2012_256_paramSetD =     1186;
-  SN_id_tc26_gost_3410_2012_512_constants =   'id-tc26-gost-3410-2012-512-constants';
-  NID_id_tc26_gost_3410_2012_512_constants =     996;
-  SN_id_tc26_gost_3410_2012_512_paramSetTest =    'id-tc26-gost-3410-2012-512-paramSetTest';
-  LN_id_tc26_gost_3410_2012_512_paramSetTest =    'GOST R 34.10-2012(512 bit)testing parameter set';
-  NID_id_tc26_gost_3410_2012_512_paramSetTest =    997;
-  SN_id_tc26_gost_3410_2012_512_paramSetA =   'id-tc26-gost-3410-2012-512-paramSetA';
-  LN_id_tc26_gost_3410_2012_512_paramSetA =   'GOST R 34.10-2012(512 bit)ParamSet A';
-  NID_id_tc26_gost_3410_2012_512_paramSetA =     998;
-  SN_id_tc26_gost_3410_2012_512_paramSetB =   'id-tc26-gost-3410-2012-512-paramSetB';
-  LN_id_tc26_gost_3410_2012_512_paramSetB =   'GOST R 34.10-2012(512 bit)ParamSet B';
-  NID_id_tc26_gost_3410_2012_512_paramSetB =     999;
-  SN_id_tc26_gost_3410_2012_512_paramSetC =   'id-tc26-gost-3410-2012-512-paramSetC';
-  LN_id_tc26_gost_3410_2012_512_paramSetC =   'GOST R 34.10-2012(512 bit)ParamSet C';
-  NID_id_tc26_gost_3410_2012_512_paramSetC =     1149;
-  SN_id_tc26_digest_constants =    'id-tc26-digest-constants';
-  NID_id_tc26_digest_constants =    1000;
-  SN_id_tc26_cipher_constants =    'id-tc26-cipher-constants';
-  NID_id_tc26_cipher_constants =    1001;
-  SN_id_tc26_gost_28147_constants =   'id-tc26-gost-28147-constants';
-  NID_id_tc26_gost_28147_constants =     1002;
-  SN_id_tc26_gost_28147_param_Z =    'id-tc26-gost-28147-param-Z';
-  LN_id_tc26_gost_28147_param_Z =    'GOST 28147-89 TC26 parameter set';
-  NID_id_tc26_gost_28147_param_Z =   1003;
-  SN_INN =   'INN';
-  LN_INN =   'INN';
-  NID_INN =   1004;
-  SN_OGRN =   'OGRN';
-  LN_OGRN =   'OGRN';
-  NID_OGRN =     1005;
-  SN_SNILS =     'SNILS';
-  LN_SNILS =     'SNILS';
-  NID_SNILS =     1006;
-  SN_subjectSignTool =    'subjectSignTool';
-  LN_subjectSignTool =    'Signing Tool of Subject';
-  NID_subjectSignTool =    1007;
-  SN_issuerSignTool =     'issuerSignTool';
-  LN_issuerSignTool =     'Signing Tool of Issuer';
-  NID_issuerSignTool =    1008;
-  SN_grasshopper_ecb =    'grasshopper-ecb';
-  NID_grasshopper_ecb =    1012;
-  SN_grasshopper_ctr =    'grasshopper-ctr';
-  NID_grasshopper_ctr =    1013;
-  SN_grasshopper_ofb =    'grasshopper-ofb';
-  NID_grasshopper_ofb =    1014;
-  SN_grasshopper_cbc =    'grasshopper-cbc';
-  NID_grasshopper_cbc =    1015;
-  SN_grasshopper_cfb =    'grasshopper-cfb';
-  NID_grasshopper_cfb =    1016;
-  SN_grasshopper_mac =    'grasshopper-mac';
-  NID_grasshopper_mac =    1017;
-  SN_magma_ecb =    'magma-ecb';
-  NID_magma_ecb =    1187;
-  SN_magma_ctr =    'magma-ctr';
-  NID_magma_ctr =    1188;
-  SN_magma_ofb =    'magma-ofb';
-  NID_magma_ofb =    1189;
-  SN_magma_cbc =    'magma-cbc';
-  NID_magma_cbc =    1190;
-  SN_magma_cfb =    'magma-cfb';
-  NID_magma_cfb =    1191;
-  SN_magma_mac =    'magma-mac';
-  NID_magma_mac =    1192;
-  SN_camellia_128_cbc =    'CAMELLIA-128-CBC';
-  LN_camellia_128_cbc =    'camellia-128-cbc';
-  NID_camellia_128_cbc =    751;
-  SN_camellia_192_cbc =    'CAMELLIA-192-CBC';
-  LN_camellia_192_cbc =    'camellia-192-cbc';
-  NID_camellia_192_cbc =    752;
-  SN_camellia_256_cbc =    'CAMELLIA-256-CBC';
-  LN_camellia_256_cbc =    'camellia-256-cbc';
-  NID_camellia_256_cbc =    753;
-  SN_id_camellia128_wrap =   'id-camellia128-wrap';
-  NID_id_camellia128_wrap =   907;
-  SN_id_camellia192_wrap =   'id-camellia192-wrap';
-  NID_id_camellia192_wrap =   908;
-  SN_id_camellia256_wrap =   'id-camellia256-wrap';
-  NID_id_camellia256_wrap =   909;
-  SN_camellia_128_ecb =    'CAMELLIA-128-ECB';
-  LN_camellia_128_ecb =    'camellia-128-ecb';
-  NID_camellia_128_ecb =    754;
-  SN_camellia_128_ofb128 =   'CAMELLIA-128-OFB';
-  LN_camellia_128_ofb128 =   'camellia-128-ofb';
-  NID_camellia_128_ofb128 =   766;
-  SN_camellia_128_cfb128 =   'CAMELLIA-128-CFB';
-  LN_camellia_128_cfb128 =   'camellia-128-cfb';
-  NID_camellia_128_cfb128 =   757;
-  SN_camellia_128_gcm =    'CAMELLIA-128-GCM';
-  LN_camellia_128_gcm =    'camellia-128-gcm';
-  NID_camellia_128_gcm =    961;
-  SN_camellia_128_ccm =    'CAMELLIA-128-CCM';
-  LN_camellia_128_ccm =    'camellia-128-ccm';
-  NID_camellia_128_ccm =    962;
-  SN_camellia_128_ctr =    'CAMELLIA-128-CTR';
-  LN_camellia_128_ctr =    'camellia-128-ctr';
-  NID_camellia_128_ctr =    963;
-  SN_camellia_128_cmac =    'CAMELLIA-128-CMAC';
-  LN_camellia_128_cmac =    'camellia-128-cmac';
-  NID_camellia_128_cmac =    964;
-  SN_camellia_192_ecb =    'CAMELLIA-192-ECB';
-  LN_camellia_192_ecb =    'camellia-192-ecb';
-  NID_camellia_192_ecb =    755;
-  SN_camellia_192_ofb128 =   'CAMELLIA-192-OFB';
-  LN_camellia_192_ofb128 =   'camellia-192-ofb';
-  NID_camellia_192_ofb128 =   767;
-  SN_camellia_192_cfb128 =   'CAMELLIA-192-CFB';
-  LN_camellia_192_cfb128 =   'camellia-192-cfb';
-  NID_camellia_192_cfb128 =   758;
-  SN_camellia_192_gcm =    'CAMELLIA-192-GCM';
-  LN_camellia_192_gcm =    'camellia-192-gcm';
-  NID_camellia_192_gcm =    965;
-  SN_camellia_192_ccm =    'CAMELLIA-192-CCM';
-  LN_camellia_192_ccm =    'camellia-192-ccm';
-  NID_camellia_192_ccm =    966;
-  SN_camellia_192_ctr =    'CAMELLIA-192-CTR';
-  LN_camellia_192_ctr =    'camellia-192-ctr';
-  NID_camellia_192_ctr =    967;
-  SN_camellia_192_cmac =    'CAMELLIA-192-CMAC';
-  LN_camellia_192_cmac =    'camellia-192-cmac';
-  NID_camellia_192_cmac =    968;
-  SN_camellia_256_ecb =    'CAMELLIA-256-ECB';
-  LN_camellia_256_ecb =    'camellia-256-ecb';
-  NID_camellia_256_ecb =    756;
-  SN_camellia_256_ofb128 =   'CAMELLIA-256-OFB';
-  LN_camellia_256_ofb128 =   'camellia-256-ofb';
-  NID_camellia_256_ofb128 =   768;
-  SN_camellia_256_cfb128 =   'CAMELLIA-256-CFB';
-  LN_camellia_256_cfb128 =   'camellia-256-cfb';
-  NID_camellia_256_cfb128 =   759;
-  SN_camellia_256_gcm =    'CAMELLIA-256-GCM';
-  LN_camellia_256_gcm =    'camellia-256-gcm';
-  NID_camellia_256_gcm =    969;
-  SN_camellia_256_ccm =    'CAMELLIA-256-CCM';
-  LN_camellia_256_ccm =    'camellia-256-ccm';
-  NID_camellia_256_ccm =    970;
-  SN_camellia_256_ctr =    'CAMELLIA-256-CTR';
-  LN_camellia_256_ctr =    'camellia-256-ctr';
-  NID_camellia_256_ctr =    971;
-  SN_camellia_256_cmac =    'CAMELLIA-256-CMAC';
-  LN_camellia_256_cmac =    'camellia-256-cmac';
-  NID_camellia_256_cmac =    972;
-  SN_camellia_128_cfb1 =    'CAMELLIA-128-CFB1';
-  LN_camellia_128_cfb1 =    'camellia-128-cfb1';
-  NID_camellia_128_cfb1 =    760;
-  SN_camellia_192_cfb1 =    'CAMELLIA-192-CFB1';
-  LN_camellia_192_cfb1 =    'camellia-192-cfb1';
-  NID_camellia_192_cfb1 =    761;
-  SN_camellia_256_cfb1 =    'CAMELLIA-256-CFB1';
-  LN_camellia_256_cfb1 =    'camellia-256-cfb1';
-  NID_camellia_256_cfb1 =    762;
-  SN_camellia_128_cfb8 =    'CAMELLIA-128-CFB8';
-  LN_camellia_128_cfb8 =    'camellia-128-cfb8';
-  NID_camellia_128_cfb8 =    763;
-  SN_camellia_192_cfb8 =    'CAMELLIA-192-CFB8';
-  LN_camellia_192_cfb8 =    'camellia-192-cfb8';
-  NID_camellia_192_cfb8 =    764;
-  SN_camellia_256_cfb8 =    'CAMELLIA-256-CFB8';
-  LN_camellia_256_cfb8 =    'camellia-256-cfb8';
-  NID_camellia_256_cfb8 =    765;
-  SN_aria_128_ecb =   'ARIA-128-ECB';
-  LN_aria_128_ecb =   'aria-128-ecb';
-  NID_aria_128_ecb =     1065;
-  SN_aria_128_cbc =   'ARIA-128-CBC';
-  LN_aria_128_cbc =   'aria-128-cbc';
-  NID_aria_128_cbc =     1066;
-  SN_aria_128_cfb128 =    'ARIA-128-CFB';
-  LN_aria_128_cfb128 =    'aria-128-cfb';
-  NID_aria_128_cfb128 =    1067;
-  SN_aria_128_ofb128 =    'ARIA-128-OFB';
-  LN_aria_128_ofb128 =    'aria-128-ofb';
-  NID_aria_128_ofb128 =    1068;
-  SN_aria_128_ctr =   'ARIA-128-CTR';
-  LN_aria_128_ctr =   'aria-128-ctr';
-  NID_aria_128_ctr =     1069;
-  SN_aria_192_ecb =   'ARIA-192-ECB';
-  LN_aria_192_ecb =   'aria-192-ecb';
-  NID_aria_192_ecb =     1070;
-  SN_aria_192_cbc =   'ARIA-192-CBC';
-  LN_aria_192_cbc =   'aria-192-cbc';
-  NID_aria_192_cbc =     1071;
-  SN_aria_192_cfb128 =    'ARIA-192-CFB';
-  LN_aria_192_cfb128 =    'aria-192-cfb';
-  NID_aria_192_cfb128 =    1072;
-  SN_aria_192_ofb128 =    'ARIA-192-OFB';
-  LN_aria_192_ofb128 =    'aria-192-ofb';
-  NID_aria_192_ofb128 =    1073;
-  SN_aria_192_ctr =   'ARIA-192-CTR';
-  LN_aria_192_ctr =   'aria-192-ctr';
-  NID_aria_192_ctr =     1074;
-  SN_aria_256_ecb =   'ARIA-256-ECB';
-  LN_aria_256_ecb =   'aria-256-ecb';
-  NID_aria_256_ecb =     1075;
-  SN_aria_256_cbc =   'ARIA-256-CBC';
-  LN_aria_256_cbc =   'aria-256-cbc';
-  NID_aria_256_cbc =     1076;
-  SN_aria_256_cfb128 =    'ARIA-256-CFB';
-  LN_aria_256_cfb128 =    'aria-256-cfb';
-  NID_aria_256_cfb128 =    1077;
-  SN_aria_256_ofb128 =    'ARIA-256-OFB';
-  LN_aria_256_ofb128 =    'aria-256-ofb';
-  NID_aria_256_ofb128 =    1078;
-  SN_aria_256_ctr =   'ARIA-256-CTR';
-  LN_aria_256_ctr =   'aria-256-ctr';
-  NID_aria_256_ctr =     1079;
-  SN_aria_128_cfb1 =     'ARIA-128-CFB1';
-  LN_aria_128_cfb1 =     'aria-128-cfb1';
-  NID_aria_128_cfb1 =     1080;
-  SN_aria_192_cfb1 =     'ARIA-192-CFB1';
-  LN_aria_192_cfb1 =     'aria-192-cfb1';
-  NID_aria_192_cfb1 =     1081;
-  SN_aria_256_cfb1 =     'ARIA-256-CFB1';
-  LN_aria_256_cfb1 =     'aria-256-cfb1';
-  NID_aria_256_cfb1 =     1082;
-  SN_aria_128_cfb8 =     'ARIA-128-CFB8';
-  LN_aria_128_cfb8 =     'aria-128-cfb8';
-  NID_aria_128_cfb8 =     1083;
-  SN_aria_192_cfb8 =     'ARIA-192-CFB8';
-  LN_aria_192_cfb8 =     'aria-192-cfb8';
-  NID_aria_192_cfb8 =     1084;
-  SN_aria_256_cfb8 =     'ARIA-256-CFB8';
-  LN_aria_256_cfb8 =     'aria-256-cfb8';
-  NID_aria_256_cfb8 =     1085;
-  SN_aria_128_ccm =   'ARIA-128-CCM';
-  LN_aria_128_ccm =   'aria-128-ccm';
-  NID_aria_128_ccm =     1120;
-  SN_aria_192_ccm =   'ARIA-192-CCM';
-  LN_aria_192_ccm =   'aria-192-ccm';
-  NID_aria_192_ccm =     1121;
-  SN_aria_256_ccm =   'ARIA-256-CCM';
-  LN_aria_256_ccm =   'aria-256-ccm';
-  NID_aria_256_ccm =     1122;
-  SN_aria_128_gcm =   'ARIA-128-GCM';
-  LN_aria_128_gcm =   'aria-128-gcm';
-  NID_aria_128_gcm =     1123;
-  SN_aria_192_gcm =   'ARIA-192-GCM';
-  LN_aria_192_gcm =   'aria-192-gcm';
-  NID_aria_192_gcm =     1124;
-  SN_aria_256_gcm =   'ARIA-256-GCM';
-  LN_aria_256_gcm =   'aria-256-gcm';
-  NID_aria_256_gcm =     1125;
-  SN_kisa =   'KISA';
-  LN_kisa =   'kisa';
-  NID_kisa =     773;
-  SN_seed_ecb =    'SEED-ECB';
-  LN_seed_ecb =    'seed-ecb';
-  NID_seed_ecb =    776;
-  SN_seed_cbc =    'SEED-CBC';
-  LN_seed_cbc =    'seed-cbc';
-  NID_seed_cbc =    777;
-  SN_seed_cfb128 =   'SEED-CFB';
-  LN_seed_cfb128 =   'seed-cfb';
-  NID_seed_cfb128 =   779;
-  SN_seed_ofb128 =   'SEED-OFB';
-  LN_seed_ofb128 =   'seed-ofb';
-  NID_seed_ofb128 =   778;
-  SN_sm4_ecb =    'SM4-ECB';
-  LN_sm4_ecb =    'sm4-ecb';
-  NID_sm4_ecb =    1133;
-  SN_sm4_cbc =    'SM4-CBC';
-  LN_sm4_cbc =    'sm4-cbc';
-  NID_sm4_cbc =    1134;
-  SN_sm4_ofb128 =    'SM4-OFB';
-  LN_sm4_ofb128 =    'sm4-ofb';
-  NID_sm4_ofb128 =   1135;
-  SN_sm4_cfb128 =    'SM4-CFB';
-  LN_sm4_cfb128 =    'sm4-cfb';
-  NID_sm4_cfb128 =   1137;
-  SN_sm4_cfb1 =    'SM4-CFB1';
-  LN_sm4_cfb1 =    'sm4-cfb1';
-  NID_sm4_cfb1 =    1136;
-  SN_sm4_cfb8 =    'SM4-CFB8';
-  LN_sm4_cfb8 =    'sm4-cfb8';
-  NID_sm4_cfb8 =    1138;
-  SN_sm4_ctr =    'SM4-CTR';
-  LN_sm4_ctr =    'sm4-ctr';
-  NID_sm4_ctr =    1139;
-  SN_hmac =   'HMAC';
-  LN_hmac =   'hmac';
-  NID_hmac =     855;
-  SN_cmac =   'CMAC';
-  LN_cmac =   'cmac';
-  NID_cmac =     894;
-  SN_rc4_hmac_md5 =   'RC4-HMAC-MD5';
-  LN_rc4_hmac_md5 =   'rc4-hmac-md5';
-  NID_rc4_hmac_md5 =     915;
-  SN_aes_128_cbc_hmac_sha1 =     'AES-128-CBC-HMAC-SHA1';
-  LN_aes_128_cbc_hmac_sha1 =     'aes-128-cbc-hmac-sha1';
-  NID_aes_128_cbc_hmac_sha1 =     916;
-  SN_aes_192_cbc_hmac_sha1 =     'AES-192-CBC-HMAC-SHA1';
-  LN_aes_192_cbc_hmac_sha1 =     'aes-192-cbc-hmac-sha1';
-  NID_aes_192_cbc_hmac_sha1 =     917;
-  SN_aes_256_cbc_hmac_sha1 =     'AES-256-CBC-HMAC-SHA1';
-  LN_aes_256_cbc_hmac_sha1 =     'aes-256-cbc-hmac-sha1';
-  NID_aes_256_cbc_hmac_sha1 =     918;
-  SN_aes_128_cbc_hmac_sha256 =    'AES-128-CBC-HMAC-SHA256';
-  LN_aes_128_cbc_hmac_sha256 =    'aes-128-cbc-hmac-sha256';
-  NID_aes_128_cbc_hmac_sha256 =    948;
-  SN_aes_192_cbc_hmac_sha256 =    'AES-192-CBC-HMAC-SHA256';
-  LN_aes_192_cbc_hmac_sha256 =    'aes-192-cbc-hmac-sha256';
-  NID_aes_192_cbc_hmac_sha256 =    949;
-  SN_aes_256_cbc_hmac_sha256 =    'AES-256-CBC-HMAC-SHA256';
-  LN_aes_256_cbc_hmac_sha256 =    'aes-256-cbc-hmac-sha256';
-  NID_aes_256_cbc_hmac_sha256 =    950;
-  SN_chacha20_poly1305 =    'ChaCha20-Poly1305';
-  LN_chacha20_poly1305 =    'chacha20-poly1305';
-  NID_chacha20_poly1305 =    1018;
-  SN_chacha20 =    'ChaCha20';
-  LN_chacha20 =    'chacha20';
-  NID_chacha20 =    1019;
-  SN_dhpublicnumber =     'dhpublicnumber';
-  LN_dhpublicnumber =     'X9.42 DH';
-  NID_dhpublicnumber =    920;
-  SN_brainpoolP160r1 =    'brainpoolP160r1';
-  NID_brainpoolP160r1 =    921;
-  SN_brainpoolP160t1 =    'brainpoolP160t1';
-  NID_brainpoolP160t1 =    922;
-  SN_brainpoolP192r1 =    'brainpoolP192r1';
-  NID_brainpoolP192r1 =    923;
-  SN_brainpoolP192t1 =    'brainpoolP192t1';
-  NID_brainpoolP192t1 =    924;
-  SN_brainpoolP224r1 =    'brainpoolP224r1';
-  NID_brainpoolP224r1 =    925;
-  SN_brainpoolP224t1 =    'brainpoolP224t1';
-  NID_brainpoolP224t1 =    926;
-  SN_brainpoolP256r1 =    'brainpoolP256r1';
-  NID_brainpoolP256r1 =    927;
-  SN_brainpoolP256t1 =    'brainpoolP256t1';
-  NID_brainpoolP256t1 =    928;
-  SN_brainpoolP320r1 =    'brainpoolP320r1';
-  NID_brainpoolP320r1 =    929;
-  SN_brainpoolP320t1 =    'brainpoolP320t1';
-  NID_brainpoolP320t1 =    930;
-  SN_brainpoolP384r1 =    'brainpoolP384r1';
-  NID_brainpoolP384r1 =    931;
-  SN_brainpoolP384t1 =    'brainpoolP384t1';
-  NID_brainpoolP384t1 =    932;
-  SN_brainpoolP512r1 =    'brainpoolP512r1';
-  NID_brainpoolP512r1 =    933;
-  SN_brainpoolP512t1 =    'brainpoolP512t1';
-  NID_brainpoolP512t1 =    934;
-  SN_dhSinglePass_stdDH_sha1kdf_scheme =    'dhSinglePass-stdDH-sha1kdf-scheme';
-  NID_dhSinglePass_stdDH_sha1kdf_scheme =    936;
-  SN_dhSinglePass_stdDH_sha224kdf_scheme =   'dhSinglePass-stdDH-sha224kdf-scheme';
-  NID_dhSinglePass_stdDH_sha224kdf_scheme =   937;
-  SN_dhSinglePass_stdDH_sha256kdf_scheme =   'dhSinglePass-stdDH-sha256kdf-scheme';
-  NID_dhSinglePass_stdDH_sha256kdf_scheme =   938;
-  SN_dhSinglePass_stdDH_sha384kdf_scheme =   'dhSinglePass-stdDH-sha384kdf-scheme';
-  NID_dhSinglePass_stdDH_sha384kdf_scheme =   939;
-  SN_dhSinglePass_stdDH_sha512kdf_scheme =   'dhSinglePass-stdDH-sha512kdf-scheme';
-  NID_dhSinglePass_stdDH_sha512kdf_scheme =   940;
-  SN_dhSinglePass_cofactorDH_sha1kdf_scheme =     'dhSinglePass-cofactorDH-sha1kdf-scheme';
-  NID_dhSinglePass_cofactorDH_sha1kdf_scheme =    941;
-  SN_dhSinglePass_cofactorDH_sha224kdf_scheme =    'dhSinglePass-cofactorDH-sha224kdf-scheme';
-  NID_dhSinglePass_cofactorDH_sha224kdf_scheme =    942;
-  SN_dhSinglePass_cofactorDH_sha256kdf_scheme =    'dhSinglePass-cofactorDH-sha256kdf-scheme';
-  NID_dhSinglePass_cofactorDH_sha256kdf_scheme =    943;
-  SN_dhSinglePass_cofactorDH_sha384kdf_scheme =    'dhSinglePass-cofactorDH-sha384kdf-scheme';
-  NID_dhSinglePass_cofactorDH_sha384kdf_scheme =    944;
-  SN_dhSinglePass_cofactorDH_sha512kdf_scheme =    'dhSinglePass-cofactorDH-sha512kdf-scheme';
-  NID_dhSinglePass_cofactorDH_sha512kdf_scheme =    945;
-  SN_dh_std_kdf =    'dh-std-kdf';
-  NID_dh_std_kdf =   946;
-  SN_dh_cofactor_kdf =    'dh-cofactor-kdf';
-  NID_dh_cofactor_kdf =    947;
-  SN_ct_precert_scts =    'ct_precert_scts';
-  LN_ct_precert_scts =    'CT Precertificate SCTs';
-  NID_ct_precert_scts =    951;
-  SN_ct_precert_poison =    'ct_precert_poison';
-  LN_ct_precert_poison =    'CT Precertificate Poison';
-  NID_ct_precert_poison =    952;
-  SN_ct_precert_signer =    'ct_precert_signer';
-  LN_ct_precert_signer =    'CT Precertificate Signer';
-  NID_ct_precert_signer =    953;
-  SN_ct_cert_scts =   'ct_cert_scts';
-  LN_ct_cert_scts =   'CT Certificate SCTs';
-  NID_ct_cert_scts =     954;
-  SN_jurisdictionLocalityName =    'jurisdictionL';
-  LN_jurisdictionLocalityName =    'jurisdictionLocalityName';
-  NID_jurisdictionLocalityName =    955;
-  SN_jurisdictionStateOrProvinceName =    'jurisdictionST';
-  LN_jurisdictionStateOrProvinceName =    'jurisdictionStateOrProvinceName';
-  NID_jurisdictionStateOrProvinceName =    956;
-  SN_jurisdictionCountryName =    'jurisdictionC';
-  LN_jurisdictionCountryName =    'jurisdictionCountryName';
-  NID_jurisdictionCountryName =    957;
-  SN_id_scrypt =    'id-scrypt';
-  LN_id_scrypt =    'scrypt';
-  NID_id_scrypt =    973;
-  SN_tls1_prf =    'TLS1-PRF';
-  LN_tls1_prf =    'tls1-prf';
-  NID_tls1_prf =    1021;
-  SN_hkdf =   'HKDF';
-  LN_hkdf =   'hkdf';
-  NID_hkdf =     1036;
-  SN_id_pkinit =    'id-pkinit';
-  NID_id_pkinit =    1031;
-  SN_pkInitClientAuth =    'pkInitClientAuth';
-  LN_pkInitClientAuth =    'PKINIT Client Auth';
-  NID_pkInitClientAuth =    1032;
-  SN_pkInitKDC =    'pkInitKDC';
-  LN_pkInitKDC =    'Signing KDC Response';
-  NID_pkInitKDC =    1033;
-  SN_X25519 =     'X25519';
-  NID_X25519 =    1034;
-  SN_X448 =   'X448';
-  NID_X448 =     1035;
-  SN_ED25519 =    'ED25519';
-  NID_ED25519 =    1087;
-  SN_ED448 =     'ED448';
-  NID_ED448 =     1088;
-  SN_kx_rsa =     'KxRSA';
-  LN_kx_rsa =     'kx-rsa';
-  NID_kx_rsa =    1037;
-  SN_kx_ecdhe =    'KxECDHE';
-  LN_kx_ecdhe =    'kx-ecdhe';
-  NID_kx_ecdhe =    1038;
-  SN_kx_dhe =     'KxDHE';
-  LN_kx_dhe =     'kx-dhe';
-  NID_kx_dhe =    1039;
-  SN_kx_ecdhe_psk =   'KxECDHE-PSK';
-  LN_kx_ecdhe_psk =   'kx-ecdhe-psk';
-  NID_kx_ecdhe_psk =     1040;
-  SN_kx_dhe_psk =    'KxDHE-PSK';
-  LN_kx_dhe_psk =    'kx-dhe-psk';
-  NID_kx_dhe_psk =   1041;
-  SN_kx_rsa_psk =    'KxRSA_PSK';
-  LN_kx_rsa_psk =    'kx-rsa-psk';
-  NID_kx_rsa_psk =   1042;
-  SN_kx_psk =     'KxPSK';
-  LN_kx_psk =     'kx-psk';
-  NID_kx_psk =    1043;
-  SN_kx_srp =     'KxSRP';
-  LN_kx_srp =     'kx-srp';
-  NID_kx_srp =    1044;
-  SN_kx_gost =    'KxGOST';
-  LN_kx_gost =    'kx-gost';
-  NID_kx_gost =    1045;
-  SN_kx_any =     'KxANY';
-  LN_kx_any =     'kx-any';
-  NID_kx_any =    1063;
-  SN_auth_rsa =    'AuthRSA';
-  LN_auth_rsa =    'auth-rsa';
-  NID_auth_rsa =    1046;
-  SN_auth_ecdsa =    'AuthECDSA';
-  LN_auth_ecdsa =    'auth-ecdsa';
-  NID_auth_ecdsa =   1047;
-  SN_auth_psk =    'AuthPSK';
-  LN_auth_psk =    'auth-psk';
-  NID_auth_psk =    1048;
-  SN_auth_dss =    'AuthDSS';
-  LN_auth_dss =    'auth-dss';
-  NID_auth_dss =    1049;
-  SN_auth_gost01 =   'AuthGOST01';
-  LN_auth_gost01 =   'auth-gost01';
-  NID_auth_gost01 =   1050;
-  SN_auth_gost12 =   'AuthGOST12';
-  LN_auth_gost12 =   'auth-gost12';
-  NID_auth_gost12 =   1051;
-  SN_auth_srp =    'AuthSRP';
-  LN_auth_srp =    'auth-srp';
-  NID_auth_srp =    1052;
-  SN_auth_null =    'AuthNULL';
-  LN_auth_null =    'auth-null';
-  NID_auth_null =    1053;
-  SN_auth_any =    'AuthANY';
-  LN_auth_any =    'auth-any';
-  NID_auth_any =    1064;
-  SN_poly1305 =    'Poly1305';
-  LN_poly1305 =    'poly1305';
-  NID_poly1305 =    1061;
-  SN_siphash =    'SipHash';
-  LN_siphash =    'siphash';
-  NID_siphash =    1062;
-  SN_ffdhe2048 =    'ffdhe2048';
-  NID_ffdhe2048 =    1126;
-  SN_ffdhe3072 =    'ffdhe3072';
-  NID_ffdhe3072 =    1127;
-  SN_ffdhe4096 =    'ffdhe4096';
-  NID_ffdhe4096 =    1128;
-  SN_ffdhe6144 =    'ffdhe6144';
-  NID_ffdhe6144 =    1129;
-  SN_ffdhe8192 =    'ffdhe8192';
-  NID_ffdhe8192 =    1130;
-  SN_ISO_UA =     'ISO-UA';
-  NID_ISO_UA =    1150;
-  SN_ua_pki =     'ua-pki';
-  NID_ua_pki =    1151;
-  SN_dstu28147 =    'dstu28147';
-  LN_dstu28147 =    'DSTU Gost 28147-2009';
-  NID_dstu28147 =    1152;
-  SN_dstu28147_ofb =     'dstu28147-ofb';
-  LN_dstu28147_ofb =     'DSTU Gost 28147-2009 OFB mode';
-  NID_dstu28147_ofb =     1153;
-  SN_dstu28147_cfb =     'dstu28147-cfb';
-  LN_dstu28147_cfb =     'DSTU Gost 28147-2009 CFB mode';
-  NID_dstu28147_cfb =     1154;
-  SN_dstu28147_wrap =     'dstu28147-wrap';
-  LN_dstu28147_wrap =     'DSTU Gost 28147-2009 key wrap';
-  NID_dstu28147_wrap =    1155;
-  SN_hmacWithDstu34311 =    'hmacWithDstu34311';
-  LN_hmacWithDstu34311 =    'HMAC DSTU Gost 34311-95';
-  NID_hmacWithDstu34311 =    1156;
-  SN_dstu34311 =    'dstu34311';
-  LN_dstu34311 =    'DSTU Gost 34311-95';
-  NID_dstu34311 =    1157;
-  SN_dstu4145le =    'dstu4145le';
-  LN_dstu4145le =    'DSTU 4145-2002 little endian';
-  NID_dstu4145le =   1158;
-  SN_dstu4145be =    'dstu4145be';
-  LN_dstu4145be =    'DSTU 4145-2002 big endian';
-  NID_dstu4145be =   1159;
-  SN_uacurve0 =    'uacurve0';
-  LN_uacurve0 =    'DSTU curve 0';
-  NID_uacurve0 =    1160;
-  SN_uacurve1 =    'uacurve1';
-  LN_uacurve1 =    'DSTU curve 1';
-  NID_uacurve1 =    1161;
-  SN_uacurve2 =    'uacurve2';
-  LN_uacurve2 =    'DSTU curve 2';
-  NID_uacurve2 =    1162;
-  SN_uacurve3 =    'uacurve3';
-  LN_uacurve3 =    'DSTU curve 3';
-  NID_uacurve3 =    1163;
-  SN_uacurve4 =    'uacurve4';
-  LN_uacurve4 =    'DSTU curve 4';
-  NID_uacurve4 =    1164;
-  SN_uacurve5 =    'uacurve5';
-  LN_uacurve5 =    'DSTU curve 5';
-  NID_uacurve5 =    1165;
-  SN_uacurve6 =    'uacurve6';
-  LN_uacurve6 =    'DSTU curve 6';
-  NID_uacurve6 =    1166;
-  SN_uacurve7 =    'uacurve7';
-  LN_uacurve7 =    'DSTU curve 7';
-  NID_uacurve7 =    1167;
-  SN_uacurve8 =    'uacurve8';
-  LN_uacurve8 =    'DSTU curve 8';
-  NID_uacurve8 =    1168;
-  SN_uacurve9 =    'uacurve9';
-  LN_uacurve9 =    'DSTU curve 9';
-  NID_uacurve9 =    1169;
+  SN_undef = AnsiString('UNDEF');
+  LN_undef = AnsiString('undefined');
+  NID_undef = 0;
+
+  SN_itu_t = AnsiString('ITU-T');
+  LN_itu_t = AnsiString('itu-t');
+  NID_itu_t = 645;
+
+  NID_ccitt = 404;
+
+  SN_iso = AnsiString('ISO');
+  LN_iso = AnsiString('iso');
+  NID_iso = 181;
+
+  SN_joint_iso_itu_t = AnsiString('JOINT-ISO-ITU-T');
+  LN_joint_iso_itu_t = AnsiString('joint-iso-itu-t');
+  NID_joint_iso_itu_t = 646;
+
+  NID_joint_iso_ccitt = 393;
+
+  SN_member_body = AnsiString('member-body');
+  LN_member_body = AnsiString('ISO Member Body');
+  NID_member_body = 182;
+
+  SN_identified_organization = AnsiString('identified-organization');
+  NID_identified_organization = 676;
+
+  SN_hmac_md5 = AnsiString('HMAC-MD5');
+  LN_hmac_md5 = AnsiString('hmac-md5');
+  NID_hmac_md5 = 780;
+
+  SN_hmac_sha1 = AnsiString('HMAC-SHA1');
+  LN_hmac_sha1 = AnsiString('hmac-sha1');
+  NID_hmac_sha1 = 781;
+
+  SN_x509ExtAdmission = AnsiString('x509ExtAdmission');
+  LN_x509ExtAdmission = AnsiString('Professional Information or basis for Admission');
+  NID_x509ExtAdmission = 1093;
+
+  SN_certicom_arc = AnsiString('certicom-arc');
+  NID_certicom_arc = 677;
+
+  SN_ieee = AnsiString('ieee');
+  NID_ieee = 1170;
+
+  SN_ieee_siswg = AnsiString('ieee-siswg');
+  LN_ieee_siswg = AnsiString('IEEE Security in Storage Working Group');
+  NID_ieee_siswg = 1171;
+
+  SN_international_organizations = AnsiString('international-organizations');
+  LN_international_organizations = AnsiString('International Organizations');
+  NID_international_organizations = 647;
+
+  SN_wap = AnsiString('wap');
+  NID_wap = 678;
+
+  SN_wap_wsg = AnsiString('wap-wsg');
+  NID_wap_wsg = 679;
+
+  SN_selected_attribute_types = AnsiString('selected-attribute-types');
+  LN_selected_attribute_types = AnsiString('Selected Attribute Types');
+  NID_selected_attribute_types = 394;
+
+  SN_clearance = AnsiString('clearance');
+  NID_clearance = 395;
+
+  SN_ISO_US = AnsiString('ISO-US');
+  LN_ISO_US = AnsiString('ISO US Member Body');
+  NID_ISO_US = 183;
+
+  SN_X9_57 = AnsiString('X9-57');
+  LN_X9_57 = AnsiString('X9.57');
+  NID_X9_57 = 184;
+
+  SN_X9cm = AnsiString('X9cm');
+  LN_X9cm = AnsiString('X9.57 CM ?');
+  NID_X9cm = 185;
+
+  SN_ISO_CN = AnsiString('ISO-CN');
+  LN_ISO_CN = AnsiString('ISO CN Member Body');
+  NID_ISO_CN = 1140;
+
+  SN_oscca = AnsiString('oscca');
+  NID_oscca = 1141;
+
+  SN_sm_scheme = AnsiString('sm-scheme');
+  NID_sm_scheme = 1142;
+
+  SN_dsa = AnsiString('DSA');
+  LN_dsa = AnsiString('dsaEncryption');
+  NID_dsa = 116;
+
+  SN_dsaWithSHA1 = AnsiString('DSA-SHA1');
+  LN_dsaWithSHA1 = AnsiString('dsaWithSHA1');
+  NID_dsaWithSHA1 = 113;
+
+  SN_ansi_X9_62 = AnsiString('ansi-X9-62');
+  LN_ansi_X9_62 = AnsiString('ANSI X9.62');
+  NID_ansi_X9_62 = 405;
+
+  SN_X9_62_prime_field = AnsiString('prime-field');
+  NID_X9_62_prime_field = 406;
+
+  SN_X9_62_characteristic_two_field = AnsiString('characteristic-two-field');
+  NID_X9_62_characteristic_two_field = 407;
+
+  SN_X9_62_id_characteristic_two_basis = AnsiString('id-characteristic-two-basis');
+  NID_X9_62_id_characteristic_two_basis = 680;
+
+  SN_X9_62_onBasis = AnsiString('onBasis');
+  NID_X9_62_onBasis = 681;
+
+  SN_X9_62_tpBasis = AnsiString('tpBasis');
+  NID_X9_62_tpBasis = 682;
+
+  SN_X9_62_ppBasis = AnsiString('ppBasis');
+  NID_X9_62_ppBasis = 683;
+
+  SN_X9_62_id_ecPublicKey = AnsiString('id-ecPublicKey');
+  NID_X9_62_id_ecPublicKey = 408;
+
+  SN_X9_62_c2pnb163v1 = AnsiString('c2pnb163v1');
+  NID_X9_62_c2pnb163v1 = 684;
+
+  SN_X9_62_c2pnb163v2 = AnsiString('c2pnb163v2');
+  NID_X9_62_c2pnb163v2 = 685;
+
+  SN_X9_62_c2pnb163v3 = AnsiString('c2pnb163v3');
+  NID_X9_62_c2pnb163v3 = 686;
+
+  SN_X9_62_c2pnb176v1 = AnsiString('c2pnb176v1');
+  NID_X9_62_c2pnb176v1 = 687;
+
+  SN_X9_62_c2tnb191v1 = AnsiString('c2tnb191v1');
+  NID_X9_62_c2tnb191v1 = 688;
+
+  SN_X9_62_c2tnb191v2 = AnsiString('c2tnb191v2');
+  NID_X9_62_c2tnb191v2 = 689;
+
+  SN_X9_62_c2tnb191v3 = AnsiString('c2tnb191v3');
+  NID_X9_62_c2tnb191v3 = 690;
+
+  SN_X9_62_c2onb191v4 = AnsiString('c2onb191v4');
+  NID_X9_62_c2onb191v4 = 691;
+
+  SN_X9_62_c2onb191v5 = AnsiString('c2onb191v5');
+  NID_X9_62_c2onb191v5 = 692;
+
+  SN_X9_62_c2pnb208w1 = AnsiString('c2pnb208w1');
+  NID_X9_62_c2pnb208w1 = 693;
+
+  SN_X9_62_c2tnb239v1 = AnsiString('c2tnb239v1');
+  NID_X9_62_c2tnb239v1 = 694;
+
+  SN_X9_62_c2tnb239v2 = AnsiString('c2tnb239v2');
+  NID_X9_62_c2tnb239v2 = 695;
+
+  SN_X9_62_c2tnb239v3 = AnsiString('c2tnb239v3');
+  NID_X9_62_c2tnb239v3 = 696;
+
+  SN_X9_62_c2onb239v4 = AnsiString('c2onb239v4');
+  NID_X9_62_c2onb239v4 = 697;
+
+  SN_X9_62_c2onb239v5 = AnsiString('c2onb239v5');
+  NID_X9_62_c2onb239v5 = 698;
+
+  SN_X9_62_c2pnb272w1 = AnsiString('c2pnb272w1');
+  NID_X9_62_c2pnb272w1 = 699;
+
+  SN_X9_62_c2pnb304w1 = AnsiString('c2pnb304w1');
+  NID_X9_62_c2pnb304w1 = 700;
+
+  SN_X9_62_c2tnb359v1 = AnsiString('c2tnb359v1');
+  NID_X9_62_c2tnb359v1 = 701;
+
+  SN_X9_62_c2pnb368w1 = AnsiString('c2pnb368w1');
+  NID_X9_62_c2pnb368w1 = 702;
+
+  SN_X9_62_c2tnb431r1 = AnsiString('c2tnb431r1');
+  NID_X9_62_c2tnb431r1 = 703;
+
+  SN_X9_62_prime192v1 = AnsiString('prime192v1');
+  NID_X9_62_prime192v1 = 409;
+
+  SN_X9_62_prime192v2 = AnsiString('prime192v2');
+  NID_X9_62_prime192v2 = 410;
+
+  SN_X9_62_prime192v3 = AnsiString('prime192v3');
+  NID_X9_62_prime192v3 = 411;
+
+  SN_X9_62_prime239v1 = AnsiString('prime239v1');
+  NID_X9_62_prime239v1 = 412;
+
+  SN_X9_62_prime239v2 = AnsiString('prime239v2');
+  NID_X9_62_prime239v2 = 413;
+
+  SN_X9_62_prime239v3 = AnsiString('prime239v3');
+  NID_X9_62_prime239v3 = 414;
+
+  SN_X9_62_prime256v1 = AnsiString('prime256v1');
+  NID_X9_62_prime256v1 = 415;
+
+  SN_ecdsa_with_SHA1 = AnsiString('ecdsa-with-SHA1');
+  NID_ecdsa_with_SHA1 = 416;
+
+  SN_ecdsa_with_Recommended = AnsiString('ecdsa-with-Recommended');
+  NID_ecdsa_with_Recommended = 791;
+
+  SN_ecdsa_with_Specified = AnsiString('ecdsa-with-Specified');
+  NID_ecdsa_with_Specified = 792;
+
+  SN_ecdsa_with_SHA224 = AnsiString('ecdsa-with-SHA224');
+  NID_ecdsa_with_SHA224 = 793;
+
+  SN_ecdsa_with_SHA256 = AnsiString('ecdsa-with-SHA256');
+  NID_ecdsa_with_SHA256 = 794;
+
+  SN_ecdsa_with_SHA384 = AnsiString('ecdsa-with-SHA384');
+  NID_ecdsa_with_SHA384 = 795;
+
+  SN_ecdsa_with_SHA512 = AnsiString('ecdsa-with-SHA512');
+  NID_ecdsa_with_SHA512 = 796;
+
+  SN_secp112r1 = AnsiString('secp112r1');
+  NID_secp112r1 = 704;
+
+  SN_secp112r2 = AnsiString('secp112r2');
+  NID_secp112r2 = 705;
+
+  SN_secp128r1 = AnsiString('secp128r1');
+  NID_secp128r1 = 706;
+
+  SN_secp128r2 = AnsiString('secp128r2');
+  NID_secp128r2 = 707;
+
+  SN_secp160k1 = AnsiString('secp160k1');
+  NID_secp160k1 = 708;
+
+  SN_secp160r1 = AnsiString('secp160r1');
+  NID_secp160r1 = 709;
+
+  SN_secp160r2 = AnsiString('secp160r2');
+  NID_secp160r2 = 710;
+
+  SN_secp192k1 = AnsiString('secp192k1');
+  NID_secp192k1 = 711;
+
+  SN_secp224k1 = AnsiString('secp224k1');
+  NID_secp224k1 = 712;
+
+  SN_secp224r1 = AnsiString('secp224r1');
+  NID_secp224r1 = 713;
+
+  SN_secp256k1 = AnsiString('secp256k1');
+  NID_secp256k1 = 714;
+
+  SN_secp384r1 = AnsiString('secp384r1');
+  NID_secp384r1 = 715;
+
+  SN_secp521r1 = AnsiString('secp521r1');
+  NID_secp521r1 = 716;
+
+  SN_sect113r1 = AnsiString('sect113r1');
+  NID_sect113r1 = 717;
+
+  SN_sect113r2 = AnsiString('sect113r2');
+  NID_sect113r2 = 718;
+
+  SN_sect131r1 = AnsiString('sect131r1');
+  NID_sect131r1 = 719;
+
+  SN_sect131r2 = AnsiString('sect131r2');
+  NID_sect131r2 = 720;
+
+  SN_sect163k1 = AnsiString('sect163k1');
+  NID_sect163k1 = 721;
+
+  SN_sect163r1 = AnsiString('sect163r1');
+  NID_sect163r1 = 722;
+
+  SN_sect163r2 = AnsiString('sect163r2');
+  NID_sect163r2 = 723;
+
+  SN_sect193r1 = AnsiString('sect193r1');
+  NID_sect193r1 = 724;
+
+  SN_sect193r2 = AnsiString('sect193r2');
+  NID_sect193r2 = 725;
+
+  SN_sect233k1 = AnsiString('sect233k1');
+  NID_sect233k1 = 726;
+
+  SN_sect233r1 = AnsiString('sect233r1');
+  NID_sect233r1 = 727;
+
+  SN_sect239k1 = AnsiString('sect239k1');
+  NID_sect239k1 = 728;
+
+  SN_sect283k1 = AnsiString('sect283k1');
+  NID_sect283k1 = 729;
+
+  SN_sect283r1 = AnsiString('sect283r1');
+  NID_sect283r1 = 730;
+
+  SN_sect409k1 = AnsiString('sect409k1');
+  NID_sect409k1 = 731;
+
+  SN_sect409r1 = AnsiString('sect409r1');
+  NID_sect409r1 = 732;
+
+  SN_sect571k1 = AnsiString('sect571k1');
+  NID_sect571k1 = 733;
+
+  SN_sect571r1 = AnsiString('sect571r1');
+  NID_sect571r1 = 734;
+
+  SN_wap_wsg_idm_ecid_wtls1 = AnsiString('wap-wsg-idm-ecid-wtls1');
+  NID_wap_wsg_idm_ecid_wtls1 = 735;
+
+  SN_wap_wsg_idm_ecid_wtls3 = AnsiString('wap-wsg-idm-ecid-wtls3');
+  NID_wap_wsg_idm_ecid_wtls3 = 736;
+
+  SN_wap_wsg_idm_ecid_wtls4 = AnsiString('wap-wsg-idm-ecid-wtls4');
+  NID_wap_wsg_idm_ecid_wtls4 = 737;
+
+  SN_wap_wsg_idm_ecid_wtls5 = AnsiString('wap-wsg-idm-ecid-wtls5');
+  NID_wap_wsg_idm_ecid_wtls5 = 738;
+
+  SN_wap_wsg_idm_ecid_wtls6 = AnsiString('wap-wsg-idm-ecid-wtls6');
+  NID_wap_wsg_idm_ecid_wtls6 = 739;
+
+  SN_wap_wsg_idm_ecid_wtls7 = AnsiString('wap-wsg-idm-ecid-wtls7');
+  NID_wap_wsg_idm_ecid_wtls7 = 740;
+
+  SN_wap_wsg_idm_ecid_wtls8 = AnsiString('wap-wsg-idm-ecid-wtls8');
+  NID_wap_wsg_idm_ecid_wtls8 = 741;
+
+  SN_wap_wsg_idm_ecid_wtls9 = AnsiString('wap-wsg-idm-ecid-wtls9');
+  NID_wap_wsg_idm_ecid_wtls9 = 742;
+
+  SN_wap_wsg_idm_ecid_wtls10 = AnsiString('wap-wsg-idm-ecid-wtls10');
+  NID_wap_wsg_idm_ecid_wtls10 = 743;
+
+  SN_wap_wsg_idm_ecid_wtls11 = AnsiString('wap-wsg-idm-ecid-wtls11');
+  NID_wap_wsg_idm_ecid_wtls11 = 744;
+
+  SN_wap_wsg_idm_ecid_wtls12 = AnsiString('wap-wsg-idm-ecid-wtls12');
+  NID_wap_wsg_idm_ecid_wtls12 = 745;
+
+  SN_cast5_cbc = AnsiString('CAST5-CBC');
+  LN_cast5_cbc = AnsiString('cast5-cbc');
+  NID_cast5_cbc = 108;
+
+  SN_cast5_ecb = AnsiString('CAST5-ECB');
+  LN_cast5_ecb = AnsiString('cast5-ecb');
+  NID_cast5_ecb = 109;
+
+  SN_cast5_cfb64 = AnsiString('CAST5-CFB');
+  LN_cast5_cfb64 = AnsiString('cast5-cfb');
+  NID_cast5_cfb64 = 110;
+
+  SN_cast5_ofb64 = AnsiString('CAST5-OFB');
+  LN_cast5_ofb64 = AnsiString('cast5-ofb');
+  NID_cast5_ofb64 = 111;
+
+  LN_pbeWithMD5AndCast5_CBC = AnsiString('pbeWithMD5AndCast5CBC');
+  NID_pbeWithMD5AndCast5_CBC = 112;
+
+  SN_id_PasswordBasedMAC = AnsiString('id-PasswordBasedMAC');
+  LN_id_PasswordBasedMAC = AnsiString('password based MAC');
+  NID_id_PasswordBasedMAC = 782;
+
+  SN_id_DHBasedMac = AnsiString('id-DHBasedMac');
+  LN_id_DHBasedMac = AnsiString('Diffie-Hellman based MAC');
+  NID_id_DHBasedMac = 783;
+
+  SN_rsadsi = AnsiString('rsadsi');
+  LN_rsadsi = AnsiString('RSA Data Security; Inc.');
+  NID_rsadsi = 1;
+
+  SN_pkcs = AnsiString('pkcs');
+  LN_pkcs = AnsiString('RSA Data Security; Inc. PKCS');
+  NID_pkcs = 2;
+
+  SN_pkcs1 = AnsiString('pkcs1');
+  NID_pkcs1 = 186;
+
+  LN_rsaEncryption = AnsiString('rsaEncryption');
+  NID_rsaEncryption = 6;
+
+  SN_md2WithRSAEncryption = AnsiString('RSA-MD2');
+  LN_md2WithRSAEncryption = AnsiString('md2WithRSAEncryption');
+  NID_md2WithRSAEncryption = 7;
+
+  SN_md4WithRSAEncryption = AnsiString('RSA-MD4');
+  LN_md4WithRSAEncryption = AnsiString('md4WithRSAEncryption');
+  NID_md4WithRSAEncryption = 396;
+
+  SN_md5WithRSAEncryption = AnsiString('RSA-MD5');
+  LN_md5WithRSAEncryption = AnsiString('md5WithRSAEncryption');
+  NID_md5WithRSAEncryption = 8;
+
+  SN_sha1WithRSAEncryption = AnsiString('RSA-SHA1');
+  LN_sha1WithRSAEncryption = AnsiString('sha1WithRSAEncryption');
+  NID_sha1WithRSAEncryption = 65;
+
+  SN_rsaesOaep = AnsiString('RSAES-OAEP');
+  LN_rsaesOaep = AnsiString('rsaesOaep');
+  NID_rsaesOaep = 919;
+
+  SN_mgf1 = AnsiString('MGF1');
+  LN_mgf1 = AnsiString('mgf1');
+  NID_mgf1 = 911;
+
+  SN_pSpecified = AnsiString('PSPECIFIED');
+  LN_pSpecified = AnsiString('pSpecified');
+  NID_pSpecified = 935;
+
+  SN_rsassaPss = AnsiString('RSASSA-PSS');
+  LN_rsassaPss = AnsiString('rsassaPss');
+  NID_rsassaPss = 912;
+
+  SN_sha256WithRSAEncryption = AnsiString('RSA-SHA256');
+  LN_sha256WithRSAEncryption = AnsiString('sha256WithRSAEncryption');
+  NID_sha256WithRSAEncryption = 668;
+
+  SN_sha384WithRSAEncryption = AnsiString('RSA-SHA384');
+  LN_sha384WithRSAEncryption = AnsiString('sha384WithRSAEncryption');
+  NID_sha384WithRSAEncryption = 669;
+
+  SN_sha512WithRSAEncryption = AnsiString('RSA-SHA512');
+  LN_sha512WithRSAEncryption = AnsiString('sha512WithRSAEncryption');
+  NID_sha512WithRSAEncryption = 670;
+
+  SN_sha224WithRSAEncryption = AnsiString('RSA-SHA224');
+  LN_sha224WithRSAEncryption = AnsiString('sha224WithRSAEncryption');
+  NID_sha224WithRSAEncryption = 671;
+
+  SN_sha512_224WithRSAEncryption = AnsiString('RSA-SHA512/224');
+  LN_sha512_224WithRSAEncryption = AnsiString('sha512-224WithRSAEncryption');
+  NID_sha512_224WithRSAEncryption = 1145;
+
+  SN_sha512_256WithRSAEncryption = AnsiString('RSA-SHA512/256');
+  LN_sha512_256WithRSAEncryption = AnsiString('sha512-256WithRSAEncryption');
+  NID_sha512_256WithRSAEncryption = 1146;
+
+  SN_pkcs3 = AnsiString('pkcs3');
+  NID_pkcs3 = 27;
+
+  LN_dhKeyAgreement = AnsiString('dhKeyAgreement');
+  NID_dhKeyAgreement = 28;
+
+  SN_pkcs5 = AnsiString('pkcs5');
+  NID_pkcs5 = 187;
+
+  SN_pbeWithMD2AndDES_CBC = AnsiString('PBE-MD2-DES');
+  LN_pbeWithMD2AndDES_CBC = AnsiString('pbeWithMD2AndDES-CBC');
+  NID_pbeWithMD2AndDES_CBC = 9;
+
+  SN_pbeWithMD5AndDES_CBC = AnsiString('PBE-MD5-DES');
+  LN_pbeWithMD5AndDES_CBC = AnsiString('pbeWithMD5AndDES-CBC');
+  NID_pbeWithMD5AndDES_CBC = 10;
+
+  SN_pbeWithMD2AndRC2_CBC = AnsiString('PBE-MD2-RC2-64');
+  LN_pbeWithMD2AndRC2_CBC = AnsiString('pbeWithMD2AndRC2-CBC');
+  NID_pbeWithMD2AndRC2_CBC = 168;
+
+  SN_pbeWithMD5AndRC2_CBC = AnsiString('PBE-MD5-RC2-64');
+  LN_pbeWithMD5AndRC2_CBC = AnsiString('pbeWithMD5AndRC2-CBC');
+  NID_pbeWithMD5AndRC2_CBC = 169;
+
+  SN_pbeWithSHA1AndDES_CBC = AnsiString('PBE-SHA1-DES');
+  LN_pbeWithSHA1AndDES_CBC = AnsiString('pbeWithSHA1AndDES-CBC');
+  NID_pbeWithSHA1AndDES_CBC = 170;
+
+  SN_pbeWithSHA1AndRC2_CBC = AnsiString('PBE-SHA1-RC2-64');
+  LN_pbeWithSHA1AndRC2_CBC = AnsiString('pbeWithSHA1AndRC2-CBC');
+  NID_pbeWithSHA1AndRC2_CBC = 68;
+
+  LN_id_pbkdf2 = AnsiString('PBKDF2');
+  NID_id_pbkdf2 = 69;
+
+  LN_pbes2 = AnsiString('PBES2');
+  NID_pbes2 = 161;
+
+  LN_pbmac1 = AnsiString('PBMAC1');
+  NID_pbmac1 = 162;
+
+  SN_pkcs7 = AnsiString('pkcs7');
+  NID_pkcs7 = 20;
+
+  LN_pkcs7_data = AnsiString('pkcs7-data');
+  NID_pkcs7_data = 21;
+
+  LN_pkcs7_signed = AnsiString('pkcs7-signedData');
+  NID_pkcs7_signed = 22;
+
+  LN_pkcs7_enveloped = AnsiString('pkcs7-envelopedData');
+  NID_pkcs7_enveloped = 23;
+
+  LN_pkcs7_signedAndEnveloped = AnsiString('pkcs7-signedAndEnvelopedData');
+  NID_pkcs7_signedAndEnveloped = 24;
+
+  LN_pkcs7_digest = AnsiString('pkcs7-digestData');
+  NID_pkcs7_digest = 25;
+
+  LN_pkcs7_encrypted = AnsiString('pkcs7-encryptedData');
+  NID_pkcs7_encrypted = 26;
+
+  SN_pkcs9 = AnsiString('pkcs9');
+  NID_pkcs9 = 47;
+
+  LN_pkcs9_emailAddress = AnsiString('emailAddress');
+  NID_pkcs9_emailAddress = 48;
+
+  LN_pkcs9_unstructuredName = AnsiString('unstructuredName');
+  NID_pkcs9_unstructuredName = 49;
+
+  LN_pkcs9_contentType = AnsiString('contentType');
+  NID_pkcs9_contentType = 50;
+
+  LN_pkcs9_messageDigest = AnsiString('messageDigest');
+  NID_pkcs9_messageDigest = 51;
+
+  LN_pkcs9_signingTime = AnsiString('signingTime');
+  NID_pkcs9_signingTime = 52;
+
+  LN_pkcs9_countersignature = AnsiString('countersignature');
+  NID_pkcs9_countersignature = 53;
+
+  LN_pkcs9_challengePassword = AnsiString('challengePassword');
+  NID_pkcs9_challengePassword = 54;
+
+  LN_pkcs9_unstructuredAddress = AnsiString('unstructuredAddress');
+  NID_pkcs9_unstructuredAddress = 55;
+
+  LN_pkcs9_extCertAttributes = AnsiString('extendedCertificateAttributes');
+  NID_pkcs9_extCertAttributes = 56;
+
+  SN_ext_req = AnsiString('extReq');
+  LN_ext_req = AnsiString('Extension Request');
+  NID_ext_req = 172;
+
+  SN_SMIMECapabilities = AnsiString('SMIME-CAPS');
+  LN_SMIMECapabilities = AnsiString('S/MIME Capabilities');
+  NID_SMIMECapabilities = 167;
+
+  SN_SMIME = AnsiString('SMIME');
+  LN_SMIME = AnsiString('S/MIME');
+  NID_SMIME = 188;
+
+  SN_id_smime_mod = AnsiString('id-smime-mod');
+  NID_id_smime_mod = 189;
+
+  SN_id_smime_ct = AnsiString('id-smime-ct');
+  NID_id_smime_ct = 190;
+
+  SN_id_smime_aa = AnsiString('id-smime-aa');
+  NID_id_smime_aa = 191;
+
+  SN_id_smime_alg = AnsiString('id-smime-alg');
+  NID_id_smime_alg = 192;
+
+  SN_id_smime_cd = AnsiString('id-smime-cd');
+  NID_id_smime_cd = 193;
+
+  SN_id_smime_spq = AnsiString('id-smime-spq');
+  NID_id_smime_spq = 194;
+
+  SN_id_smime_cti = AnsiString('id-smime-cti');
+  NID_id_smime_cti = 195;
+
+  SN_id_smime_mod_cms = AnsiString('id-smime-mod-cms');
+  NID_id_smime_mod_cms = 196;
+
+  SN_id_smime_mod_ess = AnsiString('id-smime-mod-ess');
+  NID_id_smime_mod_ess = 197;
+
+  SN_id_smime_mod_oid = AnsiString('id-smime-mod-oid');
+  NID_id_smime_mod_oid = 198;
+
+  SN_id_smime_mod_msg_v3 = AnsiString('id-smime-mod-msg-v3');
+  NID_id_smime_mod_msg_v3 = 199;
+
+  SN_id_smime_mod_ets_eSignature_88 = AnsiString('id-smime-mod-ets-eSignature-88');
+  NID_id_smime_mod_ets_eSignature_88 = 200;
+
+  SN_id_smime_mod_ets_eSignature_97 = AnsiString('id-smime-mod-ets-eSignature-97');
+  NID_id_smime_mod_ets_eSignature_97 = 201;
+
+  SN_id_smime_mod_ets_eSigPolicy_88 = AnsiString('id-smime-mod-ets-eSigPolicy-88');
+  NID_id_smime_mod_ets_eSigPolicy_88 = 202;
+
+  SN_id_smime_mod_ets_eSigPolicy_97 = AnsiString('id-smime-mod-ets-eSigPolicy-97');
+  NID_id_smime_mod_ets_eSigPolicy_97 = 203;
+
+  SN_id_smime_ct_receipt = AnsiString('id-smime-ct-receipt');
+  NID_id_smime_ct_receipt = 204;
+
+  SN_id_smime_ct_authData = AnsiString('id-smime-ct-authData');
+  NID_id_smime_ct_authData = 205;
+
+  SN_id_smime_ct_publishCert = AnsiString('id-smime-ct-publishCert');
+  NID_id_smime_ct_publishCert = 206;
+
+  SN_id_smime_ct_TSTInfo = AnsiString('id-smime-ct-TSTInfo');
+  NID_id_smime_ct_TSTInfo = 207;
+
+  SN_id_smime_ct_TDTInfo = AnsiString('id-smime-ct-TDTInfo');
+  NID_id_smime_ct_TDTInfo = 208;
+
+  SN_id_smime_ct_contentInfo = AnsiString('id-smime-ct-contentInfo');
+  NID_id_smime_ct_contentInfo = 209;
+
+  SN_id_smime_ct_DVCSRequestData = AnsiString('id-smime-ct-DVCSRequestData');
+  NID_id_smime_ct_DVCSRequestData = 210;
+
+  SN_id_smime_ct_DVCSResponseData = AnsiString('id-smime-ct-DVCSResponseData');
+  NID_id_smime_ct_DVCSResponseData = 211;
+
+  SN_id_smime_ct_compressedData = AnsiString('id-smime-ct-compressedData');
+  NID_id_smime_ct_compressedData = 786;
+
+  SN_id_smime_ct_contentCollection = AnsiString('id-smime-ct-contentCollection');
+  NID_id_smime_ct_contentCollection = 1058;
+
+  SN_id_smime_ct_authEnvelopedData = AnsiString('id-smime-ct-authEnvelopedData');
+  NID_id_smime_ct_authEnvelopedData = 1059;
+
+  SN_id_ct_asciiTextWithCRLF = AnsiString('id-ct-asciiTextWithCRLF');
+  NID_id_ct_asciiTextWithCRLF = 787;
+
+  SN_id_ct_xml = AnsiString('id-ct-xml');
+  NID_id_ct_xml = 1060;
+
+  SN_id_smime_aa_receiptRequest = AnsiString('id-smime-aa-receiptRequest');
+  NID_id_smime_aa_receiptRequest = 212;
+
+  SN_id_smime_aa_securityLabel = AnsiString('id-smime-aa-securityLabel');
+  NID_id_smime_aa_securityLabel = 213;
+
+  SN_id_smime_aa_mlExpandHistory = AnsiString('id-smime-aa-mlExpandHistory');
+  NID_id_smime_aa_mlExpandHistory = 214;
+
+  SN_id_smime_aa_contentHint = AnsiString('id-smime-aa-contentHint');
+  NID_id_smime_aa_contentHint = 215;
+
+  SN_id_smime_aa_msgSigDigest = AnsiString('id-smime-aa-msgSigDigest');
+  NID_id_smime_aa_msgSigDigest = 216;
+
+  SN_id_smime_aa_encapContentType = AnsiString('id-smime-aa-encapContentType');
+  NID_id_smime_aa_encapContentType = 217;
+
+  SN_id_smime_aa_contentIdentifier = AnsiString('id-smime-aa-contentIdentifier');
+  NID_id_smime_aa_contentIdentifier = 218;
+
+  SN_id_smime_aa_macValue = AnsiString('id-smime-aa-macValue');
+  NID_id_smime_aa_macValue = 219;
+
+  SN_id_smime_aa_equivalentLabels = AnsiString('id-smime-aa-equivalentLabels');
+  NID_id_smime_aa_equivalentLabels = 220;
+
+  SN_id_smime_aa_contentReference = AnsiString('id-smime-aa-contentReference');
+  NID_id_smime_aa_contentReference = 221;
+
+  SN_id_smime_aa_encrypKeyPref = AnsiString('id-smime-aa-encrypKeyPref');
+  NID_id_smime_aa_encrypKeyPref = 222;
+
+  SN_id_smime_aa_signingCertificate = AnsiString('id-smime-aa-signingCertificate');
+  NID_id_smime_aa_signingCertificate = 223;
+
+  SN_id_smime_aa_smimeEncryptCerts = AnsiString('id-smime-aa-smimeEncryptCerts');
+  NID_id_smime_aa_smimeEncryptCerts = 224;
+
+  SN_id_smime_aa_timeStampToken = AnsiString('id-smime-aa-timeStampToken');
+  NID_id_smime_aa_timeStampToken = 225;
+
+  SN_id_smime_aa_ets_sigPolicyId = AnsiString('id-smime-aa-ets-sigPolicyId');
+  NID_id_smime_aa_ets_sigPolicyId = 226;
+
+  SN_id_smime_aa_ets_commitmentType = AnsiString('id-smime-aa-ets-commitmentType');
+  NID_id_smime_aa_ets_commitmentType = 227;
+
+  SN_id_smime_aa_ets_signerLocation = AnsiString('id-smime-aa-ets-signerLocation');
+  NID_id_smime_aa_ets_signerLocation = 228;
+
+  SN_id_smime_aa_ets_signerAttr = AnsiString('id-smime-aa-ets-signerAttr');
+  NID_id_smime_aa_ets_signerAttr = 229;
+
+  SN_id_smime_aa_ets_otherSigCert = AnsiString('id-smime-aa-ets-otherSigCert');
+  NID_id_smime_aa_ets_otherSigCert = 230;
+
+  SN_id_smime_aa_ets_contentTimestamp = AnsiString('id-smime-aa-ets-contentTimestamp');
+  NID_id_smime_aa_ets_contentTimestamp = 231;
+
+  SN_id_smime_aa_ets_CertificateRefs = AnsiString('id-smime-aa-ets-CertificateRefs');
+  NID_id_smime_aa_ets_CertificateRefs = 232;
+
+  SN_id_smime_aa_ets_RevocationRefs = AnsiString('id-smime-aa-ets-RevocationRefs');
+  NID_id_smime_aa_ets_RevocationRefs = 233;
+
+  SN_id_smime_aa_ets_certValues = AnsiString('id-smime-aa-ets-certValues');
+  NID_id_smime_aa_ets_certValues = 234;
+
+  SN_id_smime_aa_ets_revocationValues = AnsiString('id-smime-aa-ets-revocationValues');
+  NID_id_smime_aa_ets_revocationValues = 235;
+
+  SN_id_smime_aa_ets_escTimeStamp = AnsiString('id-smime-aa-ets-escTimeStamp');
+  NID_id_smime_aa_ets_escTimeStamp = 236;
+
+  SN_id_smime_aa_ets_certCRLTimestamp = AnsiString('id-smime-aa-ets-certCRLTimestamp');
+  NID_id_smime_aa_ets_certCRLTimestamp = 237;
+
+  SN_id_smime_aa_ets_archiveTimeStamp = AnsiString('id-smime-aa-ets-archiveTimeStamp');
+  NID_id_smime_aa_ets_archiveTimeStamp = 238;
+
+  SN_id_smime_aa_signatureType = AnsiString('id-smime-aa-signatureType');
+  NID_id_smime_aa_signatureType = 239;
+
+  SN_id_smime_aa_dvcs_dvc = AnsiString('id-smime-aa-dvcs-dvc');
+  NID_id_smime_aa_dvcs_dvc = 240;
+
+  SN_id_smime_aa_signingCertificateV2 = AnsiString('id-smime-aa-signingCertificateV2');
+  NID_id_smime_aa_signingCertificateV2 = 1086;
+
+  SN_id_smime_alg_ESDHwith3DES = AnsiString('id-smime-alg-ESDHwith3DES');
+  NID_id_smime_alg_ESDHwith3DES = 241;
+
+  SN_id_smime_alg_ESDHwithRC2 = AnsiString('id-smime-alg-ESDHwithRC2');
+  NID_id_smime_alg_ESDHwithRC2 = 242;
+
+  SN_id_smime_alg_3DESwrap = AnsiString('id-smime-alg-3DESwrap');
+  NID_id_smime_alg_3DESwrap = 243;
+
+  SN_id_smime_alg_RC2wrap = AnsiString('id-smime-alg-RC2wrap');
+  NID_id_smime_alg_RC2wrap = 244;
+
+  SN_id_smime_alg_ESDH = AnsiString('id-smime-alg-ESDH');
+  NID_id_smime_alg_ESDH = 245;
+
+  SN_id_smime_alg_CMS3DESwrap = AnsiString('id-smime-alg-CMS3DESwrap');
+  NID_id_smime_alg_CMS3DESwrap = 246;
+
+  SN_id_smime_alg_CMSRC2wrap = AnsiString('id-smime-alg-CMSRC2wrap');
+  NID_id_smime_alg_CMSRC2wrap = 247;
+
+  SN_id_alg_PWRI_KEK = AnsiString('id-alg-PWRI-KEK');
+  NID_id_alg_PWRI_KEK = 893;
+
+  SN_id_smime_cd_ldap = AnsiString('id-smime-cd-ldap');
+  NID_id_smime_cd_ldap = 248;
+
+  SN_id_smime_spq_ets_sqt_uri = AnsiString('id-smime-spq-ets-sqt-uri');
+  NID_id_smime_spq_ets_sqt_uri = 249;
+
+  SN_id_smime_spq_ets_sqt_unotice = AnsiString('id-smime-spq-ets-sqt-unotice');
+  NID_id_smime_spq_ets_sqt_unotice = 250;
+
+  SN_id_smime_cti_ets_proofOfOrigin = AnsiString('id-smime-cti-ets-proofOfOrigin');
+  NID_id_smime_cti_ets_proofOfOrigin = 251;
+
+  SN_id_smime_cti_ets_proofOfReceipt = AnsiString('id-smime-cti-ets-proofOfReceipt');
+  NID_id_smime_cti_ets_proofOfReceipt = 252;
+
+  SN_id_smime_cti_ets_proofOfDelivery = AnsiString('id-smime-cti-ets-proofOfDelivery');
+  NID_id_smime_cti_ets_proofOfDelivery = 253;
+
+  SN_id_smime_cti_ets_proofOfSender = AnsiString('id-smime-cti-ets-proofOfSender');
+  NID_id_smime_cti_ets_proofOfSender = 254;
+
+  SN_id_smime_cti_ets_proofOfApproval = AnsiString('id-smime-cti-ets-proofOfApproval');
+  NID_id_smime_cti_ets_proofOfApproval = 255;
+
+  SN_id_smime_cti_ets_proofOfCreation = AnsiString('id-smime-cti-ets-proofOfCreation');
+  NID_id_smime_cti_ets_proofOfCreation = 256;
+
+  LN_friendlyName = AnsiString('friendlyName');
+  NID_friendlyName = 156;
+
+  LN_localKeyID = AnsiString('localKeyID');
+  NID_localKeyID = 157;
+
+  SN_ms_csp_name = AnsiString('CSPName');
+  LN_ms_csp_name = AnsiString('Microsoft CSP Name');
+  NID_ms_csp_name = 417;
+
+  SN_LocalKeySet = AnsiString('LocalKeySet');
+  LN_LocalKeySet = AnsiString('Microsoft Local Key set');
+  NID_LocalKeySet = 856;
+
+  LN_x509Certificate = AnsiString('x509Certificate');
+  NID_x509Certificate = 158;
+
+  LN_sdsiCertificate = AnsiString('sdsiCertificate');
+  NID_sdsiCertificate = 159;
+
+  LN_x509Crl = AnsiString('x509Crl');
+  NID_x509Crl = 160;
+
+  SN_pbe_WithSHA1And128BitRC4 = AnsiString('PBE-SHA1-RC4-128');
+  LN_pbe_WithSHA1And128BitRC4 = AnsiString('pbeWithSHA1And128BitRC4');
+  NID_pbe_WithSHA1And128BitRC4 = 144;
+
+  SN_pbe_WithSHA1And40BitRC4 = AnsiString('PBE-SHA1-RC4-40');
+  LN_pbe_WithSHA1And40BitRC4 = AnsiString('pbeWithSHA1And40BitRC4');
+  NID_pbe_WithSHA1And40BitRC4 = 145;
+
+  SN_pbe_WithSHA1And3_Key_TripleDES_CBC = AnsiString('PBE-SHA1-3DES');
+  LN_pbe_WithSHA1And3_Key_TripleDES_CBC = AnsiString('pbeWithSHA1And3-KeyTripleDES-CBC');
+  NID_pbe_WithSHA1And3_Key_TripleDES_CBC = 146;
+
+  SN_pbe_WithSHA1And2_Key_TripleDES_CBC = AnsiString('PBE-SHA1-2DES');
+  LN_pbe_WithSHA1And2_Key_TripleDES_CBC = AnsiString('pbeWithSHA1And2-KeyTripleDES-CBC');
+  NID_pbe_WithSHA1And2_Key_TripleDES_CBC = 147;
+
+  SN_pbe_WithSHA1And128BitRC2_CBC = AnsiString('PBE-SHA1-RC2-128');
+  LN_pbe_WithSHA1And128BitRC2_CBC = AnsiString('pbeWithSHA1And128BitRC2-CBC');
+  NID_pbe_WithSHA1And128BitRC2_CBC = 148;
+
+  SN_pbe_WithSHA1And40BitRC2_CBC = AnsiString('PBE-SHA1-RC2-40');
+  LN_pbe_WithSHA1And40BitRC2_CBC = AnsiString('pbeWithSHA1And40BitRC2-CBC');
+  NID_pbe_WithSHA1And40BitRC2_CBC = 149;
+
+  LN_keyBag = AnsiString('keyBag');
+  NID_keyBag = 150;
+
+  LN_pkcs8ShroudedKeyBag = AnsiString('pkcs8ShroudedKeyBag');
+  NID_pkcs8ShroudedKeyBag = 151;
+
+  LN_certBag = AnsiString('certBag');
+  NID_certBag = 152;
+
+  LN_crlBag = AnsiString('crlBag');
+  NID_crlBag = 153;
+
+  LN_secretBag = AnsiString('secretBag');
+  NID_secretBag = 154;
+
+  LN_safeContentsBag = AnsiString('safeContentsBag');
+  NID_safeContentsBag = 155;
+
+  SN_md2 = AnsiString('MD2');
+  LN_md2 = AnsiString('md2');
+  NID_md2 = 3;
+
+  SN_md4 = AnsiString('MD4');
+  LN_md4 = AnsiString('md4');
+  NID_md4 = 257;
+
+  SN_md5 = AnsiString('MD5');
+  LN_md5 = AnsiString('md5');
+  NID_md5 = 4;
+
+  SN_md5_sha1 = AnsiString('MD5-SHA1');
+  LN_md5_sha1 = AnsiString('md5-sha1');
+  NID_md5_sha1 = 114;
+
+  LN_hmacWithMD5 = AnsiString('hmacWithMD5');
+  NID_hmacWithMD5 = 797;
+
+  LN_hmacWithSHA1 = AnsiString('hmacWithSHA1');
+  NID_hmacWithSHA1 = 163;
+
+  SN_sm2 = AnsiString('SM2');
+  LN_sm2 = AnsiString('sm2');
+  NID_sm2 = 1172;
+
+  SN_sm3 = AnsiString('SM3');
+  LN_sm3 = AnsiString('sm3');
+  NID_sm3 = 1143;
+
+  SN_sm3WithRSAEncryption = AnsiString('RSA-SM3');
+  LN_sm3WithRSAEncryption = AnsiString('sm3WithRSAEncryption');
+  NID_sm3WithRSAEncryption = 1144;
+
+  LN_hmacWithSHA224 = AnsiString('hmacWithSHA224');
+  NID_hmacWithSHA224 = 798;
+
+  LN_hmacWithSHA256 = AnsiString('hmacWithSHA256');
+  NID_hmacWithSHA256 = 799;
+
+  LN_hmacWithSHA384 = AnsiString('hmacWithSHA384');
+  NID_hmacWithSHA384 = 800;
+
+  LN_hmacWithSHA512 = AnsiString('hmacWithSHA512');
+  NID_hmacWithSHA512 = 801;
+
+  LN_hmacWithSHA512_224 = AnsiString('hmacWithSHA512-224');
+  NID_hmacWithSHA512_224 = 1193;
+
+  LN_hmacWithSHA512_256 = AnsiString('hmacWithSHA512-256');
+  NID_hmacWithSHA512_256 = 1194;
+
+  SN_rc2_cbc = AnsiString('RC2-CBC');
+  LN_rc2_cbc = AnsiString('rc2-cbc');
+  NID_rc2_cbc = 37;
+
+  SN_rc2_ecb = AnsiString('RC2-ECB');
+  LN_rc2_ecb = AnsiString('rc2-ecb');
+  NID_rc2_ecb = 38;
+
+  SN_rc2_cfb64 = AnsiString('RC2-CFB');
+  LN_rc2_cfb64 = AnsiString('rc2-cfb');
+  NID_rc2_cfb64 = 39;
+
+  SN_rc2_ofb64 = AnsiString('RC2-OFB');
+  LN_rc2_ofb64 = AnsiString('rc2-ofb');
+  NID_rc2_ofb64 = 40;
+
+  SN_rc2_40_cbc = AnsiString('RC2-40-CBC');
+  LN_rc2_40_cbc = AnsiString('rc2-40-cbc');
+  NID_rc2_40_cbc = 98;
+
+  SN_rc2_64_cbc = AnsiString('RC2-64-CBC');
+  LN_rc2_64_cbc = AnsiString('rc2-64-cbc');
+  NID_rc2_64_cbc = 166;
+
+  SN_rc4 = AnsiString('RC4');
+  LN_rc4 = AnsiString('rc4');
+  NID_rc4 = 5;
+
+  SN_rc4_40 = AnsiString('RC4-40');
+  LN_rc4_40 = AnsiString('rc4-40');
+  NID_rc4_40 = 97;
+
+  SN_des_ede3_cbc = AnsiString('DES-EDE3-CBC');
+  LN_des_ede3_cbc = AnsiString('des-ede3-cbc');
+  NID_des_ede3_cbc = 44;
+
+  SN_rc5_cbc = AnsiString('RC5-CBC');
+  LN_rc5_cbc = AnsiString('rc5-cbc');
+  NID_rc5_cbc = 120;
+
+  SN_rc5_ecb = AnsiString('RC5-ECB');
+  LN_rc5_ecb = AnsiString('rc5-ecb');
+  NID_rc5_ecb = 121;
+
+  SN_rc5_cfb64 = AnsiString('RC5-CFB');
+  LN_rc5_cfb64 = AnsiString('rc5-cfb');
+  NID_rc5_cfb64 = 122;
+
+  SN_rc5_ofb64 = AnsiString('RC5-OFB');
+  LN_rc5_ofb64 = AnsiString('rc5-ofb');
+  NID_rc5_ofb64 = 123;
+
+  SN_ms_ext_req = AnsiString('msExtReq');
+  LN_ms_ext_req = AnsiString('Microsoft Extension Request');
+  NID_ms_ext_req = 171;
+
+  SN_ms_code_ind = AnsiString('msCodeInd');
+  LN_ms_code_ind = AnsiString('Microsoft Individual Code Signing');
+  NID_ms_code_ind = 134;
+
+  SN_ms_code_com = AnsiString('msCodeCom');
+  LN_ms_code_com = AnsiString('Microsoft Commercial Code Signing');
+  NID_ms_code_com = 135;
+
+  SN_ms_ctl_sign = AnsiString('msCTLSign');
+  LN_ms_ctl_sign = AnsiString('Microsoft Trust List Signing');
+  NID_ms_ctl_sign = 136;
+
+  SN_ms_sgc = AnsiString('msSGC');
+  LN_ms_sgc = AnsiString('Microsoft Server Gated Crypto');
+  NID_ms_sgc = 137;
+
+  SN_ms_efs = AnsiString('msEFS');
+  LN_ms_efs = AnsiString('Microsoft Encrypted File System');
+  NID_ms_efs = 138;
+
+  SN_ms_smartcard_login = AnsiString('msSmartcardLogin');
+  LN_ms_smartcard_login = AnsiString('Microsoft Smartcard Login');
+  NID_ms_smartcard_login = 648;
+
+  SN_ms_upn = AnsiString('msUPN');
+  LN_ms_upn = AnsiString('Microsoft User Principal Name');
+  NID_ms_upn = 649;
+
+  SN_idea_cbc = AnsiString('IDEA-CBC');
+  LN_idea_cbc = AnsiString('idea-cbc');
+  NID_idea_cbc = 34;
+
+  SN_idea_ecb = AnsiString('IDEA-ECB');
+  LN_idea_ecb = AnsiString('idea-ecb');
+  NID_idea_ecb = 36;
+
+  SN_idea_cfb64 = AnsiString('IDEA-CFB');
+  LN_idea_cfb64 = AnsiString('idea-cfb');
+  NID_idea_cfb64 = 35;
+
+  SN_idea_ofb64 = AnsiString('IDEA-OFB');
+  LN_idea_ofb64 = AnsiString('idea-ofb');
+  NID_idea_ofb64 = 46;
+
+  SN_bf_cbc = AnsiString('BF-CBC');
+  LN_bf_cbc = AnsiString('bf-cbc');
+  NID_bf_cbc = 91;
+
+  SN_bf_ecb = AnsiString('BF-ECB');
+  LN_bf_ecb = AnsiString('bf-ecb');
+  NID_bf_ecb = 92;
+
+  SN_bf_cfb64 = AnsiString('BF-CFB');
+  LN_bf_cfb64 = AnsiString('bf-cfb');
+  NID_bf_cfb64 = 93;
+
+  SN_bf_ofb64 = AnsiString('BF-OFB');
+  LN_bf_ofb64 = AnsiString('bf-ofb');
+  NID_bf_ofb64 = 94;
+
+  SN_id_pkix = AnsiString('PKIX');
+  NID_id_pkix = 127;
+
+  SN_id_pkix_mod = AnsiString('id-pkix-mod');
+  NID_id_pkix_mod = 258;
+
+  SN_id_pe = AnsiString('id-pe');
+  NID_id_pe = 175;
+
+  SN_id_qt = AnsiString('id-qt');
+  NID_id_qt = 259;
+
+  SN_id_kp = AnsiString('id-kp');
+  NID_id_kp = 128;
+
+  SN_id_it = AnsiString('id-it');
+  NID_id_it = 260;
+
+  SN_id_pkip = AnsiString('id-pkip');
+  NID_id_pkip = 261;
+
+  SN_id_alg = AnsiString('id-alg');
+  NID_id_alg = 262;
+
+  SN_id_cmc = AnsiString('id-cmc');
+  NID_id_cmc = 263;
+
+  SN_id_on = AnsiString('id-on');
+  NID_id_on = 264;
+
+  SN_id_pda = AnsiString('id-pda');
+  NID_id_pda = 265;
+
+  SN_id_aca = AnsiString('id-aca');
+  NID_id_aca = 266;
+
+  SN_id_qcs = AnsiString('id-qcs');
+  NID_id_qcs = 267;
+
+  SN_id_cct = AnsiString('id-cct');
+  NID_id_cct = 268;
+
+  SN_id_ppl = AnsiString('id-ppl');
+  NID_id_ppl = 662;
+
+  SN_id_ad = AnsiString('id-ad');
+  NID_id_ad = 176;
+
+  SN_id_pkix1_explicit_88 = AnsiString('id-pkix1-explicit-88');
+  NID_id_pkix1_explicit_88 = 269;
+
+  SN_id_pkix1_implicit_88 = AnsiString('id-pkix1-implicit-88');
+  NID_id_pkix1_implicit_88 = 270;
+
+  SN_id_pkix1_explicit_93 = AnsiString('id-pkix1-explicit-93');
+  NID_id_pkix1_explicit_93 = 271;
+
+  SN_id_pkix1_implicit_93 = AnsiString('id-pkix1-implicit-93');
+  NID_id_pkix1_implicit_93 = 272;
+
+  SN_id_mod_crmf = AnsiString('id-mod-crmf');
+  NID_id_mod_crmf = 273;
+
+  SN_id_mod_cmc = AnsiString('id-mod-cmc');
+  NID_id_mod_cmc = 274;
+
+  SN_id_mod_kea_profile_88 = AnsiString('id-mod-kea-profile-88');
+  NID_id_mod_kea_profile_88 = 275;
+
+  SN_id_mod_kea_profile_93 = AnsiString('id-mod-kea-profile-93');
+  NID_id_mod_kea_profile_93 = 276;
+
+  SN_id_mod_cmp = AnsiString('id-mod-cmp');
+  NID_id_mod_cmp = 277;
+
+  SN_id_mod_qualified_cert_88 = AnsiString('id-mod-qualified-cert-88');
+  NID_id_mod_qualified_cert_88 = 278;
+
+  SN_id_mod_qualified_cert_93 = AnsiString('id-mod-qualified-cert-93');
+  NID_id_mod_qualified_cert_93 = 279;
+
+  SN_id_mod_attribute_cert = AnsiString('id-mod-attribute-cert');
+  NID_id_mod_attribute_cert = 280;
+
+  SN_id_mod_timestamp_protocol = AnsiString('id-mod-timestamp-protocol');
+  NID_id_mod_timestamp_protocol = 281;
+
+  SN_id_mod_ocsp = AnsiString('id-mod-ocsp');
+  NID_id_mod_ocsp = 282;
+
+  SN_id_mod_dvcs = AnsiString('id-mod-dvcs');
+  NID_id_mod_dvcs = 283;
+
+  SN_id_mod_cmp2000 = AnsiString('id-mod-cmp2000');
+  NID_id_mod_cmp2000 = 284;
+
+  SN_info_access = AnsiString('authorityInfoAccess');
+  LN_info_access = AnsiString('Authority Information Access');
+  NID_info_access = 177;
+
+  SN_biometricInfo = AnsiString('biometricInfo');
+  LN_biometricInfo = AnsiString('Biometric Info');
+  NID_biometricInfo = 285;
+
+  SN_qcStatements = AnsiString('qcStatements');
+  NID_qcStatements = 286;
+
+  SN_ac_auditEntity = AnsiString('ac-auditEntity');
+  NID_ac_auditEntity = 287;
+
+  SN_ac_targeting = AnsiString('ac-targeting');
+  NID_ac_targeting = 288;
+
+  SN_aaControls = AnsiString('aaControls');
+  NID_aaControls = 289;
+
+  SN_sbgp_ipAddrBlock = AnsiString('sbgp-ipAddrBlock');
+  NID_sbgp_ipAddrBlock = 290;
+
+  SN_sbgp_autonomousSysNum = AnsiString('sbgp-autonomousSysNum');
+  NID_sbgp_autonomousSysNum = 291;
+
+  SN_sbgp_routerIdentifier = AnsiString('sbgp-routerIdentifier');
+  NID_sbgp_routerIdentifier = 292;
+
+  SN_ac_proxying = AnsiString('ac-proxying');
+  NID_ac_proxying = 397;
+
+  SN_sinfo_access = AnsiString('subjectInfoAccess');
+  LN_sinfo_access = AnsiString('Subject Information Access');
+  NID_sinfo_access = 398;
+
+  SN_proxyCertInfo = AnsiString('proxyCertInfo');
+  LN_proxyCertInfo = AnsiString('Proxy Certificate Information');
+  NID_proxyCertInfo = 663;
+
+  SN_tlsfeature = AnsiString('tlsfeature');
+  LN_tlsfeature = AnsiString('TLS Feature');
+  NID_tlsfeature = 1020;
+
+  SN_id_qt_cps = AnsiString('id-qt-cps');
+  LN_id_qt_cps = AnsiString('Policy Qualifier CPS');
+  NID_id_qt_cps = 164;
+
+  SN_id_qt_unotice = AnsiString('id-qt-unotice');
+  LN_id_qt_unotice = AnsiString('Policy Qualifier User Notice');
+  NID_id_qt_unotice = 165;
+
+  SN_textNotice = AnsiString('textNotice');
+  NID_textNotice = 293;
+
+  SN_server_auth = AnsiString('serverAuth');
+  LN_server_auth = AnsiString('TLS Web Server Authentication');
+  NID_server_auth = 129;
+
+  SN_client_auth = AnsiString('clientAuth');
+  LN_client_auth = AnsiString('TLS Web Client Authentication');
+  NID_client_auth = 130;
+
+  SN_code_sign = AnsiString('codeSigning');
+  LN_code_sign = AnsiString('Code Signing');
+  NID_code_sign = 131;
+
+  SN_email_protect = AnsiString('emailProtection');
+  LN_email_protect = AnsiString('E-mail Protection');
+  NID_email_protect = 132;
+
+  SN_ipsecEndSystem = AnsiString('ipsecEndSystem');
+  LN_ipsecEndSystem = AnsiString('IPSec End System');
+  NID_ipsecEndSystem = 294;
+
+  SN_ipsecTunnel = AnsiString('ipsecTunnel');
+  LN_ipsecTunnel = AnsiString('IPSec Tunnel');
+  NID_ipsecTunnel = 295;
+
+  SN_ipsecUser = AnsiString('ipsecUser');
+  LN_ipsecUser = AnsiString('IPSec User');
+  NID_ipsecUser = 296;
+
+  SN_time_stamp = AnsiString('timeStamping');
+  LN_time_stamp = AnsiString('Time Stamping');
+  NID_time_stamp = 133;
+
+  SN_OCSP_sign = AnsiString('OCSPSigning');
+  LN_OCSP_sign = AnsiString('OCSP Signing');
+  NID_OCSP_sign = 180;
+
+  SN_dvcs = AnsiString('DVCS');
+  LN_dvcs = AnsiString('dvcs');
+  NID_dvcs = 297;
+
+  SN_ipsec_IKE = AnsiString('ipsecIKE');
+  LN_ipsec_IKE = AnsiString('ipsec Internet Key Exchange');
+  NID_ipsec_IKE = 1022;
+
+  SN_capwapAC = AnsiString('capwapAC');
+  LN_capwapAC = AnsiString('Ctrl/provision WAP Access');
+  NID_capwapAC = 1023;
+
+  SN_capwapWTP = AnsiString('capwapWTP');
+  LN_capwapWTP = AnsiString('Ctrl/Provision WAP Termination');
+  NID_capwapWTP = 1024;
+
+  SN_sshClient = AnsiString('secureShellClient');
+  LN_sshClient = AnsiString('SSH Client');
+  NID_sshClient = 1025;
+
+  SN_sshServer = AnsiString('secureShellServer');
+  LN_sshServer = AnsiString('SSH Server');
+  NID_sshServer = 1026;
+
+  SN_sendRouter = AnsiString('sendRouter');
+  LN_sendRouter = AnsiString('Send Router');
+  NID_sendRouter = 1027;
+
+  SN_sendProxiedRouter = AnsiString('sendProxiedRouter');
+  LN_sendProxiedRouter = AnsiString('Send Proxied Router');
+  NID_sendProxiedRouter = 1028;
+
+  SN_sendOwner = AnsiString('sendOwner');
+  LN_sendOwner = AnsiString('Send Owner');
+  NID_sendOwner = 1029;
+
+  SN_sendProxiedOwner = AnsiString('sendProxiedOwner');
+  LN_sendProxiedOwner = AnsiString('Send Proxied Owner');
+  NID_sendProxiedOwner = 1030;
+
+  SN_cmcCA = AnsiString('cmcCA');
+  LN_cmcCA = AnsiString('CMC Certificate Authority');
+  NID_cmcCA = 1131;
+
+  SN_cmcRA = AnsiString('cmcRA');
+  LN_cmcRA = AnsiString('CMC Registration Authority');
+  NID_cmcRA = 1132;
+
+  SN_id_it_caProtEncCert = AnsiString('id-it-caProtEncCert');
+  NID_id_it_caProtEncCert = 298;
+
+  SN_id_it_signKeyPairTypes = AnsiString('id-it-signKeyPairTypes');
+  NID_id_it_signKeyPairTypes = 299;
+
+  SN_id_it_encKeyPairTypes = AnsiString('id-it-encKeyPairTypes');
+  NID_id_it_encKeyPairTypes = 300;
+
+  SN_id_it_preferredSymmAlg = AnsiString('id-it-preferredSymmAlg');
+  NID_id_it_preferredSymmAlg = 301;
+
+  SN_id_it_caKeyUpdateInfo = AnsiString('id-it-caKeyUpdateInfo');
+  NID_id_it_caKeyUpdateInfo = 302;
+
+  SN_id_it_currentCRL = AnsiString('id-it-currentCRL');
+  NID_id_it_currentCRL = 303;
+
+  SN_id_it_unsupportedOIDs = AnsiString('id-it-unsupportedOIDs');
+  NID_id_it_unsupportedOIDs = 304;
+
+  SN_id_it_subscriptionRequest = AnsiString('id-it-subscriptionRequest');
+  NID_id_it_subscriptionRequest = 305;
+
+  SN_id_it_subscriptionResponse = AnsiString('id-it-subscriptionResponse');
+  NID_id_it_subscriptionResponse = 306;
+
+  SN_id_it_keyPairParamReq = AnsiString('id-it-keyPairParamReq');
+  NID_id_it_keyPairParamReq = 307;
+
+  SN_id_it_keyPairParamRep = AnsiString('id-it-keyPairParamRep');
+  NID_id_it_keyPairParamRep = 308;
+
+  SN_id_it_revPassphrase = AnsiString('id-it-revPassphrase');
+  NID_id_it_revPassphrase = 309;
+
+  SN_id_it_implicitConfirm = AnsiString('id-it-implicitConfirm');
+  NID_id_it_implicitConfirm = 310;
+
+  SN_id_it_confirmWaitTime = AnsiString('id-it-confirmWaitTime');
+  NID_id_it_confirmWaitTime = 311;
+
+  SN_id_it_origPKIMessage = AnsiString('id-it-origPKIMessage');
+  NID_id_it_origPKIMessage = 312;
+
+  SN_id_it_suppLangTags = AnsiString('id-it-suppLangTags');
+  NID_id_it_suppLangTags = 784;
+
+  SN_id_regCtrl = AnsiString('id-regCtrl');
+  NID_id_regCtrl = 313;
+
+  SN_id_regInfo = AnsiString('id-regInfo');
+  NID_id_regInfo = 314;
+
+  SN_id_regCtrl_regToken = AnsiString('id-regCtrl-regToken');
+  NID_id_regCtrl_regToken = 315;
+
+  SN_id_regCtrl_authenticator = AnsiString('id-regCtrl-authenticator');
+  NID_id_regCtrl_authenticator = 316;
+
+  SN_id_regCtrl_pkiPublicationInfo = AnsiString('id-regCtrl-pkiPublicationInfo');
+  NID_id_regCtrl_pkiPublicationInfo = 317;
+
+  SN_id_regCtrl_pkiArchiveOptions = AnsiString('id-regCtrl-pkiArchiveOptions');
+  NID_id_regCtrl_pkiArchiveOptions = 318;
+
+  SN_id_regCtrl_oldCertID = AnsiString('id-regCtrl-oldCertID');
+  NID_id_regCtrl_oldCertID = 319;
+
+  SN_id_regCtrl_protocolEncrKey = AnsiString('id-regCtrl-protocolEncrKey');
+  NID_id_regCtrl_protocolEncrKey = 320;
+
+  SN_id_regInfo_utf8Pairs = AnsiString('id-regInfo-utf8Pairs');
+  NID_id_regInfo_utf8Pairs = 321;
+
+  SN_id_regInfo_certReq = AnsiString('id-regInfo-certReq');
+  NID_id_regInfo_certReq = 322;
+
+  SN_id_alg_des40 = AnsiString('id-alg-des40');
+  NID_id_alg_des40 = 323;
+
+  SN_id_alg_noSignature = AnsiString('id-alg-noSignature');
+  NID_id_alg_noSignature = 324;
+
+  SN_id_alg_dh_sig_hmac_sha1 = AnsiString('id-alg-dh-sig-hmac-sha1');
+  NID_id_alg_dh_sig_hmac_sha1 = 325;
+
+  SN_id_alg_dh_pop = AnsiString('id-alg-dh-pop');
+  NID_id_alg_dh_pop = 326;
+
+  SN_id_cmc_statusInfo = AnsiString('id-cmc-statusInfo');
+  NID_id_cmc_statusInfo = 327;
+
+  SN_id_cmc_identification = AnsiString('id-cmc-identification');
+  NID_id_cmc_identification = 328;
+
+  SN_id_cmc_identityProof = AnsiString('id-cmc-identityProof');
+  NID_id_cmc_identityProof = 329;
+
+  SN_id_cmc_dataReturn = AnsiString('id-cmc-dataReturn');
+  NID_id_cmc_dataReturn = 330;
+
+  SN_id_cmc_transactionId = AnsiString('id-cmc-transactionId');
+  NID_id_cmc_transactionId = 331;
+
+  SN_id_cmc_senderNonce = AnsiString('id-cmc-senderNonce');
+  NID_id_cmc_senderNonce = 332;
+
+  SN_id_cmc_recipientNonce = AnsiString('id-cmc-recipientNonce');
+  NID_id_cmc_recipientNonce = 333;
+
+  SN_id_cmc_addExtensions = AnsiString('id-cmc-addExtensions');
+  NID_id_cmc_addExtensions = 334;
+
+  SN_id_cmc_encryptedPOP = AnsiString('id-cmc-encryptedPOP');
+  NID_id_cmc_encryptedPOP = 335;
+
+  SN_id_cmc_decryptedPOP = AnsiString('id-cmc-decryptedPOP');
+  NID_id_cmc_decryptedPOP = 336;
+
+  SN_id_cmc_lraPOPWitness = AnsiString('id-cmc-lraPOPWitness');
+  NID_id_cmc_lraPOPWitness = 337;
+
+  SN_id_cmc_getCert = AnsiString('id-cmc-getCert');
+  NID_id_cmc_getCert = 338;
+
+  SN_id_cmc_getCRL = AnsiString('id-cmc-getCRL');
+  NID_id_cmc_getCRL = 339;
+
+  SN_id_cmc_revokeRequest = AnsiString('id-cmc-revokeRequest');
+  NID_id_cmc_revokeRequest = 340;
+
+  SN_id_cmc_regInfo = AnsiString('id-cmc-regInfo');
+  NID_id_cmc_regInfo = 341;
+
+  SN_id_cmc_responseInfo = AnsiString('id-cmc-responseInfo');
+  NID_id_cmc_responseInfo = 342;
+
+  SN_id_cmc_queryPending = AnsiString('id-cmc-queryPending');
+  NID_id_cmc_queryPending = 343;
+
+  SN_id_cmc_popLinkRandom = AnsiString('id-cmc-popLinkRandom');
+  NID_id_cmc_popLinkRandom = 344;
+
+  SN_id_cmc_popLinkWitness = AnsiString('id-cmc-popLinkWitness');
+  NID_id_cmc_popLinkWitness = 345;
+
+  SN_id_cmc_confirmCertAcceptance = AnsiString('id-cmc-confirmCertAcceptance');
+  NID_id_cmc_confirmCertAcceptance = 346;
+
+  SN_id_on_personalData = AnsiString('id-on-personalData');
+  NID_id_on_personalData = 347;
+
+  SN_id_on_permanentIdentifier = AnsiString('id-on-permanentIdentifier');
+  LN_id_on_permanentIdentifier = AnsiString('Permanent Identifier');
+  NID_id_on_permanentIdentifier = 858;
+
+  SN_id_pda_dateOfBirth = AnsiString('id-pda-dateOfBirth');
+  NID_id_pda_dateOfBirth = 348;
+
+  SN_id_pda_placeOfBirth = AnsiString('id-pda-placeOfBirth');
+  NID_id_pda_placeOfBirth = 349;
+
+  SN_id_pda_gender = AnsiString('id-pda-gender');
+  NID_id_pda_gender = 351;
+
+  SN_id_pda_countryOfCitizenship = AnsiString('id-pda-countryOfCitizenship');
+  NID_id_pda_countryOfCitizenship = 352;
+
+  SN_id_pda_countryOfResidence = AnsiString('id-pda-countryOfResidence');
+  NID_id_pda_countryOfResidence = 353;
+
+  SN_id_aca_authenticationInfo = AnsiString('id-aca-authenticationInfo');
+  NID_id_aca_authenticationInfo = 354;
+
+  SN_id_aca_accessIdentity = AnsiString('id-aca-accessIdentity');
+  NID_id_aca_accessIdentity = 355;
+
+  SN_id_aca_chargingIdentity = AnsiString('id-aca-chargingIdentity');
+  NID_id_aca_chargingIdentity = 356;
+
+  SN_id_aca_group = AnsiString('id-aca-group');
+  NID_id_aca_group = 357;
+
+  SN_id_aca_role = AnsiString('id-aca-role');
+  NID_id_aca_role = 358;
+
+  SN_id_aca_encAttrs = AnsiString('id-aca-encAttrs');
+  NID_id_aca_encAttrs = 399;
+
+  SN_id_qcs_pkixQCSyntax_v1 = AnsiString('id-qcs-pkixQCSyntax-v1');
+  NID_id_qcs_pkixQCSyntax_v1 = 359;
+
+  SN_id_cct_crs = AnsiString('id-cct-crs');
+  NID_id_cct_crs = 360;
+
+  SN_id_cct_PKIData = AnsiString('id-cct-PKIData');
+  NID_id_cct_PKIData = 361;
+
+  SN_id_cct_PKIResponse = AnsiString('id-cct-PKIResponse');
+  NID_id_cct_PKIResponse = 362;
+
+  SN_id_ppl_anyLanguage = AnsiString('id-ppl-anyLanguage');
+  LN_id_ppl_anyLanguage = AnsiString('Any language');
+
+  NID_id_ppl_anyLanguage = 664;
+  SN_id_ppl_inheritAll = AnsiString('id-ppl-inheritAll');
+
+  LN_id_ppl_inheritAll = AnsiString('Inherit all');
+  NID_id_ppl_inheritAll = 665;
+
+  SN_Independent = AnsiString('id-ppl-independent');
+  LN_Independent = AnsiString('Independent');
+  NID_Independent = 667;
+
+  SN_ad_OCSP = AnsiString('OCSP');
+  LN_ad_OCSP = AnsiString('OCSP');
+  NID_ad_OCSP = 178;
+
+  SN_ad_ca_issuers = AnsiString('caIssuers');
+  LN_ad_ca_issuers = AnsiString('CA Issuers');
+  NID_ad_ca_issuers = 179;
+
+  SN_ad_timeStamping = AnsiString('ad_timestamping');
+  LN_ad_timeStamping = AnsiString('AD Time Stamping');
+  NID_ad_timeStamping = 363;
+
+  SN_ad_dvcs = AnsiString('AD_DVCS');
+  LN_ad_dvcs = AnsiString('ad dvcs');
+  NID_ad_dvcs = 364;
+
+  SN_caRepository = AnsiString('caRepository');
+  LN_caRepository = AnsiString('CA Repository');
+  NID_caRepository = 785;
+
+  SN_id_pkix_OCSP_basic = AnsiString('basicOCSPResponse');
+  LN_id_pkix_OCSP_basic = AnsiString('Basic OCSP Response');
+  NID_id_pkix_OCSP_basic = 365;
+
+  SN_id_pkix_OCSP_Nonce = AnsiString('Nonce');
+  LN_id_pkix_OCSP_Nonce = AnsiString('OCSP Nonce');
+  NID_id_pkix_OCSP_Nonce = 366;
+
+  SN_id_pkix_OCSP_CrlID = AnsiString('CrlID');
+  LN_id_pkix_OCSP_CrlID = AnsiString('OCSP CRL ID');
+  NID_id_pkix_OCSP_CrlID = 367;
+
+  SN_id_pkix_OCSP_acceptableResponses = AnsiString('acceptableResponses');
+  LN_id_pkix_OCSP_acceptableResponses = AnsiString('Acceptable OCSP Responses');
+  NID_id_pkix_OCSP_acceptableResponses = 368;
+
+  SN_id_pkix_OCSP_noCheck = AnsiString('noCheck');
+  LN_id_pkix_OCSP_noCheck = AnsiString('OCSP No Check');
+  NID_id_pkix_OCSP_noCheck = 369;
+
+  SN_id_pkix_OCSP_archiveCutoff = AnsiString('archiveCutoff');
+  LN_id_pkix_OCSP_archiveCutoff = AnsiString('OCSP Archive Cutoff');
+  NID_id_pkix_OCSP_archiveCutoff = 370;
+
+  SN_id_pkix_OCSP_serviceLocator = AnsiString('serviceLocator');
+  LN_id_pkix_OCSP_serviceLocator = AnsiString('OCSP Service Locator');
+  NID_id_pkix_OCSP_serviceLocator = 371;
+
+  SN_id_pkix_OCSP_extendedStatus = AnsiString('extendedStatus');
+  LN_id_pkix_OCSP_extendedStatus = AnsiString('Extended OCSP Status');
+  NID_id_pkix_OCSP_extendedStatus = 372;
+
+  SN_id_pkix_OCSP_valid = AnsiString('valid');
+  NID_id_pkix_OCSP_valid = 373;
+
+  SN_id_pkix_OCSP_path = AnsiString('path');
+  NID_id_pkix_OCSP_path = 374;
+
+  SN_id_pkix_OCSP_trustRoot = AnsiString('trustRoot');
+  LN_id_pkix_OCSP_trustRoot = AnsiString('Trust Root');
+  NID_id_pkix_OCSP_trustRoot = 375;
+
+  SN_algorithm = AnsiString('algorithm');
+  LN_algorithm = AnsiString('algorithm');
+  NID_algorithm = 376;
+
+  SN_md5WithRSA = AnsiString('RSA-NP-MD5');
+  LN_md5WithRSA = AnsiString('md5WithRSA');
+  NID_md5WithRSA = 104;
+
+  SN_des_ecb = AnsiString('DES-ECB');
+  LN_des_ecb = AnsiString('des-ecb');
+  NID_des_ecb = 29;
+
+  SN_des_cbc = AnsiString('DES-CBC');
+  LN_des_cbc = AnsiString('des-cbc');
+  NID_des_cbc = 31;
+
+  SN_des_ofb64 = AnsiString('DES-OFB');
+  LN_des_ofb64 = AnsiString('des-ofb');
+  NID_des_ofb64 = 45;
+
+  SN_des_cfb64 = AnsiString('DES-CFB');
+  LN_des_cfb64 = AnsiString('des-cfb');
+  NID_des_cfb64 = 30;
+
+  SN_rsaSignature = AnsiString('rsaSignature');
+  NID_rsaSignature = 377;
+
+  SN_dsa_2 = AnsiString('DSA-old');
+  LN_dsa_2 = AnsiString('dsaEncryption-old');
+  NID_dsa_2 = 67;
+
+  SN_dsaWithSHA = AnsiString('DSA-SHA');
+  LN_dsaWithSHA = AnsiString('dsaWithSHA');
+  NID_dsaWithSHA = 66;
+
+  SN_shaWithRSAEncryption = AnsiString('RSA-SHA');
+  LN_shaWithRSAEncryption = AnsiString('shaWithRSAEncryption');
+  NID_shaWithRSAEncryption = 42;
+
+  SN_des_ede_ecb = AnsiString('DES-EDE');
+  LN_des_ede_ecb = AnsiString('des-ede');
+  NID_des_ede_ecb = 32;
+
+  SN_des_ede3_ecb = AnsiString('DES-EDE3');
+  LN_des_ede3_ecb = AnsiString('des-ede3');
+  NID_des_ede3_ecb = 33;
+
+  SN_des_ede_cbc = AnsiString('DES-EDE-CBC');
+  LN_des_ede_cbc = AnsiString('des-ede-cbc');
+  NID_des_ede_cbc = 43;
+
+  SN_des_ede_cfb64 = AnsiString('DES-EDE-CFB');
+  LN_des_ede_cfb64 = AnsiString('des-ede-cfb');
+  NID_des_ede_cfb64 = 60;
+
+  SN_des_ede3_cfb64 = AnsiString('DES-EDE3-CFB');
+  LN_des_ede3_cfb64 = AnsiString('des-ede3-cfb');
+  NID_des_ede3_cfb64 = 61;
+
+  SN_des_ede_ofb64 = AnsiString('DES-EDE-OFB');
+  LN_des_ede_ofb64 = AnsiString('des-ede-ofb');
+  NID_des_ede_ofb64 = 62;
+
+  SN_des_ede3_ofb64 = AnsiString('DES-EDE3-OFB');
+  LN_des_ede3_ofb64 = AnsiString('des-ede3-ofb');
+  NID_des_ede3_ofb64 = 63;
+
+  SN_desx_cbc = AnsiString('DESX-CBC');
+  LN_desx_cbc = AnsiString('desx-cbc');
+  NID_desx_cbc = 80;
+
+  SN_sha = AnsiString('SHA');
+  LN_sha = AnsiString('sha');
+  NID_sha = 41;
+
+  SN_sha1 = AnsiString('SHA1');
+  LN_sha1 = AnsiString('sha1');
+  NID_sha1 = 64;
+
+  SN_dsaWithSHA1_2 = AnsiString('DSA-SHA1-old');
+  LN_dsaWithSHA1_2 = AnsiString('dsaWithSHA1-old');
+  NID_dsaWithSHA1_2 = 70;
+
+  SN_sha1WithRSA = AnsiString('RSA-SHA1-2');
+  LN_sha1WithRSA = AnsiString('sha1WithRSA');
+  NID_sha1WithRSA = 115;
+
+  SN_ripemd160 = AnsiString('RIPEMD160');
+  LN_ripemd160 = AnsiString('ripemd160');
+  NID_ripemd160 = 117;
+
+  SN_ripemd160WithRSA = AnsiString('RSA-RIPEMD160');
+  LN_ripemd160WithRSA = AnsiString('ripemd160WithRSA');
+  NID_ripemd160WithRSA = 119;
+
+  SN_blake2b512 = AnsiString('BLAKE2b512');
+  LN_blake2b512 = AnsiString('blake2b512');
+  NID_blake2b512 = 1056;
+
+  SN_blake2s256 = AnsiString('BLAKE2s256');
+  LN_blake2s256 = AnsiString('blake2s256');
+  NID_blake2s256 = 1057;
+
+  SN_sxnet = AnsiString('SXNetID');
+  LN_sxnet = AnsiString('Strong Extranet ID');
+  NID_sxnet = 143;
+
+  SN_X500 = AnsiString('X500');
+  LN_X500 = AnsiString('directory services(X.500)');
+  NID_X500 = 11;
+
+  SN_X509 = AnsiString('X509');
+  NID_X509 = 12;
+
+  SN_commonName = AnsiString('CN');
+  LN_commonName = AnsiString('commonName');
+  NID_commonName = 13;
+
+  SN_surname = AnsiString('SN');
+  LN_surname = AnsiString('surname');
+  NID_surname = 100;
+
+  LN_serialNumber = AnsiString('serialNumber');
+  NID_serialNumber = 105;
+
+  SN_countryName = AnsiString('C');
+  LN_countryName = AnsiString('countryName');
+  NID_countryName = 14;
+
+  SN_localityName = AnsiString('L');
+  LN_localityName = AnsiString('localityName');
+  NID_localityName = 15;
+
+  SN_stateOrProvinceName = AnsiString('ST');
+  LN_stateOrProvinceName = AnsiString('stateOrProvinceName');
+  NID_stateOrProvinceName = 16;
+
+  SN_streetAddress = AnsiString('street');
+  LN_streetAddress = AnsiString('streetAddress');
+  NID_streetAddress = 660;
+
+  SN_organizationName = AnsiString('O');
+  LN_organizationName = AnsiString('organizationName');
+  NID_organizationName = 17;
+
+  SN_organizationalUnitName = AnsiString('OU');
+  LN_organizationalUnitName = AnsiString('organizationalUnitName');
+  NID_organizationalUnitName = 18;
+
+  SN_title = AnsiString('title');
+  LN_title = AnsiString('title');
+  NID_title = 106;
+
+  LN_description = AnsiString('description');
+  NID_description = 107;
+
+  LN_searchGuide = AnsiString('searchGuide');
+  NID_searchGuide = 859;
+  LN_businessCategory = AnsiString('businessCategory');
+  NID_businessCategory = 860;
+
+  LN_postalAddress = AnsiString('postalAddress');
+  NID_postalAddress = 861;
+
+  LN_postalCode = AnsiString('postalCode');
+  NID_postalCode = 661;
+
+  LN_postOfficeBox = AnsiString('postOfficeBox');
+  NID_postOfficeBox = 862;
+
+  LN_physicalDeliveryOfficeName = AnsiString('physicalDeliveryOfficeName');
+  NID_physicalDeliveryOfficeName = 863;
+
+  LN_telephoneNumber = AnsiString('telephoneNumber');
+  NID_telephoneNumber = 864;
+
+  LN_telexNumber = AnsiString('telexNumber');
+  NID_telexNumber = 865;
+
+  LN_teletexTerminalIdentifier = AnsiString('teletexTerminalIdentifier');
+  NID_teletexTerminalIdentifier = 866;
+
+  LN_facsimileTelephoneNumber = AnsiString('facsimileTelephoneNumber');
+  NID_facsimileTelephoneNumber = 867;
+
+  LN_x121Address = AnsiString('x121Address');
+  NID_x121Address = 868;
+
+  LN_internationaliSDNNumber = AnsiString('internationaliSDNNumber');
+  NID_internationaliSDNNumber = 869;
+
+  LN_registeredAddress = AnsiString('registeredAddress');
+  NID_registeredAddress = 870;
+
+  LN_destinationIndicator = AnsiString('destinationIndicator');
+  NID_destinationIndicator = 871;
+
+  LN_preferredDeliveryMethod = AnsiString('preferredDeliveryMethod');
+  NID_preferredDeliveryMethod = 872;
+
+  LN_presentationAddress = AnsiString('presentationAddress');
+  NID_presentationAddress = 873;
+
+  LN_supportedApplicationContext = AnsiString('supportedApplicationContext');
+  NID_supportedApplicationContext = 874;
+
+  SN_member = AnsiString('member');
+  NID_member = 875;
+
+  SN_owner = AnsiString('owner');
+  NID_owner = 876;
+
+  LN_roleOccupant = AnsiString('roleOccupant');
+  NID_roleOccupant = 877;
+
+  SN_seeAlso = AnsiString('seeAlso');
+  NID_seeAlso = 878;
+
+  LN_userPassword = AnsiString('userPassword');
+  NID_userPassword = 879;
+
+  LN_userCertificate = AnsiString('userCertificate');
+  NID_userCertificate = 880;
+
+  LN_cACertificate = AnsiString('cACertificate');
+  NID_cACertificate = 881;
+
+  LN_authorityRevocationList = AnsiString('authorityRevocationList');
+  NID_authorityRevocationList = 882;
+
+  LN_certificateRevocationList = AnsiString('certificateRevocationList');
+  NID_certificateRevocationList = 883;
+
+  LN_crossCertificatePair = AnsiString('crossCertificatePair');
+  NID_crossCertificatePair = 884;
+
+  SN_name = AnsiString('name');
+  LN_name = AnsiString('name');
+  NID_name = 173;
+
+  SN_givenName = AnsiString('GN');
+  LN_givenName = AnsiString('givenName');
+  NID_givenName = 99;
+
+  SN_initials = AnsiString('initials');
+  LN_initials = AnsiString('initials');
+  NID_initials = 101;
+
+  LN_generationQualifier = AnsiString('generationQualifier');
+  NID_generationQualifier = 509;
+
+  LN_x500UniqueIdentifier = AnsiString('x500UniqueIdentifier');
+  NID_x500UniqueIdentifier = 503;
+
+  SN_dnQualifier = AnsiString('dnQualifier');
+  LN_dnQualifier = AnsiString('dnQualifier');
+  NID_dnQualifier = 174;
+
+  LN_enhancedSearchGuide = AnsiString('enhancedSearchGuide');
+  NID_enhancedSearchGuide = 885;
+
+  LN_protocolInformation = AnsiString('protocolInformation');
+  NID_protocolInformation = 886;
+
+  LN_distinguishedName = AnsiString('distinguishedName');
+  NID_distinguishedName = 887;
+
+  LN_uniqueMember = AnsiString('uniqueMember');
+  NID_uniqueMember = 888;
+
+  LN_houseIdentifier = AnsiString('houseIdentifier');
+  NID_houseIdentifier = 889;
+
+  LN_supportedAlgorithms = AnsiString('supportedAlgorithms');
+  NID_supportedAlgorithms = 890;
+
+  LN_deltaRevocationList = AnsiString('deltaRevocationList');
+  NID_deltaRevocationList = 891;
+
+  SN_dmdName = AnsiString('dmdName');
+  NID_dmdName = 892;
+
+  LN_pseudonym = AnsiString('pseudonym');
+  NID_pseudonym = 510;
+
+  SN_role = AnsiString('role');
+  LN_role = AnsiString('role');
+  NID_role = 400;
+
+  LN_organizationIdentifier = AnsiString('organizationIdentifier');
+  NID_organizationIdentifier = 1089;
+
+  SN_countryCode3c = AnsiString('c3');
+  LN_countryCode3c = AnsiString('countryCode3c');
+  NID_countryCode3c = 1090;
+
+  SN_countryCode3n = AnsiString('n3');
+  LN_countryCode3n = AnsiString('countryCode3n');
+  NID_countryCode3n = 1091;
+
+  LN_dnsName = AnsiString('dnsName');
+  NID_dnsName = 1092;
+
+  SN_X500algorithms = AnsiString('X500algorithms');
+  LN_X500algorithms = AnsiString('directory services - algorithms');
+  NID_X500algorithms = 378;
+
+  SN_rsa = AnsiString('RSA');
+  LN_rsa = AnsiString('rsa');
+  NID_rsa = 19;
+
+  SN_mdc2WithRSA = AnsiString('RSA-MDC2');
+  LN_mdc2WithRSA = AnsiString('mdc2WithRSA');
+  NID_mdc2WithRSA = 96;
+
+  SN_mdc2 = AnsiString('MDC2');
+  LN_mdc2 = AnsiString('mdc2');
+  NID_mdc2 = 95;
+
+  SN_id_ce = AnsiString('id-ce');
+  NID_id_ce = 81;
+
+  SN_subject_directory_attributes = AnsiString('subjectDirectoryAttributes');
+  LN_subject_directory_attributes = AnsiString('X509v3 Subject Directory Attributes');
+  NID_subject_directory_attributes = 769;
+
+  SN_subject_key_identifier = AnsiString('subjectKeyIdentifier');
+  LN_subject_key_identifier = AnsiString('X509v3 Subject Key Identifier');
+  NID_subject_key_identifier = 82;
+
+  SN_key_usage = AnsiString('keyUsage');
+  LN_key_usage = AnsiString('X509v3 Key Usage');
+  NID_key_usage = 83;
+
+  SN_private_key_usage_period = AnsiString('privateKeyUsagePeriod');
+  LN_private_key_usage_period = AnsiString('X509v3 Private Key Usage Period');
+  NID_private_key_usage_period = 84;
+
+  SN_subject_alt_name = AnsiString('subjectAltName');
+  LN_subject_alt_name = AnsiString('X509v3 Subject Alternative Name');
+  NID_subject_alt_name = 85;
+
+  SN_issuer_alt_name = AnsiString('issuerAltName');
+  LN_issuer_alt_name = AnsiString('X509v3 Issuer Alternative Name');
+  NID_issuer_alt_name = 86;
+
+  SN_basic_constraints = AnsiString('basicConstraints');
+  LN_basic_constraints = AnsiString('X509v3 Basic Constraints');
+  NID_basic_constraints = 87;
+
+  SN_crl_number = AnsiString('crlNumber');
+  LN_crl_number = AnsiString('X509v3 CRL Number');
+  NID_crl_number = 88;
+
+  SN_crl_reason = AnsiString('CRLReason');
+  LN_crl_reason = AnsiString('X509v3 CRL Reason Code');
+  NID_crl_reason = 141;
+
+  SN_invalidity_date = AnsiString('invalidityDate');
+  LN_invalidity_date = AnsiString('Invalidity Date');
+  NID_invalidity_date = 142;
+
+  SN_delta_crl = AnsiString('deltaCRL');
+  LN_delta_crl = AnsiString('X509v3 Delta CRL Indicator');
+  NID_delta_crl = 140;
+
+  SN_issuing_distribution_point = AnsiString('issuingDistributionPoint');
+  LN_issuing_distribution_point = AnsiString('X509v3 Issuing Distribution Point');
+  NID_issuing_distribution_point = 770;
+
+  SN_certificate_issuer = AnsiString('certificateIssuer');
+  LN_certificate_issuer = AnsiString('X509v3 Certificate Issuer');
+  NID_certificate_issuer = 771;
+
+  SN_name_constraints = AnsiString('nameConstraints');
+  LN_name_constraints = AnsiString('X509v3 Name Constraints');
+  NID_name_constraints = 666;
+
+  SN_crl_distribution_points = AnsiString('crlDistributionPoints');
+  LN_crl_distribution_points = AnsiString('X509v3 CRL Distribution Points');
+  NID_crl_distribution_points = 103;
+
+  SN_certificate_policies = AnsiString('certificatePolicies');
+  LN_certificate_policies = AnsiString('X509v3 Certificate Policies');
+  NID_certificate_policies = 89;
+
+  SN_any_policy = AnsiString('anyPolicy');
+  LN_any_policy = AnsiString('X509v3 Any Policy');
+  NID_any_policy = 746;
+
+  SN_policy_mappings = AnsiString('policyMappings');
+  LN_policy_mappings = AnsiString('X509v3 Policy Mappings');
+  NID_policy_mappings = 747;
+
+  SN_authority_key_identifier = AnsiString('authorityKeyIdentifier');
+  LN_authority_key_identifier = AnsiString('X509v3 Authority Key Identifier');
+  NID_authority_key_identifier = 90;
+
+  SN_policy_constraints = AnsiString('policyConstraints');
+  LN_policy_constraints = AnsiString('X509v3 Policy Constraints');
+  NID_policy_constraints = 401;
+
+  SN_ext_key_usage = AnsiString('extendedKeyUsage');
+  LN_ext_key_usage = AnsiString('X509v3 Extended Key Usage');
+  NID_ext_key_usage = 126;
+
+  SN_freshest_crl = AnsiString('freshestCRL');
+  LN_freshest_crl = AnsiString('X509v3 Freshest CRL');
+  NID_freshest_crl = 857;
+
+  SN_inhibit_any_policy = AnsiString('inhibitAnyPolicy');
+  LN_inhibit_any_policy = AnsiString('X509v3 Inhibit Any Policy');
+  NID_inhibit_any_policy = 748;
+
+  SN_target_information = AnsiString('targetInformation');
+  LN_target_information = AnsiString('X509v3 AC Targeting');
+  NID_target_information = 402;
+
+  SN_no_rev_avail = AnsiString('noRevAvail');
+  LN_no_rev_avail = AnsiString('X509v3 No Revocation Available');
+  NID_no_rev_avail = 403;
+
+  SN_anyExtendedKeyUsage = AnsiString('anyExtendedKeyUsage');
+  LN_anyExtendedKeyUsage = AnsiString('Any Extended Key Usage');
+  NID_anyExtendedKeyUsage = 910;
+
+  SN_netscape = AnsiString('Netscape');
+  LN_netscape = AnsiString('Netscape Communications Corp.');
+  NID_netscape = 57;
+
+  SN_netscape_cert_extension = AnsiString('nsCertExt');
+  LN_netscape_cert_extension = AnsiString('Netscape Certificate Extension');
+  NID_netscape_cert_extension = 58;
+
+  SN_netscape_data_type = AnsiString('nsDataType');
+  LN_netscape_data_type = AnsiString('Netscape Data Type');
+  NID_netscape_data_type = 59;
+
+  SN_netscape_cert_type = AnsiString('nsCertType');
+  LN_netscape_cert_type = AnsiString('Netscape Cert Type');
+  NID_netscape_cert_type = 71;
+
+  SN_netscape_base_url = AnsiString('nsBaseUrl');
+  LN_netscape_base_url = AnsiString('Netscape Base Url');
+  NID_netscape_base_url = 72;
+
+  SN_netscape_revocation_url = AnsiString('nsRevocationUrl');
+  LN_netscape_revocation_url = AnsiString('Netscape Revocation Url');
+  NID_netscape_revocation_url = 73;
+
+  SN_netscape_ca_revocation_url = AnsiString('nsCaRevocationUrl');
+  LN_netscape_ca_revocation_url = AnsiString('Netscape CA Revocation Url');
+  NID_netscape_ca_revocation_url = 74;
+
+  SN_netscape_renewal_url = AnsiString('nsRenewalUrl');
+  LN_netscape_renewal_url = AnsiString('Netscape Renewal Url');
+  NID_netscape_renewal_url = 75;
+
+  SN_netscape_ca_policy_url = AnsiString('nsCaPolicyUrl');
+  LN_netscape_ca_policy_url = AnsiString('Netscape CA Policy Url');
+  NID_netscape_ca_policy_url = 76;
+
+  SN_netscape_ssl_server_name = AnsiString('nsSslServerName');
+  LN_netscape_ssl_server_name = AnsiString('Netscape Server: SSl Name');
+  NID_netscape_ssl_server_name = 77;
+
+  SN_netscape_comment = AnsiString('nsComment');
+  LN_netscape_comment = AnsiString('Netscape Comment');
+  NID_netscape_comment = 78;
+
+  SN_netscape_cert_sequence = AnsiString('nsCertSequence');
+  LN_netscape_cert_sequence = AnsiString('Netscape Certificate Sequence');
+  NID_netscape_cert_sequence = 79;
+
+  SN_ns_sgc = AnsiString('nsSGC');
+  LN_ns_sgc = AnsiString('Netscape Server Gated Crypto');
+  NID_ns_sgc = 139;
+
+  SN_org = AnsiString('ORG');
+  LN_org = AnsiString('org');
+  NID_org = 379;
+
+  SN_dod = AnsiString('DOD');
+  LN_dod = AnsiString('dod');
+  NID_dod = 380;
+
+  SN_iana = AnsiString('IANA');
+  LN_iana = AnsiString('iana');
+  NID_iana = 381;
+
+  SN_Directory = AnsiString('directory');
+  LN_Directory = AnsiString('Directory');
+  NID_Directory = 382;
+
+  SN_Management = AnsiString('mgmt');
+  LN_Management = AnsiString('Management');
+  NID_Management = 383;
+
+  SN_Experimental = AnsiString('experimental');
+  LN_Experimental = AnsiString('Experimental');
+  NID_Experimental = 384;
+
+  SN_Private = AnsiString('private');
+  LN_Private = AnsiString('Private');
+  NID_Private = 385;
+
+  SN_Security = AnsiString('security');
+  LN_Security = AnsiString('Security');
+  NID_Security = 386;
+
+  SN_SNMPv2 = AnsiString('snmpv2');
+  LN_SNMPv2 = AnsiString('SNMPv2');
+  NID_SNMPv2 = 387;
+
+  LN_Mail = AnsiString('Mail');
+  NID_Mail = 388;
+
+  SN_Enterprises = AnsiString('enterprises');
+  LN_Enterprises = AnsiString('Enterprises');
+  NID_Enterprises = 389;
+
+  SN_dcObject = AnsiString('dcobject');
+  LN_dcObject = AnsiString('dcObject');
+  NID_dcObject = 390;
+
+  SN_mime_mhs = AnsiString('mime-mhs');
+  LN_mime_mhs = AnsiString('MIME MHS');
+  NID_mime_mhs = 504;
+
+  SN_mime_mhs_headings = AnsiString('mime-mhs-headings');
+  LN_mime_mhs_headings = AnsiString('mime-mhs-headings');
+  NID_mime_mhs_headings = 505;
+
+  SN_mime_mhs_bodies = AnsiString('mime-mhs-bodies');
+  LN_mime_mhs_bodies = AnsiString('mime-mhs-bodies');
+  NID_mime_mhs_bodies = 506;
+
+  SN_id_hex_partial_message = AnsiString('id-hex-partial-message');
+  LN_id_hex_partial_message = AnsiString('id-hex-partial-message');
+  NID_id_hex_partial_message = 507;
+
+  SN_id_hex_multipart_message = AnsiString('id-hex-multipart-message');
+  LN_id_hex_multipart_message = AnsiString('id-hex-multipart-message');
+  NID_id_hex_multipart_message = 508;
+
+  SN_zlib_compression = AnsiString('ZLIB');
+  LN_zlib_compression = AnsiString('zlib compression');
+  NID_zlib_compression = 125;
+
+  SN_aes_128_ecb = AnsiString('AES-128-ECB');
+  LN_aes_128_ecb = AnsiString('aes-128-ecb');
+  NID_aes_128_ecb = 418;
+
+  SN_aes_128_cbc = AnsiString('AES-128-CBC');
+  LN_aes_128_cbc = AnsiString('aes-128-cbc');
+  NID_aes_128_cbc = 419;
+
+  SN_aes_128_ofb128 = AnsiString('AES-128-OFB');
+  LN_aes_128_ofb128 = AnsiString('aes-128-ofb');
+  NID_aes_128_ofb128 = 420;
+
+  SN_aes_128_cfb128 = AnsiString('AES-128-CFB');
+  LN_aes_128_cfb128 = AnsiString('aes-128-cfb');
+  NID_aes_128_cfb128 = 421;
+
+  SN_id_aes128_wrap = AnsiString('id-aes128-wrap');
+  NID_id_aes128_wrap = 788;
+
+  SN_aes_128_gcm = AnsiString('id-aes128-GCM');
+  LN_aes_128_gcm = AnsiString('aes-128-gcm');
+  NID_aes_128_gcm = 895;
+
+  SN_aes_128_ccm = AnsiString('id-aes128-CCM');
+  LN_aes_128_ccm = AnsiString('aes-128-ccm');
+  NID_aes_128_ccm = 896;
+
+  SN_id_aes128_wrap_pad = AnsiString('id-aes128-wrap-pad');
+  NID_id_aes128_wrap_pad = 897;
+
+  SN_aes_192_ecb = AnsiString('AES-192-ECB');
+  LN_aes_192_ecb = AnsiString('aes-192-ecb');
+  NID_aes_192_ecb = 422;
+
+  SN_aes_192_cbc = AnsiString('AES-192-CBC');
+  LN_aes_192_cbc = AnsiString('aes-192-cbc');
+  NID_aes_192_cbc = 423;
+
+  SN_aes_192_ofb128 = AnsiString('AES-192-OFB');
+  LN_aes_192_ofb128 = AnsiString('aes-192-ofb');
+  NID_aes_192_ofb128 = 424;
+
+  SN_aes_192_cfb128 = AnsiString('AES-192-CFB');
+  LN_aes_192_cfb128 = AnsiString('aes-192-cfb');
+  NID_aes_192_cfb128 = 425;
+
+  SN_id_aes192_wrap = AnsiString('id-aes192-wrap');
+  NID_id_aes192_wrap = 789;
+
+  SN_aes_192_gcm = AnsiString('id-aes192-GCM');
+  LN_aes_192_gcm = AnsiString('aes-192-gcm');
+  NID_aes_192_gcm = 898;
+
+  SN_aes_192_ccm = AnsiString('id-aes192-CCM');
+  LN_aes_192_ccm = AnsiString('aes-192-ccm');
+  NID_aes_192_ccm = 899;
+
+  SN_id_aes192_wrap_pad = AnsiString('id-aes192-wrap-pad');
+  NID_id_aes192_wrap_pad = 900;
+
+  SN_aes_256_ecb = AnsiString('AES-256-ECB');
+  LN_aes_256_ecb = AnsiString('aes-256-ecb');
+  NID_aes_256_ecb = 426;
+
+  SN_aes_256_cbc = AnsiString('AES-256-CBC');
+  LN_aes_256_cbc = AnsiString('aes-256-cbc');
+  NID_aes_256_cbc = 427;
+
+  SN_aes_256_ofb128 = AnsiString('AES-256-OFB');
+  LN_aes_256_ofb128 = AnsiString('aes-256-ofb');
+  NID_aes_256_ofb128 = 428;
+
+  SN_aes_256_cfb128 = AnsiString('AES-256-CFB');
+  LN_aes_256_cfb128 = AnsiString('aes-256-cfb');
+  NID_aes_256_cfb128 = 429;
+
+  SN_id_aes256_wrap = AnsiString('id-aes256-wrap');
+  NID_id_aes256_wrap = 790;
+
+  SN_aes_256_gcm = AnsiString('id-aes256-GCM');
+  LN_aes_256_gcm = AnsiString('aes-256-gcm');
+  NID_aes_256_gcm = 901;
+
+  SN_aes_256_ccm = AnsiString('id-aes256-CCM');
+  LN_aes_256_ccm = AnsiString('aes-256-ccm');
+  NID_aes_256_ccm = 902;
+
+  SN_id_aes256_wrap_pad = AnsiString('id-aes256-wrap-pad');
+  NID_id_aes256_wrap_pad = 903;
+
+  SN_aes_128_xts = AnsiString('AES-128-XTS');
+  LN_aes_128_xts = AnsiString('aes-128-xts');
+  NID_aes_128_xts = 913;
+
+  SN_aes_256_xts = AnsiString('AES-256-XTS');
+  LN_aes_256_xts = AnsiString('aes-256-xts');
+  NID_aes_256_xts = 914;
+
+  SN_aes_128_cfb1 = AnsiString('AES-128-CFB1');
+  LN_aes_128_cfb1 = AnsiString('aes-128-cfb1');
+  NID_aes_128_cfb1 = 650;
+
+  SN_aes_192_cfb1 = AnsiString('AES-192-CFB1');
+  LN_aes_192_cfb1 = AnsiString('aes-192-cfb1');
+  NID_aes_192_cfb1 = 651;
+
+  SN_aes_256_cfb1 = AnsiString('AES-256-CFB1');
+  LN_aes_256_cfb1 = AnsiString('aes-256-cfb1');
+  NID_aes_256_cfb1 = 652;
+
+  SN_aes_128_cfb8 = AnsiString('AES-128-CFB8');
+  LN_aes_128_cfb8 = AnsiString('aes-128-cfb8');
+  NID_aes_128_cfb8 = 653;
+
+  SN_aes_192_cfb8 = AnsiString('AES-192-CFB8');
+  LN_aes_192_cfb8 = AnsiString('aes-192-cfb8');
+  NID_aes_192_cfb8 = 654;
+
+  SN_aes_256_cfb8 = AnsiString('AES-256-CFB8');
+  LN_aes_256_cfb8 = AnsiString('aes-256-cfb8');
+  NID_aes_256_cfb8 = 655;
+
+  SN_aes_128_ctr = AnsiString('AES-128-CTR');
+  LN_aes_128_ctr = AnsiString('aes-128-ctr');
+  NID_aes_128_ctr = 904;
+
+  SN_aes_192_ctr = AnsiString('AES-192-CTR');
+  LN_aes_192_ctr = AnsiString('aes-192-ctr');
+  NID_aes_192_ctr = 905;
+
+  SN_aes_256_ctr = AnsiString('AES-256-CTR');
+  LN_aes_256_ctr = AnsiString('aes-256-ctr');
+  NID_aes_256_ctr = 906;
+
+  SN_aes_128_ocb = AnsiString('AES-128-OCB');
+  LN_aes_128_ocb = AnsiString('aes-128-ocb');
+  NID_aes_128_ocb = 958;
+
+  SN_aes_192_ocb = AnsiString('AES-192-OCB');
+  LN_aes_192_ocb = AnsiString('aes-192-ocb');
+  NID_aes_192_ocb = 959;
+
+  SN_aes_256_ocb = AnsiString('AES-256-OCB');
+  LN_aes_256_ocb = AnsiString('aes-256-ocb');
+  NID_aes_256_ocb = 960;
+
+  SN_des_cfb1 = AnsiString('DES-CFB1');
+  LN_des_cfb1 = AnsiString('des-cfb1');
+  NID_des_cfb1 = 656;
+
+  SN_des_cfb8 = AnsiString('DES-CFB8');
+  LN_des_cfb8 = AnsiString('des-cfb8');
+  NID_des_cfb8 = 657;
+
+  SN_des_ede3_cfb1 = AnsiString('DES-EDE3-CFB1');
+  LN_des_ede3_cfb1 = AnsiString('des-ede3-cfb1');
+  NID_des_ede3_cfb1 = 658;
+
+  SN_des_ede3_cfb8 = AnsiString('DES-EDE3-CFB8');
+  LN_des_ede3_cfb8 = AnsiString('des-ede3-cfb8');
+  NID_des_ede3_cfb8 = 659;
+
+  SN_sha256 = AnsiString('SHA256');
+  LN_sha256 = AnsiString('sha256');
+  NID_sha256 = 672;
+
+  SN_sha384 = AnsiString('SHA384');
+  LN_sha384 = AnsiString('sha384');
+  NID_sha384 = 673;
+
+  SN_sha512 = AnsiString('SHA512');
+  LN_sha512 = AnsiString('sha512');
+  NID_sha512 = 674;
+
+  SN_sha224 = AnsiString('SHA224');
+  LN_sha224 = AnsiString('sha224');
+  NID_sha224 = 675;
+
+  SN_sha512_224 = AnsiString('SHA512-224');
+  LN_sha512_224 = AnsiString('sha512-224');
+  NID_sha512_224 = 1094;
+
+  SN_sha512_256 = AnsiString('SHA512-256');
+  LN_sha512_256 = AnsiString('sha512-256');
+  NID_sha512_256 = 1095;
+
+  SN_sha3_224 = AnsiString('SHA3-224');
+  LN_sha3_224 = AnsiString('sha3-224');
+  NID_sha3_224 = 1096;
+
+  SN_sha3_256 = AnsiString('SHA3-256');
+  LN_sha3_256 = AnsiString('sha3-256');
+  NID_sha3_256 = 1097;
+
+  SN_sha3_384 = AnsiString('SHA3-384');
+  LN_sha3_384 = AnsiString('sha3-384');
+  NID_sha3_384 = 1098;
+
+  SN_sha3_512 = AnsiString('SHA3-512');
+  LN_sha3_512 = AnsiString('sha3-512');
+  NID_sha3_512 = 1099;
+
+  SN_shake128 = AnsiString('SHAKE128');
+  LN_shake128 = AnsiString('shake128');
+  NID_shake128 = 1100;
+
+  SN_shake256 = AnsiString('SHAKE256');
+  LN_shake256 = AnsiString('shake256');
+  NID_shake256 = 1101;
+
+  SN_hmac_sha3_224 = AnsiString('id-hmacWithSHA3-224');
+  LN_hmac_sha3_224 = AnsiString('hmac-sha3-224');
+  NID_hmac_sha3_224 = 1102;
+
+  SN_hmac_sha3_256 = AnsiString('id-hmacWithSHA3-256');
+  LN_hmac_sha3_256 = AnsiString('hmac-sha3-256');
+  NID_hmac_sha3_256 = 1103;
+
+  SN_hmac_sha3_384 = AnsiString('id-hmacWithSHA3-384');
+  LN_hmac_sha3_384 = AnsiString('hmac-sha3-384');
+  NID_hmac_sha3_384 = 1104;
+
+  SN_hmac_sha3_512 = AnsiString('id-hmacWithSHA3-512');
+  LN_hmac_sha3_512 = AnsiString('hmac-sha3-512');
+  NID_hmac_sha3_512 = 1105;
+
+  SN_dsa_with_SHA224 = AnsiString('dsa_with_SHA224');
+  NID_dsa_with_SHA224 = 802;
+
+  SN_dsa_with_SHA256 = AnsiString('dsa_with_SHA256');
+  NID_dsa_with_SHA256 = 803;
+
+  SN_dsa_with_SHA384 = AnsiString('id-dsa-with-sha384');
+  LN_dsa_with_SHA384 = AnsiString('dsa_with_SHA384');
+  NID_dsa_with_SHA384 = 1106;
+
+  SN_dsa_with_SHA512 = AnsiString('id-dsa-with-sha512');
+  LN_dsa_with_SHA512 = AnsiString('dsa_with_SHA512');
+  NID_dsa_with_SHA512 = 1107;
+
+  SN_dsa_with_SHA3_224 = AnsiString('id-dsa-with-sha3-224');
+  LN_dsa_with_SHA3_224 = AnsiString('dsa_with_SHA3-224');
+  NID_dsa_with_SHA3_224 = 1108;
+
+  SN_dsa_with_SHA3_256 = AnsiString('id-dsa-with-sha3-256');
+  LN_dsa_with_SHA3_256 = AnsiString('dsa_with_SHA3-256');
+  NID_dsa_with_SHA3_256 = 1109;
+
+  SN_dsa_with_SHA3_384 = AnsiString('id-dsa-with-sha3-384');
+  LN_dsa_with_SHA3_384 = AnsiString('dsa_with_SHA3-384');
+  NID_dsa_with_SHA3_384 = 1110;
+
+  SN_dsa_with_SHA3_512 = AnsiString('id-dsa-with-sha3-512');
+  LN_dsa_with_SHA3_512 = AnsiString('dsa_with_SHA3-512');
+  NID_dsa_with_SHA3_512 = 1111;
+
+  SN_ecdsa_with_SHA3_224 = AnsiString('id-ecdsa-with-sha3-224');
+  LN_ecdsa_with_SHA3_224 = AnsiString('ecdsa_with_SHA3-224');
+  NID_ecdsa_with_SHA3_224 = 1112;
+
+  SN_ecdsa_with_SHA3_256 = AnsiString('id-ecdsa-with-sha3-256');
+  LN_ecdsa_with_SHA3_256 = AnsiString('ecdsa_with_SHA3-256');
+  NID_ecdsa_with_SHA3_256 = 1113;
+
+  SN_ecdsa_with_SHA3_384 = AnsiString('id-ecdsa-with-sha3-384');
+  LN_ecdsa_with_SHA3_384 = AnsiString('ecdsa_with_SHA3-384');
+  NID_ecdsa_with_SHA3_384 = 1114;
+
+  SN_ecdsa_with_SHA3_512 = AnsiString('id-ecdsa-with-sha3-512');
+  LN_ecdsa_with_SHA3_512 = AnsiString('ecdsa_with_SHA3-512');
+  NID_ecdsa_with_SHA3_512 = 1115;
+
+  SN_RSA_SHA3_224 = AnsiString('id-rsassa-pkcs1-v1_5-with-sha3-224');
+  LN_RSA_SHA3_224 = AnsiString('RSA-SHA3-224');
+  NID_RSA_SHA3_224 = 1116;
+
+  SN_RSA_SHA3_256 = AnsiString('id-rsassa-pkcs1-v1_5-with-sha3-256');
+  LN_RSA_SHA3_256 = AnsiString('RSA-SHA3-256');
+  NID_RSA_SHA3_256 = 1117;
+
+  SN_RSA_SHA3_384 = AnsiString('id-rsassa-pkcs1-v1_5-with-sha3-384');
+  LN_RSA_SHA3_384 = AnsiString('RSA-SHA3-384');
+  NID_RSA_SHA3_384 = 1118;
+
+  SN_RSA_SHA3_512 = AnsiString('id-rsassa-pkcs1-v1_5-with-sha3-512');
+  LN_RSA_SHA3_512 = AnsiString('RSA-SHA3-512');
+  NID_RSA_SHA3_512 = 1119;
+
+  SN_hold_instruction_code = AnsiString('holdInstructionCode');
+  LN_hold_instruction_code = AnsiString('Hold Instruction Code');
+  NID_hold_instruction_code = 430;
+
+  SN_hold_instruction_none = AnsiString('holdInstructionNone');
+  LN_hold_instruction_none = AnsiString('Hold Instruction None');
+  NID_hold_instruction_none = 431;
+
+  SN_hold_instruction_call_issuer = AnsiString('holdInstructionCallIssuer');
+  LN_hold_instruction_call_issuer = AnsiString('Hold Instruction Call Issuer');
+  NID_hold_instruction_call_issuer = 432;
+
+  SN_hold_instruction_reject = AnsiString('holdInstructionReject');
+  LN_hold_instruction_reject = AnsiString('Hold Instruction Reject');
+  NID_hold_instruction_reject = 433;
+
+  SN_data = AnsiString('data');
+  NID_data = 434;
+
+  SN_pss = AnsiString('pss');
+  NID_pss = 435;
+
+  SN_ucl = AnsiString('ucl');
+  NID_ucl = 436;
+
+  SN_pilot = AnsiString('pilot');
+  NID_pilot = 437;
+
+  LN_pilotAttributeType = AnsiString('pilotAttributeType');
+  NID_pilotAttributeType = 438;
+
+  LN_pilotAttributeSyntax = AnsiString('pilotAttributeSyntax');
+  NID_pilotAttributeSyntax = 439;
+
+  LN_pilotObjectClass = AnsiString('pilotObjectClass');
+  NID_pilotObjectClass = 440;
+
+  LN_pilotGroups = AnsiString('pilotGroups');
+  NID_pilotGroups = 441;
+
+  LN_iA5StringSyntax = AnsiString('iA5StringSyntax');
+  NID_iA5StringSyntax = 442;
+
+  LN_caseIgnoreIA5StringSyntax = AnsiString('caseIgnoreIA5StringSyntax');
+  NID_caseIgnoreIA5StringSyntax = 443;
+
+  LN_pilotObject = AnsiString('pilotObject');
+  NID_pilotObject = 444;
+
+  LN_pilotPerson = AnsiString('pilotPerson');
+  NID_pilotPerson = 445;
+
+  SN_account = AnsiString('account');
+  NID_account = 446;
+
+  SN_document = AnsiString('document');
+  NID_document = 447;
+
+  SN_room = AnsiString('room');
+  NID_room = 448;
+
+  LN_documentSeries = AnsiString('documentSeries');
+  NID_documentSeries = 449;
+
+  SN_Domain = AnsiString('domain');
+  LN_Domain = AnsiString('Domain');
+  NID_Domain = 392;
+
+  LN_rFC822localPart = AnsiString('rFC822localPart');
+  NID_rFC822localPart = 450;
+
+  LN_dNSDomain = AnsiString('dNSDomain');
+  NID_dNSDomain = 451;
+
+  LN_domainRelatedObject = AnsiString('domainRelatedObject');
+  NID_domainRelatedObject = 452;
+
+  LN_friendlyCountry = AnsiString('friendlyCountry');
+  NID_friendlyCountry = 453;
+
+  LN_simpleSecurityObject = AnsiString('simpleSecurityObject');
+  NID_simpleSecurityObject = 454;
+
+  LN_pilotOrganization = AnsiString('pilotOrganization');
+  NID_pilotOrganization = 455;
+
+  LN_pilotDSA = AnsiString('pilotDSA');
+  NID_pilotDSA = 456;
+
+  LN_qualityLabelledData = AnsiString('qualityLabelledData');
+  NID_qualityLabelledData = 457;
+
+  SN_userId = AnsiString('UID');
+  LN_userId = AnsiString('userId');
+  NID_userId = 458;
+
+  LN_textEncodedORAddress = AnsiString('textEncodedORAddress');
+  NID_textEncodedORAddress = 459;
+
+  SN_rfc822Mailbox = AnsiString('mail');
+  LN_rfc822Mailbox = AnsiString('rfc822Mailbox');
+  NID_rfc822Mailbox = 460;
+
+  SN_info = AnsiString('info');
+  NID_info = 461;
+
+  LN_favouriteDrink = AnsiString('favouriteDrink');
+  NID_favouriteDrink = 462;
+
+  LN_roomNumber = AnsiString('roomNumber');
+  NID_roomNumber = 463;
+
+  SN_photo = AnsiString('photo');
+  NID_photo = 464;
+
+  LN_userClass = AnsiString('userClass');
+  NID_userClass = 465;
+
+  SN_host = AnsiString('host');
+  NID_host = 466;
+
+  SN_manager = AnsiString('manager');
+  NID_manager = 467;
+
+  LN_documentIdentifier = AnsiString('documentIdentifier');
+  NID_documentIdentifier = 468;
+
+  LN_documentTitle = AnsiString('documentTitle');
+  NID_documentTitle = 469;
+
+  LN_documentVersion = AnsiString('documentVersion');
+  NID_documentVersion = 470;
+
+  LN_documentAuthor = AnsiString('documentAuthor');
+  NID_documentAuthor = 471;
+
+  LN_documentLocation = AnsiString('documentLocation');
+  NID_documentLocation = 472;
+
+  LN_homeTelephoneNumber = AnsiString('homeTelephoneNumber');
+  NID_homeTelephoneNumber = 473;
+
+  SN_secretary = AnsiString('secretary');
+  NID_secretary = 474;
+
+  LN_otherMailbox = AnsiString('otherMailbox');
+  NID_otherMailbox = 475;
+
+  LN_lastModifiedTime = AnsiString('lastModifiedTime');
+  NID_lastModifiedTime = 476;
+
+  LN_lastModifiedBy = AnsiString('lastModifiedBy');
+  NID_lastModifiedBy = 477;
+
+  SN_domainComponent = AnsiString('DC');
+  LN_domainComponent = AnsiString('domainComponent');
+  NID_domainComponent = 391;
+
+  LN_aRecord = AnsiString('aRecord');
+  NID_aRecord = 478;
+
+  LN_pilotAttributeType27 = AnsiString('pilotAttributeType27');
+  NID_pilotAttributeType27 = 479;
+
+  LN_mXRecord = AnsiString('mXRecord');
+  NID_mXRecord = 480;
+
+  LN_nSRecord = AnsiString('nSRecord');
+  NID_nSRecord = 481;
+
+  LN_sOARecord = AnsiString('sOARecord');
+  NID_sOARecord = 482;
+
+  LN_cNAMERecord = AnsiString('cNAMERecord');
+  NID_cNAMERecord = 483;
+
+  LN_associatedDomain = AnsiString('associatedDomain');
+  NID_associatedDomain = 484;
+
+  LN_associatedName = AnsiString('associatedName');
+  NID_associatedName = 485;
+
+  LN_homePostalAddress = AnsiString('homePostalAddress');
+  NID_homePostalAddress = 486;
+
+  LN_personalTitle = AnsiString('personalTitle');
+  NID_personalTitle = 487;
+
+  LN_mobileTelephoneNumber = AnsiString('mobileTelephoneNumber');
+  NID_mobileTelephoneNumber = 488;
+
+  LN_pagerTelephoneNumber = AnsiString('pagerTelephoneNumber');
+  NID_pagerTelephoneNumber = 489;
+
+  LN_friendlyCountryName = AnsiString('friendlyCountryName');
+  NID_friendlyCountryName = 490;
+
+  SN_uniqueIdentifier = AnsiString('uid');
+  LN_uniqueIdentifier = AnsiString('uniqueIdentifier');
+  NID_uniqueIdentifier = 102;
+
+  LN_organizationalStatus = AnsiString('organizationalStatus');
+  NID_organizationalStatus = 491;
+
+  LN_janetMailbox = AnsiString('janetMailbox');
+  NID_janetMailbox = 492;
+  LN_mailPreferenceOption = AnsiString('mailPreferenceOption');
+  NID_mailPreferenceOption = 493;
+
+  LN_buildingName = AnsiString('buildingName');
+  NID_buildingName = 494;
+
+  LN_dSAQuality = AnsiString('dSAQuality');
+  NID_dSAQuality = 495;
+
+  LN_singleLevelQuality = AnsiString('singleLevelQuality');
+  NID_singleLevelQuality = 496;
+
+  LN_subtreeMinimumQuality = AnsiString('subtreeMinimumQuality');
+  NID_subtreeMinimumQuality = 497;
+
+  LN_subtreeMaximumQuality = AnsiString('subtreeMaximumQuality');
+  NID_subtreeMaximumQuality = 498;
+
+  LN_personalSignature = AnsiString('personalSignature');
+  NID_personalSignature = 499;
+
+  LN_dITRedirect = AnsiString('dITRedirect');
+  NID_dITRedirect = 500;
+
+  SN_audio = AnsiString('audio');
+  NID_audio = 501;
+
+  LN_documentPublisher = AnsiString('documentPublisher');
+  NID_documentPublisher = 502;
+
+  SN_id_set = AnsiString('id-set');
+  LN_id_set = AnsiString('Secure Electronic Transactions');
+  NID_id_set = 512;
+
+  SN_set_ctype = AnsiString('set-ctype');
+  LN_set_ctype = AnsiString('content types');
+  NID_set_ctype = 513;
+
+  SN_set_msgExt = AnsiString('set-msgExt');
+  LN_set_msgExt = AnsiString('message extensions');
+  NID_set_msgExt = 514;
+
+  SN_set_attr = AnsiString('set-attr');
+  NID_set_attr = 515;
+
+  SN_set_policy = AnsiString('set-policy');
+  NID_set_policy = 516;
+
+  SN_set_certExt = AnsiString('set-certExt');
+  LN_set_certExt = AnsiString('certificate extensions');
+  NID_set_certExt = 517;
+
+  SN_set_brand = AnsiString('set-brand');
+  NID_set_brand = 518;
+
+  SN_setct_PANData = AnsiString('setct-PANData');
+  NID_setct_PANData = 519;
+
+  SN_setct_PANToken = AnsiString('setct-PANToken');
+  NID_setct_PANToken = 520;
+
+  SN_setct_PANOnly = AnsiString('setct-PANOnly');
+  NID_setct_PANOnly = 521;
+
+  SN_setct_OIData = AnsiString('setct-OIData');
+  NID_setct_OIData = 522;
+
+  SN_setct_PI = AnsiString('setct-PI');
+  NID_setct_PI = 523;
+
+  SN_setct_PIData = AnsiString('setct-PIData');
+  NID_setct_PIData = 524;
+
+  SN_setct_PIDataUnsigned = AnsiString('setct-PIDataUnsigned');
+  NID_setct_PIDataUnsigned = 525;
+
+  SN_setct_HODInput = AnsiString('setct-HODInput');
+  NID_setct_HODInput = 526;
+
+  SN_setct_AuthResBaggage = AnsiString('setct-AuthResBaggage');
+  NID_setct_AuthResBaggage = 527;
+
+  SN_setct_AuthRevReqBaggage = AnsiString('setct-AuthRevReqBaggage');
+  NID_setct_AuthRevReqBaggage = 528;
+
+  SN_setct_AuthRevResBaggage = AnsiString('setct-AuthRevResBaggage');
+  NID_setct_AuthRevResBaggage = 529;
+
+  SN_setct_CapTokenSeq = AnsiString('setct-CapTokenSeq');
+  NID_setct_CapTokenSeq = 530;
+
+  SN_setct_PInitResData = AnsiString('setct-PInitResData');
+  NID_setct_PInitResData = 531;
+
+  SN_setct_PI_TBS = AnsiString('setct-PI-TBS');
+  NID_setct_PI_TBS = 532;
+
+  SN_setct_PResData = AnsiString('setct-PResData');
+  NID_setct_PResData = 533;
+
+  SN_setct_AuthReqTBS = AnsiString('setct-AuthReqTBS');
+  NID_setct_AuthReqTBS = 534;
+
+  SN_setct_AuthResTBS = AnsiString('setct-AuthResTBS');
+  NID_setct_AuthResTBS = 535;
+
+  SN_setct_AuthResTBSX = AnsiString('setct-AuthResTBSX');
+  NID_setct_AuthResTBSX = 536;
+
+  SN_setct_AuthTokenTBS = AnsiString('setct-AuthTokenTBS');
+  NID_setct_AuthTokenTBS = 537;
+
+  SN_setct_CapTokenData = AnsiString('setct-CapTokenData');
+  NID_setct_CapTokenData = 538;
+
+  SN_setct_CapTokenTBS = AnsiString('setct-CapTokenTBS');
+  NID_setct_CapTokenTBS = 539;
+
+  SN_setct_AcqCardCodeMsg = AnsiString('setct-AcqCardCodeMsg');
+  NID_setct_AcqCardCodeMsg = 540;
+
+  SN_setct_AuthRevReqTBS = AnsiString('setct-AuthRevReqTBS');
+  NID_setct_AuthRevReqTBS = 541;
+
+  SN_setct_AuthRevResData = AnsiString('setct-AuthRevResData');
+  NID_setct_AuthRevResData = 542;
+
+  SN_setct_AuthRevResTBS = AnsiString('setct-AuthRevResTBS');
+  NID_setct_AuthRevResTBS = 543;
+
+  SN_setct_CapReqTBS = AnsiString('setct-CapReqTBS');
+  NID_setct_CapReqTBS = 544;
+
+  SN_setct_CapReqTBSX = AnsiString('setct-CapReqTBSX');
+  NID_setct_CapReqTBSX = 545;
+
+  SN_setct_CapResData = AnsiString('setct-CapResData');
+  NID_setct_CapResData = 546;
+
+  SN_setct_CapRevReqTBS = AnsiString('setct-CapRevReqTBS');
+  NID_setct_CapRevReqTBS = 547;
+
+  SN_setct_CapRevReqTBSX = AnsiString('setct-CapRevReqTBSX');
+  NID_setct_CapRevReqTBSX = 548;
+
+  SN_setct_CapRevResData = AnsiString('setct-CapRevResData');
+  NID_setct_CapRevResData = 549;
+
+  SN_setct_CredReqTBS = AnsiString('setct-CredReqTBS');
+  NID_setct_CredReqTBS = 550;
+
+  SN_setct_CredReqTBSX = AnsiString('setct-CredReqTBSX');
+  NID_setct_CredReqTBSX = 551;
+
+  SN_setct_CredResData = AnsiString('setct-CredResData');
+  NID_setct_CredResData = 552;
+
+  SN_setct_CredRevReqTBS = AnsiString('setct-CredRevReqTBS');
+  NID_setct_CredRevReqTBS = 553;
+
+  SN_setct_CredRevReqTBSX = AnsiString('setct-CredRevReqTBSX');
+  NID_setct_CredRevReqTBSX = 554;
+
+  SN_setct_CredRevResData = AnsiString('setct-CredRevResData');
+  NID_setct_CredRevResData = 555;
+
+  SN_setct_PCertReqData = AnsiString('setct-PCertReqData');
+  NID_setct_PCertReqData = 556;
+
+  SN_setct_PCertResTBS = AnsiString('setct-PCertResTBS');
+  NID_setct_PCertResTBS = 557;
+
+  SN_setct_BatchAdminReqData = AnsiString('setct-BatchAdminReqData');
+  NID_setct_BatchAdminReqData = 558;
+
+  SN_setct_BatchAdminResData = AnsiString('setct-BatchAdminResData');
+  NID_setct_BatchAdminResData = 559;
+
+  SN_setct_CardCInitResTBS = AnsiString('setct-CardCInitResTBS');
+  NID_setct_CardCInitResTBS = 560;
+
+  SN_setct_MeAqCInitResTBS = AnsiString('setct-MeAqCInitResTBS');
+  NID_setct_MeAqCInitResTBS = 561;
+
+  SN_setct_RegFormResTBS = AnsiString('setct-RegFormResTBS');
+  NID_setct_RegFormResTBS = 562;
+
+  SN_setct_CertReqData = AnsiString('setct-CertReqData');
+  NID_setct_CertReqData = 563;
+
+  SN_setct_CertReqTBS = AnsiString('setct-CertReqTBS');
+  NID_setct_CertReqTBS = 564;
+
+  SN_setct_CertResData = AnsiString('setct-CertResData');
+  NID_setct_CertResData = 565;
+
+  SN_setct_CertInqReqTBS = AnsiString('setct-CertInqReqTBS');
+  NID_setct_CertInqReqTBS = 566;
+
+  SN_setct_ErrorTBS = AnsiString('setct-ErrorTBS');
+  NID_setct_ErrorTBS = 567;
+
+  SN_setct_PIDualSignedTBE = AnsiString('setct-PIDualSignedTBE');
+  NID_setct_PIDualSignedTBE = 568;
+
+  SN_setct_PIUnsignedTBE = AnsiString('setct-PIUnsignedTBE');
+  NID_setct_PIUnsignedTBE = 569;
+
+  SN_setct_AuthReqTBE = AnsiString('setct-AuthReqTBE');
+  NID_setct_AuthReqTBE = 570;
+
+  SN_setct_AuthResTBE = AnsiString('setct-AuthResTBE');
+  NID_setct_AuthResTBE = 571;
+
+  SN_setct_AuthResTBEX = AnsiString('setct-AuthResTBEX');
+  NID_setct_AuthResTBEX = 572;
+
+  SN_setct_AuthTokenTBE = AnsiString('setct-AuthTokenTBE');
+  NID_setct_AuthTokenTBE = 573;
+
+  SN_setct_CapTokenTBE = AnsiString('setct-CapTokenTBE');
+  NID_setct_CapTokenTBE = 574;
+
+  SN_setct_CapTokenTBEX = AnsiString('setct-CapTokenTBEX');
+  NID_setct_CapTokenTBEX = 575;
+
+  SN_setct_AcqCardCodeMsgTBE = AnsiString('setct-AcqCardCodeMsgTBE');
+  NID_setct_AcqCardCodeMsgTBE = 576;
+
+  SN_setct_AuthRevReqTBE = AnsiString('setct-AuthRevReqTBE');
+  NID_setct_AuthRevReqTBE = 577;
+
+  SN_setct_AuthRevResTBE = AnsiString('setct-AuthRevResTBE');
+  NID_setct_AuthRevResTBE = 578;
+
+  SN_setct_AuthRevResTBEB = AnsiString('setct-AuthRevResTBEB');
+  NID_setct_AuthRevResTBEB = 579;
+
+  SN_setct_CapReqTBE = AnsiString('setct-CapReqTBE');
+  NID_setct_CapReqTBE = 580;
+
+  SN_setct_CapReqTBEX = AnsiString('setct-CapReqTBEX');
+  NID_setct_CapReqTBEX = 581;
+
+  SN_setct_CapResTBE = AnsiString('setct-CapResTBE');
+  NID_setct_CapResTBE = 582;
+
+  SN_setct_CapRevReqTBE = AnsiString('setct-CapRevReqTBE');
+  NID_setct_CapRevReqTBE = 583;
+
+  SN_setct_CapRevReqTBEX = AnsiString('setct-CapRevReqTBEX');
+  NID_setct_CapRevReqTBEX = 584;
+
+  SN_setct_CapRevResTBE = AnsiString('setct-CapRevResTBE');
+  NID_setct_CapRevResTBE = 585;
+
+  SN_setct_CredReqTBE = AnsiString('setct-CredReqTBE');
+  NID_setct_CredReqTBE = 586;
+
+  SN_setct_CredReqTBEX = AnsiString('setct-CredReqTBEX');
+  NID_setct_CredReqTBEX = 587;
+
+  SN_setct_CredResTBE = AnsiString('setct-CredResTBE');
+  NID_setct_CredResTBE = 588;
+
+  SN_setct_CredRevReqTBE = AnsiString('setct-CredRevReqTBE');
+  NID_setct_CredRevReqTBE = 589;
+
+  SN_setct_CredRevReqTBEX = AnsiString('setct-CredRevReqTBEX');
+  NID_setct_CredRevReqTBEX = 590;
+
+  SN_setct_CredRevResTBE = AnsiString('setct-CredRevResTBE');
+  NID_setct_CredRevResTBE = 591;
+
+  SN_setct_BatchAdminReqTBE = AnsiString('setct-BatchAdminReqTBE');
+  NID_setct_BatchAdminReqTBE = 592;
+
+  SN_setct_BatchAdminResTBE = AnsiString('setct-BatchAdminResTBE');
+  NID_setct_BatchAdminResTBE = 593;
+
+  SN_setct_RegFormReqTBE = AnsiString('setct-RegFormReqTBE');
+  NID_setct_RegFormReqTBE = 594;
+
+  SN_setct_CertReqTBE = AnsiString('setct-CertReqTBE');
+  NID_setct_CertReqTBE = 595;
+
+  SN_setct_CertReqTBEX = AnsiString('setct-CertReqTBEX');
+  NID_setct_CertReqTBEX = 596;
+
+  SN_setct_CertResTBE = AnsiString('setct-CertResTBE');
+  NID_setct_CertResTBE = 597;
+
+  SN_setct_CRLNotificationTBS = AnsiString('setct-CRLNotificationTBS');
+  NID_setct_CRLNotificationTBS = 598;
+
+  SN_setct_CRLNotificationResTBS = AnsiString('setct-CRLNotificationResTBS');
+  NID_setct_CRLNotificationResTBS = 599;
+
+  SN_setct_BCIDistributionTBS = AnsiString('setct-BCIDistributionTBS');
+  NID_setct_BCIDistributionTBS = 600;
+
+  SN_setext_genCrypt = AnsiString('setext-genCrypt');
+  LN_setext_genCrypt = AnsiString('generic cryptogram');
+  NID_setext_genCrypt = 601;
+
+  SN_setext_miAuth = AnsiString('setext-miAuth');
+  LN_setext_miAuth = AnsiString('merchant initiated auth');
+  NID_setext_miAuth = 602;
+
+  SN_setext_pinSecure = AnsiString('setext-pinSecure');
+  NID_setext_pinSecure = 603;
+
+  SN_setext_pinAny = AnsiString('setext-pinAny');
+  NID_setext_pinAny = 604;
+
+  SN_setext_track2 = AnsiString('setext-track2');
+  NID_setext_track2 = 605;
+
+  SN_setext_cv = AnsiString('setext-cv');
+  LN_setext_cv = AnsiString('additional verification');
+  NID_setext_cv = 606;
+
+  SN_set_policy_root = AnsiString('set-policy-root');
+  NID_set_policy_root = 607;
+
+  SN_setCext_hashedRoot = AnsiString('setCext-hashedRoot');
+  NID_setCext_hashedRoot = 608;
+
+  SN_setCext_certType = AnsiString('setCext-certType');
+  NID_setCext_certType = 609;
+
+  SN_setCext_merchData = AnsiString('setCext-merchData');
+  NID_setCext_merchData = 610;
+
+  SN_setCext_cCertRequired = AnsiString('setCext-cCertRequired');
+  NID_setCext_cCertRequired = 611;
+
+  SN_setCext_tunneling = AnsiString('setCext-tunneling');
+  NID_setCext_tunneling = 612;
+
+  SN_setCext_setExt = AnsiString('setCext-setExt');
+  NID_setCext_setExt = 613;
+
+  SN_setCext_setQualf = AnsiString('setCext-setQualf');
+  NID_setCext_setQualf = 614;
+
+  SN_setCext_PGWYcapabilities = AnsiString('setCext-PGWYcapabilities');
+  NID_setCext_PGWYcapabilities = 615;
+
+  SN_setCext_TokenIdentifier = AnsiString('setCext-TokenIdentifier');
+  NID_setCext_TokenIdentifier = 616;
+
+  SN_setCext_Track2Data = AnsiString('setCext-Track2Data');
+  NID_setCext_Track2Data = 617;
+
+  SN_setCext_TokenType = AnsiString('setCext-TokenType');
+  NID_setCext_TokenType = 618;
+
+  SN_setCext_IssuerCapabilities = AnsiString('setCext-IssuerCapabilities');
+  NID_setCext_IssuerCapabilities = 619;
+
+  SN_setAttr_Cert = AnsiString('setAttr-Cert');
+  NID_setAttr_Cert = 620;
+
+  SN_setAttr_PGWYcap = AnsiString('setAttr-PGWYcap');
+  LN_setAttr_PGWYcap = AnsiString('payment gateway capabilities');
+  NID_setAttr_PGWYcap = 621;
+
+  SN_setAttr_TokenType = AnsiString('setAttr-TokenType');
+  NID_setAttr_TokenType = 622;
+
+  SN_setAttr_IssCap = AnsiString('setAttr-IssCap');
+  LN_setAttr_IssCap = AnsiString('issuer capabilities');
+  NID_setAttr_IssCap = 623;
+
+  SN_set_rootKeyThumb = AnsiString('set-rootKeyThumb');
+  NID_set_rootKeyThumb = 624;
+
+  SN_set_addPolicy = AnsiString('set-addPolicy');
+  NID_set_addPolicy = 625;
+
+  SN_setAttr_Token_EMV = AnsiString('setAttr-Token-EMV');
+  NID_setAttr_Token_EMV = 626;
+
+  SN_setAttr_Token_B0Prime = AnsiString('setAttr-Token-B0Prime');
+  NID_setAttr_Token_B0Prime = 627;
+
+  SN_setAttr_IssCap_CVM = AnsiString('setAttr-IssCap-CVM');
+  NID_setAttr_IssCap_CVM = 628;
+
+  SN_setAttr_IssCap_T2 = AnsiString('setAttr-IssCap-T2');
+  NID_setAttr_IssCap_T2 = 629;
+
+  SN_setAttr_IssCap_Sig = AnsiString('setAttr-IssCap-Sig');
+  NID_setAttr_IssCap_Sig = 630;
+
+  SN_setAttr_GenCryptgrm = AnsiString('setAttr-GenCryptgrm');
+  LN_setAttr_GenCryptgrm = AnsiString('generate cryptogram');
+  NID_setAttr_GenCryptgrm = 631;
+
+  SN_setAttr_T2Enc = AnsiString('setAttr-T2Enc');
+  LN_setAttr_T2Enc = AnsiString('encrypted track 2');
+  NID_setAttr_T2Enc = 632;
+
+  SN_setAttr_T2cleartxt = AnsiString('setAttr-T2cleartxt');
+  LN_setAttr_T2cleartxt = AnsiString('cleartext track 2');
+  NID_setAttr_T2cleartxt = 633;
+
+  SN_setAttr_TokICCsig = AnsiString('setAttr-TokICCsig');
+  LN_setAttr_TokICCsig = AnsiString('ICC or token signature');
+  NID_setAttr_TokICCsig = 634;
+
+  SN_setAttr_SecDevSig = AnsiString('setAttr-SecDevSig');
+  LN_setAttr_SecDevSig = AnsiString('secure device signature');
+  NID_setAttr_SecDevSig = 635;
+
+  SN_set_brand_IATA_ATA = AnsiString('set-brand-IATA-ATA');
+  NID_set_brand_IATA_ATA = 636;
+
+  SN_set_brand_Diners = AnsiString('set-brand-Diners');
+  NID_set_brand_Diners = 637;
+
+  SN_set_brand_AmericanExpress = AnsiString('set-brand-AmericanExpress');
+  NID_set_brand_AmericanExpress = 638;
+
+  SN_set_brand_JCB = AnsiString('set-brand-JCB');
+  NID_set_brand_JCB = 639;
+
+  SN_set_brand_Visa = AnsiString('set-brand-Visa');
+  NID_set_brand_Visa = 640;
+
+  SN_set_brand_MasterCard = AnsiString('set-brand-MasterCard');
+  NID_set_brand_MasterCard = 641;
+
+  SN_set_brand_Novus = AnsiString('set-brand-Novus');
+  NID_set_brand_Novus = 642;
+
+  SN_des_cdmf = AnsiString('DES-CDMF');
+  LN_des_cdmf = AnsiString('des-cdmf');
+  NID_des_cdmf = 643;
+
+  SN_rsaOAEPEncryptionSET = AnsiString('rsaOAEPEncryptionSET');
+  NID_rsaOAEPEncryptionSET = 644;
+
+  SN_ipsec3 = AnsiString('Oakley-EC2N-3');
+  LN_ipsec3 = AnsiString('ipsec3');
+  NID_ipsec3 = 749;
+
+  SN_ipsec4 = AnsiString('Oakley-EC2N-4');
+  LN_ipsec4 = AnsiString('ipsec4');
+  NID_ipsec4 = 750;
+
+  SN_whirlpool = AnsiString('whirlpool');
+  NID_whirlpool = 804;
+
+  SN_cryptopro = AnsiString('cryptopro');
+  NID_cryptopro = 805;
+
+  SN_cryptocom = AnsiString('cryptocom');
+  NID_cryptocom = 806;
+
+  SN_id_tc26 = AnsiString('id-tc26');
+  NID_id_tc26 = 974;
+
+  SN_id_GostR3411_94_with_GostR3410_2001 = AnsiString('id-GostR3411-94-with-GostR3410-2001');
+  LN_id_GostR3411_94_with_GostR3410_2001 = AnsiString('GOST R 34.11-94 with GOST R 34.10-2001');
+  NID_id_GostR3411_94_with_GostR3410_2001 = 807;
+
+  SN_id_GostR3411_94_with_GostR3410_94 = AnsiString('id-GostR3411-94-with-GostR3410-94');
+  LN_id_GostR3411_94_with_GostR3410_94 = AnsiString('GOST R 34.11-94 with GOST R 34.10-94');
+  NID_id_GostR3411_94_with_GostR3410_94 = 808;
+
+  SN_id_GostR3411_94 = AnsiString('md_gost94');
+  LN_id_GostR3411_94 = AnsiString('GOST R 34.11-94');
+  NID_id_GostR3411_94 = 809;
+
+  SN_id_HMACGostR3411_94 = AnsiString('id-HMACGostR3411-94');
+  LN_id_HMACGostR3411_94 = AnsiString('HMAC GOST 34.11-94');
+  NID_id_HMACGostR3411_94 = 810;
+
+  SN_id_GostR3410_2001 = AnsiString('gost2001');
+  LN_id_GostR3410_2001 = AnsiString('GOST R 34.10-2001');
+  NID_id_GostR3410_2001 = 811;
+
+  SN_id_GostR3410_94 = AnsiString('gost94');
+  LN_id_GostR3410_94 = AnsiString('GOST R 34.10-94');
+  NID_id_GostR3410_94 = 812;
+
+  SN_id_Gost28147_89 = AnsiString('gost89');
+  LN_id_Gost28147_89 = AnsiString('GOST 28147-89');
+  NID_id_Gost28147_89 = 813;
+
+  SN_gost89_cnt = AnsiString('gost89-cnt');
+  NID_gost89_cnt = 814;
+
+  SN_gost89_cnt_12 = AnsiString('gost89-cnt-12');
+  NID_gost89_cnt_12 = 975;
+
+  SN_gost89_cbc = AnsiString('gost89-cbc');
+  NID_gost89_cbc = 1009;
+
+  SN_gost89_ecb = AnsiString('gost89-ecb');
+  NID_gost89_ecb = 1010;
+
+  SN_gost89_ctr = AnsiString('gost89-ctr');
+  NID_gost89_ctr = 1011;
+
+  SN_id_Gost28147_89_MAC = AnsiString('gost-mac');
+  LN_id_Gost28147_89_MAC = AnsiString('GOST 28147-89 MAC');
+  NID_id_Gost28147_89_MAC = 815;
+
+  SN_gost_mac_12 = AnsiString('gost-mac-12');
+  NID_gost_mac_12 = 976;
+
+  SN_id_GostR3411_94_prf = AnsiString('prf-gostr3411-94');
+  LN_id_GostR3411_94_prf = AnsiString('GOST R 34.11-94 PRF');
+  NID_id_GostR3411_94_prf = 816;
+
+  SN_id_GostR3410_2001DH = AnsiString('id-GostR3410-2001DH');
+  LN_id_GostR3410_2001DH = AnsiString('GOST R 34.10-2001 DH');
+  NID_id_GostR3410_2001DH = 817;
+
+  SN_id_GostR3410_94DH = AnsiString('id-GostR3410-94DH');
+  LN_id_GostR3410_94DH = AnsiString('GOST R 34.10-94 DH');
+  NID_id_GostR3410_94DH = 818;
+
+  SN_id_Gost28147_89_CryptoPro_KeyMeshing = AnsiString('id-Gost28147-89-CryptoPro-KeyMeshing');
+  NID_id_Gost28147_89_CryptoPro_KeyMeshing = 819;
+
+  SN_id_Gost28147_89_None_KeyMeshing = AnsiString('id-Gost28147-89-None-KeyMeshing');
+  NID_id_Gost28147_89_None_KeyMeshing = 820;
+
+  SN_id_GostR3411_94_TestParamSet = AnsiString('id-GostR3411-94-TestParamSet');
+  NID_id_GostR3411_94_TestParamSet = 821;
+
+  SN_id_GostR3411_94_CryptoProParamSet = AnsiString('id-GostR3411-94-CryptoProParamSet');
+  NID_id_GostR3411_94_CryptoProParamSet = 822;
+
+  SN_id_Gost28147_89_TestParamSet = AnsiString('id-Gost28147-89-TestParamSet');
+  NID_id_Gost28147_89_TestParamSet = 823;
+
+  SN_id_Gost28147_89_CryptoPro_A_ParamSet = AnsiString('id-Gost28147-89-CryptoPro-A-ParamSet');
+  NID_id_Gost28147_89_CryptoPro_A_ParamSet = 824;
+
+  SN_id_Gost28147_89_CryptoPro_B_ParamSet = AnsiString('id-Gost28147-89-CryptoPro-B-ParamSet');
+  NID_id_Gost28147_89_CryptoPro_B_ParamSet = 825;
+
+  SN_id_Gost28147_89_CryptoPro_C_ParamSet = AnsiString('id-Gost28147-89-CryptoPro-C-ParamSet');
+  NID_id_Gost28147_89_CryptoPro_C_ParamSet = 826;
+
+  SN_id_Gost28147_89_CryptoPro_D_ParamSet = AnsiString('id-Gost28147-89-CryptoPro-D-ParamSet');
+  NID_id_Gost28147_89_CryptoPro_D_ParamSet = 827;
+
+  SN_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet = AnsiString('id-Gost28147-89-CryptoPro-Oscar-1-1-ParamSet');
+  NID_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet = 828;
+
+  SN_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet = AnsiString('id-Gost28147-89-CryptoPro-Oscar-1-0-ParamSet');
+  NID_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet = 829;
+
+  SN_id_Gost28147_89_CryptoPro_RIC_1_ParamSet = AnsiString('id-Gost28147-89-CryptoPro-RIC-1-ParamSet');
+  NID_id_Gost28147_89_CryptoPro_RIC_1_ParamSet = 830;
+
+  SN_id_GostR3410_94_TestParamSet = AnsiString('id-GostR3410-94-TestParamSet');
+  NID_id_GostR3410_94_TestParamSet = 831;
+
+  SN_id_GostR3410_94_CryptoPro_A_ParamSet = AnsiString('id-GostR3410-94-CryptoPro-A-ParamSet');
+  NID_id_GostR3410_94_CryptoPro_A_ParamSet = 832;
+
+  SN_id_GostR3410_94_CryptoPro_B_ParamSet = AnsiString('id-GostR3410-94-CryptoPro-B-ParamSet');
+  NID_id_GostR3410_94_CryptoPro_B_ParamSet = 833;
+
+  SN_id_GostR3410_94_CryptoPro_C_ParamSet = AnsiString('id-GostR3410-94-CryptoPro-C-ParamSet');
+  NID_id_GostR3410_94_CryptoPro_C_ParamSet = 834;
+
+  SN_id_GostR3410_94_CryptoPro_D_ParamSet = AnsiString('id-GostR3410-94-CryptoPro-D-ParamSet');
+  NID_id_GostR3410_94_CryptoPro_D_ParamSet = 835;
+
+  SN_id_GostR3410_94_CryptoPro_XchA_ParamSet = AnsiString('id-GostR3410-94-CryptoPro-XchA-ParamSet');
+  NID_id_GostR3410_94_CryptoPro_XchA_ParamSet = 836;
+
+  SN_id_GostR3410_94_CryptoPro_XchB_ParamSet = AnsiString('id-GostR3410-94-CryptoPro-XchB-ParamSet');
+  NID_id_GostR3410_94_CryptoPro_XchB_ParamSet = 837;
+
+  SN_id_GostR3410_94_CryptoPro_XchC_ParamSet = AnsiString('id-GostR3410-94-CryptoPro-XchC-ParamSet');
+  NID_id_GostR3410_94_CryptoPro_XchC_ParamSet = 838;
+
+  SN_id_GostR3410_2001_TestParamSet = AnsiString('id-GostR3410-2001-TestParamSet');
+  NID_id_GostR3410_2001_TestParamSet = 839;
+
+  SN_id_GostR3410_2001_CryptoPro_A_ParamSet = AnsiString('id-GostR3410-2001-CryptoPro-A-ParamSet');
+  NID_id_GostR3410_2001_CryptoPro_A_ParamSet = 840;
+
+  SN_id_GostR3410_2001_CryptoPro_B_ParamSet = AnsiString('id-GostR3410-2001-CryptoPro-B-ParamSet');
+  NID_id_GostR3410_2001_CryptoPro_B_ParamSet = 841;
+
+  SN_id_GostR3410_2001_CryptoPro_C_ParamSet = AnsiString('id-GostR3410-2001-CryptoPro-C-ParamSet');
+  NID_id_GostR3410_2001_CryptoPro_C_ParamSet = 842;
+
+  SN_id_GostR3410_2001_CryptoPro_XchA_ParamSet = AnsiString('id-GostR3410-2001-CryptoPro-XchA-ParamSet');
+  NID_id_GostR3410_2001_CryptoPro_XchA_ParamSet = 843;
+
+  SN_id_GostR3410_2001_CryptoPro_XchB_ParamSet = AnsiString('id-GostR3410-2001-CryptoPro-XchB-ParamSet');
+  NID_id_GostR3410_2001_CryptoPro_XchB_ParamSet = 844;
+
+  SN_id_GostR3410_94_a = AnsiString('id-GostR3410-94-a');
+  NID_id_GostR3410_94_a = 845;
+
+  SN_id_GostR3410_94_aBis = AnsiString('id-GostR3410-94-aBis');
+  NID_id_GostR3410_94_aBis = 846;
+
+  SN_id_GostR3410_94_b = AnsiString('id-GostR3410-94-b');
+  NID_id_GostR3410_94_b = 847;
+
+  SN_id_GostR3410_94_bBis = AnsiString('id-GostR3410-94-bBis');
+  NID_id_GostR3410_94_bBis = 848;
+
+  SN_id_Gost28147_89_cc = AnsiString('id-Gost28147-89-cc');
+  LN_id_Gost28147_89_cc = AnsiString('GOST 28147-89 Cryptocom ParamSet');
+  NID_id_Gost28147_89_cc = 849;
+
+  SN_id_GostR3410_94_cc = AnsiString('gost94cc');
+  LN_id_GostR3410_94_cc = AnsiString('GOST 34.10-94 Cryptocom');
+  NID_id_GostR3410_94_cc = 850;
+
+  SN_id_GostR3410_2001_cc = AnsiString('gost2001cc');
+  LN_id_GostR3410_2001_cc = AnsiString('GOST 34.10-2001 Cryptocom');
+  NID_id_GostR3410_2001_cc = 851;
+
+  SN_id_GostR3411_94_with_GostR3410_94_cc = AnsiString('id-GostR3411-94-with-GostR3410-94-cc');
+  LN_id_GostR3411_94_with_GostR3410_94_cc = AnsiString('GOST R 34.11-94 with GOST R 34.10-94 Cryptocom');
+  NID_id_GostR3411_94_with_GostR3410_94_cc = 852;
+
+  SN_id_GostR3411_94_with_GostR3410_2001_cc = AnsiString('id-GostR3411-94-with-GostR3410-2001-cc');
+  LN_id_GostR3411_94_with_GostR3410_2001_cc = AnsiString('GOST R 34.11-94 with GOST R 34.10-2001 Cryptocom');
+  NID_id_GostR3411_94_with_GostR3410_2001_cc = 853;
+
+  SN_id_GostR3410_2001_ParamSet_cc = AnsiString('id-GostR3410-2001-ParamSet-cc');
+  LN_id_GostR3410_2001_ParamSet_cc = AnsiString('GOST R 3410-2001 Parameter Set Cryptocom');
+  NID_id_GostR3410_2001_ParamSet_cc = 854;
+
+  SN_id_tc26_algorithms = AnsiString('id-tc26-algorithms');
+  NID_id_tc26_algorithms = 977;
+
+  SN_id_tc26_sign = AnsiString('id-tc26-sign');
+  NID_id_tc26_sign = 978;
+
+  SN_id_GostR3410_2012_256 = AnsiString('gost2012_256');
+  LN_id_GostR3410_2012_256 = AnsiString('GOST R 34.10-2012 with 256 bit modulus');
+  NID_id_GostR3410_2012_256 = 979;
+
+  SN_id_GostR3410_2012_512 = AnsiString('gost2012_512');
+  LN_id_GostR3410_2012_512 = AnsiString('GOST R 34.10-2012 with 512 bit modulus');
+  NID_id_GostR3410_2012_512 = 980;
+
+  SN_id_tc26_digest = AnsiString('id-tc26-digest');
+  NID_id_tc26_digest = 981;
+
+  SN_id_GostR3411_2012_256 = AnsiString('md_gost12_256');
+  LN_id_GostR3411_2012_256 = AnsiString('GOST R 34.11-2012 with 256 bit hash');
+  NID_id_GostR3411_2012_256 = 982;
+
+  SN_id_GostR3411_2012_512 = AnsiString('md_gost12_512');
+  LN_id_GostR3411_2012_512 = AnsiString('GOST R 34.11-2012 with 512 bit hash');
+  NID_id_GostR3411_2012_512 = 983;
+
+  SN_id_tc26_signwithdigest = AnsiString('id-tc26-signwithdigest');
+  NID_id_tc26_signwithdigest = 984;
+
+  SN_id_tc26_signwithdigest_gost3410_2012_256 = AnsiString('id-tc26-signwithdigest-gost3410-2012-256');
+  LN_id_tc26_signwithdigest_gost3410_2012_256 = AnsiString('GOST R 34.10-2012 with GOST R 34.11-2012(256 bit)');
+  NID_id_tc26_signwithdigest_gost3410_2012_256 = 985;
+
+  SN_id_tc26_signwithdigest_gost3410_2012_512 = AnsiString('id-tc26-signwithdigest-gost3410-2012-512');
+  LN_id_tc26_signwithdigest_gost3410_2012_512 = AnsiString('GOST R 34.10-2012 with GOST R 34.11-2012(512 bit)');
+  NID_id_tc26_signwithdigest_gost3410_2012_512 = 986;
+
+  SN_id_tc26_mac = AnsiString('id-tc26-mac');
+  NID_id_tc26_mac = 987;
+
+  SN_id_tc26_hmac_gost_3411_2012_256 = AnsiString('id-tc26-hmac-gost-3411-2012-256');
+  LN_id_tc26_hmac_gost_3411_2012_256 = AnsiString('HMAC GOST 34.11-2012 256 bit');
+  NID_id_tc26_hmac_gost_3411_2012_256 = 988;
+
+  SN_id_tc26_hmac_gost_3411_2012_512 = AnsiString('id-tc26-hmac-gost-3411-2012-512');
+  LN_id_tc26_hmac_gost_3411_2012_512 = AnsiString('HMAC GOST 34.11-2012 512 bit');
+  NID_id_tc26_hmac_gost_3411_2012_512 = 989;
+
+  SN_id_tc26_cipher = AnsiString('id-tc26-cipher');
+  NID_id_tc26_cipher = 990;
+
+  SN_id_tc26_cipher_gostr3412_2015_magma = AnsiString('id-tc26-cipher-gostr3412-2015-magma');
+  NID_id_tc26_cipher_gostr3412_2015_magma = 1173;
+
+  SN_id_tc26_cipher_gostr3412_2015_magma_ctracpkm = AnsiString('id-tc26-cipher-gostr3412-2015-magma-ctracpkm');
+  NID_id_tc26_cipher_gostr3412_2015_magma_ctracpkm = 1174;
+
+  SN_id_tc26_cipher_gostr3412_2015_magma_ctracpkm_omac = AnsiString('id-tc26-cipher-gostr3412-2015-magma-ctracpkm-omac');
+  NID_id_tc26_cipher_gostr3412_2015_magma_ctracpkm_omac = 1175;
+
+  SN_id_tc26_cipher_gostr3412_2015_kuznyechik = AnsiString('id-tc26-cipher-gostr3412-2015-kuznyechik');
+  NID_id_tc26_cipher_gostr3412_2015_kuznyechik = 1176;
+
+  SN_id_tc26_cipher_gostr3412_2015_kuznyechik_ctracpkm = AnsiString('id-tc26-cipher-gostr3412-2015-kuznyechik-ctracpkm');
+  NID_id_tc26_cipher_gostr3412_2015_kuznyechik_ctracpkm = 1177;
+
+  SN_id_tc26_cipher_gostr3412_2015_kuznyechik_ctracpkm_omac = AnsiString('id-tc26-cipher-gostr3412-2015-kuznyechik-ctracpkm-omac');
+  NID_id_tc26_cipher_gostr3412_2015_kuznyechik_ctracpkm_omac = 1178;
+
+  SN_id_tc26_agreement = AnsiString('id-tc26-agreement');
+  NID_id_tc26_agreement = 991;
+
+  SN_id_tc26_agreement_gost_3410_2012_256 = AnsiString('id-tc26-agreement-gost-3410-2012-256');
+  NID_id_tc26_agreement_gost_3410_2012_256 = 992;
+
+  SN_id_tc26_agreement_gost_3410_2012_512 = AnsiString('id-tc26-agreement-gost-3410-2012-512');
+  NID_id_tc26_agreement_gost_3410_2012_512 = 993;
+
+  SN_id_tc26_wrap = AnsiString('id-tc26-wrap');
+  NID_id_tc26_wrap = 1179;
+
+  SN_id_tc26_wrap_gostr3412_2015_magma = AnsiString('id-tc26-wrap-gostr3412-2015-magma');
+  NID_id_tc26_wrap_gostr3412_2015_magma = 1180;
+
+  SN_id_tc26_wrap_gostr3412_2015_magma_kexp15 = AnsiString('id-tc26-wrap-gostr3412-2015-magma-kexp15');
+  NID_id_tc26_wrap_gostr3412_2015_magma_kexp15 = 1181;
+
+  SN_id_tc26_wrap_gostr3412_2015_kuznyechik = AnsiString('id-tc26-wrap-gostr3412-2015-kuznyechik');
+  NID_id_tc26_wrap_gostr3412_2015_kuznyechik = 1182;
+
+  SN_id_tc26_wrap_gostr3412_2015_kuznyechik_kexp15 = AnsiString('id-tc26-wrap-gostr3412-2015-kuznyechik-kexp15');
+  NID_id_tc26_wrap_gostr3412_2015_kuznyechik_kexp15 = 1183;
+
+  SN_id_tc26_constants = AnsiString('id-tc26-constants');
+  NID_id_tc26_constants = 994;
+
+  SN_id_tc26_sign_constants = AnsiString('id-tc26-sign-constants');
+  NID_id_tc26_sign_constants = 995;
+
+  SN_id_tc26_gost_3410_2012_256_constants = AnsiString('id-tc26-gost-3410-2012-256-constants');
+  NID_id_tc26_gost_3410_2012_256_constants = 1147;
+
+  SN_id_tc26_gost_3410_2012_256_paramSetA = AnsiString('id-tc26-gost-3410-2012-256-paramSetA');
+  LN_id_tc26_gost_3410_2012_256_paramSetA = AnsiString('GOST R 34.10-2012(256 bit)ParamSet A');
+  NID_id_tc26_gost_3410_2012_256_paramSetA = 1148;
+
+  SN_id_tc26_gost_3410_2012_256_paramSetB = AnsiString('id-tc26-gost-3410-2012-256-paramSetB');
+  LN_id_tc26_gost_3410_2012_256_paramSetB = AnsiString('GOST R 34.10-2012(256 bit)ParamSet B');
+  NID_id_tc26_gost_3410_2012_256_paramSetB = 1184;
+
+  SN_id_tc26_gost_3410_2012_256_paramSetC = AnsiString('id-tc26-gost-3410-2012-256-paramSetC');
+  LN_id_tc26_gost_3410_2012_256_paramSetC = AnsiString('GOST R 34.10-2012(256 bit)ParamSet C');
+  NID_id_tc26_gost_3410_2012_256_paramSetC = 1185;
+
+  SN_id_tc26_gost_3410_2012_256_paramSetD = AnsiString('id-tc26-gost-3410-2012-256-paramSetD');
+  LN_id_tc26_gost_3410_2012_256_paramSetD = AnsiString('GOST R 34.10-2012(256 bit)ParamSet D');
+  NID_id_tc26_gost_3410_2012_256_paramSetD = 1186;
+
+  SN_id_tc26_gost_3410_2012_512_constants = AnsiString('id-tc26-gost-3410-2012-512-constants');
+  NID_id_tc26_gost_3410_2012_512_constants = 996;
+
+  SN_id_tc26_gost_3410_2012_512_paramSetTest = AnsiString('id-tc26-gost-3410-2012-512-paramSetTest');
+  LN_id_tc26_gost_3410_2012_512_paramSetTest = AnsiString('GOST R 34.10-2012(512 bit)testing parameter set');
+  NID_id_tc26_gost_3410_2012_512_paramSetTest = 997;
+
+  SN_id_tc26_gost_3410_2012_512_paramSetA = AnsiString('id-tc26-gost-3410-2012-512-paramSetA');
+  LN_id_tc26_gost_3410_2012_512_paramSetA = AnsiString('GOST R 34.10-2012(512 bit)ParamSet A');
+  NID_id_tc26_gost_3410_2012_512_paramSetA = 998;
+
+  SN_id_tc26_gost_3410_2012_512_paramSetB = AnsiString('id-tc26-gost-3410-2012-512-paramSetB');
+  LN_id_tc26_gost_3410_2012_512_paramSetB = AnsiString('GOST R 34.10-2012(512 bit)ParamSet B');
+  NID_id_tc26_gost_3410_2012_512_paramSetB = 999;
+
+  SN_id_tc26_gost_3410_2012_512_paramSetC = AnsiString('id-tc26-gost-3410-2012-512-paramSetC');
+  LN_id_tc26_gost_3410_2012_512_paramSetC = AnsiString('GOST R 34.10-2012(512 bit)ParamSet C');
+  NID_id_tc26_gost_3410_2012_512_paramSetC = 1149;
+
+  SN_id_tc26_digest_constants = AnsiString('id-tc26-digest-constants');
+  NID_id_tc26_digest_constants = 1000;
+
+  SN_id_tc26_cipher_constants = AnsiString('id-tc26-cipher-constants');
+  NID_id_tc26_cipher_constants = 1001;
+
+  SN_id_tc26_gost_28147_constants = AnsiString('id-tc26-gost-28147-constants');
+  NID_id_tc26_gost_28147_constants = 1002;
+
+  SN_id_tc26_gost_28147_param_Z = AnsiString('id-tc26-gost-28147-param-Z');
+  LN_id_tc26_gost_28147_param_Z = AnsiString('GOST 28147-89 TC26 parameter set');
+  NID_id_tc26_gost_28147_param_Z = 1003;
+
+  SN_INN = AnsiString('INN');
+  LN_INN = AnsiString('INN');
+  NID_INN = 1004;
+
+  SN_OGRN = AnsiString('OGRN');
+  LN_OGRN = AnsiString('OGRN');
+  NID_OGRN = 1005;
+
+  SN_SNILS = AnsiString('SNILS');
+  LN_SNILS = AnsiString('SNILS');
+  NID_SNILS = 1006;
+
+  SN_subjectSignTool = AnsiString('subjectSignTool');
+  LN_subjectSignTool = AnsiString('Signing Tool of Subject');
+  NID_subjectSignTool = 1007;
+
+  SN_issuerSignTool = AnsiString('issuerSignTool');
+  LN_issuerSignTool = AnsiString('Signing Tool of Issuer');
+  NID_issuerSignTool = 1008;
+
+  SN_grasshopper_ecb = AnsiString('grasshopper-ecb');
+  NID_grasshopper_ecb = 1012;
+
+  SN_grasshopper_ctr = AnsiString('grasshopper-ctr');
+  NID_grasshopper_ctr = 1013;
+
+  SN_grasshopper_ofb = AnsiString('grasshopper-ofb');
+  NID_grasshopper_ofb = 1014;
+
+  SN_grasshopper_cbc = AnsiString('grasshopper-cbc');
+  NID_grasshopper_cbc = 1015;
+
+  SN_grasshopper_cfb = AnsiString('grasshopper-cfb');
+  NID_grasshopper_cfb = 1016;
+
+  SN_grasshopper_mac = AnsiString('grasshopper-mac');
+  NID_grasshopper_mac = 1017;
+
+  SN_magma_ecb = AnsiString('magma-ecb');
+  NID_magma_ecb = 1187;
+
+  SN_magma_ctr = AnsiString('magma-ctr');
+  NID_magma_ctr = 1188;
+
+  SN_magma_ofb = AnsiString('magma-ofb');
+  NID_magma_ofb = 1189;
+
+  SN_magma_cbc = AnsiString('magma-cbc');
+  NID_magma_cbc = 1190;
+
+  SN_magma_cfb = AnsiString('magma-cfb');
+  NID_magma_cfb = 1191;
+
+  SN_magma_mac = AnsiString('magma-mac');
+  NID_magma_mac = 1192;
+
+  SN_camellia_128_cbc = AnsiString('CAMELLIA-128-CBC');
+  LN_camellia_128_cbc = AnsiString('camellia-128-cbc');
+  NID_camellia_128_cbc = 751;
+
+  SN_camellia_192_cbc = AnsiString('CAMELLIA-192-CBC');
+  LN_camellia_192_cbc = AnsiString('camellia-192-cbc');
+  NID_camellia_192_cbc = 752;
+
+  SN_camellia_256_cbc = AnsiString('CAMELLIA-256-CBC');
+  LN_camellia_256_cbc = AnsiString('camellia-256-cbc');
+  NID_camellia_256_cbc = 753;
+
+  SN_id_camellia128_wrap = AnsiString('id-camellia128-wrap');
+  NID_id_camellia128_wrap = 907;
+
+  SN_id_camellia192_wrap = AnsiString('id-camellia192-wrap');
+  NID_id_camellia192_wrap = 908;
+
+  SN_id_camellia256_wrap = AnsiString('id-camellia256-wrap');
+  NID_id_camellia256_wrap = 909;
+
+  SN_camellia_128_ecb = AnsiString('CAMELLIA-128-ECB');
+  LN_camellia_128_ecb = AnsiString('camellia-128-ecb');
+  NID_camellia_128_ecb = 754;
+
+  SN_camellia_128_ofb128 = AnsiString('CAMELLIA-128-OFB');
+  LN_camellia_128_ofb128 = AnsiString('camellia-128-ofb');
+  NID_camellia_128_ofb128 = 766;
+
+  SN_camellia_128_cfb128 = AnsiString('CAMELLIA-128-CFB');
+  LN_camellia_128_cfb128 = AnsiString('camellia-128-cfb');
+  NID_camellia_128_cfb128 = 757;
+
+  SN_camellia_128_gcm = AnsiString('CAMELLIA-128-GCM');
+  LN_camellia_128_gcm = AnsiString('camellia-128-gcm');
+  NID_camellia_128_gcm = 961;
+
+  SN_camellia_128_ccm = AnsiString('CAMELLIA-128-CCM');
+  LN_camellia_128_ccm = AnsiString('camellia-128-ccm');
+  NID_camellia_128_ccm = 962;
+
+  SN_camellia_128_ctr = AnsiString('CAMELLIA-128-CTR');
+  LN_camellia_128_ctr = AnsiString('camellia-128-ctr');
+  NID_camellia_128_ctr = 963;
+
+  SN_camellia_128_cmac = AnsiString('CAMELLIA-128-CMAC');
+  LN_camellia_128_cmac = AnsiString('camellia-128-cmac');
+  NID_camellia_128_cmac = 964;
+
+  SN_camellia_192_ecb = AnsiString('CAMELLIA-192-ECB');
+  LN_camellia_192_ecb = AnsiString('camellia-192-ecb');
+  NID_camellia_192_ecb = 755;
+
+  SN_camellia_192_ofb128 = AnsiString('CAMELLIA-192-OFB');
+  LN_camellia_192_ofb128 = AnsiString('camellia-192-ofb');
+  NID_camellia_192_ofb128 = 767;
+
+  SN_camellia_192_cfb128 = AnsiString('CAMELLIA-192-CFB');
+  LN_camellia_192_cfb128 = AnsiString('camellia-192-cfb');
+  NID_camellia_192_cfb128 = 758;
+
+  SN_camellia_192_gcm = AnsiString('CAMELLIA-192-GCM');
+  LN_camellia_192_gcm = AnsiString('camellia-192-gcm');
+  NID_camellia_192_gcm = 965;
+
+  SN_camellia_192_ccm = AnsiString('CAMELLIA-192-CCM');
+  LN_camellia_192_ccm = AnsiString('camellia-192-ccm');
+  NID_camellia_192_ccm = 966;
+
+  SN_camellia_192_ctr = AnsiString('CAMELLIA-192-CTR');
+  LN_camellia_192_ctr = AnsiString('camellia-192-ctr');
+  NID_camellia_192_ctr = 967;
+
+  SN_camellia_192_cmac = AnsiString('CAMELLIA-192-CMAC');
+  LN_camellia_192_cmac = AnsiString('camellia-192-cmac');
+  NID_camellia_192_cmac = 968;
+
+  SN_camellia_256_ecb = AnsiString('CAMELLIA-256-ECB');
+  LN_camellia_256_ecb = AnsiString('camellia-256-ecb');
+  NID_camellia_256_ecb = 756;
+
+  SN_camellia_256_ofb128 = AnsiString('CAMELLIA-256-OFB');
+  LN_camellia_256_ofb128 = AnsiString('camellia-256-ofb');
+  NID_camellia_256_ofb128 = 768;
+
+  SN_camellia_256_cfb128 = AnsiString('CAMELLIA-256-CFB');
+  LN_camellia_256_cfb128 = AnsiString('camellia-256-cfb');
+  NID_camellia_256_cfb128 = 759;
+
+  SN_camellia_256_gcm = AnsiString('CAMELLIA-256-GCM');
+  LN_camellia_256_gcm = AnsiString('camellia-256-gcm');
+  NID_camellia_256_gcm = 969;
+
+  SN_camellia_256_ccm = AnsiString('CAMELLIA-256-CCM');
+  LN_camellia_256_ccm = AnsiString('camellia-256-ccm');
+  NID_camellia_256_ccm = 970;
+
+  SN_camellia_256_ctr = AnsiString('CAMELLIA-256-CTR');
+  LN_camellia_256_ctr = AnsiString('camellia-256-ctr');
+  NID_camellia_256_ctr = 971;
+
+  SN_camellia_256_cmac = AnsiString('CAMELLIA-256-CMAC');
+  LN_camellia_256_cmac = AnsiString('camellia-256-cmac');
+  NID_camellia_256_cmac = 972;
+
+  SN_camellia_128_cfb1 = AnsiString('CAMELLIA-128-CFB1');
+  LN_camellia_128_cfb1 = AnsiString('camellia-128-cfb1');
+  NID_camellia_128_cfb1 = 760;
+
+  SN_camellia_192_cfb1 = AnsiString('CAMELLIA-192-CFB1');
+  LN_camellia_192_cfb1 = AnsiString('camellia-192-cfb1');
+  NID_camellia_192_cfb1 = 761;
+
+  SN_camellia_256_cfb1 = AnsiString('CAMELLIA-256-CFB1');
+  LN_camellia_256_cfb1 = AnsiString('camellia-256-cfb1');
+  NID_camellia_256_cfb1 = 762;
+
+  SN_camellia_128_cfb8 = AnsiString('CAMELLIA-128-CFB8');
+  LN_camellia_128_cfb8 = AnsiString('camellia-128-cfb8');
+  NID_camellia_128_cfb8 = 763;
+
+  SN_camellia_192_cfb8 = AnsiString('CAMELLIA-192-CFB8');
+  LN_camellia_192_cfb8 = AnsiString('camellia-192-cfb8');
+  NID_camellia_192_cfb8 = 764;
+
+  SN_camellia_256_cfb8 = AnsiString('CAMELLIA-256-CFB8');
+  LN_camellia_256_cfb8 = AnsiString('camellia-256-cfb8');
+  NID_camellia_256_cfb8 = 765;
+
+  SN_aria_128_ecb = AnsiString('ARIA-128-ECB');
+  LN_aria_128_ecb = AnsiString('aria-128-ecb');
+  NID_aria_128_ecb = 1065;
+
+  SN_aria_128_cbc = AnsiString('ARIA-128-CBC');
+  LN_aria_128_cbc = AnsiString('aria-128-cbc');
+  NID_aria_128_cbc = 1066;
+
+  SN_aria_128_cfb128 = AnsiString('ARIA-128-CFB');
+  LN_aria_128_cfb128 = AnsiString('aria-128-cfb');
+  NID_aria_128_cfb128 = 1067;
+
+  SN_aria_128_ofb128 = AnsiString('ARIA-128-OFB');
+  LN_aria_128_ofb128 = AnsiString('aria-128-ofb');
+  NID_aria_128_ofb128 = 1068;
+
+  SN_aria_128_ctr = AnsiString('ARIA-128-CTR');
+  LN_aria_128_ctr = AnsiString('aria-128-ctr');
+  NID_aria_128_ctr = 1069;
+
+  SN_aria_192_ecb = AnsiString('ARIA-192-ECB');
+  LN_aria_192_ecb = AnsiString('aria-192-ecb');
+  NID_aria_192_ecb = 1070;
+
+  SN_aria_192_cbc = AnsiString('ARIA-192-CBC');
+  LN_aria_192_cbc = AnsiString('aria-192-cbc');
+  NID_aria_192_cbc = 1071;
+
+  SN_aria_192_cfb128 = AnsiString('ARIA-192-CFB');
+  LN_aria_192_cfb128 = AnsiString('aria-192-cfb');
+  NID_aria_192_cfb128 = 1072;
+
+  SN_aria_192_ofb128 = AnsiString('ARIA-192-OFB');
+  LN_aria_192_ofb128 = AnsiString('aria-192-ofb');
+  NID_aria_192_ofb128 = 1073;
+
+  SN_aria_192_ctr = AnsiString('ARIA-192-CTR');
+  LN_aria_192_ctr = AnsiString('aria-192-ctr');
+  NID_aria_192_ctr = 1074;
+
+  SN_aria_256_ecb = AnsiString('ARIA-256-ECB');
+  LN_aria_256_ecb = AnsiString('aria-256-ecb');
+  NID_aria_256_ecb = 1075;
+
+  SN_aria_256_cbc = AnsiString('ARIA-256-CBC');
+  LN_aria_256_cbc = AnsiString('aria-256-cbc');
+  NID_aria_256_cbc = 1076;
+
+  SN_aria_256_cfb128 = AnsiString('ARIA-256-CFB');
+  LN_aria_256_cfb128 = AnsiString('aria-256-cfb');
+  NID_aria_256_cfb128 = 1077;
+
+  SN_aria_256_ofb128 = AnsiString('ARIA-256-OFB');
+  LN_aria_256_ofb128 = AnsiString('aria-256-ofb');
+  NID_aria_256_ofb128 = 1078;
+
+  SN_aria_256_ctr = AnsiString('ARIA-256-CTR');
+  LN_aria_256_ctr = AnsiString('aria-256-ctr');
+  NID_aria_256_ctr = 1079;
+
+  SN_aria_128_cfb1 = AnsiString('ARIA-128-CFB1');
+  LN_aria_128_cfb1 = AnsiString('aria-128-cfb1');
+  NID_aria_128_cfb1 = 1080;
+
+  SN_aria_192_cfb1 = AnsiString('ARIA-192-CFB1');
+  LN_aria_192_cfb1 = AnsiString('aria-192-cfb1');
+  NID_aria_192_cfb1 = 1081;
+
+  SN_aria_256_cfb1 = AnsiString('ARIA-256-CFB1');
+  LN_aria_256_cfb1 = AnsiString('aria-256-cfb1');
+  NID_aria_256_cfb1 = 1082;
+
+  SN_aria_128_cfb8 = AnsiString('ARIA-128-CFB8');
+  LN_aria_128_cfb8 = AnsiString('aria-128-cfb8');
+  NID_aria_128_cfb8 = 1083;
+
+  SN_aria_192_cfb8 = AnsiString('ARIA-192-CFB8');
+  LN_aria_192_cfb8 = AnsiString('aria-192-cfb8');
+  NID_aria_192_cfb8 = 1084;
+
+  SN_aria_256_cfb8 = AnsiString('ARIA-256-CFB8');
+  LN_aria_256_cfb8 = AnsiString('aria-256-cfb8');
+  NID_aria_256_cfb8 = 1085;
+
+  SN_aria_128_ccm = AnsiString('ARIA-128-CCM');
+  LN_aria_128_ccm = AnsiString('aria-128-ccm');
+  NID_aria_128_ccm = 1120;
+
+  SN_aria_192_ccm = AnsiString('ARIA-192-CCM');
+  LN_aria_192_ccm = AnsiString('aria-192-ccm');
+  NID_aria_192_ccm = 1121;
+
+  SN_aria_256_ccm = AnsiString('ARIA-256-CCM');
+  LN_aria_256_ccm = AnsiString('aria-256-ccm');
+  NID_aria_256_ccm = 1122;
+
+  SN_aria_128_gcm = AnsiString('ARIA-128-GCM');
+  LN_aria_128_gcm = AnsiString('aria-128-gcm');
+  NID_aria_128_gcm = 1123;
+
+  SN_aria_192_gcm = AnsiString('ARIA-192-GCM');
+  LN_aria_192_gcm = AnsiString('aria-192-gcm');
+  NID_aria_192_gcm = 1124;
+
+  SN_aria_256_gcm = AnsiString('ARIA-256-GCM');
+  LN_aria_256_gcm = AnsiString('aria-256-gcm');
+  NID_aria_256_gcm = 1125;
+
+  SN_kisa = AnsiString('KISA');
+  LN_kisa = AnsiString('kisa');
+  NID_kisa = 773;
+
+  SN_seed_ecb = AnsiString('SEED-ECB');
+  LN_seed_ecb = AnsiString('seed-ecb');
+  NID_seed_ecb = 776;
+
+  SN_seed_cbc = AnsiString('SEED-CBC');
+  LN_seed_cbc = AnsiString('seed-cbc');
+  NID_seed_cbc = 777;
+
+  SN_seed_cfb128 = AnsiString('SEED-CFB');
+  LN_seed_cfb128 = AnsiString('seed-cfb');
+  NID_seed_cfb128 = 779;
+
+  SN_seed_ofb128 = AnsiString('SEED-OFB');
+  LN_seed_ofb128 = AnsiString('seed-ofb');
+  NID_seed_ofb128 = 778;
+
+  SN_sm4_ecb = AnsiString('SM4-ECB');
+  LN_sm4_ecb = AnsiString('sm4-ecb');
+  NID_sm4_ecb = 1133;
+
+  SN_sm4_cbc = AnsiString('SM4-CBC');
+  LN_sm4_cbc = AnsiString('sm4-cbc');
+  NID_sm4_cbc = 1134;
+
+  SN_sm4_ofb128 = AnsiString('SM4-OFB');
+  LN_sm4_ofb128 = AnsiString('sm4-ofb');
+  NID_sm4_ofb128 = 1135;
+
+  SN_sm4_cfb128 = AnsiString('SM4-CFB');
+  LN_sm4_cfb128 = AnsiString('sm4-cfb');
+  NID_sm4_cfb128 = 1137;
+
+  SN_sm4_cfb1 = AnsiString('SM4-CFB1');
+  LN_sm4_cfb1 = AnsiString('sm4-cfb1');
+  NID_sm4_cfb1 = 1136;
+
+  SN_sm4_cfb8 = AnsiString('SM4-CFB8');
+  LN_sm4_cfb8 = AnsiString('sm4-cfb8');
+  NID_sm4_cfb8 = 1138;
+
+  SN_sm4_ctr = AnsiString('SM4-CTR');
+  LN_sm4_ctr = AnsiString('sm4-ctr');
+  NID_sm4_ctr = 1139;
+
+  SN_hmac = AnsiString('HMAC');
+  LN_hmac = AnsiString('hmac');
+  NID_hmac = 855;
+
+  SN_cmac = AnsiString('CMAC');
+  LN_cmac = AnsiString('cmac');
+  NID_cmac = 894;
+
+  SN_rc4_hmac_md5 = AnsiString('RC4-HMAC-MD5');
+  LN_rc4_hmac_md5 = AnsiString('rc4-hmac-md5');
+  NID_rc4_hmac_md5 = 915;
+
+  SN_aes_128_cbc_hmac_sha1 = AnsiString('AES-128-CBC-HMAC-SHA1');
+  LN_aes_128_cbc_hmac_sha1 = AnsiString('aes-128-cbc-hmac-sha1');
+  NID_aes_128_cbc_hmac_sha1 = 916;
+
+  SN_aes_192_cbc_hmac_sha1 = AnsiString('AES-192-CBC-HMAC-SHA1');
+  LN_aes_192_cbc_hmac_sha1 = AnsiString('aes-192-cbc-hmac-sha1');
+  NID_aes_192_cbc_hmac_sha1 = 917;
+
+  SN_aes_256_cbc_hmac_sha1 = AnsiString('AES-256-CBC-HMAC-SHA1');
+  LN_aes_256_cbc_hmac_sha1 = AnsiString('aes-256-cbc-hmac-sha1');
+  NID_aes_256_cbc_hmac_sha1 = 918;
+
+  SN_aes_128_cbc_hmac_sha256 = AnsiString('AES-128-CBC-HMAC-SHA256');
+  LN_aes_128_cbc_hmac_sha256 = AnsiString('aes-128-cbc-hmac-sha256');
+  NID_aes_128_cbc_hmac_sha256 = 948;
+
+  SN_aes_192_cbc_hmac_sha256 = AnsiString('AES-192-CBC-HMAC-SHA256');
+  LN_aes_192_cbc_hmac_sha256 = AnsiString('aes-192-cbc-hmac-sha256');
+  NID_aes_192_cbc_hmac_sha256 = 949;
+
+  SN_aes_256_cbc_hmac_sha256 = AnsiString('AES-256-CBC-HMAC-SHA256');
+  LN_aes_256_cbc_hmac_sha256 = AnsiString('aes-256-cbc-hmac-sha256');
+  NID_aes_256_cbc_hmac_sha256 = 950;
+
+  SN_chacha20_poly1305 = AnsiString('ChaCha20-Poly1305');
+  LN_chacha20_poly1305 = AnsiString('chacha20-poly1305');
+  NID_chacha20_poly1305 = 1018;
+
+  SN_chacha20 = AnsiString('ChaCha20');
+  LN_chacha20 = AnsiString('chacha20');
+  NID_chacha20 = 1019;
+
+  SN_dhpublicnumber = AnsiString('dhpublicnumber');
+  LN_dhpublicnumber = AnsiString('X9.42 DH');
+  NID_dhpublicnumber = 920;
+
+  SN_brainpoolP160r1 = AnsiString('brainpoolP160r1');
+  NID_brainpoolP160r1 = 921;
+
+  SN_brainpoolP160t1 = AnsiString('brainpoolP160t1');
+  NID_brainpoolP160t1 = 922;
+
+  SN_brainpoolP192r1 = AnsiString('brainpoolP192r1');
+  NID_brainpoolP192r1 = 923;
+
+  SN_brainpoolP192t1 = AnsiString('brainpoolP192t1');
+  NID_brainpoolP192t1 = 924;
+
+  SN_brainpoolP224r1 = AnsiString('brainpoolP224r1');
+  NID_brainpoolP224r1 = 925;
+
+  SN_brainpoolP224t1 = AnsiString('brainpoolP224t1');
+  NID_brainpoolP224t1 = 926;
+
+  SN_brainpoolP256r1 = AnsiString('brainpoolP256r1');
+  NID_brainpoolP256r1 = 927;
+
+  SN_brainpoolP256t1 = AnsiString('brainpoolP256t1');
+  NID_brainpoolP256t1 = 928;
+
+  SN_brainpoolP320r1 = AnsiString('brainpoolP320r1');
+  NID_brainpoolP320r1 = 929;
+
+  SN_brainpoolP320t1 = AnsiString('brainpoolP320t1');
+  NID_brainpoolP320t1 = 930;
+
+  SN_brainpoolP384r1 = AnsiString('brainpoolP384r1');
+  NID_brainpoolP384r1 = 931;
+
+  SN_brainpoolP384t1 = AnsiString('brainpoolP384t1');
+  NID_brainpoolP384t1 = 932;
+
+  SN_brainpoolP512r1 = AnsiString('brainpoolP512r1');
+  NID_brainpoolP512r1 = 933;
+
+  SN_brainpoolP512t1 = AnsiString('brainpoolP512t1');
+  NID_brainpoolP512t1 = 934;
+
+  SN_dhSinglePass_stdDH_sha1kdf_scheme = AnsiString('dhSinglePass-stdDH-sha1kdf-scheme');
+  NID_dhSinglePass_stdDH_sha1kdf_scheme = 936;
+
+  SN_dhSinglePass_stdDH_sha224kdf_scheme = AnsiString('dhSinglePass-stdDH-sha224kdf-scheme');
+  NID_dhSinglePass_stdDH_sha224kdf_scheme = 937;
+
+  SN_dhSinglePass_stdDH_sha256kdf_scheme = AnsiString('dhSinglePass-stdDH-sha256kdf-scheme');
+  NID_dhSinglePass_stdDH_sha256kdf_scheme = 938;
+
+  SN_dhSinglePass_stdDH_sha384kdf_scheme = AnsiString('dhSinglePass-stdDH-sha384kdf-scheme');
+  NID_dhSinglePass_stdDH_sha384kdf_scheme = 939;
+
+  SN_dhSinglePass_stdDH_sha512kdf_scheme = AnsiString('dhSinglePass-stdDH-sha512kdf-scheme');
+  NID_dhSinglePass_stdDH_sha512kdf_scheme = 940;
+
+  SN_dhSinglePass_cofactorDH_sha1kdf_scheme = AnsiString('dhSinglePass-cofactorDH-sha1kdf-scheme');
+  NID_dhSinglePass_cofactorDH_sha1kdf_scheme = 941;
+
+  SN_dhSinglePass_cofactorDH_sha224kdf_scheme = AnsiString('dhSinglePass-cofactorDH-sha224kdf-scheme');
+  NID_dhSinglePass_cofactorDH_sha224kdf_scheme = 942;
+
+  SN_dhSinglePass_cofactorDH_sha256kdf_scheme = AnsiString('dhSinglePass-cofactorDH-sha256kdf-scheme');
+  NID_dhSinglePass_cofactorDH_sha256kdf_scheme = 943;
+
+  SN_dhSinglePass_cofactorDH_sha384kdf_scheme = AnsiString('dhSinglePass-cofactorDH-sha384kdf-scheme');
+  NID_dhSinglePass_cofactorDH_sha384kdf_scheme = 944;
+
+  SN_dhSinglePass_cofactorDH_sha512kdf_scheme = AnsiString('dhSinglePass-cofactorDH-sha512kdf-scheme');
+  NID_dhSinglePass_cofactorDH_sha512kdf_scheme = 945;
+
+  SN_dh_std_kdf = AnsiString('dh-std-kdf');
+  NID_dh_std_kdf = 946;
+
+  SN_dh_cofactor_kdf = AnsiString('dh-cofactor-kdf');
+  NID_dh_cofactor_kdf = 947;
+
+  SN_ct_precert_scts = AnsiString('ct_precert_scts');
+  LN_ct_precert_scts = AnsiString('CT Precertificate SCTs');
+  NID_ct_precert_scts = 951;
+
+  SN_ct_precert_poison = AnsiString('ct_precert_poison');
+  LN_ct_precert_poison = AnsiString('CT Precertificate Poison');
+  NID_ct_precert_poison = 952;
+
+  SN_ct_precert_signer = AnsiString('ct_precert_signer');
+  LN_ct_precert_signer = AnsiString('CT Precertificate Signer');
+  NID_ct_precert_signer = 953;
+
+  SN_ct_cert_scts = AnsiString('ct_cert_scts');
+  LN_ct_cert_scts = AnsiString('CT Certificate SCTs');
+  NID_ct_cert_scts = 954;
+
+  SN_jurisdictionLocalityName = AnsiString('jurisdictionL');
+  LN_jurisdictionLocalityName = AnsiString('jurisdictionLocalityName');
+  NID_jurisdictionLocalityName = 955;
+
+  SN_jurisdictionStateOrProvinceName = AnsiString('jurisdictionST');
+  LN_jurisdictionStateOrProvinceName = AnsiString('jurisdictionStateOrProvinceName');
+  NID_jurisdictionStateOrProvinceName = 956;
+
+  SN_jurisdictionCountryName = AnsiString('jurisdictionC');
+  LN_jurisdictionCountryName = AnsiString('jurisdictionCountryName');
+  NID_jurisdictionCountryName = 957;
+
+  SN_id_scrypt = AnsiString('id-scrypt');
+  LN_id_scrypt = AnsiString('scrypt');
+  NID_id_scrypt = 973;
+
+  SN_tls1_prf = AnsiString('TLS1-PRF');
+  LN_tls1_prf = AnsiString('tls1-prf');
+  NID_tls1_prf = 1021;
+
+  SN_hkdf = AnsiString('HKDF');
+  LN_hkdf = AnsiString('hkdf');
+  NID_hkdf = 1036;
+
+  SN_id_pkinit = AnsiString('id-pkinit');
+  NID_id_pkinit = 1031;
+
+  SN_pkInitClientAuth = AnsiString('pkInitClientAuth');
+  LN_pkInitClientAuth = AnsiString('PKINIT Client Auth');
+  NID_pkInitClientAuth = 1032;
+
+  SN_pkInitKDC = AnsiString('pkInitKDC');
+  LN_pkInitKDC = AnsiString('Signing KDC Response');
+  NID_pkInitKDC = 1033;
+
+  SN_X25519 = AnsiString('X25519');
+  NID_X25519 = 1034;
+
+  SN_X448 = AnsiString('X448');
+  NID_X448 = 1035;
+
+  SN_ED25519 = AnsiString('ED25519');
+  NID_ED25519 = 1087;
+
+  SN_ED448 = AnsiString('ED448');
+  NID_ED448 = 1088;
+
+  SN_kx_rsa = AnsiString('KxRSA');
+  LN_kx_rsa = AnsiString('kx-rsa');
+  NID_kx_rsa = 1037;
+
+  SN_kx_ecdhe = AnsiString('KxECDHE');
+  LN_kx_ecdhe = AnsiString('kx-ecdhe');
+  NID_kx_ecdhe = 1038;
+
+  SN_kx_dhe = AnsiString('KxDHE');
+  LN_kx_dhe = AnsiString('kx-dhe');
+  NID_kx_dhe = 1039;
+
+  SN_kx_ecdhe_psk = AnsiString('KxECDHE-PSK');
+  LN_kx_ecdhe_psk = AnsiString('kx-ecdhe-psk');
+  NID_kx_ecdhe_psk = 1040;
+
+  SN_kx_dhe_psk = AnsiString('KxDHE-PSK');
+  LN_kx_dhe_psk = AnsiString('kx-dhe-psk');
+  NID_kx_dhe_psk = 1041;
+
+  SN_kx_rsa_psk = AnsiString('KxRSA_PSK');
+  LN_kx_rsa_psk = AnsiString('kx-rsa-psk');
+  NID_kx_rsa_psk = 1042;
+
+  SN_kx_psk = AnsiString('KxPSK');
+  LN_kx_psk = AnsiString('kx-psk');
+  NID_kx_psk = 1043;
+
+  SN_kx_srp = AnsiString('KxSRP');
+  LN_kx_srp = AnsiString('kx-srp');
+  NID_kx_srp = 1044;
+
+  SN_kx_gost = AnsiString('KxGOST');
+  LN_kx_gost = AnsiString('kx-gost');
+  NID_kx_gost = 1045;
+
+  SN_kx_any = AnsiString('KxANY');
+  LN_kx_any = AnsiString('kx-any');
+  NID_kx_any = 1063;
+
+  SN_auth_rsa = AnsiString('AuthRSA');
+  LN_auth_rsa = AnsiString('auth-rsa');
+  NID_auth_rsa = 1046;
+
+  SN_auth_ecdsa = AnsiString('AuthECDSA');
+  LN_auth_ecdsa = AnsiString('auth-ecdsa');
+  NID_auth_ecdsa = 1047;
+
+  SN_auth_psk = AnsiString('AuthPSK');
+  LN_auth_psk = AnsiString('auth-psk');
+  NID_auth_psk = 1048;
+
+  SN_auth_dss = AnsiString('AuthDSS');
+  LN_auth_dss = AnsiString('auth-dss');
+  NID_auth_dss = 1049;
+
+  SN_auth_gost01 = AnsiString('AuthGOST01');
+  LN_auth_gost01 = AnsiString('auth-gost01');
+  NID_auth_gost01 = 1050;
+
+  SN_auth_gost12 = AnsiString('AuthGOST12');
+  LN_auth_gost12 = AnsiString('auth-gost12');
+  NID_auth_gost12 = 1051;
+
+  SN_auth_srp = AnsiString('AuthSRP');
+  LN_auth_srp = AnsiString('auth-srp');
+  NID_auth_srp = 1052;
+
+  SN_auth_null = AnsiString('AuthNULL');
+  LN_auth_null = AnsiString('auth-null');
+  NID_auth_null = 1053;
+
+  SN_auth_any = AnsiString('AuthANY');
+  LN_auth_any = AnsiString('auth-any');
+  NID_auth_any = 1064;
+
+  SN_poly1305 = AnsiString('Poly1305');
+  LN_poly1305 = AnsiString('poly1305');
+  NID_poly1305 = 1061;
+
+  SN_siphash = AnsiString('SipHash');
+  LN_siphash = AnsiString('siphash');
+  NID_siphash = 1062;
+
+  SN_ffdhe2048 = AnsiString('ffdhe2048');
+  NID_ffdhe2048 = 1126;
+
+  SN_ffdhe3072 = AnsiString('ffdhe3072');
+  NID_ffdhe3072 = 1127;
+
+  SN_ffdhe4096 = AnsiString('ffdhe4096');
+  NID_ffdhe4096 = 1128;
+
+  SN_ffdhe6144 = AnsiString('ffdhe6144');
+  NID_ffdhe6144 = 1129;
+
+  SN_ffdhe8192 = AnsiString('ffdhe8192');
+  NID_ffdhe8192 = 1130;
+
+  SN_ISO_UA = AnsiString('ISO-UA');
+  NID_ISO_UA = 1150;
+
+  SN_ua_pki = AnsiString('ua-pki');
+  NID_ua_pki = 1151;
+
+  SN_dstu28147 = AnsiString('dstu28147');
+  LN_dstu28147 = AnsiString('DSTU Gost 28147-2009');
+  NID_dstu28147 = 1152;
+
+  SN_dstu28147_ofb = AnsiString('dstu28147-ofb');
+  LN_dstu28147_ofb = AnsiString('DSTU Gost 28147-2009 OFB mode');
+  NID_dstu28147_ofb = 1153;
+
+  SN_dstu28147_cfb = AnsiString('dstu28147-cfb');
+  LN_dstu28147_cfb = AnsiString('DSTU Gost 28147-2009 CFB mode');
+  NID_dstu28147_cfb = 1154;
+
+  SN_dstu28147_wrap = AnsiString('dstu28147-wrap');
+  LN_dstu28147_wrap = AnsiString('DSTU Gost 28147-2009 key wrap');
+  NID_dstu28147_wrap = 1155;
+
+  SN_hmacWithDstu34311 = AnsiString('hmacWithDstu34311');
+  LN_hmacWithDstu34311 = AnsiString('HMAC DSTU Gost 34311-95');
+  NID_hmacWithDstu34311 = 1156;
+
+  SN_dstu34311 = AnsiString('dstu34311');
+  LN_dstu34311 = AnsiString('DSTU Gost 34311-95');
+  NID_dstu34311 = 1157;
+
+  SN_dstu4145le = AnsiString('dstu4145le');
+  LN_dstu4145le = AnsiString('DSTU 4145-2002 little endian');
+  NID_dstu4145le = 1158;
+
+  SN_dstu4145be = AnsiString('dstu4145be');
+  LN_dstu4145be = AnsiString('DSTU 4145-2002 big endian');
+  NID_dstu4145be = 1159;
+
+  SN_uacurve0 = AnsiString('uacurve0');
+  LN_uacurve0 = AnsiString('DSTU curve 0');
+  NID_uacurve0 = 1160;
+
+  SN_uacurve1 = AnsiString('uacurve1');
+  LN_uacurve1 = AnsiString('DSTU curve 1');
+  NID_uacurve1 = 1161;
+
+  SN_uacurve2 = AnsiString('uacurve2');
+  LN_uacurve2 = AnsiString('DSTU curve 2');
+  NID_uacurve2 = 1162;
+
+  SN_uacurve3 = AnsiString('uacurve3');
+  LN_uacurve3 = AnsiString('DSTU curve 3');
+  NID_uacurve3 = 1163;
+
+  SN_uacurve4 = AnsiString('uacurve4');
+  LN_uacurve4 = AnsiString('DSTU curve 4');
+  NID_uacurve4 = 1164;
+
+  SN_uacurve5 = AnsiString('uacurve5');
+  LN_uacurve5 = AnsiString('DSTU curve 5');
+  NID_uacurve5 = 1165;
+
+  SN_uacurve6 = AnsiString('uacurve6');
+  LN_uacurve6 = AnsiString('DSTU curve 6');
+  NID_uacurve6 = 1166;
+
+  SN_uacurve7 = AnsiString('uacurve7');
+  LN_uacurve7 = AnsiString('DSTU curve 7');
+  NID_uacurve7 = 1167;
+
+  SN_uacurve8 = AnsiString('uacurve8');
+  LN_uacurve8 = AnsiString('DSTU curve 8');
+  NID_uacurve8 = 1168;
+
+  SN_uacurve9 = AnsiString('uacurve9');
+  LN_uacurve9 = AnsiString('DSTU curve 9');
+  NID_uacurve9 = 1169;
 
 implementation
 
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_pem.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_pem.pas
index 76cb8cf1e..d01408f86 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_pem.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_pem.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 15:01:04
+// Generation date: 11.05.2020 08:36:42
 
 unit IdOpenSSLHeaders_pem;
 
@@ -56,31 +56,31 @@ interface
 const
   PEM_BUFSIZE             = 1024;
 
-  PEM_STRING_X509_OLD     = 'X509 CERTIFICATE';
-  PEM_STRING_X509         = 'CERTIFICATE';
-  PEM_STRING_X509_TRUSTED = 'TRUSTED CERTIFICATE';
-  PEM_STRING_X509_REQ_OLD = 'NEW CERTIFICATE REQUEST';
-  PEM_STRING_X509_REQ     = 'CERTIFICATE REQUEST';
-  PEM_STRING_X509_CRL     = 'X509 CRL';
-  PEM_STRING_EVP_PKEY     = 'ANY PRIVATE KEY';
-  PEM_STRING_PUBLIC       = 'PUBLIC KEY';
-  PEM_STRING_RSA          = 'RSA PRIVATE KEY';
-  PEM_STRING_RSA_PUBLIC   = 'RSA PUBLIC KEY';
-  PEM_STRING_DSA          = 'DSA PRIVATE KEY';
-  PEM_STRING_DSA_PUBLIC   = 'DSA PUBLIC KEY';
-  PEM_STRING_PKCS7        = 'PKCS7';
-  PEM_STRING_PKCS7_SIGNED = 'PKCS #7 SIGNED DATA';
-  PEM_STRING_PKCS8        = 'ENCRYPTED PRIVATE KEY';
-  PEM_STRING_PKCS8INF     = 'PRIVATE KEY';
-  PEM_STRING_DHPARAMS     = 'DH PARAMETERS';
-  PEM_STRING_DHXPARAMS    = 'X9.42 DH PARAMETERS';
-  PEM_STRING_SSL_SESSION  = 'SSL SESSION PARAMETERS';
-  PEM_STRING_DSAPARAMS    = 'DSA PARAMETERS';
-  PEM_STRING_ECDSA_PUBLIC = 'ECDSA PUBLIC KEY';
-  PEM_STRING_ECPARAMETERS = 'EC PARAMETERS';
-  PEM_STRING_ECPRIVATEKEY = 'EC PRIVATE KEY';
-  PEM_STRING_PARAMETERS   = 'PARAMETERS';
-  PEM_STRING_CMS          = 'CMS';
+  PEM_STRING_X509_OLD     = AnsiString('X509 CERTIFICATE');
+  PEM_STRING_X509         = AnsiString('CERTIFICATE');
+  PEM_STRING_X509_TRUSTED = AnsiString('TRUSTED CERTIFICATE');
+  PEM_STRING_X509_REQ_OLD = AnsiString('NEW CERTIFICATE REQUEST');
+  PEM_STRING_X509_REQ     = AnsiString('CERTIFICATE REQUEST');
+  PEM_STRING_X509_CRL     = AnsiString('X509 CRL');
+  PEM_STRING_EVP_PKEY     = AnsiString('ANY PRIVATE KEY');
+  PEM_STRING_PUBLIC       = AnsiString('PUBLIC KEY');
+  PEM_STRING_RSA          = AnsiString('RSA PRIVATE KEY');
+  PEM_STRING_RSA_PUBLIC   = AnsiString('RSA PUBLIC KEY');
+  PEM_STRING_DSA          = AnsiString('DSA PRIVATE KEY');
+  PEM_STRING_DSA_PUBLIC   = AnsiString('DSA PUBLIC KEY');
+  PEM_STRING_PKCS7        = AnsiString('PKCS7');
+  PEM_STRING_PKCS7_SIGNED = AnsiString('PKCS #7 SIGNED DATA');
+  PEM_STRING_PKCS8        = AnsiString('ENCRYPTED PRIVATE KEY');
+  PEM_STRING_PKCS8INF     = AnsiString('PRIVATE KEY');
+  PEM_STRING_DHPARAMS     = AnsiString('DH PARAMETERS');
+  PEM_STRING_DHXPARAMS    = AnsiString('X9.42 DH PARAMETERS');
+  PEM_STRING_SSL_SESSION  = AnsiString('SSL SESSION PARAMETERS');
+  PEM_STRING_DSAPARAMS    = AnsiString('DSA PARAMETERS');
+  PEM_STRING_ECDSA_PUBLIC = AnsiString('ECDSA PUBLIC KEY');
+  PEM_STRING_ECPARAMETERS = AnsiString('EC PARAMETERS');
+  PEM_STRING_ECPRIVATEKEY = AnsiString('EC PRIVATE KEY');
+  PEM_STRING_PARAMETERS   = AnsiString('PARAMETERS');
+  PEM_STRING_CMS          = AnsiString('CMS');
 
   PEM_TYPE_ENCRYPTED      = 10;
   PEM_TYPE_MIC_ONLY       = 20;
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_rand.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_rand.pas
index a0b34fb28..ece2eb6d0 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_rand.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_rand.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 15:01:04
+// Generation date: 11.05.2020 08:36:42
 
 unit IdOpenSSLHeaders_rand;
 
@@ -54,7 +54,7 @@ interface
   rand_meth_st_pseudorand = function (buf: PByte; num: TIdC_INT): TIdC_INT; cdecl;
   rand_meth_st_status = function: TIdC_INT; cdecl;
 
-  rand_meth_st = class
+  rand_meth_st = record
     seed: rand_meth_st_seed;
     bytes: rand_meth_st_bytes;
     cleanup: rand_meth_st_cleanup;
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ssl.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ssl.pas
index 813ae2c00..9d7745283 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ssl.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ssl.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 15:01:04
+// Generation date: 11.05.2020 08:36:42
 
 unit IdOpenSSLHeaders_ssl;
 
@@ -77,97 +77,97 @@ interface
 
   (* These are used to specify which ciphers to use and not to use *)
 
-  SSL_TXT_LOW = 'LOW';
-  SSL_TXT_MEDIUM = 'MEDIUM';
-  SSL_TXT_HIGH = 'HIGH';
-  SSL_TXT_FIPS = 'FIPS';
-
-  SSL_TXT_aNULL = 'aNULL';
-  SSL_TXT_eNULL = 'eNULL';
-  SSL_TXT_NULL = 'NULL';
-
-  SSL_TXT_kRSA = 'kRSA';
-  SSL_TXT_kDHr = 'kDHr';
-  SSL_TXT_kDHd = 'kDHd';
-  SSL_TXT_kDH = 'kDH';
-  SSL_TXT_kEDH = 'kEDH';
-  SSL_TXT_kDHE = 'kDHE';
-  SSL_TXT_kECDHr = 'kECDHr';
-//const SSL_TXT_kECDHe = 'kECDHe';
-  SSL_TXT_kECDH = 'kECDH';
-  SSL_TXT_kEECDH = 'kEECDH';
-  SSL_TXT_kECDHE = 'kECDHE';
-  SSL_TXT_kPSK = 'kPSK';
-  SSL_TXT_kRSAPSK = 'kRSAPSK';
-  SSL_TXT_kECDHEPSK = 'kECDHEPSK';
-  SSL_TXT_kDHEPSK = 'kDHEPSK';
-  SSL_TXT_kGOST = 'kGOST';
-  SSL_TXT_kSRP = 'kSRP';
-
-  SSL_TXT_aRSA = 'aRSA';
-  SSL_TXT_aDSS = 'aDSS';
-  SSL_TXT_aDH = 'aDH';
-  SSL_TXT_aECDH = 'aECDH';
-  SSL_TXT_aECDSA = 'aECDSA';
-  SSL_TXT_aPSK = 'aPSK';
-  SSL_TXT_aGOST94 = 'aGOST94';
-  SSL_TXT_aGOST01 = 'aGOST01';
-  SSL_TXT_aGOST12 = 'aGOST12';
-  SSL_TXT_aGOST = 'aGOST';
-  SSL_TXT_aSRP = 'aSRP';
-
-  SSL_TXT_DSS = 'DSS';
-  SSL_TXT_DH = 'DH';
-  SSL_TXT_DHE = 'DHE';
-  SSL_TXT_EDH = 'EDH';
-  //SSL_TXT_ADH = 'ADH';
-  SSL_TXT_RSA = 'RSA';
-  SSL_TXT_ECDH = 'ECDH';
-  SSL_TXT_EECDH = 'EECDH';
-  SSL_TXT_ECDHE = 'ECDHE';
-  //SSL_TXT_AECDH = 'AECDH';
-  SSL_TXT_ECDSA = 'ECDSA';
-  SSL_TXT_PSK = 'PSK';
-  SSL_TXT_SRP = 'SRP';
-
-  SSL_TXT_DES = 'DES';
-  SSL_TXT_3DES = '3DES';
-  SSL_TXT_RC4 = 'RC4';
-  SSL_TXT_RC2 = 'RC2';
-  SSL_TXT_IDEA = 'IDEA';
-  SSL_TXT_SEED = 'SEED';
-  SSL_TXT_AES128 = 'AES128';
-  SSL_TXT_AES256 = 'AES256';
-  SSL_TXT_AES = 'AES';
-  SSL_TXT_AES_GCM = 'AESGCM';
-  SSL_TXT_AES_CCM = 'AESCCM';
-  SSL_TXT_AES_CCM_8 = 'AESCCM8';
-  SSL_TXT_CAMELLIA128 = 'CAMELLIA128';
-  SSL_TXT_CAMELLIA256 = 'CAMELLIA256';
-  SSL_TXT_CAMELLIA = 'CAMELLIA';
-  SSL_TXT_CHACHA20 = 'CHACHA20';
-  SSL_TXT_GOST = 'GOST89';
-  SSL_TXT_ARIA = 'ARIA';
-  SSL_TXT_ARIA_GCM = 'ARIAGCM';
-  SSL_TXT_ARIA128 = 'ARIA128';
-  SSL_TXT_ARIA256 = 'ARIA256';
-
-  SSL_TXT_MD5 = 'MD5';
-  SSL_TXT_SHA1 = 'SHA1';
-  SSL_TXT_SHA = 'SHA';
-  SSL_TXT_GOST94 = 'GOST94';
-  SSL_TXT_GOST89MAC = 'GOST89MAC';
-  SSL_TXT_GOST12 = 'GOST12';
-  SSL_TXT_GOST89MAC12 = 'GOST89MAC12';
-  SSL_TXT_SHA256 = 'SHA256';
-  SSL_TXT_SHA384 = 'SHA384';
-
-  SSL_TXT_SSLV3 = 'SSLv3';
-  SSL_TXT_TLSV1 = 'TLSv1';
-  SSL_TXT_TLSV1_1 = 'TLSv1.1';
-  SSL_TXT_TLSV1_2 = 'TLSv1.2';
-
-  SSL_TXT_ALL = 'ALL';
+  SSL_TXT_LOW = AnsiString('LOW');
+  SSL_TXT_MEDIUM = AnsiString('MEDIUM');
+  SSL_TXT_HIGH = AnsiString('HIGH');
+  SSL_TXT_FIPS = AnsiString('FIPS');
+
+  SSL_TXT_aNULL = AnsiString('aNULL');
+  SSL_TXT_eNULL = AnsiString('eNULL');
+  SSL_TXT_NULL = AnsiString('NULL');
+
+  SSL_TXT_kRSA = AnsiString('kRSA');
+  SSL_TXT_kDHr = AnsiString('kDHr');
+  SSL_TXT_kDHd = AnsiString('kDHd');
+  SSL_TXT_kDH = AnsiString('kDH');
+  SSL_TXT_kEDH = AnsiString('kEDH');
+  SSL_TXT_kDHE = AnsiString('kDHE');
+  SSL_TXT_kECDHr = AnsiString('kECDHr');
+//const SSL_TXT_kECDHe = AnsiString('kECDHe');
+  SSL_TXT_kECDH = AnsiString('kECDH');
+  SSL_TXT_kEECDH = AnsiString('kEECDH');
+  SSL_TXT_kECDHE = AnsiString('kECDHE');
+  SSL_TXT_kPSK = AnsiString('kPSK');
+  SSL_TXT_kRSAPSK = AnsiString('kRSAPSK');
+  SSL_TXT_kECDHEPSK = AnsiString('kECDHEPSK');
+  SSL_TXT_kDHEPSK = AnsiString('kDHEPSK');
+  SSL_TXT_kGOST = AnsiString('kGOST');
+  SSL_TXT_kSRP = AnsiString('kSRP');
+
+  SSL_TXT_aRSA = AnsiString('aRSA');
+  SSL_TXT_aDSS = AnsiString('aDSS');
+  SSL_TXT_aDH = AnsiString('aDH');
+  SSL_TXT_aECDH = AnsiString('aECDH');
+  SSL_TXT_aECDSA = AnsiString('aECDSA');
+  SSL_TXT_aPSK = AnsiString('aPSK');
+  SSL_TXT_aGOST94 = AnsiString('aGOST94');
+  SSL_TXT_aGOST01 = AnsiString('aGOST01');
+  SSL_TXT_aGOST12 = AnsiString('aGOST12');
+  SSL_TXT_aGOST = AnsiString('aGOST');
+  SSL_TXT_aSRP = AnsiString('aSRP');
+
+  SSL_TXT_DSS = AnsiString('DSS');
+  SSL_TXT_DH = AnsiString('DH');
+  SSL_TXT_DHE = AnsiString('DHE');
+  SSL_TXT_EDH = AnsiString('EDH');
+  //SSL_TXT_ADH = AnsiString('ADH');
+  SSL_TXT_RSA = AnsiString('RSA');
+  SSL_TXT_ECDH = AnsiString('ECDH');
+  SSL_TXT_EECDH = AnsiString('EECDH');
+  SSL_TXT_ECDHE = AnsiString('ECDHE');
+  //SSL_TXT_AECDH = AnsiString('AECDH');
+  SSL_TXT_ECDSA = AnsiString('ECDSA');
+  SSL_TXT_PSK = AnsiString('PSK');
+  SSL_TXT_SRP = AnsiString('SRP');
+
+  SSL_TXT_DES = AnsiString('DES');
+  SSL_TXT_3DES = AnsiString('3DES');
+  SSL_TXT_RC4 = AnsiString('RC4');
+  SSL_TXT_RC2 = AnsiString('RC2');
+  SSL_TXT_IDEA = AnsiString('IDEA');
+  SSL_TXT_SEED = AnsiString('SEED');
+  SSL_TXT_AES128 = AnsiString('AES128');
+  SSL_TXT_AES256 = AnsiString('AES256');
+  SSL_TXT_AES = AnsiString('AES');
+  SSL_TXT_AES_GCM = AnsiString('AESGCM');
+  SSL_TXT_AES_CCM = AnsiString('AESCCM');
+  SSL_TXT_AES_CCM_8 = AnsiString('AESCCM8');
+  SSL_TXT_CAMELLIA128 = AnsiString('CAMELLIA128');
+  SSL_TXT_CAMELLIA256 = AnsiString('CAMELLIA256');
+  SSL_TXT_CAMELLIA = AnsiString('CAMELLIA');
+  SSL_TXT_CHACHA20 = AnsiString('CHACHA20');
+  SSL_TXT_GOST = AnsiString('GOST89');
+  SSL_TXT_ARIA = AnsiString('ARIA');
+  SSL_TXT_ARIA_GCM = AnsiString('ARIAGCM');
+  SSL_TXT_ARIA128 = AnsiString('ARIA128');
+  SSL_TXT_ARIA256 = AnsiString('ARIA256');
+
+  SSL_TXT_MD5 = AnsiString('MD5');
+  SSL_TXT_SHA1 = AnsiString('SHA1');
+  SSL_TXT_SHA = AnsiString('SHA');
+  SSL_TXT_GOST94 = AnsiString('GOST94');
+  SSL_TXT_GOST89MAC = AnsiString('GOST89MAC');
+  SSL_TXT_GOST12 = AnsiString('GOST12');
+  SSL_TXT_GOST89MAC12 = AnsiString('GOST89MAC12');
+  SSL_TXT_SHA256 = AnsiString('SHA256');
+  SSL_TXT_SHA384 = AnsiString('SHA384');
+
+  SSL_TXT_SSLV3 = AnsiString('SSLv3');
+  SSL_TXT_TLSV1 = AnsiString('TLSv1');
+  SSL_TXT_TLSV1_1 = AnsiString('TLSv1.1');
+  SSL_TXT_TLSV1_2 = AnsiString('TLSv1.2');
+
+  SSL_TXT_ALL = AnsiString('ALL');
 
   (*-
    * COMPLEMENTOF* definitions. These identifiers are used to (de-select)
@@ -183,17 +183,17 @@ interface
    * DEFAULT gets, as only selection is being done and no sorting as needed
    * for DEFAULT.
    *)
-  SSL_TXT_CMPALL = 'COMPLEMENTOFALL';
-  SSL_TXT_CMPDEF = 'COMPLEMENTOFDEFAULT';
+  SSL_TXT_CMPALL = AnsiString('COMPLEMENTOFALL');
+  SSL_TXT_CMPDEF = AnsiString('COMPLEMENTOFDEFAULT');
 
   (*
    * The following cipher list is used by default. It also is substituted when
    * an application-defined cipher list string starts with 'DEFAULT'.
    * This applies to ciphersuites for TLSv1.2 and below.
    *)
-  SSL_DEFAULT_CIPHER_LIST = 'ALL:!COMPLEMENTOFDEFAULT:!eNULL';
+  SSL_DEFAULT_CIPHER_LIST = AnsiString('ALL:!COMPLEMENTOFDEFAULT:!eNULL');
   (* This is the default set of TLSv1.3 ciphersuites *)
-  TLS_DEFAULT_CIPHERSUITES = 'TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256';
+  TLS_DEFAULT_CIPHERSUITES = AnsiString('TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256');
 
   (*
    * As of OpenSSL 1.0.0, ssl_create_cipher_list() in ssl/ssl_ciph.c always
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ssl3.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ssl3.pas
index 1e1ce5546..31a4ac327 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ssl3.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ssl3.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 15:01:04
+// Generation date: 11.05.2020 08:36:42
 
 unit IdOpenSSLHeaders_ssl3;
 
@@ -39,6 +39,9 @@ interface
 
 {$i IdCompilerDefines.inc}
 
+uses
+  IdGlobal;
+
 const
   (*
    * Signalling cipher suite value from RFC 5746
@@ -90,59 +93,59 @@ interface
   SSL3_CK_ADH_DES_192_CBC_SHA = $0300001B;
 
   (* a bundle of RFC standard cipher names, generated from ssl3_ciphers[] *)
-  SSL3_RFC_RSA_NULL_MD5 = 'TLS_RSA_WITH_NULL_MD5';
-  SSL3_RFC_RSA_NULL_SHA = 'TLS_RSA_WITH_NULL_SHA';
-  SSL3_RFC_RSA_DES_192_CBC3_SHA = 'TLS_RSA_WITH_3DES_EDE_CBC_SHA';
-  SSL3_RFC_DHE_DSS_DES_192_CBC3_SHA = 'TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA';
-  SSL3_RFC_DHE_RSA_DES_192_CBC3_SHA = 'TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA';
-  SSL3_RFC_ADH_DES_192_CBC_SHA = 'TLS_DH_anon_WITH_3DES_EDE_CBC_SHA';
-  SSL3_RFC_RSA_IDEA_128_SHA = 'TLS_RSA_WITH_IDEA_CBC_SHA';
-  SSL3_RFC_RSA_RC4_128_MD5 = 'TLS_RSA_WITH_RC4_128_MD5';
-  SSL3_RFC_RSA_RC4_128_SHA = 'TLS_RSA_WITH_RC4_128_SHA';
-  SSL3_RFC_ADH_RC4_128_MD5 = 'TLS_DH_anon_WITH_RC4_128_MD5';
-
-  SSL3_TXT_RSA_NULL_MD5 = 'NULL-MD5';
-  SSL3_TXT_RSA_NULL_SHA = 'NULL-SHA';
-  SSL3_TXT_RSA_RC4_40_MD5 = 'EXP-RC4-MD5';
-  SSL3_TXT_RSA_RC4_128_MD5 = 'RC4-MD5';
-  SSL3_TXT_RSA_RC4_128_SHA = 'RC4-SHA';
-  SSL3_TXT_RSA_RC2_40_MD5 = 'EXP-RC2-CBC-MD5';
-  SSL3_TXT_RSA_IDEA_128_SHA = 'IDEA-CBC-SHA';
-  SSL3_TXT_RSA_DES_40_CBC_SHA = 'EXP-DES-CBC-SHA';
-  SSL3_TXT_RSA_DES_64_CBC_SHA = 'DES-CBC-SHA';
-  SSL3_TXT_RSA_DES_192_CBC3_SHA = 'DES-CBC3-SHA';
-
-  SSL3_TXT_DH_DSS_DES_40_CBC_SHA = 'EXP-DH-DSS-DES-CBC-SHA';
-  SSL3_TXT_DH_DSS_DES_64_CBC_SHA = 'DH-DSS-DES-CBC-SHA';
-  SSL3_TXT_DH_DSS_DES_192_CBC3_SHA = 'DH-DSS-DES-CBC3-SHA';
-  SSL3_TXT_DH_RSA_DES_40_CBC_SHA = 'EXP-DH-RSA-DES-CBC-SHA';
-  SSL3_TXT_DH_RSA_DES_64_CBC_SHA = 'DH-RSA-DES-CBC-SHA';
-  SSL3_TXT_DH_RSA_DES_192_CBC3_SHA = 'DH-RSA-DES-CBC3-SHA';
-
-  SSL3_TXT_DHE_DSS_DES_40_CBC_SHA = 'EXP-DHE-DSS-DES-CBC-SHA';
-  SSL3_TXT_DHE_DSS_DES_64_CBC_SHA = 'DHE-DSS-DES-CBC-SHA';
-  SSL3_TXT_DHE_DSS_DES_192_CBC3_SHA = 'DHE-DSS-DES-CBC3-SHA';
-  SSL3_TXT_DHE_RSA_DES_40_CBC_SHA = 'EXP-DHE-RSA-DES-CBC-SHA';
-  SSL3_TXT_DHE_RSA_DES_64_CBC_SHA = 'DHE-RSA-DES-CBC-SHA';
-  SSL3_TXT_DHE_RSA_DES_192_CBC3_SHA = 'DHE-RSA-DES-CBC3-SHA';
+  SSL3_RFC_RSA_NULL_MD5 = AnsiString('TLS_RSA_WITH_NULL_MD5');
+  SSL3_RFC_RSA_NULL_SHA = AnsiString('TLS_RSA_WITH_NULL_SHA');
+  SSL3_RFC_RSA_DES_192_CBC3_SHA = AnsiString('TLS_RSA_WITH_3DES_EDE_CBC_SHA');
+  SSL3_RFC_DHE_DSS_DES_192_CBC3_SHA = AnsiString('TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA');
+  SSL3_RFC_DHE_RSA_DES_192_CBC3_SHA = AnsiString('TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA');
+  SSL3_RFC_ADH_DES_192_CBC_SHA = AnsiString('TLS_DH_anon_WITH_3DES_EDE_CBC_SHA');
+  SSL3_RFC_RSA_IDEA_128_SHA = AnsiString('TLS_RSA_WITH_IDEA_CBC_SHA');
+  SSL3_RFC_RSA_RC4_128_MD5 = AnsiString('TLS_RSA_WITH_RC4_128_MD5');
+  SSL3_RFC_RSA_RC4_128_SHA = AnsiString('TLS_RSA_WITH_RC4_128_SHA');
+  SSL3_RFC_ADH_RC4_128_MD5 = AnsiString('TLS_DH_anon_WITH_RC4_128_MD5');
+
+  SSL3_TXT_RSA_NULL_MD5 = AnsiString('NULL-MD5');
+  SSL3_TXT_RSA_NULL_SHA = AnsiString('NULL-SHA');
+  SSL3_TXT_RSA_RC4_40_MD5 = AnsiString('EXP-RC4-MD5');
+  SSL3_TXT_RSA_RC4_128_MD5 = AnsiString('RC4-MD5');
+  SSL3_TXT_RSA_RC4_128_SHA = AnsiString('RC4-SHA');
+  SSL3_TXT_RSA_RC2_40_MD5 = AnsiString('EXP-RC2-CBC-MD5');
+  SSL3_TXT_RSA_IDEA_128_SHA = AnsiString('IDEA-CBC-SHA');
+  SSL3_TXT_RSA_DES_40_CBC_SHA = AnsiString('EXP-DES-CBC-SHA');
+  SSL3_TXT_RSA_DES_64_CBC_SHA = AnsiString('DES-CBC-SHA');
+  SSL3_TXT_RSA_DES_192_CBC3_SHA = AnsiString('DES-CBC3-SHA');
+
+  SSL3_TXT_DH_DSS_DES_40_CBC_SHA = AnsiString('EXP-DH-DSS-DES-CBC-SHA');
+  SSL3_TXT_DH_DSS_DES_64_CBC_SHA = AnsiString('DH-DSS-DES-CBC-SHA');
+  SSL3_TXT_DH_DSS_DES_192_CBC3_SHA = AnsiString('DH-DSS-DES-CBC3-SHA');
+  SSL3_TXT_DH_RSA_DES_40_CBC_SHA = AnsiString('EXP-DH-RSA-DES-CBC-SHA');
+  SSL3_TXT_DH_RSA_DES_64_CBC_SHA = AnsiString('DH-RSA-DES-CBC-SHA');
+  SSL3_TXT_DH_RSA_DES_192_CBC3_SHA = AnsiString('DH-RSA-DES-CBC3-SHA');
+
+  SSL3_TXT_DHE_DSS_DES_40_CBC_SHA = AnsiString('EXP-DHE-DSS-DES-CBC-SHA');
+  SSL3_TXT_DHE_DSS_DES_64_CBC_SHA = AnsiString('DHE-DSS-DES-CBC-SHA');
+  SSL3_TXT_DHE_DSS_DES_192_CBC3_SHA = AnsiString('DHE-DSS-DES-CBC3-SHA');
+  SSL3_TXT_DHE_RSA_DES_40_CBC_SHA = AnsiString('EXP-DHE-RSA-DES-CBC-SHA');
+  SSL3_TXT_DHE_RSA_DES_64_CBC_SHA = AnsiString('DHE-RSA-DES-CBC-SHA');
+  SSL3_TXT_DHE_RSA_DES_192_CBC3_SHA = AnsiString('DHE-RSA-DES-CBC3-SHA');
 
   (*
    * This next block of six 'EDH' labels is for backward compatibility with
    * older versions of OpenSSL.  New code should use the six 'DHE' labels above
    * instead:
    *)
-  SSL3_TXT_EDH_DSS_DES_40_CBC_SHA = 'EXP-EDH-DSS-DES-CBC-SHA';
-  SSL3_TXT_EDH_DSS_DES_64_CBC_SHA = 'EDH-DSS-DES-CBC-SHA';
-  SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA = 'EDH-DSS-DES-CBC3-SHA';
-  SSL3_TXT_EDH_RSA_DES_40_CBC_SHA = 'EXP-EDH-RSA-DES-CBC-SHA';
-  SSL3_TXT_EDH_RSA_DES_64_CBC_SHA = 'EDH-RSA-DES-CBC-SHA';
-  SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA = 'EDH-RSA-DES-CBC3-SHA';
-
-  SSL3_TXT_ADH_RC4_40_MD5 = 'EXP-ADH-RC4-MD5';
-  SSL3_TXT_ADH_RC4_128_MD5 = 'ADH-RC4-MD5';
-  SSL3_TXT_ADH_DES_40_CBC_SHA = 'EXP-ADH-DES-CBC-SHA';
-  SSL3_TXT_ADH_DES_64_CBC_SHA = 'ADH-DES-CBC-SHA';
-  SSL3_TXT_ADH_DES_192_CBC_SHA = 'ADH-DES-CBC3-SHA';
+  SSL3_TXT_EDH_DSS_DES_40_CBC_SHA = AnsiString('EXP-EDH-DSS-DES-CBC-SHA');
+  SSL3_TXT_EDH_DSS_DES_64_CBC_SHA = AnsiString('EDH-DSS-DES-CBC-SHA');
+  SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA = AnsiString('EDH-DSS-DES-CBC3-SHA');
+  SSL3_TXT_EDH_RSA_DES_40_CBC_SHA = AnsiString('EXP-EDH-RSA-DES-CBC-SHA');
+  SSL3_TXT_EDH_RSA_DES_64_CBC_SHA = AnsiString('EDH-RSA-DES-CBC-SHA');
+  SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA = AnsiString('EDH-RSA-DES-CBC3-SHA');
+
+  SSL3_TXT_ADH_RC4_40_MD5 = AnsiString('EXP-ADH-RC4-MD5');
+  SSL3_TXT_ADH_RC4_128_MD5 = AnsiString('ADH-RC4-MD5');
+  SSL3_TXT_ADH_DES_40_CBC_SHA = AnsiString('EXP-ADH-DES-CBC-SHA');
+  SSL3_TXT_ADH_DES_64_CBC_SHA = AnsiString('ADH-DES-CBC-SHA');
+  SSL3_TXT_ADH_DES_192_CBC_SHA = AnsiString('ADH-DES-CBC3-SHA');
 
   SSL3_SSL_SESSION_ID_LENGTH = 32;
   SSL3_MAX_SSL_SESSION_ID_LENGTH = 32;
@@ -203,10 +206,10 @@ interface
 
   SSL3_RT_MAX_ENCRYPTED_LENGTH = SSL3_RT_MAX_ENCRYPTED_OVERHEAD + SSL3_RT_MAX_COMPRESSED_LENGTH;
   SSL3_RT_MAX_TLS13_ENCRYPTED_LENGTH = SSL3_RT_MAX_PLAIN_LENGTH + SSL3_RT_MAX_TLS13_ENCRYPTED_OVERHEAD;
-  SSL3_RT_MAX_PACKET_SIZE = SSL3_RT_MAX_ENCRYPTED_LENGTH+SSL3_RT_HEADER_LENGTH;
+  SSL3_RT_MAX_PACKET_SIZE = SSL3_RT_MAX_ENCRYPTED_LENGTH + SSL3_RT_HEADER_LENGTH;
 
-  SSL3_MD_CLIENT_FINISHED_= '\x43\x4C\x4E\x54';
-  SSL3_MD_SERVER_FINISHED_= '\x53\x52\x56\x52';
+  SSL3_MD_CLIENT_FINISHED_= TIdAnsiChar($43) + TIdAnsiChar($4C) + TIdAnsiChar($4E) + TIdAnsiChar($54);
+  SSL3_MD_SERVER_FINISHED_= TIdAnsiChar($53) + TIdAnsiChar($52) + TIdAnsiChar($56) + TIdAnsiChar($52);
 
   SSL3_VERSION = $0300;
   SSL3_VERSION_MAJOR = $03;
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_tls1.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_tls1.pas
index a1826d4c8..5571cafbe 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_tls1.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_tls1.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 15:01:04
+// Generation date: 11.05.2020 08:36:42
 
 unit IdOpenSSLHeaders_tls1;
 
@@ -525,195 +525,195 @@ interface
   TLS1_CK_RSA_PSK_WITH_ARIA_256_GCM_SHA384 = $0300C06F;
 
   (* a bundle of RFC standard cipher names, generated from ssl3_ciphers[] *)
-  TLS1_RFC_RSA_WITH_AES_128_SHA = 'TLS_RSA_WITH_AES_128_CBC_SHA';
-  TLS1_RFC_DHE_DSS_WITH_AES_128_SHA = 'TLS_DHE_DSS_WITH_AES_128_CBC_SHA';
-  TLS1_RFC_DHE_RSA_WITH_AES_128_SHA = 'TLS_DHE_RSA_WITH_AES_128_CBC_SHA';
-  TLS1_RFC_ADH_WITH_AES_128_SHA = 'TLS_DH_anon_WITH_AES_128_CBC_SHA';
-  TLS1_RFC_RSA_WITH_AES_256_SHA = 'TLS_RSA_WITH_AES_256_CBC_SHA';
-  TLS1_RFC_DHE_DSS_WITH_AES_256_SHA = 'TLS_DHE_DSS_WITH_AES_256_CBC_SHA';
-  TLS1_RFC_DHE_RSA_WITH_AES_256_SHA = 'TLS_DHE_RSA_WITH_AES_256_CBC_SHA';
-  TLS1_RFC_ADH_WITH_AES_256_SHA = 'TLS_DH_anon_WITH_AES_256_CBC_SHA';
-  TLS1_RFC_RSA_WITH_NULL_SHA256 = 'TLS_RSA_WITH_NULL_SHA256';
-  TLS1_RFC_RSA_WITH_AES_128_SHA256 = 'TLS_RSA_WITH_AES_128_CBC_SHA256';
-  TLS1_RFC_RSA_WITH_AES_256_SHA256 = 'TLS_RSA_WITH_AES_256_CBC_SHA256';
-  TLS1_RFC_DHE_DSS_WITH_AES_128_SHA256 = 'TLS_DHE_DSS_WITH_AES_128_CBC_SHA256';
-  TLS1_RFC_DHE_RSA_WITH_AES_128_SHA256 = 'TLS_DHE_RSA_WITH_AES_128_CBC_SHA256';
-  TLS1_RFC_DHE_DSS_WITH_AES_256_SHA256 = 'TLS_DHE_DSS_WITH_AES_256_CBC_SHA256';
-  TLS1_RFC_DHE_RSA_WITH_AES_256_SHA256 = 'TLS_DHE_RSA_WITH_AES_256_CBC_SHA256';
-  TLS1_RFC_ADH_WITH_AES_128_SHA256 = 'TLS_DH_anon_WITH_AES_128_CBC_SHA256';
-  TLS1_RFC_ADH_WITH_AES_256_SHA256 = 'TLS_DH_anon_WITH_AES_256_CBC_SHA256';
-  TLS1_RFC_RSA_WITH_AES_128_GCM_SHA256 = 'TLS_RSA_WITH_AES_128_GCM_SHA256';
-  TLS1_RFC_RSA_WITH_AES_256_GCM_SHA384 = 'TLS_RSA_WITH_AES_256_GCM_SHA384';
-  TLS1_RFC_DHE_RSA_WITH_AES_128_GCM_SHA256 = 'TLS_DHE_RSA_WITH_AES_128_GCM_SHA256';
-  TLS1_RFC_DHE_RSA_WITH_AES_256_GCM_SHA384 = 'TLS_DHE_RSA_WITH_AES_256_GCM_SHA384';
-  TLS1_RFC_DHE_DSS_WITH_AES_128_GCM_SHA256 = 'TLS_DHE_DSS_WITH_AES_128_GCM_SHA256';
-  TLS1_RFC_DHE_DSS_WITH_AES_256_GCM_SHA384 = 'TLS_DHE_DSS_WITH_AES_256_GCM_SHA384';
-  TLS1_RFC_ADH_WITH_AES_128_GCM_SHA256 = 'TLS_DH_anon_WITH_AES_128_GCM_SHA256';
-  TLS1_RFC_ADH_WITH_AES_256_GCM_SHA384 = 'TLS_DH_anon_WITH_AES_256_GCM_SHA384';
-  TLS1_RFC_RSA_WITH_AES_128_CCM = 'TLS_RSA_WITH_AES_128_CCM';
-  TLS1_RFC_RSA_WITH_AES_256_CCM = 'TLS_RSA_WITH_AES_256_CCM';
-  TLS1_RFC_DHE_RSA_WITH_AES_128_CCM = 'TLS_DHE_RSA_WITH_AES_128_CCM';
-  TLS1_RFC_DHE_RSA_WITH_AES_256_CCM = 'TLS_DHE_RSA_WITH_AES_256_CCM';
-  TLS1_RFC_RSA_WITH_AES_128_CCM_8 = 'TLS_RSA_WITH_AES_128_CCM_8';
-  TLS1_RFC_RSA_WITH_AES_256_CCM_8 = 'TLS_RSA_WITH_AES_256_CCM_8';
-  TLS1_RFC_DHE_RSA_WITH_AES_128_CCM_8 = 'TLS_DHE_RSA_WITH_AES_128_CCM_8';
-  TLS1_RFC_DHE_RSA_WITH_AES_256_CCM_8 = 'TLS_DHE_RSA_WITH_AES_256_CCM_8';
-  TLS1_RFC_PSK_WITH_AES_128_CCM = 'TLS_PSK_WITH_AES_128_CCM';
-  TLS1_RFC_PSK_WITH_AES_256_CCM = 'TLS_PSK_WITH_AES_256_CCM';
-  TLS1_RFC_DHE_PSK_WITH_AES_128_CCM = 'TLS_DHE_PSK_WITH_AES_128_CCM';
-  TLS1_RFC_DHE_PSK_WITH_AES_256_CCM = 'TLS_DHE_PSK_WITH_AES_256_CCM';
-  TLS1_RFC_PSK_WITH_AES_128_CCM_8 = 'TLS_PSK_WITH_AES_128_CCM_8';
-  TLS1_RFC_PSK_WITH_AES_256_CCM_8 = 'TLS_PSK_WITH_AES_256_CCM_8';
-  TLS1_RFC_DHE_PSK_WITH_AES_128_CCM_8 = 'TLS_PSK_DHE_WITH_AES_128_CCM_8';
-  TLS1_RFC_DHE_PSK_WITH_AES_256_CCM_8 = 'TLS_PSK_DHE_WITH_AES_256_CCM_8';
-  TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_CCM = 'TLS_ECDHE_ECDSA_WITH_AES_128_CCM';
-  TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_CCM = 'TLS_ECDHE_ECDSA_WITH_AES_256_CCM';
-  TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_CCM_8 = 'TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8';
-  TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_CCM_8 = 'TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8';
-  TLS1_3_RFC_AES_128_GCM_SHA256 = 'TLS_AES_128_GCM_SHA256';
-  TLS1_3_RFC_AES_256_GCM_SHA384 = 'TLS_AES_256_GCM_SHA384';
-  TLS1_3_RFC_CHACHA20_POLY1305_SHA256 = 'TLS_CHACHA20_POLY1305_SHA256';
-  TLS1_3_RFC_AES_128_CCM_SHA256 = 'TLS_AES_128_CCM_SHA256';
-  TLS1_3_RFC_AES_128_CCM_8_SHA256 = 'TLS_AES_128_CCM_8_SHA256';
-  TLS1_RFC_ECDHE_ECDSA_WITH_NULL_SHA = 'TLS_ECDHE_ECDSA_WITH_NULL_SHA';
-  TLS1_RFC_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA = 'TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA';
-  TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_CBC_SHA = 'TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA';
-  TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_CBC_SHA = 'TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA';
-  TLS1_RFC_ECDHE_RSA_WITH_NULL_SHA = 'TLS_ECDHE_RSA_WITH_NULL_SHA';
-  TLS1_RFC_ECDHE_RSA_WITH_DES_192_CBC3_SHA = 'TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA';
-  TLS1_RFC_ECDHE_RSA_WITH_AES_128_CBC_SHA = 'TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA';
-  TLS1_RFC_ECDHE_RSA_WITH_AES_256_CBC_SHA = 'TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA';
-  TLS1_RFC_ECDH_anon_WITH_NULL_SHA = 'TLS_ECDH_anon_WITH_NULL_SHA';
-  TLS1_RFC_ECDH_anon_WITH_DES_192_CBC3_SHA = 'TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA';
-  TLS1_RFC_ECDH_anon_WITH_AES_128_CBC_SHA = 'TLS_ECDH_anon_WITH_AES_128_CBC_SHA';
-  TLS1_RFC_ECDH_anon_WITH_AES_256_CBC_SHA = 'TLS_ECDH_anon_WITH_AES_256_CBC_SHA';
-  TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_SHA256 = 'TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256';
-  TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_SHA384 = 'TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384';
-  TLS1_RFC_ECDHE_RSA_WITH_AES_128_SHA256 = 'TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256';
-  TLS1_RFC_ECDHE_RSA_WITH_AES_256_SHA384 = 'TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384';
-  TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 = 'TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256';
-  TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 = 'TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384';
-  TLS1_RFC_ECDHE_RSA_WITH_AES_128_GCM_SHA256 = 'TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256';
-  TLS1_RFC_ECDHE_RSA_WITH_AES_256_GCM_SHA384 = 'TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384';
-  TLS1_RFC_PSK_WITH_NULL_SHA = 'TLS_PSK_WITH_NULL_SHA';
-  TLS1_RFC_DHE_PSK_WITH_NULL_SHA = 'TLS_DHE_PSK_WITH_NULL_SHA';
-  TLS1_RFC_RSA_PSK_WITH_NULL_SHA = 'TLS_RSA_PSK_WITH_NULL_SHA';
-  TLS1_RFC_PSK_WITH_3DES_EDE_CBC_SHA = 'TLS_PSK_WITH_3DES_EDE_CBC_SHA';
-  TLS1_RFC_PSK_WITH_AES_128_CBC_SHA = 'TLS_PSK_WITH_AES_128_CBC_SHA';
-  TLS1_RFC_PSK_WITH_AES_256_CBC_SHA = 'TLS_PSK_WITH_AES_256_CBC_SHA';
-  TLS1_RFC_DHE_PSK_WITH_3DES_EDE_CBC_SHA = 'TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA';
-  TLS1_RFC_DHE_PSK_WITH_AES_128_CBC_SHA = 'TLS_DHE_PSK_WITH_AES_128_CBC_SHA';
-  TLS1_RFC_DHE_PSK_WITH_AES_256_CBC_SHA = 'TLS_DHE_PSK_WITH_AES_256_CBC_SHA';
-  TLS1_RFC_RSA_PSK_WITH_3DES_EDE_CBC_SHA = 'TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA';
-  TLS1_RFC_RSA_PSK_WITH_AES_128_CBC_SHA = 'TLS_RSA_PSK_WITH_AES_128_CBC_SHA';
-  TLS1_RFC_RSA_PSK_WITH_AES_256_CBC_SHA = 'TLS_RSA_PSK_WITH_AES_256_CBC_SHA';
-  TLS1_RFC_PSK_WITH_AES_128_GCM_SHA256 = 'TLS_PSK_WITH_AES_128_GCM_SHA256';
-  TLS1_RFC_PSK_WITH_AES_256_GCM_SHA384 = 'TLS_PSK_WITH_AES_256_GCM_SHA384';
-  TLS1_RFC_DHE_PSK_WITH_AES_128_GCM_SHA256 = 'TLS_DHE_PSK_WITH_AES_128_GCM_SHA256';
-  TLS1_RFC_DHE_PSK_WITH_AES_256_GCM_SHA384 = 'TLS_DHE_PSK_WITH_AES_256_GCM_SHA384';
-  TLS1_RFC_RSA_PSK_WITH_AES_128_GCM_SHA256 = 'TLS_RSA_PSK_WITH_AES_128_GCM_SHA256';
-  TLS1_RFC_RSA_PSK_WITH_AES_256_GCM_SHA384 = 'TLS_RSA_PSK_WITH_AES_256_GCM_SHA384';
-  TLS1_RFC_PSK_WITH_AES_128_CBC_SHA256 = 'TLS_PSK_WITH_AES_128_CBC_SHA256';
-  TLS1_RFC_PSK_WITH_AES_256_CBC_SHA384 = 'TLS_PSK_WITH_AES_256_CBC_SHA384';
-  TLS1_RFC_PSK_WITH_NULL_SHA256 = 'TLS_PSK_WITH_NULL_SHA256';
-  TLS1_RFC_PSK_WITH_NULL_SHA384 = 'TLS_PSK_WITH_NULL_SHA384';
-  TLS1_RFC_DHE_PSK_WITH_AES_128_CBC_SHA256 = 'TLS_DHE_PSK_WITH_AES_128_CBC_SHA256';
-  TLS1_RFC_DHE_PSK_WITH_AES_256_CBC_SHA384 = 'TLS_DHE_PSK_WITH_AES_256_CBC_SHA384';
-  TLS1_RFC_DHE_PSK_WITH_NULL_SHA256 = 'TLS_DHE_PSK_WITH_NULL_SHA256';
-  TLS1_RFC_DHE_PSK_WITH_NULL_SHA384 = 'TLS_DHE_PSK_WITH_NULL_SHA384';
-  TLS1_RFC_RSA_PSK_WITH_AES_128_CBC_SHA256 = 'TLS_RSA_PSK_WITH_AES_128_CBC_SHA256';
-  TLS1_RFC_RSA_PSK_WITH_AES_256_CBC_SHA384 = 'TLS_RSA_PSK_WITH_AES_256_CBC_SHA384';
-  TLS1_RFC_RSA_PSK_WITH_NULL_SHA256 = 'TLS_RSA_PSK_WITH_NULL_SHA256';
-  TLS1_RFC_RSA_PSK_WITH_NULL_SHA384 = 'TLS_RSA_PSK_WITH_NULL_SHA384';
-  TLS1_RFC_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA = 'TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA';
-  TLS1_RFC_ECDHE_PSK_WITH_AES_128_CBC_SHA = 'TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA';
-  TLS1_RFC_ECDHE_PSK_WITH_AES_256_CBC_SHA = 'TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA';
-  TLS1_RFC_ECDHE_PSK_WITH_AES_128_CBC_SHA256 = 'TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256';
-  TLS1_RFC_ECDHE_PSK_WITH_AES_256_CBC_SHA384 = 'TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384';
-  TLS1_RFC_ECDHE_PSK_WITH_NULL_SHA = 'TLS_ECDHE_PSK_WITH_NULL_SHA';
-  TLS1_RFC_ECDHE_PSK_WITH_NULL_SHA256 = 'TLS_ECDHE_PSK_WITH_NULL_SHA256';
-  TLS1_RFC_ECDHE_PSK_WITH_NULL_SHA384 = 'TLS_ECDHE_PSK_WITH_NULL_SHA384';
-  TLS1_RFC_SRP_SHA_WITH_3DES_EDE_CBC_SHA = 'TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA';
-  TLS1_RFC_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA = 'TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA';
-  TLS1_RFC_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA = 'TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA';
-  TLS1_RFC_SRP_SHA_WITH_AES_128_CBC_SHA = 'TLS_SRP_SHA_WITH_AES_128_CBC_SHA';
-  TLS1_RFC_SRP_SHA_RSA_WITH_AES_128_CBC_SHA = 'TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA';
-  TLS1_RFC_SRP_SHA_DSS_WITH_AES_128_CBC_SHA = 'TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA';
-  TLS1_RFC_SRP_SHA_WITH_AES_256_CBC_SHA = 'TLS_SRP_SHA_WITH_AES_256_CBC_SHA';
-  TLS1_RFC_SRP_SHA_RSA_WITH_AES_256_CBC_SHA = 'TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA';
-  TLS1_RFC_SRP_SHA_DSS_WITH_AES_256_CBC_SHA = 'TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA';
-  TLS1_RFC_DHE_RSA_WITH_CHACHA20_POLY1305 = 'TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256';
-  TLS1_RFC_ECDHE_RSA_WITH_CHACHA20_POLY1305 = 'TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256';
-  TLS1_RFC_ECDHE_ECDSA_WITH_CHACHA20_POLY1305 = 'TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256';
-  TLS1_RFC_PSK_WITH_CHACHA20_POLY1305 = 'TLS_PSK_WITH_CHACHA20_POLY1305_SHA256';
-  TLS1_RFC_ECDHE_PSK_WITH_CHACHA20_POLY1305 = 'TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256';
-  TLS1_RFC_DHE_PSK_WITH_CHACHA20_POLY1305 = 'TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256';
-  TLS1_RFC_RSA_PSK_WITH_CHACHA20_POLY1305 = 'TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256';
-  TLS1_RFC_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 'TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256';
-  TLS1_RFC_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256 = 'TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256';
-  TLS1_RFC_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 'TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256';
-  TLS1_RFC_ADH_WITH_CAMELLIA_128_CBC_SHA256 = 'TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256';
-  TLS1_RFC_RSA_WITH_CAMELLIA_256_CBC_SHA256 = 'TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256';
-  TLS1_RFC_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256 = 'TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256';
-  TLS1_RFC_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 = 'TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256';
-  TLS1_RFC_ADH_WITH_CAMELLIA_256_CBC_SHA256 = 'TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256';
-  TLS1_RFC_RSA_WITH_CAMELLIA_256_CBC_SHA = 'TLS_RSA_WITH_CAMELLIA_256_CBC_SHA';
-  TLS1_RFC_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA = 'TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA';
-  TLS1_RFC_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA = 'TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA';
-  TLS1_RFC_ADH_WITH_CAMELLIA_256_CBC_SHA = 'TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA';
-  TLS1_RFC_RSA_WITH_CAMELLIA_128_CBC_SHA = 'TLS_RSA_WITH_CAMELLIA_128_CBC_SHA';
-  TLS1_RFC_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA = 'TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA';
-  TLS1_RFC_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA = 'TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA';
-  TLS1_RFC_ADH_WITH_CAMELLIA_128_CBC_SHA = 'TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA';
-  TLS1_RFC_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 = 'TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256';
-  TLS1_RFC_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 = 'TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384';
-  TLS1_RFC_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 'TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256';
-  TLS1_RFC_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 = 'TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384';
-  TLS1_RFC_PSK_WITH_CAMELLIA_128_CBC_SHA256 = 'TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256';
-  TLS1_RFC_PSK_WITH_CAMELLIA_256_CBC_SHA384 = 'TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384';
-  TLS1_RFC_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 = 'TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256';
-  TLS1_RFC_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 = 'TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384';
-  TLS1_RFC_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 = 'TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256';
-  TLS1_RFC_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 = 'TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384';
-  TLS1_RFC_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 = 'TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256';
-  TLS1_RFC_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 = 'TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384';
-  TLS1_RFC_RSA_WITH_SEED_SHA = 'TLS_RSA_WITH_SEED_CBC_SHA';
-  TLS1_RFC_DHE_DSS_WITH_SEED_SHA = 'TLS_DHE_DSS_WITH_SEED_CBC_SHA';
-  TLS1_RFC_DHE_RSA_WITH_SEED_SHA = 'TLS_DHE_RSA_WITH_SEED_CBC_SHA';
-  TLS1_RFC_ADH_WITH_SEED_SHA = 'TLS_DH_anon_WITH_SEED_CBC_SHA';
-  TLS1_RFC_ECDHE_PSK_WITH_RC4_128_SHA = 'TLS_ECDHE_PSK_WITH_RC4_128_SHA';
-  TLS1_RFC_ECDH_anon_WITH_RC4_128_SHA = 'TLS_ECDH_anon_WITH_RC4_128_SHA';
-  TLS1_RFC_ECDHE_ECDSA_WITH_RC4_128_SHA = 'TLS_ECDHE_ECDSA_WITH_RC4_128_SHA';
-  TLS1_RFC_ECDHE_RSA_WITH_RC4_128_SHA = 'TLS_ECDHE_RSA_WITH_RC4_128_SHA';
-  TLS1_RFC_PSK_WITH_RC4_128_SHA = 'TLS_PSK_WITH_RC4_128_SHA';
-  TLS1_RFC_RSA_PSK_WITH_RC4_128_SHA = 'TLS_RSA_PSK_WITH_RC4_128_SHA';
-  TLS1_RFC_DHE_PSK_WITH_RC4_128_SHA = 'TLS_DHE_PSK_WITH_RC4_128_SHA';
-  TLS1_RFC_RSA_WITH_ARIA_128_GCM_SHA256 = 'TLS_RSA_WITH_ARIA_128_GCM_SHA256';
-  TLS1_RFC_RSA_WITH_ARIA_256_GCM_SHA384 = 'TLS_RSA_WITH_ARIA_256_GCM_SHA384';
-  TLS1_RFC_DHE_RSA_WITH_ARIA_128_GCM_SHA256 = 'TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256';
-  TLS1_RFC_DHE_RSA_WITH_ARIA_256_GCM_SHA384 = 'TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384';
-  TLS1_RFC_DH_RSA_WITH_ARIA_128_GCM_SHA256 = 'TLS_DH_RSA_WITH_ARIA_128_GCM_SHA256';
-  TLS1_RFC_DH_RSA_WITH_ARIA_256_GCM_SHA384 = 'TLS_DH_RSA_WITH_ARIA_256_GCM_SHA384';
-  TLS1_RFC_DHE_DSS_WITH_ARIA_128_GCM_SHA256 = 'TLS_DHE_DSS_WITH_ARIA_128_GCM_SHA256';
-  TLS1_RFC_DHE_DSS_WITH_ARIA_256_GCM_SHA384 = 'TLS_DHE_DSS_WITH_ARIA_256_GCM_SHA384';
-  TLS1_RFC_DH_DSS_WITH_ARIA_128_GCM_SHA256 = 'TLS_DH_DSS_WITH_ARIA_128_GCM_SHA256';
-  TLS1_RFC_DH_DSS_WITH_ARIA_256_GCM_SHA384 = 'TLS_DH_DSS_WITH_ARIA_256_GCM_SHA384';
-  TLS1_RFC_DH_anon_WITH_ARIA_128_GCM_SHA256 = 'TLS_DH_anon_WITH_ARIA_128_GCM_SHA256';
-  TLS1_RFC_DH_anon_WITH_ARIA_256_GCM_SHA384 = 'TLS_DH_anon_WITH_ARIA_256_GCM_SHA384';
-  TLS1_RFC_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256 = 'TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256';
-  TLS1_RFC_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384 = 'TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384';
-  TLS1_RFC_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256 = 'TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256';
-  TLS1_RFC_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384 = 'TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384';
-  TLS1_RFC_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 = 'TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256';
-  TLS1_RFC_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 = 'TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384';
-  TLS1_RFC_ECDH_RSA_WITH_ARIA_128_GCM_SHA256 = 'TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256';
-  TLS1_RFC_ECDH_RSA_WITH_ARIA_256_GCM_SHA384 = 'TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384';
-  TLS1_RFC_PSK_WITH_ARIA_128_GCM_SHA256 = 'TLS_PSK_WITH_ARIA_128_GCM_SHA256';
-  TLS1_RFC_PSK_WITH_ARIA_256_GCM_SHA384 = 'TLS_PSK_WITH_ARIA_256_GCM_SHA384';
-  TLS1_RFC_DHE_PSK_WITH_ARIA_128_GCM_SHA256 = 'TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256';
-  TLS1_RFC_DHE_PSK_WITH_ARIA_256_GCM_SHA384 = 'TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384';
-  TLS1_RFC_RSA_PSK_WITH_ARIA_128_GCM_SHA256 = 'TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256';
-  TLS1_RFC_RSA_PSK_WITH_ARIA_256_GCM_SHA384 = 'TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384';
+  TLS1_RFC_RSA_WITH_AES_128_SHA = AnsiString('TLS_RSA_WITH_AES_128_CBC_SHA');
+  TLS1_RFC_DHE_DSS_WITH_AES_128_SHA = AnsiString('TLS_DHE_DSS_WITH_AES_128_CBC_SHA');
+  TLS1_RFC_DHE_RSA_WITH_AES_128_SHA = AnsiString('TLS_DHE_RSA_WITH_AES_128_CBC_SHA');
+  TLS1_RFC_ADH_WITH_AES_128_SHA = AnsiString('TLS_DH_anon_WITH_AES_128_CBC_SHA');
+  TLS1_RFC_RSA_WITH_AES_256_SHA = AnsiString('TLS_RSA_WITH_AES_256_CBC_SHA');
+  TLS1_RFC_DHE_DSS_WITH_AES_256_SHA = AnsiString('TLS_DHE_DSS_WITH_AES_256_CBC_SHA');
+  TLS1_RFC_DHE_RSA_WITH_AES_256_SHA = AnsiString('TLS_DHE_RSA_WITH_AES_256_CBC_SHA');
+  TLS1_RFC_ADH_WITH_AES_256_SHA = AnsiString('TLS_DH_anon_WITH_AES_256_CBC_SHA');
+  TLS1_RFC_RSA_WITH_NULL_SHA256 = AnsiString('TLS_RSA_WITH_NULL_SHA256');
+  TLS1_RFC_RSA_WITH_AES_128_SHA256 = AnsiString('TLS_RSA_WITH_AES_128_CBC_SHA256');
+  TLS1_RFC_RSA_WITH_AES_256_SHA256 = AnsiString('TLS_RSA_WITH_AES_256_CBC_SHA256');
+  TLS1_RFC_DHE_DSS_WITH_AES_128_SHA256 = AnsiString('TLS_DHE_DSS_WITH_AES_128_CBC_SHA256');
+  TLS1_RFC_DHE_RSA_WITH_AES_128_SHA256 = AnsiString('TLS_DHE_RSA_WITH_AES_128_CBC_SHA256');
+  TLS1_RFC_DHE_DSS_WITH_AES_256_SHA256 = AnsiString('TLS_DHE_DSS_WITH_AES_256_CBC_SHA256');
+  TLS1_RFC_DHE_RSA_WITH_AES_256_SHA256 = AnsiString('TLS_DHE_RSA_WITH_AES_256_CBC_SHA256');
+  TLS1_RFC_ADH_WITH_AES_128_SHA256 = AnsiString('TLS_DH_anon_WITH_AES_128_CBC_SHA256');
+  TLS1_RFC_ADH_WITH_AES_256_SHA256 = AnsiString('TLS_DH_anon_WITH_AES_256_CBC_SHA256');
+  TLS1_RFC_RSA_WITH_AES_128_GCM_SHA256 = AnsiString('TLS_RSA_WITH_AES_128_GCM_SHA256');
+  TLS1_RFC_RSA_WITH_AES_256_GCM_SHA384 = AnsiString('TLS_RSA_WITH_AES_256_GCM_SHA384');
+  TLS1_RFC_DHE_RSA_WITH_AES_128_GCM_SHA256 = AnsiString('TLS_DHE_RSA_WITH_AES_128_GCM_SHA256');
+  TLS1_RFC_DHE_RSA_WITH_AES_256_GCM_SHA384 = AnsiString('TLS_DHE_RSA_WITH_AES_256_GCM_SHA384');
+  TLS1_RFC_DHE_DSS_WITH_AES_128_GCM_SHA256 = AnsiString('TLS_DHE_DSS_WITH_AES_128_GCM_SHA256');
+  TLS1_RFC_DHE_DSS_WITH_AES_256_GCM_SHA384 = AnsiString('TLS_DHE_DSS_WITH_AES_256_GCM_SHA384');
+  TLS1_RFC_ADH_WITH_AES_128_GCM_SHA256 = AnsiString('TLS_DH_anon_WITH_AES_128_GCM_SHA256');
+  TLS1_RFC_ADH_WITH_AES_256_GCM_SHA384 = AnsiString('TLS_DH_anon_WITH_AES_256_GCM_SHA384');
+  TLS1_RFC_RSA_WITH_AES_128_CCM = AnsiString('TLS_RSA_WITH_AES_128_CCM');
+  TLS1_RFC_RSA_WITH_AES_256_CCM = AnsiString('TLS_RSA_WITH_AES_256_CCM');
+  TLS1_RFC_DHE_RSA_WITH_AES_128_CCM = AnsiString('TLS_DHE_RSA_WITH_AES_128_CCM');
+  TLS1_RFC_DHE_RSA_WITH_AES_256_CCM = AnsiString('TLS_DHE_RSA_WITH_AES_256_CCM');
+  TLS1_RFC_RSA_WITH_AES_128_CCM_8 = AnsiString('TLS_RSA_WITH_AES_128_CCM_8');
+  TLS1_RFC_RSA_WITH_AES_256_CCM_8 = AnsiString('TLS_RSA_WITH_AES_256_CCM_8');
+  TLS1_RFC_DHE_RSA_WITH_AES_128_CCM_8 = AnsiString('TLS_DHE_RSA_WITH_AES_128_CCM_8');
+  TLS1_RFC_DHE_RSA_WITH_AES_256_CCM_8 = AnsiString('TLS_DHE_RSA_WITH_AES_256_CCM_8');
+  TLS1_RFC_PSK_WITH_AES_128_CCM = AnsiString('TLS_PSK_WITH_AES_128_CCM');
+  TLS1_RFC_PSK_WITH_AES_256_CCM = AnsiString('TLS_PSK_WITH_AES_256_CCM');
+  TLS1_RFC_DHE_PSK_WITH_AES_128_CCM = AnsiString('TLS_DHE_PSK_WITH_AES_128_CCM');
+  TLS1_RFC_DHE_PSK_WITH_AES_256_CCM = AnsiString('TLS_DHE_PSK_WITH_AES_256_CCM');
+  TLS1_RFC_PSK_WITH_AES_128_CCM_8 = AnsiString('TLS_PSK_WITH_AES_128_CCM_8');
+  TLS1_RFC_PSK_WITH_AES_256_CCM_8 = AnsiString('TLS_PSK_WITH_AES_256_CCM_8');
+  TLS1_RFC_DHE_PSK_WITH_AES_128_CCM_8 = AnsiString('TLS_PSK_DHE_WITH_AES_128_CCM_8');
+  TLS1_RFC_DHE_PSK_WITH_AES_256_CCM_8 = AnsiString('TLS_PSK_DHE_WITH_AES_256_CCM_8');
+  TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_CCM = AnsiString('TLS_ECDHE_ECDSA_WITH_AES_128_CCM');
+  TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_CCM = AnsiString('TLS_ECDHE_ECDSA_WITH_AES_256_CCM');
+  TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_CCM_8 = AnsiString('TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8');
+  TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_CCM_8 = AnsiString('TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8');
+  TLS1_3_RFC_AES_128_GCM_SHA256 = AnsiString('TLS_AES_128_GCM_SHA256');
+  TLS1_3_RFC_AES_256_GCM_SHA384 = AnsiString('TLS_AES_256_GCM_SHA384');
+  TLS1_3_RFC_CHACHA20_POLY1305_SHA256 = AnsiString('TLS_CHACHA20_POLY1305_SHA256');
+  TLS1_3_RFC_AES_128_CCM_SHA256 = AnsiString('TLS_AES_128_CCM_SHA256');
+  TLS1_3_RFC_AES_128_CCM_8_SHA256 = AnsiString('TLS_AES_128_CCM_8_SHA256');
+  TLS1_RFC_ECDHE_ECDSA_WITH_NULL_SHA = AnsiString('TLS_ECDHE_ECDSA_WITH_NULL_SHA');
+  TLS1_RFC_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA = AnsiString('TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA');
+  TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_CBC_SHA = AnsiString('TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA');
+  TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_CBC_SHA = AnsiString('TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA');
+  TLS1_RFC_ECDHE_RSA_WITH_NULL_SHA = AnsiString('TLS_ECDHE_RSA_WITH_NULL_SHA');
+  TLS1_RFC_ECDHE_RSA_WITH_DES_192_CBC3_SHA = AnsiString('TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA');
+  TLS1_RFC_ECDHE_RSA_WITH_AES_128_CBC_SHA = AnsiString('TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA');
+  TLS1_RFC_ECDHE_RSA_WITH_AES_256_CBC_SHA = AnsiString('TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA');
+  TLS1_RFC_ECDH_anon_WITH_NULL_SHA = AnsiString('TLS_ECDH_anon_WITH_NULL_SHA');
+  TLS1_RFC_ECDH_anon_WITH_DES_192_CBC3_SHA = AnsiString('TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA');
+  TLS1_RFC_ECDH_anon_WITH_AES_128_CBC_SHA = AnsiString('TLS_ECDH_anon_WITH_AES_128_CBC_SHA');
+  TLS1_RFC_ECDH_anon_WITH_AES_256_CBC_SHA = AnsiString('TLS_ECDH_anon_WITH_AES_256_CBC_SHA');
+  TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_SHA256 = AnsiString('TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256');
+  TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_SHA384 = AnsiString('TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384');
+  TLS1_RFC_ECDHE_RSA_WITH_AES_128_SHA256 = AnsiString('TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256');
+  TLS1_RFC_ECDHE_RSA_WITH_AES_256_SHA384 = AnsiString('TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384');
+  TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 = AnsiString('TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256');
+  TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 = AnsiString('TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384');
+  TLS1_RFC_ECDHE_RSA_WITH_AES_128_GCM_SHA256 = AnsiString('TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256');
+  TLS1_RFC_ECDHE_RSA_WITH_AES_256_GCM_SHA384 = AnsiString('TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384');
+  TLS1_RFC_PSK_WITH_NULL_SHA = AnsiString('TLS_PSK_WITH_NULL_SHA');
+  TLS1_RFC_DHE_PSK_WITH_NULL_SHA = AnsiString('TLS_DHE_PSK_WITH_NULL_SHA');
+  TLS1_RFC_RSA_PSK_WITH_NULL_SHA = AnsiString('TLS_RSA_PSK_WITH_NULL_SHA');
+  TLS1_RFC_PSK_WITH_3DES_EDE_CBC_SHA = AnsiString('TLS_PSK_WITH_3DES_EDE_CBC_SHA');
+  TLS1_RFC_PSK_WITH_AES_128_CBC_SHA = AnsiString('TLS_PSK_WITH_AES_128_CBC_SHA');
+  TLS1_RFC_PSK_WITH_AES_256_CBC_SHA = AnsiString('TLS_PSK_WITH_AES_256_CBC_SHA');
+  TLS1_RFC_DHE_PSK_WITH_3DES_EDE_CBC_SHA = AnsiString('TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA');
+  TLS1_RFC_DHE_PSK_WITH_AES_128_CBC_SHA = AnsiString('TLS_DHE_PSK_WITH_AES_128_CBC_SHA');
+  TLS1_RFC_DHE_PSK_WITH_AES_256_CBC_SHA = AnsiString('TLS_DHE_PSK_WITH_AES_256_CBC_SHA');
+  TLS1_RFC_RSA_PSK_WITH_3DES_EDE_CBC_SHA = AnsiString('TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA');
+  TLS1_RFC_RSA_PSK_WITH_AES_128_CBC_SHA = AnsiString('TLS_RSA_PSK_WITH_AES_128_CBC_SHA');
+  TLS1_RFC_RSA_PSK_WITH_AES_256_CBC_SHA = AnsiString('TLS_RSA_PSK_WITH_AES_256_CBC_SHA');
+  TLS1_RFC_PSK_WITH_AES_128_GCM_SHA256 = AnsiString('TLS_PSK_WITH_AES_128_GCM_SHA256');
+  TLS1_RFC_PSK_WITH_AES_256_GCM_SHA384 = AnsiString('TLS_PSK_WITH_AES_256_GCM_SHA384');
+  TLS1_RFC_DHE_PSK_WITH_AES_128_GCM_SHA256 = AnsiString('TLS_DHE_PSK_WITH_AES_128_GCM_SHA256');
+  TLS1_RFC_DHE_PSK_WITH_AES_256_GCM_SHA384 = AnsiString('TLS_DHE_PSK_WITH_AES_256_GCM_SHA384');
+  TLS1_RFC_RSA_PSK_WITH_AES_128_GCM_SHA256 = AnsiString('TLS_RSA_PSK_WITH_AES_128_GCM_SHA256');
+  TLS1_RFC_RSA_PSK_WITH_AES_256_GCM_SHA384 = AnsiString('TLS_RSA_PSK_WITH_AES_256_GCM_SHA384');
+  TLS1_RFC_PSK_WITH_AES_128_CBC_SHA256 = AnsiString('TLS_PSK_WITH_AES_128_CBC_SHA256');
+  TLS1_RFC_PSK_WITH_AES_256_CBC_SHA384 = AnsiString('TLS_PSK_WITH_AES_256_CBC_SHA384');
+  TLS1_RFC_PSK_WITH_NULL_SHA256 = AnsiString('TLS_PSK_WITH_NULL_SHA256');
+  TLS1_RFC_PSK_WITH_NULL_SHA384 = AnsiString('TLS_PSK_WITH_NULL_SHA384');
+  TLS1_RFC_DHE_PSK_WITH_AES_128_CBC_SHA256 = AnsiString('TLS_DHE_PSK_WITH_AES_128_CBC_SHA256');
+  TLS1_RFC_DHE_PSK_WITH_AES_256_CBC_SHA384 = AnsiString('TLS_DHE_PSK_WITH_AES_256_CBC_SHA384');
+  TLS1_RFC_DHE_PSK_WITH_NULL_SHA256 = AnsiString('TLS_DHE_PSK_WITH_NULL_SHA256');
+  TLS1_RFC_DHE_PSK_WITH_NULL_SHA384 = AnsiString('TLS_DHE_PSK_WITH_NULL_SHA384');
+  TLS1_RFC_RSA_PSK_WITH_AES_128_CBC_SHA256 = AnsiString('TLS_RSA_PSK_WITH_AES_128_CBC_SHA256');
+  TLS1_RFC_RSA_PSK_WITH_AES_256_CBC_SHA384 = AnsiString('TLS_RSA_PSK_WITH_AES_256_CBC_SHA384');
+  TLS1_RFC_RSA_PSK_WITH_NULL_SHA256 = AnsiString('TLS_RSA_PSK_WITH_NULL_SHA256');
+  TLS1_RFC_RSA_PSK_WITH_NULL_SHA384 = AnsiString('TLS_RSA_PSK_WITH_NULL_SHA384');
+  TLS1_RFC_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA = AnsiString('TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA');
+  TLS1_RFC_ECDHE_PSK_WITH_AES_128_CBC_SHA = AnsiString('TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA');
+  TLS1_RFC_ECDHE_PSK_WITH_AES_256_CBC_SHA = AnsiString('TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA');
+  TLS1_RFC_ECDHE_PSK_WITH_AES_128_CBC_SHA256 = AnsiString('TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256');
+  TLS1_RFC_ECDHE_PSK_WITH_AES_256_CBC_SHA384 = AnsiString('TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384');
+  TLS1_RFC_ECDHE_PSK_WITH_NULL_SHA = AnsiString('TLS_ECDHE_PSK_WITH_NULL_SHA');
+  TLS1_RFC_ECDHE_PSK_WITH_NULL_SHA256 = AnsiString('TLS_ECDHE_PSK_WITH_NULL_SHA256');
+  TLS1_RFC_ECDHE_PSK_WITH_NULL_SHA384 = AnsiString('TLS_ECDHE_PSK_WITH_NULL_SHA384');
+  TLS1_RFC_SRP_SHA_WITH_3DES_EDE_CBC_SHA = AnsiString('TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA');
+  TLS1_RFC_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA = AnsiString('TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA');
+  TLS1_RFC_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA = AnsiString('TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA');
+  TLS1_RFC_SRP_SHA_WITH_AES_128_CBC_SHA = AnsiString('TLS_SRP_SHA_WITH_AES_128_CBC_SHA');
+  TLS1_RFC_SRP_SHA_RSA_WITH_AES_128_CBC_SHA = AnsiString('TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA');
+  TLS1_RFC_SRP_SHA_DSS_WITH_AES_128_CBC_SHA = AnsiString('TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA');
+  TLS1_RFC_SRP_SHA_WITH_AES_256_CBC_SHA = AnsiString('TLS_SRP_SHA_WITH_AES_256_CBC_SHA');
+  TLS1_RFC_SRP_SHA_RSA_WITH_AES_256_CBC_SHA = AnsiString('TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA');
+  TLS1_RFC_SRP_SHA_DSS_WITH_AES_256_CBC_SHA = AnsiString('TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA');
+  TLS1_RFC_DHE_RSA_WITH_CHACHA20_POLY1305 = AnsiString('TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256');
+  TLS1_RFC_ECDHE_RSA_WITH_CHACHA20_POLY1305 = AnsiString('TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256');
+  TLS1_RFC_ECDHE_ECDSA_WITH_CHACHA20_POLY1305 = AnsiString('TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256');
+  TLS1_RFC_PSK_WITH_CHACHA20_POLY1305 = AnsiString('TLS_PSK_WITH_CHACHA20_POLY1305_SHA256');
+  TLS1_RFC_ECDHE_PSK_WITH_CHACHA20_POLY1305 = AnsiString('TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256');
+  TLS1_RFC_DHE_PSK_WITH_CHACHA20_POLY1305 = AnsiString('TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256');
+  TLS1_RFC_RSA_PSK_WITH_CHACHA20_POLY1305 = AnsiString('TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256');
+  TLS1_RFC_RSA_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256');
+  TLS1_RFC_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256');
+  TLS1_RFC_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256');
+  TLS1_RFC_ADH_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256');
+  TLS1_RFC_RSA_WITH_CAMELLIA_256_CBC_SHA256 = AnsiString('TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256');
+  TLS1_RFC_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256 = AnsiString('TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256');
+  TLS1_RFC_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 = AnsiString('TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256');
+  TLS1_RFC_ADH_WITH_CAMELLIA_256_CBC_SHA256 = AnsiString('TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256');
+  TLS1_RFC_RSA_WITH_CAMELLIA_256_CBC_SHA = AnsiString('TLS_RSA_WITH_CAMELLIA_256_CBC_SHA');
+  TLS1_RFC_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA = AnsiString('TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA');
+  TLS1_RFC_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA = AnsiString('TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA');
+  TLS1_RFC_ADH_WITH_CAMELLIA_256_CBC_SHA = AnsiString('TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA');
+  TLS1_RFC_RSA_WITH_CAMELLIA_128_CBC_SHA = AnsiString('TLS_RSA_WITH_CAMELLIA_128_CBC_SHA');
+  TLS1_RFC_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA = AnsiString('TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA');
+  TLS1_RFC_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA = AnsiString('TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA');
+  TLS1_RFC_ADH_WITH_CAMELLIA_128_CBC_SHA = AnsiString('TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA');
+  TLS1_RFC_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256');
+  TLS1_RFC_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 = AnsiString('TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384');
+  TLS1_RFC_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256');
+  TLS1_RFC_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 = AnsiString('TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384');
+  TLS1_RFC_PSK_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256');
+  TLS1_RFC_PSK_WITH_CAMELLIA_256_CBC_SHA384 = AnsiString('TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384');
+  TLS1_RFC_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256');
+  TLS1_RFC_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 = AnsiString('TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384');
+  TLS1_RFC_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256');
+  TLS1_RFC_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 = AnsiString('TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384');
+  TLS1_RFC_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256');
+  TLS1_RFC_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 = AnsiString('TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384');
+  TLS1_RFC_RSA_WITH_SEED_SHA = AnsiString('TLS_RSA_WITH_SEED_CBC_SHA');
+  TLS1_RFC_DHE_DSS_WITH_SEED_SHA = AnsiString('TLS_DHE_DSS_WITH_SEED_CBC_SHA');
+  TLS1_RFC_DHE_RSA_WITH_SEED_SHA = AnsiString('TLS_DHE_RSA_WITH_SEED_CBC_SHA');
+  TLS1_RFC_ADH_WITH_SEED_SHA = AnsiString('TLS_DH_anon_WITH_SEED_CBC_SHA');
+  TLS1_RFC_ECDHE_PSK_WITH_RC4_128_SHA = AnsiString('TLS_ECDHE_PSK_WITH_RC4_128_SHA');
+  TLS1_RFC_ECDH_anon_WITH_RC4_128_SHA = AnsiString('TLS_ECDH_anon_WITH_RC4_128_SHA');
+  TLS1_RFC_ECDHE_ECDSA_WITH_RC4_128_SHA = AnsiString('TLS_ECDHE_ECDSA_WITH_RC4_128_SHA');
+  TLS1_RFC_ECDHE_RSA_WITH_RC4_128_SHA = AnsiString('TLS_ECDHE_RSA_WITH_RC4_128_SHA');
+  TLS1_RFC_PSK_WITH_RC4_128_SHA = AnsiString('TLS_PSK_WITH_RC4_128_SHA');
+  TLS1_RFC_RSA_PSK_WITH_RC4_128_SHA = AnsiString('TLS_RSA_PSK_WITH_RC4_128_SHA');
+  TLS1_RFC_DHE_PSK_WITH_RC4_128_SHA = AnsiString('TLS_DHE_PSK_WITH_RC4_128_SHA');
+  TLS1_RFC_RSA_WITH_ARIA_128_GCM_SHA256 = AnsiString('TLS_RSA_WITH_ARIA_128_GCM_SHA256');
+  TLS1_RFC_RSA_WITH_ARIA_256_GCM_SHA384 = AnsiString('TLS_RSA_WITH_ARIA_256_GCM_SHA384');
+  TLS1_RFC_DHE_RSA_WITH_ARIA_128_GCM_SHA256 = AnsiString('TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256');
+  TLS1_RFC_DHE_RSA_WITH_ARIA_256_GCM_SHA384 = AnsiString('TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384');
+  TLS1_RFC_DH_RSA_WITH_ARIA_128_GCM_SHA256 = AnsiString('TLS_DH_RSA_WITH_ARIA_128_GCM_SHA256');
+  TLS1_RFC_DH_RSA_WITH_ARIA_256_GCM_SHA384 = AnsiString('TLS_DH_RSA_WITH_ARIA_256_GCM_SHA384');
+  TLS1_RFC_DHE_DSS_WITH_ARIA_128_GCM_SHA256 = AnsiString('TLS_DHE_DSS_WITH_ARIA_128_GCM_SHA256');
+  TLS1_RFC_DHE_DSS_WITH_ARIA_256_GCM_SHA384 = AnsiString('TLS_DHE_DSS_WITH_ARIA_256_GCM_SHA384');
+  TLS1_RFC_DH_DSS_WITH_ARIA_128_GCM_SHA256 = AnsiString('TLS_DH_DSS_WITH_ARIA_128_GCM_SHA256');
+  TLS1_RFC_DH_DSS_WITH_ARIA_256_GCM_SHA384 = AnsiString('TLS_DH_DSS_WITH_ARIA_256_GCM_SHA384');
+  TLS1_RFC_DH_anon_WITH_ARIA_128_GCM_SHA256 = AnsiString('TLS_DH_anon_WITH_ARIA_128_GCM_SHA256');
+  TLS1_RFC_DH_anon_WITH_ARIA_256_GCM_SHA384 = AnsiString('TLS_DH_anon_WITH_ARIA_256_GCM_SHA384');
+  TLS1_RFC_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256 = AnsiString('TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256');
+  TLS1_RFC_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384 = AnsiString('TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384');
+  TLS1_RFC_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256 = AnsiString('TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256');
+  TLS1_RFC_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384 = AnsiString('TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384');
+  TLS1_RFC_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 = AnsiString('TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256');
+  TLS1_RFC_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 = AnsiString('TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384');
+  TLS1_RFC_ECDH_RSA_WITH_ARIA_128_GCM_SHA256 = AnsiString('TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256');
+  TLS1_RFC_ECDH_RSA_WITH_ARIA_256_GCM_SHA384 = AnsiString('TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384');
+  TLS1_RFC_PSK_WITH_ARIA_128_GCM_SHA256 = AnsiString('TLS_PSK_WITH_ARIA_128_GCM_SHA256');
+  TLS1_RFC_PSK_WITH_ARIA_256_GCM_SHA384 = AnsiString('TLS_PSK_WITH_ARIA_256_GCM_SHA384');
+  TLS1_RFC_DHE_PSK_WITH_ARIA_128_GCM_SHA256 = AnsiString('TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256');
+  TLS1_RFC_DHE_PSK_WITH_ARIA_256_GCM_SHA384 = AnsiString('TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384');
+  TLS1_RFC_RSA_PSK_WITH_ARIA_128_GCM_SHA256 = AnsiString('TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256');
+  TLS1_RFC_RSA_PSK_WITH_ARIA_256_GCM_SHA384 = AnsiString('TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384');
 
   (*
    * XXX Backward compatibility alert: Older versions of OpenSSL gave some DHE
@@ -721,293 +721,293 @@ interface
    * using DHE everywhere, though we may indefinitely maTIdC_INTain aliases for
    * users or configurations that used "EDH"
    *)
-  TLS1_TXT_DHE_DSS_WITH_RC4_128_SHA = 'DHE-DSS-RC4-SHA';
+  TLS1_TXT_DHE_DSS_WITH_RC4_128_SHA = AnsiString('DHE-DSS-RC4-SHA');
 
-  TLS1_TXT_PSK_WITH_NULL_SHA = 'PSK-NULL-SHA';
-  TLS1_TXT_DHE_PSK_WITH_NULL_SHA = 'DHE-PSK-NULL-SHA';
-  TLS1_TXT_RSA_PSK_WITH_NULL_SHA = 'RSA-PSK-NULL-SHA';
+  TLS1_TXT_PSK_WITH_NULL_SHA = AnsiString('PSK-NULL-SHA');
+  TLS1_TXT_DHE_PSK_WITH_NULL_SHA = AnsiString('DHE-PSK-NULL-SHA');
+  TLS1_TXT_RSA_PSK_WITH_NULL_SHA = AnsiString('RSA-PSK-NULL-SHA');
 
   (* AES ciphersuites from RFC3268 *)
-  TLS1_TXT_RSA_WITH_AES_128_SHA = 'AES128-SHA';
-  TLS1_TXT_DH_DSS_WITH_AES_128_SHA = 'DH-DSS-AES128-SHA';
-  TLS1_TXT_DH_RSA_WITH_AES_128_SHA = 'DH-RSA-AES128-SHA';
-  TLS1_TXT_DHE_DSS_WITH_AES_128_SHA = 'DHE-DSS-AES128-SHA';
-  TLS1_TXT_DHE_RSA_WITH_AES_128_SHA = 'DHE-RSA-AES128-SHA';
-  TLS1_TXT_ADH_WITH_AES_128_SHA = 'ADH-AES128-SHA';
-
-  TLS1_TXT_RSA_WITH_AES_256_SHA = 'AES256-SHA';
-  TLS1_TXT_DH_DSS_WITH_AES_256_SHA = 'DH-DSS-AES256-SHA';
-  TLS1_TXT_DH_RSA_WITH_AES_256_SHA = 'DH-RSA-AES256-SHA';
-  TLS1_TXT_DHE_DSS_WITH_AES_256_SHA = 'DHE-DSS-AES256-SHA';
-  TLS1_TXT_DHE_RSA_WITH_AES_256_SHA = 'DHE-RSA-AES256-SHA';
-  TLS1_TXT_ADH_WITH_AES_256_SHA = 'ADH-AES256-SHA';
+  TLS1_TXT_RSA_WITH_AES_128_SHA = AnsiString('AES128-SHA');
+  TLS1_TXT_DH_DSS_WITH_AES_128_SHA = AnsiString('DH-DSS-AES128-SHA');
+  TLS1_TXT_DH_RSA_WITH_AES_128_SHA = AnsiString('DH-RSA-AES128-SHA');
+  TLS1_TXT_DHE_DSS_WITH_AES_128_SHA = AnsiString('DHE-DSS-AES128-SHA');
+  TLS1_TXT_DHE_RSA_WITH_AES_128_SHA = AnsiString('DHE-RSA-AES128-SHA');
+  TLS1_TXT_ADH_WITH_AES_128_SHA = AnsiString('ADH-AES128-SHA');
+
+  TLS1_TXT_RSA_WITH_AES_256_SHA = AnsiString('AES256-SHA');
+  TLS1_TXT_DH_DSS_WITH_AES_256_SHA = AnsiString('DH-DSS-AES256-SHA');
+  TLS1_TXT_DH_RSA_WITH_AES_256_SHA = AnsiString('DH-RSA-AES256-SHA');
+  TLS1_TXT_DHE_DSS_WITH_AES_256_SHA = AnsiString('DHE-DSS-AES256-SHA');
+  TLS1_TXT_DHE_RSA_WITH_AES_256_SHA = AnsiString('DHE-RSA-AES256-SHA');
+  TLS1_TXT_ADH_WITH_AES_256_SHA = AnsiString('ADH-AES256-SHA');
 
   (* ECC ciphersuites from RFC4492 *)
-  TLS1_TXT_ECDH_ECDSA_WITH_NULL_SHA = 'ECDH-ECDSA-NULL-SHA';
-  TLS1_TXT_ECDH_ECDSA_WITH_RC4_128_SHA = 'ECDH-ECDSA-RC4-SHA';
-  TLS1_TXT_ECDH_ECDSA_WITH_DES_192_CBC3_SHA = 'ECDH-ECDSA-DES-CBC3-SHA';
-  TLS1_TXT_ECDH_ECDSA_WITH_AES_128_CBC_SHA = 'ECDH-ECDSA-AES128-SHA';
-  TLS1_TXT_ECDH_ECDSA_WITH_AES_256_CBC_SHA = 'ECDH-ECDSA-AES256-SHA';
-
-  TLS1_TXT_ECDHE_ECDSA_WITH_NULL_SHA = 'ECDHE-ECDSA-NULL-SHA';
-  TLS1_TXT_ECDHE_ECDSA_WITH_RC4_128_SHA = 'ECDHE-ECDSA-RC4-SHA';
-  TLS1_TXT_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA = 'ECDHE-ECDSA-DES-CBC3-SHA';
-  TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CBC_SHA = 'ECDHE-ECDSA-AES128-SHA';
-  TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CBC_SHA = 'ECDHE-ECDSA-AES256-SHA';
-
-  TLS1_TXT_ECDH_RSA_WITH_NULL_SHA = 'ECDH-RSA-NULL-SHA';
-  TLS1_TXT_ECDH_RSA_WITH_RC4_128_SHA = 'ECDH-RSA-RC4-SHA';
-  TLS1_TXT_ECDH_RSA_WITH_DES_192_CBC3_SHA = 'ECDH-RSA-DES-CBC3-SHA';
-  TLS1_TXT_ECDH_RSA_WITH_AES_128_CBC_SHA = 'ECDH-RSA-AES128-SHA';
-  TLS1_TXT_ECDH_RSA_WITH_AES_256_CBC_SHA = 'ECDH-RSA-AES256-SHA';
-
-  TLS1_TXT_ECDHE_RSA_WITH_NULL_SHA = 'ECDHE-RSA-NULL-SHA';
-  TLS1_TXT_ECDHE_RSA_WITH_RC4_128_SHA = 'ECDHE-RSA-RC4-SHA';
-  TLS1_TXT_ECDHE_RSA_WITH_DES_192_CBC3_SHA = 'ECDHE-RSA-DES-CBC3-SHA';
-  TLS1_TXT_ECDHE_RSA_WITH_AES_128_CBC_SHA = 'ECDHE-RSA-AES128-SHA';
-  TLS1_TXT_ECDHE_RSA_WITH_AES_256_CBC_SHA = 'ECDHE-RSA-AES256-SHA';
-
-  TLS1_TXT_ECDH_anon_WITH_NULL_SHA = 'AECDH-NULL-SHA';
-  TLS1_TXT_ECDH_anon_WITH_RC4_128_SHA = 'AECDH-RC4-SHA';
-  TLS1_TXT_ECDH_anon_WITH_DES_192_CBC3_SHA = 'AECDH-DES-CBC3-SHA';
-  TLS1_TXT_ECDH_anon_WITH_AES_128_CBC_SHA = 'AECDH-AES128-SHA';
-  TLS1_TXT_ECDH_anon_WITH_AES_256_CBC_SHA = 'AECDH-AES256-SHA';
+  TLS1_TXT_ECDH_ECDSA_WITH_NULL_SHA = AnsiString('ECDH-ECDSA-NULL-SHA');
+  TLS1_TXT_ECDH_ECDSA_WITH_RC4_128_SHA = AnsiString('ECDH-ECDSA-RC4-SHA');
+  TLS1_TXT_ECDH_ECDSA_WITH_DES_192_CBC3_SHA = AnsiString('ECDH-ECDSA-DES-CBC3-SHA');
+  TLS1_TXT_ECDH_ECDSA_WITH_AES_128_CBC_SHA = AnsiString('ECDH-ECDSA-AES128-SHA');
+  TLS1_TXT_ECDH_ECDSA_WITH_AES_256_CBC_SHA = AnsiString('ECDH-ECDSA-AES256-SHA');
+
+  TLS1_TXT_ECDHE_ECDSA_WITH_NULL_SHA = AnsiString('ECDHE-ECDSA-NULL-SHA');
+  TLS1_TXT_ECDHE_ECDSA_WITH_RC4_128_SHA = AnsiString('ECDHE-ECDSA-RC4-SHA');
+  TLS1_TXT_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA = AnsiString('ECDHE-ECDSA-DES-CBC3-SHA');
+  TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CBC_SHA = AnsiString('ECDHE-ECDSA-AES128-SHA');
+  TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CBC_SHA = AnsiString('ECDHE-ECDSA-AES256-SHA');
+
+  TLS1_TXT_ECDH_RSA_WITH_NULL_SHA = AnsiString('ECDH-RSA-NULL-SHA');
+  TLS1_TXT_ECDH_RSA_WITH_RC4_128_SHA = AnsiString('ECDH-RSA-RC4-SHA');
+  TLS1_TXT_ECDH_RSA_WITH_DES_192_CBC3_SHA = AnsiString('ECDH-RSA-DES-CBC3-SHA');
+  TLS1_TXT_ECDH_RSA_WITH_AES_128_CBC_SHA = AnsiString('ECDH-RSA-AES128-SHA');
+  TLS1_TXT_ECDH_RSA_WITH_AES_256_CBC_SHA = AnsiString('ECDH-RSA-AES256-SHA');
+
+  TLS1_TXT_ECDHE_RSA_WITH_NULL_SHA = AnsiString('ECDHE-RSA-NULL-SHA');
+  TLS1_TXT_ECDHE_RSA_WITH_RC4_128_SHA = AnsiString('ECDHE-RSA-RC4-SHA');
+  TLS1_TXT_ECDHE_RSA_WITH_DES_192_CBC3_SHA = AnsiString('ECDHE-RSA-DES-CBC3-SHA');
+  TLS1_TXT_ECDHE_RSA_WITH_AES_128_CBC_SHA = AnsiString('ECDHE-RSA-AES128-SHA');
+  TLS1_TXT_ECDHE_RSA_WITH_AES_256_CBC_SHA = AnsiString('ECDHE-RSA-AES256-SHA');
+
+  TLS1_TXT_ECDH_anon_WITH_NULL_SHA = AnsiString('AECDH-NULL-SHA');
+  TLS1_TXT_ECDH_anon_WITH_RC4_128_SHA = AnsiString('AECDH-RC4-SHA');
+  TLS1_TXT_ECDH_anon_WITH_DES_192_CBC3_SHA = AnsiString('AECDH-DES-CBC3-SHA');
+  TLS1_TXT_ECDH_anon_WITH_AES_128_CBC_SHA = AnsiString('AECDH-AES128-SHA');
+  TLS1_TXT_ECDH_anon_WITH_AES_256_CBC_SHA = AnsiString('AECDH-AES256-SHA');
 
   (* PSK ciphersuites from RFC 4279 *)
-  TLS1_TXT_PSK_WITH_RC4_128_SHA = 'PSK-RC4-SHA';
-  TLS1_TXT_PSK_WITH_3DES_EDE_CBC_SHA = 'PSK-3DES-EDE-CBC-SHA';
-  TLS1_TXT_PSK_WITH_AES_128_CBC_SHA = 'PSK-AES128-CBC-SHA';
-  TLS1_TXT_PSK_WITH_AES_256_CBC_SHA = 'PSK-AES256-CBC-SHA';
-
-  TLS1_TXT_DHE_PSK_WITH_RC4_128_SHA = 'DHE-PSK-RC4-SHA';
-  TLS1_TXT_DHE_PSK_WITH_3DES_EDE_CBC_SHA = 'DHE-PSK-3DES-EDE-CBC-SHA';
-  TLS1_TXT_DHE_PSK_WITH_AES_128_CBC_SHA = 'DHE-PSK-AES128-CBC-SHA';
-  TLS1_TXT_DHE_PSK_WITH_AES_256_CBC_SHA = 'DHE-PSK-AES256-CBC-SHA';
-  TLS1_TXT_RSA_PSK_WITH_RC4_128_SHA = 'RSA-PSK-RC4-SHA';
-  TLS1_TXT_RSA_PSK_WITH_3DES_EDE_CBC_SHA = 'RSA-PSK-3DES-EDE-CBC-SHA';
-  TLS1_TXT_RSA_PSK_WITH_AES_128_CBC_SHA = 'RSA-PSK-AES128-CBC-SHA';
-  TLS1_TXT_RSA_PSK_WITH_AES_256_CBC_SHA = 'RSA-PSK-AES256-CBC-SHA';
+  TLS1_TXT_PSK_WITH_RC4_128_SHA = AnsiString('PSK-RC4-SHA');
+  TLS1_TXT_PSK_WITH_3DES_EDE_CBC_SHA = AnsiString('PSK-3DES-EDE-CBC-SHA');
+  TLS1_TXT_PSK_WITH_AES_128_CBC_SHA = AnsiString('PSK-AES128-CBC-SHA');
+  TLS1_TXT_PSK_WITH_AES_256_CBC_SHA = AnsiString('PSK-AES256-CBC-SHA');
+
+  TLS1_TXT_DHE_PSK_WITH_RC4_128_SHA = AnsiString('DHE-PSK-RC4-SHA');
+  TLS1_TXT_DHE_PSK_WITH_3DES_EDE_CBC_SHA = AnsiString('DHE-PSK-3DES-EDE-CBC-SHA');
+  TLS1_TXT_DHE_PSK_WITH_AES_128_CBC_SHA = AnsiString('DHE-PSK-AES128-CBC-SHA');
+  TLS1_TXT_DHE_PSK_WITH_AES_256_CBC_SHA = AnsiString('DHE-PSK-AES256-CBC-SHA');
+  TLS1_TXT_RSA_PSK_WITH_RC4_128_SHA = AnsiString('RSA-PSK-RC4-SHA');
+  TLS1_TXT_RSA_PSK_WITH_3DES_EDE_CBC_SHA = AnsiString('RSA-PSK-3DES-EDE-CBC-SHA');
+  TLS1_TXT_RSA_PSK_WITH_AES_128_CBC_SHA = AnsiString('RSA-PSK-AES128-CBC-SHA');
+  TLS1_TXT_RSA_PSK_WITH_AES_256_CBC_SHA = AnsiString('RSA-PSK-AES256-CBC-SHA');
 
   (* PSK ciphersuites from RFC 5487 *)
-  TLS1_TXT_PSK_WITH_AES_128_GCM_SHA256 = 'PSK-AES128-GCM-SHA256';
-  TLS1_TXT_PSK_WITH_AES_256_GCM_SHA384 = 'PSK-AES256-GCM-SHA384';
-  TLS1_TXT_DHE_PSK_WITH_AES_128_GCM_SHA256 = 'DHE-PSK-AES128-GCM-SHA256';
-  TLS1_TXT_DHE_PSK_WITH_AES_256_GCM_SHA384 = 'DHE-PSK-AES256-GCM-SHA384';
-  TLS1_TXT_RSA_PSK_WITH_AES_128_GCM_SHA256 = 'RSA-PSK-AES128-GCM-SHA256';
-  TLS1_TXT_RSA_PSK_WITH_AES_256_GCM_SHA384 = 'RSA-PSK-AES256-GCM-SHA384';
-
-  TLS1_TXT_PSK_WITH_AES_128_CBC_SHA256 = 'PSK-AES128-CBC-SHA256';
-  TLS1_TXT_PSK_WITH_AES_256_CBC_SHA384 = 'PSK-AES256-CBC-SHA384';
-  TLS1_TXT_PSK_WITH_NULL_SHA256 = 'PSK-NULL-SHA256';
-  TLS1_TXT_PSK_WITH_NULL_SHA384 = 'PSK-NULL-SHA384';
-
-  TLS1_TXT_DHE_PSK_WITH_AES_128_CBC_SHA256 = 'DHE-PSK-AES128-CBC-SHA256';
-  TLS1_TXT_DHE_PSK_WITH_AES_256_CBC_SHA384 = 'DHE-PSK-AES256-CBC-SHA384';
-  TLS1_TXT_DHE_PSK_WITH_NULL_SHA256 = 'DHE-PSK-NULL-SHA256';
-  TLS1_TXT_DHE_PSK_WITH_NULL_SHA384 = 'DHE-PSK-NULL-SHA384';
-
-  TLS1_TXT_RSA_PSK_WITH_AES_128_CBC_SHA256 = 'RSA-PSK-AES128-CBC-SHA256';
-  TLS1_TXT_RSA_PSK_WITH_AES_256_CBC_SHA384 = 'RSA-PSK-AES256-CBC-SHA384';
-  TLS1_TXT_RSA_PSK_WITH_NULL_SHA256 = 'RSA-PSK-NULL-SHA256';
-  TLS1_TXT_RSA_PSK_WITH_NULL_SHA384 = 'RSA-PSK-NULL-SHA384';
+  TLS1_TXT_PSK_WITH_AES_128_GCM_SHA256 = AnsiString('PSK-AES128-GCM-SHA256');
+  TLS1_TXT_PSK_WITH_AES_256_GCM_SHA384 = AnsiString('PSK-AES256-GCM-SHA384');
+  TLS1_TXT_DHE_PSK_WITH_AES_128_GCM_SHA256 = AnsiString('DHE-PSK-AES128-GCM-SHA256');
+  TLS1_TXT_DHE_PSK_WITH_AES_256_GCM_SHA384 = AnsiString('DHE-PSK-AES256-GCM-SHA384');
+  TLS1_TXT_RSA_PSK_WITH_AES_128_GCM_SHA256 = AnsiString('RSA-PSK-AES128-GCM-SHA256');
+  TLS1_TXT_RSA_PSK_WITH_AES_256_GCM_SHA384 = AnsiString('RSA-PSK-AES256-GCM-SHA384');
+
+  TLS1_TXT_PSK_WITH_AES_128_CBC_SHA256 = AnsiString('PSK-AES128-CBC-SHA256');
+  TLS1_TXT_PSK_WITH_AES_256_CBC_SHA384 = AnsiString('PSK-AES256-CBC-SHA384');
+  TLS1_TXT_PSK_WITH_NULL_SHA256 = AnsiString('PSK-NULL-SHA256');
+  TLS1_TXT_PSK_WITH_NULL_SHA384 = AnsiString('PSK-NULL-SHA384');
+
+  TLS1_TXT_DHE_PSK_WITH_AES_128_CBC_SHA256 = AnsiString('DHE-PSK-AES128-CBC-SHA256');
+  TLS1_TXT_DHE_PSK_WITH_AES_256_CBC_SHA384 = AnsiString('DHE-PSK-AES256-CBC-SHA384');
+  TLS1_TXT_DHE_PSK_WITH_NULL_SHA256 = AnsiString('DHE-PSK-NULL-SHA256');
+  TLS1_TXT_DHE_PSK_WITH_NULL_SHA384 = AnsiString('DHE-PSK-NULL-SHA384');
+
+  TLS1_TXT_RSA_PSK_WITH_AES_128_CBC_SHA256 = AnsiString('RSA-PSK-AES128-CBC-SHA256');
+  TLS1_TXT_RSA_PSK_WITH_AES_256_CBC_SHA384 = AnsiString('RSA-PSK-AES256-CBC-SHA384');
+  TLS1_TXT_RSA_PSK_WITH_NULL_SHA256 = AnsiString('RSA-PSK-NULL-SHA256');
+  TLS1_TXT_RSA_PSK_WITH_NULL_SHA384 = AnsiString('RSA-PSK-NULL-SHA384');
 
   (* SRP ciphersuite from RFC 5054 *)
-  TLS1_TXT_SRP_SHA_WITH_3DES_EDE_CBC_SHA = 'SRP-3DES-EDE-CBC-SHA';
-  TLS1_TXT_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA = 'SRP-RSA-3DES-EDE-CBC-SHA';
-  TLS1_TXT_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA = 'SRP-DSS-3DES-EDE-CBC-SHA';
-  TLS1_TXT_SRP_SHA_WITH_AES_128_CBC_SHA = 'SRP-AES-128-CBC-SHA';
-  TLS1_TXT_SRP_SHA_RSA_WITH_AES_128_CBC_SHA = 'SRP-RSA-AES-128-CBC-SHA';
-  TLS1_TXT_SRP_SHA_DSS_WITH_AES_128_CBC_SHA = 'SRP-DSS-AES-128-CBC-SHA';
-  TLS1_TXT_SRP_SHA_WITH_AES_256_CBC_SHA = 'SRP-AES-256-CBC-SHA';
-  TLS1_TXT_SRP_SHA_RSA_WITH_AES_256_CBC_SHA = 'SRP-RSA-AES-256-CBC-SHA';
-  TLS1_TXT_SRP_SHA_DSS_WITH_AES_256_CBC_SHA = 'SRP-DSS-AES-256-CBC-SHA';
+  TLS1_TXT_SRP_SHA_WITH_3DES_EDE_CBC_SHA = AnsiString('SRP-3DES-EDE-CBC-SHA');
+  TLS1_TXT_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA = AnsiString('SRP-RSA-3DES-EDE-CBC-SHA');
+  TLS1_TXT_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA = AnsiString('SRP-DSS-3DES-EDE-CBC-SHA');
+  TLS1_TXT_SRP_SHA_WITH_AES_128_CBC_SHA = AnsiString('SRP-AES-128-CBC-SHA');
+  TLS1_TXT_SRP_SHA_RSA_WITH_AES_128_CBC_SHA = AnsiString('SRP-RSA-AES-128-CBC-SHA');
+  TLS1_TXT_SRP_SHA_DSS_WITH_AES_128_CBC_SHA = AnsiString('SRP-DSS-AES-128-CBC-SHA');
+  TLS1_TXT_SRP_SHA_WITH_AES_256_CBC_SHA = AnsiString('SRP-AES-256-CBC-SHA');
+  TLS1_TXT_SRP_SHA_RSA_WITH_AES_256_CBC_SHA = AnsiString('SRP-RSA-AES-256-CBC-SHA');
+  TLS1_TXT_SRP_SHA_DSS_WITH_AES_256_CBC_SHA = AnsiString('SRP-DSS-AES-256-CBC-SHA');
 
   (* Camellia ciphersuites from RFC4132 *)
-  TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA = 'CAMELLIA128-SHA';
-  TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA = 'DH-DSS-CAMELLIA128-SHA';
-  TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA = 'DH-RSA-CAMELLIA128-SHA';
-  TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA = 'DHE-DSS-CAMELLIA128-SHA';
-  TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA = 'DHE-RSA-CAMELLIA128-SHA';
-  TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA = 'ADH-CAMELLIA128-SHA';
-
-  TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA = 'CAMELLIA256-SHA';
-  TLS1_TXT_DH_DSS_WITH_CAMELLIA_256_CBC_SHA = 'DH-DSS-CAMELLIA256-SHA';
-  TLS1_TXT_DH_RSA_WITH_CAMELLIA_256_CBC_SHA = 'DH-RSA-CAMELLIA256-SHA';
-  TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA = 'DHE-DSS-CAMELLIA256-SHA';
-  TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA = 'DHE-RSA-CAMELLIA256-SHA';
-  TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA = 'ADH-CAMELLIA256-SHA';
+  TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA = AnsiString('CAMELLIA128-SHA');
+  TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA = AnsiString('DH-DSS-CAMELLIA128-SHA');
+  TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA = AnsiString('DH-RSA-CAMELLIA128-SHA');
+  TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA = AnsiString('DHE-DSS-CAMELLIA128-SHA');
+  TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA = AnsiString('DHE-RSA-CAMELLIA128-SHA');
+  TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA = AnsiString('ADH-CAMELLIA128-SHA');
+
+  TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA = AnsiString('CAMELLIA256-SHA');
+  TLS1_TXT_DH_DSS_WITH_CAMELLIA_256_CBC_SHA = AnsiString('DH-DSS-CAMELLIA256-SHA');
+  TLS1_TXT_DH_RSA_WITH_CAMELLIA_256_CBC_SHA = AnsiString('DH-RSA-CAMELLIA256-SHA');
+  TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA = AnsiString('DHE-DSS-CAMELLIA256-SHA');
+  TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA = AnsiString('DHE-RSA-CAMELLIA256-SHA');
+  TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA = AnsiString('ADH-CAMELLIA256-SHA');
 
   (* TLS 1.2 Camellia SHA-256 ciphersuites from RFC5932 *)
-  TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 'CAMELLIA128-SHA256';
-  TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256 = 'DH-DSS-CAMELLIA128-SHA256';
-  TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 'DH-RSA-CAMELLIA128-SHA256';
-  TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256 = 'DHE-DSS-CAMELLIA128-SHA256';
-  TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 'DHE-RSA-CAMELLIA128-SHA256';
-  TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA256 = 'ADH-CAMELLIA128-SHA256';
-
-  TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA256 = 'CAMELLIA256-SHA256';
-  TLS1_TXT_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256 = 'DH-DSS-CAMELLIA256-SHA256';
-  TLS1_TXT_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256 = 'DH-RSA-CAMELLIA256-SHA256';
-  TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256 = 'DHE-DSS-CAMELLIA256-SHA256';
-  TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 = 'DHE-RSA-CAMELLIA256-SHA256';
-  TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA256 = 'ADH-CAMELLIA256-SHA256';
-
-  TLS1_TXT_PSK_WITH_CAMELLIA_128_CBC_SHA256 = 'PSK-CAMELLIA128-SHA256';
-  TLS1_TXT_PSK_WITH_CAMELLIA_256_CBC_SHA384 = 'PSK-CAMELLIA256-SHA384';
-  TLS1_TXT_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 = 'DHE-PSK-CAMELLIA128-SHA256';
-  TLS1_TXT_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 = 'DHE-PSK-CAMELLIA256-SHA384';
-  TLS1_TXT_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 = 'RSA-PSK-CAMELLIA128-SHA256';
-  TLS1_TXT_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 = 'RSA-PSK-CAMELLIA256-SHA384';
-  TLS1_TXT_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 = 'ECDHE-PSK-CAMELLIA128-SHA256';
-  TLS1_TXT_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 = 'ECDHE-PSK-CAMELLIA256-SHA384';
+  TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('CAMELLIA128-SHA256');
+  TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('DH-DSS-CAMELLIA128-SHA256');
+  TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('DH-RSA-CAMELLIA128-SHA256');
+  TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('DHE-DSS-CAMELLIA128-SHA256');
+  TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('DHE-RSA-CAMELLIA128-SHA256');
+  TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('ADH-CAMELLIA128-SHA256');
+
+  TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA256 = AnsiString('CAMELLIA256-SHA256');
+  TLS1_TXT_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256 = AnsiString('DH-DSS-CAMELLIA256-SHA256');
+  TLS1_TXT_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256 = AnsiString('DH-RSA-CAMELLIA256-SHA256');
+  TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256 = AnsiString('DHE-DSS-CAMELLIA256-SHA256');
+  TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 = AnsiString('DHE-RSA-CAMELLIA256-SHA256');
+  TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA256 = AnsiString('ADH-CAMELLIA256-SHA256');
+
+  TLS1_TXT_PSK_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('PSK-CAMELLIA128-SHA256');
+  TLS1_TXT_PSK_WITH_CAMELLIA_256_CBC_SHA384 = AnsiString('PSK-CAMELLIA256-SHA384');
+  TLS1_TXT_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('DHE-PSK-CAMELLIA128-SHA256');
+  TLS1_TXT_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 = AnsiString('DHE-PSK-CAMELLIA256-SHA384');
+  TLS1_TXT_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('RSA-PSK-CAMELLIA128-SHA256');
+  TLS1_TXT_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 = AnsiString('RSA-PSK-CAMELLIA256-SHA384');
+  TLS1_TXT_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('ECDHE-PSK-CAMELLIA128-SHA256');
+  TLS1_TXT_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 = AnsiString('ECDHE-PSK-CAMELLIA256-SHA384');
 
   (* SEED ciphersuites from RFC4162 *)
-  TLS1_TXT_RSA_WITH_SEED_SHA = 'SEED-SHA';
-  TLS1_TXT_DH_DSS_WITH_SEED_SHA = 'DH-DSS-SEED-SHA';
-  TLS1_TXT_DH_RSA_WITH_SEED_SHA = 'DH-RSA-SEED-SHA';
-  TLS1_TXT_DHE_DSS_WITH_SEED_SHA = 'DHE-DSS-SEED-SHA';
-  TLS1_TXT_DHE_RSA_WITH_SEED_SHA = 'DHE-RSA-SEED-SHA';
-  TLS1_TXT_ADH_WITH_SEED_SHA = 'ADH-SEED-SHA';
+  TLS1_TXT_RSA_WITH_SEED_SHA = AnsiString('SEED-SHA');
+  TLS1_TXT_DH_DSS_WITH_SEED_SHA = AnsiString('DH-DSS-SEED-SHA');
+  TLS1_TXT_DH_RSA_WITH_SEED_SHA = AnsiString('DH-RSA-SEED-SHA');
+  TLS1_TXT_DHE_DSS_WITH_SEED_SHA = AnsiString('DHE-DSS-SEED-SHA');
+  TLS1_TXT_DHE_RSA_WITH_SEED_SHA = AnsiString('DHE-RSA-SEED-SHA');
+  TLS1_TXT_ADH_WITH_SEED_SHA = AnsiString('ADH-SEED-SHA');
 
   (* TLS v1.2 ciphersuites *)
-  TLS1_TXT_RSA_WITH_NULL_SHA256 = 'NULL-SHA256';
-  TLS1_TXT_RSA_WITH_AES_128_SHA256 = 'AES128-SHA256';
-  TLS1_TXT_RSA_WITH_AES_256_SHA256 = 'AES256-SHA256';
-  TLS1_TXT_DH_DSS_WITH_AES_128_SHA256 = 'DH-DSS-AES128-SHA256';
-  TLS1_TXT_DH_RSA_WITH_AES_128_SHA256 = 'DH-RSA-AES128-SHA256';
-  TLS1_TXT_DHE_DSS_WITH_AES_128_SHA256 = 'DHE-DSS-AES128-SHA256';
-  TLS1_TXT_DHE_RSA_WITH_AES_128_SHA256 = 'DHE-RSA-AES128-SHA256';
-  TLS1_TXT_DH_DSS_WITH_AES_256_SHA256 = 'DH-DSS-AES256-SHA256';
-  TLS1_TXT_DH_RSA_WITH_AES_256_SHA256 = 'DH-RSA-AES256-SHA256';
-  TLS1_TXT_DHE_DSS_WITH_AES_256_SHA256 = 'DHE-DSS-AES256-SHA256';
-  TLS1_TXT_DHE_RSA_WITH_AES_256_SHA256 = 'DHE-RSA-AES256-SHA256';
-  TLS1_TXT_ADH_WITH_AES_128_SHA256 = 'ADH-AES128-SHA256';
-  TLS1_TXT_ADH_WITH_AES_256_SHA256 = 'ADH-AES256-SHA256';
+  TLS1_TXT_RSA_WITH_NULL_SHA256 = AnsiString('NULL-SHA256');
+  TLS1_TXT_RSA_WITH_AES_128_SHA256 = AnsiString('AES128-SHA256');
+  TLS1_TXT_RSA_WITH_AES_256_SHA256 = AnsiString('AES256-SHA256');
+  TLS1_TXT_DH_DSS_WITH_AES_128_SHA256 = AnsiString('DH-DSS-AES128-SHA256');
+  TLS1_TXT_DH_RSA_WITH_AES_128_SHA256 = AnsiString('DH-RSA-AES128-SHA256');
+  TLS1_TXT_DHE_DSS_WITH_AES_128_SHA256 = AnsiString('DHE-DSS-AES128-SHA256');
+  TLS1_TXT_DHE_RSA_WITH_AES_128_SHA256 = AnsiString('DHE-RSA-AES128-SHA256');
+  TLS1_TXT_DH_DSS_WITH_AES_256_SHA256 = AnsiString('DH-DSS-AES256-SHA256');
+  TLS1_TXT_DH_RSA_WITH_AES_256_SHA256 = AnsiString('DH-RSA-AES256-SHA256');
+  TLS1_TXT_DHE_DSS_WITH_AES_256_SHA256 = AnsiString('DHE-DSS-AES256-SHA256');
+  TLS1_TXT_DHE_RSA_WITH_AES_256_SHA256 = AnsiString('DHE-RSA-AES256-SHA256');
+  TLS1_TXT_ADH_WITH_AES_128_SHA256 = AnsiString('ADH-AES128-SHA256');
+  TLS1_TXT_ADH_WITH_AES_256_SHA256 = AnsiString('ADH-AES256-SHA256');
 
   (* TLS v1.2 GCM ciphersuites from RFC5288 *)
-  TLS1_TXT_RSA_WITH_AES_128_GCM_SHA256 = 'AES128-GCM-SHA256';
-  TLS1_TXT_RSA_WITH_AES_256_GCM_SHA384 = 'AES256-GCM-SHA384';
-  TLS1_TXT_DHE_RSA_WITH_AES_128_GCM_SHA256 = 'DHE-RSA-AES128-GCM-SHA256';
-  TLS1_TXT_DHE_RSA_WITH_AES_256_GCM_SHA384 = 'DHE-RSA-AES256-GCM-SHA384';
-  TLS1_TXT_DH_RSA_WITH_AES_128_GCM_SHA256 = 'DH-RSA-AES128-GCM-SHA256';
-  TLS1_TXT_DH_RSA_WITH_AES_256_GCM_SHA384 = 'DH-RSA-AES256-GCM-SHA384';
-  TLS1_TXT_DHE_DSS_WITH_AES_128_GCM_SHA256 = 'DHE-DSS-AES128-GCM-SHA256';
-  TLS1_TXT_DHE_DSS_WITH_AES_256_GCM_SHA384 = 'DHE-DSS-AES256-GCM-SHA384';
-  TLS1_TXT_DH_DSS_WITH_AES_128_GCM_SHA256 = 'DH-DSS-AES128-GCM-SHA256';
-  TLS1_TXT_DH_DSS_WITH_AES_256_GCM_SHA384 = 'DH-DSS-AES256-GCM-SHA384';
-  TLS1_TXT_ADH_WITH_AES_128_GCM_SHA256 = 'ADH-AES128-GCM-SHA256';
-  TLS1_TXT_ADH_WITH_AES_256_GCM_SHA384 = 'ADH-AES256-GCM-SHA384';
+  TLS1_TXT_RSA_WITH_AES_128_GCM_SHA256 = AnsiString('AES128-GCM-SHA256');
+  TLS1_TXT_RSA_WITH_AES_256_GCM_SHA384 = AnsiString('AES256-GCM-SHA384');
+  TLS1_TXT_DHE_RSA_WITH_AES_128_GCM_SHA256 = AnsiString('DHE-RSA-AES128-GCM-SHA256');
+  TLS1_TXT_DHE_RSA_WITH_AES_256_GCM_SHA384 = AnsiString('DHE-RSA-AES256-GCM-SHA384');
+  TLS1_TXT_DH_RSA_WITH_AES_128_GCM_SHA256 = AnsiString('DH-RSA-AES128-GCM-SHA256');
+  TLS1_TXT_DH_RSA_WITH_AES_256_GCM_SHA384 = AnsiString('DH-RSA-AES256-GCM-SHA384');
+  TLS1_TXT_DHE_DSS_WITH_AES_128_GCM_SHA256 = AnsiString('DHE-DSS-AES128-GCM-SHA256');
+  TLS1_TXT_DHE_DSS_WITH_AES_256_GCM_SHA384 = AnsiString('DHE-DSS-AES256-GCM-SHA384');
+  TLS1_TXT_DH_DSS_WITH_AES_128_GCM_SHA256 = AnsiString('DH-DSS-AES128-GCM-SHA256');
+  TLS1_TXT_DH_DSS_WITH_AES_256_GCM_SHA384 = AnsiString('DH-DSS-AES256-GCM-SHA384');
+  TLS1_TXT_ADH_WITH_AES_128_GCM_SHA256 = AnsiString('ADH-AES128-GCM-SHA256');
+  TLS1_TXT_ADH_WITH_AES_256_GCM_SHA384 = AnsiString('ADH-AES256-GCM-SHA384');
 
   (* CCM ciphersuites from RFC6655 *)
-  TLS1_TXT_RSA_WITH_AES_128_CCM = 'AES128-CCM';
-  TLS1_TXT_RSA_WITH_AES_256_CCM = 'AES256-CCM';
-  TLS1_TXT_DHE_RSA_WITH_AES_128_CCM = 'DHE-RSA-AES128-CCM';
-  TLS1_TXT_DHE_RSA_WITH_AES_256_CCM = 'DHE-RSA-AES256-CCM';
-
-  TLS1_TXT_RSA_WITH_AES_128_CCM_8 = 'AES128-CCM8';
-  TLS1_TXT_RSA_WITH_AES_256_CCM_8 = 'AES256-CCM8';
-  TLS1_TXT_DHE_RSA_WITH_AES_128_CCM_8 = 'DHE-RSA-AES128-CCM8';
-  TLS1_TXT_DHE_RSA_WITH_AES_256_CCM_8 = 'DHE-RSA-AES256-CCM8';
-
-  TLS1_TXT_PSK_WITH_AES_128_CCM = 'PSK-AES128-CCM';
-  TLS1_TXT_PSK_WITH_AES_256_CCM = 'PSK-AES256-CCM';
-  TLS1_TXT_DHE_PSK_WITH_AES_128_CCM = 'DHE-PSK-AES128-CCM';
-  TLS1_TXT_DHE_PSK_WITH_AES_256_CCM = 'DHE-PSK-AES256-CCM';
-
-  TLS1_TXT_PSK_WITH_AES_128_CCM_8 = 'PSK-AES128-CCM8';
-  TLS1_TXT_PSK_WITH_AES_256_CCM_8 = 'PSK-AES256-CCM8';
-  TLS1_TXT_DHE_PSK_WITH_AES_128_CCM_8 = 'DHE-PSK-AES128-CCM8';
-  TLS1_TXT_DHE_PSK_WITH_AES_256_CCM_8 = 'DHE-PSK-AES256-CCM8';
+  TLS1_TXT_RSA_WITH_AES_128_CCM = AnsiString('AES128-CCM');
+  TLS1_TXT_RSA_WITH_AES_256_CCM = AnsiString('AES256-CCM');
+  TLS1_TXT_DHE_RSA_WITH_AES_128_CCM = AnsiString('DHE-RSA-AES128-CCM');
+  TLS1_TXT_DHE_RSA_WITH_AES_256_CCM = AnsiString('DHE-RSA-AES256-CCM');
+
+  TLS1_TXT_RSA_WITH_AES_128_CCM_8 = AnsiString('AES128-CCM8');
+  TLS1_TXT_RSA_WITH_AES_256_CCM_8 = AnsiString('AES256-CCM8');
+  TLS1_TXT_DHE_RSA_WITH_AES_128_CCM_8 = AnsiString('DHE-RSA-AES128-CCM8');
+  TLS1_TXT_DHE_RSA_WITH_AES_256_CCM_8 = AnsiString('DHE-RSA-AES256-CCM8');
+
+  TLS1_TXT_PSK_WITH_AES_128_CCM = AnsiString('PSK-AES128-CCM');
+  TLS1_TXT_PSK_WITH_AES_256_CCM = AnsiString('PSK-AES256-CCM');
+  TLS1_TXT_DHE_PSK_WITH_AES_128_CCM = AnsiString('DHE-PSK-AES128-CCM');
+  TLS1_TXT_DHE_PSK_WITH_AES_256_CCM = AnsiString('DHE-PSK-AES256-CCM');
+
+  TLS1_TXT_PSK_WITH_AES_128_CCM_8 = AnsiString('PSK-AES128-CCM8');
+  TLS1_TXT_PSK_WITH_AES_256_CCM_8 = AnsiString('PSK-AES256-CCM8');
+  TLS1_TXT_DHE_PSK_WITH_AES_128_CCM_8 = AnsiString('DHE-PSK-AES128-CCM8');
+  TLS1_TXT_DHE_PSK_WITH_AES_256_CCM_8 = AnsiString('DHE-PSK-AES256-CCM8');
 
   (* CCM ciphersuites from RFC7251 *)
-  TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CCM = 'ECDHE-ECDSA-AES128-CCM';
-  TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CCM = 'ECDHE-ECDSA-AES256-CCM';
-  TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CCM_8 = 'ECDHE-ECDSA-AES128-CCM8';
-  TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CCM_8 = 'ECDHE-ECDSA-AES256-CCM8';
+  TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CCM = AnsiString('ECDHE-ECDSA-AES128-CCM');
+  TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CCM = AnsiString('ECDHE-ECDSA-AES256-CCM');
+  TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CCM_8 = AnsiString('ECDHE-ECDSA-AES128-CCM8');
+  TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CCM_8 = AnsiString('ECDHE-ECDSA-AES256-CCM8');
 
   (* ECDH HMAC based ciphersuites from RFC5289 *)
-  TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_SHA256 = 'ECDHE-ECDSA-AES128-SHA256';
-  TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_SHA384 = 'ECDHE-ECDSA-AES256-SHA384';
-  TLS1_TXT_ECDH_ECDSA_WITH_AES_128_SHA256 = 'ECDH-ECDSA-AES128-SHA256';
-  TLS1_TXT_ECDH_ECDSA_WITH_AES_256_SHA384 = 'ECDH-ECDSA-AES256-SHA384';
-  TLS1_TXT_ECDHE_RSA_WITH_AES_128_SHA256 = 'ECDHE-RSA-AES128-SHA256';
-  TLS1_TXT_ECDHE_RSA_WITH_AES_256_SHA384 = 'ECDHE-RSA-AES256-SHA384';
-  TLS1_TXT_ECDH_RSA_WITH_AES_128_SHA256 = 'ECDH-RSA-AES128-SHA256';
-  TLS1_TXT_ECDH_RSA_WITH_AES_256_SHA384 = 'ECDH-RSA-AES256-SHA384';
+  TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_SHA256 = AnsiString('ECDHE-ECDSA-AES128-SHA256');
+  TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_SHA384 = AnsiString('ECDHE-ECDSA-AES256-SHA384');
+  TLS1_TXT_ECDH_ECDSA_WITH_AES_128_SHA256 = AnsiString('ECDH-ECDSA-AES128-SHA256');
+  TLS1_TXT_ECDH_ECDSA_WITH_AES_256_SHA384 = AnsiString('ECDH-ECDSA-AES256-SHA384');
+  TLS1_TXT_ECDHE_RSA_WITH_AES_128_SHA256 = AnsiString('ECDHE-RSA-AES128-SHA256');
+  TLS1_TXT_ECDHE_RSA_WITH_AES_256_SHA384 = AnsiString('ECDHE-RSA-AES256-SHA384');
+  TLS1_TXT_ECDH_RSA_WITH_AES_128_SHA256 = AnsiString('ECDH-RSA-AES128-SHA256');
+  TLS1_TXT_ECDH_RSA_WITH_AES_256_SHA384 = AnsiString('ECDH-RSA-AES256-SHA384');
 
   (* ECDH GCM based ciphersuites from RFC5289 *)
-  TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 = 'ECDHE-ECDSA-AES128-GCM-SHA256';
-  TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 = 'ECDHE-ECDSA-AES256-GCM-SHA384';
-  TLS1_TXT_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 = 'ECDH-ECDSA-AES128-GCM-SHA256';
-  TLS1_TXT_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 = 'ECDH-ECDSA-AES256-GCM-SHA384';
-  TLS1_TXT_ECDHE_RSA_WITH_AES_128_GCM_SHA256 = 'ECDHE-RSA-AES128-GCM-SHA256';
-  TLS1_TXT_ECDHE_RSA_WITH_AES_256_GCM_SHA384 = 'ECDHE-RSA-AES256-GCM-SHA384';
-  TLS1_TXT_ECDH_RSA_WITH_AES_128_GCM_SHA256 = 'ECDH-RSA-AES128-GCM-SHA256';
-  TLS1_TXT_ECDH_RSA_WITH_AES_256_GCM_SHA384 = 'ECDH-RSA-AES256-GCM-SHA384';
+  TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 = AnsiString('ECDHE-ECDSA-AES128-GCM-SHA256');
+  TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 = AnsiString('ECDHE-ECDSA-AES256-GCM-SHA384');
+  TLS1_TXT_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 = AnsiString('ECDH-ECDSA-AES128-GCM-SHA256');
+  TLS1_TXT_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 = AnsiString('ECDH-ECDSA-AES256-GCM-SHA384');
+  TLS1_TXT_ECDHE_RSA_WITH_AES_128_GCM_SHA256 = AnsiString('ECDHE-RSA-AES128-GCM-SHA256');
+  TLS1_TXT_ECDHE_RSA_WITH_AES_256_GCM_SHA384 = AnsiString('ECDHE-RSA-AES256-GCM-SHA384');
+  TLS1_TXT_ECDH_RSA_WITH_AES_128_GCM_SHA256 = AnsiString('ECDH-RSA-AES128-GCM-SHA256');
+  TLS1_TXT_ECDH_RSA_WITH_AES_256_GCM_SHA384 = AnsiString('ECDH-RSA-AES256-GCM-SHA384');
 
   (* TLS v1.2 PSK GCM ciphersuites from RFC5487 *)
-  //TLS1_TXT_PSK_WITH_AES_128_GCM_SHA256 = 'PSK-AES128-GCM-SHA256';
-  //TLS1_TXT_PSK_WITH_AES_256_GCM_SHA384 = 'PSK-AES256-GCM-SHA384';
+  //TLS1_TXT_PSK_WITH_AES_128_GCM_SHA256 = AnsiString('PSK-AES128-GCM-SHA256');
+  //TLS1_TXT_PSK_WITH_AES_256_GCM_SHA384 = AnsiString('PSK-AES256-GCM-SHA384');
 
   (* ECDHE PSK ciphersuites from RFC 5489 *)
-  TLS1_TXT_ECDHE_PSK_WITH_RC4_128_SHA = 'ECDHE-PSK-RC4-SHA';
-  TLS1_TXT_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA = 'ECDHE-PSK-3DES-EDE-CBC-SHA';
-  TLS1_TXT_ECDHE_PSK_WITH_AES_128_CBC_SHA = 'ECDHE-PSK-AES128-CBC-SHA';
-  TLS1_TXT_ECDHE_PSK_WITH_AES_256_CBC_SHA = 'ECDHE-PSK-AES256-CBC-SHA';
+  TLS1_TXT_ECDHE_PSK_WITH_RC4_128_SHA = AnsiString('ECDHE-PSK-RC4-SHA');
+  TLS1_TXT_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA = AnsiString('ECDHE-PSK-3DES-EDE-CBC-SHA');
+  TLS1_TXT_ECDHE_PSK_WITH_AES_128_CBC_SHA = AnsiString('ECDHE-PSK-AES128-CBC-SHA');
+  TLS1_TXT_ECDHE_PSK_WITH_AES_256_CBC_SHA = AnsiString('ECDHE-PSK-AES256-CBC-SHA');
 
-  TLS1_TXT_ECDHE_PSK_WITH_AES_128_CBC_SHA256 = 'ECDHE-PSK-AES128-CBC-SHA256';
-  TLS1_TXT_ECDHE_PSK_WITH_AES_256_CBC_SHA384 = 'ECDHE-PSK-AES256-CBC-SHA384';
+  TLS1_TXT_ECDHE_PSK_WITH_AES_128_CBC_SHA256 = AnsiString('ECDHE-PSK-AES128-CBC-SHA256');
+  TLS1_TXT_ECDHE_PSK_WITH_AES_256_CBC_SHA384 = AnsiString('ECDHE-PSK-AES256-CBC-SHA384');
 
-  TLS1_TXT_ECDHE_PSK_WITH_NULL_SHA = 'ECDHE-PSK-NULL-SHA';
-  TLS1_TXT_ECDHE_PSK_WITH_NULL_SHA256 = 'ECDHE-PSK-NULL-SHA256';
-  TLS1_TXT_ECDHE_PSK_WITH_NULL_SHA384 = 'ECDHE-PSK-NULL-SHA384';
+  TLS1_TXT_ECDHE_PSK_WITH_NULL_SHA = AnsiString('ECDHE-PSK-NULL-SHA');
+  TLS1_TXT_ECDHE_PSK_WITH_NULL_SHA256 = AnsiString('ECDHE-PSK-NULL-SHA256');
+  TLS1_TXT_ECDHE_PSK_WITH_NULL_SHA384 = AnsiString('ECDHE-PSK-NULL-SHA384');
 
   (* Camellia-CBC ciphersuites from RFC6367 *)
-  TLS1_TXT_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 = 'ECDHE-ECDSA-CAMELLIA128-SHA256';
-  TLS1_TXT_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 = 'ECDHE-ECDSA-CAMELLIA256-SHA384';
-  TLS1_TXT_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 = 'ECDH-ECDSA-CAMELLIA128-SHA256';
-  TLS1_TXT_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 = 'ECDH-ECDSA-CAMELLIA256-SHA384';
-  TLS1_TXT_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 'ECDHE-RSA-CAMELLIA128-SHA256';
-  TLS1_TXT_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 = 'ECDHE-RSA-CAMELLIA256-SHA384';
-  TLS1_TXT_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 'ECDH-RSA-CAMELLIA128-SHA256';
-  TLS1_TXT_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 = 'ECDH-RSA-CAMELLIA256-SHA384';
+  TLS1_TXT_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('ECDHE-ECDSA-CAMELLIA128-SHA256');
+  TLS1_TXT_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 = AnsiString('ECDHE-ECDSA-CAMELLIA256-SHA384');
+  TLS1_TXT_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('ECDH-ECDSA-CAMELLIA128-SHA256');
+  TLS1_TXT_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 = AnsiString('ECDH-ECDSA-CAMELLIA256-SHA384');
+  TLS1_TXT_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('ECDHE-RSA-CAMELLIA128-SHA256');
+  TLS1_TXT_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 = AnsiString('ECDHE-RSA-CAMELLIA256-SHA384');
+  TLS1_TXT_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('ECDH-RSA-CAMELLIA128-SHA256');
+  TLS1_TXT_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 = AnsiString('ECDH-RSA-CAMELLIA256-SHA384');
 
   (* draft-ietf-tls-chacha20-poly1305-03 *)
-  TLS1_TXT_ECDHE_RSA_WITH_CHACHA20_POLY1305 = 'ECDHE-RSA-CHACHA20-POLY1305';
-  TLS1_TXT_ECDHE_ECDSA_WITH_CHACHA20_POLY1305 = 'ECDHE-ECDSA-CHACHA20-POLY1305';
-  TLS1_TXT_DHE_RSA_WITH_CHACHA20_POLY1305 = 'DHE-RSA-CHACHA20-POLY1305';
-  TLS1_TXT_PSK_WITH_CHACHA20_POLY1305 = 'PSK-CHACHA20-POLY1305';
-  TLS1_TXT_ECDHE_PSK_WITH_CHACHA20_POLY1305 = 'ECDHE-PSK-CHACHA20-POLY1305';
-  TLS1_TXT_DHE_PSK_WITH_CHACHA20_POLY1305 = 'DHE-PSK-CHACHA20-POLY1305';
-  TLS1_TXT_RSA_PSK_WITH_CHACHA20_POLY1305 = 'RSA-PSK-CHACHA20-POLY1305';
+  TLS1_TXT_ECDHE_RSA_WITH_CHACHA20_POLY1305 = AnsiString('ECDHE-RSA-CHACHA20-POLY1305');
+  TLS1_TXT_ECDHE_ECDSA_WITH_CHACHA20_POLY1305 = AnsiString('ECDHE-ECDSA-CHACHA20-POLY1305');
+  TLS1_TXT_DHE_RSA_WITH_CHACHA20_POLY1305 = AnsiString('DHE-RSA-CHACHA20-POLY1305');
+  TLS1_TXT_PSK_WITH_CHACHA20_POLY1305 = AnsiString('PSK-CHACHA20-POLY1305');
+  TLS1_TXT_ECDHE_PSK_WITH_CHACHA20_POLY1305 = AnsiString('ECDHE-PSK-CHACHA20-POLY1305');
+  TLS1_TXT_DHE_PSK_WITH_CHACHA20_POLY1305 = AnsiString('DHE-PSK-CHACHA20-POLY1305');
+  TLS1_TXT_RSA_PSK_WITH_CHACHA20_POLY1305 = AnsiString('RSA-PSK-CHACHA20-POLY1305');
 
   (* Aria ciphersuites from RFC6209 *)
-  TLS1_TXT_RSA_WITH_ARIA_128_GCM_SHA256 = 'ARIA128-GCM-SHA256';
-  TLS1_TXT_RSA_WITH_ARIA_256_GCM_SHA384 = 'ARIA256-GCM-SHA384';
-  TLS1_TXT_DHE_RSA_WITH_ARIA_128_GCM_SHA256 = 'DHE-RSA-ARIA128-GCM-SHA256';
-  TLS1_TXT_DHE_RSA_WITH_ARIA_256_GCM_SHA384 = 'DHE-RSA-ARIA256-GCM-SHA384';
-  TLS1_TXT_DH_RSA_WITH_ARIA_128_GCM_SHA256 = 'DH-RSA-ARIA128-GCM-SHA256';
-  TLS1_TXT_DH_RSA_WITH_ARIA_256_GCM_SHA384 = 'DH-RSA-ARIA256-GCM-SHA384';
-  TLS1_TXT_DHE_DSS_WITH_ARIA_128_GCM_SHA256 = 'DHE-DSS-ARIA128-GCM-SHA256';
-  TLS1_TXT_DHE_DSS_WITH_ARIA_256_GCM_SHA384 = 'DHE-DSS-ARIA256-GCM-SHA384';
-  TLS1_TXT_DH_DSS_WITH_ARIA_128_GCM_SHA256 = 'DH-DSS-ARIA128-GCM-SHA256';
-  TLS1_TXT_DH_DSS_WITH_ARIA_256_GCM_SHA384 = 'DH-DSS-ARIA256-GCM-SHA384';
-  TLS1_TXT_DH_anon_WITH_ARIA_128_GCM_SHA256 = 'ADH-ARIA128-GCM-SHA256';
-  TLS1_TXT_DH_anon_WITH_ARIA_256_GCM_SHA384 = 'ADH-ARIA256-GCM-SHA384';
-  TLS1_TXT_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256 = 'ECDHE-ECDSA-ARIA128-GCM-SHA256';
-  TLS1_TXT_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384 = 'ECDHE-ECDSA-ARIA256-GCM-SHA384';
-  TLS1_TXT_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256 = 'ECDH-ECDSA-ARIA128-GCM-SHA256';
-  TLS1_TXT_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384 = 'ECDH-ECDSA-ARIA256-GCM-SHA384';
-  TLS1_TXT_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 = 'ECDHE-ARIA128-GCM-SHA256';
-  TLS1_TXT_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 = 'ECDHE-ARIA256-GCM-SHA384';
-  TLS1_TXT_ECDH_RSA_WITH_ARIA_128_GCM_SHA256 = 'ECDH-ARIA128-GCM-SHA256';
-  TLS1_TXT_ECDH_RSA_WITH_ARIA_256_GCM_SHA384 = 'ECDH-ARIA256-GCM-SHA384';
-  TLS1_TXT_PSK_WITH_ARIA_128_GCM_SHA256 = 'PSK-ARIA128-GCM-SHA256';
-  TLS1_TXT_PSK_WITH_ARIA_256_GCM_SHA384 = 'PSK-ARIA256-GCM-SHA384';
-  TLS1_TXT_DHE_PSK_WITH_ARIA_128_GCM_SHA256 = 'DHE-PSK-ARIA128-GCM-SHA256';
-  TLS1_TXT_DHE_PSK_WITH_ARIA_256_GCM_SHA384 = 'DHE-PSK-ARIA256-GCM-SHA384';
-  TLS1_TXT_RSA_PSK_WITH_ARIA_128_GCM_SHA256 = 'RSA-PSK-ARIA128-GCM-SHA256';
-  TLS1_TXT_RSA_PSK_WITH_ARIA_256_GCM_SHA384 = 'RSA-PSK-ARIA256-GCM-SHA384';
+  TLS1_TXT_RSA_WITH_ARIA_128_GCM_SHA256 = AnsiString('ARIA128-GCM-SHA256');
+  TLS1_TXT_RSA_WITH_ARIA_256_GCM_SHA384 = AnsiString('ARIA256-GCM-SHA384');
+  TLS1_TXT_DHE_RSA_WITH_ARIA_128_GCM_SHA256 = AnsiString('DHE-RSA-ARIA128-GCM-SHA256');
+  TLS1_TXT_DHE_RSA_WITH_ARIA_256_GCM_SHA384 = AnsiString('DHE-RSA-ARIA256-GCM-SHA384');
+  TLS1_TXT_DH_RSA_WITH_ARIA_128_GCM_SHA256 = AnsiString('DH-RSA-ARIA128-GCM-SHA256');
+  TLS1_TXT_DH_RSA_WITH_ARIA_256_GCM_SHA384 = AnsiString('DH-RSA-ARIA256-GCM-SHA384');
+  TLS1_TXT_DHE_DSS_WITH_ARIA_128_GCM_SHA256 = AnsiString('DHE-DSS-ARIA128-GCM-SHA256');
+  TLS1_TXT_DHE_DSS_WITH_ARIA_256_GCM_SHA384 = AnsiString('DHE-DSS-ARIA256-GCM-SHA384');
+  TLS1_TXT_DH_DSS_WITH_ARIA_128_GCM_SHA256 = AnsiString('DH-DSS-ARIA128-GCM-SHA256');
+  TLS1_TXT_DH_DSS_WITH_ARIA_256_GCM_SHA384 = AnsiString('DH-DSS-ARIA256-GCM-SHA384');
+  TLS1_TXT_DH_anon_WITH_ARIA_128_GCM_SHA256 = AnsiString('ADH-ARIA128-GCM-SHA256');
+  TLS1_TXT_DH_anon_WITH_ARIA_256_GCM_SHA384 = AnsiString('ADH-ARIA256-GCM-SHA384');
+  TLS1_TXT_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256 = AnsiString('ECDHE-ECDSA-ARIA128-GCM-SHA256');
+  TLS1_TXT_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384 = AnsiString('ECDHE-ECDSA-ARIA256-GCM-SHA384');
+  TLS1_TXT_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256 = AnsiString('ECDH-ECDSA-ARIA128-GCM-SHA256');
+  TLS1_TXT_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384 = AnsiString('ECDH-ECDSA-ARIA256-GCM-SHA384');
+  TLS1_TXT_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 = AnsiString('ECDHE-ARIA128-GCM-SHA256');
+  TLS1_TXT_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 = AnsiString('ECDHE-ARIA256-GCM-SHA384');
+  TLS1_TXT_ECDH_RSA_WITH_ARIA_128_GCM_SHA256 = AnsiString('ECDH-ARIA128-GCM-SHA256');
+  TLS1_TXT_ECDH_RSA_WITH_ARIA_256_GCM_SHA384 = AnsiString('ECDH-ARIA256-GCM-SHA384');
+  TLS1_TXT_PSK_WITH_ARIA_128_GCM_SHA256 = AnsiString('PSK-ARIA128-GCM-SHA256');
+  TLS1_TXT_PSK_WITH_ARIA_256_GCM_SHA384 = AnsiString('PSK-ARIA256-GCM-SHA384');
+  TLS1_TXT_DHE_PSK_WITH_ARIA_128_GCM_SHA256 = AnsiString('DHE-PSK-ARIA128-GCM-SHA256');
+  TLS1_TXT_DHE_PSK_WITH_ARIA_256_GCM_SHA384 = AnsiString('DHE-PSK-ARIA256-GCM-SHA384');
+  TLS1_TXT_RSA_PSK_WITH_ARIA_128_GCM_SHA256 = AnsiString('RSA-PSK-ARIA128-GCM-SHA256');
+  TLS1_TXT_RSA_PSK_WITH_ARIA_256_GCM_SHA384 = AnsiString('RSA-PSK-ARIA256-GCM-SHA384');
 
   TLS_CT_RSA_SIGN = 1;
   TLS_CT_DSS_SIGN = 2;
@@ -1029,68 +1029,67 @@ interface
   TLS1_FINISH_MAC_LENGTH = 12;
 
   TLS_MD_MAX_CONST_SIZE = 22;
-  TLS_MD_CLIENT_FINISH_CONST  = 'client finished';
+  TLS_MD_CLIENT_FINISH_CONST  = AnsiString('client finished');
   TLS_MD_CLIENT_FINISH_CONST_SIZE = 15;
-  TLS_MD_SERVER_FINISH_CONST  = 'server finished';
+  TLS_MD_SERVER_FINISH_CONST  = AnsiString('server finished');
   TLS_MD_SERVER_FINISH_CONST_SIZE = 15;
-  TLS_MD_KEY_EXPANSION_CONST  = 'key expansion';
+  TLS_MD_KEY_EXPANSION_CONST  = AnsiString('key expansion');
   TLS_MD_KEY_EXPANSION_CONST_SIZE = 13;
-  TLS_MD_CLIENT_WRITE_KEY_CONST  = 'client write key';
+  TLS_MD_CLIENT_WRITE_KEY_CONST  = AnsiString('client write key');
   TLS_MD_CLIENT_WRITE_KEY_CONST_SIZE = 16;
-  TLS_MD_SERVER_WRITE_KEY_CONST  = 'server write key';
+  TLS_MD_SERVER_WRITE_KEY_CONST  = AnsiString('server write key');
   TLS_MD_SERVER_WRITE_KEY_CONST_SIZE = 16;
-  TLS_MD_IV_BLOCK_CONST  = 'IV block';
+  TLS_MD_IV_BLOCK_CONST  = AnsiString('IV block');
   TLS_MD_IV_BLOCK_CONST_SIZE = 8;
-  TLS_MD_MASTER_SECRET_CONST  = 'master secret';
+  TLS_MD_MASTER_SECRET_CONST  = AnsiString('master secret');
   TLS_MD_MASTER_SECRET_CONST_SIZE = 13;
-  TLS_MD_EXTENDED_MASTER_SECRET_CONST  = 'extended master secret';
+  TLS_MD_EXTENDED_MASTER_SECRET_CONST  = AnsiString('extended master secret');
   TLS_MD_EXTENDED_MASTER_SECRET_CONST_SIZE = 22;
 
 //  (*
 //   * client finished
 //   *)
-//  TLS_MD_CLIENT_FINISH_CONST  = '\x63\x6c\x69\x65\x6e\x74\x20\x66\x69\x6e\x69\x73\x68\x65\x64';
+//  TLS_MD_CLIENT_FINISH_CONST = TIdAnsiChar($63) + TIdAnsiChar($6c) + TIdAnsiChar($69) + TIdAnsiChar($65) + TIdAnsiChar($6e) + TIdAnsiChar($74) + TIdAnsiChar($20) + TIdAnsiChar($66) + TIdAnsiChar($69) + TIdAnsiChar($6e) + TIdAnsiChar($69) + TIdAnsiChar($73) + TIdAnsiChar($68) + TIdAnsiChar($65) + TIdAnsiChar($64);
 //
 //  (*
 //   * server finished
 //   *)
-//  TLS_MD_SERVER_FINISH_CONST  = '\x73\x65\x72\x76\x65\x72\x20\x66\x69\x6e\x69\x73\x68\x65\x64';
+//  TLS_MD_SERVER_FINISH_CONST = TIdAnsiChar($73) + TIdAnsiChar($65) + TIdAnsiChar($72) + TIdAnsiChar($76) + TIdAnsiChar($65) + TIdAnsiChar($72) + TIdAnsiChar($20) + TIdAnsiChar($66) + TIdAnsiChar($69) + TIdAnsiChar($6e) + TIdAnsiChar($69) + TIdAnsiChar($73) + TIdAnsiChar($68) + TIdAnsiChar($65) + TIdAnsiChar($64);
 //
 //  (*
 //   * server write key
 //   *)
-//  TLS_MD_SERVER_WRITE_KEY_CONST  = '\x73\x65\x72\x76\x65\x72\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79';
+//  TLS_MD_SERVER_WRITE_KEY_CONST = TIdAnsiChar($73) + TIdAnsiChar($65) + TIdAnsiChar($72) + TIdAnsiChar($76) + TIdAnsiChar($65) + TIdAnsiChar($72) + TIdAnsiChar($20) + TIdAnsiChar($77) + TIdAnsiChar($72) + TIdAnsiChar($69) + TIdAnsiChar($74) + TIdAnsiChar($65) + TIdAnsiChar($20) + TIdAnsiChar($6b) + TIdAnsiChar($65) + TIdAnsiChar($79);
 //
 //  (*
 //   * key expansion
 //   *)
-//  TLS_MD_KEY_EXPANSION_CONST  = '\x6b\x65\x79\x20\x65\x78\x70\x61\x6e\x73\x69\x6f\x6e';
+//  TLS_MD_KEY_EXPANSION_CONST = TIdAnsiChar($6b) + TIdAnsiChar($65) + TIdAnsiChar($79) + TIdAnsiChar($20) + TIdAnsiChar($65) + TIdAnsiChar($78) + TIdAnsiChar($70) + TIdAnsiChar($61) + TIdAnsiChar($6e) + TIdAnsiChar($73) + TIdAnsiChar($69) + TIdAnsiChar($6f) + TIdAnsiChar($6e);
 //
 //  (*
 //   * client write key
 //   *)
-//  TLS_MD_CLIENT_WRITE_KEY_CONST  = '\x63\x6c\x69\x65\x6e\x74\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79';
+//  TLS_MD_CLIENT_WRITE_KEY_CONST = TIdAnsiChar($63) + TIdAnsiChar($6c) + TIdAnsiChar($69) + TIdAnsiChar($65) + TIdAnsiChar($6e) + TIdAnsiChar($74) + TIdAnsiChar($20) + TIdAnsiChar($77) + TIdAnsiChar($72) + TIdAnsiChar($69) + TIdAnsiChar($74) + TIdAnsiChar($65) + TIdAnsiChar($20) + TIdAnsiChar($6b) + TIdAnsiChar($65) + TIdAnsiChar($79);
 //
 //  (*
 //   * server write key
 //   *)
-//  TLS_MD_SERVER_WRITE_KEY_CONST  = '\x73\x65\x72\x76\x65\x72\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79';
+//  TLS_MD_SERVER_WRITE_KEY_CONST = TIdAnsiChar($73) + TIdAnsiChar($65) + TIdAnsiChar($72) + TIdAnsiChar($76) + TIdAnsiChar($65) + TIdAnsiChar($72) + TIdAnsiChar($20) + TIdAnsiChar($77) + TIdAnsiChar($72) + TIdAnsiChar($69) + TIdAnsiChar($74) + TIdAnsiChar($65) + TIdAnsiChar($20) + TIdAnsiChar($6b) + TIdAnsiChar($65) + TIdAnsiChar($79);
 //
 //  (*
 //   * IV block
 //   *)
-//  TLS_MD_IV_BLOCK_CONST  = '\x49\x56\x20\x62\x6c\x6f\x63\x6b';
-//
+//  TLS_MD_IV_BLOCK_CONST = TIdAnsiChar($49) + TIdAnsiChar($56) + TIdAnsiChar($20) + TIdAnsiChar($62) + TIdAnsiChar($6c) + TIdAnsiChar($6f) + TIdAnsiChar($63) + TIdAnsiChar($6b);
 //
 //  (*
 //   * master secret
 //   *)
-//  TLS_MD_MASTER_SECRET_CONST  = '\x6d\x61\x73\x74\x65\x72\x20\x73\x65\x63\x72\x65\x74';
+//  TLS_MD_MASTER_SECRET_CONST = TIdAnsiChar($6d) + TIdAnsiChar($61) + TIdAnsiChar($73) + TIdAnsiChar($74) + TIdAnsiChar($65) + TIdAnsiChar($72) + TIdAnsiChar($20) + TIdAnsiChar($73) + TIdAnsiChar($65) + TIdAnsiChar($63) + TIdAnsiChar($72) + TIdAnsiChar($65) + TIdAnsiChar($74);
 //
 //  (*
 //   * extended master secret
 //   *)
-//  TLS_MD_EXTENDED_MASTER_SECRET_CONST  = '\x65\x78\x74\x65\x6e\x64\x65\x64\x20\x6d\x61\x73\x74\x65\x72\x20\x73\x65\x63\x72\x65\x74';
+//  TLS_MD_EXTENDED_MASTER_SECRET_CONST = TIdAnsiChar($65) + TIdAnsiChar($78) + TIdAnsiChar($74) + TIdAnsiChar($65) + TIdAnsiChar($6e) + TIdAnsiChar($64) + TIdAnsiChar($65) + TIdAnsiChar($64) + TIdAnsiChar($20) + TIdAnsiChar($6d) + TIdAnsiChar($61) + TIdAnsiChar($73) + TIdAnsiChar($74) + TIdAnsiChar($65) + TIdAnsiChar($72) + TIdAnsiChar($20) + TIdAnsiChar($73) + TIdAnsiChar($65) + TIdAnsiChar($63) + TIdAnsiChar($72) + TIdAnsiChar($65) + TIdAnsiChar($74);
 
 type
   (* TLS Session Ticket extension struct *)
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_x509.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_x509.pas
index 32cf71111..6794dba9b 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_x509.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_x509.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 15:01:04
+// Generation date: 11.05.2020 08:36:42
 
 unit IdOpenSSLHeaders_x509;
 
@@ -232,7 +232,7 @@   X509_val_st = record
   x509_trust_st = record
     trust: TIdC_INT;
     flags: TIdC_INT;
-    check_trust: function(v1: Px509_trust_st; v2: PX509; v3: TIdC_INT): TIdC_INT;
+    check_trust: function(v1: Px509_trust_st; v2: PX509; v3: TIdC_INT): TIdC_INT; cdecl;
     name: PIdAnsiChar;
     arg1: TIdC_INT;
     arg2: Pointer;
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_x509v3.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_x509v3.pas
index 96dfdcb09..3f142ff2f 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_x509v3.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_x509v3.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 15:01:04
+// Generation date: 11.05.2020 08:36:42
 
 unit IdOpenSSLHeaders_x509v3;
 
@@ -556,7 +556,7 @@   x509_purpose_st = record
     purpose: TIdC_INT;
     trust: TIdC_INT;                  (* Default trust ID *)
     flags: TIdC_INT;
-    check_purpose: function(const v1: PX509_PURPOSE; const v2: PX509; v3: TIdC_INT): TIdC_INT;
+    check_purpose: function(const v1: PX509_PURPOSE; const v2: PX509; v3: TIdC_INT): TIdC_INT; cdecl;
     name: PIdAnsiChar;
     sname: PIdAnsiChar;
     usr_data: Pointer;
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_dherr.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_dherr.pas
index 7adcfac0f..2c016683e 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_dherr.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_dherr.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 14:51:27
+// Generation date: 11.05.2020 08:36:43
 
 unit IdOpenSSLHeaders_dherr;
 
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_objects.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_objects.pas
index 414cb4bc8..f61e47f07 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_objects.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_objects.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 14:51:27
+// Generation date: 11.05.2020 08:36:43
 
 unit IdOpenSSLHeaders_objects;
 
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_pem.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_pem.pas
index 7e39d4135..f8e9a6d7d 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_pem.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_pem.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 14:51:27
+// Generation date: 11.05.2020 08:36:43
 
 unit IdOpenSSLHeaders_pem;
 
@@ -55,31 +55,31 @@ interface
 const
   PEM_BUFSIZE             = 1024;
 
-  PEM_STRING_X509_OLD     = 'X509 CERTIFICATE';
-  PEM_STRING_X509         = 'CERTIFICATE';
-  PEM_STRING_X509_TRUSTED = 'TRUSTED CERTIFICATE';
-  PEM_STRING_X509_REQ_OLD = 'NEW CERTIFICATE REQUEST';
-  PEM_STRING_X509_REQ     = 'CERTIFICATE REQUEST';
-  PEM_STRING_X509_CRL     = 'X509 CRL';
-  PEM_STRING_EVP_PKEY     = 'ANY PRIVATE KEY';
-  PEM_STRING_PUBLIC       = 'PUBLIC KEY';
-  PEM_STRING_RSA          = 'RSA PRIVATE KEY';
-  PEM_STRING_RSA_PUBLIC   = 'RSA PUBLIC KEY';
-  PEM_STRING_DSA          = 'DSA PRIVATE KEY';
-  PEM_STRING_DSA_PUBLIC   = 'DSA PUBLIC KEY';
-  PEM_STRING_PKCS7        = 'PKCS7';
-  PEM_STRING_PKCS7_SIGNED = 'PKCS #7 SIGNED DATA';
-  PEM_STRING_PKCS8        = 'ENCRYPTED PRIVATE KEY';
-  PEM_STRING_PKCS8INF     = 'PRIVATE KEY';
-  PEM_STRING_DHPARAMS     = 'DH PARAMETERS';
-  PEM_STRING_DHXPARAMS    = 'X9.42 DH PARAMETERS';
-  PEM_STRING_SSL_SESSION  = 'SSL SESSION PARAMETERS';
-  PEM_STRING_DSAPARAMS    = 'DSA PARAMETERS';
-  PEM_STRING_ECDSA_PUBLIC = 'ECDSA PUBLIC KEY';
-  PEM_STRING_ECPARAMETERS = 'EC PARAMETERS';
-  PEM_STRING_ECPRIVATEKEY = 'EC PRIVATE KEY';
-  PEM_STRING_PARAMETERS   = 'PARAMETERS';
-  PEM_STRING_CMS          = 'CMS';
+  PEM_STRING_X509_OLD     = AnsiString('X509 CERTIFICATE');
+  PEM_STRING_X509         = AnsiString('CERTIFICATE');
+  PEM_STRING_X509_TRUSTED = AnsiString('TRUSTED CERTIFICATE');
+  PEM_STRING_X509_REQ_OLD = AnsiString('NEW CERTIFICATE REQUEST');
+  PEM_STRING_X509_REQ     = AnsiString('CERTIFICATE REQUEST');
+  PEM_STRING_X509_CRL     = AnsiString('X509 CRL');
+  PEM_STRING_EVP_PKEY     = AnsiString('ANY PRIVATE KEY');
+  PEM_STRING_PUBLIC       = AnsiString('PUBLIC KEY');
+  PEM_STRING_RSA          = AnsiString('RSA PRIVATE KEY');
+  PEM_STRING_RSA_PUBLIC   = AnsiString('RSA PUBLIC KEY');
+  PEM_STRING_DSA          = AnsiString('DSA PRIVATE KEY');
+  PEM_STRING_DSA_PUBLIC   = AnsiString('DSA PUBLIC KEY');
+  PEM_STRING_PKCS7        = AnsiString('PKCS7');
+  PEM_STRING_PKCS7_SIGNED = AnsiString('PKCS #7 SIGNED DATA');
+  PEM_STRING_PKCS8        = AnsiString('ENCRYPTED PRIVATE KEY');
+  PEM_STRING_PKCS8INF     = AnsiString('PRIVATE KEY');
+  PEM_STRING_DHPARAMS     = AnsiString('DH PARAMETERS');
+  PEM_STRING_DHXPARAMS    = AnsiString('X9.42 DH PARAMETERS');
+  PEM_STRING_SSL_SESSION  = AnsiString('SSL SESSION PARAMETERS');
+  PEM_STRING_DSAPARAMS    = AnsiString('DSA PARAMETERS');
+  PEM_STRING_ECDSA_PUBLIC = AnsiString('ECDSA PUBLIC KEY');
+  PEM_STRING_ECPARAMETERS = AnsiString('EC PARAMETERS');
+  PEM_STRING_ECPRIVATEKEY = AnsiString('EC PRIVATE KEY');
+  PEM_STRING_PARAMETERS   = AnsiString('PARAMETERS');
+  PEM_STRING_CMS          = AnsiString('CMS');
 
   PEM_TYPE_ENCRYPTED      = 10;
   PEM_TYPE_MIC_ONLY       = 20;
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_rand.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_rand.pas
index 26861d84d..812ff0e90 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_rand.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_rand.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 14:51:27
+// Generation date: 11.05.2020 08:36:43
 
 unit IdOpenSSLHeaders_rand;
 
@@ -53,7 +53,7 @@ interface
   rand_meth_st_pseudorand = function (buf: PByte; num: TIdC_INT): TIdC_INT; cdecl;
   rand_meth_st_status = function: TIdC_INT; cdecl;
 
-  rand_meth_st = class
+  rand_meth_st = record
     seed: rand_meth_st_seed;
     bytes: rand_meth_st_bytes;
     cleanup: rand_meth_st_cleanup;
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ssl.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ssl.pas
index a020944c5..6162663a1 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ssl.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ssl.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 14:51:27
+// Generation date: 11.05.2020 08:36:43
 
 unit IdOpenSSLHeaders_ssl;
 
@@ -76,97 +76,97 @@ interface
 
   (* These are used to specify which ciphers to use and not to use *)
 
-  SSL_TXT_LOW = 'LOW';
-  SSL_TXT_MEDIUM = 'MEDIUM';
-  SSL_TXT_HIGH = 'HIGH';
-  SSL_TXT_FIPS = 'FIPS';
-
-  SSL_TXT_aNULL = 'aNULL';
-  SSL_TXT_eNULL = 'eNULL';
-  SSL_TXT_NULL = 'NULL';
-
-  SSL_TXT_kRSA = 'kRSA';
-  SSL_TXT_kDHr = 'kDHr';
-  SSL_TXT_kDHd = 'kDHd';
-  SSL_TXT_kDH = 'kDH';
-  SSL_TXT_kEDH = 'kEDH';
-  SSL_TXT_kDHE = 'kDHE';
-  SSL_TXT_kECDHr = 'kECDHr';
-//const SSL_TXT_kECDHe = 'kECDHe';
-  SSL_TXT_kECDH = 'kECDH';
-  SSL_TXT_kEECDH = 'kEECDH';
-  SSL_TXT_kECDHE = 'kECDHE';
-  SSL_TXT_kPSK = 'kPSK';
-  SSL_TXT_kRSAPSK = 'kRSAPSK';
-  SSL_TXT_kECDHEPSK = 'kECDHEPSK';
-  SSL_TXT_kDHEPSK = 'kDHEPSK';
-  SSL_TXT_kGOST = 'kGOST';
-  SSL_TXT_kSRP = 'kSRP';
-
-  SSL_TXT_aRSA = 'aRSA';
-  SSL_TXT_aDSS = 'aDSS';
-  SSL_TXT_aDH = 'aDH';
-  SSL_TXT_aECDH = 'aECDH';
-  SSL_TXT_aECDSA = 'aECDSA';
-  SSL_TXT_aPSK = 'aPSK';
-  SSL_TXT_aGOST94 = 'aGOST94';
-  SSL_TXT_aGOST01 = 'aGOST01';
-  SSL_TXT_aGOST12 = 'aGOST12';
-  SSL_TXT_aGOST = 'aGOST';
-  SSL_TXT_aSRP = 'aSRP';
-
-  SSL_TXT_DSS = 'DSS';
-  SSL_TXT_DH = 'DH';
-  SSL_TXT_DHE = 'DHE';
-  SSL_TXT_EDH = 'EDH';
-  //SSL_TXT_ADH = 'ADH';
-  SSL_TXT_RSA = 'RSA';
-  SSL_TXT_ECDH = 'ECDH';
-  SSL_TXT_EECDH = 'EECDH';
-  SSL_TXT_ECDHE = 'ECDHE';
-  //SSL_TXT_AECDH = 'AECDH';
-  SSL_TXT_ECDSA = 'ECDSA';
-  SSL_TXT_PSK = 'PSK';
-  SSL_TXT_SRP = 'SRP';
-
-  SSL_TXT_DES = 'DES';
-  SSL_TXT_3DES = '3DES';
-  SSL_TXT_RC4 = 'RC4';
-  SSL_TXT_RC2 = 'RC2';
-  SSL_TXT_IDEA = 'IDEA';
-  SSL_TXT_SEED = 'SEED';
-  SSL_TXT_AES128 = 'AES128';
-  SSL_TXT_AES256 = 'AES256';
-  SSL_TXT_AES = 'AES';
-  SSL_TXT_AES_GCM = 'AESGCM';
-  SSL_TXT_AES_CCM = 'AESCCM';
-  SSL_TXT_AES_CCM_8 = 'AESCCM8';
-  SSL_TXT_CAMELLIA128 = 'CAMELLIA128';
-  SSL_TXT_CAMELLIA256 = 'CAMELLIA256';
-  SSL_TXT_CAMELLIA = 'CAMELLIA';
-  SSL_TXT_CHACHA20 = 'CHACHA20';
-  SSL_TXT_GOST = 'GOST89';
-  SSL_TXT_ARIA = 'ARIA';
-  SSL_TXT_ARIA_GCM = 'ARIAGCM';
-  SSL_TXT_ARIA128 = 'ARIA128';
-  SSL_TXT_ARIA256 = 'ARIA256';
-
-  SSL_TXT_MD5 = 'MD5';
-  SSL_TXT_SHA1 = 'SHA1';
-  SSL_TXT_SHA = 'SHA';
-  SSL_TXT_GOST94 = 'GOST94';
-  SSL_TXT_GOST89MAC = 'GOST89MAC';
-  SSL_TXT_GOST12 = 'GOST12';
-  SSL_TXT_GOST89MAC12 = 'GOST89MAC12';
-  SSL_TXT_SHA256 = 'SHA256';
-  SSL_TXT_SHA384 = 'SHA384';
-
-  SSL_TXT_SSLV3 = 'SSLv3';
-  SSL_TXT_TLSV1 = 'TLSv1';
-  SSL_TXT_TLSV1_1 = 'TLSv1.1';
-  SSL_TXT_TLSV1_2 = 'TLSv1.2';
-
-  SSL_TXT_ALL = 'ALL';
+  SSL_TXT_LOW = AnsiString('LOW');
+  SSL_TXT_MEDIUM = AnsiString('MEDIUM');
+  SSL_TXT_HIGH = AnsiString('HIGH');
+  SSL_TXT_FIPS = AnsiString('FIPS');
+
+  SSL_TXT_aNULL = AnsiString('aNULL');
+  SSL_TXT_eNULL = AnsiString('eNULL');
+  SSL_TXT_NULL = AnsiString('NULL');
+
+  SSL_TXT_kRSA = AnsiString('kRSA');
+  SSL_TXT_kDHr = AnsiString('kDHr');
+  SSL_TXT_kDHd = AnsiString('kDHd');
+  SSL_TXT_kDH = AnsiString('kDH');
+  SSL_TXT_kEDH = AnsiString('kEDH');
+  SSL_TXT_kDHE = AnsiString('kDHE');
+  SSL_TXT_kECDHr = AnsiString('kECDHr');
+//const SSL_TXT_kECDHe = AnsiString('kECDHe');
+  SSL_TXT_kECDH = AnsiString('kECDH');
+  SSL_TXT_kEECDH = AnsiString('kEECDH');
+  SSL_TXT_kECDHE = AnsiString('kECDHE');
+  SSL_TXT_kPSK = AnsiString('kPSK');
+  SSL_TXT_kRSAPSK = AnsiString('kRSAPSK');
+  SSL_TXT_kECDHEPSK = AnsiString('kECDHEPSK');
+  SSL_TXT_kDHEPSK = AnsiString('kDHEPSK');
+  SSL_TXT_kGOST = AnsiString('kGOST');
+  SSL_TXT_kSRP = AnsiString('kSRP');
+
+  SSL_TXT_aRSA = AnsiString('aRSA');
+  SSL_TXT_aDSS = AnsiString('aDSS');
+  SSL_TXT_aDH = AnsiString('aDH');
+  SSL_TXT_aECDH = AnsiString('aECDH');
+  SSL_TXT_aECDSA = AnsiString('aECDSA');
+  SSL_TXT_aPSK = AnsiString('aPSK');
+  SSL_TXT_aGOST94 = AnsiString('aGOST94');
+  SSL_TXT_aGOST01 = AnsiString('aGOST01');
+  SSL_TXT_aGOST12 = AnsiString('aGOST12');
+  SSL_TXT_aGOST = AnsiString('aGOST');
+  SSL_TXT_aSRP = AnsiString('aSRP');
+
+  SSL_TXT_DSS = AnsiString('DSS');
+  SSL_TXT_DH = AnsiString('DH');
+  SSL_TXT_DHE = AnsiString('DHE');
+  SSL_TXT_EDH = AnsiString('EDH');
+  //SSL_TXT_ADH = AnsiString('ADH');
+  SSL_TXT_RSA = AnsiString('RSA');
+  SSL_TXT_ECDH = AnsiString('ECDH');
+  SSL_TXT_EECDH = AnsiString('EECDH');
+  SSL_TXT_ECDHE = AnsiString('ECDHE');
+  //SSL_TXT_AECDH = AnsiString('AECDH');
+  SSL_TXT_ECDSA = AnsiString('ECDSA');
+  SSL_TXT_PSK = AnsiString('PSK');
+  SSL_TXT_SRP = AnsiString('SRP');
+
+  SSL_TXT_DES = AnsiString('DES');
+  SSL_TXT_3DES = AnsiString('3DES');
+  SSL_TXT_RC4 = AnsiString('RC4');
+  SSL_TXT_RC2 = AnsiString('RC2');
+  SSL_TXT_IDEA = AnsiString('IDEA');
+  SSL_TXT_SEED = AnsiString('SEED');
+  SSL_TXT_AES128 = AnsiString('AES128');
+  SSL_TXT_AES256 = AnsiString('AES256');
+  SSL_TXT_AES = AnsiString('AES');
+  SSL_TXT_AES_GCM = AnsiString('AESGCM');
+  SSL_TXT_AES_CCM = AnsiString('AESCCM');
+  SSL_TXT_AES_CCM_8 = AnsiString('AESCCM8');
+  SSL_TXT_CAMELLIA128 = AnsiString('CAMELLIA128');
+  SSL_TXT_CAMELLIA256 = AnsiString('CAMELLIA256');
+  SSL_TXT_CAMELLIA = AnsiString('CAMELLIA');
+  SSL_TXT_CHACHA20 = AnsiString('CHACHA20');
+  SSL_TXT_GOST = AnsiString('GOST89');
+  SSL_TXT_ARIA = AnsiString('ARIA');
+  SSL_TXT_ARIA_GCM = AnsiString('ARIAGCM');
+  SSL_TXT_ARIA128 = AnsiString('ARIA128');
+  SSL_TXT_ARIA256 = AnsiString('ARIA256');
+
+  SSL_TXT_MD5 = AnsiString('MD5');
+  SSL_TXT_SHA1 = AnsiString('SHA1');
+  SSL_TXT_SHA = AnsiString('SHA');
+  SSL_TXT_GOST94 = AnsiString('GOST94');
+  SSL_TXT_GOST89MAC = AnsiString('GOST89MAC');
+  SSL_TXT_GOST12 = AnsiString('GOST12');
+  SSL_TXT_GOST89MAC12 = AnsiString('GOST89MAC12');
+  SSL_TXT_SHA256 = AnsiString('SHA256');
+  SSL_TXT_SHA384 = AnsiString('SHA384');
+
+  SSL_TXT_SSLV3 = AnsiString('SSLv3');
+  SSL_TXT_TLSV1 = AnsiString('TLSv1');
+  SSL_TXT_TLSV1_1 = AnsiString('TLSv1.1');
+  SSL_TXT_TLSV1_2 = AnsiString('TLSv1.2');
+
+  SSL_TXT_ALL = AnsiString('ALL');
 
   (*-
    * COMPLEMENTOF* definitions. These identifiers are used to (de-select)
@@ -182,17 +182,17 @@ interface
    * DEFAULT gets, as only selection is being done and no sorting as needed
    * for DEFAULT.
    *)
-  SSL_TXT_CMPALL = 'COMPLEMENTOFALL';
-  SSL_TXT_CMPDEF = 'COMPLEMENTOFDEFAULT';
+  SSL_TXT_CMPALL = AnsiString('COMPLEMENTOFALL');
+  SSL_TXT_CMPDEF = AnsiString('COMPLEMENTOFDEFAULT');
 
   (*
    * The following cipher list is used by default. It also is substituted when
    * an application-defined cipher list string starts with 'DEFAULT'.
    * This applies to ciphersuites for TLSv1.2 and below.
    *)
-  SSL_DEFAULT_CIPHER_LIST = 'ALL:!COMPLEMENTOFDEFAULT:!eNULL';
+  SSL_DEFAULT_CIPHER_LIST = AnsiString('ALL:!COMPLEMENTOFDEFAULT:!eNULL');
   (* This is the default set of TLSv1.3 ciphersuites *)
-  TLS_DEFAULT_CIPHERSUITES = 'TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256';
+  TLS_DEFAULT_CIPHERSUITES = AnsiString('TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256');
 
   (*
    * As of OpenSSL 1.0.0, ssl_create_cipher_list() in ssl/ssl_ciph.c always
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ssl3.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ssl3.pas
index 07d9a6007..61df8d5ad 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ssl3.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ssl3.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 14:51:27
+// Generation date: 11.05.2020 08:36:43
 
 unit IdOpenSSLHeaders_ssl3;
 
@@ -39,6 +39,9 @@ interface
 
 {$i IdCompilerDefines.inc}
 
+uses
+  IdGlobal;
+
 const
   (*
    * Signalling cipher suite value from RFC 5746
@@ -90,59 +93,59 @@ interface
   SSL3_CK_ADH_DES_192_CBC_SHA = $0300001B;
 
   (* a bundle of RFC standard cipher names, generated from ssl3_ciphers[] *)
-  SSL3_RFC_RSA_NULL_MD5 = 'TLS_RSA_WITH_NULL_MD5';
-  SSL3_RFC_RSA_NULL_SHA = 'TLS_RSA_WITH_NULL_SHA';
-  SSL3_RFC_RSA_DES_192_CBC3_SHA = 'TLS_RSA_WITH_3DES_EDE_CBC_SHA';
-  SSL3_RFC_DHE_DSS_DES_192_CBC3_SHA = 'TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA';
-  SSL3_RFC_DHE_RSA_DES_192_CBC3_SHA = 'TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA';
-  SSL3_RFC_ADH_DES_192_CBC_SHA = 'TLS_DH_anon_WITH_3DES_EDE_CBC_SHA';
-  SSL3_RFC_RSA_IDEA_128_SHA = 'TLS_RSA_WITH_IDEA_CBC_SHA';
-  SSL3_RFC_RSA_RC4_128_MD5 = 'TLS_RSA_WITH_RC4_128_MD5';
-  SSL3_RFC_RSA_RC4_128_SHA = 'TLS_RSA_WITH_RC4_128_SHA';
-  SSL3_RFC_ADH_RC4_128_MD5 = 'TLS_DH_anon_WITH_RC4_128_MD5';
-
-  SSL3_TXT_RSA_NULL_MD5 = 'NULL-MD5';
-  SSL3_TXT_RSA_NULL_SHA = 'NULL-SHA';
-  SSL3_TXT_RSA_RC4_40_MD5 = 'EXP-RC4-MD5';
-  SSL3_TXT_RSA_RC4_128_MD5 = 'RC4-MD5';
-  SSL3_TXT_RSA_RC4_128_SHA = 'RC4-SHA';
-  SSL3_TXT_RSA_RC2_40_MD5 = 'EXP-RC2-CBC-MD5';
-  SSL3_TXT_RSA_IDEA_128_SHA = 'IDEA-CBC-SHA';
-  SSL3_TXT_RSA_DES_40_CBC_SHA = 'EXP-DES-CBC-SHA';
-  SSL3_TXT_RSA_DES_64_CBC_SHA = 'DES-CBC-SHA';
-  SSL3_TXT_RSA_DES_192_CBC3_SHA = 'DES-CBC3-SHA';
-
-  SSL3_TXT_DH_DSS_DES_40_CBC_SHA = 'EXP-DH-DSS-DES-CBC-SHA';
-  SSL3_TXT_DH_DSS_DES_64_CBC_SHA = 'DH-DSS-DES-CBC-SHA';
-  SSL3_TXT_DH_DSS_DES_192_CBC3_SHA = 'DH-DSS-DES-CBC3-SHA';
-  SSL3_TXT_DH_RSA_DES_40_CBC_SHA = 'EXP-DH-RSA-DES-CBC-SHA';
-  SSL3_TXT_DH_RSA_DES_64_CBC_SHA = 'DH-RSA-DES-CBC-SHA';
-  SSL3_TXT_DH_RSA_DES_192_CBC3_SHA = 'DH-RSA-DES-CBC3-SHA';
-
-  SSL3_TXT_DHE_DSS_DES_40_CBC_SHA = 'EXP-DHE-DSS-DES-CBC-SHA';
-  SSL3_TXT_DHE_DSS_DES_64_CBC_SHA = 'DHE-DSS-DES-CBC-SHA';
-  SSL3_TXT_DHE_DSS_DES_192_CBC3_SHA = 'DHE-DSS-DES-CBC3-SHA';
-  SSL3_TXT_DHE_RSA_DES_40_CBC_SHA = 'EXP-DHE-RSA-DES-CBC-SHA';
-  SSL3_TXT_DHE_RSA_DES_64_CBC_SHA = 'DHE-RSA-DES-CBC-SHA';
-  SSL3_TXT_DHE_RSA_DES_192_CBC3_SHA = 'DHE-RSA-DES-CBC3-SHA';
+  SSL3_RFC_RSA_NULL_MD5 = AnsiString('TLS_RSA_WITH_NULL_MD5');
+  SSL3_RFC_RSA_NULL_SHA = AnsiString('TLS_RSA_WITH_NULL_SHA');
+  SSL3_RFC_RSA_DES_192_CBC3_SHA = AnsiString('TLS_RSA_WITH_3DES_EDE_CBC_SHA');
+  SSL3_RFC_DHE_DSS_DES_192_CBC3_SHA = AnsiString('TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA');
+  SSL3_RFC_DHE_RSA_DES_192_CBC3_SHA = AnsiString('TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA');
+  SSL3_RFC_ADH_DES_192_CBC_SHA = AnsiString('TLS_DH_anon_WITH_3DES_EDE_CBC_SHA');
+  SSL3_RFC_RSA_IDEA_128_SHA = AnsiString('TLS_RSA_WITH_IDEA_CBC_SHA');
+  SSL3_RFC_RSA_RC4_128_MD5 = AnsiString('TLS_RSA_WITH_RC4_128_MD5');
+  SSL3_RFC_RSA_RC4_128_SHA = AnsiString('TLS_RSA_WITH_RC4_128_SHA');
+  SSL3_RFC_ADH_RC4_128_MD5 = AnsiString('TLS_DH_anon_WITH_RC4_128_MD5');
+
+  SSL3_TXT_RSA_NULL_MD5 = AnsiString('NULL-MD5');
+  SSL3_TXT_RSA_NULL_SHA = AnsiString('NULL-SHA');
+  SSL3_TXT_RSA_RC4_40_MD5 = AnsiString('EXP-RC4-MD5');
+  SSL3_TXT_RSA_RC4_128_MD5 = AnsiString('RC4-MD5');
+  SSL3_TXT_RSA_RC4_128_SHA = AnsiString('RC4-SHA');
+  SSL3_TXT_RSA_RC2_40_MD5 = AnsiString('EXP-RC2-CBC-MD5');
+  SSL3_TXT_RSA_IDEA_128_SHA = AnsiString('IDEA-CBC-SHA');
+  SSL3_TXT_RSA_DES_40_CBC_SHA = AnsiString('EXP-DES-CBC-SHA');
+  SSL3_TXT_RSA_DES_64_CBC_SHA = AnsiString('DES-CBC-SHA');
+  SSL3_TXT_RSA_DES_192_CBC3_SHA = AnsiString('DES-CBC3-SHA');
+
+  SSL3_TXT_DH_DSS_DES_40_CBC_SHA = AnsiString('EXP-DH-DSS-DES-CBC-SHA');
+  SSL3_TXT_DH_DSS_DES_64_CBC_SHA = AnsiString('DH-DSS-DES-CBC-SHA');
+  SSL3_TXT_DH_DSS_DES_192_CBC3_SHA = AnsiString('DH-DSS-DES-CBC3-SHA');
+  SSL3_TXT_DH_RSA_DES_40_CBC_SHA = AnsiString('EXP-DH-RSA-DES-CBC-SHA');
+  SSL3_TXT_DH_RSA_DES_64_CBC_SHA = AnsiString('DH-RSA-DES-CBC-SHA');
+  SSL3_TXT_DH_RSA_DES_192_CBC3_SHA = AnsiString('DH-RSA-DES-CBC3-SHA');
+
+  SSL3_TXT_DHE_DSS_DES_40_CBC_SHA = AnsiString('EXP-DHE-DSS-DES-CBC-SHA');
+  SSL3_TXT_DHE_DSS_DES_64_CBC_SHA = AnsiString('DHE-DSS-DES-CBC-SHA');
+  SSL3_TXT_DHE_DSS_DES_192_CBC3_SHA = AnsiString('DHE-DSS-DES-CBC3-SHA');
+  SSL3_TXT_DHE_RSA_DES_40_CBC_SHA = AnsiString('EXP-DHE-RSA-DES-CBC-SHA');
+  SSL3_TXT_DHE_RSA_DES_64_CBC_SHA = AnsiString('DHE-RSA-DES-CBC-SHA');
+  SSL3_TXT_DHE_RSA_DES_192_CBC3_SHA = AnsiString('DHE-RSA-DES-CBC3-SHA');
 
   (*
    * This next block of six 'EDH' labels is for backward compatibility with
    * older versions of OpenSSL.  New code should use the six 'DHE' labels above
    * instead:
    *)
-  SSL3_TXT_EDH_DSS_DES_40_CBC_SHA = 'EXP-EDH-DSS-DES-CBC-SHA';
-  SSL3_TXT_EDH_DSS_DES_64_CBC_SHA = 'EDH-DSS-DES-CBC-SHA';
-  SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA = 'EDH-DSS-DES-CBC3-SHA';
-  SSL3_TXT_EDH_RSA_DES_40_CBC_SHA = 'EXP-EDH-RSA-DES-CBC-SHA';
-  SSL3_TXT_EDH_RSA_DES_64_CBC_SHA = 'EDH-RSA-DES-CBC-SHA';
-  SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA = 'EDH-RSA-DES-CBC3-SHA';
-
-  SSL3_TXT_ADH_RC4_40_MD5 = 'EXP-ADH-RC4-MD5';
-  SSL3_TXT_ADH_RC4_128_MD5 = 'ADH-RC4-MD5';
-  SSL3_TXT_ADH_DES_40_CBC_SHA = 'EXP-ADH-DES-CBC-SHA';
-  SSL3_TXT_ADH_DES_64_CBC_SHA = 'ADH-DES-CBC-SHA';
-  SSL3_TXT_ADH_DES_192_CBC_SHA = 'ADH-DES-CBC3-SHA';
+  SSL3_TXT_EDH_DSS_DES_40_CBC_SHA = AnsiString('EXP-EDH-DSS-DES-CBC-SHA');
+  SSL3_TXT_EDH_DSS_DES_64_CBC_SHA = AnsiString('EDH-DSS-DES-CBC-SHA');
+  SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA = AnsiString('EDH-DSS-DES-CBC3-SHA');
+  SSL3_TXT_EDH_RSA_DES_40_CBC_SHA = AnsiString('EXP-EDH-RSA-DES-CBC-SHA');
+  SSL3_TXT_EDH_RSA_DES_64_CBC_SHA = AnsiString('EDH-RSA-DES-CBC-SHA');
+  SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA = AnsiString('EDH-RSA-DES-CBC3-SHA');
+
+  SSL3_TXT_ADH_RC4_40_MD5 = AnsiString('EXP-ADH-RC4-MD5');
+  SSL3_TXT_ADH_RC4_128_MD5 = AnsiString('ADH-RC4-MD5');
+  SSL3_TXT_ADH_DES_40_CBC_SHA = AnsiString('EXP-ADH-DES-CBC-SHA');
+  SSL3_TXT_ADH_DES_64_CBC_SHA = AnsiString('ADH-DES-CBC-SHA');
+  SSL3_TXT_ADH_DES_192_CBC_SHA = AnsiString('ADH-DES-CBC3-SHA');
 
   SSL3_SSL_SESSION_ID_LENGTH = 32;
   SSL3_MAX_SSL_SESSION_ID_LENGTH = 32;
@@ -203,10 +206,10 @@ interface
 
   SSL3_RT_MAX_ENCRYPTED_LENGTH = SSL3_RT_MAX_ENCRYPTED_OVERHEAD + SSL3_RT_MAX_COMPRESSED_LENGTH;
   SSL3_RT_MAX_TLS13_ENCRYPTED_LENGTH = SSL3_RT_MAX_PLAIN_LENGTH + SSL3_RT_MAX_TLS13_ENCRYPTED_OVERHEAD;
-  SSL3_RT_MAX_PACKET_SIZE = SSL3_RT_MAX_ENCRYPTED_LENGTH+SSL3_RT_HEADER_LENGTH;
+  SSL3_RT_MAX_PACKET_SIZE = SSL3_RT_MAX_ENCRYPTED_LENGTH + SSL3_RT_HEADER_LENGTH;
 
-  SSL3_MD_CLIENT_FINISHED_= '\x43\x4C\x4E\x54';
-  SSL3_MD_SERVER_FINISHED_= '\x53\x52\x56\x52';
+  SSL3_MD_CLIENT_FINISHED_= TIdAnsiChar($43) + TIdAnsiChar($4C) + TIdAnsiChar($4E) + TIdAnsiChar($54);
+  SSL3_MD_SERVER_FINISHED_= TIdAnsiChar($53) + TIdAnsiChar($52) + TIdAnsiChar($56) + TIdAnsiChar($52);
 
   SSL3_VERSION = $0300;
   SSL3_VERSION_MAJOR = $03;
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_tls1.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_tls1.pas
index b637216c6..0f9c53ab1 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_tls1.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_tls1.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 14:51:27
+// Generation date: 11.05.2020 08:36:43
 
 unit IdOpenSSLHeaders_tls1;
 
@@ -524,195 +524,195 @@ interface
   TLS1_CK_RSA_PSK_WITH_ARIA_256_GCM_SHA384 = $0300C06F;
 
   (* a bundle of RFC standard cipher names, generated from ssl3_ciphers[] *)
-  TLS1_RFC_RSA_WITH_AES_128_SHA = 'TLS_RSA_WITH_AES_128_CBC_SHA';
-  TLS1_RFC_DHE_DSS_WITH_AES_128_SHA = 'TLS_DHE_DSS_WITH_AES_128_CBC_SHA';
-  TLS1_RFC_DHE_RSA_WITH_AES_128_SHA = 'TLS_DHE_RSA_WITH_AES_128_CBC_SHA';
-  TLS1_RFC_ADH_WITH_AES_128_SHA = 'TLS_DH_anon_WITH_AES_128_CBC_SHA';
-  TLS1_RFC_RSA_WITH_AES_256_SHA = 'TLS_RSA_WITH_AES_256_CBC_SHA';
-  TLS1_RFC_DHE_DSS_WITH_AES_256_SHA = 'TLS_DHE_DSS_WITH_AES_256_CBC_SHA';
-  TLS1_RFC_DHE_RSA_WITH_AES_256_SHA = 'TLS_DHE_RSA_WITH_AES_256_CBC_SHA';
-  TLS1_RFC_ADH_WITH_AES_256_SHA = 'TLS_DH_anon_WITH_AES_256_CBC_SHA';
-  TLS1_RFC_RSA_WITH_NULL_SHA256 = 'TLS_RSA_WITH_NULL_SHA256';
-  TLS1_RFC_RSA_WITH_AES_128_SHA256 = 'TLS_RSA_WITH_AES_128_CBC_SHA256';
-  TLS1_RFC_RSA_WITH_AES_256_SHA256 = 'TLS_RSA_WITH_AES_256_CBC_SHA256';
-  TLS1_RFC_DHE_DSS_WITH_AES_128_SHA256 = 'TLS_DHE_DSS_WITH_AES_128_CBC_SHA256';
-  TLS1_RFC_DHE_RSA_WITH_AES_128_SHA256 = 'TLS_DHE_RSA_WITH_AES_128_CBC_SHA256';
-  TLS1_RFC_DHE_DSS_WITH_AES_256_SHA256 = 'TLS_DHE_DSS_WITH_AES_256_CBC_SHA256';
-  TLS1_RFC_DHE_RSA_WITH_AES_256_SHA256 = 'TLS_DHE_RSA_WITH_AES_256_CBC_SHA256';
-  TLS1_RFC_ADH_WITH_AES_128_SHA256 = 'TLS_DH_anon_WITH_AES_128_CBC_SHA256';
-  TLS1_RFC_ADH_WITH_AES_256_SHA256 = 'TLS_DH_anon_WITH_AES_256_CBC_SHA256';
-  TLS1_RFC_RSA_WITH_AES_128_GCM_SHA256 = 'TLS_RSA_WITH_AES_128_GCM_SHA256';
-  TLS1_RFC_RSA_WITH_AES_256_GCM_SHA384 = 'TLS_RSA_WITH_AES_256_GCM_SHA384';
-  TLS1_RFC_DHE_RSA_WITH_AES_128_GCM_SHA256 = 'TLS_DHE_RSA_WITH_AES_128_GCM_SHA256';
-  TLS1_RFC_DHE_RSA_WITH_AES_256_GCM_SHA384 = 'TLS_DHE_RSA_WITH_AES_256_GCM_SHA384';
-  TLS1_RFC_DHE_DSS_WITH_AES_128_GCM_SHA256 = 'TLS_DHE_DSS_WITH_AES_128_GCM_SHA256';
-  TLS1_RFC_DHE_DSS_WITH_AES_256_GCM_SHA384 = 'TLS_DHE_DSS_WITH_AES_256_GCM_SHA384';
-  TLS1_RFC_ADH_WITH_AES_128_GCM_SHA256 = 'TLS_DH_anon_WITH_AES_128_GCM_SHA256';
-  TLS1_RFC_ADH_WITH_AES_256_GCM_SHA384 = 'TLS_DH_anon_WITH_AES_256_GCM_SHA384';
-  TLS1_RFC_RSA_WITH_AES_128_CCM = 'TLS_RSA_WITH_AES_128_CCM';
-  TLS1_RFC_RSA_WITH_AES_256_CCM = 'TLS_RSA_WITH_AES_256_CCM';
-  TLS1_RFC_DHE_RSA_WITH_AES_128_CCM = 'TLS_DHE_RSA_WITH_AES_128_CCM';
-  TLS1_RFC_DHE_RSA_WITH_AES_256_CCM = 'TLS_DHE_RSA_WITH_AES_256_CCM';
-  TLS1_RFC_RSA_WITH_AES_128_CCM_8 = 'TLS_RSA_WITH_AES_128_CCM_8';
-  TLS1_RFC_RSA_WITH_AES_256_CCM_8 = 'TLS_RSA_WITH_AES_256_CCM_8';
-  TLS1_RFC_DHE_RSA_WITH_AES_128_CCM_8 = 'TLS_DHE_RSA_WITH_AES_128_CCM_8';
-  TLS1_RFC_DHE_RSA_WITH_AES_256_CCM_8 = 'TLS_DHE_RSA_WITH_AES_256_CCM_8';
-  TLS1_RFC_PSK_WITH_AES_128_CCM = 'TLS_PSK_WITH_AES_128_CCM';
-  TLS1_RFC_PSK_WITH_AES_256_CCM = 'TLS_PSK_WITH_AES_256_CCM';
-  TLS1_RFC_DHE_PSK_WITH_AES_128_CCM = 'TLS_DHE_PSK_WITH_AES_128_CCM';
-  TLS1_RFC_DHE_PSK_WITH_AES_256_CCM = 'TLS_DHE_PSK_WITH_AES_256_CCM';
-  TLS1_RFC_PSK_WITH_AES_128_CCM_8 = 'TLS_PSK_WITH_AES_128_CCM_8';
-  TLS1_RFC_PSK_WITH_AES_256_CCM_8 = 'TLS_PSK_WITH_AES_256_CCM_8';
-  TLS1_RFC_DHE_PSK_WITH_AES_128_CCM_8 = 'TLS_PSK_DHE_WITH_AES_128_CCM_8';
-  TLS1_RFC_DHE_PSK_WITH_AES_256_CCM_8 = 'TLS_PSK_DHE_WITH_AES_256_CCM_8';
-  TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_CCM = 'TLS_ECDHE_ECDSA_WITH_AES_128_CCM';
-  TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_CCM = 'TLS_ECDHE_ECDSA_WITH_AES_256_CCM';
-  TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_CCM_8 = 'TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8';
-  TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_CCM_8 = 'TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8';
-  TLS1_3_RFC_AES_128_GCM_SHA256 = 'TLS_AES_128_GCM_SHA256';
-  TLS1_3_RFC_AES_256_GCM_SHA384 = 'TLS_AES_256_GCM_SHA384';
-  TLS1_3_RFC_CHACHA20_POLY1305_SHA256 = 'TLS_CHACHA20_POLY1305_SHA256';
-  TLS1_3_RFC_AES_128_CCM_SHA256 = 'TLS_AES_128_CCM_SHA256';
-  TLS1_3_RFC_AES_128_CCM_8_SHA256 = 'TLS_AES_128_CCM_8_SHA256';
-  TLS1_RFC_ECDHE_ECDSA_WITH_NULL_SHA = 'TLS_ECDHE_ECDSA_WITH_NULL_SHA';
-  TLS1_RFC_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA = 'TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA';
-  TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_CBC_SHA = 'TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA';
-  TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_CBC_SHA = 'TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA';
-  TLS1_RFC_ECDHE_RSA_WITH_NULL_SHA = 'TLS_ECDHE_RSA_WITH_NULL_SHA';
-  TLS1_RFC_ECDHE_RSA_WITH_DES_192_CBC3_SHA = 'TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA';
-  TLS1_RFC_ECDHE_RSA_WITH_AES_128_CBC_SHA = 'TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA';
-  TLS1_RFC_ECDHE_RSA_WITH_AES_256_CBC_SHA = 'TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA';
-  TLS1_RFC_ECDH_anon_WITH_NULL_SHA = 'TLS_ECDH_anon_WITH_NULL_SHA';
-  TLS1_RFC_ECDH_anon_WITH_DES_192_CBC3_SHA = 'TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA';
-  TLS1_RFC_ECDH_anon_WITH_AES_128_CBC_SHA = 'TLS_ECDH_anon_WITH_AES_128_CBC_SHA';
-  TLS1_RFC_ECDH_anon_WITH_AES_256_CBC_SHA = 'TLS_ECDH_anon_WITH_AES_256_CBC_SHA';
-  TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_SHA256 = 'TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256';
-  TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_SHA384 = 'TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384';
-  TLS1_RFC_ECDHE_RSA_WITH_AES_128_SHA256 = 'TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256';
-  TLS1_RFC_ECDHE_RSA_WITH_AES_256_SHA384 = 'TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384';
-  TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 = 'TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256';
-  TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 = 'TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384';
-  TLS1_RFC_ECDHE_RSA_WITH_AES_128_GCM_SHA256 = 'TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256';
-  TLS1_RFC_ECDHE_RSA_WITH_AES_256_GCM_SHA384 = 'TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384';
-  TLS1_RFC_PSK_WITH_NULL_SHA = 'TLS_PSK_WITH_NULL_SHA';
-  TLS1_RFC_DHE_PSK_WITH_NULL_SHA = 'TLS_DHE_PSK_WITH_NULL_SHA';
-  TLS1_RFC_RSA_PSK_WITH_NULL_SHA = 'TLS_RSA_PSK_WITH_NULL_SHA';
-  TLS1_RFC_PSK_WITH_3DES_EDE_CBC_SHA = 'TLS_PSK_WITH_3DES_EDE_CBC_SHA';
-  TLS1_RFC_PSK_WITH_AES_128_CBC_SHA = 'TLS_PSK_WITH_AES_128_CBC_SHA';
-  TLS1_RFC_PSK_WITH_AES_256_CBC_SHA = 'TLS_PSK_WITH_AES_256_CBC_SHA';
-  TLS1_RFC_DHE_PSK_WITH_3DES_EDE_CBC_SHA = 'TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA';
-  TLS1_RFC_DHE_PSK_WITH_AES_128_CBC_SHA = 'TLS_DHE_PSK_WITH_AES_128_CBC_SHA';
-  TLS1_RFC_DHE_PSK_WITH_AES_256_CBC_SHA = 'TLS_DHE_PSK_WITH_AES_256_CBC_SHA';
-  TLS1_RFC_RSA_PSK_WITH_3DES_EDE_CBC_SHA = 'TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA';
-  TLS1_RFC_RSA_PSK_WITH_AES_128_CBC_SHA = 'TLS_RSA_PSK_WITH_AES_128_CBC_SHA';
-  TLS1_RFC_RSA_PSK_WITH_AES_256_CBC_SHA = 'TLS_RSA_PSK_WITH_AES_256_CBC_SHA';
-  TLS1_RFC_PSK_WITH_AES_128_GCM_SHA256 = 'TLS_PSK_WITH_AES_128_GCM_SHA256';
-  TLS1_RFC_PSK_WITH_AES_256_GCM_SHA384 = 'TLS_PSK_WITH_AES_256_GCM_SHA384';
-  TLS1_RFC_DHE_PSK_WITH_AES_128_GCM_SHA256 = 'TLS_DHE_PSK_WITH_AES_128_GCM_SHA256';
-  TLS1_RFC_DHE_PSK_WITH_AES_256_GCM_SHA384 = 'TLS_DHE_PSK_WITH_AES_256_GCM_SHA384';
-  TLS1_RFC_RSA_PSK_WITH_AES_128_GCM_SHA256 = 'TLS_RSA_PSK_WITH_AES_128_GCM_SHA256';
-  TLS1_RFC_RSA_PSK_WITH_AES_256_GCM_SHA384 = 'TLS_RSA_PSK_WITH_AES_256_GCM_SHA384';
-  TLS1_RFC_PSK_WITH_AES_128_CBC_SHA256 = 'TLS_PSK_WITH_AES_128_CBC_SHA256';
-  TLS1_RFC_PSK_WITH_AES_256_CBC_SHA384 = 'TLS_PSK_WITH_AES_256_CBC_SHA384';
-  TLS1_RFC_PSK_WITH_NULL_SHA256 = 'TLS_PSK_WITH_NULL_SHA256';
-  TLS1_RFC_PSK_WITH_NULL_SHA384 = 'TLS_PSK_WITH_NULL_SHA384';
-  TLS1_RFC_DHE_PSK_WITH_AES_128_CBC_SHA256 = 'TLS_DHE_PSK_WITH_AES_128_CBC_SHA256';
-  TLS1_RFC_DHE_PSK_WITH_AES_256_CBC_SHA384 = 'TLS_DHE_PSK_WITH_AES_256_CBC_SHA384';
-  TLS1_RFC_DHE_PSK_WITH_NULL_SHA256 = 'TLS_DHE_PSK_WITH_NULL_SHA256';
-  TLS1_RFC_DHE_PSK_WITH_NULL_SHA384 = 'TLS_DHE_PSK_WITH_NULL_SHA384';
-  TLS1_RFC_RSA_PSK_WITH_AES_128_CBC_SHA256 = 'TLS_RSA_PSK_WITH_AES_128_CBC_SHA256';
-  TLS1_RFC_RSA_PSK_WITH_AES_256_CBC_SHA384 = 'TLS_RSA_PSK_WITH_AES_256_CBC_SHA384';
-  TLS1_RFC_RSA_PSK_WITH_NULL_SHA256 = 'TLS_RSA_PSK_WITH_NULL_SHA256';
-  TLS1_RFC_RSA_PSK_WITH_NULL_SHA384 = 'TLS_RSA_PSK_WITH_NULL_SHA384';
-  TLS1_RFC_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA = 'TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA';
-  TLS1_RFC_ECDHE_PSK_WITH_AES_128_CBC_SHA = 'TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA';
-  TLS1_RFC_ECDHE_PSK_WITH_AES_256_CBC_SHA = 'TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA';
-  TLS1_RFC_ECDHE_PSK_WITH_AES_128_CBC_SHA256 = 'TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256';
-  TLS1_RFC_ECDHE_PSK_WITH_AES_256_CBC_SHA384 = 'TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384';
-  TLS1_RFC_ECDHE_PSK_WITH_NULL_SHA = 'TLS_ECDHE_PSK_WITH_NULL_SHA';
-  TLS1_RFC_ECDHE_PSK_WITH_NULL_SHA256 = 'TLS_ECDHE_PSK_WITH_NULL_SHA256';
-  TLS1_RFC_ECDHE_PSK_WITH_NULL_SHA384 = 'TLS_ECDHE_PSK_WITH_NULL_SHA384';
-  TLS1_RFC_SRP_SHA_WITH_3DES_EDE_CBC_SHA = 'TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA';
-  TLS1_RFC_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA = 'TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA';
-  TLS1_RFC_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA = 'TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA';
-  TLS1_RFC_SRP_SHA_WITH_AES_128_CBC_SHA = 'TLS_SRP_SHA_WITH_AES_128_CBC_SHA';
-  TLS1_RFC_SRP_SHA_RSA_WITH_AES_128_CBC_SHA = 'TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA';
-  TLS1_RFC_SRP_SHA_DSS_WITH_AES_128_CBC_SHA = 'TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA';
-  TLS1_RFC_SRP_SHA_WITH_AES_256_CBC_SHA = 'TLS_SRP_SHA_WITH_AES_256_CBC_SHA';
-  TLS1_RFC_SRP_SHA_RSA_WITH_AES_256_CBC_SHA = 'TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA';
-  TLS1_RFC_SRP_SHA_DSS_WITH_AES_256_CBC_SHA = 'TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA';
-  TLS1_RFC_DHE_RSA_WITH_CHACHA20_POLY1305 = 'TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256';
-  TLS1_RFC_ECDHE_RSA_WITH_CHACHA20_POLY1305 = 'TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256';
-  TLS1_RFC_ECDHE_ECDSA_WITH_CHACHA20_POLY1305 = 'TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256';
-  TLS1_RFC_PSK_WITH_CHACHA20_POLY1305 = 'TLS_PSK_WITH_CHACHA20_POLY1305_SHA256';
-  TLS1_RFC_ECDHE_PSK_WITH_CHACHA20_POLY1305 = 'TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256';
-  TLS1_RFC_DHE_PSK_WITH_CHACHA20_POLY1305 = 'TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256';
-  TLS1_RFC_RSA_PSK_WITH_CHACHA20_POLY1305 = 'TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256';
-  TLS1_RFC_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 'TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256';
-  TLS1_RFC_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256 = 'TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256';
-  TLS1_RFC_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 'TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256';
-  TLS1_RFC_ADH_WITH_CAMELLIA_128_CBC_SHA256 = 'TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256';
-  TLS1_RFC_RSA_WITH_CAMELLIA_256_CBC_SHA256 = 'TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256';
-  TLS1_RFC_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256 = 'TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256';
-  TLS1_RFC_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 = 'TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256';
-  TLS1_RFC_ADH_WITH_CAMELLIA_256_CBC_SHA256 = 'TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256';
-  TLS1_RFC_RSA_WITH_CAMELLIA_256_CBC_SHA = 'TLS_RSA_WITH_CAMELLIA_256_CBC_SHA';
-  TLS1_RFC_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA = 'TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA';
-  TLS1_RFC_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA = 'TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA';
-  TLS1_RFC_ADH_WITH_CAMELLIA_256_CBC_SHA = 'TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA';
-  TLS1_RFC_RSA_WITH_CAMELLIA_128_CBC_SHA = 'TLS_RSA_WITH_CAMELLIA_128_CBC_SHA';
-  TLS1_RFC_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA = 'TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA';
-  TLS1_RFC_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA = 'TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA';
-  TLS1_RFC_ADH_WITH_CAMELLIA_128_CBC_SHA = 'TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA';
-  TLS1_RFC_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 = 'TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256';
-  TLS1_RFC_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 = 'TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384';
-  TLS1_RFC_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 'TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256';
-  TLS1_RFC_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 = 'TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384';
-  TLS1_RFC_PSK_WITH_CAMELLIA_128_CBC_SHA256 = 'TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256';
-  TLS1_RFC_PSK_WITH_CAMELLIA_256_CBC_SHA384 = 'TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384';
-  TLS1_RFC_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 = 'TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256';
-  TLS1_RFC_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 = 'TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384';
-  TLS1_RFC_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 = 'TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256';
-  TLS1_RFC_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 = 'TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384';
-  TLS1_RFC_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 = 'TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256';
-  TLS1_RFC_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 = 'TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384';
-  TLS1_RFC_RSA_WITH_SEED_SHA = 'TLS_RSA_WITH_SEED_CBC_SHA';
-  TLS1_RFC_DHE_DSS_WITH_SEED_SHA = 'TLS_DHE_DSS_WITH_SEED_CBC_SHA';
-  TLS1_RFC_DHE_RSA_WITH_SEED_SHA = 'TLS_DHE_RSA_WITH_SEED_CBC_SHA';
-  TLS1_RFC_ADH_WITH_SEED_SHA = 'TLS_DH_anon_WITH_SEED_CBC_SHA';
-  TLS1_RFC_ECDHE_PSK_WITH_RC4_128_SHA = 'TLS_ECDHE_PSK_WITH_RC4_128_SHA';
-  TLS1_RFC_ECDH_anon_WITH_RC4_128_SHA = 'TLS_ECDH_anon_WITH_RC4_128_SHA';
-  TLS1_RFC_ECDHE_ECDSA_WITH_RC4_128_SHA = 'TLS_ECDHE_ECDSA_WITH_RC4_128_SHA';
-  TLS1_RFC_ECDHE_RSA_WITH_RC4_128_SHA = 'TLS_ECDHE_RSA_WITH_RC4_128_SHA';
-  TLS1_RFC_PSK_WITH_RC4_128_SHA = 'TLS_PSK_WITH_RC4_128_SHA';
-  TLS1_RFC_RSA_PSK_WITH_RC4_128_SHA = 'TLS_RSA_PSK_WITH_RC4_128_SHA';
-  TLS1_RFC_DHE_PSK_WITH_RC4_128_SHA = 'TLS_DHE_PSK_WITH_RC4_128_SHA';
-  TLS1_RFC_RSA_WITH_ARIA_128_GCM_SHA256 = 'TLS_RSA_WITH_ARIA_128_GCM_SHA256';
-  TLS1_RFC_RSA_WITH_ARIA_256_GCM_SHA384 = 'TLS_RSA_WITH_ARIA_256_GCM_SHA384';
-  TLS1_RFC_DHE_RSA_WITH_ARIA_128_GCM_SHA256 = 'TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256';
-  TLS1_RFC_DHE_RSA_WITH_ARIA_256_GCM_SHA384 = 'TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384';
-  TLS1_RFC_DH_RSA_WITH_ARIA_128_GCM_SHA256 = 'TLS_DH_RSA_WITH_ARIA_128_GCM_SHA256';
-  TLS1_RFC_DH_RSA_WITH_ARIA_256_GCM_SHA384 = 'TLS_DH_RSA_WITH_ARIA_256_GCM_SHA384';
-  TLS1_RFC_DHE_DSS_WITH_ARIA_128_GCM_SHA256 = 'TLS_DHE_DSS_WITH_ARIA_128_GCM_SHA256';
-  TLS1_RFC_DHE_DSS_WITH_ARIA_256_GCM_SHA384 = 'TLS_DHE_DSS_WITH_ARIA_256_GCM_SHA384';
-  TLS1_RFC_DH_DSS_WITH_ARIA_128_GCM_SHA256 = 'TLS_DH_DSS_WITH_ARIA_128_GCM_SHA256';
-  TLS1_RFC_DH_DSS_WITH_ARIA_256_GCM_SHA384 = 'TLS_DH_DSS_WITH_ARIA_256_GCM_SHA384';
-  TLS1_RFC_DH_anon_WITH_ARIA_128_GCM_SHA256 = 'TLS_DH_anon_WITH_ARIA_128_GCM_SHA256';
-  TLS1_RFC_DH_anon_WITH_ARIA_256_GCM_SHA384 = 'TLS_DH_anon_WITH_ARIA_256_GCM_SHA384';
-  TLS1_RFC_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256 = 'TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256';
-  TLS1_RFC_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384 = 'TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384';
-  TLS1_RFC_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256 = 'TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256';
-  TLS1_RFC_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384 = 'TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384';
-  TLS1_RFC_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 = 'TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256';
-  TLS1_RFC_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 = 'TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384';
-  TLS1_RFC_ECDH_RSA_WITH_ARIA_128_GCM_SHA256 = 'TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256';
-  TLS1_RFC_ECDH_RSA_WITH_ARIA_256_GCM_SHA384 = 'TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384';
-  TLS1_RFC_PSK_WITH_ARIA_128_GCM_SHA256 = 'TLS_PSK_WITH_ARIA_128_GCM_SHA256';
-  TLS1_RFC_PSK_WITH_ARIA_256_GCM_SHA384 = 'TLS_PSK_WITH_ARIA_256_GCM_SHA384';
-  TLS1_RFC_DHE_PSK_WITH_ARIA_128_GCM_SHA256 = 'TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256';
-  TLS1_RFC_DHE_PSK_WITH_ARIA_256_GCM_SHA384 = 'TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384';
-  TLS1_RFC_RSA_PSK_WITH_ARIA_128_GCM_SHA256 = 'TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256';
-  TLS1_RFC_RSA_PSK_WITH_ARIA_256_GCM_SHA384 = 'TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384';
+  TLS1_RFC_RSA_WITH_AES_128_SHA = AnsiString('TLS_RSA_WITH_AES_128_CBC_SHA');
+  TLS1_RFC_DHE_DSS_WITH_AES_128_SHA = AnsiString('TLS_DHE_DSS_WITH_AES_128_CBC_SHA');
+  TLS1_RFC_DHE_RSA_WITH_AES_128_SHA = AnsiString('TLS_DHE_RSA_WITH_AES_128_CBC_SHA');
+  TLS1_RFC_ADH_WITH_AES_128_SHA = AnsiString('TLS_DH_anon_WITH_AES_128_CBC_SHA');
+  TLS1_RFC_RSA_WITH_AES_256_SHA = AnsiString('TLS_RSA_WITH_AES_256_CBC_SHA');
+  TLS1_RFC_DHE_DSS_WITH_AES_256_SHA = AnsiString('TLS_DHE_DSS_WITH_AES_256_CBC_SHA');
+  TLS1_RFC_DHE_RSA_WITH_AES_256_SHA = AnsiString('TLS_DHE_RSA_WITH_AES_256_CBC_SHA');
+  TLS1_RFC_ADH_WITH_AES_256_SHA = AnsiString('TLS_DH_anon_WITH_AES_256_CBC_SHA');
+  TLS1_RFC_RSA_WITH_NULL_SHA256 = AnsiString('TLS_RSA_WITH_NULL_SHA256');
+  TLS1_RFC_RSA_WITH_AES_128_SHA256 = AnsiString('TLS_RSA_WITH_AES_128_CBC_SHA256');
+  TLS1_RFC_RSA_WITH_AES_256_SHA256 = AnsiString('TLS_RSA_WITH_AES_256_CBC_SHA256');
+  TLS1_RFC_DHE_DSS_WITH_AES_128_SHA256 = AnsiString('TLS_DHE_DSS_WITH_AES_128_CBC_SHA256');
+  TLS1_RFC_DHE_RSA_WITH_AES_128_SHA256 = AnsiString('TLS_DHE_RSA_WITH_AES_128_CBC_SHA256');
+  TLS1_RFC_DHE_DSS_WITH_AES_256_SHA256 = AnsiString('TLS_DHE_DSS_WITH_AES_256_CBC_SHA256');
+  TLS1_RFC_DHE_RSA_WITH_AES_256_SHA256 = AnsiString('TLS_DHE_RSA_WITH_AES_256_CBC_SHA256');
+  TLS1_RFC_ADH_WITH_AES_128_SHA256 = AnsiString('TLS_DH_anon_WITH_AES_128_CBC_SHA256');
+  TLS1_RFC_ADH_WITH_AES_256_SHA256 = AnsiString('TLS_DH_anon_WITH_AES_256_CBC_SHA256');
+  TLS1_RFC_RSA_WITH_AES_128_GCM_SHA256 = AnsiString('TLS_RSA_WITH_AES_128_GCM_SHA256');
+  TLS1_RFC_RSA_WITH_AES_256_GCM_SHA384 = AnsiString('TLS_RSA_WITH_AES_256_GCM_SHA384');
+  TLS1_RFC_DHE_RSA_WITH_AES_128_GCM_SHA256 = AnsiString('TLS_DHE_RSA_WITH_AES_128_GCM_SHA256');
+  TLS1_RFC_DHE_RSA_WITH_AES_256_GCM_SHA384 = AnsiString('TLS_DHE_RSA_WITH_AES_256_GCM_SHA384');
+  TLS1_RFC_DHE_DSS_WITH_AES_128_GCM_SHA256 = AnsiString('TLS_DHE_DSS_WITH_AES_128_GCM_SHA256');
+  TLS1_RFC_DHE_DSS_WITH_AES_256_GCM_SHA384 = AnsiString('TLS_DHE_DSS_WITH_AES_256_GCM_SHA384');
+  TLS1_RFC_ADH_WITH_AES_128_GCM_SHA256 = AnsiString('TLS_DH_anon_WITH_AES_128_GCM_SHA256');
+  TLS1_RFC_ADH_WITH_AES_256_GCM_SHA384 = AnsiString('TLS_DH_anon_WITH_AES_256_GCM_SHA384');
+  TLS1_RFC_RSA_WITH_AES_128_CCM = AnsiString('TLS_RSA_WITH_AES_128_CCM');
+  TLS1_RFC_RSA_WITH_AES_256_CCM = AnsiString('TLS_RSA_WITH_AES_256_CCM');
+  TLS1_RFC_DHE_RSA_WITH_AES_128_CCM = AnsiString('TLS_DHE_RSA_WITH_AES_128_CCM');
+  TLS1_RFC_DHE_RSA_WITH_AES_256_CCM = AnsiString('TLS_DHE_RSA_WITH_AES_256_CCM');
+  TLS1_RFC_RSA_WITH_AES_128_CCM_8 = AnsiString('TLS_RSA_WITH_AES_128_CCM_8');
+  TLS1_RFC_RSA_WITH_AES_256_CCM_8 = AnsiString('TLS_RSA_WITH_AES_256_CCM_8');
+  TLS1_RFC_DHE_RSA_WITH_AES_128_CCM_8 = AnsiString('TLS_DHE_RSA_WITH_AES_128_CCM_8');
+  TLS1_RFC_DHE_RSA_WITH_AES_256_CCM_8 = AnsiString('TLS_DHE_RSA_WITH_AES_256_CCM_8');
+  TLS1_RFC_PSK_WITH_AES_128_CCM = AnsiString('TLS_PSK_WITH_AES_128_CCM');
+  TLS1_RFC_PSK_WITH_AES_256_CCM = AnsiString('TLS_PSK_WITH_AES_256_CCM');
+  TLS1_RFC_DHE_PSK_WITH_AES_128_CCM = AnsiString('TLS_DHE_PSK_WITH_AES_128_CCM');
+  TLS1_RFC_DHE_PSK_WITH_AES_256_CCM = AnsiString('TLS_DHE_PSK_WITH_AES_256_CCM');
+  TLS1_RFC_PSK_WITH_AES_128_CCM_8 = AnsiString('TLS_PSK_WITH_AES_128_CCM_8');
+  TLS1_RFC_PSK_WITH_AES_256_CCM_8 = AnsiString('TLS_PSK_WITH_AES_256_CCM_8');
+  TLS1_RFC_DHE_PSK_WITH_AES_128_CCM_8 = AnsiString('TLS_PSK_DHE_WITH_AES_128_CCM_8');
+  TLS1_RFC_DHE_PSK_WITH_AES_256_CCM_8 = AnsiString('TLS_PSK_DHE_WITH_AES_256_CCM_8');
+  TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_CCM = AnsiString('TLS_ECDHE_ECDSA_WITH_AES_128_CCM');
+  TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_CCM = AnsiString('TLS_ECDHE_ECDSA_WITH_AES_256_CCM');
+  TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_CCM_8 = AnsiString('TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8');
+  TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_CCM_8 = AnsiString('TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8');
+  TLS1_3_RFC_AES_128_GCM_SHA256 = AnsiString('TLS_AES_128_GCM_SHA256');
+  TLS1_3_RFC_AES_256_GCM_SHA384 = AnsiString('TLS_AES_256_GCM_SHA384');
+  TLS1_3_RFC_CHACHA20_POLY1305_SHA256 = AnsiString('TLS_CHACHA20_POLY1305_SHA256');
+  TLS1_3_RFC_AES_128_CCM_SHA256 = AnsiString('TLS_AES_128_CCM_SHA256');
+  TLS1_3_RFC_AES_128_CCM_8_SHA256 = AnsiString('TLS_AES_128_CCM_8_SHA256');
+  TLS1_RFC_ECDHE_ECDSA_WITH_NULL_SHA = AnsiString('TLS_ECDHE_ECDSA_WITH_NULL_SHA');
+  TLS1_RFC_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA = AnsiString('TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA');
+  TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_CBC_SHA = AnsiString('TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA');
+  TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_CBC_SHA = AnsiString('TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA');
+  TLS1_RFC_ECDHE_RSA_WITH_NULL_SHA = AnsiString('TLS_ECDHE_RSA_WITH_NULL_SHA');
+  TLS1_RFC_ECDHE_RSA_WITH_DES_192_CBC3_SHA = AnsiString('TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA');
+  TLS1_RFC_ECDHE_RSA_WITH_AES_128_CBC_SHA = AnsiString('TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA');
+  TLS1_RFC_ECDHE_RSA_WITH_AES_256_CBC_SHA = AnsiString('TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA');
+  TLS1_RFC_ECDH_anon_WITH_NULL_SHA = AnsiString('TLS_ECDH_anon_WITH_NULL_SHA');
+  TLS1_RFC_ECDH_anon_WITH_DES_192_CBC3_SHA = AnsiString('TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA');
+  TLS1_RFC_ECDH_anon_WITH_AES_128_CBC_SHA = AnsiString('TLS_ECDH_anon_WITH_AES_128_CBC_SHA');
+  TLS1_RFC_ECDH_anon_WITH_AES_256_CBC_SHA = AnsiString('TLS_ECDH_anon_WITH_AES_256_CBC_SHA');
+  TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_SHA256 = AnsiString('TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256');
+  TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_SHA384 = AnsiString('TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384');
+  TLS1_RFC_ECDHE_RSA_WITH_AES_128_SHA256 = AnsiString('TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256');
+  TLS1_RFC_ECDHE_RSA_WITH_AES_256_SHA384 = AnsiString('TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384');
+  TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 = AnsiString('TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256');
+  TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 = AnsiString('TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384');
+  TLS1_RFC_ECDHE_RSA_WITH_AES_128_GCM_SHA256 = AnsiString('TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256');
+  TLS1_RFC_ECDHE_RSA_WITH_AES_256_GCM_SHA384 = AnsiString('TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384');
+  TLS1_RFC_PSK_WITH_NULL_SHA = AnsiString('TLS_PSK_WITH_NULL_SHA');
+  TLS1_RFC_DHE_PSK_WITH_NULL_SHA = AnsiString('TLS_DHE_PSK_WITH_NULL_SHA');
+  TLS1_RFC_RSA_PSK_WITH_NULL_SHA = AnsiString('TLS_RSA_PSK_WITH_NULL_SHA');
+  TLS1_RFC_PSK_WITH_3DES_EDE_CBC_SHA = AnsiString('TLS_PSK_WITH_3DES_EDE_CBC_SHA');
+  TLS1_RFC_PSK_WITH_AES_128_CBC_SHA = AnsiString('TLS_PSK_WITH_AES_128_CBC_SHA');
+  TLS1_RFC_PSK_WITH_AES_256_CBC_SHA = AnsiString('TLS_PSK_WITH_AES_256_CBC_SHA');
+  TLS1_RFC_DHE_PSK_WITH_3DES_EDE_CBC_SHA = AnsiString('TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA');
+  TLS1_RFC_DHE_PSK_WITH_AES_128_CBC_SHA = AnsiString('TLS_DHE_PSK_WITH_AES_128_CBC_SHA');
+  TLS1_RFC_DHE_PSK_WITH_AES_256_CBC_SHA = AnsiString('TLS_DHE_PSK_WITH_AES_256_CBC_SHA');
+  TLS1_RFC_RSA_PSK_WITH_3DES_EDE_CBC_SHA = AnsiString('TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA');
+  TLS1_RFC_RSA_PSK_WITH_AES_128_CBC_SHA = AnsiString('TLS_RSA_PSK_WITH_AES_128_CBC_SHA');
+  TLS1_RFC_RSA_PSK_WITH_AES_256_CBC_SHA = AnsiString('TLS_RSA_PSK_WITH_AES_256_CBC_SHA');
+  TLS1_RFC_PSK_WITH_AES_128_GCM_SHA256 = AnsiString('TLS_PSK_WITH_AES_128_GCM_SHA256');
+  TLS1_RFC_PSK_WITH_AES_256_GCM_SHA384 = AnsiString('TLS_PSK_WITH_AES_256_GCM_SHA384');
+  TLS1_RFC_DHE_PSK_WITH_AES_128_GCM_SHA256 = AnsiString('TLS_DHE_PSK_WITH_AES_128_GCM_SHA256');
+  TLS1_RFC_DHE_PSK_WITH_AES_256_GCM_SHA384 = AnsiString('TLS_DHE_PSK_WITH_AES_256_GCM_SHA384');
+  TLS1_RFC_RSA_PSK_WITH_AES_128_GCM_SHA256 = AnsiString('TLS_RSA_PSK_WITH_AES_128_GCM_SHA256');
+  TLS1_RFC_RSA_PSK_WITH_AES_256_GCM_SHA384 = AnsiString('TLS_RSA_PSK_WITH_AES_256_GCM_SHA384');
+  TLS1_RFC_PSK_WITH_AES_128_CBC_SHA256 = AnsiString('TLS_PSK_WITH_AES_128_CBC_SHA256');
+  TLS1_RFC_PSK_WITH_AES_256_CBC_SHA384 = AnsiString('TLS_PSK_WITH_AES_256_CBC_SHA384');
+  TLS1_RFC_PSK_WITH_NULL_SHA256 = AnsiString('TLS_PSK_WITH_NULL_SHA256');
+  TLS1_RFC_PSK_WITH_NULL_SHA384 = AnsiString('TLS_PSK_WITH_NULL_SHA384');
+  TLS1_RFC_DHE_PSK_WITH_AES_128_CBC_SHA256 = AnsiString('TLS_DHE_PSK_WITH_AES_128_CBC_SHA256');
+  TLS1_RFC_DHE_PSK_WITH_AES_256_CBC_SHA384 = AnsiString('TLS_DHE_PSK_WITH_AES_256_CBC_SHA384');
+  TLS1_RFC_DHE_PSK_WITH_NULL_SHA256 = AnsiString('TLS_DHE_PSK_WITH_NULL_SHA256');
+  TLS1_RFC_DHE_PSK_WITH_NULL_SHA384 = AnsiString('TLS_DHE_PSK_WITH_NULL_SHA384');
+  TLS1_RFC_RSA_PSK_WITH_AES_128_CBC_SHA256 = AnsiString('TLS_RSA_PSK_WITH_AES_128_CBC_SHA256');
+  TLS1_RFC_RSA_PSK_WITH_AES_256_CBC_SHA384 = AnsiString('TLS_RSA_PSK_WITH_AES_256_CBC_SHA384');
+  TLS1_RFC_RSA_PSK_WITH_NULL_SHA256 = AnsiString('TLS_RSA_PSK_WITH_NULL_SHA256');
+  TLS1_RFC_RSA_PSK_WITH_NULL_SHA384 = AnsiString('TLS_RSA_PSK_WITH_NULL_SHA384');
+  TLS1_RFC_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA = AnsiString('TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA');
+  TLS1_RFC_ECDHE_PSK_WITH_AES_128_CBC_SHA = AnsiString('TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA');
+  TLS1_RFC_ECDHE_PSK_WITH_AES_256_CBC_SHA = AnsiString('TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA');
+  TLS1_RFC_ECDHE_PSK_WITH_AES_128_CBC_SHA256 = AnsiString('TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256');
+  TLS1_RFC_ECDHE_PSK_WITH_AES_256_CBC_SHA384 = AnsiString('TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384');
+  TLS1_RFC_ECDHE_PSK_WITH_NULL_SHA = AnsiString('TLS_ECDHE_PSK_WITH_NULL_SHA');
+  TLS1_RFC_ECDHE_PSK_WITH_NULL_SHA256 = AnsiString('TLS_ECDHE_PSK_WITH_NULL_SHA256');
+  TLS1_RFC_ECDHE_PSK_WITH_NULL_SHA384 = AnsiString('TLS_ECDHE_PSK_WITH_NULL_SHA384');
+  TLS1_RFC_SRP_SHA_WITH_3DES_EDE_CBC_SHA = AnsiString('TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA');
+  TLS1_RFC_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA = AnsiString('TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA');
+  TLS1_RFC_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA = AnsiString('TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA');
+  TLS1_RFC_SRP_SHA_WITH_AES_128_CBC_SHA = AnsiString('TLS_SRP_SHA_WITH_AES_128_CBC_SHA');
+  TLS1_RFC_SRP_SHA_RSA_WITH_AES_128_CBC_SHA = AnsiString('TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA');
+  TLS1_RFC_SRP_SHA_DSS_WITH_AES_128_CBC_SHA = AnsiString('TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA');
+  TLS1_RFC_SRP_SHA_WITH_AES_256_CBC_SHA = AnsiString('TLS_SRP_SHA_WITH_AES_256_CBC_SHA');
+  TLS1_RFC_SRP_SHA_RSA_WITH_AES_256_CBC_SHA = AnsiString('TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA');
+  TLS1_RFC_SRP_SHA_DSS_WITH_AES_256_CBC_SHA = AnsiString('TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA');
+  TLS1_RFC_DHE_RSA_WITH_CHACHA20_POLY1305 = AnsiString('TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256');
+  TLS1_RFC_ECDHE_RSA_WITH_CHACHA20_POLY1305 = AnsiString('TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256');
+  TLS1_RFC_ECDHE_ECDSA_WITH_CHACHA20_POLY1305 = AnsiString('TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256');
+  TLS1_RFC_PSK_WITH_CHACHA20_POLY1305 = AnsiString('TLS_PSK_WITH_CHACHA20_POLY1305_SHA256');
+  TLS1_RFC_ECDHE_PSK_WITH_CHACHA20_POLY1305 = AnsiString('TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256');
+  TLS1_RFC_DHE_PSK_WITH_CHACHA20_POLY1305 = AnsiString('TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256');
+  TLS1_RFC_RSA_PSK_WITH_CHACHA20_POLY1305 = AnsiString('TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256');
+  TLS1_RFC_RSA_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256');
+  TLS1_RFC_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256');
+  TLS1_RFC_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256');
+  TLS1_RFC_ADH_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256');
+  TLS1_RFC_RSA_WITH_CAMELLIA_256_CBC_SHA256 = AnsiString('TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256');
+  TLS1_RFC_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256 = AnsiString('TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256');
+  TLS1_RFC_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 = AnsiString('TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256');
+  TLS1_RFC_ADH_WITH_CAMELLIA_256_CBC_SHA256 = AnsiString('TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256');
+  TLS1_RFC_RSA_WITH_CAMELLIA_256_CBC_SHA = AnsiString('TLS_RSA_WITH_CAMELLIA_256_CBC_SHA');
+  TLS1_RFC_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA = AnsiString('TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA');
+  TLS1_RFC_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA = AnsiString('TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA');
+  TLS1_RFC_ADH_WITH_CAMELLIA_256_CBC_SHA = AnsiString('TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA');
+  TLS1_RFC_RSA_WITH_CAMELLIA_128_CBC_SHA = AnsiString('TLS_RSA_WITH_CAMELLIA_128_CBC_SHA');
+  TLS1_RFC_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA = AnsiString('TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA');
+  TLS1_RFC_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA = AnsiString('TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA');
+  TLS1_RFC_ADH_WITH_CAMELLIA_128_CBC_SHA = AnsiString('TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA');
+  TLS1_RFC_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256');
+  TLS1_RFC_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 = AnsiString('TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384');
+  TLS1_RFC_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256');
+  TLS1_RFC_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 = AnsiString('TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384');
+  TLS1_RFC_PSK_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256');
+  TLS1_RFC_PSK_WITH_CAMELLIA_256_CBC_SHA384 = AnsiString('TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384');
+  TLS1_RFC_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256');
+  TLS1_RFC_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 = AnsiString('TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384');
+  TLS1_RFC_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256');
+  TLS1_RFC_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 = AnsiString('TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384');
+  TLS1_RFC_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256');
+  TLS1_RFC_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 = AnsiString('TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384');
+  TLS1_RFC_RSA_WITH_SEED_SHA = AnsiString('TLS_RSA_WITH_SEED_CBC_SHA');
+  TLS1_RFC_DHE_DSS_WITH_SEED_SHA = AnsiString('TLS_DHE_DSS_WITH_SEED_CBC_SHA');
+  TLS1_RFC_DHE_RSA_WITH_SEED_SHA = AnsiString('TLS_DHE_RSA_WITH_SEED_CBC_SHA');
+  TLS1_RFC_ADH_WITH_SEED_SHA = AnsiString('TLS_DH_anon_WITH_SEED_CBC_SHA');
+  TLS1_RFC_ECDHE_PSK_WITH_RC4_128_SHA = AnsiString('TLS_ECDHE_PSK_WITH_RC4_128_SHA');
+  TLS1_RFC_ECDH_anon_WITH_RC4_128_SHA = AnsiString('TLS_ECDH_anon_WITH_RC4_128_SHA');
+  TLS1_RFC_ECDHE_ECDSA_WITH_RC4_128_SHA = AnsiString('TLS_ECDHE_ECDSA_WITH_RC4_128_SHA');
+  TLS1_RFC_ECDHE_RSA_WITH_RC4_128_SHA = AnsiString('TLS_ECDHE_RSA_WITH_RC4_128_SHA');
+  TLS1_RFC_PSK_WITH_RC4_128_SHA = AnsiString('TLS_PSK_WITH_RC4_128_SHA');
+  TLS1_RFC_RSA_PSK_WITH_RC4_128_SHA = AnsiString('TLS_RSA_PSK_WITH_RC4_128_SHA');
+  TLS1_RFC_DHE_PSK_WITH_RC4_128_SHA = AnsiString('TLS_DHE_PSK_WITH_RC4_128_SHA');
+  TLS1_RFC_RSA_WITH_ARIA_128_GCM_SHA256 = AnsiString('TLS_RSA_WITH_ARIA_128_GCM_SHA256');
+  TLS1_RFC_RSA_WITH_ARIA_256_GCM_SHA384 = AnsiString('TLS_RSA_WITH_ARIA_256_GCM_SHA384');
+  TLS1_RFC_DHE_RSA_WITH_ARIA_128_GCM_SHA256 = AnsiString('TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256');
+  TLS1_RFC_DHE_RSA_WITH_ARIA_256_GCM_SHA384 = AnsiString('TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384');
+  TLS1_RFC_DH_RSA_WITH_ARIA_128_GCM_SHA256 = AnsiString('TLS_DH_RSA_WITH_ARIA_128_GCM_SHA256');
+  TLS1_RFC_DH_RSA_WITH_ARIA_256_GCM_SHA384 = AnsiString('TLS_DH_RSA_WITH_ARIA_256_GCM_SHA384');
+  TLS1_RFC_DHE_DSS_WITH_ARIA_128_GCM_SHA256 = AnsiString('TLS_DHE_DSS_WITH_ARIA_128_GCM_SHA256');
+  TLS1_RFC_DHE_DSS_WITH_ARIA_256_GCM_SHA384 = AnsiString('TLS_DHE_DSS_WITH_ARIA_256_GCM_SHA384');
+  TLS1_RFC_DH_DSS_WITH_ARIA_128_GCM_SHA256 = AnsiString('TLS_DH_DSS_WITH_ARIA_128_GCM_SHA256');
+  TLS1_RFC_DH_DSS_WITH_ARIA_256_GCM_SHA384 = AnsiString('TLS_DH_DSS_WITH_ARIA_256_GCM_SHA384');
+  TLS1_RFC_DH_anon_WITH_ARIA_128_GCM_SHA256 = AnsiString('TLS_DH_anon_WITH_ARIA_128_GCM_SHA256');
+  TLS1_RFC_DH_anon_WITH_ARIA_256_GCM_SHA384 = AnsiString('TLS_DH_anon_WITH_ARIA_256_GCM_SHA384');
+  TLS1_RFC_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256 = AnsiString('TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256');
+  TLS1_RFC_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384 = AnsiString('TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384');
+  TLS1_RFC_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256 = AnsiString('TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256');
+  TLS1_RFC_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384 = AnsiString('TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384');
+  TLS1_RFC_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 = AnsiString('TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256');
+  TLS1_RFC_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 = AnsiString('TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384');
+  TLS1_RFC_ECDH_RSA_WITH_ARIA_128_GCM_SHA256 = AnsiString('TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256');
+  TLS1_RFC_ECDH_RSA_WITH_ARIA_256_GCM_SHA384 = AnsiString('TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384');
+  TLS1_RFC_PSK_WITH_ARIA_128_GCM_SHA256 = AnsiString('TLS_PSK_WITH_ARIA_128_GCM_SHA256');
+  TLS1_RFC_PSK_WITH_ARIA_256_GCM_SHA384 = AnsiString('TLS_PSK_WITH_ARIA_256_GCM_SHA384');
+  TLS1_RFC_DHE_PSK_WITH_ARIA_128_GCM_SHA256 = AnsiString('TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256');
+  TLS1_RFC_DHE_PSK_WITH_ARIA_256_GCM_SHA384 = AnsiString('TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384');
+  TLS1_RFC_RSA_PSK_WITH_ARIA_128_GCM_SHA256 = AnsiString('TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256');
+  TLS1_RFC_RSA_PSK_WITH_ARIA_256_GCM_SHA384 = AnsiString('TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384');
 
   (*
    * XXX Backward compatibility alert: Older versions of OpenSSL gave some DHE
@@ -720,293 +720,293 @@ interface
    * using DHE everywhere, though we may indefinitely maTIdC_INTain aliases for
    * users or configurations that used "EDH"
    *)
-  TLS1_TXT_DHE_DSS_WITH_RC4_128_SHA = 'DHE-DSS-RC4-SHA';
+  TLS1_TXT_DHE_DSS_WITH_RC4_128_SHA = AnsiString('DHE-DSS-RC4-SHA');
 
-  TLS1_TXT_PSK_WITH_NULL_SHA = 'PSK-NULL-SHA';
-  TLS1_TXT_DHE_PSK_WITH_NULL_SHA = 'DHE-PSK-NULL-SHA';
-  TLS1_TXT_RSA_PSK_WITH_NULL_SHA = 'RSA-PSK-NULL-SHA';
+  TLS1_TXT_PSK_WITH_NULL_SHA = AnsiString('PSK-NULL-SHA');
+  TLS1_TXT_DHE_PSK_WITH_NULL_SHA = AnsiString('DHE-PSK-NULL-SHA');
+  TLS1_TXT_RSA_PSK_WITH_NULL_SHA = AnsiString('RSA-PSK-NULL-SHA');
 
   (* AES ciphersuites from RFC3268 *)
-  TLS1_TXT_RSA_WITH_AES_128_SHA = 'AES128-SHA';
-  TLS1_TXT_DH_DSS_WITH_AES_128_SHA = 'DH-DSS-AES128-SHA';
-  TLS1_TXT_DH_RSA_WITH_AES_128_SHA = 'DH-RSA-AES128-SHA';
-  TLS1_TXT_DHE_DSS_WITH_AES_128_SHA = 'DHE-DSS-AES128-SHA';
-  TLS1_TXT_DHE_RSA_WITH_AES_128_SHA = 'DHE-RSA-AES128-SHA';
-  TLS1_TXT_ADH_WITH_AES_128_SHA = 'ADH-AES128-SHA';
-
-  TLS1_TXT_RSA_WITH_AES_256_SHA = 'AES256-SHA';
-  TLS1_TXT_DH_DSS_WITH_AES_256_SHA = 'DH-DSS-AES256-SHA';
-  TLS1_TXT_DH_RSA_WITH_AES_256_SHA = 'DH-RSA-AES256-SHA';
-  TLS1_TXT_DHE_DSS_WITH_AES_256_SHA = 'DHE-DSS-AES256-SHA';
-  TLS1_TXT_DHE_RSA_WITH_AES_256_SHA = 'DHE-RSA-AES256-SHA';
-  TLS1_TXT_ADH_WITH_AES_256_SHA = 'ADH-AES256-SHA';
+  TLS1_TXT_RSA_WITH_AES_128_SHA = AnsiString('AES128-SHA');
+  TLS1_TXT_DH_DSS_WITH_AES_128_SHA = AnsiString('DH-DSS-AES128-SHA');
+  TLS1_TXT_DH_RSA_WITH_AES_128_SHA = AnsiString('DH-RSA-AES128-SHA');
+  TLS1_TXT_DHE_DSS_WITH_AES_128_SHA = AnsiString('DHE-DSS-AES128-SHA');
+  TLS1_TXT_DHE_RSA_WITH_AES_128_SHA = AnsiString('DHE-RSA-AES128-SHA');
+  TLS1_TXT_ADH_WITH_AES_128_SHA = AnsiString('ADH-AES128-SHA');
+
+  TLS1_TXT_RSA_WITH_AES_256_SHA = AnsiString('AES256-SHA');
+  TLS1_TXT_DH_DSS_WITH_AES_256_SHA = AnsiString('DH-DSS-AES256-SHA');
+  TLS1_TXT_DH_RSA_WITH_AES_256_SHA = AnsiString('DH-RSA-AES256-SHA');
+  TLS1_TXT_DHE_DSS_WITH_AES_256_SHA = AnsiString('DHE-DSS-AES256-SHA');
+  TLS1_TXT_DHE_RSA_WITH_AES_256_SHA = AnsiString('DHE-RSA-AES256-SHA');
+  TLS1_TXT_ADH_WITH_AES_256_SHA = AnsiString('ADH-AES256-SHA');
 
   (* ECC ciphersuites from RFC4492 *)
-  TLS1_TXT_ECDH_ECDSA_WITH_NULL_SHA = 'ECDH-ECDSA-NULL-SHA';
-  TLS1_TXT_ECDH_ECDSA_WITH_RC4_128_SHA = 'ECDH-ECDSA-RC4-SHA';
-  TLS1_TXT_ECDH_ECDSA_WITH_DES_192_CBC3_SHA = 'ECDH-ECDSA-DES-CBC3-SHA';
-  TLS1_TXT_ECDH_ECDSA_WITH_AES_128_CBC_SHA = 'ECDH-ECDSA-AES128-SHA';
-  TLS1_TXT_ECDH_ECDSA_WITH_AES_256_CBC_SHA = 'ECDH-ECDSA-AES256-SHA';
-
-  TLS1_TXT_ECDHE_ECDSA_WITH_NULL_SHA = 'ECDHE-ECDSA-NULL-SHA';
-  TLS1_TXT_ECDHE_ECDSA_WITH_RC4_128_SHA = 'ECDHE-ECDSA-RC4-SHA';
-  TLS1_TXT_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA = 'ECDHE-ECDSA-DES-CBC3-SHA';
-  TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CBC_SHA = 'ECDHE-ECDSA-AES128-SHA';
-  TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CBC_SHA = 'ECDHE-ECDSA-AES256-SHA';
-
-  TLS1_TXT_ECDH_RSA_WITH_NULL_SHA = 'ECDH-RSA-NULL-SHA';
-  TLS1_TXT_ECDH_RSA_WITH_RC4_128_SHA = 'ECDH-RSA-RC4-SHA';
-  TLS1_TXT_ECDH_RSA_WITH_DES_192_CBC3_SHA = 'ECDH-RSA-DES-CBC3-SHA';
-  TLS1_TXT_ECDH_RSA_WITH_AES_128_CBC_SHA = 'ECDH-RSA-AES128-SHA';
-  TLS1_TXT_ECDH_RSA_WITH_AES_256_CBC_SHA = 'ECDH-RSA-AES256-SHA';
-
-  TLS1_TXT_ECDHE_RSA_WITH_NULL_SHA = 'ECDHE-RSA-NULL-SHA';
-  TLS1_TXT_ECDHE_RSA_WITH_RC4_128_SHA = 'ECDHE-RSA-RC4-SHA';
-  TLS1_TXT_ECDHE_RSA_WITH_DES_192_CBC3_SHA = 'ECDHE-RSA-DES-CBC3-SHA';
-  TLS1_TXT_ECDHE_RSA_WITH_AES_128_CBC_SHA = 'ECDHE-RSA-AES128-SHA';
-  TLS1_TXT_ECDHE_RSA_WITH_AES_256_CBC_SHA = 'ECDHE-RSA-AES256-SHA';
-
-  TLS1_TXT_ECDH_anon_WITH_NULL_SHA = 'AECDH-NULL-SHA';
-  TLS1_TXT_ECDH_anon_WITH_RC4_128_SHA = 'AECDH-RC4-SHA';
-  TLS1_TXT_ECDH_anon_WITH_DES_192_CBC3_SHA = 'AECDH-DES-CBC3-SHA';
-  TLS1_TXT_ECDH_anon_WITH_AES_128_CBC_SHA = 'AECDH-AES128-SHA';
-  TLS1_TXT_ECDH_anon_WITH_AES_256_CBC_SHA = 'AECDH-AES256-SHA';
+  TLS1_TXT_ECDH_ECDSA_WITH_NULL_SHA = AnsiString('ECDH-ECDSA-NULL-SHA');
+  TLS1_TXT_ECDH_ECDSA_WITH_RC4_128_SHA = AnsiString('ECDH-ECDSA-RC4-SHA');
+  TLS1_TXT_ECDH_ECDSA_WITH_DES_192_CBC3_SHA = AnsiString('ECDH-ECDSA-DES-CBC3-SHA');
+  TLS1_TXT_ECDH_ECDSA_WITH_AES_128_CBC_SHA = AnsiString('ECDH-ECDSA-AES128-SHA');
+  TLS1_TXT_ECDH_ECDSA_WITH_AES_256_CBC_SHA = AnsiString('ECDH-ECDSA-AES256-SHA');
+
+  TLS1_TXT_ECDHE_ECDSA_WITH_NULL_SHA = AnsiString('ECDHE-ECDSA-NULL-SHA');
+  TLS1_TXT_ECDHE_ECDSA_WITH_RC4_128_SHA = AnsiString('ECDHE-ECDSA-RC4-SHA');
+  TLS1_TXT_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA = AnsiString('ECDHE-ECDSA-DES-CBC3-SHA');
+  TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CBC_SHA = AnsiString('ECDHE-ECDSA-AES128-SHA');
+  TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CBC_SHA = AnsiString('ECDHE-ECDSA-AES256-SHA');
+
+  TLS1_TXT_ECDH_RSA_WITH_NULL_SHA = AnsiString('ECDH-RSA-NULL-SHA');
+  TLS1_TXT_ECDH_RSA_WITH_RC4_128_SHA = AnsiString('ECDH-RSA-RC4-SHA');
+  TLS1_TXT_ECDH_RSA_WITH_DES_192_CBC3_SHA = AnsiString('ECDH-RSA-DES-CBC3-SHA');
+  TLS1_TXT_ECDH_RSA_WITH_AES_128_CBC_SHA = AnsiString('ECDH-RSA-AES128-SHA');
+  TLS1_TXT_ECDH_RSA_WITH_AES_256_CBC_SHA = AnsiString('ECDH-RSA-AES256-SHA');
+
+  TLS1_TXT_ECDHE_RSA_WITH_NULL_SHA = AnsiString('ECDHE-RSA-NULL-SHA');
+  TLS1_TXT_ECDHE_RSA_WITH_RC4_128_SHA = AnsiString('ECDHE-RSA-RC4-SHA');
+  TLS1_TXT_ECDHE_RSA_WITH_DES_192_CBC3_SHA = AnsiString('ECDHE-RSA-DES-CBC3-SHA');
+  TLS1_TXT_ECDHE_RSA_WITH_AES_128_CBC_SHA = AnsiString('ECDHE-RSA-AES128-SHA');
+  TLS1_TXT_ECDHE_RSA_WITH_AES_256_CBC_SHA = AnsiString('ECDHE-RSA-AES256-SHA');
+
+  TLS1_TXT_ECDH_anon_WITH_NULL_SHA = AnsiString('AECDH-NULL-SHA');
+  TLS1_TXT_ECDH_anon_WITH_RC4_128_SHA = AnsiString('AECDH-RC4-SHA');
+  TLS1_TXT_ECDH_anon_WITH_DES_192_CBC3_SHA = AnsiString('AECDH-DES-CBC3-SHA');
+  TLS1_TXT_ECDH_anon_WITH_AES_128_CBC_SHA = AnsiString('AECDH-AES128-SHA');
+  TLS1_TXT_ECDH_anon_WITH_AES_256_CBC_SHA = AnsiString('AECDH-AES256-SHA');
 
   (* PSK ciphersuites from RFC 4279 *)
-  TLS1_TXT_PSK_WITH_RC4_128_SHA = 'PSK-RC4-SHA';
-  TLS1_TXT_PSK_WITH_3DES_EDE_CBC_SHA = 'PSK-3DES-EDE-CBC-SHA';
-  TLS1_TXT_PSK_WITH_AES_128_CBC_SHA = 'PSK-AES128-CBC-SHA';
-  TLS1_TXT_PSK_WITH_AES_256_CBC_SHA = 'PSK-AES256-CBC-SHA';
-
-  TLS1_TXT_DHE_PSK_WITH_RC4_128_SHA = 'DHE-PSK-RC4-SHA';
-  TLS1_TXT_DHE_PSK_WITH_3DES_EDE_CBC_SHA = 'DHE-PSK-3DES-EDE-CBC-SHA';
-  TLS1_TXT_DHE_PSK_WITH_AES_128_CBC_SHA = 'DHE-PSK-AES128-CBC-SHA';
-  TLS1_TXT_DHE_PSK_WITH_AES_256_CBC_SHA = 'DHE-PSK-AES256-CBC-SHA';
-  TLS1_TXT_RSA_PSK_WITH_RC4_128_SHA = 'RSA-PSK-RC4-SHA';
-  TLS1_TXT_RSA_PSK_WITH_3DES_EDE_CBC_SHA = 'RSA-PSK-3DES-EDE-CBC-SHA';
-  TLS1_TXT_RSA_PSK_WITH_AES_128_CBC_SHA = 'RSA-PSK-AES128-CBC-SHA';
-  TLS1_TXT_RSA_PSK_WITH_AES_256_CBC_SHA = 'RSA-PSK-AES256-CBC-SHA';
+  TLS1_TXT_PSK_WITH_RC4_128_SHA = AnsiString('PSK-RC4-SHA');
+  TLS1_TXT_PSK_WITH_3DES_EDE_CBC_SHA = AnsiString('PSK-3DES-EDE-CBC-SHA');
+  TLS1_TXT_PSK_WITH_AES_128_CBC_SHA = AnsiString('PSK-AES128-CBC-SHA');
+  TLS1_TXT_PSK_WITH_AES_256_CBC_SHA = AnsiString('PSK-AES256-CBC-SHA');
+
+  TLS1_TXT_DHE_PSK_WITH_RC4_128_SHA = AnsiString('DHE-PSK-RC4-SHA');
+  TLS1_TXT_DHE_PSK_WITH_3DES_EDE_CBC_SHA = AnsiString('DHE-PSK-3DES-EDE-CBC-SHA');
+  TLS1_TXT_DHE_PSK_WITH_AES_128_CBC_SHA = AnsiString('DHE-PSK-AES128-CBC-SHA');
+  TLS1_TXT_DHE_PSK_WITH_AES_256_CBC_SHA = AnsiString('DHE-PSK-AES256-CBC-SHA');
+  TLS1_TXT_RSA_PSK_WITH_RC4_128_SHA = AnsiString('RSA-PSK-RC4-SHA');
+  TLS1_TXT_RSA_PSK_WITH_3DES_EDE_CBC_SHA = AnsiString('RSA-PSK-3DES-EDE-CBC-SHA');
+  TLS1_TXT_RSA_PSK_WITH_AES_128_CBC_SHA = AnsiString('RSA-PSK-AES128-CBC-SHA');
+  TLS1_TXT_RSA_PSK_WITH_AES_256_CBC_SHA = AnsiString('RSA-PSK-AES256-CBC-SHA');
 
   (* PSK ciphersuites from RFC 5487 *)
-  TLS1_TXT_PSK_WITH_AES_128_GCM_SHA256 = 'PSK-AES128-GCM-SHA256';
-  TLS1_TXT_PSK_WITH_AES_256_GCM_SHA384 = 'PSK-AES256-GCM-SHA384';
-  TLS1_TXT_DHE_PSK_WITH_AES_128_GCM_SHA256 = 'DHE-PSK-AES128-GCM-SHA256';
-  TLS1_TXT_DHE_PSK_WITH_AES_256_GCM_SHA384 = 'DHE-PSK-AES256-GCM-SHA384';
-  TLS1_TXT_RSA_PSK_WITH_AES_128_GCM_SHA256 = 'RSA-PSK-AES128-GCM-SHA256';
-  TLS1_TXT_RSA_PSK_WITH_AES_256_GCM_SHA384 = 'RSA-PSK-AES256-GCM-SHA384';
-
-  TLS1_TXT_PSK_WITH_AES_128_CBC_SHA256 = 'PSK-AES128-CBC-SHA256';
-  TLS1_TXT_PSK_WITH_AES_256_CBC_SHA384 = 'PSK-AES256-CBC-SHA384';
-  TLS1_TXT_PSK_WITH_NULL_SHA256 = 'PSK-NULL-SHA256';
-  TLS1_TXT_PSK_WITH_NULL_SHA384 = 'PSK-NULL-SHA384';
-
-  TLS1_TXT_DHE_PSK_WITH_AES_128_CBC_SHA256 = 'DHE-PSK-AES128-CBC-SHA256';
-  TLS1_TXT_DHE_PSK_WITH_AES_256_CBC_SHA384 = 'DHE-PSK-AES256-CBC-SHA384';
-  TLS1_TXT_DHE_PSK_WITH_NULL_SHA256 = 'DHE-PSK-NULL-SHA256';
-  TLS1_TXT_DHE_PSK_WITH_NULL_SHA384 = 'DHE-PSK-NULL-SHA384';
-
-  TLS1_TXT_RSA_PSK_WITH_AES_128_CBC_SHA256 = 'RSA-PSK-AES128-CBC-SHA256';
-  TLS1_TXT_RSA_PSK_WITH_AES_256_CBC_SHA384 = 'RSA-PSK-AES256-CBC-SHA384';
-  TLS1_TXT_RSA_PSK_WITH_NULL_SHA256 = 'RSA-PSK-NULL-SHA256';
-  TLS1_TXT_RSA_PSK_WITH_NULL_SHA384 = 'RSA-PSK-NULL-SHA384';
+  TLS1_TXT_PSK_WITH_AES_128_GCM_SHA256 = AnsiString('PSK-AES128-GCM-SHA256');
+  TLS1_TXT_PSK_WITH_AES_256_GCM_SHA384 = AnsiString('PSK-AES256-GCM-SHA384');
+  TLS1_TXT_DHE_PSK_WITH_AES_128_GCM_SHA256 = AnsiString('DHE-PSK-AES128-GCM-SHA256');
+  TLS1_TXT_DHE_PSK_WITH_AES_256_GCM_SHA384 = AnsiString('DHE-PSK-AES256-GCM-SHA384');
+  TLS1_TXT_RSA_PSK_WITH_AES_128_GCM_SHA256 = AnsiString('RSA-PSK-AES128-GCM-SHA256');
+  TLS1_TXT_RSA_PSK_WITH_AES_256_GCM_SHA384 = AnsiString('RSA-PSK-AES256-GCM-SHA384');
+
+  TLS1_TXT_PSK_WITH_AES_128_CBC_SHA256 = AnsiString('PSK-AES128-CBC-SHA256');
+  TLS1_TXT_PSK_WITH_AES_256_CBC_SHA384 = AnsiString('PSK-AES256-CBC-SHA384');
+  TLS1_TXT_PSK_WITH_NULL_SHA256 = AnsiString('PSK-NULL-SHA256');
+  TLS1_TXT_PSK_WITH_NULL_SHA384 = AnsiString('PSK-NULL-SHA384');
+
+  TLS1_TXT_DHE_PSK_WITH_AES_128_CBC_SHA256 = AnsiString('DHE-PSK-AES128-CBC-SHA256');
+  TLS1_TXT_DHE_PSK_WITH_AES_256_CBC_SHA384 = AnsiString('DHE-PSK-AES256-CBC-SHA384');
+  TLS1_TXT_DHE_PSK_WITH_NULL_SHA256 = AnsiString('DHE-PSK-NULL-SHA256');
+  TLS1_TXT_DHE_PSK_WITH_NULL_SHA384 = AnsiString('DHE-PSK-NULL-SHA384');
+
+  TLS1_TXT_RSA_PSK_WITH_AES_128_CBC_SHA256 = AnsiString('RSA-PSK-AES128-CBC-SHA256');
+  TLS1_TXT_RSA_PSK_WITH_AES_256_CBC_SHA384 = AnsiString('RSA-PSK-AES256-CBC-SHA384');
+  TLS1_TXT_RSA_PSK_WITH_NULL_SHA256 = AnsiString('RSA-PSK-NULL-SHA256');
+  TLS1_TXT_RSA_PSK_WITH_NULL_SHA384 = AnsiString('RSA-PSK-NULL-SHA384');
 
   (* SRP ciphersuite from RFC 5054 *)
-  TLS1_TXT_SRP_SHA_WITH_3DES_EDE_CBC_SHA = 'SRP-3DES-EDE-CBC-SHA';
-  TLS1_TXT_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA = 'SRP-RSA-3DES-EDE-CBC-SHA';
-  TLS1_TXT_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA = 'SRP-DSS-3DES-EDE-CBC-SHA';
-  TLS1_TXT_SRP_SHA_WITH_AES_128_CBC_SHA = 'SRP-AES-128-CBC-SHA';
-  TLS1_TXT_SRP_SHA_RSA_WITH_AES_128_CBC_SHA = 'SRP-RSA-AES-128-CBC-SHA';
-  TLS1_TXT_SRP_SHA_DSS_WITH_AES_128_CBC_SHA = 'SRP-DSS-AES-128-CBC-SHA';
-  TLS1_TXT_SRP_SHA_WITH_AES_256_CBC_SHA = 'SRP-AES-256-CBC-SHA';
-  TLS1_TXT_SRP_SHA_RSA_WITH_AES_256_CBC_SHA = 'SRP-RSA-AES-256-CBC-SHA';
-  TLS1_TXT_SRP_SHA_DSS_WITH_AES_256_CBC_SHA = 'SRP-DSS-AES-256-CBC-SHA';
+  TLS1_TXT_SRP_SHA_WITH_3DES_EDE_CBC_SHA = AnsiString('SRP-3DES-EDE-CBC-SHA');
+  TLS1_TXT_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA = AnsiString('SRP-RSA-3DES-EDE-CBC-SHA');
+  TLS1_TXT_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA = AnsiString('SRP-DSS-3DES-EDE-CBC-SHA');
+  TLS1_TXT_SRP_SHA_WITH_AES_128_CBC_SHA = AnsiString('SRP-AES-128-CBC-SHA');
+  TLS1_TXT_SRP_SHA_RSA_WITH_AES_128_CBC_SHA = AnsiString('SRP-RSA-AES-128-CBC-SHA');
+  TLS1_TXT_SRP_SHA_DSS_WITH_AES_128_CBC_SHA = AnsiString('SRP-DSS-AES-128-CBC-SHA');
+  TLS1_TXT_SRP_SHA_WITH_AES_256_CBC_SHA = AnsiString('SRP-AES-256-CBC-SHA');
+  TLS1_TXT_SRP_SHA_RSA_WITH_AES_256_CBC_SHA = AnsiString('SRP-RSA-AES-256-CBC-SHA');
+  TLS1_TXT_SRP_SHA_DSS_WITH_AES_256_CBC_SHA = AnsiString('SRP-DSS-AES-256-CBC-SHA');
 
   (* Camellia ciphersuites from RFC4132 *)
-  TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA = 'CAMELLIA128-SHA';
-  TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA = 'DH-DSS-CAMELLIA128-SHA';
-  TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA = 'DH-RSA-CAMELLIA128-SHA';
-  TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA = 'DHE-DSS-CAMELLIA128-SHA';
-  TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA = 'DHE-RSA-CAMELLIA128-SHA';
-  TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA = 'ADH-CAMELLIA128-SHA';
-
-  TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA = 'CAMELLIA256-SHA';
-  TLS1_TXT_DH_DSS_WITH_CAMELLIA_256_CBC_SHA = 'DH-DSS-CAMELLIA256-SHA';
-  TLS1_TXT_DH_RSA_WITH_CAMELLIA_256_CBC_SHA = 'DH-RSA-CAMELLIA256-SHA';
-  TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA = 'DHE-DSS-CAMELLIA256-SHA';
-  TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA = 'DHE-RSA-CAMELLIA256-SHA';
-  TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA = 'ADH-CAMELLIA256-SHA';
+  TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA = AnsiString('CAMELLIA128-SHA');
+  TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA = AnsiString('DH-DSS-CAMELLIA128-SHA');
+  TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA = AnsiString('DH-RSA-CAMELLIA128-SHA');
+  TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA = AnsiString('DHE-DSS-CAMELLIA128-SHA');
+  TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA = AnsiString('DHE-RSA-CAMELLIA128-SHA');
+  TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA = AnsiString('ADH-CAMELLIA128-SHA');
+
+  TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA = AnsiString('CAMELLIA256-SHA');
+  TLS1_TXT_DH_DSS_WITH_CAMELLIA_256_CBC_SHA = AnsiString('DH-DSS-CAMELLIA256-SHA');
+  TLS1_TXT_DH_RSA_WITH_CAMELLIA_256_CBC_SHA = AnsiString('DH-RSA-CAMELLIA256-SHA');
+  TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA = AnsiString('DHE-DSS-CAMELLIA256-SHA');
+  TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA = AnsiString('DHE-RSA-CAMELLIA256-SHA');
+  TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA = AnsiString('ADH-CAMELLIA256-SHA');
 
   (* TLS 1.2 Camellia SHA-256 ciphersuites from RFC5932 *)
-  TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 'CAMELLIA128-SHA256';
-  TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256 = 'DH-DSS-CAMELLIA128-SHA256';
-  TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 'DH-RSA-CAMELLIA128-SHA256';
-  TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256 = 'DHE-DSS-CAMELLIA128-SHA256';
-  TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 'DHE-RSA-CAMELLIA128-SHA256';
-  TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA256 = 'ADH-CAMELLIA128-SHA256';
-
-  TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA256 = 'CAMELLIA256-SHA256';
-  TLS1_TXT_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256 = 'DH-DSS-CAMELLIA256-SHA256';
-  TLS1_TXT_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256 = 'DH-RSA-CAMELLIA256-SHA256';
-  TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256 = 'DHE-DSS-CAMELLIA256-SHA256';
-  TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 = 'DHE-RSA-CAMELLIA256-SHA256';
-  TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA256 = 'ADH-CAMELLIA256-SHA256';
-
-  TLS1_TXT_PSK_WITH_CAMELLIA_128_CBC_SHA256 = 'PSK-CAMELLIA128-SHA256';
-  TLS1_TXT_PSK_WITH_CAMELLIA_256_CBC_SHA384 = 'PSK-CAMELLIA256-SHA384';
-  TLS1_TXT_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 = 'DHE-PSK-CAMELLIA128-SHA256';
-  TLS1_TXT_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 = 'DHE-PSK-CAMELLIA256-SHA384';
-  TLS1_TXT_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 = 'RSA-PSK-CAMELLIA128-SHA256';
-  TLS1_TXT_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 = 'RSA-PSK-CAMELLIA256-SHA384';
-  TLS1_TXT_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 = 'ECDHE-PSK-CAMELLIA128-SHA256';
-  TLS1_TXT_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 = 'ECDHE-PSK-CAMELLIA256-SHA384';
+  TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('CAMELLIA128-SHA256');
+  TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('DH-DSS-CAMELLIA128-SHA256');
+  TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('DH-RSA-CAMELLIA128-SHA256');
+  TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('DHE-DSS-CAMELLIA128-SHA256');
+  TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('DHE-RSA-CAMELLIA128-SHA256');
+  TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('ADH-CAMELLIA128-SHA256');
+
+  TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA256 = AnsiString('CAMELLIA256-SHA256');
+  TLS1_TXT_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256 = AnsiString('DH-DSS-CAMELLIA256-SHA256');
+  TLS1_TXT_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256 = AnsiString('DH-RSA-CAMELLIA256-SHA256');
+  TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256 = AnsiString('DHE-DSS-CAMELLIA256-SHA256');
+  TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 = AnsiString('DHE-RSA-CAMELLIA256-SHA256');
+  TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA256 = AnsiString('ADH-CAMELLIA256-SHA256');
+
+  TLS1_TXT_PSK_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('PSK-CAMELLIA128-SHA256');
+  TLS1_TXT_PSK_WITH_CAMELLIA_256_CBC_SHA384 = AnsiString('PSK-CAMELLIA256-SHA384');
+  TLS1_TXT_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('DHE-PSK-CAMELLIA128-SHA256');
+  TLS1_TXT_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 = AnsiString('DHE-PSK-CAMELLIA256-SHA384');
+  TLS1_TXT_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('RSA-PSK-CAMELLIA128-SHA256');
+  TLS1_TXT_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 = AnsiString('RSA-PSK-CAMELLIA256-SHA384');
+  TLS1_TXT_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('ECDHE-PSK-CAMELLIA128-SHA256');
+  TLS1_TXT_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 = AnsiString('ECDHE-PSK-CAMELLIA256-SHA384');
 
   (* SEED ciphersuites from RFC4162 *)
-  TLS1_TXT_RSA_WITH_SEED_SHA = 'SEED-SHA';
-  TLS1_TXT_DH_DSS_WITH_SEED_SHA = 'DH-DSS-SEED-SHA';
-  TLS1_TXT_DH_RSA_WITH_SEED_SHA = 'DH-RSA-SEED-SHA';
-  TLS1_TXT_DHE_DSS_WITH_SEED_SHA = 'DHE-DSS-SEED-SHA';
-  TLS1_TXT_DHE_RSA_WITH_SEED_SHA = 'DHE-RSA-SEED-SHA';
-  TLS1_TXT_ADH_WITH_SEED_SHA = 'ADH-SEED-SHA';
+  TLS1_TXT_RSA_WITH_SEED_SHA = AnsiString('SEED-SHA');
+  TLS1_TXT_DH_DSS_WITH_SEED_SHA = AnsiString('DH-DSS-SEED-SHA');
+  TLS1_TXT_DH_RSA_WITH_SEED_SHA = AnsiString('DH-RSA-SEED-SHA');
+  TLS1_TXT_DHE_DSS_WITH_SEED_SHA = AnsiString('DHE-DSS-SEED-SHA');
+  TLS1_TXT_DHE_RSA_WITH_SEED_SHA = AnsiString('DHE-RSA-SEED-SHA');
+  TLS1_TXT_ADH_WITH_SEED_SHA = AnsiString('ADH-SEED-SHA');
 
   (* TLS v1.2 ciphersuites *)
-  TLS1_TXT_RSA_WITH_NULL_SHA256 = 'NULL-SHA256';
-  TLS1_TXT_RSA_WITH_AES_128_SHA256 = 'AES128-SHA256';
-  TLS1_TXT_RSA_WITH_AES_256_SHA256 = 'AES256-SHA256';
-  TLS1_TXT_DH_DSS_WITH_AES_128_SHA256 = 'DH-DSS-AES128-SHA256';
-  TLS1_TXT_DH_RSA_WITH_AES_128_SHA256 = 'DH-RSA-AES128-SHA256';
-  TLS1_TXT_DHE_DSS_WITH_AES_128_SHA256 = 'DHE-DSS-AES128-SHA256';
-  TLS1_TXT_DHE_RSA_WITH_AES_128_SHA256 = 'DHE-RSA-AES128-SHA256';
-  TLS1_TXT_DH_DSS_WITH_AES_256_SHA256 = 'DH-DSS-AES256-SHA256';
-  TLS1_TXT_DH_RSA_WITH_AES_256_SHA256 = 'DH-RSA-AES256-SHA256';
-  TLS1_TXT_DHE_DSS_WITH_AES_256_SHA256 = 'DHE-DSS-AES256-SHA256';
-  TLS1_TXT_DHE_RSA_WITH_AES_256_SHA256 = 'DHE-RSA-AES256-SHA256';
-  TLS1_TXT_ADH_WITH_AES_128_SHA256 = 'ADH-AES128-SHA256';
-  TLS1_TXT_ADH_WITH_AES_256_SHA256 = 'ADH-AES256-SHA256';
+  TLS1_TXT_RSA_WITH_NULL_SHA256 = AnsiString('NULL-SHA256');
+  TLS1_TXT_RSA_WITH_AES_128_SHA256 = AnsiString('AES128-SHA256');
+  TLS1_TXT_RSA_WITH_AES_256_SHA256 = AnsiString('AES256-SHA256');
+  TLS1_TXT_DH_DSS_WITH_AES_128_SHA256 = AnsiString('DH-DSS-AES128-SHA256');
+  TLS1_TXT_DH_RSA_WITH_AES_128_SHA256 = AnsiString('DH-RSA-AES128-SHA256');
+  TLS1_TXT_DHE_DSS_WITH_AES_128_SHA256 = AnsiString('DHE-DSS-AES128-SHA256');
+  TLS1_TXT_DHE_RSA_WITH_AES_128_SHA256 = AnsiString('DHE-RSA-AES128-SHA256');
+  TLS1_TXT_DH_DSS_WITH_AES_256_SHA256 = AnsiString('DH-DSS-AES256-SHA256');
+  TLS1_TXT_DH_RSA_WITH_AES_256_SHA256 = AnsiString('DH-RSA-AES256-SHA256');
+  TLS1_TXT_DHE_DSS_WITH_AES_256_SHA256 = AnsiString('DHE-DSS-AES256-SHA256');
+  TLS1_TXT_DHE_RSA_WITH_AES_256_SHA256 = AnsiString('DHE-RSA-AES256-SHA256');
+  TLS1_TXT_ADH_WITH_AES_128_SHA256 = AnsiString('ADH-AES128-SHA256');
+  TLS1_TXT_ADH_WITH_AES_256_SHA256 = AnsiString('ADH-AES256-SHA256');
 
   (* TLS v1.2 GCM ciphersuites from RFC5288 *)
-  TLS1_TXT_RSA_WITH_AES_128_GCM_SHA256 = 'AES128-GCM-SHA256';
-  TLS1_TXT_RSA_WITH_AES_256_GCM_SHA384 = 'AES256-GCM-SHA384';
-  TLS1_TXT_DHE_RSA_WITH_AES_128_GCM_SHA256 = 'DHE-RSA-AES128-GCM-SHA256';
-  TLS1_TXT_DHE_RSA_WITH_AES_256_GCM_SHA384 = 'DHE-RSA-AES256-GCM-SHA384';
-  TLS1_TXT_DH_RSA_WITH_AES_128_GCM_SHA256 = 'DH-RSA-AES128-GCM-SHA256';
-  TLS1_TXT_DH_RSA_WITH_AES_256_GCM_SHA384 = 'DH-RSA-AES256-GCM-SHA384';
-  TLS1_TXT_DHE_DSS_WITH_AES_128_GCM_SHA256 = 'DHE-DSS-AES128-GCM-SHA256';
-  TLS1_TXT_DHE_DSS_WITH_AES_256_GCM_SHA384 = 'DHE-DSS-AES256-GCM-SHA384';
-  TLS1_TXT_DH_DSS_WITH_AES_128_GCM_SHA256 = 'DH-DSS-AES128-GCM-SHA256';
-  TLS1_TXT_DH_DSS_WITH_AES_256_GCM_SHA384 = 'DH-DSS-AES256-GCM-SHA384';
-  TLS1_TXT_ADH_WITH_AES_128_GCM_SHA256 = 'ADH-AES128-GCM-SHA256';
-  TLS1_TXT_ADH_WITH_AES_256_GCM_SHA384 = 'ADH-AES256-GCM-SHA384';
+  TLS1_TXT_RSA_WITH_AES_128_GCM_SHA256 = AnsiString('AES128-GCM-SHA256');
+  TLS1_TXT_RSA_WITH_AES_256_GCM_SHA384 = AnsiString('AES256-GCM-SHA384');
+  TLS1_TXT_DHE_RSA_WITH_AES_128_GCM_SHA256 = AnsiString('DHE-RSA-AES128-GCM-SHA256');
+  TLS1_TXT_DHE_RSA_WITH_AES_256_GCM_SHA384 = AnsiString('DHE-RSA-AES256-GCM-SHA384');
+  TLS1_TXT_DH_RSA_WITH_AES_128_GCM_SHA256 = AnsiString('DH-RSA-AES128-GCM-SHA256');
+  TLS1_TXT_DH_RSA_WITH_AES_256_GCM_SHA384 = AnsiString('DH-RSA-AES256-GCM-SHA384');
+  TLS1_TXT_DHE_DSS_WITH_AES_128_GCM_SHA256 = AnsiString('DHE-DSS-AES128-GCM-SHA256');
+  TLS1_TXT_DHE_DSS_WITH_AES_256_GCM_SHA384 = AnsiString('DHE-DSS-AES256-GCM-SHA384');
+  TLS1_TXT_DH_DSS_WITH_AES_128_GCM_SHA256 = AnsiString('DH-DSS-AES128-GCM-SHA256');
+  TLS1_TXT_DH_DSS_WITH_AES_256_GCM_SHA384 = AnsiString('DH-DSS-AES256-GCM-SHA384');
+  TLS1_TXT_ADH_WITH_AES_128_GCM_SHA256 = AnsiString('ADH-AES128-GCM-SHA256');
+  TLS1_TXT_ADH_WITH_AES_256_GCM_SHA384 = AnsiString('ADH-AES256-GCM-SHA384');
 
   (* CCM ciphersuites from RFC6655 *)
-  TLS1_TXT_RSA_WITH_AES_128_CCM = 'AES128-CCM';
-  TLS1_TXT_RSA_WITH_AES_256_CCM = 'AES256-CCM';
-  TLS1_TXT_DHE_RSA_WITH_AES_128_CCM = 'DHE-RSA-AES128-CCM';
-  TLS1_TXT_DHE_RSA_WITH_AES_256_CCM = 'DHE-RSA-AES256-CCM';
-
-  TLS1_TXT_RSA_WITH_AES_128_CCM_8 = 'AES128-CCM8';
-  TLS1_TXT_RSA_WITH_AES_256_CCM_8 = 'AES256-CCM8';
-  TLS1_TXT_DHE_RSA_WITH_AES_128_CCM_8 = 'DHE-RSA-AES128-CCM8';
-  TLS1_TXT_DHE_RSA_WITH_AES_256_CCM_8 = 'DHE-RSA-AES256-CCM8';
-
-  TLS1_TXT_PSK_WITH_AES_128_CCM = 'PSK-AES128-CCM';
-  TLS1_TXT_PSK_WITH_AES_256_CCM = 'PSK-AES256-CCM';
-  TLS1_TXT_DHE_PSK_WITH_AES_128_CCM = 'DHE-PSK-AES128-CCM';
-  TLS1_TXT_DHE_PSK_WITH_AES_256_CCM = 'DHE-PSK-AES256-CCM';
-
-  TLS1_TXT_PSK_WITH_AES_128_CCM_8 = 'PSK-AES128-CCM8';
-  TLS1_TXT_PSK_WITH_AES_256_CCM_8 = 'PSK-AES256-CCM8';
-  TLS1_TXT_DHE_PSK_WITH_AES_128_CCM_8 = 'DHE-PSK-AES128-CCM8';
-  TLS1_TXT_DHE_PSK_WITH_AES_256_CCM_8 = 'DHE-PSK-AES256-CCM8';
+  TLS1_TXT_RSA_WITH_AES_128_CCM = AnsiString('AES128-CCM');
+  TLS1_TXT_RSA_WITH_AES_256_CCM = AnsiString('AES256-CCM');
+  TLS1_TXT_DHE_RSA_WITH_AES_128_CCM = AnsiString('DHE-RSA-AES128-CCM');
+  TLS1_TXT_DHE_RSA_WITH_AES_256_CCM = AnsiString('DHE-RSA-AES256-CCM');
+
+  TLS1_TXT_RSA_WITH_AES_128_CCM_8 = AnsiString('AES128-CCM8');
+  TLS1_TXT_RSA_WITH_AES_256_CCM_8 = AnsiString('AES256-CCM8');
+  TLS1_TXT_DHE_RSA_WITH_AES_128_CCM_8 = AnsiString('DHE-RSA-AES128-CCM8');
+  TLS1_TXT_DHE_RSA_WITH_AES_256_CCM_8 = AnsiString('DHE-RSA-AES256-CCM8');
+
+  TLS1_TXT_PSK_WITH_AES_128_CCM = AnsiString('PSK-AES128-CCM');
+  TLS1_TXT_PSK_WITH_AES_256_CCM = AnsiString('PSK-AES256-CCM');
+  TLS1_TXT_DHE_PSK_WITH_AES_128_CCM = AnsiString('DHE-PSK-AES128-CCM');
+  TLS1_TXT_DHE_PSK_WITH_AES_256_CCM = AnsiString('DHE-PSK-AES256-CCM');
+
+  TLS1_TXT_PSK_WITH_AES_128_CCM_8 = AnsiString('PSK-AES128-CCM8');
+  TLS1_TXT_PSK_WITH_AES_256_CCM_8 = AnsiString('PSK-AES256-CCM8');
+  TLS1_TXT_DHE_PSK_WITH_AES_128_CCM_8 = AnsiString('DHE-PSK-AES128-CCM8');
+  TLS1_TXT_DHE_PSK_WITH_AES_256_CCM_8 = AnsiString('DHE-PSK-AES256-CCM8');
 
   (* CCM ciphersuites from RFC7251 *)
-  TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CCM = 'ECDHE-ECDSA-AES128-CCM';
-  TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CCM = 'ECDHE-ECDSA-AES256-CCM';
-  TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CCM_8 = 'ECDHE-ECDSA-AES128-CCM8';
-  TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CCM_8 = 'ECDHE-ECDSA-AES256-CCM8';
+  TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CCM = AnsiString('ECDHE-ECDSA-AES128-CCM');
+  TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CCM = AnsiString('ECDHE-ECDSA-AES256-CCM');
+  TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CCM_8 = AnsiString('ECDHE-ECDSA-AES128-CCM8');
+  TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CCM_8 = AnsiString('ECDHE-ECDSA-AES256-CCM8');
 
   (* ECDH HMAC based ciphersuites from RFC5289 *)
-  TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_SHA256 = 'ECDHE-ECDSA-AES128-SHA256';
-  TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_SHA384 = 'ECDHE-ECDSA-AES256-SHA384';
-  TLS1_TXT_ECDH_ECDSA_WITH_AES_128_SHA256 = 'ECDH-ECDSA-AES128-SHA256';
-  TLS1_TXT_ECDH_ECDSA_WITH_AES_256_SHA384 = 'ECDH-ECDSA-AES256-SHA384';
-  TLS1_TXT_ECDHE_RSA_WITH_AES_128_SHA256 = 'ECDHE-RSA-AES128-SHA256';
-  TLS1_TXT_ECDHE_RSA_WITH_AES_256_SHA384 = 'ECDHE-RSA-AES256-SHA384';
-  TLS1_TXT_ECDH_RSA_WITH_AES_128_SHA256 = 'ECDH-RSA-AES128-SHA256';
-  TLS1_TXT_ECDH_RSA_WITH_AES_256_SHA384 = 'ECDH-RSA-AES256-SHA384';
+  TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_SHA256 = AnsiString('ECDHE-ECDSA-AES128-SHA256');
+  TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_SHA384 = AnsiString('ECDHE-ECDSA-AES256-SHA384');
+  TLS1_TXT_ECDH_ECDSA_WITH_AES_128_SHA256 = AnsiString('ECDH-ECDSA-AES128-SHA256');
+  TLS1_TXT_ECDH_ECDSA_WITH_AES_256_SHA384 = AnsiString('ECDH-ECDSA-AES256-SHA384');
+  TLS1_TXT_ECDHE_RSA_WITH_AES_128_SHA256 = AnsiString('ECDHE-RSA-AES128-SHA256');
+  TLS1_TXT_ECDHE_RSA_WITH_AES_256_SHA384 = AnsiString('ECDHE-RSA-AES256-SHA384');
+  TLS1_TXT_ECDH_RSA_WITH_AES_128_SHA256 = AnsiString('ECDH-RSA-AES128-SHA256');
+  TLS1_TXT_ECDH_RSA_WITH_AES_256_SHA384 = AnsiString('ECDH-RSA-AES256-SHA384');
 
   (* ECDH GCM based ciphersuites from RFC5289 *)
-  TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 = 'ECDHE-ECDSA-AES128-GCM-SHA256';
-  TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 = 'ECDHE-ECDSA-AES256-GCM-SHA384';
-  TLS1_TXT_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 = 'ECDH-ECDSA-AES128-GCM-SHA256';
-  TLS1_TXT_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 = 'ECDH-ECDSA-AES256-GCM-SHA384';
-  TLS1_TXT_ECDHE_RSA_WITH_AES_128_GCM_SHA256 = 'ECDHE-RSA-AES128-GCM-SHA256';
-  TLS1_TXT_ECDHE_RSA_WITH_AES_256_GCM_SHA384 = 'ECDHE-RSA-AES256-GCM-SHA384';
-  TLS1_TXT_ECDH_RSA_WITH_AES_128_GCM_SHA256 = 'ECDH-RSA-AES128-GCM-SHA256';
-  TLS1_TXT_ECDH_RSA_WITH_AES_256_GCM_SHA384 = 'ECDH-RSA-AES256-GCM-SHA384';
+  TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 = AnsiString('ECDHE-ECDSA-AES128-GCM-SHA256');
+  TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 = AnsiString('ECDHE-ECDSA-AES256-GCM-SHA384');
+  TLS1_TXT_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 = AnsiString('ECDH-ECDSA-AES128-GCM-SHA256');
+  TLS1_TXT_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 = AnsiString('ECDH-ECDSA-AES256-GCM-SHA384');
+  TLS1_TXT_ECDHE_RSA_WITH_AES_128_GCM_SHA256 = AnsiString('ECDHE-RSA-AES128-GCM-SHA256');
+  TLS1_TXT_ECDHE_RSA_WITH_AES_256_GCM_SHA384 = AnsiString('ECDHE-RSA-AES256-GCM-SHA384');
+  TLS1_TXT_ECDH_RSA_WITH_AES_128_GCM_SHA256 = AnsiString('ECDH-RSA-AES128-GCM-SHA256');
+  TLS1_TXT_ECDH_RSA_WITH_AES_256_GCM_SHA384 = AnsiString('ECDH-RSA-AES256-GCM-SHA384');
 
   (* TLS v1.2 PSK GCM ciphersuites from RFC5487 *)
-  //TLS1_TXT_PSK_WITH_AES_128_GCM_SHA256 = 'PSK-AES128-GCM-SHA256';
-  //TLS1_TXT_PSK_WITH_AES_256_GCM_SHA384 = 'PSK-AES256-GCM-SHA384';
+  //TLS1_TXT_PSK_WITH_AES_128_GCM_SHA256 = AnsiString('PSK-AES128-GCM-SHA256');
+  //TLS1_TXT_PSK_WITH_AES_256_GCM_SHA384 = AnsiString('PSK-AES256-GCM-SHA384');
 
   (* ECDHE PSK ciphersuites from RFC 5489 *)
-  TLS1_TXT_ECDHE_PSK_WITH_RC4_128_SHA = 'ECDHE-PSK-RC4-SHA';
-  TLS1_TXT_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA = 'ECDHE-PSK-3DES-EDE-CBC-SHA';
-  TLS1_TXT_ECDHE_PSK_WITH_AES_128_CBC_SHA = 'ECDHE-PSK-AES128-CBC-SHA';
-  TLS1_TXT_ECDHE_PSK_WITH_AES_256_CBC_SHA = 'ECDHE-PSK-AES256-CBC-SHA';
+  TLS1_TXT_ECDHE_PSK_WITH_RC4_128_SHA = AnsiString('ECDHE-PSK-RC4-SHA');
+  TLS1_TXT_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA = AnsiString('ECDHE-PSK-3DES-EDE-CBC-SHA');
+  TLS1_TXT_ECDHE_PSK_WITH_AES_128_CBC_SHA = AnsiString('ECDHE-PSK-AES128-CBC-SHA');
+  TLS1_TXT_ECDHE_PSK_WITH_AES_256_CBC_SHA = AnsiString('ECDHE-PSK-AES256-CBC-SHA');
 
-  TLS1_TXT_ECDHE_PSK_WITH_AES_128_CBC_SHA256 = 'ECDHE-PSK-AES128-CBC-SHA256';
-  TLS1_TXT_ECDHE_PSK_WITH_AES_256_CBC_SHA384 = 'ECDHE-PSK-AES256-CBC-SHA384';
+  TLS1_TXT_ECDHE_PSK_WITH_AES_128_CBC_SHA256 = AnsiString('ECDHE-PSK-AES128-CBC-SHA256');
+  TLS1_TXT_ECDHE_PSK_WITH_AES_256_CBC_SHA384 = AnsiString('ECDHE-PSK-AES256-CBC-SHA384');
 
-  TLS1_TXT_ECDHE_PSK_WITH_NULL_SHA = 'ECDHE-PSK-NULL-SHA';
-  TLS1_TXT_ECDHE_PSK_WITH_NULL_SHA256 = 'ECDHE-PSK-NULL-SHA256';
-  TLS1_TXT_ECDHE_PSK_WITH_NULL_SHA384 = 'ECDHE-PSK-NULL-SHA384';
+  TLS1_TXT_ECDHE_PSK_WITH_NULL_SHA = AnsiString('ECDHE-PSK-NULL-SHA');
+  TLS1_TXT_ECDHE_PSK_WITH_NULL_SHA256 = AnsiString('ECDHE-PSK-NULL-SHA256');
+  TLS1_TXT_ECDHE_PSK_WITH_NULL_SHA384 = AnsiString('ECDHE-PSK-NULL-SHA384');
 
   (* Camellia-CBC ciphersuites from RFC6367 *)
-  TLS1_TXT_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 = 'ECDHE-ECDSA-CAMELLIA128-SHA256';
-  TLS1_TXT_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 = 'ECDHE-ECDSA-CAMELLIA256-SHA384';
-  TLS1_TXT_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 = 'ECDH-ECDSA-CAMELLIA128-SHA256';
-  TLS1_TXT_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 = 'ECDH-ECDSA-CAMELLIA256-SHA384';
-  TLS1_TXT_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 'ECDHE-RSA-CAMELLIA128-SHA256';
-  TLS1_TXT_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 = 'ECDHE-RSA-CAMELLIA256-SHA384';
-  TLS1_TXT_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 'ECDH-RSA-CAMELLIA128-SHA256';
-  TLS1_TXT_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 = 'ECDH-RSA-CAMELLIA256-SHA384';
+  TLS1_TXT_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('ECDHE-ECDSA-CAMELLIA128-SHA256');
+  TLS1_TXT_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 = AnsiString('ECDHE-ECDSA-CAMELLIA256-SHA384');
+  TLS1_TXT_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('ECDH-ECDSA-CAMELLIA128-SHA256');
+  TLS1_TXT_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 = AnsiString('ECDH-ECDSA-CAMELLIA256-SHA384');
+  TLS1_TXT_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('ECDHE-RSA-CAMELLIA128-SHA256');
+  TLS1_TXT_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 = AnsiString('ECDHE-RSA-CAMELLIA256-SHA384');
+  TLS1_TXT_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('ECDH-RSA-CAMELLIA128-SHA256');
+  TLS1_TXT_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 = AnsiString('ECDH-RSA-CAMELLIA256-SHA384');
 
   (* draft-ietf-tls-chacha20-poly1305-03 *)
-  TLS1_TXT_ECDHE_RSA_WITH_CHACHA20_POLY1305 = 'ECDHE-RSA-CHACHA20-POLY1305';
-  TLS1_TXT_ECDHE_ECDSA_WITH_CHACHA20_POLY1305 = 'ECDHE-ECDSA-CHACHA20-POLY1305';
-  TLS1_TXT_DHE_RSA_WITH_CHACHA20_POLY1305 = 'DHE-RSA-CHACHA20-POLY1305';
-  TLS1_TXT_PSK_WITH_CHACHA20_POLY1305 = 'PSK-CHACHA20-POLY1305';
-  TLS1_TXT_ECDHE_PSK_WITH_CHACHA20_POLY1305 = 'ECDHE-PSK-CHACHA20-POLY1305';
-  TLS1_TXT_DHE_PSK_WITH_CHACHA20_POLY1305 = 'DHE-PSK-CHACHA20-POLY1305';
-  TLS1_TXT_RSA_PSK_WITH_CHACHA20_POLY1305 = 'RSA-PSK-CHACHA20-POLY1305';
+  TLS1_TXT_ECDHE_RSA_WITH_CHACHA20_POLY1305 = AnsiString('ECDHE-RSA-CHACHA20-POLY1305');
+  TLS1_TXT_ECDHE_ECDSA_WITH_CHACHA20_POLY1305 = AnsiString('ECDHE-ECDSA-CHACHA20-POLY1305');
+  TLS1_TXT_DHE_RSA_WITH_CHACHA20_POLY1305 = AnsiString('DHE-RSA-CHACHA20-POLY1305');
+  TLS1_TXT_PSK_WITH_CHACHA20_POLY1305 = AnsiString('PSK-CHACHA20-POLY1305');
+  TLS1_TXT_ECDHE_PSK_WITH_CHACHA20_POLY1305 = AnsiString('ECDHE-PSK-CHACHA20-POLY1305');
+  TLS1_TXT_DHE_PSK_WITH_CHACHA20_POLY1305 = AnsiString('DHE-PSK-CHACHA20-POLY1305');
+  TLS1_TXT_RSA_PSK_WITH_CHACHA20_POLY1305 = AnsiString('RSA-PSK-CHACHA20-POLY1305');
 
   (* Aria ciphersuites from RFC6209 *)
-  TLS1_TXT_RSA_WITH_ARIA_128_GCM_SHA256 = 'ARIA128-GCM-SHA256';
-  TLS1_TXT_RSA_WITH_ARIA_256_GCM_SHA384 = 'ARIA256-GCM-SHA384';
-  TLS1_TXT_DHE_RSA_WITH_ARIA_128_GCM_SHA256 = 'DHE-RSA-ARIA128-GCM-SHA256';
-  TLS1_TXT_DHE_RSA_WITH_ARIA_256_GCM_SHA384 = 'DHE-RSA-ARIA256-GCM-SHA384';
-  TLS1_TXT_DH_RSA_WITH_ARIA_128_GCM_SHA256 = 'DH-RSA-ARIA128-GCM-SHA256';
-  TLS1_TXT_DH_RSA_WITH_ARIA_256_GCM_SHA384 = 'DH-RSA-ARIA256-GCM-SHA384';
-  TLS1_TXT_DHE_DSS_WITH_ARIA_128_GCM_SHA256 = 'DHE-DSS-ARIA128-GCM-SHA256';
-  TLS1_TXT_DHE_DSS_WITH_ARIA_256_GCM_SHA384 = 'DHE-DSS-ARIA256-GCM-SHA384';
-  TLS1_TXT_DH_DSS_WITH_ARIA_128_GCM_SHA256 = 'DH-DSS-ARIA128-GCM-SHA256';
-  TLS1_TXT_DH_DSS_WITH_ARIA_256_GCM_SHA384 = 'DH-DSS-ARIA256-GCM-SHA384';
-  TLS1_TXT_DH_anon_WITH_ARIA_128_GCM_SHA256 = 'ADH-ARIA128-GCM-SHA256';
-  TLS1_TXT_DH_anon_WITH_ARIA_256_GCM_SHA384 = 'ADH-ARIA256-GCM-SHA384';
-  TLS1_TXT_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256 = 'ECDHE-ECDSA-ARIA128-GCM-SHA256';
-  TLS1_TXT_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384 = 'ECDHE-ECDSA-ARIA256-GCM-SHA384';
-  TLS1_TXT_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256 = 'ECDH-ECDSA-ARIA128-GCM-SHA256';
-  TLS1_TXT_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384 = 'ECDH-ECDSA-ARIA256-GCM-SHA384';
-  TLS1_TXT_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 = 'ECDHE-ARIA128-GCM-SHA256';
-  TLS1_TXT_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 = 'ECDHE-ARIA256-GCM-SHA384';
-  TLS1_TXT_ECDH_RSA_WITH_ARIA_128_GCM_SHA256 = 'ECDH-ARIA128-GCM-SHA256';
-  TLS1_TXT_ECDH_RSA_WITH_ARIA_256_GCM_SHA384 = 'ECDH-ARIA256-GCM-SHA384';
-  TLS1_TXT_PSK_WITH_ARIA_128_GCM_SHA256 = 'PSK-ARIA128-GCM-SHA256';
-  TLS1_TXT_PSK_WITH_ARIA_256_GCM_SHA384 = 'PSK-ARIA256-GCM-SHA384';
-  TLS1_TXT_DHE_PSK_WITH_ARIA_128_GCM_SHA256 = 'DHE-PSK-ARIA128-GCM-SHA256';
-  TLS1_TXT_DHE_PSK_WITH_ARIA_256_GCM_SHA384 = 'DHE-PSK-ARIA256-GCM-SHA384';
-  TLS1_TXT_RSA_PSK_WITH_ARIA_128_GCM_SHA256 = 'RSA-PSK-ARIA128-GCM-SHA256';
-  TLS1_TXT_RSA_PSK_WITH_ARIA_256_GCM_SHA384 = 'RSA-PSK-ARIA256-GCM-SHA384';
+  TLS1_TXT_RSA_WITH_ARIA_128_GCM_SHA256 = AnsiString('ARIA128-GCM-SHA256');
+  TLS1_TXT_RSA_WITH_ARIA_256_GCM_SHA384 = AnsiString('ARIA256-GCM-SHA384');
+  TLS1_TXT_DHE_RSA_WITH_ARIA_128_GCM_SHA256 = AnsiString('DHE-RSA-ARIA128-GCM-SHA256');
+  TLS1_TXT_DHE_RSA_WITH_ARIA_256_GCM_SHA384 = AnsiString('DHE-RSA-ARIA256-GCM-SHA384');
+  TLS1_TXT_DH_RSA_WITH_ARIA_128_GCM_SHA256 = AnsiString('DH-RSA-ARIA128-GCM-SHA256');
+  TLS1_TXT_DH_RSA_WITH_ARIA_256_GCM_SHA384 = AnsiString('DH-RSA-ARIA256-GCM-SHA384');
+  TLS1_TXT_DHE_DSS_WITH_ARIA_128_GCM_SHA256 = AnsiString('DHE-DSS-ARIA128-GCM-SHA256');
+  TLS1_TXT_DHE_DSS_WITH_ARIA_256_GCM_SHA384 = AnsiString('DHE-DSS-ARIA256-GCM-SHA384');
+  TLS1_TXT_DH_DSS_WITH_ARIA_128_GCM_SHA256 = AnsiString('DH-DSS-ARIA128-GCM-SHA256');
+  TLS1_TXT_DH_DSS_WITH_ARIA_256_GCM_SHA384 = AnsiString('DH-DSS-ARIA256-GCM-SHA384');
+  TLS1_TXT_DH_anon_WITH_ARIA_128_GCM_SHA256 = AnsiString('ADH-ARIA128-GCM-SHA256');
+  TLS1_TXT_DH_anon_WITH_ARIA_256_GCM_SHA384 = AnsiString('ADH-ARIA256-GCM-SHA384');
+  TLS1_TXT_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256 = AnsiString('ECDHE-ECDSA-ARIA128-GCM-SHA256');
+  TLS1_TXT_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384 = AnsiString('ECDHE-ECDSA-ARIA256-GCM-SHA384');
+  TLS1_TXT_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256 = AnsiString('ECDH-ECDSA-ARIA128-GCM-SHA256');
+  TLS1_TXT_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384 = AnsiString('ECDH-ECDSA-ARIA256-GCM-SHA384');
+  TLS1_TXT_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 = AnsiString('ECDHE-ARIA128-GCM-SHA256');
+  TLS1_TXT_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 = AnsiString('ECDHE-ARIA256-GCM-SHA384');
+  TLS1_TXT_ECDH_RSA_WITH_ARIA_128_GCM_SHA256 = AnsiString('ECDH-ARIA128-GCM-SHA256');
+  TLS1_TXT_ECDH_RSA_WITH_ARIA_256_GCM_SHA384 = AnsiString('ECDH-ARIA256-GCM-SHA384');
+  TLS1_TXT_PSK_WITH_ARIA_128_GCM_SHA256 = AnsiString('PSK-ARIA128-GCM-SHA256');
+  TLS1_TXT_PSK_WITH_ARIA_256_GCM_SHA384 = AnsiString('PSK-ARIA256-GCM-SHA384');
+  TLS1_TXT_DHE_PSK_WITH_ARIA_128_GCM_SHA256 = AnsiString('DHE-PSK-ARIA128-GCM-SHA256');
+  TLS1_TXT_DHE_PSK_WITH_ARIA_256_GCM_SHA384 = AnsiString('DHE-PSK-ARIA256-GCM-SHA384');
+  TLS1_TXT_RSA_PSK_WITH_ARIA_128_GCM_SHA256 = AnsiString('RSA-PSK-ARIA128-GCM-SHA256');
+  TLS1_TXT_RSA_PSK_WITH_ARIA_256_GCM_SHA384 = AnsiString('RSA-PSK-ARIA256-GCM-SHA384');
 
   TLS_CT_RSA_SIGN = 1;
   TLS_CT_DSS_SIGN = 2;
@@ -1028,68 +1028,67 @@ interface
   TLS1_FINISH_MAC_LENGTH = 12;
 
   TLS_MD_MAX_CONST_SIZE = 22;
-  TLS_MD_CLIENT_FINISH_CONST  = 'client finished';
+  TLS_MD_CLIENT_FINISH_CONST  = AnsiString('client finished');
   TLS_MD_CLIENT_FINISH_CONST_SIZE = 15;
-  TLS_MD_SERVER_FINISH_CONST  = 'server finished';
+  TLS_MD_SERVER_FINISH_CONST  = AnsiString('server finished');
   TLS_MD_SERVER_FINISH_CONST_SIZE = 15;
-  TLS_MD_KEY_EXPANSION_CONST  = 'key expansion';
+  TLS_MD_KEY_EXPANSION_CONST  = AnsiString('key expansion');
   TLS_MD_KEY_EXPANSION_CONST_SIZE = 13;
-  TLS_MD_CLIENT_WRITE_KEY_CONST  = 'client write key';
+  TLS_MD_CLIENT_WRITE_KEY_CONST  = AnsiString('client write key');
   TLS_MD_CLIENT_WRITE_KEY_CONST_SIZE = 16;
-  TLS_MD_SERVER_WRITE_KEY_CONST  = 'server write key';
+  TLS_MD_SERVER_WRITE_KEY_CONST  = AnsiString('server write key');
   TLS_MD_SERVER_WRITE_KEY_CONST_SIZE = 16;
-  TLS_MD_IV_BLOCK_CONST  = 'IV block';
+  TLS_MD_IV_BLOCK_CONST  = AnsiString('IV block');
   TLS_MD_IV_BLOCK_CONST_SIZE = 8;
-  TLS_MD_MASTER_SECRET_CONST  = 'master secret';
+  TLS_MD_MASTER_SECRET_CONST  = AnsiString('master secret');
   TLS_MD_MASTER_SECRET_CONST_SIZE = 13;
-  TLS_MD_EXTENDED_MASTER_SECRET_CONST  = 'extended master secret';
+  TLS_MD_EXTENDED_MASTER_SECRET_CONST  = AnsiString('extended master secret');
   TLS_MD_EXTENDED_MASTER_SECRET_CONST_SIZE = 22;
 
 //  (*
 //   * client finished
 //   *)
-//  TLS_MD_CLIENT_FINISH_CONST  = '\x63\x6c\x69\x65\x6e\x74\x20\x66\x69\x6e\x69\x73\x68\x65\x64';
+//  TLS_MD_CLIENT_FINISH_CONST = TIdAnsiChar($63) + TIdAnsiChar($6c) + TIdAnsiChar($69) + TIdAnsiChar($65) + TIdAnsiChar($6e) + TIdAnsiChar($74) + TIdAnsiChar($20) + TIdAnsiChar($66) + TIdAnsiChar($69) + TIdAnsiChar($6e) + TIdAnsiChar($69) + TIdAnsiChar($73) + TIdAnsiChar($68) + TIdAnsiChar($65) + TIdAnsiChar($64);
 //
 //  (*
 //   * server finished
 //   *)
-//  TLS_MD_SERVER_FINISH_CONST  = '\x73\x65\x72\x76\x65\x72\x20\x66\x69\x6e\x69\x73\x68\x65\x64';
+//  TLS_MD_SERVER_FINISH_CONST = TIdAnsiChar($73) + TIdAnsiChar($65) + TIdAnsiChar($72) + TIdAnsiChar($76) + TIdAnsiChar($65) + TIdAnsiChar($72) + TIdAnsiChar($20) + TIdAnsiChar($66) + TIdAnsiChar($69) + TIdAnsiChar($6e) + TIdAnsiChar($69) + TIdAnsiChar($73) + TIdAnsiChar($68) + TIdAnsiChar($65) + TIdAnsiChar($64);
 //
 //  (*
 //   * server write key
 //   *)
-//  TLS_MD_SERVER_WRITE_KEY_CONST  = '\x73\x65\x72\x76\x65\x72\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79';
+//  TLS_MD_SERVER_WRITE_KEY_CONST = TIdAnsiChar($73) + TIdAnsiChar($65) + TIdAnsiChar($72) + TIdAnsiChar($76) + TIdAnsiChar($65) + TIdAnsiChar($72) + TIdAnsiChar($20) + TIdAnsiChar($77) + TIdAnsiChar($72) + TIdAnsiChar($69) + TIdAnsiChar($74) + TIdAnsiChar($65) + TIdAnsiChar($20) + TIdAnsiChar($6b) + TIdAnsiChar($65) + TIdAnsiChar($79);
 //
 //  (*
 //   * key expansion
 //   *)
-//  TLS_MD_KEY_EXPANSION_CONST  = '\x6b\x65\x79\x20\x65\x78\x70\x61\x6e\x73\x69\x6f\x6e';
+//  TLS_MD_KEY_EXPANSION_CONST = TIdAnsiChar($6b) + TIdAnsiChar($65) + TIdAnsiChar($79) + TIdAnsiChar($20) + TIdAnsiChar($65) + TIdAnsiChar($78) + TIdAnsiChar($70) + TIdAnsiChar($61) + TIdAnsiChar($6e) + TIdAnsiChar($73) + TIdAnsiChar($69) + TIdAnsiChar($6f) + TIdAnsiChar($6e);
 //
 //  (*
 //   * client write key
 //   *)
-//  TLS_MD_CLIENT_WRITE_KEY_CONST  = '\x63\x6c\x69\x65\x6e\x74\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79';
+//  TLS_MD_CLIENT_WRITE_KEY_CONST = TIdAnsiChar($63) + TIdAnsiChar($6c) + TIdAnsiChar($69) + TIdAnsiChar($65) + TIdAnsiChar($6e) + TIdAnsiChar($74) + TIdAnsiChar($20) + TIdAnsiChar($77) + TIdAnsiChar($72) + TIdAnsiChar($69) + TIdAnsiChar($74) + TIdAnsiChar($65) + TIdAnsiChar($20) + TIdAnsiChar($6b) + TIdAnsiChar($65) + TIdAnsiChar($79);
 //
 //  (*
 //   * server write key
 //   *)
-//  TLS_MD_SERVER_WRITE_KEY_CONST  = '\x73\x65\x72\x76\x65\x72\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79';
+//  TLS_MD_SERVER_WRITE_KEY_CONST = TIdAnsiChar($73) + TIdAnsiChar($65) + TIdAnsiChar($72) + TIdAnsiChar($76) + TIdAnsiChar($65) + TIdAnsiChar($72) + TIdAnsiChar($20) + TIdAnsiChar($77) + TIdAnsiChar($72) + TIdAnsiChar($69) + TIdAnsiChar($74) + TIdAnsiChar($65) + TIdAnsiChar($20) + TIdAnsiChar($6b) + TIdAnsiChar($65) + TIdAnsiChar($79);
 //
 //  (*
 //   * IV block
 //   *)
-//  TLS_MD_IV_BLOCK_CONST  = '\x49\x56\x20\x62\x6c\x6f\x63\x6b';
-//
+//  TLS_MD_IV_BLOCK_CONST = TIdAnsiChar($49) + TIdAnsiChar($56) + TIdAnsiChar($20) + TIdAnsiChar($62) + TIdAnsiChar($6c) + TIdAnsiChar($6f) + TIdAnsiChar($63) + TIdAnsiChar($6b);
 //
 //  (*
 //   * master secret
 //   *)
-//  TLS_MD_MASTER_SECRET_CONST  = '\x6d\x61\x73\x74\x65\x72\x20\x73\x65\x63\x72\x65\x74';
+//  TLS_MD_MASTER_SECRET_CONST = TIdAnsiChar($6d) + TIdAnsiChar($61) + TIdAnsiChar($73) + TIdAnsiChar($74) + TIdAnsiChar($65) + TIdAnsiChar($72) + TIdAnsiChar($20) + TIdAnsiChar($73) + TIdAnsiChar($65) + TIdAnsiChar($63) + TIdAnsiChar($72) + TIdAnsiChar($65) + TIdAnsiChar($74);
 //
 //  (*
 //   * extended master secret
 //   *)
-//  TLS_MD_EXTENDED_MASTER_SECRET_CONST  = '\x65\x78\x74\x65\x6e\x64\x65\x64\x20\x6d\x61\x73\x74\x65\x72\x20\x73\x65\x63\x72\x65\x74';
+//  TLS_MD_EXTENDED_MASTER_SECRET_CONST = TIdAnsiChar($65) + TIdAnsiChar($78) + TIdAnsiChar($74) + TIdAnsiChar($65) + TIdAnsiChar($6e) + TIdAnsiChar($64) + TIdAnsiChar($65) + TIdAnsiChar($64) + TIdAnsiChar($20) + TIdAnsiChar($6d) + TIdAnsiChar($61) + TIdAnsiChar($73) + TIdAnsiChar($74) + TIdAnsiChar($65) + TIdAnsiChar($72) + TIdAnsiChar($20) + TIdAnsiChar($73) + TIdAnsiChar($65) + TIdAnsiChar($63) + TIdAnsiChar($72) + TIdAnsiChar($65) + TIdAnsiChar($74);
 
 type
   (* TLS Session Ticket extension struct *)
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_x509.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_x509.pas
index 3731de768..f378c7b0b 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_x509.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_x509.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 14:51:27
+// Generation date: 11.05.2020 08:36:43
 
 unit IdOpenSSLHeaders_x509;
 
@@ -231,7 +231,7 @@   X509_val_st = record
   x509_trust_st = record
     trust: TIdC_INT;
     flags: TIdC_INT;
-    check_trust: function(v1: Px509_trust_st; v2: PX509; v3: TIdC_INT): TIdC_INT;
+    check_trust: function(v1: Px509_trust_st; v2: PX509; v3: TIdC_INT): TIdC_INT; cdecl;
     name: PIdAnsiChar;
     arg1: TIdC_INT;
     arg2: Pointer;
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_x509v3.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_x509v3.pas
index 8d9ea662a..221124dbd 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_x509v3.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_x509v3.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 14:51:27
+// Generation date: 11.05.2020 08:36:43
 
 unit IdOpenSSLHeaders_x509v3;
 
@@ -555,7 +555,7 @@   x509_purpose_st = record
     purpose: TIdC_INT;
     trust: TIdC_INT;                  (* Default trust ID *)
     flags: TIdC_INT;
-    check_purpose: function(const v1: PX509_PURPOSE; const v2: PX509; v3: TIdC_INT): TIdC_INT;
+    check_purpose: function(const v1: PX509_PURPOSE; const v2: PX509; v3: TIdC_INT): TIdC_INT; cdecl;
     name: PIdAnsiChar;
     sname: PIdAnsiChar;
     usr_data: Pointer;

From c805f2483d82744119630364fefc01f6756e0c78 Mon Sep 17 00:00:00 2001
From: "Fabian S. Biehn" <fbiehn@aagon.com>
Date: Thu, 25 Jun 2020 10:03:50 +0200
Subject: [PATCH 03/64] FTP data channel should reuse the session of the
 command channel

This prevents connection stealing.
See https://forum.filezilla-project.org/viewtopic.php?p=137191#p137191
for more details
---
 Lib/Protocols/OpenSSL/IdOpenSSLContextClient.pas   | 2 +-
 Lib/Protocols/OpenSSL/IdOpenSSLIOHandlerClient.pas | 6 ++++++
 2 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/Lib/Protocols/OpenSSL/IdOpenSSLContextClient.pas b/Lib/Protocols/OpenSSL/IdOpenSSLContextClient.pas
index 56d893b10..dc23a3cc0 100644
--- a/Lib/Protocols/OpenSSL/IdOpenSSLContextClient.pas
+++ b/Lib/Protocols/OpenSSL/IdOpenSSLContextClient.pas
@@ -40,8 +40,8 @@ interface
 type
   TIdOpenSSLContextClient = class(TIdOpenSSLContext)
   private
-    FSession: Pointer;
   protected
+    FSession: Pointer;
     function GetVerifyMode(const AOptions: TIdOpenSSLOptionsBase): TIdC_INT; override;
   public
     function Init(const AOptions: TIdOpenSSLOptionsClient): Boolean;
diff --git a/Lib/Protocols/OpenSSL/IdOpenSSLIOHandlerClient.pas b/Lib/Protocols/OpenSSL/IdOpenSSLIOHandlerClient.pas
index 26c628aea..64674a6be 100644
--- a/Lib/Protocols/OpenSSL/IdOpenSSLIOHandlerClient.pas
+++ b/Lib/Protocols/OpenSSL/IdOpenSSLIOHandlerClient.pas
@@ -71,6 +71,9 @@ implementation
   IdURI,
   SysUtils;
 
+type
+  TIdOpenSSLContextClientAccessor = class(TIdOpenSSLContextClient);
+
 { TIdOpenSSLIOHandlerClient }
 
 procedure TIdOpenSSLIOHandlerClient.EnsureContext;
@@ -116,6 +119,9 @@ function TIdOpenSSLIOHandlerClient.Clone: TIdSSLIOHandlerSocketBase;
 begin
   Result := inherited;
   Options.AssignTo(TIdOpenSSLIOHandlerClient(Result).Options);
+  TIdOpenSSLIOHandlerClient(Result).EnsureContext();
+  TIdOpenSSLContextClientAccessor(TIdOpenSSLIOHandlerClient(Result).FContext).FSession :=
+    TIdOpenSSLContextClientAccessor(TIdOpenSSLIOHandlerClient(Self).FContext).FSession;
 end;
 
 destructor TIdOpenSSLIOHandlerClient.Destroy;

From eebe9825b9095400eb07b60461ef8911ac8655de Mon Sep 17 00:00:00 2001
From: "Fabian S. Biehn" <fbiehn@aagon.com>
Date: Wed, 28 Oct 2020 14:43:22 +0100
Subject: [PATCH 04/64] Added git attributes

---
 Lib/Protocols/OpenSSL/.gitattributes | 2 ++
 1 file changed, 2 insertions(+)
 create mode 100644 Lib/Protocols/OpenSSL/.gitattributes

diff --git a/Lib/Protocols/OpenSSL/.gitattributes b/Lib/Protocols/OpenSSL/.gitattributes
new file mode 100644
index 000000000..38f4dd806
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/.gitattributes
@@ -0,0 +1,2 @@
+# Declare files that will always have CRLF line endings on checkout.
+*.pas text eol=crlf
\ No newline at end of file

From 54855da14df87763ad846ca1157e5f0737dc00b2 Mon Sep 17 00:00:00 2001
From: "Fabian S. Biehn" <fbiehn@aagon.com>
Date: Mon, 10 Oct 2022 12:21:50 +0200
Subject: [PATCH 05/64] Fixed line endings and rebase error

---
 .../IntermediateCode/IdOpenSSLHeaders_ssl.pas | 2298 ++++++++---------
 .../IdOpenSSLHeaders_ssl3.pas                 |  440 ++--
 .../IdOpenSSLHeaders_tls1.pas                 | 2114 +++++++--------
 .../IdOpenSSLHeaders_x509v3.pas               |  192 +-
 4 files changed, 2522 insertions(+), 2522 deletions(-)

diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ssl.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ssl.pas
index 1942c475d..618bc2fdf 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ssl.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ssl.pas
@@ -1,539 +1,539 @@
-{******************************************************************************}
-{                                                                              }
-{            Indy (Internet Direct) - Internet Protocols Simplified            }
-{                                                                              }
-{            https://www.indyproject.org/                                      }
-{            https://gitter.im/IndySockets/Indy                                }
-{                                                                              }
-{******************************************************************************}
-{                                                                              }
-{  This file is part of the Indy (Internet Direct) project, and is offered     }
-{  under the dual-licensing agreement described on the Indy website.           }
-{  (https://www.indyproject.org/license/)                                      }
-{                                                                              }
-{  Copyright:                                                                  }
-{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
-{                                                                              }
-{******************************************************************************}
-{                                                                              }
-{        Originally written by: Fabian S. Biehn                                }
-{                               fbiehn@aagon.com (German & English)            }
-{                                                                              }
-{        Contributers:                                                         }
-{                               Here could be your name                        }
-{                                                                              }
-{******************************************************************************}
-
-unit IdOpenSSLHeaders_ssl;
-
-interface
-
-// Headers for OpenSSL 1.1.1
-// ssl.h
-
-{$i IdCompilerDefines.inc}
-
-uses
-  IdCTypes,
-  IdGlobal,
-  IdOpenSSLConsts,
-  IdOpenSSLHeaders_ossl_typ,
-  IdOpenSSLHeaders_async,
-  IdOpenSSLHeaders_bio,
-  IdOpenSSLHeaders_crypto,
-  IdOpenSSLHeaders_pem,
-  IdOpenSSLHeaders_tls1,
-  IdOpenSSLHeaders_ssl3,
-  IdOpenSSLHeaders_X509;
-
-{$MINENUMSIZE 4}
-
-const
-  (* OpenSSL version number for ASN.1 encoding of the session information *)
-  (*-
-   * Version 0 - initial version
-   * Version 1 - added the optional peer certificate
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+unit IdOpenSSLHeaders_ssl;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// ssl.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts,
+  IdOpenSSLHeaders_ossl_typ,
+  IdOpenSSLHeaders_async,
+  IdOpenSSLHeaders_bio,
+  IdOpenSSLHeaders_crypto,
+  IdOpenSSLHeaders_pem,
+  IdOpenSSLHeaders_tls1,
+  IdOpenSSLHeaders_ssl3,
+  IdOpenSSLHeaders_X509;
+
+{$MINENUMSIZE 4}
+
+const
+  (* OpenSSL version number for ASN.1 encoding of the session information *)
+  (*-
+   * Version 0 - initial version
+   * Version 1 - added the optional peer certificate
    *)
-  SSL_SESSION_ASN1_VERSION = $0001;
+  SSL_SESSION_ASN1_VERSION = $0001;
   
-  SSL_MAX_SSL_SESSION_ID_LENGTH = 32;
-  SSL_MAX_SID_CTX_LENGTH = 32;
-
-  SSL_MIN_RSA_MODULUS_LENGTH_IN_BYTES = 512/8;
-  SSL_MAX_KEY_ARG_LENGTH = 8;
-  SSL_MAX_MASTER_KEY_LENGTH = 48;
-
-  (* The maximum number of encrypt/decrypt pipelines we can support *)
-  SSL_MAX_PIPELINES = 32;
-
-  (* text strings for the ciphers *)
-
-  (* These are used to specify which ciphers to use and not to use *)
-
-  SSL_TXT_LOW = AnsiString('LOW');
-  SSL_TXT_MEDIUM = AnsiString('MEDIUM');
-  SSL_TXT_HIGH = AnsiString('HIGH');
-  SSL_TXT_FIPS = AnsiString('FIPS');
-
-  SSL_TXT_aNULL = AnsiString('aNULL');
-  SSL_TXT_eNULL = AnsiString('eNULL');
-  SSL_TXT_NULL = AnsiString('NULL');
-
-  SSL_TXT_kRSA = AnsiString('kRSA');
-  SSL_TXT_kDHr = AnsiString('kDHr');
-  SSL_TXT_kDHd = AnsiString('kDHd');
-  SSL_TXT_kDH = AnsiString('kDH');
-  SSL_TXT_kEDH = AnsiString('kEDH');
-  SSL_TXT_kDHE = AnsiString('kDHE');
-  SSL_TXT_kECDHr = AnsiString('kECDHr');
-//const SSL_TXT_kECDHe = AnsiString('kECDHe');
-  SSL_TXT_kECDH = AnsiString('kECDH');
-  SSL_TXT_kEECDH = AnsiString('kEECDH');
-  SSL_TXT_kECDHE = AnsiString('kECDHE');
-  SSL_TXT_kPSK = AnsiString('kPSK');
-  SSL_TXT_kRSAPSK = AnsiString('kRSAPSK');
-  SSL_TXT_kECDHEPSK = AnsiString('kECDHEPSK');
-  SSL_TXT_kDHEPSK = AnsiString('kDHEPSK');
-  SSL_TXT_kGOST = AnsiString('kGOST');
-  SSL_TXT_kSRP = AnsiString('kSRP');
-
-  SSL_TXT_aRSA = AnsiString('aRSA');
-  SSL_TXT_aDSS = AnsiString('aDSS');
-  SSL_TXT_aDH = AnsiString('aDH');
-  SSL_TXT_aECDH = AnsiString('aECDH');
-  SSL_TXT_aECDSA = AnsiString('aECDSA');
-  SSL_TXT_aPSK = AnsiString('aPSK');
-  SSL_TXT_aGOST94 = AnsiString('aGOST94');
-  SSL_TXT_aGOST01 = AnsiString('aGOST01');
-  SSL_TXT_aGOST12 = AnsiString('aGOST12');
-  SSL_TXT_aGOST = AnsiString('aGOST');
-  SSL_TXT_aSRP = AnsiString('aSRP');
-
-  SSL_TXT_DSS = AnsiString('DSS');
-  SSL_TXT_DH = AnsiString('DH');
-  SSL_TXT_DHE = AnsiString('DHE');
-  SSL_TXT_EDH = AnsiString('EDH');
-  //SSL_TXT_ADH = AnsiString('ADH');
-  SSL_TXT_RSA = AnsiString('RSA');
-  SSL_TXT_ECDH = AnsiString('ECDH');
-  SSL_TXT_EECDH = AnsiString('EECDH');
-  SSL_TXT_ECDHE = AnsiString('ECDHE');
-  //SSL_TXT_AECDH = AnsiString('AECDH');
-  SSL_TXT_ECDSA = AnsiString('ECDSA');
-  SSL_TXT_PSK = AnsiString('PSK');
-  SSL_TXT_SRP = AnsiString('SRP');
-
-  SSL_TXT_DES = AnsiString('DES');
-  SSL_TXT_3DES = AnsiString('3DES');
-  SSL_TXT_RC4 = AnsiString('RC4');
-  SSL_TXT_RC2 = AnsiString('RC2');
-  SSL_TXT_IDEA = AnsiString('IDEA');
-  SSL_TXT_SEED = AnsiString('SEED');
-  SSL_TXT_AES128 = AnsiString('AES128');
-  SSL_TXT_AES256 = AnsiString('AES256');
-  SSL_TXT_AES = AnsiString('AES');
-  SSL_TXT_AES_GCM = AnsiString('AESGCM');
-  SSL_TXT_AES_CCM = AnsiString('AESCCM');
-  SSL_TXT_AES_CCM_8 = AnsiString('AESCCM8');
-  SSL_TXT_CAMELLIA128 = AnsiString('CAMELLIA128');
-  SSL_TXT_CAMELLIA256 = AnsiString('CAMELLIA256');
-  SSL_TXT_CAMELLIA = AnsiString('CAMELLIA');
-  SSL_TXT_CHACHA20 = AnsiString('CHACHA20');
-  SSL_TXT_GOST = AnsiString('GOST89');
-  SSL_TXT_ARIA = AnsiString('ARIA');
-  SSL_TXT_ARIA_GCM = AnsiString('ARIAGCM');
-  SSL_TXT_ARIA128 = AnsiString('ARIA128');
-  SSL_TXT_ARIA256 = AnsiString('ARIA256');
-
-  SSL_TXT_MD5 = AnsiString('MD5');
-  SSL_TXT_SHA1 = AnsiString('SHA1');
-  SSL_TXT_SHA = AnsiString('SHA');
-  SSL_TXT_GOST94 = AnsiString('GOST94');
-  SSL_TXT_GOST89MAC = AnsiString('GOST89MAC');
-  SSL_TXT_GOST12 = AnsiString('GOST12');
-  SSL_TXT_GOST89MAC12 = AnsiString('GOST89MAC12');
-  SSL_TXT_SHA256 = AnsiString('SHA256');
-  SSL_TXT_SHA384 = AnsiString('SHA384');
-
-  SSL_TXT_SSLV3 = AnsiString('SSLv3');
-  SSL_TXT_TLSV1 = AnsiString('TLSv1');
-  SSL_TXT_TLSV1_1 = AnsiString('TLSv1.1');
-  SSL_TXT_TLSV1_2 = AnsiString('TLSv1.2');
-
-  SSL_TXT_ALL = AnsiString('ALL');
-
-  (*-
-   * COMPLEMENTOF* definitions. These identifiers are used to (de-select)
-   * ciphers normally not being used.
-   * Example: "RC4" will activate all ciphers using RC4 including ciphers
-   * without authentication, which would normally disabled by DEFAULT (due
-   * the "!ADH" being part of default). Therefore "RC4:!COMPLEMENTOFDEFAULT"
-   * will make sure that it is also disabled in the specific selection.
-   * COMPLEMENTOF* identifiers are portable between version, as adjustments
-   * to the default cipher setup will also be included here.
-   *
-   * COMPLEMENTOFDEFAULT does not experience the same special treatment that
-   * DEFAULT gets, as only selection is being done and no sorting as needed
-   * for DEFAULT.
-   *)
-  SSL_TXT_CMPALL = AnsiString('COMPLEMENTOFALL');
-  SSL_TXT_CMPDEF = AnsiString('COMPLEMENTOFDEFAULT');
-
-  (*
-   * The following cipher list is used by default. It also is substituted when
-   * an application-defined cipher list string starts with 'DEFAULT'.
-   * This applies to ciphersuites for TLSv1.2 and below.
+  SSL_MAX_SSL_SESSION_ID_LENGTH = 32;
+  SSL_MAX_SID_CTX_LENGTH = 32;
+
+  SSL_MIN_RSA_MODULUS_LENGTH_IN_BYTES = 512/8;
+  SSL_MAX_KEY_ARG_LENGTH = 8;
+  SSL_MAX_MASTER_KEY_LENGTH = 48;
+
+  (* The maximum number of encrypt/decrypt pipelines we can support *)
+  SSL_MAX_PIPELINES = 32;
+
+  (* text strings for the ciphers *)
+
+  (* These are used to specify which ciphers to use and not to use *)
+
+  SSL_TXT_LOW = AnsiString('LOW');
+  SSL_TXT_MEDIUM = AnsiString('MEDIUM');
+  SSL_TXT_HIGH = AnsiString('HIGH');
+  SSL_TXT_FIPS = AnsiString('FIPS');
+
+  SSL_TXT_aNULL = AnsiString('aNULL');
+  SSL_TXT_eNULL = AnsiString('eNULL');
+  SSL_TXT_NULL = AnsiString('NULL');
+
+  SSL_TXT_kRSA = AnsiString('kRSA');
+  SSL_TXT_kDHr = AnsiString('kDHr');
+  SSL_TXT_kDHd = AnsiString('kDHd');
+  SSL_TXT_kDH = AnsiString('kDH');
+  SSL_TXT_kEDH = AnsiString('kEDH');
+  SSL_TXT_kDHE = AnsiString('kDHE');
+  SSL_TXT_kECDHr = AnsiString('kECDHr');
+//const SSL_TXT_kECDHe = AnsiString('kECDHe');
+  SSL_TXT_kECDH = AnsiString('kECDH');
+  SSL_TXT_kEECDH = AnsiString('kEECDH');
+  SSL_TXT_kECDHE = AnsiString('kECDHE');
+  SSL_TXT_kPSK = AnsiString('kPSK');
+  SSL_TXT_kRSAPSK = AnsiString('kRSAPSK');
+  SSL_TXT_kECDHEPSK = AnsiString('kECDHEPSK');
+  SSL_TXT_kDHEPSK = AnsiString('kDHEPSK');
+  SSL_TXT_kGOST = AnsiString('kGOST');
+  SSL_TXT_kSRP = AnsiString('kSRP');
+
+  SSL_TXT_aRSA = AnsiString('aRSA');
+  SSL_TXT_aDSS = AnsiString('aDSS');
+  SSL_TXT_aDH = AnsiString('aDH');
+  SSL_TXT_aECDH = AnsiString('aECDH');
+  SSL_TXT_aECDSA = AnsiString('aECDSA');
+  SSL_TXT_aPSK = AnsiString('aPSK');
+  SSL_TXT_aGOST94 = AnsiString('aGOST94');
+  SSL_TXT_aGOST01 = AnsiString('aGOST01');
+  SSL_TXT_aGOST12 = AnsiString('aGOST12');
+  SSL_TXT_aGOST = AnsiString('aGOST');
+  SSL_TXT_aSRP = AnsiString('aSRP');
+
+  SSL_TXT_DSS = AnsiString('DSS');
+  SSL_TXT_DH = AnsiString('DH');
+  SSL_TXT_DHE = AnsiString('DHE');
+  SSL_TXT_EDH = AnsiString('EDH');
+  //SSL_TXT_ADH = AnsiString('ADH');
+  SSL_TXT_RSA = AnsiString('RSA');
+  SSL_TXT_ECDH = AnsiString('ECDH');
+  SSL_TXT_EECDH = AnsiString('EECDH');
+  SSL_TXT_ECDHE = AnsiString('ECDHE');
+  //SSL_TXT_AECDH = AnsiString('AECDH');
+  SSL_TXT_ECDSA = AnsiString('ECDSA');
+  SSL_TXT_PSK = AnsiString('PSK');
+  SSL_TXT_SRP = AnsiString('SRP');
+
+  SSL_TXT_DES = AnsiString('DES');
+  SSL_TXT_3DES = AnsiString('3DES');
+  SSL_TXT_RC4 = AnsiString('RC4');
+  SSL_TXT_RC2 = AnsiString('RC2');
+  SSL_TXT_IDEA = AnsiString('IDEA');
+  SSL_TXT_SEED = AnsiString('SEED');
+  SSL_TXT_AES128 = AnsiString('AES128');
+  SSL_TXT_AES256 = AnsiString('AES256');
+  SSL_TXT_AES = AnsiString('AES');
+  SSL_TXT_AES_GCM = AnsiString('AESGCM');
+  SSL_TXT_AES_CCM = AnsiString('AESCCM');
+  SSL_TXT_AES_CCM_8 = AnsiString('AESCCM8');
+  SSL_TXT_CAMELLIA128 = AnsiString('CAMELLIA128');
+  SSL_TXT_CAMELLIA256 = AnsiString('CAMELLIA256');
+  SSL_TXT_CAMELLIA = AnsiString('CAMELLIA');
+  SSL_TXT_CHACHA20 = AnsiString('CHACHA20');
+  SSL_TXT_GOST = AnsiString('GOST89');
+  SSL_TXT_ARIA = AnsiString('ARIA');
+  SSL_TXT_ARIA_GCM = AnsiString('ARIAGCM');
+  SSL_TXT_ARIA128 = AnsiString('ARIA128');
+  SSL_TXT_ARIA256 = AnsiString('ARIA256');
+
+  SSL_TXT_MD5 = AnsiString('MD5');
+  SSL_TXT_SHA1 = AnsiString('SHA1');
+  SSL_TXT_SHA = AnsiString('SHA');
+  SSL_TXT_GOST94 = AnsiString('GOST94');
+  SSL_TXT_GOST89MAC = AnsiString('GOST89MAC');
+  SSL_TXT_GOST12 = AnsiString('GOST12');
+  SSL_TXT_GOST89MAC12 = AnsiString('GOST89MAC12');
+  SSL_TXT_SHA256 = AnsiString('SHA256');
+  SSL_TXT_SHA384 = AnsiString('SHA384');
+
+  SSL_TXT_SSLV3 = AnsiString('SSLv3');
+  SSL_TXT_TLSV1 = AnsiString('TLSv1');
+  SSL_TXT_TLSV1_1 = AnsiString('TLSv1.1');
+  SSL_TXT_TLSV1_2 = AnsiString('TLSv1.2');
+
+  SSL_TXT_ALL = AnsiString('ALL');
+
+  (*-
+   * COMPLEMENTOF* definitions. These identifiers are used to (de-select)
+   * ciphers normally not being used.
+   * Example: "RC4" will activate all ciphers using RC4 including ciphers
+   * without authentication, which would normally disabled by DEFAULT (due
+   * the "!ADH" being part of default). Therefore "RC4:!COMPLEMENTOFDEFAULT"
+   * will make sure that it is also disabled in the specific selection.
+   * COMPLEMENTOF* identifiers are portable between version, as adjustments
+   * to the default cipher setup will also be included here.
+   *
+   * COMPLEMENTOFDEFAULT does not experience the same special treatment that
+   * DEFAULT gets, as only selection is being done and no sorting as needed
+   * for DEFAULT.
    *)
-  SSL_DEFAULT_CIPHER_LIST = AnsiString('ALL:!COMPLEMENTOFDEFAULT:!eNULL');
+  SSL_TXT_CMPALL = AnsiString('COMPLEMENTOFALL');
+  SSL_TXT_CMPDEF = AnsiString('COMPLEMENTOFDEFAULT');
+
+  (*
+   * The following cipher list is used by default. It also is substituted when
+   * an application-defined cipher list string starts with 'DEFAULT'.
+   * This applies to ciphersuites for TLSv1.2 and below.
+   *)
+  SSL_DEFAULT_CIPHER_LIST = AnsiString('ALL:!COMPLEMENTOFDEFAULT:!eNULL');
   (* This is the default set of TLSv1.3 ciphersuites *)
   TLS_DEFAULT_CIPHERSUITES = AnsiString('TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256');
-
-  (*
-   * As of OpenSSL 1.0.0, ssl_create_cipher_list() in ssl/ssl_ciph.c always
-   * starts with a reasonable order, and all we have to do for DEFAULT is
-   * throwing out anonymous and unencrypted ciphersuites! (The latter are not
-   * actually enabled by ALL, but "ALL:RSA" would enable some of them.)
-   *)
-
+
+  (*
+   * As of OpenSSL 1.0.0, ssl_create_cipher_list() in ssl/ssl_ciph.c always
+   * starts with a reasonable order, and all we have to do for DEFAULT is
+   * throwing out anonymous and unencrypted ciphersuites! (The latter are not
+   * actually enabled by ALL, but "ALL:RSA" would enable some of them.)
+   *)
+
   (* Used in SSL_set_shutdown()/SSL_get_shutdown(); *)
   SSL_SENT_SHUTDOWN = 1;
-  SSL_RECEIVED_SHUTDOWN = 2;
-
-  SSL_FILETYPE_ASN1 = X509_FILETYPE_ASN1;
+  SSL_RECEIVED_SHUTDOWN = 2;
+
+  SSL_FILETYPE_ASN1 = X509_FILETYPE_ASN1;
   SSL_FILETYPE_PEM = X509_FILETYPE_PEM;
-
-  (* Extension context codes *)
+
+  (* Extension context codes *)
   (* This extension is only allowed in TLS *)
-  SSL_EXT_TLS_ONLY = $0001;
+  SSL_EXT_TLS_ONLY = $0001;
   (* This extension is only allowed in DTLS *)
-  SSL_EXT_DTLS_ONLY = $0002;
-  (* Some extensions may be allowed in DTLS but we don't implement them for it *)
-  SSL_EXT_TLS_IMPLEMENTATION_ONLY = $0004;
-  (* Most extensions are not defined for SSLv3 but EXT_TYPE_renegotiate is *)
-  SSL_EXT_SSL3_ALLOWED = $0008;
-  (* Extension is only defined for TLS1.2 and below *)
-  SSL_EXT_TLS1_2_AND_BELOW_ONLY = $0010;
-  (* Extension is only defined for TLS1.3 and above *)
-  SSL_EXT_TLS1_3_ONLY = $0020;
-  (* Ignore this extension during parsing if we are resuming *)
-  SSL_EXT_IGNORE_ON_RESUMPTION = $0040;
-  SSL_EXT_CLIENT_HELLO = $0080;
-  (* Really means TLS1.2 or below *)
-  SSL_EXT_TLS1_2_SERVER_HELLO = $0100;
-  SSL_EXT_TLS1_3_SERVER_HELLO = $0200;
-  SSL_EXT_TLS1_3_ENCRYPTED_EXTENSIONS = $0400;
-  SSL_EXT_TLS1_3_HELLO_RETRY_REQUEST = $0800;
-  SSL_EXT_TLS1_3_CERTIFICATE = $1000;
-  SSL_EXT_TLS1_3_NEW_SESSION_TICKET = $2000;
-  SSL_EXT_TLS1_3_CERTIFICATE_REQUEST = $4000;
-
-  (*
-   * Some values are reserved until OpenSSL 1.2.0 because they were previously
-   * included in SSL_OP_ALL in a 1.1.x release.
-   *
-   * Reserved value (until OpenSSL 1.2.0)                  $00000001U
-   * Reserved value (until OpenSSL 1.2.0)                  $00000002U
-   *)
-  (* Allow initial connection to servers that don't support RI *)
-  SSL_OP_LEGACY_SERVER_CONNECT = TIdC_UINT($00000004);
-
-  (* Reserved value (until OpenSSL 1.2.0)                  $00000008U *)
-  SSL_OP_TLSEXT_PADDING =      TIdC_UINT($00000010);
-  (* Reserved value (until OpenSSL 1.2.0)                  $00000020U *)
-  SSL_OP_SAFARI_ECDHE_ECDSA_BUG = TIdC_UINT($00000040);
-  (*
-   * Reserved value (until OpenSSL 1.2.0)                  $00000080U
-   * Reserved value (until OpenSSL 1.2.0)                  $00000100U
-   * Reserved value (until OpenSSL 1.2.0)                  $00000200U
-   *)
-
-  (* In TLSv1.3 allow a non-(ec)dhe based kex_mode *)
-  SSL_OP_ALLOW_NO_DHE_KEX                         = TIdC_UINT($00000400);
-
-  (*
-   * Disable SSL 3.0/TLS 1.0 CBC vulnerability workaround that was added in
-   * OpenSSL 0.9.6d.  Usually (depending on the application protocol) the
-   * workaround is not needed.  Unfortunately some broken SSL/TLS
-   * implementations cannot handle it at all, which is why we include it in
-   * SSL_OP_ALL. Added in 0.9.6e
-   *)
-  SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS              = TIdC_UINT($00000800);
-
-  (* DTLS options *)
-  SSL_OP_NO_QUERY_MTU                             = TIdC_UINT($00001000);
-  (* Turn on Cookie Exchange (on relevant for servers) *)
-  SSL_OP_COOKIE_EXCHANGE                          = TIdC_UINT($00002000);
-  (* Don't use RFC4507 ticket extension *)
-  SSL_OP_NO_TICKET                                = TIdC_UINT($00004000);
-  (* Use Cisco's "speshul" version of DTLS_BAD_VER
-   * (only with deprecated DTLSv1_client_method())  *)
-  SSL_OP_CISCO_ANYCONNECT                        = TIdC_UINT($00008000);
-
-  (* As server, disallow session resumption on renegotiation *)
-  SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION   = TIdC_UINT($00010000);
-  (* Don't use compression even if supported *)
-  SSL_OP_NO_COMPRESSION                           = TIdC_UINT($00020000);
-  (* Permit unsafe legacy renegotiation *)
-  SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION        = TIdC_UINT($00040000);
-  (* Disable encrypt-then-mac *)
-  SSL_OP_NO_ENCRYPT_THEN_MAC                      = TIdC_UINT($00080000);
-
-  (*
-   * Enable TLSv1.3 Compatibility mode. This is on by default. A future version
-   * of OpenSSL may have this disabled by default.
-   *)
-  SSL_OP_ENABLE_MIDDLEBOX_COMPAT                  = TIdC_UINT($00100000);
-
-  (* Prioritize Chacha20Poly1305 when client does.
-   * Modifies SSL_OP_CIPHER_SERVER_PREFERENCE *)
-  SSL_OP_PRIORITIZE_CHACHA                        = TIdC_UINT($00200000);
-
-  (*
-   * Set on servers to choose the cipher according to the server's preferences
-   *)
-  SSL_OP_CIPHER_SERVER_PREFERENCE                 = TIdC_UINT($00400000);
-  (*
-   * If set, a server will allow a client to issue a SSLv3.0 version number as
-   * latest version supported in the premaster secret, even when TLSv1.0
-   * (version 3.1) was announced in the client hello. Normally this is
-   * forbidden to prevent version rollback attacks.
-   *)
-  SSL_OP_TLS_ROLLBACK_BUG                         = TIdC_UINT($00800000);
-
-  (*
-   * Switches off automatic TLSv1.3 anti-replay protection for early data. This
-   * is a server-side option only (no effect on the client).
-   *)
-  SSL_OP_NO_ANTI_REPLAY                           = TIdC_UINT($01000000);
-
-  SSL_OP_NO_SSLv3                                 = TIdC_UINT($02000000);
-  SSL_OP_NO_TLSv1                                 = TIdC_UINT($04000000);
-  SSL_OP_NO_TLSv1_2                               = TIdC_UINT($08000000);
-  SSL_OP_NO_TLSv1_1                               = TIdC_UINT($10000000);
-  SSL_OP_NO_TLSv1_3                               = TIdC_UINT($20000000);
-
-  SSL_OP_NO_DTLSv1                                = TIdC_UINT($04000000);
-  SSL_OP_NO_DTLSv1_2                              = TIdC_UINT($08000000);
-
-  SSL_OP_NO_SSL_MASK = SSL_OP_NO_SSLv3 or SSL_OP_NO_TLSv1 or SSL_OP_NO_TLSv1_1
-    or SSL_OP_NO_TLSv1_2 or SSL_OP_NO_TLSv1_3;
-  SSL_OP_NO_DTLS_MASK = SSL_OP_NO_DTLSv1 or SSL_OP_NO_DTLSv1_2;
-
-  (* Disallow all renegotiation *)
-  SSL_OP_NO_RENEGOTIATION                         = TIdC_UINT($40000000);
-
-  (*
-   * Make server add server-hello extension from early version of cryptopro
-   * draft, when GOST ciphersuite is negotiated. Required for interoperability
-   * with CryptoPro CSP 3.x
-   *)
-  SSL_OP_CRYPTOPRO_TLSEXT_BUG                     = TIdC_UINT($80000000);
-
-  (*
-   * SSL_OP_ALL: various bug workarounds that should be rather harmless.
-   * This used to be $000FFFFFL before 0.9.7.
-   * This used to be $80000BFFU before 1.1.1.
-   *)
-  SSL_OP_ALL = SSL_OP_CRYPTOPRO_TLSEXT_BUG or SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS
-    or SSL_OP_LEGACY_SERVER_CONNECT or SSL_OP_TLSEXT_PADDING or SSL_OP_SAFARI_ECDHE_ECDSA_BUG;
-
-  (* OBSOLETE OPTIONS: retained for compatibility *)
-
-  (* Removed from OpenSSL 1.1.0. Was $00000001L *)
-  (* Related to removed SSLv2. *)
-  SSL_OP_MICROSOFT_SESS_ID_BUG                    = $0;
-  (* Removed from OpenSSL 1.1.0. Was $00000002L *)
-  (* Related to removed SSLv2. *)
-  SSL_OP_NETSCAPE_CHALLENGE_BUG                   = $0;
-  (* Removed from OpenSSL 0.9.8q and 1.0.0c. Was $00000008L *)
-  (* Dead forever, see CVE-2010-4180 *)
-  SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG         = $0;
-  (* Removed from OpenSSL 1.0.1h and 1.0.2. Was $00000010L *)
-  (* Refers to ancient SSLREF and SSLv2. *)
-  SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG              = $0;
-  (* Removed from OpenSSL 1.1.0. Was $00000020 *)
-  SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER               = $0;
-  (* Removed from OpenSSL 0.9.7h and 0.9.8b. Was $00000040L *)
-  SSL_OP_MSIE_SSLV2_RSA_PADDING                   = $0;
-  (* Removed from OpenSSL 1.1.0. Was $00000080 *)
-  (* Ancient SSLeay version. *)
-  SSL_OP_SSLEAY_080_CLIENT_DH_BUG                 = $0;
-  (* Removed from OpenSSL 1.1.0. Was $00000100L *)
-  SSL_OP_TLS_D5_BUG                               = $0;
-  (* Removed from OpenSSL 1.1.0. Was $00000200L *)
-  SSL_OP_TLS_BLOCK_PADDING_BUG                    = $0;
-  (* Removed from OpenSSL 1.1.0. Was $00080000L *)
-  SSL_OP_SINGLE_ECDH_USE                          = $0;
-  (* Removed from OpenSSL 1.1.0. Was $00100000L *)
-  SSL_OP_SINGLE_DH_USE                            = $0;
-  (* Removed from OpenSSL 1.0.1k and 1.0.2. Was $00200000L *)
-  SSL_OP_EPHEMERAL_RSA                            = $0;
-  (* Removed from OpenSSL 1.1.0. Was $01000000L *)
-  SSL_OP_NO_SSLv2                                 = $0;
-  (* Removed from OpenSSL 1.0.1. Was $08000000L *)
-  SSL_OP_PKCS1_CHECK_1                            = $0;
-  (* Removed from OpenSSL 1.0.1. Was $10000000L *)
-  SSL_OP_PKCS1_CHECK_2                            = $0;
-  (* Removed from OpenSSL 1.1.0. Was $20000000L *)
-  SSL_OP_NETSCAPE_CA_DN_BUG                       = $0;
-  (* Removed from OpenSSL 1.1.0. Was $40000000L *)
+  SSL_EXT_DTLS_ONLY = $0002;
+  (* Some extensions may be allowed in DTLS but we don't implement them for it *)
+  SSL_EXT_TLS_IMPLEMENTATION_ONLY = $0004;
+  (* Most extensions are not defined for SSLv3 but EXT_TYPE_renegotiate is *)
+  SSL_EXT_SSL3_ALLOWED = $0008;
+  (* Extension is only defined for TLS1.2 and below *)
+  SSL_EXT_TLS1_2_AND_BELOW_ONLY = $0010;
+  (* Extension is only defined for TLS1.3 and above *)
+  SSL_EXT_TLS1_3_ONLY = $0020;
+  (* Ignore this extension during parsing if we are resuming *)
+  SSL_EXT_IGNORE_ON_RESUMPTION = $0040;
+  SSL_EXT_CLIENT_HELLO = $0080;
+  (* Really means TLS1.2 or below *)
+  SSL_EXT_TLS1_2_SERVER_HELLO = $0100;
+  SSL_EXT_TLS1_3_SERVER_HELLO = $0200;
+  SSL_EXT_TLS1_3_ENCRYPTED_EXTENSIONS = $0400;
+  SSL_EXT_TLS1_3_HELLO_RETRY_REQUEST = $0800;
+  SSL_EXT_TLS1_3_CERTIFICATE = $1000;
+  SSL_EXT_TLS1_3_NEW_SESSION_TICKET = $2000;
+  SSL_EXT_TLS1_3_CERTIFICATE_REQUEST = $4000;
+
+  (*
+   * Some values are reserved until OpenSSL 1.2.0 because they were previously
+   * included in SSL_OP_ALL in a 1.1.x release.
+   *
+   * Reserved value (until OpenSSL 1.2.0)                  $00000001U
+   * Reserved value (until OpenSSL 1.2.0)                  $00000002U
+   *)
+  (* Allow initial connection to servers that don't support RI *)
+  SSL_OP_LEGACY_SERVER_CONNECT = TIdC_UINT($00000004);
+
+  (* Reserved value (until OpenSSL 1.2.0)                  $00000008U *)
+  SSL_OP_TLSEXT_PADDING =      TIdC_UINT($00000010);
+  (* Reserved value (until OpenSSL 1.2.0)                  $00000020U *)
+  SSL_OP_SAFARI_ECDHE_ECDSA_BUG = TIdC_UINT($00000040);
+  (*
+   * Reserved value (until OpenSSL 1.2.0)                  $00000080U
+   * Reserved value (until OpenSSL 1.2.0)                  $00000100U
+   * Reserved value (until OpenSSL 1.2.0)                  $00000200U
+   *)
+
+  (* In TLSv1.3 allow a non-(ec)dhe based kex_mode *)
+  SSL_OP_ALLOW_NO_DHE_KEX                         = TIdC_UINT($00000400);
+
+  (*
+   * Disable SSL 3.0/TLS 1.0 CBC vulnerability workaround that was added in
+   * OpenSSL 0.9.6d.  Usually (depending on the application protocol) the
+   * workaround is not needed.  Unfortunately some broken SSL/TLS
+   * implementations cannot handle it at all, which is why we include it in
+   * SSL_OP_ALL. Added in 0.9.6e
+   *)
+  SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS              = TIdC_UINT($00000800);
+
+  (* DTLS options *)
+  SSL_OP_NO_QUERY_MTU                             = TIdC_UINT($00001000);
+  (* Turn on Cookie Exchange (on relevant for servers) *)
+  SSL_OP_COOKIE_EXCHANGE                          = TIdC_UINT($00002000);
+  (* Don't use RFC4507 ticket extension *)
+  SSL_OP_NO_TICKET                                = TIdC_UINT($00004000);
+  (* Use Cisco's "speshul" version of DTLS_BAD_VER
+   * (only with deprecated DTLSv1_client_method())  *)
+  SSL_OP_CISCO_ANYCONNECT                        = TIdC_UINT($00008000);
+
+  (* As server, disallow session resumption on renegotiation *)
+  SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION   = TIdC_UINT($00010000);
+  (* Don't use compression even if supported *)
+  SSL_OP_NO_COMPRESSION                           = TIdC_UINT($00020000);
+  (* Permit unsafe legacy renegotiation *)
+  SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION        = TIdC_UINT($00040000);
+  (* Disable encrypt-then-mac *)
+  SSL_OP_NO_ENCRYPT_THEN_MAC                      = TIdC_UINT($00080000);
+
+  (*
+   * Enable TLSv1.3 Compatibility mode. This is on by default. A future version
+   * of OpenSSL may have this disabled by default.
+   *)
+  SSL_OP_ENABLE_MIDDLEBOX_COMPAT                  = TIdC_UINT($00100000);
+
+  (* Prioritize Chacha20Poly1305 when client does.
+   * Modifies SSL_OP_CIPHER_SERVER_PREFERENCE *)
+  SSL_OP_PRIORITIZE_CHACHA                        = TIdC_UINT($00200000);
+
+  (*
+   * Set on servers to choose the cipher according to the server's preferences
+   *)
+  SSL_OP_CIPHER_SERVER_PREFERENCE                 = TIdC_UINT($00400000);
+  (*
+   * If set, a server will allow a client to issue a SSLv3.0 version number as
+   * latest version supported in the premaster secret, even when TLSv1.0
+   * (version 3.1) was announced in the client hello. Normally this is
+   * forbidden to prevent version rollback attacks.
+   *)
+  SSL_OP_TLS_ROLLBACK_BUG                         = TIdC_UINT($00800000);
+
+  (*
+   * Switches off automatic TLSv1.3 anti-replay protection for early data. This
+   * is a server-side option only (no effect on the client).
+   *)
+  SSL_OP_NO_ANTI_REPLAY                           = TIdC_UINT($01000000);
+
+  SSL_OP_NO_SSLv3                                 = TIdC_UINT($02000000);
+  SSL_OP_NO_TLSv1                                 = TIdC_UINT($04000000);
+  SSL_OP_NO_TLSv1_2                               = TIdC_UINT($08000000);
+  SSL_OP_NO_TLSv1_1                               = TIdC_UINT($10000000);
+  SSL_OP_NO_TLSv1_3                               = TIdC_UINT($20000000);
+
+  SSL_OP_NO_DTLSv1                                = TIdC_UINT($04000000);
+  SSL_OP_NO_DTLSv1_2                              = TIdC_UINT($08000000);
+
+  SSL_OP_NO_SSL_MASK = SSL_OP_NO_SSLv3 or SSL_OP_NO_TLSv1 or SSL_OP_NO_TLSv1_1
+    or SSL_OP_NO_TLSv1_2 or SSL_OP_NO_TLSv1_3;
+  SSL_OP_NO_DTLS_MASK = SSL_OP_NO_DTLSv1 or SSL_OP_NO_DTLSv1_2;
+
+  (* Disallow all renegotiation *)
+  SSL_OP_NO_RENEGOTIATION                         = TIdC_UINT($40000000);
+
+  (*
+   * Make server add server-hello extension from early version of cryptopro
+   * draft, when GOST ciphersuite is negotiated. Required for interoperability
+   * with CryptoPro CSP 3.x
+   *)
+  SSL_OP_CRYPTOPRO_TLSEXT_BUG                     = TIdC_UINT($80000000);
+
+  (*
+   * SSL_OP_ALL: various bug workarounds that should be rather harmless.
+   * This used to be $000FFFFFL before 0.9.7.
+   * This used to be $80000BFFU before 1.1.1.
+   *)
+  SSL_OP_ALL = SSL_OP_CRYPTOPRO_TLSEXT_BUG or SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS
+    or SSL_OP_LEGACY_SERVER_CONNECT or SSL_OP_TLSEXT_PADDING or SSL_OP_SAFARI_ECDHE_ECDSA_BUG;
+
+  (* OBSOLETE OPTIONS: retained for compatibility *)
+
+  (* Removed from OpenSSL 1.1.0. Was $00000001L *)
+  (* Related to removed SSLv2. *)
+  SSL_OP_MICROSOFT_SESS_ID_BUG                    = $0;
+  (* Removed from OpenSSL 1.1.0. Was $00000002L *)
+  (* Related to removed SSLv2. *)
+  SSL_OP_NETSCAPE_CHALLENGE_BUG                   = $0;
+  (* Removed from OpenSSL 0.9.8q and 1.0.0c. Was $00000008L *)
+  (* Dead forever, see CVE-2010-4180 *)
+  SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG         = $0;
+  (* Removed from OpenSSL 1.0.1h and 1.0.2. Was $00000010L *)
+  (* Refers to ancient SSLREF and SSLv2. *)
+  SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG              = $0;
+  (* Removed from OpenSSL 1.1.0. Was $00000020 *)
+  SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER               = $0;
+  (* Removed from OpenSSL 0.9.7h and 0.9.8b. Was $00000040L *)
+  SSL_OP_MSIE_SSLV2_RSA_PADDING                   = $0;
+  (* Removed from OpenSSL 1.1.0. Was $00000080 *)
+  (* Ancient SSLeay version. *)
+  SSL_OP_SSLEAY_080_CLIENT_DH_BUG                 = $0;
+  (* Removed from OpenSSL 1.1.0. Was $00000100L *)
+  SSL_OP_TLS_D5_BUG                               = $0;
+  (* Removed from OpenSSL 1.1.0. Was $00000200L *)
+  SSL_OP_TLS_BLOCK_PADDING_BUG                    = $0;
+  (* Removed from OpenSSL 1.1.0. Was $00080000L *)
+  SSL_OP_SINGLE_ECDH_USE                          = $0;
+  (* Removed from OpenSSL 1.1.0. Was $00100000L *)
+  SSL_OP_SINGLE_DH_USE                            = $0;
+  (* Removed from OpenSSL 1.0.1k and 1.0.2. Was $00200000L *)
+  SSL_OP_EPHEMERAL_RSA                            = $0;
+  (* Removed from OpenSSL 1.1.0. Was $01000000L *)
+  SSL_OP_NO_SSLv2                                 = $0;
+  (* Removed from OpenSSL 1.0.1. Was $08000000L *)
+  SSL_OP_PKCS1_CHECK_1                            = $0;
+  (* Removed from OpenSSL 1.0.1. Was $10000000L *)
+  SSL_OP_PKCS1_CHECK_2                            = $0;
+  (* Removed from OpenSSL 1.1.0. Was $20000000L *)
+  SSL_OP_NETSCAPE_CA_DN_BUG                       = $0;
+  (* Removed from OpenSSL 1.1.0. Was $40000000L *)
   SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG          = $0;
-
-  (*
-   * Allow SSL_write(..., n) to return r with 0 < r < n (i.e. report success
-   * when just a single record has been written):
+
+  (*
+   * Allow SSL_write(..., n) to return r with 0 < r < n (i.e. report success
+   * when just a single record has been written):
+   *)
+  SSL_MODE_ENABLE_PARTIAL_WRITE = TIdC_UINT($00000001);
+  (*
+   * Make it possible to retry SSL_write() with changed buffer location (buffer
+   * contents must stay the same!); this is not the default to avoid the
+   * misconception that non-blocking SSL_write() behaves like non-blocking
+   * write():
+   *)
+  SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER = TIdC_UINT($00000002);
+  (*
+   * Never bother the application with retries if the transport is blocking:
+   *)
+  SSL_MODE_AUTO_RETRY = TIdC_UINT($00000004);
+  (* Don't attempt to automatically build certificate chain *)
+  SSL_MODE_NO_AUTO_CHAIN = TIdC_UINT($00000008);
+  (*
+   * Save RAM by releasing read and write buffers when they're empty. (SSL3 and
+   * TLS only.) Released buffers are freed.
+   *)
+  SSL_MODE_RELEASE_BUFFERS = TIdC_UINT($00000010);
+  (*
+   * Send the current time in the Random fields of the ClientHello and
+   * ServerHello records for compatibility with hypothetical implementations
+   * that require it.
+   *)
+  SSL_MODE_SEND_CLIENTHELLO_TIME = TIdC_UINT($00000020);
+  SSL_MODE_SEND_SERVERHELLO_TIME = TIdC_UINT($00000040);
+  (*
+   * Send TLS_FALLBACK_SCSV in the ClientHello. To be set only by applications
+   * that reconnect with a downgraded protocol version; see
+   * draft-ietf-tls-downgrade-scsv-00 for details. DO NOT ENABLE THIS if your
+   * application attempts a normal handshake. Only use this in explicit
+   * fallback retries, following the guidance in
+   * draft-ietf-tls-downgrade-scsv-00.
    *)
-  SSL_MODE_ENABLE_PARTIAL_WRITE = TIdC_UINT($00000001);
-  (*
-   * Make it possible to retry SSL_write() with changed buffer location (buffer
-   * contents must stay the same!); this is not the default to avoid the
-   * misconception that non-blocking SSL_write() behaves like non-blocking
-   * write():
+  SSL_MODE_SEND_FALLBACK_SCSV = TIdC_UINT($00000080);
+  (*
+   * Support Asynchronous operation
    *)
-  SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER = TIdC_UINT($00000002);
-  (*
-   * Never bother the application with retries if the transport is blocking:
-   *)
-  SSL_MODE_AUTO_RETRY = TIdC_UINT($00000004);
-  (* Don't attempt to automatically build certificate chain *)
-  SSL_MODE_NO_AUTO_CHAIN = TIdC_UINT($00000008);
-  (*
-   * Save RAM by releasing read and write buffers when they're empty. (SSL3 and
-   * TLS only.) Released buffers are freed.
-   *)
-  SSL_MODE_RELEASE_BUFFERS = TIdC_UINT($00000010);
-  (*
-   * Send the current time in the Random fields of the ClientHello and
-   * ServerHello records for compatibility with hypothetical implementations
-   * that require it.
-   *)
-  SSL_MODE_SEND_CLIENTHELLO_TIME = TIdC_UINT($00000020);
-  SSL_MODE_SEND_SERVERHELLO_TIME = TIdC_UINT($00000040);
-  (*
-   * Send TLS_FALLBACK_SCSV in the ClientHello. To be set only by applications
-   * that reconnect with a downgraded protocol version; see
-   * draft-ietf-tls-downgrade-scsv-00 for details. DO NOT ENABLE THIS if your
-   * application attempts a normal handshake. Only use this in explicit
-   * fallback retries, following the guidance in
-   * draft-ietf-tls-downgrade-scsv-00.
-   *)
-  SSL_MODE_SEND_FALLBACK_SCSV = TIdC_UINT($00000080);
-  (*
-   * Support Asynchronous operation
-   *)
-  SSL_MODE_ASYNC = TIdC_UINT($00000100);
-
-  (*
-   * When using DTLS/SCTP, include the terminating zero in the label
-   * used for computing the endpoint-pair shared secret. Required for
-   * interoperability with implementations having this bug like these
-   * older version of OpenSSL:
-   * - OpenSSL 1.0.0 series
-   * - OpenSSL 1.0.1 series
-   * - OpenSSL 1.0.2 series
-   * - OpenSSL 1.1.0 series
-   * - OpenSSL 1.1.1 and 1.1.1a
-   *)
-  SSL_MODE_DTLS_SCTP_LABEL_LENGTH_BUG = TIdC_UINT($00000400);
-
-  (* Cert related flags *)
-  (*
-   * Many implementations ignore some aspects of the TLS standards such as
-   * enforcing certificate chain algorithms. When this is set we enforce them.
-   *)
-  SSL_CERT_FLAG_TLS_STRICT = TIdC_UINT($00000001);
-  (* Suite B modes, takes same values as certificate verify flags *)
-  SSL_CERT_FLAG_SUITEB_128_LOS_ONLY = $10000;
-  (* Suite B 192 bit only mode *)
-  SSL_CERT_FLAG_SUITEB_192_LOS = $20000;
-  (* Suite B 128 bit mode allowing 192 bit algorithms *)
-  SSL_CERT_FLAG_SUITEB_128_LOS = $30000;
-
-  (* Perform all sorts of protocol violations for testing purposes *)
-  SSL_CERT_FLAG_BROKEN_PROTOCOL = $10000000;
-
-  (* Flags for building certificate chains *)
-  (* Treat any existing certificates as untrusted CAs *)
-  SSL_BUILD_CHAIN_FLAG_UNTRUSTED = $1;
-  (* Don't include root CA in chain *)
-  SSL_BUILD_CHAIN_FLAG_NO_ROOT = $2;
-  (* Just check certificates already there *)
-  SSL_BUILD_CHAIN_FLAG_CHECK = $4;
-  (* Ignore verification errors *)
-  SSL_BUILD_CHAIN_FLAG_IGNORE_ERROR = $8;
-  (* Clear verification errors from queue *)
-  SSL_BUILD_CHAIN_FLAG_CLEAR_ERROR = $10;
-
-  (* Flags returned by SSL_check_chain *)
-  (* Certificate can be used with this session *)
-  CERT_PKEY_VALID = $1;
-  (* Certificate can also be used for signing *)
-  CERT_PKEY_SIGN = $2;
-  (* EE certificate signing algorithm OK *)
-  CERT_PKEY_EE_SIGNATURE = $10;
-  (* CA signature algorithms OK *)
-  CERT_PKEY_CA_SIGNATURE = $20;
-  (* EE certificate parameters OK *)
-  CERT_PKEY_EE_PARAM = $40;
-  (* CA certificate parameters OK *)
-  CERT_PKEY_CA_PARAM = $80;
-  (* Signing explicitly allowed as opposed to SHA1 fallback *)
-  CERT_PKEY_EXPLICIT_SIGN = $100;
-  (* Client CA issuer names match (always set for server cert) *)
-  CERT_PKEY_ISSUER_NAME = $200;
-  (* Cert type matches client types (always set for server cert) *)
-  CERT_PKEY_CERT_TYPE = $400;
-  (* Cert chain suitable to Suite B *)
-  CERT_PKEY_SUITEB = $800;
-
-  SSL_CONF_FLAG_CMDLINE = $1;
-  SSL_CONF_FLAG_FILE = $2;
-  SSL_CONF_FLAG_CLIENT = $4;
-  SSL_CONF_FLAG_SERVER = $8;
-  SSL_CONF_FLAG_SHOW_ERRORS = $10;
-  SSL_CONF_FLAG_CERTIFICATE = $20;
-  SSL_CONF_FLAG_REQUIRE_PRIVATE = $40;
-  (* Configuration value types *)
-  SSL_CONF_TYPE_UNKNOWN = $0;
-  SSL_CONF_TYPE_STRING = $1;
-  SSL_CONF_TYPE_FILE = $2;
-  SSL_CONF_TYPE_DIR = $3;
-  SSL_CONF_TYPE_NONE = $4;
-
-  (* Maximum length of the application-controlled segment of a a TLSv1.3 cookie *)
+  SSL_MODE_ASYNC = TIdC_UINT($00000100);
+
+  (*
+   * When using DTLS/SCTP, include the terminating zero in the label
+   * used for computing the endpoint-pair shared secret. Required for
+   * interoperability with implementations having this bug like these
+   * older version of OpenSSL:
+   * - OpenSSL 1.0.0 series
+   * - OpenSSL 1.0.1 series
+   * - OpenSSL 1.0.2 series
+   * - OpenSSL 1.1.0 series
+   * - OpenSSL 1.1.1 and 1.1.1a
+   *)
+  SSL_MODE_DTLS_SCTP_LABEL_LENGTH_BUG = TIdC_UINT($00000400);
+
+  (* Cert related flags *)
+  (*
+   * Many implementations ignore some aspects of the TLS standards such as
+   * enforcing certificate chain algorithms. When this is set we enforce them.
+   *)
+  SSL_CERT_FLAG_TLS_STRICT = TIdC_UINT($00000001);
+  (* Suite B modes, takes same values as certificate verify flags *)
+  SSL_CERT_FLAG_SUITEB_128_LOS_ONLY = $10000;
+  (* Suite B 192 bit only mode *)
+  SSL_CERT_FLAG_SUITEB_192_LOS = $20000;
+  (* Suite B 128 bit mode allowing 192 bit algorithms *)
+  SSL_CERT_FLAG_SUITEB_128_LOS = $30000;
+
+  (* Perform all sorts of protocol violations for testing purposes *)
+  SSL_CERT_FLAG_BROKEN_PROTOCOL = $10000000;
+
+  (* Flags for building certificate chains *)
+  (* Treat any existing certificates as untrusted CAs *)
+  SSL_BUILD_CHAIN_FLAG_UNTRUSTED = $1;
+  (* Don't include root CA in chain *)
+  SSL_BUILD_CHAIN_FLAG_NO_ROOT = $2;
+  (* Just check certificates already there *)
+  SSL_BUILD_CHAIN_FLAG_CHECK = $4;
+  (* Ignore verification errors *)
+  SSL_BUILD_CHAIN_FLAG_IGNORE_ERROR = $8;
+  (* Clear verification errors from queue *)
+  SSL_BUILD_CHAIN_FLAG_CLEAR_ERROR = $10;
+
+  (* Flags returned by SSL_check_chain *)
+  (* Certificate can be used with this session *)
+  CERT_PKEY_VALID = $1;
+  (* Certificate can also be used for signing *)
+  CERT_PKEY_SIGN = $2;
+  (* EE certificate signing algorithm OK *)
+  CERT_PKEY_EE_SIGNATURE = $10;
+  (* CA signature algorithms OK *)
+  CERT_PKEY_CA_SIGNATURE = $20;
+  (* EE certificate parameters OK *)
+  CERT_PKEY_EE_PARAM = $40;
+  (* CA certificate parameters OK *)
+  CERT_PKEY_CA_PARAM = $80;
+  (* Signing explicitly allowed as opposed to SHA1 fallback *)
+  CERT_PKEY_EXPLICIT_SIGN = $100;
+  (* Client CA issuer names match (always set for server cert) *)
+  CERT_PKEY_ISSUER_NAME = $200;
+  (* Cert type matches client types (always set for server cert) *)
+  CERT_PKEY_CERT_TYPE = $400;
+  (* Cert chain suitable to Suite B *)
+  CERT_PKEY_SUITEB = $800;
+
+  SSL_CONF_FLAG_CMDLINE = $1;
+  SSL_CONF_FLAG_FILE = $2;
+  SSL_CONF_FLAG_CLIENT = $4;
+  SSL_CONF_FLAG_SERVER = $8;
+  SSL_CONF_FLAG_SHOW_ERRORS = $10;
+  SSL_CONF_FLAG_CERTIFICATE = $20;
+  SSL_CONF_FLAG_REQUIRE_PRIVATE = $40;
+  (* Configuration value types *)
+  SSL_CONF_TYPE_UNKNOWN = $0;
+  SSL_CONF_TYPE_STRING = $1;
+  SSL_CONF_TYPE_FILE = $2;
+  SSL_CONF_TYPE_DIR = $3;
+  SSL_CONF_TYPE_NONE = $4;
+
+  (* Maximum length of the application-controlled segment of a a TLSv1.3 cookie *)
   SSL_COOKIE_LENGTH = 4096;
-
+
   (* 100k max cert list *)
   SSL_MAX_CERT_LIST_DEFAULT = 1024 * 100;
   SSL_SESSION_CACHE_MAX_SIZE_DEFAULT = 1024 * 20;
 
   SSL_SESS_CACHE_OFF = $0000;
-  SSL_SESS_CACHE_CLIENT = $0001;
-  SSL_SESS_CACHE_SERVER = $0002;
-  SSL_SESS_CACHE_BOTH = (SSL_SESS_CACHE_CLIENT or SSL_SESS_CACHE_SERVER);
-  SSL_SESS_CACHE_NO_AUTO_CLEAR = $0080;
-  (* enough comments already ... see SSL_CTX_set_session_cache_mode(3) *)
-  SSL_SESS_CACHE_NO_INTERNAL_LOOKUP = $0100;
-  SSL_SESS_CACHE_NO_INTERNAL_STORE = $0200;
+  SSL_SESS_CACHE_CLIENT = $0001;
+  SSL_SESS_CACHE_SERVER = $0002;
+  SSL_SESS_CACHE_BOTH = (SSL_SESS_CACHE_CLIENT or SSL_SESS_CACHE_SERVER);
+  SSL_SESS_CACHE_NO_AUTO_CLEAR = $0080;
+  (* enough comments already ... see SSL_CTX_set_session_cache_mode(3) *)
+  SSL_SESS_CACHE_NO_INTERNAL_LOOKUP = $0100;
+  SSL_SESS_CACHE_NO_INTERNAL_STORE = $0200;
   SSL_SESS_CACHE_NO_INTERNAL = (SSL_SESS_CACHE_NO_INTERNAL_LOOKUP or SSL_SESS_CACHE_NO_INTERNAL_STORE);
 
   OPENSSL_NPN_UNSUPPORTED = 0;
-  OPENSSL_NPN_NEGOTIATED = 1;
+  OPENSSL_NPN_NEGOTIATED = 1;
   OPENSSL_NPN_NO_OVERLAP = 2;
-
-  (*
-   * the maximum length of the buffer given to callbacks containing the
-   * resulting identity/psk
+
+  (*
+   * the maximum length of the buffer given to callbacks containing the
+   * resulting identity/psk
    *)
-  PSK_MAX_IDENTITY_LEN = 128;
+  PSK_MAX_IDENTITY_LEN = 128;
   PSK_MAX_PSK_LEN = 256;
 
   SSL_NOTHING = 1;
-  SSL_WRITING = 2;
-  SSL_READING = 3;
-  SSL_X509_LOOKUP = 4;
-  SSL_ASYNC_PAUSED = 5;
-  SSL_ASYNC_NO_JOBS = 6;
+  SSL_WRITING = 2;
+  SSL_READING = 3;
+  SSL_X509_LOOKUP = 4;
+  SSL_ASYNC_PAUSED = 5;
+  SSL_ASYNC_NO_JOBS = 6;
   SSL_CLIENT_HELLO_CB = 7;
 
   SSL_MAC_FLAG_READ_MAC_STREAM = 1;
@@ -541,9 +541,9 @@ interface
 
   (* TLSv1.3 KeyUpdate message types *)
   (* -1 used so that this is an invalid value for the on-the-wire protocol *)
-  SSL_KEY_UPDATE_NONE = -1;
+  SSL_KEY_UPDATE_NONE = -1;
   (* Values as defined for the on-the-wire protocol *)
-  SSL_KEY_UPDATE_NOT_REQUESTED = 0;
+  SSL_KEY_UPDATE_NOT_REQUESTED = 0;
   SSL_KEY_UPDATE_REQUESTED = 1;
 
   (*
@@ -554,237 +554,237 @@ interface
    * SSL_CB_ACCEPT_EXIT, SSL_CB_CONNECT_LOOP and SSL_CB_CONNECT_EXIT.
    *)
   SSL_ST_CONNECT = $1000;
-  SSL_ST_ACCEPT = $2000;
-  
-  SSL_ST_MASK = $0FFF;
-  
-  SSL_CB_LOOP = $01;
-  SSL_CB_EXIT = $02;
-  SSL_CB_READ = $04;
-  SSL_CB_WRITE = $08;
-  SSL_CB_ALERT = $4000;
-  SSL_CB_READ_ALERT = SSL_CB_ALERT or SSL_CB_READ;
-  SSL_CB_WRITE_ALERT = SSL_CB_ALERT or SSL_CB_WRITE;
-  SSL_CB_ACCEPT_LOOP = SSL_ST_ACCEPT or SSL_CB_LOOP;
-  SSL_CB_ACCEPT_EXIT = SSL_ST_ACCEPT or SSL_CB_EXIT;
-  SSL_CB_CONNECT_LOOP = SSL_ST_CONNECT or SSL_CB_LOOP;
-  SSL_CB_CONNECT_EXIT = SSL_ST_CONNECT or SSL_CB_EXIT;
-  SSL_CB_HANDSHAKE_START = $10;
-  SSL_CB_HANDSHAKE_DONE = $20;
-
-  (*
-   * The following 3 states are kept in ssl->rlayer.rstate when reads fail, you
-   * should not need these
-   *)
-  SSL_ST_READ_HEADER = $F0;
-  SSL_ST_READ_BODY = $F1;
-  SSL_ST_READ_DONE = $F2;
-
-  (*
-   * use either SSL_VERIFY_NONE or SSL_VERIFY_PEER, the last 3 options are
-   * 'ored' with SSL_VERIFY_PEER if they are desired
-   *)
-  SSL_VERIFY_NONE = $00;
-  SSL_VERIFY_PEER = $01;
-  SSL_VERIFY_FAIL_IF_NO_PEER_CERT = $02;
-  SSL_VERIFY_CLIENT_ONCE = $04;
+  SSL_ST_ACCEPT = $2000;
+  
+  SSL_ST_MASK = $0FFF;
+  
+  SSL_CB_LOOP = $01;
+  SSL_CB_EXIT = $02;
+  SSL_CB_READ = $04;
+  SSL_CB_WRITE = $08;
+  SSL_CB_ALERT = $4000;
+  SSL_CB_READ_ALERT = SSL_CB_ALERT or SSL_CB_READ;
+  SSL_CB_WRITE_ALERT = SSL_CB_ALERT or SSL_CB_WRITE;
+  SSL_CB_ACCEPT_LOOP = SSL_ST_ACCEPT or SSL_CB_LOOP;
+  SSL_CB_ACCEPT_EXIT = SSL_ST_ACCEPT or SSL_CB_EXIT;
+  SSL_CB_CONNECT_LOOP = SSL_ST_CONNECT or SSL_CB_LOOP;
+  SSL_CB_CONNECT_EXIT = SSL_ST_CONNECT or SSL_CB_EXIT;
+  SSL_CB_HANDSHAKE_START = $10;
+  SSL_CB_HANDSHAKE_DONE = $20;
+
+  (*
+   * The following 3 states are kept in ssl->rlayer.rstate when reads fail, you
+   * should not need these
+   *)
+  SSL_ST_READ_HEADER = $F0;
+  SSL_ST_READ_BODY = $F1;
+  SSL_ST_READ_DONE = $F2;
+
+  (*
+   * use either SSL_VERIFY_NONE or SSL_VERIFY_PEER, the last 3 options are
+   * 'ored' with SSL_VERIFY_PEER if they are desired
+   *)
+  SSL_VERIFY_NONE = $00;
+  SSL_VERIFY_PEER = $01;
+  SSL_VERIFY_FAIL_IF_NO_PEER_CERT = $02;
+  SSL_VERIFY_CLIENT_ONCE = $04;
   SSL_VERIFY_POST_HANDSHAKE = $08;
-
-  SSL_AD_REASON_OFFSET = 1000; (* offset to get SSL_R_... value
-                                * from SSL_AD_... *)
+
+  SSL_AD_REASON_OFFSET = 1000; (* offset to get SSL_R_... value
+                                * from SSL_AD_... *)
   (* These alert types are for SSLv3 and TLSv1 *)
-  SSL_AD_CLOSE_NOTIFY = SSL3_AD_CLOSE_NOTIFY;
+  SSL_AD_CLOSE_NOTIFY = SSL3_AD_CLOSE_NOTIFY;
+  (* fatal *)
+  SSL_AD_UNEXPECTED_MESSAGE = SSL3_AD_UNEXPECTED_MESSAGE;
+  (* fatal *)
+  SSL_AD_BAD_RECORD_MAC = SSL3_AD_BAD_RECORD_MAC;
+  SSL_AD_DECRYPTION_FAILED = TLS1_AD_DECRYPTION_FAILED;
+  SSL_AD_RECORD_OVERFLOW = TLS1_AD_RECORD_OVERFLOW;
+  (* fatal *)
+  SSL_AD_DECOMPRESSION_FAILURE = SSL3_AD_DECOMPRESSION_FAILURE;
+  (* fatal *)
+  SSL_AD_HANDSHAKE_FAILURE = SSL3_AD_HANDSHAKE_FAILURE;
+  (* Not for TLS *)
+  SSL_AD_NO_CERTIFICATE = SSL3_AD_NO_CERTIFICATE;
+  SSL_AD_BAD_CERTIFICATE = SSL3_AD_BAD_CERTIFICATE;
+  SSL_AD_UNSUPPORTED_CERTIFICATE = SSL3_AD_UNSUPPORTED_CERTIFICATE;
+  SSL_AD_CERTIFICATE_REVOKED = SSL3_AD_CERTIFICATE_REVOKED;
+  SSL_AD_CERTIFICATE_EXPIRED = SSL3_AD_CERTIFICATE_EXPIRED;
+  SSL_AD_CERTIFICATE_UNKNOWN = SSL3_AD_CERTIFICATE_UNKNOWN;
+  (* fatal *)
+  SSL_AD_ILLEGAL_PARAMETER = SSL3_AD_ILLEGAL_PARAMETER;
   (* fatal *)
-  SSL_AD_UNEXPECTED_MESSAGE = SSL3_AD_UNEXPECTED_MESSAGE;
-  (* fatal *)
-  SSL_AD_BAD_RECORD_MAC = SSL3_AD_BAD_RECORD_MAC;
-  SSL_AD_DECRYPTION_FAILED = TLS1_AD_DECRYPTION_FAILED;
-  SSL_AD_RECORD_OVERFLOW = TLS1_AD_RECORD_OVERFLOW;
-  (* fatal *)
-  SSL_AD_DECOMPRESSION_FAILURE = SSL3_AD_DECOMPRESSION_FAILURE;
-  (* fatal *)
-  SSL_AD_HANDSHAKE_FAILURE = SSL3_AD_HANDSHAKE_FAILURE;
-  (* Not for TLS *)
-  SSL_AD_NO_CERTIFICATE = SSL3_AD_NO_CERTIFICATE;
-  SSL_AD_BAD_CERTIFICATE = SSL3_AD_BAD_CERTIFICATE;
-  SSL_AD_UNSUPPORTED_CERTIFICATE = SSL3_AD_UNSUPPORTED_CERTIFICATE;
-  SSL_AD_CERTIFICATE_REVOKED = SSL3_AD_CERTIFICATE_REVOKED;
-  SSL_AD_CERTIFICATE_EXPIRED = SSL3_AD_CERTIFICATE_EXPIRED;
-  SSL_AD_CERTIFICATE_UNKNOWN = SSL3_AD_CERTIFICATE_UNKNOWN;
-  (* fatal *)
-  SSL_AD_ILLEGAL_PARAMETER = SSL3_AD_ILLEGAL_PARAMETER;
-  (* fatal *)
-  SSL_AD_UNKNOWN_CA = TLS1_AD_UNKNOWN_CA;
-  (* fatal *)
-  SSL_AD_ACCESS_DENIED = TLS1_AD_ACCESS_DENIED;
-  (* fatal *)
-  SSL_AD_DECODE_ERROR = TLS1_AD_DECODE_ERROR;
-  SSL_AD_DECRYPT_ERROR = TLS1_AD_DECRYPT_ERROR;
-  (* fatal *)
-  SSL_AD_EXPORT_RESTRICTION = TLS1_AD_EXPORT_RESTRICTION;
-  (* fatal *)
-  SSL_AD_PROTOCOL_VERSION = TLS1_AD_PROTOCOL_VERSION;
-  (* fatal *)
-  SSL_AD_INSUFFICIENT_SECURITY = TLS1_AD_INSUFFICIENT_SECURITY;
-  (* fatal *)
-  SSL_AD_INTERNAL_ERROR = TLS1_AD_INTERNAL_ERROR;
-  SSL_AD_USER_CANCELLED = TLS1_AD_USER_CANCELLED;
-  SSL_AD_NO_RENEGOTIATION = TLS1_AD_NO_RENEGOTIATION;
-  SSL_AD_MISSING_EXTENSION = TLS13_AD_MISSING_EXTENSION;
-  SSL_AD_CERTIFICATE_REQUIRED = TLS13_AD_CERTIFICATE_REQUIRED;
-  SSL_AD_UNSUPPORTED_EXTENSION = TLS1_AD_UNSUPPORTED_EXTENSION;
-  SSL_AD_CERTIFICATE_UNOBTAINABLE = TLS1_AD_CERTIFICATE_UNOBTAINABLE;
-  SSL_AD_UNRECOGNIZED_NAME = TLS1_AD_UNRECOGNIZED_NAME;
-  SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE = TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE;
-  SSL_AD_BAD_CERTIFICATE_HASH_VALUE = TLS1_AD_BAD_CERTIFICATE_HASH_VALUE;
-  (* fatal *)
-  SSL_AD_UNKNOWN_PSK_IDENTITY = TLS1_AD_UNKNOWN_PSK_IDENTITY;
-  (* fatal *)
-  SSL_AD_INAPPROPRIATE_FALLBACK = TLS1_AD_INAPPROPRIATE_FALLBACK;
-  SSL_AD_NO_APPLICATION_PROTOCOL = TLS1_AD_NO_APPLICATION_PROTOCOL;
-  SSL_ERROR_NONE = 0;
-  SSL_ERROR_SSL = 1;
-  SSL_ERROR_WANT_READ = 2;
-  SSL_ERROR_WANT_WRITE = 3;
-  SSL_ERROR_WANT_X509_LOOKUP = 4;
-  SSL_ERROR_SYSCALL = 5; (* look at error stack/return
-                          * value/errno *)
-  SSL_ERROR_ZERO_RETURN = 6;
-  SSL_ERROR_WANT_CONNECT = 7;
-  SSL_ERROR_WANT_ACCEPT = 8;
-  SSL_ERROR_WANT_ASYNC = 9;
-  SSL_ERROR_WANT_ASYNC_JOB = 10;
-  SSL_ERROR_WANT_CLIENT_HELLO_CB = 11;
-  SSL_CTRL_SET_TMP_DH = 3;
-  SSL_CTRL_SET_TMP_ECDH = 4;
-  SSL_CTRL_SET_TMP_DH_CB = 6;
-  SSL_CTRL_GET_CLIENT_CERT_REQUEST = 9;
-  SSL_CTRL_GET_NUM_RENEGOTIATIONS = 10;
-  SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS = 11;
-  SSL_CTRL_GET_TOTAL_RENEGOTIATIONS = 12;
-  SSL_CTRL_GET_FLAGS = 13;
-  SSL_CTRL_EXTRA_CHAIN_CERT = 14;
-  SSL_CTRL_SET_MSG_CALLBACK = 15;
-  SSL_CTRL_SET_MSG_CALLBACK_ARG = 16;
-  (* only applies to datagram connections *)
-  SSL_CTRL_SET_MTU = 17;
-  (* Stats *)
-  SSL_CTRL_SESS_NUMBER = 20;
-  SSL_CTRL_SESS_CONNECT = 21;
-  SSL_CTRL_SESS_CONNECT_GOOD = 22;
-  SSL_CTRL_SESS_CONNECT_RENEGOTIATE = 23;
-  SSL_CTRL_SESS_ACCEPT = 24;
-  SSL_CTRL_SESS_ACCEPT_GOOD = 25;
-  SSL_CTRL_SESS_ACCEPT_RENEGOTIATE = 26;
-  SSL_CTRL_SESS_HIT = 27;
-  SSL_CTRL_SESS_CB_HIT = 28;
-  SSL_CTRL_SESS_MISSES = 29;
-  SSL_CTRL_SESS_TIMEOUTS = 30;
-  SSL_CTRL_SESS_CACHE_FULL = 31;
-  SSL_CTRL_MODE = 33;
-  SSL_CTRL_GET_READ_AHEAD = 40;
-  SSL_CTRL_SET_READ_AHEAD = 41;
-  SSL_CTRL_SET_SESS_CACHE_SIZE = 42;
-  SSL_CTRL_GET_SESS_CACHE_SIZE = 43;
-  SSL_CTRL_SET_SESS_CACHE_MODE = 44;
-  SSL_CTRL_GET_SESS_CACHE_MODE = 45;
-  SSL_CTRL_GET_MAX_CERT_LIST = 50;
-  SSL_CTRL_SET_MAX_CERT_LIST = 51;
-  SSL_CTRL_SET_MAX_SEND_FRAGMENT = 52;
-  (* see tls1.h for macros based on these *)
-  SSL_CTRL_SET_TLSEXT_SERVERNAME_CB = 53;
-  SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG = 54;
-  SSL_CTRL_SET_TLSEXT_HOSTNAME = 55;
-  SSL_CTRL_SET_TLSEXT_DEBUG_CB = 56;
-  SSL_CTRL_SET_TLSEXT_DEBUG_ARG = 57;
-  SSL_CTRL_GET_TLSEXT_TICKET_KEYS = 58;
-  SSL_CTRL_SET_TLSEXT_TICKET_KEYS = 59;
-  SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB = 63;
-  SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG = 64;
-  SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE = 65;
-  SSL_CTRL_GET_TLSEXT_STATUS_REQ_EXTS = 66;
-  SSL_CTRL_SET_TLSEXT_STATUS_REQ_EXTS = 67;
-  SSL_CTRL_GET_TLSEXT_STATUS_REQ_IDS = 68;
-  SSL_CTRL_SET_TLSEXT_STATUS_REQ_IDS = 69;
-  SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP = 70;
-  SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP = 71;
-  SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB = 72;
-  SSL_CTRL_SET_TLS_EXT_SRP_USERNAME_CB = 75;
-  SSL_CTRL_SET_SRP_VERIFY_PARAM_CB = 76;
-  SSL_CTRL_SET_SRP_GIVE_CLIENT_PWD_CB = 77;
-  SSL_CTRL_SET_SRP_ARG = 78;
-  SSL_CTRL_SET_TLS_EXT_SRP_USERNAME = 79;
-  SSL_CTRL_SET_TLS_EXT_SRP_STRENGTH = 80;
-  SSL_CTRL_SET_TLS_EXT_SRP_PASSWORD = 81;
-  SSL_CTRL_DTLS_EXT_SEND_HEARTBEAT = 85;
-  SSL_CTRL_GET_DTLS_EXT_HEARTBEAT_PENDING = 86;
-  SSL_CTRL_SET_DTLS_EXT_HEARTBEAT_NO_REQUESTS = 87;
-  DTLS_CTRL_GET_TIMEOUT = 73;
-  DTLS_CTRL_HANDLE_TIMEOUT = 74;
-  SSL_CTRL_GET_RI_SUPPORT = 76;
-  SSL_CTRL_CLEAR_MODE = 78;
-  SSL_CTRL_SET_NOT_RESUMABLE_SESS_CB = 79;
-  SSL_CTRL_GET_EXTRA_CHAIN_CERTS = 82;
-  SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS = 83;
-  SSL_CTRL_CHAIN = 88;
-  SSL_CTRL_CHAIN_CERT = 89;
-  SSL_CTRL_GET_GROUPS = 90;
-  SSL_CTRL_SET_GROUPS = 91;
-  SSL_CTRL_SET_GROUPS_LIST = 92;
-  SSL_CTRL_GET_SHARED_GROUP = 93;
-  SSL_CTRL_SET_SIGALGS = 97;
-  SSL_CTRL_SET_SIGALGS_LIST = 98;
-  SSL_CTRL_CERT_FLAGS = 99;
-  SSL_CTRL_CLEAR_CERT_FLAGS = 100;
-  SSL_CTRL_SET_CLIENT_SIGALGS = 101;
-  SSL_CTRL_SET_CLIENT_SIGALGS_LIST = 102;
-  SSL_CTRL_GET_CLIENT_CERT_TYPES = 103;
-  SSL_CTRL_SET_CLIENT_CERT_TYPES = 104;
-  SSL_CTRL_BUILD_CERT_CHAIN = 105;
-  SSL_CTRL_SET_VERIFY_CERT_STORE = 106;
-  SSL_CTRL_SET_CHAIN_CERT_STORE = 107;
-  SSL_CTRL_GET_PEER_SIGNATURE_NID = 108;
-  SSL_CTRL_GET_PEER_TMP_KEY = 109;
-  SSL_CTRL_GET_RAW_CIPHERLIST = 110;
-  SSL_CTRL_GET_EC_POINT_FORMATS = 111;
-  SSL_CTRL_GET_CHAIN_CERTS = 115;
-  SSL_CTRL_SELECT_CURRENT_CERT = 116;
-  SSL_CTRL_SET_CURRENT_CERT = 117;
-  SSL_CTRL_SET_DH_AUTO = 118;
-  DTLS_CTRL_SET_LINK_MTU = 120;
-  DTLS_CTRL_GET_LINK_MIN_MTU = 121;
-  SSL_CTRL_GET_EXTMS_SUPPORT = 122;
-  SSL_CTRL_SET_MIN_PROTO_VERSION = 123;
-  SSL_CTRL_SET_MAX_PROTO_VERSION = 124;
-  SSL_CTRL_SET_SPLIT_SEND_FRAGMENT = 125;
-  SSL_CTRL_SET_MAX_PIPELINES = 126;
-  SSL_CTRL_GET_TLSEXT_STATUS_REQ_TYPE = 127;
-  SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB = 128;
-  SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB_ARG = 129;
-  SSL_CTRL_GET_MIN_PROTO_VERSION = 130;
-  SSL_CTRL_GET_MAX_PROTO_VERSION = 131;
-  SSL_CTRL_GET_SIGNATURE_NID = 132;
-  SSL_CTRL_GET_TMP_KEY = 133;
-  SSL_CERT_SET_FIRST = 1;
-  SSL_CERT_SET_NEXT = 2;
+  SSL_AD_UNKNOWN_CA = TLS1_AD_UNKNOWN_CA;
+  (* fatal *)
+  SSL_AD_ACCESS_DENIED = TLS1_AD_ACCESS_DENIED;
+  (* fatal *)
+  SSL_AD_DECODE_ERROR = TLS1_AD_DECODE_ERROR;
+  SSL_AD_DECRYPT_ERROR = TLS1_AD_DECRYPT_ERROR;
+  (* fatal *)
+  SSL_AD_EXPORT_RESTRICTION = TLS1_AD_EXPORT_RESTRICTION;
+  (* fatal *)
+  SSL_AD_PROTOCOL_VERSION = TLS1_AD_PROTOCOL_VERSION;
+  (* fatal *)
+  SSL_AD_INSUFFICIENT_SECURITY = TLS1_AD_INSUFFICIENT_SECURITY;
+  (* fatal *)
+  SSL_AD_INTERNAL_ERROR = TLS1_AD_INTERNAL_ERROR;
+  SSL_AD_USER_CANCELLED = TLS1_AD_USER_CANCELLED;
+  SSL_AD_NO_RENEGOTIATION = TLS1_AD_NO_RENEGOTIATION;
+  SSL_AD_MISSING_EXTENSION = TLS13_AD_MISSING_EXTENSION;
+  SSL_AD_CERTIFICATE_REQUIRED = TLS13_AD_CERTIFICATE_REQUIRED;
+  SSL_AD_UNSUPPORTED_EXTENSION = TLS1_AD_UNSUPPORTED_EXTENSION;
+  SSL_AD_CERTIFICATE_UNOBTAINABLE = TLS1_AD_CERTIFICATE_UNOBTAINABLE;
+  SSL_AD_UNRECOGNIZED_NAME = TLS1_AD_UNRECOGNIZED_NAME;
+  SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE = TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE;
+  SSL_AD_BAD_CERTIFICATE_HASH_VALUE = TLS1_AD_BAD_CERTIFICATE_HASH_VALUE;
+  (* fatal *)
+  SSL_AD_UNKNOWN_PSK_IDENTITY = TLS1_AD_UNKNOWN_PSK_IDENTITY;
+  (* fatal *)
+  SSL_AD_INAPPROPRIATE_FALLBACK = TLS1_AD_INAPPROPRIATE_FALLBACK;
+  SSL_AD_NO_APPLICATION_PROTOCOL = TLS1_AD_NO_APPLICATION_PROTOCOL;
+  SSL_ERROR_NONE = 0;
+  SSL_ERROR_SSL = 1;
+  SSL_ERROR_WANT_READ = 2;
+  SSL_ERROR_WANT_WRITE = 3;
+  SSL_ERROR_WANT_X509_LOOKUP = 4;
+  SSL_ERROR_SYSCALL = 5; (* look at error stack/return
+                          * value/errno *)
+  SSL_ERROR_ZERO_RETURN = 6;
+  SSL_ERROR_WANT_CONNECT = 7;
+  SSL_ERROR_WANT_ACCEPT = 8;
+  SSL_ERROR_WANT_ASYNC = 9;
+  SSL_ERROR_WANT_ASYNC_JOB = 10;
+  SSL_ERROR_WANT_CLIENT_HELLO_CB = 11;
+  SSL_CTRL_SET_TMP_DH = 3;
+  SSL_CTRL_SET_TMP_ECDH = 4;
+  SSL_CTRL_SET_TMP_DH_CB = 6;
+  SSL_CTRL_GET_CLIENT_CERT_REQUEST = 9;
+  SSL_CTRL_GET_NUM_RENEGOTIATIONS = 10;
+  SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS = 11;
+  SSL_CTRL_GET_TOTAL_RENEGOTIATIONS = 12;
+  SSL_CTRL_GET_FLAGS = 13;
+  SSL_CTRL_EXTRA_CHAIN_CERT = 14;
+  SSL_CTRL_SET_MSG_CALLBACK = 15;
+  SSL_CTRL_SET_MSG_CALLBACK_ARG = 16;
+  (* only applies to datagram connections *)
+  SSL_CTRL_SET_MTU = 17;
+  (* Stats *)
+  SSL_CTRL_SESS_NUMBER = 20;
+  SSL_CTRL_SESS_CONNECT = 21;
+  SSL_CTRL_SESS_CONNECT_GOOD = 22;
+  SSL_CTRL_SESS_CONNECT_RENEGOTIATE = 23;
+  SSL_CTRL_SESS_ACCEPT = 24;
+  SSL_CTRL_SESS_ACCEPT_GOOD = 25;
+  SSL_CTRL_SESS_ACCEPT_RENEGOTIATE = 26;
+  SSL_CTRL_SESS_HIT = 27;
+  SSL_CTRL_SESS_CB_HIT = 28;
+  SSL_CTRL_SESS_MISSES = 29;
+  SSL_CTRL_SESS_TIMEOUTS = 30;
+  SSL_CTRL_SESS_CACHE_FULL = 31;
+  SSL_CTRL_MODE = 33;
+  SSL_CTRL_GET_READ_AHEAD = 40;
+  SSL_CTRL_SET_READ_AHEAD = 41;
+  SSL_CTRL_SET_SESS_CACHE_SIZE = 42;
+  SSL_CTRL_GET_SESS_CACHE_SIZE = 43;
+  SSL_CTRL_SET_SESS_CACHE_MODE = 44;
+  SSL_CTRL_GET_SESS_CACHE_MODE = 45;
+  SSL_CTRL_GET_MAX_CERT_LIST = 50;
+  SSL_CTRL_SET_MAX_CERT_LIST = 51;
+  SSL_CTRL_SET_MAX_SEND_FRAGMENT = 52;
+  (* see tls1.h for macros based on these *)
+  SSL_CTRL_SET_TLSEXT_SERVERNAME_CB = 53;
+  SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG = 54;
+  SSL_CTRL_SET_TLSEXT_HOSTNAME = 55;
+  SSL_CTRL_SET_TLSEXT_DEBUG_CB = 56;
+  SSL_CTRL_SET_TLSEXT_DEBUG_ARG = 57;
+  SSL_CTRL_GET_TLSEXT_TICKET_KEYS = 58;
+  SSL_CTRL_SET_TLSEXT_TICKET_KEYS = 59;
+  SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB = 63;
+  SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG = 64;
+  SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE = 65;
+  SSL_CTRL_GET_TLSEXT_STATUS_REQ_EXTS = 66;
+  SSL_CTRL_SET_TLSEXT_STATUS_REQ_EXTS = 67;
+  SSL_CTRL_GET_TLSEXT_STATUS_REQ_IDS = 68;
+  SSL_CTRL_SET_TLSEXT_STATUS_REQ_IDS = 69;
+  SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP = 70;
+  SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP = 71;
+  SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB = 72;
+  SSL_CTRL_SET_TLS_EXT_SRP_USERNAME_CB = 75;
+  SSL_CTRL_SET_SRP_VERIFY_PARAM_CB = 76;
+  SSL_CTRL_SET_SRP_GIVE_CLIENT_PWD_CB = 77;
+  SSL_CTRL_SET_SRP_ARG = 78;
+  SSL_CTRL_SET_TLS_EXT_SRP_USERNAME = 79;
+  SSL_CTRL_SET_TLS_EXT_SRP_STRENGTH = 80;
+  SSL_CTRL_SET_TLS_EXT_SRP_PASSWORD = 81;
+  SSL_CTRL_DTLS_EXT_SEND_HEARTBEAT = 85;
+  SSL_CTRL_GET_DTLS_EXT_HEARTBEAT_PENDING = 86;
+  SSL_CTRL_SET_DTLS_EXT_HEARTBEAT_NO_REQUESTS = 87;
+  DTLS_CTRL_GET_TIMEOUT = 73;
+  DTLS_CTRL_HANDLE_TIMEOUT = 74;
+  SSL_CTRL_GET_RI_SUPPORT = 76;
+  SSL_CTRL_CLEAR_MODE = 78;
+  SSL_CTRL_SET_NOT_RESUMABLE_SESS_CB = 79;
+  SSL_CTRL_GET_EXTRA_CHAIN_CERTS = 82;
+  SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS = 83;
+  SSL_CTRL_CHAIN = 88;
+  SSL_CTRL_CHAIN_CERT = 89;
+  SSL_CTRL_GET_GROUPS = 90;
+  SSL_CTRL_SET_GROUPS = 91;
+  SSL_CTRL_SET_GROUPS_LIST = 92;
+  SSL_CTRL_GET_SHARED_GROUP = 93;
+  SSL_CTRL_SET_SIGALGS = 97;
+  SSL_CTRL_SET_SIGALGS_LIST = 98;
+  SSL_CTRL_CERT_FLAGS = 99;
+  SSL_CTRL_CLEAR_CERT_FLAGS = 100;
+  SSL_CTRL_SET_CLIENT_SIGALGS = 101;
+  SSL_CTRL_SET_CLIENT_SIGALGS_LIST = 102;
+  SSL_CTRL_GET_CLIENT_CERT_TYPES = 103;
+  SSL_CTRL_SET_CLIENT_CERT_TYPES = 104;
+  SSL_CTRL_BUILD_CERT_CHAIN = 105;
+  SSL_CTRL_SET_VERIFY_CERT_STORE = 106;
+  SSL_CTRL_SET_CHAIN_CERT_STORE = 107;
+  SSL_CTRL_GET_PEER_SIGNATURE_NID = 108;
+  SSL_CTRL_GET_PEER_TMP_KEY = 109;
+  SSL_CTRL_GET_RAW_CIPHERLIST = 110;
+  SSL_CTRL_GET_EC_POINT_FORMATS = 111;
+  SSL_CTRL_GET_CHAIN_CERTS = 115;
+  SSL_CTRL_SELECT_CURRENT_CERT = 116;
+  SSL_CTRL_SET_CURRENT_CERT = 117;
+  SSL_CTRL_SET_DH_AUTO = 118;
+  DTLS_CTRL_SET_LINK_MTU = 120;
+  DTLS_CTRL_GET_LINK_MIN_MTU = 121;
+  SSL_CTRL_GET_EXTMS_SUPPORT = 122;
+  SSL_CTRL_SET_MIN_PROTO_VERSION = 123;
+  SSL_CTRL_SET_MAX_PROTO_VERSION = 124;
+  SSL_CTRL_SET_SPLIT_SEND_FRAGMENT = 125;
+  SSL_CTRL_SET_MAX_PIPELINES = 126;
+  SSL_CTRL_GET_TLSEXT_STATUS_REQ_TYPE = 127;
+  SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB = 128;
+  SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB_ARG = 129;
+  SSL_CTRL_GET_MIN_PROTO_VERSION = 130;
+  SSL_CTRL_GET_MAX_PROTO_VERSION = 131;
+  SSL_CTRL_GET_SIGNATURE_NID = 132;
+  SSL_CTRL_GET_TMP_KEY = 133;
+  SSL_CERT_SET_FIRST = 1;
+  SSL_CERT_SET_NEXT = 2;
   SSL_CERT_SET_SERVER = 3;
-
-  (*
-   * The following symbol names are old and obsolete. They are kept
-   * for compatibility reasons only and should not be used anymore.
+
+  (*
+   * The following symbol names are old and obsolete. They are kept
+   * for compatibility reasons only and should not be used anymore.
    *)
   SSL_CTRL_GET_CURVES = SSL_CTRL_GET_GROUPS;
-  SSL_CTRL_SET_CURVES = SSL_CTRL_SET_GROUPS;
-  SSL_CTRL_SET_CURVES_LIST = SSL_CTRL_SET_GROUPS_LIST;
-  SSL_CTRL_GET_SHARED_CURVE = SSL_CTRL_GET_SHARED_GROUP;
-  
-//  SSL_get1_curves = SSL_get1_groups;
-//  SSL_CTX_set1_curves = SSL_CTX_set1_groups;
-//  SSL_CTX_set1_curves_list = SSL_CTX_set1_groups_list;
-//  SSL_set1_curves = SSL_set1_groups;
-//  SSL_set1_curves_list = SSL_set1_groups_list;
+  SSL_CTRL_SET_CURVES = SSL_CTRL_SET_GROUPS;
+  SSL_CTRL_SET_CURVES_LIST = SSL_CTRL_SET_GROUPS_LIST;
+  SSL_CTRL_GET_SHARED_CURVE = SSL_CTRL_GET_SHARED_GROUP;
+  
+//  SSL_get1_curves = SSL_get1_groups;
+//  SSL_CTX_set1_curves = SSL_CTX_set1_groups;
+//  SSL_CTX_set1_curves_list = SSL_CTX_set1_groups_list;
+//  SSL_set1_curves = SSL_set1_groups;
+//  SSL_set1_curves_list = SSL_set1_groups_list;
 //  SSL_get_shared_curve = SSL_get_shared_group;
-
+
   (* serverinfo file format versions *)
   SSL_SERVERINFOV1 = 1;
   SSL_SERVERINFOV2 = 2;
@@ -808,141 +808,141 @@ interface
   (* What the 'other' parameter contains &in security callback *)
   (* Mask for type *)
   SSL_SECOP_OTHER_TYPE = $ffff0000;
-  SSL_SECOP_OTHER_NONE = 0;
-  SSL_SECOP_OTHER_CIPHER = (1 shl 16);
-  SSL_SECOP_OTHER_CURVE = (2 shl 16);
-  SSL_SECOP_OTHER_DH = (3 shl 16);
-  SSL_SECOP_OTHER_PKEY = (4 shl 16);
-  SSL_SECOP_OTHER_SIGALG = (5 shl 16);
+  SSL_SECOP_OTHER_NONE = 0;
+  SSL_SECOP_OTHER_CIPHER = (1 shl 16);
+  SSL_SECOP_OTHER_CURVE = (2 shl 16);
+  SSL_SECOP_OTHER_DH = (3 shl 16);
+  SSL_SECOP_OTHER_PKEY = (4 shl 16);
+  SSL_SECOP_OTHER_SIGALG = (5 shl 16);
   SSL_SECOP_OTHER_CERT = (6 shl 16);
-
+
   (* Indicated operation refers to peer key or certificate *)
-  SSL_SECOP_PEER = $1000;
-
-  (* Values for "op" parameter in security callback *)
-
-  (* Called to filter ciphers *)
+  SSL_SECOP_PEER = $1000;
+
+  (* Values for "op" parameter in security callback *)
+
+  (* Called to filter ciphers *)
   (* Ciphers client supports *)
-  SSL_SECOP_CIPHER_SUPPORTED = 1 or SSL_SECOP_OTHER_CIPHER;
-  (* Cipher shared by client/server *)
-  SSL_SECOP_CIPHER_SHARED = 2 or SSL_SECOP_OTHER_CIPHER;
-  (* Sanity check of cipher server selects *)
-  SSL_SECOP_CIPHER_CHECK = 3 or SSL_SECOP_OTHER_CIPHER;
-  (* Curves supported by client *)
-  SSL_SECOP_CURVE_SUPPORTED = 4 or SSL_SECOP_OTHER_CURVE;
-  (* Curves shared by client/server *)
-  SSL_SECOP_CURVE_SHARED = 5 or SSL_SECOP_OTHER_CURVE;
-  (* Sanity check of curve server selects *)
-  SSL_SECOP_CURVE_CHECK = 6 or SSL_SECOP_OTHER_CURVE;
-  (* Temporary DH key *)
-  SSL_SECOP_TMP_DH = 7 or SSL_SECOP_OTHER_PKEY;
-  (* SSL/TLS version *)
-  SSL_SECOP_VERSION = 9 or SSL_SECOP_OTHER_NONE;
-  (* Session tickets *)
-  SSL_SECOP_TICKET = 10 or SSL_SECOP_OTHER_NONE;
-  (* Supported signature algorithms sent to peer *)
-  SSL_SECOP_SIGALG_SUPPORTED = 11 or SSL_SECOP_OTHER_SIGALG;
-  (* Shared signature algorithm *)
-  SSL_SECOP_SIGALG_SHARED = 12 or SSL_SECOP_OTHER_SIGALG;
-  (* Sanity check signature algorithm allowed *)
-  SSL_SECOP_SIGALG_CHECK = 13 or SSL_SECOP_OTHER_SIGALG;
-  (* Used to get mask of supported public key signature algorithms *)
-  SSL_SECOP_SIGALG_MASK = 14 or SSL_SECOP_OTHER_SIGALG;
-  (* Use to see if compression is allowed *)
-  SSL_SECOP_COMPRESSION = 15 or SSL_SECOP_OTHER_NONE;
-  (* EE key in certificate *)
-  SSL_SECOP_EE_KEY = 16 or SSL_SECOP_OTHER_CERT;
-  (* CA key in certificate *)
-  SSL_SECOP_CA_KEY = 17 or SSL_SECOP_OTHER_CERT;
-  (* CA digest algorithm in certificate *)
-  SSL_SECOP_CA_MD = 18 or SSL_SECOP_OTHER_CERT;
-  (* Peer EE key in certificate *)
-  SSL_SECOP_PEER_EE_KEY = SSL_SECOP_EE_KEY or SSL_SECOP_PEER;
-  (* Peer CA key in certificate *)
-  SSL_SECOP_PEER_CA_KEY = SSL_SECOP_CA_KEY or SSL_SECOP_PEER;
-  (* Peer CA digest algorithm in certificate *)
+  SSL_SECOP_CIPHER_SUPPORTED = 1 or SSL_SECOP_OTHER_CIPHER;
+  (* Cipher shared by client/server *)
+  SSL_SECOP_CIPHER_SHARED = 2 or SSL_SECOP_OTHER_CIPHER;
+  (* Sanity check of cipher server selects *)
+  SSL_SECOP_CIPHER_CHECK = 3 or SSL_SECOP_OTHER_CIPHER;
+  (* Curves supported by client *)
+  SSL_SECOP_CURVE_SUPPORTED = 4 or SSL_SECOP_OTHER_CURVE;
+  (* Curves shared by client/server *)
+  SSL_SECOP_CURVE_SHARED = 5 or SSL_SECOP_OTHER_CURVE;
+  (* Sanity check of curve server selects *)
+  SSL_SECOP_CURVE_CHECK = 6 or SSL_SECOP_OTHER_CURVE;
+  (* Temporary DH key *)
+  SSL_SECOP_TMP_DH = 7 or SSL_SECOP_OTHER_PKEY;
+  (* SSL/TLS version *)
+  SSL_SECOP_VERSION = 9 or SSL_SECOP_OTHER_NONE;
+  (* Session tickets *)
+  SSL_SECOP_TICKET = 10 or SSL_SECOP_OTHER_NONE;
+  (* Supported signature algorithms sent to peer *)
+  SSL_SECOP_SIGALG_SUPPORTED = 11 or SSL_SECOP_OTHER_SIGALG;
+  (* Shared signature algorithm *)
+  SSL_SECOP_SIGALG_SHARED = 12 or SSL_SECOP_OTHER_SIGALG;
+  (* Sanity check signature algorithm allowed *)
+  SSL_SECOP_SIGALG_CHECK = 13 or SSL_SECOP_OTHER_SIGALG;
+  (* Used to get mask of supported public key signature algorithms *)
+  SSL_SECOP_SIGALG_MASK = 14 or SSL_SECOP_OTHER_SIGALG;
+  (* Use to see if compression is allowed *)
+  SSL_SECOP_COMPRESSION = 15 or SSL_SECOP_OTHER_NONE;
+  (* EE key in certificate *)
+  SSL_SECOP_EE_KEY = 16 or SSL_SECOP_OTHER_CERT;
+  (* CA key in certificate *)
+  SSL_SECOP_CA_KEY = 17 or SSL_SECOP_OTHER_CERT;
+  (* CA digest algorithm in certificate *)
+  SSL_SECOP_CA_MD = 18 or SSL_SECOP_OTHER_CERT;
+  (* Peer EE key in certificate *)
+  SSL_SECOP_PEER_EE_KEY = SSL_SECOP_EE_KEY or SSL_SECOP_PEER;
+  (* Peer CA key in certificate *)
+  SSL_SECOP_PEER_CA_KEY = SSL_SECOP_CA_KEY or SSL_SECOP_PEER;
+  (* Peer CA digest algorithm in certificate *)
   SSL_SECOP_PEER_CA_MD = SSL_SECOP_CA_MD or SSL_SECOP_PEER;
-
+
   (* OPENSSL_INIT flag 0x010000 reserved for internal use *)
-  OPENSSL_INIT_NO_LOAD_SSL_STRINGS = TIdC_LONG($00100000);
-  OPENSSL_INIT_LOAD_SSL_STRINGS = TIdC_LONG($00200000);
+  OPENSSL_INIT_NO_LOAD_SSL_STRINGS = TIdC_LONG($00100000);
+  OPENSSL_INIT_LOAD_SSL_STRINGS = TIdC_LONG($00200000);
   OPENSSL_INIT_SSL_DEFAULT = OPENSSL_INIT_LOAD_SSL_STRINGS or OPENSSL_INIT_LOAD_CRYPTO_STRINGS;
-
-  (* Support for ticket appdata *)
+
+  (* Support for ticket appdata *)
   (* fatal error, malloc failure *)
-  SSL_TICKET_FATAL_ERR_MALLOC = 0;
+  SSL_TICKET_FATAL_ERR_MALLOC = 0;
   (* fatal error, either from parsing or decrypting the ticket *)
-  SSL_TICKET_FATAL_ERR_OTHER = 1;
-  (* No ticket present *)
-  SSL_TICKET_NONE = 2;
-  (* Empty ticket present *)
-  SSL_TICKET_EMPTY = 3;
-  (* the ticket couldn't be decrypted *)
-  SSL_TICKET_NO_DECRYPT = 4;
-  (* a ticket was successfully decrypted *)
-  SSL_TICKET_SUCCESS = 5;
-  (* same as above but the ticket needs to be renewed *)
-  SSL_TICKET_SUCCESS_RENEW = 6;
-
-  (* An error occurred *)
-  SSL_TICKET_RETURN_ABORT = 0;
-  (* Do not use the ticket, do not send a renewed ticket to the client *)
-  SSL_TICKET_RETURN_IGNORE = 1;
-  (* Do not use the ticket, send a renewed ticket to the client *)
-  SSL_TICKET_RETURN_IGNORE_RENEW = 2;
-  (* Use the ticket, do not send a renewed ticket to the client *)
-  SSL_TICKET_RETURN_USE = 3;
-  (* Use the ticket, send a renewed ticket to the client *)
+  SSL_TICKET_FATAL_ERR_OTHER = 1;
+  (* No ticket present *)
+  SSL_TICKET_NONE = 2;
+  (* Empty ticket present *)
+  SSL_TICKET_EMPTY = 3;
+  (* the ticket couldn't be decrypted *)
+  SSL_TICKET_NO_DECRYPT = 4;
+  (* a ticket was successfully decrypted *)
+  SSL_TICKET_SUCCESS = 5;
+  (* same as above but the ticket needs to be renewed *)
+  SSL_TICKET_SUCCESS_RENEW = 6;
+
+  (* An error occurred *)
+  SSL_TICKET_RETURN_ABORT = 0;
+  (* Do not use the ticket, do not send a renewed ticket to the client *)
+  SSL_TICKET_RETURN_IGNORE = 1;
+  (* Do not use the ticket, send a renewed ticket to the client *)
+  SSL_TICKET_RETURN_IGNORE_RENEW = 2;
+  (* Use the ticket, do not send a renewed ticket to the client *)
+  SSL_TICKET_RETURN_USE = 3;
+  (* Use the ticket, send a renewed ticket to the client *)
   SSL_TICKET_RETURN_USE_RENEW = 4;
 
-type
-  (*
-   * This is needed to stop compilers complaining about the 'struct ssl_st *'
-   * function parameters used to prototype callbacks in SSL_CTX.
+type
+  (*
+   * This is needed to stop compilers complaining about the 'struct ssl_st *'
+   * function parameters used to prototype callbacks in SSL_CTX.
    *)
   ssl_crock_st = ^ssl_st;
-  TLS_SESSION_TICKET_EXT = tls_session_ticket_ext_st;
+  TLS_SESSION_TICKET_EXT = tls_session_ticket_ext_st;
   ssl_method_st = type Pointer;
-  SSL_METHOD = ssl_method_st;
-  PSSL_METHOD = ^SSL_METHOD;
+  SSL_METHOD = ssl_method_st;
+  PSSL_METHOD = ^SSL_METHOD;
   ssl_session_st = type Pointer;
-  SSL_CIPHER = ssl_session_st;
+  SSL_CIPHER = ssl_session_st;
   PSSL_CIPHER = ^SSL_CIPHER;
-  SSL_SESSION = ssl_session_st;
-  PSSL_SESSION = ^SSL_SESSION;
-  PPSSL_SESSION = ^PSSL_SESSION;
+  SSL_SESSION = ssl_session_st;
+  PSSL_SESSION = ^SSL_SESSION;
+  PPSSL_SESSION = ^PSSL_SESSION;
   tls_sigalgs_st = type Pointer;
-  TLS_SIGALGS = tls_sigalgs_st;
+  TLS_SIGALGS = tls_sigalgs_st;
   ssl_conf_ctx_st = type Pointer;
-  SSL_CONF_CTX = ssl_conf_ctx_st;
-  PSSL_CONF_CTX = ^SSL_CONF_CTX;
+  SSL_CONF_CTX = ssl_conf_ctx_st;
+  PSSL_CONF_CTX = ^SSL_CONF_CTX;
   ssl_comp_st = type Pointer;
   SSL_COMP = ssl_comp_st;
 
   //STACK_OF(SSL_CIPHER);
   //STACK_OF(SSL_COMP);
-
+
   (* SRTP protection profiles for use with the use_srtp extension (RFC 5764)*)
   srtp_protection_profile_st = record
     name: PIdAnsiChar;
     id: TIdC_ULONG;
   end;
-  SRTP_PROTECTION_PROFILE = srtp_protection_profile_st;
+  SRTP_PROTECTION_PROFILE = srtp_protection_profile_st;
   PSRTP_PROTECTION_PROFILE = ^SRTP_PROTECTION_PROFILE;
 
   //DEFINE_STACK_OF(SRTP_PROTECTION_PROFILE)
-
+
   (* Typedefs for handling custom extensions *)
   custom_ext_add_cb = function (s: PSSL; ext_type: TIdC_UINT; const &out: PByte; outlen: PIdC_SIZET; al: PIdC_INT; add_arg: Pointer): TIdC_INT; cdecl;
-  custom_ext_free_cb = procedure (s: PSSL; ext_type: TIdC_UINT; const &out: PByte; add_arg: Pointer); cdecl;
-  custom_ext_parse_cb = function (s: PSSL; ext_type: TIdC_UINT; const &in: PByte; inlen: TIdC_SIZET; al: PIdC_INT; parse_arg: Pointer): TIdC_INT; cdecl;
-
-  SSL_custom_ext_add_cb_ex = function (s: PSSL; ext_type: TIdC_UINT; context: TIdC_UINT; const &out: PByte; outlen: PIdC_SIZET; x: Px509; chainidx: TIdC_SIZET; al: PIdC_INT; add_arg: Pointer): TIdC_INT; cdecl;
-  SSL_custom_ext_free_cb_ex = procedure (s: PSSL; ext_type: TIdC_UINT; context: TIdC_UINT; const &out: PByte; add_arg: Pointer); cdecl;
-  SSL_custom_ext_parse_cb_ex = function (s: PSSL; ext_type: TIdC_UINT; context: TIdC_UINT; const &in: PByte; inlen: TIdC_SIZET; x: Px509; chainidx: TIdC_SIZET; al: PIdC_INT; parse_arg: Pointer): TIdC_INT; cdecl;
-
-  (* Typedef for verification callback *)
-  SSL_verify_cb = function (preverify_ok: TIdC_INT; x509_ctx: PX509_STORE_CTX): TIdC_INT; cdecl;
+  custom_ext_free_cb = procedure (s: PSSL; ext_type: TIdC_UINT; const &out: PByte; add_arg: Pointer); cdecl;
+  custom_ext_parse_cb = function (s: PSSL; ext_type: TIdC_UINT; const &in: PByte; inlen: TIdC_SIZET; al: PIdC_INT; parse_arg: Pointer): TIdC_INT; cdecl;
+
+  SSL_custom_ext_add_cb_ex = function (s: PSSL; ext_type: TIdC_UINT; context: TIdC_UINT; const &out: PByte; outlen: PIdC_SIZET; x: Px509; chainidx: TIdC_SIZET; al: PIdC_INT; add_arg: Pointer): TIdC_INT; cdecl;
+  SSL_custom_ext_free_cb_ex = procedure (s: PSSL; ext_type: TIdC_UINT; context: TIdC_UINT; const &out: PByte; add_arg: Pointer); cdecl;
+  SSL_custom_ext_parse_cb_ex = function (s: PSSL; ext_type: TIdC_UINT; context: TIdC_UINT; const &in: PByte; inlen: TIdC_SIZET; x: Px509; chainidx: TIdC_SIZET; al: PIdC_INT; parse_arg: Pointer): TIdC_INT; cdecl;
+
+  (* Typedef for verification callback *)
+  SSL_verify_cb = function (preverify_ok: TIdC_INT; x509_ctx: PX509_STORE_CTX): TIdC_INT; cdecl;
 
   tls_session_ticket_ext_cb_fn = function (s: PSSL; const data: PByte; len: TIdC_INT; arg: Pointer): TIdC_INT; cdecl;
 
@@ -964,93 +964,93 @@   srtp_protection_profile_st = record
   SSL_CTX_client_cert_cb = function (ssl: PSSL; x509: PPx509; pkey: PPEVP_PKEY): TIdC_INT; cdecl;
 
   SSL_CTX_cookie_verify_cb = function (ssl: PSSL; cookie: PByte; cookie_len: PIdC_UINT): TIdC_INT; cdecl;
-  SSL_CTX_set_cookie_verify_cb_app_verify_cookie_cb = function (ssl: PSSL; const cookie: PByte; cookie_len: TIdC_UINT): TIdC_INT; cdecl;
-  SSL_CTX_set_stateless_cookie_generate_cb_gen_stateless_cookie_cb = function (ssl: PSSL; cookie: PByte; cookie_len: PIdC_SIZET): TIdC_INT; cdecl;
+  SSL_CTX_set_cookie_verify_cb_app_verify_cookie_cb = function (ssl: PSSL; const cookie: PByte; cookie_len: TIdC_UINT): TIdC_INT; cdecl;
+  SSL_CTX_set_stateless_cookie_generate_cb_gen_stateless_cookie_cb = function (ssl: PSSL; cookie: PByte; cookie_len: PIdC_SIZET): TIdC_INT; cdecl;
   SSL_CTX_set_stateless_cookie_verify_cb_verify_stateless_cookie_cb = function (ssl: PSSL; const cookie: PByte; cookie_len: TIdC_SIZET): TIdC_INT; cdecl;
-
-  SSL_CTX_alpn_select_cb_func = function (ssl: PSSL; const &out: PPByte; outlen: PByte; const &in: PByte; inlen: TIdC_UINT; arg: Pointer): TIdC_INT; cdecl;
-  SSL_psk_client_cb_func = function (ssl: PSSL; const hint: PIdAnsiChar; identity: PIdAnsiChar; max_identity_len: TIdC_UINT; psk: PByte; max_psk_len: TIdC_UINT): TIdC_UINT; cdecl;
+
+  SSL_CTX_alpn_select_cb_func = function (ssl: PSSL; const &out: PPByte; outlen: PByte; const &in: PByte; inlen: TIdC_UINT; arg: Pointer): TIdC_INT; cdecl;
+  SSL_psk_client_cb_func = function (ssl: PSSL; const hint: PIdAnsiChar; identity: PIdAnsiChar; max_identity_len: TIdC_UINT; psk: PByte; max_psk_len: TIdC_UINT): TIdC_UINT; cdecl;
   SSL_psk_server_cb_func = function (ssl: PSSL; const identity: PIdAnsiChar; psk: PByte; max_psk_len: TIdC_UINT): TIdC_UINT; cdecl;
   SSL_psk_find_session_cb_func = function (ssl: PSSL; const identity: PByte; identity_len: TIdC_SIZET; sess: PPSSL_SESSION): TIdC_INT; cdecl;
   SSL_psk_use_session_cb_func = function (ssl: PSSL; const md: PEVP_MD; const id: PPByte; idlen: PIdC_SIZET; sess: PPSSL_SESSION): TIdC_INT; cdecl;
-
-  (*
-   * A callback for logging out TLS key material. This callback should log out
-   * |line| followed by a newline.
+
+  (*
+   * A callback for logging out TLS key material. This callback should log out
+   * |line| followed by a newline.
    *)
   SSL_CTX_keylog_cb_func = procedure(const ssl: PSSL; const line: PIdAnsiChar); cdecl;
-
-  (*
-   * The valid handshake states (one for each type message sent and one for each
-   * type of message received). There are also two "special" states:
-   * TLS = TLS or DTLS state
-   * DTLS = DTLS specific state
-   * CR/SR = Client Read/Server Read
-   * CW/SW = Client Write/Server Write
-   *
-   * The "special" states are:
-   * TLS_ST_BEFORE = No handshake has been initiated yet
-   * TLS_ST_OK = A handshake has been successfully completed
+
+  (*
+   * The valid handshake states (one for each type message sent and one for each
+   * type of message received). There are also two "special" states:
+   * TLS = TLS or DTLS state
+   * DTLS = DTLS specific state
+   * CR/SR = Client Read/Server Read
+   * CW/SW = Client Write/Server Write
+   *
+   * The "special" states are:
+   * TLS_ST_BEFORE = No handshake has been initiated yet
+   * TLS_ST_OK = A handshake has been successfully completed
    *)
   TLS_ST_OK = (
-    DTLS_ST_CR_HELLO_VERIFY_REQUEST,
-    TLS_ST_CR_SRVR_HELLO,
-    TLS_ST_CR_CERT,
-    TLS_ST_CR_CERT_STATUS,
-    TLS_ST_CR_KEY_EXCH,
-    TLS_ST_CR_CERT_REQ,
-    TLS_ST_CR_SRVR_DONE,
-    TLS_ST_CR_SESSION_TICKET,
-    TLS_ST_CR_CHANGE,
-    TLS_ST_CR_FINISHED,
-    TLS_ST_CW_CLNT_HELLO,
-    TLS_ST_CW_CERT,
-    TLS_ST_CW_KEY_EXCH,
-    TLS_ST_CW_CERT_VRFY,
-    TLS_ST_CW_CHANGE,
-    TLS_ST_CW_NEXT_PROTO,
-    TLS_ST_CW_FINISHED,
-    TLS_ST_SW_HELLO_REQ,
-    TLS_ST_SR_CLNT_HELLO,
-    DTLS_ST_SW_HELLO_VERIFY_REQUEST,
-    TLS_ST_SW_SRVR_HELLO,
-    TLS_ST_SW_CERT,
-    TLS_ST_SW_KEY_EXCH,
-    TLS_ST_SW_CERT_REQ,
-    TLS_ST_SW_SRVR_DONE,
-    TLS_ST_SR_CERT,
-    TLS_ST_SR_KEY_EXCH,
-    TLS_ST_SR_CERT_VRFY,
-    TLS_ST_SR_NEXT_PROTO,
-    TLS_ST_SR_CHANGE,
-    TLS_ST_SR_FINISHED,
-    TLS_ST_SW_SESSION_TICKET,
-    TLS_ST_SW_CERT_STATUS,
-    TLS_ST_SW_CHANGE,
-    TLS_ST_SW_FINISHED,
-    TLS_ST_SW_ENCRYPTED_EXTENSIONS,
-    TLS_ST_CR_ENCRYPTED_EXTENSIONS,
-    TLS_ST_CR_CERT_VRFY,
-    TLS_ST_SW_CERT_VRFY,
-    TLS_ST_CR_HELLO_REQ,
-    TLS_ST_SW_KEY_UPDATE,
-    TLS_ST_CW_KEY_UPDATE,
-    TLS_ST_SR_KEY_UPDATE,
-    TLS_ST_CR_KEY_UPDATE,
-    TLS_ST_EARLY_DATA,
-    TLS_ST_PENDING_EARLY_DATA_END,
-    TLS_ST_CW_END_OF_EARLY_DATA
-  );
+    DTLS_ST_CR_HELLO_VERIFY_REQUEST,
+    TLS_ST_CR_SRVR_HELLO,
+    TLS_ST_CR_CERT,
+    TLS_ST_CR_CERT_STATUS,
+    TLS_ST_CR_KEY_EXCH,
+    TLS_ST_CR_CERT_REQ,
+    TLS_ST_CR_SRVR_DONE,
+    TLS_ST_CR_SESSION_TICKET,
+    TLS_ST_CR_CHANGE,
+    TLS_ST_CR_FINISHED,
+    TLS_ST_CW_CLNT_HELLO,
+    TLS_ST_CW_CERT,
+    TLS_ST_CW_KEY_EXCH,
+    TLS_ST_CW_CERT_VRFY,
+    TLS_ST_CW_CHANGE,
+    TLS_ST_CW_NEXT_PROTO,
+    TLS_ST_CW_FINISHED,
+    TLS_ST_SW_HELLO_REQ,
+    TLS_ST_SR_CLNT_HELLO,
+    DTLS_ST_SW_HELLO_VERIFY_REQUEST,
+    TLS_ST_SW_SRVR_HELLO,
+    TLS_ST_SW_CERT,
+    TLS_ST_SW_KEY_EXCH,
+    TLS_ST_SW_CERT_REQ,
+    TLS_ST_SW_SRVR_DONE,
+    TLS_ST_SR_CERT,
+    TLS_ST_SR_KEY_EXCH,
+    TLS_ST_SR_CERT_VRFY,
+    TLS_ST_SR_NEXT_PROTO,
+    TLS_ST_SR_CHANGE,
+    TLS_ST_SR_FINISHED,
+    TLS_ST_SW_SESSION_TICKET,
+    TLS_ST_SW_CERT_STATUS,
+    TLS_ST_SW_CHANGE,
+    TLS_ST_SW_FINISHED,
+    TLS_ST_SW_ENCRYPTED_EXTENSIONS,
+    TLS_ST_CR_ENCRYPTED_EXTENSIONS,
+    TLS_ST_CR_CERT_VRFY,
+    TLS_ST_SW_CERT_VRFY,
+    TLS_ST_CR_HELLO_REQ,
+    TLS_ST_SW_KEY_UPDATE,
+    TLS_ST_CW_KEY_UPDATE,
+    TLS_ST_SR_KEY_UPDATE,
+    TLS_ST_CR_KEY_UPDATE,
+    TLS_ST_EARLY_DATA,
+    TLS_ST_PENDING_EARLY_DATA_END,
+    TLS_ST_CW_END_OF_EARLY_DATA
+  );
   OSSL_HANDSHAKE_STATE = TLS_ST_OK;
 
   SSL_CTX_set_cert_verify_callback_cb = function (v1: PX509_STORE_CTX; v2: Pointer): TIdC_INT; cdecl;
   SSL_CTX_set_cert_cb_cb = function (ssl: PSSL; arg: Pointer): TIdC_INT; cdecl;
 
-  SSL_CTX_set_srp_client_pwd_callback_cb = function (v1: PSSL; v2: Pointer): PIdAnsiChar; cdecl;
-  SSL_CTX_set_srp_verify_param_callback_cb = function (v1: PSSL; v2: Pointer): TIdC_INT; cdecl;
+  SSL_CTX_set_srp_client_pwd_callback_cb = function (v1: PSSL; v2: Pointer): PIdAnsiChar; cdecl;
+  SSL_CTX_set_srp_verify_param_callback_cb = function (v1: PSSL; v2: Pointer): TIdC_INT; cdecl;
   SSL_CTX_set_srp_username_callback_cb = function (v1: PSSL; v2: PIdC_INT; v3: Pointer): TIdC_INT; cdecl;
   SSL_client_hello_cb_fn = function (s: PSSL; al: PIdC_INT; arg: Pointer): TIdC_INT; cdecl;
-  SSL_callback_ctrl_v3 = procedure; cdecl;
+  SSL_callback_ctrl_v3 = procedure; cdecl;
   SSL_CTX_callback_ctrl_v3 = procedure; cdecl;
   SSL_info_callback = procedure (const ssl: PSSL; &type: TIdC_INT; val: TIdC_INT); cdecl;
 
@@ -1058,14 +1058,14 @@   srtp_protection_profile_st = record
   SSL_CTX_set_tmp_dh_callback_dh = function (ssl: PSSL; is_export: TIdC_INT; keylength: TIdC_INT): PDH; cdecl;
   SSL_set_tmp_dh_callback_dh = function (ssl: PSSL; is_export: TIdC_INT; keylength: TIdC_INT): PDH; cdecl;
   SSL_CTX_set_not_resumable_session_callback_cb = function (ssl: PSSL; is_forward_secure: TIdC_INT): TIdC_INT; cdecl;
-  SSL_set_not_resumable_session_callback_cb = function (ssl: PSSL; is_forward_secure: TIdC_INT): TIdC_INT; cdecl;
+  SSL_set_not_resumable_session_callback_cb = function (ssl: PSSL; is_forward_secure: TIdC_INT): TIdC_INT; cdecl;
   SSL_CTX_set_record_padding_callback_cb = function (ssl: PSSL; &type: TIdC_INT; len: TIdC_SIZET; arg: Pointer): TIdC_SIZET; cdecl;
-  SSL_set_record_padding_callback_cb = function (ssl: PSSL; &type: TIdC_INT; len: TIdC_SIZET; arg: Pointer): TIdC_SIZET; cdecl;
-  
-  (*
-   * The validation type enumerates the available behaviours of the built-in SSL
-   * CT validation callback selected via SSL_enable_ct() and SSL_CTX_enable_ct().
-   * The underlying callback is a static function in libssl.
+  SSL_set_record_padding_callback_cb = function (ssl: PSSL; &type: TIdC_INT; len: TIdC_SIZET; arg: Pointer): TIdC_SIZET; cdecl;
+  
+  (*
+   * The validation type enumerates the available behaviours of the built-in SSL
+   * CT validation callback selected via SSL_enable_ct() and SSL_CTX_enable_ct().
+   * The underlying callback is a static function in libssl.
    *)
   SSL_CT_VALIDATION = (         
     SSL_CT_VALIDATION_PERMISSIVE = 0,
@@ -1082,11 +1082,11 @@   srtp_protection_profile_st = record
 
   SSL_CTX_decrypt_session_ticket_fn = function (s: PSSL; ss: PSSL_SESSION; const keyname: PByte; keyname_length: TIdC_SIZET; status: SSL_TICKET_STATUS; arg: Pointer): SSL_TICKET_RETURN; cdecl;
 
-  DTLS_timer_cb = function(s: PSSL; timer_us: TIdC_UINT): TIdC_UINT; cdecl;
-  SSL_allow_early_data_cb_fn = function(s: PSSL; arg: Pointer): TIdC_INT; cdecl;
-
-  SSL_CTX_sess_new_cb = function (ssl: PSSL; sess: PSSL_SESSION): TIdC_INT; cdecl;
-
+  DTLS_timer_cb = function(s: PSSL; timer_us: TIdC_UINT): TIdC_UINT; cdecl;
+  SSL_allow_early_data_cb_fn = function(s: PSSL; arg: Pointer): TIdC_INT; cdecl;
+
+  SSL_CTX_sess_new_cb = function (ssl: PSSL; sess: PSSL_SESSION): TIdC_INT; cdecl;
+
   SSL_CTX_sess_remove_cb = procedure(ctx: PSSL_CTX; sess: PSSL_SESSION); cdecl;
 
 {$REGION 'C compiler macros'}
@@ -1176,11 +1176,11 @@ function SSL_get_max_proto_version(s: PSSL): TIdC_LONG;
   //                                        const SSL_CIPHER **cipher, void *arg);
 
   function SSL_CTX_get_options(const ctx: PSSL_CTX): TIdC_ULONG;
-  function SSL_get_options(const s: PSSL): TIdC_ULONG;
-  function SSL_CTX_clear_options(ctx: PSSL_CTX; op: TIdC_ULONG): TIdC_ULONG;
-  function SSL_clear_options(s: PSSL; op: TIdC_ULONG): TIdC_ULONG;
-  function SSL_CTX_set_options(ctx: PSSL_CTX; op: TIdC_ULONG): TIdC_ULONG;
-  function SSL_set_options(s: PSSL; op: TIdC_ULONG): TIdC_ULONG;
+  function SSL_get_options(const s: PSSL): TIdC_ULONG;
+  function SSL_CTX_clear_options(ctx: PSSL_CTX; op: TIdC_ULONG): TIdC_ULONG;
+  function SSL_clear_options(s: PSSL; op: TIdC_ULONG): TIdC_ULONG;
+  function SSL_CTX_set_options(ctx: PSSL_CTX; op: TIdC_ULONG): TIdC_ULONG;
+  function SSL_set_options(s: PSSL; op: TIdC_ULONG): TIdC_ULONG;
 
   //# define SSL_CTX_set_mode(ctx,op) \
   //        SSL_CTX_ctrl((ctx),SSL_CTRL_MODE,(op),NULL)
@@ -1273,8 +1273,8 @@ function SSL_get_max_proto_version(s: PSSL): TIdC_LONG;
   procedure SSL_CTX_sess_set_new_cb(ctx: PSSL_CTX; new_session_cb: SSL_CTX_sess_new_cb);
   function SSL_CTX_sess_get_new_cb(ctx: PSSL_CTX): SSL_CTX_sess_new_cb;
   procedure SSL_CTX_sess_set_remove_cb(ctx: PSSL_CTX; remove_session_cb: SSL_CTX_sess_remove_cb);
-  function SSL_CTX_sess_get_remove_cb(ctx: PSSL_CTX): SSL_CTX_sess_remove_cb;
-
+  function SSL_CTX_sess_get_remove_cb(ctx: PSSL_CTX): SSL_CTX_sess_remove_cb;
+
   //void SSL_CTX_sess_set_get_cb(ctx: PSSL_CTX,
   //                             SSL_SESSION *(*get_session_cb) (struct ssl_st
   //                                                             *ssl,
@@ -1291,20 +1291,20 @@ function SSL_get_max_proto_version(s: PSSL): TIdC_LONG;
   function SSL_CTX_set_client_cert_engine(ctx: PSSL_CTX; e: PENGINE): TIdC_INT;
 
   procedure SSL_CTX_set_cookie_generate_cb(ctx: PSSL_CTX; app_gen_cookie_cb: SSL_CTX_cookie_verify_cb);
-  procedure SSL_CTX_set_cookie_verify_cb(ctx: PSSL_CTX; app_verify_cookie_cb: SSL_CTX_set_cookie_verify_cb_app_verify_cookie_cb);
-  procedure SSL_CTX_set_stateless_cookie_generate_cb(ctx: PSSL_CTX; gen_stateless_cookie_cb: SSL_CTX_set_stateless_cookie_generate_cb_gen_stateless_cookie_cb);
-  procedure SSL_CTX_set_stateless_cookie_verify_cb(ctx: PSSL_CTX; verify_stateless_cookie_cb: SSL_CTX_set_stateless_cookie_verify_cb_verify_stateless_cookie_cb);
+  procedure SSL_CTX_set_cookie_verify_cb(ctx: PSSL_CTX; app_verify_cookie_cb: SSL_CTX_set_cookie_verify_cb_app_verify_cookie_cb);
+  procedure SSL_CTX_set_stateless_cookie_generate_cb(ctx: PSSL_CTX; gen_stateless_cookie_cb: SSL_CTX_set_stateless_cookie_generate_cb_gen_stateless_cookie_cb);
+  procedure SSL_CTX_set_stateless_cookie_verify_cb(ctx: PSSL_CTX; verify_stateless_cookie_cb: SSL_CTX_set_stateless_cookie_verify_cb_verify_stateless_cookie_cb);
 
   //__owur TIdC_INT SSL_CTX_set_alpn_protos(ctx: PSSL_CTX, const Byte *protos,
   //                                   TIdC_UINT protos_len);
   //__owur TIdC_INT SSL_set_alpn_protos(ssl: PSSL, const Byte *protos,
   //                               TIdC_UINT protos_len);
 
-  procedure SSL_CTX_set_alpn_select_cb(ctx: PSSL_CTX; cb: SSL_CTX_alpn_select_cb_func; arg: Pointer);
-  procedure SSL_get0_alpn_selected(const ssl: PSSL; const data: PPByte; len: PIdC_UINT);
-  procedure SSL_CTX_set_psk_client_callback(ctx: PSSL_CTX; cb: SSL_psk_client_cb_func);
-  procedure SSL_set_psk_client_callback(ssl: PSSL; cb: SSL_psk_client_cb_func);
-  procedure SSL_CTX_set_psk_server_callback(ctx: PSSL_CTX; cb: SSL_psk_server_cb_func);
+  procedure SSL_CTX_set_alpn_select_cb(ctx: PSSL_CTX; cb: SSL_CTX_alpn_select_cb_func; arg: Pointer);
+  procedure SSL_get0_alpn_selected(const ssl: PSSL; const data: PPByte; len: PIdC_UINT);
+  procedure SSL_CTX_set_psk_client_callback(ctx: PSSL_CTX; cb: SSL_psk_client_cb_func);
+  procedure SSL_set_psk_client_callback(ssl: PSSL; cb: SSL_psk_client_cb_func);
+  procedure SSL_CTX_set_psk_server_callback(ctx: PSSL_CTX; cb: SSL_psk_server_cb_func);
   procedure SSL_set_psk_server_callback(ssl: PSSL; cb: SSL_psk_server_cb_func);
 
   //__owur TIdC_INT SSL_CTX_use_psk_identity_hint(ctx: PSSL_CTX, const PIdAnsiChar *identity_hint);
@@ -1312,9 +1312,9 @@ function SSL_get_max_proto_version(s: PSSL): TIdC_LONG;
   //const PIdAnsiChar *SSL_get_psk_identity_hint(const s: PSSL);
   //const PIdAnsiChar *SSL_get_psk_identity(const s: PSSL);
 
-  procedure SSL_set_psk_find_session_callback(s: PSSL; cb: SSL_psk_find_session_cb_func);
-  procedure SSL_CTX_set_psk_find_session_callback(ctx: PSSL_CTX; cb: SSL_psk_find_session_cb_func);
-  procedure SSL_set_psk_use_session_callback(s: PSSL; cb: SSL_psk_use_session_cb_func);
+  procedure SSL_set_psk_find_session_callback(s: PSSL; cb: SSL_psk_find_session_cb_func);
+  procedure SSL_CTX_set_psk_find_session_callback(ctx: PSSL_CTX; cb: SSL_psk_find_session_cb_func);
+  procedure SSL_set_psk_use_session_callback(s: PSSL; cb: SSL_psk_use_session_cb_func);
   procedure SSL_CTX_set_psk_use_session_callback(ctx: PSSL_CTX; cb: SSL_psk_use_session_cb_func);
 
   ///* Register callbacks to handle custom TLS Extensions for client or server. */
@@ -1357,25 +1357,25 @@ function SSL_get_max_proto_version(s: PSSL): TIdC_LONG;
   //# define SSL_want_async(s)           (SSL_want(s) == SSL_ASYNC_PAUSED)
   //# define SSL_want_async_job(s)       (SSL_want(s) == SSL_ASYNC_NO_JOBS)
   //# define SSL_want_client_hello_cb(s) (SSL_want(s) == SSL_CLIENT_HELLO_CB)
-
-  (*
-   * SSL_CTX_set_keylog_callback configures a callback to log key material. This
-   * is intended for debugging use with tools like Wireshark. The cb function
-   * should log line followed by a newline.
+
+  (*
+   * SSL_CTX_set_keylog_callback configures a callback to log key material. This
+   * is intended for debugging use with tools like Wireshark. The cb function
+   * should log line followed by a newline.
+   *)
+  procedure SSL_CTX_set_keylog_callback(ctx: PSSL_CTX; cb: SSL_CTX_keylog_cb_func);
+  (*
+   * SSL_CTX_get_keylog_callback returns the callback configured by
+   * SSL_CTX_set_keylog_callback.
    *)
-  procedure SSL_CTX_set_keylog_callback(ctx: PSSL_CTX; cb: SSL_CTX_keylog_cb_func);
-  (*
-   * SSL_CTX_get_keylog_callback returns the callback configured by
-   * SSL_CTX_set_keylog_callback.
-   *)
-  function SSL_CTX_get_keylog_callback(const ctx: PSSL_CTX): SSL_CTX_keylog_cb_func;
-  function SSL_CTX_set_max_early_data(ctx: PSSL_CTX; max_early_data: TIdC_UINT32): TIdC_INT;
-  function SSL_CTX_get_max_early_data(const ctx: PSSL_CTX): TIdC_UINT32;
-  function SSL_set_max_early_data(s: PSSL; max_early_data: TIdC_UINT32): TIdC_INT;
-  function SSL_get_max_early_data(const s: PSSL): TIdC_UINT32;
-  function SSL_CTX_set_recv_max_early_data(ctx: PSSL_CTX; recv_max_early_data: TIdC_UINT32): TIdC_INT;
-  function SSL_CTX_get_recv_max_early_data(const ctx: PSSL_CTX): TIdC_UINT32;
-  function SSL_set_recv_max_early_data(s: PSSL; recv_max_early_data: TIdC_UINT32): TIdC_INT;
+  function SSL_CTX_get_keylog_callback(const ctx: PSSL_CTX): SSL_CTX_keylog_cb_func;
+  function SSL_CTX_set_max_early_data(ctx: PSSL_CTX; max_early_data: TIdC_UINT32): TIdC_INT;
+  function SSL_CTX_get_max_early_data(const ctx: PSSL_CTX): TIdC_UINT32;
+  function SSL_set_max_early_data(s: PSSL; max_early_data: TIdC_UINT32): TIdC_INT;
+  function SSL_get_max_early_data(const s: PSSL): TIdC_UINT32;
+  function SSL_CTX_set_recv_max_early_data(ctx: PSSL_CTX; recv_max_early_data: TIdC_UINT32): TIdC_INT;
+  function SSL_CTX_get_recv_max_early_data(const ctx: PSSL_CTX): TIdC_UINT32;
+  function SSL_set_recv_max_early_data(s: PSSL; recv_max_early_data: TIdC_UINT32): TIdC_INT;
   function SSL_get_recv_max_early_data(const s: PSSL): TIdC_UINT32;
 
   ///*
@@ -1395,21 +1395,21 @@ function SSL_get_max_proto_version(s: PSSL): TIdC_LONG;
   //# define SSL_CTX_set_app_data(ctx,arg)   (SSL_CTX_set_ex_data(ctx,0, \
   //                                                              (PIdAnsiChar *)(arg)))
 
-  ///* Is the SSL_connection established? */
-  //# define SSL_in_connect_init(a)          (SSL_in_init(a) && !SSL_is_server(a))
-  //# define SSL_in_accept_init(a)           (SSL_in_init(a) && SSL_is_server(a))
-  function SSL_in_init(const s: PSSL): TIdC_INT;
-  function SSL_in_before(const s: PSSL): TIdC_INT;
-  function SSL_is_init_finished(const s: PSSL): TIdC_INT;
-
-  (*-
-   * Obtain latest Finished message
-   *   -- that we sent (SSL_get_finished)
-   *   -- that we expected from peer (SSL_get_peer_finished).
-   * Returns length (0 == no Finished so far), copies up to 'count' bytes.
-   *)
-  function SSL_get_finished(const s: PSSL; buf: Pointer; count: TIdC_SIZET): TIdC_SIZET;
-  function SSL_get_peer_finished(const s: PSSL; buf: Pointer; count: TIdC_SIZET): TIdC_SIZET;
+  ///* Is the SSL_connection established? */
+  //# define SSL_in_connect_init(a)          (SSL_in_init(a) && !SSL_is_server(a))
+  //# define SSL_in_accept_init(a)           (SSL_in_init(a) && SSL_is_server(a))
+  function SSL_in_init(const s: PSSL): TIdC_INT;
+  function SSL_in_before(const s: PSSL): TIdC_INT;
+  function SSL_is_init_finished(const s: PSSL): TIdC_INT;
+
+  (*-
+   * Obtain latest Finished message
+   *   -- that we sent (SSL_get_finished)
+   *   -- that we expected from peer (SSL_get_peer_finished).
+   * Returns length (0 == no Finished so far), copies up to 'count' bytes.
+   *)
+  function SSL_get_finished(const s: PSSL; buf: Pointer; count: TIdC_SIZET): TIdC_SIZET;
+  function SSL_get_peer_finished(const s: PSSL; buf: Pointer; count: TIdC_SIZET): TIdC_SIZET;
 
   //# if OPENSSL_API_COMPAT < 0x10100000L
   //#  define OpenSSL_add_ssl_algorithms()   SSL_library_init()
@@ -1446,11 +1446,11 @@ function SSL_get_max_proto_version(s: PSSL): TIdC_LONG;
   //# define SSL_get_server_tmp_key(s, pk) \
   //         SSL_get_peer_tmp_key(s, pk)
 
-  //# if OPENSSL_API_COMPAT < 0x10100000L
-  //const SSL_CTX_need_tmp_RSA = (ctx)    0;
-  //const SSL_CTX_set_tmp_rsa = (ctx;rsa)   1;
-  //const SSL_need_tmp_RSA = (ssl)     0;
-  //const SSL_set_tmp_rsa = (ssl;rsa)    1;
+  //# if OPENSSL_API_COMPAT < 0x10100000L
+  //const SSL_CTX_need_tmp_RSA = (ctx)    0;
+  //const SSL_CTX_set_tmp_rsa = (ctx;rsa)   1;
+  //const SSL_need_tmp_RSA = (ssl)     0;
+  //const SSL_set_tmp_rsa = (ssl;rsa)    1;
 
   //#  define SSL_CTX_set_ecdh_auto(dummy, onoff)      ((onoff) != 0)
   //#  define SSL_set_ecdh_auto(dummy, onoff)          ((onoff) != 0)
@@ -1477,9 +1477,9 @@ function SSL_get_max_proto_version(s: PSSL): TIdC_LONG;
   function SSL_clear(s: PSSL): TIdC_INT;
 
   procedure BIO_ssl_shutdown(ssl_bio: PBIO);
-  function SSL_CTX_up_ref(ctx: PSSL_CTX): TIdC_INT;
-  procedure SSL_CTX_free(v1: PSSL_CTX);
-  procedure SSL_CTX_set_cert_store(v1: PSSL_CTX; v2: PX509_STORE);
+  function SSL_CTX_up_ref(ctx: PSSL_CTX): TIdC_INT;
+  procedure SSL_CTX_free(v1: PSSL_CTX);
+  procedure SSL_CTX_set_cert_store(v1: PSSL_CTX; v2: PX509_STORE);
   procedure SSL_CTX_set1_cert_store(v1: PSSL_CTX; v2: PX509_STORE);
 
   procedure SSL_CTX_flush_sessions(ctx: PSSL_CTX; tm: TIdC_LONG);
@@ -1510,20 +1510,20 @@ function SSL_get_max_proto_version(s: PSSL): TIdC_LONG;
   function SSL_set_rfd(s: PSSL; fd: TIdC_INT): TIdC_INT;
   function SSL_set_wfd(s: PSSL; fd: TIdC_INT): TIdC_INT;
   procedure SSL_set0_rbio(s: PSSL; rbio: PBIO);
-  procedure SSL_set0_wbio(s: PSSL; wbio: PBIO);
-  procedure SSL_set_bio(s: PSSL; rbio: PBIO; wbio: PBIO);
+  procedure SSL_set0_wbio(s: PSSL; wbio: PBIO);
+  procedure SSL_set_bio(s: PSSL; rbio: PBIO; wbio: PBIO);
   function SSL_get_rbio(const s: PSSL): PBIO;
-  function SSL_get_wbio(const s: PSSL): PBIO;
+  function SSL_get_wbio(const s: PSSL): PBIO;
   function SSL_set_cipher_list(s: PSSL; const str: PIdAnsiChar): TIdC_INT;
   function SSL_CTX_set_ciphersuites(ctx: PSSL_CTX; const str: PIdAnsiChar): TIdC_INT;
   function SSL_set_ciphersuites(s: PSSL; const str: PIdAnsiChar): TIdC_INT;
   function SSL_get_verify_mode(const s: PSSL): TIdC_INT;
-  function SSL_get_verify_depth(const s: PSSL): TIdC_INT;
+  function SSL_get_verify_depth(const s: PSSL): TIdC_INT;
   function SSL_get_verify_callback(const s: PSSL): SSL_verify_cb;
   procedure SSL_set_read_ahead(s: PSSL; yes: TIdC_INT);
-  procedure SSL_set_verify(s: PSSL; mode: TIdC_INT; callback: SSL_verify_cb);
+  procedure SSL_set_verify(s: PSSL; mode: TIdC_INT; callback: SSL_verify_cb);
   procedure SSL_set_verify_depth(s: PSSL; depth: TIdC_INT);
-  //void SSL_set_cert_cb(s: PSSL, TIdC_INT (*cb) (ssl: PSSL, void *arg), void *arg);
+  //void SSL_set_cert_cb(s: PSSL, TIdC_INT (*cb) (ssl: PSSL, void *arg), void *arg);
 
   function SSL_use_RSAPrivateKey(ssl: PSSL; rsa: PRSA): TIdC_INT;
   function SSL_use_RSAPrivateKey_ASN1(ssl: PSSL; const d: PByte; len: TIdC_LONG): TIdC_INT;
@@ -1596,17 +1596,17 @@ function SSL_get_max_proto_version(s: PSSL): TIdC_LONG;
   function SSL_SESSION_get_id(const s: PSSL_SESSION; len: PIdC_UINT): PByte;
   function SSL_SESSION_get0_id_context(const s: PSSL_SESSION; len: PIdC_UINT): PByte;
   function SSL_SESSION_get_compress_id(const s: PSSL_SESSION): TIdC_UINT;
-  function SSL_SESSION_print(fp: PBIO; const ses: PSSL_SESSION): TIdC_INT;
-  function SSL_SESSION_print_keylog(bp: PBIO; const x: PSSL_SESSION): TIdC_INT;
-  function SSL_SESSION_up_ref(ses: PSSL_SESSION): TIdC_INT;
-  procedure SSL_SESSION_free(ses: PSSL_SESSION);
-  //__owur TIdC_INT i2d_SSL_SESSION(SSL_SESSION *&in, Byte **pp);
-  function SSL_set_session(&to: PSSL; session: PSSL_SESSION): TIdC_INT;
-  function SSL_CTX_add_session(ctx: PSSL_CTX; session: PSSL_SESSION): TIdC_INT;
-  function SSL_CTX_remove_session(ctx: PSSL_CTX; session: PSSL_SESSION): TIdC_INT;
-  function SSL_CTX_set_generate_session_id(ctx: PSSL_CTX; cb: GEN_SESSION_CB): TIdC_INT;
-  function SSL_set_generate_session_id(s: PSSL; cb: GEN_SESSION_CB): TIdC_INT;
-  function SSL_has_matching_session_id(const s: PSSL; const id: PByte; id_len: TIdC_UINT): TIdC_INT;
+  function SSL_SESSION_print(fp: PBIO; const ses: PSSL_SESSION): TIdC_INT;
+  function SSL_SESSION_print_keylog(bp: PBIO; const x: PSSL_SESSION): TIdC_INT;
+  function SSL_SESSION_up_ref(ses: PSSL_SESSION): TIdC_INT;
+  procedure SSL_SESSION_free(ses: PSSL_SESSION);
+  //__owur TIdC_INT i2d_SSL_SESSION(SSL_SESSION *&in, Byte **pp);
+  function SSL_set_session(&to: PSSL; session: PSSL_SESSION): TIdC_INT;
+  function SSL_CTX_add_session(ctx: PSSL_CTX; session: PSSL_SESSION): TIdC_INT;
+  function SSL_CTX_remove_session(ctx: PSSL_CTX; session: PSSL_SESSION): TIdC_INT;
+  function SSL_CTX_set_generate_session_id(ctx: PSSL_CTX; cb: GEN_SESSION_CB): TIdC_INT;
+  function SSL_set_generate_session_id(s: PSSL; cb: GEN_SESSION_CB): TIdC_INT;
+  function SSL_has_matching_session_id(const s: PSSL; const id: PByte; id_len: TIdC_UINT): TIdC_INT;
   function d2i_SSL_SESSION(a: PPSSL_SESSION; const pp: PPByte; length: TIdC_LONG): PSSL_SESSION;
 
   function SSL_get_peer_certificate(const s: PSSL): PX509;
@@ -1629,12 +1629,12 @@ function SSL_get_max_proto_version(s: PSSL): TIdC_LONG;
   //function TIdC_INT SSL_CTX_use_cert_and_key(ctx: PSSL_CTX; x509: PX509; EVP_PKEY *privatekey; STACK_OF(X509) *chain; TIdC_INT override);
 
   procedure SSL_CTX_set_default_passwd_cb(ctx: PSSL_CTX; cb: pem_password_cb);
-  procedure SSL_CTX_set_default_passwd_cb_userdata(ctx: PSSL_CTX; u: Pointer);
-  function SSL_CTX_get_default_passwd_cb(ctx: PSSL_CTX): pem_password_cb;
-  function SSL_CTX_get_default_passwd_cb_userdata(ctx: PSSL_CTX): Pointer;
-  procedure SSL_set_default_passwd_cb(s: PSSL; cb: pem_password_cb);
-  procedure SSL_set_default_passwd_cb_userdata(s: PSSL; u: Pointer);
-  function SSL_get_default_passwd_cb(s: PSSL): pem_password_cb;
+  procedure SSL_CTX_set_default_passwd_cb_userdata(ctx: PSSL_CTX; u: Pointer);
+  function SSL_CTX_get_default_passwd_cb(ctx: PSSL_CTX): pem_password_cb;
+  function SSL_CTX_get_default_passwd_cb_userdata(ctx: PSSL_CTX): Pointer;
+  procedure SSL_set_default_passwd_cb(s: PSSL; cb: pem_password_cb);
+  procedure SSL_set_default_passwd_cb_userdata(s: PSSL; u: Pointer);
+  function SSL_get_default_passwd_cb(s: PSSL): pem_password_cb;
   function SSL_get_default_passwd_cb_userdata(s: PSSL): Pointer;
 
   function SSL_CTX_check_private_key(const ctx: PSSL_CTX): TIdC_INT;
@@ -1643,7 +1643,7 @@ function SSL_get_max_proto_version(s: PSSL): TIdC_LONG;
   function SSL_CTX_set_session_id_context(ctx: PSSL_CTX; const sid_ctx: PByte; sid_ctx_len: TIdC_UINT): TIdC_INT;
 
   function SSL_new(ctx: PSSL_CTX): PSSL;
-  function SSL_up_ref(s: PSSL): TIdC_INT;
+  function SSL_up_ref(s: PSSL): TIdC_INT;
   function SSL_is_dtls(const s: PSSL): TIdC_INT;
   function SSL_set_session_id_context(ssl: PSSL; const sid_ctx: PByte; sid_ctx_len: TIdC_UINT): TIdC_INT;
 
@@ -1662,19 +1662,19 @@ function SSL_get_max_proto_version(s: PSSL): TIdC_LONG;
   function SSL_dane_enable(s: PSSL; const basedomain: PIdAnsiChar): TIdC_INT;
   function SSL_dane_tlsa_add(s: PSSL; usage: TIdC_UINT8; selector: TIdC_UINT8; mtype: TIdC_UINT8; const data: PByte; dlen: TIdC_SIZET): TIdC_INT;
   function SSL_get0_dane_authority(s: PSSL; mcert: PPX509; mspki: PPEVP_PKEY): TIdC_INT;
-  function SSL_get0_dane_tlsa(s: PSSL; usage: PIdC_UINT8; selector: PIdC_UINT8; mtype: PIdC_UINT8; const data: PPByte; dlen: PIdC_SIZET): TIdC_INT;
-  (*
-   * Bridge opacity barrier between libcrypt and libssl, also needed to support
-   * offline testing in test/danetest.c
+  function SSL_get0_dane_tlsa(s: PSSL; usage: PIdC_UINT8; selector: PIdC_UINT8; mtype: PIdC_UINT8; const data: PPByte; dlen: PIdC_SIZET): TIdC_INT;
+  (*
+   * Bridge opacity barrier between libcrypt and libssl, also needed to support
+   * offline testing in test/danetest.c
    *)
   function SSL_get0_dane(ssl: PSSL): PSSL_DANE;
-
-  (*
-   * DANE flags
+
+  (*
+   * DANE flags
    *)
   function SSL_CTX_dane_set_flags(ctx: PSSL_CTX; flags: TIdC_ULONG): TIdC_ULONG;
-  function SSL_CTX_dane_clear_flags(ctx: PSSL_CTX; flags: TIdC_ULONG): TIdC_ULONG;
-  function SSL_dane_set_flags(ssl: PSSL; flags: TIdC_ULONG): TIdC_ULONG;
+  function SSL_CTX_dane_clear_flags(ctx: PSSL_CTX; flags: TIdC_ULONG): TIdC_ULONG;
+  function SSL_dane_set_flags(ssl: PSSL; flags: TIdC_ULONG): TIdC_ULONG;
   function SSL_dane_clear_flags(ssl: PSSL; flags: TIdC_ULONG): TIdC_ULONG;
 
   function SSL_CTX_set1_param(ctx: PSSL_CTX; vpm: PX509_VERIFY_PARAM): TIdC_INT;
@@ -1684,15 +1684,15 @@ function SSL_get_max_proto_version(s: PSSL): TIdC_LONG;
   function SSL_get0_param(ssl: PSSL): PX509_VERIFY_PARAM;
 
   function SSL_CTX_set_srp_username(ctx: PSSL_CTX; name: PIdAnsiChar): TIdC_INT;
-  function SSL_CTX_set_srp_password(ctx: PSSL_CTX; password: PIdAnsiChar): TIdC_INT;
-  function SSL_CTX_set_srp_strength(ctx: PSSL_CTX; strength: TIdC_INT): TIdC_INT;
-
+  function SSL_CTX_set_srp_password(ctx: PSSL_CTX; password: PIdAnsiChar): TIdC_INT;
+  function SSL_CTX_set_srp_strength(ctx: PSSL_CTX; strength: TIdC_INT): TIdC_INT;
+
   function SSL_CTX_set_srp_client_pwd_callback(ctx: PSSL_CTX; cb: SSL_CTX_set_srp_client_pwd_callback_cb): TIdC_INT;
-  function SSL_CTX_set_srp_verify_param_callback(ctx: PSSL_CTX; cb: SSL_CTX_set_srp_verify_param_callback_cb): TIdC_INT;
-  function SSL_CTX_set_srp_username_callback(ctx: PSSL_CTX; cb: SSL_CTX_set_srp_username_callback_cb): TIdC_INT;
+  function SSL_CTX_set_srp_verify_param_callback(ctx: PSSL_CTX; cb: SSL_CTX_set_srp_verify_param_callback_cb): TIdC_INT;
+  function SSL_CTX_set_srp_username_callback(ctx: PSSL_CTX; cb: SSL_CTX_set_srp_username_callback_cb): TIdC_INT;
 
   function SSL_CTX_set_srp_cb_arg(ctx: PSSL_CTX; arg: Pointer): TIdC_INT;
-  function SSL_set_srp_server_param(s: PSSL; const N: PBIGNUm; const g: PBIGNUm; sa: PBIGNUm; v: PBIGNUm; info: PIdAnsiChar): TIdC_INT;
+  function SSL_set_srp_server_param(s: PSSL; const N: PBIGNUm; const g: PBIGNUm; sa: PBIGNUm; v: PBIGNUm; info: PIdAnsiChar): TIdC_INT;
   function SSL_set_srp_server_param_pw(s: PSSL; const user: PIdAnsiChar; const pass: PIdAnsiChar; const grp: PIdAnsiChar): TIdC_INT;
 
   //__owur BIGNUM *SSL_get_srp_g(s: PSSL);
@@ -1704,17 +1704,17 @@ function SSL_get_max_proto_version(s: PSSL): TIdC_LONG;
   ///*
   // * ClientHello callback and helpers.
   // */
-  procedure SSL_CTX_set_client_hello_cb(c: PSSL_CTX; cb: SSL_client_hello_cb_fn; arg: Pointer);
-  function SSL_client_hello_isv2(s: PSSL): TIdC_INT;
-  function SSL_client_hello_get0_legacy_version(s: PSSL): TIdC_UINT;
-  function SSL_client_hello_get0_random(s: PSSL; const &out: PPByte): TIdC_SIZET;
-  function SSL_client_hello_get0_session_id(s: PSSL; const &out: PPByte): TIdC_SIZET;
-  function SSL_client_hello_get0_ciphers(s: PSSL; const &out: PPByte): TIdC_SIZET;
-  function SSL_client_hello_get0_compression_methods(s: PSSL; const &out: PPByte): TIdC_SIZET;
-  function SSL_client_hello_get1_extensions_present(s: PSSL; &out: PPIdC_INT; outlen: PIdC_SIZET): TIdC_INT;
-  function SSL_client_hello_get0_ext(s: PSSL; &type: TIdC_UINT; const &out: PPByte; outlen: PIdC_SIZET): TIdC_INT;
-  procedure SSL_certs_clear(s: PSSL);
-  procedure SSL_free(ssl: PSSL);
+  procedure SSL_CTX_set_client_hello_cb(c: PSSL_CTX; cb: SSL_client_hello_cb_fn; arg: Pointer);
+  function SSL_client_hello_isv2(s: PSSL): TIdC_INT;
+  function SSL_client_hello_get0_legacy_version(s: PSSL): TIdC_UINT;
+  function SSL_client_hello_get0_random(s: PSSL; const &out: PPByte): TIdC_SIZET;
+  function SSL_client_hello_get0_session_id(s: PSSL; const &out: PPByte): TIdC_SIZET;
+  function SSL_client_hello_get0_ciphers(s: PSSL; const &out: PPByte): TIdC_SIZET;
+  function SSL_client_hello_get0_compression_methods(s: PSSL; const &out: PPByte): TIdC_SIZET;
+  function SSL_client_hello_get1_extensions_present(s: PSSL; &out: PPIdC_INT; outlen: PIdC_SIZET): TIdC_INT;
+  function SSL_client_hello_get0_ext(s: PSSL; &type: TIdC_UINT; const &out: PPByte; outlen: PIdC_SIZET): TIdC_INT;
+  procedure SSL_certs_clear(s: PSSL);
+  procedure SSL_free(ssl: PSSL);
 
   (*
    * Windows application developer has to include windows.h to use these.
@@ -1737,7 +1737,7 @@ function SSL_get_max_proto_version(s: PSSL): TIdC_LONG;
   function SSL_callback_ctrl(v1: PSSL; v2: TIdC_INT; v3: SSL_callback_ctrl_v3): TIdC_LONG;
 
   function SSL_ctrl(ssl: PSSL; cmd: TIdC_INT; larg: TIdC_LONG; parg: Pointer): TIdC_LONG;
-  function SSL_CTX_ctrl(ctx: PSSL_CTX; cmd: TIdC_INT; larg: TIdC_LONG; parg: Pointer): TIdC_LONG;
+  function SSL_CTX_ctrl(ctx: PSSL_CTX; cmd: TIdC_INT; larg: TIdC_LONG; parg: Pointer): TIdC_LONG;
   function SSL_CTX_callback_ctrl(v1: PSSL_CTX; v2: TIdC_INT; v3: SSL_CTX_callback_ctrl_v3): TIdC_LONG;
 
   function SSL_get_early_data_status(const s: PSSL): TIdC_INT;
@@ -1749,8 +1749,8 @@ function SSL_get_max_proto_version(s: PSSL): TIdC_LONG;
   function SSL_CTX_set_ssl_version(ctx: PSSL_CTX; const meth: PSSL_METHOD): TIdC_INT;
 
   ///* Negotiate highest available SSL/TLS version */
-  function TLS_method: PSSL_METHOD;
-  function TLS_server_method: PSSL_METHOD;
+  function TLS_method: PSSL_METHOD;
+  function TLS_server_method: PSSL_METHOD;
   function TLS_client_method: PSSL_METHOD;
 
   //__owur const SSL_METHOD *DTLS_method(void); /* DTLS 1.0 and 1.2 */
@@ -1766,11 +1766,11 @@ function SSL_get_max_proto_version(s: PSSL): TIdC_LONG;
   //
   //__owur TIdC_INT SSL_do_handshake(s: PSSL);
   function SSL_key_update(s: PSSL; updatetype: TIdC_INT): TIdC_INT;
-  function SSL_get_key_update_type(const s: PSSL): TIdC_INT;
-  function SSL_renegotiate(s: PSSL): TIdC_INT;
-  function SSL_renegotiate_abbreviated(s: PSSL): TIdC_INT;
-  function SSL_shutdown(s: PSSL): TIdC_INT;
-  procedure SSL_CTX_set_post_handshake_auth(ctx: PSSL_CTX; val: TIdC_INT);
+  function SSL_get_key_update_type(const s: PSSL): TIdC_INT;
+  function SSL_renegotiate(s: PSSL): TIdC_INT;
+  function SSL_renegotiate_abbreviated(s: PSSL): TIdC_INT;
+  function SSL_shutdown(s: PSSL): TIdC_INT;
+  procedure SSL_CTX_set_post_handshake_auth(ctx: PSSL_CTX; val: TIdC_INT);
   procedure SSL_set_post_handshake_auth(s: PSSL; val: TIdC_INT);
 
   function SSL_renegotiate_pending(const s: PSSL): TIdC_INT;
@@ -1800,7 +1800,7 @@ function SSL_get_max_proto_version(s: PSSL): TIdC_LONG;
   function SSL_CTX_add_client_CA(ctx: PSSL_CTX; x: PX509): TIdC_INT;
 
   procedure SSL_set_connect_state(s: PSSL);
-  procedure SSL_set_accept_state(s: PSSL);
+  procedure SSL_set_accept_state(s: PSSL);
 
   //__owur TIdC_LONG SSL_get_default_timeout(const s: PSSL);
   //
@@ -1823,19 +1823,19 @@ function SSL_get_max_proto_version(s: PSSL): TIdC_LONG;
   function SSL_CTX_get0_privatekey(const ctx: PSSL_CTX): PEVP_PKEY;
 
   procedure SSL_CTX_set_quiet_shutdown(ctx: PSSL_CTX; mode: TIdC_INT);
-  function SSL_CTX_get_quiet_shutdown(const ctx: PSSL_CTX): TIdC_INT;
-  procedure SSL_set_quiet_shutdown(ssl: PSSL; mode: TIdC_INT);
-  function SSL_get_quiet_shutdown(const ssl: PSSL): TIdC_INT;
-  procedure SSL_set_shutdown(ssl: PSSL; mode: TIdC_INT);
-  function SSL_get_shutdown(const ssl: PSSL): TIdC_INT;
-  function SSL_version(const ssl: PSSL): TIdC_INT;
-  function SSL_client_version(const s: PSSL): TIdC_INT;
-  function SSL_CTX_set_default_verify_paths(ctx: PSSL_CTX): TIdC_INT;
-  function SSL_CTX_set_default_verify_dir(ctx: PSSL_CTX): TIdC_INT;
-  function SSL_CTX_set_default_verify_file(ctx: PSSL_CTX): TIdC_INT;
-  function SSL_CTX_load_verify_locations(ctx: PSSL_CTX; const CAfile: PIdAnsiChar; const CApath: PIdAnsiChar): TIdC_INT;
+  function SSL_CTX_get_quiet_shutdown(const ctx: PSSL_CTX): TIdC_INT;
+  procedure SSL_set_quiet_shutdown(ssl: PSSL; mode: TIdC_INT);
+  function SSL_get_quiet_shutdown(const ssl: PSSL): TIdC_INT;
+  procedure SSL_set_shutdown(ssl: PSSL; mode: TIdC_INT);
+  function SSL_get_shutdown(const ssl: PSSL): TIdC_INT;
+  function SSL_version(const ssl: PSSL): TIdC_INT;
+  function SSL_client_version(const s: PSSL): TIdC_INT;
+  function SSL_CTX_set_default_verify_paths(ctx: PSSL_CTX): TIdC_INT;
+  function SSL_CTX_set_default_verify_dir(ctx: PSSL_CTX): TIdC_INT;
+  function SSL_CTX_set_default_verify_file(ctx: PSSL_CTX): TIdC_INT;
+  function SSL_CTX_load_verify_locations(ctx: PSSL_CTX; const CAfile: PIdAnsiChar; const CApath: PIdAnsiChar): TIdC_INT;
   //# define SSL_get0_session SSL_get_session/* just peek at pointer */
-  function SSL_get_session(const ssl: PSSL): PSSL_SESSION;
+  function SSL_get_session(const ssl: PSSL): PSSL_SESSION;
   (* obtain a reference count *)
   function SSL_get1_session(ssl: PSSL): PSSL_SESSION;
   function SSL_get_SSL_CTX(const ssl: PSSL): PSSL_CTX;
@@ -1901,7 +1901,7 @@ function SSL_get_max_proto_version(s: PSSL): TIdC_LONG;
   procedure SSL_set_default_read_buffer_len(s: PSSL; len: TIdC_SIZET);
 
   procedure SSL_CTX_set_tmp_dh_callback(ctx: PSSL_CTX; dh: SSL_CTX_set_tmp_dh_callback_dh);
-  procedure SSL_set_tmp_dh_callback(ssl: PSSL; dh: SSL_set_tmp_dh_callback_dh);
+  procedure SSL_set_tmp_dh_callback(ssl: PSSL; dh: SSL_set_tmp_dh_callback_dh);
 
   //__owur const COMP_METHOD *SSL_get_current_compression(const s: PSSL);
   //__owur const COMP_METHOD *SSL_get_current_expansion(const s: PSSL);
@@ -1934,21 +1934,21 @@ function SSL_get_max_proto_version(s: PSSL): TIdC_LONG;
   //                                     void *arg);
 
   procedure SSL_CTX_set_not_resumable_session_callback(ctx: PSSL_CTX; cb: SSL_CTX_set_not_resumable_session_callback_cb);
-  procedure SSL_set_not_resumable_session_callback(ssl: PSSL; cb: SSL_set_not_resumable_session_callback_cb);
-  procedure SSL_CTX_set_record_padding_callback(ctx: PSSL_CTX; cb: SSL_CTX_set_record_padding_callback_cb);
+  procedure SSL_set_not_resumable_session_callback(ssl: PSSL; cb: SSL_set_not_resumable_session_callback_cb);
+  procedure SSL_CTX_set_record_padding_callback(ctx: PSSL_CTX; cb: SSL_CTX_set_record_padding_callback_cb);
 
   procedure SSL_CTX_set_record_padding_callback_arg(ctx: PSSL_CTX; arg: Pointer);
-  function SSL_CTX_get_record_padding_callback_arg(const ctx: PSSL_CTX): Pointer;
-  function SSL_CTX_set_block_padding(ctx: PSSL_CTX; block_size: TIdC_SIZET): TIdC_INT;
+  function SSL_CTX_get_record_padding_callback_arg(const ctx: PSSL_CTX): Pointer;
+  function SSL_CTX_set_block_padding(ctx: PSSL_CTX; block_size: TIdC_SIZET): TIdC_INT;
 
   procedure SSL_set_record_padding_callback(ssl: PSSL; cb: SSL_set_record_padding_callback_cb);
 
   procedure SSL_set_record_padding_callback_arg(ssl: PSSL; arg: Pointer);
-  function SSL_get_record_padding_callback_arg(const ssl: PSSL): Pointer;
-  function SSL_set_block_padding(ssl: PSSL; block_size: TIdC_SIZET): TIdC_INT;
-  function SSL_set_num_tickets(s: PSSL; num_tickets: TIdC_SIZET): TIdC_INT;
-  function SSL_get_num_tickets(const s: PSSL): TIdC_SIZET;
-  function SSL_CTX_set_num_tickets(ctx: PSSL_CTX; num_tickets: TIdC_SIZET): TIdC_INT;
+  function SSL_get_record_padding_callback_arg(const ssl: PSSL): Pointer;
+  function SSL_set_block_padding(ssl: PSSL; block_size: TIdC_SIZET): TIdC_INT;
+  function SSL_set_num_tickets(s: PSSL; num_tickets: TIdC_SIZET): TIdC_INT;
+  function SSL_get_num_tickets(const s: PSSL): TIdC_SIZET;
+  function SSL_CTX_set_num_tickets(ctx: PSSL_CTX; num_tickets: TIdC_SIZET): TIdC_INT;
   function SSL_CTX_get_num_tickets(const ctx: PSSL_CTX): TIdC_SIZET;
 
   //# if OPENSSL_API_COMPAT < 0x10100000L
@@ -1960,7 +1960,7 @@ function SSL_get_max_proto_version(s: PSSL): TIdC_LONG;
 
   function SSL_CONF_CTX_new: PSSL_CONF_CTX;
   function SSL_CONF_CTX_finish(cctx: PSSL_CONF_CTX): TIdC_INT;
-  procedure SSL_CONF_CTX_free(cctx: PSSL_CONF_CTX);
+  procedure SSL_CONF_CTX_free(cctx: PSSL_CONF_CTX);
   function SSL_CONF_CTX_set_flags(cctx: PSSL_CONF_CTX; flags: TIdC_UINT): TIdC_UINT;
   function SSL_CONF_CTX_clear_flags(cctx: PSSL_CONF_CTX; flags: TIdC_UINT): TIdC_UINT;
   function SSL_CONF_CTX_set1_prefix(cctx: PSSL_CONF_CTX; const pre: PIdAnsiChar): TIdC_INT;
@@ -1969,9 +1969,9 @@ function SSL_get_max_proto_version(s: PSSL): TIdC_LONG;
   function SSL_CONF_cmd_value_type(cctx: PSSL_CONF_CTX; const cmd: PIdAnsiChar): TIdC_INT;
 
   procedure SSL_CONF_CTX_set_ssl(cctx: PSSL_CONF_CTX; ssl: PSSL);
-  procedure SSL_CONF_CTX_set_ssl_ctx(cctx: PSSL_CONF_CTX; ctx: PSSL_CTX);
-  procedure SSL_add_ssl_module;
-  function SSL_config(s: PSSL; const name: PIdAnsiChar): TIdC_INT;
+  procedure SSL_CONF_CTX_set_ssl_ctx(cctx: PSSL_CONF_CTX; ctx: PSSL_CTX);
+  procedure SSL_add_ssl_module;
+  function SSL_config(s: PSSL; const name: PIdAnsiChar): TIdC_INT;
   function SSL_CTX_config(ctx: PSSL_CTX; const name: PIdAnsiChar): TIdC_INT;
 
   procedure SSL_trace(write_p: TIdC_INT; version: TIdC_INT; content_type: TIdC_INT; const buf: Pointer; len: TIdC_SIZET; ssl: PSSL; arg: Pointer);
@@ -2002,7 +2002,7 @@ function SSL_get_max_proto_version(s: PSSL): TIdC_LONG;
   // *       will be requested.
   // */
   //function SSL_set_ct_validation_callback(s: PSSL; callback: ssl_ct_validation_cb; arg: Pointer): TIdC_INT;
-  //function SSL_CTX_set_ct_validation_callback(ctx: PSSL_CTX; callback: ssl_ct_validation_cb; arg: Pointer): TIdC_INT;
+  //function SSL_CTX_set_ct_validation_callback(ctx: PSSL_CTX; callback: ssl_ct_validation_cb; arg: Pointer): TIdC_INT;
 
   //#define SSL_disable_ct(s) \
   //        ((void) SSL_set_validation_callback((s), NULL, NULL))
@@ -2030,13 +2030,13 @@ function SSL_get_max_proto_version(s: PSSL): TIdC_LONG;
   // * Report whether a non-NULL callback is enabled.
   // */
   function SSL_ct_is_enabled(const s: PSSL): TIdC_INT;
-  function SSL_CTX_ct_is_enabled(const ctx: PSSL_CTX): TIdC_INT;
+  function SSL_CTX_ct_is_enabled(const ctx: PSSL_CTX): TIdC_INT;
 
   ///* Gets the SCTs received from a connection */
   //const STACK_OF(SCT) *SSL_get0_peer_scts(s: PSSL);
 
   function SSL_CTX_set_default_ctlog_list_file(ctx: PSSL_CTX): TIdC_INT;
-  function SSL_CTX_set_ctlog_list_file(ctx: PSSL_CTX; const path: PIdAnsiChar): TIdC_INT;
+  function SSL_CTX_set_ctlog_list_file(ctx: PSSL_CTX; const path: PIdAnsiChar): TIdC_INT;
   procedure SSL_CTX_set0_ctlog_store(ctx: PSSL_CTX; logs: PCTLOG_STORE);
 
   // const CTLOG_STORE *SSL_CTX_get0_ctlog_store(const ctx: PSSL_CTX);
@@ -2049,7 +2049,7 @@ function SSL_get_max_proto_version(s: PSSL): TIdC_LONG;
   procedure SSL_set_security_callback(s: PSSL; cb: SSL_security_callback);
   function SSL_get_security_callback(const s: PSSL): SSL_security_callback;
   procedure SSL_set0_security_ex_data(s: PSSL; ex: Pointer);
-  function SSL_get0_security_ex_data(const s: PSSL): Pointer;
+  function SSL_get0_security_ex_data(const s: PSSL): Pointer;
   procedure SSL_CTX_set_security_level(ctx: PSSL_CTX; level: TIdC_INT);
   function SSL_CTX_get_security_level(const ctx: PSSL_CTX): TIdC_INT;
   //void SSL_CTX_set_security_callback(ctx: PSSL_CTX,
@@ -2083,179 +2083,179 @@ function SSL_get_max_proto_version(s: PSSL): TIdC_LONG;
 
   //extern const PIdAnsiChar SSL_version_str[];
 
-  procedure DTLS_set_timer_cb(s: PSSL; cb: DTLS_timer_cb);
-  procedure SSL_CTX_set_allow_early_data_cb(ctx: PSSL_CTX; cb: SSL_allow_early_data_cb_fN; arg: Pointer);
+  procedure DTLS_set_timer_cb(s: PSSL; cb: DTLS_timer_cb);
+  procedure SSL_CTX_set_allow_early_data_cb(ctx: PSSL_CTX; cb: SSL_allow_early_data_cb_fN; arg: Pointer);
   procedure SSL_set_allow_early_data_cb(s: PSSL; cb: SSL_allow_early_data_cb_fN; arg: Pointer);
 
 implementation
-
+
 
{$REGION 'C compiler macros'}
 
//# define SSL_CTX_set_mode(ctx,op)      SSL_CTX_ctrl((ctx),SSL_CTRL_MODE,(op),NULL)
 function SSL_CTX_set_mode(ctx: PSSL_CTX; op: TIdC_LONG): TIdC_LONG;
 
begin
-
  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_MODE, op, nil);
+
  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_MODE, op, nil);
 end;
-
+
 
//# define SSL_CTX_clear_mode(ctx,op)   SSL_CTX_ctrl((ctx),SSL_CTRL_CLEAR_MODE,(op),NULL)
 function SSL_CTX_clear_mode(ctx: PSSL_CTX; op: TIdC_LONG): TIdC_LONG;
 begin
-  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_CLEAR_MODE, op, nil);
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_CLEAR_MODE, op, nil);
 end;
 
 //# define SSL_CTX_sess_set_cache_size(ctx,t)         SSL_CTX_ctrl(ctx,SSL_CTRL_SET_SESS_CACHE_SIZE,t,NULL)
 function SSL_CTX_sess_set_cache_size(ctx: PSSL_CTX; t: TIdC_LONG): TIdC_LONG;
 begin
-  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_SET_SESS_CACHE_SIZE, t, nil);
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_SET_SESS_CACHE_SIZE, t, nil);
 end;
 
 //# define SSL_CTX_sess_get_cache_size(ctx)           SSL_CTX_ctrl(ctx,SSL_CTRL_GET_SESS_CACHE_SIZE,0,NULL)
 function SSL_CTX_sess_get_cache_size(ctx: PSSL_CTX): TIdC_LONG;
 begin
-  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_GET_SESS_CACHE_SIZE, 0, nil);
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_GET_SESS_CACHE_SIZE, 0, nil);
 end;
 
 //# define SSL_CTX_set_session_cache_mode(ctx,m)      SSL_CTX_ctrl(ctx,SSL_CTRL_SET_SESS_CACHE_MODE,m,NULL)
 function SSL_CTX_set_session_cache_mode(ctx: PSSL_CTX; m: TIdC_LONG): TIdC_LONG;
 begin
-  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_SET_SESS_CACHE_MODE, m, nil);
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_SET_SESS_CACHE_MODE, m, nil);
 end;
 
 //# define SSL_CTX_get_session_cache_mode(ctx)        SSL_CTX_ctrl(ctx,SSL_CTRL_GET_SESS_CACHE_MODE,0,NULL)
 function SSL_CTX_get_session_cache_mode(ctx: PSSL_CTX): TIdC_LONG;
 begin
-  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_GET_SESS_CACHE_MODE, 0, nil);
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_GET_SESS_CACHE_MODE, 0, nil);
 end;
 
 //# define SSL_num_renegotiations(ssl)                       SSL_ctrl((ssl),SSL_CTRL_GET_NUM_RENEGOTIATIONS,0,NULL)
 function SSL_num_renegotiations(ssl: PSSL): TIdC_LONG;
 begin
-  Result := SSL_ctrl(ssl, SSL_CTRL_GET_NUM_RENEGOTIATIONS, 0, nil);
+  Result := SSL_ctrl(ssl, SSL_CTRL_GET_NUM_RENEGOTIATIONS, 0, nil);
 end;
 
 //# define SSL_clear_num_renegotiations(ssl)                 SSL_ctrl((ssl),SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS,0,NULL)
 function SSL_clear_num_renegotiations(ssl: PSSL): TIdC_LONG;
 begin
-  Result := SSL_ctrl(ssl, SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS, 0, nil);
+  Result := SSL_ctrl(ssl, SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS, 0, nil);
 end;
 
 //# define SSL_total_renegotiations(ssl)                     SSL_ctrl((ssl),SSL_CTRL_GET_TOTAL_RENEGOTIATIONS,0,NULL)
 function SSL_total_renegotiations(ssl: PSSL): TIdC_LONG;
 begin
-  Result := SSL_ctrl(ssl, SSL_CTRL_GET_TOTAL_RENEGOTIATIONS, 0, nil);
+  Result := SSL_ctrl(ssl, SSL_CTRL_GET_TOTAL_RENEGOTIATIONS, 0, nil);
 end;
 
 //# define SSL_CTX_set_tmp_dh(ctx,dh)                        SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_DH,0,(char *)(dh))
 function SSL_CTX_set_tmp_dh(ctx: PSSL_CTX; dh: PByte): TIdC_LONG;
 begin
-  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_SET_TMP_DH, 0, dh);
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_SET_TMP_DH, 0, dh);
 end;
 
 //# define SSL_CTX_set_tmp_ecdh(ctx,ecdh)                    SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_ECDH,0,(char *)(ecdh))
 function SSL_CTX_set_tmp_ecdh(ctx: PSSL_CTX; ecdh: PByte): TIdC_LONG;
 begin
-  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_SET_TMP_ECDH, 0, ecdh);
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_SET_TMP_ECDH, 0, ecdh);
 end;
 
 //# define SSL_CTX_set_dh_auto(ctx, onoff)                   SSL_CTX_ctrl(ctx,SSL_CTRL_SET_DH_AUTO,onoff,NULL)
 function SSL_CTX_set_dh_auto(ctx: PSSL_CTX; onoff: TIdC_LONG): TIdC_LONG;
 begin
-  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_SET_DH_AUTO, onoff, nil);
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_SET_DH_AUTO, onoff, nil);
 end;
 
 //# define SSL_set_dh_auto(s, onoff)                         SSL_ctrl(s,SSL_CTRL_SET_DH_AUTO,onoff,NULL)
 function SSL_set_dh_auto(s: PSSL; onoff: TIdC_LONG): TIdC_LONG;
 begin
-  Result := SSL_ctrl(s, SSL_CTRL_SET_DH_AUTO, onoff, nil);
+  Result := SSL_ctrl(s, SSL_CTRL_SET_DH_AUTO, onoff, nil);
 end;
 
 //# define SSL_set_tmp_dh(ssl,dh)                            SSL_ctrl(ssl,SSL_CTRL_SET_TMP_DH,0,(char *)(dh))
 function SSL_set_tmp_dh(ssl: PSSL; dh: PByte): TIdC_LONG;
 begin
-  Result := SSL_ctrl(ssl, SSL_CTRL_SET_TMP_DH, 0, dh);
+  Result := SSL_ctrl(ssl, SSL_CTRL_SET_TMP_DH, 0, dh);
 end;
 
 //# define SSL_set_tmp_ecdh(ssl,ecdh)                        SSL_ctrl(ssl,SSL_CTRL_SET_TMP_ECDH,0,(char *)(ecdh))
 function SSL_set_tmp_ecdh(ssl: PSSL; ecdh: PByte): TIdC_LONG;
 begin
-  Result := SSL_ctrl(ssl, SSL_CTRL_SET_TMP_ECDH, 0, ecdh);
+  Result := SSL_ctrl(ssl, SSL_CTRL_SET_TMP_ECDH, 0, ecdh);
 end;
 
 //# define SSL_CTX_add_extra_chain_cert(ctx,x509)            SSL_CTX_ctrl(ctx,SSL_CTRL_EXTRA_CHAIN_CERT,0,(char *)(x509))
 function SSL_CTX_add_extra_chain_cert(ctx: PSSL_CTX; x509: PByte): TIdC_LONG;
 begin
-  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_EXTRA_CHAIN_CERT, 0, x509);
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_EXTRA_CHAIN_CERT, 0, x509);
 end;
 
 //# define SSL_CTX_get_extra_chain_certs(ctx,px509)          SSL_CTX_ctrl(ctx,SSL_CTRL_GET_EXTRA_CHAIN_CERTS,0,px509)
 function SSL_CTX_get_extra_chain_certs(ctx: PSSL_CTX; px509: Pointer): TIdC_LONG;
 begin
-  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_GET_EXTRA_CHAIN_CERTS, 0, px509);
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_GET_EXTRA_CHAIN_CERTS, 0, px509);
 end;
 
 //# define SSL_CTX_get_extra_chain_certs_only(ctx,px509)     SSL_CTX_ctrl(ctx,SSL_CTRL_GET_EXTRA_CHAIN_CERTS,1,px509)
 function SSL_CTX_get_extra_chain_certs_only(ctx: PSSL_CTX; px509: Pointer): TIdC_LONG;
 begin
-  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_GET_EXTRA_CHAIN_CERTS, 1, px509);
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_GET_EXTRA_CHAIN_CERTS, 1, px509);
 end;
 
 //# define SSL_CTX_clear_extra_chain_certs(ctx)              SSL_CTX_ctrl(ctx,SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS,0,NULL)
 function SSL_CTX_clear_extra_chain_certs(ctx: PSSL_CTX): TIdC_LONG;
 begin
-  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS, 0, nil);
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS, 0, nil);
 end;
 
 //# define SSL_CTX_set0_chain(ctx,sk)                        SSL_CTX_ctrl(ctx,SSL_CTRL_CHAIN,0,(char *)(sk))
 function SSL_CTX_set0_chain(ctx: PSSL_CTX; sk: PByte): TIdC_LONG;
 begin
-  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_CHAIN, 0, sk);
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_CHAIN, 0, sk);
 end;
 
 //# define SSL_CTX_set1_chain(ctx,sk)                        SSL_CTX_ctrl(ctx,SSL_CTRL_CHAIN,1,(char *)(sk))
 function SSL_CTX_set1_chain(ctx: PSSL_CTX; sk: PByte): TIdC_LONG;
 begin
-  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_CHAIN, 1, sk);
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_CHAIN, 1, sk);
 end;
 
 //# define SSL_CTX_add0_chain_cert(ctx,x509)                 SSL_CTX_ctrl(ctx,SSL_CTRL_CHAIN_CERT,0,(char *)(x509))
 function SSL_CTX_add0_chain_cert(ctx: PSSL_CTX; x509: PByte): TIdC_LONG;
 begin
-  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_CHAIN_CERT, 0, x509);
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_CHAIN_CERT, 0, x509);
 end;
 
 //# define SSL_CTX_add1_chain_cert(ctx,x509)                 SSL_CTX_ctrl(ctx,SSL_CTRL_CHAIN_CERT,1,(char *)(x509))
 function SSL_CTX_add1_chain_cert(ctx: PSSL_CTX; x509: PByte): TIdC_LONG;
 begin
-  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_CHAIN_CERT, 1, x509);
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_CHAIN_CERT, 1, x509);
 end;
 
 //# define SSL_CTX_get0_chain_certs(ctx,px509)               SSL_CTX_ctrl(ctx,SSL_CTRL_GET_CHAIN_CERTS,0,px509)
 function SSL_CTX_get0_chain_certs(ctx: PSSL_CTX; px509: Pointer): TIdC_LONG;
 begin
-  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_GET_CHAIN_CERTS, 0, px509);
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_GET_CHAIN_CERTS, 0, px509);
 end;
 
 //# define SSL_CTX_clear_chain_certs(ctx)                    SSL_CTX_set0_chain(ctx,NULL)
 function SSL_CTX_clear_chain_certs(ctx: PSSL_CTX): TIdC_LONG;
 begin
-  Result := SSL_CTX_set0_chain(ctx, nil);
+  Result := SSL_CTX_set0_chain(ctx, nil);
 end;
 
 //# define SSL_CTX_build_cert_chain(ctx, flags)              SSL_CTX_ctrl(ctx,SSL_CTRL_BUILD_CERT_CHAIN, flags, NULL)
 function SSL_CTX_build_cert_chain(ctx: PSSL_CTX; flags: TIdC_LONG): TIdC_LONG;
 begin
-  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_BUILD_CERT_CHAIN, flags, nil);
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_BUILD_CERT_CHAIN, flags, nil);
 end;
 
 //# define SSL_CTX_select_current_cert(ctx,x509)             SSL_CTX_ctrl(ctx,SSL_CTRL_SELECT_CURRENT_CERT,0,(char *)(x509))
 function SSL_CTX_select_current_cert(ctx: PSSL_CTX; x509: PByte): TIdC_LONG;
 begin
-  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_SELECT_CURRENT_CERT, 0, x509);
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_SELECT_CURRENT_CERT, 0, x509);
 end;
 
 //# define SSL_CTX_set_current_cert(ctx, op)                 SSL_CTX_ctrl(ctx,SSL_CTRL_SET_CURRENT_CERT, op, NULL)
 function SSL_CTX_set_current_cert(ctx: PSSL_CTX; op: TIdC_LONG): TIdC_LONG;
 begin
-  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_SET_CURRENT_CERT, op, nil);
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_SET_CURRENT_CERT, op, nil);
 end;
 
 //# define SSL_CTX_set0_verify_cert_store(ctx,st)            SSL_CTX_ctrl(ctx,SSL_CTRL_SET_VERIFY_CERT_STORE,0,(char *)(st))
@@ -2267,79 +2267,79 @@ function SSL_CTX_set0_verify_cert_store(ctx: PSSL_CTX; st: Pointer): TIdC_LONG;
 //# define SSL_CTX_set1_verify_cert_store(ctx,st)            SSL_CTX_ctrl(ctx,SSL_CTRL_SET_VERIFY_CERT_STORE,1,(char *)(st))
 function SSL_CTX_set1_verify_cert_store(ctx: PSSL_CTX; st: Pointer): TIdC_LONG;
 begin
-  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_SET_VERIFY_CERT_STORE, 1, st);
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_SET_VERIFY_CERT_STORE, 1, st);
 end;
 
 //# define SSL_CTX_set0_chain_cert_store(ctx,st)             SSL_CTX_ctrl(ctx,SSL_CTRL_SET_CHAIN_CERT_STORE,0,(char *)(st))
 function SSL_CTX_set0_chain_cert_store(ctx: PSSL_CTX; st: Pointer): TIdC_LONG;
 begin
-  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_SET_CHAIN_CERT_STORE, 0, st);
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_SET_CHAIN_CERT_STORE, 0, st);
 end;
 
 //# define SSL_CTX_set1_chain_cert_store(ctx,st)             SSL_CTX_ctrl(ctx,SSL_CTRL_SET_CHAIN_CERT_STORE,1,(char *)(st))
 function SSL_CTX_set1_chain_cert_store(ctx: PSSL_CTX; st: Pointer): TIdC_LONG;
 begin
-  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_SET_CHAIN_CERT_STORE, 1, st);
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_SET_CHAIN_CERT_STORE, 1, st);
 end;
 
 //# define SSL_set0_chain(s,sk)                              SSL_ctrl(s,SSL_CTRL_CHAIN,0,(char *)(sk))
 function SSL_set0_chain(s: PSSL; sk: PByte): TIdC_LONG;
 begin
-  Result := SSL_ctrl(s, SSL_CTRL_CHAIN, 0, sk);
+  Result := SSL_ctrl(s, SSL_CTRL_CHAIN, 0, sk);
 end;
 
 //# define SSL_set1_chain(s,sk)                              SSL_ctrl(s,SSL_CTRL_CHAIN,1,(char *)(sk))
 function SSL_set1_chain(s: PSSL; sk: PByte): TIdC_LONG;
 begin
-  Result := SSL_ctrl(s, SSL_CTRL_CHAIN, 1, sk);
+  Result := SSL_ctrl(s, SSL_CTRL_CHAIN, 1, sk);
 end;
 
 //# define SSL_add0_chain_cert(s,x509)                       SSL_ctrl(s,SSL_CTRL_CHAIN_CERT,0,(char *)(x509))
 function SSL_add0_chain_cert(s: PSSL; x509: PByte): TIdC_LONG;
 begin
-  Result := SSL_ctrl(s, SSL_CTRL_CHAIN_CERT, 0, x509);
+  Result := SSL_ctrl(s, SSL_CTRL_CHAIN_CERT, 0, x509);
 end;
 
 //# define SSL_add1_chain_cert(s,x509)                       SSL_ctrl(s,SSL_CTRL_CHAIN_CERT,1,(char *)(x509))
 function SSL_add1_chain_cert(s: PSSL; x509: PByte): TIdC_LONG;
 begin
-  Result := SSL_ctrl(s, SSL_CTRL_CHAIN_CERT, 1, x509);
+  Result := SSL_ctrl(s, SSL_CTRL_CHAIN_CERT, 1, x509);
 end;
 
 //# define SSL_get0_chain_certs(s,px509)                     SSL_ctrl(s,SSL_CTRL_GET_CHAIN_CERTS,0,px509)
 function SSL_get0_chain_certs(s: PSSL; px509: Pointer): TIdC_LONG;
 begin
-  Result := SSL_ctrl(s, SSL_CTRL_GET_CHAIN_CERTS, 0, px509);
+  Result := SSL_ctrl(s, SSL_CTRL_GET_CHAIN_CERTS, 0, px509);
 end;
 
 //# define SSL_clear_chain_certs(s)                          SSL_set0_chain(s,NULL)
 function SSL_clear_chain_certs(s: PSSL): TIdC_LONG;
 begin
-  Result := SSL_set0_chain(s, nil);
+  Result := SSL_set0_chain(s, nil);
 end;
 
 //# define SSL_build_cert_chain(s, flags)                    SSL_ctrl(s,SSL_CTRL_BUILD_CERT_CHAIN, flags, NULL)
 function SSL_build_cert_chain(s: PSSL; flags: TIdC_LONG): TIdC_LONG;
 begin
-  Result := SSL_ctrl(s, SSL_CTRL_BUILD_CERT_CHAIN, flags, nil);
+  Result := SSL_ctrl(s, SSL_CTRL_BUILD_CERT_CHAIN, flags, nil);
 end;
 
 //# define SSL_select_current_cert(s,x509)                   SSL_ctrl(s,SSL_CTRL_SELECT_CURRENT_CERT,0,(char *)(x509))
 function SSL_select_current_cert(s: PSSL; x509: PByte): TIdC_LONG;
 begin
-  Result := SSL_ctrl(s, SSL_CTRL_SELECT_CURRENT_CERT, 0, x509);
+  Result := SSL_ctrl(s, SSL_CTRL_SELECT_CURRENT_CERT, 0, x509);
 end;
 
 //# define SSL_set_current_cert(s,op)                        SSL_ctrl(s,SSL_CTRL_SET_CURRENT_CERT, op, NULL)
 function SSL_set_current_cert(s: PSSL; op: TIdC_LONG): TIdC_LONG;
 begin
-  Result := SSL_ctrl(s, SSL_CTRL_SET_CURRENT_CERT, op, nil);
+  Result := SSL_ctrl(s, SSL_CTRL_SET_CURRENT_CERT, op, nil);
 end;
 
 //# define SSL_set0_verify_cert_store(s,st)                  SSL_ctrl(s,SSL_CTRL_SET_VERIFY_CERT_STORE,0,(char *)(st))
 function SSL_set0_verify_cert_store(s: PSSL; st: PByte): TIdC_LONG;
 begin
-  Result := SSL_ctrl(s, SSL_CTRL_SET_VERIFY_CERT_STORE, 0, st);
+  Result := SSL_ctrl(s, SSL_CTRL_SET_VERIFY_CERT_STORE, 0, st);
 end;
 
 //# define SSL_set1_verify_cert_store(s,st)                  SSL_ctrl(s,SSL_CTRL_SET_VERIFY_CERT_STORE,1,(char *)(st))
@@ -2351,200 +2351,200 @@ function SSL_set1_verify_cert_store(s: PSSL; st: PByte): TIdC_LONG;
 //# define SSL_set0_chain_cert_store(s,st)                   SSL_ctrl(s,SSL_CTRL_SET_CHAIN_CERT_STORE,0,(char *)(st))
 function SSL_set0_chain_cert_store(s: PSSL; st: PByte): TIdC_LONG;
 begin
-  Result := SSL_ctrl(s, SSL_CTRL_SET_CHAIN_CERT_STORE, 0, st);
+  Result := SSL_ctrl(s, SSL_CTRL_SET_CHAIN_CERT_STORE, 0, st);
 end;
 
 //# define SSL_set1_chain_cert_store(s,st)                   SSL_ctrl(s,SSL_CTRL_SET_CHAIN_CERT_STORE,1,(char *)(st))
 function SSL_set1_chain_cert_store(s: PSSL; st: PByte): TIdC_LONG;
 begin
-  Result := SSL_ctrl(s, SSL_CTRL_SET_CHAIN_CERT_STORE, 1, st);
+  Result := SSL_ctrl(s, SSL_CTRL_SET_CHAIN_CERT_STORE, 1, st);
 end;
 
 //# define SSL_get1_groups(s, glist)                         SSL_ctrl(s,SSL_CTRL_GET_GROUPS,0,(TIdC_INT*)(glist))
 function SSL_get1_groups(s: PSSL; glist: PIdC_INT): TIdC_LONG;
 begin
-  Result := SSL_ctrl(s, SSL_CTRL_GET_GROUPS, 0, glist);
+  Result := SSL_ctrl(s, SSL_CTRL_GET_GROUPS, 0, glist);
 end;
 
 //# define SSL_CTX_set1_groups(ctx, glist, glistlen)         SSL_CTX_ctrl(ctx,SSL_CTRL_SET_GROUPS,glistlen,(char *)(glist))
 function SSL_CTX_set1_groups(ctx: PSSL_CTX; glist: PByte; glistlen: TIdC_LONG): TIdC_LONG;
 begin
-  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_SET_GROUPS, glistlen, glist);
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_SET_GROUPS, glistlen, glist);
 end;
 
 //# define SSL_CTX_set1_groups_list(ctx, s)                  SSL_CTX_ctrl(ctx,SSL_CTRL_SET_GROUPS_LIST,0,(char *)(s))
 function SSL_CTX_set1_groups_list(ctx: PSSL_CTX; s: PByte): TIdC_LONG;
 begin
-  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_SET_GROUPS_LIST, 0, s);
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_SET_GROUPS_LIST, 0, s);
 end;
 
 //# define SSL_set1_groups(s, glist, glistlen)               SSL_ctrl(s,SSL_CTRL_SET_GROUPS,glistlen,(char *)(glist))
 function SSL_set1_groups(s: PSSL; glist: PByte; glistlen: TIdC_LONG): TIdC_LONG;
 begin
-  Result := SSL_ctrl(s, SSL_CTRL_SET_GROUPS, glistlen, glist);
+  Result := SSL_ctrl(s, SSL_CTRL_SET_GROUPS, glistlen, glist);
 end;
 
 //# define SSL_set1_groups_list(s, str)                      SSL_ctrl(s,SSL_CTRL_SET_GROUPS_LIST,0,(char *)(str))
 function SSL_set1_groups_list(s: PSSL; str: PByte): TIdC_LONG;
 begin
-  Result := SSL_ctrl(s, SSL_CTRL_SET_GROUPS_LIST, 0, str);
+  Result := SSL_ctrl(s, SSL_CTRL_SET_GROUPS_LIST, 0, str);
 end;
 
 //# define SSL_get_shared_group(s, n)                        SSL_ctrl(s,SSL_CTRL_GET_SHARED_GROUP,n,NULL)
 function SSL_get_shared_group(s: PSSL; n: TIdC_LONG): TIdC_LONG;
 begin
-  Result := SSL_ctrl(s, SSL_CTRL_GET_SHARED_GROUP, n, nil);
+  Result := SSL_ctrl(s, SSL_CTRL_GET_SHARED_GROUP, n, nil);
 end;
 
 //# define SSL_CTX_set1_sigalgs(ctx, slist, slistlen)        SSL_CTX_ctrl(ctx,SSL_CTRL_SET_SIGALGS,slistlen,(TIdC_INT *)(slist))
 function SSL_CTX_set1_sigalgs(ctx: PSSL_CTX; slist: PIdC_INT; slistlen: TIdC_LONG): TIdC_LONG;
 begin
-  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_SET_SIGALGS, slistlen, slist);
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_SET_SIGALGS, slistlen, slist);
 end;
 
 //# define SSL_CTX_set1_sigalgs_list(ctx, s)                 SSL_CTX_ctrl(ctx,SSL_CTRL_SET_SIGALGS_LIST,0,(char *)(s))
 function SSL_CTX_set1_sigalgs_list(ctx: PSSL_CTX; s: PByte): TIdC_LONG;
 begin
-  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_SET_SIGALGS_LIST, 0, s);
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_SET_SIGALGS_LIST, 0, s);
 end;
 
 //# define SSL_set1_sigalgs(s, slist, slistlen)              SSL_ctrl(s,SSL_CTRL_SET_SIGALGS,slistlen,(TIdC_INT *)(slist))
 function SSL_set1_sigalgs(s: PSSL; slist: PIdC_INT; slistlen: TIdC_LONG): TIdC_LONG;
 begin
-  Result := SSL_ctrl(s, SSL_CTRL_SET_SIGALGS, slistlen, slist);
+  Result := SSL_ctrl(s, SSL_CTRL_SET_SIGALGS, slistlen, slist);
 end;
 
 //# define SSL_set1_sigalgs_list(s, str)                     SSL_ctrl(s,SSL_CTRL_SET_SIGALGS_LIST,0,(char *)(str))
 function SSL_set1_sigalgs_list(s: PSSL; str: PByte): TIdC_LONG;
 begin
-  Result := SSL_ctrl(s, SSL_CTRL_SET_SIGALGS_LIST, 0, str);
+  Result := SSL_ctrl(s, SSL_CTRL_SET_SIGALGS_LIST, 0, str);
 end;
 
 //# define SSL_CTX_set1_client_sigalgs(ctx, slist, slistlen) SSL_CTX_ctrl(ctx,SSL_CTRL_SET_CLIENT_SIGALGS,slistlen,(TIdC_INT *)(slist))
 function SSL_CTX_set1_client_sigalgs(ctx: PSSL_CTX; slist: PIdC_INT; slistlen: TIdC_LONG): TIdC_LONG;
 begin
-  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_SET_CLIENT_SIGALGS, slistlen, slist);
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_SET_CLIENT_SIGALGS, slistlen, slist);
 end;
 
 //# define SSL_CTX_set1_client_sigalgs_list(ctx, s)          SSL_CTX_ctrl(ctx,SSL_CTRL_SET_CLIENT_SIGALGS_LIST,0,(char *)(s))
 function SSL_CTX_set1_client_sigalgs_list(ctx: PSSL_CTX; s: PByte): TIdC_LONG;
 begin
-  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_SET_CLIENT_SIGALGS_LIST, 0, s);
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_SET_CLIENT_SIGALGS_LIST, 0, s);
 end;
 
 //# define SSL_set1_client_sigalgs(s, slist, slistlen)       SSL_ctrl(s,SSL_CTRL_SET_CLIENT_SIGALGS,slistlen,(TIdC_INT *)(slist))
 function SSL_set1_client_sigalgs(s: PSSL; slist: PIdC_INT; slistlen: TIdC_LONG): TIdC_LONG;
 begin
-  Result := SSL_ctrl(s, SSL_CTRL_SET_CLIENT_SIGALGS, slistlen, slist);
+  Result := SSL_ctrl(s, SSL_CTRL_SET_CLIENT_SIGALGS, slistlen, slist);
 end;
 
 //# define SSL_set1_client_sigalgs_list(s, str)              SSL_ctrl(s,SSL_CTRL_SET_CLIENT_SIGALGS_LIST,0,(char *)(str))
 function SSL_set1_client_sigalgs_list(s: PSSL; str: PByte): TIdC_LONG;
 begin
-  Result := SSL_ctrl(s, SSL_CTRL_SET_CLIENT_SIGALGS_LIST, 0, str);
+  Result := SSL_ctrl(s, SSL_CTRL_SET_CLIENT_SIGALGS_LIST, 0, str);
 end;
 
 //# define SSL_get0_certificate_types(s, clist)              SSL_ctrl(s, SSL_CTRL_GET_CLIENT_CERT_TYPES, 0, (char *)(clist))
 function SSL_get0_certificate_types(s: PSSL; clist: PByte): TIdC_LONG;
 begin
-  Result := SSL_ctrl(s, SSL_CTRL_GET_CLIENT_CERT_TYPES, 0, clist);
+  Result := SSL_ctrl(s, SSL_CTRL_GET_CLIENT_CERT_TYPES, 0, clist);
 end;
 
 //# define SSL_CTX_set1_client_certificate_types(ctx, clist, clistlen)   SSL_CTX_ctrl(ctx,SSL_CTRL_SET_CLIENT_CERT_TYPES,clistlen, (char *)(clist))
 function SSL_CTX_set1_client_certificate_types(ctx: PSSL_CTX; clist: PByte; clistlen: TIdC_LONG): TIdC_LONG;
 begin
-  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_SET_CLIENT_CERT_TYPES, clistlen, clist);
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_SET_CLIENT_CERT_TYPES, clistlen, clist);
 end;
 
 //# define SSL_set1_client_certificate_types(s, clist, clistlen)         SSL_ctrl(s,SSL_CTRL_SET_CLIENT_CERT_TYPES,clistlen,(char *)(clist))
 function SSL_set1_client_certificate_types(s: PSSL; clist: PByte; clistlen: TIdC_LONG): TIdC_LONG;
 begin
-  Result := SSL_ctrl(s, SSL_CTRL_SET_CLIENT_CERT_TYPES, clistlen, clist);
+  Result := SSL_ctrl(s, SSL_CTRL_SET_CLIENT_CERT_TYPES, clistlen, clist);
 end;
 
 //# define SSL_get_signature_nid(s, pn)                      SSL_ctrl(s,SSL_CTRL_GET_SIGNATURE_NID,0,pn)
 function SSL_get_signature_nid(s: PSSL; pn: Pointer): TIdC_LONG;
 begin
-  Result := SSL_ctrl(s, SSL_CTRL_GET_SIGNATURE_NID, 0, pn);
+  Result := SSL_ctrl(s, SSL_CTRL_GET_SIGNATURE_NID, 0, pn);
 end;
 
 //# define SSL_get_peer_signature_nid(s, pn)                 SSL_ctrl(s,SSL_CTRL_GET_PEER_SIGNATURE_NID,0,pn)
 function SSL_get_peer_signature_nid(s: PSSL; pn: Pointer): TIdC_LONG;
 begin
-  Result := SSL_ctrl(s, SSL_CTRL_GET_PEER_SIGNATURE_NID, 0, pn);
+  Result := SSL_ctrl(s, SSL_CTRL_GET_PEER_SIGNATURE_NID, 0, pn);
 end;
 
 //# define SSL_get_peer_tmp_key(s, pk)                       SSL_ctrl(s,SSL_CTRL_GET_PEER_TMP_KEY,0,pk)
 function SSL_get_peer_tmp_key(s: PSSL; pk: Pointer): TIdC_LONG;
 begin
-  Result := SSL_ctrl(s, SSL_CTRL_GET_PEER_TMP_KEY, 0, pk);
+  Result := SSL_ctrl(s, SSL_CTRL_GET_PEER_TMP_KEY, 0, pk);
 end;
 
 //# define SSL_get_tmp_key(s, pk)                            SSL_ctrl(s,SSL_CTRL_GET_TMP_KEY,0,pk)
 function SSL_get_tmp_key(s: PSSL; pk: Pointer): TIdC_LONG;
 begin
-  Result := SSL_ctrl(s, SSL_CTRL_GET_TMP_KEY, 0, pk);
+  Result := SSL_ctrl(s, SSL_CTRL_GET_TMP_KEY, 0, pk);
 end;
 
 //# define SSL_get0_raw_cipherlist(s, plst)                  SSL_ctrl(s,SSL_CTRL_GET_RAW_CIPHERLIST,0,plst)
 function SSL_get0_raw_cipherlist(s: PSSL; plst: Pointer): TIdC_LONG;
 begin
-  Result := SSL_ctrl(s, SSL_CTRL_GET_RAW_CIPHERLIST, 0, plst);
+  Result := SSL_ctrl(s, SSL_CTRL_GET_RAW_CIPHERLIST, 0, plst);
 end;
 
 //# define SSL_get0_ec_point_formats(s, plst)                SSL_ctrl(s,SSL_CTRL_GET_EC_POINT_FORMATS,0,plst)
 function SSL_get0_ec_point_formats(s: PSSL; plst: Pointer): TIdC_LONG;
 begin
-  Result := SSL_ctrl(s, SSL_CTRL_GET_EC_POINT_FORMATS, 0, plst);
+  Result := SSL_ctrl(s, SSL_CTRL_GET_EC_POINT_FORMATS, 0, plst);
 end;
 
 //# define SSL_CTX_set_min_proto_version(ctx, version)       SSL_CTX_ctrl(ctx, SSL_CTRL_SET_MIN_PROTO_VERSION, version, NULL)
 function SSL_CTX_set_min_proto_version(ctx: PSSL_CTX; version: TIdC_LONG): TIdC_LONG;
 begin
-  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_SET_MIN_PROTO_VERSION, version, nil);
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_SET_MIN_PROTO_VERSION, version, nil);
 end;
 
 //# define SSL_CTX_set_max_proto_version(ctx, version)       SSL_CTX_ctrl(ctx, SSL_CTRL_SET_MAX_PROTO_VERSION, version, NULL)
 function SSL_CTX_set_max_proto_version(ctx: PSSL_CTX; version: TIdC_LONG): TIdC_LONG;
 begin
-  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_SET_MAX_PROTO_VERSION, version, nil);
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_SET_MAX_PROTO_VERSION, version, nil);
 end;
 
 //# define SSL_CTX_get_min_proto_version(ctx)                SSL_CTX_ctrl(ctx, SSL_CTRL_GET_MIN_PROTO_VERSION, 0, NULL)
 function SSL_CTX_get_min_proto_version(ctx: PSSL_CTX): TIdC_LONG;
 begin
-  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_GET_MIN_PROTO_VERSION, 0, nil);
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_GET_MIN_PROTO_VERSION, 0, nil);
 end;
 
 //# define SSL_CTX_get_max_proto_version(ctx)                SSL_CTX_ctrl(ctx, SSL_CTRL_GET_MAX_PROTO_VERSION, 0, NULL)
 function SSL_CTX_get_max_proto_version(ctx: PSSL_CTX): TIdC_LONG;
 begin
-  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_GET_MAX_PROTO_VERSION, 0, nil);
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_GET_MAX_PROTO_VERSION, 0, nil);
 end;
 
 //# define SSL_set_min_proto_version(s, version)             SSL_ctrl(s, SSL_CTRL_SET_MIN_PROTO_VERSION, version, NULL)
 function SSL_set_min_proto_version(s: PSSL; version: TIdC_LONG): TIdC_LONG;
 begin
-  Result := SSL_ctrl(s, SSL_CTRL_SET_MIN_PROTO_VERSION, version, nil);
+  Result := SSL_ctrl(s, SSL_CTRL_SET_MIN_PROTO_VERSION, version, nil);
 end;
 
 //# define SSL_set_max_proto_version(s, version)             SSL_ctrl(s, SSL_CTRL_SET_MAX_PROTO_VERSION, version, NULL)
 function SSL_set_max_proto_version(s: PSSL; version: TIdC_LONG): TIdC_LONG;
 begin
-  Result := SSL_ctrl(s, SSL_CTRL_SET_MAX_PROTO_VERSION, version, nil);
+  Result := SSL_ctrl(s, SSL_CTRL_SET_MAX_PROTO_VERSION, version, nil);
 end;
 
 //# define SSL_get_min_proto_version(s)                      SSL_ctrl(s, SSL_CTRL_GET_MIN_PROTO_VERSION, 0, NULL)
 function SSL_get_min_proto_version(s: PSSL): TIdC_LONG;
 begin
-  Result := SSL_ctrl(s, SSL_CTRL_GET_MIN_PROTO_VERSION, 0, nil);
+  Result := SSL_ctrl(s, SSL_CTRL_GET_MIN_PROTO_VERSION, 0, nil);
 end;
 
 //# define SSL_get_max_proto_version(s)                      SSL_ctrl(s, SSL_CTRL_GET_MAX_PROTO_VERSION, 0, NULL)
 function SSL_get_max_proto_version(s: PSSL): TIdC_LONG;
 begin
-  Result := SSL_ctrl(s, SSL_CTRL_GET_MAX_PROTO_VERSION, 0, nil);
+  Result := SSL_ctrl(s, SSL_CTRL_GET_MAX_PROTO_VERSION, 0, nil);
 end;
 {$ENDREGION}
 
-end.
+end.
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ssl3.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ssl3.pas
index e2116f151..8ab2fdd07 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ssl3.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ssl3.pas
@@ -1,42 +1,42 @@
-{******************************************************************************}
-{                                                                              }
-{            Indy (Internet Direct) - Internet Protocols Simplified            }
-{                                                                              }
-{            https://www.indyproject.org/                                      }
-{            https://gitter.im/IndySockets/Indy                                }
-{                                                                              }
-{******************************************************************************}
-{                                                                              }
-{  This file is part of the Indy (Internet Direct) project, and is offered     }
-{  under the dual-licensing agreement described on the Indy website.           }
-{  (https://www.indyproject.org/license/)                                      }
-{                                                                              }
-{  Copyright:                                                                  }
-{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
-{                                                                              }
-{******************************************************************************}
-{                                                                              }
-{        Originally written by: Fabian S. Biehn                                }
-{                               fbiehn@aagon.com (German & English)            }
-{                                                                              }
-{        Contributers:                                                         }
-{                               Here could be your name                        }
-{                                                                              }
-{******************************************************************************}
-
-unit IdOpenSSLHeaders_ssl3;
-
-interface
-
-// Headers for OpenSSL 1.1.1
-// ssl3.h
-
-{$i IdCompilerDefines.inc}
-
-uses
-  IdGlobal;
-
-const
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+unit IdOpenSSLHeaders_ssl3;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// ssl3.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdGlobal;
+
+const
   (*
    * Signalling cipher suite value from RFC 5746
    * (TLS_EMPTY_RENEGOTIATION_INFO_SCSV)
@@ -47,80 +47,80 @@ interface
   * Signalling cipher suite value from draft-ietf-tls-downgrade-scsv-00
   * (TLS_FALLBACK_SCSV)
   *)
-  SSL3_CK_FALLBACK_SCSV = $03005600;
-
-  SSL3_CK_RSA_NULL_MD5 = $03000001;
-  SSL3_CK_RSA_NULL_SHA = $03000002;
-  SSL3_CK_RSA_RC4_40_MD5 = $03000003;
-  SSL3_CK_RSA_RC4_128_MD5 = $03000004;
-  SSL3_CK_RSA_RC4_128_SHA = $03000005;
-  SSL3_CK_RSA_RC2_40_MD5 = $03000006;
-  SSL3_CK_RSA_IDEA_128_SHA = $03000007;
-  SSL3_CK_RSA_DES_40_CBC_SHA = $03000008;
-  SSL3_CK_RSA_DES_64_CBC_SHA = $03000009;
-  SSL3_CK_RSA_DES_192_CBC3_SHA = $0300000A;
-
-  SSL3_CK_DH_DSS_DES_40_CBC_SHA = $0300000B;
-  SSL3_CK_DH_DSS_DES_64_CBC_SHA = $0300000C;
-  SSL3_CK_DH_DSS_DES_192_CBC3_SHA = $0300000D;
-  SSL3_CK_DH_RSA_DES_40_CBC_SHA = $0300000E;
-  SSL3_CK_DH_RSA_DES_64_CBC_SHA = $0300000F;
-  SSL3_CK_DH_RSA_DES_192_CBC3_SHA = $03000010;
-
-  SSL3_CK_DHE_DSS_DES_40_CBC_SHA = $03000011;
-  SSL3_CK_EDH_DSS_DES_40_CBC_SHA = SSL3_CK_DHE_DSS_DES_40_CBC_SHA;
-  SSL3_CK_DHE_DSS_DES_64_CBC_SHA = $03000012;
-  SSL3_CK_EDH_DSS_DES_64_CBC_SHA = SSL3_CK_DHE_DSS_DES_64_CBC_SHA;
-  SSL3_CK_DHE_DSS_DES_192_CBC3_SHA = $03000013;
-  SSL3_CK_EDH_DSS_DES_192_CBC3_SHA = SSL3_CK_DHE_DSS_DES_192_CBC3_SHA;
-  SSL3_CK_DHE_RSA_DES_40_CBC_SHA = $03000014;
-  SSL3_CK_EDH_RSA_DES_40_CBC_SHA = SSL3_CK_DHE_RSA_DES_40_CBC_SHA;
-  SSL3_CK_DHE_RSA_DES_64_CBC_SHA = $03000015;
-  SSL3_CK_EDH_RSA_DES_64_CBC_SHA = SSL3_CK_DHE_RSA_DES_64_CBC_SHA;
-  SSL3_CK_DHE_RSA_DES_192_CBC3_SHA = $03000016;
-  SSL3_CK_EDH_RSA_DES_192_CBC3_SHA = SSL3_CK_DHE_RSA_DES_192_CBC3_SHA;
-
-  SSL3_CK_ADH_RC4_40_MD5 = $03000017;
-  SSL3_CK_ADH_RC4_128_MD5 = $03000018;
-  SSL3_CK_ADH_DES_40_CBC_SHA = $03000019;
-  SSL3_CK_ADH_DES_64_CBC_SHA = $0300001A;
+  SSL3_CK_FALLBACK_SCSV = $03005600;
+
+  SSL3_CK_RSA_NULL_MD5 = $03000001;
+  SSL3_CK_RSA_NULL_SHA = $03000002;
+  SSL3_CK_RSA_RC4_40_MD5 = $03000003;
+  SSL3_CK_RSA_RC4_128_MD5 = $03000004;
+  SSL3_CK_RSA_RC4_128_SHA = $03000005;
+  SSL3_CK_RSA_RC2_40_MD5 = $03000006;
+  SSL3_CK_RSA_IDEA_128_SHA = $03000007;
+  SSL3_CK_RSA_DES_40_CBC_SHA = $03000008;
+  SSL3_CK_RSA_DES_64_CBC_SHA = $03000009;
+  SSL3_CK_RSA_DES_192_CBC3_SHA = $0300000A;
+
+  SSL3_CK_DH_DSS_DES_40_CBC_SHA = $0300000B;
+  SSL3_CK_DH_DSS_DES_64_CBC_SHA = $0300000C;
+  SSL3_CK_DH_DSS_DES_192_CBC3_SHA = $0300000D;
+  SSL3_CK_DH_RSA_DES_40_CBC_SHA = $0300000E;
+  SSL3_CK_DH_RSA_DES_64_CBC_SHA = $0300000F;
+  SSL3_CK_DH_RSA_DES_192_CBC3_SHA = $03000010;
+
+  SSL3_CK_DHE_DSS_DES_40_CBC_SHA = $03000011;
+  SSL3_CK_EDH_DSS_DES_40_CBC_SHA = SSL3_CK_DHE_DSS_DES_40_CBC_SHA;
+  SSL3_CK_DHE_DSS_DES_64_CBC_SHA = $03000012;
+  SSL3_CK_EDH_DSS_DES_64_CBC_SHA = SSL3_CK_DHE_DSS_DES_64_CBC_SHA;
+  SSL3_CK_DHE_DSS_DES_192_CBC3_SHA = $03000013;
+  SSL3_CK_EDH_DSS_DES_192_CBC3_SHA = SSL3_CK_DHE_DSS_DES_192_CBC3_SHA;
+  SSL3_CK_DHE_RSA_DES_40_CBC_SHA = $03000014;
+  SSL3_CK_EDH_RSA_DES_40_CBC_SHA = SSL3_CK_DHE_RSA_DES_40_CBC_SHA;
+  SSL3_CK_DHE_RSA_DES_64_CBC_SHA = $03000015;
+  SSL3_CK_EDH_RSA_DES_64_CBC_SHA = SSL3_CK_DHE_RSA_DES_64_CBC_SHA;
+  SSL3_CK_DHE_RSA_DES_192_CBC3_SHA = $03000016;
+  SSL3_CK_EDH_RSA_DES_192_CBC3_SHA = SSL3_CK_DHE_RSA_DES_192_CBC3_SHA;
+
+  SSL3_CK_ADH_RC4_40_MD5 = $03000017;
+  SSL3_CK_ADH_RC4_128_MD5 = $03000018;
+  SSL3_CK_ADH_DES_40_CBC_SHA = $03000019;
+  SSL3_CK_ADH_DES_64_CBC_SHA = $0300001A;
   SSL3_CK_ADH_DES_192_CBC_SHA = $0300001B;
 
   (* a bundle of RFC standard cipher names, generated from ssl3_ciphers[] *)
   SSL3_RFC_RSA_NULL_MD5 = AnsiString('TLS_RSA_WITH_NULL_MD5');
-  SSL3_RFC_RSA_NULL_SHA = AnsiString('TLS_RSA_WITH_NULL_SHA');
-  SSL3_RFC_RSA_DES_192_CBC3_SHA = AnsiString('TLS_RSA_WITH_3DES_EDE_CBC_SHA');
-  SSL3_RFC_DHE_DSS_DES_192_CBC3_SHA = AnsiString('TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA');
-  SSL3_RFC_DHE_RSA_DES_192_CBC3_SHA = AnsiString('TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA');
-  SSL3_RFC_ADH_DES_192_CBC_SHA = AnsiString('TLS_DH_anon_WITH_3DES_EDE_CBC_SHA');
-  SSL3_RFC_RSA_IDEA_128_SHA = AnsiString('TLS_RSA_WITH_IDEA_CBC_SHA');
-  SSL3_RFC_RSA_RC4_128_MD5 = AnsiString('TLS_RSA_WITH_RC4_128_MD5');
-  SSL3_RFC_RSA_RC4_128_SHA = AnsiString('TLS_RSA_WITH_RC4_128_SHA');
-  SSL3_RFC_ADH_RC4_128_MD5 = AnsiString('TLS_DH_anon_WITH_RC4_128_MD5');
-
-  SSL3_TXT_RSA_NULL_MD5 = AnsiString('NULL-MD5');
-  SSL3_TXT_RSA_NULL_SHA = AnsiString('NULL-SHA');
-  SSL3_TXT_RSA_RC4_40_MD5 = AnsiString('EXP-RC4-MD5');
-  SSL3_TXT_RSA_RC4_128_MD5 = AnsiString('RC4-MD5');
-  SSL3_TXT_RSA_RC4_128_SHA = AnsiString('RC4-SHA');
-  SSL3_TXT_RSA_RC2_40_MD5 = AnsiString('EXP-RC2-CBC-MD5');
-  SSL3_TXT_RSA_IDEA_128_SHA = AnsiString('IDEA-CBC-SHA');
-  SSL3_TXT_RSA_DES_40_CBC_SHA = AnsiString('EXP-DES-CBC-SHA');
-  SSL3_TXT_RSA_DES_64_CBC_SHA = AnsiString('DES-CBC-SHA');
-  SSL3_TXT_RSA_DES_192_CBC3_SHA = AnsiString('DES-CBC3-SHA');
-
-  SSL3_TXT_DH_DSS_DES_40_CBC_SHA = AnsiString('EXP-DH-DSS-DES-CBC-SHA');
-  SSL3_TXT_DH_DSS_DES_64_CBC_SHA = AnsiString('DH-DSS-DES-CBC-SHA');
-  SSL3_TXT_DH_DSS_DES_192_CBC3_SHA = AnsiString('DH-DSS-DES-CBC3-SHA');
-  SSL3_TXT_DH_RSA_DES_40_CBC_SHA = AnsiString('EXP-DH-RSA-DES-CBC-SHA');
-  SSL3_TXT_DH_RSA_DES_64_CBC_SHA = AnsiString('DH-RSA-DES-CBC-SHA');
-  SSL3_TXT_DH_RSA_DES_192_CBC3_SHA = AnsiString('DH-RSA-DES-CBC3-SHA');
-
-  SSL3_TXT_DHE_DSS_DES_40_CBC_SHA = AnsiString('EXP-DHE-DSS-DES-CBC-SHA');
-  SSL3_TXT_DHE_DSS_DES_64_CBC_SHA = AnsiString('DHE-DSS-DES-CBC-SHA');
-  SSL3_TXT_DHE_DSS_DES_192_CBC3_SHA = AnsiString('DHE-DSS-DES-CBC3-SHA');
-  SSL3_TXT_DHE_RSA_DES_40_CBC_SHA = AnsiString('EXP-DHE-RSA-DES-CBC-SHA');
-  SSL3_TXT_DHE_RSA_DES_64_CBC_SHA = AnsiString('DHE-RSA-DES-CBC-SHA');
+  SSL3_RFC_RSA_NULL_SHA = AnsiString('TLS_RSA_WITH_NULL_SHA');
+  SSL3_RFC_RSA_DES_192_CBC3_SHA = AnsiString('TLS_RSA_WITH_3DES_EDE_CBC_SHA');
+  SSL3_RFC_DHE_DSS_DES_192_CBC3_SHA = AnsiString('TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA');
+  SSL3_RFC_DHE_RSA_DES_192_CBC3_SHA = AnsiString('TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA');
+  SSL3_RFC_ADH_DES_192_CBC_SHA = AnsiString('TLS_DH_anon_WITH_3DES_EDE_CBC_SHA');
+  SSL3_RFC_RSA_IDEA_128_SHA = AnsiString('TLS_RSA_WITH_IDEA_CBC_SHA');
+  SSL3_RFC_RSA_RC4_128_MD5 = AnsiString('TLS_RSA_WITH_RC4_128_MD5');
+  SSL3_RFC_RSA_RC4_128_SHA = AnsiString('TLS_RSA_WITH_RC4_128_SHA');
+  SSL3_RFC_ADH_RC4_128_MD5 = AnsiString('TLS_DH_anon_WITH_RC4_128_MD5');
+
+  SSL3_TXT_RSA_NULL_MD5 = AnsiString('NULL-MD5');
+  SSL3_TXT_RSA_NULL_SHA = AnsiString('NULL-SHA');
+  SSL3_TXT_RSA_RC4_40_MD5 = AnsiString('EXP-RC4-MD5');
+  SSL3_TXT_RSA_RC4_128_MD5 = AnsiString('RC4-MD5');
+  SSL3_TXT_RSA_RC4_128_SHA = AnsiString('RC4-SHA');
+  SSL3_TXT_RSA_RC2_40_MD5 = AnsiString('EXP-RC2-CBC-MD5');
+  SSL3_TXT_RSA_IDEA_128_SHA = AnsiString('IDEA-CBC-SHA');
+  SSL3_TXT_RSA_DES_40_CBC_SHA = AnsiString('EXP-DES-CBC-SHA');
+  SSL3_TXT_RSA_DES_64_CBC_SHA = AnsiString('DES-CBC-SHA');
+  SSL3_TXT_RSA_DES_192_CBC3_SHA = AnsiString('DES-CBC3-SHA');
+
+  SSL3_TXT_DH_DSS_DES_40_CBC_SHA = AnsiString('EXP-DH-DSS-DES-CBC-SHA');
+  SSL3_TXT_DH_DSS_DES_64_CBC_SHA = AnsiString('DH-DSS-DES-CBC-SHA');
+  SSL3_TXT_DH_DSS_DES_192_CBC3_SHA = AnsiString('DH-DSS-DES-CBC3-SHA');
+  SSL3_TXT_DH_RSA_DES_40_CBC_SHA = AnsiString('EXP-DH-RSA-DES-CBC-SHA');
+  SSL3_TXT_DH_RSA_DES_64_CBC_SHA = AnsiString('DH-RSA-DES-CBC-SHA');
+  SSL3_TXT_DH_RSA_DES_192_CBC3_SHA = AnsiString('DH-RSA-DES-CBC3-SHA');
+
+  SSL3_TXT_DHE_DSS_DES_40_CBC_SHA = AnsiString('EXP-DHE-DSS-DES-CBC-SHA');
+  SSL3_TXT_DHE_DSS_DES_64_CBC_SHA = AnsiString('DHE-DSS-DES-CBC-SHA');
+  SSL3_TXT_DHE_DSS_DES_192_CBC3_SHA = AnsiString('DHE-DSS-DES-CBC3-SHA');
+  SSL3_TXT_DHE_RSA_DES_40_CBC_SHA = AnsiString('EXP-DHE-RSA-DES-CBC-SHA');
+  SSL3_TXT_DHE_RSA_DES_64_CBC_SHA = AnsiString('DHE-RSA-DES-CBC-SHA');
   SSL3_TXT_DHE_RSA_DES_192_CBC3_SHA = AnsiString('DHE-RSA-DES-CBC3-SHA');
 
   (*
@@ -129,27 +129,27 @@ interface
    * instead:
    *)
   SSL3_TXT_EDH_DSS_DES_40_CBC_SHA = AnsiString('EXP-EDH-DSS-DES-CBC-SHA');
-  SSL3_TXT_EDH_DSS_DES_64_CBC_SHA = AnsiString('EDH-DSS-DES-CBC-SHA');
-  SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA = AnsiString('EDH-DSS-DES-CBC3-SHA');
-  SSL3_TXT_EDH_RSA_DES_40_CBC_SHA = AnsiString('EXP-EDH-RSA-DES-CBC-SHA');
-  SSL3_TXT_EDH_RSA_DES_64_CBC_SHA = AnsiString('EDH-RSA-DES-CBC-SHA');
-  SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA = AnsiString('EDH-RSA-DES-CBC3-SHA');
-
-  SSL3_TXT_ADH_RC4_40_MD5 = AnsiString('EXP-ADH-RC4-MD5');
-  SSL3_TXT_ADH_RC4_128_MD5 = AnsiString('ADH-RC4-MD5');
-  SSL3_TXT_ADH_DES_40_CBC_SHA = AnsiString('EXP-ADH-DES-CBC-SHA');
-  SSL3_TXT_ADH_DES_64_CBC_SHA = AnsiString('ADH-DES-CBC-SHA');
-  SSL3_TXT_ADH_DES_192_CBC_SHA = AnsiString('ADH-DES-CBC3-SHA');
-
-  SSL3_SSL_SESSION_ID_LENGTH = 32;
-  SSL3_MAX_SSL_SESSION_ID_LENGTH = 32;
-
-  SSL3_MASTER_SECRET_SIZE = 48;
-  SSL3_RANDOM_SIZE = 32;
-  SSL3_SESSION_ID_SIZE = 32;
-  SSL3_RT_HEADER_LENGTH = 5;
-
-  SSL3_HM_HEADER_LENGTH = 4;
+  SSL3_TXT_EDH_DSS_DES_64_CBC_SHA = AnsiString('EDH-DSS-DES-CBC-SHA');
+  SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA = AnsiString('EDH-DSS-DES-CBC3-SHA');
+  SSL3_TXT_EDH_RSA_DES_40_CBC_SHA = AnsiString('EXP-EDH-RSA-DES-CBC-SHA');
+  SSL3_TXT_EDH_RSA_DES_64_CBC_SHA = AnsiString('EDH-RSA-DES-CBC-SHA');
+  SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA = AnsiString('EDH-RSA-DES-CBC3-SHA');
+
+  SSL3_TXT_ADH_RC4_40_MD5 = AnsiString('EXP-ADH-RC4-MD5');
+  SSL3_TXT_ADH_RC4_128_MD5 = AnsiString('ADH-RC4-MD5');
+  SSL3_TXT_ADH_DES_40_CBC_SHA = AnsiString('EXP-ADH-DES-CBC-SHA');
+  SSL3_TXT_ADH_DES_64_CBC_SHA = AnsiString('ADH-DES-CBC-SHA');
+  SSL3_TXT_ADH_DES_192_CBC_SHA = AnsiString('ADH-DES-CBC3-SHA');
+
+  SSL3_SSL_SESSION_ID_LENGTH = 32;
+  SSL3_MAX_SSL_SESSION_ID_LENGTH = 32;
+
+  SSL3_MASTER_SECRET_SIZE = 48;
+  SSL3_RANDOM_SIZE = 32;
+  SSL3_SESSION_ID_SIZE = 32;
+  SSL3_RT_HEADER_LENGTH = 5;
+
+  SSL3_HM_HEADER_LENGTH = 4;
 
   (*
    * Some will argue that this increases memory footprint, but it's not
@@ -173,7 +173,7 @@ interface
    * Maximum block size used in all ciphersuites. Currently 16 for AES.
    *)
   SSL_RT_MAX_CIPHER_BLOCK_SIZE = 16;
-  SSL3_RT_MAX_EXTRA = 16384;
+  SSL3_RT_MAX_EXTRA = 16384;
 
   (* Maximum plaintext length: defined by SSL/TLS standards *)
   SSL3_RT_MAX_PLAIN_LENGTH = 16384;
@@ -186,7 +186,7 @@ interface
    * of padding bytes (256) plus the mac size.
    *)
   SSL3_RT_MAX_ENCRYPTED_OVERHEAD = 256 + SSL3_RT_MAX_MD_SIZE;
-  SSL3_RT_MAX_TLS13_ENCRYPTED_OVERHEAD = 256;
+  SSL3_RT_MAX_TLS13_ENCRYPTED_OVERHEAD = 256;
 
   (*
    * OpenSSL currently only uses a padding length of at most one block so the
@@ -199,66 +199,66 @@ interface
 //  SSL3_RT_MAX_COMPRESSED_LENGTH = (SSL3_RT_MAX_PLAIN_LENGTH + SSL3_RT_MAX_COMPRESSED_OVERHEAD);
 
   SSL3_RT_MAX_ENCRYPTED_LENGTH = SSL3_RT_MAX_ENCRYPTED_OVERHEAD + SSL3_RT_MAX_COMPRESSED_LENGTH;
-  SSL3_RT_MAX_TLS13_ENCRYPTED_LENGTH = SSL3_RT_MAX_PLAIN_LENGTH + SSL3_RT_MAX_TLS13_ENCRYPTED_OVERHEAD;
-  SSL3_RT_MAX_PACKET_SIZE = SSL3_RT_MAX_ENCRYPTED_LENGTH + SSL3_RT_HEADER_LENGTH;
+  SSL3_RT_MAX_TLS13_ENCRYPTED_LENGTH = SSL3_RT_MAX_PLAIN_LENGTH + SSL3_RT_MAX_TLS13_ENCRYPTED_OVERHEAD;
+  SSL3_RT_MAX_PACKET_SIZE = SSL3_RT_MAX_ENCRYPTED_LENGTH + SSL3_RT_HEADER_LENGTH;
 
   SSL3_MD_CLIENT_FINISHED_= TIdAnsiChar($43) + TIdAnsiChar($4C) + TIdAnsiChar($4E) + TIdAnsiChar($54);
   SSL3_MD_SERVER_FINISHED_= TIdAnsiChar($53) + TIdAnsiChar($52) + TIdAnsiChar($56) + TIdAnsiChar($52);
-
-  SSL3_VERSION = $0300;
-  SSL3_VERSION_MAJOR = $03;
-  SSL3_VERSION_MINOR = $00;
-
-  SSL3_RT_CHANGE_CIPHER_SPEC = 20;
-  SSL3_RT_ALERT = 21;
-  SSL3_RT_HANDSHAKE = 22;
-  SSL3_RT_APPLICATION_DATA = 23;
-  DTLS1_RT_HEARTBEAT = 24;
+
+  SSL3_VERSION = $0300;
+  SSL3_VERSION_MAJOR = $03;
+  SSL3_VERSION_MINOR = $00;
+
+  SSL3_RT_CHANGE_CIPHER_SPEC = 20;
+  SSL3_RT_ALERT = 21;
+  SSL3_RT_HANDSHAKE = 22;
+  SSL3_RT_APPLICATION_DATA = 23;
+  DTLS1_RT_HEARTBEAT = 24;
 
   (* Pseudo content types to indicate additional parameters *)
   TLS1_RT_CRYPTO = $1000;
-  TLS1_RT_CRYPTO_PREMASTER = TLS1_RT_CRYPTO or $1;
-  TLS1_RT_CRYPTO_CLIENT_RANDOM = TLS1_RT_CRYPTO or $2;
-  TLS1_RT_CRYPTO_SERVER_RANDOM = TLS1_RT_CRYPTO or $3;
-  TLS1_RT_CRYPTO_MASTER = TLS1_RT_CRYPTO or $4;
-
-  TLS1_RT_CRYPTO_READ = $0000;
-  TLS1_RT_CRYPTO_WRITE = $0100;
-  TLS1_RT_CRYPTO_MAC = TLS1_RT_CRYPTO or $5;
-  TLS1_RT_CRYPTO_KEY = TLS1_RT_CRYPTO or $6;
-  TLS1_RT_CRYPTO_IV = TLS1_RT_CRYPTO or $7;
-  TLS1_RT_CRYPTO_FIXED_IV = TLS1_RT_CRYPTO or $8;
+  TLS1_RT_CRYPTO_PREMASTER = TLS1_RT_CRYPTO or $1;
+  TLS1_RT_CRYPTO_CLIENT_RANDOM = TLS1_RT_CRYPTO or $2;
+  TLS1_RT_CRYPTO_SERVER_RANDOM = TLS1_RT_CRYPTO or $3;
+  TLS1_RT_CRYPTO_MASTER = TLS1_RT_CRYPTO or $4;
+
+  TLS1_RT_CRYPTO_READ = $0000;
+  TLS1_RT_CRYPTO_WRITE = $0100;
+  TLS1_RT_CRYPTO_MAC = TLS1_RT_CRYPTO or $5;
+  TLS1_RT_CRYPTO_KEY = TLS1_RT_CRYPTO or $6;
+  TLS1_RT_CRYPTO_IV = TLS1_RT_CRYPTO or $7;
+  TLS1_RT_CRYPTO_FIXED_IV = TLS1_RT_CRYPTO or $8;
 
   (* Pseudo content types for SSL/TLS header info *)
   SSL3_RT_HEADER = $100;
-  SSL3_RT_INNER_CONTENT_TYPE = $101;
-
-  SSL3_AL_WARNING = 1;
-  SSL3_AL_FATAL = 2;
-
-  SSL3_AD_CLOSE_NOTIFY = 0;
-  SSL3_AD_UNEXPECTED_MESSAGE = 10; (* fatal *)
-  SSL3_AD_BAD_RECORD_MAC = 20; (* fatal *)
-  SSL3_AD_DECOMPRESSION_FAILURE = 30; (* fatal *)
-  SSL3_AD_HANDSHAKE_FAILURE = 40; (* fatal *)
-  SSL3_AD_NO_CERTIFICATE = 41;
-  SSL3_AD_BAD_CERTIFICATE = 42;
-  SSL3_AD_UNSUPPORTED_CERTIFICATE = 43;
-  SSL3_AD_CERTIFICATE_REVOKED = 44;
-  SSL3_AD_CERTIFICATE_EXPIRED = 45;
-  SSL3_AD_CERTIFICATE_UNKNOWN = 46;
-  SSL3_AD_ILLEGAL_PARAMETER = 47; (* fatal *)
+  SSL3_RT_INNER_CONTENT_TYPE = $101;
+
+  SSL3_AL_WARNING = 1;
+  SSL3_AL_FATAL = 2;
+
+  SSL3_AD_CLOSE_NOTIFY = 0;
+  SSL3_AD_UNEXPECTED_MESSAGE = 10; (* fatal *)
+  SSL3_AD_BAD_RECORD_MAC = 20; (* fatal *)
+  SSL3_AD_DECOMPRESSION_FAILURE = 30; (* fatal *)
+  SSL3_AD_HANDSHAKE_FAILURE = 40; (* fatal *)
+  SSL3_AD_NO_CERTIFICATE = 41;
+  SSL3_AD_BAD_CERTIFICATE = 42;
+  SSL3_AD_UNSUPPORTED_CERTIFICATE = 43;
+  SSL3_AD_CERTIFICATE_REVOKED = 44;
+  SSL3_AD_CERTIFICATE_EXPIRED = 45;
+  SSL3_AD_CERTIFICATE_UNKNOWN = 46;
+  SSL3_AD_ILLEGAL_PARAMETER = 47; (* fatal *)
 
   TLS1_HB_REQUEST = 1;
-  TLS1_HB_RESPONSE = 2;
-
-  SSL3_CT_RSA_SIGN = 1;
-  SSL3_CT_DSS_SIGN = 2;
-  SSL3_CT_RSA_FIXED_DH = 3;
-  SSL3_CT_DSS_FIXED_DH = 4;
-  SSL3_CT_RSA_EPHEMERAL_DH = 5;
-  SSL3_CT_DSS_EPHEMERAL_DH = 6;
-  SSL3_CT_FORTEZZA_DMS = 20;
+  TLS1_HB_RESPONSE = 2;
+
+  SSL3_CT_RSA_SIGN = 1;
+  SSL3_CT_DSS_SIGN = 2;
+  SSL3_CT_RSA_FIXED_DH = 3;
+  SSL3_CT_DSS_FIXED_DH = 4;
+  SSL3_CT_RSA_EPHEMERAL_DH = 5;
+  SSL3_CT_DSS_EPHEMERAL_DH = 6;
+  SSL3_CT_FORTEZZA_DMS = 20;
 
   (*
    * SSL3_CT_NUMBER is used to size arrays and it must be large enough to
@@ -271,40 +271,40 @@ interface
 
   (* Removed from OpenSSL 1.1.0 *)
   TLS1_FLAGS_TLS_PADDING_BUG = $0;
-  TLS1_FLAGS_SKIP_CERT_VERIFY = $0010;
+  TLS1_FLAGS_SKIP_CERT_VERIFY = $0010;
 
   (* Set if we encrypt then mac instead of usual mac then encrypt *)
   TLS1_FLAGS_ENCRYPT_THEN_MAC_READ = $0100;
-  TLS1_FLAGS_ENCRYPT_THEN_MAC = TLS1_FLAGS_ENCRYPT_THEN_MAC_READ;
+  TLS1_FLAGS_ENCRYPT_THEN_MAC = TLS1_FLAGS_ENCRYPT_THEN_MAC_READ;
 
 
   (* Set if extended master secret extension received from peer *)
   TLS1_FLAGS_RECEIVED_EXTMS = $0200;
 
-  TLS1_FLAGS_ENCRYPT_THEN_MAC_WRITE = $0400;
-
-  TLS1_FLAGS_STATELESS = $0800;
-
-  SSL3_MT_HELLO_REQUEST = 0;
-  SSL3_MT_CLIENT_HELLO = 1;
-  SSL3_MT_SERVER_HELLO = 2;
-  SSL3_MT_NEWSESSION_TICKET = 4;
-  SSL3_MT_END_OF_EARLY_DATA = 5;
-  SSL3_MT_ENCRYPTED_EXTENSIONS = 8;
-  SSL3_MT_CERTIFICATE = 11;
-  SSL3_MT_SERVER_KEY_EXCHANGE = 12;
-  SSL3_MT_CERTIFICATE_REQUEST = 13;
-  SSL3_MT_SERVER_DONE = 14;
-  SSL3_MT_CERTIFICATE_VERIFY = 15;
-  SSL3_MT_CLIENT_KEY_EXCHANGE = 16;
-  SSL3_MT_FINISHED = 20;
-  SSL3_MT_CERTIFICATE_URL = 21;
-  SSL3_MT_CERTIFICATE_STATUS = 22;
-  SSL3_MT_SUPPLEMENTAL_DATA = 23;
-  SSL3_MT_KEY_UPDATE = 24;
-  SSL3_MT_NEXT_PROTO = 67;
-  SSL3_MT_MESSAGE_HASH = 254;
-  DTLS1_MT_HELLO_VERIFY_REQUEST = 3;
+  TLS1_FLAGS_ENCRYPT_THEN_MAC_WRITE = $0400;
+
+  TLS1_FLAGS_STATELESS = $0800;
+
+  SSL3_MT_HELLO_REQUEST = 0;
+  SSL3_MT_CLIENT_HELLO = 1;
+  SSL3_MT_SERVER_HELLO = 2;
+  SSL3_MT_NEWSESSION_TICKET = 4;
+  SSL3_MT_END_OF_EARLY_DATA = 5;
+  SSL3_MT_ENCRYPTED_EXTENSIONS = 8;
+  SSL3_MT_CERTIFICATE = 11;
+  SSL3_MT_SERVER_KEY_EXCHANGE = 12;
+  SSL3_MT_CERTIFICATE_REQUEST = 13;
+  SSL3_MT_SERVER_DONE = 14;
+  SSL3_MT_CERTIFICATE_VERIFY = 15;
+  SSL3_MT_CLIENT_KEY_EXCHANGE = 16;
+  SSL3_MT_FINISHED = 20;
+  SSL3_MT_CERTIFICATE_URL = 21;
+  SSL3_MT_CERTIFICATE_STATUS = 22;
+  SSL3_MT_SUPPLEMENTAL_DATA = 23;
+  SSL3_MT_KEY_UPDATE = 24;
+  SSL3_MT_NEXT_PROTO = 67;
+  SSL3_MT_MESSAGE_HASH = 254;
+  DTLS1_MT_HELLO_VERIFY_REQUEST = 3;
 
   (* Dummy message type for handling CCS like a normal handshake message *)
   SSL3_MT_CHANGE_CIPHER_SPEC = $0101;
@@ -313,16 +313,16 @@ interface
 
   (* These are used when changing over to a new cipher *)
   SSL3_CC_READ = $001;
-  SSL3_CC_WRITE = $002;
-  SSL3_CC_CLIENT = $010;
-  SSL3_CC_SERVER = $020;
-  SSL3_CC_EARLY = $040;
-  SSL3_CC_HANDSHAKE = $080;
-  SSL3_CC_APPLICATION = $100;
-  SSL3_CHANGE_CIPHER_CLIENT_WRITE = SSL3_CC_CLIENT or SSL3_CC_WRITE;
-  SSL3_CHANGE_CIPHER_SERVER_READ = SSL3_CC_SERVER or SSL3_CC_READ;
-  SSL3_CHANGE_CIPHER_CLIENT_READ = SSL3_CC_CLIENT or SSL3_CC_READ;
-  SSL3_CHANGE_CIPHER_SERVER_WRITE = SSL3_CC_SERVER or SSL3_CC_WRITE;
-
implementation
-
-end.
+  SSL3_CC_WRITE = $002;
+  SSL3_CC_CLIENT = $010;
+  SSL3_CC_SERVER = $020;
+  SSL3_CC_EARLY = $040;
+  SSL3_CC_HANDSHAKE = $080;
+  SSL3_CC_APPLICATION = $100;
+  SSL3_CHANGE_CIPHER_CLIENT_WRITE = SSL3_CC_CLIENT or SSL3_CC_WRITE;
+  SSL3_CHANGE_CIPHER_SERVER_READ = SSL3_CC_SERVER or SSL3_CC_READ;
+  SSL3_CHANGE_CIPHER_CLIENT_READ = SSL3_CC_CLIENT or SSL3_CC_READ;
+  SSL3_CHANGE_CIPHER_SERVER_WRITE = SSL3_CC_SERVER or SSL3_CC_WRITE;
+
implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_tls1.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_tls1.pas
index 33076c49b..ac5bfd09c 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_tls1.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_tls1.pas
@@ -1,65 +1,65 @@
-{******************************************************************************}
-{                                                                              }
-{            Indy (Internet Direct) - Internet Protocols Simplified            }
-{                                                                              }
-{            https://www.indyproject.org/                                      }
-{            https://gitter.im/IndySockets/Indy                                }
-{                                                                              }
-{******************************************************************************}
-{                                                                              }
-{  This file is part of the Indy (Internet Direct) project, and is offered     }
-{  under the dual-licensing agreement described on the Indy website.           }
-{  (https://www.indyproject.org/license/)                                      }
-{                                                                              }
-{  Copyright:                                                                  }
-{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
-{                                                                              }
-{******************************************************************************}
-{                                                                              }
-{        Originally written by: Fabian S. Biehn                                }
-{                               fbiehn@aagon.com (German & English)            }
-{                                                                              }
-{        Contributers:                                                         }
-{                               Here could be your name                        }
-{                                                                              }
-{******************************************************************************}
-
-unit IdOpenSSLHeaders_tls1;
-
-interface
-
-// Headers for OpenSSL 1.1.1
-// tls1.h
-
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+unit IdOpenSSLHeaders_tls1;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// tls1.h
+
 {$i IdCompilerDefines.inc}
 
 uses
   IdCTypes,
-  IdGlobal,
-  IdOpenSSLConsts,
+  IdGlobal,
+  IdOpenSSLConsts,
   IdOpenSSLHeaders_ossl_typ;
-
+
 const
   (* Default security level if not overridden at config time *)
   OPENSSL_TLS_SECURITY_LEVEL = 1;
 
   TLS1_VERSION = $0301;
-  TLS1_1_VERSION = $0302;
-  TLS1_2_VERSION = $0303;
-  TLS1_3_VERSION = $0304;
-  TLS_MAX_VERSION = TLS1_3_VERSION;
+  TLS1_1_VERSION = $0302;
+  TLS1_2_VERSION = $0303;
+  TLS1_3_VERSION = $0304;
+  TLS_MAX_VERSION = TLS1_3_VERSION;
 
   (* Special value for method supporting multiple versions *)
   TLS_ANY_VERSION = $10000;
 
-  TLS1_VERSION_MAJOR = $03;
-  TLS1_VERSION_MINOR = $01;
-
-  TLS1_1_VERSION_MAJOR = $03;
-  TLS1_1_VERSION_MINOR = $02;
-
-  TLS1_2_VERSION_MAJOR = $03;
-  TLS1_2_VERSION_MINOR = $03;
+  TLS1_VERSION_MAJOR = $03;
+  TLS1_VERSION_MINOR = $01;
+
+  TLS1_1_VERSION_MAJOR = $03;
+  TLS1_1_VERSION_MINOR = $02;
+
+  TLS1_2_VERSION_MAJOR = $03;
+  TLS1_2_VERSION_MINOR = $03;
 
 
 //# define TLS1_get_version(s) \
@@ -69,44 +69,44 @@ interface
 //        ((SSL_client_version(s) >> 8) == TLS1_VERSION_MAJOR ? SSL_client_version(s) : 0)
 
   TLS1_AD_DECRYPTION_FAILED = 21;
-  TLS1_AD_RECORD_OVERFLOW = 22;
-  TLS1_AD_UNKNOWN_CA = 48; (* fatal *)
-  TLS1_AD_ACCESS_DENIED = 49; (* fatal *)
-  TLS1_AD_DECODE_ERROR = 50; (* fatal *)
-  TLS1_AD_DECRYPT_ERROR = 51;
-  TLS1_AD_EXPORT_RESTRICTION = 60; (* fatal *)
-  TLS1_AD_PROTOCOL_VERSION = 70; (* fatal *)
-  TLS1_AD_INSUFFICIENT_SECURITY = 71; (* fatal *)
-  TLS1_AD_INTERNAL_ERROR = 80; (* fatal *)
-  TLS1_AD_INAPPROPRIATE_FALLBACK = 86; (* fatal *)
-  TLS1_AD_USER_CANCELLED = 90;
-  TLS1_AD_NO_RENEGOTIATION = 100;
-  (* TLSv1.3 alerts *)
-  TLS13_AD_MISSING_EXTENSION = 109; (* fatal *)
-  TLS13_AD_CERTIFICATE_REQUIRED = 116; (* fatal *)
-  (* codes 110-114 are from RFC3546 *)
-  TLS1_AD_UNSUPPORTED_EXTENSION = 110;
-  TLS1_AD_CERTIFICATE_UNOBTAINABLE = 111;
-  TLS1_AD_UNRECOGNIZED_NAME = 112;
-  TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE = 113;
-  TLS1_AD_BAD_CERTIFICATE_HASH_VALUE = 114;
-  TLS1_AD_UNKNOWN_PSK_IDENTITY = 115; (* fatal *)
-  TLS1_AD_NO_APPLICATION_PROTOCOL = 120; (* fatal *)
+  TLS1_AD_RECORD_OVERFLOW = 22;
+  TLS1_AD_UNKNOWN_CA = 48; (* fatal *)
+  TLS1_AD_ACCESS_DENIED = 49; (* fatal *)
+  TLS1_AD_DECODE_ERROR = 50; (* fatal *)
+  TLS1_AD_DECRYPT_ERROR = 51;
+  TLS1_AD_EXPORT_RESTRICTION = 60; (* fatal *)
+  TLS1_AD_PROTOCOL_VERSION = 70; (* fatal *)
+  TLS1_AD_INSUFFICIENT_SECURITY = 71; (* fatal *)
+  TLS1_AD_INTERNAL_ERROR = 80; (* fatal *)
+  TLS1_AD_INAPPROPRIATE_FALLBACK = 86; (* fatal *)
+  TLS1_AD_USER_CANCELLED = 90;
+  TLS1_AD_NO_RENEGOTIATION = 100;
+  (* TLSv1.3 alerts *)
+  TLS13_AD_MISSING_EXTENSION = 109; (* fatal *)
+  TLS13_AD_CERTIFICATE_REQUIRED = 116; (* fatal *)
+  (* codes 110-114 are from RFC3546 *)
+  TLS1_AD_UNSUPPORTED_EXTENSION = 110;
+  TLS1_AD_CERTIFICATE_UNOBTAINABLE = 111;
+  TLS1_AD_UNRECOGNIZED_NAME = 112;
+  TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE = 113;
+  TLS1_AD_BAD_CERTIFICATE_HASH_VALUE = 114;
+  TLS1_AD_UNKNOWN_PSK_IDENTITY = 115; (* fatal *)
+  TLS1_AD_NO_APPLICATION_PROTOCOL = 120; (* fatal *)
 
   (* ExtensionType values from RFC3546 / RFC4366 / RFC6066 *)
   TLSEXT_TYPE_server_name = 0;
-  TLSEXT_TYPE_max_fragment_length = 1;
-  TLSEXT_TYPE_client_certificate_url = 2;
-  TLSEXT_TYPE_trusted_ca_keys = 3;
-  TLSEXT_TYPE_truncated_hmac = 4;
-  TLSEXT_TYPE_status_request = 5;
-  (* ExtensionType values from RFC4681 *)
-  TLSEXT_TYPE_user_mapping = 6;
-  (* ExtensionType values from RFC5878 *)
-  TLSEXT_TYPE_client_authz = 7;
-  TLSEXT_TYPE_server_authz = 8;
-  (* ExtensionType values from RFC6091 *)
-  TLSEXT_TYPE_cert_type = 9;
+  TLSEXT_TYPE_max_fragment_length = 1;
+  TLSEXT_TYPE_client_certificate_url = 2;
+  TLSEXT_TYPE_trusted_ca_keys = 3;
+  TLSEXT_TYPE_truncated_hmac = 4;
+  TLSEXT_TYPE_status_request = 5;
+  (* ExtensionType values from RFC4681 *)
+  TLSEXT_TYPE_user_mapping = 6;
+  (* ExtensionType values from RFC5878 *)
+  TLSEXT_TYPE_client_authz = 7;
+  TLSEXT_TYPE_server_authz = 8;
+  (* ExtensionType values from RFC6091 *)
+  TLSEXT_TYPE_cert_type = 9;
 
   (* ExtensionType values from RFC4492 *)
   (*
@@ -114,904 +114,904 @@ interface
    * elliptic_curves
    *)
   TLSEXT_TYPE_supported_groups = 10;
-  TLSEXT_TYPE_elliptic_curves = TLSEXT_TYPE_supported_groups;
-  TLSEXT_TYPE_ec_poTIdC_INT_formats = 11;
-
-  (* ExtensionType value from RFC5054 *)
-  TLSEXT_TYPE_srp = 12;
-  (* ExtensionType values from RFC5246 *)
-  TLSEXT_TYPE_signature_algorithms = 13;
-
-  (* ExtensionType value from RFC5764 *)
-  TLSEXT_TYPE_use_srtp = 14;
-
-  (* ExtensionType value from RFC5620 *)
-  TLSEXT_TYPE_heartbeat = 15;
-
-  (* ExtensionType value from RFC7301 *)
-  TLSEXT_TYPE_application_layer_protocol_negotiation = 16;
-
+  TLSEXT_TYPE_elliptic_curves = TLSEXT_TYPE_supported_groups;
+  TLSEXT_TYPE_ec_poTIdC_INT_formats = 11;
+
+  (* ExtensionType value from RFC5054 *)
+  TLSEXT_TYPE_srp = 12;
+  (* ExtensionType values from RFC5246 *)
+  TLSEXT_TYPE_signature_algorithms = 13;
+
+  (* ExtensionType value from RFC5764 *)
+  TLSEXT_TYPE_use_srtp = 14;
+
+  (* ExtensionType value from RFC5620 *)
+  TLSEXT_TYPE_heartbeat = 15;
+
+  (* ExtensionType value from RFC7301 *)
+  TLSEXT_TYPE_application_layer_protocol_negotiation = 16;
+
   (*
    * Extension type for Certificate Transparency
    * https://tools.ietf.org/html/rfc6962#section-3.3.1
-   *)
-  TLSEXT_TYPE_signed_certificate_timestamp = 18;
+   *)
+  TLSEXT_TYPE_signed_certificate_timestamp = 18;
 
   (*
    * ExtensionType value for TLS padding extension.
    * http://tools.ietf.org/html/draft-agl-tls-padding
-   *)
-  TLSEXT_TYPE_padding = 21;
-
-  (* ExtensionType value from RFC7366 *)
-  TLSEXT_TYPE_encrypt_then_mac = 22;
-
-  (* ExtensionType value from RFC7627 *)
-  TLSEXT_TYPE_extended_master_secret = 23;
-
-  (* ExtensionType value from RFC4507 *)
-  TLSEXT_TYPE_session_ticket = 35;
-
-  (* As defined for TLS1.3 *)
-  TLSEXT_TYPE_psk = 41;
-  TLSEXT_TYPE_early_data = 42;
-  TLSEXT_TYPE_supported_versions = 43;
-  TLSEXT_TYPE_cookie = 44;
-  TLSEXT_TYPE_psk_kex_modes = 45;
-  TLSEXT_TYPE_certificate_authorities = 47;
-  TLSEXT_TYPE_post_handshake_auth = 49;
-  TLSEXT_TYPE_signature_algorithms_cert = 50;
-  TLSEXT_TYPE_key_share = 51;
-
-  (* Temporary extension type *)
-  TLSEXT_TYPE_renegotiate = $ff01;
-
-  (* This is not an IANA defined extension number *)
-  TLSEXT_TYPE_next_proto_neg = 13172;
-
-  (* NameType value from RFC3546 *)
-  TLSEXT_NAMETYPE_host_name = 0;
-  (* status request value from RFC3546 *)
-  TLSEXT_STATUSTYPE_ocsp = 1;
-
-  (* ECPoTIdC_INTFormat values from RFC4492 *)
-  TLSEXT_ECPOTIdC_INTFORMAT_first = 0;
-  TLSEXT_ECPOTIdC_INTFORMAT_uncompressed = 0;
-  TLSEXT_ECPOTIdC_INTFORMAT_ansiX962_compressed_prime = 1;
-  TLSEXT_ECPOTIdC_INTFORMAT_ansiX962_compressed_PIdAnsiChar2 = 2;
-  TLSEXT_ECPOTIdC_INTFORMAT_last = 2;
-
-  (* Signature and hash algorithms from RFC5246 *)
-  TLSEXT_signature_anonymous = 0;
-  TLSEXT_signature_rsa = 1;
-  TLSEXT_signature_dsa = 2;
-  TLSEXT_signature_ecdsa = 3;
-  TLSEXT_signature_gostr34102001 = 237;
-  TLSEXT_signature_gostr34102012_256 = 238;
-  TLSEXT_signature_gostr34102012_512 = 239;
-
-  (* Total number of different signature algorithms *)
-  TLSEXT_signature_num = 7;
-
-  TLSEXT_hash_none = 0;
-  TLSEXT_hash_md5 = 1;
-  TLSEXT_hash_sha1 = 2;
-  TLSEXT_hash_sha224 = 3;
-  TLSEXT_hash_sha256 = 4;
-  TLSEXT_hash_sha384 = 5;
-  TLSEXT_hash_sha512 = 6;
-  TLSEXT_hash_gostr3411 = 237;
-  TLSEXT_hash_gostr34112012_256 = 238;
-  TLSEXT_hash_gostr34112012_512 = 239;
-
-  (* Total number of different digest algorithms *)
-  TLSEXT_hash_num = 10;
-
-  (* Flag set for unrecognised algorithms *)
-  TLSEXT_nid_unknown = $1000000;
-
-  (* ECC curves *)
-  TLSEXT_curve_P_256 = 23;
-  TLSEXT_curve_P_384 = 24;
-
-  (* OpenSSL value to disable maximum fragment length extension *)
-  TLSEXT_max_fragment_length_DISABLED = 0;
-  (* Allowed values for max fragment length extension *)
-  TLSEXT_max_fragment_length_512 = 1;
-  TLSEXT_max_fragment_length_1024 = 2;
-  TLSEXT_max_fragment_length_2048 = 3;
-  TLSEXT_max_fragment_length_4096 = 4;
-
-  TLSEXT_MAXLEN_host_name = 255;
-
+   *)
+  TLSEXT_TYPE_padding = 21;
+
+  (* ExtensionType value from RFC7366 *)
+  TLSEXT_TYPE_encrypt_then_mac = 22;
+
+  (* ExtensionType value from RFC7627 *)
+  TLSEXT_TYPE_extended_master_secret = 23;
+
+  (* ExtensionType value from RFC4507 *)
+  TLSEXT_TYPE_session_ticket = 35;
+
+  (* As defined for TLS1.3 *)
+  TLSEXT_TYPE_psk = 41;
+  TLSEXT_TYPE_early_data = 42;
+  TLSEXT_TYPE_supported_versions = 43;
+  TLSEXT_TYPE_cookie = 44;
+  TLSEXT_TYPE_psk_kex_modes = 45;
+  TLSEXT_TYPE_certificate_authorities = 47;
+  TLSEXT_TYPE_post_handshake_auth = 49;
+  TLSEXT_TYPE_signature_algorithms_cert = 50;
+  TLSEXT_TYPE_key_share = 51;
+
+  (* Temporary extension type *)
+  TLSEXT_TYPE_renegotiate = $ff01;
+
+  (* This is not an IANA defined extension number *)
+  TLSEXT_TYPE_next_proto_neg = 13172;
+
+  (* NameType value from RFC3546 *)
+  TLSEXT_NAMETYPE_host_name = 0;
+  (* status request value from RFC3546 *)
+  TLSEXT_STATUSTYPE_ocsp = 1;
+
+  (* ECPoTIdC_INTFormat values from RFC4492 *)
+  TLSEXT_ECPOTIdC_INTFORMAT_first = 0;
+  TLSEXT_ECPOTIdC_INTFORMAT_uncompressed = 0;
+  TLSEXT_ECPOTIdC_INTFORMAT_ansiX962_compressed_prime = 1;
+  TLSEXT_ECPOTIdC_INTFORMAT_ansiX962_compressed_PIdAnsiChar2 = 2;
+  TLSEXT_ECPOTIdC_INTFORMAT_last = 2;
+
+  (* Signature and hash algorithms from RFC5246 *)
+  TLSEXT_signature_anonymous = 0;
+  TLSEXT_signature_rsa = 1;
+  TLSEXT_signature_dsa = 2;
+  TLSEXT_signature_ecdsa = 3;
+  TLSEXT_signature_gostr34102001 = 237;
+  TLSEXT_signature_gostr34102012_256 = 238;
+  TLSEXT_signature_gostr34102012_512 = 239;
+
+  (* Total number of different signature algorithms *)
+  TLSEXT_signature_num = 7;
+
+  TLSEXT_hash_none = 0;
+  TLSEXT_hash_md5 = 1;
+  TLSEXT_hash_sha1 = 2;
+  TLSEXT_hash_sha224 = 3;
+  TLSEXT_hash_sha256 = 4;
+  TLSEXT_hash_sha384 = 5;
+  TLSEXT_hash_sha512 = 6;
+  TLSEXT_hash_gostr3411 = 237;
+  TLSEXT_hash_gostr34112012_256 = 238;
+  TLSEXT_hash_gostr34112012_512 = 239;
+
+  (* Total number of different digest algorithms *)
+  TLSEXT_hash_num = 10;
+
+  (* Flag set for unrecognised algorithms *)
+  TLSEXT_nid_unknown = $1000000;
+
+  (* ECC curves *)
+  TLSEXT_curve_P_256 = 23;
+  TLSEXT_curve_P_384 = 24;
+
+  (* OpenSSL value to disable maximum fragment length extension *)
+  TLSEXT_max_fragment_length_DISABLED = 0;
+  (* Allowed values for max fragment length extension *)
+  TLSEXT_max_fragment_length_512 = 1;
+  TLSEXT_max_fragment_length_1024 = 2;
+  TLSEXT_max_fragment_length_2048 = 3;
+  TLSEXT_max_fragment_length_4096 = 4;
+
+  TLSEXT_MAXLEN_host_name = 255;
+
   SSL_TLSEXT_ERR_OK = 0;
-  SSL_TLSEXT_ERR_ALERT_WARNING = 1;
-  SSL_TLSEXT_ERR_ALERT_FATAL = 2;
-  SSL_TLSEXT_ERR_NOACK = 3;
-
+  SSL_TLSEXT_ERR_ALERT_WARNING = 1;
+  SSL_TLSEXT_ERR_ALERT_FATAL = 2;
+  SSL_TLSEXT_ERR_NOACK = 3;
+
   SSL_DTLSEXT_HB_ENABLED = $01;
-  SSL_DTLSEXT_HB_DONT_SEND_REQUESTS = $02;
-  SSL_DTLSEXT_HB_DONT_RECV_REQUESTS = $04;
-
-  (* PSK ciphersuites from 4279 *)
-  TLS1_CK_PSK_WITH_RC4_128_SHA = $0300008A;
-  TLS1_CK_PSK_WITH_3DES_EDE_CBC_SHA = $0300008B;
-  TLS1_CK_PSK_WITH_AES_128_CBC_SHA = $0300008C;
-  TLS1_CK_PSK_WITH_AES_256_CBC_SHA = $0300008D;
-  TLS1_CK_DHE_PSK_WITH_RC4_128_SHA = $0300008E;
-  TLS1_CK_DHE_PSK_WITH_3DES_EDE_CBC_SHA = $0300008F;
-  TLS1_CK_DHE_PSK_WITH_AES_128_CBC_SHA = $03000090;
-  TLS1_CK_DHE_PSK_WITH_AES_256_CBC_SHA = $03000091;
-  TLS1_CK_RSA_PSK_WITH_RC4_128_SHA = $03000092;
-  TLS1_CK_RSA_PSK_WITH_3DES_EDE_CBC_SHA = $03000093;
-  TLS1_CK_RSA_PSK_WITH_AES_128_CBC_SHA = $03000094;
-  TLS1_CK_RSA_PSK_WITH_AES_256_CBC_SHA = $03000095;
-
-  (* PSK ciphersuites from 5487 *)
-  TLS1_CK_PSK_WITH_AES_128_GCM_SHA256 = $030000A8;
-  TLS1_CK_PSK_WITH_AES_256_GCM_SHA384 = $030000A9;
-  TLS1_CK_DHE_PSK_WITH_AES_128_GCM_SHA256 = $030000AA;
-  TLS1_CK_DHE_PSK_WITH_AES_256_GCM_SHA384 = $030000AB;
-  TLS1_CK_RSA_PSK_WITH_AES_128_GCM_SHA256 = $030000AC;
-  TLS1_CK_RSA_PSK_WITH_AES_256_GCM_SHA384 = $030000AD;
-  TLS1_CK_PSK_WITH_AES_128_CBC_SHA256 = $030000AE;
-  TLS1_CK_PSK_WITH_AES_256_CBC_SHA384 = $030000AF;
-  TLS1_CK_PSK_WITH_NULL_SHA256 = $030000B0;
-  TLS1_CK_PSK_WITH_NULL_SHA384 = $030000B1;
-  TLS1_CK_DHE_PSK_WITH_AES_128_CBC_SHA256 = $030000B2;
-  TLS1_CK_DHE_PSK_WITH_AES_256_CBC_SHA384 = $030000B3;
-  TLS1_CK_DHE_PSK_WITH_NULL_SHA256 = $030000B4;
-  TLS1_CK_DHE_PSK_WITH_NULL_SHA384 = $030000B5;
-  TLS1_CK_RSA_PSK_WITH_AES_128_CBC_SHA256 = $030000B6;
-  TLS1_CK_RSA_PSK_WITH_AES_256_CBC_SHA384 = $030000B7;
-  TLS1_CK_RSA_PSK_WITH_NULL_SHA256 = $030000B8;
-  TLS1_CK_RSA_PSK_WITH_NULL_SHA384 = $030000B9;
-
-  (* NULL PSK ciphersuites from RFC4785 *)
-  TLS1_CK_PSK_WITH_NULL_SHA = $0300002C;
-  TLS1_CK_DHE_PSK_WITH_NULL_SHA = $0300002D;
-  TLS1_CK_RSA_PSK_WITH_NULL_SHA = $0300002E;
-
-  (* AES ciphersuites from RFC3268 *)
-  TLS1_CK_RSA_WITH_AES_128_SHA = $0300002F;
-  TLS1_CK_DH_DSS_WITH_AES_128_SHA = $03000030;
-  TLS1_CK_DH_RSA_WITH_AES_128_SHA = $03000031;
-  TLS1_CK_DHE_DSS_WITH_AES_128_SHA = $03000032;
-  TLS1_CK_DHE_RSA_WITH_AES_128_SHA = $03000033;
-  TLS1_CK_ADH_WITH_AES_128_SHA = $03000034;
-  TLS1_CK_RSA_WITH_AES_256_SHA = $03000035;
-  TLS1_CK_DH_DSS_WITH_AES_256_SHA = $03000036;
-  TLS1_CK_DH_RSA_WITH_AES_256_SHA = $03000037;
-  TLS1_CK_DHE_DSS_WITH_AES_256_SHA = $03000038;
-  TLS1_CK_DHE_RSA_WITH_AES_256_SHA = $03000039;
-  TLS1_CK_ADH_WITH_AES_256_SHA = $0300003A;
-
-  (* TLS v1.2 ciphersuites *)
-  TLS1_CK_RSA_WITH_NULL_SHA256 = $0300003B;
-  TLS1_CK_RSA_WITH_AES_128_SHA256 = $0300003C;
-  TLS1_CK_RSA_WITH_AES_256_SHA256 = $0300003D;
-  TLS1_CK_DH_DSS_WITH_AES_128_SHA256 = $0300003E;
-  TLS1_CK_DH_RSA_WITH_AES_128_SHA256 = $0300003F;
-  TLS1_CK_DHE_DSS_WITH_AES_128_SHA256 = $03000040;
-
-  (* Camellia ciphersuites from RFC4132 *)
-  TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA = $03000041;
-  TLS1_CK_DH_DSS_WITH_CAMELLIA_128_CBC_SHA = $03000042;
-  TLS1_CK_DH_RSA_WITH_CAMELLIA_128_CBC_SHA = $03000043;
-  TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA = $03000044;
-  TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA = $03000045;
-  TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA = $03000046;
-
-  (* TLS v1.2 ciphersuites *)
-  TLS1_CK_DHE_RSA_WITH_AES_128_SHA256 = $03000067;
-  TLS1_CK_DH_DSS_WITH_AES_256_SHA256 = $03000068;
-  TLS1_CK_DH_RSA_WITH_AES_256_SHA256 = $03000069;
-  TLS1_CK_DHE_DSS_WITH_AES_256_SHA256 = $0300006A;
-  TLS1_CK_DHE_RSA_WITH_AES_256_SHA256 = $0300006B;
-  TLS1_CK_ADH_WITH_AES_128_SHA256 = $0300006C;
-  TLS1_CK_ADH_WITH_AES_256_SHA256 = $0300006D;
-
-  (* Camellia ciphersuites from RFC4132 *)
-  TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA = $03000084;
-  TLS1_CK_DH_DSS_WITH_CAMELLIA_256_CBC_SHA = $03000085;
-  TLS1_CK_DH_RSA_WITH_CAMELLIA_256_CBC_SHA = $03000086;
-  TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA = $03000087;
-  TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA = $03000088;
-  TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA = $03000089;
-
-  (* SEED ciphersuites from RFC4162 *)
-  TLS1_CK_RSA_WITH_SEED_SHA = $03000096;
-  TLS1_CK_DH_DSS_WITH_SEED_SHA = $03000097;
-  TLS1_CK_DH_RSA_WITH_SEED_SHA = $03000098;
-  TLS1_CK_DHE_DSS_WITH_SEED_SHA = $03000099;
-  TLS1_CK_DHE_RSA_WITH_SEED_SHA = $0300009A;
-  TLS1_CK_ADH_WITH_SEED_SHA = $0300009B;
-
-  (* TLS v1.2 GCM ciphersuites from RFC5288 *)
-  TLS1_CK_RSA_WITH_AES_128_GCM_SHA256 = $0300009C;
-  TLS1_CK_RSA_WITH_AES_256_GCM_SHA384 = $0300009D;
-  TLS1_CK_DHE_RSA_WITH_AES_128_GCM_SHA256 = $0300009E;
-  TLS1_CK_DHE_RSA_WITH_AES_256_GCM_SHA384 = $0300009F;
-  TLS1_CK_DH_RSA_WITH_AES_128_GCM_SHA256 = $030000A0;
-  TLS1_CK_DH_RSA_WITH_AES_256_GCM_SHA384 = $030000A1;
-  TLS1_CK_DHE_DSS_WITH_AES_128_GCM_SHA256 = $030000A2;
-  TLS1_CK_DHE_DSS_WITH_AES_256_GCM_SHA384 = $030000A3;
-  TLS1_CK_DH_DSS_WITH_AES_128_GCM_SHA256 = $030000A4;
-  TLS1_CK_DH_DSS_WITH_AES_256_GCM_SHA384 = $030000A5;
-  TLS1_CK_ADH_WITH_AES_128_GCM_SHA256 = $030000A6;
-  TLS1_CK_ADH_WITH_AES_256_GCM_SHA384 = $030000A7;
-
-  (* CCM ciphersuites from RFC6655 *)
-  TLS1_CK_RSA_WITH_AES_128_CCM = $0300C09C;
-  TLS1_CK_RSA_WITH_AES_256_CCM = $0300C09D;
-  TLS1_CK_DHE_RSA_WITH_AES_128_CCM = $0300C09E;
-  TLS1_CK_DHE_RSA_WITH_AES_256_CCM = $0300C09F;
-  TLS1_CK_RSA_WITH_AES_128_CCM_8 = $0300C0A0;
-  TLS1_CK_RSA_WITH_AES_256_CCM_8 = $0300C0A1;
-  TLS1_CK_DHE_RSA_WITH_AES_128_CCM_8 = $0300C0A2;
-  TLS1_CK_DHE_RSA_WITH_AES_256_CCM_8 = $0300C0A3;
-  TLS1_CK_PSK_WITH_AES_128_CCM = $0300C0A4;
-  TLS1_CK_PSK_WITH_AES_256_CCM = $0300C0A5;
-  TLS1_CK_DHE_PSK_WITH_AES_128_CCM = $0300C0A6;
-  TLS1_CK_DHE_PSK_WITH_AES_256_CCM = $0300C0A7;
-  TLS1_CK_PSK_WITH_AES_128_CCM_8 = $0300C0A8;
-  TLS1_CK_PSK_WITH_AES_256_CCM_8 = $0300C0A9;
-  TLS1_CK_DHE_PSK_WITH_AES_128_CCM_8 = $0300C0AA;
-  TLS1_CK_DHE_PSK_WITH_AES_256_CCM_8 = $0300C0AB;
-
-  (* CCM ciphersuites from RFC7251 *)
-  TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CCM = $0300C0AC;
-  TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CCM = $0300C0AD;
-  TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CCM_8 = $0300C0AE;
-  TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CCM_8 = $0300C0AF;
-
-  (* TLS 1.2 Camellia SHA-256 ciphersuites from RFC5932 *)
-  TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA256 = $030000BA;
-  TLS1_CK_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256 = $030000BB;
-  TLS1_CK_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256 = $030000BC;
-  TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256 = $030000BD;
-  TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 = $030000BE;
-  TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA256 = $030000BF;
-
-  TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA256 = $030000C0;
-  TLS1_CK_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256 = $030000C1;
-  TLS1_CK_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256 = $030000C2;
-  TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256 = $030000C3;
-  TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 = $030000C4;
-  TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA256 = $030000C5;
-
-  (* ECC ciphersuites from RFC4492 *)
-  TLS1_CK_ECDH_ECDSA_WITH_NULL_SHA = $0300C001;
-  TLS1_CK_ECDH_ECDSA_WITH_RC4_128_SHA = $0300C002;
-  TLS1_CK_ECDH_ECDSA_WITH_DES_192_CBC3_SHA = $0300C003;
-  TLS1_CK_ECDH_ECDSA_WITH_AES_128_CBC_SHA = $0300C004;
-  TLS1_CK_ECDH_ECDSA_WITH_AES_256_CBC_SHA = $0300C005;
-
-  TLS1_CK_ECDHE_ECDSA_WITH_NULL_SHA = $0300C006;
-  TLS1_CK_ECDHE_ECDSA_WITH_RC4_128_SHA = $0300C007;
-  TLS1_CK_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA = $0300C008;
-  TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CBC_SHA = $0300C009;
-  TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA = $0300C00A;
-
-  TLS1_CK_ECDH_RSA_WITH_NULL_SHA = $0300C00B;
-  TLS1_CK_ECDH_RSA_WITH_RC4_128_SHA = $0300C00C;
-  TLS1_CK_ECDH_RSA_WITH_DES_192_CBC3_SHA = $0300C00D;
-  TLS1_CK_ECDH_RSA_WITH_AES_128_CBC_SHA = $0300C00E;
-  TLS1_CK_ECDH_RSA_WITH_AES_256_CBC_SHA = $0300C00F;
-
-  TLS1_CK_ECDHE_RSA_WITH_NULL_SHA = $0300C010;
-  TLS1_CK_ECDHE_RSA_WITH_RC4_128_SHA = $0300C011;
-  TLS1_CK_ECDHE_RSA_WITH_DES_192_CBC3_SHA = $0300C012;
-  TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA = $0300C013;
-  TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA = $0300C014;
-
-  TLS1_CK_ECDH_anon_WITH_NULL_SHA = $0300C015;
-  TLS1_CK_ECDH_anon_WITH_RC4_128_SHA = $0300C016;
-  TLS1_CK_ECDH_anon_WITH_DES_192_CBC3_SHA = $0300C017;
-  TLS1_CK_ECDH_anon_WITH_AES_128_CBC_SHA = $0300C018;
-  TLS1_CK_ECDH_anon_WITH_AES_256_CBC_SHA = $0300C019;
-
-  (* SRP ciphersuites from RFC 5054 *)
-  TLS1_CK_SRP_SHA_WITH_3DES_EDE_CBC_SHA = $0300C01A;
-  TLS1_CK_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA = $0300C01B;
-  TLS1_CK_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA = $0300C01C;
-  TLS1_CK_SRP_SHA_WITH_AES_128_CBC_SHA = $0300C01D;
-  TLS1_CK_SRP_SHA_RSA_WITH_AES_128_CBC_SHA = $0300C01E;
-  TLS1_CK_SRP_SHA_DSS_WITH_AES_128_CBC_SHA = $0300C01F;
-  TLS1_CK_SRP_SHA_WITH_AES_256_CBC_SHA = $0300C020;
-  TLS1_CK_SRP_SHA_RSA_WITH_AES_256_CBC_SHA = $0300C021;
-  TLS1_CK_SRP_SHA_DSS_WITH_AES_256_CBC_SHA = $0300C022;
-
-  (* ECDH HMAC based ciphersuites from RFC5289 *)
-  TLS1_CK_ECDHE_ECDSA_WITH_AES_128_SHA256 = $0300C023;
-  TLS1_CK_ECDHE_ECDSA_WITH_AES_256_SHA384 = $0300C024;
-  TLS1_CK_ECDH_ECDSA_WITH_AES_128_SHA256 = $0300C025;
-  TLS1_CK_ECDH_ECDSA_WITH_AES_256_SHA384 = $0300C026;
-  TLS1_CK_ECDHE_RSA_WITH_AES_128_SHA256 = $0300C027;
-  TLS1_CK_ECDHE_RSA_WITH_AES_256_SHA384 = $0300C028;
-  TLS1_CK_ECDH_RSA_WITH_AES_128_SHA256 = $0300C029;
-  TLS1_CK_ECDH_RSA_WITH_AES_256_SHA384 = $0300C02A;
-
-  (* ECDH GCM based ciphersuites from RFC5289 *)
-  TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 = $0300C02B;
-  TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 = $0300C02C;
-  TLS1_CK_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 = $0300C02D;
-  TLS1_CK_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 = $0300C02E;
-  TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256 = $0300C02F;
-  TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384 = $0300C030;
-  TLS1_CK_ECDH_RSA_WITH_AES_128_GCM_SHA256 = $0300C031;
-  TLS1_CK_ECDH_RSA_WITH_AES_256_GCM_SHA384 = $0300C032;
-
-  (* ECDHE PSK ciphersuites from RFC5489 *)
-  TLS1_CK_ECDHE_PSK_WITH_RC4_128_SHA = $0300C033;
-  TLS1_CK_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA = $0300C034;
-  TLS1_CK_ECDHE_PSK_WITH_AES_128_CBC_SHA = $0300C035;
-  TLS1_CK_ECDHE_PSK_WITH_AES_256_CBC_SHA = $0300C036;
-  TLS1_CK_ECDHE_PSK_WITH_AES_128_CBC_SHA256 = $0300C037;
-  TLS1_CK_ECDHE_PSK_WITH_AES_256_CBC_SHA384 = $0300C038;
-  TLS1_CK_ECDHE_PSK_WITH_NULL_SHA = $0300C039;
-
-  TLS1_CK_ECDHE_PSK_WITH_NULL_SHA256 = $0300C03A;
-  TLS1_CK_ECDHE_PSK_WITH_NULL_SHA384 = $0300C03B;
-
-  (* Camellia-CBC ciphersuites from RFC6367 *)
-  TLS1_CK_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 = $0300C072;
-  TLS1_CK_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 = $0300C073;
-  TLS1_CK_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 = $0300C074;
-  TLS1_CK_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 = $0300C075;
-  TLS1_CK_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 = $0300C076;
-  TLS1_CK_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 = $0300C077;
-  TLS1_CK_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 = $0300C078;
-  TLS1_CK_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 = $0300C079;
-
-  TLS1_CK_PSK_WITH_CAMELLIA_128_CBC_SHA256 = $0300C094;
-  TLS1_CK_PSK_WITH_CAMELLIA_256_CBC_SHA384 = $0300C095;
-  TLS1_CK_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 = $0300C096;
-  TLS1_CK_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 = $0300C097;
-  TLS1_CK_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 = $0300C098;
-  TLS1_CK_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 = $0300C099;
-  TLS1_CK_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 = $0300C09A;
-  TLS1_CK_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 = $0300C09B;
-
-  (* draft-ietf-tls-chacha20-poly1305-03 *)
-  TLS1_CK_ECDHE_RSA_WITH_CHACHA20_POLY1305 = $0300CCA8;
-  TLS1_CK_ECDHE_ECDSA_WITH_CHACHA20_POLY1305 = $0300CCA9;
-  TLS1_CK_DHE_RSA_WITH_CHACHA20_POLY1305 = $0300CCAA;
-  TLS1_CK_PSK_WITH_CHACHA20_POLY1305 = $0300CCAB;
-  TLS1_CK_ECDHE_PSK_WITH_CHACHA20_POLY1305 = $0300CCAC;
-  TLS1_CK_DHE_PSK_WITH_CHACHA20_POLY1305 = $0300CCAD;
-  TLS1_CK_RSA_PSK_WITH_CHACHA20_POLY1305 = $0300CCAE;
-
-  (* TLS v1.3 ciphersuites *)
-  TLS1_3_CK_AES_128_GCM_SHA256 = $03001301;
-  TLS1_3_CK_AES_256_GCM_SHA384 = $03001302;
-  TLS1_3_CK_CHACHA20_POLY1305_SHA256 = $03001303;
-  TLS1_3_CK_AES_128_CCM_SHA256 = $03001304;
-  TLS1_3_CK_AES_128_CCM_8_SHA256 = $03001305;
-
-  (* Aria ciphersuites from RFC6209 *)
-  TLS1_CK_RSA_WITH_ARIA_128_GCM_SHA256 = $0300C050;
-  TLS1_CK_RSA_WITH_ARIA_256_GCM_SHA384 = $0300C051;
-  TLS1_CK_DHE_RSA_WITH_ARIA_128_GCM_SHA256 = $0300C052;
-  TLS1_CK_DHE_RSA_WITH_ARIA_256_GCM_SHA384 = $0300C053;
-  TLS1_CK_DH_RSA_WITH_ARIA_128_GCM_SHA256 = $0300C054;
-  TLS1_CK_DH_RSA_WITH_ARIA_256_GCM_SHA384 = $0300C055;
-  TLS1_CK_DHE_DSS_WITH_ARIA_128_GCM_SHA256 = $0300C056;
-  TLS1_CK_DHE_DSS_WITH_ARIA_256_GCM_SHA384 = $0300C057;
-  TLS1_CK_DH_DSS_WITH_ARIA_128_GCM_SHA256 = $0300C058;
-  TLS1_CK_DH_DSS_WITH_ARIA_256_GCM_SHA384 = $0300C059;
-  TLS1_CK_DH_anon_WITH_ARIA_128_GCM_SHA256 = $0300C05A;
-  TLS1_CK_DH_anon_WITH_ARIA_256_GCM_SHA384 = $0300C05B;
-  TLS1_CK_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256 = $0300C05C;
-  TLS1_CK_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384 = $0300C05D;
-  TLS1_CK_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256 = $0300C05E;
-  TLS1_CK_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384 = $0300C05F;
-  TLS1_CK_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 = $0300C060;
-  TLS1_CK_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 = $0300C061;
-  TLS1_CK_ECDH_RSA_WITH_ARIA_128_GCM_SHA256 = $0300C062;
-  TLS1_CK_ECDH_RSA_WITH_ARIA_256_GCM_SHA384 = $0300C063;
-  TLS1_CK_PSK_WITH_ARIA_128_GCM_SHA256 = $0300C06A;
-  TLS1_CK_PSK_WITH_ARIA_256_GCM_SHA384 = $0300C06B;
-  TLS1_CK_DHE_PSK_WITH_ARIA_128_GCM_SHA256 = $0300C06C;
-  TLS1_CK_DHE_PSK_WITH_ARIA_256_GCM_SHA384 = $0300C06D;
-  TLS1_CK_RSA_PSK_WITH_ARIA_128_GCM_SHA256 = $0300C06E;
-  TLS1_CK_RSA_PSK_WITH_ARIA_256_GCM_SHA384 = $0300C06F;
-
-  (* a bundle of RFC standard cipher names, generated from ssl3_ciphers[] *)
-  TLS1_RFC_RSA_WITH_AES_128_SHA = AnsiString('TLS_RSA_WITH_AES_128_CBC_SHA');
-  TLS1_RFC_DHE_DSS_WITH_AES_128_SHA = AnsiString('TLS_DHE_DSS_WITH_AES_128_CBC_SHA');
-  TLS1_RFC_DHE_RSA_WITH_AES_128_SHA = AnsiString('TLS_DHE_RSA_WITH_AES_128_CBC_SHA');
-  TLS1_RFC_ADH_WITH_AES_128_SHA = AnsiString('TLS_DH_anon_WITH_AES_128_CBC_SHA');
-  TLS1_RFC_RSA_WITH_AES_256_SHA = AnsiString('TLS_RSA_WITH_AES_256_CBC_SHA');
-  TLS1_RFC_DHE_DSS_WITH_AES_256_SHA = AnsiString('TLS_DHE_DSS_WITH_AES_256_CBC_SHA');
-  TLS1_RFC_DHE_RSA_WITH_AES_256_SHA = AnsiString('TLS_DHE_RSA_WITH_AES_256_CBC_SHA');
-  TLS1_RFC_ADH_WITH_AES_256_SHA = AnsiString('TLS_DH_anon_WITH_AES_256_CBC_SHA');
-  TLS1_RFC_RSA_WITH_NULL_SHA256 = AnsiString('TLS_RSA_WITH_NULL_SHA256');
-  TLS1_RFC_RSA_WITH_AES_128_SHA256 = AnsiString('TLS_RSA_WITH_AES_128_CBC_SHA256');
-  TLS1_RFC_RSA_WITH_AES_256_SHA256 = AnsiString('TLS_RSA_WITH_AES_256_CBC_SHA256');
-  TLS1_RFC_DHE_DSS_WITH_AES_128_SHA256 = AnsiString('TLS_DHE_DSS_WITH_AES_128_CBC_SHA256');
-  TLS1_RFC_DHE_RSA_WITH_AES_128_SHA256 = AnsiString('TLS_DHE_RSA_WITH_AES_128_CBC_SHA256');
-  TLS1_RFC_DHE_DSS_WITH_AES_256_SHA256 = AnsiString('TLS_DHE_DSS_WITH_AES_256_CBC_SHA256');
-  TLS1_RFC_DHE_RSA_WITH_AES_256_SHA256 = AnsiString('TLS_DHE_RSA_WITH_AES_256_CBC_SHA256');
-  TLS1_RFC_ADH_WITH_AES_128_SHA256 = AnsiString('TLS_DH_anon_WITH_AES_128_CBC_SHA256');
-  TLS1_RFC_ADH_WITH_AES_256_SHA256 = AnsiString('TLS_DH_anon_WITH_AES_256_CBC_SHA256');
-  TLS1_RFC_RSA_WITH_AES_128_GCM_SHA256 = AnsiString('TLS_RSA_WITH_AES_128_GCM_SHA256');
-  TLS1_RFC_RSA_WITH_AES_256_GCM_SHA384 = AnsiString('TLS_RSA_WITH_AES_256_GCM_SHA384');
-  TLS1_RFC_DHE_RSA_WITH_AES_128_GCM_SHA256 = AnsiString('TLS_DHE_RSA_WITH_AES_128_GCM_SHA256');
-  TLS1_RFC_DHE_RSA_WITH_AES_256_GCM_SHA384 = AnsiString('TLS_DHE_RSA_WITH_AES_256_GCM_SHA384');
-  TLS1_RFC_DHE_DSS_WITH_AES_128_GCM_SHA256 = AnsiString('TLS_DHE_DSS_WITH_AES_128_GCM_SHA256');
-  TLS1_RFC_DHE_DSS_WITH_AES_256_GCM_SHA384 = AnsiString('TLS_DHE_DSS_WITH_AES_256_GCM_SHA384');
-  TLS1_RFC_ADH_WITH_AES_128_GCM_SHA256 = AnsiString('TLS_DH_anon_WITH_AES_128_GCM_SHA256');
-  TLS1_RFC_ADH_WITH_AES_256_GCM_SHA384 = AnsiString('TLS_DH_anon_WITH_AES_256_GCM_SHA384');
-  TLS1_RFC_RSA_WITH_AES_128_CCM = AnsiString('TLS_RSA_WITH_AES_128_CCM');
-  TLS1_RFC_RSA_WITH_AES_256_CCM = AnsiString('TLS_RSA_WITH_AES_256_CCM');
-  TLS1_RFC_DHE_RSA_WITH_AES_128_CCM = AnsiString('TLS_DHE_RSA_WITH_AES_128_CCM');
-  TLS1_RFC_DHE_RSA_WITH_AES_256_CCM = AnsiString('TLS_DHE_RSA_WITH_AES_256_CCM');
-  TLS1_RFC_RSA_WITH_AES_128_CCM_8 = AnsiString('TLS_RSA_WITH_AES_128_CCM_8');
-  TLS1_RFC_RSA_WITH_AES_256_CCM_8 = AnsiString('TLS_RSA_WITH_AES_256_CCM_8');
-  TLS1_RFC_DHE_RSA_WITH_AES_128_CCM_8 = AnsiString('TLS_DHE_RSA_WITH_AES_128_CCM_8');
-  TLS1_RFC_DHE_RSA_WITH_AES_256_CCM_8 = AnsiString('TLS_DHE_RSA_WITH_AES_256_CCM_8');
-  TLS1_RFC_PSK_WITH_AES_128_CCM = AnsiString('TLS_PSK_WITH_AES_128_CCM');
-  TLS1_RFC_PSK_WITH_AES_256_CCM = AnsiString('TLS_PSK_WITH_AES_256_CCM');
-  TLS1_RFC_DHE_PSK_WITH_AES_128_CCM = AnsiString('TLS_DHE_PSK_WITH_AES_128_CCM');
-  TLS1_RFC_DHE_PSK_WITH_AES_256_CCM = AnsiString('TLS_DHE_PSK_WITH_AES_256_CCM');
-  TLS1_RFC_PSK_WITH_AES_128_CCM_8 = AnsiString('TLS_PSK_WITH_AES_128_CCM_8');
-  TLS1_RFC_PSK_WITH_AES_256_CCM_8 = AnsiString('TLS_PSK_WITH_AES_256_CCM_8');
-  TLS1_RFC_DHE_PSK_WITH_AES_128_CCM_8 = AnsiString('TLS_PSK_DHE_WITH_AES_128_CCM_8');
-  TLS1_RFC_DHE_PSK_WITH_AES_256_CCM_8 = AnsiString('TLS_PSK_DHE_WITH_AES_256_CCM_8');
-  TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_CCM = AnsiString('TLS_ECDHE_ECDSA_WITH_AES_128_CCM');
-  TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_CCM = AnsiString('TLS_ECDHE_ECDSA_WITH_AES_256_CCM');
-  TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_CCM_8 = AnsiString('TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8');
-  TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_CCM_8 = AnsiString('TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8');
-  TLS1_3_RFC_AES_128_GCM_SHA256 = AnsiString('TLS_AES_128_GCM_SHA256');
-  TLS1_3_RFC_AES_256_GCM_SHA384 = AnsiString('TLS_AES_256_GCM_SHA384');
-  TLS1_3_RFC_CHACHA20_POLY1305_SHA256 = AnsiString('TLS_CHACHA20_POLY1305_SHA256');
-  TLS1_3_RFC_AES_128_CCM_SHA256 = AnsiString('TLS_AES_128_CCM_SHA256');
-  TLS1_3_RFC_AES_128_CCM_8_SHA256 = AnsiString('TLS_AES_128_CCM_8_SHA256');
-  TLS1_RFC_ECDHE_ECDSA_WITH_NULL_SHA = AnsiString('TLS_ECDHE_ECDSA_WITH_NULL_SHA');
-  TLS1_RFC_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA = AnsiString('TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA');
-  TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_CBC_SHA = AnsiString('TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA');
-  TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_CBC_SHA = AnsiString('TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA');
-  TLS1_RFC_ECDHE_RSA_WITH_NULL_SHA = AnsiString('TLS_ECDHE_RSA_WITH_NULL_SHA');
-  TLS1_RFC_ECDHE_RSA_WITH_DES_192_CBC3_SHA = AnsiString('TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA');
-  TLS1_RFC_ECDHE_RSA_WITH_AES_128_CBC_SHA = AnsiString('TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA');
-  TLS1_RFC_ECDHE_RSA_WITH_AES_256_CBC_SHA = AnsiString('TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA');
-  TLS1_RFC_ECDH_anon_WITH_NULL_SHA = AnsiString('TLS_ECDH_anon_WITH_NULL_SHA');
-  TLS1_RFC_ECDH_anon_WITH_DES_192_CBC3_SHA = AnsiString('TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA');
-  TLS1_RFC_ECDH_anon_WITH_AES_128_CBC_SHA = AnsiString('TLS_ECDH_anon_WITH_AES_128_CBC_SHA');
-  TLS1_RFC_ECDH_anon_WITH_AES_256_CBC_SHA = AnsiString('TLS_ECDH_anon_WITH_AES_256_CBC_SHA');
-  TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_SHA256 = AnsiString('TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256');
-  TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_SHA384 = AnsiString('TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384');
-  TLS1_RFC_ECDHE_RSA_WITH_AES_128_SHA256 = AnsiString('TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256');
-  TLS1_RFC_ECDHE_RSA_WITH_AES_256_SHA384 = AnsiString('TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384');
-  TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 = AnsiString('TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256');
-  TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 = AnsiString('TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384');
-  TLS1_RFC_ECDHE_RSA_WITH_AES_128_GCM_SHA256 = AnsiString('TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256');
-  TLS1_RFC_ECDHE_RSA_WITH_AES_256_GCM_SHA384 = AnsiString('TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384');
-  TLS1_RFC_PSK_WITH_NULL_SHA = AnsiString('TLS_PSK_WITH_NULL_SHA');
-  TLS1_RFC_DHE_PSK_WITH_NULL_SHA = AnsiString('TLS_DHE_PSK_WITH_NULL_SHA');
-  TLS1_RFC_RSA_PSK_WITH_NULL_SHA = AnsiString('TLS_RSA_PSK_WITH_NULL_SHA');
-  TLS1_RFC_PSK_WITH_3DES_EDE_CBC_SHA = AnsiString('TLS_PSK_WITH_3DES_EDE_CBC_SHA');
-  TLS1_RFC_PSK_WITH_AES_128_CBC_SHA = AnsiString('TLS_PSK_WITH_AES_128_CBC_SHA');
-  TLS1_RFC_PSK_WITH_AES_256_CBC_SHA = AnsiString('TLS_PSK_WITH_AES_256_CBC_SHA');
-  TLS1_RFC_DHE_PSK_WITH_3DES_EDE_CBC_SHA = AnsiString('TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA');
-  TLS1_RFC_DHE_PSK_WITH_AES_128_CBC_SHA = AnsiString('TLS_DHE_PSK_WITH_AES_128_CBC_SHA');
-  TLS1_RFC_DHE_PSK_WITH_AES_256_CBC_SHA = AnsiString('TLS_DHE_PSK_WITH_AES_256_CBC_SHA');
-  TLS1_RFC_RSA_PSK_WITH_3DES_EDE_CBC_SHA = AnsiString('TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA');
-  TLS1_RFC_RSA_PSK_WITH_AES_128_CBC_SHA = AnsiString('TLS_RSA_PSK_WITH_AES_128_CBC_SHA');
-  TLS1_RFC_RSA_PSK_WITH_AES_256_CBC_SHA = AnsiString('TLS_RSA_PSK_WITH_AES_256_CBC_SHA');
-  TLS1_RFC_PSK_WITH_AES_128_GCM_SHA256 = AnsiString('TLS_PSK_WITH_AES_128_GCM_SHA256');
-  TLS1_RFC_PSK_WITH_AES_256_GCM_SHA384 = AnsiString('TLS_PSK_WITH_AES_256_GCM_SHA384');
-  TLS1_RFC_DHE_PSK_WITH_AES_128_GCM_SHA256 = AnsiString('TLS_DHE_PSK_WITH_AES_128_GCM_SHA256');
-  TLS1_RFC_DHE_PSK_WITH_AES_256_GCM_SHA384 = AnsiString('TLS_DHE_PSK_WITH_AES_256_GCM_SHA384');
-  TLS1_RFC_RSA_PSK_WITH_AES_128_GCM_SHA256 = AnsiString('TLS_RSA_PSK_WITH_AES_128_GCM_SHA256');
-  TLS1_RFC_RSA_PSK_WITH_AES_256_GCM_SHA384 = AnsiString('TLS_RSA_PSK_WITH_AES_256_GCM_SHA384');
-  TLS1_RFC_PSK_WITH_AES_128_CBC_SHA256 = AnsiString('TLS_PSK_WITH_AES_128_CBC_SHA256');
-  TLS1_RFC_PSK_WITH_AES_256_CBC_SHA384 = AnsiString('TLS_PSK_WITH_AES_256_CBC_SHA384');
-  TLS1_RFC_PSK_WITH_NULL_SHA256 = AnsiString('TLS_PSK_WITH_NULL_SHA256');
-  TLS1_RFC_PSK_WITH_NULL_SHA384 = AnsiString('TLS_PSK_WITH_NULL_SHA384');
-  TLS1_RFC_DHE_PSK_WITH_AES_128_CBC_SHA256 = AnsiString('TLS_DHE_PSK_WITH_AES_128_CBC_SHA256');
-  TLS1_RFC_DHE_PSK_WITH_AES_256_CBC_SHA384 = AnsiString('TLS_DHE_PSK_WITH_AES_256_CBC_SHA384');
-  TLS1_RFC_DHE_PSK_WITH_NULL_SHA256 = AnsiString('TLS_DHE_PSK_WITH_NULL_SHA256');
-  TLS1_RFC_DHE_PSK_WITH_NULL_SHA384 = AnsiString('TLS_DHE_PSK_WITH_NULL_SHA384');
-  TLS1_RFC_RSA_PSK_WITH_AES_128_CBC_SHA256 = AnsiString('TLS_RSA_PSK_WITH_AES_128_CBC_SHA256');
-  TLS1_RFC_RSA_PSK_WITH_AES_256_CBC_SHA384 = AnsiString('TLS_RSA_PSK_WITH_AES_256_CBC_SHA384');
-  TLS1_RFC_RSA_PSK_WITH_NULL_SHA256 = AnsiString('TLS_RSA_PSK_WITH_NULL_SHA256');
-  TLS1_RFC_RSA_PSK_WITH_NULL_SHA384 = AnsiString('TLS_RSA_PSK_WITH_NULL_SHA384');
-  TLS1_RFC_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA = AnsiString('TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA');
-  TLS1_RFC_ECDHE_PSK_WITH_AES_128_CBC_SHA = AnsiString('TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA');
-  TLS1_RFC_ECDHE_PSK_WITH_AES_256_CBC_SHA = AnsiString('TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA');
-  TLS1_RFC_ECDHE_PSK_WITH_AES_128_CBC_SHA256 = AnsiString('TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256');
-  TLS1_RFC_ECDHE_PSK_WITH_AES_256_CBC_SHA384 = AnsiString('TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384');
-  TLS1_RFC_ECDHE_PSK_WITH_NULL_SHA = AnsiString('TLS_ECDHE_PSK_WITH_NULL_SHA');
-  TLS1_RFC_ECDHE_PSK_WITH_NULL_SHA256 = AnsiString('TLS_ECDHE_PSK_WITH_NULL_SHA256');
-  TLS1_RFC_ECDHE_PSK_WITH_NULL_SHA384 = AnsiString('TLS_ECDHE_PSK_WITH_NULL_SHA384');
-  TLS1_RFC_SRP_SHA_WITH_3DES_EDE_CBC_SHA = AnsiString('TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA');
-  TLS1_RFC_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA = AnsiString('TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA');
-  TLS1_RFC_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA = AnsiString('TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA');
-  TLS1_RFC_SRP_SHA_WITH_AES_128_CBC_SHA = AnsiString('TLS_SRP_SHA_WITH_AES_128_CBC_SHA');
-  TLS1_RFC_SRP_SHA_RSA_WITH_AES_128_CBC_SHA = AnsiString('TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA');
-  TLS1_RFC_SRP_SHA_DSS_WITH_AES_128_CBC_SHA = AnsiString('TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA');
-  TLS1_RFC_SRP_SHA_WITH_AES_256_CBC_SHA = AnsiString('TLS_SRP_SHA_WITH_AES_256_CBC_SHA');
-  TLS1_RFC_SRP_SHA_RSA_WITH_AES_256_CBC_SHA = AnsiString('TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA');
-  TLS1_RFC_SRP_SHA_DSS_WITH_AES_256_CBC_SHA = AnsiString('TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA');
-  TLS1_RFC_DHE_RSA_WITH_CHACHA20_POLY1305 = AnsiString('TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256');
-  TLS1_RFC_ECDHE_RSA_WITH_CHACHA20_POLY1305 = AnsiString('TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256');
-  TLS1_RFC_ECDHE_ECDSA_WITH_CHACHA20_POLY1305 = AnsiString('TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256');
-  TLS1_RFC_PSK_WITH_CHACHA20_POLY1305 = AnsiString('TLS_PSK_WITH_CHACHA20_POLY1305_SHA256');
-  TLS1_RFC_ECDHE_PSK_WITH_CHACHA20_POLY1305 = AnsiString('TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256');
-  TLS1_RFC_DHE_PSK_WITH_CHACHA20_POLY1305 = AnsiString('TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256');
-  TLS1_RFC_RSA_PSK_WITH_CHACHA20_POLY1305 = AnsiString('TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256');
-  TLS1_RFC_RSA_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256');
-  TLS1_RFC_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256');
-  TLS1_RFC_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256');
-  TLS1_RFC_ADH_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256');
-  TLS1_RFC_RSA_WITH_CAMELLIA_256_CBC_SHA256 = AnsiString('TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256');
-  TLS1_RFC_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256 = AnsiString('TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256');
-  TLS1_RFC_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 = AnsiString('TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256');
-  TLS1_RFC_ADH_WITH_CAMELLIA_256_CBC_SHA256 = AnsiString('TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256');
-  TLS1_RFC_RSA_WITH_CAMELLIA_256_CBC_SHA = AnsiString('TLS_RSA_WITH_CAMELLIA_256_CBC_SHA');
-  TLS1_RFC_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA = AnsiString('TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA');
-  TLS1_RFC_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA = AnsiString('TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA');
-  TLS1_RFC_ADH_WITH_CAMELLIA_256_CBC_SHA = AnsiString('TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA');
-  TLS1_RFC_RSA_WITH_CAMELLIA_128_CBC_SHA = AnsiString('TLS_RSA_WITH_CAMELLIA_128_CBC_SHA');
-  TLS1_RFC_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA = AnsiString('TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA');
-  TLS1_RFC_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA = AnsiString('TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA');
-  TLS1_RFC_ADH_WITH_CAMELLIA_128_CBC_SHA = AnsiString('TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA');
-  TLS1_RFC_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256');
-  TLS1_RFC_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 = AnsiString('TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384');
-  TLS1_RFC_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256');
-  TLS1_RFC_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 = AnsiString('TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384');
-  TLS1_RFC_PSK_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256');
-  TLS1_RFC_PSK_WITH_CAMELLIA_256_CBC_SHA384 = AnsiString('TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384');
-  TLS1_RFC_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256');
-  TLS1_RFC_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 = AnsiString('TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384');
-  TLS1_RFC_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256');
-  TLS1_RFC_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 = AnsiString('TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384');
-  TLS1_RFC_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256');
-  TLS1_RFC_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 = AnsiString('TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384');
-  TLS1_RFC_RSA_WITH_SEED_SHA = AnsiString('TLS_RSA_WITH_SEED_CBC_SHA');
-  TLS1_RFC_DHE_DSS_WITH_SEED_SHA = AnsiString('TLS_DHE_DSS_WITH_SEED_CBC_SHA');
-  TLS1_RFC_DHE_RSA_WITH_SEED_SHA = AnsiString('TLS_DHE_RSA_WITH_SEED_CBC_SHA');
-  TLS1_RFC_ADH_WITH_SEED_SHA = AnsiString('TLS_DH_anon_WITH_SEED_CBC_SHA');
-  TLS1_RFC_ECDHE_PSK_WITH_RC4_128_SHA = AnsiString('TLS_ECDHE_PSK_WITH_RC4_128_SHA');
-  TLS1_RFC_ECDH_anon_WITH_RC4_128_SHA = AnsiString('TLS_ECDH_anon_WITH_RC4_128_SHA');
-  TLS1_RFC_ECDHE_ECDSA_WITH_RC4_128_SHA = AnsiString('TLS_ECDHE_ECDSA_WITH_RC4_128_SHA');
-  TLS1_RFC_ECDHE_RSA_WITH_RC4_128_SHA = AnsiString('TLS_ECDHE_RSA_WITH_RC4_128_SHA');
-  TLS1_RFC_PSK_WITH_RC4_128_SHA = AnsiString('TLS_PSK_WITH_RC4_128_SHA');
-  TLS1_RFC_RSA_PSK_WITH_RC4_128_SHA = AnsiString('TLS_RSA_PSK_WITH_RC4_128_SHA');
-  TLS1_RFC_DHE_PSK_WITH_RC4_128_SHA = AnsiString('TLS_DHE_PSK_WITH_RC4_128_SHA');
-  TLS1_RFC_RSA_WITH_ARIA_128_GCM_SHA256 = AnsiString('TLS_RSA_WITH_ARIA_128_GCM_SHA256');
-  TLS1_RFC_RSA_WITH_ARIA_256_GCM_SHA384 = AnsiString('TLS_RSA_WITH_ARIA_256_GCM_SHA384');
-  TLS1_RFC_DHE_RSA_WITH_ARIA_128_GCM_SHA256 = AnsiString('TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256');
-  TLS1_RFC_DHE_RSA_WITH_ARIA_256_GCM_SHA384 = AnsiString('TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384');
-  TLS1_RFC_DH_RSA_WITH_ARIA_128_GCM_SHA256 = AnsiString('TLS_DH_RSA_WITH_ARIA_128_GCM_SHA256');
-  TLS1_RFC_DH_RSA_WITH_ARIA_256_GCM_SHA384 = AnsiString('TLS_DH_RSA_WITH_ARIA_256_GCM_SHA384');
-  TLS1_RFC_DHE_DSS_WITH_ARIA_128_GCM_SHA256 = AnsiString('TLS_DHE_DSS_WITH_ARIA_128_GCM_SHA256');
-  TLS1_RFC_DHE_DSS_WITH_ARIA_256_GCM_SHA384 = AnsiString('TLS_DHE_DSS_WITH_ARIA_256_GCM_SHA384');
-  TLS1_RFC_DH_DSS_WITH_ARIA_128_GCM_SHA256 = AnsiString('TLS_DH_DSS_WITH_ARIA_128_GCM_SHA256');
-  TLS1_RFC_DH_DSS_WITH_ARIA_256_GCM_SHA384 = AnsiString('TLS_DH_DSS_WITH_ARIA_256_GCM_SHA384');
-  TLS1_RFC_DH_anon_WITH_ARIA_128_GCM_SHA256 = AnsiString('TLS_DH_anon_WITH_ARIA_128_GCM_SHA256');
-  TLS1_RFC_DH_anon_WITH_ARIA_256_GCM_SHA384 = AnsiString('TLS_DH_anon_WITH_ARIA_256_GCM_SHA384');
-  TLS1_RFC_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256 = AnsiString('TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256');
-  TLS1_RFC_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384 = AnsiString('TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384');
-  TLS1_RFC_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256 = AnsiString('TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256');
-  TLS1_RFC_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384 = AnsiString('TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384');
-  TLS1_RFC_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 = AnsiString('TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256');
-  TLS1_RFC_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 = AnsiString('TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384');
-  TLS1_RFC_ECDH_RSA_WITH_ARIA_128_GCM_SHA256 = AnsiString('TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256');
-  TLS1_RFC_ECDH_RSA_WITH_ARIA_256_GCM_SHA384 = AnsiString('TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384');
-  TLS1_RFC_PSK_WITH_ARIA_128_GCM_SHA256 = AnsiString('TLS_PSK_WITH_ARIA_128_GCM_SHA256');
-  TLS1_RFC_PSK_WITH_ARIA_256_GCM_SHA384 = AnsiString('TLS_PSK_WITH_ARIA_256_GCM_SHA384');
-  TLS1_RFC_DHE_PSK_WITH_ARIA_128_GCM_SHA256 = AnsiString('TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256');
-  TLS1_RFC_DHE_PSK_WITH_ARIA_256_GCM_SHA384 = AnsiString('TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384');
-  TLS1_RFC_RSA_PSK_WITH_ARIA_128_GCM_SHA256 = AnsiString('TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256');
-  TLS1_RFC_RSA_PSK_WITH_ARIA_256_GCM_SHA384 = AnsiString('TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384');
-
-  (*
+  SSL_DTLSEXT_HB_DONT_SEND_REQUESTS = $02;
+  SSL_DTLSEXT_HB_DONT_RECV_REQUESTS = $04;
+
+  (* PSK ciphersuites from 4279 *)
+  TLS1_CK_PSK_WITH_RC4_128_SHA = $0300008A;
+  TLS1_CK_PSK_WITH_3DES_EDE_CBC_SHA = $0300008B;
+  TLS1_CK_PSK_WITH_AES_128_CBC_SHA = $0300008C;
+  TLS1_CK_PSK_WITH_AES_256_CBC_SHA = $0300008D;
+  TLS1_CK_DHE_PSK_WITH_RC4_128_SHA = $0300008E;
+  TLS1_CK_DHE_PSK_WITH_3DES_EDE_CBC_SHA = $0300008F;
+  TLS1_CK_DHE_PSK_WITH_AES_128_CBC_SHA = $03000090;
+  TLS1_CK_DHE_PSK_WITH_AES_256_CBC_SHA = $03000091;
+  TLS1_CK_RSA_PSK_WITH_RC4_128_SHA = $03000092;
+  TLS1_CK_RSA_PSK_WITH_3DES_EDE_CBC_SHA = $03000093;
+  TLS1_CK_RSA_PSK_WITH_AES_128_CBC_SHA = $03000094;
+  TLS1_CK_RSA_PSK_WITH_AES_256_CBC_SHA = $03000095;
+
+  (* PSK ciphersuites from 5487 *)
+  TLS1_CK_PSK_WITH_AES_128_GCM_SHA256 = $030000A8;
+  TLS1_CK_PSK_WITH_AES_256_GCM_SHA384 = $030000A9;
+  TLS1_CK_DHE_PSK_WITH_AES_128_GCM_SHA256 = $030000AA;
+  TLS1_CK_DHE_PSK_WITH_AES_256_GCM_SHA384 = $030000AB;
+  TLS1_CK_RSA_PSK_WITH_AES_128_GCM_SHA256 = $030000AC;
+  TLS1_CK_RSA_PSK_WITH_AES_256_GCM_SHA384 = $030000AD;
+  TLS1_CK_PSK_WITH_AES_128_CBC_SHA256 = $030000AE;
+  TLS1_CK_PSK_WITH_AES_256_CBC_SHA384 = $030000AF;
+  TLS1_CK_PSK_WITH_NULL_SHA256 = $030000B0;
+  TLS1_CK_PSK_WITH_NULL_SHA384 = $030000B1;
+  TLS1_CK_DHE_PSK_WITH_AES_128_CBC_SHA256 = $030000B2;
+  TLS1_CK_DHE_PSK_WITH_AES_256_CBC_SHA384 = $030000B3;
+  TLS1_CK_DHE_PSK_WITH_NULL_SHA256 = $030000B4;
+  TLS1_CK_DHE_PSK_WITH_NULL_SHA384 = $030000B5;
+  TLS1_CK_RSA_PSK_WITH_AES_128_CBC_SHA256 = $030000B6;
+  TLS1_CK_RSA_PSK_WITH_AES_256_CBC_SHA384 = $030000B7;
+  TLS1_CK_RSA_PSK_WITH_NULL_SHA256 = $030000B8;
+  TLS1_CK_RSA_PSK_WITH_NULL_SHA384 = $030000B9;
+
+  (* NULL PSK ciphersuites from RFC4785 *)
+  TLS1_CK_PSK_WITH_NULL_SHA = $0300002C;
+  TLS1_CK_DHE_PSK_WITH_NULL_SHA = $0300002D;
+  TLS1_CK_RSA_PSK_WITH_NULL_SHA = $0300002E;
+
+  (* AES ciphersuites from RFC3268 *)
+  TLS1_CK_RSA_WITH_AES_128_SHA = $0300002F;
+  TLS1_CK_DH_DSS_WITH_AES_128_SHA = $03000030;
+  TLS1_CK_DH_RSA_WITH_AES_128_SHA = $03000031;
+  TLS1_CK_DHE_DSS_WITH_AES_128_SHA = $03000032;
+  TLS1_CK_DHE_RSA_WITH_AES_128_SHA = $03000033;
+  TLS1_CK_ADH_WITH_AES_128_SHA = $03000034;
+  TLS1_CK_RSA_WITH_AES_256_SHA = $03000035;
+  TLS1_CK_DH_DSS_WITH_AES_256_SHA = $03000036;
+  TLS1_CK_DH_RSA_WITH_AES_256_SHA = $03000037;
+  TLS1_CK_DHE_DSS_WITH_AES_256_SHA = $03000038;
+  TLS1_CK_DHE_RSA_WITH_AES_256_SHA = $03000039;
+  TLS1_CK_ADH_WITH_AES_256_SHA = $0300003A;
+
+  (* TLS v1.2 ciphersuites *)
+  TLS1_CK_RSA_WITH_NULL_SHA256 = $0300003B;
+  TLS1_CK_RSA_WITH_AES_128_SHA256 = $0300003C;
+  TLS1_CK_RSA_WITH_AES_256_SHA256 = $0300003D;
+  TLS1_CK_DH_DSS_WITH_AES_128_SHA256 = $0300003E;
+  TLS1_CK_DH_RSA_WITH_AES_128_SHA256 = $0300003F;
+  TLS1_CK_DHE_DSS_WITH_AES_128_SHA256 = $03000040;
+
+  (* Camellia ciphersuites from RFC4132 *)
+  TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA = $03000041;
+  TLS1_CK_DH_DSS_WITH_CAMELLIA_128_CBC_SHA = $03000042;
+  TLS1_CK_DH_RSA_WITH_CAMELLIA_128_CBC_SHA = $03000043;
+  TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA = $03000044;
+  TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA = $03000045;
+  TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA = $03000046;
+
+  (* TLS v1.2 ciphersuites *)
+  TLS1_CK_DHE_RSA_WITH_AES_128_SHA256 = $03000067;
+  TLS1_CK_DH_DSS_WITH_AES_256_SHA256 = $03000068;
+  TLS1_CK_DH_RSA_WITH_AES_256_SHA256 = $03000069;
+  TLS1_CK_DHE_DSS_WITH_AES_256_SHA256 = $0300006A;
+  TLS1_CK_DHE_RSA_WITH_AES_256_SHA256 = $0300006B;
+  TLS1_CK_ADH_WITH_AES_128_SHA256 = $0300006C;
+  TLS1_CK_ADH_WITH_AES_256_SHA256 = $0300006D;
+
+  (* Camellia ciphersuites from RFC4132 *)
+  TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA = $03000084;
+  TLS1_CK_DH_DSS_WITH_CAMELLIA_256_CBC_SHA = $03000085;
+  TLS1_CK_DH_RSA_WITH_CAMELLIA_256_CBC_SHA = $03000086;
+  TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA = $03000087;
+  TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA = $03000088;
+  TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA = $03000089;
+
+  (* SEED ciphersuites from RFC4162 *)
+  TLS1_CK_RSA_WITH_SEED_SHA = $03000096;
+  TLS1_CK_DH_DSS_WITH_SEED_SHA = $03000097;
+  TLS1_CK_DH_RSA_WITH_SEED_SHA = $03000098;
+  TLS1_CK_DHE_DSS_WITH_SEED_SHA = $03000099;
+  TLS1_CK_DHE_RSA_WITH_SEED_SHA = $0300009A;
+  TLS1_CK_ADH_WITH_SEED_SHA = $0300009B;
+
+  (* TLS v1.2 GCM ciphersuites from RFC5288 *)
+  TLS1_CK_RSA_WITH_AES_128_GCM_SHA256 = $0300009C;
+  TLS1_CK_RSA_WITH_AES_256_GCM_SHA384 = $0300009D;
+  TLS1_CK_DHE_RSA_WITH_AES_128_GCM_SHA256 = $0300009E;
+  TLS1_CK_DHE_RSA_WITH_AES_256_GCM_SHA384 = $0300009F;
+  TLS1_CK_DH_RSA_WITH_AES_128_GCM_SHA256 = $030000A0;
+  TLS1_CK_DH_RSA_WITH_AES_256_GCM_SHA384 = $030000A1;
+  TLS1_CK_DHE_DSS_WITH_AES_128_GCM_SHA256 = $030000A2;
+  TLS1_CK_DHE_DSS_WITH_AES_256_GCM_SHA384 = $030000A3;
+  TLS1_CK_DH_DSS_WITH_AES_128_GCM_SHA256 = $030000A4;
+  TLS1_CK_DH_DSS_WITH_AES_256_GCM_SHA384 = $030000A5;
+  TLS1_CK_ADH_WITH_AES_128_GCM_SHA256 = $030000A6;
+  TLS1_CK_ADH_WITH_AES_256_GCM_SHA384 = $030000A7;
+
+  (* CCM ciphersuites from RFC6655 *)
+  TLS1_CK_RSA_WITH_AES_128_CCM = $0300C09C;
+  TLS1_CK_RSA_WITH_AES_256_CCM = $0300C09D;
+  TLS1_CK_DHE_RSA_WITH_AES_128_CCM = $0300C09E;
+  TLS1_CK_DHE_RSA_WITH_AES_256_CCM = $0300C09F;
+  TLS1_CK_RSA_WITH_AES_128_CCM_8 = $0300C0A0;
+  TLS1_CK_RSA_WITH_AES_256_CCM_8 = $0300C0A1;
+  TLS1_CK_DHE_RSA_WITH_AES_128_CCM_8 = $0300C0A2;
+  TLS1_CK_DHE_RSA_WITH_AES_256_CCM_8 = $0300C0A3;
+  TLS1_CK_PSK_WITH_AES_128_CCM = $0300C0A4;
+  TLS1_CK_PSK_WITH_AES_256_CCM = $0300C0A5;
+  TLS1_CK_DHE_PSK_WITH_AES_128_CCM = $0300C0A6;
+  TLS1_CK_DHE_PSK_WITH_AES_256_CCM = $0300C0A7;
+  TLS1_CK_PSK_WITH_AES_128_CCM_8 = $0300C0A8;
+  TLS1_CK_PSK_WITH_AES_256_CCM_8 = $0300C0A9;
+  TLS1_CK_DHE_PSK_WITH_AES_128_CCM_8 = $0300C0AA;
+  TLS1_CK_DHE_PSK_WITH_AES_256_CCM_8 = $0300C0AB;
+
+  (* CCM ciphersuites from RFC7251 *)
+  TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CCM = $0300C0AC;
+  TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CCM = $0300C0AD;
+  TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CCM_8 = $0300C0AE;
+  TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CCM_8 = $0300C0AF;
+
+  (* TLS 1.2 Camellia SHA-256 ciphersuites from RFC5932 *)
+  TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA256 = $030000BA;
+  TLS1_CK_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256 = $030000BB;
+  TLS1_CK_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256 = $030000BC;
+  TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256 = $030000BD;
+  TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 = $030000BE;
+  TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA256 = $030000BF;
+
+  TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA256 = $030000C0;
+  TLS1_CK_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256 = $030000C1;
+  TLS1_CK_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256 = $030000C2;
+  TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256 = $030000C3;
+  TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 = $030000C4;
+  TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA256 = $030000C5;
+
+  (* ECC ciphersuites from RFC4492 *)
+  TLS1_CK_ECDH_ECDSA_WITH_NULL_SHA = $0300C001;
+  TLS1_CK_ECDH_ECDSA_WITH_RC4_128_SHA = $0300C002;
+  TLS1_CK_ECDH_ECDSA_WITH_DES_192_CBC3_SHA = $0300C003;
+  TLS1_CK_ECDH_ECDSA_WITH_AES_128_CBC_SHA = $0300C004;
+  TLS1_CK_ECDH_ECDSA_WITH_AES_256_CBC_SHA = $0300C005;
+
+  TLS1_CK_ECDHE_ECDSA_WITH_NULL_SHA = $0300C006;
+  TLS1_CK_ECDHE_ECDSA_WITH_RC4_128_SHA = $0300C007;
+  TLS1_CK_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA = $0300C008;
+  TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CBC_SHA = $0300C009;
+  TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA = $0300C00A;
+
+  TLS1_CK_ECDH_RSA_WITH_NULL_SHA = $0300C00B;
+  TLS1_CK_ECDH_RSA_WITH_RC4_128_SHA = $0300C00C;
+  TLS1_CK_ECDH_RSA_WITH_DES_192_CBC3_SHA = $0300C00D;
+  TLS1_CK_ECDH_RSA_WITH_AES_128_CBC_SHA = $0300C00E;
+  TLS1_CK_ECDH_RSA_WITH_AES_256_CBC_SHA = $0300C00F;
+
+  TLS1_CK_ECDHE_RSA_WITH_NULL_SHA = $0300C010;
+  TLS1_CK_ECDHE_RSA_WITH_RC4_128_SHA = $0300C011;
+  TLS1_CK_ECDHE_RSA_WITH_DES_192_CBC3_SHA = $0300C012;
+  TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA = $0300C013;
+  TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA = $0300C014;
+
+  TLS1_CK_ECDH_anon_WITH_NULL_SHA = $0300C015;
+  TLS1_CK_ECDH_anon_WITH_RC4_128_SHA = $0300C016;
+  TLS1_CK_ECDH_anon_WITH_DES_192_CBC3_SHA = $0300C017;
+  TLS1_CK_ECDH_anon_WITH_AES_128_CBC_SHA = $0300C018;
+  TLS1_CK_ECDH_anon_WITH_AES_256_CBC_SHA = $0300C019;
+
+  (* SRP ciphersuites from RFC 5054 *)
+  TLS1_CK_SRP_SHA_WITH_3DES_EDE_CBC_SHA = $0300C01A;
+  TLS1_CK_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA = $0300C01B;
+  TLS1_CK_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA = $0300C01C;
+  TLS1_CK_SRP_SHA_WITH_AES_128_CBC_SHA = $0300C01D;
+  TLS1_CK_SRP_SHA_RSA_WITH_AES_128_CBC_SHA = $0300C01E;
+  TLS1_CK_SRP_SHA_DSS_WITH_AES_128_CBC_SHA = $0300C01F;
+  TLS1_CK_SRP_SHA_WITH_AES_256_CBC_SHA = $0300C020;
+  TLS1_CK_SRP_SHA_RSA_WITH_AES_256_CBC_SHA = $0300C021;
+  TLS1_CK_SRP_SHA_DSS_WITH_AES_256_CBC_SHA = $0300C022;
+
+  (* ECDH HMAC based ciphersuites from RFC5289 *)
+  TLS1_CK_ECDHE_ECDSA_WITH_AES_128_SHA256 = $0300C023;
+  TLS1_CK_ECDHE_ECDSA_WITH_AES_256_SHA384 = $0300C024;
+  TLS1_CK_ECDH_ECDSA_WITH_AES_128_SHA256 = $0300C025;
+  TLS1_CK_ECDH_ECDSA_WITH_AES_256_SHA384 = $0300C026;
+  TLS1_CK_ECDHE_RSA_WITH_AES_128_SHA256 = $0300C027;
+  TLS1_CK_ECDHE_RSA_WITH_AES_256_SHA384 = $0300C028;
+  TLS1_CK_ECDH_RSA_WITH_AES_128_SHA256 = $0300C029;
+  TLS1_CK_ECDH_RSA_WITH_AES_256_SHA384 = $0300C02A;
+
+  (* ECDH GCM based ciphersuites from RFC5289 *)
+  TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 = $0300C02B;
+  TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 = $0300C02C;
+  TLS1_CK_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 = $0300C02D;
+  TLS1_CK_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 = $0300C02E;
+  TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256 = $0300C02F;
+  TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384 = $0300C030;
+  TLS1_CK_ECDH_RSA_WITH_AES_128_GCM_SHA256 = $0300C031;
+  TLS1_CK_ECDH_RSA_WITH_AES_256_GCM_SHA384 = $0300C032;
+
+  (* ECDHE PSK ciphersuites from RFC5489 *)
+  TLS1_CK_ECDHE_PSK_WITH_RC4_128_SHA = $0300C033;
+  TLS1_CK_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA = $0300C034;
+  TLS1_CK_ECDHE_PSK_WITH_AES_128_CBC_SHA = $0300C035;
+  TLS1_CK_ECDHE_PSK_WITH_AES_256_CBC_SHA = $0300C036;
+  TLS1_CK_ECDHE_PSK_WITH_AES_128_CBC_SHA256 = $0300C037;
+  TLS1_CK_ECDHE_PSK_WITH_AES_256_CBC_SHA384 = $0300C038;
+  TLS1_CK_ECDHE_PSK_WITH_NULL_SHA = $0300C039;
+
+  TLS1_CK_ECDHE_PSK_WITH_NULL_SHA256 = $0300C03A;
+  TLS1_CK_ECDHE_PSK_WITH_NULL_SHA384 = $0300C03B;
+
+  (* Camellia-CBC ciphersuites from RFC6367 *)
+  TLS1_CK_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 = $0300C072;
+  TLS1_CK_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 = $0300C073;
+  TLS1_CK_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 = $0300C074;
+  TLS1_CK_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 = $0300C075;
+  TLS1_CK_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 = $0300C076;
+  TLS1_CK_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 = $0300C077;
+  TLS1_CK_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 = $0300C078;
+  TLS1_CK_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 = $0300C079;
+
+  TLS1_CK_PSK_WITH_CAMELLIA_128_CBC_SHA256 = $0300C094;
+  TLS1_CK_PSK_WITH_CAMELLIA_256_CBC_SHA384 = $0300C095;
+  TLS1_CK_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 = $0300C096;
+  TLS1_CK_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 = $0300C097;
+  TLS1_CK_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 = $0300C098;
+  TLS1_CK_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 = $0300C099;
+  TLS1_CK_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 = $0300C09A;
+  TLS1_CK_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 = $0300C09B;
+
+  (* draft-ietf-tls-chacha20-poly1305-03 *)
+  TLS1_CK_ECDHE_RSA_WITH_CHACHA20_POLY1305 = $0300CCA8;
+  TLS1_CK_ECDHE_ECDSA_WITH_CHACHA20_POLY1305 = $0300CCA9;
+  TLS1_CK_DHE_RSA_WITH_CHACHA20_POLY1305 = $0300CCAA;
+  TLS1_CK_PSK_WITH_CHACHA20_POLY1305 = $0300CCAB;
+  TLS1_CK_ECDHE_PSK_WITH_CHACHA20_POLY1305 = $0300CCAC;
+  TLS1_CK_DHE_PSK_WITH_CHACHA20_POLY1305 = $0300CCAD;
+  TLS1_CK_RSA_PSK_WITH_CHACHA20_POLY1305 = $0300CCAE;
+
+  (* TLS v1.3 ciphersuites *)
+  TLS1_3_CK_AES_128_GCM_SHA256 = $03001301;
+  TLS1_3_CK_AES_256_GCM_SHA384 = $03001302;
+  TLS1_3_CK_CHACHA20_POLY1305_SHA256 = $03001303;
+  TLS1_3_CK_AES_128_CCM_SHA256 = $03001304;
+  TLS1_3_CK_AES_128_CCM_8_SHA256 = $03001305;
+
+  (* Aria ciphersuites from RFC6209 *)
+  TLS1_CK_RSA_WITH_ARIA_128_GCM_SHA256 = $0300C050;
+  TLS1_CK_RSA_WITH_ARIA_256_GCM_SHA384 = $0300C051;
+  TLS1_CK_DHE_RSA_WITH_ARIA_128_GCM_SHA256 = $0300C052;
+  TLS1_CK_DHE_RSA_WITH_ARIA_256_GCM_SHA384 = $0300C053;
+  TLS1_CK_DH_RSA_WITH_ARIA_128_GCM_SHA256 = $0300C054;
+  TLS1_CK_DH_RSA_WITH_ARIA_256_GCM_SHA384 = $0300C055;
+  TLS1_CK_DHE_DSS_WITH_ARIA_128_GCM_SHA256 = $0300C056;
+  TLS1_CK_DHE_DSS_WITH_ARIA_256_GCM_SHA384 = $0300C057;
+  TLS1_CK_DH_DSS_WITH_ARIA_128_GCM_SHA256 = $0300C058;
+  TLS1_CK_DH_DSS_WITH_ARIA_256_GCM_SHA384 = $0300C059;
+  TLS1_CK_DH_anon_WITH_ARIA_128_GCM_SHA256 = $0300C05A;
+  TLS1_CK_DH_anon_WITH_ARIA_256_GCM_SHA384 = $0300C05B;
+  TLS1_CK_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256 = $0300C05C;
+  TLS1_CK_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384 = $0300C05D;
+  TLS1_CK_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256 = $0300C05E;
+  TLS1_CK_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384 = $0300C05F;
+  TLS1_CK_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 = $0300C060;
+  TLS1_CK_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 = $0300C061;
+  TLS1_CK_ECDH_RSA_WITH_ARIA_128_GCM_SHA256 = $0300C062;
+  TLS1_CK_ECDH_RSA_WITH_ARIA_256_GCM_SHA384 = $0300C063;
+  TLS1_CK_PSK_WITH_ARIA_128_GCM_SHA256 = $0300C06A;
+  TLS1_CK_PSK_WITH_ARIA_256_GCM_SHA384 = $0300C06B;
+  TLS1_CK_DHE_PSK_WITH_ARIA_128_GCM_SHA256 = $0300C06C;
+  TLS1_CK_DHE_PSK_WITH_ARIA_256_GCM_SHA384 = $0300C06D;
+  TLS1_CK_RSA_PSK_WITH_ARIA_128_GCM_SHA256 = $0300C06E;
+  TLS1_CK_RSA_PSK_WITH_ARIA_256_GCM_SHA384 = $0300C06F;
+
+  (* a bundle of RFC standard cipher names, generated from ssl3_ciphers[] *)
+  TLS1_RFC_RSA_WITH_AES_128_SHA = AnsiString('TLS_RSA_WITH_AES_128_CBC_SHA');
+  TLS1_RFC_DHE_DSS_WITH_AES_128_SHA = AnsiString('TLS_DHE_DSS_WITH_AES_128_CBC_SHA');
+  TLS1_RFC_DHE_RSA_WITH_AES_128_SHA = AnsiString('TLS_DHE_RSA_WITH_AES_128_CBC_SHA');
+  TLS1_RFC_ADH_WITH_AES_128_SHA = AnsiString('TLS_DH_anon_WITH_AES_128_CBC_SHA');
+  TLS1_RFC_RSA_WITH_AES_256_SHA = AnsiString('TLS_RSA_WITH_AES_256_CBC_SHA');
+  TLS1_RFC_DHE_DSS_WITH_AES_256_SHA = AnsiString('TLS_DHE_DSS_WITH_AES_256_CBC_SHA');
+  TLS1_RFC_DHE_RSA_WITH_AES_256_SHA = AnsiString('TLS_DHE_RSA_WITH_AES_256_CBC_SHA');
+  TLS1_RFC_ADH_WITH_AES_256_SHA = AnsiString('TLS_DH_anon_WITH_AES_256_CBC_SHA');
+  TLS1_RFC_RSA_WITH_NULL_SHA256 = AnsiString('TLS_RSA_WITH_NULL_SHA256');
+  TLS1_RFC_RSA_WITH_AES_128_SHA256 = AnsiString('TLS_RSA_WITH_AES_128_CBC_SHA256');
+  TLS1_RFC_RSA_WITH_AES_256_SHA256 = AnsiString('TLS_RSA_WITH_AES_256_CBC_SHA256');
+  TLS1_RFC_DHE_DSS_WITH_AES_128_SHA256 = AnsiString('TLS_DHE_DSS_WITH_AES_128_CBC_SHA256');
+  TLS1_RFC_DHE_RSA_WITH_AES_128_SHA256 = AnsiString('TLS_DHE_RSA_WITH_AES_128_CBC_SHA256');
+  TLS1_RFC_DHE_DSS_WITH_AES_256_SHA256 = AnsiString('TLS_DHE_DSS_WITH_AES_256_CBC_SHA256');
+  TLS1_RFC_DHE_RSA_WITH_AES_256_SHA256 = AnsiString('TLS_DHE_RSA_WITH_AES_256_CBC_SHA256');
+  TLS1_RFC_ADH_WITH_AES_128_SHA256 = AnsiString('TLS_DH_anon_WITH_AES_128_CBC_SHA256');
+  TLS1_RFC_ADH_WITH_AES_256_SHA256 = AnsiString('TLS_DH_anon_WITH_AES_256_CBC_SHA256');
+  TLS1_RFC_RSA_WITH_AES_128_GCM_SHA256 = AnsiString('TLS_RSA_WITH_AES_128_GCM_SHA256');
+  TLS1_RFC_RSA_WITH_AES_256_GCM_SHA384 = AnsiString('TLS_RSA_WITH_AES_256_GCM_SHA384');
+  TLS1_RFC_DHE_RSA_WITH_AES_128_GCM_SHA256 = AnsiString('TLS_DHE_RSA_WITH_AES_128_GCM_SHA256');
+  TLS1_RFC_DHE_RSA_WITH_AES_256_GCM_SHA384 = AnsiString('TLS_DHE_RSA_WITH_AES_256_GCM_SHA384');
+  TLS1_RFC_DHE_DSS_WITH_AES_128_GCM_SHA256 = AnsiString('TLS_DHE_DSS_WITH_AES_128_GCM_SHA256');
+  TLS1_RFC_DHE_DSS_WITH_AES_256_GCM_SHA384 = AnsiString('TLS_DHE_DSS_WITH_AES_256_GCM_SHA384');
+  TLS1_RFC_ADH_WITH_AES_128_GCM_SHA256 = AnsiString('TLS_DH_anon_WITH_AES_128_GCM_SHA256');
+  TLS1_RFC_ADH_WITH_AES_256_GCM_SHA384 = AnsiString('TLS_DH_anon_WITH_AES_256_GCM_SHA384');
+  TLS1_RFC_RSA_WITH_AES_128_CCM = AnsiString('TLS_RSA_WITH_AES_128_CCM');
+  TLS1_RFC_RSA_WITH_AES_256_CCM = AnsiString('TLS_RSA_WITH_AES_256_CCM');
+  TLS1_RFC_DHE_RSA_WITH_AES_128_CCM = AnsiString('TLS_DHE_RSA_WITH_AES_128_CCM');
+  TLS1_RFC_DHE_RSA_WITH_AES_256_CCM = AnsiString('TLS_DHE_RSA_WITH_AES_256_CCM');
+  TLS1_RFC_RSA_WITH_AES_128_CCM_8 = AnsiString('TLS_RSA_WITH_AES_128_CCM_8');
+  TLS1_RFC_RSA_WITH_AES_256_CCM_8 = AnsiString('TLS_RSA_WITH_AES_256_CCM_8');
+  TLS1_RFC_DHE_RSA_WITH_AES_128_CCM_8 = AnsiString('TLS_DHE_RSA_WITH_AES_128_CCM_8');
+  TLS1_RFC_DHE_RSA_WITH_AES_256_CCM_8 = AnsiString('TLS_DHE_RSA_WITH_AES_256_CCM_8');
+  TLS1_RFC_PSK_WITH_AES_128_CCM = AnsiString('TLS_PSK_WITH_AES_128_CCM');
+  TLS1_RFC_PSK_WITH_AES_256_CCM = AnsiString('TLS_PSK_WITH_AES_256_CCM');
+  TLS1_RFC_DHE_PSK_WITH_AES_128_CCM = AnsiString('TLS_DHE_PSK_WITH_AES_128_CCM');
+  TLS1_RFC_DHE_PSK_WITH_AES_256_CCM = AnsiString('TLS_DHE_PSK_WITH_AES_256_CCM');
+  TLS1_RFC_PSK_WITH_AES_128_CCM_8 = AnsiString('TLS_PSK_WITH_AES_128_CCM_8');
+  TLS1_RFC_PSK_WITH_AES_256_CCM_8 = AnsiString('TLS_PSK_WITH_AES_256_CCM_8');
+  TLS1_RFC_DHE_PSK_WITH_AES_128_CCM_8 = AnsiString('TLS_PSK_DHE_WITH_AES_128_CCM_8');
+  TLS1_RFC_DHE_PSK_WITH_AES_256_CCM_8 = AnsiString('TLS_PSK_DHE_WITH_AES_256_CCM_8');
+  TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_CCM = AnsiString('TLS_ECDHE_ECDSA_WITH_AES_128_CCM');
+  TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_CCM = AnsiString('TLS_ECDHE_ECDSA_WITH_AES_256_CCM');
+  TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_CCM_8 = AnsiString('TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8');
+  TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_CCM_8 = AnsiString('TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8');
+  TLS1_3_RFC_AES_128_GCM_SHA256 = AnsiString('TLS_AES_128_GCM_SHA256');
+  TLS1_3_RFC_AES_256_GCM_SHA384 = AnsiString('TLS_AES_256_GCM_SHA384');
+  TLS1_3_RFC_CHACHA20_POLY1305_SHA256 = AnsiString('TLS_CHACHA20_POLY1305_SHA256');
+  TLS1_3_RFC_AES_128_CCM_SHA256 = AnsiString('TLS_AES_128_CCM_SHA256');
+  TLS1_3_RFC_AES_128_CCM_8_SHA256 = AnsiString('TLS_AES_128_CCM_8_SHA256');
+  TLS1_RFC_ECDHE_ECDSA_WITH_NULL_SHA = AnsiString('TLS_ECDHE_ECDSA_WITH_NULL_SHA');
+  TLS1_RFC_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA = AnsiString('TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA');
+  TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_CBC_SHA = AnsiString('TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA');
+  TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_CBC_SHA = AnsiString('TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA');
+  TLS1_RFC_ECDHE_RSA_WITH_NULL_SHA = AnsiString('TLS_ECDHE_RSA_WITH_NULL_SHA');
+  TLS1_RFC_ECDHE_RSA_WITH_DES_192_CBC3_SHA = AnsiString('TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA');
+  TLS1_RFC_ECDHE_RSA_WITH_AES_128_CBC_SHA = AnsiString('TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA');
+  TLS1_RFC_ECDHE_RSA_WITH_AES_256_CBC_SHA = AnsiString('TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA');
+  TLS1_RFC_ECDH_anon_WITH_NULL_SHA = AnsiString('TLS_ECDH_anon_WITH_NULL_SHA');
+  TLS1_RFC_ECDH_anon_WITH_DES_192_CBC3_SHA = AnsiString('TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA');
+  TLS1_RFC_ECDH_anon_WITH_AES_128_CBC_SHA = AnsiString('TLS_ECDH_anon_WITH_AES_128_CBC_SHA');
+  TLS1_RFC_ECDH_anon_WITH_AES_256_CBC_SHA = AnsiString('TLS_ECDH_anon_WITH_AES_256_CBC_SHA');
+  TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_SHA256 = AnsiString('TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256');
+  TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_SHA384 = AnsiString('TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384');
+  TLS1_RFC_ECDHE_RSA_WITH_AES_128_SHA256 = AnsiString('TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256');
+  TLS1_RFC_ECDHE_RSA_WITH_AES_256_SHA384 = AnsiString('TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384');
+  TLS1_RFC_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 = AnsiString('TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256');
+  TLS1_RFC_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 = AnsiString('TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384');
+  TLS1_RFC_ECDHE_RSA_WITH_AES_128_GCM_SHA256 = AnsiString('TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256');
+  TLS1_RFC_ECDHE_RSA_WITH_AES_256_GCM_SHA384 = AnsiString('TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384');
+  TLS1_RFC_PSK_WITH_NULL_SHA = AnsiString('TLS_PSK_WITH_NULL_SHA');
+  TLS1_RFC_DHE_PSK_WITH_NULL_SHA = AnsiString('TLS_DHE_PSK_WITH_NULL_SHA');
+  TLS1_RFC_RSA_PSK_WITH_NULL_SHA = AnsiString('TLS_RSA_PSK_WITH_NULL_SHA');
+  TLS1_RFC_PSK_WITH_3DES_EDE_CBC_SHA = AnsiString('TLS_PSK_WITH_3DES_EDE_CBC_SHA');
+  TLS1_RFC_PSK_WITH_AES_128_CBC_SHA = AnsiString('TLS_PSK_WITH_AES_128_CBC_SHA');
+  TLS1_RFC_PSK_WITH_AES_256_CBC_SHA = AnsiString('TLS_PSK_WITH_AES_256_CBC_SHA');
+  TLS1_RFC_DHE_PSK_WITH_3DES_EDE_CBC_SHA = AnsiString('TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA');
+  TLS1_RFC_DHE_PSK_WITH_AES_128_CBC_SHA = AnsiString('TLS_DHE_PSK_WITH_AES_128_CBC_SHA');
+  TLS1_RFC_DHE_PSK_WITH_AES_256_CBC_SHA = AnsiString('TLS_DHE_PSK_WITH_AES_256_CBC_SHA');
+  TLS1_RFC_RSA_PSK_WITH_3DES_EDE_CBC_SHA = AnsiString('TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA');
+  TLS1_RFC_RSA_PSK_WITH_AES_128_CBC_SHA = AnsiString('TLS_RSA_PSK_WITH_AES_128_CBC_SHA');
+  TLS1_RFC_RSA_PSK_WITH_AES_256_CBC_SHA = AnsiString('TLS_RSA_PSK_WITH_AES_256_CBC_SHA');
+  TLS1_RFC_PSK_WITH_AES_128_GCM_SHA256 = AnsiString('TLS_PSK_WITH_AES_128_GCM_SHA256');
+  TLS1_RFC_PSK_WITH_AES_256_GCM_SHA384 = AnsiString('TLS_PSK_WITH_AES_256_GCM_SHA384');
+  TLS1_RFC_DHE_PSK_WITH_AES_128_GCM_SHA256 = AnsiString('TLS_DHE_PSK_WITH_AES_128_GCM_SHA256');
+  TLS1_RFC_DHE_PSK_WITH_AES_256_GCM_SHA384 = AnsiString('TLS_DHE_PSK_WITH_AES_256_GCM_SHA384');
+  TLS1_RFC_RSA_PSK_WITH_AES_128_GCM_SHA256 = AnsiString('TLS_RSA_PSK_WITH_AES_128_GCM_SHA256');
+  TLS1_RFC_RSA_PSK_WITH_AES_256_GCM_SHA384 = AnsiString('TLS_RSA_PSK_WITH_AES_256_GCM_SHA384');
+  TLS1_RFC_PSK_WITH_AES_128_CBC_SHA256 = AnsiString('TLS_PSK_WITH_AES_128_CBC_SHA256');
+  TLS1_RFC_PSK_WITH_AES_256_CBC_SHA384 = AnsiString('TLS_PSK_WITH_AES_256_CBC_SHA384');
+  TLS1_RFC_PSK_WITH_NULL_SHA256 = AnsiString('TLS_PSK_WITH_NULL_SHA256');
+  TLS1_RFC_PSK_WITH_NULL_SHA384 = AnsiString('TLS_PSK_WITH_NULL_SHA384');
+  TLS1_RFC_DHE_PSK_WITH_AES_128_CBC_SHA256 = AnsiString('TLS_DHE_PSK_WITH_AES_128_CBC_SHA256');
+  TLS1_RFC_DHE_PSK_WITH_AES_256_CBC_SHA384 = AnsiString('TLS_DHE_PSK_WITH_AES_256_CBC_SHA384');
+  TLS1_RFC_DHE_PSK_WITH_NULL_SHA256 = AnsiString('TLS_DHE_PSK_WITH_NULL_SHA256');
+  TLS1_RFC_DHE_PSK_WITH_NULL_SHA384 = AnsiString('TLS_DHE_PSK_WITH_NULL_SHA384');
+  TLS1_RFC_RSA_PSK_WITH_AES_128_CBC_SHA256 = AnsiString('TLS_RSA_PSK_WITH_AES_128_CBC_SHA256');
+  TLS1_RFC_RSA_PSK_WITH_AES_256_CBC_SHA384 = AnsiString('TLS_RSA_PSK_WITH_AES_256_CBC_SHA384');
+  TLS1_RFC_RSA_PSK_WITH_NULL_SHA256 = AnsiString('TLS_RSA_PSK_WITH_NULL_SHA256');
+  TLS1_RFC_RSA_PSK_WITH_NULL_SHA384 = AnsiString('TLS_RSA_PSK_WITH_NULL_SHA384');
+  TLS1_RFC_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA = AnsiString('TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA');
+  TLS1_RFC_ECDHE_PSK_WITH_AES_128_CBC_SHA = AnsiString('TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA');
+  TLS1_RFC_ECDHE_PSK_WITH_AES_256_CBC_SHA = AnsiString('TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA');
+  TLS1_RFC_ECDHE_PSK_WITH_AES_128_CBC_SHA256 = AnsiString('TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256');
+  TLS1_RFC_ECDHE_PSK_WITH_AES_256_CBC_SHA384 = AnsiString('TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384');
+  TLS1_RFC_ECDHE_PSK_WITH_NULL_SHA = AnsiString('TLS_ECDHE_PSK_WITH_NULL_SHA');
+  TLS1_RFC_ECDHE_PSK_WITH_NULL_SHA256 = AnsiString('TLS_ECDHE_PSK_WITH_NULL_SHA256');
+  TLS1_RFC_ECDHE_PSK_WITH_NULL_SHA384 = AnsiString('TLS_ECDHE_PSK_WITH_NULL_SHA384');
+  TLS1_RFC_SRP_SHA_WITH_3DES_EDE_CBC_SHA = AnsiString('TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA');
+  TLS1_RFC_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA = AnsiString('TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA');
+  TLS1_RFC_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA = AnsiString('TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA');
+  TLS1_RFC_SRP_SHA_WITH_AES_128_CBC_SHA = AnsiString('TLS_SRP_SHA_WITH_AES_128_CBC_SHA');
+  TLS1_RFC_SRP_SHA_RSA_WITH_AES_128_CBC_SHA = AnsiString('TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA');
+  TLS1_RFC_SRP_SHA_DSS_WITH_AES_128_CBC_SHA = AnsiString('TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA');
+  TLS1_RFC_SRP_SHA_WITH_AES_256_CBC_SHA = AnsiString('TLS_SRP_SHA_WITH_AES_256_CBC_SHA');
+  TLS1_RFC_SRP_SHA_RSA_WITH_AES_256_CBC_SHA = AnsiString('TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA');
+  TLS1_RFC_SRP_SHA_DSS_WITH_AES_256_CBC_SHA = AnsiString('TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA');
+  TLS1_RFC_DHE_RSA_WITH_CHACHA20_POLY1305 = AnsiString('TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256');
+  TLS1_RFC_ECDHE_RSA_WITH_CHACHA20_POLY1305 = AnsiString('TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256');
+  TLS1_RFC_ECDHE_ECDSA_WITH_CHACHA20_POLY1305 = AnsiString('TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256');
+  TLS1_RFC_PSK_WITH_CHACHA20_POLY1305 = AnsiString('TLS_PSK_WITH_CHACHA20_POLY1305_SHA256');
+  TLS1_RFC_ECDHE_PSK_WITH_CHACHA20_POLY1305 = AnsiString('TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256');
+  TLS1_RFC_DHE_PSK_WITH_CHACHA20_POLY1305 = AnsiString('TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256');
+  TLS1_RFC_RSA_PSK_WITH_CHACHA20_POLY1305 = AnsiString('TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256');
+  TLS1_RFC_RSA_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256');
+  TLS1_RFC_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256');
+  TLS1_RFC_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256');
+  TLS1_RFC_ADH_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256');
+  TLS1_RFC_RSA_WITH_CAMELLIA_256_CBC_SHA256 = AnsiString('TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256');
+  TLS1_RFC_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256 = AnsiString('TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256');
+  TLS1_RFC_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 = AnsiString('TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256');
+  TLS1_RFC_ADH_WITH_CAMELLIA_256_CBC_SHA256 = AnsiString('TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256');
+  TLS1_RFC_RSA_WITH_CAMELLIA_256_CBC_SHA = AnsiString('TLS_RSA_WITH_CAMELLIA_256_CBC_SHA');
+  TLS1_RFC_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA = AnsiString('TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA');
+  TLS1_RFC_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA = AnsiString('TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA');
+  TLS1_RFC_ADH_WITH_CAMELLIA_256_CBC_SHA = AnsiString('TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA');
+  TLS1_RFC_RSA_WITH_CAMELLIA_128_CBC_SHA = AnsiString('TLS_RSA_WITH_CAMELLIA_128_CBC_SHA');
+  TLS1_RFC_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA = AnsiString('TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA');
+  TLS1_RFC_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA = AnsiString('TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA');
+  TLS1_RFC_ADH_WITH_CAMELLIA_128_CBC_SHA = AnsiString('TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA');
+  TLS1_RFC_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256');
+  TLS1_RFC_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 = AnsiString('TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384');
+  TLS1_RFC_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256');
+  TLS1_RFC_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 = AnsiString('TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384');
+  TLS1_RFC_PSK_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256');
+  TLS1_RFC_PSK_WITH_CAMELLIA_256_CBC_SHA384 = AnsiString('TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384');
+  TLS1_RFC_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256');
+  TLS1_RFC_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 = AnsiString('TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384');
+  TLS1_RFC_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256');
+  TLS1_RFC_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 = AnsiString('TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384');
+  TLS1_RFC_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256');
+  TLS1_RFC_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 = AnsiString('TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384');
+  TLS1_RFC_RSA_WITH_SEED_SHA = AnsiString('TLS_RSA_WITH_SEED_CBC_SHA');
+  TLS1_RFC_DHE_DSS_WITH_SEED_SHA = AnsiString('TLS_DHE_DSS_WITH_SEED_CBC_SHA');
+  TLS1_RFC_DHE_RSA_WITH_SEED_SHA = AnsiString('TLS_DHE_RSA_WITH_SEED_CBC_SHA');
+  TLS1_RFC_ADH_WITH_SEED_SHA = AnsiString('TLS_DH_anon_WITH_SEED_CBC_SHA');
+  TLS1_RFC_ECDHE_PSK_WITH_RC4_128_SHA = AnsiString('TLS_ECDHE_PSK_WITH_RC4_128_SHA');
+  TLS1_RFC_ECDH_anon_WITH_RC4_128_SHA = AnsiString('TLS_ECDH_anon_WITH_RC4_128_SHA');
+  TLS1_RFC_ECDHE_ECDSA_WITH_RC4_128_SHA = AnsiString('TLS_ECDHE_ECDSA_WITH_RC4_128_SHA');
+  TLS1_RFC_ECDHE_RSA_WITH_RC4_128_SHA = AnsiString('TLS_ECDHE_RSA_WITH_RC4_128_SHA');
+  TLS1_RFC_PSK_WITH_RC4_128_SHA = AnsiString('TLS_PSK_WITH_RC4_128_SHA');
+  TLS1_RFC_RSA_PSK_WITH_RC4_128_SHA = AnsiString('TLS_RSA_PSK_WITH_RC4_128_SHA');
+  TLS1_RFC_DHE_PSK_WITH_RC4_128_SHA = AnsiString('TLS_DHE_PSK_WITH_RC4_128_SHA');
+  TLS1_RFC_RSA_WITH_ARIA_128_GCM_SHA256 = AnsiString('TLS_RSA_WITH_ARIA_128_GCM_SHA256');
+  TLS1_RFC_RSA_WITH_ARIA_256_GCM_SHA384 = AnsiString('TLS_RSA_WITH_ARIA_256_GCM_SHA384');
+  TLS1_RFC_DHE_RSA_WITH_ARIA_128_GCM_SHA256 = AnsiString('TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256');
+  TLS1_RFC_DHE_RSA_WITH_ARIA_256_GCM_SHA384 = AnsiString('TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384');
+  TLS1_RFC_DH_RSA_WITH_ARIA_128_GCM_SHA256 = AnsiString('TLS_DH_RSA_WITH_ARIA_128_GCM_SHA256');
+  TLS1_RFC_DH_RSA_WITH_ARIA_256_GCM_SHA384 = AnsiString('TLS_DH_RSA_WITH_ARIA_256_GCM_SHA384');
+  TLS1_RFC_DHE_DSS_WITH_ARIA_128_GCM_SHA256 = AnsiString('TLS_DHE_DSS_WITH_ARIA_128_GCM_SHA256');
+  TLS1_RFC_DHE_DSS_WITH_ARIA_256_GCM_SHA384 = AnsiString('TLS_DHE_DSS_WITH_ARIA_256_GCM_SHA384');
+  TLS1_RFC_DH_DSS_WITH_ARIA_128_GCM_SHA256 = AnsiString('TLS_DH_DSS_WITH_ARIA_128_GCM_SHA256');
+  TLS1_RFC_DH_DSS_WITH_ARIA_256_GCM_SHA384 = AnsiString('TLS_DH_DSS_WITH_ARIA_256_GCM_SHA384');
+  TLS1_RFC_DH_anon_WITH_ARIA_128_GCM_SHA256 = AnsiString('TLS_DH_anon_WITH_ARIA_128_GCM_SHA256');
+  TLS1_RFC_DH_anon_WITH_ARIA_256_GCM_SHA384 = AnsiString('TLS_DH_anon_WITH_ARIA_256_GCM_SHA384');
+  TLS1_RFC_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256 = AnsiString('TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256');
+  TLS1_RFC_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384 = AnsiString('TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384');
+  TLS1_RFC_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256 = AnsiString('TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256');
+  TLS1_RFC_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384 = AnsiString('TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384');
+  TLS1_RFC_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 = AnsiString('TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256');
+  TLS1_RFC_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 = AnsiString('TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384');
+  TLS1_RFC_ECDH_RSA_WITH_ARIA_128_GCM_SHA256 = AnsiString('TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256');
+  TLS1_RFC_ECDH_RSA_WITH_ARIA_256_GCM_SHA384 = AnsiString('TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384');
+  TLS1_RFC_PSK_WITH_ARIA_128_GCM_SHA256 = AnsiString('TLS_PSK_WITH_ARIA_128_GCM_SHA256');
+  TLS1_RFC_PSK_WITH_ARIA_256_GCM_SHA384 = AnsiString('TLS_PSK_WITH_ARIA_256_GCM_SHA384');
+  TLS1_RFC_DHE_PSK_WITH_ARIA_128_GCM_SHA256 = AnsiString('TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256');
+  TLS1_RFC_DHE_PSK_WITH_ARIA_256_GCM_SHA384 = AnsiString('TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384');
+  TLS1_RFC_RSA_PSK_WITH_ARIA_128_GCM_SHA256 = AnsiString('TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256');
+  TLS1_RFC_RSA_PSK_WITH_ARIA_256_GCM_SHA384 = AnsiString('TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384');
+
+  (*
    * XXX Backward compatibility alert: Older versions of OpenSSL gave some DHE
    * ciphers names with "EDH" instead of "DHE".  Going forward, we should be
    * using DHE everywhere, though we may indefinitely maTIdC_INTain aliases for
    * users or configurations that used "EDH"
-   *)
-  TLS1_TXT_DHE_DSS_WITH_RC4_128_SHA = AnsiString('DHE-DSS-RC4-SHA');
-
-  TLS1_TXT_PSK_WITH_NULL_SHA = AnsiString('PSK-NULL-SHA');
-  TLS1_TXT_DHE_PSK_WITH_NULL_SHA = AnsiString('DHE-PSK-NULL-SHA');
-  TLS1_TXT_RSA_PSK_WITH_NULL_SHA = AnsiString('RSA-PSK-NULL-SHA');
-
-  (* AES ciphersuites from RFC3268 *)
-  TLS1_TXT_RSA_WITH_AES_128_SHA = AnsiString('AES128-SHA');
-  TLS1_TXT_DH_DSS_WITH_AES_128_SHA = AnsiString('DH-DSS-AES128-SHA');
-  TLS1_TXT_DH_RSA_WITH_AES_128_SHA = AnsiString('DH-RSA-AES128-SHA');
-  TLS1_TXT_DHE_DSS_WITH_AES_128_SHA = AnsiString('DHE-DSS-AES128-SHA');
-  TLS1_TXT_DHE_RSA_WITH_AES_128_SHA = AnsiString('DHE-RSA-AES128-SHA');
-  TLS1_TXT_ADH_WITH_AES_128_SHA = AnsiString('ADH-AES128-SHA');
-
-  TLS1_TXT_RSA_WITH_AES_256_SHA = AnsiString('AES256-SHA');
-  TLS1_TXT_DH_DSS_WITH_AES_256_SHA = AnsiString('DH-DSS-AES256-SHA');
-  TLS1_TXT_DH_RSA_WITH_AES_256_SHA = AnsiString('DH-RSA-AES256-SHA');
-  TLS1_TXT_DHE_DSS_WITH_AES_256_SHA = AnsiString('DHE-DSS-AES256-SHA');
-  TLS1_TXT_DHE_RSA_WITH_AES_256_SHA = AnsiString('DHE-RSA-AES256-SHA');
-  TLS1_TXT_ADH_WITH_AES_256_SHA = AnsiString('ADH-AES256-SHA');
-
-  (* ECC ciphersuites from RFC4492 *)
-  TLS1_TXT_ECDH_ECDSA_WITH_NULL_SHA = AnsiString('ECDH-ECDSA-NULL-SHA');
-  TLS1_TXT_ECDH_ECDSA_WITH_RC4_128_SHA = AnsiString('ECDH-ECDSA-RC4-SHA');
-  TLS1_TXT_ECDH_ECDSA_WITH_DES_192_CBC3_SHA = AnsiString('ECDH-ECDSA-DES-CBC3-SHA');
-  TLS1_TXT_ECDH_ECDSA_WITH_AES_128_CBC_SHA = AnsiString('ECDH-ECDSA-AES128-SHA');
-  TLS1_TXT_ECDH_ECDSA_WITH_AES_256_CBC_SHA = AnsiString('ECDH-ECDSA-AES256-SHA');
-
-  TLS1_TXT_ECDHE_ECDSA_WITH_NULL_SHA = AnsiString('ECDHE-ECDSA-NULL-SHA');
-  TLS1_TXT_ECDHE_ECDSA_WITH_RC4_128_SHA = AnsiString('ECDHE-ECDSA-RC4-SHA');
-  TLS1_TXT_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA = AnsiString('ECDHE-ECDSA-DES-CBC3-SHA');
-  TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CBC_SHA = AnsiString('ECDHE-ECDSA-AES128-SHA');
-  TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CBC_SHA = AnsiString('ECDHE-ECDSA-AES256-SHA');
-
-  TLS1_TXT_ECDH_RSA_WITH_NULL_SHA = AnsiString('ECDH-RSA-NULL-SHA');
-  TLS1_TXT_ECDH_RSA_WITH_RC4_128_SHA = AnsiString('ECDH-RSA-RC4-SHA');
-  TLS1_TXT_ECDH_RSA_WITH_DES_192_CBC3_SHA = AnsiString('ECDH-RSA-DES-CBC3-SHA');
-  TLS1_TXT_ECDH_RSA_WITH_AES_128_CBC_SHA = AnsiString('ECDH-RSA-AES128-SHA');
-  TLS1_TXT_ECDH_RSA_WITH_AES_256_CBC_SHA = AnsiString('ECDH-RSA-AES256-SHA');
-
-  TLS1_TXT_ECDHE_RSA_WITH_NULL_SHA = AnsiString('ECDHE-RSA-NULL-SHA');
-  TLS1_TXT_ECDHE_RSA_WITH_RC4_128_SHA = AnsiString('ECDHE-RSA-RC4-SHA');
-  TLS1_TXT_ECDHE_RSA_WITH_DES_192_CBC3_SHA = AnsiString('ECDHE-RSA-DES-CBC3-SHA');
-  TLS1_TXT_ECDHE_RSA_WITH_AES_128_CBC_SHA = AnsiString('ECDHE-RSA-AES128-SHA');
-  TLS1_TXT_ECDHE_RSA_WITH_AES_256_CBC_SHA = AnsiString('ECDHE-RSA-AES256-SHA');
-
-  TLS1_TXT_ECDH_anon_WITH_NULL_SHA = AnsiString('AECDH-NULL-SHA');
-  TLS1_TXT_ECDH_anon_WITH_RC4_128_SHA = AnsiString('AECDH-RC4-SHA');
-  TLS1_TXT_ECDH_anon_WITH_DES_192_CBC3_SHA = AnsiString('AECDH-DES-CBC3-SHA');
-  TLS1_TXT_ECDH_anon_WITH_AES_128_CBC_SHA = AnsiString('AECDH-AES128-SHA');
-  TLS1_TXT_ECDH_anon_WITH_AES_256_CBC_SHA = AnsiString('AECDH-AES256-SHA');
-
-  (* PSK ciphersuites from RFC 4279 *)
-  TLS1_TXT_PSK_WITH_RC4_128_SHA = AnsiString('PSK-RC4-SHA');
-  TLS1_TXT_PSK_WITH_3DES_EDE_CBC_SHA = AnsiString('PSK-3DES-EDE-CBC-SHA');
-  TLS1_TXT_PSK_WITH_AES_128_CBC_SHA = AnsiString('PSK-AES128-CBC-SHA');
-  TLS1_TXT_PSK_WITH_AES_256_CBC_SHA = AnsiString('PSK-AES256-CBC-SHA');
-
-  TLS1_TXT_DHE_PSK_WITH_RC4_128_SHA = AnsiString('DHE-PSK-RC4-SHA');
-  TLS1_TXT_DHE_PSK_WITH_3DES_EDE_CBC_SHA = AnsiString('DHE-PSK-3DES-EDE-CBC-SHA');
-  TLS1_TXT_DHE_PSK_WITH_AES_128_CBC_SHA = AnsiString('DHE-PSK-AES128-CBC-SHA');
-  TLS1_TXT_DHE_PSK_WITH_AES_256_CBC_SHA = AnsiString('DHE-PSK-AES256-CBC-SHA');
-  TLS1_TXT_RSA_PSK_WITH_RC4_128_SHA = AnsiString('RSA-PSK-RC4-SHA');
-  TLS1_TXT_RSA_PSK_WITH_3DES_EDE_CBC_SHA = AnsiString('RSA-PSK-3DES-EDE-CBC-SHA');
-  TLS1_TXT_RSA_PSK_WITH_AES_128_CBC_SHA = AnsiString('RSA-PSK-AES128-CBC-SHA');
-  TLS1_TXT_RSA_PSK_WITH_AES_256_CBC_SHA = AnsiString('RSA-PSK-AES256-CBC-SHA');
-
-  (* PSK ciphersuites from RFC 5487 *)
-  TLS1_TXT_PSK_WITH_AES_128_GCM_SHA256 = AnsiString('PSK-AES128-GCM-SHA256');
-  TLS1_TXT_PSK_WITH_AES_256_GCM_SHA384 = AnsiString('PSK-AES256-GCM-SHA384');
-  TLS1_TXT_DHE_PSK_WITH_AES_128_GCM_SHA256 = AnsiString('DHE-PSK-AES128-GCM-SHA256');
-  TLS1_TXT_DHE_PSK_WITH_AES_256_GCM_SHA384 = AnsiString('DHE-PSK-AES256-GCM-SHA384');
-  TLS1_TXT_RSA_PSK_WITH_AES_128_GCM_SHA256 = AnsiString('RSA-PSK-AES128-GCM-SHA256');
-  TLS1_TXT_RSA_PSK_WITH_AES_256_GCM_SHA384 = AnsiString('RSA-PSK-AES256-GCM-SHA384');
-
-  TLS1_TXT_PSK_WITH_AES_128_CBC_SHA256 = AnsiString('PSK-AES128-CBC-SHA256');
-  TLS1_TXT_PSK_WITH_AES_256_CBC_SHA384 = AnsiString('PSK-AES256-CBC-SHA384');
-  TLS1_TXT_PSK_WITH_NULL_SHA256 = AnsiString('PSK-NULL-SHA256');
-  TLS1_TXT_PSK_WITH_NULL_SHA384 = AnsiString('PSK-NULL-SHA384');
-
-  TLS1_TXT_DHE_PSK_WITH_AES_128_CBC_SHA256 = AnsiString('DHE-PSK-AES128-CBC-SHA256');
-  TLS1_TXT_DHE_PSK_WITH_AES_256_CBC_SHA384 = AnsiString('DHE-PSK-AES256-CBC-SHA384');
-  TLS1_TXT_DHE_PSK_WITH_NULL_SHA256 = AnsiString('DHE-PSK-NULL-SHA256');
-  TLS1_TXT_DHE_PSK_WITH_NULL_SHA384 = AnsiString('DHE-PSK-NULL-SHA384');
-
-  TLS1_TXT_RSA_PSK_WITH_AES_128_CBC_SHA256 = AnsiString('RSA-PSK-AES128-CBC-SHA256');
-  TLS1_TXT_RSA_PSK_WITH_AES_256_CBC_SHA384 = AnsiString('RSA-PSK-AES256-CBC-SHA384');
-  TLS1_TXT_RSA_PSK_WITH_NULL_SHA256 = AnsiString('RSA-PSK-NULL-SHA256');
-  TLS1_TXT_RSA_PSK_WITH_NULL_SHA384 = AnsiString('RSA-PSK-NULL-SHA384');
-
-  (* SRP ciphersuite from RFC 5054 *)
-  TLS1_TXT_SRP_SHA_WITH_3DES_EDE_CBC_SHA = AnsiString('SRP-3DES-EDE-CBC-SHA');
-  TLS1_TXT_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA = AnsiString('SRP-RSA-3DES-EDE-CBC-SHA');
-  TLS1_TXT_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA = AnsiString('SRP-DSS-3DES-EDE-CBC-SHA');
-  TLS1_TXT_SRP_SHA_WITH_AES_128_CBC_SHA = AnsiString('SRP-AES-128-CBC-SHA');
-  TLS1_TXT_SRP_SHA_RSA_WITH_AES_128_CBC_SHA = AnsiString('SRP-RSA-AES-128-CBC-SHA');
-  TLS1_TXT_SRP_SHA_DSS_WITH_AES_128_CBC_SHA = AnsiString('SRP-DSS-AES-128-CBC-SHA');
-  TLS1_TXT_SRP_SHA_WITH_AES_256_CBC_SHA = AnsiString('SRP-AES-256-CBC-SHA');
-  TLS1_TXT_SRP_SHA_RSA_WITH_AES_256_CBC_SHA = AnsiString('SRP-RSA-AES-256-CBC-SHA');
-  TLS1_TXT_SRP_SHA_DSS_WITH_AES_256_CBC_SHA = AnsiString('SRP-DSS-AES-256-CBC-SHA');
-
-  (* Camellia ciphersuites from RFC4132 *)
-  TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA = AnsiString('CAMELLIA128-SHA');
-  TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA = AnsiString('DH-DSS-CAMELLIA128-SHA');
-  TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA = AnsiString('DH-RSA-CAMELLIA128-SHA');
-  TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA = AnsiString('DHE-DSS-CAMELLIA128-SHA');
-  TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA = AnsiString('DHE-RSA-CAMELLIA128-SHA');
-  TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA = AnsiString('ADH-CAMELLIA128-SHA');
-
-  TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA = AnsiString('CAMELLIA256-SHA');
-  TLS1_TXT_DH_DSS_WITH_CAMELLIA_256_CBC_SHA = AnsiString('DH-DSS-CAMELLIA256-SHA');
-  TLS1_TXT_DH_RSA_WITH_CAMELLIA_256_CBC_SHA = AnsiString('DH-RSA-CAMELLIA256-SHA');
-  TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA = AnsiString('DHE-DSS-CAMELLIA256-SHA');
-  TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA = AnsiString('DHE-RSA-CAMELLIA256-SHA');
-  TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA = AnsiString('ADH-CAMELLIA256-SHA');
-
-  (* TLS 1.2 Camellia SHA-256 ciphersuites from RFC5932 *)
-  TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('CAMELLIA128-SHA256');
-  TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('DH-DSS-CAMELLIA128-SHA256');
-  TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('DH-RSA-CAMELLIA128-SHA256');
-  TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('DHE-DSS-CAMELLIA128-SHA256');
-  TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('DHE-RSA-CAMELLIA128-SHA256');
-  TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('ADH-CAMELLIA128-SHA256');
-
-  TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA256 = AnsiString('CAMELLIA256-SHA256');
-  TLS1_TXT_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256 = AnsiString('DH-DSS-CAMELLIA256-SHA256');
-  TLS1_TXT_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256 = AnsiString('DH-RSA-CAMELLIA256-SHA256');
-  TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256 = AnsiString('DHE-DSS-CAMELLIA256-SHA256');
-  TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 = AnsiString('DHE-RSA-CAMELLIA256-SHA256');
-  TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA256 = AnsiString('ADH-CAMELLIA256-SHA256');
-
-  TLS1_TXT_PSK_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('PSK-CAMELLIA128-SHA256');
-  TLS1_TXT_PSK_WITH_CAMELLIA_256_CBC_SHA384 = AnsiString('PSK-CAMELLIA256-SHA384');
-  TLS1_TXT_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('DHE-PSK-CAMELLIA128-SHA256');
-  TLS1_TXT_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 = AnsiString('DHE-PSK-CAMELLIA256-SHA384');
-  TLS1_TXT_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('RSA-PSK-CAMELLIA128-SHA256');
-  TLS1_TXT_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 = AnsiString('RSA-PSK-CAMELLIA256-SHA384');
-  TLS1_TXT_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('ECDHE-PSK-CAMELLIA128-SHA256');
-  TLS1_TXT_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 = AnsiString('ECDHE-PSK-CAMELLIA256-SHA384');
-
-  (* SEED ciphersuites from RFC4162 *)
-  TLS1_TXT_RSA_WITH_SEED_SHA = AnsiString('SEED-SHA');
-  TLS1_TXT_DH_DSS_WITH_SEED_SHA = AnsiString('DH-DSS-SEED-SHA');
-  TLS1_TXT_DH_RSA_WITH_SEED_SHA = AnsiString('DH-RSA-SEED-SHA');
-  TLS1_TXT_DHE_DSS_WITH_SEED_SHA = AnsiString('DHE-DSS-SEED-SHA');
-  TLS1_TXT_DHE_RSA_WITH_SEED_SHA = AnsiString('DHE-RSA-SEED-SHA');
-  TLS1_TXT_ADH_WITH_SEED_SHA = AnsiString('ADH-SEED-SHA');
-
-  (* TLS v1.2 ciphersuites *)
-  TLS1_TXT_RSA_WITH_NULL_SHA256 = AnsiString('NULL-SHA256');
-  TLS1_TXT_RSA_WITH_AES_128_SHA256 = AnsiString('AES128-SHA256');
-  TLS1_TXT_RSA_WITH_AES_256_SHA256 = AnsiString('AES256-SHA256');
-  TLS1_TXT_DH_DSS_WITH_AES_128_SHA256 = AnsiString('DH-DSS-AES128-SHA256');
-  TLS1_TXT_DH_RSA_WITH_AES_128_SHA256 = AnsiString('DH-RSA-AES128-SHA256');
-  TLS1_TXT_DHE_DSS_WITH_AES_128_SHA256 = AnsiString('DHE-DSS-AES128-SHA256');
-  TLS1_TXT_DHE_RSA_WITH_AES_128_SHA256 = AnsiString('DHE-RSA-AES128-SHA256');
-  TLS1_TXT_DH_DSS_WITH_AES_256_SHA256 = AnsiString('DH-DSS-AES256-SHA256');
-  TLS1_TXT_DH_RSA_WITH_AES_256_SHA256 = AnsiString('DH-RSA-AES256-SHA256');
-  TLS1_TXT_DHE_DSS_WITH_AES_256_SHA256 = AnsiString('DHE-DSS-AES256-SHA256');
-  TLS1_TXT_DHE_RSA_WITH_AES_256_SHA256 = AnsiString('DHE-RSA-AES256-SHA256');
-  TLS1_TXT_ADH_WITH_AES_128_SHA256 = AnsiString('ADH-AES128-SHA256');
-  TLS1_TXT_ADH_WITH_AES_256_SHA256 = AnsiString('ADH-AES256-SHA256');
-
-  (* TLS v1.2 GCM ciphersuites from RFC5288 *)
-  TLS1_TXT_RSA_WITH_AES_128_GCM_SHA256 = AnsiString('AES128-GCM-SHA256');
-  TLS1_TXT_RSA_WITH_AES_256_GCM_SHA384 = AnsiString('AES256-GCM-SHA384');
-  TLS1_TXT_DHE_RSA_WITH_AES_128_GCM_SHA256 = AnsiString('DHE-RSA-AES128-GCM-SHA256');
-  TLS1_TXT_DHE_RSA_WITH_AES_256_GCM_SHA384 = AnsiString('DHE-RSA-AES256-GCM-SHA384');
-  TLS1_TXT_DH_RSA_WITH_AES_128_GCM_SHA256 = AnsiString('DH-RSA-AES128-GCM-SHA256');
-  TLS1_TXT_DH_RSA_WITH_AES_256_GCM_SHA384 = AnsiString('DH-RSA-AES256-GCM-SHA384');
-  TLS1_TXT_DHE_DSS_WITH_AES_128_GCM_SHA256 = AnsiString('DHE-DSS-AES128-GCM-SHA256');
-  TLS1_TXT_DHE_DSS_WITH_AES_256_GCM_SHA384 = AnsiString('DHE-DSS-AES256-GCM-SHA384');
-  TLS1_TXT_DH_DSS_WITH_AES_128_GCM_SHA256 = AnsiString('DH-DSS-AES128-GCM-SHA256');
-  TLS1_TXT_DH_DSS_WITH_AES_256_GCM_SHA384 = AnsiString('DH-DSS-AES256-GCM-SHA384');
-  TLS1_TXT_ADH_WITH_AES_128_GCM_SHA256 = AnsiString('ADH-AES128-GCM-SHA256');
-  TLS1_TXT_ADH_WITH_AES_256_GCM_SHA384 = AnsiString('ADH-AES256-GCM-SHA384');
-
-  (* CCM ciphersuites from RFC6655 *)
-  TLS1_TXT_RSA_WITH_AES_128_CCM = AnsiString('AES128-CCM');
-  TLS1_TXT_RSA_WITH_AES_256_CCM = AnsiString('AES256-CCM');
-  TLS1_TXT_DHE_RSA_WITH_AES_128_CCM = AnsiString('DHE-RSA-AES128-CCM');
-  TLS1_TXT_DHE_RSA_WITH_AES_256_CCM = AnsiString('DHE-RSA-AES256-CCM');
-
-  TLS1_TXT_RSA_WITH_AES_128_CCM_8 = AnsiString('AES128-CCM8');
-  TLS1_TXT_RSA_WITH_AES_256_CCM_8 = AnsiString('AES256-CCM8');
-  TLS1_TXT_DHE_RSA_WITH_AES_128_CCM_8 = AnsiString('DHE-RSA-AES128-CCM8');
-  TLS1_TXT_DHE_RSA_WITH_AES_256_CCM_8 = AnsiString('DHE-RSA-AES256-CCM8');
-
-  TLS1_TXT_PSK_WITH_AES_128_CCM = AnsiString('PSK-AES128-CCM');
-  TLS1_TXT_PSK_WITH_AES_256_CCM = AnsiString('PSK-AES256-CCM');
-  TLS1_TXT_DHE_PSK_WITH_AES_128_CCM = AnsiString('DHE-PSK-AES128-CCM');
-  TLS1_TXT_DHE_PSK_WITH_AES_256_CCM = AnsiString('DHE-PSK-AES256-CCM');
-
-  TLS1_TXT_PSK_WITH_AES_128_CCM_8 = AnsiString('PSK-AES128-CCM8');
-  TLS1_TXT_PSK_WITH_AES_256_CCM_8 = AnsiString('PSK-AES256-CCM8');
-  TLS1_TXT_DHE_PSK_WITH_AES_128_CCM_8 = AnsiString('DHE-PSK-AES128-CCM8');
-  TLS1_TXT_DHE_PSK_WITH_AES_256_CCM_8 = AnsiString('DHE-PSK-AES256-CCM8');
-
-  (* CCM ciphersuites from RFC7251 *)
-  TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CCM = AnsiString('ECDHE-ECDSA-AES128-CCM');
-  TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CCM = AnsiString('ECDHE-ECDSA-AES256-CCM');
-  TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CCM_8 = AnsiString('ECDHE-ECDSA-AES128-CCM8');
-  TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CCM_8 = AnsiString('ECDHE-ECDSA-AES256-CCM8');
-
-  (* ECDH HMAC based ciphersuites from RFC5289 *)
-  TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_SHA256 = AnsiString('ECDHE-ECDSA-AES128-SHA256');
-  TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_SHA384 = AnsiString('ECDHE-ECDSA-AES256-SHA384');
-  TLS1_TXT_ECDH_ECDSA_WITH_AES_128_SHA256 = AnsiString('ECDH-ECDSA-AES128-SHA256');
-  TLS1_TXT_ECDH_ECDSA_WITH_AES_256_SHA384 = AnsiString('ECDH-ECDSA-AES256-SHA384');
-  TLS1_TXT_ECDHE_RSA_WITH_AES_128_SHA256 = AnsiString('ECDHE-RSA-AES128-SHA256');
-  TLS1_TXT_ECDHE_RSA_WITH_AES_256_SHA384 = AnsiString('ECDHE-RSA-AES256-SHA384');
-  TLS1_TXT_ECDH_RSA_WITH_AES_128_SHA256 = AnsiString('ECDH-RSA-AES128-SHA256');
-  TLS1_TXT_ECDH_RSA_WITH_AES_256_SHA384 = AnsiString('ECDH-RSA-AES256-SHA384');
-
-  (* ECDH GCM based ciphersuites from RFC5289 *)
-  TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 = AnsiString('ECDHE-ECDSA-AES128-GCM-SHA256');
-  TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 = AnsiString('ECDHE-ECDSA-AES256-GCM-SHA384');
-  TLS1_TXT_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 = AnsiString('ECDH-ECDSA-AES128-GCM-SHA256');
-  TLS1_TXT_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 = AnsiString('ECDH-ECDSA-AES256-GCM-SHA384');
-  TLS1_TXT_ECDHE_RSA_WITH_AES_128_GCM_SHA256 = AnsiString('ECDHE-RSA-AES128-GCM-SHA256');
-  TLS1_TXT_ECDHE_RSA_WITH_AES_256_GCM_SHA384 = AnsiString('ECDHE-RSA-AES256-GCM-SHA384');
-  TLS1_TXT_ECDH_RSA_WITH_AES_128_GCM_SHA256 = AnsiString('ECDH-RSA-AES128-GCM-SHA256');
-  TLS1_TXT_ECDH_RSA_WITH_AES_256_GCM_SHA384 = AnsiString('ECDH-RSA-AES256-GCM-SHA384');
-
-  (* TLS v1.2 PSK GCM ciphersuites from RFC5487 *)
-  //TLS1_TXT_PSK_WITH_AES_128_GCM_SHA256 = AnsiString('PSK-AES128-GCM-SHA256');
-  //TLS1_TXT_PSK_WITH_AES_256_GCM_SHA384 = AnsiString('PSK-AES256-GCM-SHA384');
-
-  (* ECDHE PSK ciphersuites from RFC 5489 *)
-  TLS1_TXT_ECDHE_PSK_WITH_RC4_128_SHA = AnsiString('ECDHE-PSK-RC4-SHA');
-  TLS1_TXT_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA = AnsiString('ECDHE-PSK-3DES-EDE-CBC-SHA');
-  TLS1_TXT_ECDHE_PSK_WITH_AES_128_CBC_SHA = AnsiString('ECDHE-PSK-AES128-CBC-SHA');
-  TLS1_TXT_ECDHE_PSK_WITH_AES_256_CBC_SHA = AnsiString('ECDHE-PSK-AES256-CBC-SHA');
-
-  TLS1_TXT_ECDHE_PSK_WITH_AES_128_CBC_SHA256 = AnsiString('ECDHE-PSK-AES128-CBC-SHA256');
-  TLS1_TXT_ECDHE_PSK_WITH_AES_256_CBC_SHA384 = AnsiString('ECDHE-PSK-AES256-CBC-SHA384');
-
-  TLS1_TXT_ECDHE_PSK_WITH_NULL_SHA = AnsiString('ECDHE-PSK-NULL-SHA');
-  TLS1_TXT_ECDHE_PSK_WITH_NULL_SHA256 = AnsiString('ECDHE-PSK-NULL-SHA256');
-  TLS1_TXT_ECDHE_PSK_WITH_NULL_SHA384 = AnsiString('ECDHE-PSK-NULL-SHA384');
-
-  (* Camellia-CBC ciphersuites from RFC6367 *)
-  TLS1_TXT_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('ECDHE-ECDSA-CAMELLIA128-SHA256');
-  TLS1_TXT_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 = AnsiString('ECDHE-ECDSA-CAMELLIA256-SHA384');
-  TLS1_TXT_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('ECDH-ECDSA-CAMELLIA128-SHA256');
-  TLS1_TXT_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 = AnsiString('ECDH-ECDSA-CAMELLIA256-SHA384');
-  TLS1_TXT_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('ECDHE-RSA-CAMELLIA128-SHA256');
-  TLS1_TXT_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 = AnsiString('ECDHE-RSA-CAMELLIA256-SHA384');
-  TLS1_TXT_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('ECDH-RSA-CAMELLIA128-SHA256');
-  TLS1_TXT_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 = AnsiString('ECDH-RSA-CAMELLIA256-SHA384');
-
-  (* draft-ietf-tls-chacha20-poly1305-03 *)
-  TLS1_TXT_ECDHE_RSA_WITH_CHACHA20_POLY1305 = AnsiString('ECDHE-RSA-CHACHA20-POLY1305');
-  TLS1_TXT_ECDHE_ECDSA_WITH_CHACHA20_POLY1305 = AnsiString('ECDHE-ECDSA-CHACHA20-POLY1305');
-  TLS1_TXT_DHE_RSA_WITH_CHACHA20_POLY1305 = AnsiString('DHE-RSA-CHACHA20-POLY1305');
-  TLS1_TXT_PSK_WITH_CHACHA20_POLY1305 = AnsiString('PSK-CHACHA20-POLY1305');
-  TLS1_TXT_ECDHE_PSK_WITH_CHACHA20_POLY1305 = AnsiString('ECDHE-PSK-CHACHA20-POLY1305');
-  TLS1_TXT_DHE_PSK_WITH_CHACHA20_POLY1305 = AnsiString('DHE-PSK-CHACHA20-POLY1305');
-  TLS1_TXT_RSA_PSK_WITH_CHACHA20_POLY1305 = AnsiString('RSA-PSK-CHACHA20-POLY1305');
-
-  (* Aria ciphersuites from RFC6209 *)
-  TLS1_TXT_RSA_WITH_ARIA_128_GCM_SHA256 = AnsiString('ARIA128-GCM-SHA256');
-  TLS1_TXT_RSA_WITH_ARIA_256_GCM_SHA384 = AnsiString('ARIA256-GCM-SHA384');
-  TLS1_TXT_DHE_RSA_WITH_ARIA_128_GCM_SHA256 = AnsiString('DHE-RSA-ARIA128-GCM-SHA256');
-  TLS1_TXT_DHE_RSA_WITH_ARIA_256_GCM_SHA384 = AnsiString('DHE-RSA-ARIA256-GCM-SHA384');
-  TLS1_TXT_DH_RSA_WITH_ARIA_128_GCM_SHA256 = AnsiString('DH-RSA-ARIA128-GCM-SHA256');
-  TLS1_TXT_DH_RSA_WITH_ARIA_256_GCM_SHA384 = AnsiString('DH-RSA-ARIA256-GCM-SHA384');
-  TLS1_TXT_DHE_DSS_WITH_ARIA_128_GCM_SHA256 = AnsiString('DHE-DSS-ARIA128-GCM-SHA256');
-  TLS1_TXT_DHE_DSS_WITH_ARIA_256_GCM_SHA384 = AnsiString('DHE-DSS-ARIA256-GCM-SHA384');
-  TLS1_TXT_DH_DSS_WITH_ARIA_128_GCM_SHA256 = AnsiString('DH-DSS-ARIA128-GCM-SHA256');
-  TLS1_TXT_DH_DSS_WITH_ARIA_256_GCM_SHA384 = AnsiString('DH-DSS-ARIA256-GCM-SHA384');
-  TLS1_TXT_DH_anon_WITH_ARIA_128_GCM_SHA256 = AnsiString('ADH-ARIA128-GCM-SHA256');
-  TLS1_TXT_DH_anon_WITH_ARIA_256_GCM_SHA384 = AnsiString('ADH-ARIA256-GCM-SHA384');
-  TLS1_TXT_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256 = AnsiString('ECDHE-ECDSA-ARIA128-GCM-SHA256');
-  TLS1_TXT_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384 = AnsiString('ECDHE-ECDSA-ARIA256-GCM-SHA384');
-  TLS1_TXT_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256 = AnsiString('ECDH-ECDSA-ARIA128-GCM-SHA256');
-  TLS1_TXT_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384 = AnsiString('ECDH-ECDSA-ARIA256-GCM-SHA384');
-  TLS1_TXT_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 = AnsiString('ECDHE-ARIA128-GCM-SHA256');
-  TLS1_TXT_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 = AnsiString('ECDHE-ARIA256-GCM-SHA384');
-  TLS1_TXT_ECDH_RSA_WITH_ARIA_128_GCM_SHA256 = AnsiString('ECDH-ARIA128-GCM-SHA256');
-  TLS1_TXT_ECDH_RSA_WITH_ARIA_256_GCM_SHA384 = AnsiString('ECDH-ARIA256-GCM-SHA384');
-  TLS1_TXT_PSK_WITH_ARIA_128_GCM_SHA256 = AnsiString('PSK-ARIA128-GCM-SHA256');
-  TLS1_TXT_PSK_WITH_ARIA_256_GCM_SHA384 = AnsiString('PSK-ARIA256-GCM-SHA384');
-  TLS1_TXT_DHE_PSK_WITH_ARIA_128_GCM_SHA256 = AnsiString('DHE-PSK-ARIA128-GCM-SHA256');
-  TLS1_TXT_DHE_PSK_WITH_ARIA_256_GCM_SHA384 = AnsiString('DHE-PSK-ARIA256-GCM-SHA384');
-  TLS1_TXT_RSA_PSK_WITH_ARIA_128_GCM_SHA256 = AnsiString('RSA-PSK-ARIA128-GCM-SHA256');
-  TLS1_TXT_RSA_PSK_WITH_ARIA_256_GCM_SHA384 = AnsiString('RSA-PSK-ARIA256-GCM-SHA384');
-
-  TLS_CT_RSA_SIGN = 1;
-  TLS_CT_DSS_SIGN = 2;
-  TLS_CT_RSA_FIXED_DH = 3;
-  TLS_CT_DSS_FIXED_DH = 4;
-  TLS_CT_ECDSA_SIGN = 64;
-  TLS_CT_RSA_FIXED_ECDH = 65;
-  TLS_CT_ECDSA_FIXED_ECDH = 66;
-  TLS_CT_GOST01_SIGN = 22;
-  TLS_CT_GOST12_SIGN = 238;
-  TLS_CT_GOST12_512_SIGN = 239;
+   *)
+  TLS1_TXT_DHE_DSS_WITH_RC4_128_SHA = AnsiString('DHE-DSS-RC4-SHA');
+
+  TLS1_TXT_PSK_WITH_NULL_SHA = AnsiString('PSK-NULL-SHA');
+  TLS1_TXT_DHE_PSK_WITH_NULL_SHA = AnsiString('DHE-PSK-NULL-SHA');
+  TLS1_TXT_RSA_PSK_WITH_NULL_SHA = AnsiString('RSA-PSK-NULL-SHA');
+
+  (* AES ciphersuites from RFC3268 *)
+  TLS1_TXT_RSA_WITH_AES_128_SHA = AnsiString('AES128-SHA');
+  TLS1_TXT_DH_DSS_WITH_AES_128_SHA = AnsiString('DH-DSS-AES128-SHA');
+  TLS1_TXT_DH_RSA_WITH_AES_128_SHA = AnsiString('DH-RSA-AES128-SHA');
+  TLS1_TXT_DHE_DSS_WITH_AES_128_SHA = AnsiString('DHE-DSS-AES128-SHA');
+  TLS1_TXT_DHE_RSA_WITH_AES_128_SHA = AnsiString('DHE-RSA-AES128-SHA');
+  TLS1_TXT_ADH_WITH_AES_128_SHA = AnsiString('ADH-AES128-SHA');
+
+  TLS1_TXT_RSA_WITH_AES_256_SHA = AnsiString('AES256-SHA');
+  TLS1_TXT_DH_DSS_WITH_AES_256_SHA = AnsiString('DH-DSS-AES256-SHA');
+  TLS1_TXT_DH_RSA_WITH_AES_256_SHA = AnsiString('DH-RSA-AES256-SHA');
+  TLS1_TXT_DHE_DSS_WITH_AES_256_SHA = AnsiString('DHE-DSS-AES256-SHA');
+  TLS1_TXT_DHE_RSA_WITH_AES_256_SHA = AnsiString('DHE-RSA-AES256-SHA');
+  TLS1_TXT_ADH_WITH_AES_256_SHA = AnsiString('ADH-AES256-SHA');
+
+  (* ECC ciphersuites from RFC4492 *)
+  TLS1_TXT_ECDH_ECDSA_WITH_NULL_SHA = AnsiString('ECDH-ECDSA-NULL-SHA');
+  TLS1_TXT_ECDH_ECDSA_WITH_RC4_128_SHA = AnsiString('ECDH-ECDSA-RC4-SHA');
+  TLS1_TXT_ECDH_ECDSA_WITH_DES_192_CBC3_SHA = AnsiString('ECDH-ECDSA-DES-CBC3-SHA');
+  TLS1_TXT_ECDH_ECDSA_WITH_AES_128_CBC_SHA = AnsiString('ECDH-ECDSA-AES128-SHA');
+  TLS1_TXT_ECDH_ECDSA_WITH_AES_256_CBC_SHA = AnsiString('ECDH-ECDSA-AES256-SHA');
+
+  TLS1_TXT_ECDHE_ECDSA_WITH_NULL_SHA = AnsiString('ECDHE-ECDSA-NULL-SHA');
+  TLS1_TXT_ECDHE_ECDSA_WITH_RC4_128_SHA = AnsiString('ECDHE-ECDSA-RC4-SHA');
+  TLS1_TXT_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA = AnsiString('ECDHE-ECDSA-DES-CBC3-SHA');
+  TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CBC_SHA = AnsiString('ECDHE-ECDSA-AES128-SHA');
+  TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CBC_SHA = AnsiString('ECDHE-ECDSA-AES256-SHA');
+
+  TLS1_TXT_ECDH_RSA_WITH_NULL_SHA = AnsiString('ECDH-RSA-NULL-SHA');
+  TLS1_TXT_ECDH_RSA_WITH_RC4_128_SHA = AnsiString('ECDH-RSA-RC4-SHA');
+  TLS1_TXT_ECDH_RSA_WITH_DES_192_CBC3_SHA = AnsiString('ECDH-RSA-DES-CBC3-SHA');
+  TLS1_TXT_ECDH_RSA_WITH_AES_128_CBC_SHA = AnsiString('ECDH-RSA-AES128-SHA');
+  TLS1_TXT_ECDH_RSA_WITH_AES_256_CBC_SHA = AnsiString('ECDH-RSA-AES256-SHA');
+
+  TLS1_TXT_ECDHE_RSA_WITH_NULL_SHA = AnsiString('ECDHE-RSA-NULL-SHA');
+  TLS1_TXT_ECDHE_RSA_WITH_RC4_128_SHA = AnsiString('ECDHE-RSA-RC4-SHA');
+  TLS1_TXT_ECDHE_RSA_WITH_DES_192_CBC3_SHA = AnsiString('ECDHE-RSA-DES-CBC3-SHA');
+  TLS1_TXT_ECDHE_RSA_WITH_AES_128_CBC_SHA = AnsiString('ECDHE-RSA-AES128-SHA');
+  TLS1_TXT_ECDHE_RSA_WITH_AES_256_CBC_SHA = AnsiString('ECDHE-RSA-AES256-SHA');
+
+  TLS1_TXT_ECDH_anon_WITH_NULL_SHA = AnsiString('AECDH-NULL-SHA');
+  TLS1_TXT_ECDH_anon_WITH_RC4_128_SHA = AnsiString('AECDH-RC4-SHA');
+  TLS1_TXT_ECDH_anon_WITH_DES_192_CBC3_SHA = AnsiString('AECDH-DES-CBC3-SHA');
+  TLS1_TXT_ECDH_anon_WITH_AES_128_CBC_SHA = AnsiString('AECDH-AES128-SHA');
+  TLS1_TXT_ECDH_anon_WITH_AES_256_CBC_SHA = AnsiString('AECDH-AES256-SHA');
+
+  (* PSK ciphersuites from RFC 4279 *)
+  TLS1_TXT_PSK_WITH_RC4_128_SHA = AnsiString('PSK-RC4-SHA');
+  TLS1_TXT_PSK_WITH_3DES_EDE_CBC_SHA = AnsiString('PSK-3DES-EDE-CBC-SHA');
+  TLS1_TXT_PSK_WITH_AES_128_CBC_SHA = AnsiString('PSK-AES128-CBC-SHA');
+  TLS1_TXT_PSK_WITH_AES_256_CBC_SHA = AnsiString('PSK-AES256-CBC-SHA');
+
+  TLS1_TXT_DHE_PSK_WITH_RC4_128_SHA = AnsiString('DHE-PSK-RC4-SHA');
+  TLS1_TXT_DHE_PSK_WITH_3DES_EDE_CBC_SHA = AnsiString('DHE-PSK-3DES-EDE-CBC-SHA');
+  TLS1_TXT_DHE_PSK_WITH_AES_128_CBC_SHA = AnsiString('DHE-PSK-AES128-CBC-SHA');
+  TLS1_TXT_DHE_PSK_WITH_AES_256_CBC_SHA = AnsiString('DHE-PSK-AES256-CBC-SHA');
+  TLS1_TXT_RSA_PSK_WITH_RC4_128_SHA = AnsiString('RSA-PSK-RC4-SHA');
+  TLS1_TXT_RSA_PSK_WITH_3DES_EDE_CBC_SHA = AnsiString('RSA-PSK-3DES-EDE-CBC-SHA');
+  TLS1_TXT_RSA_PSK_WITH_AES_128_CBC_SHA = AnsiString('RSA-PSK-AES128-CBC-SHA');
+  TLS1_TXT_RSA_PSK_WITH_AES_256_CBC_SHA = AnsiString('RSA-PSK-AES256-CBC-SHA');
+
+  (* PSK ciphersuites from RFC 5487 *)
+  TLS1_TXT_PSK_WITH_AES_128_GCM_SHA256 = AnsiString('PSK-AES128-GCM-SHA256');
+  TLS1_TXT_PSK_WITH_AES_256_GCM_SHA384 = AnsiString('PSK-AES256-GCM-SHA384');
+  TLS1_TXT_DHE_PSK_WITH_AES_128_GCM_SHA256 = AnsiString('DHE-PSK-AES128-GCM-SHA256');
+  TLS1_TXT_DHE_PSK_WITH_AES_256_GCM_SHA384 = AnsiString('DHE-PSK-AES256-GCM-SHA384');
+  TLS1_TXT_RSA_PSK_WITH_AES_128_GCM_SHA256 = AnsiString('RSA-PSK-AES128-GCM-SHA256');
+  TLS1_TXT_RSA_PSK_WITH_AES_256_GCM_SHA384 = AnsiString('RSA-PSK-AES256-GCM-SHA384');
+
+  TLS1_TXT_PSK_WITH_AES_128_CBC_SHA256 = AnsiString('PSK-AES128-CBC-SHA256');
+  TLS1_TXT_PSK_WITH_AES_256_CBC_SHA384 = AnsiString('PSK-AES256-CBC-SHA384');
+  TLS1_TXT_PSK_WITH_NULL_SHA256 = AnsiString('PSK-NULL-SHA256');
+  TLS1_TXT_PSK_WITH_NULL_SHA384 = AnsiString('PSK-NULL-SHA384');
+
+  TLS1_TXT_DHE_PSK_WITH_AES_128_CBC_SHA256 = AnsiString('DHE-PSK-AES128-CBC-SHA256');
+  TLS1_TXT_DHE_PSK_WITH_AES_256_CBC_SHA384 = AnsiString('DHE-PSK-AES256-CBC-SHA384');
+  TLS1_TXT_DHE_PSK_WITH_NULL_SHA256 = AnsiString('DHE-PSK-NULL-SHA256');
+  TLS1_TXT_DHE_PSK_WITH_NULL_SHA384 = AnsiString('DHE-PSK-NULL-SHA384');
+
+  TLS1_TXT_RSA_PSK_WITH_AES_128_CBC_SHA256 = AnsiString('RSA-PSK-AES128-CBC-SHA256');
+  TLS1_TXT_RSA_PSK_WITH_AES_256_CBC_SHA384 = AnsiString('RSA-PSK-AES256-CBC-SHA384');
+  TLS1_TXT_RSA_PSK_WITH_NULL_SHA256 = AnsiString('RSA-PSK-NULL-SHA256');
+  TLS1_TXT_RSA_PSK_WITH_NULL_SHA384 = AnsiString('RSA-PSK-NULL-SHA384');
+
+  (* SRP ciphersuite from RFC 5054 *)
+  TLS1_TXT_SRP_SHA_WITH_3DES_EDE_CBC_SHA = AnsiString('SRP-3DES-EDE-CBC-SHA');
+  TLS1_TXT_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA = AnsiString('SRP-RSA-3DES-EDE-CBC-SHA');
+  TLS1_TXT_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA = AnsiString('SRP-DSS-3DES-EDE-CBC-SHA');
+  TLS1_TXT_SRP_SHA_WITH_AES_128_CBC_SHA = AnsiString('SRP-AES-128-CBC-SHA');
+  TLS1_TXT_SRP_SHA_RSA_WITH_AES_128_CBC_SHA = AnsiString('SRP-RSA-AES-128-CBC-SHA');
+  TLS1_TXT_SRP_SHA_DSS_WITH_AES_128_CBC_SHA = AnsiString('SRP-DSS-AES-128-CBC-SHA');
+  TLS1_TXT_SRP_SHA_WITH_AES_256_CBC_SHA = AnsiString('SRP-AES-256-CBC-SHA');
+  TLS1_TXT_SRP_SHA_RSA_WITH_AES_256_CBC_SHA = AnsiString('SRP-RSA-AES-256-CBC-SHA');
+  TLS1_TXT_SRP_SHA_DSS_WITH_AES_256_CBC_SHA = AnsiString('SRP-DSS-AES-256-CBC-SHA');
+
+  (* Camellia ciphersuites from RFC4132 *)
+  TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA = AnsiString('CAMELLIA128-SHA');
+  TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA = AnsiString('DH-DSS-CAMELLIA128-SHA');
+  TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA = AnsiString('DH-RSA-CAMELLIA128-SHA');
+  TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA = AnsiString('DHE-DSS-CAMELLIA128-SHA');
+  TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA = AnsiString('DHE-RSA-CAMELLIA128-SHA');
+  TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA = AnsiString('ADH-CAMELLIA128-SHA');
+
+  TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA = AnsiString('CAMELLIA256-SHA');
+  TLS1_TXT_DH_DSS_WITH_CAMELLIA_256_CBC_SHA = AnsiString('DH-DSS-CAMELLIA256-SHA');
+  TLS1_TXT_DH_RSA_WITH_CAMELLIA_256_CBC_SHA = AnsiString('DH-RSA-CAMELLIA256-SHA');
+  TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA = AnsiString('DHE-DSS-CAMELLIA256-SHA');
+  TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA = AnsiString('DHE-RSA-CAMELLIA256-SHA');
+  TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA = AnsiString('ADH-CAMELLIA256-SHA');
+
+  (* TLS 1.2 Camellia SHA-256 ciphersuites from RFC5932 *)
+  TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('CAMELLIA128-SHA256');
+  TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('DH-DSS-CAMELLIA128-SHA256');
+  TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('DH-RSA-CAMELLIA128-SHA256');
+  TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('DHE-DSS-CAMELLIA128-SHA256');
+  TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('DHE-RSA-CAMELLIA128-SHA256');
+  TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('ADH-CAMELLIA128-SHA256');
+
+  TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA256 = AnsiString('CAMELLIA256-SHA256');
+  TLS1_TXT_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256 = AnsiString('DH-DSS-CAMELLIA256-SHA256');
+  TLS1_TXT_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256 = AnsiString('DH-RSA-CAMELLIA256-SHA256');
+  TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256 = AnsiString('DHE-DSS-CAMELLIA256-SHA256');
+  TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 = AnsiString('DHE-RSA-CAMELLIA256-SHA256');
+  TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA256 = AnsiString('ADH-CAMELLIA256-SHA256');
+
+  TLS1_TXT_PSK_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('PSK-CAMELLIA128-SHA256');
+  TLS1_TXT_PSK_WITH_CAMELLIA_256_CBC_SHA384 = AnsiString('PSK-CAMELLIA256-SHA384');
+  TLS1_TXT_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('DHE-PSK-CAMELLIA128-SHA256');
+  TLS1_TXT_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 = AnsiString('DHE-PSK-CAMELLIA256-SHA384');
+  TLS1_TXT_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('RSA-PSK-CAMELLIA128-SHA256');
+  TLS1_TXT_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 = AnsiString('RSA-PSK-CAMELLIA256-SHA384');
+  TLS1_TXT_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('ECDHE-PSK-CAMELLIA128-SHA256');
+  TLS1_TXT_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 = AnsiString('ECDHE-PSK-CAMELLIA256-SHA384');
+
+  (* SEED ciphersuites from RFC4162 *)
+  TLS1_TXT_RSA_WITH_SEED_SHA = AnsiString('SEED-SHA');
+  TLS1_TXT_DH_DSS_WITH_SEED_SHA = AnsiString('DH-DSS-SEED-SHA');
+  TLS1_TXT_DH_RSA_WITH_SEED_SHA = AnsiString('DH-RSA-SEED-SHA');
+  TLS1_TXT_DHE_DSS_WITH_SEED_SHA = AnsiString('DHE-DSS-SEED-SHA');
+  TLS1_TXT_DHE_RSA_WITH_SEED_SHA = AnsiString('DHE-RSA-SEED-SHA');
+  TLS1_TXT_ADH_WITH_SEED_SHA = AnsiString('ADH-SEED-SHA');
+
+  (* TLS v1.2 ciphersuites *)
+  TLS1_TXT_RSA_WITH_NULL_SHA256 = AnsiString('NULL-SHA256');
+  TLS1_TXT_RSA_WITH_AES_128_SHA256 = AnsiString('AES128-SHA256');
+  TLS1_TXT_RSA_WITH_AES_256_SHA256 = AnsiString('AES256-SHA256');
+  TLS1_TXT_DH_DSS_WITH_AES_128_SHA256 = AnsiString('DH-DSS-AES128-SHA256');
+  TLS1_TXT_DH_RSA_WITH_AES_128_SHA256 = AnsiString('DH-RSA-AES128-SHA256');
+  TLS1_TXT_DHE_DSS_WITH_AES_128_SHA256 = AnsiString('DHE-DSS-AES128-SHA256');
+  TLS1_TXT_DHE_RSA_WITH_AES_128_SHA256 = AnsiString('DHE-RSA-AES128-SHA256');
+  TLS1_TXT_DH_DSS_WITH_AES_256_SHA256 = AnsiString('DH-DSS-AES256-SHA256');
+  TLS1_TXT_DH_RSA_WITH_AES_256_SHA256 = AnsiString('DH-RSA-AES256-SHA256');
+  TLS1_TXT_DHE_DSS_WITH_AES_256_SHA256 = AnsiString('DHE-DSS-AES256-SHA256');
+  TLS1_TXT_DHE_RSA_WITH_AES_256_SHA256 = AnsiString('DHE-RSA-AES256-SHA256');
+  TLS1_TXT_ADH_WITH_AES_128_SHA256 = AnsiString('ADH-AES128-SHA256');
+  TLS1_TXT_ADH_WITH_AES_256_SHA256 = AnsiString('ADH-AES256-SHA256');
+
+  (* TLS v1.2 GCM ciphersuites from RFC5288 *)
+  TLS1_TXT_RSA_WITH_AES_128_GCM_SHA256 = AnsiString('AES128-GCM-SHA256');
+  TLS1_TXT_RSA_WITH_AES_256_GCM_SHA384 = AnsiString('AES256-GCM-SHA384');
+  TLS1_TXT_DHE_RSA_WITH_AES_128_GCM_SHA256 = AnsiString('DHE-RSA-AES128-GCM-SHA256');
+  TLS1_TXT_DHE_RSA_WITH_AES_256_GCM_SHA384 = AnsiString('DHE-RSA-AES256-GCM-SHA384');
+  TLS1_TXT_DH_RSA_WITH_AES_128_GCM_SHA256 = AnsiString('DH-RSA-AES128-GCM-SHA256');
+  TLS1_TXT_DH_RSA_WITH_AES_256_GCM_SHA384 = AnsiString('DH-RSA-AES256-GCM-SHA384');
+  TLS1_TXT_DHE_DSS_WITH_AES_128_GCM_SHA256 = AnsiString('DHE-DSS-AES128-GCM-SHA256');
+  TLS1_TXT_DHE_DSS_WITH_AES_256_GCM_SHA384 = AnsiString('DHE-DSS-AES256-GCM-SHA384');
+  TLS1_TXT_DH_DSS_WITH_AES_128_GCM_SHA256 = AnsiString('DH-DSS-AES128-GCM-SHA256');
+  TLS1_TXT_DH_DSS_WITH_AES_256_GCM_SHA384 = AnsiString('DH-DSS-AES256-GCM-SHA384');
+  TLS1_TXT_ADH_WITH_AES_128_GCM_SHA256 = AnsiString('ADH-AES128-GCM-SHA256');
+  TLS1_TXT_ADH_WITH_AES_256_GCM_SHA384 = AnsiString('ADH-AES256-GCM-SHA384');
+
+  (* CCM ciphersuites from RFC6655 *)
+  TLS1_TXT_RSA_WITH_AES_128_CCM = AnsiString('AES128-CCM');
+  TLS1_TXT_RSA_WITH_AES_256_CCM = AnsiString('AES256-CCM');
+  TLS1_TXT_DHE_RSA_WITH_AES_128_CCM = AnsiString('DHE-RSA-AES128-CCM');
+  TLS1_TXT_DHE_RSA_WITH_AES_256_CCM = AnsiString('DHE-RSA-AES256-CCM');
+
+  TLS1_TXT_RSA_WITH_AES_128_CCM_8 = AnsiString('AES128-CCM8');
+  TLS1_TXT_RSA_WITH_AES_256_CCM_8 = AnsiString('AES256-CCM8');
+  TLS1_TXT_DHE_RSA_WITH_AES_128_CCM_8 = AnsiString('DHE-RSA-AES128-CCM8');
+  TLS1_TXT_DHE_RSA_WITH_AES_256_CCM_8 = AnsiString('DHE-RSA-AES256-CCM8');
+
+  TLS1_TXT_PSK_WITH_AES_128_CCM = AnsiString('PSK-AES128-CCM');
+  TLS1_TXT_PSK_WITH_AES_256_CCM = AnsiString('PSK-AES256-CCM');
+  TLS1_TXT_DHE_PSK_WITH_AES_128_CCM = AnsiString('DHE-PSK-AES128-CCM');
+  TLS1_TXT_DHE_PSK_WITH_AES_256_CCM = AnsiString('DHE-PSK-AES256-CCM');
+
+  TLS1_TXT_PSK_WITH_AES_128_CCM_8 = AnsiString('PSK-AES128-CCM8');
+  TLS1_TXT_PSK_WITH_AES_256_CCM_8 = AnsiString('PSK-AES256-CCM8');
+  TLS1_TXT_DHE_PSK_WITH_AES_128_CCM_8 = AnsiString('DHE-PSK-AES128-CCM8');
+  TLS1_TXT_DHE_PSK_WITH_AES_256_CCM_8 = AnsiString('DHE-PSK-AES256-CCM8');
+
+  (* CCM ciphersuites from RFC7251 *)
+  TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CCM = AnsiString('ECDHE-ECDSA-AES128-CCM');
+  TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CCM = AnsiString('ECDHE-ECDSA-AES256-CCM');
+  TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CCM_8 = AnsiString('ECDHE-ECDSA-AES128-CCM8');
+  TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CCM_8 = AnsiString('ECDHE-ECDSA-AES256-CCM8');
+
+  (* ECDH HMAC based ciphersuites from RFC5289 *)
+  TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_SHA256 = AnsiString('ECDHE-ECDSA-AES128-SHA256');
+  TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_SHA384 = AnsiString('ECDHE-ECDSA-AES256-SHA384');
+  TLS1_TXT_ECDH_ECDSA_WITH_AES_128_SHA256 = AnsiString('ECDH-ECDSA-AES128-SHA256');
+  TLS1_TXT_ECDH_ECDSA_WITH_AES_256_SHA384 = AnsiString('ECDH-ECDSA-AES256-SHA384');
+  TLS1_TXT_ECDHE_RSA_WITH_AES_128_SHA256 = AnsiString('ECDHE-RSA-AES128-SHA256');
+  TLS1_TXT_ECDHE_RSA_WITH_AES_256_SHA384 = AnsiString('ECDHE-RSA-AES256-SHA384');
+  TLS1_TXT_ECDH_RSA_WITH_AES_128_SHA256 = AnsiString('ECDH-RSA-AES128-SHA256');
+  TLS1_TXT_ECDH_RSA_WITH_AES_256_SHA384 = AnsiString('ECDH-RSA-AES256-SHA384');
+
+  (* ECDH GCM based ciphersuites from RFC5289 *)
+  TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 = AnsiString('ECDHE-ECDSA-AES128-GCM-SHA256');
+  TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 = AnsiString('ECDHE-ECDSA-AES256-GCM-SHA384');
+  TLS1_TXT_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 = AnsiString('ECDH-ECDSA-AES128-GCM-SHA256');
+  TLS1_TXT_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 = AnsiString('ECDH-ECDSA-AES256-GCM-SHA384');
+  TLS1_TXT_ECDHE_RSA_WITH_AES_128_GCM_SHA256 = AnsiString('ECDHE-RSA-AES128-GCM-SHA256');
+  TLS1_TXT_ECDHE_RSA_WITH_AES_256_GCM_SHA384 = AnsiString('ECDHE-RSA-AES256-GCM-SHA384');
+  TLS1_TXT_ECDH_RSA_WITH_AES_128_GCM_SHA256 = AnsiString('ECDH-RSA-AES128-GCM-SHA256');
+  TLS1_TXT_ECDH_RSA_WITH_AES_256_GCM_SHA384 = AnsiString('ECDH-RSA-AES256-GCM-SHA384');
+
+  (* TLS v1.2 PSK GCM ciphersuites from RFC5487 *)
+  //TLS1_TXT_PSK_WITH_AES_128_GCM_SHA256 = AnsiString('PSK-AES128-GCM-SHA256');
+  //TLS1_TXT_PSK_WITH_AES_256_GCM_SHA384 = AnsiString('PSK-AES256-GCM-SHA384');
+
+  (* ECDHE PSK ciphersuites from RFC 5489 *)
+  TLS1_TXT_ECDHE_PSK_WITH_RC4_128_SHA = AnsiString('ECDHE-PSK-RC4-SHA');
+  TLS1_TXT_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA = AnsiString('ECDHE-PSK-3DES-EDE-CBC-SHA');
+  TLS1_TXT_ECDHE_PSK_WITH_AES_128_CBC_SHA = AnsiString('ECDHE-PSK-AES128-CBC-SHA');
+  TLS1_TXT_ECDHE_PSK_WITH_AES_256_CBC_SHA = AnsiString('ECDHE-PSK-AES256-CBC-SHA');
+
+  TLS1_TXT_ECDHE_PSK_WITH_AES_128_CBC_SHA256 = AnsiString('ECDHE-PSK-AES128-CBC-SHA256');
+  TLS1_TXT_ECDHE_PSK_WITH_AES_256_CBC_SHA384 = AnsiString('ECDHE-PSK-AES256-CBC-SHA384');
+
+  TLS1_TXT_ECDHE_PSK_WITH_NULL_SHA = AnsiString('ECDHE-PSK-NULL-SHA');
+  TLS1_TXT_ECDHE_PSK_WITH_NULL_SHA256 = AnsiString('ECDHE-PSK-NULL-SHA256');
+  TLS1_TXT_ECDHE_PSK_WITH_NULL_SHA384 = AnsiString('ECDHE-PSK-NULL-SHA384');
+
+  (* Camellia-CBC ciphersuites from RFC6367 *)
+  TLS1_TXT_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('ECDHE-ECDSA-CAMELLIA128-SHA256');
+  TLS1_TXT_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 = AnsiString('ECDHE-ECDSA-CAMELLIA256-SHA384');
+  TLS1_TXT_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('ECDH-ECDSA-CAMELLIA128-SHA256');
+  TLS1_TXT_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 = AnsiString('ECDH-ECDSA-CAMELLIA256-SHA384');
+  TLS1_TXT_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('ECDHE-RSA-CAMELLIA128-SHA256');
+  TLS1_TXT_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 = AnsiString('ECDHE-RSA-CAMELLIA256-SHA384');
+  TLS1_TXT_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 = AnsiString('ECDH-RSA-CAMELLIA128-SHA256');
+  TLS1_TXT_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 = AnsiString('ECDH-RSA-CAMELLIA256-SHA384');
+
+  (* draft-ietf-tls-chacha20-poly1305-03 *)
+  TLS1_TXT_ECDHE_RSA_WITH_CHACHA20_POLY1305 = AnsiString('ECDHE-RSA-CHACHA20-POLY1305');
+  TLS1_TXT_ECDHE_ECDSA_WITH_CHACHA20_POLY1305 = AnsiString('ECDHE-ECDSA-CHACHA20-POLY1305');
+  TLS1_TXT_DHE_RSA_WITH_CHACHA20_POLY1305 = AnsiString('DHE-RSA-CHACHA20-POLY1305');
+  TLS1_TXT_PSK_WITH_CHACHA20_POLY1305 = AnsiString('PSK-CHACHA20-POLY1305');
+  TLS1_TXT_ECDHE_PSK_WITH_CHACHA20_POLY1305 = AnsiString('ECDHE-PSK-CHACHA20-POLY1305');
+  TLS1_TXT_DHE_PSK_WITH_CHACHA20_POLY1305 = AnsiString('DHE-PSK-CHACHA20-POLY1305');
+  TLS1_TXT_RSA_PSK_WITH_CHACHA20_POLY1305 = AnsiString('RSA-PSK-CHACHA20-POLY1305');
+
+  (* Aria ciphersuites from RFC6209 *)
+  TLS1_TXT_RSA_WITH_ARIA_128_GCM_SHA256 = AnsiString('ARIA128-GCM-SHA256');
+  TLS1_TXT_RSA_WITH_ARIA_256_GCM_SHA384 = AnsiString('ARIA256-GCM-SHA384');
+  TLS1_TXT_DHE_RSA_WITH_ARIA_128_GCM_SHA256 = AnsiString('DHE-RSA-ARIA128-GCM-SHA256');
+  TLS1_TXT_DHE_RSA_WITH_ARIA_256_GCM_SHA384 = AnsiString('DHE-RSA-ARIA256-GCM-SHA384');
+  TLS1_TXT_DH_RSA_WITH_ARIA_128_GCM_SHA256 = AnsiString('DH-RSA-ARIA128-GCM-SHA256');
+  TLS1_TXT_DH_RSA_WITH_ARIA_256_GCM_SHA384 = AnsiString('DH-RSA-ARIA256-GCM-SHA384');
+  TLS1_TXT_DHE_DSS_WITH_ARIA_128_GCM_SHA256 = AnsiString('DHE-DSS-ARIA128-GCM-SHA256');
+  TLS1_TXT_DHE_DSS_WITH_ARIA_256_GCM_SHA384 = AnsiString('DHE-DSS-ARIA256-GCM-SHA384');
+  TLS1_TXT_DH_DSS_WITH_ARIA_128_GCM_SHA256 = AnsiString('DH-DSS-ARIA128-GCM-SHA256');
+  TLS1_TXT_DH_DSS_WITH_ARIA_256_GCM_SHA384 = AnsiString('DH-DSS-ARIA256-GCM-SHA384');
+  TLS1_TXT_DH_anon_WITH_ARIA_128_GCM_SHA256 = AnsiString('ADH-ARIA128-GCM-SHA256');
+  TLS1_TXT_DH_anon_WITH_ARIA_256_GCM_SHA384 = AnsiString('ADH-ARIA256-GCM-SHA384');
+  TLS1_TXT_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256 = AnsiString('ECDHE-ECDSA-ARIA128-GCM-SHA256');
+  TLS1_TXT_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384 = AnsiString('ECDHE-ECDSA-ARIA256-GCM-SHA384');
+  TLS1_TXT_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256 = AnsiString('ECDH-ECDSA-ARIA128-GCM-SHA256');
+  TLS1_TXT_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384 = AnsiString('ECDH-ECDSA-ARIA256-GCM-SHA384');
+  TLS1_TXT_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 = AnsiString('ECDHE-ARIA128-GCM-SHA256');
+  TLS1_TXT_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 = AnsiString('ECDHE-ARIA256-GCM-SHA384');
+  TLS1_TXT_ECDH_RSA_WITH_ARIA_128_GCM_SHA256 = AnsiString('ECDH-ARIA128-GCM-SHA256');
+  TLS1_TXT_ECDH_RSA_WITH_ARIA_256_GCM_SHA384 = AnsiString('ECDH-ARIA256-GCM-SHA384');
+  TLS1_TXT_PSK_WITH_ARIA_128_GCM_SHA256 = AnsiString('PSK-ARIA128-GCM-SHA256');
+  TLS1_TXT_PSK_WITH_ARIA_256_GCM_SHA384 = AnsiString('PSK-ARIA256-GCM-SHA384');
+  TLS1_TXT_DHE_PSK_WITH_ARIA_128_GCM_SHA256 = AnsiString('DHE-PSK-ARIA128-GCM-SHA256');
+  TLS1_TXT_DHE_PSK_WITH_ARIA_256_GCM_SHA384 = AnsiString('DHE-PSK-ARIA256-GCM-SHA384');
+  TLS1_TXT_RSA_PSK_WITH_ARIA_128_GCM_SHA256 = AnsiString('RSA-PSK-ARIA128-GCM-SHA256');
+  TLS1_TXT_RSA_PSK_WITH_ARIA_256_GCM_SHA384 = AnsiString('RSA-PSK-ARIA256-GCM-SHA384');
+
+  TLS_CT_RSA_SIGN = 1;
+  TLS_CT_DSS_SIGN = 2;
+  TLS_CT_RSA_FIXED_DH = 3;
+  TLS_CT_DSS_FIXED_DH = 4;
+  TLS_CT_ECDSA_SIGN = 64;
+  TLS_CT_RSA_FIXED_ECDH = 65;
+  TLS_CT_ECDSA_FIXED_ECDH = 66;
+  TLS_CT_GOST01_SIGN = 22;
+  TLS_CT_GOST12_SIGN = 238;
+  TLS_CT_GOST12_512_SIGN = 239;
 
   (*
    * when correcting this number, correct also SSL3_CT_NUMBER in ssl3.h (see
@@ -1021,83 +1021,83 @@ interface
 
   TLS1_FINISH_MAC_LENGTH = 12;
 
-  TLS_MD_MAX_CONST_SIZE = 22;
-  TLS_MD_CLIENT_FINISH_CONST  = AnsiString('client finished');
-  TLS_MD_CLIENT_FINISH_CONST_SIZE = 15;
-  TLS_MD_SERVER_FINISH_CONST  = AnsiString('server finished');
-  TLS_MD_SERVER_FINISH_CONST_SIZE = 15;
-  TLS_MD_KEY_EXPANSION_CONST  = AnsiString('key expansion');
-  TLS_MD_KEY_EXPANSION_CONST_SIZE = 13;
-  TLS_MD_CLIENT_WRITE_KEY_CONST  = AnsiString('client write key');
-  TLS_MD_CLIENT_WRITE_KEY_CONST_SIZE = 16;
-  TLS_MD_SERVER_WRITE_KEY_CONST  = AnsiString('server write key');
-  TLS_MD_SERVER_WRITE_KEY_CONST_SIZE = 16;
-  TLS_MD_IV_BLOCK_CONST  = AnsiString('IV block');
-  TLS_MD_IV_BLOCK_CONST_SIZE = 8;
-  TLS_MD_MASTER_SECRET_CONST  = AnsiString('master secret');
-  TLS_MD_MASTER_SECRET_CONST_SIZE = 13;
-  TLS_MD_EXTENDED_MASTER_SECRET_CONST  = AnsiString('extended master secret');
-  TLS_MD_EXTENDED_MASTER_SECRET_CONST_SIZE = 22;
-
-//  (*
-//   * client finished
-//   *)
-//  TLS_MD_CLIENT_FINISH_CONST = TIdAnsiChar($63) + TIdAnsiChar($6c) + TIdAnsiChar($69) + TIdAnsiChar($65) + TIdAnsiChar($6e) + TIdAnsiChar($74) + TIdAnsiChar($20) + TIdAnsiChar($66) + TIdAnsiChar($69) + TIdAnsiChar($6e) + TIdAnsiChar($69) + TIdAnsiChar($73) + TIdAnsiChar($68) + TIdAnsiChar($65) + TIdAnsiChar($64);
-//
-//  (*
-//   * server finished
-//   *)
-//  TLS_MD_SERVER_FINISH_CONST = TIdAnsiChar($73) + TIdAnsiChar($65) + TIdAnsiChar($72) + TIdAnsiChar($76) + TIdAnsiChar($65) + TIdAnsiChar($72) + TIdAnsiChar($20) + TIdAnsiChar($66) + TIdAnsiChar($69) + TIdAnsiChar($6e) + TIdAnsiChar($69) + TIdAnsiChar($73) + TIdAnsiChar($68) + TIdAnsiChar($65) + TIdAnsiChar($64);
-//
-//  (*
-//   * server write key
-//   *)
-//  TLS_MD_SERVER_WRITE_KEY_CONST = TIdAnsiChar($73) + TIdAnsiChar($65) + TIdAnsiChar($72) + TIdAnsiChar($76) + TIdAnsiChar($65) + TIdAnsiChar($72) + TIdAnsiChar($20) + TIdAnsiChar($77) + TIdAnsiChar($72) + TIdAnsiChar($69) + TIdAnsiChar($74) + TIdAnsiChar($65) + TIdAnsiChar($20) + TIdAnsiChar($6b) + TIdAnsiChar($65) + TIdAnsiChar($79);
-//
-//  (*
-//   * key expansion
-//   *)
-//  TLS_MD_KEY_EXPANSION_CONST = TIdAnsiChar($6b) + TIdAnsiChar($65) + TIdAnsiChar($79) + TIdAnsiChar($20) + TIdAnsiChar($65) + TIdAnsiChar($78) + TIdAnsiChar($70) + TIdAnsiChar($61) + TIdAnsiChar($6e) + TIdAnsiChar($73) + TIdAnsiChar($69) + TIdAnsiChar($6f) + TIdAnsiChar($6e);
-//
-//  (*
-//   * client write key
-//   *)
-//  TLS_MD_CLIENT_WRITE_KEY_CONST = TIdAnsiChar($63) + TIdAnsiChar($6c) + TIdAnsiChar($69) + TIdAnsiChar($65) + TIdAnsiChar($6e) + TIdAnsiChar($74) + TIdAnsiChar($20) + TIdAnsiChar($77) + TIdAnsiChar($72) + TIdAnsiChar($69) + TIdAnsiChar($74) + TIdAnsiChar($65) + TIdAnsiChar($20) + TIdAnsiChar($6b) + TIdAnsiChar($65) + TIdAnsiChar($79);
-//
-//  (*
-//   * server write key
-//   *)
-//  TLS_MD_SERVER_WRITE_KEY_CONST = TIdAnsiChar($73) + TIdAnsiChar($65) + TIdAnsiChar($72) + TIdAnsiChar($76) + TIdAnsiChar($65) + TIdAnsiChar($72) + TIdAnsiChar($20) + TIdAnsiChar($77) + TIdAnsiChar($72) + TIdAnsiChar($69) + TIdAnsiChar($74) + TIdAnsiChar($65) + TIdAnsiChar($20) + TIdAnsiChar($6b) + TIdAnsiChar($65) + TIdAnsiChar($79);
-//
-//  (*
-//   * IV block
-//   *)
-//  TLS_MD_IV_BLOCK_CONST = TIdAnsiChar($49) + TIdAnsiChar($56) + TIdAnsiChar($20) + TIdAnsiChar($62) + TIdAnsiChar($6c) + TIdAnsiChar($6f) + TIdAnsiChar($63) + TIdAnsiChar($6b);
-//
-//  (*
-//   * master secret
-//   *)
-//  TLS_MD_MASTER_SECRET_CONST = TIdAnsiChar($6d) + TIdAnsiChar($61) + TIdAnsiChar($73) + TIdAnsiChar($74) + TIdAnsiChar($65) + TIdAnsiChar($72) + TIdAnsiChar($20) + TIdAnsiChar($73) + TIdAnsiChar($65) + TIdAnsiChar($63) + TIdAnsiChar($72) + TIdAnsiChar($65) + TIdAnsiChar($74);
-//
-//  (*
-//   * extended master secret
-//   *)
-//  TLS_MD_EXTENDED_MASTER_SECRET_CONST = TIdAnsiChar($65) + TIdAnsiChar($78) + TIdAnsiChar($74) + TIdAnsiChar($65) + TIdAnsiChar($6e) + TIdAnsiChar($64) + TIdAnsiChar($65) + TIdAnsiChar($64) + TIdAnsiChar($20) + TIdAnsiChar($6d) + TIdAnsiChar($61) + TIdAnsiChar($73) + TIdAnsiChar($74) + TIdAnsiChar($65) + TIdAnsiChar($72) + TIdAnsiChar($20) + TIdAnsiChar($73) + TIdAnsiChar($65) + TIdAnsiChar($63) + TIdAnsiChar($72) + TIdAnsiChar($65) + TIdAnsiChar($74);
-
-type
-  (* TLS Session Ticket extension struct *)
+  TLS_MD_MAX_CONST_SIZE = 22;
+  TLS_MD_CLIENT_FINISH_CONST  = AnsiString('client finished');
+  TLS_MD_CLIENT_FINISH_CONST_SIZE = 15;
+  TLS_MD_SERVER_FINISH_CONST  = AnsiString('server finished');
+  TLS_MD_SERVER_FINISH_CONST_SIZE = 15;
+  TLS_MD_KEY_EXPANSION_CONST  = AnsiString('key expansion');
+  TLS_MD_KEY_EXPANSION_CONST_SIZE = 13;
+  TLS_MD_CLIENT_WRITE_KEY_CONST  = AnsiString('client write key');
+  TLS_MD_CLIENT_WRITE_KEY_CONST_SIZE = 16;
+  TLS_MD_SERVER_WRITE_KEY_CONST  = AnsiString('server write key');
+  TLS_MD_SERVER_WRITE_KEY_CONST_SIZE = 16;
+  TLS_MD_IV_BLOCK_CONST  = AnsiString('IV block');
+  TLS_MD_IV_BLOCK_CONST_SIZE = 8;
+  TLS_MD_MASTER_SECRET_CONST  = AnsiString('master secret');
+  TLS_MD_MASTER_SECRET_CONST_SIZE = 13;
+  TLS_MD_EXTENDED_MASTER_SECRET_CONST  = AnsiString('extended master secret');
+  TLS_MD_EXTENDED_MASTER_SECRET_CONST_SIZE = 22;
+
+//  (*
+//   * client finished
+//   *)
+//  TLS_MD_CLIENT_FINISH_CONST = TIdAnsiChar($63) + TIdAnsiChar($6c) + TIdAnsiChar($69) + TIdAnsiChar($65) + TIdAnsiChar($6e) + TIdAnsiChar($74) + TIdAnsiChar($20) + TIdAnsiChar($66) + TIdAnsiChar($69) + TIdAnsiChar($6e) + TIdAnsiChar($69) + TIdAnsiChar($73) + TIdAnsiChar($68) + TIdAnsiChar($65) + TIdAnsiChar($64);
+//
+//  (*
+//   * server finished
+//   *)
+//  TLS_MD_SERVER_FINISH_CONST = TIdAnsiChar($73) + TIdAnsiChar($65) + TIdAnsiChar($72) + TIdAnsiChar($76) + TIdAnsiChar($65) + TIdAnsiChar($72) + TIdAnsiChar($20) + TIdAnsiChar($66) + TIdAnsiChar($69) + TIdAnsiChar($6e) + TIdAnsiChar($69) + TIdAnsiChar($73) + TIdAnsiChar($68) + TIdAnsiChar($65) + TIdAnsiChar($64);
+//
+//  (*
+//   * server write key
+//   *)
+//  TLS_MD_SERVER_WRITE_KEY_CONST = TIdAnsiChar($73) + TIdAnsiChar($65) + TIdAnsiChar($72) + TIdAnsiChar($76) + TIdAnsiChar($65) + TIdAnsiChar($72) + TIdAnsiChar($20) + TIdAnsiChar($77) + TIdAnsiChar($72) + TIdAnsiChar($69) + TIdAnsiChar($74) + TIdAnsiChar($65) + TIdAnsiChar($20) + TIdAnsiChar($6b) + TIdAnsiChar($65) + TIdAnsiChar($79);
+//
+//  (*
+//   * key expansion
+//   *)
+//  TLS_MD_KEY_EXPANSION_CONST = TIdAnsiChar($6b) + TIdAnsiChar($65) + TIdAnsiChar($79) + TIdAnsiChar($20) + TIdAnsiChar($65) + TIdAnsiChar($78) + TIdAnsiChar($70) + TIdAnsiChar($61) + TIdAnsiChar($6e) + TIdAnsiChar($73) + TIdAnsiChar($69) + TIdAnsiChar($6f) + TIdAnsiChar($6e);
+//
+//  (*
+//   * client write key
+//   *)
+//  TLS_MD_CLIENT_WRITE_KEY_CONST = TIdAnsiChar($63) + TIdAnsiChar($6c) + TIdAnsiChar($69) + TIdAnsiChar($65) + TIdAnsiChar($6e) + TIdAnsiChar($74) + TIdAnsiChar($20) + TIdAnsiChar($77) + TIdAnsiChar($72) + TIdAnsiChar($69) + TIdAnsiChar($74) + TIdAnsiChar($65) + TIdAnsiChar($20) + TIdAnsiChar($6b) + TIdAnsiChar($65) + TIdAnsiChar($79);
+//
+//  (*
+//   * server write key
+//   *)
+//  TLS_MD_SERVER_WRITE_KEY_CONST = TIdAnsiChar($73) + TIdAnsiChar($65) + TIdAnsiChar($72) + TIdAnsiChar($76) + TIdAnsiChar($65) + TIdAnsiChar($72) + TIdAnsiChar($20) + TIdAnsiChar($77) + TIdAnsiChar($72) + TIdAnsiChar($69) + TIdAnsiChar($74) + TIdAnsiChar($65) + TIdAnsiChar($20) + TIdAnsiChar($6b) + TIdAnsiChar($65) + TIdAnsiChar($79);
+//
+//  (*
+//   * IV block
+//   *)
+//  TLS_MD_IV_BLOCK_CONST = TIdAnsiChar($49) + TIdAnsiChar($56) + TIdAnsiChar($20) + TIdAnsiChar($62) + TIdAnsiChar($6c) + TIdAnsiChar($6f) + TIdAnsiChar($63) + TIdAnsiChar($6b);
+//
+//  (*
+//   * master secret
+//   *)
+//  TLS_MD_MASTER_SECRET_CONST = TIdAnsiChar($6d) + TIdAnsiChar($61) + TIdAnsiChar($73) + TIdAnsiChar($74) + TIdAnsiChar($65) + TIdAnsiChar($72) + TIdAnsiChar($20) + TIdAnsiChar($73) + TIdAnsiChar($65) + TIdAnsiChar($63) + TIdAnsiChar($72) + TIdAnsiChar($65) + TIdAnsiChar($74);
+//
+//  (*
+//   * extended master secret
+//   *)
+//  TLS_MD_EXTENDED_MASTER_SECRET_CONST = TIdAnsiChar($65) + TIdAnsiChar($78) + TIdAnsiChar($74) + TIdAnsiChar($65) + TIdAnsiChar($6e) + TIdAnsiChar($64) + TIdAnsiChar($65) + TIdAnsiChar($64) + TIdAnsiChar($20) + TIdAnsiChar($6d) + TIdAnsiChar($61) + TIdAnsiChar($73) + TIdAnsiChar($74) + TIdAnsiChar($65) + TIdAnsiChar($72) + TIdAnsiChar($20) + TIdAnsiChar($73) + TIdAnsiChar($65) + TIdAnsiChar($63) + TIdAnsiChar($72) + TIdAnsiChar($65) + TIdAnsiChar($74);
+
+type
+  (* TLS Session Ticket extension struct *)
   tls_session_ticket_ext_st = record
-    length: TIdC_USHORT;
-    data: Pointer;
-  end;
-
-{$REGION 'C compiler macros'}
-function SSL_set_tlsext_host_name(s: PSSL; const name: PIdAnsiChar): TIdC_LONG;
-{$ENDREGION}
-
-var
+    length: TIdC_USHORT;
+    data: Pointer;
+  end;
+
+{$REGION 'C compiler macros'}
+function SSL_set_tlsext_host_name(s: PSSL; const name: PIdAnsiChar): TIdC_LONG;
+{$ENDREGION}
+
+var
   function SSL_CTX_set_tlsext_max_fragment_length(ctx: PSSL_CTx; mode: TIdC_UINT8): TIdC_INT;
-  function SSL_set_tlsext_max_fragment_length(ssl: PSSL; mode: TIdC_UINT8): TIdC_INT;
+  function SSL_set_tlsext_max_fragment_length(ssl: PSSL; mode: TIdC_UINT8): TIdC_INT;
 
   function SSL_get_servername(const s: PSSL; const &type: TIdC_INT): PIdAnsiChar;
   function SSL_get_servername_type(const s: PSSL): TIdC_INT;
@@ -1120,9 +1120,9 @@ function SSL_set_tlsext_host_name(s: PSSL; const name: PIdAnsiChar): TIdC_LONG;
   function SSL_export_keying_material_early(s: PSSL; &out: PByte; olen: TIdC_SIZET; const &label: PIdAnsiChar; llen: TIdC_SIZET; const context: PByte; contextlen: TIdC_SIZET): TIdC_INT;
 
   function SSL_get_peer_signature_type_nid(const s: PSSl; pnid: PIdC_INT): TIdC_INT;
-  function SSL_get_signature_type_nid(const s: PSSl; pnid: PIdC_INT): TIdC_INT;
-  function SSL_get_sigalgs(s: PSSl; idx: TIdC_INT; psign: PIdC_INT; phash: PIdC_INT; psignandhash: PIdC_INT; rsig: PByte; rhash: PByte): TIdC_INT;
-  function SSL_get_shared_sigalgs(s: PSSl; idx: TIdC_INT; psign: PIdC_INT; phash: PIdC_INT; psignandhash: PIdC_INT; rsig: PByte; rhash: PByte): TIdC_INT;
+  function SSL_get_signature_type_nid(const s: PSSl; pnid: PIdC_INT): TIdC_INT;
+  function SSL_get_sigalgs(s: PSSl; idx: TIdC_INT; psign: PIdC_INT; phash: PIdC_INT; psignandhash: PIdC_INT; rsig: PByte; rhash: PByte): TIdC_INT;
+  function SSL_get_shared_sigalgs(s: PSSl; idx: TIdC_INT; psign: PIdC_INT; phash: PIdC_INT; psignandhash: PIdC_INT; rsig: PByte; rhash: PByte): TIdC_INT;
 
   //__owur TIdC_INT SSL_check_chain(s: PSSL, X509 *x, EVP_PKEY *pk, STACK_OF(X509) *chain);
 
@@ -1191,15 +1191,15 @@ function SSL_set_tlsext_host_name(s: PSSL; const name: PIdAnsiChar): TIdC_LONG;
   //                (void (*)(void))cb)
 
 implementation
-
uses
-  IdOpenSSLHeaders_ssl;
-
-
{$REGION 'C compiler macros'}
-//# define SSL_set_tlsext_host_name(s,name)         SSL_ctrl(s,SSL_CTRL_SET_TLSEXT_HOSTNAME,TLSEXT_NAMETYPE_host_name, (void *)name)
-function SSL_set_tlsext_host_name(s: PSSL; const name: PIdAnsiChar): TIdC_LONG;
-begin
-  Result := SSL_ctrl(s, SSL_CTRL_SET_TLSEXT_HOSTNAME, TLSEXT_NAMETYPE_host_name, Pointer(name));
-end;
+
uses
+  IdOpenSSLHeaders_ssl;
+
+
{$REGION 'C compiler macros'}
+//# define SSL_set_tlsext_host_name(s,name)         SSL_ctrl(s,SSL_CTRL_SET_TLSEXT_HOSTNAME,TLSEXT_NAMETYPE_host_name, (void *)name)
+function SSL_set_tlsext_host_name(s: PSSL; const name: PIdAnsiChar): TIdC_LONG;
+begin
+  Result := SSL_ctrl(s, SSL_CTRL_SET_TLSEXT_HOSTNAME, TLSEXT_NAMETYPE_host_name, Pointer(name));
+end;
 {$ENDREGION}
-
-end.
+
+end.
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_x509v3.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_x509v3.pas
index 1539aaf05..575b57e93 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_x509v3.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_x509v3.pas
@@ -1,55 +1,55 @@
-{******************************************************************************}
-{                                                                              }
-{            Indy (Internet Direct) - Internet Protocols Simplified            }
-{                                                                              }
-{            https://www.indyproject.org/                                      }
-{            https://gitter.im/IndySockets/Indy                                }
-{                                                                              }
-{******************************************************************************}
-{                                                                              }
-{  This file is part of the Indy (Internet Direct) project, and is offered     }
-{  under the dual-licensing agreement described on the Indy website.           }
-{  (https://www.indyproject.org/license/)                                      }
-{                                                                              }
-{  Copyright:                                                                  }
-{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
-{                                                                              }
-{******************************************************************************}
-{                                                                              }
-{        Originally written by: Fabian S. Biehn                                }
-{                               fbiehn@aagon.com (German & English)            }
-{                                                                              }
-{        Contributers:                                                         }
-{                               Here could be your name                        }
-{                                                                              }
-{******************************************************************************}
-
-unit IdOpenSSLHeaders_x509v3;
-
-interface
-
-// Headers for OpenSSL 1.1.1
-// x509v3.h
-
-{$i IdCompilerDefines.inc}
-
-uses
-  IdCTypes,
-  IdGlobal,
-  IdOpenSSLConsts,
-  IdOpenSSLHeaders_ossl_typ,
-  IdOpenSSLHeaders_asn1,
-  IdOpenSSLHeaders_asn1t,
-  IdOpenSSLHeaders_x509,
-  System.Types;
-
-const
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+unit IdOpenSSLHeaders_x509v3;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// x509v3.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts,
+  IdOpenSSLHeaders_ossl_typ,
+  IdOpenSSLHeaders_asn1,
+  IdOpenSSLHeaders_asn1t,
+  IdOpenSSLHeaders_x509,
+  System.Types;
+
+const
   (* ext_flags values *)
   X509V3_EXT_DYNAMIC      = $1;
   X509V3_EXT_CTX_DEP      = $2;
-  X509V3_EXT_MULTILINE    = $4;
-
-  // v3_ext_ctx
+  X509V3_EXT_MULTILINE    = $4;
+
+  // v3_ext_ctx
   CTX_TEST = $1;
   X509V3_CTX_REPLACE = $2;
 
@@ -291,7 +291,7 @@ //  v3_ext_method = record
 //      void (*free_string) (void *db, PIdAnsiChar *string);
 //      void (*free_section) (void *db, STACK_OF(CONF_VALUE) *section);
 //  } X509V3_CONF_METHOD;
-
+
 // Moved to ossl_typ
 //  (* Context specific info *)
 //  v3_ext_ctx = record
@@ -382,7 +382,7 @@   ACCESS_DESCRIPTION_st = record
 //  DEFINE_STACK_OF(ACCESS_DESCRIPTION)
 //  DIST_POINT_NAME_st_union = record
 //    case DWord of
-//      0: (GENERAL_NAMES *fullname);
+//      0: (GENERAL_NAMES *fullname);
 //      1: (STACK_OF(X509_NAME_ENTRY) *relativename);
 //  end;
   DIST_POINT_NAME_st = record
@@ -443,11 +443,11 @@ //  USERNOTICE_st = record
 //  PUSERNOTICE = ^USERNOTICE;
 
 //  POLICYQUALINFO_st_union = record
-//    case DWord of
+//    case DWord of
 //      0: (cpsuri: PASN1_IA5STRING);
 //      1: (usernotice: PUSERNOTICE);
 //      2: (other: PASN1_TYPE);
-//  end;
+//  end;
 //  POLICYQUALINFO_st = record
 //    pqualid: PASN1_OBJECT;
 //    d: POLICYQUALINFO_st_union;
@@ -571,27 +571,27 @@   ASRange_st = record
   ASIdOrRange_st = record
     &type: TIdC_INT;
     case u: DWord of
-      0: (id: PASN1_INTEGER);
+      0: (id: PASN1_INTEGER);
       1: (range: PASRange);
   end;
   ASIdOrRange = ASIdOrRange_st;
   PASIdOrRange = ^ASIdOrRange;
 //  typedef STACK_OF(ASIdOrRange) ASIdOrRanges;
 //  DEFINE_STACK_OF(ASIdOrRange)
-
-//  ASIdentifierChoice_st = record
-//    &type: TIdC_INT;
-//    case u: DWORD of
-//      0: (inherit: PASN1_NULL);
-//      1: (asIdsOrRanges: PASIdOrRanges);
-//  end;
-//  ASIdentifierChoice = ASIdentifierChoice_st;
-//  PASIdentifierChoice = ^ASIdentifierChoice;
-
-//  ASIdentifiers_st = record
-//    asnum, rdi: PASIdentifierChoice;
-//  end;
-//  ASIdentifiers = ASIdentifiers_st;
+
+//  ASIdentifierChoice_st = record
+//    &type: TIdC_INT;
+//    case u: DWORD of
+//      0: (inherit: PASN1_NULL);
+//      1: (asIdsOrRanges: PASIdOrRanges);
+//  end;
+//  ASIdentifierChoice = ASIdentifierChoice_st;
+//  PASIdentifierChoice = ^ASIdentifierChoice;
+
+//  ASIdentifiers_st = record
+//    asnum, rdi: PASIdentifierChoice;
+//  end;
+//  ASIdentifiers = ASIdentifiers_st;
 //  PASIdentifiers = ^ASIdentifiers;
 
 //  DECLARE_ASN1_FUNCTIONS(ASRange)
@@ -617,20 +617,20 @@   IPAddressOrRange_st = record
 //  typedef STACK_OF(IPAddressOrRange) IPAddressOrRanges;
 //  DEFINE_STACK_OF(IPAddressOrRange)
 
-//  IPAddressChoice_st = record
-//    &type: TIdC_INT;
-//    case u: DWORD of
-//      0: (inherit: PASN1_NULL);
-//      1: (addressesOrRanges: PIPAddressOrRanges);
-//  end;
-//  IPAddressChoice = IPAddressChoice_st;
-//  PIPAddressChoice = ^IPAddressChoice;
-
-//  IPAddressFamily_st = record
-//    addressFamily: PASN1_OCTET_STRING;
-//    ipAddressChoice: PIPAddressChoice;
-//  end;
-//  IPAddressFamily = IPAddressFamily_st;
+//  IPAddressChoice_st = record
+//    &type: TIdC_INT;
+//    case u: DWORD of
+//      0: (inherit: PASN1_NULL);
+//      1: (addressesOrRanges: PIPAddressOrRanges);
+//  end;
+//  IPAddressChoice = IPAddressChoice_st;
+//  PIPAddressChoice = ^IPAddressChoice;
+
+//  IPAddressFamily_st = record
+//    addressFamily: PASN1_OCTET_STRING;
+//    ipAddressChoice: PIPAddressChoice;
+//  end;
+//  IPAddressFamily = IPAddressFamily_st;
 //  PIPAddressFamily = ^IPAddressFamily;
 
 //  typedef STACK_OF(IPAddressFamily) IPAddrBlocks;
@@ -640,21 +640,21 @@ //  IPAddressFamily_st = record
 //  DECLARE_ASN1_FUNCTIONS(IPAddressOrRange)
 //  DECLARE_ASN1_FUNCTIONS(IPAddressChoice)
 //  DECLARE_ASN1_FUNCTIONS(IPAddressFamily)
-
+
   NamingAuthority_st = type Pointer;
-  NAMING_AUTHORITY = NamingAuthority_st;
-  PNAMING_AUTHORITY = ^NAMING_AUTHORITY;
-  
+  NAMING_AUTHORITY = NamingAuthority_st;
+  PNAMING_AUTHORITY = ^NAMING_AUTHORITY;
+  
   ProfessionInfo_st = type Pointer;
-  PROFESSION_INFO = ProfessionInfo_st;
-  PPROFESSION_INFO = ^PROFESSION_INFO;
-  
+  PROFESSION_INFO = ProfessionInfo_st;
+  PPROFESSION_INFO = ^PROFESSION_INFO;
+  
   Admissions_st = type Pointer;
-  ADMISSIONS = Admissions_st;
-  PADMISSIONS = ^ADMISSIONS;
-  
+  ADMISSIONS = Admissions_st;
+  PADMISSIONS = ^ADMISSIONS;
+  
   AdmissionSyntax_st = type Pointer;
-  ADMISSION_SYNTAX = AdmissionSyntax_st;
+  ADMISSION_SYNTAX = AdmissionSyntax_st;
   PADMISSION_SYNTAX = ^ADMISSION_SYNTAX;
 //  DECLARE_ASN1_FUNCTIONS(NAMING_AUTHORITY)
 //  DECLARE_ASN1_FUNCTIONS(PROFESSION_INFO)
@@ -922,6 +922,6 @@ //  IPAddressFamily_st = record
   function PROFESSION_INFO_get0_registrationNumber(const pi: PPROFESSION_INFO): PASN1_PRINTABLESTRING;
   procedure PROFESSION_INFO_set0_registrationNumber(pi: PPROFESSION_INFO; rn: PASN1_PRINTABLESTRING);
 
-
implementation
-
-end.
+
implementation
+
+end.

From c1d56d0a92954a22c6c9e320bcdc11bdd61f497d Mon Sep 17 00:00:00 2001
From: "Fabian S. Biehn" <fbiehn@aagon.com>
Date: Wed, 28 Oct 2020 15:25:11 +0100
Subject: [PATCH 06/64] Made intermediate code more compatible

* replaced usage of reserved words, for example &in -> in_
* removed regions
* replaced accidentally added dotted unit name in crypto

Thanks to @JedrzejczykRobert
---
 .../OpenSSL/GenerateCode/GenerateCode.dpr     |    4 -
 .../IntermediateCode/IdOpenSSLHeaders_aes.pas |   26 +-
 .../IdOpenSSLHeaders_asn1.pas                 |   46 +-
 .../IntermediateCode/IdOpenSSLHeaders_bio.pas |   22 +-
 .../IdOpenSSLHeaders_blowfish.pas             |    8 +-
 .../IntermediateCode/IdOpenSSLHeaders_bn.pas  |   16 +-
 .../IdOpenSSLHeaders_buffer.pas               |    2 +-
 .../IdOpenSSLHeaders_camellia.pas             |   20 +-
 .../IdOpenSSLHeaders_cast.pas                 |    8 +-
 .../IdOpenSSLHeaders_cmac.pas                 |   94 +-
 .../IntermediateCode/IdOpenSSLHeaders_cms.pas |   34 +-
 .../IdOpenSSLHeaders_comp.pas                 |    4 +-
 .../IdOpenSSLHeaders_conf.pas                 |    2 +-
 .../IdOpenSSLHeaders_crypto.pas               |   42 +-
 .../IntermediateCode/IdOpenSSLHeaders_dh.pas  |    2 +-
 .../IntermediateCode/IdOpenSSLHeaders_ec.pas  |   14 +-
 .../IntermediateCode/IdOpenSSLHeaders_err.pas |  354 +-
 .../IntermediateCode/IdOpenSSLHeaders_evp.pas |  796 +-
 .../IdOpenSSLHeaders_idea.pas                 |    8 +-
 .../IdOpenSSLHeaders_objects.pas              |   12 +-
 .../IdOpenSSLHeaders_ossl_typ.pas             |  625 +-
 .../IntermediateCode/IdOpenSSLHeaders_pem.pas |   10 +-
 .../IdOpenSSLHeaders_pkcs7.pas                |   60 +-
 .../IdOpenSSLHeaders_rand.pas                 |    4 +-
 .../IntermediateCode/IdOpenSSLHeaders_rsa.pas |   12 +-
 .../IntermediateCode/IdOpenSSLHeaders_ssl.pas |   92 +-
 .../IdOpenSSLHeaders_ssl3.pas                 |    3 +-
 .../IdOpenSSLHeaders_tls1.pas                 |   13 +-
 .../IntermediateCode/IdOpenSSLHeaders_ts.pas  |    2 +-
 .../IdOpenSSLHeaders_x509.pas                 |  104 +-
 .../IdOpenSSLHeaders_x509_vfy.pas             |  136 +-
 .../IdOpenSSLHeaders_x509v3.pas               |   40 +-
 .../OpenSSL/dynamic/IdOpenSSLHeaders_aes.pas  |   32 +-
 .../OpenSSL/dynamic/IdOpenSSLHeaders_asn1.pas |   52 +-
 .../dynamic/IdOpenSSLHeaders_asn1_mac.pas     |    2 +-
 .../dynamic/IdOpenSSLHeaders_asn1err.pas      |    6 +-
 .../dynamic/IdOpenSSLHeaders_asn1t.pas        |    6 +-
 .../dynamic/IdOpenSSLHeaders_async.pas        |    6 +-
 .../dynamic/IdOpenSSLHeaders_asyncerr.pas     |    6 +-
 .../OpenSSL/dynamic/IdOpenSSLHeaders_bio.pas  |   28 +-
 .../dynamic/IdOpenSSLHeaders_bioerr.pas       |    6 +-
 .../dynamic/IdOpenSSLHeaders_blowfish.pas     |   14 +-
 .../OpenSSL/dynamic/IdOpenSSLHeaders_bn.pas   |   22 +-
 .../dynamic/IdOpenSSLHeaders_bnerr.pas        |    6 +-
 .../dynamic/IdOpenSSLHeaders_buffer.pas       |    8 +-
 .../dynamic/IdOpenSSLHeaders_buffererr.pas    |    6 +-
 .../dynamic/IdOpenSSLHeaders_camellia.pas     |   24 +-
 .../OpenSSL/dynamic/IdOpenSSLHeaders_cast.pas |   14 +-
 .../OpenSSL/dynamic/IdOpenSSLHeaders_cmac.pas |   10 +-
 .../OpenSSL/dynamic/IdOpenSSLHeaders_cms.pas  |   40 +-
 .../dynamic/IdOpenSSLHeaders_cmserr.pas       |    6 +-
 .../OpenSSL/dynamic/IdOpenSSLHeaders_comp.pas |   10 +-
 .../dynamic/IdOpenSSLHeaders_comperr.pas      |    6 +-
 .../OpenSSL/dynamic/IdOpenSSLHeaders_conf.pas |    8 +-
 .../dynamic/IdOpenSSLHeaders_conf_api.pas     |    6 +-
 .../dynamic/IdOpenSSLHeaders_conferr.pas      |    6 +-
 .../dynamic/IdOpenSSLHeaders_crypto.pas       |   48 +-
 .../dynamic/IdOpenSSLHeaders_cryptoerr.pas    |    6 +-
 .../dynamic/IdOpenSSLHeaders_cterr.pas        |    6 +-
 .../OpenSSL/dynamic/IdOpenSSLHeaders_dh.pas   |    8 +-
 .../dynamic/IdOpenSSLHeaders_dherr.pas        |    6 +-
 .../OpenSSL/dynamic/IdOpenSSLHeaders_dsa.pas  |    6 +-
 .../dynamic/IdOpenSSLHeaders_dsaerr.pas       |    6 +-
 .../dynamic/IdOpenSSLHeaders_ebcdic.pas       |    6 +-
 .../OpenSSL/dynamic/IdOpenSSLHeaders_ec.pas   |   20 +-
 .../dynamic/IdOpenSSLHeaders_ecerr.pas        |    6 +-
 .../dynamic/IdOpenSSLHeaders_engine.pas       |    6 +-
 .../dynamic/IdOpenSSLHeaders_engineerr.pas    |    6 +-
 .../OpenSSL/dynamic/IdOpenSSLHeaders_err.pas  |   10 +-
 .../OpenSSL/dynamic/IdOpenSSLHeaders_evp.pas  |  109 +-
 .../dynamic/IdOpenSSLHeaders_evperr.pas       |    6 +-
 .../OpenSSL/dynamic/IdOpenSSLHeaders_hmac.pas |    6 +-
 .../OpenSSL/dynamic/IdOpenSSLHeaders_idea.pas |   14 +-
 .../dynamic/IdOpenSSLHeaders_kdferr.pas       |    6 +-
 .../dynamic/IdOpenSSLHeaders_obj_mac.pas      |    2 +-
 .../dynamic/IdOpenSSLHeaders_objects.pas      |   18 +-
 .../dynamic/IdOpenSSLHeaders_objectserr.pas   |    6 +-
 .../dynamic/IdOpenSSLHeaders_ocsperr.pas      |    6 +-
 .../dynamic/IdOpenSSLHeaders_ossl_typ.pas     |   16 +-
 .../OpenSSL/dynamic/IdOpenSSLHeaders_pem.pas  |   16 +-
 .../dynamic/IdOpenSSLHeaders_pemerr.pas       |    6 +-
 .../dynamic/IdOpenSSLHeaders_pkcs7.pas        |   66 +-
 .../dynamic/IdOpenSSLHeaders_pkcs7err.pas     |    6 +-
 .../OpenSSL/dynamic/IdOpenSSLHeaders_rand.pas |   10 +-
 .../dynamic/IdOpenSSLHeaders_randerr.pas      |    6 +-
 .../OpenSSL/dynamic/IdOpenSSLHeaders_rsa.pas  |   18 +-
 .../dynamic/IdOpenSSLHeaders_rsaerr.pas       |    6 +-
 .../OpenSSL/dynamic/IdOpenSSLHeaders_sha.pas  |    6 +-
 .../OpenSSL/dynamic/IdOpenSSLHeaders_srtp.pas |    6 +-
 .../OpenSSL/dynamic/IdOpenSSLHeaders_ssl.pas  |   95 +-
 .../OpenSSL/dynamic/IdOpenSSLHeaders_ssl3.pas |    2 +-
 .../dynamic/IdOpenSSLHeaders_sslerr.pas       |    6 +-
 .../dynamic/IdOpenSSLHeaders_storeerr.pas     |    6 +-
 .../OpenSSL/dynamic/IdOpenSSLHeaders_tls1.pas |   17 +-
 .../OpenSSL/dynamic/IdOpenSSLHeaders_ts.pas   |    8 +-
 .../dynamic/IdOpenSSLHeaders_tserr.pas        |    6 +-
 .../dynamic/IdOpenSSLHeaders_txt_db.pas       |    6 +-
 .../OpenSSL/dynamic/IdOpenSSLHeaders_ui.pas   |    6 +-
 .../dynamic/IdOpenSSLHeaders_uierr.pas        |    6 +-
 .../dynamic/IdOpenSSLHeaders_whrlpool.pas     |    6 +-
 .../OpenSSL/dynamic/IdOpenSSLHeaders_x509.pas |  110 +-
 .../dynamic/IdOpenSSLHeaders_x509_vfy.pas     |   34 +-
 .../dynamic/IdOpenSSLHeaders_x509err.pas      |    6 +-
 .../dynamic/IdOpenSSLHeaders_x509v3.pas       |   43 +-
 .../OpenSSL/static/IdOpenSSLHeaders_aes.pas   |   28 +-
 .../OpenSSL/static/IdOpenSSLHeaders_asn1.pas  |   48 +-
 .../static/IdOpenSSLHeaders_asn1_mac.pas      |    2 +-
 .../static/IdOpenSSLHeaders_asn1err.pas       |    2 +-
 .../OpenSSL/static/IdOpenSSLHeaders_asn1t.pas |    2 +-
 .../OpenSSL/static/IdOpenSSLHeaders_async.pas |    2 +-
 .../static/IdOpenSSLHeaders_asyncerr.pas      |    2 +-
 .../OpenSSL/static/IdOpenSSLHeaders_bio.pas   |   24 +-
 .../static/IdOpenSSLHeaders_bioerr.pas        |    2 +-
 .../static/IdOpenSSLHeaders_blowfish.pas      |   10 +-
 .../OpenSSL/static/IdOpenSSLHeaders_bn.pas    |   18 +-
 .../OpenSSL/static/IdOpenSSLHeaders_bnerr.pas |    2 +-
 .../static/IdOpenSSLHeaders_buffer.pas        |    4 +-
 .../static/IdOpenSSLHeaders_buffererr.pas     |    2 +-
 .../static/IdOpenSSLHeaders_camellia.pas      |   20 +-
 .../OpenSSL/static/IdOpenSSLHeaders_cast.pas  |   10 +-
 .../OpenSSL/static/IdOpenSSLHeaders_cmac.pas  |    6 +-
 .../OpenSSL/static/IdOpenSSLHeaders_cms.pas   |   36 +-
 .../static/IdOpenSSLHeaders_cmserr.pas        |    2 +-
 .../OpenSSL/static/IdOpenSSLHeaders_comp.pas  |    6 +-
 .../static/IdOpenSSLHeaders_comperr.pas       |    2 +-
 .../OpenSSL/static/IdOpenSSLHeaders_conf.pas  |    4 +-
 .../static/IdOpenSSLHeaders_conf_api.pas      |    2 +-
 .../static/IdOpenSSLHeaders_conferr.pas       |    2 +-
 .../static/IdOpenSSLHeaders_crypto.pas        |   44 +-
 .../static/IdOpenSSLHeaders_cryptoerr.pas     |    2 +-
 .../OpenSSL/static/IdOpenSSLHeaders_cterr.pas |    2 +-
 .../OpenSSL/static/IdOpenSSLHeaders_dh.pas    |   16 +-
 .../OpenSSL/static/IdOpenSSLHeaders_dherr.pas |    2 +-
 .../OpenSSL/static/IdOpenSSLHeaders_dsa.pas   |    2 +-
 .../static/IdOpenSSLHeaders_dsaerr.pas        |    2 +-
 .../static/IdOpenSSLHeaders_ebcdic.pas        |    2 +-
 .../OpenSSL/static/IdOpenSSLHeaders_ec.pas    |   16 +-
 .../OpenSSL/static/IdOpenSSLHeaders_ecerr.pas |    2 +-
 .../static/IdOpenSSLHeaders_engine.pas        |    2 +-
 .../static/IdOpenSSLHeaders_engineerr.pas     |    2 +-
 .../OpenSSL/static/IdOpenSSLHeaders_err.pas   |    6 +-
 .../OpenSSL/static/IdOpenSSLHeaders_evp.pas   |  105 +-
 .../static/IdOpenSSLHeaders_evperr.pas        |    2 +-
 .../OpenSSL/static/IdOpenSSLHeaders_hmac.pas  |    2 +-
 .../OpenSSL/static/IdOpenSSLHeaders_idea.pas  |   10 +-
 .../static/IdOpenSSLHeaders_kdferr.pas        |    2 +-
 .../static/IdOpenSSLHeaders_obj_mac.pas       | 6936 ++++++++++-------
 .../static/IdOpenSSLHeaders_objects.pas       |   14 +-
 .../static/IdOpenSSLHeaders_objectserr.pas    |    2 +-
 .../static/IdOpenSSLHeaders_ocsperr.pas       |    2 +-
 .../static/IdOpenSSLHeaders_ossl_typ.pas      |   16 +-
 .../OpenSSL/static/IdOpenSSLHeaders_pem.pas   |   12 +-
 .../static/IdOpenSSLHeaders_pemerr.pas        |    2 +-
 .../OpenSSL/static/IdOpenSSLHeaders_pkcs7.pas |   62 +-
 .../static/IdOpenSSLHeaders_pkcs7err.pas      |    2 +-
 .../OpenSSL/static/IdOpenSSLHeaders_rand.pas  |    6 +-
 .../static/IdOpenSSLHeaders_randerr.pas       |    2 +-
 .../OpenSSL/static/IdOpenSSLHeaders_rsa.pas   |   14 +-
 .../static/IdOpenSSLHeaders_rsaerr.pas        |    2 +-
 .../OpenSSL/static/IdOpenSSLHeaders_sha.pas   |    2 +-
 .../OpenSSL/static/IdOpenSSLHeaders_srtp.pas  |    2 +-
 .../OpenSSL/static/IdOpenSSLHeaders_ssl.pas   |   91 +-
 .../OpenSSL/static/IdOpenSSLHeaders_ssl3.pas  |    2 +-
 .../static/IdOpenSSLHeaders_sslerr.pas        |    2 +-
 .../static/IdOpenSSLHeaders_storeerr.pas      |    2 +-
 .../OpenSSL/static/IdOpenSSLHeaders_tls1.pas  |   13 +-
 .../OpenSSL/static/IdOpenSSLHeaders_ts.pas    |    4 +-
 .../OpenSSL/static/IdOpenSSLHeaders_tserr.pas |    2 +-
 .../static/IdOpenSSLHeaders_txt_db.pas        |    2 +-
 .../OpenSSL/static/IdOpenSSLHeaders_ui.pas    |    2 +-
 .../OpenSSL/static/IdOpenSSLHeaders_uierr.pas |    2 +-
 .../static/IdOpenSSLHeaders_whrlpool.pas      |    2 +-
 .../OpenSSL/static/IdOpenSSLHeaders_x509.pas  |  106 +-
 .../static/IdOpenSSLHeaders_x509_vfy.pas      |   30 +-
 .../static/IdOpenSSLHeaders_x509err.pas       |    2 +-
 .../static/IdOpenSSLHeaders_x509v3.pas        |   39 +-
 176 files changed, 6195 insertions(+), 5418 deletions(-)

diff --git a/Lib/Protocols/OpenSSL/GenerateCode/GenerateCode.dpr b/Lib/Protocols/OpenSSL/GenerateCode/GenerateCode.dpr
index c86be9a5e..bd64592bd 100644
--- a/Lib/Protocols/OpenSSL/GenerateCode/GenerateCode.dpr
+++ b/Lib/Protocols/OpenSSL/GenerateCode/GenerateCode.dpr
@@ -162,7 +162,6 @@ begin
       Inc(LOffset);
 
   Insert(AFile, '', LOffset);
-  Insert(AFile, '{$REGION ''Generated loading and unloading methods''}', LOffSet);
   Insert(AFile, 'procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);', LOffset);
   Insert(AFile, '', LOffset);
   Insert(AFile, '  function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;', LOffset);
@@ -184,16 +183,13 @@ begin
   for LMethod in AMethods do
     Insert(AFile, Format('  %s := nil;', [LMethod]), LOffset);
   Insert(AFile, 'end;', LOffset);
-  Insert(AFile, '{$ENDREGION}', LOffSet);
 
   if AVarIndex = -1 then
     Exit;
   LOffSet := Pred(AVarIndex);
   Insert(AFile, '', LOffSet);
-  Insert(AFile, '{$REGION ''Generated loading and unloading methods''}', LOffSet);
   Insert(AFile, 'procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);', LOffSet);
   Insert(AFile, 'procedure UnLoad;', LOffSet);
-  Insert(AFile, '{$ENDREGION}', LOffSet);
 
   LOffSet := Succ(AUsesIndex);
   Insert(AFile, '  Classes,', LOffset);
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_aes.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_aes.pas
index 936bf31b3..d0efb2093 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_aes.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_aes.pas
@@ -1,4 +1,4 @@
-{******************************************************************************}
+{******************************************************************************}
 {                                                                              }
 {            Indy (Internet Direct) - Internet Protocols Simplified            }
 {                                                                              }
@@ -65,22 +65,22 @@   aes_key_st = record
   function AES_set_encrypt_key(const userKey: PByte; const bits: TIdC_INT; const key: PAES_KEY): TIdC_INT;
   function AES_set_decrypt_key(const userKey: PByte; const bits: TIdC_INT; const key: PAES_KEY): TIdC_INT;
 
-  procedure AES_encrypt(const &in: PByte; &out: PByte; const key: PAES_KEY);
-  procedure AES_decrypt(const &in: PByte; &out: PByte; const key: PAES_KEY);
+  procedure AES_encrypt(const in_: PByte; out_: PByte; const key: PAES_KEY);
+  procedure AES_decrypt(const in_: PByte; out_: PByte; const key: PAES_KEY);
 
-  procedure AES_ecb_encrypt(const &in: PByte; &out: PByte; const key: PAES_KEY; const enc: TIdC_INT);
-  procedure AES_cbc_encrypt(const &in: PByte; &out: PByte; length: TIdC_SIZET; const key: PAES_KEY; ivec: PByte; const enc: TIdC_INT);
-  procedure AES_cfb128_encrypt(const &in: PByte; &out: PByte; length: TIdC_SIZET; const key: PAES_KEY; ivec: PByte; num: PIdC_INT; const enc: TIdC_INT);
-  procedure AES_cfb1_encrypt(const &in: PByte; &out: PByte; length: TIdC_SIZET; const key: PAES_KEY; ivec: PByte; num: PIdC_INT; const enc: TIdC_INT);
-  procedure AES_cfb8_encrypt(const &in: PByte; &out: PByte; length: TIdC_SIZET; const key: PAES_KEY; ivec: PByte; num: PIdC_INT; const enc: TIdC_INT);
-  procedure AES_ofb128_encrypt(const &in: PByte; &out: PByte; length: TIdC_SIZET; const key: PAES_KEY; ivec: PByte; num: PIdC_INT);
+  procedure AES_ecb_encrypt(const in_: PByte; out_: PByte; const key: PAES_KEY; const enc: TIdC_INT);
+  procedure AES_cbc_encrypt(const in_: PByte; out_: PByte; length: TIdC_SIZET; const key: PAES_KEY; ivec: PByte; const enc: TIdC_INT);
+  procedure AES_cfb128_encrypt(const in_: PByte; out_: PByte; length: TIdC_SIZET; const key: PAES_KEY; ivec: PByte; num: PIdC_INT; const enc: TIdC_INT);
+  procedure AES_cfb1_encrypt(const in_: PByte; out_: PByte; length: TIdC_SIZET; const key: PAES_KEY; ivec: PByte; num: PIdC_INT; const enc: TIdC_INT);
+  procedure AES_cfb8_encrypt(const in_: PByte; out_: PByte; length: TIdC_SIZET; const key: PAES_KEY; ivec: PByte; num: PIdC_INT; const enc: TIdC_INT);
+  procedure AES_ofb128_encrypt(const in_: PByte; out_: PByte; length: TIdC_SIZET; const key: PAES_KEY; ivec: PByte; num: PIdC_INT);
   (* NB: the IV is _two_ blocks long *)
-  procedure AES_ige_encrypt(const &in: PByte; &out: PByte; length: TIdC_SIZET; const key: PAES_KEY; ivec: PByte; const enc: TIdC_INT);
+  procedure AES_ige_encrypt(const in_: PByte; out_: PByte; length: TIdC_SIZET; const key: PAES_KEY; ivec: PByte; const enc: TIdC_INT);
   (* NB: the IV is _four_ blocks long *)
-  procedure AES_bi_ige_encrypt(const &in: PByte; &out: PByte; length: TIdC_SIZET; const key: PAES_KEY; const key2: PAES_KEY; ivec: PByte; const enc: TIdC_INT);
+  procedure AES_bi_ige_encrypt(const in_: PByte; out_: PByte; length: TIdC_SIZET; const key: PAES_KEY; const key2: PAES_KEY; ivec: PByte; const enc: TIdC_INT);
 
-  function AES_wrap_key(key: PAES_KEY; const iv: PByte; &out: PByte; const &in: PByte; inlen: TIdC_UINT): TIdC_INT;
-  function AES_unwrap_key(key: PAES_KEY; const iv: PByte; &out: PByte; const &in: PByte; inlen: TIdC_UINT): TIdC_INT;
+  function AES_wrap_key(key: PAES_KEY; const iv: PByte; out_: PByte; const in_: PByte; inlen: TIdC_UINT): TIdC_INT;
+  function AES_unwrap_key(key: PAES_KEY; const iv: PByte; out_: PByte; const in_: PByte; inlen: TIdC_UINT): TIdC_INT;
 
 implementation
 
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_asn1.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_asn1.pas
index 2ea7a5bf1..526bf1797 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_asn1.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_asn1.pas
@@ -256,7 +256,7 @@ interface
 ///(* This is the base type that holds just about everything :-) *)
 //  asn1_string_st = record
 //    length: TIdC_int;
-//    &type: TIdC_int;
+//    type_: TIdC_int;
 //    data: PByte;
 //    (*
 //     * The value of the following field depends on the type being held.  It
@@ -462,8 +462,8 @@   BIT_STRING_BITNAME_st = record
 var
 // DECLARE_ASN1_FUNCTIONS_fname(ASN1_TYPE, ASN1_ANY, ASN1_TYPE)
   function ASN1_TYPE_get(const a: PASN1_TYPE): TIdC_INT;
-  procedure ASN1_TYPE_set(a: PASN1_TYPE; &type: TIdC_INT; value: Pointer);
-  function ASN1_TYPE_set1(a: PASN1_TYPE; &type: TIdC_INT; const value: Pointer): TIdC_INT;
+  procedure ASN1_TYPE_set(a: PASN1_TYPE; type_: TIdC_INT; value: Pointer);
+  function ASN1_TYPE_set1(a: PASN1_TYPE; type_: TIdC_INT; const value: Pointer): TIdC_INT;
   function ASN1_TYPE_cmp(const a: PASN1_TYPE; const b: PASN1_TYPE): TIdC_INT;
 
   function ASN1_TYPE_pack_sequence(const it: PASN1_ITEM; s: Pointer; t: PPASN1_TYPE): PASN1_TYPE;
@@ -525,7 +525,7 @@   BIT_STRING_BITNAME_st = record
   function ASN1_GENERALIZEDTIME_adj(s: PASN1_GENERALIZEDTIME; t: TIdC_TIMET; offset_day: TIdC_INT; offset_sec: TIdC_LONG): PASN1_GENERALIZEDTIME;
   function ASN1_GENERALIZEDTIME_set_string(s: pASN1_GENERALIZEDTIME; const str: PAnsiChar): TIdC_INT;
 
-  function ASN1_TIME_diff(pday: PIdC_INT; psec: PIdC_INT; const from: PASN1_TIME; const &to: PASN1_TIME): TIdC_INT;
+  function ASN1_TIME_diff(pday: PIdC_INT; psec: PIdC_INT; const from: PASN1_TIME; const to_: PASN1_TIME): TIdC_INT;
 
   // DECLARE_ASN1_FUNCTIONS(ASN1_OCTET_STRING)
   function ASN1_OCTET_STRING_dup(const a: PASN1_OCTET_STRING): PASN1_OCTET_STRING;
@@ -558,7 +558,7 @@   BIT_STRING_BITNAME_st = record
   function ASN1_TIME_set(s: PASN1_TIME; t: TIdC_TIMET): PASN1_TIME;
   function ASN1_TIME_adj(s: PASN1_TIME; t: TIdC_TIMET; offset_day: TIdC_INT; offset_sec: TIdC_LONG): PASN1_TIME;
   function ASN1_TIME_check(const t: PASN1_TIME): TIdC_INT;
-  function ASN1_TIME_to_generalizedtime(const t: PASN1_TIME; &out: PPASN1_GENERALIZEDTIME): PASN1_GENERALIZEDTIME;
+  function ASN1_TIME_to_generalizedtime(const t: PASN1_TIME; out_: PPASN1_GENERALIZEDTIME): PASN1_GENERALIZEDTIME;
   function ASN1_TIME_set_string(s: PASN1_TIME; const str: PIdAnsiChar): TIdC_INT;
   function ASN1_TIME_set_string_X509(s: PASN1_TIME; const str: PIdAnsiChar): TIdC_INT;
   function ASN1_TIME_to_tm(const s: PASN1_TIME; tm: PIdC_TM): TIdC_INT;
@@ -572,7 +572,7 @@   BIT_STRING_BITNAME_st = record
   function a2i_ASN1_ENUMERATED(bp: PBIO; bs: PASN1_ENUMERATED; buf: PIdAnsiChar; size: TIdC_INT): TIdC_INT;
   function i2a_ASN1_OBJECT(bp: PBIO; const a: PASN1_OBJECT): TIdC_INT;
   function a2i_ASN1_STRING(bp: PBIO; bs: PASN1_STRING; buf: PAnsiChar; size: TIdC_INT): TIdC_INT;
-  function i2a_ASN1_STRING(bp: PBIO; const a: PASN1_STRING; &type: TIdC_INT): TIdC_INT;
+  function i2a_ASN1_STRING(bp: PBIO; const a: PASN1_STRING; type_: TIdC_INT): TIdC_INT;
   function i2t_ASN1_OBJECT(buf: PAnsiChar; buf_len: TIdC_INT; const a: PASN1_OBJECT): TIdC_INT;
 
   function a2d_ASN1_OBJECT(&out: PByte; olen: TIdC_INT; const buf: PIdAnsiChar; num: TIdC_INT): TIdC_INT;
@@ -641,8 +641,8 @@   BIT_STRING_BITNAME_st = record
   //                        in, \
   //                        CHECKED_PPTR_OF(type, x)))
   //
-  //function ASN1_item_d2i_fp(const it: PASN1_ITEM; &in: PFILE; x: Pointer): Pointer;
-  //function ASN1_i2d_fp(i2d: Pi2d_of_void; &out: PFILE; x: Pointer): TIdC_INT;
+  //function ASN1_item_d2i_fp(const it: PASN1_ITEM; in_: PFILE; x: Pointer): Pointer;
+  //function ASN1_i2d_fp(i2d: Pi2d_of_void; out_: PFILE; x: Pointer): TIdC_INT;
   //
   //#  define ASN1_i2d_fp_of(type,i2d,out,x) \
   //    (ASN1_i2d_fp(CHECKED_I2D_OF(type, i2d), \
@@ -654,11 +654,11 @@   BIT_STRING_BITNAME_st = record
   //                 out, \
   //                 CHECKED_PTR_OF(const type, x)))
   //
-  //function ASN1_item_i2d_fp(const it: PASN1_ITEM; &out: PFILE; x: Pointer): TIdC_INT;
+  //function ASN1_item_i2d_fp(const it: PASN1_ITEM; out_: PFILE; x: Pointer): TIdC_INT;
   //function ASN1_STRING_print_ex_fp(&fp: PFILE; const str: PASN1_STRING; flags: TIdC_ULONG): TIdC_INT;
   //# endif
 
-  function ASN1_STRING_to_UTF8(&out: PPByte; const &in: PASN1_STRING): TIdC_INT;
+  function ASN1_STRING_to_UTF8(&out: PPByte; const in_: PASN1_STRING): TIdC_INT;
 
   //void *ASN1_d2i_bio(void *(*xnew) (void), d2i_of_void *d2i, BIO *in, void **x);
 
@@ -668,8 +668,8 @@   BIT_STRING_BITNAME_st = record
   //                          in, \
   //                          CHECKED_PPTR_OF(type, x)))
 
-  function ASN1_item_d2i_bio(const it: PASN1_ITEM; &in: PBIO; x: Pointer): Pointer;
-  function ASN1_i2d_bio(i2d: Pi2d_of_void; &out: PBIO; x: PByte): TIdC_INT;
+  function ASN1_item_d2i_bio(const it: PASN1_ITEM; in_: PBIO; x: Pointer): Pointer;
+  function ASN1_i2d_bio(i2d: Pi2d_of_void; out_: PBIO; x: PByte): TIdC_INT;
 
   //#  define ASN1_i2d_bio_of(type,i2d,out,x) \
   //    (ASN1_i2d_bio(CHECKED_I2D_OF(type, i2d), \
@@ -681,7 +681,7 @@   BIT_STRING_BITNAME_st = record
   //                  out, \
   //                  CHECKED_PTR_OF(const type, x)))
 
-  function ASN1_item_i2d_bio(const it: PASN1_ITEM; &out: PBIO; x: Pointer): TIdC_INT;
+  function ASN1_item_i2d_bio(const it: PASN1_ITEM; out_: PBIO; x: Pointer): TIdC_INT;
   function ASN1_UTCTIME_print(fp: PBIO; const a: PASN1_UTCTIME): TIdC_INT;
   function ASN1_GENERALIZEDTIME_print(fp: PBIO; const a: PASN1_GENERALIZEDTIME): TIdC_INT;
   function ASN1_TIME_print(fp: PBIO; const a: PASN1_TIME): TIdC_INT;
@@ -709,10 +709,10 @@   BIT_STRING_BITNAME_st = record
   procedure ASN1_STRING_set_default_mask(mask: TIdC_ULONG);
   function ASN1_STRING_set_default_mask_asc(const p: PAnsiChar): TIdC_INT;
   function ASN1_STRING_get_default_mask: TIdC_ULONG;
-  function ASN1_mbstring_copy(&out: PPASN1_STRING; const &in: PByte; len: TIdC_INT; inform: TIdC_INT; mask: TIdC_ULONG): TIdC_INT;
-  function ASN1_mbstring_ncopy(&out: PPASN1_STRING; const &in: PByte; len: TIdC_INT; inform: TIdC_INT; mask: TIdC_ULONG; minsize: TIdC_LONG; maxsize: TIdC_LONG): TIdC_INT;
+  function ASN1_mbstring_copy(&out: PPASN1_STRING; const in_: PByte; len: TIdC_INT; inform: TIdC_INT; mask: TIdC_ULONG): TIdC_INT;
+  function ASN1_mbstring_ncopy(&out: PPASN1_STRING; const in_: PByte; len: TIdC_INT; inform: TIdC_INT; mask: TIdC_ULONG; minsize: TIdC_LONG; maxsize: TIdC_LONG): TIdC_INT;
 
-  function ASN1_STRING_set_by_NID(&out: PPASN1_STRING; const &in: PByte; inlen: TIdC_INT; inform: TIdC_INT; nid: TIdC_INT): PASN1_STRING;
+  function ASN1_STRING_set_by_NID(&out: PPASN1_STRING; const in_: PByte; inlen: TIdC_INT; inform: TIdC_INT; nid: TIdC_INT): PASN1_STRING;
   function ASN1_STRING_TABLE_get(nid: TIdC_INT): PASN1_STRING_TABLE;
   function ASN1_STRING_TABLE_add(v1: TIdC_INT; v2: TIdC_LONG; v3: TIdC_LONG; v4: TIdC_ULONG; v5: TIdC_ULONG): TIdC_INT;
   procedure ASN1_STRING_TABLE_cleanup;
@@ -722,9 +722,9 @@   BIT_STRING_BITNAME_st = record
   (* Old API compatible functions *)
   function ASN1_item_new(const it: PASN1_ITEM): PASN1_VALUE;
   procedure ASN1_item_free(val: PASN1_VALUE; const it: PASN1_ITEM);
-  function ASN1_item_d2i(val: PPASN1_VALUE; const &in: PPByte; len: TIdC_LONG; const it: PASN1_ITEM): PASN1_VALUE;
-  function ASN1_item_i2d(val: PASN1_VALUE; &out: PPByte; const it: PASN1_ITEM): TIdC_INT;
-  function ASN1_item_ndef_i2d(val: PASN1_VALUE; &out: PPByte; const it: PASN1_ITEM): TIdC_INT;
+  function ASN1_item_d2i(val: PPASN1_VALUE; const in_: PPByte; len: TIdC_LONG; const it: PASN1_ITEM): PASN1_VALUE;
+  function ASN1_item_i2d(val: PASN1_VALUE; out_: PPByte; const it: PASN1_ITEM): TIdC_INT;
+  function ASN1_item_ndef_i2d(val: PASN1_VALUE; out_: PPByte; const it: PASN1_ITEM): TIdC_INT;
 
   procedure ASN1_add_oid_module;
   procedure ASN1_add_stable_module;
@@ -759,14 +759,14 @@   BIT_STRING_BITNAME_st = record
 
   function BIO_new_NDEF(&out: PBIO; val: PASN1_VALUE; const it: PASN1_ITEM): PBIO;
 
-  function i2d_ASN1_bio_stream(&out: PBIO; val: PASN1_VALUE; &in: PBIO; flags: TIdC_INT; const it: PASN1_ITEM): TIdC_INT;
-  function PEM_write_bio_ASN1_stream(&out: PBIO; val: PASN1_VALUE; &in: PBIO; flags: TIdC_INT; const hdr: PAnsiChar; const it: PASN1_ITEM): TIdC_INT;
+  function i2d_ASN1_bio_stream(&out: PBIO; val: PASN1_VALUE; in_: PBIO; flags: TIdC_INT; const it: PASN1_ITEM): TIdC_INT;
+  function PEM_write_bio_ASN1_stream(&out: PBIO; val: PASN1_VALUE; in_: PBIO; flags: TIdC_INT; const hdr: PAnsiChar; const it: PASN1_ITEM): TIdC_INT;
   //function SMIME_write_ASN1(bio: PBIO; val: PASN1_VALUE; data: PBIO; flags: TIdC_INT;
   //                     ctype_nid: TIdC_INT; econt_nid: TIdC_INT;
   //                     STACK_OF(X509_ALGOR) *mdalgs, const ASN1_ITEM *it): TIdC_INT;
   function SMIME_read_ASN1(bio: PBIO; bcont: PPBIO; const it: PASN1_ITEM): PASN1_VALUE;
-  function SMIME_crlf_copy(&in: PBIO; &out: PBIO; flags: TIdC_INT): TIdC_INT;
-  function SMIME_text(&in: PBIO; &out: PBIO): TIdC_INT;
+  function SMIME_crlf_copy(&in: PBIO; out_: PBIO; flags: TIdC_INT): TIdC_INT;
+  function SMIME_text(&in: PBIO; out_: PBIO): TIdC_INT;
 
   function ASN1_ITEM_lookup(const name: PIdAnsiChar): PASN1_ITEM;
   function ASN1_ITEM_get(i: TIdC_SIZET): PASN1_ITEM;
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_bio.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_bio.pas
index 1ab63fdef..c5899726f 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_bio.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_bio.pas
@@ -43,14 +43,11 @@ interface
 
 const
   (* There are the classes of BIOs *)
-  {$REGION 'BIO_TYPE_*'}
   BIO_TYPE_DESCRIPTOR = $0100;
   BIO_TYPE_FILTER = $0200;
   BIO_TYPE_SOURCE_SINK = $0400;
-  {$ENDREGION}
 
   (* These are the 'types' of BIOs *)
-  {$REGION 'BIO_TYPE_*'}
   BIO_TYPE_NONE = 0;
   BIO_TYPE_MEM =  1 or BIO_TYPE_SOURCE_SINK;
   BIO_TYPE_FILE =  2 or BIO_TYPE_SOURCE_SINK;
@@ -74,7 +71,6 @@ interface
   BIO_TYPE_ASN1        = 22 or BIO_TYPE_FILTER;
   BIO_TYPE_COMP        = 23 or BIO_TYPE_FILTER;
   BIO_TYPE_DGRAM_SCTP  = 24 or BIO_TYPE_SOURCE_SINK or BIO_TYPE_DESCRIPTOR;
-  {$ENDREGION}
 
   BIO_TYPE_START = 128;
 
@@ -82,15 +78,12 @@ interface
    * BIO_FILENAME_READ|BIO_CLOSE to open or close on free.
    * BIO_set_fp(in,stdin,BIO_NOCLOSE);
    *)
-  {$REGION}
   BIO_NOCLOSE = $00;
   BIO_CLOSE   = $01;
-  {$ENDREGION}
 
   (*
    * These are used in the following macros and are passed to BIO_ctrl()
    *)
-  {$REGION 'BIO_CTRL_*'}
   BIO_CTRL_RESET        = 1;(* opt - rewind/zero etc *)
   BIO_CTRL_EOF          = 2;(* opt - are we at the eof *)
   BIO_CTRL_INFO         = 3;(* opt - extra tit-bits *)
@@ -161,7 +154,6 @@ interface
   BIO_CTRL_DGRAM_SCTP_SAVE_SHUTDOWN     = 70;
 
   BIO_CTRL_DGRAM_SET_PEEK_MODE          = 71;
-  {$ENDREGION}
 
   (* modifiers *)
   BIO_FP_READ            = $02;
@@ -169,7 +161,6 @@ interface
   BIO_FP_APPEND          = $08;
   BIO_FP_TEXT            = $10;
 
-  {$REGION 'BIO_FLAGS_*}
   BIO_FLAGS_READ         = $01;
   BIO_FLAGS_WRITE        = $02;
   BIO_FLAGS_IO_SPECIAL   = $04;
@@ -185,18 +176,14 @@ interface
    *)
   BIO_FLAGS_MEM_RDONLY   = $200;
   BIO_FLAGS_NONCLEAR_RST = $400;
-  {$ENDREGION}
 
-  {$REGION 'BIO_RR_*'}
   BIO_RR_SSL_X509_LOOKUP = $01;
   (* Returned from the connect BIO when a connect would have blocked *)
   BIO_RR_CONNECT         = $02;
   (* Returned from the accept BIO when an accept would have blocked *)
   BIO_RR_ACCEPT          = $03;
-  {$ENDREGION}
 
   (* These are passed by the BIO callback *)
-  {$REGION 'BIO_CB_*'}
   BIO_CB_FREE  = $01;
   BIO_CB_READ  = $02;
   BIO_CB_WRITE = $03;
@@ -211,9 +198,7 @@ interface
 //# define BIO_CB_return(a) ((a)|BIO_CB_RETURN)
 //# define BIO_cb_pre(a)   (!((a)&BIO_CB_RETURN))
 //# define BIO_cb_post(a)  ((a)&BIO_CB_RETURN)
-  {$ENDREGION}
 
-  {$REGION 'BIO_C_*'}
   BIO_C_SET_CONNECT                 = 100;
   BIO_C_DO_STATE_MACHINE            = 101;
   BIO_C_SET_NBIO                    = 102;
@@ -275,15 +260,12 @@ interface
   BIO_C_GET_EX_ARG                  = 154;
 
   BIO_C_SET_CONNECT_MODE            = 155;
-  {$ENDREGION}
 
-  {$REGION 'BIO_SOCK_*'}
   BIO_SOCK_REUSEADDR = $01;
   BIO_SOCK_V6_ONLY   = $02;
   BIO_SOCK_KEEPALIVE = $04;
   BIO_SOCK_NONBLOCK  = $08;
   BIO_SOCK_NODELAY   = $10;
-  {$ENDREGION}
 
 type
   BIO_ADDR = Pointer; // bio_addr_st
@@ -672,7 +654,7 @@ function BIO_do_handshake(b: PBIO): TIdC_LONG;
 
   function BIO_set_tcp_ndelay(sock: TIdC_INT; turn_on: TIdC_INT): TIdC_INT;
 
-  function BIO_sock_info(sock: TIdC_INT; &type: BIO_sock_info_type; info: PBIO_sock_info_u): TIdC_INT;
+  function BIO_sock_info(sock: TIdC_INT; type_: BIO_sock_info_type; info: PBIO_sock_info_u): TIdC_INT;
 
   function BIO_socket(domain: TIdC_INT; socktype: TIdC_INT; protocol: TIdC_INT; options: TIdC_INT): TIdC_INT;
   function BIO_connect(sock: TIdC_INT; const addr: PBIO_ADDR; options: TIdC_INT): TIdC_INT;
@@ -732,7 +714,6 @@ function BIO_do_handshake(b: PBIO): TIdC_LONG;
 
 implementation
 
-{$REGION 'C compiler macros'}
 // # define BIO_get_flags(b) BIO_test_flags(b, ~(0x0))
 function BIO_get_flags(const b: PBIO): TIdC_INT;
 begin
@@ -821,7 +802,6 @@ function BIO_do_handshake(b: PBIO): TIdC_LONG;
 begin
   Result := BIO_ctrl(b, BIO_C_DO_STATE_MACHINE, 0, nil);
 end;
-{$ENDREGION}
 
 end.
 
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_blowfish.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_blowfish.pas
index 2e24441cb..d757d9999 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_blowfish.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_blowfish.pas
@@ -64,10 +64,10 @@   bf_key_st = record
   procedure BF_encrypt(data: PBF_LONG; const key: PBF_KEY);
   procedure BF_decrypt(data: PBF_LONG; const key: PBF_KEY);
 
-  procedure BF_ecb_encrypt(const &in: PByte; &out: PByte; key: PBF_KEY; enc: TIdC_INT);
-  procedure BF_cbc_encrypt(const &in: PByte; &out: PByte; length: TIdC_LONG; schedule: PBF_KEY; ivec: PByte; enc: TIdC_INT);
-  procedure BF_cfb64_encrypt(const &in: PByte; &out: PByte; length: TIdC_LONG; schedule: PBF_KEY; ivec: PByte; num: PIdC_INT; enc: TIdC_INT);
-  procedure BF_ofb64_encrypt(const &in: PByte; &out: PByte; length: TIdC_LONG; schedule: PBF_KEY; ivec: PByte; num: PIdC_INT);
+  procedure BF_ecb_encrypt(const in_: PByte; out_: PByte; key: PBF_KEY; enc: TIdC_INT);
+  procedure BF_cbc_encrypt(const in_: PByte; out_: PByte; length: TIdC_LONG; schedule: PBF_KEY; ivec: PByte; enc: TIdC_INT);
+  procedure BF_cfb64_encrypt(const in_: PByte; out_: PByte; length: TIdC_LONG; schedule: PBF_KEY; ivec: PByte; num: PIdC_INT; enc: TIdC_INT);
+  procedure BF_ofb64_encrypt(const in_: PByte; out_: PByte; length: TIdC_LONG; schedule: PBF_KEY; ivec: PByte; num: PIdC_INT);
 
   function BF_options: PIdAnsiChar;
 
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_bn.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_bn.pas
index b1a25abf9..ede9ce897 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_bn.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_bn.pas
@@ -203,12 +203,12 @@ interface
   function BN_copy(a: PBIGNUM; b: PBIGNUM): PBIGNUM;
   procedure BN_swap(a: PBIGNUM; b: PBIGNUM);
   function BN_bin2bn(const s: PByte; len: TIdC_INT; ret: PBIGNUM): PBIGNUM;
-  function BN_bn2bin(const a: PBIGNUM; &to: PByte): TIdC_INT;
-  function BN_bn2binpad(const a: PBIGNUM; &to: PByte; tolen: TIdC_INT): TIdC_INT;
+  function BN_bn2bin(const a: PBIGNUM; to_: PByte): TIdC_INT;
+  function BN_bn2binpad(const a: PBIGNUM; to_: PByte; tolen: TIdC_INT): TIdC_INT;
   function BN_lebin2bn(const s: PByte; len: TIdC_INT; ret: PBIGNUM): PBIGNUM;
-  function BN_bn2lebinpad(a: PBIGNUM; &to: PByte; tolen: TIdC_INT): TIdC_INT;
+  function BN_bn2lebinpad(a: PBIGNUM; to_: PByte; tolen: TIdC_INT): TIdC_INT;
   function BN_mpi2bn(const s: PByte; len: TIdC_INT; ret: PBIGNUM): PBIGNUM;
-  function BN_bn2mpi(a: PBIGNUM; &to: PByte): TIdC_INT;
+  function BN_bn2mpi(a: PBIGNUM; to_: PByte): TIdC_INT;
   function BN_sub(r: PBIGNUM; const a: PBIGNUM; const b: PBIGNUM): TIdC_INT;
   function BN_usub(r: PBIGNUM; const a: PBIGNUM; const b: PBIGNUM): TIdC_INT;
   function BN_uadd(r: PBIGNUM; const a: PBIGNUM; const b: PBIGNUM): TIdC_INT;
@@ -297,11 +297,11 @@ interface
   function BN_to_montgomery(r: PBIGNUM; a: PBIGNUM; mont: PBN_MONT_CTX; ctx: PBN_CTX): TIdC_INT;
   function BN_from_montgomery(r: PBIGNUM; a: PBIGNUM; mont: PBN_MONT_CTX; ctx: PBN_CTX): TIdC_INT;
   procedure BN_MONT_CTX_free(mont: PBN_MONT_CTX);
-  function BN_MONT_CTX_set(mont: PBN_MONT_CTX; &mod: PBIGNUM; ctx: PBN_CTX): TIdC_INT;
+  function BN_MONT_CTX_set(mont: PBN_MONT_CTX; mod_: PBIGNUM; ctx: PBN_CTX): TIdC_INT;
   function BN_MONT_CTX_copy(&to: PBN_MONT_CTX; from: PBN_MONT_CTX): PBN_MONT_CTX;
-//  function BN_MONT_CTX_set_locked(pmont: ^PBN_MONT_CTX; lock: CRYPTO_RWLOCK; &mod: PBIGNUM; ctx: PBN_CTX): PBN_MONT_CTX;
+//  function BN_MONT_CTX_set_locked(pmont: ^PBN_MONT_CTX; lock: CRYPTO_RWLOCK; mod_: PBIGNUM; ctx: PBN_CTX): PBN_MONT_CTX;
 
-  function BN_BLINDING_new(const A: PBIGNUM; const Ai: PBIGNUM; &mod: PBIGNUM): PBN_BLINDING;
+  function BN_BLINDING_new(const A: PBIGNUM; const Ai: PBIGNUM; mod_: PBIGNUM): PBN_BLINDING;
   procedure BN_BLINDING_free(b: PBN_BLINDING);
   function BN_BLINDING_update(b: PBN_BLINDING; ctx: PBN_CTX): TIdC_INT;
   function BN_BLINDING_convert(n: PBIGNUM; b: PBN_BLINDING; ctx: PBN_CTX): TIdC_INT;
@@ -407,7 +407,7 @@ interface
 //int (*BN_nist_mod_func(const BIGNUM *p)) (BIGNUM *r, const BIGNUM *a,
 //                                          const BIGNUM *field, BN_CTX *ctx);
 
-  function BN_generate_dsa_nonce(&out: PBIGNUM; range: PBIGNUM; priv: PBIGNUM; const &message: PByte; message_len: TIdC_SIZET; ctx: PBN_CTX): TIdC_INT;
+  function BN_generate_dsa_nonce(&out: PBIGNUM; range: PBIGNUM; priv: PBIGNUM; const message_: PByte; message_len: TIdC_SIZET; ctx: PBN_CTX): TIdC_INT;
 
   (* Primes from RFC 2409 *)
   function BN_get_rfc2409_prime_768(bn: PBIGNUM ): PBIGNUM;
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_buffer.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_buffer.pas
index f18a7306a..0fff7e7ba 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_buffer.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_buffer.pas
@@ -56,7 +56,7 @@   buf_mem_st = record
   procedure BUF_MEM_free(a: PBUF_MEM);
   function BUF_MEM_grow(str: PBUF_MEM; len: TIdC_SIZET): TIdC_SIZET;
   function BUF_MEM_grow_clean(str: PBUF_MEM; len: TIdC_SIZET): TIdC_SIZET;
-  procedure BUF_reverse(&out: PByte; const &in: PByte; siz: TIdC_SIZET);
+  procedure BUF_reverse(&out: PByte; const in_: PByte; siz: TIdC_SIZET);
 
 implementation
 
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_camellia.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_camellia.pas
index f68d9edd5..268182182 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_camellia.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_camellia.pas
@@ -71,16 +71,16 @@   camellia_key_st = record
 var
   function Camellia_set_key(const userKey: PByte; const bits: TIdC_INT; key: PCAMELLIA_KEY): TIdC_INT;
 
-  procedure Camellia_encrypt(const &in: PByte; const &out: PByte; const key: PCAMELLIA_KEY);
-  procedure Camellia_decrypt(const &in: PByte; const &out: PByte; const key: PCAMELLIA_KEY);
-
-  procedure Camellia_ecb_encrypt( const &in: PByte; const &out: PByte; const key: PCAMELLIA_KEY; const enc: TIdC_INT);
-  procedure Camellia_cbc_encrypt( const &in: PByte; const &out: PByte; length: TIdC_SIZET; const key: PCAMELLIA_KEY; ivec: PByte; const enc: TIdC_INT);
-  procedure Camellia_cfb128_encrypt( const &in: PByte; const &out: PByte; length: TIdC_SIZET; const key: PCAMELLIA_KEY; ivec: PByte; num: PIdC_INT; const enc: TIdC_INT);
-  procedure Camellia_cfb1_encrypt( const &in: PByte; const &out: PByte; length: TIdC_SIZET; const key: PCAMELLIA_KEY; ivec: PByte; num: PIdC_INT; const enc: TIdC_INT);
-  procedure Camellia_cfb8_encrypt( const &in: PByte; const &out: PByte; length: TIdC_SIZET; const key: PCAMELLIA_KEY; ivec: PByte; num: PIdC_INT; const enc: TIdC_INT);
-  procedure Camellia_ofb128_encrypt( const &in: PByte; const &out: PByte; length: TIdC_SIZET; const key: PCAMELLIA_KEY; ivec: PByte; num: PIdC_INT);
-  procedure Camellia_ctr128_encrypt( const &in: PByte; const &out: PByte; length: TIdC_SIZET; const key: PCAMELLIA_KEY; ivec: TCamellia_ctr128_encrypt_ivec; ecount_buf: TCamellia_ctr128_encrypt_ecount_buf; num: PIdC_INT);
+  procedure Camellia_encrypt(const in_: PByte; const out_: PByte; const key: PCAMELLIA_KEY);
+  procedure Camellia_decrypt(const in_: PByte; const out_: PByte; const key: PCAMELLIA_KEY);
+
+  procedure Camellia_ecb_encrypt( const in_: PByte; const out_: PByte; const key: PCAMELLIA_KEY; const enc: TIdC_INT);
+  procedure Camellia_cbc_encrypt( const in_: PByte; const out_: PByte; length: TIdC_SIZET; const key: PCAMELLIA_KEY; ivec: PByte; const enc: TIdC_INT);
+  procedure Camellia_cfb128_encrypt( const in_: PByte; const out_: PByte; length: TIdC_SIZET; const key: PCAMELLIA_KEY; ivec: PByte; num: PIdC_INT; const enc: TIdC_INT);
+  procedure Camellia_cfb1_encrypt( const in_: PByte; const out_: PByte; length: TIdC_SIZET; const key: PCAMELLIA_KEY; ivec: PByte; num: PIdC_INT; const enc: TIdC_INT);
+  procedure Camellia_cfb8_encrypt( const in_: PByte; const out_: PByte; length: TIdC_SIZET; const key: PCAMELLIA_KEY; ivec: PByte; num: PIdC_INT; const enc: TIdC_INT);
+  procedure Camellia_ofb128_encrypt( const in_: PByte; const out_: PByte; length: TIdC_SIZET; const key: PCAMELLIA_KEY; ivec: PByte; num: PIdC_INT);
+  procedure Camellia_ctr128_encrypt( const in_: PByte; const out_: PByte; length: TIdC_SIZET; const key: PCAMELLIA_KEY; ivec: TCamellia_ctr128_encrypt_ivec; ecount_buf: TCamellia_ctr128_encrypt_ecount_buf; num: PIdC_INT);
 
 implementation
 
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_cast.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_cast.pas
index ac28d85ce..bc9cb582e 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_cast.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_cast.pas
@@ -58,12 +58,12 @@   cast_key_st = record
 
 var
   procedure CAST_set_key(key: PCast_Key; len: TIdC_INT; const data: PByte);
-  procedure CAST_ecb_encrypt(const &in: PByte; &out: PByte; const key: PCast_Key; enc: TIdC_INT);
+  procedure CAST_ecb_encrypt(const in_: PByte; out_: PByte; const key: PCast_Key; enc: TIdC_INT);
   procedure CAST_encrypt(data: PCAST_LONG; const key: PCast_Key);
   procedure CAST_decrypt(data: PCAST_LONG; const key: PCast_Key);
-  procedure CAST_cbc_encrypt(const &in: PByte; &out: PByte; length: TIdC_LONG; const ks: PCast_Key; iv: PByte; enc: TIdC_INT);
-  procedure CAST_cfb64_encrypt(const &in: PByte; &out: PByte; length: TIdC_LONG; const schedule: PCast_Key; ivec: PByte; num: PIdC_INT; enc: TIdC_INT);
-  procedure CAST_ofb64_encrypt(const &in: PByte; &out: PByte; length: TIdC_LONG; const schedule: PCast_Key; ivec: PByte; num: PIdC_INT);
+  procedure CAST_cbc_encrypt(const in_: PByte; out_: PByte; length: TIdC_LONG; const ks: PCast_Key; iv: PByte; enc: TIdC_INT);
+  procedure CAST_cfb64_encrypt(const in_: PByte; out_: PByte; length: TIdC_LONG; const schedule: PCast_Key; ivec: PByte; num: PIdC_INT; enc: TIdC_INT);
+  procedure CAST_ofb64_encrypt(const in_: PByte; out_: PByte; length: TIdC_LONG; const schedule: PCast_Key; ivec: PByte; num: PIdC_INT);
 
 implementation
 
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_cmac.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_cmac.pas
index 309baa107..7736215a2 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_cmac.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_cmac.pas
@@ -1,43 +1,43 @@
-{******************************************************************************}
-{                                                                              }
-{            Indy (Internet Direct) - Internet Protocols Simplified            }
-{                                                                              }
-{            https://www.indyproject.org/                                      }
-{            https://gitter.im/IndySockets/Indy                                }
-{                                                                              }
-{******************************************************************************}
-{                                                                              }
-{  This file is part of the Indy (Internet Direct) project, and is offered     }
-{  under the dual-licensing agreement described on the Indy website.           }
-{  (https://www.indyproject.org/license/)                                      }
-{                                                                              }
-{  Copyright:                                                                  }
-{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
-{                                                                              }
-{******************************************************************************}
-{                                                                              }
-{        Originally written by: Fabian S. Biehn                                }
-{                               fbiehn@aagon.com (German & English)            }
-{                                                                              }
-{        Contributers:                                                         }
-{                               Here could be your name                        }
-{                                                                              }
-{******************************************************************************}
-
-unit IdOpenSSLHeaders_cmac;
-
-interface
-
-// Headers for OpenSSL 1.1.1
-// cmac.h
-
-{$i IdCompilerDefines.inc}
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+unit IdOpenSSLHeaders_cmac;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// cmac.h
+
+{$i IdCompilerDefines.inc}
 
 uses
   IdCTypes,
   IdGlobal,
   IdOpenSSLConsts,
-  IdOpenSSLHeaders_evp,
+  IdOpenSSLHeaders_evp,
   IdOpenSSLHeaders_ossl_typ;
 
 //* Opaque */
@@ -48,15 +48,15 @@ interface
 
 var
   function CMAC_CTX_new: PCMAC_CTX;
-  procedure CMAC_CTX_cleanup(ctx: PCMAC_CTX);
-  procedure CMAC_CTX_free(ctx: PCMAC_CTX);
-  function CMAC_CTX_get0_cipher_ctx(ctx: PCMAC_CTX): PEVP_CIPHER_CTX;
-  function CMAC_CTX_copy(out: PCMAC_CTX; const &in: PCMAC_CTX): TIdC_INT;
-  function CMAC_Init(ctx: PCMAC_CTX; const key: Pointer; keylen: TIdC_SIZET; const cipher: PEVP_Cipher; impl: PENGINe): TIdC_INT;
-  function CMAC_Update(ctx: PCMAC_CTX; const data: Pointer; dlen: TIdC_SIZET): TIdC_INT;
-  function CMAC_Final(ctx: PCMAC_CTX; &out: PByte; poutlen: PIdC_SIZET): TIdC_INT;
-  function CMAC_resume(ctx: PCMAC_CTX): TIdC_INT;
-
-
implementation
-
-end.
+  procedure CMAC_CTX_cleanup(ctx: PCMAC_CTX);
+  procedure CMAC_CTX_free(ctx: PCMAC_CTX);
+  function CMAC_CTX_get0_cipher_ctx(ctx: PCMAC_CTX): PEVP_CIPHER_CTX;
+  function CMAC_CTX_copy(out: PCMAC_CTX; const in_: PCMAC_CTX): TIdC_INT;
+  function CMAC_Init(ctx: PCMAC_CTX; const key: Pointer; keylen: TIdC_SIZET; const cipher: PEVP_Cipher; impl: PENGINe): TIdC_INT;
+  function CMAC_Update(ctx: PCMAC_CTX; const data: Pointer; dlen: TIdC_SIZET): TIdC_INT;
+  function CMAC_Final(ctx: PCMAC_CTX; out_: PByte; poutlen: PIdC_SIZET): TIdC_INT;
+  function CMAC_resume(ctx: PCMAC_CTX): TIdC_INT;
+
+
implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_cms.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_cms.pas
index 8216fe33a..b5c677cbd 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_cms.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_cms.pas
@@ -140,8 +140,8 @@ interface
   function i2d_CMS_bio(bp: PBIO; cms: PCMS_ContentInfo): TIdC_INT;
 
   function BIO_new_CMS(&out: PBIO; cms: PCMS_ContentInfo): PBIO;
-  function i2d_CMS_bio_stream(&out: PBIO; cms: PCMS_ContentInfo; &in: PBIO; flags: TIdC_INT): TIdC_INT;
-  function PEM_write_bio_CMS_stream(&out: PBIO; cms: PCMS_ContentInfo; &in: PBIO; flags: TIdC_INT): TIdC_INT;
+  function i2d_CMS_bio_stream(&out: PBIO; cms: PCMS_ContentInfo; in_: PBIO; flags: TIdC_INT): TIdC_INT;
+  function PEM_write_bio_CMS_stream(&out: PBIO; cms: PCMS_ContentInfo; in_: PBIO; flags: TIdC_INT): TIdC_INT;
   function SMIME_read_CMS(bio: PBIO; bcont: PPBIO): PCMS_ContentInfo;
   function SMIME_write_CMS(bio: PBIO; cms: PCMS_ContentInfo; data: PBIO; flags: TIdC_INT): TIdC_INT;
 
@@ -151,27 +151,27 @@ interface
 
 //  function CMS_sign_receipt(si: PCMS_SignerInfo; signcert: PX509; pkey: PEVP_PKEY; {STACK_OF(X509) *certs;} flags: TIdC_UINT): PCMS_ContentInfo;
 
-  function CMS_data(cms: PCMS_ContentInfo; &out: PBIO; flags: TIdC_UINT): TIdC_INT;
+  function CMS_data(cms: PCMS_ContentInfo; out_: PBIO; flags: TIdC_UINT): TIdC_INT;
   function CMS_data_create(&in: PBIO; flags: TIdC_UINT): PCMS_ContentInfo;
 
-  function CMS_digest_verify(cms: PCMS_ContentInfo; dcont: PBIO; &out: PBIO; flags: TIdC_UINT): TIdC_INT;
+  function CMS_digest_verify(cms: PCMS_ContentInfo; dcont: PBIO; out_: PBIO; flags: TIdC_UINT): TIdC_INT;
   function CMS_digest_create(&in: PBIO; const md: PEVP_MD; flags: TIdC_UINT): PCMS_ContentInfo;
 
-  function CMS_EncryptedData_decrypt(cms: PCMS_ContentInfo; const key: PByte; keylen: TIdC_SIZET; dcont: PBIO; &out: PBIO; flags: TIdC_UINT): TIdC_INT;
+  function CMS_EncryptedData_decrypt(cms: PCMS_ContentInfo; const key: PByte; keylen: TIdC_SIZET; dcont: PBIO; out_: PBIO; flags: TIdC_UINT): TIdC_INT;
 
   function CMS_EncryptedData_encrypt(&in: PBIO; const cipher: PEVP_CIPHER; const key: PByte; keylen: TIdC_SIZET; flags: TIdC_UINT): PCMS_ContentInfo;
 
   function CMS_EncryptedData_set1_key(cms: PCMS_ContentInfo; const ciph: PEVP_CIPHER; const key: PByte; keylen: TIdC_SIZET): TIdC_INT;
 
-//  function CMS_verify(cms: PCMS_ContentInfo; {STACK_OF(X509) *certs;} store: PX509_STORE; dcont: PBIO; &out: PBIO; flags: TIdC_UINT): TIdC_INT;
+//  function CMS_verify(cms: PCMS_ContentInfo; {STACK_OF(X509) *certs;} store: PX509_STORE; dcont: PBIO; out_: PBIO; flags: TIdC_UINT): TIdC_INT;
 
 //  function CMS_verify_receipt(rcms: PCMS_ContentInfo; ocms: PCMS_ContentInfo; {STACK_OF(x509) *certs;} store: PX509_STORE; flags: TIdC_UINT): TIdC_INT;
 
   // STACK_OF(X509) *CMS_get0_signers(CMS_ContentInfo *cms);
 
-//  function CMS_encrypt({STACK_OF(x509) *certs;} &in: PBIO; const cipher: PEVP_CIPHER; flags: TIdC_UINT): PCMS_ContentInfo;
+//  function CMS_encrypt({STACK_OF(x509) *certs;} in_: PBIO; const cipher: PEVP_CIPHER; flags: TIdC_UINT): PCMS_ContentInfo;
 
-  function CMS_decrypt(cms: PCMS_ContentInfo; pkey: PEVP_PKEY; cert: PX509; dcont: PBIO; &out: PBIO; flags: TIdC_UINT): TIdC_INT;
+  function CMS_decrypt(cms: PCMS_ContentInfo; pkey: PEVP_PKEY; cert: PX509; dcont: PBIO; out_: PBIO; flags: TIdC_UINT): TIdC_INT;
 
   function CMS_decrypt_set1_pkey(cms: PCMS_ContentInfo; pk: PEVP_PKEY; cert: PX509): TIdC_INT;
   function CMS_decrypt_set1_key(cms: PCMS_ContentInfo; key: PByte; keylen: TIdC_SIZET; const id: PByte; idlen: TIdC_SIZET): TIdC_INT;
@@ -202,7 +202,7 @@ interface
   function CMS_RecipientInfo_decrypt(cms: PCMS_ContentInfo; ri: PCMS_RecipientInfo): TIdC_INT;
   function CMS_RecipientInfo_encrypt(cms: PCMS_ContentInfo; ri: PCMS_RecipientInfo): TIdC_INT;
 
-  function CMS_uncompress(cms: PCMS_ContentInfo; dcont: PBIO; &out: PBIO; flags: TIdC_UINT): TIdC_INT;
+  function CMS_uncompress(cms: PCMS_ContentInfo; dcont: PBIO; out_: PBIO; flags: TIdC_UINT): TIdC_INT;
   function CMS_compress(&in: PBIO; comp_nid: TIdC_INT; flags: TIdC_UINT): PCMS_ContentInfo;
 
   function CMS_set1_eContentType(cms: CMS_ContentInfo; const oit: PASN1_OBJECT): TIdC_INT;
@@ -244,10 +244,10 @@ interface
   function CMS_signed_get_attr(const si: PCMS_SignerInfo; loc: TIdC_INT): PX509_ATTRIBUTE;
   function CMS_signed_delete_attr(const si: PCMS_SignerInfo; loc: TIdC_INT): PX509_ATTRIBUTE;
   function CMS_signed_add1_attr(si: PCMS_SignerInfo; loc: TIdC_INT): TIdC_INT;
-  function CMS_signed_add1_attr_by_OBJ(si: PCMS_SignerInfo; const obj: PASN1_OBJECT; &type: TIdC_INT; const bytes: Pointer; len: TIdC_INT): TIdC_INT;
-  function CMS_signed_add1_attr_by_NID(si: PCMS_SignerInfo; nid: TIdC_INT; &type: TIdC_INT; const bytes: Pointer; len: TIdC_INT): TIdC_INT;
-  function CMS_signed_add1_attr_by_txt(si: PCMS_SignerInfo; const attrname: PAnsiChar; &type: TIdC_INT; const bytes: Pointer; len: TIdC_INT): TIdC_INT;
-  function CMS_signed_get0_data_by_OBJ(si: PCMS_SignerInfo; const oid: PASN1_OBJECT; lastpos: TIdC_INT; &type: TIdC_INT): Pointer;
+  function CMS_signed_add1_attr_by_OBJ(si: PCMS_SignerInfo; const obj: PASN1_OBJECT; type_: TIdC_INT; const bytes: Pointer; len: TIdC_INT): TIdC_INT;
+  function CMS_signed_add1_attr_by_NID(si: PCMS_SignerInfo; nid: TIdC_INT; type_: TIdC_INT; const bytes: Pointer; len: TIdC_INT): TIdC_INT;
+  function CMS_signed_add1_attr_by_txt(si: PCMS_SignerInfo; const attrname: PAnsiChar; type_: TIdC_INT; const bytes: Pointer; len: TIdC_INT): TIdC_INT;
+  function CMS_signed_get0_data_by_OBJ(si: PCMS_SignerInfo; const oid: PASN1_OBJECT; lastpos: TIdC_INT; type_: TIdC_INT): Pointer;
 
   function CMS_unsigned_get_attr_count(const si: PCMS_SignerInfo): TIdC_INT;
   function CMS_unsigned_get_attr_by_NID(const si: PCMS_SignerInfo; nid: TIdC_INT; lastpos: TIdC_INT): TIdC_INT;
@@ -255,10 +255,10 @@ interface
   function CMS_unsigned_get_attr(const si: PCMS_SignerInfo; loc: TIdC_INT): PX509_ATTRIBUTE;
   function CMS_unsigned_delete_attr(si: PCMS_SignerInfo; loc: TIdC_INT): PX509_ATTRIBUTE;
   function CMS_unsigned_add1_attr(si: PCMS_SignerInfo; attr: PX509_ATTRIBUTE): TIdC_INT;
-  function CMS_unsigned_add1_attr_by_OBJ(si: PCMS_SignerInfo; const obj: PASN1_OBJECT; &type: TIdC_INT; const bytes: Pointer; len: TIdC_INT): TIdC_INT;
-  function CMS_unsigned_add1_attr_by_NID(si: PCMS_SignerInfo; nid: TIdC_INT; &type: TIdC_INT; const bytes: Pointer; len: TIdC_INT): TIdC_INT;
-  function CMS_unsigned_add1_attr_by_txt(si: PCMS_SignerInfo; const attrname: PAnsiChar; &type: TIdC_INT; const bytes: Pointer; len: TIdC_INT): TIdC_INT;
-  function CMS_unsigned_get0_data_by_OBJ(si: PCMS_SignerInfo; oid: PASN1_OBJECT; lastpos: TIdC_INT; &type: TIdC_INT): Pointer;
+  function CMS_unsigned_add1_attr_by_OBJ(si: PCMS_SignerInfo; const obj: PASN1_OBJECT; type_: TIdC_INT; const bytes: Pointer; len: TIdC_INT): TIdC_INT;
+  function CMS_unsigned_add1_attr_by_NID(si: PCMS_SignerInfo; nid: TIdC_INT; type_: TIdC_INT; const bytes: Pointer; len: TIdC_INT): TIdC_INT;
+  function CMS_unsigned_add1_attr_by_txt(si: PCMS_SignerInfo; const attrname: PAnsiChar; type_: TIdC_INT; const bytes: Pointer; len: TIdC_INT): TIdC_INT;
+  function CMS_unsigned_get0_data_by_OBJ(si: PCMS_SignerInfo; oid: PASN1_OBJECT; lastpos: TIdC_INT; type_: TIdC_INT): Pointer;
 
   function CMS_get1_ReceiptRequest(si: PCMS_SignerInfo; prr: PPCMS_ReceiptRequest): TIdC_INT;
 //  function CMS_ReceiptRequest_create0(id: PByte; idlen: TIdC_INT; allorfirst: TIdC_INT
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_comp.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_comp.pas
index 500345a09..94d586c93 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_comp.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_comp.pas
@@ -48,8 +48,8 @@ interface
   function COMP_get_name(const meth: PCOMP_METHOD): PIdAnsiChar;
   procedure COMP_CTX_free(ctx: PCOMP_CTX);
 
-  function COMP_compress_block(ctx: PCOMP_CTX; &out: PByte; olen: TIdC_INT; &in: PByte; ilen: TIdC_INT): TIdC_INT;
-  function COMP_expand_block(ctx: PCOMP_CTX; &out: PByte; olen: TIdC_INT; &in: PByte; ilen: TIdC_INT): TIdC_INT;
+  function COMP_compress_block(ctx: PCOMP_CTX; out_: PByte; olen: TIdC_INT; in_: PByte; ilen: TIdC_INT): TIdC_INT;
+  function COMP_expand_block(ctx: PCOMP_CTX; out_: PByte; olen: TIdC_INT; in_: PByte; ilen: TIdC_INT): TIdC_INT;
 
   function COMP_zlib: PCOMP_METHOD;
 
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_conf.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_conf.pas
index 58c582075..0d3b3a132 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_conf.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_conf.pas
@@ -145,7 +145,7 @@   //  conf_st = record
   procedure NCONF_free(conf: PCONF);
   procedure NCONF_free_data(conf: PCONF);
 
-  function NCONF_load(conf: PCONF; const &file: PAnsiChar; eline: PIdC_LONG): TIdC_INT;
+  function NCONF_load(conf: PCONF; const file_: PAnsiChar; eline: PIdC_LONG): TIdC_INT;
   function NCONF_load_bio(conf: PCONF; bp: PBIO; eline: PIdC_LONG): TIdC_INT;
   //STACK_OF(CONF_VALUE) *NCONF_get_section(const CONF *conf,
   //                                        const char *section);
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_crypto.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_crypto.pas
index 1d5a7459f..e4b3cc326 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_crypto.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_crypto.pas
@@ -39,7 +39,7 @@ interface
   IdOpenSSLConsts,
   IdOpenSSLHeaders_bio,
   IdOpenSSLHeaders_ossl_typ,
-  System.Types;
+  {$IFDEF VCL_XE3_OR_ABOVE}System.Types{$ELSE}Types{$ENDIF};
 
 {$MINENUMSIZE 4}
 
@@ -142,7 +142,6 @@   //crypto_ex_data_st = record
   CRYPTO_ONCE = type TIdC_LONG;
   PCRYPTO_ONCE = ^CRYPTO_ONCE;
 
-{$REGION 'C compiler macros'}
 function OPENSSL_malloc(num: TIdC_SIZET): Pointer;
 function OPENSSL_zalloc(num: TIdC_SIZET): Pointer;
 function OPENSSL_realloc(addr: Pointer; num: TIdC_SIZET): Pointer;
@@ -157,7 +156,6 @@ function OPENSSL_secure_zalloc(num: TIdC_SIZET): Pointer;
 procedure OPENSSL_secure_free(addr: Pointer);
 procedure OPENSSL_secure_clear_free(addr: Pointer; num: TIdC_SIZET);
 function OPENSSL_secure_actual_size(ptr: Pointer): TIdC_SIZET;
-{$ENDREGION}
 
 var
   function CRYPTO_THREAD_lock_new: PCRYPTO_RWLOCK;
@@ -192,7 +190,7 @@ function OPENSSL_secure_actual_size(ptr: Pointer): TIdC_SIZET;
    * given class (invokes whatever per-class callbacks are applicable)
    *)
    function CRYPTO_new_ex_data(class_index: TIdC_INT; obj: Pointer; ad: PCRYPTO_EX_DATA): TIdC_INT;
-   function CRYPTO_dup_ex_data(class_index: TIdC_INT; &to: PCRYPTO_EX_DATA; const from: PCRYPTO_EX_DATA): TIdC_INT;
+   function CRYPTO_dup_ex_data(class_index: TIdC_INT; to_: PCRYPTO_EX_DATA; const from: PCRYPTO_EX_DATA): TIdC_INT;
 
    procedure CRYPTO_free_ex_data(class_index: TIdC_INT; obj: Pointer; ad: PCRYPTO_EX_DATA);
 
@@ -247,22 +245,22 @@ function OPENSSL_secure_actual_size(ptr: Pointer): TIdC_SIZET;
   //        void *(**r) (void *, TIdC_SIZET, const char *, int),
   //        void (**f) (void *, const char *, int));
 
-  function CRYPTO_malloc(num: TIdC_SIZET; const &file: PAnsiChar; line: TIdC_INT): Pointer;
-  function CRYPTO_zalloc(num: TIdC_SIZET; const &file: PAnsiChar; line: TIdC_INT): Pointer;
-  function CRYPTO_memdup(const str: Pointer; siz: TIdC_SIZET; const &file: PAnsiChar; line: TIdC_INT): Pointer;
-  function CRYPTO_strdup(const str: PAnsiChar; const &file: PAnsiChar; line: TIdC_INT): PAnsiChar;
-  function CRYPTO_strndup(const str: PAnsiChar; s: TIdC_SIZET; const &file: PAnsiChar; line: TIdC_INT): PAnsiChar;
-  procedure CRYPTO_free(ptr: Pointer; const &file: PAnsiChar; line: TIdC_INT);
-  procedure CRYPTO_clear_free(ptr: Pointer; num: TIdC_SIZET; const &file: PAnsiChar; line: TIdC_INT);
-  function CRYPTO_realloc(addr: Pointer; num: TIdC_SIZET; const &file: PAnsiChar; line: TIdC_INT): Pointer;
-  function CRYPTO_clear_realloc(addr: Pointer; old_num: TIdC_SIZET; num: TIdC_SIZET; const &file: PAnsiChar; line: TIdC_INT): Pointer;
+  function CRYPTO_malloc(num: TIdC_SIZET; const file_: PAnsiChar; line: TIdC_INT): Pointer;
+  function CRYPTO_zalloc(num: TIdC_SIZET; const file_: PAnsiChar; line: TIdC_INT): Pointer;
+  function CRYPTO_memdup(const str: Pointer; siz: TIdC_SIZET; const file_: PAnsiChar; line: TIdC_INT): Pointer;
+  function CRYPTO_strdup(const str: PAnsiChar; const file_: PAnsiChar; line: TIdC_INT): PAnsiChar;
+  function CRYPTO_strndup(const str: PAnsiChar; s: TIdC_SIZET; const file_: PAnsiChar; line: TIdC_INT): PAnsiChar;
+  procedure CRYPTO_free(ptr: Pointer; const file_: PAnsiChar; line: TIdC_INT);
+  procedure CRYPTO_clear_free(ptr: Pointer; num: TIdC_SIZET; const file_: PAnsiChar; line: TIdC_INT);
+  function CRYPTO_realloc(addr: Pointer; num: TIdC_SIZET; const file_: PAnsiChar; line: TIdC_INT): Pointer;
+  function CRYPTO_clear_realloc(addr: Pointer; old_num: TIdC_SIZET; num: TIdC_SIZET; const file_: PAnsiChar; line: TIdC_INT): Pointer;
 
   function CRYPTO_secure_malloc_init(sz: TIdC_SIZET; minsize: TIdC_INT): TIdC_INT;
   function CRYPTO_secure_malloc_done: TIdC_INT;
-  function CRYPTO_secure_malloc(num: TIdC_SIZET; const &file: PAnsiChar; line: TIdC_INT): Pointer;
-  function CRYPTO_secure_zalloc(num: TIdC_SIZET; const &file: PAnsiChar; line: TIdC_INT): Pointer;
-  procedure CRYPTO_secure_free(ptr: Pointer; const &file: PAnsiChar; line: TIdC_INT);
-  procedure CRYPTO_secure_clear_free(ptr: Pointer; num: TIdC_SIZET; const &file: PAnsiChar; line: TIdC_INT);
+  function CRYPTO_secure_malloc(num: TIdC_SIZET; const file_: PAnsiChar; line: TIdC_INT): Pointer;
+  function CRYPTO_secure_zalloc(num: TIdC_SIZET; const file_: PAnsiChar; line: TIdC_INT): Pointer;
+  procedure CRYPTO_secure_free(ptr: Pointer; const file_: PAnsiChar; line: TIdC_INT);
+  procedure CRYPTO_secure_clear_free(ptr: Pointer; num: TIdC_SIZET; const file_: PAnsiChar; line: TIdC_INT);
   function CRYPTO_secure_allocated(const ptr: Pointer): TIdC_INT;
   function CRYPTO_secure_malloc_initialized: TIdC_INT;
   function CRYPTO_secure_actual_size(ptr: Pointer): TIdC_SIZET;
@@ -270,7 +268,7 @@ function OPENSSL_secure_actual_size(ptr: Pointer): TIdC_SIZET;
 
   procedure OPENSSL_cleanse(ptr: Pointer; len: TIdC_SIZET);
 
-  function CRYPTO_mem_debug_push(const info: PAnsiChar; const &file: PAnsiChar; line: TIdC_INT): TIdC_INT;
+  function CRYPTO_mem_debug_push(const info: PAnsiChar; const file_: PAnsiChar; line: TIdC_INT): TIdC_INT;
   function CRYPTO_mem_debug_pop: TIdC_INT;
   procedure CRYPTO_get_alloc_counts(mcount: PIdC_INT; rcount: PIdC_INT; fcount: PIdC_INT);
 
@@ -280,9 +278,9 @@ function OPENSSL_secure_actual_size(ptr: Pointer): TIdC_SIZET;
    *   0:   called before the actual memory allocation has taken place
    *   1:   called after the actual memory allocation has taken place
    *)
-  procedure CRYPTO_mem_debug_malloc(addr: Pointer; num: TIdC_SIZET; flag: TIdC_INT; const &file: PAnsiChar; line: TIdC_INT);
-  procedure CRYPTO_mem_debug_realloc(addr1: Pointer; addr2: Pointer; num: TIdC_SIZET; flag: TIdC_INT; const &file: PAnsiChar; line: TIdC_INT);
-  procedure CRYPTO_mem_debug_free(addr: Pointer; flag: TIdC_INT; const &file: PAnsiChar; line: TIdC_INT);
+  procedure CRYPTO_mem_debug_malloc(addr: Pointer; num: TIdC_SIZET; flag: TIdC_INT; const file_: PAnsiChar; line: TIdC_INT);
+  procedure CRYPTO_mem_debug_realloc(addr1: Pointer; addr2: Pointer; num: TIdC_SIZET; flag: TIdC_INT; const file_: PAnsiChar; line: TIdC_INT);
+  procedure CRYPTO_mem_debug_free(addr: Pointer; flag: TIdC_INT; const file_: PAnsiChar; line: TIdC_INT);
 
   function CRYPTO_mem_leaks_cb(cb: CRYPTO_mem_leaks_cb_cb; u: Pointer): TIdC_INT;
 
@@ -347,7 +345,6 @@ function OPENSSL_secure_actual_size(ptr: Pointer): TIdC_SIZET;
 
 implementation
 
-{$REGION 'C compiler macros'}
 // OPENSSL_FILE = __FILE__ = C preprocessor macro
 // OPENSSL_LINE = __LINE__ = C preprocessor macro
 // FPC hase an equivalent with {$I %FILE%} and {$I %LINE%}, see https://www.freepascal.org/docs-html/prog/progsu41.html#x47-460001.1.41
@@ -436,6 +433,5 @@ function OPENSSL_secure_actual_size(ptr: Pointer): TIdC_SIZET;
 begin
   Result := CRYPTO_secure_actual_size(ptr);
 end;
-{$ENDREGION}
 
 end.
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_dh.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_dh.pas
index e9b0e7060..a1d7ee2fc 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_dh.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_dh.pas
@@ -165,7 +165,7 @@ interface
   function DH_new_by_nid(nid: TIdC_INT): PDH;
   function DH_get_nid(const dh: PDH): TIdC_INT;
 
-  function DH_KDF_X9_42( &out: PByte; outlen: TIdC_SIZET; const Z: PByte; Zlen: TIdC_SIZET; key_oid: PASN1_OBJECT; const ukm: PByte; ukmlen: TIdC_SIZET; const md: PEVP_MD): TIdC_INT;
+  function DH_KDF_X9_42( out_: PByte; outlen: TIdC_SIZET; const Z: PByte; Zlen: TIdC_SIZET; key_oid: PASN1_OBJECT; const ukm: PByte; ukmlen: TIdC_SIZET; const md: PEVP_MD): TIdC_INT;
 
   procedure DH_get0_pqg(const dh: PDH; const p: PPBIGNUM; const q: PPBIGNUM; const g: PPBIGNUM);
   function DH_set0_pqg(dh: PDH; p: PBIGNUM; q: PBIGNUM; g: PBIGNUM): TIdC_INT;
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ec.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ec.pas
index a1c7c0505..54d1dd37f 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ec.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ec.pas
@@ -100,7 +100,7 @@   EC_builtin_curve = record
   PECDSA_SIG = ^ECDSA_SIG;
   PPECDSA_SIG = ^PECDSA_SIG;
 
-  ECDH_compute_key_KDF = function(const &in: Pointer; inlen: TIdC_SIZET; &out: Pointer; outlen: PIdC_SIZET): Pointer; cdecl;
+  ECDH_compute_key_KDF = function(const in_: Pointer; inlen: TIdC_SIZET; out_: Pointer; outlen: PIdC_SIZET): Pointer; cdecl;
 
   EC_KEY_METHOD_init_init = function(key: PEC_KEY): TIdC_INT; cdecl;
   EC_KEY_METHOD_init_finish = procedure(key: PEC_KEY); cdecl;
@@ -254,8 +254,8 @@   EC_builtin_curve = record
   function EC_GROUP_get_trinomial_basis(const group: PEC_GROUP; k: PIdC_UINT): TIdC_INT;
   function EC_GROUP_get_pentanomial_basis(const group: PEC_GROUP; k1: PIdC_UINT; k2: PIdC_UINT; k3: PIdC_UINT): TIdC_INT;
 
-  function d2i_ECPKParameters(group: PPEC_GROUP; const &in: PPByte; len: TIdC_LONG): PEC_GROUP;
-  function i2d_ECPKParameters(const group: PEC_GROUP; &out: PPByte): TIdC_INT;
+  function d2i_ECPKParameters(group: PPEC_GROUP; const in_: PPByte; len: TIdC_LONG): PEC_GROUP;
+  function i2d_ECPKParameters(const group: PEC_GROUP; out_: PPByte): TIdC_INT;
 
   function ECPKParameters_print(bp: PBIO; const x: PEC_GROUP; off: TIdC_INT): TIdC_INT;
 
@@ -293,10 +293,10 @@   EC_builtin_curve = record
   function EC_KEY_priv2oct(const key: PEC_KEY; buf: PByte; len: TIdC_SIZET): TIdC_SIZET;
   function EC_KEY_priv2buf(const eckey: PEC_KEY; buf: PPByte): TIdC_SIZET;
 
-  function d2i_ECPrivateKey(key: PPEC_KEY; const &in: PPByte; len: TIdC_LONG): PEC_KEY;
-  function i2d_ECPrivateKey(key: PEC_KEY; &out: PPByte): TIdC_INT;
-  function o2i_ECPublicKey(key: PPEC_KEY; const &in: PPByte; len: TIdC_LONG): PEC_KEY;
-  function i2o_ECPublicKey(const key: PEC_KEY; &out: PPByte): TIdC_INT;
+  function d2i_ECPrivateKey(key: PPEC_KEY; const in_: PPByte; len: TIdC_LONG): PEC_KEY;
+  function i2d_ECPrivateKey(key: PEC_KEY; out_: PPByte): TIdC_INT;
+  function o2i_ECPublicKey(key: PPEC_KEY; const in_: PPByte; len: TIdC_LONG): PEC_KEY;
+  function i2o_ECPublicKey(const key: PEC_KEY; out_: PPByte): TIdC_INT;
 
   function ECParameters_print(bp: PBIO; const key: PEC_KEY): TIdC_INT;
   function EC_KEY_print(bp: PBIO; const key: PEC_KEY; off: TIdC_INT): TIdC_INT;
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_err.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_err.pas
index 83a069d73..e279276b3 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_err.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_err.pas
@@ -1,158 +1,158 @@
-{******************************************************************************}
-{                                                                              }
-{            Indy (Internet Direct) - Internet Protocols Simplified            }
-{                                                                              }
-{            https://www.indyproject.org/                                      }
-{            https://gitter.im/IndySockets/Indy                                }
-{                                                                              }
-{******************************************************************************}
-{                                                                              }
-{  This file is part of the Indy (Internet Direct) project, and is offered     }
-{  under the dual-licensing agreement described on the Indy website.           }
-{  (https://www.indyproject.org/license/)                                      }
-{                                                                              }
-{  Copyright:                                                                  }
-{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
-{                                                                              }
-{******************************************************************************}
-{                                                                              }
-{        Originally written by: Fabian S. Biehn                                }
-{                               fbiehn@aagon.com (German & English)            }
-{                                                                              }
-{        Contributers:                                                         }
-{                               Here could be your name                        }
-{                                                                              }
-{******************************************************************************}
-
-unit IdOpenSSLHeaders_err;
-
-interface
-
-// Headers for OpenSSL 1.1.1
-// err.h
-
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+unit IdOpenSSLHeaders_err;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// err.h
+
 {$i IdCompilerDefines.inc}
 
 uses
-  IdCTypes,
-  IdGlobal,
-  IdOpenSSLConsts,
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts,
   IdOpenSSLHeaders_ossl_typ;
 
 const
   ERR_TXT_MALLOCED = $01;
-  ERR_TXT_STRING = $02;
-  ERR_FLAG_MARK = $01;
-  ERR_FLAG_CLEAR = $02;
+  ERR_TXT_STRING = $02;
+  ERR_FLAG_MARK = $01;
+  ERR_FLAG_CLEAR = $02;
 
   ERR_NUM_ERRORS = 16;
 
 //* library */
   ERR_LIB_SYS =    2;
-  ERR_LIB_BN =    3;
-  ERR_LIB_RSA =    4;
-  ERR_LIB_DH =    5;
-  ERR_LIB_EVP =    6;
-  ERR_LIB_BUF =    7;
-  ERR_LIB_OBJ =    8;
-  ERR_LIB_PEM =    9;
-  ERR_LIB_DSA =    10;
-  ERR_LIB_X509 =    11;
-  // ERR_LIB_METH         12
-  ERR_LIB_ASN1 =    13;
-  ERR_LIB_CONF =    14;
-  ERR_LIB_CRYPTO =   15;
-  ERR_LIB_EC =    16;
-  ERR_LIB_SSL =    20;
-(* #define ERR_LIB_SSL23        21 *)
-(* #define ERR_LIB_SSL2         22 *)
-(* #define ERR_LIB_SSL3         23 *)
-(* #define ERR_LIB_RSAREF       30 *)
-(* #define ERR_LIB_PROXY        31 *)
-  ERR_LIB_BIO =    32;
-  ERR_LIB_PKCS7 =    33;
-  ERR_LIB_X509V3 =   34;
-  ERR_LIB_PKCS12 =   35;
-  ERR_LIB_RAND =    36;
-  ERR_LIB_DSO =    37;
-  ERR_LIB_ENGINE =   38;
-  ERR_LIB_OCSP =    39;
-  ERR_LIB_UI =    40;
-  ERR_LIB_COMP =    41;
-  ERR_LIB_ECDSA =    42;
-  ERR_LIB_ECDH =    43;
-  ERR_LIB_OSSL_STORE =  44;
-  ERR_LIB_FIPS =    45;
-  ERR_LIB_CMS =    46;
-  ERR_LIB_TS =    47;
-  ERR_LIB_HMAC =    48;
-(* # define ERR_LIB_JPAKE       49 *)
-  ERR_LIB_CT =    50;
-  ERR_LIB_ASYNC =    51;
-  ERR_LIB_KDF =    52;
-  ERR_LIB_SM2 =    53;
-  ERR_LIB_USER =    128;
+  ERR_LIB_BN =    3;
+  ERR_LIB_RSA =    4;
+  ERR_LIB_DH =    5;
+  ERR_LIB_EVP =    6;
+  ERR_LIB_BUF =    7;
+  ERR_LIB_OBJ =    8;
+  ERR_LIB_PEM =    9;
+  ERR_LIB_DSA =    10;
+  ERR_LIB_X509 =    11;
+  // ERR_LIB_METH         12
+  ERR_LIB_ASN1 =    13;
+  ERR_LIB_CONF =    14;
+  ERR_LIB_CRYPTO =   15;
+  ERR_LIB_EC =    16;
+  ERR_LIB_SSL =    20;
+(* #define ERR_LIB_SSL23        21 *)
+(* #define ERR_LIB_SSL2         22 *)
+(* #define ERR_LIB_SSL3         23 *)
+(* #define ERR_LIB_RSAREF       30 *)
+(* #define ERR_LIB_PROXY        31 *)
+  ERR_LIB_BIO =    32;
+  ERR_LIB_PKCS7 =    33;
+  ERR_LIB_X509V3 =   34;
+  ERR_LIB_PKCS12 =   35;
+  ERR_LIB_RAND =    36;
+  ERR_LIB_DSO =    37;
+  ERR_LIB_ENGINE =   38;
+  ERR_LIB_OCSP =    39;
+  ERR_LIB_UI =    40;
+  ERR_LIB_COMP =    41;
+  ERR_LIB_ECDSA =    42;
+  ERR_LIB_ECDH =    43;
+  ERR_LIB_OSSL_STORE =  44;
+  ERR_LIB_FIPS =    45;
+  ERR_LIB_CMS =    46;
+  ERR_LIB_TS =    47;
+  ERR_LIB_HMAC =    48;
+(* # define ERR_LIB_JPAKE       49 *)
+  ERR_LIB_CT =    50;
+  ERR_LIB_ASYNC =    51;
+  ERR_LIB_KDF =    52;
+  ERR_LIB_SM2 =    53;
+  ERR_LIB_USER =    128;
   
 //* OS functions */
   SYS_F_FOPEN = 1;
-  SYS_F_CONNECT = 2;
-  SYS_F_GETSERVBYNAME = 3;
-  SYS_F_SOCKET = 4;
-  SYS_F_IOCTLSOCKET = 5;
-  SYS_F_BIND = 6;
-  SYS_F_LISTEN = 7;
-  SYS_F_ACCEPT = 8;
-  SYS_F_WSASTARTUP = 9; (* Winsock stuff *)
-  SYS_F_OPENDIR = 10;
-  SYS_F_FREAD = 11;
-  SYS_F_GETADDRINFO = 12;
-  SYS_F_GETNAMEINFO = 13;
-  SYS_F_SETSOCKOPT = 14;
-  SYS_F_GETSOCKOPT = 15;
-  SYS_F_GETSOCKNAME = 16;
-  SYS_F_GETHOSTBYNAME = 17;
-  SYS_F_FFLUSH = 18;
-  SYS_F_OPEN = 19;
-  SYS_F_CLOSE = 20;
-  SYS_F_IOCTL = 21;
-  SYS_F_STAT = 22;
-  SYS_F_FCNTL = 23;
-  SYS_F_FSTAT = 24;
+  SYS_F_CONNECT = 2;
+  SYS_F_GETSERVBYNAME = 3;
+  SYS_F_SOCKET = 4;
+  SYS_F_IOCTLSOCKET = 5;
+  SYS_F_BIND = 6;
+  SYS_F_LISTEN = 7;
+  SYS_F_ACCEPT = 8;
+  SYS_F_WSASTARTUP = 9; (* Winsock stuff *)
+  SYS_F_OPENDIR = 10;
+  SYS_F_FREAD = 11;
+  SYS_F_GETADDRINFO = 12;
+  SYS_F_GETNAMEINFO = 13;
+  SYS_F_SETSOCKOPT = 14;
+  SYS_F_GETSOCKOPT = 15;
+  SYS_F_GETSOCKNAME = 16;
+  SYS_F_GETHOSTBYNAME = 17;
+  SYS_F_FFLUSH = 18;
+  SYS_F_OPEN = 19;
+  SYS_F_CLOSE = 20;
+  SYS_F_IOCTL = 21;
+  SYS_F_STAT = 22;
+  SYS_F_FCNTL = 23;
+  SYS_F_FSTAT = 24;
 
 //* reasons */
   ERR_R_SYS_LIB = ERR_LIB_SYS; //2
-  ERR_R_BN_LIB = ERR_LIB_BN; //3
-  ERR_R_RSA_LIB = ERR_LIB_RSA; //4
-  ERR_R_DH_LIB = ERR_LIB_DH; //5
-  ERR_R_EVP_LIB = ERR_LIB_EVP; //6
-  ERR_R_BUF_LIB = ERR_LIB_BUF; //7
-  ERR_R_OBJ_LIB = ERR_LIB_OBJ; //8
-  ERR_R_PEM_LIB = ERR_LIB_PEM; //9
-  ERR_R_DSA_LIB = ERR_LIB_DSA; //10
-  ERR_R_X509_LIB = ERR_LIB_X509; //11
-  ERR_R_ASN1_LIB = ERR_LIB_ASN1; //13
-  ERR_R_EC_LIB = ERR_LIB_EC; //16
-  ERR_R_BIO_LIB = ERR_LIB_BIO; //32
-  ERR_R_PKCS7_LIB = ERR_LIB_PKCS7; //33
-  ERR_R_X509V3_LIB = ERR_LIB_X509V3; //34
-  ERR_R_ENGINE_LIB = ERR_LIB_ENGINE; //38
-  ERR_R_UI_LIB = ERR_LIB_UI; //40
-  ERR_R_ECDSA_LIB = ERR_LIB_ECDSA; //42
-  ERR_R_OSSL_STORE_LIB = ERR_LIB_OSSL_STORE; //44
+  ERR_R_BN_LIB = ERR_LIB_BN; //3
+  ERR_R_RSA_LIB = ERR_LIB_RSA; //4
+  ERR_R_DH_LIB = ERR_LIB_DH; //5
+  ERR_R_EVP_LIB = ERR_LIB_EVP; //6
+  ERR_R_BUF_LIB = ERR_LIB_BUF; //7
+  ERR_R_OBJ_LIB = ERR_LIB_OBJ; //8
+  ERR_R_PEM_LIB = ERR_LIB_PEM; //9
+  ERR_R_DSA_LIB = ERR_LIB_DSA; //10
+  ERR_R_X509_LIB = ERR_LIB_X509; //11
+  ERR_R_ASN1_LIB = ERR_LIB_ASN1; //13
+  ERR_R_EC_LIB = ERR_LIB_EC; //16
+  ERR_R_BIO_LIB = ERR_LIB_BIO; //32
+  ERR_R_PKCS7_LIB = ERR_LIB_PKCS7; //33
+  ERR_R_X509V3_LIB = ERR_LIB_X509V3; //34
+  ERR_R_ENGINE_LIB = ERR_LIB_ENGINE; //38
+  ERR_R_UI_LIB = ERR_LIB_UI; //40
+  ERR_R_ECDSA_LIB = ERR_LIB_ECDSA; //42
+  ERR_R_OSSL_STORE_LIB = ERR_LIB_OSSL_STORE; //44
 
   ERR_R_NESTED_ASN1_ERROR =  58;
   ERR_R_MISSING_ASN1_EOS =  63;
 
   //* fatal error */
-  ERR_R_FATAL =  64;
-  ERR_R_MALLOC_FAILURE = (1 or ERR_R_FATAL);
-  ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED = (2 or ERR_R_FATAL);
-  ERR_R_PASSED_NULL_PARAMETER = (3 or ERR_R_FATAL);
-  ERR_R_INTERNAL_ERROR = (4 or ERR_R_FATAL);
-  ERR_R_DISABLED = (5 or ERR_R_FATAL);
-  ERR_R_INIT_FAIL = (6 or ERR_R_FATAL);
-  ERR_R_PASSED_INVALID_ARGUMENT = (7);
-  ERR_R_OPERATION_FAIL = (8 or ERR_R_FATAL);
+  ERR_R_FATAL =  64;
+  ERR_R_MALLOC_FAILURE = (1 or ERR_R_FATAL);
+  ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED = (2 or ERR_R_FATAL);
+  ERR_R_PASSED_NULL_PARAMETER = (3 or ERR_R_FATAL);
+  ERR_R_INTERNAL_ERROR = (4 or ERR_R_FATAL);
+  ERR_R_DISABLED = (5 or ERR_R_FATAL);
+  ERR_R_INIT_FAIL = (6 or ERR_R_FATAL);
+  ERR_R_PASSED_INVALID_ARGUMENT = (7);
+  ERR_R_OPERATION_FAIL = (8 or ERR_R_FATAL);
 
 
 (*
@@ -160,48 +160,48 @@ interface
  * the individual libraries
  *)
 
-type
-  err_state_st = record
-    err_flags: array[0..ERR_NUM_ERRORS -1] of TIdC_INT;
-    err_buffer: array[0..ERR_NUM_ERRORS -1] of TIdC_ULONG;
-    err_data: array[0..ERR_NUM_ERRORS -1] of PIdAnsiChar;
-    err_data_flags: array[0..ERR_NUM_ERRORS -1] of TIdC_INT;
-    err_file: array[0..ERR_NUM_ERRORS -1] of PIdAnsiChar;
-    err_line: array[0..ERR_NUM_ERRORS -1] of TIdC_INT;
-    top, bottom: TIdC_INT;
-  end;
-  ERR_STATE = err_state_st;
-  PERR_STATE = ^ERR_STATE;
+type
+  err_state_st = record
+    err_flags: array[0..ERR_NUM_ERRORS -1] of TIdC_INT;
+    err_buffer: array[0..ERR_NUM_ERRORS -1] of TIdC_ULONG;
+    err_data: array[0..ERR_NUM_ERRORS -1] of PIdAnsiChar;
+    err_data_flags: array[0..ERR_NUM_ERRORS -1] of TIdC_INT;
+    err_file: array[0..ERR_NUM_ERRORS -1] of PIdAnsiChar;
+    err_line: array[0..ERR_NUM_ERRORS -1] of TIdC_INT;
+    top, bottom: TIdC_INT;
+  end;
+  ERR_STATE = err_state_st;
+  PERR_STATE = ^ERR_STATE;
 
   ERR_string_data_st = record
-    error: TIdC_ULONG;
-    &string: PIdAnsiChar;
+    error: TIdC_ULONG;
+    string_: PIdAnsiChar;
   end;
   ERR_STRING_DATA = ERR_string_data_st;
-  PERR_STRING_DATA = ^ERR_STRING_DATA;
+  PERR_STRING_DATA = ^ERR_STRING_DATA;
 
  ERR_print_errors_cb_cb = function(str: PIdAnsiChar; len: TIdC_SIZET; u: Pointer): TIdC_INT; cdecl;
-
+
 var
 // DEFINE_LHASH_OF(ERR_STRING_DATA);
 
-  procedure ERR_put_error(lib: TIdC_INT; func: TIdC_INT; reason: TIdC_INT; &file: PIdAnsiChar; line: TIdC_INT);
-  procedure ERR_set_error_data(data: PIdAnsiChar; flags: TIdC_INT);
-  
-  function ERR_get_error: TIdC_ULONG;
-  function ERR_get_error_line(&file: PPIdAnsiChar; line: PIdC_INT): TIdC_ULONG;
-  function ERR_get_error_line_data(&file: PPIdAnsiChar; line: PIdC_INT; data: PPIdAnsiChar; flags: PIdC_INT): TIdC_ULONG;
-
-  function ERR_peek_error: TIdC_ULONG;
-  function ERR_peek_error_line(&file: PPIdAnsiChar; line: PIdC_INT): TIdC_ULONG;
-  function ERR_peek_error_line_data(&file: PPIdAnsiChar; line: PIdC_INT; data: PPIdAnsiChar; flags: PIdC_INT): TIdC_ULONG;
-
-  function ERR_peek_last_error: TIdC_ULONG;
-  function ERR_peek_last_error_line(&file: PPIdAnsiChar; line: PIdC_INT): TIdC_ULONG;
-  function ERR_peek_last_error_line_data(&file: PPIdAnsiChar; line: PIdC_INT; data: PPIdAnsiChar; flags: PIdC_INT): TIdC_ULONG;
+  procedure ERR_put_error(lib: TIdC_INT; func: TIdC_INT; reason: TIdC_INT; file_: PIdAnsiChar; line: TIdC_INT);
+  procedure ERR_set_error_data(data: PIdAnsiChar; flags: TIdC_INT);
+  
+  function ERR_get_error: TIdC_ULONG;
+  function ERR_get_error_line(&file: PPIdAnsiChar; line: PIdC_INT): TIdC_ULONG;
+  function ERR_get_error_line_data(&file: PPIdAnsiChar; line: PIdC_INT; data: PPIdAnsiChar; flags: PIdC_INT): TIdC_ULONG;
+
+  function ERR_peek_error: TIdC_ULONG;
+  function ERR_peek_error_line(&file: PPIdAnsiChar; line: PIdC_INT): TIdC_ULONG;
+  function ERR_peek_error_line_data(&file: PPIdAnsiChar; line: PIdC_INT; data: PPIdAnsiChar; flags: PIdC_INT): TIdC_ULONG;
+
+  function ERR_peek_last_error: TIdC_ULONG;
+  function ERR_peek_last_error_line(&file: PPIdAnsiChar; line: PIdC_INT): TIdC_ULONG;
+  function ERR_peek_last_error_line_data(&file: PPIdAnsiChar; line: PIdC_INT; data: PPIdAnsiChar; flags: PIdC_INT): TIdC_ULONG;
 
   procedure ERR_clear_error;
-  function ERR_error_string(e: TIdC_ULONG; buf: PIdAnsiChar): PIdAnsiChar;
-  procedure ERR_error_string_n(e: TIdC_ULONG; buf: PIdAnsiChar; len: TIdC_SIZET);
+  function ERR_error_string(e: TIdC_ULONG; buf: PIdAnsiChar): PIdAnsiChar;
+  procedure ERR_error_string_n(e: TIdC_ULONG; buf: PIdAnsiChar; len: TIdC_SIZET);
   function ERR_lib_error_string(e: TIdC_ULONG): PIdAnsiChar;
   function ERR_func_error_string(e: TIdC_ULONG): PIdAnsiChar;
   function ERR_reason_error_string(e: TIdC_ULONG): PIdAnsiChar;
@@ -209,18 +209,18 @@   ERR_string_data_st = record
 
   procedure ERR_print_errors(bp: PBIO);
   // void ERR_add_error_data(int num, ...);
-  // procedure ERR_add_error_vdata(num: TIdC_INT; args: va_list);
-  function ERR_load_strings(lib: TIdC_INT; str: PERR_STRING_DATA): TIdC_INT;
-  function ERR_load_strings_const(str: PERR_STRING_DATA): TIdC_INT;
-  function ERR_unload_strings(lib: TIdC_INT; str: PERR_STRING_DATA): TIdC_INT;
-  function ERR_load_ERR_strings: TIdC_INT;
+  // procedure ERR_add_error_vdata(num: TIdC_INT; args: va_list);
+  function ERR_load_strings(lib: TIdC_INT; str: PERR_STRING_DATA): TIdC_INT;
+  function ERR_load_strings_const(str: PERR_STRING_DATA): TIdC_INT;
+  function ERR_unload_strings(lib: TIdC_INT; str: PERR_STRING_DATA): TIdC_INT;
+  function ERR_load_ERR_strings: TIdC_INT;
 
   function ERR_get_state: PERR_STATE;
-  function ERR_get_next_error_library: TIdC_INT;
-  function ERR_set_mark: TIdC_INT;
-  function ERR_pop_to_mark: TIdC_INT;
-  function ERR_clear_last_mark: TIdC_INT;
-
-implementation
-
-end.
+  function ERR_get_next_error_library: TIdC_INT;
+  function ERR_set_mark: TIdC_INT;
+  function ERR_pop_to_mark: TIdC_INT;
+  function ERR_clear_last_mark: TIdC_INT;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_evp.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_evp.pas
index 39ddc6146..cbc21bec1 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_evp.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_evp.pas
@@ -1,55 +1,55 @@
-{******************************************************************************}
-{                                                                              }
-{            Indy (Internet Direct) - Internet Protocols Simplified            }
-{                                                                              }
-{            https://www.indyproject.org/                                      }
-{            https://gitter.im/IndySockets/Indy                                }
-{                                                                              }
-{******************************************************************************}
-{                                                                              }
-{  This file is part of the Indy (Internet Direct) project, and is offered     }
-{  under the dual-licensing agreement described on the Indy website.           }
-{  (https://www.indyproject.org/license/)                                      }
-{                                                                              }
-{  Copyright:                                                                  }
-{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
-{                                                                              }
-{******************************************************************************}
-{                                                                              }
-{        Originally written by: Fabian S. Biehn                                }
-{                               fbiehn@aagon.com (German & English)            }
-{                                                                              }
-{        Contributers:                                                         }
-{                               Here could be your name                        }
-{                                                                              }
-{******************************************************************************}
-
-unit IdOpenSSLHeaders_evp;
-
-interface
-
-// Headers for OpenSSL 1.1.1
-// evp.h
-
-{$i IdCompilerDefines.inc}
-
-uses
-  IdCTypes,
-  IdGlobal,
-  IdOpenSSLConsts,
-  IdOpenSSlHeaders_bio,
-  IdOpenSSLHeaders_obj_mac,
-  IdOpenSSlHeaders_ossl_typ;
-
-const
-  EVP_MAX_MD_SIZE = 64; // longest known is SHA512
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+unit IdOpenSSLHeaders_evp;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// evp.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts,
+  IdOpenSSlHeaders_bio,
+  IdOpenSSLHeaders_obj_mac,
+  IdOpenSSlHeaders_ossl_typ;
+
+const
+  EVP_MAX_MD_SIZE = 64; // longest known is SHA512
   EVP_MAX_KEY_LENGTH = 64;
   EVP_MAX_IV_LENGTH = 16;
-  EVP_MAX_BLOCK_LENGTH = 32;
-  PKCS5_SALT_LEN = 8;
+  EVP_MAX_BLOCK_LENGTH = 32;
+  PKCS5_SALT_LEN = 8;
   // Default PKCS#5 iteration count
-  PKCS5_DEFAULT_ITER = 2048;
-  EVP_PK_RSA = $0001;
+  PKCS5_DEFAULT_ITER = 2048;
+  EVP_PK_RSA = $0001;
   EVP_PK_DSA = $0002;
   EVP_PK_DH  = $0004;
   EVP_PK_EC = $0008;
@@ -85,142 +85,142 @@ interface
   EVP_PKEY_X448 = NID_X448;
   EVP_PKEY_ED448 = NID_ED448;
 
-  EVP_PKEY_MO_SIGN = $0001;
-  EVP_PKEY_MO_VERIFY = $0002;
-  EVP_PKEY_MO_ENCRYPT = $0004;
-  EVP_PKEY_MO_DECRYPT = $0008;
-
-// digest can only handle a single block ///
-  EVP_MD_FLAG_ONESHOT = $0001;
-
-// digest is extensible-output function; XOF ///
-
-  EVP_MD_FLAG_XOF = $0002;
-
-// DigestAlgorithmIdentifier flags... ///
-
-  EVP_MD_FLAG_DIGALGID_MASK = $0018;
-
-// NULL or absent parameter accepted. Use NULL ///
-
-  EVP_MD_FLAG_DIGALGID_NULL = $0000;
-
-// NULL or absent parameter accepted. Use NULL for PKCS#1 otherwise absent ///
-
-  EVP_MD_FLAG_DIGALGID_ABSENT = $0008;
-
-// Custom handling via ctrl ///
-
-  EVP_MD_FLAG_DIGALGID_CUSTOM = $0018;
-
-// Note if suitable for use in FIPS mode ///
-
-  EVP_MD_FLAG_FIPS = $0400;
-
-// Digest ctrls ///
-
-  EVP_MD_CTRL_DIGALGID = $1;
-  EVP_MD_CTRL_MICALG = $2;
-  EVP_MD_CTRL_XOF_LEN = $3;
-
-// Minimum Algorithm specific ctrl value ///
-
-  EVP_MD_CTRL_ALG_CTRL = $1000;
- // not EVP_MD ///
-
-// values for EVP_MD_CTX flags ///
-  EVP_MD_CTX_FLAG_ONESHOT = $0001;
-  EVP_MD_CTX_FLAG_CLEANED = $0002;
-  EVP_MD_CTX_FLAG_REUSE = $0004;
-//
+  EVP_PKEY_MO_SIGN = $0001;
+  EVP_PKEY_MO_VERIFY = $0002;
+  EVP_PKEY_MO_ENCRYPT = $0004;
+  EVP_PKEY_MO_DECRYPT = $0008;
+
+// digest can only handle a single block ///
+  EVP_MD_FLAG_ONESHOT = $0001;
+
+// digest is extensible-output function; XOF ///
+
+  EVP_MD_FLAG_XOF = $0002;
+
+// DigestAlgorithmIdentifier flags... ///
+
+  EVP_MD_FLAG_DIGALGID_MASK = $0018;
+
+// NULL or absent parameter accepted. Use NULL ///
+
+  EVP_MD_FLAG_DIGALGID_NULL = $0000;
+
+// NULL or absent parameter accepted. Use NULL for PKCS#1 otherwise absent ///
+
+  EVP_MD_FLAG_DIGALGID_ABSENT = $0008;
+
+// Custom handling via ctrl ///
+
+  EVP_MD_FLAG_DIGALGID_CUSTOM = $0018;
+
+// Note if suitable for use in FIPS mode ///
+
+  EVP_MD_FLAG_FIPS = $0400;
+
+// Digest ctrls ///
+
+  EVP_MD_CTRL_DIGALGID = $1;
+  EVP_MD_CTRL_MICALG = $2;
+  EVP_MD_CTRL_XOF_LEN = $3;
+
+// Minimum Algorithm specific ctrl value ///
+
+  EVP_MD_CTRL_ALG_CTRL = $1000;
+ // not EVP_MD ///
+
+// values for EVP_MD_CTX flags ///
+  EVP_MD_CTX_FLAG_ONESHOT = $0001;
+  EVP_MD_CTX_FLAG_CLEANED = $0002;
+  EVP_MD_CTX_FLAG_REUSE = $0004;
+//
  // FIPS and pad options are ignored in 1.0.0; definitions are here so we
  // don't accidentally reuse the values for other purposes.
- ///
-
-  EVP_MD_CTX_FLAG_NON_FIPS_ALLOW = $0008;
-
-//
+ ///
+
+  EVP_MD_CTX_FLAG_NON_FIPS_ALLOW = $0008;
+
+//
  // The following PAD options are also currently ignored in 1.0.0; digest
  // parameters are handled through EVP_DigestSign//() and EVP_DigestVerify//()
  // instead.
- ///
-  EVP_MD_CTX_FLAG_PAD_MASK = $F0;
-  EVP_MD_CTX_FLAG_PAD_PKCS1 = $00;
-  EVP_MD_CTX_FLAG_PAD_X931 = $10;
-  EVP_MD_CTX_FLAG_PAD_PSS = $20;
-
-  EVP_MD_CTX_FLAG_NO_INIT = $0100;
-//
+ ///
+  EVP_MD_CTX_FLAG_PAD_MASK = $F0;
+  EVP_MD_CTX_FLAG_PAD_PKCS1 = $00;
+  EVP_MD_CTX_FLAG_PAD_X931 = $10;
+  EVP_MD_CTX_FLAG_PAD_PSS = $20;
+
+  EVP_MD_CTX_FLAG_NO_INIT = $0100;
+//
  // Some functions such as EVP_DigestSign only finalise copies of internal
  // contexts so additional data can be included after the finalisation call.
  // This is inefficient if this functionality is not required: it is disabled
  // if the following flag is set.
- ///
-  EVP_MD_CTX_FLAG_FINALISE = $0200;
-
-
-// NOTE: $0400 is reserved for internal usage ///
-// Values for cipher flags ///
-
-// Modes for ciphers ///
-
-  EVP_CIPH_STREAM_CIPHER = $0;
-  EVP_CIPH_ECB_MODE = $1;
-  EVP_CIPHC_MODE = $2;
-  EVP_CIPH_CFB_MODE = $3;
-  EVP_CIPH_OFB_MODE = $4;
-  EVP_CIPH_CTR_MODE = $5;
-  EVP_CIPH_GCM_MODE = $6;
+ ///
+  EVP_MD_CTX_FLAG_FINALISE = $0200;
+
+
+// NOTE: $0400 is reserved for internal usage ///
+// Values for cipher flags ///
+
+// Modes for ciphers ///
+
+  EVP_CIPH_STREAM_CIPHER = $0;
+  EVP_CIPH_ECB_MODE = $1;
+  EVP_CIPHC_MODE = $2;
+  EVP_CIPH_CFB_MODE = $3;
+  EVP_CIPH_OFB_MODE = $4;
+  EVP_CIPH_CTR_MODE = $5;
+  EVP_CIPH_GCM_MODE = $6;
   EVP_CIPH_CCM_MODE = $7;
   EVP_CIPH_XTS_MODE = $10001;
   EVP_CIPH_WRAP_MODE = $10002;
   EVP_CIPH_OCB_MODE = $10003;
-  EVP_CIPH_MODE = $F0007;
-// Set if variable length cipher ///
-  EVP_CIPH_VARIABLE_LENGTH = $8;
-// Set if the iv handling should be done by the cipher itself ///
-  EVP_CIPH_CUSTOM_IV = $10;
-// Set if the cipher's init() function should be called if key is NULL ///
-  EVP_CIPH_ALWAYS_CALL_INIT = $20;
-// Call ctrl() to init cipher parameters ///
-  EVP_CIPH_CTRL_INIT = $40;
-// Don't use standard key length function ///
-  EVP_CIPH_CUSTOM_KEY_LENGTH = $80;
-// Don't use standard block padding ///
-  EVP_CIPH_NO_PADDING = $100;
-// cipher handles random key generation ///
-  EVP_CIPH_RAND_KEY = $200;
-// cipher has its own additional copying logic ///
-  EVP_CIPH_CUSTOM_COPY = $400;
-// Don't use standard iv length function ///
-  EVP_CIPH_CUSTOM_IV_LENGTH = $800;
-// Allow use default ASN1 get/set iv ///
-  EVP_CIPH_FLAG_DEFAULT_ASN1 = $1000;
-// Buffer length in bits not bytes: CFB1 mode only ///
-  EVP_CIPH_FLAG_LENGTH_BITS = $2000;
-// Note if suitable for use in FIPS mode ///
-  EVP_CIPH_FLAG_FIPS = $4000;
-// Allow non FIPS cipher in FIPS mode ///
-  EVP_CIPH_FLAG_NON_FIPS_ALLOW = $8000;
-//
+  EVP_CIPH_MODE = $F0007;
+// Set if variable length cipher ///
+  EVP_CIPH_VARIABLE_LENGTH = $8;
+// Set if the iv handling should be done by the cipher itself ///
+  EVP_CIPH_CUSTOM_IV = $10;
+// Set if the cipher's init() function should be called if key is NULL ///
+  EVP_CIPH_ALWAYS_CALL_INIT = $20;
+// Call ctrl() to init cipher parameters ///
+  EVP_CIPH_CTRL_INIT = $40;
+// Don't use standard key length function ///
+  EVP_CIPH_CUSTOM_KEY_LENGTH = $80;
+// Don't use standard block padding ///
+  EVP_CIPH_NO_PADDING = $100;
+// cipher handles random key generation ///
+  EVP_CIPH_RAND_KEY = $200;
+// cipher has its own additional copying logic ///
+  EVP_CIPH_CUSTOM_COPY = $400;
+// Don't use standard iv length function ///
+  EVP_CIPH_CUSTOM_IV_LENGTH = $800;
+// Allow use default ASN1 get/set iv ///
+  EVP_CIPH_FLAG_DEFAULT_ASN1 = $1000;
+// Buffer length in bits not bytes: CFB1 mode only ///
+  EVP_CIPH_FLAG_LENGTH_BITS = $2000;
+// Note if suitable for use in FIPS mode ///
+  EVP_CIPH_FLAG_FIPS = $4000;
+// Allow non FIPS cipher in FIPS mode ///
+  EVP_CIPH_FLAG_NON_FIPS_ALLOW = $8000;
+//
  // Cipher handles any and all padding logic as well as finalisation.
- ///
-  EVP_CIPH_FLAG_CUSTOM_CIPHER = $100000;
-  EVP_CIPH_FLAG_AEAD_CIPHER = $200000;
-  EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK = $400000;
-// Cipher can handle pipeline operations ///
-  EVP_CIPH_FLAG_PIPELINE = $800000;
-
-//
+ ///
+  EVP_CIPH_FLAG_CUSTOM_CIPHER = $100000;
+  EVP_CIPH_FLAG_AEAD_CIPHER = $200000;
+  EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK = $400000;
+// Cipher can handle pipeline operations ///
+  EVP_CIPH_FLAG_PIPELINE = $800000;
+
+//
  // Cipher context flag to indicate we can handle wrap mode: if allowed in
  // older applications it could overflow buffers.
- ///
-
-  EVP_CIPHER_CTX_FLAG_WRAP_ALLOW = $1;
-
-// ctrl() values ///
-
-  EVP_CTRL_INIT = $0;
+ ///
+
+  EVP_CIPHER_CTX_FLAG_WRAP_ALLOW = $1;
+
+// ctrl() values ///
+
+  EVP_CTRL_INIT = $0;
   EVP_CTRL_SET_KEY_LENGTH = $1;
   EVP_CTRL_GET_RC2_KEY_BITS = $2;
   EVP_CTRL_SET_RC2_KEY_BITS = $3;
@@ -243,67 +243,67 @@ interface
   EVP_CTRL_CCM_SET_TAG = EVP_CTRL_AEAD_SET_TAG;
   EVP_CTRL_CCM_SET_IV_FIXED = EVP_CTRL_AEAD_SET_IV_FIXED;
   EVP_CTRL_CCM_SET_L = $14;
-  EVP_CTRL_CCM_SET_MSGLEN = $15;
-//
+  EVP_CTRL_CCM_SET_MSGLEN = $15;
+//
  // AEAD cipher deduces payload length and returns number of bytes required to
  // store MAC and eventual padding. Subsequent call to EVP_Cipher even
  // appends/verifies MAC.
- ///
-  EVP_CTRL_AEAD_TLS1_AAD = $16;
-// Used by composite AEAD ciphers; no-op in GCM; CCM... ///
-  EVP_CTRL_AEAD_SET_MAC_KEY = $17;
-// Set the GCM invocation field; decrypt only ///
-  EVP_CTRL_GCM_SET_IV_INV = $18;
-
-  EVP_CTRL_TLS1_1_MULTIBLOCK_AAD = $19;
-  EVP_CTRL_TLS1_1_MULTIBLOCK_ENCRYPT = $1a;
-  EVP_CTRL_TLS1_1_MULTIBLOCK_DECRYPT = $1b;
-  EVP_CTRL_TLS1_1_MULTIBLOCK_MAX_BUFSIZE = $1c;
-
-  EVP_CTRL_SSL3_MASTER_SECRET = $1d;
-
-// EVP_CTRL_SET_SBOX takes the PIdAnsiChar// specifying S-boxes///
-  EVP_CTRL_SET_SBOX = $1e;
-//
+ ///
+  EVP_CTRL_AEAD_TLS1_AAD = $16;
+// Used by composite AEAD ciphers; no-op in GCM; CCM... ///
+  EVP_CTRL_AEAD_SET_MAC_KEY = $17;
+// Set the GCM invocation field; decrypt only ///
+  EVP_CTRL_GCM_SET_IV_INV = $18;
+
+  EVP_CTRL_TLS1_1_MULTIBLOCK_AAD = $19;
+  EVP_CTRL_TLS1_1_MULTIBLOCK_ENCRYPT = $1a;
+  EVP_CTRL_TLS1_1_MULTIBLOCK_DECRYPT = $1b;
+  EVP_CTRL_TLS1_1_MULTIBLOCK_MAX_BUFSIZE = $1c;
+
+  EVP_CTRL_SSL3_MASTER_SECRET = $1d;
+
+// EVP_CTRL_SET_SBOX takes the PIdAnsiChar// specifying S-boxes///
+  EVP_CTRL_SET_SBOX = $1e;
+//
 // EVP_CTRL_SBOX_USED takes a 'TIdC_SIZET' and 'PIdAnsiChar//'; pointing at a
 // pre-allocated buffer with specified size
-///
-  EVP_CTRL_SBOX_USED = $1f;
-// EVP_CTRL_KEY_MESH takes 'TIdC_SIZET' number of bytes to mesh the key after;
+///
+  EVP_CTRL_SBOX_USED = $1f;
+// EVP_CTRL_KEY_MESH takes 'TIdC_SIZET' number of bytes to mesh the key after;
 // 0 switches meshing off
-///
-  EVP_CTRL_KEY_MESH = $20;
-// EVP_CTRL_BLOCK_PADDING_MODE takes the padding mode///
-  EVP_CTRL_BLOCK_PADDING_MODE = $21;
-
-// Set the output buffers to use for a pipelined operation///
-  EVP_CTRL_SET_PIPELINE_OUTPUT_BUFS = $22;
-// Set the input buffers to use for a pipelined operation///
-  EVP_CTRL_SET_PIPELINE_INPUT_BUFS = $23;
-// Set the input buffer lengths to use for a pipelined operation///
-  EVP_CTRL_SET_PIPELINE_INPUT_LENS = $24;
-
-  EVP_CTRL_GET_IVLEN = $25;
-
-// Padding modes///
-  EVP_PADDING_PKCS7 = 1;
-  EVP_PADDING_ISO7816_4 = 2;
-  EVP_PADDING_ANSI923 = 3;
-  EVP_PADDING_ISO10126 = 4;
-  EVP_PADDING_ZERO = 5;
-
-// RFC 5246 defines additional data to be 13 bytes in length///
-  EVP_AEAD_TLS1_AAD_LEN = 13;
-
-// GCM TLS constants///
-// Length of fixed part of IV derived from PRF///
-  EVP_GCM_TLS_FIXED_IV_LEN = 4;
-// Length of explicit part of IV part of TLS records///
-  EVP_GCM_TLS_EXPLICIT_IV_LEN = 8;
-// Length of tag for TLS
-  EVP_GCM_TLS_TAG_LEN = 16;
-
-/// CCM TLS constants ///
+///
+  EVP_CTRL_KEY_MESH = $20;
+// EVP_CTRL_BLOCK_PADDING_MODE takes the padding mode///
+  EVP_CTRL_BLOCK_PADDING_MODE = $21;
+
+// Set the output buffers to use for a pipelined operation///
+  EVP_CTRL_SET_PIPELINE_OUTPUT_BUFS = $22;
+// Set the input buffers to use for a pipelined operation///
+  EVP_CTRL_SET_PIPELINE_INPUT_BUFS = $23;
+// Set the input buffer lengths to use for a pipelined operation///
+  EVP_CTRL_SET_PIPELINE_INPUT_LENS = $24;
+
+  EVP_CTRL_GET_IVLEN = $25;
+
+// Padding modes///
+  EVP_PADDING_PKCS7 = 1;
+  EVP_PADDING_ISO7816_4 = 2;
+  EVP_PADDING_ANSI923 = 3;
+  EVP_PADDING_ISO10126 = 4;
+  EVP_PADDING_ZERO = 5;
+
+// RFC 5246 defines additional data to be 13 bytes in length///
+  EVP_AEAD_TLS1_AAD_LEN = 13;
+
+// GCM TLS constants///
+// Length of fixed part of IV derived from PRF///
+  EVP_GCM_TLS_FIXED_IV_LEN = 4;
+// Length of explicit part of IV part of TLS records///
+  EVP_GCM_TLS_EXPLICIT_IV_LEN = 8;
+// Length of tag for TLS
+  EVP_GCM_TLS_TAG_LEN = 16;
+
+/// CCM TLS constants ///
 /// Length of fixed part of IV derived from PRF ///
   EVP_CCM_TLS_FIXED_IV_LEN = 4;
 /// Length of explicit part of IV part of TLS records ///
@@ -316,16 +316,16 @@ interface
   EVP_CCM8_TLS_TAG_LEN = 8;
 
 /// Length of tag for TLS ///
-  EVP_CHACHAPOLY_TLS_TAG_LEN = 16;
-
+  EVP_CHACHAPOLY_TLS_TAG_LEN = 16;
+
 (* Can appear as the outermost AlgorithmIdentifier *)
   EVP_PBE_TYPE_OUTER = $0;
 (* Is an PRF type OID *)
   EVP_PBE_TYPE_PRF = $1;
 (* Is a PKCS#5 v2.0 KDF *)
-  EVP_PBE_TYPE_KDF = $2;
-
-  ASN1_PKEY_ALIAS = $1;
+  EVP_PBE_TYPE_KDF = $2;
+
+  ASN1_PKEY_ALIAS = $1;
   ASN1_PKEY_DYNAMIC = $2;
   ASN1_PKEY_SIGPARAM_NULL = $4;
 
@@ -337,8 +337,8 @@ interface
   ASN1_PKEY_CTRL_CMS_RI_TYPE = $8;
 
   ASN1_PKEY_CTRL_SET1_TLS_ENCPT = $9;
-  ASN1_PKEY_CTRL_GET1_TLS_ENCPT = $a;
-
+  ASN1_PKEY_CTRL_GET1_TLS_ENCPT = $a;
+
   EVP_PKEY_OP_UNDEFINED = 0;
   EVP_PKEY_OP_PARAMGEN = (1 shl 1);
   EVP_PKEY_OP_KEYGEN = (1 shl 2);
@@ -349,8 +349,8 @@ interface
   EVP_PKEY_OP_VERIFYCTX = (1 shl 7);
   EVP_PKEY_OP_ENCRYPT = (1 shl 8);
   EVP_PKEY_OP_DECRYPT = (1 shl 9);
-  EVP_PKEY_OP_DERIVE = (1 shl 10);
-
+  EVP_PKEY_OP_DERIVE = (1 shl 10);
+
   EVP_PKEY_OP_TYPE_SIG = EVP_PKEY_OP_SIGN or EVP_PKEY_OP_VERIFY
     or EVP_PKEY_OP_VERIFYRECOVER or EVP_PKEY_OP_SIGNCTX or EVP_PKEY_OP_VERIFYCTX;
 
@@ -391,58 +391,58 @@ interface
   //
  // Method handles all operations: don't assume any digest related defaults.
  //
-  EVP_PKEY_FLAG_SIGCTX_CUSTOM = 4;
-
-type
-  EVP_MD_meth_init = function(ctx: PEVP_MD_CTX): TIdC_INT; cdecl;
-  EVP_MD_meth_update = function(ctx: PEVP_MD_CTX; const data: Pointer;
-    count: TIdC_SIZET): TIdC_INT; cdecl;
-  EVP_MD_meth_final = function(ctx: PEVP_MD_CTX; const md: PByte): TIdC_INT; cdecl;
-  EVP_MD_meth_copy = function(&to: PEVP_MD_CTX; const from: PEVP_MD_CTX): TIdC_INT; cdecl;
-  EVP_MD_meth_cleanup = function(ctx: PEVP_MD_CTX): TIdC_INT; cdecl;
-  EVP_MD_meth_ctrl = function(ctx: PEVP_MD_CTX; cmd: TIdC_INT; p1: TIdC_INT;
-    p2: Pointer): TIdC_INT; cdecl;
-
-  EVP_CIPHER_meth_init = function(ctx: PEVP_CIPHER_CTX; const key: PByte;
-    const iv: PByte; enc: TIdC_SIZET): TIdC_INT; cdecl;
-  EVP_CIPHER_meth_do_cipher = function(ctx: PEVP_CIPHER_CTX; &out: PByte;
-    const &in: PByte; inl: TIdC_SIZET): TIdC_INT; cdecl;
-  EVP_CIPHER_meth_cleanup = function(v1: PEVP_CIPHER_CTX): TIdC_INT; cdecl;
-  EVP_CIPHER_meth_set_asn1_params = function(v1: PEVP_CIPHER_CTX;
-    v2: PASN1_TYPE): TIdC_INT; cdecl;
-  EVP_CIPHER_meth_get_asn1_params = function(v1: PEVP_CIPHER_CTX;
-    v2: PASN1_TYPE): TIdC_INT; cdecl;
-  EVP_CIPHER_meth_ctrl = function(v1: PEVP_CIPHER_CTX; &type: TIdC_INT;
-    arg: TIdC_INT; ptr: Pointer): TIdC_INT; cdecl;
-
-  EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM = record
-    &out: PByte;
-    inp: PByte;
-    len: TIdC_SIZET;
-    interleave: TidC_UINT;
-  end;
-
-  evp_cipher_info_st = record
-    cipher: PEVP_CIPHER;
-    iv: array[0 .. EVP_MAX_IV_LENGTH - 1] of PByte;
-  end;
-  EVP_CIPHER_INFO = evp_cipher_info_st;
-
-  EVP_MD_CTX_update = function(ctx: PEVP_MD_CTX; const data: Pointer; count: TIdC_SIZET): TIdC_INT; cdecl;
-
-  fn = procedure(const ciph: PEVP_CIPHER; const from: PIdAnsiChar; const &to: PIdAnsiChar; x: Pointer); cdecl;
-
+  EVP_PKEY_FLAG_SIGCTX_CUSTOM = 4;
+
+type
+  EVP_MD_meth_init = function(ctx: PEVP_MD_CTX): TIdC_INT; cdecl;
+  EVP_MD_meth_update = function(ctx: PEVP_MD_CTX; const data: Pointer;
+    count: TIdC_SIZET): TIdC_INT; cdecl;
+  EVP_MD_meth_final = function(ctx: PEVP_MD_CTX; const md: PByte): TIdC_INT; cdecl;
+  EVP_MD_meth_copy = function(&to: PEVP_MD_CTX; const from: PEVP_MD_CTX): TIdC_INT; cdecl;
+  EVP_MD_meth_cleanup = function(ctx: PEVP_MD_CTX): TIdC_INT; cdecl;
+  EVP_MD_meth_ctrl = function(ctx: PEVP_MD_CTX; cmd: TIdC_INT; p1: TIdC_INT;
+    p2: Pointer): TIdC_INT; cdecl;
+
+  EVP_CIPHER_meth_init = function(ctx: PEVP_CIPHER_CTX; const key: PByte;
+    const iv: PByte; enc: TIdC_SIZET): TIdC_INT; cdecl;
+  EVP_CIPHER_meth_do_cipher = function(ctx: PEVP_CIPHER_CTX; out_: PByte;
+    const in_: PByte; inl: TIdC_SIZET): TIdC_INT; cdecl;
+  EVP_CIPHER_meth_cleanup = function(v1: PEVP_CIPHER_CTX): TIdC_INT; cdecl;
+  EVP_CIPHER_meth_set_asn1_params = function(v1: PEVP_CIPHER_CTX;
+    v2: PASN1_TYPE): TIdC_INT; cdecl;
+  EVP_CIPHER_meth_get_asn1_params = function(v1: PEVP_CIPHER_CTX;
+    v2: PASN1_TYPE): TIdC_INT; cdecl;
+  EVP_CIPHER_meth_ctrl = function(v1: PEVP_CIPHER_CTX; type_: TIdC_INT;
+    arg: TIdC_INT; ptr: Pointer): TIdC_INT; cdecl;
+
+  EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM = record
+    out_: PByte;
+    inp: PByte;
+    len: TIdC_SIZET;
+    interleave: TidC_UINT;
+  end;
+
+  evp_cipher_info_st = record
+    cipher: PEVP_CIPHER;
+    iv: array[0 .. EVP_MAX_IV_LENGTH - 1] of PByte;
+  end;
+  EVP_CIPHER_INFO = evp_cipher_info_st;
+
+  EVP_MD_CTX_update = function(ctx: PEVP_MD_CTX; const data: Pointer; count: TIdC_SIZET): TIdC_INT; cdecl;
+
+  fn = procedure(const ciph: PEVP_CIPHER; const from: PIdAnsiChar; const to_: PIdAnsiChar; x: Pointer); cdecl;
+
   rsa_st = type Pointer;
-  Prsa_st = ^rsa_st;
-
+  Prsa_st = ^rsa_st;
+
   dsa_st = type Pointer;
-
  Pdsa_st = ^dsa_st;
+  Pdsa_st = ^dsa_st;
 
   dh_st = type Pointer;
-
  Pdh_st = ^dh_st;
+  Pdh_st = ^dh_st;
   ec_key_st = type Pointer;
-
  Pec_key_st = ^ec_key_st;
-
+  Pec_key_st = ^ec_key_st;
+
   pub_decode = function(pk: PEVP_PKEY; pub: PX509_PUBKEY): TIdC_INT; cdecl;
   pub_encode = function(pub: PX509_PUBKEY; const pk: PEVP_PKEY): TIdC_INT; cdecl;
   pub_cmd = function(const a: PEVP_PKEY; const b: PEVP_PKEY): TIdC_INT; cdecl;
@@ -475,8 +475,8 @@   evp_cipher_info_st = record
   set_pub_key = function(pk: PEVP_PKEY; const pub: PByte; len: TIdC_SIZET): TIdC_INT; cdecl;
   get_priv_key = function(const pk: PEVP_PKEY; priv: PByte; len: PIdC_SIZET): TIdC_INT; cdecl;
   get_pub_key = function(const pk: PEVP_PKEY; pub: PByte; len: PIdC_SIZET): TIdC_INT; cdecl;
-  pkey_security_bits = function(const pk: PEVP_PKEY): TIdC_INT; cdecl;
-
+  pkey_security_bits = function(const pk: PEVP_PKEY): TIdC_INT; cdecl;
+
   EVP_PKEY_gen_cb = function(ctx: PEVP_PKEY_CTX): TIdC_INT; cdecl;
 //  PEVP_PKEY_gen_cb = ^EVP_PKEY_gen_cb;
 
@@ -521,19 +521,19 @@   evp_cipher_info_st = record
   PEVP_PKEY_meth_verifyctx = ^EVP_PKEY_meth_verifyctx;
   EVP_PKEY_meth_encrypt_init = function(ctx: PEVP_PKEY_CTX): TIdC_INT; cdecl;
   PEVP_PKEY_meth_encrypt_init = ^EVP_PKEY_meth_encrypt_init;
-  EVP_PKEY_meth_encrypt = function(ctx: PEVP_PKEY_CTX; &out: PByte;
-    outlen: TIdC_SIZET; const &in: PByte): TIdC_INT; cdecl;
+  EVP_PKEY_meth_encrypt = function(ctx: PEVP_PKEY_CTX; out_: PByte;
+    outlen: TIdC_SIZET; const in_: PByte): TIdC_INT; cdecl;
   PEVP_PKEY_meth_encrypt = ^ EVP_PKEY_meth_encrypt;
   EVP_PKEY_meth_decrypt_init = function(ctx: PEVP_PKEY_CTX): TIdC_INT; cdecl;
   PEVP_PKEY_meth_decrypt_init = ^EVP_PKEY_meth_decrypt_init;
-  EVP_PKEY_meth_decrypt = function(ctx: PEVP_PKEY_CTX; &out: PByte;
-    outlen: TIdC_SIZET; const &in: PByte; inlen: TIdC_SIZET): TIdC_INT; cdecl;
+  EVP_PKEY_meth_decrypt = function(ctx: PEVP_PKEY_CTX; out_: PByte;
+    outlen: TIdC_SIZET; const in_: PByte; inlen: TIdC_SIZET): TIdC_INT; cdecl;
   PEVP_PKEY_meth_decrypt = ^EVP_PKEY_meth_decrypt;
   EVP_PKEY_meth_derive_init = function(ctx: PEVP_PKEY_CTX): TIdC_INT; cdecl;
   PEVP_PKEY_meth_derive_init = ^EVP_PKEY_meth_derive_init;
   EVP_PKEY_meth_derive = function(ctx: PEVP_PKEY_CTX; key: PByte; keylen: PIdC_SIZET): TIdC_INT; cdecl;
   PEVP_PKEY_meth_derive = ^EVP_PKEY_meth_derive;
-  EVP_PKEY_meth_ctrl = function(ctx: PEVP_PKEY_CTX; &type: TIdC_INT; p1: TIdC_INT; p2: Pointer): TIdC_INT; cdecl;
+  EVP_PKEY_meth_ctrl = function(ctx: PEVP_PKEY_CTX; type_: TIdC_INT; p1: TIdC_INT; p2: Pointer): TIdC_INT; cdecl;
   PEVP_PKEY_meth_ctrl = ^EVP_PKEY_meth_ctrl;
   EVP_PKEY_meth_ctrl_str = function(ctx: PEVP_PKEY_CTX; key: PByte; keylen: PIdC_SIZET): TIdC_INT; cdecl;
   PEVP_PKEY_meth_ctrl_str = ^EVP_PKEY_meth_ctrl_str;
@@ -550,72 +550,70 @@   evp_cipher_info_st = record
   EVP_PKEY_meth_param_check = function(pkey: PEVP_PKEY): TIdC_INT; cdecl;
   PEVP_PKEY_meth_param_check = ^EVP_PKEY_meth_param_check;
   EVP_PKEY_meth_digest_custom = function(pkey: PEVP_PKEY; mctx: PEVP_MD_CTX): TIdC_INT; cdecl;
-  PEVP_PKEY_meth_digest_custom = ^EVP_PKEY_meth_digest_custom;
-
-  // Password based encryption function
-  EVP_PBE_KEYGEN = function(ctx: PEVP_CIPHER_CTX; const pass: PIdAnsiChar;
-    passlen: TIdC_INT; param: PASN1_TYPE; const cipher: PEVP_CIPHER;
-    const md: PEVP_MD; en_de: TIdC_INT): TIdC_INT; cdecl;
-  PEVP_PBE_KEYGEN = ^EVP_PBE_KEYGEN;
-  PPEVP_PBE_KEYGEN = ^PEVP_PBE_KEYGEN;
-
-{$REGION 'C compiler macros'}
-function EVP_PKEY_assign_RSA(pkey: PEVP_PKEY; rsa: Pointer): TIdC_INT;
-function EVP_PKEY_assign_DSA(pkey: PEVP_PKEY; dsa: Pointer): TIdC_INT;
+  PEVP_PKEY_meth_digest_custom = ^EVP_PKEY_meth_digest_custom;
+
+  // Password based encryption function
+  EVP_PBE_KEYGEN = function(ctx: PEVP_CIPHER_CTX; const pass: PIdAnsiChar;
+    passlen: TIdC_INT; param: PASN1_TYPE; const cipher: PEVP_CIPHER;
+    const md: PEVP_MD; en_de: TIdC_INT): TIdC_INT; cdecl;
+  PEVP_PBE_KEYGEN = ^EVP_PBE_KEYGEN;
+  PPEVP_PBE_KEYGEN = ^PEVP_PBE_KEYGEN;
+
+function EVP_PKEY_assign_RSA(pkey: PEVP_PKEY; rsa: Pointer): TIdC_INT;
+function EVP_PKEY_assign_DSA(pkey: PEVP_PKEY; dsa: Pointer): TIdC_INT;
 function EVP_PKEY_assign_DH(pkey: PEVP_PKEY; dh: Pointer): TIdC_INT;
 function EVP_PKEY_assign_EC_KEY(pkey: PEVP_PKEY; eckey: Pointer): TIdC_INT;
 function EVP_PKEY_assign_SIPHASH(pkey: PEVP_PKEY; shkey: Pointer): TIdC_INT;
 function EVP_PKEY_assign_POLY1305(pkey: PEVP_PKEY; polykey: Pointer): TIdC_INT;
-{$ENDREGION}
-
-var
-  function EVP_MD_meth_new(md_type: TIdC_INT; pkey_type: TIdC_INT): PEVP_MD;
-  function EVP_MD_meth_dup(const md: PEVP_MD): PEVP_MD;
-  procedure EVP_MD_meth_free(md: PEVP_MD);
-
-  function EVP_MD_meth_set_input_blocksize(md: PEVP_MD; blocksize: TIdC_INT): TIdC_INT;
-  function EVP_MD_meth_set_result_size(md: PEVP_MD; resultsize: TIdC_INT): TIdC_INT;
-  function EVP_MD_meth_set_app_datasize(md: PEVP_MD; datasize: TIdC_INT): TIdC_INT;
-  function EVP_MD_meth_set_flags(md: PEVP_MD; flags: TIdC_ULONG): TIdC_INT;
-  function EVP_MD_meth_set_init(md: PEVP_MD; init: EVP_MD_meth_init): TIdC_INT;
-  function EVP_MD_meth_set_update(md: PEVP_MD; update: EVP_MD_meth_update): TIdC_INT;
-  function EVP_MD_meth_set_final(md: PEVP_MD; &final: EVP_MD_meth_final): TIdC_INT;
-  function EVP_MD_meth_set_copy(md: PEVP_MD; copy: EVP_MD_meth_copy): TIdC_INT;
-  function EVP_MD_meth_set_cleanup(md: PEVP_MD; cleanup: EVP_MD_meth_cleanup): TIdC_INT;
-  function EVP_MD_meth_set_ctrl(md: PEVP_MD; ctrl: EVP_MD_meth_ctrl): TIdC_INT;
-
-  function EVP_MD_meth_get_input_blocksize(const md: PEVP_MD): TIdC_INT;
-  function EVP_MD_meth_get_result_size(const md: PEVP_MD): TIdC_INT;
-  function EVP_MD_meth_get_app_datasize(const md: PEVP_MD): TIdC_INT;
-  function EVP_MD_meth_get_flags(const md: PEVP_MD): TIdC_ULONG;
-  function EVP_MD_meth_get_init(const md: PEVP_MD): EVP_MD_meth_init;
-  function EVP_MD_meth_get_update(const md: PEVP_MD): EVP_MD_meth_update;
-  function EVP_MD_meth_get_final(const md: PEVP_MD): EVP_MD_meth_final;
-  function EVP_MD_meth_get_copy(const md: PEVP_MD): EVP_MD_meth_copy;
-  function EVP_MD_meth_get_cleanup(const md: PEVP_MD): EVP_MD_meth_cleanup;
-  function EVP_MD_meth_get_ctrl(const md: PEVP_MD): EVP_MD_meth_ctrl;
-
-  function EVP_CIPHER_meth_new(cipher_type: TIdC_INT; block_size: TIdC_INT; key_len: TIdC_INT): PEVP_CIPHER;
-  function EVP_CIPHER_meth_dup(const cipher: PEVP_CIPHER): PEVP_CIPHER;
-  procedure EVP_CIPHER_meth_free(cipher: PEVP_CIPHER);
-
-  function EVP_CIPHER_meth_set_iv_length(cipher: PEVP_CIPHER; iv_len: TIdC_INT): TIdC_INT;
-  function EVP_CIPHER_meth_set_flags(cipher: PEVP_CIPHER; flags: TIdC_ULONG): TIdC_INT;
-  function EVP_CIPHER_meth_set_impl_ctx_size(cipher: PEVP_CIPHER; ctx_size: TIdC_INT): TIdC_INT;
-  function EVP_CIPHER_meth_set_init(cipher: PEVP_CIPHER; init: EVP_CIPHER_meth_init): TIdC_INT;
-  function EVP_CIPHER_meth_set_do_cipher(cipher: PEVP_CIPHER; do_cipher: EVP_CIPHER_meth_do_cipher): TIdC_INT;
-  function EVP_CIPHER_meth_set_cleanup(cipher: PEVP_CIPHER; cleanup: EVP_CIPHER_meth_cleanup): TIdC_INT;
-  function EVP_CIPHER_meth_set_set_asn1_params(cipher: PEVP_CIPHER; set_asn1_parameters: EVP_CIPHER_meth_set_asn1_params): TIdC_INT;
-  function EVP_CIPHER_meth_set_get_asn1_params(cipher: PEVP_CIPHER; get_asn1_parameters: EVP_CIPHER_meth_get_asn1_params): TIdC_INT;
-  function EVP_CIPHER_meth_set_ctrl(cipher: PEVP_CIPHER; ctrl: EVP_CIPHER_meth_ctrl): TIdC_INT;
-  function EVP_CIPHER_meth_get_init(const cipher: PEVP_CIPHER): EVP_CIPHER_meth_init;
-  function EVP_CIPHER_meth_get_do_cipher(const cipher: PEVP_CIPHER): EVP_CIPHER_meth_do_cipher;
-  function EVP_CIPHER_meth_get_cleanup(const cipher: PEVP_CIPHER): EVP_CIPHER_meth_cleanup;
-  function EVP_CIPHER_meth_get_set_asn1_params(const cipher: PEVP_CIPHER): EVP_CIPHER_meth_set_asn1_params;
-  function EVP_CIPHER_meth_get_get_asn1_params(const cipher: PEVP_CIPHER): EVP_CIPHER_meth_get_asn1_params;
-  function EVP_CIPHER_meth_get_ctrl(const cipher: PEVP_CIPHER): EVP_CIPHER_meth_ctrl;
-
-  /// Add some extra combinations ///
+
+var
+  function EVP_MD_meth_new(md_type: TIdC_INT; pkey_type: TIdC_INT): PEVP_MD;
+  function EVP_MD_meth_dup(const md: PEVP_MD): PEVP_MD;
+  procedure EVP_MD_meth_free(md: PEVP_MD);
+
+  function EVP_MD_meth_set_input_blocksize(md: PEVP_MD; blocksize: TIdC_INT): TIdC_INT;
+  function EVP_MD_meth_set_result_size(md: PEVP_MD; resultsize: TIdC_INT): TIdC_INT;
+  function EVP_MD_meth_set_app_datasize(md: PEVP_MD; datasize: TIdC_INT): TIdC_INT;
+  function EVP_MD_meth_set_flags(md: PEVP_MD; flags: TIdC_ULONG): TIdC_INT;
+  function EVP_MD_meth_set_init(md: PEVP_MD; init: EVP_MD_meth_init): TIdC_INT;
+  function EVP_MD_meth_set_update(md: PEVP_MD; update: EVP_MD_meth_update): TIdC_INT;
+  function EVP_MD_meth_set_final(md: PEVP_MD; final_: EVP_MD_meth_final): TIdC_INT;
+  function EVP_MD_meth_set_copy(md: PEVP_MD; copy: EVP_MD_meth_copy): TIdC_INT;
+  function EVP_MD_meth_set_cleanup(md: PEVP_MD; cleanup: EVP_MD_meth_cleanup): TIdC_INT;
+  function EVP_MD_meth_set_ctrl(md: PEVP_MD; ctrl: EVP_MD_meth_ctrl): TIdC_INT;
+
+  function EVP_MD_meth_get_input_blocksize(const md: PEVP_MD): TIdC_INT;
+  function EVP_MD_meth_get_result_size(const md: PEVP_MD): TIdC_INT;
+  function EVP_MD_meth_get_app_datasize(const md: PEVP_MD): TIdC_INT;
+  function EVP_MD_meth_get_flags(const md: PEVP_MD): TIdC_ULONG;
+  function EVP_MD_meth_get_init(const md: PEVP_MD): EVP_MD_meth_init;
+  function EVP_MD_meth_get_update(const md: PEVP_MD): EVP_MD_meth_update;
+  function EVP_MD_meth_get_final(const md: PEVP_MD): EVP_MD_meth_final;
+  function EVP_MD_meth_get_copy(const md: PEVP_MD): EVP_MD_meth_copy;
+  function EVP_MD_meth_get_cleanup(const md: PEVP_MD): EVP_MD_meth_cleanup;
+  function EVP_MD_meth_get_ctrl(const md: PEVP_MD): EVP_MD_meth_ctrl;
+
+  function EVP_CIPHER_meth_new(cipher_type: TIdC_INT; block_size: TIdC_INT; key_len: TIdC_INT): PEVP_CIPHER;
+  function EVP_CIPHER_meth_dup(const cipher: PEVP_CIPHER): PEVP_CIPHER;
+  procedure EVP_CIPHER_meth_free(cipher: PEVP_CIPHER);
+
+  function EVP_CIPHER_meth_set_iv_length(cipher: PEVP_CIPHER; iv_len: TIdC_INT): TIdC_INT;
+  function EVP_CIPHER_meth_set_flags(cipher: PEVP_CIPHER; flags: TIdC_ULONG): TIdC_INT;
+  function EVP_CIPHER_meth_set_impl_ctx_size(cipher: PEVP_CIPHER; ctx_size: TIdC_INT): TIdC_INT;
+  function EVP_CIPHER_meth_set_init(cipher: PEVP_CIPHER; init: EVP_CIPHER_meth_init): TIdC_INT;
+  function EVP_CIPHER_meth_set_do_cipher(cipher: PEVP_CIPHER; do_cipher: EVP_CIPHER_meth_do_cipher): TIdC_INT;
+  function EVP_CIPHER_meth_set_cleanup(cipher: PEVP_CIPHER; cleanup: EVP_CIPHER_meth_cleanup): TIdC_INT;
+  function EVP_CIPHER_meth_set_set_asn1_params(cipher: PEVP_CIPHER; set_asn1_parameters: EVP_CIPHER_meth_set_asn1_params): TIdC_INT;
+  function EVP_CIPHER_meth_set_get_asn1_params(cipher: PEVP_CIPHER; get_asn1_parameters: EVP_CIPHER_meth_get_asn1_params): TIdC_INT;
+  function EVP_CIPHER_meth_set_ctrl(cipher: PEVP_CIPHER; ctrl: EVP_CIPHER_meth_ctrl): TIdC_INT;
+  function EVP_CIPHER_meth_get_init(const cipher: PEVP_CIPHER): EVP_CIPHER_meth_init;
+  function EVP_CIPHER_meth_get_do_cipher(const cipher: PEVP_CIPHER): EVP_CIPHER_meth_do_cipher;
+  function EVP_CIPHER_meth_get_cleanup(const cipher: PEVP_CIPHER): EVP_CIPHER_meth_cleanup;
+  function EVP_CIPHER_meth_get_set_asn1_params(const cipher: PEVP_CIPHER): EVP_CIPHER_meth_set_asn1_params;
+  function EVP_CIPHER_meth_get_get_asn1_params(const cipher: PEVP_CIPHER): EVP_CIPHER_meth_get_asn1_params;
+  function EVP_CIPHER_meth_get_ctrl(const cipher: PEVP_CIPHER): EVP_CIPHER_meth_ctrl;
+
+  /// Add some extra combinations ///
   //# define EVP_get_digestbynid(a) EVP_get_digestbyname(OBJ_nid2sn(a));
   //# define EVP_get_digestbyobj(a) EVP_get_digestbynid(OBJ_obj2nid(a));
   //# define EVP_get_cipherbynid(a) EVP_get_cipherbyname(OBJ_nid2sn(a));
@@ -656,11 +654,11 @@ function EVP_PKEY_assign_POLY1305(pkey: PEVP_PKEY; polykey: Pointer): TIdC_INT;
   function EVP_CIPHER_CTX_iv_length(const ctx: PEVP_CIPHER_CTX): TIdC_INT;
   function EVP_CIPHER_CTX_iv(const ctx: PEVP_CIPHER_CTX): PByte;
   function EVP_CIPHER_CTX_original_iv(const ctx: PEVP_CIPHER_CTX): PByte;
-  function EVP_CIPHER_CTX_iv_noconst(ctx: PEVP_CIPHER_CTX): PByte;
+  function EVP_CIPHER_CTX_iv_noconst(ctx: PEVP_CIPHER_CTX): PByte;
   function EVP_CIPHER_CTX_buf_noconst(ctx: PEVP_CIPHER_CTX): PByte;
   function EVP_CIPHER_CTX_num(const ctx: PEVP_CIPHER_CTX): TIdC_INT;
   procedure EVP_CIPHER_CTX_set_num(ctx: PEVP_CIPHER_CTX; num: TIdC_INT);
-  function EVP_CIPHER_CTX_copy(&out: PEVP_CIPHER_CTX; const &in: PEVP_CIPHER_CTX): TIdC_INT;
+  function EVP_CIPHER_CTX_copy(&out: PEVP_CIPHER_CTX; const in_: PEVP_CIPHER_CTX): TIdC_INT;
   function EVP_CIPHER_CTX_get_app_data(const ctx: PEVP_CIPHER_CTX): Pointer;
   procedure EVP_CIPHER_CTX_set_app_data(ctx: PEVP_CIPHER_CTX; data: Pointer);
   function EVP_CIPHER_CTX_get_cipher_data(const ctx: PEVP_CIPHER_CTX): Pointer;
@@ -693,7 +691,7 @@ function EVP_PKEY_assign_POLY1305(pkey: PEVP_PKEY; polykey: Pointer): TIdC_INT;
   //# define BIO_get_cipher_status(b)   BIO_ctrl(b;BIO_C_GET_CIPHER_STATUS;0;NULL)
   //# define BIO_get_cipher_ctx(b;c_pp) BIO_ctrl(b;BIO_C_GET_CIPHER_CTX;0; (PIdAnsiChar)(c_pp))
 
-  //function EVP_Cipher(c: PEVP_CIPHER_CTX; &out: PByte; const &in: PByte; in1: TIdC_UINT): TIdC_INT;
+  //function EVP_Cipher(c: PEVP_CIPHER_CTX; out_: PByte; const in_: PByte; in1: TIdC_UINT): TIdC_INT;
 
   //# define EVP_add_cipher_alias(n;alias) OBJ_NAME_add((alias);OBJ_NAME_TYPE_CIPHER_METH|OBJ_NAME_ALIAS;(n))
   //# define EVP_add_digest_alias(n;alias) OBJ_NAME_add((alias);OBJ_NAME_TYPE_MD_METH|OBJ_NAME_ALIAS;(n))
@@ -707,17 +705,17 @@ function EVP_PKEY_assign_POLY1305(pkey: PEVP_PKEY; polykey: Pointer): TIdC_INT;
   //# define EVP_MD_CTX_create()     EVP_MD_CTX_new()
   //# define EVP_MD_CTX_init(ctx)    EVP_MD_CTX_reset((ctx))
   //# define EVP_MD_CTX_destroy(ctx) EVP_MD_CTX_free((ctx))
-  function EVP_MD_CTX_copy_ex(&out: PEVP_MD_CTX; const &in: PEVP_MD_CTX): TIdC_INT;
+  function EVP_MD_CTX_copy_ex(&out: PEVP_MD_CTX; const in_: PEVP_MD_CTX): TIdC_INT;
   procedure EVP_MD_CTX_set_flags(ctx: PEVP_MD_CTX; flags: TIdC_INT);
   procedure EVP_MD_CTX_clear_flags(ctx: PEVP_MD_CTX; flags: TIdC_INT);
   function EVP_MD_CTX_test_flags(const ctx: PEVP_MD_CTX; flags: TIdC_INT): TIdC_INT;
-  function EVP_DigestInit_ex(ctx: PEVP_MD_CTX; const &type: PEVP_MD; impl: PENGINE): TIdC_INT;
+  function EVP_DigestInit_ex(ctx: PEVP_MD_CTX; const type_: PEVP_MD; impl: PENGINE): TIdC_INT;
   function EVP_DigestUpdate(ctx: PEVP_MD_CTX; const d: Pointer; cnt: TIdC_SIZET): TIdC_INT;
   function EVP_DigestFinal_ex(ctx: PEVP_MD_CTX; md: PByte; s: PIdC_UINT): TIdC_INT;
-  function EVP_Digest(const data: Pointer; count: TIdC_SIZET; md: PByte; size: PIdC_UINT; const &type: PEVP_MD; impl: PENGINE): TIdC_INT;
+  function EVP_Digest(const data: Pointer; count: TIdC_SIZET; md: PByte; size: PIdC_UINT; const type_: PEVP_MD; impl: PENGINE): TIdC_INT;
 
-  function EVP_MD_CTX_copy(&out: PEVP_MD_CTX; const &in: PEVP_MD_CTX): TIdC_INT;
-  function EVP_DigestInit(ctx: PEVP_MD_CTX; const &type: PEVP_MD): TIdC_INT;
+  function EVP_MD_CTX_copy(&out: PEVP_MD_CTX; const in_: PEVP_MD_CTX): TIdC_INT;
+  function EVP_DigestInit(ctx: PEVP_MD_CTX; const type_: PEVP_MD): TIdC_INT;
   function EVP_DigestFinal(ctx: PEVP_MD_CTX; md: PByte; s: PIdC_UINT): TIdC_INT;
   function EVP_DigestFinalXOF(ctx: PEVP_MD_CTX; md: PByte; len: TIdC_SIZET): TIdC_INT;
 
@@ -725,7 +723,7 @@ function EVP_PKEY_assign_POLY1305(pkey: PEVP_PKEY; polykey: Pointer): TIdC_INT;
   function EVP_read_pw_string_min(buf: PIdAnsiChar; minlen: TIdC_INT; maxlen: TIdC_INT; const prompt: PIdAnsiChar; verify: TIdC_INT): TIdC_INT;
   procedure EVP_set_pw_prompt(const prompt: PIdAnsiChar);
   function EVP_get_pw_prompt: PIdAnsiChar;
-  function EVP_BytesToKey(const &type: PEVP_CIPHER; const md: PEVP_MD; const salt: PByte; const data: PByte; data1: TIdC_INT; count: TIdC_INT; key: PByte; iv: PByte): TIdC_INT;
+  function EVP_BytesToKey(const type_: PEVP_CIPHER; const md: PEVP_MD; const salt: PByte; const data: PByte; data1: TIdC_INT; count: TIdC_INT; key: PByte; iv: PByte): TIdC_INT;
 
   procedure EVP_CIPHER_CTX_set_flags(ctx: PEVP_CIPHER_CTX; flags: TIdC_INT);
   procedure EVP_CIPHER_CTX_clear_flags(ctx: PEVP_CIPHER_CTX; flags: TIdC_INT);
@@ -733,19 +731,19 @@ function EVP_PKEY_assign_POLY1305(pkey: PEVP_PKEY; polykey: Pointer): TIdC_INT;
 
   function EVP_EncryptInit(ctx: PEVP_CIPHER_CTX; const cipher: PEVP_CIPHER; const key: PByte; const iv: PByte): TIdC_INT;
   function EVP_EncryptInit_ex(ctx: PEVP_CIPHER_CTX; const cipher: PEVP_CIPHER; impl: PENGINE; const key: PByte; const iv: PByte): TIdC_INT;
-  function EVP_EncryptUpdate(ctx: PEVP_CIPHER_CTX; &out: PByte; out1: PIdC_INT; const &in: PByte; &in1: TIdC_INT): TIdC_INT;
-  function EVP_EncryptFinal_ex(ctx: PEVP_CIPHER_CTX; &out: PByte; out1: PIdC_INT): TIdC_INT;
-  function EVP_EncryptFinal(ctx: PEVP_CIPHER_CTX; &out: PByte; out1: PIdC_INT): TIdC_INT;
+  function EVP_EncryptUpdate(ctx: PEVP_CIPHER_CTX; out_: PByte; out1: PIdC_INT; const in_: PByte; &in1: TIdC_INT): TIdC_INT;
+  function EVP_EncryptFinal_ex(ctx: PEVP_CIPHER_CTX; out_: PByte; out1: PIdC_INT): TIdC_INT;
+  function EVP_EncryptFinal(ctx: PEVP_CIPHER_CTX; out_: PByte; out1: PIdC_INT): TIdC_INT;
 
-  function EVP_DecryptInit(ctx: PEVP_CIPHER_CTX; &out: PByte; out1: PidC_INT): TIdC_INT;
+  function EVP_DecryptInit(ctx: PEVP_CIPHER_CTX; out_: PByte; out1: PidC_INT): TIdC_INT;
   function EVP_DecryptInit_ex(ctx: PEVP_CIPHER_CTX; const cipher: PEVP_CIPHER; impl: PENGINE; const key: PByte; const iv: PByte): TIdC_INT;
-  function EVP_DecryptUpdate(ctx: PEVP_CIPHER_CTX; &out: PByte; out1: PIdC_INT; const &in: PByte; &in1: TIdC_INT): TIdC_INT;
+  function EVP_DecryptUpdate(ctx: PEVP_CIPHER_CTX; out_: PByte; out1: PIdC_INT; const in_: PByte; &in1: TIdC_INT): TIdC_INT;
   function EVP_DecryptFinal(ctx: PEVP_CIPHER_CTX; outm: PByte; out1: PIdC_INT): TIdC_INT;
   function EVP_DecryptFinal_ex(ctx: PEVP_MD_CTX; outm: PByte; out1: PIdC_INT): TIdC_INT;
 
   function EVP_CipherInit(ctx: PEVP_CIPHER_CTX; const cipher: PEVP_CIPHER; const key: PByte; const iv: PByte; enc: TIdC_INT): TIdC_INT;
   function EVP_CipherInit_ex(ctx: PEVP_CIPHER_CTX; const cipher: PEVP_CIPHER; impl: PENGINE; const key: PByte; const iv: PByte; enc: TidC_INT): TIdC_INT;
-  function EVP_CipherUpdate(ctx: PEVP_CIPHER_CTX; &out: PByte; out1: PIdC_INT; const &in: PByte; in1: TIdC_INT): TIdC_INT;
+  function EVP_CipherUpdate(ctx: PEVP_CIPHER_CTX; out_: PByte; out1: PIdC_INT; const in_: PByte; in1: TIdC_INT): TIdC_INT;
   function EVP_CipherFinal(ctx: PEVP_CIPHER_CTX; outm: PByte; out1: PIdC_INT): TIdC_INT;
   function EVP_CipherFinal_ex(ctx: PEVP_CIPHER_CTX; outm: PByte; out1: PIdC_INT): TIdC_INT;
 
@@ -757,30 +755,30 @@ function EVP_PKEY_assign_POLY1305(pkey: PEVP_PKEY; polykey: Pointer): TIdC_INT;
 
   function EVP_DigestVerify(ctx: PEVP_CIPHER_CTX; const sigret: PByte; siglen: TIdC_SIZET; const tbs: PByte; tbslen: TIdC_SIZET): TIdC_INT;
 
-  function EVP_DigestSignInit(ctx: PEVP_CIPHER_CTX; pctx: PPEVP_PKEY_CTX; const &type: PEVP_MD; e: PENGINE; pkey: PEVP_PKEY): TIdC_INT;
+  function EVP_DigestSignInit(ctx: PEVP_CIPHER_CTX; pctx: PPEVP_PKEY_CTX; const type_: PEVP_MD; e: PENGINE; pkey: PEVP_PKEY): TIdC_INT;
   function EVP_DigestSignFinal(ctx: PEVP_CIPHER_CTX; sigret: PByte; siglen: PIdC_SIZET): TIdC_INT;
 
-  function EVP_DigestVerifyInit(ctx: PEVP_MD_CTX; ppctx: PPEVP_PKEY_CTX; const &type: PEVP_MD; e: PENGINE; pkey: PEVP_PKEY): TIdC_INT;
+  function EVP_DigestVerifyInit(ctx: PEVP_MD_CTX; ppctx: PPEVP_PKEY_CTX; const type_: PEVP_MD; e: PENGINE; pkey: PEVP_PKEY): TIdC_INT;
   function EVP_DigestVerifyFinal(ctx: PEVP_MD_CTX; const sig: PByte; siglen: TIdC_SIZET): TIdC_INT;
 
-  function EVP_OpenInit(ctx: PEVP_CIPHER_CTX; const &type: PEVP_CIPHER; const ek: PByte; ek1: TIdC_INT; const iv: PByte; priv: PEVP_PKEY): TIdC_INT;
-  function EVP_OpenFinal(ctx: PEVP_CIPHER_CTX; &out: PByte; out1: PIdC_INT): TIdC_INT;
+  function EVP_OpenInit(ctx: PEVP_CIPHER_CTX; const type_: PEVP_CIPHER; const ek: PByte; ek1: TIdC_INT; const iv: PByte; priv: PEVP_PKEY): TIdC_INT;
+  function EVP_OpenFinal(ctx: PEVP_CIPHER_CTX; out_: PByte; out1: PIdC_INT): TIdC_INT;
 
-  function EVP_SealInit(ctx: PEVP_CIPHER_CTX; const &type: EVP_CIPHER; ek: PPByte; ek1: PIdC_INT; iv: PByte; pubk: PPEVP_PKEY; npubk: TIdC_INT): TIdC_INT;
-  function EVP_SealFinal(ctx: PEVP_CIPHER_CTX; &out: PByte; out1: PIdC_INT): TIdC_INT;
+  function EVP_SealInit(ctx: PEVP_CIPHER_CTX; const type_: EVP_CIPHER; ek: PPByte; ek1: PIdC_INT; iv: PByte; pubk: PPEVP_PKEY; npubk: TIdC_INT): TIdC_INT;
+  function EVP_SealFinal(ctx: PEVP_CIPHER_CTX; out_: PByte; out1: PIdC_INT): TIdC_INT;
 
   function EVP_ENCODE_CTX_new: PEVP_ENCODE_CTX;
   procedure EVP_ENCODE_CTX_free(ctx: PEVP_ENCODE_CTX);
   function EVP_ENCODE_CTX_copy(dctx: PEVP_ENCODE_CTX; sctx: PEVP_ENCODE_CTX): TIdC_INT;
   function EVP_ENCODE_CTX_num(ctx: PEVP_ENCODE_CTX): TIdC_INT;
   procedure EVP_EncodeInit(ctx: PEVP_ENCODE_CTX);
-  function EVP_EncodeUpdate(ctx: PEVP_ENCODE_CTX; &out: PByte; out1: PIdC_INT; const &in: PByte; in1: TIdC_INT): TIdC_INT;
-  procedure EVP_EncodeFinal(ctx: PEVP_ENCODE_CTX; &out: PByte; out1: PIdC_INT);
+  function EVP_EncodeUpdate(ctx: PEVP_ENCODE_CTX; out_: PByte; out1: PIdC_INT; const in_: PByte; in1: TIdC_INT): TIdC_INT;
+  procedure EVP_EncodeFinal(ctx: PEVP_ENCODE_CTX; out_: PByte; out1: PIdC_INT);
   function EVP_EncodeBlock(t: PByte; const f: PByte; n: TIdC_INT): TIdC_INT;
 
   procedure EVP_DecodeInit(ctx: PEVP_ENCODE_CTX);
-  function EVP_DecodeUpdate(ctx: PEVP_ENCODE_CTX; &out: PByte; out1: PIdC_INT; const &in: PByte; in1: TIdC_INT): TIdC_INT;
-  function EVP_DecodeFinal(ctx: PEVP_ENCODE_CTX; &out: PByte; out1: PIdC_INT): TIdC_INT;
+  function EVP_DecodeUpdate(ctx: PEVP_ENCODE_CTX; out_: PByte; out1: PIdC_INT; const in_: PByte; in1: TIdC_INT): TIdC_INT;
+  function EVP_DecodeFinal(ctx: PEVP_ENCODE_CTX; out_: PByte; out1: PIdC_INT): TIdC_INT;
   function EVP_DecodeBlock(t: PByte; const f: PByte; n: TIdC_INT): TIdC_INT;
 
   function EVP_CIPHER_CTX_new: PEVP_CIPHER_CTX;
@@ -788,7 +786,7 @@ function EVP_PKEY_assign_POLY1305(pkey: PEVP_PKEY; polykey: Pointer): TIdC_INT;
   procedure EVP_CIPHER_CTX_free(c: PEVP_CIPHER_CTX);
   function EVP_CIPHER_CTX_set_key_length(x: PEVP_CIPHER_CTX; keylen: TIdC_INT): TIdC_INT;
   function EVP_CIPHER_CTX_set_padding(c: PEVP_CIPHER_CTX; pad: TIdC_INT): TIdC_INT;
-  function EVP_CIPHER_CTX_ctrl(ctx: PEVP_CIPHER_CTX; &type: TIdC_INT; arg: TIdC_INT; ptr: Pointer): TIdC_INT;
+  function EVP_CIPHER_CTX_ctrl(ctx: PEVP_CIPHER_CTX; type_: TIdC_INT; arg: TIdC_INT; ptr: Pointer): TIdC_INT;
   function EVP_CIPHER_CTX_rand_key(ctx: PEVP_CIPHER_CTX; key: PByte): TIdC_INT;
 
   function BIO_f_md: PBIO_METHOD;
@@ -815,7 +813,7 @@ function EVP_PKEY_assign_POLY1305(pkey: PEVP_PKEY; polykey: Pointer): TIdC_INT;
   function EVP_sha3_512: PEVP_MD;
   function EVP_shake128: PEVP_MD;
   function EVP_shake256: PEVP_MD;
-
+
   (* does nothing :-) *)
   function EVP_enc_null: PEVP_CIPHER;
 
@@ -1015,12 +1013,12 @@ function EVP_PKEY_assign_POLY1305(pkey: PEVP_PKEY; polykey: Pointer): TIdC_INT;
   function EVP_PKEY_size(const pkey: PEVP_PKEY): TIdC_INT;
   function EVP_PKEY_set_type(pkey: PEVP_PKEY): TIdC_INT;
   function EVP_PKEY_set_type_str(pkey: PEVP_PKEY; const str: PIdAnsiChar; len: TIdC_INT): TIdC_INT;
-  function EVP_PKEY_set_alias_type(pkey: PEVP_PKEY; &type: TIdC_INT): TIdC_INT;
+  function EVP_PKEY_set_alias_type(pkey: PEVP_PKEY; type_: TIdC_INT): TIdC_INT;
 
   function EVP_PKEY_set1_engine(pkey: PEVP_PKEY; e: PENGINE): TIdC_INT;
   function EVP_PKEY_get0_engine(const pkey: PEVP_PKEY): PENGINE;
 
-  function EVP_PKEY_assign(pkey: PEVP_PKEY; &type: TIdC_INT; key: Pointer): TIdC_INT;
+  function EVP_PKEY_assign(pkey: PEVP_PKEY; type_: TIdC_INT; key: Pointer): TIdC_INT;
   function EVP_PKEY_get0(const pkey: PEVP_PKEY): Pointer;
   function EVP_PKEY_get0_hmac(const pkey: PEVP_PKEY; len: PIdC_SIZET): PByte;
   function EVP_PKEY_get0_poly1305(const pkey: PEVP_PKEY; len: PIdC_SIZET): PByte;
@@ -1072,17 +1070,17 @@ function EVP_PKEY_assign_POLY1305(pkey: PEVP_PKEY; polykey: Pointer): TIdC_INT;
   function EVP_CIPHER_type(const ctx: PEVP_CIPHER): TIdC_INT;
 
   (* calls methods *)
-  function EVP_CIPHER_param_to_asn1(c: PEVP_CIPHER_CTX; &type: PASN1_TYPE): TIdC_INT;
-  function EVP_CIPHER_asn1_to_param(c: PEVP_CIPHER_CTX; &type: PASN1_TYPE): TIdC_INT;
+  function EVP_CIPHER_param_to_asn1(c: PEVP_CIPHER_CTX; type_: PASN1_TYPE): TIdC_INT;
+  function EVP_CIPHER_asn1_to_param(c: PEVP_CIPHER_CTX; type_: PASN1_TYPE): TIdC_INT;
 
   (* These are used by EVP_CIPHER methods *)
-  function EVP_CIPHER_set_asn1_iv(c: PEVP_CIPHER_CTX; &type: PASN1_TYPE): TIdC_INT;
-  function EVP_CIPHER_get_asn1_iv(c: PEVP_CIPHER_CTX; &type: PASN1_TYPE): TIdC_INT;
+  function EVP_CIPHER_set_asn1_iv(c: PEVP_CIPHER_CTX; type_: PASN1_TYPE): TIdC_INT;
+  function EVP_CIPHER_get_asn1_iv(c: PEVP_CIPHER_CTX; type_: PASN1_TYPE): TIdC_INT;
 
   (* PKCS5 password based encryption *)
   function PKCS5_PBE_keyivgen(ctx: PEVP_CIPHER_CTX; const pass: PIdAnsiChar; passlen: TIdC_INT; param: PASN1_TYPE; const cipher: PEVP_CIPHER; const md: PEVP_MD; en_de: TIdC_INT): TIdC_INT;
-  function PKCS5_PBKDF2_HMAC_SHA1(const pass: PIdAnsiChar; passlen: TIdC_INT; const salt: PByte; saltlen: TIdC_INT; iter: TIdC_INT; keylen: TIdC_INT; &out: PByte): TIdC_INT;
-  function PKCS5_PBKDF2_HMAC(const pass: PIdAnsiChar; passlen: TIdC_INT; const salt: PByte; saltlen: TIdC_INT; iter: TIdC_INT; const digest: PEVP_MD; keylen: TIdC_INT; &out: PByte): TIdC_INT;
+  function PKCS5_PBKDF2_HMAC_SHA1(const pass: PIdAnsiChar; passlen: TIdC_INT; const salt: PByte; saltlen: TIdC_INT; iter: TIdC_INT; keylen: TIdC_INT; out_: PByte): TIdC_INT;
+  function PKCS5_PBKDF2_HMAC(const pass: PIdAnsiChar; passlen: TIdC_INT; const salt: PByte; saltlen: TIdC_INT; iter: TIdC_INT; const digest: PEVP_MD; keylen: TIdC_INT; out_: PByte): TIdC_INT;
   function PKCS5_v2_PBE_keyivgen(ctx: PEVP_CIPHER_CTX; const pass: PIdAnsiChar; passlen: TIdC_INT; param: PASN1_TYPE; const cipher: PEVP_CIPHER; const md: PEVP_MD; en_de: TIdC_INT): TIdC_INT;
 
   function EVP_PBE_scrypt(const pass: PIdAnsiChar; passlen: TIdC_SIZET; const salt: PByte; saltlen: TIdC_SIZET; N: TIdC_UINT64; r: TIdC_UINT64; p: TIdC_UINT64; maxmem: TIdC_UINT64; key: PByte; keylen: TIdC_SIZET): TIdC_INT;
@@ -1102,7 +1100,7 @@ function EVP_PKEY_assign_POLY1305(pkey: PEVP_PKEY; polykey: Pointer): TIdC_INT;
 
   function EVP_PKEY_asn1_get_count: TIdC_INT;
   function EVP_PKEY_asn1_get0(idx: TIdC_INT): PEVP_PKEY_ASN1_METHOD;
-  function EVP_PKEY_asn1_find(pe: PPENGINE; &type: TIdC_INT): PEVP_PKEY_ASN1_METHOD;
+  function EVP_PKEY_asn1_find(pe: PPENGINE; type_: TIdC_INT): PEVP_PKEY_ASN1_METHOD;
   function EVP_PKEY_asn1_find_str(pe: PPENGINE; const str: PIdAnsiChar; len: TIdC_INT): PEVP_PKEY_ASN1_METHOD;
   function EVP_PKEY_asn1_add0(const ameth: PEVP_PKEY_ASN1_METHOD): TIdC_INT;
   function EVP_PKEY_asn1_add_alias(&to: TIdC_INT; from: TIdC_INT): TIdC_INT;
@@ -1152,7 +1150,7 @@ function EVP_PKEY_assign_POLY1305(pkey: PEVP_PKEY; polykey: Pointer): TIdC_INT;
   procedure EVP_PKEY_CTX_free(ctx: PEVP_PKEY_CTX);
 
   function EVP_PKEY_CTX_ctrl(ctx: PEVP_PKEY_CTX; keytype: TIdC_INT; optype: TIdC_INT; cmd: TIdC_INT; p1: TIdC_INT; p2: Pointer): TIdC_INT;
-  function EVP_PKEY_CTX_ctrl_str(ctx: PEVP_PKEY_CTX; const &type: PIdAnsiChar; const value: PIdAnsiChar): TIdC_INT;
+  function EVP_PKEY_CTX_ctrl_str(ctx: PEVP_PKEY_CTX; const type_: PIdAnsiChar; const value: PIdAnsiChar): TIdC_INT;
   function EVP_PKEY_CTX_ctrl_uint64(ctx: PEVP_PKEY_CTX; keytype: TIdC_INT; optype: TIdC_INT; cmd: TIdC_INT; value: TIdC_UINT64): TIdC_INT;
 
   function EVP_PKEY_CTX_str2ctrl(ctx: PEVP_PKEY_CTX; cmd: TIdC_INT; const str: PIdAnsiChar): TIdC_INT;
@@ -1187,9 +1185,9 @@ function EVP_PKEY_assign_POLY1305(pkey: PEVP_PKEY; polykey: Pointer): TIdC_INT;
   function EVP_PKEY_verify_recover_init(ctx: PEVP_PKEY_CTX): TIdC_INT;
   function EVP_PKEY_verify_recover(ctx: PEVP_PKEY_CTX; rout: PByte; routlen: PIdC_SIZET; const sig: PByte; siglen: TIdC_SIZET): TIdC_INT;
   function EVP_PKEY_encrypt_init(ctx: PEVP_PKEY_CTX): TIdC_INT;
-  function EVP_PKEY_encrypt(ctx: PEVP_PKEY_CTX; &out: PByte; outlen: PIdC_SIZET; const &in: PByte; inlen: TIdC_SIZET): TIdC_INT;
+  function EVP_PKEY_encrypt(ctx: PEVP_PKEY_CTX; out_: PByte; outlen: PIdC_SIZET; const in_: PByte; inlen: TIdC_SIZET): TIdC_INT;
   function EVP_PKEY_decrypt_init(ctx: PEVP_PKEY_CTX): TIdC_INT;
-  function EVP_PKEY_decrypt(ctx: PEVP_PKEY_CTX; &out: PByte; outlen: PIdC_SIZET; const &in: PByte; inlen: TIdC_SIZET): TIdC_INT;
+  function EVP_PKEY_decrypt(ctx: PEVP_PKEY_CTX; out_: PByte; outlen: PIdC_SIZET; const in_: PByte; inlen: TIdC_SIZET): TIdC_INT;
 
   function EVP_PKEY_derive_init(ctx: PEVP_PKEY_CTX): TIdC_INT;
   function EVP_PKEY_derive_set_peer(ctx: PEVP_PKEY_CTX; peer: PEVP_PKEY): TIdC_INT;
@@ -1290,19 +1288,18 @@ function EVP_PKEY_assign_POLY1305(pkey: PEVP_PKEY; polykey: Pointer): TIdC_INT;
 
   procedure EVP_add_alg_module;
 
-implementation
-
-{$REGION 'C compiler macros'}
-//#  define EVP_PKEY_assign_RSA(pkey,rsa) EVP_PKEY_assign((pkey),EVP_PKEY_RSA, (char *)(rsa))
-function EVP_PKEY_assign_RSA(pkey: PEVP_PKEY; rsa: Pointer): TIdC_INT;
-begin
-  Result := EVP_PKEY_assign(pkey, EVP_PKEY_RSA, rsa);
-end;
+implementation
+
+//#  define EVP_PKEY_assign_RSA(pkey,rsa) EVP_PKEY_assign((pkey),EVP_PKEY_RSA, (char *)(rsa))
+function EVP_PKEY_assign_RSA(pkey: PEVP_PKEY; rsa: Pointer): TIdC_INT;
+begin
+  Result := EVP_PKEY_assign(pkey, EVP_PKEY_RSA, rsa);
+end;
 
 //#  define EVP_PKEY_assign_DSA(pkey,dsa) EVP_PKEY_assign((pkey),EVP_PKEY_DSA, (char *)(dsa))
 function EVP_PKEY_assign_DSA(pkey: PEVP_PKEY; dsa: Pointer): TIdC_INT;
 begin
-  Result := EVP_PKEY_assign(pkey, EVP_PKEY_DSA, dsa);
+  Result := EVP_PKEY_assign(pkey, EVP_PKEY_DSA, dsa);
 end;
 
 //#  define EVP_PKEY_assign_DH(pkey,dh) EVP_PKEY_assign((pkey),EVP_PKEY_DH, (char *)(dh))
@@ -1328,6 +1325,5 @@ function EVP_PKEY_assign_POLY1305(pkey: PEVP_PKEY; polykey: Pointer): TIdC_INT;
 begin
   Result := EVP_PKEY_assign(pkey, EVP_PKEY_POLY1305, polykey);
 end;
-{$ENDREGION}
-
-end.
+
+end.
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_idea.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_idea.pas
index a1de54434..e2e34183c 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_idea.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_idea.pas
@@ -58,12 +58,12 @@   idea_key_st = record
 
 var
   function IDEA_options: PIdAnsiChar;
-  procedure IDEA_ecb_encrypt(const &in: PByte; &out: PByte; ks: PIDEA_KEY_SCHEDULE);
+  procedure IDEA_ecb_encrypt(const in_: PByte; out_: PByte; ks: PIDEA_KEY_SCHEDULE);
   procedure IDEA_set_encrypt_key(const key: PByte; ks: PIDEA_KEY_SCHEDULE);
   procedure IDEA_set_decrypt_key(ek: PIDEA_KEY_SCHEDULE; dk: PIDEA_KEY_SCHEDULE);
-  procedure IDEA_cbc_encrypt(const &in: PByte; &out: PByte; length: TIdC_LONG; ks: PIDEA_KEY_SCHEDULE; iv: PByte; enc: TIdC_INT);
-  procedure IDEA_cfb64_encrypt(const &in: PByte; &out: PByte; length: TIdC_LONG; ks: PIDEA_KEY_SCHEDULE; iv: PByte; num: PIdC_INT; enc: TIdC_INT);
-  procedure IDEA_ofb64_encrypt(const &in: PByte; &out: PByte; length: TIdC_LONG; ks: PIDEA_KEY_SCHEDULE; iv: PByte; num: PIdC_INT);
+  procedure IDEA_cbc_encrypt(const in_: PByte; out_: PByte; length: TIdC_LONG; ks: PIDEA_KEY_SCHEDULE; iv: PByte; enc: TIdC_INT);
+  procedure IDEA_cfb64_encrypt(const in_: PByte; out_: PByte; length: TIdC_LONG; ks: PIDEA_KEY_SCHEDULE; iv: PByte; num: PIdC_INT; enc: TIdC_INT);
+  procedure IDEA_ofb64_encrypt(const in_: PByte; out_: PByte; length: TIdC_LONG; ks: PIDEA_KEY_SCHEDULE; iv: PByte; num: PIdC_INT);
   procedure IDEA_encrypt(&in: PIdC_LONG; ks: PIDEA_KEY_SCHEDULE);
 
 implementation
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_objects.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_objects.pas
index aef7c2079..4e9e4358d 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_objects.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_objects.pas
@@ -41,7 +41,7 @@ interface
 
 type
   obj_name_st = record
-    &type: TIdC_INT;
+    type_: TIdC_INT;
     alias: TIdC_INT;
     name: PIdAnsiChar;
     data: PIdAnsiChar;
@@ -56,13 +56,13 @@   obj_name_st = record
   //TIdC_INT OBJ_NAME_new_index(TIdC_ULONG (*hash_func) (const PIdAnsiChar *);
   //                       TIdC_INT (*cmp_func) (const PIdAnsiChar *; const PIdAnsiChar *);
   //                       void (*free_func) (const PIdAnsiChar *; TIdC_INT; const PIdAnsiChar *));
-  function OBJ_NAME_get(const name: PIdAnsiChar; &type: TIdC_INT): PIdAnsiChar;
-  function OBJ_NAME_add(const name: PIdAnsiChar; &type: TIdC_INT; const data: PIdAnsiChar): TIdC_INT;
-  function OBJ_NAME_remove(const name: PIdAnsiChar; &type: TIdC_INT): TIdC_INT;
+  function OBJ_NAME_get(const name: PIdAnsiChar; type_: TIdC_INT): PIdAnsiChar;
+  function OBJ_NAME_add(const name: PIdAnsiChar; type_: TIdC_INT; const data: PIdAnsiChar): TIdC_INT;
+  function OBJ_NAME_remove(const name: PIdAnsiChar; type_: TIdC_INT): TIdC_INT;
   procedure OBJ_NAME_cleanup(&type: TIdC_INT);
-//  void OBJ_NAME_do_all(TIdC_INT &type; void (*fn) (const OBJ_NAME *; void *arg);
+//  void OBJ_NAME_do_all(TIdC_INT type_; void (*fn) (const OBJ_NAME *; void *arg);
 //                       void *arg);
-//  void OBJ_NAME_do_all_sorted(TIdC_INT &type;
+//  void OBJ_NAME_do_all_sorted(TIdC_INT type_;
 //                              void (*fn) (const OBJ_NAME *; void *arg);
 //                              void *arg);
 
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ossl_typ.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ossl_typ.pas
index 328f60c70..147074d48 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ossl_typ.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ossl_typ.pas
@@ -1,47 +1,48 @@
-{******************************************************************************}
-{                                                                              }
-{            Indy (Internet Direct) - Internet Protocols Simplified            }
-{                                                                              }
-{            https://www.indyproject.org/                                      }
-{            https://gitter.im/IndySockets/Indy                                }
-{                                                                              }
-{******************************************************************************}
-{                                                                              }
-{  This file is part of the Indy (Internet Direct) project, and is offered     }
-{  under the dual-licensing agreement described on the Indy website.           }
-{  (https://www.indyproject.org/license/)                                      }
-{                                                                              }
-{  Copyright:                                                                  }
-{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
-{                                                                              }
-{******************************************************************************}
-{                                                                              }
-{        Originally written by: Fabian S. Biehn                                }
-{                               fbiehn@aagon.com (German & English)            }
-{                                                                              }
-{        Contributers:                                                         }
-{                               Here could be your name                        }
-{                                                                              }
-{******************************************************************************}
-
-unit IdOpenSSLHeaders_ossl_typ;
-
-interface
-
-// Headers for OpenSSL 1.1.1
-// ossl_typ.h
-
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+unit IdOpenSSLHeaders_ossl_typ;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// ossl_typ.h
+
 {$i IdCompilerDefines.inc}
 
 uses
-  IdCTypes,
-  IdGlobal,
-  IdOpenSSLConsts;
-
type
-{$REGION 'moved from unit "asn1" to prevent circular references'}
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+type
+// moved from unit "asn1" to prevent circular references
   asn1_string_st = record
     length: TIdC_INT;
-    &type: TIdC_INT;
+    type_: TIdC_INT;
     data: PByte;
     (*
      * The value of the following field depends on the type being held.  It
@@ -49,22 +50,21 @@   asn1_string_st = record
      * non-zero 'unused bits' value, it will be handled correctly
      *)
     flags: TIdC_LONG;
-  end;
-{$ENDREGION}
-
-  // moved from asn1  
-  ASN1_VALUE_st = type Pointer;
-  ASN1_VALUE = ASN1_VALUE_st;
-  PASN1_VALUE = ^ASN1_VALUE;
-  PPASN1_VALUE = ^PASN1_VALUE;
-
-  // moved from e_os2
-  ossl_ssize_t = type {$IFDEF WIN64}TIdC_INT64{$ELSE}TIdC_INT{$ENDIF};
-
-  asn1_object_st = type Pointer;
-  ASN1_OBJECT = asn1_object_st;
-  PASN1_OBJECT = ^ASN1_OBJECT;
-  PPASN1_OBJECT = ^PASN1_OBJECT;
+  end;
+
+  // moved from asn1  
+  ASN1_VALUE_st = type Pointer;
+  ASN1_VALUE = ASN1_VALUE_st;
+  PASN1_VALUE = ^ASN1_VALUE;
+  PPASN1_VALUE = ^PASN1_VALUE;
+
+  // moved from e_os2
+  ossl_ssize_t = type {$IFDEF WIN64}TIdC_INT64{$ELSE}TIdC_INT{$ENDIF};
+
+  asn1_object_st = type Pointer;
+  ASN1_OBJECT = asn1_object_st;
+  PASN1_OBJECT = ^ASN1_OBJECT;
+  PPASN1_OBJECT = ^PASN1_OBJECT;
 
   ASN1_INTEGER = type asn1_string_st;
   PASN1_INTEGER = ^ASN1_INTEGER;
@@ -74,11 +74,11 @@   asn1_string_st = record
   PASN1_ENUMERATED = ^ASN1_ENUMERATED;
 
   ASN1_BIT_STRING = type asn1_string_st;
-  PASN1_BIT_STRING = ^ASN1_BIT_STRING;
+  PASN1_BIT_STRING = ^ASN1_BIT_STRING;
   PPASN1_BIT_STRING = ^PASN1_BIT_STRING;
 
   ASN1_OCTET_STRING = type asn1_string_st;
-  PASN1_OCTET_STRING = ^ASN1_OCTET_STRING;
+  PASN1_OCTET_STRING = ^ASN1_OCTET_STRING;
   PPASN1_OCTET_STRING = ^PASN1_OCTET_STRING;
 
   ASN1_PRINTABLESTRING = type asn1_string_st;
@@ -106,7 +106,7 @@   asn1_string_st = record
   PASN1_TIME = ^ASN1_TIME;
 
   ASN1_GENERALIZEDTIME = type asn1_string_st;
-  PASN1_GENERALIZEDTIME = ^ASN1_GENERALIZEDTIME;
+  PASN1_GENERALIZEDTIME = ^ASN1_GENERALIZEDTIME;
   PPASN1_GENERALIZEDTIME = ^PASN1_GENERALIZEDTIME;
 
   ASN1_VISIBLESTRING = type asn1_string_st;
@@ -116,7 +116,7 @@   asn1_string_st = record
   PASN1_UTF8STRING = ^ASN1_UTF8STRING;
 
   ASN1_STRING = type asn1_string_st;
-  PASN1_STRING = ^ASN1_STRING;
+  PASN1_STRING = ^ASN1_STRING;
   PPASN1_STRING = ^PASN1_STRING;
 
   ASN1_BOOLEAN = type TIdC_INT;
@@ -124,21 +124,21 @@   asn1_string_st = record
 
   ASN1_NULL = type TIdC_INT;
   PASN1_NULL = ^ASN1_NULL;
-
+
   
   ASN1_ITEM_st = type Pointer;
-  ASN1_ITEM = ASN1_ITEM_st;
-  PASN1_ITEM = ^ASN1_ITEM;
+  ASN1_ITEM = ASN1_ITEM_st;
+  PASN1_ITEM = ^ASN1_ITEM;
   
   asn1_pctx_st = type Pointer;
-  ASN1_PCTX = asn1_pctx_st;
-  PASN1_PCTX = ^ASN1_PCTX;
+  ASN1_PCTX = asn1_pctx_st;
+  PASN1_PCTX = ^ASN1_PCTX;
   
-  asn1_sctx_st = type Pointer;
-  ASN1_SCTX = asn1_sctx_st;
-  PASN1_SCTX = ^ASN1_SCTX;
-
-  dane_st = type Pointer;
+  asn1_sctx_st = type Pointer;
+  ASN1_SCTX = asn1_sctx_st;
+  PASN1_SCTX = ^ASN1_SCTX;
+
+  dane_st = type Pointer;
   bio_st = type Pointer;
   BIO = bio_st;
   PBIO = ^BIO;
@@ -159,371 +159,370 @@   asn1_string_st = record
   bn_recp_ctx_st = type Pointer;
   BN_RECP_CTX = bn_recp_ctx_st;
   PBN_RECP_CTX = ^BN_RECP_CTX;
-  bn_gencb_st = type Pointer;
+  bn_gencb_st = type Pointer;
   BN_GENCB = bn_gencb_st;
-  PBN_GENCB = ^BN_GENCB;
+  PBN_GENCB = ^BN_GENCB;
   
-  buf_mem_st = type Pointer;
+  buf_mem_st = type Pointer;
   BUF_MEM = buf_mem_st;
-  PBUF_MEM = ^BUF_MEM;
-
-  evp_cipher_st = type Pointer;
+  PBUF_MEM = ^BUF_MEM;
+
+  evp_cipher_st = type Pointer;
   EVP_CIPHER = evp_cipher_st;
-  PEVP_CIPHER = ^EVP_CIPHER;
+  PEVP_CIPHER = ^EVP_CIPHER;
   PPEVP_CIPHER = ^PEVP_CIPHER;
   evp_cipher_ctx_st = type Pointer;
   EVP_CIPHER_CTX = evp_cipher_ctx_st;
   PEVP_CIPHER_CTX = ^EVP_CIPHER_CTX;
   evp_md_st = type Pointer;
   EVP_MD = evp_md_st;
-  PEVP_MD = ^EVP_MD;
+  PEVP_MD = ^EVP_MD;
   PPEVP_MD = ^PEVP_MD;
   evp_md_ctx_st = type Pointer;
   EVP_MD_CTX = evp_md_ctx_st;
   PEVP_MD_CTX = ^EVP_MD_CTX;
-  evp_pkey_st = type Pointer;
+  evp_pkey_st = type Pointer;
   EVP_PKEY = evp_pkey_st;
-  PEVP_PKEY = ^EVP_PKEY;
-  PPEVP_PKEY = ^PEVP_PKEY;
+  PEVP_PKEY = ^EVP_PKEY;
+  PPEVP_PKEY = ^PEVP_PKEY;
   
-  evp_pkey_asn1_method_st = type Pointer;
+  evp_pkey_asn1_method_st = type Pointer;
   EVP_PKEY_ASN1_METHOD = evp_pkey_asn1_method_st;
-  PEVP_PKEY_ASN1_METHOD = ^EVP_PKEY_ASN1_METHOD;
-  PPEVP_PKEY_ASN1_METHOD = ^PEVP_PKEY_ASN1_METHOD;
+  PEVP_PKEY_ASN1_METHOD = ^EVP_PKEY_ASN1_METHOD;
+  PPEVP_PKEY_ASN1_METHOD = ^PEVP_PKEY_ASN1_METHOD;
   
   evp_pkey_method_st = type Pointer;
   EVP_PKEY_METHOD = evp_pkey_method_st;
-  PEVP_PKEY_METHOD = ^EVP_PKEY_METHOD;
+  PEVP_PKEY_METHOD = ^EVP_PKEY_METHOD;
   PPEVP_PKEY_METHOD = ^PEVP_PKEY_METHOD;
-  evp_pkey_ctx_st = type Pointer;
+  evp_pkey_ctx_st = type Pointer;
   EVP_PKEY_CTX = evp_pkey_ctx_st;
-  PEVP_PKEY_CTX = ^EVP_PKEY_CTX;
-  PPEVP_PKEY_CTX = ^PEVP_PKEY_CTX;
+  PEVP_PKEY_CTX = ^EVP_PKEY_CTX;
+  PPEVP_PKEY_CTX = ^PEVP_PKEY_CTX;
   
-  evp_Encode_Ctx_st = type Pointer;
+  evp_Encode_Ctx_st = type Pointer;
   EVP_ENCODE_CTX = evp_Encode_Ctx_st;
   PEVP_ENCODE_CTX = ^EVP_ENCODE_CTX;
 
-  hmac_ctx_st = type Pointer;
+  hmac_ctx_st = type Pointer;
   HMAC_CTX = hmac_ctx_st;
-  PHMAC_CTX = ^HMAC_CTX;
+  PHMAC_CTX = ^HMAC_CTX;
   
-  dh_st = type Pointer;
+  dh_st = type Pointer;
   DH = dh_st;
-  PDH = ^DH;
+  PDH = ^DH;
   PPDH = ^PDH;
-  dh_method_st = type Pointer;
+  dh_method_st = type Pointer;
   DH_METHOD = dh_method_st;
-  PDH_METHOD = ^DH_METHOD;
+  PDH_METHOD = ^DH_METHOD;
   
-  dsa_st = type Pointer;
+  dsa_st = type Pointer;
   DSA = dsa_st;
-  PDSA = ^DSA;
+  PDSA = ^DSA;
   PPDSA = ^PDSA;
-  dsa_method_st = type Pointer;
+  dsa_method_st = type Pointer;
   DSA_METHOD = dsa_method_st;
-  PDSA_METHOD = ^DSA_METHOD;
+  PDSA_METHOD = ^DSA_METHOD;
   
-  rsa_st = type Pointer;
+  rsa_st = type Pointer;
   RSA = rsa_st;
-  PRSA = ^RSA;
+  PRSA = ^RSA;
   PPRSA = ^PRSA;
-  rsa_meth_st = type Pointer;
+  rsa_meth_st = type Pointer;
   RSA_METHOD = rsa_meth_st;
   PRSA_METHOD = ^RSA_METHOD;
 
   ec_key_st = type Pointer;
   EC_KEY = ec_key_st;
-  PEC_KEY = ^EC_KEY;
+  PEC_KEY = ^EC_KEY;
   PPEC_KEY = ^PEC_KEY;
-  ec_key_method_st = type Pointer;
+  ec_key_method_st = type Pointer;
   EC_KEY_METHOD = ec_key_method_st;
-  PEC_KEY_METHOD = ^EC_KEY_METHOD;
+  PEC_KEY_METHOD = ^EC_KEY_METHOD;
   
-  rand_meth_st = type Pointer;
+  rand_meth_st = type Pointer;
   RAND_METHOD = rand_meth_st;
   PRAND_METHOD = ^RAND_METHOD;
-  rand_drbg_st = type Pointer;
+  rand_drbg_st = type Pointer;
   RAND_DRBG = rand_drbg_st;
-  PRAND_DRBG = ^RAND_DRBG;
-  
-  ssl_dane_st = type Pointer;
+  PRAND_DRBG = ^RAND_DRBG;
+  
+  ssl_dane_st = type Pointer;
   SSL_DANE = ssl_dane_st;
   PSSL_DANE = ^SSL_DANE;
-  x509_st = type Pointer;
+  x509_st = type Pointer;
   X509 = x509_st;
-  PX509 = ^X509;
+  PX509 = ^X509;
   PPX509 = ^PX509;
-  X509_crl_st = type Pointer;
+  X509_crl_st = type Pointer;
   X509_CRL = X509_crl_st;
-  PX509_CRL = ^X509_CRL;
+  PX509_CRL = ^X509_CRL;
   PPX509_CRL = ^PX509_CRL;
-  x509_crl_method_st = type Pointer;
+  x509_crl_method_st = type Pointer;
   X509_CRL_METHOD = x509_crl_method_st;
   PX509_CRL_METHOD = ^X509_CRL_METHOD;
-  x509_revoked_st = type Pointer;
+  x509_revoked_st = type Pointer;
   X509_REVOKED = x509_revoked_st;
   PX509_REVOKED = ^X509_REVOKED;
-  X509_name_st = type Pointer;
+  X509_name_st = type Pointer;
   X509_NAME = X509_name_st;
-  PX509_NAME = ^X509_NAME;
+  PX509_NAME = ^X509_NAME;
   PPX509_NAME = ^PX509_NAME;
-  X509_pubkey_st = type Pointer;
+  X509_pubkey_st = type Pointer;
   X509_PUBKEY = X509_pubkey_st;
-  PX509_PUBKEY = ^X509_PUBKEY;
+  PX509_PUBKEY = ^X509_PUBKEY;
   PPX509_PUBKEY = ^PX509_PUBKEY;
-  x509_store_st = type Pointer;
+  x509_store_st = type Pointer;
   X509_STORE = x509_store_st;
   PX509_STORE = ^X509_STORE;
-  x509_store_ctx_st = type Pointer;
-  X509_STORE_CTX = x509_store_ctx_st;
-  PX509_STORE_CTX = ^X509_STORE_CTX;
-  
-  x509_object_st = type Pointer;
+  x509_store_ctx_st = type Pointer;
+  X509_STORE_CTX = x509_store_ctx_st;
+  PX509_STORE_CTX = ^X509_STORE_CTX;
+  
+  x509_object_st = type Pointer;
   X509_OBJECT = x509_object_st;
   PX509_OBJECT = ^X509_OBJECT;
-  x509_lookup_st = type Pointer;
+  x509_lookup_st = type Pointer;
   X509_LOOKUP = x509_lookup_st;
   PX509_LOOKUP = ^X509_LOOKUP;
-  x509_lookup_method_st = type Pointer;
+  x509_lookup_method_st = type Pointer;
   X509_LOOKUP_METHOD = x509_lookup_method_st;
   PX509_LOOKUP_METHOD = ^X509_LOOKUP_METHOD;
-  X509_VERIFY_PARAM_st = type Pointer;
-  X509_VERIFY_PARAM = X509_VERIFY_PARAM_st;
-  PX509_VERIFY_PARAM = ^X509_VERIFY_PARAM;
-  
-  x509_sig_info_st = type Pointer;
+  X509_VERIFY_PARAM_st = type Pointer;
+  X509_VERIFY_PARAM = X509_VERIFY_PARAM_st;
+  PX509_VERIFY_PARAM = ^X509_VERIFY_PARAM;
+  
+  x509_sig_info_st = type Pointer;
   X509_SIG_INFO = x509_sig_info_st;
   PX509_SIG_INFO = ^X509_SIG_INFO;
-
-  pkcs8_priv_key_info_st = type Pointer;
+
+  pkcs8_priv_key_info_st = type Pointer;
   PKCS8_PRIV_KEY_INFO = pkcs8_priv_key_info_st;
-  PPKCS8_PRIV_KEY_INFO = ^PKCS8_PRIV_KEY_INFO;
-  PPPKCS8_PRIV_KEY_INFO = ^PPKCS8_PRIV_KEY_INFO;
-
-// moved from x509 to prevent circular references
-  X509_REQ = type Pointer; // X509_req_st
-  PX509_REQ = ^X509_REQ;
-  PPX509_REQ = ^PX509_REQ;
-
-// moved from x509v3 to prevent circular references
-  (* Context specific info *)
-  v3_ext_ctx = record
-    flags: TIdC_INT;
-    issuer_cert: PX509;
-    subject_cert: PX509;
-    subject_req: PX509_REQ;
-    crl: PX509_CRL;
-    db_meth: Pointer; //PX509V3_CONF_METHOD;
-    db: Pointer;
-  (* Maybe more here *)
-  end;
-//  v3_ext_ctx = type Pointer;
+  PPKCS8_PRIV_KEY_INFO = ^PKCS8_PRIV_KEY_INFO;
+  PPPKCS8_PRIV_KEY_INFO = ^PPKCS8_PRIV_KEY_INFO;
+
+// moved from x509 to prevent circular references
+  X509_REQ = type Pointer; // X509_req_st
+  PX509_REQ = ^X509_REQ;
+  PPX509_REQ = ^PX509_REQ;
+
+// moved from x509v3 to prevent circular references
+  (* Context specific info *)
+  v3_ext_ctx = record
+    flags: TIdC_INT;
+    issuer_cert: PX509;
+    subject_cert: PX509;
+    subject_req: PX509_REQ;
+    crl: PX509_CRL;
+    db_meth: Pointer; //PX509V3_CONF_METHOD;
+    db: Pointer;
+  (* Maybe more here *)
+  end;
+//  v3_ext_ctx = type Pointer;
   X509V3_CTX = v3_ext_ctx;
   PX509V3_CTX = ^X509V3_CTX;
-  conf_st = type Pointer;
+  conf_st = type Pointer;
   CONF = conf_st;
   PCONF = ^CONF;
-  ossl_init_settings_st = type Pointer;
+  ossl_init_settings_st = type Pointer;
   OPENSSL_INIT_SETTINGS = ossl_init_settings_st;
-  POPENSSL_INIT_SETTINGS = ^OPENSSL_INIT_SETTINGS;
-
-  ui_st = type Pointer;
+  POPENSSL_INIT_SETTINGS = ^OPENSSL_INIT_SETTINGS;
+
+  ui_st = type Pointer;
   UI = ui_st;
   PUI = ^UI;
-  ui_method_st = type Pointer;
+  ui_method_st = type Pointer;
   UI_METHOD = ui_method_st;
-  PUI_METHOD = ^UI_METHOD;
-  
-  engine_st = type Pointer;
+  PUI_METHOD = ^UI_METHOD;
+  
+  engine_st = type Pointer;
   ENGINE = engine_st;
-  PENGINE = ^ENGINE;
+  PENGINE = ^ENGINE;
   PPENGINE = ^PENGINE;
-  ssl_st = type Pointer;
+  ssl_st = type Pointer;
   SSL = ssl_st;
   PSSL = ^SSL;
-  ssl_ctx_st = type Pointer;
+  ssl_ctx_st = type Pointer;
   SSL_CTX = ssl_ctx_st;
   PSSL_CTX = ^SSL_CTX;
-  PPSSL_CTX  = ^PSSL_CTX;
-  
-  comp_ctx_st = type Pointer;
+  PPSSL_CTX  = ^PSSL_CTX;
+  
+  comp_ctx_st = type Pointer;
   COMP_CTX = comp_ctx_st;
   PCOMP_CTX = ^COMP_CTX;
-  comp_method_st = type Pointer;
+  comp_method_st = type Pointer;
   COMP_METHOD = comp_method_st;
-  PCOMP_METHOD = ^COMP_METHOD;
-  
-  X509_POLICY_NODE_st = type Pointer;
+  PCOMP_METHOD = ^COMP_METHOD;
+  
+  X509_POLICY_NODE_st = type Pointer;
   X509_POLICY_NODE = X509_POLICY_NODE_st;
   PX509_POLICY_NODE = ^X509_POLICY_NODE;
-  X509_POLICY_LEVEL_st = type Pointer;
+  X509_POLICY_LEVEL_st = type Pointer;
   X509_POLICY_LEVEL = X509_POLICY_LEVEL_st;
   PX509_POLICY_LEVEL = ^X509_POLICY_LEVEL;
-  X509_POLICY_TREE_st = type Pointer;
+  X509_POLICY_TREE_st = type Pointer;
   X509_POLICY_TREE = X509_POLICY_TREE_st;
   PX509_POLICY_TREE = ^X509_POLICY_TREE;
-  X509_POLICY_CACHE_st = type Pointer;
+  X509_POLICY_CACHE_st = type Pointer;
   X509_POLICY_CACHE = X509_POLICY_CACHE_st;
-  PX509_POLICY_CACHE = ^X509_POLICY_CACHE;
-  
-  AUTHORITY_KEYID_st = type Pointer;
+  PX509_POLICY_CACHE = ^X509_POLICY_CACHE;
+  
+  AUTHORITY_KEYID_st = type Pointer;
   AUTHORITY_KEYID = AUTHORITY_KEYID_st;
   PAUTHORITY_KEYID = ^AUTHORITY_KEYID;
-  DIST_POINT_st = type Pointer;
+  DIST_POINT_st = type Pointer;
   DIST_POINT = DIST_POINT_st;
   PDIST_POINT = ^DIST_POINT;
-  ISSUING_DIST_POINT_st = type Pointer;
+  ISSUING_DIST_POINT_st = type Pointer;
   ISSUING_DIST_POINT = ISSUING_DIST_POINT_st;
   PISSUING_DIST_POINT = ^ISSUING_DIST_POINT;
-  NAME_CONSTRAINTS_st = type Pointer;
+  NAME_CONSTRAINTS_st = type Pointer;
   NAME_CONSTRAINTS = NAME_CONSTRAINTS_st;
-  PNAME_CONSTRAINTS = ^NAME_CONSTRAINTS;
-  
-  crypto_ex_data_st = type Pointer;
+  PNAME_CONSTRAINTS = ^NAME_CONSTRAINTS;
+  
+  crypto_ex_data_st = type Pointer;
   CRYPTO_EX_DATA = crypto_ex_data_st;
-  PCRYPTO_EX_DATA = ^CRYPTO_EX_DATA;
-  
-  ocsp_req_ctx_st = type Pointer;
+  PCRYPTO_EX_DATA = ^CRYPTO_EX_DATA;
+  
+  ocsp_req_ctx_st = type Pointer;
   OCSP_REQ_CTX = ocsp_req_ctx_st;
   POCSP_REQ_CTX = ^OCSP_REQ_CTX;
-  ocsp_response_st = type Pointer;
+  ocsp_response_st = type Pointer;
   OCSP_RESPONSE = ocsp_response_st;
   POCSP_RESPONSE = ^OCSP_RESPONSE;
-  ocsp_responder_id_st = type Pointer;
+  ocsp_responder_id_st = type Pointer;
   OCSP_RESPID = ocsp_responder_id_st;
-  POCSP_RESPID = ^OCSP_RESPID;
-  
-  sct_st = type Pointer;
+  POCSP_RESPID = ^OCSP_RESPID;
+  
+  sct_st = type Pointer;
   SCT = sct_st;
   PSCT = ^SCT;
-  sct_ctx_st = type Pointer;
+  sct_ctx_st = type Pointer;
   SCT_CTX = sct_ctx_st;
   PSCT_CTX = ^SCT_CTX;
-  ctlog_st = type Pointer;
+  ctlog_st = type Pointer;
   CTLOG = ctlog_st;
   PCTLOG = ^CTLOG;
-  ctlog_store_st = type Pointer;
+  ctlog_store_st = type Pointer;
   CTLOG_STORE = ctlog_store_st;
   PCTLOG_STORE = ^CTLOG_STORE;
-  ct_policy_eval_ctx_st = type Pointer;
+  ct_policy_eval_ctx_st = type Pointer;
   CT_POLICY_EVAL_CTX = ct_policy_eval_ctx_st;
-  PCT_POLICY_EVAL_CTX = ^CT_POLICY_EVAL_CTX;
-  
-  ossl_store_info_st = type Pointer;
+  PCT_POLICY_EVAL_CTX = ^CT_POLICY_EVAL_CTX;
+  
+  ossl_store_info_st = type Pointer;
   OSSL_STORE_INFO = ossl_store_info_st;
   POSSL_STORE_INFO = ^OSSL_STORE_INFO;
   ossl_store_search_st = type Pointer;
-  OSSL_STORE_SEARCH = ossl_store_search_st;
+  OSSL_STORE_SEARCH = ossl_store_search_st;
   POSSL_STORE_SEARCH = ^OSSL_STORE_SEARCH;
-
-{$REGION 'moved from unit "asn1" to prevent circular references'}
-const
-  V_ASN1_UNIVERSAL = $00;
-  V_ASN1_APPLICATION = $40;
-  V_ASN1_CONTEXT_SPECIFIC = $80;
-  V_ASN1_PRIVATE = $c0;
-
-  V_ASN1_CONSTRUCTED = $20;
-  V_ASN1_PRIMITIVE_TAG = $1f;
-  V_ASN1_PRIMATIVE_TAG = V_ASN1_PRIMITIVE_TAG;
-
-  V_ASN1_APP_CHOOSE = -2; (* let the recipient choose *)
-  V_ASN1_OTHER = -3;      (* used in ASN1_TYPE *)
-  V_ASN1_ANY = -4;        (* used in ASN1 template code *)
-
-  V_ASN1_UNDEF = -1;
-  V_ASN1_EOC =  0;
-  V_ASN1_BOOLEAN = 1;
-  V_ASN1_INTEGER = 2;
-  V_ASN1_BIT_STRING = 3;
-  V_ASN1_OCTET_STRING = 4;
-  V_ASN1_NULL = 5;
-  V_ASN1_OBJECT = 6;
-  V_ASN1_OBJECT_DESCRIPTOR = 7;
-  V_ASN1_EXTERNAL = 8;
-  V_ASN1_REAL = 9;
-  V_ASN1_ENUMERATED = 10;
-  V_ASN1_UTF8STRING = 12;
-  V_ASN1_SEQUENCE = 16;
-  V_ASN1_SET = 17;
-  V_ASN1_NUMERICSTRING = 18;
-  V_ASN1_PRINTABLESTRING = 19;
-  V_ASN1_T61STRING = 20;
-  V_ASN1_TELETEXSTRING = 20;
-  V_ASN1_VIDEOTEXSTRING = 21;
-  V_ASN1_IA5STRING = 22;
-  V_ASN1_UTCTIME = 23;
-  V_ASN1_GENERALIZEDTIME = 24;
-  V_ASN1_GRAPHICSTRING = 25;
-  V_ASN1_ISO64STRING = 26;
-  V_ASN1_VISIBLESTRING = 26;
-  V_ASN1_GENERALSTRING = 27;
-  V_ASN1_UNIVERSALSTRING = 28;
-  V_ASN1_BMPSTRING = 30;
-
-type
-  asn1_type_st = record
-    case &type: TIdC_INT of
-//      (ptr: PIdAnsichar);
-      V_ASN1_BOOLEAN: (boolean: ASN1_BOOLEAN);
-//      (asn1_string: PASN1_STRING);
-      V_ASN1_OBJECT: (&object: PASN1_OBJECT);
-      V_ASN1_INTEGER: (integer: PASN1_INTEGER);
-      V_ASN1_ENUMERATED: (enumerated: PASN1_ENUMERATED);
-      V_ASN1_BIT_STRING: (bit_string: PASN1_BIT_STRING);
-      V_ASN1_OCTET_STRING: (octet_string: PASN1_OCTET_STRING);
-      V_ASN1_PRINTABLESTRING: (printablestring: PASN1_PRINTABLESTRING);
-      V_ASN1_T61STRING: (t61string: PASN1_T61STRING);
-      V_ASN1_IA5STRING: (ia5string: PASN1_IA5STRING);
-      V_ASN1_GENERALSTRING: (generalstring: PASN1_GENERALSTRING);
-      V_ASN1_BMPSTRING: (bmpstring: PASN1_BMPSTRING);
-      V_ASN1_UNIVERSALSTRING: (universalstring: PASN1_UNIVERSALSTRING);
-      V_ASN1_UTCTIME: (utctime: PASN1_UTCTIME);
-      V_ASN1_GENERALIZEDTIME: (generalizedtime: PASN1_GENERALIZEDTIME);
-      V_ASN1_VISIBLESTRING: (visiblestring: PASN1_VISIBLESTRING);
-      V_ASN1_UTF8STRING: (utf8string: PASN1_UTF8STRING);
-      (*
-       * set and sequence are left complete and still contain the set or
-       * sequence bytes
-       *)
-      V_ASN1_SET: (&set: PASN1_STRING);
-      V_ASN1_SEQUENCE: (sequence: PASN1_STRING);
-//      (asn1_value: PASN1_VALUE);
-
-//      V_ASN1_UNDEF: ;
-//      V_ASN1_EOC: ;
-//      V_ASN1_NULL: ;
-//      V_ASN1_OBJECT_DESCRIPTOR: ;
-//      V_ASN1_EXTERNAL: ;
-//      V_ASN1_REAL: ;
-//      V_ASN1_NUMERICSTRING: ;
-//      V_ASN1_TELETEXSTRING: ;
-//      V_ASN1_VIDEOTEXSTRING: ;
-//      V_ASN1_GRAPHICSTRING: ;
-//      V_ASN1_ISO64STRING: ;
-  end;
-  ASN1_TYPE = asn1_type_st;
-  PASN1_TYPE = ^ASN1_TYPE;
-  PPASN1_TYPE = ^PASN1_TYPE;
-{$ENDREGION}
-
-{$REGION 'moved from unit "x509" to prevent circular references'}
-  X509_algor_st = record
-    algorithm: PASN1_OBJECT;
-    parameter: PASN1_TYPE;
-  end; (* X509_ALGOR *)
-{$ENDREGION}
-  X509_ALGOR = X509_algor_st;
-  PX509_ALGOR = ^X509_ALGOR;
-  PPX509_ALGOR = ^PX509_ALGOR;
-  
-  i2d_of_void = type Pointer;
-  Pi2d_of_void = ^i2d_of_void;
-
-  d2i_of_void = type Pointer;
-  Pd2i_of_void = ^d2i_of_void;
-
-implementation
-
-end.
+
+// moved from unit "asn1" to prevent circular references'
+const
+  V_ASN1_UNIVERSAL = $00;
+  V_ASN1_APPLICATION = $40;
+  V_ASN1_CONTEXT_SPECIFIC = $80;
+  V_ASN1_PRIVATE = $c0;
+
+  V_ASN1_CONSTRUCTED = $20;
+  V_ASN1_PRIMITIVE_TAG = $1f;
+  V_ASN1_PRIMATIVE_TAG = V_ASN1_PRIMITIVE_TAG;
+
+  V_ASN1_APP_CHOOSE = -2; (* let the recipient choose *)
+  V_ASN1_OTHER = -3;      (* used in ASN1_TYPE *)
+  V_ASN1_ANY = -4;        (* used in ASN1 template code *)
+
+  V_ASN1_UNDEF = -1;
+  V_ASN1_EOC =  0;
+  V_ASN1_BOOLEAN = 1;
+  V_ASN1_INTEGER = 2;
+  V_ASN1_BIT_STRING = 3;
+  V_ASN1_OCTET_STRING = 4;
+  V_ASN1_NULL = 5;
+  V_ASN1_OBJECT = 6;
+  V_ASN1_OBJECT_DESCRIPTOR = 7;
+  V_ASN1_EXTERNAL = 8;
+  V_ASN1_REAL = 9;
+  V_ASN1_ENUMERATED = 10;
+  V_ASN1_UTF8STRING = 12;
+  V_ASN1_SEQUENCE = 16;
+  V_ASN1_SET = 17;
+  V_ASN1_NUMERICSTRING = 18;
+  V_ASN1_PRINTABLESTRING = 19;
+  V_ASN1_T61STRING = 20;
+  V_ASN1_TELETEXSTRING = 20;
+  V_ASN1_VIDEOTEXSTRING = 21;
+  V_ASN1_IA5STRING = 22;
+  V_ASN1_UTCTIME = 23;
+  V_ASN1_GENERALIZEDTIME = 24;
+  V_ASN1_GRAPHICSTRING = 25;
+  V_ASN1_ISO64STRING = 26;
+  V_ASN1_VISIBLESTRING = 26;
+  V_ASN1_GENERALSTRING = 27;
+  V_ASN1_UNIVERSALSTRING = 28;
+  V_ASN1_BMPSTRING = 30;
+
+type
+  asn1_type_st = record
+    case type_: TIdC_INT of
+//      (ptr: PIdAnsichar);
+      V_ASN1_BOOLEAN: (boolean: ASN1_BOOLEAN);
+//      (asn1_string: PASN1_STRING);
+      V_ASN1_OBJECT: (&object: PASN1_OBJECT);
+      V_ASN1_INTEGER: (integer: PASN1_INTEGER);
+      V_ASN1_ENUMERATED: (enumerated: PASN1_ENUMERATED);
+      V_ASN1_BIT_STRING: (bit_string: PASN1_BIT_STRING);
+      V_ASN1_OCTET_STRING: (octet_string: PASN1_OCTET_STRING);
+      V_ASN1_PRINTABLESTRING: (printablestring: PASN1_PRINTABLESTRING);
+      V_ASN1_T61STRING: (t61string: PASN1_T61STRING);
+      V_ASN1_IA5STRING: (ia5string: PASN1_IA5STRING);
+      V_ASN1_GENERALSTRING: (generalstring: PASN1_GENERALSTRING);
+      V_ASN1_BMPSTRING: (bmpstring: PASN1_BMPSTRING);
+      V_ASN1_UNIVERSALSTRING: (universalstring: PASN1_UNIVERSALSTRING);
+      V_ASN1_UTCTIME: (utctime: PASN1_UTCTIME);
+      V_ASN1_GENERALIZEDTIME: (generalizedtime: PASN1_GENERALIZEDTIME);
+      V_ASN1_VISIBLESTRING: (visiblestring: PASN1_VISIBLESTRING);
+      V_ASN1_UTF8STRING: (utf8string: PASN1_UTF8STRING);
+      (*
+       * set and sequence are left complete and still contain the set or
+       * sequence bytes
+       *)
+      V_ASN1_SET: (&set: PASN1_STRING);
+      V_ASN1_SEQUENCE: (sequence: PASN1_STRING);
+//      (asn1_value: PASN1_VALUE);
+
+//      V_ASN1_UNDEF: ;
+//      V_ASN1_EOC: ;
+//      V_ASN1_NULL: ;
+//      V_ASN1_OBJECT_DESCRIPTOR: ;
+//      V_ASN1_EXTERNAL: ;
+//      V_ASN1_REAL: ;
+//      V_ASN1_NUMERICSTRING: ;
+//      V_ASN1_TELETEXSTRING: ;
+//      V_ASN1_VIDEOTEXSTRING: ;
+//      V_ASN1_GRAPHICSTRING: ;
+//      V_ASN1_ISO64STRING: ;
+  end;
+  ASN1_TYPE = asn1_type_st;
+  PASN1_TYPE = ^ASN1_TYPE;
+  PPASN1_TYPE = ^PASN1_TYPE;
+
+// moved from unit "x509" to prevent circular references
+  X509_algor_st = record
+    algorithm: PASN1_OBJECT;
+    parameter: PASN1_TYPE;
+  end; (* X509_ALGOR *)
+
+  X509_ALGOR = X509_algor_st;
+  PX509_ALGOR = ^X509_ALGOR;
+  PPX509_ALGOR = ^PX509_ALGOR;
+  
+  i2d_of_void = type Pointer;
+  Pi2d_of_void = ^i2d_of_void;
+
+  d2i_of_void = type Pointer;
+  Pd2i_of_void = ^d2i_of_void;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_pem.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_pem.pas
index b87481978..9a609d430 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_pem.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_pem.pas
@@ -102,14 +102,14 @@ interface
   //function PEM_X509_INFO_read_bio(bp: PBIO; sk: PSTACK_OF_X509_INFO; cb: pem_password_cb; u: Pointer): PSTACK_OF_X509_INFO;
   function PEM_X509_INFO_write_bio(bp: PBIO; xi: PX509_INFO; enc: PEVP_CIPHER; kstr: PByte; klen: TIdC_INT; cd: pem_password_cb; u: Pointer): TIdC_INT;
 
-  function PEM_SignInit(ctx: PEVP_MD_CTX; &type: PEVP_MD): TIdC_INT;
+  function PEM_SignInit(ctx: PEVP_MD_CTX; type_: PEVP_MD): TIdC_INT;
   function PEM_SignUpdate(ctx: PEVP_MD_CTX; d: PByte; cnt: Byte): TIdC_INT;
   function PEM_SignFinal(ctx: PEVP_MD_CTX; sigret: PByte; siglen: PIdC_UINT; pkey: PEVP_PKEY): TIdC_INT;
 
   (* The default pem_password_cb that's used internally *)
   function PEM_def_callback(buf: PIdAnsiChar; num: TIdC_INT; rwflag: TIdC_INT; userdata: Pointer): TIdC_INT;
-  procedure PEM_proc_type(buf: PIdAnsiChar; &type: TIdC_INT);
-  procedure PEM_dek_info(buf: PIdAnsiChar; const &type: PIdAnsiChar; len: TIdC_INT; str: PIdAnsiChar);
+  procedure PEM_proc_type(buf: PIdAnsiChar; type_: TIdC_INT);
+  procedure PEM_dek_info(buf: PIdAnsiChar; const type_: PIdAnsiChar; len: TIdC_INT; str: PIdAnsiChar);
 
   function PEM_read_bio_X509(bp: PBIO; x: PPX509; cb: pem_password_cb; u: Pointer): PX509;
   function PEM_write_bio_X509(bp: PBIO; x: PX509): TIdC_INT;
@@ -193,8 +193,8 @@ interface
   function PEM_read_bio_Parameters(bp: PBIO; x: PPEVP_PKEY): PEVP_PKEY;
   function PEM_write_bio_Parameters(bp: PBIO; x: PEVP_PKEY): TIdC_INT;
 
-  function b2i_PrivateKey(const &in: PPByte; length: TIdC_LONG): PEVP_PKEY;
-  function b2i_PublicKey(const &in: PPByte; length: TIdC_LONG): PEVP_PKEY;
+  function b2i_PrivateKey(const in_: PPByte; length: TIdC_LONG): PEVP_PKEY;
+  function b2i_PublicKey(const in_: PPByte; length: TIdC_LONG): PEVP_PKEY;
   function b2i_PrivateKey_bio(&in: PBIO): PEVP_PKEY;
   function b2i_PublicKey_bio(&in: PBIO): PEVP_PKEY;
   function i2b_PrivateKey_bio(&out: PBIO; pk: PEVP_PKEY): TIdC_INT;
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_pkcs7.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_pkcs7.pas
index afad95990..2d57bf44a 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_pkcs7.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_pkcs7.pas
@@ -190,7 +190,7 @@   pkcs7_st = record
     length: TIdC_LONG;
     state: TIdC_INT;
     detached: TIdC_INT;
-    &type: PASN1_OBJECT;
+    type_: PASN1_OBJECT;
     d: pkcs7_st_d;
   end;
   PKCS7 = pkcs7_st;
@@ -206,83 +206,83 @@   pkcs7_digest_st = record
 var
   //function PKCS7_ISSUER_AND_SERIAL_new: PPKCS7_ISSUER_AND_SERIAL;
   //procedure PKCS7_ISSUER_AND_SERIAL_free(a: PPKCS7_ISSUER_AND_SERIAL);
-  //function d2i_PKCS7_ISSUER_AND_SERIAL(a: PPPKCS7_ISSUER_AND_SERIAL; const &in: PByte; len: TIdC_LONG): PPKCS7_ISSUER_AND_SERIAL;
-  //function i2d_PKCS7_ISSUER_AND_SERIAL(const a: PPKCS7_ISSUER_AND_SERIAL; &out: PByte): TIdC_INT;
+  //function d2i_PKCS7_ISSUER_AND_SERIAL(a: PPPKCS7_ISSUER_AND_SERIAL; const in_: PByte; len: TIdC_LONG): PPKCS7_ISSUER_AND_SERIAL;
+  //function i2d_PKCS7_ISSUER_AND_SERIAL(const a: PPKCS7_ISSUER_AND_SERIAL; out_: PByte): TIdC_INT;
   //function PKCS7_ISSUER_AND_SERIAL_it: PASN1_ITEM;
 
-  function PKCS7_ISSUER_AND_SERIAL_digest(data: PPKCS7_ISSUER_AND_SERIAL; const &type: PEVP_MD; md: PByte; len: PIdC_UINT): TIdC_INT;
+  function PKCS7_ISSUER_AND_SERIAL_digest(data: PPKCS7_ISSUER_AND_SERIAL; const type_: PEVP_MD; md: PByte; len: PIdC_UINT): TIdC_INT;
 
   function PKCS7_dup(p7: PPKCS7): PPKCS7;
   function d2i_PKCS7_bio(bp: PBIO; p7: PPPKCS7): PPKCS7;
   function i2d_PKCS7_bio(bp: PBIO; p7: PPKCS7): TIdC_INT;
-  function i2d_PKCS7_bio_stream(&out: PBIO; p7: PPKCS7; &in: PBIO; flags: TIdC_INT): TIdC_INT;
-  function PEM_write_bio_PKCS7_stream(&out: PBIO; p7: PPKCS7; &in: PBIO; flags: TIdC_INT): TIdC_INT;
+  function i2d_PKCS7_bio_stream(&out: PBIO; p7: PPKCS7; in_: PBIO; flags: TIdC_INT): TIdC_INT;
+  function PEM_write_bio_PKCS7_stream(&out: PBIO; p7: PPKCS7; in_: PBIO; flags: TIdC_INT): TIdC_INT;
 
 //  function PKCS7_SIGNER_INFO_new: PPKCS7_SIGNER_INFO;
 //  procedure PKCS7_SIGNER_INFO_free(a: PPKCS7_SIGNER_INFO);
-//  function d2i_PKCS7_SIGNER_INFO(a: PPPKCS7_SIGNER_INFO; const &in: PByte; len: TIdC_LONG): PPKCS7_SIGNER_INFO;
-//  function i2d_PKCS7_SIGNER_INFO(const a: PPKCS7_SIGNER_INFO; &out: PByte): TIdC_INT;
+//  function d2i_PKCS7_SIGNER_INFO(a: PPPKCS7_SIGNER_INFO; const in_: PByte; len: TIdC_LONG): PPKCS7_SIGNER_INFO;
+//  function i2d_PKCS7_SIGNER_INFO(const a: PPKCS7_SIGNER_INFO; out_: PByte): TIdC_INT;
 //  function PKCS7_SIGNER_INFO_it: PASN1_ITEM;
 //
 //  function PKCS7_RECIP_INFO_new: PPKCS7_RECIP_INFO;
 //  procedure PKCS7_RECIP_INFO_free(a: PPKCS7_RECIP_INFO);
-//  function d2i_PKCS7_RECIP_INFO(a: PPPKCS7_RECIP_INFO; const &in: PByte; len: TIdC_LONG): PPKCS7_RECIP_INFO;
-//  function i2d_PKCS7_RECIP_INFO(const a: PPKCS7_RECIP_INFO; &out: PByte): TIdC_INT;
+//  function d2i_PKCS7_RECIP_INFO(a: PPPKCS7_RECIP_INFO; const in_: PByte; len: TIdC_LONG): PPKCS7_RECIP_INFO;
+//  function i2d_PKCS7_RECIP_INFO(const a: PPKCS7_RECIP_INFO; out_: PByte): TIdC_INT;
 //  function PKCS7_RECIP_INFO_it: PASN1_ITEM;
 //
 //  function PKCS7_SIGNED_new: PPKCS7_SIGNED;
 //  procedure PKCS7_SIGNED_free(a: PPKCS7_SIGNED);
-//  function d2i_PKCS7_SIGNED(a: PPPKCS7_SIGNED; const &in: PByte; len: TIdC_LONG): PPKCS7_SIGNED;
-//  function i2d_PKCS7_SIGNED(const a: PPKCS7_SIGNED; &out: PByte): TIdC_INT;
+//  function d2i_PKCS7_SIGNED(a: PPPKCS7_SIGNED; const in_: PByte; len: TIdC_LONG): PPKCS7_SIGNED;
+//  function i2d_PKCS7_SIGNED(const a: PPKCS7_SIGNED; out_: PByte): TIdC_INT;
 //  function PKCS7_SIGNED_it: PASN1_ITEM;
 //
 //  function PKCS7_ENC_CONTENT_new: PPKCS7_ENC_CONTENT;
 //  procedure PKCS7_ENC_CONTENT_free(a: PPKCS7_ENC_CONTENT);
-//  function d2i_PKCS7_ENC_CONTENT(a: PPPKCS7_ENC_CONTENT; const &in: PByte; len: TIdC_LONG): PPKCS7_ENC_CONTENT;
-//  function i2d_PKCS7_ENC_CONTENT(const a: PPKCS7_ENC_CONTENT; &out: PByte): TIdC_INT;
+//  function d2i_PKCS7_ENC_CONTENT(a: PPPKCS7_ENC_CONTENT; const in_: PByte; len: TIdC_LONG): PPKCS7_ENC_CONTENT;
+//  function i2d_PKCS7_ENC_CONTENT(const a: PPKCS7_ENC_CONTENT; out_: PByte): TIdC_INT;
 //  function PKCS7_ENC_CONTENT_it: PASN1_ITEM;
 //
 //  function PKCS7_ENVELOPE_new: PPKCS7_ENVELOPE;
 //  procedure PKCS7_ENVELOPE_free(a: PPKCS7_ENVELOPE);
-//  function d2i_PKCS7_ENVELOPE(a: PPPKCS7_ENVELOPE; const &in: PByte; len: TIdC_LONG): PPKCS7_ENVELOPE;
-//  function i2d_PKCS7_ENVELOPE(const a: PPKCS7_ENVELOPE; &out: PByte): TIdC_INT;
+//  function d2i_PKCS7_ENVELOPE(a: PPPKCS7_ENVELOPE; const in_: PByte; len: TIdC_LONG): PPKCS7_ENVELOPE;
+//  function i2d_PKCS7_ENVELOPE(const a: PPKCS7_ENVELOPE; out_: PByte): TIdC_INT;
 //  function PKCS7_ENVELOPE_it: PASN1_ITEM;
 //
 //  function PKCS7_SIGN_ENVELOPE_new: PPKCS7_SIGN_ENVELOPE;
 //  procedure PKCS7_SIGN_ENVELOPE_free(a: PPKCS7_SIGN_ENVELOPE);
-//  function d2i_PKCS7_SIGN_ENVELOPE(a: PPPKCS7_SIGN_ENVELOPE; const &in: PByte; len: TIdC_LONG): PPKCS7_SIGN_ENVELOPE;
-//  function i2d_PKCS7_SIGN_ENVELOPE(const a: PPKCS7_SIGN_ENVELOPE; &out: PByte): TIdC_INT;
+//  function d2i_PKCS7_SIGN_ENVELOPE(a: PPPKCS7_SIGN_ENVELOPE; const in_: PByte; len: TIdC_LONG): PPKCS7_SIGN_ENVELOPE;
+//  function i2d_PKCS7_SIGN_ENVELOPE(const a: PPKCS7_SIGN_ENVELOPE; out_: PByte): TIdC_INT;
 //  function PKCS7_SIGN_ENVELOPE_it: PASN1_ITEM;
 //
 //  function PKCS7_DIGEST_new: PPKCS7_DIGEST;
 //  procedure PKCS7_DIGEST_free(a: PPKCS7_DIGEST);
-//  function d2i_PKCS7_DIGEST(a: PPPKCS7_DIGEST; const &in: PByte; len: TIdC_LONG): PPKCS7_DIGEST;
-//  function i2d_PKCS7_DIGEST(const a: PPKCS7_DIGEST; &out: PByte): TIdC_INT;
+//  function d2i_PKCS7_DIGEST(a: PPPKCS7_DIGEST; const in_: PByte; len: TIdC_LONG): PPKCS7_DIGEST;
+//  function i2d_PKCS7_DIGEST(const a: PPKCS7_DIGEST; out_: PByte): TIdC_INT;
 //  function PKCS7_DIGEST_it: PASN1_ITEM;
 //
 //  function PKCS7_ENCRYPT_new: PPKCS7_ENCRYPT_STRUCT;
 //  procedure PKCS7_ENCRYPT_free(a: PPKCS7_ENCRYPT_STRUCT);
-//  function d2i_PKCS7_ENCRYPT(a: PPPKCS7_ENCRYPT_STRUCT; const &in: PByte; len: TIdC_LONG): PPKCS7_ENCRYPT_STRUCT;
-//  function i2d_PKCS7_ENCRYPT(const a: PPKCS7_ENCRYPT_STRUCT; &out: PByte): TIdC_INT;
+//  function d2i_PKCS7_ENCRYPT(a: PPPKCS7_ENCRYPT_STRUCT; const in_: PByte; len: TIdC_LONG): PPKCS7_ENCRYPT_STRUCT;
+//  function i2d_PKCS7_ENCRYPT(const a: PPKCS7_ENCRYPT_STRUCT; out_: PByte): TIdC_INT;
 //  function PKCS7_ENCRYPT_it: PASN1_ITEM;
 //
 //  function PKCS7_new: PPKCS7;
 //  procedure PKCS7_free(a: PPKCS7);
-//  function d2i_PKCS7(a: PPPKCS7; const &in: PByte; len: TIdC_LONG): PPKCS7;
-//  function i2d_PKCS7(const a: PPKCS7; &out: PByte): TIdC_INT;
+//  function d2i_PKCS7(a: PPPKCS7; const in_: PByte; len: TIdC_LONG): PPKCS7;
+//  function i2d_PKCS7(const a: PPKCS7; out_: PByte): TIdC_INT;
 //  function PKCS7_it: PASN1_ITEM;
 //
 //  function PKCS7_ATTR_SIGN_it: PASN1_ITEM;
 //
 //  function PKCS7_ATTR_VERIFY_it: PASN1_ITEM;
 //
-//  function i2d_PKCS7_NDEF(const a: PPKCS7; &out: PPByte): TIdC_INT;
+//  function i2d_PKCS7_NDEF(const a: PPKCS7; out_: PPByte): TIdC_INT;
 //  function PKCS7_print_ctx(&out: PBIO; const x: PPKCS7; indent: TIdC_INT; const pctx: PASN1_PCTX): TIdC_INT;
 
   function PKCS7_ctrl(p7: PPKCS7; cmd: TIdC_INT; larg: TIdC_LONG; parg: PIdAnsiChar): TIdC_LONG;
 
-  function PKCS7_set_type(p7: PPKCS7; &type: TIdC_INT): TIdC_INT;
-  function PKCS7_set0_type_other(p7: PPKCS7; &type: TIdC_INT; other: PASN1_TYPE): TIdC_INT;
+  function PKCS7_set_type(p7: PPKCS7; type_: TIdC_INT): TIdC_INT;
+  function PKCS7_set0_type_other(p7: PPKCS7; type_: TIdC_INT; other: PASN1_TYPE): TIdC_INT;
   function PKCS7_set_content(p7: PPKCS7; p7_data: PPKCS7): TIdC_INT;
   function PKCS7_SIGNER_INFO_set(p7i: PPKCS7_SIGNER_INFO; x509: PX509; pkey: PEVP_PKEY; const dgst: PEVP_MD): TIdC_INT;
   function PKCS7_SIGNER_INFO_sign(si: PPKCS7_SIGNER_INFO): TIdC_INT;
@@ -312,7 +312,7 @@   pkcs7_digest_st = record
 
   function PKCS7_get_issuer_and_serial(p7: PPKCS7; idx: TIdC_INT): PPKCS7_ISSUER_AND_SERIAL;
   //function PKCS7_digest_from_attributes(sk: Pointer{PSTACK_OF_X509_ATTRIBUTE}): PASN1_OCTET_STRING;
-  function PKCS7_add_signed_attribute(p7si: PPKCS7_SIGNER_INFO; nid: TIdC_INT; &type: TIdC_INT; data: Pointer): TIdC_INT;
+  function PKCS7_add_signed_attribute(p7si: PPKCS7_SIGNER_INFO; nid: TIdC_INT; type_: TIdC_INT; data: Pointer): TIdC_INT;
   function PKCS7_add_attribute(p7si: PPKCS7_SIGNER_INFO; nid: TIdC_INT; atrtype: TIdC_INT; value: Pointer): TIdC_INT;
   function PKCS7_get_attribute(si: PPKCS7_SIGNER_INFO; nid: TIdC_INT): PASN1_TYPE;
   function PKCS7_get_signed_attribute(si: PPKCS7_SIGNER_INFO; nid: TIdC_INT): PASN1_TYPE;
@@ -324,9 +324,9 @@   pkcs7_digest_st = record
   function PKCS7_sign_add_signer(p7: PPKCS7; signcert: PX509; pkey: PEVP_PKEY; const md: PEVP_MD; flags: TIdC_INT): PPKCS7_SIGNER_INFO;
 
   function PKCS7_final(p7: PPKCS7; data: PBIO; flags: TIdC_INT): TIdC_INT;
-  //function PKCS7_verify(p7: PPKCS7; certs: PSTACK_OF_X509; store: PX509_STORE; indata: PBIO; &out: PBIO; flags: TIdC_INT): TIdC_INT;
+  //function PKCS7_verify(p7: PPKCS7; certs: PSTACK_OF_X509; store: PX509_STORE; indata: PBIO; out_: PBIO; flags: TIdC_INT): TIdC_INT;
   //function PKCS7_get0_signers(p7: PPKCS7; certs: PSTACK_OF_X509; flags: TIdC_INT): PSTACK_OF_X509;
-  //function PKCS7_encrypt(certs: PSTACK_OF_X509; &in: PBIO; const cipher: PEVP_CIPHER; flags: TIdC_INT): PPKCS7;
+  //function PKCS7_encrypt(certs: PSTACK_OF_X509; in_: PBIO; const cipher: PEVP_CIPHER; flags: TIdC_INT): PPKCS7;
   function PKCS7_decrypt(p7: PPKCS7; pkey: PEVP_PKEY; cert: PX509; data: PBIO; flags: TIdC_INT): TIdC_INT;
 
   //function PKCS7_add_attrib_smimecap(si: PPKCS7_SIGNER_INFO; cap: PSTACK_OF_X509_ALGOR): TIdC_INT;
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_rand.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_rand.pas
index b8cfea1f0..df6f4129e 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_rand.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_rand.pas
@@ -70,8 +70,8 @@   rand_meth_st = record
   procedure RAND_keep_random_devices_open(keep: TIdC_INT);
 
   procedure RAND_add(const buf: Pointer; num: TIdC_INT; randomness: TIdC_DOUBLE);
-  function RAND_load_file(const &file: PIdAnsiChar; max_bytes: TIdC_LONG): TIdC_INT;
-  function RAND_write_file(const &file: PIdAnsiChar): TIdC_INT;
+  function RAND_load_file(const file_: PIdAnsiChar; max_bytes: TIdC_LONG): TIdC_INT;
+  function RAND_write_file(const file_: PIdAnsiChar): TIdC_INT;
   function RAND_status: TIdC_INT;
 
   function RAND_query_egd_bytes(const path: PIdAnsiChar; buf: PByte; bytes: TIdC_INT): TIdC_INT;
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_rsa.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_rsa.pas
index 881ccbb16..eba0b0e5e 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_rsa.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_rsa.pas
@@ -162,7 +162,7 @@   rsa_oaep_params_st = record
   //DECLARE_ASN1_ENCODE_FUNCTIONS_const(RSA, RSAPrivateKey)
 
   RSA_meth_set_priv_dec_priv_dec = function(flen: TIdC_INT; const from: PByte;
-    &to: PByte; rsa: PRSA; padding: TIdC_INT): TIdC_INT; cdecl;
+    to_: PByte; rsa: PRSA; padding: TIdC_INT): TIdC_INT; cdecl;
 
   RSA_meth_set_mod_exp_mod_exp = function(r0: PBIGNUM; const i: PBIGNUM;
     rsa: PRSA; ctx: PBN_CTX): TIdC_INT; cdecl;
@@ -296,10 +296,10 @@   rsa_oaep_params_st = record
   function RSA_check_key(const v1: PRSA): TIdC_INT;
   function RSA_check_key_ex(const v1: PRSA; cb: BN_GENCB): TIdC_INT;
   (* next 4 return -1 on error *)
-  function RSA_public_encrypt(flen: TIdC_INT; const from: PByte; &to: PByte; rsa: PRSA; padding: TIdC_INT): TIdC_INT;
-  function RSA_private_encrypt(flen: TIdC_INT; const from: PByte; &to: PByte; rsa: PRSA; padding: TIdC_INT): TIdC_INT;
-  function RSA_public_decrypt(flen: TIdC_INT; const from: PByte; &to: PByte; rsa: PRSA; padding: TIdC_INT): TIdC_INT;
-  function RSA_private_decrypt(flen: TIdC_INT; const from: PByte; &to: PByte; rsa: PRSA; padding: TIdC_INT): TIdC_INT;
+  function RSA_public_encrypt(flen: TIdC_INT; const from: PByte; to_: PByte; rsa: PRSA; padding: TIdC_INT): TIdC_INT;
+  function RSA_private_encrypt(flen: TIdC_INT; const from: PByte; to_: PByte; rsa: PRSA; padding: TIdC_INT): TIdC_INT;
+  function RSA_public_decrypt(flen: TIdC_INT; const from: PByte; to_: PByte; rsa: PRSA; padding: TIdC_INT): TIdC_INT;
+  function RSA_private_decrypt(flen: TIdC_INT; const from: PByte; to_: PByte; rsa: PRSA; padding: TIdC_INT): TIdC_INT;
 
   procedure RSA_free(r: PRSA);
   (* "up" the RSA object's reference count *)
@@ -415,7 +415,7 @@   rsa_oaep_params_st = record
   //int (*RSA_meth_get_finish(const RSA_METHOD *meth)) (RSA *rsa);
   function RSA_meth_set_finish(rsa: PRSA_METHOD; finish: RSA_meth_set_finish_finish): TIdC_INT;
   //int (*RSA_meth_get_sign(const RSA_METHOD *meth))
-  //    (int &type,
+  //    (int type_,
   //     const unsigned char *m, unsigned int m_length,
   //     unsigned char *sigret, unsigned int *siglen,
   //     const RSA *rsa);
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ssl.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ssl.pas
index 618bc2fdf..c14ce302b 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ssl.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ssl.pas
@@ -548,9 +548,9 @@ interface
 
   (*
    * Most of the following state values are no longer used and are defined to be
-   * the closest equivalent value &in the current state machine code. Not all
+   * the closest equivalent value in_ the current state machine code. Not all
    * defines have an equivalent and are set to a dummy value (-1). SSL_ST_CONNECT
-   * and SSL_ST_ACCEPT are still &in use &in the definition of SSL_CB_ACCEPT_LOOP,
+   * and SSL_ST_ACCEPT are still in_ use in_ the definition of SSL_CB_ACCEPT_LOOP,
    * SSL_CB_ACCEPT_EXIT, SSL_CB_CONNECT_LOOP and SSL_CB_CONNECT_EXIT.
    *)
   SSL_ST_CONNECT = $1000;
@@ -805,7 +805,7 @@ interface
   //SSLv23_server_method = TLS_server_method;
   //SSLv23_client_method = TLS_client_method;
 
-  (* What the 'other' parameter contains &in security callback *)
+  (* What the 'other' parameter contains in_ security callback *)
   (* Mask for type *)
   SSL_SECOP_OTHER_TYPE = $ffff0000;
   SSL_SECOP_OTHER_NONE = 0;
@@ -933,13 +933,13 @@   srtp_protection_profile_st = record
   //DEFINE_STACK_OF(SRTP_PROTECTION_PROFILE)
 
   (* Typedefs for handling custom extensions *)
-  custom_ext_add_cb = function (s: PSSL; ext_type: TIdC_UINT; const &out: PByte; outlen: PIdC_SIZET; al: PIdC_INT; add_arg: Pointer): TIdC_INT; cdecl;
-  custom_ext_free_cb = procedure (s: PSSL; ext_type: TIdC_UINT; const &out: PByte; add_arg: Pointer); cdecl;
-  custom_ext_parse_cb = function (s: PSSL; ext_type: TIdC_UINT; const &in: PByte; inlen: TIdC_SIZET; al: PIdC_INT; parse_arg: Pointer): TIdC_INT; cdecl;
+  custom_ext_add_cb = function (s: PSSL; ext_type: TIdC_UINT; const out_: PByte; outlen: PIdC_SIZET; al: PIdC_INT; add_arg: Pointer): TIdC_INT; cdecl;
+  custom_ext_free_cb = procedure (s: PSSL; ext_type: TIdC_UINT; const out_: PByte; add_arg: Pointer); cdecl;
+  custom_ext_parse_cb = function (s: PSSL; ext_type: TIdC_UINT; const in_: PByte; inlen: TIdC_SIZET; al: PIdC_INT; parse_arg: Pointer): TIdC_INT; cdecl;
 
-  SSL_custom_ext_add_cb_ex = function (s: PSSL; ext_type: TIdC_UINT; context: TIdC_UINT; const &out: PByte; outlen: PIdC_SIZET; x: Px509; chainidx: TIdC_SIZET; al: PIdC_INT; add_arg: Pointer): TIdC_INT; cdecl;
-  SSL_custom_ext_free_cb_ex = procedure (s: PSSL; ext_type: TIdC_UINT; context: TIdC_UINT; const &out: PByte; add_arg: Pointer); cdecl;
-  SSL_custom_ext_parse_cb_ex = function (s: PSSL; ext_type: TIdC_UINT; context: TIdC_UINT; const &in: PByte; inlen: TIdC_SIZET; x: Px509; chainidx: TIdC_SIZET; al: PIdC_INT; parse_arg: Pointer): TIdC_INT; cdecl;
+  SSL_custom_ext_add_cb_ex = function (s: PSSL; ext_type: TIdC_UINT; context: TIdC_UINT; const out_: PByte; outlen: PIdC_SIZET; x: Px509; chainidx: TIdC_SIZET; al: PIdC_INT; add_arg: Pointer): TIdC_INT; cdecl;
+  SSL_custom_ext_free_cb_ex = procedure (s: PSSL; ext_type: TIdC_UINT; context: TIdC_UINT; const out_: PByte; add_arg: Pointer); cdecl;
+  SSL_custom_ext_parse_cb_ex = function (s: PSSL; ext_type: TIdC_UINT; context: TIdC_UINT; const in_: PByte; inlen: TIdC_SIZET; x: Px509; chainidx: TIdC_SIZET; al: PIdC_INT; parse_arg: Pointer): TIdC_INT; cdecl;
 
   (* Typedef for verification callback *)
   SSL_verify_cb = function (preverify_ok: TIdC_INT; x509_ctx: PX509_STORE_CTX): TIdC_INT; cdecl;
@@ -947,20 +947,20 @@   srtp_protection_profile_st = record
   tls_session_ticket_ext_cb_fn = function (s: PSSL; const data: PByte; len: TIdC_INT; arg: Pointer): TIdC_INT; cdecl;
 
   (*
-   * This callback type is used inside SSL_CTX, SSL, and &in the functions that
-   * set them. It is used to override the generation of SSL/TLS session IDs &in
+   * This callback type is used inside SSL_CTX, SSL, and in_ the functions that
+   * set them. It is used to override the generation of SSL/TLS session IDs in_
    * a server. Return value should be zero on an error, non-zero to proceed.
    * Also, callbacks should themselves check if the id they generate is unique
    * otherwise the SSL handshake will fail with an error - callbacks can do
    * this using the 'ssl' value they're passed by;
-   * SSL_has_matching_session_id(ssl, id, *id_len) The length value passed &in
-   * is set at the maximum size the session ID can be. &in SSLv3/TLSv1 it is 32
+   * SSL_has_matching_session_id(ssl, id, *id_len) The length value passed in_
+   * is set at the maximum size the session ID can be. in_ SSLv3/TLSv1 it is 32
    * bytes. The callback can alter this length to be less if desired. It is
    * also an error for the callback to set the size to zero.
    *)
   GEN_SESSION_CB = function (ssl: PSSL; id: PByte; id_len: PIdC_UINT): TIdC_INT; cdecl;
 
-  SSL_CTX_info_callback = procedure (const ssl: PSSL; &type: TIdC_INT; val: TIdC_INT); cdecl;
+  SSL_CTX_info_callback = procedure (const ssl: PSSL; type_: TIdC_INT; val: TIdC_INT); cdecl;
   SSL_CTX_client_cert_cb = function (ssl: PSSL; x509: PPx509; pkey: PPEVP_PKEY): TIdC_INT; cdecl;
 
   SSL_CTX_cookie_verify_cb = function (ssl: PSSL; cookie: PByte; cookie_len: PIdC_UINT): TIdC_INT; cdecl;
@@ -968,7 +968,7 @@   srtp_protection_profile_st = record
   SSL_CTX_set_stateless_cookie_generate_cb_gen_stateless_cookie_cb = function (ssl: PSSL; cookie: PByte; cookie_len: PIdC_SIZET): TIdC_INT; cdecl;
   SSL_CTX_set_stateless_cookie_verify_cb_verify_stateless_cookie_cb = function (ssl: PSSL; const cookie: PByte; cookie_len: TIdC_SIZET): TIdC_INT; cdecl;
 
-  SSL_CTX_alpn_select_cb_func = function (ssl: PSSL; const &out: PPByte; outlen: PByte; const &in: PByte; inlen: TIdC_UINT; arg: Pointer): TIdC_INT; cdecl;
+  SSL_CTX_alpn_select_cb_func = function (ssl: PSSL; const out_: PPByte; outlen: PByte; const in_: PByte; inlen: TIdC_UINT; arg: Pointer): TIdC_INT; cdecl;
   SSL_psk_client_cb_func = function (ssl: PSSL; const hint: PIdAnsiChar; identity: PIdAnsiChar; max_identity_len: TIdC_UINT; psk: PByte; max_psk_len: TIdC_UINT): TIdC_UINT; cdecl;
   SSL_psk_server_cb_func = function (ssl: PSSL; const identity: PIdAnsiChar; psk: PByte; max_psk_len: TIdC_UINT): TIdC_UINT; cdecl;
   SSL_psk_find_session_cb_func = function (ssl: PSSL; const identity: PByte; identity_len: TIdC_SIZET; sess: PPSSL_SESSION): TIdC_INT; cdecl;
@@ -1052,15 +1052,15 @@   srtp_protection_profile_st = record
   SSL_client_hello_cb_fn = function (s: PSSL; al: PIdC_INT; arg: Pointer): TIdC_INT; cdecl;
   SSL_callback_ctrl_v3 = procedure; cdecl;
   SSL_CTX_callback_ctrl_v3 = procedure; cdecl;
-  SSL_info_callback = procedure (const ssl: PSSL; &type: TIdC_INT; val: TIdC_INT); cdecl;
+  SSL_info_callback = procedure (const ssl: PSSL; type_: TIdC_INT; val: TIdC_INT); cdecl;
 
   (* NB: the |keylength| is only applicable when is_export is true *)
   SSL_CTX_set_tmp_dh_callback_dh = function (ssl: PSSL; is_export: TIdC_INT; keylength: TIdC_INT): PDH; cdecl;
   SSL_set_tmp_dh_callback_dh = function (ssl: PSSL; is_export: TIdC_INT; keylength: TIdC_INT): PDH; cdecl;
   SSL_CTX_set_not_resumable_session_callback_cb = function (ssl: PSSL; is_forward_secure: TIdC_INT): TIdC_INT; cdecl;
   SSL_set_not_resumable_session_callback_cb = function (ssl: PSSL; is_forward_secure: TIdC_INT): TIdC_INT; cdecl;
-  SSL_CTX_set_record_padding_callback_cb = function (ssl: PSSL; &type: TIdC_INT; len: TIdC_SIZET; arg: Pointer): TIdC_SIZET; cdecl;
-  SSL_set_record_padding_callback_cb = function (ssl: PSSL; &type: TIdC_INT; len: TIdC_SIZET; arg: Pointer): TIdC_SIZET; cdecl;
+  SSL_CTX_set_record_padding_callback_cb = function (ssl: PSSL; type_: TIdC_INT; len: TIdC_SIZET; arg: Pointer): TIdC_SIZET; cdecl;
+  SSL_set_record_padding_callback_cb = function (ssl: PSSL; type_: TIdC_INT; len: TIdC_SIZET; arg: Pointer): TIdC_SIZET; cdecl;
   
   (*
    * The validation type enumerates the available behaviours of the built-in SSL
@@ -1089,7 +1089,6 @@   srtp_protection_profile_st = record
 
   SSL_CTX_sess_remove_cb = procedure(ctx: PSSL_CTX; sess: PSSL_SESSION); cdecl;
 
-{$REGION 'C compiler macros'}
 function SSL_CTX_set_mode(ctx: PSSL_CTX; op: TIdC_LONG): TIdC_LONG;
 function SSL_CTX_clear_mode(ctx: PSSL_CTX; op: TIdC_LONG): TIdC_LONG;
 
@@ -1168,7 +1167,6 @@ function SSL_set_min_proto_version(s: PSSL; version: TIdC_LONG): TIdC_LONG;
 function SSL_set_max_proto_version(s: PSSL; version: TIdC_LONG): TIdC_LONG;
 function SSL_get_min_proto_version(s: PSSL): TIdC_LONG;
 function SSL_get_max_proto_version(s: PSSL): TIdC_LONG;
-{$ENDREGION}
 
 var
   //typedef TIdC_INT (*tls_session_secret_cb_fn)(s: PSSL, void *secret, TIdC_INT *secret_len,
@@ -1380,7 +1378,7 @@ function SSL_get_max_proto_version(s: PSSL): TIdC_LONG;
 
   ///*
   // * These need to be after the above set of includes due to a compiler bug
-  // * &in VisualStudio 2015
+  // * in_ VisualStudio 2015
   // */
   //DEFINE_STACK_OF_CONST(SSL_CIPHER)
   //DEFINE_STACK_OF(SSL_COMP)
@@ -1537,20 +1535,20 @@ function SSL_get_max_proto_version(s: PSSL): TIdC_LONG;
   (* Set serverinfo data for the current active cert. *)
   function SSL_CTX_use_serverinfo(ctx: PSSL_CTX; const serverinfo: PByte; serverinfo_length: TIdC_SIZET): TIdC_INT;
   function SSL_CTX_use_serverinfo_ex(ctx: PSSL_CTX; version: TIdC_UINT; const serverinfo: PByte; serverinfo_length: TIdC_SIZET): TIdC_INT;
-  function SSL_CTX_use_serverinfo_file(ctx: PSSL_CTX; const &file: PIdAnsiChar): TIdC_INT;
+  function SSL_CTX_use_serverinfo_file(ctx: PSSL_CTX; const file_: PIdAnsiChar): TIdC_INT;
 
-  function SSL_use_RSAPrivateKey_file(ssl: PSSL; const &file: PIdAnsiChar; &type: TIdC_INT): TIdC_INT;
+  function SSL_use_RSAPrivateKey_file(ssl: PSSL; const file_: PIdAnsiChar; type_: TIdC_INT): TIdC_INT;
 
-  function SSL_use_PrivateKey_file(ssl: PSSL; const &file: PIdAnsiChar; &type: TIdC_INT): TIdC_INT;
-  function SSL_use_certificate_file(ssl: PSSL; const &file: PIdAnsiChar; &type: TIdC_INT): TIdC_INT;
+  function SSL_use_PrivateKey_file(ssl: PSSL; const file_: PIdAnsiChar; type_: TIdC_INT): TIdC_INT;
+  function SSL_use_certificate_file(ssl: PSSL; const file_: PIdAnsiChar; type_: TIdC_INT): TIdC_INT;
 
-  function SSL_CTX_use_RSAPrivateKey_file(ctx: PSSL_CTX; const &file: PIdAnsiChar; &type: TIdC_INT): TIdC_INT;
+  function SSL_CTX_use_RSAPrivateKey_file(ctx: PSSL_CTX; const file_: PIdAnsiChar; type_: TIdC_INT): TIdC_INT;
 
-  function SSL_CTX_use_PrivateKey_file(ctx: PSSL_CTX; const &file: PIdAnsiChar; &type: TIdC_INT): TIdC_INT;
-  function SSL_CTX_use_certificate_file(ctx: PSSL_CTX; const &file: PIdAnsiChar; &type: TIdC_INT): TIdC_INT;
+  function SSL_CTX_use_PrivateKey_file(ctx: PSSL_CTX; const file_: PIdAnsiChar; type_: TIdC_INT): TIdC_INT;
+  function SSL_CTX_use_certificate_file(ctx: PSSL_CTX; const file_: PIdAnsiChar; type_: TIdC_INT): TIdC_INT;
   (* PEM type *)
-  function SSL_CTX_use_certificate_chain_file(ctx: PSSL_CTX; const &file: PIdAnsiChar): TIdC_INT;
-  function SSL_use_certificate_chain_file(ssl: PSSL; const &file: PIdAnsiChar): TIdC_INT;
+  function SSL_CTX_use_certificate_chain_file(ctx: PSSL_CTX; const file_: PIdAnsiChar): TIdC_INT;
+  function SSL_use_certificate_chain_file(ssl: PSSL; const file_: PIdAnsiChar): TIdC_INT;
   //__owur STACK_OF(X509_NAME) *SSL_load_client_CA_file(const PIdAnsiChar *file);
   //__owur TIdC_INT SSL_add_file_cert_subjects_to_stack(STACK_OF(X509_NAME) *stackCAs,
   //                                               const PIdAnsiChar *file);
@@ -1707,12 +1705,12 @@ function SSL_get_max_proto_version(s: PSSL): TIdC_LONG;
   procedure SSL_CTX_set_client_hello_cb(c: PSSL_CTX; cb: SSL_client_hello_cb_fn; arg: Pointer);
   function SSL_client_hello_isv2(s: PSSL): TIdC_INT;
   function SSL_client_hello_get0_legacy_version(s: PSSL): TIdC_UINT;
-  function SSL_client_hello_get0_random(s: PSSL; const &out: PPByte): TIdC_SIZET;
-  function SSL_client_hello_get0_session_id(s: PSSL; const &out: PPByte): TIdC_SIZET;
-  function SSL_client_hello_get0_ciphers(s: PSSL; const &out: PPByte): TIdC_SIZET;
-  function SSL_client_hello_get0_compression_methods(s: PSSL; const &out: PPByte): TIdC_SIZET;
-  function SSL_client_hello_get1_extensions_present(s: PSSL; &out: PPIdC_INT; outlen: PIdC_SIZET): TIdC_INT;
-  function SSL_client_hello_get0_ext(s: PSSL; &type: TIdC_UINT; const &out: PPByte; outlen: PIdC_SIZET): TIdC_INT;
+  function SSL_client_hello_get0_random(s: PSSL; const out_: PPByte): TIdC_SIZET;
+  function SSL_client_hello_get0_session_id(s: PSSL; const out_: PPByte): TIdC_SIZET;
+  function SSL_client_hello_get0_ciphers(s: PSSL; const out_: PPByte): TIdC_SIZET;
+  function SSL_client_hello_get0_compression_methods(s: PSSL; const out_: PPByte): TIdC_SIZET;
+  function SSL_client_hello_get1_extensions_present(s: PSSL; out_: PPIdC_INT; outlen: PIdC_SIZET): TIdC_INT;
+  function SSL_client_hello_get0_ext(s: PSSL; type_: TIdC_UINT; const out_: PPByte; outlen: PIdC_SIZET): TIdC_INT;
   procedure SSL_certs_clear(s: PSSL);
   procedure SSL_free(ssl: PSSL);
 
@@ -1848,10 +1846,10 @@ function SSL_get_max_proto_version(s: PSSL): TIdC_LONG;
   function SSL_get_verify_result(const ssl: PSSL): TIdC_LONG;
   //__owur STACK_OF(X509) *SSL_get0_verified_chain(const s: PSSL);
 
-  function SSL_get_client_random(const ssl: PSSL; &out: PByte; outlen: TIdC_SIZET): TIdC_SIZET;
-  function SSL_get_server_random(const ssl: PSSL; &out: PByte; outlen: TIdC_SIZET): TIdC_SIZET;
-  function SSL_SESSION_get_master_key(const sess: PSSL_SESSION; &out: PByte; outlen: TIdC_SIZET): TIdC_SIZET;
-  function SSL_SESSION_set1_master_key(sess: PSSL_SESSION; const &in: PByte; len: TIdC_SIZET): TIdC_INT;
+  function SSL_get_client_random(const ssl: PSSL; out_: PByte; outlen: TIdC_SIZET): TIdC_SIZET;
+  function SSL_get_server_random(const ssl: PSSL; out_: PByte; outlen: TIdC_SIZET): TIdC_SIZET;
+  function SSL_SESSION_get_master_key(const sess: PSSL_SESSION; out_: PByte; outlen: TIdC_SIZET): TIdC_SIZET;
+  function SSL_SESSION_set1_master_key(sess: PSSL_SESSION; const in_: PByte; len: TIdC_SIZET): TIdC_INT;
   function SSL_SESSION_get_max_fragment_length(const sess: PSSL_SESSION): TIdC_UINT8;
 
   //#define SSL_get_ex_new_index(l, p, newf, dupf, freef) \
@@ -2012,7 +2010,7 @@ function SSL_get_max_proto_version(s: PSSL): TIdC_LONG;
   ///*
   // * The validation type enumerates the available behaviours of the built-&in SSL
   // * CT validation callback selected via SSL_enable_ct() and SSL_CTX_enable_ct().
-  // * The underlying callback is a static function &in libssl.
+  // * The underlying callback is a static function in_ libssl.
   // */
 
   ///*
@@ -2021,7 +2019,7 @@ function SSL_get_max_proto_version(s: PSSL): TIdC_LONG;
   // * continues the handshake, the application can make appropriate decisions at
   // * handshake completion.  The SSL_CT_VALIDATION_STRICT variant requires at
   // * least one valid SCT, or else handshake termination will be requested.  The
-  // * handshake may continue anyway if SSL_VERIFY_NONE is &in effect.
+  // * handshake may continue anyway if SSL_VERIFY_NONE is in_ effect.
   // */
   function SSL_enable_ct(s: PSSL; validation_mode: TIdC_INT): TIdC_INT;
   function SSL_CTX_enable_ct(ctx: PSSL_CTX; validation_mode: TIdC_INT): TIdC_INT;
@@ -2089,14 +2087,13 @@ function SSL_get_max_proto_version(s: PSSL): TIdC_LONG;
 
 implementation
 
-
{$REGION 'C compiler macros'}
-
//# define SSL_CTX_set_mode(ctx,op)      SSL_CTX_ctrl((ctx),SSL_CTRL_MODE,(op),NULL)
+//# define SSL_CTX_set_mode(ctx,op)      SSL_CTX_ctrl((ctx),SSL_CTRL_MODE,(op),NULL)
 function SSL_CTX_set_mode(ctx: PSSL_CTX; op: TIdC_LONG): TIdC_LONG;
-
begin
-
  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_MODE, op, nil);
+begin
+  Result := SSL_CTX_ctrl(ctx, SSL_CTRL_MODE, op, nil);
 end;
 
-
//# define SSL_CTX_clear_mode(ctx,op)   SSL_CTX_ctrl((ctx),SSL_CTRL_CLEAR_MODE,(op),NULL)
+//# define SSL_CTX_clear_mode(ctx,op)   SSL_CTX_ctrl((ctx),SSL_CTRL_CLEAR_MODE,(op),NULL)
 function SSL_CTX_clear_mode(ctx: PSSL_CTX; op: TIdC_LONG): TIdC_LONG;
 begin
   Result := SSL_CTX_ctrl(ctx, SSL_CTRL_CLEAR_MODE, op, nil);
@@ -2545,6 +2542,5 @@ function SSL_get_max_proto_version(s: PSSL): TIdC_LONG;
 begin
   Result := SSL_ctrl(s, SSL_CTRL_GET_MAX_PROTO_VERSION, 0, nil);
 end;
-{$ENDREGION}
 
 end.
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ssl3.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ssl3.pas
index 8ab2fdd07..90ec69fdb 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ssl3.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ssl3.pas
@@ -323,6 +323,7 @@ interface
   SSL3_CHANGE_CIPHER_SERVER_READ = SSL3_CC_SERVER or SSL3_CC_READ;
   SSL3_CHANGE_CIPHER_CLIENT_READ = SSL3_CC_CLIENT or SSL3_CC_READ;
   SSL3_CHANGE_CIPHER_SERVER_WRITE = SSL3_CC_SERVER or SSL3_CC_WRITE;
-
implementation
+
+implementation
 
 end.
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_tls1.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_tls1.pas
index ac5bfd09c..69668a7bd 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_tls1.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_tls1.pas
@@ -1091,15 +1091,13 @@   tls_session_ticket_ext_st = record
     data: Pointer;
   end;
 
-{$REGION 'C compiler macros'}
 function SSL_set_tlsext_host_name(s: PSSL; const name: PIdAnsiChar): TIdC_LONG;
-{$ENDREGION}
 
 var
   function SSL_CTX_set_tlsext_max_fragment_length(ctx: PSSL_CTx; mode: TIdC_UINT8): TIdC_INT;
   function SSL_set_tlsext_max_fragment_length(ssl: PSSL; mode: TIdC_UINT8): TIdC_INT;
 
-  function SSL_get_servername(const s: PSSL; const &type: TIdC_INT): PIdAnsiChar;
+  function SSL_get_servername(const s: PSSL; const type_: TIdC_INT): PIdAnsiChar;
   function SSL_get_servername_type(const s: PSSL): TIdC_INT;
   (*
    * SSL_export_keying_material exports a value derived from the master secret,
@@ -1108,7 +1106,7 @@ function SSL_set_tlsext_host_name(s: PSSL; const name: PIdAnsiChar): TIdC_LONG;
    * flag controls whether a context is included.) It returns 1 on success and
    * 0 or -1 otherwise.
    *)
-  function SSL_export_keying_material(s: PSSL; &out: PByte; olen: TIdC_SIZET; const &label: PIdAnsiChar; llen: TIdC_SIZET; const context: PByte; contextlen: TIdC_SIZET; use_context: TIdC_INT): TIdC_INT;
+  function SSL_export_keying_material(s: PSSL; out_: PByte; olen: TIdC_SIZET; const label_: PIdAnsiChar; llen: TIdC_SIZET; const context: PByte; contextlen: TIdC_SIZET; use_context: TIdC_INT): TIdC_INT;
 
   (*
    * SSL_export_keying_material_early exports a value derived from the
@@ -1117,7 +1115,7 @@ function SSL_set_tlsext_host_name(s: PSSL; const name: PIdAnsiChar): TIdC_LONG;
    * |olen| bytes to |out| given a label and optional context. It
    * returns 1 on success and 0 otherwise.
    *)
-  function SSL_export_keying_material_early(s: PSSL; &out: PByte; olen: TIdC_SIZET; const &label: PIdAnsiChar; llen: TIdC_SIZET; const context: PByte; contextlen: TIdC_SIZET): TIdC_INT;
+  function SSL_export_keying_material_early(s: PSSL; out_: PByte; olen: TIdC_SIZET; const label_: PIdAnsiChar; llen: TIdC_SIZET; const context: PByte; contextlen: TIdC_SIZET): TIdC_INT;
 
   function SSL_get_peer_signature_type_nid(const s: PSSl; pnid: PIdC_INT): TIdC_INT;
   function SSL_get_signature_type_nid(const s: PSSl; pnid: PIdC_INT): TIdC_INT;
@@ -1191,15 +1189,14 @@ function SSL_set_tlsext_host_name(s: PSSL; const name: PIdAnsiChar): TIdC_LONG;
   //                (void (*)(void))cb)
 
 implementation
-
uses
+
+uses
   IdOpenSSLHeaders_ssl;
 
-
{$REGION 'C compiler macros'}
 //# define SSL_set_tlsext_host_name(s,name)         SSL_ctrl(s,SSL_CTRL_SET_TLSEXT_HOSTNAME,TLSEXT_NAMETYPE_host_name, (void *)name)
 function SSL_set_tlsext_host_name(s: PSSL; const name: PIdAnsiChar): TIdC_LONG;
 begin
   Result := SSL_ctrl(s, SSL_CTRL_SET_TLSEXT_HOSTNAME, TLSEXT_NAMETYPE_host_name, Pointer(name));
 end;
-{$ENDREGION}
 
 end.
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ts.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ts.pas
index 1efb697dc..b82bd58a7 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ts.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ts.pas
@@ -534,7 +534,7 @@ interface
    *)
 
   function TS_CONF_load_cert(&file: PIdAnsiChar): PX509;
-  function TS_CONF_load_key( &file: PIdAnsiChar; pass: PIdAnsiChar): PEVP_PKey;
+  function TS_CONF_load_key( file_: PIdAnsiChar; pass: PIdAnsiChar): PEVP_PKey;
   function TS_CONF_set_serial(conf: PCONF; section: PIdAnsiChar; cb: TS_serial_cb; ctx: PTS_RESP_CTX): TIdC_INT;
   //STACK_OF(X509) *TS_CONF_load_certs(const char *file);
   function TS_CONF_get_tsa_section(conf: PCONF; const section: PIdAnsiChar): PIdAnsiChar;
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_x509.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_x509.pas
index 166facb2c..2a950eb3f 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_x509.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_x509.pas
@@ -297,7 +297,7 @@   Netscape_spki_st = record
 
   (* Netscape certificate sequence structure *)
 //  Netscape_certificate_sequence: record
-//    &type: PASN1_OBJECT;
+//    type_: PASN1_OBJECT;
 //    certs: P --> STACK_OF(X509) <--;
 //  end;
 //  NETSCAPE_CERT_SEQUENCE = Netscape_certificate_sequence;
@@ -389,11 +389,11 @@   SCRYPT_PARAMS_st = record
 
   function NETSCAPE_SPKI_sign(x: PNETSCAPE_SPKI; pkey: PEVP_PKEY; const md: PEVP_MD): TIdC_INT;
 
-  function X509_pubkey_digest(const data: PX509; const &type: PEVP_MD; md: PByte; len: PIdC_UINT): TIdC_INT;
-  function X509_digest(const data: PX509; const &type: PEVP_MD; md: PByte; len: PIdC_UINT): TIdC_INT;
-  function X509_CRL_digest(const data: PX509_CRL; const &type: PEVP_MD; md: PByte; len: PIdC_UINT): TIdC_INT;
-  function X509_REQ_digest(const data: PX509_REQ; const &type: PEVP_MD; md: PByte; len: PIdC_UINT): TIdC_INT;
-  function X509_NAME_digest(const data: PX509_NAME; const &type: PEVP_MD; md: PByte; len: PIdC_UINT): TIdC_INT;
+  function X509_pubkey_digest(const data: PX509; const type_: PEVP_MD; md: PByte; len: PIdC_UINT): TIdC_INT;
+  function X509_digest(const data: PX509; const type_: PEVP_MD; md: PByte; len: PIdC_UINT): TIdC_INT;
+  function X509_CRL_digest(const data: PX509_CRL; const type_: PEVP_MD; md: PByte; len: PIdC_UINT): TIdC_INT;
+  function X509_REQ_digest(const data: PX509_REQ; const type_: PEVP_MD; md: PByte; len: PIdC_UINT): TIdC_INT;
+  function X509_NAME_digest(const data: PX509_NAME; const type_: PEVP_MD; md: PByte; len: PIdC_UINT): TIdC_INT;
 
   //# ifndef OPENSSL_NO_STDIO
   //X509 *d2i_X509_fp(FILE *fp, X509 **x509);
@@ -501,18 +501,18 @@   SCRYPT_PARAMS_st = record
 
   function X509_ALGOR_new: PX509_ALGOR;
   procedure X509_ALGOR_free(v1: PX509_ALGOR);
-  function d2i_X509_ALGOR(a: PPX509_ALGOR; const &in: PPByte; len: TIdC_LONG): PX509_ALGOR;
-  function i2d_X509_ALGOR(a: PX509_ALGOR; &out: PPByte): TIdC_INT;
+  function d2i_X509_ALGOR(a: PPX509_ALGOR; const in_: PPByte; len: TIdC_LONG): PX509_ALGOR;
+  function i2d_X509_ALGOR(a: PX509_ALGOR; out_: PPByte): TIdC_INT;
   //DECLARE_ASN1_ENCODE_FUNCTIONS(X509_ALGORS, X509_ALGORS, X509_ALGORS)
   function X509_VAL_new: PX509_VAL;
   procedure X509_VAL_free(v1: PX509_VAL);
-  function d2i_X509_VAL(a: PPX509_VAL; const &in: PPByte; len: TIdC_LONG): PX509_VAL;
-  function i2d_X509_VAL(a: PX509_VAL; &out: PPByte): TIdC_INT;
+  function d2i_X509_VAL(a: PPX509_VAL; const in_: PPByte; len: TIdC_LONG): PX509_VAL;
+  function i2d_X509_VAL(a: PX509_VAL; out_: PPByte): TIdC_INT;
 
   function X509_PUBKEY_new: PX509_PUBKEY;
   procedure X509_PUBKEY_free(v1: PX509_PUBKEY);
-  function d2i_X509_PUBKEY(a: PPX509_PUBKEY; const &in: PPByte; len: TIdC_LONG): PX509_PUBKEY;
-  function i2d_X509_PUBKEY(a: PX509_PUBKEY; &out: PPByte): TIdC_INT;
+  function d2i_X509_PUBKEY(a: PPX509_PUBKEY; const in_: PPByte; len: TIdC_LONG): PX509_PUBKEY;
+  function i2d_X509_PUBKEY(a: PX509_PUBKEY; out_: PPByte): TIdC_INT;
 
   function X509_PUBKEY_set(x: PPX509_PUBKEY; pkey: PEVP_PKEY): TIdC_INT;
   function X509_PUBKEY_get0(key: PX509_PUBKEY): PEVP_PKEY;
@@ -533,42 +533,42 @@   SCRYPT_PARAMS_st = record
 
   function X509_SIG_new: PX509_SIG;
   procedure X509_SIG_free(v1: PX509_SIG);
-  function d2i_X509_SIG(a: PPX509_SIG; const &in: PPByte; len: TIdC_LONG): PX509_SIG;
-  function i2d_X509_SIG(a: PX509_SIG; &out: PPByte): TIdC_INT;
+  function d2i_X509_SIG(a: PPX509_SIG; const in_: PPByte; len: TIdC_LONG): PX509_SIG;
+  function i2d_X509_SIG(a: PX509_SIG; out_: PPByte): TIdC_INT;
   procedure X509_SIG_get0(const sig: PX509_SIG; const palg: PPX509_ALGOR; const pdigest: PPASN1_OCTET_STRING);
   procedure X509_SIG_getm(sig: X509_SIG; palg: PPX509_ALGOR; pdigest: PPASN1_OCTET_STRING);
 
   function X509_REQ_INFO_new: PX509_REQ_INFO;
   procedure X509_REQ_INFO_free(v1: PX509_REQ_INFO);
-  function d2i_X509_REQ_INFO(a: PPX509_REQ_INFO; const &in: PPByte; len: TIdC_LONG): PX509_REQ_INFO;
-  function i2d_X509_REQ_INFO(a: PX509_REQ_INFO; &out: PPByte): TIdC_INT;
+  function d2i_X509_REQ_INFO(a: PPX509_REQ_INFO; const in_: PPByte; len: TIdC_LONG): PX509_REQ_INFO;
+  function i2d_X509_REQ_INFO(a: PX509_REQ_INFO; out_: PPByte): TIdC_INT;
 
   function X509_REQ_new: PX509_REQ;
   procedure X509_REQ_free(v1: PX509_REQ);
-  function d2i_X509_REQ(a: PPX509_REQ; const &in: PPByte; len: TIdC_LONG): PX509_REQ;
-  function i2d_X509_REQ(a: PX509_REQ; &out: PPByte): TIdC_INT;
+  function d2i_X509_REQ(a: PPX509_REQ; const in_: PPByte; len: TIdC_LONG): PX509_REQ;
+  function i2d_X509_REQ(a: PX509_REQ; out_: PPByte): TIdC_INT;
 
   function X509_ATTRIBUTE_new: PX509_ATTRIBUTE;
   procedure X509_ATTRIBUTE_free(v1: PX509_ATTRIBUTE);
-  function d2i_X509_ATTRIBUTE(a: PPX509_ATTRIBUTE; const &in: PPByte; len: TIdC_LONG): PX509_ATTRIBUTE;
-  function i2d_X509_ATTRIBUTE(a: PX509_ATTRIBUTE; &out: PPByte): TIdC_INT;
+  function d2i_X509_ATTRIBUTE(a: PPX509_ATTRIBUTE; const in_: PPByte; len: TIdC_LONG): PX509_ATTRIBUTE;
+  function i2d_X509_ATTRIBUTE(a: PX509_ATTRIBUTE; out_: PPByte): TIdC_INT;
   function X509_ATTRIBUTE_create(nid: TIdC_INT; trtype: TIdC_INT; value: Pointer): PX509_ATTRIBUTE;
 
   function X509_EXTENSION_new: PX509_EXTENSION;
   procedure X509_EXTENSION_free(v1: PX509_EXTENSION);
-  function d2i_X509_EXTENSION(a: PPX509_EXTENSION; const &in: PPByte; len: TIdC_LONG): PX509_EXTENSION;
-  function i2d_X509_EXTENSION(a: PX509_EXTENSION; &out: PPByte): TIdC_INT;
+  function d2i_X509_EXTENSION(a: PPX509_EXTENSION; const in_: PPByte; len: TIdC_LONG): PX509_EXTENSION;
+  function i2d_X509_EXTENSION(a: PX509_EXTENSION; out_: PPByte): TIdC_INT;
   //DECLARE_ASN1_ENCODE_FUNCTIONS(X509_EXTENSIONS, X509_EXTENSIONS, X509_EXTENSIONS)
 
   function X509_NAME_ENTRY_new: PX509_NAME_ENTRY;
   procedure X509_NAME_ENTRY_free(v1: PX509_NAME_ENTRY);
-  function d2i_X509_NAME_ENTRY(a: PPX509_NAME_ENTRY; const &in: PPByte; len: TIdC_LONG): PX509_NAME_ENTRY;
-  function i2d_X509_NAME_ENTRY(a: PX509_NAME_ENTRY; &out: PPByte): TIdC_INT;
+  function d2i_X509_NAME_ENTRY(a: PPX509_NAME_ENTRY; const in_: PPByte; len: TIdC_LONG): PX509_NAME_ENTRY;
+  function i2d_X509_NAME_ENTRY(a: PX509_NAME_ENTRY; out_: PPByte): TIdC_INT;
 
   function X509_NAME_new: PX509_NAME;
   procedure X509_NAME_free(v1: PX509_NAME);
-  function d2i_X509_NAME(a: PPX509_NAME; const &in: PPByte; len: TIdC_LONG): PX509_NAME;
-  function i2d_X509_NAME(a: PX509_NAME; &out: PPByte): TIdC_INT;
+  function d2i_X509_NAME(a: PPX509_NAME; const in_: PPByte; len: TIdC_LONG): PX509_NAME;
+  function i2d_X509_NAME(a: PX509_NAME; out_: PPByte): TIdC_INT;
 
   function X509_NAME_set(xn: PPX509_NAME; name: PX509_NAME): TIdC_INT;
 
@@ -576,8 +576,8 @@   SCRYPT_PARAMS_st = record
 
   function X509_new: PX509;
   procedure X509_free(v1: PX509);
-  function d2i_X509(a: PPX509; const &in: PPByte; len: TIdC_LONG): PX509;
-  function i2d_X509(a: PX509; &out: PPByte): TIdC_INT;
+  function d2i_X509(a: PPX509; const in_: PPByte; len: TIdC_LONG): PX509;
+  function i2d_X509(a: PX509; out_: PPByte): TIdC_INT;
 
   //DECLARE_ASN1_FUNCTIONS(X509_CERT_AUX)
   //
@@ -616,16 +616,16 @@   SCRYPT_PARAMS_st = record
   //
   function X509_REVOKED_new: PX509_REVOKED;
   procedure X509_REVOKED_free(v1: PX509_REVOKED);
-  function d2i_X509_REVOKED(a: PPX509_REVOKED; const &in: PPByte; len: TIdC_LONG): PX509_REVOKED;
-  function i2d_X509_REVOKED(a: PX509_REVOKED; &out: PPByte): TIdC_INT;
+  function d2i_X509_REVOKED(a: PPX509_REVOKED; const in_: PPByte; len: TIdC_LONG): PX509_REVOKED;
+  function i2d_X509_REVOKED(a: PX509_REVOKED; out_: PPByte): TIdC_INT;
   function X509_CRL_INFO_new: PX509_CRL_INFO;
   procedure X509_CRL_INFO_free(v1: PX509_CRL_INFO);
-  function d2i_X509_CRL_INFO(a: PPX509_CRL_INFO; const &in: PPByte; len: TIdC_LONG): PX509_CRL_INFO;
-  function i2d_X509_CRL_INFO(a: PX509_CRL_INFO; &out: PPByte): TIdC_INT;
+  function d2i_X509_CRL_INFO(a: PPX509_CRL_INFO; const in_: PPByte; len: TIdC_LONG): PX509_CRL_INFO;
+  function i2d_X509_CRL_INFO(a: PX509_CRL_INFO; out_: PPByte): TIdC_INT;
   function X509_CRL_new: PX509_CRL;
   procedure X509_CRL_free(v1: PX509_CRL);
-  function d2i_X509_CRL(a: PPX509_CRL; const &in: PPByte; len: TIdC_LONG): PX509_CRL;
-  function i2d_X509_CRL(a: PX509_CRL; &out: PPByte): TIdC_INT;
+  function d2i_X509_CRL(a: PPX509_CRL; const in_: PPByte; len: TIdC_LONG): PX509_CRL;
+  function i2d_X509_CRL(a: PX509_CRL; out_: PPByte): TIdC_INT;
 
   function X509_CRL_add0_revoked(crl: PX509_CRL; rev: PX509_REVOKED): TIdC_INT;
   function X509_CRL_get0_by_serial(crl: PX509_CRL; ret: PPX509_REVOKED; serial: PASN1_INTEGER): TIdC_INT;
@@ -652,11 +652,11 @@   SCRYPT_PARAMS_st = record
 //                X509_ALGOR *algor2, ASN1_BIT_STRING *signature,
 //                char *data, EVP_PKEY *pkey, const EVP_MD *type);
 
-  function ASN1_item_digest(const it: PASN1_ITEM; const &type: PEVP_MD; data: Pointer; md: PByte; len: PIdC_UINT): TIdC_INT;
+  function ASN1_item_digest(const it: PASN1_ITEM; const type_: PEVP_MD; data: Pointer; md: PByte; len: PIdC_UINT): TIdC_INT;
 
   function ASN1_item_verify(const it: PASN1_ITEM; algor1: PX509_ALGOR; signature: PASN1_BIT_STRING; data: Pointer; pkey: PEVP_PKEY): TIdC_INT;
 
-  function ASN1_item_sign(const it: PASN1_ITEM; algor1: PX509_ALGOR; algor2: PX509_ALGOR; signature: PASN1_BIT_STRING; data: Pointer; pkey: PEVP_PKEY; const &type: PEVP_MD): TIdC_INT;
+  function ASN1_item_sign(const it: PASN1_ITEM; algor1: PX509_ALGOR; algor2: PX509_ALGOR; signature: PASN1_BIT_STRING; data: Pointer; pkey: PEVP_PKEY; const type_: PEVP_MD): TIdC_INT;
   function ASN1_item_sign_ctx(const it: PASN1_ITEM; algor1: PX509_ALGOR; algor2: PX509_ALGOR; signature: PASN1_BIT_STRING; asn: Pointer; ctx: PEVP_MD_CTX): TIdC_INT;
 
   function X509_get_version(const x: PX509): TIdC_LONG;
@@ -716,9 +716,9 @@   SCRYPT_PARAMS_st = record
   function X509_REQ_get_attr(const req: PX509_REQ; loc: TIdC_INT): PX509_ATTRIBUTE;
   function X509_REQ_delete_attr(req: PX509_REQ; loc: TIdC_INT): PX509_ATTRIBUTE;
   function X509_REQ_add1_attr(req: PX509_REQ; attr: PX509_ATTRIBUTE): TIdC_INT;
-  function X509_REQ_add1_attr_by_OBJ(req: PX509_REQ; const obj: PASN1_OBJECT; &type: TIdC_INT; const bytes: PByte; len: TIdC_INT): TIdC_INT;
-  function X509_REQ_add1_attr_by_NID(req: PX509_REQ; nid: TIdC_INT; &type: TIdC_INT; const bytes: PByte; len: TIdC_INT): TIdC_INT;
-  function X509_REQ_add1_attr_by_txt(req: PX509_REQ; const attrname: PIdAnsiChar; &type: TIdC_INT; const bytes: PByte; len: TIdC_INT): TIdC_INT;
+  function X509_REQ_add1_attr_by_OBJ(req: PX509_REQ; const obj: PASN1_OBJECT; type_: TIdC_INT; const bytes: PByte; len: TIdC_INT): TIdC_INT;
+  function X509_REQ_add1_attr_by_NID(req: PX509_REQ; nid: TIdC_INT; type_: TIdC_INT; const bytes: PByte; len: TIdC_INT): TIdC_INT;
+  function X509_REQ_add1_attr_by_txt(req: PX509_REQ; const attrname: PIdAnsiChar; type_: TIdC_INT; const bytes: PByte; len: TIdC_INT): TIdC_INT;
 
   function X509_CRL_set_version(x: PX509_CRL; version: TIdC_LONG): TIdC_INT;
   function X509_CRL_set_issuer_name(x: PX509_CRL; name: PX509_NAME): TIdC_INT;
@@ -804,15 +804,15 @@   SCRYPT_PARAMS_st = record
   function X509_NAME_get_index_by_OBJ(name: PX509_NAME; const obj: PASN1_OBJECT; lastpos: TIdC_INT): TIdC_INT;
   function X509_NAME_get_entry(const name: PX509_NAME; loc: TIdC_INT): PX509_NAME_ENTRY;
   function X509_NAME_delete_entry(name: PX509_NAME; loc: TIdC_INT): pX509_NAME_ENTRY;
-  function X509_NAME_add_entry(name: PX509_NAME; const ne: PX509_NAME_ENTRY; loc: TIdC_INT; &set: TIdC_INT): TIdC_INT;
-  function X509_NAME_add_entry_by_OBJ(name: PX509_NAME; const obj: PASN1_OBJECT; &type: TIdC_INT; const bytes: PByte; len: TIdC_INT; loc: TIdC_INT; &set: TIdC_INT): TIdC_INT;
-  function X509_NAME_add_entry_by_NID(name: PX509_NAME; nid: TIdC_INT; &type: TIdC_INT; const bytes: PByte; len: TIdC_INT; loc: TIdC_INT; &set: TIdC_INT): TIdC_INT;
-  function X509_NAME_ENTRY_create_by_txt(ne: PPX509_NAME_ENTRY; const field: PIdAnsiChar; &type: TIdC_INT; const bytes: PByte; len: TIdC_INT): PX509_NAME_ENTRY;
-  function X509_NAME_ENTRY_create_by_NID(ne: PPX509_NAME_ENTRY; nid: TIdC_INT; &type: TIdC_INT; const bytes: PByte; len: TIdC_INT): PX509_NAME_ENTRY;
-  function X509_NAME_add_entry_by_txt(name: PX509_NAME; const field: PIdAnsiChar; &type: TIdC_INT; const bytes: PByte; len: TIdC_INT; loc: TIdC_INT; &set: TIdC_INT): TIdC_INT;
-  function X509_NAME_ENTRY_create_by_OBJ(ne: PPX509_NAME_ENTRY; const obj: PASN1_OBJECT; &type: TIdC_INT; const bytes: PByte; len: TIdC_INT): PX509_NAME_ENTRY;
+  function X509_NAME_add_entry(name: PX509_NAME; const ne: PX509_NAME_ENTRY; loc: TIdC_INT; set_: TIdC_INT): TIdC_INT;
+  function X509_NAME_add_entry_by_OBJ(name: PX509_NAME; const obj: PASN1_OBJECT; type_: TIdC_INT; const bytes: PByte; len: TIdC_INT; loc: TIdC_INT; set_: TIdC_INT): TIdC_INT;
+  function X509_NAME_add_entry_by_NID(name: PX509_NAME; nid: TIdC_INT; type_: TIdC_INT; const bytes: PByte; len: TIdC_INT; loc: TIdC_INT; set_: TIdC_INT): TIdC_INT;
+  function X509_NAME_ENTRY_create_by_txt(ne: PPX509_NAME_ENTRY; const field: PIdAnsiChar; type_: TIdC_INT; const bytes: PByte; len: TIdC_INT): PX509_NAME_ENTRY;
+  function X509_NAME_ENTRY_create_by_NID(ne: PPX509_NAME_ENTRY; nid: TIdC_INT; type_: TIdC_INT; const bytes: PByte; len: TIdC_INT): PX509_NAME_ENTRY;
+  function X509_NAME_add_entry_by_txt(name: PX509_NAME; const field: PIdAnsiChar; type_: TIdC_INT; const bytes: PByte; len: TIdC_INT; loc: TIdC_INT; set_: TIdC_INT): TIdC_INT;
+  function X509_NAME_ENTRY_create_by_OBJ(ne: PPX509_NAME_ENTRY; const obj: PASN1_OBJECT; type_: TIdC_INT; const bytes: PByte; len: TIdC_INT): PX509_NAME_ENTRY;
   function X509_NAME_ENTRY_set_object(ne: PX509_NAME_ENTRY; const obj: PASN1_OBJECT): TIdC_INT;
-  function X509_NAME_ENTRY_set_data(ne: PX509_NAME_ENTRY; &type: TIdC_INT; const bytes: PByte; len: TIdC_INT): TIdC_INT;
+  function X509_NAME_ENTRY_set_data(ne: PX509_NAME_ENTRY; type_: TIdC_INT; const bytes: PByte; len: TIdC_INT): TIdC_INT;
   function X509_NAME_ENTRY_get_object(const ne: PX509_NAME_ENTRY): PASN1_OBJECT;
   function X509_NAME_ENTRY_get_data(const ne: PX509_NAME_ENTRY): PASN1_STRING;
   function X509_NAME_ENTRY_set(const ne: PX509_NAME_ENTRY): TIdC_INT;
@@ -897,7 +897,7 @@   SCRYPT_PARAMS_st = record
   //                              const ASN1_OBJECT *obj, TIdC_INT lastpos, TIdC_INT type);
   function X509_ATTRIBUTE_create_by_NID(attr: PPX509_ATTRIBUTE; nid: TIdC_INT; atrtype: TIdC_INT; const data: Pointer; len: TIdC_INT): PX509_ATTRIBUTE;
   function X509_ATTRIBUTE_create_by_OBJ(attr: PPX509_ATTRIBUTE; const obj: PASN1_OBJECT; atrtype: TIdC_INT; const data: Pointer; len: TIdC_INT): PX509_ATTRIBUTE;
-  function X509_ATTRIBUTE_create_by_txt(attr: PPX509_ATTRIBUTE; const atrname: PIdAnsiChar; &type: TIdC_INT; const bytes: PByte; len: TIdC_INT): PX509_ATTRIBUTE;
+  function X509_ATTRIBUTE_create_by_txt(attr: PPX509_ATTRIBUTE; const atrname: PIdAnsiChar; type_: TIdC_INT; const bytes: PByte; len: TIdC_INT): PX509_ATTRIBUTE;
   function X509_ATTRIBUTE_set1_object(attr: PX509_ATTRIBUTE; const obj: PASN1_OBJECT): TIdC_INT;
   function X509_ATTRIBUTE_set1_data(attr: PX509_ATTRIBUTE; attrtype: TIdC_INT; const data: Pointer; len: TIdC_INT): TIdC_INT;
   function X509_ATTRIBUTE_get0_data(attr: PX509_ATTRIBUTE; idx: TIdC_INT; atrtype: TIdC_INT; data: Pointer): Pointer;
@@ -911,9 +911,9 @@   SCRYPT_PARAMS_st = record
   function EVP_PKEY_get_attr(const key: PEVP_PKEY; loc: TIdC_INT): PX509_ATTRIBUTE;
   function EVP_PKEY_delete_attr(key: PEVP_PKEY; loc: TIdC_INT): PX509_ATTRIBUTE;
   function EVP_PKEY_add1_attr(key: PEVP_PKEY; attr: PX509_ATTRIBUTE): TIdC_INT;
-  function EVP_PKEY_add1_attr_by_OBJ(key: PEVP_PKEY; const obj: PASN1_OBJECT; &type: TIdC_INT; const bytes: PByte; len: TIdC_INT): TIdC_INT;
-  function EVP_PKEY_add1_attr_by_NID(key: PEVP_PKEY; nid: TIdC_INT; &type: TIdC_INT; const bytes: PByte; len: TIdC_INT): TIdC_INT;
-  function EVP_PKEY_add1_attr_by_txt(key: PEVP_PKEY; const attrname: PIdAnsiChar; &type: TIdC_INT; const bytes: PByte; len: TIdC_INT): TIdC_INT;
+  function EVP_PKEY_add1_attr_by_OBJ(key: PEVP_PKEY; const obj: PASN1_OBJECT; type_: TIdC_INT; const bytes: PByte; len: TIdC_INT): TIdC_INT;
+  function EVP_PKEY_add1_attr_by_NID(key: PEVP_PKEY; nid: TIdC_INT; type_: TIdC_INT; const bytes: PByte; len: TIdC_INT): TIdC_INT;
+  function EVP_PKEY_add1_attr_by_txt(key: PEVP_PKEY; const attrname: PIdAnsiChar; type_: TIdC_INT; const bytes: PByte; len: TIdC_INT): TIdC_INT;
 
   function X509_verify_cert(ctx: PX509_STORE_CTX): TIdC_INT;
 
@@ -950,7 +950,7 @@   SCRYPT_PARAMS_st = record
 
   //const STACK_OF(X509_ATTRIBUTE) *
   //PKCS8_pkey_get0_attrs(const PKCS8_PRIV_KEY_INFO *p8);
-  function PKCS8_pkey_add1_attr_by_NID(p8: PPKCS8_PRIV_KEY_INFO; nid: TIdC_INT; &type: TIdC_INT; const bytes: PByte; len: TIdC_INT): TIdC_INT;
+  function PKCS8_pkey_add1_attr_by_NID(p8: PPKCS8_PRIV_KEY_INFO; nid: TIdC_INT; type_: TIdC_INT; const bytes: PByte; len: TIdC_INT): TIdC_INT;
 
   function X509_PUBKEY_set0_param(pub: PX509_PUBKEY; aobj: PASN1_OBJECT; ptype: TIdC_INT; pval: Pointer; penc: PByte; penclen: TIdC_INT): TIdC_INT;
   function X509_PUBKEY_get0_param(ppkalg: PPASN1_OBJECT; const pk: PPByte; ppklen: PIdC_INT; pa: PPX509_ALGOR; pub: PX509_PUBKEY): TIdC_INT;
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_x509_vfy.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_x509_vfy.pas
index b35f15a09..ff2a46226 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_x509_vfy.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_x509_vfy.pas
@@ -1,47 +1,47 @@
-{******************************************************************************}
-{                                                                              }
-{            Indy (Internet Direct) - Internet Protocols Simplified            }
-{                                                                              }
-{            https://www.indyproject.org/                                      }
-{            https://gitter.im/IndySockets/Indy                                }
-{                                                                              }
-{******************************************************************************}
-{                                                                              }
-{  This file is part of the Indy (Internet Direct) project, and is offered     }
-{  under the dual-licensing agreement described on the Indy website.           }
-{  (https://www.indyproject.org/license/)                                      }
-{                                                                              }
-{  Copyright:                                                                  }
-{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
-{                                                                              }
-{******************************************************************************}
-{                                                                              }
-{        Originally written by: Fabian S. Biehn                                }
-{                               fbiehn@aagon.com (German & English)            }
-{                                                                              }
-{        Contributers:                                                         }
-{                               Here could be your name                        }
-{                                                                              }
-{******************************************************************************}
-
-unit IdOpenSSLHeaders_x509_vfy;
-
-interface
-
-// Headers for OpenSSL 1.1.1
-// x509_vfy.h
-
-{$i IdCompilerDefines.inc}
-
-{$MINENUMSIZE 4}
-
-uses
-  IdCTypes,
-  IdGlobal,
-  IdOpenSSLConsts,
-  IdOpenSSLHeaders_ossl_typ;
-
-const
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+unit IdOpenSSLHeaders_x509_vfy;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// x509_vfy.h
+
+{$i IdCompilerDefines.inc}
+
+{$MINENUMSIZE 4}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts,
+  IdOpenSSLHeaders_ossl_typ;
+
+const
   X509_L_FILE_LOAD = 1;
   X509_L_ADD_DIR   = 2;
 
@@ -192,9 +192,9 @@ interface
   (* Internal use: mask of policy related options *)
   X509_V_FLAG_POLICY_MASK = X509_V_FLAG_POLICY_CHECK or X509_V_FLAG_EXPLICIT_POLICY
     or X509_V_FLAG_INHIBIT_ANY or X509_V_FLAG_INHIBIT_MAP;
-
+
 
  DANE_FLAG_NO_DANE_EE_NAMECHECKS = TIdC_Long(1) shl 0;
-
+
   (* Non positive return values are errors *)
   X509_PCY_TREE_FAILURE  = -2; (* Failure to satisfy explicit policy *)
   X509_PCY_TREE_INVALID  = -1; (* Inconsistent or invalid extensions *)
@@ -208,8 +208,8 @@ interface
   X509_PCY_TREE_EMPTY    = 2; (* The policy tree is empty *)
   X509_PCY_TREE_EXPLICIT = 4; (* Explicit policy required *)
 
-type
-  (*-
+type
+  (*-
   SSL_CTX -> X509_STORE
                   -> X509_LOOKUP
                           ->X509_LOOKUP_METHOD
@@ -223,8 +223,8 @@ interface
   A X509_STORE_CTX is used while validating a single certificate.
   The X509_STORE has X509_LOOKUPs for looking up certs.
   The X509_STORE then calls a function to actually verify the
-  certificate chain.
-  *)
+  certificate chain.
+  *)
 
   X509_LOOKUP_TYPE = (
     X509_LU_NONE = 0,
@@ -250,12 +250,12 @@ interface
   X509_LOOKUP_ctrl_fn = function(ctx: PX509_LOOKUP; cmd: TIdC_INT;
     const argc: PIdAnsiChar; argl: TIdC_LONG; ret: PPIdAnsiChar): TIdC_INT;
   X509_LOOKUP_get_by_subject_fn = function(ctx: PX509_LOOKUP;
-    &type: X509_LOOKUP_TYPE; name: PX509_NAME; ret: PX509_OBJECT): TIdC_INT;
+    type_: X509_LOOKUP_TYPE; name: PX509_NAME; ret: PX509_OBJECT): TIdC_INT;
   X509_LOOKUP_get_by_issuer_serial_fn = function(ctx: PX509_LOOKUP;
-    &type: X509_LOOKUP_TYPE; name: PX509_NAME; serial: PASN1_INTEGER; ret: PX509_OBJECT): TIdC_INT;
-  X509_LOOKUP_get_by_fingerprint_fn = function(ctx: PX509_LOOKUP; &type: X509_LOOKUP_TYPE;
+    type_: X509_LOOKUP_TYPE; name: PX509_NAME; serial: PASN1_INTEGER; ret: PX509_OBJECT): TIdC_INT;
+  X509_LOOKUP_get_by_fingerprint_fn = function(ctx: PX509_LOOKUP; type_: X509_LOOKUP_TYPE;
     const bytes: PByte; len: TIdC_INT; ret: PX509_OBJECT): TIdC_INT;
-  X509_LOOKUP_get_by_alias_fn = function(ctx: PX509_LOOKUP; &type: X509_LOOKUP_TYPE;
+  X509_LOOKUP_get_by_alias_fn = function(ctx: PX509_LOOKUP; type_: X509_LOOKUP_TYPE;
     const str: PIdAnsiChar; len: TIdC_INT; ret: PX509_OBJECT): TIdC_INT;
 
 var
@@ -417,28 +417,28 @@ interface
   function X509_STORE_add_cert(ctx: PX509_STORE; x: PX509): TIdC_INT;
   function X509_STORE_add_crl(ctx: PX509_STORE; x: PX509_CRL): TIdC_INT;
 
-  function X509_STORE_CTX_get_by_subject(vs: PX509_STORE_CTX; &type: X509_LOOKUP_TYPE; name: PX509_NAME; ret: PX509_OBJECT): TIdC_INT;
-  function X509_STORE_CTX_get_obj_by_subject(vs: PX509_STORE_CTX; &type: X509_LOOKUP_TYPE; name: PX509_NAME): PX509_OBJECT;
+  function X509_STORE_CTX_get_by_subject(vs: PX509_STORE_CTX; type_: X509_LOOKUP_TYPE; name: PX509_NAME; ret: PX509_OBJECT): TIdC_INT;
+  function X509_STORE_CTX_get_obj_by_subject(vs: PX509_STORE_CTX; type_: X509_LOOKUP_TYPE; name: PX509_NAME): PX509_OBJECT;
 
   function X509_LOOKUP_ctrl(ctx: PX509_LOOKUP; cmd: TIdC_INT; const argc: PIdAnsiChar; argl: TIdC_LONG; ret: PPIdAnsiChar): TIdC_INT;
 
-  function X509_load_cert_file(ctx: PX509_LOOKUP; const &file: PIdAnsiChar; &type: TIdC_INT): TIdC_INT;
-  function X509_load_crl_file(ctx: PX509_LOOKUP; const &file: PIdAnsiChar; &type: TIdC_INT): TIdC_INT;
-  function X509_load_cert_crl_file(ctx: PX509_LOOKUP; const &file: PIdAnsiChar; &type: TIdC_INT): TIdC_INT;
+  function X509_load_cert_file(ctx: PX509_LOOKUP; const file_: PIdAnsiChar; type_: TIdC_INT): TIdC_INT;
+  function X509_load_crl_file(ctx: PX509_LOOKUP; const file_: PIdAnsiChar; type_: TIdC_INT): TIdC_INT;
+  function X509_load_cert_crl_file(ctx: PX509_LOOKUP; const file_: PIdAnsiChar; type_: TIdC_INT): TIdC_INT;
 
   function X509_LOOKUP_new(method: PX509_LOOKUP_METHOD): PX509_LOOKUP;
   procedure X509_LOOKUP_free(ctx: PX509_LOOKUP);
   function X509_LOOKUP_init(ctx: PX509_LOOKUP): TIdC_INT;
-  function X509_LOOKUP_by_subject(ctx: PX509_LOOKUP; &type: X509_LOOKUP_TYPE; name: PX509_NAME; ret: PX509_OBJECT): TIdC_INT;
-  function X509_LOOKUP_by_issuer_serial(ctx: PX509_LOOKUP; &type: X509_LOOKUP_TYPE; name: PX509_NAME; serial: PASN1_INTEGER; ret: PX509_OBJECT): TIdC_INT;
-  function X509_LOOKUP_by_fingerprint(ctx: PX509_LOOKUP; &type: X509_LOOKUP_TYPE; const bytes: PByte; len: TIdC_INT; ret: PX509_OBJECT): TIdC_INT;
-  function X509_LOOKUP_by_alias(ctx: PX509_LOOKUP; &type: X509_LOOKUP_TYPE; const str: PIdAnsiChar; len: TIdC_INT; ret: PX509_OBJECT): TIdC_INT;
+  function X509_LOOKUP_by_subject(ctx: PX509_LOOKUP; type_: X509_LOOKUP_TYPE; name: PX509_NAME; ret: PX509_OBJECT): TIdC_INT;
+  function X509_LOOKUP_by_issuer_serial(ctx: PX509_LOOKUP; type_: X509_LOOKUP_TYPE; name: PX509_NAME; serial: PASN1_INTEGER; ret: PX509_OBJECT): TIdC_INT;
+  function X509_LOOKUP_by_fingerprint(ctx: PX509_LOOKUP; type_: X509_LOOKUP_TYPE; const bytes: PByte; len: TIdC_INT; ret: PX509_OBJECT): TIdC_INT;
+  function X509_LOOKUP_by_alias(ctx: PX509_LOOKUP; type_: X509_LOOKUP_TYPE; const str: PIdAnsiChar; len: TIdC_INT; ret: PX509_OBJECT): TIdC_INT;
   function X509_LOOKUP_set_method_data(ctx: PX509_LOOKUP; data: Pointer): TIdC_INT;
   function X509_LOOKUP_get_method_data(const ctx: PX509_LOOKUP): Pointer;
   function X509_LOOKUP_get_store(const ctx: PX509_LOOKUP): PX509_STORE;
   function X509_LOOKUP_shutdown(ctx: PX509_LOOKUP): TIdC_INT;
 
-  function X509_STORE_load_locations(ctx: PX509_STORE; const &file: PIdAnsiChar; const dir: PIdAnsiChar): TIdC_INT;
+  function X509_STORE_load_locations(ctx: PX509_STORE; const file_: PIdAnsiChar; const dir: PIdAnsiChar): TIdC_INT;
   function X509_STORE_set_default_paths(ctx: PX509_STORE): TIdC_INT;
 
   //#define X509_STORE_CTX_get_ex_new_index(l, p, newf, dupf, freef) \
@@ -549,7 +549,7 @@ interface
   //                                                           X509_POLICY_NODE
   //                                                           *node);
   function X509_policy_node_get0_parent(const node: PX509_POLICY_NODE): PX509_POLICY_NODE;
-
-implementation
-
-end.
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_x509v3.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_x509v3.pas
index 575b57e93..dc4037033 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_x509v3.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_x509v3.pas
@@ -40,8 +40,7 @@ interface
   IdOpenSSLHeaders_ossl_typ,
   IdOpenSSLHeaders_asn1,
   IdOpenSSLHeaders_asn1t,
-  IdOpenSSLHeaders_x509,
-  System.Types;
+  IdOpenSSLHeaders_x509;
 
 const
   (* ext_flags values *)
@@ -256,7 +255,7 @@ interface
 //                                  STACK_OF(CONF_VALUE) *values);
   //X509V3_EXT_I2S = function(method: Pv3_ext_method; ext: Pointer): PIdAnsiChar; cdecl;
   //X509V3_EXT_S2I = function(method: Pv3_ext_method; ctx: Pv3_ext_ctx; const str: PIdAnsiChar): Pointer; cdecl;
-  //X509V3_EXT_I2R = function(const method: Pv3_ext_method; ext: Pointer; &out: PBIO; indent: TIdC_INT): TIdC_INT; cdecl;
+  //X509V3_EXT_I2R = function(const method: Pv3_ext_method; ext: Pointer; out_: PBIO; indent: TIdC_INT): TIdC_INT; cdecl;
   //X509V3_EXT_R2I = function(const method: Pv3_ext_method; ctx: Pv3_ext_ctx; const str: PIdAnsiChar): Pointer; cdecl;
 
 //  (* V3 extension structure *)
@@ -336,7 +335,7 @@   EDIPartyName_st  = record
   PEDIPARTYNAME = ^EDIPARTYNAME;
 
   GENERAL_NAME_st_union = record
-    case DWORD of
+    case TIdC_INT of
       0: (ptr: PIdAnsiChar);
       1: (otherName: POTHERNAME);   (* otherName *)
       2: (rfc822Name: PASN1_IA5STRING);
@@ -356,7 +355,7 @@   GENERAL_NAME_st_union = record
       14: (other: PASN1_TYPE);       (* x400Address *)
   end;
   GENERAL_NAME_st = record
-    &type: TIdC_INT;
+    type_: TIdC_INT;
     d: GENERAL_NAME_st_union;
   end;
   GENERAL_NAME = GENERAL_NAME_st;
@@ -381,12 +380,12 @@   ACCESS_DESCRIPTION_st = record
 
 //  DEFINE_STACK_OF(ACCESS_DESCRIPTION)
 //  DIST_POINT_NAME_st_union = record
-//    case DWord of
+//    case TIdC_INT of
 //      0: (GENERAL_NAMES *fullname);
 //      1: (STACK_OF(X509_NAME_ENTRY) *relativename);
 //  end;
   DIST_POINT_NAME_st = record
-    &type: TIdC_INT;
+    type_: TIdC_INT;
     (* If relativename then this contains the full distribution point name *)
     dpname: PX509_NAME;
   end;
@@ -443,7 +442,7 @@ //  USERNOTICE_st = record
 //  PUSERNOTICE = ^USERNOTICE;
 
 //  POLICYQUALINFO_st_union = record
-//    case DWord of
+//    case TIdC_INT of
 //      0: (cpsuri: PASN1_IA5STRING);
 //      1: (usernotice: PUSERNOTICE);
 //      2: (other: PASN1_TYPE);
@@ -569,8 +568,8 @@   ASRange_st = record
   PASRange = ^ASRange;
 
   ASIdOrRange_st = record
-    &type: TIdC_INT;
-    case u: DWord of
+    type_: TIdC_INT;
+    case u: TIdC_INT of
       0: (id: PASN1_INTEGER);
       1: (range: PASRange);
   end;
@@ -580,8 +579,8 @@   ASIdOrRange_st = record
 //  DEFINE_STACK_OF(ASIdOrRange)
 
 //  ASIdentifierChoice_st = record
-//    &type: TIdC_INT;
-//    case u: DWORD of
+//    type_: TIdC_INT;
+//    case u: TIdC_INT of
 //      0: (inherit: PASN1_NULL);
 //      1: (asIdsOrRanges: PASIdOrRanges);
 //  end;
@@ -606,8 +605,8 @@   IPAddressRange_st = record
   PIPAddressRange = ^IPAddressRange;
 
   IPAddressOrRange_st = record
-    &type: TIdC_INT;
-    case u: DWORD of
+    type_: TIdC_INT;
+    case u: TIdC_INT of
       0: (addressPrefix: PASN1_BIT_STRING);
       1: (addressRange: PIPAddressRange);
   end;
@@ -618,8 +617,8 @@   IPAddressOrRange_st = record
 //  DEFINE_STACK_OF(IPAddressOrRange)
 
 //  IPAddressChoice_st = record
-//    &type: TIdC_INT;
-//    case u: DWORD of
+//    type_: TIdC_INT;
+//    case u: TIdC_INT of
 //      0: (inherit: PASN1_NULL);
 //      1: (addressesOrRanges: PIPAddressOrRanges);
 //  end;
@@ -697,7 +696,7 @@ //  IPAddressFamily_st = record
 //  DECLARE_ASN1_FUNCTIONS(OTHERNAME)
 //  DECLARE_ASN1_FUNCTIONS(EDIPARTYNAME)
   function OTHERNAME_cmp(a: POTHERNAME; b: POTHERNAME): TIdC_INT;
-  procedure GENERAL_NAME_set0_value(a: PGENERAL_NAME; &type: TIdC_INT; value: Pointer);
+  procedure GENERAL_NAME_set0_value(a: PGENERAL_NAME; type_: TIdC_INT; value: Pointer);
   function GENERAL_NAME_get0_value(const a: PGENERAL_NAME; ptype: PIdC_INT): Pointer;
   function GENERAL_NAME_set0_othername(gen: PGENERAL_NAME; oid: PASN1_OBJECT; value: PASN1_TYPE): TIdC_INT;
   function GENERAL_NAME_get0_otherName(const gen: PGENERAL_NAME; poid: PPASN1_OBJECT; pvalue: PPASN1_TYPE): TIdC_INT;
@@ -901,9 +900,9 @@ //  IPAddressFamily_st = record
   procedure NAMING_AUTHORITY_set0_authorityURL(n: PNAMING_AUTHORITY; namingAuthorityUrl: PASN1_IA5STRING);
   procedure NAMING_AUTHORITY_set0_authorityText(n: PNAMING_AUTHORITY; namingAuthorityText: PASN1_STRING);
 
-  function ADMISSION_SYNTAX_get0_admissionAuthority(const &as: ADMISSION_SYNTAX): PGENERAL_NAME;
+  function ADMISSION_SYNTAX_get0_admissionAuthority(const as_: ADMISSION_SYNTAX): PGENERAL_NAME;
   procedure ADMISSION_SYNTAX_set0_admissionAuthority(&as: ADMISSION_SYNTAX; aa: PGENERAL_NAME);
-//  const STACK_OF(ADMISSIONS) *ADMISSION_SYNTAX_get0_contentsOfAdmissions(const &as: ADMISSION_SYNTAX);
+//  const STACK_OF(ADMISSIONS) *ADMISSION_SYNTAX_get0_contentsOfAdmissions(const as_: ADMISSION_SYNTAX);
 //  void ADMISSION_SYNTAX_set0_contentsOfAdmissions(&as: ADMISSION_SYNTAX; STACK_OF(ADMISSIONS) *a);
   function ADMISSIONS_get0_admissionAuthority(const a: PADMISSIONS): PGENERAL_NAME;
   procedure ADMISSIONS_set0_admissionAuthority(a: PADMISSIONS; aa: PGENERAL_NAME);
@@ -922,6 +921,7 @@ //  IPAddressFamily_st = record
   function PROFESSION_INFO_get0_registrationNumber(const pi: PPROFESSION_INFO): PASN1_PRINTABLESTRING;
   procedure PROFESSION_INFO_set0_registrationNumber(pi: PPROFESSION_INFO; rn: PASN1_PRINTABLESTRING);
 
-
implementation
+
+implementation
 
 end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_aes.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_aes.pas
index bcb8207f1..144504709 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_aes.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_aes.pas
@@ -1,4 +1,4 @@
-{******************************************************************************}
+{******************************************************************************}
 {                                                                              }
 {            Indy (Internet Direct) - Internet Protocols Simplified            }
 {                                                                              }
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 15:01:04
+// Generation date: 28.10.2020 15:24:13
 
 unit IdOpenSSLHeaders_aes;
 
@@ -66,10 +66,8 @@   aes_key_st = record
   AES_KEY = aes_key_st;
   PAES_KEY = ^AES_KEY;
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 procedure UnLoad;
-{$ENDREGION}
 
 var
   AES_options: function: PIdAnsiChar cdecl = nil;
@@ -77,26 +75,25 @@ procedure UnLoad;
   AES_set_encrypt_key: function(const userKey: PByte; const bits: TIdC_INT; const key: PAES_KEY): TIdC_INT cdecl = nil;
   AES_set_decrypt_key: function(const userKey: PByte; const bits: TIdC_INT; const key: PAES_KEY): TIdC_INT cdecl = nil;
 
-  AES_encrypt: procedure(const &in: PByte; &out: PByte; const key: PAES_KEY) cdecl = nil;
-  AES_decrypt: procedure(const &in: PByte; &out: PByte; const key: PAES_KEY) cdecl = nil;
+  AES_encrypt: procedure(const in_: PByte; out_: PByte; const key: PAES_KEY) cdecl = nil;
+  AES_decrypt: procedure(const in_: PByte; out_: PByte; const key: PAES_KEY) cdecl = nil;
 
-  AES_ecb_encrypt: procedure(const &in: PByte; &out: PByte; const key: PAES_KEY; const enc: TIdC_INT) cdecl = nil;
-  AES_cbc_encrypt: procedure(const &in: PByte; &out: PByte; length: TIdC_SIZET; const key: PAES_KEY; ivec: PByte; const enc: TIdC_INT) cdecl = nil;
-  AES_cfb128_encrypt: procedure(const &in: PByte; &out: PByte; length: TIdC_SIZET; const key: PAES_KEY; ivec: PByte; num: PIdC_INT; const enc: TIdC_INT) cdecl = nil;
-  AES_cfb1_encrypt: procedure(const &in: PByte; &out: PByte; length: TIdC_SIZET; const key: PAES_KEY; ivec: PByte; num: PIdC_INT; const enc: TIdC_INT) cdecl = nil;
-  AES_cfb8_encrypt: procedure(const &in: PByte; &out: PByte; length: TIdC_SIZET; const key: PAES_KEY; ivec: PByte; num: PIdC_INT; const enc: TIdC_INT) cdecl = nil;
-  AES_ofb128_encrypt: procedure(const &in: PByte; &out: PByte; length: TIdC_SIZET; const key: PAES_KEY; ivec: PByte; num: PIdC_INT) cdecl = nil;
+  AES_ecb_encrypt: procedure(const in_: PByte; out_: PByte; const key: PAES_KEY; const enc: TIdC_INT) cdecl = nil;
+  AES_cbc_encrypt: procedure(const in_: PByte; out_: PByte; length: TIdC_SIZET; const key: PAES_KEY; ivec: PByte; const enc: TIdC_INT) cdecl = nil;
+  AES_cfb128_encrypt: procedure(const in_: PByte; out_: PByte; length: TIdC_SIZET; const key: PAES_KEY; ivec: PByte; num: PIdC_INT; const enc: TIdC_INT) cdecl = nil;
+  AES_cfb1_encrypt: procedure(const in_: PByte; out_: PByte; length: TIdC_SIZET; const key: PAES_KEY; ivec: PByte; num: PIdC_INT; const enc: TIdC_INT) cdecl = nil;
+  AES_cfb8_encrypt: procedure(const in_: PByte; out_: PByte; length: TIdC_SIZET; const key: PAES_KEY; ivec: PByte; num: PIdC_INT; const enc: TIdC_INT) cdecl = nil;
+  AES_ofb128_encrypt: procedure(const in_: PByte; out_: PByte; length: TIdC_SIZET; const key: PAES_KEY; ivec: PByte; num: PIdC_INT) cdecl = nil;
   (* NB: the IV is _two_ blocks long *)
-  AES_ige_encrypt: procedure(const &in: PByte; &out: PByte; length: TIdC_SIZET; const key: PAES_KEY; ivec: PByte; const enc: TIdC_INT) cdecl = nil;
+  AES_ige_encrypt: procedure(const in_: PByte; out_: PByte; length: TIdC_SIZET; const key: PAES_KEY; ivec: PByte; const enc: TIdC_INT) cdecl = nil;
   (* NB: the IV is _four_ blocks long *)
-  AES_bi_ige_encrypt: procedure(const &in: PByte; &out: PByte; length: TIdC_SIZET; const key: PAES_KEY; const key2: PAES_KEY; ivec: PByte; const enc: TIdC_INT) cdecl = nil;
+  AES_bi_ige_encrypt: procedure(const in_: PByte; out_: PByte; length: TIdC_SIZET; const key: PAES_KEY; const key2: PAES_KEY; ivec: PByte; const enc: TIdC_INT) cdecl = nil;
 
-  AES_wrap_key: function(key: PAES_KEY; const iv: PByte; &out: PByte; const &in: PByte; inlen: TIdC_UINT): TIdC_INT cdecl = nil;
-  AES_unwrap_key: function(key: PAES_KEY; const iv: PByte; &out: PByte; const &in: PByte; inlen: TIdC_UINT): TIdC_INT cdecl = nil;
+  AES_wrap_key: function(key: PAES_KEY; const iv: PByte; out_: PByte; const in_: PByte; inlen: TIdC_UINT): TIdC_INT cdecl = nil;
+  AES_unwrap_key: function(key: PAES_KEY; const iv: PByte; out_: PByte; const in_: PByte; inlen: TIdC_UINT): TIdC_INT cdecl = nil;
 
 implementation
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 
   function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
@@ -142,6 +139,5 @@ procedure UnLoad;
   AES_wrap_key := nil;
   AES_unwrap_key := nil;
 end;
-{$ENDREGION}
 
 end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_asn1.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_asn1.pas
index b63c916d6..6d5a93c8b 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_asn1.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_asn1.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 15:01:04
+// Generation date: 28.10.2020 15:24:13
 
 unit IdOpenSSLHeaders_asn1;
 
@@ -263,7 +263,7 @@ interface
 ///(* This is the base type that holds just about everything :-) *)
 //  asn1_string_st = record
 //    length: TIdC_int;
-//    &type: TIdC_int;
+//    type_: TIdC_int;
 //    data: PByte;
 //    (*
 //     * The value of the following field depends on the type being held.  It
@@ -466,16 +466,14 @@   BIT_STRING_BITNAME_st = record
   BIT_STRING_BITNAME = BIT_STRING_BITNAME_st;
   PBIT_STRING_BITNAME = ^BIT_STRING_BITNAME;
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 procedure UnLoad;
-{$ENDREGION}
 
 var
 // DECLARE_ASN1_FUNCTIONS_fname(ASN1_TYPE, ASN1_ANY, ASN1_TYPE)
   ASN1_TYPE_get: function(const a: PASN1_TYPE): TIdC_INT cdecl = nil;
-  ASN1_TYPE_set: procedure(a: PASN1_TYPE; &type: TIdC_INT; value: Pointer) cdecl = nil;
-  ASN1_TYPE_set1: function(a: PASN1_TYPE; &type: TIdC_INT; const value: Pointer): TIdC_INT cdecl = nil;
+  ASN1_TYPE_set: procedure(a: PASN1_TYPE; type_: TIdC_INT; value: Pointer) cdecl = nil;
+  ASN1_TYPE_set1: function(a: PASN1_TYPE; type_: TIdC_INT; const value: Pointer): TIdC_INT cdecl = nil;
   ASN1_TYPE_cmp: function(const a: PASN1_TYPE; const b: PASN1_TYPE): TIdC_INT cdecl = nil;
 
   ASN1_TYPE_pack_sequence: function(const it: PASN1_ITEM; s: Pointer; t: PPASN1_TYPE): PASN1_TYPE cdecl = nil;
@@ -537,7 +535,7 @@ procedure UnLoad;
   ASN1_GENERALIZEDTIME_adj: function(s: PASN1_GENERALIZEDTIME; t: TIdC_TIMET; offset_day: TIdC_INT; offset_sec: TIdC_LONG): PASN1_GENERALIZEDTIME cdecl = nil;
   ASN1_GENERALIZEDTIME_set_string: function(s: pASN1_GENERALIZEDTIME; const str: PAnsiChar): TIdC_INT cdecl = nil;
 
-  ASN1_TIME_diff: function(pday: PIdC_INT; psec: PIdC_INT; const from: PASN1_TIME; const &to: PASN1_TIME): TIdC_INT cdecl = nil;
+  ASN1_TIME_diff: function(pday: PIdC_INT; psec: PIdC_INT; const from: PASN1_TIME; const to_: PASN1_TIME): TIdC_INT cdecl = nil;
 
   // DECLARE_ASN1_FUNCTIONS(ASN1_OCTET_STRING)
   ASN1_OCTET_STRING_dup: function(const a: PASN1_OCTET_STRING): PASN1_OCTET_STRING cdecl = nil;
@@ -570,7 +568,7 @@ procedure UnLoad;
   ASN1_TIME_set: function(s: PASN1_TIME; t: TIdC_TIMET): PASN1_TIME cdecl = nil;
   ASN1_TIME_adj: function(s: PASN1_TIME; t: TIdC_TIMET; offset_day: TIdC_INT; offset_sec: TIdC_LONG): PASN1_TIME cdecl = nil;
   ASN1_TIME_check: function(const t: PASN1_TIME): TIdC_INT cdecl = nil;
-  ASN1_TIME_to_generalizedtime: function(const t: PASN1_TIME; &out: PPASN1_GENERALIZEDTIME): PASN1_GENERALIZEDTIME cdecl = nil;
+  ASN1_TIME_to_generalizedtime: function(const t: PASN1_TIME; out_: PPASN1_GENERALIZEDTIME): PASN1_GENERALIZEDTIME cdecl = nil;
   ASN1_TIME_set_string: function(s: PASN1_TIME; const str: PIdAnsiChar): TIdC_INT cdecl = nil;
   ASN1_TIME_set_string_X509: function(s: PASN1_TIME; const str: PIdAnsiChar): TIdC_INT cdecl = nil;
   ASN1_TIME_to_tm: function(const s: PASN1_TIME; tm: PIdC_TM): TIdC_INT cdecl = nil;
@@ -584,7 +582,7 @@ procedure UnLoad;
   a2i_ASN1_ENUMERATED: function(bp: PBIO; bs: PASN1_ENUMERATED; buf: PIdAnsiChar; size: TIdC_INT): TIdC_INT cdecl = nil;
   i2a_ASN1_OBJECT: function(bp: PBIO; const a: PASN1_OBJECT): TIdC_INT cdecl = nil;
   a2i_ASN1_STRING: function(bp: PBIO; bs: PASN1_STRING; buf: PAnsiChar; size: TIdC_INT): TIdC_INT cdecl = nil;
-  i2a_ASN1_STRING: function(bp: PBIO; const a: PASN1_STRING; &type: TIdC_INT): TIdC_INT cdecl = nil;
+  i2a_ASN1_STRING: function(bp: PBIO; const a: PASN1_STRING; type_: TIdC_INT): TIdC_INT cdecl = nil;
   i2t_ASN1_OBJECT: function(buf: PAnsiChar; buf_len: TIdC_INT; const a: PASN1_OBJECT): TIdC_INT cdecl = nil;
 
   a2d_ASN1_OBJECT: function(&out: PByte; olen: TIdC_INT; const buf: PIdAnsiChar; num: TIdC_INT): TIdC_INT cdecl = nil;
@@ -653,8 +651,8 @@ procedure UnLoad;
   //                        in, \
   //                        CHECKED_PPTR_OF(type, x)))
   //
-  //function ASN1_item_d2i_fp(const it: PASN1_ITEM; &in: PFILE; x: Pointer): Pointer;
-  //function ASN1_i2d_fp(i2d: Pi2d_of_void; &out: PFILE; x: Pointer): TIdC_INT;
+  //function ASN1_item_d2i_fp(const it: PASN1_ITEM; in_: PFILE; x: Pointer): Pointer;
+  //function ASN1_i2d_fp(i2d: Pi2d_of_void; out_: PFILE; x: Pointer): TIdC_INT;
   //
   //#  define ASN1_i2d_fp_of(type,i2d,out,x) \
   //    (ASN1_i2d_fp(CHECKED_I2D_OF(type, i2d), \
@@ -666,11 +664,11 @@ procedure UnLoad;
   //                 out, \
   //                 CHECKED_PTR_OF(const type, x)))
   //
-  //function ASN1_item_i2d_fp(const it: PASN1_ITEM; &out: PFILE; x: Pointer): TIdC_INT;
+  //function ASN1_item_i2d_fp(const it: PASN1_ITEM; out_: PFILE; x: Pointer): TIdC_INT;
   //function ASN1_STRING_print_ex_fp(&fp: PFILE; const str: PASN1_STRING; flags: TIdC_ULONG): TIdC_INT;
   //# endif
 
-  ASN1_STRING_to_UTF8: function(&out: PPByte; const &in: PASN1_STRING): TIdC_INT cdecl = nil;
+  ASN1_STRING_to_UTF8: function(&out: PPByte; const in_: PASN1_STRING): TIdC_INT cdecl = nil;
 
   //void *ASN1_d2i_bio(void *(*xnew) (void), d2i_of_void *d2i, BIO *in, void **x);
 
@@ -680,8 +678,8 @@ procedure UnLoad;
   //                          in, \
   //                          CHECKED_PPTR_OF(type, x)))
 
-  ASN1_item_d2i_bio: function(const it: PASN1_ITEM; &in: PBIO; x: Pointer): Pointer cdecl = nil;
-  ASN1_i2d_bio: function(i2d: Pi2d_of_void; &out: PBIO; x: PByte): TIdC_INT cdecl = nil;
+  ASN1_item_d2i_bio: function(const it: PASN1_ITEM; in_: PBIO; x: Pointer): Pointer cdecl = nil;
+  ASN1_i2d_bio: function(i2d: Pi2d_of_void; out_: PBIO; x: PByte): TIdC_INT cdecl = nil;
 
   //#  define ASN1_i2d_bio_of(type,i2d,out,x) \
   //    (ASN1_i2d_bio(CHECKED_I2D_OF(type, i2d), \
@@ -693,7 +691,7 @@ procedure UnLoad;
   //                  out, \
   //                  CHECKED_PTR_OF(const type, x)))
 
-  ASN1_item_i2d_bio: function(const it: PASN1_ITEM; &out: PBIO; x: Pointer): TIdC_INT cdecl = nil;
+  ASN1_item_i2d_bio: function(const it: PASN1_ITEM; out_: PBIO; x: Pointer): TIdC_INT cdecl = nil;
   ASN1_UTCTIME_print: function(fp: PBIO; const a: PASN1_UTCTIME): TIdC_INT cdecl = nil;
   ASN1_GENERALIZEDTIME_print: function(fp: PBIO; const a: PASN1_GENERALIZEDTIME): TIdC_INT cdecl = nil;
   ASN1_TIME_print: function(fp: PBIO; const a: PASN1_TIME): TIdC_INT cdecl = nil;
@@ -721,10 +719,10 @@ procedure UnLoad;
   ASN1_STRING_set_default_mask: procedure(mask: TIdC_ULONG) cdecl = nil;
   ASN1_STRING_set_default_mask_asc: function(const p: PAnsiChar): TIdC_INT cdecl = nil;
   ASN1_STRING_get_default_mask: function: TIdC_ULONG cdecl = nil;
-  ASN1_mbstring_copy: function(&out: PPASN1_STRING; const &in: PByte; len: TIdC_INT; inform: TIdC_INT; mask: TIdC_ULONG): TIdC_INT cdecl = nil;
-  ASN1_mbstring_ncopy: function(&out: PPASN1_STRING; const &in: PByte; len: TIdC_INT; inform: TIdC_INT; mask: TIdC_ULONG; minsize: TIdC_LONG; maxsize: TIdC_LONG): TIdC_INT cdecl = nil;
+  ASN1_mbstring_copy: function(&out: PPASN1_STRING; const in_: PByte; len: TIdC_INT; inform: TIdC_INT; mask: TIdC_ULONG): TIdC_INT cdecl = nil;
+  ASN1_mbstring_ncopy: function(&out: PPASN1_STRING; const in_: PByte; len: TIdC_INT; inform: TIdC_INT; mask: TIdC_ULONG; minsize: TIdC_LONG; maxsize: TIdC_LONG): TIdC_INT cdecl = nil;
 
-  ASN1_STRING_set_by_NID: function(&out: PPASN1_STRING; const &in: PByte; inlen: TIdC_INT; inform: TIdC_INT; nid: TIdC_INT): PASN1_STRING cdecl = nil;
+  ASN1_STRING_set_by_NID: function(&out: PPASN1_STRING; const in_: PByte; inlen: TIdC_INT; inform: TIdC_INT; nid: TIdC_INT): PASN1_STRING cdecl = nil;
   ASN1_STRING_TABLE_get: function(nid: TIdC_INT): PASN1_STRING_TABLE cdecl = nil;
   ASN1_STRING_TABLE_add: function(v1: TIdC_INT; v2: TIdC_LONG; v3: TIdC_LONG; v4: TIdC_ULONG; v5: TIdC_ULONG): TIdC_INT cdecl = nil;
   ASN1_STRING_TABLE_cleanup: procedure cdecl = nil;
@@ -734,9 +732,9 @@ procedure UnLoad;
   (* Old API compatible functions *)
   ASN1_item_new: function(const it: PASN1_ITEM): PASN1_VALUE cdecl = nil;
   ASN1_item_free: procedure(val: PASN1_VALUE; const it: PASN1_ITEM) cdecl = nil;
-  ASN1_item_d2i: function(val: PPASN1_VALUE; const &in: PPByte; len: TIdC_LONG; const it: PASN1_ITEM): PASN1_VALUE cdecl = nil;
-  ASN1_item_i2d: function(val: PASN1_VALUE; &out: PPByte; const it: PASN1_ITEM): TIdC_INT cdecl = nil;
-  ASN1_item_ndef_i2d: function(val: PASN1_VALUE; &out: PPByte; const it: PASN1_ITEM): TIdC_INT cdecl = nil;
+  ASN1_item_d2i: function(val: PPASN1_VALUE; const in_: PPByte; len: TIdC_LONG; const it: PASN1_ITEM): PASN1_VALUE cdecl = nil;
+  ASN1_item_i2d: function(val: PASN1_VALUE; out_: PPByte; const it: PASN1_ITEM): TIdC_INT cdecl = nil;
+  ASN1_item_ndef_i2d: function(val: PASN1_VALUE; out_: PPByte; const it: PASN1_ITEM): TIdC_INT cdecl = nil;
 
   ASN1_add_oid_module: procedure cdecl = nil;
   ASN1_add_stable_module: procedure cdecl = nil;
@@ -771,21 +769,20 @@ procedure UnLoad;
 
   BIO_new_NDEF: function(&out: PBIO; val: PASN1_VALUE; const it: PASN1_ITEM): PBIO cdecl = nil;
 
-  i2d_ASN1_bio_stream: function(&out: PBIO; val: PASN1_VALUE; &in: PBIO; flags: TIdC_INT; const it: PASN1_ITEM): TIdC_INT cdecl = nil;
-  PEM_write_bio_ASN1_stream: function(&out: PBIO; val: PASN1_VALUE; &in: PBIO; flags: TIdC_INT; const hdr: PAnsiChar; const it: PASN1_ITEM): TIdC_INT cdecl = nil;
+  i2d_ASN1_bio_stream: function(&out: PBIO; val: PASN1_VALUE; in_: PBIO; flags: TIdC_INT; const it: PASN1_ITEM): TIdC_INT cdecl = nil;
+  PEM_write_bio_ASN1_stream: function(&out: PBIO; val: PASN1_VALUE; in_: PBIO; flags: TIdC_INT; const hdr: PAnsiChar; const it: PASN1_ITEM): TIdC_INT cdecl = nil;
   //function SMIME_write_ASN1(bio: PBIO; val: PASN1_VALUE; data: PBIO; flags: TIdC_INT;
   //                     ctype_nid: TIdC_INT; econt_nid: TIdC_INT;
   //                     STACK_OF(X509_ALGOR) *mdalgs, const ASN1_ITEM *it): TIdC_INT;
   SMIME_read_ASN1: function(bio: PBIO; bcont: PPBIO; const it: PASN1_ITEM): PASN1_VALUE cdecl = nil;
-  SMIME_crlf_copy: function(&in: PBIO; &out: PBIO; flags: TIdC_INT): TIdC_INT cdecl = nil;
-  SMIME_text: function(&in: PBIO; &out: PBIO): TIdC_INT cdecl = nil;
+  SMIME_crlf_copy: function(&in: PBIO; out_: PBIO; flags: TIdC_INT): TIdC_INT cdecl = nil;
+  SMIME_text: function(&in: PBIO; out_: PBIO): TIdC_INT cdecl = nil;
 
   ASN1_ITEM_lookup: function(const name: PIdAnsiChar): PASN1_ITEM cdecl = nil;
   ASN1_ITEM_get: function(i: TIdC_SIZET): PASN1_ITEM cdecl = nil;
 
 implementation
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 
   function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
@@ -1119,6 +1116,5 @@ procedure UnLoad;
   ASN1_ITEM_lookup := nil;
   ASN1_ITEM_get := nil;
 end;
-{$ENDREGION}
 
 end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_asn1_mac.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_asn1_mac.pas
index abb843536..bcb23c4c1 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_asn1_mac.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_asn1_mac.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 15:01:04
+// Generation date: 28.10.2020 15:24:13
 
 unit IdOpenSSLHeaders_asn1_mac;
 
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_asn1err.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_asn1err.pas
index d63beac78..82cdb86b0 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_asn1err.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_asn1err.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 15:01:04
+// Generation date: 28.10.2020 15:24:13
 
 unit IdOpenSSLHeaders_asn1err;
 
@@ -276,17 +276,14 @@ interface
   ASN1_R_WRONG_PUBLIC_KEY_TYPE                    = 200;
   ASN1_R_WRONG_TAG                                = 168;
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 procedure UnLoad;
-{$ENDREGION}
 
 var
   ERR_load_ASN1_strings: function: TIdC_INT cdecl = nil;
 
 implementation
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 
   function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
@@ -304,6 +301,5 @@ procedure UnLoad;
 begin
   ERR_load_ASN1_strings := nil;
 end;
-{$ENDREGION}
 
 end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_asn1t.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_asn1t.pas
index 3b3e66844..fb7891078 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_asn1t.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_asn1t.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 15:01:04
+// Generation date: 28.10.2020 15:24:13
 
 unit IdOpenSSLHeaders_asn1t;
 
@@ -985,10 +985,8 @@   ASN1_STREAM_ARG_st = record
 
 //* Functions used internally by the ASN1 code */
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 procedure UnLoad;
-{$ENDREGION}
 
 var
   ASN1_item_ex_new: function(pval: PPASN1_VALUE; const it: PASN1_ITEM): TIdC_INT cdecl = nil;
@@ -1000,7 +998,6 @@ procedure UnLoad;
 
 implementation
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 
   function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
@@ -1024,6 +1021,5 @@ procedure UnLoad;
   ASN1_item_ex_d2i := nil;
   ASN1_item_ex_i2d := nil;
 end;
-{$ENDREGION}
 
 end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_async.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_async.pas
index 1b4231995..d7a2d299f 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_async.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_async.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 15:01:04
+// Generation date: 28.10.2020 15:24:13
 
 unit IdOpenSSLHeaders_async;
 
@@ -68,10 +68,8 @@ interface
     const v2: Pointer; v3: OSSL_ASYNC_FD; v4: Pointer);
   ASYNC_start_job_cb = function(v1: Pointer): TIdC_INT;
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 procedure UnLoad;
-{$ENDREGION}
 
 var
   ASYNC_init_thread: function(max_size: TIdC_SIZET; init_size: TIdC_SIZET): TIdC_INT cdecl = nil;
@@ -97,7 +95,6 @@ procedure UnLoad;
 
 implementation
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 
   function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
@@ -145,6 +142,5 @@ procedure UnLoad;
   ASYNC_block_pause := nil;
   ASYNC_unblock_pause := nil;
 end;
-{$ENDREGION}
 
 end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_asyncerr.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_asyncerr.pas
index 0f8646437..f0935d76c 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_asyncerr.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_asyncerr.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 15:01:04
+// Generation date: 28.10.2020 15:24:13
 
 unit IdOpenSSLHeaders_asyncerr;
 
@@ -65,17 +65,14 @@ interface
   ASYNC_R_INIT_FAILED                              = 105;
   ASYNC_R_INVALID_POOL_SIZE                        = 103;
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 procedure UnLoad;
-{$ENDREGION}
 
 var
   ERR_load_ASYNC_strings: function: TIdC_INT cdecl = nil;
 
 implementation
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 
   function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
@@ -93,6 +90,5 @@ procedure UnLoad;
 begin
   ERR_load_ASYNC_strings := nil;
 end;
-{$ENDREGION}
 
 end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_bio.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_bio.pas
index 33254577b..c826daf3a 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_bio.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_bio.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 15:01:04
+// Generation date: 28.10.2020 15:24:13
 
 unit IdOpenSSLHeaders_bio;
 
@@ -50,14 +50,11 @@ interface
 
 const
   (* There are the classes of BIOs *)
-  {$REGION 'BIO_TYPE_*'}
   BIO_TYPE_DESCRIPTOR = $0100;
   BIO_TYPE_FILTER = $0200;
   BIO_TYPE_SOURCE_SINK = $0400;
-  {$ENDREGION}
 
   (* These are the 'types' of BIOs *)
-  {$REGION 'BIO_TYPE_*'}
   BIO_TYPE_NONE = 0;
   BIO_TYPE_MEM =  1 or BIO_TYPE_SOURCE_SINK;
   BIO_TYPE_FILE =  2 or BIO_TYPE_SOURCE_SINK;
@@ -81,7 +78,6 @@ interface
   BIO_TYPE_ASN1        = 22 or BIO_TYPE_FILTER;
   BIO_TYPE_COMP        = 23 or BIO_TYPE_FILTER;
   BIO_TYPE_DGRAM_SCTP  = 24 or BIO_TYPE_SOURCE_SINK or BIO_TYPE_DESCRIPTOR;
-  {$ENDREGION}
 
   BIO_TYPE_START = 128;
 
@@ -89,15 +85,12 @@ interface
    * BIO_FILENAME_READ|BIO_CLOSE to open or close on free.
    * BIO_set_fp(in,stdin,BIO_NOCLOSE);
    *)
-  {$REGION}
   BIO_NOCLOSE = $00;
   BIO_CLOSE   = $01;
-  {$ENDREGION}
 
   (*
    * These are used in the following macros and are passed to BIO_ctrl()
    *)
-  {$REGION 'BIO_CTRL_*'}
   BIO_CTRL_RESET        = 1;(* opt - rewind/zero etc *)
   BIO_CTRL_EOF          = 2;(* opt - are we at the eof *)
   BIO_CTRL_INFO         = 3;(* opt - extra tit-bits *)
@@ -168,7 +161,6 @@ interface
   BIO_CTRL_DGRAM_SCTP_SAVE_SHUTDOWN     = 70;
 
   BIO_CTRL_DGRAM_SET_PEEK_MODE          = 71;
-  {$ENDREGION}
 
   (* modifiers *)
   BIO_FP_READ            = $02;
@@ -176,7 +168,6 @@ interface
   BIO_FP_APPEND          = $08;
   BIO_FP_TEXT            = $10;
 
-  {$REGION 'BIO_FLAGS_*}
   BIO_FLAGS_READ         = $01;
   BIO_FLAGS_WRITE        = $02;
   BIO_FLAGS_IO_SPECIAL   = $04;
@@ -192,18 +183,14 @@ interface
    *)
   BIO_FLAGS_MEM_RDONLY   = $200;
   BIO_FLAGS_NONCLEAR_RST = $400;
-  {$ENDREGION}
 
-  {$REGION 'BIO_RR_*'}
   BIO_RR_SSL_X509_LOOKUP = $01;
   (* Returned from the connect BIO when a connect would have blocked *)
   BIO_RR_CONNECT         = $02;
   (* Returned from the accept BIO when an accept would have blocked *)
   BIO_RR_ACCEPT          = $03;
-  {$ENDREGION}
 
   (* These are passed by the BIO callback *)
-  {$REGION 'BIO_CB_*'}
   BIO_CB_FREE  = $01;
   BIO_CB_READ  = $02;
   BIO_CB_WRITE = $03;
@@ -218,9 +205,7 @@ interface
 //# define BIO_CB_return(a) ((a)|BIO_CB_RETURN)
 //# define BIO_cb_pre(a)   (!((a)&BIO_CB_RETURN))
 //# define BIO_cb_post(a)  ((a)&BIO_CB_RETURN)
-  {$ENDREGION}
 
-  {$REGION 'BIO_C_*'}
   BIO_C_SET_CONNECT                 = 100;
   BIO_C_DO_STATE_MACHINE            = 101;
   BIO_C_SET_NBIO                    = 102;
@@ -282,15 +267,12 @@ interface
   BIO_C_GET_EX_ARG                  = 154;
 
   BIO_C_SET_CONNECT_MODE            = 155;
-  {$ENDREGION}
 
-  {$REGION 'BIO_SOCK_*'}
   BIO_SOCK_REUSEADDR = $01;
   BIO_SOCK_V6_ONLY   = $02;
   BIO_SOCK_KEEPALIVE = $04;
   BIO_SOCK_NONBLOCK  = $08;
   BIO_SOCK_NODELAY   = $10;
-  {$ENDREGION}
 
 type
   BIO_ADDR = Pointer; // bio_addr_st
@@ -361,10 +343,8 @@ function BIO_do_connect(b: PBIO): TIdC_LONG;
 function BIO_do_accept(b: PBIO): TIdC_LONG;
 function BIO_do_handshake(b: PBIO): TIdC_LONG;
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 procedure UnLoad;
-{$ENDREGION}
 
 var
   BIO_get_new_index: function: TIdC_INT cdecl = nil;
@@ -684,7 +664,7 @@ procedure UnLoad;
 
   BIO_set_tcp_ndelay: function(sock: TIdC_INT; turn_on: TIdC_INT): TIdC_INT cdecl = nil;
 
-  BIO_sock_info: function(sock: TIdC_INT; &type: BIO_sock_info_type; info: PBIO_sock_info_u): TIdC_INT cdecl = nil;
+  BIO_sock_info: function(sock: TIdC_INT; type_: BIO_sock_info_type; info: PBIO_sock_info_u): TIdC_INT cdecl = nil;
 
   BIO_socket: function(domain: TIdC_INT; socktype: TIdC_INT; protocol: TIdC_INT; options: TIdC_INT): TIdC_INT cdecl = nil;
   BIO_connect: function(sock: TIdC_INT; const addr: PBIO_ADDR; options: TIdC_INT): TIdC_INT cdecl = nil;
@@ -744,7 +724,6 @@ procedure UnLoad;
 
 implementation
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 
   function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
@@ -1010,9 +989,7 @@ procedure UnLoad;
   BIO_new_bio_pair := nil;
   BIO_copy_next_retry := nil;
 end;
-{$ENDREGION}
 
-{$REGION 'C compiler macros'}
 // # define BIO_get_flags(b) BIO_test_flags(b, ~(0x0))
 function BIO_get_flags(const b: PBIO): TIdC_INT;
 begin
@@ -1101,7 +1078,6 @@ function BIO_do_handshake(b: PBIO): TIdC_LONG;
 begin
   Result := BIO_ctrl(b, BIO_C_DO_STATE_MACHINE, 0, nil);
 end;
-{$ENDREGION}
 
 end.
 
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_bioerr.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_bioerr.pas
index 319a97ffb..c8954e9a7 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_bioerr.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_bioerr.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 15:01:04
+// Generation date: 28.10.2020 15:24:13
 
 unit IdOpenSSLHeaders_bioerr;
 
@@ -147,17 +147,14 @@ interface
   BIO_R_WRITE_TO_READ_ONLY_BIO =  126;
   BIO_R_WSASTARTUP =   122;
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 procedure UnLoad;
-{$ENDREGION}
   
 var
   ERR_load_BIO_strings: function: TIdC_INT cdecl = nil;
 
 implementation
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 
   function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
@@ -175,6 +172,5 @@ procedure UnLoad;
 begin
   ERR_load_BIO_strings := nil;
 end;
-{$ENDREGION}
 
 end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_blowfish.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_blowfish.pas
index 2a0888c78..3c81560cc 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_blowfish.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_blowfish.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 15:01:04
+// Generation date: 28.10.2020 15:24:13
 
 unit IdOpenSSLHeaders_blowfish;
 
@@ -65,10 +65,8 @@   bf_key_st = record
   BF_KEY = bf_key_st;
   PBF_KEY = ^BF_KEY;
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 procedure UnLoad;
-{$ENDREGION}
 
 var
   BF_set_key: procedure(key: PBF_KEY; len: TIdC_INT; const data: PByte) cdecl = nil;
@@ -76,16 +74,15 @@ procedure UnLoad;
   BF_encrypt: procedure(data: PBF_LONG; const key: PBF_KEY) cdecl = nil;
   BF_decrypt: procedure(data: PBF_LONG; const key: PBF_KEY) cdecl = nil;
 
-  BF_ecb_encrypt: procedure(const &in: PByte; &out: PByte; key: PBF_KEY; enc: TIdC_INT) cdecl = nil;
-  BF_cbc_encrypt: procedure(const &in: PByte; &out: PByte; length: TIdC_LONG; schedule: PBF_KEY; ivec: PByte; enc: TIdC_INT) cdecl = nil;
-  BF_cfb64_encrypt: procedure(const &in: PByte; &out: PByte; length: TIdC_LONG; schedule: PBF_KEY; ivec: PByte; num: PIdC_INT; enc: TIdC_INT) cdecl = nil;
-  BF_ofb64_encrypt: procedure(const &in: PByte; &out: PByte; length: TIdC_LONG; schedule: PBF_KEY; ivec: PByte; num: PIdC_INT) cdecl = nil;
+  BF_ecb_encrypt: procedure(const in_: PByte; out_: PByte; key: PBF_KEY; enc: TIdC_INT) cdecl = nil;
+  BF_cbc_encrypt: procedure(const in_: PByte; out_: PByte; length: TIdC_LONG; schedule: PBF_KEY; ivec: PByte; enc: TIdC_INT) cdecl = nil;
+  BF_cfb64_encrypt: procedure(const in_: PByte; out_: PByte; length: TIdC_LONG; schedule: PBF_KEY; ivec: PByte; num: PIdC_INT; enc: TIdC_INT) cdecl = nil;
+  BF_ofb64_encrypt: procedure(const in_: PByte; out_: PByte; length: TIdC_LONG; schedule: PBF_KEY; ivec: PByte; num: PIdC_INT) cdecl = nil;
 
   BF_options: function: PIdAnsiChar cdecl = nil;
 
 implementation
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 
   function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
@@ -117,6 +114,5 @@ procedure UnLoad;
   BF_ofb64_encrypt := nil;
   BF_options := nil;
 end;
-{$ENDREGION}
 
 end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_bn.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_bn.pas
index df8e53a03..e89937698 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_bn.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_bn.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 15:01:04
+// Generation date: 28.10.2020 15:24:13
 
 unit IdOpenSSLHeaders_bn;
 
@@ -78,10 +78,8 @@ interface
   BN_GENCB_set_old_cb = procedure (a: TIdC_INT; b: TIdC_INT; c: Pointer); cdecl;
   BN_GENCB_set_cb = function (a: TIdC_INT; b: TIdC_INT; c: PBN_GENCB): TIdC_INT; cdecl;
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 procedure UnLoad;
-{$ENDREGION}
 
 var
   BN_set_flags: procedure(b: PBIGNUM; n: TIdC_INT) cdecl = nil;
@@ -215,12 +213,12 @@ procedure UnLoad;
   BN_copy: function(a: PBIGNUM; b: PBIGNUM): PBIGNUM cdecl = nil;
   BN_swap: procedure(a: PBIGNUM; b: PBIGNUM) cdecl = nil;
   BN_bin2bn: function(const s: PByte; len: TIdC_INT; ret: PBIGNUM): PBIGNUM cdecl = nil;
-  BN_bn2bin: function(const a: PBIGNUM; &to: PByte): TIdC_INT cdecl = nil;
-  BN_bn2binpad: function(const a: PBIGNUM; &to: PByte; tolen: TIdC_INT): TIdC_INT cdecl = nil;
+  BN_bn2bin: function(const a: PBIGNUM; to_: PByte): TIdC_INT cdecl = nil;
+  BN_bn2binpad: function(const a: PBIGNUM; to_: PByte; tolen: TIdC_INT): TIdC_INT cdecl = nil;
   BN_lebin2bn: function(const s: PByte; len: TIdC_INT; ret: PBIGNUM): PBIGNUM cdecl = nil;
-  BN_bn2lebinpad: function(a: PBIGNUM; &to: PByte; tolen: TIdC_INT): TIdC_INT cdecl = nil;
+  BN_bn2lebinpad: function(a: PBIGNUM; to_: PByte; tolen: TIdC_INT): TIdC_INT cdecl = nil;
   BN_mpi2bn: function(const s: PByte; len: TIdC_INT; ret: PBIGNUM): PBIGNUM cdecl = nil;
-  BN_bn2mpi: function(a: PBIGNUM; &to: PByte): TIdC_INT cdecl = nil;
+  BN_bn2mpi: function(a: PBIGNUM; to_: PByte): TIdC_INT cdecl = nil;
   BN_sub: function(r: PBIGNUM; const a: PBIGNUM; const b: PBIGNUM): TIdC_INT cdecl = nil;
   BN_usub: function(r: PBIGNUM; const a: PBIGNUM; const b: PBIGNUM): TIdC_INT cdecl = nil;
   BN_uadd: function(r: PBIGNUM; const a: PBIGNUM; const b: PBIGNUM): TIdC_INT cdecl = nil;
@@ -309,11 +307,11 @@ procedure UnLoad;
   BN_to_montgomery: function(r: PBIGNUM; a: PBIGNUM; mont: PBN_MONT_CTX; ctx: PBN_CTX): TIdC_INT cdecl = nil;
   BN_from_montgomery: function(r: PBIGNUM; a: PBIGNUM; mont: PBN_MONT_CTX; ctx: PBN_CTX): TIdC_INT cdecl = nil;
   BN_MONT_CTX_free: procedure(mont: PBN_MONT_CTX) cdecl = nil;
-  BN_MONT_CTX_set: function(mont: PBN_MONT_CTX; &mod: PBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl = nil;
+  BN_MONT_CTX_set: function(mont: PBN_MONT_CTX; mod_: PBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl = nil;
   BN_MONT_CTX_copy: function(&to: PBN_MONT_CTX; from: PBN_MONT_CTX): PBN_MONT_CTX cdecl = nil;
-//  function BN_MONT_CTX_set_locked(pmont: ^PBN_MONT_CTX; lock: CRYPTO_RWLOCK; &mod: PBIGNUM; ctx: PBN_CTX): PBN_MONT_CTX;
+//  function BN_MONT_CTX_set_locked(pmont: ^PBN_MONT_CTX; lock: CRYPTO_RWLOCK; mod_: PBIGNUM; ctx: PBN_CTX): PBN_MONT_CTX;
 
-  BN_BLINDING_new: function(const A: PBIGNUM; const Ai: PBIGNUM; &mod: PBIGNUM): PBN_BLINDING cdecl = nil;
+  BN_BLINDING_new: function(const A: PBIGNUM; const Ai: PBIGNUM; mod_: PBIGNUM): PBN_BLINDING cdecl = nil;
   BN_BLINDING_free: procedure(b: PBN_BLINDING) cdecl = nil;
   BN_BLINDING_update: function(b: PBN_BLINDING; ctx: PBN_CTX): TIdC_INT cdecl = nil;
   BN_BLINDING_convert: function(n: PBIGNUM; b: PBN_BLINDING; ctx: PBN_CTX): TIdC_INT cdecl = nil;
@@ -419,7 +417,7 @@ procedure UnLoad;
 //int (*BN_nist_mod_func(const BIGNUM *p)) (BIGNUM *r, const BIGNUM *a,
 //                                          const BIGNUM *field, BN_CTX *ctx);
 
-  BN_generate_dsa_nonce: function(&out: PBIGNUM; range: PBIGNUM; priv: PBIGNUM; const &message: PByte; message_len: TIdC_SIZET; ctx: PBN_CTX): TIdC_INT cdecl = nil;
+  BN_generate_dsa_nonce: function(&out: PBIGNUM; range: PBIGNUM; priv: PBIGNUM; const message_: PByte; message_len: TIdC_SIZET; ctx: PBN_CTX): TIdC_INT cdecl = nil;
 
   (* Primes from RFC 2409 *)
   BN_get_rfc2409_prime_768: function(bn: PBIGNUM ): PBIGNUM cdecl = nil;
@@ -437,7 +435,6 @@ procedure UnLoad;
 
 implementation
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 
   function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
@@ -779,7 +776,6 @@ procedure UnLoad;
   BN_get_rfc3526_prime_8192 := nil;
   BN_bntest_rand := nil;
 end;
-{$ENDREGION}
 
 end.
 
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_bnerr.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_bnerr.pas
index e784a43c3..eb90c9409 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_bnerr.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_bnerr.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 15:01:04
+// Generation date: 28.10.2020 15:24:13
 
 unit IdOpenSSLHeaders_bnerr;
 
@@ -123,17 +123,14 @@ interface
   BN_R_TOO_MANY_ITERATIONS = 113;
   BN_R_TOO_MANY_TEMPORARY_VARIABLES = 109;
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 procedure UnLoad;
-{$ENDREGION}
 
 var
   ERR_load_BN_strings: function: TIdC_INT cdecl = nil;
 
 implementation
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 
   function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
@@ -151,6 +148,5 @@ procedure UnLoad;
 begin
   ERR_load_BN_strings := nil;
 end;
-{$ENDREGION}
 
 end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_buffer.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_buffer.pas
index 07f741413..5d9b32eb3 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_buffer.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_buffer.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 15:01:04
+// Generation date: 28.10.2020 15:24:13
 
 unit IdOpenSSLHeaders_buffer;
 
@@ -57,10 +57,8 @@   buf_mem_st = record
     flags: TIdC_ULONG;
   end;
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 procedure UnLoad;
-{$ENDREGION}
 
 var
   BUF_MEM_new: function: PBUF_MEM cdecl = nil;
@@ -68,11 +66,10 @@ procedure UnLoad;
   BUF_MEM_free: procedure(a: PBUF_MEM) cdecl = nil;
   BUF_MEM_grow: function(str: PBUF_MEM; len: TIdC_SIZET): TIdC_SIZET cdecl = nil;
   BUF_MEM_grow_clean: function(str: PBUF_MEM; len: TIdC_SIZET): TIdC_SIZET cdecl = nil;
-  BUF_reverse: procedure(&out: PByte; const &in: PByte; siz: TIdC_SIZET) cdecl = nil;
+  BUF_reverse: procedure(&out: PByte; const in_: PByte; siz: TIdC_SIZET) cdecl = nil;
 
 implementation
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 
   function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
@@ -100,6 +97,5 @@ procedure UnLoad;
   BUF_MEM_grow_clean := nil;
   BUF_reverse := nil;
 end;
-{$ENDREGION}
 
 end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_buffererr.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_buffererr.pas
index f1b346030..72bf7d781 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_buffererr.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_buffererr.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 15:01:04
+// Generation date: 28.10.2020 15:24:13
 
 unit IdOpenSSLHeaders_buffererr;
 
@@ -53,17 +53,14 @@ interface
 
 // BUF reason codes.
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 procedure UnLoad;
-{$ENDREGION}
 
 var
   ERR_load_BUF_strings: function: TIdC_INT cdecl = nil;
 
 implementation
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 
   function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
@@ -81,6 +78,5 @@ procedure UnLoad;
 begin
   ERR_load_BUF_strings := nil;
 end;
-{$ENDREGION}
 
 end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_camellia.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_camellia.pas
index 68416b8ea..18aeda46f 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_camellia.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_camellia.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 15:01:04
+// Generation date: 28.10.2020 15:24:13
 
 unit IdOpenSSLHeaders_camellia;
 
@@ -75,28 +75,25 @@   camellia_key_st = record
   TCamellia_ctr128_encrypt_ivec = array[0 .. CAMELLIA_TABLE_WORD_LEN - 1] of Byte;
   TCamellia_ctr128_encrypt_ecount_buf = array[0 .. CAMELLIA_TABLE_WORD_LEN - 1] of Byte;
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 procedure UnLoad;
-{$ENDREGION}
 
 var
   Camellia_set_key: function(const userKey: PByte; const bits: TIdC_INT; key: PCAMELLIA_KEY): TIdC_INT cdecl = nil;
 
-  Camellia_encrypt: procedure(const &in: PByte; const &out: PByte; const key: PCAMELLIA_KEY) cdecl = nil;
-  Camellia_decrypt: procedure(const &in: PByte; const &out: PByte; const key: PCAMELLIA_KEY) cdecl = nil;
+  Camellia_encrypt: procedure(const in_: PByte; const out_: PByte; const key: PCAMELLIA_KEY) cdecl = nil;
+  Camellia_decrypt: procedure(const in_: PByte; const out_: PByte; const key: PCAMELLIA_KEY) cdecl = nil;
 
-  Camellia_ecb_encrypt: procedure( const &in: PByte; const &out: PByte; const key: PCAMELLIA_KEY; const enc: TIdC_INT) cdecl = nil;
-  Camellia_cbc_encrypt: procedure( const &in: PByte; const &out: PByte; length: TIdC_SIZET; const key: PCAMELLIA_KEY; ivec: PByte; const enc: TIdC_INT) cdecl = nil;
-  Camellia_cfb128_encrypt: procedure( const &in: PByte; const &out: PByte; length: TIdC_SIZET; const key: PCAMELLIA_KEY; ivec: PByte; num: PIdC_INT; const enc: TIdC_INT) cdecl = nil;
-  Camellia_cfb1_encrypt: procedure( const &in: PByte; const &out: PByte; length: TIdC_SIZET; const key: PCAMELLIA_KEY; ivec: PByte; num: PIdC_INT; const enc: TIdC_INT) cdecl = nil;
-  Camellia_cfb8_encrypt: procedure( const &in: PByte; const &out: PByte; length: TIdC_SIZET; const key: PCAMELLIA_KEY; ivec: PByte; num: PIdC_INT; const enc: TIdC_INT) cdecl = nil;
-  Camellia_ofb128_encrypt: procedure( const &in: PByte; const &out: PByte; length: TIdC_SIZET; const key: PCAMELLIA_KEY; ivec: PByte; num: PIdC_INT) cdecl = nil;
-  Camellia_ctr128_encrypt: procedure( const &in: PByte; const &out: PByte; length: TIdC_SIZET; const key: PCAMELLIA_KEY; ivec: TCamellia_ctr128_encrypt_ivec; ecount_buf: TCamellia_ctr128_encrypt_ecount_buf; num: PIdC_INT) cdecl = nil;
+  Camellia_ecb_encrypt: procedure( const in_: PByte; const out_: PByte; const key: PCAMELLIA_KEY; const enc: TIdC_INT) cdecl = nil;
+  Camellia_cbc_encrypt: procedure( const in_: PByte; const out_: PByte; length: TIdC_SIZET; const key: PCAMELLIA_KEY; ivec: PByte; const enc: TIdC_INT) cdecl = nil;
+  Camellia_cfb128_encrypt: procedure( const in_: PByte; const out_: PByte; length: TIdC_SIZET; const key: PCAMELLIA_KEY; ivec: PByte; num: PIdC_INT; const enc: TIdC_INT) cdecl = nil;
+  Camellia_cfb1_encrypt: procedure( const in_: PByte; const out_: PByte; length: TIdC_SIZET; const key: PCAMELLIA_KEY; ivec: PByte; num: PIdC_INT; const enc: TIdC_INT) cdecl = nil;
+  Camellia_cfb8_encrypt: procedure( const in_: PByte; const out_: PByte; length: TIdC_SIZET; const key: PCAMELLIA_KEY; ivec: PByte; num: PIdC_INT; const enc: TIdC_INT) cdecl = nil;
+  Camellia_ofb128_encrypt: procedure( const in_: PByte; const out_: PByte; length: TIdC_SIZET; const key: PCAMELLIA_KEY; ivec: PByte; num: PIdC_INT) cdecl = nil;
+  Camellia_ctr128_encrypt: procedure( const in_: PByte; const out_: PByte; length: TIdC_SIZET; const key: PCAMELLIA_KEY; ivec: TCamellia_ctr128_encrypt_ivec; ecount_buf: TCamellia_ctr128_encrypt_ecount_buf; num: PIdC_INT) cdecl = nil;
 
 implementation
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 
   function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
@@ -132,6 +129,5 @@ procedure UnLoad;
   Camellia_ofb128_encrypt := nil;
   Camellia_ctr128_encrypt := nil;
 end;
-{$ENDREGION}
 
 end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_cast.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_cast.pas
index 9934bb006..020cc04ed 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_cast.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_cast.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 15:01:04
+// Generation date: 28.10.2020 15:24:13
 
 unit IdOpenSSLHeaders_cast;
 
@@ -63,23 +63,20 @@   cast_key_st = record
   CAST_KEY = cast_key_st;
   PCAST_KEY = ^CAST_KEY;
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 procedure UnLoad;
-{$ENDREGION}
 
 var
   CAST_set_key: procedure(key: PCast_Key; len: TIdC_INT; const data: PByte) cdecl = nil;
-  CAST_ecb_encrypt: procedure(const &in: PByte; &out: PByte; const key: PCast_Key; enc: TIdC_INT) cdecl = nil;
+  CAST_ecb_encrypt: procedure(const in_: PByte; out_: PByte; const key: PCast_Key; enc: TIdC_INT) cdecl = nil;
   CAST_encrypt: procedure(data: PCAST_LONG; const key: PCast_Key) cdecl = nil;
   CAST_decrypt: procedure(data: PCAST_LONG; const key: PCast_Key) cdecl = nil;
-  CAST_cbc_encrypt: procedure(const &in: PByte; &out: PByte; length: TIdC_LONG; const ks: PCast_Key; iv: PByte; enc: TIdC_INT) cdecl = nil;
-  CAST_cfb64_encrypt: procedure(const &in: PByte; &out: PByte; length: TIdC_LONG; const schedule: PCast_Key; ivec: PByte; num: PIdC_INT; enc: TIdC_INT) cdecl = nil;
-  CAST_ofb64_encrypt: procedure(const &in: PByte; &out: PByte; length: TIdC_LONG; const schedule: PCast_Key; ivec: PByte; num: PIdC_INT) cdecl = nil;
+  CAST_cbc_encrypt: procedure(const in_: PByte; out_: PByte; length: TIdC_LONG; const ks: PCast_Key; iv: PByte; enc: TIdC_INT) cdecl = nil;
+  CAST_cfb64_encrypt: procedure(const in_: PByte; out_: PByte; length: TIdC_LONG; const schedule: PCast_Key; ivec: PByte; num: PIdC_INT; enc: TIdC_INT) cdecl = nil;
+  CAST_ofb64_encrypt: procedure(const in_: PByte; out_: PByte; length: TIdC_LONG; const schedule: PCast_Key; ivec: PByte; num: PIdC_INT) cdecl = nil;
 
 implementation
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 
   function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
@@ -109,6 +106,5 @@ procedure UnLoad;
   CAST_cfb64_encrypt := nil;
   CAST_ofb64_encrypt := nil;
 end;
-{$ENDREGION}
 
 end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_cmac.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_cmac.pas
index 904a446cd..777669afb 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_cmac.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_cmac.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 15:01:04
+// Generation date: 28.10.2020 15:24:13
 
 unit IdOpenSSLHeaders_cmac;
 
@@ -53,26 +53,23 @@ interface
   CMAC_CTX = CMAC_CTX_st;
   PCMAC_CTX = ^CMAC_CTX;
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 procedure UnLoad;
-{$ENDREGION}
 
 var
   CMAC_CTX_new: function: PCMAC_CTX cdecl = nil;
   CMAC_CTX_cleanup: procedure(ctx: PCMAC_CTX) cdecl = nil;
   CMAC_CTX_free: procedure(ctx: PCMAC_CTX) cdecl = nil;
   CMAC_CTX_get0_cipher_ctx: function(ctx: PCMAC_CTX): PEVP_CIPHER_CTX cdecl = nil;
-  CMAC_CTX_copy: function(out: PCMAC_CTX; const &in: PCMAC_CTX): TIdC_INT cdecl = nil;
+  CMAC_CTX_copy: function(out: PCMAC_CTX; const in_: PCMAC_CTX): TIdC_INT cdecl = nil;
   CMAC_Init: function(ctx: PCMAC_CTX; const key: Pointer; keylen: TIdC_SIZET; const cipher: PEVP_Cipher; impl: PENGINe): TIdC_INT cdecl = nil;
   CMAC_Update: function(ctx: PCMAC_CTX; const data: Pointer; dlen: TIdC_SIZET): TIdC_INT cdecl = nil;
-  CMAC_Final: function(ctx: PCMAC_CTX; &out: PByte; poutlen: PIdC_SIZET): TIdC_INT cdecl = nil;
+  CMAC_Final: function(ctx: PCMAC_CTX; out_: PByte; poutlen: PIdC_SIZET): TIdC_INT cdecl = nil;
   CMAC_resume: function(ctx: PCMAC_CTX): TIdC_INT cdecl = nil;
 
 
 implementation
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 
   function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
@@ -106,6 +103,5 @@ procedure UnLoad;
   CMAC_Final := nil;
   CMAC_resume := nil;
 end;
-{$ENDREGION}
 
 end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_cms.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_cms.pas
index 732309516..345de1e4b 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_cms.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_cms.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 15:01:04
+// Generation date: 28.10.2020 15:24:13
 
 unit IdOpenSSLHeaders_cms;
 
@@ -132,10 +132,8 @@ interface
   CMS_KEY_PARAM                   = $40000;
   CMS_ASCIICRLF                   = $80000;
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 procedure UnLoad;
-{$ENDREGION}
 
 var
   CMS_get0_type: function(const cms: PCMS_ContentInfo): PASN1_OBJECT cdecl = nil;
@@ -152,8 +150,8 @@ procedure UnLoad;
   i2d_CMS_bio: function(bp: PBIO; cms: PCMS_ContentInfo): TIdC_INT cdecl = nil;
 
   BIO_new_CMS: function(&out: PBIO; cms: PCMS_ContentInfo): PBIO cdecl = nil;
-  i2d_CMS_bio_stream: function(&out: PBIO; cms: PCMS_ContentInfo; &in: PBIO; flags: TIdC_INT): TIdC_INT cdecl = nil;
-  PEM_write_bio_CMS_stream: function(&out: PBIO; cms: PCMS_ContentInfo; &in: PBIO; flags: TIdC_INT): TIdC_INT cdecl = nil;
+  i2d_CMS_bio_stream: function(&out: PBIO; cms: PCMS_ContentInfo; in_: PBIO; flags: TIdC_INT): TIdC_INT cdecl = nil;
+  PEM_write_bio_CMS_stream: function(&out: PBIO; cms: PCMS_ContentInfo; in_: PBIO; flags: TIdC_INT): TIdC_INT cdecl = nil;
   SMIME_read_CMS: function(bio: PBIO; bcont: PPBIO): PCMS_ContentInfo cdecl = nil;
   SMIME_write_CMS: function(bio: PBIO; cms: PCMS_ContentInfo; data: PBIO; flags: TIdC_INT): TIdC_INT cdecl = nil;
 
@@ -163,27 +161,27 @@ procedure UnLoad;
 
 //  function CMS_sign_receipt(si: PCMS_SignerInfo; signcert: PX509; pkey: PEVP_PKEY; {STACK_OF(X509) *certs;} flags: TIdC_UINT): PCMS_ContentInfo;
 
-  CMS_data: function(cms: PCMS_ContentInfo; &out: PBIO; flags: TIdC_UINT): TIdC_INT cdecl = nil;
+  CMS_data: function(cms: PCMS_ContentInfo; out_: PBIO; flags: TIdC_UINT): TIdC_INT cdecl = nil;
   CMS_data_create: function(&in: PBIO; flags: TIdC_UINT): PCMS_ContentInfo cdecl = nil;
 
-  CMS_digest_verify: function(cms: PCMS_ContentInfo; dcont: PBIO; &out: PBIO; flags: TIdC_UINT): TIdC_INT cdecl = nil;
+  CMS_digest_verify: function(cms: PCMS_ContentInfo; dcont: PBIO; out_: PBIO; flags: TIdC_UINT): TIdC_INT cdecl = nil;
   CMS_digest_create: function(&in: PBIO; const md: PEVP_MD; flags: TIdC_UINT): PCMS_ContentInfo cdecl = nil;
 
-  CMS_EncryptedData_decrypt: function(cms: PCMS_ContentInfo; const key: PByte; keylen: TIdC_SIZET; dcont: PBIO; &out: PBIO; flags: TIdC_UINT): TIdC_INT cdecl = nil;
+  CMS_EncryptedData_decrypt: function(cms: PCMS_ContentInfo; const key: PByte; keylen: TIdC_SIZET; dcont: PBIO; out_: PBIO; flags: TIdC_UINT): TIdC_INT cdecl = nil;
 
   CMS_EncryptedData_encrypt: function(&in: PBIO; const cipher: PEVP_CIPHER; const key: PByte; keylen: TIdC_SIZET; flags: TIdC_UINT): PCMS_ContentInfo cdecl = nil;
 
   CMS_EncryptedData_set1_key: function(cms: PCMS_ContentInfo; const ciph: PEVP_CIPHER; const key: PByte; keylen: TIdC_SIZET): TIdC_INT cdecl = nil;
 
-//  function CMS_verify(cms: PCMS_ContentInfo; {STACK_OF(X509) *certs;} store: PX509_STORE; dcont: PBIO; &out: PBIO; flags: TIdC_UINT): TIdC_INT;
+//  function CMS_verify(cms: PCMS_ContentInfo; {STACK_OF(X509) *certs;} store: PX509_STORE; dcont: PBIO; out_: PBIO; flags: TIdC_UINT): TIdC_INT;
 
 //  function CMS_verify_receipt(rcms: PCMS_ContentInfo; ocms: PCMS_ContentInfo; {STACK_OF(x509) *certs;} store: PX509_STORE; flags: TIdC_UINT): TIdC_INT;
 
   // STACK_OF(X509) *CMS_get0_signers(CMS_ContentInfo *cms);
 
-//  function CMS_encrypt({STACK_OF(x509) *certs;} &in: PBIO; const cipher: PEVP_CIPHER; flags: TIdC_UINT): PCMS_ContentInfo;
+//  function CMS_encrypt({STACK_OF(x509) *certs;} in_: PBIO; const cipher: PEVP_CIPHER; flags: TIdC_UINT): PCMS_ContentInfo;
 
-  CMS_decrypt: function(cms: PCMS_ContentInfo; pkey: PEVP_PKEY; cert: PX509; dcont: PBIO; &out: PBIO; flags: TIdC_UINT): TIdC_INT cdecl = nil;
+  CMS_decrypt: function(cms: PCMS_ContentInfo; pkey: PEVP_PKEY; cert: PX509; dcont: PBIO; out_: PBIO; flags: TIdC_UINT): TIdC_INT cdecl = nil;
 
   CMS_decrypt_set1_pkey: function(cms: PCMS_ContentInfo; pk: PEVP_PKEY; cert: PX509): TIdC_INT cdecl = nil;
   CMS_decrypt_set1_key: function(cms: PCMS_ContentInfo; key: PByte; keylen: TIdC_SIZET; const id: PByte; idlen: TIdC_SIZET): TIdC_INT cdecl = nil;
@@ -214,7 +212,7 @@ procedure UnLoad;
   CMS_RecipientInfo_decrypt: function(cms: PCMS_ContentInfo; ri: PCMS_RecipientInfo): TIdC_INT cdecl = nil;
   CMS_RecipientInfo_encrypt: function(cms: PCMS_ContentInfo; ri: PCMS_RecipientInfo): TIdC_INT cdecl = nil;
 
-  CMS_uncompress: function(cms: PCMS_ContentInfo; dcont: PBIO; &out: PBIO; flags: TIdC_UINT): TIdC_INT cdecl = nil;
+  CMS_uncompress: function(cms: PCMS_ContentInfo; dcont: PBIO; out_: PBIO; flags: TIdC_UINT): TIdC_INT cdecl = nil;
   CMS_compress: function(&in: PBIO; comp_nid: TIdC_INT; flags: TIdC_UINT): PCMS_ContentInfo cdecl = nil;
 
   CMS_set1_eContentType: function(cms: CMS_ContentInfo; const oit: PASN1_OBJECT): TIdC_INT cdecl = nil;
@@ -256,10 +254,10 @@ procedure UnLoad;
   CMS_signed_get_attr: function(const si: PCMS_SignerInfo; loc: TIdC_INT): PX509_ATTRIBUTE cdecl = nil;
   CMS_signed_delete_attr: function(const si: PCMS_SignerInfo; loc: TIdC_INT): PX509_ATTRIBUTE cdecl = nil;
   CMS_signed_add1_attr: function(si: PCMS_SignerInfo; loc: TIdC_INT): TIdC_INT cdecl = nil;
-  CMS_signed_add1_attr_by_OBJ: function(si: PCMS_SignerInfo; const obj: PASN1_OBJECT; &type: TIdC_INT; const bytes: Pointer; len: TIdC_INT): TIdC_INT cdecl = nil;
-  CMS_signed_add1_attr_by_NID: function(si: PCMS_SignerInfo; nid: TIdC_INT; &type: TIdC_INT; const bytes: Pointer; len: TIdC_INT): TIdC_INT cdecl = nil;
-  CMS_signed_add1_attr_by_txt: function(si: PCMS_SignerInfo; const attrname: PAnsiChar; &type: TIdC_INT; const bytes: Pointer; len: TIdC_INT): TIdC_INT cdecl = nil;
-  CMS_signed_get0_data_by_OBJ: function(si: PCMS_SignerInfo; const oid: PASN1_OBJECT; lastpos: TIdC_INT; &type: TIdC_INT): Pointer cdecl = nil;
+  CMS_signed_add1_attr_by_OBJ: function(si: PCMS_SignerInfo; const obj: PASN1_OBJECT; type_: TIdC_INT; const bytes: Pointer; len: TIdC_INT): TIdC_INT cdecl = nil;
+  CMS_signed_add1_attr_by_NID: function(si: PCMS_SignerInfo; nid: TIdC_INT; type_: TIdC_INT; const bytes: Pointer; len: TIdC_INT): TIdC_INT cdecl = nil;
+  CMS_signed_add1_attr_by_txt: function(si: PCMS_SignerInfo; const attrname: PAnsiChar; type_: TIdC_INT; const bytes: Pointer; len: TIdC_INT): TIdC_INT cdecl = nil;
+  CMS_signed_get0_data_by_OBJ: function(si: PCMS_SignerInfo; const oid: PASN1_OBJECT; lastpos: TIdC_INT; type_: TIdC_INT): Pointer cdecl = nil;
 
   CMS_unsigned_get_attr_count: function(const si: PCMS_SignerInfo): TIdC_INT cdecl = nil;
   CMS_unsigned_get_attr_by_NID: function(const si: PCMS_SignerInfo; nid: TIdC_INT; lastpos: TIdC_INT): TIdC_INT cdecl = nil;
@@ -267,10 +265,10 @@ procedure UnLoad;
   CMS_unsigned_get_attr: function(const si: PCMS_SignerInfo; loc: TIdC_INT): PX509_ATTRIBUTE cdecl = nil;
   CMS_unsigned_delete_attr: function(si: PCMS_SignerInfo; loc: TIdC_INT): PX509_ATTRIBUTE cdecl = nil;
   CMS_unsigned_add1_attr: function(si: PCMS_SignerInfo; attr: PX509_ATTRIBUTE): TIdC_INT cdecl = nil;
-  CMS_unsigned_add1_attr_by_OBJ: function(si: PCMS_SignerInfo; const obj: PASN1_OBJECT; &type: TIdC_INT; const bytes: Pointer; len: TIdC_INT): TIdC_INT cdecl = nil;
-  CMS_unsigned_add1_attr_by_NID: function(si: PCMS_SignerInfo; nid: TIdC_INT; &type: TIdC_INT; const bytes: Pointer; len: TIdC_INT): TIdC_INT cdecl = nil;
-  CMS_unsigned_add1_attr_by_txt: function(si: PCMS_SignerInfo; const attrname: PAnsiChar; &type: TIdC_INT; const bytes: Pointer; len: TIdC_INT): TIdC_INT cdecl = nil;
-  CMS_unsigned_get0_data_by_OBJ: function(si: PCMS_SignerInfo; oid: PASN1_OBJECT; lastpos: TIdC_INT; &type: TIdC_INT): Pointer cdecl = nil;
+  CMS_unsigned_add1_attr_by_OBJ: function(si: PCMS_SignerInfo; const obj: PASN1_OBJECT; type_: TIdC_INT; const bytes: Pointer; len: TIdC_INT): TIdC_INT cdecl = nil;
+  CMS_unsigned_add1_attr_by_NID: function(si: PCMS_SignerInfo; nid: TIdC_INT; type_: TIdC_INT; const bytes: Pointer; len: TIdC_INT): TIdC_INT cdecl = nil;
+  CMS_unsigned_add1_attr_by_txt: function(si: PCMS_SignerInfo; const attrname: PAnsiChar; type_: TIdC_INT; const bytes: Pointer; len: TIdC_INT): TIdC_INT cdecl = nil;
+  CMS_unsigned_get0_data_by_OBJ: function(si: PCMS_SignerInfo; oid: PASN1_OBJECT; lastpos: TIdC_INT; type_: TIdC_INT): Pointer cdecl = nil;
 
   CMS_get1_ReceiptRequest: function(si: PCMS_SignerInfo; prr: PPCMS_ReceiptRequest): TIdC_INT cdecl = nil;
 //  function CMS_ReceiptRequest_create0(id: PByte; idlen: TIdC_INT; allorfirst: TIdC_INT
@@ -301,7 +299,6 @@ procedure UnLoad;
 
 implementation
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 
   function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
@@ -505,6 +502,5 @@ procedure UnLoad;
   CMS_RecipientInfo_kari_decrypt := nil;
   CMS_SharedInfo_encode := nil;
 end;
-{$ENDREGION}
 
 end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_cmserr.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_cmserr.pas
index 76ff3fd1a..55bc99b97 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_cmserr.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_cmserr.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 15:01:04
+// Generation date: 28.10.2020 15:24:13
 
 unit IdOpenSSLHeaders_cmserr;
 
@@ -220,17 +220,14 @@ interface
   CMS_R_VERIFICATION_FAILURE                      = 158;
   CMS_R_WRAP_ERROR                                = 159;
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 procedure UnLoad;
-{$ENDREGION}
 
 var
   ERR_load_CMS_strings: function: TIdC_INT cdecl = nil;
 
 implementation
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 
   function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
@@ -248,6 +245,5 @@ procedure UnLoad;
 begin
   ERR_load_CMS_strings := nil;
 end;
-{$ENDREGION}
 
 end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_comp.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_comp.pas
index 967ff9fdb..1474d12a6 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_comp.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_comp.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 15:01:04
+// Generation date: 28.10.2020 15:24:13
 
 unit IdOpenSSLHeaders_comp;
 
@@ -47,10 +47,8 @@ interface
   IdOpenSSLHeaders_bio,
   IdOpenSSLHeaders_ossl_typ;
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 procedure UnLoad;
-{$ENDREGION}
 
 var
   COMP_CTX_new: function(meth: PCOMP_METHOD): PCOMP_CTX cdecl = nil;
@@ -60,8 +58,8 @@ procedure UnLoad;
   COMP_get_name: function(const meth: PCOMP_METHOD): PIdAnsiChar cdecl = nil;
   COMP_CTX_free: procedure(ctx: PCOMP_CTX) cdecl = nil;
 
-  COMP_compress_block: function(ctx: PCOMP_CTX; &out: PByte; olen: TIdC_INT; &in: PByte; ilen: TIdC_INT): TIdC_INT cdecl = nil;
-  COMP_expand_block: function(ctx: PCOMP_CTX; &out: PByte; olen: TIdC_INT; &in: PByte; ilen: TIdC_INT): TIdC_INT cdecl = nil;
+  COMP_compress_block: function(ctx: PCOMP_CTX; out_: PByte; olen: TIdC_INT; in_: PByte; ilen: TIdC_INT): TIdC_INT cdecl = nil;
+  COMP_expand_block: function(ctx: PCOMP_CTX; out_: PByte; olen: TIdC_INT; in_: PByte; ilen: TIdC_INT): TIdC_INT cdecl = nil;
 
   COMP_zlib: function: PCOMP_METHOD cdecl = nil;
 
@@ -69,7 +67,6 @@ procedure UnLoad;
 
 implementation
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 
   function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
@@ -105,6 +102,5 @@ procedure UnLoad;
   COMP_zlib := nil;
   BIO_f_zlib := nil;
 end;
-{$ENDREGION}
 
 end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_comperr.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_comperr.pas
index 3d323fe36..80b2562d8 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_comperr.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_comperr.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 15:01:04
+// Generation date: 28.10.2020 15:24:13
 
 unit IdOpenSSLHeaders_comperr;
 
@@ -62,17 +62,14 @@ interface
   COMP_R_ZLIB_INFLATE_ERROR =  100;
   COMP_R_ZLIB_NOT_SUPPORTED =  101;
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 procedure UnLoad;
-{$ENDREGION}
 
 var
   ERR_load_COMP_strings: function: TIdC_INT cdecl = nil;
 
 implementation
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 
   function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
@@ -90,6 +87,5 @@ procedure UnLoad;
 begin
   ERR_load_COMP_strings := nil;
 end;
-{$ENDREGION}
 
 end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_conf.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_conf.pas
index 33a18cac3..8e9c15d03 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_conf.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_conf.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 15:01:04
+// Generation date: 28.10.2020 15:24:13
 
 unit IdOpenSSLHeaders_conf;
 
@@ -104,10 +104,8 @@   (*conf_method_st = record
   CONF_MFLAGS_IGNORE_MISSING_FILE = $10;
   CONF_MFLAGS_DEFAULT_SECTION = $20;
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 procedure UnLoad;
-{$ENDREGION}
 
 var
   CONF_set_default_method: function(meth: PCONF_METHOD): TIdC_INT cdecl = nil;
@@ -157,7 +155,7 @@   //  conf_st = record
   NCONF_free: procedure(conf: PCONF) cdecl = nil;
   NCONF_free_data: procedure(conf: PCONF) cdecl = nil;
 
-  NCONF_load: function(conf: PCONF; const &file: PAnsiChar; eline: PIdC_LONG): TIdC_INT cdecl = nil;
+  NCONF_load: function(conf: PCONF; const file_: PAnsiChar; eline: PIdC_LONG): TIdC_INT cdecl = nil;
   NCONF_load_bio: function(conf: PCONF; bp: PBIO; eline: PIdC_LONG): TIdC_INT cdecl = nil;
   //STACK_OF(CONF_VALUE) *NCONF_get_section(const CONF *conf,
   //                                        const char *section);
@@ -193,7 +191,6 @@   //  conf_st = record
 
 implementation
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 
   function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
@@ -261,6 +258,5 @@ procedure UnLoad;
   CONF_parse_list := nil;
   OPENSSL_load_builtin_modules := nil;
 end;
-{$ENDREGION}
 
 end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_conf_api.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_conf_api.pas
index 2dcdfa1f5..60e89699b 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_conf_api.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_conf_api.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 15:01:04
+// Generation date: 28.10.2020 15:24:13
 
 unit IdOpenSSLHeaders_conf_api;
 
@@ -46,10 +46,8 @@ interface
   IdOpenSSLConsts,
   IdOpenSSLHeaders_conf;
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 procedure UnLoad;
-{$ENDREGION}
 
 var
   //* Up until OpenSSL 0.9.5a, this was new_section */
@@ -70,7 +68,6 @@ procedure UnLoad;
 
 implementation
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 
   function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
@@ -100,6 +97,5 @@ procedure UnLoad;
   _CONF_new_data := nil;
   _CONF_free_data := nil;
 end;
-{$ENDREGION}
 
 end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_conferr.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_conferr.pas
index 3f65cbfdf..6dfc091f8 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_conferr.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_conferr.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 15:01:04
+// Generation date: 28.10.2020 15:24:13
 
 unit IdOpenSSLHeaders_conferr;
 
@@ -99,17 +99,14 @@ interface
   CONF_R_VARIABLE_EXPANSION_TOO_LONG = 116;
   CONF_R_VARIABLE_HAS_NO_VALUE = 104;
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 procedure UnLoad;
-{$ENDREGION}
 
 var
   ERR_load_CONF_strings: function: TIdC_INT cdecl = nil;
 
 implementation
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 
   function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
@@ -127,6 +124,5 @@ procedure UnLoad;
 begin
   ERR_load_CONF_strings := nil;
 end;
-{$ENDREGION}
 
 end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_crypto.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_crypto.pas
index 1d172fa58..bea98d826 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_crypto.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_crypto.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 15:01:04
+// Generation date: 28.10.2020 15:24:13
 
 unit IdOpenSSLHeaders_crypto;
 
@@ -46,7 +46,7 @@ interface
   IdOpenSSLConsts,
   IdOpenSSLHeaders_bio,
   IdOpenSSLHeaders_ossl_typ,
-  System.Types;
+  {$IFDEF VCL_XE3_OR_ABOVE}System.Types{$ELSE}Types{$ENDIF};
 
 {$MINENUMSIZE 4}
 
@@ -149,7 +149,6 @@   //crypto_ex_data_st = record
   CRYPTO_ONCE = type TIdC_LONG;
   PCRYPTO_ONCE = ^CRYPTO_ONCE;
 
-{$REGION 'C compiler macros'}
 function OPENSSL_malloc(num: TIdC_SIZET): Pointer;
 function OPENSSL_zalloc(num: TIdC_SIZET): Pointer;
 function OPENSSL_realloc(addr: Pointer; num: TIdC_SIZET): Pointer;
@@ -164,12 +163,9 @@ function OPENSSL_secure_zalloc(num: TIdC_SIZET): Pointer;
 procedure OPENSSL_secure_free(addr: Pointer);
 procedure OPENSSL_secure_clear_free(addr: Pointer; num: TIdC_SIZET);
 function OPENSSL_secure_actual_size(ptr: Pointer): TIdC_SIZET;
-{$ENDREGION}
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 procedure UnLoad;
-{$ENDREGION}
 
 var
   CRYPTO_THREAD_lock_new: function: PCRYPTO_RWLOCK cdecl = nil;
@@ -204,7 +200,7 @@ procedure UnLoad;
    * given class (invokes whatever per-class callbacks are applicable)
    *)
    CRYPTO_new_ex_data: function(class_index: TIdC_INT; obj: Pointer; ad: PCRYPTO_EX_DATA): TIdC_INT cdecl = nil;
-   CRYPTO_dup_ex_data: function(class_index: TIdC_INT; &to: PCRYPTO_EX_DATA; const from: PCRYPTO_EX_DATA): TIdC_INT cdecl = nil;
+   CRYPTO_dup_ex_data: function(class_index: TIdC_INT; to_: PCRYPTO_EX_DATA; const from: PCRYPTO_EX_DATA): TIdC_INT cdecl = nil;
 
    CRYPTO_free_ex_data: procedure(class_index: TIdC_INT; obj: Pointer; ad: PCRYPTO_EX_DATA) cdecl = nil;
 
@@ -259,22 +255,22 @@ procedure UnLoad;
   //        void *(**r) (void *, TIdC_SIZET, const char *, int),
   //        void (**f) (void *, const char *, int));
 
-  CRYPTO_malloc: function(num: TIdC_SIZET; const &file: PAnsiChar; line: TIdC_INT): Pointer cdecl = nil;
-  CRYPTO_zalloc: function(num: TIdC_SIZET; const &file: PAnsiChar; line: TIdC_INT): Pointer cdecl = nil;
-  CRYPTO_memdup: function(const str: Pointer; siz: TIdC_SIZET; const &file: PAnsiChar; line: TIdC_INT): Pointer cdecl = nil;
-  CRYPTO_strdup: function(const str: PAnsiChar; const &file: PAnsiChar; line: TIdC_INT): PAnsiChar cdecl = nil;
-  CRYPTO_strndup: function(const str: PAnsiChar; s: TIdC_SIZET; const &file: PAnsiChar; line: TIdC_INT): PAnsiChar cdecl = nil;
-  CRYPTO_free: procedure(ptr: Pointer; const &file: PAnsiChar; line: TIdC_INT) cdecl = nil;
-  CRYPTO_clear_free: procedure(ptr: Pointer; num: TIdC_SIZET; const &file: PAnsiChar; line: TIdC_INT) cdecl = nil;
-  CRYPTO_realloc: function(addr: Pointer; num: TIdC_SIZET; const &file: PAnsiChar; line: TIdC_INT): Pointer cdecl = nil;
-  CRYPTO_clear_realloc: function(addr: Pointer; old_num: TIdC_SIZET; num: TIdC_SIZET; const &file: PAnsiChar; line: TIdC_INT): Pointer cdecl = nil;
+  CRYPTO_malloc: function(num: TIdC_SIZET; const file_: PAnsiChar; line: TIdC_INT): Pointer cdecl = nil;
+  CRYPTO_zalloc: function(num: TIdC_SIZET; const file_: PAnsiChar; line: TIdC_INT): Pointer cdecl = nil;
+  CRYPTO_memdup: function(const str: Pointer; siz: TIdC_SIZET; const file_: PAnsiChar; line: TIdC_INT): Pointer cdecl = nil;
+  CRYPTO_strdup: function(const str: PAnsiChar; const file_: PAnsiChar; line: TIdC_INT): PAnsiChar cdecl = nil;
+  CRYPTO_strndup: function(const str: PAnsiChar; s: TIdC_SIZET; const file_: PAnsiChar; line: TIdC_INT): PAnsiChar cdecl = nil;
+  CRYPTO_free: procedure(ptr: Pointer; const file_: PAnsiChar; line: TIdC_INT) cdecl = nil;
+  CRYPTO_clear_free: procedure(ptr: Pointer; num: TIdC_SIZET; const file_: PAnsiChar; line: TIdC_INT) cdecl = nil;
+  CRYPTO_realloc: function(addr: Pointer; num: TIdC_SIZET; const file_: PAnsiChar; line: TIdC_INT): Pointer cdecl = nil;
+  CRYPTO_clear_realloc: function(addr: Pointer; old_num: TIdC_SIZET; num: TIdC_SIZET; const file_: PAnsiChar; line: TIdC_INT): Pointer cdecl = nil;
 
   CRYPTO_secure_malloc_init: function(sz: TIdC_SIZET; minsize: TIdC_INT): TIdC_INT cdecl = nil;
   CRYPTO_secure_malloc_done: function: TIdC_INT cdecl = nil;
-  CRYPTO_secure_malloc: function(num: TIdC_SIZET; const &file: PAnsiChar; line: TIdC_INT): Pointer cdecl = nil;
-  CRYPTO_secure_zalloc: function(num: TIdC_SIZET; const &file: PAnsiChar; line: TIdC_INT): Pointer cdecl = nil;
-  CRYPTO_secure_free: procedure(ptr: Pointer; const &file: PAnsiChar; line: TIdC_INT) cdecl = nil;
-  CRYPTO_secure_clear_free: procedure(ptr: Pointer; num: TIdC_SIZET; const &file: PAnsiChar; line: TIdC_INT) cdecl = nil;
+  CRYPTO_secure_malloc: function(num: TIdC_SIZET; const file_: PAnsiChar; line: TIdC_INT): Pointer cdecl = nil;
+  CRYPTO_secure_zalloc: function(num: TIdC_SIZET; const file_: PAnsiChar; line: TIdC_INT): Pointer cdecl = nil;
+  CRYPTO_secure_free: procedure(ptr: Pointer; const file_: PAnsiChar; line: TIdC_INT) cdecl = nil;
+  CRYPTO_secure_clear_free: procedure(ptr: Pointer; num: TIdC_SIZET; const file_: PAnsiChar; line: TIdC_INT) cdecl = nil;
   CRYPTO_secure_allocated: function(const ptr: Pointer): TIdC_INT cdecl = nil;
   CRYPTO_secure_malloc_initialized: function: TIdC_INT cdecl = nil;
   CRYPTO_secure_actual_size: function(ptr: Pointer): TIdC_SIZET cdecl = nil;
@@ -282,7 +278,7 @@ procedure UnLoad;
 
   OPENSSL_cleanse: procedure(ptr: Pointer; len: TIdC_SIZET) cdecl = nil;
 
-  CRYPTO_mem_debug_push: function(const info: PAnsiChar; const &file: PAnsiChar; line: TIdC_INT): TIdC_INT cdecl = nil;
+  CRYPTO_mem_debug_push: function(const info: PAnsiChar; const file_: PAnsiChar; line: TIdC_INT): TIdC_INT cdecl = nil;
   CRYPTO_mem_debug_pop: function: TIdC_INT cdecl = nil;
   CRYPTO_get_alloc_counts: procedure(mcount: PIdC_INT; rcount: PIdC_INT; fcount: PIdC_INT) cdecl = nil;
 
@@ -292,9 +288,9 @@ procedure UnLoad;
    *   0:   called before the actual memory allocation has taken place
    *   1:   called after the actual memory allocation has taken place
    *)
-  CRYPTO_mem_debug_malloc: procedure(addr: Pointer; num: TIdC_SIZET; flag: TIdC_INT; const &file: PAnsiChar; line: TIdC_INT) cdecl = nil;
-  CRYPTO_mem_debug_realloc: procedure(addr1: Pointer; addr2: Pointer; num: TIdC_SIZET; flag: TIdC_INT; const &file: PAnsiChar; line: TIdC_INT) cdecl = nil;
-  CRYPTO_mem_debug_free: procedure(addr: Pointer; flag: TIdC_INT; const &file: PAnsiChar; line: TIdC_INT) cdecl = nil;
+  CRYPTO_mem_debug_malloc: procedure(addr: Pointer; num: TIdC_SIZET; flag: TIdC_INT; const file_: PAnsiChar; line: TIdC_INT) cdecl = nil;
+  CRYPTO_mem_debug_realloc: procedure(addr1: Pointer; addr2: Pointer; num: TIdC_SIZET; flag: TIdC_INT; const file_: PAnsiChar; line: TIdC_INT) cdecl = nil;
+  CRYPTO_mem_debug_free: procedure(addr: Pointer; flag: TIdC_INT; const file_: PAnsiChar; line: TIdC_INT) cdecl = nil;
 
   CRYPTO_mem_leaks_cb: function(cb: CRYPTO_mem_leaks_cb_cb; u: Pointer): TIdC_INT cdecl = nil;
 
@@ -359,7 +355,6 @@ procedure UnLoad;
 
 implementation
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 
   function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
@@ -505,9 +500,7 @@ procedure UnLoad;
   CRYPTO_THREAD_get_current_id := nil;
   CRYPTO_THREAD_compare_id := nil;
 end;
-{$ENDREGION}
 
-{$REGION 'C compiler macros'}
 // OPENSSL_FILE = __FILE__ = C preprocessor macro
 // OPENSSL_LINE = __LINE__ = C preprocessor macro
 // FPC hase an equivalent with {$I %FILE%} and {$I %LINE%}, see https://www.freepascal.org/docs-html/prog/progsu41.html#x47-460001.1.41
@@ -596,6 +589,5 @@ function OPENSSL_secure_actual_size(ptr: Pointer): TIdC_SIZET;
 begin
   Result := CRYPTO_secure_actual_size(ptr);
 end;
-{$ENDREGION}
 
 end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_cryptoerr.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_cryptoerr.pas
index d58258fc9..b36a6cd00 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_cryptoerr.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_cryptoerr.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 15:01:04
+// Generation date: 28.10.2020 15:24:13
 
 unit IdOpenSSLHeaders_cryptoerr;
 
@@ -80,17 +80,14 @@ interface
   CRYPTO_R_ILLEGAL_HEX_DIGIT = 102;
   CRYPTO_R_ODD_NUMBER_OF_DIGITS = 103;
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 procedure UnLoad;
-{$ENDREGION}
 
 var
   ERR_load_CRYPTO_strings: function: TIdC_INT cdecl = nil;
 
 implementation
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 
   function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
@@ -108,6 +105,5 @@ procedure UnLoad;
 begin
   ERR_load_CRYPTO_strings := nil;
 end;
-{$ENDREGION}
 
 end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_cterr.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_cterr.pas
index a02cefea7..aa10a86ef 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_cterr.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_cterr.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 15:01:04
+// Generation date: 28.10.2020 15:24:13
 
 unit IdOpenSSLHeaders_cterr;
 
@@ -99,10 +99,8 @@ interface
   CT_R_UNSUPPORTED_ENTRY_TYPE =  102;
   CT_R_UNSUPPORTED_VERSION =  103;
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 procedure UnLoad;
-{$ENDREGION}
 
 var
   ERR_load_CT_strings: function: TIdC_INT cdecl = nil;
@@ -110,7 +108,6 @@ procedure UnLoad;
 
 implementation
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 
   function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
@@ -128,6 +125,5 @@ procedure UnLoad;
 begin
   ERR_load_CT_strings := nil;
 end;
-{$ENDREGION}
 
 end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_dh.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_dh.pas
index 898ad5118..91a2f2197 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_dh.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_dh.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 11.05.2020 08:36:42
+// Generation date: 28.10.2020 15:24:13
 
 unit IdOpenSSLHeaders_dh;
 
@@ -101,10 +101,8 @@ interface
   DH_meth_finish_cb = function(dh: PDH): TIdC_INT cdecl;
   DH_meth_generate_params_cb = function(dh: PDH; prime_len: TIdC_INT; generator: TIdC_INT; cb: PBN_GENCB): TIdC_INT cdecl;
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 procedure UnLoad;
-{$ENDREGION}
 
 var
 {
@@ -177,7 +175,7 @@ procedure UnLoad;
   DH_new_by_nid: function(nid: TIdC_INT): PDH cdecl = nil;
   DH_get_nid: function(const dh: PDH): TIdC_INT cdecl = nil;
 
-  DH_KDF_X9_42: function( &out: PByte; outlen: TIdC_SIZET; const Z: PByte; Zlen: TIdC_SIZET; key_oid: PASN1_OBJECT; const ukm: PByte; ukmlen: TIdC_SIZET; const md: PEVP_MD): TIdC_INT cdecl = nil;
+  DH_KDF_X9_42: function( out_: PByte; outlen: TIdC_SIZET; const Z: PByte; Zlen: TIdC_SIZET; key_oid: PASN1_OBJECT; const ukm: PByte; ukmlen: TIdC_SIZET; const md: PEVP_MD): TIdC_INT cdecl = nil;
 
   DH_get0_pqg: procedure(const dh: PDH; const p: PPBIGNUM; const q: PPBIGNUM; const g: PPBIGNUM) cdecl = nil;
   DH_set0_pqg: function(dh: PDH; p: PBIGNUM; q: PBIGNUM; g: PBIGNUM): TIdC_INT cdecl = nil;
@@ -310,7 +308,6 @@ procedure UnLoad;
 
 implementation
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 
   function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
@@ -468,6 +465,5 @@ procedure UnLoad;
   DH_meth_get_generate_params := nil;
   DH_meth_set_generate_params := nil;
 end;
-{$ENDREGION}
 
 end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_dherr.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_dherr.pas
index 918fd5d09..df743b4ec 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_dherr.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_dherr.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 15:01:04
+// Generation date: 28.10.2020 15:24:13
 
 unit IdOpenSSLHeaders_dherr;
 
@@ -102,17 +102,14 @@ interface
   DH_R_SHARED_INFO_ERROR         = 113;
   DH_R_UNABLE_TO_CHECK_GENERATOR = 121;
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 procedure UnLoad;
-{$ENDREGION}
 
 var
   ERR_load_DH_strings: function: TIdC_INT cdecl = nil;
 
 implementation
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 
   function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
@@ -130,6 +127,5 @@ procedure UnLoad;
 begin
   ERR_load_DH_strings := nil;
 end;
-{$ENDREGION}
 
 end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_dsa.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_dsa.pas
index df6bc7446..cf5b2af20 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_dsa.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_dsa.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 15:01:04
+// Generation date: 28.10.2020 15:24:13
 
 unit IdOpenSSLHeaders_dsa;
 
@@ -90,10 +90,8 @@ interface
 //# define d2i_DSAparams_bio(bp,x) ASN1_d2i_bio_of(DSA,DSA_new,d2i_DSAparams,bp,x)
 //# define i2d_DSAparams_bio(bp,x) ASN1_i2d_bio_of_const(DSA,i2d_DSAparams,bp,x)
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 procedure UnLoad;
-{$ENDREGION}
 
 var
   DSAparams_dup: function(x: PDSA): PDSA cdecl = nil;
@@ -207,7 +205,6 @@ procedure UnLoad;
 
 implementation
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 
   function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
@@ -375,6 +372,5 @@ procedure UnLoad;
   DSA_meth_get_keygen := nil;
   DSA_meth_set_keygen := nil;
 end;
-{$ENDREGION}
 
 end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_dsaerr.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_dsaerr.pas
index 421977e0f..dd0f60206 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_dsaerr.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_dsaerr.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 15:01:04
+// Generation date: 28.10.2020 15:24:13
 
 unit IdOpenSSLHeaders_dsaerr;
 
@@ -90,17 +90,14 @@ interface
   DSA_R_Q_NOT_PRIME = 113;
   DSA_R_SEED_LEN_SMALL = 110;
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 procedure UnLoad;
-{$ENDREGION}
 
 var
   ERR_load_DSA_strings: function: TIdC_INT cdecl = nil;
 
 implementation
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 
   function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
@@ -118,6 +115,5 @@ procedure UnLoad;
 begin
   ERR_load_DSA_strings := nil;
 end;
-{$ENDREGION}
 
 end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ebcdic.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ebcdic.pas
index 8d739173b..b4dd30568 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ebcdic.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ebcdic.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 15:01:04
+// Generation date: 28.10.2020 15:24:13
 
 unit IdOpenSSLHeaders_ebcdic;
 
@@ -45,10 +45,8 @@ interface
   IdGlobal,
   IdOpenSSLConsts;
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 procedure UnLoad;
-{$ENDREGION}
 
 var
 
@@ -60,7 +58,6 @@ procedure UnLoad;
 
 implementation
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 
   function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
@@ -80,6 +77,5 @@ procedure UnLoad;
   ebcdic2ascii := nil;
   ascii2ebcdic := nil;
 end;
-{$ENDREGION}
 
 end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ec.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ec.pas
index 99cc78a16..e790363ab 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ec.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ec.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 15:01:04
+// Generation date: 28.10.2020 15:24:13
 
 unit IdOpenSSLHeaders_ec;
 
@@ -107,7 +107,7 @@   EC_builtin_curve = record
   PECDSA_SIG = ^ECDSA_SIG;
   PPECDSA_SIG = ^PECDSA_SIG;
 
-  ECDH_compute_key_KDF = function(const &in: Pointer; inlen: TIdC_SIZET; &out: Pointer; outlen: PIdC_SIZET): Pointer; cdecl;
+  ECDH_compute_key_KDF = function(const in_: Pointer; inlen: TIdC_SIZET; out_: Pointer; outlen: PIdC_SIZET): Pointer; cdecl;
 
   EC_KEY_METHOD_init_init = function(key: PEC_KEY): TIdC_INT; cdecl;
   EC_KEY_METHOD_init_finish = procedure(key: PEC_KEY); cdecl;
@@ -145,10 +145,8 @@   EC_builtin_curve = record
   PEC_KEY_METHOD_verify_verify = ^EC_KEY_METHOD_verify_verify;
   PEC_KEY_METHOD_verify_verify_sig = ^EC_KEY_METHOD_verify_verify_sig;
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 procedure UnLoad;
-{$ENDREGION}
 
 var
   EC_GFp_simple_method: function: PEC_METHOD cdecl = nil;
@@ -266,8 +264,8 @@ procedure UnLoad;
   EC_GROUP_get_trinomial_basis: function(const group: PEC_GROUP; k: PIdC_UINT): TIdC_INT cdecl = nil;
   EC_GROUP_get_pentanomial_basis: function(const group: PEC_GROUP; k1: PIdC_UINT; k2: PIdC_UINT; k3: PIdC_UINT): TIdC_INT cdecl = nil;
 
-  d2i_ECPKParameters: function(group: PPEC_GROUP; const &in: PPByte; len: TIdC_LONG): PEC_GROUP cdecl = nil;
-  i2d_ECPKParameters: function(const group: PEC_GROUP; &out: PPByte): TIdC_INT cdecl = nil;
+  d2i_ECPKParameters: function(group: PPEC_GROUP; const in_: PPByte; len: TIdC_LONG): PEC_GROUP cdecl = nil;
+  i2d_ECPKParameters: function(const group: PEC_GROUP; out_: PPByte): TIdC_INT cdecl = nil;
 
   ECPKParameters_print: function(bp: PBIO; const x: PEC_GROUP; off: TIdC_INT): TIdC_INT cdecl = nil;
 
@@ -305,10 +303,10 @@ procedure UnLoad;
   EC_KEY_priv2oct: function(const key: PEC_KEY; buf: PByte; len: TIdC_SIZET): TIdC_SIZET cdecl = nil;
   EC_KEY_priv2buf: function(const eckey: PEC_KEY; buf: PPByte): TIdC_SIZET cdecl = nil;
 
-  d2i_ECPrivateKey: function(key: PPEC_KEY; const &in: PPByte; len: TIdC_LONG): PEC_KEY cdecl = nil;
-  i2d_ECPrivateKey: function(key: PEC_KEY; &out: PPByte): TIdC_INT cdecl = nil;
-  o2i_ECPublicKey: function(key: PPEC_KEY; const &in: PPByte; len: TIdC_LONG): PEC_KEY cdecl = nil;
-  i2o_ECPublicKey: function(const key: PEC_KEY; &out: PPByte): TIdC_INT cdecl = nil;
+  d2i_ECPrivateKey: function(key: PPEC_KEY; const in_: PPByte; len: TIdC_LONG): PEC_KEY cdecl = nil;
+  i2d_ECPrivateKey: function(key: PEC_KEY; out_: PPByte): TIdC_INT cdecl = nil;
+  o2i_ECPublicKey: function(key: PPEC_KEY; const in_: PPByte; len: TIdC_LONG): PEC_KEY cdecl = nil;
+  i2o_ECPublicKey: function(const key: PEC_KEY; out_: PPByte): TIdC_INT cdecl = nil;
 
   ECParameters_print: function(bp: PBIO; const key: PEC_KEY): TIdC_INT cdecl = nil;
   EC_KEY_print: function(bp: PBIO; const key: PEC_KEY; off: TIdC_INT): TIdC_INT cdecl = nil;
@@ -356,7 +354,6 @@ procedure UnLoad;
 
 implementation
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 
   function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
@@ -722,6 +719,5 @@ procedure UnLoad;
   EC_KEY_METHOD_get_sign := nil;
   EC_KEY_METHOD_get_verify := nil;
 end;
-{$ENDREGION}
 
 end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ecerr.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ecerr.pas
index bdd342d93..d1792f9fd 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ecerr.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ecerr.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 15:01:04
+// Generation date: 28.10.2020 15:24:13
 
 unit IdOpenSSLHeaders_ecerr;
 
@@ -293,17 +293,14 @@ interface
   EC_R_WRONG_CURVE_PARAMETERS =  145;
   EC_R_WRONG_ORDER =   130;
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 procedure UnLoad;
-{$ENDREGION}
 
 var
   ERR_load_EC_strings: function: TIdC_INT cdecl = nil;
 
 implementation
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 
   function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
@@ -321,6 +318,5 @@ procedure UnLoad;
 begin
   ERR_load_EC_strings := nil;
 end;
-{$ENDREGION}
 
 end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_engine.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_engine.pas
index cc95fb2d0..7c33d37d2 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_engine.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_engine.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 15:01:04
+// Generation date: 28.10.2020 15:24:13
 
 unit IdOpenSSLHeaders_engine;
 
@@ -370,10 +370,8 @@   st_dynamic_fns = record
   dynamic_bind_engine = function(e: PENGINE; const id: PIdAnsiChar;
     const fns: dynamic_fns): TIdC_INT; cdecl;
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 procedure UnLoad;
-{$ENDREGION}
 
 var
   //
@@ -722,7 +720,6 @@ procedure UnLoad;
 
 implementation
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 
   function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
@@ -974,6 +971,5 @@ procedure UnLoad;
   ENGINE_add_conf_module := nil;
   ENGINE_get_static_state := nil;
 end;
-{$ENDREGION}
 
 end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_engineerr.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_engineerr.pas
index 675fb4645..519338f88 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_engineerr.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_engineerr.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 15:01:04
+// Generation date: 28.10.2020 15:24:13
 
 unit IdOpenSSLHeaders_engineerr;
 
@@ -129,17 +129,14 @@ interface
   ENGINE_R_UNIMPLEMENTED_PUBLIC_KEY_METHOD = 101;
   ENGINE_R_VERSION_INCOMPATIBILITY = 145;
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 procedure UnLoad;
-{$ENDREGION}
 
 var
   ERR_load_ENGINE_strings: function: TIdC_INT cdecl = nil;
 
 implementation
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 
   function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
@@ -157,6 +154,5 @@ procedure UnLoad;
 begin
   ERR_load_ENGINE_strings := nil;
 end;
-{$ENDREGION}
 
 end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_err.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_err.pas
index d88c3edbe..5bf408bb2 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_err.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_err.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 15:01:04
+// Generation date: 28.10.2020 15:24:13
 
 unit IdOpenSSLHeaders_err;
 
@@ -182,22 +182,20 @@   err_state_st = record
 
   ERR_string_data_st = record
     error: TIdC_ULONG;
-    &string: PIdAnsiChar;
+    string_: PIdAnsiChar;
   end;
   ERR_STRING_DATA = ERR_string_data_st;
   PERR_STRING_DATA = ^ERR_STRING_DATA;
 
   ERR_print_errors_cb_cb = function(str: PIdAnsiChar; len: TIdC_SIZET; u: Pointer): TIdC_INT; cdecl;
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 procedure UnLoad;
-{$ENDREGION}
 
 var
 // DEFINE_LHASH_OF(ERR_STRING_DATA);
 
-  ERR_put_error: procedure(lib: TIdC_INT; func: TIdC_INT; reason: TIdC_INT; &file: PIdAnsiChar; line: TIdC_INT) cdecl = nil;
+  ERR_put_error: procedure(lib: TIdC_INT; func: TIdC_INT; reason: TIdC_INT; file_: PIdAnsiChar; line: TIdC_INT) cdecl = nil;
   ERR_set_error_data: procedure(data: PIdAnsiChar; flags: TIdC_INT) cdecl = nil;
   
   ERR_get_error: function: TIdC_ULONG cdecl = nil;
@@ -236,7 +234,6 @@ procedure UnLoad;
 
 implementation
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 
   function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
@@ -308,6 +305,5 @@ procedure UnLoad;
   ERR_pop_to_mark := nil;
   ERR_clear_last_mark := nil;
 end;
-{$ENDREGION}
 
 end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_evp.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_evp.pas
index 3d893643f..c521de025 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_evp.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_evp.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 15:01:04
+// Generation date: 28.10.2020 15:24:13
 
 unit IdOpenSSLHeaders_evp;
 
@@ -412,18 +412,18 @@ interface
 
   EVP_CIPHER_meth_init = function(ctx: PEVP_CIPHER_CTX; const key: PByte;
     const iv: PByte; enc: TIdC_SIZET): TIdC_INT; cdecl;
-  EVP_CIPHER_meth_do_cipher = function(ctx: PEVP_CIPHER_CTX; &out: PByte;
-    const &in: PByte; inl: TIdC_SIZET): TIdC_INT; cdecl;
+  EVP_CIPHER_meth_do_cipher = function(ctx: PEVP_CIPHER_CTX; out_: PByte;
+    const in_: PByte; inl: TIdC_SIZET): TIdC_INT; cdecl;
   EVP_CIPHER_meth_cleanup = function(v1: PEVP_CIPHER_CTX): TIdC_INT; cdecl;
   EVP_CIPHER_meth_set_asn1_params = function(v1: PEVP_CIPHER_CTX;
     v2: PASN1_TYPE): TIdC_INT; cdecl;
   EVP_CIPHER_meth_get_asn1_params = function(v1: PEVP_CIPHER_CTX;
     v2: PASN1_TYPE): TIdC_INT; cdecl;
-  EVP_CIPHER_meth_ctrl = function(v1: PEVP_CIPHER_CTX; &type: TIdC_INT;
+  EVP_CIPHER_meth_ctrl = function(v1: PEVP_CIPHER_CTX; type_: TIdC_INT;
     arg: TIdC_INT; ptr: Pointer): TIdC_INT; cdecl;
 
   EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM = record
-    &out: PByte;
+    out_: PByte;
     inp: PByte;
     len: TIdC_SIZET;
     interleave: TidC_UINT;
@@ -437,20 +437,17 @@   evp_cipher_info_st = record
 
   EVP_MD_CTX_update = function(ctx: PEVP_MD_CTX; const data: Pointer; count: TIdC_SIZET): TIdC_INT; cdecl;
 
-  fn = procedure(const ciph: PEVP_CIPHER; const from: PIdAnsiChar; const &to: PIdAnsiChar; x: Pointer); cdecl;
+  fn = procedure(const ciph: PEVP_CIPHER; const from: PIdAnsiChar; const to_: PIdAnsiChar; x: Pointer); cdecl;
 
   rsa_st = type Pointer;
   Prsa_st = ^rsa_st;
 
   dsa_st = type Pointer;
-
   Pdsa_st = ^dsa_st;
 
   dh_st = type Pointer;
-
   Pdh_st = ^dh_st;
   ec_key_st = type Pointer;
-
   Pec_key_st = ^ec_key_st;
 
   pub_decode = function(pk: PEVP_PKEY; pub: PX509_PUBKEY): TIdC_INT; cdecl;
@@ -531,19 +528,19 @@   evp_cipher_info_st = record
   PEVP_PKEY_meth_verifyctx = ^EVP_PKEY_meth_verifyctx;
   EVP_PKEY_meth_encrypt_init = function(ctx: PEVP_PKEY_CTX): TIdC_INT; cdecl;
   PEVP_PKEY_meth_encrypt_init = ^EVP_PKEY_meth_encrypt_init;
-  EVP_PKEY_meth_encrypt = function(ctx: PEVP_PKEY_CTX; &out: PByte;
-    outlen: TIdC_SIZET; const &in: PByte): TIdC_INT; cdecl;
+  EVP_PKEY_meth_encrypt = function(ctx: PEVP_PKEY_CTX; out_: PByte;
+    outlen: TIdC_SIZET; const in_: PByte): TIdC_INT; cdecl;
   PEVP_PKEY_meth_encrypt = ^ EVP_PKEY_meth_encrypt;
   EVP_PKEY_meth_decrypt_init = function(ctx: PEVP_PKEY_CTX): TIdC_INT; cdecl;
   PEVP_PKEY_meth_decrypt_init = ^EVP_PKEY_meth_decrypt_init;
-  EVP_PKEY_meth_decrypt = function(ctx: PEVP_PKEY_CTX; &out: PByte;
-    outlen: TIdC_SIZET; const &in: PByte; inlen: TIdC_SIZET): TIdC_INT; cdecl;
+  EVP_PKEY_meth_decrypt = function(ctx: PEVP_PKEY_CTX; out_: PByte;
+    outlen: TIdC_SIZET; const in_: PByte; inlen: TIdC_SIZET): TIdC_INT; cdecl;
   PEVP_PKEY_meth_decrypt = ^EVP_PKEY_meth_decrypt;
   EVP_PKEY_meth_derive_init = function(ctx: PEVP_PKEY_CTX): TIdC_INT; cdecl;
   PEVP_PKEY_meth_derive_init = ^EVP_PKEY_meth_derive_init;
   EVP_PKEY_meth_derive = function(ctx: PEVP_PKEY_CTX; key: PByte; keylen: PIdC_SIZET): TIdC_INT; cdecl;
   PEVP_PKEY_meth_derive = ^EVP_PKEY_meth_derive;
-  EVP_PKEY_meth_ctrl = function(ctx: PEVP_PKEY_CTX; &type: TIdC_INT; p1: TIdC_INT; p2: Pointer): TIdC_INT; cdecl;
+  EVP_PKEY_meth_ctrl = function(ctx: PEVP_PKEY_CTX; type_: TIdC_INT; p1: TIdC_INT; p2: Pointer): TIdC_INT; cdecl;
   PEVP_PKEY_meth_ctrl = ^EVP_PKEY_meth_ctrl;
   EVP_PKEY_meth_ctrl_str = function(ctx: PEVP_PKEY_CTX; key: PByte; keylen: PIdC_SIZET): TIdC_INT; cdecl;
   PEVP_PKEY_meth_ctrl_str = ^EVP_PKEY_meth_ctrl_str;
@@ -569,19 +566,15 @@   evp_cipher_info_st = record
   PEVP_PBE_KEYGEN = ^EVP_PBE_KEYGEN;
   PPEVP_PBE_KEYGEN = ^PEVP_PBE_KEYGEN;
 
-{$REGION 'C compiler macros'}
 function EVP_PKEY_assign_RSA(pkey: PEVP_PKEY; rsa: Pointer): TIdC_INT;
 function EVP_PKEY_assign_DSA(pkey: PEVP_PKEY; dsa: Pointer): TIdC_INT;
 function EVP_PKEY_assign_DH(pkey: PEVP_PKEY; dh: Pointer): TIdC_INT;
 function EVP_PKEY_assign_EC_KEY(pkey: PEVP_PKEY; eckey: Pointer): TIdC_INT;
 function EVP_PKEY_assign_SIPHASH(pkey: PEVP_PKEY; shkey: Pointer): TIdC_INT;
 function EVP_PKEY_assign_POLY1305(pkey: PEVP_PKEY; polykey: Pointer): TIdC_INT;
-{$ENDREGION}
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 procedure UnLoad;
-{$ENDREGION}
 
 var
   EVP_MD_meth_new: function(md_type: TIdC_INT; pkey_type: TIdC_INT): PEVP_MD cdecl = nil;
@@ -594,7 +587,7 @@ procedure UnLoad;
   EVP_MD_meth_set_flags: function(md: PEVP_MD; flags: TIdC_ULONG): TIdC_INT cdecl = nil;
   EVP_MD_meth_set_init: function(md: PEVP_MD; init: EVP_MD_meth_init): TIdC_INT cdecl = nil;
   EVP_MD_meth_set_update: function(md: PEVP_MD; update: EVP_MD_meth_update): TIdC_INT cdecl = nil;
-  EVP_MD_meth_set_final: function(md: PEVP_MD; &final: EVP_MD_meth_final): TIdC_INT cdecl = nil;
+  EVP_MD_meth_set_final: function(md: PEVP_MD; final_: EVP_MD_meth_final): TIdC_INT cdecl = nil;
   EVP_MD_meth_set_copy: function(md: PEVP_MD; copy: EVP_MD_meth_copy): TIdC_INT cdecl = nil;
   EVP_MD_meth_set_cleanup: function(md: PEVP_MD; cleanup: EVP_MD_meth_cleanup): TIdC_INT cdecl = nil;
   EVP_MD_meth_set_ctrl: function(md: PEVP_MD; ctrl: EVP_MD_meth_ctrl): TIdC_INT cdecl = nil;
@@ -675,7 +668,7 @@ procedure UnLoad;
   EVP_CIPHER_CTX_buf_noconst: function(ctx: PEVP_CIPHER_CTX): PByte cdecl = nil;
   EVP_CIPHER_CTX_num: function(const ctx: PEVP_CIPHER_CTX): TIdC_INT cdecl = nil;
   EVP_CIPHER_CTX_set_num: procedure(ctx: PEVP_CIPHER_CTX; num: TIdC_INT) cdecl = nil;
-  EVP_CIPHER_CTX_copy: function(&out: PEVP_CIPHER_CTX; const &in: PEVP_CIPHER_CTX): TIdC_INT cdecl = nil;
+  EVP_CIPHER_CTX_copy: function(&out: PEVP_CIPHER_CTX; const in_: PEVP_CIPHER_CTX): TIdC_INT cdecl = nil;
   EVP_CIPHER_CTX_get_app_data: function(const ctx: PEVP_CIPHER_CTX): Pointer cdecl = nil;
   EVP_CIPHER_CTX_set_app_data: procedure(ctx: PEVP_CIPHER_CTX; data: Pointer) cdecl = nil;
   EVP_CIPHER_CTX_get_cipher_data: function(const ctx: PEVP_CIPHER_CTX): Pointer cdecl = nil;
@@ -708,7 +701,7 @@ procedure UnLoad;
   //# define BIO_get_cipher_status(b)   BIO_ctrl(b;BIO_C_GET_CIPHER_STATUS;0;NULL)
   //# define BIO_get_cipher_ctx(b;c_pp) BIO_ctrl(b;BIO_C_GET_CIPHER_CTX;0; (PIdAnsiChar)(c_pp))
 
-  //function EVP_Cipher(c: PEVP_CIPHER_CTX; &out: PByte; const &in: PByte; in1: TIdC_UINT): TIdC_INT;
+  //function EVP_Cipher(c: PEVP_CIPHER_CTX; out_: PByte; const in_: PByte; in1: TIdC_UINT): TIdC_INT;
 
   //# define EVP_add_cipher_alias(n;alias) OBJ_NAME_add((alias);OBJ_NAME_TYPE_CIPHER_METH|OBJ_NAME_ALIAS;(n))
   //# define EVP_add_digest_alias(n;alias) OBJ_NAME_add((alias);OBJ_NAME_TYPE_MD_METH|OBJ_NAME_ALIAS;(n))
@@ -722,17 +715,17 @@ procedure UnLoad;
   //# define EVP_MD_CTX_create()     EVP_MD_CTX_new()
   //# define EVP_MD_CTX_init(ctx)    EVP_MD_CTX_reset((ctx))
   //# define EVP_MD_CTX_destroy(ctx) EVP_MD_CTX_free((ctx))
-  EVP_MD_CTX_copy_ex: function(&out: PEVP_MD_CTX; const &in: PEVP_MD_CTX): TIdC_INT cdecl = nil;
+  EVP_MD_CTX_copy_ex: function(&out: PEVP_MD_CTX; const in_: PEVP_MD_CTX): TIdC_INT cdecl = nil;
   EVP_MD_CTX_set_flags: procedure(ctx: PEVP_MD_CTX; flags: TIdC_INT) cdecl = nil;
   EVP_MD_CTX_clear_flags: procedure(ctx: PEVP_MD_CTX; flags: TIdC_INT) cdecl = nil;
   EVP_MD_CTX_test_flags: function(const ctx: PEVP_MD_CTX; flags: TIdC_INT): TIdC_INT cdecl = nil;
-  EVP_DigestInit_ex: function(ctx: PEVP_MD_CTX; const &type: PEVP_MD; impl: PENGINE): TIdC_INT cdecl = nil;
+  EVP_DigestInit_ex: function(ctx: PEVP_MD_CTX; const type_: PEVP_MD; impl: PENGINE): TIdC_INT cdecl = nil;
   EVP_DigestUpdate: function(ctx: PEVP_MD_CTX; const d: Pointer; cnt: TIdC_SIZET): TIdC_INT cdecl = nil;
   EVP_DigestFinal_ex: function(ctx: PEVP_MD_CTX; md: PByte; s: PIdC_UINT): TIdC_INT cdecl = nil;
-  EVP_Digest: function(const data: Pointer; count: TIdC_SIZET; md: PByte; size: PIdC_UINT; const &type: PEVP_MD; impl: PENGINE): TIdC_INT cdecl = nil;
+  EVP_Digest: function(const data: Pointer; count: TIdC_SIZET; md: PByte; size: PIdC_UINT; const type_: PEVP_MD; impl: PENGINE): TIdC_INT cdecl = nil;
 
-  EVP_MD_CTX_copy: function(&out: PEVP_MD_CTX; const &in: PEVP_MD_CTX): TIdC_INT cdecl = nil;
-  EVP_DigestInit: function(ctx: PEVP_MD_CTX; const &type: PEVP_MD): TIdC_INT cdecl = nil;
+  EVP_MD_CTX_copy: function(&out: PEVP_MD_CTX; const in_: PEVP_MD_CTX): TIdC_INT cdecl = nil;
+  EVP_DigestInit: function(ctx: PEVP_MD_CTX; const type_: PEVP_MD): TIdC_INT cdecl = nil;
   EVP_DigestFinal: function(ctx: PEVP_MD_CTX; md: PByte; s: PIdC_UINT): TIdC_INT cdecl = nil;
   EVP_DigestFinalXOF: function(ctx: PEVP_MD_CTX; md: PByte; len: TIdC_SIZET): TIdC_INT cdecl = nil;
 
@@ -740,7 +733,7 @@ procedure UnLoad;
   EVP_read_pw_string_min: function(buf: PIdAnsiChar; minlen: TIdC_INT; maxlen: TIdC_INT; const prompt: PIdAnsiChar; verify: TIdC_INT): TIdC_INT cdecl = nil;
   EVP_set_pw_prompt: procedure(const prompt: PIdAnsiChar) cdecl = nil;
   EVP_get_pw_prompt: function: PIdAnsiChar cdecl = nil;
-  EVP_BytesToKey: function(const &type: PEVP_CIPHER; const md: PEVP_MD; const salt: PByte; const data: PByte; data1: TIdC_INT; count: TIdC_INT; key: PByte; iv: PByte): TIdC_INT cdecl = nil;
+  EVP_BytesToKey: function(const type_: PEVP_CIPHER; const md: PEVP_MD; const salt: PByte; const data: PByte; data1: TIdC_INT; count: TIdC_INT; key: PByte; iv: PByte): TIdC_INT cdecl = nil;
 
   EVP_CIPHER_CTX_set_flags: procedure(ctx: PEVP_CIPHER_CTX; flags: TIdC_INT) cdecl = nil;
   EVP_CIPHER_CTX_clear_flags: procedure(ctx: PEVP_CIPHER_CTX; flags: TIdC_INT) cdecl = nil;
@@ -748,19 +741,19 @@ procedure UnLoad;
 
   EVP_EncryptInit: function(ctx: PEVP_CIPHER_CTX; const cipher: PEVP_CIPHER; const key: PByte; const iv: PByte): TIdC_INT cdecl = nil;
   EVP_EncryptInit_ex: function(ctx: PEVP_CIPHER_CTX; const cipher: PEVP_CIPHER; impl: PENGINE; const key: PByte; const iv: PByte): TIdC_INT cdecl = nil;
-  EVP_EncryptUpdate: function(ctx: PEVP_CIPHER_CTX; &out: PByte; out1: PIdC_INT; const &in: PByte; &in1: TIdC_INT): TIdC_INT cdecl = nil;
-  EVP_EncryptFinal_ex: function(ctx: PEVP_CIPHER_CTX; &out: PByte; out1: PIdC_INT): TIdC_INT cdecl = nil;
-  EVP_EncryptFinal: function(ctx: PEVP_CIPHER_CTX; &out: PByte; out1: PIdC_INT): TIdC_INT cdecl = nil;
+  EVP_EncryptUpdate: function(ctx: PEVP_CIPHER_CTX; out_: PByte; out1: PIdC_INT; const in_: PByte; &in1: TIdC_INT): TIdC_INT cdecl = nil;
+  EVP_EncryptFinal_ex: function(ctx: PEVP_CIPHER_CTX; out_: PByte; out1: PIdC_INT): TIdC_INT cdecl = nil;
+  EVP_EncryptFinal: function(ctx: PEVP_CIPHER_CTX; out_: PByte; out1: PIdC_INT): TIdC_INT cdecl = nil;
 
-  EVP_DecryptInit: function(ctx: PEVP_CIPHER_CTX; &out: PByte; out1: PidC_INT): TIdC_INT cdecl = nil;
+  EVP_DecryptInit: function(ctx: PEVP_CIPHER_CTX; out_: PByte; out1: PidC_INT): TIdC_INT cdecl = nil;
   EVP_DecryptInit_ex: function(ctx: PEVP_CIPHER_CTX; const cipher: PEVP_CIPHER; impl: PENGINE; const key: PByte; const iv: PByte): TIdC_INT cdecl = nil;
-  EVP_DecryptUpdate: function(ctx: PEVP_CIPHER_CTX; &out: PByte; out1: PIdC_INT; const &in: PByte; &in1: TIdC_INT): TIdC_INT cdecl = nil;
+  EVP_DecryptUpdate: function(ctx: PEVP_CIPHER_CTX; out_: PByte; out1: PIdC_INT; const in_: PByte; &in1: TIdC_INT): TIdC_INT cdecl = nil;
   EVP_DecryptFinal: function(ctx: PEVP_CIPHER_CTX; outm: PByte; out1: PIdC_INT): TIdC_INT cdecl = nil;
   EVP_DecryptFinal_ex: function(ctx: PEVP_MD_CTX; outm: PByte; out1: PIdC_INT): TIdC_INT cdecl = nil;
 
   EVP_CipherInit: function(ctx: PEVP_CIPHER_CTX; const cipher: PEVP_CIPHER; const key: PByte; const iv: PByte; enc: TIdC_INT): TIdC_INT cdecl = nil;
   EVP_CipherInit_ex: function(ctx: PEVP_CIPHER_CTX; const cipher: PEVP_CIPHER; impl: PENGINE; const key: PByte; const iv: PByte; enc: TidC_INT): TIdC_INT cdecl = nil;
-  EVP_CipherUpdate: function(ctx: PEVP_CIPHER_CTX; &out: PByte; out1: PIdC_INT; const &in: PByte; in1: TIdC_INT): TIdC_INT cdecl = nil;
+  EVP_CipherUpdate: function(ctx: PEVP_CIPHER_CTX; out_: PByte; out1: PIdC_INT; const in_: PByte; in1: TIdC_INT): TIdC_INT cdecl = nil;
   EVP_CipherFinal: function(ctx: PEVP_CIPHER_CTX; outm: PByte; out1: PIdC_INT): TIdC_INT cdecl = nil;
   EVP_CipherFinal_ex: function(ctx: PEVP_CIPHER_CTX; outm: PByte; out1: PIdC_INT): TIdC_INT cdecl = nil;
 
@@ -772,30 +765,30 @@ procedure UnLoad;
 
   EVP_DigestVerify: function(ctx: PEVP_CIPHER_CTX; const sigret: PByte; siglen: TIdC_SIZET; const tbs: PByte; tbslen: TIdC_SIZET): TIdC_INT cdecl = nil;
 
-  EVP_DigestSignInit: function(ctx: PEVP_CIPHER_CTX; pctx: PPEVP_PKEY_CTX; const &type: PEVP_MD; e: PENGINE; pkey: PEVP_PKEY): TIdC_INT cdecl = nil;
+  EVP_DigestSignInit: function(ctx: PEVP_CIPHER_CTX; pctx: PPEVP_PKEY_CTX; const type_: PEVP_MD; e: PENGINE; pkey: PEVP_PKEY): TIdC_INT cdecl = nil;
   EVP_DigestSignFinal: function(ctx: PEVP_CIPHER_CTX; sigret: PByte; siglen: PIdC_SIZET): TIdC_INT cdecl = nil;
 
-  EVP_DigestVerifyInit: function(ctx: PEVP_MD_CTX; ppctx: PPEVP_PKEY_CTX; const &type: PEVP_MD; e: PENGINE; pkey: PEVP_PKEY): TIdC_INT cdecl = nil;
+  EVP_DigestVerifyInit: function(ctx: PEVP_MD_CTX; ppctx: PPEVP_PKEY_CTX; const type_: PEVP_MD; e: PENGINE; pkey: PEVP_PKEY): TIdC_INT cdecl = nil;
   EVP_DigestVerifyFinal: function(ctx: PEVP_MD_CTX; const sig: PByte; siglen: TIdC_SIZET): TIdC_INT cdecl = nil;
 
-  EVP_OpenInit: function(ctx: PEVP_CIPHER_CTX; const &type: PEVP_CIPHER; const ek: PByte; ek1: TIdC_INT; const iv: PByte; priv: PEVP_PKEY): TIdC_INT cdecl = nil;
-  EVP_OpenFinal: function(ctx: PEVP_CIPHER_CTX; &out: PByte; out1: PIdC_INT): TIdC_INT cdecl = nil;
+  EVP_OpenInit: function(ctx: PEVP_CIPHER_CTX; const type_: PEVP_CIPHER; const ek: PByte; ek1: TIdC_INT; const iv: PByte; priv: PEVP_PKEY): TIdC_INT cdecl = nil;
+  EVP_OpenFinal: function(ctx: PEVP_CIPHER_CTX; out_: PByte; out1: PIdC_INT): TIdC_INT cdecl = nil;
 
-  EVP_SealInit: function(ctx: PEVP_CIPHER_CTX; const &type: EVP_CIPHER; ek: PPByte; ek1: PIdC_INT; iv: PByte; pubk: PPEVP_PKEY; npubk: TIdC_INT): TIdC_INT cdecl = nil;
-  EVP_SealFinal: function(ctx: PEVP_CIPHER_CTX; &out: PByte; out1: PIdC_INT): TIdC_INT cdecl = nil;
+  EVP_SealInit: function(ctx: PEVP_CIPHER_CTX; const type_: EVP_CIPHER; ek: PPByte; ek1: PIdC_INT; iv: PByte; pubk: PPEVP_PKEY; npubk: TIdC_INT): TIdC_INT cdecl = nil;
+  EVP_SealFinal: function(ctx: PEVP_CIPHER_CTX; out_: PByte; out1: PIdC_INT): TIdC_INT cdecl = nil;
 
   EVP_ENCODE_CTX_new: function: PEVP_ENCODE_CTX cdecl = nil;
   EVP_ENCODE_CTX_free: procedure(ctx: PEVP_ENCODE_CTX) cdecl = nil;
   EVP_ENCODE_CTX_copy: function(dctx: PEVP_ENCODE_CTX; sctx: PEVP_ENCODE_CTX): TIdC_INT cdecl = nil;
   EVP_ENCODE_CTX_num: function(ctx: PEVP_ENCODE_CTX): TIdC_INT cdecl = nil;
   EVP_EncodeInit: procedure(ctx: PEVP_ENCODE_CTX) cdecl = nil;
-  EVP_EncodeUpdate: function(ctx: PEVP_ENCODE_CTX; &out: PByte; out1: PIdC_INT; const &in: PByte; in1: TIdC_INT): TIdC_INT cdecl = nil;
-  EVP_EncodeFinal: procedure(ctx: PEVP_ENCODE_CTX; &out: PByte; out1: PIdC_INT) cdecl = nil;
+  EVP_EncodeUpdate: function(ctx: PEVP_ENCODE_CTX; out_: PByte; out1: PIdC_INT; const in_: PByte; in1: TIdC_INT): TIdC_INT cdecl = nil;
+  EVP_EncodeFinal: procedure(ctx: PEVP_ENCODE_CTX; out_: PByte; out1: PIdC_INT) cdecl = nil;
   EVP_EncodeBlock: function(t: PByte; const f: PByte; n: TIdC_INT): TIdC_INT cdecl = nil;
 
   EVP_DecodeInit: procedure(ctx: PEVP_ENCODE_CTX) cdecl = nil;
-  EVP_DecodeUpdate: function(ctx: PEVP_ENCODE_CTX; &out: PByte; out1: PIdC_INT; const &in: PByte; in1: TIdC_INT): TIdC_INT cdecl = nil;
-  EVP_DecodeFinal: function(ctx: PEVP_ENCODE_CTX; &out: PByte; out1: PIdC_INT): TIdC_INT cdecl = nil;
+  EVP_DecodeUpdate: function(ctx: PEVP_ENCODE_CTX; out_: PByte; out1: PIdC_INT; const in_: PByte; in1: TIdC_INT): TIdC_INT cdecl = nil;
+  EVP_DecodeFinal: function(ctx: PEVP_ENCODE_CTX; out_: PByte; out1: PIdC_INT): TIdC_INT cdecl = nil;
   EVP_DecodeBlock: function(t: PByte; const f: PByte; n: TIdC_INT): TIdC_INT cdecl = nil;
 
   EVP_CIPHER_CTX_new: function: PEVP_CIPHER_CTX cdecl = nil;
@@ -803,7 +796,7 @@ procedure UnLoad;
   EVP_CIPHER_CTX_free: procedure(c: PEVP_CIPHER_CTX) cdecl = nil;
   EVP_CIPHER_CTX_set_key_length: function(x: PEVP_CIPHER_CTX; keylen: TIdC_INT): TIdC_INT cdecl = nil;
   EVP_CIPHER_CTX_set_padding: function(c: PEVP_CIPHER_CTX; pad: TIdC_INT): TIdC_INT cdecl = nil;
-  EVP_CIPHER_CTX_ctrl: function(ctx: PEVP_CIPHER_CTX; &type: TIdC_INT; arg: TIdC_INT; ptr: Pointer): TIdC_INT cdecl = nil;
+  EVP_CIPHER_CTX_ctrl: function(ctx: PEVP_CIPHER_CTX; type_: TIdC_INT; arg: TIdC_INT; ptr: Pointer): TIdC_INT cdecl = nil;
   EVP_CIPHER_CTX_rand_key: function(ctx: PEVP_CIPHER_CTX; key: PByte): TIdC_INT cdecl = nil;
 
   BIO_f_md: function: PBIO_METHOD cdecl = nil;
@@ -1030,12 +1023,12 @@ procedure UnLoad;
   EVP_PKEY_size: function(const pkey: PEVP_PKEY): TIdC_INT cdecl = nil;
   EVP_PKEY_set_type: function(pkey: PEVP_PKEY): TIdC_INT cdecl = nil;
   EVP_PKEY_set_type_str: function(pkey: PEVP_PKEY; const str: PIdAnsiChar; len: TIdC_INT): TIdC_INT cdecl = nil;
-  EVP_PKEY_set_alias_type: function(pkey: PEVP_PKEY; &type: TIdC_INT): TIdC_INT cdecl = nil;
+  EVP_PKEY_set_alias_type: function(pkey: PEVP_PKEY; type_: TIdC_INT): TIdC_INT cdecl = nil;
 
   EVP_PKEY_set1_engine: function(pkey: PEVP_PKEY; e: PENGINE): TIdC_INT cdecl = nil;
   EVP_PKEY_get0_engine: function(const pkey: PEVP_PKEY): PENGINE cdecl = nil;
 
-  EVP_PKEY_assign: function(pkey: PEVP_PKEY; &type: TIdC_INT; key: Pointer): TIdC_INT cdecl = nil;
+  EVP_PKEY_assign: function(pkey: PEVP_PKEY; type_: TIdC_INT; key: Pointer): TIdC_INT cdecl = nil;
   EVP_PKEY_get0: function(const pkey: PEVP_PKEY): Pointer cdecl = nil;
   EVP_PKEY_get0_hmac: function(const pkey: PEVP_PKEY; len: PIdC_SIZET): PByte cdecl = nil;
   EVP_PKEY_get0_poly1305: function(const pkey: PEVP_PKEY; len: PIdC_SIZET): PByte cdecl = nil;
@@ -1087,17 +1080,17 @@ procedure UnLoad;
   EVP_CIPHER_type: function(const ctx: PEVP_CIPHER): TIdC_INT cdecl = nil;
 
   (* calls methods *)
-  EVP_CIPHER_param_to_asn1: function(c: PEVP_CIPHER_CTX; &type: PASN1_TYPE): TIdC_INT cdecl = nil;
-  EVP_CIPHER_asn1_to_param: function(c: PEVP_CIPHER_CTX; &type: PASN1_TYPE): TIdC_INT cdecl = nil;
+  EVP_CIPHER_param_to_asn1: function(c: PEVP_CIPHER_CTX; type_: PASN1_TYPE): TIdC_INT cdecl = nil;
+  EVP_CIPHER_asn1_to_param: function(c: PEVP_CIPHER_CTX; type_: PASN1_TYPE): TIdC_INT cdecl = nil;
 
   (* These are used by EVP_CIPHER methods *)
-  EVP_CIPHER_set_asn1_iv: function(c: PEVP_CIPHER_CTX; &type: PASN1_TYPE): TIdC_INT cdecl = nil;
-  EVP_CIPHER_get_asn1_iv: function(c: PEVP_CIPHER_CTX; &type: PASN1_TYPE): TIdC_INT cdecl = nil;
+  EVP_CIPHER_set_asn1_iv: function(c: PEVP_CIPHER_CTX; type_: PASN1_TYPE): TIdC_INT cdecl = nil;
+  EVP_CIPHER_get_asn1_iv: function(c: PEVP_CIPHER_CTX; type_: PASN1_TYPE): TIdC_INT cdecl = nil;
 
   (* PKCS5 password based encryption *)
   PKCS5_PBE_keyivgen: function(ctx: PEVP_CIPHER_CTX; const pass: PIdAnsiChar; passlen: TIdC_INT; param: PASN1_TYPE; const cipher: PEVP_CIPHER; const md: PEVP_MD; en_de: TIdC_INT): TIdC_INT cdecl = nil;
-  PKCS5_PBKDF2_HMAC_SHA1: function(const pass: PIdAnsiChar; passlen: TIdC_INT; const salt: PByte; saltlen: TIdC_INT; iter: TIdC_INT; keylen: TIdC_INT; &out: PByte): TIdC_INT cdecl = nil;
-  PKCS5_PBKDF2_HMAC: function(const pass: PIdAnsiChar; passlen: TIdC_INT; const salt: PByte; saltlen: TIdC_INT; iter: TIdC_INT; const digest: PEVP_MD; keylen: TIdC_INT; &out: PByte): TIdC_INT cdecl = nil;
+  PKCS5_PBKDF2_HMAC_SHA1: function(const pass: PIdAnsiChar; passlen: TIdC_INT; const salt: PByte; saltlen: TIdC_INT; iter: TIdC_INT; keylen: TIdC_INT; out_: PByte): TIdC_INT cdecl = nil;
+  PKCS5_PBKDF2_HMAC: function(const pass: PIdAnsiChar; passlen: TIdC_INT; const salt: PByte; saltlen: TIdC_INT; iter: TIdC_INT; const digest: PEVP_MD; keylen: TIdC_INT; out_: PByte): TIdC_INT cdecl = nil;
   PKCS5_v2_PBE_keyivgen: function(ctx: PEVP_CIPHER_CTX; const pass: PIdAnsiChar; passlen: TIdC_INT; param: PASN1_TYPE; const cipher: PEVP_CIPHER; const md: PEVP_MD; en_de: TIdC_INT): TIdC_INT cdecl = nil;
 
   EVP_PBE_scrypt: function(const pass: PIdAnsiChar; passlen: TIdC_SIZET; const salt: PByte; saltlen: TIdC_SIZET; N: TIdC_UINT64; r: TIdC_UINT64; p: TIdC_UINT64; maxmem: TIdC_UINT64; key: PByte; keylen: TIdC_SIZET): TIdC_INT cdecl = nil;
@@ -1117,7 +1110,7 @@ procedure UnLoad;
 
   EVP_PKEY_asn1_get_count: function: TIdC_INT cdecl = nil;
   EVP_PKEY_asn1_get0: function(idx: TIdC_INT): PEVP_PKEY_ASN1_METHOD cdecl = nil;
-  EVP_PKEY_asn1_find: function(pe: PPENGINE; &type: TIdC_INT): PEVP_PKEY_ASN1_METHOD cdecl = nil;
+  EVP_PKEY_asn1_find: function(pe: PPENGINE; type_: TIdC_INT): PEVP_PKEY_ASN1_METHOD cdecl = nil;
   EVP_PKEY_asn1_find_str: function(pe: PPENGINE; const str: PIdAnsiChar; len: TIdC_INT): PEVP_PKEY_ASN1_METHOD cdecl = nil;
   EVP_PKEY_asn1_add0: function(const ameth: PEVP_PKEY_ASN1_METHOD): TIdC_INT cdecl = nil;
   EVP_PKEY_asn1_add_alias: function(&to: TIdC_INT; from: TIdC_INT): TIdC_INT cdecl = nil;
@@ -1167,7 +1160,7 @@ procedure UnLoad;
   EVP_PKEY_CTX_free: procedure(ctx: PEVP_PKEY_CTX) cdecl = nil;
 
   EVP_PKEY_CTX_ctrl: function(ctx: PEVP_PKEY_CTX; keytype: TIdC_INT; optype: TIdC_INT; cmd: TIdC_INT; p1: TIdC_INT; p2: Pointer): TIdC_INT cdecl = nil;
-  EVP_PKEY_CTX_ctrl_str: function(ctx: PEVP_PKEY_CTX; const &type: PIdAnsiChar; const value: PIdAnsiChar): TIdC_INT cdecl = nil;
+  EVP_PKEY_CTX_ctrl_str: function(ctx: PEVP_PKEY_CTX; const type_: PIdAnsiChar; const value: PIdAnsiChar): TIdC_INT cdecl = nil;
   EVP_PKEY_CTX_ctrl_uint64: function(ctx: PEVP_PKEY_CTX; keytype: TIdC_INT; optype: TIdC_INT; cmd: TIdC_INT; value: TIdC_UINT64): TIdC_INT cdecl = nil;
 
   EVP_PKEY_CTX_str2ctrl: function(ctx: PEVP_PKEY_CTX; cmd: TIdC_INT; const str: PIdAnsiChar): TIdC_INT cdecl = nil;
@@ -1202,9 +1195,9 @@ procedure UnLoad;
   EVP_PKEY_verify_recover_init: function(ctx: PEVP_PKEY_CTX): TIdC_INT cdecl = nil;
   EVP_PKEY_verify_recover: function(ctx: PEVP_PKEY_CTX; rout: PByte; routlen: PIdC_SIZET; const sig: PByte; siglen: TIdC_SIZET): TIdC_INT cdecl = nil;
   EVP_PKEY_encrypt_init: function(ctx: PEVP_PKEY_CTX): TIdC_INT cdecl = nil;
-  EVP_PKEY_encrypt: function(ctx: PEVP_PKEY_CTX; &out: PByte; outlen: PIdC_SIZET; const &in: PByte; inlen: TIdC_SIZET): TIdC_INT cdecl = nil;
+  EVP_PKEY_encrypt: function(ctx: PEVP_PKEY_CTX; out_: PByte; outlen: PIdC_SIZET; const in_: PByte; inlen: TIdC_SIZET): TIdC_INT cdecl = nil;
   EVP_PKEY_decrypt_init: function(ctx: PEVP_PKEY_CTX): TIdC_INT cdecl = nil;
-  EVP_PKEY_decrypt: function(ctx: PEVP_PKEY_CTX; &out: PByte; outlen: PIdC_SIZET; const &in: PByte; inlen: TIdC_SIZET): TIdC_INT cdecl = nil;
+  EVP_PKEY_decrypt: function(ctx: PEVP_PKEY_CTX; out_: PByte; outlen: PIdC_SIZET; const in_: PByte; inlen: TIdC_SIZET): TIdC_INT cdecl = nil;
 
   EVP_PKEY_derive_init: function(ctx: PEVP_PKEY_CTX): TIdC_INT cdecl = nil;
   EVP_PKEY_derive_set_peer: function(ctx: PEVP_PKEY_CTX; peer: PEVP_PKEY): TIdC_INT cdecl = nil;
@@ -1307,7 +1300,6 @@ procedure UnLoad;
 
 implementation
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 
   function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
@@ -2345,9 +2337,7 @@ procedure UnLoad;
   EVP_PKEY_meth_get_digest_custom := nil;
   EVP_add_alg_module := nil;
 end;
-{$ENDREGION}
 
-{$REGION 'C compiler macros'}
 //#  define EVP_PKEY_assign_RSA(pkey,rsa) EVP_PKEY_assign((pkey),EVP_PKEY_RSA, (char *)(rsa))
 function EVP_PKEY_assign_RSA(pkey: PEVP_PKEY; rsa: Pointer): TIdC_INT;
 begin
@@ -2383,6 +2373,5 @@ function EVP_PKEY_assign_POLY1305(pkey: PEVP_PKEY; polykey: Pointer): TIdC_INT;
 begin
   Result := EVP_PKEY_assign(pkey, EVP_PKEY_POLY1305, polykey);
 end;
-{$ENDREGION}
 
 end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_evperr.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_evperr.pas
index 8c268dddf..b0ceed5e3 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_evperr.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_evperr.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 15:01:04
+// Generation date: 28.10.2020 15:24:13
 
 unit IdOpenSSLHeaders_evperr;
 
@@ -227,17 +227,14 @@ interface
   EVP_R_WRONG_FINAL_BLOCK_LENGTH = 109;
   EVP_R_XTS_DUPLICATED_KEYS = 183;
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 procedure UnLoad;
-{$ENDREGION}
 
 var
   ERR_load_EVP_strings: function: TIdC_INT cdecl = nil;
 
 implementation
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 
   function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
@@ -255,6 +252,5 @@ procedure UnLoad;
 begin
   ERR_load_EVP_strings := nil;
 end;
-{$ENDREGION}
 
 end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_hmac.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_hmac.pas
index da60f2f39..e562c88a5 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_hmac.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_hmac.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 15:01:04
+// Generation date: 28.10.2020 15:24:13
 
 unit IdOpenSSLHeaders_hmac;
 
@@ -46,10 +46,8 @@ interface
   IdOpenSSLConsts,
   IdOpenSSLHeaders_ossl_typ;
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 procedure UnLoad;
-{$ENDREGION}
 
 var
   HMAC_size: function(const e: PHMAC_CTX): TIdC_SIZET cdecl = nil;
@@ -68,7 +66,6 @@ procedure UnLoad;
 
 implementation
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 
   function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
@@ -106,6 +103,5 @@ procedure UnLoad;
   HMAC_CTX_set_flags := nil;
   HMAC_CTX_get_md := nil;
 end;
-{$ENDREGION}
 
 end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_idea.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_idea.pas
index 2561e7f24..c0ae00ea8 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_idea.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_idea.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 15:01:04
+// Generation date: 28.10.2020 15:24:13
 
 unit IdOpenSSLHeaders_idea;
 
@@ -63,24 +63,21 @@   idea_key_st = record
   IDEA_KEY_SCHEDULE = idea_key_st;
   PIDEA_KEY_SCHEDULE = ^IDEA_KEY_SCHEDULE;
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 procedure UnLoad;
-{$ENDREGION}
 
 var
   IDEA_options: function: PIdAnsiChar cdecl = nil;
-  IDEA_ecb_encrypt: procedure(const &in: PByte; &out: PByte; ks: PIDEA_KEY_SCHEDULE) cdecl = nil;
+  IDEA_ecb_encrypt: procedure(const in_: PByte; out_: PByte; ks: PIDEA_KEY_SCHEDULE) cdecl = nil;
   IDEA_set_encrypt_key: procedure(const key: PByte; ks: PIDEA_KEY_SCHEDULE) cdecl = nil;
   IDEA_set_decrypt_key: procedure(ek: PIDEA_KEY_SCHEDULE; dk: PIDEA_KEY_SCHEDULE) cdecl = nil;
-  IDEA_cbc_encrypt: procedure(const &in: PByte; &out: PByte; length: TIdC_LONG; ks: PIDEA_KEY_SCHEDULE; iv: PByte; enc: TIdC_INT) cdecl = nil;
-  IDEA_cfb64_encrypt: procedure(const &in: PByte; &out: PByte; length: TIdC_LONG; ks: PIDEA_KEY_SCHEDULE; iv: PByte; num: PIdC_INT; enc: TIdC_INT) cdecl = nil;
-  IDEA_ofb64_encrypt: procedure(const &in: PByte; &out: PByte; length: TIdC_LONG; ks: PIDEA_KEY_SCHEDULE; iv: PByte; num: PIdC_INT) cdecl = nil;
+  IDEA_cbc_encrypt: procedure(const in_: PByte; out_: PByte; length: TIdC_LONG; ks: PIDEA_KEY_SCHEDULE; iv: PByte; enc: TIdC_INT) cdecl = nil;
+  IDEA_cfb64_encrypt: procedure(const in_: PByte; out_: PByte; length: TIdC_LONG; ks: PIDEA_KEY_SCHEDULE; iv: PByte; num: PIdC_INT; enc: TIdC_INT) cdecl = nil;
+  IDEA_ofb64_encrypt: procedure(const in_: PByte; out_: PByte; length: TIdC_LONG; ks: PIDEA_KEY_SCHEDULE; iv: PByte; num: PIdC_INT) cdecl = nil;
   IDEA_encrypt: procedure(&in: PIdC_LONG; ks: PIDEA_KEY_SCHEDULE) cdecl = nil;
 
 implementation
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 
   function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
@@ -112,6 +109,5 @@ procedure UnLoad;
   IDEA_ofb64_encrypt := nil;
   IDEA_encrypt := nil;
 end;
-{$ENDREGION}
 
 end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_kdferr.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_kdferr.pas
index 035168600..ffeb83d6d 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_kdferr.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_kdferr.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 15:01:04
+// Generation date: 28.10.2020 15:24:13
 
 unit IdOpenSSLHeaders_kdferr;
 
@@ -78,17 +78,14 @@ interface
   KDF_R_VALUE_ERROR = 108;
   KDF_R_VALUE_MISSING = 102;
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 procedure UnLoad;
-{$ENDREGION}
 
 var
   ERR_load_KDF_strings: function: TIdC_INT cdecl = nil;
 
 implementation
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 
   function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
@@ -106,6 +103,5 @@ procedure UnLoad;
 begin
   ERR_load_KDF_strings := nil;
 end;
-{$ENDREGION}
 
 end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_obj_mac.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_obj_mac.pas
index 8d802a81c..76fb38946 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_obj_mac.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_obj_mac.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 11.05.2020 08:36:42
+// Generation date: 28.10.2020 15:24:13
 
 unit IdOpenSSLHeaders_obj_mac;
 
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_objects.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_objects.pas
index 8fa37c7ce..694c9f1a2 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_objects.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_objects.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 15:01:04
+// Generation date: 28.10.2020 15:24:13
 
 unit IdOpenSSLHeaders_objects;
 
@@ -48,7 +48,7 @@ interface
 
 type
   obj_name_st = record
-    &type: TIdC_INT;
+    type_: TIdC_INT;
     alias: TIdC_INT;
     name: PIdAnsiChar;
     data: PIdAnsiChar;
@@ -58,23 +58,21 @@   obj_name_st = record
 
 //# define         OBJ_create_and_add_object(a,b,c) OBJ_create(a,b,c)
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 procedure UnLoad;
-{$ENDREGION}
 
 var
   OBJ_NAME_init: function: TIdC_INT cdecl = nil;
   //TIdC_INT OBJ_NAME_new_index(TIdC_ULONG (*hash_func) (const PIdAnsiChar *);
   //                       TIdC_INT (*cmp_func) (const PIdAnsiChar *; const PIdAnsiChar *);
   //                       void (*free_func) (const PIdAnsiChar *; TIdC_INT; const PIdAnsiChar *));
-  OBJ_NAME_get: function(const name: PIdAnsiChar; &type: TIdC_INT): PIdAnsiChar cdecl = nil;
-  OBJ_NAME_add: function(const name: PIdAnsiChar; &type: TIdC_INT; const data: PIdAnsiChar): TIdC_INT cdecl = nil;
-  OBJ_NAME_remove: function(const name: PIdAnsiChar; &type: TIdC_INT): TIdC_INT cdecl = nil;
+  OBJ_NAME_get: function(const name: PIdAnsiChar; type_: TIdC_INT): PIdAnsiChar cdecl = nil;
+  OBJ_NAME_add: function(const name: PIdAnsiChar; type_: TIdC_INT; const data: PIdAnsiChar): TIdC_INT cdecl = nil;
+  OBJ_NAME_remove: function(const name: PIdAnsiChar; type_: TIdC_INT): TIdC_INT cdecl = nil;
   OBJ_NAME_cleanup: procedure(&type: TIdC_INT) cdecl = nil;
-//  void OBJ_NAME_do_all(TIdC_INT &type; void (*fn) (const OBJ_NAME *; void *arg);
+//  void OBJ_NAME_do_all(TIdC_INT type_; void (*fn) (const OBJ_NAME *; void *arg);
 //                       void *arg);
-//  void OBJ_NAME_do_all_sorted(TIdC_INT &type;
+//  void OBJ_NAME_do_all_sorted(TIdC_INT type_;
 //                              void (*fn) (const OBJ_NAME *; void *arg);
 //                              void *arg);
 
@@ -190,7 +188,6 @@ procedure UnLoad;
 
 implementation
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 
   function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
@@ -258,6 +255,5 @@ procedure UnLoad;
   OBJ_add_sigid := nil;
   OBJ_sigid_free := nil;
 end;
-{$ENDREGION}
 
 end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_objectserr.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_objectserr.pas
index 3ed066e63..281828c30 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_objectserr.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_objectserr.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 15:01:04
+// Generation date: 28.10.2020 15:24:13
 
 unit IdOpenSSLHeaders_objectserr;
 
@@ -65,17 +65,14 @@ interface
   OBJ_R_OID_EXISTS = 102;
   OBJ_R_UNKNOWN_NID = 101;
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 procedure UnLoad;
-{$ENDREGION}
 
 var
   ERR_load_OBJ_strings: function: TIdC_INT cdecl = nil;
 
 implementation
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 
   function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
@@ -93,6 +90,5 @@ procedure UnLoad;
 begin
   ERR_load_OBJ_strings := nil;
 end;
-{$ENDREGION}
 
 end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ocsperr.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ocsperr.pas
index 2e7a1f245..6e67d6fb5 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ocsperr.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ocsperr.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 15:01:04
+// Generation date: 28.10.2020 15:24:13
 
 unit IdOpenSSLHeaders_ocsperr;
 
@@ -96,17 +96,14 @@ interface
   OCSP_R_UNKNOWN_NID = 120;
   OCSP_R_UNSUPPORTED_REQUESTORNAME_TYPE = 129;
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 procedure UnLoad;
-{$ENDREGION}
 
 var
   ERR_load_OCSP_strings: function: TIdC_INT cdecl = nil;
 
 implementation
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 
   function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
@@ -124,6 +121,5 @@ procedure UnLoad;
 begin
   ERR_load_OCSP_strings := nil;
 end;
-{$ENDREGION}
 
 end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ossl_typ.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ossl_typ.pas
index 882d72aa6..a6d56b1a2 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ossl_typ.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ossl_typ.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 15:01:04
+// Generation date: 28.10.2020 15:24:13
 
 unit IdOpenSSLHeaders_ossl_typ;
 
@@ -45,10 +45,10 @@ interface
   IdOpenSSLConsts;
 
 type
-{$REGION 'moved from unit "asn1" to prevent circular references'}
+// moved from unit "asn1" to prevent circular references
   asn1_string_st = record
     length: TIdC_INT;
-    &type: TIdC_INT;
+    type_: TIdC_INT;
     data: PByte;
     (*
      * The value of the following field depends on the type being held.  It
@@ -57,7 +57,6 @@   asn1_string_st = record
      *)
     flags: TIdC_LONG;
   end;
-{$ENDREGION}
 
   // moved from asn1  
   ASN1_VALUE_st = type Pointer;
@@ -424,7 +423,7 @@   v3_ext_ctx = record
   OSSL_STORE_SEARCH = ossl_store_search_st;
   POSSL_STORE_SEARCH = ^OSSL_STORE_SEARCH;
 
-{$REGION 'moved from unit "asn1" to prevent circular references'}
+// moved from unit "asn1" to prevent circular references'
 const
   V_ASN1_UNIVERSAL = $00;
   V_ASN1_APPLICATION = $40;
@@ -471,7 +470,7 @@   v3_ext_ctx = record
 
 type
   asn1_type_st = record
-    case &type: TIdC_INT of
+    case type_: TIdC_INT of
 //      (ptr: PIdAnsichar);
       V_ASN1_BOOLEAN: (boolean: ASN1_BOOLEAN);
 //      (asn1_string: PASN1_STRING);
@@ -513,14 +512,13 @@   asn1_type_st = record
   ASN1_TYPE = asn1_type_st;
   PASN1_TYPE = ^ASN1_TYPE;
   PPASN1_TYPE = ^PASN1_TYPE;
-{$ENDREGION}
 
-{$REGION 'moved from unit "x509" to prevent circular references'}
+// moved from unit "x509" to prevent circular references
   X509_algor_st = record
     algorithm: PASN1_OBJECT;
     parameter: PASN1_TYPE;
   end; (* X509_ALGOR *)
-{$ENDREGION}
+
   X509_ALGOR = X509_algor_st;
   PX509_ALGOR = ^X509_ALGOR;
   PPX509_ALGOR = ^PX509_ALGOR;
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_pem.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_pem.pas
index d01408f86..1b778b514 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_pem.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_pem.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 11.05.2020 08:36:42
+// Generation date: 28.10.2020 15:24:13
 
 unit IdOpenSSLHeaders_pem;
 
@@ -94,10 +94,8 @@ interface
 type
   pem_password_cb = function(buf: PIdAnsiChar; size: TIdC_INT; rwflag: TIdC_INT; userdata: Pointer): TIdC_INT; cdecl;
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 procedure UnLoad;
-{$ENDREGION}
 
 var
   PEM_get_EVP_CIPHER_INFO: function(header: PIdAnsiChar; cipher: PEVP_CIPHER_INFO): TIdC_INT cdecl = nil;
@@ -114,14 +112,14 @@ procedure UnLoad;
   //function PEM_X509_INFO_read_bio(bp: PBIO; sk: PSTACK_OF_X509_INFO; cb: pem_password_cb; u: Pointer): PSTACK_OF_X509_INFO;
   PEM_X509_INFO_write_bio: function(bp: PBIO; xi: PX509_INFO; enc: PEVP_CIPHER; kstr: PByte; klen: TIdC_INT; cd: pem_password_cb; u: Pointer): TIdC_INT cdecl = nil;
 
-  PEM_SignInit: function(ctx: PEVP_MD_CTX; &type: PEVP_MD): TIdC_INT cdecl = nil;
+  PEM_SignInit: function(ctx: PEVP_MD_CTX; type_: PEVP_MD): TIdC_INT cdecl = nil;
   PEM_SignUpdate: function(ctx: PEVP_MD_CTX; d: PByte; cnt: Byte): TIdC_INT cdecl = nil;
   PEM_SignFinal: function(ctx: PEVP_MD_CTX; sigret: PByte; siglen: PIdC_UINT; pkey: PEVP_PKEY): TIdC_INT cdecl = nil;
 
   (* The default pem_password_cb that's used internally *)
   PEM_def_callback: function(buf: PIdAnsiChar; num: TIdC_INT; rwflag: TIdC_INT; userdata: Pointer): TIdC_INT cdecl = nil;
-  PEM_proc_type: procedure(buf: PIdAnsiChar; &type: TIdC_INT) cdecl = nil;
-  PEM_dek_info: procedure(buf: PIdAnsiChar; const &type: PIdAnsiChar; len: TIdC_INT; str: PIdAnsiChar) cdecl = nil;
+  PEM_proc_type: procedure(buf: PIdAnsiChar; type_: TIdC_INT) cdecl = nil;
+  PEM_dek_info: procedure(buf: PIdAnsiChar; const type_: PIdAnsiChar; len: TIdC_INT; str: PIdAnsiChar) cdecl = nil;
 
   PEM_read_bio_X509: function(bp: PBIO; x: PPX509; cb: pem_password_cb; u: Pointer): PX509 cdecl = nil;
   PEM_write_bio_X509: function(bp: PBIO; x: PX509): TIdC_INT cdecl = nil;
@@ -205,8 +203,8 @@ procedure UnLoad;
   PEM_read_bio_Parameters: function(bp: PBIO; x: PPEVP_PKEY): PEVP_PKEY cdecl = nil;
   PEM_write_bio_Parameters: function(bp: PBIO; x: PEVP_PKEY): TIdC_INT cdecl = nil;
 
-  b2i_PrivateKey: function(const &in: PPByte; length: TIdC_LONG): PEVP_PKEY cdecl = nil;
-  b2i_PublicKey: function(const &in: PPByte; length: TIdC_LONG): PEVP_PKEY cdecl = nil;
+  b2i_PrivateKey: function(const in_: PPByte; length: TIdC_LONG): PEVP_PKEY cdecl = nil;
+  b2i_PublicKey: function(const in_: PPByte; length: TIdC_LONG): PEVP_PKEY cdecl = nil;
   b2i_PrivateKey_bio: function(&in: PBIO): PEVP_PKEY cdecl = nil;
   b2i_PublicKey_bio: function(&in: PBIO): PEVP_PKEY cdecl = nil;
   i2b_PrivateKey_bio: function(&out: PBIO; pk: PEVP_PKEY): TIdC_INT cdecl = nil;
@@ -216,7 +214,6 @@ procedure UnLoad;
 
 implementation
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 
   function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
@@ -376,6 +373,5 @@ procedure UnLoad;
   b2i_PVK_bio := nil;
   i2b_PVK_bio := nil;
 end;
-{$ENDREGION}
 
 end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_pemerr.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_pemerr.pas
index 99e7ce3bb..571c8f69a 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_pemerr.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_pemerr.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 15:01:04
+// Generation date: 28.10.2020 15:24:13
 
 unit IdOpenSSLHeaders_pemerr;
 
@@ -121,17 +121,14 @@ interface
   PEM_R_UNSUPPORTED_ENCRYPTION       = 114;
   PEM_R_UNSUPPORTED_KEY_COMPONENTS   = 126;
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 procedure UnLoad;
-{$ENDREGION}
 
 var
   ERR_load_PEM_strings: function: TIdC_INT cdecl = nil;
 
 implementation
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 
   function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
@@ -149,6 +146,5 @@ procedure UnLoad;
 begin
   ERR_load_PEM_strings := nil;
 end;
-{$ENDREGION}
 
 end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_pkcs7.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_pkcs7.pas
index f8e69a6c1..fb93b5330 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_pkcs7.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_pkcs7.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 15:01:04
+// Generation date: 28.10.2020 15:24:13
 
 unit IdOpenSSLHeaders_pkcs7;
 
@@ -197,7 +197,7 @@   pkcs7_st = record
     length: TIdC_LONG;
     state: TIdC_INT;
     detached: TIdC_INT;
-    &type: PASN1_OBJECT;
+    type_: PASN1_OBJECT;
     d: pkcs7_st_d;
   end;
   PKCS7 = pkcs7_st;
@@ -210,91 +210,89 @@   pkcs7_digest_st = record
   end;
   PKCS7_DIGEST = pkcs7_digest_st;
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 procedure UnLoad;
-{$ENDREGION}
 
 var
   //function PKCS7_ISSUER_AND_SERIAL_new: PPKCS7_ISSUER_AND_SERIAL;
   //procedure PKCS7_ISSUER_AND_SERIAL_free(a: PPKCS7_ISSUER_AND_SERIAL);
-  //function d2i_PKCS7_ISSUER_AND_SERIAL(a: PPPKCS7_ISSUER_AND_SERIAL; const &in: PByte; len: TIdC_LONG): PPKCS7_ISSUER_AND_SERIAL;
-  //function i2d_PKCS7_ISSUER_AND_SERIAL(const a: PPKCS7_ISSUER_AND_SERIAL; &out: PByte): TIdC_INT;
+  //function d2i_PKCS7_ISSUER_AND_SERIAL(a: PPPKCS7_ISSUER_AND_SERIAL; const in_: PByte; len: TIdC_LONG): PPKCS7_ISSUER_AND_SERIAL;
+  //function i2d_PKCS7_ISSUER_AND_SERIAL(const a: PPKCS7_ISSUER_AND_SERIAL; out_: PByte): TIdC_INT;
   //function PKCS7_ISSUER_AND_SERIAL_it: PASN1_ITEM;
 
-  PKCS7_ISSUER_AND_SERIAL_digest: function(data: PPKCS7_ISSUER_AND_SERIAL; const &type: PEVP_MD; md: PByte; len: PIdC_UINT): TIdC_INT cdecl = nil;
+  PKCS7_ISSUER_AND_SERIAL_digest: function(data: PPKCS7_ISSUER_AND_SERIAL; const type_: PEVP_MD; md: PByte; len: PIdC_UINT): TIdC_INT cdecl = nil;
 
   PKCS7_dup: function(p7: PPKCS7): PPKCS7 cdecl = nil;
   d2i_PKCS7_bio: function(bp: PBIO; p7: PPPKCS7): PPKCS7 cdecl = nil;
   i2d_PKCS7_bio: function(bp: PBIO; p7: PPKCS7): TIdC_INT cdecl = nil;
-  i2d_PKCS7_bio_stream: function(&out: PBIO; p7: PPKCS7; &in: PBIO; flags: TIdC_INT): TIdC_INT cdecl = nil;
-  PEM_write_bio_PKCS7_stream: function(&out: PBIO; p7: PPKCS7; &in: PBIO; flags: TIdC_INT): TIdC_INT cdecl = nil;
+  i2d_PKCS7_bio_stream: function(&out: PBIO; p7: PPKCS7; in_: PBIO; flags: TIdC_INT): TIdC_INT cdecl = nil;
+  PEM_write_bio_PKCS7_stream: function(&out: PBIO; p7: PPKCS7; in_: PBIO; flags: TIdC_INT): TIdC_INT cdecl = nil;
 
 //  function PKCS7_SIGNER_INFO_new: PPKCS7_SIGNER_INFO;
 //  procedure PKCS7_SIGNER_INFO_free(a: PPKCS7_SIGNER_INFO);
-//  function d2i_PKCS7_SIGNER_INFO(a: PPPKCS7_SIGNER_INFO; const &in: PByte; len: TIdC_LONG): PPKCS7_SIGNER_INFO;
-//  function i2d_PKCS7_SIGNER_INFO(const a: PPKCS7_SIGNER_INFO; &out: PByte): TIdC_INT;
+//  function d2i_PKCS7_SIGNER_INFO(a: PPPKCS7_SIGNER_INFO; const in_: PByte; len: TIdC_LONG): PPKCS7_SIGNER_INFO;
+//  function i2d_PKCS7_SIGNER_INFO(const a: PPKCS7_SIGNER_INFO; out_: PByte): TIdC_INT;
 //  function PKCS7_SIGNER_INFO_it: PASN1_ITEM;
 //
 //  function PKCS7_RECIP_INFO_new: PPKCS7_RECIP_INFO;
 //  procedure PKCS7_RECIP_INFO_free(a: PPKCS7_RECIP_INFO);
-//  function d2i_PKCS7_RECIP_INFO(a: PPPKCS7_RECIP_INFO; const &in: PByte; len: TIdC_LONG): PPKCS7_RECIP_INFO;
-//  function i2d_PKCS7_RECIP_INFO(const a: PPKCS7_RECIP_INFO; &out: PByte): TIdC_INT;
+//  function d2i_PKCS7_RECIP_INFO(a: PPPKCS7_RECIP_INFO; const in_: PByte; len: TIdC_LONG): PPKCS7_RECIP_INFO;
+//  function i2d_PKCS7_RECIP_INFO(const a: PPKCS7_RECIP_INFO; out_: PByte): TIdC_INT;
 //  function PKCS7_RECIP_INFO_it: PASN1_ITEM;
 //
 //  function PKCS7_SIGNED_new: PPKCS7_SIGNED;
 //  procedure PKCS7_SIGNED_free(a: PPKCS7_SIGNED);
-//  function d2i_PKCS7_SIGNED(a: PPPKCS7_SIGNED; const &in: PByte; len: TIdC_LONG): PPKCS7_SIGNED;
-//  function i2d_PKCS7_SIGNED(const a: PPKCS7_SIGNED; &out: PByte): TIdC_INT;
+//  function d2i_PKCS7_SIGNED(a: PPPKCS7_SIGNED; const in_: PByte; len: TIdC_LONG): PPKCS7_SIGNED;
+//  function i2d_PKCS7_SIGNED(const a: PPKCS7_SIGNED; out_: PByte): TIdC_INT;
 //  function PKCS7_SIGNED_it: PASN1_ITEM;
 //
 //  function PKCS7_ENC_CONTENT_new: PPKCS7_ENC_CONTENT;
 //  procedure PKCS7_ENC_CONTENT_free(a: PPKCS7_ENC_CONTENT);
-//  function d2i_PKCS7_ENC_CONTENT(a: PPPKCS7_ENC_CONTENT; const &in: PByte; len: TIdC_LONG): PPKCS7_ENC_CONTENT;
-//  function i2d_PKCS7_ENC_CONTENT(const a: PPKCS7_ENC_CONTENT; &out: PByte): TIdC_INT;
+//  function d2i_PKCS7_ENC_CONTENT(a: PPPKCS7_ENC_CONTENT; const in_: PByte; len: TIdC_LONG): PPKCS7_ENC_CONTENT;
+//  function i2d_PKCS7_ENC_CONTENT(const a: PPKCS7_ENC_CONTENT; out_: PByte): TIdC_INT;
 //  function PKCS7_ENC_CONTENT_it: PASN1_ITEM;
 //
 //  function PKCS7_ENVELOPE_new: PPKCS7_ENVELOPE;
 //  procedure PKCS7_ENVELOPE_free(a: PPKCS7_ENVELOPE);
-//  function d2i_PKCS7_ENVELOPE(a: PPPKCS7_ENVELOPE; const &in: PByte; len: TIdC_LONG): PPKCS7_ENVELOPE;
-//  function i2d_PKCS7_ENVELOPE(const a: PPKCS7_ENVELOPE; &out: PByte): TIdC_INT;
+//  function d2i_PKCS7_ENVELOPE(a: PPPKCS7_ENVELOPE; const in_: PByte; len: TIdC_LONG): PPKCS7_ENVELOPE;
+//  function i2d_PKCS7_ENVELOPE(const a: PPKCS7_ENVELOPE; out_: PByte): TIdC_INT;
 //  function PKCS7_ENVELOPE_it: PASN1_ITEM;
 //
 //  function PKCS7_SIGN_ENVELOPE_new: PPKCS7_SIGN_ENVELOPE;
 //  procedure PKCS7_SIGN_ENVELOPE_free(a: PPKCS7_SIGN_ENVELOPE);
-//  function d2i_PKCS7_SIGN_ENVELOPE(a: PPPKCS7_SIGN_ENVELOPE; const &in: PByte; len: TIdC_LONG): PPKCS7_SIGN_ENVELOPE;
-//  function i2d_PKCS7_SIGN_ENVELOPE(const a: PPKCS7_SIGN_ENVELOPE; &out: PByte): TIdC_INT;
+//  function d2i_PKCS7_SIGN_ENVELOPE(a: PPPKCS7_SIGN_ENVELOPE; const in_: PByte; len: TIdC_LONG): PPKCS7_SIGN_ENVELOPE;
+//  function i2d_PKCS7_SIGN_ENVELOPE(const a: PPKCS7_SIGN_ENVELOPE; out_: PByte): TIdC_INT;
 //  function PKCS7_SIGN_ENVELOPE_it: PASN1_ITEM;
 //
 //  function PKCS7_DIGEST_new: PPKCS7_DIGEST;
 //  procedure PKCS7_DIGEST_free(a: PPKCS7_DIGEST);
-//  function d2i_PKCS7_DIGEST(a: PPPKCS7_DIGEST; const &in: PByte; len: TIdC_LONG): PPKCS7_DIGEST;
-//  function i2d_PKCS7_DIGEST(const a: PPKCS7_DIGEST; &out: PByte): TIdC_INT;
+//  function d2i_PKCS7_DIGEST(a: PPPKCS7_DIGEST; const in_: PByte; len: TIdC_LONG): PPKCS7_DIGEST;
+//  function i2d_PKCS7_DIGEST(const a: PPKCS7_DIGEST; out_: PByte): TIdC_INT;
 //  function PKCS7_DIGEST_it: PASN1_ITEM;
 //
 //  function PKCS7_ENCRYPT_new: PPKCS7_ENCRYPT_STRUCT;
 //  procedure PKCS7_ENCRYPT_free(a: PPKCS7_ENCRYPT_STRUCT);
-//  function d2i_PKCS7_ENCRYPT(a: PPPKCS7_ENCRYPT_STRUCT; const &in: PByte; len: TIdC_LONG): PPKCS7_ENCRYPT_STRUCT;
-//  function i2d_PKCS7_ENCRYPT(const a: PPKCS7_ENCRYPT_STRUCT; &out: PByte): TIdC_INT;
+//  function d2i_PKCS7_ENCRYPT(a: PPPKCS7_ENCRYPT_STRUCT; const in_: PByte; len: TIdC_LONG): PPKCS7_ENCRYPT_STRUCT;
+//  function i2d_PKCS7_ENCRYPT(const a: PPKCS7_ENCRYPT_STRUCT; out_: PByte): TIdC_INT;
 //  function PKCS7_ENCRYPT_it: PASN1_ITEM;
 //
 //  function PKCS7_new: PPKCS7;
 //  procedure PKCS7_free(a: PPKCS7);
-//  function d2i_PKCS7(a: PPPKCS7; const &in: PByte; len: TIdC_LONG): PPKCS7;
-//  function i2d_PKCS7(const a: PPKCS7; &out: PByte): TIdC_INT;
+//  function d2i_PKCS7(a: PPPKCS7; const in_: PByte; len: TIdC_LONG): PPKCS7;
+//  function i2d_PKCS7(const a: PPKCS7; out_: PByte): TIdC_INT;
 //  function PKCS7_it: PASN1_ITEM;
 //
 //  function PKCS7_ATTR_SIGN_it: PASN1_ITEM;
 //
 //  function PKCS7_ATTR_VERIFY_it: PASN1_ITEM;
 //
-//  function i2d_PKCS7_NDEF(const a: PPKCS7; &out: PPByte): TIdC_INT;
+//  function i2d_PKCS7_NDEF(const a: PPKCS7; out_: PPByte): TIdC_INT;
 //  function PKCS7_print_ctx(&out: PBIO; const x: PPKCS7; indent: TIdC_INT; const pctx: PASN1_PCTX): TIdC_INT;
 
   PKCS7_ctrl: function(p7: PPKCS7; cmd: TIdC_INT; larg: TIdC_LONG; parg: PIdAnsiChar): TIdC_LONG cdecl = nil;
 
-  PKCS7_set_type: function(p7: PPKCS7; &type: TIdC_INT): TIdC_INT cdecl = nil;
-  PKCS7_set0_type_other: function(p7: PPKCS7; &type: TIdC_INT; other: PASN1_TYPE): TIdC_INT cdecl = nil;
+  PKCS7_set_type: function(p7: PPKCS7; type_: TIdC_INT): TIdC_INT cdecl = nil;
+  PKCS7_set0_type_other: function(p7: PPKCS7; type_: TIdC_INT; other: PASN1_TYPE): TIdC_INT cdecl = nil;
   PKCS7_set_content: function(p7: PPKCS7; p7_data: PPKCS7): TIdC_INT cdecl = nil;
   PKCS7_SIGNER_INFO_set: function(p7i: PPKCS7_SIGNER_INFO; x509: PX509; pkey: PEVP_PKEY; const dgst: PEVP_MD): TIdC_INT cdecl = nil;
   PKCS7_SIGNER_INFO_sign: function(si: PPKCS7_SIGNER_INFO): TIdC_INT cdecl = nil;
@@ -324,7 +322,7 @@ procedure UnLoad;
 
   PKCS7_get_issuer_and_serial: function(p7: PPKCS7; idx: TIdC_INT): PPKCS7_ISSUER_AND_SERIAL cdecl = nil;
   //function PKCS7_digest_from_attributes(sk: Pointer{PSTACK_OF_X509_ATTRIBUTE}): PASN1_OCTET_STRING;
-  PKCS7_add_signed_attribute: function(p7si: PPKCS7_SIGNER_INFO; nid: TIdC_INT; &type: TIdC_INT; data: Pointer): TIdC_INT cdecl = nil;
+  PKCS7_add_signed_attribute: function(p7si: PPKCS7_SIGNER_INFO; nid: TIdC_INT; type_: TIdC_INT; data: Pointer): TIdC_INT cdecl = nil;
   PKCS7_add_attribute: function(p7si: PPKCS7_SIGNER_INFO; nid: TIdC_INT; atrtype: TIdC_INT; value: Pointer): TIdC_INT cdecl = nil;
   PKCS7_get_attribute: function(si: PPKCS7_SIGNER_INFO; nid: TIdC_INT): PASN1_TYPE cdecl = nil;
   PKCS7_get_signed_attribute: function(si: PPKCS7_SIGNER_INFO; nid: TIdC_INT): PASN1_TYPE cdecl = nil;
@@ -336,9 +334,9 @@ procedure UnLoad;
   PKCS7_sign_add_signer: function(p7: PPKCS7; signcert: PX509; pkey: PEVP_PKEY; const md: PEVP_MD; flags: TIdC_INT): PPKCS7_SIGNER_INFO cdecl = nil;
 
   PKCS7_final: function(p7: PPKCS7; data: PBIO; flags: TIdC_INT): TIdC_INT cdecl = nil;
-  //function PKCS7_verify(p7: PPKCS7; certs: PSTACK_OF_X509; store: PX509_STORE; indata: PBIO; &out: PBIO; flags: TIdC_INT): TIdC_INT;
+  //function PKCS7_verify(p7: PPKCS7; certs: PSTACK_OF_X509; store: PX509_STORE; indata: PBIO; out_: PBIO; flags: TIdC_INT): TIdC_INT;
   //function PKCS7_get0_signers(p7: PPKCS7; certs: PSTACK_OF_X509; flags: TIdC_INT): PSTACK_OF_X509;
-  //function PKCS7_encrypt(certs: PSTACK_OF_X509; &in: PBIO; const cipher: PEVP_CIPHER; flags: TIdC_INT): PPKCS7;
+  //function PKCS7_encrypt(certs: PSTACK_OF_X509; in_: PBIO; const cipher: PEVP_CIPHER; flags: TIdC_INT): PPKCS7;
   PKCS7_decrypt: function(p7: PPKCS7; pkey: PEVP_PKEY; cert: PX509; data: PBIO; flags: TIdC_INT): TIdC_INT cdecl = nil;
 
   //function PKCS7_add_attrib_smimecap(si: PPKCS7_SIGNER_INFO; cap: PSTACK_OF_X509_ALGOR): TIdC_INT;
@@ -356,7 +354,6 @@ procedure UnLoad;
 
 implementation
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 
   function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
@@ -462,6 +459,5 @@ procedure UnLoad;
   SMIME_read_PKCS7 := nil;
   BIO_new_PKCS7 := nil;
 end;
-{$ENDREGION}
 
 end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_pkcs7err.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_pkcs7err.pas
index e607492bd..2125b5693 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_pkcs7err.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_pkcs7err.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 15:01:04
+// Generation date: 28.10.2020 15:24:13
 
 unit IdOpenSSLHeaders_pkcs7err;
 
@@ -126,17 +126,14 @@ interface
   PKCS7_R_WRONG_CONTENT_TYPE                         = 113;
   PKCS7_R_WRONG_PKCS7_TYPE                           = 114;
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 procedure UnLoad;
-{$ENDREGION}
 
 var
   ERR_load_PKCS7_strings: function: TIdC_INT cdecl = nil;
 
 implementation
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 
   function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
@@ -154,6 +151,5 @@ procedure UnLoad;
 begin
   ERR_load_PKCS7_strings := nil;
 end;
-{$ENDREGION}
 
 end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_rand.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_rand.pas
index ece2eb6d0..19b57b1fd 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_rand.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_rand.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 11.05.2020 08:36:42
+// Generation date: 28.10.2020 15:24:13
 
 unit IdOpenSSLHeaders_rand;
 
@@ -63,10 +63,8 @@   rand_meth_st = record
     status: rand_meth_st_status;
   end;
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 procedure UnLoad;
-{$ENDREGION}
 
 var
   RAND_set_rand_method: function(const meth: PRAND_METHOD): TIdC_INT cdecl = nil;
@@ -82,8 +80,8 @@ procedure UnLoad;
   RAND_keep_random_devices_open: procedure(keep: TIdC_INT) cdecl = nil;
 
   RAND_add: procedure(const buf: Pointer; num: TIdC_INT; randomness: TIdC_DOUBLE) cdecl = nil;
-  RAND_load_file: function(const &file: PIdAnsiChar; max_bytes: TIdC_LONG): TIdC_INT cdecl = nil;
-  RAND_write_file: function(const &file: PIdAnsiChar): TIdC_INT cdecl = nil;
+  RAND_load_file: function(const file_: PIdAnsiChar; max_bytes: TIdC_LONG): TIdC_INT cdecl = nil;
+  RAND_write_file: function(const file_: PIdAnsiChar): TIdC_INT cdecl = nil;
   RAND_status: function: TIdC_INT cdecl = nil;
 
   RAND_query_egd_bytes: function(const path: PIdAnsiChar; buf: PByte; bytes: TIdC_INT): TIdC_INT cdecl = nil;
@@ -94,7 +92,6 @@ procedure UnLoad;
 
 implementation
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 
   function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
@@ -142,6 +139,5 @@ procedure UnLoad;
   RAND_egd_bytes := nil;
   RAND_poll := nil;
 end;
-{$ENDREGION}
 
 end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_randerr.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_randerr.pas
index b3b0d22ea..0b0ea0522 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_randerr.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_randerr.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 15:01:04
+// Generation date: 28.10.2020 15:24:13
 
 unit IdOpenSSLHeaders_randerr;
 
@@ -117,17 +117,14 @@ interface
   RAND_R_UNSUPPORTED_DRBG_FLAGS = 132;
   RAND_R_UNSUPPORTED_DRBG_TYPE = 120;
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 procedure UnLoad;
-{$ENDREGION}
 
 var
   ERR_load_RAND_strings: function: TIdC_INT cdecl = nil;
 
 implementation
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 
   function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
@@ -145,6 +142,5 @@ procedure UnLoad;
 begin
   ERR_load_RAND_strings := nil;
 end;
-{$ENDREGION}
 
 end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_rsa.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_rsa.pas
index 9f633ff51..3a8e5e4c6 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_rsa.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_rsa.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 15:01:04
+// Generation date: 28.10.2020 15:24:13
 
 unit IdOpenSSLHeaders_rsa;
 
@@ -169,7 +169,7 @@   rsa_oaep_params_st = record
   //DECLARE_ASN1_ENCODE_FUNCTIONS_const(RSA, RSAPrivateKey)
 
   RSA_meth_set_priv_dec_priv_dec = function(flen: TIdC_INT; const from: PByte;
-    &to: PByte; rsa: PRSA; padding: TIdC_INT): TIdC_INT; cdecl;
+    to_: PByte; rsa: PRSA; padding: TIdC_INT): TIdC_INT; cdecl;
 
   RSA_meth_set_mod_exp_mod_exp = function(r0: PBIGNUM; const i: PBIGNUM;
     rsa: PRSA; ctx: PBN_CTX): TIdC_INT; cdecl;
@@ -258,10 +258,8 @@   rsa_oaep_params_st = record
 //# define RSA_set_app_data(s,arg)         RSA_set_ex_data(s,0,arg)
 //# define RSA_get_app_data(s)             RSA_get_ex_data(s,0)
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 procedure UnLoad;
-{$ENDREGION}
 
 var
   RSA_new: function: PRSA cdecl = nil;
@@ -308,10 +306,10 @@ procedure UnLoad;
   RSA_check_key: function(const v1: PRSA): TIdC_INT cdecl = nil;
   RSA_check_key_ex: function(const v1: PRSA; cb: BN_GENCB): TIdC_INT cdecl = nil;
   (* next 4 return -1 on error *)
-  RSA_public_encrypt: function(flen: TIdC_INT; const from: PByte; &to: PByte; rsa: PRSA; padding: TIdC_INT): TIdC_INT cdecl = nil;
-  RSA_private_encrypt: function(flen: TIdC_INT; const from: PByte; &to: PByte; rsa: PRSA; padding: TIdC_INT): TIdC_INT cdecl = nil;
-  RSA_public_decrypt: function(flen: TIdC_INT; const from: PByte; &to: PByte; rsa: PRSA; padding: TIdC_INT): TIdC_INT cdecl = nil;
-  RSA_private_decrypt: function(flen: TIdC_INT; const from: PByte; &to: PByte; rsa: PRSA; padding: TIdC_INT): TIdC_INT cdecl = nil;
+  RSA_public_encrypt: function(flen: TIdC_INT; const from: PByte; to_: PByte; rsa: PRSA; padding: TIdC_INT): TIdC_INT cdecl = nil;
+  RSA_private_encrypt: function(flen: TIdC_INT; const from: PByte; to_: PByte; rsa: PRSA; padding: TIdC_INT): TIdC_INT cdecl = nil;
+  RSA_public_decrypt: function(flen: TIdC_INT; const from: PByte; to_: PByte; rsa: PRSA; padding: TIdC_INT): TIdC_INT cdecl = nil;
+  RSA_private_decrypt: function(flen: TIdC_INT; const from: PByte; to_: PByte; rsa: PRSA; padding: TIdC_INT): TIdC_INT cdecl = nil;
 
   RSA_free: procedure(r: PRSA) cdecl = nil;
   (* "up" the RSA object's reference count *)
@@ -427,7 +425,7 @@ procedure UnLoad;
   //int (*RSA_meth_get_finish(const RSA_METHOD *meth)) (RSA *rsa);
   RSA_meth_set_finish: function(rsa: PRSA_METHOD; finish: RSA_meth_set_finish_finish): TIdC_INT cdecl = nil;
   //int (*RSA_meth_get_sign(const RSA_METHOD *meth))
-  //    (int &type,
+  //    (int type_,
   //     const unsigned char *m, unsigned int m_length,
   //     unsigned char *sigret, unsigned int *siglen,
   //     const RSA *rsa);
@@ -446,7 +444,6 @@ procedure UnLoad;
 
 implementation
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 
   function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
@@ -652,6 +649,5 @@ procedure UnLoad;
   RSA_meth_set_keygen := nil;
   RSA_meth_set_multi_prime_keygen := nil;
 end;
-{$ENDREGION}
 
 end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_rsaerr.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_rsaerr.pas
index 815a404f0..547623d0a 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_rsaerr.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_rsaerr.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 15:01:04
+// Generation date: 28.10.2020 15:24:13
 
 unit IdOpenSSLHeaders_rsaerr;
 
@@ -190,17 +190,14 @@ interface
   RSA_R_VALUE_MISSING = 147;
   RSA_R_WRONG_SIGNATURE_LENGTH = 119;
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 procedure UnLoad;
-{$ENDREGION}
 
 var
   ERR_load_RSA_strings: function: TIdC_INT cdecl = nil;
 
 implementation
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 
   function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
@@ -218,6 +215,5 @@ procedure UnLoad;
 begin
   ERR_load_RSA_strings := nil;
 end;
-{$ENDREGION}
 
 end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_sha.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_sha.pas
index f43a5a697..50266bcb9 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_sha.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_sha.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 15:01:04
+// Generation date: 28.10.2020 15:24:13
 
 unit IdOpenSSLHeaders_sha;
 
@@ -99,10 +99,8 @@   SHA512state_st = record
   SHA512_CTX = SHA512state_st;
   PSHA512_CTX = ^SHA512_CTX;
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 procedure UnLoad;
-{$ENDREGION}
 
 var
   SHA1_Init: function(c: PSHA_CTX): TIdC_INT cdecl = nil;
@@ -135,7 +133,6 @@ procedure UnLoad;
 
 implementation
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 
   function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
@@ -197,6 +194,5 @@ procedure UnLoad;
   SHA512 := nil;
   SHA512_Transform := nil;
 end;
-{$ENDREGION}
 
 end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_srtp.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_srtp.pas
index 3352b3833..701a50cc9 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_srtp.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_srtp.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 15:01:04
+// Generation date: 28.10.2020 15:24:13
 
 unit IdOpenSSLHeaders_srtp;
 
@@ -59,10 +59,8 @@ interface
   SRTP_AEAD_AES_128_GCM = $0007;
   SRTP_AEAD_AES_256_GCM = $0008;
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 procedure UnLoad;
-{$ENDREGION}
 
 var
   SSL_CTX_set_tlsext_use_srtp: function(ctx: PSSL_CTX; const profiles: PIdAnsiChar): TIdC_INT cdecl = nil;
@@ -73,7 +71,6 @@ procedure UnLoad;
 
 implementation
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 
   function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
@@ -95,6 +92,5 @@ procedure UnLoad;
   SSL_set_tlsext_use_srtp := nil;
   SSL_get_selected_srtp_profile := nil;
 end;
-{$ENDREGION}
 
 end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ssl.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ssl.pas
index 9d7745283..c69ab090b 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ssl.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ssl.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 11.05.2020 08:36:42
+// Generation date: 28.10.2020 15:24:13
 
 unit IdOpenSSLHeaders_ssl;
 
@@ -555,9 +555,9 @@ interface
 
   (*
    * Most of the following state values are no longer used and are defined to be
-   * the closest equivalent value &in the current state machine code. Not all
+   * the closest equivalent value in_ the current state machine code. Not all
    * defines have an equivalent and are set to a dummy value (-1). SSL_ST_CONNECT
-   * and SSL_ST_ACCEPT are still &in use &in the definition of SSL_CB_ACCEPT_LOOP,
+   * and SSL_ST_ACCEPT are still in_ use in_ the definition of SSL_CB_ACCEPT_LOOP,
    * SSL_CB_ACCEPT_EXIT, SSL_CB_CONNECT_LOOP and SSL_CB_CONNECT_EXIT.
    *)
   SSL_ST_CONNECT = $1000;
@@ -812,7 +812,7 @@ interface
   //SSLv23_server_method = TLS_server_method;
   //SSLv23_client_method = TLS_client_method;
 
-  (* What the 'other' parameter contains &in security callback *)
+  (* What the 'other' parameter contains in_ security callback *)
   (* Mask for type *)
   SSL_SECOP_OTHER_TYPE = $ffff0000;
   SSL_SECOP_OTHER_NONE = 0;
@@ -940,13 +940,13 @@   srtp_protection_profile_st = record
   //DEFINE_STACK_OF(SRTP_PROTECTION_PROFILE)
 
   (* Typedefs for handling custom extensions *)
-  custom_ext_add_cb = function (s: PSSL; ext_type: TIdC_UINT; const &out: PByte; outlen: PIdC_SIZET; al: PIdC_INT; add_arg: Pointer): TIdC_INT; cdecl;
-  custom_ext_free_cb = procedure (s: PSSL; ext_type: TIdC_UINT; const &out: PByte; add_arg: Pointer); cdecl;
-  custom_ext_parse_cb = function (s: PSSL; ext_type: TIdC_UINT; const &in: PByte; inlen: TIdC_SIZET; al: PIdC_INT; parse_arg: Pointer): TIdC_INT; cdecl;
+  custom_ext_add_cb = function (s: PSSL; ext_type: TIdC_UINT; const out_: PByte; outlen: PIdC_SIZET; al: PIdC_INT; add_arg: Pointer): TIdC_INT; cdecl;
+  custom_ext_free_cb = procedure (s: PSSL; ext_type: TIdC_UINT; const out_: PByte; add_arg: Pointer); cdecl;
+  custom_ext_parse_cb = function (s: PSSL; ext_type: TIdC_UINT; const in_: PByte; inlen: TIdC_SIZET; al: PIdC_INT; parse_arg: Pointer): TIdC_INT; cdecl;
 
-  SSL_custom_ext_add_cb_ex = function (s: PSSL; ext_type: TIdC_UINT; context: TIdC_UINT; const &out: PByte; outlen: PIdC_SIZET; x: Px509; chainidx: TIdC_SIZET; al: PIdC_INT; add_arg: Pointer): TIdC_INT; cdecl;
-  SSL_custom_ext_free_cb_ex = procedure (s: PSSL; ext_type: TIdC_UINT; context: TIdC_UINT; const &out: PByte; add_arg: Pointer); cdecl;
-  SSL_custom_ext_parse_cb_ex = function (s: PSSL; ext_type: TIdC_UINT; context: TIdC_UINT; const &in: PByte; inlen: TIdC_SIZET; x: Px509; chainidx: TIdC_SIZET; al: PIdC_INT; parse_arg: Pointer): TIdC_INT; cdecl;
+  SSL_custom_ext_add_cb_ex = function (s: PSSL; ext_type: TIdC_UINT; context: TIdC_UINT; const out_: PByte; outlen: PIdC_SIZET; x: Px509; chainidx: TIdC_SIZET; al: PIdC_INT; add_arg: Pointer): TIdC_INT; cdecl;
+  SSL_custom_ext_free_cb_ex = procedure (s: PSSL; ext_type: TIdC_UINT; context: TIdC_UINT; const out_: PByte; add_arg: Pointer); cdecl;
+  SSL_custom_ext_parse_cb_ex = function (s: PSSL; ext_type: TIdC_UINT; context: TIdC_UINT; const in_: PByte; inlen: TIdC_SIZET; x: Px509; chainidx: TIdC_SIZET; al: PIdC_INT; parse_arg: Pointer): TIdC_INT; cdecl;
 
   (* Typedef for verification callback *)
   SSL_verify_cb = function (preverify_ok: TIdC_INT; x509_ctx: PX509_STORE_CTX): TIdC_INT; cdecl;
@@ -954,20 +954,20 @@   srtp_protection_profile_st = record
   tls_session_ticket_ext_cb_fn = function (s: PSSL; const data: PByte; len: TIdC_INT; arg: Pointer): TIdC_INT; cdecl;
 
   (*
-   * This callback type is used inside SSL_CTX, SSL, and &in the functions that
-   * set them. It is used to override the generation of SSL/TLS session IDs &in
+   * This callback type is used inside SSL_CTX, SSL, and in_ the functions that
+   * set them. It is used to override the generation of SSL/TLS session IDs in_
    * a server. Return value should be zero on an error, non-zero to proceed.
    * Also, callbacks should themselves check if the id they generate is unique
    * otherwise the SSL handshake will fail with an error - callbacks can do
    * this using the 'ssl' value they're passed by;
-   * SSL_has_matching_session_id(ssl, id, *id_len) The length value passed &in
-   * is set at the maximum size the session ID can be. &in SSLv3/TLSv1 it is 32
+   * SSL_has_matching_session_id(ssl, id, *id_len) The length value passed in_
+   * is set at the maximum size the session ID can be. in_ SSLv3/TLSv1 it is 32
    * bytes. The callback can alter this length to be less if desired. It is
    * also an error for the callback to set the size to zero.
    *)
   GEN_SESSION_CB = function (ssl: PSSL; id: PByte; id_len: PIdC_UINT): TIdC_INT; cdecl;
 
-  SSL_CTX_info_callback = procedure (const ssl: PSSL; &type: TIdC_INT; val: TIdC_INT); cdecl;
+  SSL_CTX_info_callback = procedure (const ssl: PSSL; type_: TIdC_INT; val: TIdC_INT); cdecl;
   SSL_CTX_client_cert_cb = function (ssl: PSSL; x509: PPx509; pkey: PPEVP_PKEY): TIdC_INT; cdecl;
 
   SSL_CTX_cookie_verify_cb = function (ssl: PSSL; cookie: PByte; cookie_len: PIdC_UINT): TIdC_INT; cdecl;
@@ -975,7 +975,7 @@   srtp_protection_profile_st = record
   SSL_CTX_set_stateless_cookie_generate_cb_gen_stateless_cookie_cb = function (ssl: PSSL; cookie: PByte; cookie_len: PIdC_SIZET): TIdC_INT; cdecl;
   SSL_CTX_set_stateless_cookie_verify_cb_verify_stateless_cookie_cb = function (ssl: PSSL; const cookie: PByte; cookie_len: TIdC_SIZET): TIdC_INT; cdecl;
 
-  SSL_CTX_alpn_select_cb_func = function (ssl: PSSL; const &out: PPByte; outlen: PByte; const &in: PByte; inlen: TIdC_UINT; arg: Pointer): TIdC_INT; cdecl;
+  SSL_CTX_alpn_select_cb_func = function (ssl: PSSL; const out_: PPByte; outlen: PByte; const in_: PByte; inlen: TIdC_UINT; arg: Pointer): TIdC_INT; cdecl;
   SSL_psk_client_cb_func = function (ssl: PSSL; const hint: PIdAnsiChar; identity: PIdAnsiChar; max_identity_len: TIdC_UINT; psk: PByte; max_psk_len: TIdC_UINT): TIdC_UINT; cdecl;
   SSL_psk_server_cb_func = function (ssl: PSSL; const identity: PIdAnsiChar; psk: PByte; max_psk_len: TIdC_UINT): TIdC_UINT; cdecl;
   SSL_psk_find_session_cb_func = function (ssl: PSSL; const identity: PByte; identity_len: TIdC_SIZET; sess: PPSSL_SESSION): TIdC_INT; cdecl;
@@ -1059,15 +1059,15 @@   srtp_protection_profile_st = record
   SSL_client_hello_cb_fn = function (s: PSSL; al: PIdC_INT; arg: Pointer): TIdC_INT; cdecl;
   SSL_callback_ctrl_v3 = procedure; cdecl;
   SSL_CTX_callback_ctrl_v3 = procedure; cdecl;
-  SSL_info_callback = procedure (const ssl: PSSL; &type: TIdC_INT; val: TIdC_INT); cdecl;
+  SSL_info_callback = procedure (const ssl: PSSL; type_: TIdC_INT; val: TIdC_INT); cdecl;
 
   (* NB: the |keylength| is only applicable when is_export is true *)
   SSL_CTX_set_tmp_dh_callback_dh = function (ssl: PSSL; is_export: TIdC_INT; keylength: TIdC_INT): PDH; cdecl;
   SSL_set_tmp_dh_callback_dh = function (ssl: PSSL; is_export: TIdC_INT; keylength: TIdC_INT): PDH; cdecl;
   SSL_CTX_set_not_resumable_session_callback_cb = function (ssl: PSSL; is_forward_secure: TIdC_INT): TIdC_INT; cdecl;
   SSL_set_not_resumable_session_callback_cb = function (ssl: PSSL; is_forward_secure: TIdC_INT): TIdC_INT; cdecl;
-  SSL_CTX_set_record_padding_callback_cb = function (ssl: PSSL; &type: TIdC_INT; len: TIdC_SIZET; arg: Pointer): TIdC_SIZET; cdecl;
-  SSL_set_record_padding_callback_cb = function (ssl: PSSL; &type: TIdC_INT; len: TIdC_SIZET; arg: Pointer): TIdC_SIZET; cdecl;
+  SSL_CTX_set_record_padding_callback_cb = function (ssl: PSSL; type_: TIdC_INT; len: TIdC_SIZET; arg: Pointer): TIdC_SIZET; cdecl;
+  SSL_set_record_padding_callback_cb = function (ssl: PSSL; type_: TIdC_INT; len: TIdC_SIZET; arg: Pointer): TIdC_SIZET; cdecl;
   
   (*
    * The validation type enumerates the available behaviours of the built-in SSL
@@ -1096,7 +1096,6 @@   srtp_protection_profile_st = record
 
   SSL_CTX_sess_remove_cb = procedure(ctx: PSSL_CTX; sess: PSSL_SESSION); cdecl;
 
-{$REGION 'C compiler macros'}
 function SSL_CTX_set_mode(ctx: PSSL_CTX; op: TIdC_LONG): TIdC_LONG;
 function SSL_CTX_clear_mode(ctx: PSSL_CTX; op: TIdC_LONG): TIdC_LONG;
 
@@ -1175,12 +1174,9 @@ function SSL_set_min_proto_version(s: PSSL; version: TIdC_LONG): TIdC_LONG;
 function SSL_set_max_proto_version(s: PSSL; version: TIdC_LONG): TIdC_LONG;
 function SSL_get_min_proto_version(s: PSSL): TIdC_LONG;
 function SSL_get_max_proto_version(s: PSSL): TIdC_LONG;
-{$ENDREGION}
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 procedure UnLoad;
-{$ENDREGION}
 
 var
   //typedef TIdC_INT (*tls_session_secret_cb_fn)(s: PSSL, void *secret, TIdC_INT *secret_len,
@@ -1392,7 +1388,7 @@ procedure UnLoad;
 
   ///*
   // * These need to be after the above set of includes due to a compiler bug
-  // * &in VisualStudio 2015
+  // * in_ VisualStudio 2015
   // */
   //DEFINE_STACK_OF_CONST(SSL_CIPHER)
   //DEFINE_STACK_OF(SSL_COMP)
@@ -1549,20 +1545,20 @@ procedure UnLoad;
   (* Set serverinfo data for the current active cert. *)
   SSL_CTX_use_serverinfo: function(ctx: PSSL_CTX; const serverinfo: PByte; serverinfo_length: TIdC_SIZET): TIdC_INT cdecl = nil;
   SSL_CTX_use_serverinfo_ex: function(ctx: PSSL_CTX; version: TIdC_UINT; const serverinfo: PByte; serverinfo_length: TIdC_SIZET): TIdC_INT cdecl = nil;
-  SSL_CTX_use_serverinfo_file: function(ctx: PSSL_CTX; const &file: PIdAnsiChar): TIdC_INT cdecl = nil;
+  SSL_CTX_use_serverinfo_file: function(ctx: PSSL_CTX; const file_: PIdAnsiChar): TIdC_INT cdecl = nil;
 
-  SSL_use_RSAPrivateKey_file: function(ssl: PSSL; const &file: PIdAnsiChar; &type: TIdC_INT): TIdC_INT cdecl = nil;
+  SSL_use_RSAPrivateKey_file: function(ssl: PSSL; const file_: PIdAnsiChar; type_: TIdC_INT): TIdC_INT cdecl = nil;
 
-  SSL_use_PrivateKey_file: function(ssl: PSSL; const &file: PIdAnsiChar; &type: TIdC_INT): TIdC_INT cdecl = nil;
-  SSL_use_certificate_file: function(ssl: PSSL; const &file: PIdAnsiChar; &type: TIdC_INT): TIdC_INT cdecl = nil;
+  SSL_use_PrivateKey_file: function(ssl: PSSL; const file_: PIdAnsiChar; type_: TIdC_INT): TIdC_INT cdecl = nil;
+  SSL_use_certificate_file: function(ssl: PSSL; const file_: PIdAnsiChar; type_: TIdC_INT): TIdC_INT cdecl = nil;
 
-  SSL_CTX_use_RSAPrivateKey_file: function(ctx: PSSL_CTX; const &file: PIdAnsiChar; &type: TIdC_INT): TIdC_INT cdecl = nil;
+  SSL_CTX_use_RSAPrivateKey_file: function(ctx: PSSL_CTX; const file_: PIdAnsiChar; type_: TIdC_INT): TIdC_INT cdecl = nil;
 
-  SSL_CTX_use_PrivateKey_file: function(ctx: PSSL_CTX; const &file: PIdAnsiChar; &type: TIdC_INT): TIdC_INT cdecl = nil;
-  SSL_CTX_use_certificate_file: function(ctx: PSSL_CTX; const &file: PIdAnsiChar; &type: TIdC_INT): TIdC_INT cdecl = nil;
+  SSL_CTX_use_PrivateKey_file: function(ctx: PSSL_CTX; const file_: PIdAnsiChar; type_: TIdC_INT): TIdC_INT cdecl = nil;
+  SSL_CTX_use_certificate_file: function(ctx: PSSL_CTX; const file_: PIdAnsiChar; type_: TIdC_INT): TIdC_INT cdecl = nil;
   (* PEM type *)
-  SSL_CTX_use_certificate_chain_file: function(ctx: PSSL_CTX; const &file: PIdAnsiChar): TIdC_INT cdecl = nil;
-  SSL_use_certificate_chain_file: function(ssl: PSSL; const &file: PIdAnsiChar): TIdC_INT cdecl = nil;
+  SSL_CTX_use_certificate_chain_file: function(ctx: PSSL_CTX; const file_: PIdAnsiChar): TIdC_INT cdecl = nil;
+  SSL_use_certificate_chain_file: function(ssl: PSSL; const file_: PIdAnsiChar): TIdC_INT cdecl = nil;
   //__owur STACK_OF(X509_NAME) *SSL_load_client_CA_file(const PIdAnsiChar *file);
   //__owur TIdC_INT SSL_add_file_cert_subjects_to_stack(STACK_OF(X509_NAME) *stackCAs,
   //                                               const PIdAnsiChar *file);
@@ -1719,12 +1715,12 @@ procedure UnLoad;
   SSL_CTX_set_client_hello_cb: procedure(c: PSSL_CTX; cb: SSL_client_hello_cb_fn; arg: Pointer) cdecl = nil;
   SSL_client_hello_isv2: function(s: PSSL): TIdC_INT cdecl = nil;
   SSL_client_hello_get0_legacy_version: function(s: PSSL): TIdC_UINT cdecl = nil;
-  SSL_client_hello_get0_random: function(s: PSSL; const &out: PPByte): TIdC_SIZET cdecl = nil;
-  SSL_client_hello_get0_session_id: function(s: PSSL; const &out: PPByte): TIdC_SIZET cdecl = nil;
-  SSL_client_hello_get0_ciphers: function(s: PSSL; const &out: PPByte): TIdC_SIZET cdecl = nil;
-  SSL_client_hello_get0_compression_methods: function(s: PSSL; const &out: PPByte): TIdC_SIZET cdecl = nil;
-  SSL_client_hello_get1_extensions_present: function(s: PSSL; &out: PPIdC_INT; outlen: PIdC_SIZET): TIdC_INT cdecl = nil;
-  SSL_client_hello_get0_ext: function(s: PSSL; &type: TIdC_UINT; const &out: PPByte; outlen: PIdC_SIZET): TIdC_INT cdecl = nil;
+  SSL_client_hello_get0_random: function(s: PSSL; const out_: PPByte): TIdC_SIZET cdecl = nil;
+  SSL_client_hello_get0_session_id: function(s: PSSL; const out_: PPByte): TIdC_SIZET cdecl = nil;
+  SSL_client_hello_get0_ciphers: function(s: PSSL; const out_: PPByte): TIdC_SIZET cdecl = nil;
+  SSL_client_hello_get0_compression_methods: function(s: PSSL; const out_: PPByte): TIdC_SIZET cdecl = nil;
+  SSL_client_hello_get1_extensions_present: function(s: PSSL; out_: PPIdC_INT; outlen: PIdC_SIZET): TIdC_INT cdecl = nil;
+  SSL_client_hello_get0_ext: function(s: PSSL; type_: TIdC_UINT; const out_: PPByte; outlen: PIdC_SIZET): TIdC_INT cdecl = nil;
   SSL_certs_clear: procedure(s: PSSL) cdecl = nil;
   SSL_free: procedure(ssl: PSSL) cdecl = nil;
 
@@ -1860,10 +1856,10 @@ procedure UnLoad;
   SSL_get_verify_result: function(const ssl: PSSL): TIdC_LONG cdecl = nil;
   //__owur STACK_OF(X509) *SSL_get0_verified_chain(const s: PSSL);
 
-  SSL_get_client_random: function(const ssl: PSSL; &out: PByte; outlen: TIdC_SIZET): TIdC_SIZET cdecl = nil;
-  SSL_get_server_random: function(const ssl: PSSL; &out: PByte; outlen: TIdC_SIZET): TIdC_SIZET cdecl = nil;
-  SSL_SESSION_get_master_key: function(const sess: PSSL_SESSION; &out: PByte; outlen: TIdC_SIZET): TIdC_SIZET cdecl = nil;
-  SSL_SESSION_set1_master_key: function(sess: PSSL_SESSION; const &in: PByte; len: TIdC_SIZET): TIdC_INT cdecl = nil;
+  SSL_get_client_random: function(const ssl: PSSL; out_: PByte; outlen: TIdC_SIZET): TIdC_SIZET cdecl = nil;
+  SSL_get_server_random: function(const ssl: PSSL; out_: PByte; outlen: TIdC_SIZET): TIdC_SIZET cdecl = nil;
+  SSL_SESSION_get_master_key: function(const sess: PSSL_SESSION; out_: PByte; outlen: TIdC_SIZET): TIdC_SIZET cdecl = nil;
+  SSL_SESSION_set1_master_key: function(sess: PSSL_SESSION; const in_: PByte; len: TIdC_SIZET): TIdC_INT cdecl = nil;
   SSL_SESSION_get_max_fragment_length: function(const sess: PSSL_SESSION): TIdC_UINT8 cdecl = nil;
 
   //#define SSL_get_ex_new_index(l, p, newf, dupf, freef) \
@@ -2024,7 +2020,7 @@ procedure UnLoad;
   ///*
   // * The validation type enumerates the available behaviours of the built-&in SSL
   // * CT validation callback selected via SSL_enable_ct() and SSL_CTX_enable_ct().
-  // * The underlying callback is a static function &in libssl.
+  // * The underlying callback is a static function in_ libssl.
   // */
 
   ///*
@@ -2033,7 +2029,7 @@ procedure UnLoad;
   // * continues the handshake, the application can make appropriate decisions at
   // * handshake completion.  The SSL_CT_VALIDATION_STRICT variant requires at
   // * least one valid SCT, or else handshake termination will be requested.  The
-  // * handshake may continue anyway if SSL_VERIFY_NONE is &in effect.
+  // * handshake may continue anyway if SSL_VERIFY_NONE is in_ effect.
   // */
   SSL_enable_ct: function(s: PSSL; validation_mode: TIdC_INT): TIdC_INT cdecl = nil;
   SSL_CTX_enable_ct: function(ctx: PSSL_CTX; validation_mode: TIdC_INT): TIdC_INT cdecl = nil;
@@ -2101,7 +2097,6 @@ procedure UnLoad;
 
 implementation
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 
   function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
@@ -2877,20 +2872,13 @@ procedure UnLoad;
   SSL_CTX_set_allow_early_data_cb := nil;
   SSL_set_allow_early_data_cb := nil;
 end;
-{$ENDREGION}
-
-
-{$REGION 'C compiler macros'}
 
 //# define SSL_CTX_set_mode(ctx,op)      SSL_CTX_ctrl((ctx),SSL_CTRL_MODE,(op),NULL)
 function SSL_CTX_set_mode(ctx: PSSL_CTX; op: TIdC_LONG): TIdC_LONG;
-
 begin
-
   Result := SSL_CTX_ctrl(ctx, SSL_CTRL_MODE, op, nil);
 end;
 
-
 //# define SSL_CTX_clear_mode(ctx,op)   SSL_CTX_ctrl((ctx),SSL_CTRL_CLEAR_MODE,(op),NULL)
 function SSL_CTX_clear_mode(ctx: PSSL_CTX; op: TIdC_LONG): TIdC_LONG;
 begin
@@ -3340,6 +3328,5 @@ function SSL_get_max_proto_version(s: PSSL): TIdC_LONG;
 begin
   Result := SSL_ctrl(s, SSL_CTRL_GET_MAX_PROTO_VERSION, 0, nil);
 end;
-{$ENDREGION}
 
 end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ssl3.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ssl3.pas
index 31a4ac327..892272862 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ssl3.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ssl3.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 11.05.2020 08:36:42
+// Generation date: 28.10.2020 15:24:13
 
 unit IdOpenSSLHeaders_ssl3;
 
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_sslerr.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_sslerr.pas
index 53029e008..fd0729e84 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_sslerr.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_sslerr.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 15:01:04
+// Generation date: 28.10.2020 15:24:13
 
 unit IdOpenSSLHeaders_sslerr;
 
@@ -791,17 +791,14 @@ interface
   SSL_R_X509_LIB = 268;
   SSL_R_X509_VERIFICATION_SETUP_PROBLEMS = 269;
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 procedure UnLoad;
-{$ENDREGION}
 
 var
   ERR_load_SSL_strings: function: TIdC_INT cdecl = nil;
 
 implementation
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 
   function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
@@ -819,6 +816,5 @@ procedure UnLoad;
 begin
   ERR_load_SSL_strings := nil;
 end;
-{$ENDREGION}
 
 end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_storeerr.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_storeerr.pas
index 4cc2626d0..92f987c6e 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_storeerr.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_storeerr.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 15:01:04
+// Generation date: 28.10.2020 15:24:13
 
 unit IdOpenSSLHeaders_storeerr;
 
@@ -115,17 +115,14 @@ interface
   OSSL_STORE_R_UNSUPPORTED_SEARCH_TYPE = 120;
   OSSL_STORE_R_URI_AUTHORITY_UNSUPPORTED = 111;
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 procedure UnLoad;
-{$ENDREGION}
 
 var
   ERR_load_OSSL_STORE_strings: function: TIdC_INT cdecl = nil;
 
 implementation
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 
   function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
@@ -143,6 +140,5 @@ procedure UnLoad;
 begin
   ERR_load_OSSL_STORE_strings := nil;
 end;
-{$ENDREGION}
 
 end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_tls1.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_tls1.pas
index 5571cafbe..f22f078f3 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_tls1.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_tls1.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 11.05.2020 08:36:42
+// Generation date: 28.10.2020 15:24:13
 
 unit IdOpenSSLHeaders_tls1;
 
@@ -1098,20 +1098,16 @@   tls_session_ticket_ext_st = record
     data: Pointer;
   end;
 
-{$REGION 'C compiler macros'}
 function SSL_set_tlsext_host_name(s: PSSL; const name: PIdAnsiChar): TIdC_LONG;
-{$ENDREGION}
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 procedure UnLoad;
-{$ENDREGION}
 
 var
   SSL_CTX_set_tlsext_max_fragment_length: function(ctx: PSSL_CTx; mode: TIdC_UINT8): TIdC_INT cdecl = nil;
   SSL_set_tlsext_max_fragment_length: function(ssl: PSSL; mode: TIdC_UINT8): TIdC_INT cdecl = nil;
 
-  SSL_get_servername: function(const s: PSSL; const &type: TIdC_INT): PIdAnsiChar cdecl = nil;
+  SSL_get_servername: function(const s: PSSL; const type_: TIdC_INT): PIdAnsiChar cdecl = nil;
   SSL_get_servername_type: function(const s: PSSL): TIdC_INT cdecl = nil;
   (*
    * SSL_export_keying_material exports a value derived from the master secret,
@@ -1120,7 +1116,7 @@ procedure UnLoad;
    * flag controls whether a context is included.) It returns 1 on success and
    * 0 or -1 otherwise.
    *)
-  SSL_export_keying_material: function(s: PSSL; &out: PByte; olen: TIdC_SIZET; const &label: PIdAnsiChar; llen: TIdC_SIZET; const context: PByte; contextlen: TIdC_SIZET; use_context: TIdC_INT): TIdC_INT cdecl = nil;
+  SSL_export_keying_material: function(s: PSSL; out_: PByte; olen: TIdC_SIZET; const label_: PIdAnsiChar; llen: TIdC_SIZET; const context: PByte; contextlen: TIdC_SIZET; use_context: TIdC_INT): TIdC_INT cdecl = nil;
 
   (*
    * SSL_export_keying_material_early exports a value derived from the
@@ -1129,7 +1125,7 @@ procedure UnLoad;
    * |olen| bytes to |out| given a label and optional context. It
    * returns 1 on success and 0 otherwise.
    *)
-  SSL_export_keying_material_early: function(s: PSSL; &out: PByte; olen: TIdC_SIZET; const &label: PIdAnsiChar; llen: TIdC_SIZET; const context: PByte; contextlen: TIdC_SIZET): TIdC_INT cdecl = nil;
+  SSL_export_keying_material_early: function(s: PSSL; out_: PByte; olen: TIdC_SIZET; const label_: PIdAnsiChar; llen: TIdC_SIZET; const context: PByte; contextlen: TIdC_SIZET): TIdC_INT cdecl = nil;
 
   SSL_get_peer_signature_type_nid: function(const s: PSSl; pnid: PIdC_INT): TIdC_INT cdecl = nil;
   SSL_get_signature_type_nid: function(const s: PSSl; pnid: PIdC_INT): TIdC_INT cdecl = nil;
@@ -1207,7 +1203,6 @@ implementation
 uses
   IdOpenSSLHeaders_ssl;
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 
   function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
@@ -1243,15 +1238,11 @@ procedure UnLoad;
   SSL_get_sigalgs := nil;
   SSL_get_shared_sigalgs := nil;
 end;
-{$ENDREGION}
 
-
-{$REGION 'C compiler macros'}
 //# define SSL_set_tlsext_host_name(s,name)         SSL_ctrl(s,SSL_CTRL_SET_TLSEXT_HOSTNAME,TLSEXT_NAMETYPE_host_name, (void *)name)
 function SSL_set_tlsext_host_name(s: PSSL; const name: PIdAnsiChar): TIdC_LONG;
 begin
   Result := SSL_ctrl(s, SSL_CTRL_SET_TLSEXT_HOSTNAME, TLSEXT_NAMETYPE_host_name, Pointer(name));
 end;
-{$ENDREGION}
 
 end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ts.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ts.pas
index bfb1713ea..10717c133 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ts.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ts.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 15:01:04
+// Generation date: 28.10.2020 15:24:13
 
 unit IdOpenSSLHeaders_ts;
 
@@ -212,10 +212,8 @@ interface
   TS_VERIFY_CTX = type Pointer;
   PTS_VERIFY_CTX = ^TS_VERIFY_CTX;
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 procedure UnLoad;
-{$ENDREGION}
 
 var
   TS_REQ_new: function: PTS_REQ cdecl = nil;
@@ -546,7 +544,7 @@ procedure UnLoad;
    *)
 
   TS_CONF_load_cert: function(&file: PIdAnsiChar): PX509 cdecl = nil;
-  TS_CONF_load_key: function( &file: PIdAnsiChar; pass: PIdAnsiChar): PEVP_PKey cdecl = nil;
+  TS_CONF_load_key: function( file_: PIdAnsiChar; pass: PIdAnsiChar): PEVP_PKey cdecl = nil;
   TS_CONF_set_serial: function(conf: PCONF; section: PIdAnsiChar; cb: TS_serial_cb; ctx: PTS_RESP_CTX): TIdC_INT cdecl = nil;
   //STACK_OF(X509) *TS_CONF_load_certs(const char *file);
   TS_CONF_get_tsa_section: function(conf: PCONF; const section: PIdAnsiChar): PIdAnsiChar cdecl = nil;
@@ -568,7 +566,6 @@ procedure UnLoad;
 
 implementation
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 
   function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
@@ -958,6 +955,5 @@ procedure UnLoad;
   TS_CONF_set_ess_cert_id_chain := nil;
   TS_CONF_set_ess_cert_id_digest := nil;
 end;
-{$ENDREGION}
 
 end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_tserr.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_tserr.pas
index 6024b16e8..82dedece3 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_tserr.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_tserr.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 15:01:04
+// Generation date: 28.10.2020 15:24:13
 
 unit IdOpenSSLHeaders_tserr;
 
@@ -150,17 +150,14 @@ interface
   TS_R_VAR_LOOKUP_FAILURE = 136;
   TS_R_WRONG_CONTENT_TYPE = 114;
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 procedure UnLoad;
-{$ENDREGION}
 
 var
   ERR_load_TS_strings: function: TIdC_INT cdecl = nil;
 
 implementation
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 
   function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
@@ -178,6 +175,5 @@ procedure UnLoad;
 begin
   ERR_load_TS_strings := nil;
 end;
-{$ENDREGION}
 
 end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_txt_db.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_txt_db.pas
index 5b0fb263a..e51cb9330 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_txt_db.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_txt_db.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 15:01:04
+// Generation date: 28.10.2020 15:24:13
 
 unit IdOpenSSLHeaders_txt_db;
 
@@ -76,10 +76,8 @@   txt_db_st = record
 
   TXT_DB_create_index_qual = function(v1: POPENSSL_STRING): TIdC_INT;
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 procedure UnLoad;
-{$ENDREGION}
 
 var
   TXT_DB_read: function(&in: PBIO; num: TIdC_INT): PTXT_DB cdecl = nil;
@@ -91,7 +89,6 @@ procedure UnLoad;
 
 implementation
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 
   function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
@@ -117,6 +114,5 @@ procedure UnLoad;
   TXT_DB_get_by_index := nil;
   TXT_DB_insert := nil;
 end;
-{$ENDREGION}
 
 end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ui.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ui.pas
index cafc88536..50aaaae05 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ui.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ui.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 15:01:04
+// Generation date: 28.10.2020 15:24:13
 
 unit IdOpenSSLHeaders_ui;
 
@@ -131,10 +131,8 @@ interface
   UI_method_data_destructor_cb = procedure(ui: PUI; ui_data: Pointer);
   UI_method_prompt_constructor_cb = function(ui: PUI; const object_desc: PIdAnsiChar; const object_name: PIdAnsiChar): PIdAnsiChar;
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 procedure UnLoad;
-{$ENDREGION}
 
 var
   (*
@@ -387,7 +385,6 @@ procedure UnLoad;
 
 implementation
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 
   function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
@@ -527,6 +524,5 @@ procedure UnLoad;
   UI_UTIL_read_pw := nil;
   UI_UTIL_wrap_read_pem_callback := nil;
 end;
-{$ENDREGION}
 
 end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_uierr.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_uierr.pas
index 7bfe8a2ee..8ee3fcd4b 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_uierr.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_uierr.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 15:01:04
+// Generation date: 28.10.2020 15:24:13
 
 unit IdOpenSSLHeaders_uierr;
 
@@ -88,17 +88,14 @@ interface
   UI_R_UNKNOWN_TTYGET_ERRNO_VALUE = 108;
   UI_R_USER_DATA_DUPLICATION_UNSUPPORTED = 112;
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 procedure UnLoad;
-{$ENDREGION}
 
 var
   ERR_load_UI_strings: function: TIdC_INT cdecl = nil;
 
 implementation
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 
   function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
@@ -116,6 +113,5 @@ procedure UnLoad;
 begin
   ERR_load_UI_strings := nil;
 end;
-{$ENDREGION}
 
 end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_whrlpool.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_whrlpool.pas
index 05282eb36..22f9d2966 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_whrlpool.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_whrlpool.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 15:01:04
+// Generation date: 28.10.2020 15:24:13
 
 unit IdOpenSSLHeaders_whrlpool;
 
@@ -65,10 +65,8 @@   WHIRLPOOL_CTX = record
   end;
   PWHIRLPOOL_CTX = ^WHIRLPOOL_CTX;
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 procedure UnLoad;
-{$ENDREGION}
 
 var
   WHIRLPOOL_Init: function(c: PWHIRLPOOL_CTX): TIdC_INT cdecl = nil;
@@ -79,7 +77,6 @@ procedure UnLoad;
 
 implementation
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 
   function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
@@ -105,6 +102,5 @@ procedure UnLoad;
   WHIRLPOOL_Final := nil;
   WHIRLPOOL := nil;
 end;
-{$ENDREGION}
 
 end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_x509.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_x509.pas
index 6794dba9b..5bd36f869 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_x509.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_x509.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 11.05.2020 08:36:42
+// Generation date: 28.10.2020 15:24:13
 
 unit IdOpenSSLHeaders_x509;
 
@@ -304,7 +304,7 @@   Netscape_spki_st = record
 
   (* Netscape certificate sequence structure *)
 //  Netscape_certificate_sequence: record
-//    &type: PASN1_OBJECT;
+//    type_: PASN1_OBJECT;
 //    certs: P --> STACK_OF(X509) <--;
 //  end;
 //  NETSCAPE_CERT_SEQUENCE = Netscape_certificate_sequence;
@@ -353,10 +353,8 @@   SCRYPT_PARAMS_st = record
   //# define         X509_name_cmp(a,b)      X509_NAME_cmp((a),(b))
   //
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 procedure UnLoad;
-{$ENDREGION}
 
 var
   X509_CRL_set_default_method: procedure(const meth: PX509_CRL_METHOD) cdecl = nil;
@@ -401,11 +399,11 @@ procedure UnLoad;
 
   NETSCAPE_SPKI_sign: function(x: PNETSCAPE_SPKI; pkey: PEVP_PKEY; const md: PEVP_MD): TIdC_INT cdecl = nil;
 
-  X509_pubkey_digest: function(const data: PX509; const &type: PEVP_MD; md: PByte; len: PIdC_UINT): TIdC_INT cdecl = nil;
-  X509_digest: function(const data: PX509; const &type: PEVP_MD; md: PByte; len: PIdC_UINT): TIdC_INT cdecl = nil;
-  X509_CRL_digest: function(const data: PX509_CRL; const &type: PEVP_MD; md: PByte; len: PIdC_UINT): TIdC_INT cdecl = nil;
-  X509_REQ_digest: function(const data: PX509_REQ; const &type: PEVP_MD; md: PByte; len: PIdC_UINT): TIdC_INT cdecl = nil;
-  X509_NAME_digest: function(const data: PX509_NAME; const &type: PEVP_MD; md: PByte; len: PIdC_UINT): TIdC_INT cdecl = nil;
+  X509_pubkey_digest: function(const data: PX509; const type_: PEVP_MD; md: PByte; len: PIdC_UINT): TIdC_INT cdecl = nil;
+  X509_digest: function(const data: PX509; const type_: PEVP_MD; md: PByte; len: PIdC_UINT): TIdC_INT cdecl = nil;
+  X509_CRL_digest: function(const data: PX509_CRL; const type_: PEVP_MD; md: PByte; len: PIdC_UINT): TIdC_INT cdecl = nil;
+  X509_REQ_digest: function(const data: PX509_REQ; const type_: PEVP_MD; md: PByte; len: PIdC_UINT): TIdC_INT cdecl = nil;
+  X509_NAME_digest: function(const data: PX509_NAME; const type_: PEVP_MD; md: PByte; len: PIdC_UINT): TIdC_INT cdecl = nil;
 
   //# ifndef OPENSSL_NO_STDIO
   //X509 *d2i_X509_fp(FILE *fp, X509 **x509);
@@ -513,18 +511,18 @@ procedure UnLoad;
 
   X509_ALGOR_new: function: PX509_ALGOR cdecl = nil;
   X509_ALGOR_free: procedure(v1: PX509_ALGOR) cdecl = nil;
-  d2i_X509_ALGOR: function(a: PPX509_ALGOR; const &in: PPByte; len: TIdC_LONG): PX509_ALGOR cdecl = nil;
-  i2d_X509_ALGOR: function(a: PX509_ALGOR; &out: PPByte): TIdC_INT cdecl = nil;
+  d2i_X509_ALGOR: function(a: PPX509_ALGOR; const in_: PPByte; len: TIdC_LONG): PX509_ALGOR cdecl = nil;
+  i2d_X509_ALGOR: function(a: PX509_ALGOR; out_: PPByte): TIdC_INT cdecl = nil;
   //DECLARE_ASN1_ENCODE_FUNCTIONS(X509_ALGORS, X509_ALGORS, X509_ALGORS)
   X509_VAL_new: function: PX509_VAL cdecl = nil;
   X509_VAL_free: procedure(v1: PX509_VAL) cdecl = nil;
-  d2i_X509_VAL: function(a: PPX509_VAL; const &in: PPByte; len: TIdC_LONG): PX509_VAL cdecl = nil;
-  i2d_X509_VAL: function(a: PX509_VAL; &out: PPByte): TIdC_INT cdecl = nil;
+  d2i_X509_VAL: function(a: PPX509_VAL; const in_: PPByte; len: TIdC_LONG): PX509_VAL cdecl = nil;
+  i2d_X509_VAL: function(a: PX509_VAL; out_: PPByte): TIdC_INT cdecl = nil;
 
   X509_PUBKEY_new: function: PX509_PUBKEY cdecl = nil;
   X509_PUBKEY_free: procedure(v1: PX509_PUBKEY) cdecl = nil;
-  d2i_X509_PUBKEY: function(a: PPX509_PUBKEY; const &in: PPByte; len: TIdC_LONG): PX509_PUBKEY cdecl = nil;
-  i2d_X509_PUBKEY: function(a: PX509_PUBKEY; &out: PPByte): TIdC_INT cdecl = nil;
+  d2i_X509_PUBKEY: function(a: PPX509_PUBKEY; const in_: PPByte; len: TIdC_LONG): PX509_PUBKEY cdecl = nil;
+  i2d_X509_PUBKEY: function(a: PX509_PUBKEY; out_: PPByte): TIdC_INT cdecl = nil;
 
   X509_PUBKEY_set: function(x: PPX509_PUBKEY; pkey: PEVP_PKEY): TIdC_INT cdecl = nil;
   X509_PUBKEY_get0: function(key: PX509_PUBKEY): PEVP_PKEY cdecl = nil;
@@ -545,42 +543,42 @@ procedure UnLoad;
 
   X509_SIG_new: function: PX509_SIG cdecl = nil;
   X509_SIG_free: procedure(v1: PX509_SIG) cdecl = nil;
-  d2i_X509_SIG: function(a: PPX509_SIG; const &in: PPByte; len: TIdC_LONG): PX509_SIG cdecl = nil;
-  i2d_X509_SIG: function(a: PX509_SIG; &out: PPByte): TIdC_INT cdecl = nil;
+  d2i_X509_SIG: function(a: PPX509_SIG; const in_: PPByte; len: TIdC_LONG): PX509_SIG cdecl = nil;
+  i2d_X509_SIG: function(a: PX509_SIG; out_: PPByte): TIdC_INT cdecl = nil;
   X509_SIG_get0: procedure(const sig: PX509_SIG; const palg: PPX509_ALGOR; const pdigest: PPASN1_OCTET_STRING) cdecl = nil;
   X509_SIG_getm: procedure(sig: X509_SIG; palg: PPX509_ALGOR; pdigest: PPASN1_OCTET_STRING) cdecl = nil;
 
   X509_REQ_INFO_new: function: PX509_REQ_INFO cdecl = nil;
   X509_REQ_INFO_free: procedure(v1: PX509_REQ_INFO) cdecl = nil;
-  d2i_X509_REQ_INFO: function(a: PPX509_REQ_INFO; const &in: PPByte; len: TIdC_LONG): PX509_REQ_INFO cdecl = nil;
-  i2d_X509_REQ_INFO: function(a: PX509_REQ_INFO; &out: PPByte): TIdC_INT cdecl = nil;
+  d2i_X509_REQ_INFO: function(a: PPX509_REQ_INFO; const in_: PPByte; len: TIdC_LONG): PX509_REQ_INFO cdecl = nil;
+  i2d_X509_REQ_INFO: function(a: PX509_REQ_INFO; out_: PPByte): TIdC_INT cdecl = nil;
 
   X509_REQ_new: function: PX509_REQ cdecl = nil;
   X509_REQ_free: procedure(v1: PX509_REQ) cdecl = nil;
-  d2i_X509_REQ: function(a: PPX509_REQ; const &in: PPByte; len: TIdC_LONG): PX509_REQ cdecl = nil;
-  i2d_X509_REQ: function(a: PX509_REQ; &out: PPByte): TIdC_INT cdecl = nil;
+  d2i_X509_REQ: function(a: PPX509_REQ; const in_: PPByte; len: TIdC_LONG): PX509_REQ cdecl = nil;
+  i2d_X509_REQ: function(a: PX509_REQ; out_: PPByte): TIdC_INT cdecl = nil;
 
   X509_ATTRIBUTE_new: function: PX509_ATTRIBUTE cdecl = nil;
   X509_ATTRIBUTE_free: procedure(v1: PX509_ATTRIBUTE) cdecl = nil;
-  d2i_X509_ATTRIBUTE: function(a: PPX509_ATTRIBUTE; const &in: PPByte; len: TIdC_LONG): PX509_ATTRIBUTE cdecl = nil;
-  i2d_X509_ATTRIBUTE: function(a: PX509_ATTRIBUTE; &out: PPByte): TIdC_INT cdecl = nil;
+  d2i_X509_ATTRIBUTE: function(a: PPX509_ATTRIBUTE; const in_: PPByte; len: TIdC_LONG): PX509_ATTRIBUTE cdecl = nil;
+  i2d_X509_ATTRIBUTE: function(a: PX509_ATTRIBUTE; out_: PPByte): TIdC_INT cdecl = nil;
   X509_ATTRIBUTE_create: function(nid: TIdC_INT; trtype: TIdC_INT; value: Pointer): PX509_ATTRIBUTE cdecl = nil;
 
   X509_EXTENSION_new: function: PX509_EXTENSION cdecl = nil;
   X509_EXTENSION_free: procedure(v1: PX509_EXTENSION) cdecl = nil;
-  d2i_X509_EXTENSION: function(a: PPX509_EXTENSION; const &in: PPByte; len: TIdC_LONG): PX509_EXTENSION cdecl = nil;
-  i2d_X509_EXTENSION: function(a: PX509_EXTENSION; &out: PPByte): TIdC_INT cdecl = nil;
+  d2i_X509_EXTENSION: function(a: PPX509_EXTENSION; const in_: PPByte; len: TIdC_LONG): PX509_EXTENSION cdecl = nil;
+  i2d_X509_EXTENSION: function(a: PX509_EXTENSION; out_: PPByte): TIdC_INT cdecl = nil;
   //DECLARE_ASN1_ENCODE_FUNCTIONS(X509_EXTENSIONS, X509_EXTENSIONS, X509_EXTENSIONS)
 
   X509_NAME_ENTRY_new: function: PX509_NAME_ENTRY cdecl = nil;
   X509_NAME_ENTRY_free: procedure(v1: PX509_NAME_ENTRY) cdecl = nil;
-  d2i_X509_NAME_ENTRY: function(a: PPX509_NAME_ENTRY; const &in: PPByte; len: TIdC_LONG): PX509_NAME_ENTRY cdecl = nil;
-  i2d_X509_NAME_ENTRY: function(a: PX509_NAME_ENTRY; &out: PPByte): TIdC_INT cdecl = nil;
+  d2i_X509_NAME_ENTRY: function(a: PPX509_NAME_ENTRY; const in_: PPByte; len: TIdC_LONG): PX509_NAME_ENTRY cdecl = nil;
+  i2d_X509_NAME_ENTRY: function(a: PX509_NAME_ENTRY; out_: PPByte): TIdC_INT cdecl = nil;
 
   X509_NAME_new: function: PX509_NAME cdecl = nil;
   X509_NAME_free: procedure(v1: PX509_NAME) cdecl = nil;
-  d2i_X509_NAME: function(a: PPX509_NAME; const &in: PPByte; len: TIdC_LONG): PX509_NAME cdecl = nil;
-  i2d_X509_NAME: function(a: PX509_NAME; &out: PPByte): TIdC_INT cdecl = nil;
+  d2i_X509_NAME: function(a: PPX509_NAME; const in_: PPByte; len: TIdC_LONG): PX509_NAME cdecl = nil;
+  i2d_X509_NAME: function(a: PX509_NAME; out_: PPByte): TIdC_INT cdecl = nil;
 
   X509_NAME_set: function(xn: PPX509_NAME; name: PX509_NAME): TIdC_INT cdecl = nil;
 
@@ -588,8 +586,8 @@ procedure UnLoad;
 
   X509_new: function: PX509 cdecl = nil;
   X509_free: procedure(v1: PX509) cdecl = nil;
-  d2i_X509: function(a: PPX509; const &in: PPByte; len: TIdC_LONG): PX509 cdecl = nil;
-  i2d_X509: function(a: PX509; &out: PPByte): TIdC_INT cdecl = nil;
+  d2i_X509: function(a: PPX509; const in_: PPByte; len: TIdC_LONG): PX509 cdecl = nil;
+  i2d_X509: function(a: PX509; out_: PPByte): TIdC_INT cdecl = nil;
 
   //DECLARE_ASN1_FUNCTIONS(X509_CERT_AUX)
   //
@@ -628,16 +626,16 @@ procedure UnLoad;
   //
   X509_REVOKED_new: function: PX509_REVOKED cdecl = nil;
   X509_REVOKED_free: procedure(v1: PX509_REVOKED) cdecl = nil;
-  d2i_X509_REVOKED: function(a: PPX509_REVOKED; const &in: PPByte; len: TIdC_LONG): PX509_REVOKED cdecl = nil;
-  i2d_X509_REVOKED: function(a: PX509_REVOKED; &out: PPByte): TIdC_INT cdecl = nil;
+  d2i_X509_REVOKED: function(a: PPX509_REVOKED; const in_: PPByte; len: TIdC_LONG): PX509_REVOKED cdecl = nil;
+  i2d_X509_REVOKED: function(a: PX509_REVOKED; out_: PPByte): TIdC_INT cdecl = nil;
   X509_CRL_INFO_new: function: PX509_CRL_INFO cdecl = nil;
   X509_CRL_INFO_free: procedure(v1: PX509_CRL_INFO) cdecl = nil;
-  d2i_X509_CRL_INFO: function(a: PPX509_CRL_INFO; const &in: PPByte; len: TIdC_LONG): PX509_CRL_INFO cdecl = nil;
-  i2d_X509_CRL_INFO: function(a: PX509_CRL_INFO; &out: PPByte): TIdC_INT cdecl = nil;
+  d2i_X509_CRL_INFO: function(a: PPX509_CRL_INFO; const in_: PPByte; len: TIdC_LONG): PX509_CRL_INFO cdecl = nil;
+  i2d_X509_CRL_INFO: function(a: PX509_CRL_INFO; out_: PPByte): TIdC_INT cdecl = nil;
   X509_CRL_new: function: PX509_CRL cdecl = nil;
   X509_CRL_free: procedure(v1: PX509_CRL) cdecl = nil;
-  d2i_X509_CRL: function(a: PPX509_CRL; const &in: PPByte; len: TIdC_LONG): PX509_CRL cdecl = nil;
-  i2d_X509_CRL: function(a: PX509_CRL; &out: PPByte): TIdC_INT cdecl = nil;
+  d2i_X509_CRL: function(a: PPX509_CRL; const in_: PPByte; len: TIdC_LONG): PX509_CRL cdecl = nil;
+  i2d_X509_CRL: function(a: PX509_CRL; out_: PPByte): TIdC_INT cdecl = nil;
 
   X509_CRL_add0_revoked: function(crl: PX509_CRL; rev: PX509_REVOKED): TIdC_INT cdecl = nil;
   X509_CRL_get0_by_serial: function(crl: PX509_CRL; ret: PPX509_REVOKED; serial: PASN1_INTEGER): TIdC_INT cdecl = nil;
@@ -664,11 +662,11 @@ procedure UnLoad;
 //                X509_ALGOR *algor2, ASN1_BIT_STRING *signature,
 //                char *data, EVP_PKEY *pkey, const EVP_MD *type);
 
-  ASN1_item_digest: function(const it: PASN1_ITEM; const &type: PEVP_MD; data: Pointer; md: PByte; len: PIdC_UINT): TIdC_INT cdecl = nil;
+  ASN1_item_digest: function(const it: PASN1_ITEM; const type_: PEVP_MD; data: Pointer; md: PByte; len: PIdC_UINT): TIdC_INT cdecl = nil;
 
   ASN1_item_verify: function(const it: PASN1_ITEM; algor1: PX509_ALGOR; signature: PASN1_BIT_STRING; data: Pointer; pkey: PEVP_PKEY): TIdC_INT cdecl = nil;
 
-  ASN1_item_sign: function(const it: PASN1_ITEM; algor1: PX509_ALGOR; algor2: PX509_ALGOR; signature: PASN1_BIT_STRING; data: Pointer; pkey: PEVP_PKEY; const &type: PEVP_MD): TIdC_INT cdecl = nil;
+  ASN1_item_sign: function(const it: PASN1_ITEM; algor1: PX509_ALGOR; algor2: PX509_ALGOR; signature: PASN1_BIT_STRING; data: Pointer; pkey: PEVP_PKEY; const type_: PEVP_MD): TIdC_INT cdecl = nil;
   ASN1_item_sign_ctx: function(const it: PASN1_ITEM; algor1: PX509_ALGOR; algor2: PX509_ALGOR; signature: PASN1_BIT_STRING; asn: Pointer; ctx: PEVP_MD_CTX): TIdC_INT cdecl = nil;
 
   X509_get_version: function(const x: PX509): TIdC_LONG cdecl = nil;
@@ -728,9 +726,9 @@ procedure UnLoad;
   X509_REQ_get_attr: function(const req: PX509_REQ; loc: TIdC_INT): PX509_ATTRIBUTE cdecl = nil;
   X509_REQ_delete_attr: function(req: PX509_REQ; loc: TIdC_INT): PX509_ATTRIBUTE cdecl = nil;
   X509_REQ_add1_attr: function(req: PX509_REQ; attr: PX509_ATTRIBUTE): TIdC_INT cdecl = nil;
-  X509_REQ_add1_attr_by_OBJ: function(req: PX509_REQ; const obj: PASN1_OBJECT; &type: TIdC_INT; const bytes: PByte; len: TIdC_INT): TIdC_INT cdecl = nil;
-  X509_REQ_add1_attr_by_NID: function(req: PX509_REQ; nid: TIdC_INT; &type: TIdC_INT; const bytes: PByte; len: TIdC_INT): TIdC_INT cdecl = nil;
-  X509_REQ_add1_attr_by_txt: function(req: PX509_REQ; const attrname: PIdAnsiChar; &type: TIdC_INT; const bytes: PByte; len: TIdC_INT): TIdC_INT cdecl = nil;
+  X509_REQ_add1_attr_by_OBJ: function(req: PX509_REQ; const obj: PASN1_OBJECT; type_: TIdC_INT; const bytes: PByte; len: TIdC_INT): TIdC_INT cdecl = nil;
+  X509_REQ_add1_attr_by_NID: function(req: PX509_REQ; nid: TIdC_INT; type_: TIdC_INT; const bytes: PByte; len: TIdC_INT): TIdC_INT cdecl = nil;
+  X509_REQ_add1_attr_by_txt: function(req: PX509_REQ; const attrname: PIdAnsiChar; type_: TIdC_INT; const bytes: PByte; len: TIdC_INT): TIdC_INT cdecl = nil;
 
   X509_CRL_set_version: function(x: PX509_CRL; version: TIdC_LONG): TIdC_INT cdecl = nil;
   X509_CRL_set_issuer_name: function(x: PX509_CRL; name: PX509_NAME): TIdC_INT cdecl = nil;
@@ -816,15 +814,15 @@ procedure UnLoad;
   X509_NAME_get_index_by_OBJ: function(name: PX509_NAME; const obj: PASN1_OBJECT; lastpos: TIdC_INT): TIdC_INT cdecl = nil;
   X509_NAME_get_entry: function(const name: PX509_NAME; loc: TIdC_INT): PX509_NAME_ENTRY cdecl = nil;
   X509_NAME_delete_entry: function(name: PX509_NAME; loc: TIdC_INT): pX509_NAME_ENTRY cdecl = nil;
-  X509_NAME_add_entry: function(name: PX509_NAME; const ne: PX509_NAME_ENTRY; loc: TIdC_INT; &set: TIdC_INT): TIdC_INT cdecl = nil;
-  X509_NAME_add_entry_by_OBJ: function(name: PX509_NAME; const obj: PASN1_OBJECT; &type: TIdC_INT; const bytes: PByte; len: TIdC_INT; loc: TIdC_INT; &set: TIdC_INT): TIdC_INT cdecl = nil;
-  X509_NAME_add_entry_by_NID: function(name: PX509_NAME; nid: TIdC_INT; &type: TIdC_INT; const bytes: PByte; len: TIdC_INT; loc: TIdC_INT; &set: TIdC_INT): TIdC_INT cdecl = nil;
-  X509_NAME_ENTRY_create_by_txt: function(ne: PPX509_NAME_ENTRY; const field: PIdAnsiChar; &type: TIdC_INT; const bytes: PByte; len: TIdC_INT): PX509_NAME_ENTRY cdecl = nil;
-  X509_NAME_ENTRY_create_by_NID: function(ne: PPX509_NAME_ENTRY; nid: TIdC_INT; &type: TIdC_INT; const bytes: PByte; len: TIdC_INT): PX509_NAME_ENTRY cdecl = nil;
-  X509_NAME_add_entry_by_txt: function(name: PX509_NAME; const field: PIdAnsiChar; &type: TIdC_INT; const bytes: PByte; len: TIdC_INT; loc: TIdC_INT; &set: TIdC_INT): TIdC_INT cdecl = nil;
-  X509_NAME_ENTRY_create_by_OBJ: function(ne: PPX509_NAME_ENTRY; const obj: PASN1_OBJECT; &type: TIdC_INT; const bytes: PByte; len: TIdC_INT): PX509_NAME_ENTRY cdecl = nil;
+  X509_NAME_add_entry: function(name: PX509_NAME; const ne: PX509_NAME_ENTRY; loc: TIdC_INT; set_: TIdC_INT): TIdC_INT cdecl = nil;
+  X509_NAME_add_entry_by_OBJ: function(name: PX509_NAME; const obj: PASN1_OBJECT; type_: TIdC_INT; const bytes: PByte; len: TIdC_INT; loc: TIdC_INT; set_: TIdC_INT): TIdC_INT cdecl = nil;
+  X509_NAME_add_entry_by_NID: function(name: PX509_NAME; nid: TIdC_INT; type_: TIdC_INT; const bytes: PByte; len: TIdC_INT; loc: TIdC_INT; set_: TIdC_INT): TIdC_INT cdecl = nil;
+  X509_NAME_ENTRY_create_by_txt: function(ne: PPX509_NAME_ENTRY; const field: PIdAnsiChar; type_: TIdC_INT; const bytes: PByte; len: TIdC_INT): PX509_NAME_ENTRY cdecl = nil;
+  X509_NAME_ENTRY_create_by_NID: function(ne: PPX509_NAME_ENTRY; nid: TIdC_INT; type_: TIdC_INT; const bytes: PByte; len: TIdC_INT): PX509_NAME_ENTRY cdecl = nil;
+  X509_NAME_add_entry_by_txt: function(name: PX509_NAME; const field: PIdAnsiChar; type_: TIdC_INT; const bytes: PByte; len: TIdC_INT; loc: TIdC_INT; set_: TIdC_INT): TIdC_INT cdecl = nil;
+  X509_NAME_ENTRY_create_by_OBJ: function(ne: PPX509_NAME_ENTRY; const obj: PASN1_OBJECT; type_: TIdC_INT; const bytes: PByte; len: TIdC_INT): PX509_NAME_ENTRY cdecl = nil;
   X509_NAME_ENTRY_set_object: function(ne: PX509_NAME_ENTRY; const obj: PASN1_OBJECT): TIdC_INT cdecl = nil;
-  X509_NAME_ENTRY_set_data: function(ne: PX509_NAME_ENTRY; &type: TIdC_INT; const bytes: PByte; len: TIdC_INT): TIdC_INT cdecl = nil;
+  X509_NAME_ENTRY_set_data: function(ne: PX509_NAME_ENTRY; type_: TIdC_INT; const bytes: PByte; len: TIdC_INT): TIdC_INT cdecl = nil;
   X509_NAME_ENTRY_get_object: function(const ne: PX509_NAME_ENTRY): PASN1_OBJECT cdecl = nil;
   X509_NAME_ENTRY_get_data: function(const ne: PX509_NAME_ENTRY): PASN1_STRING cdecl = nil;
   X509_NAME_ENTRY_set: function(const ne: PX509_NAME_ENTRY): TIdC_INT cdecl = nil;
@@ -909,7 +907,7 @@ procedure UnLoad;
   //                              const ASN1_OBJECT *obj, TIdC_INT lastpos, TIdC_INT type);
   X509_ATTRIBUTE_create_by_NID: function(attr: PPX509_ATTRIBUTE; nid: TIdC_INT; atrtype: TIdC_INT; const data: Pointer; len: TIdC_INT): PX509_ATTRIBUTE cdecl = nil;
   X509_ATTRIBUTE_create_by_OBJ: function(attr: PPX509_ATTRIBUTE; const obj: PASN1_OBJECT; atrtype: TIdC_INT; const data: Pointer; len: TIdC_INT): PX509_ATTRIBUTE cdecl = nil;
-  X509_ATTRIBUTE_create_by_txt: function(attr: PPX509_ATTRIBUTE; const atrname: PIdAnsiChar; &type: TIdC_INT; const bytes: PByte; len: TIdC_INT): PX509_ATTRIBUTE cdecl = nil;
+  X509_ATTRIBUTE_create_by_txt: function(attr: PPX509_ATTRIBUTE; const atrname: PIdAnsiChar; type_: TIdC_INT; const bytes: PByte; len: TIdC_INT): PX509_ATTRIBUTE cdecl = nil;
   X509_ATTRIBUTE_set1_object: function(attr: PX509_ATTRIBUTE; const obj: PASN1_OBJECT): TIdC_INT cdecl = nil;
   X509_ATTRIBUTE_set1_data: function(attr: PX509_ATTRIBUTE; attrtype: TIdC_INT; const data: Pointer; len: TIdC_INT): TIdC_INT cdecl = nil;
   X509_ATTRIBUTE_get0_data: function(attr: PX509_ATTRIBUTE; idx: TIdC_INT; atrtype: TIdC_INT; data: Pointer): Pointer cdecl = nil;
@@ -923,9 +921,9 @@ procedure UnLoad;
   EVP_PKEY_get_attr: function(const key: PEVP_PKEY; loc: TIdC_INT): PX509_ATTRIBUTE cdecl = nil;
   EVP_PKEY_delete_attr: function(key: PEVP_PKEY; loc: TIdC_INT): PX509_ATTRIBUTE cdecl = nil;
   EVP_PKEY_add1_attr: function(key: PEVP_PKEY; attr: PX509_ATTRIBUTE): TIdC_INT cdecl = nil;
-  EVP_PKEY_add1_attr_by_OBJ: function(key: PEVP_PKEY; const obj: PASN1_OBJECT; &type: TIdC_INT; const bytes: PByte; len: TIdC_INT): TIdC_INT cdecl = nil;
-  EVP_PKEY_add1_attr_by_NID: function(key: PEVP_PKEY; nid: TIdC_INT; &type: TIdC_INT; const bytes: PByte; len: TIdC_INT): TIdC_INT cdecl = nil;
-  EVP_PKEY_add1_attr_by_txt: function(key: PEVP_PKEY; const attrname: PIdAnsiChar; &type: TIdC_INT; const bytes: PByte; len: TIdC_INT): TIdC_INT cdecl = nil;
+  EVP_PKEY_add1_attr_by_OBJ: function(key: PEVP_PKEY; const obj: PASN1_OBJECT; type_: TIdC_INT; const bytes: PByte; len: TIdC_INT): TIdC_INT cdecl = nil;
+  EVP_PKEY_add1_attr_by_NID: function(key: PEVP_PKEY; nid: TIdC_INT; type_: TIdC_INT; const bytes: PByte; len: TIdC_INT): TIdC_INT cdecl = nil;
+  EVP_PKEY_add1_attr_by_txt: function(key: PEVP_PKEY; const attrname: PIdAnsiChar; type_: TIdC_INT; const bytes: PByte; len: TIdC_INT): TIdC_INT cdecl = nil;
 
   X509_verify_cert: function(ctx: PX509_STORE_CTX): TIdC_INT cdecl = nil;
 
@@ -962,7 +960,7 @@ procedure UnLoad;
 
   //const STACK_OF(X509_ATTRIBUTE) *
   //PKCS8_pkey_get0_attrs(const PKCS8_PRIV_KEY_INFO *p8);
-  PKCS8_pkey_add1_attr_by_NID: function(p8: PPKCS8_PRIV_KEY_INFO; nid: TIdC_INT; &type: TIdC_INT; const bytes: PByte; len: TIdC_INT): TIdC_INT cdecl = nil;
+  PKCS8_pkey_add1_attr_by_NID: function(p8: PPKCS8_PRIV_KEY_INFO; nid: TIdC_INT; type_: TIdC_INT; const bytes: PByte; len: TIdC_INT): TIdC_INT cdecl = nil;
 
   X509_PUBKEY_set0_param: function(pub: PX509_PUBKEY; aobj: PASN1_OBJECT; ptype: TIdC_INT; pval: Pointer; penc: PByte; penclen: TIdC_INT): TIdC_INT cdecl = nil;
   X509_PUBKEY_get0_param: function(ppkalg: PPASN1_OBJECT; const pk: PPByte; ppklen: PIdC_INT; pa: PPX509_ALGOR; pub: PX509_PUBKEY): TIdC_INT cdecl = nil;
@@ -980,7 +978,6 @@ procedure UnLoad;
 
 implementation
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 
   function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
@@ -1746,6 +1743,5 @@ procedure UnLoad;
   X509_TRUST_get0_name := nil;
   X509_TRUST_get_trust := nil;
 end;
-{$ENDREGION}
 
 end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_x509_vfy.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_x509_vfy.pas
index dc7f4d86a..7cfe8d858 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_x509_vfy.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_x509_vfy.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 15:01:04
+// Generation date: 28.10.2020 15:24:13
 
 unit IdOpenSSLHeaders_x509_vfy;
 
@@ -258,18 +258,16 @@ interface
   X509_LOOKUP_ctrl_fn = function(ctx: PX509_LOOKUP; cmd: TIdC_INT;
     const argc: PIdAnsiChar; argl: TIdC_LONG; ret: PPIdAnsiChar): TIdC_INT;
   X509_LOOKUP_get_by_subject_fn = function(ctx: PX509_LOOKUP;
-    &type: X509_LOOKUP_TYPE; name: PX509_NAME; ret: PX509_OBJECT): TIdC_INT;
+    type_: X509_LOOKUP_TYPE; name: PX509_NAME; ret: PX509_OBJECT): TIdC_INT;
   X509_LOOKUP_get_by_issuer_serial_fn = function(ctx: PX509_LOOKUP;
-    &type: X509_LOOKUP_TYPE; name: PX509_NAME; serial: PASN1_INTEGER; ret: PX509_OBJECT): TIdC_INT;
-  X509_LOOKUP_get_by_fingerprint_fn = function(ctx: PX509_LOOKUP; &type: X509_LOOKUP_TYPE;
+    type_: X509_LOOKUP_TYPE; name: PX509_NAME; serial: PASN1_INTEGER; ret: PX509_OBJECT): TIdC_INT;
+  X509_LOOKUP_get_by_fingerprint_fn = function(ctx: PX509_LOOKUP; type_: X509_LOOKUP_TYPE;
     const bytes: PByte; len: TIdC_INT; ret: PX509_OBJECT): TIdC_INT;
-  X509_LOOKUP_get_by_alias_fn = function(ctx: PX509_LOOKUP; &type: X509_LOOKUP_TYPE;
+  X509_LOOKUP_get_by_alias_fn = function(ctx: PX509_LOOKUP; type_: X509_LOOKUP_TYPE;
     const str: PIdAnsiChar; len: TIdC_INT; ret: PX509_OBJECT): TIdC_INT;
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 procedure UnLoad;
-{$ENDREGION}
 
 var
   //DEFINE_STACK_OF(X509_LOOKUP)
@@ -430,28 +428,28 @@ procedure UnLoad;
   X509_STORE_add_cert: function(ctx: PX509_STORE; x: PX509): TIdC_INT cdecl = nil;
   X509_STORE_add_crl: function(ctx: PX509_STORE; x: PX509_CRL): TIdC_INT cdecl = nil;
 
-  X509_STORE_CTX_get_by_subject: function(vs: PX509_STORE_CTX; &type: X509_LOOKUP_TYPE; name: PX509_NAME; ret: PX509_OBJECT): TIdC_INT cdecl = nil;
-  X509_STORE_CTX_get_obj_by_subject: function(vs: PX509_STORE_CTX; &type: X509_LOOKUP_TYPE; name: PX509_NAME): PX509_OBJECT cdecl = nil;
+  X509_STORE_CTX_get_by_subject: function(vs: PX509_STORE_CTX; type_: X509_LOOKUP_TYPE; name: PX509_NAME; ret: PX509_OBJECT): TIdC_INT cdecl = nil;
+  X509_STORE_CTX_get_obj_by_subject: function(vs: PX509_STORE_CTX; type_: X509_LOOKUP_TYPE; name: PX509_NAME): PX509_OBJECT cdecl = nil;
 
   X509_LOOKUP_ctrl: function(ctx: PX509_LOOKUP; cmd: TIdC_INT; const argc: PIdAnsiChar; argl: TIdC_LONG; ret: PPIdAnsiChar): TIdC_INT cdecl = nil;
 
-  X509_load_cert_file: function(ctx: PX509_LOOKUP; const &file: PIdAnsiChar; &type: TIdC_INT): TIdC_INT cdecl = nil;
-  X509_load_crl_file: function(ctx: PX509_LOOKUP; const &file: PIdAnsiChar; &type: TIdC_INT): TIdC_INT cdecl = nil;
-  X509_load_cert_crl_file: function(ctx: PX509_LOOKUP; const &file: PIdAnsiChar; &type: TIdC_INT): TIdC_INT cdecl = nil;
+  X509_load_cert_file: function(ctx: PX509_LOOKUP; const file_: PIdAnsiChar; type_: TIdC_INT): TIdC_INT cdecl = nil;
+  X509_load_crl_file: function(ctx: PX509_LOOKUP; const file_: PIdAnsiChar; type_: TIdC_INT): TIdC_INT cdecl = nil;
+  X509_load_cert_crl_file: function(ctx: PX509_LOOKUP; const file_: PIdAnsiChar; type_: TIdC_INT): TIdC_INT cdecl = nil;
 
   X509_LOOKUP_new: function(method: PX509_LOOKUP_METHOD): PX509_LOOKUP cdecl = nil;
   X509_LOOKUP_free: procedure(ctx: PX509_LOOKUP) cdecl = nil;
   X509_LOOKUP_init: function(ctx: PX509_LOOKUP): TIdC_INT cdecl = nil;
-  X509_LOOKUP_by_subject: function(ctx: PX509_LOOKUP; &type: X509_LOOKUP_TYPE; name: PX509_NAME; ret: PX509_OBJECT): TIdC_INT cdecl = nil;
-  X509_LOOKUP_by_issuer_serial: function(ctx: PX509_LOOKUP; &type: X509_LOOKUP_TYPE; name: PX509_NAME; serial: PASN1_INTEGER; ret: PX509_OBJECT): TIdC_INT cdecl = nil;
-  X509_LOOKUP_by_fingerprint: function(ctx: PX509_LOOKUP; &type: X509_LOOKUP_TYPE; const bytes: PByte; len: TIdC_INT; ret: PX509_OBJECT): TIdC_INT cdecl = nil;
-  X509_LOOKUP_by_alias: function(ctx: PX509_LOOKUP; &type: X509_LOOKUP_TYPE; const str: PIdAnsiChar; len: TIdC_INT; ret: PX509_OBJECT): TIdC_INT cdecl = nil;
+  X509_LOOKUP_by_subject: function(ctx: PX509_LOOKUP; type_: X509_LOOKUP_TYPE; name: PX509_NAME; ret: PX509_OBJECT): TIdC_INT cdecl = nil;
+  X509_LOOKUP_by_issuer_serial: function(ctx: PX509_LOOKUP; type_: X509_LOOKUP_TYPE; name: PX509_NAME; serial: PASN1_INTEGER; ret: PX509_OBJECT): TIdC_INT cdecl = nil;
+  X509_LOOKUP_by_fingerprint: function(ctx: PX509_LOOKUP; type_: X509_LOOKUP_TYPE; const bytes: PByte; len: TIdC_INT; ret: PX509_OBJECT): TIdC_INT cdecl = nil;
+  X509_LOOKUP_by_alias: function(ctx: PX509_LOOKUP; type_: X509_LOOKUP_TYPE; const str: PIdAnsiChar; len: TIdC_INT; ret: PX509_OBJECT): TIdC_INT cdecl = nil;
   X509_LOOKUP_set_method_data: function(ctx: PX509_LOOKUP; data: Pointer): TIdC_INT cdecl = nil;
   X509_LOOKUP_get_method_data: function(const ctx: PX509_LOOKUP): Pointer cdecl = nil;
   X509_LOOKUP_get_store: function(const ctx: PX509_LOOKUP): PX509_STORE cdecl = nil;
   X509_LOOKUP_shutdown: function(ctx: PX509_LOOKUP): TIdC_INT cdecl = nil;
 
-  X509_STORE_load_locations: function(ctx: PX509_STORE; const &file: PIdAnsiChar; const dir: PIdAnsiChar): TIdC_INT cdecl = nil;
+  X509_STORE_load_locations: function(ctx: PX509_STORE; const file_: PIdAnsiChar; const dir: PIdAnsiChar): TIdC_INT cdecl = nil;
   X509_STORE_set_default_paths: function(ctx: PX509_STORE): TIdC_INT cdecl = nil;
 
   //#define X509_STORE_CTX_get_ex_new_index(l, p, newf, dupf, freef) \
@@ -565,7 +563,6 @@ procedure UnLoad;
 
 implementation
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 
   function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
@@ -897,6 +894,5 @@ procedure UnLoad;
   X509_policy_node_get0_policy := nil;
   X509_policy_node_get0_parent := nil;
 end;
-{$ENDREGION}
 
 end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_x509err.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_x509err.pas
index d95f7ab3f..0abe7e891 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_x509err.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_x509err.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 15:01:04
+// Generation date: 28.10.2020 15:24:13
 
 unit IdOpenSSLHeaders_x509err;
 
@@ -153,17 +153,14 @@ interface
   X509_R_WRONG_LOOKUP_TYPE                  = 112;
   X509_R_WRONG_TYPE                         = 122;
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 procedure UnLoad;
-{$ENDREGION}
 
 var
   ERR_load_X509_strings: function: TIdC_INT cdecl = nil;
 
 implementation
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 
   function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
@@ -181,6 +178,5 @@ procedure UnLoad;
 begin
   ERR_load_X509_strings := nil;
 end;
-{$ENDREGION}
 
 end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_x509v3.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_x509v3.pas
index 3f142ff2f..8eacd6e4a 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_x509v3.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_x509v3.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 11.05.2020 08:36:42
+// Generation date: 28.10.2020 15:24:13
 
 unit IdOpenSSLHeaders_x509v3;
 
@@ -47,8 +47,7 @@ interface
   IdOpenSSLHeaders_ossl_typ,
   IdOpenSSLHeaders_asn1,
   IdOpenSSLHeaders_asn1t,
-  IdOpenSSLHeaders_x509,
-  System.Types;
+  IdOpenSSLHeaders_x509;
 
 const
   (* ext_flags values *)
@@ -263,7 +262,7 @@ interface
 //                                  STACK_OF(CONF_VALUE) *values);
   //X509V3_EXT_I2S = function(method: Pv3_ext_method; ext: Pointer): PIdAnsiChar; cdecl;
   //X509V3_EXT_S2I = function(method: Pv3_ext_method; ctx: Pv3_ext_ctx; const str: PIdAnsiChar): Pointer; cdecl;
-  //X509V3_EXT_I2R = function(const method: Pv3_ext_method; ext: Pointer; &out: PBIO; indent: TIdC_INT): TIdC_INT; cdecl;
+  //X509V3_EXT_I2R = function(const method: Pv3_ext_method; ext: Pointer; out_: PBIO; indent: TIdC_INT): TIdC_INT; cdecl;
   //X509V3_EXT_R2I = function(const method: Pv3_ext_method; ctx: Pv3_ext_ctx; const str: PIdAnsiChar): Pointer; cdecl;
 
 //  (* V3 extension structure *)
@@ -343,7 +342,7 @@   EDIPartyName_st  = record
   PEDIPARTYNAME = ^EDIPARTYNAME;
 
   GENERAL_NAME_st_union = record
-    case DWORD of
+    case TIdC_INT of
       0: (ptr: PIdAnsiChar);
       1: (otherName: POTHERNAME);   (* otherName *)
       2: (rfc822Name: PASN1_IA5STRING);
@@ -363,7 +362,7 @@   GENERAL_NAME_st_union = record
       14: (other: PASN1_TYPE);       (* x400Address *)
   end;
   GENERAL_NAME_st = record
-    &type: TIdC_INT;
+    type_: TIdC_INT;
     d: GENERAL_NAME_st_union;
   end;
   GENERAL_NAME = GENERAL_NAME_st;
@@ -388,12 +387,12 @@   ACCESS_DESCRIPTION_st = record
 
 //  DEFINE_STACK_OF(ACCESS_DESCRIPTION)
 //  DIST_POINT_NAME_st_union = record
-//    case DWord of
+//    case TIdC_INT of
 //      0: (GENERAL_NAMES *fullname);
 //      1: (STACK_OF(X509_NAME_ENTRY) *relativename);
 //  end;
   DIST_POINT_NAME_st = record
-    &type: TIdC_INT;
+    type_: TIdC_INT;
     (* If relativename then this contains the full distribution point name *)
     dpname: PX509_NAME;
   end;
@@ -450,7 +449,7 @@ //  USERNOTICE_st = record
 //  PUSERNOTICE = ^USERNOTICE;
 
 //  POLICYQUALINFO_st_union = record
-//    case DWord of
+//    case TIdC_INT of
 //      0: (cpsuri: PASN1_IA5STRING);
 //      1: (usernotice: PUSERNOTICE);
 //      2: (other: PASN1_TYPE);
@@ -576,8 +575,8 @@   ASRange_st = record
   PASRange = ^ASRange;
 
   ASIdOrRange_st = record
-    &type: TIdC_INT;
-    case u: DWord of
+    type_: TIdC_INT;
+    case u: TIdC_INT of
       0: (id: PASN1_INTEGER);
       1: (range: PASRange);
   end;
@@ -587,8 +586,8 @@   ASIdOrRange_st = record
 //  DEFINE_STACK_OF(ASIdOrRange)
 
 //  ASIdentifierChoice_st = record
-//    &type: TIdC_INT;
-//    case u: DWORD of
+//    type_: TIdC_INT;
+//    case u: TIdC_INT of
 //      0: (inherit: PASN1_NULL);
 //      1: (asIdsOrRanges: PASIdOrRanges);
 //  end;
@@ -613,8 +612,8 @@   IPAddressRange_st = record
   PIPAddressRange = ^IPAddressRange;
 
   IPAddressOrRange_st = record
-    &type: TIdC_INT;
-    case u: DWORD of
+    type_: TIdC_INT;
+    case u: TIdC_INT of
       0: (addressPrefix: PASN1_BIT_STRING);
       1: (addressRange: PIPAddressRange);
   end;
@@ -625,8 +624,8 @@   IPAddressOrRange_st = record
 //  DEFINE_STACK_OF(IPAddressOrRange)
 
 //  IPAddressChoice_st = record
-//    &type: TIdC_INT;
-//    case u: DWORD of
+//    type_: TIdC_INT;
+//    case u: TIdC_INT of
 //      0: (inherit: PASN1_NULL);
 //      1: (addressesOrRanges: PIPAddressOrRanges);
 //  end;
@@ -671,10 +670,8 @@ //  IPAddressFamily_st = record
 //  DEFINE_STACK_OF(PROFESSION_INFO)
 //  typedef STACK_OF(PROFESSION_INFO) PROFESSION_INFOS;
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 procedure UnLoad;
-{$ENDREGION}
 
 var
 //  function SXNET_add_id_asc(psx: PPSXNET; const zone: PIdAnsiChar; const user: PIdAnsiChar; userlen: TIdC_INT): TIdC_INT;
@@ -709,7 +706,7 @@ procedure UnLoad;
 //  DECLARE_ASN1_FUNCTIONS(OTHERNAME)
 //  DECLARE_ASN1_FUNCTIONS(EDIPARTYNAME)
   OTHERNAME_cmp: function(a: POTHERNAME; b: POTHERNAME): TIdC_INT cdecl = nil;
-  GENERAL_NAME_set0_value: procedure(a: PGENERAL_NAME; &type: TIdC_INT; value: Pointer) cdecl = nil;
+  GENERAL_NAME_set0_value: procedure(a: PGENERAL_NAME; type_: TIdC_INT; value: Pointer) cdecl = nil;
   GENERAL_NAME_get0_value: function(const a: PGENERAL_NAME; ptype: PIdC_INT): Pointer cdecl = nil;
   GENERAL_NAME_set0_othername: function(gen: PGENERAL_NAME; oid: PASN1_OBJECT; value: PASN1_TYPE): TIdC_INT cdecl = nil;
   GENERAL_NAME_get0_otherName: function(const gen: PGENERAL_NAME; poid: PPASN1_OBJECT; pvalue: PPASN1_TYPE): TIdC_INT cdecl = nil;
@@ -913,9 +910,9 @@ procedure UnLoad;
   NAMING_AUTHORITY_set0_authorityURL: procedure(n: PNAMING_AUTHORITY; namingAuthorityUrl: PASN1_IA5STRING) cdecl = nil;
   NAMING_AUTHORITY_set0_authorityText: procedure(n: PNAMING_AUTHORITY; namingAuthorityText: PASN1_STRING) cdecl = nil;
 
-  ADMISSION_SYNTAX_get0_admissionAuthority: function(const &as: ADMISSION_SYNTAX): PGENERAL_NAME cdecl = nil;
+  ADMISSION_SYNTAX_get0_admissionAuthority: function(const as_: ADMISSION_SYNTAX): PGENERAL_NAME cdecl = nil;
   ADMISSION_SYNTAX_set0_admissionAuthority: procedure(&as: ADMISSION_SYNTAX; aa: PGENERAL_NAME) cdecl = nil;
-//  const STACK_OF(ADMISSIONS) *ADMISSION_SYNTAX_get0_contentsOfAdmissions(const &as: ADMISSION_SYNTAX);
+//  const STACK_OF(ADMISSIONS) *ADMISSION_SYNTAX_get0_contentsOfAdmissions(const as_: ADMISSION_SYNTAX);
 //  void ADMISSION_SYNTAX_set0_contentsOfAdmissions(&as: ADMISSION_SYNTAX; STACK_OF(ADMISSIONS) *a);
   ADMISSIONS_get0_admissionAuthority: function(const a: PADMISSIONS): PGENERAL_NAME cdecl = nil;
   ADMISSIONS_set0_admissionAuthority: procedure(a: PADMISSIONS; aa: PGENERAL_NAME) cdecl = nil;
@@ -937,7 +934,6 @@ procedure UnLoad;
 
 implementation
 
-{$REGION 'Generated loading and unloading methods'}
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 
   function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
@@ -1119,6 +1115,5 @@ procedure UnLoad;
   PROFESSION_INFO_get0_registrationNumber := nil;
   PROFESSION_INFO_set0_registrationNumber := nil;
 end;
-{$ENDREGION}
 
 end.
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_aes.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_aes.pas
index fa9b59727..b068288fd 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_aes.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_aes.pas
@@ -1,4 +1,4 @@
-{******************************************************************************}
+{******************************************************************************}
 {                                                                              }
 {            Indy (Internet Direct) - Internet Protocols Simplified            }
 {                                                                              }
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 14:51:27
+// Generation date: 28.10.2020 15:24:33
 
 unit IdOpenSSLHeaders_aes;
 
@@ -70,22 +70,22 @@   aes_key_st = record
   function AES_set_encrypt_key(const userKey: PByte; const bits: TIdC_INT; const key: PAES_KEY): TIdC_INT cdecl; external CLibCrypto;
   function AES_set_decrypt_key(const userKey: PByte; const bits: TIdC_INT; const key: PAES_KEY): TIdC_INT cdecl; external CLibCrypto;
 
-  procedure AES_encrypt(const &in: PByte; &out: PByte; const key: PAES_KEY) cdecl; external CLibCrypto;
-  procedure AES_decrypt(const &in: PByte; &out: PByte; const key: PAES_KEY) cdecl; external CLibCrypto;
+  procedure AES_encrypt(const in_: PByte; out_: PByte; const key: PAES_KEY) cdecl; external CLibCrypto;
+  procedure AES_decrypt(const in_: PByte; out_: PByte; const key: PAES_KEY) cdecl; external CLibCrypto;
 
-  procedure AES_ecb_encrypt(const &in: PByte; &out: PByte; const key: PAES_KEY; const enc: TIdC_INT) cdecl; external CLibCrypto;
-  procedure AES_cbc_encrypt(const &in: PByte; &out: PByte; length: TIdC_SIZET; const key: PAES_KEY; ivec: PByte; const enc: TIdC_INT) cdecl; external CLibCrypto;
-  procedure AES_cfb128_encrypt(const &in: PByte; &out: PByte; length: TIdC_SIZET; const key: PAES_KEY; ivec: PByte; num: PIdC_INT; const enc: TIdC_INT) cdecl; external CLibCrypto;
-  procedure AES_cfb1_encrypt(const &in: PByte; &out: PByte; length: TIdC_SIZET; const key: PAES_KEY; ivec: PByte; num: PIdC_INT; const enc: TIdC_INT) cdecl; external CLibCrypto;
-  procedure AES_cfb8_encrypt(const &in: PByte; &out: PByte; length: TIdC_SIZET; const key: PAES_KEY; ivec: PByte; num: PIdC_INT; const enc: TIdC_INT) cdecl; external CLibCrypto;
-  procedure AES_ofb128_encrypt(const &in: PByte; &out: PByte; length: TIdC_SIZET; const key: PAES_KEY; ivec: PByte; num: PIdC_INT) cdecl; external CLibCrypto;
+  procedure AES_ecb_encrypt(const in_: PByte; out_: PByte; const key: PAES_KEY; const enc: TIdC_INT) cdecl; external CLibCrypto;
+  procedure AES_cbc_encrypt(const in_: PByte; out_: PByte; length: TIdC_SIZET; const key: PAES_KEY; ivec: PByte; const enc: TIdC_INT) cdecl; external CLibCrypto;
+  procedure AES_cfb128_encrypt(const in_: PByte; out_: PByte; length: TIdC_SIZET; const key: PAES_KEY; ivec: PByte; num: PIdC_INT; const enc: TIdC_INT) cdecl; external CLibCrypto;
+  procedure AES_cfb1_encrypt(const in_: PByte; out_: PByte; length: TIdC_SIZET; const key: PAES_KEY; ivec: PByte; num: PIdC_INT; const enc: TIdC_INT) cdecl; external CLibCrypto;
+  procedure AES_cfb8_encrypt(const in_: PByte; out_: PByte; length: TIdC_SIZET; const key: PAES_KEY; ivec: PByte; num: PIdC_INT; const enc: TIdC_INT) cdecl; external CLibCrypto;
+  procedure AES_ofb128_encrypt(const in_: PByte; out_: PByte; length: TIdC_SIZET; const key: PAES_KEY; ivec: PByte; num: PIdC_INT) cdecl; external CLibCrypto;
   (* NB: the IV is _two_ blocks long *)
-  procedure AES_ige_encrypt(const &in: PByte; &out: PByte; length: TIdC_SIZET; const key: PAES_KEY; ivec: PByte; const enc: TIdC_INT) cdecl; external CLibCrypto;
+  procedure AES_ige_encrypt(const in_: PByte; out_: PByte; length: TIdC_SIZET; const key: PAES_KEY; ivec: PByte; const enc: TIdC_INT) cdecl; external CLibCrypto;
   (* NB: the IV is _four_ blocks long *)
-  procedure AES_bi_ige_encrypt(const &in: PByte; &out: PByte; length: TIdC_SIZET; const key: PAES_KEY; const key2: PAES_KEY; ivec: PByte; const enc: TIdC_INT) cdecl; external CLibCrypto;
+  procedure AES_bi_ige_encrypt(const in_: PByte; out_: PByte; length: TIdC_SIZET; const key: PAES_KEY; const key2: PAES_KEY; ivec: PByte; const enc: TIdC_INT) cdecl; external CLibCrypto;
 
-  function AES_wrap_key(key: PAES_KEY; const iv: PByte; &out: PByte; const &in: PByte; inlen: TIdC_UINT): TIdC_INT cdecl; external CLibCrypto;
-  function AES_unwrap_key(key: PAES_KEY; const iv: PByte; &out: PByte; const &in: PByte; inlen: TIdC_UINT): TIdC_INT cdecl; external CLibCrypto;
+  function AES_wrap_key(key: PAES_KEY; const iv: PByte; out_: PByte; const in_: PByte; inlen: TIdC_UINT): TIdC_INT cdecl; external CLibCrypto;
+  function AES_unwrap_key(key: PAES_KEY; const iv: PByte; out_: PByte; const in_: PByte; inlen: TIdC_UINT): TIdC_INT cdecl; external CLibCrypto;
 
 implementation
 
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_asn1.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_asn1.pas
index ba27618f9..b5dd019c2 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_asn1.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_asn1.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 14:51:27
+// Generation date: 28.10.2020 15:24:33
 
 unit IdOpenSSLHeaders_asn1;
 
@@ -262,7 +262,7 @@ interface
 ///(* This is the base type that holds just about everything :-) *)
 //  asn1_string_st = record
 //    length: TIdC_int;
-//    &type: TIdC_int;
+//    type_: TIdC_int;
 //    data: PByte;
 //    (*
 //     * The value of the following field depends on the type being held.  It
@@ -467,8 +467,8 @@   BIT_STRING_BITNAME_st = record
 
 // DECLARE_ASN1_FUNCTIONS_fname(ASN1_TYPE, ASN1_ANY, ASN1_TYPE)
   function ASN1_TYPE_get(const a: PASN1_TYPE): TIdC_INT cdecl; external CLibCrypto;
-  procedure ASN1_TYPE_set(a: PASN1_TYPE; &type: TIdC_INT; value: Pointer) cdecl; external CLibCrypto;
-  function ASN1_TYPE_set1(a: PASN1_TYPE; &type: TIdC_INT; const value: Pointer): TIdC_INT cdecl; external CLibCrypto;
+  procedure ASN1_TYPE_set(a: PASN1_TYPE; type_: TIdC_INT; value: Pointer) cdecl; external CLibCrypto;
+  function ASN1_TYPE_set1(a: PASN1_TYPE; type_: TIdC_INT; const value: Pointer): TIdC_INT cdecl; external CLibCrypto;
   function ASN1_TYPE_cmp(const a: PASN1_TYPE; const b: PASN1_TYPE): TIdC_INT cdecl; external CLibCrypto;
 
   function ASN1_TYPE_pack_sequence(const it: PASN1_ITEM; s: Pointer; t: PPASN1_TYPE): PASN1_TYPE cdecl; external CLibCrypto;
@@ -530,7 +530,7 @@   BIT_STRING_BITNAME_st = record
   function ASN1_GENERALIZEDTIME_adj(s: PASN1_GENERALIZEDTIME; t: TIdC_TIMET; offset_day: TIdC_INT; offset_sec: TIdC_LONG): PASN1_GENERALIZEDTIME cdecl; external CLibCrypto;
   function ASN1_GENERALIZEDTIME_set_string(s: pASN1_GENERALIZEDTIME; const str: PAnsiChar): TIdC_INT cdecl; external CLibCrypto;
 
-  function ASN1_TIME_diff(pday: PIdC_INT; psec: PIdC_INT; const from: PASN1_TIME; const &to: PASN1_TIME): TIdC_INT cdecl; external CLibCrypto;
+  function ASN1_TIME_diff(pday: PIdC_INT; psec: PIdC_INT; const from: PASN1_TIME; const to_: PASN1_TIME): TIdC_INT cdecl; external CLibCrypto;
 
   // DECLARE_ASN1_FUNCTIONS(ASN1_OCTET_STRING)
   function ASN1_OCTET_STRING_dup(const a: PASN1_OCTET_STRING): PASN1_OCTET_STRING cdecl; external CLibCrypto;
@@ -563,7 +563,7 @@   BIT_STRING_BITNAME_st = record
   function ASN1_TIME_set(s: PASN1_TIME; t: TIdC_TIMET): PASN1_TIME cdecl; external CLibCrypto;
   function ASN1_TIME_adj(s: PASN1_TIME; t: TIdC_TIMET; offset_day: TIdC_INT; offset_sec: TIdC_LONG): PASN1_TIME cdecl; external CLibCrypto;
   function ASN1_TIME_check(const t: PASN1_TIME): TIdC_INT cdecl; external CLibCrypto;
-  function ASN1_TIME_to_generalizedtime(const t: PASN1_TIME; &out: PPASN1_GENERALIZEDTIME): PASN1_GENERALIZEDTIME cdecl; external CLibCrypto;
+  function ASN1_TIME_to_generalizedtime(const t: PASN1_TIME; out_: PPASN1_GENERALIZEDTIME): PASN1_GENERALIZEDTIME cdecl; external CLibCrypto;
   function ASN1_TIME_set_string(s: PASN1_TIME; const str: PIdAnsiChar): TIdC_INT cdecl; external CLibCrypto;
   function ASN1_TIME_set_string_X509(s: PASN1_TIME; const str: PIdAnsiChar): TIdC_INT cdecl; external CLibCrypto;
   function ASN1_TIME_to_tm(const s: PASN1_TIME; tm: PIdC_TM): TIdC_INT cdecl; external CLibCrypto;
@@ -577,7 +577,7 @@   BIT_STRING_BITNAME_st = record
   function a2i_ASN1_ENUMERATED(bp: PBIO; bs: PASN1_ENUMERATED; buf: PIdAnsiChar; size: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
   function i2a_ASN1_OBJECT(bp: PBIO; const a: PASN1_OBJECT): TIdC_INT cdecl; external CLibCrypto;
   function a2i_ASN1_STRING(bp: PBIO; bs: PASN1_STRING; buf: PAnsiChar; size: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
-  function i2a_ASN1_STRING(bp: PBIO; const a: PASN1_STRING; &type: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function i2a_ASN1_STRING(bp: PBIO; const a: PASN1_STRING; type_: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
   function i2t_ASN1_OBJECT(buf: PAnsiChar; buf_len: TIdC_INT; const a: PASN1_OBJECT): TIdC_INT cdecl; external CLibCrypto;
 
   function a2d_ASN1_OBJECT(&out: PByte; olen: TIdC_INT; const buf: PIdAnsiChar; num: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
@@ -646,8 +646,8 @@   BIT_STRING_BITNAME_st = record
   //                        in, \
   //                        CHECKED_PPTR_OF(type, x)))
   //
-  //function ASN1_item_d2i_fp(const it: PASN1_ITEM; &in: PFILE; x: Pointer): Pointer;
-  //function ASN1_i2d_fp(i2d: Pi2d_of_void; &out: PFILE; x: Pointer): TIdC_INT;
+  //function ASN1_item_d2i_fp(const it: PASN1_ITEM; in_: PFILE; x: Pointer): Pointer;
+  //function ASN1_i2d_fp(i2d: Pi2d_of_void; out_: PFILE; x: Pointer): TIdC_INT;
   //
   //#  define ASN1_i2d_fp_of(type,i2d,out,x) \
   //    (ASN1_i2d_fp(CHECKED_I2D_OF(type, i2d), \
@@ -659,11 +659,11 @@   BIT_STRING_BITNAME_st = record
   //                 out, \
   //                 CHECKED_PTR_OF(const type, x)))
   //
-  //function ASN1_item_i2d_fp(const it: PASN1_ITEM; &out: PFILE; x: Pointer): TIdC_INT;
+  //function ASN1_item_i2d_fp(const it: PASN1_ITEM; out_: PFILE; x: Pointer): TIdC_INT;
   //function ASN1_STRING_print_ex_fp(&fp: PFILE; const str: PASN1_STRING; flags: TIdC_ULONG): TIdC_INT;
   //# endif
 
-  function ASN1_STRING_to_UTF8(&out: PPByte; const &in: PASN1_STRING): TIdC_INT cdecl; external CLibCrypto;
+  function ASN1_STRING_to_UTF8(&out: PPByte; const in_: PASN1_STRING): TIdC_INT cdecl; external CLibCrypto;
 
   //void *ASN1_d2i_bio(void *(*xnew) (void), d2i_of_void *d2i, BIO *in, void **x);
 
@@ -673,8 +673,8 @@   BIT_STRING_BITNAME_st = record
   //                          in, \
   //                          CHECKED_PPTR_OF(type, x)))
 
-  function ASN1_item_d2i_bio(const it: PASN1_ITEM; &in: PBIO; x: Pointer): Pointer cdecl; external CLibCrypto;
-  function ASN1_i2d_bio(i2d: Pi2d_of_void; &out: PBIO; x: PByte): TIdC_INT cdecl; external CLibCrypto;
+  function ASN1_item_d2i_bio(const it: PASN1_ITEM; in_: PBIO; x: Pointer): Pointer cdecl; external CLibCrypto;
+  function ASN1_i2d_bio(i2d: Pi2d_of_void; out_: PBIO; x: PByte): TIdC_INT cdecl; external CLibCrypto;
 
   //#  define ASN1_i2d_bio_of(type,i2d,out,x) \
   //    (ASN1_i2d_bio(CHECKED_I2D_OF(type, i2d), \
@@ -686,7 +686,7 @@   BIT_STRING_BITNAME_st = record
   //                  out, \
   //                  CHECKED_PTR_OF(const type, x)))
 
-  function ASN1_item_i2d_bio(const it: PASN1_ITEM; &out: PBIO; x: Pointer): TIdC_INT cdecl; external CLibCrypto;
+  function ASN1_item_i2d_bio(const it: PASN1_ITEM; out_: PBIO; x: Pointer): TIdC_INT cdecl; external CLibCrypto;
   function ASN1_UTCTIME_print(fp: PBIO; const a: PASN1_UTCTIME): TIdC_INT cdecl; external CLibCrypto;
   function ASN1_GENERALIZEDTIME_print(fp: PBIO; const a: PASN1_GENERALIZEDTIME): TIdC_INT cdecl; external CLibCrypto;
   function ASN1_TIME_print(fp: PBIO; const a: PASN1_TIME): TIdC_INT cdecl; external CLibCrypto;
@@ -714,10 +714,10 @@   BIT_STRING_BITNAME_st = record
   procedure ASN1_STRING_set_default_mask(mask: TIdC_ULONG) cdecl; external CLibCrypto;
   function ASN1_STRING_set_default_mask_asc(const p: PAnsiChar): TIdC_INT cdecl; external CLibCrypto;
   function ASN1_STRING_get_default_mask: TIdC_ULONG cdecl; external CLibCrypto;
-  function ASN1_mbstring_copy(&out: PPASN1_STRING; const &in: PByte; len: TIdC_INT; inform: TIdC_INT; mask: TIdC_ULONG): TIdC_INT cdecl; external CLibCrypto;
-  function ASN1_mbstring_ncopy(&out: PPASN1_STRING; const &in: PByte; len: TIdC_INT; inform: TIdC_INT; mask: TIdC_ULONG; minsize: TIdC_LONG; maxsize: TIdC_LONG): TIdC_INT cdecl; external CLibCrypto;
+  function ASN1_mbstring_copy(&out: PPASN1_STRING; const in_: PByte; len: TIdC_INT; inform: TIdC_INT; mask: TIdC_ULONG): TIdC_INT cdecl; external CLibCrypto;
+  function ASN1_mbstring_ncopy(&out: PPASN1_STRING; const in_: PByte; len: TIdC_INT; inform: TIdC_INT; mask: TIdC_ULONG; minsize: TIdC_LONG; maxsize: TIdC_LONG): TIdC_INT cdecl; external CLibCrypto;
 
-  function ASN1_STRING_set_by_NID(&out: PPASN1_STRING; const &in: PByte; inlen: TIdC_INT; inform: TIdC_INT; nid: TIdC_INT): PASN1_STRING cdecl; external CLibCrypto;
+  function ASN1_STRING_set_by_NID(&out: PPASN1_STRING; const in_: PByte; inlen: TIdC_INT; inform: TIdC_INT; nid: TIdC_INT): PASN1_STRING cdecl; external CLibCrypto;
   function ASN1_STRING_TABLE_get(nid: TIdC_INT): PASN1_STRING_TABLE cdecl; external CLibCrypto;
   function ASN1_STRING_TABLE_add(v1: TIdC_INT; v2: TIdC_LONG; v3: TIdC_LONG; v4: TIdC_ULONG; v5: TIdC_ULONG): TIdC_INT cdecl; external CLibCrypto;
   procedure ASN1_STRING_TABLE_cleanup cdecl; external CLibCrypto;
@@ -727,9 +727,9 @@   BIT_STRING_BITNAME_st = record
   (* Old API compatible functions *)
   function ASN1_item_new(const it: PASN1_ITEM): PASN1_VALUE cdecl; external CLibCrypto;
   procedure ASN1_item_free(val: PASN1_VALUE; const it: PASN1_ITEM) cdecl; external CLibCrypto;
-  function ASN1_item_d2i(val: PPASN1_VALUE; const &in: PPByte; len: TIdC_LONG; const it: PASN1_ITEM): PASN1_VALUE cdecl; external CLibCrypto;
-  function ASN1_item_i2d(val: PASN1_VALUE; &out: PPByte; const it: PASN1_ITEM): TIdC_INT cdecl; external CLibCrypto;
-  function ASN1_item_ndef_i2d(val: PASN1_VALUE; &out: PPByte; const it: PASN1_ITEM): TIdC_INT cdecl; external CLibCrypto;
+  function ASN1_item_d2i(val: PPASN1_VALUE; const in_: PPByte; len: TIdC_LONG; const it: PASN1_ITEM): PASN1_VALUE cdecl; external CLibCrypto;
+  function ASN1_item_i2d(val: PASN1_VALUE; out_: PPByte; const it: PASN1_ITEM): TIdC_INT cdecl; external CLibCrypto;
+  function ASN1_item_ndef_i2d(val: PASN1_VALUE; out_: PPByte; const it: PASN1_ITEM): TIdC_INT cdecl; external CLibCrypto;
 
   procedure ASN1_add_oid_module cdecl; external CLibCrypto;
   procedure ASN1_add_stable_module cdecl; external CLibCrypto;
@@ -764,14 +764,14 @@   BIT_STRING_BITNAME_st = record
 
   function BIO_new_NDEF(&out: PBIO; val: PASN1_VALUE; const it: PASN1_ITEM): PBIO cdecl; external CLibCrypto;
 
-  function i2d_ASN1_bio_stream(&out: PBIO; val: PASN1_VALUE; &in: PBIO; flags: TIdC_INT; const it: PASN1_ITEM): TIdC_INT cdecl; external CLibCrypto;
-  function PEM_write_bio_ASN1_stream(&out: PBIO; val: PASN1_VALUE; &in: PBIO; flags: TIdC_INT; const hdr: PAnsiChar; const it: PASN1_ITEM): TIdC_INT cdecl; external CLibCrypto;
+  function i2d_ASN1_bio_stream(&out: PBIO; val: PASN1_VALUE; in_: PBIO; flags: TIdC_INT; const it: PASN1_ITEM): TIdC_INT cdecl; external CLibCrypto;
+  function PEM_write_bio_ASN1_stream(&out: PBIO; val: PASN1_VALUE; in_: PBIO; flags: TIdC_INT; const hdr: PAnsiChar; const it: PASN1_ITEM): TIdC_INT cdecl; external CLibCrypto;
   //function SMIME_write_ASN1(bio: PBIO; val: PASN1_VALUE; data: PBIO; flags: TIdC_INT;
   //                     ctype_nid: TIdC_INT; econt_nid: TIdC_INT;
   //                     STACK_OF(X509_ALGOR) *mdalgs, const ASN1_ITEM *it): TIdC_INT;
   function SMIME_read_ASN1(bio: PBIO; bcont: PPBIO; const it: PASN1_ITEM): PASN1_VALUE cdecl; external CLibCrypto;
-  function SMIME_crlf_copy(&in: PBIO; &out: PBIO; flags: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
-  function SMIME_text(&in: PBIO; &out: PBIO): TIdC_INT cdecl; external CLibCrypto;
+  function SMIME_crlf_copy(&in: PBIO; out_: PBIO; flags: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function SMIME_text(&in: PBIO; out_: PBIO): TIdC_INT cdecl; external CLibCrypto;
 
   function ASN1_ITEM_lookup(const name: PIdAnsiChar): PASN1_ITEM cdecl; external CLibCrypto;
   function ASN1_ITEM_get(i: TIdC_SIZET): PASN1_ITEM cdecl; external CLibCrypto;
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_asn1_mac.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_asn1_mac.pas
index a2f07b421..3fdb39e29 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_asn1_mac.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_asn1_mac.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 14:51:27
+// Generation date: 28.10.2020 15:24:33
 
 unit IdOpenSSLHeaders_asn1_mac;
 
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_asn1err.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_asn1err.pas
index 11f84826c..1cb653cc5 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_asn1err.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_asn1err.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 14:51:27
+// Generation date: 28.10.2020 15:24:33
 
 unit IdOpenSSLHeaders_asn1err;
 
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_asn1t.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_asn1t.pas
index 2d753f62a..617440065 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_asn1t.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_asn1t.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 14:51:27
+// Generation date: 28.10.2020 15:24:33
 
 unit IdOpenSSLHeaders_asn1t;
 
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_async.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_async.pas
index 8e03a4085..c99e6f6c9 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_async.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_async.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 14:51:27
+// Generation date: 28.10.2020 15:24:33
 
 unit IdOpenSSLHeaders_async;
 
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_asyncerr.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_asyncerr.pas
index 5d05f407f..2a2ac98b2 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_asyncerr.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_asyncerr.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 14:51:27
+// Generation date: 28.10.2020 15:24:33
 
 unit IdOpenSSLHeaders_asyncerr;
 
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_bio.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_bio.pas
index bdabf021b..dde75c866 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_bio.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_bio.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 14:51:27
+// Generation date: 28.10.2020 15:24:33
 
 unit IdOpenSSLHeaders_bio;
 
@@ -49,14 +49,11 @@ interface
 
 const
   (* There are the classes of BIOs *)
-  {$REGION 'BIO_TYPE_*'}
   BIO_TYPE_DESCRIPTOR = $0100;
   BIO_TYPE_FILTER = $0200;
   BIO_TYPE_SOURCE_SINK = $0400;
-  {$ENDREGION}
 
   (* These are the 'types' of BIOs *)
-  {$REGION 'BIO_TYPE_*'}
   BIO_TYPE_NONE = 0;
   BIO_TYPE_MEM =  1 or BIO_TYPE_SOURCE_SINK;
   BIO_TYPE_FILE =  2 or BIO_TYPE_SOURCE_SINK;
@@ -80,7 +77,6 @@ interface
   BIO_TYPE_ASN1        = 22 or BIO_TYPE_FILTER;
   BIO_TYPE_COMP        = 23 or BIO_TYPE_FILTER;
   BIO_TYPE_DGRAM_SCTP  = 24 or BIO_TYPE_SOURCE_SINK or BIO_TYPE_DESCRIPTOR;
-  {$ENDREGION}
 
   BIO_TYPE_START = 128;
 
@@ -88,15 +84,12 @@ interface
    * BIO_FILENAME_READ|BIO_CLOSE to open or close on free.
    * BIO_set_fp(in,stdin,BIO_NOCLOSE);
    *)
-  {$REGION}
   BIO_NOCLOSE = $00;
   BIO_CLOSE   = $01;
-  {$ENDREGION}
 
   (*
    * These are used in the following macros and are passed to BIO_ctrl()
    *)
-  {$REGION 'BIO_CTRL_*'}
   BIO_CTRL_RESET        = 1;(* opt - rewind/zero etc *)
   BIO_CTRL_EOF          = 2;(* opt - are we at the eof *)
   BIO_CTRL_INFO         = 3;(* opt - extra tit-bits *)
@@ -167,7 +160,6 @@ interface
   BIO_CTRL_DGRAM_SCTP_SAVE_SHUTDOWN     = 70;
 
   BIO_CTRL_DGRAM_SET_PEEK_MODE          = 71;
-  {$ENDREGION}
 
   (* modifiers *)
   BIO_FP_READ            = $02;
@@ -175,7 +167,6 @@ interface
   BIO_FP_APPEND          = $08;
   BIO_FP_TEXT            = $10;
 
-  {$REGION 'BIO_FLAGS_*}
   BIO_FLAGS_READ         = $01;
   BIO_FLAGS_WRITE        = $02;
   BIO_FLAGS_IO_SPECIAL   = $04;
@@ -191,18 +182,14 @@ interface
    *)
   BIO_FLAGS_MEM_RDONLY   = $200;
   BIO_FLAGS_NONCLEAR_RST = $400;
-  {$ENDREGION}
 
-  {$REGION 'BIO_RR_*'}
   BIO_RR_SSL_X509_LOOKUP = $01;
   (* Returned from the connect BIO when a connect would have blocked *)
   BIO_RR_CONNECT         = $02;
   (* Returned from the accept BIO when an accept would have blocked *)
   BIO_RR_ACCEPT          = $03;
-  {$ENDREGION}
 
   (* These are passed by the BIO callback *)
-  {$REGION 'BIO_CB_*'}
   BIO_CB_FREE  = $01;
   BIO_CB_READ  = $02;
   BIO_CB_WRITE = $03;
@@ -217,9 +204,7 @@ interface
 //# define BIO_CB_return(a) ((a)|BIO_CB_RETURN)
 //# define BIO_cb_pre(a)   (!((a)&BIO_CB_RETURN))
 //# define BIO_cb_post(a)  ((a)&BIO_CB_RETURN)
-  {$ENDREGION}
 
-  {$REGION 'BIO_C_*'}
   BIO_C_SET_CONNECT                 = 100;
   BIO_C_DO_STATE_MACHINE            = 101;
   BIO_C_SET_NBIO                    = 102;
@@ -281,15 +266,12 @@ interface
   BIO_C_GET_EX_ARG                  = 154;
 
   BIO_C_SET_CONNECT_MODE            = 155;
-  {$ENDREGION}
 
-  {$REGION 'BIO_SOCK_*'}
   BIO_SOCK_REUSEADDR = $01;
   BIO_SOCK_V6_ONLY   = $02;
   BIO_SOCK_KEEPALIVE = $04;
   BIO_SOCK_NONBLOCK  = $08;
   BIO_SOCK_NODELAY   = $10;
-  {$ENDREGION}
 
 type
   BIO_ADDR = Pointer; // bio_addr_st
@@ -677,7 +659,7 @@ function BIO_do_handshake(b: PBIO): TIdC_LONG;
 
   function BIO_set_tcp_ndelay(sock: TIdC_INT; turn_on: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
 
-  function BIO_sock_info(sock: TIdC_INT; &type: BIO_sock_info_type; info: PBIO_sock_info_u): TIdC_INT cdecl; external CLibCrypto;
+  function BIO_sock_info(sock: TIdC_INT; type_: BIO_sock_info_type; info: PBIO_sock_info_u): TIdC_INT cdecl; external CLibCrypto;
 
   function BIO_socket(domain: TIdC_INT; socktype: TIdC_INT; protocol: TIdC_INT; options: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
   function BIO_connect(sock: TIdC_INT; const addr: PBIO_ADDR; options: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
@@ -737,7 +719,6 @@ function BIO_do_handshake(b: PBIO): TIdC_LONG;
 
 implementation
 
-{$REGION 'C compiler macros'}
 // # define BIO_get_flags(b) BIO_test_flags(b, ~(0x0))
 function BIO_get_flags(const b: PBIO): TIdC_INT;
 begin
@@ -826,7 +807,6 @@ function BIO_do_handshake(b: PBIO): TIdC_LONG;
 begin
   Result := BIO_ctrl(b, BIO_C_DO_STATE_MACHINE, 0, nil);
 end;
-{$ENDREGION}
 
 end.
 
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_bioerr.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_bioerr.pas
index 1a28ca986..f72128445 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_bioerr.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_bioerr.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 14:51:27
+// Generation date: 28.10.2020 15:24:33
 
 unit IdOpenSSLHeaders_bioerr;
 
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_blowfish.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_blowfish.pas
index 9751871ef..946b5c80f 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_blowfish.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_blowfish.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 14:51:27
+// Generation date: 28.10.2020 15:24:33
 
 unit IdOpenSSLHeaders_blowfish;
 
@@ -69,10 +69,10 @@   bf_key_st = record
   procedure BF_encrypt(data: PBF_LONG; const key: PBF_KEY) cdecl; external CLibCrypto;
   procedure BF_decrypt(data: PBF_LONG; const key: PBF_KEY) cdecl; external CLibCrypto;
 
-  procedure BF_ecb_encrypt(const &in: PByte; &out: PByte; key: PBF_KEY; enc: TIdC_INT) cdecl; external CLibCrypto;
-  procedure BF_cbc_encrypt(const &in: PByte; &out: PByte; length: TIdC_LONG; schedule: PBF_KEY; ivec: PByte; enc: TIdC_INT) cdecl; external CLibCrypto;
-  procedure BF_cfb64_encrypt(const &in: PByte; &out: PByte; length: TIdC_LONG; schedule: PBF_KEY; ivec: PByte; num: PIdC_INT; enc: TIdC_INT) cdecl; external CLibCrypto;
-  procedure BF_ofb64_encrypt(const &in: PByte; &out: PByte; length: TIdC_LONG; schedule: PBF_KEY; ivec: PByte; num: PIdC_INT) cdecl; external CLibCrypto;
+  procedure BF_ecb_encrypt(const in_: PByte; out_: PByte; key: PBF_KEY; enc: TIdC_INT) cdecl; external CLibCrypto;
+  procedure BF_cbc_encrypt(const in_: PByte; out_: PByte; length: TIdC_LONG; schedule: PBF_KEY; ivec: PByte; enc: TIdC_INT) cdecl; external CLibCrypto;
+  procedure BF_cfb64_encrypt(const in_: PByte; out_: PByte; length: TIdC_LONG; schedule: PBF_KEY; ivec: PByte; num: PIdC_INT; enc: TIdC_INT) cdecl; external CLibCrypto;
+  procedure BF_ofb64_encrypt(const in_: PByte; out_: PByte; length: TIdC_LONG; schedule: PBF_KEY; ivec: PByte; num: PIdC_INT) cdecl; external CLibCrypto;
 
   function BF_options: PIdAnsiChar cdecl; external CLibCrypto;
 
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_bn.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_bn.pas
index 4e48aabf0..c5def3ef0 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_bn.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_bn.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 14:51:27
+// Generation date: 28.10.2020 15:24:33
 
 unit IdOpenSSLHeaders_bn;
 
@@ -208,12 +208,12 @@ interface
   function BN_copy(a: PBIGNUM; b: PBIGNUM): PBIGNUM cdecl; external CLibCrypto;
   procedure BN_swap(a: PBIGNUM; b: PBIGNUM) cdecl; external CLibCrypto;
   function BN_bin2bn(const s: PByte; len: TIdC_INT; ret: PBIGNUM): PBIGNUM cdecl; external CLibCrypto;
-  function BN_bn2bin(const a: PBIGNUM; &to: PByte): TIdC_INT cdecl; external CLibCrypto;
-  function BN_bn2binpad(const a: PBIGNUM; &to: PByte; tolen: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function BN_bn2bin(const a: PBIGNUM; to_: PByte): TIdC_INT cdecl; external CLibCrypto;
+  function BN_bn2binpad(const a: PBIGNUM; to_: PByte; tolen: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
   function BN_lebin2bn(const s: PByte; len: TIdC_INT; ret: PBIGNUM): PBIGNUM cdecl; external CLibCrypto;
-  function BN_bn2lebinpad(a: PBIGNUM; &to: PByte; tolen: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function BN_bn2lebinpad(a: PBIGNUM; to_: PByte; tolen: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
   function BN_mpi2bn(const s: PByte; len: TIdC_INT; ret: PBIGNUM): PBIGNUM cdecl; external CLibCrypto;
-  function BN_bn2mpi(a: PBIGNUM; &to: PByte): TIdC_INT cdecl; external CLibCrypto;
+  function BN_bn2mpi(a: PBIGNUM; to_: PByte): TIdC_INT cdecl; external CLibCrypto;
   function BN_sub(r: PBIGNUM; const a: PBIGNUM; const b: PBIGNUM): TIdC_INT cdecl; external CLibCrypto;
   function BN_usub(r: PBIGNUM; const a: PBIGNUM; const b: PBIGNUM): TIdC_INT cdecl; external CLibCrypto;
   function BN_uadd(r: PBIGNUM; const a: PBIGNUM; const b: PBIGNUM): TIdC_INT cdecl; external CLibCrypto;
@@ -302,11 +302,11 @@ interface
   function BN_to_montgomery(r: PBIGNUM; a: PBIGNUM; mont: PBN_MONT_CTX; ctx: PBN_CTX): TIdC_INT cdecl; external CLibCrypto;
   function BN_from_montgomery(r: PBIGNUM; a: PBIGNUM; mont: PBN_MONT_CTX; ctx: PBN_CTX): TIdC_INT cdecl; external CLibCrypto;
   procedure BN_MONT_CTX_free(mont: PBN_MONT_CTX) cdecl; external CLibCrypto;
-  function BN_MONT_CTX_set(mont: PBN_MONT_CTX; &mod: PBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function BN_MONT_CTX_set(mont: PBN_MONT_CTX; mod_: PBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl; external CLibCrypto;
   function BN_MONT_CTX_copy(&to: PBN_MONT_CTX; from: PBN_MONT_CTX): PBN_MONT_CTX cdecl; external CLibCrypto;
-//  function BN_MONT_CTX_set_locked(pmont: ^PBN_MONT_CTX; lock: CRYPTO_RWLOCK; &mod: PBIGNUM; ctx: PBN_CTX): PBN_MONT_CTX;
+//  function BN_MONT_CTX_set_locked(pmont: ^PBN_MONT_CTX; lock: CRYPTO_RWLOCK; mod_: PBIGNUM; ctx: PBN_CTX): PBN_MONT_CTX;
 
-  function BN_BLINDING_new(const A: PBIGNUM; const Ai: PBIGNUM; &mod: PBIGNUM): PBN_BLINDING cdecl; external CLibCrypto;
+  function BN_BLINDING_new(const A: PBIGNUM; const Ai: PBIGNUM; mod_: PBIGNUM): PBN_BLINDING cdecl; external CLibCrypto;
   procedure BN_BLINDING_free(b: PBN_BLINDING) cdecl; external CLibCrypto;
   function BN_BLINDING_update(b: PBN_BLINDING; ctx: PBN_CTX): TIdC_INT cdecl; external CLibCrypto;
   function BN_BLINDING_convert(n: PBIGNUM; b: PBN_BLINDING; ctx: PBN_CTX): TIdC_INT cdecl; external CLibCrypto;
@@ -412,7 +412,7 @@ interface
 //int (*BN_nist_mod_func(const BIGNUM *p)) (BIGNUM *r, const BIGNUM *a,
 //                                          const BIGNUM *field, BN_CTX *ctx);
 
-  function BN_generate_dsa_nonce(&out: PBIGNUM; range: PBIGNUM; priv: PBIGNUM; const &message: PByte; message_len: TIdC_SIZET; ctx: PBN_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function BN_generate_dsa_nonce(&out: PBIGNUM; range: PBIGNUM; priv: PBIGNUM; const message_: PByte; message_len: TIdC_SIZET; ctx: PBN_CTX): TIdC_INT cdecl; external CLibCrypto;
 
   (* Primes from RFC 2409 *)
   function BN_get_rfc2409_prime_768(bn: PBIGNUM ): PBIGNUM cdecl; external CLibCrypto;
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_bnerr.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_bnerr.pas
index f2db68ddf..88553b6a2 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_bnerr.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_bnerr.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 14:51:27
+// Generation date: 28.10.2020 15:24:33
 
 unit IdOpenSSLHeaders_bnerr;
 
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_buffer.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_buffer.pas
index dca44b08e..487c46744 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_buffer.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_buffer.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 14:51:27
+// Generation date: 28.10.2020 15:24:33
 
 unit IdOpenSSLHeaders_buffer;
 
@@ -61,7 +61,7 @@   buf_mem_st = record
   procedure BUF_MEM_free(a: PBUF_MEM) cdecl; external CLibCrypto;
   function BUF_MEM_grow(str: PBUF_MEM; len: TIdC_SIZET): TIdC_SIZET cdecl; external CLibCrypto;
   function BUF_MEM_grow_clean(str: PBUF_MEM; len: TIdC_SIZET): TIdC_SIZET cdecl; external CLibCrypto;
-  procedure BUF_reverse(&out: PByte; const &in: PByte; siz: TIdC_SIZET) cdecl; external CLibCrypto;
+  procedure BUF_reverse(&out: PByte; const in_: PByte; siz: TIdC_SIZET) cdecl; external CLibCrypto;
 
 implementation
 
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_buffererr.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_buffererr.pas
index 88c354b34..75e5945da 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_buffererr.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_buffererr.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 14:51:27
+// Generation date: 28.10.2020 15:24:33
 
 unit IdOpenSSLHeaders_buffererr;
 
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_camellia.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_camellia.pas
index 1ce6f285e..dad1631ec 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_camellia.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_camellia.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 14:51:27
+// Generation date: 28.10.2020 15:24:33
 
 unit IdOpenSSLHeaders_camellia;
 
@@ -76,16 +76,16 @@   camellia_key_st = record
 
   function Camellia_set_key(const userKey: PByte; const bits: TIdC_INT; key: PCAMELLIA_KEY): TIdC_INT cdecl; external CLibCrypto;
 
-  procedure Camellia_encrypt(const &in: PByte; const &out: PByte; const key: PCAMELLIA_KEY) cdecl; external CLibCrypto;
-  procedure Camellia_decrypt(const &in: PByte; const &out: PByte; const key: PCAMELLIA_KEY) cdecl; external CLibCrypto;
+  procedure Camellia_encrypt(const in_: PByte; const out_: PByte; const key: PCAMELLIA_KEY) cdecl; external CLibCrypto;
+  procedure Camellia_decrypt(const in_: PByte; const out_: PByte; const key: PCAMELLIA_KEY) cdecl; external CLibCrypto;
 
-  procedure Camellia_ecb_encrypt( const &in: PByte; const &out: PByte; const key: PCAMELLIA_KEY; const enc: TIdC_INT) cdecl; external CLibCrypto;
-  procedure Camellia_cbc_encrypt( const &in: PByte; const &out: PByte; length: TIdC_SIZET; const key: PCAMELLIA_KEY; ivec: PByte; const enc: TIdC_INT) cdecl; external CLibCrypto;
-  procedure Camellia_cfb128_encrypt( const &in: PByte; const &out: PByte; length: TIdC_SIZET; const key: PCAMELLIA_KEY; ivec: PByte; num: PIdC_INT; const enc: TIdC_INT) cdecl; external CLibCrypto;
-  procedure Camellia_cfb1_encrypt( const &in: PByte; const &out: PByte; length: TIdC_SIZET; const key: PCAMELLIA_KEY; ivec: PByte; num: PIdC_INT; const enc: TIdC_INT) cdecl; external CLibCrypto;
-  procedure Camellia_cfb8_encrypt( const &in: PByte; const &out: PByte; length: TIdC_SIZET; const key: PCAMELLIA_KEY; ivec: PByte; num: PIdC_INT; const enc: TIdC_INT) cdecl; external CLibCrypto;
-  procedure Camellia_ofb128_encrypt( const &in: PByte; const &out: PByte; length: TIdC_SIZET; const key: PCAMELLIA_KEY; ivec: PByte; num: PIdC_INT) cdecl; external CLibCrypto;
-  procedure Camellia_ctr128_encrypt( const &in: PByte; const &out: PByte; length: TIdC_SIZET; const key: PCAMELLIA_KEY; ivec: TCamellia_ctr128_encrypt_ivec; ecount_buf: TCamellia_ctr128_encrypt_ecount_buf; num: PIdC_INT) cdecl; external CLibCrypto;
+  procedure Camellia_ecb_encrypt( const in_: PByte; const out_: PByte; const key: PCAMELLIA_KEY; const enc: TIdC_INT) cdecl; external CLibCrypto;
+  procedure Camellia_cbc_encrypt( const in_: PByte; const out_: PByte; length: TIdC_SIZET; const key: PCAMELLIA_KEY; ivec: PByte; const enc: TIdC_INT) cdecl; external CLibCrypto;
+  procedure Camellia_cfb128_encrypt( const in_: PByte; const out_: PByte; length: TIdC_SIZET; const key: PCAMELLIA_KEY; ivec: PByte; num: PIdC_INT; const enc: TIdC_INT) cdecl; external CLibCrypto;
+  procedure Camellia_cfb1_encrypt( const in_: PByte; const out_: PByte; length: TIdC_SIZET; const key: PCAMELLIA_KEY; ivec: PByte; num: PIdC_INT; const enc: TIdC_INT) cdecl; external CLibCrypto;
+  procedure Camellia_cfb8_encrypt( const in_: PByte; const out_: PByte; length: TIdC_SIZET; const key: PCAMELLIA_KEY; ivec: PByte; num: PIdC_INT; const enc: TIdC_INT) cdecl; external CLibCrypto;
+  procedure Camellia_ofb128_encrypt( const in_: PByte; const out_: PByte; length: TIdC_SIZET; const key: PCAMELLIA_KEY; ivec: PByte; num: PIdC_INT) cdecl; external CLibCrypto;
+  procedure Camellia_ctr128_encrypt( const in_: PByte; const out_: PByte; length: TIdC_SIZET; const key: PCAMELLIA_KEY; ivec: TCamellia_ctr128_encrypt_ivec; ecount_buf: TCamellia_ctr128_encrypt_ecount_buf; num: PIdC_INT) cdecl; external CLibCrypto;
 
 implementation
 
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_cast.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_cast.pas
index 9794e7e8d..ce7237133 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_cast.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_cast.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 14:51:27
+// Generation date: 28.10.2020 15:24:33
 
 unit IdOpenSSLHeaders_cast;
 
@@ -63,12 +63,12 @@   cast_key_st = record
   PCAST_KEY = ^CAST_KEY;
 
   procedure CAST_set_key(key: PCast_Key; len: TIdC_INT; const data: PByte) cdecl; external CLibCrypto;
-  procedure CAST_ecb_encrypt(const &in: PByte; &out: PByte; const key: PCast_Key; enc: TIdC_INT) cdecl; external CLibCrypto;
+  procedure CAST_ecb_encrypt(const in_: PByte; out_: PByte; const key: PCast_Key; enc: TIdC_INT) cdecl; external CLibCrypto;
   procedure CAST_encrypt(data: PCAST_LONG; const key: PCast_Key) cdecl; external CLibCrypto;
   procedure CAST_decrypt(data: PCAST_LONG; const key: PCast_Key) cdecl; external CLibCrypto;
-  procedure CAST_cbc_encrypt(const &in: PByte; &out: PByte; length: TIdC_LONG; const ks: PCast_Key; iv: PByte; enc: TIdC_INT) cdecl; external CLibCrypto;
-  procedure CAST_cfb64_encrypt(const &in: PByte; &out: PByte; length: TIdC_LONG; const schedule: PCast_Key; ivec: PByte; num: PIdC_INT; enc: TIdC_INT) cdecl; external CLibCrypto;
-  procedure CAST_ofb64_encrypt(const &in: PByte; &out: PByte; length: TIdC_LONG; const schedule: PCast_Key; ivec: PByte; num: PIdC_INT) cdecl; external CLibCrypto;
+  procedure CAST_cbc_encrypt(const in_: PByte; out_: PByte; length: TIdC_LONG; const ks: PCast_Key; iv: PByte; enc: TIdC_INT) cdecl; external CLibCrypto;
+  procedure CAST_cfb64_encrypt(const in_: PByte; out_: PByte; length: TIdC_LONG; const schedule: PCast_Key; ivec: PByte; num: PIdC_INT; enc: TIdC_INT) cdecl; external CLibCrypto;
+  procedure CAST_ofb64_encrypt(const in_: PByte; out_: PByte; length: TIdC_LONG; const schedule: PCast_Key; ivec: PByte; num: PIdC_INT) cdecl; external CLibCrypto;
 
 implementation
 
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_cmac.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_cmac.pas
index 80dd04ca0..b59dc3dd6 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_cmac.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_cmac.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 14:51:27
+// Generation date: 28.10.2020 15:24:33
 
 unit IdOpenSSLHeaders_cmac;
 
@@ -56,10 +56,10 @@ interface
   procedure CMAC_CTX_cleanup(ctx: PCMAC_CTX) cdecl; external CLibCrypto;
   procedure CMAC_CTX_free(ctx: PCMAC_CTX) cdecl; external CLibCrypto;
   function CMAC_CTX_get0_cipher_ctx(ctx: PCMAC_CTX): PEVP_CIPHER_CTX cdecl; external CLibCrypto;
-  function CMAC_CTX_copy(out: PCMAC_CTX; const &in: PCMAC_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function CMAC_CTX_copy(out: PCMAC_CTX; const in_: PCMAC_CTX): TIdC_INT cdecl; external CLibCrypto;
   function CMAC_Init(ctx: PCMAC_CTX; const key: Pointer; keylen: TIdC_SIZET; const cipher: PEVP_Cipher; impl: PENGINe): TIdC_INT cdecl; external CLibCrypto;
   function CMAC_Update(ctx: PCMAC_CTX; const data: Pointer; dlen: TIdC_SIZET): TIdC_INT cdecl; external CLibCrypto;
-  function CMAC_Final(ctx: PCMAC_CTX; &out: PByte; poutlen: PIdC_SIZET): TIdC_INT cdecl; external CLibCrypto;
+  function CMAC_Final(ctx: PCMAC_CTX; out_: PByte; poutlen: PIdC_SIZET): TIdC_INT cdecl; external CLibCrypto;
   function CMAC_resume(ctx: PCMAC_CTX): TIdC_INT cdecl; external CLibCrypto;
 
 
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_cms.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_cms.pas
index c65422b6b..adb3be4eb 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_cms.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_cms.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 14:51:27
+// Generation date: 28.10.2020 15:24:33
 
 unit IdOpenSSLHeaders_cms;
 
@@ -145,8 +145,8 @@ interface
   function i2d_CMS_bio(bp: PBIO; cms: PCMS_ContentInfo): TIdC_INT cdecl; external CLibCrypto;
 
   function BIO_new_CMS(&out: PBIO; cms: PCMS_ContentInfo): PBIO cdecl; external CLibCrypto;
-  function i2d_CMS_bio_stream(&out: PBIO; cms: PCMS_ContentInfo; &in: PBIO; flags: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
-  function PEM_write_bio_CMS_stream(&out: PBIO; cms: PCMS_ContentInfo; &in: PBIO; flags: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function i2d_CMS_bio_stream(&out: PBIO; cms: PCMS_ContentInfo; in_: PBIO; flags: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function PEM_write_bio_CMS_stream(&out: PBIO; cms: PCMS_ContentInfo; in_: PBIO; flags: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
   function SMIME_read_CMS(bio: PBIO; bcont: PPBIO): PCMS_ContentInfo cdecl; external CLibCrypto;
   function SMIME_write_CMS(bio: PBIO; cms: PCMS_ContentInfo; data: PBIO; flags: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
 
@@ -156,27 +156,27 @@ interface
 
 //  function CMS_sign_receipt(si: PCMS_SignerInfo; signcert: PX509; pkey: PEVP_PKEY; {STACK_OF(X509) *certs;} flags: TIdC_UINT): PCMS_ContentInfo;
 
-  function CMS_data(cms: PCMS_ContentInfo; &out: PBIO; flags: TIdC_UINT): TIdC_INT cdecl; external CLibCrypto;
+  function CMS_data(cms: PCMS_ContentInfo; out_: PBIO; flags: TIdC_UINT): TIdC_INT cdecl; external CLibCrypto;
   function CMS_data_create(&in: PBIO; flags: TIdC_UINT): PCMS_ContentInfo cdecl; external CLibCrypto;
 
-  function CMS_digest_verify(cms: PCMS_ContentInfo; dcont: PBIO; &out: PBIO; flags: TIdC_UINT): TIdC_INT cdecl; external CLibCrypto;
+  function CMS_digest_verify(cms: PCMS_ContentInfo; dcont: PBIO; out_: PBIO; flags: TIdC_UINT): TIdC_INT cdecl; external CLibCrypto;
   function CMS_digest_create(&in: PBIO; const md: PEVP_MD; flags: TIdC_UINT): PCMS_ContentInfo cdecl; external CLibCrypto;
 
-  function CMS_EncryptedData_decrypt(cms: PCMS_ContentInfo; const key: PByte; keylen: TIdC_SIZET; dcont: PBIO; &out: PBIO; flags: TIdC_UINT): TIdC_INT cdecl; external CLibCrypto;
+  function CMS_EncryptedData_decrypt(cms: PCMS_ContentInfo; const key: PByte; keylen: TIdC_SIZET; dcont: PBIO; out_: PBIO; flags: TIdC_UINT): TIdC_INT cdecl; external CLibCrypto;
 
   function CMS_EncryptedData_encrypt(&in: PBIO; const cipher: PEVP_CIPHER; const key: PByte; keylen: TIdC_SIZET; flags: TIdC_UINT): PCMS_ContentInfo cdecl; external CLibCrypto;
 
   function CMS_EncryptedData_set1_key(cms: PCMS_ContentInfo; const ciph: PEVP_CIPHER; const key: PByte; keylen: TIdC_SIZET): TIdC_INT cdecl; external CLibCrypto;
 
-//  function CMS_verify(cms: PCMS_ContentInfo; {STACK_OF(X509) *certs;} store: PX509_STORE; dcont: PBIO; &out: PBIO; flags: TIdC_UINT): TIdC_INT;
+//  function CMS_verify(cms: PCMS_ContentInfo; {STACK_OF(X509) *certs;} store: PX509_STORE; dcont: PBIO; out_: PBIO; flags: TIdC_UINT): TIdC_INT;
 
 //  function CMS_verify_receipt(rcms: PCMS_ContentInfo; ocms: PCMS_ContentInfo; {STACK_OF(x509) *certs;} store: PX509_STORE; flags: TIdC_UINT): TIdC_INT;
 
   // STACK_OF(X509) *CMS_get0_signers(CMS_ContentInfo *cms);
 
-//  function CMS_encrypt({STACK_OF(x509) *certs;} &in: PBIO; const cipher: PEVP_CIPHER; flags: TIdC_UINT): PCMS_ContentInfo;
+//  function CMS_encrypt({STACK_OF(x509) *certs;} in_: PBIO; const cipher: PEVP_CIPHER; flags: TIdC_UINT): PCMS_ContentInfo;
 
-  function CMS_decrypt(cms: PCMS_ContentInfo; pkey: PEVP_PKEY; cert: PX509; dcont: PBIO; &out: PBIO; flags: TIdC_UINT): TIdC_INT cdecl; external CLibCrypto;
+  function CMS_decrypt(cms: PCMS_ContentInfo; pkey: PEVP_PKEY; cert: PX509; dcont: PBIO; out_: PBIO; flags: TIdC_UINT): TIdC_INT cdecl; external CLibCrypto;
 
   function CMS_decrypt_set1_pkey(cms: PCMS_ContentInfo; pk: PEVP_PKEY; cert: PX509): TIdC_INT cdecl; external CLibCrypto;
   function CMS_decrypt_set1_key(cms: PCMS_ContentInfo; key: PByte; keylen: TIdC_SIZET; const id: PByte; idlen: TIdC_SIZET): TIdC_INT cdecl; external CLibCrypto;
@@ -207,7 +207,7 @@ interface
   function CMS_RecipientInfo_decrypt(cms: PCMS_ContentInfo; ri: PCMS_RecipientInfo): TIdC_INT cdecl; external CLibCrypto;
   function CMS_RecipientInfo_encrypt(cms: PCMS_ContentInfo; ri: PCMS_RecipientInfo): TIdC_INT cdecl; external CLibCrypto;
 
-  function CMS_uncompress(cms: PCMS_ContentInfo; dcont: PBIO; &out: PBIO; flags: TIdC_UINT): TIdC_INT cdecl; external CLibCrypto;
+  function CMS_uncompress(cms: PCMS_ContentInfo; dcont: PBIO; out_: PBIO; flags: TIdC_UINT): TIdC_INT cdecl; external CLibCrypto;
   function CMS_compress(&in: PBIO; comp_nid: TIdC_INT; flags: TIdC_UINT): PCMS_ContentInfo cdecl; external CLibCrypto;
 
   function CMS_set1_eContentType(cms: CMS_ContentInfo; const oit: PASN1_OBJECT): TIdC_INT cdecl; external CLibCrypto;
@@ -249,10 +249,10 @@ interface
   function CMS_signed_get_attr(const si: PCMS_SignerInfo; loc: TIdC_INT): PX509_ATTRIBUTE cdecl; external CLibCrypto;
   function CMS_signed_delete_attr(const si: PCMS_SignerInfo; loc: TIdC_INT): PX509_ATTRIBUTE cdecl; external CLibCrypto;
   function CMS_signed_add1_attr(si: PCMS_SignerInfo; loc: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
-  function CMS_signed_add1_attr_by_OBJ(si: PCMS_SignerInfo; const obj: PASN1_OBJECT; &type: TIdC_INT; const bytes: Pointer; len: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
-  function CMS_signed_add1_attr_by_NID(si: PCMS_SignerInfo; nid: TIdC_INT; &type: TIdC_INT; const bytes: Pointer; len: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
-  function CMS_signed_add1_attr_by_txt(si: PCMS_SignerInfo; const attrname: PAnsiChar; &type: TIdC_INT; const bytes: Pointer; len: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
-  function CMS_signed_get0_data_by_OBJ(si: PCMS_SignerInfo; const oid: PASN1_OBJECT; lastpos: TIdC_INT; &type: TIdC_INT): Pointer cdecl; external CLibCrypto;
+  function CMS_signed_add1_attr_by_OBJ(si: PCMS_SignerInfo; const obj: PASN1_OBJECT; type_: TIdC_INT; const bytes: Pointer; len: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function CMS_signed_add1_attr_by_NID(si: PCMS_SignerInfo; nid: TIdC_INT; type_: TIdC_INT; const bytes: Pointer; len: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function CMS_signed_add1_attr_by_txt(si: PCMS_SignerInfo; const attrname: PAnsiChar; type_: TIdC_INT; const bytes: Pointer; len: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function CMS_signed_get0_data_by_OBJ(si: PCMS_SignerInfo; const oid: PASN1_OBJECT; lastpos: TIdC_INT; type_: TIdC_INT): Pointer cdecl; external CLibCrypto;
 
   function CMS_unsigned_get_attr_count(const si: PCMS_SignerInfo): TIdC_INT cdecl; external CLibCrypto;
   function CMS_unsigned_get_attr_by_NID(const si: PCMS_SignerInfo; nid: TIdC_INT; lastpos: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
@@ -260,10 +260,10 @@ interface
   function CMS_unsigned_get_attr(const si: PCMS_SignerInfo; loc: TIdC_INT): PX509_ATTRIBUTE cdecl; external CLibCrypto;
   function CMS_unsigned_delete_attr(si: PCMS_SignerInfo; loc: TIdC_INT): PX509_ATTRIBUTE cdecl; external CLibCrypto;
   function CMS_unsigned_add1_attr(si: PCMS_SignerInfo; attr: PX509_ATTRIBUTE): TIdC_INT cdecl; external CLibCrypto;
-  function CMS_unsigned_add1_attr_by_OBJ(si: PCMS_SignerInfo; const obj: PASN1_OBJECT; &type: TIdC_INT; const bytes: Pointer; len: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
-  function CMS_unsigned_add1_attr_by_NID(si: PCMS_SignerInfo; nid: TIdC_INT; &type: TIdC_INT; const bytes: Pointer; len: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
-  function CMS_unsigned_add1_attr_by_txt(si: PCMS_SignerInfo; const attrname: PAnsiChar; &type: TIdC_INT; const bytes: Pointer; len: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
-  function CMS_unsigned_get0_data_by_OBJ(si: PCMS_SignerInfo; oid: PASN1_OBJECT; lastpos: TIdC_INT; &type: TIdC_INT): Pointer cdecl; external CLibCrypto;
+  function CMS_unsigned_add1_attr_by_OBJ(si: PCMS_SignerInfo; const obj: PASN1_OBJECT; type_: TIdC_INT; const bytes: Pointer; len: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function CMS_unsigned_add1_attr_by_NID(si: PCMS_SignerInfo; nid: TIdC_INT; type_: TIdC_INT; const bytes: Pointer; len: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function CMS_unsigned_add1_attr_by_txt(si: PCMS_SignerInfo; const attrname: PAnsiChar; type_: TIdC_INT; const bytes: Pointer; len: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function CMS_unsigned_get0_data_by_OBJ(si: PCMS_SignerInfo; oid: PASN1_OBJECT; lastpos: TIdC_INT; type_: TIdC_INT): Pointer cdecl; external CLibCrypto;
 
   function CMS_get1_ReceiptRequest(si: PCMS_SignerInfo; prr: PPCMS_ReceiptRequest): TIdC_INT cdecl; external CLibCrypto;
 //  function CMS_ReceiptRequest_create0(id: PByte; idlen: TIdC_INT; allorfirst: TIdC_INT
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_cmserr.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_cmserr.pas
index 951ee6f95..a38650d9c 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_cmserr.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_cmserr.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 14:51:27
+// Generation date: 28.10.2020 15:24:33
 
 unit IdOpenSSLHeaders_cmserr;
 
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_comp.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_comp.pas
index 573a361f4..4689a2083 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_comp.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_comp.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 14:51:27
+// Generation date: 28.10.2020 15:24:33
 
 unit IdOpenSSLHeaders_comp;
 
@@ -53,8 +53,8 @@ interface
   function COMP_get_name(const meth: PCOMP_METHOD): PIdAnsiChar cdecl; external CLibCrypto;
   procedure COMP_CTX_free(ctx: PCOMP_CTX) cdecl; external CLibCrypto;
 
-  function COMP_compress_block(ctx: PCOMP_CTX; &out: PByte; olen: TIdC_INT; &in: PByte; ilen: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
-  function COMP_expand_block(ctx: PCOMP_CTX; &out: PByte; olen: TIdC_INT; &in: PByte; ilen: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function COMP_compress_block(ctx: PCOMP_CTX; out_: PByte; olen: TIdC_INT; in_: PByte; ilen: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function COMP_expand_block(ctx: PCOMP_CTX; out_: PByte; olen: TIdC_INT; in_: PByte; ilen: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
 
   function COMP_zlib: PCOMP_METHOD cdecl; external CLibCrypto;
 
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_comperr.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_comperr.pas
index 6c9c28e89..37aa64833 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_comperr.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_comperr.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 14:51:27
+// Generation date: 28.10.2020 15:24:33
 
 unit IdOpenSSLHeaders_comperr;
 
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_conf.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_conf.pas
index 21e5fff1a..2fe1a9a37 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_conf.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_conf.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 14:51:27
+// Generation date: 28.10.2020 15:24:33
 
 unit IdOpenSSLHeaders_conf;
 
@@ -150,7 +150,7 @@   //  conf_st = record
   procedure NCONF_free(conf: PCONF) cdecl; external CLibCrypto;
   procedure NCONF_free_data(conf: PCONF) cdecl; external CLibCrypto;
 
-  function NCONF_load(conf: PCONF; const &file: PAnsiChar; eline: PIdC_LONG): TIdC_INT cdecl; external CLibCrypto;
+  function NCONF_load(conf: PCONF; const file_: PAnsiChar; eline: PIdC_LONG): TIdC_INT cdecl; external CLibCrypto;
   function NCONF_load_bio(conf: PCONF; bp: PBIO; eline: PIdC_LONG): TIdC_INT cdecl; external CLibCrypto;
   //STACK_OF(CONF_VALUE) *NCONF_get_section(const CONF *conf,
   //                                        const char *section);
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_conf_api.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_conf_api.pas
index 6dd16f7be..dca1bf5a1 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_conf_api.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_conf_api.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 14:51:27
+// Generation date: 28.10.2020 15:24:33
 
 unit IdOpenSSLHeaders_conf_api;
 
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_conferr.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_conferr.pas
index 757afcc33..5836a647e 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_conferr.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_conferr.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 14:51:27
+// Generation date: 28.10.2020 15:24:33
 
 unit IdOpenSSLHeaders_conferr;
 
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_crypto.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_crypto.pas
index 6f6cfb9b7..a19f26d86 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_crypto.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_crypto.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 14:51:27
+// Generation date: 28.10.2020 15:24:33
 
 unit IdOpenSSLHeaders_crypto;
 
@@ -45,7 +45,7 @@ interface
   IdOpenSSLConsts,
   IdOpenSSLHeaders_bio,
   IdOpenSSLHeaders_ossl_typ,
-  System.Types;
+  {$IFDEF VCL_XE3_OR_ABOVE}System.Types{$ELSE}Types{$ENDIF};
 
 {$MINENUMSIZE 4}
 
@@ -148,7 +148,6 @@   //crypto_ex_data_st = record
   CRYPTO_ONCE = type TIdC_LONG;
   PCRYPTO_ONCE = ^CRYPTO_ONCE;
 
-{$REGION 'C compiler macros'}
 function OPENSSL_malloc(num: TIdC_SIZET): Pointer;
 function OPENSSL_zalloc(num: TIdC_SIZET): Pointer;
 function OPENSSL_realloc(addr: Pointer; num: TIdC_SIZET): Pointer;
@@ -163,7 +162,6 @@ function OPENSSL_secure_zalloc(num: TIdC_SIZET): Pointer;
 procedure OPENSSL_secure_free(addr: Pointer);
 procedure OPENSSL_secure_clear_free(addr: Pointer; num: TIdC_SIZET);
 function OPENSSL_secure_actual_size(ptr: Pointer): TIdC_SIZET;
-{$ENDREGION}
 
   function CRYPTO_THREAD_lock_new: PCRYPTO_RWLOCK cdecl; external CLibCrypto;
   function CRYPTO_THREAD_read_lock(lock: PCRYPTO_RWLOCK): TIdC_INT cdecl; external CLibCrypto;
@@ -197,7 +195,7 @@ function OPENSSL_secure_actual_size(ptr: Pointer): TIdC_SIZET;
    * given class (invokes whatever per-class callbacks are applicable)
    *)
    function CRYPTO_new_ex_data(class_index: TIdC_INT; obj: Pointer; ad: PCRYPTO_EX_DATA): TIdC_INT cdecl; external CLibCrypto;
-   function CRYPTO_dup_ex_data(class_index: TIdC_INT; &to: PCRYPTO_EX_DATA; const from: PCRYPTO_EX_DATA): TIdC_INT cdecl; external CLibCrypto;
+   function CRYPTO_dup_ex_data(class_index: TIdC_INT; to_: PCRYPTO_EX_DATA; const from: PCRYPTO_EX_DATA): TIdC_INT cdecl; external CLibCrypto;
 
    procedure CRYPTO_free_ex_data(class_index: TIdC_INT; obj: Pointer; ad: PCRYPTO_EX_DATA) cdecl; external CLibCrypto;
 
@@ -252,22 +250,22 @@ function OPENSSL_secure_actual_size(ptr: Pointer): TIdC_SIZET;
   //        void *(**r) (void *, TIdC_SIZET, const char *, int),
   //        void (**f) (void *, const char *, int));
 
-  function CRYPTO_malloc(num: TIdC_SIZET; const &file: PAnsiChar; line: TIdC_INT): Pointer cdecl; external CLibCrypto;
-  function CRYPTO_zalloc(num: TIdC_SIZET; const &file: PAnsiChar; line: TIdC_INT): Pointer cdecl; external CLibCrypto;
-  function CRYPTO_memdup(const str: Pointer; siz: TIdC_SIZET; const &file: PAnsiChar; line: TIdC_INT): Pointer cdecl; external CLibCrypto;
-  function CRYPTO_strdup(const str: PAnsiChar; const &file: PAnsiChar; line: TIdC_INT): PAnsiChar cdecl; external CLibCrypto;
-  function CRYPTO_strndup(const str: PAnsiChar; s: TIdC_SIZET; const &file: PAnsiChar; line: TIdC_INT): PAnsiChar cdecl; external CLibCrypto;
-  procedure CRYPTO_free(ptr: Pointer; const &file: PAnsiChar; line: TIdC_INT) cdecl; external CLibCrypto;
-  procedure CRYPTO_clear_free(ptr: Pointer; num: TIdC_SIZET; const &file: PAnsiChar; line: TIdC_INT) cdecl; external CLibCrypto;
-  function CRYPTO_realloc(addr: Pointer; num: TIdC_SIZET; const &file: PAnsiChar; line: TIdC_INT): Pointer cdecl; external CLibCrypto;
-  function CRYPTO_clear_realloc(addr: Pointer; old_num: TIdC_SIZET; num: TIdC_SIZET; const &file: PAnsiChar; line: TIdC_INT): Pointer cdecl; external CLibCrypto;
+  function CRYPTO_malloc(num: TIdC_SIZET; const file_: PAnsiChar; line: TIdC_INT): Pointer cdecl; external CLibCrypto;
+  function CRYPTO_zalloc(num: TIdC_SIZET; const file_: PAnsiChar; line: TIdC_INT): Pointer cdecl; external CLibCrypto;
+  function CRYPTO_memdup(const str: Pointer; siz: TIdC_SIZET; const file_: PAnsiChar; line: TIdC_INT): Pointer cdecl; external CLibCrypto;
+  function CRYPTO_strdup(const str: PAnsiChar; const file_: PAnsiChar; line: TIdC_INT): PAnsiChar cdecl; external CLibCrypto;
+  function CRYPTO_strndup(const str: PAnsiChar; s: TIdC_SIZET; const file_: PAnsiChar; line: TIdC_INT): PAnsiChar cdecl; external CLibCrypto;
+  procedure CRYPTO_free(ptr: Pointer; const file_: PAnsiChar; line: TIdC_INT) cdecl; external CLibCrypto;
+  procedure CRYPTO_clear_free(ptr: Pointer; num: TIdC_SIZET; const file_: PAnsiChar; line: TIdC_INT) cdecl; external CLibCrypto;
+  function CRYPTO_realloc(addr: Pointer; num: TIdC_SIZET; const file_: PAnsiChar; line: TIdC_INT): Pointer cdecl; external CLibCrypto;
+  function CRYPTO_clear_realloc(addr: Pointer; old_num: TIdC_SIZET; num: TIdC_SIZET; const file_: PAnsiChar; line: TIdC_INT): Pointer cdecl; external CLibCrypto;
 
   function CRYPTO_secure_malloc_init(sz: TIdC_SIZET; minsize: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
   function CRYPTO_secure_malloc_done: TIdC_INT cdecl; external CLibCrypto;
-  function CRYPTO_secure_malloc(num: TIdC_SIZET; const &file: PAnsiChar; line: TIdC_INT): Pointer cdecl; external CLibCrypto;
-  function CRYPTO_secure_zalloc(num: TIdC_SIZET; const &file: PAnsiChar; line: TIdC_INT): Pointer cdecl; external CLibCrypto;
-  procedure CRYPTO_secure_free(ptr: Pointer; const &file: PAnsiChar; line: TIdC_INT) cdecl; external CLibCrypto;
-  procedure CRYPTO_secure_clear_free(ptr: Pointer; num: TIdC_SIZET; const &file: PAnsiChar; line: TIdC_INT) cdecl; external CLibCrypto;
+  function CRYPTO_secure_malloc(num: TIdC_SIZET; const file_: PAnsiChar; line: TIdC_INT): Pointer cdecl; external CLibCrypto;
+  function CRYPTO_secure_zalloc(num: TIdC_SIZET; const file_: PAnsiChar; line: TIdC_INT): Pointer cdecl; external CLibCrypto;
+  procedure CRYPTO_secure_free(ptr: Pointer; const file_: PAnsiChar; line: TIdC_INT) cdecl; external CLibCrypto;
+  procedure CRYPTO_secure_clear_free(ptr: Pointer; num: TIdC_SIZET; const file_: PAnsiChar; line: TIdC_INT) cdecl; external CLibCrypto;
   function CRYPTO_secure_allocated(const ptr: Pointer): TIdC_INT cdecl; external CLibCrypto;
   function CRYPTO_secure_malloc_initialized: TIdC_INT cdecl; external CLibCrypto;
   function CRYPTO_secure_actual_size(ptr: Pointer): TIdC_SIZET cdecl; external CLibCrypto;
@@ -275,7 +273,7 @@ function OPENSSL_secure_actual_size(ptr: Pointer): TIdC_SIZET;
 
   procedure OPENSSL_cleanse(ptr: Pointer; len: TIdC_SIZET) cdecl; external CLibCrypto;
 
-  function CRYPTO_mem_debug_push(const info: PAnsiChar; const &file: PAnsiChar; line: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function CRYPTO_mem_debug_push(const info: PAnsiChar; const file_: PAnsiChar; line: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
   function CRYPTO_mem_debug_pop: TIdC_INT cdecl; external CLibCrypto;
   procedure CRYPTO_get_alloc_counts(mcount: PIdC_INT; rcount: PIdC_INT; fcount: PIdC_INT) cdecl; external CLibCrypto;
 
@@ -285,9 +283,9 @@ function OPENSSL_secure_actual_size(ptr: Pointer): TIdC_SIZET;
    *   0:   called before the actual memory allocation has taken place
    *   1:   called after the actual memory allocation has taken place
    *)
-  procedure CRYPTO_mem_debug_malloc(addr: Pointer; num: TIdC_SIZET; flag: TIdC_INT; const &file: PAnsiChar; line: TIdC_INT) cdecl; external CLibCrypto;
-  procedure CRYPTO_mem_debug_realloc(addr1: Pointer; addr2: Pointer; num: TIdC_SIZET; flag: TIdC_INT; const &file: PAnsiChar; line: TIdC_INT) cdecl; external CLibCrypto;
-  procedure CRYPTO_mem_debug_free(addr: Pointer; flag: TIdC_INT; const &file: PAnsiChar; line: TIdC_INT) cdecl; external CLibCrypto;
+  procedure CRYPTO_mem_debug_malloc(addr: Pointer; num: TIdC_SIZET; flag: TIdC_INT; const file_: PAnsiChar; line: TIdC_INT) cdecl; external CLibCrypto;
+  procedure CRYPTO_mem_debug_realloc(addr1: Pointer; addr2: Pointer; num: TIdC_SIZET; flag: TIdC_INT; const file_: PAnsiChar; line: TIdC_INT) cdecl; external CLibCrypto;
+  procedure CRYPTO_mem_debug_free(addr: Pointer; flag: TIdC_INT; const file_: PAnsiChar; line: TIdC_INT) cdecl; external CLibCrypto;
 
   function CRYPTO_mem_leaks_cb(cb: CRYPTO_mem_leaks_cb_cb; u: Pointer): TIdC_INT cdecl; external CLibCrypto;
 
@@ -352,7 +350,6 @@ function OPENSSL_secure_actual_size(ptr: Pointer): TIdC_SIZET;
 
 implementation
 
-{$REGION 'C compiler macros'}
 // OPENSSL_FILE = __FILE__ = C preprocessor macro
 // OPENSSL_LINE = __LINE__ = C preprocessor macro
 // FPC hase an equivalent with {$I %FILE%} and {$I %LINE%}, see https://www.freepascal.org/docs-html/prog/progsu41.html#x47-460001.1.41
@@ -441,6 +438,5 @@ function OPENSSL_secure_actual_size(ptr: Pointer): TIdC_SIZET;
 begin
   Result := CRYPTO_secure_actual_size(ptr);
 end;
-{$ENDREGION}
 
 end.
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_cryptoerr.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_cryptoerr.pas
index ac7ac0334..4e1069266 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_cryptoerr.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_cryptoerr.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 14:51:27
+// Generation date: 28.10.2020 15:24:33
 
 unit IdOpenSSLHeaders_cryptoerr;
 
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_cterr.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_cterr.pas
index c495f127d..c232739c9 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_cterr.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_cterr.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 14:51:27
+// Generation date: 28.10.2020 15:24:33
 
 unit IdOpenSSLHeaders_cterr;
 
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_dh.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_dh.pas
index 008b7e656..4b152040b 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_dh.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_dh.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 14:51:27
+// Generation date: 28.10.2020 15:24:33
 
 unit IdOpenSSLHeaders_dh;
 
@@ -90,15 +90,15 @@ interface
   EVP_PKEY_CTRL_DH_PAD                   = (EVP_PKEY_ALG_CTRL + 16);
 
 type
-  DH_meth_generate_key_cb = function(dh: PDH): TIdC_INT;
-  DH_meth_compute_key_cb = function(key: PByte; const pub_key: PBIGNUM; dh: PDH): TIdC_INT;
+  DH_meth_generate_key_cb = function(dh: PDH): TIdC_INT cdecl;
+  DH_meth_compute_key_cb = function(key: PByte; const pub_key: PBIGNUM; dh: PDH): TIdC_INT cdecl;
   DH_meth_bn_mod_exp_cb = function(
     const dh: PDH; r: PBIGNUM; const a: PBIGNUM;
     const p: PBIGNUM; const m: PBIGNUM;
-    ctx: PBN_CTX; m_ctx: PBN_MONT_CTX): TIdC_INT;
-  DH_meth_init_cb = function(dh: PDH): TIdC_INT;
-  DH_meth_finish_cb = function(dh: PDH): TIdC_INT;
-  DH_meth_generate_params_cb = function(dh: PDH; prime_len: TIdC_INT; generator: TIdC_INT; cb: PBN_GENCB): TIdC_INT;
+    ctx: PBN_CTX; m_ctx: PBN_MONT_CTX): TIdC_INT cdecl;
+  DH_meth_init_cb = function(dh: PDH): TIdC_INT cdecl;
+  DH_meth_finish_cb = function(dh: PDH): TIdC_INT cdecl;
+  DH_meth_generate_params_cb = function(dh: PDH; prime_len: TIdC_INT; generator: TIdC_INT; cb: PBN_GENCB): TIdC_INT cdecl;
 
 {
   # define DH_CHECK_P_NOT_STRONG_PRIME     DH_CHECK_P_NOT_SAFE_PRIME
@@ -170,7 +170,7 @@ interface
   function DH_new_by_nid(nid: TIdC_INT): PDH cdecl; external CLibCrypto;
   function DH_get_nid(const dh: PDH): TIdC_INT cdecl; external CLibCrypto;
 
-  function DH_KDF_X9_42( &out: PByte; outlen: TIdC_SIZET; const Z: PByte; Zlen: TIdC_SIZET; key_oid: PASN1_OBJECT; const ukm: PByte; ukmlen: TIdC_SIZET; const md: PEVP_MD): TIdC_INT cdecl; external CLibCrypto;
+  function DH_KDF_X9_42( out_: PByte; outlen: TIdC_SIZET; const Z: PByte; Zlen: TIdC_SIZET; key_oid: PASN1_OBJECT; const ukm: PByte; ukmlen: TIdC_SIZET; const md: PEVP_MD): TIdC_INT cdecl; external CLibCrypto;
 
   procedure DH_get0_pqg(const dh: PDH; const p: PPBIGNUM; const q: PPBIGNUM; const g: PPBIGNUM) cdecl; external CLibCrypto;
   function DH_set0_pqg(dh: PDH; p: PBIGNUM; q: PBIGNUM; g: PBIGNUM): TIdC_INT cdecl; external CLibCrypto;
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_dherr.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_dherr.pas
index 2c016683e..7d70619e9 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_dherr.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_dherr.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 11.05.2020 08:36:43
+// Generation date: 28.10.2020 15:24:33
 
 unit IdOpenSSLHeaders_dherr;
 
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_dsa.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_dsa.pas
index be8eff5c2..8ce1567e6 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_dsa.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_dsa.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 14:51:27
+// Generation date: 28.10.2020 15:24:33
 
 unit IdOpenSSLHeaders_dsa;
 
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_dsaerr.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_dsaerr.pas
index 8eba69e4a..1fd850f97 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_dsaerr.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_dsaerr.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 14:51:27
+// Generation date: 28.10.2020 15:24:33
 
 unit IdOpenSSLHeaders_dsaerr;
 
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ebcdic.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ebcdic.pas
index d5b5ce0e5..6ff66626d 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ebcdic.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ebcdic.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 14:51:27
+// Generation date: 28.10.2020 15:24:33
 
 unit IdOpenSSLHeaders_ebcdic;
 
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ec.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ec.pas
index 25f2424cf..b9278420b 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ec.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ec.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 14:51:27
+// Generation date: 28.10.2020 15:24:33
 
 unit IdOpenSSLHeaders_ec;
 
@@ -106,7 +106,7 @@   EC_builtin_curve = record
   PECDSA_SIG = ^ECDSA_SIG;
   PPECDSA_SIG = ^PECDSA_SIG;
 
-  ECDH_compute_key_KDF = function(const &in: Pointer; inlen: TIdC_SIZET; &out: Pointer; outlen: PIdC_SIZET): Pointer; cdecl;
+  ECDH_compute_key_KDF = function(const in_: Pointer; inlen: TIdC_SIZET; out_: Pointer; outlen: PIdC_SIZET): Pointer; cdecl;
 
   EC_KEY_METHOD_init_init = function(key: PEC_KEY): TIdC_INT; cdecl;
   EC_KEY_METHOD_init_finish = procedure(key: PEC_KEY); cdecl;
@@ -259,8 +259,8 @@   EC_builtin_curve = record
   function EC_GROUP_get_trinomial_basis(const group: PEC_GROUP; k: PIdC_UINT): TIdC_INT cdecl; external CLibCrypto;
   function EC_GROUP_get_pentanomial_basis(const group: PEC_GROUP; k1: PIdC_UINT; k2: PIdC_UINT; k3: PIdC_UINT): TIdC_INT cdecl; external CLibCrypto;
 
-  function d2i_ECPKParameters(group: PPEC_GROUP; const &in: PPByte; len: TIdC_LONG): PEC_GROUP cdecl; external CLibCrypto;
-  function i2d_ECPKParameters(const group: PEC_GROUP; &out: PPByte): TIdC_INT cdecl; external CLibCrypto;
+  function d2i_ECPKParameters(group: PPEC_GROUP; const in_: PPByte; len: TIdC_LONG): PEC_GROUP cdecl; external CLibCrypto;
+  function i2d_ECPKParameters(const group: PEC_GROUP; out_: PPByte): TIdC_INT cdecl; external CLibCrypto;
 
   function ECPKParameters_print(bp: PBIO; const x: PEC_GROUP; off: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
 
@@ -298,10 +298,10 @@   EC_builtin_curve = record
   function EC_KEY_priv2oct(const key: PEC_KEY; buf: PByte; len: TIdC_SIZET): TIdC_SIZET cdecl; external CLibCrypto;
   function EC_KEY_priv2buf(const eckey: PEC_KEY; buf: PPByte): TIdC_SIZET cdecl; external CLibCrypto;
 
-  function d2i_ECPrivateKey(key: PPEC_KEY; const &in: PPByte; len: TIdC_LONG): PEC_KEY cdecl; external CLibCrypto;
-  function i2d_ECPrivateKey(key: PEC_KEY; &out: PPByte): TIdC_INT cdecl; external CLibCrypto;
-  function o2i_ECPublicKey(key: PPEC_KEY; const &in: PPByte; len: TIdC_LONG): PEC_KEY cdecl; external CLibCrypto;
-  function i2o_ECPublicKey(const key: PEC_KEY; &out: PPByte): TIdC_INT cdecl; external CLibCrypto;
+  function d2i_ECPrivateKey(key: PPEC_KEY; const in_: PPByte; len: TIdC_LONG): PEC_KEY cdecl; external CLibCrypto;
+  function i2d_ECPrivateKey(key: PEC_KEY; out_: PPByte): TIdC_INT cdecl; external CLibCrypto;
+  function o2i_ECPublicKey(key: PPEC_KEY; const in_: PPByte; len: TIdC_LONG): PEC_KEY cdecl; external CLibCrypto;
+  function i2o_ECPublicKey(const key: PEC_KEY; out_: PPByte): TIdC_INT cdecl; external CLibCrypto;
 
   function ECParameters_print(bp: PBIO; const key: PEC_KEY): TIdC_INT cdecl; external CLibCrypto;
   function EC_KEY_print(bp: PBIO; const key: PEC_KEY; off: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ecerr.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ecerr.pas
index 0ceba4530..8fb9f45a9 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ecerr.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ecerr.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 14:51:27
+// Generation date: 28.10.2020 15:24:33
 
 unit IdOpenSSLHeaders_ecerr;
 
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_engine.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_engine.pas
index 6c5273b9f..3c635a774 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_engine.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_engine.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 14:51:27
+// Generation date: 28.10.2020 15:24:33
 
 unit IdOpenSSLHeaders_engine;
 
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_engineerr.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_engineerr.pas
index f29edc147..47e1c73bc 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_engineerr.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_engineerr.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 14:51:27
+// Generation date: 28.10.2020 15:24:33
 
 unit IdOpenSSLHeaders_engineerr;
 
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_err.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_err.pas
index f2c21cb03..84073b78d 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_err.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_err.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 14:51:27
+// Generation date: 28.10.2020 15:24:33
 
 unit IdOpenSSLHeaders_err;
 
@@ -181,7 +181,7 @@   err_state_st = record
 
   ERR_string_data_st = record
     error: TIdC_ULONG;
-    &string: PIdAnsiChar;
+    string_: PIdAnsiChar;
   end;
   ERR_STRING_DATA = ERR_string_data_st;
   PERR_STRING_DATA = ^ERR_STRING_DATA;
@@ -190,7 +190,7 @@   ERR_string_data_st = record
 
 // DEFINE_LHASH_OF(ERR_STRING_DATA);
 
-  procedure ERR_put_error(lib: TIdC_INT; func: TIdC_INT; reason: TIdC_INT; &file: PIdAnsiChar; line: TIdC_INT) cdecl; external CLibCrypto;
+  procedure ERR_put_error(lib: TIdC_INT; func: TIdC_INT; reason: TIdC_INT; file_: PIdAnsiChar; line: TIdC_INT) cdecl; external CLibCrypto;
   procedure ERR_set_error_data(data: PIdAnsiChar; flags: TIdC_INT) cdecl; external CLibCrypto;
   
   function ERR_get_error: TIdC_ULONG cdecl; external CLibCrypto;
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_evp.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_evp.pas
index 85e55e05e..4a9c160b7 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_evp.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_evp.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 14:51:27
+// Generation date: 28.10.2020 15:24:33
 
 unit IdOpenSSLHeaders_evp;
 
@@ -411,18 +411,18 @@ interface
 
   EVP_CIPHER_meth_init = function(ctx: PEVP_CIPHER_CTX; const key: PByte;
     const iv: PByte; enc: TIdC_SIZET): TIdC_INT; cdecl;
-  EVP_CIPHER_meth_do_cipher = function(ctx: PEVP_CIPHER_CTX; &out: PByte;
-    const &in: PByte; inl: TIdC_SIZET): TIdC_INT; cdecl;
+  EVP_CIPHER_meth_do_cipher = function(ctx: PEVP_CIPHER_CTX; out_: PByte;
+    const in_: PByte; inl: TIdC_SIZET): TIdC_INT; cdecl;
   EVP_CIPHER_meth_cleanup = function(v1: PEVP_CIPHER_CTX): TIdC_INT; cdecl;
   EVP_CIPHER_meth_set_asn1_params = function(v1: PEVP_CIPHER_CTX;
     v2: PASN1_TYPE): TIdC_INT; cdecl;
   EVP_CIPHER_meth_get_asn1_params = function(v1: PEVP_CIPHER_CTX;
     v2: PASN1_TYPE): TIdC_INT; cdecl;
-  EVP_CIPHER_meth_ctrl = function(v1: PEVP_CIPHER_CTX; &type: TIdC_INT;
+  EVP_CIPHER_meth_ctrl = function(v1: PEVP_CIPHER_CTX; type_: TIdC_INT;
     arg: TIdC_INT; ptr: Pointer): TIdC_INT; cdecl;
 
   EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM = record
-    &out: PByte;
+    out_: PByte;
     inp: PByte;
     len: TIdC_SIZET;
     interleave: TidC_UINT;
@@ -436,20 +436,17 @@   evp_cipher_info_st = record
 
   EVP_MD_CTX_update = function(ctx: PEVP_MD_CTX; const data: Pointer; count: TIdC_SIZET): TIdC_INT; cdecl;
 
-  fn = procedure(const ciph: PEVP_CIPHER; const from: PIdAnsiChar; const &to: PIdAnsiChar; x: Pointer); cdecl;
+  fn = procedure(const ciph: PEVP_CIPHER; const from: PIdAnsiChar; const to_: PIdAnsiChar; x: Pointer); cdecl;
 
   rsa_st = type Pointer;
   Prsa_st = ^rsa_st;
 
   dsa_st = type Pointer;
-
   Pdsa_st = ^dsa_st;
 
   dh_st = type Pointer;
-
   Pdh_st = ^dh_st;
   ec_key_st = type Pointer;
-
   Pec_key_st = ^ec_key_st;
 
   pub_decode = function(pk: PEVP_PKEY; pub: PX509_PUBKEY): TIdC_INT; cdecl;
@@ -530,19 +527,19 @@   evp_cipher_info_st = record
   PEVP_PKEY_meth_verifyctx = ^EVP_PKEY_meth_verifyctx;
   EVP_PKEY_meth_encrypt_init = function(ctx: PEVP_PKEY_CTX): TIdC_INT; cdecl;
   PEVP_PKEY_meth_encrypt_init = ^EVP_PKEY_meth_encrypt_init;
-  EVP_PKEY_meth_encrypt = function(ctx: PEVP_PKEY_CTX; &out: PByte;
-    outlen: TIdC_SIZET; const &in: PByte): TIdC_INT; cdecl;
+  EVP_PKEY_meth_encrypt = function(ctx: PEVP_PKEY_CTX; out_: PByte;
+    outlen: TIdC_SIZET; const in_: PByte): TIdC_INT; cdecl;
   PEVP_PKEY_meth_encrypt = ^ EVP_PKEY_meth_encrypt;
   EVP_PKEY_meth_decrypt_init = function(ctx: PEVP_PKEY_CTX): TIdC_INT; cdecl;
   PEVP_PKEY_meth_decrypt_init = ^EVP_PKEY_meth_decrypt_init;
-  EVP_PKEY_meth_decrypt = function(ctx: PEVP_PKEY_CTX; &out: PByte;
-    outlen: TIdC_SIZET; const &in: PByte; inlen: TIdC_SIZET): TIdC_INT; cdecl;
+  EVP_PKEY_meth_decrypt = function(ctx: PEVP_PKEY_CTX; out_: PByte;
+    outlen: TIdC_SIZET; const in_: PByte; inlen: TIdC_SIZET): TIdC_INT; cdecl;
   PEVP_PKEY_meth_decrypt = ^EVP_PKEY_meth_decrypt;
   EVP_PKEY_meth_derive_init = function(ctx: PEVP_PKEY_CTX): TIdC_INT; cdecl;
   PEVP_PKEY_meth_derive_init = ^EVP_PKEY_meth_derive_init;
   EVP_PKEY_meth_derive = function(ctx: PEVP_PKEY_CTX; key: PByte; keylen: PIdC_SIZET): TIdC_INT; cdecl;
   PEVP_PKEY_meth_derive = ^EVP_PKEY_meth_derive;
-  EVP_PKEY_meth_ctrl = function(ctx: PEVP_PKEY_CTX; &type: TIdC_INT; p1: TIdC_INT; p2: Pointer): TIdC_INT; cdecl;
+  EVP_PKEY_meth_ctrl = function(ctx: PEVP_PKEY_CTX; type_: TIdC_INT; p1: TIdC_INT; p2: Pointer): TIdC_INT; cdecl;
   PEVP_PKEY_meth_ctrl = ^EVP_PKEY_meth_ctrl;
   EVP_PKEY_meth_ctrl_str = function(ctx: PEVP_PKEY_CTX; key: PByte; keylen: PIdC_SIZET): TIdC_INT; cdecl;
   PEVP_PKEY_meth_ctrl_str = ^EVP_PKEY_meth_ctrl_str;
@@ -568,14 +565,12 @@   evp_cipher_info_st = record
   PEVP_PBE_KEYGEN = ^EVP_PBE_KEYGEN;
   PPEVP_PBE_KEYGEN = ^PEVP_PBE_KEYGEN;
 
-{$REGION 'C compiler macros'}
 function EVP_PKEY_assign_RSA(pkey: PEVP_PKEY; rsa: Pointer): TIdC_INT;
 function EVP_PKEY_assign_DSA(pkey: PEVP_PKEY; dsa: Pointer): TIdC_INT;
 function EVP_PKEY_assign_DH(pkey: PEVP_PKEY; dh: Pointer): TIdC_INT;
 function EVP_PKEY_assign_EC_KEY(pkey: PEVP_PKEY; eckey: Pointer): TIdC_INT;
 function EVP_PKEY_assign_SIPHASH(pkey: PEVP_PKEY; shkey: Pointer): TIdC_INT;
 function EVP_PKEY_assign_POLY1305(pkey: PEVP_PKEY; polykey: Pointer): TIdC_INT;
-{$ENDREGION}
 
   function EVP_MD_meth_new(md_type: TIdC_INT; pkey_type: TIdC_INT): PEVP_MD cdecl; external CLibCrypto;
   function EVP_MD_meth_dup(const md: PEVP_MD): PEVP_MD cdecl; external CLibCrypto;
@@ -587,7 +582,7 @@ function EVP_PKEY_assign_POLY1305(pkey: PEVP_PKEY; polykey: Pointer): TIdC_INT;
   function EVP_MD_meth_set_flags(md: PEVP_MD; flags: TIdC_ULONG): TIdC_INT cdecl; external CLibCrypto;
   function EVP_MD_meth_set_init(md: PEVP_MD; init: EVP_MD_meth_init): TIdC_INT cdecl; external CLibCrypto;
   function EVP_MD_meth_set_update(md: PEVP_MD; update: EVP_MD_meth_update): TIdC_INT cdecl; external CLibCrypto;
-  function EVP_MD_meth_set_final(md: PEVP_MD; &final: EVP_MD_meth_final): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_MD_meth_set_final(md: PEVP_MD; final_: EVP_MD_meth_final): TIdC_INT cdecl; external CLibCrypto;
   function EVP_MD_meth_set_copy(md: PEVP_MD; copy: EVP_MD_meth_copy): TIdC_INT cdecl; external CLibCrypto;
   function EVP_MD_meth_set_cleanup(md: PEVP_MD; cleanup: EVP_MD_meth_cleanup): TIdC_INT cdecl; external CLibCrypto;
   function EVP_MD_meth_set_ctrl(md: PEVP_MD; ctrl: EVP_MD_meth_ctrl): TIdC_INT cdecl; external CLibCrypto;
@@ -668,7 +663,7 @@ function EVP_PKEY_assign_POLY1305(pkey: PEVP_PKEY; polykey: Pointer): TIdC_INT;
   function EVP_CIPHER_CTX_buf_noconst(ctx: PEVP_CIPHER_CTX): PByte cdecl; external CLibCrypto;
   function EVP_CIPHER_CTX_num(const ctx: PEVP_CIPHER_CTX): TIdC_INT cdecl; external CLibCrypto;
   procedure EVP_CIPHER_CTX_set_num(ctx: PEVP_CIPHER_CTX; num: TIdC_INT) cdecl; external CLibCrypto;
-  function EVP_CIPHER_CTX_copy(&out: PEVP_CIPHER_CTX; const &in: PEVP_CIPHER_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_CIPHER_CTX_copy(&out: PEVP_CIPHER_CTX; const in_: PEVP_CIPHER_CTX): TIdC_INT cdecl; external CLibCrypto;
   function EVP_CIPHER_CTX_get_app_data(const ctx: PEVP_CIPHER_CTX): Pointer cdecl; external CLibCrypto;
   procedure EVP_CIPHER_CTX_set_app_data(ctx: PEVP_CIPHER_CTX; data: Pointer) cdecl; external CLibCrypto;
   function EVP_CIPHER_CTX_get_cipher_data(const ctx: PEVP_CIPHER_CTX): Pointer cdecl; external CLibCrypto;
@@ -701,7 +696,7 @@ function EVP_PKEY_assign_POLY1305(pkey: PEVP_PKEY; polykey: Pointer): TIdC_INT;
   //# define BIO_get_cipher_status(b)   BIO_ctrl(b;BIO_C_GET_CIPHER_STATUS;0;NULL)
   //# define BIO_get_cipher_ctx(b;c_pp) BIO_ctrl(b;BIO_C_GET_CIPHER_CTX;0; (PIdAnsiChar)(c_pp))
 
-  //function EVP_Cipher(c: PEVP_CIPHER_CTX; &out: PByte; const &in: PByte; in1: TIdC_UINT): TIdC_INT;
+  //function EVP_Cipher(c: PEVP_CIPHER_CTX; out_: PByte; const in_: PByte; in1: TIdC_UINT): TIdC_INT;
 
   //# define EVP_add_cipher_alias(n;alias) OBJ_NAME_add((alias);OBJ_NAME_TYPE_CIPHER_METH|OBJ_NAME_ALIAS;(n))
   //# define EVP_add_digest_alias(n;alias) OBJ_NAME_add((alias);OBJ_NAME_TYPE_MD_METH|OBJ_NAME_ALIAS;(n))
@@ -715,17 +710,17 @@ function EVP_PKEY_assign_POLY1305(pkey: PEVP_PKEY; polykey: Pointer): TIdC_INT;
   //# define EVP_MD_CTX_create()     EVP_MD_CTX_new()
   //# define EVP_MD_CTX_init(ctx)    EVP_MD_CTX_reset((ctx))
   //# define EVP_MD_CTX_destroy(ctx) EVP_MD_CTX_free((ctx))
-  function EVP_MD_CTX_copy_ex(&out: PEVP_MD_CTX; const &in: PEVP_MD_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_MD_CTX_copy_ex(&out: PEVP_MD_CTX; const in_: PEVP_MD_CTX): TIdC_INT cdecl; external CLibCrypto;
   procedure EVP_MD_CTX_set_flags(ctx: PEVP_MD_CTX; flags: TIdC_INT) cdecl; external CLibCrypto;
   procedure EVP_MD_CTX_clear_flags(ctx: PEVP_MD_CTX; flags: TIdC_INT) cdecl; external CLibCrypto;
   function EVP_MD_CTX_test_flags(const ctx: PEVP_MD_CTX; flags: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
-  function EVP_DigestInit_ex(ctx: PEVP_MD_CTX; const &type: PEVP_MD; impl: PENGINE): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_DigestInit_ex(ctx: PEVP_MD_CTX; const type_: PEVP_MD; impl: PENGINE): TIdC_INT cdecl; external CLibCrypto;
   function EVP_DigestUpdate(ctx: PEVP_MD_CTX; const d: Pointer; cnt: TIdC_SIZET): TIdC_INT cdecl; external CLibCrypto;
   function EVP_DigestFinal_ex(ctx: PEVP_MD_CTX; md: PByte; s: PIdC_UINT): TIdC_INT cdecl; external CLibCrypto;
-  function EVP_Digest(const data: Pointer; count: TIdC_SIZET; md: PByte; size: PIdC_UINT; const &type: PEVP_MD; impl: PENGINE): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_Digest(const data: Pointer; count: TIdC_SIZET; md: PByte; size: PIdC_UINT; const type_: PEVP_MD; impl: PENGINE): TIdC_INT cdecl; external CLibCrypto;
 
-  function EVP_MD_CTX_copy(&out: PEVP_MD_CTX; const &in: PEVP_MD_CTX): TIdC_INT cdecl; external CLibCrypto;
-  function EVP_DigestInit(ctx: PEVP_MD_CTX; const &type: PEVP_MD): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_MD_CTX_copy(&out: PEVP_MD_CTX; const in_: PEVP_MD_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_DigestInit(ctx: PEVP_MD_CTX; const type_: PEVP_MD): TIdC_INT cdecl; external CLibCrypto;
   function EVP_DigestFinal(ctx: PEVP_MD_CTX; md: PByte; s: PIdC_UINT): TIdC_INT cdecl; external CLibCrypto;
   function EVP_DigestFinalXOF(ctx: PEVP_MD_CTX; md: PByte; len: TIdC_SIZET): TIdC_INT cdecl; external CLibCrypto;
 
@@ -733,7 +728,7 @@ function EVP_PKEY_assign_POLY1305(pkey: PEVP_PKEY; polykey: Pointer): TIdC_INT;
   function EVP_read_pw_string_min(buf: PIdAnsiChar; minlen: TIdC_INT; maxlen: TIdC_INT; const prompt: PIdAnsiChar; verify: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
   procedure EVP_set_pw_prompt(const prompt: PIdAnsiChar) cdecl; external CLibCrypto;
   function EVP_get_pw_prompt: PIdAnsiChar cdecl; external CLibCrypto;
-  function EVP_BytesToKey(const &type: PEVP_CIPHER; const md: PEVP_MD; const salt: PByte; const data: PByte; data1: TIdC_INT; count: TIdC_INT; key: PByte; iv: PByte): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_BytesToKey(const type_: PEVP_CIPHER; const md: PEVP_MD; const salt: PByte; const data: PByte; data1: TIdC_INT; count: TIdC_INT; key: PByte; iv: PByte): TIdC_INT cdecl; external CLibCrypto;
 
   procedure EVP_CIPHER_CTX_set_flags(ctx: PEVP_CIPHER_CTX; flags: TIdC_INT) cdecl; external CLibCrypto;
   procedure EVP_CIPHER_CTX_clear_flags(ctx: PEVP_CIPHER_CTX; flags: TIdC_INT) cdecl; external CLibCrypto;
@@ -741,19 +736,19 @@ function EVP_PKEY_assign_POLY1305(pkey: PEVP_PKEY; polykey: Pointer): TIdC_INT;
 
   function EVP_EncryptInit(ctx: PEVP_CIPHER_CTX; const cipher: PEVP_CIPHER; const key: PByte; const iv: PByte): TIdC_INT cdecl; external CLibCrypto;
   function EVP_EncryptInit_ex(ctx: PEVP_CIPHER_CTX; const cipher: PEVP_CIPHER; impl: PENGINE; const key: PByte; const iv: PByte): TIdC_INT cdecl; external CLibCrypto;
-  function EVP_EncryptUpdate(ctx: PEVP_CIPHER_CTX; &out: PByte; out1: PIdC_INT; const &in: PByte; &in1: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
-  function EVP_EncryptFinal_ex(ctx: PEVP_CIPHER_CTX; &out: PByte; out1: PIdC_INT): TIdC_INT cdecl; external CLibCrypto;
-  function EVP_EncryptFinal(ctx: PEVP_CIPHER_CTX; &out: PByte; out1: PIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_EncryptUpdate(ctx: PEVP_CIPHER_CTX; out_: PByte; out1: PIdC_INT; const in_: PByte; &in1: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_EncryptFinal_ex(ctx: PEVP_CIPHER_CTX; out_: PByte; out1: PIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_EncryptFinal(ctx: PEVP_CIPHER_CTX; out_: PByte; out1: PIdC_INT): TIdC_INT cdecl; external CLibCrypto;
 
-  function EVP_DecryptInit(ctx: PEVP_CIPHER_CTX; &out: PByte; out1: PidC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_DecryptInit(ctx: PEVP_CIPHER_CTX; out_: PByte; out1: PidC_INT): TIdC_INT cdecl; external CLibCrypto;
   function EVP_DecryptInit_ex(ctx: PEVP_CIPHER_CTX; const cipher: PEVP_CIPHER; impl: PENGINE; const key: PByte; const iv: PByte): TIdC_INT cdecl; external CLibCrypto;
-  function EVP_DecryptUpdate(ctx: PEVP_CIPHER_CTX; &out: PByte; out1: PIdC_INT; const &in: PByte; &in1: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_DecryptUpdate(ctx: PEVP_CIPHER_CTX; out_: PByte; out1: PIdC_INT; const in_: PByte; &in1: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
   function EVP_DecryptFinal(ctx: PEVP_CIPHER_CTX; outm: PByte; out1: PIdC_INT): TIdC_INT cdecl; external CLibCrypto;
   function EVP_DecryptFinal_ex(ctx: PEVP_MD_CTX; outm: PByte; out1: PIdC_INT): TIdC_INT cdecl; external CLibCrypto;
 
   function EVP_CipherInit(ctx: PEVP_CIPHER_CTX; const cipher: PEVP_CIPHER; const key: PByte; const iv: PByte; enc: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
   function EVP_CipherInit_ex(ctx: PEVP_CIPHER_CTX; const cipher: PEVP_CIPHER; impl: PENGINE; const key: PByte; const iv: PByte; enc: TidC_INT): TIdC_INT cdecl; external CLibCrypto;
-  function EVP_CipherUpdate(ctx: PEVP_CIPHER_CTX; &out: PByte; out1: PIdC_INT; const &in: PByte; in1: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_CipherUpdate(ctx: PEVP_CIPHER_CTX; out_: PByte; out1: PIdC_INT; const in_: PByte; in1: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
   function EVP_CipherFinal(ctx: PEVP_CIPHER_CTX; outm: PByte; out1: PIdC_INT): TIdC_INT cdecl; external CLibCrypto;
   function EVP_CipherFinal_ex(ctx: PEVP_CIPHER_CTX; outm: PByte; out1: PIdC_INT): TIdC_INT cdecl; external CLibCrypto;
 
@@ -765,30 +760,30 @@ function EVP_PKEY_assign_POLY1305(pkey: PEVP_PKEY; polykey: Pointer): TIdC_INT;
 
   function EVP_DigestVerify(ctx: PEVP_CIPHER_CTX; const sigret: PByte; siglen: TIdC_SIZET; const tbs: PByte; tbslen: TIdC_SIZET): TIdC_INT cdecl; external CLibCrypto;
 
-  function EVP_DigestSignInit(ctx: PEVP_CIPHER_CTX; pctx: PPEVP_PKEY_CTX; const &type: PEVP_MD; e: PENGINE; pkey: PEVP_PKEY): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_DigestSignInit(ctx: PEVP_CIPHER_CTX; pctx: PPEVP_PKEY_CTX; const type_: PEVP_MD; e: PENGINE; pkey: PEVP_PKEY): TIdC_INT cdecl; external CLibCrypto;
   function EVP_DigestSignFinal(ctx: PEVP_CIPHER_CTX; sigret: PByte; siglen: PIdC_SIZET): TIdC_INT cdecl; external CLibCrypto;
 
-  function EVP_DigestVerifyInit(ctx: PEVP_MD_CTX; ppctx: PPEVP_PKEY_CTX; const &type: PEVP_MD; e: PENGINE; pkey: PEVP_PKEY): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_DigestVerifyInit(ctx: PEVP_MD_CTX; ppctx: PPEVP_PKEY_CTX; const type_: PEVP_MD; e: PENGINE; pkey: PEVP_PKEY): TIdC_INT cdecl; external CLibCrypto;
   function EVP_DigestVerifyFinal(ctx: PEVP_MD_CTX; const sig: PByte; siglen: TIdC_SIZET): TIdC_INT cdecl; external CLibCrypto;
 
-  function EVP_OpenInit(ctx: PEVP_CIPHER_CTX; const &type: PEVP_CIPHER; const ek: PByte; ek1: TIdC_INT; const iv: PByte; priv: PEVP_PKEY): TIdC_INT cdecl; external CLibCrypto;
-  function EVP_OpenFinal(ctx: PEVP_CIPHER_CTX; &out: PByte; out1: PIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_OpenInit(ctx: PEVP_CIPHER_CTX; const type_: PEVP_CIPHER; const ek: PByte; ek1: TIdC_INT; const iv: PByte; priv: PEVP_PKEY): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_OpenFinal(ctx: PEVP_CIPHER_CTX; out_: PByte; out1: PIdC_INT): TIdC_INT cdecl; external CLibCrypto;
 
-  function EVP_SealInit(ctx: PEVP_CIPHER_CTX; const &type: EVP_CIPHER; ek: PPByte; ek1: PIdC_INT; iv: PByte; pubk: PPEVP_PKEY; npubk: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
-  function EVP_SealFinal(ctx: PEVP_CIPHER_CTX; &out: PByte; out1: PIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_SealInit(ctx: PEVP_CIPHER_CTX; const type_: EVP_CIPHER; ek: PPByte; ek1: PIdC_INT; iv: PByte; pubk: PPEVP_PKEY; npubk: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_SealFinal(ctx: PEVP_CIPHER_CTX; out_: PByte; out1: PIdC_INT): TIdC_INT cdecl; external CLibCrypto;
 
   function EVP_ENCODE_CTX_new: PEVP_ENCODE_CTX cdecl; external CLibCrypto;
   procedure EVP_ENCODE_CTX_free(ctx: PEVP_ENCODE_CTX) cdecl; external CLibCrypto;
   function EVP_ENCODE_CTX_copy(dctx: PEVP_ENCODE_CTX; sctx: PEVP_ENCODE_CTX): TIdC_INT cdecl; external CLibCrypto;
   function EVP_ENCODE_CTX_num(ctx: PEVP_ENCODE_CTX): TIdC_INT cdecl; external CLibCrypto;
   procedure EVP_EncodeInit(ctx: PEVP_ENCODE_CTX) cdecl; external CLibCrypto;
-  function EVP_EncodeUpdate(ctx: PEVP_ENCODE_CTX; &out: PByte; out1: PIdC_INT; const &in: PByte; in1: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
-  procedure EVP_EncodeFinal(ctx: PEVP_ENCODE_CTX; &out: PByte; out1: PIdC_INT) cdecl; external CLibCrypto;
+  function EVP_EncodeUpdate(ctx: PEVP_ENCODE_CTX; out_: PByte; out1: PIdC_INT; const in_: PByte; in1: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  procedure EVP_EncodeFinal(ctx: PEVP_ENCODE_CTX; out_: PByte; out1: PIdC_INT) cdecl; external CLibCrypto;
   function EVP_EncodeBlock(t: PByte; const f: PByte; n: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
 
   procedure EVP_DecodeInit(ctx: PEVP_ENCODE_CTX) cdecl; external CLibCrypto;
-  function EVP_DecodeUpdate(ctx: PEVP_ENCODE_CTX; &out: PByte; out1: PIdC_INT; const &in: PByte; in1: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
-  function EVP_DecodeFinal(ctx: PEVP_ENCODE_CTX; &out: PByte; out1: PIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_DecodeUpdate(ctx: PEVP_ENCODE_CTX; out_: PByte; out1: PIdC_INT; const in_: PByte; in1: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_DecodeFinal(ctx: PEVP_ENCODE_CTX; out_: PByte; out1: PIdC_INT): TIdC_INT cdecl; external CLibCrypto;
   function EVP_DecodeBlock(t: PByte; const f: PByte; n: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
 
   function EVP_CIPHER_CTX_new: PEVP_CIPHER_CTX cdecl; external CLibCrypto;
@@ -796,7 +791,7 @@ function EVP_PKEY_assign_POLY1305(pkey: PEVP_PKEY; polykey: Pointer): TIdC_INT;
   procedure EVP_CIPHER_CTX_free(c: PEVP_CIPHER_CTX) cdecl; external CLibCrypto;
   function EVP_CIPHER_CTX_set_key_length(x: PEVP_CIPHER_CTX; keylen: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
   function EVP_CIPHER_CTX_set_padding(c: PEVP_CIPHER_CTX; pad: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
-  function EVP_CIPHER_CTX_ctrl(ctx: PEVP_CIPHER_CTX; &type: TIdC_INT; arg: TIdC_INT; ptr: Pointer): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_CIPHER_CTX_ctrl(ctx: PEVP_CIPHER_CTX; type_: TIdC_INT; arg: TIdC_INT; ptr: Pointer): TIdC_INT cdecl; external CLibCrypto;
   function EVP_CIPHER_CTX_rand_key(ctx: PEVP_CIPHER_CTX; key: PByte): TIdC_INT cdecl; external CLibCrypto;
 
   function BIO_f_md: PBIO_METHOD cdecl; external CLibCrypto;
@@ -1023,12 +1018,12 @@ function EVP_PKEY_assign_POLY1305(pkey: PEVP_PKEY; polykey: Pointer): TIdC_INT;
   function EVP_PKEY_size(const pkey: PEVP_PKEY): TIdC_INT cdecl; external CLibCrypto;
   function EVP_PKEY_set_type(pkey: PEVP_PKEY): TIdC_INT cdecl; external CLibCrypto;
   function EVP_PKEY_set_type_str(pkey: PEVP_PKEY; const str: PIdAnsiChar; len: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
-  function EVP_PKEY_set_alias_type(pkey: PEVP_PKEY; &type: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_PKEY_set_alias_type(pkey: PEVP_PKEY; type_: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
 
   function EVP_PKEY_set1_engine(pkey: PEVP_PKEY; e: PENGINE): TIdC_INT cdecl; external CLibCrypto;
   function EVP_PKEY_get0_engine(const pkey: PEVP_PKEY): PENGINE cdecl; external CLibCrypto;
 
-  function EVP_PKEY_assign(pkey: PEVP_PKEY; &type: TIdC_INT; key: Pointer): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_PKEY_assign(pkey: PEVP_PKEY; type_: TIdC_INT; key: Pointer): TIdC_INT cdecl; external CLibCrypto;
   function EVP_PKEY_get0(const pkey: PEVP_PKEY): Pointer cdecl; external CLibCrypto;
   function EVP_PKEY_get0_hmac(const pkey: PEVP_PKEY; len: PIdC_SIZET): PByte cdecl; external CLibCrypto;
   function EVP_PKEY_get0_poly1305(const pkey: PEVP_PKEY; len: PIdC_SIZET): PByte cdecl; external CLibCrypto;
@@ -1080,17 +1075,17 @@ function EVP_PKEY_assign_POLY1305(pkey: PEVP_PKEY; polykey: Pointer): TIdC_INT;
   function EVP_CIPHER_type(const ctx: PEVP_CIPHER): TIdC_INT cdecl; external CLibCrypto;
 
   (* calls methods *)
-  function EVP_CIPHER_param_to_asn1(c: PEVP_CIPHER_CTX; &type: PASN1_TYPE): TIdC_INT cdecl; external CLibCrypto;
-  function EVP_CIPHER_asn1_to_param(c: PEVP_CIPHER_CTX; &type: PASN1_TYPE): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_CIPHER_param_to_asn1(c: PEVP_CIPHER_CTX; type_: PASN1_TYPE): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_CIPHER_asn1_to_param(c: PEVP_CIPHER_CTX; type_: PASN1_TYPE): TIdC_INT cdecl; external CLibCrypto;
 
   (* These are used by EVP_CIPHER methods *)
-  function EVP_CIPHER_set_asn1_iv(c: PEVP_CIPHER_CTX; &type: PASN1_TYPE): TIdC_INT cdecl; external CLibCrypto;
-  function EVP_CIPHER_get_asn1_iv(c: PEVP_CIPHER_CTX; &type: PASN1_TYPE): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_CIPHER_set_asn1_iv(c: PEVP_CIPHER_CTX; type_: PASN1_TYPE): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_CIPHER_get_asn1_iv(c: PEVP_CIPHER_CTX; type_: PASN1_TYPE): TIdC_INT cdecl; external CLibCrypto;
 
   (* PKCS5 password based encryption *)
   function PKCS5_PBE_keyivgen(ctx: PEVP_CIPHER_CTX; const pass: PIdAnsiChar; passlen: TIdC_INT; param: PASN1_TYPE; const cipher: PEVP_CIPHER; const md: PEVP_MD; en_de: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
-  function PKCS5_PBKDF2_HMAC_SHA1(const pass: PIdAnsiChar; passlen: TIdC_INT; const salt: PByte; saltlen: TIdC_INT; iter: TIdC_INT; keylen: TIdC_INT; &out: PByte): TIdC_INT cdecl; external CLibCrypto;
-  function PKCS5_PBKDF2_HMAC(const pass: PIdAnsiChar; passlen: TIdC_INT; const salt: PByte; saltlen: TIdC_INT; iter: TIdC_INT; const digest: PEVP_MD; keylen: TIdC_INT; &out: PByte): TIdC_INT cdecl; external CLibCrypto;
+  function PKCS5_PBKDF2_HMAC_SHA1(const pass: PIdAnsiChar; passlen: TIdC_INT; const salt: PByte; saltlen: TIdC_INT; iter: TIdC_INT; keylen: TIdC_INT; out_: PByte): TIdC_INT cdecl; external CLibCrypto;
+  function PKCS5_PBKDF2_HMAC(const pass: PIdAnsiChar; passlen: TIdC_INT; const salt: PByte; saltlen: TIdC_INT; iter: TIdC_INT; const digest: PEVP_MD; keylen: TIdC_INT; out_: PByte): TIdC_INT cdecl; external CLibCrypto;
   function PKCS5_v2_PBE_keyivgen(ctx: PEVP_CIPHER_CTX; const pass: PIdAnsiChar; passlen: TIdC_INT; param: PASN1_TYPE; const cipher: PEVP_CIPHER; const md: PEVP_MD; en_de: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
 
   function EVP_PBE_scrypt(const pass: PIdAnsiChar; passlen: TIdC_SIZET; const salt: PByte; saltlen: TIdC_SIZET; N: TIdC_UINT64; r: TIdC_UINT64; p: TIdC_UINT64; maxmem: TIdC_UINT64; key: PByte; keylen: TIdC_SIZET): TIdC_INT cdecl; external CLibCrypto;
@@ -1110,7 +1105,7 @@ function EVP_PKEY_assign_POLY1305(pkey: PEVP_PKEY; polykey: Pointer): TIdC_INT;
 
   function EVP_PKEY_asn1_get_count: TIdC_INT cdecl; external CLibCrypto;
   function EVP_PKEY_asn1_get0(idx: TIdC_INT): PEVP_PKEY_ASN1_METHOD cdecl; external CLibCrypto;
-  function EVP_PKEY_asn1_find(pe: PPENGINE; &type: TIdC_INT): PEVP_PKEY_ASN1_METHOD cdecl; external CLibCrypto;
+  function EVP_PKEY_asn1_find(pe: PPENGINE; type_: TIdC_INT): PEVP_PKEY_ASN1_METHOD cdecl; external CLibCrypto;
   function EVP_PKEY_asn1_find_str(pe: PPENGINE; const str: PIdAnsiChar; len: TIdC_INT): PEVP_PKEY_ASN1_METHOD cdecl; external CLibCrypto;
   function EVP_PKEY_asn1_add0(const ameth: PEVP_PKEY_ASN1_METHOD): TIdC_INT cdecl; external CLibCrypto;
   function EVP_PKEY_asn1_add_alias(&to: TIdC_INT; from: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
@@ -1160,7 +1155,7 @@ function EVP_PKEY_assign_POLY1305(pkey: PEVP_PKEY; polykey: Pointer): TIdC_INT;
   procedure EVP_PKEY_CTX_free(ctx: PEVP_PKEY_CTX) cdecl; external CLibCrypto;
 
   function EVP_PKEY_CTX_ctrl(ctx: PEVP_PKEY_CTX; keytype: TIdC_INT; optype: TIdC_INT; cmd: TIdC_INT; p1: TIdC_INT; p2: Pointer): TIdC_INT cdecl; external CLibCrypto;
-  function EVP_PKEY_CTX_ctrl_str(ctx: PEVP_PKEY_CTX; const &type: PIdAnsiChar; const value: PIdAnsiChar): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_PKEY_CTX_ctrl_str(ctx: PEVP_PKEY_CTX; const type_: PIdAnsiChar; const value: PIdAnsiChar): TIdC_INT cdecl; external CLibCrypto;
   function EVP_PKEY_CTX_ctrl_uint64(ctx: PEVP_PKEY_CTX; keytype: TIdC_INT; optype: TIdC_INT; cmd: TIdC_INT; value: TIdC_UINT64): TIdC_INT cdecl; external CLibCrypto;
 
   function EVP_PKEY_CTX_str2ctrl(ctx: PEVP_PKEY_CTX; cmd: TIdC_INT; const str: PIdAnsiChar): TIdC_INT cdecl; external CLibCrypto;
@@ -1195,9 +1190,9 @@ function EVP_PKEY_assign_POLY1305(pkey: PEVP_PKEY; polykey: Pointer): TIdC_INT;
   function EVP_PKEY_verify_recover_init(ctx: PEVP_PKEY_CTX): TIdC_INT cdecl; external CLibCrypto;
   function EVP_PKEY_verify_recover(ctx: PEVP_PKEY_CTX; rout: PByte; routlen: PIdC_SIZET; const sig: PByte; siglen: TIdC_SIZET): TIdC_INT cdecl; external CLibCrypto;
   function EVP_PKEY_encrypt_init(ctx: PEVP_PKEY_CTX): TIdC_INT cdecl; external CLibCrypto;
-  function EVP_PKEY_encrypt(ctx: PEVP_PKEY_CTX; &out: PByte; outlen: PIdC_SIZET; const &in: PByte; inlen: TIdC_SIZET): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_PKEY_encrypt(ctx: PEVP_PKEY_CTX; out_: PByte; outlen: PIdC_SIZET; const in_: PByte; inlen: TIdC_SIZET): TIdC_INT cdecl; external CLibCrypto;
   function EVP_PKEY_decrypt_init(ctx: PEVP_PKEY_CTX): TIdC_INT cdecl; external CLibCrypto;
-  function EVP_PKEY_decrypt(ctx: PEVP_PKEY_CTX; &out: PByte; outlen: PIdC_SIZET; const &in: PByte; inlen: TIdC_SIZET): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_PKEY_decrypt(ctx: PEVP_PKEY_CTX; out_: PByte; outlen: PIdC_SIZET; const in_: PByte; inlen: TIdC_SIZET): TIdC_INT cdecl; external CLibCrypto;
 
   function EVP_PKEY_derive_init(ctx: PEVP_PKEY_CTX): TIdC_INT cdecl; external CLibCrypto;
   function EVP_PKEY_derive_set_peer(ctx: PEVP_PKEY_CTX; peer: PEVP_PKEY): TIdC_INT cdecl; external CLibCrypto;
@@ -1300,7 +1295,6 @@ function EVP_PKEY_assign_POLY1305(pkey: PEVP_PKEY; polykey: Pointer): TIdC_INT;
 
 implementation
 
-{$REGION 'C compiler macros'}
 //#  define EVP_PKEY_assign_RSA(pkey,rsa) EVP_PKEY_assign((pkey),EVP_PKEY_RSA, (char *)(rsa))
 function EVP_PKEY_assign_RSA(pkey: PEVP_PKEY; rsa: Pointer): TIdC_INT;
 begin
@@ -1336,6 +1330,5 @@ function EVP_PKEY_assign_POLY1305(pkey: PEVP_PKEY; polykey: Pointer): TIdC_INT;
 begin
   Result := EVP_PKEY_assign(pkey, EVP_PKEY_POLY1305, polykey);
 end;
-{$ENDREGION}
 
 end.
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_evperr.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_evperr.pas
index 39944a41c..6a98ea4ab 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_evperr.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_evperr.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 14:51:27
+// Generation date: 28.10.2020 15:24:33
 
 unit IdOpenSSLHeaders_evperr;
 
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_hmac.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_hmac.pas
index 827efd0ff..e16974b1f 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_hmac.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_hmac.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 14:51:27
+// Generation date: 28.10.2020 15:24:33
 
 unit IdOpenSSLHeaders_hmac;
 
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_idea.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_idea.pas
index 837d01cbd..0a3b70616 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_idea.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_idea.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 14:51:27
+// Generation date: 28.10.2020 15:24:33
 
 unit IdOpenSSLHeaders_idea;
 
@@ -63,12 +63,12 @@   idea_key_st = record
   PIDEA_KEY_SCHEDULE = ^IDEA_KEY_SCHEDULE;
 
   function IDEA_options: PIdAnsiChar cdecl; external CLibCrypto;
-  procedure IDEA_ecb_encrypt(const &in: PByte; &out: PByte; ks: PIDEA_KEY_SCHEDULE) cdecl; external CLibCrypto;
+  procedure IDEA_ecb_encrypt(const in_: PByte; out_: PByte; ks: PIDEA_KEY_SCHEDULE) cdecl; external CLibCrypto;
   procedure IDEA_set_encrypt_key(const key: PByte; ks: PIDEA_KEY_SCHEDULE) cdecl; external CLibCrypto;
   procedure IDEA_set_decrypt_key(ek: PIDEA_KEY_SCHEDULE; dk: PIDEA_KEY_SCHEDULE) cdecl; external CLibCrypto;
-  procedure IDEA_cbc_encrypt(const &in: PByte; &out: PByte; length: TIdC_LONG; ks: PIDEA_KEY_SCHEDULE; iv: PByte; enc: TIdC_INT) cdecl; external CLibCrypto;
-  procedure IDEA_cfb64_encrypt(const &in: PByte; &out: PByte; length: TIdC_LONG; ks: PIDEA_KEY_SCHEDULE; iv: PByte; num: PIdC_INT; enc: TIdC_INT) cdecl; external CLibCrypto;
-  procedure IDEA_ofb64_encrypt(const &in: PByte; &out: PByte; length: TIdC_LONG; ks: PIDEA_KEY_SCHEDULE; iv: PByte; num: PIdC_INT) cdecl; external CLibCrypto;
+  procedure IDEA_cbc_encrypt(const in_: PByte; out_: PByte; length: TIdC_LONG; ks: PIDEA_KEY_SCHEDULE; iv: PByte; enc: TIdC_INT) cdecl; external CLibCrypto;
+  procedure IDEA_cfb64_encrypt(const in_: PByte; out_: PByte; length: TIdC_LONG; ks: PIDEA_KEY_SCHEDULE; iv: PByte; num: PIdC_INT; enc: TIdC_INT) cdecl; external CLibCrypto;
+  procedure IDEA_ofb64_encrypt(const in_: PByte; out_: PByte; length: TIdC_LONG; ks: PIDEA_KEY_SCHEDULE; iv: PByte; num: PIdC_INT) cdecl; external CLibCrypto;
   procedure IDEA_encrypt(&in: PIdC_LONG; ks: PIDEA_KEY_SCHEDULE) cdecl; external CLibCrypto;
 
 implementation
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_kdferr.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_kdferr.pas
index c27878647..e2488acd4 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_kdferr.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_kdferr.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 14:51:27
+// Generation date: 28.10.2020 15:24:33
 
 unit IdOpenSSLHeaders_kdferr;
 
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_obj_mac.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_obj_mac.pas
index e09a90af3..c1ede2ad7 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_obj_mac.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_obj_mac.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 14:51:27
+// Generation date: 28.10.2020 15:24:33
 
 unit IdOpenSSLHeaders_obj_mac;
 
@@ -40,2881 +40,4065 @@ interface
 {$i IdCompilerDefines.inc}
 
 const
-  SN_undef =       'UNDEF';
-  LN_undef =       'undefined';
-  NID_undef =       0;
-  SN_itu_t =     'ITU-T';
-  LN_itu_t =     'itu-t';
-  NID_itu_t =     645;
-  NID_ccitt =     404;
-  SN_iso =   'ISO';
-  LN_iso =   'iso';
-  NID_iso =   181;
-  SN_joint_iso_itu_t =    'JOINT-ISO-ITU-T';
-  LN_joint_iso_itu_t =    'joint-iso-itu-t';
-  NID_joint_iso_itu_t =    646;
-  NID_joint_iso_ccitt =    393;
-  SN_member_body =   'member-body';
-  LN_member_body =   'ISO Member Body';
-  NID_member_body =   182;
-  SN_identified_organization =    'identified-organization';
-  NID_identified_organization =    676;
-  SN_hmac_md5 =    'HMAC-MD5';
-  LN_hmac_md5 =    'hmac-md5';
-  NID_hmac_md5 =    780;
-  SN_hmac_sha1 =    'HMAC-SHA1';
-  LN_hmac_sha1 =    'hmac-sha1';
-  NID_hmac_sha1 =    781;
-  SN_x509ExtAdmission =    'x509ExtAdmission';
-  LN_x509ExtAdmission =    'Professional Information or basis for Admission';
-  NID_x509ExtAdmission =    1093;
-  SN_certicom_arc =   'certicom-arc';
-  NID_certicom_arc =     677;
-  SN_ieee =   'ieee';
-  NID_ieee =     1170;
-  SN_ieee_siswg =    'ieee-siswg';
-  LN_ieee_siswg =    'IEEE Security in Storage Working Group';
-  NID_ieee_siswg =   1171;
-  SN_international_organizations =   'international-organizations';
-  LN_international_organizations =   'International Organizations';
-  NID_international_organizations =   647;
-  SN_wap =   'wap';
-  NID_wap =   678;
-  SN_wap_wsg =    'wap-wsg';
-  NID_wap_wsg =    679;
-  SN_selected_attribute_types =    'selected-attribute-types';
-  LN_selected_attribute_types =    'Selected Attribute Types';
-  NID_selected_attribute_types =    394;
-  SN_clearance =    'clearance';
-  NID_clearance =    395;
-  SN_ISO_US =     'ISO-US';
-  LN_ISO_US =     'ISO US Member Body';
-  NID_ISO_US =    183;
-  SN_X9_57 =     'X9-57';
-  LN_X9_57 =     'X9.57';
-  NID_X9_57 =     184;
-  SN_X9cm =   'X9cm';
-  LN_X9cm =   'X9.57 CM ?';
-  NID_X9cm =     185;
-  SN_ISO_CN =     'ISO-CN';
-  LN_ISO_CN =     'ISO CN Member Body';
-  NID_ISO_CN =    1140;
-  SN_oscca =     'oscca';
-  NID_oscca =     1141;
-  SN_sm_scheme =    'sm-scheme';
-  NID_sm_scheme =    1142;
-  SN_dsa =   'DSA';
-  LN_dsa =   'dsaEncryption';
-  NID_dsa =   116;
-  SN_dsaWithSHA1 =   'DSA-SHA1';
-  LN_dsaWithSHA1 =   'dsaWithSHA1';
-  NID_dsaWithSHA1 =   113;
-  SN_ansi_X9_62 =    'ansi-X9-62';
-  LN_ansi_X9_62 =    'ANSI X9.62';
-  NID_ansi_X9_62 =   405;
-  SN_X9_62_prime_field =    'prime-field';
-  NID_X9_62_prime_field =    406;
-  SN_X9_62_characteristic_two_field =     'characteristic-two-field';
-  NID_X9_62_characteristic_two_field =    407;
-  SN_X9_62_id_characteristic_two_basis =    'id-characteristic-two-basis';
-  NID_X9_62_id_characteristic_two_basis =    680;
-  SN_X9_62_onBasis =     'onBasis';
-  NID_X9_62_onBasis =     681;
-  SN_X9_62_tpBasis =     'tpBasis';
-  NID_X9_62_tpBasis =     682;
-  SN_X9_62_ppBasis =     'ppBasis';
-  NID_X9_62_ppBasis =     683;
-  SN_X9_62_id_ecPublicKey =   'id-ecPublicKey';
-  NID_X9_62_id_ecPublicKey =     408;
-  SN_X9_62_c2pnb163v1 =    'c2pnb163v1';
-  NID_X9_62_c2pnb163v1 =    684;
-  SN_X9_62_c2pnb163v2 =    'c2pnb163v2';
-  NID_X9_62_c2pnb163v2 =    685;
-  SN_X9_62_c2pnb163v3 =    'c2pnb163v3';
-  NID_X9_62_c2pnb163v3 =    686;
-  SN_X9_62_c2pnb176v1 =    'c2pnb176v1';
-  NID_X9_62_c2pnb176v1 =    687;
-  SN_X9_62_c2tnb191v1 =    'c2tnb191v1';
-  NID_X9_62_c2tnb191v1 =    688;
-  SN_X9_62_c2tnb191v2 =    'c2tnb191v2';
-  NID_X9_62_c2tnb191v2 =    689;
-  SN_X9_62_c2tnb191v3 =    'c2tnb191v3';
-  NID_X9_62_c2tnb191v3 =    690;
-  SN_X9_62_c2onb191v4 =    'c2onb191v4';
-  NID_X9_62_c2onb191v4 =    691;
-  SN_X9_62_c2onb191v5 =    'c2onb191v5';
-  NID_X9_62_c2onb191v5 =    692;
-  SN_X9_62_c2pnb208w1 =    'c2pnb208w1';
-  NID_X9_62_c2pnb208w1 =    693;
-  SN_X9_62_c2tnb239v1 =    'c2tnb239v1';
-  NID_X9_62_c2tnb239v1 =    694;
-  SN_X9_62_c2tnb239v2 =    'c2tnb239v2';
-  NID_X9_62_c2tnb239v2 =    695;
-  SN_X9_62_c2tnb239v3 =    'c2tnb239v3';
-  NID_X9_62_c2tnb239v3 =    696;
-  SN_X9_62_c2onb239v4 =    'c2onb239v4';
-  NID_X9_62_c2onb239v4 =    697;
-  SN_X9_62_c2onb239v5 =    'c2onb239v5';
-  NID_X9_62_c2onb239v5 =    698;
-  SN_X9_62_c2pnb272w1 =    'c2pnb272w1';
-  NID_X9_62_c2pnb272w1 =    699;
-  SN_X9_62_c2pnb304w1 =    'c2pnb304w1';
-  NID_X9_62_c2pnb304w1 =    700;
-  SN_X9_62_c2tnb359v1 =    'c2tnb359v1';
-  NID_X9_62_c2tnb359v1 =    701;
-  SN_X9_62_c2pnb368w1 =    'c2pnb368w1';
-  NID_X9_62_c2pnb368w1 =    702;
-  SN_X9_62_c2tnb431r1 =    'c2tnb431r1';
-  NID_X9_62_c2tnb431r1 =    703;
-  SN_X9_62_prime192v1 =    'prime192v1';
-  NID_X9_62_prime192v1 =    409;
-  SN_X9_62_prime192v2 =    'prime192v2';
-  NID_X9_62_prime192v2 =    410;
-  SN_X9_62_prime192v3 =    'prime192v3';
-  NID_X9_62_prime192v3 =    411;
-  SN_X9_62_prime239v1 =    'prime239v1';
-  NID_X9_62_prime239v1 =    412;
-  SN_X9_62_prime239v2 =    'prime239v2';
-  NID_X9_62_prime239v2 =    413;
-  SN_X9_62_prime239v3 =    'prime239v3';
-  NID_X9_62_prime239v3 =    414;
-  SN_X9_62_prime256v1 =    'prime256v1';
-  NID_X9_62_prime256v1 =    415;
-  SN_ecdsa_with_SHA1 =    'ecdsa-with-SHA1';
-  NID_ecdsa_with_SHA1 =    416;
-  SN_ecdsa_with_Recommended =     'ecdsa-with-Recommended';
-  NID_ecdsa_with_Recommended =    791;
-  SN_ecdsa_with_Specified =   'ecdsa-with-Specified';
-  NID_ecdsa_with_Specified =     792;
-  SN_ecdsa_with_SHA224 =    'ecdsa-with-SHA224';
-  NID_ecdsa_with_SHA224 =    793;
-  SN_ecdsa_with_SHA256 =    'ecdsa-with-SHA256';
-  NID_ecdsa_with_SHA256 =    794;
-  SN_ecdsa_with_SHA384 =    'ecdsa-with-SHA384';
-  NID_ecdsa_with_SHA384 =    795;
-  SN_ecdsa_with_SHA512 =    'ecdsa-with-SHA512';
-  NID_ecdsa_with_SHA512 =    796;
-  SN_secp112r1 =    'secp112r1';
-  NID_secp112r1 =    704;
-  SN_secp112r2 =    'secp112r2';
-  NID_secp112r2 =    705;
-  SN_secp128r1 =    'secp128r1';
-  NID_secp128r1 =    706;
-  SN_secp128r2 =    'secp128r2';
-  NID_secp128r2 =    707;
-  SN_secp160k1 =    'secp160k1';
-  NID_secp160k1 =    708;
-  SN_secp160r1 =    'secp160r1';
-  NID_secp160r1 =    709;
-  SN_secp160r2 =    'secp160r2';
-  NID_secp160r2 =    710;
-  SN_secp192k1 =    'secp192k1';
-  NID_secp192k1 =    711;
-  SN_secp224k1 =    'secp224k1';
-  NID_secp224k1 =    712;
-  SN_secp224r1 =    'secp224r1';
-  NID_secp224r1 =    713;
-  SN_secp256k1 =    'secp256k1';
-  NID_secp256k1 =    714;
-  SN_secp384r1 =    'secp384r1';
-  NID_secp384r1 =    715;
-  SN_secp521r1 =    'secp521r1';
-  NID_secp521r1 =    716;
-  SN_sect113r1 =    'sect113r1';
-  NID_sect113r1 =    717;
-  SN_sect113r2 =    'sect113r2';
-  NID_sect113r2 =    718;
-  SN_sect131r1 =    'sect131r1';
-  NID_sect131r1 =    719;
-  SN_sect131r2 =    'sect131r2';
-  NID_sect131r2 =    720;
-  SN_sect163k1 =    'sect163k1';
-  NID_sect163k1 =    721;
-  SN_sect163r1 =    'sect163r1';
-  NID_sect163r1 =    722;
-  SN_sect163r2 =    'sect163r2';
-  NID_sect163r2 =    723;
-  SN_sect193r1 =    'sect193r1';
-  NID_sect193r1 =    724;
-  SN_sect193r2 =    'sect193r2';
-  NID_sect193r2 =    725;
-  SN_sect233k1 =    'sect233k1';
-  NID_sect233k1 =    726;
-  SN_sect233r1 =    'sect233r1';
-  NID_sect233r1 =    727;
-  SN_sect239k1 =    'sect239k1';
-  NID_sect239k1 =    728;
-  SN_sect283k1 =    'sect283k1';
-  NID_sect283k1 =    729;
-  SN_sect283r1 =    'sect283r1';
-  NID_sect283r1 =    730;
-  SN_sect409k1 =    'sect409k1';
-  NID_sect409k1 =    731;
-  SN_sect409r1 =    'sect409r1';
-  NID_sect409r1 =    732;
-  SN_sect571k1 =    'sect571k1';
-  NID_sect571k1 =    733;
-  SN_sect571r1 =    'sect571r1';
-  NID_sect571r1 =    734;
-  SN_wap_wsg_idm_ecid_wtls1 =     'wap-wsg-idm-ecid-wtls1';
-  NID_wap_wsg_idm_ecid_wtls1 =    735;
-  SN_wap_wsg_idm_ecid_wtls3 =     'wap-wsg-idm-ecid-wtls3';
-  NID_wap_wsg_idm_ecid_wtls3 =    736;
-  SN_wap_wsg_idm_ecid_wtls4 =     'wap-wsg-idm-ecid-wtls4';
-  NID_wap_wsg_idm_ecid_wtls4 =    737;
-  SN_wap_wsg_idm_ecid_wtls5 =     'wap-wsg-idm-ecid-wtls5';
-  NID_wap_wsg_idm_ecid_wtls5 =    738;
-  SN_wap_wsg_idm_ecid_wtls6 =     'wap-wsg-idm-ecid-wtls6';
-  NID_wap_wsg_idm_ecid_wtls6 =    739;
-  SN_wap_wsg_idm_ecid_wtls7 =     'wap-wsg-idm-ecid-wtls7';
-  NID_wap_wsg_idm_ecid_wtls7 =    740;
-  SN_wap_wsg_idm_ecid_wtls8 =     'wap-wsg-idm-ecid-wtls8';
-  NID_wap_wsg_idm_ecid_wtls8 =    741;
-  SN_wap_wsg_idm_ecid_wtls9 =     'wap-wsg-idm-ecid-wtls9';
-  NID_wap_wsg_idm_ecid_wtls9 =    742;
-  SN_wap_wsg_idm_ecid_wtls10 =    'wap-wsg-idm-ecid-wtls10';
-  NID_wap_wsg_idm_ecid_wtls10 =    743;
-  SN_wap_wsg_idm_ecid_wtls11 =    'wap-wsg-idm-ecid-wtls11';
-  NID_wap_wsg_idm_ecid_wtls11 =    744;
-  SN_wap_wsg_idm_ecid_wtls12 =    'wap-wsg-idm-ecid-wtls12';
-  NID_wap_wsg_idm_ecid_wtls12 =    745;
-  SN_cast5_cbc =    'CAST5-CBC';
-  LN_cast5_cbc =    'cast5-cbc';
-  NID_cast5_cbc =    108;
-  SN_cast5_ecb =    'CAST5-ECB';
-  LN_cast5_ecb =    'cast5-ecb';
-  NID_cast5_ecb =    109;
-  SN_cast5_cfb64 =   'CAST5-CFB';
-  LN_cast5_cfb64 =   'cast5-cfb';
-  NID_cast5_cfb64 =   110;
-  SN_cast5_ofb64 =   'CAST5-OFB';
-  LN_cast5_ofb64 =   'cast5-ofb';
-  NID_cast5_ofb64 =   111;
-  LN_pbeWithMD5AndCast5_CBC =     'pbeWithMD5AndCast5CBC';
-  NID_pbeWithMD5AndCast5_CBC =    112;
-  SN_id_PasswordBasedMAC =   'id-PasswordBasedMAC';
-  LN_id_PasswordBasedMAC =   'password based MAC';
-  NID_id_PasswordBasedMAC =   782;
-  SN_id_DHBasedMac =     'id-DHBasedMac';
-  LN_id_DHBasedMac =     'Diffie-Hellman based MAC';
-  NID_id_DHBasedMac =     783;
-  SN_rsadsi =     'rsadsi';
-  LN_rsadsi =     'RSA Data Security; Inc.';
-  NID_rsadsi =    1;
-  SN_pkcs =   'pkcs';
-  LN_pkcs =   'RSA Data Security; Inc. PKCS';
-  NID_pkcs =     2;
-  SN_pkcs1 =     'pkcs1';
-  NID_pkcs1 =     186;
-  LN_rsaEncryption =     'rsaEncryption';
-  NID_rsaEncryption =     6;
-  SN_md2WithRSAEncryption =   'RSA-MD2';
-  LN_md2WithRSAEncryption =   'md2WithRSAEncryption';
-  NID_md2WithRSAEncryption =     7;
-  SN_md4WithRSAEncryption =   'RSA-MD4';
-  LN_md4WithRSAEncryption =   'md4WithRSAEncryption';
-  NID_md4WithRSAEncryption =     396;
-  SN_md5WithRSAEncryption =   'RSA-MD5';
-  LN_md5WithRSAEncryption =   'md5WithRSAEncryption';
-  NID_md5WithRSAEncryption =     8;
-  SN_sha1WithRSAEncryption =     'RSA-SHA1';
-  LN_sha1WithRSAEncryption =     'sha1WithRSAEncryption';
-  NID_sha1WithRSAEncryption =     65;
-  SN_rsaesOaep =    'RSAES-OAEP';
-  LN_rsaesOaep =    'rsaesOaep';
-  NID_rsaesOaep =    919;
-  SN_mgf1 =   'MGF1';
-  LN_mgf1 =   'mgf1';
-  NID_mgf1 =     911;
-  SN_pSpecified =    'PSPECIFIED';
-  LN_pSpecified =    'pSpecified';
-  NID_pSpecified =   935;
-  SN_rsassaPss =    'RSASSA-PSS';
-  LN_rsassaPss =    'rsassaPss';
-  NID_rsassaPss =    912;
-  SN_sha256WithRSAEncryption =    'RSA-SHA256';
-  LN_sha256WithRSAEncryption =    'sha256WithRSAEncryption';
-  NID_sha256WithRSAEncryption =    668;
-  SN_sha384WithRSAEncryption =    'RSA-SHA384';
-  LN_sha384WithRSAEncryption =    'sha384WithRSAEncryption';
-  NID_sha384WithRSAEncryption =    669;
-  SN_sha512WithRSAEncryption =    'RSA-SHA512';
-  LN_sha512WithRSAEncryption =    'sha512WithRSAEncryption';
-  NID_sha512WithRSAEncryption =    670;
-  SN_sha224WithRSAEncryption =    'RSA-SHA224';
-  LN_sha224WithRSAEncryption =    'sha224WithRSAEncryption';
-  NID_sha224WithRSAEncryption =    671;
-  SN_sha512_224WithRSAEncryption =   'RSA-SHA512/224';
-  LN_sha512_224WithRSAEncryption =   'sha512-224WithRSAEncryption';
-  NID_sha512_224WithRSAEncryption =   1145;
-  SN_sha512_256WithRSAEncryption =   'RSA-SHA512/256';
-  LN_sha512_256WithRSAEncryption =   'sha512-256WithRSAEncryption';
-  NID_sha512_256WithRSAEncryption =   1146;
-  SN_pkcs3 =     'pkcs3';
-  NID_pkcs3 =     27;
-  LN_dhKeyAgreement =     'dhKeyAgreement';
-  NID_dhKeyAgreement =    28;
-  SN_pkcs5 =     'pkcs5';
-  NID_pkcs5 =     187;
-  SN_pbeWithMD2AndDES_CBC =   'PBE-MD2-DES';
-  LN_pbeWithMD2AndDES_CBC =   'pbeWithMD2AndDES-CBC';
-  NID_pbeWithMD2AndDES_CBC =     9;
-  SN_pbeWithMD5AndDES_CBC =   'PBE-MD5-DES';
-  LN_pbeWithMD5AndDES_CBC =   'pbeWithMD5AndDES-CBC';
-  NID_pbeWithMD5AndDES_CBC =     10;
-  SN_pbeWithMD2AndRC2_CBC =   'PBE-MD2-RC2-64';
-  LN_pbeWithMD2AndRC2_CBC =   'pbeWithMD2AndRC2-CBC';
-  NID_pbeWithMD2AndRC2_CBC =     168;
-  SN_pbeWithMD5AndRC2_CBC =   'PBE-MD5-RC2-64';
-  LN_pbeWithMD5AndRC2_CBC =   'pbeWithMD5AndRC2-CBC';
-  NID_pbeWithMD5AndRC2_CBC =     169;
-  SN_pbeWithSHA1AndDES_CBC =     'PBE-SHA1-DES';
-  LN_pbeWithSHA1AndDES_CBC =     'pbeWithSHA1AndDES-CBC';
-  NID_pbeWithSHA1AndDES_CBC =     170;
-  SN_pbeWithSHA1AndRC2_CBC =     'PBE-SHA1-RC2-64';
-  LN_pbeWithSHA1AndRC2_CBC =     'pbeWithSHA1AndRC2-CBC';
-  NID_pbeWithSHA1AndRC2_CBC =     68;
-  LN_id_pbkdf2 =    'PBKDF2';
-  NID_id_pbkdf2 =    69;
-  LN_pbes2 =     'PBES2';
-  NID_pbes2 =     161;
-  LN_pbmac1 =     'PBMAC1';
-  NID_pbmac1 =    162;
-  SN_pkcs7 =     'pkcs7';
-  NID_pkcs7 =     20;
-  LN_pkcs7_data =    'pkcs7-data';
-  NID_pkcs7_data =   21;
-  LN_pkcs7_signed =   'pkcs7-signedData';
-  NID_pkcs7_signed =     22;
-  LN_pkcs7_enveloped =    'pkcs7-envelopedData';
-  NID_pkcs7_enveloped =    23;
-  LN_pkcs7_signedAndEnveloped =    'pkcs7-signedAndEnvelopedData';
-  NID_pkcs7_signedAndEnveloped =    24;
-  LN_pkcs7_digest =   'pkcs7-digestData';
-  NID_pkcs7_digest =     25;
-  LN_pkcs7_encrypted =    'pkcs7-encryptedData';
-  NID_pkcs7_encrypted =    26;
-  SN_pkcs9 =     'pkcs9';
-  NID_pkcs9 =     47;
-  LN_pkcs9_emailAddress =    'emailAddress';
-  NID_pkcs9_emailAddress =   48;
-  LN_pkcs9_unstructuredName =     'unstructuredName';
-  NID_pkcs9_unstructuredName =    49;
-  LN_pkcs9_contentType =    'contentType';
-  NID_pkcs9_contentType =    50;
-  LN_pkcs9_messageDigest =   'messageDigest';
-  NID_pkcs9_messageDigest =   51;
-  LN_pkcs9_signingTime =    'signingTime';
-  NID_pkcs9_signingTime =    52;
-  LN_pkcs9_countersignature =     'countersignature';
-  NID_pkcs9_countersignature =    53;
-  LN_pkcs9_challengePassword =    'challengePassword';
-  NID_pkcs9_challengePassword =    54;
-  LN_pkcs9_unstructuredAddress =    'unstructuredAddress';
-  NID_pkcs9_unstructuredAddress =    55;
-  LN_pkcs9_extCertAttributes =    'extendedCertificateAttributes';
-  NID_pkcs9_extCertAttributes =    56;
-  SN_ext_req =    'extReq';
-  LN_ext_req =    'Extension Request';
-  NID_ext_req =    172;
-  SN_SMIMECapabilities =    'SMIME-CAPS';
-  LN_SMIMECapabilities =    'S/MIME Capabilities';
-  NID_SMIMECapabilities =    167;
-  SN_SMIME =     'SMIME';
-  LN_SMIME =     'S/MIME';
-  NID_SMIME =     188;
-  SN_id_smime_mod =   'id-smime-mod';
-  NID_id_smime_mod =     189;
-  SN_id_smime_ct =   'id-smime-ct';
-  NID_id_smime_ct =   190;
-  SN_id_smime_aa =   'id-smime-aa';
-  NID_id_smime_aa =   191;
-  SN_id_smime_alg =   'id-smime-alg';
-  NID_id_smime_alg =     192;
-  SN_id_smime_cd =   'id-smime-cd';
-  NID_id_smime_cd =   193;
-  SN_id_smime_spq =   'id-smime-spq';
-  NID_id_smime_spq =     194;
-  SN_id_smime_cti =   'id-smime-cti';
-  NID_id_smime_cti =     195;
-  SN_id_smime_mod_cms =    'id-smime-mod-cms';
-  NID_id_smime_mod_cms =    196;
-  SN_id_smime_mod_ess =    'id-smime-mod-ess';
-  NID_id_smime_mod_ess =    197;
-  SN_id_smime_mod_oid =    'id-smime-mod-oid';
-  NID_id_smime_mod_oid =    198;
-  SN_id_smime_mod_msg_v3 =   'id-smime-mod-msg-v3';
-  NID_id_smime_mod_msg_v3 =   199;
-  SN_id_smime_mod_ets_eSignature_88 =     'id-smime-mod-ets-eSignature-88';
-  NID_id_smime_mod_ets_eSignature_88 =    200;
-  SN_id_smime_mod_ets_eSignature_97 =     'id-smime-mod-ets-eSignature-97';
-  NID_id_smime_mod_ets_eSignature_97 =    201;
-  SN_id_smime_mod_ets_eSigPolicy_88 =     'id-smime-mod-ets-eSigPolicy-88';
-  NID_id_smime_mod_ets_eSigPolicy_88 =    202;
-  SN_id_smime_mod_ets_eSigPolicy_97 =     'id-smime-mod-ets-eSigPolicy-97';
-  NID_id_smime_mod_ets_eSigPolicy_97 =    203;
-  SN_id_smime_ct_receipt =   'id-smime-ct-receipt';
-  NID_id_smime_ct_receipt =   204;
-  SN_id_smime_ct_authData =   'id-smime-ct-authData';
-  NID_id_smime_ct_authData =     205;
-  SN_id_smime_ct_publishCert =    'id-smime-ct-publishCert';
-  NID_id_smime_ct_publishCert =    206;
-  SN_id_smime_ct_TSTInfo =   'id-smime-ct-TSTInfo';
-  NID_id_smime_ct_TSTInfo =   207;
-  SN_id_smime_ct_TDTInfo =   'id-smime-ct-TDTInfo';
-  NID_id_smime_ct_TDTInfo =   208;
-  SN_id_smime_ct_contentInfo =    'id-smime-ct-contentInfo';
-  NID_id_smime_ct_contentInfo =    209;
-  SN_id_smime_ct_DVCSRequestData =   'id-smime-ct-DVCSRequestData';
-  NID_id_smime_ct_DVCSRequestData =   210;
-  SN_id_smime_ct_DVCSResponseData =   'id-smime-ct-DVCSResponseData';
-  NID_id_smime_ct_DVCSResponseData =     211;
-  SN_id_smime_ct_compressedData =    'id-smime-ct-compressedData';
-  NID_id_smime_ct_compressedData =   786;
-  SN_id_smime_ct_contentCollection =     'id-smime-ct-contentCollection';
-  NID_id_smime_ct_contentCollection =     1058;
-  SN_id_smime_ct_authEnvelopedData =     'id-smime-ct-authEnvelopedData';
-  NID_id_smime_ct_authEnvelopedData =     1059;
-  SN_id_ct_asciiTextWithCRLF =    'id-ct-asciiTextWithCRLF';
-  NID_id_ct_asciiTextWithCRLF =    787;
-  SN_id_ct_xml =    'id-ct-xml';
-  NID_id_ct_xml =    1060;
-  SN_id_smime_aa_receiptRequest =    'id-smime-aa-receiptRequest';
-  NID_id_smime_aa_receiptRequest =   212;
-  SN_id_smime_aa_securityLabel =    'id-smime-aa-securityLabel';
-  NID_id_smime_aa_securityLabel =    213;
-  SN_id_smime_aa_mlExpandHistory =   'id-smime-aa-mlExpandHistory';
-  NID_id_smime_aa_mlExpandHistory =   214;
-  SN_id_smime_aa_contentHint =    'id-smime-aa-contentHint';
-  NID_id_smime_aa_contentHint =    215;
-  SN_id_smime_aa_msgSigDigest =    'id-smime-aa-msgSigDigest';
-  NID_id_smime_aa_msgSigDigest =    216;
-  SN_id_smime_aa_encapContentType =   'id-smime-aa-encapContentType';
-  NID_id_smime_aa_encapContentType =     217;
-  SN_id_smime_aa_contentIdentifier =     'id-smime-aa-contentIdentifier';
-  NID_id_smime_aa_contentIdentifier =     218;
-  SN_id_smime_aa_macValue =   'id-smime-aa-macValue';
-  NID_id_smime_aa_macValue =     219;
-  SN_id_smime_aa_equivalentLabels =   'id-smime-aa-equivalentLabels';
-  NID_id_smime_aa_equivalentLabels =     220;
-  SN_id_smime_aa_contentReference =   'id-smime-aa-contentReference';
-  NID_id_smime_aa_contentReference =     221;
-  SN_id_smime_aa_encrypKeyPref =    'id-smime-aa-encrypKeyPref';
-  NID_id_smime_aa_encrypKeyPref =    222;
-  SN_id_smime_aa_signingCertificate =     'id-smime-aa-signingCertificate';
-  NID_id_smime_aa_signingCertificate =    223;
-  SN_id_smime_aa_smimeEncryptCerts =     'id-smime-aa-smimeEncryptCerts';
-  NID_id_smime_aa_smimeEncryptCerts =     224;
-  SN_id_smime_aa_timeStampToken =    'id-smime-aa-timeStampToken';
-  NID_id_smime_aa_timeStampToken =   225;
-  SN_id_smime_aa_ets_sigPolicyId =   'id-smime-aa-ets-sigPolicyId';
-  NID_id_smime_aa_ets_sigPolicyId =   226;
-  SN_id_smime_aa_ets_commitmentType =     'id-smime-aa-ets-commitmentType';
-  NID_id_smime_aa_ets_commitmentType =    227;
-  SN_id_smime_aa_ets_signerLocation =     'id-smime-aa-ets-signerLocation';
-  NID_id_smime_aa_ets_signerLocation =    228;
-  SN_id_smime_aa_ets_signerAttr =    'id-smime-aa-ets-signerAttr';
-  NID_id_smime_aa_ets_signerAttr =   229;
-  SN_id_smime_aa_ets_otherSigCert =   'id-smime-aa-ets-otherSigCert';
-  NID_id_smime_aa_ets_otherSigCert =     230;
-  SN_id_smime_aa_ets_contentTimestamp =    'id-smime-aa-ets-contentTimestamp';
-  NID_id_smime_aa_ets_contentTimestamp =    231;
-  SN_id_smime_aa_ets_CertificateRefs =    'id-smime-aa-ets-CertificateRefs';
-  NID_id_smime_aa_ets_CertificateRefs =    232;
-  SN_id_smime_aa_ets_RevocationRefs =     'id-smime-aa-ets-RevocationRefs';
-  NID_id_smime_aa_ets_RevocationRefs =    233;
-  SN_id_smime_aa_ets_certValues =    'id-smime-aa-ets-certValues';
-  NID_id_smime_aa_ets_certValues =   234;
-  SN_id_smime_aa_ets_revocationValues =    'id-smime-aa-ets-revocationValues';
-  NID_id_smime_aa_ets_revocationValues =    235;
-  SN_id_smime_aa_ets_escTimeStamp =   'id-smime-aa-ets-escTimeStamp';
-  NID_id_smime_aa_ets_escTimeStamp =     236;
-  SN_id_smime_aa_ets_certCRLTimestamp =    'id-smime-aa-ets-certCRLTimestamp';
-  NID_id_smime_aa_ets_certCRLTimestamp =    237;
-  SN_id_smime_aa_ets_archiveTimeStamp =    'id-smime-aa-ets-archiveTimeStamp';
-  NID_id_smime_aa_ets_archiveTimeStamp =    238;
-  SN_id_smime_aa_signatureType =    'id-smime-aa-signatureType';
-  NID_id_smime_aa_signatureType =    239;
-  SN_id_smime_aa_dvcs_dvc =   'id-smime-aa-dvcs-dvc';
-  NID_id_smime_aa_dvcs_dvc =     240;
-  SN_id_smime_aa_signingCertificateV2 =    'id-smime-aa-signingCertificateV2';
-  NID_id_smime_aa_signingCertificateV2 =    1086;
-  SN_id_smime_alg_ESDHwith3DES =    'id-smime-alg-ESDHwith3DES';
-  NID_id_smime_alg_ESDHwith3DES =    241;
-  SN_id_smime_alg_ESDHwithRC2 =    'id-smime-alg-ESDHwithRC2';
-  NID_id_smime_alg_ESDHwithRC2 =    242;
-  SN_id_smime_alg_3DESwrap =     'id-smime-alg-3DESwrap';
-  NID_id_smime_alg_3DESwrap =     243;
-  SN_id_smime_alg_RC2wrap =   'id-smime-alg-RC2wrap';
-  NID_id_smime_alg_RC2wrap =     244;
-  SN_id_smime_alg_ESDH =    'id-smime-alg-ESDH';
-  NID_id_smime_alg_ESDH =    245;
-  SN_id_smime_alg_CMS3DESwrap =    'id-smime-alg-CMS3DESwrap';
-  NID_id_smime_alg_CMS3DESwrap =    246;
-  SN_id_smime_alg_CMSRC2wrap =    'id-smime-alg-CMSRC2wrap';
-  NID_id_smime_alg_CMSRC2wrap =    247;
-  SN_id_alg_PWRI_KEK =    'id-alg-PWRI-KEK';
-  NID_id_alg_PWRI_KEK =    893;
-  SN_id_smime_cd_ldap =    'id-smime-cd-ldap';
-  NID_id_smime_cd_ldap =    248;
-  SN_id_smime_spq_ets_sqt_uri =    'id-smime-spq-ets-sqt-uri';
-  NID_id_smime_spq_ets_sqt_uri =    249;
-  SN_id_smime_spq_ets_sqt_unotice =   'id-smime-spq-ets-sqt-unotice';
-  NID_id_smime_spq_ets_sqt_unotice =     250;
-  SN_id_smime_cti_ets_proofOfOrigin =     'id-smime-cti-ets-proofOfOrigin';
-  NID_id_smime_cti_ets_proofOfOrigin =    251;
-  SN_id_smime_cti_ets_proofOfReceipt =    'id-smime-cti-ets-proofOfReceipt';
-  NID_id_smime_cti_ets_proofOfReceipt =    252;
-  SN_id_smime_cti_ets_proofOfDelivery =    'id-smime-cti-ets-proofOfDelivery';
-  NID_id_smime_cti_ets_proofOfDelivery =    253;
-  SN_id_smime_cti_ets_proofOfSender =     'id-smime-cti-ets-proofOfSender';
-  NID_id_smime_cti_ets_proofOfSender =    254;
-  SN_id_smime_cti_ets_proofOfApproval =    'id-smime-cti-ets-proofOfApproval';
-  NID_id_smime_cti_ets_proofOfApproval =    255;
-  SN_id_smime_cti_ets_proofOfCreation =    'id-smime-cti-ets-proofOfCreation';
-  NID_id_smime_cti_ets_proofOfCreation =    256;
-  LN_friendlyName =   'friendlyName';
-  NID_friendlyName =     156;
-  LN_localKeyID =    'localKeyID';
-  NID_localKeyID =   157;
-  SN_ms_csp_name =   'CSPName';
-  LN_ms_csp_name =   'Microsoft CSP Name';
-  NID_ms_csp_name =   417;
-  SN_LocalKeySet =   'LocalKeySet';
-  LN_LocalKeySet =   'Microsoft Local Key set';
-  NID_LocalKeySet =   856;
-  LN_x509Certificate =    'x509Certificate';
-  NID_x509Certificate =    158;
-  LN_sdsiCertificate =    'sdsiCertificate';
-  NID_sdsiCertificate =    159;
-  LN_x509Crl =    'x509Crl';
-  NID_x509Crl =    160;
-  SN_pbe_WithSHA1And128BitRC4 =    'PBE-SHA1-RC4-128';
-  LN_pbe_WithSHA1And128BitRC4 =    'pbeWithSHA1And128BitRC4';
-  NID_pbe_WithSHA1And128BitRC4 =    144;
-  SN_pbe_WithSHA1And40BitRC4 =    'PBE-SHA1-RC4-40';
-  LN_pbe_WithSHA1And40BitRC4 =    'pbeWithSHA1And40BitRC4';
-  NID_pbe_WithSHA1And40BitRC4 =    145;
-  SN_pbe_WithSHA1And3_Key_TripleDES_CBC =    'PBE-SHA1-3DES';
-  LN_pbe_WithSHA1And3_Key_TripleDES_CBC =    'pbeWithSHA1And3-KeyTripleDES-CBC';
-  NID_pbe_WithSHA1And3_Key_TripleDES_CBC =   146;
-  SN_pbe_WithSHA1And2_Key_TripleDES_CBC =    'PBE-SHA1-2DES';
-  LN_pbe_WithSHA1And2_Key_TripleDES_CBC =    'pbeWithSHA1And2-KeyTripleDES-CBC';
-  NID_pbe_WithSHA1And2_Key_TripleDES_CBC =   147;
-  SN_pbe_WithSHA1And128BitRC2_CBC =   'PBE-SHA1-RC2-128';
-  LN_pbe_WithSHA1And128BitRC2_CBC =   'pbeWithSHA1And128BitRC2-CBC';
-  NID_pbe_WithSHA1And128BitRC2_CBC =     148;
-  SN_pbe_WithSHA1And40BitRC2_CBC =   'PBE-SHA1-RC2-40';
-  LN_pbe_WithSHA1And40BitRC2_CBC =   'pbeWithSHA1And40BitRC2-CBC';
-  NID_pbe_WithSHA1And40BitRC2_CBC =   149;
-  LN_keyBag =     'keyBag';
-  NID_keyBag =    150;
-  LN_pkcs8ShroudedKeyBag =   'pkcs8ShroudedKeyBag';
-  NID_pkcs8ShroudedKeyBag =   151;
-  LN_certBag =    'certBag';
-  NID_certBag =    152;
-  LN_crlBag =     'crlBag';
-  NID_crlBag =    153;
-  LN_secretBag =    'secretBag';
-  NID_secretBag =    154;
-  LN_safeContentsBag =    'safeContentsBag';
-  NID_safeContentsBag =    155;
-  SN_md2 =   'MD2';
-  LN_md2 =   'md2';
-  NID_md2 =   3;
-  SN_md4 =   'MD4';
-  LN_md4 =   'md4';
-  NID_md4 =   257;
-  SN_md5 =   'MD5';
-  LN_md5 =   'md5';
-  NID_md5 =   4;
-  SN_md5_sha1 =    'MD5-SHA1';
-  LN_md5_sha1 =    'md5-sha1';
-  NID_md5_sha1 =    114;
-  LN_hmacWithMD5 =   'hmacWithMD5';
-  NID_hmacWithMD5 =   797;
-  LN_hmacWithSHA1 =   'hmacWithSHA1';
-  NID_hmacWithSHA1 =     163;
-  SN_sm2 =   'SM2';
-  LN_sm2 =   'sm2';
-  NID_sm2 =   1172;
-  SN_sm3 =   'SM3';
-  LN_sm3 =   'sm3';
-  NID_sm3 =   1143;
-  SN_sm3WithRSAEncryption =   'RSA-SM3';
-  LN_sm3WithRSAEncryption =   'sm3WithRSAEncryption';
-  NID_sm3WithRSAEncryption =     1144;
-  LN_hmacWithSHA224 =     'hmacWithSHA224';
-  NID_hmacWithSHA224 =    798;
-  LN_hmacWithSHA256 =     'hmacWithSHA256';
-  NID_hmacWithSHA256 =    799;
-  LN_hmacWithSHA384 =     'hmacWithSHA384';
-  NID_hmacWithSHA384 =    800;
-  LN_hmacWithSHA512 =     'hmacWithSHA512';
-  NID_hmacWithSHA512 =    801;
-  LN_hmacWithSHA512_224 =    'hmacWithSHA512-224';
-  NID_hmacWithSHA512_224 =   1193;
-  LN_hmacWithSHA512_256 =    'hmacWithSHA512-256';
-  NID_hmacWithSHA512_256 =   1194;
-  SN_rc2_cbc =    'RC2-CBC';
-  LN_rc2_cbc =    'rc2-cbc';
-  NID_rc2_cbc =    37;
-  SN_rc2_ecb =    'RC2-ECB';
-  LN_rc2_ecb =    'rc2-ecb';
-  NID_rc2_ecb =    38;
-  SN_rc2_cfb64 =    'RC2-CFB';
-  LN_rc2_cfb64 =    'rc2-cfb';
-  NID_rc2_cfb64 =    39;
-  SN_rc2_ofb64 =    'RC2-OFB';
-  LN_rc2_ofb64 =    'rc2-ofb';
-  NID_rc2_ofb64 =    40;
-  SN_rc2_40_cbc =    'RC2-40-CBC';
-  LN_rc2_40_cbc =    'rc2-40-cbc';
-  NID_rc2_40_cbc =   98;
-  SN_rc2_64_cbc =    'RC2-64-CBC';
-  LN_rc2_64_cbc =    'rc2-64-cbc';
-  NID_rc2_64_cbc =   166;
-  SN_rc4 =   'RC4';
-  LN_rc4 =   'rc4';
-  NID_rc4 =   5;
-  SN_rc4_40 =     'RC4-40';
-  LN_rc4_40 =     'rc4-40';
-  NID_rc4_40 =    97;
-  SN_des_ede3_cbc =   'DES-EDE3-CBC';
-  LN_des_ede3_cbc =   'des-ede3-cbc';
-  NID_des_ede3_cbc =     44;
-  SN_rc5_cbc =    'RC5-CBC';
-  LN_rc5_cbc =    'rc5-cbc';
-  NID_rc5_cbc =    120;
-  SN_rc5_ecb =    'RC5-ECB';
-  LN_rc5_ecb =    'rc5-ecb';
-  NID_rc5_ecb =    121;
-  SN_rc5_cfb64 =    'RC5-CFB';
-  LN_rc5_cfb64 =    'rc5-cfb';
-  NID_rc5_cfb64 =    122;
-  SN_rc5_ofb64 =    'RC5-OFB';
-  LN_rc5_ofb64 =    'rc5-ofb';
-  NID_rc5_ofb64 =    123;
-  SN_ms_ext_req =    'msExtReq';
-  LN_ms_ext_req =    'Microsoft Extension Request';
-  NID_ms_ext_req =   171;
-  SN_ms_code_ind =   'msCodeInd';
-  LN_ms_code_ind =   'Microsoft Individual Code Signing';
-  NID_ms_code_ind =   134;
-  SN_ms_code_com =   'msCodeCom';
-  LN_ms_code_com =   'Microsoft Commercial Code Signing';
-  NID_ms_code_com =   135;
-  SN_ms_ctl_sign =   'msCTLSign';
-  LN_ms_ctl_sign =   'Microsoft Trust List Signing';
-  NID_ms_ctl_sign =   136;
-  SN_ms_sgc =     'msSGC';
-  LN_ms_sgc =     'Microsoft Server Gated Crypto';
-  NID_ms_sgc =    137;
-  SN_ms_efs =     'msEFS';
-  LN_ms_efs =     'Microsoft Encrypted File System';
-  NID_ms_efs =    138;
-  SN_ms_smartcard_login =    'msSmartcardLogin';
-  LN_ms_smartcard_login =    'Microsoft Smartcard Login';
-  NID_ms_smartcard_login =   648;
-  SN_ms_upn =     'msUPN';
-  LN_ms_upn =     'Microsoft User Principal Name';
-  NID_ms_upn =    649;
-  SN_idea_cbc =    'IDEA-CBC';
-  LN_idea_cbc =    'idea-cbc';
-  NID_idea_cbc =    34;
-  SN_idea_ecb =    'IDEA-ECB';
-  LN_idea_ecb =    'idea-ecb';
-  NID_idea_ecb =    36;
-  SN_idea_cfb64 =    'IDEA-CFB';
-  LN_idea_cfb64 =    'idea-cfb';
-  NID_idea_cfb64 =   35;
-  SN_idea_ofb64 =    'IDEA-OFB';
-  LN_idea_ofb64 =    'idea-ofb';
-  NID_idea_ofb64 =   46;
-  SN_bf_cbc =     'BF-CBC';
-  LN_bf_cbc =     'bf-cbc';
-  NID_bf_cbc =    91;
-  SN_bf_ecb =     'BF-ECB';
-  LN_bf_ecb =     'bf-ecb';
-  NID_bf_ecb =    92;
-  SN_bf_cfb64 =    'BF-CFB';
-  LN_bf_cfb64 =    'bf-cfb';
-  NID_bf_cfb64 =    93;
-  SN_bf_ofb64 =    'BF-OFB';
-  LN_bf_ofb64 =    'bf-ofb';
-  NID_bf_ofb64 =    94;
-  SN_id_pkix =    'PKIX';
-  NID_id_pkix =    127;
-  SN_id_pkix_mod =   'id-pkix-mod';
-  NID_id_pkix_mod =   258;
-  SN_id_pe =     'id-pe';
-  NID_id_pe =     175;
-  SN_id_qt =     'id-qt';
-  NID_id_qt =     259;
-  SN_id_kp =     'id-kp';
-  NID_id_kp =     128;
-  SN_id_it =     'id-it';
-  NID_id_it =     260;
-  SN_id_pkip =    'id-pkip';
-  NID_id_pkip =    261;
-  SN_id_alg =     'id-alg';
-  NID_id_alg =    262;
-  SN_id_cmc =     'id-cmc';
-  NID_id_cmc =    263;
-  SN_id_on =     'id-on';
-  NID_id_on =     264;
-  SN_id_pda =     'id-pda';
-  NID_id_pda =    265;
-  SN_id_aca =     'id-aca';
-  NID_id_aca =    266;
-  SN_id_qcs =     'id-qcs';
-  NID_id_qcs =    267;
-  SN_id_cct =     'id-cct';
-  NID_id_cct =    268;
-  SN_id_ppl =     'id-ppl';
-  NID_id_ppl =    662;
-  SN_id_ad =     'id-ad';
-  NID_id_ad =     176;
-  SN_id_pkix1_explicit_88 =   'id-pkix1-explicit-88';
-  NID_id_pkix1_explicit_88 =     269;
-  SN_id_pkix1_implicit_88 =   'id-pkix1-implicit-88';
-  NID_id_pkix1_implicit_88 =     270;
-  SN_id_pkix1_explicit_93 =   'id-pkix1-explicit-93';
-  NID_id_pkix1_explicit_93 =     271;
-  SN_id_pkix1_implicit_93 =   'id-pkix1-implicit-93';
-  NID_id_pkix1_implicit_93 =     272;
-  SN_id_mod_crmf =   'id-mod-crmf';
-  NID_id_mod_crmf =   273;
-  SN_id_mod_cmc =    'id-mod-cmc';
-  NID_id_mod_cmc =   274;
-  SN_id_mod_kea_profile_88 =     'id-mod-kea-profile-88';
-  NID_id_mod_kea_profile_88 =     275;
-  SN_id_mod_kea_profile_93 =     'id-mod-kea-profile-93';
-  NID_id_mod_kea_profile_93 =     276;
-  SN_id_mod_cmp =    'id-mod-cmp';
-  NID_id_mod_cmp =   277;
-  SN_id_mod_qualified_cert_88 =    'id-mod-qualified-cert-88';
-  NID_id_mod_qualified_cert_88 =    278;
-  SN_id_mod_qualified_cert_93 =    'id-mod-qualified-cert-93';
-  NID_id_mod_qualified_cert_93 =    279;
-  SN_id_mod_attribute_cert =     'id-mod-attribute-cert';
-  NID_id_mod_attribute_cert =     280;
-  SN_id_mod_timestamp_protocol =    'id-mod-timestamp-protocol';
-  NID_id_mod_timestamp_protocol =    281;
-  SN_id_mod_ocsp =   'id-mod-ocsp';
-  NID_id_mod_ocsp =   282;
-  SN_id_mod_dvcs =   'id-mod-dvcs';
-  NID_id_mod_dvcs =   283;
-  SN_id_mod_cmp2000 =     'id-mod-cmp2000';
-  NID_id_mod_cmp2000 =    284;
-  SN_info_access =   'authorityInfoAccess';
-  LN_info_access =   'Authority Information Access';
-  NID_info_access =   177;
-  SN_biometricInfo =     'biometricInfo';
-  LN_biometricInfo =     'Biometric Info';
-  NID_biometricInfo =     285;
-  SN_qcStatements =   'qcStatements';
-  NID_qcStatements =     286;
-  SN_ac_auditEntity =     'ac-auditEntity';
-  NID_ac_auditEntity =    287;
-  SN_ac_targeting =   'ac-targeting';
-  NID_ac_targeting =     288;
-  SN_aaControls =    'aaControls';
-  NID_aaControls =   289;
-  SN_sbgp_ipAddrBlock =    'sbgp-ipAddrBlock';
-  NID_sbgp_ipAddrBlock =    290;
-  SN_sbgp_autonomousSysNum =     'sbgp-autonomousSysNum';
-  NID_sbgp_autonomousSysNum =     291;
-  SN_sbgp_routerIdentifier =     'sbgp-routerIdentifier';
-  NID_sbgp_routerIdentifier =     292;
-  SN_ac_proxying =   'ac-proxying';
-  NID_ac_proxying =   397;
-  SN_sinfo_access =   'subjectInfoAccess';
-  LN_sinfo_access =   'Subject Information Access';
-  NID_sinfo_access =     398;
-  SN_proxyCertInfo =     'proxyCertInfo';
-  LN_proxyCertInfo =     'Proxy Certificate Information';
-  NID_proxyCertInfo =     663;
-  SN_tlsfeature =    'tlsfeature';
-  LN_tlsfeature =    'TLS Feature';
-  NID_tlsfeature =   1020;
-  SN_id_qt_cps =    'id-qt-cps';
-  LN_id_qt_cps =    'Policy Qualifier CPS';
-  NID_id_qt_cps =    164;
-  SN_id_qt_unotice =     'id-qt-unotice';
-  LN_id_qt_unotice =     'Policy Qualifier User Notice';
-  NID_id_qt_unotice =     165;
-  SN_textNotice =    'textNotice';
-  NID_textNotice =   293;
-  SN_server_auth =   'serverAuth';
-  LN_server_auth =   'TLS Web Server Authentication';
-  NID_server_auth =   129;
-  SN_client_auth =   'clientAuth';
-  LN_client_auth =   'TLS Web Client Authentication';
-  NID_client_auth =   130;
-  SN_code_sign =    'codeSigning';
-  LN_code_sign =    'Code Signing';
-  NID_code_sign =    131;
-  SN_email_protect =     'emailProtection';
-  LN_email_protect =     'E-mail Protection';
-  NID_email_protect =     132;
-  SN_ipsecEndSystem =     'ipsecEndSystem';
-  LN_ipsecEndSystem =     'IPSec End System';
-  NID_ipsecEndSystem =    294;
-  SN_ipsecTunnel =   'ipsecTunnel';
-  LN_ipsecTunnel =   'IPSec Tunnel';
-  NID_ipsecTunnel =   295;
-  SN_ipsecUser =    'ipsecUser';
-  LN_ipsecUser =    'IPSec User';
-  NID_ipsecUser =    296;
-  SN_time_stamp =    'timeStamping';
-  LN_time_stamp =    'Time Stamping';
-  NID_time_stamp =   133;
-  SN_OCSP_sign =    'OCSPSigning';
-  LN_OCSP_sign =    'OCSP Signing';
-  NID_OCSP_sign =    180;
-  SN_dvcs =   'DVCS';
-  LN_dvcs =   'dvcs';
-  NID_dvcs =     297;
-  SN_ipsec_IKE =    'ipsecIKE';
-  LN_ipsec_IKE =    'ipsec Internet Key Exchange';
-  NID_ipsec_IKE =    1022;
-  SN_capwapAC =    'capwapAC';
-  LN_capwapAC =    'Ctrl/provision WAP Access';
-  NID_capwapAC =    1023;
-  SN_capwapWTP =    'capwapWTP';
-  LN_capwapWTP =    'Ctrl/Provision WAP Termination';
-  NID_capwapWTP =    1024;
-  SN_sshClient =    'secureShellClient';
-  LN_sshClient =    'SSH Client';
-  NID_sshClient =    1025;
-  SN_sshServer =    'secureShellServer';
-  LN_sshServer =    'SSH Server';
-  NID_sshServer =    1026;
-  SN_sendRouter =    'sendRouter';
-  LN_sendRouter =    'Send Router';
-  NID_sendRouter =   1027;
-  SN_sendProxiedRouter =    'sendProxiedRouter';
-  LN_sendProxiedRouter =    'Send Proxied Router';
-  NID_sendProxiedRouter =    1028;
-  SN_sendOwner =    'sendOwner';
-  LN_sendOwner =    'Send Owner';
-  NID_sendOwner =    1029;
-  SN_sendProxiedOwner =    'sendProxiedOwner';
-  LN_sendProxiedOwner =    'Send Proxied Owner';
-  NID_sendProxiedOwner =    1030;
-  SN_cmcCA =     'cmcCA';
-  LN_cmcCA =     'CMC Certificate Authority';
-  NID_cmcCA =     1131;
-  SN_cmcRA =     'cmcRA';
-  LN_cmcRA =     'CMC Registration Authority';
-  NID_cmcRA =     1132;
-  SN_id_it_caProtEncCert =   'id-it-caProtEncCert';
-  NID_id_it_caProtEncCert =   298;
-  SN_id_it_signKeyPairTypes =     'id-it-signKeyPairTypes';
-  NID_id_it_signKeyPairTypes =    299;
-  SN_id_it_encKeyPairTypes =     'id-it-encKeyPairTypes';
-  NID_id_it_encKeyPairTypes =     300;
-  SN_id_it_preferredSymmAlg =     'id-it-preferredSymmAlg';
-  NID_id_it_preferredSymmAlg =    301;
-  SN_id_it_caKeyUpdateInfo =     'id-it-caKeyUpdateInfo';
-  NID_id_it_caKeyUpdateInfo =     302;
-  SN_id_it_currentCRL =    'id-it-currentCRL';
-  NID_id_it_currentCRL =    303;
-  SN_id_it_unsupportedOIDs =     'id-it-unsupportedOIDs';
-  NID_id_it_unsupportedOIDs =     304;
-  SN_id_it_subscriptionRequest =    'id-it-subscriptionRequest';
-  NID_id_it_subscriptionRequest =    305;
-  SN_id_it_subscriptionResponse =    'id-it-subscriptionResponse';
-  NID_id_it_subscriptionResponse =   306;
-  SN_id_it_keyPairParamReq =     'id-it-keyPairParamReq';
-  NID_id_it_keyPairParamReq =     307;
-  SN_id_it_keyPairParamRep =     'id-it-keyPairParamRep';
-  NID_id_it_keyPairParamRep =     308;
-  SN_id_it_revPassphrase =   'id-it-revPassphrase';
-  NID_id_it_revPassphrase =   309;
-  SN_id_it_implicitConfirm =     'id-it-implicitConfirm';
-  NID_id_it_implicitConfirm =     310;
-  SN_id_it_confirmWaitTime =     'id-it-confirmWaitTime';
-  NID_id_it_confirmWaitTime =     311;
-  SN_id_it_origPKIMessage =   'id-it-origPKIMessage';
-  NID_id_it_origPKIMessage =     312;
-  SN_id_it_suppLangTags =    'id-it-suppLangTags';
-  NID_id_it_suppLangTags =   784;
-  SN_id_regCtrl =    'id-regCtrl';
-  NID_id_regCtrl =   313;
-  SN_id_regInfo =    'id-regInfo';
-  NID_id_regInfo =   314;
-  SN_id_regCtrl_regToken =   'id-regCtrl-regToken';
-  NID_id_regCtrl_regToken =   315;
-  SN_id_regCtrl_authenticator =    'id-regCtrl-authenticator';
-  NID_id_regCtrl_authenticator =    316;
-  SN_id_regCtrl_pkiPublicationInfo =     'id-regCtrl-pkiPublicationInfo';
-  NID_id_regCtrl_pkiPublicationInfo =     317;
-  SN_id_regCtrl_pkiArchiveOptions =   'id-regCtrl-pkiArchiveOptions';
-  NID_id_regCtrl_pkiArchiveOptions =     318;
-  SN_id_regCtrl_oldCertID =   'id-regCtrl-oldCertID';
-  NID_id_regCtrl_oldCertID =     319;
-  SN_id_regCtrl_protocolEncrKey =    'id-regCtrl-protocolEncrKey';
-  NID_id_regCtrl_protocolEncrKey =   320;
-  SN_id_regInfo_utf8Pairs =   'id-regInfo-utf8Pairs';
-  NID_id_regInfo_utf8Pairs =     321;
-  SN_id_regInfo_certReq =    'id-regInfo-certReq';
-  NID_id_regInfo_certReq =   322;
-  SN_id_alg_des40 =   'id-alg-des40';
-  NID_id_alg_des40 =     323;
-  SN_id_alg_noSignature =    'id-alg-noSignature';
-  NID_id_alg_noSignature =   324;
-  SN_id_alg_dh_sig_hmac_sha1 =    'id-alg-dh-sig-hmac-sha1';
-  NID_id_alg_dh_sig_hmac_sha1 =    325;
-  SN_id_alg_dh_pop =     'id-alg-dh-pop';
-  NID_id_alg_dh_pop =     326;
-  SN_id_cmc_statusInfo =    'id-cmc-statusInfo';
-  NID_id_cmc_statusInfo =    327;
-  SN_id_cmc_identification =     'id-cmc-identification';
-  NID_id_cmc_identification =     328;
-  SN_id_cmc_identityProof =   'id-cmc-identityProof';
-  NID_id_cmc_identityProof =     329;
-  SN_id_cmc_dataReturn =    'id-cmc-dataReturn';
-  NID_id_cmc_dataReturn =    330;
-  SN_id_cmc_transactionId =   'id-cmc-transactionId';
-  NID_id_cmc_transactionId =     331;
-  SN_id_cmc_senderNonce =    'id-cmc-senderNonce';
-  NID_id_cmc_senderNonce =   332;
-  SN_id_cmc_recipientNonce =     'id-cmc-recipientNonce';
-  NID_id_cmc_recipientNonce =     333;
-  SN_id_cmc_addExtensions =   'id-cmc-addExtensions';
-  NID_id_cmc_addExtensions =     334;
-  SN_id_cmc_encryptedPOP =   'id-cmc-encryptedPOP';
-  NID_id_cmc_encryptedPOP =   335;
-  SN_id_cmc_decryptedPOP =   'id-cmc-decryptedPOP';
-  NID_id_cmc_decryptedPOP =   336;
-  SN_id_cmc_lraPOPWitness =   'id-cmc-lraPOPWitness';
-  NID_id_cmc_lraPOPWitness =     337;
-  SN_id_cmc_getCert =     'id-cmc-getCert';
-  NID_id_cmc_getCert =    338;
-  SN_id_cmc_getCRL =     'id-cmc-getCRL';
-  NID_id_cmc_getCRL =     339;
-  SN_id_cmc_revokeRequest =   'id-cmc-revokeRequest';
-  NID_id_cmc_revokeRequest =     340;
-  SN_id_cmc_regInfo =     'id-cmc-regInfo';
-  NID_id_cmc_regInfo =    341;
-  SN_id_cmc_responseInfo =   'id-cmc-responseInfo';
-  NID_id_cmc_responseInfo =   342;
-  SN_id_cmc_queryPending =   'id-cmc-queryPending';
-  NID_id_cmc_queryPending =   343;
-  SN_id_cmc_popLinkRandom =   'id-cmc-popLinkRandom';
-  NID_id_cmc_popLinkRandom =     344;
-  SN_id_cmc_popLinkWitness =     'id-cmc-popLinkWitness';
-  NID_id_cmc_popLinkWitness =     345;
-  SN_id_cmc_confirmCertAcceptance =   'id-cmc-confirmCertAcceptance';
-  NID_id_cmc_confirmCertAcceptance =     346;
-  SN_id_on_personalData =    'id-on-personalData';
-  NID_id_on_personalData =   347;
-  SN_id_on_permanentIdentifier =    'id-on-permanentIdentifier';
-  LN_id_on_permanentIdentifier =    'Permanent Identifier';
-  NID_id_on_permanentIdentifier =    858;
-  SN_id_pda_dateOfBirth =    'id-pda-dateOfBirth';
-  NID_id_pda_dateOfBirth =   348;
-  SN_id_pda_placeOfBirth =   'id-pda-placeOfBirth';
-  NID_id_pda_placeOfBirth =   349;
-  SN_id_pda_gender =     'id-pda-gender';
-  NID_id_pda_gender =     351;
-  SN_id_pda_countryOfCitizenship =   'id-pda-countryOfCitizenship';
-  NID_id_pda_countryOfCitizenship =   352;
-  SN_id_pda_countryOfResidence =    'id-pda-countryOfResidence';
-  NID_id_pda_countryOfResidence =    353;
-  SN_id_aca_authenticationInfo =    'id-aca-authenticationInfo';
-  NID_id_aca_authenticationInfo =    354;
-  SN_id_aca_accessIdentity =     'id-aca-accessIdentity';
-  NID_id_aca_accessIdentity =     355;
-  SN_id_aca_chargingIdentity =    'id-aca-chargingIdentity';
-  NID_id_aca_chargingIdentity =    356;
-  SN_id_aca_group =   'id-aca-group';
-  NID_id_aca_group =     357;
-  SN_id_aca_role =   'id-aca-role';
-  NID_id_aca_role =   358;
-  SN_id_aca_encAttrs =    'id-aca-encAttrs';
-  NID_id_aca_encAttrs =    399;
-  SN_id_qcs_pkixQCSyntax_v1 =     'id-qcs-pkixQCSyntax-v1';
-  NID_id_qcs_pkixQCSyntax_v1 =    359;
-  SN_id_cct_crs =    'id-cct-crs';
-  NID_id_cct_crs =   360;
-  SN_id_cct_PKIData =     'id-cct-PKIData';
-  NID_id_cct_PKIData =    361;
-  SN_id_cct_PKIResponse =    'id-cct-PKIResponse';
-  NID_id_cct_PKIResponse =   362;
-  SN_id_ppl_anyLanguage =    'id-ppl-anyLanguage';
-  LN_id_ppl_anyLanguage =    'Any language';
-  NID_id_ppl_anyLanguage =   664;
-  SN_id_ppl_inheritAll =    'id-ppl-inheritAll';
-  LN_id_ppl_inheritAll =    'Inherit all';
-  NID_id_ppl_inheritAll =    665;
-  SN_Independent =   'id-ppl-independent';
-  LN_Independent =   'Independent';
-  NID_Independent =   667;
-  SN_ad_OCSP =    'OCSP';
-  LN_ad_OCSP =    'OCSP';
-  NID_ad_OCSP =    178;
-  SN_ad_ca_issuers =     'caIssuers';
-  LN_ad_ca_issuers =     'CA Issuers';
-  NID_ad_ca_issuers =     179;
-  SN_ad_timeStamping =    'ad_timestamping';
-  LN_ad_timeStamping =    'AD Time Stamping';
-  NID_ad_timeStamping =    363;
-  SN_ad_dvcs =    'AD_DVCS';
-  LN_ad_dvcs =    'ad dvcs';
-  NID_ad_dvcs =    364;
-  SN_caRepository =   'caRepository';
-  LN_caRepository =   'CA Repository';
-  NID_caRepository =     785;
-  SN_id_pkix_OCSP_basic =    'basicOCSPResponse';
-  LN_id_pkix_OCSP_basic =    'Basic OCSP Response';
-  NID_id_pkix_OCSP_basic =   365;
-  SN_id_pkix_OCSP_Nonce =    'Nonce';
-  LN_id_pkix_OCSP_Nonce =    'OCSP Nonce';
-  NID_id_pkix_OCSP_Nonce =   366;
-  SN_id_pkix_OCSP_CrlID =    'CrlID';
-  LN_id_pkix_OCSP_CrlID =    'OCSP CRL ID';
-  NID_id_pkix_OCSP_CrlID =   367;
-  SN_id_pkix_OCSP_acceptableResponses =    'acceptableResponses';
-  LN_id_pkix_OCSP_acceptableResponses =    'Acceptable OCSP Responses';
-  NID_id_pkix_OCSP_acceptableResponses =    368;
-  SN_id_pkix_OCSP_noCheck =   'noCheck';
-  LN_id_pkix_OCSP_noCheck =   'OCSP No Check';
-  NID_id_pkix_OCSP_noCheck =     369;
-  SN_id_pkix_OCSP_archiveCutoff =    'archiveCutoff';
-  LN_id_pkix_OCSP_archiveCutoff =    'OCSP Archive Cutoff';
-  NID_id_pkix_OCSP_archiveCutoff =   370;
-  SN_id_pkix_OCSP_serviceLocator =   'serviceLocator';
-  LN_id_pkix_OCSP_serviceLocator =   'OCSP Service Locator';
-  NID_id_pkix_OCSP_serviceLocator =   371;
-  SN_id_pkix_OCSP_extendedStatus =   'extendedStatus';
-  LN_id_pkix_OCSP_extendedStatus =   'Extended OCSP Status';
-  NID_id_pkix_OCSP_extendedStatus =   372;
-  SN_id_pkix_OCSP_valid =    'valid';
-  NID_id_pkix_OCSP_valid =   373;
-  SN_id_pkix_OCSP_path =    'path';
-  NID_id_pkix_OCSP_path =    374;
-  SN_id_pkix_OCSP_trustRoot =     'trustRoot';
-  LN_id_pkix_OCSP_trustRoot =     'Trust Root';
-  NID_id_pkix_OCSP_trustRoot =    375;
-  SN_algorithm =    'algorithm';
-  LN_algorithm =    'algorithm';
-  NID_algorithm =    376;
-  SN_md5WithRSA =    'RSA-NP-MD5';
-  LN_md5WithRSA =    'md5WithRSA';
-  NID_md5WithRSA =   104;
-  SN_des_ecb =    'DES-ECB';
-  LN_des_ecb =    'des-ecb';
-  NID_des_ecb =    29;
-  SN_des_cbc =    'DES-CBC';
-  LN_des_cbc =    'des-cbc';
-  NID_des_cbc =    31;
-  SN_des_ofb64 =    'DES-OFB';
-  LN_des_ofb64 =    'des-ofb';
-  NID_des_ofb64 =    45;
-  SN_des_cfb64 =    'DES-CFB';
-  LN_des_cfb64 =    'des-cfb';
-  NID_des_cfb64 =    30;
-  SN_rsaSignature =   'rsaSignature';
-  NID_rsaSignature =     377;
-  SN_dsa_2 =     'DSA-old';
-  LN_dsa_2 =     'dsaEncryption-old';
-  NID_dsa_2 =     67;
-  SN_dsaWithSHA =    'DSA-SHA';
-  LN_dsaWithSHA =    'dsaWithSHA';
-  NID_dsaWithSHA =   66;
-  SN_shaWithRSAEncryption =   'RSA-SHA';
-  LN_shaWithRSAEncryption =   'shaWithRSAEncryption';
-  NID_shaWithRSAEncryption =     42;
-  SN_des_ede_ecb =   'DES-EDE';
-  LN_des_ede_ecb =   'des-ede';
-  NID_des_ede_ecb =   32;
-  SN_des_ede3_ecb =   'DES-EDE3';
-  LN_des_ede3_ecb =   'des-ede3';
-  NID_des_ede3_ecb =     33;
-  SN_des_ede_cbc =   'DES-EDE-CBC';
-  LN_des_ede_cbc =   'des-ede-cbc';
-  NID_des_ede_cbc =   43;
-  SN_des_ede_cfb64 =     'DES-EDE-CFB';
-  LN_des_ede_cfb64 =     'des-ede-cfb';
-  NID_des_ede_cfb64 =     60;
-  SN_des_ede3_cfb64 =     'DES-EDE3-CFB';
-  LN_des_ede3_cfb64 =     'des-ede3-cfb';
-  NID_des_ede3_cfb64 =    61;
-  SN_des_ede_ofb64 =     'DES-EDE-OFB';
-  LN_des_ede_ofb64 =     'des-ede-ofb';
-  NID_des_ede_ofb64 =     62;
-  SN_des_ede3_ofb64 =     'DES-EDE3-OFB';
-  LN_des_ede3_ofb64 =     'des-ede3-ofb';
-  NID_des_ede3_ofb64 =    63;
-  SN_desx_cbc =    'DESX-CBC';
-  LN_desx_cbc =    'desx-cbc';
-  NID_desx_cbc =    80;
-  SN_sha =   'SHA';
-  LN_sha =   'sha';
-  NID_sha =   41;
-  SN_sha1 =   'SHA1';
-  LN_sha1 =   'sha1';
-  NID_sha1 =     64;
-  SN_dsaWithSHA1_2 =     'DSA-SHA1-old';
-  LN_dsaWithSHA1_2 =     'dsaWithSHA1-old';
-  NID_dsaWithSHA1_2 =     70;
-  SN_sha1WithRSA =   'RSA-SHA1-2';
-  LN_sha1WithRSA =   'sha1WithRSA';
-  NID_sha1WithRSA =   115;
-  SN_ripemd160 =    'RIPEMD160';
-  LN_ripemd160 =    'ripemd160';
-  NID_ripemd160 =    117;
-  SN_ripemd160WithRSA =    'RSA-RIPEMD160';
-  LN_ripemd160WithRSA =    'ripemd160WithRSA';
-  NID_ripemd160WithRSA =    119;
-  SN_blake2b512 =    'BLAKE2b512';
-  LN_blake2b512 =    'blake2b512';
-  NID_blake2b512 =   1056;
-  SN_blake2s256 =    'BLAKE2s256';
-  LN_blake2s256 =    'blake2s256';
-  NID_blake2s256 =   1057;
-  SN_sxnet =     'SXNetID';
-  LN_sxnet =     'Strong Extranet ID';
-  NID_sxnet =     143;
-  SN_X500 =   'X500';
-  LN_X500 =   'directory services(X.500)';
-  NID_X500 =     11;
-  SN_X509 =   'X509';
-  NID_X509 =     12;
-  SN_commonName =    'CN';
-  LN_commonName =    'commonName';
-  NID_commonName =   13;
-  SN_surname =    'SN';
-  LN_surname =    'surname';
-  NID_surname =    100;
-  LN_serialNumber =   'serialNumber';
-  NID_serialNumber =     105;
-  SN_countryName =   'C';
-  LN_countryName =   'countryName';
-  NID_countryName =   14;
-  SN_localityName =   'L';
-  LN_localityName =   'localityName';
-  NID_localityName =     15;
-  SN_stateOrProvinceName =   'ST';
-  LN_stateOrProvinceName =   'stateOrProvinceName';
-  NID_stateOrProvinceName =   16;
-  SN_streetAddress =     'street';
-  LN_streetAddress =     'streetAddress';
-  NID_streetAddress =     660;
-  SN_organizationName =    'O';
-  LN_organizationName =    'organizationName';
-  NID_organizationName =    17;
-  SN_organizationalUnitName =     'OU';
-  LN_organizationalUnitName =     'organizationalUnitName';
-  NID_organizationalUnitName =    18;
-  SN_title =     'title';
-  LN_title =     'title';
-  NID_title =     106;
-  LN_description =   'description';
-  NID_description =   107;
-  LN_searchGuide =   'searchGuide';
-  NID_searchGuide =   859;
-  LN_businessCategory =    'businessCategory';
-  NID_businessCategory =    860;
-  LN_postalAddress =     'postalAddress';
-  NID_postalAddress =     861;
-  LN_postalCode =    'postalCode';
-  NID_postalCode =   661;
-  LN_postOfficeBox =     'postOfficeBox';
-  NID_postOfficeBox =     862;
-  LN_physicalDeliveryOfficeName =    'physicalDeliveryOfficeName';
-  NID_physicalDeliveryOfficeName =   863;
-  LN_telephoneNumber =    'telephoneNumber';
-  NID_telephoneNumber =    864;
-  LN_telexNumber =   'telexNumber';
-  NID_telexNumber =   865;
-  LN_teletexTerminalIdentifier =    'teletexTerminalIdentifier';
-  NID_teletexTerminalIdentifier =    866;
-  LN_facsimileTelephoneNumber =    'facsimileTelephoneNumber';
-  NID_facsimileTelephoneNumber =    867;
-  LN_x121Address =   'x121Address';
-  NID_x121Address =   868;
-  LN_internationaliSDNNumber =    'internationaliSDNNumber';
-  NID_internationaliSDNNumber =    869;
-  LN_registeredAddress =    'registeredAddress';
-  NID_registeredAddress =    870;
-  LN_destinationIndicator =   'destinationIndicator';
-  NID_destinationIndicator =     871;
-  LN_preferredDeliveryMethod =    'preferredDeliveryMethod';
-  NID_preferredDeliveryMethod =    872;
-  LN_presentationAddress =   'presentationAddress';
-  NID_presentationAddress =   873;
-  LN_supportedApplicationContext =   'supportedApplicationContext';
-  NID_supportedApplicationContext =   874;
-  SN_member =     'member';
-  NID_member =    875;
-  SN_owner =     'owner';
-  NID_owner =     876;
-  LN_roleOccupant =   'roleOccupant';
-  NID_roleOccupant =     877;
-  SN_seeAlso =    'seeAlso';
-  NID_seeAlso =    878;
-  LN_userPassword =   'userPassword';
-  NID_userPassword =     879;
-  LN_userCertificate =    'userCertificate';
-  NID_userCertificate =    880;
-  LN_cACertificate =     'cACertificate';
-  NID_cACertificate =     881;
-  LN_authorityRevocationList =    'authorityRevocationList';
-  NID_authorityRevocationList =    882;
-  LN_certificateRevocationList =    'certificateRevocationList';
-  NID_certificateRevocationList =    883;
-  LN_crossCertificatePair =   'crossCertificatePair';
-  NID_crossCertificatePair =     884;
-  SN_name =   'name';
-  LN_name =   'name';
-  NID_name =     173;
-  SN_givenName =    'GN';
-  LN_givenName =    'givenName';
-  NID_givenName =    99;
-  SN_initials =    'initials';
-  LN_initials =    'initials';
-  NID_initials =    101;
-  LN_generationQualifier =   'generationQualifier';
-  NID_generationQualifier =   509;
-  LN_x500UniqueIdentifier =   'x500UniqueIdentifier';
-  NID_x500UniqueIdentifier =     503;
-  SN_dnQualifier =   'dnQualifier';
-  LN_dnQualifier =   'dnQualifier';
-  NID_dnQualifier =   174;
-  LN_enhancedSearchGuide =   'enhancedSearchGuide';
-  NID_enhancedSearchGuide =   885;
-  LN_protocolInformation =   'protocolInformation';
-  NID_protocolInformation =   886;
-  LN_distinguishedName =    'distinguishedName';
-  NID_distinguishedName =    887;
-  LN_uniqueMember =   'uniqueMember';
-  NID_uniqueMember =     888;
-  LN_houseIdentifier =    'houseIdentifier';
-  NID_houseIdentifier =    889;
-  LN_supportedAlgorithms =   'supportedAlgorithms';
-  NID_supportedAlgorithms =   890;
-  LN_deltaRevocationList =   'deltaRevocationList';
-  NID_deltaRevocationList =   891;
-  SN_dmdName =    'dmdName';
-  NID_dmdName =    892;
-  LN_pseudonym =    'pseudonym';
-  NID_pseudonym =    510;
-  SN_role =   'role';
-  LN_role =   'role';
-  NID_role =     400;
-  LN_organizationIdentifier =     'organizationIdentifier';
-  NID_organizationIdentifier =    1089;
-  SN_countryCode3c =     'c3';
-  LN_countryCode3c =     'countryCode3c';
-  NID_countryCode3c =     1090;
-  SN_countryCode3n =     'n3';
-  LN_countryCode3n =     'countryCode3n';
-  NID_countryCode3n =     1091;
-  LN_dnsName =    'dnsName';
-  NID_dnsName =    1092;
-  SN_X500algorithms =     'X500algorithms';
-  LN_X500algorithms =     'directory services - algorithms';
-  NID_X500algorithms =    378;
-  SN_rsa =   'RSA';
-  LN_rsa =   'rsa';
-  NID_rsa =   19;
-  SN_mdc2WithRSA =   'RSA-MDC2';
-  LN_mdc2WithRSA =   'mdc2WithRSA';
-  NID_mdc2WithRSA =   96;
-  SN_mdc2 =   'MDC2';
-  LN_mdc2 =   'mdc2';
-  NID_mdc2 =     95;
-  SN_id_ce =     'id-ce';
-  NID_id_ce =     81;
-  SN_subject_directory_attributes =   'subjectDirectoryAttributes';
-  LN_subject_directory_attributes =   'X509v3 Subject Directory Attributes';
-  NID_subject_directory_attributes =     769;
-  SN_subject_key_identifier =     'subjectKeyIdentifier';
-  LN_subject_key_identifier =     'X509v3 Subject Key Identifier';
-  NID_subject_key_identifier =    82;
-  SN_key_usage =    'keyUsage';
-  LN_key_usage =    'X509v3 Key Usage';
-  NID_key_usage =    83;
-  SN_private_key_usage_period =    'privateKeyUsagePeriod';
-  LN_private_key_usage_period =    'X509v3 Private Key Usage Period';
-  NID_private_key_usage_period =    84;
-  SN_subject_alt_name =    'subjectAltName';
-  LN_subject_alt_name =    'X509v3 Subject Alternative Name';
-  NID_subject_alt_name =    85;
-  SN_issuer_alt_name =    'issuerAltName';
-  LN_issuer_alt_name =    'X509v3 Issuer Alternative Name';
-  NID_issuer_alt_name =    86;
-  SN_basic_constraints =    'basicConstraints';
-  LN_basic_constraints =    'X509v3 Basic Constraints';
-  NID_basic_constraints =    87;
-  SN_crl_number =    'crlNumber';
-  LN_crl_number =    'X509v3 CRL Number';
-  NID_crl_number =   88;
-  SN_crl_reason =    'CRLReason';
-  LN_crl_reason =    'X509v3 CRL Reason Code';
-  NID_crl_reason =   141;
-  SN_invalidity_date =    'invalidityDate';
-  LN_invalidity_date =    'Invalidity Date';
-  NID_invalidity_date =    142;
-  SN_delta_crl =    'deltaCRL';
-  LN_delta_crl =    'X509v3 Delta CRL Indicator';
-  NID_delta_crl =    140;
-  SN_issuing_distribution_point =    'issuingDistributionPoint';
-  LN_issuing_distribution_point =    'X509v3 Issuing Distribution Point';
-  NID_issuing_distribution_point =   770;
-  SN_certificate_issuer =    'certificateIssuer';
-  LN_certificate_issuer =    'X509v3 Certificate Issuer';
-  NID_certificate_issuer =   771;
-  SN_name_constraints =    'nameConstraints';
-  LN_name_constraints =    'X509v3 Name Constraints';
-  NID_name_constraints =    666;
-  SN_crl_distribution_points =    'crlDistributionPoints';
-  LN_crl_distribution_points =    'X509v3 CRL Distribution Points';
-  NID_crl_distribution_points =    103;
-  SN_certificate_policies =   'certificatePolicies';
-  LN_certificate_policies =   'X509v3 Certificate Policies';
-  NID_certificate_policies =     89;
-  SN_any_policy =    'anyPolicy';
-  LN_any_policy =    'X509v3 Any Policy';
-  NID_any_policy =   746;
-  SN_policy_mappings =    'policyMappings';
-  LN_policy_mappings =    'X509v3 Policy Mappings';
-  NID_policy_mappings =    747;
-  SN_authority_key_identifier =    'authorityKeyIdentifier';
-  LN_authority_key_identifier =    'X509v3 Authority Key Identifier';
-  NID_authority_key_identifier =    90;
-  SN_policy_constraints =    'policyConstraints';
-  LN_policy_constraints =    'X509v3 Policy Constraints';
-  NID_policy_constraints =   401;
-  SN_ext_key_usage =     'extendedKeyUsage';
-  LN_ext_key_usage =     'X509v3 Extended Key Usage';
-  NID_ext_key_usage =     126;
-  SN_freshest_crl =   'freshestCRL';
-  LN_freshest_crl =   'X509v3 Freshest CRL';
-  NID_freshest_crl =     857;
-  SN_inhibit_any_policy =    'inhibitAnyPolicy';
-  LN_inhibit_any_policy =    'X509v3 Inhibit Any Policy';
-  NID_inhibit_any_policy =   748;
-  SN_target_information =    'targetInformation';
-  LN_target_information =    'X509v3 AC Targeting';
-  NID_target_information =   402;
-  SN_no_rev_avail =   'noRevAvail';
-  LN_no_rev_avail =   'X509v3 No Revocation Available';
-  NID_no_rev_avail =     403;
-  SN_anyExtendedKeyUsage =   'anyExtendedKeyUsage';
-  LN_anyExtendedKeyUsage =   'Any Extended Key Usage';
-  NID_anyExtendedKeyUsage =   910;
-  SN_netscape =    'Netscape';
-  LN_netscape =    'Netscape Communications Corp.';
-  NID_netscape =    57;
-  SN_netscape_cert_extension =    'nsCertExt';
-  LN_netscape_cert_extension =    'Netscape Certificate Extension';
-  NID_netscape_cert_extension =    58;
-  SN_netscape_data_type =    'nsDataType';
-  LN_netscape_data_type =    'Netscape Data Type';
-  NID_netscape_data_type =   59;
-  SN_netscape_cert_type =    'nsCertType';
-  LN_netscape_cert_type =    'Netscape Cert Type';
-  NID_netscape_cert_type =   71;
-  SN_netscape_base_url =    'nsBaseUrl';
-  LN_netscape_base_url =    'Netscape Base Url';
-  NID_netscape_base_url =    72;
-  SN_netscape_revocation_url =    'nsRevocationUrl';
-  LN_netscape_revocation_url =    'Netscape Revocation Url';
-  NID_netscape_revocation_url =    73;
-  SN_netscape_ca_revocation_url =    'nsCaRevocationUrl';
-  LN_netscape_ca_revocation_url =    'Netscape CA Revocation Url';
-  NID_netscape_ca_revocation_url =   74;
-  SN_netscape_renewal_url =   'nsRenewalUrl';
-  LN_netscape_renewal_url =   'Netscape Renewal Url';
-  NID_netscape_renewal_url =     75;
-  SN_netscape_ca_policy_url =     'nsCaPolicyUrl';
-  LN_netscape_ca_policy_url =     'Netscape CA Policy Url';
-  NID_netscape_ca_policy_url =    76;
-  SN_netscape_ssl_server_name =    'nsSslServerName';
-  LN_netscape_ssl_server_name =    'Netscape Server: SSl Name';
-  NID_netscape_ssl_server_name =    77;
-  SN_netscape_comment =    'nsComment';
-  LN_netscape_comment =    'Netscape Comment';
-  NID_netscape_comment =    78;
-  SN_netscape_cert_sequence =     'nsCertSequence';
-  LN_netscape_cert_sequence =     'Netscape Certificate Sequence';
-  NID_netscape_cert_sequence =    79;
-  SN_ns_sgc =     'nsSGC';
-  LN_ns_sgc =     'Netscape Server Gated Crypto';
-  NID_ns_sgc =    139;
-  SN_org =   'ORG';
-  LN_org =   'org';
-  NID_org =   379;
-  SN_dod =   'DOD';
-  LN_dod =   'dod';
-  NID_dod =   380;
-  SN_iana =   'IANA';
-  LN_iana =   'iana';
-  NID_iana =     381;
-  SN_Directory =    'directory';
-  LN_Directory =    'Directory';
-  NID_Directory =    382;
-  SN_Management =    'mgmt';
-  LN_Management =    'Management';
-  NID_Management =   383;
-  SN_Experimental =   'experimental';
-  LN_Experimental =   'Experimental';
-  NID_Experimental =     384;
-  SN_Private =    'private';
-  LN_Private =    'Private';
-  NID_Private =    385;
-  SN_Security =    'security';
-  LN_Security =    'Security';
-  NID_Security =    386;
-  SN_SNMPv2 =     'snmpv2';
-  LN_SNMPv2 =     'SNMPv2';
-  NID_SNMPv2 =    387;
-  LN_Mail =   'Mail';
-  NID_Mail =     388;
-  SN_Enterprises =   'enterprises';
-  LN_Enterprises =   'Enterprises';
-  NID_Enterprises =   389;
-  SN_dcObject =    'dcobject';
-  LN_dcObject =    'dcObject';
-  NID_dcObject =    390;
-  SN_mime_mhs =    'mime-mhs';
-  LN_mime_mhs =    'MIME MHS';
-  NID_mime_mhs =    504;
-  SN_mime_mhs_headings =    'mime-mhs-headings';
-  LN_mime_mhs_headings =    'mime-mhs-headings';
-  NID_mime_mhs_headings =    505;
-  SN_mime_mhs_bodies =    'mime-mhs-bodies';
-  LN_mime_mhs_bodies =    'mime-mhs-bodies';
-  NID_mime_mhs_bodies =    506;
-  SN_id_hex_partial_message =     'id-hex-partial-message';
-  LN_id_hex_partial_message =     'id-hex-partial-message';
-  NID_id_hex_partial_message =    507;
-  SN_id_hex_multipart_message =    'id-hex-multipart-message';
-  LN_id_hex_multipart_message =    'id-hex-multipart-message';
-  NID_id_hex_multipart_message =    508;
-  SN_zlib_compression =    'ZLIB';
-  LN_zlib_compression =    'zlib compression';
-  NID_zlib_compression =    125;
-  SN_aes_128_ecb =   'AES-128-ECB';
-  LN_aes_128_ecb =   'aes-128-ecb';
-  NID_aes_128_ecb =   418;
-  SN_aes_128_cbc =   'AES-128-CBC';
-  LN_aes_128_cbc =   'aes-128-cbc';
-  NID_aes_128_cbc =   419;
-  SN_aes_128_ofb128 =     'AES-128-OFB';
-  LN_aes_128_ofb128 =     'aes-128-ofb';
-  NID_aes_128_ofb128 =    420;
-  SN_aes_128_cfb128 =     'AES-128-CFB';
-  LN_aes_128_cfb128 =     'aes-128-cfb';
-  NID_aes_128_cfb128 =    421;
-  SN_id_aes128_wrap =     'id-aes128-wrap';
-  NID_id_aes128_wrap =    788;
-  SN_aes_128_gcm =   'id-aes128-GCM';
-  LN_aes_128_gcm =   'aes-128-gcm';
-  NID_aes_128_gcm =   895;
-  SN_aes_128_ccm =   'id-aes128-CCM';
-  LN_aes_128_ccm =   'aes-128-ccm';
-  NID_aes_128_ccm =   896;
-  SN_id_aes128_wrap_pad =    'id-aes128-wrap-pad';
-  NID_id_aes128_wrap_pad =   897;
-  SN_aes_192_ecb =   'AES-192-ECB';
-  LN_aes_192_ecb =   'aes-192-ecb';
-  NID_aes_192_ecb =   422;
-  SN_aes_192_cbc =   'AES-192-CBC';
-  LN_aes_192_cbc =   'aes-192-cbc';
-  NID_aes_192_cbc =   423;
-  SN_aes_192_ofb128 =     'AES-192-OFB';
-  LN_aes_192_ofb128 =     'aes-192-ofb';
-  NID_aes_192_ofb128 =    424;
-  SN_aes_192_cfb128 =     'AES-192-CFB';
-  LN_aes_192_cfb128 =     'aes-192-cfb';
-  NID_aes_192_cfb128 =    425;
-  SN_id_aes192_wrap =     'id-aes192-wrap';
-  NID_id_aes192_wrap =    789;
-  SN_aes_192_gcm =   'id-aes192-GCM';
-  LN_aes_192_gcm =   'aes-192-gcm';
-  NID_aes_192_gcm =   898;
-  SN_aes_192_ccm =   'id-aes192-CCM';
-  LN_aes_192_ccm =   'aes-192-ccm';
-  NID_aes_192_ccm =   899;
-  SN_id_aes192_wrap_pad =    'id-aes192-wrap-pad';
-  NID_id_aes192_wrap_pad =   900;
-  SN_aes_256_ecb =   'AES-256-ECB';
-  LN_aes_256_ecb =   'aes-256-ecb';
-  NID_aes_256_ecb =   426;
-  SN_aes_256_cbc =   'AES-256-CBC';
-  LN_aes_256_cbc =   'aes-256-cbc';
-  NID_aes_256_cbc =   427;
-  SN_aes_256_ofb128 =     'AES-256-OFB';
-  LN_aes_256_ofb128 =     'aes-256-ofb';
-  NID_aes_256_ofb128 =    428;
-  SN_aes_256_cfb128 =     'AES-256-CFB';
-  LN_aes_256_cfb128 =     'aes-256-cfb';
-  NID_aes_256_cfb128 =    429;
-  SN_id_aes256_wrap =     'id-aes256-wrap';
-  NID_id_aes256_wrap =    790;
-  SN_aes_256_gcm =   'id-aes256-GCM';
-  LN_aes_256_gcm =   'aes-256-gcm';
-  NID_aes_256_gcm =   901;
-  SN_aes_256_ccm =   'id-aes256-CCM';
-  LN_aes_256_ccm =   'aes-256-ccm';
-  NID_aes_256_ccm =   902;
-  SN_id_aes256_wrap_pad =    'id-aes256-wrap-pad';
-  NID_id_aes256_wrap_pad =   903;
-  SN_aes_128_xts =   'AES-128-XTS';
-  LN_aes_128_xts =   'aes-128-xts';
-  NID_aes_128_xts =   913;
-  SN_aes_256_xts =   'AES-256-XTS';
-  LN_aes_256_xts =   'aes-256-xts';
-  NID_aes_256_xts =   914;
-  SN_aes_128_cfb1 =   'AES-128-CFB1';
-  LN_aes_128_cfb1 =   'aes-128-cfb1';
-  NID_aes_128_cfb1 =     650;
-  SN_aes_192_cfb1 =   'AES-192-CFB1';
-  LN_aes_192_cfb1 =   'aes-192-cfb1';
-  NID_aes_192_cfb1 =     651;
-  SN_aes_256_cfb1 =   'AES-256-CFB1';
-  LN_aes_256_cfb1 =   'aes-256-cfb1';
-  NID_aes_256_cfb1 =     652;
-  SN_aes_128_cfb8 =   'AES-128-CFB8';
-  LN_aes_128_cfb8 =   'aes-128-cfb8';
-  NID_aes_128_cfb8 =     653;
-  SN_aes_192_cfb8 =   'AES-192-CFB8';
-  LN_aes_192_cfb8 =   'aes-192-cfb8';
-  NID_aes_192_cfb8 =     654;
-  SN_aes_256_cfb8 =   'AES-256-CFB8';
-  LN_aes_256_cfb8 =   'aes-256-cfb8';
-  NID_aes_256_cfb8 =     655;
-  SN_aes_128_ctr =   'AES-128-CTR';
-  LN_aes_128_ctr =   'aes-128-ctr';
-  NID_aes_128_ctr =   904;
-  SN_aes_192_ctr =   'AES-192-CTR';
-  LN_aes_192_ctr =   'aes-192-ctr';
-  NID_aes_192_ctr =   905;
-  SN_aes_256_ctr =   'AES-256-CTR';
-  LN_aes_256_ctr =   'aes-256-ctr';
-  NID_aes_256_ctr =   906;
-  SN_aes_128_ocb =   'AES-128-OCB';
-  LN_aes_128_ocb =   'aes-128-ocb';
-  NID_aes_128_ocb =   958;
-  SN_aes_192_ocb =   'AES-192-OCB';
-  LN_aes_192_ocb =   'aes-192-ocb';
-  NID_aes_192_ocb =   959;
-  SN_aes_256_ocb =   'AES-256-OCB';
-  LN_aes_256_ocb =   'aes-256-ocb';
-  NID_aes_256_ocb =   960;
-  SN_des_cfb1 =    'DES-CFB1';
-  LN_des_cfb1 =    'des-cfb1';
-  NID_des_cfb1 =    656;
-  SN_des_cfb8 =    'DES-CFB8';
-  LN_des_cfb8 =    'des-cfb8';
-  NID_des_cfb8 =    657;
-  SN_des_ede3_cfb1 =     'DES-EDE3-CFB1';
-  LN_des_ede3_cfb1 =     'des-ede3-cfb1';
-  NID_des_ede3_cfb1 =     658;
-  SN_des_ede3_cfb8 =     'DES-EDE3-CFB8';
-  LN_des_ede3_cfb8 =     'des-ede3-cfb8';
-  NID_des_ede3_cfb8 =     659;
-  SN_sha256 =     'SHA256';
-  LN_sha256 =     'sha256';
-  NID_sha256 =    672;
-  SN_sha384 =     'SHA384';
-  LN_sha384 =     'sha384';
-  NID_sha384 =    673;
-  SN_sha512 =     'SHA512';
-  LN_sha512 =     'sha512';
-  NID_sha512 =    674;
-  SN_sha224 =     'SHA224';
-  LN_sha224 =     'sha224';
-  NID_sha224 =    675;
-  SN_sha512_224 =    'SHA512-224';
-  LN_sha512_224 =    'sha512-224';
-  NID_sha512_224 =   1094;
-  SN_sha512_256 =    'SHA512-256';
-  LN_sha512_256 =    'sha512-256';
-  NID_sha512_256 =   1095;
-  SN_sha3_224 =    'SHA3-224';
-  LN_sha3_224 =    'sha3-224';
-  NID_sha3_224 =    1096;
-  SN_sha3_256 =    'SHA3-256';
-  LN_sha3_256 =    'sha3-256';
-  NID_sha3_256 =    1097;
-  SN_sha3_384 =    'SHA3-384';
-  LN_sha3_384 =    'sha3-384';
-  NID_sha3_384 =    1098;
-  SN_sha3_512 =    'SHA3-512';
-  LN_sha3_512 =    'sha3-512';
-  NID_sha3_512 =    1099;
-  SN_shake128 =    'SHAKE128';
-  LN_shake128 =    'shake128';
-  NID_shake128 =    1100;
-  SN_shake256 =    'SHAKE256';
-  LN_shake256 =    'shake256';
-  NID_shake256 =    1101;
-  SN_hmac_sha3_224 =     'id-hmacWithSHA3-224';
-  LN_hmac_sha3_224 =     'hmac-sha3-224';
-  NID_hmac_sha3_224 =     1102;
-  SN_hmac_sha3_256 =     'id-hmacWithSHA3-256';
-  LN_hmac_sha3_256 =     'hmac-sha3-256';
-  NID_hmac_sha3_256 =     1103;
-  SN_hmac_sha3_384 =     'id-hmacWithSHA3-384';
-  LN_hmac_sha3_384 =     'hmac-sha3-384';
-  NID_hmac_sha3_384 =     1104;
-  SN_hmac_sha3_512 =     'id-hmacWithSHA3-512';
-  LN_hmac_sha3_512 =     'hmac-sha3-512';
-  NID_hmac_sha3_512 =     1105;
-  SN_dsa_with_SHA224 =    'dsa_with_SHA224';
-  NID_dsa_with_SHA224 =    802;
-  SN_dsa_with_SHA256 =    'dsa_with_SHA256';
-  NID_dsa_with_SHA256 =    803;
-  SN_dsa_with_SHA384 =    'id-dsa-with-sha384';
-  LN_dsa_with_SHA384 =    'dsa_with_SHA384';
-  NID_dsa_with_SHA384 =    1106;
-  SN_dsa_with_SHA512 =    'id-dsa-with-sha512';
-  LN_dsa_with_SHA512 =    'dsa_with_SHA512';
-  NID_dsa_with_SHA512 =    1107;
-  SN_dsa_with_SHA3_224 =    'id-dsa-with-sha3-224';
-  LN_dsa_with_SHA3_224 =    'dsa_with_SHA3-224';
-  NID_dsa_with_SHA3_224 =    1108;
-  SN_dsa_with_SHA3_256 =    'id-dsa-with-sha3-256';
-  LN_dsa_with_SHA3_256 =    'dsa_with_SHA3-256';
-  NID_dsa_with_SHA3_256 =    1109;
-  SN_dsa_with_SHA3_384 =    'id-dsa-with-sha3-384';
-  LN_dsa_with_SHA3_384 =    'dsa_with_SHA3-384';
-  NID_dsa_with_SHA3_384 =    1110;
-  SN_dsa_with_SHA3_512 =    'id-dsa-with-sha3-512';
-  LN_dsa_with_SHA3_512 =    'dsa_with_SHA3-512';
-  NID_dsa_with_SHA3_512 =    1111;
-  SN_ecdsa_with_SHA3_224 =   'id-ecdsa-with-sha3-224';
-  LN_ecdsa_with_SHA3_224 =   'ecdsa_with_SHA3-224';
-  NID_ecdsa_with_SHA3_224 =   1112;
-  SN_ecdsa_with_SHA3_256 =   'id-ecdsa-with-sha3-256';
-  LN_ecdsa_with_SHA3_256 =   'ecdsa_with_SHA3-256';
-  NID_ecdsa_with_SHA3_256 =   1113;
-  SN_ecdsa_with_SHA3_384 =   'id-ecdsa-with-sha3-384';
-  LN_ecdsa_with_SHA3_384 =   'ecdsa_with_SHA3-384';
-  NID_ecdsa_with_SHA3_384 =   1114;
-  SN_ecdsa_with_SHA3_512 =   'id-ecdsa-with-sha3-512';
-  LN_ecdsa_with_SHA3_512 =   'ecdsa_with_SHA3-512';
-  NID_ecdsa_with_SHA3_512 =   1115;
-  SN_RSA_SHA3_224 =   'id-rsassa-pkcs1-v1_5-with-sha3-224';
-  LN_RSA_SHA3_224 =   'RSA-SHA3-224';
-  NID_RSA_SHA3_224 =     1116;
-  SN_RSA_SHA3_256 =   'id-rsassa-pkcs1-v1_5-with-sha3-256';
-  LN_RSA_SHA3_256 =   'RSA-SHA3-256';
-  NID_RSA_SHA3_256 =     1117;
-  SN_RSA_SHA3_384 =   'id-rsassa-pkcs1-v1_5-with-sha3-384';
-  LN_RSA_SHA3_384 =   'RSA-SHA3-384';
-  NID_RSA_SHA3_384 =     1118;
-  SN_RSA_SHA3_512 =   'id-rsassa-pkcs1-v1_5-with-sha3-512';
-  LN_RSA_SHA3_512 =   'RSA-SHA3-512';
-  NID_RSA_SHA3_512 =     1119;
-  SN_hold_instruction_code =     'holdInstructionCode';
-  LN_hold_instruction_code =     'Hold Instruction Code';
-  NID_hold_instruction_code =     430;
-  SN_hold_instruction_none =     'holdInstructionNone';
-  LN_hold_instruction_none =     'Hold Instruction None';
-  NID_hold_instruction_none =     431;
-  SN_hold_instruction_call_issuer =   'holdInstructionCallIssuer';
-  LN_hold_instruction_call_issuer =   'Hold Instruction Call Issuer';
-  NID_hold_instruction_call_issuer =     432;
-  SN_hold_instruction_reject =    'holdInstructionReject';
-  LN_hold_instruction_reject =    'Hold Instruction Reject';
-  NID_hold_instruction_reject =    433;
-  SN_data =   'data';
-  NID_data =     434;
-  SN_pss =   'pss';
-  NID_pss =   435;
-  SN_ucl =   'ucl';
-  NID_ucl =   436;
-  SN_pilot =     'pilot';
-  NID_pilot =     437;
-  LN_pilotAttributeType =    'pilotAttributeType';
-  NID_pilotAttributeType =   438;
-  LN_pilotAttributeSyntax =   'pilotAttributeSyntax';
-  NID_pilotAttributeSyntax =     439;
-  LN_pilotObjectClass =    'pilotObjectClass';
-  NID_pilotObjectClass =    440;
-  LN_pilotGroups =   'pilotGroups';
-  NID_pilotGroups =   441;
-  LN_iA5StringSyntax =    'iA5StringSyntax';
-  NID_iA5StringSyntax =    442;
-  LN_caseIgnoreIA5StringSyntax =    'caseIgnoreIA5StringSyntax';
-  NID_caseIgnoreIA5StringSyntax =    443;
-  LN_pilotObject =   'pilotObject';
-  NID_pilotObject =   444;
-  LN_pilotPerson =   'pilotPerson';
-  NID_pilotPerson =   445;
-  SN_account =    'account';
-  NID_account =    446;
-  SN_document =    'document';
-  NID_document =    447;
-  SN_room =   'room';
-  NID_room =     448;
-  LN_documentSeries =     'documentSeries';
-  NID_documentSeries =    449;
-  SN_Domain =     'domain';
-  LN_Domain =     'Domain';
-  NID_Domain =    392;
-  LN_rFC822localPart =    'rFC822localPart';
-  NID_rFC822localPart =    450;
-  LN_dNSDomain =    'dNSDomain';
-  NID_dNSDomain =    451;
-  LN_domainRelatedObject =   'domainRelatedObject';
-  NID_domainRelatedObject =   452;
-  LN_friendlyCountry =    'friendlyCountry';
-  NID_friendlyCountry =    453;
-  LN_simpleSecurityObject =   'simpleSecurityObject';
-  NID_simpleSecurityObject =     454;
-  LN_pilotOrganization =    'pilotOrganization';
-  NID_pilotOrganization =    455;
-  LN_pilotDSA =    'pilotDSA';
-  NID_pilotDSA =    456;
-  LN_qualityLabelledData =   'qualityLabelledData';
-  NID_qualityLabelledData =   457;
-  SN_userId =     'UID';
-  LN_userId =     'userId';
-  NID_userId =    458;
-  LN_textEncodedORAddress =   'textEncodedORAddress';
-  NID_textEncodedORAddress =     459;
-  SN_rfc822Mailbox =     'mail';
-  LN_rfc822Mailbox =     'rfc822Mailbox';
-  NID_rfc822Mailbox =     460;
-  SN_info =   'info';
-  NID_info =     461;
-  LN_favouriteDrink =     'favouriteDrink';
-  NID_favouriteDrink =    462;
-  LN_roomNumber =    'roomNumber';
-  NID_roomNumber =   463;
-  SN_photo =     'photo';
-  NID_photo =     464;
-  LN_userClass =    'userClass';
-  NID_userClass =    465;
-  SN_host =   'host';
-  NID_host =     466;
-  SN_manager =    'manager';
-  NID_manager =    467;
-  LN_documentIdentifier =    'documentIdentifier';
-  NID_documentIdentifier =   468;
-  LN_documentTitle =     'documentTitle';
-  NID_documentTitle =     469;
-  LN_documentVersion =    'documentVersion';
-  NID_documentVersion =    470;
-  LN_documentAuthor =     'documentAuthor';
-  NID_documentAuthor =    471;
-  LN_documentLocation =    'documentLocation';
-  NID_documentLocation =    472;
-  LN_homeTelephoneNumber =   'homeTelephoneNumber';
-  NID_homeTelephoneNumber =   473;
-  SN_secretary =    'secretary';
-  NID_secretary =    474;
-  LN_otherMailbox =   'otherMailbox';
-  NID_otherMailbox =     475;
-  LN_lastModifiedTime =    'lastModifiedTime';
-  NID_lastModifiedTime =    476;
-  LN_lastModifiedBy =     'lastModifiedBy';
-  NID_lastModifiedBy =    477;
-  SN_domainComponent =    'DC';
-  LN_domainComponent =    'domainComponent';
-  NID_domainComponent =    391;
-  LN_aRecord =    'aRecord';
-  NID_aRecord =    478;
-  LN_pilotAttributeType27 =   'pilotAttributeType27';
-  NID_pilotAttributeType27 =     479;
-  LN_mXRecord =    'mXRecord';
-  NID_mXRecord =    480;
-  LN_nSRecord =    'nSRecord';
-  NID_nSRecord =    481;
-  LN_sOARecord =    'sOARecord';
-  NID_sOARecord =    482;
-  LN_cNAMERecord =   'cNAMERecord';
-  NID_cNAMERecord =   483;
-  LN_associatedDomain =    'associatedDomain';
-  NID_associatedDomain =    484;
-  LN_associatedName =     'associatedName';
-  NID_associatedName =    485;
-  LN_homePostalAddress =    'homePostalAddress';
-  NID_homePostalAddress =    486;
-  LN_personalTitle =     'personalTitle';
-  NID_personalTitle =     487;
-  LN_mobileTelephoneNumber =     'mobileTelephoneNumber';
-  NID_mobileTelephoneNumber =     488;
-  LN_pagerTelephoneNumber =   'pagerTelephoneNumber';
-  NID_pagerTelephoneNumber =     489;
-  LN_friendlyCountryName =   'friendlyCountryName';
-  NID_friendlyCountryName =   490;
-  SN_uniqueIdentifier =    'uid';
-  LN_uniqueIdentifier =    'uniqueIdentifier';
-  NID_uniqueIdentifier =    102;
-  LN_organizationalStatus =   'organizationalStatus';
-  NID_organizationalStatus =     491;
-  LN_janetMailbox =   'janetMailbox';
-  NID_janetMailbox =     492;
-  LN_mailPreferenceOption =   'mailPreferenceOption';
-  NID_mailPreferenceOption =     493;
-  LN_buildingName =   'buildingName';
-  NID_buildingName =     494;
-  LN_dSAQuality =    'dSAQuality';
-  NID_dSAQuality =   495;
-  LN_singleLevelQuality =    'singleLevelQuality';
-  NID_singleLevelQuality =   496;
-  LN_subtreeMinimumQuality =     'subtreeMinimumQuality';
-  NID_subtreeMinimumQuality =     497;
-  LN_subtreeMaximumQuality =     'subtreeMaximumQuality';
-  NID_subtreeMaximumQuality =     498;
-  LN_personalSignature =    'personalSignature';
-  NID_personalSignature =    499;
-  LN_dITRedirect =   'dITRedirect';
-  NID_dITRedirect =   500;
-  SN_audio =     'audio';
-  NID_audio =     501;
-  LN_documentPublisher =    'documentPublisher';
-  NID_documentPublisher =    502;
-  SN_id_set =     'id-set';
-  LN_id_set =     'Secure Electronic Transactions';
-  NID_id_set =    512;
-  SN_set_ctype =    'set-ctype';
-  LN_set_ctype =    'content types';
-  NID_set_ctype =    513;
-  SN_set_msgExt =    'set-msgExt';
-  LN_set_msgExt =    'message extensions';
-  NID_set_msgExt =   514;
-  SN_set_attr =    'set-attr';
-  NID_set_attr =    515;
-  SN_set_policy =    'set-policy';
-  NID_set_policy =   516;
-  SN_set_certExt =   'set-certExt';
-  LN_set_certExt =   'certificate extensions';
-  NID_set_certExt =   517;
-  SN_set_brand =    'set-brand';
-  NID_set_brand =    518;
-  SN_setct_PANData =     'setct-PANData';
-  NID_setct_PANData =     519;
-  SN_setct_PANToken =     'setct-PANToken';
-  NID_setct_PANToken =    520;
-  SN_setct_PANOnly =     'setct-PANOnly';
-  NID_setct_PANOnly =     521;
-  SN_setct_OIData =   'setct-OIData';
-  NID_setct_OIData =     522;
-  SN_setct_PI =    'setct-PI';
-  NID_setct_PI =    523;
-  SN_setct_PIData =   'setct-PIData';
-  NID_setct_PIData =     524;
-  SN_setct_PIDataUnsigned =   'setct-PIDataUnsigned';
-  NID_setct_PIDataUnsigned =     525;
-  SN_setct_HODInput =     'setct-HODInput';
-  NID_setct_HODInput =    526;
-  SN_setct_AuthResBaggage =   'setct-AuthResBaggage';
-  NID_setct_AuthResBaggage =     527;
-  SN_setct_AuthRevReqBaggage =    'setct-AuthRevReqBaggage';
-  NID_setct_AuthRevReqBaggage =    528;
-  SN_setct_AuthRevResBaggage =    'setct-AuthRevResBaggage';
-  NID_setct_AuthRevResBaggage =    529;
-  SN_setct_CapTokenSeq =    'setct-CapTokenSeq';
-  NID_setct_CapTokenSeq =    530;
-  SN_setct_PInitResData =    'setct-PInitResData';
-  NID_setct_PInitResData =   531;
-  SN_setct_PI_TBS =   'setct-PI-TBS';
-  NID_setct_PI_TBS =     532;
-  SN_setct_PResData =     'setct-PResData';
-  NID_setct_PResData =    533;
-  SN_setct_AuthReqTBS =    'setct-AuthReqTBS';
-  NID_setct_AuthReqTBS =    534;
-  SN_setct_AuthResTBS =    'setct-AuthResTBS';
-  NID_setct_AuthResTBS =    535;
-  SN_setct_AuthResTBSX =    'setct-AuthResTBSX';
-  NID_setct_AuthResTBSX =    536;
-  SN_setct_AuthTokenTBS =    'setct-AuthTokenTBS';
-  NID_setct_AuthTokenTBS =   537;
-  SN_setct_CapTokenData =    'setct-CapTokenData';
-  NID_setct_CapTokenData =   538;
-  SN_setct_CapTokenTBS =    'setct-CapTokenTBS';
-  NID_setct_CapTokenTBS =    539;
-  SN_setct_AcqCardCodeMsg =   'setct-AcqCardCodeMsg';
-  NID_setct_AcqCardCodeMsg =     540;
-  SN_setct_AuthRevReqTBS =   'setct-AuthRevReqTBS';
-  NID_setct_AuthRevReqTBS =   541;
-  SN_setct_AuthRevResData =   'setct-AuthRevResData';
-  NID_setct_AuthRevResData =     542;
-  SN_setct_AuthRevResTBS =   'setct-AuthRevResTBS';
-  NID_setct_AuthRevResTBS =   543;
-  SN_setct_CapReqTBS =    'setct-CapReqTBS';
-  NID_setct_CapReqTBS =    544;
-  SN_setct_CapReqTBSX =    'setct-CapReqTBSX';
-  NID_setct_CapReqTBSX =    545;
-  SN_setct_CapResData =    'setct-CapResData';
-  NID_setct_CapResData =    546;
-  SN_setct_CapRevReqTBS =    'setct-CapRevReqTBS';
-  NID_setct_CapRevReqTBS =   547;
-  SN_setct_CapRevReqTBSX =   'setct-CapRevReqTBSX';
-  NID_setct_CapRevReqTBSX =   548;
-  SN_setct_CapRevResData =   'setct-CapRevResData';
-  NID_setct_CapRevResData =   549;
-  SN_setct_CredReqTBS =    'setct-CredReqTBS';
-  NID_setct_CredReqTBS =    550;
-  SN_setct_CredReqTBSX =    'setct-CredReqTBSX';
-  NID_setct_CredReqTBSX =    551;
-  SN_setct_CredResData =    'setct-CredResData';
-  NID_setct_CredResData =    552;
-  SN_setct_CredRevReqTBS =   'setct-CredRevReqTBS';
-  NID_setct_CredRevReqTBS =   553;
-  SN_setct_CredRevReqTBSX =   'setct-CredRevReqTBSX';
-  NID_setct_CredRevReqTBSX =     554;
-  SN_setct_CredRevResData =   'setct-CredRevResData';
-  NID_setct_CredRevResData =     555;
-  SN_setct_PCertReqData =    'setct-PCertReqData';
-  NID_setct_PCertReqData =   556;
-  SN_setct_PCertResTBS =    'setct-PCertResTBS';
-  NID_setct_PCertResTBS =    557;
-  SN_setct_BatchAdminReqData =    'setct-BatchAdminReqData';
-  NID_setct_BatchAdminReqData =    558;
-  SN_setct_BatchAdminResData =    'setct-BatchAdminResData';
-  NID_setct_BatchAdminResData =    559;
-  SN_setct_CardCInitResTBS =     'setct-CardCInitResTBS';
-  NID_setct_CardCInitResTBS =     560;
-  SN_setct_MeAqCInitResTBS =     'setct-MeAqCInitResTBS';
-  NID_setct_MeAqCInitResTBS =     561;
-  SN_setct_RegFormResTBS =   'setct-RegFormResTBS';
-  NID_setct_RegFormResTBS =   562;
-  SN_setct_CertReqData =    'setct-CertReqData';
-  NID_setct_CertReqData =    563;
-  SN_setct_CertReqTBS =    'setct-CertReqTBS';
-  NID_setct_CertReqTBS =    564;
-  SN_setct_CertResData =    'setct-CertResData';
-  NID_setct_CertResData =    565;
-  SN_setct_CertInqReqTBS =   'setct-CertInqReqTBS';
-  NID_setct_CertInqReqTBS =   566;
-  SN_setct_ErrorTBS =     'setct-ErrorTBS';
-  NID_setct_ErrorTBS =    567;
-  SN_setct_PIDualSignedTBE =     'setct-PIDualSignedTBE';
-  NID_setct_PIDualSignedTBE =     568;
-  SN_setct_PIUnsignedTBE =   'setct-PIUnsignedTBE';
-  NID_setct_PIUnsignedTBE =   569;
-  SN_setct_AuthReqTBE =    'setct-AuthReqTBE';
-  NID_setct_AuthReqTBE =    570;
-  SN_setct_AuthResTBE =    'setct-AuthResTBE';
-  NID_setct_AuthResTBE =    571;
-  SN_setct_AuthResTBEX =    'setct-AuthResTBEX';
-  NID_setct_AuthResTBEX =    572;
-  SN_setct_AuthTokenTBE =    'setct-AuthTokenTBE';
-  NID_setct_AuthTokenTBE =   573;
-  SN_setct_CapTokenTBE =    'setct-CapTokenTBE';
-  NID_setct_CapTokenTBE =    574;
-  SN_setct_CapTokenTBEX =    'setct-CapTokenTBEX';
-  NID_setct_CapTokenTBEX =   575;
-  SN_setct_AcqCardCodeMsgTBE =    'setct-AcqCardCodeMsgTBE';
-  NID_setct_AcqCardCodeMsgTBE =    576;
-  SN_setct_AuthRevReqTBE =   'setct-AuthRevReqTBE';
-  NID_setct_AuthRevReqTBE =   577;
-  SN_setct_AuthRevResTBE =   'setct-AuthRevResTBE';
-  NID_setct_AuthRevResTBE =   578;
-  SN_setct_AuthRevResTBEB =   'setct-AuthRevResTBEB';
-  NID_setct_AuthRevResTBEB =     579;
-  SN_setct_CapReqTBE =    'setct-CapReqTBE';
-  NID_setct_CapReqTBE =    580;
-  SN_setct_CapReqTBEX =    'setct-CapReqTBEX';
-  NID_setct_CapReqTBEX =    581;
-  SN_setct_CapResTBE =    'setct-CapResTBE';
-  NID_setct_CapResTBE =    582;
-  SN_setct_CapRevReqTBE =    'setct-CapRevReqTBE';
-  NID_setct_CapRevReqTBE =   583;
-  SN_setct_CapRevReqTBEX =   'setct-CapRevReqTBEX';
-  NID_setct_CapRevReqTBEX =   584;
-  SN_setct_CapRevResTBE =    'setct-CapRevResTBE';
-  NID_setct_CapRevResTBE =   585;
-  SN_setct_CredReqTBE =    'setct-CredReqTBE';
-  NID_setct_CredReqTBE =    586;
-  SN_setct_CredReqTBEX =    'setct-CredReqTBEX';
-  NID_setct_CredReqTBEX =    587;
-  SN_setct_CredResTBE =    'setct-CredResTBE';
-  NID_setct_CredResTBE =    588;
-  SN_setct_CredRevReqTBE =   'setct-CredRevReqTBE';
-  NID_setct_CredRevReqTBE =   589;
-  SN_setct_CredRevReqTBEX =   'setct-CredRevReqTBEX';
-  NID_setct_CredRevReqTBEX =     590;
-  SN_setct_CredRevResTBE =   'setct-CredRevResTBE';
-  NID_setct_CredRevResTBE =   591;
-  SN_setct_BatchAdminReqTBE =     'setct-BatchAdminReqTBE';
-  NID_setct_BatchAdminReqTBE =    592;
-  SN_setct_BatchAdminResTBE =     'setct-BatchAdminResTBE';
-  NID_setct_BatchAdminResTBE =    593;
-  SN_setct_RegFormReqTBE =   'setct-RegFormReqTBE';
-  NID_setct_RegFormReqTBE =   594;
-  SN_setct_CertReqTBE =    'setct-CertReqTBE';
-  NID_setct_CertReqTBE =    595;
-  SN_setct_CertReqTBEX =    'setct-CertReqTBEX';
-  NID_setct_CertReqTBEX =    596;
-  SN_setct_CertResTBE =    'setct-CertResTBE';
-  NID_setct_CertResTBE =    597;
-  SN_setct_CRLNotificationTBS =    'setct-CRLNotificationTBS';
-  NID_setct_CRLNotificationTBS =    598;
-  SN_setct_CRLNotificationResTBS =   'setct-CRLNotificationResTBS';
-  NID_setct_CRLNotificationResTBS =   599;
-  SN_setct_BCIDistributionTBS =    'setct-BCIDistributionTBS';
-  NID_setct_BCIDistributionTBS =    600;
-  SN_setext_genCrypt =    'setext-genCrypt';
-  LN_setext_genCrypt =    'generic cryptogram';
-  NID_setext_genCrypt =    601;
-  SN_setext_miAuth =     'setext-miAuth';
-  LN_setext_miAuth =     'merchant initiated auth';
-  NID_setext_miAuth =     602;
-  SN_setext_pinSecure =    'setext-pinSecure';
-  NID_setext_pinSecure =    603;
-  SN_setext_pinAny =     'setext-pinAny';
-  NID_setext_pinAny =     604;
-  SN_setext_track2 =     'setext-track2';
-  NID_setext_track2 =     605;
-  SN_setext_cv =    'setext-cv';
-  LN_setext_cv =    'additional verification';
-  NID_setext_cv =    606;
-  SN_set_policy_root =    'set-policy-root';
-  NID_set_policy_root =    607;
-  SN_setCext_hashedRoot =    'setCext-hashedRoot';
-  NID_setCext_hashedRoot =   608;
-  SN_setCext_certType =    'setCext-certType';
-  NID_setCext_certType =    609;
-  SN_setCext_merchData =    'setCext-merchData';
-  NID_setCext_merchData =    610;
-  SN_setCext_cCertRequired =     'setCext-cCertRequired';
-  NID_setCext_cCertRequired =     611;
-  SN_setCext_tunneling =    'setCext-tunneling';
-  NID_setCext_tunneling =    612;
-  SN_setCext_setExt =     'setCext-setExt';
-  NID_setCext_setExt =    613;
-  SN_setCext_setQualf =    'setCext-setQualf';
-  NID_setCext_setQualf =    614;
-  SN_setCext_PGWYcapabilities =    'setCext-PGWYcapabilities';
-  NID_setCext_PGWYcapabilities =    615;
-  SN_setCext_TokenIdentifier =    'setCext-TokenIdentifier';
-  NID_setCext_TokenIdentifier =    616;
-  SN_setCext_Track2Data =    'setCext-Track2Data';
-  NID_setCext_Track2Data =   617;
-  SN_setCext_TokenType =    'setCext-TokenType';
-  NID_setCext_TokenType =    618;
-  SN_setCext_IssuerCapabilities =    'setCext-IssuerCapabilities';
-  NID_setCext_IssuerCapabilities =   619;
-  SN_setAttr_Cert =   'setAttr-Cert';
-  NID_setAttr_Cert =     620;
-  SN_setAttr_PGWYcap =    'setAttr-PGWYcap';
-  LN_setAttr_PGWYcap =    'payment gateway capabilities';
-  NID_setAttr_PGWYcap =    621;
-  SN_setAttr_TokenType =    'setAttr-TokenType';
-  NID_setAttr_TokenType =    622;
-  SN_setAttr_IssCap =     'setAttr-IssCap';
-  LN_setAttr_IssCap =     'issuer capabilities';
-  NID_setAttr_IssCap =    623;
-  SN_set_rootKeyThumb =    'set-rootKeyThumb';
-  NID_set_rootKeyThumb =    624;
-  SN_set_addPolicy =     'set-addPolicy';
-  NID_set_addPolicy =     625;
-  SN_setAttr_Token_EMV =    'setAttr-Token-EMV';
-  NID_setAttr_Token_EMV =    626;
-  SN_setAttr_Token_B0Prime =     'setAttr-Token-B0Prime';
-  NID_setAttr_Token_B0Prime =     627;
-  SN_setAttr_IssCap_CVM =    'setAttr-IssCap-CVM';
-  NID_setAttr_IssCap_CVM =   628;
-  SN_setAttr_IssCap_T2 =    'setAttr-IssCap-T2';
-  NID_setAttr_IssCap_T2 =    629;
-  SN_setAttr_IssCap_Sig =    'setAttr-IssCap-Sig';
-  NID_setAttr_IssCap_Sig =   630;
-  SN_setAttr_GenCryptgrm =   'setAttr-GenCryptgrm';
-  LN_setAttr_GenCryptgrm =   'generate cryptogram';
-  NID_setAttr_GenCryptgrm =   631;
-  SN_setAttr_T2Enc =     'setAttr-T2Enc';
-  LN_setAttr_T2Enc =     'encrypted track 2';
-  NID_setAttr_T2Enc =     632;
-  SN_setAttr_T2cleartxt =    'setAttr-T2cleartxt';
-  LN_setAttr_T2cleartxt =    'cleartext track 2';
-  NID_setAttr_T2cleartxt =   633;
-  SN_setAttr_TokICCsig =    'setAttr-TokICCsig';
-  LN_setAttr_TokICCsig =    'ICC or token signature';
-  NID_setAttr_TokICCsig =    634;
-  SN_setAttr_SecDevSig =    'setAttr-SecDevSig';
-  LN_setAttr_SecDevSig =    'secure device signature';
-  NID_setAttr_SecDevSig =    635;
-  SN_set_brand_IATA_ATA =    'set-brand-IATA-ATA';
-  NID_set_brand_IATA_ATA =   636;
-  SN_set_brand_Diners =    'set-brand-Diners';
-  NID_set_brand_Diners =    637;
-  SN_set_brand_AmericanExpress =    'set-brand-AmericanExpress';
-  NID_set_brand_AmericanExpress =    638;
-  SN_set_brand_JCB =     'set-brand-JCB';
-  NID_set_brand_JCB =     639;
-  SN_set_brand_Visa =     'set-brand-Visa';
-  NID_set_brand_Visa =    640;
-  SN_set_brand_MasterCard =   'set-brand-MasterCard';
-  NID_set_brand_MasterCard =     641;
-  SN_set_brand_Novus =    'set-brand-Novus';
-  NID_set_brand_Novus =    642;
-  SN_des_cdmf =    'DES-CDMF';
-  LN_des_cdmf =    'des-cdmf';
-  NID_des_cdmf =    643;
-  SN_rsaOAEPEncryptionSET =   'rsaOAEPEncryptionSET';
-  NID_rsaOAEPEncryptionSET =     644;
-  SN_ipsec3 =     'Oakley-EC2N-3';
-  LN_ipsec3 =     'ipsec3';
-  NID_ipsec3 =    749;
-  SN_ipsec4 =     'Oakley-EC2N-4';
-  LN_ipsec4 =     'ipsec4';
-  NID_ipsec4 =    750;
-  SN_whirlpool =    'whirlpool';
-  NID_whirlpool =    804;
-  SN_cryptopro =    'cryptopro';
-  NID_cryptopro =    805;
-  SN_cryptocom =    'cryptocom';
-  NID_cryptocom =    806;
-  SN_id_tc26 =    'id-tc26';
-  NID_id_tc26 =    974;
-  SN_id_GostR3411_94_with_GostR3410_2001 =   'id-GostR3411-94-with-GostR3410-2001';
-  LN_id_GostR3411_94_with_GostR3410_2001 =   'GOST R 34.11-94 with GOST R 34.10-2001';
-  NID_id_GostR3411_94_with_GostR3410_2001 =   807;
-  SN_id_GostR3411_94_with_GostR3410_94 =    'id-GostR3411-94-with-GostR3410-94';
-  LN_id_GostR3411_94_with_GostR3410_94 =    'GOST R 34.11-94 with GOST R 34.10-94';
-  NID_id_GostR3411_94_with_GostR3410_94 =    808;
-  SN_id_GostR3411_94 =    'md_gost94';
-  LN_id_GostR3411_94 =    'GOST R 34.11-94';
-  NID_id_GostR3411_94 =    809;
-  SN_id_HMACGostR3411_94 =   'id-HMACGostR3411-94';
-  LN_id_HMACGostR3411_94 =   'HMAC GOST 34.11-94';
-  NID_id_HMACGostR3411_94 =   810;
-  SN_id_GostR3410_2001 =    'gost2001';
-  LN_id_GostR3410_2001 =    'GOST R 34.10-2001';
-  NID_id_GostR3410_2001 =    811;
-  SN_id_GostR3410_94 =    'gost94';
-  LN_id_GostR3410_94 =    'GOST R 34.10-94';
-  NID_id_GostR3410_94 =    812;
-  SN_id_Gost28147_89 =    'gost89';
-  LN_id_Gost28147_89 =    'GOST 28147-89';
-  NID_id_Gost28147_89 =    813;
-  SN_gost89_cnt =    'gost89-cnt';
-  NID_gost89_cnt =   814;
-  SN_gost89_cnt_12 =     'gost89-cnt-12';
-  NID_gost89_cnt_12 =     975;
-  SN_gost89_cbc =    'gost89-cbc';
-  NID_gost89_cbc =   1009;
-  SN_gost89_ecb =    'gost89-ecb';
-  NID_gost89_ecb =   1010;
-  SN_gost89_ctr =    'gost89-ctr';
-  NID_gost89_ctr =   1011;
-  SN_id_Gost28147_89_MAC =   'gost-mac';
-  LN_id_Gost28147_89_MAC =   'GOST 28147-89 MAC';
-  NID_id_Gost28147_89_MAC =   815;
-  SN_gost_mac_12 =   'gost-mac-12';
-  NID_gost_mac_12 =   976;
-  SN_id_GostR3411_94_prf =   'prf-gostr3411-94';
-  LN_id_GostR3411_94_prf =   'GOST R 34.11-94 PRF';
-  NID_id_GostR3411_94_prf =   816;
-  SN_id_GostR3410_2001DH =   'id-GostR3410-2001DH';
-  LN_id_GostR3410_2001DH =   'GOST R 34.10-2001 DH';
-  NID_id_GostR3410_2001DH =   817;
-  SN_id_GostR3410_94DH =    'id-GostR3410-94DH';
-  LN_id_GostR3410_94DH =    'GOST R 34.10-94 DH';
-  NID_id_GostR3410_94DH =    818;
-  SN_id_Gost28147_89_CryptoPro_KeyMeshing =   'id-Gost28147-89-CryptoPro-KeyMeshing';
-  NID_id_Gost28147_89_CryptoPro_KeyMeshing =     819;
-  SN_id_Gost28147_89_None_KeyMeshing =    'id-Gost28147-89-None-KeyMeshing';
-  NID_id_Gost28147_89_None_KeyMeshing =    820;
-  SN_id_GostR3411_94_TestParamSet =   'id-GostR3411-94-TestParamSet';
-  NID_id_GostR3411_94_TestParamSet =     821;
-  SN_id_GostR3411_94_CryptoProParamSet =    'id-GostR3411-94-CryptoProParamSet';
-  NID_id_GostR3411_94_CryptoProParamSet =    822;
-  SN_id_Gost28147_89_TestParamSet =   'id-Gost28147-89-TestParamSet';
-  NID_id_Gost28147_89_TestParamSet =     823;
-  SN_id_Gost28147_89_CryptoPro_A_ParamSet =   'id-Gost28147-89-CryptoPro-A-ParamSet';
-  NID_id_Gost28147_89_CryptoPro_A_ParamSet =     824;
-  SN_id_Gost28147_89_CryptoPro_B_ParamSet =   'id-Gost28147-89-CryptoPro-B-ParamSet';
-  NID_id_Gost28147_89_CryptoPro_B_ParamSet =     825;
-  SN_id_Gost28147_89_CryptoPro_C_ParamSet =   'id-Gost28147-89-CryptoPro-C-ParamSet';
-  NID_id_Gost28147_89_CryptoPro_C_ParamSet =     826;
-  SN_id_Gost28147_89_CryptoPro_D_ParamSet =   'id-Gost28147-89-CryptoPro-D-ParamSet';
-  NID_id_Gost28147_89_CryptoPro_D_ParamSet =     827;
-  SN_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet =   'id-Gost28147-89-CryptoPro-Oscar-1-1-ParamSet';
-  NID_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet =     828;
-  SN_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet =   'id-Gost28147-89-CryptoPro-Oscar-1-0-ParamSet';
-  NID_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet =     829;
-  SN_id_Gost28147_89_CryptoPro_RIC_1_ParamSet =    'id-Gost28147-89-CryptoPro-RIC-1-ParamSet';
-  NID_id_Gost28147_89_CryptoPro_RIC_1_ParamSet =    830;
-  SN_id_GostR3410_94_TestParamSet =   'id-GostR3410-94-TestParamSet';
-  NID_id_GostR3410_94_TestParamSet =     831;
-  SN_id_GostR3410_94_CryptoPro_A_ParamSet =   'id-GostR3410-94-CryptoPro-A-ParamSet';
-  NID_id_GostR3410_94_CryptoPro_A_ParamSet =     832;
-  SN_id_GostR3410_94_CryptoPro_B_ParamSet =   'id-GostR3410-94-CryptoPro-B-ParamSet';
-  NID_id_GostR3410_94_CryptoPro_B_ParamSet =     833;
-  SN_id_GostR3410_94_CryptoPro_C_ParamSet =   'id-GostR3410-94-CryptoPro-C-ParamSet';
-  NID_id_GostR3410_94_CryptoPro_C_ParamSet =     834;
-  SN_id_GostR3410_94_CryptoPro_D_ParamSet =   'id-GostR3410-94-CryptoPro-D-ParamSet';
-  NID_id_GostR3410_94_CryptoPro_D_ParamSet =     835;
-  SN_id_GostR3410_94_CryptoPro_XchA_ParamSet =    'id-GostR3410-94-CryptoPro-XchA-ParamSet';
-  NID_id_GostR3410_94_CryptoPro_XchA_ParamSet =    836;
-  SN_id_GostR3410_94_CryptoPro_XchB_ParamSet =    'id-GostR3410-94-CryptoPro-XchB-ParamSet';
-  NID_id_GostR3410_94_CryptoPro_XchB_ParamSet =    837;
-  SN_id_GostR3410_94_CryptoPro_XchC_ParamSet =    'id-GostR3410-94-CryptoPro-XchC-ParamSet';
-  NID_id_GostR3410_94_CryptoPro_XchC_ParamSet =    838;
-  SN_id_GostR3410_2001_TestParamSet =     'id-GostR3410-2001-TestParamSet';
-  NID_id_GostR3410_2001_TestParamSet =    839;
-  SN_id_GostR3410_2001_CryptoPro_A_ParamSet =     'id-GostR3410-2001-CryptoPro-A-ParamSet';
-  NID_id_GostR3410_2001_CryptoPro_A_ParamSet =    840;
-  SN_id_GostR3410_2001_CryptoPro_B_ParamSet =     'id-GostR3410-2001-CryptoPro-B-ParamSet';
-  NID_id_GostR3410_2001_CryptoPro_B_ParamSet =    841;
-  SN_id_GostR3410_2001_CryptoPro_C_ParamSet =     'id-GostR3410-2001-CryptoPro-C-ParamSet';
-  NID_id_GostR3410_2001_CryptoPro_C_ParamSet =    842;
-  SN_id_GostR3410_2001_CryptoPro_XchA_ParamSet =    'id-GostR3410-2001-CryptoPro-XchA-ParamSet';
-  NID_id_GostR3410_2001_CryptoPro_XchA_ParamSet =    843;
-  SN_id_GostR3410_2001_CryptoPro_XchB_ParamSet =    'id-GostR3410-2001-CryptoPro-XchB-ParamSet';
-  NID_id_GostR3410_2001_CryptoPro_XchB_ParamSet =    844;
-  SN_id_GostR3410_94_a =    'id-GostR3410-94-a';
-  NID_id_GostR3410_94_a =    845;
-  SN_id_GostR3410_94_aBis =   'id-GostR3410-94-aBis';
-  NID_id_GostR3410_94_aBis =     846;
-  SN_id_GostR3410_94_b =    'id-GostR3410-94-b';
-  NID_id_GostR3410_94_b =    847;
-  SN_id_GostR3410_94_bBis =   'id-GostR3410-94-bBis';
-  NID_id_GostR3410_94_bBis =     848;
-  SN_id_Gost28147_89_cc =    'id-Gost28147-89-cc';
-  LN_id_Gost28147_89_cc =    'GOST 28147-89 Cryptocom ParamSet';
-  NID_id_Gost28147_89_cc =   849;
-  SN_id_GostR3410_94_cc =    'gost94cc';
-  LN_id_GostR3410_94_cc =    'GOST 34.10-94 Cryptocom';
-  NID_id_GostR3410_94_cc =   850;
-  SN_id_GostR3410_2001_cc =   'gost2001cc';
-  LN_id_GostR3410_2001_cc =   'GOST 34.10-2001 Cryptocom';
-  NID_id_GostR3410_2001_cc =     851;
-  SN_id_GostR3411_94_with_GostR3410_94_cc =   'id-GostR3411-94-with-GostR3410-94-cc';
-  LN_id_GostR3411_94_with_GostR3410_94_cc =   'GOST R 34.11-94 with GOST R 34.10-94 Cryptocom';
-  NID_id_GostR3411_94_with_GostR3410_94_cc =     852;
-  SN_id_GostR3411_94_with_GostR3410_2001_cc =     'id-GostR3411-94-with-GostR3410-2001-cc';
-  LN_id_GostR3411_94_with_GostR3410_2001_cc =     'GOST R 34.11-94 with GOST R 34.10-2001 Cryptocom';
-  NID_id_GostR3411_94_with_GostR3410_2001_cc =    853;
-  SN_id_GostR3410_2001_ParamSet_cc =     'id-GostR3410-2001-ParamSet-cc';
-  LN_id_GostR3410_2001_ParamSet_cc =     'GOST R 3410-2001 Parameter Set Cryptocom';
-  NID_id_GostR3410_2001_ParamSet_cc =     854;
-  SN_id_tc26_algorithms =    'id-tc26-algorithms';
-  NID_id_tc26_algorithms =   977;
-  SN_id_tc26_sign =   'id-tc26-sign';
-  NID_id_tc26_sign =     978;
-  SN_id_GostR3410_2012_256 =     'gost2012_256';
-  LN_id_GostR3410_2012_256 =     'GOST R 34.10-2012 with 256 bit modulus';
-  NID_id_GostR3410_2012_256 =     979;
-  SN_id_GostR3410_2012_512 =     'gost2012_512';
-  LN_id_GostR3410_2012_512 =     'GOST R 34.10-2012 with 512 bit modulus';
-  NID_id_GostR3410_2012_512 =     980;
-  SN_id_tc26_digest =     'id-tc26-digest';
-  NID_id_tc26_digest =    981;
-  SN_id_GostR3411_2012_256 =     'md_gost12_256';
-  LN_id_GostR3411_2012_256 =     'GOST R 34.11-2012 with 256 bit hash';
-  NID_id_GostR3411_2012_256 =     982;
-  SN_id_GostR3411_2012_512 =     'md_gost12_512';
-  LN_id_GostR3411_2012_512 =     'GOST R 34.11-2012 with 512 bit hash';
-  NID_id_GostR3411_2012_512 =     983;
-  SN_id_tc26_signwithdigest =     'id-tc26-signwithdigest';
-  NID_id_tc26_signwithdigest =    984;
-  SN_id_tc26_signwithdigest_gost3410_2012_256 =    'id-tc26-signwithdigest-gost3410-2012-256';
-  LN_id_tc26_signwithdigest_gost3410_2012_256 =    'GOST R 34.10-2012 with GOST R 34.11-2012(256 bit)';
-  NID_id_tc26_signwithdigest_gost3410_2012_256 =    985;
-  SN_id_tc26_signwithdigest_gost3410_2012_512 =    'id-tc26-signwithdigest-gost3410-2012-512';
-  LN_id_tc26_signwithdigest_gost3410_2012_512 =    'GOST R 34.10-2012 with GOST R 34.11-2012(512 bit)';
-  NID_id_tc26_signwithdigest_gost3410_2012_512 =    986;
-  SN_id_tc26_mac =   'id-tc26-mac';
-  NID_id_tc26_mac =   987;
-  SN_id_tc26_hmac_gost_3411_2012_256 =    'id-tc26-hmac-gost-3411-2012-256';
-  LN_id_tc26_hmac_gost_3411_2012_256 =    'HMAC GOST 34.11-2012 256 bit';
-  NID_id_tc26_hmac_gost_3411_2012_256 =    988;
-  SN_id_tc26_hmac_gost_3411_2012_512 =    'id-tc26-hmac-gost-3411-2012-512';
-  LN_id_tc26_hmac_gost_3411_2012_512 =    'HMAC GOST 34.11-2012 512 bit';
-  NID_id_tc26_hmac_gost_3411_2012_512 =    989;
-  SN_id_tc26_cipher =     'id-tc26-cipher';
-  NID_id_tc26_cipher =    990;
-  SN_id_tc26_cipher_gostr3412_2015_magma =   'id-tc26-cipher-gostr3412-2015-magma';
-  NID_id_tc26_cipher_gostr3412_2015_magma =   1173;
-  SN_id_tc26_cipher_gostr3412_2015_magma_ctracpkm =   'id-tc26-cipher-gostr3412-2015-magma-ctracpkm';
-  NID_id_tc26_cipher_gostr3412_2015_magma_ctracpkm =     1174;
-  SN_id_tc26_cipher_gostr3412_2015_magma_ctracpkm_omac =    'id-tc26-cipher-gostr3412-2015-magma-ctracpkm-omac';
-  NID_id_tc26_cipher_gostr3412_2015_magma_ctracpkm_omac =    1175;
-  SN_id_tc26_cipher_gostr3412_2015_kuznyechik =    'id-tc26-cipher-gostr3412-2015-kuznyechik';
-  NID_id_tc26_cipher_gostr3412_2015_kuznyechik =    1176;
-  SN_id_tc26_cipher_gostr3412_2015_kuznyechik_ctracpkm =    'id-tc26-cipher-gostr3412-2015-kuznyechik-ctracpkm';
-  NID_id_tc26_cipher_gostr3412_2015_kuznyechik_ctracpkm =    1177;
-  SN_id_tc26_cipher_gostr3412_2015_kuznyechik_ctracpkm_omac =     'id-tc26-cipher-gostr3412-2015-kuznyechik-ctracpkm-omac';
-  NID_id_tc26_cipher_gostr3412_2015_kuznyechik_ctracpkm_omac =    1178;
-  SN_id_tc26_agreement =    'id-tc26-agreement';
-  NID_id_tc26_agreement =    991;
-  SN_id_tc26_agreement_gost_3410_2012_256 =   'id-tc26-agreement-gost-3410-2012-256';
-  NID_id_tc26_agreement_gost_3410_2012_256 =     992;
-  SN_id_tc26_agreement_gost_3410_2012_512 =   'id-tc26-agreement-gost-3410-2012-512';
-  NID_id_tc26_agreement_gost_3410_2012_512 =     993;
-  SN_id_tc26_wrap =   'id-tc26-wrap';
-  NID_id_tc26_wrap =     1179;
-  SN_id_tc26_wrap_gostr3412_2015_magma =    'id-tc26-wrap-gostr3412-2015-magma';
-  NID_id_tc26_wrap_gostr3412_2015_magma =    1180;
-  SN_id_tc26_wrap_gostr3412_2015_magma_kexp15 =    'id-tc26-wrap-gostr3412-2015-magma-kexp15';
-  NID_id_tc26_wrap_gostr3412_2015_magma_kexp15 =    1181;
-  SN_id_tc26_wrap_gostr3412_2015_kuznyechik =     'id-tc26-wrap-gostr3412-2015-kuznyechik';
-  NID_id_tc26_wrap_gostr3412_2015_kuznyechik =    1182;
-  SN_id_tc26_wrap_gostr3412_2015_kuznyechik_kexp15 =     'id-tc26-wrap-gostr3412-2015-kuznyechik-kexp15';
-  NID_id_tc26_wrap_gostr3412_2015_kuznyechik_kexp15 =     1183;
-  SN_id_tc26_constants =    'id-tc26-constants';
-  NID_id_tc26_constants =    994;
-  SN_id_tc26_sign_constants =     'id-tc26-sign-constants';
-  NID_id_tc26_sign_constants =    995;
-  SN_id_tc26_gost_3410_2012_256_constants =   'id-tc26-gost-3410-2012-256-constants';
-  NID_id_tc26_gost_3410_2012_256_constants =     1147;
-  SN_id_tc26_gost_3410_2012_256_paramSetA =   'id-tc26-gost-3410-2012-256-paramSetA';
-  LN_id_tc26_gost_3410_2012_256_paramSetA =   'GOST R 34.10-2012(256 bit)ParamSet A';
-  NID_id_tc26_gost_3410_2012_256_paramSetA =     1148;
-  SN_id_tc26_gost_3410_2012_256_paramSetB =   'id-tc26-gost-3410-2012-256-paramSetB';
-  LN_id_tc26_gost_3410_2012_256_paramSetB =   'GOST R 34.10-2012(256 bit)ParamSet B';
-  NID_id_tc26_gost_3410_2012_256_paramSetB =     1184;
-  SN_id_tc26_gost_3410_2012_256_paramSetC =   'id-tc26-gost-3410-2012-256-paramSetC';
-  LN_id_tc26_gost_3410_2012_256_paramSetC =   'GOST R 34.10-2012(256 bit)ParamSet C';
-  NID_id_tc26_gost_3410_2012_256_paramSetC =     1185;
-  SN_id_tc26_gost_3410_2012_256_paramSetD =   'id-tc26-gost-3410-2012-256-paramSetD';
-  LN_id_tc26_gost_3410_2012_256_paramSetD =   'GOST R 34.10-2012(256 bit)ParamSet D';
-  NID_id_tc26_gost_3410_2012_256_paramSetD =     1186;
-  SN_id_tc26_gost_3410_2012_512_constants =   'id-tc26-gost-3410-2012-512-constants';
-  NID_id_tc26_gost_3410_2012_512_constants =     996;
-  SN_id_tc26_gost_3410_2012_512_paramSetTest =    'id-tc26-gost-3410-2012-512-paramSetTest';
-  LN_id_tc26_gost_3410_2012_512_paramSetTest =    'GOST R 34.10-2012(512 bit)testing parameter set';
-  NID_id_tc26_gost_3410_2012_512_paramSetTest =    997;
-  SN_id_tc26_gost_3410_2012_512_paramSetA =   'id-tc26-gost-3410-2012-512-paramSetA';
-  LN_id_tc26_gost_3410_2012_512_paramSetA =   'GOST R 34.10-2012(512 bit)ParamSet A';
-  NID_id_tc26_gost_3410_2012_512_paramSetA =     998;
-  SN_id_tc26_gost_3410_2012_512_paramSetB =   'id-tc26-gost-3410-2012-512-paramSetB';
-  LN_id_tc26_gost_3410_2012_512_paramSetB =   'GOST R 34.10-2012(512 bit)ParamSet B';
-  NID_id_tc26_gost_3410_2012_512_paramSetB =     999;
-  SN_id_tc26_gost_3410_2012_512_paramSetC =   'id-tc26-gost-3410-2012-512-paramSetC';
-  LN_id_tc26_gost_3410_2012_512_paramSetC =   'GOST R 34.10-2012(512 bit)ParamSet C';
-  NID_id_tc26_gost_3410_2012_512_paramSetC =     1149;
-  SN_id_tc26_digest_constants =    'id-tc26-digest-constants';
-  NID_id_tc26_digest_constants =    1000;
-  SN_id_tc26_cipher_constants =    'id-tc26-cipher-constants';
-  NID_id_tc26_cipher_constants =    1001;
-  SN_id_tc26_gost_28147_constants =   'id-tc26-gost-28147-constants';
-  NID_id_tc26_gost_28147_constants =     1002;
-  SN_id_tc26_gost_28147_param_Z =    'id-tc26-gost-28147-param-Z';
-  LN_id_tc26_gost_28147_param_Z =    'GOST 28147-89 TC26 parameter set';
-  NID_id_tc26_gost_28147_param_Z =   1003;
-  SN_INN =   'INN';
-  LN_INN =   'INN';
-  NID_INN =   1004;
-  SN_OGRN =   'OGRN';
-  LN_OGRN =   'OGRN';
-  NID_OGRN =     1005;
-  SN_SNILS =     'SNILS';
-  LN_SNILS =     'SNILS';
-  NID_SNILS =     1006;
-  SN_subjectSignTool =    'subjectSignTool';
-  LN_subjectSignTool =    'Signing Tool of Subject';
-  NID_subjectSignTool =    1007;
-  SN_issuerSignTool =     'issuerSignTool';
-  LN_issuerSignTool =     'Signing Tool of Issuer';
-  NID_issuerSignTool =    1008;
-  SN_grasshopper_ecb =    'grasshopper-ecb';
-  NID_grasshopper_ecb =    1012;
-  SN_grasshopper_ctr =    'grasshopper-ctr';
-  NID_grasshopper_ctr =    1013;
-  SN_grasshopper_ofb =    'grasshopper-ofb';
-  NID_grasshopper_ofb =    1014;
-  SN_grasshopper_cbc =    'grasshopper-cbc';
-  NID_grasshopper_cbc =    1015;
-  SN_grasshopper_cfb =    'grasshopper-cfb';
-  NID_grasshopper_cfb =    1016;
-  SN_grasshopper_mac =    'grasshopper-mac';
-  NID_grasshopper_mac =    1017;
-  SN_magma_ecb =    'magma-ecb';
-  NID_magma_ecb =    1187;
-  SN_magma_ctr =    'magma-ctr';
-  NID_magma_ctr =    1188;
-  SN_magma_ofb =    'magma-ofb';
-  NID_magma_ofb =    1189;
-  SN_magma_cbc =    'magma-cbc';
-  NID_magma_cbc =    1190;
-  SN_magma_cfb =    'magma-cfb';
-  NID_magma_cfb =    1191;
-  SN_magma_mac =    'magma-mac';
-  NID_magma_mac =    1192;
-  SN_camellia_128_cbc =    'CAMELLIA-128-CBC';
-  LN_camellia_128_cbc =    'camellia-128-cbc';
-  NID_camellia_128_cbc =    751;
-  SN_camellia_192_cbc =    'CAMELLIA-192-CBC';
-  LN_camellia_192_cbc =    'camellia-192-cbc';
-  NID_camellia_192_cbc =    752;
-  SN_camellia_256_cbc =    'CAMELLIA-256-CBC';
-  LN_camellia_256_cbc =    'camellia-256-cbc';
-  NID_camellia_256_cbc =    753;
-  SN_id_camellia128_wrap =   'id-camellia128-wrap';
-  NID_id_camellia128_wrap =   907;
-  SN_id_camellia192_wrap =   'id-camellia192-wrap';
-  NID_id_camellia192_wrap =   908;
-  SN_id_camellia256_wrap =   'id-camellia256-wrap';
-  NID_id_camellia256_wrap =   909;
-  SN_camellia_128_ecb =    'CAMELLIA-128-ECB';
-  LN_camellia_128_ecb =    'camellia-128-ecb';
-  NID_camellia_128_ecb =    754;
-  SN_camellia_128_ofb128 =   'CAMELLIA-128-OFB';
-  LN_camellia_128_ofb128 =   'camellia-128-ofb';
-  NID_camellia_128_ofb128 =   766;
-  SN_camellia_128_cfb128 =   'CAMELLIA-128-CFB';
-  LN_camellia_128_cfb128 =   'camellia-128-cfb';
-  NID_camellia_128_cfb128 =   757;
-  SN_camellia_128_gcm =    'CAMELLIA-128-GCM';
-  LN_camellia_128_gcm =    'camellia-128-gcm';
-  NID_camellia_128_gcm =    961;
-  SN_camellia_128_ccm =    'CAMELLIA-128-CCM';
-  LN_camellia_128_ccm =    'camellia-128-ccm';
-  NID_camellia_128_ccm =    962;
-  SN_camellia_128_ctr =    'CAMELLIA-128-CTR';
-  LN_camellia_128_ctr =    'camellia-128-ctr';
-  NID_camellia_128_ctr =    963;
-  SN_camellia_128_cmac =    'CAMELLIA-128-CMAC';
-  LN_camellia_128_cmac =    'camellia-128-cmac';
-  NID_camellia_128_cmac =    964;
-  SN_camellia_192_ecb =    'CAMELLIA-192-ECB';
-  LN_camellia_192_ecb =    'camellia-192-ecb';
-  NID_camellia_192_ecb =    755;
-  SN_camellia_192_ofb128 =   'CAMELLIA-192-OFB';
-  LN_camellia_192_ofb128 =   'camellia-192-ofb';
-  NID_camellia_192_ofb128 =   767;
-  SN_camellia_192_cfb128 =   'CAMELLIA-192-CFB';
-  LN_camellia_192_cfb128 =   'camellia-192-cfb';
-  NID_camellia_192_cfb128 =   758;
-  SN_camellia_192_gcm =    'CAMELLIA-192-GCM';
-  LN_camellia_192_gcm =    'camellia-192-gcm';
-  NID_camellia_192_gcm =    965;
-  SN_camellia_192_ccm =    'CAMELLIA-192-CCM';
-  LN_camellia_192_ccm =    'camellia-192-ccm';
-  NID_camellia_192_ccm =    966;
-  SN_camellia_192_ctr =    'CAMELLIA-192-CTR';
-  LN_camellia_192_ctr =    'camellia-192-ctr';
-  NID_camellia_192_ctr =    967;
-  SN_camellia_192_cmac =    'CAMELLIA-192-CMAC';
-  LN_camellia_192_cmac =    'camellia-192-cmac';
-  NID_camellia_192_cmac =    968;
-  SN_camellia_256_ecb =    'CAMELLIA-256-ECB';
-  LN_camellia_256_ecb =    'camellia-256-ecb';
-  NID_camellia_256_ecb =    756;
-  SN_camellia_256_ofb128 =   'CAMELLIA-256-OFB';
-  LN_camellia_256_ofb128 =   'camellia-256-ofb';
-  NID_camellia_256_ofb128 =   768;
-  SN_camellia_256_cfb128 =   'CAMELLIA-256-CFB';
-  LN_camellia_256_cfb128 =   'camellia-256-cfb';
-  NID_camellia_256_cfb128 =   759;
-  SN_camellia_256_gcm =    'CAMELLIA-256-GCM';
-  LN_camellia_256_gcm =    'camellia-256-gcm';
-  NID_camellia_256_gcm =    969;
-  SN_camellia_256_ccm =    'CAMELLIA-256-CCM';
-  LN_camellia_256_ccm =    'camellia-256-ccm';
-  NID_camellia_256_ccm =    970;
-  SN_camellia_256_ctr =    'CAMELLIA-256-CTR';
-  LN_camellia_256_ctr =    'camellia-256-ctr';
-  NID_camellia_256_ctr =    971;
-  SN_camellia_256_cmac =    'CAMELLIA-256-CMAC';
-  LN_camellia_256_cmac =    'camellia-256-cmac';
-  NID_camellia_256_cmac =    972;
-  SN_camellia_128_cfb1 =    'CAMELLIA-128-CFB1';
-  LN_camellia_128_cfb1 =    'camellia-128-cfb1';
-  NID_camellia_128_cfb1 =    760;
-  SN_camellia_192_cfb1 =    'CAMELLIA-192-CFB1';
-  LN_camellia_192_cfb1 =    'camellia-192-cfb1';
-  NID_camellia_192_cfb1 =    761;
-  SN_camellia_256_cfb1 =    'CAMELLIA-256-CFB1';
-  LN_camellia_256_cfb1 =    'camellia-256-cfb1';
-  NID_camellia_256_cfb1 =    762;
-  SN_camellia_128_cfb8 =    'CAMELLIA-128-CFB8';
-  LN_camellia_128_cfb8 =    'camellia-128-cfb8';
-  NID_camellia_128_cfb8 =    763;
-  SN_camellia_192_cfb8 =    'CAMELLIA-192-CFB8';
-  LN_camellia_192_cfb8 =    'camellia-192-cfb8';
-  NID_camellia_192_cfb8 =    764;
-  SN_camellia_256_cfb8 =    'CAMELLIA-256-CFB8';
-  LN_camellia_256_cfb8 =    'camellia-256-cfb8';
-  NID_camellia_256_cfb8 =    765;
-  SN_aria_128_ecb =   'ARIA-128-ECB';
-  LN_aria_128_ecb =   'aria-128-ecb';
-  NID_aria_128_ecb =     1065;
-  SN_aria_128_cbc =   'ARIA-128-CBC';
-  LN_aria_128_cbc =   'aria-128-cbc';
-  NID_aria_128_cbc =     1066;
-  SN_aria_128_cfb128 =    'ARIA-128-CFB';
-  LN_aria_128_cfb128 =    'aria-128-cfb';
-  NID_aria_128_cfb128 =    1067;
-  SN_aria_128_ofb128 =    'ARIA-128-OFB';
-  LN_aria_128_ofb128 =    'aria-128-ofb';
-  NID_aria_128_ofb128 =    1068;
-  SN_aria_128_ctr =   'ARIA-128-CTR';
-  LN_aria_128_ctr =   'aria-128-ctr';
-  NID_aria_128_ctr =     1069;
-  SN_aria_192_ecb =   'ARIA-192-ECB';
-  LN_aria_192_ecb =   'aria-192-ecb';
-  NID_aria_192_ecb =     1070;
-  SN_aria_192_cbc =   'ARIA-192-CBC';
-  LN_aria_192_cbc =   'aria-192-cbc';
-  NID_aria_192_cbc =     1071;
-  SN_aria_192_cfb128 =    'ARIA-192-CFB';
-  LN_aria_192_cfb128 =    'aria-192-cfb';
-  NID_aria_192_cfb128 =    1072;
-  SN_aria_192_ofb128 =    'ARIA-192-OFB';
-  LN_aria_192_ofb128 =    'aria-192-ofb';
-  NID_aria_192_ofb128 =    1073;
-  SN_aria_192_ctr =   'ARIA-192-CTR';
-  LN_aria_192_ctr =   'aria-192-ctr';
-  NID_aria_192_ctr =     1074;
-  SN_aria_256_ecb =   'ARIA-256-ECB';
-  LN_aria_256_ecb =   'aria-256-ecb';
-  NID_aria_256_ecb =     1075;
-  SN_aria_256_cbc =   'ARIA-256-CBC';
-  LN_aria_256_cbc =   'aria-256-cbc';
-  NID_aria_256_cbc =     1076;
-  SN_aria_256_cfb128 =    'ARIA-256-CFB';
-  LN_aria_256_cfb128 =    'aria-256-cfb';
-  NID_aria_256_cfb128 =    1077;
-  SN_aria_256_ofb128 =    'ARIA-256-OFB';
-  LN_aria_256_ofb128 =    'aria-256-ofb';
-  NID_aria_256_ofb128 =    1078;
-  SN_aria_256_ctr =   'ARIA-256-CTR';
-  LN_aria_256_ctr =   'aria-256-ctr';
-  NID_aria_256_ctr =     1079;
-  SN_aria_128_cfb1 =     'ARIA-128-CFB1';
-  LN_aria_128_cfb1 =     'aria-128-cfb1';
-  NID_aria_128_cfb1 =     1080;
-  SN_aria_192_cfb1 =     'ARIA-192-CFB1';
-  LN_aria_192_cfb1 =     'aria-192-cfb1';
-  NID_aria_192_cfb1 =     1081;
-  SN_aria_256_cfb1 =     'ARIA-256-CFB1';
-  LN_aria_256_cfb1 =     'aria-256-cfb1';
-  NID_aria_256_cfb1 =     1082;
-  SN_aria_128_cfb8 =     'ARIA-128-CFB8';
-  LN_aria_128_cfb8 =     'aria-128-cfb8';
-  NID_aria_128_cfb8 =     1083;
-  SN_aria_192_cfb8 =     'ARIA-192-CFB8';
-  LN_aria_192_cfb8 =     'aria-192-cfb8';
-  NID_aria_192_cfb8 =     1084;
-  SN_aria_256_cfb8 =     'ARIA-256-CFB8';
-  LN_aria_256_cfb8 =     'aria-256-cfb8';
-  NID_aria_256_cfb8 =     1085;
-  SN_aria_128_ccm =   'ARIA-128-CCM';
-  LN_aria_128_ccm =   'aria-128-ccm';
-  NID_aria_128_ccm =     1120;
-  SN_aria_192_ccm =   'ARIA-192-CCM';
-  LN_aria_192_ccm =   'aria-192-ccm';
-  NID_aria_192_ccm =     1121;
-  SN_aria_256_ccm =   'ARIA-256-CCM';
-  LN_aria_256_ccm =   'aria-256-ccm';
-  NID_aria_256_ccm =     1122;
-  SN_aria_128_gcm =   'ARIA-128-GCM';
-  LN_aria_128_gcm =   'aria-128-gcm';
-  NID_aria_128_gcm =     1123;
-  SN_aria_192_gcm =   'ARIA-192-GCM';
-  LN_aria_192_gcm =   'aria-192-gcm';
-  NID_aria_192_gcm =     1124;
-  SN_aria_256_gcm =   'ARIA-256-GCM';
-  LN_aria_256_gcm =   'aria-256-gcm';
-  NID_aria_256_gcm =     1125;
-  SN_kisa =   'KISA';
-  LN_kisa =   'kisa';
-  NID_kisa =     773;
-  SN_seed_ecb =    'SEED-ECB';
-  LN_seed_ecb =    'seed-ecb';
-  NID_seed_ecb =    776;
-  SN_seed_cbc =    'SEED-CBC';
-  LN_seed_cbc =    'seed-cbc';
-  NID_seed_cbc =    777;
-  SN_seed_cfb128 =   'SEED-CFB';
-  LN_seed_cfb128 =   'seed-cfb';
-  NID_seed_cfb128 =   779;
-  SN_seed_ofb128 =   'SEED-OFB';
-  LN_seed_ofb128 =   'seed-ofb';
-  NID_seed_ofb128 =   778;
-  SN_sm4_ecb =    'SM4-ECB';
-  LN_sm4_ecb =    'sm4-ecb';
-  NID_sm4_ecb =    1133;
-  SN_sm4_cbc =    'SM4-CBC';
-  LN_sm4_cbc =    'sm4-cbc';
-  NID_sm4_cbc =    1134;
-  SN_sm4_ofb128 =    'SM4-OFB';
-  LN_sm4_ofb128 =    'sm4-ofb';
-  NID_sm4_ofb128 =   1135;
-  SN_sm4_cfb128 =    'SM4-CFB';
-  LN_sm4_cfb128 =    'sm4-cfb';
-  NID_sm4_cfb128 =   1137;
-  SN_sm4_cfb1 =    'SM4-CFB1';
-  LN_sm4_cfb1 =    'sm4-cfb1';
-  NID_sm4_cfb1 =    1136;
-  SN_sm4_cfb8 =    'SM4-CFB8';
-  LN_sm4_cfb8 =    'sm4-cfb8';
-  NID_sm4_cfb8 =    1138;
-  SN_sm4_ctr =    'SM4-CTR';
-  LN_sm4_ctr =    'sm4-ctr';
-  NID_sm4_ctr =    1139;
-  SN_hmac =   'HMAC';
-  LN_hmac =   'hmac';
-  NID_hmac =     855;
-  SN_cmac =   'CMAC';
-  LN_cmac =   'cmac';
-  NID_cmac =     894;
-  SN_rc4_hmac_md5 =   'RC4-HMAC-MD5';
-  LN_rc4_hmac_md5 =   'rc4-hmac-md5';
-  NID_rc4_hmac_md5 =     915;
-  SN_aes_128_cbc_hmac_sha1 =     'AES-128-CBC-HMAC-SHA1';
-  LN_aes_128_cbc_hmac_sha1 =     'aes-128-cbc-hmac-sha1';
-  NID_aes_128_cbc_hmac_sha1 =     916;
-  SN_aes_192_cbc_hmac_sha1 =     'AES-192-CBC-HMAC-SHA1';
-  LN_aes_192_cbc_hmac_sha1 =     'aes-192-cbc-hmac-sha1';
-  NID_aes_192_cbc_hmac_sha1 =     917;
-  SN_aes_256_cbc_hmac_sha1 =     'AES-256-CBC-HMAC-SHA1';
-  LN_aes_256_cbc_hmac_sha1 =     'aes-256-cbc-hmac-sha1';
-  NID_aes_256_cbc_hmac_sha1 =     918;
-  SN_aes_128_cbc_hmac_sha256 =    'AES-128-CBC-HMAC-SHA256';
-  LN_aes_128_cbc_hmac_sha256 =    'aes-128-cbc-hmac-sha256';
-  NID_aes_128_cbc_hmac_sha256 =    948;
-  SN_aes_192_cbc_hmac_sha256 =    'AES-192-CBC-HMAC-SHA256';
-  LN_aes_192_cbc_hmac_sha256 =    'aes-192-cbc-hmac-sha256';
-  NID_aes_192_cbc_hmac_sha256 =    949;
-  SN_aes_256_cbc_hmac_sha256 =    'AES-256-CBC-HMAC-SHA256';
-  LN_aes_256_cbc_hmac_sha256 =    'aes-256-cbc-hmac-sha256';
-  NID_aes_256_cbc_hmac_sha256 =    950;
-  SN_chacha20_poly1305 =    'ChaCha20-Poly1305';
-  LN_chacha20_poly1305 =    'chacha20-poly1305';
-  NID_chacha20_poly1305 =    1018;
-  SN_chacha20 =    'ChaCha20';
-  LN_chacha20 =    'chacha20';
-  NID_chacha20 =    1019;
-  SN_dhpublicnumber =     'dhpublicnumber';
-  LN_dhpublicnumber =     'X9.42 DH';
-  NID_dhpublicnumber =    920;
-  SN_brainpoolP160r1 =    'brainpoolP160r1';
-  NID_brainpoolP160r1 =    921;
-  SN_brainpoolP160t1 =    'brainpoolP160t1';
-  NID_brainpoolP160t1 =    922;
-  SN_brainpoolP192r1 =    'brainpoolP192r1';
-  NID_brainpoolP192r1 =    923;
-  SN_brainpoolP192t1 =    'brainpoolP192t1';
-  NID_brainpoolP192t1 =    924;
-  SN_brainpoolP224r1 =    'brainpoolP224r1';
-  NID_brainpoolP224r1 =    925;
-  SN_brainpoolP224t1 =    'brainpoolP224t1';
-  NID_brainpoolP224t1 =    926;
-  SN_brainpoolP256r1 =    'brainpoolP256r1';
-  NID_brainpoolP256r1 =    927;
-  SN_brainpoolP256t1 =    'brainpoolP256t1';
-  NID_brainpoolP256t1 =    928;
-  SN_brainpoolP320r1 =    'brainpoolP320r1';
-  NID_brainpoolP320r1 =    929;
-  SN_brainpoolP320t1 =    'brainpoolP320t1';
-  NID_brainpoolP320t1 =    930;
-  SN_brainpoolP384r1 =    'brainpoolP384r1';
-  NID_brainpoolP384r1 =    931;
-  SN_brainpoolP384t1 =    'brainpoolP384t1';
-  NID_brainpoolP384t1 =    932;
-  SN_brainpoolP512r1 =    'brainpoolP512r1';
-  NID_brainpoolP512r1 =    933;
-  SN_brainpoolP512t1 =    'brainpoolP512t1';
-  NID_brainpoolP512t1 =    934;
-  SN_dhSinglePass_stdDH_sha1kdf_scheme =    'dhSinglePass-stdDH-sha1kdf-scheme';
-  NID_dhSinglePass_stdDH_sha1kdf_scheme =    936;
-  SN_dhSinglePass_stdDH_sha224kdf_scheme =   'dhSinglePass-stdDH-sha224kdf-scheme';
-  NID_dhSinglePass_stdDH_sha224kdf_scheme =   937;
-  SN_dhSinglePass_stdDH_sha256kdf_scheme =   'dhSinglePass-stdDH-sha256kdf-scheme';
-  NID_dhSinglePass_stdDH_sha256kdf_scheme =   938;
-  SN_dhSinglePass_stdDH_sha384kdf_scheme =   'dhSinglePass-stdDH-sha384kdf-scheme';
-  NID_dhSinglePass_stdDH_sha384kdf_scheme =   939;
-  SN_dhSinglePass_stdDH_sha512kdf_scheme =   'dhSinglePass-stdDH-sha512kdf-scheme';
-  NID_dhSinglePass_stdDH_sha512kdf_scheme =   940;
-  SN_dhSinglePass_cofactorDH_sha1kdf_scheme =     'dhSinglePass-cofactorDH-sha1kdf-scheme';
-  NID_dhSinglePass_cofactorDH_sha1kdf_scheme =    941;
-  SN_dhSinglePass_cofactorDH_sha224kdf_scheme =    'dhSinglePass-cofactorDH-sha224kdf-scheme';
-  NID_dhSinglePass_cofactorDH_sha224kdf_scheme =    942;
-  SN_dhSinglePass_cofactorDH_sha256kdf_scheme =    'dhSinglePass-cofactorDH-sha256kdf-scheme';
-  NID_dhSinglePass_cofactorDH_sha256kdf_scheme =    943;
-  SN_dhSinglePass_cofactorDH_sha384kdf_scheme =    'dhSinglePass-cofactorDH-sha384kdf-scheme';
-  NID_dhSinglePass_cofactorDH_sha384kdf_scheme =    944;
-  SN_dhSinglePass_cofactorDH_sha512kdf_scheme =    'dhSinglePass-cofactorDH-sha512kdf-scheme';
-  NID_dhSinglePass_cofactorDH_sha512kdf_scheme =    945;
-  SN_dh_std_kdf =    'dh-std-kdf';
-  NID_dh_std_kdf =   946;
-  SN_dh_cofactor_kdf =    'dh-cofactor-kdf';
-  NID_dh_cofactor_kdf =    947;
-  SN_ct_precert_scts =    'ct_precert_scts';
-  LN_ct_precert_scts =    'CT Precertificate SCTs';
-  NID_ct_precert_scts =    951;
-  SN_ct_precert_poison =    'ct_precert_poison';
-  LN_ct_precert_poison =    'CT Precertificate Poison';
-  NID_ct_precert_poison =    952;
-  SN_ct_precert_signer =    'ct_precert_signer';
-  LN_ct_precert_signer =    'CT Precertificate Signer';
-  NID_ct_precert_signer =    953;
-  SN_ct_cert_scts =   'ct_cert_scts';
-  LN_ct_cert_scts =   'CT Certificate SCTs';
-  NID_ct_cert_scts =     954;
-  SN_jurisdictionLocalityName =    'jurisdictionL';
-  LN_jurisdictionLocalityName =    'jurisdictionLocalityName';
-  NID_jurisdictionLocalityName =    955;
-  SN_jurisdictionStateOrProvinceName =    'jurisdictionST';
-  LN_jurisdictionStateOrProvinceName =    'jurisdictionStateOrProvinceName';
-  NID_jurisdictionStateOrProvinceName =    956;
-  SN_jurisdictionCountryName =    'jurisdictionC';
-  LN_jurisdictionCountryName =    'jurisdictionCountryName';
-  NID_jurisdictionCountryName =    957;
-  SN_id_scrypt =    'id-scrypt';
-  LN_id_scrypt =    'scrypt';
-  NID_id_scrypt =    973;
-  SN_tls1_prf =    'TLS1-PRF';
-  LN_tls1_prf =    'tls1-prf';
-  NID_tls1_prf =    1021;
-  SN_hkdf =   'HKDF';
-  LN_hkdf =   'hkdf';
-  NID_hkdf =     1036;
-  SN_id_pkinit =    'id-pkinit';
-  NID_id_pkinit =    1031;
-  SN_pkInitClientAuth =    'pkInitClientAuth';
-  LN_pkInitClientAuth =    'PKINIT Client Auth';
-  NID_pkInitClientAuth =    1032;
-  SN_pkInitKDC =    'pkInitKDC';
-  LN_pkInitKDC =    'Signing KDC Response';
-  NID_pkInitKDC =    1033;
-  SN_X25519 =     'X25519';
-  NID_X25519 =    1034;
-  SN_X448 =   'X448';
-  NID_X448 =     1035;
-  SN_ED25519 =    'ED25519';
-  NID_ED25519 =    1087;
-  SN_ED448 =     'ED448';
-  NID_ED448 =     1088;
-  SN_kx_rsa =     'KxRSA';
-  LN_kx_rsa =     'kx-rsa';
-  NID_kx_rsa =    1037;
-  SN_kx_ecdhe =    'KxECDHE';
-  LN_kx_ecdhe =    'kx-ecdhe';
-  NID_kx_ecdhe =    1038;
-  SN_kx_dhe =     'KxDHE';
-  LN_kx_dhe =     'kx-dhe';
-  NID_kx_dhe =    1039;
-  SN_kx_ecdhe_psk =   'KxECDHE-PSK';
-  LN_kx_ecdhe_psk =   'kx-ecdhe-psk';
-  NID_kx_ecdhe_psk =     1040;
-  SN_kx_dhe_psk =    'KxDHE-PSK';
-  LN_kx_dhe_psk =    'kx-dhe-psk';
-  NID_kx_dhe_psk =   1041;
-  SN_kx_rsa_psk =    'KxRSA_PSK';
-  LN_kx_rsa_psk =    'kx-rsa-psk';
-  NID_kx_rsa_psk =   1042;
-  SN_kx_psk =     'KxPSK';
-  LN_kx_psk =     'kx-psk';
-  NID_kx_psk =    1043;
-  SN_kx_srp =     'KxSRP';
-  LN_kx_srp =     'kx-srp';
-  NID_kx_srp =    1044;
-  SN_kx_gost =    'KxGOST';
-  LN_kx_gost =    'kx-gost';
-  NID_kx_gost =    1045;
-  SN_kx_any =     'KxANY';
-  LN_kx_any =     'kx-any';
-  NID_kx_any =    1063;
-  SN_auth_rsa =    'AuthRSA';
-  LN_auth_rsa =    'auth-rsa';
-  NID_auth_rsa =    1046;
-  SN_auth_ecdsa =    'AuthECDSA';
-  LN_auth_ecdsa =    'auth-ecdsa';
-  NID_auth_ecdsa =   1047;
-  SN_auth_psk =    'AuthPSK';
-  LN_auth_psk =    'auth-psk';
-  NID_auth_psk =    1048;
-  SN_auth_dss =    'AuthDSS';
-  LN_auth_dss =    'auth-dss';
-  NID_auth_dss =    1049;
-  SN_auth_gost01 =   'AuthGOST01';
-  LN_auth_gost01 =   'auth-gost01';
-  NID_auth_gost01 =   1050;
-  SN_auth_gost12 =   'AuthGOST12';
-  LN_auth_gost12 =   'auth-gost12';
-  NID_auth_gost12 =   1051;
-  SN_auth_srp =    'AuthSRP';
-  LN_auth_srp =    'auth-srp';
-  NID_auth_srp =    1052;
-  SN_auth_null =    'AuthNULL';
-  LN_auth_null =    'auth-null';
-  NID_auth_null =    1053;
-  SN_auth_any =    'AuthANY';
-  LN_auth_any =    'auth-any';
-  NID_auth_any =    1064;
-  SN_poly1305 =    'Poly1305';
-  LN_poly1305 =    'poly1305';
-  NID_poly1305 =    1061;
-  SN_siphash =    'SipHash';
-  LN_siphash =    'siphash';
-  NID_siphash =    1062;
-  SN_ffdhe2048 =    'ffdhe2048';
-  NID_ffdhe2048 =    1126;
-  SN_ffdhe3072 =    'ffdhe3072';
-  NID_ffdhe3072 =    1127;
-  SN_ffdhe4096 =    'ffdhe4096';
-  NID_ffdhe4096 =    1128;
-  SN_ffdhe6144 =    'ffdhe6144';
-  NID_ffdhe6144 =    1129;
-  SN_ffdhe8192 =    'ffdhe8192';
-  NID_ffdhe8192 =    1130;
-  SN_ISO_UA =     'ISO-UA';
-  NID_ISO_UA =    1150;
-  SN_ua_pki =     'ua-pki';
-  NID_ua_pki =    1151;
-  SN_dstu28147 =    'dstu28147';
-  LN_dstu28147 =    'DSTU Gost 28147-2009';
-  NID_dstu28147 =    1152;
-  SN_dstu28147_ofb =     'dstu28147-ofb';
-  LN_dstu28147_ofb =     'DSTU Gost 28147-2009 OFB mode';
-  NID_dstu28147_ofb =     1153;
-  SN_dstu28147_cfb =     'dstu28147-cfb';
-  LN_dstu28147_cfb =     'DSTU Gost 28147-2009 CFB mode';
-  NID_dstu28147_cfb =     1154;
-  SN_dstu28147_wrap =     'dstu28147-wrap';
-  LN_dstu28147_wrap =     'DSTU Gost 28147-2009 key wrap';
-  NID_dstu28147_wrap =    1155;
-  SN_hmacWithDstu34311 =    'hmacWithDstu34311';
-  LN_hmacWithDstu34311 =    'HMAC DSTU Gost 34311-95';
-  NID_hmacWithDstu34311 =    1156;
-  SN_dstu34311 =    'dstu34311';
-  LN_dstu34311 =    'DSTU Gost 34311-95';
-  NID_dstu34311 =    1157;
-  SN_dstu4145le =    'dstu4145le';
-  LN_dstu4145le =    'DSTU 4145-2002 little endian';
-  NID_dstu4145le =   1158;
-  SN_dstu4145be =    'dstu4145be';
-  LN_dstu4145be =    'DSTU 4145-2002 big endian';
-  NID_dstu4145be =   1159;
-  SN_uacurve0 =    'uacurve0';
-  LN_uacurve0 =    'DSTU curve 0';
-  NID_uacurve0 =    1160;
-  SN_uacurve1 =    'uacurve1';
-  LN_uacurve1 =    'DSTU curve 1';
-  NID_uacurve1 =    1161;
-  SN_uacurve2 =    'uacurve2';
-  LN_uacurve2 =    'DSTU curve 2';
-  NID_uacurve2 =    1162;
-  SN_uacurve3 =    'uacurve3';
-  LN_uacurve3 =    'DSTU curve 3';
-  NID_uacurve3 =    1163;
-  SN_uacurve4 =    'uacurve4';
-  LN_uacurve4 =    'DSTU curve 4';
-  NID_uacurve4 =    1164;
-  SN_uacurve5 =    'uacurve5';
-  LN_uacurve5 =    'DSTU curve 5';
-  NID_uacurve5 =    1165;
-  SN_uacurve6 =    'uacurve6';
-  LN_uacurve6 =    'DSTU curve 6';
-  NID_uacurve6 =    1166;
-  SN_uacurve7 =    'uacurve7';
-  LN_uacurve7 =    'DSTU curve 7';
-  NID_uacurve7 =    1167;
-  SN_uacurve8 =    'uacurve8';
-  LN_uacurve8 =    'DSTU curve 8';
-  NID_uacurve8 =    1168;
-  SN_uacurve9 =    'uacurve9';
-  LN_uacurve9 =    'DSTU curve 9';
-  NID_uacurve9 =    1169;
+  SN_undef = AnsiString('UNDEF');
+  LN_undef = AnsiString('undefined');
+  NID_undef = 0;
+
+  SN_itu_t = AnsiString('ITU-T');
+  LN_itu_t = AnsiString('itu-t');
+  NID_itu_t = 645;
+
+  NID_ccitt = 404;
+
+  SN_iso = AnsiString('ISO');
+  LN_iso = AnsiString('iso');
+  NID_iso = 181;
+
+  SN_joint_iso_itu_t = AnsiString('JOINT-ISO-ITU-T');
+  LN_joint_iso_itu_t = AnsiString('joint-iso-itu-t');
+  NID_joint_iso_itu_t = 646;
+
+  NID_joint_iso_ccitt = 393;
+
+  SN_member_body = AnsiString('member-body');
+  LN_member_body = AnsiString('ISO Member Body');
+  NID_member_body = 182;
+
+  SN_identified_organization = AnsiString('identified-organization');
+  NID_identified_organization = 676;
+
+  SN_hmac_md5 = AnsiString('HMAC-MD5');
+  LN_hmac_md5 = AnsiString('hmac-md5');
+  NID_hmac_md5 = 780;
+
+  SN_hmac_sha1 = AnsiString('HMAC-SHA1');
+  LN_hmac_sha1 = AnsiString('hmac-sha1');
+  NID_hmac_sha1 = 781;
+
+  SN_x509ExtAdmission = AnsiString('x509ExtAdmission');
+  LN_x509ExtAdmission = AnsiString('Professional Information or basis for Admission');
+  NID_x509ExtAdmission = 1093;
+
+  SN_certicom_arc = AnsiString('certicom-arc');
+  NID_certicom_arc = 677;
+
+  SN_ieee = AnsiString('ieee');
+  NID_ieee = 1170;
+
+  SN_ieee_siswg = AnsiString('ieee-siswg');
+  LN_ieee_siswg = AnsiString('IEEE Security in Storage Working Group');
+  NID_ieee_siswg = 1171;
+
+  SN_international_organizations = AnsiString('international-organizations');
+  LN_international_organizations = AnsiString('International Organizations');
+  NID_international_organizations = 647;
+
+  SN_wap = AnsiString('wap');
+  NID_wap = 678;
+
+  SN_wap_wsg = AnsiString('wap-wsg');
+  NID_wap_wsg = 679;
+
+  SN_selected_attribute_types = AnsiString('selected-attribute-types');
+  LN_selected_attribute_types = AnsiString('Selected Attribute Types');
+  NID_selected_attribute_types = 394;
+
+  SN_clearance = AnsiString('clearance');
+  NID_clearance = 395;
+
+  SN_ISO_US = AnsiString('ISO-US');
+  LN_ISO_US = AnsiString('ISO US Member Body');
+  NID_ISO_US = 183;
+
+  SN_X9_57 = AnsiString('X9-57');
+  LN_X9_57 = AnsiString('X9.57');
+  NID_X9_57 = 184;
+
+  SN_X9cm = AnsiString('X9cm');
+  LN_X9cm = AnsiString('X9.57 CM ?');
+  NID_X9cm = 185;
+
+  SN_ISO_CN = AnsiString('ISO-CN');
+  LN_ISO_CN = AnsiString('ISO CN Member Body');
+  NID_ISO_CN = 1140;
+
+  SN_oscca = AnsiString('oscca');
+  NID_oscca = 1141;
+
+  SN_sm_scheme = AnsiString('sm-scheme');
+  NID_sm_scheme = 1142;
+
+  SN_dsa = AnsiString('DSA');
+  LN_dsa = AnsiString('dsaEncryption');
+  NID_dsa = 116;
+
+  SN_dsaWithSHA1 = AnsiString('DSA-SHA1');
+  LN_dsaWithSHA1 = AnsiString('dsaWithSHA1');
+  NID_dsaWithSHA1 = 113;
+
+  SN_ansi_X9_62 = AnsiString('ansi-X9-62');
+  LN_ansi_X9_62 = AnsiString('ANSI X9.62');
+  NID_ansi_X9_62 = 405;
+
+  SN_X9_62_prime_field = AnsiString('prime-field');
+  NID_X9_62_prime_field = 406;
+
+  SN_X9_62_characteristic_two_field = AnsiString('characteristic-two-field');
+  NID_X9_62_characteristic_two_field = 407;
+
+  SN_X9_62_id_characteristic_two_basis = AnsiString('id-characteristic-two-basis');
+  NID_X9_62_id_characteristic_two_basis = 680;
+
+  SN_X9_62_onBasis = AnsiString('onBasis');
+  NID_X9_62_onBasis = 681;
+
+  SN_X9_62_tpBasis = AnsiString('tpBasis');
+  NID_X9_62_tpBasis = 682;
+
+  SN_X9_62_ppBasis = AnsiString('ppBasis');
+  NID_X9_62_ppBasis = 683;
+
+  SN_X9_62_id_ecPublicKey = AnsiString('id-ecPublicKey');
+  NID_X9_62_id_ecPublicKey = 408;
+
+  SN_X9_62_c2pnb163v1 = AnsiString('c2pnb163v1');
+  NID_X9_62_c2pnb163v1 = 684;
+
+  SN_X9_62_c2pnb163v2 = AnsiString('c2pnb163v2');
+  NID_X9_62_c2pnb163v2 = 685;
+
+  SN_X9_62_c2pnb163v3 = AnsiString('c2pnb163v3');
+  NID_X9_62_c2pnb163v3 = 686;
+
+  SN_X9_62_c2pnb176v1 = AnsiString('c2pnb176v1');
+  NID_X9_62_c2pnb176v1 = 687;
+
+  SN_X9_62_c2tnb191v1 = AnsiString('c2tnb191v1');
+  NID_X9_62_c2tnb191v1 = 688;
+
+  SN_X9_62_c2tnb191v2 = AnsiString('c2tnb191v2');
+  NID_X9_62_c2tnb191v2 = 689;
+
+  SN_X9_62_c2tnb191v3 = AnsiString('c2tnb191v3');
+  NID_X9_62_c2tnb191v3 = 690;
+
+  SN_X9_62_c2onb191v4 = AnsiString('c2onb191v4');
+  NID_X9_62_c2onb191v4 = 691;
+
+  SN_X9_62_c2onb191v5 = AnsiString('c2onb191v5');
+  NID_X9_62_c2onb191v5 = 692;
+
+  SN_X9_62_c2pnb208w1 = AnsiString('c2pnb208w1');
+  NID_X9_62_c2pnb208w1 = 693;
+
+  SN_X9_62_c2tnb239v1 = AnsiString('c2tnb239v1');
+  NID_X9_62_c2tnb239v1 = 694;
+
+  SN_X9_62_c2tnb239v2 = AnsiString('c2tnb239v2');
+  NID_X9_62_c2tnb239v2 = 695;
+
+  SN_X9_62_c2tnb239v3 = AnsiString('c2tnb239v3');
+  NID_X9_62_c2tnb239v3 = 696;
+
+  SN_X9_62_c2onb239v4 = AnsiString('c2onb239v4');
+  NID_X9_62_c2onb239v4 = 697;
+
+  SN_X9_62_c2onb239v5 = AnsiString('c2onb239v5');
+  NID_X9_62_c2onb239v5 = 698;
+
+  SN_X9_62_c2pnb272w1 = AnsiString('c2pnb272w1');
+  NID_X9_62_c2pnb272w1 = 699;
+
+  SN_X9_62_c2pnb304w1 = AnsiString('c2pnb304w1');
+  NID_X9_62_c2pnb304w1 = 700;
+
+  SN_X9_62_c2tnb359v1 = AnsiString('c2tnb359v1');
+  NID_X9_62_c2tnb359v1 = 701;
+
+  SN_X9_62_c2pnb368w1 = AnsiString('c2pnb368w1');
+  NID_X9_62_c2pnb368w1 = 702;
+
+  SN_X9_62_c2tnb431r1 = AnsiString('c2tnb431r1');
+  NID_X9_62_c2tnb431r1 = 703;
+
+  SN_X9_62_prime192v1 = AnsiString('prime192v1');
+  NID_X9_62_prime192v1 = 409;
+
+  SN_X9_62_prime192v2 = AnsiString('prime192v2');
+  NID_X9_62_prime192v2 = 410;
+
+  SN_X9_62_prime192v3 = AnsiString('prime192v3');
+  NID_X9_62_prime192v3 = 411;
+
+  SN_X9_62_prime239v1 = AnsiString('prime239v1');
+  NID_X9_62_prime239v1 = 412;
+
+  SN_X9_62_prime239v2 = AnsiString('prime239v2');
+  NID_X9_62_prime239v2 = 413;
+
+  SN_X9_62_prime239v3 = AnsiString('prime239v3');
+  NID_X9_62_prime239v3 = 414;
+
+  SN_X9_62_prime256v1 = AnsiString('prime256v1');
+  NID_X9_62_prime256v1 = 415;
+
+  SN_ecdsa_with_SHA1 = AnsiString('ecdsa-with-SHA1');
+  NID_ecdsa_with_SHA1 = 416;
+
+  SN_ecdsa_with_Recommended = AnsiString('ecdsa-with-Recommended');
+  NID_ecdsa_with_Recommended = 791;
+
+  SN_ecdsa_with_Specified = AnsiString('ecdsa-with-Specified');
+  NID_ecdsa_with_Specified = 792;
+
+  SN_ecdsa_with_SHA224 = AnsiString('ecdsa-with-SHA224');
+  NID_ecdsa_with_SHA224 = 793;
+
+  SN_ecdsa_with_SHA256 = AnsiString('ecdsa-with-SHA256');
+  NID_ecdsa_with_SHA256 = 794;
+
+  SN_ecdsa_with_SHA384 = AnsiString('ecdsa-with-SHA384');
+  NID_ecdsa_with_SHA384 = 795;
+
+  SN_ecdsa_with_SHA512 = AnsiString('ecdsa-with-SHA512');
+  NID_ecdsa_with_SHA512 = 796;
+
+  SN_secp112r1 = AnsiString('secp112r1');
+  NID_secp112r1 = 704;
+
+  SN_secp112r2 = AnsiString('secp112r2');
+  NID_secp112r2 = 705;
+
+  SN_secp128r1 = AnsiString('secp128r1');
+  NID_secp128r1 = 706;
+
+  SN_secp128r2 = AnsiString('secp128r2');
+  NID_secp128r2 = 707;
+
+  SN_secp160k1 = AnsiString('secp160k1');
+  NID_secp160k1 = 708;
+
+  SN_secp160r1 = AnsiString('secp160r1');
+  NID_secp160r1 = 709;
+
+  SN_secp160r2 = AnsiString('secp160r2');
+  NID_secp160r2 = 710;
+
+  SN_secp192k1 = AnsiString('secp192k1');
+  NID_secp192k1 = 711;
+
+  SN_secp224k1 = AnsiString('secp224k1');
+  NID_secp224k1 = 712;
+
+  SN_secp224r1 = AnsiString('secp224r1');
+  NID_secp224r1 = 713;
+
+  SN_secp256k1 = AnsiString('secp256k1');
+  NID_secp256k1 = 714;
+
+  SN_secp384r1 = AnsiString('secp384r1');
+  NID_secp384r1 = 715;
+
+  SN_secp521r1 = AnsiString('secp521r1');
+  NID_secp521r1 = 716;
+
+  SN_sect113r1 = AnsiString('sect113r1');
+  NID_sect113r1 = 717;
+
+  SN_sect113r2 = AnsiString('sect113r2');
+  NID_sect113r2 = 718;
+
+  SN_sect131r1 = AnsiString('sect131r1');
+  NID_sect131r1 = 719;
+
+  SN_sect131r2 = AnsiString('sect131r2');
+  NID_sect131r2 = 720;
+
+  SN_sect163k1 = AnsiString('sect163k1');
+  NID_sect163k1 = 721;
+
+  SN_sect163r1 = AnsiString('sect163r1');
+  NID_sect163r1 = 722;
+
+  SN_sect163r2 = AnsiString('sect163r2');
+  NID_sect163r2 = 723;
+
+  SN_sect193r1 = AnsiString('sect193r1');
+  NID_sect193r1 = 724;
+
+  SN_sect193r2 = AnsiString('sect193r2');
+  NID_sect193r2 = 725;
+
+  SN_sect233k1 = AnsiString('sect233k1');
+  NID_sect233k1 = 726;
+
+  SN_sect233r1 = AnsiString('sect233r1');
+  NID_sect233r1 = 727;
+
+  SN_sect239k1 = AnsiString('sect239k1');
+  NID_sect239k1 = 728;
+
+  SN_sect283k1 = AnsiString('sect283k1');
+  NID_sect283k1 = 729;
+
+  SN_sect283r1 = AnsiString('sect283r1');
+  NID_sect283r1 = 730;
+
+  SN_sect409k1 = AnsiString('sect409k1');
+  NID_sect409k1 = 731;
+
+  SN_sect409r1 = AnsiString('sect409r1');
+  NID_sect409r1 = 732;
+
+  SN_sect571k1 = AnsiString('sect571k1');
+  NID_sect571k1 = 733;
+
+  SN_sect571r1 = AnsiString('sect571r1');
+  NID_sect571r1 = 734;
+
+  SN_wap_wsg_idm_ecid_wtls1 = AnsiString('wap-wsg-idm-ecid-wtls1');
+  NID_wap_wsg_idm_ecid_wtls1 = 735;
+
+  SN_wap_wsg_idm_ecid_wtls3 = AnsiString('wap-wsg-idm-ecid-wtls3');
+  NID_wap_wsg_idm_ecid_wtls3 = 736;
+
+  SN_wap_wsg_idm_ecid_wtls4 = AnsiString('wap-wsg-idm-ecid-wtls4');
+  NID_wap_wsg_idm_ecid_wtls4 = 737;
+
+  SN_wap_wsg_idm_ecid_wtls5 = AnsiString('wap-wsg-idm-ecid-wtls5');
+  NID_wap_wsg_idm_ecid_wtls5 = 738;
+
+  SN_wap_wsg_idm_ecid_wtls6 = AnsiString('wap-wsg-idm-ecid-wtls6');
+  NID_wap_wsg_idm_ecid_wtls6 = 739;
+
+  SN_wap_wsg_idm_ecid_wtls7 = AnsiString('wap-wsg-idm-ecid-wtls7');
+  NID_wap_wsg_idm_ecid_wtls7 = 740;
+
+  SN_wap_wsg_idm_ecid_wtls8 = AnsiString('wap-wsg-idm-ecid-wtls8');
+  NID_wap_wsg_idm_ecid_wtls8 = 741;
+
+  SN_wap_wsg_idm_ecid_wtls9 = AnsiString('wap-wsg-idm-ecid-wtls9');
+  NID_wap_wsg_idm_ecid_wtls9 = 742;
+
+  SN_wap_wsg_idm_ecid_wtls10 = AnsiString('wap-wsg-idm-ecid-wtls10');
+  NID_wap_wsg_idm_ecid_wtls10 = 743;
+
+  SN_wap_wsg_idm_ecid_wtls11 = AnsiString('wap-wsg-idm-ecid-wtls11');
+  NID_wap_wsg_idm_ecid_wtls11 = 744;
+
+  SN_wap_wsg_idm_ecid_wtls12 = AnsiString('wap-wsg-idm-ecid-wtls12');
+  NID_wap_wsg_idm_ecid_wtls12 = 745;
+
+  SN_cast5_cbc = AnsiString('CAST5-CBC');
+  LN_cast5_cbc = AnsiString('cast5-cbc');
+  NID_cast5_cbc = 108;
+
+  SN_cast5_ecb = AnsiString('CAST5-ECB');
+  LN_cast5_ecb = AnsiString('cast5-ecb');
+  NID_cast5_ecb = 109;
+
+  SN_cast5_cfb64 = AnsiString('CAST5-CFB');
+  LN_cast5_cfb64 = AnsiString('cast5-cfb');
+  NID_cast5_cfb64 = 110;
+
+  SN_cast5_ofb64 = AnsiString('CAST5-OFB');
+  LN_cast5_ofb64 = AnsiString('cast5-ofb');
+  NID_cast5_ofb64 = 111;
+
+  LN_pbeWithMD5AndCast5_CBC = AnsiString('pbeWithMD5AndCast5CBC');
+  NID_pbeWithMD5AndCast5_CBC = 112;
+
+  SN_id_PasswordBasedMAC = AnsiString('id-PasswordBasedMAC');
+  LN_id_PasswordBasedMAC = AnsiString('password based MAC');
+  NID_id_PasswordBasedMAC = 782;
+
+  SN_id_DHBasedMac = AnsiString('id-DHBasedMac');
+  LN_id_DHBasedMac = AnsiString('Diffie-Hellman based MAC');
+  NID_id_DHBasedMac = 783;
+
+  SN_rsadsi = AnsiString('rsadsi');
+  LN_rsadsi = AnsiString('RSA Data Security; Inc.');
+  NID_rsadsi = 1;
+
+  SN_pkcs = AnsiString('pkcs');
+  LN_pkcs = AnsiString('RSA Data Security; Inc. PKCS');
+  NID_pkcs = 2;
+
+  SN_pkcs1 = AnsiString('pkcs1');
+  NID_pkcs1 = 186;
+
+  LN_rsaEncryption = AnsiString('rsaEncryption');
+  NID_rsaEncryption = 6;
+
+  SN_md2WithRSAEncryption = AnsiString('RSA-MD2');
+  LN_md2WithRSAEncryption = AnsiString('md2WithRSAEncryption');
+  NID_md2WithRSAEncryption = 7;
+
+  SN_md4WithRSAEncryption = AnsiString('RSA-MD4');
+  LN_md4WithRSAEncryption = AnsiString('md4WithRSAEncryption');
+  NID_md4WithRSAEncryption = 396;
+
+  SN_md5WithRSAEncryption = AnsiString('RSA-MD5');
+  LN_md5WithRSAEncryption = AnsiString('md5WithRSAEncryption');
+  NID_md5WithRSAEncryption = 8;
+
+  SN_sha1WithRSAEncryption = AnsiString('RSA-SHA1');
+  LN_sha1WithRSAEncryption = AnsiString('sha1WithRSAEncryption');
+  NID_sha1WithRSAEncryption = 65;
+
+  SN_rsaesOaep = AnsiString('RSAES-OAEP');
+  LN_rsaesOaep = AnsiString('rsaesOaep');
+  NID_rsaesOaep = 919;
+
+  SN_mgf1 = AnsiString('MGF1');
+  LN_mgf1 = AnsiString('mgf1');
+  NID_mgf1 = 911;
+
+  SN_pSpecified = AnsiString('PSPECIFIED');
+  LN_pSpecified = AnsiString('pSpecified');
+  NID_pSpecified = 935;
+
+  SN_rsassaPss = AnsiString('RSASSA-PSS');
+  LN_rsassaPss = AnsiString('rsassaPss');
+  NID_rsassaPss = 912;
+
+  SN_sha256WithRSAEncryption = AnsiString('RSA-SHA256');
+  LN_sha256WithRSAEncryption = AnsiString('sha256WithRSAEncryption');
+  NID_sha256WithRSAEncryption = 668;
+
+  SN_sha384WithRSAEncryption = AnsiString('RSA-SHA384');
+  LN_sha384WithRSAEncryption = AnsiString('sha384WithRSAEncryption');
+  NID_sha384WithRSAEncryption = 669;
+
+  SN_sha512WithRSAEncryption = AnsiString('RSA-SHA512');
+  LN_sha512WithRSAEncryption = AnsiString('sha512WithRSAEncryption');
+  NID_sha512WithRSAEncryption = 670;
+
+  SN_sha224WithRSAEncryption = AnsiString('RSA-SHA224');
+  LN_sha224WithRSAEncryption = AnsiString('sha224WithRSAEncryption');
+  NID_sha224WithRSAEncryption = 671;
+
+  SN_sha512_224WithRSAEncryption = AnsiString('RSA-SHA512/224');
+  LN_sha512_224WithRSAEncryption = AnsiString('sha512-224WithRSAEncryption');
+  NID_sha512_224WithRSAEncryption = 1145;
+
+  SN_sha512_256WithRSAEncryption = AnsiString('RSA-SHA512/256');
+  LN_sha512_256WithRSAEncryption = AnsiString('sha512-256WithRSAEncryption');
+  NID_sha512_256WithRSAEncryption = 1146;
+
+  SN_pkcs3 = AnsiString('pkcs3');
+  NID_pkcs3 = 27;
+
+  LN_dhKeyAgreement = AnsiString('dhKeyAgreement');
+  NID_dhKeyAgreement = 28;
+
+  SN_pkcs5 = AnsiString('pkcs5');
+  NID_pkcs5 = 187;
+
+  SN_pbeWithMD2AndDES_CBC = AnsiString('PBE-MD2-DES');
+  LN_pbeWithMD2AndDES_CBC = AnsiString('pbeWithMD2AndDES-CBC');
+  NID_pbeWithMD2AndDES_CBC = 9;
+
+  SN_pbeWithMD5AndDES_CBC = AnsiString('PBE-MD5-DES');
+  LN_pbeWithMD5AndDES_CBC = AnsiString('pbeWithMD5AndDES-CBC');
+  NID_pbeWithMD5AndDES_CBC = 10;
+
+  SN_pbeWithMD2AndRC2_CBC = AnsiString('PBE-MD2-RC2-64');
+  LN_pbeWithMD2AndRC2_CBC = AnsiString('pbeWithMD2AndRC2-CBC');
+  NID_pbeWithMD2AndRC2_CBC = 168;
+
+  SN_pbeWithMD5AndRC2_CBC = AnsiString('PBE-MD5-RC2-64');
+  LN_pbeWithMD5AndRC2_CBC = AnsiString('pbeWithMD5AndRC2-CBC');
+  NID_pbeWithMD5AndRC2_CBC = 169;
+
+  SN_pbeWithSHA1AndDES_CBC = AnsiString('PBE-SHA1-DES');
+  LN_pbeWithSHA1AndDES_CBC = AnsiString('pbeWithSHA1AndDES-CBC');
+  NID_pbeWithSHA1AndDES_CBC = 170;
+
+  SN_pbeWithSHA1AndRC2_CBC = AnsiString('PBE-SHA1-RC2-64');
+  LN_pbeWithSHA1AndRC2_CBC = AnsiString('pbeWithSHA1AndRC2-CBC');
+  NID_pbeWithSHA1AndRC2_CBC = 68;
+
+  LN_id_pbkdf2 = AnsiString('PBKDF2');
+  NID_id_pbkdf2 = 69;
+
+  LN_pbes2 = AnsiString('PBES2');
+  NID_pbes2 = 161;
+
+  LN_pbmac1 = AnsiString('PBMAC1');
+  NID_pbmac1 = 162;
+
+  SN_pkcs7 = AnsiString('pkcs7');
+  NID_pkcs7 = 20;
+
+  LN_pkcs7_data = AnsiString('pkcs7-data');
+  NID_pkcs7_data = 21;
+
+  LN_pkcs7_signed = AnsiString('pkcs7-signedData');
+  NID_pkcs7_signed = 22;
+
+  LN_pkcs7_enveloped = AnsiString('pkcs7-envelopedData');
+  NID_pkcs7_enveloped = 23;
+
+  LN_pkcs7_signedAndEnveloped = AnsiString('pkcs7-signedAndEnvelopedData');
+  NID_pkcs7_signedAndEnveloped = 24;
+
+  LN_pkcs7_digest = AnsiString('pkcs7-digestData');
+  NID_pkcs7_digest = 25;
+
+  LN_pkcs7_encrypted = AnsiString('pkcs7-encryptedData');
+  NID_pkcs7_encrypted = 26;
+
+  SN_pkcs9 = AnsiString('pkcs9');
+  NID_pkcs9 = 47;
+
+  LN_pkcs9_emailAddress = AnsiString('emailAddress');
+  NID_pkcs9_emailAddress = 48;
+
+  LN_pkcs9_unstructuredName = AnsiString('unstructuredName');
+  NID_pkcs9_unstructuredName = 49;
+
+  LN_pkcs9_contentType = AnsiString('contentType');
+  NID_pkcs9_contentType = 50;
+
+  LN_pkcs9_messageDigest = AnsiString('messageDigest');
+  NID_pkcs9_messageDigest = 51;
+
+  LN_pkcs9_signingTime = AnsiString('signingTime');
+  NID_pkcs9_signingTime = 52;
+
+  LN_pkcs9_countersignature = AnsiString('countersignature');
+  NID_pkcs9_countersignature = 53;
+
+  LN_pkcs9_challengePassword = AnsiString('challengePassword');
+  NID_pkcs9_challengePassword = 54;
+
+  LN_pkcs9_unstructuredAddress = AnsiString('unstructuredAddress');
+  NID_pkcs9_unstructuredAddress = 55;
+
+  LN_pkcs9_extCertAttributes = AnsiString('extendedCertificateAttributes');
+  NID_pkcs9_extCertAttributes = 56;
+
+  SN_ext_req = AnsiString('extReq');
+  LN_ext_req = AnsiString('Extension Request');
+  NID_ext_req = 172;
+
+  SN_SMIMECapabilities = AnsiString('SMIME-CAPS');
+  LN_SMIMECapabilities = AnsiString('S/MIME Capabilities');
+  NID_SMIMECapabilities = 167;
+
+  SN_SMIME = AnsiString('SMIME');
+  LN_SMIME = AnsiString('S/MIME');
+  NID_SMIME = 188;
+
+  SN_id_smime_mod = AnsiString('id-smime-mod');
+  NID_id_smime_mod = 189;
+
+  SN_id_smime_ct = AnsiString('id-smime-ct');
+  NID_id_smime_ct = 190;
+
+  SN_id_smime_aa = AnsiString('id-smime-aa');
+  NID_id_smime_aa = 191;
+
+  SN_id_smime_alg = AnsiString('id-smime-alg');
+  NID_id_smime_alg = 192;
+
+  SN_id_smime_cd = AnsiString('id-smime-cd');
+  NID_id_smime_cd = 193;
+
+  SN_id_smime_spq = AnsiString('id-smime-spq');
+  NID_id_smime_spq = 194;
+
+  SN_id_smime_cti = AnsiString('id-smime-cti');
+  NID_id_smime_cti = 195;
+
+  SN_id_smime_mod_cms = AnsiString('id-smime-mod-cms');
+  NID_id_smime_mod_cms = 196;
+
+  SN_id_smime_mod_ess = AnsiString('id-smime-mod-ess');
+  NID_id_smime_mod_ess = 197;
+
+  SN_id_smime_mod_oid = AnsiString('id-smime-mod-oid');
+  NID_id_smime_mod_oid = 198;
+
+  SN_id_smime_mod_msg_v3 = AnsiString('id-smime-mod-msg-v3');
+  NID_id_smime_mod_msg_v3 = 199;
+
+  SN_id_smime_mod_ets_eSignature_88 = AnsiString('id-smime-mod-ets-eSignature-88');
+  NID_id_smime_mod_ets_eSignature_88 = 200;
+
+  SN_id_smime_mod_ets_eSignature_97 = AnsiString('id-smime-mod-ets-eSignature-97');
+  NID_id_smime_mod_ets_eSignature_97 = 201;
+
+  SN_id_smime_mod_ets_eSigPolicy_88 = AnsiString('id-smime-mod-ets-eSigPolicy-88');
+  NID_id_smime_mod_ets_eSigPolicy_88 = 202;
+
+  SN_id_smime_mod_ets_eSigPolicy_97 = AnsiString('id-smime-mod-ets-eSigPolicy-97');
+  NID_id_smime_mod_ets_eSigPolicy_97 = 203;
+
+  SN_id_smime_ct_receipt = AnsiString('id-smime-ct-receipt');
+  NID_id_smime_ct_receipt = 204;
+
+  SN_id_smime_ct_authData = AnsiString('id-smime-ct-authData');
+  NID_id_smime_ct_authData = 205;
+
+  SN_id_smime_ct_publishCert = AnsiString('id-smime-ct-publishCert');
+  NID_id_smime_ct_publishCert = 206;
+
+  SN_id_smime_ct_TSTInfo = AnsiString('id-smime-ct-TSTInfo');
+  NID_id_smime_ct_TSTInfo = 207;
+
+  SN_id_smime_ct_TDTInfo = AnsiString('id-smime-ct-TDTInfo');
+  NID_id_smime_ct_TDTInfo = 208;
+
+  SN_id_smime_ct_contentInfo = AnsiString('id-smime-ct-contentInfo');
+  NID_id_smime_ct_contentInfo = 209;
+
+  SN_id_smime_ct_DVCSRequestData = AnsiString('id-smime-ct-DVCSRequestData');
+  NID_id_smime_ct_DVCSRequestData = 210;
+
+  SN_id_smime_ct_DVCSResponseData = AnsiString('id-smime-ct-DVCSResponseData');
+  NID_id_smime_ct_DVCSResponseData = 211;
+
+  SN_id_smime_ct_compressedData = AnsiString('id-smime-ct-compressedData');
+  NID_id_smime_ct_compressedData = 786;
+
+  SN_id_smime_ct_contentCollection = AnsiString('id-smime-ct-contentCollection');
+  NID_id_smime_ct_contentCollection = 1058;
+
+  SN_id_smime_ct_authEnvelopedData = AnsiString('id-smime-ct-authEnvelopedData');
+  NID_id_smime_ct_authEnvelopedData = 1059;
+
+  SN_id_ct_asciiTextWithCRLF = AnsiString('id-ct-asciiTextWithCRLF');
+  NID_id_ct_asciiTextWithCRLF = 787;
+
+  SN_id_ct_xml = AnsiString('id-ct-xml');
+  NID_id_ct_xml = 1060;
+
+  SN_id_smime_aa_receiptRequest = AnsiString('id-smime-aa-receiptRequest');
+  NID_id_smime_aa_receiptRequest = 212;
+
+  SN_id_smime_aa_securityLabel = AnsiString('id-smime-aa-securityLabel');
+  NID_id_smime_aa_securityLabel = 213;
+
+  SN_id_smime_aa_mlExpandHistory = AnsiString('id-smime-aa-mlExpandHistory');
+  NID_id_smime_aa_mlExpandHistory = 214;
+
+  SN_id_smime_aa_contentHint = AnsiString('id-smime-aa-contentHint');
+  NID_id_smime_aa_contentHint = 215;
+
+  SN_id_smime_aa_msgSigDigest = AnsiString('id-smime-aa-msgSigDigest');
+  NID_id_smime_aa_msgSigDigest = 216;
+
+  SN_id_smime_aa_encapContentType = AnsiString('id-smime-aa-encapContentType');
+  NID_id_smime_aa_encapContentType = 217;
+
+  SN_id_smime_aa_contentIdentifier = AnsiString('id-smime-aa-contentIdentifier');
+  NID_id_smime_aa_contentIdentifier = 218;
+
+  SN_id_smime_aa_macValue = AnsiString('id-smime-aa-macValue');
+  NID_id_smime_aa_macValue = 219;
+
+  SN_id_smime_aa_equivalentLabels = AnsiString('id-smime-aa-equivalentLabels');
+  NID_id_smime_aa_equivalentLabels = 220;
+
+  SN_id_smime_aa_contentReference = AnsiString('id-smime-aa-contentReference');
+  NID_id_smime_aa_contentReference = 221;
+
+  SN_id_smime_aa_encrypKeyPref = AnsiString('id-smime-aa-encrypKeyPref');
+  NID_id_smime_aa_encrypKeyPref = 222;
+
+  SN_id_smime_aa_signingCertificate = AnsiString('id-smime-aa-signingCertificate');
+  NID_id_smime_aa_signingCertificate = 223;
+
+  SN_id_smime_aa_smimeEncryptCerts = AnsiString('id-smime-aa-smimeEncryptCerts');
+  NID_id_smime_aa_smimeEncryptCerts = 224;
+
+  SN_id_smime_aa_timeStampToken = AnsiString('id-smime-aa-timeStampToken');
+  NID_id_smime_aa_timeStampToken = 225;
+
+  SN_id_smime_aa_ets_sigPolicyId = AnsiString('id-smime-aa-ets-sigPolicyId');
+  NID_id_smime_aa_ets_sigPolicyId = 226;
+
+  SN_id_smime_aa_ets_commitmentType = AnsiString('id-smime-aa-ets-commitmentType');
+  NID_id_smime_aa_ets_commitmentType = 227;
+
+  SN_id_smime_aa_ets_signerLocation = AnsiString('id-smime-aa-ets-signerLocation');
+  NID_id_smime_aa_ets_signerLocation = 228;
+
+  SN_id_smime_aa_ets_signerAttr = AnsiString('id-smime-aa-ets-signerAttr');
+  NID_id_smime_aa_ets_signerAttr = 229;
+
+  SN_id_smime_aa_ets_otherSigCert = AnsiString('id-smime-aa-ets-otherSigCert');
+  NID_id_smime_aa_ets_otherSigCert = 230;
+
+  SN_id_smime_aa_ets_contentTimestamp = AnsiString('id-smime-aa-ets-contentTimestamp');
+  NID_id_smime_aa_ets_contentTimestamp = 231;
+
+  SN_id_smime_aa_ets_CertificateRefs = AnsiString('id-smime-aa-ets-CertificateRefs');
+  NID_id_smime_aa_ets_CertificateRefs = 232;
+
+  SN_id_smime_aa_ets_RevocationRefs = AnsiString('id-smime-aa-ets-RevocationRefs');
+  NID_id_smime_aa_ets_RevocationRefs = 233;
+
+  SN_id_smime_aa_ets_certValues = AnsiString('id-smime-aa-ets-certValues');
+  NID_id_smime_aa_ets_certValues = 234;
+
+  SN_id_smime_aa_ets_revocationValues = AnsiString('id-smime-aa-ets-revocationValues');
+  NID_id_smime_aa_ets_revocationValues = 235;
+
+  SN_id_smime_aa_ets_escTimeStamp = AnsiString('id-smime-aa-ets-escTimeStamp');
+  NID_id_smime_aa_ets_escTimeStamp = 236;
+
+  SN_id_smime_aa_ets_certCRLTimestamp = AnsiString('id-smime-aa-ets-certCRLTimestamp');
+  NID_id_smime_aa_ets_certCRLTimestamp = 237;
+
+  SN_id_smime_aa_ets_archiveTimeStamp = AnsiString('id-smime-aa-ets-archiveTimeStamp');
+  NID_id_smime_aa_ets_archiveTimeStamp = 238;
+
+  SN_id_smime_aa_signatureType = AnsiString('id-smime-aa-signatureType');
+  NID_id_smime_aa_signatureType = 239;
+
+  SN_id_smime_aa_dvcs_dvc = AnsiString('id-smime-aa-dvcs-dvc');
+  NID_id_smime_aa_dvcs_dvc = 240;
+
+  SN_id_smime_aa_signingCertificateV2 = AnsiString('id-smime-aa-signingCertificateV2');
+  NID_id_smime_aa_signingCertificateV2 = 1086;
+
+  SN_id_smime_alg_ESDHwith3DES = AnsiString('id-smime-alg-ESDHwith3DES');
+  NID_id_smime_alg_ESDHwith3DES = 241;
+
+  SN_id_smime_alg_ESDHwithRC2 = AnsiString('id-smime-alg-ESDHwithRC2');
+  NID_id_smime_alg_ESDHwithRC2 = 242;
+
+  SN_id_smime_alg_3DESwrap = AnsiString('id-smime-alg-3DESwrap');
+  NID_id_smime_alg_3DESwrap = 243;
+
+  SN_id_smime_alg_RC2wrap = AnsiString('id-smime-alg-RC2wrap');
+  NID_id_smime_alg_RC2wrap = 244;
+
+  SN_id_smime_alg_ESDH = AnsiString('id-smime-alg-ESDH');
+  NID_id_smime_alg_ESDH = 245;
+
+  SN_id_smime_alg_CMS3DESwrap = AnsiString('id-smime-alg-CMS3DESwrap');
+  NID_id_smime_alg_CMS3DESwrap = 246;
+
+  SN_id_smime_alg_CMSRC2wrap = AnsiString('id-smime-alg-CMSRC2wrap');
+  NID_id_smime_alg_CMSRC2wrap = 247;
+
+  SN_id_alg_PWRI_KEK = AnsiString('id-alg-PWRI-KEK');
+  NID_id_alg_PWRI_KEK = 893;
+
+  SN_id_smime_cd_ldap = AnsiString('id-smime-cd-ldap');
+  NID_id_smime_cd_ldap = 248;
+
+  SN_id_smime_spq_ets_sqt_uri = AnsiString('id-smime-spq-ets-sqt-uri');
+  NID_id_smime_spq_ets_sqt_uri = 249;
+
+  SN_id_smime_spq_ets_sqt_unotice = AnsiString('id-smime-spq-ets-sqt-unotice');
+  NID_id_smime_spq_ets_sqt_unotice = 250;
+
+  SN_id_smime_cti_ets_proofOfOrigin = AnsiString('id-smime-cti-ets-proofOfOrigin');
+  NID_id_smime_cti_ets_proofOfOrigin = 251;
+
+  SN_id_smime_cti_ets_proofOfReceipt = AnsiString('id-smime-cti-ets-proofOfReceipt');
+  NID_id_smime_cti_ets_proofOfReceipt = 252;
+
+  SN_id_smime_cti_ets_proofOfDelivery = AnsiString('id-smime-cti-ets-proofOfDelivery');
+  NID_id_smime_cti_ets_proofOfDelivery = 253;
+
+  SN_id_smime_cti_ets_proofOfSender = AnsiString('id-smime-cti-ets-proofOfSender');
+  NID_id_smime_cti_ets_proofOfSender = 254;
+
+  SN_id_smime_cti_ets_proofOfApproval = AnsiString('id-smime-cti-ets-proofOfApproval');
+  NID_id_smime_cti_ets_proofOfApproval = 255;
+
+  SN_id_smime_cti_ets_proofOfCreation = AnsiString('id-smime-cti-ets-proofOfCreation');
+  NID_id_smime_cti_ets_proofOfCreation = 256;
+
+  LN_friendlyName = AnsiString('friendlyName');
+  NID_friendlyName = 156;
+
+  LN_localKeyID = AnsiString('localKeyID');
+  NID_localKeyID = 157;
+
+  SN_ms_csp_name = AnsiString('CSPName');
+  LN_ms_csp_name = AnsiString('Microsoft CSP Name');
+  NID_ms_csp_name = 417;
+
+  SN_LocalKeySet = AnsiString('LocalKeySet');
+  LN_LocalKeySet = AnsiString('Microsoft Local Key set');
+  NID_LocalKeySet = 856;
+
+  LN_x509Certificate = AnsiString('x509Certificate');
+  NID_x509Certificate = 158;
+
+  LN_sdsiCertificate = AnsiString('sdsiCertificate');
+  NID_sdsiCertificate = 159;
+
+  LN_x509Crl = AnsiString('x509Crl');
+  NID_x509Crl = 160;
+
+  SN_pbe_WithSHA1And128BitRC4 = AnsiString('PBE-SHA1-RC4-128');
+  LN_pbe_WithSHA1And128BitRC4 = AnsiString('pbeWithSHA1And128BitRC4');
+  NID_pbe_WithSHA1And128BitRC4 = 144;
+
+  SN_pbe_WithSHA1And40BitRC4 = AnsiString('PBE-SHA1-RC4-40');
+  LN_pbe_WithSHA1And40BitRC4 = AnsiString('pbeWithSHA1And40BitRC4');
+  NID_pbe_WithSHA1And40BitRC4 = 145;
+
+  SN_pbe_WithSHA1And3_Key_TripleDES_CBC = AnsiString('PBE-SHA1-3DES');
+  LN_pbe_WithSHA1And3_Key_TripleDES_CBC = AnsiString('pbeWithSHA1And3-KeyTripleDES-CBC');
+  NID_pbe_WithSHA1And3_Key_TripleDES_CBC = 146;
+
+  SN_pbe_WithSHA1And2_Key_TripleDES_CBC = AnsiString('PBE-SHA1-2DES');
+  LN_pbe_WithSHA1And2_Key_TripleDES_CBC = AnsiString('pbeWithSHA1And2-KeyTripleDES-CBC');
+  NID_pbe_WithSHA1And2_Key_TripleDES_CBC = 147;
+
+  SN_pbe_WithSHA1And128BitRC2_CBC = AnsiString('PBE-SHA1-RC2-128');
+  LN_pbe_WithSHA1And128BitRC2_CBC = AnsiString('pbeWithSHA1And128BitRC2-CBC');
+  NID_pbe_WithSHA1And128BitRC2_CBC = 148;
+
+  SN_pbe_WithSHA1And40BitRC2_CBC = AnsiString('PBE-SHA1-RC2-40');
+  LN_pbe_WithSHA1And40BitRC2_CBC = AnsiString('pbeWithSHA1And40BitRC2-CBC');
+  NID_pbe_WithSHA1And40BitRC2_CBC = 149;
+
+  LN_keyBag = AnsiString('keyBag');
+  NID_keyBag = 150;
+
+  LN_pkcs8ShroudedKeyBag = AnsiString('pkcs8ShroudedKeyBag');
+  NID_pkcs8ShroudedKeyBag = 151;
+
+  LN_certBag = AnsiString('certBag');
+  NID_certBag = 152;
+
+  LN_crlBag = AnsiString('crlBag');
+  NID_crlBag = 153;
+
+  LN_secretBag = AnsiString('secretBag');
+  NID_secretBag = 154;
+
+  LN_safeContentsBag = AnsiString('safeContentsBag');
+  NID_safeContentsBag = 155;
+
+  SN_md2 = AnsiString('MD2');
+  LN_md2 = AnsiString('md2');
+  NID_md2 = 3;
+
+  SN_md4 = AnsiString('MD4');
+  LN_md4 = AnsiString('md4');
+  NID_md4 = 257;
+
+  SN_md5 = AnsiString('MD5');
+  LN_md5 = AnsiString('md5');
+  NID_md5 = 4;
+
+  SN_md5_sha1 = AnsiString('MD5-SHA1');
+  LN_md5_sha1 = AnsiString('md5-sha1');
+  NID_md5_sha1 = 114;
+
+  LN_hmacWithMD5 = AnsiString('hmacWithMD5');
+  NID_hmacWithMD5 = 797;
+
+  LN_hmacWithSHA1 = AnsiString('hmacWithSHA1');
+  NID_hmacWithSHA1 = 163;
+
+  SN_sm2 = AnsiString('SM2');
+  LN_sm2 = AnsiString('sm2');
+  NID_sm2 = 1172;
+
+  SN_sm3 = AnsiString('SM3');
+  LN_sm3 = AnsiString('sm3');
+  NID_sm3 = 1143;
+
+  SN_sm3WithRSAEncryption = AnsiString('RSA-SM3');
+  LN_sm3WithRSAEncryption = AnsiString('sm3WithRSAEncryption');
+  NID_sm3WithRSAEncryption = 1144;
+
+  LN_hmacWithSHA224 = AnsiString('hmacWithSHA224');
+  NID_hmacWithSHA224 = 798;
+
+  LN_hmacWithSHA256 = AnsiString('hmacWithSHA256');
+  NID_hmacWithSHA256 = 799;
+
+  LN_hmacWithSHA384 = AnsiString('hmacWithSHA384');
+  NID_hmacWithSHA384 = 800;
+
+  LN_hmacWithSHA512 = AnsiString('hmacWithSHA512');
+  NID_hmacWithSHA512 = 801;
+
+  LN_hmacWithSHA512_224 = AnsiString('hmacWithSHA512-224');
+  NID_hmacWithSHA512_224 = 1193;
+
+  LN_hmacWithSHA512_256 = AnsiString('hmacWithSHA512-256');
+  NID_hmacWithSHA512_256 = 1194;
+
+  SN_rc2_cbc = AnsiString('RC2-CBC');
+  LN_rc2_cbc = AnsiString('rc2-cbc');
+  NID_rc2_cbc = 37;
+
+  SN_rc2_ecb = AnsiString('RC2-ECB');
+  LN_rc2_ecb = AnsiString('rc2-ecb');
+  NID_rc2_ecb = 38;
+
+  SN_rc2_cfb64 = AnsiString('RC2-CFB');
+  LN_rc2_cfb64 = AnsiString('rc2-cfb');
+  NID_rc2_cfb64 = 39;
+
+  SN_rc2_ofb64 = AnsiString('RC2-OFB');
+  LN_rc2_ofb64 = AnsiString('rc2-ofb');
+  NID_rc2_ofb64 = 40;
+
+  SN_rc2_40_cbc = AnsiString('RC2-40-CBC');
+  LN_rc2_40_cbc = AnsiString('rc2-40-cbc');
+  NID_rc2_40_cbc = 98;
+
+  SN_rc2_64_cbc = AnsiString('RC2-64-CBC');
+  LN_rc2_64_cbc = AnsiString('rc2-64-cbc');
+  NID_rc2_64_cbc = 166;
+
+  SN_rc4 = AnsiString('RC4');
+  LN_rc4 = AnsiString('rc4');
+  NID_rc4 = 5;
+
+  SN_rc4_40 = AnsiString('RC4-40');
+  LN_rc4_40 = AnsiString('rc4-40');
+  NID_rc4_40 = 97;
+
+  SN_des_ede3_cbc = AnsiString('DES-EDE3-CBC');
+  LN_des_ede3_cbc = AnsiString('des-ede3-cbc');
+  NID_des_ede3_cbc = 44;
+
+  SN_rc5_cbc = AnsiString('RC5-CBC');
+  LN_rc5_cbc = AnsiString('rc5-cbc');
+  NID_rc5_cbc = 120;
+
+  SN_rc5_ecb = AnsiString('RC5-ECB');
+  LN_rc5_ecb = AnsiString('rc5-ecb');
+  NID_rc5_ecb = 121;
+
+  SN_rc5_cfb64 = AnsiString('RC5-CFB');
+  LN_rc5_cfb64 = AnsiString('rc5-cfb');
+  NID_rc5_cfb64 = 122;
+
+  SN_rc5_ofb64 = AnsiString('RC5-OFB');
+  LN_rc5_ofb64 = AnsiString('rc5-ofb');
+  NID_rc5_ofb64 = 123;
+
+  SN_ms_ext_req = AnsiString('msExtReq');
+  LN_ms_ext_req = AnsiString('Microsoft Extension Request');
+  NID_ms_ext_req = 171;
+
+  SN_ms_code_ind = AnsiString('msCodeInd');
+  LN_ms_code_ind = AnsiString('Microsoft Individual Code Signing');
+  NID_ms_code_ind = 134;
+
+  SN_ms_code_com = AnsiString('msCodeCom');
+  LN_ms_code_com = AnsiString('Microsoft Commercial Code Signing');
+  NID_ms_code_com = 135;
+
+  SN_ms_ctl_sign = AnsiString('msCTLSign');
+  LN_ms_ctl_sign = AnsiString('Microsoft Trust List Signing');
+  NID_ms_ctl_sign = 136;
+
+  SN_ms_sgc = AnsiString('msSGC');
+  LN_ms_sgc = AnsiString('Microsoft Server Gated Crypto');
+  NID_ms_sgc = 137;
+
+  SN_ms_efs = AnsiString('msEFS');
+  LN_ms_efs = AnsiString('Microsoft Encrypted File System');
+  NID_ms_efs = 138;
+
+  SN_ms_smartcard_login = AnsiString('msSmartcardLogin');
+  LN_ms_smartcard_login = AnsiString('Microsoft Smartcard Login');
+  NID_ms_smartcard_login = 648;
+
+  SN_ms_upn = AnsiString('msUPN');
+  LN_ms_upn = AnsiString('Microsoft User Principal Name');
+  NID_ms_upn = 649;
+
+  SN_idea_cbc = AnsiString('IDEA-CBC');
+  LN_idea_cbc = AnsiString('idea-cbc');
+  NID_idea_cbc = 34;
+
+  SN_idea_ecb = AnsiString('IDEA-ECB');
+  LN_idea_ecb = AnsiString('idea-ecb');
+  NID_idea_ecb = 36;
+
+  SN_idea_cfb64 = AnsiString('IDEA-CFB');
+  LN_idea_cfb64 = AnsiString('idea-cfb');
+  NID_idea_cfb64 = 35;
+
+  SN_idea_ofb64 = AnsiString('IDEA-OFB');
+  LN_idea_ofb64 = AnsiString('idea-ofb');
+  NID_idea_ofb64 = 46;
+
+  SN_bf_cbc = AnsiString('BF-CBC');
+  LN_bf_cbc = AnsiString('bf-cbc');
+  NID_bf_cbc = 91;
+
+  SN_bf_ecb = AnsiString('BF-ECB');
+  LN_bf_ecb = AnsiString('bf-ecb');
+  NID_bf_ecb = 92;
+
+  SN_bf_cfb64 = AnsiString('BF-CFB');
+  LN_bf_cfb64 = AnsiString('bf-cfb');
+  NID_bf_cfb64 = 93;
+
+  SN_bf_ofb64 = AnsiString('BF-OFB');
+  LN_bf_ofb64 = AnsiString('bf-ofb');
+  NID_bf_ofb64 = 94;
+
+  SN_id_pkix = AnsiString('PKIX');
+  NID_id_pkix = 127;
+
+  SN_id_pkix_mod = AnsiString('id-pkix-mod');
+  NID_id_pkix_mod = 258;
+
+  SN_id_pe = AnsiString('id-pe');
+  NID_id_pe = 175;
+
+  SN_id_qt = AnsiString('id-qt');
+  NID_id_qt = 259;
+
+  SN_id_kp = AnsiString('id-kp');
+  NID_id_kp = 128;
+
+  SN_id_it = AnsiString('id-it');
+  NID_id_it = 260;
+
+  SN_id_pkip = AnsiString('id-pkip');
+  NID_id_pkip = 261;
+
+  SN_id_alg = AnsiString('id-alg');
+  NID_id_alg = 262;
+
+  SN_id_cmc = AnsiString('id-cmc');
+  NID_id_cmc = 263;
+
+  SN_id_on = AnsiString('id-on');
+  NID_id_on = 264;
+
+  SN_id_pda = AnsiString('id-pda');
+  NID_id_pda = 265;
+
+  SN_id_aca = AnsiString('id-aca');
+  NID_id_aca = 266;
+
+  SN_id_qcs = AnsiString('id-qcs');
+  NID_id_qcs = 267;
+
+  SN_id_cct = AnsiString('id-cct');
+  NID_id_cct = 268;
+
+  SN_id_ppl = AnsiString('id-ppl');
+  NID_id_ppl = 662;
+
+  SN_id_ad = AnsiString('id-ad');
+  NID_id_ad = 176;
+
+  SN_id_pkix1_explicit_88 = AnsiString('id-pkix1-explicit-88');
+  NID_id_pkix1_explicit_88 = 269;
+
+  SN_id_pkix1_implicit_88 = AnsiString('id-pkix1-implicit-88');
+  NID_id_pkix1_implicit_88 = 270;
+
+  SN_id_pkix1_explicit_93 = AnsiString('id-pkix1-explicit-93');
+  NID_id_pkix1_explicit_93 = 271;
+
+  SN_id_pkix1_implicit_93 = AnsiString('id-pkix1-implicit-93');
+  NID_id_pkix1_implicit_93 = 272;
+
+  SN_id_mod_crmf = AnsiString('id-mod-crmf');
+  NID_id_mod_crmf = 273;
+
+  SN_id_mod_cmc = AnsiString('id-mod-cmc');
+  NID_id_mod_cmc = 274;
+
+  SN_id_mod_kea_profile_88 = AnsiString('id-mod-kea-profile-88');
+  NID_id_mod_kea_profile_88 = 275;
+
+  SN_id_mod_kea_profile_93 = AnsiString('id-mod-kea-profile-93');
+  NID_id_mod_kea_profile_93 = 276;
+
+  SN_id_mod_cmp = AnsiString('id-mod-cmp');
+  NID_id_mod_cmp = 277;
+
+  SN_id_mod_qualified_cert_88 = AnsiString('id-mod-qualified-cert-88');
+  NID_id_mod_qualified_cert_88 = 278;
+
+  SN_id_mod_qualified_cert_93 = AnsiString('id-mod-qualified-cert-93');
+  NID_id_mod_qualified_cert_93 = 279;
+
+  SN_id_mod_attribute_cert = AnsiString('id-mod-attribute-cert');
+  NID_id_mod_attribute_cert = 280;
+
+  SN_id_mod_timestamp_protocol = AnsiString('id-mod-timestamp-protocol');
+  NID_id_mod_timestamp_protocol = 281;
+
+  SN_id_mod_ocsp = AnsiString('id-mod-ocsp');
+  NID_id_mod_ocsp = 282;
+
+  SN_id_mod_dvcs = AnsiString('id-mod-dvcs');
+  NID_id_mod_dvcs = 283;
+
+  SN_id_mod_cmp2000 = AnsiString('id-mod-cmp2000');
+  NID_id_mod_cmp2000 = 284;
+
+  SN_info_access = AnsiString('authorityInfoAccess');
+  LN_info_access = AnsiString('Authority Information Access');
+  NID_info_access = 177;
+
+  SN_biometricInfo = AnsiString('biometricInfo');
+  LN_biometricInfo = AnsiString('Biometric Info');
+  NID_biometricInfo = 285;
+
+  SN_qcStatements = AnsiString('qcStatements');
+  NID_qcStatements = 286;
+
+  SN_ac_auditEntity = AnsiString('ac-auditEntity');
+  NID_ac_auditEntity = 287;
+
+  SN_ac_targeting = AnsiString('ac-targeting');
+  NID_ac_targeting = 288;
+
+  SN_aaControls = AnsiString('aaControls');
+  NID_aaControls = 289;
+
+  SN_sbgp_ipAddrBlock = AnsiString('sbgp-ipAddrBlock');
+  NID_sbgp_ipAddrBlock = 290;
+
+  SN_sbgp_autonomousSysNum = AnsiString('sbgp-autonomousSysNum');
+  NID_sbgp_autonomousSysNum = 291;
+
+  SN_sbgp_routerIdentifier = AnsiString('sbgp-routerIdentifier');
+  NID_sbgp_routerIdentifier = 292;
+
+  SN_ac_proxying = AnsiString('ac-proxying');
+  NID_ac_proxying = 397;
+
+  SN_sinfo_access = AnsiString('subjectInfoAccess');
+  LN_sinfo_access = AnsiString('Subject Information Access');
+  NID_sinfo_access = 398;
+
+  SN_proxyCertInfo = AnsiString('proxyCertInfo');
+  LN_proxyCertInfo = AnsiString('Proxy Certificate Information');
+  NID_proxyCertInfo = 663;
+
+  SN_tlsfeature = AnsiString('tlsfeature');
+  LN_tlsfeature = AnsiString('TLS Feature');
+  NID_tlsfeature = 1020;
+
+  SN_id_qt_cps = AnsiString('id-qt-cps');
+  LN_id_qt_cps = AnsiString('Policy Qualifier CPS');
+  NID_id_qt_cps = 164;
+
+  SN_id_qt_unotice = AnsiString('id-qt-unotice');
+  LN_id_qt_unotice = AnsiString('Policy Qualifier User Notice');
+  NID_id_qt_unotice = 165;
+
+  SN_textNotice = AnsiString('textNotice');
+  NID_textNotice = 293;
+
+  SN_server_auth = AnsiString('serverAuth');
+  LN_server_auth = AnsiString('TLS Web Server Authentication');
+  NID_server_auth = 129;
+
+  SN_client_auth = AnsiString('clientAuth');
+  LN_client_auth = AnsiString('TLS Web Client Authentication');
+  NID_client_auth = 130;
+
+  SN_code_sign = AnsiString('codeSigning');
+  LN_code_sign = AnsiString('Code Signing');
+  NID_code_sign = 131;
+
+  SN_email_protect = AnsiString('emailProtection');
+  LN_email_protect = AnsiString('E-mail Protection');
+  NID_email_protect = 132;
+
+  SN_ipsecEndSystem = AnsiString('ipsecEndSystem');
+  LN_ipsecEndSystem = AnsiString('IPSec End System');
+  NID_ipsecEndSystem = 294;
+
+  SN_ipsecTunnel = AnsiString('ipsecTunnel');
+  LN_ipsecTunnel = AnsiString('IPSec Tunnel');
+  NID_ipsecTunnel = 295;
+
+  SN_ipsecUser = AnsiString('ipsecUser');
+  LN_ipsecUser = AnsiString('IPSec User');
+  NID_ipsecUser = 296;
+
+  SN_time_stamp = AnsiString('timeStamping');
+  LN_time_stamp = AnsiString('Time Stamping');
+  NID_time_stamp = 133;
+
+  SN_OCSP_sign = AnsiString('OCSPSigning');
+  LN_OCSP_sign = AnsiString('OCSP Signing');
+  NID_OCSP_sign = 180;
+
+  SN_dvcs = AnsiString('DVCS');
+  LN_dvcs = AnsiString('dvcs');
+  NID_dvcs = 297;
+
+  SN_ipsec_IKE = AnsiString('ipsecIKE');
+  LN_ipsec_IKE = AnsiString('ipsec Internet Key Exchange');
+  NID_ipsec_IKE = 1022;
+
+  SN_capwapAC = AnsiString('capwapAC');
+  LN_capwapAC = AnsiString('Ctrl/provision WAP Access');
+  NID_capwapAC = 1023;
+
+  SN_capwapWTP = AnsiString('capwapWTP');
+  LN_capwapWTP = AnsiString('Ctrl/Provision WAP Termination');
+  NID_capwapWTP = 1024;
+
+  SN_sshClient = AnsiString('secureShellClient');
+  LN_sshClient = AnsiString('SSH Client');
+  NID_sshClient = 1025;
+
+  SN_sshServer = AnsiString('secureShellServer');
+  LN_sshServer = AnsiString('SSH Server');
+  NID_sshServer = 1026;
+
+  SN_sendRouter = AnsiString('sendRouter');
+  LN_sendRouter = AnsiString('Send Router');
+  NID_sendRouter = 1027;
+
+  SN_sendProxiedRouter = AnsiString('sendProxiedRouter');
+  LN_sendProxiedRouter = AnsiString('Send Proxied Router');
+  NID_sendProxiedRouter = 1028;
+
+  SN_sendOwner = AnsiString('sendOwner');
+  LN_sendOwner = AnsiString('Send Owner');
+  NID_sendOwner = 1029;
+
+  SN_sendProxiedOwner = AnsiString('sendProxiedOwner');
+  LN_sendProxiedOwner = AnsiString('Send Proxied Owner');
+  NID_sendProxiedOwner = 1030;
+
+  SN_cmcCA = AnsiString('cmcCA');
+  LN_cmcCA = AnsiString('CMC Certificate Authority');
+  NID_cmcCA = 1131;
+
+  SN_cmcRA = AnsiString('cmcRA');
+  LN_cmcRA = AnsiString('CMC Registration Authority');
+  NID_cmcRA = 1132;
+
+  SN_id_it_caProtEncCert = AnsiString('id-it-caProtEncCert');
+  NID_id_it_caProtEncCert = 298;
+
+  SN_id_it_signKeyPairTypes = AnsiString('id-it-signKeyPairTypes');
+  NID_id_it_signKeyPairTypes = 299;
+
+  SN_id_it_encKeyPairTypes = AnsiString('id-it-encKeyPairTypes');
+  NID_id_it_encKeyPairTypes = 300;
+
+  SN_id_it_preferredSymmAlg = AnsiString('id-it-preferredSymmAlg');
+  NID_id_it_preferredSymmAlg = 301;
+
+  SN_id_it_caKeyUpdateInfo = AnsiString('id-it-caKeyUpdateInfo');
+  NID_id_it_caKeyUpdateInfo = 302;
+
+  SN_id_it_currentCRL = AnsiString('id-it-currentCRL');
+  NID_id_it_currentCRL = 303;
+
+  SN_id_it_unsupportedOIDs = AnsiString('id-it-unsupportedOIDs');
+  NID_id_it_unsupportedOIDs = 304;
+
+  SN_id_it_subscriptionRequest = AnsiString('id-it-subscriptionRequest');
+  NID_id_it_subscriptionRequest = 305;
+
+  SN_id_it_subscriptionResponse = AnsiString('id-it-subscriptionResponse');
+  NID_id_it_subscriptionResponse = 306;
+
+  SN_id_it_keyPairParamReq = AnsiString('id-it-keyPairParamReq');
+  NID_id_it_keyPairParamReq = 307;
+
+  SN_id_it_keyPairParamRep = AnsiString('id-it-keyPairParamRep');
+  NID_id_it_keyPairParamRep = 308;
+
+  SN_id_it_revPassphrase = AnsiString('id-it-revPassphrase');
+  NID_id_it_revPassphrase = 309;
+
+  SN_id_it_implicitConfirm = AnsiString('id-it-implicitConfirm');
+  NID_id_it_implicitConfirm = 310;
+
+  SN_id_it_confirmWaitTime = AnsiString('id-it-confirmWaitTime');
+  NID_id_it_confirmWaitTime = 311;
+
+  SN_id_it_origPKIMessage = AnsiString('id-it-origPKIMessage');
+  NID_id_it_origPKIMessage = 312;
+
+  SN_id_it_suppLangTags = AnsiString('id-it-suppLangTags');
+  NID_id_it_suppLangTags = 784;
+
+  SN_id_regCtrl = AnsiString('id-regCtrl');
+  NID_id_regCtrl = 313;
+
+  SN_id_regInfo = AnsiString('id-regInfo');
+  NID_id_regInfo = 314;
+
+  SN_id_regCtrl_regToken = AnsiString('id-regCtrl-regToken');
+  NID_id_regCtrl_regToken = 315;
+
+  SN_id_regCtrl_authenticator = AnsiString('id-regCtrl-authenticator');
+  NID_id_regCtrl_authenticator = 316;
+
+  SN_id_regCtrl_pkiPublicationInfo = AnsiString('id-regCtrl-pkiPublicationInfo');
+  NID_id_regCtrl_pkiPublicationInfo = 317;
+
+  SN_id_regCtrl_pkiArchiveOptions = AnsiString('id-regCtrl-pkiArchiveOptions');
+  NID_id_regCtrl_pkiArchiveOptions = 318;
+
+  SN_id_regCtrl_oldCertID = AnsiString('id-regCtrl-oldCertID');
+  NID_id_regCtrl_oldCertID = 319;
+
+  SN_id_regCtrl_protocolEncrKey = AnsiString('id-regCtrl-protocolEncrKey');
+  NID_id_regCtrl_protocolEncrKey = 320;
+
+  SN_id_regInfo_utf8Pairs = AnsiString('id-regInfo-utf8Pairs');
+  NID_id_regInfo_utf8Pairs = 321;
+
+  SN_id_regInfo_certReq = AnsiString('id-regInfo-certReq');
+  NID_id_regInfo_certReq = 322;
+
+  SN_id_alg_des40 = AnsiString('id-alg-des40');
+  NID_id_alg_des40 = 323;
+
+  SN_id_alg_noSignature = AnsiString('id-alg-noSignature');
+  NID_id_alg_noSignature = 324;
+
+  SN_id_alg_dh_sig_hmac_sha1 = AnsiString('id-alg-dh-sig-hmac-sha1');
+  NID_id_alg_dh_sig_hmac_sha1 = 325;
+
+  SN_id_alg_dh_pop = AnsiString('id-alg-dh-pop');
+  NID_id_alg_dh_pop = 326;
+
+  SN_id_cmc_statusInfo = AnsiString('id-cmc-statusInfo');
+  NID_id_cmc_statusInfo = 327;
+
+  SN_id_cmc_identification = AnsiString('id-cmc-identification');
+  NID_id_cmc_identification = 328;
+
+  SN_id_cmc_identityProof = AnsiString('id-cmc-identityProof');
+  NID_id_cmc_identityProof = 329;
+
+  SN_id_cmc_dataReturn = AnsiString('id-cmc-dataReturn');
+  NID_id_cmc_dataReturn = 330;
+
+  SN_id_cmc_transactionId = AnsiString('id-cmc-transactionId');
+  NID_id_cmc_transactionId = 331;
+
+  SN_id_cmc_senderNonce = AnsiString('id-cmc-senderNonce');
+  NID_id_cmc_senderNonce = 332;
+
+  SN_id_cmc_recipientNonce = AnsiString('id-cmc-recipientNonce');
+  NID_id_cmc_recipientNonce = 333;
+
+  SN_id_cmc_addExtensions = AnsiString('id-cmc-addExtensions');
+  NID_id_cmc_addExtensions = 334;
+
+  SN_id_cmc_encryptedPOP = AnsiString('id-cmc-encryptedPOP');
+  NID_id_cmc_encryptedPOP = 335;
+
+  SN_id_cmc_decryptedPOP = AnsiString('id-cmc-decryptedPOP');
+  NID_id_cmc_decryptedPOP = 336;
+
+  SN_id_cmc_lraPOPWitness = AnsiString('id-cmc-lraPOPWitness');
+  NID_id_cmc_lraPOPWitness = 337;
+
+  SN_id_cmc_getCert = AnsiString('id-cmc-getCert');
+  NID_id_cmc_getCert = 338;
+
+  SN_id_cmc_getCRL = AnsiString('id-cmc-getCRL');
+  NID_id_cmc_getCRL = 339;
+
+  SN_id_cmc_revokeRequest = AnsiString('id-cmc-revokeRequest');
+  NID_id_cmc_revokeRequest = 340;
+
+  SN_id_cmc_regInfo = AnsiString('id-cmc-regInfo');
+  NID_id_cmc_regInfo = 341;
+
+  SN_id_cmc_responseInfo = AnsiString('id-cmc-responseInfo');
+  NID_id_cmc_responseInfo = 342;
+
+  SN_id_cmc_queryPending = AnsiString('id-cmc-queryPending');
+  NID_id_cmc_queryPending = 343;
+
+  SN_id_cmc_popLinkRandom = AnsiString('id-cmc-popLinkRandom');
+  NID_id_cmc_popLinkRandom = 344;
+
+  SN_id_cmc_popLinkWitness = AnsiString('id-cmc-popLinkWitness');
+  NID_id_cmc_popLinkWitness = 345;
+
+  SN_id_cmc_confirmCertAcceptance = AnsiString('id-cmc-confirmCertAcceptance');
+  NID_id_cmc_confirmCertAcceptance = 346;
+
+  SN_id_on_personalData = AnsiString('id-on-personalData');
+  NID_id_on_personalData = 347;
+
+  SN_id_on_permanentIdentifier = AnsiString('id-on-permanentIdentifier');
+  LN_id_on_permanentIdentifier = AnsiString('Permanent Identifier');
+  NID_id_on_permanentIdentifier = 858;
+
+  SN_id_pda_dateOfBirth = AnsiString('id-pda-dateOfBirth');
+  NID_id_pda_dateOfBirth = 348;
+
+  SN_id_pda_placeOfBirth = AnsiString('id-pda-placeOfBirth');
+  NID_id_pda_placeOfBirth = 349;
+
+  SN_id_pda_gender = AnsiString('id-pda-gender');
+  NID_id_pda_gender = 351;
+
+  SN_id_pda_countryOfCitizenship = AnsiString('id-pda-countryOfCitizenship');
+  NID_id_pda_countryOfCitizenship = 352;
+
+  SN_id_pda_countryOfResidence = AnsiString('id-pda-countryOfResidence');
+  NID_id_pda_countryOfResidence = 353;
+
+  SN_id_aca_authenticationInfo = AnsiString('id-aca-authenticationInfo');
+  NID_id_aca_authenticationInfo = 354;
+
+  SN_id_aca_accessIdentity = AnsiString('id-aca-accessIdentity');
+  NID_id_aca_accessIdentity = 355;
+
+  SN_id_aca_chargingIdentity = AnsiString('id-aca-chargingIdentity');
+  NID_id_aca_chargingIdentity = 356;
+
+  SN_id_aca_group = AnsiString('id-aca-group');
+  NID_id_aca_group = 357;
+
+  SN_id_aca_role = AnsiString('id-aca-role');
+  NID_id_aca_role = 358;
+
+  SN_id_aca_encAttrs = AnsiString('id-aca-encAttrs');
+  NID_id_aca_encAttrs = 399;
+
+  SN_id_qcs_pkixQCSyntax_v1 = AnsiString('id-qcs-pkixQCSyntax-v1');
+  NID_id_qcs_pkixQCSyntax_v1 = 359;
+
+  SN_id_cct_crs = AnsiString('id-cct-crs');
+  NID_id_cct_crs = 360;
+
+  SN_id_cct_PKIData = AnsiString('id-cct-PKIData');
+  NID_id_cct_PKIData = 361;
+
+  SN_id_cct_PKIResponse = AnsiString('id-cct-PKIResponse');
+  NID_id_cct_PKIResponse = 362;
+
+  SN_id_ppl_anyLanguage = AnsiString('id-ppl-anyLanguage');
+  LN_id_ppl_anyLanguage = AnsiString('Any language');
+
+  NID_id_ppl_anyLanguage = 664;
+  SN_id_ppl_inheritAll = AnsiString('id-ppl-inheritAll');
+
+  LN_id_ppl_inheritAll = AnsiString('Inherit all');
+  NID_id_ppl_inheritAll = 665;
+
+  SN_Independent = AnsiString('id-ppl-independent');
+  LN_Independent = AnsiString('Independent');
+  NID_Independent = 667;
+
+  SN_ad_OCSP = AnsiString('OCSP');
+  LN_ad_OCSP = AnsiString('OCSP');
+  NID_ad_OCSP = 178;
+
+  SN_ad_ca_issuers = AnsiString('caIssuers');
+  LN_ad_ca_issuers = AnsiString('CA Issuers');
+  NID_ad_ca_issuers = 179;
+
+  SN_ad_timeStamping = AnsiString('ad_timestamping');
+  LN_ad_timeStamping = AnsiString('AD Time Stamping');
+  NID_ad_timeStamping = 363;
+
+  SN_ad_dvcs = AnsiString('AD_DVCS');
+  LN_ad_dvcs = AnsiString('ad dvcs');
+  NID_ad_dvcs = 364;
+
+  SN_caRepository = AnsiString('caRepository');
+  LN_caRepository = AnsiString('CA Repository');
+  NID_caRepository = 785;
+
+  SN_id_pkix_OCSP_basic = AnsiString('basicOCSPResponse');
+  LN_id_pkix_OCSP_basic = AnsiString('Basic OCSP Response');
+  NID_id_pkix_OCSP_basic = 365;
+
+  SN_id_pkix_OCSP_Nonce = AnsiString('Nonce');
+  LN_id_pkix_OCSP_Nonce = AnsiString('OCSP Nonce');
+  NID_id_pkix_OCSP_Nonce = 366;
+
+  SN_id_pkix_OCSP_CrlID = AnsiString('CrlID');
+  LN_id_pkix_OCSP_CrlID = AnsiString('OCSP CRL ID');
+  NID_id_pkix_OCSP_CrlID = 367;
+
+  SN_id_pkix_OCSP_acceptableResponses = AnsiString('acceptableResponses');
+  LN_id_pkix_OCSP_acceptableResponses = AnsiString('Acceptable OCSP Responses');
+  NID_id_pkix_OCSP_acceptableResponses = 368;
+
+  SN_id_pkix_OCSP_noCheck = AnsiString('noCheck');
+  LN_id_pkix_OCSP_noCheck = AnsiString('OCSP No Check');
+  NID_id_pkix_OCSP_noCheck = 369;
+
+  SN_id_pkix_OCSP_archiveCutoff = AnsiString('archiveCutoff');
+  LN_id_pkix_OCSP_archiveCutoff = AnsiString('OCSP Archive Cutoff');
+  NID_id_pkix_OCSP_archiveCutoff = 370;
+
+  SN_id_pkix_OCSP_serviceLocator = AnsiString('serviceLocator');
+  LN_id_pkix_OCSP_serviceLocator = AnsiString('OCSP Service Locator');
+  NID_id_pkix_OCSP_serviceLocator = 371;
+
+  SN_id_pkix_OCSP_extendedStatus = AnsiString('extendedStatus');
+  LN_id_pkix_OCSP_extendedStatus = AnsiString('Extended OCSP Status');
+  NID_id_pkix_OCSP_extendedStatus = 372;
+
+  SN_id_pkix_OCSP_valid = AnsiString('valid');
+  NID_id_pkix_OCSP_valid = 373;
+
+  SN_id_pkix_OCSP_path = AnsiString('path');
+  NID_id_pkix_OCSP_path = 374;
+
+  SN_id_pkix_OCSP_trustRoot = AnsiString('trustRoot');
+  LN_id_pkix_OCSP_trustRoot = AnsiString('Trust Root');
+  NID_id_pkix_OCSP_trustRoot = 375;
+
+  SN_algorithm = AnsiString('algorithm');
+  LN_algorithm = AnsiString('algorithm');
+  NID_algorithm = 376;
+
+  SN_md5WithRSA = AnsiString('RSA-NP-MD5');
+  LN_md5WithRSA = AnsiString('md5WithRSA');
+  NID_md5WithRSA = 104;
+
+  SN_des_ecb = AnsiString('DES-ECB');
+  LN_des_ecb = AnsiString('des-ecb');
+  NID_des_ecb = 29;
+
+  SN_des_cbc = AnsiString('DES-CBC');
+  LN_des_cbc = AnsiString('des-cbc');
+  NID_des_cbc = 31;
+
+  SN_des_ofb64 = AnsiString('DES-OFB');
+  LN_des_ofb64 = AnsiString('des-ofb');
+  NID_des_ofb64 = 45;
+
+  SN_des_cfb64 = AnsiString('DES-CFB');
+  LN_des_cfb64 = AnsiString('des-cfb');
+  NID_des_cfb64 = 30;
+
+  SN_rsaSignature = AnsiString('rsaSignature');
+  NID_rsaSignature = 377;
+
+  SN_dsa_2 = AnsiString('DSA-old');
+  LN_dsa_2 = AnsiString('dsaEncryption-old');
+  NID_dsa_2 = 67;
+
+  SN_dsaWithSHA = AnsiString('DSA-SHA');
+  LN_dsaWithSHA = AnsiString('dsaWithSHA');
+  NID_dsaWithSHA = 66;
+
+  SN_shaWithRSAEncryption = AnsiString('RSA-SHA');
+  LN_shaWithRSAEncryption = AnsiString('shaWithRSAEncryption');
+  NID_shaWithRSAEncryption = 42;
+
+  SN_des_ede_ecb = AnsiString('DES-EDE');
+  LN_des_ede_ecb = AnsiString('des-ede');
+  NID_des_ede_ecb = 32;
+
+  SN_des_ede3_ecb = AnsiString('DES-EDE3');
+  LN_des_ede3_ecb = AnsiString('des-ede3');
+  NID_des_ede3_ecb = 33;
+
+  SN_des_ede_cbc = AnsiString('DES-EDE-CBC');
+  LN_des_ede_cbc = AnsiString('des-ede-cbc');
+  NID_des_ede_cbc = 43;
+
+  SN_des_ede_cfb64 = AnsiString('DES-EDE-CFB');
+  LN_des_ede_cfb64 = AnsiString('des-ede-cfb');
+  NID_des_ede_cfb64 = 60;
+
+  SN_des_ede3_cfb64 = AnsiString('DES-EDE3-CFB');
+  LN_des_ede3_cfb64 = AnsiString('des-ede3-cfb');
+  NID_des_ede3_cfb64 = 61;
+
+  SN_des_ede_ofb64 = AnsiString('DES-EDE-OFB');
+  LN_des_ede_ofb64 = AnsiString('des-ede-ofb');
+  NID_des_ede_ofb64 = 62;
+
+  SN_des_ede3_ofb64 = AnsiString('DES-EDE3-OFB');
+  LN_des_ede3_ofb64 = AnsiString('des-ede3-ofb');
+  NID_des_ede3_ofb64 = 63;
+
+  SN_desx_cbc = AnsiString('DESX-CBC');
+  LN_desx_cbc = AnsiString('desx-cbc');
+  NID_desx_cbc = 80;
+
+  SN_sha = AnsiString('SHA');
+  LN_sha = AnsiString('sha');
+  NID_sha = 41;
+
+  SN_sha1 = AnsiString('SHA1');
+  LN_sha1 = AnsiString('sha1');
+  NID_sha1 = 64;
+
+  SN_dsaWithSHA1_2 = AnsiString('DSA-SHA1-old');
+  LN_dsaWithSHA1_2 = AnsiString('dsaWithSHA1-old');
+  NID_dsaWithSHA1_2 = 70;
+
+  SN_sha1WithRSA = AnsiString('RSA-SHA1-2');
+  LN_sha1WithRSA = AnsiString('sha1WithRSA');
+  NID_sha1WithRSA = 115;
+
+  SN_ripemd160 = AnsiString('RIPEMD160');
+  LN_ripemd160 = AnsiString('ripemd160');
+  NID_ripemd160 = 117;
+
+  SN_ripemd160WithRSA = AnsiString('RSA-RIPEMD160');
+  LN_ripemd160WithRSA = AnsiString('ripemd160WithRSA');
+  NID_ripemd160WithRSA = 119;
+
+  SN_blake2b512 = AnsiString('BLAKE2b512');
+  LN_blake2b512 = AnsiString('blake2b512');
+  NID_blake2b512 = 1056;
+
+  SN_blake2s256 = AnsiString('BLAKE2s256');
+  LN_blake2s256 = AnsiString('blake2s256');
+  NID_blake2s256 = 1057;
+
+  SN_sxnet = AnsiString('SXNetID');
+  LN_sxnet = AnsiString('Strong Extranet ID');
+  NID_sxnet = 143;
+
+  SN_X500 = AnsiString('X500');
+  LN_X500 = AnsiString('directory services(X.500)');
+  NID_X500 = 11;
+
+  SN_X509 = AnsiString('X509');
+  NID_X509 = 12;
+
+  SN_commonName = AnsiString('CN');
+  LN_commonName = AnsiString('commonName');
+  NID_commonName = 13;
+
+  SN_surname = AnsiString('SN');
+  LN_surname = AnsiString('surname');
+  NID_surname = 100;
+
+  LN_serialNumber = AnsiString('serialNumber');
+  NID_serialNumber = 105;
+
+  SN_countryName = AnsiString('C');
+  LN_countryName = AnsiString('countryName');
+  NID_countryName = 14;
+
+  SN_localityName = AnsiString('L');
+  LN_localityName = AnsiString('localityName');
+  NID_localityName = 15;
+
+  SN_stateOrProvinceName = AnsiString('ST');
+  LN_stateOrProvinceName = AnsiString('stateOrProvinceName');
+  NID_stateOrProvinceName = 16;
+
+  SN_streetAddress = AnsiString('street');
+  LN_streetAddress = AnsiString('streetAddress');
+  NID_streetAddress = 660;
+
+  SN_organizationName = AnsiString('O');
+  LN_organizationName = AnsiString('organizationName');
+  NID_organizationName = 17;
+
+  SN_organizationalUnitName = AnsiString('OU');
+  LN_organizationalUnitName = AnsiString('organizationalUnitName');
+  NID_organizationalUnitName = 18;
+
+  SN_title = AnsiString('title');
+  LN_title = AnsiString('title');
+  NID_title = 106;
+
+  LN_description = AnsiString('description');
+  NID_description = 107;
+
+  LN_searchGuide = AnsiString('searchGuide');
+  NID_searchGuide = 859;
+  LN_businessCategory = AnsiString('businessCategory');
+  NID_businessCategory = 860;
+
+  LN_postalAddress = AnsiString('postalAddress');
+  NID_postalAddress = 861;
+
+  LN_postalCode = AnsiString('postalCode');
+  NID_postalCode = 661;
+
+  LN_postOfficeBox = AnsiString('postOfficeBox');
+  NID_postOfficeBox = 862;
+
+  LN_physicalDeliveryOfficeName = AnsiString('physicalDeliveryOfficeName');
+  NID_physicalDeliveryOfficeName = 863;
+
+  LN_telephoneNumber = AnsiString('telephoneNumber');
+  NID_telephoneNumber = 864;
+
+  LN_telexNumber = AnsiString('telexNumber');
+  NID_telexNumber = 865;
+
+  LN_teletexTerminalIdentifier = AnsiString('teletexTerminalIdentifier');
+  NID_teletexTerminalIdentifier = 866;
+
+  LN_facsimileTelephoneNumber = AnsiString('facsimileTelephoneNumber');
+  NID_facsimileTelephoneNumber = 867;
+
+  LN_x121Address = AnsiString('x121Address');
+  NID_x121Address = 868;
+
+  LN_internationaliSDNNumber = AnsiString('internationaliSDNNumber');
+  NID_internationaliSDNNumber = 869;
+
+  LN_registeredAddress = AnsiString('registeredAddress');
+  NID_registeredAddress = 870;
+
+  LN_destinationIndicator = AnsiString('destinationIndicator');
+  NID_destinationIndicator = 871;
+
+  LN_preferredDeliveryMethod = AnsiString('preferredDeliveryMethod');
+  NID_preferredDeliveryMethod = 872;
+
+  LN_presentationAddress = AnsiString('presentationAddress');
+  NID_presentationAddress = 873;
+
+  LN_supportedApplicationContext = AnsiString('supportedApplicationContext');
+  NID_supportedApplicationContext = 874;
+
+  SN_member = AnsiString('member');
+  NID_member = 875;
+
+  SN_owner = AnsiString('owner');
+  NID_owner = 876;
+
+  LN_roleOccupant = AnsiString('roleOccupant');
+  NID_roleOccupant = 877;
+
+  SN_seeAlso = AnsiString('seeAlso');
+  NID_seeAlso = 878;
+
+  LN_userPassword = AnsiString('userPassword');
+  NID_userPassword = 879;
+
+  LN_userCertificate = AnsiString('userCertificate');
+  NID_userCertificate = 880;
+
+  LN_cACertificate = AnsiString('cACertificate');
+  NID_cACertificate = 881;
+
+  LN_authorityRevocationList = AnsiString('authorityRevocationList');
+  NID_authorityRevocationList = 882;
+
+  LN_certificateRevocationList = AnsiString('certificateRevocationList');
+  NID_certificateRevocationList = 883;
+
+  LN_crossCertificatePair = AnsiString('crossCertificatePair');
+  NID_crossCertificatePair = 884;
+
+  SN_name = AnsiString('name');
+  LN_name = AnsiString('name');
+  NID_name = 173;
+
+  SN_givenName = AnsiString('GN');
+  LN_givenName = AnsiString('givenName');
+  NID_givenName = 99;
+
+  SN_initials = AnsiString('initials');
+  LN_initials = AnsiString('initials');
+  NID_initials = 101;
+
+  LN_generationQualifier = AnsiString('generationQualifier');
+  NID_generationQualifier = 509;
+
+  LN_x500UniqueIdentifier = AnsiString('x500UniqueIdentifier');
+  NID_x500UniqueIdentifier = 503;
+
+  SN_dnQualifier = AnsiString('dnQualifier');
+  LN_dnQualifier = AnsiString('dnQualifier');
+  NID_dnQualifier = 174;
+
+  LN_enhancedSearchGuide = AnsiString('enhancedSearchGuide');
+  NID_enhancedSearchGuide = 885;
+
+  LN_protocolInformation = AnsiString('protocolInformation');
+  NID_protocolInformation = 886;
+
+  LN_distinguishedName = AnsiString('distinguishedName');
+  NID_distinguishedName = 887;
+
+  LN_uniqueMember = AnsiString('uniqueMember');
+  NID_uniqueMember = 888;
+
+  LN_houseIdentifier = AnsiString('houseIdentifier');
+  NID_houseIdentifier = 889;
+
+  LN_supportedAlgorithms = AnsiString('supportedAlgorithms');
+  NID_supportedAlgorithms = 890;
+
+  LN_deltaRevocationList = AnsiString('deltaRevocationList');
+  NID_deltaRevocationList = 891;
+
+  SN_dmdName = AnsiString('dmdName');
+  NID_dmdName = 892;
+
+  LN_pseudonym = AnsiString('pseudonym');
+  NID_pseudonym = 510;
+
+  SN_role = AnsiString('role');
+  LN_role = AnsiString('role');
+  NID_role = 400;
+
+  LN_organizationIdentifier = AnsiString('organizationIdentifier');
+  NID_organizationIdentifier = 1089;
+
+  SN_countryCode3c = AnsiString('c3');
+  LN_countryCode3c = AnsiString('countryCode3c');
+  NID_countryCode3c = 1090;
+
+  SN_countryCode3n = AnsiString('n3');
+  LN_countryCode3n = AnsiString('countryCode3n');
+  NID_countryCode3n = 1091;
+
+  LN_dnsName = AnsiString('dnsName');
+  NID_dnsName = 1092;
+
+  SN_X500algorithms = AnsiString('X500algorithms');
+  LN_X500algorithms = AnsiString('directory services - algorithms');
+  NID_X500algorithms = 378;
+
+  SN_rsa = AnsiString('RSA');
+  LN_rsa = AnsiString('rsa');
+  NID_rsa = 19;
+
+  SN_mdc2WithRSA = AnsiString('RSA-MDC2');
+  LN_mdc2WithRSA = AnsiString('mdc2WithRSA');
+  NID_mdc2WithRSA = 96;
+
+  SN_mdc2 = AnsiString('MDC2');
+  LN_mdc2 = AnsiString('mdc2');
+  NID_mdc2 = 95;
+
+  SN_id_ce = AnsiString('id-ce');
+  NID_id_ce = 81;
+
+  SN_subject_directory_attributes = AnsiString('subjectDirectoryAttributes');
+  LN_subject_directory_attributes = AnsiString('X509v3 Subject Directory Attributes');
+  NID_subject_directory_attributes = 769;
+
+  SN_subject_key_identifier = AnsiString('subjectKeyIdentifier');
+  LN_subject_key_identifier = AnsiString('X509v3 Subject Key Identifier');
+  NID_subject_key_identifier = 82;
+
+  SN_key_usage = AnsiString('keyUsage');
+  LN_key_usage = AnsiString('X509v3 Key Usage');
+  NID_key_usage = 83;
+
+  SN_private_key_usage_period = AnsiString('privateKeyUsagePeriod');
+  LN_private_key_usage_period = AnsiString('X509v3 Private Key Usage Period');
+  NID_private_key_usage_period = 84;
+
+  SN_subject_alt_name = AnsiString('subjectAltName');
+  LN_subject_alt_name = AnsiString('X509v3 Subject Alternative Name');
+  NID_subject_alt_name = 85;
+
+  SN_issuer_alt_name = AnsiString('issuerAltName');
+  LN_issuer_alt_name = AnsiString('X509v3 Issuer Alternative Name');
+  NID_issuer_alt_name = 86;
+
+  SN_basic_constraints = AnsiString('basicConstraints');
+  LN_basic_constraints = AnsiString('X509v3 Basic Constraints');
+  NID_basic_constraints = 87;
+
+  SN_crl_number = AnsiString('crlNumber');
+  LN_crl_number = AnsiString('X509v3 CRL Number');
+  NID_crl_number = 88;
+
+  SN_crl_reason = AnsiString('CRLReason');
+  LN_crl_reason = AnsiString('X509v3 CRL Reason Code');
+  NID_crl_reason = 141;
+
+  SN_invalidity_date = AnsiString('invalidityDate');
+  LN_invalidity_date = AnsiString('Invalidity Date');
+  NID_invalidity_date = 142;
+
+  SN_delta_crl = AnsiString('deltaCRL');
+  LN_delta_crl = AnsiString('X509v3 Delta CRL Indicator');
+  NID_delta_crl = 140;
+
+  SN_issuing_distribution_point = AnsiString('issuingDistributionPoint');
+  LN_issuing_distribution_point = AnsiString('X509v3 Issuing Distribution Point');
+  NID_issuing_distribution_point = 770;
+
+  SN_certificate_issuer = AnsiString('certificateIssuer');
+  LN_certificate_issuer = AnsiString('X509v3 Certificate Issuer');
+  NID_certificate_issuer = 771;
+
+  SN_name_constraints = AnsiString('nameConstraints');
+  LN_name_constraints = AnsiString('X509v3 Name Constraints');
+  NID_name_constraints = 666;
+
+  SN_crl_distribution_points = AnsiString('crlDistributionPoints');
+  LN_crl_distribution_points = AnsiString('X509v3 CRL Distribution Points');
+  NID_crl_distribution_points = 103;
+
+  SN_certificate_policies = AnsiString('certificatePolicies');
+  LN_certificate_policies = AnsiString('X509v3 Certificate Policies');
+  NID_certificate_policies = 89;
+
+  SN_any_policy = AnsiString('anyPolicy');
+  LN_any_policy = AnsiString('X509v3 Any Policy');
+  NID_any_policy = 746;
+
+  SN_policy_mappings = AnsiString('policyMappings');
+  LN_policy_mappings = AnsiString('X509v3 Policy Mappings');
+  NID_policy_mappings = 747;
+
+  SN_authority_key_identifier = AnsiString('authorityKeyIdentifier');
+  LN_authority_key_identifier = AnsiString('X509v3 Authority Key Identifier');
+  NID_authority_key_identifier = 90;
+
+  SN_policy_constraints = AnsiString('policyConstraints');
+  LN_policy_constraints = AnsiString('X509v3 Policy Constraints');
+  NID_policy_constraints = 401;
+
+  SN_ext_key_usage = AnsiString('extendedKeyUsage');
+  LN_ext_key_usage = AnsiString('X509v3 Extended Key Usage');
+  NID_ext_key_usage = 126;
+
+  SN_freshest_crl = AnsiString('freshestCRL');
+  LN_freshest_crl = AnsiString('X509v3 Freshest CRL');
+  NID_freshest_crl = 857;
+
+  SN_inhibit_any_policy = AnsiString('inhibitAnyPolicy');
+  LN_inhibit_any_policy = AnsiString('X509v3 Inhibit Any Policy');
+  NID_inhibit_any_policy = 748;
+
+  SN_target_information = AnsiString('targetInformation');
+  LN_target_information = AnsiString('X509v3 AC Targeting');
+  NID_target_information = 402;
+
+  SN_no_rev_avail = AnsiString('noRevAvail');
+  LN_no_rev_avail = AnsiString('X509v3 No Revocation Available');
+  NID_no_rev_avail = 403;
+
+  SN_anyExtendedKeyUsage = AnsiString('anyExtendedKeyUsage');
+  LN_anyExtendedKeyUsage = AnsiString('Any Extended Key Usage');
+  NID_anyExtendedKeyUsage = 910;
+
+  SN_netscape = AnsiString('Netscape');
+  LN_netscape = AnsiString('Netscape Communications Corp.');
+  NID_netscape = 57;
+
+  SN_netscape_cert_extension = AnsiString('nsCertExt');
+  LN_netscape_cert_extension = AnsiString('Netscape Certificate Extension');
+  NID_netscape_cert_extension = 58;
+
+  SN_netscape_data_type = AnsiString('nsDataType');
+  LN_netscape_data_type = AnsiString('Netscape Data Type');
+  NID_netscape_data_type = 59;
+
+  SN_netscape_cert_type = AnsiString('nsCertType');
+  LN_netscape_cert_type = AnsiString('Netscape Cert Type');
+  NID_netscape_cert_type = 71;
+
+  SN_netscape_base_url = AnsiString('nsBaseUrl');
+  LN_netscape_base_url = AnsiString('Netscape Base Url');
+  NID_netscape_base_url = 72;
+
+  SN_netscape_revocation_url = AnsiString('nsRevocationUrl');
+  LN_netscape_revocation_url = AnsiString('Netscape Revocation Url');
+  NID_netscape_revocation_url = 73;
+
+  SN_netscape_ca_revocation_url = AnsiString('nsCaRevocationUrl');
+  LN_netscape_ca_revocation_url = AnsiString('Netscape CA Revocation Url');
+  NID_netscape_ca_revocation_url = 74;
+
+  SN_netscape_renewal_url = AnsiString('nsRenewalUrl');
+  LN_netscape_renewal_url = AnsiString('Netscape Renewal Url');
+  NID_netscape_renewal_url = 75;
+
+  SN_netscape_ca_policy_url = AnsiString('nsCaPolicyUrl');
+  LN_netscape_ca_policy_url = AnsiString('Netscape CA Policy Url');
+  NID_netscape_ca_policy_url = 76;
+
+  SN_netscape_ssl_server_name = AnsiString('nsSslServerName');
+  LN_netscape_ssl_server_name = AnsiString('Netscape Server: SSl Name');
+  NID_netscape_ssl_server_name = 77;
+
+  SN_netscape_comment = AnsiString('nsComment');
+  LN_netscape_comment = AnsiString('Netscape Comment');
+  NID_netscape_comment = 78;
+
+  SN_netscape_cert_sequence = AnsiString('nsCertSequence');
+  LN_netscape_cert_sequence = AnsiString('Netscape Certificate Sequence');
+  NID_netscape_cert_sequence = 79;
+
+  SN_ns_sgc = AnsiString('nsSGC');
+  LN_ns_sgc = AnsiString('Netscape Server Gated Crypto');
+  NID_ns_sgc = 139;
+
+  SN_org = AnsiString('ORG');
+  LN_org = AnsiString('org');
+  NID_org = 379;
+
+  SN_dod = AnsiString('DOD');
+  LN_dod = AnsiString('dod');
+  NID_dod = 380;
+
+  SN_iana = AnsiString('IANA');
+  LN_iana = AnsiString('iana');
+  NID_iana = 381;
+
+  SN_Directory = AnsiString('directory');
+  LN_Directory = AnsiString('Directory');
+  NID_Directory = 382;
+
+  SN_Management = AnsiString('mgmt');
+  LN_Management = AnsiString('Management');
+  NID_Management = 383;
+
+  SN_Experimental = AnsiString('experimental');
+  LN_Experimental = AnsiString('Experimental');
+  NID_Experimental = 384;
+
+  SN_Private = AnsiString('private');
+  LN_Private = AnsiString('Private');
+  NID_Private = 385;
+
+  SN_Security = AnsiString('security');
+  LN_Security = AnsiString('Security');
+  NID_Security = 386;
+
+  SN_SNMPv2 = AnsiString('snmpv2');
+  LN_SNMPv2 = AnsiString('SNMPv2');
+  NID_SNMPv2 = 387;
+
+  LN_Mail = AnsiString('Mail');
+  NID_Mail = 388;
+
+  SN_Enterprises = AnsiString('enterprises');
+  LN_Enterprises = AnsiString('Enterprises');
+  NID_Enterprises = 389;
+
+  SN_dcObject = AnsiString('dcobject');
+  LN_dcObject = AnsiString('dcObject');
+  NID_dcObject = 390;
+
+  SN_mime_mhs = AnsiString('mime-mhs');
+  LN_mime_mhs = AnsiString('MIME MHS');
+  NID_mime_mhs = 504;
+
+  SN_mime_mhs_headings = AnsiString('mime-mhs-headings');
+  LN_mime_mhs_headings = AnsiString('mime-mhs-headings');
+  NID_mime_mhs_headings = 505;
+
+  SN_mime_mhs_bodies = AnsiString('mime-mhs-bodies');
+  LN_mime_mhs_bodies = AnsiString('mime-mhs-bodies');
+  NID_mime_mhs_bodies = 506;
+
+  SN_id_hex_partial_message = AnsiString('id-hex-partial-message');
+  LN_id_hex_partial_message = AnsiString('id-hex-partial-message');
+  NID_id_hex_partial_message = 507;
+
+  SN_id_hex_multipart_message = AnsiString('id-hex-multipart-message');
+  LN_id_hex_multipart_message = AnsiString('id-hex-multipart-message');
+  NID_id_hex_multipart_message = 508;
+
+  SN_zlib_compression = AnsiString('ZLIB');
+  LN_zlib_compression = AnsiString('zlib compression');
+  NID_zlib_compression = 125;
+
+  SN_aes_128_ecb = AnsiString('AES-128-ECB');
+  LN_aes_128_ecb = AnsiString('aes-128-ecb');
+  NID_aes_128_ecb = 418;
+
+  SN_aes_128_cbc = AnsiString('AES-128-CBC');
+  LN_aes_128_cbc = AnsiString('aes-128-cbc');
+  NID_aes_128_cbc = 419;
+
+  SN_aes_128_ofb128 = AnsiString('AES-128-OFB');
+  LN_aes_128_ofb128 = AnsiString('aes-128-ofb');
+  NID_aes_128_ofb128 = 420;
+
+  SN_aes_128_cfb128 = AnsiString('AES-128-CFB');
+  LN_aes_128_cfb128 = AnsiString('aes-128-cfb');
+  NID_aes_128_cfb128 = 421;
+
+  SN_id_aes128_wrap = AnsiString('id-aes128-wrap');
+  NID_id_aes128_wrap = 788;
+
+  SN_aes_128_gcm = AnsiString('id-aes128-GCM');
+  LN_aes_128_gcm = AnsiString('aes-128-gcm');
+  NID_aes_128_gcm = 895;
+
+  SN_aes_128_ccm = AnsiString('id-aes128-CCM');
+  LN_aes_128_ccm = AnsiString('aes-128-ccm');
+  NID_aes_128_ccm = 896;
+
+  SN_id_aes128_wrap_pad = AnsiString('id-aes128-wrap-pad');
+  NID_id_aes128_wrap_pad = 897;
+
+  SN_aes_192_ecb = AnsiString('AES-192-ECB');
+  LN_aes_192_ecb = AnsiString('aes-192-ecb');
+  NID_aes_192_ecb = 422;
+
+  SN_aes_192_cbc = AnsiString('AES-192-CBC');
+  LN_aes_192_cbc = AnsiString('aes-192-cbc');
+  NID_aes_192_cbc = 423;
+
+  SN_aes_192_ofb128 = AnsiString('AES-192-OFB');
+  LN_aes_192_ofb128 = AnsiString('aes-192-ofb');
+  NID_aes_192_ofb128 = 424;
+
+  SN_aes_192_cfb128 = AnsiString('AES-192-CFB');
+  LN_aes_192_cfb128 = AnsiString('aes-192-cfb');
+  NID_aes_192_cfb128 = 425;
+
+  SN_id_aes192_wrap = AnsiString('id-aes192-wrap');
+  NID_id_aes192_wrap = 789;
+
+  SN_aes_192_gcm = AnsiString('id-aes192-GCM');
+  LN_aes_192_gcm = AnsiString('aes-192-gcm');
+  NID_aes_192_gcm = 898;
+
+  SN_aes_192_ccm = AnsiString('id-aes192-CCM');
+  LN_aes_192_ccm = AnsiString('aes-192-ccm');
+  NID_aes_192_ccm = 899;
+
+  SN_id_aes192_wrap_pad = AnsiString('id-aes192-wrap-pad');
+  NID_id_aes192_wrap_pad = 900;
+
+  SN_aes_256_ecb = AnsiString('AES-256-ECB');
+  LN_aes_256_ecb = AnsiString('aes-256-ecb');
+  NID_aes_256_ecb = 426;
+
+  SN_aes_256_cbc = AnsiString('AES-256-CBC');
+  LN_aes_256_cbc = AnsiString('aes-256-cbc');
+  NID_aes_256_cbc = 427;
+
+  SN_aes_256_ofb128 = AnsiString('AES-256-OFB');
+  LN_aes_256_ofb128 = AnsiString('aes-256-ofb');
+  NID_aes_256_ofb128 = 428;
+
+  SN_aes_256_cfb128 = AnsiString('AES-256-CFB');
+  LN_aes_256_cfb128 = AnsiString('aes-256-cfb');
+  NID_aes_256_cfb128 = 429;
+
+  SN_id_aes256_wrap = AnsiString('id-aes256-wrap');
+  NID_id_aes256_wrap = 790;
+
+  SN_aes_256_gcm = AnsiString('id-aes256-GCM');
+  LN_aes_256_gcm = AnsiString('aes-256-gcm');
+  NID_aes_256_gcm = 901;
+
+  SN_aes_256_ccm = AnsiString('id-aes256-CCM');
+  LN_aes_256_ccm = AnsiString('aes-256-ccm');
+  NID_aes_256_ccm = 902;
+
+  SN_id_aes256_wrap_pad = AnsiString('id-aes256-wrap-pad');
+  NID_id_aes256_wrap_pad = 903;
+
+  SN_aes_128_xts = AnsiString('AES-128-XTS');
+  LN_aes_128_xts = AnsiString('aes-128-xts');
+  NID_aes_128_xts = 913;
+
+  SN_aes_256_xts = AnsiString('AES-256-XTS');
+  LN_aes_256_xts = AnsiString('aes-256-xts');
+  NID_aes_256_xts = 914;
+
+  SN_aes_128_cfb1 = AnsiString('AES-128-CFB1');
+  LN_aes_128_cfb1 = AnsiString('aes-128-cfb1');
+  NID_aes_128_cfb1 = 650;
+
+  SN_aes_192_cfb1 = AnsiString('AES-192-CFB1');
+  LN_aes_192_cfb1 = AnsiString('aes-192-cfb1');
+  NID_aes_192_cfb1 = 651;
+
+  SN_aes_256_cfb1 = AnsiString('AES-256-CFB1');
+  LN_aes_256_cfb1 = AnsiString('aes-256-cfb1');
+  NID_aes_256_cfb1 = 652;
+
+  SN_aes_128_cfb8 = AnsiString('AES-128-CFB8');
+  LN_aes_128_cfb8 = AnsiString('aes-128-cfb8');
+  NID_aes_128_cfb8 = 653;
+
+  SN_aes_192_cfb8 = AnsiString('AES-192-CFB8');
+  LN_aes_192_cfb8 = AnsiString('aes-192-cfb8');
+  NID_aes_192_cfb8 = 654;
+
+  SN_aes_256_cfb8 = AnsiString('AES-256-CFB8');
+  LN_aes_256_cfb8 = AnsiString('aes-256-cfb8');
+  NID_aes_256_cfb8 = 655;
+
+  SN_aes_128_ctr = AnsiString('AES-128-CTR');
+  LN_aes_128_ctr = AnsiString('aes-128-ctr');
+  NID_aes_128_ctr = 904;
+
+  SN_aes_192_ctr = AnsiString('AES-192-CTR');
+  LN_aes_192_ctr = AnsiString('aes-192-ctr');
+  NID_aes_192_ctr = 905;
+
+  SN_aes_256_ctr = AnsiString('AES-256-CTR');
+  LN_aes_256_ctr = AnsiString('aes-256-ctr');
+  NID_aes_256_ctr = 906;
+
+  SN_aes_128_ocb = AnsiString('AES-128-OCB');
+  LN_aes_128_ocb = AnsiString('aes-128-ocb');
+  NID_aes_128_ocb = 958;
+
+  SN_aes_192_ocb = AnsiString('AES-192-OCB');
+  LN_aes_192_ocb = AnsiString('aes-192-ocb');
+  NID_aes_192_ocb = 959;
+
+  SN_aes_256_ocb = AnsiString('AES-256-OCB');
+  LN_aes_256_ocb = AnsiString('aes-256-ocb');
+  NID_aes_256_ocb = 960;
+
+  SN_des_cfb1 = AnsiString('DES-CFB1');
+  LN_des_cfb1 = AnsiString('des-cfb1');
+  NID_des_cfb1 = 656;
+
+  SN_des_cfb8 = AnsiString('DES-CFB8');
+  LN_des_cfb8 = AnsiString('des-cfb8');
+  NID_des_cfb8 = 657;
+
+  SN_des_ede3_cfb1 = AnsiString('DES-EDE3-CFB1');
+  LN_des_ede3_cfb1 = AnsiString('des-ede3-cfb1');
+  NID_des_ede3_cfb1 = 658;
+
+  SN_des_ede3_cfb8 = AnsiString('DES-EDE3-CFB8');
+  LN_des_ede3_cfb8 = AnsiString('des-ede3-cfb8');
+  NID_des_ede3_cfb8 = 659;
+
+  SN_sha256 = AnsiString('SHA256');
+  LN_sha256 = AnsiString('sha256');
+  NID_sha256 = 672;
+
+  SN_sha384 = AnsiString('SHA384');
+  LN_sha384 = AnsiString('sha384');
+  NID_sha384 = 673;
+
+  SN_sha512 = AnsiString('SHA512');
+  LN_sha512 = AnsiString('sha512');
+  NID_sha512 = 674;
+
+  SN_sha224 = AnsiString('SHA224');
+  LN_sha224 = AnsiString('sha224');
+  NID_sha224 = 675;
+
+  SN_sha512_224 = AnsiString('SHA512-224');
+  LN_sha512_224 = AnsiString('sha512-224');
+  NID_sha512_224 = 1094;
+
+  SN_sha512_256 = AnsiString('SHA512-256');
+  LN_sha512_256 = AnsiString('sha512-256');
+  NID_sha512_256 = 1095;
+
+  SN_sha3_224 = AnsiString('SHA3-224');
+  LN_sha3_224 = AnsiString('sha3-224');
+  NID_sha3_224 = 1096;
+
+  SN_sha3_256 = AnsiString('SHA3-256');
+  LN_sha3_256 = AnsiString('sha3-256');
+  NID_sha3_256 = 1097;
+
+  SN_sha3_384 = AnsiString('SHA3-384');
+  LN_sha3_384 = AnsiString('sha3-384');
+  NID_sha3_384 = 1098;
+
+  SN_sha3_512 = AnsiString('SHA3-512');
+  LN_sha3_512 = AnsiString('sha3-512');
+  NID_sha3_512 = 1099;
+
+  SN_shake128 = AnsiString('SHAKE128');
+  LN_shake128 = AnsiString('shake128');
+  NID_shake128 = 1100;
+
+  SN_shake256 = AnsiString('SHAKE256');
+  LN_shake256 = AnsiString('shake256');
+  NID_shake256 = 1101;
+
+  SN_hmac_sha3_224 = AnsiString('id-hmacWithSHA3-224');
+  LN_hmac_sha3_224 = AnsiString('hmac-sha3-224');
+  NID_hmac_sha3_224 = 1102;
+
+  SN_hmac_sha3_256 = AnsiString('id-hmacWithSHA3-256');
+  LN_hmac_sha3_256 = AnsiString('hmac-sha3-256');
+  NID_hmac_sha3_256 = 1103;
+
+  SN_hmac_sha3_384 = AnsiString('id-hmacWithSHA3-384');
+  LN_hmac_sha3_384 = AnsiString('hmac-sha3-384');
+  NID_hmac_sha3_384 = 1104;
+
+  SN_hmac_sha3_512 = AnsiString('id-hmacWithSHA3-512');
+  LN_hmac_sha3_512 = AnsiString('hmac-sha3-512');
+  NID_hmac_sha3_512 = 1105;
+
+  SN_dsa_with_SHA224 = AnsiString('dsa_with_SHA224');
+  NID_dsa_with_SHA224 = 802;
+
+  SN_dsa_with_SHA256 = AnsiString('dsa_with_SHA256');
+  NID_dsa_with_SHA256 = 803;
+
+  SN_dsa_with_SHA384 = AnsiString('id-dsa-with-sha384');
+  LN_dsa_with_SHA384 = AnsiString('dsa_with_SHA384');
+  NID_dsa_with_SHA384 = 1106;
+
+  SN_dsa_with_SHA512 = AnsiString('id-dsa-with-sha512');
+  LN_dsa_with_SHA512 = AnsiString('dsa_with_SHA512');
+  NID_dsa_with_SHA512 = 1107;
+
+  SN_dsa_with_SHA3_224 = AnsiString('id-dsa-with-sha3-224');
+  LN_dsa_with_SHA3_224 = AnsiString('dsa_with_SHA3-224');
+  NID_dsa_with_SHA3_224 = 1108;
+
+  SN_dsa_with_SHA3_256 = AnsiString('id-dsa-with-sha3-256');
+  LN_dsa_with_SHA3_256 = AnsiString('dsa_with_SHA3-256');
+  NID_dsa_with_SHA3_256 = 1109;
+
+  SN_dsa_with_SHA3_384 = AnsiString('id-dsa-with-sha3-384');
+  LN_dsa_with_SHA3_384 = AnsiString('dsa_with_SHA3-384');
+  NID_dsa_with_SHA3_384 = 1110;
+
+  SN_dsa_with_SHA3_512 = AnsiString('id-dsa-with-sha3-512');
+  LN_dsa_with_SHA3_512 = AnsiString('dsa_with_SHA3-512');
+  NID_dsa_with_SHA3_512 = 1111;
+
+  SN_ecdsa_with_SHA3_224 = AnsiString('id-ecdsa-with-sha3-224');
+  LN_ecdsa_with_SHA3_224 = AnsiString('ecdsa_with_SHA3-224');
+  NID_ecdsa_with_SHA3_224 = 1112;
+
+  SN_ecdsa_with_SHA3_256 = AnsiString('id-ecdsa-with-sha3-256');
+  LN_ecdsa_with_SHA3_256 = AnsiString('ecdsa_with_SHA3-256');
+  NID_ecdsa_with_SHA3_256 = 1113;
+
+  SN_ecdsa_with_SHA3_384 = AnsiString('id-ecdsa-with-sha3-384');
+  LN_ecdsa_with_SHA3_384 = AnsiString('ecdsa_with_SHA3-384');
+  NID_ecdsa_with_SHA3_384 = 1114;
+
+  SN_ecdsa_with_SHA3_512 = AnsiString('id-ecdsa-with-sha3-512');
+  LN_ecdsa_with_SHA3_512 = AnsiString('ecdsa_with_SHA3-512');
+  NID_ecdsa_with_SHA3_512 = 1115;
+
+  SN_RSA_SHA3_224 = AnsiString('id-rsassa-pkcs1-v1_5-with-sha3-224');
+  LN_RSA_SHA3_224 = AnsiString('RSA-SHA3-224');
+  NID_RSA_SHA3_224 = 1116;
+
+  SN_RSA_SHA3_256 = AnsiString('id-rsassa-pkcs1-v1_5-with-sha3-256');
+  LN_RSA_SHA3_256 = AnsiString('RSA-SHA3-256');
+  NID_RSA_SHA3_256 = 1117;
+
+  SN_RSA_SHA3_384 = AnsiString('id-rsassa-pkcs1-v1_5-with-sha3-384');
+  LN_RSA_SHA3_384 = AnsiString('RSA-SHA3-384');
+  NID_RSA_SHA3_384 = 1118;
+
+  SN_RSA_SHA3_512 = AnsiString('id-rsassa-pkcs1-v1_5-with-sha3-512');
+  LN_RSA_SHA3_512 = AnsiString('RSA-SHA3-512');
+  NID_RSA_SHA3_512 = 1119;
+
+  SN_hold_instruction_code = AnsiString('holdInstructionCode');
+  LN_hold_instruction_code = AnsiString('Hold Instruction Code');
+  NID_hold_instruction_code = 430;
+
+  SN_hold_instruction_none = AnsiString('holdInstructionNone');
+  LN_hold_instruction_none = AnsiString('Hold Instruction None');
+  NID_hold_instruction_none = 431;
+
+  SN_hold_instruction_call_issuer = AnsiString('holdInstructionCallIssuer');
+  LN_hold_instruction_call_issuer = AnsiString('Hold Instruction Call Issuer');
+  NID_hold_instruction_call_issuer = 432;
+
+  SN_hold_instruction_reject = AnsiString('holdInstructionReject');
+  LN_hold_instruction_reject = AnsiString('Hold Instruction Reject');
+  NID_hold_instruction_reject = 433;
+
+  SN_data = AnsiString('data');
+  NID_data = 434;
+
+  SN_pss = AnsiString('pss');
+  NID_pss = 435;
+
+  SN_ucl = AnsiString('ucl');
+  NID_ucl = 436;
+
+  SN_pilot = AnsiString('pilot');
+  NID_pilot = 437;
+
+  LN_pilotAttributeType = AnsiString('pilotAttributeType');
+  NID_pilotAttributeType = 438;
+
+  LN_pilotAttributeSyntax = AnsiString('pilotAttributeSyntax');
+  NID_pilotAttributeSyntax = 439;
+
+  LN_pilotObjectClass = AnsiString('pilotObjectClass');
+  NID_pilotObjectClass = 440;
+
+  LN_pilotGroups = AnsiString('pilotGroups');
+  NID_pilotGroups = 441;
+
+  LN_iA5StringSyntax = AnsiString('iA5StringSyntax');
+  NID_iA5StringSyntax = 442;
+
+  LN_caseIgnoreIA5StringSyntax = AnsiString('caseIgnoreIA5StringSyntax');
+  NID_caseIgnoreIA5StringSyntax = 443;
+
+  LN_pilotObject = AnsiString('pilotObject');
+  NID_pilotObject = 444;
+
+  LN_pilotPerson = AnsiString('pilotPerson');
+  NID_pilotPerson = 445;
+
+  SN_account = AnsiString('account');
+  NID_account = 446;
+
+  SN_document = AnsiString('document');
+  NID_document = 447;
+
+  SN_room = AnsiString('room');
+  NID_room = 448;
+
+  LN_documentSeries = AnsiString('documentSeries');
+  NID_documentSeries = 449;
+
+  SN_Domain = AnsiString('domain');
+  LN_Domain = AnsiString('Domain');
+  NID_Domain = 392;
+
+  LN_rFC822localPart = AnsiString('rFC822localPart');
+  NID_rFC822localPart = 450;
+
+  LN_dNSDomain = AnsiString('dNSDomain');
+  NID_dNSDomain = 451;
+
+  LN_domainRelatedObject = AnsiString('domainRelatedObject');
+  NID_domainRelatedObject = 452;
+
+  LN_friendlyCountry = AnsiString('friendlyCountry');
+  NID_friendlyCountry = 453;
+
+  LN_simpleSecurityObject = AnsiString('simpleSecurityObject');
+  NID_simpleSecurityObject = 454;
+
+  LN_pilotOrganization = AnsiString('pilotOrganization');
+  NID_pilotOrganization = 455;
+
+  LN_pilotDSA = AnsiString('pilotDSA');
+  NID_pilotDSA = 456;
+
+  LN_qualityLabelledData = AnsiString('qualityLabelledData');
+  NID_qualityLabelledData = 457;
+
+  SN_userId = AnsiString('UID');
+  LN_userId = AnsiString('userId');
+  NID_userId = 458;
+
+  LN_textEncodedORAddress = AnsiString('textEncodedORAddress');
+  NID_textEncodedORAddress = 459;
+
+  SN_rfc822Mailbox = AnsiString('mail');
+  LN_rfc822Mailbox = AnsiString('rfc822Mailbox');
+  NID_rfc822Mailbox = 460;
+
+  SN_info = AnsiString('info');
+  NID_info = 461;
+
+  LN_favouriteDrink = AnsiString('favouriteDrink');
+  NID_favouriteDrink = 462;
+
+  LN_roomNumber = AnsiString('roomNumber');
+  NID_roomNumber = 463;
+
+  SN_photo = AnsiString('photo');
+  NID_photo = 464;
+
+  LN_userClass = AnsiString('userClass');
+  NID_userClass = 465;
+
+  SN_host = AnsiString('host');
+  NID_host = 466;
+
+  SN_manager = AnsiString('manager');
+  NID_manager = 467;
+
+  LN_documentIdentifier = AnsiString('documentIdentifier');
+  NID_documentIdentifier = 468;
+
+  LN_documentTitle = AnsiString('documentTitle');
+  NID_documentTitle = 469;
+
+  LN_documentVersion = AnsiString('documentVersion');
+  NID_documentVersion = 470;
+
+  LN_documentAuthor = AnsiString('documentAuthor');
+  NID_documentAuthor = 471;
+
+  LN_documentLocation = AnsiString('documentLocation');
+  NID_documentLocation = 472;
+
+  LN_homeTelephoneNumber = AnsiString('homeTelephoneNumber');
+  NID_homeTelephoneNumber = 473;
+
+  SN_secretary = AnsiString('secretary');
+  NID_secretary = 474;
+
+  LN_otherMailbox = AnsiString('otherMailbox');
+  NID_otherMailbox = 475;
+
+  LN_lastModifiedTime = AnsiString('lastModifiedTime');
+  NID_lastModifiedTime = 476;
+
+  LN_lastModifiedBy = AnsiString('lastModifiedBy');
+  NID_lastModifiedBy = 477;
+
+  SN_domainComponent = AnsiString('DC');
+  LN_domainComponent = AnsiString('domainComponent');
+  NID_domainComponent = 391;
+
+  LN_aRecord = AnsiString('aRecord');
+  NID_aRecord = 478;
+
+  LN_pilotAttributeType27 = AnsiString('pilotAttributeType27');
+  NID_pilotAttributeType27 = 479;
+
+  LN_mXRecord = AnsiString('mXRecord');
+  NID_mXRecord = 480;
+
+  LN_nSRecord = AnsiString('nSRecord');
+  NID_nSRecord = 481;
+
+  LN_sOARecord = AnsiString('sOARecord');
+  NID_sOARecord = 482;
+
+  LN_cNAMERecord = AnsiString('cNAMERecord');
+  NID_cNAMERecord = 483;
+
+  LN_associatedDomain = AnsiString('associatedDomain');
+  NID_associatedDomain = 484;
+
+  LN_associatedName = AnsiString('associatedName');
+  NID_associatedName = 485;
+
+  LN_homePostalAddress = AnsiString('homePostalAddress');
+  NID_homePostalAddress = 486;
+
+  LN_personalTitle = AnsiString('personalTitle');
+  NID_personalTitle = 487;
+
+  LN_mobileTelephoneNumber = AnsiString('mobileTelephoneNumber');
+  NID_mobileTelephoneNumber = 488;
+
+  LN_pagerTelephoneNumber = AnsiString('pagerTelephoneNumber');
+  NID_pagerTelephoneNumber = 489;
+
+  LN_friendlyCountryName = AnsiString('friendlyCountryName');
+  NID_friendlyCountryName = 490;
+
+  SN_uniqueIdentifier = AnsiString('uid');
+  LN_uniqueIdentifier = AnsiString('uniqueIdentifier');
+  NID_uniqueIdentifier = 102;
+
+  LN_organizationalStatus = AnsiString('organizationalStatus');
+  NID_organizationalStatus = 491;
+
+  LN_janetMailbox = AnsiString('janetMailbox');
+  NID_janetMailbox = 492;
+  LN_mailPreferenceOption = AnsiString('mailPreferenceOption');
+  NID_mailPreferenceOption = 493;
+
+  LN_buildingName = AnsiString('buildingName');
+  NID_buildingName = 494;
+
+  LN_dSAQuality = AnsiString('dSAQuality');
+  NID_dSAQuality = 495;
+
+  LN_singleLevelQuality = AnsiString('singleLevelQuality');
+  NID_singleLevelQuality = 496;
+
+  LN_subtreeMinimumQuality = AnsiString('subtreeMinimumQuality');
+  NID_subtreeMinimumQuality = 497;
+
+  LN_subtreeMaximumQuality = AnsiString('subtreeMaximumQuality');
+  NID_subtreeMaximumQuality = 498;
+
+  LN_personalSignature = AnsiString('personalSignature');
+  NID_personalSignature = 499;
+
+  LN_dITRedirect = AnsiString('dITRedirect');
+  NID_dITRedirect = 500;
+
+  SN_audio = AnsiString('audio');
+  NID_audio = 501;
+
+  LN_documentPublisher = AnsiString('documentPublisher');
+  NID_documentPublisher = 502;
+
+  SN_id_set = AnsiString('id-set');
+  LN_id_set = AnsiString('Secure Electronic Transactions');
+  NID_id_set = 512;
+
+  SN_set_ctype = AnsiString('set-ctype');
+  LN_set_ctype = AnsiString('content types');
+  NID_set_ctype = 513;
+
+  SN_set_msgExt = AnsiString('set-msgExt');
+  LN_set_msgExt = AnsiString('message extensions');
+  NID_set_msgExt = 514;
+
+  SN_set_attr = AnsiString('set-attr');
+  NID_set_attr = 515;
+
+  SN_set_policy = AnsiString('set-policy');
+  NID_set_policy = 516;
+
+  SN_set_certExt = AnsiString('set-certExt');
+  LN_set_certExt = AnsiString('certificate extensions');
+  NID_set_certExt = 517;
+
+  SN_set_brand = AnsiString('set-brand');
+  NID_set_brand = 518;
+
+  SN_setct_PANData = AnsiString('setct-PANData');
+  NID_setct_PANData = 519;
+
+  SN_setct_PANToken = AnsiString('setct-PANToken');
+  NID_setct_PANToken = 520;
+
+  SN_setct_PANOnly = AnsiString('setct-PANOnly');
+  NID_setct_PANOnly = 521;
+
+  SN_setct_OIData = AnsiString('setct-OIData');
+  NID_setct_OIData = 522;
+
+  SN_setct_PI = AnsiString('setct-PI');
+  NID_setct_PI = 523;
+
+  SN_setct_PIData = AnsiString('setct-PIData');
+  NID_setct_PIData = 524;
+
+  SN_setct_PIDataUnsigned = AnsiString('setct-PIDataUnsigned');
+  NID_setct_PIDataUnsigned = 525;
+
+  SN_setct_HODInput = AnsiString('setct-HODInput');
+  NID_setct_HODInput = 526;
+
+  SN_setct_AuthResBaggage = AnsiString('setct-AuthResBaggage');
+  NID_setct_AuthResBaggage = 527;
+
+  SN_setct_AuthRevReqBaggage = AnsiString('setct-AuthRevReqBaggage');
+  NID_setct_AuthRevReqBaggage = 528;
+
+  SN_setct_AuthRevResBaggage = AnsiString('setct-AuthRevResBaggage');
+  NID_setct_AuthRevResBaggage = 529;
+
+  SN_setct_CapTokenSeq = AnsiString('setct-CapTokenSeq');
+  NID_setct_CapTokenSeq = 530;
+
+  SN_setct_PInitResData = AnsiString('setct-PInitResData');
+  NID_setct_PInitResData = 531;
+
+  SN_setct_PI_TBS = AnsiString('setct-PI-TBS');
+  NID_setct_PI_TBS = 532;
+
+  SN_setct_PResData = AnsiString('setct-PResData');
+  NID_setct_PResData = 533;
+
+  SN_setct_AuthReqTBS = AnsiString('setct-AuthReqTBS');
+  NID_setct_AuthReqTBS = 534;
+
+  SN_setct_AuthResTBS = AnsiString('setct-AuthResTBS');
+  NID_setct_AuthResTBS = 535;
+
+  SN_setct_AuthResTBSX = AnsiString('setct-AuthResTBSX');
+  NID_setct_AuthResTBSX = 536;
+
+  SN_setct_AuthTokenTBS = AnsiString('setct-AuthTokenTBS');
+  NID_setct_AuthTokenTBS = 537;
+
+  SN_setct_CapTokenData = AnsiString('setct-CapTokenData');
+  NID_setct_CapTokenData = 538;
+
+  SN_setct_CapTokenTBS = AnsiString('setct-CapTokenTBS');
+  NID_setct_CapTokenTBS = 539;
+
+  SN_setct_AcqCardCodeMsg = AnsiString('setct-AcqCardCodeMsg');
+  NID_setct_AcqCardCodeMsg = 540;
+
+  SN_setct_AuthRevReqTBS = AnsiString('setct-AuthRevReqTBS');
+  NID_setct_AuthRevReqTBS = 541;
+
+  SN_setct_AuthRevResData = AnsiString('setct-AuthRevResData');
+  NID_setct_AuthRevResData = 542;
+
+  SN_setct_AuthRevResTBS = AnsiString('setct-AuthRevResTBS');
+  NID_setct_AuthRevResTBS = 543;
+
+  SN_setct_CapReqTBS = AnsiString('setct-CapReqTBS');
+  NID_setct_CapReqTBS = 544;
+
+  SN_setct_CapReqTBSX = AnsiString('setct-CapReqTBSX');
+  NID_setct_CapReqTBSX = 545;
+
+  SN_setct_CapResData = AnsiString('setct-CapResData');
+  NID_setct_CapResData = 546;
+
+  SN_setct_CapRevReqTBS = AnsiString('setct-CapRevReqTBS');
+  NID_setct_CapRevReqTBS = 547;
+
+  SN_setct_CapRevReqTBSX = AnsiString('setct-CapRevReqTBSX');
+  NID_setct_CapRevReqTBSX = 548;
+
+  SN_setct_CapRevResData = AnsiString('setct-CapRevResData');
+  NID_setct_CapRevResData = 549;
+
+  SN_setct_CredReqTBS = AnsiString('setct-CredReqTBS');
+  NID_setct_CredReqTBS = 550;
+
+  SN_setct_CredReqTBSX = AnsiString('setct-CredReqTBSX');
+  NID_setct_CredReqTBSX = 551;
+
+  SN_setct_CredResData = AnsiString('setct-CredResData');
+  NID_setct_CredResData = 552;
+
+  SN_setct_CredRevReqTBS = AnsiString('setct-CredRevReqTBS');
+  NID_setct_CredRevReqTBS = 553;
+
+  SN_setct_CredRevReqTBSX = AnsiString('setct-CredRevReqTBSX');
+  NID_setct_CredRevReqTBSX = 554;
+
+  SN_setct_CredRevResData = AnsiString('setct-CredRevResData');
+  NID_setct_CredRevResData = 555;
+
+  SN_setct_PCertReqData = AnsiString('setct-PCertReqData');
+  NID_setct_PCertReqData = 556;
+
+  SN_setct_PCertResTBS = AnsiString('setct-PCertResTBS');
+  NID_setct_PCertResTBS = 557;
+
+  SN_setct_BatchAdminReqData = AnsiString('setct-BatchAdminReqData');
+  NID_setct_BatchAdminReqData = 558;
+
+  SN_setct_BatchAdminResData = AnsiString('setct-BatchAdminResData');
+  NID_setct_BatchAdminResData = 559;
+
+  SN_setct_CardCInitResTBS = AnsiString('setct-CardCInitResTBS');
+  NID_setct_CardCInitResTBS = 560;
+
+  SN_setct_MeAqCInitResTBS = AnsiString('setct-MeAqCInitResTBS');
+  NID_setct_MeAqCInitResTBS = 561;
+
+  SN_setct_RegFormResTBS = AnsiString('setct-RegFormResTBS');
+  NID_setct_RegFormResTBS = 562;
+
+  SN_setct_CertReqData = AnsiString('setct-CertReqData');
+  NID_setct_CertReqData = 563;
+
+  SN_setct_CertReqTBS = AnsiString('setct-CertReqTBS');
+  NID_setct_CertReqTBS = 564;
+
+  SN_setct_CertResData = AnsiString('setct-CertResData');
+  NID_setct_CertResData = 565;
+
+  SN_setct_CertInqReqTBS = AnsiString('setct-CertInqReqTBS');
+  NID_setct_CertInqReqTBS = 566;
+
+  SN_setct_ErrorTBS = AnsiString('setct-ErrorTBS');
+  NID_setct_ErrorTBS = 567;
+
+  SN_setct_PIDualSignedTBE = AnsiString('setct-PIDualSignedTBE');
+  NID_setct_PIDualSignedTBE = 568;
+
+  SN_setct_PIUnsignedTBE = AnsiString('setct-PIUnsignedTBE');
+  NID_setct_PIUnsignedTBE = 569;
+
+  SN_setct_AuthReqTBE = AnsiString('setct-AuthReqTBE');
+  NID_setct_AuthReqTBE = 570;
+
+  SN_setct_AuthResTBE = AnsiString('setct-AuthResTBE');
+  NID_setct_AuthResTBE = 571;
+
+  SN_setct_AuthResTBEX = AnsiString('setct-AuthResTBEX');
+  NID_setct_AuthResTBEX = 572;
+
+  SN_setct_AuthTokenTBE = AnsiString('setct-AuthTokenTBE');
+  NID_setct_AuthTokenTBE = 573;
+
+  SN_setct_CapTokenTBE = AnsiString('setct-CapTokenTBE');
+  NID_setct_CapTokenTBE = 574;
+
+  SN_setct_CapTokenTBEX = AnsiString('setct-CapTokenTBEX');
+  NID_setct_CapTokenTBEX = 575;
+
+  SN_setct_AcqCardCodeMsgTBE = AnsiString('setct-AcqCardCodeMsgTBE');
+  NID_setct_AcqCardCodeMsgTBE = 576;
+
+  SN_setct_AuthRevReqTBE = AnsiString('setct-AuthRevReqTBE');
+  NID_setct_AuthRevReqTBE = 577;
+
+  SN_setct_AuthRevResTBE = AnsiString('setct-AuthRevResTBE');
+  NID_setct_AuthRevResTBE = 578;
+
+  SN_setct_AuthRevResTBEB = AnsiString('setct-AuthRevResTBEB');
+  NID_setct_AuthRevResTBEB = 579;
+
+  SN_setct_CapReqTBE = AnsiString('setct-CapReqTBE');
+  NID_setct_CapReqTBE = 580;
+
+  SN_setct_CapReqTBEX = AnsiString('setct-CapReqTBEX');
+  NID_setct_CapReqTBEX = 581;
+
+  SN_setct_CapResTBE = AnsiString('setct-CapResTBE');
+  NID_setct_CapResTBE = 582;
+
+  SN_setct_CapRevReqTBE = AnsiString('setct-CapRevReqTBE');
+  NID_setct_CapRevReqTBE = 583;
+
+  SN_setct_CapRevReqTBEX = AnsiString('setct-CapRevReqTBEX');
+  NID_setct_CapRevReqTBEX = 584;
+
+  SN_setct_CapRevResTBE = AnsiString('setct-CapRevResTBE');
+  NID_setct_CapRevResTBE = 585;
+
+  SN_setct_CredReqTBE = AnsiString('setct-CredReqTBE');
+  NID_setct_CredReqTBE = 586;
+
+  SN_setct_CredReqTBEX = AnsiString('setct-CredReqTBEX');
+  NID_setct_CredReqTBEX = 587;
+
+  SN_setct_CredResTBE = AnsiString('setct-CredResTBE');
+  NID_setct_CredResTBE = 588;
+
+  SN_setct_CredRevReqTBE = AnsiString('setct-CredRevReqTBE');
+  NID_setct_CredRevReqTBE = 589;
+
+  SN_setct_CredRevReqTBEX = AnsiString('setct-CredRevReqTBEX');
+  NID_setct_CredRevReqTBEX = 590;
+
+  SN_setct_CredRevResTBE = AnsiString('setct-CredRevResTBE');
+  NID_setct_CredRevResTBE = 591;
+
+  SN_setct_BatchAdminReqTBE = AnsiString('setct-BatchAdminReqTBE');
+  NID_setct_BatchAdminReqTBE = 592;
+
+  SN_setct_BatchAdminResTBE = AnsiString('setct-BatchAdminResTBE');
+  NID_setct_BatchAdminResTBE = 593;
+
+  SN_setct_RegFormReqTBE = AnsiString('setct-RegFormReqTBE');
+  NID_setct_RegFormReqTBE = 594;
+
+  SN_setct_CertReqTBE = AnsiString('setct-CertReqTBE');
+  NID_setct_CertReqTBE = 595;
+
+  SN_setct_CertReqTBEX = AnsiString('setct-CertReqTBEX');
+  NID_setct_CertReqTBEX = 596;
+
+  SN_setct_CertResTBE = AnsiString('setct-CertResTBE');
+  NID_setct_CertResTBE = 597;
+
+  SN_setct_CRLNotificationTBS = AnsiString('setct-CRLNotificationTBS');
+  NID_setct_CRLNotificationTBS = 598;
+
+  SN_setct_CRLNotificationResTBS = AnsiString('setct-CRLNotificationResTBS');
+  NID_setct_CRLNotificationResTBS = 599;
+
+  SN_setct_BCIDistributionTBS = AnsiString('setct-BCIDistributionTBS');
+  NID_setct_BCIDistributionTBS = 600;
+
+  SN_setext_genCrypt = AnsiString('setext-genCrypt');
+  LN_setext_genCrypt = AnsiString('generic cryptogram');
+  NID_setext_genCrypt = 601;
+
+  SN_setext_miAuth = AnsiString('setext-miAuth');
+  LN_setext_miAuth = AnsiString('merchant initiated auth');
+  NID_setext_miAuth = 602;
+
+  SN_setext_pinSecure = AnsiString('setext-pinSecure');
+  NID_setext_pinSecure = 603;
+
+  SN_setext_pinAny = AnsiString('setext-pinAny');
+  NID_setext_pinAny = 604;
+
+  SN_setext_track2 = AnsiString('setext-track2');
+  NID_setext_track2 = 605;
+
+  SN_setext_cv = AnsiString('setext-cv');
+  LN_setext_cv = AnsiString('additional verification');
+  NID_setext_cv = 606;
+
+  SN_set_policy_root = AnsiString('set-policy-root');
+  NID_set_policy_root = 607;
+
+  SN_setCext_hashedRoot = AnsiString('setCext-hashedRoot');
+  NID_setCext_hashedRoot = 608;
+
+  SN_setCext_certType = AnsiString('setCext-certType');
+  NID_setCext_certType = 609;
+
+  SN_setCext_merchData = AnsiString('setCext-merchData');
+  NID_setCext_merchData = 610;
+
+  SN_setCext_cCertRequired = AnsiString('setCext-cCertRequired');
+  NID_setCext_cCertRequired = 611;
+
+  SN_setCext_tunneling = AnsiString('setCext-tunneling');
+  NID_setCext_tunneling = 612;
+
+  SN_setCext_setExt = AnsiString('setCext-setExt');
+  NID_setCext_setExt = 613;
+
+  SN_setCext_setQualf = AnsiString('setCext-setQualf');
+  NID_setCext_setQualf = 614;
+
+  SN_setCext_PGWYcapabilities = AnsiString('setCext-PGWYcapabilities');
+  NID_setCext_PGWYcapabilities = 615;
+
+  SN_setCext_TokenIdentifier = AnsiString('setCext-TokenIdentifier');
+  NID_setCext_TokenIdentifier = 616;
+
+  SN_setCext_Track2Data = AnsiString('setCext-Track2Data');
+  NID_setCext_Track2Data = 617;
+
+  SN_setCext_TokenType = AnsiString('setCext-TokenType');
+  NID_setCext_TokenType = 618;
+
+  SN_setCext_IssuerCapabilities = AnsiString('setCext-IssuerCapabilities');
+  NID_setCext_IssuerCapabilities = 619;
+
+  SN_setAttr_Cert = AnsiString('setAttr-Cert');
+  NID_setAttr_Cert = 620;
+
+  SN_setAttr_PGWYcap = AnsiString('setAttr-PGWYcap');
+  LN_setAttr_PGWYcap = AnsiString('payment gateway capabilities');
+  NID_setAttr_PGWYcap = 621;
+
+  SN_setAttr_TokenType = AnsiString('setAttr-TokenType');
+  NID_setAttr_TokenType = 622;
+
+  SN_setAttr_IssCap = AnsiString('setAttr-IssCap');
+  LN_setAttr_IssCap = AnsiString('issuer capabilities');
+  NID_setAttr_IssCap = 623;
+
+  SN_set_rootKeyThumb = AnsiString('set-rootKeyThumb');
+  NID_set_rootKeyThumb = 624;
+
+  SN_set_addPolicy = AnsiString('set-addPolicy');
+  NID_set_addPolicy = 625;
+
+  SN_setAttr_Token_EMV = AnsiString('setAttr-Token-EMV');
+  NID_setAttr_Token_EMV = 626;
+
+  SN_setAttr_Token_B0Prime = AnsiString('setAttr-Token-B0Prime');
+  NID_setAttr_Token_B0Prime = 627;
+
+  SN_setAttr_IssCap_CVM = AnsiString('setAttr-IssCap-CVM');
+  NID_setAttr_IssCap_CVM = 628;
+
+  SN_setAttr_IssCap_T2 = AnsiString('setAttr-IssCap-T2');
+  NID_setAttr_IssCap_T2 = 629;
+
+  SN_setAttr_IssCap_Sig = AnsiString('setAttr-IssCap-Sig');
+  NID_setAttr_IssCap_Sig = 630;
+
+  SN_setAttr_GenCryptgrm = AnsiString('setAttr-GenCryptgrm');
+  LN_setAttr_GenCryptgrm = AnsiString('generate cryptogram');
+  NID_setAttr_GenCryptgrm = 631;
+
+  SN_setAttr_T2Enc = AnsiString('setAttr-T2Enc');
+  LN_setAttr_T2Enc = AnsiString('encrypted track 2');
+  NID_setAttr_T2Enc = 632;
+
+  SN_setAttr_T2cleartxt = AnsiString('setAttr-T2cleartxt');
+  LN_setAttr_T2cleartxt = AnsiString('cleartext track 2');
+  NID_setAttr_T2cleartxt = 633;
+
+  SN_setAttr_TokICCsig = AnsiString('setAttr-TokICCsig');
+  LN_setAttr_TokICCsig = AnsiString('ICC or token signature');
+  NID_setAttr_TokICCsig = 634;
+
+  SN_setAttr_SecDevSig = AnsiString('setAttr-SecDevSig');
+  LN_setAttr_SecDevSig = AnsiString('secure device signature');
+  NID_setAttr_SecDevSig = 635;
+
+  SN_set_brand_IATA_ATA = AnsiString('set-brand-IATA-ATA');
+  NID_set_brand_IATA_ATA = 636;
+
+  SN_set_brand_Diners = AnsiString('set-brand-Diners');
+  NID_set_brand_Diners = 637;
+
+  SN_set_brand_AmericanExpress = AnsiString('set-brand-AmericanExpress');
+  NID_set_brand_AmericanExpress = 638;
+
+  SN_set_brand_JCB = AnsiString('set-brand-JCB');
+  NID_set_brand_JCB = 639;
+
+  SN_set_brand_Visa = AnsiString('set-brand-Visa');
+  NID_set_brand_Visa = 640;
+
+  SN_set_brand_MasterCard = AnsiString('set-brand-MasterCard');
+  NID_set_brand_MasterCard = 641;
+
+  SN_set_brand_Novus = AnsiString('set-brand-Novus');
+  NID_set_brand_Novus = 642;
+
+  SN_des_cdmf = AnsiString('DES-CDMF');
+  LN_des_cdmf = AnsiString('des-cdmf');
+  NID_des_cdmf = 643;
+
+  SN_rsaOAEPEncryptionSET = AnsiString('rsaOAEPEncryptionSET');
+  NID_rsaOAEPEncryptionSET = 644;
+
+  SN_ipsec3 = AnsiString('Oakley-EC2N-3');
+  LN_ipsec3 = AnsiString('ipsec3');
+  NID_ipsec3 = 749;
+
+  SN_ipsec4 = AnsiString('Oakley-EC2N-4');
+  LN_ipsec4 = AnsiString('ipsec4');
+  NID_ipsec4 = 750;
+
+  SN_whirlpool = AnsiString('whirlpool');
+  NID_whirlpool = 804;
+
+  SN_cryptopro = AnsiString('cryptopro');
+  NID_cryptopro = 805;
+
+  SN_cryptocom = AnsiString('cryptocom');
+  NID_cryptocom = 806;
+
+  SN_id_tc26 = AnsiString('id-tc26');
+  NID_id_tc26 = 974;
+
+  SN_id_GostR3411_94_with_GostR3410_2001 = AnsiString('id-GostR3411-94-with-GostR3410-2001');
+  LN_id_GostR3411_94_with_GostR3410_2001 = AnsiString('GOST R 34.11-94 with GOST R 34.10-2001');
+  NID_id_GostR3411_94_with_GostR3410_2001 = 807;
+
+  SN_id_GostR3411_94_with_GostR3410_94 = AnsiString('id-GostR3411-94-with-GostR3410-94');
+  LN_id_GostR3411_94_with_GostR3410_94 = AnsiString('GOST R 34.11-94 with GOST R 34.10-94');
+  NID_id_GostR3411_94_with_GostR3410_94 = 808;
+
+  SN_id_GostR3411_94 = AnsiString('md_gost94');
+  LN_id_GostR3411_94 = AnsiString('GOST R 34.11-94');
+  NID_id_GostR3411_94 = 809;
+
+  SN_id_HMACGostR3411_94 = AnsiString('id-HMACGostR3411-94');
+  LN_id_HMACGostR3411_94 = AnsiString('HMAC GOST 34.11-94');
+  NID_id_HMACGostR3411_94 = 810;
+
+  SN_id_GostR3410_2001 = AnsiString('gost2001');
+  LN_id_GostR3410_2001 = AnsiString('GOST R 34.10-2001');
+  NID_id_GostR3410_2001 = 811;
+
+  SN_id_GostR3410_94 = AnsiString('gost94');
+  LN_id_GostR3410_94 = AnsiString('GOST R 34.10-94');
+  NID_id_GostR3410_94 = 812;
+
+  SN_id_Gost28147_89 = AnsiString('gost89');
+  LN_id_Gost28147_89 = AnsiString('GOST 28147-89');
+  NID_id_Gost28147_89 = 813;
+
+  SN_gost89_cnt = AnsiString('gost89-cnt');
+  NID_gost89_cnt = 814;
+
+  SN_gost89_cnt_12 = AnsiString('gost89-cnt-12');
+  NID_gost89_cnt_12 = 975;
+
+  SN_gost89_cbc = AnsiString('gost89-cbc');
+  NID_gost89_cbc = 1009;
+
+  SN_gost89_ecb = AnsiString('gost89-ecb');
+  NID_gost89_ecb = 1010;
+
+  SN_gost89_ctr = AnsiString('gost89-ctr');
+  NID_gost89_ctr = 1011;
+
+  SN_id_Gost28147_89_MAC = AnsiString('gost-mac');
+  LN_id_Gost28147_89_MAC = AnsiString('GOST 28147-89 MAC');
+  NID_id_Gost28147_89_MAC = 815;
+
+  SN_gost_mac_12 = AnsiString('gost-mac-12');
+  NID_gost_mac_12 = 976;
+
+  SN_id_GostR3411_94_prf = AnsiString('prf-gostr3411-94');
+  LN_id_GostR3411_94_prf = AnsiString('GOST R 34.11-94 PRF');
+  NID_id_GostR3411_94_prf = 816;
+
+  SN_id_GostR3410_2001DH = AnsiString('id-GostR3410-2001DH');
+  LN_id_GostR3410_2001DH = AnsiString('GOST R 34.10-2001 DH');
+  NID_id_GostR3410_2001DH = 817;
+
+  SN_id_GostR3410_94DH = AnsiString('id-GostR3410-94DH');
+  LN_id_GostR3410_94DH = AnsiString('GOST R 34.10-94 DH');
+  NID_id_GostR3410_94DH = 818;
+
+  SN_id_Gost28147_89_CryptoPro_KeyMeshing = AnsiString('id-Gost28147-89-CryptoPro-KeyMeshing');
+  NID_id_Gost28147_89_CryptoPro_KeyMeshing = 819;
+
+  SN_id_Gost28147_89_None_KeyMeshing = AnsiString('id-Gost28147-89-None-KeyMeshing');
+  NID_id_Gost28147_89_None_KeyMeshing = 820;
+
+  SN_id_GostR3411_94_TestParamSet = AnsiString('id-GostR3411-94-TestParamSet');
+  NID_id_GostR3411_94_TestParamSet = 821;
+
+  SN_id_GostR3411_94_CryptoProParamSet = AnsiString('id-GostR3411-94-CryptoProParamSet');
+  NID_id_GostR3411_94_CryptoProParamSet = 822;
+
+  SN_id_Gost28147_89_TestParamSet = AnsiString('id-Gost28147-89-TestParamSet');
+  NID_id_Gost28147_89_TestParamSet = 823;
+
+  SN_id_Gost28147_89_CryptoPro_A_ParamSet = AnsiString('id-Gost28147-89-CryptoPro-A-ParamSet');
+  NID_id_Gost28147_89_CryptoPro_A_ParamSet = 824;
+
+  SN_id_Gost28147_89_CryptoPro_B_ParamSet = AnsiString('id-Gost28147-89-CryptoPro-B-ParamSet');
+  NID_id_Gost28147_89_CryptoPro_B_ParamSet = 825;
+
+  SN_id_Gost28147_89_CryptoPro_C_ParamSet = AnsiString('id-Gost28147-89-CryptoPro-C-ParamSet');
+  NID_id_Gost28147_89_CryptoPro_C_ParamSet = 826;
+
+  SN_id_Gost28147_89_CryptoPro_D_ParamSet = AnsiString('id-Gost28147-89-CryptoPro-D-ParamSet');
+  NID_id_Gost28147_89_CryptoPro_D_ParamSet = 827;
+
+  SN_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet = AnsiString('id-Gost28147-89-CryptoPro-Oscar-1-1-ParamSet');
+  NID_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet = 828;
+
+  SN_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet = AnsiString('id-Gost28147-89-CryptoPro-Oscar-1-0-ParamSet');
+  NID_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet = 829;
+
+  SN_id_Gost28147_89_CryptoPro_RIC_1_ParamSet = AnsiString('id-Gost28147-89-CryptoPro-RIC-1-ParamSet');
+  NID_id_Gost28147_89_CryptoPro_RIC_1_ParamSet = 830;
+
+  SN_id_GostR3410_94_TestParamSet = AnsiString('id-GostR3410-94-TestParamSet');
+  NID_id_GostR3410_94_TestParamSet = 831;
+
+  SN_id_GostR3410_94_CryptoPro_A_ParamSet = AnsiString('id-GostR3410-94-CryptoPro-A-ParamSet');
+  NID_id_GostR3410_94_CryptoPro_A_ParamSet = 832;
+
+  SN_id_GostR3410_94_CryptoPro_B_ParamSet = AnsiString('id-GostR3410-94-CryptoPro-B-ParamSet');
+  NID_id_GostR3410_94_CryptoPro_B_ParamSet = 833;
+
+  SN_id_GostR3410_94_CryptoPro_C_ParamSet = AnsiString('id-GostR3410-94-CryptoPro-C-ParamSet');
+  NID_id_GostR3410_94_CryptoPro_C_ParamSet = 834;
+
+  SN_id_GostR3410_94_CryptoPro_D_ParamSet = AnsiString('id-GostR3410-94-CryptoPro-D-ParamSet');
+  NID_id_GostR3410_94_CryptoPro_D_ParamSet = 835;
+
+  SN_id_GostR3410_94_CryptoPro_XchA_ParamSet = AnsiString('id-GostR3410-94-CryptoPro-XchA-ParamSet');
+  NID_id_GostR3410_94_CryptoPro_XchA_ParamSet = 836;
+
+  SN_id_GostR3410_94_CryptoPro_XchB_ParamSet = AnsiString('id-GostR3410-94-CryptoPro-XchB-ParamSet');
+  NID_id_GostR3410_94_CryptoPro_XchB_ParamSet = 837;
+
+  SN_id_GostR3410_94_CryptoPro_XchC_ParamSet = AnsiString('id-GostR3410-94-CryptoPro-XchC-ParamSet');
+  NID_id_GostR3410_94_CryptoPro_XchC_ParamSet = 838;
+
+  SN_id_GostR3410_2001_TestParamSet = AnsiString('id-GostR3410-2001-TestParamSet');
+  NID_id_GostR3410_2001_TestParamSet = 839;
+
+  SN_id_GostR3410_2001_CryptoPro_A_ParamSet = AnsiString('id-GostR3410-2001-CryptoPro-A-ParamSet');
+  NID_id_GostR3410_2001_CryptoPro_A_ParamSet = 840;
+
+  SN_id_GostR3410_2001_CryptoPro_B_ParamSet = AnsiString('id-GostR3410-2001-CryptoPro-B-ParamSet');
+  NID_id_GostR3410_2001_CryptoPro_B_ParamSet = 841;
+
+  SN_id_GostR3410_2001_CryptoPro_C_ParamSet = AnsiString('id-GostR3410-2001-CryptoPro-C-ParamSet');
+  NID_id_GostR3410_2001_CryptoPro_C_ParamSet = 842;
+
+  SN_id_GostR3410_2001_CryptoPro_XchA_ParamSet = AnsiString('id-GostR3410-2001-CryptoPro-XchA-ParamSet');
+  NID_id_GostR3410_2001_CryptoPro_XchA_ParamSet = 843;
+
+  SN_id_GostR3410_2001_CryptoPro_XchB_ParamSet = AnsiString('id-GostR3410-2001-CryptoPro-XchB-ParamSet');
+  NID_id_GostR3410_2001_CryptoPro_XchB_ParamSet = 844;
+
+  SN_id_GostR3410_94_a = AnsiString('id-GostR3410-94-a');
+  NID_id_GostR3410_94_a = 845;
+
+  SN_id_GostR3410_94_aBis = AnsiString('id-GostR3410-94-aBis');
+  NID_id_GostR3410_94_aBis = 846;
+
+  SN_id_GostR3410_94_b = AnsiString('id-GostR3410-94-b');
+  NID_id_GostR3410_94_b = 847;
+
+  SN_id_GostR3410_94_bBis = AnsiString('id-GostR3410-94-bBis');
+  NID_id_GostR3410_94_bBis = 848;
+
+  SN_id_Gost28147_89_cc = AnsiString('id-Gost28147-89-cc');
+  LN_id_Gost28147_89_cc = AnsiString('GOST 28147-89 Cryptocom ParamSet');
+  NID_id_Gost28147_89_cc = 849;
+
+  SN_id_GostR3410_94_cc = AnsiString('gost94cc');
+  LN_id_GostR3410_94_cc = AnsiString('GOST 34.10-94 Cryptocom');
+  NID_id_GostR3410_94_cc = 850;
+
+  SN_id_GostR3410_2001_cc = AnsiString('gost2001cc');
+  LN_id_GostR3410_2001_cc = AnsiString('GOST 34.10-2001 Cryptocom');
+  NID_id_GostR3410_2001_cc = 851;
+
+  SN_id_GostR3411_94_with_GostR3410_94_cc = AnsiString('id-GostR3411-94-with-GostR3410-94-cc');
+  LN_id_GostR3411_94_with_GostR3410_94_cc = AnsiString('GOST R 34.11-94 with GOST R 34.10-94 Cryptocom');
+  NID_id_GostR3411_94_with_GostR3410_94_cc = 852;
+
+  SN_id_GostR3411_94_with_GostR3410_2001_cc = AnsiString('id-GostR3411-94-with-GostR3410-2001-cc');
+  LN_id_GostR3411_94_with_GostR3410_2001_cc = AnsiString('GOST R 34.11-94 with GOST R 34.10-2001 Cryptocom');
+  NID_id_GostR3411_94_with_GostR3410_2001_cc = 853;
+
+  SN_id_GostR3410_2001_ParamSet_cc = AnsiString('id-GostR3410-2001-ParamSet-cc');
+  LN_id_GostR3410_2001_ParamSet_cc = AnsiString('GOST R 3410-2001 Parameter Set Cryptocom');
+  NID_id_GostR3410_2001_ParamSet_cc = 854;
+
+  SN_id_tc26_algorithms = AnsiString('id-tc26-algorithms');
+  NID_id_tc26_algorithms = 977;
+
+  SN_id_tc26_sign = AnsiString('id-tc26-sign');
+  NID_id_tc26_sign = 978;
+
+  SN_id_GostR3410_2012_256 = AnsiString('gost2012_256');
+  LN_id_GostR3410_2012_256 = AnsiString('GOST R 34.10-2012 with 256 bit modulus');
+  NID_id_GostR3410_2012_256 = 979;
+
+  SN_id_GostR3410_2012_512 = AnsiString('gost2012_512');
+  LN_id_GostR3410_2012_512 = AnsiString('GOST R 34.10-2012 with 512 bit modulus');
+  NID_id_GostR3410_2012_512 = 980;
+
+  SN_id_tc26_digest = AnsiString('id-tc26-digest');
+  NID_id_tc26_digest = 981;
+
+  SN_id_GostR3411_2012_256 = AnsiString('md_gost12_256');
+  LN_id_GostR3411_2012_256 = AnsiString('GOST R 34.11-2012 with 256 bit hash');
+  NID_id_GostR3411_2012_256 = 982;
+
+  SN_id_GostR3411_2012_512 = AnsiString('md_gost12_512');
+  LN_id_GostR3411_2012_512 = AnsiString('GOST R 34.11-2012 with 512 bit hash');
+  NID_id_GostR3411_2012_512 = 983;
+
+  SN_id_tc26_signwithdigest = AnsiString('id-tc26-signwithdigest');
+  NID_id_tc26_signwithdigest = 984;
+
+  SN_id_tc26_signwithdigest_gost3410_2012_256 = AnsiString('id-tc26-signwithdigest-gost3410-2012-256');
+  LN_id_tc26_signwithdigest_gost3410_2012_256 = AnsiString('GOST R 34.10-2012 with GOST R 34.11-2012(256 bit)');
+  NID_id_tc26_signwithdigest_gost3410_2012_256 = 985;
+
+  SN_id_tc26_signwithdigest_gost3410_2012_512 = AnsiString('id-tc26-signwithdigest-gost3410-2012-512');
+  LN_id_tc26_signwithdigest_gost3410_2012_512 = AnsiString('GOST R 34.10-2012 with GOST R 34.11-2012(512 bit)');
+  NID_id_tc26_signwithdigest_gost3410_2012_512 = 986;
+
+  SN_id_tc26_mac = AnsiString('id-tc26-mac');
+  NID_id_tc26_mac = 987;
+
+  SN_id_tc26_hmac_gost_3411_2012_256 = AnsiString('id-tc26-hmac-gost-3411-2012-256');
+  LN_id_tc26_hmac_gost_3411_2012_256 = AnsiString('HMAC GOST 34.11-2012 256 bit');
+  NID_id_tc26_hmac_gost_3411_2012_256 = 988;
+
+  SN_id_tc26_hmac_gost_3411_2012_512 = AnsiString('id-tc26-hmac-gost-3411-2012-512');
+  LN_id_tc26_hmac_gost_3411_2012_512 = AnsiString('HMAC GOST 34.11-2012 512 bit');
+  NID_id_tc26_hmac_gost_3411_2012_512 = 989;
+
+  SN_id_tc26_cipher = AnsiString('id-tc26-cipher');
+  NID_id_tc26_cipher = 990;
+
+  SN_id_tc26_cipher_gostr3412_2015_magma = AnsiString('id-tc26-cipher-gostr3412-2015-magma');
+  NID_id_tc26_cipher_gostr3412_2015_magma = 1173;
+
+  SN_id_tc26_cipher_gostr3412_2015_magma_ctracpkm = AnsiString('id-tc26-cipher-gostr3412-2015-magma-ctracpkm');
+  NID_id_tc26_cipher_gostr3412_2015_magma_ctracpkm = 1174;
+
+  SN_id_tc26_cipher_gostr3412_2015_magma_ctracpkm_omac = AnsiString('id-tc26-cipher-gostr3412-2015-magma-ctracpkm-omac');
+  NID_id_tc26_cipher_gostr3412_2015_magma_ctracpkm_omac = 1175;
+
+  SN_id_tc26_cipher_gostr3412_2015_kuznyechik = AnsiString('id-tc26-cipher-gostr3412-2015-kuznyechik');
+  NID_id_tc26_cipher_gostr3412_2015_kuznyechik = 1176;
+
+  SN_id_tc26_cipher_gostr3412_2015_kuznyechik_ctracpkm = AnsiString('id-tc26-cipher-gostr3412-2015-kuznyechik-ctracpkm');
+  NID_id_tc26_cipher_gostr3412_2015_kuznyechik_ctracpkm = 1177;
+
+  SN_id_tc26_cipher_gostr3412_2015_kuznyechik_ctracpkm_omac = AnsiString('id-tc26-cipher-gostr3412-2015-kuznyechik-ctracpkm-omac');
+  NID_id_tc26_cipher_gostr3412_2015_kuznyechik_ctracpkm_omac = 1178;
+
+  SN_id_tc26_agreement = AnsiString('id-tc26-agreement');
+  NID_id_tc26_agreement = 991;
+
+  SN_id_tc26_agreement_gost_3410_2012_256 = AnsiString('id-tc26-agreement-gost-3410-2012-256');
+  NID_id_tc26_agreement_gost_3410_2012_256 = 992;
+
+  SN_id_tc26_agreement_gost_3410_2012_512 = AnsiString('id-tc26-agreement-gost-3410-2012-512');
+  NID_id_tc26_agreement_gost_3410_2012_512 = 993;
+
+  SN_id_tc26_wrap = AnsiString('id-tc26-wrap');
+  NID_id_tc26_wrap = 1179;
+
+  SN_id_tc26_wrap_gostr3412_2015_magma = AnsiString('id-tc26-wrap-gostr3412-2015-magma');
+  NID_id_tc26_wrap_gostr3412_2015_magma = 1180;
+
+  SN_id_tc26_wrap_gostr3412_2015_magma_kexp15 = AnsiString('id-tc26-wrap-gostr3412-2015-magma-kexp15');
+  NID_id_tc26_wrap_gostr3412_2015_magma_kexp15 = 1181;
+
+  SN_id_tc26_wrap_gostr3412_2015_kuznyechik = AnsiString('id-tc26-wrap-gostr3412-2015-kuznyechik');
+  NID_id_tc26_wrap_gostr3412_2015_kuznyechik = 1182;
+
+  SN_id_tc26_wrap_gostr3412_2015_kuznyechik_kexp15 = AnsiString('id-tc26-wrap-gostr3412-2015-kuznyechik-kexp15');
+  NID_id_tc26_wrap_gostr3412_2015_kuznyechik_kexp15 = 1183;
+
+  SN_id_tc26_constants = AnsiString('id-tc26-constants');
+  NID_id_tc26_constants = 994;
+
+  SN_id_tc26_sign_constants = AnsiString('id-tc26-sign-constants');
+  NID_id_tc26_sign_constants = 995;
+
+  SN_id_tc26_gost_3410_2012_256_constants = AnsiString('id-tc26-gost-3410-2012-256-constants');
+  NID_id_tc26_gost_3410_2012_256_constants = 1147;
+
+  SN_id_tc26_gost_3410_2012_256_paramSetA = AnsiString('id-tc26-gost-3410-2012-256-paramSetA');
+  LN_id_tc26_gost_3410_2012_256_paramSetA = AnsiString('GOST R 34.10-2012(256 bit)ParamSet A');
+  NID_id_tc26_gost_3410_2012_256_paramSetA = 1148;
+
+  SN_id_tc26_gost_3410_2012_256_paramSetB = AnsiString('id-tc26-gost-3410-2012-256-paramSetB');
+  LN_id_tc26_gost_3410_2012_256_paramSetB = AnsiString('GOST R 34.10-2012(256 bit)ParamSet B');
+  NID_id_tc26_gost_3410_2012_256_paramSetB = 1184;
+
+  SN_id_tc26_gost_3410_2012_256_paramSetC = AnsiString('id-tc26-gost-3410-2012-256-paramSetC');
+  LN_id_tc26_gost_3410_2012_256_paramSetC = AnsiString('GOST R 34.10-2012(256 bit)ParamSet C');
+  NID_id_tc26_gost_3410_2012_256_paramSetC = 1185;
+
+  SN_id_tc26_gost_3410_2012_256_paramSetD = AnsiString('id-tc26-gost-3410-2012-256-paramSetD');
+  LN_id_tc26_gost_3410_2012_256_paramSetD = AnsiString('GOST R 34.10-2012(256 bit)ParamSet D');
+  NID_id_tc26_gost_3410_2012_256_paramSetD = 1186;
+
+  SN_id_tc26_gost_3410_2012_512_constants = AnsiString('id-tc26-gost-3410-2012-512-constants');
+  NID_id_tc26_gost_3410_2012_512_constants = 996;
+
+  SN_id_tc26_gost_3410_2012_512_paramSetTest = AnsiString('id-tc26-gost-3410-2012-512-paramSetTest');
+  LN_id_tc26_gost_3410_2012_512_paramSetTest = AnsiString('GOST R 34.10-2012(512 bit)testing parameter set');
+  NID_id_tc26_gost_3410_2012_512_paramSetTest = 997;
+
+  SN_id_tc26_gost_3410_2012_512_paramSetA = AnsiString('id-tc26-gost-3410-2012-512-paramSetA');
+  LN_id_tc26_gost_3410_2012_512_paramSetA = AnsiString('GOST R 34.10-2012(512 bit)ParamSet A');
+  NID_id_tc26_gost_3410_2012_512_paramSetA = 998;
+
+  SN_id_tc26_gost_3410_2012_512_paramSetB = AnsiString('id-tc26-gost-3410-2012-512-paramSetB');
+  LN_id_tc26_gost_3410_2012_512_paramSetB = AnsiString('GOST R 34.10-2012(512 bit)ParamSet B');
+  NID_id_tc26_gost_3410_2012_512_paramSetB = 999;
+
+  SN_id_tc26_gost_3410_2012_512_paramSetC = AnsiString('id-tc26-gost-3410-2012-512-paramSetC');
+  LN_id_tc26_gost_3410_2012_512_paramSetC = AnsiString('GOST R 34.10-2012(512 bit)ParamSet C');
+  NID_id_tc26_gost_3410_2012_512_paramSetC = 1149;
+
+  SN_id_tc26_digest_constants = AnsiString('id-tc26-digest-constants');
+  NID_id_tc26_digest_constants = 1000;
+
+  SN_id_tc26_cipher_constants = AnsiString('id-tc26-cipher-constants');
+  NID_id_tc26_cipher_constants = 1001;
+
+  SN_id_tc26_gost_28147_constants = AnsiString('id-tc26-gost-28147-constants');
+  NID_id_tc26_gost_28147_constants = 1002;
+
+  SN_id_tc26_gost_28147_param_Z = AnsiString('id-tc26-gost-28147-param-Z');
+  LN_id_tc26_gost_28147_param_Z = AnsiString('GOST 28147-89 TC26 parameter set');
+  NID_id_tc26_gost_28147_param_Z = 1003;
+
+  SN_INN = AnsiString('INN');
+  LN_INN = AnsiString('INN');
+  NID_INN = 1004;
+
+  SN_OGRN = AnsiString('OGRN');
+  LN_OGRN = AnsiString('OGRN');
+  NID_OGRN = 1005;
+
+  SN_SNILS = AnsiString('SNILS');
+  LN_SNILS = AnsiString('SNILS');
+  NID_SNILS = 1006;
+
+  SN_subjectSignTool = AnsiString('subjectSignTool');
+  LN_subjectSignTool = AnsiString('Signing Tool of Subject');
+  NID_subjectSignTool = 1007;
+
+  SN_issuerSignTool = AnsiString('issuerSignTool');
+  LN_issuerSignTool = AnsiString('Signing Tool of Issuer');
+  NID_issuerSignTool = 1008;
+
+  SN_grasshopper_ecb = AnsiString('grasshopper-ecb');
+  NID_grasshopper_ecb = 1012;
+
+  SN_grasshopper_ctr = AnsiString('grasshopper-ctr');
+  NID_grasshopper_ctr = 1013;
+
+  SN_grasshopper_ofb = AnsiString('grasshopper-ofb');
+  NID_grasshopper_ofb = 1014;
+
+  SN_grasshopper_cbc = AnsiString('grasshopper-cbc');
+  NID_grasshopper_cbc = 1015;
+
+  SN_grasshopper_cfb = AnsiString('grasshopper-cfb');
+  NID_grasshopper_cfb = 1016;
+
+  SN_grasshopper_mac = AnsiString('grasshopper-mac');
+  NID_grasshopper_mac = 1017;
+
+  SN_magma_ecb = AnsiString('magma-ecb');
+  NID_magma_ecb = 1187;
+
+  SN_magma_ctr = AnsiString('magma-ctr');
+  NID_magma_ctr = 1188;
+
+  SN_magma_ofb = AnsiString('magma-ofb');
+  NID_magma_ofb = 1189;
+
+  SN_magma_cbc = AnsiString('magma-cbc');
+  NID_magma_cbc = 1190;
+
+  SN_magma_cfb = AnsiString('magma-cfb');
+  NID_magma_cfb = 1191;
+
+  SN_magma_mac = AnsiString('magma-mac');
+  NID_magma_mac = 1192;
+
+  SN_camellia_128_cbc = AnsiString('CAMELLIA-128-CBC');
+  LN_camellia_128_cbc = AnsiString('camellia-128-cbc');
+  NID_camellia_128_cbc = 751;
+
+  SN_camellia_192_cbc = AnsiString('CAMELLIA-192-CBC');
+  LN_camellia_192_cbc = AnsiString('camellia-192-cbc');
+  NID_camellia_192_cbc = 752;
+
+  SN_camellia_256_cbc = AnsiString('CAMELLIA-256-CBC');
+  LN_camellia_256_cbc = AnsiString('camellia-256-cbc');
+  NID_camellia_256_cbc = 753;
+
+  SN_id_camellia128_wrap = AnsiString('id-camellia128-wrap');
+  NID_id_camellia128_wrap = 907;
+
+  SN_id_camellia192_wrap = AnsiString('id-camellia192-wrap');
+  NID_id_camellia192_wrap = 908;
+
+  SN_id_camellia256_wrap = AnsiString('id-camellia256-wrap');
+  NID_id_camellia256_wrap = 909;
+
+  SN_camellia_128_ecb = AnsiString('CAMELLIA-128-ECB');
+  LN_camellia_128_ecb = AnsiString('camellia-128-ecb');
+  NID_camellia_128_ecb = 754;
+
+  SN_camellia_128_ofb128 = AnsiString('CAMELLIA-128-OFB');
+  LN_camellia_128_ofb128 = AnsiString('camellia-128-ofb');
+  NID_camellia_128_ofb128 = 766;
+
+  SN_camellia_128_cfb128 = AnsiString('CAMELLIA-128-CFB');
+  LN_camellia_128_cfb128 = AnsiString('camellia-128-cfb');
+  NID_camellia_128_cfb128 = 757;
+
+  SN_camellia_128_gcm = AnsiString('CAMELLIA-128-GCM');
+  LN_camellia_128_gcm = AnsiString('camellia-128-gcm');
+  NID_camellia_128_gcm = 961;
+
+  SN_camellia_128_ccm = AnsiString('CAMELLIA-128-CCM');
+  LN_camellia_128_ccm = AnsiString('camellia-128-ccm');
+  NID_camellia_128_ccm = 962;
+
+  SN_camellia_128_ctr = AnsiString('CAMELLIA-128-CTR');
+  LN_camellia_128_ctr = AnsiString('camellia-128-ctr');
+  NID_camellia_128_ctr = 963;
+
+  SN_camellia_128_cmac = AnsiString('CAMELLIA-128-CMAC');
+  LN_camellia_128_cmac = AnsiString('camellia-128-cmac');
+  NID_camellia_128_cmac = 964;
+
+  SN_camellia_192_ecb = AnsiString('CAMELLIA-192-ECB');
+  LN_camellia_192_ecb = AnsiString('camellia-192-ecb');
+  NID_camellia_192_ecb = 755;
+
+  SN_camellia_192_ofb128 = AnsiString('CAMELLIA-192-OFB');
+  LN_camellia_192_ofb128 = AnsiString('camellia-192-ofb');
+  NID_camellia_192_ofb128 = 767;
+
+  SN_camellia_192_cfb128 = AnsiString('CAMELLIA-192-CFB');
+  LN_camellia_192_cfb128 = AnsiString('camellia-192-cfb');
+  NID_camellia_192_cfb128 = 758;
+
+  SN_camellia_192_gcm = AnsiString('CAMELLIA-192-GCM');
+  LN_camellia_192_gcm = AnsiString('camellia-192-gcm');
+  NID_camellia_192_gcm = 965;
+
+  SN_camellia_192_ccm = AnsiString('CAMELLIA-192-CCM');
+  LN_camellia_192_ccm = AnsiString('camellia-192-ccm');
+  NID_camellia_192_ccm = 966;
+
+  SN_camellia_192_ctr = AnsiString('CAMELLIA-192-CTR');
+  LN_camellia_192_ctr = AnsiString('camellia-192-ctr');
+  NID_camellia_192_ctr = 967;
+
+  SN_camellia_192_cmac = AnsiString('CAMELLIA-192-CMAC');
+  LN_camellia_192_cmac = AnsiString('camellia-192-cmac');
+  NID_camellia_192_cmac = 968;
+
+  SN_camellia_256_ecb = AnsiString('CAMELLIA-256-ECB');
+  LN_camellia_256_ecb = AnsiString('camellia-256-ecb');
+  NID_camellia_256_ecb = 756;
+
+  SN_camellia_256_ofb128 = AnsiString('CAMELLIA-256-OFB');
+  LN_camellia_256_ofb128 = AnsiString('camellia-256-ofb');
+  NID_camellia_256_ofb128 = 768;
+
+  SN_camellia_256_cfb128 = AnsiString('CAMELLIA-256-CFB');
+  LN_camellia_256_cfb128 = AnsiString('camellia-256-cfb');
+  NID_camellia_256_cfb128 = 759;
+
+  SN_camellia_256_gcm = AnsiString('CAMELLIA-256-GCM');
+  LN_camellia_256_gcm = AnsiString('camellia-256-gcm');
+  NID_camellia_256_gcm = 969;
+
+  SN_camellia_256_ccm = AnsiString('CAMELLIA-256-CCM');
+  LN_camellia_256_ccm = AnsiString('camellia-256-ccm');
+  NID_camellia_256_ccm = 970;
+
+  SN_camellia_256_ctr = AnsiString('CAMELLIA-256-CTR');
+  LN_camellia_256_ctr = AnsiString('camellia-256-ctr');
+  NID_camellia_256_ctr = 971;
+
+  SN_camellia_256_cmac = AnsiString('CAMELLIA-256-CMAC');
+  LN_camellia_256_cmac = AnsiString('camellia-256-cmac');
+  NID_camellia_256_cmac = 972;
+
+  SN_camellia_128_cfb1 = AnsiString('CAMELLIA-128-CFB1');
+  LN_camellia_128_cfb1 = AnsiString('camellia-128-cfb1');
+  NID_camellia_128_cfb1 = 760;
+
+  SN_camellia_192_cfb1 = AnsiString('CAMELLIA-192-CFB1');
+  LN_camellia_192_cfb1 = AnsiString('camellia-192-cfb1');
+  NID_camellia_192_cfb1 = 761;
+
+  SN_camellia_256_cfb1 = AnsiString('CAMELLIA-256-CFB1');
+  LN_camellia_256_cfb1 = AnsiString('camellia-256-cfb1');
+  NID_camellia_256_cfb1 = 762;
+
+  SN_camellia_128_cfb8 = AnsiString('CAMELLIA-128-CFB8');
+  LN_camellia_128_cfb8 = AnsiString('camellia-128-cfb8');
+  NID_camellia_128_cfb8 = 763;
+
+  SN_camellia_192_cfb8 = AnsiString('CAMELLIA-192-CFB8');
+  LN_camellia_192_cfb8 = AnsiString('camellia-192-cfb8');
+  NID_camellia_192_cfb8 = 764;
+
+  SN_camellia_256_cfb8 = AnsiString('CAMELLIA-256-CFB8');
+  LN_camellia_256_cfb8 = AnsiString('camellia-256-cfb8');
+  NID_camellia_256_cfb8 = 765;
+
+  SN_aria_128_ecb = AnsiString('ARIA-128-ECB');
+  LN_aria_128_ecb = AnsiString('aria-128-ecb');
+  NID_aria_128_ecb = 1065;
+
+  SN_aria_128_cbc = AnsiString('ARIA-128-CBC');
+  LN_aria_128_cbc = AnsiString('aria-128-cbc');
+  NID_aria_128_cbc = 1066;
+
+  SN_aria_128_cfb128 = AnsiString('ARIA-128-CFB');
+  LN_aria_128_cfb128 = AnsiString('aria-128-cfb');
+  NID_aria_128_cfb128 = 1067;
+
+  SN_aria_128_ofb128 = AnsiString('ARIA-128-OFB');
+  LN_aria_128_ofb128 = AnsiString('aria-128-ofb');
+  NID_aria_128_ofb128 = 1068;
+
+  SN_aria_128_ctr = AnsiString('ARIA-128-CTR');
+  LN_aria_128_ctr = AnsiString('aria-128-ctr');
+  NID_aria_128_ctr = 1069;
+
+  SN_aria_192_ecb = AnsiString('ARIA-192-ECB');
+  LN_aria_192_ecb = AnsiString('aria-192-ecb');
+  NID_aria_192_ecb = 1070;
+
+  SN_aria_192_cbc = AnsiString('ARIA-192-CBC');
+  LN_aria_192_cbc = AnsiString('aria-192-cbc');
+  NID_aria_192_cbc = 1071;
+
+  SN_aria_192_cfb128 = AnsiString('ARIA-192-CFB');
+  LN_aria_192_cfb128 = AnsiString('aria-192-cfb');
+  NID_aria_192_cfb128 = 1072;
+
+  SN_aria_192_ofb128 = AnsiString('ARIA-192-OFB');
+  LN_aria_192_ofb128 = AnsiString('aria-192-ofb');
+  NID_aria_192_ofb128 = 1073;
+
+  SN_aria_192_ctr = AnsiString('ARIA-192-CTR');
+  LN_aria_192_ctr = AnsiString('aria-192-ctr');
+  NID_aria_192_ctr = 1074;
+
+  SN_aria_256_ecb = AnsiString('ARIA-256-ECB');
+  LN_aria_256_ecb = AnsiString('aria-256-ecb');
+  NID_aria_256_ecb = 1075;
+
+  SN_aria_256_cbc = AnsiString('ARIA-256-CBC');
+  LN_aria_256_cbc = AnsiString('aria-256-cbc');
+  NID_aria_256_cbc = 1076;
+
+  SN_aria_256_cfb128 = AnsiString('ARIA-256-CFB');
+  LN_aria_256_cfb128 = AnsiString('aria-256-cfb');
+  NID_aria_256_cfb128 = 1077;
+
+  SN_aria_256_ofb128 = AnsiString('ARIA-256-OFB');
+  LN_aria_256_ofb128 = AnsiString('aria-256-ofb');
+  NID_aria_256_ofb128 = 1078;
+
+  SN_aria_256_ctr = AnsiString('ARIA-256-CTR');
+  LN_aria_256_ctr = AnsiString('aria-256-ctr');
+  NID_aria_256_ctr = 1079;
+
+  SN_aria_128_cfb1 = AnsiString('ARIA-128-CFB1');
+  LN_aria_128_cfb1 = AnsiString('aria-128-cfb1');
+  NID_aria_128_cfb1 = 1080;
+
+  SN_aria_192_cfb1 = AnsiString('ARIA-192-CFB1');
+  LN_aria_192_cfb1 = AnsiString('aria-192-cfb1');
+  NID_aria_192_cfb1 = 1081;
+
+  SN_aria_256_cfb1 = AnsiString('ARIA-256-CFB1');
+  LN_aria_256_cfb1 = AnsiString('aria-256-cfb1');
+  NID_aria_256_cfb1 = 1082;
+
+  SN_aria_128_cfb8 = AnsiString('ARIA-128-CFB8');
+  LN_aria_128_cfb8 = AnsiString('aria-128-cfb8');
+  NID_aria_128_cfb8 = 1083;
+
+  SN_aria_192_cfb8 = AnsiString('ARIA-192-CFB8');
+  LN_aria_192_cfb8 = AnsiString('aria-192-cfb8');
+  NID_aria_192_cfb8 = 1084;
+
+  SN_aria_256_cfb8 = AnsiString('ARIA-256-CFB8');
+  LN_aria_256_cfb8 = AnsiString('aria-256-cfb8');
+  NID_aria_256_cfb8 = 1085;
+
+  SN_aria_128_ccm = AnsiString('ARIA-128-CCM');
+  LN_aria_128_ccm = AnsiString('aria-128-ccm');
+  NID_aria_128_ccm = 1120;
+
+  SN_aria_192_ccm = AnsiString('ARIA-192-CCM');
+  LN_aria_192_ccm = AnsiString('aria-192-ccm');
+  NID_aria_192_ccm = 1121;
+
+  SN_aria_256_ccm = AnsiString('ARIA-256-CCM');
+  LN_aria_256_ccm = AnsiString('aria-256-ccm');
+  NID_aria_256_ccm = 1122;
+
+  SN_aria_128_gcm = AnsiString('ARIA-128-GCM');
+  LN_aria_128_gcm = AnsiString('aria-128-gcm');
+  NID_aria_128_gcm = 1123;
+
+  SN_aria_192_gcm = AnsiString('ARIA-192-GCM');
+  LN_aria_192_gcm = AnsiString('aria-192-gcm');
+  NID_aria_192_gcm = 1124;
+
+  SN_aria_256_gcm = AnsiString('ARIA-256-GCM');
+  LN_aria_256_gcm = AnsiString('aria-256-gcm');
+  NID_aria_256_gcm = 1125;
+
+  SN_kisa = AnsiString('KISA');
+  LN_kisa = AnsiString('kisa');
+  NID_kisa = 773;
+
+  SN_seed_ecb = AnsiString('SEED-ECB');
+  LN_seed_ecb = AnsiString('seed-ecb');
+  NID_seed_ecb = 776;
+
+  SN_seed_cbc = AnsiString('SEED-CBC');
+  LN_seed_cbc = AnsiString('seed-cbc');
+  NID_seed_cbc = 777;
+
+  SN_seed_cfb128 = AnsiString('SEED-CFB');
+  LN_seed_cfb128 = AnsiString('seed-cfb');
+  NID_seed_cfb128 = 779;
+
+  SN_seed_ofb128 = AnsiString('SEED-OFB');
+  LN_seed_ofb128 = AnsiString('seed-ofb');
+  NID_seed_ofb128 = 778;
+
+  SN_sm4_ecb = AnsiString('SM4-ECB');
+  LN_sm4_ecb = AnsiString('sm4-ecb');
+  NID_sm4_ecb = 1133;
+
+  SN_sm4_cbc = AnsiString('SM4-CBC');
+  LN_sm4_cbc = AnsiString('sm4-cbc');
+  NID_sm4_cbc = 1134;
+
+  SN_sm4_ofb128 = AnsiString('SM4-OFB');
+  LN_sm4_ofb128 = AnsiString('sm4-ofb');
+  NID_sm4_ofb128 = 1135;
+
+  SN_sm4_cfb128 = AnsiString('SM4-CFB');
+  LN_sm4_cfb128 = AnsiString('sm4-cfb');
+  NID_sm4_cfb128 = 1137;
+
+  SN_sm4_cfb1 = AnsiString('SM4-CFB1');
+  LN_sm4_cfb1 = AnsiString('sm4-cfb1');
+  NID_sm4_cfb1 = 1136;
+
+  SN_sm4_cfb8 = AnsiString('SM4-CFB8');
+  LN_sm4_cfb8 = AnsiString('sm4-cfb8');
+  NID_sm4_cfb8 = 1138;
+
+  SN_sm4_ctr = AnsiString('SM4-CTR');
+  LN_sm4_ctr = AnsiString('sm4-ctr');
+  NID_sm4_ctr = 1139;
+
+  SN_hmac = AnsiString('HMAC');
+  LN_hmac = AnsiString('hmac');
+  NID_hmac = 855;
+
+  SN_cmac = AnsiString('CMAC');
+  LN_cmac = AnsiString('cmac');
+  NID_cmac = 894;
+
+  SN_rc4_hmac_md5 = AnsiString('RC4-HMAC-MD5');
+  LN_rc4_hmac_md5 = AnsiString('rc4-hmac-md5');
+  NID_rc4_hmac_md5 = 915;
+
+  SN_aes_128_cbc_hmac_sha1 = AnsiString('AES-128-CBC-HMAC-SHA1');
+  LN_aes_128_cbc_hmac_sha1 = AnsiString('aes-128-cbc-hmac-sha1');
+  NID_aes_128_cbc_hmac_sha1 = 916;
+
+  SN_aes_192_cbc_hmac_sha1 = AnsiString('AES-192-CBC-HMAC-SHA1');
+  LN_aes_192_cbc_hmac_sha1 = AnsiString('aes-192-cbc-hmac-sha1');
+  NID_aes_192_cbc_hmac_sha1 = 917;
+
+  SN_aes_256_cbc_hmac_sha1 = AnsiString('AES-256-CBC-HMAC-SHA1');
+  LN_aes_256_cbc_hmac_sha1 = AnsiString('aes-256-cbc-hmac-sha1');
+  NID_aes_256_cbc_hmac_sha1 = 918;
+
+  SN_aes_128_cbc_hmac_sha256 = AnsiString('AES-128-CBC-HMAC-SHA256');
+  LN_aes_128_cbc_hmac_sha256 = AnsiString('aes-128-cbc-hmac-sha256');
+  NID_aes_128_cbc_hmac_sha256 = 948;
+
+  SN_aes_192_cbc_hmac_sha256 = AnsiString('AES-192-CBC-HMAC-SHA256');
+  LN_aes_192_cbc_hmac_sha256 = AnsiString('aes-192-cbc-hmac-sha256');
+  NID_aes_192_cbc_hmac_sha256 = 949;
+
+  SN_aes_256_cbc_hmac_sha256 = AnsiString('AES-256-CBC-HMAC-SHA256');
+  LN_aes_256_cbc_hmac_sha256 = AnsiString('aes-256-cbc-hmac-sha256');
+  NID_aes_256_cbc_hmac_sha256 = 950;
+
+  SN_chacha20_poly1305 = AnsiString('ChaCha20-Poly1305');
+  LN_chacha20_poly1305 = AnsiString('chacha20-poly1305');
+  NID_chacha20_poly1305 = 1018;
+
+  SN_chacha20 = AnsiString('ChaCha20');
+  LN_chacha20 = AnsiString('chacha20');
+  NID_chacha20 = 1019;
+
+  SN_dhpublicnumber = AnsiString('dhpublicnumber');
+  LN_dhpublicnumber = AnsiString('X9.42 DH');
+  NID_dhpublicnumber = 920;
+
+  SN_brainpoolP160r1 = AnsiString('brainpoolP160r1');
+  NID_brainpoolP160r1 = 921;
+
+  SN_brainpoolP160t1 = AnsiString('brainpoolP160t1');
+  NID_brainpoolP160t1 = 922;
+
+  SN_brainpoolP192r1 = AnsiString('brainpoolP192r1');
+  NID_brainpoolP192r1 = 923;
+
+  SN_brainpoolP192t1 = AnsiString('brainpoolP192t1');
+  NID_brainpoolP192t1 = 924;
+
+  SN_brainpoolP224r1 = AnsiString('brainpoolP224r1');
+  NID_brainpoolP224r1 = 925;
+
+  SN_brainpoolP224t1 = AnsiString('brainpoolP224t1');
+  NID_brainpoolP224t1 = 926;
+
+  SN_brainpoolP256r1 = AnsiString('brainpoolP256r1');
+  NID_brainpoolP256r1 = 927;
+
+  SN_brainpoolP256t1 = AnsiString('brainpoolP256t1');
+  NID_brainpoolP256t1 = 928;
+
+  SN_brainpoolP320r1 = AnsiString('brainpoolP320r1');
+  NID_brainpoolP320r1 = 929;
+
+  SN_brainpoolP320t1 = AnsiString('brainpoolP320t1');
+  NID_brainpoolP320t1 = 930;
+
+  SN_brainpoolP384r1 = AnsiString('brainpoolP384r1');
+  NID_brainpoolP384r1 = 931;
+
+  SN_brainpoolP384t1 = AnsiString('brainpoolP384t1');
+  NID_brainpoolP384t1 = 932;
+
+  SN_brainpoolP512r1 = AnsiString('brainpoolP512r1');
+  NID_brainpoolP512r1 = 933;
+
+  SN_brainpoolP512t1 = AnsiString('brainpoolP512t1');
+  NID_brainpoolP512t1 = 934;
+
+  SN_dhSinglePass_stdDH_sha1kdf_scheme = AnsiString('dhSinglePass-stdDH-sha1kdf-scheme');
+  NID_dhSinglePass_stdDH_sha1kdf_scheme = 936;
+
+  SN_dhSinglePass_stdDH_sha224kdf_scheme = AnsiString('dhSinglePass-stdDH-sha224kdf-scheme');
+  NID_dhSinglePass_stdDH_sha224kdf_scheme = 937;
+
+  SN_dhSinglePass_stdDH_sha256kdf_scheme = AnsiString('dhSinglePass-stdDH-sha256kdf-scheme');
+  NID_dhSinglePass_stdDH_sha256kdf_scheme = 938;
+
+  SN_dhSinglePass_stdDH_sha384kdf_scheme = AnsiString('dhSinglePass-stdDH-sha384kdf-scheme');
+  NID_dhSinglePass_stdDH_sha384kdf_scheme = 939;
+
+  SN_dhSinglePass_stdDH_sha512kdf_scheme = AnsiString('dhSinglePass-stdDH-sha512kdf-scheme');
+  NID_dhSinglePass_stdDH_sha512kdf_scheme = 940;
+
+  SN_dhSinglePass_cofactorDH_sha1kdf_scheme = AnsiString('dhSinglePass-cofactorDH-sha1kdf-scheme');
+  NID_dhSinglePass_cofactorDH_sha1kdf_scheme = 941;
+
+  SN_dhSinglePass_cofactorDH_sha224kdf_scheme = AnsiString('dhSinglePass-cofactorDH-sha224kdf-scheme');
+  NID_dhSinglePass_cofactorDH_sha224kdf_scheme = 942;
+
+  SN_dhSinglePass_cofactorDH_sha256kdf_scheme = AnsiString('dhSinglePass-cofactorDH-sha256kdf-scheme');
+  NID_dhSinglePass_cofactorDH_sha256kdf_scheme = 943;
+
+  SN_dhSinglePass_cofactorDH_sha384kdf_scheme = AnsiString('dhSinglePass-cofactorDH-sha384kdf-scheme');
+  NID_dhSinglePass_cofactorDH_sha384kdf_scheme = 944;
+
+  SN_dhSinglePass_cofactorDH_sha512kdf_scheme = AnsiString('dhSinglePass-cofactorDH-sha512kdf-scheme');
+  NID_dhSinglePass_cofactorDH_sha512kdf_scheme = 945;
+
+  SN_dh_std_kdf = AnsiString('dh-std-kdf');
+  NID_dh_std_kdf = 946;
+
+  SN_dh_cofactor_kdf = AnsiString('dh-cofactor-kdf');
+  NID_dh_cofactor_kdf = 947;
+
+  SN_ct_precert_scts = AnsiString('ct_precert_scts');
+  LN_ct_precert_scts = AnsiString('CT Precertificate SCTs');
+  NID_ct_precert_scts = 951;
+
+  SN_ct_precert_poison = AnsiString('ct_precert_poison');
+  LN_ct_precert_poison = AnsiString('CT Precertificate Poison');
+  NID_ct_precert_poison = 952;
+
+  SN_ct_precert_signer = AnsiString('ct_precert_signer');
+  LN_ct_precert_signer = AnsiString('CT Precertificate Signer');
+  NID_ct_precert_signer = 953;
+
+  SN_ct_cert_scts = AnsiString('ct_cert_scts');
+  LN_ct_cert_scts = AnsiString('CT Certificate SCTs');
+  NID_ct_cert_scts = 954;
+
+  SN_jurisdictionLocalityName = AnsiString('jurisdictionL');
+  LN_jurisdictionLocalityName = AnsiString('jurisdictionLocalityName');
+  NID_jurisdictionLocalityName = 955;
+
+  SN_jurisdictionStateOrProvinceName = AnsiString('jurisdictionST');
+  LN_jurisdictionStateOrProvinceName = AnsiString('jurisdictionStateOrProvinceName');
+  NID_jurisdictionStateOrProvinceName = 956;
+
+  SN_jurisdictionCountryName = AnsiString('jurisdictionC');
+  LN_jurisdictionCountryName = AnsiString('jurisdictionCountryName');
+  NID_jurisdictionCountryName = 957;
+
+  SN_id_scrypt = AnsiString('id-scrypt');
+  LN_id_scrypt = AnsiString('scrypt');
+  NID_id_scrypt = 973;
+
+  SN_tls1_prf = AnsiString('TLS1-PRF');
+  LN_tls1_prf = AnsiString('tls1-prf');
+  NID_tls1_prf = 1021;
+
+  SN_hkdf = AnsiString('HKDF');
+  LN_hkdf = AnsiString('hkdf');
+  NID_hkdf = 1036;
+
+  SN_id_pkinit = AnsiString('id-pkinit');
+  NID_id_pkinit = 1031;
+
+  SN_pkInitClientAuth = AnsiString('pkInitClientAuth');
+  LN_pkInitClientAuth = AnsiString('PKINIT Client Auth');
+  NID_pkInitClientAuth = 1032;
+
+  SN_pkInitKDC = AnsiString('pkInitKDC');
+  LN_pkInitKDC = AnsiString('Signing KDC Response');
+  NID_pkInitKDC = 1033;
+
+  SN_X25519 = AnsiString('X25519');
+  NID_X25519 = 1034;
+
+  SN_X448 = AnsiString('X448');
+  NID_X448 = 1035;
+
+  SN_ED25519 = AnsiString('ED25519');
+  NID_ED25519 = 1087;
+
+  SN_ED448 = AnsiString('ED448');
+  NID_ED448 = 1088;
+
+  SN_kx_rsa = AnsiString('KxRSA');
+  LN_kx_rsa = AnsiString('kx-rsa');
+  NID_kx_rsa = 1037;
+
+  SN_kx_ecdhe = AnsiString('KxECDHE');
+  LN_kx_ecdhe = AnsiString('kx-ecdhe');
+  NID_kx_ecdhe = 1038;
+
+  SN_kx_dhe = AnsiString('KxDHE');
+  LN_kx_dhe = AnsiString('kx-dhe');
+  NID_kx_dhe = 1039;
+
+  SN_kx_ecdhe_psk = AnsiString('KxECDHE-PSK');
+  LN_kx_ecdhe_psk = AnsiString('kx-ecdhe-psk');
+  NID_kx_ecdhe_psk = 1040;
+
+  SN_kx_dhe_psk = AnsiString('KxDHE-PSK');
+  LN_kx_dhe_psk = AnsiString('kx-dhe-psk');
+  NID_kx_dhe_psk = 1041;
+
+  SN_kx_rsa_psk = AnsiString('KxRSA_PSK');
+  LN_kx_rsa_psk = AnsiString('kx-rsa-psk');
+  NID_kx_rsa_psk = 1042;
+
+  SN_kx_psk = AnsiString('KxPSK');
+  LN_kx_psk = AnsiString('kx-psk');
+  NID_kx_psk = 1043;
+
+  SN_kx_srp = AnsiString('KxSRP');
+  LN_kx_srp = AnsiString('kx-srp');
+  NID_kx_srp = 1044;
+
+  SN_kx_gost = AnsiString('KxGOST');
+  LN_kx_gost = AnsiString('kx-gost');
+  NID_kx_gost = 1045;
+
+  SN_kx_any = AnsiString('KxANY');
+  LN_kx_any = AnsiString('kx-any');
+  NID_kx_any = 1063;
+
+  SN_auth_rsa = AnsiString('AuthRSA');
+  LN_auth_rsa = AnsiString('auth-rsa');
+  NID_auth_rsa = 1046;
+
+  SN_auth_ecdsa = AnsiString('AuthECDSA');
+  LN_auth_ecdsa = AnsiString('auth-ecdsa');
+  NID_auth_ecdsa = 1047;
+
+  SN_auth_psk = AnsiString('AuthPSK');
+  LN_auth_psk = AnsiString('auth-psk');
+  NID_auth_psk = 1048;
+
+  SN_auth_dss = AnsiString('AuthDSS');
+  LN_auth_dss = AnsiString('auth-dss');
+  NID_auth_dss = 1049;
+
+  SN_auth_gost01 = AnsiString('AuthGOST01');
+  LN_auth_gost01 = AnsiString('auth-gost01');
+  NID_auth_gost01 = 1050;
+
+  SN_auth_gost12 = AnsiString('AuthGOST12');
+  LN_auth_gost12 = AnsiString('auth-gost12');
+  NID_auth_gost12 = 1051;
+
+  SN_auth_srp = AnsiString('AuthSRP');
+  LN_auth_srp = AnsiString('auth-srp');
+  NID_auth_srp = 1052;
+
+  SN_auth_null = AnsiString('AuthNULL');
+  LN_auth_null = AnsiString('auth-null');
+  NID_auth_null = 1053;
+
+  SN_auth_any = AnsiString('AuthANY');
+  LN_auth_any = AnsiString('auth-any');
+  NID_auth_any = 1064;
+
+  SN_poly1305 = AnsiString('Poly1305');
+  LN_poly1305 = AnsiString('poly1305');
+  NID_poly1305 = 1061;
+
+  SN_siphash = AnsiString('SipHash');
+  LN_siphash = AnsiString('siphash');
+  NID_siphash = 1062;
+
+  SN_ffdhe2048 = AnsiString('ffdhe2048');
+  NID_ffdhe2048 = 1126;
+
+  SN_ffdhe3072 = AnsiString('ffdhe3072');
+  NID_ffdhe3072 = 1127;
+
+  SN_ffdhe4096 = AnsiString('ffdhe4096');
+  NID_ffdhe4096 = 1128;
+
+  SN_ffdhe6144 = AnsiString('ffdhe6144');
+  NID_ffdhe6144 = 1129;
+
+  SN_ffdhe8192 = AnsiString('ffdhe8192');
+  NID_ffdhe8192 = 1130;
+
+  SN_ISO_UA = AnsiString('ISO-UA');
+  NID_ISO_UA = 1150;
+
+  SN_ua_pki = AnsiString('ua-pki');
+  NID_ua_pki = 1151;
+
+  SN_dstu28147 = AnsiString('dstu28147');
+  LN_dstu28147 = AnsiString('DSTU Gost 28147-2009');
+  NID_dstu28147 = 1152;
+
+  SN_dstu28147_ofb = AnsiString('dstu28147-ofb');
+  LN_dstu28147_ofb = AnsiString('DSTU Gost 28147-2009 OFB mode');
+  NID_dstu28147_ofb = 1153;
+
+  SN_dstu28147_cfb = AnsiString('dstu28147-cfb');
+  LN_dstu28147_cfb = AnsiString('DSTU Gost 28147-2009 CFB mode');
+  NID_dstu28147_cfb = 1154;
+
+  SN_dstu28147_wrap = AnsiString('dstu28147-wrap');
+  LN_dstu28147_wrap = AnsiString('DSTU Gost 28147-2009 key wrap');
+  NID_dstu28147_wrap = 1155;
+
+  SN_hmacWithDstu34311 = AnsiString('hmacWithDstu34311');
+  LN_hmacWithDstu34311 = AnsiString('HMAC DSTU Gost 34311-95');
+  NID_hmacWithDstu34311 = 1156;
+
+  SN_dstu34311 = AnsiString('dstu34311');
+  LN_dstu34311 = AnsiString('DSTU Gost 34311-95');
+  NID_dstu34311 = 1157;
+
+  SN_dstu4145le = AnsiString('dstu4145le');
+  LN_dstu4145le = AnsiString('DSTU 4145-2002 little endian');
+  NID_dstu4145le = 1158;
+
+  SN_dstu4145be = AnsiString('dstu4145be');
+  LN_dstu4145be = AnsiString('DSTU 4145-2002 big endian');
+  NID_dstu4145be = 1159;
+
+  SN_uacurve0 = AnsiString('uacurve0');
+  LN_uacurve0 = AnsiString('DSTU curve 0');
+  NID_uacurve0 = 1160;
+
+  SN_uacurve1 = AnsiString('uacurve1');
+  LN_uacurve1 = AnsiString('DSTU curve 1');
+  NID_uacurve1 = 1161;
+
+  SN_uacurve2 = AnsiString('uacurve2');
+  LN_uacurve2 = AnsiString('DSTU curve 2');
+  NID_uacurve2 = 1162;
+
+  SN_uacurve3 = AnsiString('uacurve3');
+  LN_uacurve3 = AnsiString('DSTU curve 3');
+  NID_uacurve3 = 1163;
+
+  SN_uacurve4 = AnsiString('uacurve4');
+  LN_uacurve4 = AnsiString('DSTU curve 4');
+  NID_uacurve4 = 1164;
+
+  SN_uacurve5 = AnsiString('uacurve5');
+  LN_uacurve5 = AnsiString('DSTU curve 5');
+  NID_uacurve5 = 1165;
+
+  SN_uacurve6 = AnsiString('uacurve6');
+  LN_uacurve6 = AnsiString('DSTU curve 6');
+  NID_uacurve6 = 1166;
+
+  SN_uacurve7 = AnsiString('uacurve7');
+  LN_uacurve7 = AnsiString('DSTU curve 7');
+  NID_uacurve7 = 1167;
+
+  SN_uacurve8 = AnsiString('uacurve8');
+  LN_uacurve8 = AnsiString('DSTU curve 8');
+  NID_uacurve8 = 1168;
+
+  SN_uacurve9 = AnsiString('uacurve9');
+  LN_uacurve9 = AnsiString('DSTU curve 9');
+  NID_uacurve9 = 1169;
 
 implementation
 
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_objects.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_objects.pas
index f61e47f07..805b005c4 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_objects.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_objects.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 11.05.2020 08:36:43
+// Generation date: 28.10.2020 15:24:33
 
 unit IdOpenSSLHeaders_objects;
 
@@ -47,7 +47,7 @@ interface
 
 type
   obj_name_st = record
-    &type: TIdC_INT;
+    type_: TIdC_INT;
     alias: TIdC_INT;
     name: PIdAnsiChar;
     data: PIdAnsiChar;
@@ -61,13 +61,13 @@   obj_name_st = record
   //TIdC_INT OBJ_NAME_new_index(TIdC_ULONG (*hash_func) (const PIdAnsiChar *);
   //                       TIdC_INT (*cmp_func) (const PIdAnsiChar *; const PIdAnsiChar *);
   //                       void (*free_func) (const PIdAnsiChar *; TIdC_INT; const PIdAnsiChar *));
-  function OBJ_NAME_get(const name: PIdAnsiChar; &type: TIdC_INT): PIdAnsiChar cdecl; external CLibCrypto;
-  function OBJ_NAME_add(const name: PIdAnsiChar; &type: TIdC_INT; const data: PIdAnsiChar): TIdC_INT cdecl; external CLibCrypto;
-  function OBJ_NAME_remove(const name: PIdAnsiChar; &type: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function OBJ_NAME_get(const name: PIdAnsiChar; type_: TIdC_INT): PIdAnsiChar cdecl; external CLibCrypto;
+  function OBJ_NAME_add(const name: PIdAnsiChar; type_: TIdC_INT; const data: PIdAnsiChar): TIdC_INT cdecl; external CLibCrypto;
+  function OBJ_NAME_remove(const name: PIdAnsiChar; type_: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
   procedure OBJ_NAME_cleanup(&type: TIdC_INT) cdecl; external CLibCrypto;
-//  void OBJ_NAME_do_all(TIdC_INT &type; void (*fn) (const OBJ_NAME *; void *arg);
+//  void OBJ_NAME_do_all(TIdC_INT type_; void (*fn) (const OBJ_NAME *; void *arg);
 //                       void *arg);
-//  void OBJ_NAME_do_all_sorted(TIdC_INT &type;
+//  void OBJ_NAME_do_all_sorted(TIdC_INT type_;
 //                              void (*fn) (const OBJ_NAME *; void *arg);
 //                              void *arg);
 
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_objectserr.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_objectserr.pas
index 99a6934b1..e85c2078d 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_objectserr.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_objectserr.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 14:51:27
+// Generation date: 28.10.2020 15:24:33
 
 unit IdOpenSSLHeaders_objectserr;
 
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ocsperr.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ocsperr.pas
index 3b7fc32c9..29270b334 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ocsperr.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ocsperr.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 14:51:27
+// Generation date: 28.10.2020 15:24:33
 
 unit IdOpenSSLHeaders_ocsperr;
 
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ossl_typ.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ossl_typ.pas
index a813e76c1..27cc39f7e 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ossl_typ.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ossl_typ.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 14:51:27
+// Generation date: 28.10.2020 15:24:33
 
 unit IdOpenSSLHeaders_ossl_typ;
 
@@ -45,10 +45,10 @@ interface
   IdOpenSSLConsts;
 
 type
-{$REGION 'moved from unit "asn1" to prevent circular references'}
+// moved from unit "asn1" to prevent circular references
   asn1_string_st = record
     length: TIdC_INT;
-    &type: TIdC_INT;
+    type_: TIdC_INT;
     data: PByte;
     (*
      * The value of the following field depends on the type being held.  It
@@ -57,7 +57,6 @@   asn1_string_st = record
      *)
     flags: TIdC_LONG;
   end;
-{$ENDREGION}
 
   // moved from asn1  
   ASN1_VALUE_st = type Pointer;
@@ -424,7 +423,7 @@   v3_ext_ctx = record
   OSSL_STORE_SEARCH = ossl_store_search_st;
   POSSL_STORE_SEARCH = ^OSSL_STORE_SEARCH;
 
-{$REGION 'moved from unit "asn1" to prevent circular references'}
+// moved from unit "asn1" to prevent circular references'
 const
   V_ASN1_UNIVERSAL = $00;
   V_ASN1_APPLICATION = $40;
@@ -471,7 +470,7 @@   v3_ext_ctx = record
 
 type
   asn1_type_st = record
-    case &type: TIdC_INT of
+    case type_: TIdC_INT of
 //      (ptr: PIdAnsichar);
       V_ASN1_BOOLEAN: (boolean: ASN1_BOOLEAN);
 //      (asn1_string: PASN1_STRING);
@@ -513,14 +512,13 @@   asn1_type_st = record
   ASN1_TYPE = asn1_type_st;
   PASN1_TYPE = ^ASN1_TYPE;
   PPASN1_TYPE = ^PASN1_TYPE;
-{$ENDREGION}
 
-{$REGION 'moved from unit "x509" to prevent circular references'}
+// moved from unit "x509" to prevent circular references
   X509_algor_st = record
     algorithm: PASN1_OBJECT;
     parameter: PASN1_TYPE;
   end; (* X509_ALGOR *)
-{$ENDREGION}
+
   X509_ALGOR = X509_algor_st;
   PX509_ALGOR = ^X509_ALGOR;
   PPX509_ALGOR = ^PX509_ALGOR;
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_pem.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_pem.pas
index f8e9a6d7d..57df45c2c 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_pem.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_pem.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 11.05.2020 08:36:43
+// Generation date: 28.10.2020 15:24:33
 
 unit IdOpenSSLHeaders_pem;
 
@@ -107,14 +107,14 @@ interface
   //function PEM_X509_INFO_read_bio(bp: PBIO; sk: PSTACK_OF_X509_INFO; cb: pem_password_cb; u: Pointer): PSTACK_OF_X509_INFO;
   function PEM_X509_INFO_write_bio(bp: PBIO; xi: PX509_INFO; enc: PEVP_CIPHER; kstr: PByte; klen: TIdC_INT; cd: pem_password_cb; u: Pointer): TIdC_INT cdecl; external CLibCrypto;
 
-  function PEM_SignInit(ctx: PEVP_MD_CTX; &type: PEVP_MD): TIdC_INT cdecl; external CLibCrypto;
+  function PEM_SignInit(ctx: PEVP_MD_CTX; type_: PEVP_MD): TIdC_INT cdecl; external CLibCrypto;
   function PEM_SignUpdate(ctx: PEVP_MD_CTX; d: PByte; cnt: Byte): TIdC_INT cdecl; external CLibCrypto;
   function PEM_SignFinal(ctx: PEVP_MD_CTX; sigret: PByte; siglen: PIdC_UINT; pkey: PEVP_PKEY): TIdC_INT cdecl; external CLibCrypto;
 
   (* The default pem_password_cb that's used internally *)
   function PEM_def_callback(buf: PIdAnsiChar; num: TIdC_INT; rwflag: TIdC_INT; userdata: Pointer): TIdC_INT cdecl; external CLibCrypto;
-  procedure PEM_proc_type(buf: PIdAnsiChar; &type: TIdC_INT) cdecl; external CLibCrypto;
-  procedure PEM_dek_info(buf: PIdAnsiChar; const &type: PIdAnsiChar; len: TIdC_INT; str: PIdAnsiChar) cdecl; external CLibCrypto;
+  procedure PEM_proc_type(buf: PIdAnsiChar; type_: TIdC_INT) cdecl; external CLibCrypto;
+  procedure PEM_dek_info(buf: PIdAnsiChar; const type_: PIdAnsiChar; len: TIdC_INT; str: PIdAnsiChar) cdecl; external CLibCrypto;
 
   function PEM_read_bio_X509(bp: PBIO; x: PPX509; cb: pem_password_cb; u: Pointer): PX509 cdecl; external CLibCrypto;
   function PEM_write_bio_X509(bp: PBIO; x: PX509): TIdC_INT cdecl; external CLibCrypto;
@@ -198,8 +198,8 @@ interface
   function PEM_read_bio_Parameters(bp: PBIO; x: PPEVP_PKEY): PEVP_PKEY cdecl; external CLibCrypto;
   function PEM_write_bio_Parameters(bp: PBIO; x: PEVP_PKEY): TIdC_INT cdecl; external CLibCrypto;
 
-  function b2i_PrivateKey(const &in: PPByte; length: TIdC_LONG): PEVP_PKEY cdecl; external CLibCrypto;
-  function b2i_PublicKey(const &in: PPByte; length: TIdC_LONG): PEVP_PKEY cdecl; external CLibCrypto;
+  function b2i_PrivateKey(const in_: PPByte; length: TIdC_LONG): PEVP_PKEY cdecl; external CLibCrypto;
+  function b2i_PublicKey(const in_: PPByte; length: TIdC_LONG): PEVP_PKEY cdecl; external CLibCrypto;
   function b2i_PrivateKey_bio(&in: PBIO): PEVP_PKEY cdecl; external CLibCrypto;
   function b2i_PublicKey_bio(&in: PBIO): PEVP_PKEY cdecl; external CLibCrypto;
   function i2b_PrivateKey_bio(&out: PBIO; pk: PEVP_PKEY): TIdC_INT cdecl; external CLibCrypto;
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_pemerr.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_pemerr.pas
index dd0ca8fcd..2630cb796 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_pemerr.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_pemerr.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 14:51:27
+// Generation date: 28.10.2020 15:24:33
 
 unit IdOpenSSLHeaders_pemerr;
 
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_pkcs7.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_pkcs7.pas
index 9b39010fc..f187faa46 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_pkcs7.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_pkcs7.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 14:51:27
+// Generation date: 28.10.2020 15:24:33
 
 unit IdOpenSSLHeaders_pkcs7;
 
@@ -196,7 +196,7 @@   pkcs7_st = record
     length: TIdC_LONG;
     state: TIdC_INT;
     detached: TIdC_INT;
-    &type: PASN1_OBJECT;
+    type_: PASN1_OBJECT;
     d: pkcs7_st_d;
   end;
   PKCS7 = pkcs7_st;
@@ -211,83 +211,83 @@   pkcs7_digest_st = record
 
   //function PKCS7_ISSUER_AND_SERIAL_new: PPKCS7_ISSUER_AND_SERIAL;
   //procedure PKCS7_ISSUER_AND_SERIAL_free(a: PPKCS7_ISSUER_AND_SERIAL);
-  //function d2i_PKCS7_ISSUER_AND_SERIAL(a: PPPKCS7_ISSUER_AND_SERIAL; const &in: PByte; len: TIdC_LONG): PPKCS7_ISSUER_AND_SERIAL;
-  //function i2d_PKCS7_ISSUER_AND_SERIAL(const a: PPKCS7_ISSUER_AND_SERIAL; &out: PByte): TIdC_INT;
+  //function d2i_PKCS7_ISSUER_AND_SERIAL(a: PPPKCS7_ISSUER_AND_SERIAL; const in_: PByte; len: TIdC_LONG): PPKCS7_ISSUER_AND_SERIAL;
+  //function i2d_PKCS7_ISSUER_AND_SERIAL(const a: PPKCS7_ISSUER_AND_SERIAL; out_: PByte): TIdC_INT;
   //function PKCS7_ISSUER_AND_SERIAL_it: PASN1_ITEM;
 
-  function PKCS7_ISSUER_AND_SERIAL_digest(data: PPKCS7_ISSUER_AND_SERIAL; const &type: PEVP_MD; md: PByte; len: PIdC_UINT): TIdC_INT cdecl; external CLibCrypto;
+  function PKCS7_ISSUER_AND_SERIAL_digest(data: PPKCS7_ISSUER_AND_SERIAL; const type_: PEVP_MD; md: PByte; len: PIdC_UINT): TIdC_INT cdecl; external CLibCrypto;
 
   function PKCS7_dup(p7: PPKCS7): PPKCS7 cdecl; external CLibCrypto;
   function d2i_PKCS7_bio(bp: PBIO; p7: PPPKCS7): PPKCS7 cdecl; external CLibCrypto;
   function i2d_PKCS7_bio(bp: PBIO; p7: PPKCS7): TIdC_INT cdecl; external CLibCrypto;
-  function i2d_PKCS7_bio_stream(&out: PBIO; p7: PPKCS7; &in: PBIO; flags: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
-  function PEM_write_bio_PKCS7_stream(&out: PBIO; p7: PPKCS7; &in: PBIO; flags: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function i2d_PKCS7_bio_stream(&out: PBIO; p7: PPKCS7; in_: PBIO; flags: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function PEM_write_bio_PKCS7_stream(&out: PBIO; p7: PPKCS7; in_: PBIO; flags: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
 
 //  function PKCS7_SIGNER_INFO_new: PPKCS7_SIGNER_INFO;
 //  procedure PKCS7_SIGNER_INFO_free(a: PPKCS7_SIGNER_INFO);
-//  function d2i_PKCS7_SIGNER_INFO(a: PPPKCS7_SIGNER_INFO; const &in: PByte; len: TIdC_LONG): PPKCS7_SIGNER_INFO;
-//  function i2d_PKCS7_SIGNER_INFO(const a: PPKCS7_SIGNER_INFO; &out: PByte): TIdC_INT;
+//  function d2i_PKCS7_SIGNER_INFO(a: PPPKCS7_SIGNER_INFO; const in_: PByte; len: TIdC_LONG): PPKCS7_SIGNER_INFO;
+//  function i2d_PKCS7_SIGNER_INFO(const a: PPKCS7_SIGNER_INFO; out_: PByte): TIdC_INT;
 //  function PKCS7_SIGNER_INFO_it: PASN1_ITEM;
 //
 //  function PKCS7_RECIP_INFO_new: PPKCS7_RECIP_INFO;
 //  procedure PKCS7_RECIP_INFO_free(a: PPKCS7_RECIP_INFO);
-//  function d2i_PKCS7_RECIP_INFO(a: PPPKCS7_RECIP_INFO; const &in: PByte; len: TIdC_LONG): PPKCS7_RECIP_INFO;
-//  function i2d_PKCS7_RECIP_INFO(const a: PPKCS7_RECIP_INFO; &out: PByte): TIdC_INT;
+//  function d2i_PKCS7_RECIP_INFO(a: PPPKCS7_RECIP_INFO; const in_: PByte; len: TIdC_LONG): PPKCS7_RECIP_INFO;
+//  function i2d_PKCS7_RECIP_INFO(const a: PPKCS7_RECIP_INFO; out_: PByte): TIdC_INT;
 //  function PKCS7_RECIP_INFO_it: PASN1_ITEM;
 //
 //  function PKCS7_SIGNED_new: PPKCS7_SIGNED;
 //  procedure PKCS7_SIGNED_free(a: PPKCS7_SIGNED);
-//  function d2i_PKCS7_SIGNED(a: PPPKCS7_SIGNED; const &in: PByte; len: TIdC_LONG): PPKCS7_SIGNED;
-//  function i2d_PKCS7_SIGNED(const a: PPKCS7_SIGNED; &out: PByte): TIdC_INT;
+//  function d2i_PKCS7_SIGNED(a: PPPKCS7_SIGNED; const in_: PByte; len: TIdC_LONG): PPKCS7_SIGNED;
+//  function i2d_PKCS7_SIGNED(const a: PPKCS7_SIGNED; out_: PByte): TIdC_INT;
 //  function PKCS7_SIGNED_it: PASN1_ITEM;
 //
 //  function PKCS7_ENC_CONTENT_new: PPKCS7_ENC_CONTENT;
 //  procedure PKCS7_ENC_CONTENT_free(a: PPKCS7_ENC_CONTENT);
-//  function d2i_PKCS7_ENC_CONTENT(a: PPPKCS7_ENC_CONTENT; const &in: PByte; len: TIdC_LONG): PPKCS7_ENC_CONTENT;
-//  function i2d_PKCS7_ENC_CONTENT(const a: PPKCS7_ENC_CONTENT; &out: PByte): TIdC_INT;
+//  function d2i_PKCS7_ENC_CONTENT(a: PPPKCS7_ENC_CONTENT; const in_: PByte; len: TIdC_LONG): PPKCS7_ENC_CONTENT;
+//  function i2d_PKCS7_ENC_CONTENT(const a: PPKCS7_ENC_CONTENT; out_: PByte): TIdC_INT;
 //  function PKCS7_ENC_CONTENT_it: PASN1_ITEM;
 //
 //  function PKCS7_ENVELOPE_new: PPKCS7_ENVELOPE;
 //  procedure PKCS7_ENVELOPE_free(a: PPKCS7_ENVELOPE);
-//  function d2i_PKCS7_ENVELOPE(a: PPPKCS7_ENVELOPE; const &in: PByte; len: TIdC_LONG): PPKCS7_ENVELOPE;
-//  function i2d_PKCS7_ENVELOPE(const a: PPKCS7_ENVELOPE; &out: PByte): TIdC_INT;
+//  function d2i_PKCS7_ENVELOPE(a: PPPKCS7_ENVELOPE; const in_: PByte; len: TIdC_LONG): PPKCS7_ENVELOPE;
+//  function i2d_PKCS7_ENVELOPE(const a: PPKCS7_ENVELOPE; out_: PByte): TIdC_INT;
 //  function PKCS7_ENVELOPE_it: PASN1_ITEM;
 //
 //  function PKCS7_SIGN_ENVELOPE_new: PPKCS7_SIGN_ENVELOPE;
 //  procedure PKCS7_SIGN_ENVELOPE_free(a: PPKCS7_SIGN_ENVELOPE);
-//  function d2i_PKCS7_SIGN_ENVELOPE(a: PPPKCS7_SIGN_ENVELOPE; const &in: PByte; len: TIdC_LONG): PPKCS7_SIGN_ENVELOPE;
-//  function i2d_PKCS7_SIGN_ENVELOPE(const a: PPKCS7_SIGN_ENVELOPE; &out: PByte): TIdC_INT;
+//  function d2i_PKCS7_SIGN_ENVELOPE(a: PPPKCS7_SIGN_ENVELOPE; const in_: PByte; len: TIdC_LONG): PPKCS7_SIGN_ENVELOPE;
+//  function i2d_PKCS7_SIGN_ENVELOPE(const a: PPKCS7_SIGN_ENVELOPE; out_: PByte): TIdC_INT;
 //  function PKCS7_SIGN_ENVELOPE_it: PASN1_ITEM;
 //
 //  function PKCS7_DIGEST_new: PPKCS7_DIGEST;
 //  procedure PKCS7_DIGEST_free(a: PPKCS7_DIGEST);
-//  function d2i_PKCS7_DIGEST(a: PPPKCS7_DIGEST; const &in: PByte; len: TIdC_LONG): PPKCS7_DIGEST;
-//  function i2d_PKCS7_DIGEST(const a: PPKCS7_DIGEST; &out: PByte): TIdC_INT;
+//  function d2i_PKCS7_DIGEST(a: PPPKCS7_DIGEST; const in_: PByte; len: TIdC_LONG): PPKCS7_DIGEST;
+//  function i2d_PKCS7_DIGEST(const a: PPKCS7_DIGEST; out_: PByte): TIdC_INT;
 //  function PKCS7_DIGEST_it: PASN1_ITEM;
 //
 //  function PKCS7_ENCRYPT_new: PPKCS7_ENCRYPT_STRUCT;
 //  procedure PKCS7_ENCRYPT_free(a: PPKCS7_ENCRYPT_STRUCT);
-//  function d2i_PKCS7_ENCRYPT(a: PPPKCS7_ENCRYPT_STRUCT; const &in: PByte; len: TIdC_LONG): PPKCS7_ENCRYPT_STRUCT;
-//  function i2d_PKCS7_ENCRYPT(const a: PPKCS7_ENCRYPT_STRUCT; &out: PByte): TIdC_INT;
+//  function d2i_PKCS7_ENCRYPT(a: PPPKCS7_ENCRYPT_STRUCT; const in_: PByte; len: TIdC_LONG): PPKCS7_ENCRYPT_STRUCT;
+//  function i2d_PKCS7_ENCRYPT(const a: PPKCS7_ENCRYPT_STRUCT; out_: PByte): TIdC_INT;
 //  function PKCS7_ENCRYPT_it: PASN1_ITEM;
 //
 //  function PKCS7_new: PPKCS7;
 //  procedure PKCS7_free(a: PPKCS7);
-//  function d2i_PKCS7(a: PPPKCS7; const &in: PByte; len: TIdC_LONG): PPKCS7;
-//  function i2d_PKCS7(const a: PPKCS7; &out: PByte): TIdC_INT;
+//  function d2i_PKCS7(a: PPPKCS7; const in_: PByte; len: TIdC_LONG): PPKCS7;
+//  function i2d_PKCS7(const a: PPKCS7; out_: PByte): TIdC_INT;
 //  function PKCS7_it: PASN1_ITEM;
 //
 //  function PKCS7_ATTR_SIGN_it: PASN1_ITEM;
 //
 //  function PKCS7_ATTR_VERIFY_it: PASN1_ITEM;
 //
-//  function i2d_PKCS7_NDEF(const a: PPKCS7; &out: PPByte): TIdC_INT;
+//  function i2d_PKCS7_NDEF(const a: PPKCS7; out_: PPByte): TIdC_INT;
 //  function PKCS7_print_ctx(&out: PBIO; const x: PPKCS7; indent: TIdC_INT; const pctx: PASN1_PCTX): TIdC_INT;
 
   function PKCS7_ctrl(p7: PPKCS7; cmd: TIdC_INT; larg: TIdC_LONG; parg: PIdAnsiChar): TIdC_LONG cdecl; external CLibCrypto;
 
-  function PKCS7_set_type(p7: PPKCS7; &type: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
-  function PKCS7_set0_type_other(p7: PPKCS7; &type: TIdC_INT; other: PASN1_TYPE): TIdC_INT cdecl; external CLibCrypto;
+  function PKCS7_set_type(p7: PPKCS7; type_: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function PKCS7_set0_type_other(p7: PPKCS7; type_: TIdC_INT; other: PASN1_TYPE): TIdC_INT cdecl; external CLibCrypto;
   function PKCS7_set_content(p7: PPKCS7; p7_data: PPKCS7): TIdC_INT cdecl; external CLibCrypto;
   function PKCS7_SIGNER_INFO_set(p7i: PPKCS7_SIGNER_INFO; x509: PX509; pkey: PEVP_PKEY; const dgst: PEVP_MD): TIdC_INT cdecl; external CLibCrypto;
   function PKCS7_SIGNER_INFO_sign(si: PPKCS7_SIGNER_INFO): TIdC_INT cdecl; external CLibCrypto;
@@ -317,7 +317,7 @@   pkcs7_digest_st = record
 
   function PKCS7_get_issuer_and_serial(p7: PPKCS7; idx: TIdC_INT): PPKCS7_ISSUER_AND_SERIAL cdecl; external CLibCrypto;
   //function PKCS7_digest_from_attributes(sk: Pointer{PSTACK_OF_X509_ATTRIBUTE}): PASN1_OCTET_STRING;
-  function PKCS7_add_signed_attribute(p7si: PPKCS7_SIGNER_INFO; nid: TIdC_INT; &type: TIdC_INT; data: Pointer): TIdC_INT cdecl; external CLibCrypto;
+  function PKCS7_add_signed_attribute(p7si: PPKCS7_SIGNER_INFO; nid: TIdC_INT; type_: TIdC_INT; data: Pointer): TIdC_INT cdecl; external CLibCrypto;
   function PKCS7_add_attribute(p7si: PPKCS7_SIGNER_INFO; nid: TIdC_INT; atrtype: TIdC_INT; value: Pointer): TIdC_INT cdecl; external CLibCrypto;
   function PKCS7_get_attribute(si: PPKCS7_SIGNER_INFO; nid: TIdC_INT): PASN1_TYPE cdecl; external CLibCrypto;
   function PKCS7_get_signed_attribute(si: PPKCS7_SIGNER_INFO; nid: TIdC_INT): PASN1_TYPE cdecl; external CLibCrypto;
@@ -329,9 +329,9 @@   pkcs7_digest_st = record
   function PKCS7_sign_add_signer(p7: PPKCS7; signcert: PX509; pkey: PEVP_PKEY; const md: PEVP_MD; flags: TIdC_INT): PPKCS7_SIGNER_INFO cdecl; external CLibCrypto;
 
   function PKCS7_final(p7: PPKCS7; data: PBIO; flags: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
-  //function PKCS7_verify(p7: PPKCS7; certs: PSTACK_OF_X509; store: PX509_STORE; indata: PBIO; &out: PBIO; flags: TIdC_INT): TIdC_INT;
+  //function PKCS7_verify(p7: PPKCS7; certs: PSTACK_OF_X509; store: PX509_STORE; indata: PBIO; out_: PBIO; flags: TIdC_INT): TIdC_INT;
   //function PKCS7_get0_signers(p7: PPKCS7; certs: PSTACK_OF_X509; flags: TIdC_INT): PSTACK_OF_X509;
-  //function PKCS7_encrypt(certs: PSTACK_OF_X509; &in: PBIO; const cipher: PEVP_CIPHER; flags: TIdC_INT): PPKCS7;
+  //function PKCS7_encrypt(certs: PSTACK_OF_X509; in_: PBIO; const cipher: PEVP_CIPHER; flags: TIdC_INT): PPKCS7;
   function PKCS7_decrypt(p7: PPKCS7; pkey: PEVP_PKEY; cert: PX509; data: PBIO; flags: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
 
   //function PKCS7_add_attrib_smimecap(si: PPKCS7_SIGNER_INFO; cap: PSTACK_OF_X509_ALGOR): TIdC_INT;
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_pkcs7err.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_pkcs7err.pas
index 080f4ee1c..815980a6d 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_pkcs7err.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_pkcs7err.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 14:51:27
+// Generation date: 28.10.2020 15:24:33
 
 unit IdOpenSSLHeaders_pkcs7err;
 
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_rand.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_rand.pas
index 812ff0e90..7a9b4a3be 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_rand.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_rand.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 11.05.2020 08:36:43
+// Generation date: 28.10.2020 15:24:33
 
 unit IdOpenSSLHeaders_rand;
 
@@ -75,8 +75,8 @@   rand_meth_st = record
   procedure RAND_keep_random_devices_open(keep: TIdC_INT) cdecl; external CLibCrypto;
 
   procedure RAND_add(const buf: Pointer; num: TIdC_INT; randomness: TIdC_DOUBLE) cdecl; external CLibCrypto;
-  function RAND_load_file(const &file: PIdAnsiChar; max_bytes: TIdC_LONG): TIdC_INT cdecl; external CLibCrypto;
-  function RAND_write_file(const &file: PIdAnsiChar): TIdC_INT cdecl; external CLibCrypto;
+  function RAND_load_file(const file_: PIdAnsiChar; max_bytes: TIdC_LONG): TIdC_INT cdecl; external CLibCrypto;
+  function RAND_write_file(const file_: PIdAnsiChar): TIdC_INT cdecl; external CLibCrypto;
   function RAND_status: TIdC_INT cdecl; external CLibCrypto;
 
   function RAND_query_egd_bytes(const path: PIdAnsiChar; buf: PByte; bytes: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_randerr.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_randerr.pas
index 9a17c4cc9..1607af76a 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_randerr.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_randerr.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 14:51:27
+// Generation date: 28.10.2020 15:24:33
 
 unit IdOpenSSLHeaders_randerr;
 
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_rsa.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_rsa.pas
index 2e7165662..7cd6a571c 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_rsa.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_rsa.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 14:51:27
+// Generation date: 28.10.2020 15:24:33
 
 unit IdOpenSSLHeaders_rsa;
 
@@ -168,7 +168,7 @@   rsa_oaep_params_st = record
   //DECLARE_ASN1_ENCODE_FUNCTIONS_const(RSA, RSAPrivateKey)
 
   RSA_meth_set_priv_dec_priv_dec = function(flen: TIdC_INT; const from: PByte;
-    &to: PByte; rsa: PRSA; padding: TIdC_INT): TIdC_INT; cdecl;
+    to_: PByte; rsa: PRSA; padding: TIdC_INT): TIdC_INT; cdecl;
 
   RSA_meth_set_mod_exp_mod_exp = function(r0: PBIGNUM; const i: PBIGNUM;
     rsa: PRSA; ctx: PBN_CTX): TIdC_INT; cdecl;
@@ -301,10 +301,10 @@   rsa_oaep_params_st = record
   function RSA_check_key(const v1: PRSA): TIdC_INT cdecl; external CLibCrypto;
   function RSA_check_key_ex(const v1: PRSA; cb: BN_GENCB): TIdC_INT cdecl; external CLibCrypto;
   (* next 4 return -1 on error *)
-  function RSA_public_encrypt(flen: TIdC_INT; const from: PByte; &to: PByte; rsa: PRSA; padding: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
-  function RSA_private_encrypt(flen: TIdC_INT; const from: PByte; &to: PByte; rsa: PRSA; padding: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
-  function RSA_public_decrypt(flen: TIdC_INT; const from: PByte; &to: PByte; rsa: PRSA; padding: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
-  function RSA_private_decrypt(flen: TIdC_INT; const from: PByte; &to: PByte; rsa: PRSA; padding: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function RSA_public_encrypt(flen: TIdC_INT; const from: PByte; to_: PByte; rsa: PRSA; padding: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function RSA_private_encrypt(flen: TIdC_INT; const from: PByte; to_: PByte; rsa: PRSA; padding: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function RSA_public_decrypt(flen: TIdC_INT; const from: PByte; to_: PByte; rsa: PRSA; padding: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function RSA_private_decrypt(flen: TIdC_INT; const from: PByte; to_: PByte; rsa: PRSA; padding: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
 
   procedure RSA_free(r: PRSA) cdecl; external CLibCrypto;
   (* "up" the RSA object's reference count *)
@@ -420,7 +420,7 @@   rsa_oaep_params_st = record
   //int (*RSA_meth_get_finish(const RSA_METHOD *meth)) (RSA *rsa);
   function RSA_meth_set_finish(rsa: PRSA_METHOD; finish: RSA_meth_set_finish_finish): TIdC_INT cdecl; external CLibCrypto;
   //int (*RSA_meth_get_sign(const RSA_METHOD *meth))
-  //    (int &type,
+  //    (int type_,
   //     const unsigned char *m, unsigned int m_length,
   //     unsigned char *sigret, unsigned int *siglen,
   //     const RSA *rsa);
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_rsaerr.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_rsaerr.pas
index f9e251335..a36af79ba 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_rsaerr.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_rsaerr.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 14:51:27
+// Generation date: 28.10.2020 15:24:33
 
 unit IdOpenSSLHeaders_rsaerr;
 
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_sha.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_sha.pas
index 5e4f2f809..20802dc31 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_sha.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_sha.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 14:51:27
+// Generation date: 28.10.2020 15:24:33
 
 unit IdOpenSSLHeaders_sha;
 
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_srtp.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_srtp.pas
index 43ca73357..32cc503d0 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_srtp.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_srtp.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 14:51:27
+// Generation date: 28.10.2020 15:24:33
 
 unit IdOpenSSLHeaders_srtp;
 
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ssl.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ssl.pas
index 6162663a1..0531ee4f8 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ssl.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ssl.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 11.05.2020 08:36:43
+// Generation date: 28.10.2020 15:24:33
 
 unit IdOpenSSLHeaders_ssl;
 
@@ -554,9 +554,9 @@ interface
 
   (*
    * Most of the following state values are no longer used and are defined to be
-   * the closest equivalent value &in the current state machine code. Not all
+   * the closest equivalent value in_ the current state machine code. Not all
    * defines have an equivalent and are set to a dummy value (-1). SSL_ST_CONNECT
-   * and SSL_ST_ACCEPT are still &in use &in the definition of SSL_CB_ACCEPT_LOOP,
+   * and SSL_ST_ACCEPT are still in_ use in_ the definition of SSL_CB_ACCEPT_LOOP,
    * SSL_CB_ACCEPT_EXIT, SSL_CB_CONNECT_LOOP and SSL_CB_CONNECT_EXIT.
    *)
   SSL_ST_CONNECT = $1000;
@@ -811,7 +811,7 @@ interface
   //SSLv23_server_method = TLS_server_method;
   //SSLv23_client_method = TLS_client_method;
 
-  (* What the 'other' parameter contains &in security callback *)
+  (* What the 'other' parameter contains in_ security callback *)
   (* Mask for type *)
   SSL_SECOP_OTHER_TYPE = $ffff0000;
   SSL_SECOP_OTHER_NONE = 0;
@@ -939,13 +939,13 @@   srtp_protection_profile_st = record
   //DEFINE_STACK_OF(SRTP_PROTECTION_PROFILE)
 
   (* Typedefs for handling custom extensions *)
-  custom_ext_add_cb = function (s: PSSL; ext_type: TIdC_UINT; const &out: PByte; outlen: PIdC_SIZET; al: PIdC_INT; add_arg: Pointer): TIdC_INT; cdecl;
-  custom_ext_free_cb = procedure (s: PSSL; ext_type: TIdC_UINT; const &out: PByte; add_arg: Pointer); cdecl;
-  custom_ext_parse_cb = function (s: PSSL; ext_type: TIdC_UINT; const &in: PByte; inlen: TIdC_SIZET; al: PIdC_INT; parse_arg: Pointer): TIdC_INT; cdecl;
+  custom_ext_add_cb = function (s: PSSL; ext_type: TIdC_UINT; const out_: PByte; outlen: PIdC_SIZET; al: PIdC_INT; add_arg: Pointer): TIdC_INT; cdecl;
+  custom_ext_free_cb = procedure (s: PSSL; ext_type: TIdC_UINT; const out_: PByte; add_arg: Pointer); cdecl;
+  custom_ext_parse_cb = function (s: PSSL; ext_type: TIdC_UINT; const in_: PByte; inlen: TIdC_SIZET; al: PIdC_INT; parse_arg: Pointer): TIdC_INT; cdecl;
 
-  SSL_custom_ext_add_cb_ex = function (s: PSSL; ext_type: TIdC_UINT; context: TIdC_UINT; const &out: PByte; outlen: PIdC_SIZET; x: Px509; chainidx: TIdC_SIZET; al: PIdC_INT; add_arg: Pointer): TIdC_INT; cdecl;
-  SSL_custom_ext_free_cb_ex = procedure (s: PSSL; ext_type: TIdC_UINT; context: TIdC_UINT; const &out: PByte; add_arg: Pointer); cdecl;
-  SSL_custom_ext_parse_cb_ex = function (s: PSSL; ext_type: TIdC_UINT; context: TIdC_UINT; const &in: PByte; inlen: TIdC_SIZET; x: Px509; chainidx: TIdC_SIZET; al: PIdC_INT; parse_arg: Pointer): TIdC_INT; cdecl;
+  SSL_custom_ext_add_cb_ex = function (s: PSSL; ext_type: TIdC_UINT; context: TIdC_UINT; const out_: PByte; outlen: PIdC_SIZET; x: Px509; chainidx: TIdC_SIZET; al: PIdC_INT; add_arg: Pointer): TIdC_INT; cdecl;
+  SSL_custom_ext_free_cb_ex = procedure (s: PSSL; ext_type: TIdC_UINT; context: TIdC_UINT; const out_: PByte; add_arg: Pointer); cdecl;
+  SSL_custom_ext_parse_cb_ex = function (s: PSSL; ext_type: TIdC_UINT; context: TIdC_UINT; const in_: PByte; inlen: TIdC_SIZET; x: Px509; chainidx: TIdC_SIZET; al: PIdC_INT; parse_arg: Pointer): TIdC_INT; cdecl;
 
   (* Typedef for verification callback *)
   SSL_verify_cb = function (preverify_ok: TIdC_INT; x509_ctx: PX509_STORE_CTX): TIdC_INT; cdecl;
@@ -953,20 +953,20 @@   srtp_protection_profile_st = record
   tls_session_ticket_ext_cb_fn = function (s: PSSL; const data: PByte; len: TIdC_INT; arg: Pointer): TIdC_INT; cdecl;
 
   (*
-   * This callback type is used inside SSL_CTX, SSL, and &in the functions that
-   * set them. It is used to override the generation of SSL/TLS session IDs &in
+   * This callback type is used inside SSL_CTX, SSL, and in_ the functions that
+   * set them. It is used to override the generation of SSL/TLS session IDs in_
    * a server. Return value should be zero on an error, non-zero to proceed.
    * Also, callbacks should themselves check if the id they generate is unique
    * otherwise the SSL handshake will fail with an error - callbacks can do
    * this using the 'ssl' value they're passed by;
-   * SSL_has_matching_session_id(ssl, id, *id_len) The length value passed &in
-   * is set at the maximum size the session ID can be. &in SSLv3/TLSv1 it is 32
+   * SSL_has_matching_session_id(ssl, id, *id_len) The length value passed in_
+   * is set at the maximum size the session ID can be. in_ SSLv3/TLSv1 it is 32
    * bytes. The callback can alter this length to be less if desired. It is
    * also an error for the callback to set the size to zero.
    *)
   GEN_SESSION_CB = function (ssl: PSSL; id: PByte; id_len: PIdC_UINT): TIdC_INT; cdecl;
 
-  SSL_CTX_info_callback = procedure (const ssl: PSSL; &type: TIdC_INT; val: TIdC_INT); cdecl;
+  SSL_CTX_info_callback = procedure (const ssl: PSSL; type_: TIdC_INT; val: TIdC_INT); cdecl;
   SSL_CTX_client_cert_cb = function (ssl: PSSL; x509: PPx509; pkey: PPEVP_PKEY): TIdC_INT; cdecl;
 
   SSL_CTX_cookie_verify_cb = function (ssl: PSSL; cookie: PByte; cookie_len: PIdC_UINT): TIdC_INT; cdecl;
@@ -974,7 +974,7 @@   srtp_protection_profile_st = record
   SSL_CTX_set_stateless_cookie_generate_cb_gen_stateless_cookie_cb = function (ssl: PSSL; cookie: PByte; cookie_len: PIdC_SIZET): TIdC_INT; cdecl;
   SSL_CTX_set_stateless_cookie_verify_cb_verify_stateless_cookie_cb = function (ssl: PSSL; const cookie: PByte; cookie_len: TIdC_SIZET): TIdC_INT; cdecl;
 
-  SSL_CTX_alpn_select_cb_func = function (ssl: PSSL; const &out: PPByte; outlen: PByte; const &in: PByte; inlen: TIdC_UINT; arg: Pointer): TIdC_INT; cdecl;
+  SSL_CTX_alpn_select_cb_func = function (ssl: PSSL; const out_: PPByte; outlen: PByte; const in_: PByte; inlen: TIdC_UINT; arg: Pointer): TIdC_INT; cdecl;
   SSL_psk_client_cb_func = function (ssl: PSSL; const hint: PIdAnsiChar; identity: PIdAnsiChar; max_identity_len: TIdC_UINT; psk: PByte; max_psk_len: TIdC_UINT): TIdC_UINT; cdecl;
   SSL_psk_server_cb_func = function (ssl: PSSL; const identity: PIdAnsiChar; psk: PByte; max_psk_len: TIdC_UINT): TIdC_UINT; cdecl;
   SSL_psk_find_session_cb_func = function (ssl: PSSL; const identity: PByte; identity_len: TIdC_SIZET; sess: PPSSL_SESSION): TIdC_INT; cdecl;
@@ -1058,15 +1058,15 @@   srtp_protection_profile_st = record
   SSL_client_hello_cb_fn = function (s: PSSL; al: PIdC_INT; arg: Pointer): TIdC_INT; cdecl;
   SSL_callback_ctrl_v3 = procedure; cdecl;
   SSL_CTX_callback_ctrl_v3 = procedure; cdecl;
-  SSL_info_callback = procedure (const ssl: PSSL; &type: TIdC_INT; val: TIdC_INT); cdecl;
+  SSL_info_callback = procedure (const ssl: PSSL; type_: TIdC_INT; val: TIdC_INT); cdecl;
 
   (* NB: the |keylength| is only applicable when is_export is true *)
   SSL_CTX_set_tmp_dh_callback_dh = function (ssl: PSSL; is_export: TIdC_INT; keylength: TIdC_INT): PDH; cdecl;
   SSL_set_tmp_dh_callback_dh = function (ssl: PSSL; is_export: TIdC_INT; keylength: TIdC_INT): PDH; cdecl;
   SSL_CTX_set_not_resumable_session_callback_cb = function (ssl: PSSL; is_forward_secure: TIdC_INT): TIdC_INT; cdecl;
   SSL_set_not_resumable_session_callback_cb = function (ssl: PSSL; is_forward_secure: TIdC_INT): TIdC_INT; cdecl;
-  SSL_CTX_set_record_padding_callback_cb = function (ssl: PSSL; &type: TIdC_INT; len: TIdC_SIZET; arg: Pointer): TIdC_SIZET; cdecl;
-  SSL_set_record_padding_callback_cb = function (ssl: PSSL; &type: TIdC_INT; len: TIdC_SIZET; arg: Pointer): TIdC_SIZET; cdecl;
+  SSL_CTX_set_record_padding_callback_cb = function (ssl: PSSL; type_: TIdC_INT; len: TIdC_SIZET; arg: Pointer): TIdC_SIZET; cdecl;
+  SSL_set_record_padding_callback_cb = function (ssl: PSSL; type_: TIdC_INT; len: TIdC_SIZET; arg: Pointer): TIdC_SIZET; cdecl;
   
   (*
    * The validation type enumerates the available behaviours of the built-in SSL
@@ -1095,7 +1095,6 @@   srtp_protection_profile_st = record
 
   SSL_CTX_sess_remove_cb = procedure(ctx: PSSL_CTX; sess: PSSL_SESSION); cdecl;
 
-{$REGION 'C compiler macros'}
 function SSL_CTX_set_mode(ctx: PSSL_CTX; op: TIdC_LONG): TIdC_LONG;
 function SSL_CTX_clear_mode(ctx: PSSL_CTX; op: TIdC_LONG): TIdC_LONG;
 
@@ -1174,7 +1173,6 @@ function SSL_set_min_proto_version(s: PSSL; version: TIdC_LONG): TIdC_LONG;
 function SSL_set_max_proto_version(s: PSSL; version: TIdC_LONG): TIdC_LONG;
 function SSL_get_min_proto_version(s: PSSL): TIdC_LONG;
 function SSL_get_max_proto_version(s: PSSL): TIdC_LONG;
-{$ENDREGION}
 
   //typedef TIdC_INT (*tls_session_secret_cb_fn)(s: PSSL, void *secret, TIdC_INT *secret_len,
   //                                        STACK_OF(SSL_CIPHER) *peer_ciphers,
@@ -1385,7 +1383,7 @@ function SSL_get_max_proto_version(s: PSSL): TIdC_LONG;
 
   ///*
   // * These need to be after the above set of includes due to a compiler bug
-  // * &in VisualStudio 2015
+  // * in_ VisualStudio 2015
   // */
   //DEFINE_STACK_OF_CONST(SSL_CIPHER)
   //DEFINE_STACK_OF(SSL_COMP)
@@ -1542,20 +1540,20 @@ function SSL_get_max_proto_version(s: PSSL): TIdC_LONG;
   (* Set serverinfo data for the current active cert. *)
   function SSL_CTX_use_serverinfo(ctx: PSSL_CTX; const serverinfo: PByte; serverinfo_length: TIdC_SIZET): TIdC_INT cdecl; external CLibSSL;
   function SSL_CTX_use_serverinfo_ex(ctx: PSSL_CTX; version: TIdC_UINT; const serverinfo: PByte; serverinfo_length: TIdC_SIZET): TIdC_INT cdecl; external CLibSSL;
-  function SSL_CTX_use_serverinfo_file(ctx: PSSL_CTX; const &file: PIdAnsiChar): TIdC_INT cdecl; external CLibSSL;
+  function SSL_CTX_use_serverinfo_file(ctx: PSSL_CTX; const file_: PIdAnsiChar): TIdC_INT cdecl; external CLibSSL;
 
-  function SSL_use_RSAPrivateKey_file(ssl: PSSL; const &file: PIdAnsiChar; &type: TIdC_INT): TIdC_INT cdecl; external CLibSSL;
+  function SSL_use_RSAPrivateKey_file(ssl: PSSL; const file_: PIdAnsiChar; type_: TIdC_INT): TIdC_INT cdecl; external CLibSSL;
 
-  function SSL_use_PrivateKey_file(ssl: PSSL; const &file: PIdAnsiChar; &type: TIdC_INT): TIdC_INT cdecl; external CLibSSL;
-  function SSL_use_certificate_file(ssl: PSSL; const &file: PIdAnsiChar; &type: TIdC_INT): TIdC_INT cdecl; external CLibSSL;
+  function SSL_use_PrivateKey_file(ssl: PSSL; const file_: PIdAnsiChar; type_: TIdC_INT): TIdC_INT cdecl; external CLibSSL;
+  function SSL_use_certificate_file(ssl: PSSL; const file_: PIdAnsiChar; type_: TIdC_INT): TIdC_INT cdecl; external CLibSSL;
 
-  function SSL_CTX_use_RSAPrivateKey_file(ctx: PSSL_CTX; const &file: PIdAnsiChar; &type: TIdC_INT): TIdC_INT cdecl; external CLibSSL;
+  function SSL_CTX_use_RSAPrivateKey_file(ctx: PSSL_CTX; const file_: PIdAnsiChar; type_: TIdC_INT): TIdC_INT cdecl; external CLibSSL;
 
-  function SSL_CTX_use_PrivateKey_file(ctx: PSSL_CTX; const &file: PIdAnsiChar; &type: TIdC_INT): TIdC_INT cdecl; external CLibSSL;
-  function SSL_CTX_use_certificate_file(ctx: PSSL_CTX; const &file: PIdAnsiChar; &type: TIdC_INT): TIdC_INT cdecl; external CLibSSL;
+  function SSL_CTX_use_PrivateKey_file(ctx: PSSL_CTX; const file_: PIdAnsiChar; type_: TIdC_INT): TIdC_INT cdecl; external CLibSSL;
+  function SSL_CTX_use_certificate_file(ctx: PSSL_CTX; const file_: PIdAnsiChar; type_: TIdC_INT): TIdC_INT cdecl; external CLibSSL;
   (* PEM type *)
-  function SSL_CTX_use_certificate_chain_file(ctx: PSSL_CTX; const &file: PIdAnsiChar): TIdC_INT cdecl; external CLibSSL;
-  function SSL_use_certificate_chain_file(ssl: PSSL; const &file: PIdAnsiChar): TIdC_INT cdecl; external CLibSSL;
+  function SSL_CTX_use_certificate_chain_file(ctx: PSSL_CTX; const file_: PIdAnsiChar): TIdC_INT cdecl; external CLibSSL;
+  function SSL_use_certificate_chain_file(ssl: PSSL; const file_: PIdAnsiChar): TIdC_INT cdecl; external CLibSSL;
   //__owur STACK_OF(X509_NAME) *SSL_load_client_CA_file(const PIdAnsiChar *file);
   //__owur TIdC_INT SSL_add_file_cert_subjects_to_stack(STACK_OF(X509_NAME) *stackCAs,
   //                                               const PIdAnsiChar *file);
@@ -1712,12 +1710,12 @@ function SSL_get_max_proto_version(s: PSSL): TIdC_LONG;
   procedure SSL_CTX_set_client_hello_cb(c: PSSL_CTX; cb: SSL_client_hello_cb_fn; arg: Pointer) cdecl; external CLibSSL;
   function SSL_client_hello_isv2(s: PSSL): TIdC_INT cdecl; external CLibSSL;
   function SSL_client_hello_get0_legacy_version(s: PSSL): TIdC_UINT cdecl; external CLibSSL;
-  function SSL_client_hello_get0_random(s: PSSL; const &out: PPByte): TIdC_SIZET cdecl; external CLibSSL;
-  function SSL_client_hello_get0_session_id(s: PSSL; const &out: PPByte): TIdC_SIZET cdecl; external CLibSSL;
-  function SSL_client_hello_get0_ciphers(s: PSSL; const &out: PPByte): TIdC_SIZET cdecl; external CLibSSL;
-  function SSL_client_hello_get0_compression_methods(s: PSSL; const &out: PPByte): TIdC_SIZET cdecl; external CLibSSL;
-  function SSL_client_hello_get1_extensions_present(s: PSSL; &out: PPIdC_INT; outlen: PIdC_SIZET): TIdC_INT cdecl; external CLibSSL;
-  function SSL_client_hello_get0_ext(s: PSSL; &type: TIdC_UINT; const &out: PPByte; outlen: PIdC_SIZET): TIdC_INT cdecl; external CLibSSL;
+  function SSL_client_hello_get0_random(s: PSSL; const out_: PPByte): TIdC_SIZET cdecl; external CLibSSL;
+  function SSL_client_hello_get0_session_id(s: PSSL; const out_: PPByte): TIdC_SIZET cdecl; external CLibSSL;
+  function SSL_client_hello_get0_ciphers(s: PSSL; const out_: PPByte): TIdC_SIZET cdecl; external CLibSSL;
+  function SSL_client_hello_get0_compression_methods(s: PSSL; const out_: PPByte): TIdC_SIZET cdecl; external CLibSSL;
+  function SSL_client_hello_get1_extensions_present(s: PSSL; out_: PPIdC_INT; outlen: PIdC_SIZET): TIdC_INT cdecl; external CLibSSL;
+  function SSL_client_hello_get0_ext(s: PSSL; type_: TIdC_UINT; const out_: PPByte; outlen: PIdC_SIZET): TIdC_INT cdecl; external CLibSSL;
   procedure SSL_certs_clear(s: PSSL) cdecl; external CLibSSL;
   procedure SSL_free(ssl: PSSL) cdecl; external CLibSSL;
 
@@ -1853,10 +1851,10 @@ function SSL_get_max_proto_version(s: PSSL): TIdC_LONG;
   function SSL_get_verify_result(const ssl: PSSL): TIdC_LONG cdecl; external CLibSSL;
   //__owur STACK_OF(X509) *SSL_get0_verified_chain(const s: PSSL);
 
-  function SSL_get_client_random(const ssl: PSSL; &out: PByte; outlen: TIdC_SIZET): TIdC_SIZET cdecl; external CLibSSL;
-  function SSL_get_server_random(const ssl: PSSL; &out: PByte; outlen: TIdC_SIZET): TIdC_SIZET cdecl; external CLibSSL;
-  function SSL_SESSION_get_master_key(const sess: PSSL_SESSION; &out: PByte; outlen: TIdC_SIZET): TIdC_SIZET cdecl; external CLibSSL;
-  function SSL_SESSION_set1_master_key(sess: PSSL_SESSION; const &in: PByte; len: TIdC_SIZET): TIdC_INT cdecl; external CLibSSL;
+  function SSL_get_client_random(const ssl: PSSL; out_: PByte; outlen: TIdC_SIZET): TIdC_SIZET cdecl; external CLibSSL;
+  function SSL_get_server_random(const ssl: PSSL; out_: PByte; outlen: TIdC_SIZET): TIdC_SIZET cdecl; external CLibSSL;
+  function SSL_SESSION_get_master_key(const sess: PSSL_SESSION; out_: PByte; outlen: TIdC_SIZET): TIdC_SIZET cdecl; external CLibSSL;
+  function SSL_SESSION_set1_master_key(sess: PSSL_SESSION; const in_: PByte; len: TIdC_SIZET): TIdC_INT cdecl; external CLibSSL;
   function SSL_SESSION_get_max_fragment_length(const sess: PSSL_SESSION): TIdC_UINT8 cdecl; external CLibSSL;
 
   //#define SSL_get_ex_new_index(l, p, newf, dupf, freef) \
@@ -2017,7 +2015,7 @@ function SSL_get_max_proto_version(s: PSSL): TIdC_LONG;
   ///*
   // * The validation type enumerates the available behaviours of the built-&in SSL
   // * CT validation callback selected via SSL_enable_ct() and SSL_CTX_enable_ct().
-  // * The underlying callback is a static function &in libssl.
+  // * The underlying callback is a static function in_ libssl.
   // */
 
   ///*
@@ -2026,7 +2024,7 @@ function SSL_get_max_proto_version(s: PSSL): TIdC_LONG;
   // * continues the handshake, the application can make appropriate decisions at
   // * handshake completion.  The SSL_CT_VALIDATION_STRICT variant requires at
   // * least one valid SCT, or else handshake termination will be requested.  The
-  // * handshake may continue anyway if SSL_VERIFY_NONE is &in effect.
+  // * handshake may continue anyway if SSL_VERIFY_NONE is in_ effect.
   // */
   function SSL_enable_ct(s: PSSL; validation_mode: TIdC_INT): TIdC_INT cdecl; external CLibSSL;
   function SSL_CTX_enable_ct(ctx: PSSL_CTX; validation_mode: TIdC_INT): TIdC_INT cdecl; external CLibSSL;
@@ -2094,18 +2092,12 @@ function SSL_get_max_proto_version(s: PSSL): TIdC_LONG;
 
 implementation
 
-
-{$REGION 'C compiler macros'}
-
 //# define SSL_CTX_set_mode(ctx,op)      SSL_CTX_ctrl((ctx),SSL_CTRL_MODE,(op),NULL)
 function SSL_CTX_set_mode(ctx: PSSL_CTX; op: TIdC_LONG): TIdC_LONG;
-
 begin
-
   Result := SSL_CTX_ctrl(ctx, SSL_CTRL_MODE, op, nil);
 end;
 
-
 //# define SSL_CTX_clear_mode(ctx,op)   SSL_CTX_ctrl((ctx),SSL_CTRL_CLEAR_MODE,(op),NULL)
 function SSL_CTX_clear_mode(ctx: PSSL_CTX; op: TIdC_LONG): TIdC_LONG;
 begin
@@ -2555,6 +2547,5 @@ function SSL_get_max_proto_version(s: PSSL): TIdC_LONG;
 begin
   Result := SSL_ctrl(s, SSL_CTRL_GET_MAX_PROTO_VERSION, 0, nil);
 end;
-{$ENDREGION}
 
 end.
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ssl3.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ssl3.pas
index 61df8d5ad..e31eeb323 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ssl3.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ssl3.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 11.05.2020 08:36:43
+// Generation date: 28.10.2020 15:24:33
 
 unit IdOpenSSLHeaders_ssl3;
 
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_sslerr.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_sslerr.pas
index 48dd80095..2f3bf41f9 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_sslerr.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_sslerr.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 14:51:27
+// Generation date: 28.10.2020 15:24:33
 
 unit IdOpenSSLHeaders_sslerr;
 
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_storeerr.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_storeerr.pas
index fef077c2c..3a38d703f 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_storeerr.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_storeerr.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 14:51:27
+// Generation date: 28.10.2020 15:24:33
 
 unit IdOpenSSLHeaders_storeerr;
 
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_tls1.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_tls1.pas
index 0f9c53ab1..7dbc74514 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_tls1.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_tls1.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 11.05.2020 08:36:43
+// Generation date: 28.10.2020 15:24:33
 
 unit IdOpenSSLHeaders_tls1;
 
@@ -1097,14 +1097,12 @@   tls_session_ticket_ext_st = record
     data: Pointer;
   end;
 
-{$REGION 'C compiler macros'}
 function SSL_set_tlsext_host_name(s: PSSL; const name: PIdAnsiChar): TIdC_LONG;
-{$ENDREGION}
 
   function SSL_CTX_set_tlsext_max_fragment_length(ctx: PSSL_CTx; mode: TIdC_UINT8): TIdC_INT cdecl; external CLibSSL;
   function SSL_set_tlsext_max_fragment_length(ssl: PSSL; mode: TIdC_UINT8): TIdC_INT cdecl; external CLibSSL;
 
-  function SSL_get_servername(const s: PSSL; const &type: TIdC_INT): PIdAnsiChar cdecl; external CLibSSL;
+  function SSL_get_servername(const s: PSSL; const type_: TIdC_INT): PIdAnsiChar cdecl; external CLibSSL;
   function SSL_get_servername_type(const s: PSSL): TIdC_INT cdecl; external CLibSSL;
   (*
    * SSL_export_keying_material exports a value derived from the master secret,
@@ -1113,7 +1111,7 @@ function SSL_set_tlsext_host_name(s: PSSL; const name: PIdAnsiChar): TIdC_LONG;
    * flag controls whether a context is included.) It returns 1 on success and
    * 0 or -1 otherwise.
    *)
-  function SSL_export_keying_material(s: PSSL; &out: PByte; olen: TIdC_SIZET; const &label: PIdAnsiChar; llen: TIdC_SIZET; const context: PByte; contextlen: TIdC_SIZET; use_context: TIdC_INT): TIdC_INT cdecl; external CLibSSL;
+  function SSL_export_keying_material(s: PSSL; out_: PByte; olen: TIdC_SIZET; const label_: PIdAnsiChar; llen: TIdC_SIZET; const context: PByte; contextlen: TIdC_SIZET; use_context: TIdC_INT): TIdC_INT cdecl; external CLibSSL;
 
   (*
    * SSL_export_keying_material_early exports a value derived from the
@@ -1122,7 +1120,7 @@ function SSL_set_tlsext_host_name(s: PSSL; const name: PIdAnsiChar): TIdC_LONG;
    * |olen| bytes to |out| given a label and optional context. It
    * returns 1 on success and 0 otherwise.
    *)
-  function SSL_export_keying_material_early(s: PSSL; &out: PByte; olen: TIdC_SIZET; const &label: PIdAnsiChar; llen: TIdC_SIZET; const context: PByte; contextlen: TIdC_SIZET): TIdC_INT cdecl; external CLibSSL;
+  function SSL_export_keying_material_early(s: PSSL; out_: PByte; olen: TIdC_SIZET; const label_: PIdAnsiChar; llen: TIdC_SIZET; const context: PByte; contextlen: TIdC_SIZET): TIdC_INT cdecl; external CLibSSL;
 
   function SSL_get_peer_signature_type_nid(const s: PSSl; pnid: PIdC_INT): TIdC_INT cdecl; external CLibSSL;
   function SSL_get_signature_type_nid(const s: PSSl; pnid: PIdC_INT): TIdC_INT cdecl; external CLibSSL;
@@ -1200,13 +1198,10 @@ implementation
 uses
   IdOpenSSLHeaders_ssl;
 
-
-{$REGION 'C compiler macros'}
 //# define SSL_set_tlsext_host_name(s,name)         SSL_ctrl(s,SSL_CTRL_SET_TLSEXT_HOSTNAME,TLSEXT_NAMETYPE_host_name, (void *)name)
 function SSL_set_tlsext_host_name(s: PSSL; const name: PIdAnsiChar): TIdC_LONG;
 begin
   Result := SSL_ctrl(s, SSL_CTRL_SET_TLSEXT_HOSTNAME, TLSEXT_NAMETYPE_host_name, Pointer(name));
 end;
-{$ENDREGION}
 
 end.
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ts.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ts.pas
index 083608075..c889046c2 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ts.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ts.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 14:51:27
+// Generation date: 28.10.2020 15:24:33
 
 unit IdOpenSSLHeaders_ts;
 
@@ -539,7 +539,7 @@ interface
    *)
 
   function TS_CONF_load_cert(&file: PIdAnsiChar): PX509 cdecl; external CLibCrypto;
-  function TS_CONF_load_key( &file: PIdAnsiChar; pass: PIdAnsiChar): PEVP_PKey cdecl; external CLibCrypto;
+  function TS_CONF_load_key( file_: PIdAnsiChar; pass: PIdAnsiChar): PEVP_PKey cdecl; external CLibCrypto;
   function TS_CONF_set_serial(conf: PCONF; section: PIdAnsiChar; cb: TS_serial_cb; ctx: PTS_RESP_CTX): TIdC_INT cdecl; external CLibCrypto;
   //STACK_OF(X509) *TS_CONF_load_certs(const char *file);
   function TS_CONF_get_tsa_section(conf: PCONF; const section: PIdAnsiChar): PIdAnsiChar cdecl; external CLibCrypto;
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_tserr.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_tserr.pas
index 92d1b7429..ddc472403 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_tserr.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_tserr.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 14:51:27
+// Generation date: 28.10.2020 15:24:33
 
 unit IdOpenSSLHeaders_tserr;
 
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_txt_db.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_txt_db.pas
index 2d0ebe4f4..6636eaf6c 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_txt_db.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_txt_db.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 14:51:27
+// Generation date: 28.10.2020 15:24:33
 
 unit IdOpenSSLHeaders_txt_db;
 
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ui.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ui.pas
index 2bfb06369..463f219c0 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ui.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ui.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 14:51:27
+// Generation date: 28.10.2020 15:24:33
 
 unit IdOpenSSLHeaders_ui;
 
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_uierr.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_uierr.pas
index 5ab95af7a..eb0cbbb52 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_uierr.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_uierr.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 14:51:27
+// Generation date: 28.10.2020 15:24:33
 
 unit IdOpenSSLHeaders_uierr;
 
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_whrlpool.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_whrlpool.pas
index afafe9550..a11537b4d 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_whrlpool.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_whrlpool.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 14:51:27
+// Generation date: 28.10.2020 15:24:33
 
 unit IdOpenSSLHeaders_whrlpool;
 
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_x509.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_x509.pas
index f378c7b0b..deaba5cc5 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_x509.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_x509.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 11.05.2020 08:36:43
+// Generation date: 28.10.2020 15:24:33
 
 unit IdOpenSSLHeaders_x509;
 
@@ -303,7 +303,7 @@   Netscape_spki_st = record
 
   (* Netscape certificate sequence structure *)
 //  Netscape_certificate_sequence: record
-//    &type: PASN1_OBJECT;
+//    type_: PASN1_OBJECT;
 //    certs: P --> STACK_OF(X509) <--;
 //  end;
 //  NETSCAPE_CERT_SEQUENCE = Netscape_certificate_sequence;
@@ -394,11 +394,11 @@   SCRYPT_PARAMS_st = record
 
   function NETSCAPE_SPKI_sign(x: PNETSCAPE_SPKI; pkey: PEVP_PKEY; const md: PEVP_MD): TIdC_INT cdecl; external CLibCrypto;
 
-  function X509_pubkey_digest(const data: PX509; const &type: PEVP_MD; md: PByte; len: PIdC_UINT): TIdC_INT cdecl; external CLibCrypto;
-  function X509_digest(const data: PX509; const &type: PEVP_MD; md: PByte; len: PIdC_UINT): TIdC_INT cdecl; external CLibCrypto;
-  function X509_CRL_digest(const data: PX509_CRL; const &type: PEVP_MD; md: PByte; len: PIdC_UINT): TIdC_INT cdecl; external CLibCrypto;
-  function X509_REQ_digest(const data: PX509_REQ; const &type: PEVP_MD; md: PByte; len: PIdC_UINT): TIdC_INT cdecl; external CLibCrypto;
-  function X509_NAME_digest(const data: PX509_NAME; const &type: PEVP_MD; md: PByte; len: PIdC_UINT): TIdC_INT cdecl; external CLibCrypto;
+  function X509_pubkey_digest(const data: PX509; const type_: PEVP_MD; md: PByte; len: PIdC_UINT): TIdC_INT cdecl; external CLibCrypto;
+  function X509_digest(const data: PX509; const type_: PEVP_MD; md: PByte; len: PIdC_UINT): TIdC_INT cdecl; external CLibCrypto;
+  function X509_CRL_digest(const data: PX509_CRL; const type_: PEVP_MD; md: PByte; len: PIdC_UINT): TIdC_INT cdecl; external CLibCrypto;
+  function X509_REQ_digest(const data: PX509_REQ; const type_: PEVP_MD; md: PByte; len: PIdC_UINT): TIdC_INT cdecl; external CLibCrypto;
+  function X509_NAME_digest(const data: PX509_NAME; const type_: PEVP_MD; md: PByte; len: PIdC_UINT): TIdC_INT cdecl; external CLibCrypto;
 
   //# ifndef OPENSSL_NO_STDIO
   //X509 *d2i_X509_fp(FILE *fp, X509 **x509);
@@ -506,18 +506,18 @@   SCRYPT_PARAMS_st = record
 
   function X509_ALGOR_new: PX509_ALGOR cdecl; external CLibCrypto;
   procedure X509_ALGOR_free(v1: PX509_ALGOR) cdecl; external CLibCrypto;
-  function d2i_X509_ALGOR(a: PPX509_ALGOR; const &in: PPByte; len: TIdC_LONG): PX509_ALGOR cdecl; external CLibCrypto;
-  function i2d_X509_ALGOR(a: PX509_ALGOR; &out: PPByte): TIdC_INT cdecl; external CLibCrypto;
+  function d2i_X509_ALGOR(a: PPX509_ALGOR; const in_: PPByte; len: TIdC_LONG): PX509_ALGOR cdecl; external CLibCrypto;
+  function i2d_X509_ALGOR(a: PX509_ALGOR; out_: PPByte): TIdC_INT cdecl; external CLibCrypto;
   //DECLARE_ASN1_ENCODE_FUNCTIONS(X509_ALGORS, X509_ALGORS, X509_ALGORS)
   function X509_VAL_new: PX509_VAL cdecl; external CLibCrypto;
   procedure X509_VAL_free(v1: PX509_VAL) cdecl; external CLibCrypto;
-  function d2i_X509_VAL(a: PPX509_VAL; const &in: PPByte; len: TIdC_LONG): PX509_VAL cdecl; external CLibCrypto;
-  function i2d_X509_VAL(a: PX509_VAL; &out: PPByte): TIdC_INT cdecl; external CLibCrypto;
+  function d2i_X509_VAL(a: PPX509_VAL; const in_: PPByte; len: TIdC_LONG): PX509_VAL cdecl; external CLibCrypto;
+  function i2d_X509_VAL(a: PX509_VAL; out_: PPByte): TIdC_INT cdecl; external CLibCrypto;
 
   function X509_PUBKEY_new: PX509_PUBKEY cdecl; external CLibCrypto;
   procedure X509_PUBKEY_free(v1: PX509_PUBKEY) cdecl; external CLibCrypto;
-  function d2i_X509_PUBKEY(a: PPX509_PUBKEY; const &in: PPByte; len: TIdC_LONG): PX509_PUBKEY cdecl; external CLibCrypto;
-  function i2d_X509_PUBKEY(a: PX509_PUBKEY; &out: PPByte): TIdC_INT cdecl; external CLibCrypto;
+  function d2i_X509_PUBKEY(a: PPX509_PUBKEY; const in_: PPByte; len: TIdC_LONG): PX509_PUBKEY cdecl; external CLibCrypto;
+  function i2d_X509_PUBKEY(a: PX509_PUBKEY; out_: PPByte): TIdC_INT cdecl; external CLibCrypto;
 
   function X509_PUBKEY_set(x: PPX509_PUBKEY; pkey: PEVP_PKEY): TIdC_INT cdecl; external CLibCrypto;
   function X509_PUBKEY_get0(key: PX509_PUBKEY): PEVP_PKEY cdecl; external CLibCrypto;
@@ -538,42 +538,42 @@   SCRYPT_PARAMS_st = record
 
   function X509_SIG_new: PX509_SIG cdecl; external CLibCrypto;
   procedure X509_SIG_free(v1: PX509_SIG) cdecl; external CLibCrypto;
-  function d2i_X509_SIG(a: PPX509_SIG; const &in: PPByte; len: TIdC_LONG): PX509_SIG cdecl; external CLibCrypto;
-  function i2d_X509_SIG(a: PX509_SIG; &out: PPByte): TIdC_INT cdecl; external CLibCrypto;
+  function d2i_X509_SIG(a: PPX509_SIG; const in_: PPByte; len: TIdC_LONG): PX509_SIG cdecl; external CLibCrypto;
+  function i2d_X509_SIG(a: PX509_SIG; out_: PPByte): TIdC_INT cdecl; external CLibCrypto;
   procedure X509_SIG_get0(const sig: PX509_SIG; const palg: PPX509_ALGOR; const pdigest: PPASN1_OCTET_STRING) cdecl; external CLibCrypto;
   procedure X509_SIG_getm(sig: X509_SIG; palg: PPX509_ALGOR; pdigest: PPASN1_OCTET_STRING) cdecl; external CLibCrypto;
 
   function X509_REQ_INFO_new: PX509_REQ_INFO cdecl; external CLibCrypto;
   procedure X509_REQ_INFO_free(v1: PX509_REQ_INFO) cdecl; external CLibCrypto;
-  function d2i_X509_REQ_INFO(a: PPX509_REQ_INFO; const &in: PPByte; len: TIdC_LONG): PX509_REQ_INFO cdecl; external CLibCrypto;
-  function i2d_X509_REQ_INFO(a: PX509_REQ_INFO; &out: PPByte): TIdC_INT cdecl; external CLibCrypto;
+  function d2i_X509_REQ_INFO(a: PPX509_REQ_INFO; const in_: PPByte; len: TIdC_LONG): PX509_REQ_INFO cdecl; external CLibCrypto;
+  function i2d_X509_REQ_INFO(a: PX509_REQ_INFO; out_: PPByte): TIdC_INT cdecl; external CLibCrypto;
 
   function X509_REQ_new: PX509_REQ cdecl; external CLibCrypto;
   procedure X509_REQ_free(v1: PX509_REQ) cdecl; external CLibCrypto;
-  function d2i_X509_REQ(a: PPX509_REQ; const &in: PPByte; len: TIdC_LONG): PX509_REQ cdecl; external CLibCrypto;
-  function i2d_X509_REQ(a: PX509_REQ; &out: PPByte): TIdC_INT cdecl; external CLibCrypto;
+  function d2i_X509_REQ(a: PPX509_REQ; const in_: PPByte; len: TIdC_LONG): PX509_REQ cdecl; external CLibCrypto;
+  function i2d_X509_REQ(a: PX509_REQ; out_: PPByte): TIdC_INT cdecl; external CLibCrypto;
 
   function X509_ATTRIBUTE_new: PX509_ATTRIBUTE cdecl; external CLibCrypto;
   procedure X509_ATTRIBUTE_free(v1: PX509_ATTRIBUTE) cdecl; external CLibCrypto;
-  function d2i_X509_ATTRIBUTE(a: PPX509_ATTRIBUTE; const &in: PPByte; len: TIdC_LONG): PX509_ATTRIBUTE cdecl; external CLibCrypto;
-  function i2d_X509_ATTRIBUTE(a: PX509_ATTRIBUTE; &out: PPByte): TIdC_INT cdecl; external CLibCrypto;
+  function d2i_X509_ATTRIBUTE(a: PPX509_ATTRIBUTE; const in_: PPByte; len: TIdC_LONG): PX509_ATTRIBUTE cdecl; external CLibCrypto;
+  function i2d_X509_ATTRIBUTE(a: PX509_ATTRIBUTE; out_: PPByte): TIdC_INT cdecl; external CLibCrypto;
   function X509_ATTRIBUTE_create(nid: TIdC_INT; trtype: TIdC_INT; value: Pointer): PX509_ATTRIBUTE cdecl; external CLibCrypto;
 
   function X509_EXTENSION_new: PX509_EXTENSION cdecl; external CLibCrypto;
   procedure X509_EXTENSION_free(v1: PX509_EXTENSION) cdecl; external CLibCrypto;
-  function d2i_X509_EXTENSION(a: PPX509_EXTENSION; const &in: PPByte; len: TIdC_LONG): PX509_EXTENSION cdecl; external CLibCrypto;
-  function i2d_X509_EXTENSION(a: PX509_EXTENSION; &out: PPByte): TIdC_INT cdecl; external CLibCrypto;
+  function d2i_X509_EXTENSION(a: PPX509_EXTENSION; const in_: PPByte; len: TIdC_LONG): PX509_EXTENSION cdecl; external CLibCrypto;
+  function i2d_X509_EXTENSION(a: PX509_EXTENSION; out_: PPByte): TIdC_INT cdecl; external CLibCrypto;
   //DECLARE_ASN1_ENCODE_FUNCTIONS(X509_EXTENSIONS, X509_EXTENSIONS, X509_EXTENSIONS)
 
   function X509_NAME_ENTRY_new: PX509_NAME_ENTRY cdecl; external CLibCrypto;
   procedure X509_NAME_ENTRY_free(v1: PX509_NAME_ENTRY) cdecl; external CLibCrypto;
-  function d2i_X509_NAME_ENTRY(a: PPX509_NAME_ENTRY; const &in: PPByte; len: TIdC_LONG): PX509_NAME_ENTRY cdecl; external CLibCrypto;
-  function i2d_X509_NAME_ENTRY(a: PX509_NAME_ENTRY; &out: PPByte): TIdC_INT cdecl; external CLibCrypto;
+  function d2i_X509_NAME_ENTRY(a: PPX509_NAME_ENTRY; const in_: PPByte; len: TIdC_LONG): PX509_NAME_ENTRY cdecl; external CLibCrypto;
+  function i2d_X509_NAME_ENTRY(a: PX509_NAME_ENTRY; out_: PPByte): TIdC_INT cdecl; external CLibCrypto;
 
   function X509_NAME_new: PX509_NAME cdecl; external CLibCrypto;
   procedure X509_NAME_free(v1: PX509_NAME) cdecl; external CLibCrypto;
-  function d2i_X509_NAME(a: PPX509_NAME; const &in: PPByte; len: TIdC_LONG): PX509_NAME cdecl; external CLibCrypto;
-  function i2d_X509_NAME(a: PX509_NAME; &out: PPByte): TIdC_INT cdecl; external CLibCrypto;
+  function d2i_X509_NAME(a: PPX509_NAME; const in_: PPByte; len: TIdC_LONG): PX509_NAME cdecl; external CLibCrypto;
+  function i2d_X509_NAME(a: PX509_NAME; out_: PPByte): TIdC_INT cdecl; external CLibCrypto;
 
   function X509_NAME_set(xn: PPX509_NAME; name: PX509_NAME): TIdC_INT cdecl; external CLibCrypto;
 
@@ -581,8 +581,8 @@   SCRYPT_PARAMS_st = record
 
   function X509_new: PX509 cdecl; external CLibCrypto;
   procedure X509_free(v1: PX509) cdecl; external CLibCrypto;
-  function d2i_X509(a: PPX509; const &in: PPByte; len: TIdC_LONG): PX509 cdecl; external CLibCrypto;
-  function i2d_X509(a: PX509; &out: PPByte): TIdC_INT cdecl; external CLibCrypto;
+  function d2i_X509(a: PPX509; const in_: PPByte; len: TIdC_LONG): PX509 cdecl; external CLibCrypto;
+  function i2d_X509(a: PX509; out_: PPByte): TIdC_INT cdecl; external CLibCrypto;
 
   //DECLARE_ASN1_FUNCTIONS(X509_CERT_AUX)
   //
@@ -621,16 +621,16 @@   SCRYPT_PARAMS_st = record
   //
   function X509_REVOKED_new: PX509_REVOKED cdecl; external CLibCrypto;
   procedure X509_REVOKED_free(v1: PX509_REVOKED) cdecl; external CLibCrypto;
-  function d2i_X509_REVOKED(a: PPX509_REVOKED; const &in: PPByte; len: TIdC_LONG): PX509_REVOKED cdecl; external CLibCrypto;
-  function i2d_X509_REVOKED(a: PX509_REVOKED; &out: PPByte): TIdC_INT cdecl; external CLibCrypto;
+  function d2i_X509_REVOKED(a: PPX509_REVOKED; const in_: PPByte; len: TIdC_LONG): PX509_REVOKED cdecl; external CLibCrypto;
+  function i2d_X509_REVOKED(a: PX509_REVOKED; out_: PPByte): TIdC_INT cdecl; external CLibCrypto;
   function X509_CRL_INFO_new: PX509_CRL_INFO cdecl; external CLibCrypto;
   procedure X509_CRL_INFO_free(v1: PX509_CRL_INFO) cdecl; external CLibCrypto;
-  function d2i_X509_CRL_INFO(a: PPX509_CRL_INFO; const &in: PPByte; len: TIdC_LONG): PX509_CRL_INFO cdecl; external CLibCrypto;
-  function i2d_X509_CRL_INFO(a: PX509_CRL_INFO; &out: PPByte): TIdC_INT cdecl; external CLibCrypto;
+  function d2i_X509_CRL_INFO(a: PPX509_CRL_INFO; const in_: PPByte; len: TIdC_LONG): PX509_CRL_INFO cdecl; external CLibCrypto;
+  function i2d_X509_CRL_INFO(a: PX509_CRL_INFO; out_: PPByte): TIdC_INT cdecl; external CLibCrypto;
   function X509_CRL_new: PX509_CRL cdecl; external CLibCrypto;
   procedure X509_CRL_free(v1: PX509_CRL) cdecl; external CLibCrypto;
-  function d2i_X509_CRL(a: PPX509_CRL; const &in: PPByte; len: TIdC_LONG): PX509_CRL cdecl; external CLibCrypto;
-  function i2d_X509_CRL(a: PX509_CRL; &out: PPByte): TIdC_INT cdecl; external CLibCrypto;
+  function d2i_X509_CRL(a: PPX509_CRL; const in_: PPByte; len: TIdC_LONG): PX509_CRL cdecl; external CLibCrypto;
+  function i2d_X509_CRL(a: PX509_CRL; out_: PPByte): TIdC_INT cdecl; external CLibCrypto;
 
   function X509_CRL_add0_revoked(crl: PX509_CRL; rev: PX509_REVOKED): TIdC_INT cdecl; external CLibCrypto;
   function X509_CRL_get0_by_serial(crl: PX509_CRL; ret: PPX509_REVOKED; serial: PASN1_INTEGER): TIdC_INT cdecl; external CLibCrypto;
@@ -657,11 +657,11 @@   SCRYPT_PARAMS_st = record
 //                X509_ALGOR *algor2, ASN1_BIT_STRING *signature,
 //                char *data, EVP_PKEY *pkey, const EVP_MD *type);
 
-  function ASN1_item_digest(const it: PASN1_ITEM; const &type: PEVP_MD; data: Pointer; md: PByte; len: PIdC_UINT): TIdC_INT cdecl; external CLibCrypto;
+  function ASN1_item_digest(const it: PASN1_ITEM; const type_: PEVP_MD; data: Pointer; md: PByte; len: PIdC_UINT): TIdC_INT cdecl; external CLibCrypto;
 
   function ASN1_item_verify(const it: PASN1_ITEM; algor1: PX509_ALGOR; signature: PASN1_BIT_STRING; data: Pointer; pkey: PEVP_PKEY): TIdC_INT cdecl; external CLibCrypto;
 
-  function ASN1_item_sign(const it: PASN1_ITEM; algor1: PX509_ALGOR; algor2: PX509_ALGOR; signature: PASN1_BIT_STRING; data: Pointer; pkey: PEVP_PKEY; const &type: PEVP_MD): TIdC_INT cdecl; external CLibCrypto;
+  function ASN1_item_sign(const it: PASN1_ITEM; algor1: PX509_ALGOR; algor2: PX509_ALGOR; signature: PASN1_BIT_STRING; data: Pointer; pkey: PEVP_PKEY; const type_: PEVP_MD): TIdC_INT cdecl; external CLibCrypto;
   function ASN1_item_sign_ctx(const it: PASN1_ITEM; algor1: PX509_ALGOR; algor2: PX509_ALGOR; signature: PASN1_BIT_STRING; asn: Pointer; ctx: PEVP_MD_CTX): TIdC_INT cdecl; external CLibCrypto;
 
   function X509_get_version(const x: PX509): TIdC_LONG cdecl; external CLibCrypto;
@@ -721,9 +721,9 @@   SCRYPT_PARAMS_st = record
   function X509_REQ_get_attr(const req: PX509_REQ; loc: TIdC_INT): PX509_ATTRIBUTE cdecl; external CLibCrypto;
   function X509_REQ_delete_attr(req: PX509_REQ; loc: TIdC_INT): PX509_ATTRIBUTE cdecl; external CLibCrypto;
   function X509_REQ_add1_attr(req: PX509_REQ; attr: PX509_ATTRIBUTE): TIdC_INT cdecl; external CLibCrypto;
-  function X509_REQ_add1_attr_by_OBJ(req: PX509_REQ; const obj: PASN1_OBJECT; &type: TIdC_INT; const bytes: PByte; len: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
-  function X509_REQ_add1_attr_by_NID(req: PX509_REQ; nid: TIdC_INT; &type: TIdC_INT; const bytes: PByte; len: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
-  function X509_REQ_add1_attr_by_txt(req: PX509_REQ; const attrname: PIdAnsiChar; &type: TIdC_INT; const bytes: PByte; len: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function X509_REQ_add1_attr_by_OBJ(req: PX509_REQ; const obj: PASN1_OBJECT; type_: TIdC_INT; const bytes: PByte; len: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function X509_REQ_add1_attr_by_NID(req: PX509_REQ; nid: TIdC_INT; type_: TIdC_INT; const bytes: PByte; len: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function X509_REQ_add1_attr_by_txt(req: PX509_REQ; const attrname: PIdAnsiChar; type_: TIdC_INT; const bytes: PByte; len: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
 
   function X509_CRL_set_version(x: PX509_CRL; version: TIdC_LONG): TIdC_INT cdecl; external CLibCrypto;
   function X509_CRL_set_issuer_name(x: PX509_CRL; name: PX509_NAME): TIdC_INT cdecl; external CLibCrypto;
@@ -809,15 +809,15 @@   SCRYPT_PARAMS_st = record
   function X509_NAME_get_index_by_OBJ(name: PX509_NAME; const obj: PASN1_OBJECT; lastpos: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
   function X509_NAME_get_entry(const name: PX509_NAME; loc: TIdC_INT): PX509_NAME_ENTRY cdecl; external CLibCrypto;
   function X509_NAME_delete_entry(name: PX509_NAME; loc: TIdC_INT): pX509_NAME_ENTRY cdecl; external CLibCrypto;
-  function X509_NAME_add_entry(name: PX509_NAME; const ne: PX509_NAME_ENTRY; loc: TIdC_INT; &set: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
-  function X509_NAME_add_entry_by_OBJ(name: PX509_NAME; const obj: PASN1_OBJECT; &type: TIdC_INT; const bytes: PByte; len: TIdC_INT; loc: TIdC_INT; &set: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
-  function X509_NAME_add_entry_by_NID(name: PX509_NAME; nid: TIdC_INT; &type: TIdC_INT; const bytes: PByte; len: TIdC_INT; loc: TIdC_INT; &set: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
-  function X509_NAME_ENTRY_create_by_txt(ne: PPX509_NAME_ENTRY; const field: PIdAnsiChar; &type: TIdC_INT; const bytes: PByte; len: TIdC_INT): PX509_NAME_ENTRY cdecl; external CLibCrypto;
-  function X509_NAME_ENTRY_create_by_NID(ne: PPX509_NAME_ENTRY; nid: TIdC_INT; &type: TIdC_INT; const bytes: PByte; len: TIdC_INT): PX509_NAME_ENTRY cdecl; external CLibCrypto;
-  function X509_NAME_add_entry_by_txt(name: PX509_NAME; const field: PIdAnsiChar; &type: TIdC_INT; const bytes: PByte; len: TIdC_INT; loc: TIdC_INT; &set: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
-  function X509_NAME_ENTRY_create_by_OBJ(ne: PPX509_NAME_ENTRY; const obj: PASN1_OBJECT; &type: TIdC_INT; const bytes: PByte; len: TIdC_INT): PX509_NAME_ENTRY cdecl; external CLibCrypto;
+  function X509_NAME_add_entry(name: PX509_NAME; const ne: PX509_NAME_ENTRY; loc: TIdC_INT; set_: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function X509_NAME_add_entry_by_OBJ(name: PX509_NAME; const obj: PASN1_OBJECT; type_: TIdC_INT; const bytes: PByte; len: TIdC_INT; loc: TIdC_INT; set_: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function X509_NAME_add_entry_by_NID(name: PX509_NAME; nid: TIdC_INT; type_: TIdC_INT; const bytes: PByte; len: TIdC_INT; loc: TIdC_INT; set_: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function X509_NAME_ENTRY_create_by_txt(ne: PPX509_NAME_ENTRY; const field: PIdAnsiChar; type_: TIdC_INT; const bytes: PByte; len: TIdC_INT): PX509_NAME_ENTRY cdecl; external CLibCrypto;
+  function X509_NAME_ENTRY_create_by_NID(ne: PPX509_NAME_ENTRY; nid: TIdC_INT; type_: TIdC_INT; const bytes: PByte; len: TIdC_INT): PX509_NAME_ENTRY cdecl; external CLibCrypto;
+  function X509_NAME_add_entry_by_txt(name: PX509_NAME; const field: PIdAnsiChar; type_: TIdC_INT; const bytes: PByte; len: TIdC_INT; loc: TIdC_INT; set_: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function X509_NAME_ENTRY_create_by_OBJ(ne: PPX509_NAME_ENTRY; const obj: PASN1_OBJECT; type_: TIdC_INT; const bytes: PByte; len: TIdC_INT): PX509_NAME_ENTRY cdecl; external CLibCrypto;
   function X509_NAME_ENTRY_set_object(ne: PX509_NAME_ENTRY; const obj: PASN1_OBJECT): TIdC_INT cdecl; external CLibCrypto;
-  function X509_NAME_ENTRY_set_data(ne: PX509_NAME_ENTRY; &type: TIdC_INT; const bytes: PByte; len: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function X509_NAME_ENTRY_set_data(ne: PX509_NAME_ENTRY; type_: TIdC_INT; const bytes: PByte; len: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
   function X509_NAME_ENTRY_get_object(const ne: PX509_NAME_ENTRY): PASN1_OBJECT cdecl; external CLibCrypto;
   function X509_NAME_ENTRY_get_data(const ne: PX509_NAME_ENTRY): PASN1_STRING cdecl; external CLibCrypto;
   function X509_NAME_ENTRY_set(const ne: PX509_NAME_ENTRY): TIdC_INT cdecl; external CLibCrypto;
@@ -902,7 +902,7 @@   SCRYPT_PARAMS_st = record
   //                              const ASN1_OBJECT *obj, TIdC_INT lastpos, TIdC_INT type);
   function X509_ATTRIBUTE_create_by_NID(attr: PPX509_ATTRIBUTE; nid: TIdC_INT; atrtype: TIdC_INT; const data: Pointer; len: TIdC_INT): PX509_ATTRIBUTE cdecl; external CLibCrypto;
   function X509_ATTRIBUTE_create_by_OBJ(attr: PPX509_ATTRIBUTE; const obj: PASN1_OBJECT; atrtype: TIdC_INT; const data: Pointer; len: TIdC_INT): PX509_ATTRIBUTE cdecl; external CLibCrypto;
-  function X509_ATTRIBUTE_create_by_txt(attr: PPX509_ATTRIBUTE; const atrname: PIdAnsiChar; &type: TIdC_INT; const bytes: PByte; len: TIdC_INT): PX509_ATTRIBUTE cdecl; external CLibCrypto;
+  function X509_ATTRIBUTE_create_by_txt(attr: PPX509_ATTRIBUTE; const atrname: PIdAnsiChar; type_: TIdC_INT; const bytes: PByte; len: TIdC_INT): PX509_ATTRIBUTE cdecl; external CLibCrypto;
   function X509_ATTRIBUTE_set1_object(attr: PX509_ATTRIBUTE; const obj: PASN1_OBJECT): TIdC_INT cdecl; external CLibCrypto;
   function X509_ATTRIBUTE_set1_data(attr: PX509_ATTRIBUTE; attrtype: TIdC_INT; const data: Pointer; len: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
   function X509_ATTRIBUTE_get0_data(attr: PX509_ATTRIBUTE; idx: TIdC_INT; atrtype: TIdC_INT; data: Pointer): Pointer cdecl; external CLibCrypto;
@@ -916,9 +916,9 @@   SCRYPT_PARAMS_st = record
   function EVP_PKEY_get_attr(const key: PEVP_PKEY; loc: TIdC_INT): PX509_ATTRIBUTE cdecl; external CLibCrypto;
   function EVP_PKEY_delete_attr(key: PEVP_PKEY; loc: TIdC_INT): PX509_ATTRIBUTE cdecl; external CLibCrypto;
   function EVP_PKEY_add1_attr(key: PEVP_PKEY; attr: PX509_ATTRIBUTE): TIdC_INT cdecl; external CLibCrypto;
-  function EVP_PKEY_add1_attr_by_OBJ(key: PEVP_PKEY; const obj: PASN1_OBJECT; &type: TIdC_INT; const bytes: PByte; len: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
-  function EVP_PKEY_add1_attr_by_NID(key: PEVP_PKEY; nid: TIdC_INT; &type: TIdC_INT; const bytes: PByte; len: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
-  function EVP_PKEY_add1_attr_by_txt(key: PEVP_PKEY; const attrname: PIdAnsiChar; &type: TIdC_INT; const bytes: PByte; len: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_PKEY_add1_attr_by_OBJ(key: PEVP_PKEY; const obj: PASN1_OBJECT; type_: TIdC_INT; const bytes: PByte; len: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_PKEY_add1_attr_by_NID(key: PEVP_PKEY; nid: TIdC_INT; type_: TIdC_INT; const bytes: PByte; len: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_PKEY_add1_attr_by_txt(key: PEVP_PKEY; const attrname: PIdAnsiChar; type_: TIdC_INT; const bytes: PByte; len: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
 
   function X509_verify_cert(ctx: PX509_STORE_CTX): TIdC_INT cdecl; external CLibCrypto;
 
@@ -955,7 +955,7 @@   SCRYPT_PARAMS_st = record
 
   //const STACK_OF(X509_ATTRIBUTE) *
   //PKCS8_pkey_get0_attrs(const PKCS8_PRIV_KEY_INFO *p8);
-  function PKCS8_pkey_add1_attr_by_NID(p8: PPKCS8_PRIV_KEY_INFO; nid: TIdC_INT; &type: TIdC_INT; const bytes: PByte; len: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function PKCS8_pkey_add1_attr_by_NID(p8: PPKCS8_PRIV_KEY_INFO; nid: TIdC_INT; type_: TIdC_INT; const bytes: PByte; len: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
 
   function X509_PUBKEY_set0_param(pub: PX509_PUBKEY; aobj: PASN1_OBJECT; ptype: TIdC_INT; pval: Pointer; penc: PByte; penclen: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
   function X509_PUBKEY_get0_param(ppkalg: PPASN1_OBJECT; const pk: PPByte; ppklen: PIdC_INT; pa: PPX509_ALGOR; pub: PX509_PUBKEY): TIdC_INT cdecl; external CLibCrypto;
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_x509_vfy.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_x509_vfy.pas
index c322b24e2..393e535e6 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_x509_vfy.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_x509_vfy.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 14:51:27
+// Generation date: 28.10.2020 15:24:33
 
 unit IdOpenSSLHeaders_x509_vfy;
 
@@ -257,12 +257,12 @@ interface
   X509_LOOKUP_ctrl_fn = function(ctx: PX509_LOOKUP; cmd: TIdC_INT;
     const argc: PIdAnsiChar; argl: TIdC_LONG; ret: PPIdAnsiChar): TIdC_INT;
   X509_LOOKUP_get_by_subject_fn = function(ctx: PX509_LOOKUP;
-    &type: X509_LOOKUP_TYPE; name: PX509_NAME; ret: PX509_OBJECT): TIdC_INT;
+    type_: X509_LOOKUP_TYPE; name: PX509_NAME; ret: PX509_OBJECT): TIdC_INT;
   X509_LOOKUP_get_by_issuer_serial_fn = function(ctx: PX509_LOOKUP;
-    &type: X509_LOOKUP_TYPE; name: PX509_NAME; serial: PASN1_INTEGER; ret: PX509_OBJECT): TIdC_INT;
-  X509_LOOKUP_get_by_fingerprint_fn = function(ctx: PX509_LOOKUP; &type: X509_LOOKUP_TYPE;
+    type_: X509_LOOKUP_TYPE; name: PX509_NAME; serial: PASN1_INTEGER; ret: PX509_OBJECT): TIdC_INT;
+  X509_LOOKUP_get_by_fingerprint_fn = function(ctx: PX509_LOOKUP; type_: X509_LOOKUP_TYPE;
     const bytes: PByte; len: TIdC_INT; ret: PX509_OBJECT): TIdC_INT;
-  X509_LOOKUP_get_by_alias_fn = function(ctx: PX509_LOOKUP; &type: X509_LOOKUP_TYPE;
+  X509_LOOKUP_get_by_alias_fn = function(ctx: PX509_LOOKUP; type_: X509_LOOKUP_TYPE;
     const str: PIdAnsiChar; len: TIdC_INT; ret: PX509_OBJECT): TIdC_INT;
 
   //DEFINE_STACK_OF(X509_LOOKUP)
@@ -423,28 +423,28 @@ interface
   function X509_STORE_add_cert(ctx: PX509_STORE; x: PX509): TIdC_INT cdecl; external CLibCrypto;
   function X509_STORE_add_crl(ctx: PX509_STORE; x: PX509_CRL): TIdC_INT cdecl; external CLibCrypto;
 
-  function X509_STORE_CTX_get_by_subject(vs: PX509_STORE_CTX; &type: X509_LOOKUP_TYPE; name: PX509_NAME; ret: PX509_OBJECT): TIdC_INT cdecl; external CLibCrypto;
-  function X509_STORE_CTX_get_obj_by_subject(vs: PX509_STORE_CTX; &type: X509_LOOKUP_TYPE; name: PX509_NAME): PX509_OBJECT cdecl; external CLibCrypto;
+  function X509_STORE_CTX_get_by_subject(vs: PX509_STORE_CTX; type_: X509_LOOKUP_TYPE; name: PX509_NAME; ret: PX509_OBJECT): TIdC_INT cdecl; external CLibCrypto;
+  function X509_STORE_CTX_get_obj_by_subject(vs: PX509_STORE_CTX; type_: X509_LOOKUP_TYPE; name: PX509_NAME): PX509_OBJECT cdecl; external CLibCrypto;
 
   function X509_LOOKUP_ctrl(ctx: PX509_LOOKUP; cmd: TIdC_INT; const argc: PIdAnsiChar; argl: TIdC_LONG; ret: PPIdAnsiChar): TIdC_INT cdecl; external CLibCrypto;
 
-  function X509_load_cert_file(ctx: PX509_LOOKUP; const &file: PIdAnsiChar; &type: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
-  function X509_load_crl_file(ctx: PX509_LOOKUP; const &file: PIdAnsiChar; &type: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
-  function X509_load_cert_crl_file(ctx: PX509_LOOKUP; const &file: PIdAnsiChar; &type: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function X509_load_cert_file(ctx: PX509_LOOKUP; const file_: PIdAnsiChar; type_: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function X509_load_crl_file(ctx: PX509_LOOKUP; const file_: PIdAnsiChar; type_: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function X509_load_cert_crl_file(ctx: PX509_LOOKUP; const file_: PIdAnsiChar; type_: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
 
   function X509_LOOKUP_new(method: PX509_LOOKUP_METHOD): PX509_LOOKUP cdecl; external CLibCrypto;
   procedure X509_LOOKUP_free(ctx: PX509_LOOKUP) cdecl; external CLibCrypto;
   function X509_LOOKUP_init(ctx: PX509_LOOKUP): TIdC_INT cdecl; external CLibCrypto;
-  function X509_LOOKUP_by_subject(ctx: PX509_LOOKUP; &type: X509_LOOKUP_TYPE; name: PX509_NAME; ret: PX509_OBJECT): TIdC_INT cdecl; external CLibCrypto;
-  function X509_LOOKUP_by_issuer_serial(ctx: PX509_LOOKUP; &type: X509_LOOKUP_TYPE; name: PX509_NAME; serial: PASN1_INTEGER; ret: PX509_OBJECT): TIdC_INT cdecl; external CLibCrypto;
-  function X509_LOOKUP_by_fingerprint(ctx: PX509_LOOKUP; &type: X509_LOOKUP_TYPE; const bytes: PByte; len: TIdC_INT; ret: PX509_OBJECT): TIdC_INT cdecl; external CLibCrypto;
-  function X509_LOOKUP_by_alias(ctx: PX509_LOOKUP; &type: X509_LOOKUP_TYPE; const str: PIdAnsiChar; len: TIdC_INT; ret: PX509_OBJECT): TIdC_INT cdecl; external CLibCrypto;
+  function X509_LOOKUP_by_subject(ctx: PX509_LOOKUP; type_: X509_LOOKUP_TYPE; name: PX509_NAME; ret: PX509_OBJECT): TIdC_INT cdecl; external CLibCrypto;
+  function X509_LOOKUP_by_issuer_serial(ctx: PX509_LOOKUP; type_: X509_LOOKUP_TYPE; name: PX509_NAME; serial: PASN1_INTEGER; ret: PX509_OBJECT): TIdC_INT cdecl; external CLibCrypto;
+  function X509_LOOKUP_by_fingerprint(ctx: PX509_LOOKUP; type_: X509_LOOKUP_TYPE; const bytes: PByte; len: TIdC_INT; ret: PX509_OBJECT): TIdC_INT cdecl; external CLibCrypto;
+  function X509_LOOKUP_by_alias(ctx: PX509_LOOKUP; type_: X509_LOOKUP_TYPE; const str: PIdAnsiChar; len: TIdC_INT; ret: PX509_OBJECT): TIdC_INT cdecl; external CLibCrypto;
   function X509_LOOKUP_set_method_data(ctx: PX509_LOOKUP; data: Pointer): TIdC_INT cdecl; external CLibCrypto;
   function X509_LOOKUP_get_method_data(const ctx: PX509_LOOKUP): Pointer cdecl; external CLibCrypto;
   function X509_LOOKUP_get_store(const ctx: PX509_LOOKUP): PX509_STORE cdecl; external CLibCrypto;
   function X509_LOOKUP_shutdown(ctx: PX509_LOOKUP): TIdC_INT cdecl; external CLibCrypto;
 
-  function X509_STORE_load_locations(ctx: PX509_STORE; const &file: PIdAnsiChar; const dir: PIdAnsiChar): TIdC_INT cdecl; external CLibCrypto;
+  function X509_STORE_load_locations(ctx: PX509_STORE; const file_: PIdAnsiChar; const dir: PIdAnsiChar): TIdC_INT cdecl; external CLibCrypto;
   function X509_STORE_set_default_paths(ctx: PX509_STORE): TIdC_INT cdecl; external CLibCrypto;
 
   //#define X509_STORE_CTX_get_ex_new_index(l, p, newf, dupf, freef) \
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_x509err.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_x509err.pas
index bae16d0f2..358993264 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_x509err.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_x509err.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 27.04.2020 14:51:27
+// Generation date: 28.10.2020 15:24:33
 
 unit IdOpenSSLHeaders_x509err;
 
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_x509v3.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_x509v3.pas
index 221124dbd..96ee0fb56 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_x509v3.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_x509v3.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 11.05.2020 08:36:43
+// Generation date: 28.10.2020 15:24:33
 
 unit IdOpenSSLHeaders_x509v3;
 
@@ -46,8 +46,7 @@ interface
   IdOpenSSLHeaders_ossl_typ,
   IdOpenSSLHeaders_asn1,
   IdOpenSSLHeaders_asn1t,
-  IdOpenSSLHeaders_x509,
-  System.Types;
+  IdOpenSSLHeaders_x509;
 
 const
   (* ext_flags values *)
@@ -262,7 +261,7 @@ interface
 //                                  STACK_OF(CONF_VALUE) *values);
   //X509V3_EXT_I2S = function(method: Pv3_ext_method; ext: Pointer): PIdAnsiChar; cdecl;
   //X509V3_EXT_S2I = function(method: Pv3_ext_method; ctx: Pv3_ext_ctx; const str: PIdAnsiChar): Pointer; cdecl;
-  //X509V3_EXT_I2R = function(const method: Pv3_ext_method; ext: Pointer; &out: PBIO; indent: TIdC_INT): TIdC_INT; cdecl;
+  //X509V3_EXT_I2R = function(const method: Pv3_ext_method; ext: Pointer; out_: PBIO; indent: TIdC_INT): TIdC_INT; cdecl;
   //X509V3_EXT_R2I = function(const method: Pv3_ext_method; ctx: Pv3_ext_ctx; const str: PIdAnsiChar): Pointer; cdecl;
 
 //  (* V3 extension structure *)
@@ -342,7 +341,7 @@   EDIPartyName_st  = record
   PEDIPARTYNAME = ^EDIPARTYNAME;
 
   GENERAL_NAME_st_union = record
-    case DWORD of
+    case TIdC_INT of
       0: (ptr: PIdAnsiChar);
       1: (otherName: POTHERNAME);   (* otherName *)
       2: (rfc822Name: PASN1_IA5STRING);
@@ -362,7 +361,7 @@   GENERAL_NAME_st_union = record
       14: (other: PASN1_TYPE);       (* x400Address *)
   end;
   GENERAL_NAME_st = record
-    &type: TIdC_INT;
+    type_: TIdC_INT;
     d: GENERAL_NAME_st_union;
   end;
   GENERAL_NAME = GENERAL_NAME_st;
@@ -387,12 +386,12 @@   ACCESS_DESCRIPTION_st = record
 
 //  DEFINE_STACK_OF(ACCESS_DESCRIPTION)
 //  DIST_POINT_NAME_st_union = record
-//    case DWord of
+//    case TIdC_INT of
 //      0: (GENERAL_NAMES *fullname);
 //      1: (STACK_OF(X509_NAME_ENTRY) *relativename);
 //  end;
   DIST_POINT_NAME_st = record
-    &type: TIdC_INT;
+    type_: TIdC_INT;
     (* If relativename then this contains the full distribution point name *)
     dpname: PX509_NAME;
   end;
@@ -449,7 +448,7 @@ //  USERNOTICE_st = record
 //  PUSERNOTICE = ^USERNOTICE;
 
 //  POLICYQUALINFO_st_union = record
-//    case DWord of
+//    case TIdC_INT of
 //      0: (cpsuri: PASN1_IA5STRING);
 //      1: (usernotice: PUSERNOTICE);
 //      2: (other: PASN1_TYPE);
@@ -575,8 +574,8 @@   ASRange_st = record
   PASRange = ^ASRange;
 
   ASIdOrRange_st = record
-    &type: TIdC_INT;
-    case u: DWord of
+    type_: TIdC_INT;
+    case u: TIdC_INT of
       0: (id: PASN1_INTEGER);
       1: (range: PASRange);
   end;
@@ -586,8 +585,8 @@   ASIdOrRange_st = record
 //  DEFINE_STACK_OF(ASIdOrRange)
 
 //  ASIdentifierChoice_st = record
-//    &type: TIdC_INT;
-//    case u: DWORD of
+//    type_: TIdC_INT;
+//    case u: TIdC_INT of
 //      0: (inherit: PASN1_NULL);
 //      1: (asIdsOrRanges: PASIdOrRanges);
 //  end;
@@ -612,8 +611,8 @@   IPAddressRange_st = record
   PIPAddressRange = ^IPAddressRange;
 
   IPAddressOrRange_st = record
-    &type: TIdC_INT;
-    case u: DWORD of
+    type_: TIdC_INT;
+    case u: TIdC_INT of
       0: (addressPrefix: PASN1_BIT_STRING);
       1: (addressRange: PIPAddressRange);
   end;
@@ -624,8 +623,8 @@   IPAddressOrRange_st = record
 //  DEFINE_STACK_OF(IPAddressOrRange)
 
 //  IPAddressChoice_st = record
-//    &type: TIdC_INT;
-//    case u: DWORD of
+//    type_: TIdC_INT;
+//    case u: TIdC_INT of
 //      0: (inherit: PASN1_NULL);
 //      1: (addressesOrRanges: PIPAddressOrRanges);
 //  end;
@@ -702,7 +701,7 @@ //  IPAddressFamily_st = record
 //  DECLARE_ASN1_FUNCTIONS(OTHERNAME)
 //  DECLARE_ASN1_FUNCTIONS(EDIPARTYNAME)
   function OTHERNAME_cmp(a: POTHERNAME; b: POTHERNAME): TIdC_INT cdecl; external CLibCrypto;
-  procedure GENERAL_NAME_set0_value(a: PGENERAL_NAME; &type: TIdC_INT; value: Pointer) cdecl; external CLibCrypto;
+  procedure GENERAL_NAME_set0_value(a: PGENERAL_NAME; type_: TIdC_INT; value: Pointer) cdecl; external CLibCrypto;
   function GENERAL_NAME_get0_value(const a: PGENERAL_NAME; ptype: PIdC_INT): Pointer cdecl; external CLibCrypto;
   function GENERAL_NAME_set0_othername(gen: PGENERAL_NAME; oid: PASN1_OBJECT; value: PASN1_TYPE): TIdC_INT cdecl; external CLibCrypto;
   function GENERAL_NAME_get0_otherName(const gen: PGENERAL_NAME; poid: PPASN1_OBJECT; pvalue: PPASN1_TYPE): TIdC_INT cdecl; external CLibCrypto;
@@ -906,9 +905,9 @@ //  IPAddressFamily_st = record
   procedure NAMING_AUTHORITY_set0_authorityURL(n: PNAMING_AUTHORITY; namingAuthorityUrl: PASN1_IA5STRING) cdecl; external CLibCrypto;
   procedure NAMING_AUTHORITY_set0_authorityText(n: PNAMING_AUTHORITY; namingAuthorityText: PASN1_STRING) cdecl; external CLibCrypto;
 
-  function ADMISSION_SYNTAX_get0_admissionAuthority(const &as: ADMISSION_SYNTAX): PGENERAL_NAME cdecl; external CLibCrypto;
+  function ADMISSION_SYNTAX_get0_admissionAuthority(const as_: ADMISSION_SYNTAX): PGENERAL_NAME cdecl; external CLibCrypto;
   procedure ADMISSION_SYNTAX_set0_admissionAuthority(&as: ADMISSION_SYNTAX; aa: PGENERAL_NAME) cdecl; external CLibCrypto;
-//  const STACK_OF(ADMISSIONS) *ADMISSION_SYNTAX_get0_contentsOfAdmissions(const &as: ADMISSION_SYNTAX);
+//  const STACK_OF(ADMISSIONS) *ADMISSION_SYNTAX_get0_contentsOfAdmissions(const as_: ADMISSION_SYNTAX);
 //  void ADMISSION_SYNTAX_set0_contentsOfAdmissions(&as: ADMISSION_SYNTAX; STACK_OF(ADMISSIONS) *a);
   function ADMISSIONS_get0_admissionAuthority(const a: PADMISSIONS): PGENERAL_NAME cdecl; external CLibCrypto;
   procedure ADMISSIONS_set0_admissionAuthority(a: PADMISSIONS; aa: PGENERAL_NAME) cdecl; external CLibCrypto;

From daa789c20920c02452b906e3660ab761dae5ed3f Mon Sep 17 00:00:00 2001
From: "Fabian S. Biehn" <fbiehn@aagon.com>
Date: Wed, 28 Oct 2020 16:03:04 +0100
Subject: [PATCH 07/64] Made new OpenSSL IO Handler more compatible

* removed nested consts
* replaced some not existing functions
* removed regions
* replaced $Raise with Raise_

Thanks to @JedrzejczykRobert
---
 Lib/Protocols/OpenSSL/IdOpenSSLContext.pas    | 39 ++++----
 .../OpenSSL/IdOpenSSLContextClient.pas        |  4 +-
 .../OpenSSL/IdOpenSSLContextServer.pas        | 14 +--
 Lib/Protocols/OpenSSL/IdOpenSSLExceptions.pas | 89 ++++++++++++++-----
 .../OpenSSL/IdOpenSSLIOHandlerClient.pas      |  2 +-
 .../OpenSSL/IdOpenSSLIOHandlerServer.pas      |  3 +-
 Lib/Protocols/OpenSSL/IdOpenSSLLoader.pas     |  3 +-
 Lib/Protocols/OpenSSL/IdOpenSSLOptions.pas    | 18 ++--
 .../OpenSSL/IdOpenSSLOptionsClient.pas        |  7 +-
 .../OpenSSL/IdOpenSSLOptionsServer.pas        | 11 +--
 Lib/Protocols/OpenSSL/IdOpenSSLPersistent.pas |  6 ++
 Lib/Protocols/OpenSSL/IdOpenSSLSocket.pas     |  2 +-
 .../OpenSSL/IdOpenSSLSocketClient.pas         |  4 +-
 Lib/Protocols/OpenSSL/IdOpenSSLVersion.pas    |  4 +-
 Lib/Protocols/OpenSSL/IdOpenSSLX509.pas       |  6 +-
 15 files changed, 136 insertions(+), 76 deletions(-)

diff --git a/Lib/Protocols/OpenSSL/IdOpenSSLContext.pas b/Lib/Protocols/OpenSSL/IdOpenSSLContext.pas
index d79180e37..8411a12f8 100644
--- a/Lib/Protocols/OpenSSL/IdOpenSSLContext.pas
+++ b/Lib/Protocols/OpenSSL/IdOpenSSLContext.pas
@@ -40,11 +40,12 @@ interface
   IdOpenSSLTypes,
   IdOpenSSLVersion;
 
+const
+  CExDataIndexSelf = 0;
+  // CExDataIndexOptions = 1;
+
 type
   TIdOpenSSLContext = class(TObject)
-  public const
-    CExDataIndexSelf = 0;
-//    CExDataIndexOptions = 1;
   private
     FContext: PSSL_CTX;
     FOptions: TIdOpenSSLOptionsBase;
@@ -117,15 +118,21 @@ function TryFinalizeString(const Value: string): Boolean;
 begin
   // clear passed string if its refcount allows for it, removes the value from
   //  memory of the process
+  {$IFDEF VCL_2010_OR_ABOVE}
   refCount := StringRefCount(Value);
+  {$ELSE}
+  refCount := 1;
+  {$ENDIF}
   Result := (refCount > -1) and (refCount < 2);
   if Result then
     FillChar(PByte(Value)^, Length(Value) * SizeOf(Char), 0);
 end;
 
 function GetPasswordCallback(buf: PIdAnsiChar; size: TIdC_INT; rwflag: TIdC_INT; userdata: Pointer): TIdC_INT; cdecl;
+{$IFDEF USE_MARSHALLED_PTRS}
 type
   PBytesPtr = ^TBytes;
+{$ENDIF}
 var
   LContext: TIdOpenSSLContext;
   LPassword: string;
@@ -175,9 +182,9 @@ function VerifyCallback(preverify_ok: TIdC_INT; x509_ctx: PX509_STORE_CTX): TIdC
 
   LSSL := X509_STORE_CTX_get_ex_data(x509_ctx, SSL_get_ex_data_X509_STORE_CTX_idx());
   LCtx := SSL_get_SSL_CTX(LSSL);
-  LContext := TIdOpenSSLContext(SSL_ctx_get_ex_data(LCtx, TIdOpenSSLContext.CExDataIndexSelf));
+  LContext := TIdOpenSSLContext(SSL_ctx_get_ex_data(LCtx, CExDataIndexSelf));
   if not Assigned(LContext) then
-    EIdOpenSSLGetExDataError.&Raise(RIdOpenSSLGetExDataError);
+    EIdOpenSSLGetExDataError.Raise_(RIdOpenSSLGetExDataError);
 
   if not Assigned(LContext.FOptions.OnVerify) then
   begin
@@ -207,11 +214,11 @@ procedure KeylogCallback(const ssl: PSSL; const line: PIdAnsiChar); cdecl;
   LContext: TIdOpenSSLContext;
 begin
   LCtx := SSL_get_SSL_CTX(ssl);
-  LContext := TIdOpenSSLContext(SSL_ctx_get_ex_data(LCtx, TIdOpenSSLContext.CExDataIndexSelf));
+  LContext := TIdOpenSSLContext(SSL_ctx_get_ex_data(LCtx, CExDataIndexSelf));
   if not Assigned(LContext) then
-    EIdOpenSSLGetExDataError.&Raise(RIdOpenSSLGetExDataError);
+    EIdOpenSSLGetExDataError.Raise_(RIdOpenSSLGetExDataError);
 
-//  LOptions := TIdOpenSSLOptionsBase(SSL_ctx_get_ex_data(LCtx, TIdOpenSSLContext.CExDataIndexOptions));
+//  LOptions := TIdOpenSSLOptionsBase(SSL_ctx_get_ex_data(LCtx, CExDataIndexOptions));
 //  if not Assigned(LOptions) then
 //    EIdOpenSSLGetExDataError.&Raise(RIdOpenSSLGetExDataError);
 
@@ -250,7 +257,7 @@ function TIdOpenSSLContext.Init(const AOptions: TIdOpenSSLOptionsBase): Boolean;
   FreeContext(FContext);
   FContext := SSL_CTX_new(TLS_method());
   if not Assigned(FContext) then
-    EIdOpenSSLNewSSLCtxError.&Raise(RIdOpenSSLNewSSLCtxError);
+    EIdOpenSSLNewSSLCtxError.Raise_(RIdOpenSSLNewSSLCtxError);
 
   FOptions.Free();
   FOptions := AOptions.Clone() as TIdOpenSSLOptionsBase;
@@ -291,14 +298,14 @@ procedure TIdOpenSSLContext.SetCertificate(const AContext: PSSL_CTX;
   if ACertificateFile <> '' then
 //    if SSL_CTX_use_certificate_file(FContext, GetPAnsiChar(ACertificateFile), SSL_FILETYPE_PEM) <> 1 then
     if SSL_CTX_use_certificate_chain_file(AContext, GetPAnsiChar(ACertificateFile)) <> 1 then
-      EIdOpenSSLSetCertificateError.&Raise();
+      EIdOpenSSLSetCertificateError.Raise_();
 
   if APrivateKeyFile <> '' then
     if SSL_CTX_use_PrivateKey_file(AContext, GetPAnsiChar(APrivateKeyFile), SSL_FILETYPE_PEM) <> 1 then
-      EIdOpenSSLSetPrivateKeyError.&Raise();
+      EIdOpenSSLSetPrivateKeyError.Raise_();
 
   if SSL_CTX_check_private_key(AContext) <> 1 then
-    EIdOpenSSLCertAndPrivKeyMisMatchError.&Raise();
+    EIdOpenSSLCertAndPrivKeyMisMatchError.Raise_();
 end;
 
 procedure TIdOpenSSLContext.SetCiphers(
@@ -309,10 +316,10 @@ procedure TIdOpenSSLContext.SetCiphers(
 begin
   if ACipherList <> '' then
     if SSL_CTX_set_cipher_list(AContext, GetPAnsiChar(ACipherList)) <> 1 then
-      EIdOpenSSLSetCipherListError.&Raise(RIdOpenSSLSetCipherListError);
+      EIdOpenSSLSetCipherListError.Raise_(RIdOpenSSLSetCipherListError);
   if ACipherSuites <> '' then
     if SSL_CTX_set_ciphersuites(AContext, GetPAnsiChar(ACipherSuites)) <> 1 then
-      EIdOpenSSLSetCipherSuiteError.&Raise(RIdOpenSSLSetCipherSuiteError);
+      EIdOpenSSLSetCipherSuiteError.Raise_(RIdOpenSSLSetCipherSuiteError);
 
   if AUseServerCipherPreferences then
     SSL_CTX_set_options(AContext, SSL_OP_CIPHER_SERVER_PREFERENCE)
@@ -324,7 +331,7 @@ procedure TIdOpenSSLContext.SetExData(const AContext: PSSL_CTX; AIndex: Integer;
   const AObj: TObject);
 begin
   if SSL_CTX_set_ex_data(AContext, AIndex, Pointer(AObj)) <> 1 then
-    EIdOpenSSLSetExDataError.&Raise(RIdOpenSSLSetExDataError);
+    EIdOpenSSLSetExDataError.Raise_(RIdOpenSSLSetExDataError);
 end;
 
 procedure TIdOpenSSLContext.SetKeylogCallback(
@@ -387,7 +394,7 @@ procedure TIdOpenSSLContext.SetVerifyLocations(const AContext: PSSL_CTX;
       LCert,
       LDir) = 0 then
     begin
-      EIdOpenSSLSetVerifyLocationError.&Raise(RIdOpenSSLSetVerifyLocationError);
+      EIdOpenSSLSetVerifyLocationError.Raise_(RIdOpenSSLSetVerifyLocationError);
     end;
   end;
 end;
diff --git a/Lib/Protocols/OpenSSL/IdOpenSSLContextClient.pas b/Lib/Protocols/OpenSSL/IdOpenSSLContextClient.pas
index dc23a3cc0..6eb4ddd6b 100644
--- a/Lib/Protocols/OpenSSL/IdOpenSSLContextClient.pas
+++ b/Lib/Protocols/OpenSSL/IdOpenSSLContextClient.pas
@@ -65,7 +65,7 @@ function new_session_cb(ssl: PSSL; session: PSSL_SESSION): TIdC_INT; cdecl;
   LCtx := SSL_get_SSL_CTX(ssl);
   if not Assigned(LCtx) then
     Exit;
-  LContext := TIdOpenSSLContextClient(SSL_ctx_get_ex_data(LCtx, TIdOpenSSLContext.CExDataIndexSelf));
+  LContext := TIdOpenSSLContextClient(SSL_ctx_get_ex_data(LCtx, CExDataIndexSelf));
   if not Assigned(LContext) then
     Exit;
   LContext.FSession := session;
@@ -79,7 +79,7 @@ procedure remove_session_cb(ctx: PSSL_CTX; session: PSSL_SESSION); cdecl;
 var
   LContext: TIdOpenSSLContextClient;
 begin
-  LContext := TIdOpenSSLContextClient(SSL_ctx_get_ex_data(ctx, TIdOpenSSLContext.CExDataIndexSelf));
+  LContext := TIdOpenSSLContextClient(SSL_ctx_get_ex_data(ctx, CExDataIndexSelf));
   if not Assigned(LContext) then
     Exit;
   if LContext.FSession = session then
diff --git a/Lib/Protocols/OpenSSL/IdOpenSSLContextServer.pas b/Lib/Protocols/OpenSSL/IdOpenSSLContextServer.pas
index 76dc51e2b..18f5bf4e0 100644
--- a/Lib/Protocols/OpenSSL/IdOpenSSLContextServer.pas
+++ b/Lib/Protocols/OpenSSL/IdOpenSSLContextServer.pas
@@ -117,14 +117,14 @@ procedure TIdOpenSSLContextServer.SetClientCA(const AContext: PSSL_CTX;
 begin
   LBio := BIO_new_file(GetPAnsiChar(ACAFile), 'r');
   if not Assigned(LBio) then
-    EIdOpenSSLSetClientCAError.&Raise();
+    EIdOpenSSLSetClientCAError.Raise_();
   try
     LX509 := PEM_read_bio_X509(LBio, nil, nil, nil);
     if not Assigned(LX509) then
-      EIdOpenSSLSetClientCAError.&Raise();
+      EIdOpenSSLSetClientCAError.Raise_();
     try
       if SSL_CTX_add_client_CA(AContext, LX509) <> 1 then
-        EIdOpenSSLSetClientCAError.&Raise();
+        EIdOpenSSLSetClientCAError.Raise_();
     finally
       X509_free(LX509);
     end;
@@ -152,15 +152,15 @@ procedure TIdOpenSSLContextServer.SetSessionContext(
 
       LBio := BIO_new_file(GetPAnsiChar(ACAFile), 'r');
       if not Assigned(LBio) then
-        EIdOpenSSLSessionIdContextError.&Raise();
+        EIdOpenSSLSessionIdContextError.Raise_();
 
       LX509 := PEM_read_bio_X509(LBio, nil, nil, nil);
       if not Assigned(LX509) then
-        EIdOpenSSLSessionIdContextError.&Raise();
+        EIdOpenSSLSessionIdContextError.Raise_();
 
       FillChar(FSessionIdCtx[0], LLen, 0);
       if X509_digest(LX509, EVP_sha1, @FSessionIdCtx[0], @LLen) <> 1 then
-        EIdOpenSSLSessionIdContextError.&Raise();
+        EIdOpenSSLSessionIdContextError.Raise_();
     end
     else
     begin
@@ -169,7 +169,7 @@ procedure TIdOpenSSLContextServer.SetSessionContext(
     end;
 
     if SSL_CTX_set_session_id_context(AContext, LSessionContext, LLen) <> 1 then
-      EIdOpenSSLSessionIdContextError.&Raise();
+      EIdOpenSSLSessionIdContextError.Raise_();
   finally
     // Both are nil-safe
     X509_free(LX509);
diff --git a/Lib/Protocols/OpenSSL/IdOpenSSLExceptions.pas b/Lib/Protocols/OpenSSL/IdOpenSSLExceptions.pas
index d23d59621..786908762 100644
--- a/Lib/Protocols/OpenSSL/IdOpenSSLExceptions.pas
+++ b/Lib/Protocols/OpenSSL/IdOpenSSLExceptions.pas
@@ -39,8 +39,8 @@ interface
 type
   EIdOpenSSLBaseError = class(EIdException)
   public
-    class procedure &Raise; overload;
-    class procedure &Raise(const AMsg: string); overload;
+    class procedure Raise_; overload;
+    class procedure Raise_(const AMsg: string); overload;
     class procedure RaiseFmt(const AMsg: string; const Args: array of const);
   end;
 
@@ -137,44 +137,60 @@   EIdOpenSSLShutdownError = class(EIdOpenSSLSSLBasedError);
 implementation
 
 uses
+  IdGlobal,
   IdOpenSSLHeaders_err,
   StrUtils,
   SysUtils,
-  Types;
+  {$IFDEF VCL_XE3_OR_ABOVE}System.Types{$ELSE}Types{$ENDIF};
+
+const
+  CIndexOfReason = 4;
 
 { EIdOpenSSLBaseError }
 
-class procedure EIdOpenSSLBaseError.&Raise;
+class procedure EIdOpenSSLBaseError.Raise_;
 begin
-  raise Self.Create('') at
-  {$IFNDEF FPC}
-  ReturnAddress
+  {$IFDEF VCL_XE4_OR_ABOVE}
+    raise Self.Create('') at
+    {$IFNDEF FPC}
+    ReturnAddress
+    {$ELSE}
+    get_caller_addr(get_frame), get_caller_frame(get_frame)
+    {$ENDIF}
+    ;
   {$ELSE}
-  get_caller_addr(get_frame), get_caller_frame(get_frame)
+    IndyRaiseOuterException(Self.Create(''));
   {$ENDIF}
-  ;
 end;
 
-class procedure EIdOpenSSLBaseError.&Raise(const AMsg: string);
+class procedure EIdOpenSSLBaseError.Raise_(const AMsg: string);
 begin
-  raise Self.Create(AMsg) at
-  {$IFNDEF FPC}
-  ReturnAddress
+  {$IFDEF VCL_XE4_OR_ABOVE}
+    Self.Create(AMsg) at
+    {$IFNDEF FPC}
+    ReturnAddress
+    {$ELSE}
+    get_caller_addr(get_frame), get_caller_frame(get_frame)
+    {$ENDIF}
+    ;
   {$ELSE}
-  get_caller_addr(get_frame), get_caller_frame(get_frame)
+    IndyRaiseOuterException(Self.Create(AMsg));
   {$ENDIF}
-  ;
 end;
 
 class procedure EIdOpenSSLBaseError.RaiseFmt(const AMsg: string; const Args: array of const);
 begin
-  raise Self.Create(Format(AMsg, Args)) at
-  {$IFNDEF FPC}
-  ReturnAddress
+  {$IFDEF VCL_XE4_OR_ABOVE}
+    Self.Create(AMsg) at
+    {$IFNDEF FPC}
+    ReturnAddress
+    {$ELSE}
+    get_caller_addr(get_frame), get_caller_frame(get_frame)
+    {$ENDIF}
+    ;
   {$ELSE}
-  get_caller_addr(get_frame), get_caller_frame(get_frame)
+    IndyRaiseOuterException(Self.Create(Format(AMsg, Args)));
   {$ENDIF}
-  ;
 end;
 
 { EIdOpenSSLBaseErrorStackError }
@@ -217,8 +233,37 @@ function EIdOpenSSLErrorStackBasedError.GetErrorCodeInHex: string;
 
 class function EIdOpenSSLErrorStackBasedError.GetErrorReason(
   const AErrorText: string): string;
-const
-  CIndexOfReason = 4;
+
+{$IFNDEF VCL_XE4_OR_ABOVE}
+// D2007 does not have SplitString
+  function SplitString(const s, Delimiters: string): TStringArray;
+  var
+    i: integer;
+    Len: integer;
+    PosStart: integer;
+    PosDel: integer;
+    TempText:string;
+  begin
+    i := 0;
+    SetLength(Result, 1);
+    Len := Length(Delimiters);
+    PosStart := 1;
+    PosDel := Pos(Delimiters, s);
+    TempText := s;
+    while PosDel > 0 do
+      begin
+        Result[i] := Copy(TempText, PosStart, PosDel - PosStart);
+        PosStart := PosDel + Len;
+        TempText := Copy(TempText, PosStart, Length(TempText));
+        PosDel := Pos(Delimiters, TempText);
+        PosStart := 1;
+        Inc(i);
+        SetLength(Result, i + 1);
+      end;
+    Result[i] := Copy(TempText, PosStart, Length(TempText));
+  end;
+{$ENDIF}
+
 var
   LError: TStringDynArray;
 begin
diff --git a/Lib/Protocols/OpenSSL/IdOpenSSLIOHandlerClient.pas b/Lib/Protocols/OpenSSL/IdOpenSSLIOHandlerClient.pas
index 64674a6be..79b63efbb 100644
--- a/Lib/Protocols/OpenSSL/IdOpenSSLIOHandlerClient.pas
+++ b/Lib/Protocols/OpenSSL/IdOpenSSLIOHandlerClient.pas
@@ -117,7 +117,7 @@ procedure TIdOpenSSLIOHandlerClient.BeforeInitContext(
 
 function TIdOpenSSLIOHandlerClient.Clone: TIdSSLIOHandlerSocketBase;
 begin
-  Result := inherited;
+  Result := inherited Clone();
   Options.AssignTo(TIdOpenSSLIOHandlerClient(Result).Options);
   TIdOpenSSLIOHandlerClient(Result).EnsureContext();
   TIdOpenSSLContextClientAccessor(TIdOpenSSLIOHandlerClient(Result).FContext).FSession :=
diff --git a/Lib/Protocols/OpenSSL/IdOpenSSLIOHandlerServer.pas b/Lib/Protocols/OpenSSL/IdOpenSSLIOHandlerServer.pas
index 59a715130..8599cbda7 100644
--- a/Lib/Protocols/OpenSSL/IdOpenSSLIOHandlerServer.pas
+++ b/Lib/Protocols/OpenSSL/IdOpenSSLIOHandlerServer.pas
@@ -56,11 +56,10 @@   TIdOpenSSLIOHandlerServer = class(TIdServerIOHandlerSSLBase)
     function Accept(ASocket: TIdSocketHandle; AListenerThread: TIdThread;
       AYarn: TIdYarn): TIdIOHandler; override;
 
-    {$REGION 'abstract functions from TIdServerIOHandlerSSLBase'}
+    // Abstract functions from TIdServerIOHandlerSSLBase
     function MakeClientIOHandler: TIdSSLIOHandlerSocketBase; override;
     function MakeFTPSvrPort: TIdSSLIOHandlerSocketBase; override;
     function MakeFTPSvrPasv: TIdSSLIOHandlerSocketBase; override;
-    {$ENDREGION}
   published
     property Options: TIdOpenSSLOptionsServer read FOptions;
   end;
diff --git a/Lib/Protocols/OpenSSL/IdOpenSSLLoader.pas b/Lib/Protocols/OpenSSL/IdOpenSSLLoader.pas
index 50ee1a646..001bcb5ec 100644
--- a/Lib/Protocols/OpenSSL/IdOpenSSLLoader.pas
+++ b/Lib/Protocols/OpenSSL/IdOpenSSLLoader.pas
@@ -8,11 +8,10 @@ interface
 type
   IOpenSSLLoader = interface
     ['{BBB0F670-CC26-42BC-A9E0-33647361941A}']
-  {$REGION 'Property Getter/Setter'}
+
     function GetOpenSSLPath: string;
     procedure SetOpenSSLPath(const Value: string);
     function GetFailedToLoad: TStringList;
-  {$ENDREGION}
 
     function Load: Boolean;
     procedure Unload;
diff --git a/Lib/Protocols/OpenSSL/IdOpenSSLOptions.pas b/Lib/Protocols/OpenSSL/IdOpenSSLOptions.pas
index b4bf7af38..1471e2347 100644
--- a/Lib/Protocols/OpenSSL/IdOpenSSLOptions.pas
+++ b/Lib/Protocols/OpenSSL/IdOpenSSLOptions.pas
@@ -36,14 +36,15 @@ interface
   IdOpenSSLTypes,
   IdOpenSSLVersion;
 
+const
+  CDefaultMinumumTLSVersion = {$IFDEF VCL_2010_OR_ABOVE}TIdOpenSSLVersion.{$ENDIF}TLSv1;
+  CDefaultMaximumTLSVersion = {$IFDEF VCL_2010_OR_ABOVE}TIdOpenSSLVersion.{$ENDIF}Undefined;
+  CDefaultUseServerCipherPreferences = True;
+  CDefaultAllowUnsafeLegacyRenegotiation = False;
+  CDefaultUseLegacyServerConnect = False;
+
 type
   TIdOpenSSLOptionsBase = class(TIdOpenSSLPersistent)
-  strict private const
-    CDefaultMinumumTLSVersion = TIdOpenSSLVersion.TLSv1;
-    CDefaultMaximumTLSVersion = TIdOpenSSLVersion.Undefined;
-    CDefaultUseServerCipherPreferences = True;
-    CDefaultAllowUnsafeLegacyRenegotiation = False;
-    CDefaultUseLegacyServerConnect = False;
   private
     FCertFile: string;
     FCertKey: string;
@@ -241,7 +242,7 @@ constructor TIdOpenSSLOptionsBase.Create;
 
 function TIdOpenSSLOptionsBase.Equals(Obj: TObject): Boolean;
 
-  function EqualMethod(const ALeft, ARight: TMethod): Boolean; inline;
+  function EqualMethod(const ALeft, ARight: TMethod): Boolean; {$IFDEF USE_INLINE}inline;{$ENDIF}
   begin
     Result := (ALeft.Code = ARight.Code) and (ALeft.Data = ARight.Data);
   end;
@@ -249,8 +250,7 @@ function TIdOpenSSLOptionsBase.Equals(Obj: TObject): Boolean;
 var
   LObj: TIdOpenSSLOptionsBase;
 begin
-  inherited;
-  Result := Obj is TIdOpenSSLOptionsBase;
+  Result := inherited Equals(Obj) and (Obj is TIdOpenSSLOptionsBase);
   if Result then
   begin
     LObj := TIdOpenSSLOptionsBase(Obj);
diff --git a/Lib/Protocols/OpenSSL/IdOpenSSLOptionsClient.pas b/Lib/Protocols/OpenSSL/IdOpenSSLOptionsClient.pas
index 78d937cfe..4566c5329 100644
--- a/Lib/Protocols/OpenSSL/IdOpenSSLOptionsClient.pas
+++ b/Lib/Protocols/OpenSSL/IdOpenSSLOptionsClient.pas
@@ -34,10 +34,11 @@ interface
   Classes,
   IdOpenSSLOptions;
 
+const
+  CDefaultVerifyServerCertificate = True;
+
 type
   TIdOpenSSLOptionsClient = class(TIdOpenSSLOptionsBase)
-  strict private const
-    CDefaultVerifyServerCertificate = True;
   private
     FVerifyServerCertificate: Boolean;
   public
@@ -79,7 +80,7 @@ constructor TIdOpenSSLOptionsClient.Create;
 
 function TIdOpenSSLOptionsClient.Equals(Obj: TObject): Boolean;
 begin
-  Result := inherited;
+  Result := inherited Equals(Obj);
   if Result and (Obj is TIdOpenSSLOptionsClient) then
     Result := FVerifyServerCertificate = TIdOpenSSLOptionsClient(Obj).FVerifyServerCertificate;
 end;
diff --git a/Lib/Protocols/OpenSSL/IdOpenSSLOptionsServer.pas b/Lib/Protocols/OpenSSL/IdOpenSSLOptionsServer.pas
index 95cfa8a24..139744858 100644
--- a/Lib/Protocols/OpenSSL/IdOpenSSLOptionsServer.pas
+++ b/Lib/Protocols/OpenSSL/IdOpenSSLOptionsServer.pas
@@ -34,12 +34,13 @@ interface
   Classes,
   IdOpenSSLOptions;
 
+const
+  CDefaultRequestCertificate = False;
+  CDefaultFailIfNoPeerCertificate = False;
+  CDefaultRequestCertificateOnlyOnce = False;
+
 type
   TIdOpenSSLOptionsServer = class(TIdOpenSSLOptionsBase)
-  strict private const
-    CDefaultRequestCertificate = False;
-    CDefaultFailIfNoPeerCertificate = False;
-    CDefaultRequestCertificateOnlyOnce = False;
   private
     FRequestCertificate: Boolean;
     FFailIfNoPeerCertificate: Boolean;
@@ -111,7 +112,7 @@ function TIdOpenSSLOptionsServer.Equals(Obj: TObject): Boolean;
 var
   LObj: TIdOpenSSLOptionsServer;
 begin
-  Result := inherited;
+  Result := inherited Equals(Obj);
   if Result and (Obj is TIdOpenSSLOptionsServer) then
   begin
     LObj := TIdOpenSSLOptionsServer(Obj);
diff --git a/Lib/Protocols/OpenSSL/IdOpenSSLPersistent.pas b/Lib/Protocols/OpenSSL/IdOpenSSLPersistent.pas
index 1b1d65901..3506a07ed 100644
--- a/Lib/Protocols/OpenSSL/IdOpenSSLPersistent.pas
+++ b/Lib/Protocols/OpenSSL/IdOpenSSLPersistent.pas
@@ -13,6 +13,7 @@   TIdOpenSSLPersistent = class(TPersistent)
     constructor Create; virtual;
 
     procedure AssignTo(Dest: TPersistent); override;
+    function Equals(Obj: TObject): Boolean; {$IFDEF VCL_XE4_OR_ABOVE}override;{$ELSE}virtual;{$ENDIF}
     function Clone: TIdOpenSSLPersistent; virtual;
   end;
   TIdOpenSSLPersistentClass = class of TIdOpenSSLPersistent;
@@ -27,6 +28,11 @@ procedure TIdOpenSSLPersistent.AssignTo(Dest: TPersistent);
     inherited;
 end;
 
+function TIdOpenSSLPersistent.Equals(Obj: TObject): Boolean;
+begin
+  Result := Assigned(Obj) and (Obj is TIdOpenSSLPersistent);
+end;
+
 function TIdOpenSSLPersistent.Clone: TIdOpenSSLPersistent;
 begin
   Result := TIdOpenSSLPersistentClass(Self.ClassType).Create();
diff --git a/Lib/Protocols/OpenSSL/IdOpenSSLSocket.pas b/Lib/Protocols/OpenSSL/IdOpenSSLSocket.pas
index c7cf85d82..15e9ef23d 100644
--- a/Lib/Protocols/OpenSSL/IdOpenSSLSocket.pas
+++ b/Lib/Protocols/OpenSSL/IdOpenSSLSocket.pas
@@ -207,7 +207,7 @@ function TIdOpenSSLSocket.StartSSL(const AContext: PSSL_CTX): PSSL;
 begin
   Result := SSL_new(AContext);
   if not Assigned(Result) then
-    EIdOpenSSLNewSSLError.&Raise(RIdOpenSSLNewSSLError);
+    EIdOpenSSLNewSSLError.Raise_(RIdOpenSSLNewSSLError);
   FDoNotCallShutdown := False;
 end;
 
diff --git a/Lib/Protocols/OpenSSL/IdOpenSSLSocketClient.pas b/Lib/Protocols/OpenSSL/IdOpenSSLSocketClient.pas
index fd8d3a723..5a3ad410e 100644
--- a/Lib/Protocols/OpenSSL/IdOpenSSLSocketClient.pas
+++ b/Lib/Protocols/OpenSSL/IdOpenSSLSocketClient.pas
@@ -71,10 +71,10 @@ function TIdOpenSSLSocketClient.Connect(
   SSL_set_fd(FSSL, AHandle);
   if ASNIHostname <> '' then
     if SSL_set_tlsext_host_name(FSSL, GetPAnsiChar(UTF8String(ASNIHostname))) <> 1 then
-      EIdOpenSSLSetSNIServerNameError.&Raise();
+      EIdOpenSSLSetSNIServerNameError.Raise_();
   if Assigned(FSession) then
     if SSL_set_session(FSSL, FSession) <> 1 then
-      EIdOpenSSLSetSessionError.&Raise();
+      EIdOpenSSLSetSessionError.Raise_();
 
   repeat
     LReturnCode := SSL_connect(FSSL);
diff --git a/Lib/Protocols/OpenSSL/IdOpenSSLVersion.pas b/Lib/Protocols/OpenSSL/IdOpenSSLVersion.pas
index f48113a80..9994bec9b 100644
--- a/Lib/Protocols/OpenSSL/IdOpenSSLVersion.pas
+++ b/Lib/Protocols/OpenSSL/IdOpenSSLVersion.pas
@@ -31,7 +31,9 @@ interface
 {$i IdCompilerDefines.inc}
 
 type
-  {$SCOPEDENUMS ON}
+  {$IFDEF VCL_2010_OR_ABOVE}
+    {$SCOPEDENUMS ON}
+  {$ENDIF}
   TIdOpenSSLVersion =
   (
     Undefined,
diff --git a/Lib/Protocols/OpenSSL/IdOpenSSLX509.pas b/Lib/Protocols/OpenSSL/IdOpenSSLX509.pas
index 1d544d359..ae674f61a 100644
--- a/Lib/Protocols/OpenSSL/IdOpenSSLX509.pas
+++ b/Lib/Protocols/OpenSSL/IdOpenSSLX509.pas
@@ -156,9 +156,9 @@ function TIdOpenSSLX509.ASN1TimeToDateTime(
 var
   LTime: TIdC_TM;
 begin
-  if ASN1_TIME_to_tm(ATimeASN1, @LTime) = 0 then
-    Exit(0);
-  Result := TMToDateTime(LTime);
+  Result := 0;
+  if ASN1_TIME_to_tm(ATimeASN1, @LTime) = 1 then
+    Result := TMToDateTime(LTime);
 end;
 
 procedure TIdOpenSSLX509.AssignTo(Dest: TPersistent);

From f4399acf60458946d80363e6af624dcacd4e4cf3 Mon Sep 17 00:00:00 2001
From: "Fabian S. Biehn" <fbiehn@aagon.com>
Date: Wed, 28 Oct 2020 16:03:42 +0100
Subject: [PATCH 08/64] Removed some unnecessary stuff from GenerateCode.dproj

Automated by ProjectMagican :)
---
 .../OpenSSL/GenerateCode/GenerateCode.dproj   | 452 +-----------------
 1 file changed, 1 insertion(+), 451 deletions(-)

diff --git a/Lib/Protocols/OpenSSL/GenerateCode/GenerateCode.dproj b/Lib/Protocols/OpenSSL/GenerateCode/GenerateCode.dproj
index aa44901cd..40282a9b4 100644
--- a/Lib/Protocols/OpenSSL/GenerateCode/GenerateCode.dproj
+++ b/Lib/Protocols/OpenSSL/GenerateCode/GenerateCode.dproj
@@ -55,9 +55,7 @@
     <PropertyGroup Condition="'$(Base_Win32)'!=''">
         <DCC_ConsoleTarget>true</DCC_ConsoleTarget>
         <BT_BuildType>Debug</BT_BuildType>
-        <UWP_DelphiLogo150>$(BDS)\bin\Artwork\Windows\UWP\delphi_UwpDefault_150.png</UWP_DelphiLogo150>
         <Debugger_RunParams>/Source &quot;C:\Git\mezen\Indy\Lib\Protocols\OpenSSL\IntermediateCode&quot; /Target &quot;C:\Git\mezen\Indy\Lib\Protocols\OpenSSL\dynamic&quot; /Mode dynamic</Debugger_RunParams>
-        <UWP_DelphiLogo44>$(BDS)\bin\Artwork\Windows\UWP\delphi_UwpDefault_44.png</UWP_DelphiLogo44>
         <Manifest_File>(None)</Manifest_File>
         <VerInfo_Locale>1033</VerInfo_Locale>
         <DCC_Namespace>Winapi;System.Win;Data.Win;Datasnap.Win;Web.Win;Soap.Win;Xml.Win;Bde;$(DCC_Namespace)</DCC_Namespace>
@@ -65,9 +63,7 @@
     </PropertyGroup>
     <PropertyGroup Condition="'$(Base_Win64)'!=''">
         <DCC_ConsoleTarget>true</DCC_ConsoleTarget>
-        <UWP_DelphiLogo150>$(BDS)\bin\Artwork\Windows\UWP\delphi_UwpDefault_150.png</UWP_DelphiLogo150>
         <DCC_UsePackage>DBXSqliteDriver;dxFlowChartAdvancedCustomizeFormRS24;dxRichEditInplaceRS24;dxSpreadSheetConditionalFormattingDialogsRS24;dxPSdxGaugeControlLnkRS24;vclactnband;dxSpreadSheetRS24;vclFireDAC;dxDockingRS24;tethering;dxPScxTLLnkRS24;dxBarExtItemsRS24;FireDACADSDriver;cxSchedulerWebServiceStorageRS24;vcltouch;vcldb;Spring.Base;dxADOServerModeRS24;TMSScripter_Memo;dxGDIPlusRS24;dxCloudServiceLibraryRS24;dxPSdxDBTVLnkRS24;acQueryBuilderDsgnD24;dxNavBarRS24;vclx;cxTreeListRS24;dxtrmdRS24;DataBindingsVCL;dxRichEditControlCoreRS24;RESTBackendComponents;dxRibbonRS24;VCLRESTComponents;cxExportRS24;cxPivotGridChartRS24;cxTreeListdxBarPopupMenuRS24;dxTabbedMDIRS24;vclie;bindengine;CloudService;FireDACMySQLDriver;cxPivotGridOLAPRS24;acQueryBuilderD24;dxPSLnksRS24;bindcompdbx;IndyIPServer;dxCoreRS24;IndySystem;dsnapcon;acQueryBuilderADOD24;VirtualTreesR;FireDACMSAccDriver;fmxFireDAC;vclimg;dxBarDBNavRS24;dxPSdxLCLnkRS24;FMXTee;dxPScxExtCommonRS24;dxPScxPivotGridLnkRS24;soaprtl;DbxCommonDriver;xmlrtl;soapmidas;fmxobj;rtl;TMSScripter_IDE;DbxClientDriver;cxGridRS24;acQueryBuilderDsgnADOD24;dxSpellCheckerRS24;cxLibraryRS24;appanalytics;dxSkinsCoreRS24;dxMapControlRS24;IndyIPClient;bindcompvcl;dxPSdxMapControlLnkRS24;TeeUI;dxPsPrVwAdvRS24;VclSmp;cxSchedulerRibbonStyleEventEditorRS24;dxRichEditDocumentModelRS24;dxPSPrVwRibbonRS24;dxSpreadSheetReportDesignerRS24;dxdborRS24;dxmdsRS24;cxSchedulerGridRS24;RESTComponents;dxHttpIndyRequestRS24;DSharp.Core;DBXInterBaseDriver;cxPivotGridRS24;dxdbtrRS24;dxPScxPCProdRS24;TMSScripter;dxWizardControlRS24;bindcompfmx;dxBarExtDBItemsRS24;dxPSdxOCLnkRS24;dxPSdxFCLnkRS24;inetdb;cxSchedulerTreeBrowserRS24;DataBindings;FmxTeeUI;FireDACIBDriver;fmx;fmxdae;dxSpreadSheetInplaceRichEditRS24;dbexpress;IndyCore;dxSpreadSheetCoreRS24;dxTileControlRS24;dsnap;dxPSdxSpreadSheetLnkRS24;FireDACCommon;soapserver;TMSScripter_Legacy;dxBarRS24;TMSScripter_VCL;DBXMySQLDriver;dxPSRichEditControlLnkRS24;dxPScxCommonRS24;FireDACCommonODBC;FireDACCommonDriver;dxPSdxPDFViewerLnkRS24;inet;IndyIPCommon;vcl;dxPSdxDBOCLnkRS24;TeeDB;FireDAC;dxPScxVGridLnkRS24;dxPScxGridLnkRS24;dxSpreadSheetCoreConditionalFormattingDialogsRS24;FireDACSqliteDriver;FireDACPgDriver;dxServerModeRS24;dxSpreadSheetCoreDialogsRS24;Tee;dxRichEditCoreRS24;cxSchedulerRS24;vclwinx;dxPSCoreRS24;CustomIPTransport;vcldsnap;dxPScxSchedulerLnkRS24;dxRibbonCustomizationFormRS24;bindcomp;dxorgcRS24;dxPDFViewerRS24;SynEdit_R;dxRichEditControlRS24;TreeViewPresenter;dbxcds;adortl;dxComnRS24;dxFlowChartRS24;cxVerticalGridRS24;dsnapxml;dbrtl;inetdbxpress;IndyProtocols;dxGaugeControlRS24;dxFlowChartDesignerRS24;fmxase;$(DCC_UsePackage)</DCC_UsePackage>
-        <UWP_DelphiLogo44>$(BDS)\bin\Artwork\Windows\UWP\delphi_UwpDefault_44.png</UWP_DelphiLogo44>
     </PropertyGroup>
     <PropertyGroup Condition="'$(Cfg_1)'!=''">
         <DCC_Define>DEBUG;$(DCC_Define)</DCC_Define>
@@ -112,454 +108,8 @@
                 <Source>
                     <Source Name="MainSource">GenerateCode.dpr</Source>
                 </Source>
-                <Excluded_Packages>
-                    <Excluded_Packages Name="$(BDSBIN)\dcloffice2k240.bpl">Microsoft Office 2000 Sample Automation Server Wrapper Components</Excluded_Packages>
-                    <Excluded_Packages Name="$(BDSBIN)\dclofficexp240.bpl">Microsoft Office XP Sample Automation Server Wrapper Components</Excluded_Packages>
-                </Excluded_Packages>
+                <Excluded_Packages/>
             </Delphi.Personality>
-            <Deployment Version="3">
-                <DeployFile LocalName="$(BDS)\Redist\osx32\libcgunwind.1.0.dylib" Class="DependencyModule">
-                    <Platform Name="OSX32">
-                        <Overwrite>true</Overwrite>
-                    </Platform>
-                </DeployFile>
-                <DeployFile LocalName="$(BDS)\Redist\iossimulator\libcgunwind.1.0.dylib" Class="DependencyModule">
-                    <Platform Name="iOSSimulator">
-                        <Overwrite>true</Overwrite>
-                    </Platform>
-                </DeployFile>
-                <DeployFile LocalName="$(BDS)\Redist\iossimulator\libPCRE.dylib" Class="DependencyModule">
-                    <Platform Name="iOSSimulator">
-                        <Overwrite>true</Overwrite>
-                    </Platform>
-                </DeployFile>
-                <DeployFile LocalName="$(BDS)\Redist\osx32\libcgsqlite3.dylib" Class="DependencyModule">
-                    <Platform Name="OSX32">
-                        <Overwrite>true</Overwrite>
-                    </Platform>
-                </DeployFile>
-                <DeployFile LocalName="Win32\Debug\GenerateCode.exe" Configuration="Debug" Class="ProjectOutput">
-                    <Platform Name="Win32">
-                        <RemoteName>GenerateCode.exe</RemoteName>
-                        <Overwrite>true</Overwrite>
-                    </Platform>
-                </DeployFile>
-                <DeployClass Name="DependencyModule">
-                    <Platform Name="Win32">
-                        <Operation>0</Operation>
-                        <Extensions>.dll;.bpl</Extensions>
-                    </Platform>
-                    <Platform Name="iOSDevice64">
-                        <Operation>1</Operation>
-                        <Extensions>.dylib</Extensions>
-                    </Platform>
-                    <Platform Name="OSX32">
-                        <RemoteDir>Contents\MacOS</RemoteDir>
-                        <Operation>1</Operation>
-                        <Extensions>.dylib</Extensions>
-                    </Platform>
-                    <Platform Name="iOSDevice32">
-                        <Operation>1</Operation>
-                        <Extensions>.dylib</Extensions>
-                    </Platform>
-                    <Platform Name="iOSSimulator">
-                        <Operation>1</Operation>
-                        <Extensions>.dylib</Extensions>
-                    </Platform>
-                </DeployClass>
-                <DeployClass Name="ProjectOSXResource">
-                    <Platform Name="OSX32">
-                        <RemoteDir>Contents\Resources</RemoteDir>
-                        <Operation>1</Operation>
-                    </Platform>
-                </DeployClass>
-                <DeployClass Name="AndroidClassesDexFile">
-                    <Platform Name="Android">
-                        <RemoteDir>classes</RemoteDir>
-                        <Operation>1</Operation>
-                    </Platform>
-                </DeployClass>
-                <DeployClass Name="AdditionalDebugSymbols">
-                    <Platform Name="Win32">
-                        <RemoteDir>Contents\MacOS</RemoteDir>
-                        <Operation>0</Operation>
-                    </Platform>
-                    <Platform Name="iOSSimulator">
-                        <Operation>1</Operation>
-                    </Platform>
-                    <Platform Name="OSX32">
-                        <RemoteDir>Contents\MacOS</RemoteDir>
-                        <Operation>1</Operation>
-                    </Platform>
-                </DeployClass>
-                <DeployClass Name="iPad_Launch768">
-                    <Platform Name="iOSSimulator">
-                        <Operation>1</Operation>
-                    </Platform>
-                    <Platform Name="iOSDevice64">
-                        <Operation>1</Operation>
-                    </Platform>
-                    <Platform Name="iOSDevice32">
-                        <Operation>1</Operation>
-                    </Platform>
-                </DeployClass>
-                <DeployClass Name="Android_LauncherIcon144">
-                    <Platform Name="Android">
-                        <RemoteDir>res\drawable-xxhdpi</RemoteDir>
-                        <Operation>1</Operation>
-                    </Platform>
-                </DeployClass>
-                <DeployClass Name="AndroidLibnativeMipsFile">
-                    <Platform Name="Android">
-                        <RemoteDir>library\lib\mips</RemoteDir>
-                        <Operation>1</Operation>
-                    </Platform>
-                </DeployClass>
-                <DeployClass Required="true" Name="ProjectOutput">
-                    <Platform Name="iOSDevice64">
-                        <Operation>1</Operation>
-                    </Platform>
-                    <Platform Name="iOSDevice32">
-                        <Operation>1</Operation>
-                    </Platform>
-                    <Platform Name="Win32">
-                        <Operation>0</Operation>
-                    </Platform>
-                    <Platform Name="Linux64">
-                        <Operation>1</Operation>
-                    </Platform>
-                    <Platform Name="OSX32">
-                        <RemoteDir>Contents\MacOS</RemoteDir>
-                        <Operation>1</Operation>
-                    </Platform>
-                    <Platform Name="Android">
-                        <RemoteDir>library\lib\armeabi-v7a</RemoteDir>
-                        <Operation>1</Operation>
-                    </Platform>
-                    <Platform Name="iOSSimulator">
-                        <Operation>1</Operation>
-                    </Platform>
-                </DeployClass>
-                <DeployClass Name="DependencyFramework">
-                    <Platform Name="Win32">
-                        <Operation>0</Operation>
-                    </Platform>
-                    <Platform Name="OSX32">
-                        <RemoteDir>Contents\MacOS</RemoteDir>
-                        <Operation>1</Operation>
-                        <Extensions>.framework</Extensions>
-                    </Platform>
-                </DeployClass>
-                <DeployClass Name="ProjectUWPManifest">
-                    <Platform Name="Win32">
-                        <Operation>1</Operation>
-                    </Platform>
-                    <Platform Name="Win64">
-                        <Operation>1</Operation>
-                    </Platform>
-                </DeployClass>
-                <DeployClass Name="iPhone_Launch640">
-                    <Platform Name="iOSSimulator">
-                        <Operation>1</Operation>
-                    </Platform>
-                    <Platform Name="iOSDevice64">
-                        <Operation>1</Operation>
-                    </Platform>
-                    <Platform Name="iOSDevice32">
-                        <Operation>1</Operation>
-                    </Platform>
-                </DeployClass>
-                <DeployClass Name="iPad_Launch1024">
-                    <Platform Name="iOSSimulator">
-                        <Operation>1</Operation>
-                    </Platform>
-                    <Platform Name="iOSDevice64">
-                        <Operation>1</Operation>
-                    </Platform>
-                    <Platform Name="iOSDevice32">
-                        <Operation>1</Operation>
-                    </Platform>
-                </DeployClass>
-                <DeployClass Name="ProjectiOSDeviceDebug">
-                    <Platform Name="iOSDevice64">
-                        <RemoteDir>..\$(PROJECTNAME).app.dSYM\Contents\Resources\DWARF</RemoteDir>
-                        <Operation>1</Operation>
-                    </Platform>
-                    <Platform Name="iOSDevice32">
-                        <RemoteDir>..\$(PROJECTNAME).app.dSYM\Contents\Resources\DWARF</RemoteDir>
-                        <Operation>1</Operation>
-                    </Platform>
-                </DeployClass>
-                <DeployClass Name="iPhone_Launch320">
-                    <Platform Name="iOSSimulator">
-                        <Operation>1</Operation>
-                    </Platform>
-                    <Platform Name="iOSDevice64">
-                        <Operation>1</Operation>
-                    </Platform>
-                    <Platform Name="iOSDevice32">
-                        <Operation>1</Operation>
-                    </Platform>
-                </DeployClass>
-                <DeployClass Name="ProjectiOSInfoPList">
-                    <Platform Name="iOSSimulator">
-                        <Operation>1</Operation>
-                    </Platform>
-                    <Platform Name="iOSDevice64">
-                        <Operation>1</Operation>
-                    </Platform>
-                    <Platform Name="iOSDevice32">
-                        <Operation>1</Operation>
-                    </Platform>
-                </DeployClass>
-                <DeployClass Name="AndroidLibnativeArmeabiFile">
-                    <Platform Name="Android">
-                        <RemoteDir>library\lib\armeabi</RemoteDir>
-                        <Operation>1</Operation>
-                    </Platform>
-                </DeployClass>
-                <DeployClass Name="DebugSymbols">
-                    <Platform Name="Win32">
-                        <Operation>0</Operation>
-                    </Platform>
-                    <Platform Name="iOSSimulator">
-                        <Operation>1</Operation>
-                    </Platform>
-                    <Platform Name="OSX32">
-                        <RemoteDir>Contents\MacOS</RemoteDir>
-                        <Operation>1</Operation>
-                    </Platform>
-                </DeployClass>
-                <DeployClass Name="iPad_Launch1536">
-                    <Platform Name="iOSSimulator">
-                        <Operation>1</Operation>
-                    </Platform>
-                    <Platform Name="iOSDevice64">
-                        <Operation>1</Operation>
-                    </Platform>
-                    <Platform Name="iOSDevice32">
-                        <Operation>1</Operation>
-                    </Platform>
-                </DeployClass>
-                <DeployClass Name="Android_SplashImage470">
-                    <Platform Name="Android">
-                        <RemoteDir>res\drawable-normal</RemoteDir>
-                        <Operation>1</Operation>
-                    </Platform>
-                </DeployClass>
-                <DeployClass Name="Android_LauncherIcon96">
-                    <Platform Name="Android">
-                        <RemoteDir>res\drawable-xhdpi</RemoteDir>
-                        <Operation>1</Operation>
-                    </Platform>
-                </DeployClass>
-                <DeployClass Name="Android_SplashImage640">
-                    <Platform Name="Android">
-                        <RemoteDir>res\drawable-large</RemoteDir>
-                        <Operation>1</Operation>
-                    </Platform>
-                </DeployClass>
-                <DeployClass Name="iPhone_Launch640x1136">
-                    <Platform Name="iOSSimulator">
-                        <Operation>1</Operation>
-                    </Platform>
-                    <Platform Name="iOSDevice64">
-                        <Operation>1</Operation>
-                    </Platform>
-                    <Platform Name="iOSDevice32">
-                        <Operation>1</Operation>
-                    </Platform>
-                </DeployClass>
-                <DeployClass Name="UWP_DelphiLogo44">
-                    <Platform Name="Win32">
-                        <RemoteDir>Assets</RemoteDir>
-                        <Operation>1</Operation>
-                    </Platform>
-                    <Platform Name="Win64">
-                        <RemoteDir>Assets</RemoteDir>
-                        <Operation>1</Operation>
-                    </Platform>
-                </DeployClass>
-                <DeployClass Name="ProjectiOSEntitlements">
-                    <Platform Name="iOSDevice64">
-                        <RemoteDir>..\</RemoteDir>
-                        <Operation>1</Operation>
-                    </Platform>
-                    <Platform Name="iOSDevice32">
-                        <RemoteDir>..\</RemoteDir>
-                        <Operation>1</Operation>
-                    </Platform>
-                </DeployClass>
-                <DeployClass Name="Android_LauncherIcon72">
-                    <Platform Name="Android">
-                        <RemoteDir>res\drawable-hdpi</RemoteDir>
-                        <Operation>1</Operation>
-                    </Platform>
-                </DeployClass>
-                <DeployClass Name="AndroidGDBServer">
-                    <Platform Name="Android">
-                        <RemoteDir>library\lib\armeabi-v7a</RemoteDir>
-                        <Operation>1</Operation>
-                    </Platform>
-                </DeployClass>
-                <DeployClass Name="ProjectOSXInfoPList">
-                    <Platform Name="OSX32">
-                        <RemoteDir>Contents</RemoteDir>
-                        <Operation>1</Operation>
-                    </Platform>
-                </DeployClass>
-                <DeployClass Name="ProjectOSXEntitlements">
-                    <Platform Name="OSX32">
-                        <RemoteDir>..\</RemoteDir>
-                        <Operation>1</Operation>
-                    </Platform>
-                </DeployClass>
-                <DeployClass Name="UWP_DelphiLogo150">
-                    <Platform Name="Win32">
-                        <RemoteDir>Assets</RemoteDir>
-                        <Operation>1</Operation>
-                    </Platform>
-                    <Platform Name="Win64">
-                        <RemoteDir>Assets</RemoteDir>
-                        <Operation>1</Operation>
-                    </Platform>
-                </DeployClass>
-                <DeployClass Name="iPad_Launch2048">
-                    <Platform Name="iOSSimulator">
-                        <Operation>1</Operation>
-                    </Platform>
-                    <Platform Name="iOSDevice64">
-                        <Operation>1</Operation>
-                    </Platform>
-                    <Platform Name="iOSDevice32">
-                        <Operation>1</Operation>
-                    </Platform>
-                </DeployClass>
-                <DeployClass Name="AndroidSplashStyles">
-                    <Platform Name="Android">
-                        <RemoteDir>res\values</RemoteDir>
-                        <Operation>1</Operation>
-                    </Platform>
-                </DeployClass>
-                <DeployClass Name="Android_SplashImage426">
-                    <Platform Name="Android">
-                        <RemoteDir>res\drawable-small</RemoteDir>
-                        <Operation>1</Operation>
-                    </Platform>
-                </DeployClass>
-                <DeployClass Name="AndroidSplashImageDef">
-                    <Platform Name="Android">
-                        <RemoteDir>res\drawable</RemoteDir>
-                        <Operation>1</Operation>
-                    </Platform>
-                </DeployClass>
-                <DeployClass Name="ProjectiOSResource">
-                    <Platform Name="iOSSimulator">
-                        <Operation>1</Operation>
-                    </Platform>
-                    <Platform Name="iOSDevice64">
-                        <Operation>1</Operation>
-                    </Platform>
-                    <Platform Name="iOSDevice32">
-                        <Operation>1</Operation>
-                    </Platform>
-                </DeployClass>
-                <DeployClass Name="ProjectAndroidManifest">
-                    <Platform Name="Android">
-                        <Operation>1</Operation>
-                    </Platform>
-                </DeployClass>
-                <DeployClass Name="Android_DefaultAppIcon">
-                    <Platform Name="Android">
-                        <RemoteDir>res\drawable</RemoteDir>
-                        <Operation>1</Operation>
-                    </Platform>
-                </DeployClass>
-                <DeployClass Name="File">
-                    <Platform Name="Win32">
-                        <Operation>0</Operation>
-                    </Platform>
-                    <Platform Name="iOSDevice64">
-                        <Operation>0</Operation>
-                    </Platform>
-                    <Platform Name="OSX32">
-                        <RemoteDir>Contents\Resources\StartUp\</RemoteDir>
-                        <Operation>0</Operation>
-                    </Platform>
-                    <Platform Name="iOSDevice32">
-                        <Operation>0</Operation>
-                    </Platform>
-                    <Platform Name="Android">
-                        <Operation>0</Operation>
-                    </Platform>
-                    <Platform Name="iOSSimulator">
-                        <Operation>0</Operation>
-                    </Platform>
-                </DeployClass>
-                <DeployClass Name="AndroidServiceOutput">
-                    <Platform Name="Android">
-                        <RemoteDir>library\lib\armeabi-v7a</RemoteDir>
-                        <Operation>1</Operation>
-                    </Platform>
-                </DeployClass>
-                <DeployClass Required="true" Name="DependencyPackage">
-                    <Platform Name="Win32">
-                        <Operation>0</Operation>
-                        <Extensions>.bpl</Extensions>
-                    </Platform>
-                    <Platform Name="iOSDevice64">
-                        <Operation>1</Operation>
-                        <Extensions>.dylib</Extensions>
-                    </Platform>
-                    <Platform Name="OSX32">
-                        <RemoteDir>Contents\MacOS</RemoteDir>
-                        <Operation>1</Operation>
-                        <Extensions>.dylib</Extensions>
-                    </Platform>
-                    <Platform Name="iOSDevice32">
-                        <Operation>1</Operation>
-                        <Extensions>.dylib</Extensions>
-                    </Platform>
-                    <Platform Name="iOSSimulator">
-                        <Operation>1</Operation>
-                        <Extensions>.dylib</Extensions>
-                    </Platform>
-                </DeployClass>
-                <DeployClass Name="Android_LauncherIcon48">
-                    <Platform Name="Android">
-                        <RemoteDir>res\drawable-mdpi</RemoteDir>
-                        <Operation>1</Operation>
-                    </Platform>
-                </DeployClass>
-                <DeployClass Name="Android_SplashImage960">
-                    <Platform Name="Android">
-                        <RemoteDir>res\drawable-xlarge</RemoteDir>
-                        <Operation>1</Operation>
-                    </Platform>
-                </DeployClass>
-                <DeployClass Name="Android_LauncherIcon36">
-                    <Platform Name="Android">
-                        <RemoteDir>res\drawable-ldpi</RemoteDir>
-                        <Operation>1</Operation>
-                    </Platform>
-                </DeployClass>
-                <DeployClass Name="ProjectiOSDeviceResourceRules">
-                    <Platform Name="iOSDevice64">
-                        <Operation>1</Operation>
-                    </Platform>
-                    <Platform Name="iOSDevice32">
-                        <Operation>1</Operation>
-                    </Platform>
-                </DeployClass>
-                <ProjectRoot Platform="iOSDevice64" Name="$(PROJECTNAME).app"/>
-                <ProjectRoot Platform="Win64" Name="$(PROJECTNAME)"/>
-                <ProjectRoot Platform="iOSDevice32" Name="$(PROJECTNAME).app"/>
-                <ProjectRoot Platform="Linux64" Name="$(PROJECTNAME)"/>
-                <ProjectRoot Platform="Win32" Name="$(PROJECTNAME)"/>
-                <ProjectRoot Platform="OSX32" Name="$(PROJECTNAME).app"/>
-                <ProjectRoot Platform="Android" Name="$(PROJECTNAME)"/>
-                <ProjectRoot Platform="iOSSimulator" Name="$(PROJECTNAME).app"/>
-            </Deployment>
             <Platforms>
                 <Platform value="Win32">True</Platform>
                 <Platform value="Win64">False</Platform>

From 977a928dc2bb1b2c1960574e87a6a6978030dae4 Mon Sep 17 00:00:00 2001
From: "Fabian S. Biehn" <fbiehn@aagon.com>
Date: Wed, 28 Oct 2020 16:17:48 +0100
Subject: [PATCH 09/64] Do not use SafeLoadLibrary without second parameter

See for more information:
https://blog.dummzeuch.de/2017/06/13/do-not-call-safeloadlibrarydllname-dll/
---
 Lib/Protocols/OpenSSL/IdOpenSSLLoader.pas | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/Lib/Protocols/OpenSSL/IdOpenSSLLoader.pas b/Lib/Protocols/OpenSSL/IdOpenSSLLoader.pas
index 001bcb5ec..5944e9198 100644
--- a/Lib/Protocols/OpenSSL/IdOpenSSLLoader.pas
+++ b/Lib/Protocols/OpenSSL/IdOpenSSLLoader.pas
@@ -26,6 +26,10 @@ implementation
 
 {$IFNDEF STATICLOAD_OPENSSL}
 uses
+{$IFDEF MSWINDOWS}
+  Windows,
+{$ENDIF}
+
   IdOpenSSLHeaders_aes,
   IdOpenSSLHeaders_asn1,
   IdOpenSSLHeaders_asn1err,
@@ -166,8 +170,8 @@ function TOpenSSLLoader.Load: Boolean;
   try
     if FLoadCount.Value <= 0 then
     begin
-      LLibCrypto := SafeLoadLibrary(FOpenSSLPath + CLibCrypto);
-      LLibSSL := SafeLoadLibrary(FOpenSSLPath + CLibSSL);
+      LLibCrypto := SafeLoadLibrary(FOpenSSLPath + CLibCrypto, SEM_FAILCRITICALERRORS);
+      LLibSSL := SafeLoadLibrary(FOpenSSLPath + CLibSSL, SEM_FAILCRITICALERRORS);
       Result := not (LLibCrypto = IdNilHandle) and not (LLibSSL = IdNilHandle);
       if not Result then
         Exit;

From 47c1a32fba76ad717a853ae2be6bccd74abd8b94 Mon Sep 17 00:00:00 2001
From: "Fabian S. Biehn" <fbiehn@aagon.com>
Date: Wed, 28 Oct 2020 16:18:59 +0100
Subject: [PATCH 10/64] Added code for loading OpenSSL on Linux

Thanks to @xjikka
---
 Lib/Protocols/OpenSSL/IdOpenSSLConsts.pas | 13 +++++++++----
 Lib/Protocols/OpenSSL/IdOpenSSLLoader.pas |  5 +++++
 2 files changed, 14 insertions(+), 4 deletions(-)

diff --git a/Lib/Protocols/OpenSSL/IdOpenSSLConsts.pas b/Lib/Protocols/OpenSSL/IdOpenSSLConsts.pas
index 1ec07c84b..018f96d96 100644
--- a/Lib/Protocols/OpenSSL/IdOpenSSLConsts.pas
+++ b/Lib/Protocols/OpenSSL/IdOpenSSLConsts.pas
@@ -5,13 +5,18 @@ interface
 {$i IdCompilerDefines.inc}
 
 const
+  CLibCryptoRaw = 'libcrypto';
+  CLibSSLRaw = 'libssl';
+
+  SSLDLLVers: array [0..1] of string = ('', '.1.1');
+
   CLibCrypto =
-    {$IFDEF CPU32}'libcrypto-1_1.dll'{$ENDIF}
-    {$IFDEF CPU64}'libcrypto-1_1-x64.dll'{$ENDIF}
+    {$IFDEF CPU32}CLibCryptoRaw + '-1_1.dll'{$ENDIF}
+    {$IFDEF CPU64}CLibCryptoRaw + '-1_1-x64.dll'{$ENDIF}
     ;
   CLibSSL =
-    {$IFDEF CPU32}'libssl-1_1.dll'{$ENDIF}
-    {$IFDEF CPU64}'libssl-1_1-x64.dll'{$ENDIF}
+    {$IFDEF CPU32}CLibSSLRaw + '-1_1.dll'{$ENDIF}
+    {$IFDEF CPU64}CLibSSLRaw + '-1_1-x64.dll'{$ENDIF}
     ;
 
 implementation
diff --git a/Lib/Protocols/OpenSSL/IdOpenSSLLoader.pas b/Lib/Protocols/OpenSSL/IdOpenSSLLoader.pas
index 5944e9198..71c1e11f1 100644
--- a/Lib/Protocols/OpenSSL/IdOpenSSLLoader.pas
+++ b/Lib/Protocols/OpenSSL/IdOpenSSLLoader.pas
@@ -170,8 +170,13 @@ function TOpenSSLLoader.Load: Boolean;
   try
     if FLoadCount.Value <= 0 then
     begin
+      {$IFDEF MSWINDOWS}
       LLibCrypto := SafeLoadLibrary(FOpenSSLPath + CLibCrypto, SEM_FAILCRITICALERRORS);
       LLibSSL := SafeLoadLibrary(FOpenSSLPath + CLibSSL, SEM_FAILCRITICALERRORS);
+      {$ELSE}
+      LLibCrypto := HMODULE(HackLoad(FOpenSSLPath + CLibCryptoRaw, SSLDLLVers));
+      LLibSSL := HMODULE(HackLoad(FOpenSSLPath + CLibSSLRaw, SSLDLLVers));
+      {$ENDIF}
       Result := not (LLibCrypto = IdNilHandle) and not (LLibSSL = IdNilHandle);
       if not Result then
         Exit;

From 8d0a3449ac224d93f58af7aec1cf7957d0fa13c0 Mon Sep 17 00:00:00 2001
From: "Fabian S. Biehn" <fbiehn@aagon.com>
Date: Wed, 28 Oct 2020 16:23:05 +0100
Subject: [PATCH 11/64] Replaced %LINE% with %LINENUM%

%LINE% is a string, but we need an integer

Thanks to @grahamegrieve
---
 .../IdOpenSSLHeaders_crypto.pas               | 28 ++++++++---------
 .../dynamic/IdOpenSSLHeaders_crypto.pas       | 30 +++++++++----------
 .../static/IdOpenSSLHeaders_crypto.pas        | 28 ++++++++---------
 3 files changed, 43 insertions(+), 43 deletions(-)

diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_crypto.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_crypto.pas
index e4b3cc326..1643c503a 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_crypto.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_crypto.pas
@@ -347,85 +347,85 @@ implementation
 
 // OPENSSL_FILE = __FILE__ = C preprocessor macro
 // OPENSSL_LINE = __LINE__ = C preprocessor macro
-// FPC hase an equivalent with {$I %FILE%} and {$I %LINE%}, see https://www.freepascal.org/docs-html/prog/progsu41.html#x47-460001.1.41
+// FPC hase an equivalent with {$I %FILE%} and {$I %LINENUM%}, see https://www.freepascal.org/docs-html/prog/progsu41.html#x47-460001.1.41
 // Delphi has nothing :(
 
 //# define OPENSSL_malloc(num) CRYPTO_malloc(num, OPENSSL_FILE, OPENSSL_LINE)
 function OPENSSL_malloc(num: TIdC_SIZET): Pointer;
 begin
-  Result := CRYPTO_malloc(num, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINE%}{$ENDIF});
+  Result := CRYPTO_malloc(num, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINENUM%}{$ENDIF});
 end;
 
 //# define OPENSSL_zalloc(num) CRYPTO_zalloc(num, OPENSSL_FILE, OPENSSL_LINE)
 function OPENSSL_zalloc(num: TIdC_SIZET): Pointer;
 begin
-  Result := CRYPTO_zalloc(num, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINE%}{$ENDIF});
+  Result := CRYPTO_zalloc(num, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINENUM%}{$ENDIF});
 end;
 
 //# define OPENSSL_realloc(addr, num) CRYPTO_realloc(addr, num, OPENSSL_FILE, OPENSSL_LINE)
 function OPENSSL_realloc(addr: Pointer; num: TIdC_SIZET): Pointer;
 begin
-  Result := CRYPTO_realloc(addr, num, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINE%}{$ENDIF});
+  Result := CRYPTO_realloc(addr, num, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINENUM%}{$ENDIF});
 end;
 
 //# define OPENSSL_clear_realloc(addr, old_num, num) CRYPTO_clear_realloc(addr, old_num, num, OPENSSL_FILE, OPENSSL_LINE)
 function OPENSSL_clear_realloc(addr: Pointer; old_num: TIdC_SIZET; num: TIdC_SIZET): Pointer;
 begin
-  Result := CRYPTO_clear_realloc(addr, old_num, num, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINE%}{$ENDIF});
+  Result := CRYPTO_clear_realloc(addr, old_num, num, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINENUM%}{$ENDIF});
 end;
 
 //# define OPENSSL_clear_free(addr, num) CRYPTO_clear_free(addr, num, OPENSSL_FILE, OPENSSL_LINE)
 procedure OPENSSL_clear_free(addr: Pointer; num: TIdC_SIZET);
 begin
-  CRYPTO_clear_free(addr, num, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINE%}{$ENDIF});
+  CRYPTO_clear_free(addr, num, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINENUM%}{$ENDIF});
 end;
 
 //# define OPENSSL_free(addr) CRYPTO_free(addr, OPENSSL_FILE, OPENSSL_LINE)
 procedure OPENSSL_free(addr: Pointer);
 begin
-  CRYPTO_free(addr, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINE%}{$ENDIF});
+  CRYPTO_free(addr, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINENUM%}{$ENDIF});
 end;
 
 //# define OPENSSL_memdup(str, s) CRYPTO_memdup((str), s, OPENSSL_FILE, OPENSSL_LINE)
 function OPENSSL_memdup(const str: Pointer; s: TIdC_SIZET): Pointer;
 begin
-  Result := CRYPTO_memdup(str, s, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINE%}{$ENDIF});
+  Result := CRYPTO_memdup(str, s, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINENUM%}{$ENDIF});
 end;
 
 //# define OPENSSL_strdup(str) CRYPTO_strdup(str, OPENSSL_FILE, OPENSSL_LINE)
 function OPENSSL_strdup(const str: PAnsiChar): PAnsiChar;
 begin
-  Result := CRYPTO_strdup(str, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINE%}{$ENDIF});
+  Result := CRYPTO_strdup(str, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINENUM%}{$ENDIF});
 end;
 
 //# define OPENSSL_strndup(str, n) CRYPTO_strndup(str, n, OPENSSL_FILE, OPENSSL_LINE)
 function OPENSSL_strndup(const str: PAnsiChar; n: TIdC_SIZET): PAnsiChar;
 begin
-  Result := CRYPTO_strndup(str, n, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINE%}{$ENDIF});
+  Result := CRYPTO_strndup(str, n, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINENUM%}{$ENDIF});
 end;
 
 //# define OPENSSL_secure_malloc(num) CRYPTO_secure_malloc(num, OPENSSL_FILE, OPENSSL_LINE)
 function OPENSSL_secure_malloc(num: TIdC_SIZET): Pointer;
 begin
-  Result := CRYPTO_secure_malloc(num, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINE%}{$ENDIF});
+  Result := CRYPTO_secure_malloc(num, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINENUM%}{$ENDIF});
 end;
 
 //# define OPENSSL_secure_zalloc(num) CRYPTO_secure_zalloc(num, OPENSSL_FILE, OPENSSL_LINE)
 function OPENSSL_secure_zalloc(num: TIdC_SIZET): Pointer;
 begin
-  Result := CRYPTO_secure_zalloc(num, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINE%}{$ENDIF});
+  Result := CRYPTO_secure_zalloc(num, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINENUM%}{$ENDIF});
 end;
 
 //# define OPENSSL_secure_free(addr) CRYPTO_secure_free(addr, OPENSSL_FILE, OPENSSL_LINE)
 procedure OPENSSL_secure_free(addr: Pointer);
 begin
-  CRYPTO_secure_free(addr, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINE%}{$ENDIF});
+  CRYPTO_secure_free(addr, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINENUM%}{$ENDIF});
 end;
 
 //# define OPENSSL_secure_clear_free(addr, num) CRYPTO_secure_clear_free(addr, num, OPENSSL_FILE, OPENSSL_LINE)
 procedure OPENSSL_secure_clear_free(addr: Pointer; num: TIdC_SIZET);
 begin
-  CRYPTO_secure_clear_free(addr, num, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINE%}{$ENDIF});
+  CRYPTO_secure_clear_free(addr, num, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINENUM%}{$ENDIF});
 end;
 
 //# define OPENSSL_secure_actual_size(ptr) CRYPTO_secure_actual_size(ptr)
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_crypto.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_crypto.pas
index bea98d826..c37a2d80d 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_crypto.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_crypto.pas
@@ -73,7 +73,7 @@ interface
   CRYPTO_EX_INDEX_UI_METHOD = 14;
   CRYPTO_EX_INDEX_DRBG = 15;
   CRYPTO_EX_INDEX__COUNT = 16;
-  
+
   // Added _CONST to prevent nameclashes
   OPENSSL_VERSION_CONST = 0;
   OPENSSL_CFLAGS = 1;
@@ -503,85 +503,85 @@ procedure UnLoad;
 
 // OPENSSL_FILE = __FILE__ = C preprocessor macro
 // OPENSSL_LINE = __LINE__ = C preprocessor macro
-// FPC hase an equivalent with {$I %FILE%} and {$I %LINE%}, see https://www.freepascal.org/docs-html/prog/progsu41.html#x47-460001.1.41
+// FPC hase an equivalent with {$I %FILE%} and {$I %LINENUM%}, see https://www.freepascal.org/docs-html/prog/progsu41.html#x47-460001.1.41
 // Delphi has nothing :(
 
 //# define OPENSSL_malloc(num) CRYPTO_malloc(num, OPENSSL_FILE, OPENSSL_LINE)
 function OPENSSL_malloc(num: TIdC_SIZET): Pointer;
 begin
-  Result := CRYPTO_malloc(num, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINE%}{$ENDIF});
+  Result := CRYPTO_malloc(num, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINENUM%}{$ENDIF});
 end;
 
 //# define OPENSSL_zalloc(num) CRYPTO_zalloc(num, OPENSSL_FILE, OPENSSL_LINE)
 function OPENSSL_zalloc(num: TIdC_SIZET): Pointer;
 begin
-  Result := CRYPTO_zalloc(num, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINE%}{$ENDIF});
+  Result := CRYPTO_zalloc(num, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINENUM%}{$ENDIF});
 end;
 
 //# define OPENSSL_realloc(addr, num) CRYPTO_realloc(addr, num, OPENSSL_FILE, OPENSSL_LINE)
 function OPENSSL_realloc(addr: Pointer; num: TIdC_SIZET): Pointer;
 begin
-  Result := CRYPTO_realloc(addr, num, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINE%}{$ENDIF});
+  Result := CRYPTO_realloc(addr, num, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINENUM%}{$ENDIF});
 end;
 
 //# define OPENSSL_clear_realloc(addr, old_num, num) CRYPTO_clear_realloc(addr, old_num, num, OPENSSL_FILE, OPENSSL_LINE)
 function OPENSSL_clear_realloc(addr: Pointer; old_num: TIdC_SIZET; num: TIdC_SIZET): Pointer;
 begin
-  Result := CRYPTO_clear_realloc(addr, old_num, num, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINE%}{$ENDIF});
+  Result := CRYPTO_clear_realloc(addr, old_num, num, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINENUM%}{$ENDIF});
 end;
 
 //# define OPENSSL_clear_free(addr, num) CRYPTO_clear_free(addr, num, OPENSSL_FILE, OPENSSL_LINE)
 procedure OPENSSL_clear_free(addr: Pointer; num: TIdC_SIZET);
 begin
-  CRYPTO_clear_free(addr, num, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINE%}{$ENDIF});
+  CRYPTO_clear_free(addr, num, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINENUM%}{$ENDIF});
 end;
 
 //# define OPENSSL_free(addr) CRYPTO_free(addr, OPENSSL_FILE, OPENSSL_LINE)
 procedure OPENSSL_free(addr: Pointer);
 begin
-  CRYPTO_free(addr, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINE%}{$ENDIF});
+  CRYPTO_free(addr, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINENUM%}{$ENDIF});
 end;
 
 //# define OPENSSL_memdup(str, s) CRYPTO_memdup((str), s, OPENSSL_FILE, OPENSSL_LINE)
 function OPENSSL_memdup(const str: Pointer; s: TIdC_SIZET): Pointer;
 begin
-  Result := CRYPTO_memdup(str, s, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINE%}{$ENDIF});
+  Result := CRYPTO_memdup(str, s, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINENUM%}{$ENDIF});
 end;
 
 //# define OPENSSL_strdup(str) CRYPTO_strdup(str, OPENSSL_FILE, OPENSSL_LINE)
 function OPENSSL_strdup(const str: PAnsiChar): PAnsiChar;
 begin
-  Result := CRYPTO_strdup(str, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINE%}{$ENDIF});
+  Result := CRYPTO_strdup(str, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINENUM%}{$ENDIF});
 end;
 
 //# define OPENSSL_strndup(str, n) CRYPTO_strndup(str, n, OPENSSL_FILE, OPENSSL_LINE)
 function OPENSSL_strndup(const str: PAnsiChar; n: TIdC_SIZET): PAnsiChar;
 begin
-  Result := CRYPTO_strndup(str, n, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINE%}{$ENDIF});
+  Result := CRYPTO_strndup(str, n, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINENUM%}{$ENDIF});
 end;
 
 //# define OPENSSL_secure_malloc(num) CRYPTO_secure_malloc(num, OPENSSL_FILE, OPENSSL_LINE)
 function OPENSSL_secure_malloc(num: TIdC_SIZET): Pointer;
 begin
-  Result := CRYPTO_secure_malloc(num, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINE%}{$ENDIF});
+  Result := CRYPTO_secure_malloc(num, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINENUM%}{$ENDIF});
 end;
 
 //# define OPENSSL_secure_zalloc(num) CRYPTO_secure_zalloc(num, OPENSSL_FILE, OPENSSL_LINE)
 function OPENSSL_secure_zalloc(num: TIdC_SIZET): Pointer;
 begin
-  Result := CRYPTO_secure_zalloc(num, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINE%}{$ENDIF});
+  Result := CRYPTO_secure_zalloc(num, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINENUM%}{$ENDIF});
 end;
 
 //# define OPENSSL_secure_free(addr) CRYPTO_secure_free(addr, OPENSSL_FILE, OPENSSL_LINE)
 procedure OPENSSL_secure_free(addr: Pointer);
 begin
-  CRYPTO_secure_free(addr, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINE%}{$ENDIF});
+  CRYPTO_secure_free(addr, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINENUM%}{$ENDIF});
 end;
 
 //# define OPENSSL_secure_clear_free(addr, num) CRYPTO_secure_clear_free(addr, num, OPENSSL_FILE, OPENSSL_LINE)
 procedure OPENSSL_secure_clear_free(addr: Pointer; num: TIdC_SIZET);
 begin
-  CRYPTO_secure_clear_free(addr, num, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINE%}{$ENDIF});
+  CRYPTO_secure_clear_free(addr, num, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINENUM%}{$ENDIF});
 end;
 
 //# define OPENSSL_secure_actual_size(ptr) CRYPTO_secure_actual_size(ptr)
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_crypto.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_crypto.pas
index a19f26d86..0154a5d99 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_crypto.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_crypto.pas
@@ -352,85 +352,85 @@ implementation
 
 // OPENSSL_FILE = __FILE__ = C preprocessor macro
 // OPENSSL_LINE = __LINE__ = C preprocessor macro
-// FPC hase an equivalent with {$I %FILE%} and {$I %LINE%}, see https://www.freepascal.org/docs-html/prog/progsu41.html#x47-460001.1.41
+// FPC hase an equivalent with {$I %FILE%} and {$I %LINENUM%}, see https://www.freepascal.org/docs-html/prog/progsu41.html#x47-460001.1.41
 // Delphi has nothing :(
 
 //# define OPENSSL_malloc(num) CRYPTO_malloc(num, OPENSSL_FILE, OPENSSL_LINE)
 function OPENSSL_malloc(num: TIdC_SIZET): Pointer;
 begin
-  Result := CRYPTO_malloc(num, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINE%}{$ENDIF});
+  Result := CRYPTO_malloc(num, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINENUM%}{$ENDIF});
 end;
 
 //# define OPENSSL_zalloc(num) CRYPTO_zalloc(num, OPENSSL_FILE, OPENSSL_LINE)
 function OPENSSL_zalloc(num: TIdC_SIZET): Pointer;
 begin
-  Result := CRYPTO_zalloc(num, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINE%}{$ENDIF});
+  Result := CRYPTO_zalloc(num, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINENUM%}{$ENDIF});
 end;
 
 //# define OPENSSL_realloc(addr, num) CRYPTO_realloc(addr, num, OPENSSL_FILE, OPENSSL_LINE)
 function OPENSSL_realloc(addr: Pointer; num: TIdC_SIZET): Pointer;
 begin
-  Result := CRYPTO_realloc(addr, num, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINE%}{$ENDIF});
+  Result := CRYPTO_realloc(addr, num, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINENUM%}{$ENDIF});
 end;
 
 //# define OPENSSL_clear_realloc(addr, old_num, num) CRYPTO_clear_realloc(addr, old_num, num, OPENSSL_FILE, OPENSSL_LINE)
 function OPENSSL_clear_realloc(addr: Pointer; old_num: TIdC_SIZET; num: TIdC_SIZET): Pointer;
 begin
-  Result := CRYPTO_clear_realloc(addr, old_num, num, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINE%}{$ENDIF});
+  Result := CRYPTO_clear_realloc(addr, old_num, num, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINENUM%}{$ENDIF});
 end;
 
 //# define OPENSSL_clear_free(addr, num) CRYPTO_clear_free(addr, num, OPENSSL_FILE, OPENSSL_LINE)
 procedure OPENSSL_clear_free(addr: Pointer; num: TIdC_SIZET);
 begin
-  CRYPTO_clear_free(addr, num, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINE%}{$ENDIF});
+  CRYPTO_clear_free(addr, num, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINENUM%}{$ENDIF});
 end;
 
 //# define OPENSSL_free(addr) CRYPTO_free(addr, OPENSSL_FILE, OPENSSL_LINE)
 procedure OPENSSL_free(addr: Pointer);
 begin
-  CRYPTO_free(addr, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINE%}{$ENDIF});
+  CRYPTO_free(addr, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINENUM%}{$ENDIF});
 end;
 
 //# define OPENSSL_memdup(str, s) CRYPTO_memdup((str), s, OPENSSL_FILE, OPENSSL_LINE)
 function OPENSSL_memdup(const str: Pointer; s: TIdC_SIZET): Pointer;
 begin
-  Result := CRYPTO_memdup(str, s, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINE%}{$ENDIF});
+  Result := CRYPTO_memdup(str, s, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINENUM%}{$ENDIF});
 end;
 
 //# define OPENSSL_strdup(str) CRYPTO_strdup(str, OPENSSL_FILE, OPENSSL_LINE)
 function OPENSSL_strdup(const str: PAnsiChar): PAnsiChar;
 begin
-  Result := CRYPTO_strdup(str, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINE%}{$ENDIF});
+  Result := CRYPTO_strdup(str, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINENUM%}{$ENDIF});
 end;
 
 //# define OPENSSL_strndup(str, n) CRYPTO_strndup(str, n, OPENSSL_FILE, OPENSSL_LINE)
 function OPENSSL_strndup(const str: PAnsiChar; n: TIdC_SIZET): PAnsiChar;
 begin
-  Result := CRYPTO_strndup(str, n, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINE%}{$ENDIF});
+  Result := CRYPTO_strndup(str, n, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINENUM%}{$ENDIF});
 end;
 
 //# define OPENSSL_secure_malloc(num) CRYPTO_secure_malloc(num, OPENSSL_FILE, OPENSSL_LINE)
 function OPENSSL_secure_malloc(num: TIdC_SIZET): Pointer;
 begin
-  Result := CRYPTO_secure_malloc(num, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINE%}{$ENDIF});
+  Result := CRYPTO_secure_malloc(num, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINENUM%}{$ENDIF});
 end;
 
 //# define OPENSSL_secure_zalloc(num) CRYPTO_secure_zalloc(num, OPENSSL_FILE, OPENSSL_LINE)
 function OPENSSL_secure_zalloc(num: TIdC_SIZET): Pointer;
 begin
-  Result := CRYPTO_secure_zalloc(num, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINE%}{$ENDIF});
+  Result := CRYPTO_secure_zalloc(num, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINENUM%}{$ENDIF});
 end;
 
 //# define OPENSSL_secure_free(addr) CRYPTO_secure_free(addr, OPENSSL_FILE, OPENSSL_LINE)
 procedure OPENSSL_secure_free(addr: Pointer);
 begin
-  CRYPTO_secure_free(addr, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINE%}{$ENDIF});
+  CRYPTO_secure_free(addr, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINENUM%}{$ENDIF});
 end;
 
 //# define OPENSSL_secure_clear_free(addr, num) CRYPTO_secure_clear_free(addr, num, OPENSSL_FILE, OPENSSL_LINE)
 procedure OPENSSL_secure_clear_free(addr: Pointer; num: TIdC_SIZET);
 begin
-  CRYPTO_secure_clear_free(addr, num, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINE%}{$ENDIF});
+  CRYPTO_secure_clear_free(addr, num, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINENUM%}{$ENDIF});
 end;
 
 //# define OPENSSL_secure_actual_size(ptr) CRYPTO_secure_actual_size(ptr)

From 53e30de1b95abc7d05fa062715aca4775522f545 Mon Sep 17 00:00:00 2001
From: "Fabian S. Biehn" <fbiehn@aagon.com>
Date: Wed, 28 Oct 2020 16:26:04 +0100
Subject: [PATCH 12/64] IndyCheckWindowsVersion is only available under windows

Obviously...

Thanks to @grahamegrieve
---
 Lib/Protocols/OpenSSL/IdOpenSSLIOHandlerClientBase.pas | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/Lib/Protocols/OpenSSL/IdOpenSSLIOHandlerClientBase.pas b/Lib/Protocols/OpenSSL/IdOpenSSLIOHandlerClientBase.pas
index 64c0bc3d2..bbce51fd1 100644
--- a/Lib/Protocols/OpenSSL/IdOpenSSLIOHandlerClientBase.pas
+++ b/Lib/Protocols/OpenSSL/IdOpenSSLIOHandlerClientBase.pas
@@ -153,6 +153,7 @@ procedure TIdOpenSSLIOHandlerClientBase.StartSSL;
     Exit;
   FTLSSocket := FContext.CreateSocket();
 
+  {$IFDEF WIN32_OR_WIN64}
   if IndyCheckWindowsVersion(6) then
   begin
     // Note: Fix needed to allow SSL_Read and SSL_Write to timeout under
@@ -164,6 +165,7 @@ procedure TIdOpenSSLIOHandlerClientBase.StartSSL;
     Binding.SetSockOpt(Id_SOL_SOCKET, Id_SO_RCVTIMEO, LTimeout);
     Binding.SetSockOpt(Id_SOL_SOCKET, Id_SO_SNDTIMEO, LTimeout);
   end;
+  {$ENDIF}
 end;
 
 end.

From 7318e4217396a08c4f8b4d5baf5c8efdad6ffcd3 Mon Sep 17 00:00:00 2001
From: "Fabian S. Biehn" <fbiehn@aagon.com>
Date: Wed, 28 Oct 2020 17:02:22 +0100
Subject: [PATCH 13/64] Removed duplicated types

rsa_st & dsa_st & dh_st & ec_key_st are already in IdOpenSSLHeaders_ossl_typ

Thanks to @grahamegrieve
---
 .../IntermediateCode/IdOpenSSLHeaders_evp.pas | 31 ++++++-----------
 .../OpenSSL/dynamic/IdOpenSSLHeaders_evp.pas  | 33 +++++++------------
 .../OpenSSL/static/IdOpenSSLHeaders_evp.pas   | 33 +++++++------------
 3 files changed, 32 insertions(+), 65 deletions(-)

diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_evp.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_evp.pas
index cbc21bec1..f223007c7 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_evp.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_evp.pas
@@ -432,17 +432,6 @@   evp_cipher_info_st = record
 
   fn = procedure(const ciph: PEVP_CIPHER; const from: PIdAnsiChar; const to_: PIdAnsiChar; x: Pointer); cdecl;
 
-  rsa_st = type Pointer;
-  Prsa_st = ^rsa_st;
-
-  dsa_st = type Pointer;
-  Pdsa_st = ^dsa_st;
-
-  dh_st = type Pointer;
-  Pdh_st = ^dh_st;
-  ec_key_st = type Pointer;
-  Pec_key_st = ^ec_key_st;
-
   pub_decode = function(pk: PEVP_PKEY; pub: PX509_PUBKEY): TIdC_INT; cdecl;
   pub_encode = function(pub: PX509_PUBKEY; const pk: PEVP_PKEY): TIdC_INT; cdecl;
   pub_cmd = function(const a: PEVP_PKEY; const b: PEVP_PKEY): TIdC_INT; cdecl;
@@ -1025,20 +1014,20 @@ function EVP_PKEY_assign_POLY1305(pkey: PEVP_PKEY; polykey: Pointer): TIdC_INT;
   function EVP_PKEY_get0_siphash(const pkey: PEVP_PKEY; len: PIdC_SIZET): PByte;
 
   function EVP_PKEY_set1_RSA(pkey: PEVP_PKEY): TIdC_INT;
-  function EVP_PKEY_get0_RSA(pkey: PEVP_PKEY): Prsa_st;
-  function EVP_PKEY_get1_RSA(pkey: PEVP_PKEY): Prsa_st;
+  function EVP_PKEY_get0_RSA(pkey: PEVP_PKEY): PRSA;
+  function EVP_PKEY_get1_RSA(pkey: PEVP_PKEY): PRSA;
 
   function EVP_PKEY_set1_DSA(pkey: PEVP_PKEY): TIdC_INT;
-  function EVP_PKEY_get0_DSA(pkey: PEVP_PKEY): Pdsa_st;
-  function EVP_PKEY_get1_DSA(pkey: PEVP_PKEY): Pdsa_st;
+  function EVP_PKEY_get0_DSA(pkey: PEVP_PKEY): PDSA;
+  function EVP_PKEY_get1_DSA(pkey: PEVP_PKEY): PDSA;
 
-  function EVP_PKEY_set1_DH(pkey: PEVP_PKEY; key: Pdh_st): TIdC_INT;
-  function EVP_PKEY_get0_DH(pkey: PEVP_PKEY): Pdh_st;
-  function EVP_PKEY_get1_DH(pkey: PEVP_PKEY): Pdh_st;
+  function EVP_PKEY_set1_DH(pkey: PEVP_PKEY; key: PDH): TIdC_INT;
+  function EVP_PKEY_get0_DH(pkey: PEVP_PKEY): PDH;
+  function EVP_PKEY_get1_DH(pkey: PEVP_PKEY): PDH;
 
-  function EVP_PKEY_set1_EC_KEY(pkey: PEVP_PKEY; key: Pec_key_st): TIdC_INT;
-  function EVP_PKEY_get0_EC_KEY(pkey: PEVP_PKEY): Pec_key_st;
-  function EVP_PKEY_get1_EC_KEY(pkey: PEVP_PKEY): Pec_key_st;
+  function EVP_PKEY_set1_EC_KEY(pkey: PEVP_PKEY; key: PEC_KEY): TIdC_INT;
+  function EVP_PKEY_get0_EC_KEY(pkey: PEVP_PKEY): PEC_KEY;
+  function EVP_PKEY_get1_EC_KEY(pkey: PEVP_PKEY): PEC_KEY;
 
   function EVP_PKEY_new: PEVP_PKEY;
   function EVP_PKEY_up_ref(pkey: PEVP_PKEY): TIdC_INT;
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_evp.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_evp.pas
index c521de025..d212f50c7 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_evp.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_evp.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 28.10.2020 15:24:13
+// Generation date: 28.10.2020 16:52:17
 
 unit IdOpenSSLHeaders_evp;
 
@@ -439,17 +439,6 @@   evp_cipher_info_st = record
 
   fn = procedure(const ciph: PEVP_CIPHER; const from: PIdAnsiChar; const to_: PIdAnsiChar; x: Pointer); cdecl;
 
-  rsa_st = type Pointer;
-  Prsa_st = ^rsa_st;
-
-  dsa_st = type Pointer;
-  Pdsa_st = ^dsa_st;
-
-  dh_st = type Pointer;
-  Pdh_st = ^dh_st;
-  ec_key_st = type Pointer;
-  Pec_key_st = ^ec_key_st;
-
   pub_decode = function(pk: PEVP_PKEY; pub: PX509_PUBKEY): TIdC_INT; cdecl;
   pub_encode = function(pub: PX509_PUBKEY; const pk: PEVP_PKEY): TIdC_INT; cdecl;
   pub_cmd = function(const a: PEVP_PKEY; const b: PEVP_PKEY): TIdC_INT; cdecl;
@@ -1035,20 +1024,20 @@ procedure UnLoad;
   EVP_PKEY_get0_siphash: function(const pkey: PEVP_PKEY; len: PIdC_SIZET): PByte cdecl = nil;
 
   EVP_PKEY_set1_RSA: function(pkey: PEVP_PKEY): TIdC_INT cdecl = nil;
-  EVP_PKEY_get0_RSA: function(pkey: PEVP_PKEY): Prsa_st cdecl = nil;
-  EVP_PKEY_get1_RSA: function(pkey: PEVP_PKEY): Prsa_st cdecl = nil;
+  EVP_PKEY_get0_RSA: function(pkey: PEVP_PKEY): PRSA cdecl = nil;
+  EVP_PKEY_get1_RSA: function(pkey: PEVP_PKEY): PRSA cdecl = nil;
 
   EVP_PKEY_set1_DSA: function(pkey: PEVP_PKEY): TIdC_INT cdecl = nil;
-  EVP_PKEY_get0_DSA: function(pkey: PEVP_PKEY): Pdsa_st cdecl = nil;
-  EVP_PKEY_get1_DSA: function(pkey: PEVP_PKEY): Pdsa_st cdecl = nil;
+  EVP_PKEY_get0_DSA: function(pkey: PEVP_PKEY): PDSA cdecl = nil;
+  EVP_PKEY_get1_DSA: function(pkey: PEVP_PKEY): PDSA cdecl = nil;
 
-  EVP_PKEY_set1_DH: function(pkey: PEVP_PKEY; key: Pdh_st): TIdC_INT cdecl = nil;
-  EVP_PKEY_get0_DH: function(pkey: PEVP_PKEY): Pdh_st cdecl = nil;
-  EVP_PKEY_get1_DH: function(pkey: PEVP_PKEY): Pdh_st cdecl = nil;
+  EVP_PKEY_set1_DH: function(pkey: PEVP_PKEY; key: PDH): TIdC_INT cdecl = nil;
+  EVP_PKEY_get0_DH: function(pkey: PEVP_PKEY): PDH cdecl = nil;
+  EVP_PKEY_get1_DH: function(pkey: PEVP_PKEY): PDH cdecl = nil;
 
-  EVP_PKEY_set1_EC_KEY: function(pkey: PEVP_PKEY; key: Pec_key_st): TIdC_INT cdecl = nil;
-  EVP_PKEY_get0_EC_KEY: function(pkey: PEVP_PKEY): Pec_key_st cdecl = nil;
-  EVP_PKEY_get1_EC_KEY: function(pkey: PEVP_PKEY): Pec_key_st cdecl = nil;
+  EVP_PKEY_set1_EC_KEY: function(pkey: PEVP_PKEY; key: PEC_KEY): TIdC_INT cdecl = nil;
+  EVP_PKEY_get0_EC_KEY: function(pkey: PEVP_PKEY): PEC_KEY cdecl = nil;
+  EVP_PKEY_get1_EC_KEY: function(pkey: PEVP_PKEY): PEC_KEY cdecl = nil;
 
   EVP_PKEY_new: function: PEVP_PKEY cdecl = nil;
   EVP_PKEY_up_ref: function(pkey: PEVP_PKEY): TIdC_INT cdecl = nil;
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_evp.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_evp.pas
index 4a9c160b7..a7da4dc4c 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_evp.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_evp.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 28.10.2020 15:24:33
+// Generation date: 28.10.2020 16:52:11
 
 unit IdOpenSSLHeaders_evp;
 
@@ -438,17 +438,6 @@   evp_cipher_info_st = record
 
   fn = procedure(const ciph: PEVP_CIPHER; const from: PIdAnsiChar; const to_: PIdAnsiChar; x: Pointer); cdecl;
 
-  rsa_st = type Pointer;
-  Prsa_st = ^rsa_st;
-
-  dsa_st = type Pointer;
-  Pdsa_st = ^dsa_st;
-
-  dh_st = type Pointer;
-  Pdh_st = ^dh_st;
-  ec_key_st = type Pointer;
-  Pec_key_st = ^ec_key_st;
-
   pub_decode = function(pk: PEVP_PKEY; pub: PX509_PUBKEY): TIdC_INT; cdecl;
   pub_encode = function(pub: PX509_PUBKEY; const pk: PEVP_PKEY): TIdC_INT; cdecl;
   pub_cmd = function(const a: PEVP_PKEY; const b: PEVP_PKEY): TIdC_INT; cdecl;
@@ -1030,20 +1019,20 @@ function EVP_PKEY_assign_POLY1305(pkey: PEVP_PKEY; polykey: Pointer): TIdC_INT;
   function EVP_PKEY_get0_siphash(const pkey: PEVP_PKEY; len: PIdC_SIZET): PByte cdecl; external CLibCrypto;
 
   function EVP_PKEY_set1_RSA(pkey: PEVP_PKEY): TIdC_INT cdecl; external CLibCrypto;
-  function EVP_PKEY_get0_RSA(pkey: PEVP_PKEY): Prsa_st cdecl; external CLibCrypto;
-  function EVP_PKEY_get1_RSA(pkey: PEVP_PKEY): Prsa_st cdecl; external CLibCrypto;
+  function EVP_PKEY_get0_RSA(pkey: PEVP_PKEY): PRSA cdecl; external CLibCrypto;
+  function EVP_PKEY_get1_RSA(pkey: PEVP_PKEY): PRSA cdecl; external CLibCrypto;
 
   function EVP_PKEY_set1_DSA(pkey: PEVP_PKEY): TIdC_INT cdecl; external CLibCrypto;
-  function EVP_PKEY_get0_DSA(pkey: PEVP_PKEY): Pdsa_st cdecl; external CLibCrypto;
-  function EVP_PKEY_get1_DSA(pkey: PEVP_PKEY): Pdsa_st cdecl; external CLibCrypto;
+  function EVP_PKEY_get0_DSA(pkey: PEVP_PKEY): PDSA cdecl; external CLibCrypto;
+  function EVP_PKEY_get1_DSA(pkey: PEVP_PKEY): PDSA cdecl; external CLibCrypto;
 
-  function EVP_PKEY_set1_DH(pkey: PEVP_PKEY; key: Pdh_st): TIdC_INT cdecl; external CLibCrypto;
-  function EVP_PKEY_get0_DH(pkey: PEVP_PKEY): Pdh_st cdecl; external CLibCrypto;
-  function EVP_PKEY_get1_DH(pkey: PEVP_PKEY): Pdh_st cdecl; external CLibCrypto;
+  function EVP_PKEY_set1_DH(pkey: PEVP_PKEY; key: PDH): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_PKEY_get0_DH(pkey: PEVP_PKEY): PDH cdecl; external CLibCrypto;
+  function EVP_PKEY_get1_DH(pkey: PEVP_PKEY): PDH cdecl; external CLibCrypto;
 
-  function EVP_PKEY_set1_EC_KEY(pkey: PEVP_PKEY; key: Pec_key_st): TIdC_INT cdecl; external CLibCrypto;
-  function EVP_PKEY_get0_EC_KEY(pkey: PEVP_PKEY): Pec_key_st cdecl; external CLibCrypto;
-  function EVP_PKEY_get1_EC_KEY(pkey: PEVP_PKEY): Pec_key_st cdecl; external CLibCrypto;
+  function EVP_PKEY_set1_EC_KEY(pkey: PEVP_PKEY; key: PEC_KEY): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_PKEY_get0_EC_KEY(pkey: PEVP_PKEY): PEC_KEY cdecl; external CLibCrypto;
+  function EVP_PKEY_get1_EC_KEY(pkey: PEVP_PKEY): PEC_KEY cdecl; external CLibCrypto;
 
   function EVP_PKEY_new: PEVP_PKEY cdecl; external CLibCrypto;
   function EVP_PKEY_up_ref(pkey: PEVP_PKEY): TIdC_INT cdecl; external CLibCrypto;

From ee17ddc8f29ac57a9a48dae9f440c86b4e8f8a0c Mon Sep 17 00:00:00 2001
From: "Fabian S. Biehn" <fbiehn@aagon.com>
Date: Wed, 28 Oct 2020 17:10:50 +0100
Subject: [PATCH 14/64] If the options of the IO handler change, the context
 must be reinitialized

---
 Lib/Protocols/OpenSSL/IdOpenSSLContext.pas    |  4 ++-
 .../OpenSSL/IdOpenSSLIOHandlerClient.pas      | 26 ++++++++++++-------
 2 files changed, 20 insertions(+), 10 deletions(-)

diff --git a/Lib/Protocols/OpenSSL/IdOpenSSLContext.pas b/Lib/Protocols/OpenSSL/IdOpenSSLContext.pas
index 8411a12f8..83cf486b1 100644
--- a/Lib/Protocols/OpenSSL/IdOpenSSLContext.pas
+++ b/Lib/Protocols/OpenSSL/IdOpenSSLContext.pas
@@ -232,7 +232,9 @@ procedure KeylogCallback(const ssl: PSSL; const line: PIdAnsiChar); cdecl;
 function TIdOpenSSLContext.AreOptionsUnchanged(
   const AOptions: TIdOpenSSLOptionsBase): Boolean;
 begin
-  Result := not Assigned(FOptions) or not FOptions.Equals(AOptions);
+  Result := False;
+  if Assigned(FOptions) then
+    Result := FOptions.Equals(AOptions);
 end;
 
 destructor TIdOpenSSLContext.Destroy;
diff --git a/Lib/Protocols/OpenSSL/IdOpenSSLIOHandlerClient.pas b/Lib/Protocols/OpenSSL/IdOpenSSLIOHandlerClient.pas
index 79b63efbb..862a4dd7f 100644
--- a/Lib/Protocols/OpenSSL/IdOpenSSLIOHandlerClient.pas
+++ b/Lib/Protocols/OpenSSL/IdOpenSSLIOHandlerClient.pas
@@ -44,6 +44,7 @@   TIdOpenSSLIOHandlerClient = class(TIdOpenSSLIOHandlerClientBase)
     FOpenSSLLoaded: Boolean;
     function GetTargetHost: string;
     function GetClientSocket: TIdOpenSSLSocketClient; {$IFDEF USE_INLINE}inline;{$ENDIF}
+    procedure EnsureOpenSSLLoaded;
   protected
     FOptions: TIdOpenSSLOptionsClient;
     function GetOptionClass: TIdOpenSSLOptionsClientClass; virtual;
@@ -77,17 +78,11 @@   TIdOpenSSLContextClientAccessor = class(TIdOpenSSLContextClient);
 { TIdOpenSSLIOHandlerClient }
 
 procedure TIdOpenSSLIOHandlerClient.EnsureContext;
-var
-  LLoader: IOpenSSLLoader;
 begin
-  if Assigned(FContext) then
-    Exit;
-  FContext := TIdOpenSSLContextClient.Create();
+  if not Assigned(FContext) then
+    FContext := TIdOpenSSLContextClient.Create();
 
-  LLoader := GetOpenSSLLoader();
-  if not FOpenSSLLoaded and Assigned(LLoader) and not LLoader.Load() then
-    raise EIdOpenSSLLoadError.Create('Failed to load OpenSSL');
-  FOpenSSLLoaded := True;
+  EnsureOpenSSLLoaded();
   try
     BeforeInitContext(FContext);
     TIdOpenSSLContextClient(FContext).Init(FOptions);
@@ -105,6 +100,19 @@ procedure TIdOpenSSLIOHandlerClient.EnsureContext;
   end;
 end;
 
+procedure TIdOpenSSLIOHandlerClient.EnsureOpenSSLLoaded;
+var
+  LLoader: IOpenSSLLoader;
+begin
+  if not FOpenSSLLoaded then
+  begin
+    LLoader := GetOpenSSLLoader();
+    if Assigned(LLoader) and not LLoader.Load() then
+      raise EIdOpenSSLLoadError.Create('Failed to load OpenSSL');
+    FOpenSSLLoaded := True;
+  end;
+end;
+
 procedure TIdOpenSSLIOHandlerClient.AfterInitContext(
   const AContext: TIdOpenSSLContext);
 begin

From 1b6029c4a2acf37c94c309964f9a97a7e2413d19 Mon Sep 17 00:00:00 2001
From: "Fabian S. Biehn" <fbiehn@aagon.com>
Date: Thu, 29 Oct 2020 07:08:40 +0100
Subject: [PATCH 15/64] Corrected some header imports

---
 .../OpenSSL/IntermediateCode/IdOpenSSLHeaders_evp.pas  |  8 ++++----
 Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_evp.pas | 10 +++++-----
 Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_evp.pas  | 10 +++++-----
 3 files changed, 14 insertions(+), 14 deletions(-)

diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_evp.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_evp.pas
index f223007c7..73840eb16 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_evp.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_evp.pas
@@ -744,8 +744,8 @@ function EVP_PKEY_assign_POLY1305(pkey: PEVP_PKEY; polykey: Pointer): TIdC_INT;
 
   function EVP_DigestVerify(ctx: PEVP_CIPHER_CTX; const sigret: PByte; siglen: TIdC_SIZET; const tbs: PByte; tbslen: TIdC_SIZET): TIdC_INT;
 
-  function EVP_DigestSignInit(ctx: PEVP_CIPHER_CTX; pctx: PPEVP_PKEY_CTX; const type_: PEVP_MD; e: PENGINE; pkey: PEVP_PKEY): TIdC_INT;
-  function EVP_DigestSignFinal(ctx: PEVP_CIPHER_CTX; sigret: PByte; siglen: PIdC_SIZET): TIdC_INT;
+  function EVP_DigestSignInit(ctx: PEVP_MD_CTX; pctx: PPEVP_PKEY_CTX; const type_: PEVP_MD; e: PENGINE; pkey: PEVP_PKEY): TIdC_INT;
+  function EVP_DigestSignFinal(ctx: PEVP_MD_CTX; sigret: PByte; siglen: PIdC_SIZET): TIdC_INT;
 
   function EVP_DigestVerifyInit(ctx: PEVP_MD_CTX; ppctx: PPEVP_PKEY_CTX; const type_: PEVP_MD; e: PENGINE; pkey: PEVP_PKEY): TIdC_INT;
   function EVP_DigestVerifyFinal(ctx: PEVP_MD_CTX; const sig: PByte; siglen: TIdC_SIZET): TIdC_INT;
@@ -1013,11 +1013,11 @@ function EVP_PKEY_assign_POLY1305(pkey: PEVP_PKEY; polykey: Pointer): TIdC_INT;
   function EVP_PKEY_get0_poly1305(const pkey: PEVP_PKEY; len: PIdC_SIZET): PByte;
   function EVP_PKEY_get0_siphash(const pkey: PEVP_PKEY; len: PIdC_SIZET): PByte;
 
-  function EVP_PKEY_set1_RSA(pkey: PEVP_PKEY): TIdC_INT;
+  function EVP_PKEY_set1_RSA(pkey: PEVP_PKEY; key: PRSA): TIdC_INT;
   function EVP_PKEY_get0_RSA(pkey: PEVP_PKEY): PRSA;
   function EVP_PKEY_get1_RSA(pkey: PEVP_PKEY): PRSA;
 
-  function EVP_PKEY_set1_DSA(pkey: PEVP_PKEY): TIdC_INT;
+  function EVP_PKEY_set1_DSA(pkey: PEVP_PKEY; key: PDSA): TIdC_INT;
   function EVP_PKEY_get0_DSA(pkey: PEVP_PKEY): PDSA;
   function EVP_PKEY_get1_DSA(pkey: PEVP_PKEY): PDSA;
 
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_evp.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_evp.pas
index d212f50c7..f026bdc49 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_evp.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_evp.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 28.10.2020 16:52:17
+// Generation date: 29.10.2020 07:07:29
 
 unit IdOpenSSLHeaders_evp;
 
@@ -754,8 +754,8 @@ procedure UnLoad;
 
   EVP_DigestVerify: function(ctx: PEVP_CIPHER_CTX; const sigret: PByte; siglen: TIdC_SIZET; const tbs: PByte; tbslen: TIdC_SIZET): TIdC_INT cdecl = nil;
 
-  EVP_DigestSignInit: function(ctx: PEVP_CIPHER_CTX; pctx: PPEVP_PKEY_CTX; const type_: PEVP_MD; e: PENGINE; pkey: PEVP_PKEY): TIdC_INT cdecl = nil;
-  EVP_DigestSignFinal: function(ctx: PEVP_CIPHER_CTX; sigret: PByte; siglen: PIdC_SIZET): TIdC_INT cdecl = nil;
+  EVP_DigestSignInit: function(ctx: PEVP_MD_CTX; pctx: PPEVP_PKEY_CTX; const type_: PEVP_MD; e: PENGINE; pkey: PEVP_PKEY): TIdC_INT cdecl = nil;
+  EVP_DigestSignFinal: function(ctx: PEVP_MD_CTX; sigret: PByte; siglen: PIdC_SIZET): TIdC_INT cdecl = nil;
 
   EVP_DigestVerifyInit: function(ctx: PEVP_MD_CTX; ppctx: PPEVP_PKEY_CTX; const type_: PEVP_MD; e: PENGINE; pkey: PEVP_PKEY): TIdC_INT cdecl = nil;
   EVP_DigestVerifyFinal: function(ctx: PEVP_MD_CTX; const sig: PByte; siglen: TIdC_SIZET): TIdC_INT cdecl = nil;
@@ -1023,11 +1023,11 @@ procedure UnLoad;
   EVP_PKEY_get0_poly1305: function(const pkey: PEVP_PKEY; len: PIdC_SIZET): PByte cdecl = nil;
   EVP_PKEY_get0_siphash: function(const pkey: PEVP_PKEY; len: PIdC_SIZET): PByte cdecl = nil;
 
-  EVP_PKEY_set1_RSA: function(pkey: PEVP_PKEY): TIdC_INT cdecl = nil;
+  EVP_PKEY_set1_RSA: function(pkey: PEVP_PKEY; key: PRSA): TIdC_INT cdecl = nil;
   EVP_PKEY_get0_RSA: function(pkey: PEVP_PKEY): PRSA cdecl = nil;
   EVP_PKEY_get1_RSA: function(pkey: PEVP_PKEY): PRSA cdecl = nil;
 
-  EVP_PKEY_set1_DSA: function(pkey: PEVP_PKEY): TIdC_INT cdecl = nil;
+  EVP_PKEY_set1_DSA: function(pkey: PEVP_PKEY; key: PDSA): TIdC_INT cdecl = nil;
   EVP_PKEY_get0_DSA: function(pkey: PEVP_PKEY): PDSA cdecl = nil;
   EVP_PKEY_get1_DSA: function(pkey: PEVP_PKEY): PDSA cdecl = nil;
 
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_evp.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_evp.pas
index a7da4dc4c..c9b27fac2 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_evp.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_evp.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 28.10.2020 16:52:11
+// Generation date: 29.10.2020 07:07:33
 
 unit IdOpenSSLHeaders_evp;
 
@@ -749,8 +749,8 @@ function EVP_PKEY_assign_POLY1305(pkey: PEVP_PKEY; polykey: Pointer): TIdC_INT;
 
   function EVP_DigestVerify(ctx: PEVP_CIPHER_CTX; const sigret: PByte; siglen: TIdC_SIZET; const tbs: PByte; tbslen: TIdC_SIZET): TIdC_INT cdecl; external CLibCrypto;
 
-  function EVP_DigestSignInit(ctx: PEVP_CIPHER_CTX; pctx: PPEVP_PKEY_CTX; const type_: PEVP_MD; e: PENGINE; pkey: PEVP_PKEY): TIdC_INT cdecl; external CLibCrypto;
-  function EVP_DigestSignFinal(ctx: PEVP_CIPHER_CTX; sigret: PByte; siglen: PIdC_SIZET): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_DigestSignInit(ctx: PEVP_MD_CTX; pctx: PPEVP_PKEY_CTX; const type_: PEVP_MD; e: PENGINE; pkey: PEVP_PKEY): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_DigestSignFinal(ctx: PEVP_MD_CTX; sigret: PByte; siglen: PIdC_SIZET): TIdC_INT cdecl; external CLibCrypto;
 
   function EVP_DigestVerifyInit(ctx: PEVP_MD_CTX; ppctx: PPEVP_PKEY_CTX; const type_: PEVP_MD; e: PENGINE; pkey: PEVP_PKEY): TIdC_INT cdecl; external CLibCrypto;
   function EVP_DigestVerifyFinal(ctx: PEVP_MD_CTX; const sig: PByte; siglen: TIdC_SIZET): TIdC_INT cdecl; external CLibCrypto;
@@ -1018,11 +1018,11 @@ function EVP_PKEY_assign_POLY1305(pkey: PEVP_PKEY; polykey: Pointer): TIdC_INT;
   function EVP_PKEY_get0_poly1305(const pkey: PEVP_PKEY; len: PIdC_SIZET): PByte cdecl; external CLibCrypto;
   function EVP_PKEY_get0_siphash(const pkey: PEVP_PKEY; len: PIdC_SIZET): PByte cdecl; external CLibCrypto;
 
-  function EVP_PKEY_set1_RSA(pkey: PEVP_PKEY): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_PKEY_set1_RSA(pkey: PEVP_PKEY; key: PRSA): TIdC_INT cdecl; external CLibCrypto;
   function EVP_PKEY_get0_RSA(pkey: PEVP_PKEY): PRSA cdecl; external CLibCrypto;
   function EVP_PKEY_get1_RSA(pkey: PEVP_PKEY): PRSA cdecl; external CLibCrypto;
 
-  function EVP_PKEY_set1_DSA(pkey: PEVP_PKEY): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_PKEY_set1_DSA(pkey: PEVP_PKEY; key: PDSA): TIdC_INT cdecl; external CLibCrypto;
   function EVP_PKEY_get0_DSA(pkey: PEVP_PKEY): PDSA cdecl; external CLibCrypto;
   function EVP_PKEY_get1_DSA(pkey: PEVP_PKEY): PDSA cdecl; external CLibCrypto;
 

From 24f51a571b34548724073636128e882cf586c1b3 Mon Sep 17 00:00:00 2001
From: "Fabian S. Biehn" <fbiehn@aagon.com>
Date: Thu, 29 Oct 2020 07:10:18 +0100
Subject: [PATCH 16/64] Used correct case

---
 .../OpenSSL/IntermediateCode/IdOpenSSLHeaders_ssl.pas         | 2 +-
 Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ssl.pas        | 4 ++--
 Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ssl.pas         | 4 ++--
 3 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ssl.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ssl.pas
index c14ce302b..3b523a2d7 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ssl.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ssl.pas
@@ -44,7 +44,7 @@ interface
   IdOpenSSLHeaders_pem,
   IdOpenSSLHeaders_tls1,
   IdOpenSSLHeaders_ssl3,
-  IdOpenSSLHeaders_X509;
+  IdOpenSSLHeaders_x509;
 
 {$MINENUMSIZE 4}
 
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ssl.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ssl.pas
index c69ab090b..3a42c73c0 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ssl.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ssl.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 28.10.2020 15:24:13
+// Generation date: 29.10.2020 07:09:34
 
 unit IdOpenSSLHeaders_ssl;
 
@@ -51,7 +51,7 @@ interface
   IdOpenSSLHeaders_pem,
   IdOpenSSLHeaders_tls1,
   IdOpenSSLHeaders_ssl3,
-  IdOpenSSLHeaders_X509;
+  IdOpenSSLHeaders_x509;
 
 {$MINENUMSIZE 4}
 
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ssl.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ssl.pas
index 0531ee4f8..77e38af75 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ssl.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ssl.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 28.10.2020 15:24:33
+// Generation date: 29.10.2020 07:09:32
 
 unit IdOpenSSLHeaders_ssl;
 
@@ -50,7 +50,7 @@ interface
   IdOpenSSLHeaders_pem,
   IdOpenSSLHeaders_tls1,
   IdOpenSSLHeaders_ssl3,
-  IdOpenSSLHeaders_X509;
+  IdOpenSSLHeaders_x509;
 
 {$MINENUMSIZE 4}
 

From 6299317c8f2785340b2c04a7fffcbe810af1ec72 Mon Sep 17 00:00:00 2001
From: "Fabian S. Biehn" <fbiehn@aagon.com>
Date: Thu, 29 Oct 2020 09:35:02 +0100
Subject: [PATCH 17/64] Fixed another wrong type

---
 .../OpenSSL/IntermediateCode/IdOpenSSLHeaders_ec.pas          | 2 +-
 Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ec.pas         | 4 ++--
 Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ec.pas          | 4 ++--
 3 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ec.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ec.pas
index 54d1dd37f..368eb8f2d 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ec.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ec.pas
@@ -277,7 +277,7 @@   EC_builtin_curve = record
   function EC_KEY_set_public_key(key: PEC_KEY; const pub: PEC_POINT): TIdC_INT;
   function EC_KEY_get_enc_flags(const key: PEC_KEY): TIdC_UINT;
   procedure EC_KEY_set_enc_flags(eckey: PEC_KEY; flags: TIdC_UINT);
-  function EC_KEY_get_conv_form(const key: Pec_key_st): point_conversion_form_t;
+  function EC_KEY_get_conv_form(const key: PEC_KEY): point_conversion_form_t;
   procedure EC_KEY_set_conv_form(eckey: PEC_KEY; cform: point_conversion_form_t);
   function EC_KEY_set_ex_data(key: PEC_KEY; idx: TIdC_INT; arg: Pointer): TIdC_INT;
   function EC_KEY_get_ex_data(const key: PEC_KEY; idx: TIdC_INT): Pointer;
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ec.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ec.pas
index e790363ab..d9a1f9500 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ec.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ec.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 28.10.2020 15:24:13
+// Generation date: 29.10.2020 09:34:06
 
 unit IdOpenSSLHeaders_ec;
 
@@ -287,7 +287,7 @@ procedure UnLoad;
   EC_KEY_set_public_key: function(key: PEC_KEY; const pub: PEC_POINT): TIdC_INT cdecl = nil;
   EC_KEY_get_enc_flags: function(const key: PEC_KEY): TIdC_UINT cdecl = nil;
   EC_KEY_set_enc_flags: procedure(eckey: PEC_KEY; flags: TIdC_UINT) cdecl = nil;
-  EC_KEY_get_conv_form: function(const key: Pec_key_st): point_conversion_form_t cdecl = nil;
+  EC_KEY_get_conv_form: function(const key: PEC_KEY): point_conversion_form_t cdecl = nil;
   EC_KEY_set_conv_form: procedure(eckey: PEC_KEY; cform: point_conversion_form_t) cdecl = nil;
   EC_KEY_set_ex_data: function(key: PEC_KEY; idx: TIdC_INT; arg: Pointer): TIdC_INT cdecl = nil;
   EC_KEY_get_ex_data: function(const key: PEC_KEY; idx: TIdC_INT): Pointer cdecl = nil;
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ec.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ec.pas
index b9278420b..28f6e8b8c 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ec.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ec.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 28.10.2020 15:24:33
+// Generation date: 29.10.2020 09:34:09
 
 unit IdOpenSSLHeaders_ec;
 
@@ -282,7 +282,7 @@   EC_builtin_curve = record
   function EC_KEY_set_public_key(key: PEC_KEY; const pub: PEC_POINT): TIdC_INT cdecl; external CLibCrypto;
   function EC_KEY_get_enc_flags(const key: PEC_KEY): TIdC_UINT cdecl; external CLibCrypto;
   procedure EC_KEY_set_enc_flags(eckey: PEC_KEY; flags: TIdC_UINT) cdecl; external CLibCrypto;
-  function EC_KEY_get_conv_form(const key: Pec_key_st): point_conversion_form_t cdecl; external CLibCrypto;
+  function EC_KEY_get_conv_form(const key: PEC_KEY): point_conversion_form_t cdecl; external CLibCrypto;
   procedure EC_KEY_set_conv_form(eckey: PEC_KEY; cform: point_conversion_form_t) cdecl; external CLibCrypto;
   function EC_KEY_set_ex_data(key: PEC_KEY; idx: TIdC_INT; arg: Pointer): TIdC_INT cdecl; external CLibCrypto;
   function EC_KEY_get_ex_data(const key: PEC_KEY; idx: TIdC_INT): Pointer cdecl; external CLibCrypto;

From cffaecf9aa46284e58e425394005b65ac5408f45 Mon Sep 17 00:00:00 2001
From: "Fabian S. Biehn" <fbiehn@aagon.com>
Date: Thu, 29 Oct 2020 09:37:08 +0100
Subject: [PATCH 18/64] Fixed copy'n'paste error :(

---
 Lib/Protocols/OpenSSL/IdOpenSSLExceptions.pas | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Lib/Protocols/OpenSSL/IdOpenSSLExceptions.pas b/Lib/Protocols/OpenSSL/IdOpenSSLExceptions.pas
index 786908762..ef5234b64 100644
--- a/Lib/Protocols/OpenSSL/IdOpenSSLExceptions.pas
+++ b/Lib/Protocols/OpenSSL/IdOpenSSLExceptions.pas
@@ -236,7 +236,7 @@ class function EIdOpenSSLErrorStackBasedError.GetErrorReason(
 
 {$IFNDEF VCL_XE4_OR_ABOVE}
 // D2007 does not have SplitString
-  function SplitString(const s, Delimiters: string): TStringArray;
+  function SplitString(const s, Delimiters: string): TStringDynArray;
   var
     i: integer;
     Len: integer;

From db6c612a3fc948d35f7e82c81bc4ab15996f27fa Mon Sep 17 00:00:00 2001
From: "Fabian S. Biehn" <fbiehn@aagon.com>
Date: Thu, 29 Oct 2020 11:17:01 +0100
Subject: [PATCH 19/64] Added missing raise

---
 Lib/Protocols/OpenSSL/IdOpenSSLExceptions.pas | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/Lib/Protocols/OpenSSL/IdOpenSSLExceptions.pas b/Lib/Protocols/OpenSSL/IdOpenSSLExceptions.pas
index ef5234b64..26fb7036b 100644
--- a/Lib/Protocols/OpenSSL/IdOpenSSLExceptions.pas
+++ b/Lib/Protocols/OpenSSL/IdOpenSSLExceptions.pas
@@ -166,7 +166,7 @@ class procedure EIdOpenSSLBaseError.Raise_;
 class procedure EIdOpenSSLBaseError.Raise_(const AMsg: string);
 begin
   {$IFDEF VCL_XE4_OR_ABOVE}
-    Self.Create(AMsg) at
+    raise Self.Create(AMsg) at
     {$IFNDEF FPC}
     ReturnAddress
     {$ELSE}
@@ -181,7 +181,7 @@ class procedure EIdOpenSSLBaseError.Raise_(const AMsg: string);
 class procedure EIdOpenSSLBaseError.RaiseFmt(const AMsg: string; const Args: array of const);
 begin
   {$IFDEF VCL_XE4_OR_ABOVE}
-    Self.Create(AMsg) at
+    raise Self.CreateFmt(AMsg, Args) at
     {$IFNDEF FPC}
     ReturnAddress
     {$ELSE}

From 4bbc062303bee04f0bead7ff813dd8c57d00239d Mon Sep 17 00:00:00 2001
From: "Fabian S. Biehn" <fbiehn@aagon.com>
Date: Tue, 3 Nov 2020 10:10:54 +0100
Subject: [PATCH 20/64] Fixed line endings

---
 .../IdOpenSSLHeaders_conf_api.pas             |  82 ++++-----
 .../IdOpenSSLHeaders_cterr.pas                | 174 +++++++++---------
 2 files changed, 128 insertions(+), 128 deletions(-)

diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_conf_api.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_conf_api.pas
index 137b285a7..a62c2c7d8 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_conf_api.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_conf_api.pas
@@ -1,41 +1,41 @@
-{******************************************************************************}
-{                                                                              }
-{            Indy (Internet Direct) - Internet Protocols Simplified            }
-{                                                                              }
-{            https://www.indyproject.org/                                      }
-{            https://gitter.im/IndySockets/Indy                                }
-{                                                                              }
-{******************************************************************************}
-{                                                                              }
-{  This file is part of the Indy (Internet Direct) project, and is offered     }
-{  under the dual-licensing agreement described on the Indy website.           }
-{  (https://www.indyproject.org/license/)                                      }
-{                                                                              }
-{  Copyright:                                                                  }
-{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
-{                                                                              }
-{******************************************************************************}
-{                                                                              }
-{        Originally written by: Fabian S. Biehn                                }
-{                               fbiehn@aagon.com (German & English)            }
-{                                                                              }
-{        Contributers:                                                         }
-{                               Here could be your name                        }
-{                                                                              }
-{******************************************************************************}
-
-unit IdOpenSSLHeaders_conf_api;
-
-interface
-
-// Headers for OpenSSL 1.1.1
-// conf_api.h
-
-{$i IdCompilerDefines.inc}
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+unit IdOpenSSLHeaders_conf_api;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// conf_api.h
+
+{$i IdCompilerDefines.inc}
 
 uses
-  IdCTypes,
-  IdGlobal,
+  IdCTypes,
+  IdGlobal,
   IdOpenSSLConsts,
   IdOpenSSLHeaders_conf;
 
@@ -49,12 +49,12 @@ interface
   //                                               const char *section);
 
   function _CONF_add_string(conf: PCONF; section: PCONF_VALUE; value: PCONF_VALUE): TIdC_INT;
-  function _CONF_get_string(const conf: PCONF; const section: PAnsiChar; const name: PAnsiChar): PAnsiChar;
-  function _CONF_get_number(const conf: PCONF; const section: PAnsiChar; const name: PAnsiChar): TIdC_LONG;
+  function _CONF_get_string(const conf: PCONF; const section: PAnsiChar; const name: PAnsiChar): PAnsiChar;
+  function _CONF_get_number(const conf: PCONF; const section: PAnsiChar; const name: PAnsiChar): TIdC_LONG;
 
   function _CONF_new_data(conf: PCONF): TIdC_INT;
   procedure _CONF_free_data(conf: PCONF);
 
-
implementation
-
-end.
+
implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_cterr.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_cterr.pas
index 156ae13b7..7b7f6157a 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_cterr.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_cterr.pas
@@ -1,100 +1,100 @@
-{******************************************************************************}
-{                                                                              }
-{            Indy (Internet Direct) - Internet Protocols Simplified            }
-{                                                                              }
-{            https://www.indyproject.org/                                      }
-{            https://gitter.im/IndySockets/Indy                                }
-{                                                                              }
-{******************************************************************************}
-{                                                                              }
-{  This file is part of the Indy (Internet Direct) project, and is offered     }
-{  under the dual-licensing agreement described on the Indy website.           }
-{  (https://www.indyproject.org/license/)                                      }
-{                                                                              }
-{  Copyright:                                                                  }
-{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
-{                                                                              }
-{******************************************************************************}
-{                                                                              }
-{        Originally written by: Fabian S. Biehn                                }
-{                               fbiehn@aagon.com (German & English)            }
-{                                                                              }
-{        Contributers:                                                         }
-{                               Here could be your name                        }
-{                                                                              }
-{******************************************************************************}
-
-unit IdOpenSSLHeaders_cterr;
-
-interface
-
-// Headers for OpenSSL 1.1.1
-// cterr.h
-
-{$i IdCompilerDefines.inc}
-
-uses
-  IdCTypes,
-  IdGlobal,
-  IdOpenSSLConsts;
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+unit IdOpenSSLHeaders_cterr;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// cterr.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
 
 const
   ///*
   // * CT function codes.
   // */
   CT_F_CTLOG_NEW = 117;
-  CT_F_CTLOG_NEW_FROM_BASE64 = 118;
-  CT_F_CTLOG_NEW_FROM_CONF = 119;
-  CT_F_CTLOG_STORE_LOAD_CTX_NEW = 122;
-  CT_F_CTLOG_STORE_LOAD_FILE = 123;
-  CT_F_CTLOG_STORE_LOAD_LOG = 130;
-  CT_F_CTLOG_STORE_NEW = 131;
-  CT_F_CT_BASE64_DECODE = 124;
-  CT_F_CT_POLICY_EVAL_CTX_NEW = 133;
-  CT_F_CT_V1_LOG_ID_FROM_PKEY = 125;
-  CT_F_I2O_SCT = 107;
-  CT_F_I2O_SCT_LIST = 108;
-  CT_F_I2O_SCT_SIGNATURE = 109;
-  CT_F_O2I_SCT = 110;
-  CT_F_O2I_SCT_LIST = 111;
-  CT_F_O2I_SCT_SIGNATURE = 112;
-  CT_F_SCT_CTX_NEW = 126;
-  CT_F_SCT_CTX_VERIFY = 128;
-  CT_F_SCT_NEW = 100;
-  CT_F_SCT_NEW_FROM_BASE64 = 127;
-  CT_F_SCT_SET0_LOG_ID = 101;
-  CT_F_SCT_SET1_EXTENSIONS = 114;
-  CT_F_SCT_SET1_LOG_ID = 115;
-  CT_F_SCT_SET1_SIGNATURE = 116;
-  CT_F_SCT_SET_LOG_ENTRY_TYPE = 102;
-  CT_F_SCT_SET_SIGNATURE_NID = 103;
-  CT_F_SCT_SET_VERSION = 104;
+  CT_F_CTLOG_NEW_FROM_BASE64 = 118;
+  CT_F_CTLOG_NEW_FROM_CONF = 119;
+  CT_F_CTLOG_STORE_LOAD_CTX_NEW = 122;
+  CT_F_CTLOG_STORE_LOAD_FILE = 123;
+  CT_F_CTLOG_STORE_LOAD_LOG = 130;
+  CT_F_CTLOG_STORE_NEW = 131;
+  CT_F_CT_BASE64_DECODE = 124;
+  CT_F_CT_POLICY_EVAL_CTX_NEW = 133;
+  CT_F_CT_V1_LOG_ID_FROM_PKEY = 125;
+  CT_F_I2O_SCT = 107;
+  CT_F_I2O_SCT_LIST = 108;
+  CT_F_I2O_SCT_SIGNATURE = 109;
+  CT_F_O2I_SCT = 110;
+  CT_F_O2I_SCT_LIST = 111;
+  CT_F_O2I_SCT_SIGNATURE = 112;
+  CT_F_SCT_CTX_NEW = 126;
+  CT_F_SCT_CTX_VERIFY = 128;
+  CT_F_SCT_NEW = 100;
+  CT_F_SCT_NEW_FROM_BASE64 = 127;
+  CT_F_SCT_SET0_LOG_ID = 101;
+  CT_F_SCT_SET1_EXTENSIONS = 114;
+  CT_F_SCT_SET1_LOG_ID = 115;
+  CT_F_SCT_SET1_SIGNATURE = 116;
+  CT_F_SCT_SET_LOG_ENTRY_TYPE = 102;
+  CT_F_SCT_SET_SIGNATURE_NID = 103;
+  CT_F_SCT_SET_VERSION = 104;
 
 
   ///*
   // * CT reason codes.
   // */
   CT_R_BASE64_DECODE_ERROR =  108;
-  CT_R_INVALID_LOG_ID_LENGTH =  100;
-  CT_R_LOG_CONF_INVALID =  109;
-  CT_R_LOG_CONF_INVALID_KEY =  110;
-  CT_R_LOG_CONF_MISSING_DESCRIPTION =  111;
-  CT_R_LOG_CONF_MISSING_KEY =  112;
-  CT_R_LOG_KEY_INVALID =  113;
-  CT_R_SCT_FUTURE_TIMESTAMP =  116;
-  CT_R_SCT_INVALID =   104;
-  CT_R_SCT_INVALID_SIGNATURE =  107;
-  CT_R_SCT_LIST_INVALID =  105;
-  CT_R_SCT_LOG_ID_MISMATCH =  114;
-  CT_R_SCT_NOT_SET =   106;
-  CT_R_SCT_UNSUPPORTED_VERSION =  115;
-  CT_R_UNRECOGNIZED_SIGNATURE_NID =  101;
-  CT_R_UNSUPPORTED_ENTRY_TYPE =  102;
-  CT_R_UNSUPPORTED_VERSION =  103;
-
-var
-  function ERR_load_CT_strings: TIdC_INT;
+  CT_R_INVALID_LOG_ID_LENGTH =  100;
+  CT_R_LOG_CONF_INVALID =  109;
+  CT_R_LOG_CONF_INVALID_KEY =  110;
+  CT_R_LOG_CONF_MISSING_DESCRIPTION =  111;
+  CT_R_LOG_CONF_MISSING_KEY =  112;
+  CT_R_LOG_KEY_INVALID =  113;
+  CT_R_SCT_FUTURE_TIMESTAMP =  116;
+  CT_R_SCT_INVALID =   104;
+  CT_R_SCT_INVALID_SIGNATURE =  107;
+  CT_R_SCT_LIST_INVALID =  105;
+  CT_R_SCT_LOG_ID_MISMATCH =  114;
+  CT_R_SCT_NOT_SET =   106;
+  CT_R_SCT_UNSUPPORTED_VERSION =  115;
+  CT_R_UNRECOGNIZED_SIGNATURE_NID =  101;
+  CT_R_UNSUPPORTED_ENTRY_TYPE =  102;
+  CT_R_UNSUPPORTED_VERSION =  103;
+
+var
+  function ERR_load_CT_strings: TIdC_INT;
+
+
implementation
 
-
implementation
-
-end.
+end.

From 61579a71b529266d740b0910ed7c8266dc3f9426 Mon Sep 17 00:00:00 2001
From: "Fabian S. Biehn" <fbiehn@aagon.com>
Date: Tue, 3 Nov 2020 09:39:03 +0100
Subject: [PATCH 21/64] Fixed small errors in crypto

* Missing cdecl
* Using PIdAnsiChar instead of PAnsiChar
---
 .../IdOpenSSLHeaders_crypto.pas               | 48 +++++++++---------
 .../dynamic/IdOpenSSLHeaders_crypto.pas       | 50 +++++++++----------
 .../static/IdOpenSSLHeaders_crypto.pas        | 50 +++++++++----------
 3 files changed, 74 insertions(+), 74 deletions(-)

diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_crypto.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_crypto.pas
index 1643c503a..b94a71bf5 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_crypto.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_crypto.pas
@@ -133,8 +133,8 @@   //crypto_ex_data_st = record
   //                            CRYPTO_EX_new *new_func, CRYPTO_EX_dup *dup_func,
   //                            CRYPTO_EX_free *free_func);
 
-  CRYPTO_mem_leaks_cb_cb = function(const str: PIdAnsiChar; len: TIdC_SIZET; u: Pointer): TIdC_INT;
-  CRYPTO_THREAD_run_once_init = procedure;
+  CRYPTO_mem_leaks_cb_cb = function(const str: PIdAnsiChar; len: TIdC_SIZET; u: Pointer): TIdC_INT; cdecl;
+  CRYPTO_THREAD_run_once_init = procedure; cdecl;
 
   CRYPTO_THREAD_LOCAL = type DWORD;
   PCRYPTO_THREAD_LOCAL = ^CRYPTO_THREAD_LOCAL;
@@ -149,8 +149,8 @@ function OPENSSL_clear_realloc(addr: Pointer; old_num: TIdC_SIZET; num: TIdC_SIZ
 procedure OPENSSL_clear_free(addr: Pointer; num: TIdC_SIZET);
 procedure OPENSSL_free(addr: Pointer);
 function OPENSSL_memdup(const str: Pointer; s: TIdC_SIZET): Pointer;
-function OPENSSL_strdup(const str: PAnsiChar): PAnsiChar;
-function OPENSSL_strndup(const str: PAnsiChar; n: TIdC_SIZET): PAnsiChar;
+function OPENSSL_strdup(const str: PIdAnsiChar): PIdAnsiChar;
+function OPENSSL_strndup(const str: PIdAnsiChar; n: TIdC_SIZET): PIdAnsiChar;
 function OPENSSL_secure_malloc(num: TIdC_SIZET): Pointer;
 function OPENSSL_secure_zalloc(num: TIdC_SIZET): Pointer;
 procedure OPENSSL_secure_free(addr: Pointer);
@@ -178,7 +178,7 @@ function OPENSSL_secure_actual_size(ptr: Pointer): TIdC_SIZET;
   // # define OPENSSL_MALLOC_MAX_NELEMS(type)  (((1U<<(sizeof(int)*8-1))-1)/sizeof(type))
 
   function OpenSSL_version_num: TIdC_ULONG;
-  function OpenSSL_version(&type: TIdC_INT): PAnsiChar;
+  function OpenSSL_version(&type: TIdC_INT): PIdAnsiChar;
 
   function OPENSSL_issetugid: TIdC_INT;
 
@@ -245,22 +245,22 @@ function OPENSSL_secure_actual_size(ptr: Pointer): TIdC_SIZET;
   //        void *(**r) (void *, TIdC_SIZET, const char *, int),
   //        void (**f) (void *, const char *, int));
 
-  function CRYPTO_malloc(num: TIdC_SIZET; const file_: PAnsiChar; line: TIdC_INT): Pointer;
-  function CRYPTO_zalloc(num: TIdC_SIZET; const file_: PAnsiChar; line: TIdC_INT): Pointer;
-  function CRYPTO_memdup(const str: Pointer; siz: TIdC_SIZET; const file_: PAnsiChar; line: TIdC_INT): Pointer;
-  function CRYPTO_strdup(const str: PAnsiChar; const file_: PAnsiChar; line: TIdC_INT): PAnsiChar;
-  function CRYPTO_strndup(const str: PAnsiChar; s: TIdC_SIZET; const file_: PAnsiChar; line: TIdC_INT): PAnsiChar;
-  procedure CRYPTO_free(ptr: Pointer; const file_: PAnsiChar; line: TIdC_INT);
-  procedure CRYPTO_clear_free(ptr: Pointer; num: TIdC_SIZET; const file_: PAnsiChar; line: TIdC_INT);
-  function CRYPTO_realloc(addr: Pointer; num: TIdC_SIZET; const file_: PAnsiChar; line: TIdC_INT): Pointer;
-  function CRYPTO_clear_realloc(addr: Pointer; old_num: TIdC_SIZET; num: TIdC_SIZET; const file_: PAnsiChar; line: TIdC_INT): Pointer;
+  function CRYPTO_malloc(num: TIdC_SIZET; const file_: PIdAnsiChar; line: TIdC_INT): Pointer;
+  function CRYPTO_zalloc(num: TIdC_SIZET; const file_: PIdAnsiChar; line: TIdC_INT): Pointer;
+  function CRYPTO_memdup(const str: Pointer; siz: TIdC_SIZET; const file_: PIdAnsiChar; line: TIdC_INT): Pointer;
+  function CRYPTO_strdup(const str: PIdAnsiChar; const file_: PIdAnsiChar; line: TIdC_INT): PIdAnsiChar;
+  function CRYPTO_strndup(const str: PIdAnsiChar; s: TIdC_SIZET; const file_: PIdAnsiChar; line: TIdC_INT): PIdAnsiChar;
+  procedure CRYPTO_free(ptr: Pointer; const file_: PIdAnsiChar; line: TIdC_INT);
+  procedure CRYPTO_clear_free(ptr: Pointer; num: TIdC_SIZET; const file_: PIdAnsiChar; line: TIdC_INT);
+  function CRYPTO_realloc(addr: Pointer; num: TIdC_SIZET; const file_: PIdAnsiChar; line: TIdC_INT): Pointer;
+  function CRYPTO_clear_realloc(addr: Pointer; old_num: TIdC_SIZET; num: TIdC_SIZET; const file_: PIdAnsiChar; line: TIdC_INT): Pointer;
 
   function CRYPTO_secure_malloc_init(sz: TIdC_SIZET; minsize: TIdC_INT): TIdC_INT;
   function CRYPTO_secure_malloc_done: TIdC_INT;
-  function CRYPTO_secure_malloc(num: TIdC_SIZET; const file_: PAnsiChar; line: TIdC_INT): Pointer;
-  function CRYPTO_secure_zalloc(num: TIdC_SIZET; const file_: PAnsiChar; line: TIdC_INT): Pointer;
-  procedure CRYPTO_secure_free(ptr: Pointer; const file_: PAnsiChar; line: TIdC_INT);
-  procedure CRYPTO_secure_clear_free(ptr: Pointer; num: TIdC_SIZET; const file_: PAnsiChar; line: TIdC_INT);
+  function CRYPTO_secure_malloc(num: TIdC_SIZET; const file_: PIdAnsiChar; line: TIdC_INT): Pointer;
+  function CRYPTO_secure_zalloc(num: TIdC_SIZET; const file_: PIdAnsiChar; line: TIdC_INT): Pointer;
+  procedure CRYPTO_secure_free(ptr: Pointer; const file_: PIdAnsiChar; line: TIdC_INT);
+  procedure CRYPTO_secure_clear_free(ptr: Pointer; num: TIdC_SIZET; const file_: PIdAnsiChar; line: TIdC_INT);
   function CRYPTO_secure_allocated(const ptr: Pointer): TIdC_INT;
   function CRYPTO_secure_malloc_initialized: TIdC_INT;
   function CRYPTO_secure_actual_size(ptr: Pointer): TIdC_SIZET;
@@ -268,7 +268,7 @@ function OPENSSL_secure_actual_size(ptr: Pointer): TIdC_SIZET;
 
   procedure OPENSSL_cleanse(ptr: Pointer; len: TIdC_SIZET);
 
-  function CRYPTO_mem_debug_push(const info: PAnsiChar; const file_: PAnsiChar; line: TIdC_INT): TIdC_INT;
+  function CRYPTO_mem_debug_push(const info: PIdAnsiChar; const file_: PIdAnsiChar; line: TIdC_INT): TIdC_INT;
   function CRYPTO_mem_debug_pop: TIdC_INT;
   procedure CRYPTO_get_alloc_counts(mcount: PIdC_INT; rcount: PIdC_INT; fcount: PIdC_INT);
 
@@ -278,9 +278,9 @@ function OPENSSL_secure_actual_size(ptr: Pointer): TIdC_SIZET;
    *   0:   called before the actual memory allocation has taken place
    *   1:   called after the actual memory allocation has taken place
    *)
-  procedure CRYPTO_mem_debug_malloc(addr: Pointer; num: TIdC_SIZET; flag: TIdC_INT; const file_: PAnsiChar; line: TIdC_INT);
-  procedure CRYPTO_mem_debug_realloc(addr1: Pointer; addr2: Pointer; num: TIdC_SIZET; flag: TIdC_INT; const file_: PAnsiChar; line: TIdC_INT);
-  procedure CRYPTO_mem_debug_free(addr: Pointer; flag: TIdC_INT; const file_: PAnsiChar; line: TIdC_INT);
+  procedure CRYPTO_mem_debug_malloc(addr: Pointer; num: TIdC_SIZET; flag: TIdC_INT; const file_: PIdAnsiChar; line: TIdC_INT);
+  procedure CRYPTO_mem_debug_realloc(addr1: Pointer; addr2: Pointer; num: TIdC_SIZET; flag: TIdC_INT; const file_: PIdAnsiChar; line: TIdC_INT);
+  procedure CRYPTO_mem_debug_free(addr: Pointer; flag: TIdC_INT; const file_: PIdAnsiChar; line: TIdC_INT);
 
   function CRYPTO_mem_leaks_cb(cb: CRYPTO_mem_leaks_cb_cb; u: Pointer): TIdC_INT;
 
@@ -393,13 +393,13 @@ function OPENSSL_memdup(const str: Pointer; s: TIdC_SIZET): Pointer;
 end;
 
 //# define OPENSSL_strdup(str) CRYPTO_strdup(str, OPENSSL_FILE, OPENSSL_LINE)
-function OPENSSL_strdup(const str: PAnsiChar): PAnsiChar;
+function OPENSSL_strdup(const str: PIdAnsiChar): PIdAnsiChar;
 begin
   Result := CRYPTO_strdup(str, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINENUM%}{$ENDIF});
 end;
 
 //# define OPENSSL_strndup(str, n) CRYPTO_strndup(str, n, OPENSSL_FILE, OPENSSL_LINE)
-function OPENSSL_strndup(const str: PAnsiChar; n: TIdC_SIZET): PAnsiChar;
+function OPENSSL_strndup(const str: PIdAnsiChar; n: TIdC_SIZET): PIdAnsiChar;
 begin
   Result := CRYPTO_strndup(str, n, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINENUM%}{$ENDIF});
 end;
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_crypto.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_crypto.pas
index c37a2d80d..ba27b4656 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_crypto.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_crypto.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 28.10.2020 15:24:13
+// Generation date: 03.11.2020 09:35:33
 
 unit IdOpenSSLHeaders_crypto;
 
@@ -140,8 +140,8 @@   //crypto_ex_data_st = record
   //                            CRYPTO_EX_new *new_func, CRYPTO_EX_dup *dup_func,
   //                            CRYPTO_EX_free *free_func);
 
-  CRYPTO_mem_leaks_cb_cb = function(const str: PIdAnsiChar; len: TIdC_SIZET; u: Pointer): TIdC_INT;
-  CRYPTO_THREAD_run_once_init = procedure;
+  CRYPTO_mem_leaks_cb_cb = function(const str: PIdAnsiChar; len: TIdC_SIZET; u: Pointer): TIdC_INT; cdecl;
+  CRYPTO_THREAD_run_once_init = procedure; cdecl;
 
   CRYPTO_THREAD_LOCAL = type DWORD;
   PCRYPTO_THREAD_LOCAL = ^CRYPTO_THREAD_LOCAL;
@@ -156,8 +156,8 @@ function OPENSSL_clear_realloc(addr: Pointer; old_num: TIdC_SIZET; num: TIdC_SIZ
 procedure OPENSSL_clear_free(addr: Pointer; num: TIdC_SIZET);
 procedure OPENSSL_free(addr: Pointer);
 function OPENSSL_memdup(const str: Pointer; s: TIdC_SIZET): Pointer;
-function OPENSSL_strdup(const str: PAnsiChar): PAnsiChar;
-function OPENSSL_strndup(const str: PAnsiChar; n: TIdC_SIZET): PAnsiChar;
+function OPENSSL_strdup(const str: PIdAnsiChar): PIdAnsiChar;
+function OPENSSL_strndup(const str: PIdAnsiChar; n: TIdC_SIZET): PIdAnsiChar;
 function OPENSSL_secure_malloc(num: TIdC_SIZET): Pointer;
 function OPENSSL_secure_zalloc(num: TIdC_SIZET): Pointer;
 procedure OPENSSL_secure_free(addr: Pointer);
@@ -188,7 +188,7 @@ procedure UnLoad;
   // # define OPENSSL_MALLOC_MAX_NELEMS(type)  (((1U<<(sizeof(int)*8-1))-1)/sizeof(type))
 
   OpenSSL_version_num: function: TIdC_ULONG cdecl = nil;
-  OpenSSL_version: function(&type: TIdC_INT): PAnsiChar cdecl = nil;
+  OpenSSL_version: function(&type: TIdC_INT): PIdAnsiChar cdecl = nil;
 
   OPENSSL_issetugid: function: TIdC_INT cdecl = nil;
 
@@ -255,22 +255,22 @@ procedure UnLoad;
   //        void *(**r) (void *, TIdC_SIZET, const char *, int),
   //        void (**f) (void *, const char *, int));
 
-  CRYPTO_malloc: function(num: TIdC_SIZET; const file_: PAnsiChar; line: TIdC_INT): Pointer cdecl = nil;
-  CRYPTO_zalloc: function(num: TIdC_SIZET; const file_: PAnsiChar; line: TIdC_INT): Pointer cdecl = nil;
-  CRYPTO_memdup: function(const str: Pointer; siz: TIdC_SIZET; const file_: PAnsiChar; line: TIdC_INT): Pointer cdecl = nil;
-  CRYPTO_strdup: function(const str: PAnsiChar; const file_: PAnsiChar; line: TIdC_INT): PAnsiChar cdecl = nil;
-  CRYPTO_strndup: function(const str: PAnsiChar; s: TIdC_SIZET; const file_: PAnsiChar; line: TIdC_INT): PAnsiChar cdecl = nil;
-  CRYPTO_free: procedure(ptr: Pointer; const file_: PAnsiChar; line: TIdC_INT) cdecl = nil;
-  CRYPTO_clear_free: procedure(ptr: Pointer; num: TIdC_SIZET; const file_: PAnsiChar; line: TIdC_INT) cdecl = nil;
-  CRYPTO_realloc: function(addr: Pointer; num: TIdC_SIZET; const file_: PAnsiChar; line: TIdC_INT): Pointer cdecl = nil;
-  CRYPTO_clear_realloc: function(addr: Pointer; old_num: TIdC_SIZET; num: TIdC_SIZET; const file_: PAnsiChar; line: TIdC_INT): Pointer cdecl = nil;
+  CRYPTO_malloc: function(num: TIdC_SIZET; const file_: PIdAnsiChar; line: TIdC_INT): Pointer cdecl = nil;
+  CRYPTO_zalloc: function(num: TIdC_SIZET; const file_: PIdAnsiChar; line: TIdC_INT): Pointer cdecl = nil;
+  CRYPTO_memdup: function(const str: Pointer; siz: TIdC_SIZET; const file_: PIdAnsiChar; line: TIdC_INT): Pointer cdecl = nil;
+  CRYPTO_strdup: function(const str: PIdAnsiChar; const file_: PIdAnsiChar; line: TIdC_INT): PIdAnsiChar cdecl = nil;
+  CRYPTO_strndup: function(const str: PIdAnsiChar; s: TIdC_SIZET; const file_: PIdAnsiChar; line: TIdC_INT): PIdAnsiChar cdecl = nil;
+  CRYPTO_free: procedure(ptr: Pointer; const file_: PIdAnsiChar; line: TIdC_INT) cdecl = nil;
+  CRYPTO_clear_free: procedure(ptr: Pointer; num: TIdC_SIZET; const file_: PIdAnsiChar; line: TIdC_INT) cdecl = nil;
+  CRYPTO_realloc: function(addr: Pointer; num: TIdC_SIZET; const file_: PIdAnsiChar; line: TIdC_INT): Pointer cdecl = nil;
+  CRYPTO_clear_realloc: function(addr: Pointer; old_num: TIdC_SIZET; num: TIdC_SIZET; const file_: PIdAnsiChar; line: TIdC_INT): Pointer cdecl = nil;
 
   CRYPTO_secure_malloc_init: function(sz: TIdC_SIZET; minsize: TIdC_INT): TIdC_INT cdecl = nil;
   CRYPTO_secure_malloc_done: function: TIdC_INT cdecl = nil;
-  CRYPTO_secure_malloc: function(num: TIdC_SIZET; const file_: PAnsiChar; line: TIdC_INT): Pointer cdecl = nil;
-  CRYPTO_secure_zalloc: function(num: TIdC_SIZET; const file_: PAnsiChar; line: TIdC_INT): Pointer cdecl = nil;
-  CRYPTO_secure_free: procedure(ptr: Pointer; const file_: PAnsiChar; line: TIdC_INT) cdecl = nil;
-  CRYPTO_secure_clear_free: procedure(ptr: Pointer; num: TIdC_SIZET; const file_: PAnsiChar; line: TIdC_INT) cdecl = nil;
+  CRYPTO_secure_malloc: function(num: TIdC_SIZET; const file_: PIdAnsiChar; line: TIdC_INT): Pointer cdecl = nil;
+  CRYPTO_secure_zalloc: function(num: TIdC_SIZET; const file_: PIdAnsiChar; line: TIdC_INT): Pointer cdecl = nil;
+  CRYPTO_secure_free: procedure(ptr: Pointer; const file_: PIdAnsiChar; line: TIdC_INT) cdecl = nil;
+  CRYPTO_secure_clear_free: procedure(ptr: Pointer; num: TIdC_SIZET; const file_: PIdAnsiChar; line: TIdC_INT) cdecl = nil;
   CRYPTO_secure_allocated: function(const ptr: Pointer): TIdC_INT cdecl = nil;
   CRYPTO_secure_malloc_initialized: function: TIdC_INT cdecl = nil;
   CRYPTO_secure_actual_size: function(ptr: Pointer): TIdC_SIZET cdecl = nil;
@@ -278,7 +278,7 @@ procedure UnLoad;
 
   OPENSSL_cleanse: procedure(ptr: Pointer; len: TIdC_SIZET) cdecl = nil;
 
-  CRYPTO_mem_debug_push: function(const info: PAnsiChar; const file_: PAnsiChar; line: TIdC_INT): TIdC_INT cdecl = nil;
+  CRYPTO_mem_debug_push: function(const info: PIdAnsiChar; const file_: PIdAnsiChar; line: TIdC_INT): TIdC_INT cdecl = nil;
   CRYPTO_mem_debug_pop: function: TIdC_INT cdecl = nil;
   CRYPTO_get_alloc_counts: procedure(mcount: PIdC_INT; rcount: PIdC_INT; fcount: PIdC_INT) cdecl = nil;
 
@@ -288,9 +288,9 @@ procedure UnLoad;
    *   0:   called before the actual memory allocation has taken place
    *   1:   called after the actual memory allocation has taken place
    *)
-  CRYPTO_mem_debug_malloc: procedure(addr: Pointer; num: TIdC_SIZET; flag: TIdC_INT; const file_: PAnsiChar; line: TIdC_INT) cdecl = nil;
-  CRYPTO_mem_debug_realloc: procedure(addr1: Pointer; addr2: Pointer; num: TIdC_SIZET; flag: TIdC_INT; const file_: PAnsiChar; line: TIdC_INT) cdecl = nil;
-  CRYPTO_mem_debug_free: procedure(addr: Pointer; flag: TIdC_INT; const file_: PAnsiChar; line: TIdC_INT) cdecl = nil;
+  CRYPTO_mem_debug_malloc: procedure(addr: Pointer; num: TIdC_SIZET; flag: TIdC_INT; const file_: PIdAnsiChar; line: TIdC_INT) cdecl = nil;
+  CRYPTO_mem_debug_realloc: procedure(addr1: Pointer; addr2: Pointer; num: TIdC_SIZET; flag: TIdC_INT; const file_: PIdAnsiChar; line: TIdC_INT) cdecl = nil;
+  CRYPTO_mem_debug_free: procedure(addr: Pointer; flag: TIdC_INT; const file_: PIdAnsiChar; line: TIdC_INT) cdecl = nil;
 
   CRYPTO_mem_leaks_cb: function(cb: CRYPTO_mem_leaks_cb_cb; u: Pointer): TIdC_INT cdecl = nil;
 
@@ -549,13 +549,13 @@ function OPENSSL_memdup(const str: Pointer; s: TIdC_SIZET): Pointer;
 end;
 
 //# define OPENSSL_strdup(str) CRYPTO_strdup(str, OPENSSL_FILE, OPENSSL_LINE)
-function OPENSSL_strdup(const str: PAnsiChar): PAnsiChar;
+function OPENSSL_strdup(const str: PIdAnsiChar): PIdAnsiChar;
 begin
   Result := CRYPTO_strdup(str, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINENUM%}{$ENDIF});
 end;
 
 //# define OPENSSL_strndup(str, n) CRYPTO_strndup(str, n, OPENSSL_FILE, OPENSSL_LINE)
-function OPENSSL_strndup(const str: PAnsiChar; n: TIdC_SIZET): PAnsiChar;
+function OPENSSL_strndup(const str: PIdAnsiChar; n: TIdC_SIZET): PIdAnsiChar;
 begin
   Result := CRYPTO_strndup(str, n, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINENUM%}{$ENDIF});
 end;
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_crypto.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_crypto.pas
index 0154a5d99..f32692e32 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_crypto.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_crypto.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 28.10.2020 15:24:33
+// Generation date: 03.11.2020 09:35:30
 
 unit IdOpenSSLHeaders_crypto;
 
@@ -139,8 +139,8 @@   //crypto_ex_data_st = record
   //                            CRYPTO_EX_new *new_func, CRYPTO_EX_dup *dup_func,
   //                            CRYPTO_EX_free *free_func);
 
-  CRYPTO_mem_leaks_cb_cb = function(const str: PIdAnsiChar; len: TIdC_SIZET; u: Pointer): TIdC_INT;
-  CRYPTO_THREAD_run_once_init = procedure;
+  CRYPTO_mem_leaks_cb_cb = function(const str: PIdAnsiChar; len: TIdC_SIZET; u: Pointer): TIdC_INT; cdecl;
+  CRYPTO_THREAD_run_once_init = procedure; cdecl;
 
   CRYPTO_THREAD_LOCAL = type DWORD;
   PCRYPTO_THREAD_LOCAL = ^CRYPTO_THREAD_LOCAL;
@@ -155,8 +155,8 @@ function OPENSSL_clear_realloc(addr: Pointer; old_num: TIdC_SIZET; num: TIdC_SIZ
 procedure OPENSSL_clear_free(addr: Pointer; num: TIdC_SIZET);
 procedure OPENSSL_free(addr: Pointer);
 function OPENSSL_memdup(const str: Pointer; s: TIdC_SIZET): Pointer;
-function OPENSSL_strdup(const str: PAnsiChar): PAnsiChar;
-function OPENSSL_strndup(const str: PAnsiChar; n: TIdC_SIZET): PAnsiChar;
+function OPENSSL_strdup(const str: PIdAnsiChar): PIdAnsiChar;
+function OPENSSL_strndup(const str: PIdAnsiChar; n: TIdC_SIZET): PIdAnsiChar;
 function OPENSSL_secure_malloc(num: TIdC_SIZET): Pointer;
 function OPENSSL_secure_zalloc(num: TIdC_SIZET): Pointer;
 procedure OPENSSL_secure_free(addr: Pointer);
@@ -183,7 +183,7 @@ function OPENSSL_secure_actual_size(ptr: Pointer): TIdC_SIZET;
   // # define OPENSSL_MALLOC_MAX_NELEMS(type)  (((1U<<(sizeof(int)*8-1))-1)/sizeof(type))
 
   function OpenSSL_version_num: TIdC_ULONG cdecl; external CLibCrypto;
-  function OpenSSL_version(&type: TIdC_INT): PAnsiChar cdecl; external CLibCrypto;
+  function OpenSSL_version(&type: TIdC_INT): PIdAnsiChar cdecl; external CLibCrypto;
 
   function OPENSSL_issetugid: TIdC_INT cdecl; external CLibCrypto;
 
@@ -250,22 +250,22 @@ function OPENSSL_secure_actual_size(ptr: Pointer): TIdC_SIZET;
   //        void *(**r) (void *, TIdC_SIZET, const char *, int),
   //        void (**f) (void *, const char *, int));
 
-  function CRYPTO_malloc(num: TIdC_SIZET; const file_: PAnsiChar; line: TIdC_INT): Pointer cdecl; external CLibCrypto;
-  function CRYPTO_zalloc(num: TIdC_SIZET; const file_: PAnsiChar; line: TIdC_INT): Pointer cdecl; external CLibCrypto;
-  function CRYPTO_memdup(const str: Pointer; siz: TIdC_SIZET; const file_: PAnsiChar; line: TIdC_INT): Pointer cdecl; external CLibCrypto;
-  function CRYPTO_strdup(const str: PAnsiChar; const file_: PAnsiChar; line: TIdC_INT): PAnsiChar cdecl; external CLibCrypto;
-  function CRYPTO_strndup(const str: PAnsiChar; s: TIdC_SIZET; const file_: PAnsiChar; line: TIdC_INT): PAnsiChar cdecl; external CLibCrypto;
-  procedure CRYPTO_free(ptr: Pointer; const file_: PAnsiChar; line: TIdC_INT) cdecl; external CLibCrypto;
-  procedure CRYPTO_clear_free(ptr: Pointer; num: TIdC_SIZET; const file_: PAnsiChar; line: TIdC_INT) cdecl; external CLibCrypto;
-  function CRYPTO_realloc(addr: Pointer; num: TIdC_SIZET; const file_: PAnsiChar; line: TIdC_INT): Pointer cdecl; external CLibCrypto;
-  function CRYPTO_clear_realloc(addr: Pointer; old_num: TIdC_SIZET; num: TIdC_SIZET; const file_: PAnsiChar; line: TIdC_INT): Pointer cdecl; external CLibCrypto;
+  function CRYPTO_malloc(num: TIdC_SIZET; const file_: PIdAnsiChar; line: TIdC_INT): Pointer cdecl; external CLibCrypto;
+  function CRYPTO_zalloc(num: TIdC_SIZET; const file_: PIdAnsiChar; line: TIdC_INT): Pointer cdecl; external CLibCrypto;
+  function CRYPTO_memdup(const str: Pointer; siz: TIdC_SIZET; const file_: PIdAnsiChar; line: TIdC_INT): Pointer cdecl; external CLibCrypto;
+  function CRYPTO_strdup(const str: PIdAnsiChar; const file_: PIdAnsiChar; line: TIdC_INT): PIdAnsiChar cdecl; external CLibCrypto;
+  function CRYPTO_strndup(const str: PIdAnsiChar; s: TIdC_SIZET; const file_: PIdAnsiChar; line: TIdC_INT): PIdAnsiChar cdecl; external CLibCrypto;
+  procedure CRYPTO_free(ptr: Pointer; const file_: PIdAnsiChar; line: TIdC_INT) cdecl; external CLibCrypto;
+  procedure CRYPTO_clear_free(ptr: Pointer; num: TIdC_SIZET; const file_: PIdAnsiChar; line: TIdC_INT) cdecl; external CLibCrypto;
+  function CRYPTO_realloc(addr: Pointer; num: TIdC_SIZET; const file_: PIdAnsiChar; line: TIdC_INT): Pointer cdecl; external CLibCrypto;
+  function CRYPTO_clear_realloc(addr: Pointer; old_num: TIdC_SIZET; num: TIdC_SIZET; const file_: PIdAnsiChar; line: TIdC_INT): Pointer cdecl; external CLibCrypto;
 
   function CRYPTO_secure_malloc_init(sz: TIdC_SIZET; minsize: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
   function CRYPTO_secure_malloc_done: TIdC_INT cdecl; external CLibCrypto;
-  function CRYPTO_secure_malloc(num: TIdC_SIZET; const file_: PAnsiChar; line: TIdC_INT): Pointer cdecl; external CLibCrypto;
-  function CRYPTO_secure_zalloc(num: TIdC_SIZET; const file_: PAnsiChar; line: TIdC_INT): Pointer cdecl; external CLibCrypto;
-  procedure CRYPTO_secure_free(ptr: Pointer; const file_: PAnsiChar; line: TIdC_INT) cdecl; external CLibCrypto;
-  procedure CRYPTO_secure_clear_free(ptr: Pointer; num: TIdC_SIZET; const file_: PAnsiChar; line: TIdC_INT) cdecl; external CLibCrypto;
+  function CRYPTO_secure_malloc(num: TIdC_SIZET; const file_: PIdAnsiChar; line: TIdC_INT): Pointer cdecl; external CLibCrypto;
+  function CRYPTO_secure_zalloc(num: TIdC_SIZET; const file_: PIdAnsiChar; line: TIdC_INT): Pointer cdecl; external CLibCrypto;
+  procedure CRYPTO_secure_free(ptr: Pointer; const file_: PIdAnsiChar; line: TIdC_INT) cdecl; external CLibCrypto;
+  procedure CRYPTO_secure_clear_free(ptr: Pointer; num: TIdC_SIZET; const file_: PIdAnsiChar; line: TIdC_INT) cdecl; external CLibCrypto;
   function CRYPTO_secure_allocated(const ptr: Pointer): TIdC_INT cdecl; external CLibCrypto;
   function CRYPTO_secure_malloc_initialized: TIdC_INT cdecl; external CLibCrypto;
   function CRYPTO_secure_actual_size(ptr: Pointer): TIdC_SIZET cdecl; external CLibCrypto;
@@ -273,7 +273,7 @@ function OPENSSL_secure_actual_size(ptr: Pointer): TIdC_SIZET;
 
   procedure OPENSSL_cleanse(ptr: Pointer; len: TIdC_SIZET) cdecl; external CLibCrypto;
 
-  function CRYPTO_mem_debug_push(const info: PAnsiChar; const file_: PAnsiChar; line: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function CRYPTO_mem_debug_push(const info: PIdAnsiChar; const file_: PIdAnsiChar; line: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
   function CRYPTO_mem_debug_pop: TIdC_INT cdecl; external CLibCrypto;
   procedure CRYPTO_get_alloc_counts(mcount: PIdC_INT; rcount: PIdC_INT; fcount: PIdC_INT) cdecl; external CLibCrypto;
 
@@ -283,9 +283,9 @@ function OPENSSL_secure_actual_size(ptr: Pointer): TIdC_SIZET;
    *   0:   called before the actual memory allocation has taken place
    *   1:   called after the actual memory allocation has taken place
    *)
-  procedure CRYPTO_mem_debug_malloc(addr: Pointer; num: TIdC_SIZET; flag: TIdC_INT; const file_: PAnsiChar; line: TIdC_INT) cdecl; external CLibCrypto;
-  procedure CRYPTO_mem_debug_realloc(addr1: Pointer; addr2: Pointer; num: TIdC_SIZET; flag: TIdC_INT; const file_: PAnsiChar; line: TIdC_INT) cdecl; external CLibCrypto;
-  procedure CRYPTO_mem_debug_free(addr: Pointer; flag: TIdC_INT; const file_: PAnsiChar; line: TIdC_INT) cdecl; external CLibCrypto;
+  procedure CRYPTO_mem_debug_malloc(addr: Pointer; num: TIdC_SIZET; flag: TIdC_INT; const file_: PIdAnsiChar; line: TIdC_INT) cdecl; external CLibCrypto;
+  procedure CRYPTO_mem_debug_realloc(addr1: Pointer; addr2: Pointer; num: TIdC_SIZET; flag: TIdC_INT; const file_: PIdAnsiChar; line: TIdC_INT) cdecl; external CLibCrypto;
+  procedure CRYPTO_mem_debug_free(addr: Pointer; flag: TIdC_INT; const file_: PIdAnsiChar; line: TIdC_INT) cdecl; external CLibCrypto;
 
   function CRYPTO_mem_leaks_cb(cb: CRYPTO_mem_leaks_cb_cb; u: Pointer): TIdC_INT cdecl; external CLibCrypto;
 
@@ -398,13 +398,13 @@ function OPENSSL_memdup(const str: Pointer; s: TIdC_SIZET): Pointer;
 end;
 
 //# define OPENSSL_strdup(str) CRYPTO_strdup(str, OPENSSL_FILE, OPENSSL_LINE)
-function OPENSSL_strdup(const str: PAnsiChar): PAnsiChar;
+function OPENSSL_strdup(const str: PIdAnsiChar): PIdAnsiChar;
 begin
   Result := CRYPTO_strdup(str, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINENUM%}{$ENDIF});
 end;
 
 //# define OPENSSL_strndup(str, n) CRYPTO_strndup(str, n, OPENSSL_FILE, OPENSSL_LINE)
-function OPENSSL_strndup(const str: PAnsiChar; n: TIdC_SIZET): PAnsiChar;
+function OPENSSL_strndup(const str: PIdAnsiChar; n: TIdC_SIZET): PIdAnsiChar;
 begin
   Result := CRYPTO_strndup(str, n, {$IFNDEF FPC}''{$ELSE}{$I %FILE%}{$ENDIF}, {$IFNDEF FPC}-1{$ELSE}{$I %LINENUM%}{$ENDIF});
 end;

From c96f577494fc89145d77a7aa5103f7832da68609 Mon Sep 17 00:00:00 2001
From: "Fabian S. Biehn" <fbiehn@aagon.com>
Date: Tue, 3 Nov 2020 09:39:15 +0100
Subject: [PATCH 22/64] Added CRYPTO_set_mem_functions to crypto

---
 .../IdOpenSSLHeaders_crypto.pas               | 21 ++++++++-------
 .../dynamic/IdOpenSSLHeaders_crypto.pas       | 27 +++++++++++--------
 .../static/IdOpenSSLHeaders_crypto.pas        | 21 ++++++++-------
 3 files changed, 38 insertions(+), 31 deletions(-)

diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_crypto.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_crypto.pas
index b94a71bf5..9005d4ba3 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_crypto.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_crypto.pas
@@ -142,6 +142,10 @@   //crypto_ex_data_st = record
   CRYPTO_ONCE = type TIdC_LONG;
   PCRYPTO_ONCE = ^CRYPTO_ONCE;
 
+  CRYPTO_set_mem_functions_m = function(size: TIdC_SIZET; const filename: PIdAnsiChar; linenumber: TIdC_INT): Pointer; cdecl;
+  CRYPTO_set_mem_functions_r = function(buffer: Pointer; size: TIdC_SIZET; const filename: PIdAnsiChar; linenumber: TIdC_INT): Pointer; cdecl;
+  CRYPTO_set_mem_functions_f = procedure(buffer: Pointer; const filename: PIdAnsiChar; const linenumber: TIdC_INT); cdecl;
+
 function OPENSSL_malloc(num: TIdC_SIZET): Pointer;
 function OPENSSL_zalloc(num: TIdC_SIZET): Pointer;
 function OPENSSL_realloc(addr: Pointer; num: TIdC_SIZET): Pointer;
@@ -189,17 +193,17 @@ function OPENSSL_secure_actual_size(ptr: Pointer): TIdC_SIZET;
    * Initialise/duplicate/free CRYPTO_EX_DATA variables corresponding to a
    * given class (invokes whatever per-class callbacks are applicable)
    *)
-   function CRYPTO_new_ex_data(class_index: TIdC_INT; obj: Pointer; ad: PCRYPTO_EX_DATA): TIdC_INT;
-   function CRYPTO_dup_ex_data(class_index: TIdC_INT; to_: PCRYPTO_EX_DATA; const from: PCRYPTO_EX_DATA): TIdC_INT;
+  function CRYPTO_new_ex_data(class_index: TIdC_INT; obj: Pointer; ad: PCRYPTO_EX_DATA): TIdC_INT;
+  function CRYPTO_dup_ex_data(class_index: TIdC_INT; to_: PCRYPTO_EX_DATA; const from: PCRYPTO_EX_DATA): TIdC_INT;
 
-   procedure CRYPTO_free_ex_data(class_index: TIdC_INT; obj: Pointer; ad: PCRYPTO_EX_DATA);
+  procedure CRYPTO_free_ex_data(class_index: TIdC_INT; obj: Pointer; ad: PCRYPTO_EX_DATA);
 
   (*
    * Get/set data in a CRYPTO_EX_DATA variable corresponding to a particular
    * index (relative to the class type involved)
    *)
-   function CRYPTO_set_ex_data(ad: PCRYPTO_EX_DATA; idx: TIdC_INT; val: Pointer): TIdC_INT;
-   function CRYPTO_get_ex_data(const ad: PCRYPTO_EX_DATA; idx: TIdC_INT): Pointer;
+  function CRYPTO_set_ex_data(ad: PCRYPTO_EX_DATA; idx: TIdC_INT; val: Pointer): TIdC_INT;
+  function CRYPTO_get_ex_data(const ad: PCRYPTO_EX_DATA; idx: TIdC_INT): Pointer;
 
   ///*
   // * The old locking functions have been removed completely without compatibility
@@ -235,11 +239,8 @@ function OPENSSL_secure_actual_size(ptr: Pointer): TIdC_SIZET;
   //#  define CRYPTO_get_dynlock_destroy_callback()         (NULL)
   //# endif /* OPENSSL_API_COMPAT < 0x10100000L */
 
-  //int CRYPTO_set_mem_functions(
-  //        void *(*m) (TIdC_SIZET, const char *, int),
-  //        void *(*r) (void *, TIdC_SIZET, const char *, int),
-  //        void (*f) (void *, const char *, int));
-  //int CRYPTO_set_mem_debug(int flag);
+  function CRYPTO_set_mem_functions(m: CRYPTO_set_mem_functions_m; r: CRYPTO_set_mem_functions_r; f: CRYPTO_set_mem_functions_f): TIdC_INT;
+  function CRYPTO_set_mem_debug(flag: TIdC_INT): TIdC_INT;
   //void CRYPTO_get_mem_functions(
   //        void *(**m) (TIdC_SIZET, const char *, int),
   //        void *(**r) (void *, TIdC_SIZET, const char *, int),
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_crypto.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_crypto.pas
index ba27b4656..9d6a7c213 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_crypto.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_crypto.pas
@@ -73,7 +73,7 @@ interface
   CRYPTO_EX_INDEX_UI_METHOD = 14;
   CRYPTO_EX_INDEX_DRBG = 15;
   CRYPTO_EX_INDEX__COUNT = 16;
-
+  
   // Added _CONST to prevent nameclashes
   OPENSSL_VERSION_CONST = 0;
   OPENSSL_CFLAGS = 1;
@@ -149,6 +149,10 @@   //crypto_ex_data_st = record
   CRYPTO_ONCE = type TIdC_LONG;
   PCRYPTO_ONCE = ^CRYPTO_ONCE;
 
+  CRYPTO_set_mem_functions_m = function(size: TIdC_SIZET; const filename: PIdAnsiChar; linenumber: TIdC_INT): Pointer; cdecl;
+  CRYPTO_set_mem_functions_r = function(buffer: Pointer; size: TIdC_SIZET; const filename: PIdAnsiChar; linenumber: TIdC_INT): Pointer; cdecl;
+  CRYPTO_set_mem_functions_f = procedure(buffer: Pointer; const filename: PIdAnsiChar; const linenumber: TIdC_INT); cdecl;
+
 function OPENSSL_malloc(num: TIdC_SIZET): Pointer;
 function OPENSSL_zalloc(num: TIdC_SIZET): Pointer;
 function OPENSSL_realloc(addr: Pointer; num: TIdC_SIZET): Pointer;
@@ -199,17 +203,17 @@ procedure UnLoad;
    * Initialise/duplicate/free CRYPTO_EX_DATA variables corresponding to a
    * given class (invokes whatever per-class callbacks are applicable)
    *)
-   CRYPTO_new_ex_data: function(class_index: TIdC_INT; obj: Pointer; ad: PCRYPTO_EX_DATA): TIdC_INT cdecl = nil;
-   CRYPTO_dup_ex_data: function(class_index: TIdC_INT; to_: PCRYPTO_EX_DATA; const from: PCRYPTO_EX_DATA): TIdC_INT cdecl = nil;
+  CRYPTO_new_ex_data: function(class_index: TIdC_INT; obj: Pointer; ad: PCRYPTO_EX_DATA): TIdC_INT cdecl = nil;
+  CRYPTO_dup_ex_data: function(class_index: TIdC_INT; to_: PCRYPTO_EX_DATA; const from: PCRYPTO_EX_DATA): TIdC_INT cdecl = nil;
 
-   CRYPTO_free_ex_data: procedure(class_index: TIdC_INT; obj: Pointer; ad: PCRYPTO_EX_DATA) cdecl = nil;
+  CRYPTO_free_ex_data: procedure(class_index: TIdC_INT; obj: Pointer; ad: PCRYPTO_EX_DATA) cdecl = nil;
 
   (*
    * Get/set data in a CRYPTO_EX_DATA variable corresponding to a particular
    * index (relative to the class type involved)
    *)
-   CRYPTO_set_ex_data: function(ad: PCRYPTO_EX_DATA; idx: TIdC_INT; val: Pointer): TIdC_INT cdecl = nil;
-   CRYPTO_get_ex_data: function(const ad: PCRYPTO_EX_DATA; idx: TIdC_INT): Pointer cdecl = nil;
+  CRYPTO_set_ex_data: function(ad: PCRYPTO_EX_DATA; idx: TIdC_INT; val: Pointer): TIdC_INT cdecl = nil;
+  CRYPTO_get_ex_data: function(const ad: PCRYPTO_EX_DATA; idx: TIdC_INT): Pointer cdecl = nil;
 
   ///*
   // * The old locking functions have been removed completely without compatibility
@@ -245,11 +249,8 @@ procedure UnLoad;
   //#  define CRYPTO_get_dynlock_destroy_callback()         (NULL)
   //# endif /* OPENSSL_API_COMPAT < 0x10100000L */
 
-  //int CRYPTO_set_mem_functions(
-  //        void *(*m) (TIdC_SIZET, const char *, int),
-  //        void *(*r) (void *, TIdC_SIZET, const char *, int),
-  //        void (*f) (void *, const char *, int));
-  //int CRYPTO_set_mem_debug(int flag);
+  CRYPTO_set_mem_functions: function(m: CRYPTO_set_mem_functions_m; r: CRYPTO_set_mem_functions_r; f: CRYPTO_set_mem_functions_f): TIdC_INT cdecl = nil;
+  CRYPTO_set_mem_debug: function(flag: TIdC_INT): TIdC_INT cdecl = nil;
   //void CRYPTO_get_mem_functions(
   //        void *(**m) (TIdC_SIZET, const char *, int),
   //        void *(**r) (void *, TIdC_SIZET, const char *, int),
@@ -386,6 +387,8 @@ procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
   CRYPTO_free_ex_data := LoadFunction('CRYPTO_free_ex_data', AFailed);
   CRYPTO_set_ex_data := LoadFunction('CRYPTO_set_ex_data', AFailed);
   CRYPTO_get_ex_data := LoadFunction('CRYPTO_get_ex_data', AFailed);
+  CRYPTO_set_mem_functions := LoadFunction('CRYPTO_set_mem_functions', AFailed);
+  CRYPTO_set_mem_debug := LoadFunction('CRYPTO_set_mem_debug', AFailed);
   CRYPTO_malloc := LoadFunction('CRYPTO_malloc', AFailed);
   CRYPTO_zalloc := LoadFunction('CRYPTO_zalloc', AFailed);
   CRYPTO_memdup := LoadFunction('CRYPTO_memdup', AFailed);
@@ -455,6 +458,8 @@ procedure UnLoad;
   CRYPTO_free_ex_data := nil;
   CRYPTO_set_ex_data := nil;
   CRYPTO_get_ex_data := nil;
+  CRYPTO_set_mem_functions := nil;
+  CRYPTO_set_mem_debug := nil;
   CRYPTO_malloc := nil;
   CRYPTO_zalloc := nil;
   CRYPTO_memdup := nil;
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_crypto.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_crypto.pas
index f32692e32..043164913 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_crypto.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_crypto.pas
@@ -148,6 +148,10 @@   //crypto_ex_data_st = record
   CRYPTO_ONCE = type TIdC_LONG;
   PCRYPTO_ONCE = ^CRYPTO_ONCE;
 
+  CRYPTO_set_mem_functions_m = function(size: TIdC_SIZET; const filename: PIdAnsiChar; linenumber: TIdC_INT): Pointer; cdecl;
+  CRYPTO_set_mem_functions_r = function(buffer: Pointer; size: TIdC_SIZET; const filename: PIdAnsiChar; linenumber: TIdC_INT): Pointer; cdecl;
+  CRYPTO_set_mem_functions_f = procedure(buffer: Pointer; const filename: PIdAnsiChar; const linenumber: TIdC_INT); cdecl;
+
 function OPENSSL_malloc(num: TIdC_SIZET): Pointer;
 function OPENSSL_zalloc(num: TIdC_SIZET): Pointer;
 function OPENSSL_realloc(addr: Pointer; num: TIdC_SIZET): Pointer;
@@ -194,17 +198,17 @@ function OPENSSL_secure_actual_size(ptr: Pointer): TIdC_SIZET;
    * Initialise/duplicate/free CRYPTO_EX_DATA variables corresponding to a
    * given class (invokes whatever per-class callbacks are applicable)
    *)
-   function CRYPTO_new_ex_data(class_index: TIdC_INT; obj: Pointer; ad: PCRYPTO_EX_DATA): TIdC_INT cdecl; external CLibCrypto;
-   function CRYPTO_dup_ex_data(class_index: TIdC_INT; to_: PCRYPTO_EX_DATA; const from: PCRYPTO_EX_DATA): TIdC_INT cdecl; external CLibCrypto;
+  function CRYPTO_new_ex_data(class_index: TIdC_INT; obj: Pointer; ad: PCRYPTO_EX_DATA): TIdC_INT cdecl; external CLibCrypto;
+  function CRYPTO_dup_ex_data(class_index: TIdC_INT; to_: PCRYPTO_EX_DATA; const from: PCRYPTO_EX_DATA): TIdC_INT cdecl; external CLibCrypto;
 
-   procedure CRYPTO_free_ex_data(class_index: TIdC_INT; obj: Pointer; ad: PCRYPTO_EX_DATA) cdecl; external CLibCrypto;
+  procedure CRYPTO_free_ex_data(class_index: TIdC_INT; obj: Pointer; ad: PCRYPTO_EX_DATA) cdecl; external CLibCrypto;
 
   (*
    * Get/set data in a CRYPTO_EX_DATA variable corresponding to a particular
    * index (relative to the class type involved)
    *)
-   function CRYPTO_set_ex_data(ad: PCRYPTO_EX_DATA; idx: TIdC_INT; val: Pointer): TIdC_INT cdecl; external CLibCrypto;
-   function CRYPTO_get_ex_data(const ad: PCRYPTO_EX_DATA; idx: TIdC_INT): Pointer cdecl; external CLibCrypto;
+  function CRYPTO_set_ex_data(ad: PCRYPTO_EX_DATA; idx: TIdC_INT; val: Pointer): TIdC_INT cdecl; external CLibCrypto;
+  function CRYPTO_get_ex_data(const ad: PCRYPTO_EX_DATA; idx: TIdC_INT): Pointer cdecl; external CLibCrypto;
 
   ///*
   // * The old locking functions have been removed completely without compatibility
@@ -240,11 +244,8 @@ function OPENSSL_secure_actual_size(ptr: Pointer): TIdC_SIZET;
   //#  define CRYPTO_get_dynlock_destroy_callback()         (NULL)
   //# endif /* OPENSSL_API_COMPAT < 0x10100000L */
 
-  //int CRYPTO_set_mem_functions(
-  //        void *(*m) (TIdC_SIZET, const char *, int),
-  //        void *(*r) (void *, TIdC_SIZET, const char *, int),
-  //        void (*f) (void *, const char *, int));
-  //int CRYPTO_set_mem_debug(int flag);
+  function CRYPTO_set_mem_functions(m: CRYPTO_set_mem_functions_m; r: CRYPTO_set_mem_functions_r; f: CRYPTO_set_mem_functions_f): TIdC_INT cdecl; external CLibCrypto;
+  function CRYPTO_set_mem_debug(flag: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
   //void CRYPTO_get_mem_functions(
   //        void *(**m) (TIdC_SIZET, const char *, int),
   //        void *(**r) (void *, TIdC_SIZET, const char *, int),

From 8c9a63af850dab63e61af4be04b3d5a5884bee59 Mon Sep 17 00:00:00 2001
From: "Fabian S. Biehn" <fbiehn@aagon.com>
Date: Tue, 3 Nov 2020 09:43:01 +0100
Subject: [PATCH 23/64] If OpenSSL is dynamically loaded, the DLLs should also
 be freed at unloading

---
 Lib/Protocols/OpenSSL/IdOpenSSLLoader.pas | 155 +++++++++++-----------
 1 file changed, 79 insertions(+), 76 deletions(-)

diff --git a/Lib/Protocols/OpenSSL/IdOpenSSLLoader.pas b/Lib/Protocols/OpenSSL/IdOpenSSLLoader.pas
index 71c1e11f1..337a63924 100644
--- a/Lib/Protocols/OpenSSL/IdOpenSSLLoader.pas
+++ b/Lib/Protocols/OpenSSL/IdOpenSSLLoader.pas
@@ -118,6 +118,8 @@ function GetOpenSSLLoader: IOpenSSLLoader;
 type
   TOpenSSLLoader = class(TInterfacedObject, IOpenSSLLoader)
   private
+    FLibCrypto: TIdLibHandle;
+    FLibSSL: TIdLibHandle;
     FOpenSSLPath: string;
     FFailed: TStringList;
     FLoadCount: TIdThreadSafeInteger;
@@ -162,8 +164,6 @@ function TOpenSSLLoader.GetOpenSSLPath: string;
 end;
 
 function TOpenSSLLoader.Load: Boolean;
-var
-  LLibCrypto, LLibSSL: TIdLibHandle;
 begin                                  //FI:C101
   Result := True;
   FLoadCount.Lock();
@@ -171,87 +171,87 @@ function TOpenSSLLoader.Load: Boolean;
     if FLoadCount.Value <= 0 then
     begin
       {$IFDEF MSWINDOWS}
-      LLibCrypto := SafeLoadLibrary(FOpenSSLPath + CLibCrypto, SEM_FAILCRITICALERRORS);
-      LLibSSL := SafeLoadLibrary(FOpenSSLPath + CLibSSL, SEM_FAILCRITICALERRORS);
+      FLibCrypto := SafeLoadLibrary(FOpenSSLPath + CLibCrypto, SEM_FAILCRITICALERRORS);
+      FLibSSL := SafeLoadLibrary(FOpenSSLPath + CLibSSL, SEM_FAILCRITICALERRORS);
       {$ELSE}
-      LLibCrypto := HMODULE(HackLoad(FOpenSSLPath + CLibCryptoRaw, SSLDLLVers));
-      LLibSSL := HMODULE(HackLoad(FOpenSSLPath + CLibSSLRaw, SSLDLLVers));
+      FLibCrypto := HMODULE(HackLoad(FOpenSSLPath + CLibCryptoRaw, SSLDLLVers));
+      FLibSSL := HMODULE(HackLoad(FOpenSSLPath + CLibSSLRaw, SSLDLLVers));
       {$ENDIF}
-      Result := not (LLibCrypto = IdNilHandle) and not (LLibSSL = IdNilHandle);
+      Result := not (FLibCrypto = IdNilHandle) and not (FLibSSL = IdNilHandle);
       if not Result then
         Exit;
 
       FLoadCount.Value := 1;
 
-      IdOpenSSLHeaders_aes.Load(LLibCrypto, FFailed);
-      IdOpenSSLHeaders_asn1.Load(LLibCrypto, FFailed);
-      IdOpenSSLHeaders_asn1err.Load(LLibCrypto, FFailed);
-      IdOpenSSLHeaders_asn1t.Load(LLibCrypto, FFailed);
-      IdOpenSSLHeaders_async.Load(LLibCrypto, FFailed);
-      IdOpenSSLHeaders_asyncerr.Load(LLibCrypto, FFailed);
-      IdOpenSSLHeaders_bio.Load(LLibCrypto, FFailed);
-      IdOpenSSLHeaders_bioerr.Load(LLibCrypto, FFailed);
-      IdOpenSSLHeaders_blowfish.Load(LLibCrypto, FFailed);
-      IdOpenSSLHeaders_bn.Load(LLibCrypto, FFailed);
-      IdOpenSSLHeaders_bnerr.Load(LLibCrypto, FFailed);
-      IdOpenSSLHeaders_buffer.Load(LLibCrypto, FFailed);
-      IdOpenSSLHeaders_buffererr.Load(LLibCrypto, FFailed);
-      IdOpenSSLHeaders_camellia.Load(LLibCrypto, FFailed);
-      IdOpenSSLHeaders_cast.Load(LLibCrypto, FFailed);
-      IdOpenSSLHeaders_cmac.Load(LLibCrypto, FFailed);
-      IdOpenSSLHeaders_cms.Load(LLibCrypto, FFailed);
-      IdOpenSSLHeaders_cmserr.Load(LLibCrypto, FFailed);
-      IdOpenSSLHeaders_comp.Load(LLibCrypto, FFailed);
-      IdOpenSSLHeaders_comperr.Load(LLibCrypto, FFailed);
-      IdOpenSSLHeaders_conf.Load(LLibCrypto, FFailed);
-      IdOpenSSLHeaders_conf_api.Load(LLibCrypto, FFailed);
-      IdOpenSSLHeaders_conferr.Load(LLibCrypto, FFailed);
-      IdOpenSSLHeaders_crypto.Load(LLibCrypto, FFailed);
-      IdOpenSSLHeaders_cryptoerr.Load(LLibCrypto, FFailed);
-      IdOpenSSLHeaders_cterr.Load(LLibCrypto, FFailed);
-      IdOpenSSLHeaders_dh.Load(LLibCrypto, FFailed);
-      IdOpenSSLHeaders_dherr.Load(LLibCrypto, FFailed);
-      IdOpenSSLHeaders_dsa.Load(LLibCrypto, FFailed);
-      IdOpenSSLHeaders_dsaerr.Load(LLibCrypto, FFailed);
-      IdOpenSSLHeaders_ebcdic.Load(LLibCrypto, FFailed);
-      IdOpenSSLHeaders_ec.Load(LLibCrypto, FFailed);
-      IdOpenSSLHeaders_ecerr.Load(LLibCrypto, FFailed);
-      IdOpenSSLHeaders_engine.Load(LLibCrypto, FFailed);
-      IdOpenSSLHeaders_engineerr.Load(LLibCrypto, FFailed);
-      IdOpenSSLHeaders_err.Load(LLibCrypto, FFailed);
-      IdOpenSSLHeaders_evp.Load(LLibCrypto, FFailed);
-      IdOpenSSLHeaders_evperr.Load(LLibCrypto, FFailed);
-      IdOpenSSLHeaders_hmac.Load(LLibCrypto, FFailed);
-      IdOpenSSLHeaders_idea.Load(LLibCrypto, FFailed);
-      IdOpenSSLHeaders_kdferr.Load(LLibCrypto, FFailed);
-      IdOpenSSLHeaders_objects.Load(LLibCrypto, FFailed);
-      IdOpenSSLHeaders_objectserr.Load(LLibCrypto, FFailed);
-      IdOpenSSLHeaders_ocsperr.Load(LLibCrypto, FFailed);
-      IdOpenSSLHeaders_pem.Load(LLibCrypto, FFailed);
-      IdOpenSSLHeaders_pemerr.Load(LLibCrypto, FFailed);
-      IdOpenSSLHeaders_pkcs7.Load(LLibCrypto, FFailed);
-      IdOpenSSLHeaders_pkcs7err.Load(LLibCrypto, FFailed);
-      IdOpenSSLHeaders_rand.Load(LLibCrypto, FFailed);
-      IdOpenSSLHeaders_randerr.Load(LLibCrypto, FFailed);
-      IdOpenSSLHeaders_rsa.Load(LLibCrypto, FFailed);
-      IdOpenSSLHeaders_rsaerr.Load(LLibCrypto, FFailed);
-      IdOpenSSLHeaders_sha.Load(LLibCrypto, FFailed);
-      IdOpenSSLHeaders_srtp.Load(LLibCrypto, FFailed);
-      IdOpenSSLHeaders_storeerr.Load(LLibCrypto, FFailed);
-      IdOpenSSLHeaders_ts.Load(LLibCrypto, FFailed);
-      IdOpenSSLHeaders_tserr.Load(LLibCrypto, FFailed);
-      IdOpenSSLHeaders_txt_db.Load(LLibCrypto, FFailed);
-      IdOpenSSLHeaders_ui.Load(LLibCrypto, FFailed);
-      IdOpenSSLHeaders_uierr.Load(LLibCrypto, FFailed);
-      IdOpenSSLHeaders_whrlpool.Load(LLibCrypto, FFailed);
-      IdOpenSSLHeaders_x509.Load(LLibCrypto, FFailed);
-      IdOpenSSLHeaders_x509_vfy.Load(LLibCrypto, FFailed);
-      IdOpenSSLHeaders_x509err.Load(LLibCrypto, FFailed);
-      IdOpenSSLHeaders_x509v3.Load(LLibCrypto, FFailed);
-
-      IdOpenSSLHeaders_ssl.Load(LLibSSL, FFailed);
-      IdOpenSSLHeaders_sslerr.Load(LLibSSL, FFailed);
-      IdOpenSSLHeaders_tls1.Load(LLibSSL, FFailed);
+      IdOpenSSLHeaders_aes.Load(FLibCrypto, FFailed);
+      IdOpenSSLHeaders_asn1.Load(FLibCrypto, FFailed);
+      IdOpenSSLHeaders_asn1err.Load(FLibCrypto, FFailed);
+      IdOpenSSLHeaders_asn1t.Load(FLibCrypto, FFailed);
+      IdOpenSSLHeaders_async.Load(FLibCrypto, FFailed);
+      IdOpenSSLHeaders_asyncerr.Load(FLibCrypto, FFailed);
+      IdOpenSSLHeaders_bio.Load(FLibCrypto, FFailed);
+      IdOpenSSLHeaders_bioerr.Load(FLibCrypto, FFailed);
+      IdOpenSSLHeaders_blowfish.Load(FLibCrypto, FFailed);
+      IdOpenSSLHeaders_bn.Load(FLibCrypto, FFailed);
+      IdOpenSSLHeaders_bnerr.Load(FLibCrypto, FFailed);
+      IdOpenSSLHeaders_buffer.Load(FLibCrypto, FFailed);
+      IdOpenSSLHeaders_buffererr.Load(FLibCrypto, FFailed);
+      IdOpenSSLHeaders_camellia.Load(FLibCrypto, FFailed);
+      IdOpenSSLHeaders_cast.Load(FLibCrypto, FFailed);
+      IdOpenSSLHeaders_cmac.Load(FLibCrypto, FFailed);
+      IdOpenSSLHeaders_cms.Load(FLibCrypto, FFailed);
+      IdOpenSSLHeaders_cmserr.Load(FLibCrypto, FFailed);
+      IdOpenSSLHeaders_comp.Load(FLibCrypto, FFailed);
+      IdOpenSSLHeaders_comperr.Load(FLibCrypto, FFailed);
+      IdOpenSSLHeaders_conf.Load(FLibCrypto, FFailed);
+      IdOpenSSLHeaders_conf_api.Load(FLibCrypto, FFailed);
+      IdOpenSSLHeaders_conferr.Load(FLibCrypto, FFailed);
+      IdOpenSSLHeaders_crypto.Load(FLibCrypto, FFailed);
+      IdOpenSSLHeaders_cryptoerr.Load(FLibCrypto, FFailed);
+      IdOpenSSLHeaders_cterr.Load(FLibCrypto, FFailed);
+      IdOpenSSLHeaders_dh.Load(FLibCrypto, FFailed);
+      IdOpenSSLHeaders_dherr.Load(FLibCrypto, FFailed);
+      IdOpenSSLHeaders_dsa.Load(FLibCrypto, FFailed);
+      IdOpenSSLHeaders_dsaerr.Load(FLibCrypto, FFailed);
+      IdOpenSSLHeaders_ebcdic.Load(FLibCrypto, FFailed);
+      IdOpenSSLHeaders_ec.Load(FLibCrypto, FFailed);
+      IdOpenSSLHeaders_ecerr.Load(FLibCrypto, FFailed);
+      IdOpenSSLHeaders_engine.Load(FLibCrypto, FFailed);
+      IdOpenSSLHeaders_engineerr.Load(FLibCrypto, FFailed);
+      IdOpenSSLHeaders_err.Load(FLibCrypto, FFailed);
+      IdOpenSSLHeaders_evp.Load(FLibCrypto, FFailed);
+      IdOpenSSLHeaders_evperr.Load(FLibCrypto, FFailed);
+      IdOpenSSLHeaders_hmac.Load(FLibCrypto, FFailed);
+      IdOpenSSLHeaders_idea.Load(FLibCrypto, FFailed);
+      IdOpenSSLHeaders_kdferr.Load(FLibCrypto, FFailed);
+      IdOpenSSLHeaders_objects.Load(FLibCrypto, FFailed);
+      IdOpenSSLHeaders_objectserr.Load(FLibCrypto, FFailed);
+      IdOpenSSLHeaders_ocsperr.Load(FLibCrypto, FFailed);
+      IdOpenSSLHeaders_pem.Load(FLibCrypto, FFailed);
+      IdOpenSSLHeaders_pemerr.Load(FLibCrypto, FFailed);
+      IdOpenSSLHeaders_pkcs7.Load(FLibCrypto, FFailed);
+      IdOpenSSLHeaders_pkcs7err.Load(FLibCrypto, FFailed);
+      IdOpenSSLHeaders_rand.Load(FLibCrypto, FFailed);
+      IdOpenSSLHeaders_randerr.Load(FLibCrypto, FFailed);
+      IdOpenSSLHeaders_rsa.Load(FLibCrypto, FFailed);
+      IdOpenSSLHeaders_rsaerr.Load(FLibCrypto, FFailed);
+      IdOpenSSLHeaders_sha.Load(FLibCrypto, FFailed);
+      IdOpenSSLHeaders_srtp.Load(FLibCrypto, FFailed);
+      IdOpenSSLHeaders_storeerr.Load(FLibCrypto, FFailed);
+      IdOpenSSLHeaders_ts.Load(FLibCrypto, FFailed);
+      IdOpenSSLHeaders_tserr.Load(FLibCrypto, FFailed);
+      IdOpenSSLHeaders_txt_db.Load(FLibCrypto, FFailed);
+      IdOpenSSLHeaders_ui.Load(FLibCrypto, FFailed);
+      IdOpenSSLHeaders_uierr.Load(FLibCrypto, FFailed);
+      IdOpenSSLHeaders_whrlpool.Load(FLibCrypto, FFailed);
+      IdOpenSSLHeaders_x509.Load(FLibCrypto, FFailed);
+      IdOpenSSLHeaders_x509_vfy.Load(FLibCrypto, FFailed);
+      IdOpenSSLHeaders_x509err.Load(FLibCrypto, FFailed);
+      IdOpenSSLHeaders_x509v3.Load(FLibCrypto, FFailed);
+
+      IdOpenSSLHeaders_ssl.Load(FLibSSL, FFailed);
+      IdOpenSSLHeaders_sslerr.Load(FLibSSL, FFailed);
+      IdOpenSSLHeaders_tls1.Load(FLibSSL, FFailed);
     end;
   finally
     FLoadCount.Unlock();
@@ -341,6 +341,9 @@ procedure TOpenSSLLoader.Unload;
       IdOpenSSLHeaders_tls1.Unload();
 
       FFailed.Clear();
+
+      FreeLibrary(FLibSSL);
+      FreeLibrary(FLibCrypto);
     end;
   finally
     FLoadCount.Unlock();

From 57be3907457d69c9958d277823342d20106d5836 Mon Sep 17 00:00:00 2001
From: "Fabian S. Biehn" <fbiehn@aagon.com>
Date: Tue, 3 Nov 2020 09:47:24 +0100
Subject: [PATCH 24/64] Fixed MemLeak with handling TLS Sessions

With new_session_cb we tell OpenSSL that we are holding a reference to
the session. We must then also release this reference. But since we get
more than one session object we need to keep a list of them.
And when cloning an IO Handler, the session reference must be increased.

Thanks to @ralfjunker
---
 Lib/Protocols/OpenSSL/IdOpenSSLContext.pas    |  7 ++--
 .../OpenSSL/IdOpenSSLContextClient.pas        | 36 +++++++++++++++----
 .../OpenSSL/IdOpenSSLIOHandlerClient.pas      | 11 ++++--
 3 files changed, 44 insertions(+), 10 deletions(-)

diff --git a/Lib/Protocols/OpenSSL/IdOpenSSLContext.pas b/Lib/Protocols/OpenSSL/IdOpenSSLContext.pas
index 83cf486b1..c958b9f33 100644
--- a/Lib/Protocols/OpenSSL/IdOpenSSLContext.pas
+++ b/Lib/Protocols/OpenSSL/IdOpenSSLContext.pas
@@ -86,7 +86,7 @@   TIdOpenSSLContext = class(TObject)
     /// <remarks>
     ///   The function is nil-safe
     /// </remarks>
-    procedure FreeContext(const AContext: PSSL_CTX);
+    procedure FreeContext(var AContext: PSSL_CTX);
   protected
     function GetVerifyMode(const AOptions: TIdOpenSSLOptionsBase): TIdC_INT; virtual; abstract;
   public
@@ -244,10 +244,13 @@ destructor TIdOpenSSLContext.Destroy;
   inherited;
 end;
 
-procedure TIdOpenSSLContext.FreeContext(const AContext: PSSL_CTX);
+procedure TIdOpenSSLContext.FreeContext(var AContext: PSSL_CTX);
 begin
   if Assigned(AContext) then
+  begin
     SSL_CTX_Free(AContext); // SSL_CTX_Free is also nil-safe
+    AContext := nil;
+  end;
 end;
 
 function TIdOpenSSLContext.Init(const AOptions: TIdOpenSSLOptionsBase): Boolean;
diff --git a/Lib/Protocols/OpenSSL/IdOpenSSLContextClient.pas b/Lib/Protocols/OpenSSL/IdOpenSSLContextClient.pas
index 6eb4ddd6b..57205d144 100644
--- a/Lib/Protocols/OpenSSL/IdOpenSSLContextClient.pas
+++ b/Lib/Protocols/OpenSSL/IdOpenSSLContextClient.pas
@@ -31,6 +31,7 @@ interface
 {$i IdCompilerDefines.inc}
 
 uses
+  Classes,
   IdCTypes,
   IdOpenSSLContext,
   IdOpenSSLOptions,
@@ -41,9 +42,12 @@ interface
   TIdOpenSSLContextClient = class(TIdOpenSSLContext)
   private
   protected
-    FSession: Pointer;
+    FSessionList: TList;
     function GetVerifyMode(const AOptions: TIdOpenSSLOptionsBase): TIdC_INT; override;
   public
+    constructor Create;
+    destructor Destroy; override;
+
     function Init(const AOptions: TIdOpenSSLOptionsClient): Boolean;
     function CreateSocket: TIdOpenSSLSocket; override;
   end;
@@ -53,7 +57,8 @@ implementation
 uses
   IdOpenSSLHeaders_ssl,
   IdOpenSSLSocketClient,
-  IdOpenSSLHeaders_ossl_typ;
+  IdOpenSSLHeaders_ossl_typ,
+  Types;
 
 // Is automatically called whenever a new session was negotiated
 function new_session_cb(ssl: PSSL; session: PSSL_SESSION): TIdC_INT; cdecl;
@@ -68,7 +73,7 @@ function new_session_cb(ssl: PSSL; session: PSSL_SESSION): TIdC_INT; cdecl;
   LContext := TIdOpenSSLContextClient(SSL_ctx_get_ex_data(LCtx, CExDataIndexSelf));
   if not Assigned(LContext) then
     Exit;
-  LContext.FSession := session;
+  LContext.FSessionList.Add(session);
   Result := 1;
 end;
 
@@ -78,20 +83,39 @@ function new_session_cb(ssl: PSSL; session: PSSL_SESSION): TIdC_INT; cdecl;
 procedure remove_session_cb(ctx: PSSL_CTX; session: PSSL_SESSION); cdecl;
 var
   LContext: TIdOpenSSLContextClient;
+  LSession: Pointer;
 begin
   LContext := TIdOpenSSLContextClient(SSL_ctx_get_ex_data(ctx, CExDataIndexSelf));
   if not Assigned(LContext) then
     Exit;
-  if LContext.FSession = session then
-    LContext.FSession := nil;
+  LSession := LContext.FSessionList.Extract(session);
+  if Assigned(LSession) then
+    SSL_SESSION_free(LSession);
 end;
 
 { TIdOpenSSLContextClient }
 
+constructor TIdOpenSSLContextClient.Create;
+begin
+  inherited Create();
+  FSessionList := TList.Create();
+end;
+
 function TIdOpenSSLContextClient.CreateSocket: TIdOpenSSLSocket;
 begin
   Result := TIdOpenSSLSocketClient.Create(OpenSSLContext);
-  TIdOpenSSLSocketClient(Result).SetSession(FSession);
+  if FSessionList.Count > 0 then
+    TIdOpenSSLSocketClient(Result).SetSession(FSessionList.Last());
+end;
+
+destructor TIdOpenSSLContextClient.Destroy;
+var
+  i: Integer;
+begin
+  for i := FSessionList.Count-1 downto 0 do
+    SSL_SESSION_free(FSessionList[i]);
+  FSessionList.Free();
+  inherited;
 end;
 
 function TIdOpenSSLContextClient.GetVerifyMode(
diff --git a/Lib/Protocols/OpenSSL/IdOpenSSLIOHandlerClient.pas b/Lib/Protocols/OpenSSL/IdOpenSSLIOHandlerClient.pas
index 862a4dd7f..27576932e 100644
--- a/Lib/Protocols/OpenSSL/IdOpenSSLIOHandlerClient.pas
+++ b/Lib/Protocols/OpenSSL/IdOpenSSLIOHandlerClient.pas
@@ -65,9 +65,11 @@   TIdOpenSSLIOHandlerClient = class(TIdOpenSSLIOHandlerClientBase)
 implementation
 
 uses
+  Classes,
   IdCustomTransparentProxy,
   IdOpenSSLContextClient,
   IdOpenSSLExceptions,
+  IdOpenSSLHeaders_ssl,
   IdOpenSSLLoader,
   IdURI,
   SysUtils;
@@ -124,12 +126,17 @@ procedure TIdOpenSSLIOHandlerClient.BeforeInitContext(
 end;
 
 function TIdOpenSSLIOHandlerClient.Clone: TIdSSLIOHandlerSocketBase;
+var
+  LSessionCopies: TList;
+  i: Integer;
 begin
   Result := inherited Clone();
   Options.AssignTo(TIdOpenSSLIOHandlerClient(Result).Options);
   TIdOpenSSLIOHandlerClient(Result).EnsureContext();
-  TIdOpenSSLContextClientAccessor(TIdOpenSSLIOHandlerClient(Result).FContext).FSession :=
-    TIdOpenSSLContextClientAccessor(TIdOpenSSLIOHandlerClient(Self).FContext).FSession;
+  LSessionCopies := TIdOpenSSLContextClientAccessor(TIdOpenSSLIOHandlerClient(Result).FContext).FSessionList;
+  LSessionCopies.Assign(TIdOpenSSLContextClientAccessor(TIdOpenSSLIOHandlerClient(Self).FContext).FSessionList);
+  for i := 0 to LSessionCopies.Count-1 do
+    SSL_SESSION_up_ref(LSessionCopies[i]);
 end;
 
 destructor TIdOpenSSLIOHandlerClient.Destroy;

From 54bfdbc6d71830898adbd891e744355dc1b4ee79 Mon Sep 17 00:00:00 2001
From: "Fabian S. Biehn" <fbiehn@aagon.com>
Date: Fri, 6 Nov 2020 07:23:15 +0100
Subject: [PATCH 25/64] Fixed missing _ to parameter named "out" & added
 dynlibs to Loader

Thanks to @JedrzejczykRobert
---
 Lib/Protocols/OpenSSL/IdOpenSSLLoader.pas                    | 5 ++---
 .../OpenSSL/IntermediateCode/IdOpenSSLHeaders_cmac.pas       | 2 +-
 Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_cmac.pas      | 4 ++--
 Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_cmac.pas       | 4 ++--
 4 files changed, 7 insertions(+), 8 deletions(-)

diff --git a/Lib/Protocols/OpenSSL/IdOpenSSLLoader.pas b/Lib/Protocols/OpenSSL/IdOpenSSLLoader.pas
index 337a63924..0d854f421 100644
--- a/Lib/Protocols/OpenSSL/IdOpenSSLLoader.pas
+++ b/Lib/Protocols/OpenSSL/IdOpenSSLLoader.pas
@@ -26,9 +26,8 @@ implementation
 
 {$IFNDEF STATICLOAD_OPENSSL}
 uses
-{$IFDEF MSWINDOWS}
-  Windows,
-{$ENDIF}
+  {$IFDEF MSWINDOWS}Windows,{$ENDIF}
+  {$IFDEF UNIX}{$IFDEF FPC}dynlibs,{$ENDIF}{$ENDIF}
 
   IdOpenSSLHeaders_aes,
   IdOpenSSLHeaders_asn1,
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_cmac.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_cmac.pas
index 7736215a2..899ce77dd 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_cmac.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_cmac.pas
@@ -51,7 +51,7 @@ interface
   procedure CMAC_CTX_cleanup(ctx: PCMAC_CTX);
   procedure CMAC_CTX_free(ctx: PCMAC_CTX);
   function CMAC_CTX_get0_cipher_ctx(ctx: PCMAC_CTX): PEVP_CIPHER_CTX;
-  function CMAC_CTX_copy(out: PCMAC_CTX; const in_: PCMAC_CTX): TIdC_INT;
+  function CMAC_CTX_copy(out_: PCMAC_CTX; const in_: PCMAC_CTX): TIdC_INT;
   function CMAC_Init(ctx: PCMAC_CTX; const key: Pointer; keylen: TIdC_SIZET; const cipher: PEVP_Cipher; impl: PENGINe): TIdC_INT;
   function CMAC_Update(ctx: PCMAC_CTX; const data: Pointer; dlen: TIdC_SIZET): TIdC_INT;
   function CMAC_Final(ctx: PCMAC_CTX; out_: PByte; poutlen: PIdC_SIZET): TIdC_INT;
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_cmac.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_cmac.pas
index 777669afb..9c56dbcf4 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_cmac.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_cmac.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 28.10.2020 15:24:13
+// Generation date: 06.11.2020 07:16:50
 
 unit IdOpenSSLHeaders_cmac;
 
@@ -61,7 +61,7 @@ procedure UnLoad;
   CMAC_CTX_cleanup: procedure(ctx: PCMAC_CTX) cdecl = nil;
   CMAC_CTX_free: procedure(ctx: PCMAC_CTX) cdecl = nil;
   CMAC_CTX_get0_cipher_ctx: function(ctx: PCMAC_CTX): PEVP_CIPHER_CTX cdecl = nil;
-  CMAC_CTX_copy: function(out: PCMAC_CTX; const in_: PCMAC_CTX): TIdC_INT cdecl = nil;
+  CMAC_CTX_copy: function(out_: PCMAC_CTX; const in_: PCMAC_CTX): TIdC_INT cdecl = nil;
   CMAC_Init: function(ctx: PCMAC_CTX; const key: Pointer; keylen: TIdC_SIZET; const cipher: PEVP_Cipher; impl: PENGINe): TIdC_INT cdecl = nil;
   CMAC_Update: function(ctx: PCMAC_CTX; const data: Pointer; dlen: TIdC_SIZET): TIdC_INT cdecl = nil;
   CMAC_Final: function(ctx: PCMAC_CTX; out_: PByte; poutlen: PIdC_SIZET): TIdC_INT cdecl = nil;
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_cmac.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_cmac.pas
index b59dc3dd6..7e3dde4dd 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_cmac.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_cmac.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 28.10.2020 15:24:33
+// Generation date: 06.11.2020 07:16:52
 
 unit IdOpenSSLHeaders_cmac;
 
@@ -56,7 +56,7 @@ interface
   procedure CMAC_CTX_cleanup(ctx: PCMAC_CTX) cdecl; external CLibCrypto;
   procedure CMAC_CTX_free(ctx: PCMAC_CTX) cdecl; external CLibCrypto;
   function CMAC_CTX_get0_cipher_ctx(ctx: PCMAC_CTX): PEVP_CIPHER_CTX cdecl; external CLibCrypto;
-  function CMAC_CTX_copy(out: PCMAC_CTX; const in_: PCMAC_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function CMAC_CTX_copy(out_: PCMAC_CTX; const in_: PCMAC_CTX): TIdC_INT cdecl; external CLibCrypto;
   function CMAC_Init(ctx: PCMAC_CTX; const key: Pointer; keylen: TIdC_SIZET; const cipher: PEVP_Cipher; impl: PENGINe): TIdC_INT cdecl; external CLibCrypto;
   function CMAC_Update(ctx: PCMAC_CTX; const data: Pointer; dlen: TIdC_SIZET): TIdC_INT cdecl; external CLibCrypto;
   function CMAC_Final(ctx: PCMAC_CTX; out_: PByte; poutlen: PIdC_SIZET): TIdC_INT cdecl; external CLibCrypto;

From 2137a772e40e328568a91800bf86a1dcac1f16a9 Mon Sep 17 00:00:00 2001
From: "Fabian S. Biehn" <fbiehn@aagon.com>
Date: Fri, 6 Nov 2020 07:59:10 +0100
Subject: [PATCH 26/64] Fixed used-after-free

The ssl object should be destroyed before its ssl context object.

While destroying ssl context, OpenSSL calls remove_session_cb, but our
FSessionList is already freed

Thanks to @ralfjunker
---
 Lib/Protocols/OpenSSL/IdOpenSSLContextClient.pas   | 2 ++
 Lib/Protocols/OpenSSL/IdOpenSSLIOHandlerClient.pas | 3 ++-
 2 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/Lib/Protocols/OpenSSL/IdOpenSSLContextClient.pas b/Lib/Protocols/OpenSSL/IdOpenSSLContextClient.pas
index 57205d144..910cf0a19 100644
--- a/Lib/Protocols/OpenSSL/IdOpenSSLContextClient.pas
+++ b/Lib/Protocols/OpenSSL/IdOpenSSLContextClient.pas
@@ -112,6 +112,8 @@ destructor TIdOpenSSLContextClient.Destroy;
 var
   i: Integer;
 begin
+  SSL_CTX_sess_set_remove_cb(OpenSSLContext, nil);
+  SSL_CTX_sess_set_new_cb(OpenSSLContext, nil);
   for i := FSessionList.Count-1 downto 0 do
     SSL_SESSION_free(FSessionList[i]);
   FSessionList.Free();
diff --git a/Lib/Protocols/OpenSSL/IdOpenSSLIOHandlerClient.pas b/Lib/Protocols/OpenSSL/IdOpenSSLIOHandlerClient.pas
index 27576932e..1e814b638 100644
--- a/Lib/Protocols/OpenSSL/IdOpenSSLIOHandlerClient.pas
+++ b/Lib/Protocols/OpenSSL/IdOpenSSLIOHandlerClient.pas
@@ -142,8 +142,9 @@ function TIdOpenSSLIOHandlerClient.Clone: TIdSSLIOHandlerSocketBase;
 destructor TIdOpenSSLIOHandlerClient.Destroy;
 begin
   FOptions.Free();
-  FContext.Free();
   inherited;
+  // Destroy tls socket before context
+  FContext.Free();
 end;
 
 function TIdOpenSSLIOHandlerClient.GetClientSocket: TIdOpenSSLSocketClient;

From c033efd154aef7288331061a9c68d75574246e62 Mon Sep 17 00:00:00 2001
From: "Fabian S. Biehn" <fbiehn@aagon.com>
Date: Fri, 6 Nov 2020 18:27:47 +0100
Subject: [PATCH 27/64] The Server IO Handler does not immediately start a TLS
 handshake any longer

You need to set PassThrough to False

Thanks to @rlebeau
---
 Lib/Protocols/OpenSSL/IdOpenSSLIOHandlerServer.pas | 8 ++------
 1 file changed, 2 insertions(+), 6 deletions(-)

diff --git a/Lib/Protocols/OpenSSL/IdOpenSSLIOHandlerServer.pas b/Lib/Protocols/OpenSSL/IdOpenSSLIOHandlerServer.pas
index 8599cbda7..9d084d150 100644
--- a/Lib/Protocols/OpenSSL/IdOpenSSLIOHandlerServer.pas
+++ b/Lib/Protocols/OpenSSL/IdOpenSSLIOHandlerServer.pas
@@ -81,13 +81,9 @@ function TIdOpenSSLIOHandlerServer.Accept(ASocket: TIdSocketHandle;
 begin
   LIOHandler := MakeClientIOHandler() as TIdOpenSSLIOHandlerClientForServer;
   try
-    LIOHandler.PassThrough := False;
+    LIOHandler.PassThrough := True;
     LIOHandler.Open;
-    if LIOHandler.Binding.Accept(ASocket.Handle) then
-    begin
-      LIOHandler.StartSSL();
-    end
-    else
+    if not LIOHandler.Binding.Accept(ASocket.Handle) then
       FreeAndNil(LIOHandler);
   except
     FreeAndNil(LIOHandler);

From 968cf79cc98072c170181e47535bc9a96fdf4249 Mon Sep 17 00:00:00 2001
From: "Fabian S. Biehn" <fbiehn@aagon.com>
Date: Tue, 1 Dec 2020 11:42:01 +0100
Subject: [PATCH 28/64] Added SaveToFile and ctor overload for file loading to
 TIdOpenSSLX509

---
 Lib/Protocols/OpenSSL/IdOpenSSLX509.pas | 30 ++++++++++++++++++++++++-
 1 file changed, 29 insertions(+), 1 deletion(-)

diff --git a/Lib/Protocols/OpenSSL/IdOpenSSLX509.pas b/Lib/Protocols/OpenSSL/IdOpenSSLX509.pas
index ae674f61a..56a293968 100644
--- a/Lib/Protocols/OpenSSL/IdOpenSSLX509.pas
+++ b/Lib/Protocols/OpenSSL/IdOpenSSLX509.pas
@@ -88,10 +88,13 @@   TIdOpenSSLX509 = class(TIdOpenSSLPersistent)
     function ASN1TimeToDateTime(const ATimeASN1: PASN1_TIME): TDateTime;
     function GetValidToInGMT: TDateTime;
   public
-    constructor Create(const AX509: PX509); reintroduce;
+    constructor Create(const AX509: PX509); reintroduce; overload;
+    constructor Create(const AFile: string); reintroduce; overload;
     destructor Destroy; override;
     procedure AssignTo(Dest: TPersistent); override;
 
+    procedure SaveToFile(const AFile:string);
+
     /// <returns>
     ///   Returns the numerical value of the version field of the certificate.
     /// </returns>
@@ -141,11 +144,13 @@ implementation
 
 uses
   IdOpenSSLHeaders_asn1,
+  IdOpenSSLHeaders_bio,
   IdOpenSSLHeaders_bn,
   IdOpenSSLHeaders_crypto,
   IdOpenSSLHeaders_evp,
   IdOpenSSLHeaders_obj_mac,
   IdOpenSSLHeaders_objects,
+  IdOpenSSLHeaders_pem,
   IdOpenSSLHeaders_x509,
   IdOpenSSLUtils;
 
@@ -168,9 +173,20 @@ procedure TIdOpenSSLX509.AssignTo(Dest: TPersistent);
     TIdOpenSSLX509(Dest).FX509 := FX509;
 end;
 
+constructor TIdOpenSSLX509.Create(const AFile: string);
+var
+  LBio: PBIO;
+begin
+  inherited Create();
+  LBio := BIO_new_file(GetPAnsiChar(UTF8String(AFile)), 'r');
+  if Assigned(LBio) then
+    FX509 := PEM_read_bio_X509(LBio, nil, nil, nil);
+end;
+
 constructor TIdOpenSSLX509.Create(const AX509: PX509);
 begin
   inherited Create();
+  X509_up_ref(AX509);
   FX509 := AX509;
 end;
 
@@ -178,6 +194,7 @@ destructor TIdOpenSSLX509.Destroy;
 begin
   FSubject.Free();
   FIssuer.Free();
+  X509_free(FX509);
   inherited;
 end;
 
@@ -268,6 +285,17 @@ function TIdOpenSSLX509.GetVersion: TIdC_Long;
   Result := X509_get_version(FX509);
 end;
 
+procedure TIdOpenSSLX509.SaveToFile(const AFile: string);
+var
+  LBio: BIO;
+begin
+  // w: Create an empty file for output operations. If a file with the same name
+  //    already exists, its contents are discarded and the file is treated as a
+  //    new empty file.
+  LBio := BIO_new_file(GetPAnsiChar(UTF8String(AFile)), 'w');
+  PEM_write_bio_X509(LBio, FX509);
+end;
+
 { TIdOpenSSLX509Name }
 
 procedure TIdOpenSSLX509Name.AssignTo(Dest: TPersistent);

From 63c620213e8352370fda7049768732d5bf17b9f0 Mon Sep 17 00:00:00 2001
From: "Fabian S. Biehn" <fbiehn@aagon.com>
Date: Tue, 1 Dec 2020 11:42:22 +0100
Subject: [PATCH 29/64] Added missing file header to IdOpenSSLX509

---
 Lib/Protocols/OpenSSL/IdOpenSSLX509.pas | 26 +++++++++++++++++++++++++
 1 file changed, 26 insertions(+)

diff --git a/Lib/Protocols/OpenSSL/IdOpenSSLX509.pas b/Lib/Protocols/OpenSSL/IdOpenSSLX509.pas
index 56a293968..d7401fbaa 100644
--- a/Lib/Protocols/OpenSSL/IdOpenSSLX509.pas
+++ b/Lib/Protocols/OpenSSL/IdOpenSSLX509.pas
@@ -1,3 +1,29 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
 unit IdOpenSSLX509;
 
 interface

From 2d8c9d96c0a5e641949c3cf02ce0cbc998ba962f Mon Sep 17 00:00:00 2001
From: mezen <mezen@users.noreply.github.com>
Date: Wed, 6 Jan 2021 09:47:52 +0100
Subject: [PATCH 30/64] Fixed using PBIO instead of BIO directly

---
 Lib/Protocols/OpenSSL/IdOpenSSLX509.pas | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Lib/Protocols/OpenSSL/IdOpenSSLX509.pas b/Lib/Protocols/OpenSSL/IdOpenSSLX509.pas
index d7401fbaa..bb705e453 100644
--- a/Lib/Protocols/OpenSSL/IdOpenSSLX509.pas
+++ b/Lib/Protocols/OpenSSL/IdOpenSSLX509.pas
@@ -313,7 +313,7 @@ function TIdOpenSSLX509.GetVersion: TIdC_Long;
 
 procedure TIdOpenSSLX509.SaveToFile(const AFile: string);
 var
-  LBio: BIO;
+  LBio: PBIO;
 begin
   // w: Create an empty file for output operations. If a file with the same name
   //    already exists, its contents are discarded and the file is treated as a

From 65480ac563e261a9a561c0a645f32787bdc9ba21 Mon Sep 17 00:00:00 2001
From: "Fabian S. Biehn" <fbiehn@aagon.com>
Date: Tue, 2 Mar 2021 08:43:20 +0100
Subject: [PATCH 31/64] Use existing CheckForError and RaiseError

---
 Lib/Protocols/OpenSSL/IdOpenSSLExceptions.pas |  2 +
 .../OpenSSL/IdOpenSSLIOHandlerClientBase.pas  | 47 +++++++++++++++++++
 Lib/Protocols/OpenSSL/IdOpenSSLSocket.pas     | 15 +++++-
 3 files changed, 63 insertions(+), 1 deletion(-)

diff --git a/Lib/Protocols/OpenSSL/IdOpenSSLExceptions.pas b/Lib/Protocols/OpenSSL/IdOpenSSLExceptions.pas
index 26fb7036b..64d553bb0 100644
--- a/Lib/Protocols/OpenSSL/IdOpenSSLExceptions.pas
+++ b/Lib/Protocols/OpenSSL/IdOpenSSLExceptions.pas
@@ -118,6 +118,7 @@   EIdOpenSSLSetPrivateKeyError = class(EIdOpenSSLErrorStackBasedError);
   EIdOpenSSLCertAndPrivKeyMisMatchError = class(EIdOpenSSLErrorStackBasedError);
   EIdOpenSSLSessionIdContextError = class(EIdOpenSSLErrorStackBasedError);
   EIdOpenSSLSetSessionError = class(EIdOpenSSLErrorStackBasedError);
+  EIdOpenSSLUnspecificStackError = class(EIdOpenSSLErrorStackBasedError);
 
   /// <summary>
   ///   Base class for errors that are based on the ssl error return codes
@@ -133,6 +134,7 @@   EIdOpenSSLSSLBasedError = class(EIdOpenSSLErrorStackBasedError)
   EIdOpenSSLConnectError = class(EIdOpenSSLSSLBasedError);
   EIdOpenSSLAcceptError = class(EIdOpenSSLSSLBasedError);
   EIdOpenSSLShutdownError = class(EIdOpenSSLSSLBasedError);
+  EIdOpenSSLUnspecificError = class(EidOpenSSLSSLBasedError);
 
 implementation
 
diff --git a/Lib/Protocols/OpenSSL/IdOpenSSLIOHandlerClientBase.pas b/Lib/Protocols/OpenSSL/IdOpenSSLIOHandlerClientBase.pas
index bbce51fd1..22b9cb6ba 100644
--- a/Lib/Protocols/OpenSSL/IdOpenSSLIOHandlerClientBase.pas
+++ b/Lib/Protocols/OpenSSL/IdOpenSSLIOHandlerClientBase.pas
@@ -56,6 +56,9 @@   TIdOpenSSLIOHandlerClientBase = class(TIdSSLIOHandlerSocketBase)
     procedure ConnectClient; override;
     procedure Close; override;
 
+    function CheckForError(ALastResult: Integer): Integer; override;
+    procedure RaiseError(AError: Integer); override;
+
     function Readable(AMSec: Integer = IdTimeoutDefault): Boolean; override;
 
     function Clone: TIdSSLIOHandlerSocketBase; override;
@@ -64,9 +67,14 @@   TIdOpenSSLIOHandlerClientBase = class(TIdSSLIOHandlerSocketBase)
 implementation
 
 uses
+  IdOpenSSLExceptions,
+  IdOpenSSLHeaders_ssl,
   IdStackConsts,
   SysUtils;
 
+type
+  TIdOpenSSLSocketAccessor = class(TIdOpenSSLSocket);
+
 { TIdOpenSSLIOHandlerClientBase }
 
 procedure TIdOpenSSLIOHandlerClientBase.AfterAccept;
@@ -101,6 +109,29 @@ destructor TIdOpenSSLIOHandlerClientBase.Destroy;
   inherited;
 end;
 
+function TIdOpenSSLIOHandlerClientBase.CheckForError(ALastResult: Integer): Integer;
+begin
+  if PassThrough then
+  begin
+    Result := inherited CheckForError(ALastResult);
+    Exit;
+  end;
+
+  Result := FTLSSocket.GetErrorCode(ALastResult);
+  case Result of
+    SSL_ERROR_SYSCALL:
+      inherited CheckForError(ALastResult);
+//      inherited CheckForError(Integer(Id_SOCKET_ERROR));
+    SSL_ERROR_NONE:
+    begin
+      Result := 0;
+      Exit;
+    end;
+  else
+    raise EIdOpenSSLUnspecificStackError.Create('', Result);
+  end;
+end;
+
 function TIdOpenSSLIOHandlerClientBase.Clone: TIdSSLIOHandlerSocketBase;
 begin
   Result := TIdClientSSLClass(Self.ClassType).Create(Owner);
@@ -137,6 +168,22 @@ procedure TIdOpenSSLIOHandlerClientBase.SetPassThrough(const Value: Boolean);
   end;
 end;
 
+procedure TIdOpenSSLIOHandlerClientBase.RaiseError(AError: Integer);
+
+  function IsSocketError(const AError: Integer): Boolean; {$IFDEF USE_INLINE}inline;{$ENDIF}
+  begin
+    Result := (AError = Id_WSAESHUTDOWN)
+      or (AError = Id_WSAECONNABORTED)
+      or (AError = Id_WSAECONNRESET)
+  end;
+
+begin
+  if PassThrough or IsSocketError(AError) or not Assigned(FTLSSocket) then
+    inherited RaiseError(AError)
+  else
+    raise EIdOpenSSLUnspecificError.Create(TIdOpenSSLSocketAccessor(FTLSSocket).FSSL, AError, '');
+end;
+
 function TIdOpenSSLIOHandlerClientBase.Readable(AMSec: Integer): Boolean;
 begin
   Result := True;
diff --git a/Lib/Protocols/OpenSSL/IdOpenSSLSocket.pas b/Lib/Protocols/OpenSSL/IdOpenSSLSocket.pas
index 15e9ef23d..8e2c474c5 100644
--- a/Lib/Protocols/OpenSSL/IdOpenSSLSocket.pas
+++ b/Lib/Protocols/OpenSSL/IdOpenSSLSocket.pas
@@ -54,6 +54,7 @@   TIdOpenSSLSocket = class(TObject)
     ///   connection is closed from the peer
     /// </param>
     function ShouldRetry(const ASSL: PSSL; var AReturnCode: Integer): Boolean;
+    function GetErrorCode(const ASSL: PSSL; const AReturnCode: Integer): Integer; overload;
   public
     constructor Create(const AContext: PSSL_CTX);
     destructor Destroy; override;
@@ -64,6 +65,8 @@   TIdOpenSSLSocket = class(TObject)
     function Receive(var ABuffer: TIdBytes): Integer;
 
     function HasReadableData: Boolean;
+
+    function GetErrorCode(const AReturnCode: Integer): Integer; overload;
   end;
 
 implementation
@@ -110,6 +113,16 @@ destructor TIdOpenSSLSocket.Destroy;
   inherited;
 end;
 
+function TIdOpenSSLSocket.GetErrorCode(const AReturnCode: Integer): Integer;
+begin
+  Result := GetErrorCode(FSSL, AReturnCode);
+end;
+
+function TIdOpenSSLSocket.GetErrorCode(const ASSL: PSSL; const AReturnCode: Integer): Integer;
+begin
+  Result := SSL_get_error(ASSL, AReturnCode);
+end;
+
 function TIdOpenSSLSocket.HasReadableData: Boolean;
 begin
   Result := SSL_pending(FSSL) > 0;
@@ -123,7 +136,7 @@ function TIdOpenSSLSocket.ShouldRetry(const ASSL: PSSL; var AReturnCode: Integer
   if AReturnCode > 0 then
     Exit;
 
-  case SSL_get_error(ASSL, AReturnCode) of
+  case GetErrorCode(ASSL, AReturnCode) of
     SSL_ERROR_NONE:
     // The TLS/SSL I/O operation completed. This result code is returned if and
     // only if AReturnCode > 0

From f5051e1281807f92209a3f4fe73b75cec3d50fc8 Mon Sep 17 00:00:00 2001
From: "Fabian S. Biehn" <fbiehn@aagon.com>
Date: Tue, 2 Mar 2021 08:43:42 +0100
Subject: [PATCH 32/64] Add additional Infos to EIdOpenSSLAcceptError

---
 .../OpenSSL/IdOpenSSLIOHandlerClientServer.pas    | 15 +++++++++++++--
 1 file changed, 13 insertions(+), 2 deletions(-)

diff --git a/Lib/Protocols/OpenSSL/IdOpenSSLIOHandlerClientServer.pas b/Lib/Protocols/OpenSSL/IdOpenSSLIOHandlerClientServer.pas
index 3dada76eb..4a710272f 100644
--- a/Lib/Protocols/OpenSSL/IdOpenSSLIOHandlerClientServer.pas
+++ b/Lib/Protocols/OpenSSL/IdOpenSSLIOHandlerClientServer.pas
@@ -46,7 +46,9 @@   TIdOpenSSLIOHandlerClientForServer = class(TIdOpenSSLIOHandlerClientBase)
 implementation
 
 uses
-  IdOpenSSLSocketServer;
+  IdOpenSSLExceptions,
+  IdOpenSSLSocketServer,
+  SysUtils;
 
 { TIdOpenSSLIOHandlerClientForServer }
 
@@ -67,7 +69,16 @@ procedure TIdOpenSSLIOHandlerClientForServer.StartSSL;
   inherited;
   if PassThrough then
     Exit;
-  (FTLSSocket as TIdOpenSSLSocketServer).Accept(Binding.Handle);
+  try
+    (FTLSSocket as TIdOpenSSLSocketServer).Accept(Binding.Handle);
+  except
+    on E: EIdOpenSSLAcceptError do
+    begin
+      if Binding.PeerIP <> '' then
+        E.Message := Format('%s [%s]:[%d]', [E.Message, Binding.PeerIP, Binding.PeerPort]);
+      raise;
+    end;
+  end;
 end;
 
 end.

From 1dad0bf24c9d4f8a77352f2f02e1336d4583d90e Mon Sep 17 00:00:00 2001
From: "Fabian S. Biehn" <fbiehn@aagon.com>
Date: Fri, 23 Jul 2021 14:43:17 +0200
Subject: [PATCH 33/64] Replaced `&parameter ` with `parameter_`

For better support of older delphi versions and fpc
---
 .../IdOpenSSLHeaders_asn1.pas                 | 30 +++++++-------
 .../IntermediateCode/IdOpenSSLHeaders_bio.pas |  4 +-
 .../IntermediateCode/IdOpenSSLHeaders_bn.pas  |  2 +-
 .../IdOpenSSLHeaders_buffer.pas               |  2 +-
 .../IntermediateCode/IdOpenSSLHeaders_cms.pas | 14 +++----
 .../IdOpenSSLHeaders_crypto.pas               |  2 +-
 .../IntermediateCode/IdOpenSSLHeaders_dsa.pas |  4 +-
 .../IntermediateCode/IdOpenSSLHeaders_ec.pas  | 14 +++----
 .../IntermediateCode/IdOpenSSLHeaders_evp.pas | 38 +++++++++---------
 .../IdOpenSSLHeaders_idea.pas                 |  2 +-
 .../IdOpenSSLHeaders_objects.pas              |  4 +-
 .../IntermediateCode/IdOpenSSLHeaders_pem.pas | 12 +++---
 .../IdOpenSSLHeaders_pkcs7.pas                |  8 ++--
 .../IntermediateCode/IdOpenSSLHeaders_rsa.pas | 10 ++---
 .../IntermediateCode/IdOpenSSLHeaders_ssl.pas |  6 +--
 .../IdOpenSSLHeaders_txt_db.pas               |  4 +-
 .../IdOpenSSLHeaders_x509.pas                 |  8 ++--
 .../IdOpenSSLHeaders_x509v3.pas               | 14 +++----
 .../OpenSSL/dynamic/IdOpenSSLHeaders_asn1.pas | 40 +++++++++++--------
 .../OpenSSL/dynamic/IdOpenSSLHeaders_bio.pas  |  6 +--
 .../OpenSSL/dynamic/IdOpenSSLHeaders_bn.pas   |  4 +-
 .../dynamic/IdOpenSSLHeaders_buffer.pas       |  4 +-
 .../OpenSSL/dynamic/IdOpenSSLHeaders_cms.pas  | 16 ++++----
 .../dynamic/IdOpenSSLHeaders_crypto.pas       |  4 +-
 .../OpenSSL/dynamic/IdOpenSSLHeaders_dsa.pas  |  6 +--
 .../OpenSSL/dynamic/IdOpenSSLHeaders_ec.pas   | 16 ++++----
 .../OpenSSL/dynamic/IdOpenSSLHeaders_evp.pas  | 40 +++++++++----------
 .../OpenSSL/dynamic/IdOpenSSLHeaders_idea.pas |  4 +-
 .../dynamic/IdOpenSSLHeaders_objects.pas      |  6 +--
 .../OpenSSL/dynamic/IdOpenSSLHeaders_pem.pas  | 14 +++----
 .../dynamic/IdOpenSSLHeaders_pkcs7.pas        | 10 ++---
 .../OpenSSL/dynamic/IdOpenSSLHeaders_rsa.pas  | 12 +++---
 .../OpenSSL/dynamic/IdOpenSSLHeaders_ssl.pas  |  8 ++--
 .../dynamic/IdOpenSSLHeaders_txt_db.pas       |  6 +--
 .../OpenSSL/dynamic/IdOpenSSLHeaders_x509.pas | 10 ++---
 .../dynamic/IdOpenSSLHeaders_x509v3.pas       | 16 ++++----
 .../OpenSSL/static/IdOpenSSLHeaders_asn1.pas  | 32 +++++++--------
 .../OpenSSL/static/IdOpenSSLHeaders_bio.pas   |  6 +--
 .../OpenSSL/static/IdOpenSSLHeaders_bn.pas    |  4 +-
 .../static/IdOpenSSLHeaders_buffer.pas        |  4 +-
 .../OpenSSL/static/IdOpenSSLHeaders_cms.pas   | 16 ++++----
 .../static/IdOpenSSLHeaders_crypto.pas        |  4 +-
 .../OpenSSL/static/IdOpenSSLHeaders_dsa.pas   |  6 +--
 .../OpenSSL/static/IdOpenSSLHeaders_ec.pas    | 16 ++++----
 .../OpenSSL/static/IdOpenSSLHeaders_evp.pas   | 40 +++++++++----------
 .../OpenSSL/static/IdOpenSSLHeaders_idea.pas  |  4 +-
 .../static/IdOpenSSLHeaders_objects.pas       |  6 +--
 .../OpenSSL/static/IdOpenSSLHeaders_pem.pas   | 14 +++----
 .../OpenSSL/static/IdOpenSSLHeaders_pkcs7.pas | 10 ++---
 .../OpenSSL/static/IdOpenSSLHeaders_rsa.pas   | 12 +++---
 .../OpenSSL/static/IdOpenSSLHeaders_ssl.pas   |  8 ++--
 .../static/IdOpenSSLHeaders_txt_db.pas        |  6 +--
 .../OpenSSL/static/IdOpenSSLHeaders_x509.pas  | 10 ++---
 .../static/IdOpenSSLHeaders_x509v3.pas        | 16 ++++----
 54 files changed, 311 insertions(+), 303 deletions(-)

diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_asn1.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_asn1.pas
index 526bf1797..395b84fa7 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_asn1.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_asn1.pas
@@ -396,7 +396,7 @@   asn1_string_table_st = record
    * would be used when a function takes an ASN1_ITEM * argument.
    *
    *)
-		
+
 // # ifndef OPENSSL_EXPORT_VAR_AS_FUNCTION
 
 ///(* ASN1_ITEM pointer exported type *)
@@ -483,7 +483,7 @@   BIT_STRING_BITNAME_st = record
   procedure ASN1_STRING_clear_free(a: PASN1_STRING);
   function ASN1_STRING_copy(dst: PASN1_STRING; const str: PASN1_STRING): TIdC_INT;
   function ASN1_STRING_dup(const a: PASN1_STRING): PASN1_STRING;
-  function ASN1_STRING_type_new(&type: TIdC_INT): PASN1_STRING;
+  function ASN1_STRING_type_new(type_: TIdC_INT): PASN1_STRING;
   function ASN1_STRING_cmp(const a: PASN1_STRING; const b: PASN1_STRING): TIdC_INT;
 
   (*
@@ -503,7 +503,7 @@   BIT_STRING_BITNAME_st = record
   function ASN1_BIT_STRING_get_bit(const a: PASN1_BIT_STRING; n: TIdC_INT): TIdC_INT;
   function ASN1_BIT_STRING_check(const a: PASN1_BIT_STRING; const flags: PByte; flags_len: TIdC_INT): TIdC_INT;
 
-  function ASN1_BIT_STRING_name_print(&out: PBIO; bs: PASN1_BIT_STRING; tbl: PBIT_STRING_BITNAME; indent: TIdC_INT): TIdC_INT;
+  function ASN1_BIT_STRING_name_print(out_: PBIO; bs: PASN1_BIT_STRING; tbl: PBIT_STRING_BITNAME; indent: TIdC_INT): TIdC_INT;
   function ASN1_BIT_STRING_num_asc(const name: PIdAnsiChar; tbl: PBIT_STRING_BITNAME): TIdC_INT;
   function ASN1_BIT_STRING_set_asc(bs: PASN1_BIT_STRING; const name: PIdAnsiChar; value: TIdC_INT; tbl: PBIT_STRING_BITNAME): TIdC_INT;
 
@@ -575,7 +575,7 @@   BIT_STRING_BITNAME_st = record
   function i2a_ASN1_STRING(bp: PBIO; const a: PASN1_STRING; type_: TIdC_INT): TIdC_INT;
   function i2t_ASN1_OBJECT(buf: PAnsiChar; buf_len: TIdC_INT; const a: PASN1_OBJECT): TIdC_INT;
 
-  function a2d_ASN1_OBJECT(&out: PByte; olen: TIdC_INT; const buf: PIdAnsiChar; num: TIdC_INT): TIdC_INT;
+  function a2d_ASN1_OBJECT(out_: PByte; olen: TIdC_INT; const buf: PIdAnsiChar; num: TIdC_INT): TIdC_INT;
   function ASN1_OBJECT_create(nid: TIdC_INT; data: PByte; len: TIdC_INT; const sn: PAnsiChar; const ln: PAnsiChar): PASN1_OBJECT;
 
   function ASN1_INTEGER_get_int64(pr: PIdC_Int64; const a: PASN1_INTEGER): TIdC_INT;
@@ -658,7 +658,7 @@   BIT_STRING_BITNAME_st = record
   //function ASN1_STRING_print_ex_fp(&fp: PFILE; const str: PASN1_STRING; flags: TIdC_ULONG): TIdC_INT;
   //# endif
 
-  function ASN1_STRING_to_UTF8(&out: PPByte; const in_: PASN1_STRING): TIdC_INT;
+  function ASN1_STRING_to_UTF8(out_: PPByte; const in_: PASN1_STRING): TIdC_INT;
 
   //void *ASN1_d2i_bio(void *(*xnew) (void), d2i_of_void *d2i, BIO *in, void **x);
 
@@ -686,7 +686,7 @@   BIT_STRING_BITNAME_st = record
   function ASN1_GENERALIZEDTIME_print(fp: PBIO; const a: PASN1_GENERALIZEDTIME): TIdC_INT;
   function ASN1_TIME_print(fp: PBIO; const a: PASN1_TIME): TIdC_INT;
   function ASN1_STRING_print(bp: PBIO; const v: PASN1_STRING): TIdC_INT;
-  function ASN1_STRING_print_ex(&out: PBIO; const str: PASN1_STRING; flags: TIdC_ULONG): TIdC_INT;
+  function ASN1_STRING_print_ex(out_: PBIO; const str: PASN1_STRING; flags: TIdC_ULONG): TIdC_INT;
   function ASN1_buf_print(bp: PBIO; const buf: PByte; buflen: TIdC_SIZET; off: TIdC_INT): TIdC_INT;
   function ASN1_bn_print(bp: PBIO; const number: PIdAnsiChar; const num: PBIGNUM; buf: PByte; off: TIdC_INT): TIdC_INT;
   function ASN1_parse(bp: PBIO; const pp: PByte; len: TIdC_LONG; indent: TIdC_INT): TIdC_INT;
@@ -709,10 +709,10 @@   BIT_STRING_BITNAME_st = record
   procedure ASN1_STRING_set_default_mask(mask: TIdC_ULONG);
   function ASN1_STRING_set_default_mask_asc(const p: PAnsiChar): TIdC_INT;
   function ASN1_STRING_get_default_mask: TIdC_ULONG;
-  function ASN1_mbstring_copy(&out: PPASN1_STRING; const in_: PByte; len: TIdC_INT; inform: TIdC_INT; mask: TIdC_ULONG): TIdC_INT;
-  function ASN1_mbstring_ncopy(&out: PPASN1_STRING; const in_: PByte; len: TIdC_INT; inform: TIdC_INT; mask: TIdC_ULONG; minsize: TIdC_LONG; maxsize: TIdC_LONG): TIdC_INT;
+  function ASN1_mbstring_copy(out_: PPASN1_STRING; const in_: PByte; len: TIdC_INT; inform: TIdC_INT; mask: TIdC_ULONG): TIdC_INT;
+  function ASN1_mbstring_ncopy(out_: PPASN1_STRING; const in_: PByte; len: TIdC_INT; inform: TIdC_INT; mask: TIdC_ULONG; minsize: TIdC_LONG; maxsize: TIdC_LONG): TIdC_INT;
 
-  function ASN1_STRING_set_by_NID(&out: PPASN1_STRING; const in_: PByte; inlen: TIdC_INT; inform: TIdC_INT; nid: TIdC_INT): PASN1_STRING;
+  function ASN1_STRING_set_by_NID(out_: PPASN1_STRING; const in_: PByte; inlen: TIdC_INT; inform: TIdC_INT; nid: TIdC_INT): PASN1_STRING;
   function ASN1_STRING_TABLE_get(nid: TIdC_INT): PASN1_STRING_TABLE;
   function ASN1_STRING_TABLE_add(v1: TIdC_INT; v2: TIdC_LONG; v3: TIdC_LONG; v4: TIdC_ULONG; v5: TIdC_ULONG): TIdC_INT;
   procedure ASN1_STRING_TABLE_cleanup;
@@ -733,7 +733,7 @@   BIT_STRING_BITNAME_st = record
   function ASN1_generate_v3(const str: PAnsiChar; cnf: PX509V3_CTX): PASN1_TYPE;
   function ASN1_str2mask(const str: PByte; pmask: PIdC_ULONG): TIdC_INT;
 
-  function ASN1_item_print(&out: PBIO; ifld: PASN1_VALUE; indent: TIdC_INT; const it: PASN1_ITEM; const pctx: PASN1_PCTX): TIdC_INT;
+  function ASN1_item_print(out_: PBIO; ifld: PASN1_VALUE; indent: TIdC_INT; const it: PASN1_ITEM; const pctx: PASN1_PCTX): TIdC_INT;
   function ASN1_PCTX_new: PASN1_PCTX;
   procedure ASN1_PCTX_free(p: PASN1_PCTX);
   function ASN1_PCTX_get_flags(const p: PASN1_PCTX): TIdC_ULONG;
@@ -757,16 +757,16 @@   BIT_STRING_BITNAME_st = record
 
   function BIO_f_asn1: PBIO_METHOD;
 
-  function BIO_new_NDEF(&out: PBIO; val: PASN1_VALUE; const it: PASN1_ITEM): PBIO;
+  function BIO_new_NDEF(out_: PBIO; val: PASN1_VALUE; const it: PASN1_ITEM): PBIO;
 
-  function i2d_ASN1_bio_stream(&out: PBIO; val: PASN1_VALUE; in_: PBIO; flags: TIdC_INT; const it: PASN1_ITEM): TIdC_INT;
-  function PEM_write_bio_ASN1_stream(&out: PBIO; val: PASN1_VALUE; in_: PBIO; flags: TIdC_INT; const hdr: PAnsiChar; const it: PASN1_ITEM): TIdC_INT;
+  function i2d_ASN1_bio_stream(out_: PBIO; val: PASN1_VALUE; in_: PBIO; flags: TIdC_INT; const it: PASN1_ITEM): TIdC_INT;
+  function PEM_write_bio_ASN1_stream(out_: PBIO; val: PASN1_VALUE; in_: PBIO; flags: TIdC_INT; const hdr: PAnsiChar; const it: PASN1_ITEM): TIdC_INT;
   //function SMIME_write_ASN1(bio: PBIO; val: PASN1_VALUE; data: PBIO; flags: TIdC_INT;
   //                     ctype_nid: TIdC_INT; econt_nid: TIdC_INT;
   //                     STACK_OF(X509_ALGOR) *mdalgs, const ASN1_ITEM *it): TIdC_INT;
   function SMIME_read_ASN1(bio: PBIO; bcont: PPBIO; const it: PASN1_ITEM): PASN1_VALUE;
-  function SMIME_crlf_copy(&in: PBIO; out_: PBIO; flags: TIdC_INT): TIdC_INT;
-  function SMIME_text(&in: PBIO; out_: PBIO): TIdC_INT;
+  function SMIME_crlf_copy(in_: PBIO; out_: PBIO; flags: TIdC_INT): TIdC_INT;
+  function SMIME_text(in_: PBIO; out_: PBIO): TIdC_INT;
 
   function ASN1_ITEM_lookup(const name: PIdAnsiChar): PASN1_ITEM;
   function ASN1_ITEM_get(i: TIdC_SIZET): PASN1_ITEM;
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_bio.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_bio.pas
index c5899726f..55155145f 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_bio.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_bio.pas
@@ -569,7 +569,7 @@ function BIO_do_handshake(b: PBIO): TIdC_LONG;
   function BIO_get_retry_BIO(bio: PBIO; reason: TIdC_INT): PBIO;
   function BIO_get_retry_reason(bio: PBIO): TIdC_INT;
   procedure BIO_set_retry_reason(bio: PBIO; reason: TIdC_INT);
-  function BIO_dup_chain(&in: PBIO): PBIO;
+  function BIO_dup_chain(in_: PBIO): PBIO;
 
   function BIO_nread0(bio: PBIO; buf: PPIdAnsiChar): TIdC_INT;
   function BIO_nread(bio: PBIO; buf: PPIdAnsiChar; num: TIdC_INT): TIdC_INT;
@@ -623,7 +623,7 @@ function BIO_do_handshake(b: PBIO): TIdC_LONG;
 //  function BIO_dump_fp(fp: cFile; const s: PByte; len: TIdC_INT): TIdC_INT;
 //  function BIO_dump_indent_fp(fp: cFile; const s: PByte; len: TIdC_INT; indent: TIdC_INT): TIdC_INT;
 
-  function BIO_hex_string(&out: PBIO; indent: TIdC_INT; width: TIdC_INT; data: PByte; datalen: TIdC_INT): TIdC_INT;
+  function BIO_hex_string(out_: PBIO; indent: TIdC_INT; width: TIdC_INT; data: PByte; datalen: TIdC_INT): TIdC_INT;
 
   function BIO_ADDR_new: PBIO_ADDR;
   function BIO_ADDR_rawmake(ap: PBIO_ADDR; familiy: TIdC_INT; const where: Pointer; wherelen: TIdC_SIZET; port: TIdC_SHORT): TIdC_INT;
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_bn.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_bn.pas
index ede9ce897..fc587ce4c 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_bn.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_bn.pas
@@ -407,7 +407,7 @@ interface
 //int (*BN_nist_mod_func(const BIGNUM *p)) (BIGNUM *r, const BIGNUM *a,
 //                                          const BIGNUM *field, BN_CTX *ctx);
 
-  function BN_generate_dsa_nonce(&out: PBIGNUM; range: PBIGNUM; priv: PBIGNUM; const message_: PByte; message_len: TIdC_SIZET; ctx: PBN_CTX): TIdC_INT;
+  function BN_generate_dsa_nonce(out_: PBIGNUM; range: PBIGNUM; priv: PBIGNUM; const message_: PByte; message_len: TIdC_SIZET; ctx: PBN_CTX): TIdC_INT;
 
   (* Primes from RFC 2409 *)
   function BN_get_rfc2409_prime_768(bn: PBIGNUM ): PBIGNUM;
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_buffer.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_buffer.pas
index 0fff7e7ba..392eee2ec 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_buffer.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_buffer.pas
@@ -56,7 +56,7 @@   buf_mem_st = record
   procedure BUF_MEM_free(a: PBUF_MEM);
   function BUF_MEM_grow(str: PBUF_MEM; len: TIdC_SIZET): TIdC_SIZET;
   function BUF_MEM_grow_clean(str: PBUF_MEM; len: TIdC_SIZET): TIdC_SIZET;
-  procedure BUF_reverse(&out: PByte; const in_: PByte; siz: TIdC_SIZET);
+  procedure BUF_reverse(out_: PByte; const in_: PByte; siz: TIdC_SIZET);
 
 implementation
 
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_cms.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_cms.pas
index b5c677cbd..f0120f7a0 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_cms.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_cms.pas
@@ -139,9 +139,9 @@ interface
   function d2i_CMS_bio(bp: PBIO; cms: PPCMS_ContentInfo): PCMS_ContentInfo;
   function i2d_CMS_bio(bp: PBIO; cms: PCMS_ContentInfo): TIdC_INT;
 
-  function BIO_new_CMS(&out: PBIO; cms: PCMS_ContentInfo): PBIO;
-  function i2d_CMS_bio_stream(&out: PBIO; cms: PCMS_ContentInfo; in_: PBIO; flags: TIdC_INT): TIdC_INT;
-  function PEM_write_bio_CMS_stream(&out: PBIO; cms: PCMS_ContentInfo; in_: PBIO; flags: TIdC_INT): TIdC_INT;
+  function BIO_new_CMS(out_: PBIO; cms: PCMS_ContentInfo): PBIO;
+  function i2d_CMS_bio_stream(out_: PBIO; cms: PCMS_ContentInfo; in_: PBIO; flags: TIdC_INT): TIdC_INT;
+  function PEM_write_bio_CMS_stream(out_: PBIO; cms: PCMS_ContentInfo; in_: PBIO; flags: TIdC_INT): TIdC_INT;
   function SMIME_read_CMS(bio: PBIO; bcont: PPBIO): PCMS_ContentInfo;
   function SMIME_write_CMS(bio: PBIO; cms: PCMS_ContentInfo; data: PBIO; flags: TIdC_INT): TIdC_INT;
 
@@ -152,14 +152,14 @@ interface
 //  function CMS_sign_receipt(si: PCMS_SignerInfo; signcert: PX509; pkey: PEVP_PKEY; {STACK_OF(X509) *certs;} flags: TIdC_UINT): PCMS_ContentInfo;
 
   function CMS_data(cms: PCMS_ContentInfo; out_: PBIO; flags: TIdC_UINT): TIdC_INT;
-  function CMS_data_create(&in: PBIO; flags: TIdC_UINT): PCMS_ContentInfo;
+  function CMS_data_create(in_: PBIO; flags: TIdC_UINT): PCMS_ContentInfo;
 
   function CMS_digest_verify(cms: PCMS_ContentInfo; dcont: PBIO; out_: PBIO; flags: TIdC_UINT): TIdC_INT;
-  function CMS_digest_create(&in: PBIO; const md: PEVP_MD; flags: TIdC_UINT): PCMS_ContentInfo;
+  function CMS_digest_create(in_: PBIO; const md: PEVP_MD; flags: TIdC_UINT): PCMS_ContentInfo;
 
   function CMS_EncryptedData_decrypt(cms: PCMS_ContentInfo; const key: PByte; keylen: TIdC_SIZET; dcont: PBIO; out_: PBIO; flags: TIdC_UINT): TIdC_INT;
 
-  function CMS_EncryptedData_encrypt(&in: PBIO; const cipher: PEVP_CIPHER; const key: PByte; keylen: TIdC_SIZET; flags: TIdC_UINT): PCMS_ContentInfo;
+  function CMS_EncryptedData_encrypt(in_: PBIO; const cipher: PEVP_CIPHER; const key: PByte; keylen: TIdC_SIZET; flags: TIdC_UINT): PCMS_ContentInfo;
 
   function CMS_EncryptedData_set1_key(cms: PCMS_ContentInfo; const ciph: PEVP_CIPHER; const key: PByte; keylen: TIdC_SIZET): TIdC_INT;
 
@@ -203,7 +203,7 @@ interface
   function CMS_RecipientInfo_encrypt(cms: PCMS_ContentInfo; ri: PCMS_RecipientInfo): TIdC_INT;
 
   function CMS_uncompress(cms: PCMS_ContentInfo; dcont: PBIO; out_: PBIO; flags: TIdC_UINT): TIdC_INT;
-  function CMS_compress(&in: PBIO; comp_nid: TIdC_INT; flags: TIdC_UINT): PCMS_ContentInfo;
+  function CMS_compress(in_: PBIO; comp_nid: TIdC_INT; flags: TIdC_UINT): PCMS_ContentInfo;
 
   function CMS_set1_eContentType(cms: CMS_ContentInfo; const oit: PASN1_OBJECT): TIdC_INT;
   function CMS_get0_eContentType(cms: PCMS_ContentInfo): PASN1_OBJECT;
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_crypto.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_crypto.pas
index 9005d4ba3..f1fbc7a28 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_crypto.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_crypto.pas
@@ -182,7 +182,7 @@ function OPENSSL_secure_actual_size(ptr: Pointer): TIdC_SIZET;
   // # define OPENSSL_MALLOC_MAX_NELEMS(type)  (((1U<<(sizeof(int)*8-1))-1)/sizeof(type))
 
   function OpenSSL_version_num: TIdC_ULONG;
-  function OpenSSL_version(&type: TIdC_INT): PIdAnsiChar;
+  function OpenSSL_version(type_: TIdC_INT): PIdAnsiChar;
 
   function OPENSSL_issetugid: TIdC_INT;
 
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_dsa.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_dsa.pas
index 91fd84237..04058b423 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_dsa.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_dsa.pas
@@ -109,8 +109,8 @@ interface
   function DSA_size(const v1: PDSA): TIdC_INT;
   function DSA_bits(const d: PDSA): TIdC_INT;
   function DSA_security_bits(const d: PDSA): TIdC_INT;
-  function DSA_sign(&type: TIdC_INT; const dgst: PByte; dlen: TIdC_INT; sig: PByte; siglen: PIdC_UINT; dsa: PDSA): TIdC_INT;
-  function DSA_verify(&type: TIdC_INT; const dgst: PByte; dgst_len: TIdC_INT; const sigbuf: PByte; siglen: TIdC_INT; dsa: PDSA): TIdC_INT;
+  function DSA_sign(type_: TIdC_INT; const dgst: PByte; dlen: TIdC_INT; sig: PByte; siglen: PIdC_UINT; dsa: PDSA): TIdC_INT;
+  function DSA_verify(type_: TIdC_INT; const dgst: PByte; dgst_len: TIdC_INT; const sigbuf: PByte; siglen: TIdC_INT; dsa: PDSA): TIdC_INT;
   //#define DSA_get_ex_new_index(l, p, newf, dupf, freef) \
   //    CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_DSA, l, p, newf, dupf, freef)
   function DSA_set_ex_data(d: PDSA; idx: TIdC_INT; arg: Pointer): TIdC_INT;
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ec.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ec.pas
index 368eb8f2d..b68893480 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ec.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ec.pas
@@ -113,11 +113,11 @@   EC_builtin_curve = record
 
   EC_KEY_METHOD_compute_key_ckey = function(psec: PPByte; pseclen: PIdC_SIZET; const pub_key: PEC_POINT; const ecdh: PEC_KEY): TIdC_INT; cdecl;
 
-  EC_KEY_METHOD_sign_sign = function(&type: TIdC_INT; const dgst: PByte; dlen: TIdC_INT; sig: PByte; siglen: PIdC_UINT; const kinv: PBIGNUM; const r: PBIGNUM; eckey: PEC_KEY): TIdC_INT; cdecl;
+  EC_KEY_METHOD_sign_sign = function(type_: TIdC_INT; const dgst: PByte; dlen: TIdC_INT; sig: PByte; siglen: PIdC_UINT; const kinv: PBIGNUM; const r: PBIGNUM; eckey: PEC_KEY): TIdC_INT; cdecl;
   EC_KEY_METHOD_sign_sign_setup = function(eckey: PEC_KEY; ctx_in: PBN_CTX; kinvp: PPBIGNUM; rp: PPBIGNUM): TIdC_INT; cdecl;
   EC_KEY_METHOD_sign_sign_sig = function(const dgst: PByte; dgst_len: TIdC_INT; const in_kinv: PBIGNUM; const in_r: PBIGNUM; eckey: PEC_KEY): PECDSA_SIG; cdecl;
 
-  EC_KEY_METHOD_verify_verify = function(&type: TIdC_INT; const dgst: PByte; dgst_len: TIdC_INT; const sigbuf: PByte; sig_len: TIdC_INT; eckey: PEC_KEY): TIdC_INT; cdecl;
+  EC_KEY_METHOD_verify_verify = function(type_: TIdC_INT; const dgst: PByte; dgst_len: TIdC_INT; const sigbuf: PByte; sig_len: TIdC_INT; eckey: PEC_KEY): TIdC_INT; cdecl;
   EC_KEY_METHOD_verify_verify_sig = function(const dgst: PByte; dgst_len: TIdC_INT; const sig: PECDSA_SIG; eckey: PEC_KEY): TIdC_INT; cdecl;
 
   PEC_KEY_METHOD_init_init = ^EC_KEY_METHOD_init_init;
@@ -308,8 +308,8 @@   EC_builtin_curve = record
   function EC_KEY_set_method(key: PEC_KEY; const meth: PEC_KEY_METHOD): TIdC_INT;
   function EC_KEY_new_method(engine: PENGINE): PEC_KEY;
 
-  function ECDH_KDF_X9_62(&out: PByte; outlen: TIdC_SIZET; const Z: PByte; Zlen: TIdC_SIZET; const sinfo: PByte; sinfolen: TIdC_SIZET; const md: PEVP_MD): TIdC_INT;
-  function ECDH_compute_key(&out: Pointer; oulen: TIdC_SIZET; const pub_key: PEC_POINT; const ecdh: PEC_KEY; kdf: ECDH_compute_key_KDF): TIdC_INT;
+  function ECDH_KDF_X9_62(out_: PByte; outlen: TIdC_SIZET; const Z: PByte; Zlen: TIdC_SIZET; const sinfo: PByte; sinfolen: TIdC_SIZET; const md: PEVP_MD): TIdC_INT;
+  function ECDH_compute_key(out_: Pointer; oulen: TIdC_SIZET; const pub_key: PEC_POINT; const ecdh: PEC_KEY; kdf: ECDH_compute_key_KDF): TIdC_INT;
 
   function ECDSA_SIG_new: PECDSA_SIG;
   procedure ECDSA_SIG_free(sig: PECDSA_SIG);
@@ -323,9 +323,9 @@   EC_builtin_curve = record
   function ECDSA_do_sign_ex(const dgst: PByte; dgst_len: TIdC_INT; const kinv: PBIGNUM; const rp: PBIGNUM; eckey: PEC_KEY): PECDSA_SIG;
   function ECDSA_do_verify(const dgst: PByte; dgst_len: TIdC_INT; const sig: PECDSA_SIG; eckey: PEC_KEY): TIdC_INT;
   function ECDSA_sign_setup(eckey: PEC_KEY; ctx: PBN_CTX; kiv: PPBIGNUM; rp: PPBIGNUM): TIdC_INT;
-  function ECDSA_sign(&type: TIdC_INT; const dgst: PByte; dgstlen: TIdC_INT; sig: PByte; siglen: PIdC_UINT; eckey: PEC_KEY): TIdC_INT;
-  function ECDSA_sign_ex(&type: TIdC_INT; const dgst: PByte; dgstlen: TIdC_INT; sig: PByte; siglen: PIdC_UINT; const kinv: PBIGNUM; const rp: PBIGNUM; eckey: PEC_KEY): TIdC_INT;
-  function ECDSA_verify(&type: TIdC_INT; const dgst: PByte; dgstlen: TIdC_INT; const sig: PByte; siglen: TIdC_INT; eckey: PEC_KEY): TIdC_INT;
+  function ECDSA_sign(type_: TIdC_INT; const dgst: PByte; dgstlen: TIdC_INT; sig: PByte; siglen: PIdC_UINT; eckey: PEC_KEY): TIdC_INT;
+  function ECDSA_sign_ex(type_: TIdC_INT; const dgst: PByte; dgstlen: TIdC_INT; sig: PByte; siglen: PIdC_UINT; const kinv: PBIGNUM; const rp: PBIGNUM; eckey: PEC_KEY): TIdC_INT;
+  function ECDSA_verify(type_: TIdC_INT; const dgst: PByte; dgstlen: TIdC_INT; const sig: PByte; siglen: TIdC_INT; eckey: PEC_KEY): TIdC_INT;
   function ECDSA_size(const eckey: PEC_KEY): TIdC_INT;
 
   function EC_KEY_METHOD_new(const meth: PEC_KEY_METHOD): PEC_KEY_METHOD;
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_evp.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_evp.pas
index 73840eb16..915ad5d4f 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_evp.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_evp.pas
@@ -435,20 +435,20 @@   evp_cipher_info_st = record
   pub_decode = function(pk: PEVP_PKEY; pub: PX509_PUBKEY): TIdC_INT; cdecl;
   pub_encode = function(pub: PX509_PUBKEY; const pk: PEVP_PKEY): TIdC_INT; cdecl;
   pub_cmd = function(const a: PEVP_PKEY; const b: PEVP_PKEY): TIdC_INT; cdecl;
-  pub_print = function(&out: PBIO; const pkey: PEVP_PKEY; indent: TIdC_INT; pctx: PASN1_PCTX): TIdC_INT; cdecl;
+  pub_print = function(out_: PBIO; const pkey: PEVP_PKEY; indent: TIdC_INT; pctx: PASN1_PCTX): TIdC_INT; cdecl;
   pkey_size = function(const pk: PEVP_PKEY): TIdC_INT; cdecl;
   pkey_bits = function(const pk: PEVP_PKEY): TIdC_INT; cdecl;
 
   priv_decode = function(pk: PEVP_PKEY; const p8inf: PKCS8_PRIV_KEY_INFO): TIdC_INT; cdecl;
   priv_encode = function(p8: PPKCS8_PRIV_KEY_INFO; const pk: PEVP_PKEY): TIdC_INT; cdecl;
-  priv_print = function(&out: PBIO; const pkea: PEVP_PKEY; indent: TIdC_INT; pctx: PASN1_PCTX): TIdC_INT; cdecl;
+  priv_print = function(out_: PBIO; const pkea: PEVP_PKEY; indent: TIdC_INT; pctx: PASN1_PCTX): TIdC_INT; cdecl;
 
   param_decode = function(pkey: PEVP_PKEY; const pder: PPByte; derlen: TIdC_INT): TIdC_INT; cdecl;
   param_encode = function(const pkey: PEVP_PKEY; pder: PPByte): TIdC_INT; cdecl;
   param_missing = function(const pk: PEVP_PKEY): TIdC_INT; cdecl;
   param_copy = function(&to: PEVP_PKEY; const from: PEVP_PKEY): TIdC_INT; cdecl;
   param_cmp = function(const a: PEVP_PKEY; const b: PEVP_PKEY): TIdC_INT; cdecl;
-  param_print = function(&out: PBIO; const pkey: PEVP_PKEY; indent: TIdC_INT; pctx: PASN1_PCTX): TIdC_INT; cdecl;
+  param_print = function(out_: PBIO; const pkey: PEVP_PKEY; indent: TIdC_INT; pctx: PASN1_PCTX): TIdC_INT; cdecl;
 
   pkey_free = procedure(pkey: PEVP_PKEY); cdecl;
   pkey_ctrl = function(pkey: PEVP_PKEY; op: TIdC_INT; arg1: TIdC_LONG; arg2: Pointer): TIdC_INT; cdecl;
@@ -647,7 +647,7 @@ function EVP_PKEY_assign_POLY1305(pkey: PEVP_PKEY; polykey: Pointer): TIdC_INT;
   function EVP_CIPHER_CTX_buf_noconst(ctx: PEVP_CIPHER_CTX): PByte;
   function EVP_CIPHER_CTX_num(const ctx: PEVP_CIPHER_CTX): TIdC_INT;
   procedure EVP_CIPHER_CTX_set_num(ctx: PEVP_CIPHER_CTX; num: TIdC_INT);
-  function EVP_CIPHER_CTX_copy(&out: PEVP_CIPHER_CTX; const in_: PEVP_CIPHER_CTX): TIdC_INT;
+  function EVP_CIPHER_CTX_copy(out_: PEVP_CIPHER_CTX; const in_: PEVP_CIPHER_CTX): TIdC_INT;
   function EVP_CIPHER_CTX_get_app_data(const ctx: PEVP_CIPHER_CTX): Pointer;
   procedure EVP_CIPHER_CTX_set_app_data(ctx: PEVP_CIPHER_CTX; data: Pointer);
   function EVP_CIPHER_CTX_get_cipher_data(const ctx: PEVP_CIPHER_CTX): Pointer;
@@ -694,7 +694,7 @@ function EVP_PKEY_assign_POLY1305(pkey: PEVP_PKEY; polykey: Pointer): TIdC_INT;
   //# define EVP_MD_CTX_create()     EVP_MD_CTX_new()
   //# define EVP_MD_CTX_init(ctx)    EVP_MD_CTX_reset((ctx))
   //# define EVP_MD_CTX_destroy(ctx) EVP_MD_CTX_free((ctx))
-  function EVP_MD_CTX_copy_ex(&out: PEVP_MD_CTX; const in_: PEVP_MD_CTX): TIdC_INT;
+  function EVP_MD_CTX_copy_ex(out_: PEVP_MD_CTX; const in_: PEVP_MD_CTX): TIdC_INT;
   procedure EVP_MD_CTX_set_flags(ctx: PEVP_MD_CTX; flags: TIdC_INT);
   procedure EVP_MD_CTX_clear_flags(ctx: PEVP_MD_CTX; flags: TIdC_INT);
   function EVP_MD_CTX_test_flags(const ctx: PEVP_MD_CTX; flags: TIdC_INT): TIdC_INT;
@@ -703,7 +703,7 @@ function EVP_PKEY_assign_POLY1305(pkey: PEVP_PKEY; polykey: Pointer): TIdC_INT;
   function EVP_DigestFinal_ex(ctx: PEVP_MD_CTX; md: PByte; s: PIdC_UINT): TIdC_INT;
   function EVP_Digest(const data: Pointer; count: TIdC_SIZET; md: PByte; size: PIdC_UINT; const type_: PEVP_MD; impl: PENGINE): TIdC_INT;
 
-  function EVP_MD_CTX_copy(&out: PEVP_MD_CTX; const in_: PEVP_MD_CTX): TIdC_INT;
+  function EVP_MD_CTX_copy(out_: PEVP_MD_CTX; const in_: PEVP_MD_CTX): TIdC_INT;
   function EVP_DigestInit(ctx: PEVP_MD_CTX; const type_: PEVP_MD): TIdC_INT;
   function EVP_DigestFinal(ctx: PEVP_MD_CTX; md: PByte; s: PIdC_UINT): TIdC_INT;
   function EVP_DigestFinalXOF(ctx: PEVP_MD_CTX; md: PByte; len: TIdC_SIZET): TIdC_INT;
@@ -720,13 +720,13 @@ function EVP_PKEY_assign_POLY1305(pkey: PEVP_PKEY; polykey: Pointer): TIdC_INT;
 
   function EVP_EncryptInit(ctx: PEVP_CIPHER_CTX; const cipher: PEVP_CIPHER; const key: PByte; const iv: PByte): TIdC_INT;
   function EVP_EncryptInit_ex(ctx: PEVP_CIPHER_CTX; const cipher: PEVP_CIPHER; impl: PENGINE; const key: PByte; const iv: PByte): TIdC_INT;
-  function EVP_EncryptUpdate(ctx: PEVP_CIPHER_CTX; out_: PByte; out1: PIdC_INT; const in_: PByte; &in1: TIdC_INT): TIdC_INT;
+  function EVP_EncryptUpdate(ctx: PEVP_CIPHER_CTX; out_: PByte; out1: PIdC_INT; const in_: PByte; in_1: TIdC_INT): TIdC_INT;
   function EVP_EncryptFinal_ex(ctx: PEVP_CIPHER_CTX; out_: PByte; out1: PIdC_INT): TIdC_INT;
   function EVP_EncryptFinal(ctx: PEVP_CIPHER_CTX; out_: PByte; out1: PIdC_INT): TIdC_INT;
 
   function EVP_DecryptInit(ctx: PEVP_CIPHER_CTX; out_: PByte; out1: PidC_INT): TIdC_INT;
   function EVP_DecryptInit_ex(ctx: PEVP_CIPHER_CTX; const cipher: PEVP_CIPHER; impl: PENGINE; const key: PByte; const iv: PByte): TIdC_INT;
-  function EVP_DecryptUpdate(ctx: PEVP_CIPHER_CTX; out_: PByte; out1: PIdC_INT; const in_: PByte; &in1: TIdC_INT): TIdC_INT;
+  function EVP_DecryptUpdate(ctx: PEVP_CIPHER_CTX; out_: PByte; out1: PIdC_INT; const in_: PByte; in_1: TIdC_INT): TIdC_INT;
   function EVP_DecryptFinal(ctx: PEVP_CIPHER_CTX; outm: PByte; out1: PIdC_INT): TIdC_INT;
   function EVP_DecryptFinal_ex(ctx: PEVP_MD_CTX; outm: PByte; out1: PIdC_INT): TIdC_INT;
 
@@ -994,7 +994,7 @@ function EVP_PKEY_assign_POLY1305(pkey: PEVP_PKEY; polykey: Pointer): TIdC_INT;
 
   function EVP_PKEY_decrypt_old(dec_key: PByte; const enc_key: PByte; enc_key_len: TIdC_INT; private_key: PEVP_PKEY): TIdC_INT;
   function EVP_PKEY_encrypt_old(dec_key: PByte; const enc_key: PByte; key_len: TIdC_INT; pub_key: PEVP_PKEY): TIdC_INT;
-  function EVP_PKEY_type(&type: TIdC_INT): TIdC_INT;
+  function EVP_PKEY_type(type_: TIdC_INT): TIdC_INT;
   function EVP_PKEY_id(const pkey: PEVP_PKEY): TIdC_INT;
   function EVP_PKEY_base_id(const pkey: PEVP_PKEY): TIdC_INT;
   function EVP_PKEY_bits(const pkey: PEVP_PKEY): TIdC_INT;
@@ -1033,10 +1033,10 @@ function EVP_PKEY_assign_POLY1305(pkey: PEVP_PKEY; polykey: Pointer): TIdC_INT;
   function EVP_PKEY_up_ref(pkey: PEVP_PKEY): TIdC_INT;
   procedure EVP_PKEY_free(pkey: PEVP_PKEY);
 
-  function d2i_PublicKey(&type: TIdC_INT; a: PPEVP_PKEY; const pp: PPByte; length: TIdC_LONG): PEVP_PKEY;
+  function d2i_PublicKey(type_: TIdC_INT; a: PPEVP_PKEY; const pp: PPByte; length: TIdC_LONG): PEVP_PKEY;
   function i2d_PublicKey(a: PEVP_PKEY; pp: PPByte): TIdC_INT;
 
-  function d2i_PrivateKey(&type: TIdC_INT; a: PEVP_PKEY; const pp: PPByte; length: TIdC_LONG): PEVP_PKEY;
+  function d2i_PrivateKey(type_: TIdC_INT; a: PEVP_PKEY; const pp: PPByte; length: TIdC_LONG): PEVP_PKEY;
   function d2i_AutoPrivateKey(a: PPEVP_PKEY; const pp: PPByte; length: TIdC_LONG): PEVP_PKEY;
   function i2d_PrivateKey(a: PEVP_PKEY; pp: PPByte): TIdC_INT;
 
@@ -1047,9 +1047,9 @@ function EVP_PKEY_assign_POLY1305(pkey: PEVP_PKEY; polykey: Pointer): TIdC_INT;
 
   function EVP_PKEY_cmp(const a: PEVP_PKEY; const b: PEVP_PKEY): TIdC_INT;
 
-  function EVP_PKEY_print_public(&out: PBIO; const pkey: PEVP_PKEY; indent: TIdC_INT; pctx: PASN1_PCTX): TIdC_INT;
-  function EVP_PKEY_print_private(&out: PBIO; const pkey: PEVP_PKEY; indent: TIdC_INT; pctx: PASN1_PCTX): TIdC_INT;
-  function EVP_PKEY_print_params(&out: PBIO; const pkey: PEVP_PKEY; indent: TIdC_INT; pctx: PASN1_PCTX): TIdC_INT;
+  function EVP_PKEY_print_public(out_: PBIO; const pkey: PEVP_PKEY; indent: TIdC_INT; pctx: PASN1_PCTX): TIdC_INT;
+  function EVP_PKEY_print_private(out_: PBIO; const pkey: PEVP_PKEY; indent: TIdC_INT; pctx: PASN1_PCTX): TIdC_INT;
+  function EVP_PKEY_print_params(out_: PBIO; const pkey: PEVP_PKEY; indent: TIdC_INT; pctx: PASN1_PCTX): TIdC_INT;
 
   function EVP_PKEY_get_default_digest_nid(pkey: PEVP_PKEY; pnid: PIdC_INT): TIdC_INT;
 
@@ -1083,7 +1083,7 @@ function EVP_PKEY_assign_POLY1305(pkey: PEVP_PKEY; polykey: Pointer): TIdC_INT;
   (* PBE type *)
   function EVP_PBE_alg_add_type(pbe_type: TIdC_INT; pbe_nid: TIdC_INT; cipher_nid: TIdC_INT; md_nid: TIdC_INT; keygen: PEVP_PBE_KEYGEN): TIdC_INT;
   function EVP_PBE_alg_add(nid: TIdC_INT; const cipher: PEVP_CIPHER; const md: PEVP_MD; keygen: PEVP_PBE_KEYGEN): TIdC_INT;
-  function EVP_PBE_find(&type: TIdC_INT; pbe_nid: TIdC_INT; pcnid: PIdC_INT; pmnid: PIdC_INT; pkeygen: PPEVP_PBE_KEYGEN): TIdC_INT;
+  function EVP_PBE_find(type_: TIdC_INT; pbe_nid: TIdC_INT; pcnid: PIdC_INT; pmnid: PIdC_INT; pkeygen: PPEVP_PBE_KEYGEN): TIdC_INT;
   procedure EVP_PBE_cleanup;
   function EVP_PBE_get(ptype: PIdC_INT; ppbe_nid: PIdC_INT; num: TIdC_SIZET): TIdC_INT;
 
@@ -1123,7 +1123,7 @@ function EVP_PKEY_assign_POLY1305(pkey: PEVP_PKEY; polykey: Pointer): TIdC_INT;
 
   procedure EVP_PKEY_asn1_set_security_bits(ameth: PEVP_PKEY_ASN1_METHOD; APkey_security_bits: pkey_security_bits);
 
-  function EVP_PKEY_meth_find(&type: TIdC_INT): PEVP_PKEY_METHOD;
+  function EVP_PKEY_meth_find(type_: TIdC_INT): PEVP_PKEY_METHOD;
   function EVP_PKEY_meth_new(id: TIdC_INT; flags: TIdC_INT): PEVP_PKEY_METHOD;
   procedure EVP_PKEY_meth_get0_info(ppkey_id: PIdC_INT; pflags: PIdC_INT; const meth: PEVP_PKEY_METHOD);
   procedure EVP_PKEY_meth_copy(dst: PEVP_PKEY_METHOD; const src: PEVP_PKEY_METHOD);
@@ -1150,9 +1150,9 @@ function EVP_PKEY_assign_POLY1305(pkey: PEVP_PKEY; polykey: Pointer): TIdC_INT;
   function EVP_PKEY_CTX_get_operation(ctx: PEVP_PKEY_CTX): TIdC_INT;
   procedure EVP_PKEY_CTX_set0_keygen_info(ctx: PEVP_PKEY_CTX; dat: PIdC_INT; datlen: TIdC_INT);
 
-  function EVP_PKEY_new_mac_key(&type: TIdC_INT; e: PENGINE; const key: PByte; keylen: TIdC_INT): PEVP_PKEY;
-  function EVP_PKEY_new_raw_private_key(&type: TIdC_INT; e: PENGINE; const priv: PByte; len: TIdC_SIZET): PEVP_PKEY;
-  function EVP_PKEY_new_raw_public_key(&type: TIdC_INT; e: PENGINE; const pub: PByte; len: TIdC_SIZET): PEVP_PKEY;
+  function EVP_PKEY_new_mac_key(type_: TIdC_INT; e: PENGINE; const key: PByte; keylen: TIdC_INT): PEVP_PKEY;
+  function EVP_PKEY_new_raw_private_key(type_: TIdC_INT; e: PENGINE; const priv: PByte; len: TIdC_SIZET): PEVP_PKEY;
+  function EVP_PKEY_new_raw_public_key(type_: TIdC_INT; e: PENGINE; const pub: PByte; len: TIdC_SIZET): PEVP_PKEY;
   function EVP_PKEY_get_raw_private_key(const pkey: PEVP_PKEY; priv: PByte; len: PIdC_SIZET): TIdC_INT;
   function EVP_PKEY_get_raw_public_key(const pkey: PEVP_PKEY; pub: PByte; len: PIdC_SIZET): TIdC_INT;
 
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_idea.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_idea.pas
index e2e34183c..7ff9d097b 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_idea.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_idea.pas
@@ -64,7 +64,7 @@   idea_key_st = record
   procedure IDEA_cbc_encrypt(const in_: PByte; out_: PByte; length: TIdC_LONG; ks: PIDEA_KEY_SCHEDULE; iv: PByte; enc: TIdC_INT);
   procedure IDEA_cfb64_encrypt(const in_: PByte; out_: PByte; length: TIdC_LONG; ks: PIDEA_KEY_SCHEDULE; iv: PByte; num: PIdC_INT; enc: TIdC_INT);
   procedure IDEA_ofb64_encrypt(const in_: PByte; out_: PByte; length: TIdC_LONG; ks: PIDEA_KEY_SCHEDULE; iv: PByte; num: PIdC_INT);
-  procedure IDEA_encrypt(&in: PIdC_LONG; ks: PIDEA_KEY_SCHEDULE);
+  procedure IDEA_encrypt(in_: PIdC_LONG; ks: PIDEA_KEY_SCHEDULE);
 
 implementation
 
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_objects.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_objects.pas
index 4e9e4358d..65581fb8f 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_objects.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_objects.pas
@@ -59,7 +59,7 @@   obj_name_st = record
   function OBJ_NAME_get(const name: PIdAnsiChar; type_: TIdC_INT): PIdAnsiChar;
   function OBJ_NAME_add(const name: PIdAnsiChar; type_: TIdC_INT; const data: PIdAnsiChar): TIdC_INT;
   function OBJ_NAME_remove(const name: PIdAnsiChar; type_: TIdC_INT): TIdC_INT;
-  procedure OBJ_NAME_cleanup(&type: TIdC_INT);
+  procedure OBJ_NAME_cleanup(type_: TIdC_INT);
 //  void OBJ_NAME_do_all(TIdC_INT type_; void (*fn) (const OBJ_NAME *; void *arg);
 //                       void *arg);
 //  void OBJ_NAME_do_all_sorted(TIdC_INT type_;
@@ -166,7 +166,7 @@   obj_name_st = record
   function OBJ_new_nid(num: TIdC_INT): TIdC_INT;
   function OBJ_add_object(const obj: PASN1_OBJECT): TIdC_INT;
   function OBJ_create(const oid: PIdAnsiChar; const sn: PIdAnsiChar; const ln: PIdAnsiChar): TIdC_INT;
-  function OBJ_create_objects(&in: PBIO): TIdC_INT;
+  function OBJ_create_objects(in_: PBIO): TIdC_INT;
 
   function OBJ_length(const obj: PASN1_OBJECT): TIdC_SIZET;
   function OBJ_get0_data(const obj: PASN1_OBJECT): PByte;
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_pem.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_pem.pas
index 9a609d430..21a0ba16f 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_pem.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_pem.pas
@@ -195,12 +195,12 @@ interface
 
   function b2i_PrivateKey(const in_: PPByte; length: TIdC_LONG): PEVP_PKEY;
   function b2i_PublicKey(const in_: PPByte; length: TIdC_LONG): PEVP_PKEY;
-  function b2i_PrivateKey_bio(&in: PBIO): PEVP_PKEY;
-  function b2i_PublicKey_bio(&in: PBIO): PEVP_PKEY;
-  function i2b_PrivateKey_bio(&out: PBIO; pk: PEVP_PKEY): TIdC_INT;
-  function i2b_PublicKey_bio(&out: PBIO; pk: PEVP_PKEY): TIdC_INT;
-  function b2i_PVK_bio(&in: PBIO; cb: pem_password_cb; u: Pointer): PEVP_PKEY;
-  function i2b_PVK_bio(&out: PBIO; pk: PEVP_PKEY; enclevel: TIdC_INT; cb: pem_password_cb; u: Pointer): TIdC_INT;
+  function b2i_PrivateKey_bio(in_: PBIO): PEVP_PKEY;
+  function b2i_PublicKey_bio(in_: PBIO): PEVP_PKEY;
+  function i2b_PrivateKey_bio(out_: PBIO; pk: PEVP_PKEY): TIdC_INT;
+  function i2b_PublicKey_bio(out_: PBIO; pk: PEVP_PKEY): TIdC_INT;
+  function b2i_PVK_bio(in_: PBIO; cb: pem_password_cb; u: Pointer): PEVP_PKEY;
+  function i2b_PVK_bio(out_: PBIO; pk: PEVP_PKEY; enclevel: TIdC_INT; cb: pem_password_cb; u: Pointer): TIdC_INT;
 
 implementation
 
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_pkcs7.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_pkcs7.pas
index 2d57bf44a..2a2669d5d 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_pkcs7.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_pkcs7.pas
@@ -215,8 +215,8 @@   pkcs7_digest_st = record
   function PKCS7_dup(p7: PPKCS7): PPKCS7;
   function d2i_PKCS7_bio(bp: PBIO; p7: PPPKCS7): PPKCS7;
   function i2d_PKCS7_bio(bp: PBIO; p7: PPKCS7): TIdC_INT;
-  function i2d_PKCS7_bio_stream(&out: PBIO; p7: PPKCS7; in_: PBIO; flags: TIdC_INT): TIdC_INT;
-  function PEM_write_bio_PKCS7_stream(&out: PBIO; p7: PPKCS7; in_: PBIO; flags: TIdC_INT): TIdC_INT;
+  function i2d_PKCS7_bio_stream(out_: PBIO; p7: PPKCS7; in_: PBIO; flags: TIdC_INT): TIdC_INT;
+  function PEM_write_bio_PKCS7_stream(out_: PBIO; p7: PPKCS7; in_: PBIO; flags: TIdC_INT): TIdC_INT;
 
 //  function PKCS7_SIGNER_INFO_new: PPKCS7_SIGNER_INFO;
 //  procedure PKCS7_SIGNER_INFO_free(a: PPKCS7_SIGNER_INFO);
@@ -277,7 +277,7 @@   pkcs7_digest_st = record
 //  function PKCS7_ATTR_VERIFY_it: PASN1_ITEM;
 //
 //  function i2d_PKCS7_NDEF(const a: PPKCS7; out_: PPByte): TIdC_INT;
-//  function PKCS7_print_ctx(&out: PBIO; const x: PPKCS7; indent: TIdC_INT; const pctx: PASN1_PCTX): TIdC_INT;
+//  function PKCS7_print_ctx(out_: PBIO; const x: PPKCS7; indent: TIdC_INT; const pctx: PASN1_PCTX): TIdC_INT;
 
   function PKCS7_ctrl(p7: PPKCS7; cmd: TIdC_INT; larg: TIdC_LONG; parg: PIdAnsiChar): TIdC_LONG;
 
@@ -340,7 +340,7 @@   pkcs7_digest_st = record
   function SMIME_write_PKCS7(bio: PBIO; p7: PPKCS7; data: PBIO; flags: TIdC_INT): TIdC_INT;
   function SMIME_read_PKCS7(bio: PBIO; bcont: PPBIO): PPKCS7;
 
-  function BIO_new_PKCS7(&out: PBIO; p7: PPKCS7): PBIO;
+  function BIO_new_PKCS7(out_: PBIO; p7: PPKCS7): PBIO;
 
 implementation
 
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_rsa.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_rsa.pas
index eba0b0e5e..73ebddaef 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_rsa.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_rsa.pas
@@ -174,7 +174,7 @@   rsa_oaep_params_st = record
 
   RSA_meth_set_finish_finish = function(rsa: PRSA): TIdC_INT; cdecl;
 
-  RSA_meth_set_sign_sign = function(&type: TIdC_INT; const m: PByte;
+  RSA_meth_set_sign_sign = function(type_: TIdC_INT; const m: PByte;
     m_length: TIdC_UINT; sigret: PByte; siglen: PIdC_UINT; const rsa: PRSA): TIdC_INT; cdecl;
 
   RSA_meth_set_verify_verify = function(dtype: TIdC_INT; const m: PByte;
@@ -324,15 +324,15 @@   rsa_oaep_params_st = record
    * The following 2 functions sign and verify a X509_SIG ASN1 object inside
    * PKCS#1 padded RSA encryption
    *)
-  function RSA_sign(&type: TIdC_INT; const m: PByte; m_length: TIdC_UINT; sigret: PByte; siglen: PIdC_UINT; rsa: PRSA): TIdC_INT;
-  function RSA_verify(&type: TIdC_INT; const m: PByte; m_length: TIdC_UINT; const sigbuf: PByte; siglen: TIdC_UINT; rsa: PRSA): TIdC_INT;
+  function RSA_sign(type_: TIdC_INT; const m: PByte; m_length: TIdC_UINT; sigret: PByte; siglen: PIdC_UINT; rsa: PRSA): TIdC_INT;
+  function RSA_verify(type_: TIdC_INT; const m: PByte; m_length: TIdC_UINT; const sigbuf: PByte; siglen: TIdC_UINT; rsa: PRSA): TIdC_INT;
 
   (*
    * The following 2 function sign and verify a ASN1_OCTET_STRING object inside
    * PKCS#1 padded RSA encryption
    *)
-  function RSA_sign_ASN1_OCTET_STRING(&type: TIdC_INT; const m: PByte; m_length: TIdC_UINT; sigret: PByte; siglen: PIdC_UINT; rsa: PRSA): TIdC_INT;
-  function RSA_verify_ASN1_OCTET_STRING(&type: TIdC_INT; const m: PByte; m_length: TIdC_UINT; sigbuf: PByte; siglen: TIdC_UINT; rsa: PRSA): TIdC_INT;
+  function RSA_sign_ASN1_OCTET_STRING(type_: TIdC_INT; const m: PByte; m_length: TIdC_UINT; sigret: PByte; siglen: PIdC_UINT; rsa: PRSA): TIdC_INT;
+  function RSA_verify_ASN1_OCTET_STRING(type_: TIdC_INT; const m: PByte; m_length: TIdC_UINT; sigbuf: PByte; siglen: TIdC_UINT; rsa: PRSA): TIdC_INT;
 
   function RSA_blinding_on(rsa: PRSA; ctx: PBN_CTX): TIdC_INT;
   procedure RSA_blinding_off(rsa: PRSA);
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ssl.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ssl.pas
index 3b523a2d7..539adfb79 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ssl.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ssl.pas
@@ -1598,7 +1598,7 @@ function SSL_get_max_proto_version(s: PSSL): TIdC_LONG;
   function SSL_SESSION_print_keylog(bp: PBIO; const x: PSSL_SESSION): TIdC_INT;
   function SSL_SESSION_up_ref(ses: PSSL_SESSION): TIdC_INT;
   procedure SSL_SESSION_free(ses: PSSL_SESSION);
-  //__owur TIdC_INT i2d_SSL_SESSION(SSL_SESSION *&in, Byte **pp);
+  //__owur TIdC_INT i2d_SSL_SESSION(SSL_SESSION *in_, Byte **pp);
   function SSL_set_session(&to: PSSL; session: PSSL_SESSION): TIdC_INT;
   function SSL_CTX_add_session(ctx: PSSL_CTX; session: PSSL_SESSION): TIdC_INT;
   function SSL_CTX_remove_session(ctx: PSSL_CTX; session: PSSL_SESSION): TIdC_INT;
@@ -2008,13 +2008,13 @@ function SSL_get_max_proto_version(s: PSSL): TIdC_LONG;
   //        ((void) SSL_CTX_set_validation_callback((ctx), NULL, NULL))
 
   ///*
-  // * The validation type enumerates the available behaviours of the built-&in SSL
+  // * The validation type enumerates the available behaviours of the built-in SSL
   // * CT validation callback selected via SSL_enable_ct() and SSL_CTX_enable_ct().
   // * The underlying callback is a static function in_ libssl.
   // */
 
   ///*
-  // * Enable CT by setting up a callback that implements one of the built-&in
+  // * Enable CT by setting up a callback that implements one of the built-in
   // * validation variants.  The SSL_CT_VALIDATION_PERMISSIVE variant always
   // * continues the handshake, the application can make appropriate decisions at
   // * handshake completion.  The SSL_CT_VALIDATION_STRICT variant requires at
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_txt_db.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_txt_db.pas
index 8ec32f4e8..a9193d278 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_txt_db.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_txt_db.pas
@@ -70,8 +70,8 @@   txt_db_st = record
   TXT_DB_create_index_qual = function(v1: POPENSSL_STRING): TIdC_INT;
 
 var
-  function TXT_DB_read(&in: PBIO; num: TIdC_INT): PTXT_DB;
-  function TXT_DB_write(&out: PBIO; db: PTXT_DB): TIdC_LONG;
+  function TXT_DB_read(in_: PBIO; num: TIdC_INT): PTXT_DB;
+  function TXT_DB_write(out_: PBIO; db: PTXT_DB): TIdC_LONG;
   //function TXT_DB_create_index(db: PTXT_DB; field: TIdC_INT; qual: TXT_DB_create_index_qual; hash: OPENSSL_LH_HashFunc; cmp: OPENSSL_LH_COMPFUNC): TIdC_INT;
   procedure TXT_DB_free(db: PTXT_DB);
   function TXT_DB_get_by_index(db: PTXT_DB; idx: TIdC_INT; value: POPENSSL_STRING): POPENSSL_STRING;
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_x509.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_x509.pas
index 2a950eb3f..12b714c8f 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_x509.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_x509.pas
@@ -370,7 +370,7 @@   SCRYPT_PARAMS_st = record
   function NETSCAPE_SPKI_get_pubkey(x: PNETSCAPE_SPKI): PEVP_PKEY;
   function NETSCAPE_SPKI_set_pubkey(x: PNETSCAPE_SPKI; pkey: PEVP_PKEY): TIdC_INT;
 
-  function NETSCAPE_SPKI_print(&out: PBIO; spki: PNETSCAPE_SPKI): TIdC_INT;
+  function NETSCAPE_SPKI_print(out_: PBIO; spki: PNETSCAPE_SPKI): TIdC_INT;
 
   function X509_signature_dump(bp: PBIO; const sig: PASN1_STRING; indent: TIdC_INT): TIdC_INT;
   function X509_signature_print(bp: PBIO; const alg: PX509_ALGOR; const sig: PASN1_STRING): TIdC_INT;
@@ -771,7 +771,7 @@   SCRYPT_PARAMS_st = record
 
   function X509_CRL_cmp(const a: PX509_CRL; const b: PX509_CRL): TIdC_INT;
   function X509_CRL_match(const a: PX509_CRL; const b: PX509_CRL): TIdC_INT;
-  function X509_aux_print(&out: PBIO; x: PX509; indent: TIdC_INT): TIdC_INT;
+  function X509_aux_print(out_: PBIO; x: PX509; indent: TIdC_INT): TIdC_INT;
   //# ifndef OPENSSL_NO_STDIO
   //TIdC_INT X509_print_ex_fp(FILE *bp, X509 *x, unsigned TIdC_LONG nmflag,
   //                     unsigned TIdC_LONG cflag);
@@ -783,11 +783,11 @@   SCRYPT_PARAMS_st = record
   //# endif
 
   function X509_NAME_print(bp: PBIO; const name: PX509_NAME; obase: TIdC_INT): TIdC_INT;
-  function X509_NAME_print_ex(&out: PBIO; const nm: PX509_NAME; indent: TIdC_INT; flags: TIdC_ULONG): TIdC_INT;
+  function X509_NAME_print_ex(out_: PBIO; const nm: PX509_NAME; indent: TIdC_INT; flags: TIdC_ULONG): TIdC_INT;
   function X509_print_ex(bp: PBIO; x: PX509; nmflag: TIdC_ULONG; cflag: TIdC_ULONG): TIdC_INT;
   function X509_print(bp: PBIO; x: PX509): TIdC_INT;
   function X509_ocspid_print(bp: PBIO; x: PX509): TIdC_INT;
-  function X509_CRL_print_ex(&out: PBIO; x: PX509_CRL; nmflag: TIdC_ULONG): TIdC_INT;
+  function X509_CRL_print_ex(out_: PBIO; x: PX509_CRL; nmflag: TIdC_ULONG): TIdC_INT;
   function X509_CRL_print(bp: PBIO; x: PX509_CRL): TIdC_INT;
   function X509_REQ_print_ex(bp: PBIO; x: PX509_REQ; nmflag: TIdC_ULONG; cflag: TIdC_ULONG): TIdC_INT;
   function X509_REQ_print(bp: PBIO; req: PX509_REQ): TIdC_INT;
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_x509v3.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_x509v3.pas
index dc4037033..2830c5913 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_x509v3.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_x509v3.pas
@@ -686,7 +686,7 @@ //  IPAddressFamily_st = record
   //function s2i_ASN1_IA5STRING(method: PX509V3_EXT_METHOD; ctx: PX509V3_CTX; const str: PIdAnsiChar): PASN1_IA5STRING;
 
 //  STACK_OF(CONF_VALUE) *i2v_GENERAL_NAME(method: PX509V3_EXT_METHOD; gen: PGENERAL_NAME; STACK_OF(CONF_VALUE) *ret);
-  function GENERAL_NAME_print(&out: PBIO; gen: PGENERAL_NAME): TIdC_INT;
+  function GENERAL_NAME_print(out_: PBIO; gen: PGENERAL_NAME): TIdC_INT;
 
 //  DECLARE_ASN1_FUNCTIONS(GENERAL_NAMES)
 
@@ -741,10 +741,10 @@ //  IPAddressFamily_st = record
 //  DECLARE_ASN1_ALLOC_FUNCTIONS(POLICY_CONSTRAINTS)
 //  DECLARE_ASN1_ITEM(POLICY_CONSTRAINTS)
 
-  //function a2i_GENERAL_NAME(&out: PGENERAL_NAME; const method: PX509V3_EXT_METHOD; ctx: PX509V3_CTX; TIdC_INT gen_type; const value: PIdAnsiChar; is_nc: TIdC_INT): GENERAL_NAME;
+  //function a2i_GENERAL_NAME(out_: PGENERAL_NAME; const method: PX509V3_EXT_METHOD; ctx: PX509V3_CTX; TIdC_INT gen_type; const value: PIdAnsiChar; is_nc: TIdC_INT): GENERAL_NAME;
 
   //function v2i_GENERAL_NAME(const method: PX509V3_EXT_METHOD; ctx: PX509V3_CTX; cnf: PCONF_VALUE): PGENERAL_NAME;
-  //function v2i_GENERAL_NAME_ex(&out: PGENERAL_NAME; const method: PX509V3_EXT_METHOD; ctx: PX509V3_CTX; cnf: PCONF_VALUE; is_nc: TIdC_INT): PGENERAL_NAME;
+  //function v2i_GENERAL_NAME_ex(out_: PGENERAL_NAME; const method: PX509V3_EXT_METHOD; ctx: PX509V3_CTX; cnf: PCONF_VALUE; is_nc: TIdC_INT): PGENERAL_NAME;
   //procedure X509V3_conf_free(val: PCONF_VALUE);
 
   function X509V3_EXT_nconf_nid(conf: PCONF; ctx: PX509V3_CTX; ext_nid: TIdC_INT; const value: PIdAnsiChar): PX509_EXTENSION;
@@ -800,9 +800,9 @@ //  IPAddressFamily_st = record
   function X509V3_EXT_i2d(ext_nid: TIdC_INT; crit: TIdC_INT; ext_struc: Pointer): PX509_EXTENSION;
 //  TIdC_INT X509V3_add1_i2d(STACK_OF(X509_EXTENSION) **x; nid: TIdC_INT; value: Pointer; crit: TIdC_INT; TIdC_ULONG flags);
 
-//  void X509V3_EXT_val_prn(&out: PBIO; STACK_OF(CONF_VALUE) *val; indent: TIdC_INT; TIdC_INT ml);
-  function X509V3_EXT_print(&out: PBIO; ext: PX509_EXTENSION; flag: TIdC_ULONG; indent: TIdC_INT): TIdC_INT;
-//  TIdC_INT X509V3_extensions_print(&out: PBIO; const PIdAnsiChar *title; const STACK_OF(X509_EXTENSION) *exts; flag: TIdC_ULONG; indent: TIdC_INT);
+//  void X509V3_EXT_val_prn(out_: PBIO; STACK_OF(CONF_VALUE) *val; indent: TIdC_INT; TIdC_INT ml);
+  function X509V3_EXT_print(out_: PBIO; ext: PX509_EXTENSION; flag: TIdC_ULONG; indent: TIdC_INT): TIdC_INT;
+//  TIdC_INT X509V3_extensions_print(out_: PBIO; const PIdAnsiChar *title; const STACK_OF(X509_EXTENSION) *exts; flag: TIdC_ULONG; indent: TIdC_INT);
 
   function X509_check_ca(x: PX509): TIdC_INT;
   function X509_check_purpose(x: PX509; id: TIdC_INT; ca: TIdC_INT): TIdC_INT;
@@ -847,7 +847,7 @@ //  IPAddressFamily_st = record
   function a2i_IPADDRESS_NC(const ipasc: PIdAnsiChar): PASN1_OCTET_STRING;
 //  TIdC_INT X509V3_NAME_from_section(X509_NAME *nm; STACK_OF(CONF_VALUE) *dn_sk; TIdC_ULONG chtype);
 
-  procedure X509_POLICY_NODE_print(&out: PBIO; node: PX509_POLICY_NODE; indent: TIdC_INT);
+  procedure X509_POLICY_NODE_print(out_: PBIO; node: PX509_POLICY_NODE; indent: TIdC_INT);
 //  DEFINE_STACK_OF(X509_POLICY_NODE)
 
   (*
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_asn1.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_asn1.pas
index 6d5a93c8b..1a290ef36 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_asn1.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_asn1.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 28.10.2020 15:24:13
+// Generation date: 23.07.2021 14:40:17
 
 unit IdOpenSSLHeaders_asn1;
 
@@ -403,7 +403,7 @@   asn1_string_table_st = record
    * would be used when a function takes an ASN1_ITEM * argument.
    *
    *)
-		
+
 // # ifndef OPENSSL_EXPORT_VAR_AS_FUNCTION
 
 ///(* ASN1_ITEM pointer exported type *)
@@ -493,7 +493,7 @@ procedure UnLoad;
   ASN1_STRING_clear_free: procedure(a: PASN1_STRING) cdecl = nil;
   ASN1_STRING_copy: function(dst: PASN1_STRING; const str: PASN1_STRING): TIdC_INT cdecl = nil;
   ASN1_STRING_dup: function(const a: PASN1_STRING): PASN1_STRING cdecl = nil;
-  ASN1_STRING_type_new: function(&type: TIdC_INT): PASN1_STRING cdecl = nil;
+  ASN1_STRING_type_new: function(type_: TIdC_INT): PASN1_STRING cdecl = nil;
   ASN1_STRING_cmp: function(const a: PASN1_STRING; const b: PASN1_STRING): TIdC_INT cdecl = nil;
 
   (*
@@ -513,7 +513,7 @@ procedure UnLoad;
   ASN1_BIT_STRING_get_bit: function(const a: PASN1_BIT_STRING; n: TIdC_INT): TIdC_INT cdecl = nil;
   ASN1_BIT_STRING_check: function(const a: PASN1_BIT_STRING; const flags: PByte; flags_len: TIdC_INT): TIdC_INT cdecl = nil;
 
-  ASN1_BIT_STRING_name_print: function(&out: PBIO; bs: PASN1_BIT_STRING; tbl: PBIT_STRING_BITNAME; indent: TIdC_INT): TIdC_INT cdecl = nil;
+  ASN1_BIT_STRING_name_print: function(out_: PBIO; bs: PASN1_BIT_STRING; tbl: PBIT_STRING_BITNAME; indent: TIdC_INT): TIdC_INT cdecl = nil;
   ASN1_BIT_STRING_num_asc: function(const name: PIdAnsiChar; tbl: PBIT_STRING_BITNAME): TIdC_INT cdecl = nil;
   ASN1_BIT_STRING_set_asc: function(bs: PASN1_BIT_STRING; const name: PIdAnsiChar; value: TIdC_INT; tbl: PBIT_STRING_BITNAME): TIdC_INT cdecl = nil;
 
@@ -585,7 +585,7 @@ procedure UnLoad;
   i2a_ASN1_STRING: function(bp: PBIO; const a: PASN1_STRING; type_: TIdC_INT): TIdC_INT cdecl = nil;
   i2t_ASN1_OBJECT: function(buf: PAnsiChar; buf_len: TIdC_INT; const a: PASN1_OBJECT): TIdC_INT cdecl = nil;
 
-  a2d_ASN1_OBJECT: function(&out: PByte; olen: TIdC_INT; const buf: PIdAnsiChar; num: TIdC_INT): TIdC_INT cdecl = nil;
+  a2d_ASN1_OBJECT: function(out_: PByte; olen: TIdC_INT; const buf: PIdAnsiChar; num: TIdC_INT): TIdC_INT cdecl = nil;
   ASN1_OBJECT_create: function(nid: TIdC_INT; data: PByte; len: TIdC_INT; const sn: PAnsiChar; const ln: PAnsiChar): PASN1_OBJECT cdecl = nil;
 
   ASN1_INTEGER_get_int64: function(pr: PIdC_Int64; const a: PASN1_INTEGER): TIdC_INT cdecl = nil;
@@ -668,7 +668,7 @@ procedure UnLoad;
   //function ASN1_STRING_print_ex_fp(&fp: PFILE; const str: PASN1_STRING; flags: TIdC_ULONG): TIdC_INT;
   //# endif
 
-  ASN1_STRING_to_UTF8: function(&out: PPByte; const in_: PASN1_STRING): TIdC_INT cdecl = nil;
+  ASN1_STRING_to_UTF8: function(out_: PPByte; const in_: PASN1_STRING): TIdC_INT cdecl = nil;
 
   //void *ASN1_d2i_bio(void *(*xnew) (void), d2i_of_void *d2i, BIO *in, void **x);
 
@@ -696,7 +696,7 @@ procedure UnLoad;
   ASN1_GENERALIZEDTIME_print: function(fp: PBIO; const a: PASN1_GENERALIZEDTIME): TIdC_INT cdecl = nil;
   ASN1_TIME_print: function(fp: PBIO; const a: PASN1_TIME): TIdC_INT cdecl = nil;
   ASN1_STRING_print: function(bp: PBIO; const v: PASN1_STRING): TIdC_INT cdecl = nil;
-  ASN1_STRING_print_ex: function(&out: PBIO; const str: PASN1_STRING; flags: TIdC_ULONG): TIdC_INT cdecl = nil;
+  ASN1_STRING_print_ex: function(out_: PBIO; const str: PASN1_STRING; flags: TIdC_ULONG): TIdC_INT cdecl = nil;
   ASN1_buf_print: function(bp: PBIO; const buf: PByte; buflen: TIdC_SIZET; off: TIdC_INT): TIdC_INT cdecl = nil;
   ASN1_bn_print: function(bp: PBIO; const number: PIdAnsiChar; const num: PBIGNUM; buf: PByte; off: TIdC_INT): TIdC_INT cdecl = nil;
   ASN1_parse: function(bp: PBIO; const pp: PByte; len: TIdC_LONG; indent: TIdC_INT): TIdC_INT cdecl = nil;
@@ -719,10 +719,10 @@ procedure UnLoad;
   ASN1_STRING_set_default_mask: procedure(mask: TIdC_ULONG) cdecl = nil;
   ASN1_STRING_set_default_mask_asc: function(const p: PAnsiChar): TIdC_INT cdecl = nil;
   ASN1_STRING_get_default_mask: function: TIdC_ULONG cdecl = nil;
-  ASN1_mbstring_copy: function(&out: PPASN1_STRING; const in_: PByte; len: TIdC_INT; inform: TIdC_INT; mask: TIdC_ULONG): TIdC_INT cdecl = nil;
-  ASN1_mbstring_ncopy: function(&out: PPASN1_STRING; const in_: PByte; len: TIdC_INT; inform: TIdC_INT; mask: TIdC_ULONG; minsize: TIdC_LONG; maxsize: TIdC_LONG): TIdC_INT cdecl = nil;
+  ASN1_mbstring_copy: function(out_: PPASN1_STRING; const in_: PByte; len: TIdC_INT; inform: TIdC_INT; mask: TIdC_ULONG): TIdC_INT cdecl = nil;
+  ASN1_mbstring_ncopy: function(out_: PPASN1_STRING; const in_: PByte; len: TIdC_INT; inform: TIdC_INT; mask: TIdC_ULONG; minsize: TIdC_LONG; maxsize: TIdC_LONG): TIdC_INT cdecl = nil;
 
-  ASN1_STRING_set_by_NID: function(&out: PPASN1_STRING; const in_: PByte; inlen: TIdC_INT; inform: TIdC_INT; nid: TIdC_INT): PASN1_STRING cdecl = nil;
+  ASN1_STRING_set_by_NID: function(out_: PPASN1_STRING; const in_: PByte; inlen: TIdC_INT; inform: TIdC_INT; nid: TIdC_INT): PASN1_STRING cdecl = nil;
   ASN1_STRING_TABLE_get: function(nid: TIdC_INT): PASN1_STRING_TABLE cdecl = nil;
   ASN1_STRING_TABLE_add: function(v1: TIdC_INT; v2: TIdC_LONG; v3: TIdC_LONG; v4: TIdC_ULONG; v5: TIdC_ULONG): TIdC_INT cdecl = nil;
   ASN1_STRING_TABLE_cleanup: procedure cdecl = nil;
@@ -743,7 +743,7 @@ procedure UnLoad;
   ASN1_generate_v3: function(const str: PAnsiChar; cnf: PX509V3_CTX): PASN1_TYPE cdecl = nil;
   ASN1_str2mask: function(const str: PByte; pmask: PIdC_ULONG): TIdC_INT cdecl = nil;
 
-  ASN1_item_print: function(&out: PBIO; ifld: PASN1_VALUE; indent: TIdC_INT; const it: PASN1_ITEM; const pctx: PASN1_PCTX): TIdC_INT cdecl = nil;
+  ASN1_item_print: function(out_: PBIO; ifld: PASN1_VALUE; indent: TIdC_INT; const it: PASN1_ITEM; const pctx: PASN1_PCTX): TIdC_INT cdecl = nil;
   ASN1_PCTX_new: function: PASN1_PCTX cdecl = nil;
   ASN1_PCTX_free: procedure(p: PASN1_PCTX) cdecl = nil;
   ASN1_PCTX_get_flags: function(const p: PASN1_PCTX): TIdC_ULONG cdecl = nil;
@@ -767,16 +767,16 @@ procedure UnLoad;
 
   BIO_f_asn1: function: PBIO_METHOD cdecl = nil;
 
-  BIO_new_NDEF: function(&out: PBIO; val: PASN1_VALUE; const it: PASN1_ITEM): PBIO cdecl = nil;
+  BIO_new_NDEF: function(out_: PBIO; val: PASN1_VALUE; const it: PASN1_ITEM): PBIO cdecl = nil;
 
-  i2d_ASN1_bio_stream: function(&out: PBIO; val: PASN1_VALUE; in_: PBIO; flags: TIdC_INT; const it: PASN1_ITEM): TIdC_INT cdecl = nil;
-  PEM_write_bio_ASN1_stream: function(&out: PBIO; val: PASN1_VALUE; in_: PBIO; flags: TIdC_INT; const hdr: PAnsiChar; const it: PASN1_ITEM): TIdC_INT cdecl = nil;
+  i2d_ASN1_bio_stream: function(out_: PBIO; val: PASN1_VALUE; in_: PBIO; flags: TIdC_INT; const it: PASN1_ITEM): TIdC_INT cdecl = nil;
+  PEM_write_bio_ASN1_stream: function(out_: PBIO; val: PASN1_VALUE; in_: PBIO; flags: TIdC_INT; const hdr: PAnsiChar; const it: PASN1_ITEM): TIdC_INT cdecl = nil;
   //function SMIME_write_ASN1(bio: PBIO; val: PASN1_VALUE; data: PBIO; flags: TIdC_INT;
   //                     ctype_nid: TIdC_INT; econt_nid: TIdC_INT;
   //                     STACK_OF(X509_ALGOR) *mdalgs, const ASN1_ITEM *it): TIdC_INT;
   SMIME_read_ASN1: function(bio: PBIO; bcont: PPBIO; const it: PASN1_ITEM): PASN1_VALUE cdecl = nil;
-  SMIME_crlf_copy: function(&in: PBIO; out_: PBIO; flags: TIdC_INT): TIdC_INT cdecl = nil;
-  SMIME_text: function(&in: PBIO; out_: PBIO): TIdC_INT cdecl = nil;
+  SMIME_crlf_copy: function(in_: PBIO; out_: PBIO; flags: TIdC_INT): TIdC_INT cdecl = nil;
+  SMIME_text: function(in_: PBIO; out_: PBIO): TIdC_INT cdecl = nil;
 
   ASN1_ITEM_lookup: function(const name: PIdAnsiChar): PASN1_ITEM cdecl = nil;
   ASN1_ITEM_get: function(i: TIdC_SIZET): PASN1_ITEM cdecl = nil;
@@ -823,6 +823,10 @@ procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
   ASN1_BIT_STRING_name_print := LoadFunction('ASN1_BIT_STRING_name_print', AFailed);
   ASN1_BIT_STRING_num_asc := LoadFunction('ASN1_BIT_STRING_num_asc', AFailed);
   ASN1_BIT_STRING_set_asc := LoadFunction('ASN1_BIT_STRING_set_asc', AFailed);
+  ASN1_INTEGER_new := LoadFunction('ASN1_INTEGER_new', AFailed);
+  ASN1_INTEGER_free := LoadFunction('ASN1_INTEGER_free', AFailed);
+  d2i_ASN1_INTEGER := LoadFunction('d2i_ASN1_INTEGER', AFailed);
+  i2d_ASN1_INTEGER := LoadFunction('i2d_ASN1_INTEGER', AFailed);
   d2i_ASN1_UINTEGER := LoadFunction('d2i_ASN1_UINTEGER', AFailed);
   ASN1_INTEGER_dup := LoadFunction('ASN1_INTEGER_dup', AFailed);
   ASN1_INTEGER_cmp := LoadFunction('ASN1_INTEGER_cmp', AFailed);
@@ -986,6 +990,10 @@ procedure UnLoad;
   ASN1_BIT_STRING_name_print := nil;
   ASN1_BIT_STRING_num_asc := nil;
   ASN1_BIT_STRING_set_asc := nil;
+  ASN1_INTEGER_new := nil;
+  ASN1_INTEGER_free := nil;
+  d2i_ASN1_INTEGER := nil;
+  i2d_ASN1_INTEGER := nil;
   d2i_ASN1_UINTEGER := nil;
   ASN1_INTEGER_dup := nil;
   ASN1_INTEGER_cmp := nil;
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_bio.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_bio.pas
index c826daf3a..da4188e1b 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_bio.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_bio.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 28.10.2020 15:24:13
+// Generation date: 23.07.2021 14:40:17
 
 unit IdOpenSSLHeaders_bio;
 
@@ -579,7 +579,7 @@ procedure UnLoad;
   BIO_get_retry_BIO: function(bio: PBIO; reason: TIdC_INT): PBIO cdecl = nil;
   BIO_get_retry_reason: function(bio: PBIO): TIdC_INT cdecl = nil;
   BIO_set_retry_reason: procedure(bio: PBIO; reason: TIdC_INT) cdecl = nil;
-  BIO_dup_chain: function(&in: PBIO): PBIO cdecl = nil;
+  BIO_dup_chain: function(in_: PBIO): PBIO cdecl = nil;
 
   BIO_nread0: function(bio: PBIO; buf: PPIdAnsiChar): TIdC_INT cdecl = nil;
   BIO_nread: function(bio: PBIO; buf: PPIdAnsiChar; num: TIdC_INT): TIdC_INT cdecl = nil;
@@ -633,7 +633,7 @@ procedure UnLoad;
 //  function BIO_dump_fp(fp: cFile; const s: PByte; len: TIdC_INT): TIdC_INT;
 //  function BIO_dump_indent_fp(fp: cFile; const s: PByte; len: TIdC_INT; indent: TIdC_INT): TIdC_INT;
 
-  BIO_hex_string: function(&out: PBIO; indent: TIdC_INT; width: TIdC_INT; data: PByte; datalen: TIdC_INT): TIdC_INT cdecl = nil;
+  BIO_hex_string: function(out_: PBIO; indent: TIdC_INT; width: TIdC_INT; data: PByte; datalen: TIdC_INT): TIdC_INT cdecl = nil;
 
   BIO_ADDR_new: function: PBIO_ADDR cdecl = nil;
   BIO_ADDR_rawmake: function(ap: PBIO_ADDR; familiy: TIdC_INT; const where: Pointer; wherelen: TIdC_SIZET; port: TIdC_SHORT): TIdC_INT cdecl = nil;
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_bn.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_bn.pas
index e89937698..07998dd19 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_bn.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_bn.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 28.10.2020 15:24:13
+// Generation date: 23.07.2021 14:40:17
 
 unit IdOpenSSLHeaders_bn;
 
@@ -417,7 +417,7 @@ procedure UnLoad;
 //int (*BN_nist_mod_func(const BIGNUM *p)) (BIGNUM *r, const BIGNUM *a,
 //                                          const BIGNUM *field, BN_CTX *ctx);
 
-  BN_generate_dsa_nonce: function(&out: PBIGNUM; range: PBIGNUM; priv: PBIGNUM; const message_: PByte; message_len: TIdC_SIZET; ctx: PBN_CTX): TIdC_INT cdecl = nil;
+  BN_generate_dsa_nonce: function(out_: PBIGNUM; range: PBIGNUM; priv: PBIGNUM; const message_: PByte; message_len: TIdC_SIZET; ctx: PBN_CTX): TIdC_INT cdecl = nil;
 
   (* Primes from RFC 2409 *)
   BN_get_rfc2409_prime_768: function(bn: PBIGNUM ): PBIGNUM cdecl = nil;
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_buffer.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_buffer.pas
index 5d9b32eb3..f245875e2 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_buffer.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_buffer.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 28.10.2020 15:24:13
+// Generation date: 23.07.2021 14:40:17
 
 unit IdOpenSSLHeaders_buffer;
 
@@ -66,7 +66,7 @@ procedure UnLoad;
   BUF_MEM_free: procedure(a: PBUF_MEM) cdecl = nil;
   BUF_MEM_grow: function(str: PBUF_MEM; len: TIdC_SIZET): TIdC_SIZET cdecl = nil;
   BUF_MEM_grow_clean: function(str: PBUF_MEM; len: TIdC_SIZET): TIdC_SIZET cdecl = nil;
-  BUF_reverse: procedure(&out: PByte; const in_: PByte; siz: TIdC_SIZET) cdecl = nil;
+  BUF_reverse: procedure(out_: PByte; const in_: PByte; siz: TIdC_SIZET) cdecl = nil;
 
 implementation
 
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_cms.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_cms.pas
index 345de1e4b..a96b16c94 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_cms.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_cms.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 28.10.2020 15:24:13
+// Generation date: 23.07.2021 14:40:17
 
 unit IdOpenSSLHeaders_cms;
 
@@ -149,9 +149,9 @@ procedure UnLoad;
   d2i_CMS_bio: function(bp: PBIO; cms: PPCMS_ContentInfo): PCMS_ContentInfo cdecl = nil;
   i2d_CMS_bio: function(bp: PBIO; cms: PCMS_ContentInfo): TIdC_INT cdecl = nil;
 
-  BIO_new_CMS: function(&out: PBIO; cms: PCMS_ContentInfo): PBIO cdecl = nil;
-  i2d_CMS_bio_stream: function(&out: PBIO; cms: PCMS_ContentInfo; in_: PBIO; flags: TIdC_INT): TIdC_INT cdecl = nil;
-  PEM_write_bio_CMS_stream: function(&out: PBIO; cms: PCMS_ContentInfo; in_: PBIO; flags: TIdC_INT): TIdC_INT cdecl = nil;
+  BIO_new_CMS: function(out_: PBIO; cms: PCMS_ContentInfo): PBIO cdecl = nil;
+  i2d_CMS_bio_stream: function(out_: PBIO; cms: PCMS_ContentInfo; in_: PBIO; flags: TIdC_INT): TIdC_INT cdecl = nil;
+  PEM_write_bio_CMS_stream: function(out_: PBIO; cms: PCMS_ContentInfo; in_: PBIO; flags: TIdC_INT): TIdC_INT cdecl = nil;
   SMIME_read_CMS: function(bio: PBIO; bcont: PPBIO): PCMS_ContentInfo cdecl = nil;
   SMIME_write_CMS: function(bio: PBIO; cms: PCMS_ContentInfo; data: PBIO; flags: TIdC_INT): TIdC_INT cdecl = nil;
 
@@ -162,14 +162,14 @@ procedure UnLoad;
 //  function CMS_sign_receipt(si: PCMS_SignerInfo; signcert: PX509; pkey: PEVP_PKEY; {STACK_OF(X509) *certs;} flags: TIdC_UINT): PCMS_ContentInfo;
 
   CMS_data: function(cms: PCMS_ContentInfo; out_: PBIO; flags: TIdC_UINT): TIdC_INT cdecl = nil;
-  CMS_data_create: function(&in: PBIO; flags: TIdC_UINT): PCMS_ContentInfo cdecl = nil;
+  CMS_data_create: function(in_: PBIO; flags: TIdC_UINT): PCMS_ContentInfo cdecl = nil;
 
   CMS_digest_verify: function(cms: PCMS_ContentInfo; dcont: PBIO; out_: PBIO; flags: TIdC_UINT): TIdC_INT cdecl = nil;
-  CMS_digest_create: function(&in: PBIO; const md: PEVP_MD; flags: TIdC_UINT): PCMS_ContentInfo cdecl = nil;
+  CMS_digest_create: function(in_: PBIO; const md: PEVP_MD; flags: TIdC_UINT): PCMS_ContentInfo cdecl = nil;
 
   CMS_EncryptedData_decrypt: function(cms: PCMS_ContentInfo; const key: PByte; keylen: TIdC_SIZET; dcont: PBIO; out_: PBIO; flags: TIdC_UINT): TIdC_INT cdecl = nil;
 
-  CMS_EncryptedData_encrypt: function(&in: PBIO; const cipher: PEVP_CIPHER; const key: PByte; keylen: TIdC_SIZET; flags: TIdC_UINT): PCMS_ContentInfo cdecl = nil;
+  CMS_EncryptedData_encrypt: function(in_: PBIO; const cipher: PEVP_CIPHER; const key: PByte; keylen: TIdC_SIZET; flags: TIdC_UINT): PCMS_ContentInfo cdecl = nil;
 
   CMS_EncryptedData_set1_key: function(cms: PCMS_ContentInfo; const ciph: PEVP_CIPHER; const key: PByte; keylen: TIdC_SIZET): TIdC_INT cdecl = nil;
 
@@ -213,7 +213,7 @@ procedure UnLoad;
   CMS_RecipientInfo_encrypt: function(cms: PCMS_ContentInfo; ri: PCMS_RecipientInfo): TIdC_INT cdecl = nil;
 
   CMS_uncompress: function(cms: PCMS_ContentInfo; dcont: PBIO; out_: PBIO; flags: TIdC_UINT): TIdC_INT cdecl = nil;
-  CMS_compress: function(&in: PBIO; comp_nid: TIdC_INT; flags: TIdC_UINT): PCMS_ContentInfo cdecl = nil;
+  CMS_compress: function(in_: PBIO; comp_nid: TIdC_INT; flags: TIdC_UINT): PCMS_ContentInfo cdecl = nil;
 
   CMS_set1_eContentType: function(cms: CMS_ContentInfo; const oit: PASN1_OBJECT): TIdC_INT cdecl = nil;
   CMS_get0_eContentType: function(cms: PCMS_ContentInfo): PASN1_OBJECT cdecl = nil;
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_crypto.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_crypto.pas
index 9d6a7c213..96fb1fc35 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_crypto.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_crypto.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 03.11.2020 09:35:33
+// Generation date: 23.07.2021 14:40:17
 
 unit IdOpenSSLHeaders_crypto;
 
@@ -192,7 +192,7 @@ procedure UnLoad;
   // # define OPENSSL_MALLOC_MAX_NELEMS(type)  (((1U<<(sizeof(int)*8-1))-1)/sizeof(type))
 
   OpenSSL_version_num: function: TIdC_ULONG cdecl = nil;
-  OpenSSL_version: function(&type: TIdC_INT): PIdAnsiChar cdecl = nil;
+  OpenSSL_version: function(type_: TIdC_INT): PIdAnsiChar cdecl = nil;
 
   OPENSSL_issetugid: function: TIdC_INT cdecl = nil;
 
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_dsa.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_dsa.pas
index cf5b2af20..06157cf50 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_dsa.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_dsa.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 28.10.2020 15:24:13
+// Generation date: 23.07.2021 14:40:17
 
 unit IdOpenSSLHeaders_dsa;
 
@@ -119,8 +119,8 @@ procedure UnLoad;
   DSA_size: function(const v1: PDSA): TIdC_INT cdecl = nil;
   DSA_bits: function(const d: PDSA): TIdC_INT cdecl = nil;
   DSA_security_bits: function(const d: PDSA): TIdC_INT cdecl = nil;
-  DSA_sign: function(&type: TIdC_INT; const dgst: PByte; dlen: TIdC_INT; sig: PByte; siglen: PIdC_UINT; dsa: PDSA): TIdC_INT cdecl = nil;
-  DSA_verify: function(&type: TIdC_INT; const dgst: PByte; dgst_len: TIdC_INT; const sigbuf: PByte; siglen: TIdC_INT; dsa: PDSA): TIdC_INT cdecl = nil;
+  DSA_sign: function(type_: TIdC_INT; const dgst: PByte; dlen: TIdC_INT; sig: PByte; siglen: PIdC_UINT; dsa: PDSA): TIdC_INT cdecl = nil;
+  DSA_verify: function(type_: TIdC_INT; const dgst: PByte; dgst_len: TIdC_INT; const sigbuf: PByte; siglen: TIdC_INT; dsa: PDSA): TIdC_INT cdecl = nil;
   //#define DSA_get_ex_new_index(l, p, newf, dupf, freef) \
   //    CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_DSA, l, p, newf, dupf, freef)
   DSA_set_ex_data: function(d: PDSA; idx: TIdC_INT; arg: Pointer): TIdC_INT cdecl = nil;
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ec.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ec.pas
index d9a1f9500..05f466a43 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ec.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ec.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 29.10.2020 09:34:06
+// Generation date: 23.07.2021 14:40:17
 
 unit IdOpenSSLHeaders_ec;
 
@@ -120,11 +120,11 @@   EC_builtin_curve = record
 
   EC_KEY_METHOD_compute_key_ckey = function(psec: PPByte; pseclen: PIdC_SIZET; const pub_key: PEC_POINT; const ecdh: PEC_KEY): TIdC_INT; cdecl;
 
-  EC_KEY_METHOD_sign_sign = function(&type: TIdC_INT; const dgst: PByte; dlen: TIdC_INT; sig: PByte; siglen: PIdC_UINT; const kinv: PBIGNUM; const r: PBIGNUM; eckey: PEC_KEY): TIdC_INT; cdecl;
+  EC_KEY_METHOD_sign_sign = function(type_: TIdC_INT; const dgst: PByte; dlen: TIdC_INT; sig: PByte; siglen: PIdC_UINT; const kinv: PBIGNUM; const r: PBIGNUM; eckey: PEC_KEY): TIdC_INT; cdecl;
   EC_KEY_METHOD_sign_sign_setup = function(eckey: PEC_KEY; ctx_in: PBN_CTX; kinvp: PPBIGNUM; rp: PPBIGNUM): TIdC_INT; cdecl;
   EC_KEY_METHOD_sign_sign_sig = function(const dgst: PByte; dgst_len: TIdC_INT; const in_kinv: PBIGNUM; const in_r: PBIGNUM; eckey: PEC_KEY): PECDSA_SIG; cdecl;
 
-  EC_KEY_METHOD_verify_verify = function(&type: TIdC_INT; const dgst: PByte; dgst_len: TIdC_INT; const sigbuf: PByte; sig_len: TIdC_INT; eckey: PEC_KEY): TIdC_INT; cdecl;
+  EC_KEY_METHOD_verify_verify = function(type_: TIdC_INT; const dgst: PByte; dgst_len: TIdC_INT; const sigbuf: PByte; sig_len: TIdC_INT; eckey: PEC_KEY): TIdC_INT; cdecl;
   EC_KEY_METHOD_verify_verify_sig = function(const dgst: PByte; dgst_len: TIdC_INT; const sig: PECDSA_SIG; eckey: PEC_KEY): TIdC_INT; cdecl;
 
   PEC_KEY_METHOD_init_init = ^EC_KEY_METHOD_init_init;
@@ -318,8 +318,8 @@ procedure UnLoad;
   EC_KEY_set_method: function(key: PEC_KEY; const meth: PEC_KEY_METHOD): TIdC_INT cdecl = nil;
   EC_KEY_new_method: function(engine: PENGINE): PEC_KEY cdecl = nil;
 
-  ECDH_KDF_X9_62: function(&out: PByte; outlen: TIdC_SIZET; const Z: PByte; Zlen: TIdC_SIZET; const sinfo: PByte; sinfolen: TIdC_SIZET; const md: PEVP_MD): TIdC_INT cdecl = nil;
-  ECDH_compute_key: function(&out: Pointer; oulen: TIdC_SIZET; const pub_key: PEC_POINT; const ecdh: PEC_KEY; kdf: ECDH_compute_key_KDF): TIdC_INT cdecl = nil;
+  ECDH_KDF_X9_62: function(out_: PByte; outlen: TIdC_SIZET; const Z: PByte; Zlen: TIdC_SIZET; const sinfo: PByte; sinfolen: TIdC_SIZET; const md: PEVP_MD): TIdC_INT cdecl = nil;
+  ECDH_compute_key: function(out_: Pointer; oulen: TIdC_SIZET; const pub_key: PEC_POINT; const ecdh: PEC_KEY; kdf: ECDH_compute_key_KDF): TIdC_INT cdecl = nil;
 
   ECDSA_SIG_new: function: PECDSA_SIG cdecl = nil;
   ECDSA_SIG_free: procedure(sig: PECDSA_SIG) cdecl = nil;
@@ -333,9 +333,9 @@ procedure UnLoad;
   ECDSA_do_sign_ex: function(const dgst: PByte; dgst_len: TIdC_INT; const kinv: PBIGNUM; const rp: PBIGNUM; eckey: PEC_KEY): PECDSA_SIG cdecl = nil;
   ECDSA_do_verify: function(const dgst: PByte; dgst_len: TIdC_INT; const sig: PECDSA_SIG; eckey: PEC_KEY): TIdC_INT cdecl = nil;
   ECDSA_sign_setup: function(eckey: PEC_KEY; ctx: PBN_CTX; kiv: PPBIGNUM; rp: PPBIGNUM): TIdC_INT cdecl = nil;
-  ECDSA_sign: function(&type: TIdC_INT; const dgst: PByte; dgstlen: TIdC_INT; sig: PByte; siglen: PIdC_UINT; eckey: PEC_KEY): TIdC_INT cdecl = nil;
-  ECDSA_sign_ex: function(&type: TIdC_INT; const dgst: PByte; dgstlen: TIdC_INT; sig: PByte; siglen: PIdC_UINT; const kinv: PBIGNUM; const rp: PBIGNUM; eckey: PEC_KEY): TIdC_INT cdecl = nil;
-  ECDSA_verify: function(&type: TIdC_INT; const dgst: PByte; dgstlen: TIdC_INT; const sig: PByte; siglen: TIdC_INT; eckey: PEC_KEY): TIdC_INT cdecl = nil;
+  ECDSA_sign: function(type_: TIdC_INT; const dgst: PByte; dgstlen: TIdC_INT; sig: PByte; siglen: PIdC_UINT; eckey: PEC_KEY): TIdC_INT cdecl = nil;
+  ECDSA_sign_ex: function(type_: TIdC_INT; const dgst: PByte; dgstlen: TIdC_INT; sig: PByte; siglen: PIdC_UINT; const kinv: PBIGNUM; const rp: PBIGNUM; eckey: PEC_KEY): TIdC_INT cdecl = nil;
+  ECDSA_verify: function(type_: TIdC_INT; const dgst: PByte; dgstlen: TIdC_INT; const sig: PByte; siglen: TIdC_INT; eckey: PEC_KEY): TIdC_INT cdecl = nil;
   ECDSA_size: function(const eckey: PEC_KEY): TIdC_INT cdecl = nil;
 
   EC_KEY_METHOD_new: function(const meth: PEC_KEY_METHOD): PEC_KEY_METHOD cdecl = nil;
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_evp.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_evp.pas
index f026bdc49..631841fa0 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_evp.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_evp.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 29.10.2020 07:07:29
+// Generation date: 23.07.2021 14:40:17
 
 unit IdOpenSSLHeaders_evp;
 
@@ -442,20 +442,20 @@   evp_cipher_info_st = record
   pub_decode = function(pk: PEVP_PKEY; pub: PX509_PUBKEY): TIdC_INT; cdecl;
   pub_encode = function(pub: PX509_PUBKEY; const pk: PEVP_PKEY): TIdC_INT; cdecl;
   pub_cmd = function(const a: PEVP_PKEY; const b: PEVP_PKEY): TIdC_INT; cdecl;
-  pub_print = function(&out: PBIO; const pkey: PEVP_PKEY; indent: TIdC_INT; pctx: PASN1_PCTX): TIdC_INT; cdecl;
+  pub_print = function(out_: PBIO; const pkey: PEVP_PKEY; indent: TIdC_INT; pctx: PASN1_PCTX): TIdC_INT; cdecl;
   pkey_size = function(const pk: PEVP_PKEY): TIdC_INT; cdecl;
   pkey_bits = function(const pk: PEVP_PKEY): TIdC_INT; cdecl;
 
   priv_decode = function(pk: PEVP_PKEY; const p8inf: PKCS8_PRIV_KEY_INFO): TIdC_INT; cdecl;
   priv_encode = function(p8: PPKCS8_PRIV_KEY_INFO; const pk: PEVP_PKEY): TIdC_INT; cdecl;
-  priv_print = function(&out: PBIO; const pkea: PEVP_PKEY; indent: TIdC_INT; pctx: PASN1_PCTX): TIdC_INT; cdecl;
+  priv_print = function(out_: PBIO; const pkea: PEVP_PKEY; indent: TIdC_INT; pctx: PASN1_PCTX): TIdC_INT; cdecl;
 
   param_decode = function(pkey: PEVP_PKEY; const pder: PPByte; derlen: TIdC_INT): TIdC_INT; cdecl;
   param_encode = function(const pkey: PEVP_PKEY; pder: PPByte): TIdC_INT; cdecl;
   param_missing = function(const pk: PEVP_PKEY): TIdC_INT; cdecl;
   param_copy = function(&to: PEVP_PKEY; const from: PEVP_PKEY): TIdC_INT; cdecl;
   param_cmp = function(const a: PEVP_PKEY; const b: PEVP_PKEY): TIdC_INT; cdecl;
-  param_print = function(&out: PBIO; const pkey: PEVP_PKEY; indent: TIdC_INT; pctx: PASN1_PCTX): TIdC_INT; cdecl;
+  param_print = function(out_: PBIO; const pkey: PEVP_PKEY; indent: TIdC_INT; pctx: PASN1_PCTX): TIdC_INT; cdecl;
 
   pkey_free = procedure(pkey: PEVP_PKEY); cdecl;
   pkey_ctrl = function(pkey: PEVP_PKEY; op: TIdC_INT; arg1: TIdC_LONG; arg2: Pointer): TIdC_INT; cdecl;
@@ -657,7 +657,7 @@ procedure UnLoad;
   EVP_CIPHER_CTX_buf_noconst: function(ctx: PEVP_CIPHER_CTX): PByte cdecl = nil;
   EVP_CIPHER_CTX_num: function(const ctx: PEVP_CIPHER_CTX): TIdC_INT cdecl = nil;
   EVP_CIPHER_CTX_set_num: procedure(ctx: PEVP_CIPHER_CTX; num: TIdC_INT) cdecl = nil;
-  EVP_CIPHER_CTX_copy: function(&out: PEVP_CIPHER_CTX; const in_: PEVP_CIPHER_CTX): TIdC_INT cdecl = nil;
+  EVP_CIPHER_CTX_copy: function(out_: PEVP_CIPHER_CTX; const in_: PEVP_CIPHER_CTX): TIdC_INT cdecl = nil;
   EVP_CIPHER_CTX_get_app_data: function(const ctx: PEVP_CIPHER_CTX): Pointer cdecl = nil;
   EVP_CIPHER_CTX_set_app_data: procedure(ctx: PEVP_CIPHER_CTX; data: Pointer) cdecl = nil;
   EVP_CIPHER_CTX_get_cipher_data: function(const ctx: PEVP_CIPHER_CTX): Pointer cdecl = nil;
@@ -704,7 +704,7 @@ procedure UnLoad;
   //# define EVP_MD_CTX_create()     EVP_MD_CTX_new()
   //# define EVP_MD_CTX_init(ctx)    EVP_MD_CTX_reset((ctx))
   //# define EVP_MD_CTX_destroy(ctx) EVP_MD_CTX_free((ctx))
-  EVP_MD_CTX_copy_ex: function(&out: PEVP_MD_CTX; const in_: PEVP_MD_CTX): TIdC_INT cdecl = nil;
+  EVP_MD_CTX_copy_ex: function(out_: PEVP_MD_CTX; const in_: PEVP_MD_CTX): TIdC_INT cdecl = nil;
   EVP_MD_CTX_set_flags: procedure(ctx: PEVP_MD_CTX; flags: TIdC_INT) cdecl = nil;
   EVP_MD_CTX_clear_flags: procedure(ctx: PEVP_MD_CTX; flags: TIdC_INT) cdecl = nil;
   EVP_MD_CTX_test_flags: function(const ctx: PEVP_MD_CTX; flags: TIdC_INT): TIdC_INT cdecl = nil;
@@ -713,7 +713,7 @@ procedure UnLoad;
   EVP_DigestFinal_ex: function(ctx: PEVP_MD_CTX; md: PByte; s: PIdC_UINT): TIdC_INT cdecl = nil;
   EVP_Digest: function(const data: Pointer; count: TIdC_SIZET; md: PByte; size: PIdC_UINT; const type_: PEVP_MD; impl: PENGINE): TIdC_INT cdecl = nil;
 
-  EVP_MD_CTX_copy: function(&out: PEVP_MD_CTX; const in_: PEVP_MD_CTX): TIdC_INT cdecl = nil;
+  EVP_MD_CTX_copy: function(out_: PEVP_MD_CTX; const in_: PEVP_MD_CTX): TIdC_INT cdecl = nil;
   EVP_DigestInit: function(ctx: PEVP_MD_CTX; const type_: PEVP_MD): TIdC_INT cdecl = nil;
   EVP_DigestFinal: function(ctx: PEVP_MD_CTX; md: PByte; s: PIdC_UINT): TIdC_INT cdecl = nil;
   EVP_DigestFinalXOF: function(ctx: PEVP_MD_CTX; md: PByte; len: TIdC_SIZET): TIdC_INT cdecl = nil;
@@ -730,13 +730,13 @@ procedure UnLoad;
 
   EVP_EncryptInit: function(ctx: PEVP_CIPHER_CTX; const cipher: PEVP_CIPHER; const key: PByte; const iv: PByte): TIdC_INT cdecl = nil;
   EVP_EncryptInit_ex: function(ctx: PEVP_CIPHER_CTX; const cipher: PEVP_CIPHER; impl: PENGINE; const key: PByte; const iv: PByte): TIdC_INT cdecl = nil;
-  EVP_EncryptUpdate: function(ctx: PEVP_CIPHER_CTX; out_: PByte; out1: PIdC_INT; const in_: PByte; &in1: TIdC_INT): TIdC_INT cdecl = nil;
+  EVP_EncryptUpdate: function(ctx: PEVP_CIPHER_CTX; out_: PByte; out1: PIdC_INT; const in_: PByte; in_1: TIdC_INT): TIdC_INT cdecl = nil;
   EVP_EncryptFinal_ex: function(ctx: PEVP_CIPHER_CTX; out_: PByte; out1: PIdC_INT): TIdC_INT cdecl = nil;
   EVP_EncryptFinal: function(ctx: PEVP_CIPHER_CTX; out_: PByte; out1: PIdC_INT): TIdC_INT cdecl = nil;
 
   EVP_DecryptInit: function(ctx: PEVP_CIPHER_CTX; out_: PByte; out1: PidC_INT): TIdC_INT cdecl = nil;
   EVP_DecryptInit_ex: function(ctx: PEVP_CIPHER_CTX; const cipher: PEVP_CIPHER; impl: PENGINE; const key: PByte; const iv: PByte): TIdC_INT cdecl = nil;
-  EVP_DecryptUpdate: function(ctx: PEVP_CIPHER_CTX; out_: PByte; out1: PIdC_INT; const in_: PByte; &in1: TIdC_INT): TIdC_INT cdecl = nil;
+  EVP_DecryptUpdate: function(ctx: PEVP_CIPHER_CTX; out_: PByte; out1: PIdC_INT; const in_: PByte; in_1: TIdC_INT): TIdC_INT cdecl = nil;
   EVP_DecryptFinal: function(ctx: PEVP_CIPHER_CTX; outm: PByte; out1: PIdC_INT): TIdC_INT cdecl = nil;
   EVP_DecryptFinal_ex: function(ctx: PEVP_MD_CTX; outm: PByte; out1: PIdC_INT): TIdC_INT cdecl = nil;
 
@@ -1004,7 +1004,7 @@ procedure UnLoad;
 
   EVP_PKEY_decrypt_old: function(dec_key: PByte; const enc_key: PByte; enc_key_len: TIdC_INT; private_key: PEVP_PKEY): TIdC_INT cdecl = nil;
   EVP_PKEY_encrypt_old: function(dec_key: PByte; const enc_key: PByte; key_len: TIdC_INT; pub_key: PEVP_PKEY): TIdC_INT cdecl = nil;
-  EVP_PKEY_type: function(&type: TIdC_INT): TIdC_INT cdecl = nil;
+  EVP_PKEY_type: function(type_: TIdC_INT): TIdC_INT cdecl = nil;
   EVP_PKEY_id: function(const pkey: PEVP_PKEY): TIdC_INT cdecl = nil;
   EVP_PKEY_base_id: function(const pkey: PEVP_PKEY): TIdC_INT cdecl = nil;
   EVP_PKEY_bits: function(const pkey: PEVP_PKEY): TIdC_INT cdecl = nil;
@@ -1043,10 +1043,10 @@ procedure UnLoad;
   EVP_PKEY_up_ref: function(pkey: PEVP_PKEY): TIdC_INT cdecl = nil;
   EVP_PKEY_free: procedure(pkey: PEVP_PKEY) cdecl = nil;
 
-  d2i_PublicKey: function(&type: TIdC_INT; a: PPEVP_PKEY; const pp: PPByte; length: TIdC_LONG): PEVP_PKEY cdecl = nil;
+  d2i_PublicKey: function(type_: TIdC_INT; a: PPEVP_PKEY; const pp: PPByte; length: TIdC_LONG): PEVP_PKEY cdecl = nil;
   i2d_PublicKey: function(a: PEVP_PKEY; pp: PPByte): TIdC_INT cdecl = nil;
 
-  d2i_PrivateKey: function(&type: TIdC_INT; a: PEVP_PKEY; const pp: PPByte; length: TIdC_LONG): PEVP_PKEY cdecl = nil;
+  d2i_PrivateKey: function(type_: TIdC_INT; a: PEVP_PKEY; const pp: PPByte; length: TIdC_LONG): PEVP_PKEY cdecl = nil;
   d2i_AutoPrivateKey: function(a: PPEVP_PKEY; const pp: PPByte; length: TIdC_LONG): PEVP_PKEY cdecl = nil;
   i2d_PrivateKey: function(a: PEVP_PKEY; pp: PPByte): TIdC_INT cdecl = nil;
 
@@ -1057,9 +1057,9 @@ procedure UnLoad;
 
   EVP_PKEY_cmp: function(const a: PEVP_PKEY; const b: PEVP_PKEY): TIdC_INT cdecl = nil;
 
-  EVP_PKEY_print_public: function(&out: PBIO; const pkey: PEVP_PKEY; indent: TIdC_INT; pctx: PASN1_PCTX): TIdC_INT cdecl = nil;
-  EVP_PKEY_print_private: function(&out: PBIO; const pkey: PEVP_PKEY; indent: TIdC_INT; pctx: PASN1_PCTX): TIdC_INT cdecl = nil;
-  EVP_PKEY_print_params: function(&out: PBIO; const pkey: PEVP_PKEY; indent: TIdC_INT; pctx: PASN1_PCTX): TIdC_INT cdecl = nil;
+  EVP_PKEY_print_public: function(out_: PBIO; const pkey: PEVP_PKEY; indent: TIdC_INT; pctx: PASN1_PCTX): TIdC_INT cdecl = nil;
+  EVP_PKEY_print_private: function(out_: PBIO; const pkey: PEVP_PKEY; indent: TIdC_INT; pctx: PASN1_PCTX): TIdC_INT cdecl = nil;
+  EVP_PKEY_print_params: function(out_: PBIO; const pkey: PEVP_PKEY; indent: TIdC_INT; pctx: PASN1_PCTX): TIdC_INT cdecl = nil;
 
   EVP_PKEY_get_default_digest_nid: function(pkey: PEVP_PKEY; pnid: PIdC_INT): TIdC_INT cdecl = nil;
 
@@ -1093,7 +1093,7 @@ procedure UnLoad;
   (* PBE type *)
   EVP_PBE_alg_add_type: function(pbe_type: TIdC_INT; pbe_nid: TIdC_INT; cipher_nid: TIdC_INT; md_nid: TIdC_INT; keygen: PEVP_PBE_KEYGEN): TIdC_INT cdecl = nil;
   EVP_PBE_alg_add: function(nid: TIdC_INT; const cipher: PEVP_CIPHER; const md: PEVP_MD; keygen: PEVP_PBE_KEYGEN): TIdC_INT cdecl = nil;
-  EVP_PBE_find: function(&type: TIdC_INT; pbe_nid: TIdC_INT; pcnid: PIdC_INT; pmnid: PIdC_INT; pkeygen: PPEVP_PBE_KEYGEN): TIdC_INT cdecl = nil;
+  EVP_PBE_find: function(type_: TIdC_INT; pbe_nid: TIdC_INT; pcnid: PIdC_INT; pmnid: PIdC_INT; pkeygen: PPEVP_PBE_KEYGEN): TIdC_INT cdecl = nil;
   EVP_PBE_cleanup: procedure cdecl = nil;
   EVP_PBE_get: function(ptype: PIdC_INT; ppbe_nid: PIdC_INT; num: TIdC_SIZET): TIdC_INT cdecl = nil;
 
@@ -1133,7 +1133,7 @@ procedure UnLoad;
 
   EVP_PKEY_asn1_set_security_bits: procedure(ameth: PEVP_PKEY_ASN1_METHOD; APkey_security_bits: pkey_security_bits) cdecl = nil;
 
-  EVP_PKEY_meth_find: function(&type: TIdC_INT): PEVP_PKEY_METHOD cdecl = nil;
+  EVP_PKEY_meth_find: function(type_: TIdC_INT): PEVP_PKEY_METHOD cdecl = nil;
   EVP_PKEY_meth_new: function(id: TIdC_INT; flags: TIdC_INT): PEVP_PKEY_METHOD cdecl = nil;
   EVP_PKEY_meth_get0_info: procedure(ppkey_id: PIdC_INT; pflags: PIdC_INT; const meth: PEVP_PKEY_METHOD) cdecl = nil;
   EVP_PKEY_meth_copy: procedure(dst: PEVP_PKEY_METHOD; const src: PEVP_PKEY_METHOD) cdecl = nil;
@@ -1160,9 +1160,9 @@ procedure UnLoad;
   EVP_PKEY_CTX_get_operation: function(ctx: PEVP_PKEY_CTX): TIdC_INT cdecl = nil;
   EVP_PKEY_CTX_set0_keygen_info: procedure(ctx: PEVP_PKEY_CTX; dat: PIdC_INT; datlen: TIdC_INT) cdecl = nil;
 
-  EVP_PKEY_new_mac_key: function(&type: TIdC_INT; e: PENGINE; const key: PByte; keylen: TIdC_INT): PEVP_PKEY cdecl = nil;
-  EVP_PKEY_new_raw_private_key: function(&type: TIdC_INT; e: PENGINE; const priv: PByte; len: TIdC_SIZET): PEVP_PKEY cdecl = nil;
-  EVP_PKEY_new_raw_public_key: function(&type: TIdC_INT; e: PENGINE; const pub: PByte; len: TIdC_SIZET): PEVP_PKEY cdecl = nil;
+  EVP_PKEY_new_mac_key: function(type_: TIdC_INT; e: PENGINE; const key: PByte; keylen: TIdC_INT): PEVP_PKEY cdecl = nil;
+  EVP_PKEY_new_raw_private_key: function(type_: TIdC_INT; e: PENGINE; const priv: PByte; len: TIdC_SIZET): PEVP_PKEY cdecl = nil;
+  EVP_PKEY_new_raw_public_key: function(type_: TIdC_INT; e: PENGINE; const pub: PByte; len: TIdC_SIZET): PEVP_PKEY cdecl = nil;
   EVP_PKEY_get_raw_private_key: function(const pkey: PEVP_PKEY; priv: PByte; len: PIdC_SIZET): TIdC_INT cdecl = nil;
   EVP_PKEY_get_raw_public_key: function(const pkey: PEVP_PKEY; pub: PByte; len: PIdC_SIZET): TIdC_INT cdecl = nil;
 
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_idea.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_idea.pas
index c0ae00ea8..bf1bf1b59 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_idea.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_idea.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 28.10.2020 15:24:13
+// Generation date: 23.07.2021 14:40:17
 
 unit IdOpenSSLHeaders_idea;
 
@@ -74,7 +74,7 @@ procedure UnLoad;
   IDEA_cbc_encrypt: procedure(const in_: PByte; out_: PByte; length: TIdC_LONG; ks: PIDEA_KEY_SCHEDULE; iv: PByte; enc: TIdC_INT) cdecl = nil;
   IDEA_cfb64_encrypt: procedure(const in_: PByte; out_: PByte; length: TIdC_LONG; ks: PIDEA_KEY_SCHEDULE; iv: PByte; num: PIdC_INT; enc: TIdC_INT) cdecl = nil;
   IDEA_ofb64_encrypt: procedure(const in_: PByte; out_: PByte; length: TIdC_LONG; ks: PIDEA_KEY_SCHEDULE; iv: PByte; num: PIdC_INT) cdecl = nil;
-  IDEA_encrypt: procedure(&in: PIdC_LONG; ks: PIDEA_KEY_SCHEDULE) cdecl = nil;
+  IDEA_encrypt: procedure(in_: PIdC_LONG; ks: PIDEA_KEY_SCHEDULE) cdecl = nil;
 
 implementation
 
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_objects.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_objects.pas
index 694c9f1a2..5ee155d23 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_objects.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_objects.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 28.10.2020 15:24:13
+// Generation date: 23.07.2021 14:40:17
 
 unit IdOpenSSLHeaders_objects;
 
@@ -69,7 +69,7 @@ procedure UnLoad;
   OBJ_NAME_get: function(const name: PIdAnsiChar; type_: TIdC_INT): PIdAnsiChar cdecl = nil;
   OBJ_NAME_add: function(const name: PIdAnsiChar; type_: TIdC_INT; const data: PIdAnsiChar): TIdC_INT cdecl = nil;
   OBJ_NAME_remove: function(const name: PIdAnsiChar; type_: TIdC_INT): TIdC_INT cdecl = nil;
-  OBJ_NAME_cleanup: procedure(&type: TIdC_INT) cdecl = nil;
+  OBJ_NAME_cleanup: procedure(type_: TIdC_INT) cdecl = nil;
 //  void OBJ_NAME_do_all(TIdC_INT type_; void (*fn) (const OBJ_NAME *; void *arg);
 //                       void *arg);
 //  void OBJ_NAME_do_all_sorted(TIdC_INT type_;
@@ -176,7 +176,7 @@ procedure UnLoad;
   OBJ_new_nid: function(num: TIdC_INT): TIdC_INT cdecl = nil;
   OBJ_add_object: function(const obj: PASN1_OBJECT): TIdC_INT cdecl = nil;
   OBJ_create: function(const oid: PIdAnsiChar; const sn: PIdAnsiChar; const ln: PIdAnsiChar): TIdC_INT cdecl = nil;
-  OBJ_create_objects: function(&in: PBIO): TIdC_INT cdecl = nil;
+  OBJ_create_objects: function(in_: PBIO): TIdC_INT cdecl = nil;
 
   OBJ_length: function(const obj: PASN1_OBJECT): TIdC_SIZET cdecl = nil;
   OBJ_get0_data: function(const obj: PASN1_OBJECT): PByte cdecl = nil;
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_pem.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_pem.pas
index 1b778b514..c141a5238 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_pem.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_pem.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 28.10.2020 15:24:13
+// Generation date: 23.07.2021 14:40:17
 
 unit IdOpenSSLHeaders_pem;
 
@@ -205,12 +205,12 @@ procedure UnLoad;
 
   b2i_PrivateKey: function(const in_: PPByte; length: TIdC_LONG): PEVP_PKEY cdecl = nil;
   b2i_PublicKey: function(const in_: PPByte; length: TIdC_LONG): PEVP_PKEY cdecl = nil;
-  b2i_PrivateKey_bio: function(&in: PBIO): PEVP_PKEY cdecl = nil;
-  b2i_PublicKey_bio: function(&in: PBIO): PEVP_PKEY cdecl = nil;
-  i2b_PrivateKey_bio: function(&out: PBIO; pk: PEVP_PKEY): TIdC_INT cdecl = nil;
-  i2b_PublicKey_bio: function(&out: PBIO; pk: PEVP_PKEY): TIdC_INT cdecl = nil;
-  b2i_PVK_bio: function(&in: PBIO; cb: pem_password_cb; u: Pointer): PEVP_PKEY cdecl = nil;
-  i2b_PVK_bio: function(&out: PBIO; pk: PEVP_PKEY; enclevel: TIdC_INT; cb: pem_password_cb; u: Pointer): TIdC_INT cdecl = nil;
+  b2i_PrivateKey_bio: function(in_: PBIO): PEVP_PKEY cdecl = nil;
+  b2i_PublicKey_bio: function(in_: PBIO): PEVP_PKEY cdecl = nil;
+  i2b_PrivateKey_bio: function(out_: PBIO; pk: PEVP_PKEY): TIdC_INT cdecl = nil;
+  i2b_PublicKey_bio: function(out_: PBIO; pk: PEVP_PKEY): TIdC_INT cdecl = nil;
+  b2i_PVK_bio: function(in_: PBIO; cb: pem_password_cb; u: Pointer): PEVP_PKEY cdecl = nil;
+  i2b_PVK_bio: function(out_: PBIO; pk: PEVP_PKEY; enclevel: TIdC_INT; cb: pem_password_cb; u: Pointer): TIdC_INT cdecl = nil;
 
 implementation
 
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_pkcs7.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_pkcs7.pas
index fb93b5330..145e2505e 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_pkcs7.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_pkcs7.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 28.10.2020 15:24:13
+// Generation date: 23.07.2021 14:40:17
 
 unit IdOpenSSLHeaders_pkcs7;
 
@@ -225,8 +225,8 @@ procedure UnLoad;
   PKCS7_dup: function(p7: PPKCS7): PPKCS7 cdecl = nil;
   d2i_PKCS7_bio: function(bp: PBIO; p7: PPPKCS7): PPKCS7 cdecl = nil;
   i2d_PKCS7_bio: function(bp: PBIO; p7: PPKCS7): TIdC_INT cdecl = nil;
-  i2d_PKCS7_bio_stream: function(&out: PBIO; p7: PPKCS7; in_: PBIO; flags: TIdC_INT): TIdC_INT cdecl = nil;
-  PEM_write_bio_PKCS7_stream: function(&out: PBIO; p7: PPKCS7; in_: PBIO; flags: TIdC_INT): TIdC_INT cdecl = nil;
+  i2d_PKCS7_bio_stream: function(out_: PBIO; p7: PPKCS7; in_: PBIO; flags: TIdC_INT): TIdC_INT cdecl = nil;
+  PEM_write_bio_PKCS7_stream: function(out_: PBIO; p7: PPKCS7; in_: PBIO; flags: TIdC_INT): TIdC_INT cdecl = nil;
 
 //  function PKCS7_SIGNER_INFO_new: PPKCS7_SIGNER_INFO;
 //  procedure PKCS7_SIGNER_INFO_free(a: PPKCS7_SIGNER_INFO);
@@ -287,7 +287,7 @@ procedure UnLoad;
 //  function PKCS7_ATTR_VERIFY_it: PASN1_ITEM;
 //
 //  function i2d_PKCS7_NDEF(const a: PPKCS7; out_: PPByte): TIdC_INT;
-//  function PKCS7_print_ctx(&out: PBIO; const x: PPKCS7; indent: TIdC_INT; const pctx: PASN1_PCTX): TIdC_INT;
+//  function PKCS7_print_ctx(out_: PBIO; const x: PPKCS7; indent: TIdC_INT; const pctx: PASN1_PCTX): TIdC_INT;
 
   PKCS7_ctrl: function(p7: PPKCS7; cmd: TIdC_INT; larg: TIdC_LONG; parg: PIdAnsiChar): TIdC_LONG cdecl = nil;
 
@@ -350,7 +350,7 @@ procedure UnLoad;
   SMIME_write_PKCS7: function(bio: PBIO; p7: PPKCS7; data: PBIO; flags: TIdC_INT): TIdC_INT cdecl = nil;
   SMIME_read_PKCS7: function(bio: PBIO; bcont: PPBIO): PPKCS7 cdecl = nil;
 
-  BIO_new_PKCS7: function(&out: PBIO; p7: PPKCS7): PBIO cdecl = nil;
+  BIO_new_PKCS7: function(out_: PBIO; p7: PPKCS7): PBIO cdecl = nil;
 
 implementation
 
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_rsa.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_rsa.pas
index 3a8e5e4c6..efe6749e3 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_rsa.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_rsa.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 28.10.2020 15:24:13
+// Generation date: 23.07.2021 14:40:17
 
 unit IdOpenSSLHeaders_rsa;
 
@@ -181,7 +181,7 @@   rsa_oaep_params_st = record
 
   RSA_meth_set_finish_finish = function(rsa: PRSA): TIdC_INT; cdecl;
 
-  RSA_meth_set_sign_sign = function(&type: TIdC_INT; const m: PByte;
+  RSA_meth_set_sign_sign = function(type_: TIdC_INT; const m: PByte;
     m_length: TIdC_UINT; sigret: PByte; siglen: PIdC_UINT; const rsa: PRSA): TIdC_INT; cdecl;
 
   RSA_meth_set_verify_verify = function(dtype: TIdC_INT; const m: PByte;
@@ -334,15 +334,15 @@ procedure UnLoad;
    * The following 2 functions sign and verify a X509_SIG ASN1 object inside
    * PKCS#1 padded RSA encryption
    *)
-  RSA_sign: function(&type: TIdC_INT; const m: PByte; m_length: TIdC_UINT; sigret: PByte; siglen: PIdC_UINT; rsa: PRSA): TIdC_INT cdecl = nil;
-  RSA_verify: function(&type: TIdC_INT; const m: PByte; m_length: TIdC_UINT; const sigbuf: PByte; siglen: TIdC_UINT; rsa: PRSA): TIdC_INT cdecl = nil;
+  RSA_sign: function(type_: TIdC_INT; const m: PByte; m_length: TIdC_UINT; sigret: PByte; siglen: PIdC_UINT; rsa: PRSA): TIdC_INT cdecl = nil;
+  RSA_verify: function(type_: TIdC_INT; const m: PByte; m_length: TIdC_UINT; const sigbuf: PByte; siglen: TIdC_UINT; rsa: PRSA): TIdC_INT cdecl = nil;
 
   (*
    * The following 2 function sign and verify a ASN1_OCTET_STRING object inside
    * PKCS#1 padded RSA encryption
    *)
-  RSA_sign_ASN1_OCTET_STRING: function(&type: TIdC_INT; const m: PByte; m_length: TIdC_UINT; sigret: PByte; siglen: PIdC_UINT; rsa: PRSA): TIdC_INT cdecl = nil;
-  RSA_verify_ASN1_OCTET_STRING: function(&type: TIdC_INT; const m: PByte; m_length: TIdC_UINT; sigbuf: PByte; siglen: TIdC_UINT; rsa: PRSA): TIdC_INT cdecl = nil;
+  RSA_sign_ASN1_OCTET_STRING: function(type_: TIdC_INT; const m: PByte; m_length: TIdC_UINT; sigret: PByte; siglen: PIdC_UINT; rsa: PRSA): TIdC_INT cdecl = nil;
+  RSA_verify_ASN1_OCTET_STRING: function(type_: TIdC_INT; const m: PByte; m_length: TIdC_UINT; sigbuf: PByte; siglen: TIdC_UINT; rsa: PRSA): TIdC_INT cdecl = nil;
 
   RSA_blinding_on: function(rsa: PRSA; ctx: PBN_CTX): TIdC_INT cdecl = nil;
   RSA_blinding_off: procedure(rsa: PRSA) cdecl = nil;
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ssl.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ssl.pas
index 3a42c73c0..b15fd8d41 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ssl.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ssl.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 29.10.2020 07:09:34
+// Generation date: 23.07.2021 14:40:17
 
 unit IdOpenSSLHeaders_ssl;
 
@@ -1608,7 +1608,7 @@ procedure UnLoad;
   SSL_SESSION_print_keylog: function(bp: PBIO; const x: PSSL_SESSION): TIdC_INT cdecl = nil;
   SSL_SESSION_up_ref: function(ses: PSSL_SESSION): TIdC_INT cdecl = nil;
   SSL_SESSION_free: procedure(ses: PSSL_SESSION) cdecl = nil;
-  //__owur TIdC_INT i2d_SSL_SESSION(SSL_SESSION *&in, Byte **pp);
+  //__owur TIdC_INT i2d_SSL_SESSION(SSL_SESSION *in_, Byte **pp);
   SSL_set_session: function(&to: PSSL; session: PSSL_SESSION): TIdC_INT cdecl = nil;
   SSL_CTX_add_session: function(ctx: PSSL_CTX; session: PSSL_SESSION): TIdC_INT cdecl = nil;
   SSL_CTX_remove_session: function(ctx: PSSL_CTX; session: PSSL_SESSION): TIdC_INT cdecl = nil;
@@ -2018,13 +2018,13 @@ procedure UnLoad;
   //        ((void) SSL_CTX_set_validation_callback((ctx), NULL, NULL))
 
   ///*
-  // * The validation type enumerates the available behaviours of the built-&in SSL
+  // * The validation type enumerates the available behaviours of the built-in SSL
   // * CT validation callback selected via SSL_enable_ct() and SSL_CTX_enable_ct().
   // * The underlying callback is a static function in_ libssl.
   // */
 
   ///*
-  // * Enable CT by setting up a callback that implements one of the built-&in
+  // * Enable CT by setting up a callback that implements one of the built-in
   // * validation variants.  The SSL_CT_VALIDATION_PERMISSIVE variant always
   // * continues the handshake, the application can make appropriate decisions at
   // * handshake completion.  The SSL_CT_VALIDATION_STRICT variant requires at
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_txt_db.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_txt_db.pas
index e51cb9330..a874b40a5 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_txt_db.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_txt_db.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 28.10.2020 15:24:13
+// Generation date: 23.07.2021 14:40:17
 
 unit IdOpenSSLHeaders_txt_db;
 
@@ -80,8 +80,8 @@ procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 procedure UnLoad;
 
 var
-  TXT_DB_read: function(&in: PBIO; num: TIdC_INT): PTXT_DB cdecl = nil;
-  TXT_DB_write: function(&out: PBIO; db: PTXT_DB): TIdC_LONG cdecl = nil;
+  TXT_DB_read: function(in_: PBIO; num: TIdC_INT): PTXT_DB cdecl = nil;
+  TXT_DB_write: function(out_: PBIO; db: PTXT_DB): TIdC_LONG cdecl = nil;
   //function TXT_DB_create_index(db: PTXT_DB; field: TIdC_INT; qual: TXT_DB_create_index_qual; hash: OPENSSL_LH_HashFunc; cmp: OPENSSL_LH_COMPFUNC): TIdC_INT;
   TXT_DB_free: procedure(db: PTXT_DB) cdecl = nil;
   TXT_DB_get_by_index: function(db: PTXT_DB; idx: TIdC_INT; value: POPENSSL_STRING): POPENSSL_STRING cdecl = nil;
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_x509.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_x509.pas
index 5bd36f869..d68e3d895 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_x509.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_x509.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 28.10.2020 15:24:13
+// Generation date: 23.07.2021 14:40:17
 
 unit IdOpenSSLHeaders_x509;
 
@@ -380,7 +380,7 @@ procedure UnLoad;
   NETSCAPE_SPKI_get_pubkey: function(x: PNETSCAPE_SPKI): PEVP_PKEY cdecl = nil;
   NETSCAPE_SPKI_set_pubkey: function(x: PNETSCAPE_SPKI; pkey: PEVP_PKEY): TIdC_INT cdecl = nil;
 
-  NETSCAPE_SPKI_print: function(&out: PBIO; spki: PNETSCAPE_SPKI): TIdC_INT cdecl = nil;
+  NETSCAPE_SPKI_print: function(out_: PBIO; spki: PNETSCAPE_SPKI): TIdC_INT cdecl = nil;
 
   X509_signature_dump: function(bp: PBIO; const sig: PASN1_STRING; indent: TIdC_INT): TIdC_INT cdecl = nil;
   X509_signature_print: function(bp: PBIO; const alg: PX509_ALGOR; const sig: PASN1_STRING): TIdC_INT cdecl = nil;
@@ -781,7 +781,7 @@ procedure UnLoad;
 
   X509_CRL_cmp: function(const a: PX509_CRL; const b: PX509_CRL): TIdC_INT cdecl = nil;
   X509_CRL_match: function(const a: PX509_CRL; const b: PX509_CRL): TIdC_INT cdecl = nil;
-  X509_aux_print: function(&out: PBIO; x: PX509; indent: TIdC_INT): TIdC_INT cdecl = nil;
+  X509_aux_print: function(out_: PBIO; x: PX509; indent: TIdC_INT): TIdC_INT cdecl = nil;
   //# ifndef OPENSSL_NO_STDIO
   //TIdC_INT X509_print_ex_fp(FILE *bp, X509 *x, unsigned TIdC_LONG nmflag,
   //                     unsigned TIdC_LONG cflag);
@@ -793,11 +793,11 @@ procedure UnLoad;
   //# endif
 
   X509_NAME_print: function(bp: PBIO; const name: PX509_NAME; obase: TIdC_INT): TIdC_INT cdecl = nil;
-  X509_NAME_print_ex: function(&out: PBIO; const nm: PX509_NAME; indent: TIdC_INT; flags: TIdC_ULONG): TIdC_INT cdecl = nil;
+  X509_NAME_print_ex: function(out_: PBIO; const nm: PX509_NAME; indent: TIdC_INT; flags: TIdC_ULONG): TIdC_INT cdecl = nil;
   X509_print_ex: function(bp: PBIO; x: PX509; nmflag: TIdC_ULONG; cflag: TIdC_ULONG): TIdC_INT cdecl = nil;
   X509_print: function(bp: PBIO; x: PX509): TIdC_INT cdecl = nil;
   X509_ocspid_print: function(bp: PBIO; x: PX509): TIdC_INT cdecl = nil;
-  X509_CRL_print_ex: function(&out: PBIO; x: PX509_CRL; nmflag: TIdC_ULONG): TIdC_INT cdecl = nil;
+  X509_CRL_print_ex: function(out_: PBIO; x: PX509_CRL; nmflag: TIdC_ULONG): TIdC_INT cdecl = nil;
   X509_CRL_print: function(bp: PBIO; x: PX509_CRL): TIdC_INT cdecl = nil;
   X509_REQ_print_ex: function(bp: PBIO; x: PX509_REQ; nmflag: TIdC_ULONG; cflag: TIdC_ULONG): TIdC_INT cdecl = nil;
   X509_REQ_print: function(bp: PBIO; req: PX509_REQ): TIdC_INT cdecl = nil;
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_x509v3.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_x509v3.pas
index 8eacd6e4a..96165d39e 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_x509v3.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_x509v3.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 28.10.2020 15:24:13
+// Generation date: 23.07.2021 14:40:17
 
 unit IdOpenSSLHeaders_x509v3;
 
@@ -696,7 +696,7 @@ procedure UnLoad;
   //function s2i_ASN1_IA5STRING(method: PX509V3_EXT_METHOD; ctx: PX509V3_CTX; const str: PIdAnsiChar): PASN1_IA5STRING;
 
 //  STACK_OF(CONF_VALUE) *i2v_GENERAL_NAME(method: PX509V3_EXT_METHOD; gen: PGENERAL_NAME; STACK_OF(CONF_VALUE) *ret);
-  GENERAL_NAME_print: function(&out: PBIO; gen: PGENERAL_NAME): TIdC_INT cdecl = nil;
+  GENERAL_NAME_print: function(out_: PBIO; gen: PGENERAL_NAME): TIdC_INT cdecl = nil;
 
 //  DECLARE_ASN1_FUNCTIONS(GENERAL_NAMES)
 
@@ -751,10 +751,10 @@ procedure UnLoad;
 //  DECLARE_ASN1_ALLOC_FUNCTIONS(POLICY_CONSTRAINTS)
 //  DECLARE_ASN1_ITEM(POLICY_CONSTRAINTS)
 
-  //function a2i_GENERAL_NAME(&out: PGENERAL_NAME; const method: PX509V3_EXT_METHOD; ctx: PX509V3_CTX; TIdC_INT gen_type; const value: PIdAnsiChar; is_nc: TIdC_INT): GENERAL_NAME;
+  //function a2i_GENERAL_NAME(out_: PGENERAL_NAME; const method: PX509V3_EXT_METHOD; ctx: PX509V3_CTX; TIdC_INT gen_type; const value: PIdAnsiChar; is_nc: TIdC_INT): GENERAL_NAME;
 
   //function v2i_GENERAL_NAME(const method: PX509V3_EXT_METHOD; ctx: PX509V3_CTX; cnf: PCONF_VALUE): PGENERAL_NAME;
-  //function v2i_GENERAL_NAME_ex(&out: PGENERAL_NAME; const method: PX509V3_EXT_METHOD; ctx: PX509V3_CTX; cnf: PCONF_VALUE; is_nc: TIdC_INT): PGENERAL_NAME;
+  //function v2i_GENERAL_NAME_ex(out_: PGENERAL_NAME; const method: PX509V3_EXT_METHOD; ctx: PX509V3_CTX; cnf: PCONF_VALUE; is_nc: TIdC_INT): PGENERAL_NAME;
   //procedure X509V3_conf_free(val: PCONF_VALUE);
 
   X509V3_EXT_nconf_nid: function(conf: PCONF; ctx: PX509V3_CTX; ext_nid: TIdC_INT; const value: PIdAnsiChar): PX509_EXTENSION cdecl = nil;
@@ -810,9 +810,9 @@ procedure UnLoad;
   X509V3_EXT_i2d: function(ext_nid: TIdC_INT; crit: TIdC_INT; ext_struc: Pointer): PX509_EXTENSION cdecl = nil;
 //  TIdC_INT X509V3_add1_i2d(STACK_OF(X509_EXTENSION) **x; nid: TIdC_INT; value: Pointer; crit: TIdC_INT; TIdC_ULONG flags);
 
-//  void X509V3_EXT_val_prn(&out: PBIO; STACK_OF(CONF_VALUE) *val; indent: TIdC_INT; TIdC_INT ml);
-  X509V3_EXT_print: function(&out: PBIO; ext: PX509_EXTENSION; flag: TIdC_ULONG; indent: TIdC_INT): TIdC_INT cdecl = nil;
-//  TIdC_INT X509V3_extensions_print(&out: PBIO; const PIdAnsiChar *title; const STACK_OF(X509_EXTENSION) *exts; flag: TIdC_ULONG; indent: TIdC_INT);
+//  void X509V3_EXT_val_prn(out_: PBIO; STACK_OF(CONF_VALUE) *val; indent: TIdC_INT; TIdC_INT ml);
+  X509V3_EXT_print: function(out_: PBIO; ext: PX509_EXTENSION; flag: TIdC_ULONG; indent: TIdC_INT): TIdC_INT cdecl = nil;
+//  TIdC_INT X509V3_extensions_print(out_: PBIO; const PIdAnsiChar *title; const STACK_OF(X509_EXTENSION) *exts; flag: TIdC_ULONG; indent: TIdC_INT);
 
   X509_check_ca: function(x: PX509): TIdC_INT cdecl = nil;
   X509_check_purpose: function(x: PX509; id: TIdC_INT; ca: TIdC_INT): TIdC_INT cdecl = nil;
@@ -857,7 +857,7 @@ procedure UnLoad;
   a2i_IPADDRESS_NC: function(const ipasc: PIdAnsiChar): PASN1_OCTET_STRING cdecl = nil;
 //  TIdC_INT X509V3_NAME_from_section(X509_NAME *nm; STACK_OF(CONF_VALUE) *dn_sk; TIdC_ULONG chtype);
 
-  X509_POLICY_NODE_print: procedure(&out: PBIO; node: PX509_POLICY_NODE; indent: TIdC_INT) cdecl = nil;
+  X509_POLICY_NODE_print: procedure(out_: PBIO; node: PX509_POLICY_NODE; indent: TIdC_INT) cdecl = nil;
 //  DEFINE_STACK_OF(X509_POLICY_NODE)
 
   (*
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_asn1.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_asn1.pas
index b5dd019c2..3d4a23420 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_asn1.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_asn1.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 28.10.2020 15:24:33
+// Generation date: 23.07.2021 14:35:33
 
 unit IdOpenSSLHeaders_asn1;
 
@@ -402,7 +402,7 @@   asn1_string_table_st = record
    * would be used when a function takes an ASN1_ITEM * argument.
    *
    *)
-		
+
 // # ifndef OPENSSL_EXPORT_VAR_AS_FUNCTION
 
 ///(* ASN1_ITEM pointer exported type *)
@@ -488,7 +488,7 @@   BIT_STRING_BITNAME_st = record
   procedure ASN1_STRING_clear_free(a: PASN1_STRING) cdecl; external CLibCrypto;
   function ASN1_STRING_copy(dst: PASN1_STRING; const str: PASN1_STRING): TIdC_INT cdecl; external CLibCrypto;
   function ASN1_STRING_dup(const a: PASN1_STRING): PASN1_STRING cdecl; external CLibCrypto;
-  function ASN1_STRING_type_new(&type: TIdC_INT): PASN1_STRING cdecl; external CLibCrypto;
+  function ASN1_STRING_type_new(type_: TIdC_INT): PASN1_STRING cdecl; external CLibCrypto;
   function ASN1_STRING_cmp(const a: PASN1_STRING; const b: PASN1_STRING): TIdC_INT cdecl; external CLibCrypto;
 
   (*
@@ -508,7 +508,7 @@   BIT_STRING_BITNAME_st = record
   function ASN1_BIT_STRING_get_bit(const a: PASN1_BIT_STRING; n: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
   function ASN1_BIT_STRING_check(const a: PASN1_BIT_STRING; const flags: PByte; flags_len: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
 
-  function ASN1_BIT_STRING_name_print(&out: PBIO; bs: PASN1_BIT_STRING; tbl: PBIT_STRING_BITNAME; indent: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function ASN1_BIT_STRING_name_print(out_: PBIO; bs: PASN1_BIT_STRING; tbl: PBIT_STRING_BITNAME; indent: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
   function ASN1_BIT_STRING_num_asc(const name: PIdAnsiChar; tbl: PBIT_STRING_BITNAME): TIdC_INT cdecl; external CLibCrypto;
   function ASN1_BIT_STRING_set_asc(bs: PASN1_BIT_STRING; const name: PIdAnsiChar; value: TIdC_INT; tbl: PBIT_STRING_BITNAME): TIdC_INT cdecl; external CLibCrypto;
 
@@ -580,7 +580,7 @@   BIT_STRING_BITNAME_st = record
   function i2a_ASN1_STRING(bp: PBIO; const a: PASN1_STRING; type_: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
   function i2t_ASN1_OBJECT(buf: PAnsiChar; buf_len: TIdC_INT; const a: PASN1_OBJECT): TIdC_INT cdecl; external CLibCrypto;
 
-  function a2d_ASN1_OBJECT(&out: PByte; olen: TIdC_INT; const buf: PIdAnsiChar; num: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function a2d_ASN1_OBJECT(out_: PByte; olen: TIdC_INT; const buf: PIdAnsiChar; num: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
   function ASN1_OBJECT_create(nid: TIdC_INT; data: PByte; len: TIdC_INT; const sn: PAnsiChar; const ln: PAnsiChar): PASN1_OBJECT cdecl; external CLibCrypto;
 
   function ASN1_INTEGER_get_int64(pr: PIdC_Int64; const a: PASN1_INTEGER): TIdC_INT cdecl; external CLibCrypto;
@@ -663,7 +663,7 @@   BIT_STRING_BITNAME_st = record
   //function ASN1_STRING_print_ex_fp(&fp: PFILE; const str: PASN1_STRING; flags: TIdC_ULONG): TIdC_INT;
   //# endif
 
-  function ASN1_STRING_to_UTF8(&out: PPByte; const in_: PASN1_STRING): TIdC_INT cdecl; external CLibCrypto;
+  function ASN1_STRING_to_UTF8(out_: PPByte; const in_: PASN1_STRING): TIdC_INT cdecl; external CLibCrypto;
 
   //void *ASN1_d2i_bio(void *(*xnew) (void), d2i_of_void *d2i, BIO *in, void **x);
 
@@ -691,7 +691,7 @@   BIT_STRING_BITNAME_st = record
   function ASN1_GENERALIZEDTIME_print(fp: PBIO; const a: PASN1_GENERALIZEDTIME): TIdC_INT cdecl; external CLibCrypto;
   function ASN1_TIME_print(fp: PBIO; const a: PASN1_TIME): TIdC_INT cdecl; external CLibCrypto;
   function ASN1_STRING_print(bp: PBIO; const v: PASN1_STRING): TIdC_INT cdecl; external CLibCrypto;
-  function ASN1_STRING_print_ex(&out: PBIO; const str: PASN1_STRING; flags: TIdC_ULONG): TIdC_INT cdecl; external CLibCrypto;
+  function ASN1_STRING_print_ex(out_: PBIO; const str: PASN1_STRING; flags: TIdC_ULONG): TIdC_INT cdecl; external CLibCrypto;
   function ASN1_buf_print(bp: PBIO; const buf: PByte; buflen: TIdC_SIZET; off: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
   function ASN1_bn_print(bp: PBIO; const number: PIdAnsiChar; const num: PBIGNUM; buf: PByte; off: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
   function ASN1_parse(bp: PBIO; const pp: PByte; len: TIdC_LONG; indent: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
@@ -714,10 +714,10 @@   BIT_STRING_BITNAME_st = record
   procedure ASN1_STRING_set_default_mask(mask: TIdC_ULONG) cdecl; external CLibCrypto;
   function ASN1_STRING_set_default_mask_asc(const p: PAnsiChar): TIdC_INT cdecl; external CLibCrypto;
   function ASN1_STRING_get_default_mask: TIdC_ULONG cdecl; external CLibCrypto;
-  function ASN1_mbstring_copy(&out: PPASN1_STRING; const in_: PByte; len: TIdC_INT; inform: TIdC_INT; mask: TIdC_ULONG): TIdC_INT cdecl; external CLibCrypto;
-  function ASN1_mbstring_ncopy(&out: PPASN1_STRING; const in_: PByte; len: TIdC_INT; inform: TIdC_INT; mask: TIdC_ULONG; minsize: TIdC_LONG; maxsize: TIdC_LONG): TIdC_INT cdecl; external CLibCrypto;
+  function ASN1_mbstring_copy(out_: PPASN1_STRING; const in_: PByte; len: TIdC_INT; inform: TIdC_INT; mask: TIdC_ULONG): TIdC_INT cdecl; external CLibCrypto;
+  function ASN1_mbstring_ncopy(out_: PPASN1_STRING; const in_: PByte; len: TIdC_INT; inform: TIdC_INT; mask: TIdC_ULONG; minsize: TIdC_LONG; maxsize: TIdC_LONG): TIdC_INT cdecl; external CLibCrypto;
 
-  function ASN1_STRING_set_by_NID(&out: PPASN1_STRING; const in_: PByte; inlen: TIdC_INT; inform: TIdC_INT; nid: TIdC_INT): PASN1_STRING cdecl; external CLibCrypto;
+  function ASN1_STRING_set_by_NID(out_: PPASN1_STRING; const in_: PByte; inlen: TIdC_INT; inform: TIdC_INT; nid: TIdC_INT): PASN1_STRING cdecl; external CLibCrypto;
   function ASN1_STRING_TABLE_get(nid: TIdC_INT): PASN1_STRING_TABLE cdecl; external CLibCrypto;
   function ASN1_STRING_TABLE_add(v1: TIdC_INT; v2: TIdC_LONG; v3: TIdC_LONG; v4: TIdC_ULONG; v5: TIdC_ULONG): TIdC_INT cdecl; external CLibCrypto;
   procedure ASN1_STRING_TABLE_cleanup cdecl; external CLibCrypto;
@@ -738,7 +738,7 @@   BIT_STRING_BITNAME_st = record
   function ASN1_generate_v3(const str: PAnsiChar; cnf: PX509V3_CTX): PASN1_TYPE cdecl; external CLibCrypto;
   function ASN1_str2mask(const str: PByte; pmask: PIdC_ULONG): TIdC_INT cdecl; external CLibCrypto;
 
-  function ASN1_item_print(&out: PBIO; ifld: PASN1_VALUE; indent: TIdC_INT; const it: PASN1_ITEM; const pctx: PASN1_PCTX): TIdC_INT cdecl; external CLibCrypto;
+  function ASN1_item_print(out_: PBIO; ifld: PASN1_VALUE; indent: TIdC_INT; const it: PASN1_ITEM; const pctx: PASN1_PCTX): TIdC_INT cdecl; external CLibCrypto;
   function ASN1_PCTX_new: PASN1_PCTX cdecl; external CLibCrypto;
   procedure ASN1_PCTX_free(p: PASN1_PCTX) cdecl; external CLibCrypto;
   function ASN1_PCTX_get_flags(const p: PASN1_PCTX): TIdC_ULONG cdecl; external CLibCrypto;
@@ -762,16 +762,16 @@   BIT_STRING_BITNAME_st = record
 
   function BIO_f_asn1: PBIO_METHOD cdecl; external CLibCrypto;
 
-  function BIO_new_NDEF(&out: PBIO; val: PASN1_VALUE; const it: PASN1_ITEM): PBIO cdecl; external CLibCrypto;
+  function BIO_new_NDEF(out_: PBIO; val: PASN1_VALUE; const it: PASN1_ITEM): PBIO cdecl; external CLibCrypto;
 
-  function i2d_ASN1_bio_stream(&out: PBIO; val: PASN1_VALUE; in_: PBIO; flags: TIdC_INT; const it: PASN1_ITEM): TIdC_INT cdecl; external CLibCrypto;
-  function PEM_write_bio_ASN1_stream(&out: PBIO; val: PASN1_VALUE; in_: PBIO; flags: TIdC_INT; const hdr: PAnsiChar; const it: PASN1_ITEM): TIdC_INT cdecl; external CLibCrypto;
+  function i2d_ASN1_bio_stream(out_: PBIO; val: PASN1_VALUE; in_: PBIO; flags: TIdC_INT; const it: PASN1_ITEM): TIdC_INT cdecl; external CLibCrypto;
+  function PEM_write_bio_ASN1_stream(out_: PBIO; val: PASN1_VALUE; in_: PBIO; flags: TIdC_INT; const hdr: PAnsiChar; const it: PASN1_ITEM): TIdC_INT cdecl; external CLibCrypto;
   //function SMIME_write_ASN1(bio: PBIO; val: PASN1_VALUE; data: PBIO; flags: TIdC_INT;
   //                     ctype_nid: TIdC_INT; econt_nid: TIdC_INT;
   //                     STACK_OF(X509_ALGOR) *mdalgs, const ASN1_ITEM *it): TIdC_INT;
   function SMIME_read_ASN1(bio: PBIO; bcont: PPBIO; const it: PASN1_ITEM): PASN1_VALUE cdecl; external CLibCrypto;
-  function SMIME_crlf_copy(&in: PBIO; out_: PBIO; flags: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
-  function SMIME_text(&in: PBIO; out_: PBIO): TIdC_INT cdecl; external CLibCrypto;
+  function SMIME_crlf_copy(in_: PBIO; out_: PBIO; flags: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function SMIME_text(in_: PBIO; out_: PBIO): TIdC_INT cdecl; external CLibCrypto;
 
   function ASN1_ITEM_lookup(const name: PIdAnsiChar): PASN1_ITEM cdecl; external CLibCrypto;
   function ASN1_ITEM_get(i: TIdC_SIZET): PASN1_ITEM cdecl; external CLibCrypto;
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_bio.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_bio.pas
index dde75c866..568ce24a8 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_bio.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_bio.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 28.10.2020 15:24:33
+// Generation date: 23.07.2021 14:35:33
 
 unit IdOpenSSLHeaders_bio;
 
@@ -574,7 +574,7 @@ function BIO_do_handshake(b: PBIO): TIdC_LONG;
   function BIO_get_retry_BIO(bio: PBIO; reason: TIdC_INT): PBIO cdecl; external CLibCrypto;
   function BIO_get_retry_reason(bio: PBIO): TIdC_INT cdecl; external CLibCrypto;
   procedure BIO_set_retry_reason(bio: PBIO; reason: TIdC_INT) cdecl; external CLibCrypto;
-  function BIO_dup_chain(&in: PBIO): PBIO cdecl; external CLibCrypto;
+  function BIO_dup_chain(in_: PBIO): PBIO cdecl; external CLibCrypto;
 
   function BIO_nread0(bio: PBIO; buf: PPIdAnsiChar): TIdC_INT cdecl; external CLibCrypto;
   function BIO_nread(bio: PBIO; buf: PPIdAnsiChar; num: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
@@ -628,7 +628,7 @@ function BIO_do_handshake(b: PBIO): TIdC_LONG;
 //  function BIO_dump_fp(fp: cFile; const s: PByte; len: TIdC_INT): TIdC_INT;
 //  function BIO_dump_indent_fp(fp: cFile; const s: PByte; len: TIdC_INT; indent: TIdC_INT): TIdC_INT;
 
-  function BIO_hex_string(&out: PBIO; indent: TIdC_INT; width: TIdC_INT; data: PByte; datalen: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function BIO_hex_string(out_: PBIO; indent: TIdC_INT; width: TIdC_INT; data: PByte; datalen: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
 
   function BIO_ADDR_new: PBIO_ADDR cdecl; external CLibCrypto;
   function BIO_ADDR_rawmake(ap: PBIO_ADDR; familiy: TIdC_INT; const where: Pointer; wherelen: TIdC_SIZET; port: TIdC_SHORT): TIdC_INT cdecl; external CLibCrypto;
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_bn.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_bn.pas
index c5def3ef0..cee78e8d7 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_bn.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_bn.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 28.10.2020 15:24:33
+// Generation date: 23.07.2021 14:35:33
 
 unit IdOpenSSLHeaders_bn;
 
@@ -412,7 +412,7 @@ interface
 //int (*BN_nist_mod_func(const BIGNUM *p)) (BIGNUM *r, const BIGNUM *a,
 //                                          const BIGNUM *field, BN_CTX *ctx);
 
-  function BN_generate_dsa_nonce(&out: PBIGNUM; range: PBIGNUM; priv: PBIGNUM; const message_: PByte; message_len: TIdC_SIZET; ctx: PBN_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function BN_generate_dsa_nonce(out_: PBIGNUM; range: PBIGNUM; priv: PBIGNUM; const message_: PByte; message_len: TIdC_SIZET; ctx: PBN_CTX): TIdC_INT cdecl; external CLibCrypto;
 
   (* Primes from RFC 2409 *)
   function BN_get_rfc2409_prime_768(bn: PBIGNUM ): PBIGNUM cdecl; external CLibCrypto;
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_buffer.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_buffer.pas
index 487c46744..d59d502ae 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_buffer.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_buffer.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 28.10.2020 15:24:33
+// Generation date: 23.07.2021 14:35:33
 
 unit IdOpenSSLHeaders_buffer;
 
@@ -61,7 +61,7 @@   buf_mem_st = record
   procedure BUF_MEM_free(a: PBUF_MEM) cdecl; external CLibCrypto;
   function BUF_MEM_grow(str: PBUF_MEM; len: TIdC_SIZET): TIdC_SIZET cdecl; external CLibCrypto;
   function BUF_MEM_grow_clean(str: PBUF_MEM; len: TIdC_SIZET): TIdC_SIZET cdecl; external CLibCrypto;
-  procedure BUF_reverse(&out: PByte; const in_: PByte; siz: TIdC_SIZET) cdecl; external CLibCrypto;
+  procedure BUF_reverse(out_: PByte; const in_: PByte; siz: TIdC_SIZET) cdecl; external CLibCrypto;
 
 implementation
 
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_cms.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_cms.pas
index adb3be4eb..3689dec01 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_cms.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_cms.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 28.10.2020 15:24:33
+// Generation date: 23.07.2021 14:35:33
 
 unit IdOpenSSLHeaders_cms;
 
@@ -144,9 +144,9 @@ interface
   function d2i_CMS_bio(bp: PBIO; cms: PPCMS_ContentInfo): PCMS_ContentInfo cdecl; external CLibCrypto;
   function i2d_CMS_bio(bp: PBIO; cms: PCMS_ContentInfo): TIdC_INT cdecl; external CLibCrypto;
 
-  function BIO_new_CMS(&out: PBIO; cms: PCMS_ContentInfo): PBIO cdecl; external CLibCrypto;
-  function i2d_CMS_bio_stream(&out: PBIO; cms: PCMS_ContentInfo; in_: PBIO; flags: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
-  function PEM_write_bio_CMS_stream(&out: PBIO; cms: PCMS_ContentInfo; in_: PBIO; flags: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function BIO_new_CMS(out_: PBIO; cms: PCMS_ContentInfo): PBIO cdecl; external CLibCrypto;
+  function i2d_CMS_bio_stream(out_: PBIO; cms: PCMS_ContentInfo; in_: PBIO; flags: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function PEM_write_bio_CMS_stream(out_: PBIO; cms: PCMS_ContentInfo; in_: PBIO; flags: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
   function SMIME_read_CMS(bio: PBIO; bcont: PPBIO): PCMS_ContentInfo cdecl; external CLibCrypto;
   function SMIME_write_CMS(bio: PBIO; cms: PCMS_ContentInfo; data: PBIO; flags: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
 
@@ -157,14 +157,14 @@ interface
 //  function CMS_sign_receipt(si: PCMS_SignerInfo; signcert: PX509; pkey: PEVP_PKEY; {STACK_OF(X509) *certs;} flags: TIdC_UINT): PCMS_ContentInfo;
 
   function CMS_data(cms: PCMS_ContentInfo; out_: PBIO; flags: TIdC_UINT): TIdC_INT cdecl; external CLibCrypto;
-  function CMS_data_create(&in: PBIO; flags: TIdC_UINT): PCMS_ContentInfo cdecl; external CLibCrypto;
+  function CMS_data_create(in_: PBIO; flags: TIdC_UINT): PCMS_ContentInfo cdecl; external CLibCrypto;
 
   function CMS_digest_verify(cms: PCMS_ContentInfo; dcont: PBIO; out_: PBIO; flags: TIdC_UINT): TIdC_INT cdecl; external CLibCrypto;
-  function CMS_digest_create(&in: PBIO; const md: PEVP_MD; flags: TIdC_UINT): PCMS_ContentInfo cdecl; external CLibCrypto;
+  function CMS_digest_create(in_: PBIO; const md: PEVP_MD; flags: TIdC_UINT): PCMS_ContentInfo cdecl; external CLibCrypto;
 
   function CMS_EncryptedData_decrypt(cms: PCMS_ContentInfo; const key: PByte; keylen: TIdC_SIZET; dcont: PBIO; out_: PBIO; flags: TIdC_UINT): TIdC_INT cdecl; external CLibCrypto;
 
-  function CMS_EncryptedData_encrypt(&in: PBIO; const cipher: PEVP_CIPHER; const key: PByte; keylen: TIdC_SIZET; flags: TIdC_UINT): PCMS_ContentInfo cdecl; external CLibCrypto;
+  function CMS_EncryptedData_encrypt(in_: PBIO; const cipher: PEVP_CIPHER; const key: PByte; keylen: TIdC_SIZET; flags: TIdC_UINT): PCMS_ContentInfo cdecl; external CLibCrypto;
 
   function CMS_EncryptedData_set1_key(cms: PCMS_ContentInfo; const ciph: PEVP_CIPHER; const key: PByte; keylen: TIdC_SIZET): TIdC_INT cdecl; external CLibCrypto;
 
@@ -208,7 +208,7 @@ interface
   function CMS_RecipientInfo_encrypt(cms: PCMS_ContentInfo; ri: PCMS_RecipientInfo): TIdC_INT cdecl; external CLibCrypto;
 
   function CMS_uncompress(cms: PCMS_ContentInfo; dcont: PBIO; out_: PBIO; flags: TIdC_UINT): TIdC_INT cdecl; external CLibCrypto;
-  function CMS_compress(&in: PBIO; comp_nid: TIdC_INT; flags: TIdC_UINT): PCMS_ContentInfo cdecl; external CLibCrypto;
+  function CMS_compress(in_: PBIO; comp_nid: TIdC_INT; flags: TIdC_UINT): PCMS_ContentInfo cdecl; external CLibCrypto;
 
   function CMS_set1_eContentType(cms: CMS_ContentInfo; const oit: PASN1_OBJECT): TIdC_INT cdecl; external CLibCrypto;
   function CMS_get0_eContentType(cms: PCMS_ContentInfo): PASN1_OBJECT cdecl; external CLibCrypto;
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_crypto.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_crypto.pas
index 043164913..8f2db9ae7 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_crypto.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_crypto.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 03.11.2020 09:35:30
+// Generation date: 23.07.2021 14:35:33
 
 unit IdOpenSSLHeaders_crypto;
 
@@ -187,7 +187,7 @@ function OPENSSL_secure_actual_size(ptr: Pointer): TIdC_SIZET;
   // # define OPENSSL_MALLOC_MAX_NELEMS(type)  (((1U<<(sizeof(int)*8-1))-1)/sizeof(type))
 
   function OpenSSL_version_num: TIdC_ULONG cdecl; external CLibCrypto;
-  function OpenSSL_version(&type: TIdC_INT): PIdAnsiChar cdecl; external CLibCrypto;
+  function OpenSSL_version(type_: TIdC_INT): PIdAnsiChar cdecl; external CLibCrypto;
 
   function OPENSSL_issetugid: TIdC_INT cdecl; external CLibCrypto;
 
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_dsa.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_dsa.pas
index 8ce1567e6..dce056ee3 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_dsa.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_dsa.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 28.10.2020 15:24:33
+// Generation date: 23.07.2021 14:35:33
 
 unit IdOpenSSLHeaders_dsa;
 
@@ -114,8 +114,8 @@ interface
   function DSA_size(const v1: PDSA): TIdC_INT cdecl; external CLibCrypto;
   function DSA_bits(const d: PDSA): TIdC_INT cdecl; external CLibCrypto;
   function DSA_security_bits(const d: PDSA): TIdC_INT cdecl; external CLibCrypto;
-  function DSA_sign(&type: TIdC_INT; const dgst: PByte; dlen: TIdC_INT; sig: PByte; siglen: PIdC_UINT; dsa: PDSA): TIdC_INT cdecl; external CLibCrypto;
-  function DSA_verify(&type: TIdC_INT; const dgst: PByte; dgst_len: TIdC_INT; const sigbuf: PByte; siglen: TIdC_INT; dsa: PDSA): TIdC_INT cdecl; external CLibCrypto;
+  function DSA_sign(type_: TIdC_INT; const dgst: PByte; dlen: TIdC_INT; sig: PByte; siglen: PIdC_UINT; dsa: PDSA): TIdC_INT cdecl; external CLibCrypto;
+  function DSA_verify(type_: TIdC_INT; const dgst: PByte; dgst_len: TIdC_INT; const sigbuf: PByte; siglen: TIdC_INT; dsa: PDSA): TIdC_INT cdecl; external CLibCrypto;
   //#define DSA_get_ex_new_index(l, p, newf, dupf, freef) \
   //    CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_DSA, l, p, newf, dupf, freef)
   function DSA_set_ex_data(d: PDSA; idx: TIdC_INT; arg: Pointer): TIdC_INT cdecl; external CLibCrypto;
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ec.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ec.pas
index 28f6e8b8c..7aca1c2a5 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ec.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ec.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 29.10.2020 09:34:09
+// Generation date: 23.07.2021 14:35:33
 
 unit IdOpenSSLHeaders_ec;
 
@@ -119,11 +119,11 @@   EC_builtin_curve = record
 
   EC_KEY_METHOD_compute_key_ckey = function(psec: PPByte; pseclen: PIdC_SIZET; const pub_key: PEC_POINT; const ecdh: PEC_KEY): TIdC_INT; cdecl;
 
-  EC_KEY_METHOD_sign_sign = function(&type: TIdC_INT; const dgst: PByte; dlen: TIdC_INT; sig: PByte; siglen: PIdC_UINT; const kinv: PBIGNUM; const r: PBIGNUM; eckey: PEC_KEY): TIdC_INT; cdecl;
+  EC_KEY_METHOD_sign_sign = function(type_: TIdC_INT; const dgst: PByte; dlen: TIdC_INT; sig: PByte; siglen: PIdC_UINT; const kinv: PBIGNUM; const r: PBIGNUM; eckey: PEC_KEY): TIdC_INT; cdecl;
   EC_KEY_METHOD_sign_sign_setup = function(eckey: PEC_KEY; ctx_in: PBN_CTX; kinvp: PPBIGNUM; rp: PPBIGNUM): TIdC_INT; cdecl;
   EC_KEY_METHOD_sign_sign_sig = function(const dgst: PByte; dgst_len: TIdC_INT; const in_kinv: PBIGNUM; const in_r: PBIGNUM; eckey: PEC_KEY): PECDSA_SIG; cdecl;
 
-  EC_KEY_METHOD_verify_verify = function(&type: TIdC_INT; const dgst: PByte; dgst_len: TIdC_INT; const sigbuf: PByte; sig_len: TIdC_INT; eckey: PEC_KEY): TIdC_INT; cdecl;
+  EC_KEY_METHOD_verify_verify = function(type_: TIdC_INT; const dgst: PByte; dgst_len: TIdC_INT; const sigbuf: PByte; sig_len: TIdC_INT; eckey: PEC_KEY): TIdC_INT; cdecl;
   EC_KEY_METHOD_verify_verify_sig = function(const dgst: PByte; dgst_len: TIdC_INT; const sig: PECDSA_SIG; eckey: PEC_KEY): TIdC_INT; cdecl;
 
   PEC_KEY_METHOD_init_init = ^EC_KEY_METHOD_init_init;
@@ -313,8 +313,8 @@   EC_builtin_curve = record
   function EC_KEY_set_method(key: PEC_KEY; const meth: PEC_KEY_METHOD): TIdC_INT cdecl; external CLibCrypto;
   function EC_KEY_new_method(engine: PENGINE): PEC_KEY cdecl; external CLibCrypto;
 
-  function ECDH_KDF_X9_62(&out: PByte; outlen: TIdC_SIZET; const Z: PByte; Zlen: TIdC_SIZET; const sinfo: PByte; sinfolen: TIdC_SIZET; const md: PEVP_MD): TIdC_INT cdecl; external CLibCrypto;
-  function ECDH_compute_key(&out: Pointer; oulen: TIdC_SIZET; const pub_key: PEC_POINT; const ecdh: PEC_KEY; kdf: ECDH_compute_key_KDF): TIdC_INT cdecl; external CLibCrypto;
+  function ECDH_KDF_X9_62(out_: PByte; outlen: TIdC_SIZET; const Z: PByte; Zlen: TIdC_SIZET; const sinfo: PByte; sinfolen: TIdC_SIZET; const md: PEVP_MD): TIdC_INT cdecl; external CLibCrypto;
+  function ECDH_compute_key(out_: Pointer; oulen: TIdC_SIZET; const pub_key: PEC_POINT; const ecdh: PEC_KEY; kdf: ECDH_compute_key_KDF): TIdC_INT cdecl; external CLibCrypto;
 
   function ECDSA_SIG_new: PECDSA_SIG cdecl; external CLibCrypto;
   procedure ECDSA_SIG_free(sig: PECDSA_SIG) cdecl; external CLibCrypto;
@@ -328,9 +328,9 @@   EC_builtin_curve = record
   function ECDSA_do_sign_ex(const dgst: PByte; dgst_len: TIdC_INT; const kinv: PBIGNUM; const rp: PBIGNUM; eckey: PEC_KEY): PECDSA_SIG cdecl; external CLibCrypto;
   function ECDSA_do_verify(const dgst: PByte; dgst_len: TIdC_INT; const sig: PECDSA_SIG; eckey: PEC_KEY): TIdC_INT cdecl; external CLibCrypto;
   function ECDSA_sign_setup(eckey: PEC_KEY; ctx: PBN_CTX; kiv: PPBIGNUM; rp: PPBIGNUM): TIdC_INT cdecl; external CLibCrypto;
-  function ECDSA_sign(&type: TIdC_INT; const dgst: PByte; dgstlen: TIdC_INT; sig: PByte; siglen: PIdC_UINT; eckey: PEC_KEY): TIdC_INT cdecl; external CLibCrypto;
-  function ECDSA_sign_ex(&type: TIdC_INT; const dgst: PByte; dgstlen: TIdC_INT; sig: PByte; siglen: PIdC_UINT; const kinv: PBIGNUM; const rp: PBIGNUM; eckey: PEC_KEY): TIdC_INT cdecl; external CLibCrypto;
-  function ECDSA_verify(&type: TIdC_INT; const dgst: PByte; dgstlen: TIdC_INT; const sig: PByte; siglen: TIdC_INT; eckey: PEC_KEY): TIdC_INT cdecl; external CLibCrypto;
+  function ECDSA_sign(type_: TIdC_INT; const dgst: PByte; dgstlen: TIdC_INT; sig: PByte; siglen: PIdC_UINT; eckey: PEC_KEY): TIdC_INT cdecl; external CLibCrypto;
+  function ECDSA_sign_ex(type_: TIdC_INT; const dgst: PByte; dgstlen: TIdC_INT; sig: PByte; siglen: PIdC_UINT; const kinv: PBIGNUM; const rp: PBIGNUM; eckey: PEC_KEY): TIdC_INT cdecl; external CLibCrypto;
+  function ECDSA_verify(type_: TIdC_INT; const dgst: PByte; dgstlen: TIdC_INT; const sig: PByte; siglen: TIdC_INT; eckey: PEC_KEY): TIdC_INT cdecl; external CLibCrypto;
   function ECDSA_size(const eckey: PEC_KEY): TIdC_INT cdecl; external CLibCrypto;
 
   function EC_KEY_METHOD_new(const meth: PEC_KEY_METHOD): PEC_KEY_METHOD cdecl; external CLibCrypto;
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_evp.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_evp.pas
index c9b27fac2..c2047decb 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_evp.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_evp.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 29.10.2020 07:07:33
+// Generation date: 23.07.2021 14:35:33
 
 unit IdOpenSSLHeaders_evp;
 
@@ -441,20 +441,20 @@   evp_cipher_info_st = record
   pub_decode = function(pk: PEVP_PKEY; pub: PX509_PUBKEY): TIdC_INT; cdecl;
   pub_encode = function(pub: PX509_PUBKEY; const pk: PEVP_PKEY): TIdC_INT; cdecl;
   pub_cmd = function(const a: PEVP_PKEY; const b: PEVP_PKEY): TIdC_INT; cdecl;
-  pub_print = function(&out: PBIO; const pkey: PEVP_PKEY; indent: TIdC_INT; pctx: PASN1_PCTX): TIdC_INT; cdecl;
+  pub_print = function(out_: PBIO; const pkey: PEVP_PKEY; indent: TIdC_INT; pctx: PASN1_PCTX): TIdC_INT; cdecl;
   pkey_size = function(const pk: PEVP_PKEY): TIdC_INT; cdecl;
   pkey_bits = function(const pk: PEVP_PKEY): TIdC_INT; cdecl;
 
   priv_decode = function(pk: PEVP_PKEY; const p8inf: PKCS8_PRIV_KEY_INFO): TIdC_INT; cdecl;
   priv_encode = function(p8: PPKCS8_PRIV_KEY_INFO; const pk: PEVP_PKEY): TIdC_INT; cdecl;
-  priv_print = function(&out: PBIO; const pkea: PEVP_PKEY; indent: TIdC_INT; pctx: PASN1_PCTX): TIdC_INT; cdecl;
+  priv_print = function(out_: PBIO; const pkea: PEVP_PKEY; indent: TIdC_INT; pctx: PASN1_PCTX): TIdC_INT; cdecl;
 
   param_decode = function(pkey: PEVP_PKEY; const pder: PPByte; derlen: TIdC_INT): TIdC_INT; cdecl;
   param_encode = function(const pkey: PEVP_PKEY; pder: PPByte): TIdC_INT; cdecl;
   param_missing = function(const pk: PEVP_PKEY): TIdC_INT; cdecl;
   param_copy = function(&to: PEVP_PKEY; const from: PEVP_PKEY): TIdC_INT; cdecl;
   param_cmp = function(const a: PEVP_PKEY; const b: PEVP_PKEY): TIdC_INT; cdecl;
-  param_print = function(&out: PBIO; const pkey: PEVP_PKEY; indent: TIdC_INT; pctx: PASN1_PCTX): TIdC_INT; cdecl;
+  param_print = function(out_: PBIO; const pkey: PEVP_PKEY; indent: TIdC_INT; pctx: PASN1_PCTX): TIdC_INT; cdecl;
 
   pkey_free = procedure(pkey: PEVP_PKEY); cdecl;
   pkey_ctrl = function(pkey: PEVP_PKEY; op: TIdC_INT; arg1: TIdC_LONG; arg2: Pointer): TIdC_INT; cdecl;
@@ -652,7 +652,7 @@ function EVP_PKEY_assign_POLY1305(pkey: PEVP_PKEY; polykey: Pointer): TIdC_INT;
   function EVP_CIPHER_CTX_buf_noconst(ctx: PEVP_CIPHER_CTX): PByte cdecl; external CLibCrypto;
   function EVP_CIPHER_CTX_num(const ctx: PEVP_CIPHER_CTX): TIdC_INT cdecl; external CLibCrypto;
   procedure EVP_CIPHER_CTX_set_num(ctx: PEVP_CIPHER_CTX; num: TIdC_INT) cdecl; external CLibCrypto;
-  function EVP_CIPHER_CTX_copy(&out: PEVP_CIPHER_CTX; const in_: PEVP_CIPHER_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_CIPHER_CTX_copy(out_: PEVP_CIPHER_CTX; const in_: PEVP_CIPHER_CTX): TIdC_INT cdecl; external CLibCrypto;
   function EVP_CIPHER_CTX_get_app_data(const ctx: PEVP_CIPHER_CTX): Pointer cdecl; external CLibCrypto;
   procedure EVP_CIPHER_CTX_set_app_data(ctx: PEVP_CIPHER_CTX; data: Pointer) cdecl; external CLibCrypto;
   function EVP_CIPHER_CTX_get_cipher_data(const ctx: PEVP_CIPHER_CTX): Pointer cdecl; external CLibCrypto;
@@ -699,7 +699,7 @@ function EVP_PKEY_assign_POLY1305(pkey: PEVP_PKEY; polykey: Pointer): TIdC_INT;
   //# define EVP_MD_CTX_create()     EVP_MD_CTX_new()
   //# define EVP_MD_CTX_init(ctx)    EVP_MD_CTX_reset((ctx))
   //# define EVP_MD_CTX_destroy(ctx) EVP_MD_CTX_free((ctx))
-  function EVP_MD_CTX_copy_ex(&out: PEVP_MD_CTX; const in_: PEVP_MD_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_MD_CTX_copy_ex(out_: PEVP_MD_CTX; const in_: PEVP_MD_CTX): TIdC_INT cdecl; external CLibCrypto;
   procedure EVP_MD_CTX_set_flags(ctx: PEVP_MD_CTX; flags: TIdC_INT) cdecl; external CLibCrypto;
   procedure EVP_MD_CTX_clear_flags(ctx: PEVP_MD_CTX; flags: TIdC_INT) cdecl; external CLibCrypto;
   function EVP_MD_CTX_test_flags(const ctx: PEVP_MD_CTX; flags: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
@@ -708,7 +708,7 @@ function EVP_PKEY_assign_POLY1305(pkey: PEVP_PKEY; polykey: Pointer): TIdC_INT;
   function EVP_DigestFinal_ex(ctx: PEVP_MD_CTX; md: PByte; s: PIdC_UINT): TIdC_INT cdecl; external CLibCrypto;
   function EVP_Digest(const data: Pointer; count: TIdC_SIZET; md: PByte; size: PIdC_UINT; const type_: PEVP_MD; impl: PENGINE): TIdC_INT cdecl; external CLibCrypto;
 
-  function EVP_MD_CTX_copy(&out: PEVP_MD_CTX; const in_: PEVP_MD_CTX): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_MD_CTX_copy(out_: PEVP_MD_CTX; const in_: PEVP_MD_CTX): TIdC_INT cdecl; external CLibCrypto;
   function EVP_DigestInit(ctx: PEVP_MD_CTX; const type_: PEVP_MD): TIdC_INT cdecl; external CLibCrypto;
   function EVP_DigestFinal(ctx: PEVP_MD_CTX; md: PByte; s: PIdC_UINT): TIdC_INT cdecl; external CLibCrypto;
   function EVP_DigestFinalXOF(ctx: PEVP_MD_CTX; md: PByte; len: TIdC_SIZET): TIdC_INT cdecl; external CLibCrypto;
@@ -725,13 +725,13 @@ function EVP_PKEY_assign_POLY1305(pkey: PEVP_PKEY; polykey: Pointer): TIdC_INT;
 
   function EVP_EncryptInit(ctx: PEVP_CIPHER_CTX; const cipher: PEVP_CIPHER; const key: PByte; const iv: PByte): TIdC_INT cdecl; external CLibCrypto;
   function EVP_EncryptInit_ex(ctx: PEVP_CIPHER_CTX; const cipher: PEVP_CIPHER; impl: PENGINE; const key: PByte; const iv: PByte): TIdC_INT cdecl; external CLibCrypto;
-  function EVP_EncryptUpdate(ctx: PEVP_CIPHER_CTX; out_: PByte; out1: PIdC_INT; const in_: PByte; &in1: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_EncryptUpdate(ctx: PEVP_CIPHER_CTX; out_: PByte; out1: PIdC_INT; const in_: PByte; in_1: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
   function EVP_EncryptFinal_ex(ctx: PEVP_CIPHER_CTX; out_: PByte; out1: PIdC_INT): TIdC_INT cdecl; external CLibCrypto;
   function EVP_EncryptFinal(ctx: PEVP_CIPHER_CTX; out_: PByte; out1: PIdC_INT): TIdC_INT cdecl; external CLibCrypto;
 
   function EVP_DecryptInit(ctx: PEVP_CIPHER_CTX; out_: PByte; out1: PidC_INT): TIdC_INT cdecl; external CLibCrypto;
   function EVP_DecryptInit_ex(ctx: PEVP_CIPHER_CTX; const cipher: PEVP_CIPHER; impl: PENGINE; const key: PByte; const iv: PByte): TIdC_INT cdecl; external CLibCrypto;
-  function EVP_DecryptUpdate(ctx: PEVP_CIPHER_CTX; out_: PByte; out1: PIdC_INT; const in_: PByte; &in1: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_DecryptUpdate(ctx: PEVP_CIPHER_CTX; out_: PByte; out1: PIdC_INT; const in_: PByte; in_1: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
   function EVP_DecryptFinal(ctx: PEVP_CIPHER_CTX; outm: PByte; out1: PIdC_INT): TIdC_INT cdecl; external CLibCrypto;
   function EVP_DecryptFinal_ex(ctx: PEVP_MD_CTX; outm: PByte; out1: PIdC_INT): TIdC_INT cdecl; external CLibCrypto;
 
@@ -999,7 +999,7 @@ function EVP_PKEY_assign_POLY1305(pkey: PEVP_PKEY; polykey: Pointer): TIdC_INT;
 
   function EVP_PKEY_decrypt_old(dec_key: PByte; const enc_key: PByte; enc_key_len: TIdC_INT; private_key: PEVP_PKEY): TIdC_INT cdecl; external CLibCrypto;
   function EVP_PKEY_encrypt_old(dec_key: PByte; const enc_key: PByte; key_len: TIdC_INT; pub_key: PEVP_PKEY): TIdC_INT cdecl; external CLibCrypto;
-  function EVP_PKEY_type(&type: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_PKEY_type(type_: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
   function EVP_PKEY_id(const pkey: PEVP_PKEY): TIdC_INT cdecl; external CLibCrypto;
   function EVP_PKEY_base_id(const pkey: PEVP_PKEY): TIdC_INT cdecl; external CLibCrypto;
   function EVP_PKEY_bits(const pkey: PEVP_PKEY): TIdC_INT cdecl; external CLibCrypto;
@@ -1038,10 +1038,10 @@ function EVP_PKEY_assign_POLY1305(pkey: PEVP_PKEY; polykey: Pointer): TIdC_INT;
   function EVP_PKEY_up_ref(pkey: PEVP_PKEY): TIdC_INT cdecl; external CLibCrypto;
   procedure EVP_PKEY_free(pkey: PEVP_PKEY) cdecl; external CLibCrypto;
 
-  function d2i_PublicKey(&type: TIdC_INT; a: PPEVP_PKEY; const pp: PPByte; length: TIdC_LONG): PEVP_PKEY cdecl; external CLibCrypto;
+  function d2i_PublicKey(type_: TIdC_INT; a: PPEVP_PKEY; const pp: PPByte; length: TIdC_LONG): PEVP_PKEY cdecl; external CLibCrypto;
   function i2d_PublicKey(a: PEVP_PKEY; pp: PPByte): TIdC_INT cdecl; external CLibCrypto;
 
-  function d2i_PrivateKey(&type: TIdC_INT; a: PEVP_PKEY; const pp: PPByte; length: TIdC_LONG): PEVP_PKEY cdecl; external CLibCrypto;
+  function d2i_PrivateKey(type_: TIdC_INT; a: PEVP_PKEY; const pp: PPByte; length: TIdC_LONG): PEVP_PKEY cdecl; external CLibCrypto;
   function d2i_AutoPrivateKey(a: PPEVP_PKEY; const pp: PPByte; length: TIdC_LONG): PEVP_PKEY cdecl; external CLibCrypto;
   function i2d_PrivateKey(a: PEVP_PKEY; pp: PPByte): TIdC_INT cdecl; external CLibCrypto;
 
@@ -1052,9 +1052,9 @@ function EVP_PKEY_assign_POLY1305(pkey: PEVP_PKEY; polykey: Pointer): TIdC_INT;
 
   function EVP_PKEY_cmp(const a: PEVP_PKEY; const b: PEVP_PKEY): TIdC_INT cdecl; external CLibCrypto;
 
-  function EVP_PKEY_print_public(&out: PBIO; const pkey: PEVP_PKEY; indent: TIdC_INT; pctx: PASN1_PCTX): TIdC_INT cdecl; external CLibCrypto;
-  function EVP_PKEY_print_private(&out: PBIO; const pkey: PEVP_PKEY; indent: TIdC_INT; pctx: PASN1_PCTX): TIdC_INT cdecl; external CLibCrypto;
-  function EVP_PKEY_print_params(&out: PBIO; const pkey: PEVP_PKEY; indent: TIdC_INT; pctx: PASN1_PCTX): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_PKEY_print_public(out_: PBIO; const pkey: PEVP_PKEY; indent: TIdC_INT; pctx: PASN1_PCTX): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_PKEY_print_private(out_: PBIO; const pkey: PEVP_PKEY; indent: TIdC_INT; pctx: PASN1_PCTX): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_PKEY_print_params(out_: PBIO; const pkey: PEVP_PKEY; indent: TIdC_INT; pctx: PASN1_PCTX): TIdC_INT cdecl; external CLibCrypto;
 
   function EVP_PKEY_get_default_digest_nid(pkey: PEVP_PKEY; pnid: PIdC_INT): TIdC_INT cdecl; external CLibCrypto;
 
@@ -1088,7 +1088,7 @@ function EVP_PKEY_assign_POLY1305(pkey: PEVP_PKEY; polykey: Pointer): TIdC_INT;
   (* PBE type *)
   function EVP_PBE_alg_add_type(pbe_type: TIdC_INT; pbe_nid: TIdC_INT; cipher_nid: TIdC_INT; md_nid: TIdC_INT; keygen: PEVP_PBE_KEYGEN): TIdC_INT cdecl; external CLibCrypto;
   function EVP_PBE_alg_add(nid: TIdC_INT; const cipher: PEVP_CIPHER; const md: PEVP_MD; keygen: PEVP_PBE_KEYGEN): TIdC_INT cdecl; external CLibCrypto;
-  function EVP_PBE_find(&type: TIdC_INT; pbe_nid: TIdC_INT; pcnid: PIdC_INT; pmnid: PIdC_INT; pkeygen: PPEVP_PBE_KEYGEN): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_PBE_find(type_: TIdC_INT; pbe_nid: TIdC_INT; pcnid: PIdC_INT; pmnid: PIdC_INT; pkeygen: PPEVP_PBE_KEYGEN): TIdC_INT cdecl; external CLibCrypto;
   procedure EVP_PBE_cleanup cdecl; external CLibCrypto;
   function EVP_PBE_get(ptype: PIdC_INT; ppbe_nid: PIdC_INT; num: TIdC_SIZET): TIdC_INT cdecl; external CLibCrypto;
 
@@ -1128,7 +1128,7 @@ function EVP_PKEY_assign_POLY1305(pkey: PEVP_PKEY; polykey: Pointer): TIdC_INT;
 
   procedure EVP_PKEY_asn1_set_security_bits(ameth: PEVP_PKEY_ASN1_METHOD; APkey_security_bits: pkey_security_bits) cdecl; external CLibCrypto;
 
-  function EVP_PKEY_meth_find(&type: TIdC_INT): PEVP_PKEY_METHOD cdecl; external CLibCrypto;
+  function EVP_PKEY_meth_find(type_: TIdC_INT): PEVP_PKEY_METHOD cdecl; external CLibCrypto;
   function EVP_PKEY_meth_new(id: TIdC_INT; flags: TIdC_INT): PEVP_PKEY_METHOD cdecl; external CLibCrypto;
   procedure EVP_PKEY_meth_get0_info(ppkey_id: PIdC_INT; pflags: PIdC_INT; const meth: PEVP_PKEY_METHOD) cdecl; external CLibCrypto;
   procedure EVP_PKEY_meth_copy(dst: PEVP_PKEY_METHOD; const src: PEVP_PKEY_METHOD) cdecl; external CLibCrypto;
@@ -1155,9 +1155,9 @@ function EVP_PKEY_assign_POLY1305(pkey: PEVP_PKEY; polykey: Pointer): TIdC_INT;
   function EVP_PKEY_CTX_get_operation(ctx: PEVP_PKEY_CTX): TIdC_INT cdecl; external CLibCrypto;
   procedure EVP_PKEY_CTX_set0_keygen_info(ctx: PEVP_PKEY_CTX; dat: PIdC_INT; datlen: TIdC_INT) cdecl; external CLibCrypto;
 
-  function EVP_PKEY_new_mac_key(&type: TIdC_INT; e: PENGINE; const key: PByte; keylen: TIdC_INT): PEVP_PKEY cdecl; external CLibCrypto;
-  function EVP_PKEY_new_raw_private_key(&type: TIdC_INT; e: PENGINE; const priv: PByte; len: TIdC_SIZET): PEVP_PKEY cdecl; external CLibCrypto;
-  function EVP_PKEY_new_raw_public_key(&type: TIdC_INT; e: PENGINE; const pub: PByte; len: TIdC_SIZET): PEVP_PKEY cdecl; external CLibCrypto;
+  function EVP_PKEY_new_mac_key(type_: TIdC_INT; e: PENGINE; const key: PByte; keylen: TIdC_INT): PEVP_PKEY cdecl; external CLibCrypto;
+  function EVP_PKEY_new_raw_private_key(type_: TIdC_INT; e: PENGINE; const priv: PByte; len: TIdC_SIZET): PEVP_PKEY cdecl; external CLibCrypto;
+  function EVP_PKEY_new_raw_public_key(type_: TIdC_INT; e: PENGINE; const pub: PByte; len: TIdC_SIZET): PEVP_PKEY cdecl; external CLibCrypto;
   function EVP_PKEY_get_raw_private_key(const pkey: PEVP_PKEY; priv: PByte; len: PIdC_SIZET): TIdC_INT cdecl; external CLibCrypto;
   function EVP_PKEY_get_raw_public_key(const pkey: PEVP_PKEY; pub: PByte; len: PIdC_SIZET): TIdC_INT cdecl; external CLibCrypto;
 
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_idea.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_idea.pas
index 0a3b70616..46fe7a127 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_idea.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_idea.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 28.10.2020 15:24:33
+// Generation date: 23.07.2021 14:35:33
 
 unit IdOpenSSLHeaders_idea;
 
@@ -69,7 +69,7 @@   idea_key_st = record
   procedure IDEA_cbc_encrypt(const in_: PByte; out_: PByte; length: TIdC_LONG; ks: PIDEA_KEY_SCHEDULE; iv: PByte; enc: TIdC_INT) cdecl; external CLibCrypto;
   procedure IDEA_cfb64_encrypt(const in_: PByte; out_: PByte; length: TIdC_LONG; ks: PIDEA_KEY_SCHEDULE; iv: PByte; num: PIdC_INT; enc: TIdC_INT) cdecl; external CLibCrypto;
   procedure IDEA_ofb64_encrypt(const in_: PByte; out_: PByte; length: TIdC_LONG; ks: PIDEA_KEY_SCHEDULE; iv: PByte; num: PIdC_INT) cdecl; external CLibCrypto;
-  procedure IDEA_encrypt(&in: PIdC_LONG; ks: PIDEA_KEY_SCHEDULE) cdecl; external CLibCrypto;
+  procedure IDEA_encrypt(in_: PIdC_LONG; ks: PIDEA_KEY_SCHEDULE) cdecl; external CLibCrypto;
 
 implementation
 
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_objects.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_objects.pas
index 805b005c4..ee3b46b86 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_objects.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_objects.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 28.10.2020 15:24:33
+// Generation date: 23.07.2021 14:35:33
 
 unit IdOpenSSLHeaders_objects;
 
@@ -64,7 +64,7 @@   obj_name_st = record
   function OBJ_NAME_get(const name: PIdAnsiChar; type_: TIdC_INT): PIdAnsiChar cdecl; external CLibCrypto;
   function OBJ_NAME_add(const name: PIdAnsiChar; type_: TIdC_INT; const data: PIdAnsiChar): TIdC_INT cdecl; external CLibCrypto;
   function OBJ_NAME_remove(const name: PIdAnsiChar; type_: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
-  procedure OBJ_NAME_cleanup(&type: TIdC_INT) cdecl; external CLibCrypto;
+  procedure OBJ_NAME_cleanup(type_: TIdC_INT) cdecl; external CLibCrypto;
 //  void OBJ_NAME_do_all(TIdC_INT type_; void (*fn) (const OBJ_NAME *; void *arg);
 //                       void *arg);
 //  void OBJ_NAME_do_all_sorted(TIdC_INT type_;
@@ -171,7 +171,7 @@   obj_name_st = record
   function OBJ_new_nid(num: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
   function OBJ_add_object(const obj: PASN1_OBJECT): TIdC_INT cdecl; external CLibCrypto;
   function OBJ_create(const oid: PIdAnsiChar; const sn: PIdAnsiChar; const ln: PIdAnsiChar): TIdC_INT cdecl; external CLibCrypto;
-  function OBJ_create_objects(&in: PBIO): TIdC_INT cdecl; external CLibCrypto;
+  function OBJ_create_objects(in_: PBIO): TIdC_INT cdecl; external CLibCrypto;
 
   function OBJ_length(const obj: PASN1_OBJECT): TIdC_SIZET cdecl; external CLibCrypto;
   function OBJ_get0_data(const obj: PASN1_OBJECT): PByte cdecl; external CLibCrypto;
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_pem.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_pem.pas
index 57df45c2c..bde39f664 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_pem.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_pem.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 28.10.2020 15:24:33
+// Generation date: 23.07.2021 14:35:33
 
 unit IdOpenSSLHeaders_pem;
 
@@ -200,12 +200,12 @@ interface
 
   function b2i_PrivateKey(const in_: PPByte; length: TIdC_LONG): PEVP_PKEY cdecl; external CLibCrypto;
   function b2i_PublicKey(const in_: PPByte; length: TIdC_LONG): PEVP_PKEY cdecl; external CLibCrypto;
-  function b2i_PrivateKey_bio(&in: PBIO): PEVP_PKEY cdecl; external CLibCrypto;
-  function b2i_PublicKey_bio(&in: PBIO): PEVP_PKEY cdecl; external CLibCrypto;
-  function i2b_PrivateKey_bio(&out: PBIO; pk: PEVP_PKEY): TIdC_INT cdecl; external CLibCrypto;
-  function i2b_PublicKey_bio(&out: PBIO; pk: PEVP_PKEY): TIdC_INT cdecl; external CLibCrypto;
-  function b2i_PVK_bio(&in: PBIO; cb: pem_password_cb; u: Pointer): PEVP_PKEY cdecl; external CLibCrypto;
-  function i2b_PVK_bio(&out: PBIO; pk: PEVP_PKEY; enclevel: TIdC_INT; cb: pem_password_cb; u: Pointer): TIdC_INT cdecl; external CLibCrypto;
+  function b2i_PrivateKey_bio(in_: PBIO): PEVP_PKEY cdecl; external CLibCrypto;
+  function b2i_PublicKey_bio(in_: PBIO): PEVP_PKEY cdecl; external CLibCrypto;
+  function i2b_PrivateKey_bio(out_: PBIO; pk: PEVP_PKEY): TIdC_INT cdecl; external CLibCrypto;
+  function i2b_PublicKey_bio(out_: PBIO; pk: PEVP_PKEY): TIdC_INT cdecl; external CLibCrypto;
+  function b2i_PVK_bio(in_: PBIO; cb: pem_password_cb; u: Pointer): PEVP_PKEY cdecl; external CLibCrypto;
+  function i2b_PVK_bio(out_: PBIO; pk: PEVP_PKEY; enclevel: TIdC_INT; cb: pem_password_cb; u: Pointer): TIdC_INT cdecl; external CLibCrypto;
 
 implementation
 
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_pkcs7.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_pkcs7.pas
index f187faa46..407df83a4 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_pkcs7.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_pkcs7.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 28.10.2020 15:24:33
+// Generation date: 23.07.2021 14:35:33
 
 unit IdOpenSSLHeaders_pkcs7;
 
@@ -220,8 +220,8 @@   pkcs7_digest_st = record
   function PKCS7_dup(p7: PPKCS7): PPKCS7 cdecl; external CLibCrypto;
   function d2i_PKCS7_bio(bp: PBIO; p7: PPPKCS7): PPKCS7 cdecl; external CLibCrypto;
   function i2d_PKCS7_bio(bp: PBIO; p7: PPKCS7): TIdC_INT cdecl; external CLibCrypto;
-  function i2d_PKCS7_bio_stream(&out: PBIO; p7: PPKCS7; in_: PBIO; flags: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
-  function PEM_write_bio_PKCS7_stream(&out: PBIO; p7: PPKCS7; in_: PBIO; flags: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function i2d_PKCS7_bio_stream(out_: PBIO; p7: PPKCS7; in_: PBIO; flags: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function PEM_write_bio_PKCS7_stream(out_: PBIO; p7: PPKCS7; in_: PBIO; flags: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
 
 //  function PKCS7_SIGNER_INFO_new: PPKCS7_SIGNER_INFO;
 //  procedure PKCS7_SIGNER_INFO_free(a: PPKCS7_SIGNER_INFO);
@@ -282,7 +282,7 @@   pkcs7_digest_st = record
 //  function PKCS7_ATTR_VERIFY_it: PASN1_ITEM;
 //
 //  function i2d_PKCS7_NDEF(const a: PPKCS7; out_: PPByte): TIdC_INT;
-//  function PKCS7_print_ctx(&out: PBIO; const x: PPKCS7; indent: TIdC_INT; const pctx: PASN1_PCTX): TIdC_INT;
+//  function PKCS7_print_ctx(out_: PBIO; const x: PPKCS7; indent: TIdC_INT; const pctx: PASN1_PCTX): TIdC_INT;
 
   function PKCS7_ctrl(p7: PPKCS7; cmd: TIdC_INT; larg: TIdC_LONG; parg: PIdAnsiChar): TIdC_LONG cdecl; external CLibCrypto;
 
@@ -345,7 +345,7 @@   pkcs7_digest_st = record
   function SMIME_write_PKCS7(bio: PBIO; p7: PPKCS7; data: PBIO; flags: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
   function SMIME_read_PKCS7(bio: PBIO; bcont: PPBIO): PPKCS7 cdecl; external CLibCrypto;
 
-  function BIO_new_PKCS7(&out: PBIO; p7: PPKCS7): PBIO cdecl; external CLibCrypto;
+  function BIO_new_PKCS7(out_: PBIO; p7: PPKCS7): PBIO cdecl; external CLibCrypto;
 
 implementation
 
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_rsa.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_rsa.pas
index 7cd6a571c..e419772ab 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_rsa.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_rsa.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 28.10.2020 15:24:33
+// Generation date: 23.07.2021 14:35:33
 
 unit IdOpenSSLHeaders_rsa;
 
@@ -180,7 +180,7 @@   rsa_oaep_params_st = record
 
   RSA_meth_set_finish_finish = function(rsa: PRSA): TIdC_INT; cdecl;
 
-  RSA_meth_set_sign_sign = function(&type: TIdC_INT; const m: PByte;
+  RSA_meth_set_sign_sign = function(type_: TIdC_INT; const m: PByte;
     m_length: TIdC_UINT; sigret: PByte; siglen: PIdC_UINT; const rsa: PRSA): TIdC_INT; cdecl;
 
   RSA_meth_set_verify_verify = function(dtype: TIdC_INT; const m: PByte;
@@ -329,15 +329,15 @@   rsa_oaep_params_st = record
    * The following 2 functions sign and verify a X509_SIG ASN1 object inside
    * PKCS#1 padded RSA encryption
    *)
-  function RSA_sign(&type: TIdC_INT; const m: PByte; m_length: TIdC_UINT; sigret: PByte; siglen: PIdC_UINT; rsa: PRSA): TIdC_INT cdecl; external CLibCrypto;
-  function RSA_verify(&type: TIdC_INT; const m: PByte; m_length: TIdC_UINT; const sigbuf: PByte; siglen: TIdC_UINT; rsa: PRSA): TIdC_INT cdecl; external CLibCrypto;
+  function RSA_sign(type_: TIdC_INT; const m: PByte; m_length: TIdC_UINT; sigret: PByte; siglen: PIdC_UINT; rsa: PRSA): TIdC_INT cdecl; external CLibCrypto;
+  function RSA_verify(type_: TIdC_INT; const m: PByte; m_length: TIdC_UINT; const sigbuf: PByte; siglen: TIdC_UINT; rsa: PRSA): TIdC_INT cdecl; external CLibCrypto;
 
   (*
    * The following 2 function sign and verify a ASN1_OCTET_STRING object inside
    * PKCS#1 padded RSA encryption
    *)
-  function RSA_sign_ASN1_OCTET_STRING(&type: TIdC_INT; const m: PByte; m_length: TIdC_UINT; sigret: PByte; siglen: PIdC_UINT; rsa: PRSA): TIdC_INT cdecl; external CLibCrypto;
-  function RSA_verify_ASN1_OCTET_STRING(&type: TIdC_INT; const m: PByte; m_length: TIdC_UINT; sigbuf: PByte; siglen: TIdC_UINT; rsa: PRSA): TIdC_INT cdecl; external CLibCrypto;
+  function RSA_sign_ASN1_OCTET_STRING(type_: TIdC_INT; const m: PByte; m_length: TIdC_UINT; sigret: PByte; siglen: PIdC_UINT; rsa: PRSA): TIdC_INT cdecl; external CLibCrypto;
+  function RSA_verify_ASN1_OCTET_STRING(type_: TIdC_INT; const m: PByte; m_length: TIdC_UINT; sigbuf: PByte; siglen: TIdC_UINT; rsa: PRSA): TIdC_INT cdecl; external CLibCrypto;
 
   function RSA_blinding_on(rsa: PRSA; ctx: PBN_CTX): TIdC_INT cdecl; external CLibCrypto;
   procedure RSA_blinding_off(rsa: PRSA) cdecl; external CLibCrypto;
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ssl.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ssl.pas
index 77e38af75..fa32eecbe 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ssl.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ssl.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 29.10.2020 07:09:32
+// Generation date: 23.07.2021 14:35:33
 
 unit IdOpenSSLHeaders_ssl;
 
@@ -1603,7 +1603,7 @@ function SSL_get_max_proto_version(s: PSSL): TIdC_LONG;
   function SSL_SESSION_print_keylog(bp: PBIO; const x: PSSL_SESSION): TIdC_INT cdecl; external CLibSSL;
   function SSL_SESSION_up_ref(ses: PSSL_SESSION): TIdC_INT cdecl; external CLibSSL;
   procedure SSL_SESSION_free(ses: PSSL_SESSION) cdecl; external CLibSSL;
-  //__owur TIdC_INT i2d_SSL_SESSION(SSL_SESSION *&in, Byte **pp);
+  //__owur TIdC_INT i2d_SSL_SESSION(SSL_SESSION *in_, Byte **pp);
   function SSL_set_session(&to: PSSL; session: PSSL_SESSION): TIdC_INT cdecl; external CLibSSL;
   function SSL_CTX_add_session(ctx: PSSL_CTX; session: PSSL_SESSION): TIdC_INT cdecl; external CLibSSL;
   function SSL_CTX_remove_session(ctx: PSSL_CTX; session: PSSL_SESSION): TIdC_INT cdecl; external CLibSSL;
@@ -2013,13 +2013,13 @@ function SSL_get_max_proto_version(s: PSSL): TIdC_LONG;
   //        ((void) SSL_CTX_set_validation_callback((ctx), NULL, NULL))
 
   ///*
-  // * The validation type enumerates the available behaviours of the built-&in SSL
+  // * The validation type enumerates the available behaviours of the built-in SSL
   // * CT validation callback selected via SSL_enable_ct() and SSL_CTX_enable_ct().
   // * The underlying callback is a static function in_ libssl.
   // */
 
   ///*
-  // * Enable CT by setting up a callback that implements one of the built-&in
+  // * Enable CT by setting up a callback that implements one of the built-in
   // * validation variants.  The SSL_CT_VALIDATION_PERMISSIVE variant always
   // * continues the handshake, the application can make appropriate decisions at
   // * handshake completion.  The SSL_CT_VALIDATION_STRICT variant requires at
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_txt_db.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_txt_db.pas
index 6636eaf6c..3f95d0389 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_txt_db.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_txt_db.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 28.10.2020 15:24:33
+// Generation date: 23.07.2021 14:35:33
 
 unit IdOpenSSLHeaders_txt_db;
 
@@ -75,8 +75,8 @@   txt_db_st = record
 
   TXT_DB_create_index_qual = function(v1: POPENSSL_STRING): TIdC_INT;
 
-  function TXT_DB_read(&in: PBIO; num: TIdC_INT): PTXT_DB cdecl; external CLibCrypto;
-  function TXT_DB_write(&out: PBIO; db: PTXT_DB): TIdC_LONG cdecl; external CLibCrypto;
+  function TXT_DB_read(in_: PBIO; num: TIdC_INT): PTXT_DB cdecl; external CLibCrypto;
+  function TXT_DB_write(out_: PBIO; db: PTXT_DB): TIdC_LONG cdecl; external CLibCrypto;
   //function TXT_DB_create_index(db: PTXT_DB; field: TIdC_INT; qual: TXT_DB_create_index_qual; hash: OPENSSL_LH_HashFunc; cmp: OPENSSL_LH_COMPFUNC): TIdC_INT;
   procedure TXT_DB_free(db: PTXT_DB) cdecl; external CLibCrypto;
   function TXT_DB_get_by_index(db: PTXT_DB; idx: TIdC_INT; value: POPENSSL_STRING): POPENSSL_STRING cdecl; external CLibCrypto;
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_x509.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_x509.pas
index deaba5cc5..ae5b61030 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_x509.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_x509.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 28.10.2020 15:24:33
+// Generation date: 23.07.2021 14:35:33
 
 unit IdOpenSSLHeaders_x509;
 
@@ -375,7 +375,7 @@   SCRYPT_PARAMS_st = record
   function NETSCAPE_SPKI_get_pubkey(x: PNETSCAPE_SPKI): PEVP_PKEY cdecl; external CLibCrypto;
   function NETSCAPE_SPKI_set_pubkey(x: PNETSCAPE_SPKI; pkey: PEVP_PKEY): TIdC_INT cdecl; external CLibCrypto;
 
-  function NETSCAPE_SPKI_print(&out: PBIO; spki: PNETSCAPE_SPKI): TIdC_INT cdecl; external CLibCrypto;
+  function NETSCAPE_SPKI_print(out_: PBIO; spki: PNETSCAPE_SPKI): TIdC_INT cdecl; external CLibCrypto;
 
   function X509_signature_dump(bp: PBIO; const sig: PASN1_STRING; indent: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
   function X509_signature_print(bp: PBIO; const alg: PX509_ALGOR; const sig: PASN1_STRING): TIdC_INT cdecl; external CLibCrypto;
@@ -776,7 +776,7 @@   SCRYPT_PARAMS_st = record
 
   function X509_CRL_cmp(const a: PX509_CRL; const b: PX509_CRL): TIdC_INT cdecl; external CLibCrypto;
   function X509_CRL_match(const a: PX509_CRL; const b: PX509_CRL): TIdC_INT cdecl; external CLibCrypto;
-  function X509_aux_print(&out: PBIO; x: PX509; indent: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function X509_aux_print(out_: PBIO; x: PX509; indent: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
   //# ifndef OPENSSL_NO_STDIO
   //TIdC_INT X509_print_ex_fp(FILE *bp, X509 *x, unsigned TIdC_LONG nmflag,
   //                     unsigned TIdC_LONG cflag);
@@ -788,11 +788,11 @@   SCRYPT_PARAMS_st = record
   //# endif
 
   function X509_NAME_print(bp: PBIO; const name: PX509_NAME; obase: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
-  function X509_NAME_print_ex(&out: PBIO; const nm: PX509_NAME; indent: TIdC_INT; flags: TIdC_ULONG): TIdC_INT cdecl; external CLibCrypto;
+  function X509_NAME_print_ex(out_: PBIO; const nm: PX509_NAME; indent: TIdC_INT; flags: TIdC_ULONG): TIdC_INT cdecl; external CLibCrypto;
   function X509_print_ex(bp: PBIO; x: PX509; nmflag: TIdC_ULONG; cflag: TIdC_ULONG): TIdC_INT cdecl; external CLibCrypto;
   function X509_print(bp: PBIO; x: PX509): TIdC_INT cdecl; external CLibCrypto;
   function X509_ocspid_print(bp: PBIO; x: PX509): TIdC_INT cdecl; external CLibCrypto;
-  function X509_CRL_print_ex(&out: PBIO; x: PX509_CRL; nmflag: TIdC_ULONG): TIdC_INT cdecl; external CLibCrypto;
+  function X509_CRL_print_ex(out_: PBIO; x: PX509_CRL; nmflag: TIdC_ULONG): TIdC_INT cdecl; external CLibCrypto;
   function X509_CRL_print(bp: PBIO; x: PX509_CRL): TIdC_INT cdecl; external CLibCrypto;
   function X509_REQ_print_ex(bp: PBIO; x: PX509_REQ; nmflag: TIdC_ULONG; cflag: TIdC_ULONG): TIdC_INT cdecl; external CLibCrypto;
   function X509_REQ_print(bp: PBIO; req: PX509_REQ): TIdC_INT cdecl; external CLibCrypto;
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_x509v3.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_x509v3.pas
index 96ee0fb56..fe6d592fa 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_x509v3.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_x509v3.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 28.10.2020 15:24:33
+// Generation date: 23.07.2021 14:35:33
 
 unit IdOpenSSLHeaders_x509v3;
 
@@ -691,7 +691,7 @@ //  IPAddressFamily_st = record
   //function s2i_ASN1_IA5STRING(method: PX509V3_EXT_METHOD; ctx: PX509V3_CTX; const str: PIdAnsiChar): PASN1_IA5STRING;
 
 //  STACK_OF(CONF_VALUE) *i2v_GENERAL_NAME(method: PX509V3_EXT_METHOD; gen: PGENERAL_NAME; STACK_OF(CONF_VALUE) *ret);
-  function GENERAL_NAME_print(&out: PBIO; gen: PGENERAL_NAME): TIdC_INT cdecl; external CLibCrypto;
+  function GENERAL_NAME_print(out_: PBIO; gen: PGENERAL_NAME): TIdC_INT cdecl; external CLibCrypto;
 
 //  DECLARE_ASN1_FUNCTIONS(GENERAL_NAMES)
 
@@ -746,10 +746,10 @@ //  IPAddressFamily_st = record
 //  DECLARE_ASN1_ALLOC_FUNCTIONS(POLICY_CONSTRAINTS)
 //  DECLARE_ASN1_ITEM(POLICY_CONSTRAINTS)
 
-  //function a2i_GENERAL_NAME(&out: PGENERAL_NAME; const method: PX509V3_EXT_METHOD; ctx: PX509V3_CTX; TIdC_INT gen_type; const value: PIdAnsiChar; is_nc: TIdC_INT): GENERAL_NAME;
+  //function a2i_GENERAL_NAME(out_: PGENERAL_NAME; const method: PX509V3_EXT_METHOD; ctx: PX509V3_CTX; TIdC_INT gen_type; const value: PIdAnsiChar; is_nc: TIdC_INT): GENERAL_NAME;
 
   //function v2i_GENERAL_NAME(const method: PX509V3_EXT_METHOD; ctx: PX509V3_CTX; cnf: PCONF_VALUE): PGENERAL_NAME;
-  //function v2i_GENERAL_NAME_ex(&out: PGENERAL_NAME; const method: PX509V3_EXT_METHOD; ctx: PX509V3_CTX; cnf: PCONF_VALUE; is_nc: TIdC_INT): PGENERAL_NAME;
+  //function v2i_GENERAL_NAME_ex(out_: PGENERAL_NAME; const method: PX509V3_EXT_METHOD; ctx: PX509V3_CTX; cnf: PCONF_VALUE; is_nc: TIdC_INT): PGENERAL_NAME;
   //procedure X509V3_conf_free(val: PCONF_VALUE);
 
   function X509V3_EXT_nconf_nid(conf: PCONF; ctx: PX509V3_CTX; ext_nid: TIdC_INT; const value: PIdAnsiChar): PX509_EXTENSION cdecl; external CLibCrypto;
@@ -805,9 +805,9 @@ //  IPAddressFamily_st = record
   function X509V3_EXT_i2d(ext_nid: TIdC_INT; crit: TIdC_INT; ext_struc: Pointer): PX509_EXTENSION cdecl; external CLibCrypto;
 //  TIdC_INT X509V3_add1_i2d(STACK_OF(X509_EXTENSION) **x; nid: TIdC_INT; value: Pointer; crit: TIdC_INT; TIdC_ULONG flags);
 
-//  void X509V3_EXT_val_prn(&out: PBIO; STACK_OF(CONF_VALUE) *val; indent: TIdC_INT; TIdC_INT ml);
-  function X509V3_EXT_print(&out: PBIO; ext: PX509_EXTENSION; flag: TIdC_ULONG; indent: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
-//  TIdC_INT X509V3_extensions_print(&out: PBIO; const PIdAnsiChar *title; const STACK_OF(X509_EXTENSION) *exts; flag: TIdC_ULONG; indent: TIdC_INT);
+//  void X509V3_EXT_val_prn(out_: PBIO; STACK_OF(CONF_VALUE) *val; indent: TIdC_INT; TIdC_INT ml);
+  function X509V3_EXT_print(out_: PBIO; ext: PX509_EXTENSION; flag: TIdC_ULONG; indent: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+//  TIdC_INT X509V3_extensions_print(out_: PBIO; const PIdAnsiChar *title; const STACK_OF(X509_EXTENSION) *exts; flag: TIdC_ULONG; indent: TIdC_INT);
 
   function X509_check_ca(x: PX509): TIdC_INT cdecl; external CLibCrypto;
   function X509_check_purpose(x: PX509; id: TIdC_INT; ca: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
@@ -852,7 +852,7 @@ //  IPAddressFamily_st = record
   function a2i_IPADDRESS_NC(const ipasc: PIdAnsiChar): PASN1_OCTET_STRING cdecl; external CLibCrypto;
 //  TIdC_INT X509V3_NAME_from_section(X509_NAME *nm; STACK_OF(CONF_VALUE) *dn_sk; TIdC_ULONG chtype);
 
-  procedure X509_POLICY_NODE_print(&out: PBIO; node: PX509_POLICY_NODE; indent: TIdC_INT) cdecl; external CLibCrypto;
+  procedure X509_POLICY_NODE_print(out_: PBIO; node: PX509_POLICY_NODE; indent: TIdC_INT) cdecl; external CLibCrypto;
 //  DEFINE_STACK_OF(X509_POLICY_NODE)
 
   (*

From 90d7e99e9ea2adf42b71684be918c7fbdfc80aa2 Mon Sep 17 00:00:00 2001
From: "Fabian S. Biehn" <fbiehn@aagon.com>
Date: Fri, 23 Jul 2021 14:45:08 +0200
Subject: [PATCH 34/64] Improved excpetion message for shutdown errors

---
 Lib/Protocols/OpenSSL/IdOpenSSLExceptionResourcestrings.pas | 2 +-
 Lib/Protocols/OpenSSL/IdOpenSSLSocket.pas                   | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/Lib/Protocols/OpenSSL/IdOpenSSLExceptionResourcestrings.pas b/Lib/Protocols/OpenSSL/IdOpenSSLExceptionResourcestrings.pas
index 0aa2b2f6e..1de40a617 100644
--- a/Lib/Protocols/OpenSSL/IdOpenSSLExceptionResourcestrings.pas
+++ b/Lib/Protocols/OpenSSL/IdOpenSSLExceptionResourcestrings.pas
@@ -38,7 +38,7 @@ interface
   RIdOpenSSLSetVerifyLocationError = 'The processing at one of the locations specified failed.';
   RIdOpenSSLNewSSLCtxError = 'The creation of a new SSL_CTX object failed.';
   RIdOpenSSLNewSSLError = 'The creation of a new SSL structure failed.';
-  RIdOpenSSLShutdownError = 'Failed to shutdown with result reason code %d.';
+  RIdOpenSSLShutdownError = 'Failed to shutdown the TLS connection.';
 
 implementation
 
diff --git a/Lib/Protocols/OpenSSL/IdOpenSSLSocket.pas b/Lib/Protocols/OpenSSL/IdOpenSSLSocket.pas
index 8e2c474c5..807dbe43a 100644
--- a/Lib/Protocols/OpenSSL/IdOpenSSLSocket.pas
+++ b/Lib/Protocols/OpenSSL/IdOpenSSLSocket.pas
@@ -93,7 +93,7 @@ procedure TIdOpenSSLSocket.Close;
     begin
       LSSLErrorCode := SSL_get_error(FSSL, LReturnCode);
       if LSSLErrorCode <> SSL_ERROR_ZERO_RETURN then
-        EIdOpenSSLShutdownError.RaiseFmt(RIdOpenSSLShutdownError, [LSSLErrorCode]);
+        raise EIdOpenSSLShutdownError.Create(FSSL, LReturnCode, RIdOpenSSLShutdownError);
     end;
   end
   else

From 0aaee2044ae2ad7da2001595daf64e09c984393a Mon Sep 17 00:00:00 2001
From: "Fabian S. Biehn" <fbiehn@aagon.com>
Date: Fri, 23 Jul 2021 14:45:42 +0200
Subject: [PATCH 35/64] Fixed multiple `Load` / `Unload` calls

---
 Lib/Protocols/OpenSSL/IdOpenSSLLoader.pas | 7 ++-----
 1 file changed, 2 insertions(+), 5 deletions(-)

diff --git a/Lib/Protocols/OpenSSL/IdOpenSSLLoader.pas b/Lib/Protocols/OpenSSL/IdOpenSSLLoader.pas
index 0d854f421..e2c840196 100644
--- a/Lib/Protocols/OpenSSL/IdOpenSSLLoader.pas
+++ b/Lib/Protocols/OpenSSL/IdOpenSSLLoader.pas
@@ -167,7 +167,7 @@ function TOpenSSLLoader.Load: Boolean;
   Result := True;
   FLoadCount.Lock();
   try
-    if FLoadCount.Value <= 0 then
+    if FLoadCount.Increment() = 0 then
     begin
       {$IFDEF MSWINDOWS}
       FLibCrypto := SafeLoadLibrary(FOpenSSLPath + CLibCrypto, SEM_FAILCRITICALERRORS);
@@ -180,8 +180,6 @@ function TOpenSSLLoader.Load: Boolean;
       if not Result then
         Exit;
 
-      FLoadCount.Value := 1;
-
       IdOpenSSLHeaders_aes.Load(FLibCrypto, FFailed);
       IdOpenSSLHeaders_asn1.Load(FLibCrypto, FFailed);
       IdOpenSSLHeaders_asn1err.Load(FLibCrypto, FFailed);
@@ -266,8 +264,7 @@ procedure TOpenSSLLoader.Unload;
 begin                            //FI:C101
   FLoadCount.Lock();
   try
-    FLoadCount.Decrement();
-    if FLoadCount.Value = 0 then
+    if FLoadCount.Decrement() = 1 then
     begin
       IdOpenSSLHeaders_aes.Unload();
       IdOpenSSLHeaders_asn1.Unload();

From 08b9cf9216715bfb740c737b1044cefe492a2702 Mon Sep 17 00:00:00 2001
From: "Fabian S. Biehn" <fbiehn@aagon.com>
Date: Fri, 23 Jul 2021 14:49:59 +0200
Subject: [PATCH 36/64] Resolved c macro for ASN1_INTEGER functions

---
 .../IntermediateCode/IdOpenSSLHeaders_asn1.pas     | 14 +++++++++++++-
 .../OpenSSL/dynamic/IdOpenSSLHeaders_asn1.pas      | 14 +++++++++++++-
 .../OpenSSL/static/IdOpenSSLHeaders_asn1.pas       | 14 +++++++++++++-
 3 files changed, 39 insertions(+), 3 deletions(-)

diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_asn1.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_asn1.pas
index 395b84fa7..6f2ff1c37 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_asn1.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_asn1.pas
@@ -459,6 +459,14 @@   BIT_STRING_BITNAME_st = record
   BIT_STRING_BITNAME = BIT_STRING_BITNAME_st;
   PBIT_STRING_BITNAME = ^BIT_STRING_BITNAME;
 
+//DECLARE_ASN1_FUNCTIONS(type) -->
+//        type *name##_new(void); \
+//        void name##_free(type *a);
+//        type *d2i_##name(type **a, const unsigned char **in, long len); \
+//        int i2d_##name(type *a, unsigned char **out); \
+//#  define DECLARE_ASN1_ITEM(name) \
+//        OPENSSL_EXTERN const ASN1_ITEM name##_it;
+
 var
 // DECLARE_ASN1_FUNCTIONS_fname(ASN1_TYPE, ASN1_ANY, ASN1_TYPE)
   function ASN1_TYPE_get(const a: PASN1_TYPE): TIdC_INT;
@@ -507,7 +515,11 @@   BIT_STRING_BITNAME_st = record
   function ASN1_BIT_STRING_num_asc(const name: PIdAnsiChar; tbl: PBIT_STRING_BITNAME): TIdC_INT;
   function ASN1_BIT_STRING_set_asc(bs: PASN1_BIT_STRING; const name: PIdAnsiChar; value: TIdC_INT; tbl: PBIT_STRING_BITNAME): TIdC_INT;
 
-  //DECLARE_ASN1_FUNCTIONS(ASN1_INTEGER)
+  function ASN1_INTEGER_new: PASN1_INTEGER;
+  procedure ASN1_INTEGER_free(a: PASN1_INTEGER);
+  function d2i_ASN1_INTEGER(a: PPASN1_INTEGER; const in_: PPByte; len: TIdC_Long): PASN1_INTEGER;
+  function i2d_ASN1_INTEGER(a: PASN1_INTEGER; out_: PPByte): TIdC_Int;
+
   function d2i_ASN1_UINTEGER(a: PPASN1_INTEGER; const pp: PPByte; length: TIdC_LONG): PASN1_INTEGER;
   function ASN1_INTEGER_dup(const x: PASN1_INTEGER): PASN1_INTEGER;
   function ASN1_INTEGER_cmp(const x: PASN1_INTEGER; const y: PASN1_INTEGER): TIdC_INT;
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_asn1.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_asn1.pas
index 1a290ef36..9de1dd2ae 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_asn1.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_asn1.pas
@@ -466,6 +466,14 @@   BIT_STRING_BITNAME_st = record
   BIT_STRING_BITNAME = BIT_STRING_BITNAME_st;
   PBIT_STRING_BITNAME = ^BIT_STRING_BITNAME;
 
+//DECLARE_ASN1_FUNCTIONS(type) -->
+//        type *name##_new(void); \
+//        void name##_free(type *a);
+//        type *d2i_##name(type **a, const unsigned char **in, long len); \
+//        int i2d_##name(type *a, unsigned char **out); \
+//#  define DECLARE_ASN1_ITEM(name) \
+//        OPENSSL_EXTERN const ASN1_ITEM name##_it;
+
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 procedure UnLoad;
 
@@ -517,7 +525,11 @@ procedure UnLoad;
   ASN1_BIT_STRING_num_asc: function(const name: PIdAnsiChar; tbl: PBIT_STRING_BITNAME): TIdC_INT cdecl = nil;
   ASN1_BIT_STRING_set_asc: function(bs: PASN1_BIT_STRING; const name: PIdAnsiChar; value: TIdC_INT; tbl: PBIT_STRING_BITNAME): TIdC_INT cdecl = nil;
 
-  //DECLARE_ASN1_FUNCTIONS(ASN1_INTEGER)
+  ASN1_INTEGER_new: function: PASN1_INTEGER cdecl = nil;
+  ASN1_INTEGER_free: procedure(a: PASN1_INTEGER) cdecl = nil;
+  d2i_ASN1_INTEGER: function(a: PPASN1_INTEGER; const in_: PPByte; len: TIdC_Long): PASN1_INTEGER cdecl = nil;
+  i2d_ASN1_INTEGER: function(a: PASN1_INTEGER; out_: PPByte): TIdC_Int cdecl = nil;
+
   d2i_ASN1_UINTEGER: function(a: PPASN1_INTEGER; const pp: PPByte; length: TIdC_LONG): PASN1_INTEGER cdecl = nil;
   ASN1_INTEGER_dup: function(const x: PASN1_INTEGER): PASN1_INTEGER cdecl = nil;
   ASN1_INTEGER_cmp: function(const x: PASN1_INTEGER; const y: PASN1_INTEGER): TIdC_INT cdecl = nil;
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_asn1.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_asn1.pas
index 3d4a23420..f883550b9 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_asn1.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_asn1.pas
@@ -465,6 +465,14 @@   BIT_STRING_BITNAME_st = record
   BIT_STRING_BITNAME = BIT_STRING_BITNAME_st;
   PBIT_STRING_BITNAME = ^BIT_STRING_BITNAME;
 
+//DECLARE_ASN1_FUNCTIONS(type) -->
+//        type *name##_new(void); \
+//        void name##_free(type *a);
+//        type *d2i_##name(type **a, const unsigned char **in, long len); \
+//        int i2d_##name(type *a, unsigned char **out); \
+//#  define DECLARE_ASN1_ITEM(name) \
+//        OPENSSL_EXTERN const ASN1_ITEM name##_it;
+
 // DECLARE_ASN1_FUNCTIONS_fname(ASN1_TYPE, ASN1_ANY, ASN1_TYPE)
   function ASN1_TYPE_get(const a: PASN1_TYPE): TIdC_INT cdecl; external CLibCrypto;
   procedure ASN1_TYPE_set(a: PASN1_TYPE; type_: TIdC_INT; value: Pointer) cdecl; external CLibCrypto;
@@ -512,7 +520,11 @@   BIT_STRING_BITNAME_st = record
   function ASN1_BIT_STRING_num_asc(const name: PIdAnsiChar; tbl: PBIT_STRING_BITNAME): TIdC_INT cdecl; external CLibCrypto;
   function ASN1_BIT_STRING_set_asc(bs: PASN1_BIT_STRING; const name: PIdAnsiChar; value: TIdC_INT; tbl: PBIT_STRING_BITNAME): TIdC_INT cdecl; external CLibCrypto;
 
-  //DECLARE_ASN1_FUNCTIONS(ASN1_INTEGER)
+  function ASN1_INTEGER_new: PASN1_INTEGER cdecl; external CLibCrypto;
+  procedure ASN1_INTEGER_free(a: PASN1_INTEGER) cdecl; external CLibCrypto;
+  function d2i_ASN1_INTEGER(a: PPASN1_INTEGER; const in_: PPByte; len: TIdC_Long): PASN1_INTEGER cdecl; external CLibCrypto;
+  function i2d_ASN1_INTEGER(a: PASN1_INTEGER; out_: PPByte): TIdC_Int cdecl; external CLibCrypto;
+
   function d2i_ASN1_UINTEGER(a: PPASN1_INTEGER; const pp: PPByte; length: TIdC_LONG): PASN1_INTEGER cdecl; external CLibCrypto;
   function ASN1_INTEGER_dup(const x: PASN1_INTEGER): PASN1_INTEGER cdecl; external CLibCrypto;
   function ASN1_INTEGER_cmp(const x: PASN1_INTEGER; const y: PASN1_INTEGER): TIdC_INT cdecl; external CLibCrypto;

From 0cb24d78e2dfb3eedb64139591d89540db6a318c Mon Sep 17 00:00:00 2001
From: "Fabian S. Biehn" <fbiehn@aagon.com>
Date: Fri, 23 Jul 2021 15:02:58 +0200
Subject: [PATCH 37/64] Fixed wrong parameter definitin in bn

---
 .../OpenSSL/IntermediateCode/IdOpenSSLHeaders_bn.pas      | 6 +++---
 Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_bn.pas     | 8 ++++----
 Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_bn.pas      | 8 ++++----
 3 files changed, 11 insertions(+), 11 deletions(-)

diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_bn.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_bn.pas
index fc587ce4c..9735ac21a 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_bn.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_bn.pas
@@ -275,9 +275,9 @@ interface
   function BN_clear_bit(a: PBIGNUM; n: TIdC_INT): TIdC_INT;
   function BN_bn2hex(a: PBIGNUM): PIdAnsiChar;
   function BN_bn2dec(a: PBIGNUM): PIdAnsiChar;
-  function BN_hex2bn(a: PBIGNUM; str: PIdAnsiChar): TIdC_INT;
-  function BN_dec2bn(a: PBIGNUM; str: PIdAnsiChar): TIdC_INT;
-  function BN_asc2bn(a: PBIGNUM; str: PIdAnsiChar): TIdC_INT;
+  function BN_hex2bn(a: PPBIGNUM; str: PIdAnsiChar): TIdC_INT;
+  function BN_dec2bn(a: PPBIGNUM; str: PIdAnsiChar): TIdC_INT;
+  function BN_asc2bn(a: PPBIGNUM; str: PIdAnsiChar): TIdC_INT;
   function BN_gcd(r: PBIGNUM; a: PBIGNUM; b: PBIGNUM; ctx: PBN_CTX): TIdC_INT;
   function BN_kronecker(a: PBIGNUM; b: PBIGNUM; ctx: PBN_CTX): TIdC_INT;
 
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_bn.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_bn.pas
index 07998dd19..fce79a34f 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_bn.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_bn.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 23.07.2021 14:40:17
+// Generation date: 23.07.2021 15:01:42
 
 unit IdOpenSSLHeaders_bn;
 
@@ -285,9 +285,9 @@ procedure UnLoad;
   BN_clear_bit: function(a: PBIGNUM; n: TIdC_INT): TIdC_INT cdecl = nil;
   BN_bn2hex: function(a: PBIGNUM): PIdAnsiChar cdecl = nil;
   BN_bn2dec: function(a: PBIGNUM): PIdAnsiChar cdecl = nil;
-  BN_hex2bn: function(a: PBIGNUM; str: PIdAnsiChar): TIdC_INT cdecl = nil;
-  BN_dec2bn: function(a: PBIGNUM; str: PIdAnsiChar): TIdC_INT cdecl = nil;
-  BN_asc2bn: function(a: PBIGNUM; str: PIdAnsiChar): TIdC_INT cdecl = nil;
+  BN_hex2bn: function(a: PPBIGNUM; str: PIdAnsiChar): TIdC_INT cdecl = nil;
+  BN_dec2bn: function(a: PPBIGNUM; str: PIdAnsiChar): TIdC_INT cdecl = nil;
+  BN_asc2bn: function(a: PPBIGNUM; str: PIdAnsiChar): TIdC_INT cdecl = nil;
   BN_gcd: function(r: PBIGNUM; a: PBIGNUM; b: PBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl = nil;
   BN_kronecker: function(a: PBIGNUM; b: PBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl = nil;
 
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_bn.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_bn.pas
index cee78e8d7..c9c90acbd 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_bn.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_bn.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 23.07.2021 14:35:33
+// Generation date: 23.07.2021 15:01:39
 
 unit IdOpenSSLHeaders_bn;
 
@@ -280,9 +280,9 @@ interface
   function BN_clear_bit(a: PBIGNUM; n: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
   function BN_bn2hex(a: PBIGNUM): PIdAnsiChar cdecl; external CLibCrypto;
   function BN_bn2dec(a: PBIGNUM): PIdAnsiChar cdecl; external CLibCrypto;
-  function BN_hex2bn(a: PBIGNUM; str: PIdAnsiChar): TIdC_INT cdecl; external CLibCrypto;
-  function BN_dec2bn(a: PBIGNUM; str: PIdAnsiChar): TIdC_INT cdecl; external CLibCrypto;
-  function BN_asc2bn(a: PBIGNUM; str: PIdAnsiChar): TIdC_INT cdecl; external CLibCrypto;
+  function BN_hex2bn(a: PPBIGNUM; str: PIdAnsiChar): TIdC_INT cdecl; external CLibCrypto;
+  function BN_dec2bn(a: PPBIGNUM; str: PIdAnsiChar): TIdC_INT cdecl; external CLibCrypto;
+  function BN_asc2bn(a: PPBIGNUM; str: PIdAnsiChar): TIdC_INT cdecl; external CLibCrypto;
   function BN_gcd(r: PBIGNUM; a: PBIGNUM; b: PBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl; external CLibCrypto;
   function BN_kronecker(a: PBIGNUM; b: PBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl; external CLibCrypto;
 

From 91a9da3dfd4666b9cdb27338ac5cb42a3d714dac Mon Sep 17 00:00:00 2001
From: "Fabian S. Biehn" <fbiehn@aagon.com>
Date: Mon, 26 Jul 2021 11:37:10 +0200
Subject: [PATCH 38/64] Resolved c macro for ASN1_Time functions

---
 .../IntermediateCode/IdOpenSSLHeaders_asn1.pas   |  6 +++++-
 .../IdOpenSSLHeaders_ossl_typ.pas                |  1 +
 .../OpenSSL/dynamic/IdOpenSSLHeaders_asn1.pas    | 16 ++++++++++++++--
 .../dynamic/IdOpenSSLHeaders_ossl_typ.pas        |  3 ++-
 .../OpenSSL/static/IdOpenSSLHeaders_asn1.pas     |  8 ++++++--
 .../OpenSSL/static/IdOpenSSLHeaders_ossl_typ.pas |  3 ++-
 6 files changed, 30 insertions(+), 7 deletions(-)

diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_asn1.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_asn1.pas
index 6f2ff1c37..11714f4da 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_asn1.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_asn1.pas
@@ -563,7 +563,11 @@   BIT_STRING_BITNAME_st = record
   //DECLARE_ASN1_FUNCTIONS(ASN1_GENERALSTRING)
   //DECLARE_ASN1_FUNCTIONS(ASN1_UTCTIME)
   //DECLARE_ASN1_FUNCTIONS(ASN1_GENERALIZEDTIME)
-  //DECLARE_ASN1_FUNCTIONS(ASN1_TIME)
+
+  function ASN1_TIME_new: PASN1_TIME;
+  procedure ASN1_TIME_free(a: PASN1_TIME);
+  function d2i_ASN1_TIME(a: PPASN1_TIME; const in_: PPByte; len: TIdC_LONG): PASN1_TIME;
+  function i2d_ASN1_TIME(a: PASN1_TIME; out_: PPByte): TIdC_INT;
 
   // DECLARE_ASN1_ITEM(ASN1_OCTET_STRING_NDEF)
 
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ossl_typ.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ossl_typ.pas
index 147074d48..210397b50 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ossl_typ.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ossl_typ.pas
@@ -104,6 +104,7 @@   asn1_string_st = record
 
   ASN1_TIME = type asn1_string_st;
   PASN1_TIME = ^ASN1_TIME;
+  PPASN1_TIME = ^PASN1_TIME;
 
   ASN1_GENERALIZEDTIME = type asn1_string_st;
   PASN1_GENERALIZEDTIME = ^ASN1_GENERALIZEDTIME;
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_asn1.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_asn1.pas
index 9de1dd2ae..6754fbdef 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_asn1.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_asn1.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 23.07.2021 14:40:17
+// Generation date: 26.07.2021 11:35:34
 
 unit IdOpenSSLHeaders_asn1;
 
@@ -573,7 +573,11 @@ procedure UnLoad;
   //DECLARE_ASN1_FUNCTIONS(ASN1_GENERALSTRING)
   //DECLARE_ASN1_FUNCTIONS(ASN1_UTCTIME)
   //DECLARE_ASN1_FUNCTIONS(ASN1_GENERALIZEDTIME)
-  //DECLARE_ASN1_FUNCTIONS(ASN1_TIME)
+
+  ASN1_TIME_new: function: PASN1_TIME cdecl = nil;
+  ASN1_TIME_free: procedure(a: PASN1_TIME) cdecl = nil;
+  d2i_ASN1_TIME: function(a: PPASN1_TIME; const in_: PPByte; len: TIdC_LONG): PASN1_TIME cdecl = nil;
+  i2d_ASN1_TIME: function(a: PASN1_TIME; out_: PPByte): TIdC_INT cdecl = nil;
 
   // DECLARE_ASN1_ITEM(ASN1_OCTET_STRING_NDEF)
 
@@ -857,6 +861,10 @@ procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
   ASN1_OCTET_STRING_set := LoadFunction('ASN1_OCTET_STRING_set', AFailed);
   UTF8_getc := LoadFunction('UTF8_getc', AFailed);
   UTF8_putc := LoadFunction('UTF8_putc', AFailed);
+  ASN1_TIME_new := LoadFunction('ASN1_TIME_new', AFailed);
+  ASN1_TIME_free := LoadFunction('ASN1_TIME_free', AFailed);
+  d2i_ASN1_TIME := LoadFunction('d2i_ASN1_TIME', AFailed);
+  i2d_ASN1_TIME := LoadFunction('i2d_ASN1_TIME', AFailed);
   ASN1_TIME_set := LoadFunction('ASN1_TIME_set', AFailed);
   ASN1_TIME_adj := LoadFunction('ASN1_TIME_adj', AFailed);
   ASN1_TIME_check := LoadFunction('ASN1_TIME_check', AFailed);
@@ -1024,6 +1032,10 @@ procedure UnLoad;
   ASN1_OCTET_STRING_set := nil;
   UTF8_getc := nil;
   UTF8_putc := nil;
+  ASN1_TIME_new := nil;
+  ASN1_TIME_free := nil;
+  d2i_ASN1_TIME := nil;
+  i2d_ASN1_TIME := nil;
   ASN1_TIME_set := nil;
   ASN1_TIME_adj := nil;
   ASN1_TIME_check := nil;
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ossl_typ.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ossl_typ.pas
index a6d56b1a2..408b7a654 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ossl_typ.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ossl_typ.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 28.10.2020 15:24:13
+// Generation date: 26.07.2021 11:39:49
 
 unit IdOpenSSLHeaders_ossl_typ;
 
@@ -110,6 +110,7 @@   asn1_string_st = record
 
   ASN1_TIME = type asn1_string_st;
   PASN1_TIME = ^ASN1_TIME;
+  PPASN1_TIME = ^PASN1_TIME;
 
   ASN1_GENERALIZEDTIME = type asn1_string_st;
   PASN1_GENERALIZEDTIME = ^ASN1_GENERALIZEDTIME;
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_asn1.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_asn1.pas
index f883550b9..5e6b64c97 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_asn1.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_asn1.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 23.07.2021 14:35:33
+// Generation date: 26.07.2021 11:35:36
 
 unit IdOpenSSLHeaders_asn1;
 
@@ -568,7 +568,11 @@   BIT_STRING_BITNAME_st = record
   //DECLARE_ASN1_FUNCTIONS(ASN1_GENERALSTRING)
   //DECLARE_ASN1_FUNCTIONS(ASN1_UTCTIME)
   //DECLARE_ASN1_FUNCTIONS(ASN1_GENERALIZEDTIME)
-  //DECLARE_ASN1_FUNCTIONS(ASN1_TIME)
+
+  function ASN1_TIME_new: PASN1_TIME cdecl; external CLibCrypto;
+  procedure ASN1_TIME_free(a: PASN1_TIME) cdecl; external CLibCrypto;
+  function d2i_ASN1_TIME(a: PPASN1_TIME; const in_: PPByte; len: TIdC_LONG): PASN1_TIME cdecl; external CLibCrypto;
+  function i2d_ASN1_TIME(a: PASN1_TIME; out_: PPByte): TIdC_INT cdecl; external CLibCrypto;
 
   // DECLARE_ASN1_ITEM(ASN1_OCTET_STRING_NDEF)
 
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ossl_typ.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ossl_typ.pas
index 27cc39f7e..218ff5ebb 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ossl_typ.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ossl_typ.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 28.10.2020 15:24:33
+// Generation date: 26.07.2021 11:39:47
 
 unit IdOpenSSLHeaders_ossl_typ;
 
@@ -110,6 +110,7 @@   asn1_string_st = record
 
   ASN1_TIME = type asn1_string_st;
   PASN1_TIME = ^ASN1_TIME;
+  PPASN1_TIME = ^PASN1_TIME;
 
   ASN1_GENERALIZEDTIME = type asn1_string_st;
   PASN1_GENERALIZEDTIME = ^ASN1_GENERALIZEDTIME;

From aaa20443e83bafa171158db63ac9feeb304ba6c9 Mon Sep 17 00:00:00 2001
From: "Fabian S. Biehn" <fbiehn@aagon.com>
Date: Wed, 28 Jul 2021 14:40:47 +0200
Subject: [PATCH 39/64] Resolved c macro for ASN1_UTCTIME &
 ASN1_GENERALIZEDTIME functions

---
 .../IdOpenSSLHeaders_asn1.pas                 | 12 ++++++--
 .../IdOpenSSLHeaders_ossl_typ.pas             |  1 +
 .../OpenSSL/dynamic/IdOpenSSLHeaders_asn1.pas | 30 +++++++++++++++++--
 .../dynamic/IdOpenSSLHeaders_ossl_typ.pas     |  3 +-
 .../OpenSSL/static/IdOpenSSLHeaders_asn1.pas  | 14 +++++++--
 .../static/IdOpenSSLHeaders_ossl_typ.pas      |  3 +-
 6 files changed, 53 insertions(+), 10 deletions(-)

diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_asn1.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_asn1.pas
index 11714f4da..dfa10a45a 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_asn1.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_asn1.pas
@@ -561,8 +561,16 @@   BIT_STRING_BITNAME_st = record
   //DECLARE_ASN1_FUNCTIONS(ASN1_T61STRING)
   //DECLARE_ASN1_FUNCTIONS(ASN1_IA5STRING)
   //DECLARE_ASN1_FUNCTIONS(ASN1_GENERALSTRING)
-  //DECLARE_ASN1_FUNCTIONS(ASN1_UTCTIME)
-  //DECLARE_ASN1_FUNCTIONS(ASN1_GENERALIZEDTIME)
+
+  function ASN1_UTCTIME_new: PASN1_UTCTIME;
+  procedure ASN1_UTCTIME_free(a: PASN1_UTCTIME);
+  function d2i_ASN1_UTCTIME(a: PPASN1_UTCTIME; const in_: PPByte; len: TIdC_LONG): PASN1_UTCTIME;
+  function i2d_ASN1_UTCTIME(a: PASN1_UTCTIME; out_: PPByte): TIdC_INT;
+
+  function ASN1_GENERALIZEDTIME_new: PASN1_GENERALIZEDTIME;
+  procedure ASN1_GENERALIZEDTIME_free(a: PASN1_GENERALIZEDTIME);
+  function d2i_ASN1_GENERALIZEDTIME(a: PPASN1_GENERALIZEDTIME; const in_: PPByte; len: TIdC_LONG): PASN1_GENERALIZEDTIME;
+  function i2d_ASN1_GENERALIZEDTIME(a: PASN1_GENERALIZEDTIME; out_: PPByte): TIdC_INT;
 
   function ASN1_TIME_new: PASN1_TIME;
   procedure ASN1_TIME_free(a: PASN1_TIME);
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ossl_typ.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ossl_typ.pas
index 210397b50..e436ff2cc 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ossl_typ.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ossl_typ.pas
@@ -101,6 +101,7 @@   asn1_string_st = record
 
   ASN1_UTCTIME = type asn1_string_st;
   PASN1_UTCTIME = ^ASN1_UTCTIME;
+  PPASN1_UTCTIME = ^PASN1_UTCTIME;
 
   ASN1_TIME = type asn1_string_st;
   PASN1_TIME = ^ASN1_TIME;
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_asn1.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_asn1.pas
index 6754fbdef..d21532e74 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_asn1.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_asn1.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 26.07.2021 11:35:34
+// Generation date: 28.07.2021 14:11:11
 
 unit IdOpenSSLHeaders_asn1;
 
@@ -571,8 +571,16 @@ procedure UnLoad;
   //DECLARE_ASN1_FUNCTIONS(ASN1_T61STRING)
   //DECLARE_ASN1_FUNCTIONS(ASN1_IA5STRING)
   //DECLARE_ASN1_FUNCTIONS(ASN1_GENERALSTRING)
-  //DECLARE_ASN1_FUNCTIONS(ASN1_UTCTIME)
-  //DECLARE_ASN1_FUNCTIONS(ASN1_GENERALIZEDTIME)
+
+  ASN1_UTCTIME_new: function: PASN1_UTCTIME cdecl = nil;
+  ASN1_UTCTIME_free: procedure(a: PASN1_UTCTIME) cdecl = nil;
+  d2i_ASN1_UTCTIME: function(a: PPASN1_UTCTIME; const in_: PPByte; len: TIdC_LONG): PASN1_UTCTIME cdecl = nil;
+  i2d_ASN1_UTCTIME: function(a: PASN1_UTCTIME; out_: PPByte): TIdC_INT cdecl = nil;
+
+  ASN1_GENERALIZEDTIME_new: function: PASN1_GENERALIZEDTIME cdecl = nil;
+  ASN1_GENERALIZEDTIME_free: procedure(a: PASN1_GENERALIZEDTIME) cdecl = nil;
+  d2i_ASN1_GENERALIZEDTIME: function(a: PPASN1_GENERALIZEDTIME; const in_: PPByte; len: TIdC_LONG): PASN1_GENERALIZEDTIME cdecl = nil;
+  i2d_ASN1_GENERALIZEDTIME: function(a: PASN1_GENERALIZEDTIME; out_: PPByte): TIdC_INT cdecl = nil;
 
   ASN1_TIME_new: function: PASN1_TIME cdecl = nil;
   ASN1_TIME_free: procedure(a: PASN1_TIME) cdecl = nil;
@@ -861,6 +869,14 @@ procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
   ASN1_OCTET_STRING_set := LoadFunction('ASN1_OCTET_STRING_set', AFailed);
   UTF8_getc := LoadFunction('UTF8_getc', AFailed);
   UTF8_putc := LoadFunction('UTF8_putc', AFailed);
+  ASN1_UTCTIME_new := LoadFunction('ASN1_UTCTIME_new', AFailed);
+  ASN1_UTCTIME_free := LoadFunction('ASN1_UTCTIME_free', AFailed);
+  d2i_ASN1_UTCTIME := LoadFunction('d2i_ASN1_UTCTIME', AFailed);
+  i2d_ASN1_UTCTIME := LoadFunction('i2d_ASN1_UTCTIME', AFailed);
+  ASN1_GENERALIZEDTIME_new := LoadFunction('ASN1_GENERALIZEDTIME_new', AFailed);
+  ASN1_GENERALIZEDTIME_free := LoadFunction('ASN1_GENERALIZEDTIME_free', AFailed);
+  d2i_ASN1_GENERALIZEDTIME := LoadFunction('d2i_ASN1_GENERALIZEDTIME', AFailed);
+  i2d_ASN1_GENERALIZEDTIME := LoadFunction('i2d_ASN1_GENERALIZEDTIME', AFailed);
   ASN1_TIME_new := LoadFunction('ASN1_TIME_new', AFailed);
   ASN1_TIME_free := LoadFunction('ASN1_TIME_free', AFailed);
   d2i_ASN1_TIME := LoadFunction('d2i_ASN1_TIME', AFailed);
@@ -1032,6 +1048,14 @@ procedure UnLoad;
   ASN1_OCTET_STRING_set := nil;
   UTF8_getc := nil;
   UTF8_putc := nil;
+  ASN1_UTCTIME_new := nil;
+  ASN1_UTCTIME_free := nil;
+  d2i_ASN1_UTCTIME := nil;
+  i2d_ASN1_UTCTIME := nil;
+  ASN1_GENERALIZEDTIME_new := nil;
+  ASN1_GENERALIZEDTIME_free := nil;
+  d2i_ASN1_GENERALIZEDTIME := nil;
+  i2d_ASN1_GENERALIZEDTIME := nil;
   ASN1_TIME_new := nil;
   ASN1_TIME_free := nil;
   d2i_ASN1_TIME := nil;
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ossl_typ.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ossl_typ.pas
index 408b7a654..01c3164f5 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ossl_typ.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ossl_typ.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 26.07.2021 11:39:49
+// Generation date: 28.07.2021 14:11:12
 
 unit IdOpenSSLHeaders_ossl_typ;
 
@@ -107,6 +107,7 @@   asn1_string_st = record
 
   ASN1_UTCTIME = type asn1_string_st;
   PASN1_UTCTIME = ^ASN1_UTCTIME;
+  PPASN1_UTCTIME = ^PASN1_UTCTIME;
 
   ASN1_TIME = type asn1_string_st;
   PASN1_TIME = ^ASN1_TIME;
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_asn1.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_asn1.pas
index 5e6b64c97..889198038 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_asn1.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_asn1.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 26.07.2021 11:35:36
+// Generation date: 28.07.2021 14:11:10
 
 unit IdOpenSSLHeaders_asn1;
 
@@ -566,8 +566,16 @@   BIT_STRING_BITNAME_st = record
   //DECLARE_ASN1_FUNCTIONS(ASN1_T61STRING)
   //DECLARE_ASN1_FUNCTIONS(ASN1_IA5STRING)
   //DECLARE_ASN1_FUNCTIONS(ASN1_GENERALSTRING)
-  //DECLARE_ASN1_FUNCTIONS(ASN1_UTCTIME)
-  //DECLARE_ASN1_FUNCTIONS(ASN1_GENERALIZEDTIME)
+
+  function ASN1_UTCTIME_new: PASN1_UTCTIME cdecl; external CLibCrypto;
+  procedure ASN1_UTCTIME_free(a: PASN1_UTCTIME) cdecl; external CLibCrypto;
+  function d2i_ASN1_UTCTIME(a: PPASN1_UTCTIME; const in_: PPByte; len: TIdC_LONG): PASN1_UTCTIME cdecl; external CLibCrypto;
+  function i2d_ASN1_UTCTIME(a: PASN1_UTCTIME; out_: PPByte): TIdC_INT cdecl; external CLibCrypto;
+
+  function ASN1_GENERALIZEDTIME_new: PASN1_GENERALIZEDTIME cdecl; external CLibCrypto;
+  procedure ASN1_GENERALIZEDTIME_free(a: PASN1_GENERALIZEDTIME) cdecl; external CLibCrypto;
+  function d2i_ASN1_GENERALIZEDTIME(a: PPASN1_GENERALIZEDTIME; const in_: PPByte; len: TIdC_LONG): PASN1_GENERALIZEDTIME cdecl; external CLibCrypto;
+  function i2d_ASN1_GENERALIZEDTIME(a: PASN1_GENERALIZEDTIME; out_: PPByte): TIdC_INT cdecl; external CLibCrypto;
 
   function ASN1_TIME_new: PASN1_TIME cdecl; external CLibCrypto;
   procedure ASN1_TIME_free(a: PASN1_TIME) cdecl; external CLibCrypto;
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ossl_typ.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ossl_typ.pas
index 218ff5ebb..2178e1fb9 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ossl_typ.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ossl_typ.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 26.07.2021 11:39:47
+// Generation date: 28.07.2021 14:11:10
 
 unit IdOpenSSLHeaders_ossl_typ;
 
@@ -107,6 +107,7 @@   asn1_string_st = record
 
   ASN1_UTCTIME = type asn1_string_st;
   PASN1_UTCTIME = ^ASN1_UTCTIME;
+  PPASN1_UTCTIME = ^PASN1_UTCTIME;
 
   ASN1_TIME = type asn1_string_st;
   PASN1_TIME = ^ASN1_TIME;

From e6e6ef7a0200e4cf2decbd1c7c53c5e6ebdec384 Mon Sep 17 00:00:00 2001
From: "Fabian S. Biehn" <fbiehn@aagon.com>
Date: Wed, 28 Jul 2021 14:42:07 +0200
Subject: [PATCH 40/64] Resolved c macro for BIO_get/set_mem functions

---
 .../IntermediateCode/IdOpenSSLHeaders_bio.pas | 36 ++++++++++++++----
 .../OpenSSL/dynamic/IdOpenSSLHeaders_bio.pas  | 38 +++++++++++++++----
 .../OpenSSL/static/IdOpenSSLHeaders_bio.pas   | 38 +++++++++++++++----
 3 files changed, 89 insertions(+), 23 deletions(-)

diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_bio.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_bio.pas
index 55155145f..dbaeeea9a 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_bio.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_bio.pas
@@ -336,6 +336,11 @@ function BIO_do_connect(b: PBIO): TIdC_LONG;
 function BIO_do_accept(b: PBIO): TIdC_LONG;
 function BIO_do_handshake(b: PBIO): TIdC_LONG;
 
+function BIO_get_mem_data(b: PBIO; pp: PIdAnsiChar) : TIdC_INT;
+function BIO_set_mem_buf(b: PBIO; bm: PIdAnsiChar; c: TIdC_INT): TIdC_INT;
+function BIO_get_mem_ptr(b: PBIO; pp: PIdAnsiChar): TIdC_INT;
+function BIO_set_mem_eof_return(b: PBIO; v: TIdC_INT): TIdC_INT;
+
 var
   function BIO_get_new_index: TIdC_INT;
   procedure BIO_set_flags(b: PBIO; flags: TIdC_INT);
@@ -458,13 +463,6 @@ function BIO_do_handshake(b: PBIO): TIdC_LONG;
 //  (* defined in evp.h *)
 //  (* #define BIO_set_md(b,md)     BIO_ctrl(b,BIO_C_SET_MD,1,(char )(md)) *)
 //
-//  {$HPPEMIT '# define BIO_get_mem_data(b,pp)  BIO_ctrl(b,BIO_CTRL_INFO,0,(char (pp))'}
-//  {$HPPEMIT '# define BIO_set_mem_buf(b,bm,c) BIO_ctrl(b,BIO_C_SET_BUF_MEM,c,(char (bm))'}
-//  {$HPPEMIT '# define BIO_get_mem_ptr(b,pp)   BIO_ctrl(b,BIO_C_GET_BUF_MEM_PTR,0,'}
-//                                            (char (pp))
-//  {$HPPEMIT '# define BIO_set_mem_eof_return(b,v)'}
-//                                  BIO_ctrl(b,BIO_C_SET_BUF_MEM_EOF_RETURN,v,0)
-//
 //  (* For the BIO_f_buffer() type *)
 //  {$HPPEMIT '# define BIO_get_buffer_num_lines(b)     BIO_ctrl(b,BIO_C_GET_BUFF_NUM_LINES,0,NULL)'}
 //  {$HPPEMIT '# define BIO_set_buffer_size(b,size)     BIO_ctrl(b,BIO_C_SET_BUFF_SIZE,size,NULL)'}
@@ -803,5 +801,29 @@ function BIO_do_handshake(b: PBIO): TIdC_LONG;
   Result := BIO_ctrl(b, BIO_C_DO_STATE_MACHINE, 0, nil);
 end;
 
+//# define BIO_get_mem_data(b,pp)  BIO_ctrl(b,BIO_CTRL_INFO,0,(char (pp))
+function BIO_get_mem_data(b: PBIO; pp: PIdAnsiChar) : TIdC_INT;
+begin
+  Result := BIO_ctrl(b, BIO_CTRL_INFO, 0, pp);
+end;
+
+//# define BIO_set_mem_buf(b,bm,c) BIO_ctrl(b,BIO_C_SET_BUF_MEM,c,(char (bm))
+function BIO_set_mem_buf(b: PBIO; bm: PIdAnsiChar; c: TIdC_INT): TIdC_INT;
+begin
+  Result := BIO_ctrl(b, BIO_C_SET_BUF_MEM, c, bm);
+end;
+
+//# define BIO_get_mem_ptr(b,pp)   BIO_ctrl(b,BIO_C_GET_BUF_MEM_PTR,0,(char (pp))
+function BIO_get_mem_ptr(b: PBIO; pp: PIdAnsiChar): TIdC_INT;
+begin
+  Result := BIO_ctrl(b, BIO_C_GET_BUF_MEM_PTR, 0, pp);
+end;
+
+//# define BIO_set_mem_eof_return(b,v) BIO_ctrl(b,BIO_C_SET_BUF_MEM_EOF_RETURN,v,0)
+function BIO_set_mem_eof_return(b: PBIO; v: TIdC_INT): TIdC_INT;
+begin
+  Result := BIO_ctrl(b, BIO_C_SET_BUF_MEM_EOF_RETURN, v, nil);
+end;
+
 end.
 
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_bio.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_bio.pas
index da4188e1b..6ce36bce7 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_bio.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_bio.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 23.07.2021 14:40:17
+// Generation date: 28.07.2021 14:11:11
 
 unit IdOpenSSLHeaders_bio;
 
@@ -343,6 +343,11 @@ function BIO_do_connect(b: PBIO): TIdC_LONG;
 function BIO_do_accept(b: PBIO): TIdC_LONG;
 function BIO_do_handshake(b: PBIO): TIdC_LONG;
 
+function BIO_get_mem_data(b: PBIO; pp: PIdAnsiChar) : TIdC_INT;
+function BIO_set_mem_buf(b: PBIO; bm: PIdAnsiChar; c: TIdC_INT): TIdC_INT;
+function BIO_get_mem_ptr(b: PBIO; pp: PIdAnsiChar): TIdC_INT;
+function BIO_set_mem_eof_return(b: PBIO; v: TIdC_INT): TIdC_INT;
+
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 procedure UnLoad;
 
@@ -468,13 +473,6 @@ procedure UnLoad;
 //  (* defined in evp.h *)
 //  (* #define BIO_set_md(b,md)     BIO_ctrl(b,BIO_C_SET_MD,1,(char )(md)) *)
 //
-//  {$HPPEMIT '# define BIO_get_mem_data(b,pp)  BIO_ctrl(b,BIO_CTRL_INFO,0,(char (pp))'}
-//  {$HPPEMIT '# define BIO_set_mem_buf(b,bm,c) BIO_ctrl(b,BIO_C_SET_BUF_MEM,c,(char (bm))'}
-//  {$HPPEMIT '# define BIO_get_mem_ptr(b,pp)   BIO_ctrl(b,BIO_C_GET_BUF_MEM_PTR,0,'}
-//                                            (char (pp))
-//  {$HPPEMIT '# define BIO_set_mem_eof_return(b,v)'}
-//                                  BIO_ctrl(b,BIO_C_SET_BUF_MEM_EOF_RETURN,v,0)
-//
 //  (* For the BIO_f_buffer() type *)
 //  {$HPPEMIT '# define BIO_get_buffer_num_lines(b)     BIO_ctrl(b,BIO_C_GET_BUFF_NUM_LINES,0,NULL)'}
 //  {$HPPEMIT '# define BIO_set_buffer_size(b,size)     BIO_ctrl(b,BIO_C_SET_BUFF_SIZE,size,NULL)'}
@@ -1079,5 +1077,29 @@ function BIO_do_handshake(b: PBIO): TIdC_LONG;
   Result := BIO_ctrl(b, BIO_C_DO_STATE_MACHINE, 0, nil);
 end;
 
+//# define BIO_get_mem_data(b,pp)  BIO_ctrl(b,BIO_CTRL_INFO,0,(char (pp))
+function BIO_get_mem_data(b: PBIO; pp: PIdAnsiChar) : TIdC_INT;
+begin
+  Result := BIO_ctrl(b, BIO_CTRL_INFO, 0, pp);
+end;
+
+//# define BIO_set_mem_buf(b,bm,c) BIO_ctrl(b,BIO_C_SET_BUF_MEM,c,(char (bm))
+function BIO_set_mem_buf(b: PBIO; bm: PIdAnsiChar; c: TIdC_INT): TIdC_INT;
+begin
+  Result := BIO_ctrl(b, BIO_C_SET_BUF_MEM, c, bm);
+end;
+
+//# define BIO_get_mem_ptr(b,pp)   BIO_ctrl(b,BIO_C_GET_BUF_MEM_PTR,0,(char (pp))
+function BIO_get_mem_ptr(b: PBIO; pp: PIdAnsiChar): TIdC_INT;
+begin
+  Result := BIO_ctrl(b, BIO_C_GET_BUF_MEM_PTR, 0, pp);
+end;
+
+//# define BIO_set_mem_eof_return(b,v) BIO_ctrl(b,BIO_C_SET_BUF_MEM_EOF_RETURN,v,0)
+function BIO_set_mem_eof_return(b: PBIO; v: TIdC_INT): TIdC_INT;
+begin
+  Result := BIO_ctrl(b, BIO_C_SET_BUF_MEM_EOF_RETURN, v, nil);
+end;
+
 end.
 
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_bio.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_bio.pas
index 568ce24a8..deb68efb4 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_bio.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_bio.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 23.07.2021 14:35:33
+// Generation date: 28.07.2021 14:11:10
 
 unit IdOpenSSLHeaders_bio;
 
@@ -342,6 +342,11 @@ function BIO_do_connect(b: PBIO): TIdC_LONG;
 function BIO_do_accept(b: PBIO): TIdC_LONG;
 function BIO_do_handshake(b: PBIO): TIdC_LONG;
 
+function BIO_get_mem_data(b: PBIO; pp: PIdAnsiChar) : TIdC_INT;
+function BIO_set_mem_buf(b: PBIO; bm: PIdAnsiChar; c: TIdC_INT): TIdC_INT;
+function BIO_get_mem_ptr(b: PBIO; pp: PIdAnsiChar): TIdC_INT;
+function BIO_set_mem_eof_return(b: PBIO; v: TIdC_INT): TIdC_INT;
+
   function BIO_get_new_index: TIdC_INT cdecl; external CLibCrypto;
   procedure BIO_set_flags(b: PBIO; flags: TIdC_INT) cdecl; external CLibCrypto;
   function BIO_test_flags(const b: PBIO; flags: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
@@ -463,13 +468,6 @@ function BIO_do_handshake(b: PBIO): TIdC_LONG;
 //  (* defined in evp.h *)
 //  (* #define BIO_set_md(b,md)     BIO_ctrl(b,BIO_C_SET_MD,1,(char )(md)) *)
 //
-//  {$HPPEMIT '# define BIO_get_mem_data(b,pp)  BIO_ctrl(b,BIO_CTRL_INFO,0,(char (pp))'}
-//  {$HPPEMIT '# define BIO_set_mem_buf(b,bm,c) BIO_ctrl(b,BIO_C_SET_BUF_MEM,c,(char (bm))'}
-//  {$HPPEMIT '# define BIO_get_mem_ptr(b,pp)   BIO_ctrl(b,BIO_C_GET_BUF_MEM_PTR,0,'}
-//                                            (char (pp))
-//  {$HPPEMIT '# define BIO_set_mem_eof_return(b,v)'}
-//                                  BIO_ctrl(b,BIO_C_SET_BUF_MEM_EOF_RETURN,v,0)
-//
 //  (* For the BIO_f_buffer() type *)
 //  {$HPPEMIT '# define BIO_get_buffer_num_lines(b)     BIO_ctrl(b,BIO_C_GET_BUFF_NUM_LINES,0,NULL)'}
 //  {$HPPEMIT '# define BIO_set_buffer_size(b,size)     BIO_ctrl(b,BIO_C_SET_BUFF_SIZE,size,NULL)'}
@@ -808,5 +806,29 @@ function BIO_do_handshake(b: PBIO): TIdC_LONG;
   Result := BIO_ctrl(b, BIO_C_DO_STATE_MACHINE, 0, nil);
 end;
 
+//# define BIO_get_mem_data(b,pp)  BIO_ctrl(b,BIO_CTRL_INFO,0,(char (pp))
+function BIO_get_mem_data(b: PBIO; pp: PIdAnsiChar) : TIdC_INT;
+begin
+  Result := BIO_ctrl(b, BIO_CTRL_INFO, 0, pp);
+end;
+
+//# define BIO_set_mem_buf(b,bm,c) BIO_ctrl(b,BIO_C_SET_BUF_MEM,c,(char (bm))
+function BIO_set_mem_buf(b: PBIO; bm: PIdAnsiChar; c: TIdC_INT): TIdC_INT;
+begin
+  Result := BIO_ctrl(b, BIO_C_SET_BUF_MEM, c, bm);
+end;
+
+//# define BIO_get_mem_ptr(b,pp)   BIO_ctrl(b,BIO_C_GET_BUF_MEM_PTR,0,(char (pp))
+function BIO_get_mem_ptr(b: PBIO; pp: PIdAnsiChar): TIdC_INT;
+begin
+  Result := BIO_ctrl(b, BIO_C_GET_BUF_MEM_PTR, 0, pp);
+end;
+
+//# define BIO_set_mem_eof_return(b,v) BIO_ctrl(b,BIO_C_SET_BUF_MEM_EOF_RETURN,v,0)
+function BIO_set_mem_eof_return(b: PBIO; v: TIdC_INT): TIdC_INT;
+begin
+  Result := BIO_ctrl(b, BIO_C_SET_BUF_MEM_EOF_RETURN, v, nil);
+end;
+
 end.
 

From 1431b6a7888a5d88dcaacc1e78f83312f4804aa4 Mon Sep 17 00:00:00 2001
From: "Fabian S. Biehn" <fbiehn@aagon.com>
Date: Wed, 28 Jul 2021 14:42:53 +0200
Subject: [PATCH 41/64] Removed duplicate type X509_REVOKED

---
 .../OpenSSL/IntermediateCode/IdOpenSSLHeaders_ossl_typ.pas  | 1 +
 .../OpenSSL/IntermediateCode/IdOpenSSLHeaders_x509.pas      | 4 ----
 Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ossl_typ.pas | 1 +
 Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_x509.pas     | 6 +-----
 Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ossl_typ.pas  | 1 +
 Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_x509.pas      | 6 +-----
 6 files changed, 5 insertions(+), 14 deletions(-)

diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ossl_typ.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ossl_typ.pas
index e436ff2cc..1c17b23bb 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ossl_typ.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ossl_typ.pas
@@ -266,6 +266,7 @@   asn1_string_st = record
   x509_revoked_st = type Pointer;
   X509_REVOKED = x509_revoked_st;
   PX509_REVOKED = ^X509_REVOKED;
+  PPX509_REVOKED = ^PX509_REVOKED;
   X509_name_st = type Pointer;
   X509_NAME = X509_name_st;
   PX509_NAME = ^X509_NAME;
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_x509.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_x509.pas
index 12b714c8f..f137d6d06 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_x509.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_x509.pas
@@ -236,10 +236,6 @@   x509_trust_st = record
   //DEFINE_STACK_OF(X509_TRUST)
 
   //DEFINE_STACK_OF(X509_REVOKED)
-  X509_REVOKED = type Pointer;   //////////////////////////////////////////////
-  PX509_REVOKED = ^X509_REVOKED; //////////////////////////////////////////////
-  PPX509_REVOKED = ^PX509_REVOKED;/////////////////////////////////////////////
-
   X509_CRL_INFO = type Pointer; // X509_crl_info_st
   PX509_CRL_INFO = ^X509_CRL_INFO;
   PPX509_CRL_INFO = ^PX509_CRL_INFO;
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ossl_typ.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ossl_typ.pas
index 01c3164f5..157b0e2f6 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ossl_typ.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ossl_typ.pas
@@ -272,6 +272,7 @@   asn1_string_st = record
   x509_revoked_st = type Pointer;
   X509_REVOKED = x509_revoked_st;
   PX509_REVOKED = ^X509_REVOKED;
+  PPX509_REVOKED = ^PX509_REVOKED;
   X509_name_st = type Pointer;
   X509_NAME = X509_name_st;
   PX509_NAME = ^X509_NAME;
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_x509.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_x509.pas
index d68e3d895..7a8eede83 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_x509.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_x509.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 23.07.2021 14:40:17
+// Generation date: 28.07.2021 14:11:12
 
 unit IdOpenSSLHeaders_x509;
 
@@ -243,10 +243,6 @@   x509_trust_st = record
   //DEFINE_STACK_OF(X509_TRUST)
 
   //DEFINE_STACK_OF(X509_REVOKED)
-  X509_REVOKED = type Pointer;   //////////////////////////////////////////////
-  PX509_REVOKED = ^X509_REVOKED; //////////////////////////////////////////////
-  PPX509_REVOKED = ^PX509_REVOKED;/////////////////////////////////////////////
-
   X509_CRL_INFO = type Pointer; // X509_crl_info_st
   PX509_CRL_INFO = ^X509_CRL_INFO;
   PPX509_CRL_INFO = ^PX509_CRL_INFO;
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ossl_typ.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ossl_typ.pas
index 2178e1fb9..df2fd8d04 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ossl_typ.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ossl_typ.pas
@@ -272,6 +272,7 @@   asn1_string_st = record
   x509_revoked_st = type Pointer;
   X509_REVOKED = x509_revoked_st;
   PX509_REVOKED = ^X509_REVOKED;
+  PPX509_REVOKED = ^PX509_REVOKED;
   X509_name_st = type Pointer;
   X509_NAME = X509_name_st;
   PX509_NAME = ^X509_NAME;
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_x509.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_x509.pas
index ae5b61030..933867ed9 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_x509.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_x509.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 23.07.2021 14:35:33
+// Generation date: 28.07.2021 14:11:10
 
 unit IdOpenSSLHeaders_x509;
 
@@ -242,10 +242,6 @@   x509_trust_st = record
   //DEFINE_STACK_OF(X509_TRUST)
 
   //DEFINE_STACK_OF(X509_REVOKED)
-  X509_REVOKED = type Pointer;   //////////////////////////////////////////////
-  PX509_REVOKED = ^X509_REVOKED; //////////////////////////////////////////////
-  PPX509_REVOKED = ^PX509_REVOKED;/////////////////////////////////////////////
-
   X509_CRL_INFO = type Pointer; // X509_crl_info_st
   PX509_CRL_INFO = ^X509_CRL_INFO;
   PPX509_CRL_INFO = ^PX509_CRL_INFO;

From aba6517fff78b8a78121ce9c86193bcfaff88ab8 Mon Sep 17 00:00:00 2001
From: "Fabian S. Biehn" <fbiehn@aagon.com>
Date: Wed, 28 Jul 2021 14:43:53 +0200
Subject: [PATCH 42/64] Fixed small memory leak

---
 Lib/Protocols/OpenSSL/IdOpenSSLX509.pas | 22 +++++++++++++++++-----
 1 file changed, 17 insertions(+), 5 deletions(-)

diff --git a/Lib/Protocols/OpenSSL/IdOpenSSLX509.pas b/Lib/Protocols/OpenSSL/IdOpenSSLX509.pas
index bb705e453..d3aafefba 100644
--- a/Lib/Protocols/OpenSSL/IdOpenSSLX509.pas
+++ b/Lib/Protocols/OpenSSL/IdOpenSSLX509.pas
@@ -166,6 +166,8 @@   TIdOpenSSLX509 = class(TIdOpenSSLPersistent)
     property X509: PX509 read FX509 write FX509;
   end;
 
+function LoadCertificate(const AFile: string): PX509;
+
 implementation
 
 uses
@@ -180,6 +182,20 @@ implementation
   IdOpenSSLHeaders_x509,
   IdOpenSSLUtils;
 
+function LoadCertificate(const AFile: string): PX509;
+var
+  LBio: PBIO;
+begin
+  LBio := Bio_new_file(PAnsiChar(UTF8Encode(AFile)), 'r');
+  if not Assigned(LBio) then
+    Exit(nil);
+  try
+    Result := PEM_read_bio_X509(LBio, nil, nil, nil);
+  finally
+    BIO_free(LBio);
+  end;
+end;
+
 { TIdOpenSSLX509 }
 
 function TIdOpenSSLX509.ASN1TimeToDateTime(
@@ -200,13 +216,9 @@ procedure TIdOpenSSLX509.AssignTo(Dest: TPersistent);
 end;
 
 constructor TIdOpenSSLX509.Create(const AFile: string);
-var
-  LBio: PBIO;
 begin
   inherited Create();
-  LBio := BIO_new_file(GetPAnsiChar(UTF8String(AFile)), 'r');
-  if Assigned(LBio) then
-    FX509 := PEM_read_bio_X509(LBio, nil, nil, nil);
+  FX509 := LoadCertificate(AFile);
 end;
 
 constructor TIdOpenSSLX509.Create(const AX509: PX509);

From 5ba5abca71c6c9495a018d02fad46eb0ea1ecad8 Mon Sep 17 00:00:00 2001
From: Andre Heider <a.heider@back-control.de>
Date: Tue, 31 Aug 2021 10:42:12 +0200
Subject: [PATCH 43/64] Fix compile errors for Delphi 7

Signed-off-by: Fabian S. Biehn <fbiehn@aagon.com>
---
 Lib/Protocols/OpenSSL/IdOpenSSLUtils.pas      |  2 +-
 Lib/Protocols/OpenSSL/IdOpenSSLX509.pas       |  2 +-
 .../IntermediateCode/IdOpenSSLHeaders_bn.pas  |  2 +-
 .../IntermediateCode/IdOpenSSLHeaders_err.pas | 12 +++---
 .../IntermediateCode/IdOpenSSLHeaders_evp.pas |  8 ++--
 .../IdOpenSSLHeaders_ossl_typ.pas             |  4 +-
 .../IntermediateCode/IdOpenSSLHeaders_rsa.pas | 42 +++++++++----------
 .../IntermediateCode/IdOpenSSLHeaders_ssl.pas |  6 +--
 .../IntermediateCode/IdOpenSSLHeaders_ts.pas  |  2 +-
 .../IntermediateCode/IdOpenSSLHeaders_ui.pas  |  2 +-
 .../IdOpenSSLHeaders_x509_vfy.pas             |  4 +-
 .../IdOpenSSLHeaders_x509v3.pas               |  4 +-
 .../OpenSSL/dynamic/IdOpenSSLHeaders_bn.pas   |  2 +-
 .../OpenSSL/dynamic/IdOpenSSLHeaders_err.pas  | 12 +++---
 .../OpenSSL/dynamic/IdOpenSSLHeaders_evp.pas  |  8 ++--
 .../dynamic/IdOpenSSLHeaders_ossl_typ.pas     |  4 +-
 .../OpenSSL/dynamic/IdOpenSSLHeaders_rsa.pas  | 42 +++++++++----------
 .../OpenSSL/dynamic/IdOpenSSLHeaders_ssl.pas  |  6 +--
 .../OpenSSL/dynamic/IdOpenSSLHeaders_ts.pas   |  2 +-
 .../OpenSSL/dynamic/IdOpenSSLHeaders_ui.pas   |  2 +-
 .../dynamic/IdOpenSSLHeaders_x509_vfy.pas     |  4 +-
 .../dynamic/IdOpenSSLHeaders_x509v3.pas       |  4 +-
 .../OpenSSL/static/IdOpenSSLHeaders_bn.pas    |  2 +-
 .../OpenSSL/static/IdOpenSSLHeaders_err.pas   | 12 +++---
 .../OpenSSL/static/IdOpenSSLHeaders_evp.pas   |  8 ++--
 .../static/IdOpenSSLHeaders_ossl_typ.pas      |  4 +-
 .../OpenSSL/static/IdOpenSSLHeaders_rsa.pas   | 42 +++++++++----------
 .../OpenSSL/static/IdOpenSSLHeaders_ssl.pas   |  6 +--
 .../OpenSSL/static/IdOpenSSLHeaders_ts.pas    |  2 +-
 .../OpenSSL/static/IdOpenSSLHeaders_ui.pas    |  2 +-
 .../static/IdOpenSSLHeaders_x509_vfy.pas      |  4 +-
 .../static/IdOpenSSLHeaders_x509v3.pas        |  4 +-
 32 files changed, 131 insertions(+), 131 deletions(-)

diff --git a/Lib/Protocols/OpenSSL/IdOpenSSLUtils.pas b/Lib/Protocols/OpenSSL/IdOpenSSLUtils.pas
index b97ea73d4..614c71a20 100644
--- a/Lib/Protocols/OpenSSL/IdOpenSSLUtils.pas
+++ b/Lib/Protocols/OpenSSL/IdOpenSSLUtils.pas
@@ -1,4 +1,4 @@
-{******************************************************************************}
+{******************************************************************************}
 {                                                                              }
 {            Indy (Internet Direct) - Internet Protocols Simplified            }
 {                                                                              }
diff --git a/Lib/Protocols/OpenSSL/IdOpenSSLX509.pas b/Lib/Protocols/OpenSSL/IdOpenSSLX509.pas
index d3aafefba..2935766eb 100644
--- a/Lib/Protocols/OpenSSL/IdOpenSSLX509.pas
+++ b/Lib/Protocols/OpenSSL/IdOpenSSLX509.pas
@@ -188,7 +188,7 @@ function LoadCertificate(const AFile: string): PX509;
 begin
   LBio := Bio_new_file(PAnsiChar(UTF8Encode(AFile)), 'r');
   if not Assigned(LBio) then
-    Exit(nil);
+    Exit;
   try
     Result := PEM_read_bio_X509(LBio, nil, nil, nil);
   finally
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_bn.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_bn.pas
index 9735ac21a..c7000a603 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_bn.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_bn.pas
@@ -298,7 +298,7 @@ interface
   function BN_from_montgomery(r: PBIGNUM; a: PBIGNUM; mont: PBN_MONT_CTX; ctx: PBN_CTX): TIdC_INT;
   procedure BN_MONT_CTX_free(mont: PBN_MONT_CTX);
   function BN_MONT_CTX_set(mont: PBN_MONT_CTX; mod_: PBIGNUM; ctx: PBN_CTX): TIdC_INT;
-  function BN_MONT_CTX_copy(&to: PBN_MONT_CTX; from: PBN_MONT_CTX): PBN_MONT_CTX;
+  function BN_MONT_CTX_copy(to_: PBN_MONT_CTX; from: PBN_MONT_CTX): PBN_MONT_CTX;
 //  function BN_MONT_CTX_set_locked(pmont: ^PBN_MONT_CTX; lock: CRYPTO_RWLOCK; mod_: PBIGNUM; ctx: PBN_CTX): PBN_MONT_CTX;
 
   function BN_BLINDING_new(const A: PBIGNUM; const Ai: PBIGNUM; mod_: PBIGNUM): PBN_BLINDING;
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_err.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_err.pas
index e279276b3..9abae8239 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_err.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_err.pas
@@ -188,16 +188,16 @@   ERR_string_data_st = record
   procedure ERR_set_error_data(data: PIdAnsiChar; flags: TIdC_INT);
   
   function ERR_get_error: TIdC_ULONG;
-  function ERR_get_error_line(&file: PPIdAnsiChar; line: PIdC_INT): TIdC_ULONG;
-  function ERR_get_error_line_data(&file: PPIdAnsiChar; line: PIdC_INT; data: PPIdAnsiChar; flags: PIdC_INT): TIdC_ULONG;
+  function ERR_get_error_line(file_: PPIdAnsiChar; line: PIdC_INT): TIdC_ULONG;
+  function ERR_get_error_line_data(file_: PPIdAnsiChar; line: PIdC_INT; data: PPIdAnsiChar; flags: PIdC_INT): TIdC_ULONG;
 
   function ERR_peek_error: TIdC_ULONG;
-  function ERR_peek_error_line(&file: PPIdAnsiChar; line: PIdC_INT): TIdC_ULONG;
-  function ERR_peek_error_line_data(&file: PPIdAnsiChar; line: PIdC_INT; data: PPIdAnsiChar; flags: PIdC_INT): TIdC_ULONG;
+  function ERR_peek_error_line(file_: PPIdAnsiChar; line: PIdC_INT): TIdC_ULONG;
+  function ERR_peek_error_line_data(file_: PPIdAnsiChar; line: PIdC_INT; data: PPIdAnsiChar; flags: PIdC_INT): TIdC_ULONG;
 
   function ERR_peek_last_error: TIdC_ULONG;
-  function ERR_peek_last_error_line(&file: PPIdAnsiChar; line: PIdC_INT): TIdC_ULONG;
-  function ERR_peek_last_error_line_data(&file: PPIdAnsiChar; line: PIdC_INT; data: PPIdAnsiChar; flags: PIdC_INT): TIdC_ULONG;
+  function ERR_peek_last_error_line(file_: PPIdAnsiChar; line: PIdC_INT): TIdC_ULONG;
+  function ERR_peek_last_error_line_data(file_: PPIdAnsiChar; line: PIdC_INT; data: PPIdAnsiChar; flags: PIdC_INT): TIdC_ULONG;
 
   procedure ERR_clear_error;
   function ERR_error_string(e: TIdC_ULONG; buf: PIdAnsiChar): PIdAnsiChar;
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_evp.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_evp.pas
index 915ad5d4f..ab1ff06b9 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_evp.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_evp.pas
@@ -398,7 +398,7 @@ interface
   EVP_MD_meth_update = function(ctx: PEVP_MD_CTX; const data: Pointer;
     count: TIdC_SIZET): TIdC_INT; cdecl;
   EVP_MD_meth_final = function(ctx: PEVP_MD_CTX; const md: PByte): TIdC_INT; cdecl;
-  EVP_MD_meth_copy = function(&to: PEVP_MD_CTX; const from: PEVP_MD_CTX): TIdC_INT; cdecl;
+  EVP_MD_meth_copy = function(to_: PEVP_MD_CTX; const from: PEVP_MD_CTX): TIdC_INT; cdecl;
   EVP_MD_meth_cleanup = function(ctx: PEVP_MD_CTX): TIdC_INT; cdecl;
   EVP_MD_meth_ctrl = function(ctx: PEVP_MD_CTX; cmd: TIdC_INT; p1: TIdC_INT;
     p2: Pointer): TIdC_INT; cdecl;
@@ -446,7 +446,7 @@   evp_cipher_info_st = record
   param_decode = function(pkey: PEVP_PKEY; const pder: PPByte; derlen: TIdC_INT): TIdC_INT; cdecl;
   param_encode = function(const pkey: PEVP_PKEY; pder: PPByte): TIdC_INT; cdecl;
   param_missing = function(const pk: PEVP_PKEY): TIdC_INT; cdecl;
-  param_copy = function(&to: PEVP_PKEY; const from: PEVP_PKEY): TIdC_INT; cdecl;
+  param_copy = function(to_: PEVP_PKEY; const from: PEVP_PKEY): TIdC_INT; cdecl;
   param_cmp = function(const a: PEVP_PKEY; const b: PEVP_PKEY): TIdC_INT; cdecl;
   param_print = function(out_: PBIO; const pkey: PEVP_PKEY; indent: TIdC_INT; pctx: PASN1_PCTX): TIdC_INT; cdecl;
 
@@ -1040,7 +1040,7 @@ function EVP_PKEY_assign_POLY1305(pkey: PEVP_PKEY; polykey: Pointer): TIdC_INT;
   function d2i_AutoPrivateKey(a: PPEVP_PKEY; const pp: PPByte; length: TIdC_LONG): PEVP_PKEY;
   function i2d_PrivateKey(a: PEVP_PKEY; pp: PPByte): TIdC_INT;
 
-  function EVP_PKEY_copy_parameters(&to: PEVP_PKEY; const from: PEVP_PKEY): TIdC_INT;
+  function EVP_PKEY_copy_parameters(to_: PEVP_PKEY; const from: PEVP_PKEY): TIdC_INT;
   function EVP_PKEY_missing_parameters(const pkey: PEVP_PKEY): TIdC_INT;
   function EVP_PKEY_save_parameters(pkey: PEVP_PKEY; mode: TIdC_INT): TIdC_INT;
   function EVP_PKEY_cmp_parameters(const a: PEVP_PKEY; const b: PEVP_PKEY): TIdC_INT;
@@ -1092,7 +1092,7 @@ function EVP_PKEY_assign_POLY1305(pkey: PEVP_PKEY; polykey: Pointer): TIdC_INT;
   function EVP_PKEY_asn1_find(pe: PPENGINE; type_: TIdC_INT): PEVP_PKEY_ASN1_METHOD;
   function EVP_PKEY_asn1_find_str(pe: PPENGINE; const str: PIdAnsiChar; len: TIdC_INT): PEVP_PKEY_ASN1_METHOD;
   function EVP_PKEY_asn1_add0(const ameth: PEVP_PKEY_ASN1_METHOD): TIdC_INT;
-  function EVP_PKEY_asn1_add_alias(&to: TIdC_INT; from: TIdC_INT): TIdC_INT;
+  function EVP_PKEY_asn1_add_alias(to_: TIdC_INT; from: TIdC_INT): TIdC_INT;
   function EVP_PKEY_asn1_get0_info(ppkey_id: PIdC_INT; pkey_base_id: PIdC_INT; ppkey_flags: PIdC_INT; const pinfo: PPIdAnsiChar; const ppem_str: PPIdAnsiChar; const ameth: PEVP_PKEY_ASN1_METHOD): TIdC_INT;
 
   function EVP_PKEY_get0_asn1(const pkey: PEVP_PKEY): PEVP_PKEY_ASN1_METHOD;
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ossl_typ.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ossl_typ.pas
index 1c17b23bb..12968c843 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ossl_typ.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ossl_typ.pas
@@ -471,7 +471,7 @@   asn1_type_st = record
 //      (ptr: PIdAnsichar);
       V_ASN1_BOOLEAN: (boolean: ASN1_BOOLEAN);
 //      (asn1_string: PASN1_STRING);
-      V_ASN1_OBJECT: (&object: PASN1_OBJECT);
+      V_ASN1_OBJECT: (object_: PASN1_OBJECT);
       V_ASN1_INTEGER: (integer: PASN1_INTEGER);
       V_ASN1_ENUMERATED: (enumerated: PASN1_ENUMERATED);
       V_ASN1_BIT_STRING: (bit_string: PASN1_BIT_STRING);
@@ -490,7 +490,7 @@   asn1_type_st = record
        * set and sequence are left complete and still contain the set or
        * sequence bytes
        *)
-      V_ASN1_SET: (&set: PASN1_STRING);
+      V_ASN1_SET: (set_: PASN1_STRING);
       V_ASN1_SEQUENCE: (sequence: PASN1_STRING);
 //      (asn1_value: PASN1_VALUE);
 
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_rsa.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_rsa.pas
index 73ebddaef..c4dec1a37 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_rsa.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_rsa.pas
@@ -337,21 +337,21 @@   rsa_oaep_params_st = record
   function RSA_blinding_on(rsa: PRSA; ctx: PBN_CTX): TIdC_INT;
   procedure RSA_blinding_off(rsa: PRSA);
   function RSA_setup_blinding(rsa: PRSA; ctx: PBN_CTX): PBN_BLINDING;
-  function RSA_padding_add_PKCS1_type_1(&to: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT): TIdC_INT;
-  function RSA_padding_check_PKCS1_type_1(&to: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT; rsa_len: TIdC_INT): TIdC_INT;
-  function RSA_padding_add_PKCS1_type_2(&to: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT): TIdC_INT;
-  function RSA_padding_check_PKCS1_type_2(&to: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT; rsa_len: TIdC_INT): TIdC_INT;
+  function RSA_padding_add_PKCS1_type_1(to_: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT): TIdC_INT;
+  function RSA_padding_check_PKCS1_type_1(to_: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT; rsa_len: TIdC_INT): TIdC_INT;
+  function RSA_padding_add_PKCS1_type_2(to_: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT): TIdC_INT;
+  function RSA_padding_check_PKCS1_type_2(to_: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT; rsa_len: TIdC_INT): TIdC_INT;
   function PKCS1_MGF1(mask: PByte; len: TIdC_LONG; const seed: PByte; seedlen: TIdC_LONG; const dgst: PEVP_MD): TIdC_INT;
-  function RSA_padding_add_PKCS1_OAEP(&to: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT; const p: PByte; pl: TIdC_INT): TIdC_INT;
-  function RSA_padding_check_PKCS1_OAEP(&to: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT; rsa_len: TIdC_INT; const p: PByte; pl: TIdC_INT): TIdC_INT;
-  function RSA_padding_add_PKCS1_OAEP_mgf1(&to: PByte; tlen: TIdC_INT; const from: PByte; flen: TIdC_INT; const param: PByte; plen: TIdC_INT; const md: PEVP_MD; const mgf1md: PEVP_MD): TIdC_INT;
-  function RSA_padding_check_PKCS1_OAEP_mgf1(&to: PByte; tlen: TIdC_INT; const from: PByte; flen: TIdC_INT; num: TIdC_INT; const param: PByte; plen: TIdC_INT; const md: PEVP_MD; const mgf1md: PEVP_MD): TIdC_INT;
-  function RSA_padding_add_SSLv23(&to: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT): TIdC_INT;
-  function RSA_padding_check_SSLv23(&to: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT; rsa_len: TIdC_INT): TIdC_INT;
-  function RSA_padding_add_none(&to: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT): TIdC_INT;
-  function RSA_padding_check_none(&to: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT; rsa_len: TIdC_INT): TIdC_INT;
-  function RSA_padding_add_X931(&to: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT): TIdC_INT;
-  function RSA_padding_check_X931(&to: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT; rsa_len: TIdC_INT): TIdC_INT;
+  function RSA_padding_add_PKCS1_OAEP(to_: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT; const p: PByte; pl: TIdC_INT): TIdC_INT;
+  function RSA_padding_check_PKCS1_OAEP(to_: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT; rsa_len: TIdC_INT; const p: PByte; pl: TIdC_INT): TIdC_INT;
+  function RSA_padding_add_PKCS1_OAEP_mgf1(to_: PByte; tlen: TIdC_INT; const from: PByte; flen: TIdC_INT; const param: PByte; plen: TIdC_INT; const md: PEVP_MD; const mgf1md: PEVP_MD): TIdC_INT;
+  function RSA_padding_check_PKCS1_OAEP_mgf1(to_: PByte; tlen: TIdC_INT; const from: PByte; flen: TIdC_INT; num: TIdC_INT; const param: PByte; plen: TIdC_INT; const md: PEVP_MD; const mgf1md: PEVP_MD): TIdC_INT;
+  function RSA_padding_add_SSLv23(to_: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT): TIdC_INT;
+  function RSA_padding_check_SSLv23(to_: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT; rsa_len: TIdC_INT): TIdC_INT;
+  function RSA_padding_add_none(to_: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT): TIdC_INT;
+  function RSA_padding_check_none(to_: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT; rsa_len: TIdC_INT): TIdC_INT;
+  function RSA_padding_add_X931(to_: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT): TIdC_INT;
+  function RSA_padding_check_X931(to_: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT; rsa_len: TIdC_INT): TIdC_INT;
   function RSA_X931_hash_id(nid: TIdC_INT): TIdC_INT;
 
   function RSA_verify_PKCS1_PSS(rsa: PRSA; const mHash: PByte; const Hash: PEVP_MD; const EM: PByte; sLen: TIdC_INT): TIdC_INT;
@@ -379,28 +379,28 @@   rsa_oaep_params_st = record
 
   //int (*RSA_meth_get_pub_enc(const RSA_METHOD *meth))
   //    (int flen, const unsigned char *from,
-  //     unsigned char *&to, RSA *rsa, int padding);
+  //     unsigned char *to_, RSA *rsa, int padding);
   //int RSA_meth_set_pub_enc(RSA_METHOD *rsa,
   //                         int (*pub_enc) (int flen, const unsigned char *from,
-  //                                         unsigned char *&to, RSA *rsa,
+  //                                         unsigned char *to_, RSA *rsa,
   //                                         int padding));
   //int (*RSA_meth_get_pub_dec(const RSA_METHOD *meth))
   //    (int flen, const unsigned char *from,
-  //     unsigned char *&to, RSA *rsa, int padding);
+  //     unsigned char *to_, RSA *rsa, int padding);
   //int RSA_meth_set_pub_dec(RSA_METHOD *rsa,
   //                         int (*pub_dec) (int flen, const unsigned char *from,
-  //                                         unsigned char *&to, RSA *rsa,
+  //                                         unsigned char *to_, RSA *rsa,
   //                                         int padding));
   //int (*RSA_meth_get_priv_enc(const RSA_METHOD *meth))
   //    (int flen, const unsigned char *from,
-  //     unsigned char *&to, RSA *rsa, int padding);
+  //     unsigned char *to_, RSA *rsa, int padding);
   //int RSA_meth_set_priv_enc(RSA_METHOD *rsa,
   //                          int (*priv_enc) (int flen, const unsigned char *from,
-  //                                           unsigned char *&to, RSA *rsa,
+  //                                           unsigned char *to_, RSA *rsa,
   //                                           int padding));
   //int (*RSA_meth_get_priv_dec(const RSA_METHOD *meth))
   //    (int flen, const unsigned char *from,
-  //     unsigned char *&to, RSA *rsa, int padding);
+  //     unsigned char *to_, RSA *rsa, int padding);
   function RSA_meth_set_priv_dec(rsa: PRSA_METHOD; priv_dec: RSA_meth_set_priv_dec_priv_dec): TIdC_INT;
 
   //int (*RSA_meth_get_mod_exp(const RSA_METHOD *meth))
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ssl.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ssl.pas
index 539adfb79..ba78fc6aa 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ssl.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ssl.pas
@@ -1464,7 +1464,7 @@ function SSL_get_max_proto_version(s: PSSL): TIdC_LONG;
   function BIO_new_ssl(ctx: PSSL_CTX; client: TIdC_INT): PBIO;
   function BIO_new_ssl_connect(ctx: PSSL_CTX): PBIO;
   function BIO_new_buffer_ssl_connect(ctx: PSSL_CTX): PBIO;
-  function BIO_ssl_copy_session_id(&to: PBIO; from: PBIO): TIdC_INT;
+  function BIO_ssl_copy_session_id(to_: PBIO; from: PBIO): TIdC_INT;
 
   function SSL_CTX_set_cipher_list(v1: PSSL_CTX; const str: PIdAnsiChar): TIdC_INT;
   function SSL_CTX_new(const meth: PSSL_METHOD): PSSL_CTX;
@@ -1583,7 +1583,7 @@ function SSL_get_max_proto_version(s: PSSL): TIdC_LONG;
   procedure SSL_SESSION_get0_ticket(const s: PSSL_SESSION; const tick: PPByte; len: PIdC_SIZET);
   function SSL_SESSION_get_max_early_data(const s: PSSL_SESSION): TIdC_UINT32;
   function SSL_SESSION_set_max_early_data(s: PSSL_SESSION; max_early_data: TIdC_UINT32): TIdC_INT;
-  function SSL_copy_session_id(&to: PSSL; const from: PSSL): TIdC_INT;
+  function SSL_copy_session_id(to_: PSSL; const from: PSSL): TIdC_INT;
   function SSL_SESSION_get0_peer(s: PSSL_SESSION): PX509;
   function SSL_SESSION_set1_id_context(s: PSSL_SESSION; const sid_ctx: PByte; sid_ctx_len: TIdC_UINT): TIdC_INT;
   function SSL_SESSION_set1_id(s: PSSL_SESSION; const sid: PByte; sid_len: TIdC_UINT): TIdC_INT;
@@ -1599,7 +1599,7 @@ function SSL_get_max_proto_version(s: PSSL): TIdC_LONG;
   function SSL_SESSION_up_ref(ses: PSSL_SESSION): TIdC_INT;
   procedure SSL_SESSION_free(ses: PSSL_SESSION);
   //__owur TIdC_INT i2d_SSL_SESSION(SSL_SESSION *in_, Byte **pp);
-  function SSL_set_session(&to: PSSL; session: PSSL_SESSION): TIdC_INT;
+  function SSL_set_session(to_: PSSL; session: PSSL_SESSION): TIdC_INT;
   function SSL_CTX_add_session(ctx: PSSL_CTX; session: PSSL_SESSION): TIdC_INT;
   function SSL_CTX_remove_session(ctx: PSSL_CTX; session: PSSL_SESSION): TIdC_INT;
   function SSL_CTX_set_generate_session_id(ctx: PSSL_CTX; cb: GEN_SESSION_CB): TIdC_INT;
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ts.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ts.pas
index b82bd58a7..ae14e3d1c 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ts.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ts.pas
@@ -533,7 +533,7 @@ interface
    * ts/ts_conf.c
    *)
 
-  function TS_CONF_load_cert(&file: PIdAnsiChar): PX509;
+  function TS_CONF_load_cert(file_: PIdAnsiChar): PX509;
   function TS_CONF_load_key( file_: PIdAnsiChar; pass: PIdAnsiChar): PEVP_PKey;
   function TS_CONF_set_serial(conf: PCONF; section: PIdAnsiChar; cb: TS_serial_cb; ctx: PTS_RESP_CTX): TIdC_INT;
   //STACK_OF(X509) *TS_CONF_load_certs(const char *file);
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ui.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ui.pas
index 1b57d9f4a..5f9c5a323 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ui.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ui.pas
@@ -323,7 +323,7 @@ interface
   function UI_method_set_flusher(method: PUI_Method; flusher: UI_method_flusher_cb): TIdC_INT;
   function UI_method_set_reader(method: PUI_Method; reader: UI_method_reader_cb): TIdC_INT;
   function UI_method_set_closer(method: PUI_Method; closer: UI_method_closer_cb): TIdC_INT;
-  function UI_method_set_data_duplicator(method: PUI_Method; duplicator: UI_method_data_duplicator_cb; &destructor: UI_method_data_destructor_cb): TIdC_INT;
+  function UI_method_set_data_duplicator(method: PUI_Method; duplicator: UI_method_data_duplicator_cb; destructor_: UI_method_data_destructor_cb): TIdC_INT;
   function UI_method_set_prompt_constructor(method: PUI_Method; prompt_constructor: UI_method_prompt_constructor_cb): TIdC_INT;
   function UI_method_set_ex_data(method: PUI_Method; idx: TIdC_INT; data: Pointer): TIdC_INT;
 
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_x509_vfy.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_x509_vfy.pas
index ff2a46226..0527f4085 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_x509_vfy.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_x509_vfy.pas
@@ -483,8 +483,8 @@ interface
 
   function X509_VERIFY_PARAM_new: PX509_VERIFY_PARAM;
   procedure X509_VERIFY_PARAM_free(param: PX509_VERIFY_PARAM);
-  function X509_VERIFY_PARAM_inherit(&to: PX509_VERIFY_PARAM; const from: PX509_VERIFY_PARAM): TIdC_INT;
-  function X509_VERIFY_PARAM_set1(&to: PX509_VERIFY_PARAM; const from: PX509_VERIFY_PARAM): TIdC_INT;
+  function X509_VERIFY_PARAM_inherit(to_: PX509_VERIFY_PARAM; const from: PX509_VERIFY_PARAM): TIdC_INT;
+  function X509_VERIFY_PARAM_set1(to_: PX509_VERIFY_PARAM; const from: PX509_VERIFY_PARAM): TIdC_INT;
   function X509_VERIFY_PARAM_set1_name(param: PX509_VERIFY_PARAM; const name: PIdAnsiChar): TIdC_INT;
   function X509_VERIFY_PARAM_set_flags(param: PX509_VERIFY_PARAM; flags: TIdC_ULONG): TIdC_INT;
   function X509_VERIFY_PARAM_clear_flags(param: PX509_VERIFY_PARAM; flags: TIdC_ULONG): TIdC_INT;
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_x509v3.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_x509v3.pas
index 2830c5913..e2528aac4 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_x509v3.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_x509v3.pas
@@ -901,9 +901,9 @@ //  IPAddressFamily_st = record
   procedure NAMING_AUTHORITY_set0_authorityText(n: PNAMING_AUTHORITY; namingAuthorityText: PASN1_STRING);
 
   function ADMISSION_SYNTAX_get0_admissionAuthority(const as_: ADMISSION_SYNTAX): PGENERAL_NAME;
-  procedure ADMISSION_SYNTAX_set0_admissionAuthority(&as: ADMISSION_SYNTAX; aa: PGENERAL_NAME);
+  procedure ADMISSION_SYNTAX_set0_admissionAuthority(as_: ADMISSION_SYNTAX; aa: PGENERAL_NAME);
 //  const STACK_OF(ADMISSIONS) *ADMISSION_SYNTAX_get0_contentsOfAdmissions(const as_: ADMISSION_SYNTAX);
-//  void ADMISSION_SYNTAX_set0_contentsOfAdmissions(&as: ADMISSION_SYNTAX; STACK_OF(ADMISSIONS) *a);
+//  void ADMISSION_SYNTAX_set0_contentsOfAdmissions(as_: ADMISSION_SYNTAX; STACK_OF(ADMISSIONS) *a);
   function ADMISSIONS_get0_admissionAuthority(const a: PADMISSIONS): PGENERAL_NAME;
   procedure ADMISSIONS_set0_admissionAuthority(a: PADMISSIONS; aa: PGENERAL_NAME);
   function ADMISSIONS_get0_namingAuthority(const a: PADMISSIONS): PNAMING_AUTHORITY;
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_bn.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_bn.pas
index fce79a34f..bf9dbcb73 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_bn.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_bn.pas
@@ -308,7 +308,7 @@ procedure UnLoad;
   BN_from_montgomery: function(r: PBIGNUM; a: PBIGNUM; mont: PBN_MONT_CTX; ctx: PBN_CTX): TIdC_INT cdecl = nil;
   BN_MONT_CTX_free: procedure(mont: PBN_MONT_CTX) cdecl = nil;
   BN_MONT_CTX_set: function(mont: PBN_MONT_CTX; mod_: PBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl = nil;
-  BN_MONT_CTX_copy: function(&to: PBN_MONT_CTX; from: PBN_MONT_CTX): PBN_MONT_CTX cdecl = nil;
+  BN_MONT_CTX_copy: function(to_: PBN_MONT_CTX; from: PBN_MONT_CTX): PBN_MONT_CTX cdecl = nil;
 //  function BN_MONT_CTX_set_locked(pmont: ^PBN_MONT_CTX; lock: CRYPTO_RWLOCK; mod_: PBIGNUM; ctx: PBN_CTX): PBN_MONT_CTX;
 
   BN_BLINDING_new: function(const A: PBIGNUM; const Ai: PBIGNUM; mod_: PBIGNUM): PBN_BLINDING cdecl = nil;
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_err.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_err.pas
index 5bf408bb2..b26fc2f4e 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_err.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_err.pas
@@ -199,16 +199,16 @@ procedure UnLoad;
   ERR_set_error_data: procedure(data: PIdAnsiChar; flags: TIdC_INT) cdecl = nil;
   
   ERR_get_error: function: TIdC_ULONG cdecl = nil;
-  ERR_get_error_line: function(&file: PPIdAnsiChar; line: PIdC_INT): TIdC_ULONG cdecl = nil;
-  ERR_get_error_line_data: function(&file: PPIdAnsiChar; line: PIdC_INT; data: PPIdAnsiChar; flags: PIdC_INT): TIdC_ULONG cdecl = nil;
+  ERR_get_error_line: function(file_: PPIdAnsiChar; line: PIdC_INT): TIdC_ULONG cdecl = nil;
+  ERR_get_error_line_data: function(file_: PPIdAnsiChar; line: PIdC_INT; data: PPIdAnsiChar; flags: PIdC_INT): TIdC_ULONG cdecl = nil;
 
   ERR_peek_error: function: TIdC_ULONG cdecl = nil;
-  ERR_peek_error_line: function(&file: PPIdAnsiChar; line: PIdC_INT): TIdC_ULONG cdecl = nil;
-  ERR_peek_error_line_data: function(&file: PPIdAnsiChar; line: PIdC_INT; data: PPIdAnsiChar; flags: PIdC_INT): TIdC_ULONG cdecl = nil;
+  ERR_peek_error_line: function(file_: PPIdAnsiChar; line: PIdC_INT): TIdC_ULONG cdecl = nil;
+  ERR_peek_error_line_data: function(file_: PPIdAnsiChar; line: PIdC_INT; data: PPIdAnsiChar; flags: PIdC_INT): TIdC_ULONG cdecl = nil;
 
   ERR_peek_last_error: function: TIdC_ULONG cdecl = nil;
-  ERR_peek_last_error_line: function(&file: PPIdAnsiChar; line: PIdC_INT): TIdC_ULONG cdecl = nil;
-  ERR_peek_last_error_line_data: function(&file: PPIdAnsiChar; line: PIdC_INT; data: PPIdAnsiChar; flags: PIdC_INT): TIdC_ULONG cdecl = nil;
+  ERR_peek_last_error_line: function(file_: PPIdAnsiChar; line: PIdC_INT): TIdC_ULONG cdecl = nil;
+  ERR_peek_last_error_line_data: function(file_: PPIdAnsiChar; line: PIdC_INT; data: PPIdAnsiChar; flags: PIdC_INT): TIdC_ULONG cdecl = nil;
 
   ERR_clear_error: procedure cdecl = nil;
   ERR_error_string: function(e: TIdC_ULONG; buf: PIdAnsiChar): PIdAnsiChar cdecl = nil;
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_evp.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_evp.pas
index 631841fa0..6f76f1a3f 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_evp.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_evp.pas
@@ -405,7 +405,7 @@ interface
   EVP_MD_meth_update = function(ctx: PEVP_MD_CTX; const data: Pointer;
     count: TIdC_SIZET): TIdC_INT; cdecl;
   EVP_MD_meth_final = function(ctx: PEVP_MD_CTX; const md: PByte): TIdC_INT; cdecl;
-  EVP_MD_meth_copy = function(&to: PEVP_MD_CTX; const from: PEVP_MD_CTX): TIdC_INT; cdecl;
+  EVP_MD_meth_copy = function(to_: PEVP_MD_CTX; const from: PEVP_MD_CTX): TIdC_INT; cdecl;
   EVP_MD_meth_cleanup = function(ctx: PEVP_MD_CTX): TIdC_INT; cdecl;
   EVP_MD_meth_ctrl = function(ctx: PEVP_MD_CTX; cmd: TIdC_INT; p1: TIdC_INT;
     p2: Pointer): TIdC_INT; cdecl;
@@ -453,7 +453,7 @@   evp_cipher_info_st = record
   param_decode = function(pkey: PEVP_PKEY; const pder: PPByte; derlen: TIdC_INT): TIdC_INT; cdecl;
   param_encode = function(const pkey: PEVP_PKEY; pder: PPByte): TIdC_INT; cdecl;
   param_missing = function(const pk: PEVP_PKEY): TIdC_INT; cdecl;
-  param_copy = function(&to: PEVP_PKEY; const from: PEVP_PKEY): TIdC_INT; cdecl;
+  param_copy = function(to_: PEVP_PKEY; const from: PEVP_PKEY): TIdC_INT; cdecl;
   param_cmp = function(const a: PEVP_PKEY; const b: PEVP_PKEY): TIdC_INT; cdecl;
   param_print = function(out_: PBIO; const pkey: PEVP_PKEY; indent: TIdC_INT; pctx: PASN1_PCTX): TIdC_INT; cdecl;
 
@@ -1050,7 +1050,7 @@ procedure UnLoad;
   d2i_AutoPrivateKey: function(a: PPEVP_PKEY; const pp: PPByte; length: TIdC_LONG): PEVP_PKEY cdecl = nil;
   i2d_PrivateKey: function(a: PEVP_PKEY; pp: PPByte): TIdC_INT cdecl = nil;
 
-  EVP_PKEY_copy_parameters: function(&to: PEVP_PKEY; const from: PEVP_PKEY): TIdC_INT cdecl = nil;
+  EVP_PKEY_copy_parameters: function(to_: PEVP_PKEY; const from: PEVP_PKEY): TIdC_INT cdecl = nil;
   EVP_PKEY_missing_parameters: function(const pkey: PEVP_PKEY): TIdC_INT cdecl = nil;
   EVP_PKEY_save_parameters: function(pkey: PEVP_PKEY; mode: TIdC_INT): TIdC_INT cdecl = nil;
   EVP_PKEY_cmp_parameters: function(const a: PEVP_PKEY; const b: PEVP_PKEY): TIdC_INT cdecl = nil;
@@ -1102,7 +1102,7 @@ procedure UnLoad;
   EVP_PKEY_asn1_find: function(pe: PPENGINE; type_: TIdC_INT): PEVP_PKEY_ASN1_METHOD cdecl = nil;
   EVP_PKEY_asn1_find_str: function(pe: PPENGINE; const str: PIdAnsiChar; len: TIdC_INT): PEVP_PKEY_ASN1_METHOD cdecl = nil;
   EVP_PKEY_asn1_add0: function(const ameth: PEVP_PKEY_ASN1_METHOD): TIdC_INT cdecl = nil;
-  EVP_PKEY_asn1_add_alias: function(&to: TIdC_INT; from: TIdC_INT): TIdC_INT cdecl = nil;
+  EVP_PKEY_asn1_add_alias: function(to_: TIdC_INT; from: TIdC_INT): TIdC_INT cdecl = nil;
   EVP_PKEY_asn1_get0_info: function(ppkey_id: PIdC_INT; pkey_base_id: PIdC_INT; ppkey_flags: PIdC_INT; const pinfo: PPIdAnsiChar; const ppem_str: PPIdAnsiChar; const ameth: PEVP_PKEY_ASN1_METHOD): TIdC_INT cdecl = nil;
 
   EVP_PKEY_get0_asn1: function(const pkey: PEVP_PKEY): PEVP_PKEY_ASN1_METHOD cdecl = nil;
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ossl_typ.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ossl_typ.pas
index 157b0e2f6..fe185f692 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ossl_typ.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ossl_typ.pas
@@ -477,7 +477,7 @@   asn1_type_st = record
 //      (ptr: PIdAnsichar);
       V_ASN1_BOOLEAN: (boolean: ASN1_BOOLEAN);
 //      (asn1_string: PASN1_STRING);
-      V_ASN1_OBJECT: (&object: PASN1_OBJECT);
+      V_ASN1_OBJECT: (object_: PASN1_OBJECT);
       V_ASN1_INTEGER: (integer: PASN1_INTEGER);
       V_ASN1_ENUMERATED: (enumerated: PASN1_ENUMERATED);
       V_ASN1_BIT_STRING: (bit_string: PASN1_BIT_STRING);
@@ -496,7 +496,7 @@   asn1_type_st = record
        * set and sequence are left complete and still contain the set or
        * sequence bytes
        *)
-      V_ASN1_SET: (&set: PASN1_STRING);
+      V_ASN1_SET: (set_: PASN1_STRING);
       V_ASN1_SEQUENCE: (sequence: PASN1_STRING);
 //      (asn1_value: PASN1_VALUE);
 
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_rsa.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_rsa.pas
index efe6749e3..85cd4b4d1 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_rsa.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_rsa.pas
@@ -347,21 +347,21 @@ procedure UnLoad;
   RSA_blinding_on: function(rsa: PRSA; ctx: PBN_CTX): TIdC_INT cdecl = nil;
   RSA_blinding_off: procedure(rsa: PRSA) cdecl = nil;
   RSA_setup_blinding: function(rsa: PRSA; ctx: PBN_CTX): PBN_BLINDING cdecl = nil;
-  RSA_padding_add_PKCS1_type_1: function(&to: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT): TIdC_INT cdecl = nil;
-  RSA_padding_check_PKCS1_type_1: function(&to: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT; rsa_len: TIdC_INT): TIdC_INT cdecl = nil;
-  RSA_padding_add_PKCS1_type_2: function(&to: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT): TIdC_INT cdecl = nil;
-  RSA_padding_check_PKCS1_type_2: function(&to: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT; rsa_len: TIdC_INT): TIdC_INT cdecl = nil;
+  RSA_padding_add_PKCS1_type_1: function(to_: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT): TIdC_INT cdecl = nil;
+  RSA_padding_check_PKCS1_type_1: function(to_: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT; rsa_len: TIdC_INT): TIdC_INT cdecl = nil;
+  RSA_padding_add_PKCS1_type_2: function(to_: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT): TIdC_INT cdecl = nil;
+  RSA_padding_check_PKCS1_type_2: function(to_: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT; rsa_len: TIdC_INT): TIdC_INT cdecl = nil;
   PKCS1_MGF1: function(mask: PByte; len: TIdC_LONG; const seed: PByte; seedlen: TIdC_LONG; const dgst: PEVP_MD): TIdC_INT cdecl = nil;
-  RSA_padding_add_PKCS1_OAEP: function(&to: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT; const p: PByte; pl: TIdC_INT): TIdC_INT cdecl = nil;
-  RSA_padding_check_PKCS1_OAEP: function(&to: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT; rsa_len: TIdC_INT; const p: PByte; pl: TIdC_INT): TIdC_INT cdecl = nil;
-  RSA_padding_add_PKCS1_OAEP_mgf1: function(&to: PByte; tlen: TIdC_INT; const from: PByte; flen: TIdC_INT; const param: PByte; plen: TIdC_INT; const md: PEVP_MD; const mgf1md: PEVP_MD): TIdC_INT cdecl = nil;
-  RSA_padding_check_PKCS1_OAEP_mgf1: function(&to: PByte; tlen: TIdC_INT; const from: PByte; flen: TIdC_INT; num: TIdC_INT; const param: PByte; plen: TIdC_INT; const md: PEVP_MD; const mgf1md: PEVP_MD): TIdC_INT cdecl = nil;
-  RSA_padding_add_SSLv23: function(&to: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT): TIdC_INT cdecl = nil;
-  RSA_padding_check_SSLv23: function(&to: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT; rsa_len: TIdC_INT): TIdC_INT cdecl = nil;
-  RSA_padding_add_none: function(&to: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT): TIdC_INT cdecl = nil;
-  RSA_padding_check_none: function(&to: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT; rsa_len: TIdC_INT): TIdC_INT cdecl = nil;
-  RSA_padding_add_X931: function(&to: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT): TIdC_INT cdecl = nil;
-  RSA_padding_check_X931: function(&to: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT; rsa_len: TIdC_INT): TIdC_INT cdecl = nil;
+  RSA_padding_add_PKCS1_OAEP: function(to_: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT; const p: PByte; pl: TIdC_INT): TIdC_INT cdecl = nil;
+  RSA_padding_check_PKCS1_OAEP: function(to_: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT; rsa_len: TIdC_INT; const p: PByte; pl: TIdC_INT): TIdC_INT cdecl = nil;
+  RSA_padding_add_PKCS1_OAEP_mgf1: function(to_: PByte; tlen: TIdC_INT; const from: PByte; flen: TIdC_INT; const param: PByte; plen: TIdC_INT; const md: PEVP_MD; const mgf1md: PEVP_MD): TIdC_INT cdecl = nil;
+  RSA_padding_check_PKCS1_OAEP_mgf1: function(to_: PByte; tlen: TIdC_INT; const from: PByte; flen: TIdC_INT; num: TIdC_INT; const param: PByte; plen: TIdC_INT; const md: PEVP_MD; const mgf1md: PEVP_MD): TIdC_INT cdecl = nil;
+  RSA_padding_add_SSLv23: function(to_: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT): TIdC_INT cdecl = nil;
+  RSA_padding_check_SSLv23: function(to_: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT; rsa_len: TIdC_INT): TIdC_INT cdecl = nil;
+  RSA_padding_add_none: function(to_: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT): TIdC_INT cdecl = nil;
+  RSA_padding_check_none: function(to_: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT; rsa_len: TIdC_INT): TIdC_INT cdecl = nil;
+  RSA_padding_add_X931: function(to_: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT): TIdC_INT cdecl = nil;
+  RSA_padding_check_X931: function(to_: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT; rsa_len: TIdC_INT): TIdC_INT cdecl = nil;
   RSA_X931_hash_id: function(nid: TIdC_INT): TIdC_INT cdecl = nil;
 
   RSA_verify_PKCS1_PSS: function(rsa: PRSA; const mHash: PByte; const Hash: PEVP_MD; const EM: PByte; sLen: TIdC_INT): TIdC_INT cdecl = nil;
@@ -389,28 +389,28 @@ procedure UnLoad;
 
   //int (*RSA_meth_get_pub_enc(const RSA_METHOD *meth))
   //    (int flen, const unsigned char *from,
-  //     unsigned char *&to, RSA *rsa, int padding);
+  //     unsigned char *to_, RSA *rsa, int padding);
   //int RSA_meth_set_pub_enc(RSA_METHOD *rsa,
   //                         int (*pub_enc) (int flen, const unsigned char *from,
-  //                                         unsigned char *&to, RSA *rsa,
+  //                                         unsigned char *to_, RSA *rsa,
   //                                         int padding));
   //int (*RSA_meth_get_pub_dec(const RSA_METHOD *meth))
   //    (int flen, const unsigned char *from,
-  //     unsigned char *&to, RSA *rsa, int padding);
+  //     unsigned char *to_, RSA *rsa, int padding);
   //int RSA_meth_set_pub_dec(RSA_METHOD *rsa,
   //                         int (*pub_dec) (int flen, const unsigned char *from,
-  //                                         unsigned char *&to, RSA *rsa,
+  //                                         unsigned char *to_, RSA *rsa,
   //                                         int padding));
   //int (*RSA_meth_get_priv_enc(const RSA_METHOD *meth))
   //    (int flen, const unsigned char *from,
-  //     unsigned char *&to, RSA *rsa, int padding);
+  //     unsigned char *to_, RSA *rsa, int padding);
   //int RSA_meth_set_priv_enc(RSA_METHOD *rsa,
   //                          int (*priv_enc) (int flen, const unsigned char *from,
-  //                                           unsigned char *&to, RSA *rsa,
+  //                                           unsigned char *to_, RSA *rsa,
   //                                           int padding));
   //int (*RSA_meth_get_priv_dec(const RSA_METHOD *meth))
   //    (int flen, const unsigned char *from,
-  //     unsigned char *&to, RSA *rsa, int padding);
+  //     unsigned char *to_, RSA *rsa, int padding);
   RSA_meth_set_priv_dec: function(rsa: PRSA_METHOD; priv_dec: RSA_meth_set_priv_dec_priv_dec): TIdC_INT cdecl = nil;
 
   //int (*RSA_meth_get_mod_exp(const RSA_METHOD *meth))
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ssl.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ssl.pas
index b15fd8d41..c8db30a6b 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ssl.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ssl.pas
@@ -1474,7 +1474,7 @@ procedure UnLoad;
   BIO_new_ssl: function(ctx: PSSL_CTX; client: TIdC_INT): PBIO cdecl = nil;
   BIO_new_ssl_connect: function(ctx: PSSL_CTX): PBIO cdecl = nil;
   BIO_new_buffer_ssl_connect: function(ctx: PSSL_CTX): PBIO cdecl = nil;
-  BIO_ssl_copy_session_id: function(&to: PBIO; from: PBIO): TIdC_INT cdecl = nil;
+  BIO_ssl_copy_session_id: function(to_: PBIO; from: PBIO): TIdC_INT cdecl = nil;
 
   SSL_CTX_set_cipher_list: function(v1: PSSL_CTX; const str: PIdAnsiChar): TIdC_INT cdecl = nil;
   SSL_CTX_new: function(const meth: PSSL_METHOD): PSSL_CTX cdecl = nil;
@@ -1593,7 +1593,7 @@ procedure UnLoad;
   SSL_SESSION_get0_ticket: procedure(const s: PSSL_SESSION; const tick: PPByte; len: PIdC_SIZET) cdecl = nil;
   SSL_SESSION_get_max_early_data: function(const s: PSSL_SESSION): TIdC_UINT32 cdecl = nil;
   SSL_SESSION_set_max_early_data: function(s: PSSL_SESSION; max_early_data: TIdC_UINT32): TIdC_INT cdecl = nil;
-  SSL_copy_session_id: function(&to: PSSL; const from: PSSL): TIdC_INT cdecl = nil;
+  SSL_copy_session_id: function(to_: PSSL; const from: PSSL): TIdC_INT cdecl = nil;
   SSL_SESSION_get0_peer: function(s: PSSL_SESSION): PX509 cdecl = nil;
   SSL_SESSION_set1_id_context: function(s: PSSL_SESSION; const sid_ctx: PByte; sid_ctx_len: TIdC_UINT): TIdC_INT cdecl = nil;
   SSL_SESSION_set1_id: function(s: PSSL_SESSION; const sid: PByte; sid_len: TIdC_UINT): TIdC_INT cdecl = nil;
@@ -1609,7 +1609,7 @@ procedure UnLoad;
   SSL_SESSION_up_ref: function(ses: PSSL_SESSION): TIdC_INT cdecl = nil;
   SSL_SESSION_free: procedure(ses: PSSL_SESSION) cdecl = nil;
   //__owur TIdC_INT i2d_SSL_SESSION(SSL_SESSION *in_, Byte **pp);
-  SSL_set_session: function(&to: PSSL; session: PSSL_SESSION): TIdC_INT cdecl = nil;
+  SSL_set_session: function(to_: PSSL; session: PSSL_SESSION): TIdC_INT cdecl = nil;
   SSL_CTX_add_session: function(ctx: PSSL_CTX; session: PSSL_SESSION): TIdC_INT cdecl = nil;
   SSL_CTX_remove_session: function(ctx: PSSL_CTX; session: PSSL_SESSION): TIdC_INT cdecl = nil;
   SSL_CTX_set_generate_session_id: function(ctx: PSSL_CTX; cb: GEN_SESSION_CB): TIdC_INT cdecl = nil;
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ts.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ts.pas
index 10717c133..9941c56a8 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ts.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ts.pas
@@ -543,7 +543,7 @@ procedure UnLoad;
    * ts/ts_conf.c
    *)
 
-  TS_CONF_load_cert: function(&file: PIdAnsiChar): PX509 cdecl = nil;
+  TS_CONF_load_cert: function(file_: PIdAnsiChar): PX509 cdecl = nil;
   TS_CONF_load_key: function( file_: PIdAnsiChar; pass: PIdAnsiChar): PEVP_PKey cdecl = nil;
   TS_CONF_set_serial: function(conf: PCONF; section: PIdAnsiChar; cb: TS_serial_cb; ctx: PTS_RESP_CTX): TIdC_INT cdecl = nil;
   //STACK_OF(X509) *TS_CONF_load_certs(const char *file);
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ui.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ui.pas
index 50aaaae05..88167ae3e 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ui.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ui.pas
@@ -333,7 +333,7 @@ procedure UnLoad;
   UI_method_set_flusher: function(method: PUI_Method; flusher: UI_method_flusher_cb): TIdC_INT cdecl = nil;
   UI_method_set_reader: function(method: PUI_Method; reader: UI_method_reader_cb): TIdC_INT cdecl = nil;
   UI_method_set_closer: function(method: PUI_Method; closer: UI_method_closer_cb): TIdC_INT cdecl = nil;
-  UI_method_set_data_duplicator: function(method: PUI_Method; duplicator: UI_method_data_duplicator_cb; &destructor: UI_method_data_destructor_cb): TIdC_INT cdecl = nil;
+  UI_method_set_data_duplicator: function(method: PUI_Method; duplicator: UI_method_data_duplicator_cb; destructor_: UI_method_data_destructor_cb): TIdC_INT cdecl = nil;
   UI_method_set_prompt_constructor: function(method: PUI_Method; prompt_constructor: UI_method_prompt_constructor_cb): TIdC_INT cdecl = nil;
   UI_method_set_ex_data: function(method: PUI_Method; idx: TIdC_INT; data: Pointer): TIdC_INT cdecl = nil;
 
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_x509_vfy.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_x509_vfy.pas
index 7cfe8d858..2bb7d5815 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_x509_vfy.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_x509_vfy.pas
@@ -494,8 +494,8 @@ procedure UnLoad;
 
   X509_VERIFY_PARAM_new: function: PX509_VERIFY_PARAM cdecl = nil;
   X509_VERIFY_PARAM_free: procedure(param: PX509_VERIFY_PARAM) cdecl = nil;
-  X509_VERIFY_PARAM_inherit: function(&to: PX509_VERIFY_PARAM; const from: PX509_VERIFY_PARAM): TIdC_INT cdecl = nil;
-  X509_VERIFY_PARAM_set1: function(&to: PX509_VERIFY_PARAM; const from: PX509_VERIFY_PARAM): TIdC_INT cdecl = nil;
+  X509_VERIFY_PARAM_inherit: function(to_: PX509_VERIFY_PARAM; const from: PX509_VERIFY_PARAM): TIdC_INT cdecl = nil;
+  X509_VERIFY_PARAM_set1: function(to_: PX509_VERIFY_PARAM; const from: PX509_VERIFY_PARAM): TIdC_INT cdecl = nil;
   X509_VERIFY_PARAM_set1_name: function(param: PX509_VERIFY_PARAM; const name: PIdAnsiChar): TIdC_INT cdecl = nil;
   X509_VERIFY_PARAM_set_flags: function(param: PX509_VERIFY_PARAM; flags: TIdC_ULONG): TIdC_INT cdecl = nil;
   X509_VERIFY_PARAM_clear_flags: function(param: PX509_VERIFY_PARAM; flags: TIdC_ULONG): TIdC_INT cdecl = nil;
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_x509v3.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_x509v3.pas
index 96165d39e..5338a0b4a 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_x509v3.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_x509v3.pas
@@ -911,9 +911,9 @@ procedure UnLoad;
   NAMING_AUTHORITY_set0_authorityText: procedure(n: PNAMING_AUTHORITY; namingAuthorityText: PASN1_STRING) cdecl = nil;
 
   ADMISSION_SYNTAX_get0_admissionAuthority: function(const as_: ADMISSION_SYNTAX): PGENERAL_NAME cdecl = nil;
-  ADMISSION_SYNTAX_set0_admissionAuthority: procedure(&as: ADMISSION_SYNTAX; aa: PGENERAL_NAME) cdecl = nil;
+  ADMISSION_SYNTAX_set0_admissionAuthority: procedure(as_: ADMISSION_SYNTAX; aa: PGENERAL_NAME) cdecl = nil;
 //  const STACK_OF(ADMISSIONS) *ADMISSION_SYNTAX_get0_contentsOfAdmissions(const as_: ADMISSION_SYNTAX);
-//  void ADMISSION_SYNTAX_set0_contentsOfAdmissions(&as: ADMISSION_SYNTAX; STACK_OF(ADMISSIONS) *a);
+//  void ADMISSION_SYNTAX_set0_contentsOfAdmissions(as_: ADMISSION_SYNTAX; STACK_OF(ADMISSIONS) *a);
   ADMISSIONS_get0_admissionAuthority: function(const a: PADMISSIONS): PGENERAL_NAME cdecl = nil;
   ADMISSIONS_set0_admissionAuthority: procedure(a: PADMISSIONS; aa: PGENERAL_NAME) cdecl = nil;
   ADMISSIONS_get0_namingAuthority: function(const a: PADMISSIONS): PNAMING_AUTHORITY cdecl = nil;
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_bn.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_bn.pas
index c9c90acbd..c9b4b6a9c 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_bn.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_bn.pas
@@ -303,7 +303,7 @@ interface
   function BN_from_montgomery(r: PBIGNUM; a: PBIGNUM; mont: PBN_MONT_CTX; ctx: PBN_CTX): TIdC_INT cdecl; external CLibCrypto;
   procedure BN_MONT_CTX_free(mont: PBN_MONT_CTX) cdecl; external CLibCrypto;
   function BN_MONT_CTX_set(mont: PBN_MONT_CTX; mod_: PBIGNUM; ctx: PBN_CTX): TIdC_INT cdecl; external CLibCrypto;
-  function BN_MONT_CTX_copy(&to: PBN_MONT_CTX; from: PBN_MONT_CTX): PBN_MONT_CTX cdecl; external CLibCrypto;
+  function BN_MONT_CTX_copy(to_: PBN_MONT_CTX; from: PBN_MONT_CTX): PBN_MONT_CTX cdecl; external CLibCrypto;
 //  function BN_MONT_CTX_set_locked(pmont: ^PBN_MONT_CTX; lock: CRYPTO_RWLOCK; mod_: PBIGNUM; ctx: PBN_CTX): PBN_MONT_CTX;
 
   function BN_BLINDING_new(const A: PBIGNUM; const Ai: PBIGNUM; mod_: PBIGNUM): PBN_BLINDING cdecl; external CLibCrypto;
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_err.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_err.pas
index 84073b78d..56dc2b8fc 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_err.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_err.pas
@@ -194,16 +194,16 @@   ERR_string_data_st = record
   procedure ERR_set_error_data(data: PIdAnsiChar; flags: TIdC_INT) cdecl; external CLibCrypto;
   
   function ERR_get_error: TIdC_ULONG cdecl; external CLibCrypto;
-  function ERR_get_error_line(&file: PPIdAnsiChar; line: PIdC_INT): TIdC_ULONG cdecl; external CLibCrypto;
-  function ERR_get_error_line_data(&file: PPIdAnsiChar; line: PIdC_INT; data: PPIdAnsiChar; flags: PIdC_INT): TIdC_ULONG cdecl; external CLibCrypto;
+  function ERR_get_error_line(file_: PPIdAnsiChar; line: PIdC_INT): TIdC_ULONG cdecl; external CLibCrypto;
+  function ERR_get_error_line_data(file_: PPIdAnsiChar; line: PIdC_INT; data: PPIdAnsiChar; flags: PIdC_INT): TIdC_ULONG cdecl; external CLibCrypto;
 
   function ERR_peek_error: TIdC_ULONG cdecl; external CLibCrypto;
-  function ERR_peek_error_line(&file: PPIdAnsiChar; line: PIdC_INT): TIdC_ULONG cdecl; external CLibCrypto;
-  function ERR_peek_error_line_data(&file: PPIdAnsiChar; line: PIdC_INT; data: PPIdAnsiChar; flags: PIdC_INT): TIdC_ULONG cdecl; external CLibCrypto;
+  function ERR_peek_error_line(file_: PPIdAnsiChar; line: PIdC_INT): TIdC_ULONG cdecl; external CLibCrypto;
+  function ERR_peek_error_line_data(file_: PPIdAnsiChar; line: PIdC_INT; data: PPIdAnsiChar; flags: PIdC_INT): TIdC_ULONG cdecl; external CLibCrypto;
 
   function ERR_peek_last_error: TIdC_ULONG cdecl; external CLibCrypto;
-  function ERR_peek_last_error_line(&file: PPIdAnsiChar; line: PIdC_INT): TIdC_ULONG cdecl; external CLibCrypto;
-  function ERR_peek_last_error_line_data(&file: PPIdAnsiChar; line: PIdC_INT; data: PPIdAnsiChar; flags: PIdC_INT): TIdC_ULONG cdecl; external CLibCrypto;
+  function ERR_peek_last_error_line(file_: PPIdAnsiChar; line: PIdC_INT): TIdC_ULONG cdecl; external CLibCrypto;
+  function ERR_peek_last_error_line_data(file_: PPIdAnsiChar; line: PIdC_INT; data: PPIdAnsiChar; flags: PIdC_INT): TIdC_ULONG cdecl; external CLibCrypto;
 
   procedure ERR_clear_error cdecl; external CLibCrypto;
   function ERR_error_string(e: TIdC_ULONG; buf: PIdAnsiChar): PIdAnsiChar cdecl; external CLibCrypto;
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_evp.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_evp.pas
index c2047decb..d3c838454 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_evp.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_evp.pas
@@ -404,7 +404,7 @@ interface
   EVP_MD_meth_update = function(ctx: PEVP_MD_CTX; const data: Pointer;
     count: TIdC_SIZET): TIdC_INT; cdecl;
   EVP_MD_meth_final = function(ctx: PEVP_MD_CTX; const md: PByte): TIdC_INT; cdecl;
-  EVP_MD_meth_copy = function(&to: PEVP_MD_CTX; const from: PEVP_MD_CTX): TIdC_INT; cdecl;
+  EVP_MD_meth_copy = function(to_: PEVP_MD_CTX; const from: PEVP_MD_CTX): TIdC_INT; cdecl;
   EVP_MD_meth_cleanup = function(ctx: PEVP_MD_CTX): TIdC_INT; cdecl;
   EVP_MD_meth_ctrl = function(ctx: PEVP_MD_CTX; cmd: TIdC_INT; p1: TIdC_INT;
     p2: Pointer): TIdC_INT; cdecl;
@@ -452,7 +452,7 @@   evp_cipher_info_st = record
   param_decode = function(pkey: PEVP_PKEY; const pder: PPByte; derlen: TIdC_INT): TIdC_INT; cdecl;
   param_encode = function(const pkey: PEVP_PKEY; pder: PPByte): TIdC_INT; cdecl;
   param_missing = function(const pk: PEVP_PKEY): TIdC_INT; cdecl;
-  param_copy = function(&to: PEVP_PKEY; const from: PEVP_PKEY): TIdC_INT; cdecl;
+  param_copy = function(to_: PEVP_PKEY; const from: PEVP_PKEY): TIdC_INT; cdecl;
   param_cmp = function(const a: PEVP_PKEY; const b: PEVP_PKEY): TIdC_INT; cdecl;
   param_print = function(out_: PBIO; const pkey: PEVP_PKEY; indent: TIdC_INT; pctx: PASN1_PCTX): TIdC_INT; cdecl;
 
@@ -1045,7 +1045,7 @@ function EVP_PKEY_assign_POLY1305(pkey: PEVP_PKEY; polykey: Pointer): TIdC_INT;
   function d2i_AutoPrivateKey(a: PPEVP_PKEY; const pp: PPByte; length: TIdC_LONG): PEVP_PKEY cdecl; external CLibCrypto;
   function i2d_PrivateKey(a: PEVP_PKEY; pp: PPByte): TIdC_INT cdecl; external CLibCrypto;
 
-  function EVP_PKEY_copy_parameters(&to: PEVP_PKEY; const from: PEVP_PKEY): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_PKEY_copy_parameters(to_: PEVP_PKEY; const from: PEVP_PKEY): TIdC_INT cdecl; external CLibCrypto;
   function EVP_PKEY_missing_parameters(const pkey: PEVP_PKEY): TIdC_INT cdecl; external CLibCrypto;
   function EVP_PKEY_save_parameters(pkey: PEVP_PKEY; mode: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
   function EVP_PKEY_cmp_parameters(const a: PEVP_PKEY; const b: PEVP_PKEY): TIdC_INT cdecl; external CLibCrypto;
@@ -1097,7 +1097,7 @@ function EVP_PKEY_assign_POLY1305(pkey: PEVP_PKEY; polykey: Pointer): TIdC_INT;
   function EVP_PKEY_asn1_find(pe: PPENGINE; type_: TIdC_INT): PEVP_PKEY_ASN1_METHOD cdecl; external CLibCrypto;
   function EVP_PKEY_asn1_find_str(pe: PPENGINE; const str: PIdAnsiChar; len: TIdC_INT): PEVP_PKEY_ASN1_METHOD cdecl; external CLibCrypto;
   function EVP_PKEY_asn1_add0(const ameth: PEVP_PKEY_ASN1_METHOD): TIdC_INT cdecl; external CLibCrypto;
-  function EVP_PKEY_asn1_add_alias(&to: TIdC_INT; from: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function EVP_PKEY_asn1_add_alias(to_: TIdC_INT; from: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
   function EVP_PKEY_asn1_get0_info(ppkey_id: PIdC_INT; pkey_base_id: PIdC_INT; ppkey_flags: PIdC_INT; const pinfo: PPIdAnsiChar; const ppem_str: PPIdAnsiChar; const ameth: PEVP_PKEY_ASN1_METHOD): TIdC_INT cdecl; external CLibCrypto;
 
   function EVP_PKEY_get0_asn1(const pkey: PEVP_PKEY): PEVP_PKEY_ASN1_METHOD cdecl; external CLibCrypto;
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ossl_typ.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ossl_typ.pas
index df2fd8d04..751eb7c5a 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ossl_typ.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ossl_typ.pas
@@ -477,7 +477,7 @@   asn1_type_st = record
 //      (ptr: PIdAnsichar);
       V_ASN1_BOOLEAN: (boolean: ASN1_BOOLEAN);
 //      (asn1_string: PASN1_STRING);
-      V_ASN1_OBJECT: (&object: PASN1_OBJECT);
+      V_ASN1_OBJECT: (object_: PASN1_OBJECT);
       V_ASN1_INTEGER: (integer: PASN1_INTEGER);
       V_ASN1_ENUMERATED: (enumerated: PASN1_ENUMERATED);
       V_ASN1_BIT_STRING: (bit_string: PASN1_BIT_STRING);
@@ -496,7 +496,7 @@   asn1_type_st = record
        * set and sequence are left complete and still contain the set or
        * sequence bytes
        *)
-      V_ASN1_SET: (&set: PASN1_STRING);
+      V_ASN1_SET: (set_: PASN1_STRING);
       V_ASN1_SEQUENCE: (sequence: PASN1_STRING);
 //      (asn1_value: PASN1_VALUE);
 
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_rsa.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_rsa.pas
index e419772ab..1f7792dd0 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_rsa.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_rsa.pas
@@ -342,21 +342,21 @@   rsa_oaep_params_st = record
   function RSA_blinding_on(rsa: PRSA; ctx: PBN_CTX): TIdC_INT cdecl; external CLibCrypto;
   procedure RSA_blinding_off(rsa: PRSA) cdecl; external CLibCrypto;
   function RSA_setup_blinding(rsa: PRSA; ctx: PBN_CTX): PBN_BLINDING cdecl; external CLibCrypto;
-  function RSA_padding_add_PKCS1_type_1(&to: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
-  function RSA_padding_check_PKCS1_type_1(&to: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT; rsa_len: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
-  function RSA_padding_add_PKCS1_type_2(&to: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
-  function RSA_padding_check_PKCS1_type_2(&to: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT; rsa_len: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function RSA_padding_add_PKCS1_type_1(to_: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function RSA_padding_check_PKCS1_type_1(to_: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT; rsa_len: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function RSA_padding_add_PKCS1_type_2(to_: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function RSA_padding_check_PKCS1_type_2(to_: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT; rsa_len: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
   function PKCS1_MGF1(mask: PByte; len: TIdC_LONG; const seed: PByte; seedlen: TIdC_LONG; const dgst: PEVP_MD): TIdC_INT cdecl; external CLibCrypto;
-  function RSA_padding_add_PKCS1_OAEP(&to: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT; const p: PByte; pl: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
-  function RSA_padding_check_PKCS1_OAEP(&to: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT; rsa_len: TIdC_INT; const p: PByte; pl: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
-  function RSA_padding_add_PKCS1_OAEP_mgf1(&to: PByte; tlen: TIdC_INT; const from: PByte; flen: TIdC_INT; const param: PByte; plen: TIdC_INT; const md: PEVP_MD; const mgf1md: PEVP_MD): TIdC_INT cdecl; external CLibCrypto;
-  function RSA_padding_check_PKCS1_OAEP_mgf1(&to: PByte; tlen: TIdC_INT; const from: PByte; flen: TIdC_INT; num: TIdC_INT; const param: PByte; plen: TIdC_INT; const md: PEVP_MD; const mgf1md: PEVP_MD): TIdC_INT cdecl; external CLibCrypto;
-  function RSA_padding_add_SSLv23(&to: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
-  function RSA_padding_check_SSLv23(&to: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT; rsa_len: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
-  function RSA_padding_add_none(&to: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
-  function RSA_padding_check_none(&to: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT; rsa_len: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
-  function RSA_padding_add_X931(&to: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
-  function RSA_padding_check_X931(&to: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT; rsa_len: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function RSA_padding_add_PKCS1_OAEP(to_: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT; const p: PByte; pl: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function RSA_padding_check_PKCS1_OAEP(to_: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT; rsa_len: TIdC_INT; const p: PByte; pl: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function RSA_padding_add_PKCS1_OAEP_mgf1(to_: PByte; tlen: TIdC_INT; const from: PByte; flen: TIdC_INT; const param: PByte; plen: TIdC_INT; const md: PEVP_MD; const mgf1md: PEVP_MD): TIdC_INT cdecl; external CLibCrypto;
+  function RSA_padding_check_PKCS1_OAEP_mgf1(to_: PByte; tlen: TIdC_INT; const from: PByte; flen: TIdC_INT; num: TIdC_INT; const param: PByte; plen: TIdC_INT; const md: PEVP_MD; const mgf1md: PEVP_MD): TIdC_INT cdecl; external CLibCrypto;
+  function RSA_padding_add_SSLv23(to_: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function RSA_padding_check_SSLv23(to_: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT; rsa_len: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function RSA_padding_add_none(to_: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function RSA_padding_check_none(to_: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT; rsa_len: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function RSA_padding_add_X931(to_: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function RSA_padding_check_X931(to_: PByte; tlen: TIdC_INT; const f: PByte; fl: TIdC_INT; rsa_len: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
   function RSA_X931_hash_id(nid: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
 
   function RSA_verify_PKCS1_PSS(rsa: PRSA; const mHash: PByte; const Hash: PEVP_MD; const EM: PByte; sLen: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
@@ -384,28 +384,28 @@   rsa_oaep_params_st = record
 
   //int (*RSA_meth_get_pub_enc(const RSA_METHOD *meth))
   //    (int flen, const unsigned char *from,
-  //     unsigned char *&to, RSA *rsa, int padding);
+  //     unsigned char *to_, RSA *rsa, int padding);
   //int RSA_meth_set_pub_enc(RSA_METHOD *rsa,
   //                         int (*pub_enc) (int flen, const unsigned char *from,
-  //                                         unsigned char *&to, RSA *rsa,
+  //                                         unsigned char *to_, RSA *rsa,
   //                                         int padding));
   //int (*RSA_meth_get_pub_dec(const RSA_METHOD *meth))
   //    (int flen, const unsigned char *from,
-  //     unsigned char *&to, RSA *rsa, int padding);
+  //     unsigned char *to_, RSA *rsa, int padding);
   //int RSA_meth_set_pub_dec(RSA_METHOD *rsa,
   //                         int (*pub_dec) (int flen, const unsigned char *from,
-  //                                         unsigned char *&to, RSA *rsa,
+  //                                         unsigned char *to_, RSA *rsa,
   //                                         int padding));
   //int (*RSA_meth_get_priv_enc(const RSA_METHOD *meth))
   //    (int flen, const unsigned char *from,
-  //     unsigned char *&to, RSA *rsa, int padding);
+  //     unsigned char *to_, RSA *rsa, int padding);
   //int RSA_meth_set_priv_enc(RSA_METHOD *rsa,
   //                          int (*priv_enc) (int flen, const unsigned char *from,
-  //                                           unsigned char *&to, RSA *rsa,
+  //                                           unsigned char *to_, RSA *rsa,
   //                                           int padding));
   //int (*RSA_meth_get_priv_dec(const RSA_METHOD *meth))
   //    (int flen, const unsigned char *from,
-  //     unsigned char *&to, RSA *rsa, int padding);
+  //     unsigned char *to_, RSA *rsa, int padding);
   function RSA_meth_set_priv_dec(rsa: PRSA_METHOD; priv_dec: RSA_meth_set_priv_dec_priv_dec): TIdC_INT cdecl; external CLibCrypto;
 
   //int (*RSA_meth_get_mod_exp(const RSA_METHOD *meth))
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ssl.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ssl.pas
index fa32eecbe..9a45b36a2 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ssl.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ssl.pas
@@ -1469,7 +1469,7 @@ function SSL_get_max_proto_version(s: PSSL): TIdC_LONG;
   function BIO_new_ssl(ctx: PSSL_CTX; client: TIdC_INT): PBIO cdecl; external CLibSSL;
   function BIO_new_ssl_connect(ctx: PSSL_CTX): PBIO cdecl; external CLibSSL;
   function BIO_new_buffer_ssl_connect(ctx: PSSL_CTX): PBIO cdecl; external CLibSSL;
-  function BIO_ssl_copy_session_id(&to: PBIO; from: PBIO): TIdC_INT cdecl; external CLibSSL;
+  function BIO_ssl_copy_session_id(to_: PBIO; from: PBIO): TIdC_INT cdecl; external CLibSSL;
 
   function SSL_CTX_set_cipher_list(v1: PSSL_CTX; const str: PIdAnsiChar): TIdC_INT cdecl; external CLibSSL;
   function SSL_CTX_new(const meth: PSSL_METHOD): PSSL_CTX cdecl; external CLibSSL;
@@ -1588,7 +1588,7 @@ function SSL_get_max_proto_version(s: PSSL): TIdC_LONG;
   procedure SSL_SESSION_get0_ticket(const s: PSSL_SESSION; const tick: PPByte; len: PIdC_SIZET) cdecl; external CLibSSL;
   function SSL_SESSION_get_max_early_data(const s: PSSL_SESSION): TIdC_UINT32 cdecl; external CLibSSL;
   function SSL_SESSION_set_max_early_data(s: PSSL_SESSION; max_early_data: TIdC_UINT32): TIdC_INT cdecl; external CLibSSL;
-  function SSL_copy_session_id(&to: PSSL; const from: PSSL): TIdC_INT cdecl; external CLibSSL;
+  function SSL_copy_session_id(to_: PSSL; const from: PSSL): TIdC_INT cdecl; external CLibSSL;
   function SSL_SESSION_get0_peer(s: PSSL_SESSION): PX509 cdecl; external CLibSSL;
   function SSL_SESSION_set1_id_context(s: PSSL_SESSION; const sid_ctx: PByte; sid_ctx_len: TIdC_UINT): TIdC_INT cdecl; external CLibSSL;
   function SSL_SESSION_set1_id(s: PSSL_SESSION; const sid: PByte; sid_len: TIdC_UINT): TIdC_INT cdecl; external CLibSSL;
@@ -1604,7 +1604,7 @@ function SSL_get_max_proto_version(s: PSSL): TIdC_LONG;
   function SSL_SESSION_up_ref(ses: PSSL_SESSION): TIdC_INT cdecl; external CLibSSL;
   procedure SSL_SESSION_free(ses: PSSL_SESSION) cdecl; external CLibSSL;
   //__owur TIdC_INT i2d_SSL_SESSION(SSL_SESSION *in_, Byte **pp);
-  function SSL_set_session(&to: PSSL; session: PSSL_SESSION): TIdC_INT cdecl; external CLibSSL;
+  function SSL_set_session(to_: PSSL; session: PSSL_SESSION): TIdC_INT cdecl; external CLibSSL;
   function SSL_CTX_add_session(ctx: PSSL_CTX; session: PSSL_SESSION): TIdC_INT cdecl; external CLibSSL;
   function SSL_CTX_remove_session(ctx: PSSL_CTX; session: PSSL_SESSION): TIdC_INT cdecl; external CLibSSL;
   function SSL_CTX_set_generate_session_id(ctx: PSSL_CTX; cb: GEN_SESSION_CB): TIdC_INT cdecl; external CLibSSL;
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ts.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ts.pas
index c889046c2..2ba041bcf 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ts.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ts.pas
@@ -538,7 +538,7 @@ interface
    * ts/ts_conf.c
    *)
 
-  function TS_CONF_load_cert(&file: PIdAnsiChar): PX509 cdecl; external CLibCrypto;
+  function TS_CONF_load_cert(file_: PIdAnsiChar): PX509 cdecl; external CLibCrypto;
   function TS_CONF_load_key( file_: PIdAnsiChar; pass: PIdAnsiChar): PEVP_PKey cdecl; external CLibCrypto;
   function TS_CONF_set_serial(conf: PCONF; section: PIdAnsiChar; cb: TS_serial_cb; ctx: PTS_RESP_CTX): TIdC_INT cdecl; external CLibCrypto;
   //STACK_OF(X509) *TS_CONF_load_certs(const char *file);
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ui.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ui.pas
index 463f219c0..80844ef1f 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ui.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ui.pas
@@ -328,7 +328,7 @@ interface
   function UI_method_set_flusher(method: PUI_Method; flusher: UI_method_flusher_cb): TIdC_INT cdecl; external CLibCrypto;
   function UI_method_set_reader(method: PUI_Method; reader: UI_method_reader_cb): TIdC_INT cdecl; external CLibCrypto;
   function UI_method_set_closer(method: PUI_Method; closer: UI_method_closer_cb): TIdC_INT cdecl; external CLibCrypto;
-  function UI_method_set_data_duplicator(method: PUI_Method; duplicator: UI_method_data_duplicator_cb; &destructor: UI_method_data_destructor_cb): TIdC_INT cdecl; external CLibCrypto;
+  function UI_method_set_data_duplicator(method: PUI_Method; duplicator: UI_method_data_duplicator_cb; destructor_: UI_method_data_destructor_cb): TIdC_INT cdecl; external CLibCrypto;
   function UI_method_set_prompt_constructor(method: PUI_Method; prompt_constructor: UI_method_prompt_constructor_cb): TIdC_INT cdecl; external CLibCrypto;
   function UI_method_set_ex_data(method: PUI_Method; idx: TIdC_INT; data: Pointer): TIdC_INT cdecl; external CLibCrypto;
 
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_x509_vfy.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_x509_vfy.pas
index 393e535e6..fb73f71a6 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_x509_vfy.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_x509_vfy.pas
@@ -489,8 +489,8 @@ interface
 
   function X509_VERIFY_PARAM_new: PX509_VERIFY_PARAM cdecl; external CLibCrypto;
   procedure X509_VERIFY_PARAM_free(param: PX509_VERIFY_PARAM) cdecl; external CLibCrypto;
-  function X509_VERIFY_PARAM_inherit(&to: PX509_VERIFY_PARAM; const from: PX509_VERIFY_PARAM): TIdC_INT cdecl; external CLibCrypto;
-  function X509_VERIFY_PARAM_set1(&to: PX509_VERIFY_PARAM; const from: PX509_VERIFY_PARAM): TIdC_INT cdecl; external CLibCrypto;
+  function X509_VERIFY_PARAM_inherit(to_: PX509_VERIFY_PARAM; const from: PX509_VERIFY_PARAM): TIdC_INT cdecl; external CLibCrypto;
+  function X509_VERIFY_PARAM_set1(to_: PX509_VERIFY_PARAM; const from: PX509_VERIFY_PARAM): TIdC_INT cdecl; external CLibCrypto;
   function X509_VERIFY_PARAM_set1_name(param: PX509_VERIFY_PARAM; const name: PIdAnsiChar): TIdC_INT cdecl; external CLibCrypto;
   function X509_VERIFY_PARAM_set_flags(param: PX509_VERIFY_PARAM; flags: TIdC_ULONG): TIdC_INT cdecl; external CLibCrypto;
   function X509_VERIFY_PARAM_clear_flags(param: PX509_VERIFY_PARAM; flags: TIdC_ULONG): TIdC_INT cdecl; external CLibCrypto;
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_x509v3.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_x509v3.pas
index fe6d592fa..367a3eff2 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_x509v3.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_x509v3.pas
@@ -906,9 +906,9 @@ //  IPAddressFamily_st = record
   procedure NAMING_AUTHORITY_set0_authorityText(n: PNAMING_AUTHORITY; namingAuthorityText: PASN1_STRING) cdecl; external CLibCrypto;
 
   function ADMISSION_SYNTAX_get0_admissionAuthority(const as_: ADMISSION_SYNTAX): PGENERAL_NAME cdecl; external CLibCrypto;
-  procedure ADMISSION_SYNTAX_set0_admissionAuthority(&as: ADMISSION_SYNTAX; aa: PGENERAL_NAME) cdecl; external CLibCrypto;
+  procedure ADMISSION_SYNTAX_set0_admissionAuthority(as_: ADMISSION_SYNTAX; aa: PGENERAL_NAME) cdecl; external CLibCrypto;
 //  const STACK_OF(ADMISSIONS) *ADMISSION_SYNTAX_get0_contentsOfAdmissions(const as_: ADMISSION_SYNTAX);
-//  void ADMISSION_SYNTAX_set0_contentsOfAdmissions(&as: ADMISSION_SYNTAX; STACK_OF(ADMISSIONS) *a);
+//  void ADMISSION_SYNTAX_set0_contentsOfAdmissions(as_: ADMISSION_SYNTAX; STACK_OF(ADMISSIONS) *a);
   function ADMISSIONS_get0_admissionAuthority(const a: PADMISSIONS): PGENERAL_NAME cdecl; external CLibCrypto;
   procedure ADMISSIONS_set0_admissionAuthority(a: PADMISSIONS; aa: PGENERAL_NAME) cdecl; external CLibCrypto;
   function ADMISSIONS_get0_namingAuthority(const a: PADMISSIONS): PNAMING_AUTHORITY cdecl; external CLibCrypto;

From 0b3b26d8b105b78d226de0cda16da36b2f198e23 Mon Sep 17 00:00:00 2001
From: "Fabian S. Biehn" <fbiehn@aagon.com>
Date: Thu, 9 Sep 2021 11:49:43 +0200
Subject: [PATCH 44/64] Added initialization of result as addition to
 9c37992275a514eb1c80369a78e574d745f0646c

---
 Lib/Protocols/OpenSSL/IdOpenSSLX509.pas | 1 +
 1 file changed, 1 insertion(+)

diff --git a/Lib/Protocols/OpenSSL/IdOpenSSLX509.pas b/Lib/Protocols/OpenSSL/IdOpenSSLX509.pas
index 2935766eb..65673f6f1 100644
--- a/Lib/Protocols/OpenSSL/IdOpenSSLX509.pas
+++ b/Lib/Protocols/OpenSSL/IdOpenSSLX509.pas
@@ -186,6 +186,7 @@ function LoadCertificate(const AFile: string): PX509;
 var
   LBio: PBIO;
 begin
+  Result := nil;
   LBio := Bio_new_file(PAnsiChar(UTF8Encode(AFile)), 'r');
   if not Assigned(LBio) then
     Exit;

From 3d4b46cf7f160da8fa76bbb95323d44a8c9f48d1 Mon Sep 17 00:00:00 2001
From: "Fabian S. Biehn" <fbiehn@aagon.com>
Date: Mon, 18 Oct 2021 08:16:29 +0200
Subject: [PATCH 45/64] Added BeforeInitContext and AfterInitContext to
 TIdOpenSSLIOHandlerServer

---
 .../OpenSSL/IdOpenSSLIOHandlerServer.pas      | 19 +++++++++++++++++--
 1 file changed, 17 insertions(+), 2 deletions(-)

diff --git a/Lib/Protocols/OpenSSL/IdOpenSSLIOHandlerServer.pas b/Lib/Protocols/OpenSSL/IdOpenSSLIOHandlerServer.pas
index 9d084d150..9d74d9b59 100644
--- a/Lib/Protocols/OpenSSL/IdOpenSSLIOHandlerServer.pas
+++ b/Lib/Protocols/OpenSSL/IdOpenSSLIOHandlerServer.pas
@@ -31,13 +31,14 @@ interface
 {$i IdCompilerDefines.inc}
 
 uses
+  IdIOHandler,
+  IdOpenSSLContext,
   IdOpenSSLContextServer,
   IdOpenSSLOptionsServer,
   IdSSL,
   IdSocketHandle,
   IdThread,
-  IdYarn,
-  IdIOHandler;
+  IdYarn;
 
 type
   TIdOpenSSLIOHandlerServer = class(TIdServerIOHandlerSSLBase)
@@ -48,6 +49,8 @@   TIdOpenSSLIOHandlerServer = class(TIdServerIOHandlerSSLBase)
   protected
     function GetOptionClass: TIdOpenSSLOptionsServerClass; virtual;
     procedure InitComponent; override;
+    procedure BeforeInitContext(const AContext: TIdOpenSSLContext); virtual;
+    procedure AfterInitContext(const AContext: TIdOpenSSLContext); virtual;
   public
     destructor Destroy; override;
 
@@ -92,6 +95,16 @@ function TIdOpenSSLIOHandlerServer.Accept(ASocket: TIdSocketHandle;
   Result := LIOHandler;
 end;
 
+procedure TIdOpenSSLIOHandlerServer.AfterInitContext(
+  const AContext: TIdOpenSSLContext);
+begin
+end;
+
+procedure TIdOpenSSLIOHandlerServer.BeforeInitContext(
+  const AContext: TIdOpenSSLContext);
+begin
+end;
+
 destructor TIdOpenSSLIOHandlerServer.Destroy;
 begin
   FOptions.Free();
@@ -116,7 +129,9 @@ procedure TIdOpenSSLIOHandlerServer.Init;
 
   FContext := TIdOpenSSLContextServer.Create();
   try
+    BeforeInitContext(FContext);
     FContext.Init(FOptions);
+    AfterInitContext(FContext);
   except
     on E: EExternalException do
     begin

From ae1237f5cddc15203a56740e067037fad5bfc06c Mon Sep 17 00:00:00 2001
From: "Fabian S. Biehn" <fbiehn@aagon.com>
Date: Tue, 30 Nov 2021 13:59:11 +0100
Subject: [PATCH 46/64] Added some xml doc

---
 Lib/Protocols/OpenSSL/IdOpenSSLX509.pas | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/Lib/Protocols/OpenSSL/IdOpenSSLX509.pas b/Lib/Protocols/OpenSSL/IdOpenSSLX509.pas
index 65673f6f1..2db20e39a 100644
--- a/Lib/Protocols/OpenSSL/IdOpenSSLX509.pas
+++ b/Lib/Protocols/OpenSSL/IdOpenSSLX509.pas
@@ -38,6 +38,10 @@ interface
   Classes;
 
 type
+  /// <summary>
+  ///   Wrapper around a name entry.
+  ///   Could contain subject or issuer information
+  /// </summary>
   TIdOpenSSLX509Name = class(TIdOpenSSLPersistent)
   private
     FName: PX509_NAME;
@@ -93,6 +97,10 @@   TIdOpenSSLX509Name = class(TIdOpenSSLPersistent)
   end;
 
   // https://zakird.com/2013/10/13/certificate-parsing-with-openssl
+  /// <summary>
+  ///   Class wrapper around a PX509 instance of OpenSSL.
+  ///   Contains most function to retrieve detail information of that instance.
+  /// </summary>
   TIdOpenSSLX509 = class(TIdOpenSSLPersistent)
   private
     FX509: PX509;

From 40e33466f85f846c71a4b3a1b5f68fb3db0bfed3 Mon Sep 17 00:00:00 2001
From: "Fabian S. Biehn" <fbiehn@aagon.com>
Date: Tue, 30 Nov 2021 14:30:11 +0100
Subject: [PATCH 47/64] Removed old code

---
 Lib/Protocols/OpenSSL/IdOpenSSLSocketClient.pas | 6 ------
 1 file changed, 6 deletions(-)

diff --git a/Lib/Protocols/OpenSSL/IdOpenSSLSocketClient.pas b/Lib/Protocols/OpenSSL/IdOpenSSLSocketClient.pas
index 5a3ad410e..502b59bee 100644
--- a/Lib/Protocols/OpenSSL/IdOpenSSLSocketClient.pas
+++ b/Lib/Protocols/OpenSSL/IdOpenSSLSocketClient.pas
@@ -65,7 +65,6 @@ function TIdOpenSSLSocketClient.Connect(
 var
   LReturnCode: TIdC_INT;
   LShouldRetry: Boolean;
-//  x: Boolean;
 begin
   FSSL := StartSSL(FContext);
   SSL_set_fd(FSSL, AHandle);
@@ -84,11 +83,6 @@ function TIdOpenSSLSocketClient.Connect(
     if not LShouldRetry and (LReturnCode < 0) then
       raise EIdOpenSSLConnectError.Create(FSSL, LReturnCode, '');
   until not LShouldRetry;
-
-  // The specification recommends that applications only use a session once
-  // (although this may not be enforced). Now we enforce this on our own :)
-//  SSL_CTX_remove_session(FContext, FSession);
-//  x := SSL_session_reused(FSSL) = 1;
 end;
 
 procedure TIdOpenSSLSocketClient.SetSession(const ASession: Pointer);

From 00429170b2d7bd07188b3990cfea7351c6526073 Mon Sep 17 00:00:00 2001
From: "Fabian S. Biehn" <fbiehn@aagon.com>
Date: Tue, 30 Nov 2021 14:30:29 +0100
Subject: [PATCH 48/64] Use parameter instead of property

---
 Lib/Protocols/OpenSSL/IdOpenSSLIOHandlerClient.pas | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Lib/Protocols/OpenSSL/IdOpenSSLIOHandlerClient.pas b/Lib/Protocols/OpenSSL/IdOpenSSLIOHandlerClient.pas
index 1e814b638..f96f4631d 100644
--- a/Lib/Protocols/OpenSSL/IdOpenSSLIOHandlerClient.pas
+++ b/Lib/Protocols/OpenSSL/IdOpenSSLIOHandlerClient.pas
@@ -166,7 +166,7 @@ function TIdOpenSSLIOHandlerClient.GetTargetHost: string;
     Result := '';
     if AUriToCheck = '' then
       Exit;
-    LURI := TIdURI.Create(URIToCheck);
+    LURI := TIdURI.Create(AURIToCheck);
     try
       Result := LURI.Host;
     finally

From f612a7b4d28262f93a14aa59449e60637f38be1c Mon Sep 17 00:00:00 2001
From: "Fabian S. Biehn" <fbiehn@aagon.com>
Date: Tue, 30 Nov 2021 14:31:46 +0100
Subject: [PATCH 49/64] TLS Client is now able to verify host name

---
 Lib/Protocols/OpenSSL/IdOpenSSLExceptions.pas |  4 ++-
 .../OpenSSL/IdOpenSSLIOHandlerClient.pas      |  2 +-
 .../OpenSSL/IdOpenSSLOptionsClient.pas        | 28 +++++++++++++++++--
 .../OpenSSL/IdOpenSSLSocketClient.pas         | 18 +++++++++---
 4 files changed, 44 insertions(+), 8 deletions(-)

diff --git a/Lib/Protocols/OpenSSL/IdOpenSSLExceptions.pas b/Lib/Protocols/OpenSSL/IdOpenSSLExceptions.pas
index 64d553bb0..7d2ef0f1e 100644
--- a/Lib/Protocols/OpenSSL/IdOpenSSLExceptions.pas
+++ b/Lib/Protocols/OpenSSL/IdOpenSSLExceptions.pas
@@ -20,7 +20,8 @@
 {                               fbiehn@aagon.com (German & English)            }
 {                                                                              }
 {        Contributers:                                                         }
-{                               Here could be your name                        }
+{                               Christopher Wagner                             }
+{                               cwagner@aagon.com (German & English)           }
 {                                                                              }
 {******************************************************************************}
 
@@ -52,6 +53,7 @@   EIdOpenSSLSetCipherListError = class(EIdOpenSSLBaseError);
   EIdOpenSSLSetCipherSuiteError = class(EIdOpenSSLBaseError);
   EIdOpenSSLSetClientCAError = class(EIdOpenSSLBaseError);
   EIdOpenSSLSetSNIServerNameError = class(EIdOpenSSLBaseError);
+  EIdOpenSSLSetVerifyParamHostError = class(EIdOpenSSLBaseError);
 
   /// <summary>
   ///   Base class for errors that are based on the error stack in err.h
diff --git a/Lib/Protocols/OpenSSL/IdOpenSSLIOHandlerClient.pas b/Lib/Protocols/OpenSSL/IdOpenSSLIOHandlerClient.pas
index f96f4631d..f11b70572 100644
--- a/Lib/Protocols/OpenSSL/IdOpenSSLIOHandlerClient.pas
+++ b/Lib/Protocols/OpenSSL/IdOpenSSLIOHandlerClient.pas
@@ -206,7 +206,7 @@ procedure TIdOpenSSLIOHandlerClient.StartSSL;
   inherited;
   if PassThrough then
     Exit;
-  GetClientSocket().Connect(Binding.Handle, GetTargetHost());
+  GetClientSocket().Connect(Binding.Handle, GetTargetHost(), FOptions.VerifyHostName);
 end;
 
 end.
diff --git a/Lib/Protocols/OpenSSL/IdOpenSSLOptionsClient.pas b/Lib/Protocols/OpenSSL/IdOpenSSLOptionsClient.pas
index 4566c5329..72866e38e 100644
--- a/Lib/Protocols/OpenSSL/IdOpenSSLOptionsClient.pas
+++ b/Lib/Protocols/OpenSSL/IdOpenSSLOptionsClient.pas
@@ -36,11 +36,13 @@ interface
 
 const
   CDefaultVerifyServerCertificate = True;
+  CDefaultVerifyHostName = True;
 
 type
   TIdOpenSSLOptionsClient = class(TIdOpenSSLOptionsBase)
   private
     FVerifyServerCertificate: Boolean;
+    FVerifyHostName: Boolean;
   public
     constructor Create; override;
 
@@ -57,6 +59,15 @@   TIdOpenSSLOptionsClient = class(TIdOpenSSLOptionsBase)
     ///   anonymous cipher is used, this option is ignored.
     /// </remarks>
     property VerifyServerCertificate: Boolean read FVerifyServerCertificate write FVerifyServerCertificate default CDefaultVerifyServerCertificate;
+    /// <summary>
+    ///   Verify if the certificate Subject Alternative Name (SAN) or Subject CommonName (CN)
+    ///   matches the specified hostname.
+    /// </summary>
+    /// <remarks>
+    ///   Subject CommonName (CN) will only be used if no Subject Alternative Name (SAN) is present.
+    ///   Wildcards are supported.
+    /// </remarks>
+    property VerifyHostName: Boolean read FVerifyHostName write FVerifyHostName;
   end;
 
   TIdOpenSSLOptionsClientClass = class of TIdOpenSSLOptionsClient;
@@ -66,23 +77,36 @@ implementation
 { TIdOpenSSLOptionsClient }
 
 procedure TIdOpenSSLOptionsClient.AssignTo(Dest: TPersistent);
+var
+  LDest: TIdOpenSSLOptionsClient;
 begin
   inherited;
   if Dest is TIdOpenSSLOptionsClient then
-    TIdOpenSSLOptionsClient(Dest).FVerifyServerCertificate := FVerifyServerCertificate;
+  begin
+    LDest := TIdOpenSSLOptionsClient(Dest);
+    LDest.FVerifyServerCertificate := FVerifyServerCertificate;
+    LDest.FVerifyHostName := FVerifyHostName;
+  end;
 end;
 
 constructor TIdOpenSSLOptionsClient.Create;
 begin
   inherited;
   FVerifyServerCertificate := CDefaultVerifyServerCertificate;
+  FVerifyHostName := CDefaultVerifyHostName;
 end;
 
 function TIdOpenSSLOptionsClient.Equals(Obj: TObject): Boolean;
+var
+  LObj: TIdOpenSSLOptionsClient;
 begin
   Result := inherited Equals(Obj);
   if Result and (Obj is TIdOpenSSLOptionsClient) then
-    Result := FVerifyServerCertificate = TIdOpenSSLOptionsClient(Obj).FVerifyServerCertificate;
+  begin
+    LObj := TIdOpenSSLOptionsClient(Obj);
+    Result := (FVerifyServerCertificate = LObj.FVerifyServerCertificate)
+      and (FVerifyHostName = LObj.FVerifyHostName);
+  end;
 end;
 
 end.
diff --git a/Lib/Protocols/OpenSSL/IdOpenSSLSocketClient.pas b/Lib/Protocols/OpenSSL/IdOpenSSLSocketClient.pas
index 502b59bee..f5f300c6e 100644
--- a/Lib/Protocols/OpenSSL/IdOpenSSLSocketClient.pas
+++ b/Lib/Protocols/OpenSSL/IdOpenSSLSocketClient.pas
@@ -20,7 +20,8 @@
 {                               fbiehn@aagon.com (German & English)            }
 {                                                                              }
 {        Contributers:                                                         }
-{                               Here could be your name                        }
+{                               Christopher Wagner                             }
+{                               cwagner@aagon.com (German & English)           }
 {                                                                              }
 {******************************************************************************}
 
@@ -42,7 +43,8 @@   TIdOpenSSLSocketClient = class(TIdOpenSSLSocket)
   public
     function Connect(
       const AHandle: TIdStackSocketHandle;
-      const ASNIHostname: string = ''): Boolean;
+      const ASNIHostname: string = '';
+      const AVerifyHostName: Boolean = True): Boolean;
     procedure SetSession(const ASession: Pointer);
   end;
 
@@ -55,13 +57,15 @@ implementation
   IdOpenSSLExceptions,
   IdOpenSSLHeaders_ssl,
   IdOpenSSLHeaders_tls1,
+  IdOpenSSLHeaders_x509_vfy,
   IdOpenSSLUtils;
 
 { TIdOpenSSLSocketClient }
 
 function TIdOpenSSLSocketClient.Connect(
   const AHandle: TIdStackSocketHandle;
-  const ASNIHostname: string): Boolean;
+  const ASNIHostname: string;
+  const AVerifyHostName: Boolean): Boolean;
 var
   LReturnCode: TIdC_INT;
   LShouldRetry: Boolean;
@@ -69,8 +73,14 @@ function TIdOpenSSLSocketClient.Connect(
   FSSL := StartSSL(FContext);
   SSL_set_fd(FSSL, AHandle);
   if ASNIHostname <> '' then
+  begin
     if SSL_set_tlsext_host_name(FSSL, GetPAnsiChar(UTF8String(ASNIHostname))) <> 1 then
       EIdOpenSSLSetSNIServerNameError.Raise_();
+
+    if AVerifyHostName then
+      if X509_VERIFY_PARAM_set1_host(SSL_get0_param(FSSL), GetPAnsiChar(UTF8String(ASNIHostname)), 0) <> 1 then
+        EIdOpenSSLSetVerifyParamHostError.Raise_();
+  end;
   if Assigned(FSession) then
     if SSL_set_session(FSSL, FSession) <> 1 then
       EIdOpenSSLSetSessionError.Raise_();
@@ -90,4 +100,4 @@ procedure TIdOpenSSLSocketClient.SetSession(const ASession: Pointer);
   FSession := ASession;
 end;
 
-end.
+end.
\ No newline at end of file

From df7ee5bcf2c1866fc6cf88ec8c480792841b5bbc Mon Sep 17 00:00:00 2001
From: "Fabian S. Biehn" <fbiehn@aagon.com>
Date: Mon, 10 Oct 2022 11:48:36 +0200
Subject: [PATCH 50/64] Added small helpful comment

---
 Lib/Protocols/OpenSSL/IdOpenSSLContextClient.pas | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/Lib/Protocols/OpenSSL/IdOpenSSLContextClient.pas b/Lib/Protocols/OpenSSL/IdOpenSSLContextClient.pas
index 910cf0a19..ec4f24c07 100644
--- a/Lib/Protocols/OpenSSL/IdOpenSSLContextClient.pas
+++ b/Lib/Protocols/OpenSSL/IdOpenSSLContextClient.pas
@@ -61,6 +61,11 @@ implementation
   Types;
 
 // Is automatically called whenever a new session was negotiated
+// Returning 0 = the session will be immediately removed from the internal cache and the reference
+//   count released
+// Returning 1 = the application retains the reference (for an entry in the application-maintained
+//   "external session cache"), and is responsible for calling SSL_SESSION_free() when the session
+//   reference is no longer in use
 function new_session_cb(ssl: PSSL; session: PSSL_SESSION): TIdC_INT; cdecl;
 var
   LCtx: PSSL_CTX;

From f078888179212fd52c95149c404edd4eab1501d2 Mon Sep 17 00:00:00 2001
From: "Fabian S. Biehn" <fbiehn@aagon.com>
Date: Mon, 10 Oct 2022 11:51:08 +0200
Subject: [PATCH 51/64] Added header translation for pkcs12.h

---
 .../IdOpenSSLHeaders_ossl_typ.pas             |   3 +
 .../IdOpenSSLHeaders_pkcs12.pas               | 178 +++++++++++
 .../dynamic/IdOpenSSLHeaders_ossl_typ.pas     |   5 +-
 .../dynamic/IdOpenSSLHeaders_pkcs12.pas       | 302 ++++++++++++++++++
 .../static/IdOpenSSLHeaders_ossl_typ.pas      |   5 +-
 .../static/IdOpenSSLHeaders_pkcs12.pas        | 183 +++++++++++
 6 files changed, 674 insertions(+), 2 deletions(-)
 create mode 100644 Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_pkcs12.pas
 create mode 100644 Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_pkcs12.pas
 create mode 100644 Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_pkcs12.pas

diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ossl_typ.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ossl_typ.pas
index 12968c843..2ab291c35 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ossl_typ.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ossl_typ.pas
@@ -256,6 +256,9 @@   asn1_string_st = record
   X509 = x509_st;
   PX509 = ^X509;
   PPX509 = ^PX509;
+  Stack_Of_X509 = type Pointer;
+  PStack_Of_X509 = ^Stack_Of_X509;
+  PPStack_Of_X509 = ^PStack_Of_X509;
   X509_crl_st = type Pointer;
   X509_CRL = X509_crl_st;
   PX509_CRL = ^X509_CRL;
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_pkcs12.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_pkcs12.pas
new file mode 100644
index 000000000..08279ded3
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_pkcs12.pas
@@ -0,0 +1,178 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+unit IdOpenSSLHeaders_pkcs12;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// pkcs12.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLHeaders_ossl_typ,
+  IdOpenSSLHeaders_pkcs7,
+  IdOpenSSLHeaders_x509;
+
+const
+  PKCS12_KEY_ID = 1;
+  PKCS12_IV_ID = 2;
+  PKCS12_MAC_ID = 3;
+
+  ///* Default iteration count */
+  //# ifndef PKCS12_DEFAULT_ITER
+  //#  define PKCS12_DEFAULT_ITER     PKCS5_DEFAULT_ITER
+  //# endif
+  
+  PKCS12_MAC_KEY_LENGTH = 20;
+
+  PKCS12_SALT_LEN = 8;
+
+  ///* It's not clear if these are actually needed... */
+  //# define PKCS12_key_gen PKCS12_key_gen_utf8
+  //# define PKCS12_add_friendlyname PKCS12_add_friendlyname_utf8
+
+  (* MS key usage constants *)
+  KEY_EX  = $10;
+  KEY_SIG = $80;
+
+  PKCS12_ERROR    = 0;
+  PKCS12_OK       = 1;
+  
+type
+  PKCS12_MAC_DATA_st = type Pointer;
+  PKCS12_MAC_DATA = PKCS12_MAC_DATA_st;
+  PPPKCS12_MAC_DATA = ^PKCS12_MAC_DATA;
+
+  PKCS12_st = type Pointer;
+  PKCS12 = PKCS12_st;
+  PPKCS12 = ^PKCS12;
+  PPPKCS12 = ^PPKCS12;
+
+  PKCS12_SAFEBAG_st = type Pointer;
+  PKCS12_SAFEBAG = PKCS12_SAFEBAG_st;
+  PPKCS12_SAFEBAG = ^PKCS12_SAFEBAG;
+
+//  DEFINE_STACK_OF(PKCS12_SAFEBAG)
+
+  pkcs12_bag_st = type Pointer;
+  PKCS12_BAGS = pkcs12_bag_st;
+  PPKCS12_BAGS = ^PKCS12_BAGS;
+
+var
+  //ASN1_TYPE *PKCS8_get_attr(PKCS8_PRIV_KEY_INFO *p8, TIdC_INT attr_nid);
+  function PKCS12_mac_present(const p12: PPKCS12): TIdC_INT;
+  procedure PKCS12_get0_mac(const pmac: PPASN1_OCTET_STRING; const pmacalg: PPX509_ALGOR; const psalt: PPASN1_OCTET_STRING; const piter: PPASN1_INTEGER; const p12: PPKCS12);
+
+  function PKCS12_SAFEBAG_get0_attr(const bag: PPKCS12_SAFEBAG; attr_nid: TIdC_INT): PASN1_TYPE;
+  function PKCS12_SAFEBAG_get0_type(const bag: PPKCS12_SAFEBAG): PASN1_OBJECT;
+  function PKCS12_SAFEBAG_get_nid(const bag: PPKCS12_SAFEBAG): TIdC_INT;
+  function PKCS12_SAFEBAG_get_bag_nid(const bag: PPKCS12_SAFEBAG): TIdC_INT;
+
+  function PKCS12_SAFEBAG_get1_cert(const bag: PPKCS12_SAFEBAG): PX509;
+  function PKCS12_SAFEBAG_get1_crl(const bag: PPKCS12_SAFEBAG): PX509_CRL;
+//  const STACK_OF(PKCS12_SAFEBAG) *PKCS12_SAFEBAG_get0_safes(const PKCS12_SAFEBAG *bag);
+  function PKCS12_SAFEBAG_get0_p8inf(const bag: PPKCS12_SAFEBAG): PPKCS8_PRIV_KEY_INFO;
+  function PKCS12_SAFEBAG_get0_pkcs8(const bag: PPKCS12_SAFEBAG): PX509_SIG;
+
+  function PKCS12_SAFEBAG_create_cert(x509: PX509): PPKCS12_SAFEBAG;
+  function PKCS12_SAFEBAG_create_crl(crl: PX509_CRL): PPKCS12_SAFEBAG;
+  function PKCS12_SAFEBAG_create0_p8inf(p8: PPKCS8_PRIV_KEY_INFO): PPKCS12_SAFEBAG;
+  function PKCS12_SAFEBAG_create0_pkcs8(p8: PX509_SIG): PPKCS12_SAFEBAG;
+  function PKCS12_SAFEBAG_create_pkcs8_encrypt(pbe_nid: TIdC_INT; const pass: PIdAnsiChar; passlen: TIdC_INT; salt: PByte; saltlen: TIdC_INT; iter: TIdC_INT; p8inf: PPKCS8_PRIV_KEY_INFO): PPKCS12_SAFEBAG;
+
+  function PKCS12_item_pack_safebag(obj: Pointer; const it: PASN1_ITEM; nid1: TIdC_INT; nid2: TIdC_INT): PPKCS12_SAFEBAG;
+  function PKCS8_decrypt(const p8: PX509_SIG; const pass: PIdAnsiChar; passlen: TIdC_INT): PPKCS8_PRIV_KEY_INFO;
+  function PKCS12_decrypt_skey(const bag: PPKCS12_SAFEBAG; const pass: PIdAnsiChar; passlen: TIdC_INT): PPKCS8_PRIV_KEY_INFO;
+  function PKCS8_encrypt(pbe_nid: TIdC_INT; const cipher: PEVP_CIPHER; const pass: PIdAnsiChar; passlen: TIdC_INT; salt: PByte; saltlen: TIdC_INT; iter: TIdC_INT; p8: PPKCS8_PRIV_KEY_INFO): PX509_SIG;
+  function PKCS8_set0_pbe(const pass: PIdAnsiChar; passlen: TIdC_INT; p8inf: PPKCS8_PRIV_KEY_INFO; pbe: PX509_ALGOR): PX509_SIG;
+//  PKCS7 *PKCS12_pack_p7data(STACK_OF(PKCS12_SAFEBAG) *sk);
+//  STACK_OF(PKCS12_SAFEBAG) *PKCS12_unpack_p7data(PKCS7 *p7);
+//  function PKCS12_pack_p7encdata(TIdC_INT pbe_nid, const PIdAnsiChar pass, TIdC_INT passlen,
+//                               Byte *salt, TIdC_INT saltlen, TIdC_INT iter,
+//                               STACK_OF(PKCS12_SAFEBAG) *bags): PPKCS7;
+//  STACK_OF(PKCS12_SAFEBAG) *PKCS12_unpack_p7encdata(PKCS7 *p7, const PIdAnsiChar *pass,
+//                                                    TIdC_INT passlen);
+
+//  TIdC_INT PKCS12_pack_authsafes(PKCS12 *p12, STACK_OF(PKCS7) *safes);
+//  STACK_OF(PKCS7) *PKCS12_unpack_authsafes(const PKCS12 *p12);
+
+  function PKCS12_add_localkeyid(bag: PPKCS12_SAFEBAG; name: PByte; namelen: TIdC_INT): TIdC_INT;
+  function PKCS12_add_friendlyname_asc(bag: PPKCS12_SAFEBAG; const name: PIdAnsiChar; namelen: TIdC_INT): TIdC_INT;
+  function PKCS12_add_friendlyname_utf8(bag: PPKCS12_SAFEBAG; const name: PIdAnsiChar; namelen: TIdC_INT): TIdC_INT;
+  function PKCS12_add_CSPName_asc(bag: PPKCS12_SAFEBAG; const name: PIdAnsiChar; namelen: TIdC_INT): TIdC_INT;
+  function PKCS12_add_friendlyname_uni(bag: PPKCS12_SAFEBAG; const name: PByte; namelen: TIdC_INT): TIdC_INT;
+  function PKCS8_add_keyusage(p8: PPKCS8_PRIV_KEY_INFO; usage: TIdC_INT): TIdC_INT;
+//  function PKCS12_get_attr_gen(const STACK_OF(X509_ATTRIBUTE) *attrs; TIdC_INT attr_nid): PASN1_TYPE;
+  function PKCS12_get_friendlyname(bag: PPKCS12_SAFEBAG): PIdAnsiChar;
+//  const STACK_OF(X509_ATTRIBUTE) *PKCS12_SAFEBAG_get0_attrs(const PKCS12_SAFEBAG *bag);
+  function PKCS12_pbe_crypt(const algor: PX509_ALGOR; const pass: PIdAnsiChar; passlen: TIdC_INT; const in_: PByte; inlen: TIdC_INT; data: PPByte; datalen: PIdC_INT; en_de: TIdC_INT): PByte;
+  function PKCS12_item_decrypt_d2i(const algor: PX509_ALGOR; const it: PASN1_ITEM; const pass: PIdAnsiChar; passlen: TIdC_INT; const oct: PASN1_OCTET_STRING; zbuf: TIdC_INT): Pointer;
+  function PKCS12_item_i2d_encrypt(algor: PX509_ALGOR; const it: PASN1_ITEM; const pass: PIdAnsiChar; passlen: TIdC_INT; obj: Pointer; zbuf: TIdC_INT): PASN1_OCTET_STRING;
+  function PKCS12_init(mode: TIdC_INT): PPKCS12;
+  function PKCS12_key_gen_asc(const pass: PIdAnsiChar; passlen: TIdC_INT; salt: PByte; saltlen: TIdC_INT; id: TIdC_INT; iter: TIdC_INT; n: TIdC_INT; out_: PByte; const md_type: PEVP_MD): TIdC_INT;
+  function PKCS12_key_gen_uni(pass: PByte; passlen: TIdC_INT; salt: PByte; saltlen: TIdC_INT; id: TIdC_INT; iter: TIdC_INT; n: TIdC_INT; out_: PByte; const md_type: PEVP_MD): TIdC_INT;
+  function PKCS12_key_gen_utf8(const pass: PIdAnsiChar; passlen: TIdC_INT; salt: PByte; saltlen: TIdC_INT; id: TIdC_INT; iter: TIdC_INT; n: TIdC_INT; out_: PByte; const md_type: PEVP_MD): TIdC_INT;
+  function PKCS12_PBE_keyivgen(ctx: PEVP_CIPHER_CTX; const pass: PIdAnsiChar; passlen: TIdC_INT; param: PASN1_TYPE; const cipher: PEVP_CIPHER; const md_type: PEVP_MD; en_de: TIdC_INT): TIdC_INT;
+  function PKCS12_gen_mac(p12: PPKCS12; const pass: PIdAnsiChar; passlen: TIdC_INT; mac: PByte; maclen: PIdC_UINT): TIdC_INT;
+  function PKCS12_verify_mac(p12: PPKCS12; const pass: PIdAnsiChar; passlen: TIdC_INT): TIdC_INT;
+  function PKCS12_set_mac(p12: PPKCS12; const pass: PIdAnsiChar; passlen: TIdC_INT; salt: PByte; saltlen: TIdC_INT; iter: TIdC_INT; const md_type: PEVP_MD): TIdC_INT;
+  function PKCS12_setup_mac(p12: PPKCS12; iter: TIdC_INT; salt: PByte; saltlen: TIdC_INT; const md_type: PEVP_MD): TIdC_INT;
+  function OPENSSL_asc2uni(const asc: PIdAnsiChar; asclen: TIdC_INT; uni: PPByte; unilen: PIdC_INT): PByte;
+  function OPENSSL_uni2asc(const uni: PByte; unilen: TIdC_INT): PIdAnsiChar;
+  function OPENSSL_utf82uni(const asc: PIdAnsiChar; asclen: TIdC_INT; uni: PPByte; unilen: PIdC_INT): PByte;
+  function OPENSSL_uni2utf8(const uni: PByte; unilen: TIdC_INT): PIdAnsiChar;
+
+//  DECLARE_ASN1_FUNCTIONS(PKCS12)
+//  DECLARE_ASN1_FUNCTIONS(PKCS12_MAC_DATA)
+//  DECLARE_ASN1_FUNCTIONS(PKCS12_SAFEBAG)
+//  DECLARE_ASN1_FUNCTIONS(PKCS12_BAGS)
+
+//  DECLARE_ASN1_ITEM(PKCS12_SAFEBAGS)
+//  DECLARE_ASN1_ITEM(PKCS12_AUTHSAFES)
+
+  procedure PKCS12_PBE_add(v: Pointer);
+  function PKCS12_parse(p12: PPKCS12; const pass: PIdAnsiChar; pkey: PPEVP_PKEY; cert: PPX509; ca: PPStack_Of_X509): TIdC_INT;
+  function PKCS12_create(const pass: PIdAnsiChar; const name: PIdAnsiChar; pkey: PEVP_PKEY; cert: PX509; ca: PStack_Of_X509; nid_key: TIdC_INT; nid_cert: TIdC_INT; iter: TIdC_INT; mac_iter: TIdC_INT; keytype: TIdC_INT): PPKCS12;
+
+//  function PKCS12_add_cert(STACK_OF(PKCS12_SAFEBAG) **pbags; X509 *cert): PKCS12_SAFEBAG;
+//  PKCS12_SAFEBAG *PKCS12_add_key(STACK_OF(PKCS12_SAFEBAG) **pbags;
+//                                 EVP_PKEY *key; TIdC_INT key_usage; iter: TIdC_INT;
+//                                 TIdC_INT key_nid; const pass: PIdAnsiChar);
+//  TIdC_INT PKCS12_add_safe(STACK_OF(PKCS7) **psafes; STACK_OF(PKCS12_SAFEBAG) *bags;
+//                      TIdC_INT safe_nid; iter: TIdC_INT; const pass: PIdAnsiChar);
+//  PKCS12 *PKCS12_add_safes(STACK_OF(PKCS7) *safes; TIdC_INT p7_nid);
+
+  function i2d_PKCS12_bio(bp: PBIO; p12: PPKCS12): TIdC_INT;
+  function d2i_PKCS12_bio(bp: PBIO; p12: PPPKCS12): PPKCS12;
+  function PKCS12_newpass(p12: PPKCS12; const oldpass: PIdAnsiChar; const newpass: PIdAnsiChar): TIdC_INT;
+
+implementation
+
+end.
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ossl_typ.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ossl_typ.pas
index fe185f692..72032ed21 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ossl_typ.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_ossl_typ.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 28.07.2021 14:11:12
+// Generation date: 10.10.2022 11:49:31
 
 unit IdOpenSSLHeaders_ossl_typ;
 
@@ -262,6 +262,9 @@   asn1_string_st = record
   X509 = x509_st;
   PX509 = ^X509;
   PPX509 = ^PX509;
+  Stack_Of_X509 = type Pointer;
+  PStack_Of_X509 = ^Stack_Of_X509;
+  PPStack_Of_X509 = ^PStack_Of_X509;
   X509_crl_st = type Pointer;
   X509_CRL = X509_crl_st;
   PX509_CRL = ^X509_CRL;
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_pkcs12.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_pkcs12.pas
new file mode 100644
index 000000000..c6b9a9652
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_pkcs12.pas
@@ -0,0 +1,302 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 10.10.2022 12:14:07
+
+unit IdOpenSSLHeaders_pkcs12;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// pkcs12.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  Classes,
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLHeaders_ossl_typ,
+  IdOpenSSLHeaders_pkcs7,
+  IdOpenSSLHeaders_x509;
+
+const
+  PKCS12_KEY_ID = 1;
+  PKCS12_IV_ID = 2;
+  PKCS12_MAC_ID = 3;
+
+  ///* Default iteration count */
+  //# ifndef PKCS12_DEFAULT_ITER
+  //#  define PKCS12_DEFAULT_ITER     PKCS5_DEFAULT_ITER
+  //# endif
+  
+  PKCS12_MAC_KEY_LENGTH = 20;
+
+  PKCS12_SALT_LEN = 8;
+
+  ///* It's not clear if these are actually needed... */
+  //# define PKCS12_key_gen PKCS12_key_gen_utf8
+  //# define PKCS12_add_friendlyname PKCS12_add_friendlyname_utf8
+
+  (* MS key usage constants *)
+  KEY_EX  = $10;
+  KEY_SIG = $80;
+
+  PKCS12_ERROR    = 0;
+  PKCS12_OK       = 1;
+  
+type
+  PKCS12_MAC_DATA_st = type Pointer;
+  PKCS12_MAC_DATA = PKCS12_MAC_DATA_st;
+  PPPKCS12_MAC_DATA = ^PKCS12_MAC_DATA;
+
+  PKCS12_st = type Pointer;
+  PKCS12 = PKCS12_st;
+  PPKCS12 = ^PKCS12;
+  PPPKCS12 = ^PPKCS12;
+
+  PKCS12_SAFEBAG_st = type Pointer;
+  PKCS12_SAFEBAG = PKCS12_SAFEBAG_st;
+  PPKCS12_SAFEBAG = ^PKCS12_SAFEBAG;
+
+//  DEFINE_STACK_OF(PKCS12_SAFEBAG)
+
+  pkcs12_bag_st = type Pointer;
+  PKCS12_BAGS = pkcs12_bag_st;
+  PPKCS12_BAGS = ^PKCS12_BAGS;
+
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+procedure UnLoad;
+
+var
+  //ASN1_TYPE *PKCS8_get_attr(PKCS8_PRIV_KEY_INFO *p8, TIdC_INT attr_nid);
+  PKCS12_mac_present: function(const p12: PPKCS12): TIdC_INT cdecl = nil;
+  PKCS12_get0_mac: procedure(const pmac: PPASN1_OCTET_STRING; const pmacalg: PPX509_ALGOR; const psalt: PPASN1_OCTET_STRING; const piter: PPASN1_INTEGER; const p12: PPKCS12) cdecl = nil;
+
+  PKCS12_SAFEBAG_get0_attr: function(const bag: PPKCS12_SAFEBAG; attr_nid: TIdC_INT): PASN1_TYPE cdecl = nil;
+  PKCS12_SAFEBAG_get0_type: function(const bag: PPKCS12_SAFEBAG): PASN1_OBJECT cdecl = nil;
+  PKCS12_SAFEBAG_get_nid: function(const bag: PPKCS12_SAFEBAG): TIdC_INT cdecl = nil;
+  PKCS12_SAFEBAG_get_bag_nid: function(const bag: PPKCS12_SAFEBAG): TIdC_INT cdecl = nil;
+
+  PKCS12_SAFEBAG_get1_cert: function(const bag: PPKCS12_SAFEBAG): PX509 cdecl = nil;
+  PKCS12_SAFEBAG_get1_crl: function(const bag: PPKCS12_SAFEBAG): PX509_CRL cdecl = nil;
+//  const STACK_OF(PKCS12_SAFEBAG) *PKCS12_SAFEBAG_get0_safes(const PKCS12_SAFEBAG *bag);
+  PKCS12_SAFEBAG_get0_p8inf: function(const bag: PPKCS12_SAFEBAG): PPKCS8_PRIV_KEY_INFO cdecl = nil;
+  PKCS12_SAFEBAG_get0_pkcs8: function(const bag: PPKCS12_SAFEBAG): PX509_SIG cdecl = nil;
+
+  PKCS12_SAFEBAG_create_cert: function(x509: PX509): PPKCS12_SAFEBAG cdecl = nil;
+  PKCS12_SAFEBAG_create_crl: function(crl: PX509_CRL): PPKCS12_SAFEBAG cdecl = nil;
+  PKCS12_SAFEBAG_create0_p8inf: function(p8: PPKCS8_PRIV_KEY_INFO): PPKCS12_SAFEBAG cdecl = nil;
+  PKCS12_SAFEBAG_create0_pkcs8: function(p8: PX509_SIG): PPKCS12_SAFEBAG cdecl = nil;
+  PKCS12_SAFEBAG_create_pkcs8_encrypt: function(pbe_nid: TIdC_INT; const pass: PIdAnsiChar; passlen: TIdC_INT; salt: PByte; saltlen: TIdC_INT; iter: TIdC_INT; p8inf: PPKCS8_PRIV_KEY_INFO): PPKCS12_SAFEBAG cdecl = nil;
+
+  PKCS12_item_pack_safebag: function(obj: Pointer; const it: PASN1_ITEM; nid1: TIdC_INT; nid2: TIdC_INT): PPKCS12_SAFEBAG cdecl = nil;
+  PKCS8_decrypt: function(const p8: PX509_SIG; const pass: PIdAnsiChar; passlen: TIdC_INT): PPKCS8_PRIV_KEY_INFO cdecl = nil;
+  PKCS12_decrypt_skey: function(const bag: PPKCS12_SAFEBAG; const pass: PIdAnsiChar; passlen: TIdC_INT): PPKCS8_PRIV_KEY_INFO cdecl = nil;
+  PKCS8_encrypt: function(pbe_nid: TIdC_INT; const cipher: PEVP_CIPHER; const pass: PIdAnsiChar; passlen: TIdC_INT; salt: PByte; saltlen: TIdC_INT; iter: TIdC_INT; p8: PPKCS8_PRIV_KEY_INFO): PX509_SIG cdecl = nil;
+  PKCS8_set0_pbe: function(const pass: PIdAnsiChar; passlen: TIdC_INT; p8inf: PPKCS8_PRIV_KEY_INFO; pbe: PX509_ALGOR): PX509_SIG cdecl = nil;
+//  PKCS7 *PKCS12_pack_p7data(STACK_OF(PKCS12_SAFEBAG) *sk);
+//  STACK_OF(PKCS12_SAFEBAG) *PKCS12_unpack_p7data(PKCS7 *p7);
+//  function PKCS12_pack_p7encdata(TIdC_INT pbe_nid, const PIdAnsiChar pass, TIdC_INT passlen,
+//                               Byte *salt, TIdC_INT saltlen, TIdC_INT iter,
+//                               STACK_OF(PKCS12_SAFEBAG) *bags): PPKCS7;
+//  STACK_OF(PKCS12_SAFEBAG) *PKCS12_unpack_p7encdata(PKCS7 *p7, const PIdAnsiChar *pass,
+//                                                    TIdC_INT passlen);
+
+//  TIdC_INT PKCS12_pack_authsafes(PKCS12 *p12, STACK_OF(PKCS7) *safes);
+//  STACK_OF(PKCS7) *PKCS12_unpack_authsafes(const PKCS12 *p12);
+
+  PKCS12_add_localkeyid: function(bag: PPKCS12_SAFEBAG; name: PByte; namelen: TIdC_INT): TIdC_INT cdecl = nil;
+  PKCS12_add_friendlyname_asc: function(bag: PPKCS12_SAFEBAG; const name: PIdAnsiChar; namelen: TIdC_INT): TIdC_INT cdecl = nil;
+  PKCS12_add_friendlyname_utf8: function(bag: PPKCS12_SAFEBAG; const name: PIdAnsiChar; namelen: TIdC_INT): TIdC_INT cdecl = nil;
+  PKCS12_add_CSPName_asc: function(bag: PPKCS12_SAFEBAG; const name: PIdAnsiChar; namelen: TIdC_INT): TIdC_INT cdecl = nil;
+  PKCS12_add_friendlyname_uni: function(bag: PPKCS12_SAFEBAG; const name: PByte; namelen: TIdC_INT): TIdC_INT cdecl = nil;
+  PKCS8_add_keyusage: function(p8: PPKCS8_PRIV_KEY_INFO; usage: TIdC_INT): TIdC_INT cdecl = nil;
+//  function PKCS12_get_attr_gen(const STACK_OF(X509_ATTRIBUTE) *attrs; TIdC_INT attr_nid): PASN1_TYPE;
+  PKCS12_get_friendlyname: function(bag: PPKCS12_SAFEBAG): PIdAnsiChar cdecl = nil;
+//  const STACK_OF(X509_ATTRIBUTE) *PKCS12_SAFEBAG_get0_attrs(const PKCS12_SAFEBAG *bag);
+  PKCS12_pbe_crypt: function(const algor: PX509_ALGOR; const pass: PIdAnsiChar; passlen: TIdC_INT; const in_: PByte; inlen: TIdC_INT; data: PPByte; datalen: PIdC_INT; en_de: TIdC_INT): PByte cdecl = nil;
+  PKCS12_item_decrypt_d2i: function(const algor: PX509_ALGOR; const it: PASN1_ITEM; const pass: PIdAnsiChar; passlen: TIdC_INT; const oct: PASN1_OCTET_STRING; zbuf: TIdC_INT): Pointer cdecl = nil;
+  PKCS12_item_i2d_encrypt: function(algor: PX509_ALGOR; const it: PASN1_ITEM; const pass: PIdAnsiChar; passlen: TIdC_INT; obj: Pointer; zbuf: TIdC_INT): PASN1_OCTET_STRING cdecl = nil;
+  PKCS12_init: function(mode: TIdC_INT): PPKCS12 cdecl = nil;
+  PKCS12_key_gen_asc: function(const pass: PIdAnsiChar; passlen: TIdC_INT; salt: PByte; saltlen: TIdC_INT; id: TIdC_INT; iter: TIdC_INT; n: TIdC_INT; out_: PByte; const md_type: PEVP_MD): TIdC_INT cdecl = nil;
+  PKCS12_key_gen_uni: function(pass: PByte; passlen: TIdC_INT; salt: PByte; saltlen: TIdC_INT; id: TIdC_INT; iter: TIdC_INT; n: TIdC_INT; out_: PByte; const md_type: PEVP_MD): TIdC_INT cdecl = nil;
+  PKCS12_key_gen_utf8: function(const pass: PIdAnsiChar; passlen: TIdC_INT; salt: PByte; saltlen: TIdC_INT; id: TIdC_INT; iter: TIdC_INT; n: TIdC_INT; out_: PByte; const md_type: PEVP_MD): TIdC_INT cdecl = nil;
+  PKCS12_PBE_keyivgen: function(ctx: PEVP_CIPHER_CTX; const pass: PIdAnsiChar; passlen: TIdC_INT; param: PASN1_TYPE; const cipher: PEVP_CIPHER; const md_type: PEVP_MD; en_de: TIdC_INT): TIdC_INT cdecl = nil;
+  PKCS12_gen_mac: function(p12: PPKCS12; const pass: PIdAnsiChar; passlen: TIdC_INT; mac: PByte; maclen: PIdC_UINT): TIdC_INT cdecl = nil;
+  PKCS12_verify_mac: function(p12: PPKCS12; const pass: PIdAnsiChar; passlen: TIdC_INT): TIdC_INT cdecl = nil;
+  PKCS12_set_mac: function(p12: PPKCS12; const pass: PIdAnsiChar; passlen: TIdC_INT; salt: PByte; saltlen: TIdC_INT; iter: TIdC_INT; const md_type: PEVP_MD): TIdC_INT cdecl = nil;
+  PKCS12_setup_mac: function(p12: PPKCS12; iter: TIdC_INT; salt: PByte; saltlen: TIdC_INT; const md_type: PEVP_MD): TIdC_INT cdecl = nil;
+  OPENSSL_asc2uni: function(const asc: PIdAnsiChar; asclen: TIdC_INT; uni: PPByte; unilen: PIdC_INT): PByte cdecl = nil;
+  OPENSSL_uni2asc: function(const uni: PByte; unilen: TIdC_INT): PIdAnsiChar cdecl = nil;
+  OPENSSL_utf82uni: function(const asc: PIdAnsiChar; asclen: TIdC_INT; uni: PPByte; unilen: PIdC_INT): PByte cdecl = nil;
+  OPENSSL_uni2utf8: function(const uni: PByte; unilen: TIdC_INT): PIdAnsiChar cdecl = nil;
+
+//  DECLARE_ASN1_FUNCTIONS(PKCS12)
+//  DECLARE_ASN1_FUNCTIONS(PKCS12_MAC_DATA)
+//  DECLARE_ASN1_FUNCTIONS(PKCS12_SAFEBAG)
+//  DECLARE_ASN1_FUNCTIONS(PKCS12_BAGS)
+
+//  DECLARE_ASN1_ITEM(PKCS12_SAFEBAGS)
+//  DECLARE_ASN1_ITEM(PKCS12_AUTHSAFES)
+
+  PKCS12_PBE_add: procedure(v: Pointer) cdecl = nil;
+  PKCS12_parse: function(p12: PPKCS12; const pass: PIdAnsiChar; pkey: PPEVP_PKEY; cert: PPX509; ca: PPStack_Of_X509): TIdC_INT cdecl = nil;
+  PKCS12_create: function(const pass: PIdAnsiChar; const name: PIdAnsiChar; pkey: PEVP_PKEY; cert: PX509; ca: PStack_Of_X509; nid_key: TIdC_INT; nid_cert: TIdC_INT; iter: TIdC_INT; mac_iter: TIdC_INT; keytype: TIdC_INT): PPKCS12 cdecl = nil;
+
+//  function PKCS12_add_cert(STACK_OF(PKCS12_SAFEBAG) **pbags; X509 *cert): PKCS12_SAFEBAG;
+//  PKCS12_SAFEBAG *PKCS12_add_key(STACK_OF(PKCS12_SAFEBAG) **pbags;
+//                                 EVP_PKEY *key; TIdC_INT key_usage; iter: TIdC_INT;
+//                                 TIdC_INT key_nid; const pass: PIdAnsiChar);
+//  TIdC_INT PKCS12_add_safe(STACK_OF(PKCS7) **psafes; STACK_OF(PKCS12_SAFEBAG) *bags;
+//                      TIdC_INT safe_nid; iter: TIdC_INT; const pass: PIdAnsiChar);
+//  PKCS12 *PKCS12_add_safes(STACK_OF(PKCS7) *safes; TIdC_INT p7_nid);
+
+  i2d_PKCS12_bio: function(bp: PBIO; p12: PPKCS12): TIdC_INT cdecl = nil;
+  d2i_PKCS12_bio: function(bp: PBIO; p12: PPPKCS12): PPKCS12 cdecl = nil;
+  PKCS12_newpass: function(p12: PPKCS12; const oldpass: PIdAnsiChar; const newpass: PIdAnsiChar): TIdC_INT cdecl = nil;
+
+implementation
+
+procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
+
+  function LoadFunction(const AMethodName: string; const AFailed: TStringList): Pointer;
+  begin
+    Result := LoadLibFunction(ADllHandle, AMethodName);
+    if not Assigned(Result) then
+      AFailed.Add(AMethodName);
+  end;
+
+begin
+  PKCS12_mac_present := LoadFunction('PKCS12_mac_present', AFailed);
+  PKCS12_get0_mac := LoadFunction('PKCS12_get0_mac', AFailed);
+  PKCS12_SAFEBAG_get0_attr := LoadFunction('PKCS12_SAFEBAG_get0_attr', AFailed);
+  PKCS12_SAFEBAG_get0_type := LoadFunction('PKCS12_SAFEBAG_get0_type', AFailed);
+  PKCS12_SAFEBAG_get_nid := LoadFunction('PKCS12_SAFEBAG_get_nid', AFailed);
+  PKCS12_SAFEBAG_get_bag_nid := LoadFunction('PKCS12_SAFEBAG_get_bag_nid', AFailed);
+  PKCS12_SAFEBAG_get1_cert := LoadFunction('PKCS12_SAFEBAG_get1_cert', AFailed);
+  PKCS12_SAFEBAG_get1_crl := LoadFunction('PKCS12_SAFEBAG_get1_crl', AFailed);
+  PKCS12_SAFEBAG_get0_p8inf := LoadFunction('PKCS12_SAFEBAG_get0_p8inf', AFailed);
+  PKCS12_SAFEBAG_get0_pkcs8 := LoadFunction('PKCS12_SAFEBAG_get0_pkcs8', AFailed);
+  PKCS12_SAFEBAG_create_cert := LoadFunction('PKCS12_SAFEBAG_create_cert', AFailed);
+  PKCS12_SAFEBAG_create_crl := LoadFunction('PKCS12_SAFEBAG_create_crl', AFailed);
+  PKCS12_SAFEBAG_create0_p8inf := LoadFunction('PKCS12_SAFEBAG_create0_p8inf', AFailed);
+  PKCS12_SAFEBAG_create0_pkcs8 := LoadFunction('PKCS12_SAFEBAG_create0_pkcs8', AFailed);
+  PKCS12_SAFEBAG_create_pkcs8_encrypt := LoadFunction('PKCS12_SAFEBAG_create_pkcs8_encrypt', AFailed);
+  PKCS12_item_pack_safebag := LoadFunction('PKCS12_item_pack_safebag', AFailed);
+  PKCS8_decrypt := LoadFunction('PKCS8_decrypt', AFailed);
+  PKCS12_decrypt_skey := LoadFunction('PKCS12_decrypt_skey', AFailed);
+  PKCS8_encrypt := LoadFunction('PKCS8_encrypt', AFailed);
+  PKCS8_set0_pbe := LoadFunction('PKCS8_set0_pbe', AFailed);
+  PKCS12_add_localkeyid := LoadFunction('PKCS12_add_localkeyid', AFailed);
+  PKCS12_add_friendlyname_asc := LoadFunction('PKCS12_add_friendlyname_asc', AFailed);
+  PKCS12_add_friendlyname_utf8 := LoadFunction('PKCS12_add_friendlyname_utf8', AFailed);
+  PKCS12_add_CSPName_asc := LoadFunction('PKCS12_add_CSPName_asc', AFailed);
+  PKCS12_add_friendlyname_uni := LoadFunction('PKCS12_add_friendlyname_uni', AFailed);
+  PKCS8_add_keyusage := LoadFunction('PKCS8_add_keyusage', AFailed);
+  PKCS12_get_friendlyname := LoadFunction('PKCS12_get_friendlyname', AFailed);
+  PKCS12_pbe_crypt := LoadFunction('PKCS12_pbe_crypt', AFailed);
+  PKCS12_item_decrypt_d2i := LoadFunction('PKCS12_item_decrypt_d2i', AFailed);
+  PKCS12_item_i2d_encrypt := LoadFunction('PKCS12_item_i2d_encrypt', AFailed);
+  PKCS12_init := LoadFunction('PKCS12_init', AFailed);
+  PKCS12_key_gen_asc := LoadFunction('PKCS12_key_gen_asc', AFailed);
+  PKCS12_key_gen_uni := LoadFunction('PKCS12_key_gen_uni', AFailed);
+  PKCS12_key_gen_utf8 := LoadFunction('PKCS12_key_gen_utf8', AFailed);
+  PKCS12_PBE_keyivgen := LoadFunction('PKCS12_PBE_keyivgen', AFailed);
+  PKCS12_gen_mac := LoadFunction('PKCS12_gen_mac', AFailed);
+  PKCS12_verify_mac := LoadFunction('PKCS12_verify_mac', AFailed);
+  PKCS12_set_mac := LoadFunction('PKCS12_set_mac', AFailed);
+  PKCS12_setup_mac := LoadFunction('PKCS12_setup_mac', AFailed);
+  OPENSSL_asc2uni := LoadFunction('OPENSSL_asc2uni', AFailed);
+  OPENSSL_uni2asc := LoadFunction('OPENSSL_uni2asc', AFailed);
+  OPENSSL_utf82uni := LoadFunction('OPENSSL_utf82uni', AFailed);
+  OPENSSL_uni2utf8 := LoadFunction('OPENSSL_uni2utf8', AFailed);
+  PKCS12_PBE_add := LoadFunction('PKCS12_PBE_add', AFailed);
+  PKCS12_parse := LoadFunction('PKCS12_parse', AFailed);
+  PKCS12_create := LoadFunction('PKCS12_create', AFailed);
+  i2d_PKCS12_bio := LoadFunction('i2d_PKCS12_bio', AFailed);
+  d2i_PKCS12_bio := LoadFunction('d2i_PKCS12_bio', AFailed);
+  PKCS12_newpass := LoadFunction('PKCS12_newpass', AFailed);
+end;
+
+procedure UnLoad;
+begin
+  PKCS12_mac_present := nil;
+  PKCS12_get0_mac := nil;
+  PKCS12_SAFEBAG_get0_attr := nil;
+  PKCS12_SAFEBAG_get0_type := nil;
+  PKCS12_SAFEBAG_get_nid := nil;
+  PKCS12_SAFEBAG_get_bag_nid := nil;
+  PKCS12_SAFEBAG_get1_cert := nil;
+  PKCS12_SAFEBAG_get1_crl := nil;
+  PKCS12_SAFEBAG_get0_p8inf := nil;
+  PKCS12_SAFEBAG_get0_pkcs8 := nil;
+  PKCS12_SAFEBAG_create_cert := nil;
+  PKCS12_SAFEBAG_create_crl := nil;
+  PKCS12_SAFEBAG_create0_p8inf := nil;
+  PKCS12_SAFEBAG_create0_pkcs8 := nil;
+  PKCS12_SAFEBAG_create_pkcs8_encrypt := nil;
+  PKCS12_item_pack_safebag := nil;
+  PKCS8_decrypt := nil;
+  PKCS12_decrypt_skey := nil;
+  PKCS8_encrypt := nil;
+  PKCS8_set0_pbe := nil;
+  PKCS12_add_localkeyid := nil;
+  PKCS12_add_friendlyname_asc := nil;
+  PKCS12_add_friendlyname_utf8 := nil;
+  PKCS12_add_CSPName_asc := nil;
+  PKCS12_add_friendlyname_uni := nil;
+  PKCS8_add_keyusage := nil;
+  PKCS12_get_friendlyname := nil;
+  PKCS12_pbe_crypt := nil;
+  PKCS12_item_decrypt_d2i := nil;
+  PKCS12_item_i2d_encrypt := nil;
+  PKCS12_init := nil;
+  PKCS12_key_gen_asc := nil;
+  PKCS12_key_gen_uni := nil;
+  PKCS12_key_gen_utf8 := nil;
+  PKCS12_PBE_keyivgen := nil;
+  PKCS12_gen_mac := nil;
+  PKCS12_verify_mac := nil;
+  PKCS12_set_mac := nil;
+  PKCS12_setup_mac := nil;
+  OPENSSL_asc2uni := nil;
+  OPENSSL_uni2asc := nil;
+  OPENSSL_utf82uni := nil;
+  OPENSSL_uni2utf8 := nil;
+  PKCS12_PBE_add := nil;
+  PKCS12_parse := nil;
+  PKCS12_create := nil;
+  i2d_PKCS12_bio := nil;
+  d2i_PKCS12_bio := nil;
+  PKCS12_newpass := nil;
+end;
+
+end.
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ossl_typ.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ossl_typ.pas
index 751eb7c5a..9ba9ac751 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ossl_typ.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_ossl_typ.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 28.07.2021 14:11:10
+// Generation date: 10.10.2022 11:49:08
 
 unit IdOpenSSLHeaders_ossl_typ;
 
@@ -262,6 +262,9 @@   asn1_string_st = record
   X509 = x509_st;
   PX509 = ^X509;
   PPX509 = ^PX509;
+  Stack_Of_X509 = type Pointer;
+  PStack_Of_X509 = ^Stack_Of_X509;
+  PPStack_Of_X509 = ^PStack_Of_X509;
   X509_crl_st = type Pointer;
   X509_CRL = X509_crl_st;
   PX509_CRL = ^X509_CRL;
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_pkcs12.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_pkcs12.pas
new file mode 100644
index 000000000..8d21dfcda
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_pkcs12.pas
@@ -0,0 +1,183 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: Fabian S. Biehn                                }
+{                               fbiehn@aagon.com (German & English)            }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+
+// This File is auto generated!
+// Any change to this file should be made in the
+// corresponding unit in the folder "intermediate"!
+
+// Generation date: 10.10.2022 12:13:38
+
+unit IdOpenSSLHeaders_pkcs12;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// pkcs12.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLHeaders_ossl_typ,
+  IdOpenSSLHeaders_pkcs7,
+  IdOpenSSLHeaders_x509;
+
+const
+  PKCS12_KEY_ID = 1;
+  PKCS12_IV_ID = 2;
+  PKCS12_MAC_ID = 3;
+
+  ///* Default iteration count */
+  //# ifndef PKCS12_DEFAULT_ITER
+  //#  define PKCS12_DEFAULT_ITER     PKCS5_DEFAULT_ITER
+  //# endif
+  
+  PKCS12_MAC_KEY_LENGTH = 20;
+
+  PKCS12_SALT_LEN = 8;
+
+  ///* It's not clear if these are actually needed... */
+  //# define PKCS12_key_gen PKCS12_key_gen_utf8
+  //# define PKCS12_add_friendlyname PKCS12_add_friendlyname_utf8
+
+  (* MS key usage constants *)
+  KEY_EX  = $10;
+  KEY_SIG = $80;
+
+  PKCS12_ERROR    = 0;
+  PKCS12_OK       = 1;
+  
+type
+  PKCS12_MAC_DATA_st = type Pointer;
+  PKCS12_MAC_DATA = PKCS12_MAC_DATA_st;
+  PPPKCS12_MAC_DATA = ^PKCS12_MAC_DATA;
+
+  PKCS12_st = type Pointer;
+  PKCS12 = PKCS12_st;
+  PPKCS12 = ^PKCS12;
+  PPPKCS12 = ^PPKCS12;
+
+  PKCS12_SAFEBAG_st = type Pointer;
+  PKCS12_SAFEBAG = PKCS12_SAFEBAG_st;
+  PPKCS12_SAFEBAG = ^PKCS12_SAFEBAG;
+
+//  DEFINE_STACK_OF(PKCS12_SAFEBAG)
+
+  pkcs12_bag_st = type Pointer;
+  PKCS12_BAGS = pkcs12_bag_st;
+  PPKCS12_BAGS = ^PKCS12_BAGS;
+
+  //ASN1_TYPE *PKCS8_get_attr(PKCS8_PRIV_KEY_INFO *p8, TIdC_INT attr_nid);
+  function PKCS12_mac_present(const p12: PPKCS12): TIdC_INT cdecl; external CLibCrypto;
+  procedure PKCS12_get0_mac(const pmac: PPASN1_OCTET_STRING; const pmacalg: PPX509_ALGOR; const psalt: PPASN1_OCTET_STRING; const piter: PPASN1_INTEGER; const p12: PPKCS12) cdecl; external CLibCrypto;
+
+  function PKCS12_SAFEBAG_get0_attr(const bag: PPKCS12_SAFEBAG; attr_nid: TIdC_INT): PASN1_TYPE cdecl; external CLibCrypto;
+  function PKCS12_SAFEBAG_get0_type(const bag: PPKCS12_SAFEBAG): PASN1_OBJECT cdecl; external CLibCrypto;
+  function PKCS12_SAFEBAG_get_nid(const bag: PPKCS12_SAFEBAG): TIdC_INT cdecl; external CLibCrypto;
+  function PKCS12_SAFEBAG_get_bag_nid(const bag: PPKCS12_SAFEBAG): TIdC_INT cdecl; external CLibCrypto;
+
+  function PKCS12_SAFEBAG_get1_cert(const bag: PPKCS12_SAFEBAG): PX509 cdecl; external CLibCrypto;
+  function PKCS12_SAFEBAG_get1_crl(const bag: PPKCS12_SAFEBAG): PX509_CRL cdecl; external CLibCrypto;
+//  const STACK_OF(PKCS12_SAFEBAG) *PKCS12_SAFEBAG_get0_safes(const PKCS12_SAFEBAG *bag);
+  function PKCS12_SAFEBAG_get0_p8inf(const bag: PPKCS12_SAFEBAG): PPKCS8_PRIV_KEY_INFO cdecl; external CLibCrypto;
+  function PKCS12_SAFEBAG_get0_pkcs8(const bag: PPKCS12_SAFEBAG): PX509_SIG cdecl; external CLibCrypto;
+
+  function PKCS12_SAFEBAG_create_cert(x509: PX509): PPKCS12_SAFEBAG cdecl; external CLibCrypto;
+  function PKCS12_SAFEBAG_create_crl(crl: PX509_CRL): PPKCS12_SAFEBAG cdecl; external CLibCrypto;
+  function PKCS12_SAFEBAG_create0_p8inf(p8: PPKCS8_PRIV_KEY_INFO): PPKCS12_SAFEBAG cdecl; external CLibCrypto;
+  function PKCS12_SAFEBAG_create0_pkcs8(p8: PX509_SIG): PPKCS12_SAFEBAG cdecl; external CLibCrypto;
+  function PKCS12_SAFEBAG_create_pkcs8_encrypt(pbe_nid: TIdC_INT; const pass: PIdAnsiChar; passlen: TIdC_INT; salt: PByte; saltlen: TIdC_INT; iter: TIdC_INT; p8inf: PPKCS8_PRIV_KEY_INFO): PPKCS12_SAFEBAG cdecl; external CLibCrypto;
+
+  function PKCS12_item_pack_safebag(obj: Pointer; const it: PASN1_ITEM; nid1: TIdC_INT; nid2: TIdC_INT): PPKCS12_SAFEBAG cdecl; external CLibCrypto;
+  function PKCS8_decrypt(const p8: PX509_SIG; const pass: PIdAnsiChar; passlen: TIdC_INT): PPKCS8_PRIV_KEY_INFO cdecl; external CLibCrypto;
+  function PKCS12_decrypt_skey(const bag: PPKCS12_SAFEBAG; const pass: PIdAnsiChar; passlen: TIdC_INT): PPKCS8_PRIV_KEY_INFO cdecl; external CLibCrypto;
+  function PKCS8_encrypt(pbe_nid: TIdC_INT; const cipher: PEVP_CIPHER; const pass: PIdAnsiChar; passlen: TIdC_INT; salt: PByte; saltlen: TIdC_INT; iter: TIdC_INT; p8: PPKCS8_PRIV_KEY_INFO): PX509_SIG cdecl; external CLibCrypto;
+  function PKCS8_set0_pbe(const pass: PIdAnsiChar; passlen: TIdC_INT; p8inf: PPKCS8_PRIV_KEY_INFO; pbe: PX509_ALGOR): PX509_SIG cdecl; external CLibCrypto;
+//  PKCS7 *PKCS12_pack_p7data(STACK_OF(PKCS12_SAFEBAG) *sk);
+//  STACK_OF(PKCS12_SAFEBAG) *PKCS12_unpack_p7data(PKCS7 *p7);
+//  function PKCS12_pack_p7encdata(TIdC_INT pbe_nid, const PIdAnsiChar pass, TIdC_INT passlen,
+//                               Byte *salt, TIdC_INT saltlen, TIdC_INT iter,
+//                               STACK_OF(PKCS12_SAFEBAG) *bags): PPKCS7;
+//  STACK_OF(PKCS12_SAFEBAG) *PKCS12_unpack_p7encdata(PKCS7 *p7, const PIdAnsiChar *pass,
+//                                                    TIdC_INT passlen);
+
+//  TIdC_INT PKCS12_pack_authsafes(PKCS12 *p12, STACK_OF(PKCS7) *safes);
+//  STACK_OF(PKCS7) *PKCS12_unpack_authsafes(const PKCS12 *p12);
+
+  function PKCS12_add_localkeyid(bag: PPKCS12_SAFEBAG; name: PByte; namelen: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function PKCS12_add_friendlyname_asc(bag: PPKCS12_SAFEBAG; const name: PIdAnsiChar; namelen: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function PKCS12_add_friendlyname_utf8(bag: PPKCS12_SAFEBAG; const name: PIdAnsiChar; namelen: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function PKCS12_add_CSPName_asc(bag: PPKCS12_SAFEBAG; const name: PIdAnsiChar; namelen: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function PKCS12_add_friendlyname_uni(bag: PPKCS12_SAFEBAG; const name: PByte; namelen: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function PKCS8_add_keyusage(p8: PPKCS8_PRIV_KEY_INFO; usage: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+//  function PKCS12_get_attr_gen(const STACK_OF(X509_ATTRIBUTE) *attrs; TIdC_INT attr_nid): PASN1_TYPE;
+  function PKCS12_get_friendlyname(bag: PPKCS12_SAFEBAG): PIdAnsiChar cdecl; external CLibCrypto;
+//  const STACK_OF(X509_ATTRIBUTE) *PKCS12_SAFEBAG_get0_attrs(const PKCS12_SAFEBAG *bag);
+  function PKCS12_pbe_crypt(const algor: PX509_ALGOR; const pass: PIdAnsiChar; passlen: TIdC_INT; const in_: PByte; inlen: TIdC_INT; data: PPByte; datalen: PIdC_INT; en_de: TIdC_INT): PByte cdecl; external CLibCrypto;
+  function PKCS12_item_decrypt_d2i(const algor: PX509_ALGOR; const it: PASN1_ITEM; const pass: PIdAnsiChar; passlen: TIdC_INT; const oct: PASN1_OCTET_STRING; zbuf: TIdC_INT): Pointer cdecl; external CLibCrypto;
+  function PKCS12_item_i2d_encrypt(algor: PX509_ALGOR; const it: PASN1_ITEM; const pass: PIdAnsiChar; passlen: TIdC_INT; obj: Pointer; zbuf: TIdC_INT): PASN1_OCTET_STRING cdecl; external CLibCrypto;
+  function PKCS12_init(mode: TIdC_INT): PPKCS12 cdecl; external CLibCrypto;
+  function PKCS12_key_gen_asc(const pass: PIdAnsiChar; passlen: TIdC_INT; salt: PByte; saltlen: TIdC_INT; id: TIdC_INT; iter: TIdC_INT; n: TIdC_INT; out_: PByte; const md_type: PEVP_MD): TIdC_INT cdecl; external CLibCrypto;
+  function PKCS12_key_gen_uni(pass: PByte; passlen: TIdC_INT; salt: PByte; saltlen: TIdC_INT; id: TIdC_INT; iter: TIdC_INT; n: TIdC_INT; out_: PByte; const md_type: PEVP_MD): TIdC_INT cdecl; external CLibCrypto;
+  function PKCS12_key_gen_utf8(const pass: PIdAnsiChar; passlen: TIdC_INT; salt: PByte; saltlen: TIdC_INT; id: TIdC_INT; iter: TIdC_INT; n: TIdC_INT; out_: PByte; const md_type: PEVP_MD): TIdC_INT cdecl; external CLibCrypto;
+  function PKCS12_PBE_keyivgen(ctx: PEVP_CIPHER_CTX; const pass: PIdAnsiChar; passlen: TIdC_INT; param: PASN1_TYPE; const cipher: PEVP_CIPHER; const md_type: PEVP_MD; en_de: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function PKCS12_gen_mac(p12: PPKCS12; const pass: PIdAnsiChar; passlen: TIdC_INT; mac: PByte; maclen: PIdC_UINT): TIdC_INT cdecl; external CLibCrypto;
+  function PKCS12_verify_mac(p12: PPKCS12; const pass: PIdAnsiChar; passlen: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
+  function PKCS12_set_mac(p12: PPKCS12; const pass: PIdAnsiChar; passlen: TIdC_INT; salt: PByte; saltlen: TIdC_INT; iter: TIdC_INT; const md_type: PEVP_MD): TIdC_INT cdecl; external CLibCrypto;
+  function PKCS12_setup_mac(p12: PPKCS12; iter: TIdC_INT; salt: PByte; saltlen: TIdC_INT; const md_type: PEVP_MD): TIdC_INT cdecl; external CLibCrypto;
+  function OPENSSL_asc2uni(const asc: PIdAnsiChar; asclen: TIdC_INT; uni: PPByte; unilen: PIdC_INT): PByte cdecl; external CLibCrypto;
+  function OPENSSL_uni2asc(const uni: PByte; unilen: TIdC_INT): PIdAnsiChar cdecl; external CLibCrypto;
+  function OPENSSL_utf82uni(const asc: PIdAnsiChar; asclen: TIdC_INT; uni: PPByte; unilen: PIdC_INT): PByte cdecl; external CLibCrypto;
+  function OPENSSL_uni2utf8(const uni: PByte; unilen: TIdC_INT): PIdAnsiChar cdecl; external CLibCrypto;
+
+//  DECLARE_ASN1_FUNCTIONS(PKCS12)
+//  DECLARE_ASN1_FUNCTIONS(PKCS12_MAC_DATA)
+//  DECLARE_ASN1_FUNCTIONS(PKCS12_SAFEBAG)
+//  DECLARE_ASN1_FUNCTIONS(PKCS12_BAGS)
+
+//  DECLARE_ASN1_ITEM(PKCS12_SAFEBAGS)
+//  DECLARE_ASN1_ITEM(PKCS12_AUTHSAFES)
+
+  procedure PKCS12_PBE_add(v: Pointer) cdecl; external CLibCrypto;
+  function PKCS12_parse(p12: PPKCS12; const pass: PIdAnsiChar; pkey: PPEVP_PKEY; cert: PPX509; ca: PPStack_Of_X509): TIdC_INT cdecl; external CLibCrypto;
+  function PKCS12_create(const pass: PIdAnsiChar; const name: PIdAnsiChar; pkey: PEVP_PKEY; cert: PX509; ca: PStack_Of_X509; nid_key: TIdC_INT; nid_cert: TIdC_INT; iter: TIdC_INT; mac_iter: TIdC_INT; keytype: TIdC_INT): PPKCS12 cdecl; external CLibCrypto;
+
+//  function PKCS12_add_cert(STACK_OF(PKCS12_SAFEBAG) **pbags; X509 *cert): PKCS12_SAFEBAG;
+//  PKCS12_SAFEBAG *PKCS12_add_key(STACK_OF(PKCS12_SAFEBAG) **pbags;
+//                                 EVP_PKEY *key; TIdC_INT key_usage; iter: TIdC_INT;
+//                                 TIdC_INT key_nid; const pass: PIdAnsiChar);
+//  TIdC_INT PKCS12_add_safe(STACK_OF(PKCS7) **psafes; STACK_OF(PKCS12_SAFEBAG) *bags;
+//                      TIdC_INT safe_nid; iter: TIdC_INT; const pass: PIdAnsiChar);
+//  PKCS12 *PKCS12_add_safes(STACK_OF(PKCS7) *safes; TIdC_INT p7_nid);
+
+  function i2d_PKCS12_bio(bp: PBIO; p12: PPKCS12): TIdC_INT cdecl; external CLibCrypto;
+  function d2i_PKCS12_bio(bp: PBIO; p12: PPPKCS12): PPKCS12 cdecl; external CLibCrypto;
+  function PKCS12_newpass(p12: PPKCS12; const oldpass: PIdAnsiChar; const newpass: PIdAnsiChar): TIdC_INT cdecl; external CLibCrypto;
+
+implementation
+
+end.

From f200beca11c8987db6085f7626b4bf124e32c9f8 Mon Sep 17 00:00:00 2001
From: "Fabian S. Biehn" <fbiehn@aagon.com>
Date: Mon, 10 Oct 2022 11:57:45 +0200
Subject: [PATCH 52/64] Sort uses

---
 Lib/Protocols/OpenSSL/IdOpenSSLIOHandlerServer.pas | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Lib/Protocols/OpenSSL/IdOpenSSLIOHandlerServer.pas b/Lib/Protocols/OpenSSL/IdOpenSSLIOHandlerServer.pas
index 9d74d9b59..ac6b1740a 100644
--- a/Lib/Protocols/OpenSSL/IdOpenSSLIOHandlerServer.pas
+++ b/Lib/Protocols/OpenSSL/IdOpenSSLIOHandlerServer.pas
@@ -35,8 +35,8 @@ interface
   IdOpenSSLContext,
   IdOpenSSLContextServer,
   IdOpenSSLOptionsServer,
-  IdSSL,
   IdSocketHandle,
+  IdSSL,
   IdThread,
   IdYarn;
 

From 38fd1c3e17c824a4b921f2860a0f6ef0ac32c7c2 Mon Sep 17 00:00:00 2001
From: "Fabian S. Biehn" <fbiehn@aagon.com>
Date: Mon, 10 Oct 2022 11:59:14 +0200
Subject: [PATCH 53/64] Use newer function

---
 Lib/Protocols/OpenSSL/IdOpenSSLX509.pas | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Lib/Protocols/OpenSSL/IdOpenSSLX509.pas b/Lib/Protocols/OpenSSL/IdOpenSSLX509.pas
index 2db20e39a..64997506e 100644
--- a/Lib/Protocols/OpenSSL/IdOpenSSLX509.pas
+++ b/Lib/Protocols/OpenSSL/IdOpenSSLX509.pas
@@ -264,7 +264,7 @@ function TIdOpenSSLX509.GetSerialNumber: string;
   LAsAsn1Int: PASN1_INTEGER;
   LAsBN: PBIGNUM;
 begin
-  LAsAsn1Int := X509_get_serialNumber(FX509);
+  LAsAsn1Int := X509_get0_serialNumber(FX509);
   LAsBN := ASN1_INTEGER_to_BN(LAsAsn1Int, nil);
   Result := GetString(BN_bn2hex(LAsBN));
 end;

From baf3c224ea966aa38fdb5798be8740a74430cac6 Mon Sep 17 00:00:00 2001
From: "Fabian S. Biehn" <fbiehn@aagon.com>
Date: Mon, 10 Oct 2022 12:00:02 +0200
Subject: [PATCH 54/64] Added possibility to load trusted certs

Trusted certs are a special OpenSSL format
---
 Lib/Protocols/OpenSSL/IdOpenSSLX509.pas | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/Lib/Protocols/OpenSSL/IdOpenSSLX509.pas b/Lib/Protocols/OpenSSL/IdOpenSSLX509.pas
index 64997506e..f597d5dc7 100644
--- a/Lib/Protocols/OpenSSL/IdOpenSSLX509.pas
+++ b/Lib/Protocols/OpenSSL/IdOpenSSLX509.pas
@@ -190,6 +190,16 @@ implementation
   IdOpenSSLHeaders_x509,
   IdOpenSSLUtils;
 
+function LoadFromBio(const ABIO: PBIO): PX509;
+begin
+  Result := PEM_read_bio_X509(ABio, nil, nil, nil);
+  if not Assigned(Result) then
+  begin
+    BIO_ctrl(ABio, BIO_CTRL_RESET, 0, nil); // long version for makro BIO_reset
+    Result := PEM_read_bio_X509_AUX(ABio, nil, nil, nil); // Retry for -----BEGIN TRUSTED CERTIFICATE-----
+  end;
+end;
+
 function LoadCertificate(const AFile: string): PX509;
 var
   LBio: PBIO;
@@ -199,7 +209,7 @@ function LoadCertificate(const AFile: string): PX509;
   if not Assigned(LBio) then
     Exit;
   try
-    Result := PEM_read_bio_X509(LBio, nil, nil, nil);
+    Result := LoadFromBio(LBIO);
   finally
     BIO_free(LBio);
   end;

From a75a5d071517be61eb6db8fa617ec70d0592a765 Mon Sep 17 00:00:00 2001
From: "Fabian S. Biehn" <fbiehn@aagon.com>
Date: Mon, 10 Oct 2022 12:00:39 +0200
Subject: [PATCH 55/64] Load x509 from memory directly

---
 Lib/Protocols/OpenSSL/IdOpenSSLX509.pas | 19 ++++++++++++++++++-
 1 file changed, 18 insertions(+), 1 deletion(-)

diff --git a/Lib/Protocols/OpenSSL/IdOpenSSLX509.pas b/Lib/Protocols/OpenSSL/IdOpenSSLX509.pas
index f597d5dc7..12a5ad6e2 100644
--- a/Lib/Protocols/OpenSSL/IdOpenSSLX509.pas
+++ b/Lib/Protocols/OpenSSL/IdOpenSSLX509.pas
@@ -35,7 +35,8 @@ interface
   IdOpenSSLHeaders_ossl_typ,
   IdCTypes,
   IdGlobal,
-  Classes;
+  Classes,
+  SysUtils;
 
 type
   /// <summary>
@@ -124,6 +125,7 @@   TIdOpenSSLX509 = class(TIdOpenSSLPersistent)
   public
     constructor Create(const AX509: PX509); reintroduce; overload;
     constructor Create(const AFile: string); reintroduce; overload;
+    constructor Create(const ACert: TBytes); reintroduce; overload;
     destructor Destroy; override;
     procedure AssignTo(Dest: TPersistent); override;
 
@@ -247,6 +249,21 @@ constructor TIdOpenSSLX509.Create(const AX509: PX509);
   FX509 := AX509;
 end;
 
+constructor TIdOpenSSLX509.Create(const ACert: TBytes);
+var
+  LBIO: PBIO;
+begin
+  inherited Create();
+  LBIO := BIO_new_mem_buf(@ACert[0], Length(ACert));
+  if not Assigned(LBio) then
+    Exit;
+  try
+    FX509 := LoadFromBio(LBIO);
+  finally
+    BIO_free(LBIO);
+  end;
+end;
+
 destructor TIdOpenSSLX509.Destroy;
 begin
   FSubject.Free();

From c429db4a7988a659342f8be03d4b3d8ffd8996e8 Mon Sep 17 00:00:00 2001
From: "Fabian S. Biehn" <fbiehn@aagon.com>
Date: Mon, 10 Oct 2022 12:38:14 +0200
Subject: [PATCH 56/64] Fixed translation error in bio

Used BIO_METHOD (wrong) instead of PBIO_METHOD (correct)
---
 .../IntermediateCode/IdOpenSSLHeaders_bio.pas | 32 ++++++++---------
 .../OpenSSL/dynamic/IdOpenSSLHeaders_bio.pas  | 34 +++++++++----------
 .../OpenSSL/static/IdOpenSSLHeaders_bio.pas   | 34 +++++++++----------
 3 files changed, 50 insertions(+), 50 deletions(-)

diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_bio.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_bio.pas
index dbaeeea9a..a8f2ae82f 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_bio.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_bio.pas
@@ -576,27 +576,27 @@ function BIO_set_mem_eof_return(b: PBIO; v: TIdC_INT): TIdC_INT;
 
   function BIO_debug_callback(bio: PBIO; cmd: TIdC_INT; const argp: PIdAnsiChar; argi: TIdC_INT; argl: TIdC_LONG; ret: TIdC_LONG): TIdC_LONG;
 
-  function BIO_s_mem: BIO_METHOD;
-  function BIO_s_secmem: BIO_METHOD;
+  function BIO_s_mem: PBIO_METHOD;
+  function BIO_s_secmem: PBIO_METHOD;
   function BIO_new_mem_buf(const buf: Pointer; len: TIdC_INT): PBIO;
 
-  function BIO_s_socket: BIO_METHOD;
-  function BIO_s_connect: BIO_METHOD;
-  function BIO_s_accept: BIO_METHOD;
-
-  function BIO_s_fd: BIO_METHOD;
-  function BIO_s_log: BIO_METHOD;
-  function BIO_s_bio: BIO_METHOD;
-  function BIO_s_null: BIO_METHOD;
-  function BIO_f_null: BIO_METHOD;
-  function BIO_f_buffer: BIO_METHOD;
-  function BIO_f_linebuffer: BIO_METHOD;
-  function BIO_f_nbio_test: BIO_METHOD;
-  function BIO_s_datagram: BIO_METHOD;
+  function BIO_s_socket: PBIO_METHOD;
+  function BIO_s_connect: PBIO_METHOD;
+  function BIO_s_accept: PBIO_METHOD;
+
+  function BIO_s_fd: PBIO_METHOD;
+  function BIO_s_log: PBIO_METHOD;
+  function BIO_s_bio: PBIO_METHOD;
+  function BIO_s_null: PBIO_METHOD;
+  function BIO_f_null: PBIO_METHOD;
+  function BIO_f_buffer: PBIO_METHOD;
+  function BIO_f_linebuffer: PBIO_METHOD;
+  function BIO_f_nbio_test: PBIO_METHOD;
+  function BIO_s_datagram: PBIO_METHOD;
   function BIO_dgram_non_fatal_error(error: TIdC_INT): TIdC_INT;
   function BIO_new_dgram(fd: TIdC_INT; close_flag: TIdC_INT): PBIO;
 
-  function BIO_s_datagram_sctp: BIO_METHOD;
+  function BIO_s_datagram_sctp: PBIO_METHOD;
   function BIO_new_dgram_sctp(fd: TIdC_INT; close_flag: TIdC_INT): PBIO;
   function BIO_dgram_is_sctp(bio: PBIO): TIdC_INT;
 //  function BIO_dgram_sctp_notification_cb(bio: PBIO; handle_notifications(PBIO;
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_bio.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_bio.pas
index 6ce36bce7..9fd76d60b 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_bio.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_bio.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 28.07.2021 14:11:11
+// Generation date: 10.10.2022 12:36:53
 
 unit IdOpenSSLHeaders_bio;
 
@@ -586,27 +586,27 @@ procedure UnLoad;
 
   BIO_debug_callback: function(bio: PBIO; cmd: TIdC_INT; const argp: PIdAnsiChar; argi: TIdC_INT; argl: TIdC_LONG; ret: TIdC_LONG): TIdC_LONG cdecl = nil;
 
-  BIO_s_mem: function: BIO_METHOD cdecl = nil;
-  BIO_s_secmem: function: BIO_METHOD cdecl = nil;
+  BIO_s_mem: function: PBIO_METHOD cdecl = nil;
+  BIO_s_secmem: function: PBIO_METHOD cdecl = nil;
   BIO_new_mem_buf: function(const buf: Pointer; len: TIdC_INT): PBIO cdecl = nil;
 
-  BIO_s_socket: function: BIO_METHOD cdecl = nil;
-  BIO_s_connect: function: BIO_METHOD cdecl = nil;
-  BIO_s_accept: function: BIO_METHOD cdecl = nil;
-
-  BIO_s_fd: function: BIO_METHOD cdecl = nil;
-  BIO_s_log: function: BIO_METHOD cdecl = nil;
-  BIO_s_bio: function: BIO_METHOD cdecl = nil;
-  BIO_s_null: function: BIO_METHOD cdecl = nil;
-  BIO_f_null: function: BIO_METHOD cdecl = nil;
-  BIO_f_buffer: function: BIO_METHOD cdecl = nil;
-  BIO_f_linebuffer: function: BIO_METHOD cdecl = nil;
-  BIO_f_nbio_test: function: BIO_METHOD cdecl = nil;
-  BIO_s_datagram: function: BIO_METHOD cdecl = nil;
+  BIO_s_socket: function: PBIO_METHOD cdecl = nil;
+  BIO_s_connect: function: PBIO_METHOD cdecl = nil;
+  BIO_s_accept: function: PBIO_METHOD cdecl = nil;
+
+  BIO_s_fd: function: PBIO_METHOD cdecl = nil;
+  BIO_s_log: function: PBIO_METHOD cdecl = nil;
+  BIO_s_bio: function: PBIO_METHOD cdecl = nil;
+  BIO_s_null: function: PBIO_METHOD cdecl = nil;
+  BIO_f_null: function: PBIO_METHOD cdecl = nil;
+  BIO_f_buffer: function: PBIO_METHOD cdecl = nil;
+  BIO_f_linebuffer: function: PBIO_METHOD cdecl = nil;
+  BIO_f_nbio_test: function: PBIO_METHOD cdecl = nil;
+  BIO_s_datagram: function: PBIO_METHOD cdecl = nil;
   BIO_dgram_non_fatal_error: function(error: TIdC_INT): TIdC_INT cdecl = nil;
   BIO_new_dgram: function(fd: TIdC_INT; close_flag: TIdC_INT): PBIO cdecl = nil;
 
-  BIO_s_datagram_sctp: function: BIO_METHOD cdecl = nil;
+  BIO_s_datagram_sctp: function: PBIO_METHOD cdecl = nil;
   BIO_new_dgram_sctp: function(fd: TIdC_INT; close_flag: TIdC_INT): PBIO cdecl = nil;
   BIO_dgram_is_sctp: function(bio: PBIO): TIdC_INT cdecl = nil;
 //  function BIO_dgram_sctp_notification_cb(bio: PBIO; handle_notifications(PBIO;
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_bio.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_bio.pas
index deb68efb4..930ad1b2d 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_bio.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_bio.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 28.07.2021 14:11:10
+// Generation date: 10.10.2022 12:36:39
 
 unit IdOpenSSLHeaders_bio;
 
@@ -581,27 +581,27 @@ function BIO_set_mem_eof_return(b: PBIO; v: TIdC_INT): TIdC_INT;
 
   function BIO_debug_callback(bio: PBIO; cmd: TIdC_INT; const argp: PIdAnsiChar; argi: TIdC_INT; argl: TIdC_LONG; ret: TIdC_LONG): TIdC_LONG cdecl; external CLibCrypto;
 
-  function BIO_s_mem: BIO_METHOD cdecl; external CLibCrypto;
-  function BIO_s_secmem: BIO_METHOD cdecl; external CLibCrypto;
+  function BIO_s_mem: PBIO_METHOD cdecl; external CLibCrypto;
+  function BIO_s_secmem: PBIO_METHOD cdecl; external CLibCrypto;
   function BIO_new_mem_buf(const buf: Pointer; len: TIdC_INT): PBIO cdecl; external CLibCrypto;
 
-  function BIO_s_socket: BIO_METHOD cdecl; external CLibCrypto;
-  function BIO_s_connect: BIO_METHOD cdecl; external CLibCrypto;
-  function BIO_s_accept: BIO_METHOD cdecl; external CLibCrypto;
-
-  function BIO_s_fd: BIO_METHOD cdecl; external CLibCrypto;
-  function BIO_s_log: BIO_METHOD cdecl; external CLibCrypto;
-  function BIO_s_bio: BIO_METHOD cdecl; external CLibCrypto;
-  function BIO_s_null: BIO_METHOD cdecl; external CLibCrypto;
-  function BIO_f_null: BIO_METHOD cdecl; external CLibCrypto;
-  function BIO_f_buffer: BIO_METHOD cdecl; external CLibCrypto;
-  function BIO_f_linebuffer: BIO_METHOD cdecl; external CLibCrypto;
-  function BIO_f_nbio_test: BIO_METHOD cdecl; external CLibCrypto;
-  function BIO_s_datagram: BIO_METHOD cdecl; external CLibCrypto;
+  function BIO_s_socket: PBIO_METHOD cdecl; external CLibCrypto;
+  function BIO_s_connect: PBIO_METHOD cdecl; external CLibCrypto;
+  function BIO_s_accept: PBIO_METHOD cdecl; external CLibCrypto;
+
+  function BIO_s_fd: PBIO_METHOD cdecl; external CLibCrypto;
+  function BIO_s_log: PBIO_METHOD cdecl; external CLibCrypto;
+  function BIO_s_bio: PBIO_METHOD cdecl; external CLibCrypto;
+  function BIO_s_null: PBIO_METHOD cdecl; external CLibCrypto;
+  function BIO_f_null: PBIO_METHOD cdecl; external CLibCrypto;
+  function BIO_f_buffer: PBIO_METHOD cdecl; external CLibCrypto;
+  function BIO_f_linebuffer: PBIO_METHOD cdecl; external CLibCrypto;
+  function BIO_f_nbio_test: PBIO_METHOD cdecl; external CLibCrypto;
+  function BIO_s_datagram: PBIO_METHOD cdecl; external CLibCrypto;
   function BIO_dgram_non_fatal_error(error: TIdC_INT): TIdC_INT cdecl; external CLibCrypto;
   function BIO_new_dgram(fd: TIdC_INT; close_flag: TIdC_INT): PBIO cdecl; external CLibCrypto;
 
-  function BIO_s_datagram_sctp: BIO_METHOD cdecl; external CLibCrypto;
+  function BIO_s_datagram_sctp: PBIO_METHOD cdecl; external CLibCrypto;
   function BIO_new_dgram_sctp(fd: TIdC_INT; close_flag: TIdC_INT): PBIO cdecl; external CLibCrypto;
   function BIO_dgram_is_sctp(bio: PBIO): TIdC_INT cdecl; external CLibCrypto;
 //  function BIO_dgram_sctp_notification_cb(bio: PBIO; handle_notifications(PBIO;

From ab73d958067f8baf53920d53950c402eefd0351d Mon Sep 17 00:00:00 2001
From: "Fabian S. Biehn" <fbiehn@aagon.com>
Date: Tue, 11 Oct 2022 07:56:19 +0200
Subject: [PATCH 57/64] Added missing uses

---
 .../OpenSSL/IntermediateCode/IdOpenSSLHeaders_pkcs12.pas       | 1 +
 Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_pkcs12.pas      | 3 ++-
 Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_pkcs12.pas       | 3 ++-
 3 files changed, 5 insertions(+), 2 deletions(-)

diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_pkcs12.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_pkcs12.pas
index 08279ded3..700b2865f 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_pkcs12.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_pkcs12.pas
@@ -36,6 +36,7 @@ interface
 uses
   IdCTypes,
   IdGlobal,
+  IdOpenSSLConsts,
   IdOpenSSLHeaders_ossl_typ,
   IdOpenSSLHeaders_pkcs7,
   IdOpenSSLHeaders_x509;
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_pkcs12.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_pkcs12.pas
index c6b9a9652..a196fb2cf 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_pkcs12.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_pkcs12.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 10.10.2022 12:14:07
+// Generation date: 11.10.2022 07:55:23
 
 unit IdOpenSSLHeaders_pkcs12;
 
@@ -43,6 +43,7 @@ interface
   Classes,
   IdCTypes,
   IdGlobal,
+  IdOpenSSLConsts,
   IdOpenSSLHeaders_ossl_typ,
   IdOpenSSLHeaders_pkcs7,
   IdOpenSSLHeaders_x509;
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_pkcs12.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_pkcs12.pas
index 8d21dfcda..806489754 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_pkcs12.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_pkcs12.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 10.10.2022 12:13:38
+// Generation date: 11.10.2022 07:55:34
 
 unit IdOpenSSLHeaders_pkcs12;
 
@@ -42,6 +42,7 @@ interface
 uses
   IdCTypes,
   IdGlobal,
+  IdOpenSSLConsts,
   IdOpenSSLHeaders_ossl_typ,
   IdOpenSSLHeaders_pkcs7,
   IdOpenSSLHeaders_x509;

From 687183c599d78b06cdc18fca45b22cf8233bd523 Mon Sep 17 00:00:00 2001
From: "Fabian S. Biehn" <fbiehn@aagon.com>
Date: Wed, 12 Oct 2022 10:52:10 +0200
Subject: [PATCH 58/64] Expanded some c compiler macro

---
 .../IdOpenSSLHeaders_pkcs12.pas               | 35 +++++++--
 .../dynamic/IdOpenSSLHeaders_pkcs12.pas       | 77 ++++++++++++++++---
 .../static/IdOpenSSLHeaders_pkcs12.pas        | 37 ++++++---
 3 files changed, 123 insertions(+), 26 deletions(-)

diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_pkcs12.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_pkcs12.pas
index 700b2865f..c60594251 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_pkcs12.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_pkcs12.pas
@@ -69,7 +69,8 @@ interface
 type
   PKCS12_MAC_DATA_st = type Pointer;
   PKCS12_MAC_DATA = PKCS12_MAC_DATA_st;
-  PPPKCS12_MAC_DATA = ^PKCS12_MAC_DATA;
+  PPKCS12_MAC_DATA = ^PKCS12_MAC_DATA;
+  PPPKCS12_MAC_DATA = ^PPKCS12_MAC_DATA;
 
   PKCS12_st = type Pointer;
   PKCS12 = PKCS12_st;
@@ -79,12 +80,14 @@ interface
   PKCS12_SAFEBAG_st = type Pointer;
   PKCS12_SAFEBAG = PKCS12_SAFEBAG_st;
   PPKCS12_SAFEBAG = ^PKCS12_SAFEBAG;
+  PPPKCS12_SAFEBAG = ^PPKCS12_SAFEBAG;
 
 //  DEFINE_STACK_OF(PKCS12_SAFEBAG)
 
   pkcs12_bag_st = type Pointer;
   PKCS12_BAGS = pkcs12_bag_st;
   PPKCS12_BAGS = ^PKCS12_BAGS;
+  PPPKCS12_BAGS = ^PPKCS12_BAGS;
 
 var
   //ASN1_TYPE *PKCS8_get_attr(PKCS8_PRIV_KEY_INFO *p8, TIdC_INT attr_nid);
@@ -150,13 +153,29 @@ interface
   function OPENSSL_utf82uni(const asc: PIdAnsiChar; asclen: TIdC_INT; uni: PPByte; unilen: PIdC_INT): PByte;
   function OPENSSL_uni2utf8(const uni: PByte; unilen: TIdC_INT): PIdAnsiChar;
 
-//  DECLARE_ASN1_FUNCTIONS(PKCS12)
-//  DECLARE_ASN1_FUNCTIONS(PKCS12_MAC_DATA)
-//  DECLARE_ASN1_FUNCTIONS(PKCS12_SAFEBAG)
-//  DECLARE_ASN1_FUNCTIONS(PKCS12_BAGS)
-
-//  DECLARE_ASN1_ITEM(PKCS12_SAFEBAGS)
-//  DECLARE_ASN1_ITEM(PKCS12_AUTHSAFES)
+  function PKCS12_new: PPKCS12;
+  procedure PKCS12_free(a: PPKCS12);
+  function d2i_PKCS12(a: PPPKCS12; const in_: PPByte; len: TIdC_LONG): PPKCS12;
+  function i2d_PKCS12(a: PPKCS12; out_: PPByte): TIdC_INT;
+  function PKCS12_it: PASN1_ITEM;
+
+  function PKCS12_MAC_DATA_new: PPKCS12_MAC_DATA;
+  procedure PKCS12_MAC_DATA_free(a: PPKCS12_MAC_DATA);
+  function d2i_PKCS12_MAC_DATA(a: PPPKCS12_MAC_DATA; const in_: PPByte; len: TIdC_LONG): PPKCS12_MAC_DATA;
+  function i2d_PKCS12_MAC_DATA(a: PPKCS12_MAC_DATA; out_: PPByte): TIdC_INT;
+  function PKCS12_MAC_DATA_it: PASN1_ITEM;
+
+  function PKCS12_SAFEBAG_new: PPKCS12_SAFEBAG;
+  procedure PKCS12_SAFEBAG_free(a: PPKCS12_SAFEBAG);
+  function d2i_PKCS12_SAFEBAG(a: PPPKCS12_SAFEBAG; const in_: PPByte; len: TIdC_LONG): PPKCS12_SAFEBAG;
+  function i2d_PKCS12_SAFEBAG(a: PPKCS12_SAFEBAG; out_: PPByte): TIdC_INT;
+  function PKCS12_SAFEBAG_it: PASN1_ITEM;
+
+  function PKCS12_BAGS_new: PPKCS12_BAGS;
+  procedure PKCS12_BAGS_free(a: PPKCS12_BAGS);
+  function d2i_PKCS12_BAGS(a: PPPKCS12_BAGS; const in_: PPByte; len: TIdC_LONG): PPKCS12_BAGS;
+  function i2d_PKCS12_BAGS(a: PPKCS12_BAGS; out_: PPByte): TIdC_INT;
+  function PKCS12_BAGS_it: PASN1_ITEM;
 
   procedure PKCS12_PBE_add(v: Pointer);
   function PKCS12_parse(p12: PPKCS12; const pass: PIdAnsiChar; pkey: PPEVP_PKEY; cert: PPX509; ca: PPStack_Of_X509): TIdC_INT;
diff --git a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_pkcs12.pas b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_pkcs12.pas
index a196fb2cf..752237081 100644
--- a/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_pkcs12.pas
+++ b/Lib/Protocols/OpenSSL/dynamic/IdOpenSSLHeaders_pkcs12.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 11.10.2022 07:55:23
+// Generation date: 11.10.2022 09:03:47
 
 unit IdOpenSSLHeaders_pkcs12;
 
@@ -76,7 +76,8 @@ interface
 type
   PKCS12_MAC_DATA_st = type Pointer;
   PKCS12_MAC_DATA = PKCS12_MAC_DATA_st;
-  PPPKCS12_MAC_DATA = ^PKCS12_MAC_DATA;
+  PPKCS12_MAC_DATA = ^PKCS12_MAC_DATA;
+  PPPKCS12_MAC_DATA = ^PPKCS12_MAC_DATA;
 
   PKCS12_st = type Pointer;
   PKCS12 = PKCS12_st;
@@ -86,12 +87,14 @@ interface
   PKCS12_SAFEBAG_st = type Pointer;
   PKCS12_SAFEBAG = PKCS12_SAFEBAG_st;
   PPKCS12_SAFEBAG = ^PKCS12_SAFEBAG;
+  PPPKCS12_SAFEBAG = ^PPKCS12_SAFEBAG;
 
 //  DEFINE_STACK_OF(PKCS12_SAFEBAG)
 
   pkcs12_bag_st = type Pointer;
   PKCS12_BAGS = pkcs12_bag_st;
   PPKCS12_BAGS = ^PKCS12_BAGS;
+  PPPKCS12_BAGS = ^PPKCS12_BAGS;
 
 procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
 procedure UnLoad;
@@ -160,13 +163,29 @@ procedure UnLoad;
   OPENSSL_utf82uni: function(const asc: PIdAnsiChar; asclen: TIdC_INT; uni: PPByte; unilen: PIdC_INT): PByte cdecl = nil;
   OPENSSL_uni2utf8: function(const uni: PByte; unilen: TIdC_INT): PIdAnsiChar cdecl = nil;
 
-//  DECLARE_ASN1_FUNCTIONS(PKCS12)
-//  DECLARE_ASN1_FUNCTIONS(PKCS12_MAC_DATA)
-//  DECLARE_ASN1_FUNCTIONS(PKCS12_SAFEBAG)
-//  DECLARE_ASN1_FUNCTIONS(PKCS12_BAGS)
-
-//  DECLARE_ASN1_ITEM(PKCS12_SAFEBAGS)
-//  DECLARE_ASN1_ITEM(PKCS12_AUTHSAFES)
+  PKCS12_new: function: PPKCS12 cdecl = nil;
+  PKCS12_free: procedure(a: PPKCS12) cdecl = nil;
+  d2i_PKCS12: function(a: PPPKCS12; const in_: PPByte; len: TIdC_LONG): PPKCS12 cdecl = nil;
+  i2d_PKCS12: function(a: PPKCS12; out_: PPByte): TIdC_INT cdecl = nil;
+  PKCS12_it: function: PASN1_ITEM cdecl = nil;
+
+  PKCS12_MAC_DATA_new: function: PPKCS12_MAC_DATA cdecl = nil;
+  PKCS12_MAC_DATA_free: procedure(a: PPKCS12_MAC_DATA) cdecl = nil;
+  d2i_PKCS12_MAC_DATA: function(a: PPPKCS12_MAC_DATA; const in_: PPByte; len: TIdC_LONG): PPKCS12_MAC_DATA cdecl = nil;
+  i2d_PKCS12_MAC_DATA: function(a: PPKCS12_MAC_DATA; out_: PPByte): TIdC_INT cdecl = nil;
+  PKCS12_MAC_DATA_it: function: PASN1_ITEM cdecl = nil;
+
+  PKCS12_SAFEBAG_new: function: PPKCS12_SAFEBAG cdecl = nil;
+  PKCS12_SAFEBAG_free: procedure(a: PPKCS12_SAFEBAG) cdecl = nil;
+  d2i_PKCS12_SAFEBAG: function(a: PPPKCS12_SAFEBAG; const in_: PPByte; len: TIdC_LONG): PPKCS12_SAFEBAG cdecl = nil;
+  i2d_PKCS12_SAFEBAG: function(a: PPKCS12_SAFEBAG; out_: PPByte): TIdC_INT cdecl = nil;
+  PKCS12_SAFEBAG_it: function: PASN1_ITEM cdecl = nil;
+
+  PKCS12_BAGS_new: function: PPKCS12_BAGS cdecl = nil;
+  PKCS12_BAGS_free: procedure(a: PPKCS12_BAGS) cdecl = nil;
+  d2i_PKCS12_BAGS: function(a: PPPKCS12_BAGS; const in_: PPByte; len: TIdC_LONG): PPKCS12_BAGS cdecl = nil;
+  i2d_PKCS12_BAGS: function(a: PPKCS12_BAGS; out_: PPByte): TIdC_INT cdecl = nil;
+  PKCS12_BAGS_it: function: PASN1_ITEM cdecl = nil;
 
   PKCS12_PBE_add: procedure(v: Pointer) cdecl = nil;
   PKCS12_parse: function(p12: PPKCS12; const pass: PIdAnsiChar; pkey: PPEVP_PKEY; cert: PPX509; ca: PPStack_Of_X509): TIdC_INT cdecl = nil;
@@ -239,6 +258,26 @@ procedure Load(const ADllHandle: TIdLibHandle; const AFailed: TStringList);
   OPENSSL_uni2asc := LoadFunction('OPENSSL_uni2asc', AFailed);
   OPENSSL_utf82uni := LoadFunction('OPENSSL_utf82uni', AFailed);
   OPENSSL_uni2utf8 := LoadFunction('OPENSSL_uni2utf8', AFailed);
+  PKCS12_new := LoadFunction('PKCS12_new', AFailed);
+  PKCS12_free := LoadFunction('PKCS12_free', AFailed);
+  d2i_PKCS12 := LoadFunction('d2i_PKCS12', AFailed);
+  i2d_PKCS12 := LoadFunction('i2d_PKCS12', AFailed);
+  PKCS12_it := LoadFunction('PKCS12_it', AFailed);
+  PKCS12_MAC_DATA_new := LoadFunction('PKCS12_MAC_DATA_new', AFailed);
+  PKCS12_MAC_DATA_free := LoadFunction('PKCS12_MAC_DATA_free', AFailed);
+  d2i_PKCS12_MAC_DATA := LoadFunction('d2i_PKCS12_MAC_DATA', AFailed);
+  i2d_PKCS12_MAC_DATA := LoadFunction('i2d_PKCS12_MAC_DATA', AFailed);
+  PKCS12_MAC_DATA_it := LoadFunction('PKCS12_MAC_DATA_it', AFailed);
+  PKCS12_SAFEBAG_new := LoadFunction('PKCS12_SAFEBAG_new', AFailed);
+  PKCS12_SAFEBAG_free := LoadFunction('PKCS12_SAFEBAG_free', AFailed);
+  d2i_PKCS12_SAFEBAG := LoadFunction('d2i_PKCS12_SAFEBAG', AFailed);
+  i2d_PKCS12_SAFEBAG := LoadFunction('i2d_PKCS12_SAFEBAG', AFailed);
+  PKCS12_SAFEBAG_it := LoadFunction('PKCS12_SAFEBAG_it', AFailed);
+  PKCS12_BAGS_new := LoadFunction('PKCS12_BAGS_new', AFailed);
+  PKCS12_BAGS_free := LoadFunction('PKCS12_BAGS_free', AFailed);
+  d2i_PKCS12_BAGS := LoadFunction('d2i_PKCS12_BAGS', AFailed);
+  i2d_PKCS12_BAGS := LoadFunction('i2d_PKCS12_BAGS', AFailed);
+  PKCS12_BAGS_it := LoadFunction('PKCS12_BAGS_it', AFailed);
   PKCS12_PBE_add := LoadFunction('PKCS12_PBE_add', AFailed);
   PKCS12_parse := LoadFunction('PKCS12_parse', AFailed);
   PKCS12_create := LoadFunction('PKCS12_create', AFailed);
@@ -292,6 +331,26 @@ procedure UnLoad;
   OPENSSL_uni2asc := nil;
   OPENSSL_utf82uni := nil;
   OPENSSL_uni2utf8 := nil;
+  PKCS12_new := nil;
+  PKCS12_free := nil;
+  d2i_PKCS12 := nil;
+  i2d_PKCS12 := nil;
+  PKCS12_it := nil;
+  PKCS12_MAC_DATA_new := nil;
+  PKCS12_MAC_DATA_free := nil;
+  d2i_PKCS12_MAC_DATA := nil;
+  i2d_PKCS12_MAC_DATA := nil;
+  PKCS12_MAC_DATA_it := nil;
+  PKCS12_SAFEBAG_new := nil;
+  PKCS12_SAFEBAG_free := nil;
+  d2i_PKCS12_SAFEBAG := nil;
+  i2d_PKCS12_SAFEBAG := nil;
+  PKCS12_SAFEBAG_it := nil;
+  PKCS12_BAGS_new := nil;
+  PKCS12_BAGS_free := nil;
+  d2i_PKCS12_BAGS := nil;
+  i2d_PKCS12_BAGS := nil;
+  PKCS12_BAGS_it := nil;
   PKCS12_PBE_add := nil;
   PKCS12_parse := nil;
   PKCS12_create := nil;
diff --git a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_pkcs12.pas b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_pkcs12.pas
index 806489754..ca7a85ae0 100644
--- a/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_pkcs12.pas
+++ b/Lib/Protocols/OpenSSL/static/IdOpenSSLHeaders_pkcs12.pas
@@ -28,7 +28,7 @@
 // Any change to this file should be made in the
 // corresponding unit in the folder "intermediate"!
 
-// Generation date: 11.10.2022 07:55:34
+// Generation date: 11.10.2022 09:03:30
 
 unit IdOpenSSLHeaders_pkcs12;
 
@@ -75,7 +75,8 @@ interface
 type
   PKCS12_MAC_DATA_st = type Pointer;
   PKCS12_MAC_DATA = PKCS12_MAC_DATA_st;
-  PPPKCS12_MAC_DATA = ^PKCS12_MAC_DATA;
+  PPKCS12_MAC_DATA = ^PKCS12_MAC_DATA;
+  PPPKCS12_MAC_DATA = ^PPKCS12_MAC_DATA;
 
   PKCS12_st = type Pointer;
   PKCS12 = PKCS12_st;
@@ -85,12 +86,14 @@ interface
   PKCS12_SAFEBAG_st = type Pointer;
   PKCS12_SAFEBAG = PKCS12_SAFEBAG_st;
   PPKCS12_SAFEBAG = ^PKCS12_SAFEBAG;
+  PPPKCS12_SAFEBAG = ^PPKCS12_SAFEBAG;
 
 //  DEFINE_STACK_OF(PKCS12_SAFEBAG)
 
   pkcs12_bag_st = type Pointer;
   PKCS12_BAGS = pkcs12_bag_st;
   PPKCS12_BAGS = ^PKCS12_BAGS;
+  PPPKCS12_BAGS = ^PPKCS12_BAGS;
 
   //ASN1_TYPE *PKCS8_get_attr(PKCS8_PRIV_KEY_INFO *p8, TIdC_INT attr_nid);
   function PKCS12_mac_present(const p12: PPKCS12): TIdC_INT cdecl; external CLibCrypto;
@@ -155,13 +158,29 @@ interface
   function OPENSSL_utf82uni(const asc: PIdAnsiChar; asclen: TIdC_INT; uni: PPByte; unilen: PIdC_INT): PByte cdecl; external CLibCrypto;
   function OPENSSL_uni2utf8(const uni: PByte; unilen: TIdC_INT): PIdAnsiChar cdecl; external CLibCrypto;
 
-//  DECLARE_ASN1_FUNCTIONS(PKCS12)
-//  DECLARE_ASN1_FUNCTIONS(PKCS12_MAC_DATA)
-//  DECLARE_ASN1_FUNCTIONS(PKCS12_SAFEBAG)
-//  DECLARE_ASN1_FUNCTIONS(PKCS12_BAGS)
-
-//  DECLARE_ASN1_ITEM(PKCS12_SAFEBAGS)
-//  DECLARE_ASN1_ITEM(PKCS12_AUTHSAFES)
+  function PKCS12_new: PPKCS12 cdecl; external CLibCrypto;
+  procedure PKCS12_free(a: PPKCS12) cdecl; external CLibCrypto;
+  function d2i_PKCS12(a: PPPKCS12; const in_: PPByte; len: TIdC_LONG): PPKCS12 cdecl; external CLibCrypto;
+  function i2d_PKCS12(a: PPKCS12; out_: PPByte): TIdC_INT cdecl; external CLibCrypto;
+  function PKCS12_it: PASN1_ITEM cdecl; external CLibCrypto;
+
+  function PKCS12_MAC_DATA_new: PPKCS12_MAC_DATA cdecl; external CLibCrypto;
+  procedure PKCS12_MAC_DATA_free(a: PPKCS12_MAC_DATA) cdecl; external CLibCrypto;
+  function d2i_PKCS12_MAC_DATA(a: PPPKCS12_MAC_DATA; const in_: PPByte; len: TIdC_LONG): PPKCS12_MAC_DATA cdecl; external CLibCrypto;
+  function i2d_PKCS12_MAC_DATA(a: PPKCS12_MAC_DATA; out_: PPByte): TIdC_INT cdecl; external CLibCrypto;
+  function PKCS12_MAC_DATA_it: PASN1_ITEM cdecl; external CLibCrypto;
+
+  function PKCS12_SAFEBAG_new: PPKCS12_SAFEBAG cdecl; external CLibCrypto;
+  procedure PKCS12_SAFEBAG_free(a: PPKCS12_SAFEBAG) cdecl; external CLibCrypto;
+  function d2i_PKCS12_SAFEBAG(a: PPPKCS12_SAFEBAG; const in_: PPByte; len: TIdC_LONG): PPKCS12_SAFEBAG cdecl; external CLibCrypto;
+  function i2d_PKCS12_SAFEBAG(a: PPKCS12_SAFEBAG; out_: PPByte): TIdC_INT cdecl; external CLibCrypto;
+  function PKCS12_SAFEBAG_it: PASN1_ITEM cdecl; external CLibCrypto;
+
+  function PKCS12_BAGS_new: PPKCS12_BAGS cdecl; external CLibCrypto;
+  procedure PKCS12_BAGS_free(a: PPKCS12_BAGS) cdecl; external CLibCrypto;
+  function d2i_PKCS12_BAGS(a: PPPKCS12_BAGS; const in_: PPByte; len: TIdC_LONG): PPKCS12_BAGS cdecl; external CLibCrypto;
+  function i2d_PKCS12_BAGS(a: PPKCS12_BAGS; out_: PPByte): TIdC_INT cdecl; external CLibCrypto;
+  function PKCS12_BAGS_it: PASN1_ITEM cdecl; external CLibCrypto;
 
   procedure PKCS12_PBE_add(v: Pointer) cdecl; external CLibCrypto;
   function PKCS12_parse(p12: PPKCS12; const pass: PIdAnsiChar; pkey: PPEVP_PKEY; cert: PPX509; ca: PPStack_Of_X509): TIdC_INT cdecl; external CLibCrypto;

From bf47665944e94752f8dba5b1d3249011c1cc2c1a Mon Sep 17 00:00:00 2001
From: WeberAndre <WeberAndre@gmx.de>
Date: Wed, 15 Feb 2023 11:26:43 +0100
Subject: [PATCH 59/64] Code Generation DEFINE_STACK_OF() macros, and typedef
 STACK_OF()

Code Generation for C Macros to expand DEFINE_STACK_OF() to Delphi Wrappers
---
 .../OpenSSL/GenerateCode/GenerateCode.dpr     | 146 +++++++++-
 .../OpenSSL/GenerateCode/GenerateStack.pas    | 271 ++++++++++++++++++
 2 files changed, 404 insertions(+), 13 deletions(-)
 create mode 100644 Lib/Protocols/OpenSSL/GenerateCode/GenerateStack.pas

diff --git a/Lib/Protocols/OpenSSL/GenerateCode/GenerateCode.dpr b/Lib/Protocols/OpenSSL/GenerateCode/GenerateCode.dpr
index bd64592bd..b76ee9532 100644
--- a/Lib/Protocols/OpenSSL/GenerateCode/GenerateCode.dpr
+++ b/Lib/Protocols/OpenSSL/GenerateCode/GenerateCode.dpr
@@ -1,4 +1,4 @@
-{******************************************************************************}
+{******************************************************************************}
 {                                                                              }
 {            Indy (Internet Direct) - Internet Protocols Simplified            }
 {                                                                              }
@@ -20,7 +20,7 @@
 {                               fbiehn@aagon.com (German & English)            }
 {                                                                              }
 {        Contributers:                                                         }
-{                               Here could be your name                        }
+{                               André Weber (WeberAndre@gmx.de)                }
 {                                                                              }
 {******************************************************************************}
 
@@ -36,7 +36,8 @@ uses
   System.StrUtils,
   System.SysUtils,
   System.Types,
-  Winapi.Windows;
+  Winapi.Windows,
+  GenerateStack;
 
 type
   TGenerateMode = (gmDynamic, gmStatic);
@@ -155,6 +156,9 @@ var
 begin
   if AImplementationIndex = -1 then
     Exit;
+
+  // some intermediate files, don't generate dyn. loaded methods
+  if AMethods.Count = 0 then exit;
   LOffset := AImplementationIndex + 1;
 
   if Find(AFile, 'uses', LOffset, LOffset) then
@@ -276,14 +280,15 @@ begin
   Dec(LOffset);
   for i := Low(CHeader) to High(CHeader) do
     AFile.Insert(i + LOffset, CHeader[i]);
-  AFile.Insert(Length(CHeader) + LOffset, '// Generation date: ' + DateTimeToStr(Now()));
+  // this makes comparing - merging - more complicated as it must be ;)
+  // AFile.Insert(Length(CHeader) + LOffset, '// Generation date: ' + DateTimeToStr(Now()));
 end;
 
 procedure Main;
 var
   LFile: string;
   LStringListFile: TStringList;
-  i: Integer;
+  j, i: Integer;
   LVarIndex: Integer;
   LUsesIndex: Integer;
   LImplementationIndex: Integer;
@@ -292,7 +297,18 @@ var
   LMode: TGenerateMode;
   LStringListMethods: TStringList;
   LFileName: string;
+  LLine, LCodeLine: string;
+  LDefine, LStackType: string;
+  LStackPrototypes: TStringList;
+  LStackCode: TStringList;
   LShouldUseLibSSL: Boolean;
+
+  procedure InsertLine(const line: string);
+  begin
+    LStringListFile.Insert(i, '  '+line);
+    inc(i);
+  end;
+
 begin
   if not ReadParameters(LSource, LTarget, LMode) then
   begin
@@ -304,6 +320,8 @@ begin
   begin
     Writeln('Converting ' + LFile);
     LFileName := TPath.GetFileName(LFile);
+    LStackCode := TStringList.Create();
+    LStackPrototypes := TStringList.Create();
     LStringListFile := TStringList.Create();
     LStringListMethods := TStringList.Create();
     try
@@ -313,33 +331,133 @@ begin
       LImplementationIndex := -1;
       LShouldUseLibSSL := MatchText(LFileName,
         ['IdOpenSSLHeaders_ssl.pas', 'IdOpenSSLHeaders_sslerr.pas', 'IdOpenSSLHeaders_tls1.pas']);
-      for i := 0 to LStringListFile.Count - 1 do
+
+
+      i := 0;
+      while i < LStringListFile.Count do
       begin
-        // Find fist uses
+        LLine := LStringListFile[i];
+        // Find first uses
         if (LVarIndex = -1) and (LUsesIndex = -1) then
-          if LStringListFile[i].StartsWith('uses') then
+          if LLine.StartsWith('uses') then
             LUsesIndex := i;
 
+        if ShouldSkipLine(LLine) and (LVarIndex = -1) then
+        begin
+          LDefine := LLine.Trim;
+          // //DEFINE_STACK_OF(X509)
+          if LDefine.StartsWith('//') then
+             LDefine := copy(LDefine,3,length(LDefine))
+          else
+          if (LDefine.StartsWith('{') and LDefine.EndsWith('}')) then
+             LDefine := copy(LDefine,2,length(LLine)-2)
+          else
+          if (LDefine.StartsWith('(*') and LDefine.EndsWith('*)')) then
+             LDefine := copy(LDefine,3,length(LDefine)-4)
+          else
+             LDefine := '';
+          LDefine := LDefine.Trim;
+
+          if LDefine.StartsWith('typedef ') and LDefine.EndsWith(';') then
+          begin
+            // typedef STACK_OF(POLICY_MAPPING) POLICY_MAPPINGS;
+            delete( LDefine, 1, 8);
+            LDefine := LDefine.Trim;
+            // STACK_OF(POLICY_MAPPING) POLICY_MAPPINGS;
+            if LDefine.StartsWith('STACK_OF(') then
+            begin
+              delete( LDefine, 1, 9);
+              LDefine := LDefine.Trim;
+              // POLICY_MAPPING) POLICY_MAPPINGS;
+              j := pos(')',LDefine);
+              if j > 0 then
+              begin
+                LStackType := Copy(LDefine, 1, j - 1);
+                Delete(LDefine, 1, j);
+                LDefine := LDefine.Trim;
+                // POLICY_MAPPINGS;
+                if length(LDefine) > 0 then
+                begin
+                  if LDefine[length(LDefine)] = ';' then delete(LDefine,length(LDefine),1);
+                  LDefine := LDefine.Trim;
+                  // POLICY_MAPPINGS
+                  inc(i);
+                  InsertLine(format('%s = STACK_OF_%s;',[LDefine, LStackType]));
+                  InsertLine(format('P%s = PSTACK_OF_%s;',[LDefine, LStackType]));
+                  continue;
+                end;
+              end;
+            end;
+          end else
+          if LDefine.StartsWith('DEFINE_STACK_OF(') and LDefine.EndsWith(')') then
+          begin
+
+            LStackType := Copy(LDefine, 17, MAXINT);
+            j := pos(')',LStackType);
+            if j > 0 then
+            begin
+              delete(LStackType, j, MAXINT);
+              LStackType := LStackType.Trim;
+              if LStackType <> '' then
+              begin
+                GenerateStackCode( LStackType, LStringListFile, i, LStackPrototypes, LStackCode );
+                continue;
+              end;
+            end;
+          end;
+        end;
+
         // var block found?
-        if (LVarIndex = -1) and LStringListFile[i].StartsWith('var') then
+        if (LVarIndex = -1) and LLine.StartsWith('var') then
           LVarIndex := i;
-        // Skip until we find the var block
-        if (LVarIndex = -1) or ShouldSkipLine(LStringListFile[i]) then
-          Continue;
 
         // No need to go further than "implementation"
-        if LStringListFile[i] = 'implementation' then
+        if LLine = 'implementation' then
         begin
           LImplementationIndex := i;
           Break;
         end;
 
+        // Skip until we find the var block
+        if (LVarIndex = -1) or ShouldSkipLine(LLine) then
+        begin
+          inc(i);
+          Continue;
+        end;
+        // No need to go further than "implementation"
+        // if LLine = 'implementation' then
+        // begin
+        //   LImplementationIndex := i;
+        //   Break;
+        // end;
+
         case LMode of
           gmDynamic:
             LStringListFile[i] := ReplaceDynamic(LStringListFile[i], LStringListMethods);
           gmStatic:
             LStringListFile[i] := ReplaceStatic(LStringListFile[i], LShouldUseLibSSL);
         end;
+        inc(i);
+      end;
+
+      if LStackCode.Count > 0 then
+      begin
+        // insert function prototype before implementation ...
+        for i := 0 to LStackPrototypes.Count - 1 do
+        begin
+          LStringListFile.Insert(LImplementationIndex, LStackPrototypes[i]);
+          inc(LImplementationIndex);
+        end;
+        inc(LImplementationIndex); // skip <implementation>
+        LStringListFile.Insert(LImplementationIndex,''); inc(LImplementationIndex);
+        for i := 0 to LStackCode.Count - 1 do
+        begin
+          LStringListFile.Insert(LImplementationIndex,LStackCode[i]);
+          inc(LImplementationIndex);
+        end;
+
+        LStringListFile.Insert(LImplementationIndex,'');
+        inc(LImplementationIndex);
       end;
 
       case LMode of
@@ -356,6 +474,8 @@ begin
     finally
       LStringListMethods.Free();
       LStringListFile.Free();
+      LStackCode.Free();
+      LStackPrototypes.Free();
     end;
   end;
 end;
diff --git a/Lib/Protocols/OpenSSL/GenerateCode/GenerateStack.pas b/Lib/Protocols/OpenSSL/GenerateCode/GenerateStack.pas
new file mode 100644
index 000000000..5f225126f
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/GenerateCode/GenerateStack.pas
@@ -0,0 +1,271 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: André Weber                                    }
+{                               WeberAndre@gmx.de (German & English)           }
+{                                                                              }
+{        Contributers:                                                         }
+{                               Here could be your name                        }
+{                                                                              }
+{******************************************************************************}
+unit GenerateStack;
+
+interface
+
+uses
+  System.Classes, System.SysUtils;
+
+{ expands DEFINE_STACK_OF(...) C macro to delphi wrapper functions}
+procedure GenerateStackCode(const DataType: string;
+                            StringListFile: TStringList; var StringListIndex: integer;
+                            Prototypes: TStringList;
+                            Code: TStringList);
+
+implementation
+
+const
+  useInLine = '{$ifdef USE_INLINE} inline;{$endif}';
+
+procedure GenerateStackCode(const DataType: string;
+                            StringListFile: TStringList; var StringListIndex: integer;
+                            Prototypes: TStringList;
+                            Code: TStringList);
+
+  procedure InsertLine(const line: string);
+  begin
+    StringListFile.Insert(StringListIndex, '  '+line);
+    inc(StringListIndex);
+  end;
+  var
+    LCodeLine: string;
+begin
+  inc(StringListIndex); // I = DEFINE_STACK_OF(...)
+  Writeln('-> DEFINE_STACK_OF(', dataType ,')');
+
+  Code.Add( format('{ DEFINE_STACK_OF(%s) Methoden }',[dataType] ));
+  Code.Add('');
+
+  InsertLine( format('STACK_OF_%0:s = type of pointer;',[DataType]) );
+  InsertLine( format('PSTACK_OF_%0:s = ^STACK_OF_%0:s;',[DataType]) );
+
+  // typedef int (*sk_##t1##_compfunc)(const t3 * const *a, const t3 *const *b); \
+  InsertLine( format('sk_%0:s_compfunc = function(const a: P%0:s; const b: P%0:s): TIdC_INT; cdecl;',[DataType]) );
+  // typedef void (*sk_##t1##_freefunc)(t3 *a); \
+  InsertLine( format('sk_%0:s_freefunc = procedure(a: P%0:s); cdecl;',[DataType]) );
+  // typedef t3 * (*sk_##t1##_copyfunc)(const t3 *a); \
+  InsertLine( format('sk_%0:s_copyfunc = function(const a: P%0:s): P%0:s; cdecl;',[DataType]) );
+
+  // function OPENSSL_sk_num(const stack:PStack_st): TIdC_INT;
+  LCodeLine := format('function sk_%0:s_num(const sk: PSTACK_OF_%0:s): TIdC_INT;',[DataType]);
+  Prototypes.Add( LCodeLine + useInLine );
+  Code.Add( LCodeLine );
+  Code.Add('begin');
+  Code.Add('  result := OPENSSL_sk_num(POPENSSL_STACK(sk));');
+  Code.Add('end;');
+
+  // function OPENSSL_sk_value(const stack: PStack_st; index: TIdC_INT): pointer;
+  LCodeLine := format('function sk_%0:s_value(const sk: PSTACK_OF_%0:s; index: TIdC_INT): P%0:s;',[DataType]);
+  Prototypes.Add( LCodeLine + useInLine );
+  Code.Add( LCodeLine );
+  Code.Add('begin');
+  Code.Add(format('  result := P%0:s(OPENSSL_sk_value(POPENSSL_STACK(sk), index));',[DataType]));
+  Code.Add('end;');
+
+  // function OPENSSL_sk_new( compFunc: TPENSSL_sk_compfunc ): PStack_st;
+  LCodeLine := format('function sk_%0:s_new(compare: sk_%0:s_compfunc): PSTACK_OF_%0:s;',[DataType]);
+  Prototypes.Add( LCodeLine + useInLine );
+  Code.Add( LCodeLine );
+  Code.Add('begin');
+  Code.Add(format('  result := PSTACK_OF_%0:s(OPENSSL_sk_new(OPENSSL_sk_compfunc(@compare)));',[DataType]));
+  Code.Add('end;');
+
+  // function OPENSSL_sk_new_null(): PStack_st
+  LCodeLine := format('function sk_%0:s_new_null(): PSTACK_OF_%0:s;',[DataType]);
+  Prototypes.Add( LCodeLine + useInLine );
+  Code.Add( LCodeLine );
+  Code.Add('begin');
+  Code.Add(format('  result := PSTACK_OF_%0:s(OPENSSL_sk_new_null());',[DataType]));
+  Code.Add('end;');
+
+  // function OPENSSL_sk_new_reserve(compare: OPENSSL_sk_compfunc; n:TIdC_INT): PStack_st;
+  LCodeLine := format('function sk_%0:s_new_reserve(compare: sk_%0:s_compfunc; n: TIdC_INT): PSTACK_OF_%0:s;',[DataType]);
+  Prototypes.Add( LCodeLine + useInLine );
+  Code.Add( LCodeLine );
+  Code.Add('begin');
+  Code.Add(format('  result := PSTACK_OF_%0:s(OPENSSL_sk_new_reserve(OPENSSL_sk_compfunc(@compare), n));',[DataType]));
+  Code.Add('end;');
+
+  // function OPENSSL_sk_reserve( stack: PStack_st; n: TIdC_INT): TIdC_INT;
+  LCodeLine := format('function sk_%0:s_reserve(sk: PSTACK_OF_%0:s; n: TIdC_INT): TIdC_INT;',[DataType]);
+  Prototypes.Add( LCodeLine + useInLine );
+  Code.Add( LCodeLine );
+  Code.Add('begin');
+  Code.Add(format('  result := OPENSSL_sk_reserve(POPENSSL_STACK(sk), n);',[DataType]));
+  Code.Add('end;');
+
+  // procedure OPENSSL_sk_free(const stack:PStack_st);
+  LCodeLine := format('procedure sk_%0:s_free(sk: PSTACK_OF_%0:s);',[DataType]);
+  Prototypes.Add( LCodeLine + useInLine );
+  Code.Add( LCodeLine );
+  Code.Add('begin');
+  Code.Add('  OPENSSL_sk_free(POPENSSL_STACK(sk));');
+  Code.Add('end;');
+
+  // procedure OPENSSL_sk_zero(const stack:PStack_st);
+  LCodeLine := format('procedure sk_%0:s_zero(sk: PSTACK_OF_%0:s);',[DataType]);
+  Prototypes.Add( LCodeLine + useInLine );
+  Code.Add( LCodeLine );
+  Code.Add('begin');
+  Code.Add('  OPENSSL_sk_zero(POPENSSL_STACK(sk));');
+  Code.Add('end;');
+
+  // function OPENSSL_sk_delete(sk: POPENSSL_STACK; i: TIdC_INT): pointer;
+  LCodeLine := format('function sk_%0:s_delete(sk: PSTACK_OF_%0:s; i: TIdC_INT): P%0:s;',[DataType]);
+  Prototypes.Add( LCodeLine + useInLine );
+  Code.Add( LCodeLine );
+  Code.Add('begin');
+  Code.Add(format('  result := P%0:s(OPENSSL_sk_delete(POPENSSL_STACK(sk),i));',[DataType]));
+  Code.Add('end;');
+
+  // function OPENSSL_sk_delete_ptr(sk: POPENSSL_STACK; ptr: pointer): pointer;
+  LCodeLine := format('function sk_%0:s_delete_ptr(sk: PSTACK_OF_%0:s; ptr: P%0:s): P%0:s;',[DataType]);
+  Prototypes.Add( LCodeLine + useInLine );
+  Code.Add( LCodeLine );
+  Code.Add('begin');
+  Code.Add(format('  result := P%0:s(OPENSSL_sk_delete_ptr(POPENSSL_STACK(sk),pointer(ptr)));',[DataType]));
+  Code.Add('end;');
+
+  //  function OPENSSL_sk_push(const sk:POPENSSL_STACK; new_item: pointer): TIdC_INT;
+  LCodeLine := format('function sk_%0:s_push(sk: PSTACK_OF_%0:s; ptr: P%0:s): TIdC_INT;',[DataType]);
+  Prototypes.Add( LCodeLine + useInLine );
+  Code.Add( LCodeLine );
+  Code.Add('begin');
+  Code.Add(format('  result := OPENSSL_sk_push(POPENSSL_STACK(sk),pointer(ptr));',[DataType]));
+  Code.Add('end;');
+
+  // function OPENSSL_sk_unshift(sk: POPENSSL_STACK; const ptr: pointer): TIdC_INT;
+  LCodeLine := format('function sk_%0:s_unshift(sk: PSTACK_OF_%0:s; const ptr: P%0:s): TIdC_INT;',[DataType]);
+  Prototypes.Add( LCodeLine + useInLine );
+  Code.Add( LCodeLine );
+  Code.Add('begin');
+  Code.Add(format('  result := OPENSSL_sk_unshift(POPENSSL_STACK(sk),pointer(ptr));',[DataType]));
+  Code.Add('end;');
+
+  // function OPENSSL_sk_pop(sk: POPENSSL_STACK): pointer;
+  LCodeLine := format('function sk_%0:s_pop(sk: PSTACK_OF_%0:s): P%0:s;',[DataType]);
+  Prototypes.Add( LCodeLine + useInLine );
+  Code.Add( LCodeLine );
+  Code.Add('begin');
+  Code.Add(format('  result := P%0:s(OPENSSL_sk_pop(POPENSSL_STACK(sk)));',[DataType]));
+  Code.Add('end;');
+
+  // function OPENSSL_sk_shift(sk: POPENSSL_STACK): pointer;
+  LCodeLine := format('function sk_%0:s_shift(sk: PSTACK_OF_%0:s): P%0:s;',[DataType]);
+  Prototypes.Add( LCodeLine + useInLine );
+  Code.Add( LCodeLine );
+  Code.Add('begin');
+  Code.Add(format('  result := P%0:s(OPENSSL_sk_shift(POPENSSL_STACK(sk)));',[DataType]));
+  Code.Add('end;');
+
+  // procedure OPENSSL_sk_pop_free(const stack:PStack_st; freefunc: OPENSSL_sk_freefunc );
+  LCodeLine := format('procedure sk_%0:s_pop_free(sk: PSTACK_OF_%0:s; freeFunc: sk_%0:s_freefunc);',[DataType]) ;
+  Prototypes.Add( LCodeLine + useInLine );
+  Code.Add( LCodeLine );
+  Code.Add('begin');
+  Code.Add('  OPENSSL_sk_pop_free(POPENSSL_STACK(sk), OPENSSL_sk_freefunc(@freeFunc) );');
+  Code.Add('end;');
+
+  // function OPENSSL_sk_insert(sk: POPENSSL_STACK; const ptr: pointer; idx: TIdC_INT): TIdC_INT;
+  LCodeLine := format('function sk_%0:s_insert(sk: PSTACK_OF_%0:s; const ptr: P%0:s; idx: TIdC_INT): TIdC_INT;',[DataType]) ;
+  Prototypes.Add( LCodeLine + useInLine );
+  Code.Add( LCodeLine );
+  Code.Add('begin');
+  Code.Add('  result := OPENSSL_sk_insert(POPENSSL_STACK(sk), pointer(ptr), idx);');
+  Code.Add('end;');
+
+  // function OPENSSL_sk_set(sk: POPENSSL_STACK; idx: TIdC_INT; const ptr: pointer): pointer;
+  LCodeLine := format('function sk_%0:s_set(sk: PSTACK_OF_%0:s; idx: TIdC_INT; const ptr: P%0:s): P%0:s;',[DataType]) ;
+  Prototypes.Add( LCodeLine + useInLine );
+  Code.Add( LCodeLine );
+  Code.Add('begin');
+  Code.Add(format('  result := P%0:s(OPENSSL_sk_set(POPENSSL_STACK(sk), idx, pointer(ptr)));',[DataType]));
+  Code.Add('end;');
+
+  // function OPENSSL_sk_find(sk: POPENSSL_STACK; const ptr: pointer): TIdC_INT;
+  LCodeLine := format('function sk_%0:s_find(sk: PSTACK_OF_%0:s; const ptr: P%0:s): TIdC_INT;',[DataType]) ;
+  Prototypes.Add( LCodeLine + useInLine );
+  Code.Add( LCodeLine );
+  Code.Add('begin');
+  Code.Add('  result := OPENSSL_sk_find(POPENSSL_STACK(sk), pointer(ptr));');
+  Code.Add('end;');
+
+  // function OPENSSL_sk_find_ex(sk: POPENSSL_STACK; const ptr: pointer): TIdC_INT;
+  LCodeLine := format('function sk_%0:s_find_ex(sk: PSTACK_OF_%0:s; const ptr: P%0:s): TIdC_INT;',[DataType]) ;
+  Prototypes.Add( LCodeLine + useInLine );
+  Code.Add( LCodeLine );
+  Code.Add('begin');
+  Code.Add('  result := OPENSSL_sk_find_ex(POPENSSL_STACK(sk), pointer(ptr));');
+  Code.Add('end;');
+
+  // procedure OPENSSL_sk_sort(sk: POPENSSL_STACK);
+  LCodeLine := format('procedure sk_%0:s_sort(sk: PSTACK_OF_%0:s);',[DataType]) ;
+  Prototypes.Add( LCodeLine + useInLine );
+  Code.Add( LCodeLine );
+  Code.Add('begin');
+  Code.Add('  OPENSSL_sk_sort(POPENSSL_STACK(sk));');
+  Code.Add('end;');
+
+  // function OPENSSL_sk_is_sorted(sk: POPENSSL_STACK): TIdC_INT;
+  LCodeLine := format('function sk_%0:s_is_sorted(sk: PSTACK_OF_%0:s): TIdC_INT;',[DataType]) ;
+  Prototypes.Add( LCodeLine + useInLine );
+  Code.Add( LCodeLine );
+  Code.Add('begin');
+  Code.Add('  result:=OPENSSL_sk_is_sorted(POPENSSL_STACK(sk));');
+  Code.Add('end;');
+
+  // function OPENSSL_sk_dup(const sk:POPENSSL_STACK): POPENSSL_STACK;
+  LCodeLine := format('function sk_%0:s_dup(const sk: PSTACK_OF_%0:s): PSTACK_OF_%0:s;',[DataType]) ;
+  Prototypes.Add( LCodeLine + useInLine );
+  Code.Add( LCodeLine );
+  Code.Add('begin');
+  Code.Add(format('  result:=PSTACK_OF_%0:s(OPENSSL_sk_dup(POPENSSL_STACK(sk)));',[DataType]));
+  Code.Add('end;');
+
+  // function OPENSSL_sk_deep_copy(const sk:POPENSSL_STACK; copyfunc:OPENSSL_sk_copyfunc: freefunc:OPENSSL_sk_freefunc): POPENSSL_STACK;
+  LCodeLine := format('function sk_%0:s_deep_copy(const sk: PSTACK_OF_%0:s; copyfunc: sk_%0:s_copyfunc; freefunc:sk_%0:s_freefunc): PSTACK_OF_%0:s;',[DataType]) ;
+  Prototypes.Add( LCodeLine + useInLine );
+  Code.Add( LCodeLine );
+  Code.Add('begin');
+  Code.Add(format('  result:=PSTACK_OF_%0:s(OPENSSL_sk_deep_copy(POPENSSL_STACK(sk),OPENSSL_sk_copyfunc(@copyfunc),OPENSSL_sk_freefunc(@freefunc)));',[DataType]));
+  Code.Add('end;');
+
+  // function OPENSSL_sk_set_cmp_func(const sk:POPENSSL_STACK; compare: OPENSSL_sk_compfunc): OPENSSL_sk_compfunc;
+  LCodeLine := format('function sk_%0:s_set_cmp_func(const sk: PSTACK_OF_%0:s; compare: sk_%0:s_compfunc): sk_%0:s_compfunc;',[DataType]) ;
+  Prototypes.Add( LCodeLine + useInLine );
+  Code.Add( LCodeLine );
+  Code.Add('begin');
+  Code.Add(format('  result:=sk_%0:s_compfunc(OPENSSL_sk_set_cmp_func(POPENSSL_STACK(sk), OPENSSL_sk_compfunc(@compare)));',[DataType]));
+  Code.Add('end;');
+  Code.Add('');
+
+  Prototypes.add('');
+  Writeln('done');
+end;
+
+
+end.

From 3289362bf3336cf64389c6c0ed813ae2c1478f24 Mon Sep 17 00:00:00 2001
From: WeberAndre <WeberAndre@gmx.de>
Date: Wed, 15 Feb 2023 11:31:08 +0100
Subject: [PATCH 60/64] Functions from OpenSSL stack.h include

---
 .../IdOpenSSLHeaders_stack.pas                | 77 +++++++++++++++++++
 1 file changed, 77 insertions(+)
 create mode 100644 Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_stack.pas

diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_stack.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_stack.pas
new file mode 100644
index 000000000..0df035e30
--- /dev/null
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_stack.pas
@@ -0,0 +1,77 @@
+{******************************************************************************}
+{                                                                              }
+{            Indy (Internet Direct) - Internet Protocols Simplified            }
+{                                                                              }
+{            https://www.indyproject.org/                                      }
+{            https://gitter.im/IndySockets/Indy                                }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{  This file is part of the Indy (Internet Direct) project, and is offered     }
+{  under the dual-licensing agreement described on the Indy website.           }
+{  (https://www.indyproject.org/license/)                                      }
+{                                                                              }
+{  Copyright:                                                                  }
+{   (c) 1993-2020, Chad Z. Hower and the Indy Pit Crew. All rights reserved.   }
+{                                                                              }
+{******************************************************************************}
+{                                                                              }
+{        Originally written by: André Weber                                    }
+{                               WeberAndre@gmx.de                              }
+{                                                                              }
+{        Contributers:                                                         }
+{                                                                              }
+{                                                                              }
+{******************************************************************************}
+
+unit IdOpenSSLHeaders_stack;
+
+interface
+
+// Headers for OpenSSL 1.1.1
+// stack.h
+
+{$i IdCompilerDefines.inc}
+
+uses
+  IdCTypes,
+  IdGlobal,
+  IdOpenSSLConsts;
+
+type
+ OPENSSL_sk_freefunc = procedure(item: pointer); cdecl;
+ OPENSSL_sk_compfunc = function(const a, b: pointer): TIdC_INT; cdecl;
+ OPENSSL_sk_copyfunc = function(const a: pointer): pointer; cdecl;
+
+ OPENSSL_STACK = type of pointer;
+ POPENSSL_STACK = ^OPENSSL_STACK;
+
+var
+ function OPENSSL_sk_num(const sk: POPENSSL_STACK): TIdC_INT;
+ function OPENSSL_sk_value(const sk: POPENSSL_STACK; index: TIdC_INT): pointer;
+ function OPENSSL_sk_new_null(): POPENSSL_STACK;
+ function OPENSSL_sk_new( compFunc: OPENSSL_sk_compfunc ): POPENSSL_STACK;
+ function OPENSSL_sk_new_reserve(compare: OPENSSL_sk_compfunc; n: TIdC_INT): POPENSSL_STACK;
+ function OPENSSL_sk_reserve( sk: POPENSSL_STACK; n: TIdC_INT): TIdC_INT;
+ procedure OPENSSL_sk_pop_free(const sk: POPENSSL_STACK; freefunc: OPENSSL_sk_freefunc );
+ function OPENSSL_sk_push(const sk: POPENSSL_STACK; new_item: pointer): TIdC_INT;
+ procedure OPENSSL_sk_free(sk: POPENSSL_STACK);
+ procedure OPENSSL_sk_zero(const sk: POPENSSL_STACK);
+ function OPENSSL_sk_delete(sk: POPENSSL_STACK; i: TIdC_INT): pointer;
+ function OPENSSL_sk_delete_ptr(sk: POPENSSL_STACK; ptr: pointer): pointer;
+ function OPENSSL_sk_unshift(sk: POPENSSL_STACK; const ptr: pointer): TIdC_INT;
+ function OPENSSL_sk_pop(sk: POPENSSL_STACK): pointer;
+ function OPENSSL_sk_shift(sk: POPENSSL_STACK): pointer;
+ function OPENSSL_sk_insert(sk: POPENSSL_STACK; const ptr: pointer; idx: TIdC_INT): TIdC_INT;
+ function OPENSSL_sk_set(sk: POPENSSL_STACK; idx: TIdC_INT; const ptr: pointer): pointer;
+ function OPENSSL_sk_find(sk: POPENSSL_STACK; const ptr: pointer): TIdC_INT;
+ function OPENSSL_sk_find_ex(sk: POPENSSL_STACK; const ptr: pointer): TIdC_INT;
+ procedure OPENSSL_sk_sort(sk: POPENSSL_STACK);
+ function OPENSSL_sk_is_sorted(sk: POPENSSL_STACK): TIdC_INT;
+ function OPENSSL_sk_dup(const sk: POPENSSL_STACK): POPENSSL_STACK;
+ function OPENSSL_sk_deep_copy(const sk: POPENSSL_STACK; copyfunc: OPENSSL_sk_copyfunc; freefunc: OPENSSL_sk_freefunc): POPENSSL_STACK;
+ function OPENSSL_sk_set_cmp_func(const sk:POPENSSL_STACK; compare: OPENSSL_sk_compfunc): OPENSSL_sk_compfunc;
+
+implementation
+
+end.

From a7719ce876dc966b6945f6b55f83f3d3ea3133a8 Mon Sep 17 00:00:00 2001
From: WeberAndre <WeberAndre@gmx.de>
Date: Wed, 15 Feb 2023 11:44:41 +0100
Subject: [PATCH 61/64] Add uses IdOpenSSLHeaders_stack

prepared some code for // DEFINE_STACK_OF expansion
(moved some lines up/down)
Changed some function prototypes to use the stack_of types.
---
 .../IdOpenSSLHeaders_asn1.pas                 |  8 ++-
 .../IdOpenSSLHeaders_asn1t.pas                |  4 +-
 .../IntermediateCode/IdOpenSSLHeaders_cms.pas |  3 +-
 .../IdOpenSSLHeaders_conf.pas                 |  3 +-
 .../IdOpenSSLHeaders_crypto.pas               |  5 ++
 .../IdOpenSSLHeaders_ossl_typ.pas             |  8 +--
 .../IdOpenSSLHeaders_pkcs7.pas                | 56 ++++++++++---------
 .../IntermediateCode/IdOpenSSLHeaders_ssl.pas |  3 +-
 .../IntermediateCode/IdOpenSSLHeaders_ts.pas  |  3 +-
 .../IntermediateCode/IdOpenSSLHeaders_ui.pas  |  3 +-
 .../IdOpenSSLHeaders_x509.pas                 | 12 ++--
 .../IdOpenSSLHeaders_x509v3.pas               | 34 ++++++-----
 12 files changed, 88 insertions(+), 54 deletions(-)

diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_asn1.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_asn1.pas
index dfa10a45a..9257da9cb 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_asn1.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_asn1.pas
@@ -39,6 +39,7 @@ interface
   IdOpenSSLConsts,
   IdOpenSSLHeaders_asn1t,
   IdOpenSSLHeaders_bio,
+  IdOpenSSLHeaders_stack,
   IdOpenSSlHeaders_ossl_typ;
 
 {$MINENUMSIZE 4}
@@ -84,9 +85,12 @@ interface
   SMIME_CRLFEOL = $800;
   SMIME_STREAM = $1000;
 
+//type
+// -> IdOpenSSlHeaders_ossl_typ.pas
 //    struct X509_algor_st;
-//DEFINE_STACK_OF(X509_ALGOR)
+//-DEFINE_STACK_OF(X509_ALGOR)
 
+const
   ASN1_STRING_FLAG_BITS_LEFT = $08;   (* Set if $07 has bits left value *)
   (*
    * This indicates that the ASN1_STRING is not a real value but just a place
@@ -466,6 +470,8 @@   BIT_STRING_BITNAME_st = record
 //        int i2d_##name(type *a, unsigned char **out); \
 //#  define DECLARE_ASN1_ITEM(name) \
 //        OPENSSL_EXTERN const ASN1_ITEM name##_it;
+ // moved from below to here
+  //DEFINE_STACK_OF(ASN1_OBJECT)
 
 var
 // DECLARE_ASN1_FUNCTIONS_fname(ASN1_TYPE, ASN1_ANY, ASN1_TYPE)
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_asn1t.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_asn1t.pas
index 5ad3a985d..92858ebd9 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_asn1t.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_asn1t.pas
@@ -37,7 +37,8 @@ interface
   IdCTypes,
   IdGlobal,
   IdOpenSSLConsts,
-  IdOpenSSLHeaders_ossl_typ;
+  IdOpenSSLHeaders_ossl_typ,
+  IdOpenSSLHeaders_stack;
   
 type
   // moved from asn1
@@ -974,6 +975,7 @@   ASN1_STREAM_ARG_st = record
 //DECLARE_ASN1_ITEM(ZLONG)
 //# endif
 
+type
 //DEFINE_STACK_OF(ASN1_VALUE)
 
 //* Functions used internally by the ASN1 code */
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_cms.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_cms.pas
index f0120f7a0..647abcaea 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_cms.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_cms.pas
@@ -38,7 +38,8 @@ interface
   IdGlobal,
   IdOpenSSLConsts,
   IdOpenSSLHeaders_ossl_typ,
-  IdOpenSSLHeaders_x509;
+  IdOpenSSLHeaders_x509,
+  IdOpenSSLHeaders_stack;
 
 type
   CMS_ContentInfo_st = type Pointer;
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_conf.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_conf.pas
index 0d3b3a132..a19003b00 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_conf.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_conf.pas
@@ -38,7 +38,8 @@ interface
   IdGlobal,
   IdOpenSSLConsts,
   IdOpenSSLHeaders_bio,
-  IdOpenSSLHeaders_ossl_typ;
+  IdOpenSSLHeaders_ossl_typ,
+  IdOpenSSLHeaders_stack;
 
 type
   CONF_parse_list_list_cb = function (const elem: PAnsiChar; len: TIdC_INT; usr: Pointer): TIdC_INT;
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_crypto.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_crypto.pas
index f1fbc7a28..c86a384a8 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_crypto.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_crypto.pas
@@ -39,6 +39,7 @@ interface
   IdOpenSSLConsts,
   IdOpenSSLHeaders_bio,
   IdOpenSSLHeaders_ossl_typ,
+  IdOpenSSLHeaders_stack,
   {$IFDEF VCL_XE3_OR_ABOVE}System.Types{$ELSE}Types{$ENDIF};
 
 {$MINENUMSIZE 4}
@@ -119,6 +120,10 @@ interface
 type
   CRYPTO_RWLOCK = type Pointer;
   PCRYPTO_RWLOCK = ^CRYPTO_RWLOCK;
+
+  Void = type Pointer;
+  PVoid = ^Void;
+
   //crypto_ex_data_st = record
   //  sk: PStackOfVoid;
   //end;
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ossl_typ.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ossl_typ.pas
index 2ab291c35..9d991d8e3 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ossl_typ.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ossl_typ.pas
@@ -36,7 +36,8 @@ interface
 uses
   IdCTypes,
   IdGlobal,
-  IdOpenSSLConsts;
+  IdOpenSSLConsts,
+  IdOpenSSLHeaders_stack;
 
 type
 // moved from unit "asn1" to prevent circular references
@@ -256,9 +257,6 @@   asn1_string_st = record
   X509 = x509_st;
   PX509 = ^X509;
   PPX509 = ^PX509;
-  Stack_Of_X509 = type Pointer;
-  PStack_Of_X509 = ^Stack_Of_X509;
-  PPStack_Of_X509 = ^PStack_Of_X509;
   X509_crl_st = type Pointer;
   X509_CRL = X509_crl_st;
   PX509_CRL = ^X509_CRL;
@@ -522,6 +520,8 @@   X509_algor_st = record
   X509_ALGOR = X509_algor_st;
   PX509_ALGOR = ^X509_ALGOR;
   PPX509_ALGOR = ^PX509_ALGOR;
+
+  //DEFINE_STACK_OF(X509_ALGOR)
   
   i2d_of_void = type Pointer;
   Pi2d_of_void = ^i2d_of_void;
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_pkcs7.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_pkcs7.pas
index 2a2669d5d..81a5ab4dc 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_pkcs7.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_pkcs7.pas
@@ -37,6 +37,8 @@ interface
   IdCTypes,
   IdGlobal,
   IdOpenSSLConsts,
+  IdOpenSSLHeaders_x509,
+  IdOpenSSLHeaders_stack,
   IdOpenSSLHeaders_ossl_typ;
 
 const
@@ -100,16 +102,18 @@   pkcs7_signer_info_st = record
     version: PASN1_INTEGER;
     issuer_and_serial: PPKCS7_ISSUER_AND_SERIAL;
     digest_alg: PX509_ALGOR;
-    auth_attr: Pointer; //PSTACK_OF_X509_ATTRIBUTE;
+    auth_attr: PSTACK_OF_X509_ATTRIBUTE;
     digest_enc_alg: PX509_ALGOR;
     enc_digest: PASN1_OCTET_STRING;
-    unauth_attr: Pointer; //PSTACK_OF_X509_ATTRIBUTE;
+    unauth_attr: PSTACK_OF_X509_ATTRIBUTE;
     pkey: PEVP_PKEY;
   end;
   PKCS7_SIGNER_INFO = pkcs7_issuer_and_serial_st;
   PPKCS7_SIGNER_INFO = ^PKCS7_SIGNER_INFO;
   PPPKCS7_SIGNER_INFO = ^PPKCS7_SIGNER_INFO;
 
+  // DEFINE_STACK_OF(PKCS7_SIGNER_INFO)
+
   pkcs7_recip_info_st = record
     version: PASN1_INTEGER;
     issuer_and_serial: PPKCS7_ISSUER_AND_SERIAL;
@@ -121,12 +125,14 @@   pkcs7_recip_info_st = record
   PPKCS7_RECIP_INFO = ^PKCS7_RECIP_INFO;
   PPPKCS7_RECIP_INFO = ^PPKCS7_RECIP_INFO;
 
+  // DEFINE_STACK_OF(PKCS7_RECIP_INFO)
+
   pkcs7_signed_st = record
     version: PASN1_INTEGER;
-    md_algs: Pointer; //PSTACK_OF_X509_ALGOR;
-    cert: Pointer; //PSTACK_OF_X509;
-    crl: Pointer; //PSTACK_OF_X509_CRL;
-    signer_info: Pointer; //PSTACK_OF_PKCS7_SIGNER_INFO;
+    md_algs: PSTACK_OF_X509_ALGOR;
+    cert: PSTACK_OF_X509; //PSTACK_OF_X509;
+    crl: PSTACK_OF_X509_CRL;
+    signer_info: PSTACK_OF_PKCS7_SIGNER_INFO;
     contents: PPKCS7;
   end;
   PKCS7_SIGNED = pkcs7_signed_st;
@@ -145,7 +151,7 @@   pkcs7_enc_content_st = record
 
   pkcs7_enveloped_st = record
     version: PASN1_INTEGER;
-    recipientinfo: Pointer; //PSTACK_OF_PKCS7_RECIP_INFO;
+    recipientinfo: PSTACK_OF_PKCS7_RECIP_INFO;
     enc_data: PPKCS7_ENC_CONTENT;
   end;
   PKCS7_ENVELOPE = pkcs7_enveloped_st;
@@ -154,12 +160,12 @@   pkcs7_enveloped_st = record
 
   pkcs7_signedandenveloped_st = record
     version: PASN1_INTEGER;
-    md_algs: Pointer; //PSTACK_OF_X509_ALGOR;
-    cert: Pointer; //PSTACK_OF_X509;
-    crl: Pointer; //PSTACK_OF_X509_CRL;
-    signer_info: Pointer; //PSTACK_OF_PKCS7_SIGNER_INFO;
+    md_algs: PSTACK_OF_X509_ALGOR;
+    cert: PSTACK_OF_X509; //PSTACK_OF_X509;
+    crl: PSTACK_OF_X509_CRL;
+    signer_info: PSTACK_OF_PKCS7_SIGNER_INFO;
     enc_data: PPKCS7_ENC_CONTENT;
-    recipientinfo: Pointer; //PSTACK_OF_PKCS7_RECIP_INFO;
+    recipientinfo: PSTACK_OF_PKCS7_RECIP_INFO;
   end;
   PKCS7_SIGN_ENVELOPE = pkcs7_signedandenveloped_st;
   PPKCS7_SIGN_ENVELOPE = ^PKCS7_SIGN_ENVELOPE;
@@ -266,8 +272,8 @@   pkcs7_digest_st = record
 //  function i2d_PKCS7_ENCRYPT(const a: PPKCS7_ENCRYPT_STRUCT; out_: PByte): TIdC_INT;
 //  function PKCS7_ENCRYPT_it: PASN1_ITEM;
 //
-//  function PKCS7_new: PPKCS7;
-//  procedure PKCS7_free(a: PPKCS7);
+  function PKCS7_new: PPKCS7;
+  procedure PKCS7_free(a: PPKCS7);
 //  function d2i_PKCS7(a: PPPKCS7; const in_: PByte; len: TIdC_LONG): PPKCS7;
 //  function i2d_PKCS7(const a: PPKCS7; out_: PByte): TIdC_INT;
 //  function PKCS7_it: PASN1_ITEM;
@@ -300,7 +306,7 @@   pkcs7_digest_st = record
   function PKCS7_add_signature(p7: PPKCS7; x509: PX509; pkey: PEVP_PKEY; const dgst: PEVP_MD): PPKCS7_SIGNER_INFO;
   function PKCS7_cert_from_signer_info(p7: PPKCS7; si: PPKCS7_SIGNER_INFO): PX509;
   function PKCS7_set_digest(p7: PPKCS7; const md: PEVP_MD): TIdC_INT;
-//  function PKCS7_get_signer_info(p7: PPKCS7): PSTACK_OF_PKCS7_SIGNER_INFO;
+  function PKCS7_get_signer_info(p7: PPKCS7): PSTACK_OF_PKCS7_SIGNER_INFO;
 
   function PKCS7_add_recipient(p7: PPKCS7; x509: PX509): PPKCS7_RECIP_INFO;
   procedure PKCS7_SIGNER_INFO_get0_algs(si: PPKCS7_SIGNER_INFO; pk: PPEVP_PKEY; pdig: PPX509_ALGOR; psig: PPX509_ALGOR);
@@ -311,27 +317,27 @@   pkcs7_digest_st = record
   function PKCS7_stream(boundary: PPPByte; p7: PPKCS7): TIdC_INT;
 
   function PKCS7_get_issuer_and_serial(p7: PPKCS7; idx: TIdC_INT): PPKCS7_ISSUER_AND_SERIAL;
-  //function PKCS7_digest_from_attributes(sk: Pointer{PSTACK_OF_X509_ATTRIBUTE}): PASN1_OCTET_STRING;
+  function PKCS7_digest_from_attributes(sk: PSTACK_OF_X509_ATTRIBUTE): PASN1_OCTET_STRING;
   function PKCS7_add_signed_attribute(p7si: PPKCS7_SIGNER_INFO; nid: TIdC_INT; type_: TIdC_INT; data: Pointer): TIdC_INT;
   function PKCS7_add_attribute(p7si: PPKCS7_SIGNER_INFO; nid: TIdC_INT; atrtype: TIdC_INT; value: Pointer): TIdC_INT;
   function PKCS7_get_attribute(si: PPKCS7_SIGNER_INFO; nid: TIdC_INT): PASN1_TYPE;
   function PKCS7_get_signed_attribute(si: PPKCS7_SIGNER_INFO; nid: TIdC_INT): PASN1_TYPE;
-  //function PKCS7_set_signed_attributes(p7si: PPKCS7_SIGNER_INFO; sk: PSTACK_OF_X509): TIdC_INT;
-  //function PKCS7_set_attributes(p7si: PPKCS7_SIGNER_INFO; sk: PSTACK_OF_X509_ATTRIBUTE): TIdC_INT;
+  function PKCS7_set_signed_attributes(p7si: PPKCS7_SIGNER_INFO; sk: PSTACK_OF_X509): TIdC_INT;
+  function PKCS7_set_attributes(p7si: PPKCS7_SIGNER_INFO; sk: PSTACK_OF_X509_ATTRIBUTE): TIdC_INT;
 
-  //function PKCS7_sign(signcert: PX509; pkey: PEVP_PKEY; certs: PSTACK_OF_X509; data: PBIO; flags: TIdC_INT): PPKCS7;
+  function PKCS7_sign(signcert: PX509; pkey: PEVP_PKEY; certs: PSTACK_OF_X509; data: PBIO; flags: TIdC_INT): PPKCS7;
 
   function PKCS7_sign_add_signer(p7: PPKCS7; signcert: PX509; pkey: PEVP_PKEY; const md: PEVP_MD; flags: TIdC_INT): PPKCS7_SIGNER_INFO;
 
   function PKCS7_final(p7: PPKCS7; data: PBIO; flags: TIdC_INT): TIdC_INT;
-  //function PKCS7_verify(p7: PPKCS7; certs: PSTACK_OF_X509; store: PX509_STORE; indata: PBIO; out_: PBIO; flags: TIdC_INT): TIdC_INT;
-  //function PKCS7_get0_signers(p7: PPKCS7; certs: PSTACK_OF_X509; flags: TIdC_INT): PSTACK_OF_X509;
-  //function PKCS7_encrypt(certs: PSTACK_OF_X509; in_: PBIO; const cipher: PEVP_CIPHER; flags: TIdC_INT): PPKCS7;
+  function PKCS7_verify(p7: PPKCS7; certs: PSTACK_OF_X509; store: PX509_STORE; indata: PBIO; out_: PBIO; flags: TIdC_INT): TIdC_INT;
+  function PKCS7_get0_signers(p7: PPKCS7; certs: PSTACK_OF_X509; flags: TIdC_INT): PSTACK_OF_X509;
+  function PKCS7_encrypt(certs: PSTACK_OF_X509; in_: PBIO; const cipher: PEVP_CIPHER; flags: TIdC_INT): PPKCS7;
   function PKCS7_decrypt(p7: PPKCS7; pkey: PEVP_PKEY; cert: PX509; data: PBIO; flags: TIdC_INT): TIdC_INT;
 
-  //function PKCS7_add_attrib_smimecap(si: PPKCS7_SIGNER_INFO; cap: PSTACK_OF_X509_ALGOR): TIdC_INT;
-  //function PKCS7_get_smimecap(si: PPKCS7_SIGNER_INFO): PSTACK_OF_X509_ALGOR;
-  //function PKCS7_simple_smimecap(sk: PSTACK_OF_X509_ALGOR; nid: TIdC_INT; arg: TIdC_INT): TIdC_INT;
+  function PKCS7_add_attrib_smimecap(si: PPKCS7_SIGNER_INFO; cap: PSTACK_OF_X509_ALGOR): TIdC_INT;
+  function PKCS7_get_smimecap(si: PPKCS7_SIGNER_INFO): PSTACK_OF_X509_ALGOR;
+  function PKCS7_simple_smimecap(sk: PSTACK_OF_X509_ALGOR; nid: TIdC_INT; arg: TIdC_INT): TIdC_INT;
 
   function PKCS7_add_attrib_content_type(si: PPKCS7_SIGNER_INFO; coid: PASN1_OBJECT): TIdC_INT;
   function PKCS7_add0_attrib_signing_time(si: PPKCS7_SIGNER_INFO; t: PASN1_TIME): TIdC_INT;
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ssl.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ssl.pas
index ba78fc6aa..471de1a5d 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ssl.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ssl.pas
@@ -44,7 +44,8 @@ interface
   IdOpenSSLHeaders_pem,
   IdOpenSSLHeaders_tls1,
   IdOpenSSLHeaders_ssl3,
-  IdOpenSSLHeaders_x509;
+  IdOpenSSLHeaders_x509,
+  IdOpenSSLHeaders_stack;
 
 {$MINENUMSIZE 4}
 
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ts.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ts.pas
index ae14e3d1c..0acaac3c1 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ts.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ts.pas
@@ -44,7 +44,8 @@ interface
   IdOpenSSLHeaders_rsa,
   IdOpenSSLHeaders_tserr,
   IdOpenSSLHeaders_x509,
-  IdOpenSSLHeaders_x509v3;
+  IdOpenSSLHeaders_x509v3,
+  IdOpenSSLHeaders_stack;
 
 const
   (* Possible values for status. *)
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ui.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ui.pas
index 5f9c5a323..aff1ad957 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ui.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_ui.pas
@@ -40,7 +40,8 @@ interface
   IdOpenSSLHeaders_ossl_typ,
   IdOpenSSLHeaders_crypto,
   IdOpenSSLHeaders_pem,
-  IdOpenSSLHeaders_uierr;
+  IdOpenSSLHeaders_uierr,
+  IdOpenSSLHeaders_stack;
 
 {$MINENUMSIZE 4}
 
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_x509.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_x509.pas
index f137d6d06..16a405c69 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_x509.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_x509.pas
@@ -40,7 +40,8 @@ interface
   IdOpenSSLHeaders_asn1,
   IdOpenSSLHeaders_bio,
   IdOpenSSLHeaders_evp,
-  IdOpenSSLHeaders_ossl_typ;
+  IdOpenSSLHeaders_ossl_typ,
+  IdOpenSSLHeaders_stack;
 
 type
   X509_ALGORS = type Pointer;
@@ -199,9 +200,10 @@   X509_val_st = record
   PX509_EXTENSION = ^X509_EXTENSION;
   PPX509_EXTENSION = ^PX509_EXTENSION;
 
-  //typedef STACK_OF(X509_EXTENSION) X509_EXTENSIONS;
-  //
+
   //DEFINE_STACK_OF(X509_EXTENSION)
+  //
+  //typedef STACK_OF(X509_EXTENSION) X509_EXTENSIONS;
 
   X509_ATTRIBUTE = type Pointer; // x509_attributes_st
   PX509_ATTRIBUTE = ^X509_ATTRIBUTE;
@@ -513,7 +515,7 @@   SCRYPT_PARAMS_st = record
   function X509_PUBKEY_set(x: PPX509_PUBKEY; pkey: PEVP_PKEY): TIdC_INT;
   function X509_PUBKEY_get0(key: PX509_PUBKEY): PEVP_PKEY;
   function X509_PUBKEY_get(key: PX509_PUBKEY): PEVP_PKEY;
-//  function X509_get_pubkey_parameters(pkey: PEVP_PKEY; chain: P STACK_OF(X509)): TIdC_INT;
+  function X509_get_pubkey_parameters(pkey: PEVP_PKEY; chain: PSTACK_OF_X509): TIdC_INT;
   function X509_get_pathlen(x: PX509): TIdC_LONG;
   function i2d_PUBKEY(a: PEVP_PKEY; pp: PPByte): TIdC_INT;
   function d2i_PUBKEY(a: PPEVP_PKEY; const pp: PPByte; length: TIdC_LONG): PEVP_PKEY;
@@ -749,7 +751,7 @@   SCRYPT_PARAMS_st = record
   //                            X509 *x, STACK_OF(X509) *chain,
   //                            unsigned TIdC_LONG flags);
   function X509_CRL_check_suiteb(crl: PX509_CRL; pk: PEVP_PKEY; flags: TIdC_ULONG): TIdC_INT;
-  //STACK_OF(X509) *X509_chain_up_ref(STACK_OF(X509) *chain);
+  function X509_chain_up_ref(chain: PSTACK_OF_X509): PSTACK_OF_X509;
 
   function X509_issuer_and_serial_cmp(const a: PX509; const b: PX509): TIdC_INT;
   function X509_issuer_and_serial_hash(a: PX509): TIdC_ULONG;
diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_x509v3.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_x509v3.pas
index e2528aac4..8a9bfcb77 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_x509v3.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_x509v3.pas
@@ -40,7 +40,8 @@ interface
   IdOpenSSLHeaders_ossl_typ,
   IdOpenSSLHeaders_asn1,
   IdOpenSSLHeaders_asn1t,
-  IdOpenSSLHeaders_x509;
+  IdOpenSSLHeaders_x509,
+  IdOpenSSLHeaders_stack;
 
 const
   (* ext_flags values *)
@@ -282,7 +283,8 @@ //  v3_ext_method = record
 //  end;
 //  X509V3_EXT_METHOD = v3_ext_method;
 //  PX509V3_EXT_METHOD = ^X509V3_EXT_METHOD;
-//  DEFINE_STACK_OF(X509V3_EXT_METHOD)
+// remove leading - to enable the macro DEFINE_STACK_OF in GenerateCode again!
+//  -DEFINE_STACK_OF(X509V3_EXT_METHOD)
 
 //  typedef struct X509V3_CONF_METHOD_st {
 //      PIdAnsiChar *(*get_string) (void *db, const section: PIdAnsiChar, const value: PIdAnsiChar);
@@ -368,7 +370,6 @@   ACCESS_DESCRIPTION_st = record
   ACCESS_DESCRIPTION = ACCESS_DESCRIPTION_st;
   PACCESS_DESCRIPTION = ^ACCESS_DESCRIPTION;
 
-//  typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS;
 
 //  typedef STACK_OF(ASN1_OBJECT) EXTENDED_KEY_USAGE;
 
@@ -376,9 +377,12 @@   ACCESS_DESCRIPTION_st = record
 
 //  DEFINE_STACK_OF(GENERAL_NAME)
 //  typedef STACK_OF(GENERAL_NAME) GENERAL_NAMES;
-//  DEFINE_STACK_OF(GENERAL_NAMES)
+//  -DEFINE_STACK_OF(GENERAL_NAMES) is equal to STACK_OF_GENERAL_NAME
+//  DEFINE_STACK_OF(STACK_OF_GENERAL_NAME)
 
 //  DEFINE_STACK_OF(ACCESS_DESCRIPTION)
+//  typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS;
+
 //  DIST_POINT_NAME_st_union = record
 //    case TIdC_INT of
 //      0: (GENERAL_NAMES *fullname);
@@ -400,10 +404,10 @@   DIST_POINT_NAME_st = record
 //      TIdC_INT dp_reasons;
 //  };
 
-//  typedef STACK_OF(DIST_POINT) CRL_DIST_POINTS;
-
 //  DEFINE_STACK_OF(DIST_POINT)
 
+//  typedef STACK_OF(DIST_POINT) CRL_DIST_POINTS;
+
 //  AUTHORITY_KEYID_st = record
 //    keyid: PASN1_OCTET_STRING;
 //    issuer: PGENERAL_NAMES;
@@ -453,7 +457,9 @@ //  POLICYQUALINFO_st = record
 //  end;
 //  POLICYQUALINFO = POLICYQUALINFO_st;
 //  PPOLICYQUALINFO = ^POLICYQUALINFO;
-//  DEFINE_STACK_OF(POLICYQUALINFO)
+
+// remove leading - to enable the macro DEFINE_STACK_OF in GenerateCode again!
+//  -DEFINE_STACK_OF(POLICYQUALINFO)
 
 //  POLICYINFO_st = record
 //    ASN1_OBJECT *policyid;
@@ -461,8 +467,9 @@ //  POLICYINFO_st = record
 //  end;
 //  POLICYINFO = POLICYINFO_st;
 //  PPOLICYINFO = ^POLICYINFO;
-//  typedef STACK_OF(POLICYINFO) CERTIFICATEPOLICIES;
-//  DEFINE_STACK_OF(POLICYINFO)
+// remove leading - to enable the macro DEFINE_STACK_OF in GenerateCode again!
+//  -typedef STACK_OF(POLICYINFO) CERTIFICATEPOLICIES;
+//  -DEFINE_STACK_OF(POLICYINFO)
 
   POLICY_MAPPING_st = record
     issuerDomainPolicy: PASN1_OBJECT;
@@ -575,8 +582,8 @@   ASIdOrRange_st = record
   end;
   ASIdOrRange = ASIdOrRange_st;
   PASIdOrRange = ^ASIdOrRange;
-//  typedef STACK_OF(ASIdOrRange) ASIdOrRanges;
 //  DEFINE_STACK_OF(ASIdOrRange)
+//  typedef STACK_OF(ASIdOrRange) ASIdOrRanges;
 
 //  ASIdentifierChoice_st = record
 //    type_: TIdC_INT;
@@ -613,8 +620,8 @@   IPAddressOrRange_st = record
   IPAddressOrRange = IPAddressOrRange_st;
   PIPAddressOrRange = ^IPAddressOrRange;
 
-//  typedef STACK_OF(IPAddressOrRange) IPAddressOrRanges;
 //  DEFINE_STACK_OF(IPAddressOrRange)
+//  typedef STACK_OF(IPAddressOrRange) IPAddressOrRanges;
 
 //  IPAddressChoice_st = record
 //    type_: TIdC_INT;
@@ -632,8 +639,9 @@ //  IPAddressFamily_st = record
 //  IPAddressFamily = IPAddressFamily_st;
 //  PIPAddressFamily = ^IPAddressFamily;
 
-//  typedef STACK_OF(IPAddressFamily) IPAddrBlocks;
-//  DEFINE_STACK_OF(IPAddressFamily)
+// remove leading - to enable the macro DEFINE_STACK_OF in GenerateCode again!
+//  -DEFINE_STACK_OF(IPAddressFamily)
+//  -typedef STACK_OF(IPAddressFamily) IPAddrBlocks;
 
 //  DECLARE_ASN1_FUNCTIONS(IPAddressRange)
 //  DECLARE_ASN1_FUNCTIONS(IPAddressOrRange)

From c90012fc89dd56f4497487d08e83df9b0841b31f Mon Sep 17 00:00:00 2001
From: WeberAndre <WeberAndre@gmx.de>
Date: Wed, 15 Feb 2023 11:48:30 +0100
Subject: [PATCH 62/64] EVP_DecryptFinal_ex parameter ctx wrong type

ctx is a PEVP_CIPHER_CTX and not a PEVP_MD_CTX;
---
 Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_evp.pas | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_evp.pas b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_evp.pas
index ab1ff06b9..52c16bc72 100644
--- a/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_evp.pas
+++ b/Lib/Protocols/OpenSSL/IntermediateCode/IdOpenSSLHeaders_evp.pas
@@ -728,7 +728,7 @@ function EVP_PKEY_assign_POLY1305(pkey: PEVP_PKEY; polykey: Pointer): TIdC_INT;
   function EVP_DecryptInit_ex(ctx: PEVP_CIPHER_CTX; const cipher: PEVP_CIPHER; impl: PENGINE; const key: PByte; const iv: PByte): TIdC_INT;
   function EVP_DecryptUpdate(ctx: PEVP_CIPHER_CTX; out_: PByte; out1: PIdC_INT; const in_: PByte; in_1: TIdC_INT): TIdC_INT;
   function EVP_DecryptFinal(ctx: PEVP_CIPHER_CTX; outm: PByte; out1: PIdC_INT): TIdC_INT;
-  function EVP_DecryptFinal_ex(ctx: PEVP_MD_CTX; outm: PByte; out1: PIdC_INT): TIdC_INT;
+  function EVP_DecryptFinal_ex(ctx: PEVP_CIPHER_CTX; outm: PByte; out1: PIdC_INT): TIdC_INT;
 
   function EVP_CipherInit(ctx: PEVP_CIPHER_CTX; const cipher: PEVP_CIPHER; const key: PByte; const iv: PByte; enc: TIdC_INT): TIdC_INT;
   function EVP_CipherInit_ex(ctx: PEVP_CIPHER_CTX; const cipher: PEVP_CIPHER; impl: PENGINE; const key: PByte; const iv: PByte; enc: TidC_INT): TIdC_INT;

From fc9df5311aa5d0cd8e1e9340eb643954c12673ab Mon Sep 17 00:00:00 2001
From: WeberAndre <WeberAndre@gmx.de>
Date: Wed, 15 Feb 2023 11:52:04 +0100
Subject: [PATCH 63/64] Initialize IdOpenSSLHeaders_stack

---
 Lib/Protocols/OpenSSL/IdOpenSSLLoader.pas | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/Lib/Protocols/OpenSSL/IdOpenSSLLoader.pas b/Lib/Protocols/OpenSSL/IdOpenSSLLoader.pas
index e2c840196..a2573300e 100644
--- a/Lib/Protocols/OpenSSL/IdOpenSSLLoader.pas
+++ b/Lib/Protocols/OpenSSL/IdOpenSSLLoader.pas
@@ -83,6 +83,7 @@ implementation
   IdOpenSSLHeaders_rsaerr,
   IdOpenSSLHeaders_sha,
   IdOpenSSLHeaders_srtp,
+  IdOpenSSLHeaders_stack,
   IdOpenSSLHeaders_storeerr,
   IdOpenSSLHeaders_ts,
   IdOpenSSLHeaders_tserr,
@@ -233,6 +234,7 @@ function TOpenSSLLoader.Load: Boolean;
       IdOpenSSLHeaders_rsa.Load(FLibCrypto, FFailed);
       IdOpenSSLHeaders_rsaerr.Load(FLibCrypto, FFailed);
       IdOpenSSLHeaders_sha.Load(FLibCrypto, FFailed);
+      IdOpenSSLHeaders_stack.Load(FLibCrypto, FFailed);
       IdOpenSSLHeaders_srtp.Load(FLibCrypto, FFailed);
       IdOpenSSLHeaders_storeerr.Load(FLibCrypto, FFailed);
       IdOpenSSLHeaders_ts.Load(FLibCrypto, FFailed);

From fe1ebac841afd06078d4474c1883b9cb7627f795 Mon Sep 17 00:00:00 2001
From: WeberAndre <WeberAndre@gmx.de>
Date: Wed, 15 Feb 2023 11:55:13 +0100
Subject: [PATCH 64/64] AssignTo and Equals incomplete

The Values of   CipherSuites / UseServerCipherPreferences / AllowUnsafeLegacyRenegotiation / UseLegacyServerConnect are not compared or copied so the values set in code get never applied to the OpenSSL context
---
 Lib/Protocols/OpenSSL/IdOpenSSLOptions.pas | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/Lib/Protocols/OpenSSL/IdOpenSSLOptions.pas b/Lib/Protocols/OpenSSL/IdOpenSSLOptions.pas
index 1471e2347..5ed3c85f9 100644
--- a/Lib/Protocols/OpenSSL/IdOpenSSLOptions.pas
+++ b/Lib/Protocols/OpenSSL/IdOpenSSLOptions.pas
@@ -227,6 +227,12 @@ procedure TIdOpenSSLOptionsBase.AssignTo(Dest: TPersistent);
     LDest.FOnGetPassword := FOnGetPassword;
     LDest.FOnKeyLogging := FOnKeyLogging;
     LDest.FOnVerify := FOnVerify;
+
+    // Missing: Weber 2022-12-07
+    LDest.FCipherSuites := FCipherSuites;
+    LDest.FUseServerCipherPreferences := FUseServerCipherPreferences;
+    LDest.FAllowUnsafeLegacyRenegotiation := FAllowUnsafeLegacyRenegotiation;
+    LDest.FUseLegacyServerConnect := FUseLegacyServerConnect;
   end
 end;
 
@@ -261,6 +267,12 @@ function TIdOpenSSLOptionsBase.Equals(Obj: TObject): Boolean;
       and (FTLSVersionMinimum = LObj.FTLSVersionMinimum)
       and (FTLSVersionMaximum = LObj.FTLSVersionMaximum)
       and (FCipherList = LObj.FCipherList)
+      // Weber 2022-12-07?
+      and (FCipherSuites = LObj.FCipherSuites)
+      and (FUseServerCipherPreferences = LObj.FUseServerCipherPreferences)
+      and (FAllowUnsafeLegacyRenegotiation = LObj.FAllowUnsafeLegacyRenegotiation)
+      and (FUseLegacyServerConnect = LObj.FUseLegacyServerConnect)
+      //
       and EqualMethod(TMethod(FOnGetPassword), TMethod(LObj.FOnGetPassword))
       and EqualMethod(TMethod(FOnKeyLogging), TMethod(LObj.FOnKeyLogging))
       and EqualMethod(TMethod(FOnVerify), TMethod(LObj.FOnVerify));