diff --git a/.gitignore b/.gitignore
index 5a227f8..9cbbd5b 100644
--- a/.gitignore
+++ b/.gitignore
@@ -34,3 +34,4 @@ openssl-1.0.0a-usa.tar.bz2
 /openssl-1.1.0b-hobbled.tar.xz
 /openssl-1.1.0c-hobbled.tar.xz
 /openssl-1.1.0d-hobbled.tar.xz
+/openssl-1.1.0e-hobbled.tar.xz
diff --git a/openssl-1.1.0-backports.patch b/openssl-1.1.0-backports.patch
deleted file mode 100644
index 1db6e65..0000000
--- a/openssl-1.1.0-backports.patch
+++ /dev/null
@@ -1,147 +0,0 @@
-From 3f60b8fbdc9b17572a86457fe5b11437c0d3fbc2 Mon Sep 17 00:00:00 2001
-From: "Dr. Stephen Henson" <steve@openssl.org>
-Date: Thu, 26 Jan 2017 17:11:14 +0000
-Subject: [PATCH] Use correct signature algorithm list when sending or
- checking.
-
-Reviewed-by: Rich Salz <rsalz@openssl.org>
-(Merged from https://github.com/openssl/openssl/pull/2297)
----
- ssl/ssl_locl.h           |  2 +-
- ssl/statem/statem_srvr.c |  2 +-
- ssl/t1_lib.c             | 12 ++++++------
- 3 files changed, 8 insertions(+), 8 deletions(-)
-
-diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h
-index 4079b31..9a997cf 100644
---- a/ssl/ssl_locl.h
-+++ b/ssl/ssl_locl.h
-@@ -2062,7 +2062,7 @@ __owur size_t tls12_copy_sigalgs(SSL *s, unsigned char *out,
-                                  const unsigned char *psig, size_t psiglen);
- __owur int tls1_save_sigalgs(SSL *s, const unsigned char *data, int dsize);
- __owur int tls1_process_sigalgs(SSL *s);
--__owur size_t tls12_get_psigalgs(SSL *s, const unsigned char **psigs);
-+__owur size_t tls12_get_psigalgs(SSL *s, int sent, const unsigned char **psigs);
- __owur int tls12_check_peer_sigalg(const EVP_MD **pmd, SSL *s,
-                                    const unsigned char *sig, EVP_PKEY *pkey);
- void ssl_set_client_disabled(SSL *s);
-diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c
-index d36d194..ad89e93 100644
---- a/ssl/statem/statem_srvr.c
-+++ b/ssl/statem/statem_srvr.c
-@@ -2002,7 +2002,7 @@ int tls_construct_certificate_request(SSL *s)
-     if (SSL_USE_SIGALGS(s)) {
-         const unsigned char *psigs;
-         unsigned char *etmp = p;
--        nl = tls12_get_psigalgs(s, &psigs);
-+        nl = tls12_get_psigalgs(s, 1, &psigs);
-         /* Skip over length for now */
-         p += 2;
-         nl = tls12_copy_sigalgs(s, p, psigs, nl);
-diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
-index 1205f99..b75e568 100644
---- a/ssl/t1_lib.c
-+++ b/ssl/t1_lib.c
-@@ -711,7 +711,7 @@ static const unsigned char suiteb_sigalgs[] = {
-         tlsext_sigalg_ecdsa(TLSEXT_hash_sha384)
- };
- #endif
--size_t tls12_get_psigalgs(SSL *s, const unsigned char **psigs)
-+size_t tls12_get_psigalgs(SSL *s, int sent, const unsigned char **psigs)
- {
-     /*
-      * If Suite B mode use Suite B sigalgs only, ignore any other
-@@ -733,7 +733,7 @@ size_t tls12_get_psigalgs(SSL *s, const unsigned char **psigs)
-     }
- #endif
-     /* If server use client authentication sigalgs if not NULL */
--    if (s->server && s->cert->client_sigalgs) {
-+    if (s->server == sent && s->cert->client_sigalgs) {
-         *psigs = s->cert->client_sigalgs;
-         return s->cert->client_sigalgslen;
-     } else if (s->cert->conf_sigalgs) {
-@@ -797,7 +797,7 @@ int tls12_check_peer_sigalg(const EVP_MD **pmd, SSL *s,
- #endif
- 
-     /* Check signature matches a type we sent */
--    sent_sigslen = tls12_get_psigalgs(s, &sent_sigs);
-+    sent_sigslen = tls12_get_psigalgs(s, 1, &sent_sigs);
-     for (i = 0; i < sent_sigslen; i += 2, sent_sigs += 2) {
-         if (sig[0] == sent_sigs[0] && sig[1] == sent_sigs[1])
-             break;
-@@ -1189,7 +1189,7 @@ unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *buf,
-         size_t salglen;
-         const unsigned char *salg;
-         unsigned char *etmp;
--        salglen = tls12_get_psigalgs(s, &salg);
-+        salglen = tls12_get_psigalgs(s, 1, &salg);
- 
-         /*-
-          * check for enough space.
-@@ -3396,7 +3396,7 @@ void ssl_set_sig_mask(uint32_t *pmask_a, SSL *s, int op)
-      * RSA, DSA, ECDSA. Do this for all versions not just TLS 1.2. To keep
-      * down calls to security callback only check if we have to.
-      */
--    sigalgslen = tls12_get_psigalgs(s, &sigalgs);
-+    sigalgslen = tls12_get_psigalgs(s, 1, &sigalgs);
-     for (i = 0; i < sigalgslen; i += 2, sigalgs += 2) {
-         switch (sigalgs[1]) {
- #ifndef OPENSSL_NO_RSA
-@@ -3491,7 +3491,7 @@ static int tls1_set_shared_sigalgs(SSL *s)
-         conf = c->conf_sigalgs;
-         conflen = c->conf_sigalgslen;
-     } else
--        conflen = tls12_get_psigalgs(s, &conf);
-+        conflen = tls12_get_psigalgs(s, 0, &conf);
-     if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE || is_suiteb) {
-         pref = conf;
-         preflen = conflen;
--- 
-2.9.3
-
-From b431b094330da3e54805c49fb262192e34bc3864 Mon Sep 17 00:00:00 2001
-From: Richard Levitte <levitte@openssl.org>
-Date: Sat, 28 Jan 2017 17:43:17 +0100
-Subject: [PATCH] X509_CRL_digest() - ensure precomputed sha1 hash before
- returning it
-
-X509_CRL_digest() didn't check if the precomputed sha1 hash was actually
-present.  This also makes sure there's an appropriate flag to check.
-
-Reviewed-by: Kurt Roeckx <kurt@openssl.org>
-(Merged from https://github.com/openssl/openssl/pull/2314)
-(cherry picked from commit 6195848b2eea627c47f74b63eb2ba3dc3d5b6436)
----
- crypto/x509/x_all.c | 2 +-
- crypto/x509/x_crl.c | 2 ++
- 2 files changed, 3 insertions(+), 1 deletion(-)
-
-diff --git a/crypto/x509/x_all.c b/crypto/x509/x_all.c
-index 59f96a5..124dd2d 100644
---- a/crypto/x509/x_all.c
-+++ b/crypto/x509/x_all.c
-@@ -377,7 +377,7 @@ int X509_digest(const X509 *data, const EVP_MD *type, unsigned char *md,
- int X509_CRL_digest(const X509_CRL *data, const EVP_MD *type,
-                     unsigned char *md, unsigned int *len)
- {
--    if (type == EVP_sha1()) {
-+    if (type == EVP_sha1() && (data->flags & EXFLAG_SET) != 0) {
-         /* Asking for SHA1; always computed in CRL d2i. */
-         if (len != NULL)
-             *len = sizeof(data->sha1_hash);
-diff --git a/crypto/x509/x_crl.c b/crypto/x509/x_crl.c
-index da9c6b6..dbed850 100644
---- a/crypto/x509/x_crl.c
-+++ b/crypto/x509/x_crl.c
-@@ -226,6 +226,8 @@ static int crl_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
-             if (crl->meth->crl_init(crl) == 0)
-                 return 0;
-         }
-+
-+        crl->flags |= EXFLAG_SET;
-         break;
- 
-     case ASN1_OP_FREE_POST:
--- 
-2.9.3
-
diff --git a/openssl-1.1.0-build.patch b/openssl-1.1.0-build.patch
index dc976f2..41446ed 100644
--- a/openssl-1.1.0-build.patch
+++ b/openssl-1.1.0-build.patch
@@ -29,99 +29,3 @@ diff -up openssl-1.1.0c/Configurations/10-main.conf.build openssl-1.1.0c/Configu
      },
      "linux-arm64ilp32" => {  # https://wiki.linaro.org/Platform/arm64-ilp32
          inherit_from     => [ "linux-generic32", asm("aarch64_asm") ],
-diff -up openssl-1.1.0c/crypto/ec/ec_lib.c.build openssl-1.1.0c/crypto/ec/ec_lib.c
---- openssl-1.1.0c/crypto/ec/ec_lib.c.build	2016-11-10 15:03:44.000000000 +0100
-+++ openssl-1.1.0c/crypto/ec/ec_lib.c	2016-11-11 13:26:36.097400901 +0100
-@@ -74,9 +74,6 @@ void EC_pre_comp_free(EC_GROUP *group)
-         break;
- #endif
- #ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
--    case PCT_nistp224:
--        EC_nistp224_pre_comp_free(group->pre_comp.nistp224);
--        break;
-     case PCT_nistp256:
-         EC_nistp256_pre_comp_free(group->pre_comp.nistp256);
-         break;
-@@ -152,9 +149,6 @@ int EC_GROUP_copy(EC_GROUP *dest, const
-         break;
- #endif
- #ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
--    case PCT_nistp224:
--        dest->pre_comp.nistp224 = EC_nistp224_pre_comp_dup(src->pre_comp.nistp224);
--        break;
-     case PCT_nistp256:
-         dest->pre_comp.nistp256 = EC_nistp256_pre_comp_dup(src->pre_comp.nistp256);
-         break;
-diff -up openssl-1.1.0c/test/ecdhtest_cavs.h.build openssl-1.1.0c/test/ecdhtest_cavs.h
---- openssl-1.1.0c/test/ecdhtest_cavs.h.build	2016-11-11 13:26:36.079400491 +0100
-+++ openssl-1.1.0c/test/ecdhtest_cavs.h	2016-11-11 13:26:36.097400901 +0100
-@@ -29,6 +29,7 @@ typedef struct {
- 
- static const ecdh_cavs_kat_t ecdh_cavs_kats[] = {
-     /* curves over prime fields go here */
-+#if 0
-     { NID_X9_62_prime192v1,
-     "42ea6dd9969dd2a61fea1aac7f8e98edcc896c6e55857cc0",
-     "dfbe5d7c61fac88b11811bde328e8a0d12bf01a9d204b523",
-@@ -379,6 +380,7 @@ static const ecdh_cavs_kat_t ecdh_cavs_k
-     "a6b29632db94da2125dc1cf80e03702687b2acc1122022fa2174765a",
-     "61723edd73e10daed73775278f1958ba56f1fc9d085ebc2b64c84fe5",
-     "71954e2261e8510be1a060733671d2e9d0a2d012eb4e09556d697d2a" },
-+#endif
-     { NID_X9_62_prime256v1,
-     "700c48f77f56584c5cc632ca65640db91b6bacce3a4df6b42ce7cc838833d287",
-     "db71e509e3fd9b060ddb20ba5c51dcc5948d46fbf640dfe0441782cab85fa4ac",
-diff -up openssl-1.1.0c/test/ecdhtest.c.build openssl-1.1.0c/test/ecdhtest.c
---- openssl-1.1.0c/test/ecdhtest.c.build	2016-11-10 15:03:47.000000000 +0100
-+++ openssl-1.1.0c/test/ecdhtest.c	2016-11-11 13:26:36.097400901 +0100
-@@ -252,6 +252,7 @@ typedef struct {
- 
- static const ecdh_kat_t ecdh_kats[] = {
-     /* Keys and shared secrets from RFC 5114 */
-+#if 0
-     { NID_X9_62_prime192v1,
-     "323FA3169D8E9C6593F59476BC142000AB5BE0E249C43426",
-     "631F95BB4A67632C9C476EEE9AB695AB240A0499307FCF62",
-@@ -260,6 +261,7 @@ static const ecdh_kat_t ecdh_kats[] = {
-     "B558EB6C288DA707BBB4F8FBAE2AB9E9CB62E3BC5C7573E22E26D37F",
-     "AC3B1ADD3D9770E6F6A708EE9F3B8E0AB3B480E9F27F85C88B5E6D18",
-     "52272F50F46F4EDC9151569092F46DF2D96ECC3B6DC1714A4EA949FA" },
-+#endif
-     { NID_X9_62_prime256v1,
-     "814264145F2F56F2E96A8E337A1284993FAF432A5ABCE59E867B7291D507A3AF",
-     "2CE1788EC197E096DB95A200CC0AB26A19CE6BCCAD562B8EEE1B593761CF7F41",
-@@ -303,6 +305,7 @@ static const ecdh_kat_t ecdh_kats[] = {
-     "01144C7D79AE6956BC8EDB8E7C787C4521CB086FA64407F97894E5E6B2D79B04"
-     "D1427E73CA4BAA240A34786859810C06B3C715A3A8CC3151F2BEE417996D19F3"
-     "DDEA" },
-+#if 0
-     /* Keys and shared secrets from RFC 7027 */
-     { NID_brainpoolP256r1,
-     "81DB1EE100150FF2EA338D708271BE38300CB54241D79950F77B063039804F1D",
-@@ -322,6 +325,7 @@ static const ecdh_kat_t ecdh_kats[] = {
-     "ABBC19963DAB8E2F1EBA00BFFB29E4D72D13F2224562F405CB80503666B25429",
-     "A7927098655F1F9976FA50A9D566865DC530331846381C87256BAF3226244B76"
-     "D36403C024D7BBF0AA0803EAFF405D3D24F11A9B5C0BEF679FE1454B21C4CD1F" }
-+#endif
- };
- 
- /* Given private value and NID, create EC_KEY structure */
-diff -up openssl-1.1.0c/test/ecdsatest.c.build openssl-1.1.0c/test/ecdsatest.c
---- openssl-1.1.0c/test/ecdsatest.c.build	2016-11-10 15:03:47.000000000 +0100
-+++ openssl-1.1.0c/test/ecdsatest.c	2016-11-11 13:26:36.097400901 +0100
-@@ -216,6 +216,7 @@ int x9_62_tests(BIO *out)
-     if (!change_rand())
-         goto x962_err;
- 
-+#if 0
-     if (!x9_62_test_internal(out, NID_X9_62_prime192v1,
-                              "3342403536405981729393488334694600415596881826869351677613",
-                              "5735822328888155254683894997897571951568553642892029982342"))
-@@ -226,6 +227,7 @@ int x9_62_tests(BIO *out)
-                              "3238135532097973577080787768312505059318910517550078427819"
-                              "78505179448783"))
-         goto x962_err;
-+#endif
- # ifndef OPENSSL_NO_EC2M
-     if (!x9_62_test_internal(out, NID_X9_62_c2tnb191v1,
-                              "87194383164871543355722284926904419997237591535066528048",
diff --git a/openssl-1.1.0-ec-curves.patch b/openssl-1.1.0-ec-curves.patch
index 2b6059e..32cfb08 100644
--- a/openssl-1.1.0-ec-curves.patch
+++ b/openssl-1.1.0-ec-curves.patch
@@ -1,6 +1,6 @@
-diff -up openssl-1.1.0d/apps/speed.c.curves openssl-1.1.0d/apps/speed.c
---- openssl-1.1.0d/apps/speed.c.curves	2017-01-26 14:10:21.000000000 +0100
-+++ openssl-1.1.0d/apps/speed.c	2017-01-26 15:53:33.913324153 +0100
+diff -up openssl-1.1.0e/apps/speed.c.curves openssl-1.1.0e/apps/speed.c
+--- openssl-1.1.0e/apps/speed.c.curves	2017-02-16 12:58:20.000000000 +0100
++++ openssl-1.1.0e/apps/speed.c	2017-02-16 15:46:22.271504354 +0100
 @@ -536,42 +536,18 @@ static OPT_PAIR rsa_choices[] = {
  #define R_EC_X25519  16
  #ifndef OPENSSL_NO_EC
@@ -44,9 +44,9 @@ diff -up openssl-1.1.0d/apps/speed.c.curves openssl-1.1.0d/apps/speed.c
      {"ecdhx25519", R_EC_X25519},
      {NULL}
  };
-diff -up openssl-1.1.0d/crypto/ec/ecp_smpl.c.curves openssl-1.1.0d/crypto/ec/ecp_smpl.c
---- openssl-1.1.0d/crypto/ec/ecp_smpl.c.curves	2017-01-26 14:10:22.000000000 +0100
-+++ openssl-1.1.0d/crypto/ec/ecp_smpl.c	2017-01-26 15:53:33.913324153 +0100
+diff -up openssl-1.1.0e/crypto/ec/ecp_smpl.c.curves openssl-1.1.0e/crypto/ec/ecp_smpl.c
+--- openssl-1.1.0e/crypto/ec/ecp_smpl.c.curves	2017-02-16 12:58:21.000000000 +0100
++++ openssl-1.1.0e/crypto/ec/ecp_smpl.c	2017-02-16 15:46:22.264504188 +0100
 @@ -144,6 +144,11 @@ int ec_GFp_simple_group_set_curve(EC_GRO
          return 0;
      }
@@ -59,3 +59,73 @@ diff -up openssl-1.1.0d/crypto/ec/ecp_smpl.c.curves openssl-1.1.0d/crypto/ec/ecp
      if (ctx == NULL) {
          ctx = new_ctx = BN_CTX_new();
          if (ctx == NULL)
+diff -up openssl-1.1.0e/test/ecdhtest_cavs.h.curves openssl-1.1.0e/test/ecdhtest_cavs.h
+--- openssl-1.1.0e/test/ecdhtest_cavs.h.curves	2017-02-16 15:46:22.237503550 +0100
++++ openssl-1.1.0e/test/ecdhtest_cavs.h	2017-02-16 16:08:16.091687111 +0100
+@@ -29,6 +29,7 @@ typedef struct {
+ 
+ static const ecdh_cavs_kat_t ecdh_cavs_kats[] = {
+     /* curves over prime fields go here */
++#if 0
+     { NID_X9_62_prime192v1,
+     "42ea6dd9969dd2a61fea1aac7f8e98edcc896c6e55857cc0",
+     "dfbe5d7c61fac88b11811bde328e8a0d12bf01a9d204b523",
+@@ -204,6 +205,7 @@ static const ecdh_cavs_kat_t ecdh_cavs_k
+     "fcd345a976c720caaa97de6697226825615e1287a9eff67e",
+     "58ea42edbeeafca9ff44cfd7f29abd2cbde7626d79e422c9",
+     "72e88f3ea67d46d46dbf83926e7e2a6b85b54536741e6d2c" },
++#endif
+     { NID_secp224r1,
+     "af33cd0629bc7e996320a3f40368f74de8704fa37b8fab69abaae280",
+     "882092ccbba7930f419a8a4f9bb16978bbc3838729992559a6f2e2d7",
+diff -up openssl-1.1.0e/test/ecdhtest.c.curves openssl-1.1.0e/test/ecdhtest.c
+--- openssl-1.1.0e/test/ecdhtest.c.curves	2017-02-16 12:58:24.000000000 +0100
++++ openssl-1.1.0e/test/ecdhtest.c	2017-02-16 16:07:30.412629758 +0100
+@@ -252,10 +252,12 @@ typedef struct {
+ 
+ static const ecdh_kat_t ecdh_kats[] = {
+     /* Keys and shared secrets from RFC 5114 */
++#if 0
+     { NID_X9_62_prime192v1,
+     "323FA3169D8E9C6593F59476BC142000AB5BE0E249C43426",
+     "631F95BB4A67632C9C476EEE9AB695AB240A0499307FCF62",
+     "AD420182633F8526BFE954ACDA376F05E5FF4F837F54FEBE" },
++#endif
+     { NID_secp224r1,
+     "B558EB6C288DA707BBB4F8FBAE2AB9E9CB62E3BC5C7573E22E26D37F",
+     "AC3B1ADD3D9770E6F6A708EE9F3B8E0AB3B480E9F27F85C88B5E6D18",
+@@ -303,6 +305,7 @@ static const ecdh_kat_t ecdh_kats[] = {
+     "01144C7D79AE6956BC8EDB8E7C787C4521CB086FA64407F97894E5E6B2D79B04"
+     "D1427E73CA4BAA240A34786859810C06B3C715A3A8CC3151F2BEE417996D19F3"
+     "DDEA" },
++#if 0
+     /* Keys and shared secrets from RFC 7027 */
+     { NID_brainpoolP256r1,
+     "81DB1EE100150FF2EA338D708271BE38300CB54241D79950F77B063039804F1D",
+@@ -322,6 +325,7 @@ static const ecdh_kat_t ecdh_kats[] = {
+     "ABBC19963DAB8E2F1EBA00BFFB29E4D72D13F2224562F405CB80503666B25429",
+     "A7927098655F1F9976FA50A9D566865DC530331846381C87256BAF3226244B76"
+     "D36403C024D7BBF0AA0803EAFF405D3D24F11A9B5C0BEF679FE1454B21C4CD1F" }
++#endif
+ };
+ 
+ /* Given private value and NID, create EC_KEY structure */
+diff -up openssl-1.1.0e/test/ecdsatest.c.curves openssl-1.1.0e/test/ecdsatest.c
+--- openssl-1.1.0e/test/ecdsatest.c.curves	2017-02-16 12:58:24.000000000 +0100
++++ openssl-1.1.0e/test/ecdsatest.c	2017-02-16 15:46:22.250503857 +0100
+@@ -216,6 +216,7 @@ int x9_62_tests(BIO *out)
+     if (!change_rand())
+         goto x962_err;
+ 
++#if 0
+     if (!x9_62_test_internal(out, NID_X9_62_prime192v1,
+                              "3342403536405981729393488334694600415596881826869351677613",
+                              "5735822328888155254683894997897571951568553642892029982342"))
+@@ -226,6 +227,7 @@ int x9_62_tests(BIO *out)
+                              "3238135532097973577080787768312505059318910517550078427819"
+                              "78505179448783"))
+         goto x962_err;
++#endif
+ # ifndef OPENSSL_NO_EC2M
+     if (!x9_62_test_internal(out, NID_X9_62_c2tnb191v1,
+                              "87194383164871543355722284926904419997237591535066528048",
diff --git a/openssl-1.1.0-fips.patch b/openssl-1.1.0-fips.patch
index e5fb17b..ebdcc55 100644
--- a/openssl-1.1.0-fips.patch
+++ b/openssl-1.1.0-fips.patch
@@ -1,6 +1,6 @@
-diff -up openssl-1.1.0d/apps/speed.c.fips openssl-1.1.0d/apps/speed.c
---- openssl-1.1.0d/apps/speed.c.fips	2017-01-26 16:02:29.004335278 +0100
-+++ openssl-1.1.0d/apps/speed.c	2017-01-26 16:02:29.013335037 +0100
+diff -up openssl-1.1.0e/apps/speed.c.fips openssl-1.1.0e/apps/speed.c
+--- openssl-1.1.0e/apps/speed.c.fips	2017-02-16 15:42:44.967362611 +0100
++++ openssl-1.1.0e/apps/speed.c	2017-02-16 15:42:44.975362800 +0100
 @@ -1442,7 +1442,9 @@ int speed_main(int argc, char **argv)
          }
  # endif
@@ -113,9 +113,9 @@ diff -up openssl-1.1.0d/apps/speed.c.fips openssl-1.1.0d/apps/speed.c
              if (loopargs[i].hctx == NULL) {
                  BIO_printf(bio_err, "HMAC malloc failure, exiting...");
                  exit(1);
-diff -up openssl-1.1.0d/Configure.fips openssl-1.1.0d/Configure
---- openssl-1.1.0d/Configure.fips	2017-01-26 16:02:29.010335117 +0100
-+++ openssl-1.1.0d/Configure	2017-01-26 16:02:29.014335010 +0100
+diff -up openssl-1.1.0e/Configure.fips openssl-1.1.0e/Configure
+--- openssl-1.1.0e/Configure.fips	2017-02-16 15:42:44.972362729 +0100
++++ openssl-1.1.0e/Configure	2017-02-16 15:42:44.975362800 +0100
 @@ -312,7 +312,7 @@ $config{sdirs} = [
      "md2", "md4", "md5", "sha", "mdc2", "hmac", "ripemd", "whrlpool", "poly1305", "blake2",
      "des", "aes", "rc2", "rc4", "rc5", "idea", "bf", "cast", "camellia", "seed", "chacha", "modes",
@@ -125,9 +125,9 @@ diff -up openssl-1.1.0d/Configure.fips openssl-1.1.0d/Configure
      "evp", "asn1", "pem", "x509", "x509v3", "conf", "txt_db", "pkcs7", "pkcs12", "comp", "ocsp", "ui",
      "cms", "ts", "srp", "cmac", "ct", "async", "kdf"
      ];
-diff -up openssl-1.1.0d/crypto/bn/bn_rand.c.fips openssl-1.1.0d/crypto/bn/bn_rand.c
---- openssl-1.1.0d/crypto/bn/bn_rand.c.fips	2017-01-26 14:10:22.000000000 +0100
-+++ openssl-1.1.0d/crypto/bn/bn_rand.c	2017-01-26 16:02:29.014335010 +0100
+diff -up openssl-1.1.0e/crypto/bn/bn_rand.c.fips openssl-1.1.0e/crypto/bn/bn_rand.c
+--- openssl-1.1.0e/crypto/bn/bn_rand.c.fips	2017-02-16 12:58:21.000000000 +0100
++++ openssl-1.1.0e/crypto/bn/bn_rand.c	2017-02-16 15:42:44.975362800 +0100
 @@ -39,9 +39,11 @@ static int bnrand(int pseudorand, BIGNUM
          goto err;
      }
@@ -143,9 +143,9 @@ diff -up openssl-1.1.0d/crypto/bn/bn_rand.c.fips openssl-1.1.0d/crypto/bn/bn_ran
  
      if (RAND_bytes(buf, bytes) <= 0)
          goto err;
-diff -up openssl-1.1.0d/crypto/dh/dh_err.c.fips openssl-1.1.0d/crypto/dh/dh_err.c
---- openssl-1.1.0d/crypto/dh/dh_err.c.fips	2017-01-26 14:10:22.000000000 +0100
-+++ openssl-1.1.0d/crypto/dh/dh_err.c	2017-01-26 16:02:29.014335010 +0100
+diff -up openssl-1.1.0e/crypto/dh/dh_err.c.fips openssl-1.1.0e/crypto/dh/dh_err.c
+--- openssl-1.1.0e/crypto/dh/dh_err.c.fips	2017-02-16 12:58:21.000000000 +0100
++++ openssl-1.1.0e/crypto/dh/dh_err.c	2017-02-16 15:42:44.975362800 +0100
 @@ -25,6 +25,9 @@ static ERR_STRING_DATA DH_str_functs[] =
      {ERR_FUNC(DH_F_DH_CMS_DECRYPT), "dh_cms_decrypt"},
      {ERR_FUNC(DH_F_DH_CMS_SET_PEERKEY), "dh_cms_set_peerkey"},
@@ -168,9 +168,9 @@ diff -up openssl-1.1.0d/crypto/dh/dh_err.c.fips openssl-1.1.0d/crypto/dh/dh_err.
      {ERR_REASON(DH_R_PARAMETER_ENCODING_ERROR), "parameter encoding error"},
      {ERR_REASON(DH_R_PEER_KEY_ERROR), "peer key error"},
      {ERR_REASON(DH_R_SHARED_INFO_ERROR), "shared info error"},
-diff -up openssl-1.1.0d/crypto/dh/dh_gen.c.fips openssl-1.1.0d/crypto/dh/dh_gen.c
---- openssl-1.1.0d/crypto/dh/dh_gen.c.fips	2017-01-26 14:10:22.000000000 +0100
-+++ openssl-1.1.0d/crypto/dh/dh_gen.c	2017-01-26 16:02:29.014335010 +0100
+diff -up openssl-1.1.0e/crypto/dh/dh_gen.c.fips openssl-1.1.0e/crypto/dh/dh_gen.c
+--- openssl-1.1.0e/crypto/dh/dh_gen.c.fips	2017-02-16 12:58:21.000000000 +0100
++++ openssl-1.1.0e/crypto/dh/dh_gen.c	2017-02-16 15:42:44.975362800 +0100
 @@ -16,6 +16,9 @@
  #include "internal/cryptlib.h"
  #include <openssl/bn.h>
@@ -214,9 +214,9 @@ diff -up openssl-1.1.0d/crypto/dh/dh_gen.c.fips openssl-1.1.0d/crypto/dh/dh_gen.
      ctx = BN_CTX_new();
      if (ctx == NULL)
          goto err;
-diff -up openssl-1.1.0d/crypto/dh/dh_key.c.fips openssl-1.1.0d/crypto/dh/dh_key.c
---- openssl-1.1.0d/crypto/dh/dh_key.c.fips	2017-01-26 14:10:22.000000000 +0100
-+++ openssl-1.1.0d/crypto/dh/dh_key.c	2017-01-26 16:02:29.014335010 +0100
+diff -up openssl-1.1.0e/crypto/dh/dh_key.c.fips openssl-1.1.0e/crypto/dh/dh_key.c
+--- openssl-1.1.0e/crypto/dh/dh_key.c.fips	2017-02-16 12:58:21.000000000 +0100
++++ openssl-1.1.0e/crypto/dh/dh_key.c	2017-02-16 15:42:44.976362824 +0100
 @@ -11,6 +11,9 @@
  #include "internal/cryptlib.h"
  #include "dh_locl.h"
@@ -300,9 +300,9 @@ diff -up openssl-1.1.0d/crypto/dh/dh_key.c.fips openssl-1.1.0d/crypto/dh/dh_key.
      dh->flags |= DH_FLAG_CACHE_MONT_P;
      return (1);
  }
-diff -up openssl-1.1.0d/crypto/dsa/dsa_err.c.fips openssl-1.1.0d/crypto/dsa/dsa_err.c
---- openssl-1.1.0d/crypto/dsa/dsa_err.c.fips	2017-01-26 16:02:29.028334636 +0100
-+++ openssl-1.1.0d/crypto/dsa/dsa_err.c	2017-01-26 16:05:40.306217789 +0100
+diff -up openssl-1.1.0e/crypto/dsa/dsa_err.c.fips openssl-1.1.0e/crypto/dsa/dsa_err.c
+--- openssl-1.1.0e/crypto/dsa/dsa_err.c.fips	2017-02-16 12:58:21.000000000 +0100
++++ openssl-1.1.0e/crypto/dsa/dsa_err.c	2017-02-16 15:42:44.976362824 +0100
 @@ -21,10 +21,13 @@
  static ERR_STRING_DATA DSA_str_functs[] = {
      {ERR_FUNC(DSA_F_DSAPARAMS_PRINT), "DSAparams_print"},
@@ -330,9 +330,9 @@ diff -up openssl-1.1.0d/crypto/dsa/dsa_err.c.fips openssl-1.1.0d/crypto/dsa/dsa_
      {ERR_REASON(DSA_R_PARAMETER_ENCODING_ERROR), "parameter encoding error"},
      {ERR_REASON(DSA_R_Q_NOT_PRIME), "q not prime"},
      {ERR_REASON(DSA_R_SEED_LEN_SMALL),
-diff -up openssl-1.1.0d/crypto/dsa/dsa_gen.c.fips openssl-1.1.0d/crypto/dsa/dsa_gen.c
---- openssl-1.1.0d/crypto/dsa/dsa_gen.c.fips	2017-01-26 14:10:22.000000000 +0100
-+++ openssl-1.1.0d/crypto/dsa/dsa_gen.c	2017-01-26 16:02:29.029334609 +0100
+diff -up openssl-1.1.0e/crypto/dsa/dsa_gen.c.fips openssl-1.1.0e/crypto/dsa/dsa_gen.c
+--- openssl-1.1.0e/crypto/dsa/dsa_gen.c.fips	2017-02-16 12:58:21.000000000 +0100
++++ openssl-1.1.0e/crypto/dsa/dsa_gen.c	2017-02-16 15:42:44.976362824 +0100
 @@ -22,12 +22,22 @@
  #include <openssl/rand.h>
  #include <openssl/sha.h>
@@ -494,9 +494,9 @@ diff -up openssl-1.1.0d/crypto/dsa/dsa_gen.c.fips openssl-1.1.0d/crypto/dsa/dsa_
 +}
 +
 +#endif
-diff -up openssl-1.1.0d/crypto/dsa/dsa_key.c.fips openssl-1.1.0d/crypto/dsa/dsa_key.c
---- openssl-1.1.0d/crypto/dsa/dsa_key.c.fips	2017-01-26 14:10:22.000000000 +0100
-+++ openssl-1.1.0d/crypto/dsa/dsa_key.c	2017-01-26 16:02:29.029334609 +0100
+diff -up openssl-1.1.0e/crypto/dsa/dsa_key.c.fips openssl-1.1.0e/crypto/dsa/dsa_key.c
+--- openssl-1.1.0e/crypto/dsa/dsa_key.c.fips	2017-02-16 12:58:21.000000000 +0100
++++ openssl-1.1.0e/crypto/dsa/dsa_key.c	2017-02-16 15:42:44.976362824 +0100
 @@ -13,10 +13,49 @@
  #include <openssl/bn.h>
  #include "dsa_locl.h"
@@ -576,9 +576,9 @@ diff -up openssl-1.1.0d/crypto/dsa/dsa_key.c.fips openssl-1.1.0d/crypto/dsa/dsa_
      ok = 1;
  
   err:
-diff -up openssl-1.1.0d/crypto/dsa/dsa_ossl.c.fips openssl-1.1.0d/crypto/dsa/dsa_ossl.c
---- openssl-1.1.0d/crypto/dsa/dsa_ossl.c.fips	2017-01-26 14:10:22.000000000 +0100
-+++ openssl-1.1.0d/crypto/dsa/dsa_ossl.c	2017-01-26 16:02:29.029334609 +0100
+diff -up openssl-1.1.0e/crypto/dsa/dsa_ossl.c.fips openssl-1.1.0e/crypto/dsa/dsa_ossl.c
+--- openssl-1.1.0e/crypto/dsa/dsa_ossl.c.fips	2017-02-16 12:58:21.000000000 +0100
++++ openssl-1.1.0e/crypto/dsa/dsa_ossl.c	2017-02-16 15:42:44.976362824 +0100
 @@ -15,6 +15,9 @@
  #include <openssl/sha.h>
  #include "dsa_locl.h"
@@ -638,9 +638,9 @@ diff -up openssl-1.1.0d/crypto/dsa/dsa_ossl.c.fips openssl-1.1.0d/crypto/dsa/dsa
      dsa->flags |= DSA_FLAG_CACHE_MONT_P;
      return (1);
  }
-diff -up openssl-1.1.0d/crypto/dsa/dsa_pmeth.c.fips openssl-1.1.0d/crypto/dsa/dsa_pmeth.c
---- openssl-1.1.0d/crypto/dsa/dsa_pmeth.c.fips	2017-01-26 14:10:22.000000000 +0100
-+++ openssl-1.1.0d/crypto/dsa/dsa_pmeth.c	2017-01-26 16:02:29.029334609 +0100
+diff -up openssl-1.1.0e/crypto/dsa/dsa_pmeth.c.fips openssl-1.1.0e/crypto/dsa/dsa_pmeth.c
+--- openssl-1.1.0e/crypto/dsa/dsa_pmeth.c.fips	2017-02-16 12:58:21.000000000 +0100
++++ openssl-1.1.0e/crypto/dsa/dsa_pmeth.c	2017-02-16 15:42:44.976362824 +0100
 @@ -212,8 +212,8 @@ static int pkey_dsa_paramgen(EVP_PKEY_CT
          BN_GENCB_free(pcb);
          return 0;
@@ -652,9 +652,9 @@ diff -up openssl-1.1.0d/crypto/dsa/dsa_pmeth.c.fips openssl-1.1.0d/crypto/dsa/ds
      BN_GENCB_free(pcb);
      if (ret)
          EVP_PKEY_assign_DSA(pkey, dsa);
-diff -up openssl-1.1.0d/crypto/ec/ecdh_ossl.c.fips openssl-1.1.0d/crypto/ec/ecdh_ossl.c
---- openssl-1.1.0d/crypto/ec/ecdh_ossl.c.fips	2017-01-26 14:10:22.000000000 +0100
-+++ openssl-1.1.0d/crypto/ec/ecdh_ossl.c	2017-01-26 16:02:29.029334609 +0100
+diff -up openssl-1.1.0e/crypto/ec/ecdh_ossl.c.fips openssl-1.1.0e/crypto/ec/ecdh_ossl.c
+--- openssl-1.1.0e/crypto/ec/ecdh_ossl.c.fips	2017-02-16 12:58:21.000000000 +0100
++++ openssl-1.1.0e/crypto/ec/ecdh_ossl.c	2017-02-16 15:42:44.976362824 +0100
 @@ -33,9 +33,20 @@
  #include <openssl/ec.h>
  #include "ec_lcl.h"
@@ -676,9 +676,9 @@ diff -up openssl-1.1.0d/crypto/ec/ecdh_ossl.c.fips openssl-1.1.0d/crypto/ec/ecdh
      if (ecdh->group->meth->ecdh_compute_key == NULL) {
          ECerr(EC_F_OSSL_ECDH_COMPUTE_KEY, EC_R_CURVE_DOES_NOT_SUPPORT_ECDH);
          return 0;
-diff -up openssl-1.1.0d/crypto/ec/ecdsa_ossl.c.fips openssl-1.1.0d/crypto/ec/ecdsa_ossl.c
---- openssl-1.1.0d/crypto/ec/ecdsa_ossl.c.fips	2017-01-26 14:10:22.000000000 +0100
-+++ openssl-1.1.0d/crypto/ec/ecdsa_ossl.c	2017-01-26 16:02:29.030334582 +0100
+diff -up openssl-1.1.0e/crypto/ec/ecdsa_ossl.c.fips openssl-1.1.0e/crypto/ec/ecdsa_ossl.c
+--- openssl-1.1.0e/crypto/ec/ecdsa_ossl.c.fips	2017-02-16 12:58:21.000000000 +0100
++++ openssl-1.1.0e/crypto/ec/ecdsa_ossl.c	2017-02-16 15:42:44.976362824 +0100
 @@ -15,6 +15,10 @@
  #include <openssl/ec.h>
  #include "ec_lcl.h"
@@ -718,9 +718,9 @@ diff -up openssl-1.1.0d/crypto/ec/ecdsa_ossl.c.fips openssl-1.1.0d/crypto/ec/ecd
      /* check input values */
      if (eckey == NULL || (group = EC_KEY_get0_group(eckey)) == NULL ||
          (pub_key = EC_KEY_get0_public_key(eckey)) == NULL || sig == NULL) {
-diff -up openssl-1.1.0d/crypto/ec/ec_key.c.fips openssl-1.1.0d/crypto/ec/ec_key.c
---- openssl-1.1.0d/crypto/ec/ec_key.c.fips	2017-01-26 14:10:22.000000000 +0100
-+++ openssl-1.1.0d/crypto/ec/ec_key.c	2017-01-26 16:02:29.030334582 +0100
+diff -up openssl-1.1.0e/crypto/ec/ec_key.c.fips openssl-1.1.0e/crypto/ec/ec_key.c
+--- openssl-1.1.0e/crypto/ec/ec_key.c.fips	2017-02-16 12:58:21.000000000 +0100
++++ openssl-1.1.0e/crypto/ec/ec_key.c	2017-02-16 15:42:44.977362848 +0100
 @@ -177,14 +177,61 @@ int EC_KEY_up_ref(EC_KEY *r)
      return ((i > 1) ? 1 : 0);
  }
@@ -785,9 +785,9 @@ diff -up openssl-1.1.0d/crypto/ec/ec_key.c.fips openssl-1.1.0d/crypto/ec/ec_key.
      ECerr(EC_F_EC_KEY_GENERATE_KEY, EC_R_OPERATION_NOT_SUPPORTED);
      return 0;
  }
-diff -up openssl-1.1.0d/crypto/err/err_all.c.fips openssl-1.1.0d/crypto/err/err_all.c
---- openssl-1.1.0d/crypto/err/err_all.c.fips	2017-01-26 14:10:22.000000000 +0100
-+++ openssl-1.1.0d/crypto/err/err_all.c	2017-01-26 16:02:29.030334582 +0100
+diff -up openssl-1.1.0e/crypto/err/err_all.c.fips openssl-1.1.0e/crypto/err/err_all.c
+--- openssl-1.1.0e/crypto/err/err_all.c.fips	2017-02-16 12:58:21.000000000 +0100
++++ openssl-1.1.0e/crypto/err/err_all.c	2017-02-16 15:42:44.977362848 +0100
 @@ -43,9 +43,6 @@
  int err_load_crypto_strings_int(void)
  {
@@ -798,9 +798,9 @@ diff -up openssl-1.1.0d/crypto/err/err_all.c.fips openssl-1.1.0d/crypto/err/err_
  #ifndef OPENSSL_NO_ERR
          ERR_load_ERR_strings() == 0 ||    /* include error strings for SYSerr */
          ERR_load_BN_strings() == 0 ||
-diff -up openssl-1.1.0d/crypto/evp/c_allc.c.fips openssl-1.1.0d/crypto/evp/c_allc.c
---- openssl-1.1.0d/crypto/evp/c_allc.c.fips	2017-01-26 14:10:22.000000000 +0100
-+++ openssl-1.1.0d/crypto/evp/c_allc.c	2017-01-26 16:02:29.030334582 +0100
+diff -up openssl-1.1.0e/crypto/evp/c_allc.c.fips openssl-1.1.0e/crypto/evp/c_allc.c
+--- openssl-1.1.0e/crypto/evp/c_allc.c.fips	2017-02-16 12:58:21.000000000 +0100
++++ openssl-1.1.0e/crypto/evp/c_allc.c	2017-02-16 15:42:44.977362848 +0100
 @@ -17,6 +17,9 @@
  void openssl_add_all_ciphers_int(void)
  {
@@ -882,9 +882,9 @@ diff -up openssl-1.1.0d/crypto/evp/c_allc.c.fips openssl-1.1.0d/crypto/evp/c_all
 +    }
 +#endif
  }
-diff -up openssl-1.1.0d/crypto/evp/c_alld.c.fips openssl-1.1.0d/crypto/evp/c_alld.c
---- openssl-1.1.0d/crypto/evp/c_alld.c.fips	2017-01-26 14:10:22.000000000 +0100
-+++ openssl-1.1.0d/crypto/evp/c_alld.c	2017-01-26 16:02:29.030334582 +0100
+diff -up openssl-1.1.0e/crypto/evp/c_alld.c.fips openssl-1.1.0e/crypto/evp/c_alld.c
+--- openssl-1.1.0e/crypto/evp/c_alld.c.fips	2017-02-16 12:58:21.000000000 +0100
++++ openssl-1.1.0e/crypto/evp/c_alld.c	2017-02-16 15:42:44.977362848 +0100
 @@ -16,6 +16,9 @@
  
  void openssl_add_all_digests_int(void)
@@ -911,9 +911,9 @@ diff -up openssl-1.1.0d/crypto/evp/c_alld.c.fips openssl-1.1.0d/crypto/evp/c_all
 +    }
 +#endif
  }
-diff -up openssl-1.1.0d/crypto/evp/digest.c.fips openssl-1.1.0d/crypto/evp/digest.c
---- openssl-1.1.0d/crypto/evp/digest.c.fips	2017-01-26 14:10:22.000000000 +0100
-+++ openssl-1.1.0d/crypto/evp/digest.c	2017-01-26 16:02:29.030334582 +0100
+diff -up openssl-1.1.0e/crypto/evp/digest.c.fips openssl-1.1.0e/crypto/evp/digest.c
+--- openssl-1.1.0e/crypto/evp/digest.c.fips	2017-02-16 12:58:21.000000000 +0100
++++ openssl-1.1.0e/crypto/evp/digest.c	2017-02-16 15:42:44.977362848 +0100
 @@ -14,6 +14,9 @@
  #include <openssl/engine.h>
  #include "internal/evp_int.h"
@@ -973,9 +973,9 @@ diff -up openssl-1.1.0d/crypto/evp/digest.c.fips openssl-1.1.0d/crypto/evp/diges
      OPENSSL_assert(ctx->digest->md_size <= EVP_MAX_MD_SIZE);
      ret = ctx->digest->final(ctx, md);
      if (size != NULL)
-diff -up openssl-1.1.0d/crypto/evp/e_aes.c.fips openssl-1.1.0d/crypto/evp/e_aes.c
---- openssl-1.1.0d/crypto/evp/e_aes.c.fips	2017-01-26 14:10:22.000000000 +0100
-+++ openssl-1.1.0d/crypto/evp/e_aes.c	2017-01-26 16:02:29.031334556 +0100
+diff -up openssl-1.1.0e/crypto/evp/e_aes.c.fips openssl-1.1.0e/crypto/evp/e_aes.c
+--- openssl-1.1.0e/crypto/evp/e_aes.c.fips	2017-02-16 12:58:21.000000000 +0100
++++ openssl-1.1.0e/crypto/evp/e_aes.c	2017-02-16 15:42:44.978362871 +0100
 @@ -1261,9 +1261,9 @@ static int aes_ctr_cipher(EVP_CIPHER_CTX
      return 1;
  }
@@ -989,7 +989,7 @@ diff -up openssl-1.1.0d/crypto/evp/e_aes.c.fips openssl-1.1.0d/crypto/evp/e_aes.
  
  static int aes_gcm_cleanup(EVP_CIPHER_CTX *c)
  {
-@@ -1307,6 +1307,11 @@ static int aes_gcm_ctrl(EVP_CIPHER_CTX *
+@@ -1309,6 +1309,11 @@ static int aes_gcm_ctrl(EVP_CIPHER_CTX *
      case EVP_CTRL_AEAD_SET_IVLEN:
          if (arg <= 0)
              return 0;
@@ -1001,7 +1001,7 @@ diff -up openssl-1.1.0d/crypto/evp/e_aes.c.fips openssl-1.1.0d/crypto/evp/e_aes.
          /* Allocate memory for IV if needed */
          if ((arg > EVP_MAX_IV_LENGTH) && (arg > gctx->ivlen)) {
              if (gctx->iv != EVP_CIPHER_CTX_iv_noconst(c))
-@@ -1767,11 +1772,14 @@ static int aes_gcm_cipher(EVP_CIPHER_CTX
+@@ -1769,11 +1774,14 @@ static int aes_gcm_cipher(EVP_CIPHER_CTX
                  | EVP_CIPH_CUSTOM_COPY)
  
  BLOCK_CIPHER_custom(NID_aes, 128, 1, 12, gcm, GCM,
@@ -1019,7 +1019,7 @@ diff -up openssl-1.1.0d/crypto/evp/e_aes.c.fips openssl-1.1.0d/crypto/evp/e_aes.
  
  static int aes_xts_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
  {
-@@ -1906,6 +1914,14 @@ static int aes_xts_cipher(EVP_CIPHER_CTX
+@@ -1908,6 +1916,14 @@ static int aes_xts_cipher(EVP_CIPHER_CTX
          return 0;
      if (!out || !in || len < AES_BLOCK_SIZE)
          return 0;
@@ -1034,7 +1034,7 @@ diff -up openssl-1.1.0d/crypto/evp/e_aes.c.fips openssl-1.1.0d/crypto/evp/e_aes.
      if (xctx->stream)
          (*xctx->stream) (in, out, len,
                           xctx->xts.key1, xctx->xts.key2,
-@@ -1923,8 +1939,10 @@ static int aes_xts_cipher(EVP_CIPHER_CTX
+@@ -1925,8 +1941,10 @@ static int aes_xts_cipher(EVP_CIPHER_CTX
                           | EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CTRL_INIT \
                           | EVP_CIPH_CUSTOM_COPY)
  
@@ -1047,7 +1047,7 @@ diff -up openssl-1.1.0d/crypto/evp/e_aes.c.fips openssl-1.1.0d/crypto/evp/e_aes.
  
  static int aes_ccm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
  {
-@@ -2187,11 +2205,11 @@ static int aes_ccm_cipher(EVP_CIPHER_CTX
+@@ -2189,11 +2207,11 @@ static int aes_ccm_cipher(EVP_CIPHER_CTX
  #define aes_ccm_cleanup NULL
  
  BLOCK_CIPHER_custom(NID_aes, 128, 1, 12, ccm, CCM,
@@ -1062,7 +1062,7 @@ diff -up openssl-1.1.0d/crypto/evp/e_aes.c.fips openssl-1.1.0d/crypto/evp/e_aes.
  
  typedef struct {
      union {
-@@ -2284,7 +2302,7 @@ static int aes_wrap_cipher(EVP_CIPHER_CT
+@@ -2286,7 +2304,7 @@ static int aes_wrap_cipher(EVP_CIPHER_CT
      return rv ? (int)rv : -1;
  }
  
@@ -1071,9 +1071,9 @@ diff -up openssl-1.1.0d/crypto/evp/e_aes.c.fips openssl-1.1.0d/crypto/evp/e_aes.
                  | EVP_CIPH_CUSTOM_IV | EVP_CIPH_FLAG_CUSTOM_CIPHER \
                  | EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_FLAG_DEFAULT_ASN1)
  
-diff -up openssl-1.1.0d/crypto/evp/e_des3.c.fips openssl-1.1.0d/crypto/evp/e_des3.c
---- openssl-1.1.0d/crypto/evp/e_des3.c.fips	2017-01-26 14:10:22.000000000 +0100
-+++ openssl-1.1.0d/crypto/evp/e_des3.c	2017-01-26 16:02:29.031334556 +0100
+diff -up openssl-1.1.0e/crypto/evp/e_des3.c.fips openssl-1.1.0e/crypto/evp/e_des3.c
+--- openssl-1.1.0e/crypto/evp/e_des3.c.fips	2017-02-16 12:58:21.000000000 +0100
++++ openssl-1.1.0e/crypto/evp/e_des3.c	2017-02-16 15:42:44.978362871 +0100
 @@ -211,16 +211,19 @@ BLOCK_CIPHER_defs(des_ede, DES_EDE_KEY,
  # define des_ede3_cbc_cipher des_ede_cbc_cipher
  # define des_ede3_ecb_cipher des_ede_ecb_cipher
@@ -1100,9 +1100,9 @@ diff -up openssl-1.1.0d/crypto/evp/e_des3.c.fips openssl-1.1.0d/crypto/evp/e_des
  
  static int des_ede_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
                              const unsigned char *iv, int enc)
-diff -up openssl-1.1.0d/crypto/evp/e_null.c.fips openssl-1.1.0d/crypto/evp/e_null.c
---- openssl-1.1.0d/crypto/evp/e_null.c.fips	2017-01-26 14:10:22.000000000 +0100
-+++ openssl-1.1.0d/crypto/evp/e_null.c	2017-01-26 16:02:29.031334556 +0100
+diff -up openssl-1.1.0e/crypto/evp/e_null.c.fips openssl-1.1.0e/crypto/evp/e_null.c
+--- openssl-1.1.0e/crypto/evp/e_null.c.fips	2017-02-16 12:58:21.000000000 +0100
++++ openssl-1.1.0e/crypto/evp/e_null.c	2017-02-16 15:42:44.978362871 +0100
 @@ -19,7 +19,8 @@ static int null_cipher(EVP_CIPHER_CTX *c
                         const unsigned char *in, size_t inl);
  static const EVP_CIPHER n_cipher = {
@@ -1113,9 +1113,9 @@ diff -up openssl-1.1.0d/crypto/evp/e_null.c.fips openssl-1.1.0d/crypto/evp/e_nul
      null_init_key,
      null_cipher,
      NULL,
-diff -up openssl-1.1.0d/crypto/evp/evp_enc.c.fips openssl-1.1.0d/crypto/evp/evp_enc.c
---- openssl-1.1.0d/crypto/evp/evp_enc.c.fips	2017-01-26 14:10:22.000000000 +0100
-+++ openssl-1.1.0d/crypto/evp/evp_enc.c	2017-01-26 16:02:29.032334529 +0100
+diff -up openssl-1.1.0e/crypto/evp/evp_enc.c.fips openssl-1.1.0e/crypto/evp/evp_enc.c
+--- openssl-1.1.0e/crypto/evp/evp_enc.c.fips	2017-02-16 12:58:21.000000000 +0100
++++ openssl-1.1.0e/crypto/evp/evp_enc.c	2017-02-16 15:45:17.526972401 +0100
 @@ -16,10 +16,19 @@
  #include <openssl/engine.h>
  #include "internal/evp_int.h"
@@ -1163,7 +1163,7 @@ diff -up openssl-1.1.0d/crypto/evp/evp_enc.c.fips openssl-1.1.0d/crypto/evp/evp_
  #ifndef OPENSSL_NO_ENGINE
      /*
       * Whether it's nice or not, "Inits" can be used on "Final"'d contexts so
-@@ -133,7 +154,7 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ct
+@@ -134,7 +155,7 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ct
          }
          ctx->key_len = cipher->key_len;
          /* Preserve wrap enable flag, zero everything else */
@@ -1171,8 +1171,8 @@ diff -up openssl-1.1.0d/crypto/evp/evp_enc.c.fips openssl-1.1.0d/crypto/evp/evp_
 +        ctx->flags &= EVP_CIPHER_CTX_FLAG_WRAP_ALLOW | EVP_CIPH_FLAG_NON_FIPS_ALLOW;
          if (ctx->cipher->flags & EVP_CIPH_CTRL_INIT) {
              if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_INIT, 0, NULL)) {
-                 EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_INITIALIZATION_ERROR);
-@@ -191,6 +212,18 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ct
+                 ctx->cipher = NULL;
+@@ -193,6 +214,18 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ct
              return 0;
          }
      }
@@ -1191,9 +1191,9 @@ diff -up openssl-1.1.0d/crypto/evp/evp_enc.c.fips openssl-1.1.0d/crypto/evp/evp_
  
      if (key || (ctx->cipher->flags & EVP_CIPH_ALWAYS_CALL_INIT)) {
          if (!ctx->cipher->init(ctx, key, iv, enc))
-diff -up openssl-1.1.0d/crypto/evp/evp_err.c.fips openssl-1.1.0d/crypto/evp/evp_err.c
---- openssl-1.1.0d/crypto/evp/evp_err.c.fips	2017-01-26 14:10:22.000000000 +0100
-+++ openssl-1.1.0d/crypto/evp/evp_err.c	2017-01-26 16:07:34.336167390 +0100
+diff -up openssl-1.1.0e/crypto/evp/evp_err.c.fips openssl-1.1.0e/crypto/evp/evp_err.c
+--- openssl-1.1.0e/crypto/evp/evp_err.c.fips	2017-02-16 12:58:21.000000000 +0100
++++ openssl-1.1.0e/crypto/evp/evp_err.c	2017-02-16 15:42:44.978362871 +0100
 @@ -24,6 +24,7 @@ static ERR_STRING_DATA EVP_str_functs[]
      {ERR_FUNC(EVP_F_AES_OCB_CIPHER), "aes_ocb_cipher"},
      {ERR_FUNC(EVP_F_AES_T4_INIT_KEY), "aes_t4_init_key"},
@@ -1218,9 +1218,9 @@ diff -up openssl-1.1.0d/crypto/evp/evp_err.c.fips openssl-1.1.0d/crypto/evp/evp_
      {ERR_REASON(EVP_R_UNKNOWN_CIPHER), "unknown cipher"},
      {ERR_REASON(EVP_R_UNKNOWN_DIGEST), "unknown digest"},
      {ERR_REASON(EVP_R_UNKNOWN_OPTION), "unknown option"},
-diff -up openssl-1.1.0d/crypto/evp/evp_lib.c.fips openssl-1.1.0d/crypto/evp/evp_lib.c
---- openssl-1.1.0d/crypto/evp/evp_lib.c.fips	2017-01-26 14:10:22.000000000 +0100
-+++ openssl-1.1.0d/crypto/evp/evp_lib.c	2017-01-26 16:02:29.032334529 +0100
+diff -up openssl-1.1.0e/crypto/evp/evp_lib.c.fips openssl-1.1.0e/crypto/evp/evp_lib.c
+--- openssl-1.1.0e/crypto/evp/evp_lib.c.fips	2017-02-16 12:58:21.000000000 +0100
++++ openssl-1.1.0e/crypto/evp/evp_lib.c	2017-02-16 15:42:44.978362871 +0100
 @@ -180,6 +180,9 @@ int EVP_CIPHER_impl_ctx_size(const EVP_C
  int EVP_Cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
                 const unsigned char *in, unsigned int inl)
@@ -1231,9 +1231,9 @@ diff -up openssl-1.1.0d/crypto/evp/evp_lib.c.fips openssl-1.1.0d/crypto/evp/evp_
      return ctx->cipher->do_cipher(ctx, out, in, inl);
  }
  
-diff -up openssl-1.1.0d/crypto/evp/m_sha1.c.fips openssl-1.1.0d/crypto/evp/m_sha1.c
---- openssl-1.1.0d/crypto/evp/m_sha1.c.fips	2017-01-26 14:10:22.000000000 +0100
-+++ openssl-1.1.0d/crypto/evp/m_sha1.c	2017-01-26 16:02:29.032334529 +0100
+diff -up openssl-1.1.0e/crypto/evp/m_sha1.c.fips openssl-1.1.0e/crypto/evp/m_sha1.c
+--- openssl-1.1.0e/crypto/evp/m_sha1.c.fips	2017-02-16 12:58:21.000000000 +0100
++++ openssl-1.1.0e/crypto/evp/m_sha1.c	2017-02-16 15:42:44.978362871 +0100
 @@ -94,7 +94,7 @@ static const EVP_MD sha1_md = {
      NID_sha1,
      NID_sha1WithRSAEncryption,
@@ -1279,9 +1279,9 @@ diff -up openssl-1.1.0d/crypto/evp/m_sha1.c.fips openssl-1.1.0d/crypto/evp/m_sha
      init512,
      update512,
      final512,
-diff -up openssl-1.1.0d/crypto/fips/build.info.fips openssl-1.1.0d/crypto/fips/build.info
---- openssl-1.1.0d/crypto/fips/build.info.fips	2017-01-26 16:02:29.032334529 +0100
-+++ openssl-1.1.0d/crypto/fips/build.info	2017-01-26 16:02:29.032334529 +0100
+diff -up openssl-1.1.0e/crypto/fips/build.info.fips openssl-1.1.0e/crypto/fips/build.info
+--- openssl-1.1.0e/crypto/fips/build.info.fips	2017-02-16 15:42:44.979362895 +0100
++++ openssl-1.1.0e/crypto/fips/build.info	2017-02-16 15:42:44.979362895 +0100
 @@ -0,0 +1,15 @@
 +LIBS=../../libcrypto
 +SOURCE[../../libcrypto]=\
@@ -1298,9 +1298,9 @@ diff -up openssl-1.1.0d/crypto/fips/build.info.fips openssl-1.1.0d/crypto/fips/b
 +SOURCE[fips_standalone_hmac]=fips_standalone_hmac.c
 +INCLUDE[fips_standalone_hmac]=../../include
 +DEPEND[fips_standalone_hmac]=../../libcrypto
-diff -up openssl-1.1.0d/crypto/fips/fips_aes_selftest.c.fips openssl-1.1.0d/crypto/fips/fips_aes_selftest.c
---- openssl-1.1.0d/crypto/fips/fips_aes_selftest.c.fips	2017-01-26 16:02:29.033334502 +0100
-+++ openssl-1.1.0d/crypto/fips/fips_aes_selftest.c	2017-01-26 16:02:29.033334502 +0100
+diff -up openssl-1.1.0e/crypto/fips/fips_aes_selftest.c.fips openssl-1.1.0e/crypto/fips/fips_aes_selftest.c
+--- openssl-1.1.0e/crypto/fips/fips_aes_selftest.c.fips	2017-02-16 15:42:44.979362895 +0100
++++ openssl-1.1.0e/crypto/fips/fips_aes_selftest.c	2017-02-16 15:42:44.979362895 +0100
 @@ -0,0 +1,372 @@
 +/* ====================================================================
 + * Copyright (c) 2003 The OpenSSL Project.  All rights reserved.
@@ -1674,9 +1674,9 @@ diff -up openssl-1.1.0d/crypto/fips/fips_aes_selftest.c.fips openssl-1.1.0d/cryp
 +}
 +
 +#endif
-diff -up openssl-1.1.0d/crypto/fips/fips.c.fips openssl-1.1.0d/crypto/fips/fips.c
---- openssl-1.1.0d/crypto/fips/fips.c.fips	2017-01-26 16:02:29.033334502 +0100
-+++ openssl-1.1.0d/crypto/fips/fips.c	2017-01-26 16:02:29.033334502 +0100
+diff -up openssl-1.1.0e/crypto/fips/fips.c.fips openssl-1.1.0e/crypto/fips/fips.c
+--- openssl-1.1.0e/crypto/fips/fips.c.fips	2017-02-16 15:42:44.979362895 +0100
++++ openssl-1.1.0e/crypto/fips/fips.c	2017-02-16 15:42:44.979362895 +0100
 @@ -0,0 +1,526 @@
 +/* ====================================================================
 + * Copyright (c) 2003 The OpenSSL Project.  All rights reserved.
@@ -2204,9 +2204,9 @@ diff -up openssl-1.1.0d/crypto/fips/fips.c.fips openssl-1.1.0d/crypto/fips/fips.
 +}
 +
 +#endif
-diff -up openssl-1.1.0d/crypto/fips/fips_cmac_selftest.c.fips openssl-1.1.0d/crypto/fips/fips_cmac_selftest.c
---- openssl-1.1.0d/crypto/fips/fips_cmac_selftest.c.fips	2017-01-26 16:02:29.033334502 +0100
-+++ openssl-1.1.0d/crypto/fips/fips_cmac_selftest.c	2017-01-26 16:02:29.033334502 +0100
+diff -up openssl-1.1.0e/crypto/fips/fips_cmac_selftest.c.fips openssl-1.1.0e/crypto/fips/fips_cmac_selftest.c
+--- openssl-1.1.0e/crypto/fips/fips_cmac_selftest.c.fips	2017-02-16 15:42:44.979362895 +0100
++++ openssl-1.1.0e/crypto/fips/fips_cmac_selftest.c	2017-02-16 15:42:44.979362895 +0100
 @@ -0,0 +1,156 @@
 +/* ====================================================================
 + * Copyright (c) 2011 The OpenSSL Project.  All rights reserved.
@@ -2364,9 +2364,9 @@ diff -up openssl-1.1.0d/crypto/fips/fips_cmac_selftest.c.fips openssl-1.1.0d/cry
 +    return rv;
 +}
 +#endif
-diff -up openssl-1.1.0d/crypto/fips/fips_des_selftest.c.fips openssl-1.1.0d/crypto/fips/fips_des_selftest.c
---- openssl-1.1.0d/crypto/fips/fips_des_selftest.c.fips	2017-01-26 16:02:29.033334502 +0100
-+++ openssl-1.1.0d/crypto/fips/fips_des_selftest.c	2017-01-26 16:02:29.033334502 +0100
+diff -up openssl-1.1.0e/crypto/fips/fips_des_selftest.c.fips openssl-1.1.0e/crypto/fips/fips_des_selftest.c
+--- openssl-1.1.0e/crypto/fips/fips_des_selftest.c.fips	2017-02-16 15:42:44.979362895 +0100
++++ openssl-1.1.0e/crypto/fips/fips_des_selftest.c	2017-02-16 15:42:44.979362895 +0100
 @@ -0,0 +1,133 @@
 +/* ====================================================================
 + * Copyright (c) 2003 The OpenSSL Project.  All rights reserved.
@@ -2501,9 +2501,9 @@ diff -up openssl-1.1.0d/crypto/fips/fips_des_selftest.c.fips openssl-1.1.0d/cryp
 +    return ret;
 +}
 +#endif
-diff -up openssl-1.1.0d/crypto/fips/fips_dh_selftest.c.fips openssl-1.1.0d/crypto/fips/fips_dh_selftest.c
---- openssl-1.1.0d/crypto/fips/fips_dh_selftest.c.fips	2017-01-26 16:02:29.035334448 +0100
-+++ openssl-1.1.0d/crypto/fips/fips_dh_selftest.c	2017-01-26 16:02:29.035334448 +0100
+diff -up openssl-1.1.0e/crypto/fips/fips_dh_selftest.c.fips openssl-1.1.0e/crypto/fips/fips_dh_selftest.c
+--- openssl-1.1.0e/crypto/fips/fips_dh_selftest.c.fips	2017-02-16 15:42:44.979362895 +0100
++++ openssl-1.1.0e/crypto/fips/fips_dh_selftest.c	2017-02-16 15:42:44.979362895 +0100
 @@ -0,0 +1,180 @@
 +/* ====================================================================
 + * Copyright (c) 2011 The OpenSSL Project.  All rights reserved.
@@ -2685,9 +2685,9 @@ diff -up openssl-1.1.0d/crypto/fips/fips_dh_selftest.c.fips openssl-1.1.0d/crypt
 +    return ret;
 +}
 +#endif
-diff -up openssl-1.1.0d/crypto/fips/fips_drbg_ctr.c.fips openssl-1.1.0d/crypto/fips/fips_drbg_ctr.c
---- openssl-1.1.0d/crypto/fips/fips_drbg_ctr.c.fips	2017-01-26 16:02:29.035334448 +0100
-+++ openssl-1.1.0d/crypto/fips/fips_drbg_ctr.c	2017-01-26 16:02:29.035334448 +0100
+diff -up openssl-1.1.0e/crypto/fips/fips_drbg_ctr.c.fips openssl-1.1.0e/crypto/fips/fips_drbg_ctr.c
+--- openssl-1.1.0e/crypto/fips/fips_drbg_ctr.c.fips	2017-02-16 15:42:44.980362918 +0100
++++ openssl-1.1.0e/crypto/fips/fips_drbg_ctr.c	2017-02-16 15:42:44.980362918 +0100
 @@ -0,0 +1,415 @@
 +/* fips/rand/fips_drbg_ctr.c */
 +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
@@ -3104,9 +3104,9 @@ diff -up openssl-1.1.0d/crypto/fips/fips_drbg_ctr.c.fips openssl-1.1.0d/crypto/f
 +
 +    return 1;
 +}
-diff -up openssl-1.1.0d/crypto/fips/fips_drbg_hash.c.fips openssl-1.1.0d/crypto/fips/fips_drbg_hash.c
---- openssl-1.1.0d/crypto/fips/fips_drbg_hash.c.fips	2017-01-26 16:02:29.036334422 +0100
-+++ openssl-1.1.0d/crypto/fips/fips_drbg_hash.c	2017-01-26 16:02:29.035334448 +0100
+diff -up openssl-1.1.0e/crypto/fips/fips_drbg_hash.c.fips openssl-1.1.0e/crypto/fips/fips_drbg_hash.c
+--- openssl-1.1.0e/crypto/fips/fips_drbg_hash.c.fips	2017-02-16 15:42:44.980362918 +0100
++++ openssl-1.1.0e/crypto/fips/fips_drbg_hash.c	2017-02-16 15:42:44.980362918 +0100
 @@ -0,0 +1,361 @@
 +/* fips/rand/fips_drbg_hash.c */
 +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
@@ -3469,9 +3469,9 @@ diff -up openssl-1.1.0d/crypto/fips/fips_drbg_hash.c.fips openssl-1.1.0d/crypto/
 +
 +    return 1;
 +}
-diff -up openssl-1.1.0d/crypto/fips/fips_drbg_hmac.c.fips openssl-1.1.0d/crypto/fips/fips_drbg_hmac.c
---- openssl-1.1.0d/crypto/fips/fips_drbg_hmac.c.fips	2017-01-26 16:02:29.036334422 +0100
-+++ openssl-1.1.0d/crypto/fips/fips_drbg_hmac.c	2017-01-26 16:02:29.036334422 +0100
+diff -up openssl-1.1.0e/crypto/fips/fips_drbg_hmac.c.fips openssl-1.1.0e/crypto/fips/fips_drbg_hmac.c
+--- openssl-1.1.0e/crypto/fips/fips_drbg_hmac.c.fips	2017-02-16 15:42:44.980362918 +0100
++++ openssl-1.1.0e/crypto/fips/fips_drbg_hmac.c	2017-02-16 15:42:44.980362918 +0100
 @@ -0,0 +1,272 @@
 +/* fips/rand/fips_drbg_hmac.c */
 +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
@@ -3745,9 +3745,9 @@ diff -up openssl-1.1.0d/crypto/fips/fips_drbg_hmac.c.fips openssl-1.1.0d/crypto/
 +
 +    return 1;
 +}
-diff -up openssl-1.1.0d/crypto/fips/fips_drbg_lib.c.fips openssl-1.1.0d/crypto/fips/fips_drbg_lib.c
---- openssl-1.1.0d/crypto/fips/fips_drbg_lib.c.fips	2017-01-26 16:02:29.036334422 +0100
-+++ openssl-1.1.0d/crypto/fips/fips_drbg_lib.c	2017-01-26 16:02:29.036334422 +0100
+diff -up openssl-1.1.0e/crypto/fips/fips_drbg_lib.c.fips openssl-1.1.0e/crypto/fips/fips_drbg_lib.c
+--- openssl-1.1.0e/crypto/fips/fips_drbg_lib.c.fips	2017-02-16 15:42:44.980362918 +0100
++++ openssl-1.1.0e/crypto/fips/fips_drbg_lib.c	2017-02-16 15:42:44.980362918 +0100
 @@ -0,0 +1,555 @@
 +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
 + * project.
@@ -4304,9 +4304,9 @@ diff -up openssl-1.1.0d/crypto/fips/fips_drbg_lib.c.fips openssl-1.1.0d/crypto/f
 +    memcpy(dctx->lb, out, dctx->blocklength);
 +    return 1;
 +}
-diff -up openssl-1.1.0d/crypto/fips/fips_drbg_rand.c.fips openssl-1.1.0d/crypto/fips/fips_drbg_rand.c
---- openssl-1.1.0d/crypto/fips/fips_drbg_rand.c.fips	2017-01-26 16:02:29.036334422 +0100
-+++ openssl-1.1.0d/crypto/fips/fips_drbg_rand.c	2017-01-26 16:02:29.036334422 +0100
+diff -up openssl-1.1.0e/crypto/fips/fips_drbg_rand.c.fips openssl-1.1.0e/crypto/fips/fips_drbg_rand.c
+--- openssl-1.1.0e/crypto/fips/fips_drbg_rand.c.fips	2017-02-16 15:42:44.980362918 +0100
++++ openssl-1.1.0e/crypto/fips/fips_drbg_rand.c	2017-02-16 15:42:44.980362918 +0100
 @@ -0,0 +1,183 @@
 +/* fips/rand/fips_drbg_rand.c */
 +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
@@ -4491,9 +4491,9 @@ diff -up openssl-1.1.0d/crypto/fips/fips_drbg_rand.c.fips openssl-1.1.0d/crypto/
 +{
 +    return &rand_drbg_meth;
 +}
-diff -up openssl-1.1.0d/crypto/fips/fips_drbg_selftest.c.fips openssl-1.1.0d/crypto/fips/fips_drbg_selftest.c
---- openssl-1.1.0d/crypto/fips/fips_drbg_selftest.c.fips	2017-01-26 16:02:29.037334395 +0100
-+++ openssl-1.1.0d/crypto/fips/fips_drbg_selftest.c	2017-01-26 16:02:29.037334395 +0100
+diff -up openssl-1.1.0e/crypto/fips/fips_drbg_selftest.c.fips openssl-1.1.0e/crypto/fips/fips_drbg_selftest.c
+--- openssl-1.1.0e/crypto/fips/fips_drbg_selftest.c.fips	2017-02-16 15:42:44.981362942 +0100
++++ openssl-1.1.0e/crypto/fips/fips_drbg_selftest.c	2017-02-16 15:42:44.981362942 +0100
 @@ -0,0 +1,828 @@
 +/* fips/rand/fips_drbg_selftest.c */
 +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
@@ -5323,9 +5323,9 @@ diff -up openssl-1.1.0d/crypto/fips/fips_drbg_selftest.c.fips openssl-1.1.0d/cry
 +    FIPS_drbg_free(dctx);
 +    return rv;
 +}
-diff -up openssl-1.1.0d/crypto/fips/fips_drbg_selftest.h.fips openssl-1.1.0d/crypto/fips/fips_drbg_selftest.h
---- openssl-1.1.0d/crypto/fips/fips_drbg_selftest.h.fips	2017-01-26 16:02:29.037334395 +0100
-+++ openssl-1.1.0d/crypto/fips/fips_drbg_selftest.h	2017-01-26 16:02:29.037334395 +0100
+diff -up openssl-1.1.0e/crypto/fips/fips_drbg_selftest.h.fips openssl-1.1.0e/crypto/fips/fips_drbg_selftest.h
+--- openssl-1.1.0e/crypto/fips/fips_drbg_selftest.h.fips	2017-02-16 15:42:44.982362966 +0100
++++ openssl-1.1.0e/crypto/fips/fips_drbg_selftest.h	2017-02-16 15:42:44.982362966 +0100
 @@ -0,0 +1,1791 @@
 +/* ====================================================================
 + * Copyright (c) 2011 The OpenSSL Project.  All rights reserved.
@@ -7118,9 +7118,9 @@ diff -up openssl-1.1.0d/crypto/fips/fips_drbg_selftest.h.fips openssl-1.1.0d/cry
 +    0xef, 0x05, 0x9e, 0xb8, 0xc7, 0x52, 0xe4, 0x0e, 0x42, 0xaa, 0x7c, 0x79,
 +    0xc2, 0xd6, 0xfd, 0xa5
 +};
-diff -up openssl-1.1.0d/crypto/fips/fips_dsa_selftest.c.fips openssl-1.1.0d/crypto/fips/fips_dsa_selftest.c
---- openssl-1.1.0d/crypto/fips/fips_dsa_selftest.c.fips	2017-01-26 16:02:29.038334368 +0100
-+++ openssl-1.1.0d/crypto/fips/fips_dsa_selftest.c	2017-01-26 16:02:29.038334368 +0100
+diff -up openssl-1.1.0e/crypto/fips/fips_dsa_selftest.c.fips openssl-1.1.0e/crypto/fips/fips_dsa_selftest.c
+--- openssl-1.1.0e/crypto/fips/fips_dsa_selftest.c.fips	2017-02-16 15:42:44.982362966 +0100
++++ openssl-1.1.0e/crypto/fips/fips_dsa_selftest.c	2017-02-16 15:42:44.982362966 +0100
 @@ -0,0 +1,195 @@
 +/* ====================================================================
 + * Copyright (c) 2011 The OpenSSL Project.  All rights reserved.
@@ -7317,9 +7317,9 @@ diff -up openssl-1.1.0d/crypto/fips/fips_dsa_selftest.c.fips openssl-1.1.0d/cryp
 +    return ret;
 +}
 +#endif
-diff -up openssl-1.1.0d/crypto/fips/fips_ecdh_selftest.c.fips openssl-1.1.0d/crypto/fips/fips_ecdh_selftest.c
---- openssl-1.1.0d/crypto/fips/fips_ecdh_selftest.c.fips	2017-01-26 16:02:29.038334368 +0100
-+++ openssl-1.1.0d/crypto/fips/fips_ecdh_selftest.c	2017-01-26 16:02:29.038334368 +0100
+diff -up openssl-1.1.0e/crypto/fips/fips_ecdh_selftest.c.fips openssl-1.1.0e/crypto/fips/fips_ecdh_selftest.c
+--- openssl-1.1.0e/crypto/fips/fips_ecdh_selftest.c.fips	2017-02-16 15:42:44.982362966 +0100
++++ openssl-1.1.0e/crypto/fips/fips_ecdh_selftest.c	2017-02-16 15:42:44.982362966 +0100
 @@ -0,0 +1,242 @@
 +/* fips/ecdh/fips_ecdh_selftest.c */
 +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
@@ -7563,9 +7563,9 @@ diff -up openssl-1.1.0d/crypto/fips/fips_ecdh_selftest.c.fips openssl-1.1.0d/cry
 +}
 +
 +#endif
-diff -up openssl-1.1.0d/crypto/fips/fips_ecdsa_selftest.c.fips openssl-1.1.0d/crypto/fips/fips_ecdsa_selftest.c
---- openssl-1.1.0d/crypto/fips/fips_ecdsa_selftest.c.fips	2017-01-26 16:02:29.038334368 +0100
-+++ openssl-1.1.0d/crypto/fips/fips_ecdsa_selftest.c	2017-01-26 16:02:29.038334368 +0100
+diff -up openssl-1.1.0e/crypto/fips/fips_ecdsa_selftest.c.fips openssl-1.1.0e/crypto/fips/fips_ecdsa_selftest.c
+--- openssl-1.1.0e/crypto/fips/fips_ecdsa_selftest.c.fips	2017-02-16 15:42:44.982362966 +0100
++++ openssl-1.1.0e/crypto/fips/fips_ecdsa_selftest.c	2017-02-16 15:42:44.982362966 +0100
 @@ -0,0 +1,166 @@
 +/* fips/ecdsa/fips_ecdsa_selftest.c */
 +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
@@ -7733,9 +7733,9 @@ diff -up openssl-1.1.0d/crypto/fips/fips_ecdsa_selftest.c.fips openssl-1.1.0d/cr
 +}
 +
 +#endif
-diff -up openssl-1.1.0d/crypto/fips/fips_enc.c.fips openssl-1.1.0d/crypto/fips/fips_enc.c
---- openssl-1.1.0d/crypto/fips/fips_enc.c.fips	2017-01-26 16:02:29.038334368 +0100
-+++ openssl-1.1.0d/crypto/fips/fips_enc.c	2017-01-26 16:02:29.038334368 +0100
+diff -up openssl-1.1.0e/crypto/fips/fips_enc.c.fips openssl-1.1.0e/crypto/fips/fips_enc.c
+--- openssl-1.1.0e/crypto/fips/fips_enc.c.fips	2017-02-16 15:42:44.982362966 +0100
++++ openssl-1.1.0e/crypto/fips/fips_enc.c	2017-02-16 15:42:44.982362966 +0100
 @@ -0,0 +1,189 @@
 +/* fipe/evp/fips_enc.c */
 +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
@@ -7926,9 +7926,9 @@ diff -up openssl-1.1.0d/crypto/fips/fips_enc.c.fips openssl-1.1.0d/crypto/fips/f
 +
 +    }
 +}
-diff -up openssl-1.1.0d/crypto/fips/fips_err.h.fips openssl-1.1.0d/crypto/fips/fips_err.h
---- openssl-1.1.0d/crypto/fips/fips_err.h.fips	2017-01-26 16:02:29.038334368 +0100
-+++ openssl-1.1.0d/crypto/fips/fips_err.h	2017-01-26 16:02:29.038334368 +0100
+diff -up openssl-1.1.0e/crypto/fips/fips_err.h.fips openssl-1.1.0e/crypto/fips/fips_err.h
+--- openssl-1.1.0e/crypto/fips/fips_err.h.fips	2017-02-16 15:42:44.983362989 +0100
++++ openssl-1.1.0e/crypto/fips/fips_err.h	2017-02-16 15:42:44.983362989 +0100
 @@ -0,0 +1,196 @@
 +/* crypto/fips_err.h */
 +/* ====================================================================
@@ -8126,9 +8126,9 @@ diff -up openssl-1.1.0d/crypto/fips/fips_err.h.fips openssl-1.1.0d/crypto/fips/f
 +#endif
 +    return 1;
 +}
-diff -up openssl-1.1.0d/crypto/fips/fips_ers.c.fips openssl-1.1.0d/crypto/fips/fips_ers.c
---- openssl-1.1.0d/crypto/fips/fips_ers.c.fips	2017-01-26 16:02:29.039334342 +0100
-+++ openssl-1.1.0d/crypto/fips/fips_ers.c	2017-01-26 16:02:29.039334342 +0100
+diff -up openssl-1.1.0e/crypto/fips/fips_ers.c.fips openssl-1.1.0e/crypto/fips/fips_ers.c
+--- openssl-1.1.0e/crypto/fips/fips_ers.c.fips	2017-02-16 15:42:44.983362989 +0100
++++ openssl-1.1.0e/crypto/fips/fips_ers.c	2017-02-16 15:42:44.983362989 +0100
 @@ -0,0 +1,7 @@
 +#include <openssl/opensslconf.h>
 +
@@ -8137,9 +8137,9 @@ diff -up openssl-1.1.0d/crypto/fips/fips_ers.c.fips openssl-1.1.0d/crypto/fips/f
 +#else
 +static void *dummy = &dummy;
 +#endif
-diff -up openssl-1.1.0d/crypto/fips/fips_hmac_selftest.c.fips openssl-1.1.0d/crypto/fips/fips_hmac_selftest.c
---- openssl-1.1.0d/crypto/fips/fips_hmac_selftest.c.fips	2017-01-26 16:02:29.039334342 +0100
-+++ openssl-1.1.0d/crypto/fips/fips_hmac_selftest.c	2017-01-26 16:02:29.039334342 +0100
+diff -up openssl-1.1.0e/crypto/fips/fips_hmac_selftest.c.fips openssl-1.1.0e/crypto/fips/fips_hmac_selftest.c
+--- openssl-1.1.0e/crypto/fips/fips_hmac_selftest.c.fips	2017-02-16 15:42:44.983362989 +0100
++++ openssl-1.1.0e/crypto/fips/fips_hmac_selftest.c	2017-02-16 15:42:44.983362989 +0100
 @@ -0,0 +1,134 @@
 +/* ====================================================================
 + * Copyright (c) 2005 The OpenSSL Project.  All rights reserved.
@@ -8275,9 +8275,9 @@ diff -up openssl-1.1.0d/crypto/fips/fips_hmac_selftest.c.fips openssl-1.1.0d/cry
 +    return 1;
 +}
 +#endif
-diff -up openssl-1.1.0d/crypto/fips/fips_locl.h.fips openssl-1.1.0d/crypto/fips/fips_locl.h
---- openssl-1.1.0d/crypto/fips/fips_locl.h.fips	2017-01-26 16:02:29.039334342 +0100
-+++ openssl-1.1.0d/crypto/fips/fips_locl.h	2017-01-26 16:02:29.039334342 +0100
+diff -up openssl-1.1.0e/crypto/fips/fips_locl.h.fips openssl-1.1.0e/crypto/fips/fips_locl.h
+--- openssl-1.1.0e/crypto/fips/fips_locl.h.fips	2017-02-16 15:42:44.983362989 +0100
++++ openssl-1.1.0e/crypto/fips/fips_locl.h	2017-02-16 15:42:44.983362989 +0100
 @@ -0,0 +1,71 @@
 +/* ====================================================================
 + * Copyright (c) 2011 The OpenSSL Project.  All rights reserved.
@@ -8350,9 +8350,9 @@ diff -up openssl-1.1.0d/crypto/fips/fips_locl.h.fips openssl-1.1.0d/crypto/fips/
 +}
 +# endif
 +#endif
-diff -up openssl-1.1.0d/crypto/fips/fips_md.c.fips openssl-1.1.0d/crypto/fips/fips_md.c
---- openssl-1.1.0d/crypto/fips/fips_md.c.fips	2017-01-26 16:02:29.039334342 +0100
-+++ openssl-1.1.0d/crypto/fips/fips_md.c	2017-01-26 16:02:29.039334342 +0100
+diff -up openssl-1.1.0e/crypto/fips/fips_md.c.fips openssl-1.1.0e/crypto/fips/fips_md.c
+--- openssl-1.1.0e/crypto/fips/fips_md.c.fips	2017-02-16 15:42:44.983362989 +0100
++++ openssl-1.1.0e/crypto/fips/fips_md.c	2017-02-16 15:42:44.983362989 +0100
 @@ -0,0 +1,144 @@
 +/* fips/evp/fips_md.c */
 +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
@@ -8498,9 +8498,9 @@ diff -up openssl-1.1.0d/crypto/fips/fips_md.c.fips openssl-1.1.0d/crypto/fips/fi
 +        return NULL;
 +    }
 +}
-diff -up openssl-1.1.0d/crypto/fips/fips_post.c.fips openssl-1.1.0d/crypto/fips/fips_post.c
---- openssl-1.1.0d/crypto/fips/fips_post.c.fips	2017-01-26 16:02:29.039334342 +0100
-+++ openssl-1.1.0d/crypto/fips/fips_post.c	2017-01-26 16:02:29.039334342 +0100
+diff -up openssl-1.1.0e/crypto/fips/fips_post.c.fips openssl-1.1.0e/crypto/fips/fips_post.c
+--- openssl-1.1.0e/crypto/fips/fips_post.c.fips	2017-02-16 15:42:44.983362989 +0100
++++ openssl-1.1.0e/crypto/fips/fips_post.c	2017-02-16 15:42:44.983362989 +0100
 @@ -0,0 +1,222 @@
 +/* ====================================================================
 + * Copyright (c) 2011 The OpenSSL Project.  All rights reserved.
@@ -8724,9 +8724,9 @@ diff -up openssl-1.1.0d/crypto/fips/fips_post.c.fips openssl-1.1.0d/crypto/fips/
 +    return 1;
 +}
 +#endif
-diff -up openssl-1.1.0d/crypto/fips/fips_rand_lcl.h.fips openssl-1.1.0d/crypto/fips/fips_rand_lcl.h
---- openssl-1.1.0d/crypto/fips/fips_rand_lcl.h.fips	2017-01-26 16:02:29.039334342 +0100
-+++ openssl-1.1.0d/crypto/fips/fips_rand_lcl.h	2017-01-26 16:02:29.039334342 +0100
+diff -up openssl-1.1.0e/crypto/fips/fips_rand_lcl.h.fips openssl-1.1.0e/crypto/fips/fips_rand_lcl.h
+--- openssl-1.1.0e/crypto/fips/fips_rand_lcl.h.fips	2017-02-16 15:42:44.983362989 +0100
++++ openssl-1.1.0e/crypto/fips/fips_rand_lcl.h	2017-02-16 15:42:44.983362989 +0100
 @@ -0,0 +1,209 @@
 +/* fips/rand/fips_rand_lcl.h */
 +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
@@ -8937,9 +8937,9 @@ diff -up openssl-1.1.0d/crypto/fips/fips_rand_lcl.h.fips openssl-1.1.0d/crypto/f
 +#define FIPS_digestupdate EVP_DigestUpdate
 +#define FIPS_digestfinal EVP_DigestFinal
 +#define M_EVP_MD_size EVP_MD_size
-diff -up openssl-1.1.0d/crypto/fips/fips_rand_lib.c.fips openssl-1.1.0d/crypto/fips/fips_rand_lib.c
---- openssl-1.1.0d/crypto/fips/fips_rand_lib.c.fips	2017-01-26 16:02:29.040334315 +0100
-+++ openssl-1.1.0d/crypto/fips/fips_rand_lib.c	2017-01-26 16:02:29.039334342 +0100
+diff -up openssl-1.1.0e/crypto/fips/fips_rand_lib.c.fips openssl-1.1.0e/crypto/fips/fips_rand_lib.c
+--- openssl-1.1.0e/crypto/fips/fips_rand_lib.c.fips	2017-02-16 15:42:44.984363013 +0100
++++ openssl-1.1.0e/crypto/fips/fips_rand_lib.c	2017-02-16 15:42:44.983362989 +0100
 @@ -0,0 +1,234 @@
 +/* ====================================================================
 + * Copyright (c) 2011 The OpenSSL Project.  All rights reserved.
@@ -9175,9 +9175,9 @@ diff -up openssl-1.1.0d/crypto/fips/fips_rand_lib.c.fips openssl-1.1.0d/crypto/f
 +# endif
 +}
 +
-diff -up openssl-1.1.0d/crypto/fips/fips_randtest.c.fips openssl-1.1.0d/crypto/fips/fips_randtest.c
---- openssl-1.1.0d/crypto/fips/fips_randtest.c.fips	2017-01-26 16:02:29.040334315 +0100
-+++ openssl-1.1.0d/crypto/fips/fips_randtest.c	2017-01-26 16:02:29.040334315 +0100
+diff -up openssl-1.1.0e/crypto/fips/fips_randtest.c.fips openssl-1.1.0e/crypto/fips/fips_randtest.c
+--- openssl-1.1.0e/crypto/fips/fips_randtest.c.fips	2017-02-16 15:42:44.984363013 +0100
++++ openssl-1.1.0e/crypto/fips/fips_randtest.c	2017-02-16 15:42:44.984363013 +0100
 @@ -0,0 +1,247 @@
 +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 + * All rights reserved.
@@ -9426,9 +9426,9 @@ diff -up openssl-1.1.0d/crypto/fips/fips_randtest.c.fips openssl-1.1.0d/crypto/f
 +}
 +
 +#endif
-diff -up openssl-1.1.0d/crypto/fips/fips_rsa_selftest.c.fips openssl-1.1.0d/crypto/fips/fips_rsa_selftest.c
---- openssl-1.1.0d/crypto/fips/fips_rsa_selftest.c.fips	2017-01-26 16:02:29.040334315 +0100
-+++ openssl-1.1.0d/crypto/fips/fips_rsa_selftest.c	2017-01-26 16:02:29.040334315 +0100
+diff -up openssl-1.1.0e/crypto/fips/fips_rsa_selftest.c.fips openssl-1.1.0e/crypto/fips/fips_rsa_selftest.c
+--- openssl-1.1.0e/crypto/fips/fips_rsa_selftest.c.fips	2017-02-16 15:42:44.984363013 +0100
++++ openssl-1.1.0e/crypto/fips/fips_rsa_selftest.c	2017-02-16 15:42:44.984363013 +0100
 @@ -0,0 +1,578 @@
 +/* ====================================================================
 + * Copyright (c) 2003-2007 The OpenSSL Project.  All rights reserved.
@@ -10008,9 +10008,9 @@ diff -up openssl-1.1.0d/crypto/fips/fips_rsa_selftest.c.fips openssl-1.1.0d/cryp
 +}
 +
 +#endif                          /* def OPENSSL_FIPS */
-diff -up openssl-1.1.0d/crypto/fips/fips_sha_selftest.c.fips openssl-1.1.0d/crypto/fips/fips_sha_selftest.c
---- openssl-1.1.0d/crypto/fips/fips_sha_selftest.c.fips	2017-01-26 16:02:29.040334315 +0100
-+++ openssl-1.1.0d/crypto/fips/fips_sha_selftest.c	2017-01-26 16:02:29.040334315 +0100
+diff -up openssl-1.1.0e/crypto/fips/fips_sha_selftest.c.fips openssl-1.1.0e/crypto/fips/fips_sha_selftest.c
+--- openssl-1.1.0e/crypto/fips/fips_sha_selftest.c.fips	2017-02-16 15:42:44.984363013 +0100
++++ openssl-1.1.0e/crypto/fips/fips_sha_selftest.c	2017-02-16 15:42:44.984363013 +0100
 @@ -0,0 +1,138 @@
 +/* ====================================================================
 + * Copyright (c) 2003 The OpenSSL Project.  All rights reserved.
@@ -10150,9 +10150,9 @@ diff -up openssl-1.1.0d/crypto/fips/fips_sha_selftest.c.fips openssl-1.1.0d/cryp
 +}
 +
 +#endif
-diff -up openssl-1.1.0d/crypto/fips/fips_standalone_hmac.c.fips openssl-1.1.0d/crypto/fips/fips_standalone_hmac.c
---- openssl-1.1.0d/crypto/fips/fips_standalone_hmac.c.fips	2017-01-26 16:02:29.040334315 +0100
-+++ openssl-1.1.0d/crypto/fips/fips_standalone_hmac.c	2017-01-26 16:02:29.040334315 +0100
+diff -up openssl-1.1.0e/crypto/fips/fips_standalone_hmac.c.fips openssl-1.1.0e/crypto/fips/fips_standalone_hmac.c
+--- openssl-1.1.0e/crypto/fips/fips_standalone_hmac.c.fips	2017-02-16 15:42:44.984363013 +0100
++++ openssl-1.1.0e/crypto/fips/fips_standalone_hmac.c	2017-02-16 15:42:44.984363013 +0100
 @@ -0,0 +1,127 @@
 +/* ====================================================================
 + * Copyright (c) 2003 The OpenSSL Project.  All rights reserved.
@@ -10281,9 +10281,9 @@ diff -up openssl-1.1.0d/crypto/fips/fips_standalone_hmac.c.fips openssl-1.1.0d/c
 +#endif
 +    return 0;
 +}
-diff -up openssl-1.1.0d/crypto/hmac/hmac.c.fips openssl-1.1.0d/crypto/hmac/hmac.c
---- openssl-1.1.0d/crypto/hmac/hmac.c.fips	2017-01-26 14:10:22.000000000 +0100
-+++ openssl-1.1.0d/crypto/hmac/hmac.c	2017-01-26 16:02:29.041334288 +0100
+diff -up openssl-1.1.0e/crypto/hmac/hmac.c.fips openssl-1.1.0e/crypto/hmac/hmac.c
+--- openssl-1.1.0e/crypto/hmac/hmac.c.fips	2017-02-16 12:58:21.000000000 +0100
++++ openssl-1.1.0e/crypto/hmac/hmac.c	2017-02-16 15:42:44.984363013 +0100
 @@ -35,6 +35,13 @@ int HMAC_Init_ex(HMAC_CTX *ctx, const vo
      }
  
@@ -10298,9 +10298,9 @@ diff -up openssl-1.1.0d/crypto/hmac/hmac.c.fips openssl-1.1.0d/crypto/hmac/hmac.
          reset = 1;
          j = EVP_MD_block_size(md);
          OPENSSL_assert(j <= (int)sizeof(ctx->key));
-diff -up openssl-1.1.0d/crypto/include/internal/fips_int.h.fips openssl-1.1.0d/crypto/include/internal/fips_int.h
---- openssl-1.1.0d/crypto/include/internal/fips_int.h.fips	2017-01-26 16:02:29.041334288 +0100
-+++ openssl-1.1.0d/crypto/include/internal/fips_int.h	2017-01-26 16:02:29.041334288 +0100
+diff -up openssl-1.1.0e/crypto/include/internal/fips_int.h.fips openssl-1.1.0e/crypto/include/internal/fips_int.h
+--- openssl-1.1.0e/crypto/include/internal/fips_int.h.fips	2017-02-16 15:42:44.985363037 +0100
++++ openssl-1.1.0e/crypto/include/internal/fips_int.h	2017-02-16 15:42:44.985363037 +0100
 @@ -0,0 +1,101 @@
 +/* ====================================================================
 + * Copyright (c) 2003 The OpenSSL Project.  All rights reserved.
@@ -10403,9 +10403,9 @@ diff -up openssl-1.1.0d/crypto/include/internal/fips_int.h.fips openssl-1.1.0d/c
 +void FIPS_get_timevec(unsigned char *buf, unsigned long *pctr);
 +
 +#endif
-diff -up openssl-1.1.0d/crypto/o_fips.c.fips openssl-1.1.0d/crypto/o_fips.c
---- openssl-1.1.0d/crypto/o_fips.c.fips	2017-01-26 14:10:23.000000000 +0100
-+++ openssl-1.1.0d/crypto/o_fips.c	2017-01-26 16:02:29.041334288 +0100
+diff -up openssl-1.1.0e/crypto/o_fips.c.fips openssl-1.1.0e/crypto/o_fips.c
+--- openssl-1.1.0e/crypto/o_fips.c.fips	2017-02-16 12:58:21.000000000 +0100
++++ openssl-1.1.0e/crypto/o_fips.c	2017-02-16 15:42:44.985363037 +0100
 @@ -9,7 +9,10 @@
  
  #include "internal/cryptlib.h"
@@ -10434,9 +10434,9 @@ diff -up openssl-1.1.0d/crypto/o_fips.c.fips openssl-1.1.0d/crypto/o_fips.c
  #else
      if (r == 0)
          return 1;
-diff -up openssl-1.1.0d/crypto/o_init.c.fips openssl-1.1.0d/crypto/o_init.c
---- openssl-1.1.0d/crypto/o_init.c.fips	2017-01-26 14:10:23.000000000 +0100
-+++ openssl-1.1.0d/crypto/o_init.c	2017-01-26 16:02:29.041334288 +0100
+diff -up openssl-1.1.0e/crypto/o_init.c.fips openssl-1.1.0e/crypto/o_init.c
+--- openssl-1.1.0e/crypto/o_init.c.fips	2017-02-16 12:58:21.000000000 +0100
++++ openssl-1.1.0e/crypto/o_init.c	2017-02-16 15:42:44.985363037 +0100
 @@ -7,11 +7,50 @@
   * https://www.openssl.org/source/license.html
   */
@@ -10523,9 +10523,9 @@ diff -up openssl-1.1.0d/crypto/o_init.c.fips openssl-1.1.0d/crypto/o_init.c
 +{
 +    OPENSSL_init_library();
 +}
-diff -up openssl-1.1.0d/crypto/rand/md_rand.c.fips openssl-1.1.0d/crypto/rand/md_rand.c
---- openssl-1.1.0d/crypto/rand/md_rand.c.fips	2017-01-26 14:10:23.000000000 +0100
-+++ openssl-1.1.0d/crypto/rand/md_rand.c	2017-01-26 16:02:29.041334288 +0100
+diff -up openssl-1.1.0e/crypto/rand/md_rand.c.fips openssl-1.1.0e/crypto/rand/md_rand.c
+--- openssl-1.1.0e/crypto/rand/md_rand.c.fips	2017-02-16 12:58:21.000000000 +0100
++++ openssl-1.1.0e/crypto/rand/md_rand.c	2017-02-16 15:42:44.985363037 +0100
 @@ -360,7 +360,7 @@ static int rand_bytes(unsigned char *buf
      CRYPTO_THREAD_unlock(rand_tmp_lock);
      crypto_lock_rand = 1;
@@ -10535,9 +10535,9 @@ diff -up openssl-1.1.0d/crypto/rand/md_rand.c.fips openssl-1.1.0d/crypto/rand/md
          RAND_poll();
          initialized = 1;
      }
-diff -up openssl-1.1.0d/crypto/rand/rand_err.c.fips openssl-1.1.0d/crypto/rand/rand_err.c
---- openssl-1.1.0d/crypto/rand/rand_err.c.fips	2017-01-26 14:10:23.000000000 +0100
-+++ openssl-1.1.0d/crypto/rand/rand_err.c	2017-01-26 16:02:29.041334288 +0100
+diff -up openssl-1.1.0e/crypto/rand/rand_err.c.fips openssl-1.1.0e/crypto/rand/rand_err.c
+--- openssl-1.1.0e/crypto/rand/rand_err.c.fips	2017-02-16 12:58:21.000000000 +0100
++++ openssl-1.1.0e/crypto/rand/rand_err.c	2017-02-16 15:42:44.985363037 +0100
 @@ -20,10 +20,13 @@
  
  static ERR_STRING_DATA RAND_str_functs[] = {
@@ -10552,9 +10552,9 @@ diff -up openssl-1.1.0d/crypto/rand/rand_err.c.fips openssl-1.1.0d/crypto/rand/r
      {ERR_REASON(RAND_R_PRNG_NOT_SEEDED), "PRNG not seeded"},
      {0, NULL}
  };
-diff -up openssl-1.1.0d/crypto/rand/rand_lcl.h.fips openssl-1.1.0d/crypto/rand/rand_lcl.h
---- openssl-1.1.0d/crypto/rand/rand_lcl.h.fips	2017-01-26 16:02:28.830339932 +0100
-+++ openssl-1.1.0d/crypto/rand/rand_lcl.h	2017-01-26 16:02:29.045334181 +0100
+diff -up openssl-1.1.0e/crypto/rand/rand_lcl.h.fips openssl-1.1.0e/crypto/rand/rand_lcl.h
+--- openssl-1.1.0e/crypto/rand/rand_lcl.h.fips	2017-02-16 15:42:44.817359061 +0100
++++ openssl-1.1.0e/crypto/rand/rand_lcl.h	2017-02-16 15:42:44.985363037 +0100
 @@ -10,7 +10,7 @@
  #ifndef HEADER_RAND_LCL_H
  # define HEADER_RAND_LCL_H
@@ -10564,9 +10564,9 @@ diff -up openssl-1.1.0d/crypto/rand/rand_lcl.h.fips openssl-1.1.0d/crypto/rand/r
  
  # if !defined(USE_MD5_RAND) && !defined(USE_SHA1_RAND) && !defined(USE_MDC2_RAND) && !defined(USE_MD2_RAND)
  #  define USE_SHA1_RAND
-diff -up openssl-1.1.0d/crypto/rand/rand_lib.c.fips openssl-1.1.0d/crypto/rand/rand_lib.c
---- openssl-1.1.0d/crypto/rand/rand_lib.c.fips	2017-01-26 14:10:23.000000000 +0100
-+++ openssl-1.1.0d/crypto/rand/rand_lib.c	2017-01-26 16:02:29.047334128 +0100
+diff -up openssl-1.1.0e/crypto/rand/rand_lib.c.fips openssl-1.1.0e/crypto/rand/rand_lib.c
+--- openssl-1.1.0e/crypto/rand/rand_lib.c.fips	2017-02-16 12:58:21.000000000 +0100
++++ openssl-1.1.0e/crypto/rand/rand_lib.c	2017-02-16 15:42:44.985363037 +0100
 @@ -18,6 +18,8 @@
  #ifdef OPENSSL_FIPS
  # include <openssl/fips.h>
@@ -10704,9 +10704,9 @@ diff -up openssl-1.1.0d/crypto/rand/rand_lib.c.fips openssl-1.1.0d/crypto/rand/r
 +}
 +
 +#endif
-diff -up openssl-1.1.0d/crypto/rsa/rsa_crpt.c.fips openssl-1.1.0d/crypto/rsa/rsa_crpt.c
---- openssl-1.1.0d/crypto/rsa/rsa_crpt.c.fips	2017-01-26 14:10:23.000000000 +0100
-+++ openssl-1.1.0d/crypto/rsa/rsa_crpt.c	2017-01-26 16:02:29.048334101 +0100
+diff -up openssl-1.1.0e/crypto/rsa/rsa_crpt.c.fips openssl-1.1.0e/crypto/rsa/rsa_crpt.c
+--- openssl-1.1.0e/crypto/rsa/rsa_crpt.c.fips	2017-02-16 12:58:22.000000000 +0100
++++ openssl-1.1.0e/crypto/rsa/rsa_crpt.c	2017-02-16 15:42:44.986363060 +0100
 @@ -28,24 +28,52 @@ int RSA_size(const RSA *r)
  int RSA_public_encrypt(int flen, const unsigned char *from, unsigned char *to,
                         RSA *rsa, int padding)
@@ -10760,9 +10760,9 @@ diff -up openssl-1.1.0d/crypto/rsa/rsa_crpt.c.fips openssl-1.1.0d/crypto/rsa/rsa
      return (rsa->meth->rsa_pub_dec(flen, from, to, rsa, padding));
  }
  
-diff -up openssl-1.1.0d/crypto/rsa/rsa_err.c.fips openssl-1.1.0d/crypto/rsa/rsa_err.c
---- openssl-1.1.0d/crypto/rsa/rsa_err.c.fips	2017-01-26 14:10:23.000000000 +0100
-+++ openssl-1.1.0d/crypto/rsa/rsa_err.c	2017-01-26 16:02:29.049334074 +0100
+diff -up openssl-1.1.0e/crypto/rsa/rsa_err.c.fips openssl-1.1.0e/crypto/rsa/rsa_err.c
+--- openssl-1.1.0e/crypto/rsa/rsa_err.c.fips	2017-02-16 12:58:22.000000000 +0100
++++ openssl-1.1.0e/crypto/rsa/rsa_err.c	2017-02-16 15:42:44.986363060 +0100
 @@ -21,6 +21,7 @@
  static ERR_STRING_DATA RSA_str_functs[] = {
      {ERR_FUNC(RSA_F_CHECK_PADDING_MD), "check_padding_md"},
@@ -10808,9 +10808,9 @@ diff -up openssl-1.1.0d/crypto/rsa/rsa_err.c.fips openssl-1.1.0d/crypto/rsa/rsa_
      {ERR_REASON(RSA_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE),
       "operation not supported for this keytype"},
      {ERR_REASON(RSA_R_PADDING_CHECK_FAILED), "padding check failed"},
-diff -up openssl-1.1.0d/crypto/rsa/rsa_gen.c.fips openssl-1.1.0d/crypto/rsa/rsa_gen.c
---- openssl-1.1.0d/crypto/rsa/rsa_gen.c.fips	2017-01-26 16:02:29.007335198 +0100
-+++ openssl-1.1.0d/crypto/rsa/rsa_gen.c	2017-01-26 16:02:29.051334021 +0100
+diff -up openssl-1.1.0e/crypto/rsa/rsa_gen.c.fips openssl-1.1.0e/crypto/rsa/rsa_gen.c
+--- openssl-1.1.0e/crypto/rsa/rsa_gen.c.fips	2017-02-16 15:42:44.969362658 +0100
++++ openssl-1.1.0e/crypto/rsa/rsa_gen.c	2017-02-16 15:42:44.986363060 +0100
 @@ -18,6 +18,75 @@
  #include "internal/cryptlib.h"
  #include <openssl/bn.h>
@@ -11189,9 +11189,9 @@ diff -up openssl-1.1.0d/crypto/rsa/rsa_gen.c.fips openssl-1.1.0d/crypto/rsa/rsa_
      ctx = BN_CTX_new();
      if (ctx == NULL)
          goto err;
-diff -up openssl-1.1.0d/crypto/rsa/rsa_lib.c.fips openssl-1.1.0d/crypto/rsa/rsa_lib.c
---- openssl-1.1.0d/crypto/rsa/rsa_lib.c.fips	2017-01-26 14:10:23.000000000 +0100
-+++ openssl-1.1.0d/crypto/rsa/rsa_lib.c	2017-01-26 16:02:29.052333994 +0100
+diff -up openssl-1.1.0e/crypto/rsa/rsa_lib.c.fips openssl-1.1.0e/crypto/rsa/rsa_lib.c
+--- openssl-1.1.0e/crypto/rsa/rsa_lib.c.fips	2017-02-16 12:58:22.000000000 +0100
++++ openssl-1.1.0e/crypto/rsa/rsa_lib.c	2017-02-16 15:42:44.986363060 +0100
 @@ -26,6 +26,12 @@ RSA *RSA_new(void)
  
  void RSA_set_default_method(const RSA_METHOD *meth)
@@ -11247,9 +11247,9 @@ diff -up openssl-1.1.0d/crypto/rsa/rsa_lib.c.fips openssl-1.1.0d/crypto/rsa/rsa_
      if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_RSA, ret, &ret->ex_data)) {
          goto err;
      }
-diff -up openssl-1.1.0d/crypto/rsa/rsa_ossl.c.fips openssl-1.1.0d/crypto/rsa/rsa_ossl.c
---- openssl-1.1.0d/crypto/rsa/rsa_ossl.c.fips	2017-01-26 14:10:23.000000000 +0100
-+++ openssl-1.1.0d/crypto/rsa/rsa_ossl.c	2017-01-26 16:02:29.053333967 +0100
+diff -up openssl-1.1.0e/crypto/rsa/rsa_ossl.c.fips openssl-1.1.0e/crypto/rsa/rsa_ossl.c
+--- openssl-1.1.0e/crypto/rsa/rsa_ossl.c.fips	2017-02-16 12:58:22.000000000 +0100
++++ openssl-1.1.0e/crypto/rsa/rsa_ossl.c	2017-02-16 15:42:44.986363060 +0100
 @@ -11,6 +11,10 @@
  #include "internal/bn_int.h"
  #include "rsa_locl.h"
@@ -11353,9 +11353,9 @@ diff -up openssl-1.1.0d/crypto/rsa/rsa_ossl.c.fips openssl-1.1.0d/crypto/rsa/rsa
      if (BN_num_bits(rsa->n) > OPENSSL_RSA_MAX_MODULUS_BITS) {
          RSAerr(RSA_F_RSA_OSSL_PUBLIC_DECRYPT, RSA_R_MODULUS_TOO_LARGE);
          return -1;
-diff -up openssl-1.1.0d/crypto/rsa/rsa_sign.c.fips openssl-1.1.0d/crypto/rsa/rsa_sign.c
---- openssl-1.1.0d/crypto/rsa/rsa_sign.c.fips	2017-01-26 14:10:23.000000000 +0100
-+++ openssl-1.1.0d/crypto/rsa/rsa_sign.c	2017-01-26 16:02:29.054333940 +0100
+diff -up openssl-1.1.0e/crypto/rsa/rsa_sign.c.fips openssl-1.1.0e/crypto/rsa/rsa_sign.c
+--- openssl-1.1.0e/crypto/rsa/rsa_sign.c.fips	2017-02-16 12:58:22.000000000 +0100
++++ openssl-1.1.0e/crypto/rsa/rsa_sign.c	2017-02-16 15:42:44.986363060 +0100
 @@ -73,6 +73,13 @@ int RSA_sign(int type, const unsigned ch
      unsigned char *tmps = NULL;
      const unsigned char *encoded = NULL;
@@ -11382,9 +11382,22 @@ diff -up openssl-1.1.0d/crypto/rsa/rsa_sign.c.fips openssl-1.1.0d/crypto/rsa/rsa
      if (encrypt_len <= 0)
          goto err;
  
-diff -up openssl-1.1.0d/crypto/sha/sha256.c.fips openssl-1.1.0d/crypto/sha/sha256.c
---- openssl-1.1.0d/crypto/sha/sha256.c.fips	2017-01-26 14:10:23.000000000 +0100
-+++ openssl-1.1.0d/crypto/sha/sha256.c	2017-01-26 16:02:29.055333914 +0100
+diff -up openssl-1.1.0e/crypto/sha/sha_locl.h.fips openssl-1.1.0e/crypto/sha/sha_locl.h
+--- openssl-1.1.0e/crypto/sha/sha_locl.h.fips	2017-02-16 15:42:44.738357192 +0100
++++ openssl-1.1.0e/crypto/sha/sha_locl.h	2017-02-16 15:42:44.987363084 +0100
+@@ -52,6 +52,9 @@ void sha1_block_data_order(SHA_CTX *c, c
+ 
+ int HASH_INIT(SHA_CTX *c)
+ {
++#if defined(OPENSSL_FIPS)
++    FIPS_selftest_check();
++#endif
+     memset(c, 0, sizeof(*c));
+     c->h0 = INIT_DATA_h0;
+     c->h1 = INIT_DATA_h1;
+diff -up openssl-1.1.0e/crypto/sha/sha256.c.fips openssl-1.1.0e/crypto/sha/sha256.c
+--- openssl-1.1.0e/crypto/sha/sha256.c.fips	2017-02-16 12:58:22.000000000 +0100
++++ openssl-1.1.0e/crypto/sha/sha256.c	2017-02-16 15:42:44.986363060 +0100
 @@ -18,6 +18,9 @@
  
  int SHA224_Init(SHA256_CTX *c)
@@ -11405,9 +11418,9 @@ diff -up openssl-1.1.0d/crypto/sha/sha256.c.fips openssl-1.1.0d/crypto/sha/sha25
      memset(c, 0, sizeof(*c));
      c->h[0] = 0x6a09e667UL;
      c->h[1] = 0xbb67ae85UL;
-diff -up openssl-1.1.0d/crypto/sha/sha512.c.fips openssl-1.1.0d/crypto/sha/sha512.c
---- openssl-1.1.0d/crypto/sha/sha512.c.fips	2017-01-26 14:10:23.000000000 +0100
-+++ openssl-1.1.0d/crypto/sha/sha512.c	2017-01-26 16:02:29.055333914 +0100
+diff -up openssl-1.1.0e/crypto/sha/sha512.c.fips openssl-1.1.0e/crypto/sha/sha512.c
+--- openssl-1.1.0e/crypto/sha/sha512.c.fips	2017-02-16 12:58:22.000000000 +0100
++++ openssl-1.1.0e/crypto/sha/sha512.c	2017-02-16 15:42:44.987363084 +0100
 @@ -62,6 +62,9 @@
  
  int SHA384_Init(SHA512_CTX *c)
@@ -11428,22 +11441,9 @@ diff -up openssl-1.1.0d/crypto/sha/sha512.c.fips openssl-1.1.0d/crypto/sha/sha51
      c->h[0] = U64(0x6a09e667f3bcc908);
      c->h[1] = U64(0xbb67ae8584caa73b);
      c->h[2] = U64(0x3c6ef372fe94f82b);
-diff -up openssl-1.1.0d/crypto/sha/sha_locl.h.fips openssl-1.1.0d/crypto/sha/sha_locl.h
---- openssl-1.1.0d/crypto/sha/sha_locl.h.fips	2017-01-26 16:02:28.826340039 +0100
-+++ openssl-1.1.0d/crypto/sha/sha_locl.h	2017-01-26 16:02:29.054333940 +0100
-@@ -52,6 +52,9 @@ void sha1_block_data_order(SHA_CTX *c, c
- 
- int HASH_INIT(SHA_CTX *c)
- {
-+#if defined(OPENSSL_FIPS)
-+    FIPS_selftest_check();
-+#endif
-     memset(c, 0, sizeof(*c));
-     c->h0 = INIT_DATA_h0;
-     c->h1 = INIT_DATA_h1;
-diff -up openssl-1.1.0d/doc/crypto/DSA_generate_parameters.pod.fips openssl-1.1.0d/doc/crypto/DSA_generate_parameters.pod
---- openssl-1.1.0d/doc/crypto/DSA_generate_parameters.pod.fips	2017-01-26 14:10:24.000000000 +0100
-+++ openssl-1.1.0d/doc/crypto/DSA_generate_parameters.pod	2017-01-26 16:02:29.056333887 +0100
+diff -up openssl-1.1.0e/doc/crypto/DSA_generate_parameters.pod.fips openssl-1.1.0e/doc/crypto/DSA_generate_parameters.pod
+--- openssl-1.1.0e/doc/crypto/DSA_generate_parameters.pod.fips	2017-02-16 12:58:22.000000000 +0100
++++ openssl-1.1.0e/doc/crypto/DSA_generate_parameters.pod	2017-02-16 15:42:44.987363084 +0100
 @@ -29,8 +29,10 @@ B<bits> is the length of the prime p to
  For lengths under 2048 bits, the length of q is 160 bits; for lengths
  greater than or equal to 2048 bits, the length of q is set to 256 bits.
@@ -11457,9 +11457,9 @@ diff -up openssl-1.1.0d/doc/crypto/DSA_generate_parameters.pod.fips openssl-1.1.
  
  DSA_generate_parameters_ex() places the iteration count in
  *B<counter_ret> and a counter used for finding a generator in
-diff -up openssl-1.1.0d/include/openssl/crypto.h.fips openssl-1.1.0d/include/openssl/crypto.h
---- openssl-1.1.0d/include/openssl/crypto.h.fips	2017-01-26 14:10:24.000000000 +0100
-+++ openssl-1.1.0d/include/openssl/crypto.h	2017-01-26 16:02:29.057333860 +0100
+diff -up openssl-1.1.0e/include/openssl/crypto.h.fips openssl-1.1.0e/include/openssl/crypto.h
+--- openssl-1.1.0e/include/openssl/crypto.h.fips	2017-02-16 12:58:23.000000000 +0100
++++ openssl-1.1.0e/include/openssl/crypto.h	2017-02-16 15:42:44.987363084 +0100
 @@ -332,6 +332,11 @@ int OPENSSL_isservice(void);
  int FIPS_mode(void);
  int FIPS_mode_set(int r);
@@ -11472,9 +11472,9 @@ diff -up openssl-1.1.0d/include/openssl/crypto.h.fips openssl-1.1.0d/include/ope
  void OPENSSL_init(void);
  
  struct tm *OPENSSL_gmtime(const time_t *timer, struct tm *result);
-diff -up openssl-1.1.0d/include/openssl/dh.h.fips openssl-1.1.0d/include/openssl/dh.h
---- openssl-1.1.0d/include/openssl/dh.h.fips	2017-01-26 14:10:24.000000000 +0100
-+++ openssl-1.1.0d/include/openssl/dh.h	2017-01-26 16:02:29.058333833 +0100
+diff -up openssl-1.1.0e/include/openssl/dh.h.fips openssl-1.1.0e/include/openssl/dh.h
+--- openssl-1.1.0e/include/openssl/dh.h.fips	2017-02-16 12:58:23.000000000 +0100
++++ openssl-1.1.0e/include/openssl/dh.h	2017-02-16 15:42:44.987363084 +0100
 @@ -30,6 +30,7 @@ extern "C" {
  # endif
  
@@ -11506,9 +11506,9 @@ diff -up openssl-1.1.0d/include/openssl/dh.h.fips openssl-1.1.0d/include/openssl
  # define DH_R_PARAMETER_ENCODING_ERROR                    105
  # define DH_R_PEER_KEY_ERROR                              111
  # define DH_R_SHARED_INFO_ERROR                           113
-diff -up openssl-1.1.0d/include/openssl/dsa.h.fips openssl-1.1.0d/include/openssl/dsa.h
---- openssl-1.1.0d/include/openssl/dsa.h.fips	2017-01-26 14:10:24.000000000 +0100
-+++ openssl-1.1.0d/include/openssl/dsa.h	2017-01-26 16:08:36.807496229 +0100
+diff -up openssl-1.1.0e/include/openssl/dsa.h.fips openssl-1.1.0e/include/openssl/dsa.h
+--- openssl-1.1.0e/include/openssl/dsa.h.fips	2017-02-16 12:58:23.000000000 +0100
++++ openssl-1.1.0e/include/openssl/dsa.h	2017-02-16 15:42:44.987363084 +0100
 @@ -36,6 +36,7 @@ extern "C" {
  # endif
  
@@ -11554,9 +11554,9 @@ diff -up openssl-1.1.0d/include/openssl/dsa.h.fips openssl-1.1.0d/include/openss
  # define DSA_R_PARAMETER_ENCODING_ERROR                   105
  # define DSA_R_Q_NOT_PRIME                                113
  # define DSA_R_SEED_LEN_SMALL                             110
-diff -up openssl-1.1.0d/include/openssl/evp.h.fips openssl-1.1.0d/include/openssl/evp.h
---- openssl-1.1.0d/include/openssl/evp.h.fips	2017-01-26 14:10:24.000000000 +0100
-+++ openssl-1.1.0d/include/openssl/evp.h	2017-01-26 16:09:01.024848394 +0100
+diff -up openssl-1.1.0e/include/openssl/evp.h.fips openssl-1.1.0e/include/openssl/evp.h
+--- openssl-1.1.0e/include/openssl/evp.h.fips	2017-02-16 12:58:23.000000000 +0100
++++ openssl-1.1.0e/include/openssl/evp.h	2017-02-16 15:42:44.988363108 +0100
 @@ -1458,6 +1458,7 @@ int ERR_load_EVP_strings(void);
  # define EVP_F_AES_OCB_CIPHER                             169
  # define EVP_F_AES_T4_INIT_KEY                            178
@@ -11581,9 +11581,9 @@ diff -up openssl-1.1.0d/include/openssl/evp.h.fips openssl-1.1.0d/include/openss
  # define EVP_R_UNKNOWN_CIPHER                             160
  # define EVP_R_UNKNOWN_DIGEST                             161
  # define EVP_R_UNKNOWN_OPTION                             169
-diff -up openssl-1.1.0d/include/openssl/fips.h.fips openssl-1.1.0d/include/openssl/fips.h
---- openssl-1.1.0d/include/openssl/fips.h.fips	2017-01-26 16:02:29.060333780 +0100
-+++ openssl-1.1.0d/include/openssl/fips.h	2017-01-26 16:02:29.059333807 +0100
+diff -up openssl-1.1.0e/include/openssl/fips.h.fips openssl-1.1.0e/include/openssl/fips.h
+--- openssl-1.1.0e/include/openssl/fips.h.fips	2017-02-16 15:42:44.988363108 +0100
++++ openssl-1.1.0e/include/openssl/fips.h	2017-02-16 15:42:44.988363108 +0100
 @@ -0,0 +1,186 @@
 +/* ====================================================================
 + * Copyright (c) 2003 The OpenSSL Project.  All rights reserved.
@@ -11771,9 +11771,9 @@ diff -up openssl-1.1.0d/include/openssl/fips.h.fips openssl-1.1.0d/include/opens
 +}
 +# endif
 +#endif
-diff -up openssl-1.1.0d/include/openssl/fips_rand.h.fips openssl-1.1.0d/include/openssl/fips_rand.h
---- openssl-1.1.0d/include/openssl/fips_rand.h.fips	2017-01-26 16:02:29.060333780 +0100
-+++ openssl-1.1.0d/include/openssl/fips_rand.h	2017-01-26 16:02:29.060333780 +0100
+diff -up openssl-1.1.0e/include/openssl/fips_rand.h.fips openssl-1.1.0e/include/openssl/fips_rand.h
+--- openssl-1.1.0e/include/openssl/fips_rand.h.fips	2017-02-16 15:42:44.988363108 +0100
++++ openssl-1.1.0e/include/openssl/fips_rand.h	2017-02-16 15:42:44.988363108 +0100
 @@ -0,0 +1,145 @@
 +/* ====================================================================
 + * Copyright (c) 2003 The OpenSSL Project.  All rights reserved.
@@ -11920,9 +11920,9 @@ diff -up openssl-1.1.0d/include/openssl/fips_rand.h.fips openssl-1.1.0d/include/
 +#  endif
 +# endif
 +#endif
-diff -up openssl-1.1.0d/include/openssl/opensslconf.h.in.fips openssl-1.1.0d/include/openssl/opensslconf.h.in
---- openssl-1.1.0d/include/openssl/opensslconf.h.in.fips	2017-01-26 14:10:25.000000000 +0100
-+++ openssl-1.1.0d/include/openssl/opensslconf.h.in	2017-01-26 16:02:29.060333780 +0100
+diff -up openssl-1.1.0e/include/openssl/opensslconf.h.in.fips openssl-1.1.0e/include/openssl/opensslconf.h.in
+--- openssl-1.1.0e/include/openssl/opensslconf.h.in.fips	2017-02-16 12:58:23.000000000 +0100
++++ openssl-1.1.0e/include/openssl/opensslconf.h.in	2017-02-16 15:42:44.988363108 +0100
 @@ -136,6 +136,11 @@ extern "C" {
  
  #define RC4_INT {- $config{rc4_int} -}
@@ -11935,9 +11935,9 @@ diff -up openssl-1.1.0d/include/openssl/opensslconf.h.in.fips openssl-1.1.0d/inc
  #ifdef  __cplusplus
  }
  #endif
-diff -up openssl-1.1.0d/include/openssl/rand.h.fips openssl-1.1.0d/include/openssl/rand.h
---- openssl-1.1.0d/include/openssl/rand.h.fips	2017-01-26 14:10:25.000000000 +0100
-+++ openssl-1.1.0d/include/openssl/rand.h	2017-01-26 16:02:29.061333753 +0100
+diff -up openssl-1.1.0e/include/openssl/rand.h.fips openssl-1.1.0e/include/openssl/rand.h
+--- openssl-1.1.0e/include/openssl/rand.h.fips	2017-02-16 12:58:23.000000000 +0100
++++ openssl-1.1.0e/include/openssl/rand.h	2017-02-16 15:42:44.988363108 +0100
 @@ -67,6 +67,11 @@ DEPRECATEDIN_1_1_0(void RAND_screen(void
  DEPRECATEDIN_1_1_0(int RAND_event(UINT, WPARAM, LPARAM))
  #endif
@@ -11962,9 +11962,9 @@ diff -up openssl-1.1.0d/include/openssl/rand.h.fips openssl-1.1.0d/include/opens
  # define RAND_R_PRNG_NOT_SEEDED                           100
  
  # ifdef  __cplusplus
-diff -up openssl-1.1.0d/include/openssl/rsa.h.fips openssl-1.1.0d/include/openssl/rsa.h
---- openssl-1.1.0d/include/openssl/rsa.h.fips	2017-01-26 14:10:25.000000000 +0100
-+++ openssl-1.1.0d/include/openssl/rsa.h	2017-01-26 16:02:29.061333753 +0100
+diff -up openssl-1.1.0e/include/openssl/rsa.h.fips openssl-1.1.0e/include/openssl/rsa.h
+--- openssl-1.1.0e/include/openssl/rsa.h.fips	2017-02-16 12:58:23.000000000 +0100
++++ openssl-1.1.0e/include/openssl/rsa.h	2017-02-16 15:42:44.988363108 +0100
 @@ -463,6 +463,7 @@ int ERR_load_RSA_strings(void);
  /* Function codes. */
  # define RSA_F_CHECK_PADDING_MD                           140
@@ -12009,9 +12009,9 @@ diff -up openssl-1.1.0d/include/openssl/rsa.h.fips openssl-1.1.0d/include/openss
  # define RSA_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE   148
  # define RSA_R_PADDING_CHECK_FAILED                       114
  # define RSA_R_PKCS_DECODING_ERROR                        159
-diff -up openssl-1.1.0d/ssl/ssl_ciph.c.fips openssl-1.1.0d/ssl/ssl_ciph.c
---- openssl-1.1.0d/ssl/ssl_ciph.c.fips	2017-01-26 16:02:29.011335091 +0100
-+++ openssl-1.1.0d/ssl/ssl_ciph.c	2017-01-26 16:02:29.062333726 +0100
+diff -up openssl-1.1.0e/ssl/ssl_ciph.c.fips openssl-1.1.0e/ssl/ssl_ciph.c
+--- openssl-1.1.0e/ssl/ssl_ciph.c.fips	2017-02-16 15:42:44.973362753 +0100
++++ openssl-1.1.0e/ssl/ssl_ciph.c	2017-02-16 15:42:44.989363131 +0100
 @@ -404,7 +404,8 @@ void ssl_load_ciphers(void)
          }
      }
@@ -12031,9 +12031,9 @@ diff -up openssl-1.1.0d/ssl/ssl_ciph.c.fips openssl-1.1.0d/ssl/ssl_ciph.c
              continue;
          if ((c->algorithm_mkey & disabled_mkey) ||
              (c->algorithm_auth & disabled_auth) ||
-diff -up openssl-1.1.0d/ssl/ssl_init.c.fips openssl-1.1.0d/ssl/ssl_init.c
---- openssl-1.1.0d/ssl/ssl_init.c.fips	2017-01-26 14:10:25.000000000 +0100
-+++ openssl-1.1.0d/ssl/ssl_init.c	2017-01-26 16:02:29.062333726 +0100
+diff -up openssl-1.1.0e/ssl/ssl_init.c.fips openssl-1.1.0e/ssl/ssl_init.c
+--- openssl-1.1.0e/ssl/ssl_init.c.fips	2017-02-16 12:58:23.000000000 +0100
++++ openssl-1.1.0e/ssl/ssl_init.c	2017-02-16 15:42:44.989363131 +0100
 @@ -28,6 +28,10 @@ DEFINE_RUN_ONCE_STATIC(ossl_init_ssl_bas
      fprintf(stderr, "OPENSSL_INIT: ossl_init_ssl_base: "
              "Adding SSL ciphers and digests\n");
@@ -12077,10 +12077,10 @@ diff -up openssl-1.1.0d/ssl/ssl_init.c.fips openssl-1.1.0d/ssl/ssl_init.c
  #ifndef OPENSSL_NO_COMP
  # ifdef OPENSSL_INIT_DEBUG
      fprintf(stderr, "OPENSSL_INIT: ossl_init_ssl_base: "
-diff -up openssl-1.1.0d/ssl/ssl_lib.c.fips openssl-1.1.0d/ssl/ssl_lib.c
---- openssl-1.1.0d/ssl/ssl_lib.c.fips	2017-01-26 16:02:29.012335064 +0100
-+++ openssl-1.1.0d/ssl/ssl_lib.c	2017-01-26 16:02:29.063333699 +0100
-@@ -2405,13 +2405,17 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *m
+diff -up openssl-1.1.0e/ssl/ssl_lib.c.fips openssl-1.1.0e/ssl/ssl_lib.c
+--- openssl-1.1.0e/ssl/ssl_lib.c.fips	2017-02-16 15:42:44.973362753 +0100
++++ openssl-1.1.0e/ssl/ssl_lib.c	2017-02-16 15:42:44.989363131 +0100
+@@ -2413,13 +2413,17 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *m
      if (ret->param == NULL)
          goto err;
  
@@ -12105,9 +12105,9 @@ diff -up openssl-1.1.0d/ssl/ssl_lib.c.fips openssl-1.1.0d/ssl/ssl_lib.c
      }
  
      if ((ret->client_CA = sk_X509_NAME_new_null()) == NULL)
-diff -up openssl-1.1.0d/test/dsatest.c.fips openssl-1.1.0d/test/dsatest.c
---- openssl-1.1.0d/test/dsatest.c.fips	2017-01-26 14:10:25.000000000 +0100
-+++ openssl-1.1.0d/test/dsatest.c	2017-01-26 16:02:29.063333699 +0100
+diff -up openssl-1.1.0e/test/dsatest.c.fips openssl-1.1.0e/test/dsatest.c
+--- openssl-1.1.0e/test/dsatest.c.fips	2017-02-16 12:58:24.000000000 +0100
++++ openssl-1.1.0e/test/dsatest.c	2017-02-16 15:42:44.989363131 +0100
 @@ -32,41 +32,42 @@ int main(int argc, char *argv[])
  
  static int dsa_cb(int p, int n, BN_GENCB *arg);
@@ -12196,9 +12196,9 @@ diff -up openssl-1.1.0d/test/dsatest.c.fips openssl-1.1.0d/test/dsatest.c
          goto end;
      }
      if (h != 2) {
-diff -up openssl-1.1.0d/util/mkdef.pl.fips openssl-1.1.0d/util/mkdef.pl
---- openssl-1.1.0d/util/mkdef.pl.fips	2017-01-26 14:10:26.000000000 +0100
-+++ openssl-1.1.0d/util/mkdef.pl	2017-01-26 16:02:29.064333673 +0100
+diff -up openssl-1.1.0e/util/mkdef.pl.fips openssl-1.1.0e/util/mkdef.pl
+--- openssl-1.1.0e/util/mkdef.pl.fips	2017-02-16 12:58:24.000000000 +0100
++++ openssl-1.1.0e/util/mkdef.pl	2017-02-16 15:42:44.989363131 +0100
 @@ -307,6 +307,8 @@ $crypto.=" include/openssl/modes.h";
  $crypto.=" include/openssl/async.h";
  $crypto.=" include/openssl/ct.h";
diff --git a/openssl-1.1.0-system-cipherlist.patch b/openssl-1.1.0-system-cipherlist.patch
index 859fd37..9f63162 100644
--- a/openssl-1.1.0-system-cipherlist.patch
+++ b/openssl-1.1.0-system-cipherlist.patch
@@ -1,7 +1,7 @@
-diff -up openssl-1.1.0b/Configurations/unix-Makefile.tmpl.system-cipherlist openssl-1.1.0b/Configurations/unix-Makefile.tmpl
---- openssl-1.1.0b/Configurations/unix-Makefile.tmpl.system-cipherlist	2016-09-26 15:57:34.000000000 +0200
-+++ openssl-1.1.0b/Configurations/unix-Makefile.tmpl	2016-09-26 16:41:17.796148764 +0200
-@@ -157,6 +157,10 @@ MANDIR=$(INSTALLTOP)/share/man
+diff -up openssl-1.1.0e/Configurations/unix-Makefile.tmpl.system-cipherlist openssl-1.1.0e/Configurations/unix-Makefile.tmpl
+--- openssl-1.1.0e/Configurations/unix-Makefile.tmpl.system-cipherlist	2017-02-16 16:15:38.658931413 +0100
++++ openssl-1.1.0e/Configurations/unix-Makefile.tmpl	2017-02-16 16:15:38.675931806 +0100
+@@ -161,6 +161,10 @@ MANDIR=$(INSTALLTOP)/share/man
  DOCDIR=$(INSTALLTOP)/share/doc/$(BASENAME)
  HTMLDIR=$(DOCDIR)/html
  
@@ -12,7 +12,7 @@ diff -up openssl-1.1.0b/Configurations/unix-Makefile.tmpl.system-cipherlist open
  # MANSUFFIX is for the benefit of anyone who may want to have a suffix
  # appended after the manpage file section number.  "ssl" is popular,
  # resulting in files such as config.5ssl rather than config.5.
-@@ -167,7 +171,7 @@ HTMLSUFFIX=html
+@@ -171,7 +175,7 @@ HTMLSUFFIX=html
  
  CROSS_COMPILE= {- $config{cross_compile_prefix} -}
  CC= $(CROSS_COMPILE){- $target{cc} -}
@@ -21,9 +21,9 @@ diff -up openssl-1.1.0b/Configurations/unix-Makefile.tmpl.system-cipherlist open
  CFLAGS_Q={- $cflags2 =~ s|([\\"])|\\$1|g; $cflags2 -} {- $config{cflags} -}
  LDFLAGS= {- $target{lflags} -}
  PLIB_LDFLAGS= {- $target{plib_lflags} -}
-diff -up openssl-1.1.0b/Configure.system-cipherlist openssl-1.1.0b/Configure
---- openssl-1.1.0b/Configure.system-cipherlist	2016-09-26 15:57:34.000000000 +0200
-+++ openssl-1.1.0b/Configure	2016-09-26 16:41:45.002787753 +0200
+diff -up openssl-1.1.0e/Configure.system-cipherlist openssl-1.1.0e/Configure
+--- openssl-1.1.0e/Configure.system-cipherlist	2017-02-16 12:58:20.000000000 +0100
++++ openssl-1.1.0e/Configure	2017-02-16 16:15:38.679931899 +0100
 @@ -18,7 +18,7 @@ use if $^O ne "VMS", 'File::Glob' => qw/
  
  # see INSTALL for instructions.
@@ -43,7 +43,7 @@ diff -up openssl-1.1.0b/Configure.system-cipherlist openssl-1.1.0b/Configure
  # --cross-compile-prefix Add specified prefix to binutils components.
  #
  # --api         One of 0.9.8, 1.0.0 or 1.1.0.  Do not compile support for
-@@ -292,6 +295,7 @@ $config{openssldir}="";
+@@ -293,6 +296,7 @@ $config{openssldir}="";
  $config{processor}="";
  $config{libdir}="";
  $config{cross_compile_prefix}="";
@@ -51,7 +51,7 @@ diff -up openssl-1.1.0b/Configure.system-cipherlist openssl-1.1.0b/Configure
  $config{fipslibdir}="/usr/local/ssl/fips-2.0/lib/";
  my $nofipscanistercheck=0;
  $config{baseaddr}="0xFB00000";
-@@ -716,6 +720,10 @@ foreach (@argvcopy)
+@@ -718,6 +722,10 @@ while (@argvcopy)
  			{
  			$config{baseaddr}="$1";
  			}
@@ -62,7 +62,7 @@ diff -up openssl-1.1.0b/Configure.system-cipherlist openssl-1.1.0b/Configure
  		elsif (/^--cross-compile-prefix=(.*)$/)
  			{
  			$config{cross_compile_prefix}=$1;
-@@ -841,6 +849,8 @@ if ($target =~ m/^CygWin32(-.*)$/) {
+@@ -851,6 +859,8 @@ if ($target =~ m/^CygWin32(-.*)$/) {
      $target = "Cygwin".$1;
  }
  
@@ -71,9 +71,28 @@ diff -up openssl-1.1.0b/Configure.system-cipherlist openssl-1.1.0b/Configure
  foreach (sort (keys %disabled))
  	{
  	$config{options} .= " no-$_";
-diff -up openssl-1.1.0b/include/openssl/ssl.h.system-cipherlist openssl-1.1.0b/include/openssl/ssl.h
---- openssl-1.1.0b/include/openssl/ssl.h.system-cipherlist	2016-09-26 11:46:07.000000000 +0200
-+++ openssl-1.1.0b/include/openssl/ssl.h	2016-09-26 16:58:03.752760070 +0200
+diff -up openssl-1.1.0e/doc/apps/ciphers.pod.system-cipherlist openssl-1.1.0e/doc/apps/ciphers.pod
+--- openssl-1.1.0e/doc/apps/ciphers.pod.system-cipherlist	2017-02-16 12:58:22.000000000 +0100
++++ openssl-1.1.0e/doc/apps/ciphers.pod	2017-02-16 16:37:14.043219953 +0100
+@@ -181,6 +181,15 @@ As of OpenSSL 1.0.0, the B<ALL> cipher s
+ 
+ The cipher suites not enabled by B<ALL>, currently B<eNULL>.
+ 
++=item B<PROFILE=SYSTEM>
++
++The list of enabled cipher suites will be loaded from the system crypto policy
++configuration file B</etc/crypto-policies/back-ends/openssl.config>.
++See also L<update-crypto-policies(8)>.
++This is the default behavior unless an application explicitly sets a cipher
++list. If used in a cipher list configuration value this string must be at the
++beginning of the cipher list, otherwise it will not be recognized.
++
+ =item B<HIGH>
+ 
+ "high" encryption cipher suites. This currently means those with key lengths
+diff -up openssl-1.1.0e/include/openssl/ssl.h.system-cipherlist openssl-1.1.0e/include/openssl/ssl.h
+--- openssl-1.1.0e/include/openssl/ssl.h.system-cipherlist	2017-02-16 12:58:23.000000000 +0100
++++ openssl-1.1.0e/include/openssl/ssl.h	2017-02-16 16:15:38.676931830 +0100
 @@ -201,6 +201,11 @@ extern "C" {
   * throwing out anonymous and unencrypted ciphersuites! (The latter are not
   * actually enabled by ALL, but "ALL:RSA" would enable some of them.)
@@ -86,9 +105,9 @@ diff -up openssl-1.1.0b/include/openssl/ssl.h.system-cipherlist openssl-1.1.0b/i
  
  /* Used in SSL_set_shutdown()/SSL_get_shutdown(); */
  # define SSL_SENT_SHUTDOWN       1
-diff -up openssl-1.1.0b/ssl/ssl_ciph.c.system-cipherlist openssl-1.1.0b/ssl/ssl_ciph.c
---- openssl-1.1.0b/ssl/ssl_ciph.c.system-cipherlist	2016-09-26 11:46:07.000000000 +0200
-+++ openssl-1.1.0b/ssl/ssl_ciph.c	2016-09-26 16:51:33.056591689 +0200
+diff -up openssl-1.1.0e/ssl/ssl_ciph.c.system-cipherlist openssl-1.1.0e/ssl/ssl_ciph.c
+--- openssl-1.1.0e/ssl/ssl_ciph.c.system-cipherlist	2017-02-16 12:58:23.000000000 +0100
++++ openssl-1.1.0e/ssl/ssl_ciph.c	2017-02-16 16:15:38.691932177 +0100
 @@ -1289,6 +1289,50 @@ static int check_suiteb_cipher_list(cons
  }
  #endif
@@ -140,7 +159,7 @@ diff -up openssl-1.1.0b/ssl/ssl_ciph.c.system-cipherlist openssl-1.1.0b/ssl/ssl_
  STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method, STACK_OF(SSL_CIPHER)
                                               **cipher_list, STACK_OF(SSL_CIPHER)
                                               **cipher_list_by_id,
-@@ -1296,19 +1340,29 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_
+@@ -1296,19 +1341,29 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_
  {
      int ok, num_of_ciphers, num_of_alias_max, num_of_group_aliases;
      uint32_t disabled_mkey, disabled_auth, disabled_enc, disabled_mac;
@@ -173,7 +192,7 @@ diff -up openssl-1.1.0b/ssl/ssl_ciph.c.system-cipherlist openssl-1.1.0b/ssl/ssl_
  #endif
  
      /*
-@@ -1331,7 +1385,7 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_
+@@ -1331,7 +1386,7 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_
      co_list = OPENSSL_malloc(sizeof(*co_list) * num_of_ciphers);
      if (co_list == NULL) {
          SSLerr(SSL_F_SSL_CREATE_CIPHER_LIST, ERR_R_MALLOC_FAILURE);
@@ -182,7 +201,7 @@ diff -up openssl-1.1.0b/ssl/ssl_ciph.c.system-cipherlist openssl-1.1.0b/ssl/ssl_
      }
  
      ssl_cipher_collect_ciphers(ssl_method, num_of_ciphers,
-@@ -1401,8 +1455,7 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_
+@@ -1401,8 +1456,7 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_
       * in force within each class
       */
      if (!ssl_cipher_strength_sort(&head, &tail)) {
@@ -192,7 +211,7 @@ diff -up openssl-1.1.0b/ssl/ssl_ciph.c.system-cipherlist openssl-1.1.0b/ssl/ssl_
      }
  
      /*
-@@ -1447,9 +1500,8 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_
+@@ -1447,9 +1501,8 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_
      num_of_alias_max = num_of_ciphers + num_of_group_aliases + 1;
      ca_list = OPENSSL_malloc(sizeof(*ca_list) * num_of_alias_max);
      if (ca_list == NULL) {
@@ -203,7 +222,7 @@ diff -up openssl-1.1.0b/ssl/ssl_ciph.c.system-cipherlist openssl-1.1.0b/ssl/ssl_
      }
      ssl_cipher_collect_aliases(ca_list, num_of_group_aliases,
                                 disabled_mkey, disabled_auth, disabled_enc,
-@@ -1475,8 +1527,7 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_
+@@ -1475,8 +1528,7 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_
      OPENSSL_free(ca_list);      /* Not needed anymore */
  
      if (!ok) {                  /* Rule processing failure */
@@ -213,7 +232,7 @@ diff -up openssl-1.1.0b/ssl/ssl_ciph.c.system-cipherlist openssl-1.1.0b/ssl/ssl_
      }
  
      /*
-@@ -1484,8 +1535,7 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_
+@@ -1484,8 +1536,7 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_
       * if we cannot get one.
       */
      if ((cipherstack = sk_SSL_CIPHER_new_null()) == NULL) {
@@ -223,7 +242,7 @@ diff -up openssl-1.1.0b/ssl/ssl_ciph.c.system-cipherlist openssl-1.1.0b/ssl/ssl_
      }
  
      /*
-@@ -1496,21 +1546,21 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_
+@@ -1496,21 +1547,21 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_
          if (curr->active
              && (!FIPS_mode() || curr->cipher->algo_strength & SSL_FIPS)) {
              if (!sk_SSL_CIPHER_push(cipherstack, curr->cipher)) {
@@ -249,7 +268,7 @@ diff -up openssl-1.1.0b/ssl/ssl_ciph.c.system-cipherlist openssl-1.1.0b/ssl/ssl_
      }
      sk_SSL_CIPHER_free(*cipher_list);
      *cipher_list = cipherstack;
-@@ -1520,6 +1570,12 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_
+@@ -1520,6 +1571,12 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_
      (void)sk_SSL_CIPHER_set_cmp_func(*cipher_list_by_id, ssl_cipher_ptr_id_cmp);
  
      sk_SSL_CIPHER_sort(*cipher_list_by_id);
@@ -262,9 +281,9 @@ diff -up openssl-1.1.0b/ssl/ssl_ciph.c.system-cipherlist openssl-1.1.0b/ssl/ssl_
      return (cipherstack);
  }
  
-diff -up openssl-1.1.0b/ssl/ssl_lib.c.system-cipherlist openssl-1.1.0b/ssl/ssl_lib.c
---- openssl-1.1.0b/ssl/ssl_lib.c.system-cipherlist	2016-09-26 15:57:34.000000000 +0200
-+++ openssl-1.1.0b/ssl/ssl_lib.c	2016-09-26 16:55:23.668003396 +0200
+diff -up openssl-1.1.0e/ssl/ssl_lib.c.system-cipherlist openssl-1.1.0e/ssl/ssl_lib.c
+--- openssl-1.1.0e/ssl/ssl_lib.c.system-cipherlist	2017-02-16 16:15:38.673931760 +0100
++++ openssl-1.1.0e/ssl/ssl_lib.c	2017-02-16 16:15:38.692932200 +0100
 @@ -509,7 +509,7 @@ int SSL_CTX_set_ssl_version(SSL_CTX *ctx
  
      sk = ssl_create_cipher_list(ctx->method, &(ctx->cipher_list),
@@ -274,7 +293,7 @@ diff -up openssl-1.1.0b/ssl/ssl_lib.c.system-cipherlist openssl-1.1.0b/ssl/ssl_l
      if ((sk == NULL) || (sk_SSL_CIPHER_num(sk) <= 0)) {
          SSLerr(SSL_F_SSL_CTX_SET_SSL_VERSION, SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS);
          return (0);
-@@ -2395,7 +2395,7 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *m
+@@ -2403,7 +2403,7 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *m
  #endif
      if (!ssl_create_cipher_list(ret->method,
                                  &ret->cipher_list, &ret->cipher_list_by_id,
@@ -283,9 +302,9 @@ diff -up openssl-1.1.0b/ssl/ssl_lib.c.system-cipherlist openssl-1.1.0b/ssl/ssl_l
          || sk_SSL_CIPHER_num(ret->cipher_list) <= 0) {
          SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_LIBRARY_HAS_NO_CIPHERS);
          goto err2;
-diff -up openssl-1.1.0b/test/cipherlist_test.c.system-cipherlist openssl-1.1.0b/test/cipherlist_test.c
---- openssl-1.1.0b/test/cipherlist_test.c.system-cipherlist	2016-09-26 11:46:08.000000000 +0200
-+++ openssl-1.1.0b/test/cipherlist_test.c	2016-09-26 17:18:29.380513853 +0200
+diff -up openssl-1.1.0e/test/cipherlist_test.c.system-cipherlist openssl-1.1.0e/test/cipherlist_test.c
+--- openssl-1.1.0e/test/cipherlist_test.c.system-cipherlist	2017-02-16 12:58:24.000000000 +0100
++++ openssl-1.1.0e/test/cipherlist_test.c	2017-02-16 16:15:38.677931853 +0100
 @@ -190,7 +190,9 @@ int main(int argc, char **argv)
  {
      int result = 0;
diff --git a/openssl.spec b/openssl.spec
index 4876a57..4f2d57d 100644
--- a/openssl.spec
+++ b/openssl.spec
@@ -21,8 +21,8 @@
 
 Summary: Utilities from the general purpose cryptography library with TLS implementation
 Name: openssl
-Version: 1.1.0d
-Release: 3%{?dist}
+Version: 1.1.0e
+Release: 1%{?dist}
 Epoch: 1
 # We have to remove certain patented algorithms from the openssl source
 # tarball with the hobble-openssl script which is included below.
@@ -61,7 +61,6 @@ Patch42: openssl-1.1.0-fips.patch
 Patch43: openssl-1.1.0-afalg-eventfd2.patch
 Patch44: openssl-1.1.0-bio-fd-preserve-nl.patch
 # Backported fixes including security fixes
-Patch60: openssl-1.1.0-backports.patch
 
 License: OpenSSL
 Group: System Environment/Libraries
@@ -162,8 +161,6 @@ cp %{SOURCE13} test/
 %patch43 -p1 -b .eventfd2
 %patch44 -p1 -b .preserve-nl
 
-%patch60 -p1 -b .backports
-
 %build
 # Figure out which flags we want to use.
 # default
@@ -430,6 +427,10 @@ export LD_LIBRARY_PATH
 %postun libs -p /sbin/ldconfig
 
 %changelog
+* Thu Feb 16 2017 Tomáš Mráz <tmraz@redhat.com> 1.1.0e-1
+- update to upstream version 1.1.0e
+- add documentation of the PROFILE=SYSTEM special cipher string (#1420232)
+
 * Sat Feb 11 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1:1.1.0d-3
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
 
diff --git a/sources b/sources
index e0f4a59..bbc4696 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-SHA512 (openssl-1.1.0d-hobbled.tar.xz) = 375cecff07762593606d5e3ea145cf3dfad8ab5ce2fa2b696ffa2fbff9b45b929259f481c44d1db475183030e70eb443ae8c73ee9257fb766597032b27654349
+SHA512 (openssl-1.1.0e-hobbled.tar.xz) = 7db753907c211427ed494d92915c255d05faf9b47f22febfffbfe2be602777b6b82d7c71793003c2ebbbf7f67708c80a72aacde2582501ae63761b1090523974