[openssl-commits] [openssl] master update

Rich Salz rsalz at openssl.org
Wed Jun 7 19:21:17 UTC 2017


The branch master has been updated
       via  52df25cf2e656146cb3b206d8220124f0417d03f (commit)
      from  be606c013d31847718ceb5d97c567988a771c2e5 (commit)


- Log -----------------------------------------------------------------
commit 52df25cf2e656146cb3b206d8220124f0417d03f
Author: Rich Salz <rsalz at openssl.org>
Date:   Wed Jun 7 15:12:03 2017 -0400

    make error tables const and separate header file
    
    Run perltidy on util/mkerr
    Change some mkerr flags, write some doc comments
    Make generated tables "const" when genearting lib-internal ones.
    Add "state" file for mkerr
    Renerate error tables and headers
    Rationalize declaration of ERR_load_XXX_strings
    Fix out-of-tree build
    Add -static; sort flags/vars for options.
    Also tweak code output
    Moved engines/afalg to engines (from master)
    Use -static flag
    Standard engine #include's of errors
    Don't linewrap err string tables unless necessary
    
    Reviewed-by: Richard Levitte <levitte at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/3392)

-----------------------------------------------------------------------

Summary of changes:
 .gitignore                        |    7 +
 Configurations/unix-Makefile.tmpl |   12 +-
 crypto/asn1/asn1_err.c            |  539 ++++----
 crypto/async/async_err.c          |   42 +-
 crypto/bio/bio_err.c              |  207 ++--
 crypto/bn/bn_err.c                |  162 +--
 crypto/buffer/buf_err.c           |   24 +-
 crypto/cms/cms_err.c              |  429 ++++---
 crypto/comp/comp_err.c            |   35 +-
 crypto/conf/conf_err.c            |  102 +-
 crypto/cpt_err.c                  |   57 +-
 crypto/ct/ct_err.c                |  125 +-
 crypto/dh/dh_err.c                |   85 +-
 crypto/dsa/dsa_err.c              |   93 +-
 crypto/dso/dso_err.c              |  135 +-
 crypto/ec/ec_err.c                |  506 ++++----
 crypto/engine/eng_err.c           |  207 ++--
 crypto/err/err.c                  |   89 +-
 crypto/err/openssl.ec             |  163 ++-
 crypto/err/openssl.txt            | 2461 +++++++++++++++++++++++++++++++++++++
 crypto/evp/evp_err.c              |  364 +++---
 crypto/kdf/kdf_err.c              |   30 +-
 crypto/objects/obj_err.c          |   36 +-
 crypto/ocsp/ocsp_err.c            |  132 +-
 crypto/pem/pem_err.c              |  185 +--
 crypto/pkcs12/pk12err.c           |  142 ++-
 crypto/pkcs7/pkcs7err.c           |  223 ++--
 crypto/rand/rand_err.c            |   22 +-
 crypto/rsa/rsa_err.c              |  342 +++---
 crypto/ts/ts_err.c                |  264 ++--
 crypto/ui/ui_err.c                |   89 +-
 crypto/x509/x509_err.c            |  229 ++--
 crypto/x509v3/v3err.c             |  367 +++---
 demos/engines/e_chil.txt          |   12 +
 engines/build.info                |    4 +-
 engines/e_afalg.c                 |    4 +-
 engines/e_afalg.ec                |    4 +-
 engines/e_afalg.txt               |   18 +
 engines/e_afalg_err.c             |  114 +-
 engines/e_afalg_err.h             |   49 +-
 engines/e_capi.ec                 |    4 +-
 engines/e_capi.txt                |   50 +
 engines/e_capi.txt.old            |   50 +
 engines/e_capi_err.c              |  180 ++-
 engines/e_capi_err.h              |   95 +-
 engines/e_dasync.c                |    1 -
 engines/e_dasync.ec               |    4 +-
 engines/e_dasync.txt              |   12 +
 engines/e_dasync.txt.old          |   12 +
 engines/e_dasync_err.c            |   91 +-
 engines/e_dasync_err.h            |   39 +-
 engines/e_ossltest.c              |    1 -
 engines/e_ossltest.ec             |    4 +-
 engines/e_ossltest.txt            |    3 +
 engines/e_ossltest.txt.old        |    3 +
 engines/e_ossltest_err.c          |   69 +-
 engines/e_ossltest_err.h          |   35 +-
 engines/e_padlock.ec              |    1 -
 include/internal/dso.h            |   64 +-
 include/internal/dsoerr.h         |   81 ++
 include/openssl/asn1.h            |  225 +---
 include/openssl/asn1err.h         |  239 ++++
 include/openssl/async.h           |   23 +-
 include/openssl/asyncerr.h        |   40 +
 include/openssl/bio.h             |   97 +-
 include/openssl/bioerr.h          |  113 ++
 include/openssl/bn.h              |   77 +-
 include/openssl/bnerr.h           |   94 ++
 include/openssl/buffer.h          |   16 +-
 include/openssl/buffererr.h       |   33 +
 include/openssl/cms.h             |  184 +--
 include/openssl/cmserr.h          |  192 +++
 include/openssl/comp.h            |   20 +-
 include/openssl/comperr.h         |   37 +
 include/openssl/conf.h            |   49 +-
 include/openssl/conferr.h         |   65 +
 include/openssl/crypto.h          |   27 +-
 include/openssl/cryptoerr.h       |   44 +
 include/openssl/ct.h              |   58 +-
 include/openssl/cterr.h           |   74 ++
 include/openssl/dh.h              |   45 +-
 include/openssl/dherr.h           |   62 +
 include/openssl/dsa.h             |   47 +-
 include/openssl/dsaerr.h          |   64 +
 include/openssl/ec.h              |  220 +---
 include/openssl/ecerr.h           |  237 ++++
 include/openssl/engine.h          |   85 +-
 include/openssl/engineerr.h       |  102 ++
 include/openssl/err.h             |    5 +-
 include/openssl/evp.h             |  150 +--
 include/openssl/evperr.h          |  167 +++
 include/openssl/kdf.h             |   19 +-
 include/openssl/kdferr.h          |   35 +
 include/openssl/objects.h         |   22 +-
 include/openssl/objectserr.h      |   39 +
 include/openssl/ocsp.h            |   54 +-
 include/openssl/ocsperr.h         |   71 ++
 include/openssl/pem.h             |   85 +-
 include/openssl/pemerr.h          |  101 ++
 include/openssl/pkcs12.h          |   61 +-
 include/openssl/pkcs12err.h       |   76 ++
 include/openssl/pkcs7.h           |   87 +-
 include/openssl/pkcs7err.h        |  102 ++
 include/openssl/rand.h            |   15 +-
 include/openssl/randerr.h         |   32 +
 include/openssl/rsa.h             |  141 +--
 include/openssl/rsaerr.h          |  157 +++
 include/openssl/ssl.h             |  626 +---------
 include/openssl/sslerr.h          |  643 ++++++++++
 include/openssl/ts.h              |  111 +-
 include/openssl/tserr.h           |  126 ++
 include/openssl/ui.h              |   44 +-
 include/openssl/uierr.h           |   61 +
 include/openssl/x509.h            |  103 +-
 include/openssl/x509err.h         |  118 ++
 include/openssl/x509v3.h          |  140 +--
 include/openssl/x509v3err.h       |  155 +++
 ssl/ssl_err.c                     | 1671 ++++++++++++++-----------
 util/libcrypto.num                |    1 +
 util/mkdef.pl                     |   79 +-
 util/mkerr.pl                     | 1255 +++++++++----------
 121 files changed, 10788 insertions(+), 7242 deletions(-)
 create mode 100644 crypto/err/openssl.txt
 create mode 100644 demos/engines/e_chil.txt
 create mode 100644 engines/e_afalg.txt
 create mode 100644 engines/e_capi.txt
 create mode 100644 engines/e_capi.txt.old
 create mode 100644 engines/e_dasync.txt
 create mode 100644 engines/e_dasync.txt.old
 create mode 100644 engines/e_ossltest.txt
 create mode 100644 engines/e_ossltest.txt.old
 delete mode 100644 engines/e_padlock.ec
 create mode 100644 include/internal/dsoerr.h
 create mode 100644 include/openssl/asn1err.h
 create mode 100644 include/openssl/asyncerr.h
 create mode 100644 include/openssl/bioerr.h
 create mode 100644 include/openssl/bnerr.h
 create mode 100644 include/openssl/buffererr.h
 create mode 100644 include/openssl/cmserr.h
 create mode 100644 include/openssl/comperr.h
 create mode 100644 include/openssl/conferr.h
 create mode 100644 include/openssl/cryptoerr.h
 create mode 100644 include/openssl/cterr.h
 create mode 100644 include/openssl/dherr.h
 create mode 100644 include/openssl/dsaerr.h
 create mode 100644 include/openssl/ecerr.h
 create mode 100644 include/openssl/engineerr.h
 create mode 100644 include/openssl/evperr.h
 create mode 100644 include/openssl/kdferr.h
 create mode 100644 include/openssl/objectserr.h
 create mode 100644 include/openssl/ocsperr.h
 create mode 100644 include/openssl/pemerr.h
 create mode 100644 include/openssl/pkcs12err.h
 create mode 100644 include/openssl/pkcs7err.h
 create mode 100644 include/openssl/randerr.h
 create mode 100644 include/openssl/rsaerr.h
 create mode 100644 include/openssl/sslerr.h
 create mode 100644 include/openssl/tserr.h
 create mode 100644 include/openssl/uierr.h
 create mode 100644 include/openssl/x509err.h
 create mode 100644 include/openssl/x509v3err.h
 mode change 100644 => 100755 util/mkerr.pl

diff --git a/.gitignore b/.gitignore
index e613e4d..9c496b2 100644
--- a/.gitignore
+++ b/.gitignore
@@ -30,6 +30,13 @@ Makefile
 /openssl/include/opensslconf.h
 /util/domd
 
+# error code files
+/crypto/err/openssl.txt.old
+/engines/e_afalg.txt.old
+/engines/e_capi.txt.old
+/engines/e_dasync.txt.old
+/engines/e_ossltest.txt.old
+
 # Executables
 /apps/openssl
 /test/sha256t
diff --git a/Configurations/unix-Makefile.tmpl b/Configurations/unix-Makefile.tmpl
index 132b83c..1293059 100644
--- a/Configurations/unix-Makefile.tmpl
+++ b/Configurations/unix-Makefile.tmpl
@@ -650,14 +650,16 @@ generate_crypto_asn1:
 	( cd $(SRCDIR); $(PERL) crypto/asn1/charmap.pl \
 			        > crypto/asn1/charmap.h )
 
+# Set to -force to force a rebuild
+ERROR_REBUILD=
 errors:
 	( cd $(SRCDIR); $(PERL) util/ck_errf.pl -strict */*.c */*/*.c )
-	( cd $(SRCDIR); $(PERL) util/mkerr.pl -recurse -write )
+	( cd $(SRCDIR); $(PERL) util/mkerr.pl $(ERROR_REBUILD) -internal )
 	( cd $(SRCDIR)/engines; \
-	  for e in *.ec; do \
-	      $(PERL) ../util/mkerr.pl -conf $$e \
-		      -nostatic -staticloader -write *.c; \
-	  done )
+          for E in *.ec ; do \
+              $(PERL) ../util/mkerr.pl $(ERROR_REBUILD) -static \
+                -conf $$E `basename $$E .ec`.c ; \
+          done )
 
 ordinals:
 	( b=`pwd`; cd $(SRCDIR); $(PERL) -I$$b util/mkdef.pl crypto update )
diff --git a/crypto/asn1/asn1_err.c b/crypto/asn1/asn1_err.c
index dd0e99e..da856b2 100644
--- a/crypto/asn1/asn1_err.c
+++ b/crypto/asn1/asn1_err.c
@@ -8,250 +8,312 @@
  * https://www.openssl.org/source/license.html
  */
 
-#include <stdio.h>
 #include <openssl/err.h>
-#include <openssl/asn1.h>
+#include <openssl/asn1err.h>
 
-/* BEGIN ERROR CODES */
 #ifndef OPENSSL_NO_ERR
 
-# define ERR_FUNC(func) ERR_PACK(ERR_LIB_ASN1,func,0)
-# define ERR_REASON(reason) ERR_PACK(ERR_LIB_ASN1,0,reason)
-
-static ERR_STRING_DATA ASN1_str_functs[] = {
-    {ERR_FUNC(ASN1_F_A2D_ASN1_OBJECT), "a2d_ASN1_OBJECT"},
-    {ERR_FUNC(ASN1_F_A2I_ASN1_INTEGER), "a2i_ASN1_INTEGER"},
-    {ERR_FUNC(ASN1_F_A2I_ASN1_STRING), "a2i_ASN1_STRING"},
-    {ERR_FUNC(ASN1_F_APPEND_EXP), "append_exp"},
-    {ERR_FUNC(ASN1_F_ASN1_BIT_STRING_SET_BIT), "ASN1_BIT_STRING_set_bit"},
-    {ERR_FUNC(ASN1_F_ASN1_CB), "asn1_cb"},
-    {ERR_FUNC(ASN1_F_ASN1_CHECK_TLEN), "asn1_check_tlen"},
-    {ERR_FUNC(ASN1_F_ASN1_COLLECT), "asn1_collect"},
-    {ERR_FUNC(ASN1_F_ASN1_D2I_EX_PRIMITIVE), "asn1_d2i_ex_primitive"},
-    {ERR_FUNC(ASN1_F_ASN1_D2I_FP), "ASN1_d2i_fp"},
-    {ERR_FUNC(ASN1_F_ASN1_D2I_READ_BIO), "asn1_d2i_read_bio"},
-    {ERR_FUNC(ASN1_F_ASN1_DIGEST), "ASN1_digest"},
-    {ERR_FUNC(ASN1_F_ASN1_DO_ADB), "asn1_do_adb"},
-    {ERR_FUNC(ASN1_F_ASN1_DO_LOCK), "asn1_do_lock"},
-    {ERR_FUNC(ASN1_F_ASN1_DUP), "ASN1_dup"},
-    {ERR_FUNC(ASN1_F_ASN1_EX_C2I), "asn1_ex_c2i"},
-    {ERR_FUNC(ASN1_F_ASN1_FIND_END), "asn1_find_end"},
-    {ERR_FUNC(ASN1_F_ASN1_GENERALIZEDTIME_ADJ), "ASN1_GENERALIZEDTIME_adj"},
-    {ERR_FUNC(ASN1_F_ASN1_GENERATE_V3), "ASN1_generate_v3"},
-    {ERR_FUNC(ASN1_F_ASN1_GET_INT64), "asn1_get_int64"},
-    {ERR_FUNC(ASN1_F_ASN1_GET_OBJECT), "ASN1_get_object"},
-    {ERR_FUNC(ASN1_F_ASN1_GET_UINT64), "asn1_get_uint64"},
-    {ERR_FUNC(ASN1_F_ASN1_I2D_BIO), "ASN1_i2d_bio"},
-    {ERR_FUNC(ASN1_F_ASN1_I2D_FP), "ASN1_i2d_fp"},
-    {ERR_FUNC(ASN1_F_ASN1_ITEM_D2I_FP), "ASN1_item_d2i_fp"},
-    {ERR_FUNC(ASN1_F_ASN1_ITEM_DUP), "ASN1_item_dup"},
-    {ERR_FUNC(ASN1_F_ASN1_ITEM_EMBED_D2I), "asn1_item_embed_d2i"},
-    {ERR_FUNC(ASN1_F_ASN1_ITEM_EMBED_NEW), "asn1_item_embed_new"},
-    {ERR_FUNC(ASN1_F_ASN1_ITEM_I2D_BIO), "ASN1_item_i2d_bio"},
-    {ERR_FUNC(ASN1_F_ASN1_ITEM_I2D_FP), "ASN1_item_i2d_fp"},
-    {ERR_FUNC(ASN1_F_ASN1_ITEM_PACK), "ASN1_item_pack"},
-    {ERR_FUNC(ASN1_F_ASN1_ITEM_SIGN), "ASN1_item_sign"},
-    {ERR_FUNC(ASN1_F_ASN1_ITEM_SIGN_CTX), "ASN1_item_sign_ctx"},
-    {ERR_FUNC(ASN1_F_ASN1_ITEM_UNPACK), "ASN1_item_unpack"},
-    {ERR_FUNC(ASN1_F_ASN1_ITEM_VERIFY), "ASN1_item_verify"},
-    {ERR_FUNC(ASN1_F_ASN1_MBSTRING_NCOPY), "ASN1_mbstring_ncopy"},
-    {ERR_FUNC(ASN1_F_ASN1_OBJECT_NEW), "ASN1_OBJECT_new"},
-    {ERR_FUNC(ASN1_F_ASN1_OUTPUT_DATA), "asn1_output_data"},
-    {ERR_FUNC(ASN1_F_ASN1_PCTX_NEW), "ASN1_PCTX_new"},
-    {ERR_FUNC(ASN1_F_ASN1_SCTX_NEW), "ASN1_SCTX_new"},
-    {ERR_FUNC(ASN1_F_ASN1_SIGN), "ASN1_sign"},
-    {ERR_FUNC(ASN1_F_ASN1_STR2TYPE), "asn1_str2type"},
-    {ERR_FUNC(ASN1_F_ASN1_STRING_GET_INT64), "asn1_string_get_int64"},
-    {ERR_FUNC(ASN1_F_ASN1_STRING_GET_UINT64), "asn1_string_get_uint64"},
-    {ERR_FUNC(ASN1_F_ASN1_STRING_SET), "ASN1_STRING_set"},
-    {ERR_FUNC(ASN1_F_ASN1_STRING_TABLE_ADD), "ASN1_STRING_TABLE_add"},
-    {ERR_FUNC(ASN1_F_ASN1_STRING_TO_BN), "asn1_string_to_bn"},
-    {ERR_FUNC(ASN1_F_ASN1_STRING_TYPE_NEW), "ASN1_STRING_type_new"},
-    {ERR_FUNC(ASN1_F_ASN1_TEMPLATE_EX_D2I), "asn1_template_ex_d2i"},
-    {ERR_FUNC(ASN1_F_ASN1_TEMPLATE_NEW), "asn1_template_new"},
-    {ERR_FUNC(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I), "asn1_template_noexp_d2i"},
-    {ERR_FUNC(ASN1_F_ASN1_TIME_ADJ), "ASN1_TIME_adj"},
-    {ERR_FUNC(ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING),
+static const ERR_STRING_DATA ASN1_str_functs[] = {
+    {ERR_PACK(ERR_LIB_ASN1, ASN1_F_A2D_ASN1_OBJECT, 0), "a2d_ASN1_OBJECT"},
+    {ERR_PACK(ERR_LIB_ASN1, ASN1_F_A2I_ASN1_INTEGER, 0), "a2i_ASN1_INTEGER"},
+    {ERR_PACK(ERR_LIB_ASN1, ASN1_F_A2I_ASN1_STRING, 0), "a2i_ASN1_STRING"},
+    {ERR_PACK(ERR_LIB_ASN1, ASN1_F_APPEND_EXP, 0), "append_exp"},
+    {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_BIT_STRING_SET_BIT, 0),
+     "ASN1_BIT_STRING_set_bit"},
+    {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_CB, 0), "asn1_cb"},
+    {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_CHECK_TLEN, 0), "asn1_check_tlen"},
+    {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_COLLECT, 0), "asn1_collect"},
+    {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_D2I_EX_PRIMITIVE, 0),
+     "asn1_d2i_ex_primitive"},
+    {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_D2I_FP, 0), "ASN1_d2i_fp"},
+    {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_D2I_READ_BIO, 0), "asn1_d2i_read_bio"},
+    {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_DIGEST, 0), "ASN1_digest"},
+    {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_DO_ADB, 0), "asn1_do_adb"},
+    {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_DO_LOCK, 0), "asn1_do_lock"},
+    {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_DUP, 0), "ASN1_dup"},
+    {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_EX_C2I, 0), "asn1_ex_c2i"},
+    {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_FIND_END, 0), "asn1_find_end"},
+    {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_GENERALIZEDTIME_ADJ, 0),
+     "ASN1_GENERALIZEDTIME_adj"},
+    {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_GENERATE_V3, 0), "ASN1_generate_v3"},
+    {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_GET_INT64, 0), "asn1_get_int64"},
+    {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_GET_OBJECT, 0), "ASN1_get_object"},
+    {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_GET_UINT64, 0), "asn1_get_uint64"},
+    {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_I2D_BIO, 0), "ASN1_i2d_bio"},
+    {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_I2D_FP, 0), "ASN1_i2d_fp"},
+    {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_ITEM_D2I_FP, 0), "ASN1_item_d2i_fp"},
+    {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_ITEM_DUP, 0), "ASN1_item_dup"},
+    {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_ITEM_EMBED_D2I, 0),
+     "asn1_item_embed_d2i"},
+    {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_ITEM_EMBED_NEW, 0),
+     "asn1_item_embed_new"},
+    {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_ITEM_I2D_BIO, 0), "ASN1_item_i2d_bio"},
+    {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_ITEM_I2D_FP, 0), "ASN1_item_i2d_fp"},
+    {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_ITEM_PACK, 0), "ASN1_item_pack"},
+    {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_ITEM_SIGN, 0), "ASN1_item_sign"},
+    {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_ITEM_SIGN_CTX, 0),
+     "ASN1_item_sign_ctx"},
+    {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_ITEM_UNPACK, 0), "ASN1_item_unpack"},
+    {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_ITEM_VERIFY, 0), "ASN1_item_verify"},
+    {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_MBSTRING_NCOPY, 0),
+     "ASN1_mbstring_ncopy"},
+    {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_OBJECT_NEW, 0), "ASN1_OBJECT_new"},
+    {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_OUTPUT_DATA, 0), "asn1_output_data"},
+    {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_PCTX_NEW, 0), "ASN1_PCTX_new"},
+    {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_SCTX_NEW, 0), "ASN1_SCTX_new"},
+    {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_SIGN, 0), "ASN1_sign"},
+    {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_STR2TYPE, 0), "asn1_str2type"},
+    {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_STRING_GET_INT64, 0),
+     "asn1_string_get_int64"},
+    {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_STRING_GET_UINT64, 0),
+     "asn1_string_get_uint64"},
+    {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_STRING_SET, 0), "ASN1_STRING_set"},
+    {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_STRING_TABLE_ADD, 0),
+     "ASN1_STRING_TABLE_add"},
+    {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_STRING_TO_BN, 0), "asn1_string_to_bn"},
+    {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_STRING_TYPE_NEW, 0),
+     "ASN1_STRING_type_new"},
+    {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_TEMPLATE_EX_D2I, 0),
+     "asn1_template_ex_d2i"},
+    {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_TEMPLATE_NEW, 0), "asn1_template_new"},
+    {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, 0),
+     "asn1_template_noexp_d2i"},
+    {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_TIME_ADJ, 0), "ASN1_TIME_adj"},
+    {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING, 0),
      "ASN1_TYPE_get_int_octetstring"},
-    {ERR_FUNC(ASN1_F_ASN1_TYPE_GET_OCTETSTRING), "ASN1_TYPE_get_octetstring"},
-    {ERR_FUNC(ASN1_F_ASN1_UTCTIME_ADJ), "ASN1_UTCTIME_adj"},
-    {ERR_FUNC(ASN1_F_ASN1_VERIFY), "ASN1_verify"},
-    {ERR_FUNC(ASN1_F_B64_READ_ASN1), "b64_read_asn1"},
-    {ERR_FUNC(ASN1_F_B64_WRITE_ASN1), "B64_write_ASN1"},
-    {ERR_FUNC(ASN1_F_BIO_NEW_NDEF), "BIO_new_NDEF"},
-    {ERR_FUNC(ASN1_F_BITSTR_CB), "bitstr_cb"},
-    {ERR_FUNC(ASN1_F_BN_TO_ASN1_STRING), "bn_to_asn1_string"},
-    {ERR_FUNC(ASN1_F_C2I_ASN1_BIT_STRING), "c2i_ASN1_BIT_STRING"},
-    {ERR_FUNC(ASN1_F_C2I_ASN1_INTEGER), "c2i_ASN1_INTEGER"},
-    {ERR_FUNC(ASN1_F_C2I_ASN1_OBJECT), "c2i_ASN1_OBJECT"},
-    {ERR_FUNC(ASN1_F_C2I_IBUF), "c2i_ibuf"},
-    {ERR_FUNC(ASN1_F_C2I_UINT64_INT), "c2i_uint64_int"},
-    {ERR_FUNC(ASN1_F_COLLECT_DATA), "collect_data"},
-    {ERR_FUNC(ASN1_F_D2I_ASN1_OBJECT), "d2i_ASN1_OBJECT"},
-    {ERR_FUNC(ASN1_F_D2I_ASN1_UINTEGER), "d2i_ASN1_UINTEGER"},
-    {ERR_FUNC(ASN1_F_D2I_AUTOPRIVATEKEY), "d2i_AutoPrivateKey"},
-    {ERR_FUNC(ASN1_F_D2I_PRIVATEKEY), "d2i_PrivateKey"},
-    {ERR_FUNC(ASN1_F_D2I_PUBLICKEY), "d2i_PublicKey"},
-    {ERR_FUNC(ASN1_F_DO_TCREATE), "do_tcreate"},
-    {ERR_FUNC(ASN1_F_I2D_ASN1_BIO_STREAM), "i2d_ASN1_bio_stream"},
-    {ERR_FUNC(ASN1_F_I2D_DSA_PUBKEY), "i2d_DSA_PUBKEY"},
-    {ERR_FUNC(ASN1_F_I2D_EC_PUBKEY), "i2d_EC_PUBKEY"},
-    {ERR_FUNC(ASN1_F_I2D_PRIVATEKEY), "i2d_PrivateKey"},
-    {ERR_FUNC(ASN1_F_I2D_PUBLICKEY), "i2d_PublicKey"},
-    {ERR_FUNC(ASN1_F_I2D_RSA_PUBKEY), "i2d_RSA_PUBKEY"},
-    {ERR_FUNC(ASN1_F_LONG_C2I), "long_c2i"},
-    {ERR_FUNC(ASN1_F_OID_MODULE_INIT), "oid_module_init"},
-    {ERR_FUNC(ASN1_F_PARSE_TAGGING), "parse_tagging"},
-    {ERR_FUNC(ASN1_F_PKCS5_PBE2_SET_IV), "PKCS5_pbe2_set_iv"},
-    {ERR_FUNC(ASN1_F_PKCS5_PBE2_SET_SCRYPT), "PKCS5_pbe2_set_scrypt"},
-    {ERR_FUNC(ASN1_F_PKCS5_PBE_SET), "PKCS5_pbe_set"},
-    {ERR_FUNC(ASN1_F_PKCS5_PBE_SET0_ALGOR), "PKCS5_pbe_set0_algor"},
-    {ERR_FUNC(ASN1_F_PKCS5_PBKDF2_SET), "PKCS5_pbkdf2_set"},
-    {ERR_FUNC(ASN1_F_PKCS5_SCRYPT_SET), "pkcs5_scrypt_set"},
-    {ERR_FUNC(ASN1_F_SMIME_READ_ASN1), "SMIME_read_ASN1"},
-    {ERR_FUNC(ASN1_F_SMIME_TEXT), "SMIME_text"},
-    {ERR_FUNC(ASN1_F_STBL_MODULE_INIT), "stbl_module_init"},
-    {ERR_FUNC(ASN1_F_UINT32_C2I), "uint32_c2i"},
-    {ERR_FUNC(ASN1_F_UINT64_C2I), "uint64_c2i"},
-    {ERR_FUNC(ASN1_F_X509_CRL_ADD0_REVOKED), "X509_CRL_add0_revoked"},
-    {ERR_FUNC(ASN1_F_X509_INFO_NEW), "X509_INFO_new"},
-    {ERR_FUNC(ASN1_F_X509_NAME_ENCODE), "x509_name_encode"},
-    {ERR_FUNC(ASN1_F_X509_NAME_EX_D2I), "x509_name_ex_d2i"},
-    {ERR_FUNC(ASN1_F_X509_NAME_EX_NEW), "x509_name_ex_new"},
-    {ERR_FUNC(ASN1_F_X509_PKEY_NEW), "X509_PKEY_new"},
+    {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_TYPE_GET_OCTETSTRING, 0),
+     "ASN1_TYPE_get_octetstring"},
+    {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_UTCTIME_ADJ, 0), "ASN1_UTCTIME_adj"},
+    {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_VERIFY, 0), "ASN1_verify"},
+    {ERR_PACK(ERR_LIB_ASN1, ASN1_F_B64_READ_ASN1, 0), "b64_read_asn1"},
+    {ERR_PACK(ERR_LIB_ASN1, ASN1_F_B64_WRITE_ASN1, 0), "B64_write_ASN1"},
+    {ERR_PACK(ERR_LIB_ASN1, ASN1_F_BIO_NEW_NDEF, 0), "BIO_new_NDEF"},
+    {ERR_PACK(ERR_LIB_ASN1, ASN1_F_BITSTR_CB, 0), "bitstr_cb"},
+    {ERR_PACK(ERR_LIB_ASN1, ASN1_F_BN_TO_ASN1_STRING, 0), "bn_to_asn1_string"},
+    {ERR_PACK(ERR_LIB_ASN1, ASN1_F_C2I_ASN1_BIT_STRING, 0),
+     "c2i_ASN1_BIT_STRING"},
+    {ERR_PACK(ERR_LIB_ASN1, ASN1_F_C2I_ASN1_INTEGER, 0), "c2i_ASN1_INTEGER"},
+    {ERR_PACK(ERR_LIB_ASN1, ASN1_F_C2I_ASN1_OBJECT, 0), "c2i_ASN1_OBJECT"},
+    {ERR_PACK(ERR_LIB_ASN1, ASN1_F_C2I_IBUF, 0), "c2i_ibuf"},
+    {ERR_PACK(ERR_LIB_ASN1, ASN1_F_C2I_UINT64_INT, 0), "c2i_uint64_int"},
+    {ERR_PACK(ERR_LIB_ASN1, ASN1_F_COLLECT_DATA, 0), "collect_data"},
+    {ERR_PACK(ERR_LIB_ASN1, ASN1_F_D2I_ASN1_OBJECT, 0), "d2i_ASN1_OBJECT"},
+    {ERR_PACK(ERR_LIB_ASN1, ASN1_F_D2I_ASN1_UINTEGER, 0), "d2i_ASN1_UINTEGER"},
+    {ERR_PACK(ERR_LIB_ASN1, ASN1_F_D2I_AUTOPRIVATEKEY, 0),
+     "d2i_AutoPrivateKey"},
+    {ERR_PACK(ERR_LIB_ASN1, ASN1_F_D2I_PRIVATEKEY, 0), "d2i_PrivateKey"},
+    {ERR_PACK(ERR_LIB_ASN1, ASN1_F_D2I_PUBLICKEY, 0), "d2i_PublicKey"},
+    {ERR_PACK(ERR_LIB_ASN1, ASN1_F_DO_TCREATE, 0), "do_tcreate"},
+    {ERR_PACK(ERR_LIB_ASN1, ASN1_F_I2D_ASN1_BIO_STREAM, 0),
+     "i2d_ASN1_bio_stream"},
+    {ERR_PACK(ERR_LIB_ASN1, ASN1_F_I2D_DSA_PUBKEY, 0), "i2d_DSA_PUBKEY"},
+    {ERR_PACK(ERR_LIB_ASN1, ASN1_F_I2D_EC_PUBKEY, 0), "i2d_EC_PUBKEY"},
+    {ERR_PACK(ERR_LIB_ASN1, ASN1_F_I2D_PRIVATEKEY, 0), "i2d_PrivateKey"},
+    {ERR_PACK(ERR_LIB_ASN1, ASN1_F_I2D_PUBLICKEY, 0), "i2d_PublicKey"},
+    {ERR_PACK(ERR_LIB_ASN1, ASN1_F_I2D_RSA_PUBKEY, 0), "i2d_RSA_PUBKEY"},
+    {ERR_PACK(ERR_LIB_ASN1, ASN1_F_LONG_C2I, 0), "long_c2i"},
+    {ERR_PACK(ERR_LIB_ASN1, ASN1_F_OID_MODULE_INIT, 0), "oid_module_init"},
+    {ERR_PACK(ERR_LIB_ASN1, ASN1_F_PARSE_TAGGING, 0), "parse_tagging"},
+    {ERR_PACK(ERR_LIB_ASN1, ASN1_F_PKCS5_PBE2_SET_IV, 0), "PKCS5_pbe2_set_iv"},
+    {ERR_PACK(ERR_LIB_ASN1, ASN1_F_PKCS5_PBE2_SET_SCRYPT, 0),
+     "PKCS5_pbe2_set_scrypt"},
+    {ERR_PACK(ERR_LIB_ASN1, ASN1_F_PKCS5_PBE_SET, 0), "PKCS5_pbe_set"},
+    {ERR_PACK(ERR_LIB_ASN1, ASN1_F_PKCS5_PBE_SET0_ALGOR, 0),
+     "PKCS5_pbe_set0_algor"},
+    {ERR_PACK(ERR_LIB_ASN1, ASN1_F_PKCS5_PBKDF2_SET, 0), "PKCS5_pbkdf2_set"},
+    {ERR_PACK(ERR_LIB_ASN1, ASN1_F_PKCS5_SCRYPT_SET, 0), "pkcs5_scrypt_set"},
+    {ERR_PACK(ERR_LIB_ASN1, ASN1_F_SMIME_READ_ASN1, 0), "SMIME_read_ASN1"},
+    {ERR_PACK(ERR_LIB_ASN1, ASN1_F_SMIME_TEXT, 0), "SMIME_text"},
+    {ERR_PACK(ERR_LIB_ASN1, ASN1_F_STBL_MODULE_INIT, 0), "stbl_module_init"},
+    {ERR_PACK(ERR_LIB_ASN1, ASN1_F_UINT32_C2I, 0), "uint32_c2i"},
+    {ERR_PACK(ERR_LIB_ASN1, ASN1_F_UINT64_C2I, 0), "uint64_c2i"},
+    {ERR_PACK(ERR_LIB_ASN1, ASN1_F_X509_CRL_ADD0_REVOKED, 0),
+     "X509_CRL_add0_revoked"},
+    {ERR_PACK(ERR_LIB_ASN1, ASN1_F_X509_INFO_NEW, 0), "X509_INFO_new"},
+    {ERR_PACK(ERR_LIB_ASN1, ASN1_F_X509_NAME_ENCODE, 0), "x509_name_encode"},
+    {ERR_PACK(ERR_LIB_ASN1, ASN1_F_X509_NAME_EX_D2I, 0), "x509_name_ex_d2i"},
+    {ERR_PACK(ERR_LIB_ASN1, ASN1_F_X509_NAME_EX_NEW, 0), "x509_name_ex_new"},
+    {ERR_PACK(ERR_LIB_ASN1, ASN1_F_X509_PKEY_NEW, 0), "X509_PKEY_new"},
     {0, NULL}
 };
 
-static ERR_STRING_DATA ASN1_str_reasons[] = {
-    {ERR_REASON(ASN1_R_ADDING_OBJECT), "adding object"},
-    {ERR_REASON(ASN1_R_ASN1_PARSE_ERROR), "asn1 parse error"},
-    {ERR_REASON(ASN1_R_ASN1_SIG_PARSE_ERROR), "asn1 sig parse error"},
-    {ERR_REASON(ASN1_R_AUX_ERROR), "aux error"},
-    {ERR_REASON(ASN1_R_BAD_OBJECT_HEADER), "bad object header"},
-    {ERR_REASON(ASN1_R_BMPSTRING_IS_WRONG_LENGTH),
-     "bmpstring is wrong length"},
-    {ERR_REASON(ASN1_R_BN_LIB), "bn lib"},
-    {ERR_REASON(ASN1_R_BOOLEAN_IS_WRONG_LENGTH), "boolean is wrong length"},
-    {ERR_REASON(ASN1_R_BUFFER_TOO_SMALL), "buffer too small"},
-    {ERR_REASON(ASN1_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER),
-     "cipher has no object identifier"},
-    {ERR_REASON(ASN1_R_CONTEXT_NOT_INITIALISED), "context not initialised"},
-    {ERR_REASON(ASN1_R_DATA_IS_WRONG), "data is wrong"},
-    {ERR_REASON(ASN1_R_DECODE_ERROR), "decode error"},
-    {ERR_REASON(ASN1_R_DEPTH_EXCEEDED), "depth exceeded"},
-    {ERR_REASON(ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED),
-     "digest and key type not supported"},
-    {ERR_REASON(ASN1_R_ENCODE_ERROR), "encode error"},
-    {ERR_REASON(ASN1_R_ERROR_GETTING_TIME), "error getting time"},
-    {ERR_REASON(ASN1_R_ERROR_LOADING_SECTION), "error loading section"},
-    {ERR_REASON(ASN1_R_ERROR_SETTING_CIPHER_PARAMS),
-     "error setting cipher params"},
-    {ERR_REASON(ASN1_R_EXPECTING_AN_INTEGER), "expecting an integer"},
-    {ERR_REASON(ASN1_R_EXPECTING_AN_OBJECT), "expecting an object"},
-    {ERR_REASON(ASN1_R_EXPLICIT_LENGTH_MISMATCH), "explicit length mismatch"},
-    {ERR_REASON(ASN1_R_EXPLICIT_TAG_NOT_CONSTRUCTED),
-     "explicit tag not constructed"},
-    {ERR_REASON(ASN1_R_FIELD_MISSING), "field missing"},
-    {ERR_REASON(ASN1_R_FIRST_NUM_TOO_LARGE), "first num too large"},
-    {ERR_REASON(ASN1_R_HEADER_TOO_LONG), "header too long"},
-    {ERR_REASON(ASN1_R_ILLEGAL_BITSTRING_FORMAT), "illegal bitstring format"},
-    {ERR_REASON(ASN1_R_ILLEGAL_BOOLEAN), "illegal boolean"},
-    {ERR_REASON(ASN1_R_ILLEGAL_CHARACTERS), "illegal characters"},
-    {ERR_REASON(ASN1_R_ILLEGAL_FORMAT), "illegal format"},
-    {ERR_REASON(ASN1_R_ILLEGAL_HEX), "illegal hex"},
-    {ERR_REASON(ASN1_R_ILLEGAL_IMPLICIT_TAG), "illegal implicit tag"},
-    {ERR_REASON(ASN1_R_ILLEGAL_INTEGER), "illegal integer"},
-    {ERR_REASON(ASN1_R_ILLEGAL_NEGATIVE_VALUE), "illegal negative value"},
-    {ERR_REASON(ASN1_R_ILLEGAL_NESTED_TAGGING), "illegal nested tagging"},
-    {ERR_REASON(ASN1_R_ILLEGAL_NULL), "illegal null"},
-    {ERR_REASON(ASN1_R_ILLEGAL_NULL_VALUE), "illegal null value"},
-    {ERR_REASON(ASN1_R_ILLEGAL_OBJECT), "illegal object"},
-    {ERR_REASON(ASN1_R_ILLEGAL_OPTIONAL_ANY), "illegal optional any"},
-    {ERR_REASON(ASN1_R_ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE),
-     "illegal options on item template"},
-    {ERR_REASON(ASN1_R_ILLEGAL_PADDING), "illegal padding"},
-    {ERR_REASON(ASN1_R_ILLEGAL_TAGGED_ANY), "illegal tagged any"},
-    {ERR_REASON(ASN1_R_ILLEGAL_TIME_VALUE), "illegal time value"},
-    {ERR_REASON(ASN1_R_ILLEGAL_ZERO_CONTENT), "illegal zero content"},
-    {ERR_REASON(ASN1_R_INTEGER_NOT_ASCII_FORMAT), "integer not ascii format"},
-    {ERR_REASON(ASN1_R_INTEGER_TOO_LARGE_FOR_LONG),
-     "integer too large for long"},
-    {ERR_REASON(ASN1_R_INVALID_BIT_STRING_BITS_LEFT),
-     "invalid bit string bits left"},
-    {ERR_REASON(ASN1_R_INVALID_BMPSTRING_LENGTH), "invalid bmpstring length"},
-    {ERR_REASON(ASN1_R_INVALID_DIGIT), "invalid digit"},
-    {ERR_REASON(ASN1_R_INVALID_MIME_TYPE), "invalid mime type"},
-    {ERR_REASON(ASN1_R_INVALID_MODIFIER), "invalid modifier"},
-    {ERR_REASON(ASN1_R_INVALID_NUMBER), "invalid number"},
-    {ERR_REASON(ASN1_R_INVALID_OBJECT_ENCODING), "invalid object encoding"},
-    {ERR_REASON(ASN1_R_INVALID_SCRYPT_PARAMETERS),
-     "invalid scrypt parameters"},
-    {ERR_REASON(ASN1_R_INVALID_SEPARATOR), "invalid separator"},
-    {ERR_REASON(ASN1_R_INVALID_STRING_TABLE_VALUE),
-     "invalid string table value"},
-    {ERR_REASON(ASN1_R_INVALID_UNIVERSALSTRING_LENGTH),
-     "invalid universalstring length"},
-    {ERR_REASON(ASN1_R_INVALID_UTF8STRING), "invalid utf8string"},
-    {ERR_REASON(ASN1_R_INVALID_VALUE), "invalid value"},
-    {ERR_REASON(ASN1_R_LIST_ERROR), "list error"},
-    {ERR_REASON(ASN1_R_MIME_NO_CONTENT_TYPE), "mime no content type"},
-    {ERR_REASON(ASN1_R_MIME_PARSE_ERROR), "mime parse error"},
-    {ERR_REASON(ASN1_R_MIME_SIG_PARSE_ERROR), "mime sig parse error"},
-    {ERR_REASON(ASN1_R_MISSING_EOC), "missing eoc"},
-    {ERR_REASON(ASN1_R_MISSING_SECOND_NUMBER), "missing second number"},
-    {ERR_REASON(ASN1_R_MISSING_VALUE), "missing value"},
-    {ERR_REASON(ASN1_R_MSTRING_NOT_UNIVERSAL), "mstring not universal"},
-    {ERR_REASON(ASN1_R_MSTRING_WRONG_TAG), "mstring wrong tag"},
-    {ERR_REASON(ASN1_R_NESTED_ASN1_STRING), "nested asn1 string"},
-    {ERR_REASON(ASN1_R_NON_HEX_CHARACTERS), "non hex characters"},
-    {ERR_REASON(ASN1_R_NOT_ASCII_FORMAT), "not ascii format"},
-    {ERR_REASON(ASN1_R_NOT_ENOUGH_DATA), "not enough data"},
-    {ERR_REASON(ASN1_R_NO_CONTENT_TYPE), "no content type"},
-    {ERR_REASON(ASN1_R_NO_MATCHING_CHOICE_TYPE), "no matching choice type"},
-    {ERR_REASON(ASN1_R_NO_MULTIPART_BODY_FAILURE),
-     "no multipart body failure"},
-    {ERR_REASON(ASN1_R_NO_MULTIPART_BOUNDARY), "no multipart boundary"},
-    {ERR_REASON(ASN1_R_NO_SIG_CONTENT_TYPE), "no sig content type"},
-    {ERR_REASON(ASN1_R_NULL_IS_WRONG_LENGTH), "null is wrong length"},
-    {ERR_REASON(ASN1_R_OBJECT_NOT_ASCII_FORMAT), "object not ascii format"},
-    {ERR_REASON(ASN1_R_ODD_NUMBER_OF_CHARS), "odd number of chars"},
-    {ERR_REASON(ASN1_R_SECOND_NUMBER_TOO_LARGE), "second number too large"},
-    {ERR_REASON(ASN1_R_SEQUENCE_LENGTH_MISMATCH), "sequence length mismatch"},
-    {ERR_REASON(ASN1_R_SEQUENCE_NOT_CONSTRUCTED), "sequence not constructed"},
-    {ERR_REASON(ASN1_R_SEQUENCE_OR_SET_NEEDS_CONFIG),
-     "sequence or set needs config"},
-    {ERR_REASON(ASN1_R_SHORT_LINE), "short line"},
-    {ERR_REASON(ASN1_R_SIG_INVALID_MIME_TYPE), "sig invalid mime type"},
-    {ERR_REASON(ASN1_R_STREAMING_NOT_SUPPORTED), "streaming not supported"},
-    {ERR_REASON(ASN1_R_STRING_TOO_LONG), "string too long"},
-    {ERR_REASON(ASN1_R_STRING_TOO_SHORT), "string too short"},
-    {ERR_REASON(ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD),
-     "the asn1 object identifier is not known for this md"},
-    {ERR_REASON(ASN1_R_TIME_NOT_ASCII_FORMAT), "time not ascii format"},
-    {ERR_REASON(ASN1_R_TOO_LARGE), "too large"},
-    {ERR_REASON(ASN1_R_TOO_LONG), "too long"},
-    {ERR_REASON(ASN1_R_TOO_SMALL), "too small"},
-    {ERR_REASON(ASN1_R_TYPE_NOT_CONSTRUCTED), "type not constructed"},
-    {ERR_REASON(ASN1_R_TYPE_NOT_PRIMITIVE), "type not primitive"},
-    {ERR_REASON(ASN1_R_UNEXPECTED_EOC), "unexpected eoc"},
-    {ERR_REASON(ASN1_R_UNIVERSALSTRING_IS_WRONG_LENGTH),
-     "universalstring is wrong length"},
-    {ERR_REASON(ASN1_R_UNKNOWN_FORMAT), "unknown format"},
-    {ERR_REASON(ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM),
-     "unknown message digest algorithm"},
-    {ERR_REASON(ASN1_R_UNKNOWN_OBJECT_TYPE), "unknown object type"},
-    {ERR_REASON(ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE), "unknown public key type"},
-    {ERR_REASON(ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM),
-     "unknown signature algorithm"},
-    {ERR_REASON(ASN1_R_UNKNOWN_TAG), "unknown tag"},
-    {ERR_REASON(ASN1_R_UNSUPPORTED_ANY_DEFINED_BY_TYPE),
-     "unsupported any defined by type"},
-    {ERR_REASON(ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE),
-     "unsupported public key type"},
-    {ERR_REASON(ASN1_R_UNSUPPORTED_TYPE), "unsupported type"},
-    {ERR_REASON(ASN1_R_WRONG_INTEGER_TYPE), "wrong integer type"},
-    {ERR_REASON(ASN1_R_WRONG_PUBLIC_KEY_TYPE), "wrong public key type"},
-    {ERR_REASON(ASN1_R_WRONG_TAG), "wrong tag"},
+static const ERR_STRING_DATA ASN1_str_reasons[] = {
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_ADDING_OBJECT), "adding object"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_ASN1_PARSE_ERROR), "asn1 parse error"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_ASN1_SIG_PARSE_ERROR),
+    "asn1 sig parse error"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_AUX_ERROR), "aux error"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_BAD_OBJECT_HEADER), "bad object header"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_BMPSTRING_IS_WRONG_LENGTH),
+    "bmpstring is wrong length"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_BN_LIB), "bn lib"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_BOOLEAN_IS_WRONG_LENGTH),
+    "boolean is wrong length"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_BUFFER_TOO_SMALL), "buffer too small"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER),
+    "cipher has no object identifier"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_CONTEXT_NOT_INITIALISED),
+    "context not initialised"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_DATA_IS_WRONG), "data is wrong"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_DECODE_ERROR), "decode error"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_DEPTH_EXCEEDED), "depth exceeded"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED),
+    "digest and key type not supported"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_ENCODE_ERROR), "encode error"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_ERROR_GETTING_TIME),
+    "error getting time"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_ERROR_LOADING_SECTION),
+    "error loading section"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_ERROR_SETTING_CIPHER_PARAMS),
+    "error setting cipher params"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_EXPECTING_AN_INTEGER),
+    "expecting an integer"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_EXPECTING_AN_OBJECT),
+    "expecting an object"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_EXPLICIT_LENGTH_MISMATCH),
+    "explicit length mismatch"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_EXPLICIT_TAG_NOT_CONSTRUCTED),
+    "explicit tag not constructed"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_FIELD_MISSING), "field missing"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_FIRST_NUM_TOO_LARGE),
+    "first num too large"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_HEADER_TOO_LONG), "header too long"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_ILLEGAL_BITSTRING_FORMAT),
+    "illegal bitstring format"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_ILLEGAL_BOOLEAN), "illegal boolean"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_ILLEGAL_CHARACTERS),
+    "illegal characters"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_ILLEGAL_FORMAT), "illegal format"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_ILLEGAL_HEX), "illegal hex"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_ILLEGAL_IMPLICIT_TAG),
+    "illegal implicit tag"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_ILLEGAL_INTEGER), "illegal integer"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_ILLEGAL_NEGATIVE_VALUE),
+    "illegal negative value"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_ILLEGAL_NESTED_TAGGING),
+    "illegal nested tagging"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_ILLEGAL_NULL), "illegal null"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_ILLEGAL_NULL_VALUE),
+    "illegal null value"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_ILLEGAL_OBJECT), "illegal object"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_ILLEGAL_OPTIONAL_ANY),
+    "illegal optional any"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE),
+    "illegal options on item template"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_ILLEGAL_PADDING), "illegal padding"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_ILLEGAL_TAGGED_ANY),
+    "illegal tagged any"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_ILLEGAL_TIME_VALUE),
+    "illegal time value"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_ILLEGAL_ZERO_CONTENT),
+    "illegal zero content"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_INTEGER_NOT_ASCII_FORMAT),
+    "integer not ascii format"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_INTEGER_TOO_LARGE_FOR_LONG),
+    "integer too large for long"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_INVALID_BIT_STRING_BITS_LEFT),
+    "invalid bit string bits left"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_INVALID_BMPSTRING_LENGTH),
+    "invalid bmpstring length"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_INVALID_DIGIT), "invalid digit"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_INVALID_MIME_TYPE), "invalid mime type"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_INVALID_MODIFIER), "invalid modifier"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_INVALID_NUMBER), "invalid number"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_INVALID_OBJECT_ENCODING),
+    "invalid object encoding"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_INVALID_SCRYPT_PARAMETERS),
+    "invalid scrypt parameters"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_INVALID_SEPARATOR), "invalid separator"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_INVALID_STRING_TABLE_VALUE),
+    "invalid string table value"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_INVALID_UNIVERSALSTRING_LENGTH),
+    "invalid universalstring length"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_INVALID_UTF8STRING),
+    "invalid utf8string"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_INVALID_VALUE), "invalid value"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_LIST_ERROR), "list error"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_MIME_NO_CONTENT_TYPE),
+    "mime no content type"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_MIME_PARSE_ERROR), "mime parse error"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_MIME_SIG_PARSE_ERROR),
+    "mime sig parse error"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_MISSING_EOC), "missing eoc"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_MISSING_SECOND_NUMBER),
+    "missing second number"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_MISSING_VALUE), "missing value"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_MSTRING_NOT_UNIVERSAL),
+    "mstring not universal"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_MSTRING_WRONG_TAG), "mstring wrong tag"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_NESTED_ASN1_STRING),
+    "nested asn1 string"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_NON_HEX_CHARACTERS),
+    "non hex characters"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_NOT_ASCII_FORMAT), "not ascii format"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_NOT_ENOUGH_DATA), "not enough data"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_NO_CONTENT_TYPE), "no content type"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_NO_MATCHING_CHOICE_TYPE),
+    "no matching choice type"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_NO_MULTIPART_BODY_FAILURE),
+    "no multipart body failure"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_NO_MULTIPART_BOUNDARY),
+    "no multipart boundary"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_NO_SIG_CONTENT_TYPE),
+    "no sig content type"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_NULL_IS_WRONG_LENGTH),
+    "null is wrong length"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_OBJECT_NOT_ASCII_FORMAT),
+    "object not ascii format"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_ODD_NUMBER_OF_CHARS),
+    "odd number of chars"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_SECOND_NUMBER_TOO_LARGE),
+    "second number too large"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_SEQUENCE_LENGTH_MISMATCH),
+    "sequence length mismatch"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_SEQUENCE_NOT_CONSTRUCTED),
+    "sequence not constructed"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_SEQUENCE_OR_SET_NEEDS_CONFIG),
+    "sequence or set needs config"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_SHORT_LINE), "short line"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_SIG_INVALID_MIME_TYPE),
+    "sig invalid mime type"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_STREAMING_NOT_SUPPORTED),
+    "streaming not supported"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_STRING_TOO_LONG), "string too long"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_STRING_TOO_SHORT), "string too short"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD),
+    "the asn1 object identifier is not known for this md"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_TIME_NOT_ASCII_FORMAT),
+    "time not ascii format"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_TOO_LARGE), "too large"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_TOO_LONG), "too long"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_TOO_SMALL), "too small"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_TYPE_NOT_CONSTRUCTED),
+    "type not constructed"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_TYPE_NOT_PRIMITIVE),
+    "type not primitive"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_UNEXPECTED_EOC), "unexpected eoc"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_UNIVERSALSTRING_IS_WRONG_LENGTH),
+    "universalstring is wrong length"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_UNKNOWN_FORMAT), "unknown format"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM),
+    "unknown message digest algorithm"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_UNKNOWN_OBJECT_TYPE),
+    "unknown object type"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE),
+    "unknown public key type"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM),
+    "unknown signature algorithm"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_UNKNOWN_TAG), "unknown tag"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_UNSUPPORTED_ANY_DEFINED_BY_TYPE),
+    "unsupported any defined by type"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE),
+    "unsupported public key type"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_UNSUPPORTED_TYPE), "unsupported type"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_WRONG_INTEGER_TYPE),
+    "wrong integer type"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_WRONG_PUBLIC_KEY_TYPE),
+    "wrong public key type"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_WRONG_TAG), "wrong tag"},
     {0, NULL}
 };
 
@@ -260,10 +322,9 @@ static ERR_STRING_DATA ASN1_str_reasons[] = {
 int ERR_load_ASN1_strings(void)
 {
 #ifndef OPENSSL_NO_ERR
-
     if (ERR_func_error_string(ASN1_str_functs[0].error) == NULL) {
-        ERR_load_strings(0, ASN1_str_functs);
-        ERR_load_strings(0, ASN1_str_reasons);
+        ERR_load_strings_const(ASN1_str_functs);
+        ERR_load_strings_const(ASN1_str_reasons);
     }
 #endif
     return 1;
diff --git a/crypto/async/async_err.c b/crypto/async/async_err.c
index ae97e96..d2d1011 100644
--- a/crypto/async/async_err.c
+++ b/crypto/async/async_err.c
@@ -1,6 +1,6 @@
 /*
  * Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -8,31 +8,30 @@
  * https://www.openssl.org/source/license.html
  */
 
-#include <stdio.h>
 #include <openssl/err.h>
-#include <openssl/async.h>
+#include <openssl/asyncerr.h>
 
-/* BEGIN ERROR CODES */
 #ifndef OPENSSL_NO_ERR
 
-# define ERR_FUNC(func) ERR_PACK(ERR_LIB_ASYNC,func,0)
-# define ERR_REASON(reason) ERR_PACK(ERR_LIB_ASYNC,0,reason)
-
-static ERR_STRING_DATA ASYNC_str_functs[] = {
-    {ERR_FUNC(ASYNC_F_ASYNC_CTX_NEW), "async_ctx_new"},
-    {ERR_FUNC(ASYNC_F_ASYNC_INIT_THREAD), "ASYNC_init_thread"},
-    {ERR_FUNC(ASYNC_F_ASYNC_JOB_NEW), "async_job_new"},
-    {ERR_FUNC(ASYNC_F_ASYNC_PAUSE_JOB), "ASYNC_pause_job"},
-    {ERR_FUNC(ASYNC_F_ASYNC_START_FUNC), "async_start_func"},
-    {ERR_FUNC(ASYNC_F_ASYNC_START_JOB), "ASYNC_start_job"},
+static const ERR_STRING_DATA ASYNC_str_functs[] = {
+    {ERR_PACK(ERR_LIB_ASYNC, ASYNC_F_ASYNC_CTX_NEW, 0), "async_ctx_new"},
+    {ERR_PACK(ERR_LIB_ASYNC, ASYNC_F_ASYNC_INIT_THREAD, 0),
+     "ASYNC_init_thread"},
+    {ERR_PACK(ERR_LIB_ASYNC, ASYNC_F_ASYNC_JOB_NEW, 0), "async_job_new"},
+    {ERR_PACK(ERR_LIB_ASYNC, ASYNC_F_ASYNC_PAUSE_JOB, 0), "ASYNC_pause_job"},
+    {ERR_PACK(ERR_LIB_ASYNC, ASYNC_F_ASYNC_START_FUNC, 0), "async_start_func"},
+    {ERR_PACK(ERR_LIB_ASYNC, ASYNC_F_ASYNC_START_JOB, 0), "ASYNC_start_job"},
     {0, NULL}
 };
 
-static ERR_STRING_DATA ASYNC_str_reasons[] = {
-    {ERR_REASON(ASYNC_R_FAILED_TO_SET_POOL), "failed to set pool"},
-    {ERR_REASON(ASYNC_R_FAILED_TO_SWAP_CONTEXT), "failed to swap context"},
-    {ERR_REASON(ASYNC_R_INIT_FAILED), "init failed"},
-    {ERR_REASON(ASYNC_R_INVALID_POOL_SIZE), "invalid pool size"},
+static const ERR_STRING_DATA ASYNC_str_reasons[] = {
+    {ERR_PACK(ERR_LIB_ASYNC, 0, ASYNC_R_FAILED_TO_SET_POOL),
+    "failed to set pool"},
+    {ERR_PACK(ERR_LIB_ASYNC, 0, ASYNC_R_FAILED_TO_SWAP_CONTEXT),
+    "failed to swap context"},
+    {ERR_PACK(ERR_LIB_ASYNC, 0, ASYNC_R_INIT_FAILED), "init failed"},
+    {ERR_PACK(ERR_LIB_ASYNC, 0, ASYNC_R_INVALID_POOL_SIZE),
+    "invalid pool size"},
     {0, NULL}
 };
 
@@ -41,10 +40,9 @@ static ERR_STRING_DATA ASYNC_str_reasons[] = {
 int ERR_load_ASYNC_strings(void)
 {
 #ifndef OPENSSL_NO_ERR
-
     if (ERR_func_error_string(ASYNC_str_functs[0].error) == NULL) {
-        ERR_load_strings(0, ASYNC_str_functs);
-        ERR_load_strings(0, ASYNC_str_reasons);
+        ERR_load_strings_const(ASYNC_str_functs);
+        ERR_load_strings_const(ASYNC_str_reasons);
     }
 #endif
     return 1;
diff --git a/crypto/bio/bio_err.c b/crypto/bio/bio_err.c
index 9442d80..50fc74b 100644
--- a/crypto/bio/bio_err.c
+++ b/crypto/bio/bio_err.c
@@ -8,112 +8,116 @@
  * https://www.openssl.org/source/license.html
  */
 
-#include <stdio.h>
 #include <openssl/err.h>
-#include <openssl/bio.h>
+#include <openssl/bioerr.h>
 
-/* BEGIN ERROR CODES */
 #ifndef OPENSSL_NO_ERR
 
-# define ERR_FUNC(func) ERR_PACK(ERR_LIB_BIO,func,0)
-# define ERR_REASON(reason) ERR_PACK(ERR_LIB_BIO,0,reason)
-
-static ERR_STRING_DATA BIO_str_functs[] = {
-    {ERR_FUNC(BIO_F_ACPT_STATE), "acpt_state"},
-    {ERR_FUNC(BIO_F_ADDR_STRINGS), "addr_strings"},
-    {ERR_FUNC(BIO_F_BIO_ACCEPT), "BIO_accept"},
-    {ERR_FUNC(BIO_F_BIO_ACCEPT_EX), "BIO_accept_ex"},
-    {ERR_FUNC(BIO_F_BIO_ADDR_NEW), "BIO_ADDR_new"},
-    {ERR_FUNC(BIO_F_BIO_CALLBACK_CTRL), "BIO_callback_ctrl"},
-    {ERR_FUNC(BIO_F_BIO_CONNECT), "BIO_connect"},
-    {ERR_FUNC(BIO_F_BIO_CTRL), "BIO_ctrl"},
-    {ERR_FUNC(BIO_F_BIO_GETS), "BIO_gets"},
-    {ERR_FUNC(BIO_F_BIO_GET_HOST_IP), "BIO_get_host_ip"},
-    {ERR_FUNC(BIO_F_BIO_GET_NEW_INDEX), "BIO_get_new_index"},
-    {ERR_FUNC(BIO_F_BIO_GET_PORT), "BIO_get_port"},
-    {ERR_FUNC(BIO_F_BIO_LISTEN), "BIO_listen"},
-    {ERR_FUNC(BIO_F_BIO_LOOKUP), "BIO_lookup"},
-    {ERR_FUNC(BIO_F_BIO_LOOKUP_EX), "BIO_lookup_ex"},
-    {ERR_FUNC(BIO_F_BIO_MAKE_PAIR), "bio_make_pair"},
-    {ERR_FUNC(BIO_F_BIO_NEW), "BIO_new"},
-    {ERR_FUNC(BIO_F_BIO_NEW_DGRAM_SCTP), "BIO_new_dgram_sctp"},
-    {ERR_FUNC(BIO_F_BIO_NEW_FILE), "BIO_new_file"},
-    {ERR_FUNC(BIO_F_BIO_NEW_MEM_BUF), "BIO_new_mem_buf"},
-    {ERR_FUNC(BIO_F_BIO_NREAD), "BIO_nread"},
-    {ERR_FUNC(BIO_F_BIO_NREAD0), "BIO_nread0"},
-    {ERR_FUNC(BIO_F_BIO_NWRITE), "BIO_nwrite"},
-    {ERR_FUNC(BIO_F_BIO_NWRITE0), "BIO_nwrite0"},
-    {ERR_FUNC(BIO_F_BIO_PARSE_HOSTSERV), "BIO_parse_hostserv"},
-    {ERR_FUNC(BIO_F_BIO_PUTS), "BIO_puts"},
-    {ERR_FUNC(BIO_F_BIO_READ), "BIO_read"},
-    {ERR_FUNC(BIO_F_BIO_READ_EX), "BIO_read_ex"},
-    {ERR_FUNC(BIO_F_BIO_READ_INTERN), "bio_read_intern"},
-    {ERR_FUNC(BIO_F_BIO_SOCKET), "BIO_socket"},
-    {ERR_FUNC(BIO_F_BIO_SOCKET_NBIO), "BIO_socket_nbio"},
-    {ERR_FUNC(BIO_F_BIO_SOCK_INFO), "BIO_sock_info"},
-    {ERR_FUNC(BIO_F_BIO_SOCK_INIT), "BIO_sock_init"},
-    {ERR_FUNC(BIO_F_BIO_WRITE), "BIO_write"},
-    {ERR_FUNC(BIO_F_BIO_WRITE_EX), "BIO_write_ex"},
-    {ERR_FUNC(BIO_F_BIO_WRITE_INTERN), "bio_write_intern"},
-    {ERR_FUNC(BIO_F_BUFFER_CTRL), "buffer_ctrl"},
-    {ERR_FUNC(BIO_F_CONN_CTRL), "conn_ctrl"},
-    {ERR_FUNC(BIO_F_CONN_STATE), "conn_state"},
-    {ERR_FUNC(BIO_F_DGRAM_SCTP_READ), "dgram_sctp_read"},
-    {ERR_FUNC(BIO_F_DGRAM_SCTP_WRITE), "dgram_sctp_write"},
-    {ERR_FUNC(BIO_F_FILE_CTRL), "file_ctrl"},
-    {ERR_FUNC(BIO_F_FILE_READ), "file_read"},
-    {ERR_FUNC(BIO_F_LINEBUFFER_CTRL), "linebuffer_ctrl"},
-    {ERR_FUNC(BIO_F_MEM_WRITE), "mem_write"},
-    {ERR_FUNC(BIO_F_SSL_NEW), "SSL_new"},
+static const ERR_STRING_DATA BIO_str_functs[] = {
+    {ERR_PACK(ERR_LIB_BIO, BIO_F_ACPT_STATE, 0), "acpt_state"},
+    {ERR_PACK(ERR_LIB_BIO, BIO_F_ADDR_STRINGS, 0), "addr_strings"},
+    {ERR_PACK(ERR_LIB_BIO, BIO_F_BIO_ACCEPT, 0), "BIO_accept"},
+    {ERR_PACK(ERR_LIB_BIO, BIO_F_BIO_ACCEPT_EX, 0), "BIO_accept_ex"},
+    {ERR_PACK(ERR_LIB_BIO, BIO_F_BIO_ADDR_NEW, 0), "BIO_ADDR_new"},
+    {ERR_PACK(ERR_LIB_BIO, BIO_F_BIO_CALLBACK_CTRL, 0), "BIO_callback_ctrl"},
+    {ERR_PACK(ERR_LIB_BIO, BIO_F_BIO_CONNECT, 0), "BIO_connect"},
+    {ERR_PACK(ERR_LIB_BIO, BIO_F_BIO_CTRL, 0), "BIO_ctrl"},
+    {ERR_PACK(ERR_LIB_BIO, BIO_F_BIO_GETS, 0), "BIO_gets"},
+    {ERR_PACK(ERR_LIB_BIO, BIO_F_BIO_GET_HOST_IP, 0), "BIO_get_host_ip"},
+    {ERR_PACK(ERR_LIB_BIO, BIO_F_BIO_GET_NEW_INDEX, 0), "BIO_get_new_index"},
+    {ERR_PACK(ERR_LIB_BIO, BIO_F_BIO_GET_PORT, 0), "BIO_get_port"},
+    {ERR_PACK(ERR_LIB_BIO, BIO_F_BIO_LISTEN, 0), "BIO_listen"},
+    {ERR_PACK(ERR_LIB_BIO, BIO_F_BIO_LOOKUP, 0), "BIO_lookup"},
+    {ERR_PACK(ERR_LIB_BIO, BIO_F_BIO_LOOKUP_EX, 0), "BIO_lookup_ex"},
+    {ERR_PACK(ERR_LIB_BIO, BIO_F_BIO_MAKE_PAIR, 0), "bio_make_pair"},
+    {ERR_PACK(ERR_LIB_BIO, BIO_F_BIO_NEW, 0), "BIO_new"},
+    {ERR_PACK(ERR_LIB_BIO, BIO_F_BIO_NEW_DGRAM_SCTP, 0), "BIO_new_dgram_sctp"},
+    {ERR_PACK(ERR_LIB_BIO, BIO_F_BIO_NEW_FILE, 0), "BIO_new_file"},
+    {ERR_PACK(ERR_LIB_BIO, BIO_F_BIO_NEW_MEM_BUF, 0), "BIO_new_mem_buf"},
+    {ERR_PACK(ERR_LIB_BIO, BIO_F_BIO_NREAD, 0), "BIO_nread"},
+    {ERR_PACK(ERR_LIB_BIO, BIO_F_BIO_NREAD0, 0), "BIO_nread0"},
+    {ERR_PACK(ERR_LIB_BIO, BIO_F_BIO_NWRITE, 0), "BIO_nwrite"},
+    {ERR_PACK(ERR_LIB_BIO, BIO_F_BIO_NWRITE0, 0), "BIO_nwrite0"},
+    {ERR_PACK(ERR_LIB_BIO, BIO_F_BIO_PARSE_HOSTSERV, 0), "BIO_parse_hostserv"},
+    {ERR_PACK(ERR_LIB_BIO, BIO_F_BIO_PUTS, 0), "BIO_puts"},
+    {ERR_PACK(ERR_LIB_BIO, BIO_F_BIO_READ, 0), "BIO_read"},
+    {ERR_PACK(ERR_LIB_BIO, BIO_F_BIO_READ_EX, 0), "BIO_read_ex"},
+    {ERR_PACK(ERR_LIB_BIO, BIO_F_BIO_READ_INTERN, 0), "bio_read_intern"},
+    {ERR_PACK(ERR_LIB_BIO, BIO_F_BIO_SOCKET, 0), "BIO_socket"},
+    {ERR_PACK(ERR_LIB_BIO, BIO_F_BIO_SOCKET_NBIO, 0), "BIO_socket_nbio"},
+    {ERR_PACK(ERR_LIB_BIO, BIO_F_BIO_SOCK_INFO, 0), "BIO_sock_info"},
+    {ERR_PACK(ERR_LIB_BIO, BIO_F_BIO_SOCK_INIT, 0), "BIO_sock_init"},
+    {ERR_PACK(ERR_LIB_BIO, BIO_F_BIO_WRITE, 0), "BIO_write"},
+    {ERR_PACK(ERR_LIB_BIO, BIO_F_BIO_WRITE_EX, 0), "BIO_write_ex"},
+    {ERR_PACK(ERR_LIB_BIO, BIO_F_BIO_WRITE_INTERN, 0), "bio_write_intern"},
+    {ERR_PACK(ERR_LIB_BIO, BIO_F_BUFFER_CTRL, 0), "buffer_ctrl"},
+    {ERR_PACK(ERR_LIB_BIO, BIO_F_CONN_CTRL, 0), "conn_ctrl"},
+    {ERR_PACK(ERR_LIB_BIO, BIO_F_CONN_STATE, 0), "conn_state"},
+    {ERR_PACK(ERR_LIB_BIO, BIO_F_DGRAM_SCTP_READ, 0), "dgram_sctp_read"},
+    {ERR_PACK(ERR_LIB_BIO, BIO_F_DGRAM_SCTP_WRITE, 0), "dgram_sctp_write"},
+    {ERR_PACK(ERR_LIB_BIO, BIO_F_FILE_CTRL, 0), "file_ctrl"},
+    {ERR_PACK(ERR_LIB_BIO, BIO_F_FILE_READ, 0), "file_read"},
+    {ERR_PACK(ERR_LIB_BIO, BIO_F_LINEBUFFER_CTRL, 0), "linebuffer_ctrl"},
+    {ERR_PACK(ERR_LIB_BIO, BIO_F_MEM_WRITE, 0), "mem_write"},
+    {ERR_PACK(ERR_LIB_BIO, BIO_F_SSL_NEW, 0), "SSL_new"},
     {0, NULL}
 };
 
-static ERR_STRING_DATA BIO_str_reasons[] = {
-    {ERR_REASON(BIO_R_ACCEPT_ERROR), "accept error"},
-    {ERR_REASON(BIO_R_ADDRINFO_ADDR_IS_NOT_AF_INET),
-     "addrinfo addr is not af inet"},
-    {ERR_REASON(BIO_R_AMBIGUOUS_HOST_OR_SERVICE),
-     "ambiguous host or service"},
-    {ERR_REASON(BIO_R_BAD_FOPEN_MODE), "bad fopen mode"},
-    {ERR_REASON(BIO_R_BROKEN_PIPE), "broken pipe"},
-    {ERR_REASON(BIO_R_CONNECT_ERROR), "connect error"},
-    {ERR_REASON(BIO_R_GETHOSTBYNAME_ADDR_IS_NOT_AF_INET),
-     "gethostbyname addr is not af inet"},
-    {ERR_REASON(BIO_R_GETSOCKNAME_ERROR), "getsockname error"},
-    {ERR_REASON(BIO_R_GETSOCKNAME_TRUNCATED_ADDRESS),
-     "getsockname truncated address"},
-    {ERR_REASON(BIO_R_GETTING_SOCKTYPE), "getting socktype"},
-    {ERR_REASON(BIO_R_INVALID_ARGUMENT), "invalid argument"},
-    {ERR_REASON(BIO_R_INVALID_SOCKET), "invalid socket"},
-    {ERR_REASON(BIO_R_IN_USE), "in use"},
-    {ERR_REASON(BIO_R_LENGTH_TOO_LONG), "length too long"},
-    {ERR_REASON(BIO_R_LISTEN_V6_ONLY), "listen v6 only"},
-    {ERR_REASON(BIO_R_LOOKUP_RETURNED_NOTHING), "lookup returned nothing"},
-    {ERR_REASON(BIO_R_MALFORMED_HOST_OR_SERVICE),
-     "malformed host or service"},
-    {ERR_REASON(BIO_R_NBIO_CONNECT_ERROR), "nbio connect error"},
-    {ERR_REASON(BIO_R_NO_ACCEPT_ADDR_OR_SERVICE_SPECIFIED),
-     "no accept addr or service specified"},
-    {ERR_REASON(BIO_R_NO_HOSTNAME_OR_SERVICE_SPECIFIED),
-     "no hostname or service specified"},
-    {ERR_REASON(BIO_R_NO_PORT_DEFINED), "no port defined"},
-    {ERR_REASON(BIO_R_NO_SUCH_FILE), "no such file"},
-    {ERR_REASON(BIO_R_NULL_PARAMETER), "null parameter"},
-    {ERR_REASON(BIO_R_UNABLE_TO_BIND_SOCKET), "unable to bind socket"},
-    {ERR_REASON(BIO_R_UNABLE_TO_CREATE_SOCKET), "unable to create socket"},
-    {ERR_REASON(BIO_R_UNABLE_TO_KEEPALIVE), "unable to keepalive"},
-    {ERR_REASON(BIO_R_UNABLE_TO_LISTEN_SOCKET), "unable to listen socket"},
-    {ERR_REASON(BIO_R_UNABLE_TO_NODELAY), "unable to nodelay"},
-    {ERR_REASON(BIO_R_UNABLE_TO_REUSEADDR), "unable to reuseaddr"},
-    {ERR_REASON(BIO_R_UNAVAILABLE_IP_FAMILY), "unavailable ip family"},
-    {ERR_REASON(BIO_R_UNINITIALIZED), "uninitialized"},
-    {ERR_REASON(BIO_R_UNKNOWN_INFO_TYPE), "unknown info type"},
-    {ERR_REASON(BIO_R_UNSUPPORTED_IP_FAMILY), "unsupported ip family"},
-    {ERR_REASON(BIO_R_UNSUPPORTED_METHOD), "unsupported method"},
-    {ERR_REASON(BIO_R_UNSUPPORTED_PROTOCOL_FAMILY),
-     "unsupported protocol family"},
-    {ERR_REASON(BIO_R_WRITE_TO_READ_ONLY_BIO), "write to read only BIO"},
-    {ERR_REASON(BIO_R_WSASTARTUP), "WSAStartup"},
+static const ERR_STRING_DATA BIO_str_reasons[] = {
+    {ERR_PACK(ERR_LIB_BIO, 0, BIO_R_ACCEPT_ERROR), "accept error"},
+    {ERR_PACK(ERR_LIB_BIO, 0, BIO_R_ADDRINFO_ADDR_IS_NOT_AF_INET),
+    "addrinfo addr is not af inet"},
+    {ERR_PACK(ERR_LIB_BIO, 0, BIO_R_AMBIGUOUS_HOST_OR_SERVICE),
+    "ambiguous host or service"},
+    {ERR_PACK(ERR_LIB_BIO, 0, BIO_R_BAD_FOPEN_MODE), "bad fopen mode"},
+    {ERR_PACK(ERR_LIB_BIO, 0, BIO_R_BROKEN_PIPE), "broken pipe"},
+    {ERR_PACK(ERR_LIB_BIO, 0, BIO_R_CONNECT_ERROR), "connect error"},
+    {ERR_PACK(ERR_LIB_BIO, 0, BIO_R_GETHOSTBYNAME_ADDR_IS_NOT_AF_INET),
+    "gethostbyname addr is not af inet"},
+    {ERR_PACK(ERR_LIB_BIO, 0, BIO_R_GETSOCKNAME_ERROR), "getsockname error"},
+    {ERR_PACK(ERR_LIB_BIO, 0, BIO_R_GETSOCKNAME_TRUNCATED_ADDRESS),
+    "getsockname truncated address"},
+    {ERR_PACK(ERR_LIB_BIO, 0, BIO_R_GETTING_SOCKTYPE), "getting socktype"},
+    {ERR_PACK(ERR_LIB_BIO, 0, BIO_R_INVALID_ARGUMENT), "invalid argument"},
+    {ERR_PACK(ERR_LIB_BIO, 0, BIO_R_INVALID_SOCKET), "invalid socket"},
+    {ERR_PACK(ERR_LIB_BIO, 0, BIO_R_IN_USE), "in use"},
+    {ERR_PACK(ERR_LIB_BIO, 0, BIO_R_LENGTH_TOO_LONG), "length too long"},
+    {ERR_PACK(ERR_LIB_BIO, 0, BIO_R_LISTEN_V6_ONLY), "listen v6 only"},
+    {ERR_PACK(ERR_LIB_BIO, 0, BIO_R_LOOKUP_RETURNED_NOTHING),
+    "lookup returned nothing"},
+    {ERR_PACK(ERR_LIB_BIO, 0, BIO_R_MALFORMED_HOST_OR_SERVICE),
+    "malformed host or service"},
+    {ERR_PACK(ERR_LIB_BIO, 0, BIO_R_NBIO_CONNECT_ERROR), "nbio connect error"},
+    {ERR_PACK(ERR_LIB_BIO, 0, BIO_R_NO_ACCEPT_ADDR_OR_SERVICE_SPECIFIED),
+    "no accept addr or service specified"},
+    {ERR_PACK(ERR_LIB_BIO, 0, BIO_R_NO_HOSTNAME_OR_SERVICE_SPECIFIED),
+    "no hostname or service specified"},
+    {ERR_PACK(ERR_LIB_BIO, 0, BIO_R_NO_PORT_DEFINED), "no port defined"},
+    {ERR_PACK(ERR_LIB_BIO, 0, BIO_R_NO_SUCH_FILE), "no such file"},
+    {ERR_PACK(ERR_LIB_BIO, 0, BIO_R_NULL_PARAMETER), "null parameter"},
+    {ERR_PACK(ERR_LIB_BIO, 0, BIO_R_UNABLE_TO_BIND_SOCKET),
+    "unable to bind socket"},
+    {ERR_PACK(ERR_LIB_BIO, 0, BIO_R_UNABLE_TO_CREATE_SOCKET),
+    "unable to create socket"},
+    {ERR_PACK(ERR_LIB_BIO, 0, BIO_R_UNABLE_TO_KEEPALIVE),
+    "unable to keepalive"},
+    {ERR_PACK(ERR_LIB_BIO, 0, BIO_R_UNABLE_TO_LISTEN_SOCKET),
+    "unable to listen socket"},
+    {ERR_PACK(ERR_LIB_BIO, 0, BIO_R_UNABLE_TO_NODELAY), "unable to nodelay"},
+    {ERR_PACK(ERR_LIB_BIO, 0, BIO_R_UNABLE_TO_REUSEADDR),
+    "unable to reuseaddr"},
+    {ERR_PACK(ERR_LIB_BIO, 0, BIO_R_UNAVAILABLE_IP_FAMILY),
+    "unavailable ip family"},
+    {ERR_PACK(ERR_LIB_BIO, 0, BIO_R_UNINITIALIZED), "uninitialized"},
+    {ERR_PACK(ERR_LIB_BIO, 0, BIO_R_UNKNOWN_INFO_TYPE), "unknown info type"},
+    {ERR_PACK(ERR_LIB_BIO, 0, BIO_R_UNSUPPORTED_IP_FAMILY),
+    "unsupported ip family"},
+    {ERR_PACK(ERR_LIB_BIO, 0, BIO_R_UNSUPPORTED_METHOD), "unsupported method"},
+    {ERR_PACK(ERR_LIB_BIO, 0, BIO_R_UNSUPPORTED_PROTOCOL_FAMILY),
+    "unsupported protocol family"},
+    {ERR_PACK(ERR_LIB_BIO, 0, BIO_R_WRITE_TO_READ_ONLY_BIO),
+    "write to read only BIO"},
+    {ERR_PACK(ERR_LIB_BIO, 0, BIO_R_WSASTARTUP), "WSAStartup"},
     {0, NULL}
 };
 
@@ -122,10 +126,9 @@ static ERR_STRING_DATA BIO_str_reasons[] = {
 int ERR_load_BIO_strings(void)
 {
 #ifndef OPENSSL_NO_ERR
-
     if (ERR_func_error_string(BIO_str_functs[0].error) == NULL) {
-        ERR_load_strings(0, BIO_str_functs);
-        ERR_load_strings(0, BIO_str_reasons);
+        ERR_load_strings_const(BIO_str_functs);
+        ERR_load_strings_const(BIO_str_reasons);
     }
 #endif
     return 1;
diff --git a/crypto/bn/bn_err.c b/crypto/bn/bn_err.c
index 5fe9db9..a086c49 100644
--- a/crypto/bn/bn_err.c
+++ b/crypto/bn/bn_err.c
@@ -1,6 +1,6 @@
 /*
  * Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -8,87 +8,94 @@
  * https://www.openssl.org/source/license.html
  */
 
-#include <stdio.h>
 #include <openssl/err.h>
-#include <openssl/bn.h>
+#include <openssl/bnerr.h>
 
-/* BEGIN ERROR CODES */
 #ifndef OPENSSL_NO_ERR
 
-# define ERR_FUNC(func) ERR_PACK(ERR_LIB_BN,func,0)
-# define ERR_REASON(reason) ERR_PACK(ERR_LIB_BN,0,reason)
-
-static ERR_STRING_DATA BN_str_functs[] = {
-    {ERR_FUNC(BN_F_BNRAND), "bnrand"},
-    {ERR_FUNC(BN_F_BN_BLINDING_CONVERT_EX), "BN_BLINDING_convert_ex"},
-    {ERR_FUNC(BN_F_BN_BLINDING_CREATE_PARAM), "BN_BLINDING_create_param"},
-    {ERR_FUNC(BN_F_BN_BLINDING_INVERT_EX), "BN_BLINDING_invert_ex"},
-    {ERR_FUNC(BN_F_BN_BLINDING_NEW), "BN_BLINDING_new"},
-    {ERR_FUNC(BN_F_BN_BLINDING_UPDATE), "BN_BLINDING_update"},
-    {ERR_FUNC(BN_F_BN_BN2DEC), "BN_bn2dec"},
-    {ERR_FUNC(BN_F_BN_BN2HEX), "BN_bn2hex"},
-    {ERR_FUNC(BN_F_BN_COMPUTE_WNAF), "bn_compute_wNAF"},
-    {ERR_FUNC(BN_F_BN_CTX_GET), "BN_CTX_get"},
-    {ERR_FUNC(BN_F_BN_CTX_NEW), "BN_CTX_new"},
-    {ERR_FUNC(BN_F_BN_CTX_START), "BN_CTX_start"},
-    {ERR_FUNC(BN_F_BN_DIV), "BN_div"},
-    {ERR_FUNC(BN_F_BN_DIV_RECP), "BN_div_recp"},
-    {ERR_FUNC(BN_F_BN_EXP), "BN_exp"},
-    {ERR_FUNC(BN_F_BN_EXPAND_INTERNAL), "bn_expand_internal"},
-    {ERR_FUNC(BN_F_BN_GENCB_NEW), "BN_GENCB_new"},
-    {ERR_FUNC(BN_F_BN_GENERATE_DSA_NONCE), "BN_generate_dsa_nonce"},
-    {ERR_FUNC(BN_F_BN_GENERATE_PRIME_EX), "BN_generate_prime_ex"},
-    {ERR_FUNC(BN_F_BN_GF2M_MOD), "BN_GF2m_mod"},
-    {ERR_FUNC(BN_F_BN_GF2M_MOD_EXP), "BN_GF2m_mod_exp"},
-    {ERR_FUNC(BN_F_BN_GF2M_MOD_MUL), "BN_GF2m_mod_mul"},
-    {ERR_FUNC(BN_F_BN_GF2M_MOD_SOLVE_QUAD), "BN_GF2m_mod_solve_quad"},
-    {ERR_FUNC(BN_F_BN_GF2M_MOD_SOLVE_QUAD_ARR), "BN_GF2m_mod_solve_quad_arr"},
-    {ERR_FUNC(BN_F_BN_GF2M_MOD_SQR), "BN_GF2m_mod_sqr"},
-    {ERR_FUNC(BN_F_BN_GF2M_MOD_SQRT), "BN_GF2m_mod_sqrt"},
-    {ERR_FUNC(BN_F_BN_LSHIFT), "BN_lshift"},
-    {ERR_FUNC(BN_F_BN_MOD_EXP2_MONT), "BN_mod_exp2_mont"},
-    {ERR_FUNC(BN_F_BN_MOD_EXP_MONT), "BN_mod_exp_mont"},
-    {ERR_FUNC(BN_F_BN_MOD_EXP_MONT_CONSTTIME), "BN_mod_exp_mont_consttime"},
-    {ERR_FUNC(BN_F_BN_MOD_EXP_MONT_WORD), "BN_mod_exp_mont_word"},
-    {ERR_FUNC(BN_F_BN_MOD_EXP_RECP), "BN_mod_exp_recp"},
-    {ERR_FUNC(BN_F_BN_MOD_EXP_SIMPLE), "BN_mod_exp_simple"},
-    {ERR_FUNC(BN_F_BN_MOD_INVERSE), "BN_mod_inverse"},
-    {ERR_FUNC(BN_F_BN_MOD_INVERSE_NO_BRANCH), "BN_mod_inverse_no_branch"},
-    {ERR_FUNC(BN_F_BN_MOD_LSHIFT_QUICK), "BN_mod_lshift_quick"},
-    {ERR_FUNC(BN_F_BN_MOD_SQRT), "BN_mod_sqrt"},
-    {ERR_FUNC(BN_F_BN_MPI2BN), "BN_mpi2bn"},
-    {ERR_FUNC(BN_F_BN_NEW), "BN_new"},
-    {ERR_FUNC(BN_F_BN_RAND), "BN_rand"},
-    {ERR_FUNC(BN_F_BN_RAND_RANGE), "BN_rand_range"},
-    {ERR_FUNC(BN_F_BN_RSHIFT), "BN_rshift"},
-    {ERR_FUNC(BN_F_BN_SET_WORDS), "bn_set_words"},
-    {ERR_FUNC(BN_F_BN_USUB), "BN_usub"},
+static const ERR_STRING_DATA BN_str_functs[] = {
+    {ERR_PACK(ERR_LIB_BN, BN_F_BNRAND, 0), "bnrand"},
+    {ERR_PACK(ERR_LIB_BN, BN_F_BN_BLINDING_CONVERT_EX, 0),
+     "BN_BLINDING_convert_ex"},
+    {ERR_PACK(ERR_LIB_BN, BN_F_BN_BLINDING_CREATE_PARAM, 0),
+     "BN_BLINDING_create_param"},
+    {ERR_PACK(ERR_LIB_BN, BN_F_BN_BLINDING_INVERT_EX, 0),
+     "BN_BLINDING_invert_ex"},
+    {ERR_PACK(ERR_LIB_BN, BN_F_BN_BLINDING_NEW, 0), "BN_BLINDING_new"},
+    {ERR_PACK(ERR_LIB_BN, BN_F_BN_BLINDING_UPDATE, 0), "BN_BLINDING_update"},
+    {ERR_PACK(ERR_LIB_BN, BN_F_BN_BN2DEC, 0), "BN_bn2dec"},
+    {ERR_PACK(ERR_LIB_BN, BN_F_BN_BN2HEX, 0), "BN_bn2hex"},
+    {ERR_PACK(ERR_LIB_BN, BN_F_BN_COMPUTE_WNAF, 0), "bn_compute_wNAF"},
+    {ERR_PACK(ERR_LIB_BN, BN_F_BN_CTX_GET, 0), "BN_CTX_get"},
+    {ERR_PACK(ERR_LIB_BN, BN_F_BN_CTX_NEW, 0), "BN_CTX_new"},
+    {ERR_PACK(ERR_LIB_BN, BN_F_BN_CTX_START, 0), "BN_CTX_start"},
+    {ERR_PACK(ERR_LIB_BN, BN_F_BN_DIV, 0), "BN_div"},
+    {ERR_PACK(ERR_LIB_BN, BN_F_BN_DIV_RECP, 0), "BN_div_recp"},
+    {ERR_PACK(ERR_LIB_BN, BN_F_BN_EXP, 0), "BN_exp"},
+    {ERR_PACK(ERR_LIB_BN, BN_F_BN_EXPAND_INTERNAL, 0), "bn_expand_internal"},
+    {ERR_PACK(ERR_LIB_BN, BN_F_BN_GENCB_NEW, 0), "BN_GENCB_new"},
+    {ERR_PACK(ERR_LIB_BN, BN_F_BN_GENERATE_DSA_NONCE, 0),
+     "BN_generate_dsa_nonce"},
+    {ERR_PACK(ERR_LIB_BN, BN_F_BN_GENERATE_PRIME_EX, 0),
+     "BN_generate_prime_ex"},
+    {ERR_PACK(ERR_LIB_BN, BN_F_BN_GF2M_MOD, 0), "BN_GF2m_mod"},
+    {ERR_PACK(ERR_LIB_BN, BN_F_BN_GF2M_MOD_EXP, 0), "BN_GF2m_mod_exp"},
+    {ERR_PACK(ERR_LIB_BN, BN_F_BN_GF2M_MOD_MUL, 0), "BN_GF2m_mod_mul"},
+    {ERR_PACK(ERR_LIB_BN, BN_F_BN_GF2M_MOD_SOLVE_QUAD, 0),
+     "BN_GF2m_mod_solve_quad"},
+    {ERR_PACK(ERR_LIB_BN, BN_F_BN_GF2M_MOD_SOLVE_QUAD_ARR, 0),
+     "BN_GF2m_mod_solve_quad_arr"},
+    {ERR_PACK(ERR_LIB_BN, BN_F_BN_GF2M_MOD_SQR, 0), "BN_GF2m_mod_sqr"},
+    {ERR_PACK(ERR_LIB_BN, BN_F_BN_GF2M_MOD_SQRT, 0), "BN_GF2m_mod_sqrt"},
+    {ERR_PACK(ERR_LIB_BN, BN_F_BN_LSHIFT, 0), "BN_lshift"},
+    {ERR_PACK(ERR_LIB_BN, BN_F_BN_MOD_EXP2_MONT, 0), "BN_mod_exp2_mont"},
+    {ERR_PACK(ERR_LIB_BN, BN_F_BN_MOD_EXP_MONT, 0), "BN_mod_exp_mont"},
+    {ERR_PACK(ERR_LIB_BN, BN_F_BN_MOD_EXP_MONT_CONSTTIME, 0),
+     "BN_mod_exp_mont_consttime"},
+    {ERR_PACK(ERR_LIB_BN, BN_F_BN_MOD_EXP_MONT_WORD, 0),
+     "BN_mod_exp_mont_word"},
+    {ERR_PACK(ERR_LIB_BN, BN_F_BN_MOD_EXP_RECP, 0), "BN_mod_exp_recp"},
+    {ERR_PACK(ERR_LIB_BN, BN_F_BN_MOD_EXP_SIMPLE, 0), "BN_mod_exp_simple"},
+    {ERR_PACK(ERR_LIB_BN, BN_F_BN_MOD_INVERSE, 0), "BN_mod_inverse"},
+    {ERR_PACK(ERR_LIB_BN, BN_F_BN_MOD_INVERSE_NO_BRANCH, 0),
+     "BN_mod_inverse_no_branch"},
+    {ERR_PACK(ERR_LIB_BN, BN_F_BN_MOD_LSHIFT_QUICK, 0), "BN_mod_lshift_quick"},
+    {ERR_PACK(ERR_LIB_BN, BN_F_BN_MOD_SQRT, 0), "BN_mod_sqrt"},
+    {ERR_PACK(ERR_LIB_BN, BN_F_BN_MPI2BN, 0), "BN_mpi2bn"},
+    {ERR_PACK(ERR_LIB_BN, BN_F_BN_NEW, 0), "BN_new"},
+    {ERR_PACK(ERR_LIB_BN, BN_F_BN_RAND, 0), "BN_rand"},
+    {ERR_PACK(ERR_LIB_BN, BN_F_BN_RAND_RANGE, 0), "BN_rand_range"},
+    {ERR_PACK(ERR_LIB_BN, BN_F_BN_RSHIFT, 0), "BN_rshift"},
+    {ERR_PACK(ERR_LIB_BN, BN_F_BN_SET_WORDS, 0), "bn_set_words"},
+    {ERR_PACK(ERR_LIB_BN, BN_F_BN_USUB, 0), "BN_usub"},
     {0, NULL}
 };
 
-static ERR_STRING_DATA BN_str_reasons[] = {
-    {ERR_REASON(BN_R_ARG2_LT_ARG3), "arg2 lt arg3"},
-    {ERR_REASON(BN_R_BAD_RECIPROCAL), "bad reciprocal"},
-    {ERR_REASON(BN_R_BIGNUM_TOO_LONG), "bignum too long"},
-    {ERR_REASON(BN_R_BITS_TOO_SMALL), "bits too small"},
-    {ERR_REASON(BN_R_CALLED_WITH_EVEN_MODULUS), "called with even modulus"},
-    {ERR_REASON(BN_R_DIV_BY_ZERO), "div by zero"},
-    {ERR_REASON(BN_R_ENCODING_ERROR), "encoding error"},
-    {ERR_REASON(BN_R_EXPAND_ON_STATIC_BIGNUM_DATA),
-     "expand on static bignum data"},
-    {ERR_REASON(BN_R_INPUT_NOT_REDUCED), "input not reduced"},
-    {ERR_REASON(BN_R_INVALID_LENGTH), "invalid length"},
-    {ERR_REASON(BN_R_INVALID_RANGE), "invalid range"},
-    {ERR_REASON(BN_R_INVALID_SHIFT), "invalid shift"},
-    {ERR_REASON(BN_R_NOT_A_SQUARE), "not a square"},
-    {ERR_REASON(BN_R_NOT_INITIALIZED), "not initialized"},
-    {ERR_REASON(BN_R_NO_INVERSE), "no inverse"},
-    {ERR_REASON(BN_R_NO_SOLUTION), "no solution"},
-    {ERR_REASON(BN_R_PRIVATE_KEY_TOO_LARGE), "private key too large"},
-    {ERR_REASON(BN_R_P_IS_NOT_PRIME), "p is not prime"},
-    {ERR_REASON(BN_R_TOO_MANY_ITERATIONS), "too many iterations"},
-    {ERR_REASON(BN_R_TOO_MANY_TEMPORARY_VARIABLES),
-     "too many temporary variables"},
+static const ERR_STRING_DATA BN_str_reasons[] = {
+    {ERR_PACK(ERR_LIB_BN, 0, BN_R_ARG2_LT_ARG3), "arg2 lt arg3"},
+    {ERR_PACK(ERR_LIB_BN, 0, BN_R_BAD_RECIPROCAL), "bad reciprocal"},
+    {ERR_PACK(ERR_LIB_BN, 0, BN_R_BIGNUM_TOO_LONG), "bignum too long"},
+    {ERR_PACK(ERR_LIB_BN, 0, BN_R_BITS_TOO_SMALL), "bits too small"},
+    {ERR_PACK(ERR_LIB_BN, 0, BN_R_CALLED_WITH_EVEN_MODULUS),
+    "called with even modulus"},
+    {ERR_PACK(ERR_LIB_BN, 0, BN_R_DIV_BY_ZERO), "div by zero"},
+    {ERR_PACK(ERR_LIB_BN, 0, BN_R_ENCODING_ERROR), "encoding error"},
+    {ERR_PACK(ERR_LIB_BN, 0, BN_R_EXPAND_ON_STATIC_BIGNUM_DATA),
+    "expand on static bignum data"},
+    {ERR_PACK(ERR_LIB_BN, 0, BN_R_INPUT_NOT_REDUCED), "input not reduced"},
+    {ERR_PACK(ERR_LIB_BN, 0, BN_R_INVALID_LENGTH), "invalid length"},
+    {ERR_PACK(ERR_LIB_BN, 0, BN_R_INVALID_RANGE), "invalid range"},
+    {ERR_PACK(ERR_LIB_BN, 0, BN_R_INVALID_SHIFT), "invalid shift"},
+    {ERR_PACK(ERR_LIB_BN, 0, BN_R_NOT_A_SQUARE), "not a square"},
+    {ERR_PACK(ERR_LIB_BN, 0, BN_R_NOT_INITIALIZED), "not initialized"},
+    {ERR_PACK(ERR_LIB_BN, 0, BN_R_NO_INVERSE), "no inverse"},
+    {ERR_PACK(ERR_LIB_BN, 0, BN_R_NO_SOLUTION), "no solution"},
+    {ERR_PACK(ERR_LIB_BN, 0, BN_R_PRIVATE_KEY_TOO_LARGE),
+    "private key too large"},
+    {ERR_PACK(ERR_LIB_BN, 0, BN_R_P_IS_NOT_PRIME), "p is not prime"},
+    {ERR_PACK(ERR_LIB_BN, 0, BN_R_TOO_MANY_ITERATIONS), "too many iterations"},
+    {ERR_PACK(ERR_LIB_BN, 0, BN_R_TOO_MANY_TEMPORARY_VARIABLES),
+    "too many temporary variables"},
     {0, NULL}
 };
 
@@ -97,10 +104,9 @@ static ERR_STRING_DATA BN_str_reasons[] = {
 int ERR_load_BN_strings(void)
 {
 #ifndef OPENSSL_NO_ERR
-
     if (ERR_func_error_string(BN_str_functs[0].error) == NULL) {
-        ERR_load_strings(0, BN_str_functs);
-        ERR_load_strings(0, BN_str_reasons);
+        ERR_load_strings_const(BN_str_functs);
+        ERR_load_strings_const(BN_str_reasons);
     }
 #endif
     return 1;
diff --git a/crypto/buffer/buf_err.c b/crypto/buffer/buf_err.c
index a6a2ab8..7e6e532 100644
--- a/crypto/buffer/buf_err.c
+++ b/crypto/buffer/buf_err.c
@@ -1,6 +1,6 @@
 /*
  * Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -8,24 +8,19 @@
  * https://www.openssl.org/source/license.html
  */
 
-#include <stdio.h>
 #include <openssl/err.h>
-#include <openssl/buffer.h>
+#include <openssl/buffererr.h>
 
-/* BEGIN ERROR CODES */
 #ifndef OPENSSL_NO_ERR
 
-# define ERR_FUNC(func) ERR_PACK(ERR_LIB_BUF,func,0)
-# define ERR_REASON(reason) ERR_PACK(ERR_LIB_BUF,0,reason)
-
-static ERR_STRING_DATA BUF_str_functs[] = {
-    {ERR_FUNC(BUF_F_BUF_MEM_GROW), "BUF_MEM_grow"},
-    {ERR_FUNC(BUF_F_BUF_MEM_GROW_CLEAN), "BUF_MEM_grow_clean"},
-    {ERR_FUNC(BUF_F_BUF_MEM_NEW), "BUF_MEM_new"},
+static const ERR_STRING_DATA BUF_str_functs[] = {
+    {ERR_PACK(ERR_LIB_BUF, BUF_F_BUF_MEM_GROW, 0), "BUF_MEM_grow"},
+    {ERR_PACK(ERR_LIB_BUF, BUF_F_BUF_MEM_GROW_CLEAN, 0), "BUF_MEM_grow_clean"},
+    {ERR_PACK(ERR_LIB_BUF, BUF_F_BUF_MEM_NEW, 0), "BUF_MEM_new"},
     {0, NULL}
 };
 
-static ERR_STRING_DATA BUF_str_reasons[] = {
+static const ERR_STRING_DATA BUF_str_reasons[] = {
     {0, NULL}
 };
 
@@ -34,10 +29,9 @@ static ERR_STRING_DATA BUF_str_reasons[] = {
 int ERR_load_BUF_strings(void)
 {
 #ifndef OPENSSL_NO_ERR
-
     if (ERR_func_error_string(BUF_str_functs[0].error) == NULL) {
-        ERR_load_strings(0, BUF_str_functs);
-        ERR_load_strings(0, BUF_str_reasons);
+        ERR_load_strings_const(BUF_str_functs);
+        ERR_load_strings_const(BUF_str_reasons);
     }
 #endif
     return 1;
diff --git a/crypto/cms/cms_err.c b/crypto/cms/cms_err.c
index 59afbbb..43a48b6 100644
--- a/crypto/cms/cms_err.c
+++ b/crypto/cms/cms_err.c
@@ -1,6 +1,6 @@
 /*
  * Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -8,238 +8,272 @@
  * https://www.openssl.org/source/license.html
  */
 
-#include <stdio.h>
 #include <openssl/err.h>
-#include <openssl/cms.h>
+#include <openssl/cmserr.h>
 
-/* BEGIN ERROR CODES */
 #ifndef OPENSSL_NO_ERR
 
-# define ERR_FUNC(func) ERR_PACK(ERR_LIB_CMS,func,0)
-# define ERR_REASON(reason) ERR_PACK(ERR_LIB_CMS,0,reason)
-
-static ERR_STRING_DATA CMS_str_functs[] = {
-    {ERR_FUNC(CMS_F_CHECK_CONTENT), "check_content"},
-    {ERR_FUNC(CMS_F_CMS_ADD0_CERT), "CMS_add0_cert"},
-    {ERR_FUNC(CMS_F_CMS_ADD0_RECIPIENT_KEY), "CMS_add0_recipient_key"},
-    {ERR_FUNC(CMS_F_CMS_ADD0_RECIPIENT_PASSWORD),
+static const ERR_STRING_DATA CMS_str_functs[] = {
+    {ERR_PACK(ERR_LIB_CMS, CMS_F_CHECK_CONTENT, 0), "check_content"},
+    {ERR_PACK(ERR_LIB_CMS, CMS_F_CMS_ADD0_CERT, 0), "CMS_add0_cert"},
+    {ERR_PACK(ERR_LIB_CMS, CMS_F_CMS_ADD0_RECIPIENT_KEY, 0),
+     "CMS_add0_recipient_key"},
+    {ERR_PACK(ERR_LIB_CMS, CMS_F_CMS_ADD0_RECIPIENT_PASSWORD, 0),
      "CMS_add0_recipient_password"},
-    {ERR_FUNC(CMS_F_CMS_ADD1_RECEIPTREQUEST), "CMS_add1_ReceiptRequest"},
-    {ERR_FUNC(CMS_F_CMS_ADD1_RECIPIENT_CERT), "CMS_add1_recipient_cert"},
-    {ERR_FUNC(CMS_F_CMS_ADD1_SIGNER), "CMS_add1_signer"},
-    {ERR_FUNC(CMS_F_CMS_ADD1_SIGNINGTIME), "cms_add1_signingTime"},
-    {ERR_FUNC(CMS_F_CMS_COMPRESS), "CMS_compress"},
-    {ERR_FUNC(CMS_F_CMS_COMPRESSEDDATA_CREATE), "cms_CompressedData_create"},
-    {ERR_FUNC(CMS_F_CMS_COMPRESSEDDATA_INIT_BIO),
+    {ERR_PACK(ERR_LIB_CMS, CMS_F_CMS_ADD1_RECEIPTREQUEST, 0),
+     "CMS_add1_ReceiptRequest"},
+    {ERR_PACK(ERR_LIB_CMS, CMS_F_CMS_ADD1_RECIPIENT_CERT, 0),
+     "CMS_add1_recipient_cert"},
+    {ERR_PACK(ERR_LIB_CMS, CMS_F_CMS_ADD1_SIGNER, 0), "CMS_add1_signer"},
+    {ERR_PACK(ERR_LIB_CMS, CMS_F_CMS_ADD1_SIGNINGTIME, 0),
+     "cms_add1_signingTime"},
+    {ERR_PACK(ERR_LIB_CMS, CMS_F_CMS_COMPRESS, 0), "CMS_compress"},
+    {ERR_PACK(ERR_LIB_CMS, CMS_F_CMS_COMPRESSEDDATA_CREATE, 0),
+     "cms_CompressedData_create"},
+    {ERR_PACK(ERR_LIB_CMS, CMS_F_CMS_COMPRESSEDDATA_INIT_BIO, 0),
      "cms_CompressedData_init_bio"},
-    {ERR_FUNC(CMS_F_CMS_COPY_CONTENT), "cms_copy_content"},
-    {ERR_FUNC(CMS_F_CMS_COPY_MESSAGEDIGEST), "cms_copy_messageDigest"},
-    {ERR_FUNC(CMS_F_CMS_DATA), "CMS_data"},
-    {ERR_FUNC(CMS_F_CMS_DATAFINAL), "CMS_dataFinal"},
-    {ERR_FUNC(CMS_F_CMS_DATAINIT), "CMS_dataInit"},
-    {ERR_FUNC(CMS_F_CMS_DECRYPT), "CMS_decrypt"},
-    {ERR_FUNC(CMS_F_CMS_DECRYPT_SET1_KEY), "CMS_decrypt_set1_key"},
-    {ERR_FUNC(CMS_F_CMS_DECRYPT_SET1_PASSWORD), "CMS_decrypt_set1_password"},
-    {ERR_FUNC(CMS_F_CMS_DECRYPT_SET1_PKEY), "CMS_decrypt_set1_pkey"},
-    {ERR_FUNC(CMS_F_CMS_DIGESTALGORITHM_FIND_CTX),
+    {ERR_PACK(ERR_LIB_CMS, CMS_F_CMS_COPY_CONTENT, 0), "cms_copy_content"},
+    {ERR_PACK(ERR_LIB_CMS, CMS_F_CMS_COPY_MESSAGEDIGEST, 0),
+     "cms_copy_messageDigest"},
+    {ERR_PACK(ERR_LIB_CMS, CMS_F_CMS_DATA, 0), "CMS_data"},
+    {ERR_PACK(ERR_LIB_CMS, CMS_F_CMS_DATAFINAL, 0), "CMS_dataFinal"},
+    {ERR_PACK(ERR_LIB_CMS, CMS_F_CMS_DATAINIT, 0), "CMS_dataInit"},
+    {ERR_PACK(ERR_LIB_CMS, CMS_F_CMS_DECRYPT, 0), "CMS_decrypt"},
+    {ERR_PACK(ERR_LIB_CMS, CMS_F_CMS_DECRYPT_SET1_KEY, 0),
+     "CMS_decrypt_set1_key"},
+    {ERR_PACK(ERR_LIB_CMS, CMS_F_CMS_DECRYPT_SET1_PASSWORD, 0),
+     "CMS_decrypt_set1_password"},
+    {ERR_PACK(ERR_LIB_CMS, CMS_F_CMS_DECRYPT_SET1_PKEY, 0),
+     "CMS_decrypt_set1_pkey"},
+    {ERR_PACK(ERR_LIB_CMS, CMS_F_CMS_DIGESTALGORITHM_FIND_CTX, 0),
      "cms_DigestAlgorithm_find_ctx"},
-    {ERR_FUNC(CMS_F_CMS_DIGESTALGORITHM_INIT_BIO),
+    {ERR_PACK(ERR_LIB_CMS, CMS_F_CMS_DIGESTALGORITHM_INIT_BIO, 0),
      "cms_DigestAlgorithm_init_bio"},
-    {ERR_FUNC(CMS_F_CMS_DIGESTEDDATA_DO_FINAL), "cms_DigestedData_do_final"},
-    {ERR_FUNC(CMS_F_CMS_DIGEST_VERIFY), "CMS_digest_verify"},
-    {ERR_FUNC(CMS_F_CMS_ENCODE_RECEIPT), "cms_encode_Receipt"},
-    {ERR_FUNC(CMS_F_CMS_ENCRYPT), "CMS_encrypt"},
-    {ERR_FUNC(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO),
+    {ERR_PACK(ERR_LIB_CMS, CMS_F_CMS_DIGESTEDDATA_DO_FINAL, 0),
+     "cms_DigestedData_do_final"},
+    {ERR_PACK(ERR_LIB_CMS, CMS_F_CMS_DIGEST_VERIFY, 0), "CMS_digest_verify"},
+    {ERR_PACK(ERR_LIB_CMS, CMS_F_CMS_ENCODE_RECEIPT, 0), "cms_encode_Receipt"},
+    {ERR_PACK(ERR_LIB_CMS, CMS_F_CMS_ENCRYPT, 0), "CMS_encrypt"},
+    {ERR_PACK(ERR_LIB_CMS, CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO, 0),
      "cms_EncryptedContent_init_bio"},
-    {ERR_FUNC(CMS_F_CMS_ENCRYPTEDDATA_DECRYPT), "CMS_EncryptedData_decrypt"},
-    {ERR_FUNC(CMS_F_CMS_ENCRYPTEDDATA_ENCRYPT), "CMS_EncryptedData_encrypt"},
-    {ERR_FUNC(CMS_F_CMS_ENCRYPTEDDATA_SET1_KEY),
+    {ERR_PACK(ERR_LIB_CMS, CMS_F_CMS_ENCRYPTEDDATA_DECRYPT, 0),
+     "CMS_EncryptedData_decrypt"},
+    {ERR_PACK(ERR_LIB_CMS, CMS_F_CMS_ENCRYPTEDDATA_ENCRYPT, 0),
+     "CMS_EncryptedData_encrypt"},
+    {ERR_PACK(ERR_LIB_CMS, CMS_F_CMS_ENCRYPTEDDATA_SET1_KEY, 0),
      "CMS_EncryptedData_set1_key"},
-    {ERR_FUNC(CMS_F_CMS_ENVELOPEDDATA_CREATE), "CMS_EnvelopedData_create"},
-    {ERR_FUNC(CMS_F_CMS_ENVELOPEDDATA_INIT_BIO),
+    {ERR_PACK(ERR_LIB_CMS, CMS_F_CMS_ENVELOPEDDATA_CREATE, 0),
+     "CMS_EnvelopedData_create"},
+    {ERR_PACK(ERR_LIB_CMS, CMS_F_CMS_ENVELOPEDDATA_INIT_BIO, 0),
      "cms_EnvelopedData_init_bio"},
-    {ERR_FUNC(CMS_F_CMS_ENVELOPED_DATA_INIT), "cms_enveloped_data_init"},
-    {ERR_FUNC(CMS_F_CMS_ENV_ASN1_CTRL), "cms_env_asn1_ctrl"},
-    {ERR_FUNC(CMS_F_CMS_FINAL), "CMS_final"},
-    {ERR_FUNC(CMS_F_CMS_GET0_CERTIFICATE_CHOICES),
+    {ERR_PACK(ERR_LIB_CMS, CMS_F_CMS_ENVELOPED_DATA_INIT, 0),
+     "cms_enveloped_data_init"},
+    {ERR_PACK(ERR_LIB_CMS, CMS_F_CMS_ENV_ASN1_CTRL, 0), "cms_env_asn1_ctrl"},
+    {ERR_PACK(ERR_LIB_CMS, CMS_F_CMS_FINAL, 0), "CMS_final"},
+    {ERR_PACK(ERR_LIB_CMS, CMS_F_CMS_GET0_CERTIFICATE_CHOICES, 0),
      "cms_get0_certificate_choices"},
-    {ERR_FUNC(CMS_F_CMS_GET0_CONTENT), "CMS_get0_content"},
-    {ERR_FUNC(CMS_F_CMS_GET0_ECONTENT_TYPE), "cms_get0_econtent_type"},
-    {ERR_FUNC(CMS_F_CMS_GET0_ENVELOPED), "cms_get0_enveloped"},
-    {ERR_FUNC(CMS_F_CMS_GET0_REVOCATION_CHOICES),
+    {ERR_PACK(ERR_LIB_CMS, CMS_F_CMS_GET0_CONTENT, 0), "CMS_get0_content"},
+    {ERR_PACK(ERR_LIB_CMS, CMS_F_CMS_GET0_ECONTENT_TYPE, 0),
+     "cms_get0_econtent_type"},
+    {ERR_PACK(ERR_LIB_CMS, CMS_F_CMS_GET0_ENVELOPED, 0), "cms_get0_enveloped"},
+    {ERR_PACK(ERR_LIB_CMS, CMS_F_CMS_GET0_REVOCATION_CHOICES, 0),
      "cms_get0_revocation_choices"},
-    {ERR_FUNC(CMS_F_CMS_GET0_SIGNED), "cms_get0_signed"},
-    {ERR_FUNC(CMS_F_CMS_MSGSIGDIGEST_ADD1), "cms_msgSigDigest_add1"},
-    {ERR_FUNC(CMS_F_CMS_RECEIPTREQUEST_CREATE0),
+    {ERR_PACK(ERR_LIB_CMS, CMS_F_CMS_GET0_SIGNED, 0), "cms_get0_signed"},
+    {ERR_PACK(ERR_LIB_CMS, CMS_F_CMS_MSGSIGDIGEST_ADD1, 0),
+     "cms_msgSigDigest_add1"},
+    {ERR_PACK(ERR_LIB_CMS, CMS_F_CMS_RECEIPTREQUEST_CREATE0, 0),
      "CMS_ReceiptRequest_create0"},
-    {ERR_FUNC(CMS_F_CMS_RECEIPT_VERIFY), "cms_Receipt_verify"},
-    {ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_DECRYPT), "CMS_RecipientInfo_decrypt"},
-    {ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_ENCRYPT), "CMS_RecipientInfo_encrypt"},
-    {ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_KARI_ENCRYPT),
+    {ERR_PACK(ERR_LIB_CMS, CMS_F_CMS_RECEIPT_VERIFY, 0), "cms_Receipt_verify"},
+    {ERR_PACK(ERR_LIB_CMS, CMS_F_CMS_RECIPIENTINFO_DECRYPT, 0),
+     "CMS_RecipientInfo_decrypt"},
+    {ERR_PACK(ERR_LIB_CMS, CMS_F_CMS_RECIPIENTINFO_ENCRYPT, 0),
+     "CMS_RecipientInfo_encrypt"},
+    {ERR_PACK(ERR_LIB_CMS, CMS_F_CMS_RECIPIENTINFO_KARI_ENCRYPT, 0),
      "cms_RecipientInfo_kari_encrypt"},
-    {ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_KARI_GET0_ALG),
+    {ERR_PACK(ERR_LIB_CMS, CMS_F_CMS_RECIPIENTINFO_KARI_GET0_ALG, 0),
      "CMS_RecipientInfo_kari_get0_alg"},
-    {ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_KARI_GET0_ORIG_ID),
+    {ERR_PACK(ERR_LIB_CMS, CMS_F_CMS_RECIPIENTINFO_KARI_GET0_ORIG_ID, 0),
      "CMS_RecipientInfo_kari_get0_orig_id"},
-    {ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_KARI_GET0_REKS),
+    {ERR_PACK(ERR_LIB_CMS, CMS_F_CMS_RECIPIENTINFO_KARI_GET0_REKS, 0),
      "CMS_RecipientInfo_kari_get0_reks"},
-    {ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_KARI_ORIG_ID_CMP),
+    {ERR_PACK(ERR_LIB_CMS, CMS_F_CMS_RECIPIENTINFO_KARI_ORIG_ID_CMP, 0),
      "CMS_RecipientInfo_kari_orig_id_cmp"},
-    {ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_KEKRI_DECRYPT),
+    {ERR_PACK(ERR_LIB_CMS, CMS_F_CMS_RECIPIENTINFO_KEKRI_DECRYPT, 0),
      "cms_RecipientInfo_kekri_decrypt"},
-    {ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_KEKRI_ENCRYPT),
+    {ERR_PACK(ERR_LIB_CMS, CMS_F_CMS_RECIPIENTINFO_KEKRI_ENCRYPT, 0),
      "cms_RecipientInfo_kekri_encrypt"},
-    {ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_KEKRI_GET0_ID),
+    {ERR_PACK(ERR_LIB_CMS, CMS_F_CMS_RECIPIENTINFO_KEKRI_GET0_ID, 0),
      "CMS_RecipientInfo_kekri_get0_id"},
-    {ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_KEKRI_ID_CMP),
+    {ERR_PACK(ERR_LIB_CMS, CMS_F_CMS_RECIPIENTINFO_KEKRI_ID_CMP, 0),
      "CMS_RecipientInfo_kekri_id_cmp"},
-    {ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_KTRI_CERT_CMP),
+    {ERR_PACK(ERR_LIB_CMS, CMS_F_CMS_RECIPIENTINFO_KTRI_CERT_CMP, 0),
      "CMS_RecipientInfo_ktri_cert_cmp"},
-    {ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_KTRI_DECRYPT),
+    {ERR_PACK(ERR_LIB_CMS, CMS_F_CMS_RECIPIENTINFO_KTRI_DECRYPT, 0),
      "cms_RecipientInfo_ktri_decrypt"},
-    {ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_KTRI_ENCRYPT),
+    {ERR_PACK(ERR_LIB_CMS, CMS_F_CMS_RECIPIENTINFO_KTRI_ENCRYPT, 0),
      "cms_RecipientInfo_ktri_encrypt"},
-    {ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_KTRI_GET0_ALGS),
+    {ERR_PACK(ERR_LIB_CMS, CMS_F_CMS_RECIPIENTINFO_KTRI_GET0_ALGS, 0),
      "CMS_RecipientInfo_ktri_get0_algs"},
-    {ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_KTRI_GET0_SIGNER_ID),
+    {ERR_PACK(ERR_LIB_CMS, CMS_F_CMS_RECIPIENTINFO_KTRI_GET0_SIGNER_ID, 0),
      "CMS_RecipientInfo_ktri_get0_signer_id"},
-    {ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT),
+    {ERR_PACK(ERR_LIB_CMS, CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT, 0),
      "cms_RecipientInfo_pwri_crypt"},
-    {ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_SET0_KEY),
+    {ERR_PACK(ERR_LIB_CMS, CMS_F_CMS_RECIPIENTINFO_SET0_KEY, 0),
      "CMS_RecipientInfo_set0_key"},
-    {ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_SET0_PASSWORD),
+    {ERR_PACK(ERR_LIB_CMS, CMS_F_CMS_RECIPIENTINFO_SET0_PASSWORD, 0),
      "CMS_RecipientInfo_set0_password"},
-    {ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_SET0_PKEY),
+    {ERR_PACK(ERR_LIB_CMS, CMS_F_CMS_RECIPIENTINFO_SET0_PKEY, 0),
      "CMS_RecipientInfo_set0_pkey"},
-    {ERR_FUNC(CMS_F_CMS_SD_ASN1_CTRL), "cms_sd_asn1_ctrl"},
-    {ERR_FUNC(CMS_F_CMS_SET1_IAS), "cms_set1_ias"},
-    {ERR_FUNC(CMS_F_CMS_SET1_KEYID), "cms_set1_keyid"},
-    {ERR_FUNC(CMS_F_CMS_SET1_SIGNERIDENTIFIER), "cms_set1_SignerIdentifier"},
-    {ERR_FUNC(CMS_F_CMS_SET_DETACHED), "CMS_set_detached"},
-    {ERR_FUNC(CMS_F_CMS_SIGN), "CMS_sign"},
-    {ERR_FUNC(CMS_F_CMS_SIGNED_DATA_INIT), "cms_signed_data_init"},
-    {ERR_FUNC(CMS_F_CMS_SIGNERINFO_CONTENT_SIGN),
+    {ERR_PACK(ERR_LIB_CMS, CMS_F_CMS_SD_ASN1_CTRL, 0), "cms_sd_asn1_ctrl"},
+    {ERR_PACK(ERR_LIB_CMS, CMS_F_CMS_SET1_IAS, 0), "cms_set1_ias"},
+    {ERR_PACK(ERR_LIB_CMS, CMS_F_CMS_SET1_KEYID, 0), "cms_set1_keyid"},
+    {ERR_PACK(ERR_LIB_CMS, CMS_F_CMS_SET1_SIGNERIDENTIFIER, 0),
+     "cms_set1_SignerIdentifier"},
+    {ERR_PACK(ERR_LIB_CMS, CMS_F_CMS_SET_DETACHED, 0), "CMS_set_detached"},
+    {ERR_PACK(ERR_LIB_CMS, CMS_F_CMS_SIGN, 0), "CMS_sign"},
+    {ERR_PACK(ERR_LIB_CMS, CMS_F_CMS_SIGNED_DATA_INIT, 0),
+     "cms_signed_data_init"},
+    {ERR_PACK(ERR_LIB_CMS, CMS_F_CMS_SIGNERINFO_CONTENT_SIGN, 0),
      "cms_SignerInfo_content_sign"},
-    {ERR_FUNC(CMS_F_CMS_SIGNERINFO_SIGN), "CMS_SignerInfo_sign"},
-    {ERR_FUNC(CMS_F_CMS_SIGNERINFO_VERIFY), "CMS_SignerInfo_verify"},
-    {ERR_FUNC(CMS_F_CMS_SIGNERINFO_VERIFY_CERT),
+    {ERR_PACK(ERR_LIB_CMS, CMS_F_CMS_SIGNERINFO_SIGN, 0),
+     "CMS_SignerInfo_sign"},
+    {ERR_PACK(ERR_LIB_CMS, CMS_F_CMS_SIGNERINFO_VERIFY, 0),
+     "CMS_SignerInfo_verify"},
+    {ERR_PACK(ERR_LIB_CMS, CMS_F_CMS_SIGNERINFO_VERIFY_CERT, 0),
      "cms_signerinfo_verify_cert"},
-    {ERR_FUNC(CMS_F_CMS_SIGNERINFO_VERIFY_CONTENT),
+    {ERR_PACK(ERR_LIB_CMS, CMS_F_CMS_SIGNERINFO_VERIFY_CONTENT, 0),
      "CMS_SignerInfo_verify_content"},
-    {ERR_FUNC(CMS_F_CMS_SIGN_RECEIPT), "CMS_sign_receipt"},
-    {ERR_FUNC(CMS_F_CMS_STREAM), "CMS_stream"},
-    {ERR_FUNC(CMS_F_CMS_UNCOMPRESS), "CMS_uncompress"},
-    {ERR_FUNC(CMS_F_CMS_VERIFY), "CMS_verify"},
+    {ERR_PACK(ERR_LIB_CMS, CMS_F_CMS_SIGN_RECEIPT, 0), "CMS_sign_receipt"},
+    {ERR_PACK(ERR_LIB_CMS, CMS_F_CMS_STREAM, 0), "CMS_stream"},
+    {ERR_PACK(ERR_LIB_CMS, CMS_F_CMS_UNCOMPRESS, 0), "CMS_uncompress"},
+    {ERR_PACK(ERR_LIB_CMS, CMS_F_CMS_VERIFY, 0), "CMS_verify"},
     {0, NULL}
 };
 
-static ERR_STRING_DATA CMS_str_reasons[] = {
-    {ERR_REASON(CMS_R_ADD_SIGNER_ERROR), "add signer error"},
-    {ERR_REASON(CMS_R_CERTIFICATE_ALREADY_PRESENT),
-     "certificate already present"},
-    {ERR_REASON(CMS_R_CERTIFICATE_HAS_NO_KEYID), "certificate has no keyid"},
-    {ERR_REASON(CMS_R_CERTIFICATE_VERIFY_ERROR), "certificate verify error"},
-    {ERR_REASON(CMS_R_CIPHER_INITIALISATION_ERROR),
-     "cipher initialisation error"},
-    {ERR_REASON(CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR),
-     "cipher parameter initialisation error"},
-    {ERR_REASON(CMS_R_CMS_DATAFINAL_ERROR), "cms datafinal error"},
-    {ERR_REASON(CMS_R_CMS_LIB), "cms lib"},
-    {ERR_REASON(CMS_R_CONTENTIDENTIFIER_MISMATCH),
-     "contentidentifier mismatch"},
-    {ERR_REASON(CMS_R_CONTENT_NOT_FOUND), "content not found"},
-    {ERR_REASON(CMS_R_CONTENT_TYPE_MISMATCH), "content type mismatch"},
-    {ERR_REASON(CMS_R_CONTENT_TYPE_NOT_COMPRESSED_DATA),
-     "content type not compressed data"},
-    {ERR_REASON(CMS_R_CONTENT_TYPE_NOT_ENVELOPED_DATA),
-     "content type not enveloped data"},
-    {ERR_REASON(CMS_R_CONTENT_TYPE_NOT_SIGNED_DATA),
-     "content type not signed data"},
-    {ERR_REASON(CMS_R_CONTENT_VERIFY_ERROR), "content verify error"},
-    {ERR_REASON(CMS_R_CTRL_ERROR), "ctrl error"},
-    {ERR_REASON(CMS_R_CTRL_FAILURE), "ctrl failure"},
-    {ERR_REASON(CMS_R_DECRYPT_ERROR), "decrypt error"},
-    {ERR_REASON(CMS_R_ERROR_GETTING_PUBLIC_KEY), "error getting public key"},
-    {ERR_REASON(CMS_R_ERROR_READING_MESSAGEDIGEST_ATTRIBUTE),
-     "error reading messagedigest attribute"},
-    {ERR_REASON(CMS_R_ERROR_SETTING_KEY), "error setting key"},
-    {ERR_REASON(CMS_R_ERROR_SETTING_RECIPIENTINFO),
-     "error setting recipientinfo"},
-    {ERR_REASON(CMS_R_INVALID_ENCRYPTED_KEY_LENGTH),
-     "invalid encrypted key length"},
-    {ERR_REASON(CMS_R_INVALID_KEY_ENCRYPTION_PARAMETER),
-     "invalid key encryption parameter"},
-    {ERR_REASON(CMS_R_INVALID_KEY_LENGTH), "invalid key length"},
-    {ERR_REASON(CMS_R_MD_BIO_INIT_ERROR), "md bio init error"},
-    {ERR_REASON(CMS_R_MESSAGEDIGEST_ATTRIBUTE_WRONG_LENGTH),
-     "messagedigest attribute wrong length"},
-    {ERR_REASON(CMS_R_MESSAGEDIGEST_WRONG_LENGTH),
-     "messagedigest wrong length"},
-    {ERR_REASON(CMS_R_MSGSIGDIGEST_ERROR), "msgsigdigest error"},
-    {ERR_REASON(CMS_R_MSGSIGDIGEST_VERIFICATION_FAILURE),
-     "msgsigdigest verification failure"},
-    {ERR_REASON(CMS_R_MSGSIGDIGEST_WRONG_LENGTH),
-     "msgsigdigest wrong length"},
-    {ERR_REASON(CMS_R_NEED_ONE_SIGNER), "need one signer"},
-    {ERR_REASON(CMS_R_NOT_A_SIGNED_RECEIPT), "not a signed receipt"},
-    {ERR_REASON(CMS_R_NOT_ENCRYPTED_DATA), "not encrypted data"},
-    {ERR_REASON(CMS_R_NOT_KEK), "not kek"},
-    {ERR_REASON(CMS_R_NOT_KEY_AGREEMENT), "not key agreement"},
-    {ERR_REASON(CMS_R_NOT_KEY_TRANSPORT), "not key transport"},
-    {ERR_REASON(CMS_R_NOT_PWRI), "not pwri"},
-    {ERR_REASON(CMS_R_NOT_SUPPORTED_FOR_THIS_KEY_TYPE),
-     "not supported for this key type"},
-    {ERR_REASON(CMS_R_NO_CIPHER), "no cipher"},
-    {ERR_REASON(CMS_R_NO_CONTENT), "no content"},
-    {ERR_REASON(CMS_R_NO_CONTENT_TYPE), "no content type"},
-    {ERR_REASON(CMS_R_NO_DEFAULT_DIGEST), "no default digest"},
-    {ERR_REASON(CMS_R_NO_DIGEST_SET), "no digest set"},
-    {ERR_REASON(CMS_R_NO_KEY), "no key"},
-    {ERR_REASON(CMS_R_NO_KEY_OR_CERT), "no key or cert"},
-    {ERR_REASON(CMS_R_NO_MATCHING_DIGEST), "no matching digest"},
-    {ERR_REASON(CMS_R_NO_MATCHING_RECIPIENT), "no matching recipient"},
-    {ERR_REASON(CMS_R_NO_MATCHING_SIGNATURE), "no matching signature"},
-    {ERR_REASON(CMS_R_NO_MSGSIGDIGEST), "no msgsigdigest"},
-    {ERR_REASON(CMS_R_NO_PASSWORD), "no password"},
-    {ERR_REASON(CMS_R_NO_PRIVATE_KEY), "no private key"},
-    {ERR_REASON(CMS_R_NO_PUBLIC_KEY), "no public key"},
-    {ERR_REASON(CMS_R_NO_RECEIPT_REQUEST), "no receipt request"},
-    {ERR_REASON(CMS_R_NO_SIGNERS), "no signers"},
-    {ERR_REASON(CMS_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE),
-     "private key does not match certificate"},
-    {ERR_REASON(CMS_R_RECEIPT_DECODE_ERROR), "receipt decode error"},
-    {ERR_REASON(CMS_R_RECIPIENT_ERROR), "recipient error"},
-    {ERR_REASON(CMS_R_SIGNER_CERTIFICATE_NOT_FOUND),
-     "signer certificate not found"},
-    {ERR_REASON(CMS_R_SIGNFINAL_ERROR), "signfinal error"},
-    {ERR_REASON(CMS_R_SMIME_TEXT_ERROR), "smime text error"},
-    {ERR_REASON(CMS_R_STORE_INIT_ERROR), "store init error"},
-    {ERR_REASON(CMS_R_TYPE_NOT_COMPRESSED_DATA), "type not compressed data"},
-    {ERR_REASON(CMS_R_TYPE_NOT_DATA), "type not data"},
-    {ERR_REASON(CMS_R_TYPE_NOT_DIGESTED_DATA), "type not digested data"},
-    {ERR_REASON(CMS_R_TYPE_NOT_ENCRYPTED_DATA), "type not encrypted data"},
-    {ERR_REASON(CMS_R_TYPE_NOT_ENVELOPED_DATA), "type not enveloped data"},
-    {ERR_REASON(CMS_R_UNABLE_TO_FINALIZE_CONTEXT),
-     "unable to finalize context"},
-    {ERR_REASON(CMS_R_UNKNOWN_CIPHER), "unknown cipher"},
-    {ERR_REASON(CMS_R_UNKNOWN_DIGEST_ALGORITHM), "unknown digest algorithm"},
-    {ERR_REASON(CMS_R_UNKNOWN_ID), "unknown id"},
-    {ERR_REASON(CMS_R_UNSUPPORTED_COMPRESSION_ALGORITHM),
-     "unsupported compression algorithm"},
-    {ERR_REASON(CMS_R_UNSUPPORTED_CONTENT_TYPE), "unsupported content type"},
-    {ERR_REASON(CMS_R_UNSUPPORTED_KEK_ALGORITHM),
-     "unsupported kek algorithm"},
-    {ERR_REASON(CMS_R_UNSUPPORTED_KEY_ENCRYPTION_ALGORITHM),
-     "unsupported key encryption algorithm"},
-    {ERR_REASON(CMS_R_UNSUPPORTED_RECIPIENT_TYPE),
-     "unsupported recipient type"},
-    {ERR_REASON(CMS_R_UNSUPPORTED_RECIPIENTINFO_TYPE),
-     "unsupported recipientinfo type"},
-    {ERR_REASON(CMS_R_UNSUPPORTED_TYPE), "unsupported type"},
-    {ERR_REASON(CMS_R_UNWRAP_ERROR), "unwrap error"},
-    {ERR_REASON(CMS_R_UNWRAP_FAILURE), "unwrap failure"},
-    {ERR_REASON(CMS_R_VERIFICATION_FAILURE), "verification failure"},
-    {ERR_REASON(CMS_R_WRAP_ERROR), "wrap error"},
+static const ERR_STRING_DATA CMS_str_reasons[] = {
+    {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_ADD_SIGNER_ERROR), "add signer error"},
+    {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_CERTIFICATE_ALREADY_PRESENT),
+    "certificate already present"},
+    {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_CERTIFICATE_HAS_NO_KEYID),
+    "certificate has no keyid"},
+    {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_CERTIFICATE_VERIFY_ERROR),
+    "certificate verify error"},
+    {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_CIPHER_INITIALISATION_ERROR),
+    "cipher initialisation error"},
+    {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR),
+    "cipher parameter initialisation error"},
+    {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_CMS_DATAFINAL_ERROR),
+    "cms datafinal error"},
+    {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_CMS_LIB), "cms lib"},
+    {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_CONTENTIDENTIFIER_MISMATCH),
+    "contentidentifier mismatch"},
+    {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_CONTENT_NOT_FOUND), "content not found"},
+    {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_CONTENT_TYPE_MISMATCH),
+    "content type mismatch"},
+    {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_CONTENT_TYPE_NOT_COMPRESSED_DATA),
+    "content type not compressed data"},
+    {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_CONTENT_TYPE_NOT_ENVELOPED_DATA),
+    "content type not enveloped data"},
+    {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_CONTENT_TYPE_NOT_SIGNED_DATA),
+    "content type not signed data"},
+    {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_CONTENT_VERIFY_ERROR),
+    "content verify error"},
+    {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_CTRL_ERROR), "ctrl error"},
+    {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_CTRL_FAILURE), "ctrl failure"},
+    {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_DECRYPT_ERROR), "decrypt error"},
+    {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_ERROR_GETTING_PUBLIC_KEY),
+    "error getting public key"},
+    {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_ERROR_READING_MESSAGEDIGEST_ATTRIBUTE),
+    "error reading messagedigest attribute"},
+    {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_ERROR_SETTING_KEY), "error setting key"},
+    {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_ERROR_SETTING_RECIPIENTINFO),
+    "error setting recipientinfo"},
+    {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_INVALID_ENCRYPTED_KEY_LENGTH),
+    "invalid encrypted key length"},
+    {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_INVALID_KEY_ENCRYPTION_PARAMETER),
+    "invalid key encryption parameter"},
+    {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_INVALID_KEY_LENGTH), "invalid key length"},
+    {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_MD_BIO_INIT_ERROR), "md bio init error"},
+    {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_MESSAGEDIGEST_ATTRIBUTE_WRONG_LENGTH),
+    "messagedigest attribute wrong length"},
+    {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_MESSAGEDIGEST_WRONG_LENGTH),
+    "messagedigest wrong length"},
+    {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_MSGSIGDIGEST_ERROR), "msgsigdigest error"},
+    {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_MSGSIGDIGEST_VERIFICATION_FAILURE),
+    "msgsigdigest verification failure"},
+    {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_MSGSIGDIGEST_WRONG_LENGTH),
+    "msgsigdigest wrong length"},
+    {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_NEED_ONE_SIGNER), "need one signer"},
+    {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_NOT_A_SIGNED_RECEIPT),
+    "not a signed receipt"},
+    {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_NOT_ENCRYPTED_DATA), "not encrypted data"},
+    {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_NOT_KEK), "not kek"},
+    {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_NOT_KEY_AGREEMENT), "not key agreement"},
+    {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_NOT_KEY_TRANSPORT), "not key transport"},
+    {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_NOT_PWRI), "not pwri"},
+    {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_NOT_SUPPORTED_FOR_THIS_KEY_TYPE),
+    "not supported for this key type"},
+    {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_NO_CIPHER), "no cipher"},
+    {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_NO_CONTENT), "no content"},
+    {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_NO_CONTENT_TYPE), "no content type"},
+    {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_NO_DEFAULT_DIGEST), "no default digest"},
+    {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_NO_DIGEST_SET), "no digest set"},
+    {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_NO_KEY), "no key"},
+    {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_NO_KEY_OR_CERT), "no key or cert"},
+    {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_NO_MATCHING_DIGEST), "no matching digest"},
+    {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_NO_MATCHING_RECIPIENT),
+    "no matching recipient"},
+    {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_NO_MATCHING_SIGNATURE),
+    "no matching signature"},
+    {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_NO_MSGSIGDIGEST), "no msgsigdigest"},
+    {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_NO_PASSWORD), "no password"},
+    {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_NO_PRIVATE_KEY), "no private key"},
+    {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_NO_PUBLIC_KEY), "no public key"},
+    {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_NO_RECEIPT_REQUEST), "no receipt request"},
+    {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_NO_SIGNERS), "no signers"},
+    {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE),
+    "private key does not match certificate"},
+    {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_RECEIPT_DECODE_ERROR),
+    "receipt decode error"},
+    {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_RECIPIENT_ERROR), "recipient error"},
+    {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_SIGNER_CERTIFICATE_NOT_FOUND),
+    "signer certificate not found"},
+    {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_SIGNFINAL_ERROR), "signfinal error"},
+    {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_SMIME_TEXT_ERROR), "smime text error"},
+    {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_STORE_INIT_ERROR), "store init error"},
+    {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_TYPE_NOT_COMPRESSED_DATA),
+    "type not compressed data"},
+    {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_TYPE_NOT_DATA), "type not data"},
+    {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_TYPE_NOT_DIGESTED_DATA),
+    "type not digested data"},
+    {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_TYPE_NOT_ENCRYPTED_DATA),
+    "type not encrypted data"},
+    {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_TYPE_NOT_ENVELOPED_DATA),
+    "type not enveloped data"},
+    {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_UNABLE_TO_FINALIZE_CONTEXT),
+    "unable to finalize context"},
+    {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_UNKNOWN_CIPHER), "unknown cipher"},
+    {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_UNKNOWN_DIGEST_ALGORITHM),
+    "unknown digest algorithm"},
+    {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_UNKNOWN_ID), "unknown id"},
+    {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_UNSUPPORTED_COMPRESSION_ALGORITHM),
+    "unsupported compression algorithm"},
+    {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_UNSUPPORTED_CONTENT_TYPE),
+    "unsupported content type"},
+    {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_UNSUPPORTED_KEK_ALGORITHM),
+    "unsupported kek algorithm"},
+    {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_UNSUPPORTED_KEY_ENCRYPTION_ALGORITHM),
+    "unsupported key encryption algorithm"},
+    {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_UNSUPPORTED_RECIPIENTINFO_TYPE),
+    "unsupported recipientinfo type"},
+    {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_UNSUPPORTED_RECIPIENT_TYPE),
+    "unsupported recipient type"},
+    {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_UNSUPPORTED_TYPE), "unsupported type"},
+    {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_UNWRAP_ERROR), "unwrap error"},
+    {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_UNWRAP_FAILURE), "unwrap failure"},
+    {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_VERIFICATION_FAILURE),
+    "verification failure"},
+    {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_WRAP_ERROR), "wrap error"},
     {0, NULL}
 };
 
@@ -248,10 +282,9 @@ static ERR_STRING_DATA CMS_str_reasons[] = {
 int ERR_load_CMS_strings(void)
 {
 #ifndef OPENSSL_NO_ERR
-
     if (ERR_func_error_string(CMS_str_functs[0].error) == NULL) {
-        ERR_load_strings(0, CMS_str_functs);
-        ERR_load_strings(0, CMS_str_reasons);
+        ERR_load_strings_const(CMS_str_functs);
+        ERR_load_strings_const(CMS_str_reasons);
     }
 #endif
     return 1;
diff --git a/crypto/comp/comp_err.c b/crypto/comp/comp_err.c
index 8e2e695..5aff502 100644
--- a/crypto/comp/comp_err.c
+++ b/crypto/comp/comp_err.c
@@ -1,6 +1,6 @@
 /*
  * Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -8,28 +8,26 @@
  * https://www.openssl.org/source/license.html
  */
 
-#include <stdio.h>
 #include <openssl/err.h>
-#include <openssl/comp.h>
+#include <openssl/comperr.h>
 
-/* BEGIN ERROR CODES */
 #ifndef OPENSSL_NO_ERR
 
-# define ERR_FUNC(func) ERR_PACK(ERR_LIB_COMP,func,0)
-# define ERR_REASON(reason) ERR_PACK(ERR_LIB_COMP,0,reason)
-
-static ERR_STRING_DATA COMP_str_functs[] = {
-    {ERR_FUNC(COMP_F_BIO_ZLIB_FLUSH), "bio_zlib_flush"},
-    {ERR_FUNC(COMP_F_BIO_ZLIB_NEW), "bio_zlib_new"},
-    {ERR_FUNC(COMP_F_BIO_ZLIB_READ), "bio_zlib_read"},
-    {ERR_FUNC(COMP_F_BIO_ZLIB_WRITE), "bio_zlib_write"},
+static const ERR_STRING_DATA COMP_str_functs[] = {
+    {ERR_PACK(ERR_LIB_COMP, COMP_F_BIO_ZLIB_FLUSH, 0), "bio_zlib_flush"},
+    {ERR_PACK(ERR_LIB_COMP, COMP_F_BIO_ZLIB_NEW, 0), "bio_zlib_new"},
+    {ERR_PACK(ERR_LIB_COMP, COMP_F_BIO_ZLIB_READ, 0), "bio_zlib_read"},
+    {ERR_PACK(ERR_LIB_COMP, COMP_F_BIO_ZLIB_WRITE, 0), "bio_zlib_write"},
     {0, NULL}
 };
 
-static ERR_STRING_DATA COMP_str_reasons[] = {
-    {ERR_REASON(COMP_R_ZLIB_DEFLATE_ERROR), "zlib deflate error"},
-    {ERR_REASON(COMP_R_ZLIB_INFLATE_ERROR), "zlib inflate error"},
-    {ERR_REASON(COMP_R_ZLIB_NOT_SUPPORTED), "zlib not supported"},
+static const ERR_STRING_DATA COMP_str_reasons[] = {
+    {ERR_PACK(ERR_LIB_COMP, 0, COMP_R_ZLIB_DEFLATE_ERROR),
+    "zlib deflate error"},
+    {ERR_PACK(ERR_LIB_COMP, 0, COMP_R_ZLIB_INFLATE_ERROR),
+    "zlib inflate error"},
+    {ERR_PACK(ERR_LIB_COMP, 0, COMP_R_ZLIB_NOT_SUPPORTED),
+    "zlib not supported"},
     {0, NULL}
 };
 
@@ -38,10 +36,9 @@ static ERR_STRING_DATA COMP_str_reasons[] = {
 int ERR_load_COMP_strings(void)
 {
 #ifndef OPENSSL_NO_ERR
-
     if (ERR_func_error_string(COMP_str_functs[0].error) == NULL) {
-        ERR_load_strings(0, COMP_str_functs);
-        ERR_load_strings(0, COMP_str_reasons);
+        ERR_load_strings_const(COMP_str_functs);
+        ERR_load_strings_const(COMP_str_reasons);
     }
 #endif
     return 1;
diff --git a/crypto/conf/conf_err.c b/crypto/conf/conf_err.c
index 0863bc4..8ba243c 100644
--- a/crypto/conf/conf_err.c
+++ b/crypto/conf/conf_err.c
@@ -8,61 +8,62 @@
  * https://www.openssl.org/source/license.html
  */
 
-#include <stdio.h>
 #include <openssl/err.h>
-#include <openssl/conf.h>
+#include <openssl/conferr.h>
 
-/* BEGIN ERROR CODES */
 #ifndef OPENSSL_NO_ERR
 
-# define ERR_FUNC(func) ERR_PACK(ERR_LIB_CONF,func,0)
-# define ERR_REASON(reason) ERR_PACK(ERR_LIB_CONF,0,reason)
-
-static ERR_STRING_DATA CONF_str_functs[] = {
-    {ERR_FUNC(CONF_F_CONF_DUMP_FP), "CONF_dump_fp"},
-    {ERR_FUNC(CONF_F_CONF_LOAD), "CONF_load"},
-    {ERR_FUNC(CONF_F_CONF_LOAD_FP), "CONF_load_fp"},
-    {ERR_FUNC(CONF_F_CONF_PARSE_LIST), "CONF_parse_list"},
-    {ERR_FUNC(CONF_F_DEF_LOAD), "def_load"},
-    {ERR_FUNC(CONF_F_DEF_LOAD_BIO), "def_load_bio"},
-    {ERR_FUNC(CONF_F_MODULE_INIT), "module_init"},
-    {ERR_FUNC(CONF_F_MODULE_LOAD_DSO), "module_load_dso"},
-    {ERR_FUNC(CONF_F_MODULE_RUN), "module_run"},
-    {ERR_FUNC(CONF_F_NCONF_DUMP_BIO), "NCONF_dump_bio"},
-    {ERR_FUNC(CONF_F_NCONF_DUMP_FP), "NCONF_dump_fp"},
-    {ERR_FUNC(CONF_F_NCONF_GET_NUMBER_E), "NCONF_get_number_e"},
-    {ERR_FUNC(CONF_F_NCONF_GET_SECTION), "NCONF_get_section"},
-    {ERR_FUNC(CONF_F_NCONF_GET_STRING), "NCONF_get_string"},
-    {ERR_FUNC(CONF_F_NCONF_LOAD), "NCONF_load"},
-    {ERR_FUNC(CONF_F_NCONF_LOAD_BIO), "NCONF_load_bio"},
-    {ERR_FUNC(CONF_F_NCONF_LOAD_FP), "NCONF_load_fp"},
-    {ERR_FUNC(CONF_F_NCONF_NEW), "NCONF_new"},
-    {ERR_FUNC(CONF_F_STR_COPY), "str_copy"},
+static const ERR_STRING_DATA CONF_str_functs[] = {
+    {ERR_PACK(ERR_LIB_CONF, CONF_F_CONF_DUMP_FP, 0), "CONF_dump_fp"},
+    {ERR_PACK(ERR_LIB_CONF, CONF_F_CONF_LOAD, 0), "CONF_load"},
+    {ERR_PACK(ERR_LIB_CONF, CONF_F_CONF_LOAD_FP, 0), "CONF_load_fp"},
+    {ERR_PACK(ERR_LIB_CONF, CONF_F_CONF_PARSE_LIST, 0), "CONF_parse_list"},
+    {ERR_PACK(ERR_LIB_CONF, CONF_F_DEF_LOAD, 0), "def_load"},
+    {ERR_PACK(ERR_LIB_CONF, CONF_F_DEF_LOAD_BIO, 0), "def_load_bio"},
+    {ERR_PACK(ERR_LIB_CONF, CONF_F_MODULE_INIT, 0), "module_init"},
+    {ERR_PACK(ERR_LIB_CONF, CONF_F_MODULE_LOAD_DSO, 0), "module_load_dso"},
+    {ERR_PACK(ERR_LIB_CONF, CONF_F_MODULE_RUN, 0), "module_run"},
+    {ERR_PACK(ERR_LIB_CONF, CONF_F_NCONF_DUMP_BIO, 0), "NCONF_dump_bio"},
+    {ERR_PACK(ERR_LIB_CONF, CONF_F_NCONF_DUMP_FP, 0), "NCONF_dump_fp"},
+    {ERR_PACK(ERR_LIB_CONF, CONF_F_NCONF_GET_NUMBER_E, 0),
+     "NCONF_get_number_e"},
+    {ERR_PACK(ERR_LIB_CONF, CONF_F_NCONF_GET_SECTION, 0), "NCONF_get_section"},
+    {ERR_PACK(ERR_LIB_CONF, CONF_F_NCONF_GET_STRING, 0), "NCONF_get_string"},
+    {ERR_PACK(ERR_LIB_CONF, CONF_F_NCONF_LOAD, 0), "NCONF_load"},
+    {ERR_PACK(ERR_LIB_CONF, CONF_F_NCONF_LOAD_BIO, 0), "NCONF_load_bio"},
+    {ERR_PACK(ERR_LIB_CONF, CONF_F_NCONF_LOAD_FP, 0), "NCONF_load_fp"},
+    {ERR_PACK(ERR_LIB_CONF, CONF_F_NCONF_NEW, 0), "NCONF_new"},
+    {ERR_PACK(ERR_LIB_CONF, CONF_F_STR_COPY, 0), "str_copy"},
     {0, NULL}
 };
 
-static ERR_STRING_DATA CONF_str_reasons[] = {
-    {ERR_REASON(CONF_R_ERROR_LOADING_DSO), "error loading dso"},
-    {ERR_REASON(CONF_R_LIST_CANNOT_BE_NULL), "list cannot be null"},
-    {ERR_REASON(CONF_R_MISSING_CLOSE_SQUARE_BRACKET),
-     "missing close square bracket"},
-    {ERR_REASON(CONF_R_MISSING_EQUAL_SIGN), "missing equal sign"},
-    {ERR_REASON(CONF_R_MISSING_INIT_FUNCTION), "missing init function"},
-    {ERR_REASON(CONF_R_MODULE_INITIALIZATION_ERROR),
-     "module initialization error"},
-    {ERR_REASON(CONF_R_NO_CLOSE_BRACE), "no close brace"},
-    {ERR_REASON(CONF_R_NO_CONF), "no conf"},
-    {ERR_REASON(CONF_R_NO_CONF_OR_ENVIRONMENT_VARIABLE),
-     "no conf or environment variable"},
-    {ERR_REASON(CONF_R_NO_SECTION), "no section"},
-    {ERR_REASON(CONF_R_NO_SUCH_FILE), "no such file"},
-    {ERR_REASON(CONF_R_NO_VALUE), "no value"},
-    {ERR_REASON(CONF_R_UNABLE_TO_CREATE_NEW_SECTION),
-     "unable to create new section"},
-    {ERR_REASON(CONF_R_UNKNOWN_MODULE_NAME), "unknown module name"},
-    {ERR_REASON(CONF_R_VARIABLE_EXPANSION_TOO_LONG),
-     "variable expansion too long"},
-    {ERR_REASON(CONF_R_VARIABLE_HAS_NO_VALUE), "variable has no value"},
+static const ERR_STRING_DATA CONF_str_reasons[] = {
+    {ERR_PACK(ERR_LIB_CONF, 0, CONF_R_ERROR_LOADING_DSO), "error loading dso"},
+    {ERR_PACK(ERR_LIB_CONF, 0, CONF_R_LIST_CANNOT_BE_NULL),
+    "list cannot be null"},
+    {ERR_PACK(ERR_LIB_CONF, 0, CONF_R_MISSING_CLOSE_SQUARE_BRACKET),
+    "missing close square bracket"},
+    {ERR_PACK(ERR_LIB_CONF, 0, CONF_R_MISSING_EQUAL_SIGN),
+    "missing equal sign"},
+    {ERR_PACK(ERR_LIB_CONF, 0, CONF_R_MISSING_INIT_FUNCTION),
+    "missing init function"},
+    {ERR_PACK(ERR_LIB_CONF, 0, CONF_R_MODULE_INITIALIZATION_ERROR),
+    "module initialization error"},
+    {ERR_PACK(ERR_LIB_CONF, 0, CONF_R_NO_CLOSE_BRACE), "no close brace"},
+    {ERR_PACK(ERR_LIB_CONF, 0, CONF_R_NO_CONF), "no conf"},
+    {ERR_PACK(ERR_LIB_CONF, 0, CONF_R_NO_CONF_OR_ENVIRONMENT_VARIABLE),
+    "no conf or environment variable"},
+    {ERR_PACK(ERR_LIB_CONF, 0, CONF_R_NO_SECTION), "no section"},
+    {ERR_PACK(ERR_LIB_CONF, 0, CONF_R_NO_SUCH_FILE), "no such file"},
+    {ERR_PACK(ERR_LIB_CONF, 0, CONF_R_NO_VALUE), "no value"},
+    {ERR_PACK(ERR_LIB_CONF, 0, CONF_R_UNABLE_TO_CREATE_NEW_SECTION),
+    "unable to create new section"},
+    {ERR_PACK(ERR_LIB_CONF, 0, CONF_R_UNKNOWN_MODULE_NAME),
+    "unknown module name"},
+    {ERR_PACK(ERR_LIB_CONF, 0, CONF_R_VARIABLE_EXPANSION_TOO_LONG),
+    "variable expansion too long"},
+    {ERR_PACK(ERR_LIB_CONF, 0, CONF_R_VARIABLE_HAS_NO_VALUE),
+    "variable has no value"},
     {0, NULL}
 };
 
@@ -71,10 +72,9 @@ static ERR_STRING_DATA CONF_str_reasons[] = {
 int ERR_load_CONF_strings(void)
 {
 #ifndef OPENSSL_NO_ERR
-
     if (ERR_func_error_string(CONF_str_functs[0].error) == NULL) {
-        ERR_load_strings(0, CONF_str_functs);
-        ERR_load_strings(0, CONF_str_reasons);
+        ERR_load_strings_const(CONF_str_functs);
+        ERR_load_strings_const(CONF_str_reasons);
     }
 #endif
     return 1;
diff --git a/crypto/cpt_err.c b/crypto/cpt_err.c
index c28dcf1..d4d2878 100644
--- a/crypto/cpt_err.c
+++ b/crypto/cpt_err.c
@@ -1,6 +1,6 @@
 /*
  * Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -8,35 +8,41 @@
  * https://www.openssl.org/source/license.html
  */
 
-#include <stdio.h>
 #include <openssl/err.h>
-#include <openssl/crypto.h>
+#include <openssl/cryptoerr.h>
 
-/* BEGIN ERROR CODES */
 #ifndef OPENSSL_NO_ERR
 
-# define ERR_FUNC(func) ERR_PACK(ERR_LIB_CRYPTO,func,0)
-# define ERR_REASON(reason) ERR_PACK(ERR_LIB_CRYPTO,0,reason)
-
-static ERR_STRING_DATA CRYPTO_str_functs[] = {
-    {ERR_FUNC(CRYPTO_F_CRYPTO_DUP_EX_DATA), "CRYPTO_dup_ex_data"},
-    {ERR_FUNC(CRYPTO_F_CRYPTO_FREE_EX_DATA), "CRYPTO_free_ex_data"},
-    {ERR_FUNC(CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX), "CRYPTO_get_ex_new_index"},
-    {ERR_FUNC(CRYPTO_F_CRYPTO_MEMDUP), "CRYPTO_memdup"},
-    {ERR_FUNC(CRYPTO_F_CRYPTO_NEW_EX_DATA), "CRYPTO_new_ex_data"},
-    {ERR_FUNC(CRYPTO_F_CRYPTO_SET_EX_DATA), "CRYPTO_set_ex_data"},
-    {ERR_FUNC(CRYPTO_F_FIPS_MODE_SET), "FIPS_mode_set"},
-    {ERR_FUNC(CRYPTO_F_GET_AND_LOCK), "get_and_lock"},
-    {ERR_FUNC(CRYPTO_F_OPENSSL_BUF2HEXSTR), "OPENSSL_buf2hexstr"},
-    {ERR_FUNC(CRYPTO_F_OPENSSL_HEXSTR2BUF), "OPENSSL_hexstr2buf"},
-    {ERR_FUNC(CRYPTO_F_OPENSSL_INIT_CRYPTO), "OPENSSL_init_crypto"},
+static const ERR_STRING_DATA CRYPTO_str_functs[] = {
+    {ERR_PACK(ERR_LIB_CRYPTO, CRYPTO_F_CRYPTO_DUP_EX_DATA, 0),
+     "CRYPTO_dup_ex_data"},
+    {ERR_PACK(ERR_LIB_CRYPTO, CRYPTO_F_CRYPTO_FREE_EX_DATA, 0),
+     "CRYPTO_free_ex_data"},
+    {ERR_PACK(ERR_LIB_CRYPTO, CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX, 0),
+     "CRYPTO_get_ex_new_index"},
+    {ERR_PACK(ERR_LIB_CRYPTO, CRYPTO_F_CRYPTO_MEMDUP, 0), "CRYPTO_memdup"},
+    {ERR_PACK(ERR_LIB_CRYPTO, CRYPTO_F_CRYPTO_NEW_EX_DATA, 0),
+     "CRYPTO_new_ex_data"},
+    {ERR_PACK(ERR_LIB_CRYPTO, CRYPTO_F_CRYPTO_SET_EX_DATA, 0),
+     "CRYPTO_set_ex_data"},
+    {ERR_PACK(ERR_LIB_CRYPTO, CRYPTO_F_FIPS_MODE_SET, 0), "FIPS_mode_set"},
+    {ERR_PACK(ERR_LIB_CRYPTO, CRYPTO_F_GET_AND_LOCK, 0), "get_and_lock"},
+    {ERR_PACK(ERR_LIB_CRYPTO, CRYPTO_F_OPENSSL_BUF2HEXSTR, 0),
+     "OPENSSL_buf2hexstr"},
+    {ERR_PACK(ERR_LIB_CRYPTO, CRYPTO_F_OPENSSL_HEXSTR2BUF, 0),
+     "OPENSSL_hexstr2buf"},
+    {ERR_PACK(ERR_LIB_CRYPTO, CRYPTO_F_OPENSSL_INIT_CRYPTO, 0),
+     "OPENSSL_init_crypto"},
     {0, NULL}
 };
 
-static ERR_STRING_DATA CRYPTO_str_reasons[] = {
-    {ERR_REASON(CRYPTO_R_FIPS_MODE_NOT_SUPPORTED), "fips mode not supported"},
-    {ERR_REASON(CRYPTO_R_ILLEGAL_HEX_DIGIT), "illegal hex digit"},
-    {ERR_REASON(CRYPTO_R_ODD_NUMBER_OF_DIGITS), "odd number of digits"},
+static const ERR_STRING_DATA CRYPTO_str_reasons[] = {
+    {ERR_PACK(ERR_LIB_CRYPTO, 0, CRYPTO_R_FIPS_MODE_NOT_SUPPORTED),
+    "fips mode not supported"},
+    {ERR_PACK(ERR_LIB_CRYPTO, 0, CRYPTO_R_ILLEGAL_HEX_DIGIT),
+    "illegal hex digit"},
+    {ERR_PACK(ERR_LIB_CRYPTO, 0, CRYPTO_R_ODD_NUMBER_OF_DIGITS),
+    "odd number of digits"},
     {0, NULL}
 };
 
@@ -45,10 +51,9 @@ static ERR_STRING_DATA CRYPTO_str_reasons[] = {
 int ERR_load_CRYPTO_strings(void)
 {
 #ifndef OPENSSL_NO_ERR
-
     if (ERR_func_error_string(CRYPTO_str_functs[0].error) == NULL) {
-        ERR_load_strings(0, CRYPTO_str_functs);
-        ERR_load_strings(0, CRYPTO_str_reasons);
+        ERR_load_strings_const(CRYPTO_str_functs);
+        ERR_load_strings_const(CRYPTO_str_reasons);
     }
 #endif
     return 1;
diff --git a/crypto/ct/ct_err.c b/crypto/ct/ct_err.c
index fe0778b..c0c62fe 100644
--- a/crypto/ct/ct_err.c
+++ b/crypto/ct/ct_err.c
@@ -1,6 +1,6 @@
 /*
  * Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -8,67 +8,77 @@
  * https://www.openssl.org/source/license.html
  */
 
-#include <stdio.h>
 #include <openssl/err.h>
-#include <openssl/ct.h>
+#include <openssl/cterr.h>
 
-/* BEGIN ERROR CODES */
 #ifndef OPENSSL_NO_ERR
 
-# define ERR_FUNC(func) ERR_PACK(ERR_LIB_CT,func,0)
-# define ERR_REASON(reason) ERR_PACK(ERR_LIB_CT,0,reason)
-
-static ERR_STRING_DATA CT_str_functs[] = {
-    {ERR_FUNC(CT_F_CTLOG_NEW), "CTLOG_new"},
-    {ERR_FUNC(CT_F_CTLOG_NEW_FROM_BASE64), "CTLOG_new_from_base64"},
-    {ERR_FUNC(CT_F_CTLOG_NEW_FROM_CONF), "ctlog_new_from_conf"},
-    {ERR_FUNC(CT_F_CTLOG_STORE_LOAD_CTX_NEW), "ctlog_store_load_ctx_new"},
-    {ERR_FUNC(CT_F_CTLOG_STORE_LOAD_FILE), "CTLOG_STORE_load_file"},
-    {ERR_FUNC(CT_F_CTLOG_STORE_LOAD_LOG), "ctlog_store_load_log"},
-    {ERR_FUNC(CT_F_CTLOG_STORE_NEW), "CTLOG_STORE_new"},
-    {ERR_FUNC(CT_F_CT_BASE64_DECODE), "ct_base64_decode"},
-    {ERR_FUNC(CT_F_CT_POLICY_EVAL_CTX_NEW), "CT_POLICY_EVAL_CTX_new"},
-    {ERR_FUNC(CT_F_CT_V1_LOG_ID_FROM_PKEY), "ct_v1_log_id_from_pkey"},
-    {ERR_FUNC(CT_F_I2O_SCT), "i2o_SCT"},
-    {ERR_FUNC(CT_F_I2O_SCT_LIST), "i2o_SCT_LIST"},
-    {ERR_FUNC(CT_F_I2O_SCT_SIGNATURE), "i2o_SCT_signature"},
-    {ERR_FUNC(CT_F_O2I_SCT), "o2i_SCT"},
-    {ERR_FUNC(CT_F_O2I_SCT_LIST), "o2i_SCT_LIST"},
-    {ERR_FUNC(CT_F_O2I_SCT_SIGNATURE), "o2i_SCT_signature"},
-    {ERR_FUNC(CT_F_SCT_CTX_NEW), "SCT_CTX_new"},
-    {ERR_FUNC(CT_F_SCT_CTX_VERIFY), "SCT_CTX_verify"},
-    {ERR_FUNC(CT_F_SCT_NEW), "SCT_new"},
-    {ERR_FUNC(CT_F_SCT_NEW_FROM_BASE64), "SCT_new_from_base64"},
-    {ERR_FUNC(CT_F_SCT_SET0_LOG_ID), "SCT_set0_log_id"},
-    {ERR_FUNC(CT_F_SCT_SET1_EXTENSIONS), "SCT_set1_extensions"},
-    {ERR_FUNC(CT_F_SCT_SET1_LOG_ID), "SCT_set1_log_id"},
-    {ERR_FUNC(CT_F_SCT_SET1_SIGNATURE), "SCT_set1_signature"},
-    {ERR_FUNC(CT_F_SCT_SET_LOG_ENTRY_TYPE), "SCT_set_log_entry_type"},
-    {ERR_FUNC(CT_F_SCT_SET_SIGNATURE_NID), "SCT_set_signature_nid"},
-    {ERR_FUNC(CT_F_SCT_SET_VERSION), "SCT_set_version"},
+static const ERR_STRING_DATA CT_str_functs[] = {
+    {ERR_PACK(ERR_LIB_CT, CT_F_CTLOG_NEW, 0), "CTLOG_new"},
+    {ERR_PACK(ERR_LIB_CT, CT_F_CTLOG_NEW_FROM_BASE64, 0),
+     "CTLOG_new_from_base64"},
+    {ERR_PACK(ERR_LIB_CT, CT_F_CTLOG_NEW_FROM_CONF, 0), "ctlog_new_from_conf"},
+    {ERR_PACK(ERR_LIB_CT, CT_F_CTLOG_STORE_LOAD_CTX_NEW, 0),
+     "ctlog_store_load_ctx_new"},
+    {ERR_PACK(ERR_LIB_CT, CT_F_CTLOG_STORE_LOAD_FILE, 0),
+     "CTLOG_STORE_load_file"},
+    {ERR_PACK(ERR_LIB_CT, CT_F_CTLOG_STORE_LOAD_LOG, 0),
+     "ctlog_store_load_log"},
+    {ERR_PACK(ERR_LIB_CT, CT_F_CTLOG_STORE_NEW, 0), "CTLOG_STORE_new"},
+    {ERR_PACK(ERR_LIB_CT, CT_F_CT_BASE64_DECODE, 0), "ct_base64_decode"},
+    {ERR_PACK(ERR_LIB_CT, CT_F_CT_POLICY_EVAL_CTX_NEW, 0),
+     "CT_POLICY_EVAL_CTX_new"},
+    {ERR_PACK(ERR_LIB_CT, CT_F_CT_V1_LOG_ID_FROM_PKEY, 0),
+     "ct_v1_log_id_from_pkey"},
+    {ERR_PACK(ERR_LIB_CT, CT_F_I2O_SCT, 0), "i2o_SCT"},
+    {ERR_PACK(ERR_LIB_CT, CT_F_I2O_SCT_LIST, 0), "i2o_SCT_LIST"},
+    {ERR_PACK(ERR_LIB_CT, CT_F_I2O_SCT_SIGNATURE, 0), "i2o_SCT_signature"},
+    {ERR_PACK(ERR_LIB_CT, CT_F_O2I_SCT, 0), "o2i_SCT"},
+    {ERR_PACK(ERR_LIB_CT, CT_F_O2I_SCT_LIST, 0), "o2i_SCT_LIST"},
+    {ERR_PACK(ERR_LIB_CT, CT_F_O2I_SCT_SIGNATURE, 0), "o2i_SCT_signature"},
+    {ERR_PACK(ERR_LIB_CT, CT_F_SCT_CTX_NEW, 0), "SCT_CTX_new"},
+    {ERR_PACK(ERR_LIB_CT, CT_F_SCT_CTX_VERIFY, 0), "SCT_CTX_verify"},
+    {ERR_PACK(ERR_LIB_CT, CT_F_SCT_NEW, 0), "SCT_new"},
+    {ERR_PACK(ERR_LIB_CT, CT_F_SCT_NEW_FROM_BASE64, 0), "SCT_new_from_base64"},
+    {ERR_PACK(ERR_LIB_CT, CT_F_SCT_SET0_LOG_ID, 0), "SCT_set0_log_id"},
+    {ERR_PACK(ERR_LIB_CT, CT_F_SCT_SET1_EXTENSIONS, 0), "SCT_set1_extensions"},
+    {ERR_PACK(ERR_LIB_CT, CT_F_SCT_SET1_LOG_ID, 0), "SCT_set1_log_id"},
+    {ERR_PACK(ERR_LIB_CT, CT_F_SCT_SET1_SIGNATURE, 0), "SCT_set1_signature"},
+    {ERR_PACK(ERR_LIB_CT, CT_F_SCT_SET_LOG_ENTRY_TYPE, 0),
+     "SCT_set_log_entry_type"},
+    {ERR_PACK(ERR_LIB_CT, CT_F_SCT_SET_SIGNATURE_NID, 0),
+     "SCT_set_signature_nid"},
+    {ERR_PACK(ERR_LIB_CT, CT_F_SCT_SET_VERSION, 0), "SCT_set_version"},
     {0, NULL}
 };
 
-static ERR_STRING_DATA CT_str_reasons[] = {
-    {ERR_REASON(CT_R_BASE64_DECODE_ERROR), "base64 decode error"},
-    {ERR_REASON(CT_R_INVALID_LOG_ID_LENGTH), "invalid log id length"},
-    {ERR_REASON(CT_R_LOG_CONF_INVALID), "log conf invalid"},
-    {ERR_REASON(CT_R_LOG_CONF_INVALID_KEY), "log conf invalid key"},
-    {ERR_REASON(CT_R_LOG_CONF_MISSING_DESCRIPTION),
-     "log conf missing description"},
-    {ERR_REASON(CT_R_LOG_CONF_MISSING_KEY), "log conf missing key"},
-    {ERR_REASON(CT_R_LOG_KEY_INVALID), "log key invalid"},
-    {ERR_REASON(CT_R_SCT_FUTURE_TIMESTAMP), "sct future timestamp"},
-    {ERR_REASON(CT_R_SCT_INVALID), "sct invalid"},
-    {ERR_REASON(CT_R_SCT_INVALID_SIGNATURE), "sct invalid signature"},
-    {ERR_REASON(CT_R_SCT_LIST_INVALID), "sct list invalid"},
-    {ERR_REASON(CT_R_SCT_LOG_ID_MISMATCH), "sct log id mismatch"},
-    {ERR_REASON(CT_R_SCT_NOT_SET), "sct not set"},
-    {ERR_REASON(CT_R_SCT_UNSUPPORTED_VERSION), "sct unsupported version"},
-    {ERR_REASON(CT_R_UNRECOGNIZED_SIGNATURE_NID),
-     "unrecognized signature nid"},
-    {ERR_REASON(CT_R_UNSUPPORTED_ENTRY_TYPE), "unsupported entry type"},
-    {ERR_REASON(CT_R_UNSUPPORTED_VERSION), "unsupported version"},
+static const ERR_STRING_DATA CT_str_reasons[] = {
+    {ERR_PACK(ERR_LIB_CT, 0, CT_R_BASE64_DECODE_ERROR), "base64 decode error"},
+    {ERR_PACK(ERR_LIB_CT, 0, CT_R_INVALID_LOG_ID_LENGTH),
+    "invalid log id length"},
+    {ERR_PACK(ERR_LIB_CT, 0, CT_R_LOG_CONF_INVALID), "log conf invalid"},
+    {ERR_PACK(ERR_LIB_CT, 0, CT_R_LOG_CONF_INVALID_KEY),
+    "log conf invalid key"},
+    {ERR_PACK(ERR_LIB_CT, 0, CT_R_LOG_CONF_MISSING_DESCRIPTION),
+    "log conf missing description"},
+    {ERR_PACK(ERR_LIB_CT, 0, CT_R_LOG_CONF_MISSING_KEY),
+    "log conf missing key"},
+    {ERR_PACK(ERR_LIB_CT, 0, CT_R_LOG_KEY_INVALID), "log key invalid"},
+    {ERR_PACK(ERR_LIB_CT, 0, CT_R_SCT_FUTURE_TIMESTAMP),
+    "sct future timestamp"},
+    {ERR_PACK(ERR_LIB_CT, 0, CT_R_SCT_INVALID), "sct invalid"},
+    {ERR_PACK(ERR_LIB_CT, 0, CT_R_SCT_INVALID_SIGNATURE),
+    "sct invalid signature"},
+    {ERR_PACK(ERR_LIB_CT, 0, CT_R_SCT_LIST_INVALID), "sct list invalid"},
+    {ERR_PACK(ERR_LIB_CT, 0, CT_R_SCT_LOG_ID_MISMATCH), "sct log id mismatch"},
+    {ERR_PACK(ERR_LIB_CT, 0, CT_R_SCT_NOT_SET), "sct not set"},
+    {ERR_PACK(ERR_LIB_CT, 0, CT_R_SCT_UNSUPPORTED_VERSION),
+    "sct unsupported version"},
+    {ERR_PACK(ERR_LIB_CT, 0, CT_R_UNRECOGNIZED_SIGNATURE_NID),
+    "unrecognized signature nid"},
+    {ERR_PACK(ERR_LIB_CT, 0, CT_R_UNSUPPORTED_ENTRY_TYPE),
+    "unsupported entry type"},
+    {ERR_PACK(ERR_LIB_CT, 0, CT_R_UNSUPPORTED_VERSION), "unsupported version"},
     {0, NULL}
 };
 
@@ -77,10 +87,9 @@ static ERR_STRING_DATA CT_str_reasons[] = {
 int ERR_load_CT_strings(void)
 {
 #ifndef OPENSSL_NO_ERR
-
     if (ERR_func_error_string(CT_str_functs[0].error) == NULL) {
-        ERR_load_strings(0, CT_str_functs);
-        ERR_load_strings(0, CT_str_reasons);
+        ERR_load_strings_const(CT_str_functs);
+        ERR_load_strings_const(CT_str_reasons);
     }
 #endif
     return 1;
diff --git a/crypto/dh/dh_err.c b/crypto/dh/dh_err.c
index 4e21f28..f34fb69 100644
--- a/crypto/dh/dh_err.c
+++ b/crypto/dh/dh_err.c
@@ -1,6 +1,6 @@
 /*
  * Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -8,53 +8,51 @@
  * https://www.openssl.org/source/license.html
  */
 
-#include <stdio.h>
 #include <openssl/err.h>
-#include <openssl/dh.h>
+#include <openssl/dherr.h>
 
-/* BEGIN ERROR CODES */
 #ifndef OPENSSL_NO_ERR
 
-# define ERR_FUNC(func) ERR_PACK(ERR_LIB_DH,func,0)
-# define ERR_REASON(reason) ERR_PACK(ERR_LIB_DH,0,reason)
-
-static ERR_STRING_DATA DH_str_functs[] = {
-    {ERR_FUNC(DH_F_COMPUTE_KEY), "compute_key"},
-    {ERR_FUNC(DH_F_DHPARAMS_PRINT_FP), "DHparams_print_fp"},
-    {ERR_FUNC(DH_F_DH_BUILTIN_GENPARAMS), "dh_builtin_genparams"},
-    {ERR_FUNC(DH_F_DH_CMS_DECRYPT), "dh_cms_decrypt"},
-    {ERR_FUNC(DH_F_DH_CMS_SET_PEERKEY), "dh_cms_set_peerkey"},
-    {ERR_FUNC(DH_F_DH_CMS_SET_SHARED_INFO), "dh_cms_set_shared_info"},
-    {ERR_FUNC(DH_F_DH_METH_DUP), "DH_meth_dup"},
-    {ERR_FUNC(DH_F_DH_METH_NEW), "DH_meth_new"},
-    {ERR_FUNC(DH_F_DH_METH_SET1_NAME), "DH_meth_set1_name"},
-    {ERR_FUNC(DH_F_DH_NEW_METHOD), "DH_new_method"},
-    {ERR_FUNC(DH_F_DH_PARAM_DECODE), "dh_param_decode"},
-    {ERR_FUNC(DH_F_DH_PRIV_DECODE), "dh_priv_decode"},
-    {ERR_FUNC(DH_F_DH_PRIV_ENCODE), "dh_priv_encode"},
-    {ERR_FUNC(DH_F_DH_PUB_DECODE), "dh_pub_decode"},
-    {ERR_FUNC(DH_F_DH_PUB_ENCODE), "dh_pub_encode"},
-    {ERR_FUNC(DH_F_DO_DH_PRINT), "do_dh_print"},
-    {ERR_FUNC(DH_F_GENERATE_KEY), "generate_key"},
-    {ERR_FUNC(DH_F_PKEY_DH_DERIVE), "pkey_dh_derive"},
-    {ERR_FUNC(DH_F_PKEY_DH_KEYGEN), "pkey_dh_keygen"},
+static const ERR_STRING_DATA DH_str_functs[] = {
+    {ERR_PACK(ERR_LIB_DH, DH_F_COMPUTE_KEY, 0), "compute_key"},
+    {ERR_PACK(ERR_LIB_DH, DH_F_DHPARAMS_PRINT_FP, 0), "DHparams_print_fp"},
+    {ERR_PACK(ERR_LIB_DH, DH_F_DH_BUILTIN_GENPARAMS, 0),
+     "dh_builtin_genparams"},
+    {ERR_PACK(ERR_LIB_DH, DH_F_DH_CMS_DECRYPT, 0), "dh_cms_decrypt"},
+    {ERR_PACK(ERR_LIB_DH, DH_F_DH_CMS_SET_PEERKEY, 0), "dh_cms_set_peerkey"},
+    {ERR_PACK(ERR_LIB_DH, DH_F_DH_CMS_SET_SHARED_INFO, 0),
+     "dh_cms_set_shared_info"},
+    {ERR_PACK(ERR_LIB_DH, DH_F_DH_METH_DUP, 0), "DH_meth_dup"},
+    {ERR_PACK(ERR_LIB_DH, DH_F_DH_METH_NEW, 0), "DH_meth_new"},
+    {ERR_PACK(ERR_LIB_DH, DH_F_DH_METH_SET1_NAME, 0), "DH_meth_set1_name"},
+    {ERR_PACK(ERR_LIB_DH, DH_F_DH_NEW_METHOD, 0), "DH_new_method"},
+    {ERR_PACK(ERR_LIB_DH, DH_F_DH_PARAM_DECODE, 0), "dh_param_decode"},
+    {ERR_PACK(ERR_LIB_DH, DH_F_DH_PRIV_DECODE, 0), "dh_priv_decode"},
+    {ERR_PACK(ERR_LIB_DH, DH_F_DH_PRIV_ENCODE, 0), "dh_priv_encode"},
+    {ERR_PACK(ERR_LIB_DH, DH_F_DH_PUB_DECODE, 0), "dh_pub_decode"},
+    {ERR_PACK(ERR_LIB_DH, DH_F_DH_PUB_ENCODE, 0), "dh_pub_encode"},
+    {ERR_PACK(ERR_LIB_DH, DH_F_DO_DH_PRINT, 0), "do_dh_print"},
+    {ERR_PACK(ERR_LIB_DH, DH_F_GENERATE_KEY, 0), "generate_key"},
+    {ERR_PACK(ERR_LIB_DH, DH_F_PKEY_DH_DERIVE, 0), "pkey_dh_derive"},
+    {ERR_PACK(ERR_LIB_DH, DH_F_PKEY_DH_KEYGEN, 0), "pkey_dh_keygen"},
     {0, NULL}
 };
 
-static ERR_STRING_DATA DH_str_reasons[] = {
-    {ERR_REASON(DH_R_BAD_GENERATOR), "bad generator"},
-    {ERR_REASON(DH_R_BN_DECODE_ERROR), "bn decode error"},
-    {ERR_REASON(DH_R_BN_ERROR), "bn error"},
-    {ERR_REASON(DH_R_DECODE_ERROR), "decode error"},
-    {ERR_REASON(DH_R_INVALID_PUBKEY), "invalid public key"},
-    {ERR_REASON(DH_R_KDF_PARAMETER_ERROR), "kdf parameter error"},
-    {ERR_REASON(DH_R_KEYS_NOT_SET), "keys not set"},
-    {ERR_REASON(DH_R_MODULUS_TOO_LARGE), "modulus too large"},
-    {ERR_REASON(DH_R_NO_PARAMETERS_SET), "no parameters set"},
-    {ERR_REASON(DH_R_NO_PRIVATE_VALUE), "no private value"},
-    {ERR_REASON(DH_R_PARAMETER_ENCODING_ERROR), "parameter encoding error"},
-    {ERR_REASON(DH_R_PEER_KEY_ERROR), "peer key error"},
-    {ERR_REASON(DH_R_SHARED_INFO_ERROR), "shared info error"},
+static const ERR_STRING_DATA DH_str_reasons[] = {
+    {ERR_PACK(ERR_LIB_DH, 0, DH_R_BAD_GENERATOR), "bad generator"},
+    {ERR_PACK(ERR_LIB_DH, 0, DH_R_BN_DECODE_ERROR), "bn decode error"},
+    {ERR_PACK(ERR_LIB_DH, 0, DH_R_BN_ERROR), "bn error"},
+    {ERR_PACK(ERR_LIB_DH, 0, DH_R_DECODE_ERROR), "decode error"},
+    {ERR_PACK(ERR_LIB_DH, 0, DH_R_INVALID_PUBKEY), "invalid public key"},
+    {ERR_PACK(ERR_LIB_DH, 0, DH_R_KDF_PARAMETER_ERROR), "kdf parameter error"},
+    {ERR_PACK(ERR_LIB_DH, 0, DH_R_KEYS_NOT_SET), "keys not set"},
+    {ERR_PACK(ERR_LIB_DH, 0, DH_R_MODULUS_TOO_LARGE), "modulus too large"},
+    {ERR_PACK(ERR_LIB_DH, 0, DH_R_NO_PARAMETERS_SET), "no parameters set"},
+    {ERR_PACK(ERR_LIB_DH, 0, DH_R_NO_PRIVATE_VALUE), "no private value"},
+    {ERR_PACK(ERR_LIB_DH, 0, DH_R_PARAMETER_ENCODING_ERROR),
+    "parameter encoding error"},
+    {ERR_PACK(ERR_LIB_DH, 0, DH_R_PEER_KEY_ERROR), "peer key error"},
+    {ERR_PACK(ERR_LIB_DH, 0, DH_R_SHARED_INFO_ERROR), "shared info error"},
     {0, NULL}
 };
 
@@ -63,10 +61,9 @@ static ERR_STRING_DATA DH_str_reasons[] = {
 int ERR_load_DH_strings(void)
 {
 #ifndef OPENSSL_NO_ERR
-
     if (ERR_func_error_string(DH_str_functs[0].error) == NULL) {
-        ERR_load_strings(0, DH_str_functs);
-        ERR_load_strings(0, DH_str_reasons);
+        ERR_load_strings_const(DH_str_functs);
+        ERR_load_strings_const(DH_str_reasons);
     }
 #endif
     return 1;
diff --git a/crypto/dsa/dsa_err.c b/crypto/dsa/dsa_err.c
index b8f0af4..168dadf 100644
--- a/crypto/dsa/dsa_err.c
+++ b/crypto/dsa/dsa_err.c
@@ -1,6 +1,6 @@
 /*
  * Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -8,56 +8,56 @@
  * https://www.openssl.org/source/license.html
  */
 
-#include <stdio.h>
 #include <openssl/err.h>
-#include <openssl/dsa.h>
+#include <openssl/dsaerr.h>
 
-/* BEGIN ERROR CODES */
 #ifndef OPENSSL_NO_ERR
 
-# define ERR_FUNC(func) ERR_PACK(ERR_LIB_DSA,func,0)
-# define ERR_REASON(reason) ERR_PACK(ERR_LIB_DSA,0,reason)
-
-static ERR_STRING_DATA DSA_str_functs[] = {
-    {ERR_FUNC(DSA_F_DSAPARAMS_PRINT), "DSAparams_print"},
-    {ERR_FUNC(DSA_F_DSAPARAMS_PRINT_FP), "DSAparams_print_fp"},
-    {ERR_FUNC(DSA_F_DSA_BUILTIN_PARAMGEN), "dsa_builtin_paramgen"},
-    {ERR_FUNC(DSA_F_DSA_BUILTIN_PARAMGEN2), "dsa_builtin_paramgen2"},
-    {ERR_FUNC(DSA_F_DSA_DO_SIGN), "DSA_do_sign"},
-    {ERR_FUNC(DSA_F_DSA_DO_VERIFY), "DSA_do_verify"},
-    {ERR_FUNC(DSA_F_DSA_METH_DUP), "DSA_meth_dup"},
-    {ERR_FUNC(DSA_F_DSA_METH_NEW), "DSA_meth_new"},
-    {ERR_FUNC(DSA_F_DSA_METH_SET1_NAME), "DSA_meth_set1_name"},
-    {ERR_FUNC(DSA_F_DSA_NEW_METHOD), "DSA_new_method"},
-    {ERR_FUNC(DSA_F_DSA_PARAM_DECODE), "dsa_param_decode"},
-    {ERR_FUNC(DSA_F_DSA_PRINT_FP), "DSA_print_fp"},
-    {ERR_FUNC(DSA_F_DSA_PRIV_DECODE), "dsa_priv_decode"},
-    {ERR_FUNC(DSA_F_DSA_PRIV_ENCODE), "dsa_priv_encode"},
-    {ERR_FUNC(DSA_F_DSA_PUB_DECODE), "dsa_pub_decode"},
-    {ERR_FUNC(DSA_F_DSA_PUB_ENCODE), "dsa_pub_encode"},
-    {ERR_FUNC(DSA_F_DSA_SIGN), "DSA_sign"},
-    {ERR_FUNC(DSA_F_DSA_SIGN_SETUP), "DSA_sign_setup"},
-    {ERR_FUNC(DSA_F_DSA_SIG_NEW), "DSA_SIG_new"},
-    {ERR_FUNC(DSA_F_OLD_DSA_PRIV_DECODE), "old_dsa_priv_decode"},
-    {ERR_FUNC(DSA_F_PKEY_DSA_CTRL), "pkey_dsa_ctrl"},
-    {ERR_FUNC(DSA_F_PKEY_DSA_KEYGEN), "pkey_dsa_keygen"},
+static const ERR_STRING_DATA DSA_str_functs[] = {
+    {ERR_PACK(ERR_LIB_DSA, DSA_F_DSAPARAMS_PRINT, 0), "DSAparams_print"},
+    {ERR_PACK(ERR_LIB_DSA, DSA_F_DSAPARAMS_PRINT_FP, 0), "DSAparams_print_fp"},
+    {ERR_PACK(ERR_LIB_DSA, DSA_F_DSA_BUILTIN_PARAMGEN, 0),
+     "dsa_builtin_paramgen"},
+    {ERR_PACK(ERR_LIB_DSA, DSA_F_DSA_BUILTIN_PARAMGEN2, 0),
+     "dsa_builtin_paramgen2"},
+    {ERR_PACK(ERR_LIB_DSA, DSA_F_DSA_DO_SIGN, 0), "DSA_do_sign"},
+    {ERR_PACK(ERR_LIB_DSA, DSA_F_DSA_DO_VERIFY, 0), "DSA_do_verify"},
+    {ERR_PACK(ERR_LIB_DSA, DSA_F_DSA_METH_DUP, 0), "DSA_meth_dup"},
+    {ERR_PACK(ERR_LIB_DSA, DSA_F_DSA_METH_NEW, 0), "DSA_meth_new"},
+    {ERR_PACK(ERR_LIB_DSA, DSA_F_DSA_METH_SET1_NAME, 0), "DSA_meth_set1_name"},
+    {ERR_PACK(ERR_LIB_DSA, DSA_F_DSA_NEW_METHOD, 0), "DSA_new_method"},
+    {ERR_PACK(ERR_LIB_DSA, DSA_F_DSA_PARAM_DECODE, 0), "dsa_param_decode"},
+    {ERR_PACK(ERR_LIB_DSA, DSA_F_DSA_PRINT_FP, 0), "DSA_print_fp"},
+    {ERR_PACK(ERR_LIB_DSA, DSA_F_DSA_PRIV_DECODE, 0), "dsa_priv_decode"},
+    {ERR_PACK(ERR_LIB_DSA, DSA_F_DSA_PRIV_ENCODE, 0), "dsa_priv_encode"},
+    {ERR_PACK(ERR_LIB_DSA, DSA_F_DSA_PUB_DECODE, 0), "dsa_pub_decode"},
+    {ERR_PACK(ERR_LIB_DSA, DSA_F_DSA_PUB_ENCODE, 0), "dsa_pub_encode"},
+    {ERR_PACK(ERR_LIB_DSA, DSA_F_DSA_SIGN, 0), "DSA_sign"},
+    {ERR_PACK(ERR_LIB_DSA, DSA_F_DSA_SIGN_SETUP, 0), "DSA_sign_setup"},
+    {ERR_PACK(ERR_LIB_DSA, DSA_F_DSA_SIG_NEW, 0), "DSA_SIG_new"},
+    {ERR_PACK(ERR_LIB_DSA, DSA_F_OLD_DSA_PRIV_DECODE, 0),
+     "old_dsa_priv_decode"},
+    {ERR_PACK(ERR_LIB_DSA, DSA_F_PKEY_DSA_CTRL, 0), "pkey_dsa_ctrl"},
+    {ERR_PACK(ERR_LIB_DSA, DSA_F_PKEY_DSA_KEYGEN, 0), "pkey_dsa_keygen"},
     {0, NULL}
 };
 
-static ERR_STRING_DATA DSA_str_reasons[] = {
-    {ERR_REASON(DSA_R_BAD_Q_VALUE), "bad q value"},
-    {ERR_REASON(DSA_R_BN_DECODE_ERROR), "bn decode error"},
-    {ERR_REASON(DSA_R_BN_ERROR), "bn error"},
-    {ERR_REASON(DSA_R_DECODE_ERROR), "decode error"},
-    {ERR_REASON(DSA_R_INVALID_DIGEST_TYPE), "invalid digest type"},
-    {ERR_REASON(DSA_R_INVALID_PARAMETERS), "invalid parameters"},
-    {ERR_REASON(DSA_R_MISSING_PARAMETERS), "missing parameters"},
-    {ERR_REASON(DSA_R_MODULUS_TOO_LARGE), "modulus too large"},
-    {ERR_REASON(DSA_R_NO_PARAMETERS_SET), "no parameters set"},
-    {ERR_REASON(DSA_R_PARAMETER_ENCODING_ERROR), "parameter encoding error"},
-    {ERR_REASON(DSA_R_Q_NOT_PRIME), "q not prime"},
-    {ERR_REASON(DSA_R_SEED_LEN_SMALL),
-     "seed_len is less than the length of q"},
+static const ERR_STRING_DATA DSA_str_reasons[] = {
+    {ERR_PACK(ERR_LIB_DSA, 0, DSA_R_BAD_Q_VALUE), "bad q value"},
+    {ERR_PACK(ERR_LIB_DSA, 0, DSA_R_BN_DECODE_ERROR), "bn decode error"},
+    {ERR_PACK(ERR_LIB_DSA, 0, DSA_R_BN_ERROR), "bn error"},
+    {ERR_PACK(ERR_LIB_DSA, 0, DSA_R_DECODE_ERROR), "decode error"},
+    {ERR_PACK(ERR_LIB_DSA, 0, DSA_R_INVALID_DIGEST_TYPE),
+    "invalid digest type"},
+    {ERR_PACK(ERR_LIB_DSA, 0, DSA_R_INVALID_PARAMETERS), "invalid parameters"},
+    {ERR_PACK(ERR_LIB_DSA, 0, DSA_R_MISSING_PARAMETERS), "missing parameters"},
+    {ERR_PACK(ERR_LIB_DSA, 0, DSA_R_MODULUS_TOO_LARGE), "modulus too large"},
+    {ERR_PACK(ERR_LIB_DSA, 0, DSA_R_NO_PARAMETERS_SET), "no parameters set"},
+    {ERR_PACK(ERR_LIB_DSA, 0, DSA_R_PARAMETER_ENCODING_ERROR),
+    "parameter encoding error"},
+    {ERR_PACK(ERR_LIB_DSA, 0, DSA_R_Q_NOT_PRIME), "q not prime"},
+    {ERR_PACK(ERR_LIB_DSA, 0, DSA_R_SEED_LEN_SMALL),
+    "seed_len is less than the length of q"},
     {0, NULL}
 };
 
@@ -66,10 +66,9 @@ static ERR_STRING_DATA DSA_str_reasons[] = {
 int ERR_load_DSA_strings(void)
 {
 #ifndef OPENSSL_NO_ERR
-
     if (ERR_func_error_string(DSA_str_functs[0].error) == NULL) {
-        ERR_load_strings(0, DSA_str_functs);
-        ERR_load_strings(0, DSA_str_reasons);
+        ERR_load_strings_const(DSA_str_functs);
+        ERR_load_strings_const(DSA_str_reasons);
     }
 #endif
     return 1;
diff --git a/crypto/dso/dso_err.c b/crypto/dso/dso_err.c
index 07588d5..6f2dc08 100644
--- a/crypto/dso/dso_err.c
+++ b/crypto/dso/dso_err.c
@@ -1,6 +1,6 @@
 /*
  * Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -8,73 +8,81 @@
  * https://www.openssl.org/source/license.html
  */
 
-#include <stdio.h>
 #include <openssl/err.h>
-#include "internal/dso.h"
+#include "internal/dsoerr.h"
 
-/* BEGIN ERROR CODES */
 #ifndef OPENSSL_NO_ERR
 
-# define ERR_FUNC(func) ERR_PACK(ERR_LIB_DSO,func,0)
-# define ERR_REASON(reason) ERR_PACK(ERR_LIB_DSO,0,reason)
-
-static ERR_STRING_DATA DSO_str_functs[] = {
-    {ERR_FUNC(DSO_F_DLFCN_BIND_FUNC), "dlfcn_bind_func"},
-    {ERR_FUNC(DSO_F_DLFCN_LOAD), "dlfcn_load"},
-    {ERR_FUNC(DSO_F_DLFCN_MERGER), "dlfcn_merger"},
-    {ERR_FUNC(DSO_F_DLFCN_NAME_CONVERTER), "dlfcn_name_converter"},
-    {ERR_FUNC(DSO_F_DLFCN_UNLOAD), "dlfcn_unload"},
-    {ERR_FUNC(DSO_F_DL_BIND_FUNC), "dl_bind_func"},
-    {ERR_FUNC(DSO_F_DL_LOAD), "dl_load"},
-    {ERR_FUNC(DSO_F_DL_MERGER), "dl_merger"},
-    {ERR_FUNC(DSO_F_DL_NAME_CONVERTER), "dl_name_converter"},
-    {ERR_FUNC(DSO_F_DL_UNLOAD), "dl_unload"},
-    {ERR_FUNC(DSO_F_DSO_BIND_FUNC), "DSO_bind_func"},
-    {ERR_FUNC(DSO_F_DSO_CONVERT_FILENAME), "DSO_convert_filename"},
-    {ERR_FUNC(DSO_F_DSO_CTRL), "DSO_ctrl"},
-    {ERR_FUNC(DSO_F_DSO_FREE), "DSO_free"},
-    {ERR_FUNC(DSO_F_DSO_GET_FILENAME), "DSO_get_filename"},
-    {ERR_FUNC(DSO_F_DSO_GLOBAL_LOOKUP), "DSO_global_lookup"},
-    {ERR_FUNC(DSO_F_DSO_LOAD), "DSO_load"},
-    {ERR_FUNC(DSO_F_DSO_MERGE), "DSO_merge"},
-    {ERR_FUNC(DSO_F_DSO_NEW_METHOD), "DSO_new_method"},
-    {ERR_FUNC(DSO_F_DSO_PATHBYADDR), "DSO_pathbyaddr"},
-    {ERR_FUNC(DSO_F_DSO_SET_FILENAME), "DSO_set_filename"},
-    {ERR_FUNC(DSO_F_DSO_UP_REF), "DSO_up_ref"},
-    {ERR_FUNC(DSO_F_VMS_BIND_SYM), "vms_bind_sym"},
-    {ERR_FUNC(DSO_F_VMS_LOAD), "vms_load"},
-    {ERR_FUNC(DSO_F_VMS_MERGER), "vms_merger"},
-    {ERR_FUNC(DSO_F_VMS_UNLOAD), "vms_unload"},
-    {ERR_FUNC(DSO_F_WIN32_BIND_FUNC), "win32_bind_func"},
-    {ERR_FUNC(DSO_F_WIN32_GLOBALLOOKUP), "win32_globallookup"},
-    {ERR_FUNC(DSO_F_WIN32_JOINER), "win32_joiner"},
-    {ERR_FUNC(DSO_F_WIN32_LOAD), "win32_load"},
-    {ERR_FUNC(DSO_F_WIN32_MERGER), "win32_merger"},
-    {ERR_FUNC(DSO_F_WIN32_NAME_CONVERTER), "win32_name_converter"},
-    {ERR_FUNC(DSO_F_WIN32_PATHBYADDR), "win32_pathbyaddr"},
-    {ERR_FUNC(DSO_F_WIN32_SPLITTER), "win32_splitter"},
-    {ERR_FUNC(DSO_F_WIN32_UNLOAD), "win32_unload"},
+static const ERR_STRING_DATA DSO_str_functs[] = {
+    {ERR_PACK(ERR_LIB_DSO, DSO_F_DLFCN_BIND_FUNC, 0), "dlfcn_bind_func"},
+    {ERR_PACK(ERR_LIB_DSO, DSO_F_DLFCN_LOAD, 0), "dlfcn_load"},
+    {ERR_PACK(ERR_LIB_DSO, DSO_F_DLFCN_MERGER, 0), "dlfcn_merger"},
+    {ERR_PACK(ERR_LIB_DSO, DSO_F_DLFCN_NAME_CONVERTER, 0),
+     "dlfcn_name_converter"},
+    {ERR_PACK(ERR_LIB_DSO, DSO_F_DLFCN_UNLOAD, 0), "dlfcn_unload"},
+    {ERR_PACK(ERR_LIB_DSO, DSO_F_DL_BIND_FUNC, 0), "dl_bind_func"},
+    {ERR_PACK(ERR_LIB_DSO, DSO_F_DL_LOAD, 0), "dl_load"},
+    {ERR_PACK(ERR_LIB_DSO, DSO_F_DL_MERGER, 0), "dl_merger"},
+    {ERR_PACK(ERR_LIB_DSO, DSO_F_DL_NAME_CONVERTER, 0), "dl_name_converter"},
+    {ERR_PACK(ERR_LIB_DSO, DSO_F_DL_UNLOAD, 0), "dl_unload"},
+    {ERR_PACK(ERR_LIB_DSO, DSO_F_DSO_BIND_FUNC, 0), "DSO_bind_func"},
+    {ERR_PACK(ERR_LIB_DSO, DSO_F_DSO_CONVERT_FILENAME, 0),
+     "DSO_convert_filename"},
+    {ERR_PACK(ERR_LIB_DSO, DSO_F_DSO_CTRL, 0), "DSO_ctrl"},
+    {ERR_PACK(ERR_LIB_DSO, DSO_F_DSO_FREE, 0), "DSO_free"},
+    {ERR_PACK(ERR_LIB_DSO, DSO_F_DSO_GET_FILENAME, 0), "DSO_get_filename"},
+    {ERR_PACK(ERR_LIB_DSO, DSO_F_DSO_GLOBAL_LOOKUP, 0), "DSO_global_lookup"},
+    {ERR_PACK(ERR_LIB_DSO, DSO_F_DSO_LOAD, 0), "DSO_load"},
+    {ERR_PACK(ERR_LIB_DSO, DSO_F_DSO_MERGE, 0), "DSO_merge"},
+    {ERR_PACK(ERR_LIB_DSO, DSO_F_DSO_NEW_METHOD, 0), "DSO_new_method"},
+    {ERR_PACK(ERR_LIB_DSO, DSO_F_DSO_PATHBYADDR, 0), "DSO_pathbyaddr"},
+    {ERR_PACK(ERR_LIB_DSO, DSO_F_DSO_SET_FILENAME, 0), "DSO_set_filename"},
+    {ERR_PACK(ERR_LIB_DSO, DSO_F_DSO_UP_REF, 0), "DSO_up_ref"},
+    {ERR_PACK(ERR_LIB_DSO, DSO_F_VMS_BIND_SYM, 0), "vms_bind_sym"},
+    {ERR_PACK(ERR_LIB_DSO, DSO_F_VMS_LOAD, 0), "vms_load"},
+    {ERR_PACK(ERR_LIB_DSO, DSO_F_VMS_MERGER, 0), "vms_merger"},
+    {ERR_PACK(ERR_LIB_DSO, DSO_F_VMS_UNLOAD, 0), "vms_unload"},
+    {ERR_PACK(ERR_LIB_DSO, DSO_F_WIN32_BIND_FUNC, 0), "win32_bind_func"},
+    {ERR_PACK(ERR_LIB_DSO, DSO_F_WIN32_GLOBALLOOKUP, 0), "win32_globallookup"},
+    {ERR_PACK(ERR_LIB_DSO, DSO_F_WIN32_JOINER, 0), "win32_joiner"},
+    {ERR_PACK(ERR_LIB_DSO, DSO_F_WIN32_LOAD, 0), "win32_load"},
+    {ERR_PACK(ERR_LIB_DSO, DSO_F_WIN32_MERGER, 0), "win32_merger"},
+    {ERR_PACK(ERR_LIB_DSO, DSO_F_WIN32_NAME_CONVERTER, 0),
+     "win32_name_converter"},
+    {ERR_PACK(ERR_LIB_DSO, DSO_F_WIN32_PATHBYADDR, 0), "win32_pathbyaddr"},
+    {ERR_PACK(ERR_LIB_DSO, DSO_F_WIN32_SPLITTER, 0), "win32_splitter"},
+    {ERR_PACK(ERR_LIB_DSO, DSO_F_WIN32_UNLOAD, 0), "win32_unload"},
     {0, NULL}
 };
 
-static ERR_STRING_DATA DSO_str_reasons[] = {
-    {ERR_REASON(DSO_R_CTRL_FAILED), "control command failed"},
-    {ERR_REASON(DSO_R_DSO_ALREADY_LOADED), "dso already loaded"},
-    {ERR_REASON(DSO_R_EMPTY_FILE_STRUCTURE), "empty file structure"},
-    {ERR_REASON(DSO_R_FAILURE), "failure"},
-    {ERR_REASON(DSO_R_FILENAME_TOO_BIG), "filename too big"},
-    {ERR_REASON(DSO_R_FINISH_FAILED), "cleanup method function failed"},
-    {ERR_REASON(DSO_R_INCORRECT_FILE_SYNTAX), "incorrect file syntax"},
-    {ERR_REASON(DSO_R_LOAD_FAILED), "could not load the shared library"},
-    {ERR_REASON(DSO_R_NAME_TRANSLATION_FAILED), "name translation failed"},
-    {ERR_REASON(DSO_R_NO_FILENAME), "no filename"},
-    {ERR_REASON(DSO_R_NULL_HANDLE), "a null shared library handle was used"},
-    {ERR_REASON(DSO_R_SET_FILENAME_FAILED), "set filename failed"},
-    {ERR_REASON(DSO_R_STACK_ERROR), "the meth_data stack is corrupt"},
-    {ERR_REASON(DSO_R_SYM_FAILURE),
-     "could not bind to the requested symbol name"},
-    {ERR_REASON(DSO_R_UNLOAD_FAILED), "could not unload the shared library"},
-    {ERR_REASON(DSO_R_UNSUPPORTED), "functionality not supported"},
+static const ERR_STRING_DATA DSO_str_reasons[] = {
+    {ERR_PACK(ERR_LIB_DSO, 0, DSO_R_CTRL_FAILED), "control command failed"},
+    {ERR_PACK(ERR_LIB_DSO, 0, DSO_R_DSO_ALREADY_LOADED), "dso already loaded"},
+    {ERR_PACK(ERR_LIB_DSO, 0, DSO_R_EMPTY_FILE_STRUCTURE),
+    "empty file structure"},
+    {ERR_PACK(ERR_LIB_DSO, 0, DSO_R_FAILURE), "failure"},
+    {ERR_PACK(ERR_LIB_DSO, 0, DSO_R_FILENAME_TOO_BIG), "filename too big"},
+    {ERR_PACK(ERR_LIB_DSO, 0, DSO_R_FINISH_FAILED),
+    "cleanup method function failed"},
+    {ERR_PACK(ERR_LIB_DSO, 0, DSO_R_INCORRECT_FILE_SYNTAX),
+    "incorrect file syntax"},
+    {ERR_PACK(ERR_LIB_DSO, 0, DSO_R_LOAD_FAILED),
+    "could not load the shared library"},
+    {ERR_PACK(ERR_LIB_DSO, 0, DSO_R_NAME_TRANSLATION_FAILED),
+    "name translation failed"},
+    {ERR_PACK(ERR_LIB_DSO, 0, DSO_R_NO_FILENAME), "no filename"},
+    {ERR_PACK(ERR_LIB_DSO, 0, DSO_R_NULL_HANDLE),
+    "a null shared library handle was used"},
+    {ERR_PACK(ERR_LIB_DSO, 0, DSO_R_SET_FILENAME_FAILED),
+    "set filename failed"},
+    {ERR_PACK(ERR_LIB_DSO, 0, DSO_R_STACK_ERROR),
+    "the meth_data stack is corrupt"},
+    {ERR_PACK(ERR_LIB_DSO, 0, DSO_R_SYM_FAILURE),
+    "could not bind to the requested symbol name"},
+    {ERR_PACK(ERR_LIB_DSO, 0, DSO_R_UNLOAD_FAILED),
+    "could not unload the shared library"},
+    {ERR_PACK(ERR_LIB_DSO, 0, DSO_R_UNSUPPORTED),
+    "functionality not supported"},
     {0, NULL}
 };
 
@@ -83,10 +91,9 @@ static ERR_STRING_DATA DSO_str_reasons[] = {
 int ERR_load_DSO_strings(void)
 {
 #ifndef OPENSSL_NO_ERR
-
     if (ERR_func_error_string(DSO_str_functs[0].error) == NULL) {
-        ERR_load_strings(0, DSO_str_functs);
-        ERR_load_strings(0, DSO_str_reasons);
+        ERR_load_strings_const(DSO_str_functs);
+        ERR_load_strings_const(DSO_str_reasons);
     }
 #endif
     return 1;
diff --git a/crypto/ec/ec_err.c b/crypto/ec/ec_err.c
index 981ed20..0097825 100644
--- a/crypto/ec/ec_err.c
+++ b/crypto/ec/ec_err.c
@@ -8,273 +8,328 @@
  * https://www.openssl.org/source/license.html
  */
 
-#include <stdio.h>
 #include <openssl/err.h>
-#include <openssl/ec.h>
+#include <openssl/ecerr.h>
 
-/* BEGIN ERROR CODES */
 #ifndef OPENSSL_NO_ERR
 
-# define ERR_FUNC(func) ERR_PACK(ERR_LIB_EC,func,0)
-# define ERR_REASON(reason) ERR_PACK(ERR_LIB_EC,0,reason)
-
-static ERR_STRING_DATA EC_str_functs[] = {
-    {ERR_FUNC(EC_F_BN_TO_FELEM), "BN_to_felem"},
-    {ERR_FUNC(EC_F_D2I_ECPARAMETERS), "d2i_ECParameters"},
-    {ERR_FUNC(EC_F_D2I_ECPKPARAMETERS), "d2i_ECPKParameters"},
-    {ERR_FUNC(EC_F_D2I_ECPRIVATEKEY), "d2i_ECPrivateKey"},
-    {ERR_FUNC(EC_F_DO_EC_KEY_PRINT), "do_EC_KEY_print"},
-    {ERR_FUNC(EC_F_ECDH_CMS_DECRYPT), "ecdh_cms_decrypt"},
-    {ERR_FUNC(EC_F_ECDH_CMS_SET_SHARED_INFO), "ecdh_cms_set_shared_info"},
-    {ERR_FUNC(EC_F_ECDH_COMPUTE_KEY), "ECDH_compute_key"},
-    {ERR_FUNC(EC_F_ECDH_SIMPLE_COMPUTE_KEY), "ecdh_simple_compute_key"},
-    {ERR_FUNC(EC_F_ECDSA_DO_SIGN_EX), "ECDSA_do_sign_ex"},
-    {ERR_FUNC(EC_F_ECDSA_DO_VERIFY), "ECDSA_do_verify"},
-    {ERR_FUNC(EC_F_ECDSA_SIGN_EX), "ECDSA_sign_ex"},
-    {ERR_FUNC(EC_F_ECDSA_SIGN_SETUP), "ECDSA_sign_setup"},
-    {ERR_FUNC(EC_F_ECDSA_SIG_NEW), "ECDSA_SIG_new"},
-    {ERR_FUNC(EC_F_ECDSA_VERIFY), "ECDSA_verify"},
-    {ERR_FUNC(EC_F_ECD_ITEM_VERIFY), "ecd_item_verify"},
-    {ERR_FUNC(EC_F_ECKEY_PARAM2TYPE), "eckey_param2type"},
-    {ERR_FUNC(EC_F_ECKEY_PARAM_DECODE), "eckey_param_decode"},
-    {ERR_FUNC(EC_F_ECKEY_PRIV_DECODE), "eckey_priv_decode"},
-    {ERR_FUNC(EC_F_ECKEY_PRIV_ENCODE), "eckey_priv_encode"},
-    {ERR_FUNC(EC_F_ECKEY_PUB_DECODE), "eckey_pub_decode"},
-    {ERR_FUNC(EC_F_ECKEY_PUB_ENCODE), "eckey_pub_encode"},
-    {ERR_FUNC(EC_F_ECKEY_TYPE2PARAM), "eckey_type2param"},
-    {ERR_FUNC(EC_F_ECPARAMETERS_PRINT), "ECParameters_print"},
-    {ERR_FUNC(EC_F_ECPARAMETERS_PRINT_FP), "ECParameters_print_fp"},
-    {ERR_FUNC(EC_F_ECPKPARAMETERS_PRINT), "ECPKParameters_print"},
-    {ERR_FUNC(EC_F_ECPKPARAMETERS_PRINT_FP), "ECPKParameters_print_fp"},
-    {ERR_FUNC(EC_F_ECP_NISTZ256_GET_AFFINE), "ecp_nistz256_get_affine"},
-    {ERR_FUNC(EC_F_ECP_NISTZ256_MULT_PRECOMPUTE),
+static const ERR_STRING_DATA EC_str_functs[] = {
+    {ERR_PACK(ERR_LIB_EC, EC_F_BN_TO_FELEM, 0), "BN_to_felem"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_D2I_ECPARAMETERS, 0), "d2i_ECParameters"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_D2I_ECPKPARAMETERS, 0), "d2i_ECPKParameters"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_D2I_ECPRIVATEKEY, 0), "d2i_ECPrivateKey"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_DO_EC_KEY_PRINT, 0), "do_EC_KEY_print"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_ECDH_CMS_DECRYPT, 0), "ecdh_cms_decrypt"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_ECDH_CMS_SET_SHARED_INFO, 0),
+     "ecdh_cms_set_shared_info"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_ECDH_COMPUTE_KEY, 0), "ECDH_compute_key"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_ECDH_SIMPLE_COMPUTE_KEY, 0),
+     "ecdh_simple_compute_key"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_ECDSA_DO_SIGN_EX, 0), "ECDSA_do_sign_ex"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_ECDSA_DO_VERIFY, 0), "ECDSA_do_verify"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_ECDSA_SIGN_EX, 0), "ECDSA_sign_ex"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_ECDSA_SIGN_SETUP, 0), "ECDSA_sign_setup"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_ECDSA_SIG_NEW, 0), "ECDSA_SIG_new"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_ECDSA_VERIFY, 0), "ECDSA_verify"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_ECD_ITEM_VERIFY, 0), "ecd_item_verify"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_ECKEY_PARAM2TYPE, 0), "eckey_param2type"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_ECKEY_PARAM_DECODE, 0), "eckey_param_decode"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_ECKEY_PRIV_DECODE, 0), "eckey_priv_decode"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_ECKEY_PRIV_ENCODE, 0), "eckey_priv_encode"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_ECKEY_PUB_DECODE, 0), "eckey_pub_decode"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_ECKEY_PUB_ENCODE, 0), "eckey_pub_encode"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_ECKEY_TYPE2PARAM, 0), "eckey_type2param"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_ECPARAMETERS_PRINT, 0), "ECParameters_print"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_ECPARAMETERS_PRINT_FP, 0),
+     "ECParameters_print_fp"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_ECPKPARAMETERS_PRINT, 0),
+     "ECPKParameters_print"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_ECPKPARAMETERS_PRINT_FP, 0),
+     "ECPKParameters_print_fp"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_ECP_NISTZ256_GET_AFFINE, 0),
+     "ecp_nistz256_get_affine"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_ECP_NISTZ256_MULT_PRECOMPUTE, 0),
      "ecp_nistz256_mult_precompute"},
-    {ERR_FUNC(EC_F_ECP_NISTZ256_POINTS_MUL), "ecp_nistz256_points_mul"},
-    {ERR_FUNC(EC_F_ECP_NISTZ256_PRE_COMP_NEW), "ecp_nistz256_pre_comp_new"},
-    {ERR_FUNC(EC_F_ECP_NISTZ256_WINDOWED_MUL), "ecp_nistz256_windowed_mul"},
-    {ERR_FUNC(EC_F_ECX_KEY_OP), "ecx_key_op"},
-    {ERR_FUNC(EC_F_ECX_PRIV_ENCODE), "ecx_priv_encode"},
-    {ERR_FUNC(EC_F_ECX_PUB_ENCODE), "ecx_pub_encode"},
-    {ERR_FUNC(EC_F_EC_ASN1_GROUP2CURVE), "ec_asn1_group2curve"},
-    {ERR_FUNC(EC_F_EC_ASN1_GROUP2FIELDID), "ec_asn1_group2fieldid"},
-    {ERR_FUNC(EC_F_EC_GF2M_MONTGOMERY_POINT_MULTIPLY),
+    {ERR_PACK(ERR_LIB_EC, EC_F_ECP_NISTZ256_POINTS_MUL, 0),
+     "ecp_nistz256_points_mul"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_ECP_NISTZ256_PRE_COMP_NEW, 0),
+     "ecp_nistz256_pre_comp_new"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_ECP_NISTZ256_WINDOWED_MUL, 0),
+     "ecp_nistz256_windowed_mul"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_ECX_KEY_OP, 0), "ecx_key_op"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_ECX_PRIV_ENCODE, 0), "ecx_priv_encode"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_ECX_PUB_ENCODE, 0), "ecx_pub_encode"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_EC_ASN1_GROUP2CURVE, 0), "ec_asn1_group2curve"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_EC_ASN1_GROUP2FIELDID, 0),
+     "ec_asn1_group2fieldid"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_EC_GF2M_MONTGOMERY_POINT_MULTIPLY, 0),
      "ec_GF2m_montgomery_point_multiply"},
-    {ERR_FUNC(EC_F_EC_GF2M_SIMPLE_GROUP_CHECK_DISCRIMINANT),
+    {ERR_PACK(ERR_LIB_EC, EC_F_EC_GF2M_SIMPLE_GROUP_CHECK_DISCRIMINANT, 0),
      "ec_GF2m_simple_group_check_discriminant"},
-    {ERR_FUNC(EC_F_EC_GF2M_SIMPLE_GROUP_SET_CURVE),
+    {ERR_PACK(ERR_LIB_EC, EC_F_EC_GF2M_SIMPLE_GROUP_SET_CURVE, 0),
      "ec_GF2m_simple_group_set_curve"},
-    {ERR_FUNC(EC_F_EC_GF2M_SIMPLE_OCT2POINT), "ec_GF2m_simple_oct2point"},
-    {ERR_FUNC(EC_F_EC_GF2M_SIMPLE_POINT2OCT), "ec_GF2m_simple_point2oct"},
-    {ERR_FUNC(EC_F_EC_GF2M_SIMPLE_POINT_GET_AFFINE_COORDINATES),
+    {ERR_PACK(ERR_LIB_EC, EC_F_EC_GF2M_SIMPLE_OCT2POINT, 0),
+     "ec_GF2m_simple_oct2point"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_EC_GF2M_SIMPLE_POINT2OCT, 0),
+     "ec_GF2m_simple_point2oct"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_EC_GF2M_SIMPLE_POINT_GET_AFFINE_COORDINATES, 0),
      "ec_GF2m_simple_point_get_affine_coordinates"},
-    {ERR_FUNC(EC_F_EC_GF2M_SIMPLE_POINT_SET_AFFINE_COORDINATES),
+    {ERR_PACK(ERR_LIB_EC, EC_F_EC_GF2M_SIMPLE_POINT_SET_AFFINE_COORDINATES, 0),
      "ec_GF2m_simple_point_set_affine_coordinates"},
-    {ERR_FUNC(EC_F_EC_GF2M_SIMPLE_SET_COMPRESSED_COORDINATES),
+    {ERR_PACK(ERR_LIB_EC, EC_F_EC_GF2M_SIMPLE_SET_COMPRESSED_COORDINATES, 0),
      "ec_GF2m_simple_set_compressed_coordinates"},
-    {ERR_FUNC(EC_F_EC_GFP_MONT_FIELD_DECODE), "ec_GFp_mont_field_decode"},
-    {ERR_FUNC(EC_F_EC_GFP_MONT_FIELD_ENCODE), "ec_GFp_mont_field_encode"},
-    {ERR_FUNC(EC_F_EC_GFP_MONT_FIELD_MUL), "ec_GFp_mont_field_mul"},
-    {ERR_FUNC(EC_F_EC_GFP_MONT_FIELD_SET_TO_ONE),
+    {ERR_PACK(ERR_LIB_EC, EC_F_EC_GFP_MONT_FIELD_DECODE, 0),
+     "ec_GFp_mont_field_decode"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_EC_GFP_MONT_FIELD_ENCODE, 0),
+     "ec_GFp_mont_field_encode"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_EC_GFP_MONT_FIELD_MUL, 0),
+     "ec_GFp_mont_field_mul"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_EC_GFP_MONT_FIELD_SET_TO_ONE, 0),
      "ec_GFp_mont_field_set_to_one"},
-    {ERR_FUNC(EC_F_EC_GFP_MONT_FIELD_SQR), "ec_GFp_mont_field_sqr"},
-    {ERR_FUNC(EC_F_EC_GFP_MONT_GROUP_SET_CURVE),
+    {ERR_PACK(ERR_LIB_EC, EC_F_EC_GFP_MONT_FIELD_SQR, 0),
+     "ec_GFp_mont_field_sqr"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_EC_GFP_MONT_GROUP_SET_CURVE, 0),
      "ec_GFp_mont_group_set_curve"},
-    {ERR_FUNC(EC_F_EC_GFP_NISTP224_GROUP_SET_CURVE),
+    {ERR_PACK(ERR_LIB_EC, EC_F_EC_GFP_NISTP224_GROUP_SET_CURVE, 0),
      "ec_GFp_nistp224_group_set_curve"},
-    {ERR_FUNC(EC_F_EC_GFP_NISTP224_POINTS_MUL), "ec_GFp_nistp224_points_mul"},
-    {ERR_FUNC(EC_F_EC_GFP_NISTP224_POINT_GET_AFFINE_COORDINATES),
+    {ERR_PACK(ERR_LIB_EC, EC_F_EC_GFP_NISTP224_POINTS_MUL, 0),
+     "ec_GFp_nistp224_points_mul"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_EC_GFP_NISTP224_POINT_GET_AFFINE_COORDINATES, 0),
      "ec_GFp_nistp224_point_get_affine_coordinates"},
-    {ERR_FUNC(EC_F_EC_GFP_NISTP256_GROUP_SET_CURVE),
+    {ERR_PACK(ERR_LIB_EC, EC_F_EC_GFP_NISTP256_GROUP_SET_CURVE, 0),
      "ec_GFp_nistp256_group_set_curve"},
-    {ERR_FUNC(EC_F_EC_GFP_NISTP256_POINTS_MUL), "ec_GFp_nistp256_points_mul"},
-    {ERR_FUNC(EC_F_EC_GFP_NISTP256_POINT_GET_AFFINE_COORDINATES),
+    {ERR_PACK(ERR_LIB_EC, EC_F_EC_GFP_NISTP256_POINTS_MUL, 0),
+     "ec_GFp_nistp256_points_mul"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_EC_GFP_NISTP256_POINT_GET_AFFINE_COORDINATES, 0),
      "ec_GFp_nistp256_point_get_affine_coordinates"},
-    {ERR_FUNC(EC_F_EC_GFP_NISTP521_GROUP_SET_CURVE),
+    {ERR_PACK(ERR_LIB_EC, EC_F_EC_GFP_NISTP521_GROUP_SET_CURVE, 0),
      "ec_GFp_nistp521_group_set_curve"},
-    {ERR_FUNC(EC_F_EC_GFP_NISTP521_POINTS_MUL), "ec_GFp_nistp521_points_mul"},
-    {ERR_FUNC(EC_F_EC_GFP_NISTP521_POINT_GET_AFFINE_COORDINATES),
+    {ERR_PACK(ERR_LIB_EC, EC_F_EC_GFP_NISTP521_POINTS_MUL, 0),
+     "ec_GFp_nistp521_points_mul"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_EC_GFP_NISTP521_POINT_GET_AFFINE_COORDINATES, 0),
      "ec_GFp_nistp521_point_get_affine_coordinates"},
-    {ERR_FUNC(EC_F_EC_GFP_NIST_FIELD_MUL), "ec_GFp_nist_field_mul"},
-    {ERR_FUNC(EC_F_EC_GFP_NIST_FIELD_SQR), "ec_GFp_nist_field_sqr"},
-    {ERR_FUNC(EC_F_EC_GFP_NIST_GROUP_SET_CURVE),
+    {ERR_PACK(ERR_LIB_EC, EC_F_EC_GFP_NIST_FIELD_MUL, 0),
+     "ec_GFp_nist_field_mul"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_EC_GFP_NIST_FIELD_SQR, 0),
+     "ec_GFp_nist_field_sqr"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_EC_GFP_NIST_GROUP_SET_CURVE, 0),
      "ec_GFp_nist_group_set_curve"},
-    {ERR_FUNC(EC_F_EC_GFP_SIMPLE_GROUP_CHECK_DISCRIMINANT),
+    {ERR_PACK(ERR_LIB_EC, EC_F_EC_GFP_SIMPLE_GROUP_CHECK_DISCRIMINANT, 0),
      "ec_GFp_simple_group_check_discriminant"},
-    {ERR_FUNC(EC_F_EC_GFP_SIMPLE_GROUP_SET_CURVE),
+    {ERR_PACK(ERR_LIB_EC, EC_F_EC_GFP_SIMPLE_GROUP_SET_CURVE, 0),
      "ec_GFp_simple_group_set_curve"},
-    {ERR_FUNC(EC_F_EC_GFP_SIMPLE_MAKE_AFFINE), "ec_GFp_simple_make_affine"},
-    {ERR_FUNC(EC_F_EC_GFP_SIMPLE_OCT2POINT), "ec_GFp_simple_oct2point"},
-    {ERR_FUNC(EC_F_EC_GFP_SIMPLE_POINT2OCT), "ec_GFp_simple_point2oct"},
-    {ERR_FUNC(EC_F_EC_GFP_SIMPLE_POINTS_MAKE_AFFINE),
+    {ERR_PACK(ERR_LIB_EC, EC_F_EC_GFP_SIMPLE_MAKE_AFFINE, 0),
+     "ec_GFp_simple_make_affine"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_EC_GFP_SIMPLE_OCT2POINT, 0),
+     "ec_GFp_simple_oct2point"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_EC_GFP_SIMPLE_POINT2OCT, 0),
+     "ec_GFp_simple_point2oct"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_EC_GFP_SIMPLE_POINTS_MAKE_AFFINE, 0),
      "ec_GFp_simple_points_make_affine"},
-    {ERR_FUNC(EC_F_EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES),
+    {ERR_PACK(ERR_LIB_EC, EC_F_EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES, 0),
      "ec_GFp_simple_point_get_affine_coordinates"},
-    {ERR_FUNC(EC_F_EC_GFP_SIMPLE_POINT_SET_AFFINE_COORDINATES),
+    {ERR_PACK(ERR_LIB_EC, EC_F_EC_GFP_SIMPLE_POINT_SET_AFFINE_COORDINATES, 0),
      "ec_GFp_simple_point_set_affine_coordinates"},
-    {ERR_FUNC(EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES),
+    {ERR_PACK(ERR_LIB_EC, EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES, 0),
      "ec_GFp_simple_set_compressed_coordinates"},
-    {ERR_FUNC(EC_F_EC_GROUP_CHECK), "EC_GROUP_check"},
-    {ERR_FUNC(EC_F_EC_GROUP_CHECK_DISCRIMINANT),
+    {ERR_PACK(ERR_LIB_EC, EC_F_EC_GROUP_CHECK, 0), "EC_GROUP_check"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_EC_GROUP_CHECK_DISCRIMINANT, 0),
      "EC_GROUP_check_discriminant"},
-    {ERR_FUNC(EC_F_EC_GROUP_COPY), "EC_GROUP_copy"},
-    {ERR_FUNC(EC_F_EC_GROUP_GET_CURVE_GF2M), "EC_GROUP_get_curve_GF2m"},
-    {ERR_FUNC(EC_F_EC_GROUP_GET_CURVE_GFP), "EC_GROUP_get_curve_GFp"},
-    {ERR_FUNC(EC_F_EC_GROUP_GET_DEGREE), "EC_GROUP_get_degree"},
-    {ERR_FUNC(EC_F_EC_GROUP_GET_ECPARAMETERS), "EC_GROUP_get_ecparameters"},
-    {ERR_FUNC(EC_F_EC_GROUP_GET_ECPKPARAMETERS),
+    {ERR_PACK(ERR_LIB_EC, EC_F_EC_GROUP_COPY, 0), "EC_GROUP_copy"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_EC_GROUP_GET_CURVE_GF2M, 0),
+     "EC_GROUP_get_curve_GF2m"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_EC_GROUP_GET_CURVE_GFP, 0),
+     "EC_GROUP_get_curve_GFp"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_EC_GROUP_GET_DEGREE, 0), "EC_GROUP_get_degree"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_EC_GROUP_GET_ECPARAMETERS, 0),
+     "EC_GROUP_get_ecparameters"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_EC_GROUP_GET_ECPKPARAMETERS, 0),
      "EC_GROUP_get_ecpkparameters"},
-    {ERR_FUNC(EC_F_EC_GROUP_GET_PENTANOMIAL_BASIS),
+    {ERR_PACK(ERR_LIB_EC, EC_F_EC_GROUP_GET_PENTANOMIAL_BASIS, 0),
      "EC_GROUP_get_pentanomial_basis"},
-    {ERR_FUNC(EC_F_EC_GROUP_GET_TRINOMIAL_BASIS),
+    {ERR_PACK(ERR_LIB_EC, EC_F_EC_GROUP_GET_TRINOMIAL_BASIS, 0),
      "EC_GROUP_get_trinomial_basis"},
-    {ERR_FUNC(EC_F_EC_GROUP_NEW), "EC_GROUP_new"},
-    {ERR_FUNC(EC_F_EC_GROUP_NEW_BY_CURVE_NAME), "EC_GROUP_new_by_curve_name"},
-    {ERR_FUNC(EC_F_EC_GROUP_NEW_FROM_DATA), "ec_group_new_from_data"},
-    {ERR_FUNC(EC_F_EC_GROUP_NEW_FROM_ECPARAMETERS),
+    {ERR_PACK(ERR_LIB_EC, EC_F_EC_GROUP_NEW, 0), "EC_GROUP_new"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_EC_GROUP_NEW_BY_CURVE_NAME, 0),
+     "EC_GROUP_new_by_curve_name"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_EC_GROUP_NEW_FROM_DATA, 0),
+     "ec_group_new_from_data"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_EC_GROUP_NEW_FROM_ECPARAMETERS, 0),
      "EC_GROUP_new_from_ecparameters"},
-    {ERR_FUNC(EC_F_EC_GROUP_NEW_FROM_ECPKPARAMETERS),
+    {ERR_PACK(ERR_LIB_EC, EC_F_EC_GROUP_NEW_FROM_ECPKPARAMETERS, 0),
      "EC_GROUP_new_from_ecpkparameters"},
-    {ERR_FUNC(EC_F_EC_GROUP_SET_CURVE_GF2M), "EC_GROUP_set_curve_GF2m"},
-    {ERR_FUNC(EC_F_EC_GROUP_SET_CURVE_GFP), "EC_GROUP_set_curve_GFp"},
-    {ERR_FUNC(EC_F_EC_GROUP_SET_GENERATOR), "EC_GROUP_set_generator"},
-    {ERR_FUNC(EC_F_EC_KEY_CHECK_KEY), "EC_KEY_check_key"},
-    {ERR_FUNC(EC_F_EC_KEY_COPY), "EC_KEY_copy"},
-    {ERR_FUNC(EC_F_EC_KEY_GENERATE_KEY), "EC_KEY_generate_key"},
-    {ERR_FUNC(EC_F_EC_KEY_NEW), "EC_KEY_new"},
-    {ERR_FUNC(EC_F_EC_KEY_NEW_METHOD), "EC_KEY_new_method"},
-    {ERR_FUNC(EC_F_EC_KEY_OCT2PRIV), "EC_KEY_oct2priv"},
-    {ERR_FUNC(EC_F_EC_KEY_PRINT), "EC_KEY_print"},
-    {ERR_FUNC(EC_F_EC_KEY_PRINT_FP), "EC_KEY_print_fp"},
-    {ERR_FUNC(EC_F_EC_KEY_PRIV2OCT), "EC_KEY_priv2oct"},
-    {ERR_FUNC(EC_F_EC_KEY_SET_PUBLIC_KEY_AFFINE_COORDINATES),
+    {ERR_PACK(ERR_LIB_EC, EC_F_EC_GROUP_SET_CURVE_GF2M, 0),
+     "EC_GROUP_set_curve_GF2m"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_EC_GROUP_SET_CURVE_GFP, 0),
+     "EC_GROUP_set_curve_GFp"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_EC_GROUP_SET_GENERATOR, 0),
+     "EC_GROUP_set_generator"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_EC_KEY_CHECK_KEY, 0), "EC_KEY_check_key"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_EC_KEY_COPY, 0), "EC_KEY_copy"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_EC_KEY_GENERATE_KEY, 0), "EC_KEY_generate_key"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_EC_KEY_NEW, 0), "EC_KEY_new"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_EC_KEY_NEW_METHOD, 0), "EC_KEY_new_method"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_EC_KEY_OCT2PRIV, 0), "EC_KEY_oct2priv"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_EC_KEY_PRINT, 0), "EC_KEY_print"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_EC_KEY_PRINT_FP, 0), "EC_KEY_print_fp"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_EC_KEY_PRIV2OCT, 0), "EC_KEY_priv2oct"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_EC_KEY_SET_PUBLIC_KEY_AFFINE_COORDINATES, 0),
      "EC_KEY_set_public_key_affine_coordinates"},
-    {ERR_FUNC(EC_F_EC_KEY_SIMPLE_CHECK_KEY), "ec_key_simple_check_key"},
-    {ERR_FUNC(EC_F_EC_KEY_SIMPLE_OCT2PRIV), "ec_key_simple_oct2priv"},
-    {ERR_FUNC(EC_F_EC_KEY_SIMPLE_PRIV2OCT), "ec_key_simple_priv2oct"},
-    {ERR_FUNC(EC_F_EC_POINTS_MAKE_AFFINE), "EC_POINTs_make_affine"},
-    {ERR_FUNC(EC_F_EC_POINT_ADD), "EC_POINT_add"},
-    {ERR_FUNC(EC_F_EC_POINT_CMP), "EC_POINT_cmp"},
-    {ERR_FUNC(EC_F_EC_POINT_COPY), "EC_POINT_copy"},
-    {ERR_FUNC(EC_F_EC_POINT_DBL), "EC_POINT_dbl"},
-    {ERR_FUNC(EC_F_EC_POINT_GET_AFFINE_COORDINATES_GF2M),
+    {ERR_PACK(ERR_LIB_EC, EC_F_EC_KEY_SIMPLE_CHECK_KEY, 0),
+     "ec_key_simple_check_key"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_EC_KEY_SIMPLE_OCT2PRIV, 0),
+     "ec_key_simple_oct2priv"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_EC_KEY_SIMPLE_PRIV2OCT, 0),
+     "ec_key_simple_priv2oct"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_EC_POINTS_MAKE_AFFINE, 0),
+     "EC_POINTs_make_affine"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_EC_POINT_ADD, 0), "EC_POINT_add"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_EC_POINT_CMP, 0), "EC_POINT_cmp"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_EC_POINT_COPY, 0), "EC_POINT_copy"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_EC_POINT_DBL, 0), "EC_POINT_dbl"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_EC_POINT_GET_AFFINE_COORDINATES_GF2M, 0),
      "EC_POINT_get_affine_coordinates_GF2m"},
-    {ERR_FUNC(EC_F_EC_POINT_GET_AFFINE_COORDINATES_GFP),
+    {ERR_PACK(ERR_LIB_EC, EC_F_EC_POINT_GET_AFFINE_COORDINATES_GFP, 0),
      "EC_POINT_get_affine_coordinates_GFp"},
-    {ERR_FUNC(EC_F_EC_POINT_GET_JPROJECTIVE_COORDINATES_GFP),
+    {ERR_PACK(ERR_LIB_EC, EC_F_EC_POINT_GET_JPROJECTIVE_COORDINATES_GFP, 0),
      "EC_POINT_get_Jprojective_coordinates_GFp"},
-    {ERR_FUNC(EC_F_EC_POINT_INVERT), "EC_POINT_invert"},
-    {ERR_FUNC(EC_F_EC_POINT_IS_AT_INFINITY), "EC_POINT_is_at_infinity"},
-    {ERR_FUNC(EC_F_EC_POINT_IS_ON_CURVE), "EC_POINT_is_on_curve"},
-    {ERR_FUNC(EC_F_EC_POINT_MAKE_AFFINE), "EC_POINT_make_affine"},
-    {ERR_FUNC(EC_F_EC_POINT_NEW), "EC_POINT_new"},
-    {ERR_FUNC(EC_F_EC_POINT_OCT2POINT), "EC_POINT_oct2point"},
-    {ERR_FUNC(EC_F_EC_POINT_POINT2OCT), "EC_POINT_point2oct"},
-    {ERR_FUNC(EC_F_EC_POINT_SET_AFFINE_COORDINATES_GF2M),
+    {ERR_PACK(ERR_LIB_EC, EC_F_EC_POINT_INVERT, 0), "EC_POINT_invert"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_EC_POINT_IS_AT_INFINITY, 0),
+     "EC_POINT_is_at_infinity"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_EC_POINT_IS_ON_CURVE, 0),
+     "EC_POINT_is_on_curve"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_EC_POINT_MAKE_AFFINE, 0),
+     "EC_POINT_make_affine"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_EC_POINT_NEW, 0), "EC_POINT_new"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_EC_POINT_OCT2POINT, 0), "EC_POINT_oct2point"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_EC_POINT_POINT2OCT, 0), "EC_POINT_point2oct"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_EC_POINT_SET_AFFINE_COORDINATES_GF2M, 0),
      "EC_POINT_set_affine_coordinates_GF2m"},
-    {ERR_FUNC(EC_F_EC_POINT_SET_AFFINE_COORDINATES_GFP),
+    {ERR_PACK(ERR_LIB_EC, EC_F_EC_POINT_SET_AFFINE_COORDINATES_GFP, 0),
      "EC_POINT_set_affine_coordinates_GFp"},
-    {ERR_FUNC(EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GF2M),
+    {ERR_PACK(ERR_LIB_EC, EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GF2M, 0),
      "EC_POINT_set_compressed_coordinates_GF2m"},
-    {ERR_FUNC(EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GFP),
+    {ERR_PACK(ERR_LIB_EC, EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GFP, 0),
      "EC_POINT_set_compressed_coordinates_GFp"},
-    {ERR_FUNC(EC_F_EC_POINT_SET_JPROJECTIVE_COORDINATES_GFP),
+    {ERR_PACK(ERR_LIB_EC, EC_F_EC_POINT_SET_JPROJECTIVE_COORDINATES_GFP, 0),
      "EC_POINT_set_Jprojective_coordinates_GFp"},
-    {ERR_FUNC(EC_F_EC_POINT_SET_TO_INFINITY), "EC_POINT_set_to_infinity"},
-    {ERR_FUNC(EC_F_EC_PRE_COMP_NEW), "ec_pre_comp_new"},
-    {ERR_FUNC(EC_F_EC_WNAF_MUL), "ec_wNAF_mul"},
-    {ERR_FUNC(EC_F_EC_WNAF_PRECOMPUTE_MULT), "ec_wNAF_precompute_mult"},
-    {ERR_FUNC(EC_F_I2D_ECPARAMETERS), "i2d_ECParameters"},
-    {ERR_FUNC(EC_F_I2D_ECPKPARAMETERS), "i2d_ECPKParameters"},
-    {ERR_FUNC(EC_F_I2D_ECPRIVATEKEY), "i2d_ECPrivateKey"},
-    {ERR_FUNC(EC_F_I2O_ECPUBLICKEY), "i2o_ECPublicKey"},
-    {ERR_FUNC(EC_F_NISTP224_PRE_COMP_NEW), "nistp224_pre_comp_new"},
-    {ERR_FUNC(EC_F_NISTP256_PRE_COMP_NEW), "nistp256_pre_comp_new"},
-    {ERR_FUNC(EC_F_NISTP521_PRE_COMP_NEW), "nistp521_pre_comp_new"},
-    {ERR_FUNC(EC_F_O2I_ECPUBLICKEY), "o2i_ECPublicKey"},
-    {ERR_FUNC(EC_F_OLD_EC_PRIV_DECODE), "old_ec_priv_decode"},
-    {ERR_FUNC(EC_F_OSSL_ECDH_COMPUTE_KEY), "ossl_ecdh_compute_key"},
-    {ERR_FUNC(EC_F_OSSL_ECDSA_SIGN_SIG), "ossl_ecdsa_sign_sig"},
-    {ERR_FUNC(EC_F_OSSL_ECDSA_VERIFY_SIG), "ossl_ecdsa_verify_sig"},
-    {ERR_FUNC(EC_F_PKEY_ECD_CTRL), "pkey_ecd_ctrl"},
-    {ERR_FUNC(EC_F_PKEY_ECD_DIGESTSIGN), "pkey_ecd_digestsign"},
-    {ERR_FUNC(EC_F_PKEY_ECX_DERIVE), "pkey_ecx_derive"},
-    {ERR_FUNC(EC_F_PKEY_EC_CTRL), "pkey_ec_ctrl"},
-    {ERR_FUNC(EC_F_PKEY_EC_CTRL_STR), "pkey_ec_ctrl_str"},
-    {ERR_FUNC(EC_F_PKEY_EC_DERIVE), "pkey_ec_derive"},
-    {ERR_FUNC(EC_F_PKEY_EC_KEYGEN), "pkey_ec_keygen"},
-    {ERR_FUNC(EC_F_PKEY_EC_PARAMGEN), "pkey_ec_paramgen"},
-    {ERR_FUNC(EC_F_PKEY_EC_SIGN), "pkey_ec_sign"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_EC_POINT_SET_TO_INFINITY, 0),
+     "EC_POINT_set_to_infinity"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_EC_PRE_COMP_NEW, 0), "ec_pre_comp_new"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_EC_WNAF_MUL, 0), "ec_wNAF_mul"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_EC_WNAF_PRECOMPUTE_MULT, 0),
+     "ec_wNAF_precompute_mult"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_I2D_ECPARAMETERS, 0), "i2d_ECParameters"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_I2D_ECPKPARAMETERS, 0), "i2d_ECPKParameters"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_I2D_ECPRIVATEKEY, 0), "i2d_ECPrivateKey"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_I2O_ECPUBLICKEY, 0), "i2o_ECPublicKey"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_NISTP224_PRE_COMP_NEW, 0),
+     "nistp224_pre_comp_new"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_NISTP256_PRE_COMP_NEW, 0),
+     "nistp256_pre_comp_new"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_NISTP521_PRE_COMP_NEW, 0),
+     "nistp521_pre_comp_new"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_O2I_ECPUBLICKEY, 0), "o2i_ECPublicKey"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_OLD_EC_PRIV_DECODE, 0), "old_ec_priv_decode"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_OSSL_ECDH_COMPUTE_KEY, 0),
+     "ossl_ecdh_compute_key"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_OSSL_ECDSA_SIGN_SIG, 0), "ossl_ecdsa_sign_sig"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_OSSL_ECDSA_VERIFY_SIG, 0),
+     "ossl_ecdsa_verify_sig"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_PKEY_ECD_CTRL, 0), "pkey_ecd_ctrl"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_PKEY_ECD_DIGESTSIGN, 0), "pkey_ecd_digestsign"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_PKEY_ECX_DERIVE, 0), "pkey_ecx_derive"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_PKEY_EC_CTRL, 0), "pkey_ec_ctrl"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_PKEY_EC_CTRL_STR, 0), "pkey_ec_ctrl_str"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_PKEY_EC_DERIVE, 0), "pkey_ec_derive"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_PKEY_EC_KEYGEN, 0), "pkey_ec_keygen"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_PKEY_EC_PARAMGEN, 0), "pkey_ec_paramgen"},
+    {ERR_PACK(ERR_LIB_EC, EC_F_PKEY_EC_SIGN, 0), "pkey_ec_sign"},
     {0, NULL}
 };
 
-static ERR_STRING_DATA EC_str_reasons[] = {
-    {ERR_REASON(EC_R_ASN1_ERROR), "asn1 error"},
-    {ERR_REASON(EC_R_BAD_SIGNATURE), "bad signature"},
-    {ERR_REASON(EC_R_BIGNUM_OUT_OF_RANGE), "bignum out of range"},
-    {ERR_REASON(EC_R_BUFFER_TOO_SMALL), "buffer too small"},
-    {ERR_REASON(EC_R_COORDINATES_OUT_OF_RANGE), "coordinates out of range"},
-    {ERR_REASON(EC_R_CURVE_DOES_NOT_SUPPORT_ECDH),
-     "curve does not support ecdh"},
-    {ERR_REASON(EC_R_CURVE_DOES_NOT_SUPPORT_SIGNING),
-     "curve does not support signing"},
-    {ERR_REASON(EC_R_D2I_ECPKPARAMETERS_FAILURE),
-     "d2i ecpkparameters failure"},
-    {ERR_REASON(EC_R_DECODE_ERROR), "decode error"},
-    {ERR_REASON(EC_R_DISCRIMINANT_IS_ZERO), "discriminant is zero"},
-    {ERR_REASON(EC_R_EC_GROUP_NEW_BY_NAME_FAILURE),
-     "ec group new by name failure"},
-    {ERR_REASON(EC_R_FIELD_TOO_LARGE), "field too large"},
-    {ERR_REASON(EC_R_GF2M_NOT_SUPPORTED), "gf2m not supported"},
-    {ERR_REASON(EC_R_GROUP2PKPARAMETERS_FAILURE),
-     "group2pkparameters failure"},
-    {ERR_REASON(EC_R_I2D_ECPKPARAMETERS_FAILURE),
-     "i2d ecpkparameters failure"},
-    {ERR_REASON(EC_R_INCOMPATIBLE_OBJECTS), "incompatible objects"},
-    {ERR_REASON(EC_R_INVALID_ARGUMENT), "invalid argument"},
-    {ERR_REASON(EC_R_INVALID_COMPRESSED_POINT), "invalid compressed point"},
-    {ERR_REASON(EC_R_INVALID_COMPRESSION_BIT), "invalid compression bit"},
-    {ERR_REASON(EC_R_INVALID_CURVE), "invalid curve"},
-    {ERR_REASON(EC_R_INVALID_DIGEST), "invalid digest"},
-    {ERR_REASON(EC_R_INVALID_DIGEST_TYPE), "invalid digest type"},
-    {ERR_REASON(EC_R_INVALID_ENCODING), "invalid encoding"},
-    {ERR_REASON(EC_R_INVALID_FIELD), "invalid field"},
-    {ERR_REASON(EC_R_INVALID_FORM), "invalid form"},
-    {ERR_REASON(EC_R_INVALID_GROUP_ORDER), "invalid group order"},
-    {ERR_REASON(EC_R_INVALID_KEY), "invalid key"},
-    {ERR_REASON(EC_R_INVALID_OUTPUT_LENGTH), "invalid output length"},
-    {ERR_REASON(EC_R_INVALID_PEER_KEY), "invalid peer key"},
-    {ERR_REASON(EC_R_INVALID_PENTANOMIAL_BASIS), "invalid pentanomial basis"},
-    {ERR_REASON(EC_R_INVALID_PRIVATE_KEY), "invalid private key"},
-    {ERR_REASON(EC_R_INVALID_TRINOMIAL_BASIS), "invalid trinomial basis"},
-    {ERR_REASON(EC_R_KDF_PARAMETER_ERROR), "kdf parameter error"},
-    {ERR_REASON(EC_R_KEYS_NOT_SET), "keys not set"},
-    {ERR_REASON(EC_R_MISSING_PARAMETERS), "missing parameters"},
-    {ERR_REASON(EC_R_MISSING_PRIVATE_KEY), "missing private key"},
-    {ERR_REASON(EC_R_NEED_NEW_SETUP_VALUES), "need new setup values"},
-    {ERR_REASON(EC_R_NOT_A_NIST_PRIME), "not a NIST prime"},
-    {ERR_REASON(EC_R_NOT_IMPLEMENTED), "not implemented"},
-    {ERR_REASON(EC_R_NOT_INITIALIZED), "not initialized"},
-    {ERR_REASON(EC_R_NO_PARAMETERS_SET), "no parameters set"},
-    {ERR_REASON(EC_R_NO_PRIVATE_VALUE), "no private value"},
-    {ERR_REASON(EC_R_OPERATION_NOT_SUPPORTED), "operation not supported"},
-    {ERR_REASON(EC_R_PASSED_NULL_PARAMETER), "passed null parameter"},
-    {ERR_REASON(EC_R_PEER_KEY_ERROR), "peer key error"},
-    {ERR_REASON(EC_R_PKPARAMETERS2GROUP_FAILURE),
-     "pkparameters2group failure"},
-    {ERR_REASON(EC_R_POINT_ARITHMETIC_FAILURE), "point arithmetic failure"},
-    {ERR_REASON(EC_R_POINT_AT_INFINITY), "point at infinity"},
-    {ERR_REASON(EC_R_POINT_IS_NOT_ON_CURVE), "point is not on curve"},
-    {ERR_REASON(EC_R_RANDOM_NUMBER_GENERATION_FAILED),
-     "random number generation failed"},
-    {ERR_REASON(EC_R_SHARED_INFO_ERROR), "shared info error"},
-    {ERR_REASON(EC_R_SLOT_FULL), "slot full"},
-    {ERR_REASON(EC_R_UNDEFINED_GENERATOR), "undefined generator"},
-    {ERR_REASON(EC_R_UNDEFINED_ORDER), "undefined order"},
-    {ERR_REASON(EC_R_UNKNOWN_GROUP), "unknown group"},
-    {ERR_REASON(EC_R_UNKNOWN_ORDER), "unknown order"},
-    {ERR_REASON(EC_R_UNSUPPORTED_FIELD), "unsupported field"},
-    {ERR_REASON(EC_R_WRONG_CURVE_PARAMETERS), "wrong curve parameters"},
-    {ERR_REASON(EC_R_WRONG_ORDER), "wrong order"},
+static const ERR_STRING_DATA EC_str_reasons[] = {
+    {ERR_PACK(ERR_LIB_EC, 0, EC_R_ASN1_ERROR), "asn1 error"},
+    {ERR_PACK(ERR_LIB_EC, 0, EC_R_BAD_SIGNATURE), "bad signature"},
+    {ERR_PACK(ERR_LIB_EC, 0, EC_R_BIGNUM_OUT_OF_RANGE), "bignum out of range"},
+    {ERR_PACK(ERR_LIB_EC, 0, EC_R_BUFFER_TOO_SMALL), "buffer too small"},
+    {ERR_PACK(ERR_LIB_EC, 0, EC_R_COORDINATES_OUT_OF_RANGE),
+    "coordinates out of range"},
+    {ERR_PACK(ERR_LIB_EC, 0, EC_R_CURVE_DOES_NOT_SUPPORT_ECDH),
+    "curve does not support ecdh"},
+    {ERR_PACK(ERR_LIB_EC, 0, EC_R_CURVE_DOES_NOT_SUPPORT_SIGNING),
+    "curve does not support signing"},
+    {ERR_PACK(ERR_LIB_EC, 0, EC_R_D2I_ECPKPARAMETERS_FAILURE),
+    "d2i ecpkparameters failure"},
+    {ERR_PACK(ERR_LIB_EC, 0, EC_R_DECODE_ERROR), "decode error"},
+    {ERR_PACK(ERR_LIB_EC, 0, EC_R_DISCRIMINANT_IS_ZERO),
+    "discriminant is zero"},
+    {ERR_PACK(ERR_LIB_EC, 0, EC_R_EC_GROUP_NEW_BY_NAME_FAILURE),
+    "ec group new by name failure"},
+    {ERR_PACK(ERR_LIB_EC, 0, EC_R_FIELD_TOO_LARGE), "field too large"},
+    {ERR_PACK(ERR_LIB_EC, 0, EC_R_GF2M_NOT_SUPPORTED), "gf2m not supported"},
+    {ERR_PACK(ERR_LIB_EC, 0, EC_R_GROUP2PKPARAMETERS_FAILURE),
+    "group2pkparameters failure"},
+    {ERR_PACK(ERR_LIB_EC, 0, EC_R_I2D_ECPKPARAMETERS_FAILURE),
+    "i2d ecpkparameters failure"},
+    {ERR_PACK(ERR_LIB_EC, 0, EC_R_INCOMPATIBLE_OBJECTS),
+    "incompatible objects"},
+    {ERR_PACK(ERR_LIB_EC, 0, EC_R_INVALID_ARGUMENT), "invalid argument"},
+    {ERR_PACK(ERR_LIB_EC, 0, EC_R_INVALID_COMPRESSED_POINT),
+    "invalid compressed point"},
+    {ERR_PACK(ERR_LIB_EC, 0, EC_R_INVALID_COMPRESSION_BIT),
+    "invalid compression bit"},
+    {ERR_PACK(ERR_LIB_EC, 0, EC_R_INVALID_CURVE), "invalid curve"},
+    {ERR_PACK(ERR_LIB_EC, 0, EC_R_INVALID_DIGEST), "invalid digest"},
+    {ERR_PACK(ERR_LIB_EC, 0, EC_R_INVALID_DIGEST_TYPE), "invalid digest type"},
+    {ERR_PACK(ERR_LIB_EC, 0, EC_R_INVALID_ENCODING), "invalid encoding"},
+    {ERR_PACK(ERR_LIB_EC, 0, EC_R_INVALID_FIELD), "invalid field"},
+    {ERR_PACK(ERR_LIB_EC, 0, EC_R_INVALID_FORM), "invalid form"},
+    {ERR_PACK(ERR_LIB_EC, 0, EC_R_INVALID_GROUP_ORDER), "invalid group order"},
+    {ERR_PACK(ERR_LIB_EC, 0, EC_R_INVALID_KEY), "invalid key"},
+    {ERR_PACK(ERR_LIB_EC, 0, EC_R_INVALID_OUTPUT_LENGTH),
+    "invalid output length"},
+    {ERR_PACK(ERR_LIB_EC, 0, EC_R_INVALID_PEER_KEY), "invalid peer key"},
+    {ERR_PACK(ERR_LIB_EC, 0, EC_R_INVALID_PENTANOMIAL_BASIS),
+    "invalid pentanomial basis"},
+    {ERR_PACK(ERR_LIB_EC, 0, EC_R_INVALID_PRIVATE_KEY), "invalid private key"},
+    {ERR_PACK(ERR_LIB_EC, 0, EC_R_INVALID_TRINOMIAL_BASIS),
+    "invalid trinomial basis"},
+    {ERR_PACK(ERR_LIB_EC, 0, EC_R_KDF_PARAMETER_ERROR), "kdf parameter error"},
+    {ERR_PACK(ERR_LIB_EC, 0, EC_R_KEYS_NOT_SET), "keys not set"},
+    {ERR_PACK(ERR_LIB_EC, 0, EC_R_MISSING_PARAMETERS), "missing parameters"},
+    {ERR_PACK(ERR_LIB_EC, 0, EC_R_MISSING_PRIVATE_KEY), "missing private key"},
+    {ERR_PACK(ERR_LIB_EC, 0, EC_R_NEED_NEW_SETUP_VALUES),
+    "need new setup values"},
+    {ERR_PACK(ERR_LIB_EC, 0, EC_R_NOT_A_NIST_PRIME), "not a NIST prime"},
+    {ERR_PACK(ERR_LIB_EC, 0, EC_R_NOT_IMPLEMENTED), "not implemented"},
+    {ERR_PACK(ERR_LIB_EC, 0, EC_R_NOT_INITIALIZED), "not initialized"},
+    {ERR_PACK(ERR_LIB_EC, 0, EC_R_NO_PARAMETERS_SET), "no parameters set"},
+    {ERR_PACK(ERR_LIB_EC, 0, EC_R_NO_PRIVATE_VALUE), "no private value"},
+    {ERR_PACK(ERR_LIB_EC, 0, EC_R_OPERATION_NOT_SUPPORTED),
+    "operation not supported"},
+    {ERR_PACK(ERR_LIB_EC, 0, EC_R_PASSED_NULL_PARAMETER),
+    "passed null parameter"},
+    {ERR_PACK(ERR_LIB_EC, 0, EC_R_PEER_KEY_ERROR), "peer key error"},
+    {ERR_PACK(ERR_LIB_EC, 0, EC_R_PKPARAMETERS2GROUP_FAILURE),
+    "pkparameters2group failure"},
+    {ERR_PACK(ERR_LIB_EC, 0, EC_R_POINT_ARITHMETIC_FAILURE),
+    "point arithmetic failure"},
+    {ERR_PACK(ERR_LIB_EC, 0, EC_R_POINT_AT_INFINITY), "point at infinity"},
+    {ERR_PACK(ERR_LIB_EC, 0, EC_R_POINT_IS_NOT_ON_CURVE),
+    "point is not on curve"},
+    {ERR_PACK(ERR_LIB_EC, 0, EC_R_RANDOM_NUMBER_GENERATION_FAILED),
+    "random number generation failed"},
+    {ERR_PACK(ERR_LIB_EC, 0, EC_R_SHARED_INFO_ERROR), "shared info error"},
+    {ERR_PACK(ERR_LIB_EC, 0, EC_R_SLOT_FULL), "slot full"},
+    {ERR_PACK(ERR_LIB_EC, 0, EC_R_UNDEFINED_GENERATOR), "undefined generator"},
+    {ERR_PACK(ERR_LIB_EC, 0, EC_R_UNDEFINED_ORDER), "undefined order"},
+    {ERR_PACK(ERR_LIB_EC, 0, EC_R_UNKNOWN_GROUP), "unknown group"},
+    {ERR_PACK(ERR_LIB_EC, 0, EC_R_UNKNOWN_ORDER), "unknown order"},
+    {ERR_PACK(ERR_LIB_EC, 0, EC_R_UNSUPPORTED_FIELD), "unsupported field"},
+    {ERR_PACK(ERR_LIB_EC, 0, EC_R_WRONG_CURVE_PARAMETERS),
+    "wrong curve parameters"},
+    {ERR_PACK(ERR_LIB_EC, 0, EC_R_WRONG_ORDER), "wrong order"},
     {0, NULL}
 };
 
@@ -283,10 +338,9 @@ static ERR_STRING_DATA EC_str_reasons[] = {
 int ERR_load_EC_strings(void)
 {
 #ifndef OPENSSL_NO_ERR
-
     if (ERR_func_error_string(EC_str_functs[0].error) == NULL) {
-        ERR_load_strings(0, EC_str_functs);
-        ERR_load_strings(0, EC_str_reasons);
+        ERR_load_strings_const(EC_str_functs);
+        ERR_load_strings_const(EC_str_reasons);
     }
 #endif
     return 1;
diff --git a/crypto/engine/eng_err.c b/crypto/engine/eng_err.c
index 5e9d16f..ec783be 100644
--- a/crypto/engine/eng_err.c
+++ b/crypto/engine/eng_err.c
@@ -1,6 +1,6 @@
 /*
  * Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -8,103 +8,131 @@
  * https://www.openssl.org/source/license.html
  */
 
-#include <stdio.h>
 #include <openssl/err.h>
-#include <openssl/engine.h>
+#include <openssl/engineerr.h>
 
-/* BEGIN ERROR CODES */
 #ifndef OPENSSL_NO_ERR
 
-# define ERR_FUNC(func) ERR_PACK(ERR_LIB_ENGINE,func,0)
-# define ERR_REASON(reason) ERR_PACK(ERR_LIB_ENGINE,0,reason)
-
-static ERR_STRING_DATA ENGINE_str_functs[] = {
-    {ERR_FUNC(ENGINE_F_DYNAMIC_CTRL), "dynamic_ctrl"},
-    {ERR_FUNC(ENGINE_F_DYNAMIC_GET_DATA_CTX), "dynamic_get_data_ctx"},
-    {ERR_FUNC(ENGINE_F_DYNAMIC_LOAD), "dynamic_load"},
-    {ERR_FUNC(ENGINE_F_DYNAMIC_SET_DATA_CTX), "dynamic_set_data_ctx"},
-    {ERR_FUNC(ENGINE_F_ENGINE_ADD), "ENGINE_add"},
-    {ERR_FUNC(ENGINE_F_ENGINE_BY_ID), "ENGINE_by_id"},
-    {ERR_FUNC(ENGINE_F_ENGINE_CMD_IS_EXECUTABLE), "ENGINE_cmd_is_executable"},
-    {ERR_FUNC(ENGINE_F_ENGINE_CTRL), "ENGINE_ctrl"},
-    {ERR_FUNC(ENGINE_F_ENGINE_CTRL_CMD), "ENGINE_ctrl_cmd"},
-    {ERR_FUNC(ENGINE_F_ENGINE_CTRL_CMD_STRING), "ENGINE_ctrl_cmd_string"},
-    {ERR_FUNC(ENGINE_F_ENGINE_FINISH), "ENGINE_finish"},
-    {ERR_FUNC(ENGINE_F_ENGINE_GET_CIPHER), "ENGINE_get_cipher"},
-    {ERR_FUNC(ENGINE_F_ENGINE_GET_DIGEST), "ENGINE_get_digest"},
-    {ERR_FUNC(ENGINE_F_ENGINE_GET_FIRST), "ENGINE_get_first"},
-    {ERR_FUNC(ENGINE_F_ENGINE_GET_LAST), "ENGINE_get_last"},
-    {ERR_FUNC(ENGINE_F_ENGINE_GET_NEXT), "ENGINE_get_next"},
-    {ERR_FUNC(ENGINE_F_ENGINE_GET_PKEY_ASN1_METH),
+static const ERR_STRING_DATA ENGINE_str_functs[] = {
+    {ERR_PACK(ERR_LIB_ENGINE, ENGINE_F_DYNAMIC_CTRL, 0), "dynamic_ctrl"},
+    {ERR_PACK(ERR_LIB_ENGINE, ENGINE_F_DYNAMIC_GET_DATA_CTX, 0),
+     "dynamic_get_data_ctx"},
+    {ERR_PACK(ERR_LIB_ENGINE, ENGINE_F_DYNAMIC_LOAD, 0), "dynamic_load"},
+    {ERR_PACK(ERR_LIB_ENGINE, ENGINE_F_DYNAMIC_SET_DATA_CTX, 0),
+     "dynamic_set_data_ctx"},
+    {ERR_PACK(ERR_LIB_ENGINE, ENGINE_F_ENGINE_ADD, 0), "ENGINE_add"},
+    {ERR_PACK(ERR_LIB_ENGINE, ENGINE_F_ENGINE_BY_ID, 0), "ENGINE_by_id"},
+    {ERR_PACK(ERR_LIB_ENGINE, ENGINE_F_ENGINE_CMD_IS_EXECUTABLE, 0),
+     "ENGINE_cmd_is_executable"},
+    {ERR_PACK(ERR_LIB_ENGINE, ENGINE_F_ENGINE_CTRL, 0), "ENGINE_ctrl"},
+    {ERR_PACK(ERR_LIB_ENGINE, ENGINE_F_ENGINE_CTRL_CMD, 0), "ENGINE_ctrl_cmd"},
+    {ERR_PACK(ERR_LIB_ENGINE, ENGINE_F_ENGINE_CTRL_CMD_STRING, 0),
+     "ENGINE_ctrl_cmd_string"},
+    {ERR_PACK(ERR_LIB_ENGINE, ENGINE_F_ENGINE_FINISH, 0), "ENGINE_finish"},
+    {ERR_PACK(ERR_LIB_ENGINE, ENGINE_F_ENGINE_GET_CIPHER, 0),
+     "ENGINE_get_cipher"},
+    {ERR_PACK(ERR_LIB_ENGINE, ENGINE_F_ENGINE_GET_DIGEST, 0),
+     "ENGINE_get_digest"},
+    {ERR_PACK(ERR_LIB_ENGINE, ENGINE_F_ENGINE_GET_FIRST, 0),
+     "ENGINE_get_first"},
+    {ERR_PACK(ERR_LIB_ENGINE, ENGINE_F_ENGINE_GET_LAST, 0), "ENGINE_get_last"},
+    {ERR_PACK(ERR_LIB_ENGINE, ENGINE_F_ENGINE_GET_NEXT, 0), "ENGINE_get_next"},
+    {ERR_PACK(ERR_LIB_ENGINE, ENGINE_F_ENGINE_GET_PKEY_ASN1_METH, 0),
      "ENGINE_get_pkey_asn1_meth"},
-    {ERR_FUNC(ENGINE_F_ENGINE_GET_PKEY_METH), "ENGINE_get_pkey_meth"},
-    {ERR_FUNC(ENGINE_F_ENGINE_GET_PREV), "ENGINE_get_prev"},
-    {ERR_FUNC(ENGINE_F_ENGINE_INIT), "ENGINE_init"},
-    {ERR_FUNC(ENGINE_F_ENGINE_LIST_ADD), "engine_list_add"},
-    {ERR_FUNC(ENGINE_F_ENGINE_LIST_REMOVE), "engine_list_remove"},
-    {ERR_FUNC(ENGINE_F_ENGINE_LOAD_PRIVATE_KEY), "ENGINE_load_private_key"},
-    {ERR_FUNC(ENGINE_F_ENGINE_LOAD_PUBLIC_KEY), "ENGINE_load_public_key"},
-    {ERR_FUNC(ENGINE_F_ENGINE_LOAD_SSL_CLIENT_CERT),
+    {ERR_PACK(ERR_LIB_ENGINE, ENGINE_F_ENGINE_GET_PKEY_METH, 0),
+     "ENGINE_get_pkey_meth"},
+    {ERR_PACK(ERR_LIB_ENGINE, ENGINE_F_ENGINE_GET_PREV, 0), "ENGINE_get_prev"},
+    {ERR_PACK(ERR_LIB_ENGINE, ENGINE_F_ENGINE_INIT, 0), "ENGINE_init"},
+    {ERR_PACK(ERR_LIB_ENGINE, ENGINE_F_ENGINE_LIST_ADD, 0), "engine_list_add"},
+    {ERR_PACK(ERR_LIB_ENGINE, ENGINE_F_ENGINE_LIST_REMOVE, 0),
+     "engine_list_remove"},
+    {ERR_PACK(ERR_LIB_ENGINE, ENGINE_F_ENGINE_LOAD_PRIVATE_KEY, 0),
+     "ENGINE_load_private_key"},
+    {ERR_PACK(ERR_LIB_ENGINE, ENGINE_F_ENGINE_LOAD_PUBLIC_KEY, 0),
+     "ENGINE_load_public_key"},
+    {ERR_PACK(ERR_LIB_ENGINE, ENGINE_F_ENGINE_LOAD_SSL_CLIENT_CERT, 0),
      "ENGINE_load_ssl_client_cert"},
-    {ERR_FUNC(ENGINE_F_ENGINE_NEW), "ENGINE_new"},
-    {ERR_FUNC(ENGINE_F_ENGINE_PKEY_ASN1_FIND_STR),
+    {ERR_PACK(ERR_LIB_ENGINE, ENGINE_F_ENGINE_NEW, 0), "ENGINE_new"},
+    {ERR_PACK(ERR_LIB_ENGINE, ENGINE_F_ENGINE_PKEY_ASN1_FIND_STR, 0),
      "ENGINE_pkey_asn1_find_str"},
-    {ERR_FUNC(ENGINE_F_ENGINE_REMOVE), "ENGINE_remove"},
-    {ERR_FUNC(ENGINE_F_ENGINE_SET_DEFAULT_STRING),
+    {ERR_PACK(ERR_LIB_ENGINE, ENGINE_F_ENGINE_REMOVE, 0), "ENGINE_remove"},
+    {ERR_PACK(ERR_LIB_ENGINE, ENGINE_F_ENGINE_SET_DEFAULT_STRING, 0),
      "ENGINE_set_default_string"},
-    {ERR_FUNC(ENGINE_F_ENGINE_SET_ID), "ENGINE_set_id"},
-    {ERR_FUNC(ENGINE_F_ENGINE_SET_NAME), "ENGINE_set_name"},
-    {ERR_FUNC(ENGINE_F_ENGINE_TABLE_REGISTER), "engine_table_register"},
-    {ERR_FUNC(ENGINE_F_ENGINE_UNLOCKED_FINISH), "engine_unlocked_finish"},
-    {ERR_FUNC(ENGINE_F_ENGINE_UP_REF), "ENGINE_up_ref"},
-    {ERR_FUNC(ENGINE_F_INT_CTRL_HELPER), "int_ctrl_helper"},
-    {ERR_FUNC(ENGINE_F_INT_ENGINE_CONFIGURE), "int_engine_configure"},
-    {ERR_FUNC(ENGINE_F_INT_ENGINE_MODULE_INIT), "int_engine_module_init"},
+    {ERR_PACK(ERR_LIB_ENGINE, ENGINE_F_ENGINE_SET_ID, 0), "ENGINE_set_id"},
+    {ERR_PACK(ERR_LIB_ENGINE, ENGINE_F_ENGINE_SET_NAME, 0), "ENGINE_set_name"},
+    {ERR_PACK(ERR_LIB_ENGINE, ENGINE_F_ENGINE_TABLE_REGISTER, 0),
+     "engine_table_register"},
+    {ERR_PACK(ERR_LIB_ENGINE, ENGINE_F_ENGINE_UNLOCKED_FINISH, 0),
+     "engine_unlocked_finish"},
+    {ERR_PACK(ERR_LIB_ENGINE, ENGINE_F_ENGINE_UP_REF, 0), "ENGINE_up_ref"},
+    {ERR_PACK(ERR_LIB_ENGINE, ENGINE_F_INT_CTRL_HELPER, 0), "int_ctrl_helper"},
+    {ERR_PACK(ERR_LIB_ENGINE, ENGINE_F_INT_ENGINE_CONFIGURE, 0),
+     "int_engine_configure"},
+    {ERR_PACK(ERR_LIB_ENGINE, ENGINE_F_INT_ENGINE_MODULE_INIT, 0),
+     "int_engine_module_init"},
     {0, NULL}
 };
 
-static ERR_STRING_DATA ENGINE_str_reasons[] = {
-    {ERR_REASON(ENGINE_R_ALREADY_LOADED), "already loaded"},
-    {ERR_REASON(ENGINE_R_ARGUMENT_IS_NOT_A_NUMBER),
-     "argument is not a number"},
-    {ERR_REASON(ENGINE_R_CMD_NOT_EXECUTABLE), "cmd not executable"},
-    {ERR_REASON(ENGINE_R_COMMAND_TAKES_INPUT), "command takes input"},
-    {ERR_REASON(ENGINE_R_COMMAND_TAKES_NO_INPUT), "command takes no input"},
-    {ERR_REASON(ENGINE_R_CONFLICTING_ENGINE_ID), "conflicting engine id"},
-    {ERR_REASON(ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED),
-     "ctrl command not implemented"},
-    {ERR_REASON(ENGINE_R_DSO_FAILURE), "DSO failure"},
-    {ERR_REASON(ENGINE_R_DSO_NOT_FOUND), "dso not found"},
-    {ERR_REASON(ENGINE_R_ENGINES_SECTION_ERROR), "engines section error"},
-    {ERR_REASON(ENGINE_R_ENGINE_CONFIGURATION_ERROR),
-     "engine configuration error"},
-    {ERR_REASON(ENGINE_R_ENGINE_IS_NOT_IN_LIST), "engine is not in the list"},
-    {ERR_REASON(ENGINE_R_ENGINE_SECTION_ERROR), "engine section error"},
-    {ERR_REASON(ENGINE_R_FAILED_LOADING_PRIVATE_KEY),
-     "failed loading private key"},
-    {ERR_REASON(ENGINE_R_FAILED_LOADING_PUBLIC_KEY),
-     "failed loading public key"},
-    {ERR_REASON(ENGINE_R_FINISH_FAILED), "finish failed"},
-    {ERR_REASON(ENGINE_R_ID_OR_NAME_MISSING), "'id' or 'name' missing"},
-    {ERR_REASON(ENGINE_R_INIT_FAILED), "init failed"},
-    {ERR_REASON(ENGINE_R_INTERNAL_LIST_ERROR), "internal list error"},
-    {ERR_REASON(ENGINE_R_INVALID_ARGUMENT), "invalid argument"},
-    {ERR_REASON(ENGINE_R_INVALID_CMD_NAME), "invalid cmd name"},
-    {ERR_REASON(ENGINE_R_INVALID_CMD_NUMBER), "invalid cmd number"},
-    {ERR_REASON(ENGINE_R_INVALID_INIT_VALUE), "invalid init value"},
-    {ERR_REASON(ENGINE_R_INVALID_STRING), "invalid string"},
-    {ERR_REASON(ENGINE_R_NOT_INITIALISED), "not initialised"},
-    {ERR_REASON(ENGINE_R_NOT_LOADED), "not loaded"},
-    {ERR_REASON(ENGINE_R_NO_CONTROL_FUNCTION), "no control function"},
-    {ERR_REASON(ENGINE_R_NO_INDEX), "no index"},
-    {ERR_REASON(ENGINE_R_NO_LOAD_FUNCTION), "no load function"},
-    {ERR_REASON(ENGINE_R_NO_REFERENCE), "no reference"},
-    {ERR_REASON(ENGINE_R_NO_SUCH_ENGINE), "no such engine"},
-    {ERR_REASON(ENGINE_R_UNIMPLEMENTED_CIPHER), "unimplemented cipher"},
-    {ERR_REASON(ENGINE_R_UNIMPLEMENTED_DIGEST), "unimplemented digest"},
-    {ERR_REASON(ENGINE_R_UNIMPLEMENTED_PUBLIC_KEY_METHOD),
-     "unimplemented public key method"},
-    {ERR_REASON(ENGINE_R_VERSION_INCOMPATIBILITY), "version incompatibility"},
+static const ERR_STRING_DATA ENGINE_str_reasons[] = {
+    {ERR_PACK(ERR_LIB_ENGINE, 0, ENGINE_R_ALREADY_LOADED), "already loaded"},
+    {ERR_PACK(ERR_LIB_ENGINE, 0, ENGINE_R_ARGUMENT_IS_NOT_A_NUMBER),
+    "argument is not a number"},
+    {ERR_PACK(ERR_LIB_ENGINE, 0, ENGINE_R_CMD_NOT_EXECUTABLE),
+    "cmd not executable"},
+    {ERR_PACK(ERR_LIB_ENGINE, 0, ENGINE_R_COMMAND_TAKES_INPUT),
+    "command takes input"},
+    {ERR_PACK(ERR_LIB_ENGINE, 0, ENGINE_R_COMMAND_TAKES_NO_INPUT),
+    "command takes no input"},
+    {ERR_PACK(ERR_LIB_ENGINE, 0, ENGINE_R_CONFLICTING_ENGINE_ID),
+    "conflicting engine id"},
+    {ERR_PACK(ERR_LIB_ENGINE, 0, ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED),
+    "ctrl command not implemented"},
+    {ERR_PACK(ERR_LIB_ENGINE, 0, ENGINE_R_DSO_FAILURE), "DSO failure"},
+    {ERR_PACK(ERR_LIB_ENGINE, 0, ENGINE_R_DSO_NOT_FOUND), "dso not found"},
+    {ERR_PACK(ERR_LIB_ENGINE, 0, ENGINE_R_ENGINES_SECTION_ERROR),
+    "engines section error"},
+    {ERR_PACK(ERR_LIB_ENGINE, 0, ENGINE_R_ENGINE_CONFIGURATION_ERROR),
+    "engine configuration error"},
+    {ERR_PACK(ERR_LIB_ENGINE, 0, ENGINE_R_ENGINE_IS_NOT_IN_LIST),
+    "engine is not in the list"},
+    {ERR_PACK(ERR_LIB_ENGINE, 0, ENGINE_R_ENGINE_SECTION_ERROR),
+    "engine section error"},
+    {ERR_PACK(ERR_LIB_ENGINE, 0, ENGINE_R_FAILED_LOADING_PRIVATE_KEY),
+    "failed loading private key"},
+    {ERR_PACK(ERR_LIB_ENGINE, 0, ENGINE_R_FAILED_LOADING_PUBLIC_KEY),
+    "failed loading public key"},
+    {ERR_PACK(ERR_LIB_ENGINE, 0, ENGINE_R_FINISH_FAILED), "finish failed"},
+    {ERR_PACK(ERR_LIB_ENGINE, 0, ENGINE_R_ID_OR_NAME_MISSING),
+    "'id' or 'name' missing"},
+    {ERR_PACK(ERR_LIB_ENGINE, 0, ENGINE_R_INIT_FAILED), "init failed"},
+    {ERR_PACK(ERR_LIB_ENGINE, 0, ENGINE_R_INTERNAL_LIST_ERROR),
+    "internal list error"},
+    {ERR_PACK(ERR_LIB_ENGINE, 0, ENGINE_R_INVALID_ARGUMENT),
+    "invalid argument"},
+    {ERR_PACK(ERR_LIB_ENGINE, 0, ENGINE_R_INVALID_CMD_NAME),
+    "invalid cmd name"},
+    {ERR_PACK(ERR_LIB_ENGINE, 0, ENGINE_R_INVALID_CMD_NUMBER),
+    "invalid cmd number"},
+    {ERR_PACK(ERR_LIB_ENGINE, 0, ENGINE_R_INVALID_INIT_VALUE),
+    "invalid init value"},
+    {ERR_PACK(ERR_LIB_ENGINE, 0, ENGINE_R_INVALID_STRING), "invalid string"},
+    {ERR_PACK(ERR_LIB_ENGINE, 0, ENGINE_R_NOT_INITIALISED), "not initialised"},
+    {ERR_PACK(ERR_LIB_ENGINE, 0, ENGINE_R_NOT_LOADED), "not loaded"},
+    {ERR_PACK(ERR_LIB_ENGINE, 0, ENGINE_R_NO_CONTROL_FUNCTION),
+    "no control function"},
+    {ERR_PACK(ERR_LIB_ENGINE, 0, ENGINE_R_NO_INDEX), "no index"},
+    {ERR_PACK(ERR_LIB_ENGINE, 0, ENGINE_R_NO_LOAD_FUNCTION),
+    "no load function"},
+    {ERR_PACK(ERR_LIB_ENGINE, 0, ENGINE_R_NO_REFERENCE), "no reference"},
+    {ERR_PACK(ERR_LIB_ENGINE, 0, ENGINE_R_NO_SUCH_ENGINE), "no such engine"},
+    {ERR_PACK(ERR_LIB_ENGINE, 0, ENGINE_R_UNIMPLEMENTED_CIPHER),
+    "unimplemented cipher"},
+    {ERR_PACK(ERR_LIB_ENGINE, 0, ENGINE_R_UNIMPLEMENTED_DIGEST),
+    "unimplemented digest"},
+    {ERR_PACK(ERR_LIB_ENGINE, 0, ENGINE_R_UNIMPLEMENTED_PUBLIC_KEY_METHOD),
+    "unimplemented public key method"},
+    {ERR_PACK(ERR_LIB_ENGINE, 0, ENGINE_R_VERSION_INCOMPATIBILITY),
+    "version incompatibility"},
     {0, NULL}
 };
 
@@ -113,10 +141,9 @@ static ERR_STRING_DATA ENGINE_str_reasons[] = {
 int ERR_load_ENGINE_strings(void)
 {
 #ifndef OPENSSL_NO_ERR
-
     if (ERR_func_error_string(ENGINE_str_functs[0].error) == NULL) {
-        ERR_load_strings(0, ENGINE_str_functs);
-        ERR_load_strings(0, ENGINE_str_reasons);
+        ERR_load_strings_const(ENGINE_str_functs);
+        ERR_load_strings_const(ENGINE_str_reasons);
     }
 #endif
     return 1;
diff --git a/crypto/err/err.c b/crypto/err/err.c
index c55f849..f31bfc8 100644
--- a/crypto/err/err.c
+++ b/crypto/err/err.c
@@ -14,13 +14,14 @@
 #include <internal/err.h>
 #include <internal/err_int.h>
 #include <openssl/lhash.h>
+#include <openssl/err.h>
 #include <openssl/crypto.h>
 #include <openssl/buffer.h>
 #include <openssl/bio.h>
 #include <openssl/opensslconf.h>
 #include <internal/thread_once.h>
 
-static void err_load_strings(int lib, ERR_STRING_DATA *str);
+static int err_load_strings(const ERR_STRING_DATA *str);
 
 static void ERR_STATE_free(ERR_STATE *s);
 #ifndef OPENSSL_NO_ERR
@@ -161,8 +162,7 @@ static ERR_STRING_DATA *int_err_get_item(const ERR_STRING_DATA *d)
     ERR_STRING_DATA *p = NULL;
 
     CRYPTO_THREAD_read_lock(err_string_lock);
-    if (int_error_hash != NULL)
-        p = lh_ERR_STRING_DATA_retrieve(int_error_hash, d);
+    p = lh_ERR_STRING_DATA_retrieve(int_error_hash, d);
     CRYPTO_THREAD_unlock(err_string_lock);
 
     return p;
@@ -199,7 +199,7 @@ static void build_SYS_str_reasons(void)
     for (i = 1; i <= NUM_SYS_STR_REASONS; i++) {
         ERR_STRING_DATA *str = &SYS_str_reasons[i - 1];
 
-        str->error = (unsigned long)i;
+        str->error = ERR_PACK(ERR_LIB_SYS, 0, i);
         if (str->string == NULL) {
             char (*dest)[LEN_SYS_STR_REASON] = &(strerror_tab[i - 1]);
             if (openssl_strerror_r(i, *dest, sizeof(*dest)))
@@ -217,6 +217,7 @@ static void build_SYS_str_reasons(void)
     init = 0;
 
     CRYPTO_THREAD_unlock(err_string_lock);
+    err_load_strings(SYS_str_reasons);
 }
 #endif
 
@@ -256,7 +257,9 @@ DEFINE_RUN_ONCE_STATIC(do_err_strings_init)
 {
     OPENSSL_init_crypto(0, NULL);
     err_string_lock = CRYPTO_THREAD_lock_new();
-    return err_string_lock != NULL;
+    int_error_hash = lh_ERR_STRING_DATA_new(err_string_data_hash,
+                                            err_string_data_cmp);
+    return err_string_lock != NULL && int_error_hash != NULL;
 }
 
 void err_cleanup(void)
@@ -265,6 +268,32 @@ void err_cleanup(void)
         CRYPTO_THREAD_cleanup_local(&err_thread_local);
     CRYPTO_THREAD_lock_free(err_string_lock);
     err_string_lock = NULL;
+    lh_ERR_STRING_DATA_free(int_error_hash);
+    int_error_hash = NULL;
+}
+
+/*
+ * Legacy; pack in the library.
+ */
+static void err_patch(int lib, ERR_STRING_DATA *str)
+{
+    unsigned long plib = ERR_PACK(lib, 0, 0);
+
+    for (; str->error != 0; str++)
+        str->error |= plib;
+}
+
+/*
+ * Hash in |str| error strings. Assumes the URN_ONCE was done.
+ */
+static int err_load_strings(const ERR_STRING_DATA *str)
+{
+    CRYPTO_THREAD_write_lock(err_string_lock);
+    for (; str->error; str++)
+        (void)lh_ERR_STRING_DATA_insert(int_error_hash,
+                                       (ERR_STRING_DATA *)str);
+    CRYPTO_THREAD_unlock(err_string_lock);
+    return 1;
 }
 
 int ERR_load_ERR_strings(void)
@@ -273,36 +302,30 @@ int ERR_load_ERR_strings(void)
     if (!RUN_ONCE(&err_string_init, do_err_strings_init))
         return 0;
 
-    err_load_strings(0, ERR_str_libraries);
-    err_load_strings(0, ERR_str_reasons);
-    err_load_strings(ERR_LIB_SYS, ERR_str_functs);
+    err_load_strings(ERR_str_libraries);
+    err_load_strings(ERR_str_reasons);
+    err_patch(ERR_LIB_SYS, ERR_str_functs);
+    err_load_strings(ERR_str_functs);
     build_SYS_str_reasons();
-    err_load_strings(ERR_LIB_SYS, SYS_str_reasons);
 #endif
     return 1;
 }
 
-static void err_load_strings(int lib, ERR_STRING_DATA *str)
+int ERR_load_strings(int lib, ERR_STRING_DATA *str)
 {
-    CRYPTO_THREAD_write_lock(err_string_lock);
-    if (int_error_hash == NULL)
-        int_error_hash = lh_ERR_STRING_DATA_new(err_string_data_hash,
-                                                err_string_data_cmp);
-    if (int_error_hash != NULL) {
-        for (; str->error; str++) {
-            if (lib)
-                str->error |= ERR_PACK(lib, 0, 0);
-            (void)lh_ERR_STRING_DATA_insert(int_error_hash, str);
-        }
-    }
-    CRYPTO_THREAD_unlock(err_string_lock);
+    if (ERR_load_ERR_strings() == 0)
+        return 0;
+
+    err_patch(lib, str);
+    err_load_strings(str);
+    return 1;
 }
 
-int ERR_load_strings(int lib, ERR_STRING_DATA *str)
+int ERR_load_strings_const(const ERR_STRING_DATA *str)
 {
     if (ERR_load_ERR_strings() == 0)
         return 0;
-    err_load_strings(lib, str);
+    err_load_strings(str);
     return 1;
 }
 
@@ -312,13 +335,12 @@ int ERR_unload_strings(int lib, ERR_STRING_DATA *str)
         return 0;
 
     CRYPTO_THREAD_write_lock(err_string_lock);
-    if (int_error_hash != NULL) {
-        for (; str->error; str++) {
-            if (lib)
-                str->error |= ERR_PACK(lib, 0, 0);
-            (void)lh_ERR_STRING_DATA_delete(int_error_hash, str);
-        }
-    }
+    /*
+     * We don't need to ERR_PACK the lib, since that was done (to
+     * the table) when it was loaded.
+     */
+    for (; str->error; str++)
+        (void)lh_ERR_STRING_DATA_delete(int_error_hash, str);
     CRYPTO_THREAD_unlock(err_string_lock);
 
     return 1;
@@ -328,11 +350,6 @@ void err_free_strings_int(void)
 {
     if (!RUN_ONCE(&err_string_init, do_err_strings_init))
         return;
-
-    CRYPTO_THREAD_write_lock(err_string_lock);
-    lh_ERR_STRING_DATA_free(int_error_hash);
-    int_error_hash = NULL;
-    CRYPTO_THREAD_unlock(err_string_lock);
 }
 
 /********************************************************/
diff --git a/crypto/err/openssl.ec b/crypto/err/openssl.ec
index 15d151f..20b6b4a 100644
--- a/crypto/err/openssl.ec
+++ b/crypto/err/openssl.ec
@@ -1,99 +1,74 @@
-# crypto/err/openssl.ec
-
 # configuration file for util/mkerr.pl
 
-# files that may have to be rewritten by util/mkerr.pl
-L ERR		NONE				NONE
-L BN		include/openssl/bn.h		crypto/bn/bn_err.c
-L RSA		include/openssl/rsa.h		crypto/rsa/rsa_err.c
-L DH		include/openssl/dh.h		crypto/dh/dh_err.c
-L EVP		include/openssl/evp.h		crypto/evp/evp_err.c
-L BUF		include/openssl/buffer.h	crypto/buffer/buf_err.c
-L OBJ		include/openssl/objects.h	crypto/objects/obj_err.c
-L PEM		include/openssl/pem.h		crypto/pem/pem_err.c
-L DSA		include/openssl/dsa.h		crypto/dsa/dsa_err.c
-L X509		include/openssl/x509.h		crypto/x509/x509_err.c
-L ASN1		include/openssl/asn1.h		crypto/asn1/asn1_err.c
-L CONF		include/openssl/conf.h		crypto/conf/conf_err.c
-L CRYPTO	include/openssl/crypto.h	crypto/cpt_err.c
-L EC		include/openssl/ec.h		crypto/ec/ec_err.c
-L SSL		include/openssl/ssl.h		ssl/ssl_err.c
-L BIO		include/openssl/bio.h		crypto/bio/bio_err.c
-L PKCS7		include/openssl/pkcs7.h		crypto/pkcs7/pkcs7err.c
-L X509V3	include/openssl/x509v3.h	crypto/x509v3/v3err.c
-L PKCS12	include/openssl/pkcs12.h	crypto/pkcs12/pk12err.c
-L RAND		include/openssl/rand.h		crypto/rand/rand_err.c
-L DSO		include/internal/dso.h		crypto/dso/dso_err.c
-L ENGINE	include/openssl/engine.h	crypto/engine/eng_err.c
-L OCSP		include/openssl/ocsp.h		crypto/ocsp/ocsp_err.c
-L UI		include/openssl/ui.h		crypto/ui/ui_err.c
-L COMP		include/openssl/comp.h		crypto/comp/comp_err.c
-L TS		include/openssl/ts.h		crypto/ts/ts_err.c
-#L HMAC		include/openssl/hmac.h		crypto/hmac/hmac_err.c
-L CMS		include/openssl/cms.h		crypto/cms/cms_err.c
-#L FIPS		include/openssl/fips.h		crypto/fips_err.h
-L CT		include/openssl/ct.h		crypto/ct/ct_err.c
-L ASYNC		include/openssl/async.h		crypto/async/async_err.c
-L KDF		include/openssl/kdf.h		crypto/kdf/kdf_err.c
+# The INPUT HEADER is scanned for declarations
+# LIBNAME       INPUT HEADER                    ERROR-TABLE FILE
+L ERR           NONE                            NONE
+L BN            include/openssl/bn.h            crypto/bn/bn_err.c
+L RSA           include/openssl/rsa.h           crypto/rsa/rsa_err.c
+L DH            include/openssl/dh.h            crypto/dh/dh_err.c
+L EVP           include/openssl/evp.h           crypto/evp/evp_err.c
+L BUF           include/openssl/buffer.h        crypto/buffer/buf_err.c
+L OBJ           include/openssl/objects.h       crypto/objects/obj_err.c
+L PEM           include/openssl/pem.h           crypto/pem/pem_err.c
+L DSA           include/openssl/dsa.h           crypto/dsa/dsa_err.c
+L X509          include/openssl/x509.h          crypto/x509/x509_err.c
+L ASN1          include/openssl/asn1.h          crypto/asn1/asn1_err.c
+L CONF          include/openssl/conf.h          crypto/conf/conf_err.c
+L CRYPTO        include/openssl/crypto.h        crypto/cpt_err.c
+L EC            include/openssl/ec.h            crypto/ec/ec_err.c
+L SSL           include/openssl/ssl.h           ssl/ssl_err.c
+L BIO           include/openssl/bio.h           crypto/bio/bio_err.c
+L PKCS7         include/openssl/pkcs7.h         crypto/pkcs7/pkcs7err.c
+L X509V3        include/openssl/x509v3.h        crypto/x509v3/v3err.c
+L PKCS12        include/openssl/pkcs12.h        crypto/pkcs12/pk12err.c
+L RAND          include/openssl/rand.h          crypto/rand/rand_err.c
+L DSO           include/internal/dso.h          crypto/dso/dso_err.c
+L ENGINE        include/openssl/engine.h        crypto/engine/eng_err.c
+L OCSP          include/openssl/ocsp.h          crypto/ocsp/ocsp_err.c
+L UI            include/openssl/ui.h            crypto/ui/ui_err.c
+L COMP          include/openssl/comp.h          crypto/comp/comp_err.c
+L TS            include/openssl/ts.h            crypto/ts/ts_err.c
+L CMS           include/openssl/cms.h           crypto/cms/cms_err.c
+L CT            include/openssl/ct.h            crypto/ct/ct_err.c
+L ASYNC         include/openssl/async.h         crypto/async/async_err.c
+L KDF           include/openssl/kdf.h           crypto/kdf/kdf_err.c
 
 # additional header files to be scanned for function names
-L NONE		include/openssl/x509_vfy.h	NONE
-L NONE		crypto/ec/ec_lcl.h		NONE
-L NONE		crypto/cms/cms_lcl.h		NONE
-L NONE		crypto/ct/ct_locl.h		NONE
-#L NONE		fips/rand/fips_rand.h		NONE
-L NONE		ssl/ssl_locl.h			NONE
-
-F RSAREF_F_RSA_BN2BIN
-F RSAREF_F_RSA_PRIVATE_DECRYPT
-F RSAREF_F_RSA_PRIVATE_ENCRYPT
-F RSAREF_F_RSA_PUBLIC_DECRYPT
-F RSAREF_F_RSA_PUBLIC_ENCRYPT
-
-R SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE         1010
-R SSL_R_SSLV3_ALERT_BAD_RECORD_MAC             1020
-R SSL_R_TLSV1_ALERT_DECRYPTION_FAILED          1021
-R SSL_R_TLSV1_ALERT_RECORD_OVERFLOW            1022
-R SSL_R_SSLV3_ALERT_DECOMPRESSION_FAILURE      1030
-R SSL_R_SSLV3_ALERT_HANDSHAKE_FAILURE          1040
-R SSL_R_SSLV3_ALERT_NO_CERTIFICATE             1041
-R SSL_R_SSLV3_ALERT_BAD_CERTIFICATE            1042
-R SSL_R_SSLV3_ALERT_UNSUPPORTED_CERTIFICATE    1043
-R SSL_R_SSLV3_ALERT_CERTIFICATE_REVOKED        1044
-R SSL_R_SSLV3_ALERT_CERTIFICATE_EXPIRED        1045
-R SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN        1046
-R SSL_R_SSLV3_ALERT_ILLEGAL_PARAMETER          1047
-R SSL_R_TLSV1_ALERT_UNKNOWN_CA                 1048
-R SSL_R_TLSV1_ALERT_ACCESS_DENIED              1049
-R SSL_R_TLSV1_ALERT_DECODE_ERROR               1050
-R SSL_R_TLSV1_ALERT_DECRYPT_ERROR              1051
-R SSL_R_TLSV1_ALERT_EXPORT_RESTRICTION         1060
-R SSL_R_TLSV1_ALERT_PROTOCOL_VERSION           1070
-R SSL_R_TLSV1_ALERT_INSUFFICIENT_SECURITY      1071
-R SSL_R_TLSV1_ALERT_INTERNAL_ERROR             1080
-R SSL_R_TLSV1_ALERT_INAPPROPRIATE_FALLBACK     1086
-R SSL_R_TLSV1_ALERT_USER_CANCELLED             1090
-R SSL_R_TLSV1_ALERT_NO_RENEGOTIATION           1100
-R SSL_R_TLSV1_UNSUPPORTED_EXTENSION            1110
-R SSL_R_TLSV1_CERTIFICATE_UNOBTAINABLE         1111
-R SSL_R_TLSV1_UNRECOGNIZED_NAME                1112
-R SSL_R_TLSV1_BAD_CERTIFICATE_STATUS_RESPONSE  1113
-R SSL_R_TLSV1_BAD_CERTIFICATE_HASH_VALUE       1114
-R TLS1_AD_UNKNOWN_PSK_IDENTITY                 1115
-R TLS1_AD_NO_APPLICATION_PROTOCOL              1120
-
-R RSAREF_R_CONTENT_ENCODING			0x0400
-R RSAREF_R_DATA					0x0401
-R RSAREF_R_DIGEST_ALGORITHM			0x0402
-R RSAREF_R_ENCODING				0x0403
-R RSAREF_R_KEY					0x0404
-R RSAREF_R_KEY_ENCODING				0x0405
-R RSAREF_R_LEN					0x0406
-R RSAREF_R_MODULUS_LEN				0x0407
-R RSAREF_R_NEED_RANDOM				0x0408
-R RSAREF_R_PRIVATE_KEY				0x0409
-R RSAREF_R_PUBLIC_KEY				0x040a
-R RSAREF_R_SIGNATURE				0x040b
-R RSAREF_R_SIGNATURE_ENCODING			0x040c
-R RSAREF_R_ENCRYPTION_ALGORITHM			0x040d
+L NONE          include/openssl/x509_vfy.h      NONE
+L NONE          crypto/ec/ec_lcl.h              NONE
+L NONE          crypto/cms/cms_lcl.h            NONE
+L NONE          crypto/ct/ct_locl.h             NONE
+L NONE          ssl/ssl_locl.h                  NONE
 
+# SSL/TLS alerts
+R SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE          1010
+R SSL_R_SSLV3_ALERT_BAD_RECORD_MAC              1020
+R SSL_R_TLSV1_ALERT_DECRYPTION_FAILED           1021
+R SSL_R_TLSV1_ALERT_RECORD_OVERFLOW             1022
+R SSL_R_SSLV3_ALERT_DECOMPRESSION_FAILURE       1030
+R SSL_R_SSLV3_ALERT_HANDSHAKE_FAILURE           1040
+R SSL_R_SSLV3_ALERT_NO_CERTIFICATE              1041
+R SSL_R_SSLV3_ALERT_BAD_CERTIFICATE             1042
+R SSL_R_SSLV3_ALERT_UNSUPPORTED_CERTIFICATE     1043
+R SSL_R_SSLV3_ALERT_CERTIFICATE_REVOKED         1044
+R SSL_R_SSLV3_ALERT_CERTIFICATE_EXPIRED         1045
+R SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN         1046
+R SSL_R_SSLV3_ALERT_ILLEGAL_PARAMETER           1047
+R SSL_R_TLSV1_ALERT_UNKNOWN_CA                  1048
+R SSL_R_TLSV1_ALERT_ACCESS_DENIED               1049
+R SSL_R_TLSV1_ALERT_DECODE_ERROR                1050
+R SSL_R_TLSV1_ALERT_DECRYPT_ERROR               1051
+R SSL_R_TLSV1_ALERT_EXPORT_RESTRICTION          1060
+R SSL_R_TLSV1_ALERT_PROTOCOL_VERSION            1070
+R SSL_R_TLSV1_ALERT_INSUFFICIENT_SECURITY       1071
+R SSL_R_TLSV1_ALERT_INTERNAL_ERROR              1080
+R SSL_R_TLSV1_ALERT_INAPPROPRIATE_FALLBACK      1086
+R SSL_R_TLSV1_ALERT_USER_CANCELLED              1090
+R SSL_R_TLSV1_ALERT_NO_RENEGOTIATION            1100
+R SSL_R_TLSV1_UNSUPPORTED_EXTENSION             1110
+R SSL_R_TLSV1_CERTIFICATE_UNOBTAINABLE          1111
+R SSL_R_TLSV1_UNRECOGNIZED_NAME                 1112
+R SSL_R_TLSV1_BAD_CERTIFICATE_STATUS_RESPONSE   1113
+R SSL_R_TLSV1_BAD_CERTIFICATE_HASH_VALUE        1114
+R TLS1_AD_UNKNOWN_PSK_IDENTITY                  1115
+R TLS1_AD_NO_APPLICATION_PROTOCOL               1120
diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt
new file mode 100644
index 0000000..4ec0446
--- /dev/null
+++ b/crypto/err/openssl.txt
@@ -0,0 +1,2461 @@
+ASN1_F_A2D_ASN1_OBJECT 100
+ASN1_F_A2I_ASN1_INTEGER 102
+ASN1_F_A2I_ASN1_STRING 103
+ASN1_F_APPEND_EXP 176
+ASN1_F_ASN1_BIT_STRING_SET_BIT 183
+ASN1_F_ASN1_CB 177
+ASN1_F_ASN1_CHECK_TLEN 104
+ASN1_F_ASN1_COLLECT 106
+ASN1_F_ASN1_D2I_EX_PRIMITIVE 108
+ASN1_F_ASN1_D2I_FP 109
+ASN1_F_ASN1_D2I_READ_BIO 107
+ASN1_F_ASN1_DIGEST 184
+ASN1_F_ASN1_DO_ADB 110
+ASN1_F_ASN1_DO_LOCK 233
+ASN1_F_ASN1_DUP 111
+ASN1_F_ASN1_EX_C2I 204
+ASN1_F_ASN1_FIND_END 190
+ASN1_F_ASN1_GENERALIZEDTIME_ADJ 216
+ASN1_F_ASN1_GENERATE_V3 178
+ASN1_F_ASN1_GET_INT64 224
+ASN1_F_ASN1_GET_OBJECT 114
+ASN1_F_ASN1_GET_UINT64 225
+ASN1_F_ASN1_I2D_BIO 116
+ASN1_F_ASN1_I2D_FP 117
+ASN1_F_ASN1_ITEM_D2I_FP 206
+ASN1_F_ASN1_ITEM_DUP 191
+ASN1_F_ASN1_ITEM_EMBED_D2I 120
+ASN1_F_ASN1_ITEM_EMBED_NEW 121
+ASN1_F_ASN1_ITEM_I2D_BIO 192
+ASN1_F_ASN1_ITEM_I2D_FP 193
+ASN1_F_ASN1_ITEM_PACK 198
+ASN1_F_ASN1_ITEM_SIGN 195
+ASN1_F_ASN1_ITEM_SIGN_CTX 220
+ASN1_F_ASN1_ITEM_UNPACK 199
+ASN1_F_ASN1_ITEM_VERIFY 197
+ASN1_F_ASN1_MBSTRING_NCOPY 122
+ASN1_F_ASN1_OBJECT_NEW 123
+ASN1_F_ASN1_OUTPUT_DATA 214
+ASN1_F_ASN1_PCTX_NEW 205
+ASN1_F_ASN1_SCTX_NEW 221
+ASN1_F_ASN1_SIGN 128
+ASN1_F_ASN1_STR2TYPE 179
+ASN1_F_ASN1_STRING_GET_INT64 227
+ASN1_F_ASN1_STRING_GET_UINT64 230
+ASN1_F_ASN1_STRING_SET 186
+ASN1_F_ASN1_STRING_TABLE_ADD 129
+ASN1_F_ASN1_STRING_TO_BN 228
+ASN1_F_ASN1_STRING_TYPE_NEW 130
+ASN1_F_ASN1_TEMPLATE_EX_D2I 132
+ASN1_F_ASN1_TEMPLATE_NEW 133
+ASN1_F_ASN1_TEMPLATE_NOEXP_D2I 131
+ASN1_F_ASN1_TIME_ADJ 217
+ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING 134
+ASN1_F_ASN1_TYPE_GET_OCTETSTRING 135
+ASN1_F_ASN1_UTCTIME_ADJ 218
+ASN1_F_ASN1_VERIFY 137
+ASN1_F_B64_READ_ASN1 209
+ASN1_F_B64_WRITE_ASN1 210
+ASN1_F_BIO_NEW_NDEF 208
+ASN1_F_BITSTR_CB 180
+ASN1_F_BN_TO_ASN1_STRING 229
+ASN1_F_C2I_ASN1_BIT_STRING 189
+ASN1_F_C2I_ASN1_INTEGER 194
+ASN1_F_C2I_ASN1_OBJECT 196
+ASN1_F_C2I_IBUF 226
+ASN1_F_C2I_UINT64_INT 101
+ASN1_F_COLLECT_DATA 140
+ASN1_F_D2I_ASN1_OBJECT 147
+ASN1_F_D2I_ASN1_UINTEGER 150
+ASN1_F_D2I_AUTOPRIVATEKEY 207
+ASN1_F_D2I_PRIVATEKEY 154
+ASN1_F_D2I_PUBLICKEY 155
+ASN1_F_DO_TCREATE 222
+ASN1_F_I2D_ASN1_BIO_STREAM 211
+ASN1_F_I2D_DSA_PUBKEY 161
+ASN1_F_I2D_EC_PUBKEY 181
+ASN1_F_I2D_PRIVATEKEY 163
+ASN1_F_I2D_PUBLICKEY 164
+ASN1_F_I2D_RSA_PUBKEY 165
+ASN1_F_LONG_C2I 166
+ASN1_F_OID_MODULE_INIT 174
+ASN1_F_PARSE_TAGGING 182
+ASN1_F_PKCS5_PBE2_SET_IV 167
+ASN1_F_PKCS5_PBE2_SET_SCRYPT 231
+ASN1_F_PKCS5_PBE_SET 202
+ASN1_F_PKCS5_PBE_SET0_ALGOR 215
+ASN1_F_PKCS5_PBKDF2_SET 219
+ASN1_F_PKCS5_SCRYPT_SET 232
+ASN1_F_SMIME_READ_ASN1 212
+ASN1_F_SMIME_TEXT 213
+ASN1_F_STBL_MODULE_INIT 223
+ASN1_F_UINT32_C2I 105
+ASN1_F_UINT64_C2I 112
+ASN1_F_X509_CRL_ADD0_REVOKED 169
+ASN1_F_X509_INFO_NEW 170
+ASN1_F_X509_NAME_ENCODE 203
+ASN1_F_X509_NAME_EX_D2I 158
+ASN1_F_X509_NAME_EX_NEW 171
+ASN1_F_X509_PKEY_NEW 173
+ASYNC_F_ASYNC_CTX_NEW 100
+ASYNC_F_ASYNC_INIT_THREAD 101
+ASYNC_F_ASYNC_JOB_NEW 102
+ASYNC_F_ASYNC_PAUSE_JOB 103
+ASYNC_F_ASYNC_START_FUNC 104
+ASYNC_F_ASYNC_START_JOB 105
+BIO_F_ACPT_STATE 100
+BIO_F_ADDR_STRINGS 134
+BIO_F_BIO_ACCEPT 101
+BIO_F_BIO_ACCEPT_EX 137
+BIO_F_BIO_ADDR_NEW 144
+BIO_F_BIO_CALLBACK_CTRL 131
+BIO_F_BIO_CONNECT 138
+BIO_F_BIO_CTRL 103
+BIO_F_BIO_GETS 104
+BIO_F_BIO_GET_HOST_IP 106
+BIO_F_BIO_GET_NEW_INDEX 102
+BIO_F_BIO_GET_PORT 107
+BIO_F_BIO_LISTEN 139
+BIO_F_BIO_LOOKUP 135
+BIO_F_BIO_LOOKUP_EX 143
+BIO_F_BIO_MAKE_PAIR 121
+BIO_F_BIO_NEW 108
+BIO_F_BIO_NEW_DGRAM_SCTP 145
+BIO_F_BIO_NEW_FILE 109
+BIO_F_BIO_NEW_MEM_BUF 126
+BIO_F_BIO_NREAD 123
+BIO_F_BIO_NREAD0 124
+BIO_F_BIO_NWRITE 125
+BIO_F_BIO_NWRITE0 122
+BIO_F_BIO_PARSE_HOSTSERV 136
+BIO_F_BIO_PUTS 110
+BIO_F_BIO_READ 111
+BIO_F_BIO_READ_EX 105
+BIO_F_BIO_READ_INTERN 120
+BIO_F_BIO_SOCKET 140
+BIO_F_BIO_SOCKET_NBIO 142
+BIO_F_BIO_SOCK_INFO 141
+BIO_F_BIO_SOCK_INIT 112
+BIO_F_BIO_WRITE 113
+BIO_F_BIO_WRITE_EX 119
+BIO_F_BIO_WRITE_INTERN 128
+BIO_F_BUFFER_CTRL 114
+BIO_F_CONN_CTRL 127
+BIO_F_CONN_STATE 115
+BIO_F_DGRAM_SCTP_READ 132
+BIO_F_DGRAM_SCTP_WRITE 133
+BIO_F_FILE_CTRL 116
+BIO_F_FILE_READ 130
+BIO_F_LINEBUFFER_CTRL 129
+BIO_F_MEM_WRITE 117
+BIO_F_SSL_NEW 118
+BN_F_BNRAND 127
+BN_F_BN_BLINDING_CONVERT_EX 100
+BN_F_BN_BLINDING_CREATE_PARAM 128
+BN_F_BN_BLINDING_INVERT_EX 101
+BN_F_BN_BLINDING_NEW 102
+BN_F_BN_BLINDING_UPDATE 103
+BN_F_BN_BN2DEC 104
+BN_F_BN_BN2HEX 105
+BN_F_BN_COMPUTE_WNAF 142
+BN_F_BN_CTX_GET 116
+BN_F_BN_CTX_NEW 106
+BN_F_BN_CTX_START 129
+BN_F_BN_DIV 107
+BN_F_BN_DIV_RECP 130
+BN_F_BN_EXP 123
+BN_F_BN_EXPAND_INTERNAL 120
+BN_F_BN_GENCB_NEW 143
+BN_F_BN_GENERATE_DSA_NONCE 140
+BN_F_BN_GENERATE_PRIME_EX 141
+BN_F_BN_GF2M_MOD 131
+BN_F_BN_GF2M_MOD_EXP 132
+BN_F_BN_GF2M_MOD_MUL 133
+BN_F_BN_GF2M_MOD_SOLVE_QUAD 134
+BN_F_BN_GF2M_MOD_SOLVE_QUAD_ARR 135
+BN_F_BN_GF2M_MOD_SQR 136
+BN_F_BN_GF2M_MOD_SQRT 137
+BN_F_BN_LSHIFT 145
+BN_F_BN_MOD_EXP2_MONT 118
+BN_F_BN_MOD_EXP_MONT 109
+BN_F_BN_MOD_EXP_MONT_CONSTTIME 124
+BN_F_BN_MOD_EXP_MONT_WORD 117
+BN_F_BN_MOD_EXP_RECP 125
+BN_F_BN_MOD_EXP_SIMPLE 126
+BN_F_BN_MOD_INVERSE 110
+BN_F_BN_MOD_INVERSE_NO_BRANCH 139
+BN_F_BN_MOD_LSHIFT_QUICK 119
+BN_F_BN_MOD_SQRT 121
+BN_F_BN_MPI2BN 112
+BN_F_BN_NEW 113
+BN_F_BN_RAND 114
+BN_F_BN_RAND_RANGE 122
+BN_F_BN_RSHIFT 146
+BN_F_BN_SET_WORDS 144
+BN_F_BN_USUB 115
+BUF_F_BUF_MEM_GROW 100
+BUF_F_BUF_MEM_GROW_CLEAN 105
+BUF_F_BUF_MEM_NEW 101
+CMS_F_CHECK_CONTENT 99
+CMS_F_CMS_ADD0_CERT 164
+CMS_F_CMS_ADD0_RECIPIENT_KEY 100
+CMS_F_CMS_ADD0_RECIPIENT_PASSWORD 165
+CMS_F_CMS_ADD1_RECEIPTREQUEST 158
+CMS_F_CMS_ADD1_RECIPIENT_CERT 101
+CMS_F_CMS_ADD1_SIGNER 102
+CMS_F_CMS_ADD1_SIGNINGTIME 103
+CMS_F_CMS_COMPRESS 104
+CMS_F_CMS_COMPRESSEDDATA_CREATE 105
+CMS_F_CMS_COMPRESSEDDATA_INIT_BIO 106
+CMS_F_CMS_COPY_CONTENT 107
+CMS_F_CMS_COPY_MESSAGEDIGEST 108
+CMS_F_CMS_DATA 109
+CMS_F_CMS_DATAFINAL 110
+CMS_F_CMS_DATAINIT 111
+CMS_F_CMS_DECRYPT 112
+CMS_F_CMS_DECRYPT_SET1_KEY 113
+CMS_F_CMS_DECRYPT_SET1_PASSWORD 166
+CMS_F_CMS_DECRYPT_SET1_PKEY 114
+CMS_F_CMS_DIGESTALGORITHM_FIND_CTX 115
+CMS_F_CMS_DIGESTALGORITHM_INIT_BIO 116
+CMS_F_CMS_DIGESTEDDATA_DO_FINAL 117
+CMS_F_CMS_DIGEST_VERIFY 118
+CMS_F_CMS_ENCODE_RECEIPT 161
+CMS_F_CMS_ENCRYPT 119
+CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO 120
+CMS_F_CMS_ENCRYPTEDDATA_DECRYPT 121
+CMS_F_CMS_ENCRYPTEDDATA_ENCRYPT 122
+CMS_F_CMS_ENCRYPTEDDATA_SET1_KEY 123
+CMS_F_CMS_ENVELOPEDDATA_CREATE 124
+CMS_F_CMS_ENVELOPEDDATA_INIT_BIO 125
+CMS_F_CMS_ENVELOPED_DATA_INIT 126
+CMS_F_CMS_ENV_ASN1_CTRL 171
+CMS_F_CMS_FINAL 127
+CMS_F_CMS_GET0_CERTIFICATE_CHOICES 128
+CMS_F_CMS_GET0_CONTENT 129
+CMS_F_CMS_GET0_ECONTENT_TYPE 130
+CMS_F_CMS_GET0_ENVELOPED 131
+CMS_F_CMS_GET0_REVOCATION_CHOICES 132
+CMS_F_CMS_GET0_SIGNED 133
+CMS_F_CMS_MSGSIGDIGEST_ADD1 162
+CMS_F_CMS_RECEIPTREQUEST_CREATE0 159
+CMS_F_CMS_RECEIPT_VERIFY 160
+CMS_F_CMS_RECIPIENTINFO_DECRYPT 134
+CMS_F_CMS_RECIPIENTINFO_ENCRYPT 169
+CMS_F_CMS_RECIPIENTINFO_KARI_ENCRYPT 178
+CMS_F_CMS_RECIPIENTINFO_KARI_GET0_ALG 175
+CMS_F_CMS_RECIPIENTINFO_KARI_GET0_ORIG_ID 173
+CMS_F_CMS_RECIPIENTINFO_KARI_GET0_REKS 172
+CMS_F_CMS_RECIPIENTINFO_KARI_ORIG_ID_CMP 174
+CMS_F_CMS_RECIPIENTINFO_KEKRI_DECRYPT 135
+CMS_F_CMS_RECIPIENTINFO_KEKRI_ENCRYPT 136
+CMS_F_CMS_RECIPIENTINFO_KEKRI_GET0_ID 137
+CMS_F_CMS_RECIPIENTINFO_KEKRI_ID_CMP 138
+CMS_F_CMS_RECIPIENTINFO_KTRI_CERT_CMP 139
+CMS_F_CMS_RECIPIENTINFO_KTRI_DECRYPT 140
+CMS_F_CMS_RECIPIENTINFO_KTRI_ENCRYPT 141
+CMS_F_CMS_RECIPIENTINFO_KTRI_GET0_ALGS 142
+CMS_F_CMS_RECIPIENTINFO_KTRI_GET0_SIGNER_ID 143
+CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT 167
+CMS_F_CMS_RECIPIENTINFO_SET0_KEY 144
+CMS_F_CMS_RECIPIENTINFO_SET0_PASSWORD 168
+CMS_F_CMS_RECIPIENTINFO_SET0_PKEY 145
+CMS_F_CMS_SD_ASN1_CTRL 170
+CMS_F_CMS_SET1_IAS 176
+CMS_F_CMS_SET1_KEYID 177
+CMS_F_CMS_SET1_SIGNERIDENTIFIER 146
+CMS_F_CMS_SET_DETACHED 147
+CMS_F_CMS_SIGN 148
+CMS_F_CMS_SIGNED_DATA_INIT 149
+CMS_F_CMS_SIGNERINFO_CONTENT_SIGN 150
+CMS_F_CMS_SIGNERINFO_SIGN 151
+CMS_F_CMS_SIGNERINFO_VERIFY 152
+CMS_F_CMS_SIGNERINFO_VERIFY_CERT 153
+CMS_F_CMS_SIGNERINFO_VERIFY_CONTENT 154
+CMS_F_CMS_SIGN_RECEIPT 163
+CMS_F_CMS_STREAM 155
+CMS_F_CMS_UNCOMPRESS 156
+CMS_F_CMS_VERIFY 157
+COMP_F_BIO_ZLIB_FLUSH 99
+COMP_F_BIO_ZLIB_NEW 100
+COMP_F_BIO_ZLIB_READ 101
+COMP_F_BIO_ZLIB_WRITE 102
+CONF_F_CONF_DUMP_FP 104
+CONF_F_CONF_LOAD 100
+CONF_F_CONF_LOAD_FP 103
+CONF_F_CONF_PARSE_LIST 119
+CONF_F_DEF_LOAD 120
+CONF_F_DEF_LOAD_BIO 121
+CONF_F_MODULE_INIT 115
+CONF_F_MODULE_LOAD_DSO 117
+CONF_F_MODULE_RUN 118
+CONF_F_NCONF_DUMP_BIO 105
+CONF_F_NCONF_DUMP_FP 106
+CONF_F_NCONF_GET_NUMBER_E 112
+CONF_F_NCONF_GET_SECTION 108
+CONF_F_NCONF_GET_STRING 109
+CONF_F_NCONF_LOAD 113
+CONF_F_NCONF_LOAD_BIO 110
+CONF_F_NCONF_LOAD_FP 114
+CONF_F_NCONF_NEW 111
+CONF_F_STR_COPY 101
+CRYPTO_F_CRYPTO_DUP_EX_DATA 110
+CRYPTO_F_CRYPTO_FREE_EX_DATA 111
+CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX 100
+CRYPTO_F_CRYPTO_MEMDUP 115
+CRYPTO_F_CRYPTO_NEW_EX_DATA 112
+CRYPTO_F_CRYPTO_SET_EX_DATA 102
+CRYPTO_F_FIPS_MODE_SET 109
+CRYPTO_F_GET_AND_LOCK 113
+CRYPTO_F_OPENSSL_BUF2HEXSTR 117
+CRYPTO_F_OPENSSL_HEXSTR2BUF 118
+CRYPTO_F_OPENSSL_INIT_CRYPTO 116
+CT_F_CTLOG_NEW 117
+CT_F_CTLOG_NEW_FROM_BASE64 118
+CT_F_CTLOG_NEW_FROM_CONF 119
+CT_F_CTLOG_STORE_LOAD_CTX_NEW 122
+CT_F_CTLOG_STORE_LOAD_FILE 123
+CT_F_CTLOG_STORE_LOAD_LOG 130
+CT_F_CTLOG_STORE_NEW 131
+CT_F_CT_BASE64_DECODE 124
+CT_F_CT_POLICY_EVAL_CTX_NEW 133
+CT_F_CT_V1_LOG_ID_FROM_PKEY 125
+CT_F_I2O_SCT 107
+CT_F_I2O_SCT_LIST 108
+CT_F_I2O_SCT_SIGNATURE 109
+CT_F_O2I_SCT 110
+CT_F_O2I_SCT_LIST 111
+CT_F_O2I_SCT_SIGNATURE 112
+CT_F_SCT_CTX_NEW 126
+CT_F_SCT_CTX_VERIFY 128
+CT_F_SCT_NEW 100
+CT_F_SCT_NEW_FROM_BASE64 127
+CT_F_SCT_SET0_LOG_ID 101
+CT_F_SCT_SET1_EXTENSIONS 114
+CT_F_SCT_SET1_LOG_ID 115
+CT_F_SCT_SET1_SIGNATURE 116
+CT_F_SCT_SET_LOG_ENTRY_TYPE 102
+CT_F_SCT_SET_SIGNATURE_NID 103
+CT_F_SCT_SET_VERSION 104
+DH_F_COMPUTE_KEY 102
+DH_F_DHPARAMS_PRINT_FP 101
+DH_F_DH_BUILTIN_GENPARAMS 106
+DH_F_DH_CMS_DECRYPT 114
+DH_F_DH_CMS_SET_PEERKEY 115
+DH_F_DH_CMS_SET_SHARED_INFO 116
+DH_F_DH_METH_DUP 117
+DH_F_DH_METH_NEW 118
+DH_F_DH_METH_SET1_NAME 119
+DH_F_DH_NEW_METHOD 105
+DH_F_DH_PARAM_DECODE 107
+DH_F_DH_PRIV_DECODE 110
+DH_F_DH_PRIV_ENCODE 111
+DH_F_DH_PUB_DECODE 108
+DH_F_DH_PUB_ENCODE 109
+DH_F_DO_DH_PRINT 100
+DH_F_GENERATE_KEY 103
+DH_F_PKEY_DH_DERIVE 112
+DH_F_PKEY_DH_KEYGEN 113
+DSA_F_DSAPARAMS_PRINT 100
+DSA_F_DSAPARAMS_PRINT_FP 101
+DSA_F_DSA_BUILTIN_PARAMGEN 125
+DSA_F_DSA_BUILTIN_PARAMGEN2 126
+DSA_F_DSA_DO_SIGN 112
+DSA_F_DSA_DO_VERIFY 113
+DSA_F_DSA_METH_DUP 127
+DSA_F_DSA_METH_NEW 128
+DSA_F_DSA_METH_SET1_NAME 129
+DSA_F_DSA_NEW_METHOD 103
+DSA_F_DSA_PARAM_DECODE 119
+DSA_F_DSA_PRINT_FP 105
+DSA_F_DSA_PRIV_DECODE 115
+DSA_F_DSA_PRIV_ENCODE 116
+DSA_F_DSA_PUB_DECODE 117
+DSA_F_DSA_PUB_ENCODE 118
+DSA_F_DSA_SIGN 106
+DSA_F_DSA_SIGN_SETUP 107
+DSA_F_DSA_SIG_NEW 102
+DSA_F_OLD_DSA_PRIV_DECODE 122
+DSA_F_PKEY_DSA_CTRL 120
+DSA_F_PKEY_DSA_KEYGEN 121
+DSO_F_DLFCN_BIND_FUNC 100
+DSO_F_DLFCN_LOAD 102
+DSO_F_DLFCN_MERGER 130
+DSO_F_DLFCN_NAME_CONVERTER 123
+DSO_F_DLFCN_UNLOAD 103
+DSO_F_DL_BIND_FUNC 104
+DSO_F_DL_LOAD 106
+DSO_F_DL_MERGER 131
+DSO_F_DL_NAME_CONVERTER 124
+DSO_F_DL_UNLOAD 107
+DSO_F_DSO_BIND_FUNC 108
+DSO_F_DSO_CONVERT_FILENAME 126
+DSO_F_DSO_CTRL 110
+DSO_F_DSO_FREE 111
+DSO_F_DSO_GET_FILENAME 127
+DSO_F_DSO_GLOBAL_LOOKUP 139
+DSO_F_DSO_LOAD 112
+DSO_F_DSO_MERGE 132
+DSO_F_DSO_NEW_METHOD 113
+DSO_F_DSO_PATHBYADDR 105
+DSO_F_DSO_SET_FILENAME 129
+DSO_F_DSO_UP_REF 114
+DSO_F_VMS_BIND_SYM 115
+DSO_F_VMS_LOAD 116
+DSO_F_VMS_MERGER 133
+DSO_F_VMS_UNLOAD 117
+DSO_F_WIN32_BIND_FUNC 101
+DSO_F_WIN32_GLOBALLOOKUP 142
+DSO_F_WIN32_JOINER 135
+DSO_F_WIN32_LOAD 120
+DSO_F_WIN32_MERGER 134
+DSO_F_WIN32_NAME_CONVERTER 125
+DSO_F_WIN32_PATHBYADDR 109
+DSO_F_WIN32_SPLITTER 136
+DSO_F_WIN32_UNLOAD 121
+EC_F_BN_TO_FELEM 224
+EC_F_D2I_ECPARAMETERS 144
+EC_F_D2I_ECPKPARAMETERS 145
+EC_F_D2I_ECPRIVATEKEY 146
+EC_F_DO_EC_KEY_PRINT 221
+EC_F_ECDH_CMS_DECRYPT 238
+EC_F_ECDH_CMS_SET_SHARED_INFO 239
+EC_F_ECDH_COMPUTE_KEY 246
+EC_F_ECDH_SIMPLE_COMPUTE_KEY 257
+EC_F_ECDSA_DO_SIGN_EX 251
+EC_F_ECDSA_DO_VERIFY 252
+EC_F_ECDSA_SIGN_EX 254
+EC_F_ECDSA_SIGN_SETUP 248
+EC_F_ECDSA_SIG_NEW 265
+EC_F_ECDSA_VERIFY 253
+EC_F_ECD_ITEM_VERIFY 270
+EC_F_ECKEY_PARAM2TYPE 223
+EC_F_ECKEY_PARAM_DECODE 212
+EC_F_ECKEY_PRIV_DECODE 213
+EC_F_ECKEY_PRIV_ENCODE 214
+EC_F_ECKEY_PUB_DECODE 215
+EC_F_ECKEY_PUB_ENCODE 216
+EC_F_ECKEY_TYPE2PARAM 220
+EC_F_ECPARAMETERS_PRINT 147
+EC_F_ECPARAMETERS_PRINT_FP 148
+EC_F_ECPKPARAMETERS_PRINT 149
+EC_F_ECPKPARAMETERS_PRINT_FP 150
+EC_F_ECP_NISTZ256_GET_AFFINE 240
+EC_F_ECP_NISTZ256_MULT_PRECOMPUTE 243
+EC_F_ECP_NISTZ256_POINTS_MUL 241
+EC_F_ECP_NISTZ256_PRE_COMP_NEW 244
+EC_F_ECP_NISTZ256_WINDOWED_MUL 242
+EC_F_ECX_KEY_OP 266
+EC_F_ECX_PRIV_ENCODE 267
+EC_F_ECX_PUB_ENCODE 268
+EC_F_EC_ASN1_GROUP2CURVE 153
+EC_F_EC_ASN1_GROUP2FIELDID 154
+EC_F_EC_GF2M_MONTGOMERY_POINT_MULTIPLY 208
+EC_F_EC_GF2M_SIMPLE_GROUP_CHECK_DISCRIMINANT 159
+EC_F_EC_GF2M_SIMPLE_GROUP_SET_CURVE 195
+EC_F_EC_GF2M_SIMPLE_OCT2POINT 160
+EC_F_EC_GF2M_SIMPLE_POINT2OCT 161
+EC_F_EC_GF2M_SIMPLE_POINT_GET_AFFINE_COORDINATES 162
+EC_F_EC_GF2M_SIMPLE_POINT_SET_AFFINE_COORDINATES 163
+EC_F_EC_GF2M_SIMPLE_SET_COMPRESSED_COORDINATES 164
+EC_F_EC_GFP_MONT_FIELD_DECODE 133
+EC_F_EC_GFP_MONT_FIELD_ENCODE 134
+EC_F_EC_GFP_MONT_FIELD_MUL 131
+EC_F_EC_GFP_MONT_FIELD_SET_TO_ONE 209
+EC_F_EC_GFP_MONT_FIELD_SQR 132
+EC_F_EC_GFP_MONT_GROUP_SET_CURVE 189
+EC_F_EC_GFP_NISTP224_GROUP_SET_CURVE 225
+EC_F_EC_GFP_NISTP224_POINTS_MUL 228
+EC_F_EC_GFP_NISTP224_POINT_GET_AFFINE_COORDINATES 226
+EC_F_EC_GFP_NISTP256_GROUP_SET_CURVE 230
+EC_F_EC_GFP_NISTP256_POINTS_MUL 231
+EC_F_EC_GFP_NISTP256_POINT_GET_AFFINE_COORDINATES 232
+EC_F_EC_GFP_NISTP521_GROUP_SET_CURVE 233
+EC_F_EC_GFP_NISTP521_POINTS_MUL 234
+EC_F_EC_GFP_NISTP521_POINT_GET_AFFINE_COORDINATES 235
+EC_F_EC_GFP_NIST_FIELD_MUL 200
+EC_F_EC_GFP_NIST_FIELD_SQR 201
+EC_F_EC_GFP_NIST_GROUP_SET_CURVE 202
+EC_F_EC_GFP_SIMPLE_GROUP_CHECK_DISCRIMINANT 165
+EC_F_EC_GFP_SIMPLE_GROUP_SET_CURVE 166
+EC_F_EC_GFP_SIMPLE_MAKE_AFFINE 102
+EC_F_EC_GFP_SIMPLE_OCT2POINT 103
+EC_F_EC_GFP_SIMPLE_POINT2OCT 104
+EC_F_EC_GFP_SIMPLE_POINTS_MAKE_AFFINE 137
+EC_F_EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES 167
+EC_F_EC_GFP_SIMPLE_POINT_SET_AFFINE_COORDINATES 168
+EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES 169
+EC_F_EC_GROUP_CHECK 170
+EC_F_EC_GROUP_CHECK_DISCRIMINANT 171
+EC_F_EC_GROUP_COPY 106
+EC_F_EC_GROUP_GET_CURVE_GF2M 172
+EC_F_EC_GROUP_GET_CURVE_GFP 130
+EC_F_EC_GROUP_GET_DEGREE 173
+EC_F_EC_GROUP_GET_ECPARAMETERS 261
+EC_F_EC_GROUP_GET_ECPKPARAMETERS 262
+EC_F_EC_GROUP_GET_PENTANOMIAL_BASIS 193
+EC_F_EC_GROUP_GET_TRINOMIAL_BASIS 194
+EC_F_EC_GROUP_NEW 108
+EC_F_EC_GROUP_NEW_BY_CURVE_NAME 174
+EC_F_EC_GROUP_NEW_FROM_DATA 175
+EC_F_EC_GROUP_NEW_FROM_ECPARAMETERS 263
+EC_F_EC_GROUP_NEW_FROM_ECPKPARAMETERS 264
+EC_F_EC_GROUP_SET_CURVE_GF2M 176
+EC_F_EC_GROUP_SET_CURVE_GFP 109
+EC_F_EC_GROUP_SET_GENERATOR 111
+EC_F_EC_KEY_CHECK_KEY 177
+EC_F_EC_KEY_COPY 178
+EC_F_EC_KEY_GENERATE_KEY 179
+EC_F_EC_KEY_NEW 182
+EC_F_EC_KEY_NEW_METHOD 245
+EC_F_EC_KEY_OCT2PRIV 255
+EC_F_EC_KEY_PRINT 180
+EC_F_EC_KEY_PRINT_FP 181
+EC_F_EC_KEY_PRIV2OCT 256
+EC_F_EC_KEY_SET_PUBLIC_KEY_AFFINE_COORDINATES 229
+EC_F_EC_KEY_SIMPLE_CHECK_KEY 258
+EC_F_EC_KEY_SIMPLE_OCT2PRIV 259
+EC_F_EC_KEY_SIMPLE_PRIV2OCT 260
+EC_F_EC_POINTS_MAKE_AFFINE 136
+EC_F_EC_POINT_ADD 112
+EC_F_EC_POINT_CMP 113
+EC_F_EC_POINT_COPY 114
+EC_F_EC_POINT_DBL 115
+EC_F_EC_POINT_GET_AFFINE_COORDINATES_GF2M 183
+EC_F_EC_POINT_GET_AFFINE_COORDINATES_GFP 116
+EC_F_EC_POINT_GET_JPROJECTIVE_COORDINATES_GFP 117
+EC_F_EC_POINT_INVERT 210
+EC_F_EC_POINT_IS_AT_INFINITY 118
+EC_F_EC_POINT_IS_ON_CURVE 119
+EC_F_EC_POINT_MAKE_AFFINE 120
+EC_F_EC_POINT_NEW 121
+EC_F_EC_POINT_OCT2POINT 122
+EC_F_EC_POINT_POINT2OCT 123
+EC_F_EC_POINT_SET_AFFINE_COORDINATES_GF2M 185
+EC_F_EC_POINT_SET_AFFINE_COORDINATES_GFP 124
+EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GF2M 186
+EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GFP 125
+EC_F_EC_POINT_SET_JPROJECTIVE_COORDINATES_GFP 126
+EC_F_EC_POINT_SET_TO_INFINITY 127
+EC_F_EC_PRE_COMP_NEW 196
+EC_F_EC_WNAF_MUL 187
+EC_F_EC_WNAF_PRECOMPUTE_MULT 188
+EC_F_I2D_ECPARAMETERS 190
+EC_F_I2D_ECPKPARAMETERS 191
+EC_F_I2D_ECPRIVATEKEY 192
+EC_F_I2O_ECPUBLICKEY 151
+EC_F_NISTP224_PRE_COMP_NEW 227
+EC_F_NISTP256_PRE_COMP_NEW 236
+EC_F_NISTP521_PRE_COMP_NEW 237
+EC_F_O2I_ECPUBLICKEY 152
+EC_F_OLD_EC_PRIV_DECODE 222
+EC_F_OSSL_ECDH_COMPUTE_KEY 247
+EC_F_OSSL_ECDSA_SIGN_SIG 249
+EC_F_OSSL_ECDSA_VERIFY_SIG 250
+EC_F_PKEY_ECD_CTRL 271
+EC_F_PKEY_ECD_DIGESTSIGN 272
+EC_F_PKEY_ECX_DERIVE 269
+EC_F_PKEY_EC_CTRL 197
+EC_F_PKEY_EC_CTRL_STR 198
+EC_F_PKEY_EC_DERIVE 217
+EC_F_PKEY_EC_KEYGEN 199
+EC_F_PKEY_EC_PARAMGEN 219
+EC_F_PKEY_EC_SIGN 218
+ENGINE_F_DYNAMIC_CTRL 180
+ENGINE_F_DYNAMIC_GET_DATA_CTX 181
+ENGINE_F_DYNAMIC_LOAD 182
+ENGINE_F_DYNAMIC_SET_DATA_CTX 183
+ENGINE_F_ENGINE_ADD 105
+ENGINE_F_ENGINE_BY_ID 106
+ENGINE_F_ENGINE_CMD_IS_EXECUTABLE 170
+ENGINE_F_ENGINE_CTRL 142
+ENGINE_F_ENGINE_CTRL_CMD 178
+ENGINE_F_ENGINE_CTRL_CMD_STRING 171
+ENGINE_F_ENGINE_FINISH 107
+ENGINE_F_ENGINE_GET_CIPHER 185
+ENGINE_F_ENGINE_GET_DIGEST 186
+ENGINE_F_ENGINE_GET_FIRST 195
+ENGINE_F_ENGINE_GET_LAST 196
+ENGINE_F_ENGINE_GET_NEXT 115
+ENGINE_F_ENGINE_GET_PKEY_ASN1_METH 193
+ENGINE_F_ENGINE_GET_PKEY_METH 192
+ENGINE_F_ENGINE_GET_PREV 116
+ENGINE_F_ENGINE_INIT 119
+ENGINE_F_ENGINE_LIST_ADD 120
+ENGINE_F_ENGINE_LIST_REMOVE 121
+ENGINE_F_ENGINE_LOAD_PRIVATE_KEY 150
+ENGINE_F_ENGINE_LOAD_PUBLIC_KEY 151
+ENGINE_F_ENGINE_LOAD_SSL_CLIENT_CERT 194
+ENGINE_F_ENGINE_NEW 122
+ENGINE_F_ENGINE_PKEY_ASN1_FIND_STR 197
+ENGINE_F_ENGINE_REMOVE 123
+ENGINE_F_ENGINE_SET_DEFAULT_STRING 189
+ENGINE_F_ENGINE_SET_ID 129
+ENGINE_F_ENGINE_SET_NAME 130
+ENGINE_F_ENGINE_TABLE_REGISTER 184
+ENGINE_F_ENGINE_UNLOCKED_FINISH 191
+ENGINE_F_ENGINE_UP_REF 190
+ENGINE_F_INT_CTRL_HELPER 172
+ENGINE_F_INT_ENGINE_CONFIGURE 188
+ENGINE_F_INT_ENGINE_MODULE_INIT 187
+EVP_F_AESNI_INIT_KEY 165
+EVP_F_AES_INIT_KEY 133
+EVP_F_AES_OCB_CIPHER 169
+EVP_F_AES_T4_INIT_KEY 178
+EVP_F_AES_WRAP_CIPHER 170
+EVP_F_ALG_MODULE_INIT 177
+EVP_F_ARIA_INIT_KEY 185
+EVP_F_CAMELLIA_INIT_KEY 159
+EVP_F_CHACHA20_POLY1305_CTRL 182
+EVP_F_CMLL_T4_INIT_KEY 179
+EVP_F_DES_EDE3_WRAP_CIPHER 171
+EVP_F_DO_SIGVER_INIT 161
+EVP_F_EVP_CIPHERINIT_EX 123
+EVP_F_EVP_CIPHER_CTX_COPY 163
+EVP_F_EVP_CIPHER_CTX_CTRL 124
+EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH 122
+EVP_F_EVP_DECRYPTFINAL_EX 101
+EVP_F_EVP_DECRYPTUPDATE 166
+EVP_F_EVP_DIGESTINIT_EX 128
+EVP_F_EVP_ENCRYPTFINAL_EX 127
+EVP_F_EVP_ENCRYPTUPDATE 167
+EVP_F_EVP_MD_CTX_COPY_EX 110
+EVP_F_EVP_MD_SIZE 162
+EVP_F_EVP_OPENINIT 102
+EVP_F_EVP_PBE_ALG_ADD 115
+EVP_F_EVP_PBE_ALG_ADD_TYPE 160
+EVP_F_EVP_PBE_CIPHERINIT 116
+EVP_F_EVP_PBE_SCRYPT 181
+EVP_F_EVP_PKCS82PKEY 111
+EVP_F_EVP_PKEY2PKCS8 113
+EVP_F_EVP_PKEY_COPY_PARAMETERS 103
+EVP_F_EVP_PKEY_CTX_CTRL 137
+EVP_F_EVP_PKEY_CTX_CTRL_STR 150
+EVP_F_EVP_PKEY_CTX_DUP 156
+EVP_F_EVP_PKEY_CTX_MD 168
+EVP_F_EVP_PKEY_DECRYPT 104
+EVP_F_EVP_PKEY_DECRYPT_INIT 138
+EVP_F_EVP_PKEY_DECRYPT_OLD 151
+EVP_F_EVP_PKEY_DERIVE 153
+EVP_F_EVP_PKEY_DERIVE_INIT 154
+EVP_F_EVP_PKEY_DERIVE_SET_PEER 155
+EVP_F_EVP_PKEY_ENCRYPT 105
+EVP_F_EVP_PKEY_ENCRYPT_INIT 139
+EVP_F_EVP_PKEY_ENCRYPT_OLD 152
+EVP_F_EVP_PKEY_GET0_DH 119
+EVP_F_EVP_PKEY_GET0_DSA 120
+EVP_F_EVP_PKEY_GET0_EC_KEY 131
+EVP_F_EVP_PKEY_GET0_HMAC 183
+EVP_F_EVP_PKEY_GET0_POLY1305 184
+EVP_F_EVP_PKEY_GET0_RSA 121
+EVP_F_EVP_PKEY_GET0_SIPHASH 172
+EVP_F_EVP_PKEY_KEYGEN 146
+EVP_F_EVP_PKEY_KEYGEN_INIT 147
+EVP_F_EVP_PKEY_NEW 106
+EVP_F_EVP_PKEY_PARAMGEN 148
+EVP_F_EVP_PKEY_PARAMGEN_INIT 149
+EVP_F_EVP_PKEY_SIGN 140
+EVP_F_EVP_PKEY_SIGN_INIT 141
+EVP_F_EVP_PKEY_VERIFY 142
+EVP_F_EVP_PKEY_VERIFY_INIT 143
+EVP_F_EVP_PKEY_VERIFY_RECOVER 144
+EVP_F_EVP_PKEY_VERIFY_RECOVER_INIT 145
+EVP_F_EVP_SIGNFINAL 107
+EVP_F_EVP_VERIFYFINAL 108
+EVP_F_INT_CTX_NEW 157
+EVP_F_PKCS5_PBE_KEYIVGEN 117
+EVP_F_PKCS5_V2_PBE_KEYIVGEN 118
+EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN 164
+EVP_F_PKCS5_V2_SCRYPT_KEYIVGEN 180
+EVP_F_PKEY_SET_TYPE 158
+EVP_F_RC2_MAGIC_TO_METH 109
+EVP_F_RC5_CTRL 125
+EVP_F_UPDATE 173
+KDF_F_PKEY_TLS1_PRF_CTRL_STR 100
+KDF_F_PKEY_TLS1_PRF_DERIVE 101
+OBJ_F_OBJ_ADD_OBJECT 105
+OBJ_F_OBJ_CREATE 100
+OBJ_F_OBJ_DUP 101
+OBJ_F_OBJ_NAME_NEW_INDEX 106
+OBJ_F_OBJ_NID2LN 102
+OBJ_F_OBJ_NID2OBJ 103
+OBJ_F_OBJ_NID2SN 104
+OCSP_F_D2I_OCSP_NONCE 102
+OCSP_F_OCSP_BASIC_ADD1_STATUS 103
+OCSP_F_OCSP_BASIC_SIGN 104
+OCSP_F_OCSP_BASIC_VERIFY 105
+OCSP_F_OCSP_CERT_ID_NEW 101
+OCSP_F_OCSP_CHECK_DELEGATED 106
+OCSP_F_OCSP_CHECK_IDS 107
+OCSP_F_OCSP_CHECK_ISSUER 108
+OCSP_F_OCSP_CHECK_VALIDITY 115
+OCSP_F_OCSP_MATCH_ISSUERID 109
+OCSP_F_OCSP_PARSE_URL 114
+OCSP_F_OCSP_REQUEST_SIGN 110
+OCSP_F_OCSP_REQUEST_VERIFY 116
+OCSP_F_OCSP_RESPONSE_GET1_BASIC 111
+OCSP_F_PARSE_HTTP_LINE1 118
+PEM_F_B2I_DSS 127
+PEM_F_B2I_PVK_BIO 128
+PEM_F_B2I_RSA 129
+PEM_F_CHECK_BITLEN_DSA 130
+PEM_F_CHECK_BITLEN_RSA 131
+PEM_F_D2I_PKCS8PRIVATEKEY_BIO 120
+PEM_F_D2I_PKCS8PRIVATEKEY_FP 121
+PEM_F_DO_B2I 132
+PEM_F_DO_B2I_BIO 133
+PEM_F_DO_BLOB_HEADER 134
+PEM_F_DO_PK8PKEY 126
+PEM_F_DO_PK8PKEY_FP 125
+PEM_F_DO_PVK_BODY 135
+PEM_F_DO_PVK_HEADER 136
+PEM_F_GET_HEADER_AND_DATA 143
+PEM_F_GET_NAME 144
+PEM_F_I2B_PVK 137
+PEM_F_I2B_PVK_BIO 138
+PEM_F_LOAD_IV 101
+PEM_F_PEM_ASN1_READ 102
+PEM_F_PEM_ASN1_READ_BIO 103
+PEM_F_PEM_ASN1_WRITE 104
+PEM_F_PEM_ASN1_WRITE_BIO 105
+PEM_F_PEM_DEF_CALLBACK 100
+PEM_F_PEM_DO_HEADER 106
+PEM_F_PEM_GET_EVP_CIPHER_INFO 107
+PEM_F_PEM_READ 108
+PEM_F_PEM_READ_BIO 109
+PEM_F_PEM_READ_BIO_DHPARAMS 141
+PEM_F_PEM_READ_BIO_EX 145
+PEM_F_PEM_READ_BIO_PARAMETERS 140
+PEM_F_PEM_READ_BIO_PRIVATEKEY 123
+PEM_F_PEM_READ_DHPARAMS 142
+PEM_F_PEM_READ_PRIVATEKEY 124
+PEM_F_PEM_SIGNFINAL 112
+PEM_F_PEM_WRITE 113
+PEM_F_PEM_WRITE_BIO 114
+PEM_F_PEM_WRITE_PRIVATEKEY 139
+PEM_F_PEM_X509_INFO_READ 115
+PEM_F_PEM_X509_INFO_READ_BIO 116
+PEM_F_PEM_X509_INFO_WRITE_BIO 117
+PKCS12_F_PKCS12_CREATE 105
+PKCS12_F_PKCS12_GEN_MAC 107
+PKCS12_F_PKCS12_INIT 109
+PKCS12_F_PKCS12_ITEM_DECRYPT_D2I 106
+PKCS12_F_PKCS12_ITEM_I2D_ENCRYPT 108
+PKCS12_F_PKCS12_ITEM_PACK_SAFEBAG 117
+PKCS12_F_PKCS12_KEY_GEN_ASC 110
+PKCS12_F_PKCS12_KEY_GEN_UNI 111
+PKCS12_F_PKCS12_KEY_GEN_UTF8 116
+PKCS12_F_PKCS12_NEWPASS 128
+PKCS12_F_PKCS12_PACK_P7DATA 114
+PKCS12_F_PKCS12_PACK_P7ENCDATA 115
+PKCS12_F_PKCS12_PARSE 118
+PKCS12_F_PKCS12_PBE_CRYPT 119
+PKCS12_F_PKCS12_PBE_KEYIVGEN 120
+PKCS12_F_PKCS12_SAFEBAG_CREATE0_P8INF 112
+PKCS12_F_PKCS12_SAFEBAG_CREATE0_PKCS8 113
+PKCS12_F_PKCS12_SAFEBAG_CREATE_PKCS8_ENCRYPT 133
+PKCS12_F_PKCS12_SETUP_MAC 122
+PKCS12_F_PKCS12_SET_MAC 123
+PKCS12_F_PKCS12_UNPACK_AUTHSAFES 130
+PKCS12_F_PKCS12_UNPACK_P7DATA 131
+PKCS12_F_PKCS12_VERIFY_MAC 126
+PKCS12_F_PKCS8_ENCRYPT 125
+PKCS12_F_PKCS8_SET0_PBE 132
+PKCS7_F_DO_PKCS7_SIGNED_ATTRIB 136
+PKCS7_F_PKCS7_ADD0_ATTRIB_SIGNING_TIME 135
+PKCS7_F_PKCS7_ADD_ATTRIB_SMIMECAP 118
+PKCS7_F_PKCS7_ADD_CERTIFICATE 100
+PKCS7_F_PKCS7_ADD_CRL 101
+PKCS7_F_PKCS7_ADD_RECIPIENT_INFO 102
+PKCS7_F_PKCS7_ADD_SIGNATURE 131
+PKCS7_F_PKCS7_ADD_SIGNER 103
+PKCS7_F_PKCS7_BIO_ADD_DIGEST 125
+PKCS7_F_PKCS7_COPY_EXISTING_DIGEST 138
+PKCS7_F_PKCS7_CTRL 104
+PKCS7_F_PKCS7_DATADECODE 112
+PKCS7_F_PKCS7_DATAFINAL 128
+PKCS7_F_PKCS7_DATAINIT 105
+PKCS7_F_PKCS7_DATAVERIFY 107
+PKCS7_F_PKCS7_DECRYPT 114
+PKCS7_F_PKCS7_DECRYPT_RINFO 133
+PKCS7_F_PKCS7_ENCODE_RINFO 132
+PKCS7_F_PKCS7_ENCRYPT 115
+PKCS7_F_PKCS7_FINAL 134
+PKCS7_F_PKCS7_FIND_DIGEST 127
+PKCS7_F_PKCS7_GET0_SIGNERS 124
+PKCS7_F_PKCS7_RECIP_INFO_SET 130
+PKCS7_F_PKCS7_SET_CIPHER 108
+PKCS7_F_PKCS7_SET_CONTENT 109
+PKCS7_F_PKCS7_SET_DIGEST 126
+PKCS7_F_PKCS7_SET_TYPE 110
+PKCS7_F_PKCS7_SIGN 116
+PKCS7_F_PKCS7_SIGNATUREVERIFY 113
+PKCS7_F_PKCS7_SIGNER_INFO_SET 129
+PKCS7_F_PKCS7_SIGNER_INFO_SIGN 139
+PKCS7_F_PKCS7_SIGN_ADD_SIGNER 137
+PKCS7_F_PKCS7_SIMPLE_SMIMECAP 119
+PKCS7_F_PKCS7_VERIFY 117
+RAND_F_RAND_BYTES 100
+RSA_F_CHECK_PADDING_MD 140
+RSA_F_ENCODE_PKCS1 146
+RSA_F_INT_RSA_VERIFY 145
+RSA_F_OLD_RSA_PRIV_DECODE 147
+RSA_F_PKEY_PSS_INIT 165
+RSA_F_PKEY_RSA_CTRL 143
+RSA_F_PKEY_RSA_CTRL_STR 144
+RSA_F_PKEY_RSA_SIGN 142
+RSA_F_PKEY_RSA_VERIFY 149
+RSA_F_PKEY_RSA_VERIFYRECOVER 141
+RSA_F_RSA_ALGOR_TO_MD 156
+RSA_F_RSA_BUILTIN_KEYGEN 129
+RSA_F_RSA_CHECK_KEY 123
+RSA_F_RSA_CHECK_KEY_EX 160
+RSA_F_RSA_CMS_DECRYPT 159
+RSA_F_RSA_CMS_VERIFY 158
+RSA_F_RSA_ITEM_VERIFY 148
+RSA_F_RSA_METH_DUP 161
+RSA_F_RSA_METH_NEW 162
+RSA_F_RSA_METH_SET1_NAME 163
+RSA_F_RSA_MGF1_TO_MD 157
+RSA_F_RSA_NEW_METHOD 106
+RSA_F_RSA_NULL 124
+RSA_F_RSA_NULL_PRIVATE_DECRYPT 132
+RSA_F_RSA_NULL_PRIVATE_ENCRYPT 133
+RSA_F_RSA_NULL_PUBLIC_DECRYPT 134
+RSA_F_RSA_NULL_PUBLIC_ENCRYPT 135
+RSA_F_RSA_OSSL_PRIVATE_DECRYPT 101
+RSA_F_RSA_OSSL_PRIVATE_ENCRYPT 102
+RSA_F_RSA_OSSL_PUBLIC_DECRYPT 103
+RSA_F_RSA_OSSL_PUBLIC_ENCRYPT 104
+RSA_F_RSA_PADDING_ADD_NONE 107
+RSA_F_RSA_PADDING_ADD_PKCS1_OAEP 121
+RSA_F_RSA_PADDING_ADD_PKCS1_OAEP_MGF1 154
+RSA_F_RSA_PADDING_ADD_PKCS1_PSS 125
+RSA_F_RSA_PADDING_ADD_PKCS1_PSS_MGF1 152
+RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1 108
+RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2 109
+RSA_F_RSA_PADDING_ADD_SSLV23 110
+RSA_F_RSA_PADDING_ADD_X931 127
+RSA_F_RSA_PADDING_CHECK_NONE 111
+RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP 122
+RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP_MGF1 153
+RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1 112
+RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2 113
+RSA_F_RSA_PADDING_CHECK_SSLV23 114
+RSA_F_RSA_PADDING_CHECK_X931 128
+RSA_F_RSA_PARAM_DECODE 164
+RSA_F_RSA_PRINT 115
+RSA_F_RSA_PRINT_FP 116
+RSA_F_RSA_PRIV_DECODE 150
+RSA_F_RSA_PRIV_ENCODE 138
+RSA_F_RSA_PSS_GET_PARAM 151
+RSA_F_RSA_PSS_TO_CTX 155
+RSA_F_RSA_PUB_DECODE 139
+RSA_F_RSA_SETUP_BLINDING 136
+RSA_F_RSA_SIGN 117
+RSA_F_RSA_SIGN_ASN1_OCTET_STRING 118
+RSA_F_RSA_VERIFY 119
+RSA_F_RSA_VERIFY_ASN1_OCTET_STRING 120
+RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1 126
+SSL_F_ADD_CLIENT_KEY_SHARE_EXT 438
+SSL_F_ADD_KEY_SHARE 512
+SSL_F_BYTES_TO_CIPHER_LIST 519
+SSL_F_CHECK_SUITEB_CIPHER_LIST 331
+SSL_F_CREATE_SYNTHETIC_MESSAGE_HASH 539
+SSL_F_CT_MOVE_SCTS 345
+SSL_F_CT_STRICT 349
+SSL_F_D2I_SSL_SESSION 103
+SSL_F_DANE_CTX_ENABLE 347
+SSL_F_DANE_MTYPE_SET 393
+SSL_F_DANE_TLSA_ADD 394
+SSL_F_DERIVE_SECRET_KEY_AND_IV 514
+SSL_F_DO_DTLS1_WRITE 245
+SSL_F_DO_SSL3_WRITE 104
+SSL_F_DTLS1_BUFFER_RECORD 247
+SSL_F_DTLS1_CHECK_TIMEOUT_NUM 318
+SSL_F_DTLS1_HEARTBEAT 305
+SSL_F_DTLS1_PREPROCESS_FRAGMENT 288
+SSL_F_DTLS1_PROCESS_BUFFERED_RECORDS 424
+SSL_F_DTLS1_PROCESS_RECORD 257
+SSL_F_DTLS1_READ_BYTES 258
+SSL_F_DTLS1_READ_FAILED 339
+SSL_F_DTLS1_RETRANSMIT_MESSAGE 390
+SSL_F_DTLS1_WRITE_APP_DATA_BYTES 268
+SSL_F_DTLS1_WRITE_BYTES 545
+SSL_F_DTLSV1_LISTEN 350
+SSL_F_DTLS_CONSTRUCT_CHANGE_CIPHER_SPEC 371
+SSL_F_DTLS_CONSTRUCT_HELLO_VERIFY_REQUEST 385
+SSL_F_DTLS_GET_REASSEMBLED_MESSAGE 370
+SSL_F_DTLS_PROCESS_HELLO_VERIFY 386
+SSL_F_EARLY_DATA_COUNT_OK 532
+SSL_F_FINAL_EC_PT_FORMATS 485
+SSL_F_FINAL_EMS 486
+SSL_F_FINAL_KEY_SHARE 503
+SSL_F_FINAL_RENEGOTIATE 483
+SSL_F_FINAL_SIG_ALGS 497
+SSL_F_NSS_KEYLOG_INT 500
+SSL_F_OPENSSL_INIT_SSL 342
+SSL_F_OSSL_STATEM_CLIENT13_READ_TRANSITION 436
+SSL_F_OSSL_STATEM_CLIENT_CONSTRUCT_MESSAGE 430
+SSL_F_OSSL_STATEM_CLIENT_READ_TRANSITION 417
+SSL_F_OSSL_STATEM_SERVER13_READ_TRANSITION 437
+SSL_F_OSSL_STATEM_SERVER_CONSTRUCT_MESSAGE 431
+SSL_F_OSSL_STATEM_SERVER_READ_TRANSITION 418
+SSL_F_PARSE_CA_NAMES 541
+SSL_F_PROCESS_KEY_SHARE_EXT 439
+SSL_F_READ_STATE_MACHINE 352
+SSL_F_SET_CLIENT_CIPHERSUITE 540
+SSL_F_SSL3_CHANGE_CIPHER_STATE 129
+SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM 130
+SSL_F_SSL3_CTRL 213
+SSL_F_SSL3_CTX_CTRL 133
+SSL_F_SSL3_DIGEST_CACHED_RECORDS 293
+SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC 292
+SSL_F_SSL3_FINAL_FINISH_MAC 285
+SSL_F_SSL3_GENERATE_KEY_BLOCK 238
+SSL_F_SSL3_GENERATE_MASTER_SECRET 388
+SSL_F_SSL3_GET_RECORD 143
+SSL_F_SSL3_INIT_FINISHED_MAC 397
+SSL_F_SSL3_OUTPUT_CERT_CHAIN 147
+SSL_F_SSL3_READ_BYTES 148
+SSL_F_SSL3_READ_N 149
+SSL_F_SSL3_SETUP_KEY_BLOCK 157
+SSL_F_SSL3_SETUP_READ_BUFFER 156
+SSL_F_SSL3_SETUP_WRITE_BUFFER 291
+SSL_F_SSL3_WRITE_BYTES 158
+SSL_F_SSL3_WRITE_PENDING 159
+SSL_F_SSL_ADD_CERT_CHAIN 316
+SSL_F_SSL_ADD_CERT_TO_BUF 319
+SSL_F_SSL_ADD_CERT_TO_WPACKET 493
+SSL_F_SSL_ADD_CLIENTHELLO_RENEGOTIATE_EXT 298
+SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT 277
+SSL_F_SSL_ADD_CLIENTHELLO_USE_SRTP_EXT 307
+SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK 215
+SSL_F_SSL_ADD_FILE_CERT_SUBJECTS_TO_STACK 216
+SSL_F_SSL_ADD_SERVERHELLO_RENEGOTIATE_EXT 299
+SSL_F_SSL_ADD_SERVERHELLO_TLSEXT 278
+SSL_F_SSL_ADD_SERVERHELLO_USE_SRTP_EXT 308
+SSL_F_SSL_BAD_METHOD 160
+SSL_F_SSL_BUILD_CERT_CHAIN 332
+SSL_F_SSL_BYTES_TO_CIPHER_LIST 161
+SSL_F_SSL_CACHE_CIPHERLIST 520
+SSL_F_SSL_CERT_ADD0_CHAIN_CERT 346
+SSL_F_SSL_CERT_DUP 221
+SSL_F_SSL_CERT_NEW 162
+SSL_F_SSL_CERT_SET0_CHAIN 340
+SSL_F_SSL_CHECK_PRIVATE_KEY 163
+SSL_F_SSL_CHECK_SERVERHELLO_TLSEXT 280
+SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG 279
+SSL_F_SSL_CIPHER_LIST_TO_BYTES 425
+SSL_F_SSL_CIPHER_PROCESS_RULESTR 230
+SSL_F_SSL_CIPHER_STRENGTH_SORT 231
+SSL_F_SSL_CLEAR 164
+SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD 165
+SSL_F_SSL_CONF_CMD 334
+SSL_F_SSL_CREATE_CIPHER_LIST 166
+SSL_F_SSL_CTRL 232
+SSL_F_SSL_CTX_CHECK_PRIVATE_KEY 168
+SSL_F_SSL_CTX_ENABLE_CT 398
+SSL_F_SSL_CTX_MAKE_PROFILES 309
+SSL_F_SSL_CTX_NEW 169
+SSL_F_SSL_CTX_SET_ALPN_PROTOS 343
+SSL_F_SSL_CTX_SET_CIPHER_LIST 269
+SSL_F_SSL_CTX_SET_CLIENT_CERT_ENGINE 290
+SSL_F_SSL_CTX_SET_CT_VALIDATION_CALLBACK 396
+SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT 219
+SSL_F_SSL_CTX_SET_SSL_VERSION 170
+SSL_F_SSL_CTX_USE_CERTIFICATE 171
+SSL_F_SSL_CTX_USE_CERTIFICATE_ASN1 172
+SSL_F_SSL_CTX_USE_CERTIFICATE_FILE 173
+SSL_F_SSL_CTX_USE_PRIVATEKEY 174
+SSL_F_SSL_CTX_USE_PRIVATEKEY_ASN1 175
+SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE 176
+SSL_F_SSL_CTX_USE_PSK_IDENTITY_HINT 272
+SSL_F_SSL_CTX_USE_RSAPRIVATEKEY 177
+SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_ASN1 178
+SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE 179
+SSL_F_SSL_CTX_USE_SERVERINFO 336
+SSL_F_SSL_CTX_USE_SERVERINFO_EX 543
+SSL_F_SSL_CTX_USE_SERVERINFO_FILE 337
+SSL_F_SSL_DANE_DUP 403
+SSL_F_SSL_DANE_ENABLE 395
+SSL_F_SSL_DO_CONFIG 391
+SSL_F_SSL_DO_HANDSHAKE 180
+SSL_F_SSL_DUP_CA_LIST 408
+SSL_F_SSL_ENABLE_CT 402
+SSL_F_SSL_GET_NEW_SESSION 181
+SSL_F_SSL_GET_PREV_SESSION 217
+SSL_F_SSL_GET_SERVER_CERT_INDEX 322
+SSL_F_SSL_GET_SIGN_PKEY 183
+SSL_F_SSL_INIT_WBIO_BUFFER 184
+SSL_F_SSL_KEY_UPDATE 515
+SSL_F_SSL_LOAD_CLIENT_CA_FILE 185
+SSL_F_SSL_LOG_MASTER_SECRET 498
+SSL_F_SSL_LOG_RSA_CLIENT_KEY_EXCHANGE 499
+SSL_F_SSL_MODULE_INIT 392
+SSL_F_SSL_NEW 186
+SSL_F_SSL_PARSE_CLIENTHELLO_RENEGOTIATE_EXT 300
+SSL_F_SSL_PARSE_CLIENTHELLO_TLSEXT 302
+SSL_F_SSL_PARSE_CLIENTHELLO_USE_SRTP_EXT 310
+SSL_F_SSL_PARSE_SERVERHELLO_RENEGOTIATE_EXT 301
+SSL_F_SSL_PARSE_SERVERHELLO_TLSEXT 303
+SSL_F_SSL_PARSE_SERVERHELLO_USE_SRTP_EXT 311
+SSL_F_SSL_PEEK 270
+SSL_F_SSL_PEEK_EX 432
+SSL_F_SSL_PEEK_INTERNAL 522
+SSL_F_SSL_READ 223
+SSL_F_SSL_READ_EARLY_DATA 529
+SSL_F_SSL_READ_EX 434
+SSL_F_SSL_READ_INTERNAL 523
+SSL_F_SSL_RENEGOTIATE 516
+SSL_F_SSL_RENEGOTIATE_ABBREVIATED 546
+SSL_F_SSL_SCAN_CLIENTHELLO_TLSEXT 320
+SSL_F_SSL_SCAN_SERVERHELLO_TLSEXT 321
+SSL_F_SSL_SESSION_DUP 348
+SSL_F_SSL_SESSION_NEW 189
+SSL_F_SSL_SESSION_PRINT_FP 190
+SSL_F_SSL_SESSION_SET1_ID 423
+SSL_F_SSL_SESSION_SET1_ID_CONTEXT 312
+SSL_F_SSL_SET_ALPN_PROTOS 344
+SSL_F_SSL_SET_CERT 191
+SSL_F_SSL_SET_CIPHER_LIST 271
+SSL_F_SSL_SET_CT_VALIDATION_CALLBACK 399
+SSL_F_SSL_SET_FD 192
+SSL_F_SSL_SET_PKEY 193
+SSL_F_SSL_SET_RFD 194
+SSL_F_SSL_SET_SESSION 195
+SSL_F_SSL_SET_SESSION_ID_CONTEXT 218
+SSL_F_SSL_SET_SESSION_TICKET_EXT 294
+SSL_F_SSL_SET_WFD 196
+SSL_F_SSL_SHUTDOWN 224
+SSL_F_SSL_SRP_CTX_INIT 313
+SSL_F_SSL_START_ASYNC_JOB 389
+SSL_F_SSL_UNDEFINED_FUNCTION 197
+SSL_F_SSL_UNDEFINED_VOID_FUNCTION 244
+SSL_F_SSL_USE_CERTIFICATE 198
+SSL_F_SSL_USE_CERTIFICATE_ASN1 199
+SSL_F_SSL_USE_CERTIFICATE_FILE 200
+SSL_F_SSL_USE_PRIVATEKEY 201
+SSL_F_SSL_USE_PRIVATEKEY_ASN1 202
+SSL_F_SSL_USE_PRIVATEKEY_FILE 203
+SSL_F_SSL_USE_PSK_IDENTITY_HINT 273
+SSL_F_SSL_USE_RSAPRIVATEKEY 204
+SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1 205
+SSL_F_SSL_USE_RSAPRIVATEKEY_FILE 206
+SSL_F_SSL_VALIDATE_CT 400
+SSL_F_SSL_VERIFY_CERT_CHAIN 207
+SSL_F_SSL_WRITE 208
+SSL_F_SSL_WRITE_EARLY_DATA 526
+SSL_F_SSL_WRITE_EARLY_FINISH 527
+SSL_F_SSL_WRITE_EX 433
+SSL_F_SSL_WRITE_INTERNAL 524
+SSL_F_STATE_MACHINE 353
+SSL_F_TLS12_CHECK_PEER_SIGALG 333
+SSL_F_TLS12_COPY_SIGALGS 533
+SSL_F_TLS13_CHANGE_CIPHER_STATE 440
+SSL_F_TLS13_SETUP_KEY_BLOCK 441
+SSL_F_TLS1_CHANGE_CIPHER_STATE 209
+SSL_F_TLS1_CHECK_DUPLICATE_EXTENSIONS 341
+SSL_F_TLS1_ENC 401
+SSL_F_TLS1_EXPORT_KEYING_MATERIAL 314
+SSL_F_TLS1_GET_CURVELIST 338
+SSL_F_TLS1_PRF 284
+SSL_F_TLS1_SETUP_KEY_BLOCK 211
+SSL_F_TLS1_SET_SERVER_SIGALGS 335
+SSL_F_TLS_CHOOSE_SIGALG 513
+SSL_F_TLS_CLIENT_KEY_EXCHANGE_POST_WORK 354
+SSL_F_TLS_COLLECT_EXTENSIONS 435
+SSL_F_TLS_CONSTRUCT_CERTIFICATE_AUTHORITIES 542
+SSL_F_TLS_CONSTRUCT_CERTIFICATE_REQUEST 372
+SSL_F_TLS_CONSTRUCT_CERT_STATUS 429
+SSL_F_TLS_CONSTRUCT_CERT_STATUS_BODY 494
+SSL_F_TLS_CONSTRUCT_CERT_VERIFY 496
+SSL_F_TLS_CONSTRUCT_CHANGE_CIPHER_SPEC 427
+SSL_F_TLS_CONSTRUCT_CKE_DHE 404
+SSL_F_TLS_CONSTRUCT_CKE_ECDHE 405
+SSL_F_TLS_CONSTRUCT_CKE_GOST 406
+SSL_F_TLS_CONSTRUCT_CKE_PSK_PREAMBLE 407
+SSL_F_TLS_CONSTRUCT_CKE_RSA 409
+SSL_F_TLS_CONSTRUCT_CKE_SRP 410
+SSL_F_TLS_CONSTRUCT_CLIENT_CERTIFICATE 484
+SSL_F_TLS_CONSTRUCT_CLIENT_HELLO 487
+SSL_F_TLS_CONSTRUCT_CLIENT_KEY_EXCHANGE 488
+SSL_F_TLS_CONSTRUCT_CLIENT_VERIFY 489
+SSL_F_TLS_CONSTRUCT_CTOS_ALPN 466
+SSL_F_TLS_CONSTRUCT_CTOS_CERTIFICATE 355
+SSL_F_TLS_CONSTRUCT_CTOS_COOKIE 535
+SSL_F_TLS_CONSTRUCT_CTOS_EARLY_DATA 530
+SSL_F_TLS_CONSTRUCT_CTOS_EC_PT_FORMATS 467
+SSL_F_TLS_CONSTRUCT_CTOS_EMS 468
+SSL_F_TLS_CONSTRUCT_CTOS_ETM 469
+SSL_F_TLS_CONSTRUCT_CTOS_HELLO 356
+SSL_F_TLS_CONSTRUCT_CTOS_KEY_EXCHANGE 357
+SSL_F_TLS_CONSTRUCT_CTOS_KEY_SHARE 470
+SSL_F_TLS_CONSTRUCT_CTOS_NPN 471
+SSL_F_TLS_CONSTRUCT_CTOS_PADDING 472
+SSL_F_TLS_CONSTRUCT_CTOS_PSK 501
+SSL_F_TLS_CONSTRUCT_CTOS_PSK_KEX_MODES 509
+SSL_F_TLS_CONSTRUCT_CTOS_RENEGOTIATE 473
+SSL_F_TLS_CONSTRUCT_CTOS_SCT 474
+SSL_F_TLS_CONSTRUCT_CTOS_SERVER_NAME 475
+SSL_F_TLS_CONSTRUCT_CTOS_SESSION_TICKET 476
+SSL_F_TLS_CONSTRUCT_CTOS_SIG_ALGS 477
+SSL_F_TLS_CONSTRUCT_CTOS_SRP 478
+SSL_F_TLS_CONSTRUCT_CTOS_STATUS_REQUEST 479
+SSL_F_TLS_CONSTRUCT_CTOS_SUPPORTED_GROUPS 480
+SSL_F_TLS_CONSTRUCT_CTOS_SUPPORTED_VERSIONS 481
+SSL_F_TLS_CONSTRUCT_CTOS_USE_SRTP 482
+SSL_F_TLS_CONSTRUCT_CTOS_VERIFY 358
+SSL_F_TLS_CONSTRUCT_ENCRYPTED_EXTENSIONS 443
+SSL_F_TLS_CONSTRUCT_END_OF_EARLY_DATA 536
+SSL_F_TLS_CONSTRUCT_EXTENSIONS 447
+SSL_F_TLS_CONSTRUCT_FINISHED 359
+SSL_F_TLS_CONSTRUCT_HELLO_REQUEST 373
+SSL_F_TLS_CONSTRUCT_HELLO_RETRY_REQUEST 510
+SSL_F_TLS_CONSTRUCT_KEY_UPDATE 517
+SSL_F_TLS_CONSTRUCT_NEW_SESSION_TICKET 428
+SSL_F_TLS_CONSTRUCT_NEXT_PROTO 426
+SSL_F_TLS_CONSTRUCT_SERVER_CERTIFICATE 490
+SSL_F_TLS_CONSTRUCT_SERVER_HELLO 491
+SSL_F_TLS_CONSTRUCT_SERVER_KEY_EXCHANGE 492
+SSL_F_TLS_CONSTRUCT_STOC_ALPN 451
+SSL_F_TLS_CONSTRUCT_STOC_CERTIFICATE 374
+SSL_F_TLS_CONSTRUCT_STOC_CRYPTOPRO_BUG 452
+SSL_F_TLS_CONSTRUCT_STOC_DONE 375
+SSL_F_TLS_CONSTRUCT_STOC_EARLY_DATA 531
+SSL_F_TLS_CONSTRUCT_STOC_EARLY_DATA_INFO 525
+SSL_F_TLS_CONSTRUCT_STOC_EC_PT_FORMATS 453
+SSL_F_TLS_CONSTRUCT_STOC_EMS 454
+SSL_F_TLS_CONSTRUCT_STOC_ETM 455
+SSL_F_TLS_CONSTRUCT_STOC_HELLO 376
+SSL_F_TLS_CONSTRUCT_STOC_KEY_EXCHANGE 377
+SSL_F_TLS_CONSTRUCT_STOC_KEY_SHARE 456
+SSL_F_TLS_CONSTRUCT_STOC_NEXT_PROTO_NEG 457
+SSL_F_TLS_CONSTRUCT_STOC_PSK 504
+SSL_F_TLS_CONSTRUCT_STOC_RENEGOTIATE 458
+SSL_F_TLS_CONSTRUCT_STOC_SERVER_NAME 459
+SSL_F_TLS_CONSTRUCT_STOC_SESSION_TICKET 460
+SSL_F_TLS_CONSTRUCT_STOC_STATUS_REQUEST 461
+SSL_F_TLS_CONSTRUCT_STOC_SUPPORTED_GROUPS 544
+SSL_F_TLS_CONSTRUCT_STOC_USE_SRTP 462
+SSL_F_TLS_EARLY_POST_PROCESS_CLIENT_HELLO 521
+SSL_F_TLS_GET_MESSAGE_BODY 351
+SSL_F_TLS_GET_MESSAGE_HEADER 387
+SSL_F_TLS_PARSE_CLIENTHELLO_TLSEXT 449
+SSL_F_TLS_PARSE_CTOS_KEY_SHARE 463
+SSL_F_TLS_PARSE_CTOS_PSK 505
+SSL_F_TLS_PARSE_CTOS_RENEGOTIATE 464
+SSL_F_TLS_PARSE_CTOS_USE_SRTP 465
+SSL_F_TLS_PARSE_STOC_COOKIE 534
+SSL_F_TLS_PARSE_STOC_EARLY_DATA 538
+SSL_F_TLS_PARSE_STOC_EARLY_DATA_INFO 528
+SSL_F_TLS_PARSE_STOC_KEY_SHARE 445
+SSL_F_TLS_PARSE_STOC_PSK 502
+SSL_F_TLS_PARSE_STOC_RENEGOTIATE 448
+SSL_F_TLS_PARSE_STOC_USE_SRTP 446
+SSL_F_TLS_POST_PROCESS_CLIENT_HELLO 378
+SSL_F_TLS_POST_PROCESS_CLIENT_KEY_EXCHANGE 384
+SSL_F_TLS_PREPARE_CLIENT_CERTIFICATE 360
+SSL_F_TLS_PROCESS_CERTIFICATE_REQUEST 361
+SSL_F_TLS_PROCESS_CERT_STATUS 362
+SSL_F_TLS_PROCESS_CERT_STATUS_BODY 495
+SSL_F_TLS_PROCESS_CERT_VERIFY 379
+SSL_F_TLS_PROCESS_CHANGE_CIPHER_SPEC 363
+SSL_F_TLS_PROCESS_CKE_DHE 411
+SSL_F_TLS_PROCESS_CKE_ECDHE 412
+SSL_F_TLS_PROCESS_CKE_GOST 413
+SSL_F_TLS_PROCESS_CKE_PSK_PREAMBLE 414
+SSL_F_TLS_PROCESS_CKE_RSA 415
+SSL_F_TLS_PROCESS_CKE_SRP 416
+SSL_F_TLS_PROCESS_CLIENT_CERTIFICATE 380
+SSL_F_TLS_PROCESS_CLIENT_HELLO 381
+SSL_F_TLS_PROCESS_CLIENT_KEY_EXCHANGE 382
+SSL_F_TLS_PROCESS_ENCRYPTED_EXTENSIONS 444
+SSL_F_TLS_PROCESS_END_OF_EARLY_DATA 537
+SSL_F_TLS_PROCESS_FINISHED 364
+SSL_F_TLS_PROCESS_HELLO_REQ 507
+SSL_F_TLS_PROCESS_HELLO_RETRY_REQUEST 511
+SSL_F_TLS_PROCESS_INITIAL_SERVER_FLIGHT 442
+SSL_F_TLS_PROCESS_KEY_EXCHANGE 365
+SSL_F_TLS_PROCESS_KEY_UPDATE 518
+SSL_F_TLS_PROCESS_NEW_SESSION_TICKET 366
+SSL_F_TLS_PROCESS_NEXT_PROTO 383
+SSL_F_TLS_PROCESS_SERVER_CERTIFICATE 367
+SSL_F_TLS_PROCESS_SERVER_DONE 368
+SSL_F_TLS_PROCESS_SERVER_HELLO 369
+SSL_F_TLS_PROCESS_SKE_DHE 419
+SSL_F_TLS_PROCESS_SKE_ECDHE 420
+SSL_F_TLS_PROCESS_SKE_PSK_PREAMBLE 421
+SSL_F_TLS_PROCESS_SKE_SRP 422
+SSL_F_TLS_PSK_DO_BINDER 506
+SSL_F_TLS_SCAN_CLIENTHELLO_TLSEXT 450
+SSL_F_TLS_SETUP_HANDSHAKE 508
+SSL_F_USE_CERTIFICATE_CHAIN_FILE 220
+TS_F_DEF_SERIAL_CB 110
+TS_F_DEF_TIME_CB 111
+TS_F_ESS_ADD_SIGNING_CERT 112
+TS_F_ESS_ADD_SIGNING_CERT_V2 147
+TS_F_ESS_CERT_ID_NEW_INIT 113
+TS_F_ESS_CERT_ID_V2_NEW_INIT 156
+TS_F_ESS_SIGNING_CERT_NEW_INIT 114
+TS_F_ESS_SIGNING_CERT_V2_NEW_INIT 157
+TS_F_INT_TS_RESP_VERIFY_TOKEN 149
+TS_F_PKCS7_TO_TS_TST_INFO 148
+TS_F_TS_ACCURACY_SET_MICROS 115
+TS_F_TS_ACCURACY_SET_MILLIS 116
+TS_F_TS_ACCURACY_SET_SECONDS 117
+TS_F_TS_CHECK_IMPRINTS 100
+TS_F_TS_CHECK_NONCES 101
+TS_F_TS_CHECK_POLICY 102
+TS_F_TS_CHECK_SIGNING_CERTS 103
+TS_F_TS_CHECK_STATUS_INFO 104
+TS_F_TS_COMPUTE_IMPRINT 145
+TS_F_TS_CONF_INVALID 151
+TS_F_TS_CONF_LOAD_CERT 153
+TS_F_TS_CONF_LOAD_CERTS 154
+TS_F_TS_CONF_LOAD_KEY 155
+TS_F_TS_CONF_LOOKUP_FAIL 152
+TS_F_TS_CONF_SET_DEFAULT_ENGINE 146
+TS_F_TS_GET_STATUS_TEXT 105
+TS_F_TS_MSG_IMPRINT_SET_ALGO 118
+TS_F_TS_REQ_SET_MSG_IMPRINT 119
+TS_F_TS_REQ_SET_NONCE 120
+TS_F_TS_REQ_SET_POLICY_ID 121
+TS_F_TS_RESP_CREATE_RESPONSE 122
+TS_F_TS_RESP_CREATE_TST_INFO 123
+TS_F_TS_RESP_CTX_ADD_FAILURE_INFO 124
+TS_F_TS_RESP_CTX_ADD_MD 125
+TS_F_TS_RESP_CTX_ADD_POLICY 126
+TS_F_TS_RESP_CTX_NEW 127
+TS_F_TS_RESP_CTX_SET_ACCURACY 128
+TS_F_TS_RESP_CTX_SET_CERTS 129
+TS_F_TS_RESP_CTX_SET_DEF_POLICY 130
+TS_F_TS_RESP_CTX_SET_SIGNER_CERT 131
+TS_F_TS_RESP_CTX_SET_STATUS_INFO 132
+TS_F_TS_RESP_GET_POLICY 133
+TS_F_TS_RESP_SET_GENTIME_WITH_PRECISION 134
+TS_F_TS_RESP_SET_STATUS_INFO 135
+TS_F_TS_RESP_SET_TST_INFO 150
+TS_F_TS_RESP_SIGN 136
+TS_F_TS_RESP_VERIFY_SIGNATURE 106
+TS_F_TS_TST_INFO_SET_ACCURACY 137
+TS_F_TS_TST_INFO_SET_MSG_IMPRINT 138
+TS_F_TS_TST_INFO_SET_NONCE 139
+TS_F_TS_TST_INFO_SET_POLICY_ID 140
+TS_F_TS_TST_INFO_SET_SERIAL 141
+TS_F_TS_TST_INFO_SET_TIME 142
+TS_F_TS_TST_INFO_SET_TSA 143
+TS_F_TS_VERIFY 108
+TS_F_TS_VERIFY_CERT 109
+TS_F_TS_VERIFY_CTX_NEW 144
+UI_F_CLOSE_CONSOLE 115
+UI_F_ECHO_CONSOLE 116
+UI_F_GENERAL_ALLOCATE_BOOLEAN 108
+UI_F_GENERAL_ALLOCATE_PROMPT 109
+UI_F_NOECHO_CONSOLE 117
+UI_F_OPEN_CONSOLE 114
+UI_F_UI_CREATE_METHOD 112
+UI_F_UI_CTRL 111
+UI_F_UI_DUP_ERROR_STRING 101
+UI_F_UI_DUP_INFO_STRING 102
+UI_F_UI_DUP_INPUT_BOOLEAN 110
+UI_F_UI_DUP_INPUT_STRING 103
+UI_F_UI_DUP_USER_DATA 118
+UI_F_UI_DUP_VERIFY_STRING 106
+UI_F_UI_GET0_RESULT 107
+UI_F_UI_NEW_METHOD 104
+UI_F_UI_PROCESS 113
+UI_F_UI_SET_RESULT 105
+X509V3_F_A2I_GENERAL_NAME 164
+X509V3_F_ADDR_VALIDATE_PATH_INTERNAL 166
+X509V3_F_ASIDENTIFIERCHOICE_CANONIZE 161
+X509V3_F_ASIDENTIFIERCHOICE_IS_CANONICAL 162
+X509V3_F_COPY_EMAIL 122
+X509V3_F_COPY_ISSUER 123
+X509V3_F_DO_DIRNAME 144
+X509V3_F_DO_EXT_I2D 135
+X509V3_F_DO_EXT_NCONF 151
+X509V3_F_GNAMES_FROM_SECTNAME 156
+X509V3_F_I2S_ASN1_ENUMERATED 121
+X509V3_F_I2S_ASN1_IA5STRING 149
+X509V3_F_I2S_ASN1_INTEGER 120
+X509V3_F_I2V_AUTHORITY_INFO_ACCESS 138
+X509V3_F_NOTICE_SECTION 132
+X509V3_F_NREF_NOS 133
+X509V3_F_POLICY_SECTION 131
+X509V3_F_PROCESS_PCI_VALUE 150
+X509V3_F_R2I_CERTPOL 130
+X509V3_F_R2I_PCI 155
+X509V3_F_S2I_ASN1_IA5STRING 100
+X509V3_F_S2I_ASN1_INTEGER 108
+X509V3_F_S2I_ASN1_OCTET_STRING 112
+X509V3_F_S2I_SKEY_ID 115
+X509V3_F_SET_DIST_POINT_NAME 158
+X509V3_F_SXNET_ADD_ID_ASC 125
+X509V3_F_SXNET_ADD_ID_INTEGER 126
+X509V3_F_SXNET_ADD_ID_ULONG 127
+X509V3_F_SXNET_GET_ID_ASC 128
+X509V3_F_SXNET_GET_ID_ULONG 129
+X509V3_F_V2I_ASIDENTIFIERS 163
+X509V3_F_V2I_ASN1_BIT_STRING 101
+X509V3_F_V2I_AUTHORITY_INFO_ACCESS 139
+X509V3_F_V2I_AUTHORITY_KEYID 119
+X509V3_F_V2I_BASIC_CONSTRAINTS 102
+X509V3_F_V2I_CRLD 134
+X509V3_F_V2I_EXTENDED_KEY_USAGE 103
+X509V3_F_V2I_GENERAL_NAMES 118
+X509V3_F_V2I_GENERAL_NAME_EX 117
+X509V3_F_V2I_IDP 157
+X509V3_F_V2I_IPADDRBLOCKS 159
+X509V3_F_V2I_ISSUER_ALT 153
+X509V3_F_V2I_NAME_CONSTRAINTS 147
+X509V3_F_V2I_POLICY_CONSTRAINTS 146
+X509V3_F_V2I_POLICY_MAPPINGS 145
+X509V3_F_V2I_SUBJECT_ALT 154
+X509V3_F_V2I_TLS_FEATURE 165
+X509V3_F_V3_GENERIC_EXTENSION 116
+X509V3_F_X509V3_ADD1_I2D 140
+X509V3_F_X509V3_ADD_VALUE 105
+X509V3_F_X509V3_EXT_ADD 104
+X509V3_F_X509V3_EXT_ADD_ALIAS 106
+X509V3_F_X509V3_EXT_I2D 136
+X509V3_F_X509V3_EXT_NCONF 152
+X509V3_F_X509V3_GET_SECTION 142
+X509V3_F_X509V3_GET_STRING 143
+X509V3_F_X509V3_GET_VALUE_BOOL 110
+X509V3_F_X509V3_PARSE_LIST 109
+X509V3_F_X509_PURPOSE_ADD 137
+X509V3_F_X509_PURPOSE_SET 141
+X509_F_ADD_CERT_DIR 100
+X509_F_BUILD_CHAIN 106
+X509_F_BY_FILE_CTRL 101
+X509_F_CHECK_NAME_CONSTRAINTS 149
+X509_F_CHECK_POLICY 145
+X509_F_DANE_I2D 107
+X509_F_DIR_CTRL 102
+X509_F_GET_CERT_BY_SUBJECT 103
+X509_F_NETSCAPE_SPKI_B64_DECODE 129
+X509_F_NETSCAPE_SPKI_B64_ENCODE 130
+X509_F_X509AT_ADD1_ATTR 135
+X509_F_X509V3_ADD_EXT 104
+X509_F_X509_ATTRIBUTE_CREATE_BY_NID 136
+X509_F_X509_ATTRIBUTE_CREATE_BY_OBJ 137
+X509_F_X509_ATTRIBUTE_CREATE_BY_TXT 140
+X509_F_X509_ATTRIBUTE_GET0_DATA 139
+X509_F_X509_ATTRIBUTE_SET1_DATA 138
+X509_F_X509_CHECK_PRIVATE_KEY 128
+X509_F_X509_CRL_DIFF 105
+X509_F_X509_CRL_PRINT_FP 147
+X509_F_X509_EXTENSION_CREATE_BY_NID 108
+X509_F_X509_EXTENSION_CREATE_BY_OBJ 109
+X509_F_X509_GET_PUBKEY_PARAMETERS 110
+X509_F_X509_LOAD_CERT_CRL_FILE 132
+X509_F_X509_LOAD_CERT_FILE 111
+X509_F_X509_LOAD_CRL_FILE 112
+X509_F_X509_NAME_ADD_ENTRY 113
+X509_F_X509_NAME_ENTRY_CREATE_BY_NID 114
+X509_F_X509_NAME_ENTRY_CREATE_BY_TXT 131
+X509_F_X509_NAME_ENTRY_SET_OBJECT 115
+X509_F_X509_NAME_ONELINE 116
+X509_F_X509_NAME_PRINT 117
+X509_F_X509_OBJECT_NEW 150
+X509_F_X509_PRINT_EX_FP 118
+X509_F_X509_PUBKEY_DECODE 148
+X509_F_X509_PUBKEY_GET0 119
+X509_F_X509_PUBKEY_SET 120
+X509_F_X509_REQ_CHECK_PRIVATE_KEY 144
+X509_F_X509_REQ_PRINT_EX 121
+X509_F_X509_REQ_PRINT_FP 122
+X509_F_X509_REQ_TO_X509 123
+X509_F_X509_STORE_ADD_CERT 124
+X509_F_X509_STORE_ADD_CRL 125
+X509_F_X509_STORE_CTX_GET1_ISSUER 146
+X509_F_X509_STORE_CTX_INIT 143
+X509_F_X509_STORE_CTX_NEW 142
+X509_F_X509_STORE_CTX_PURPOSE_INHERIT 134
+X509_F_X509_TO_X509_REQ 126
+X509_F_X509_TRUST_ADD 133
+X509_F_X509_TRUST_SET 141
+X509_F_X509_VERIFY_CERT 127
+ASN1_R_ADDING_OBJECT 171
+ASN1_R_ASN1_PARSE_ERROR 203
+ASN1_R_ASN1_SIG_PARSE_ERROR 204
+ASN1_R_AUX_ERROR 100
+ASN1_R_BAD_OBJECT_HEADER 102
+ASN1_R_BMPSTRING_IS_WRONG_LENGTH 214
+ASN1_R_BN_LIB 105
+ASN1_R_BOOLEAN_IS_WRONG_LENGTH 106
+ASN1_R_BUFFER_TOO_SMALL 107
+ASN1_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER 108
+ASN1_R_CONTEXT_NOT_INITIALISED 217
+ASN1_R_DATA_IS_WRONG 109
+ASN1_R_DECODE_ERROR 110
+ASN1_R_DEPTH_EXCEEDED 174
+ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED 198
+ASN1_R_ENCODE_ERROR 112
+ASN1_R_ERROR_GETTING_TIME 173
+ASN1_R_ERROR_LOADING_SECTION 172
+ASN1_R_ERROR_SETTING_CIPHER_PARAMS 114
+ASN1_R_EXPECTING_AN_INTEGER 115
+ASN1_R_EXPECTING_AN_OBJECT 116
+ASN1_R_EXPLICIT_LENGTH_MISMATCH 119
+ASN1_R_EXPLICIT_TAG_NOT_CONSTRUCTED 120
+ASN1_R_FIELD_MISSING 121
+ASN1_R_FIRST_NUM_TOO_LARGE 122
+ASN1_R_HEADER_TOO_LONG 123
+ASN1_R_ILLEGAL_BITSTRING_FORMAT 175
+ASN1_R_ILLEGAL_BOOLEAN 176
+ASN1_R_ILLEGAL_CHARACTERS 124
+ASN1_R_ILLEGAL_FORMAT 177
+ASN1_R_ILLEGAL_HEX 178
+ASN1_R_ILLEGAL_IMPLICIT_TAG 179
+ASN1_R_ILLEGAL_INTEGER 180
+ASN1_R_ILLEGAL_NEGATIVE_VALUE 226
+ASN1_R_ILLEGAL_NESTED_TAGGING 181
+ASN1_R_ILLEGAL_NULL 125
+ASN1_R_ILLEGAL_NULL_VALUE 182
+ASN1_R_ILLEGAL_OBJECT 183
+ASN1_R_ILLEGAL_OPTIONAL_ANY 126
+ASN1_R_ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE 170
+ASN1_R_ILLEGAL_PADDING 221
+ASN1_R_ILLEGAL_TAGGED_ANY 127
+ASN1_R_ILLEGAL_TIME_VALUE 184
+ASN1_R_ILLEGAL_ZERO_CONTENT 222
+ASN1_R_INTEGER_NOT_ASCII_FORMAT 185
+ASN1_R_INTEGER_TOO_LARGE_FOR_LONG 128
+ASN1_R_INVALID_BIT_STRING_BITS_LEFT 220
+ASN1_R_INVALID_BMPSTRING_LENGTH 129
+ASN1_R_INVALID_DIGIT 130
+ASN1_R_INVALID_MIME_TYPE 205
+ASN1_R_INVALID_MODIFIER 186
+ASN1_R_INVALID_NUMBER 187
+ASN1_R_INVALID_OBJECT_ENCODING 216
+ASN1_R_INVALID_SCRYPT_PARAMETERS 227
+ASN1_R_INVALID_SEPARATOR 131
+ASN1_R_INVALID_STRING_TABLE_VALUE 218
+ASN1_R_INVALID_UNIVERSALSTRING_LENGTH 133
+ASN1_R_INVALID_UTF8STRING 134
+ASN1_R_INVALID_VALUE 219
+ASN1_R_LIST_ERROR 188
+ASN1_R_MIME_NO_CONTENT_TYPE 206
+ASN1_R_MIME_PARSE_ERROR 207
+ASN1_R_MIME_SIG_PARSE_ERROR 208
+ASN1_R_MISSING_EOC 137
+ASN1_R_MISSING_SECOND_NUMBER 138
+ASN1_R_MISSING_VALUE 189
+ASN1_R_MSTRING_NOT_UNIVERSAL 139
+ASN1_R_MSTRING_WRONG_TAG 140
+ASN1_R_NESTED_ASN1_STRING 197
+ASN1_R_NON_HEX_CHARACTERS 141
+ASN1_R_NOT_ASCII_FORMAT 190
+ASN1_R_NOT_ENOUGH_DATA 142
+ASN1_R_NO_CONTENT_TYPE 209
+ASN1_R_NO_MATCHING_CHOICE_TYPE 143
+ASN1_R_NO_MULTIPART_BODY_FAILURE 210
+ASN1_R_NO_MULTIPART_BOUNDARY 211
+ASN1_R_NO_SIG_CONTENT_TYPE 212
+ASN1_R_NULL_IS_WRONG_LENGTH 144
+ASN1_R_OBJECT_NOT_ASCII_FORMAT 191
+ASN1_R_ODD_NUMBER_OF_CHARS 145
+ASN1_R_SECOND_NUMBER_TOO_LARGE 147
+ASN1_R_SEQUENCE_LENGTH_MISMATCH 148
+ASN1_R_SEQUENCE_NOT_CONSTRUCTED 149
+ASN1_R_SEQUENCE_OR_SET_NEEDS_CONFIG 192
+ASN1_R_SHORT_LINE 150
+ASN1_R_SIG_INVALID_MIME_TYPE 213
+ASN1_R_STREAMING_NOT_SUPPORTED 202
+ASN1_R_STRING_TOO_LONG 151
+ASN1_R_STRING_TOO_SHORT 152
+ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 154
+ASN1_R_TIME_NOT_ASCII_FORMAT 193
+ASN1_R_TOO_LARGE 223
+ASN1_R_TOO_LONG 155
+ASN1_R_TOO_SMALL 224
+ASN1_R_TYPE_NOT_CONSTRUCTED 156
+ASN1_R_TYPE_NOT_PRIMITIVE 195
+ASN1_R_UNEXPECTED_EOC 159
+ASN1_R_UNIVERSALSTRING_IS_WRONG_LENGTH 215
+ASN1_R_UNKNOWN_FORMAT 160
+ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM 161
+ASN1_R_UNKNOWN_OBJECT_TYPE 162
+ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE 163
+ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM 199
+ASN1_R_UNKNOWN_TAG 194
+ASN1_R_UNSUPPORTED_ANY_DEFINED_BY_TYPE 164
+ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE 167
+ASN1_R_UNSUPPORTED_TYPE 196
+ASN1_R_WRONG_INTEGER_TYPE 225
+ASN1_R_WRONG_PUBLIC_KEY_TYPE 200
+ASN1_R_WRONG_TAG 168
+ASYNC_R_FAILED_TO_SET_POOL 101
+ASYNC_R_FAILED_TO_SWAP_CONTEXT 102
+ASYNC_R_INIT_FAILED 105
+ASYNC_R_INVALID_POOL_SIZE 103
+BIO_R_ACCEPT_ERROR 100
+BIO_R_ADDRINFO_ADDR_IS_NOT_AF_INET 141
+BIO_R_AMBIGUOUS_HOST_OR_SERVICE 129
+BIO_R_BAD_FOPEN_MODE 101
+BIO_R_BROKEN_PIPE 124
+BIO_R_CONNECT_ERROR 103
+BIO_R_GETHOSTBYNAME_ADDR_IS_NOT_AF_INET 107
+BIO_R_GETSOCKNAME_ERROR 132
+BIO_R_GETSOCKNAME_TRUNCATED_ADDRESS 133
+BIO_R_GETTING_SOCKTYPE 134
+BIO_R_INVALID_ARGUMENT 125
+BIO_R_INVALID_SOCKET 135
+BIO_R_IN_USE 123
+BIO_R_LENGTH_TOO_LONG 102
+BIO_R_LISTEN_V6_ONLY 136
+BIO_R_LOOKUP_RETURNED_NOTHING 142
+BIO_R_MALFORMED_HOST_OR_SERVICE 130
+BIO_R_NBIO_CONNECT_ERROR 110
+BIO_R_NO_ACCEPT_ADDR_OR_SERVICE_SPECIFIED 143
+BIO_R_NO_HOSTNAME_OR_SERVICE_SPECIFIED 144
+BIO_R_NO_PORT_DEFINED 113
+BIO_R_NO_SUCH_FILE 128
+BIO_R_NULL_PARAMETER 115
+BIO_R_UNABLE_TO_BIND_SOCKET 117
+BIO_R_UNABLE_TO_CREATE_SOCKET 118
+BIO_R_UNABLE_TO_KEEPALIVE 137
+BIO_R_UNABLE_TO_LISTEN_SOCKET 119
+BIO_R_UNABLE_TO_NODELAY 138
+BIO_R_UNABLE_TO_REUSEADDR 139
+BIO_R_UNAVAILABLE_IP_FAMILY 145
+BIO_R_UNINITIALIZED 120
+BIO_R_UNKNOWN_INFO_TYPE 140
+BIO_R_UNSUPPORTED_IP_FAMILY 146
+BIO_R_UNSUPPORTED_METHOD 121
+BIO_R_UNSUPPORTED_PROTOCOL_FAMILY 131
+BIO_R_WRITE_TO_READ_ONLY_BIO 126
+BIO_R_WSASTARTUP 122
+BN_R_ARG2_LT_ARG3 100
+BN_R_BAD_RECIPROCAL 101
+BN_R_BIGNUM_TOO_LONG 114
+BN_R_BITS_TOO_SMALL 118
+BN_R_CALLED_WITH_EVEN_MODULUS 102
+BN_R_DIV_BY_ZERO 103
+BN_R_ENCODING_ERROR 104
+BN_R_EXPAND_ON_STATIC_BIGNUM_DATA 105
+BN_R_INPUT_NOT_REDUCED 110
+BN_R_INVALID_LENGTH 106
+BN_R_INVALID_RANGE 115
+BN_R_INVALID_SHIFT 119
+BN_R_NOT_A_SQUARE 111
+BN_R_NOT_INITIALIZED 107
+BN_R_NO_INVERSE 108
+BN_R_NO_SOLUTION 116
+BN_R_PRIVATE_KEY_TOO_LARGE 117
+BN_R_P_IS_NOT_PRIME 112
+BN_R_TOO_MANY_ITERATIONS 113
+BN_R_TOO_MANY_TEMPORARY_VARIABLES 109
+CMS_R_ADD_SIGNER_ERROR 99
+CMS_R_CERTIFICATE_ALREADY_PRESENT 175
+CMS_R_CERTIFICATE_HAS_NO_KEYID 160
+CMS_R_CERTIFICATE_VERIFY_ERROR 100
+CMS_R_CIPHER_INITIALISATION_ERROR 101
+CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR 102
+CMS_R_CMS_DATAFINAL_ERROR 103
+CMS_R_CMS_LIB 104
+CMS_R_CONTENTIDENTIFIER_MISMATCH 170
+CMS_R_CONTENT_NOT_FOUND 105
+CMS_R_CONTENT_TYPE_MISMATCH 171
+CMS_R_CONTENT_TYPE_NOT_COMPRESSED_DATA 106
+CMS_R_CONTENT_TYPE_NOT_ENVELOPED_DATA 107
+CMS_R_CONTENT_TYPE_NOT_SIGNED_DATA 108
+CMS_R_CONTENT_VERIFY_ERROR 109
+CMS_R_CTRL_ERROR 110
+CMS_R_CTRL_FAILURE 111
+CMS_R_DECRYPT_ERROR 112
+CMS_R_ERROR_GETTING_PUBLIC_KEY 113
+CMS_R_ERROR_READING_MESSAGEDIGEST_ATTRIBUTE 114
+CMS_R_ERROR_SETTING_KEY 115
+CMS_R_ERROR_SETTING_RECIPIENTINFO 116
+CMS_R_INVALID_ENCRYPTED_KEY_LENGTH 117
+CMS_R_INVALID_KEY_ENCRYPTION_PARAMETER 176
+CMS_R_INVALID_KEY_LENGTH 118
+CMS_R_MD_BIO_INIT_ERROR 119
+CMS_R_MESSAGEDIGEST_ATTRIBUTE_WRONG_LENGTH 120
+CMS_R_MESSAGEDIGEST_WRONG_LENGTH 121
+CMS_R_MSGSIGDIGEST_ERROR 172
+CMS_R_MSGSIGDIGEST_VERIFICATION_FAILURE 162
+CMS_R_MSGSIGDIGEST_WRONG_LENGTH 163
+CMS_R_NEED_ONE_SIGNER 164
+CMS_R_NOT_A_SIGNED_RECEIPT 165
+CMS_R_NOT_ENCRYPTED_DATA 122
+CMS_R_NOT_KEK 123
+CMS_R_NOT_KEY_AGREEMENT 181
+CMS_R_NOT_KEY_TRANSPORT 124
+CMS_R_NOT_PWRI 177
+CMS_R_NOT_SUPPORTED_FOR_THIS_KEY_TYPE 125
+CMS_R_NO_CIPHER 126
+CMS_R_NO_CONTENT 127
+CMS_R_NO_CONTENT_TYPE 173
+CMS_R_NO_DEFAULT_DIGEST 128
+CMS_R_NO_DIGEST_SET 129
+CMS_R_NO_KEY 130
+CMS_R_NO_KEY_OR_CERT 174
+CMS_R_NO_MATCHING_DIGEST 131
+CMS_R_NO_MATCHING_RECIPIENT 132
+CMS_R_NO_MATCHING_SIGNATURE 166
+CMS_R_NO_MSGSIGDIGEST 167
+CMS_R_NO_PASSWORD 178
+CMS_R_NO_PRIVATE_KEY 133
+CMS_R_NO_PUBLIC_KEY 134
+CMS_R_NO_RECEIPT_REQUEST 168
+CMS_R_NO_SIGNERS 135
+CMS_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE 136
+CMS_R_RECEIPT_DECODE_ERROR 169
+CMS_R_RECIPIENT_ERROR 137
+CMS_R_SIGNER_CERTIFICATE_NOT_FOUND 138
+CMS_R_SIGNFINAL_ERROR 139
+CMS_R_SMIME_TEXT_ERROR 140
+CMS_R_STORE_INIT_ERROR 141
+CMS_R_TYPE_NOT_COMPRESSED_DATA 142
+CMS_R_TYPE_NOT_DATA 143
+CMS_R_TYPE_NOT_DIGESTED_DATA 144
+CMS_R_TYPE_NOT_ENCRYPTED_DATA 145
+CMS_R_TYPE_NOT_ENVELOPED_DATA 146
+CMS_R_UNABLE_TO_FINALIZE_CONTEXT 147
+CMS_R_UNKNOWN_CIPHER 148
+CMS_R_UNKNOWN_DIGEST_ALGORITHM 149
+CMS_R_UNKNOWN_ID 150
+CMS_R_UNSUPPORTED_COMPRESSION_ALGORITHM 151
+CMS_R_UNSUPPORTED_CONTENT_TYPE 152
+CMS_R_UNSUPPORTED_KEK_ALGORITHM 153
+CMS_R_UNSUPPORTED_KEY_ENCRYPTION_ALGORITHM 179
+CMS_R_UNSUPPORTED_RECIPIENTINFO_TYPE 155
+CMS_R_UNSUPPORTED_RECIPIENT_TYPE 154
+CMS_R_UNSUPPORTED_TYPE 156
+CMS_R_UNWRAP_ERROR 157
+CMS_R_UNWRAP_FAILURE 180
+CMS_R_VERIFICATION_FAILURE 158
+CMS_R_WRAP_ERROR 159
+COMP_R_ZLIB_DEFLATE_ERROR 99
+COMP_R_ZLIB_INFLATE_ERROR 100
+COMP_R_ZLIB_NOT_SUPPORTED 101
+CONF_R_ERROR_LOADING_DSO 110
+CONF_R_LIST_CANNOT_BE_NULL 115
+CONF_R_MISSING_CLOSE_SQUARE_BRACKET 100
+CONF_R_MISSING_EQUAL_SIGN 101
+CONF_R_MISSING_INIT_FUNCTION 112
+CONF_R_MODULE_INITIALIZATION_ERROR 109
+CONF_R_NO_CLOSE_BRACE 102
+CONF_R_NO_CONF 105
+CONF_R_NO_CONF_OR_ENVIRONMENT_VARIABLE 106
+CONF_R_NO_SECTION 107
+CONF_R_NO_SUCH_FILE 114
+CONF_R_NO_VALUE 108
+CONF_R_UNABLE_TO_CREATE_NEW_SECTION 103
+CONF_R_UNKNOWN_MODULE_NAME 113
+CONF_R_VARIABLE_EXPANSION_TOO_LONG 116
+CONF_R_VARIABLE_HAS_NO_VALUE 104
+CRYPTO_R_FIPS_MODE_NOT_SUPPORTED 101
+CRYPTO_R_ILLEGAL_HEX_DIGIT 102
+CRYPTO_R_ODD_NUMBER_OF_DIGITS 103
+CT_R_BASE64_DECODE_ERROR 108
+CT_R_INVALID_LOG_ID_LENGTH 100
+CT_R_LOG_CONF_INVALID 109
+CT_R_LOG_CONF_INVALID_KEY 110
+CT_R_LOG_CONF_MISSING_DESCRIPTION 111
+CT_R_LOG_CONF_MISSING_KEY 112
+CT_R_LOG_KEY_INVALID 113
+CT_R_SCT_FUTURE_TIMESTAMP 116
+CT_R_SCT_INVALID 104
+CT_R_SCT_INVALID_SIGNATURE 107
+CT_R_SCT_LIST_INVALID 105
+CT_R_SCT_LOG_ID_MISMATCH 114
+CT_R_SCT_NOT_SET 106
+CT_R_SCT_UNSUPPORTED_VERSION 115
+CT_R_UNRECOGNIZED_SIGNATURE_NID 101
+CT_R_UNSUPPORTED_ENTRY_TYPE 102
+CT_R_UNSUPPORTED_VERSION 103
+DH_R_BAD_GENERATOR 101
+DH_R_BN_DECODE_ERROR 109
+DH_R_BN_ERROR 106
+DH_R_DECODE_ERROR 104
+DH_R_INVALID_PUBKEY 102
+DH_R_KDF_PARAMETER_ERROR 112
+DH_R_KEYS_NOT_SET 108
+DH_R_MODULUS_TOO_LARGE 103
+DH_R_NO_PARAMETERS_SET 107
+DH_R_NO_PRIVATE_VALUE 100
+DH_R_PARAMETER_ENCODING_ERROR 105
+DH_R_PEER_KEY_ERROR 111
+DH_R_SHARED_INFO_ERROR 113
+DSA_R_BAD_Q_VALUE 102
+DSA_R_BN_DECODE_ERROR 108
+DSA_R_BN_ERROR 109
+DSA_R_DECODE_ERROR 104
+DSA_R_INVALID_DIGEST_TYPE 106
+DSA_R_INVALID_PARAMETERS 112
+DSA_R_MISSING_PARAMETERS 101
+DSA_R_MODULUS_TOO_LARGE 103
+DSA_R_NO_PARAMETERS_SET 107
+DSA_R_PARAMETER_ENCODING_ERROR 105
+DSA_R_Q_NOT_PRIME 113
+DSA_R_SEED_LEN_SMALL 110
+DSO_R_CTRL_FAILED 100
+DSO_R_DSO_ALREADY_LOADED 110
+DSO_R_EMPTY_FILE_STRUCTURE 113
+DSO_R_FAILURE 114
+DSO_R_FILENAME_TOO_BIG 101
+DSO_R_FINISH_FAILED 102
+DSO_R_INCORRECT_FILE_SYNTAX 115
+DSO_R_LOAD_FAILED 103
+DSO_R_NAME_TRANSLATION_FAILED 109
+DSO_R_NO_FILENAME 111
+DSO_R_NULL_HANDLE 104
+DSO_R_SET_FILENAME_FAILED 112
+DSO_R_STACK_ERROR 105
+DSO_R_SYM_FAILURE 106
+DSO_R_UNLOAD_FAILED 107
+DSO_R_UNSUPPORTED 108
+EC_R_ASN1_ERROR 115
+EC_R_BAD_SIGNATURE 156
+EC_R_BIGNUM_OUT_OF_RANGE 144
+EC_R_BUFFER_TOO_SMALL 100
+EC_R_COORDINATES_OUT_OF_RANGE 146
+EC_R_CURVE_DOES_NOT_SUPPORT_ECDH 160
+EC_R_CURVE_DOES_NOT_SUPPORT_SIGNING 159
+EC_R_D2I_ECPKPARAMETERS_FAILURE 117
+EC_R_DECODE_ERROR 142
+EC_R_DISCRIMINANT_IS_ZERO 118
+EC_R_EC_GROUP_NEW_BY_NAME_FAILURE 119
+EC_R_FIELD_TOO_LARGE 143
+EC_R_GF2M_NOT_SUPPORTED 147
+EC_R_GROUP2PKPARAMETERS_FAILURE 120
+EC_R_I2D_ECPKPARAMETERS_FAILURE 121
+EC_R_INCOMPATIBLE_OBJECTS 101
+EC_R_INVALID_ARGUMENT 112
+EC_R_INVALID_COMPRESSED_POINT 110
+EC_R_INVALID_COMPRESSION_BIT 109
+EC_R_INVALID_CURVE 141
+EC_R_INVALID_DIGEST 151
+EC_R_INVALID_DIGEST_TYPE 138
+EC_R_INVALID_ENCODING 102
+EC_R_INVALID_FIELD 103
+EC_R_INVALID_FORM 104
+EC_R_INVALID_GROUP_ORDER 122
+EC_R_INVALID_KEY 116
+EC_R_INVALID_OUTPUT_LENGTH 161
+EC_R_INVALID_PEER_KEY 133
+EC_R_INVALID_PENTANOMIAL_BASIS 132
+EC_R_INVALID_PRIVATE_KEY 123
+EC_R_INVALID_TRINOMIAL_BASIS 137
+EC_R_KDF_PARAMETER_ERROR 148
+EC_R_KEYS_NOT_SET 140
+EC_R_MISSING_PARAMETERS 124
+EC_R_MISSING_PRIVATE_KEY 125
+EC_R_NEED_NEW_SETUP_VALUES 157
+EC_R_NOT_A_NIST_PRIME 135
+EC_R_NOT_IMPLEMENTED 126
+EC_R_NOT_INITIALIZED 111
+EC_R_NO_PARAMETERS_SET 139
+EC_R_NO_PRIVATE_VALUE 154
+EC_R_OPERATION_NOT_SUPPORTED 152
+EC_R_PASSED_NULL_PARAMETER 134
+EC_R_PEER_KEY_ERROR 149
+EC_R_PKPARAMETERS2GROUP_FAILURE 127
+EC_R_POINT_ARITHMETIC_FAILURE 155
+EC_R_POINT_AT_INFINITY 106
+EC_R_POINT_IS_NOT_ON_CURVE 107
+EC_R_RANDOM_NUMBER_GENERATION_FAILED 158
+EC_R_SHARED_INFO_ERROR 150
+EC_R_SLOT_FULL 108
+EC_R_UNDEFINED_GENERATOR 113
+EC_R_UNDEFINED_ORDER 128
+EC_R_UNKNOWN_GROUP 129
+EC_R_UNKNOWN_ORDER 114
+EC_R_UNSUPPORTED_FIELD 131
+EC_R_WRONG_CURVE_PARAMETERS 145
+EC_R_WRONG_ORDER 130
+ENGINE_R_ALREADY_LOADED 100
+ENGINE_R_ARGUMENT_IS_NOT_A_NUMBER 133
+ENGINE_R_CMD_NOT_EXECUTABLE 134
+ENGINE_R_COMMAND_TAKES_INPUT 135
+ENGINE_R_COMMAND_TAKES_NO_INPUT 136
+ENGINE_R_CONFLICTING_ENGINE_ID 103
+ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED 119
+ENGINE_R_DSO_FAILURE 104
+ENGINE_R_DSO_NOT_FOUND 132
+ENGINE_R_ENGINES_SECTION_ERROR 148
+ENGINE_R_ENGINE_CONFIGURATION_ERROR 102
+ENGINE_R_ENGINE_IS_NOT_IN_LIST 105
+ENGINE_R_ENGINE_SECTION_ERROR 149
+ENGINE_R_FAILED_LOADING_PRIVATE_KEY 128
+ENGINE_R_FAILED_LOADING_PUBLIC_KEY 129
+ENGINE_R_FINISH_FAILED 106
+ENGINE_R_ID_OR_NAME_MISSING 108
+ENGINE_R_INIT_FAILED 109
+ENGINE_R_INTERNAL_LIST_ERROR 110
+ENGINE_R_INVALID_ARGUMENT 143
+ENGINE_R_INVALID_CMD_NAME 137
+ENGINE_R_INVALID_CMD_NUMBER 138
+ENGINE_R_INVALID_INIT_VALUE 151
+ENGINE_R_INVALID_STRING 150
+ENGINE_R_NOT_INITIALISED 117
+ENGINE_R_NOT_LOADED 112
+ENGINE_R_NO_CONTROL_FUNCTION 120
+ENGINE_R_NO_INDEX 144
+ENGINE_R_NO_LOAD_FUNCTION 125
+ENGINE_R_NO_REFERENCE 130
+ENGINE_R_NO_SUCH_ENGINE 116
+ENGINE_R_UNIMPLEMENTED_CIPHER 146
+ENGINE_R_UNIMPLEMENTED_DIGEST 147
+ENGINE_R_UNIMPLEMENTED_PUBLIC_KEY_METHOD 101
+ENGINE_R_VERSION_INCOMPATIBILITY 145
+EVP_R_AES_KEY_SETUP_FAILED 143
+EVP_R_ARIA_KEY_SETUP_FAILED 176
+EVP_R_BAD_DECRYPT 100
+EVP_R_BUFFER_TOO_SMALL 155
+EVP_R_CAMELLIA_KEY_SETUP_FAILED 157
+EVP_R_CIPHER_PARAMETER_ERROR 122
+EVP_R_COMMAND_NOT_SUPPORTED 147
+EVP_R_COPY_ERROR 173
+EVP_R_CTRL_NOT_IMPLEMENTED 132
+EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED 133
+EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH 138
+EVP_R_DECODE_ERROR 114
+EVP_R_DIFFERENT_KEY_TYPES 101
+EVP_R_DIFFERENT_PARAMETERS 153
+EVP_R_ERROR_LOADING_SECTION 165
+EVP_R_ERROR_SETTING_FIPS_MODE 166
+EVP_R_EXPECTING_AN_HMAC_KEY 174
+EVP_R_EXPECTING_AN_RSA_KEY 127
+EVP_R_EXPECTING_A_DH_KEY 128
+EVP_R_EXPECTING_A_DSA_KEY 129
+EVP_R_EXPECTING_A_EC_KEY 142
+EVP_R_EXPECTING_A_POLY1305_KEY 164
+EVP_R_EXPECTING_A_SIPHASH_KEY 175
+EVP_R_FIPS_MODE_NOT_SUPPORTED 167
+EVP_R_ILLEGAL_SCRYPT_PARAMETERS 171
+EVP_R_INITIALIZATION_ERROR 134
+EVP_R_INPUT_NOT_INITIALIZED 111
+EVP_R_INVALID_DIGEST 152
+EVP_R_INVALID_FIPS_MODE 168
+EVP_R_INVALID_KEY 163
+EVP_R_INVALID_KEY_LENGTH 130
+EVP_R_INVALID_OPERATION 148
+EVP_R_KEYGEN_FAILURE 120
+EVP_R_MEMORY_LIMIT_EXCEEDED 172
+EVP_R_MESSAGE_DIGEST_IS_NULL 159
+EVP_R_METHOD_NOT_SUPPORTED 144
+EVP_R_MISSING_PARAMETERS 103
+EVP_R_NO_CIPHER_SET 131
+EVP_R_NO_DEFAULT_DIGEST 158
+EVP_R_NO_DIGEST_SET 139
+EVP_R_NO_KEY_SET 154
+EVP_R_NO_OPERATION_SET 149
+EVP_R_ONLY_ONESHOT_SUPPORTED 177
+EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE 150
+EVP_R_OPERATON_NOT_INITIALIZED 151
+EVP_R_PARTIALLY_OVERLAPPING 162
+EVP_R_PRIVATE_KEY_DECODE_ERROR 145
+EVP_R_PRIVATE_KEY_ENCODE_ERROR 146
+EVP_R_PUBLIC_KEY_NOT_RSA 106
+EVP_R_UNKNOWN_CIPHER 160
+EVP_R_UNKNOWN_DIGEST 161
+EVP_R_UNKNOWN_OPTION 169
+EVP_R_UNKNOWN_PBE_ALGORITHM 121
+EVP_R_UNSUPPORTED_ALGORITHM 156
+EVP_R_UNSUPPORTED_CIPHER 107
+EVP_R_UNSUPPORTED_KEYLENGTH 123
+EVP_R_UNSUPPORTED_KEY_DERIVATION_FUNCTION 124
+EVP_R_UNSUPPORTED_KEY_SIZE 108
+EVP_R_UNSUPPORTED_NUMBER_OF_ROUNDS 135
+EVP_R_UNSUPPORTED_PRF 125
+EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM 118
+EVP_R_UNSUPPORTED_SALT_TYPE 126
+EVP_R_WRAP_MODE_NOT_ALLOWED 170
+EVP_R_WRONG_FINAL_BLOCK_LENGTH 109
+KDF_R_INVALID_DIGEST 100
+KDF_R_MISSING_PARAMETER 101
+KDF_R_VALUE_MISSING 102
+OBJ_R_OID_EXISTS 102
+OBJ_R_UNKNOWN_NID 101
+OCSP_R_CERTIFICATE_VERIFY_ERROR 101
+OCSP_R_DIGEST_ERR 102
+OCSP_R_ERROR_IN_NEXTUPDATE_FIELD 122
+OCSP_R_ERROR_IN_THISUPDATE_FIELD 123
+OCSP_R_ERROR_PARSING_URL 121
+OCSP_R_MISSING_OCSPSIGNING_USAGE 103
+OCSP_R_NEXTUPDATE_BEFORE_THISUPDATE 124
+OCSP_R_NOT_BASIC_RESPONSE 104
+OCSP_R_NO_CERTIFICATES_IN_CHAIN 105
+OCSP_R_NO_RESPONSE_DATA 108
+OCSP_R_NO_REVOKED_TIME 109
+OCSP_R_NO_SIGNER_KEY 130
+OCSP_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE 110
+OCSP_R_REQUEST_NOT_SIGNED 128
+OCSP_R_RESPONSE_CONTAINS_NO_REVOCATION_DATA 111
+OCSP_R_ROOT_CA_NOT_TRUSTED 112
+OCSP_R_SERVER_RESPONSE_ERROR 114
+OCSP_R_SERVER_RESPONSE_PARSE_ERROR 115
+OCSP_R_SIGNATURE_FAILURE 117
+OCSP_R_SIGNER_CERTIFICATE_NOT_FOUND 118
+OCSP_R_STATUS_EXPIRED 125
+OCSP_R_STATUS_NOT_YET_VALID 126
+OCSP_R_STATUS_TOO_OLD 127
+OCSP_R_UNKNOWN_MESSAGE_DIGEST 119
+OCSP_R_UNKNOWN_NID 120
+OCSP_R_UNSUPPORTED_REQUESTORNAME_TYPE 129
+PEM_R_BAD_BASE64_DECODE 100
+PEM_R_BAD_DECRYPT 101
+PEM_R_BAD_END_LINE 102
+PEM_R_BAD_IV_CHARS 103
+PEM_R_BAD_MAGIC_NUMBER 116
+PEM_R_BAD_PASSWORD_READ 104
+PEM_R_BAD_VERSION_NUMBER 117
+PEM_R_BIO_WRITE_FAILURE 118
+PEM_R_CIPHER_IS_NULL 127
+PEM_R_ERROR_CONVERTING_PRIVATE_KEY 115
+PEM_R_EXPECTING_PRIVATE_KEY_BLOB 119
+PEM_R_EXPECTING_PUBLIC_KEY_BLOB 120
+PEM_R_HEADER_TOO_LONG 128
+PEM_R_INCONSISTENT_HEADER 121
+PEM_R_KEYBLOB_HEADER_PARSE_ERROR 122
+PEM_R_KEYBLOB_TOO_SHORT 123
+PEM_R_MISSING_DEK_IV 129
+PEM_R_NOT_DEK_INFO 105
+PEM_R_NOT_ENCRYPTED 106
+PEM_R_NOT_PROC_TYPE 107
+PEM_R_NO_START_LINE 108
+PEM_R_PROBLEMS_GETTING_PASSWORD 109
+PEM_R_PVK_DATA_TOO_SHORT 124
+PEM_R_PVK_TOO_SHORT 125
+PEM_R_READ_KEY 111
+PEM_R_SHORT_HEADER 112
+PEM_R_UNEXPECTED_DEK_IV 130
+PEM_R_UNSUPPORTED_CIPHER 113
+PEM_R_UNSUPPORTED_ENCRYPTION 114
+PEM_R_UNSUPPORTED_KEY_COMPONENTS 126
+PKCS12_R_CANT_PACK_STRUCTURE 100
+PKCS12_R_CONTENT_TYPE_NOT_DATA 121
+PKCS12_R_DECODE_ERROR 101
+PKCS12_R_ENCODE_ERROR 102
+PKCS12_R_ENCRYPT_ERROR 103
+PKCS12_R_ERROR_SETTING_ENCRYPTED_DATA_TYPE 120
+PKCS12_R_INVALID_NULL_ARGUMENT 104
+PKCS12_R_INVALID_NULL_PKCS12_POINTER 105
+PKCS12_R_IV_GEN_ERROR 106
+PKCS12_R_KEY_GEN_ERROR 107
+PKCS12_R_MAC_ABSENT 108
+PKCS12_R_MAC_GENERATION_ERROR 109
+PKCS12_R_MAC_SETUP_ERROR 110
+PKCS12_R_MAC_STRING_SET_ERROR 111
+PKCS12_R_MAC_VERIFY_FAILURE 113
+PKCS12_R_PARSE_ERROR 114
+PKCS12_R_PKCS12_ALGOR_CIPHERINIT_ERROR 115
+PKCS12_R_PKCS12_CIPHERFINAL_ERROR 116
+PKCS12_R_PKCS12_PBE_CRYPT_ERROR 117
+PKCS12_R_UNKNOWN_DIGEST_ALGORITHM 118
+PKCS12_R_UNSUPPORTED_PKCS12_MODE 119
+PKCS7_R_CERTIFICATE_VERIFY_ERROR 117
+PKCS7_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER 144
+PKCS7_R_CIPHER_NOT_INITIALIZED 116
+PKCS7_R_CONTENT_AND_DATA_PRESENT 118
+PKCS7_R_CTRL_ERROR 152
+PKCS7_R_DECRYPT_ERROR 119
+PKCS7_R_DIGEST_FAILURE 101
+PKCS7_R_ENCRYPTION_CTRL_FAILURE 149
+PKCS7_R_ENCRYPTION_NOT_SUPPORTED_FOR_THIS_KEY_TYPE 150
+PKCS7_R_ERROR_ADDING_RECIPIENT 120
+PKCS7_R_ERROR_SETTING_CIPHER 121
+PKCS7_R_INVALID_NULL_POINTER 143
+PKCS7_R_INVALID_SIGNED_DATA_TYPE 155
+PKCS7_R_NO_CONTENT 122
+PKCS7_R_NO_DEFAULT_DIGEST 151
+PKCS7_R_NO_MATCHING_DIGEST_TYPE_FOUND 154
+PKCS7_R_NO_RECIPIENT_MATCHES_CERTIFICATE 115
+PKCS7_R_NO_SIGNATURES_ON_DATA 123
+PKCS7_R_NO_SIGNERS 142
+PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE 104
+PKCS7_R_PKCS7_ADD_SIGNATURE_ERROR 124
+PKCS7_R_PKCS7_ADD_SIGNER_ERROR 153
+PKCS7_R_PKCS7_DATASIGN 145
+PKCS7_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE 127
+PKCS7_R_SIGNATURE_FAILURE 105
+PKCS7_R_SIGNER_CERTIFICATE_NOT_FOUND 128
+PKCS7_R_SIGNING_CTRL_FAILURE 147
+PKCS7_R_SIGNING_NOT_SUPPORTED_FOR_THIS_KEY_TYPE 148
+PKCS7_R_SMIME_TEXT_ERROR 129
+PKCS7_R_UNABLE_TO_FIND_CERTIFICATE 106
+PKCS7_R_UNABLE_TO_FIND_MEM_BIO 107
+PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST 108
+PKCS7_R_UNKNOWN_DIGEST_TYPE 109
+PKCS7_R_UNKNOWN_OPERATION 110
+PKCS7_R_UNSUPPORTED_CIPHER_TYPE 111
+PKCS7_R_UNSUPPORTED_CONTENT_TYPE 112
+PKCS7_R_WRONG_CONTENT_TYPE 113
+PKCS7_R_WRONG_PKCS7_TYPE 114
+RAND_R_PRNG_NOT_SEEDED 100
+RSA_R_ALGORITHM_MISMATCH 100
+RSA_R_BAD_E_VALUE 101
+RSA_R_BAD_FIXED_HEADER_DECRYPT 102
+RSA_R_BAD_PAD_BYTE_COUNT 103
+RSA_R_BAD_SIGNATURE 104
+RSA_R_BLOCK_TYPE_IS_NOT_01 106
+RSA_R_BLOCK_TYPE_IS_NOT_02 107
+RSA_R_DATA_GREATER_THAN_MOD_LEN 108
+RSA_R_DATA_TOO_LARGE 109
+RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE 110
+RSA_R_DATA_TOO_LARGE_FOR_MODULUS 132
+RSA_R_DATA_TOO_SMALL 111
+RSA_R_DATA_TOO_SMALL_FOR_KEY_SIZE 122
+RSA_R_DIGEST_DOES_NOT_MATCH 158
+RSA_R_DIGEST_NOT_ALLOWED 145
+RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY 112
+RSA_R_DMP1_NOT_CONGRUENT_TO_D 124
+RSA_R_DMQ1_NOT_CONGRUENT_TO_D 125
+RSA_R_D_E_NOT_CONGRUENT_TO_1 123
+RSA_R_FIRST_OCTET_INVALID 133
+RSA_R_ILLEGAL_OR_UNSUPPORTED_PADDING_MODE 144
+RSA_R_INVALID_DIGEST 157
+RSA_R_INVALID_DIGEST_LENGTH 143
+RSA_R_INVALID_HEADER 137
+RSA_R_INVALID_LABEL 160
+RSA_R_INVALID_MESSAGE_LENGTH 131
+RSA_R_INVALID_MGF1_MD 156
+RSA_R_INVALID_OAEP_PARAMETERS 161
+RSA_R_INVALID_PADDING 138
+RSA_R_INVALID_PADDING_MODE 141
+RSA_R_INVALID_PSS_PARAMETERS 149
+RSA_R_INVALID_PSS_SALTLEN 146
+RSA_R_INVALID_SALT_LENGTH 150
+RSA_R_INVALID_TRAILER 139
+RSA_R_INVALID_X931_DIGEST 142
+RSA_R_IQMP_NOT_INVERSE_OF_Q 126
+RSA_R_KEY_SIZE_TOO_SMALL 120
+RSA_R_LAST_OCTET_INVALID 134
+RSA_R_MGF1_DIGEST_NOT_ALLOWED 152
+RSA_R_MODULUS_TOO_LARGE 105
+RSA_R_NO_PUBLIC_EXPONENT 140
+RSA_R_NULL_BEFORE_BLOCK_MISSING 113
+RSA_R_N_DOES_NOT_EQUAL_P_Q 127
+RSA_R_OAEP_DECODING_ERROR 121
+RSA_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE 148
+RSA_R_PADDING_CHECK_FAILED 114
+RSA_R_PKCS_DECODING_ERROR 159
+RSA_R_PSS_SALTLEN_TOO_SMALL 164
+RSA_R_P_NOT_PRIME 128
+RSA_R_Q_NOT_PRIME 129
+RSA_R_RSA_OPERATIONS_NOT_SUPPORTED 130
+RSA_R_SLEN_CHECK_FAILED 136
+RSA_R_SLEN_RECOVERY_FAILED 135
+RSA_R_SSLV3_ROLLBACK_ATTACK 115
+RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 116
+RSA_R_UNKNOWN_ALGORITHM_TYPE 117
+RSA_R_UNKNOWN_DIGEST 166
+RSA_R_UNKNOWN_MASK_DIGEST 151
+RSA_R_UNKNOWN_PADDING_TYPE 118
+RSA_R_UNSUPPORTED_ENCRYPTION_TYPE 162
+RSA_R_UNSUPPORTED_LABEL_SOURCE 163
+RSA_R_UNSUPPORTED_MASK_ALGORITHM 153
+RSA_R_UNSUPPORTED_MASK_PARAMETER 154
+RSA_R_UNSUPPORTED_SIGNATURE_TYPE 155
+RSA_R_VALUE_MISSING 147
+RSA_R_WRONG_SIGNATURE_LENGTH 119
+SSL_R_APP_DATA_IN_HANDSHAKE 100
+SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT 272
+SSL_R_AT_LEAST_TLS_1_0_NEEDED_IN_FIPS_MODE 143
+SSL_R_AT_LEAST_TLS_1_2_NEEDED_IN_SUITEB_MODE 158
+SSL_R_BAD_CHANGE_CIPHER_SPEC 103
+SSL_R_BAD_CIPHER 186
+SSL_R_BAD_DATA 390
+SSL_R_BAD_DATA_RETURNED_BY_CALLBACK 106
+SSL_R_BAD_DECOMPRESSION 107
+SSL_R_BAD_DH_VALUE 102
+SSL_R_BAD_DIGEST_LENGTH 111
+SSL_R_BAD_ECC_CERT 304
+SSL_R_BAD_ECPOINT 306
+SSL_R_BAD_EXTENSION 110
+SSL_R_BAD_HANDSHAKE_LENGTH 332
+SSL_R_BAD_HELLO_REQUEST 105
+SSL_R_BAD_KEY_SHARE 108
+SSL_R_BAD_KEY_UPDATE 122
+SSL_R_BAD_LENGTH 271
+SSL_R_BAD_PACKET_LENGTH 115
+SSL_R_BAD_PROTOCOL_VERSION_NUMBER 116
+SSL_R_BAD_PSK_IDENTITY 114
+SSL_R_BAD_RECORD_TYPE 443
+SSL_R_BAD_RSA_ENCRYPT 119
+SSL_R_BAD_SIGNATURE 123
+SSL_R_BAD_SRP_A_LENGTH 347
+SSL_R_BAD_SRP_PARAMETERS 371
+SSL_R_BAD_SRTP_MKI_VALUE 352
+SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST 353
+SSL_R_BAD_SSL_FILETYPE 124
+SSL_R_BAD_VALUE 384
+SSL_R_BAD_WRITE_RETRY 127
+SSL_R_BIO_NOT_SET 128
+SSL_R_BLOCK_CIPHER_PAD_IS_WRONG 129
+SSL_R_BN_LIB 130
+SSL_R_CANNOT_CHANGE_CIPHER 109
+SSL_R_CA_DN_LENGTH_MISMATCH 131
+SSL_R_CA_KEY_TOO_SMALL 397
+SSL_R_CA_MD_TOO_WEAK 398
+SSL_R_CCS_RECEIVED_EARLY 133
+SSL_R_CERTIFICATE_VERIFY_FAILED 134
+SSL_R_CERT_CB_ERROR 377
+SSL_R_CERT_LENGTH_MISMATCH 135
+SSL_R_CIPHER_CODE_WRONG_LENGTH 137
+SSL_R_CIPHER_OR_HASH_UNAVAILABLE 138
+SSL_R_CLIENTHELLO_TLSEXT 226
+SSL_R_COMPRESSED_LENGTH_TOO_LONG 140
+SSL_R_COMPRESSION_DISABLED 343
+SSL_R_COMPRESSION_FAILURE 141
+SSL_R_COMPRESSION_ID_NOT_WITHIN_PRIVATE_RANGE 307
+SSL_R_COMPRESSION_LIBRARY_ERROR 142
+SSL_R_CONNECTION_TYPE_NOT_SET 144
+SSL_R_CONTEXT_NOT_DANE_ENABLED 167
+SSL_R_COOKIE_GEN_CALLBACK_FAILURE 400
+SSL_R_COOKIE_MISMATCH 308
+SSL_R_CUSTOM_EXT_HANDLER_ALREADY_INSTALLED 206
+SSL_R_DANE_ALREADY_ENABLED 172
+SSL_R_DANE_CANNOT_OVERRIDE_MTYPE_FULL 173
+SSL_R_DANE_NOT_ENABLED 175
+SSL_R_DANE_TLSA_BAD_CERTIFICATE 180
+SSL_R_DANE_TLSA_BAD_CERTIFICATE_USAGE 184
+SSL_R_DANE_TLSA_BAD_DATA_LENGTH 189
+SSL_R_DANE_TLSA_BAD_DIGEST_LENGTH 192
+SSL_R_DANE_TLSA_BAD_MATCHING_TYPE 200
+SSL_R_DANE_TLSA_BAD_PUBLIC_KEY 201
+SSL_R_DANE_TLSA_BAD_SELECTOR 202
+SSL_R_DANE_TLSA_NULL_DATA 203
+SSL_R_DATA_BETWEEN_CCS_AND_FINISHED 145
+SSL_R_DATA_LENGTH_TOO_LONG 146
+SSL_R_DECRYPTION_FAILED 147
+SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC 281
+SSL_R_DH_KEY_TOO_SMALL 394
+SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG 148
+SSL_R_DIGEST_CHECK_FAILED 149
+SSL_R_DTLS_MESSAGE_TOO_BIG 334
+SSL_R_DUPLICATE_COMPRESSION_ID 309
+SSL_R_ECC_CERT_NOT_FOR_SIGNING 318
+SSL_R_ECDH_REQUIRED_FOR_SUITEB_MODE 374
+SSL_R_EE_KEY_TOO_SMALL 399
+SSL_R_EMPTY_SRTP_PROTECTION_PROFILE_LIST 354
+SSL_R_ENCRYPTED_LENGTH_TOO_LONG 150
+SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST 151
+SSL_R_ERROR_SETTING_TLSA_BASE_DOMAIN 204
+SSL_R_EXCEEDS_MAX_FRAGMENT_SIZE 194
+SSL_R_EXCESSIVE_MESSAGE_SIZE 152
+SSL_R_EXTRA_DATA_IN_MESSAGE 153
+SSL_R_EXT_LENGTH_MISMATCH 163
+SSL_R_FAILED_TO_INIT_ASYNC 405
+SSL_R_FRAGMENTED_CLIENT_HELLO 401
+SSL_R_GOT_A_FIN_BEFORE_A_CCS 154
+SSL_R_HTTPS_PROXY_REQUEST 155
+SSL_R_HTTP_REQUEST 156
+SSL_R_ILLEGAL_POINT_COMPRESSION 162
+SSL_R_ILLEGAL_SUITEB_DIGEST 380
+SSL_R_INAPPROPRIATE_FALLBACK 373
+SSL_R_INCONSISTENT_COMPRESSION 340
+SSL_R_INCONSISTENT_EXTMS 104
+SSL_R_INVALID_ALERT 205
+SSL_R_INVALID_COMMAND 280
+SSL_R_INVALID_COMPRESSION_ALGORITHM 341
+SSL_R_INVALID_CONFIGURATION_NAME 113
+SSL_R_INVALID_CT_VALIDATION_TYPE 212
+SSL_R_INVALID_KEY_UPDATE_TYPE 120
+SSL_R_INVALID_MAX_EARLY_DATA 174
+SSL_R_INVALID_NULL_CMD_NAME 385
+SSL_R_INVALID_SEQUENCE_NUMBER 402
+SSL_R_INVALID_SERVERINFO_DATA 388
+SSL_R_INVALID_SRP_USERNAME 357
+SSL_R_INVALID_STATUS_RESPONSE 328
+SSL_R_INVALID_TICKET_KEYS_LENGTH 325
+SSL_R_LENGTH_MISMATCH 159
+SSL_R_LENGTH_TOO_LONG 404
+SSL_R_LENGTH_TOO_SHORT 160
+SSL_R_LIBRARY_BUG 274
+SSL_R_LIBRARY_HAS_NO_CIPHERS 161
+SSL_R_MISSING_DSA_SIGNING_CERT 165
+SSL_R_MISSING_ECDSA_SIGNING_CERT 381
+SSL_R_MISSING_RSA_CERTIFICATE 168
+SSL_R_MISSING_RSA_ENCRYPTING_CERT 169
+SSL_R_MISSING_RSA_SIGNING_CERT 170
+SSL_R_MISSING_SIGALGS_EXTENSION 112
+SSL_R_MISSING_SRP_PARAM 358
+SSL_R_MISSING_SUPPORTED_GROUPS_EXTENSION 209
+SSL_R_MISSING_TMP_DH_KEY 171
+SSL_R_MISSING_TMP_ECDH_KEY 311
+SSL_R_NOT_ON_RECORD_BOUNDARY 182
+SSL_R_NO_CERTIFICATES_RETURNED 176
+SSL_R_NO_CERTIFICATE_ASSIGNED 177
+SSL_R_NO_CERTIFICATE_SET 179
+SSL_R_NO_CHANGE_FOLLOWING_HRR 214
+SSL_R_NO_CIPHERS_AVAILABLE 181
+SSL_R_NO_CIPHERS_SPECIFIED 183
+SSL_R_NO_CIPHER_MATCH 185
+SSL_R_NO_CLIENT_CERT_METHOD 331
+SSL_R_NO_COMPRESSION_SPECIFIED 187
+SSL_R_NO_GOST_CERTIFICATE_SENT_BY_PEER 330
+SSL_R_NO_METHOD_SPECIFIED 188
+SSL_R_NO_PEM_EXTENSIONS 389
+SSL_R_NO_PRIVATE_KEY_ASSIGNED 190
+SSL_R_NO_PROTOCOLS_AVAILABLE 191
+SSL_R_NO_RENEGOTIATION 339
+SSL_R_NO_REQUIRED_DIGEST 324
+SSL_R_NO_SHARED_CIPHER 193
+SSL_R_NO_SHARED_GROUPS 410
+SSL_R_NO_SHARED_SIGNATURE_ALGORITHMS 376
+SSL_R_NO_SRTP_PROFILES 359
+SSL_R_NO_SUITABLE_KEY_SHARE 101
+SSL_R_NO_SUITABLE_SIGNATURE_ALGORITHM 118
+SSL_R_NO_VALID_SCTS 216
+SSL_R_NO_VERIFY_COOKIE_CALLBACK 403
+SSL_R_NULL_SSL_CTX 195
+SSL_R_NULL_SSL_METHOD_PASSED 196
+SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED 197
+SSL_R_OLD_SESSION_COMPRESSION_ALGORITHM_NOT_RETURNED 344
+SSL_R_PACKET_LENGTH_TOO_LONG 198
+SSL_R_PARSE_TLSEXT 227
+SSL_R_PATH_TOO_LONG 270
+SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE 199
+SSL_R_PEM_NAME_BAD_PREFIX 391
+SSL_R_PEM_NAME_TOO_SHORT 392
+SSL_R_PIPELINE_FAILURE 406
+SSL_R_PROTOCOL_IS_SHUTDOWN 207
+SSL_R_PSK_IDENTITY_NOT_FOUND 223
+SSL_R_PSK_NO_CLIENT_CB 224
+SSL_R_PSK_NO_SERVER_CB 225
+SSL_R_READ_BIO_NOT_SET 211
+SSL_R_READ_TIMEOUT_EXPIRED 312
+SSL_R_RECORD_LENGTH_MISMATCH 213
+SSL_R_RECORD_TOO_SMALL 298
+SSL_R_RENEGOTIATE_EXT_TOO_LONG 335
+SSL_R_RENEGOTIATION_ENCODING_ERR 336
+SSL_R_RENEGOTIATION_MISMATCH 337
+SSL_R_REQUIRED_CIPHER_MISSING 215
+SSL_R_REQUIRED_COMPRESSION_ALGORITHM_MISSING 342
+SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING 345
+SSL_R_SCT_VERIFICATION_FAILED 208
+SSL_R_SERVERHELLO_TLSEXT 275
+SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED 277
+SSL_R_SHUTDOWN_WHILE_IN_INIT 407
+SSL_R_SIGNATURE_ALGORITHMS_ERROR 360
+SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE 220
+SSL_R_SRP_A_CALC 361
+SSL_R_SRTP_COULD_NOT_ALLOCATE_PROFILES 362
+SSL_R_SRTP_PROTECTION_PROFILE_LIST_TOO_LONG 363
+SSL_R_SRTP_UNKNOWN_PROTECTION_PROFILE 364
+SSL_R_SSL3_EXT_INVALID_SERVERNAME 319
+SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE 320
+SSL_R_SSL3_SESSION_ID_TOO_LONG 300
+SSL_R_SSL_COMMAND_SECTION_EMPTY 117
+SSL_R_SSL_COMMAND_SECTION_NOT_FOUND 125
+SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION 228
+SSL_R_SSL_HANDSHAKE_FAILURE 229
+SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS 230
+SSL_R_SSL_NEGATIVE_LENGTH 372
+SSL_R_SSL_SECTION_EMPTY 126
+SSL_R_SSL_SECTION_NOT_FOUND 136
+SSL_R_SSL_SESSION_ID_CALLBACK_FAILED 301
+SSL_R_SSL_SESSION_ID_CONFLICT 302
+SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG 273
+SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH 303
+SSL_R_SSL_SESSION_ID_TOO_LONG 408
+SSL_R_SSL_SESSION_VERSION_MISMATCH 210
+SSL_R_STILL_IN_INIT 121
+SSL_R_TLS_HEARTBEAT_PEER_DOESNT_ACCEPT 365
+SSL_R_TLS_HEARTBEAT_PENDING 366
+SSL_R_TLS_ILLEGAL_EXPORTER_LABEL 367
+SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST 157
+SSL_R_TOO_MANY_KEY_UPDATES 132
+SSL_R_TOO_MANY_WARN_ALERTS 409
+SSL_R_TOO_MUCH_EARLY_DATA 164
+SSL_R_UNABLE_TO_FIND_ECDH_PARAMETERS 314
+SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS 239
+SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES 242
+SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES 243
+SSL_R_UNEXPECTED_END_OF_EARLY_DATA 178
+SSL_R_UNEXPECTED_MESSAGE 244
+SSL_R_UNEXPECTED_RECORD 245
+SSL_R_UNINITIALIZED 276
+SSL_R_UNKNOWN_ALERT_TYPE 246
+SSL_R_UNKNOWN_CERTIFICATE_TYPE 247
+SSL_R_UNKNOWN_CIPHER_RETURNED 248
+SSL_R_UNKNOWN_CIPHER_TYPE 249
+SSL_R_UNKNOWN_CMD_NAME 386
+SSL_R_UNKNOWN_COMMAND 139
+SSL_R_UNKNOWN_DIGEST 368
+SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE 250
+SSL_R_UNKNOWN_PKEY_TYPE 251
+SSL_R_UNKNOWN_PROTOCOL 252
+SSL_R_UNKNOWN_SSL_VERSION 254
+SSL_R_UNKNOWN_STATE 255
+SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED 338
+SSL_R_UNSOLICITED_EXTENSION 217
+SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM 257
+SSL_R_UNSUPPORTED_ELLIPTIC_CURVE 315
+SSL_R_UNSUPPORTED_PROTOCOL 258
+SSL_R_UNSUPPORTED_SSL_VERSION 259
+SSL_R_UNSUPPORTED_STATUS_TYPE 329
+SSL_R_USE_SRTP_NOT_NEGOTIATED 369
+SSL_R_VERSION_TOO_HIGH 166
+SSL_R_VERSION_TOO_LOW 396
+SSL_R_WRONG_CERTIFICATE_TYPE 383
+SSL_R_WRONG_CIPHER_RETURNED 261
+SSL_R_WRONG_CURVE 378
+SSL_R_WRONG_SIGNATURE_LENGTH 264
+SSL_R_WRONG_SIGNATURE_SIZE 265
+SSL_R_WRONG_SIGNATURE_TYPE 370
+SSL_R_WRONG_SSL_VERSION 266
+SSL_R_WRONG_VERSION_NUMBER 267
+SSL_R_X509_LIB 268
+SSL_R_X509_VERIFICATION_SETUP_PROBLEMS 269
+TS_R_BAD_PKCS7_TYPE 132
+TS_R_BAD_TYPE 133
+TS_R_CANNOT_LOAD_CERT 137
+TS_R_CANNOT_LOAD_KEY 138
+TS_R_CERTIFICATE_VERIFY_ERROR 100
+TS_R_COULD_NOT_SET_ENGINE 127
+TS_R_COULD_NOT_SET_TIME 115
+TS_R_DETACHED_CONTENT 134
+TS_R_ESS_ADD_SIGNING_CERT_ERROR 116
+TS_R_ESS_ADD_SIGNING_CERT_V2_ERROR 139
+TS_R_ESS_SIGNING_CERTIFICATE_ERROR 101
+TS_R_INVALID_NULL_POINTER 102
+TS_R_INVALID_SIGNER_CERTIFICATE_PURPOSE 117
+TS_R_MESSAGE_IMPRINT_MISMATCH 103
+TS_R_NONCE_MISMATCH 104
+TS_R_NONCE_NOT_RETURNED 105
+TS_R_NO_CONTENT 106
+TS_R_NO_TIME_STAMP_TOKEN 107
+TS_R_PKCS7_ADD_SIGNATURE_ERROR 118
+TS_R_PKCS7_ADD_SIGNED_ATTR_ERROR 119
+TS_R_PKCS7_TO_TS_TST_INFO_FAILED 129
+TS_R_POLICY_MISMATCH 108
+TS_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE 120
+TS_R_RESPONSE_SETUP_ERROR 121
+TS_R_SIGNATURE_FAILURE 109
+TS_R_THERE_MUST_BE_ONE_SIGNER 110
+TS_R_TIME_SYSCALL_ERROR 122
+TS_R_TOKEN_NOT_PRESENT 130
+TS_R_TOKEN_PRESENT 131
+TS_R_TSA_NAME_MISMATCH 111
+TS_R_TSA_UNTRUSTED 112
+TS_R_TST_INFO_SETUP_ERROR 123
+TS_R_TS_DATASIGN 124
+TS_R_UNACCEPTABLE_POLICY 125
+TS_R_UNSUPPORTED_MD_ALGORITHM 126
+TS_R_UNSUPPORTED_VERSION 113
+TS_R_VAR_BAD_VALUE 135
+TS_R_VAR_LOOKUP_FAILURE 136
+TS_R_WRONG_CONTENT_TYPE 114
+UI_R_COMMON_OK_AND_CANCEL_CHARACTERS 104
+UI_R_INDEX_TOO_LARGE 102
+UI_R_INDEX_TOO_SMALL 103
+UI_R_NO_RESULT_BUFFER 105
+UI_R_PROCESSING_ERROR 107
+UI_R_RESULT_TOO_LARGE 100
+UI_R_RESULT_TOO_SMALL 101
+UI_R_SYSASSIGN_ERROR 109
+UI_R_SYSDASSGN_ERROR 110
+UI_R_SYSQIOW_ERROR 111
+UI_R_UNKNOWN_CONTROL_COMMAND 106
+UI_R_UNKNOWN_TTYGET_ERRNO_VALUE 108
+UI_R_USER_DATA_DUPLICATION_UNSUPPORTED 112
+X509V3_R_BAD_IP_ADDRESS 118
+X509V3_R_BAD_OBJECT 119
+X509V3_R_BN_DEC2BN_ERROR 100
+X509V3_R_BN_TO_ASN1_INTEGER_ERROR 101
+X509V3_R_DIRNAME_ERROR 149
+X509V3_R_DISTPOINT_ALREADY_SET 160
+X509V3_R_DUPLICATE_ZONE_ID 133
+X509V3_R_ERROR_CONVERTING_ZONE 131
+X509V3_R_ERROR_CREATING_EXTENSION 144
+X509V3_R_ERROR_IN_EXTENSION 128
+X509V3_R_EXPECTED_A_SECTION_NAME 137
+X509V3_R_EXTENSION_EXISTS 145
+X509V3_R_EXTENSION_NAME_ERROR 115
+X509V3_R_EXTENSION_NOT_FOUND 102
+X509V3_R_EXTENSION_SETTING_NOT_SUPPORTED 103
+X509V3_R_EXTENSION_VALUE_ERROR 116
+X509V3_R_ILLEGAL_EMPTY_EXTENSION 151
+X509V3_R_INCORRECT_POLICY_SYNTAX_TAG 152
+X509V3_R_INVALID_ASNUMBER 162
+X509V3_R_INVALID_ASRANGE 163
+X509V3_R_INVALID_BOOLEAN_STRING 104
+X509V3_R_INVALID_EXTENSION_STRING 105
+X509V3_R_INVALID_INHERITANCE 165
+X509V3_R_INVALID_IPADDRESS 166
+X509V3_R_INVALID_MULTIPLE_RDNS 161
+X509V3_R_INVALID_NAME 106
+X509V3_R_INVALID_NULL_ARGUMENT 107
+X509V3_R_INVALID_NULL_NAME 108
+X509V3_R_INVALID_NULL_VALUE 109
+X509V3_R_INVALID_NUMBER 140
+X509V3_R_INVALID_NUMBERS 141
+X509V3_R_INVALID_OBJECT_IDENTIFIER 110
+X509V3_R_INVALID_OPTION 138
+X509V3_R_INVALID_POLICY_IDENTIFIER 134
+X509V3_R_INVALID_PROXY_POLICY_SETTING 153
+X509V3_R_INVALID_PURPOSE 146
+X509V3_R_INVALID_SAFI 164
+X509V3_R_INVALID_SECTION 135
+X509V3_R_INVALID_SYNTAX 143
+X509V3_R_ISSUER_DECODE_ERROR 126
+X509V3_R_MISSING_VALUE 124
+X509V3_R_NEED_ORGANIZATION_AND_NUMBERS 142
+X509V3_R_NO_CONFIG_DATABASE 136
+X509V3_R_NO_ISSUER_CERTIFICATE 121
+X509V3_R_NO_ISSUER_DETAILS 127
+X509V3_R_NO_POLICY_IDENTIFIER 139
+X509V3_R_NO_PROXY_CERT_POLICY_LANGUAGE_DEFINED 154
+X509V3_R_NO_PUBLIC_KEY 114
+X509V3_R_NO_SUBJECT_DETAILS 125
+X509V3_R_OPERATION_NOT_DEFINED 148
+X509V3_R_OTHERNAME_ERROR 147
+X509V3_R_POLICY_LANGUAGE_ALREADY_DEFINED 155
+X509V3_R_POLICY_PATH_LENGTH 156
+X509V3_R_POLICY_PATH_LENGTH_ALREADY_DEFINED 157
+X509V3_R_POLICY_WHEN_PROXY_LANGUAGE_REQUIRES_NO_POLICY 159
+X509V3_R_SECTION_NOT_FOUND 150
+X509V3_R_UNABLE_TO_GET_ISSUER_DETAILS 122
+X509V3_R_UNABLE_TO_GET_ISSUER_KEYID 123
+X509V3_R_UNKNOWN_BIT_STRING_ARGUMENT 111
+X509V3_R_UNKNOWN_EXTENSION 129
+X509V3_R_UNKNOWN_EXTENSION_NAME 130
+X509V3_R_UNKNOWN_OPTION 120
+X509V3_R_UNSUPPORTED_OPTION 117
+X509V3_R_UNSUPPORTED_TYPE 167
+X509V3_R_USER_TOO_LONG 132
+X509_R_AKID_MISMATCH 110
+X509_R_BAD_SELECTOR 133
+X509_R_BAD_X509_FILETYPE 100
+X509_R_BASE64_DECODE_ERROR 118
+X509_R_CANT_CHECK_DH_KEY 114
+X509_R_CERT_ALREADY_IN_HASH_TABLE 101
+X509_R_CRL_ALREADY_DELTA 127
+X509_R_CRL_VERIFY_FAILURE 131
+X509_R_IDP_MISMATCH 128
+X509_R_INVALID_DIRECTORY 113
+X509_R_INVALID_FIELD_NAME 119
+X509_R_INVALID_TRUST 123
+X509_R_ISSUER_MISMATCH 129
+X509_R_KEY_TYPE_MISMATCH 115
+X509_R_KEY_VALUES_MISMATCH 116
+X509_R_LOADING_CERT_DIR 103
+X509_R_LOADING_DEFAULTS 104
+X509_R_METHOD_NOT_SUPPORTED 124
+X509_R_NAME_TOO_LONG 134
+X509_R_NEWER_CRL_NOT_NEWER 132
+X509_R_NO_CERTIFICATE_FOUND 135
+X509_R_NO_CERTIFICATE_OR_CRL_FOUND 136
+X509_R_NO_CERT_SET_FOR_US_TO_VERIFY 105
+X509_R_NO_CRL_FOUND 137
+X509_R_NO_CRL_NUMBER 130
+X509_R_PUBLIC_KEY_DECODE_ERROR 125
+X509_R_PUBLIC_KEY_ENCODE_ERROR 126
+X509_R_SHOULD_RETRY 106
+X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN 107
+X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY 108
+X509_R_UNKNOWN_KEY_TYPE 117
+X509_R_UNKNOWN_NID 109
+X509_R_UNKNOWN_PURPOSE_ID 121
+X509_R_UNKNOWN_TRUST_ID 120
+X509_R_UNSUPPORTED_ALGORITHM 111
+X509_R_WRONG_LOOKUP_TYPE 112
+X509_R_WRONG_TYPE 122
diff --git a/crypto/evp/evp_err.c b/crypto/evp/evp_err.c
index 315129a..9c6b514 100644
--- a/crypto/evp/evp_err.c
+++ b/crypto/evp/evp_err.c
@@ -8,169 +8,220 @@
  * https://www.openssl.org/source/license.html
  */
 
-#include <stdio.h>
 #include <openssl/err.h>
-#include <openssl/evp.h>
+#include <openssl/evperr.h>
 
-/* BEGIN ERROR CODES */
 #ifndef OPENSSL_NO_ERR
 
-# define ERR_FUNC(func) ERR_PACK(ERR_LIB_EVP,func,0)
-# define ERR_REASON(reason) ERR_PACK(ERR_LIB_EVP,0,reason)
-
-static ERR_STRING_DATA EVP_str_functs[] = {
-    {ERR_FUNC(EVP_F_AESNI_INIT_KEY), "aesni_init_key"},
-    {ERR_FUNC(EVP_F_AES_INIT_KEY), "aes_init_key"},
-    {ERR_FUNC(EVP_F_AES_OCB_CIPHER), "aes_ocb_cipher"},
-    {ERR_FUNC(EVP_F_AES_T4_INIT_KEY), "aes_t4_init_key"},
-    {ERR_FUNC(EVP_F_AES_WRAP_CIPHER), "aes_wrap_cipher"},
-    {ERR_FUNC(EVP_F_ALG_MODULE_INIT), "alg_module_init"},
-    {ERR_FUNC(EVP_F_ARIA_INIT_KEY), "aria_init_key"},
-    {ERR_FUNC(EVP_F_CAMELLIA_INIT_KEY), "camellia_init_key"},
-    {ERR_FUNC(EVP_F_CHACHA20_POLY1305_CTRL), "chacha20_poly1305_ctrl"},
-    {ERR_FUNC(EVP_F_CMLL_T4_INIT_KEY), "cmll_t4_init_key"},
-    {ERR_FUNC(EVP_F_DES_EDE3_WRAP_CIPHER), "des_ede3_wrap_cipher"},
-    {ERR_FUNC(EVP_F_DO_SIGVER_INIT), "do_sigver_init"},
-    {ERR_FUNC(EVP_F_EVP_CIPHERINIT_EX), "EVP_CipherInit_ex"},
-    {ERR_FUNC(EVP_F_EVP_CIPHER_CTX_COPY), "EVP_CIPHER_CTX_copy"},
-    {ERR_FUNC(EVP_F_EVP_CIPHER_CTX_CTRL), "EVP_CIPHER_CTX_ctrl"},
-    {ERR_FUNC(EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH),
+static const ERR_STRING_DATA EVP_str_functs[] = {
+    {ERR_PACK(ERR_LIB_EVP, EVP_F_AESNI_INIT_KEY, 0), "aesni_init_key"},
+    {ERR_PACK(ERR_LIB_EVP, EVP_F_AES_INIT_KEY, 0), "aes_init_key"},
+    {ERR_PACK(ERR_LIB_EVP, EVP_F_AES_OCB_CIPHER, 0), "aes_ocb_cipher"},
+    {ERR_PACK(ERR_LIB_EVP, EVP_F_AES_T4_INIT_KEY, 0), "aes_t4_init_key"},
+    {ERR_PACK(ERR_LIB_EVP, EVP_F_AES_WRAP_CIPHER, 0), "aes_wrap_cipher"},
+    {ERR_PACK(ERR_LIB_EVP, EVP_F_ALG_MODULE_INIT, 0), "alg_module_init"},
+    {ERR_PACK(ERR_LIB_EVP, EVP_F_ARIA_INIT_KEY, 0), "aria_init_key"},
+    {ERR_PACK(ERR_LIB_EVP, EVP_F_CAMELLIA_INIT_KEY, 0), "camellia_init_key"},
+    {ERR_PACK(ERR_LIB_EVP, EVP_F_CHACHA20_POLY1305_CTRL, 0),
+     "chacha20_poly1305_ctrl"},
+    {ERR_PACK(ERR_LIB_EVP, EVP_F_CMLL_T4_INIT_KEY, 0), "cmll_t4_init_key"},
+    {ERR_PACK(ERR_LIB_EVP, EVP_F_DES_EDE3_WRAP_CIPHER, 0),
+     "des_ede3_wrap_cipher"},
+    {ERR_PACK(ERR_LIB_EVP, EVP_F_DO_SIGVER_INIT, 0), "do_sigver_init"},
+    {ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_CIPHERINIT_EX, 0), "EVP_CipherInit_ex"},
+    {ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_CIPHER_CTX_COPY, 0),
+     "EVP_CIPHER_CTX_copy"},
+    {ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_CIPHER_CTX_CTRL, 0),
+     "EVP_CIPHER_CTX_ctrl"},
+    {ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH, 0),
      "EVP_CIPHER_CTX_set_key_length"},
-    {ERR_FUNC(EVP_F_EVP_DECRYPTFINAL_EX), "EVP_DecryptFinal_ex"},
-    {ERR_FUNC(EVP_F_EVP_DECRYPTUPDATE), "EVP_DecryptUpdate"},
-    {ERR_FUNC(EVP_F_EVP_DIGESTINIT_EX), "EVP_DigestInit_ex"},
-    {ERR_FUNC(EVP_F_EVP_ENCRYPTFINAL_EX), "EVP_EncryptFinal_ex"},
-    {ERR_FUNC(EVP_F_EVP_ENCRYPTUPDATE), "EVP_EncryptUpdate"},
-    {ERR_FUNC(EVP_F_EVP_MD_CTX_COPY_EX), "EVP_MD_CTX_copy_ex"},
-    {ERR_FUNC(EVP_F_EVP_MD_SIZE), "EVP_MD_size"},
-    {ERR_FUNC(EVP_F_EVP_OPENINIT), "EVP_OpenInit"},
-    {ERR_FUNC(EVP_F_EVP_PBE_ALG_ADD), "EVP_PBE_alg_add"},
-    {ERR_FUNC(EVP_F_EVP_PBE_ALG_ADD_TYPE), "EVP_PBE_alg_add_type"},
-    {ERR_FUNC(EVP_F_EVP_PBE_CIPHERINIT), "EVP_PBE_CipherInit"},
-    {ERR_FUNC(EVP_F_EVP_PBE_SCRYPT), "EVP_PBE_scrypt"},
-    {ERR_FUNC(EVP_F_EVP_PKCS82PKEY), "EVP_PKCS82PKEY"},
-    {ERR_FUNC(EVP_F_EVP_PKEY2PKCS8), "EVP_PKEY2PKCS8"},
-    {ERR_FUNC(EVP_F_EVP_PKEY_COPY_PARAMETERS), "EVP_PKEY_copy_parameters"},
-    {ERR_FUNC(EVP_F_EVP_PKEY_CTX_CTRL), "EVP_PKEY_CTX_ctrl"},
-    {ERR_FUNC(EVP_F_EVP_PKEY_CTX_CTRL_STR), "EVP_PKEY_CTX_ctrl_str"},
-    {ERR_FUNC(EVP_F_EVP_PKEY_CTX_DUP), "EVP_PKEY_CTX_dup"},
-    {ERR_FUNC(EVP_F_EVP_PKEY_CTX_MD), "EVP_PKEY_CTX_md"},
-    {ERR_FUNC(EVP_F_EVP_PKEY_DECRYPT), "EVP_PKEY_decrypt"},
-    {ERR_FUNC(EVP_F_EVP_PKEY_DECRYPT_INIT), "EVP_PKEY_decrypt_init"},
-    {ERR_FUNC(EVP_F_EVP_PKEY_DECRYPT_OLD), "EVP_PKEY_decrypt_old"},
-    {ERR_FUNC(EVP_F_EVP_PKEY_DERIVE), "EVP_PKEY_derive"},
-    {ERR_FUNC(EVP_F_EVP_PKEY_DERIVE_INIT), "EVP_PKEY_derive_init"},
-    {ERR_FUNC(EVP_F_EVP_PKEY_DERIVE_SET_PEER), "EVP_PKEY_derive_set_peer"},
-    {ERR_FUNC(EVP_F_EVP_PKEY_ENCRYPT), "EVP_PKEY_encrypt"},
-    {ERR_FUNC(EVP_F_EVP_PKEY_ENCRYPT_INIT), "EVP_PKEY_encrypt_init"},
-    {ERR_FUNC(EVP_F_EVP_PKEY_ENCRYPT_OLD), "EVP_PKEY_encrypt_old"},
-    {ERR_FUNC(EVP_F_EVP_PKEY_GET0_DH), "EVP_PKEY_get0_DH"},
-    {ERR_FUNC(EVP_F_EVP_PKEY_GET0_DSA), "EVP_PKEY_get0_DSA"},
-    {ERR_FUNC(EVP_F_EVP_PKEY_GET0_EC_KEY), "EVP_PKEY_get0_EC_KEY"},
-    {ERR_FUNC(EVP_F_EVP_PKEY_GET0_HMAC), "EVP_PKEY_get0_hmac"},
-    {ERR_FUNC(EVP_F_EVP_PKEY_GET0_POLY1305), "EVP_PKEY_get0_poly1305"},
-    {ERR_FUNC(EVP_F_EVP_PKEY_GET0_RSA), "EVP_PKEY_get0_RSA"},
-    {ERR_FUNC(EVP_F_EVP_PKEY_GET0_SIPHASH), "EVP_PKEY_get0_siphash"},
-    {ERR_FUNC(EVP_F_EVP_PKEY_KEYGEN), "EVP_PKEY_keygen"},
-    {ERR_FUNC(EVP_F_EVP_PKEY_KEYGEN_INIT), "EVP_PKEY_keygen_init"},
-    {ERR_FUNC(EVP_F_EVP_PKEY_NEW), "EVP_PKEY_new"},
-    {ERR_FUNC(EVP_F_EVP_PKEY_PARAMGEN), "EVP_PKEY_paramgen"},
-    {ERR_FUNC(EVP_F_EVP_PKEY_PARAMGEN_INIT), "EVP_PKEY_paramgen_init"},
-    {ERR_FUNC(EVP_F_EVP_PKEY_SIGN), "EVP_PKEY_sign"},
-    {ERR_FUNC(EVP_F_EVP_PKEY_SIGN_INIT), "EVP_PKEY_sign_init"},
-    {ERR_FUNC(EVP_F_EVP_PKEY_VERIFY), "EVP_PKEY_verify"},
-    {ERR_FUNC(EVP_F_EVP_PKEY_VERIFY_INIT), "EVP_PKEY_verify_init"},
-    {ERR_FUNC(EVP_F_EVP_PKEY_VERIFY_RECOVER), "EVP_PKEY_verify_recover"},
-    {ERR_FUNC(EVP_F_EVP_PKEY_VERIFY_RECOVER_INIT),
+    {ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_DECRYPTFINAL_EX, 0),
+     "EVP_DecryptFinal_ex"},
+    {ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_DECRYPTUPDATE, 0), "EVP_DecryptUpdate"},
+    {ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_DIGESTINIT_EX, 0), "EVP_DigestInit_ex"},
+    {ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_ENCRYPTFINAL_EX, 0),
+     "EVP_EncryptFinal_ex"},
+    {ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_ENCRYPTUPDATE, 0), "EVP_EncryptUpdate"},
+    {ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_MD_CTX_COPY_EX, 0), "EVP_MD_CTX_copy_ex"},
+    {ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_MD_SIZE, 0), "EVP_MD_size"},
+    {ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_OPENINIT, 0), "EVP_OpenInit"},
+    {ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_PBE_ALG_ADD, 0), "EVP_PBE_alg_add"},
+    {ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_PBE_ALG_ADD_TYPE, 0),
+     "EVP_PBE_alg_add_type"},
+    {ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_PBE_CIPHERINIT, 0), "EVP_PBE_CipherInit"},
+    {ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_PBE_SCRYPT, 0), "EVP_PBE_scrypt"},
+    {ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_PKCS82PKEY, 0), "EVP_PKCS82PKEY"},
+    {ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_PKEY2PKCS8, 0), "EVP_PKEY2PKCS8"},
+    {ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_PKEY_COPY_PARAMETERS, 0),
+     "EVP_PKEY_copy_parameters"},
+    {ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_PKEY_CTX_CTRL, 0), "EVP_PKEY_CTX_ctrl"},
+    {ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_PKEY_CTX_CTRL_STR, 0),
+     "EVP_PKEY_CTX_ctrl_str"},
+    {ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_PKEY_CTX_DUP, 0), "EVP_PKEY_CTX_dup"},
+    {ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_PKEY_CTX_MD, 0), "EVP_PKEY_CTX_md"},
+    {ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_PKEY_DECRYPT, 0), "EVP_PKEY_decrypt"},
+    {ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_PKEY_DECRYPT_INIT, 0),
+     "EVP_PKEY_decrypt_init"},
+    {ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_PKEY_DECRYPT_OLD, 0),
+     "EVP_PKEY_decrypt_old"},
+    {ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_PKEY_DERIVE, 0), "EVP_PKEY_derive"},
+    {ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_PKEY_DERIVE_INIT, 0),
+     "EVP_PKEY_derive_init"},
+    {ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_PKEY_DERIVE_SET_PEER, 0),
+     "EVP_PKEY_derive_set_peer"},
+    {ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_PKEY_ENCRYPT, 0), "EVP_PKEY_encrypt"},
+    {ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_PKEY_ENCRYPT_INIT, 0),
+     "EVP_PKEY_encrypt_init"},
+    {ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_PKEY_ENCRYPT_OLD, 0),
+     "EVP_PKEY_encrypt_old"},
+    {ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_PKEY_GET0_DH, 0), "EVP_PKEY_get0_DH"},
+    {ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_PKEY_GET0_DSA, 0), "EVP_PKEY_get0_DSA"},
+    {ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_PKEY_GET0_EC_KEY, 0),
+     "EVP_PKEY_get0_EC_KEY"},
+    {ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_PKEY_GET0_HMAC, 0), "EVP_PKEY_get0_hmac"},
+    {ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_PKEY_GET0_POLY1305, 0),
+     "EVP_PKEY_get0_poly1305"},
+    {ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_PKEY_GET0_RSA, 0), "EVP_PKEY_get0_RSA"},
+    {ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_PKEY_GET0_SIPHASH, 0),
+     "EVP_PKEY_get0_siphash"},
+    {ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_PKEY_KEYGEN, 0), "EVP_PKEY_keygen"},
+    {ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_PKEY_KEYGEN_INIT, 0),
+     "EVP_PKEY_keygen_init"},
+    {ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_PKEY_NEW, 0), "EVP_PKEY_new"},
+    {ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_PKEY_PARAMGEN, 0), "EVP_PKEY_paramgen"},
+    {ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_PKEY_PARAMGEN_INIT, 0),
+     "EVP_PKEY_paramgen_init"},
+    {ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_PKEY_SIGN, 0), "EVP_PKEY_sign"},
+    {ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_PKEY_SIGN_INIT, 0), "EVP_PKEY_sign_init"},
+    {ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_PKEY_VERIFY, 0), "EVP_PKEY_verify"},
+    {ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_PKEY_VERIFY_INIT, 0),
+     "EVP_PKEY_verify_init"},
+    {ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_PKEY_VERIFY_RECOVER, 0),
+     "EVP_PKEY_verify_recover"},
+    {ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_PKEY_VERIFY_RECOVER_INIT, 0),
      "EVP_PKEY_verify_recover_init"},
-    {ERR_FUNC(EVP_F_EVP_SIGNFINAL), "EVP_SignFinal"},
-    {ERR_FUNC(EVP_F_EVP_VERIFYFINAL), "EVP_VerifyFinal"},
-    {ERR_FUNC(EVP_F_INT_CTX_NEW), "int_ctx_new"},
-    {ERR_FUNC(EVP_F_PKCS5_PBE_KEYIVGEN), "PKCS5_PBE_keyivgen"},
-    {ERR_FUNC(EVP_F_PKCS5_V2_PBE_KEYIVGEN), "PKCS5_v2_PBE_keyivgen"},
-    {ERR_FUNC(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN), "PKCS5_v2_PBKDF2_keyivgen"},
-    {ERR_FUNC(EVP_F_PKCS5_V2_SCRYPT_KEYIVGEN), "PKCS5_v2_scrypt_keyivgen"},
-    {ERR_FUNC(EVP_F_PKEY_SET_TYPE), "pkey_set_type"},
-    {ERR_FUNC(EVP_F_RC2_MAGIC_TO_METH), "rc2_magic_to_meth"},
-    {ERR_FUNC(EVP_F_RC5_CTRL), "rc5_ctrl"},
-    {ERR_FUNC(EVP_F_UPDATE), "update"},
+    {ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_SIGNFINAL, 0), "EVP_SignFinal"},
+    {ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_VERIFYFINAL, 0), "EVP_VerifyFinal"},
+    {ERR_PACK(ERR_LIB_EVP, EVP_F_INT_CTX_NEW, 0), "int_ctx_new"},
+    {ERR_PACK(ERR_LIB_EVP, EVP_F_PKCS5_PBE_KEYIVGEN, 0), "PKCS5_PBE_keyivgen"},
+    {ERR_PACK(ERR_LIB_EVP, EVP_F_PKCS5_V2_PBE_KEYIVGEN, 0),
+     "PKCS5_v2_PBE_keyivgen"},
+    {ERR_PACK(ERR_LIB_EVP, EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN, 0),
+     "PKCS5_v2_PBKDF2_keyivgen"},
+    {ERR_PACK(ERR_LIB_EVP, EVP_F_PKCS5_V2_SCRYPT_KEYIVGEN, 0),
+     "PKCS5_v2_scrypt_keyivgen"},
+    {ERR_PACK(ERR_LIB_EVP, EVP_F_PKEY_SET_TYPE, 0), "pkey_set_type"},
+    {ERR_PACK(ERR_LIB_EVP, EVP_F_RC2_MAGIC_TO_METH, 0), "rc2_magic_to_meth"},
+    {ERR_PACK(ERR_LIB_EVP, EVP_F_RC5_CTRL, 0), "rc5_ctrl"},
+    {ERR_PACK(ERR_LIB_EVP, EVP_F_UPDATE, 0), "update"},
     {0, NULL}
 };
 
-static ERR_STRING_DATA EVP_str_reasons[] = {
-    {ERR_REASON(EVP_R_AES_KEY_SETUP_FAILED), "aes key setup failed"},
-    {ERR_REASON(EVP_R_ARIA_KEY_SETUP_FAILED), "aria key setup failed"},
-    {ERR_REASON(EVP_R_BAD_DECRYPT), "bad decrypt"},
-    {ERR_REASON(EVP_R_BUFFER_TOO_SMALL), "buffer too small"},
-    {ERR_REASON(EVP_R_CAMELLIA_KEY_SETUP_FAILED),
-     "camellia key setup failed"},
-    {ERR_REASON(EVP_R_CIPHER_PARAMETER_ERROR), "cipher parameter error"},
-    {ERR_REASON(EVP_R_COMMAND_NOT_SUPPORTED), "command not supported"},
-    {ERR_REASON(EVP_R_COPY_ERROR), "copy error"},
-    {ERR_REASON(EVP_R_CTRL_NOT_IMPLEMENTED), "ctrl not implemented"},
-    {ERR_REASON(EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED),
-     "ctrl operation not implemented"},
-    {ERR_REASON(EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH),
-     "data not multiple of block length"},
-    {ERR_REASON(EVP_R_DECODE_ERROR), "decode error"},
-    {ERR_REASON(EVP_R_DIFFERENT_KEY_TYPES), "different key types"},
-    {ERR_REASON(EVP_R_DIFFERENT_PARAMETERS), "different parameters"},
-    {ERR_REASON(EVP_R_ERROR_LOADING_SECTION), "error loading section"},
-    {ERR_REASON(EVP_R_ERROR_SETTING_FIPS_MODE), "error setting fips mode"},
-    {ERR_REASON(EVP_R_EXPECTING_AN_HMAC_KEY), "expecting an hmac key"},
-    {ERR_REASON(EVP_R_EXPECTING_AN_RSA_KEY), "expecting an rsa key"},
-    {ERR_REASON(EVP_R_EXPECTING_A_DH_KEY), "expecting a dh key"},
-    {ERR_REASON(EVP_R_EXPECTING_A_DSA_KEY), "expecting a dsa key"},
-    {ERR_REASON(EVP_R_EXPECTING_A_EC_KEY), "expecting a ec key"},
-    {ERR_REASON(EVP_R_EXPECTING_A_POLY1305_KEY), "expecting a poly1305 key"},
-    {ERR_REASON(EVP_R_EXPECTING_A_SIPHASH_KEY), "expecting a siphash key"},
-    {ERR_REASON(EVP_R_FIPS_MODE_NOT_SUPPORTED), "fips mode not supported"},
-    {ERR_REASON(EVP_R_ILLEGAL_SCRYPT_PARAMETERS),
-     "illegal scrypt parameters"},
-    {ERR_REASON(EVP_R_INITIALIZATION_ERROR), "initialization error"},
-    {ERR_REASON(EVP_R_INPUT_NOT_INITIALIZED), "input not initialized"},
-    {ERR_REASON(EVP_R_INVALID_DIGEST), "invalid digest"},
-    {ERR_REASON(EVP_R_INVALID_FIPS_MODE), "invalid fips mode"},
-    {ERR_REASON(EVP_R_INVALID_KEY), "invalid key"},
-    {ERR_REASON(EVP_R_INVALID_KEY_LENGTH), "invalid key length"},
-    {ERR_REASON(EVP_R_INVALID_OPERATION), "invalid operation"},
-    {ERR_REASON(EVP_R_KEYGEN_FAILURE), "keygen failure"},
-    {ERR_REASON(EVP_R_MEMORY_LIMIT_EXCEEDED), "memory limit exceeded"},
-    {ERR_REASON(EVP_R_MESSAGE_DIGEST_IS_NULL), "message digest is null"},
-    {ERR_REASON(EVP_R_METHOD_NOT_SUPPORTED), "method not supported"},
-    {ERR_REASON(EVP_R_MISSING_PARAMETERS), "missing parameters"},
-    {ERR_REASON(EVP_R_NO_CIPHER_SET), "no cipher set"},
-    {ERR_REASON(EVP_R_NO_DEFAULT_DIGEST), "no default digest"},
-    {ERR_REASON(EVP_R_NO_DIGEST_SET), "no digest set"},
-    {ERR_REASON(EVP_R_NO_KEY_SET), "no key set"},
-    {ERR_REASON(EVP_R_NO_OPERATION_SET), "no operation set"},
-    {ERR_REASON(EVP_R_ONLY_ONESHOT_SUPPORTED), "only oneshot supported"},
-    {ERR_REASON(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE),
-     "operation not supported for this keytype"},
-    {ERR_REASON(EVP_R_OPERATON_NOT_INITIALIZED), "operaton not initialized"},
-    {ERR_REASON(EVP_R_PARTIALLY_OVERLAPPING),
-     "partially overlapping buffers"},
-    {ERR_REASON(EVP_R_PRIVATE_KEY_DECODE_ERROR), "private key decode error"},
-    {ERR_REASON(EVP_R_PRIVATE_KEY_ENCODE_ERROR), "private key encode error"},
-    {ERR_REASON(EVP_R_PUBLIC_KEY_NOT_RSA), "public key not rsa"},
-    {ERR_REASON(EVP_R_UNKNOWN_CIPHER), "unknown cipher"},
-    {ERR_REASON(EVP_R_UNKNOWN_DIGEST), "unknown digest"},
-    {ERR_REASON(EVP_R_UNKNOWN_OPTION), "unknown option"},
-    {ERR_REASON(EVP_R_UNKNOWN_PBE_ALGORITHM), "unknown pbe algorithm"},
-    {ERR_REASON(EVP_R_UNSUPPORTED_ALGORITHM), "unsupported algorithm"},
-    {ERR_REASON(EVP_R_UNSUPPORTED_CIPHER), "unsupported cipher"},
-    {ERR_REASON(EVP_R_UNSUPPORTED_KEYLENGTH), "unsupported keylength"},
-    {ERR_REASON(EVP_R_UNSUPPORTED_KEY_DERIVATION_FUNCTION),
-     "unsupported key derivation function"},
-    {ERR_REASON(EVP_R_UNSUPPORTED_KEY_SIZE), "unsupported key size"},
-    {ERR_REASON(EVP_R_UNSUPPORTED_NUMBER_OF_ROUNDS),
-     "unsupported number of rounds"},
-    {ERR_REASON(EVP_R_UNSUPPORTED_PRF), "unsupported prf"},
-    {ERR_REASON(EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM),
-     "unsupported private key algorithm"},
-    {ERR_REASON(EVP_R_UNSUPPORTED_SALT_TYPE), "unsupported salt type"},
-    {ERR_REASON(EVP_R_WRAP_MODE_NOT_ALLOWED), "wrap mode not allowed"},
-    {ERR_REASON(EVP_R_WRONG_FINAL_BLOCK_LENGTH), "wrong final block length"},
+static const ERR_STRING_DATA EVP_str_reasons[] = {
+    {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_AES_KEY_SETUP_FAILED),
+    "aes key setup failed"},
+    {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_ARIA_KEY_SETUP_FAILED),
+    "aria key setup failed"},
+    {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_BAD_DECRYPT), "bad decrypt"},
+    {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_BUFFER_TOO_SMALL), "buffer too small"},
+    {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_CAMELLIA_KEY_SETUP_FAILED),
+    "camellia key setup failed"},
+    {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_CIPHER_PARAMETER_ERROR),
+    "cipher parameter error"},
+    {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_COMMAND_NOT_SUPPORTED),
+    "command not supported"},
+    {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_COPY_ERROR), "copy error"},
+    {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_CTRL_NOT_IMPLEMENTED),
+    "ctrl not implemented"},
+    {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED),
+    "ctrl operation not implemented"},
+    {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH),
+    "data not multiple of block length"},
+    {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_DECODE_ERROR), "decode error"},
+    {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_DIFFERENT_KEY_TYPES),
+    "different key types"},
+    {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_DIFFERENT_PARAMETERS),
+    "different parameters"},
+    {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_ERROR_LOADING_SECTION),
+    "error loading section"},
+    {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_ERROR_SETTING_FIPS_MODE),
+    "error setting fips mode"},
+    {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_EXPECTING_AN_HMAC_KEY),
+    "expecting an hmac key"},
+    {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_EXPECTING_AN_RSA_KEY),
+    "expecting an rsa key"},
+    {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_EXPECTING_A_DH_KEY), "expecting a dh key"},
+    {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_EXPECTING_A_DSA_KEY),
+    "expecting a dsa key"},
+    {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_EXPECTING_A_EC_KEY), "expecting a ec key"},
+    {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_EXPECTING_A_POLY1305_KEY),
+    "expecting a poly1305 key"},
+    {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_EXPECTING_A_SIPHASH_KEY),
+    "expecting a siphash key"},
+    {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_FIPS_MODE_NOT_SUPPORTED),
+    "fips mode not supported"},
+    {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_ILLEGAL_SCRYPT_PARAMETERS),
+    "illegal scrypt parameters"},
+    {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_INITIALIZATION_ERROR),
+    "initialization error"},
+    {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_INPUT_NOT_INITIALIZED),
+    "input not initialized"},
+    {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_INVALID_DIGEST), "invalid digest"},
+    {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_INVALID_FIPS_MODE), "invalid fips mode"},
+    {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_INVALID_KEY), "invalid key"},
+    {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_INVALID_KEY_LENGTH), "invalid key length"},
+    {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_INVALID_OPERATION), "invalid operation"},
+    {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_KEYGEN_FAILURE), "keygen failure"},
+    {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_MEMORY_LIMIT_EXCEEDED),
+    "memory limit exceeded"},
+    {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_MESSAGE_DIGEST_IS_NULL),
+    "message digest is null"},
+    {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_METHOD_NOT_SUPPORTED),
+    "method not supported"},
+    {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_MISSING_PARAMETERS), "missing parameters"},
+    {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_NO_CIPHER_SET), "no cipher set"},
+    {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_NO_DEFAULT_DIGEST), "no default digest"},
+    {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_NO_DIGEST_SET), "no digest set"},
+    {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_NO_KEY_SET), "no key set"},
+    {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_NO_OPERATION_SET), "no operation set"},
+    {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_ONLY_ONESHOT_SUPPORTED),
+    "only oneshot supported"},
+    {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE),
+    "operation not supported for this keytype"},
+    {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_OPERATON_NOT_INITIALIZED),
+    "operaton not initialized"},
+    {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_PARTIALLY_OVERLAPPING),
+    "partially overlapping buffers"},
+    {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_PRIVATE_KEY_DECODE_ERROR),
+    "private key decode error"},
+    {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_PRIVATE_KEY_ENCODE_ERROR),
+    "private key encode error"},
+    {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_PUBLIC_KEY_NOT_RSA), "public key not rsa"},
+    {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_UNKNOWN_CIPHER), "unknown cipher"},
+    {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_UNKNOWN_DIGEST), "unknown digest"},
+    {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_UNKNOWN_OPTION), "unknown option"},
+    {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_UNKNOWN_PBE_ALGORITHM),
+    "unknown pbe algorithm"},
+    {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_UNSUPPORTED_ALGORITHM),
+    "unsupported algorithm"},
+    {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_UNSUPPORTED_CIPHER), "unsupported cipher"},
+    {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_UNSUPPORTED_KEYLENGTH),
+    "unsupported keylength"},
+    {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_UNSUPPORTED_KEY_DERIVATION_FUNCTION),
+    "unsupported key derivation function"},
+    {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_UNSUPPORTED_KEY_SIZE),
+    "unsupported key size"},
+    {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_UNSUPPORTED_NUMBER_OF_ROUNDS),
+    "unsupported number of rounds"},
+    {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_UNSUPPORTED_PRF), "unsupported prf"},
+    {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM),
+    "unsupported private key algorithm"},
+    {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_UNSUPPORTED_SALT_TYPE),
+    "unsupported salt type"},
+    {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_WRAP_MODE_NOT_ALLOWED),
+    "wrap mode not allowed"},
+    {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_WRONG_FINAL_BLOCK_LENGTH),
+    "wrong final block length"},
     {0, NULL}
 };
 
@@ -179,10 +230,9 @@ static ERR_STRING_DATA EVP_str_reasons[] = {
 int ERR_load_EVP_strings(void)
 {
 #ifndef OPENSSL_NO_ERR
-
     if (ERR_func_error_string(EVP_str_functs[0].error) == NULL) {
-        ERR_load_strings(0, EVP_str_functs);
-        ERR_load_strings(0, EVP_str_reasons);
+        ERR_load_strings_const(EVP_str_functs);
+        ERR_load_strings_const(EVP_str_reasons);
     }
 #endif
     return 1;
diff --git a/crypto/kdf/kdf_err.c b/crypto/kdf/kdf_err.c
index d7d71b3..5706d2d 100644
--- a/crypto/kdf/kdf_err.c
+++ b/crypto/kdf/kdf_err.c
@@ -1,6 +1,6 @@
 /*
  * Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -8,26 +8,23 @@
  * https://www.openssl.org/source/license.html
  */
 
-#include <stdio.h>
 #include <openssl/err.h>
-#include <openssl/kdf.h>
+#include <openssl/kdferr.h>
 
-/* BEGIN ERROR CODES */
 #ifndef OPENSSL_NO_ERR
 
-# define ERR_FUNC(func) ERR_PACK(ERR_LIB_KDF,func,0)
-# define ERR_REASON(reason) ERR_PACK(ERR_LIB_KDF,0,reason)
-
-static ERR_STRING_DATA KDF_str_functs[] = {
-    {ERR_FUNC(KDF_F_PKEY_TLS1_PRF_CTRL_STR), "pkey_tls1_prf_ctrl_str"},
-    {ERR_FUNC(KDF_F_PKEY_TLS1_PRF_DERIVE), "pkey_tls1_prf_derive"},
+static const ERR_STRING_DATA KDF_str_functs[] = {
+    {ERR_PACK(ERR_LIB_KDF, KDF_F_PKEY_TLS1_PRF_CTRL_STR, 0),
+     "pkey_tls1_prf_ctrl_str"},
+    {ERR_PACK(ERR_LIB_KDF, KDF_F_PKEY_TLS1_PRF_DERIVE, 0),
+     "pkey_tls1_prf_derive"},
     {0, NULL}
 };
 
-static ERR_STRING_DATA KDF_str_reasons[] = {
-    {ERR_REASON(KDF_R_INVALID_DIGEST), "invalid digest"},
-    {ERR_REASON(KDF_R_MISSING_PARAMETER), "missing parameter"},
-    {ERR_REASON(KDF_R_VALUE_MISSING), "value missing"},
+static const ERR_STRING_DATA KDF_str_reasons[] = {
+    {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_INVALID_DIGEST), "invalid digest"},
+    {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_MISSING_PARAMETER), "missing parameter"},
+    {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_VALUE_MISSING), "value missing"},
     {0, NULL}
 };
 
@@ -36,10 +33,9 @@ static ERR_STRING_DATA KDF_str_reasons[] = {
 int ERR_load_KDF_strings(void)
 {
 #ifndef OPENSSL_NO_ERR
-
     if (ERR_func_error_string(KDF_str_functs[0].error) == NULL) {
-        ERR_load_strings(0, KDF_str_functs);
-        ERR_load_strings(0, KDF_str_reasons);
+        ERR_load_strings_const(KDF_str_functs);
+        ERR_load_strings_const(KDF_str_reasons);
     }
 #endif
     return 1;
diff --git a/crypto/objects/obj_err.c b/crypto/objects/obj_err.c
index 4677b67..ef36313 100644
--- a/crypto/objects/obj_err.c
+++ b/crypto/objects/obj_err.c
@@ -1,6 +1,6 @@
 /*
  * Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -8,30 +8,25 @@
  * https://www.openssl.org/source/license.html
  */
 
-#include <stdio.h>
 #include <openssl/err.h>
-#include <openssl/objects.h>
+#include <openssl/objectserr.h>
 
-/* BEGIN ERROR CODES */
 #ifndef OPENSSL_NO_ERR
 
-# define ERR_FUNC(func) ERR_PACK(ERR_LIB_OBJ,func,0)
-# define ERR_REASON(reason) ERR_PACK(ERR_LIB_OBJ,0,reason)
-
-static ERR_STRING_DATA OBJ_str_functs[] = {
-    {ERR_FUNC(OBJ_F_OBJ_ADD_OBJECT), "OBJ_add_object"},
-    {ERR_FUNC(OBJ_F_OBJ_CREATE), "OBJ_create"},
-    {ERR_FUNC(OBJ_F_OBJ_DUP), "OBJ_dup"},
-    {ERR_FUNC(OBJ_F_OBJ_NAME_NEW_INDEX), "OBJ_NAME_new_index"},
-    {ERR_FUNC(OBJ_F_OBJ_NID2LN), "OBJ_nid2ln"},
-    {ERR_FUNC(OBJ_F_OBJ_NID2OBJ), "OBJ_nid2obj"},
-    {ERR_FUNC(OBJ_F_OBJ_NID2SN), "OBJ_nid2sn"},
+static const ERR_STRING_DATA OBJ_str_functs[] = {
+    {ERR_PACK(ERR_LIB_OBJ, OBJ_F_OBJ_ADD_OBJECT, 0), "OBJ_add_object"},
+    {ERR_PACK(ERR_LIB_OBJ, OBJ_F_OBJ_CREATE, 0), "OBJ_create"},
+    {ERR_PACK(ERR_LIB_OBJ, OBJ_F_OBJ_DUP, 0), "OBJ_dup"},
+    {ERR_PACK(ERR_LIB_OBJ, OBJ_F_OBJ_NAME_NEW_INDEX, 0), "OBJ_NAME_new_index"},
+    {ERR_PACK(ERR_LIB_OBJ, OBJ_F_OBJ_NID2LN, 0), "OBJ_nid2ln"},
+    {ERR_PACK(ERR_LIB_OBJ, OBJ_F_OBJ_NID2OBJ, 0), "OBJ_nid2obj"},
+    {ERR_PACK(ERR_LIB_OBJ, OBJ_F_OBJ_NID2SN, 0), "OBJ_nid2sn"},
     {0, NULL}
 };
 
-static ERR_STRING_DATA OBJ_str_reasons[] = {
-    {ERR_REASON(OBJ_R_OID_EXISTS), "oid exists"},
-    {ERR_REASON(OBJ_R_UNKNOWN_NID), "unknown nid"},
+static const ERR_STRING_DATA OBJ_str_reasons[] = {
+    {ERR_PACK(ERR_LIB_OBJ, 0, OBJ_R_OID_EXISTS), "oid exists"},
+    {ERR_PACK(ERR_LIB_OBJ, 0, OBJ_R_UNKNOWN_NID), "unknown nid"},
     {0, NULL}
 };
 
@@ -40,10 +35,9 @@ static ERR_STRING_DATA OBJ_str_reasons[] = {
 int ERR_load_OBJ_strings(void)
 {
 #ifndef OPENSSL_NO_ERR
-
     if (ERR_func_error_string(OBJ_str_functs[0].error) == NULL) {
-        ERR_load_strings(0, OBJ_str_functs);
-        ERR_load_strings(0, OBJ_str_reasons);
+        ERR_load_strings_const(OBJ_str_functs);
+        ERR_load_strings_const(OBJ_str_reasons);
     }
 #endif
     return 1;
diff --git a/crypto/ocsp/ocsp_err.c b/crypto/ocsp/ocsp_err.c
index a2d96e9..5faeff2 100644
--- a/crypto/ocsp/ocsp_err.c
+++ b/crypto/ocsp/ocsp_err.c
@@ -1,6 +1,6 @@
 /*
  * Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -8,71 +8,80 @@
  * https://www.openssl.org/source/license.html
  */
 
-#include <stdio.h>
 #include <openssl/err.h>
-#include <openssl/ocsp.h>
+#include <openssl/ocsperr.h>
 
-/* BEGIN ERROR CODES */
 #ifndef OPENSSL_NO_ERR
 
-# define ERR_FUNC(func) ERR_PACK(ERR_LIB_OCSP,func,0)
-# define ERR_REASON(reason) ERR_PACK(ERR_LIB_OCSP,0,reason)
-
-static ERR_STRING_DATA OCSP_str_functs[] = {
-    {ERR_FUNC(OCSP_F_D2I_OCSP_NONCE), "d2i_ocsp_nonce"},
-    {ERR_FUNC(OCSP_F_OCSP_BASIC_ADD1_STATUS), "OCSP_basic_add1_status"},
-    {ERR_FUNC(OCSP_F_OCSP_BASIC_SIGN), "OCSP_basic_sign"},
-    {ERR_FUNC(OCSP_F_OCSP_BASIC_VERIFY), "OCSP_basic_verify"},
-    {ERR_FUNC(OCSP_F_OCSP_CERT_ID_NEW), "OCSP_cert_id_new"},
-    {ERR_FUNC(OCSP_F_OCSP_CHECK_DELEGATED), "ocsp_check_delegated"},
-    {ERR_FUNC(OCSP_F_OCSP_CHECK_IDS), "ocsp_check_ids"},
-    {ERR_FUNC(OCSP_F_OCSP_CHECK_ISSUER), "ocsp_check_issuer"},
-    {ERR_FUNC(OCSP_F_OCSP_CHECK_VALIDITY), "OCSP_check_validity"},
-    {ERR_FUNC(OCSP_F_OCSP_MATCH_ISSUERID), "ocsp_match_issuerid"},
-    {ERR_FUNC(OCSP_F_OCSP_PARSE_URL), "OCSP_parse_url"},
-    {ERR_FUNC(OCSP_F_OCSP_REQUEST_SIGN), "OCSP_request_sign"},
-    {ERR_FUNC(OCSP_F_OCSP_REQUEST_VERIFY), "OCSP_request_verify"},
-    {ERR_FUNC(OCSP_F_OCSP_RESPONSE_GET1_BASIC), "OCSP_response_get1_basic"},
-    {ERR_FUNC(OCSP_F_PARSE_HTTP_LINE1), "parse_http_line1"},
+static const ERR_STRING_DATA OCSP_str_functs[] = {
+    {ERR_PACK(ERR_LIB_OCSP, OCSP_F_D2I_OCSP_NONCE, 0), "d2i_ocsp_nonce"},
+    {ERR_PACK(ERR_LIB_OCSP, OCSP_F_OCSP_BASIC_ADD1_STATUS, 0),
+     "OCSP_basic_add1_status"},
+    {ERR_PACK(ERR_LIB_OCSP, OCSP_F_OCSP_BASIC_SIGN, 0), "OCSP_basic_sign"},
+    {ERR_PACK(ERR_LIB_OCSP, OCSP_F_OCSP_BASIC_VERIFY, 0), "OCSP_basic_verify"},
+    {ERR_PACK(ERR_LIB_OCSP, OCSP_F_OCSP_CERT_ID_NEW, 0), "OCSP_cert_id_new"},
+    {ERR_PACK(ERR_LIB_OCSP, OCSP_F_OCSP_CHECK_DELEGATED, 0),
+     "ocsp_check_delegated"},
+    {ERR_PACK(ERR_LIB_OCSP, OCSP_F_OCSP_CHECK_IDS, 0), "ocsp_check_ids"},
+    {ERR_PACK(ERR_LIB_OCSP, OCSP_F_OCSP_CHECK_ISSUER, 0), "ocsp_check_issuer"},
+    {ERR_PACK(ERR_LIB_OCSP, OCSP_F_OCSP_CHECK_VALIDITY, 0),
+     "OCSP_check_validity"},
+    {ERR_PACK(ERR_LIB_OCSP, OCSP_F_OCSP_MATCH_ISSUERID, 0),
+     "ocsp_match_issuerid"},
+    {ERR_PACK(ERR_LIB_OCSP, OCSP_F_OCSP_PARSE_URL, 0), "OCSP_parse_url"},
+    {ERR_PACK(ERR_LIB_OCSP, OCSP_F_OCSP_REQUEST_SIGN, 0), "OCSP_request_sign"},
+    {ERR_PACK(ERR_LIB_OCSP, OCSP_F_OCSP_REQUEST_VERIFY, 0),
+     "OCSP_request_verify"},
+    {ERR_PACK(ERR_LIB_OCSP, OCSP_F_OCSP_RESPONSE_GET1_BASIC, 0),
+     "OCSP_response_get1_basic"},
+    {ERR_PACK(ERR_LIB_OCSP, OCSP_F_PARSE_HTTP_LINE1, 0), "parse_http_line1"},
     {0, NULL}
 };
 
-static ERR_STRING_DATA OCSP_str_reasons[] = {
-    {ERR_REASON(OCSP_R_CERTIFICATE_VERIFY_ERROR), "certificate verify error"},
-    {ERR_REASON(OCSP_R_DIGEST_ERR), "digest err"},
-    {ERR_REASON(OCSP_R_ERROR_IN_NEXTUPDATE_FIELD),
-     "error in nextupdate field"},
-    {ERR_REASON(OCSP_R_ERROR_IN_THISUPDATE_FIELD),
-     "error in thisupdate field"},
-    {ERR_REASON(OCSP_R_ERROR_PARSING_URL), "error parsing url"},
-    {ERR_REASON(OCSP_R_MISSING_OCSPSIGNING_USAGE),
-     "missing ocspsigning usage"},
-    {ERR_REASON(OCSP_R_NEXTUPDATE_BEFORE_THISUPDATE),
-     "nextupdate before thisupdate"},
-    {ERR_REASON(OCSP_R_NOT_BASIC_RESPONSE), "not basic response"},
-    {ERR_REASON(OCSP_R_NO_CERTIFICATES_IN_CHAIN), "no certificates in chain"},
-    {ERR_REASON(OCSP_R_NO_RESPONSE_DATA), "no response data"},
-    {ERR_REASON(OCSP_R_NO_REVOKED_TIME), "no revoked time"},
-    {ERR_REASON(OCSP_R_NO_SIGNER_KEY), "no signer key"},
-    {ERR_REASON(OCSP_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE),
-     "private key does not match certificate"},
-    {ERR_REASON(OCSP_R_REQUEST_NOT_SIGNED), "request not signed"},
-    {ERR_REASON(OCSP_R_RESPONSE_CONTAINS_NO_REVOCATION_DATA),
-     "response contains no revocation data"},
-    {ERR_REASON(OCSP_R_ROOT_CA_NOT_TRUSTED), "root ca not trusted"},
-    {ERR_REASON(OCSP_R_SERVER_RESPONSE_ERROR), "server response error"},
-    {ERR_REASON(OCSP_R_SERVER_RESPONSE_PARSE_ERROR),
-     "server response parse error"},
-    {ERR_REASON(OCSP_R_SIGNATURE_FAILURE), "signature failure"},
-    {ERR_REASON(OCSP_R_SIGNER_CERTIFICATE_NOT_FOUND),
-     "signer certificate not found"},
-    {ERR_REASON(OCSP_R_STATUS_EXPIRED), "status expired"},
-    {ERR_REASON(OCSP_R_STATUS_NOT_YET_VALID), "status not yet valid"},
-    {ERR_REASON(OCSP_R_STATUS_TOO_OLD), "status too old"},
-    {ERR_REASON(OCSP_R_UNKNOWN_MESSAGE_DIGEST), "unknown message digest"},
-    {ERR_REASON(OCSP_R_UNKNOWN_NID), "unknown nid"},
-    {ERR_REASON(OCSP_R_UNSUPPORTED_REQUESTORNAME_TYPE),
-     "unsupported requestorname type"},
+static const ERR_STRING_DATA OCSP_str_reasons[] = {
+    {ERR_PACK(ERR_LIB_OCSP, 0, OCSP_R_CERTIFICATE_VERIFY_ERROR),
+    "certificate verify error"},
+    {ERR_PACK(ERR_LIB_OCSP, 0, OCSP_R_DIGEST_ERR), "digest err"},
+    {ERR_PACK(ERR_LIB_OCSP, 0, OCSP_R_ERROR_IN_NEXTUPDATE_FIELD),
+    "error in nextupdate field"},
+    {ERR_PACK(ERR_LIB_OCSP, 0, OCSP_R_ERROR_IN_THISUPDATE_FIELD),
+    "error in thisupdate field"},
+    {ERR_PACK(ERR_LIB_OCSP, 0, OCSP_R_ERROR_PARSING_URL), "error parsing url"},
+    {ERR_PACK(ERR_LIB_OCSP, 0, OCSP_R_MISSING_OCSPSIGNING_USAGE),
+    "missing ocspsigning usage"},
+    {ERR_PACK(ERR_LIB_OCSP, 0, OCSP_R_NEXTUPDATE_BEFORE_THISUPDATE),
+    "nextupdate before thisupdate"},
+    {ERR_PACK(ERR_LIB_OCSP, 0, OCSP_R_NOT_BASIC_RESPONSE),
+    "not basic response"},
+    {ERR_PACK(ERR_LIB_OCSP, 0, OCSP_R_NO_CERTIFICATES_IN_CHAIN),
+    "no certificates in chain"},
+    {ERR_PACK(ERR_LIB_OCSP, 0, OCSP_R_NO_RESPONSE_DATA), "no response data"},
+    {ERR_PACK(ERR_LIB_OCSP, 0, OCSP_R_NO_REVOKED_TIME), "no revoked time"},
+    {ERR_PACK(ERR_LIB_OCSP, 0, OCSP_R_NO_SIGNER_KEY), "no signer key"},
+    {ERR_PACK(ERR_LIB_OCSP, 0, OCSP_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE),
+    "private key does not match certificate"},
+    {ERR_PACK(ERR_LIB_OCSP, 0, OCSP_R_REQUEST_NOT_SIGNED),
+    "request not signed"},
+    {ERR_PACK(ERR_LIB_OCSP, 0, OCSP_R_RESPONSE_CONTAINS_NO_REVOCATION_DATA),
+    "response contains no revocation data"},
+    {ERR_PACK(ERR_LIB_OCSP, 0, OCSP_R_ROOT_CA_NOT_TRUSTED),
+    "root ca not trusted"},
+    {ERR_PACK(ERR_LIB_OCSP, 0, OCSP_R_SERVER_RESPONSE_ERROR),
+    "server response error"},
+    {ERR_PACK(ERR_LIB_OCSP, 0, OCSP_R_SERVER_RESPONSE_PARSE_ERROR),
+    "server response parse error"},
+    {ERR_PACK(ERR_LIB_OCSP, 0, OCSP_R_SIGNATURE_FAILURE), "signature failure"},
+    {ERR_PACK(ERR_LIB_OCSP, 0, OCSP_R_SIGNER_CERTIFICATE_NOT_FOUND),
+    "signer certificate not found"},
+    {ERR_PACK(ERR_LIB_OCSP, 0, OCSP_R_STATUS_EXPIRED), "status expired"},
+    {ERR_PACK(ERR_LIB_OCSP, 0, OCSP_R_STATUS_NOT_YET_VALID),
+    "status not yet valid"},
+    {ERR_PACK(ERR_LIB_OCSP, 0, OCSP_R_STATUS_TOO_OLD), "status too old"},
+    {ERR_PACK(ERR_LIB_OCSP, 0, OCSP_R_UNKNOWN_MESSAGE_DIGEST),
+    "unknown message digest"},
+    {ERR_PACK(ERR_LIB_OCSP, 0, OCSP_R_UNKNOWN_NID), "unknown nid"},
+    {ERR_PACK(ERR_LIB_OCSP, 0, OCSP_R_UNSUPPORTED_REQUESTORNAME_TYPE),
+    "unsupported requestorname type"},
     {0, NULL}
 };
 
@@ -81,10 +90,9 @@ static ERR_STRING_DATA OCSP_str_reasons[] = {
 int ERR_load_OCSP_strings(void)
 {
 #ifndef OPENSSL_NO_ERR
-
     if (ERR_func_error_string(OCSP_str_functs[0].error) == NULL) {
-        ERR_load_strings(0, OCSP_str_functs);
-        ERR_load_strings(0, OCSP_str_reasons);
+        ERR_load_strings_const(OCSP_str_functs);
+        ERR_load_strings_const(OCSP_str_reasons);
     }
 #endif
     return 1;
diff --git a/crypto/pem/pem_err.c b/crypto/pem/pem_err.c
index 6c25a52..c4c09e4 100644
--- a/crypto/pem/pem_err.c
+++ b/crypto/pem/pem_err.c
@@ -1,6 +1,6 @@
 /*
  * Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -8,98 +8,106 @@
  * https://www.openssl.org/source/license.html
  */
 
-#include <stdio.h>
 #include <openssl/err.h>
-#include <openssl/pem.h>
+#include <openssl/pemerr.h>
 
-/* BEGIN ERROR CODES */
 #ifndef OPENSSL_NO_ERR
 
-# define ERR_FUNC(func) ERR_PACK(ERR_LIB_PEM,func,0)
-# define ERR_REASON(reason) ERR_PACK(ERR_LIB_PEM,0,reason)
-
-static ERR_STRING_DATA PEM_str_functs[] = {
-    {ERR_FUNC(PEM_F_B2I_DSS), "b2i_dss"},
-    {ERR_FUNC(PEM_F_B2I_PVK_BIO), "b2i_PVK_bio"},
-    {ERR_FUNC(PEM_F_B2I_RSA), "b2i_rsa"},
-    {ERR_FUNC(PEM_F_CHECK_BITLEN_DSA), "check_bitlen_dsa"},
-    {ERR_FUNC(PEM_F_CHECK_BITLEN_RSA), "check_bitlen_rsa"},
-    {ERR_FUNC(PEM_F_D2I_PKCS8PRIVATEKEY_BIO), "d2i_PKCS8PrivateKey_bio"},
-    {ERR_FUNC(PEM_F_D2I_PKCS8PRIVATEKEY_FP), "d2i_PKCS8PrivateKey_fp"},
-    {ERR_FUNC(PEM_F_DO_B2I), "do_b2i"},
-    {ERR_FUNC(PEM_F_DO_B2I_BIO), "do_b2i_bio"},
-    {ERR_FUNC(PEM_F_DO_BLOB_HEADER), "do_blob_header"},
-    {ERR_FUNC(PEM_F_DO_PK8PKEY), "do_pk8pkey"},
-    {ERR_FUNC(PEM_F_DO_PK8PKEY_FP), "do_pk8pkey_fp"},
-    {ERR_FUNC(PEM_F_DO_PVK_BODY), "do_PVK_body"},
-    {ERR_FUNC(PEM_F_DO_PVK_HEADER), "do_PVK_header"},
-    {ERR_FUNC(PEM_F_GET_HEADER_AND_DATA), "get_header_and_data"},
-    {ERR_FUNC(PEM_F_GET_NAME), "get_name"},
-    {ERR_FUNC(PEM_F_I2B_PVK), "i2b_PVK"},
-    {ERR_FUNC(PEM_F_I2B_PVK_BIO), "i2b_PVK_bio"},
-    {ERR_FUNC(PEM_F_LOAD_IV), "load_iv"},
-    {ERR_FUNC(PEM_F_PEM_ASN1_READ), "PEM_ASN1_read"},
-    {ERR_FUNC(PEM_F_PEM_ASN1_READ_BIO), "PEM_ASN1_read_bio"},
-    {ERR_FUNC(PEM_F_PEM_ASN1_WRITE), "PEM_ASN1_write"},
-    {ERR_FUNC(PEM_F_PEM_ASN1_WRITE_BIO), "PEM_ASN1_write_bio"},
-    {ERR_FUNC(PEM_F_PEM_DEF_CALLBACK), "PEM_def_callback"},
-    {ERR_FUNC(PEM_F_PEM_DO_HEADER), "PEM_do_header"},
-    {ERR_FUNC(PEM_F_PEM_GET_EVP_CIPHER_INFO), "PEM_get_EVP_CIPHER_INFO"},
-    {ERR_FUNC(PEM_F_PEM_READ), "PEM_read"},
-    {ERR_FUNC(PEM_F_PEM_READ_BIO), "PEM_read_bio"},
-    {ERR_FUNC(PEM_F_PEM_READ_BIO_DHPARAMS), "PEM_read_bio_DHparams"},
-    {ERR_FUNC(PEM_F_PEM_READ_BIO_EX), "PEM_read_bio_ex"},
-    {ERR_FUNC(PEM_F_PEM_READ_BIO_PARAMETERS), "PEM_read_bio_Parameters"},
-    {ERR_FUNC(PEM_F_PEM_READ_BIO_PRIVATEKEY), "PEM_read_bio_PrivateKey"},
-    {ERR_FUNC(PEM_F_PEM_READ_DHPARAMS), "PEM_read_DHparams"},
-    {ERR_FUNC(PEM_F_PEM_READ_PRIVATEKEY), "PEM_read_PrivateKey"},
-    {ERR_FUNC(PEM_F_PEM_SIGNFINAL), "PEM_SignFinal"},
-    {ERR_FUNC(PEM_F_PEM_WRITE), "PEM_write"},
-    {ERR_FUNC(PEM_F_PEM_WRITE_BIO), "PEM_write_bio"},
-    {ERR_FUNC(PEM_F_PEM_WRITE_PRIVATEKEY), "PEM_write_PrivateKey"},
-    {ERR_FUNC(PEM_F_PEM_X509_INFO_READ), "PEM_X509_INFO_read"},
-    {ERR_FUNC(PEM_F_PEM_X509_INFO_READ_BIO), "PEM_X509_INFO_read_bio"},
-    {ERR_FUNC(PEM_F_PEM_X509_INFO_WRITE_BIO), "PEM_X509_INFO_write_bio"},
+static const ERR_STRING_DATA PEM_str_functs[] = {
+    {ERR_PACK(ERR_LIB_PEM, PEM_F_B2I_DSS, 0), "b2i_dss"},
+    {ERR_PACK(ERR_LIB_PEM, PEM_F_B2I_PVK_BIO, 0), "b2i_PVK_bio"},
+    {ERR_PACK(ERR_LIB_PEM, PEM_F_B2I_RSA, 0), "b2i_rsa"},
+    {ERR_PACK(ERR_LIB_PEM, PEM_F_CHECK_BITLEN_DSA, 0), "check_bitlen_dsa"},
+    {ERR_PACK(ERR_LIB_PEM, PEM_F_CHECK_BITLEN_RSA, 0), "check_bitlen_rsa"},
+    {ERR_PACK(ERR_LIB_PEM, PEM_F_D2I_PKCS8PRIVATEKEY_BIO, 0),
+     "d2i_PKCS8PrivateKey_bio"},
+    {ERR_PACK(ERR_LIB_PEM, PEM_F_D2I_PKCS8PRIVATEKEY_FP, 0),
+     "d2i_PKCS8PrivateKey_fp"},
+    {ERR_PACK(ERR_LIB_PEM, PEM_F_DO_B2I, 0), "do_b2i"},
+    {ERR_PACK(ERR_LIB_PEM, PEM_F_DO_B2I_BIO, 0), "do_b2i_bio"},
+    {ERR_PACK(ERR_LIB_PEM, PEM_F_DO_BLOB_HEADER, 0), "do_blob_header"},
+    {ERR_PACK(ERR_LIB_PEM, PEM_F_DO_PK8PKEY, 0), "do_pk8pkey"},
+    {ERR_PACK(ERR_LIB_PEM, PEM_F_DO_PK8PKEY_FP, 0), "do_pk8pkey_fp"},
+    {ERR_PACK(ERR_LIB_PEM, PEM_F_DO_PVK_BODY, 0), "do_PVK_body"},
+    {ERR_PACK(ERR_LIB_PEM, PEM_F_DO_PVK_HEADER, 0), "do_PVK_header"},
+    {ERR_PACK(ERR_LIB_PEM, PEM_F_GET_HEADER_AND_DATA, 0),
+     "get_header_and_data"},
+    {ERR_PACK(ERR_LIB_PEM, PEM_F_GET_NAME, 0), "get_name"},
+    {ERR_PACK(ERR_LIB_PEM, PEM_F_I2B_PVK, 0), "i2b_PVK"},
+    {ERR_PACK(ERR_LIB_PEM, PEM_F_I2B_PVK_BIO, 0), "i2b_PVK_bio"},
+    {ERR_PACK(ERR_LIB_PEM, PEM_F_LOAD_IV, 0), "load_iv"},
+    {ERR_PACK(ERR_LIB_PEM, PEM_F_PEM_ASN1_READ, 0), "PEM_ASN1_read"},
+    {ERR_PACK(ERR_LIB_PEM, PEM_F_PEM_ASN1_READ_BIO, 0), "PEM_ASN1_read_bio"},
+    {ERR_PACK(ERR_LIB_PEM, PEM_F_PEM_ASN1_WRITE, 0), "PEM_ASN1_write"},
+    {ERR_PACK(ERR_LIB_PEM, PEM_F_PEM_ASN1_WRITE_BIO, 0), "PEM_ASN1_write_bio"},
+    {ERR_PACK(ERR_LIB_PEM, PEM_F_PEM_DEF_CALLBACK, 0), "PEM_def_callback"},
+    {ERR_PACK(ERR_LIB_PEM, PEM_F_PEM_DO_HEADER, 0), "PEM_do_header"},
+    {ERR_PACK(ERR_LIB_PEM, PEM_F_PEM_GET_EVP_CIPHER_INFO, 0),
+     "PEM_get_EVP_CIPHER_INFO"},
+    {ERR_PACK(ERR_LIB_PEM, PEM_F_PEM_READ, 0), "PEM_read"},
+    {ERR_PACK(ERR_LIB_PEM, PEM_F_PEM_READ_BIO, 0), "PEM_read_bio"},
+    {ERR_PACK(ERR_LIB_PEM, PEM_F_PEM_READ_BIO_DHPARAMS, 0),
+     "PEM_read_bio_DHparams"},
+    {ERR_PACK(ERR_LIB_PEM, PEM_F_PEM_READ_BIO_EX, 0), "PEM_read_bio_ex"},
+    {ERR_PACK(ERR_LIB_PEM, PEM_F_PEM_READ_BIO_PARAMETERS, 0),
+     "PEM_read_bio_Parameters"},
+    {ERR_PACK(ERR_LIB_PEM, PEM_F_PEM_READ_BIO_PRIVATEKEY, 0),
+     "PEM_read_bio_PrivateKey"},
+    {ERR_PACK(ERR_LIB_PEM, PEM_F_PEM_READ_DHPARAMS, 0), "PEM_read_DHparams"},
+    {ERR_PACK(ERR_LIB_PEM, PEM_F_PEM_READ_PRIVATEKEY, 0),
+     "PEM_read_PrivateKey"},
+    {ERR_PACK(ERR_LIB_PEM, PEM_F_PEM_SIGNFINAL, 0), "PEM_SignFinal"},
+    {ERR_PACK(ERR_LIB_PEM, PEM_F_PEM_WRITE, 0), "PEM_write"},
+    {ERR_PACK(ERR_LIB_PEM, PEM_F_PEM_WRITE_BIO, 0), "PEM_write_bio"},
+    {ERR_PACK(ERR_LIB_PEM, PEM_F_PEM_WRITE_PRIVATEKEY, 0),
+     "PEM_write_PrivateKey"},
+    {ERR_PACK(ERR_LIB_PEM, PEM_F_PEM_X509_INFO_READ, 0), "PEM_X509_INFO_read"},
+    {ERR_PACK(ERR_LIB_PEM, PEM_F_PEM_X509_INFO_READ_BIO, 0),
+     "PEM_X509_INFO_read_bio"},
+    {ERR_PACK(ERR_LIB_PEM, PEM_F_PEM_X509_INFO_WRITE_BIO, 0),
+     "PEM_X509_INFO_write_bio"},
     {0, NULL}
 };
 
-static ERR_STRING_DATA PEM_str_reasons[] = {
-    {ERR_REASON(PEM_R_BAD_BASE64_DECODE), "bad base64 decode"},
-    {ERR_REASON(PEM_R_BAD_DECRYPT), "bad decrypt"},
-    {ERR_REASON(PEM_R_BAD_END_LINE), "bad end line"},
-    {ERR_REASON(PEM_R_BAD_IV_CHARS), "bad iv chars"},
-    {ERR_REASON(PEM_R_BAD_MAGIC_NUMBER), "bad magic number"},
-    {ERR_REASON(PEM_R_BAD_PASSWORD_READ), "bad password read"},
-    {ERR_REASON(PEM_R_BAD_VERSION_NUMBER), "bad version number"},
-    {ERR_REASON(PEM_R_BIO_WRITE_FAILURE), "bio write failure"},
-    {ERR_REASON(PEM_R_CIPHER_IS_NULL), "cipher is null"},
-    {ERR_REASON(PEM_R_ERROR_CONVERTING_PRIVATE_KEY),
-     "error converting private key"},
-    {ERR_REASON(PEM_R_EXPECTING_PRIVATE_KEY_BLOB),
-     "expecting private key blob"},
-    {ERR_REASON(PEM_R_EXPECTING_PUBLIC_KEY_BLOB),
-     "expecting public key blob"},
-    {ERR_REASON(PEM_R_HEADER_TOO_LONG), "header too long"},
-    {ERR_REASON(PEM_R_INCONSISTENT_HEADER), "inconsistent header"},
-    {ERR_REASON(PEM_R_KEYBLOB_HEADER_PARSE_ERROR),
-     "keyblob header parse error"},
-    {ERR_REASON(PEM_R_KEYBLOB_TOO_SHORT), "keyblob too short"},
-    {ERR_REASON(PEM_R_MISSING_DEK_IV), "missing dek iv"},
-    {ERR_REASON(PEM_R_NOT_DEK_INFO), "not dek info"},
-    {ERR_REASON(PEM_R_NOT_ENCRYPTED), "not encrypted"},
-    {ERR_REASON(PEM_R_NOT_PROC_TYPE), "not proc type"},
-    {ERR_REASON(PEM_R_NO_START_LINE), "no start line"},
-    {ERR_REASON(PEM_R_PROBLEMS_GETTING_PASSWORD),
-     "problems getting password"},
-    {ERR_REASON(PEM_R_PVK_DATA_TOO_SHORT), "pvk data too short"},
-    {ERR_REASON(PEM_R_PVK_TOO_SHORT), "pvk too short"},
-    {ERR_REASON(PEM_R_READ_KEY), "read key"},
-    {ERR_REASON(PEM_R_SHORT_HEADER), "short header"},
-    {ERR_REASON(PEM_R_UNEXPECTED_DEK_IV), "unexpected dek iv"},
-    {ERR_REASON(PEM_R_UNSUPPORTED_CIPHER), "unsupported cipher"},
-    {ERR_REASON(PEM_R_UNSUPPORTED_ENCRYPTION), "unsupported encryption"},
-    {ERR_REASON(PEM_R_UNSUPPORTED_KEY_COMPONENTS),
-     "unsupported key components"},
+static const ERR_STRING_DATA PEM_str_reasons[] = {
+    {ERR_PACK(ERR_LIB_PEM, 0, PEM_R_BAD_BASE64_DECODE), "bad base64 decode"},
+    {ERR_PACK(ERR_LIB_PEM, 0, PEM_R_BAD_DECRYPT), "bad decrypt"},
+    {ERR_PACK(ERR_LIB_PEM, 0, PEM_R_BAD_END_LINE), "bad end line"},
+    {ERR_PACK(ERR_LIB_PEM, 0, PEM_R_BAD_IV_CHARS), "bad iv chars"},
+    {ERR_PACK(ERR_LIB_PEM, 0, PEM_R_BAD_MAGIC_NUMBER), "bad magic number"},
+    {ERR_PACK(ERR_LIB_PEM, 0, PEM_R_BAD_PASSWORD_READ), "bad password read"},
+    {ERR_PACK(ERR_LIB_PEM, 0, PEM_R_BAD_VERSION_NUMBER), "bad version number"},
+    {ERR_PACK(ERR_LIB_PEM, 0, PEM_R_BIO_WRITE_FAILURE), "bio write failure"},
+    {ERR_PACK(ERR_LIB_PEM, 0, PEM_R_CIPHER_IS_NULL), "cipher is null"},
+    {ERR_PACK(ERR_LIB_PEM, 0, PEM_R_ERROR_CONVERTING_PRIVATE_KEY),
+    "error converting private key"},
+    {ERR_PACK(ERR_LIB_PEM, 0, PEM_R_EXPECTING_PRIVATE_KEY_BLOB),
+    "expecting private key blob"},
+    {ERR_PACK(ERR_LIB_PEM, 0, PEM_R_EXPECTING_PUBLIC_KEY_BLOB),
+    "expecting public key blob"},
+    {ERR_PACK(ERR_LIB_PEM, 0, PEM_R_HEADER_TOO_LONG), "header too long"},
+    {ERR_PACK(ERR_LIB_PEM, 0, PEM_R_INCONSISTENT_HEADER),
+    "inconsistent header"},
+    {ERR_PACK(ERR_LIB_PEM, 0, PEM_R_KEYBLOB_HEADER_PARSE_ERROR),
+    "keyblob header parse error"},
+    {ERR_PACK(ERR_LIB_PEM, 0, PEM_R_KEYBLOB_TOO_SHORT), "keyblob too short"},
+    {ERR_PACK(ERR_LIB_PEM, 0, PEM_R_MISSING_DEK_IV), "missing dek iv"},
+    {ERR_PACK(ERR_LIB_PEM, 0, PEM_R_NOT_DEK_INFO), "not dek info"},
+    {ERR_PACK(ERR_LIB_PEM, 0, PEM_R_NOT_ENCRYPTED), "not encrypted"},
+    {ERR_PACK(ERR_LIB_PEM, 0, PEM_R_NOT_PROC_TYPE), "not proc type"},
+    {ERR_PACK(ERR_LIB_PEM, 0, PEM_R_NO_START_LINE), "no start line"},
+    {ERR_PACK(ERR_LIB_PEM, 0, PEM_R_PROBLEMS_GETTING_PASSWORD),
+    "problems getting password"},
+    {ERR_PACK(ERR_LIB_PEM, 0, PEM_R_PVK_DATA_TOO_SHORT), "pvk data too short"},
+    {ERR_PACK(ERR_LIB_PEM, 0, PEM_R_PVK_TOO_SHORT), "pvk too short"},
+    {ERR_PACK(ERR_LIB_PEM, 0, PEM_R_READ_KEY), "read key"},
+    {ERR_PACK(ERR_LIB_PEM, 0, PEM_R_SHORT_HEADER), "short header"},
+    {ERR_PACK(ERR_LIB_PEM, 0, PEM_R_UNEXPECTED_DEK_IV), "unexpected dek iv"},
+    {ERR_PACK(ERR_LIB_PEM, 0, PEM_R_UNSUPPORTED_CIPHER), "unsupported cipher"},
+    {ERR_PACK(ERR_LIB_PEM, 0, PEM_R_UNSUPPORTED_ENCRYPTION),
+    "unsupported encryption"},
+    {ERR_PACK(ERR_LIB_PEM, 0, PEM_R_UNSUPPORTED_KEY_COMPONENTS),
+    "unsupported key components"},
     {0, NULL}
 };
 
@@ -108,10 +116,9 @@ static ERR_STRING_DATA PEM_str_reasons[] = {
 int ERR_load_PEM_strings(void)
 {
 #ifndef OPENSSL_NO_ERR
-
     if (ERR_func_error_string(PEM_str_functs[0].error) == NULL) {
-        ERR_load_strings(0, PEM_str_functs);
-        ERR_load_strings(0, PEM_str_reasons);
+        ERR_load_strings_const(PEM_str_functs);
+        ERR_load_strings_const(PEM_str_reasons);
     }
 #endif
     return 1;
diff --git a/crypto/pkcs12/pk12err.c b/crypto/pkcs12/pk12err.c
index f705084..38e7c66 100644
--- a/crypto/pkcs12/pk12err.c
+++ b/crypto/pkcs12/pk12err.c
@@ -1,6 +1,6 @@
 /*
  * Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -8,75 +8,92 @@
  * https://www.openssl.org/source/license.html
  */
 
-#include <stdio.h>
 #include <openssl/err.h>
-#include <openssl/pkcs12.h>
+#include <openssl/pkcs12err.h>
 
-/* BEGIN ERROR CODES */
 #ifndef OPENSSL_NO_ERR
 
-# define ERR_FUNC(func) ERR_PACK(ERR_LIB_PKCS12,func,0)
-# define ERR_REASON(reason) ERR_PACK(ERR_LIB_PKCS12,0,reason)
-
-static ERR_STRING_DATA PKCS12_str_functs[] = {
-    {ERR_FUNC(PKCS12_F_PKCS12_CREATE), "PKCS12_create"},
-    {ERR_FUNC(PKCS12_F_PKCS12_GEN_MAC), "PKCS12_gen_mac"},
-    {ERR_FUNC(PKCS12_F_PKCS12_INIT), "PKCS12_init"},
-    {ERR_FUNC(PKCS12_F_PKCS12_ITEM_DECRYPT_D2I), "PKCS12_item_decrypt_d2i"},
-    {ERR_FUNC(PKCS12_F_PKCS12_ITEM_I2D_ENCRYPT), "PKCS12_item_i2d_encrypt"},
-    {ERR_FUNC(PKCS12_F_PKCS12_ITEM_PACK_SAFEBAG), "PKCS12_item_pack_safebag"},
-    {ERR_FUNC(PKCS12_F_PKCS12_KEY_GEN_ASC), "PKCS12_key_gen_asc"},
-    {ERR_FUNC(PKCS12_F_PKCS12_KEY_GEN_UNI), "PKCS12_key_gen_uni"},
-    {ERR_FUNC(PKCS12_F_PKCS12_KEY_GEN_UTF8), "PKCS12_key_gen_utf8"},
-    {ERR_FUNC(PKCS12_F_PKCS12_NEWPASS), "PKCS12_newpass"},
-    {ERR_FUNC(PKCS12_F_PKCS12_PACK_P7DATA), "PKCS12_pack_p7data"},
-    {ERR_FUNC(PKCS12_F_PKCS12_PACK_P7ENCDATA), "PKCS12_pack_p7encdata"},
-    {ERR_FUNC(PKCS12_F_PKCS12_PARSE), "PKCS12_parse"},
-    {ERR_FUNC(PKCS12_F_PKCS12_PBE_CRYPT), "PKCS12_pbe_crypt"},
-    {ERR_FUNC(PKCS12_F_PKCS12_PBE_KEYIVGEN), "PKCS12_PBE_keyivgen"},
-    {ERR_FUNC(PKCS12_F_PKCS12_SAFEBAG_CREATE0_P8INF),
+static const ERR_STRING_DATA PKCS12_str_functs[] = {
+    {ERR_PACK(ERR_LIB_PKCS12, PKCS12_F_PKCS12_CREATE, 0), "PKCS12_create"},
+    {ERR_PACK(ERR_LIB_PKCS12, PKCS12_F_PKCS12_GEN_MAC, 0), "PKCS12_gen_mac"},
+    {ERR_PACK(ERR_LIB_PKCS12, PKCS12_F_PKCS12_INIT, 0), "PKCS12_init"},
+    {ERR_PACK(ERR_LIB_PKCS12, PKCS12_F_PKCS12_ITEM_DECRYPT_D2I, 0),
+     "PKCS12_item_decrypt_d2i"},
+    {ERR_PACK(ERR_LIB_PKCS12, PKCS12_F_PKCS12_ITEM_I2D_ENCRYPT, 0),
+     "PKCS12_item_i2d_encrypt"},
+    {ERR_PACK(ERR_LIB_PKCS12, PKCS12_F_PKCS12_ITEM_PACK_SAFEBAG, 0),
+     "PKCS12_item_pack_safebag"},
+    {ERR_PACK(ERR_LIB_PKCS12, PKCS12_F_PKCS12_KEY_GEN_ASC, 0),
+     "PKCS12_key_gen_asc"},
+    {ERR_PACK(ERR_LIB_PKCS12, PKCS12_F_PKCS12_KEY_GEN_UNI, 0),
+     "PKCS12_key_gen_uni"},
+    {ERR_PACK(ERR_LIB_PKCS12, PKCS12_F_PKCS12_KEY_GEN_UTF8, 0),
+     "PKCS12_key_gen_utf8"},
+    {ERR_PACK(ERR_LIB_PKCS12, PKCS12_F_PKCS12_NEWPASS, 0), "PKCS12_newpass"},
+    {ERR_PACK(ERR_LIB_PKCS12, PKCS12_F_PKCS12_PACK_P7DATA, 0),
+     "PKCS12_pack_p7data"},
+    {ERR_PACK(ERR_LIB_PKCS12, PKCS12_F_PKCS12_PACK_P7ENCDATA, 0),
+     "PKCS12_pack_p7encdata"},
+    {ERR_PACK(ERR_LIB_PKCS12, PKCS12_F_PKCS12_PARSE, 0), "PKCS12_parse"},
+    {ERR_PACK(ERR_LIB_PKCS12, PKCS12_F_PKCS12_PBE_CRYPT, 0),
+     "PKCS12_pbe_crypt"},
+    {ERR_PACK(ERR_LIB_PKCS12, PKCS12_F_PKCS12_PBE_KEYIVGEN, 0),
+     "PKCS12_PBE_keyivgen"},
+    {ERR_PACK(ERR_LIB_PKCS12, PKCS12_F_PKCS12_SAFEBAG_CREATE0_P8INF, 0),
      "PKCS12_SAFEBAG_create0_p8inf"},
-    {ERR_FUNC(PKCS12_F_PKCS12_SAFEBAG_CREATE0_PKCS8),
+    {ERR_PACK(ERR_LIB_PKCS12, PKCS12_F_PKCS12_SAFEBAG_CREATE0_PKCS8, 0),
      "PKCS12_SAFEBAG_create0_pkcs8"},
-    {ERR_FUNC(PKCS12_F_PKCS12_SAFEBAG_CREATE_PKCS8_ENCRYPT),
+    {ERR_PACK(ERR_LIB_PKCS12, PKCS12_F_PKCS12_SAFEBAG_CREATE_PKCS8_ENCRYPT, 0),
      "PKCS12_SAFEBAG_create_pkcs8_encrypt"},
-    {ERR_FUNC(PKCS12_F_PKCS12_SETUP_MAC), "PKCS12_setup_mac"},
-    {ERR_FUNC(PKCS12_F_PKCS12_SET_MAC), "PKCS12_set_mac"},
-    {ERR_FUNC(PKCS12_F_PKCS12_UNPACK_AUTHSAFES), "PKCS12_unpack_authsafes"},
-    {ERR_FUNC(PKCS12_F_PKCS12_UNPACK_P7DATA), "PKCS12_unpack_p7data"},
-    {ERR_FUNC(PKCS12_F_PKCS12_VERIFY_MAC), "PKCS12_verify_mac"},
-    {ERR_FUNC(PKCS12_F_PKCS8_ENCRYPT), "PKCS8_encrypt"},
-    {ERR_FUNC(PKCS12_F_PKCS8_SET0_PBE), "PKCS8_set0_pbe"},
+    {ERR_PACK(ERR_LIB_PKCS12, PKCS12_F_PKCS12_SETUP_MAC, 0),
+     "PKCS12_setup_mac"},
+    {ERR_PACK(ERR_LIB_PKCS12, PKCS12_F_PKCS12_SET_MAC, 0), "PKCS12_set_mac"},
+    {ERR_PACK(ERR_LIB_PKCS12, PKCS12_F_PKCS12_UNPACK_AUTHSAFES, 0),
+     "PKCS12_unpack_authsafes"},
+    {ERR_PACK(ERR_LIB_PKCS12, PKCS12_F_PKCS12_UNPACK_P7DATA, 0),
+     "PKCS12_unpack_p7data"},
+    {ERR_PACK(ERR_LIB_PKCS12, PKCS12_F_PKCS12_VERIFY_MAC, 0),
+     "PKCS12_verify_mac"},
+    {ERR_PACK(ERR_LIB_PKCS12, PKCS12_F_PKCS8_ENCRYPT, 0), "PKCS8_encrypt"},
+    {ERR_PACK(ERR_LIB_PKCS12, PKCS12_F_PKCS8_SET0_PBE, 0), "PKCS8_set0_pbe"},
     {0, NULL}
 };
 
-static ERR_STRING_DATA PKCS12_str_reasons[] = {
-    {ERR_REASON(PKCS12_R_CANT_PACK_STRUCTURE), "cant pack structure"},
-    {ERR_REASON(PKCS12_R_CONTENT_TYPE_NOT_DATA), "content type not data"},
-    {ERR_REASON(PKCS12_R_DECODE_ERROR), "decode error"},
-    {ERR_REASON(PKCS12_R_ENCODE_ERROR), "encode error"},
-    {ERR_REASON(PKCS12_R_ENCRYPT_ERROR), "encrypt error"},
-    {ERR_REASON(PKCS12_R_ERROR_SETTING_ENCRYPTED_DATA_TYPE),
-     "error setting encrypted data type"},
-    {ERR_REASON(PKCS12_R_INVALID_NULL_ARGUMENT), "invalid null argument"},
-    {ERR_REASON(PKCS12_R_INVALID_NULL_PKCS12_POINTER),
-     "invalid null pkcs12 pointer"},
-    {ERR_REASON(PKCS12_R_IV_GEN_ERROR), "iv gen error"},
-    {ERR_REASON(PKCS12_R_KEY_GEN_ERROR), "key gen error"},
-    {ERR_REASON(PKCS12_R_MAC_ABSENT), "mac absent"},
-    {ERR_REASON(PKCS12_R_MAC_GENERATION_ERROR), "mac generation error"},
-    {ERR_REASON(PKCS12_R_MAC_SETUP_ERROR), "mac setup error"},
-    {ERR_REASON(PKCS12_R_MAC_STRING_SET_ERROR), "mac string set error"},
-    {ERR_REASON(PKCS12_R_MAC_VERIFY_FAILURE), "mac verify failure"},
-    {ERR_REASON(PKCS12_R_PARSE_ERROR), "parse error"},
-    {ERR_REASON(PKCS12_R_PKCS12_ALGOR_CIPHERINIT_ERROR),
-     "pkcs12 algor cipherinit error"},
-    {ERR_REASON(PKCS12_R_PKCS12_CIPHERFINAL_ERROR),
-     "pkcs12 cipherfinal error"},
-    {ERR_REASON(PKCS12_R_PKCS12_PBE_CRYPT_ERROR), "pkcs12 pbe crypt error"},
-    {ERR_REASON(PKCS12_R_UNKNOWN_DIGEST_ALGORITHM),
-     "unknown digest algorithm"},
-    {ERR_REASON(PKCS12_R_UNSUPPORTED_PKCS12_MODE), "unsupported pkcs12 mode"},
+static const ERR_STRING_DATA PKCS12_str_reasons[] = {
+    {ERR_PACK(ERR_LIB_PKCS12, 0, PKCS12_R_CANT_PACK_STRUCTURE),
+    "cant pack structure"},
+    {ERR_PACK(ERR_LIB_PKCS12, 0, PKCS12_R_CONTENT_TYPE_NOT_DATA),
+    "content type not data"},
+    {ERR_PACK(ERR_LIB_PKCS12, 0, PKCS12_R_DECODE_ERROR), "decode error"},
+    {ERR_PACK(ERR_LIB_PKCS12, 0, PKCS12_R_ENCODE_ERROR), "encode error"},
+    {ERR_PACK(ERR_LIB_PKCS12, 0, PKCS12_R_ENCRYPT_ERROR), "encrypt error"},
+    {ERR_PACK(ERR_LIB_PKCS12, 0, PKCS12_R_ERROR_SETTING_ENCRYPTED_DATA_TYPE),
+    "error setting encrypted data type"},
+    {ERR_PACK(ERR_LIB_PKCS12, 0, PKCS12_R_INVALID_NULL_ARGUMENT),
+    "invalid null argument"},
+    {ERR_PACK(ERR_LIB_PKCS12, 0, PKCS12_R_INVALID_NULL_PKCS12_POINTER),
+    "invalid null pkcs12 pointer"},
+    {ERR_PACK(ERR_LIB_PKCS12, 0, PKCS12_R_IV_GEN_ERROR), "iv gen error"},
+    {ERR_PACK(ERR_LIB_PKCS12, 0, PKCS12_R_KEY_GEN_ERROR), "key gen error"},
+    {ERR_PACK(ERR_LIB_PKCS12, 0, PKCS12_R_MAC_ABSENT), "mac absent"},
+    {ERR_PACK(ERR_LIB_PKCS12, 0, PKCS12_R_MAC_GENERATION_ERROR),
+    "mac generation error"},
+    {ERR_PACK(ERR_LIB_PKCS12, 0, PKCS12_R_MAC_SETUP_ERROR), "mac setup error"},
+    {ERR_PACK(ERR_LIB_PKCS12, 0, PKCS12_R_MAC_STRING_SET_ERROR),
+    "mac string set error"},
+    {ERR_PACK(ERR_LIB_PKCS12, 0, PKCS12_R_MAC_VERIFY_FAILURE),
+    "mac verify failure"},
+    {ERR_PACK(ERR_LIB_PKCS12, 0, PKCS12_R_PARSE_ERROR), "parse error"},
+    {ERR_PACK(ERR_LIB_PKCS12, 0, PKCS12_R_PKCS12_ALGOR_CIPHERINIT_ERROR),
+    "pkcs12 algor cipherinit error"},
+    {ERR_PACK(ERR_LIB_PKCS12, 0, PKCS12_R_PKCS12_CIPHERFINAL_ERROR),
+    "pkcs12 cipherfinal error"},
+    {ERR_PACK(ERR_LIB_PKCS12, 0, PKCS12_R_PKCS12_PBE_CRYPT_ERROR),
+    "pkcs12 pbe crypt error"},
+    {ERR_PACK(ERR_LIB_PKCS12, 0, PKCS12_R_UNKNOWN_DIGEST_ALGORITHM),
+    "unknown digest algorithm"},
+    {ERR_PACK(ERR_LIB_PKCS12, 0, PKCS12_R_UNSUPPORTED_PKCS12_MODE),
+    "unsupported pkcs12 mode"},
     {0, NULL}
 };
 
@@ -85,10 +102,9 @@ static ERR_STRING_DATA PKCS12_str_reasons[] = {
 int ERR_load_PKCS12_strings(void)
 {
 #ifndef OPENSSL_NO_ERR
-
     if (ERR_func_error_string(PKCS12_str_functs[0].error) == NULL) {
-        ERR_load_strings(0, PKCS12_str_functs);
-        ERR_load_strings(0, PKCS12_str_reasons);
+        ERR_load_strings_const(PKCS12_str_functs);
+        ERR_load_strings_const(PKCS12_str_reasons);
     }
 #endif
     return 1;
diff --git a/crypto/pkcs7/pkcs7err.c b/crypto/pkcs7/pkcs7err.c
index d5baa9b..07490c1 100644
--- a/crypto/pkcs7/pkcs7err.c
+++ b/crypto/pkcs7/pkcs7err.c
@@ -1,6 +1,6 @@
 /*
  * Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -8,111 +8,137 @@
  * https://www.openssl.org/source/license.html
  */
 
-#include <stdio.h>
 #include <openssl/err.h>
-#include <openssl/pkcs7.h>
+#include <openssl/pkcs7err.h>
 
-/* BEGIN ERROR CODES */
 #ifndef OPENSSL_NO_ERR
 
-# define ERR_FUNC(func) ERR_PACK(ERR_LIB_PKCS7,func,0)
-# define ERR_REASON(reason) ERR_PACK(ERR_LIB_PKCS7,0,reason)
-
-static ERR_STRING_DATA PKCS7_str_functs[] = {
-    {ERR_FUNC(PKCS7_F_DO_PKCS7_SIGNED_ATTRIB), "do_pkcs7_signed_attrib"},
-    {ERR_FUNC(PKCS7_F_PKCS7_ADD0_ATTRIB_SIGNING_TIME),
+static const ERR_STRING_DATA PKCS7_str_functs[] = {
+    {ERR_PACK(ERR_LIB_PKCS7, PKCS7_F_DO_PKCS7_SIGNED_ATTRIB, 0),
+     "do_pkcs7_signed_attrib"},
+    {ERR_PACK(ERR_LIB_PKCS7, PKCS7_F_PKCS7_ADD0_ATTRIB_SIGNING_TIME, 0),
      "PKCS7_add0_attrib_signing_time"},
-    {ERR_FUNC(PKCS7_F_PKCS7_ADD_ATTRIB_SMIMECAP),
+    {ERR_PACK(ERR_LIB_PKCS7, PKCS7_F_PKCS7_ADD_ATTRIB_SMIMECAP, 0),
      "PKCS7_add_attrib_smimecap"},
-    {ERR_FUNC(PKCS7_F_PKCS7_ADD_CERTIFICATE), "PKCS7_add_certificate"},
-    {ERR_FUNC(PKCS7_F_PKCS7_ADD_CRL), "PKCS7_add_crl"},
-    {ERR_FUNC(PKCS7_F_PKCS7_ADD_RECIPIENT_INFO), "PKCS7_add_recipient_info"},
-    {ERR_FUNC(PKCS7_F_PKCS7_ADD_SIGNATURE), "PKCS7_add_signature"},
-    {ERR_FUNC(PKCS7_F_PKCS7_ADD_SIGNER), "PKCS7_add_signer"},
-    {ERR_FUNC(PKCS7_F_PKCS7_BIO_ADD_DIGEST), "PKCS7_bio_add_digest"},
-    {ERR_FUNC(PKCS7_F_PKCS7_COPY_EXISTING_DIGEST),
+    {ERR_PACK(ERR_LIB_PKCS7, PKCS7_F_PKCS7_ADD_CERTIFICATE, 0),
+     "PKCS7_add_certificate"},
+    {ERR_PACK(ERR_LIB_PKCS7, PKCS7_F_PKCS7_ADD_CRL, 0), "PKCS7_add_crl"},
+    {ERR_PACK(ERR_LIB_PKCS7, PKCS7_F_PKCS7_ADD_RECIPIENT_INFO, 0),
+     "PKCS7_add_recipient_info"},
+    {ERR_PACK(ERR_LIB_PKCS7, PKCS7_F_PKCS7_ADD_SIGNATURE, 0),
+     "PKCS7_add_signature"},
+    {ERR_PACK(ERR_LIB_PKCS7, PKCS7_F_PKCS7_ADD_SIGNER, 0), "PKCS7_add_signer"},
+    {ERR_PACK(ERR_LIB_PKCS7, PKCS7_F_PKCS7_BIO_ADD_DIGEST, 0),
+     "PKCS7_bio_add_digest"},
+    {ERR_PACK(ERR_LIB_PKCS7, PKCS7_F_PKCS7_COPY_EXISTING_DIGEST, 0),
      "pkcs7_copy_existing_digest"},
-    {ERR_FUNC(PKCS7_F_PKCS7_CTRL), "PKCS7_ctrl"},
-    {ERR_FUNC(PKCS7_F_PKCS7_DATADECODE), "PKCS7_dataDecode"},
-    {ERR_FUNC(PKCS7_F_PKCS7_DATAFINAL), "PKCS7_dataFinal"},
-    {ERR_FUNC(PKCS7_F_PKCS7_DATAINIT), "PKCS7_dataInit"},
-    {ERR_FUNC(PKCS7_F_PKCS7_DATAVERIFY), "PKCS7_dataVerify"},
-    {ERR_FUNC(PKCS7_F_PKCS7_DECRYPT), "PKCS7_decrypt"},
-    {ERR_FUNC(PKCS7_F_PKCS7_DECRYPT_RINFO), "pkcs7_decrypt_rinfo"},
-    {ERR_FUNC(PKCS7_F_PKCS7_ENCODE_RINFO), "pkcs7_encode_rinfo"},
-    {ERR_FUNC(PKCS7_F_PKCS7_ENCRYPT), "PKCS7_encrypt"},
-    {ERR_FUNC(PKCS7_F_PKCS7_FINAL), "PKCS7_final"},
-    {ERR_FUNC(PKCS7_F_PKCS7_FIND_DIGEST), "PKCS7_find_digest"},
-    {ERR_FUNC(PKCS7_F_PKCS7_GET0_SIGNERS), "PKCS7_get0_signers"},
-    {ERR_FUNC(PKCS7_F_PKCS7_RECIP_INFO_SET), "PKCS7_RECIP_INFO_set"},
-    {ERR_FUNC(PKCS7_F_PKCS7_SET_CIPHER), "PKCS7_set_cipher"},
-    {ERR_FUNC(PKCS7_F_PKCS7_SET_CONTENT), "PKCS7_set_content"},
-    {ERR_FUNC(PKCS7_F_PKCS7_SET_DIGEST), "PKCS7_set_digest"},
-    {ERR_FUNC(PKCS7_F_PKCS7_SET_TYPE), "PKCS7_set_type"},
-    {ERR_FUNC(PKCS7_F_PKCS7_SIGN), "PKCS7_sign"},
-    {ERR_FUNC(PKCS7_F_PKCS7_SIGNATUREVERIFY), "PKCS7_signatureVerify"},
-    {ERR_FUNC(PKCS7_F_PKCS7_SIGNER_INFO_SET), "PKCS7_SIGNER_INFO_set"},
-    {ERR_FUNC(PKCS7_F_PKCS7_SIGNER_INFO_SIGN), "PKCS7_SIGNER_INFO_sign"},
-    {ERR_FUNC(PKCS7_F_PKCS7_SIGN_ADD_SIGNER), "PKCS7_sign_add_signer"},
-    {ERR_FUNC(PKCS7_F_PKCS7_SIMPLE_SMIMECAP), "PKCS7_simple_smimecap"},
-    {ERR_FUNC(PKCS7_F_PKCS7_VERIFY), "PKCS7_verify"},
+    {ERR_PACK(ERR_LIB_PKCS7, PKCS7_F_PKCS7_CTRL, 0), "PKCS7_ctrl"},
+    {ERR_PACK(ERR_LIB_PKCS7, PKCS7_F_PKCS7_DATADECODE, 0), "PKCS7_dataDecode"},
+    {ERR_PACK(ERR_LIB_PKCS7, PKCS7_F_PKCS7_DATAFINAL, 0), "PKCS7_dataFinal"},
+    {ERR_PACK(ERR_LIB_PKCS7, PKCS7_F_PKCS7_DATAINIT, 0), "PKCS7_dataInit"},
+    {ERR_PACK(ERR_LIB_PKCS7, PKCS7_F_PKCS7_DATAVERIFY, 0), "PKCS7_dataVerify"},
+    {ERR_PACK(ERR_LIB_PKCS7, PKCS7_F_PKCS7_DECRYPT, 0), "PKCS7_decrypt"},
+    {ERR_PACK(ERR_LIB_PKCS7, PKCS7_F_PKCS7_DECRYPT_RINFO, 0),
+     "pkcs7_decrypt_rinfo"},
+    {ERR_PACK(ERR_LIB_PKCS7, PKCS7_F_PKCS7_ENCODE_RINFO, 0),
+     "pkcs7_encode_rinfo"},
+    {ERR_PACK(ERR_LIB_PKCS7, PKCS7_F_PKCS7_ENCRYPT, 0), "PKCS7_encrypt"},
+    {ERR_PACK(ERR_LIB_PKCS7, PKCS7_F_PKCS7_FINAL, 0), "PKCS7_final"},
+    {ERR_PACK(ERR_LIB_PKCS7, PKCS7_F_PKCS7_FIND_DIGEST, 0),
+     "PKCS7_find_digest"},
+    {ERR_PACK(ERR_LIB_PKCS7, PKCS7_F_PKCS7_GET0_SIGNERS, 0),
+     "PKCS7_get0_signers"},
+    {ERR_PACK(ERR_LIB_PKCS7, PKCS7_F_PKCS7_RECIP_INFO_SET, 0),
+     "PKCS7_RECIP_INFO_set"},
+    {ERR_PACK(ERR_LIB_PKCS7, PKCS7_F_PKCS7_SET_CIPHER, 0), "PKCS7_set_cipher"},
+    {ERR_PACK(ERR_LIB_PKCS7, PKCS7_F_PKCS7_SET_CONTENT, 0),
+     "PKCS7_set_content"},
+    {ERR_PACK(ERR_LIB_PKCS7, PKCS7_F_PKCS7_SET_DIGEST, 0), "PKCS7_set_digest"},
+    {ERR_PACK(ERR_LIB_PKCS7, PKCS7_F_PKCS7_SET_TYPE, 0), "PKCS7_set_type"},
+    {ERR_PACK(ERR_LIB_PKCS7, PKCS7_F_PKCS7_SIGN, 0), "PKCS7_sign"},
+    {ERR_PACK(ERR_LIB_PKCS7, PKCS7_F_PKCS7_SIGNATUREVERIFY, 0),
+     "PKCS7_signatureVerify"},
+    {ERR_PACK(ERR_LIB_PKCS7, PKCS7_F_PKCS7_SIGNER_INFO_SET, 0),
+     "PKCS7_SIGNER_INFO_set"},
+    {ERR_PACK(ERR_LIB_PKCS7, PKCS7_F_PKCS7_SIGNER_INFO_SIGN, 0),
+     "PKCS7_SIGNER_INFO_sign"},
+    {ERR_PACK(ERR_LIB_PKCS7, PKCS7_F_PKCS7_SIGN_ADD_SIGNER, 0),
+     "PKCS7_sign_add_signer"},
+    {ERR_PACK(ERR_LIB_PKCS7, PKCS7_F_PKCS7_SIMPLE_SMIMECAP, 0),
+     "PKCS7_simple_smimecap"},
+    {ERR_PACK(ERR_LIB_PKCS7, PKCS7_F_PKCS7_VERIFY, 0), "PKCS7_verify"},
     {0, NULL}
 };
 
-static ERR_STRING_DATA PKCS7_str_reasons[] = {
-    {ERR_REASON(PKCS7_R_CERTIFICATE_VERIFY_ERROR),
-     "certificate verify error"},
-    {ERR_REASON(PKCS7_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER),
-     "cipher has no object identifier"},
-    {ERR_REASON(PKCS7_R_CIPHER_NOT_INITIALIZED), "cipher not initialized"},
-    {ERR_REASON(PKCS7_R_CONTENT_AND_DATA_PRESENT),
-     "content and data present"},
-    {ERR_REASON(PKCS7_R_CTRL_ERROR), "ctrl error"},
-    {ERR_REASON(PKCS7_R_DECRYPT_ERROR), "decrypt error"},
-    {ERR_REASON(PKCS7_R_DIGEST_FAILURE), "digest failure"},
-    {ERR_REASON(PKCS7_R_ENCRYPTION_CTRL_FAILURE), "encryption ctrl failure"},
-    {ERR_REASON(PKCS7_R_ENCRYPTION_NOT_SUPPORTED_FOR_THIS_KEY_TYPE),
-     "encryption not supported for this key type"},
-    {ERR_REASON(PKCS7_R_ERROR_ADDING_RECIPIENT), "error adding recipient"},
-    {ERR_REASON(PKCS7_R_ERROR_SETTING_CIPHER), "error setting cipher"},
-    {ERR_REASON(PKCS7_R_INVALID_NULL_POINTER), "invalid null pointer"},
-    {ERR_REASON(PKCS7_R_INVALID_SIGNED_DATA_TYPE),
-     "invalid signed data type"},
-    {ERR_REASON(PKCS7_R_NO_CONTENT), "no content"},
-    {ERR_REASON(PKCS7_R_NO_DEFAULT_DIGEST), "no default digest"},
-    {ERR_REASON(PKCS7_R_NO_MATCHING_DIGEST_TYPE_FOUND),
-     "no matching digest type found"},
-    {ERR_REASON(PKCS7_R_NO_RECIPIENT_MATCHES_CERTIFICATE),
-     "no recipient matches certificate"},
-    {ERR_REASON(PKCS7_R_NO_SIGNATURES_ON_DATA), "no signatures on data"},
-    {ERR_REASON(PKCS7_R_NO_SIGNERS), "no signers"},
-    {ERR_REASON(PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE),
-     "operation not supported on this type"},
-    {ERR_REASON(PKCS7_R_PKCS7_ADD_SIGNATURE_ERROR),
-     "pkcs7 add signature error"},
-    {ERR_REASON(PKCS7_R_PKCS7_ADD_SIGNER_ERROR), "pkcs7 add signer error"},
-    {ERR_REASON(PKCS7_R_PKCS7_DATASIGN), "pkcs7 datasign"},
-    {ERR_REASON(PKCS7_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE),
-     "private key does not match certificate"},
-    {ERR_REASON(PKCS7_R_SIGNATURE_FAILURE), "signature failure"},
-    {ERR_REASON(PKCS7_R_SIGNER_CERTIFICATE_NOT_FOUND),
-     "signer certificate not found"},
-    {ERR_REASON(PKCS7_R_SIGNING_CTRL_FAILURE), "signing ctrl failure"},
-    {ERR_REASON(PKCS7_R_SIGNING_NOT_SUPPORTED_FOR_THIS_KEY_TYPE),
-     "signing not supported for this key type"},
-    {ERR_REASON(PKCS7_R_SMIME_TEXT_ERROR), "smime text error"},
-    {ERR_REASON(PKCS7_R_UNABLE_TO_FIND_CERTIFICATE),
-     "unable to find certificate"},
-    {ERR_REASON(PKCS7_R_UNABLE_TO_FIND_MEM_BIO), "unable to find mem bio"},
-    {ERR_REASON(PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST),
-     "unable to find message digest"},
-    {ERR_REASON(PKCS7_R_UNKNOWN_DIGEST_TYPE), "unknown digest type"},
-    {ERR_REASON(PKCS7_R_UNKNOWN_OPERATION), "unknown operation"},
-    {ERR_REASON(PKCS7_R_UNSUPPORTED_CIPHER_TYPE), "unsupported cipher type"},
-    {ERR_REASON(PKCS7_R_UNSUPPORTED_CONTENT_TYPE),
-     "unsupported content type"},
-    {ERR_REASON(PKCS7_R_WRONG_CONTENT_TYPE), "wrong content type"},
-    {ERR_REASON(PKCS7_R_WRONG_PKCS7_TYPE), "wrong pkcs7 type"},
+static const ERR_STRING_DATA PKCS7_str_reasons[] = {
+    {ERR_PACK(ERR_LIB_PKCS7, 0, PKCS7_R_CERTIFICATE_VERIFY_ERROR),
+    "certificate verify error"},
+    {ERR_PACK(ERR_LIB_PKCS7, 0, PKCS7_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER),
+    "cipher has no object identifier"},
+    {ERR_PACK(ERR_LIB_PKCS7, 0, PKCS7_R_CIPHER_NOT_INITIALIZED),
+    "cipher not initialized"},
+    {ERR_PACK(ERR_LIB_PKCS7, 0, PKCS7_R_CONTENT_AND_DATA_PRESENT),
+    "content and data present"},
+    {ERR_PACK(ERR_LIB_PKCS7, 0, PKCS7_R_CTRL_ERROR), "ctrl error"},
+    {ERR_PACK(ERR_LIB_PKCS7, 0, PKCS7_R_DECRYPT_ERROR), "decrypt error"},
+    {ERR_PACK(ERR_LIB_PKCS7, 0, PKCS7_R_DIGEST_FAILURE), "digest failure"},
+    {ERR_PACK(ERR_LIB_PKCS7, 0, PKCS7_R_ENCRYPTION_CTRL_FAILURE),
+    "encryption ctrl failure"},
+    {ERR_PACK(ERR_LIB_PKCS7, 0, PKCS7_R_ENCRYPTION_NOT_SUPPORTED_FOR_THIS_KEY_TYPE),
+    "encryption not supported for this key type"},
+    {ERR_PACK(ERR_LIB_PKCS7, 0, PKCS7_R_ERROR_ADDING_RECIPIENT),
+    "error adding recipient"},
+    {ERR_PACK(ERR_LIB_PKCS7, 0, PKCS7_R_ERROR_SETTING_CIPHER),
+    "error setting cipher"},
+    {ERR_PACK(ERR_LIB_PKCS7, 0, PKCS7_R_INVALID_NULL_POINTER),
+    "invalid null pointer"},
+    {ERR_PACK(ERR_LIB_PKCS7, 0, PKCS7_R_INVALID_SIGNED_DATA_TYPE),
+    "invalid signed data type"},
+    {ERR_PACK(ERR_LIB_PKCS7, 0, PKCS7_R_NO_CONTENT), "no content"},
+    {ERR_PACK(ERR_LIB_PKCS7, 0, PKCS7_R_NO_DEFAULT_DIGEST),
+    "no default digest"},
+    {ERR_PACK(ERR_LIB_PKCS7, 0, PKCS7_R_NO_MATCHING_DIGEST_TYPE_FOUND),
+    "no matching digest type found"},
+    {ERR_PACK(ERR_LIB_PKCS7, 0, PKCS7_R_NO_RECIPIENT_MATCHES_CERTIFICATE),
+    "no recipient matches certificate"},
+    {ERR_PACK(ERR_LIB_PKCS7, 0, PKCS7_R_NO_SIGNATURES_ON_DATA),
+    "no signatures on data"},
+    {ERR_PACK(ERR_LIB_PKCS7, 0, PKCS7_R_NO_SIGNERS), "no signers"},
+    {ERR_PACK(ERR_LIB_PKCS7, 0, PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE),
+    "operation not supported on this type"},
+    {ERR_PACK(ERR_LIB_PKCS7, 0, PKCS7_R_PKCS7_ADD_SIGNATURE_ERROR),
+    "pkcs7 add signature error"},
+    {ERR_PACK(ERR_LIB_PKCS7, 0, PKCS7_R_PKCS7_ADD_SIGNER_ERROR),
+    "pkcs7 add signer error"},
+    {ERR_PACK(ERR_LIB_PKCS7, 0, PKCS7_R_PKCS7_DATASIGN), "pkcs7 datasign"},
+    {ERR_PACK(ERR_LIB_PKCS7, 0, PKCS7_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE),
+    "private key does not match certificate"},
+    {ERR_PACK(ERR_LIB_PKCS7, 0, PKCS7_R_SIGNATURE_FAILURE),
+    "signature failure"},
+    {ERR_PACK(ERR_LIB_PKCS7, 0, PKCS7_R_SIGNER_CERTIFICATE_NOT_FOUND),
+    "signer certificate not found"},
+    {ERR_PACK(ERR_LIB_PKCS7, 0, PKCS7_R_SIGNING_CTRL_FAILURE),
+    "signing ctrl failure"},
+    {ERR_PACK(ERR_LIB_PKCS7, 0, PKCS7_R_SIGNING_NOT_SUPPORTED_FOR_THIS_KEY_TYPE),
+    "signing not supported for this key type"},
+    {ERR_PACK(ERR_LIB_PKCS7, 0, PKCS7_R_SMIME_TEXT_ERROR), "smime text error"},
+    {ERR_PACK(ERR_LIB_PKCS7, 0, PKCS7_R_UNABLE_TO_FIND_CERTIFICATE),
+    "unable to find certificate"},
+    {ERR_PACK(ERR_LIB_PKCS7, 0, PKCS7_R_UNABLE_TO_FIND_MEM_BIO),
+    "unable to find mem bio"},
+    {ERR_PACK(ERR_LIB_PKCS7, 0, PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST),
+    "unable to find message digest"},
+    {ERR_PACK(ERR_LIB_PKCS7, 0, PKCS7_R_UNKNOWN_DIGEST_TYPE),
+    "unknown digest type"},
+    {ERR_PACK(ERR_LIB_PKCS7, 0, PKCS7_R_UNKNOWN_OPERATION),
+    "unknown operation"},
+    {ERR_PACK(ERR_LIB_PKCS7, 0, PKCS7_R_UNSUPPORTED_CIPHER_TYPE),
+    "unsupported cipher type"},
+    {ERR_PACK(ERR_LIB_PKCS7, 0, PKCS7_R_UNSUPPORTED_CONTENT_TYPE),
+    "unsupported content type"},
+    {ERR_PACK(ERR_LIB_PKCS7, 0, PKCS7_R_WRONG_CONTENT_TYPE),
+    "wrong content type"},
+    {ERR_PACK(ERR_LIB_PKCS7, 0, PKCS7_R_WRONG_PKCS7_TYPE), "wrong pkcs7 type"},
     {0, NULL}
 };
 
@@ -121,10 +147,9 @@ static ERR_STRING_DATA PKCS7_str_reasons[] = {
 int ERR_load_PKCS7_strings(void)
 {
 #ifndef OPENSSL_NO_ERR
-
     if (ERR_func_error_string(PKCS7_str_functs[0].error) == NULL) {
-        ERR_load_strings(0, PKCS7_str_functs);
-        ERR_load_strings(0, PKCS7_str_reasons);
+        ERR_load_strings_const(PKCS7_str_functs);
+        ERR_load_strings_const(PKCS7_str_reasons);
     }
 #endif
     return 1;
diff --git a/crypto/rand/rand_err.c b/crypto/rand/rand_err.c
index 5543126..177a109 100644
--- a/crypto/rand/rand_err.c
+++ b/crypto/rand/rand_err.c
@@ -1,6 +1,6 @@
 /*
  * Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -8,23 +8,18 @@
  * https://www.openssl.org/source/license.html
  */
 
-#include <stdio.h>
 #include <openssl/err.h>
-#include <openssl/rand.h>
+#include <openssl/randerr.h>
 
-/* BEGIN ERROR CODES */
 #ifndef OPENSSL_NO_ERR
 
-# define ERR_FUNC(func) ERR_PACK(ERR_LIB_RAND,func,0)
-# define ERR_REASON(reason) ERR_PACK(ERR_LIB_RAND,0,reason)
-
-static ERR_STRING_DATA RAND_str_functs[] = {
-    {ERR_FUNC(RAND_F_RAND_BYTES), "RAND_bytes"},
+static const ERR_STRING_DATA RAND_str_functs[] = {
+    {ERR_PACK(ERR_LIB_RAND, RAND_F_RAND_BYTES, 0), "RAND_bytes"},
     {0, NULL}
 };
 
-static ERR_STRING_DATA RAND_str_reasons[] = {
-    {ERR_REASON(RAND_R_PRNG_NOT_SEEDED), "PRNG not seeded"},
+static const ERR_STRING_DATA RAND_str_reasons[] = {
+    {ERR_PACK(ERR_LIB_RAND, 0, RAND_R_PRNG_NOT_SEEDED), "PRNG not seeded"},
     {0, NULL}
 };
 
@@ -33,10 +28,9 @@ static ERR_STRING_DATA RAND_str_reasons[] = {
 int ERR_load_RAND_strings(void)
 {
 #ifndef OPENSSL_NO_ERR
-
     if (ERR_func_error_string(RAND_str_functs[0].error) == NULL) {
-        ERR_load_strings(0, RAND_str_functs);
-        ERR_load_strings(0, RAND_str_reasons);
+        ERR_load_strings_const(RAND_str_functs);
+        ERR_load_strings_const(RAND_str_reasons);
     }
 #endif
     return 1;
diff --git a/crypto/rsa/rsa_err.c b/crypto/rsa/rsa_err.c
index c369898..5461049 100644
--- a/crypto/rsa/rsa_err.c
+++ b/crypto/rsa/rsa_err.c
@@ -8,168 +8,217 @@
  * https://www.openssl.org/source/license.html
  */
 
-#include <stdio.h>
 #include <openssl/err.h>
-#include <openssl/rsa.h>
+#include <openssl/rsaerr.h>
 
-/* BEGIN ERROR CODES */
 #ifndef OPENSSL_NO_ERR
 
-# define ERR_FUNC(func) ERR_PACK(ERR_LIB_RSA,func,0)
-# define ERR_REASON(reason) ERR_PACK(ERR_LIB_RSA,0,reason)
-
-static ERR_STRING_DATA RSA_str_functs[] = {
-    {ERR_FUNC(RSA_F_CHECK_PADDING_MD), "check_padding_md"},
-    {ERR_FUNC(RSA_F_ENCODE_PKCS1), "encode_pkcs1"},
-    {ERR_FUNC(RSA_F_INT_RSA_VERIFY), "int_rsa_verify"},
-    {ERR_FUNC(RSA_F_OLD_RSA_PRIV_DECODE), "old_rsa_priv_decode"},
-    {ERR_FUNC(RSA_F_PKEY_PSS_INIT), "pkey_pss_init"},
-    {ERR_FUNC(RSA_F_PKEY_RSA_CTRL), "pkey_rsa_ctrl"},
-    {ERR_FUNC(RSA_F_PKEY_RSA_CTRL_STR), "pkey_rsa_ctrl_str"},
-    {ERR_FUNC(RSA_F_PKEY_RSA_SIGN), "pkey_rsa_sign"},
-    {ERR_FUNC(RSA_F_PKEY_RSA_VERIFY), "pkey_rsa_verify"},
-    {ERR_FUNC(RSA_F_PKEY_RSA_VERIFYRECOVER), "pkey_rsa_verifyrecover"},
-    {ERR_FUNC(RSA_F_RSA_ALGOR_TO_MD), "rsa_algor_to_md"},
-    {ERR_FUNC(RSA_F_RSA_BUILTIN_KEYGEN), "rsa_builtin_keygen"},
-    {ERR_FUNC(RSA_F_RSA_CHECK_KEY), "RSA_check_key"},
-    {ERR_FUNC(RSA_F_RSA_CHECK_KEY_EX), "RSA_check_key_ex"},
-    {ERR_FUNC(RSA_F_RSA_CMS_DECRYPT), "rsa_cms_decrypt"},
-    {ERR_FUNC(RSA_F_RSA_CMS_VERIFY), "rsa_cms_verify"},
-    {ERR_FUNC(RSA_F_RSA_ITEM_VERIFY), "rsa_item_verify"},
-    {ERR_FUNC(RSA_F_RSA_METH_DUP), "RSA_meth_dup"},
-    {ERR_FUNC(RSA_F_RSA_METH_NEW), "RSA_meth_new"},
-    {ERR_FUNC(RSA_F_RSA_METH_SET1_NAME), "RSA_meth_set1_name"},
-    {ERR_FUNC(RSA_F_RSA_MGF1_TO_MD), "rsa_mgf1_to_md"},
-    {ERR_FUNC(RSA_F_RSA_NEW_METHOD), "RSA_new_method"},
-    {ERR_FUNC(RSA_F_RSA_OSSL_PRIVATE_DECRYPT), "rsa_ossl_private_decrypt"},
-    {ERR_FUNC(RSA_F_RSA_OSSL_PRIVATE_ENCRYPT), "rsa_ossl_private_encrypt"},
-    {ERR_FUNC(RSA_F_RSA_OSSL_PUBLIC_DECRYPT), "rsa_ossl_public_decrypt"},
-    {ERR_FUNC(RSA_F_RSA_OSSL_PUBLIC_ENCRYPT), "rsa_ossl_public_encrypt"},
-    {ERR_FUNC(RSA_F_RSA_PADDING_ADD_NONE), "RSA_padding_add_none"},
-    {ERR_FUNC(RSA_F_RSA_PADDING_ADD_PKCS1_OAEP),
+static const ERR_STRING_DATA RSA_str_functs[] = {
+    {ERR_PACK(ERR_LIB_RSA, RSA_F_CHECK_PADDING_MD, 0), "check_padding_md"},
+    {ERR_PACK(ERR_LIB_RSA, RSA_F_ENCODE_PKCS1, 0), "encode_pkcs1"},
+    {ERR_PACK(ERR_LIB_RSA, RSA_F_INT_RSA_VERIFY, 0), "int_rsa_verify"},
+    {ERR_PACK(ERR_LIB_RSA, RSA_F_OLD_RSA_PRIV_DECODE, 0),
+     "old_rsa_priv_decode"},
+    {ERR_PACK(ERR_LIB_RSA, RSA_F_PKEY_PSS_INIT, 0), "pkey_pss_init"},
+    {ERR_PACK(ERR_LIB_RSA, RSA_F_PKEY_RSA_CTRL, 0), "pkey_rsa_ctrl"},
+    {ERR_PACK(ERR_LIB_RSA, RSA_F_PKEY_RSA_CTRL_STR, 0), "pkey_rsa_ctrl_str"},
+    {ERR_PACK(ERR_LIB_RSA, RSA_F_PKEY_RSA_SIGN, 0), "pkey_rsa_sign"},
+    {ERR_PACK(ERR_LIB_RSA, RSA_F_PKEY_RSA_VERIFY, 0), "pkey_rsa_verify"},
+    {ERR_PACK(ERR_LIB_RSA, RSA_F_PKEY_RSA_VERIFYRECOVER, 0),
+     "pkey_rsa_verifyrecover"},
+    {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_ALGOR_TO_MD, 0), "rsa_algor_to_md"},
+    {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_BUILTIN_KEYGEN, 0), "rsa_builtin_keygen"},
+    {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_CHECK_KEY, 0), "RSA_check_key"},
+    {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_CHECK_KEY_EX, 0), "RSA_check_key_ex"},
+    {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_CMS_DECRYPT, 0), "rsa_cms_decrypt"},
+    {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_CMS_VERIFY, 0), "rsa_cms_verify"},
+    {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_ITEM_VERIFY, 0), "rsa_item_verify"},
+    {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_METH_DUP, 0), "RSA_meth_dup"},
+    {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_METH_NEW, 0), "RSA_meth_new"},
+    {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_METH_SET1_NAME, 0), "RSA_meth_set1_name"},
+    {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_MGF1_TO_MD, 0), "rsa_mgf1_to_md"},
+    {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_NEW_METHOD, 0), "RSA_new_method"},
+    {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_NULL, 0), "RSA_NULL"},
+    {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_NULL_PRIVATE_DECRYPT, 0),
+     "RSA_NULL_PRIVATE_DECRYPT"},
+    {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_NULL_PRIVATE_ENCRYPT, 0),
+     "RSA_NULL_PRIVATE_ENCRYPT"},
+    {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_NULL_PUBLIC_DECRYPT, 0),
+     "RSA_NULL_PUBLIC_DECRYPT"},
+    {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_NULL_PUBLIC_ENCRYPT, 0),
+     "RSA_NULL_PUBLIC_ENCRYPT"},
+    {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_OSSL_PRIVATE_DECRYPT, 0),
+     "rsa_ossl_private_decrypt"},
+    {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_OSSL_PRIVATE_ENCRYPT, 0),
+     "rsa_ossl_private_encrypt"},
+    {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_OSSL_PUBLIC_DECRYPT, 0),
+     "rsa_ossl_public_decrypt"},
+    {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_OSSL_PUBLIC_ENCRYPT, 0),
+     "rsa_ossl_public_encrypt"},
+    {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_PADDING_ADD_NONE, 0),
+     "RSA_padding_add_none"},
+    {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_PADDING_ADD_PKCS1_OAEP, 0),
      "RSA_padding_add_PKCS1_OAEP"},
-    {ERR_FUNC(RSA_F_RSA_PADDING_ADD_PKCS1_OAEP_MGF1),
+    {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_PADDING_ADD_PKCS1_OAEP_MGF1, 0),
      "RSA_padding_add_PKCS1_OAEP_mgf1"},
-    {ERR_FUNC(RSA_F_RSA_PADDING_ADD_PKCS1_PSS), "RSA_padding_add_PKCS1_PSS"},
-    {ERR_FUNC(RSA_F_RSA_PADDING_ADD_PKCS1_PSS_MGF1),
+    {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_PADDING_ADD_PKCS1_PSS, 0),
+     "RSA_padding_add_PKCS1_PSS"},
+    {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_PADDING_ADD_PKCS1_PSS_MGF1, 0),
      "RSA_padding_add_PKCS1_PSS_mgf1"},
-    {ERR_FUNC(RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1),
+    {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1, 0),
      "RSA_padding_add_PKCS1_type_1"},
-    {ERR_FUNC(RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2),
+    {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2, 0),
      "RSA_padding_add_PKCS1_type_2"},
-    {ERR_FUNC(RSA_F_RSA_PADDING_ADD_SSLV23), "RSA_padding_add_SSLv23"},
-    {ERR_FUNC(RSA_F_RSA_PADDING_ADD_X931), "RSA_padding_add_X931"},
-    {ERR_FUNC(RSA_F_RSA_PADDING_CHECK_NONE), "RSA_padding_check_none"},
-    {ERR_FUNC(RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP),
+    {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_PADDING_ADD_SSLV23, 0),
+     "RSA_padding_add_SSLv23"},
+    {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_PADDING_ADD_X931, 0),
+     "RSA_padding_add_X931"},
+    {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_PADDING_CHECK_NONE, 0),
+     "RSA_padding_check_none"},
+    {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP, 0),
      "RSA_padding_check_PKCS1_OAEP"},
-    {ERR_FUNC(RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP_MGF1),
+    {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP_MGF1, 0),
      "RSA_padding_check_PKCS1_OAEP_mgf1"},
-    {ERR_FUNC(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1),
+    {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1, 0),
      "RSA_padding_check_PKCS1_type_1"},
-    {ERR_FUNC(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2),
+    {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2, 0),
      "RSA_padding_check_PKCS1_type_2"},
-    {ERR_FUNC(RSA_F_RSA_PADDING_CHECK_SSLV23), "RSA_padding_check_SSLv23"},
-    {ERR_FUNC(RSA_F_RSA_PADDING_CHECK_X931), "RSA_padding_check_X931"},
-    {ERR_FUNC(RSA_F_RSA_PARAM_DECODE), "rsa_param_decode"},
-    {ERR_FUNC(RSA_F_RSA_PRINT), "RSA_print"},
-    {ERR_FUNC(RSA_F_RSA_PRINT_FP), "RSA_print_fp"},
-    {ERR_FUNC(RSA_F_RSA_PRIV_DECODE), "rsa_priv_decode"},
-    {ERR_FUNC(RSA_F_RSA_PRIV_ENCODE), "rsa_priv_encode"},
-    {ERR_FUNC(RSA_F_RSA_PSS_GET_PARAM), "rsa_pss_get_param"},
-    {ERR_FUNC(RSA_F_RSA_PSS_TO_CTX), "rsa_pss_to_ctx"},
-    {ERR_FUNC(RSA_F_RSA_PUB_DECODE), "rsa_pub_decode"},
-    {ERR_FUNC(RSA_F_RSA_SETUP_BLINDING), "RSA_setup_blinding"},
-    {ERR_FUNC(RSA_F_RSA_SIGN), "RSA_sign"},
-    {ERR_FUNC(RSA_F_RSA_SIGN_ASN1_OCTET_STRING),
+    {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_PADDING_CHECK_SSLV23, 0),
+     "RSA_padding_check_SSLv23"},
+    {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_PADDING_CHECK_X931, 0),
+     "RSA_padding_check_X931"},
+    {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_PARAM_DECODE, 0), "rsa_param_decode"},
+    {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_PRINT, 0), "RSA_print"},
+    {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_PRINT_FP, 0), "RSA_print_fp"},
+    {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_PRIV_DECODE, 0), "rsa_priv_decode"},
+    {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_PRIV_ENCODE, 0), "rsa_priv_encode"},
+    {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_PSS_GET_PARAM, 0), "rsa_pss_get_param"},
+    {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_PSS_TO_CTX, 0), "rsa_pss_to_ctx"},
+    {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_PUB_DECODE, 0), "rsa_pub_decode"},
+    {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_SETUP_BLINDING, 0), "RSA_setup_blinding"},
+    {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_SIGN, 0), "RSA_sign"},
+    {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_SIGN_ASN1_OCTET_STRING, 0),
      "RSA_sign_ASN1_OCTET_STRING"},
-    {ERR_FUNC(RSA_F_RSA_VERIFY), "RSA_verify"},
-    {ERR_FUNC(RSA_F_RSA_VERIFY_ASN1_OCTET_STRING),
+    {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_VERIFY, 0), "RSA_verify"},
+    {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_VERIFY_ASN1_OCTET_STRING, 0),
      "RSA_verify_ASN1_OCTET_STRING"},
-    {ERR_FUNC(RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1), "RSA_verify_PKCS1_PSS_mgf1"},
+    {ERR_PACK(ERR_LIB_RSA, RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1, 0),
+     "RSA_verify_PKCS1_PSS_mgf1"},
     {0, NULL}
 };
 
-static ERR_STRING_DATA RSA_str_reasons[] = {
-    {ERR_REASON(RSA_R_ALGORITHM_MISMATCH), "algorithm mismatch"},
-    {ERR_REASON(RSA_R_BAD_E_VALUE), "bad e value"},
-    {ERR_REASON(RSA_R_BAD_FIXED_HEADER_DECRYPT), "bad fixed header decrypt"},
-    {ERR_REASON(RSA_R_BAD_PAD_BYTE_COUNT), "bad pad byte count"},
-    {ERR_REASON(RSA_R_BAD_SIGNATURE), "bad signature"},
-    {ERR_REASON(RSA_R_BLOCK_TYPE_IS_NOT_01), "block type is not 01"},
-    {ERR_REASON(RSA_R_BLOCK_TYPE_IS_NOT_02), "block type is not 02"},
-    {ERR_REASON(RSA_R_DATA_GREATER_THAN_MOD_LEN),
-     "data greater than mod len"},
-    {ERR_REASON(RSA_R_DATA_TOO_LARGE), "data too large"},
-    {ERR_REASON(RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE),
-     "data too large for key size"},
-    {ERR_REASON(RSA_R_DATA_TOO_LARGE_FOR_MODULUS),
-     "data too large for modulus"},
-    {ERR_REASON(RSA_R_DATA_TOO_SMALL), "data too small"},
-    {ERR_REASON(RSA_R_DATA_TOO_SMALL_FOR_KEY_SIZE),
-     "data too small for key size"},
-    {ERR_REASON(RSA_R_DIGEST_DOES_NOT_MATCH), "digest does not match"},
-    {ERR_REASON(RSA_R_DIGEST_NOT_ALLOWED), "digest not allowed"},
-    {ERR_REASON(RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY),
-     "digest too big for rsa key"},
-    {ERR_REASON(RSA_R_DMP1_NOT_CONGRUENT_TO_D), "dmp1 not congruent to d"},
-    {ERR_REASON(RSA_R_DMQ1_NOT_CONGRUENT_TO_D), "dmq1 not congruent to d"},
-    {ERR_REASON(RSA_R_D_E_NOT_CONGRUENT_TO_1), "d e not congruent to 1"},
-    {ERR_REASON(RSA_R_FIRST_OCTET_INVALID), "first octet invalid"},
-    {ERR_REASON(RSA_R_ILLEGAL_OR_UNSUPPORTED_PADDING_MODE),
-     "illegal or unsupported padding mode"},
-    {ERR_REASON(RSA_R_INVALID_DIGEST), "invalid digest"},
-    {ERR_REASON(RSA_R_INVALID_DIGEST_LENGTH), "invalid digest length"},
-    {ERR_REASON(RSA_R_INVALID_HEADER), "invalid header"},
-    {ERR_REASON(RSA_R_INVALID_LABEL), "invalid label"},
-    {ERR_REASON(RSA_R_INVALID_MESSAGE_LENGTH), "invalid message length"},
-    {ERR_REASON(RSA_R_INVALID_MGF1_MD), "invalid mgf1 md"},
-    {ERR_REASON(RSA_R_INVALID_OAEP_PARAMETERS), "invalid oaep parameters"},
-    {ERR_REASON(RSA_R_INVALID_PADDING), "invalid padding"},
-    {ERR_REASON(RSA_R_INVALID_PADDING_MODE), "invalid padding mode"},
-    {ERR_REASON(RSA_R_INVALID_PSS_PARAMETERS), "invalid pss parameters"},
-    {ERR_REASON(RSA_R_INVALID_PSS_SALTLEN), "invalid pss saltlen"},
-    {ERR_REASON(RSA_R_INVALID_SALT_LENGTH), "invalid salt length"},
-    {ERR_REASON(RSA_R_INVALID_TRAILER), "invalid trailer"},
-    {ERR_REASON(RSA_R_INVALID_X931_DIGEST), "invalid x931 digest"},
-    {ERR_REASON(RSA_R_IQMP_NOT_INVERSE_OF_Q), "iqmp not inverse of q"},
-    {ERR_REASON(RSA_R_KEY_SIZE_TOO_SMALL), "key size too small"},
-    {ERR_REASON(RSA_R_LAST_OCTET_INVALID), "last octet invalid"},
-    {ERR_REASON(RSA_R_MGF1_DIGEST_NOT_ALLOWED), "mgf1 digest not allowed"},
-    {ERR_REASON(RSA_R_MODULUS_TOO_LARGE), "modulus too large"},
-    {ERR_REASON(RSA_R_NO_PUBLIC_EXPONENT), "no public exponent"},
-    {ERR_REASON(RSA_R_NULL_BEFORE_BLOCK_MISSING),
-     "null before block missing"},
-    {ERR_REASON(RSA_R_N_DOES_NOT_EQUAL_P_Q), "n does not equal p q"},
-    {ERR_REASON(RSA_R_OAEP_DECODING_ERROR), "oaep decoding error"},
-    {ERR_REASON(RSA_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE),
-     "operation not supported for this keytype"},
-    {ERR_REASON(RSA_R_PADDING_CHECK_FAILED), "padding check failed"},
-    {ERR_REASON(RSA_R_PKCS_DECODING_ERROR), "pkcs decoding error"},
-    {ERR_REASON(RSA_R_PSS_SALTLEN_TOO_SMALL), "pss saltlen too small"},
-    {ERR_REASON(RSA_R_P_NOT_PRIME), "p not prime"},
-    {ERR_REASON(RSA_R_Q_NOT_PRIME), "q not prime"},
-    {ERR_REASON(RSA_R_RSA_OPERATIONS_NOT_SUPPORTED),
-     "rsa operations not supported"},
-    {ERR_REASON(RSA_R_SLEN_CHECK_FAILED), "salt length check failed"},
-    {ERR_REASON(RSA_R_SLEN_RECOVERY_FAILED), "salt length recovery failed"},
-    {ERR_REASON(RSA_R_SSLV3_ROLLBACK_ATTACK), "sslv3 rollback attack"},
-    {ERR_REASON(RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD),
-     "the asn1 object identifier is not known for this md"},
-    {ERR_REASON(RSA_R_UNKNOWN_ALGORITHM_TYPE), "unknown algorithm type"},
-    {ERR_REASON(RSA_R_UNKNOWN_DIGEST), "unknown digest"},
-    {ERR_REASON(RSA_R_UNKNOWN_MASK_DIGEST), "unknown mask digest"},
-    {ERR_REASON(RSA_R_UNKNOWN_PADDING_TYPE), "unknown padding type"},
-    {ERR_REASON(RSA_R_UNSUPPORTED_ENCRYPTION_TYPE),
-     "unsupported encryption type"},
-    {ERR_REASON(RSA_R_UNSUPPORTED_LABEL_SOURCE), "unsupported label source"},
-    {ERR_REASON(RSA_R_UNSUPPORTED_MASK_ALGORITHM),
-     "unsupported mask algorithm"},
-    {ERR_REASON(RSA_R_UNSUPPORTED_MASK_PARAMETER),
-     "unsupported mask parameter"},
-    {ERR_REASON(RSA_R_UNSUPPORTED_SIGNATURE_TYPE),
-     "unsupported signature type"},
-    {ERR_REASON(RSA_R_VALUE_MISSING), "value missing"},
-    {ERR_REASON(RSA_R_WRONG_SIGNATURE_LENGTH), "wrong signature length"},
+static const ERR_STRING_DATA RSA_str_reasons[] = {
+    {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_ALGORITHM_MISMATCH), "algorithm mismatch"},
+    {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_BAD_E_VALUE), "bad e value"},
+    {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_BAD_FIXED_HEADER_DECRYPT),
+    "bad fixed header decrypt"},
+    {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_BAD_PAD_BYTE_COUNT), "bad pad byte count"},
+    {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_BAD_SIGNATURE), "bad signature"},
+    {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_BLOCK_TYPE_IS_NOT_01),
+    "block type is not 01"},
+    {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_BLOCK_TYPE_IS_NOT_02),
+    "block type is not 02"},
+    {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_DATA_GREATER_THAN_MOD_LEN),
+    "data greater than mod len"},
+    {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_DATA_TOO_LARGE), "data too large"},
+    {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE),
+    "data too large for key size"},
+    {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_DATA_TOO_LARGE_FOR_MODULUS),
+    "data too large for modulus"},
+    {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_DATA_TOO_SMALL), "data too small"},
+    {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_DATA_TOO_SMALL_FOR_KEY_SIZE),
+    "data too small for key size"},
+    {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_DIGEST_DOES_NOT_MATCH),
+    "digest does not match"},
+    {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_DIGEST_NOT_ALLOWED), "digest not allowed"},
+    {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY),
+    "digest too big for rsa key"},
+    {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_DMP1_NOT_CONGRUENT_TO_D),
+    "dmp1 not congruent to d"},
+    {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_DMQ1_NOT_CONGRUENT_TO_D),
+    "dmq1 not congruent to d"},
+    {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_D_E_NOT_CONGRUENT_TO_1),
+    "d e not congruent to 1"},
+    {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_FIRST_OCTET_INVALID),
+    "first octet invalid"},
+    {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_ILLEGAL_OR_UNSUPPORTED_PADDING_MODE),
+    "illegal or unsupported padding mode"},
+    {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_INVALID_DIGEST), "invalid digest"},
+    {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_INVALID_DIGEST_LENGTH),
+    "invalid digest length"},
+    {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_INVALID_HEADER), "invalid header"},
+    {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_INVALID_LABEL), "invalid label"},
+    {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_INVALID_MESSAGE_LENGTH),
+    "invalid message length"},
+    {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_INVALID_MGF1_MD), "invalid mgf1 md"},
+    {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_INVALID_OAEP_PARAMETERS),
+    "invalid oaep parameters"},
+    {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_INVALID_PADDING), "invalid padding"},
+    {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_INVALID_PADDING_MODE),
+    "invalid padding mode"},
+    {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_INVALID_PSS_PARAMETERS),
+    "invalid pss parameters"},
+    {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_INVALID_PSS_SALTLEN),
+    "invalid pss saltlen"},
+    {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_INVALID_SALT_LENGTH),
+    "invalid salt length"},
+    {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_INVALID_TRAILER), "invalid trailer"},
+    {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_INVALID_X931_DIGEST),
+    "invalid x931 digest"},
+    {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_IQMP_NOT_INVERSE_OF_Q),
+    "iqmp not inverse of q"},
+    {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_KEY_SIZE_TOO_SMALL), "key size too small"},
+    {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_LAST_OCTET_INVALID), "last octet invalid"},
+    {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_MGF1_DIGEST_NOT_ALLOWED),
+    "mgf1 digest not allowed"},
+    {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_MODULUS_TOO_LARGE), "modulus too large"},
+    {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_NO_PUBLIC_EXPONENT), "no public exponent"},
+    {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_NULL_BEFORE_BLOCK_MISSING),
+    "null before block missing"},
+    {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_N_DOES_NOT_EQUAL_P_Q),
+    "n does not equal p q"},
+    {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_OAEP_DECODING_ERROR),
+    "oaep decoding error"},
+    {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE),
+    "operation not supported for this keytype"},
+    {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_PADDING_CHECK_FAILED),
+    "padding check failed"},
+    {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_PKCS_DECODING_ERROR),
+    "pkcs decoding error"},
+    {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_PSS_SALTLEN_TOO_SMALL),
+    "pss saltlen too small"},
+    {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_P_NOT_PRIME), "p not prime"},
+    {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_Q_NOT_PRIME), "q not prime"},
+    {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_RSA_OPERATIONS_NOT_SUPPORTED),
+    "rsa operations not supported"},
+    {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_SLEN_CHECK_FAILED),
+    "salt length check failed"},
+    {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_SLEN_RECOVERY_FAILED),
+    "salt length recovery failed"},
+    {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_SSLV3_ROLLBACK_ATTACK),
+    "sslv3 rollback attack"},
+    {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD),
+    "the asn1 object identifier is not known for this md"},
+    {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_UNKNOWN_ALGORITHM_TYPE),
+    "unknown algorithm type"},
+    {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_UNKNOWN_DIGEST), "unknown digest"},
+    {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_UNKNOWN_MASK_DIGEST),
+    "unknown mask digest"},
+    {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_UNKNOWN_PADDING_TYPE),
+    "unknown padding type"},
+    {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_UNSUPPORTED_ENCRYPTION_TYPE),
+    "unsupported encryption type"},
+    {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_UNSUPPORTED_LABEL_SOURCE),
+    "unsupported label source"},
+    {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_UNSUPPORTED_MASK_ALGORITHM),
+    "unsupported mask algorithm"},
+    {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_UNSUPPORTED_MASK_PARAMETER),
+    "unsupported mask parameter"},
+    {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_UNSUPPORTED_SIGNATURE_TYPE),
+    "unsupported signature type"},
+    {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_VALUE_MISSING), "value missing"},
+    {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_WRONG_SIGNATURE_LENGTH),
+    "wrong signature length"},
     {0, NULL}
 };
 
@@ -178,10 +227,9 @@ static ERR_STRING_DATA RSA_str_reasons[] = {
 int ERR_load_RSA_strings(void)
 {
 #ifndef OPENSSL_NO_ERR
-
     if (ERR_func_error_string(RSA_str_functs[0].error) == NULL) {
-        ERR_load_strings(0, RSA_str_functs);
-        ERR_load_strings(0, RSA_str_reasons);
+        ERR_load_strings_const(RSA_str_functs);
+        ERR_load_strings_const(RSA_str_reasons);
     }
 #endif
     return 1;
diff --git a/crypto/ts/ts_err.c b/crypto/ts/ts_err.c
index 5aed046..6d39357 100644
--- a/crypto/ts/ts_err.c
+++ b/crypto/ts/ts_err.c
@@ -8,130 +8,165 @@
  * https://www.openssl.org/source/license.html
  */
 
-#include <stdio.h>
 #include <openssl/err.h>
-#include <openssl/ts.h>
+#include <openssl/tserr.h>
 
-/* BEGIN ERROR CODES */
 #ifndef OPENSSL_NO_ERR
 
-# define ERR_FUNC(func) ERR_PACK(ERR_LIB_TS,func,0)
-# define ERR_REASON(reason) ERR_PACK(ERR_LIB_TS,0,reason)
-
-static ERR_STRING_DATA TS_str_functs[] = {
-    {ERR_FUNC(TS_F_DEF_SERIAL_CB), "def_serial_cb"},
-    {ERR_FUNC(TS_F_DEF_TIME_CB), "def_time_cb"},
-    {ERR_FUNC(TS_F_ESS_ADD_SIGNING_CERT), "ESS_add_signing_cert"},
-    {ERR_FUNC(TS_F_ESS_ADD_SIGNING_CERT_V2), "ess_add_signing_cert_v2"},
-    {ERR_FUNC(TS_F_ESS_CERT_ID_NEW_INIT), "ess_CERT_ID_new_init"},
-    {ERR_FUNC(TS_F_ESS_CERT_ID_V2_NEW_INIT), "ess_cert_id_new_init"},
-    {ERR_FUNC(TS_F_ESS_SIGNING_CERT_NEW_INIT), "ess_SIGNING_CERT_new_init"},
-    {ERR_FUNC(TS_F_ESS_SIGNING_CERT_V2_NEW_INIT),
-     "ess_signing_cert_V2_new_init"},
-    {ERR_FUNC(TS_F_INT_TS_RESP_VERIFY_TOKEN), "int_ts_RESP_verify_token"},
-    {ERR_FUNC(TS_F_PKCS7_TO_TS_TST_INFO), "PKCS7_to_TS_TST_INFO"},
-    {ERR_FUNC(TS_F_TS_ACCURACY_SET_MICROS), "TS_ACCURACY_set_micros"},
-    {ERR_FUNC(TS_F_TS_ACCURACY_SET_MILLIS), "TS_ACCURACY_set_millis"},
-    {ERR_FUNC(TS_F_TS_ACCURACY_SET_SECONDS), "TS_ACCURACY_set_seconds"},
-    {ERR_FUNC(TS_F_TS_CHECK_IMPRINTS), "ts_check_imprints"},
-    {ERR_FUNC(TS_F_TS_CHECK_NONCES), "ts_check_nonces"},
-    {ERR_FUNC(TS_F_TS_CHECK_POLICY), "ts_check_policy"},
-    {ERR_FUNC(TS_F_TS_CHECK_SIGNING_CERTS), "ts_check_signing_certs"},
-    {ERR_FUNC(TS_F_TS_CHECK_STATUS_INFO), "ts_check_status_info"},
-    {ERR_FUNC(TS_F_TS_COMPUTE_IMPRINT), "ts_compute_imprint"},
-    {ERR_FUNC(TS_F_TS_CONF_INVALID), "ts_CONF_invalid"},
-    {ERR_FUNC(TS_F_TS_CONF_LOAD_CERT), "TS_CONF_load_cert"},
-    {ERR_FUNC(TS_F_TS_CONF_LOAD_CERTS), "TS_CONF_load_certs"},
-    {ERR_FUNC(TS_F_TS_CONF_LOAD_KEY), "TS_CONF_load_key"},
-    {ERR_FUNC(TS_F_TS_CONF_LOOKUP_FAIL), "ts_CONF_lookup_fail"},
-    {ERR_FUNC(TS_F_TS_CONF_SET_DEFAULT_ENGINE), "TS_CONF_set_default_engine"},
-    {ERR_FUNC(TS_F_TS_GET_STATUS_TEXT), "ts_get_status_text"},
-    {ERR_FUNC(TS_F_TS_MSG_IMPRINT_SET_ALGO), "TS_MSG_IMPRINT_set_algo"},
-    {ERR_FUNC(TS_F_TS_REQ_SET_MSG_IMPRINT), "TS_REQ_set_msg_imprint"},
-    {ERR_FUNC(TS_F_TS_REQ_SET_NONCE), "TS_REQ_set_nonce"},
-    {ERR_FUNC(TS_F_TS_REQ_SET_POLICY_ID), "TS_REQ_set_policy_id"},
-    {ERR_FUNC(TS_F_TS_RESP_CREATE_RESPONSE), "TS_RESP_create_response"},
-    {ERR_FUNC(TS_F_TS_RESP_CREATE_TST_INFO), "ts_RESP_create_tst_info"},
-    {ERR_FUNC(TS_F_TS_RESP_CTX_ADD_FAILURE_INFO),
+static const ERR_STRING_DATA TS_str_functs[] = {
+    {ERR_PACK(ERR_LIB_TS, TS_F_DEF_SERIAL_CB, 0), "def_serial_cb"},
+    {ERR_PACK(ERR_LIB_TS, TS_F_DEF_TIME_CB, 0), "def_time_cb"},
+    {ERR_PACK(ERR_LIB_TS, TS_F_ESS_ADD_SIGNING_CERT, 0),
+     "ess_add_signing_cert"},
+    {ERR_PACK(ERR_LIB_TS, TS_F_ESS_ADD_SIGNING_CERT_V2, 0),
+     "ess_add_signing_cert_v2"},
+    {ERR_PACK(ERR_LIB_TS, TS_F_ESS_CERT_ID_NEW_INIT, 0),
+     "ess_CERT_ID_new_init"},
+    {ERR_PACK(ERR_LIB_TS, TS_F_ESS_CERT_ID_V2_NEW_INIT, 0),
+     "ess_cert_id_v2_new_init"},
+    {ERR_PACK(ERR_LIB_TS, TS_F_ESS_SIGNING_CERT_NEW_INIT, 0),
+     "ess_SIGNING_CERT_new_init"},
+    {ERR_PACK(ERR_LIB_TS, TS_F_ESS_SIGNING_CERT_V2_NEW_INIT, 0),
+     "ess_signing_cert_v2_new_init"},
+    {ERR_PACK(ERR_LIB_TS, TS_F_INT_TS_RESP_VERIFY_TOKEN, 0),
+     "int_ts_RESP_verify_token"},
+    {ERR_PACK(ERR_LIB_TS, TS_F_PKCS7_TO_TS_TST_INFO, 0),
+     "PKCS7_to_TS_TST_INFO"},
+    {ERR_PACK(ERR_LIB_TS, TS_F_TS_ACCURACY_SET_MICROS, 0),
+     "TS_ACCURACY_set_micros"},
+    {ERR_PACK(ERR_LIB_TS, TS_F_TS_ACCURACY_SET_MILLIS, 0),
+     "TS_ACCURACY_set_millis"},
+    {ERR_PACK(ERR_LIB_TS, TS_F_TS_ACCURACY_SET_SECONDS, 0),
+     "TS_ACCURACY_set_seconds"},
+    {ERR_PACK(ERR_LIB_TS, TS_F_TS_CHECK_IMPRINTS, 0), "ts_check_imprints"},
+    {ERR_PACK(ERR_LIB_TS, TS_F_TS_CHECK_NONCES, 0), "ts_check_nonces"},
+    {ERR_PACK(ERR_LIB_TS, TS_F_TS_CHECK_POLICY, 0), "ts_check_policy"},
+    {ERR_PACK(ERR_LIB_TS, TS_F_TS_CHECK_SIGNING_CERTS, 0),
+     "ts_check_signing_certs"},
+    {ERR_PACK(ERR_LIB_TS, TS_F_TS_CHECK_STATUS_INFO, 0),
+     "ts_check_status_info"},
+    {ERR_PACK(ERR_LIB_TS, TS_F_TS_COMPUTE_IMPRINT, 0), "ts_compute_imprint"},
+    {ERR_PACK(ERR_LIB_TS, TS_F_TS_CONF_INVALID, 0), "ts_CONF_invalid"},
+    {ERR_PACK(ERR_LIB_TS, TS_F_TS_CONF_LOAD_CERT, 0), "TS_CONF_load_cert"},
+    {ERR_PACK(ERR_LIB_TS, TS_F_TS_CONF_LOAD_CERTS, 0), "TS_CONF_load_certs"},
+    {ERR_PACK(ERR_LIB_TS, TS_F_TS_CONF_LOAD_KEY, 0), "TS_CONF_load_key"},
+    {ERR_PACK(ERR_LIB_TS, TS_F_TS_CONF_LOOKUP_FAIL, 0), "ts_CONF_lookup_fail"},
+    {ERR_PACK(ERR_LIB_TS, TS_F_TS_CONF_SET_DEFAULT_ENGINE, 0),
+     "TS_CONF_set_default_engine"},
+    {ERR_PACK(ERR_LIB_TS, TS_F_TS_GET_STATUS_TEXT, 0), "ts_get_status_text"},
+    {ERR_PACK(ERR_LIB_TS, TS_F_TS_MSG_IMPRINT_SET_ALGO, 0),
+     "TS_MSG_IMPRINT_set_algo"},
+    {ERR_PACK(ERR_LIB_TS, TS_F_TS_REQ_SET_MSG_IMPRINT, 0),
+     "TS_REQ_set_msg_imprint"},
+    {ERR_PACK(ERR_LIB_TS, TS_F_TS_REQ_SET_NONCE, 0), "TS_REQ_set_nonce"},
+    {ERR_PACK(ERR_LIB_TS, TS_F_TS_REQ_SET_POLICY_ID, 0),
+     "TS_REQ_set_policy_id"},
+    {ERR_PACK(ERR_LIB_TS, TS_F_TS_RESP_CREATE_RESPONSE, 0),
+     "TS_RESP_create_response"},
+    {ERR_PACK(ERR_LIB_TS, TS_F_TS_RESP_CREATE_TST_INFO, 0),
+     "ts_RESP_create_tst_info"},
+    {ERR_PACK(ERR_LIB_TS, TS_F_TS_RESP_CTX_ADD_FAILURE_INFO, 0),
      "TS_RESP_CTX_add_failure_info"},
-    {ERR_FUNC(TS_F_TS_RESP_CTX_ADD_MD), "TS_RESP_CTX_add_md"},
-    {ERR_FUNC(TS_F_TS_RESP_CTX_ADD_POLICY), "TS_RESP_CTX_add_policy"},
-    {ERR_FUNC(TS_F_TS_RESP_CTX_NEW), "TS_RESP_CTX_new"},
-    {ERR_FUNC(TS_F_TS_RESP_CTX_SET_ACCURACY), "TS_RESP_CTX_set_accuracy"},
-    {ERR_FUNC(TS_F_TS_RESP_CTX_SET_CERTS), "TS_RESP_CTX_set_certs"},
-    {ERR_FUNC(TS_F_TS_RESP_CTX_SET_DEF_POLICY), "TS_RESP_CTX_set_def_policy"},
-    {ERR_FUNC(TS_F_TS_RESP_CTX_SET_SIGNER_CERT),
+    {ERR_PACK(ERR_LIB_TS, TS_F_TS_RESP_CTX_ADD_MD, 0), "TS_RESP_CTX_add_md"},
+    {ERR_PACK(ERR_LIB_TS, TS_F_TS_RESP_CTX_ADD_POLICY, 0),
+     "TS_RESP_CTX_add_policy"},
+    {ERR_PACK(ERR_LIB_TS, TS_F_TS_RESP_CTX_NEW, 0), "TS_RESP_CTX_new"},
+    {ERR_PACK(ERR_LIB_TS, TS_F_TS_RESP_CTX_SET_ACCURACY, 0),
+     "TS_RESP_CTX_set_accuracy"},
+    {ERR_PACK(ERR_LIB_TS, TS_F_TS_RESP_CTX_SET_CERTS, 0),
+     "TS_RESP_CTX_set_certs"},
+    {ERR_PACK(ERR_LIB_TS, TS_F_TS_RESP_CTX_SET_DEF_POLICY, 0),
+     "TS_RESP_CTX_set_def_policy"},
+    {ERR_PACK(ERR_LIB_TS, TS_F_TS_RESP_CTX_SET_SIGNER_CERT, 0),
      "TS_RESP_CTX_set_signer_cert"},
-    {ERR_FUNC(TS_F_TS_RESP_CTX_SET_STATUS_INFO),
+    {ERR_PACK(ERR_LIB_TS, TS_F_TS_RESP_CTX_SET_STATUS_INFO, 0),
      "TS_RESP_CTX_set_status_info"},
-    {ERR_FUNC(TS_F_TS_RESP_GET_POLICY), "ts_RESP_get_policy"},
-    {ERR_FUNC(TS_F_TS_RESP_SET_GENTIME_WITH_PRECISION),
+    {ERR_PACK(ERR_LIB_TS, TS_F_TS_RESP_GET_POLICY, 0), "ts_RESP_get_policy"},
+    {ERR_PACK(ERR_LIB_TS, TS_F_TS_RESP_SET_GENTIME_WITH_PRECISION, 0),
      "TS_RESP_set_genTime_with_precision"},
-    {ERR_FUNC(TS_F_TS_RESP_SET_STATUS_INFO), "TS_RESP_set_status_info"},
-    {ERR_FUNC(TS_F_TS_RESP_SET_TST_INFO), "TS_RESP_set_tst_info"},
-    {ERR_FUNC(TS_F_TS_RESP_SIGN), "ts_RESP_sign"},
-    {ERR_FUNC(TS_F_TS_RESP_VERIFY_SIGNATURE), "TS_RESP_verify_signature"},
-    {ERR_FUNC(TS_F_TS_TST_INFO_SET_ACCURACY), "TS_TST_INFO_set_accuracy"},
-    {ERR_FUNC(TS_F_TS_TST_INFO_SET_MSG_IMPRINT),
+    {ERR_PACK(ERR_LIB_TS, TS_F_TS_RESP_SET_STATUS_INFO, 0),
+     "TS_RESP_set_status_info"},
+    {ERR_PACK(ERR_LIB_TS, TS_F_TS_RESP_SET_TST_INFO, 0),
+     "TS_RESP_set_tst_info"},
+    {ERR_PACK(ERR_LIB_TS, TS_F_TS_RESP_SIGN, 0), "ts_RESP_sign"},
+    {ERR_PACK(ERR_LIB_TS, TS_F_TS_RESP_VERIFY_SIGNATURE, 0),
+     "TS_RESP_verify_signature"},
+    {ERR_PACK(ERR_LIB_TS, TS_F_TS_TST_INFO_SET_ACCURACY, 0),
+     "TS_TST_INFO_set_accuracy"},
+    {ERR_PACK(ERR_LIB_TS, TS_F_TS_TST_INFO_SET_MSG_IMPRINT, 0),
      "TS_TST_INFO_set_msg_imprint"},
-    {ERR_FUNC(TS_F_TS_TST_INFO_SET_NONCE), "TS_TST_INFO_set_nonce"},
-    {ERR_FUNC(TS_F_TS_TST_INFO_SET_POLICY_ID), "TS_TST_INFO_set_policy_id"},
-    {ERR_FUNC(TS_F_TS_TST_INFO_SET_SERIAL), "TS_TST_INFO_set_serial"},
-    {ERR_FUNC(TS_F_TS_TST_INFO_SET_TIME), "TS_TST_INFO_set_time"},
-    {ERR_FUNC(TS_F_TS_TST_INFO_SET_TSA), "TS_TST_INFO_set_tsa"},
-    {ERR_FUNC(TS_F_TS_VERIFY), "TS_VERIFY"},
-    {ERR_FUNC(TS_F_TS_VERIFY_CERT), "ts_verify_cert"},
-    {ERR_FUNC(TS_F_TS_VERIFY_CTX_NEW), "TS_VERIFY_CTX_new"},
+    {ERR_PACK(ERR_LIB_TS, TS_F_TS_TST_INFO_SET_NONCE, 0),
+     "TS_TST_INFO_set_nonce"},
+    {ERR_PACK(ERR_LIB_TS, TS_F_TS_TST_INFO_SET_POLICY_ID, 0),
+     "TS_TST_INFO_set_policy_id"},
+    {ERR_PACK(ERR_LIB_TS, TS_F_TS_TST_INFO_SET_SERIAL, 0),
+     "TS_TST_INFO_set_serial"},
+    {ERR_PACK(ERR_LIB_TS, TS_F_TS_TST_INFO_SET_TIME, 0),
+     "TS_TST_INFO_set_time"},
+    {ERR_PACK(ERR_LIB_TS, TS_F_TS_TST_INFO_SET_TSA, 0), "TS_TST_INFO_set_tsa"},
+    {ERR_PACK(ERR_LIB_TS, TS_F_TS_VERIFY, 0), "TS_VERIFY"},
+    {ERR_PACK(ERR_LIB_TS, TS_F_TS_VERIFY_CERT, 0), "ts_verify_cert"},
+    {ERR_PACK(ERR_LIB_TS, TS_F_TS_VERIFY_CTX_NEW, 0), "TS_VERIFY_CTX_new"},
     {0, NULL}
 };
 
-static ERR_STRING_DATA TS_str_reasons[] = {
-    {ERR_REASON(TS_R_BAD_PKCS7_TYPE), "bad pkcs7 type"},
-    {ERR_REASON(TS_R_BAD_TYPE), "bad type"},
-    {ERR_REASON(TS_R_CANNOT_LOAD_CERT), "cannot load certificate"},
-    {ERR_REASON(TS_R_CANNOT_LOAD_KEY), "cannot load private key"},
-    {ERR_REASON(TS_R_CERTIFICATE_VERIFY_ERROR), "certificate verify error"},
-    {ERR_REASON(TS_R_COULD_NOT_SET_ENGINE), "could not set engine"},
-    {ERR_REASON(TS_R_COULD_NOT_SET_TIME), "could not set time"},
-    {ERR_REASON(TS_R_DETACHED_CONTENT), "detached content"},
-    {ERR_REASON(TS_R_ESS_ADD_SIGNING_CERT_ERROR),
-     "ess add signing cert error"},
-    {ERR_REASON(TS_R_ESS_ADD_SIGNING_CERT_V2_ERROR),
-     "ess add signing cert v2 error"},
-    {ERR_REASON(TS_R_ESS_SIGNING_CERTIFICATE_ERROR),
-     "ess signing certificate error"},
-    {ERR_REASON(TS_R_INVALID_NULL_POINTER), "invalid null pointer"},
-    {ERR_REASON(TS_R_INVALID_SIGNER_CERTIFICATE_PURPOSE),
-     "invalid signer certificate purpose"},
-    {ERR_REASON(TS_R_MESSAGE_IMPRINT_MISMATCH), "message imprint mismatch"},
-    {ERR_REASON(TS_R_NONCE_MISMATCH), "nonce mismatch"},
-    {ERR_REASON(TS_R_NONCE_NOT_RETURNED), "nonce not returned"},
-    {ERR_REASON(TS_R_NO_CONTENT), "no content"},
-    {ERR_REASON(TS_R_NO_TIME_STAMP_TOKEN), "no time stamp token"},
-    {ERR_REASON(TS_R_PKCS7_ADD_SIGNATURE_ERROR), "pkcs7 add signature error"},
-    {ERR_REASON(TS_R_PKCS7_ADD_SIGNED_ATTR_ERROR),
-     "pkcs7 add signed attr error"},
-    {ERR_REASON(TS_R_PKCS7_TO_TS_TST_INFO_FAILED),
-     "pkcs7 to ts tst info failed"},
-    {ERR_REASON(TS_R_POLICY_MISMATCH), "policy mismatch"},
-    {ERR_REASON(TS_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE),
-     "private key does not match certificate"},
-    {ERR_REASON(TS_R_RESPONSE_SETUP_ERROR), "response setup error"},
-    {ERR_REASON(TS_R_SIGNATURE_FAILURE), "signature failure"},
-    {ERR_REASON(TS_R_THERE_MUST_BE_ONE_SIGNER), "there must be one signer"},
-    {ERR_REASON(TS_R_TIME_SYSCALL_ERROR), "time syscall error"},
-    {ERR_REASON(TS_R_TOKEN_NOT_PRESENT), "token not present"},
-    {ERR_REASON(TS_R_TOKEN_PRESENT), "token present"},
-    {ERR_REASON(TS_R_TSA_NAME_MISMATCH), "tsa name mismatch"},
-    {ERR_REASON(TS_R_TSA_UNTRUSTED), "tsa untrusted"},
-    {ERR_REASON(TS_R_TST_INFO_SETUP_ERROR), "tst info setup error"},
-    {ERR_REASON(TS_R_TS_DATASIGN), "ts datasign"},
-    {ERR_REASON(TS_R_UNACCEPTABLE_POLICY), "unacceptable policy"},
-    {ERR_REASON(TS_R_UNSUPPORTED_MD_ALGORITHM), "unsupported md algorithm"},
-    {ERR_REASON(TS_R_UNSUPPORTED_VERSION), "unsupported version"},
-    {ERR_REASON(TS_R_VAR_BAD_VALUE), "var bad value"},
-    {ERR_REASON(TS_R_VAR_LOOKUP_FAILURE), "cannot find config variable"},
-    {ERR_REASON(TS_R_WRONG_CONTENT_TYPE), "wrong content type"},
+static const ERR_STRING_DATA TS_str_reasons[] = {
+    {ERR_PACK(ERR_LIB_TS, 0, TS_R_BAD_PKCS7_TYPE), "bad pkcs7 type"},
+    {ERR_PACK(ERR_LIB_TS, 0, TS_R_BAD_TYPE), "bad type"},
+    {ERR_PACK(ERR_LIB_TS, 0, TS_R_CANNOT_LOAD_CERT), "cannot load certificate"},
+    {ERR_PACK(ERR_LIB_TS, 0, TS_R_CANNOT_LOAD_KEY), "cannot load private key"},
+    {ERR_PACK(ERR_LIB_TS, 0, TS_R_CERTIFICATE_VERIFY_ERROR),
+    "certificate verify error"},
+    {ERR_PACK(ERR_LIB_TS, 0, TS_R_COULD_NOT_SET_ENGINE),
+    "could not set engine"},
+    {ERR_PACK(ERR_LIB_TS, 0, TS_R_COULD_NOT_SET_TIME), "could not set time"},
+    {ERR_PACK(ERR_LIB_TS, 0, TS_R_DETACHED_CONTENT), "detached content"},
+    {ERR_PACK(ERR_LIB_TS, 0, TS_R_ESS_ADD_SIGNING_CERT_ERROR),
+    "ess add signing cert error"},
+    {ERR_PACK(ERR_LIB_TS, 0, TS_R_ESS_ADD_SIGNING_CERT_V2_ERROR),
+    "ess add signing cert v2 error"},
+    {ERR_PACK(ERR_LIB_TS, 0, TS_R_ESS_SIGNING_CERTIFICATE_ERROR),
+    "ess signing certificate error"},
+    {ERR_PACK(ERR_LIB_TS, 0, TS_R_INVALID_NULL_POINTER),
+    "invalid null pointer"},
+    {ERR_PACK(ERR_LIB_TS, 0, TS_R_INVALID_SIGNER_CERTIFICATE_PURPOSE),
+    "invalid signer certificate purpose"},
+    {ERR_PACK(ERR_LIB_TS, 0, TS_R_MESSAGE_IMPRINT_MISMATCH),
+    "message imprint mismatch"},
+    {ERR_PACK(ERR_LIB_TS, 0, TS_R_NONCE_MISMATCH), "nonce mismatch"},
+    {ERR_PACK(ERR_LIB_TS, 0, TS_R_NONCE_NOT_RETURNED), "nonce not returned"},
+    {ERR_PACK(ERR_LIB_TS, 0, TS_R_NO_CONTENT), "no content"},
+    {ERR_PACK(ERR_LIB_TS, 0, TS_R_NO_TIME_STAMP_TOKEN), "no time stamp token"},
+    {ERR_PACK(ERR_LIB_TS, 0, TS_R_PKCS7_ADD_SIGNATURE_ERROR),
+    "pkcs7 add signature error"},
+    {ERR_PACK(ERR_LIB_TS, 0, TS_R_PKCS7_ADD_SIGNED_ATTR_ERROR),
+    "pkcs7 add signed attr error"},
+    {ERR_PACK(ERR_LIB_TS, 0, TS_R_PKCS7_TO_TS_TST_INFO_FAILED),
+    "pkcs7 to ts tst info failed"},
+    {ERR_PACK(ERR_LIB_TS, 0, TS_R_POLICY_MISMATCH), "policy mismatch"},
+    {ERR_PACK(ERR_LIB_TS, 0, TS_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE),
+    "private key does not match certificate"},
+    {ERR_PACK(ERR_LIB_TS, 0, TS_R_RESPONSE_SETUP_ERROR),
+    "response setup error"},
+    {ERR_PACK(ERR_LIB_TS, 0, TS_R_SIGNATURE_FAILURE), "signature failure"},
+    {ERR_PACK(ERR_LIB_TS, 0, TS_R_THERE_MUST_BE_ONE_SIGNER),
+    "there must be one signer"},
+    {ERR_PACK(ERR_LIB_TS, 0, TS_R_TIME_SYSCALL_ERROR), "time syscall error"},
+    {ERR_PACK(ERR_LIB_TS, 0, TS_R_TOKEN_NOT_PRESENT), "token not present"},
+    {ERR_PACK(ERR_LIB_TS, 0, TS_R_TOKEN_PRESENT), "token present"},
+    {ERR_PACK(ERR_LIB_TS, 0, TS_R_TSA_NAME_MISMATCH), "tsa name mismatch"},
+    {ERR_PACK(ERR_LIB_TS, 0, TS_R_TSA_UNTRUSTED), "tsa untrusted"},
+    {ERR_PACK(ERR_LIB_TS, 0, TS_R_TST_INFO_SETUP_ERROR),
+    "tst info setup error"},
+    {ERR_PACK(ERR_LIB_TS, 0, TS_R_TS_DATASIGN), "ts datasign"},
+    {ERR_PACK(ERR_LIB_TS, 0, TS_R_UNACCEPTABLE_POLICY), "unacceptable policy"},
+    {ERR_PACK(ERR_LIB_TS, 0, TS_R_UNSUPPORTED_MD_ALGORITHM),
+    "unsupported md algorithm"},
+    {ERR_PACK(ERR_LIB_TS, 0, TS_R_UNSUPPORTED_VERSION), "unsupported version"},
+    {ERR_PACK(ERR_LIB_TS, 0, TS_R_VAR_BAD_VALUE), "var bad value"},
+    {ERR_PACK(ERR_LIB_TS, 0, TS_R_VAR_LOOKUP_FAILURE),
+    "cannot find config variable"},
+    {ERR_PACK(ERR_LIB_TS, 0, TS_R_WRONG_CONTENT_TYPE), "wrong content type"},
     {0, NULL}
 };
 
@@ -140,10 +175,9 @@ static ERR_STRING_DATA TS_str_reasons[] = {
 int ERR_load_TS_strings(void)
 {
 #ifndef OPENSSL_NO_ERR
-
     if (ERR_func_error_string(TS_str_functs[0].error) == NULL) {
-        ERR_load_strings(0, TS_str_functs);
-        ERR_load_strings(0, TS_str_reasons);
+        ERR_load_strings_const(TS_str_functs);
+        ERR_load_strings_const(TS_str_reasons);
     }
 #endif
     return 1;
diff --git a/crypto/ui/ui_err.c b/crypto/ui/ui_err.c
index d60c72d..6a44f7a 100644
--- a/crypto/ui/ui_err.c
+++ b/crypto/ui/ui_err.c
@@ -8,55 +8,55 @@
  * https://www.openssl.org/source/license.html
  */
 
-#include <stdio.h>
 #include <openssl/err.h>
-#include <openssl/ui.h>
+#include <openssl/uierr.h>
 
-/* BEGIN ERROR CODES */
 #ifndef OPENSSL_NO_ERR
 
-# define ERR_FUNC(func) ERR_PACK(ERR_LIB_UI,func,0)
-# define ERR_REASON(reason) ERR_PACK(ERR_LIB_UI,0,reason)
-
-static ERR_STRING_DATA UI_str_functs[] = {
-    {ERR_FUNC(UI_F_CLOSE_CONSOLE), "close_console"},
-    {ERR_FUNC(UI_F_ECHO_CONSOLE), "echo_console"},
-    {ERR_FUNC(UI_F_GENERAL_ALLOCATE_BOOLEAN), "general_allocate_boolean"},
-    {ERR_FUNC(UI_F_GENERAL_ALLOCATE_PROMPT), "general_allocate_prompt"},
-    {ERR_FUNC(UI_F_NOECHO_CONSOLE), "noecho_console"},
-    {ERR_FUNC(UI_F_OPEN_CONSOLE), "open_console"},
-    {ERR_FUNC(UI_F_UI_CREATE_METHOD), "UI_create_method"},
-    {ERR_FUNC(UI_F_UI_CTRL), "UI_ctrl"},
-    {ERR_FUNC(UI_F_UI_DUP_ERROR_STRING), "UI_dup_error_string"},
-    {ERR_FUNC(UI_F_UI_DUP_INFO_STRING), "UI_dup_info_string"},
-    {ERR_FUNC(UI_F_UI_DUP_INPUT_BOOLEAN), "UI_dup_input_boolean"},
-    {ERR_FUNC(UI_F_UI_DUP_INPUT_STRING), "UI_dup_input_string"},
-    {ERR_FUNC(UI_F_UI_DUP_USER_DATA), "UI_dup_user_data"},
-    {ERR_FUNC(UI_F_UI_DUP_VERIFY_STRING), "UI_dup_verify_string"},
-    {ERR_FUNC(UI_F_UI_GET0_RESULT), "UI_get0_result"},
-    {ERR_FUNC(UI_F_UI_NEW_METHOD), "UI_new_method"},
-    {ERR_FUNC(UI_F_UI_PROCESS), "UI_process"},
-    {ERR_FUNC(UI_F_UI_SET_RESULT), "UI_set_result"},
+static const ERR_STRING_DATA UI_str_functs[] = {
+    {ERR_PACK(ERR_LIB_UI, UI_F_CLOSE_CONSOLE, 0), "close_console"},
+    {ERR_PACK(ERR_LIB_UI, UI_F_ECHO_CONSOLE, 0), "echo_console"},
+    {ERR_PACK(ERR_LIB_UI, UI_F_GENERAL_ALLOCATE_BOOLEAN, 0),
+     "general_allocate_boolean"},
+    {ERR_PACK(ERR_LIB_UI, UI_F_GENERAL_ALLOCATE_PROMPT, 0),
+     "general_allocate_prompt"},
+    {ERR_PACK(ERR_LIB_UI, UI_F_NOECHO_CONSOLE, 0), "noecho_console"},
+    {ERR_PACK(ERR_LIB_UI, UI_F_OPEN_CONSOLE, 0), "open_console"},
+    {ERR_PACK(ERR_LIB_UI, UI_F_UI_CREATE_METHOD, 0), "UI_create_method"},
+    {ERR_PACK(ERR_LIB_UI, UI_F_UI_CTRL, 0), "UI_ctrl"},
+    {ERR_PACK(ERR_LIB_UI, UI_F_UI_DUP_ERROR_STRING, 0), "UI_dup_error_string"},
+    {ERR_PACK(ERR_LIB_UI, UI_F_UI_DUP_INFO_STRING, 0), "UI_dup_info_string"},
+    {ERR_PACK(ERR_LIB_UI, UI_F_UI_DUP_INPUT_BOOLEAN, 0),
+     "UI_dup_input_boolean"},
+    {ERR_PACK(ERR_LIB_UI, UI_F_UI_DUP_INPUT_STRING, 0), "UI_dup_input_string"},
+    {ERR_PACK(ERR_LIB_UI, UI_F_UI_DUP_USER_DATA, 0), "UI_dup_user_data"},
+    {ERR_PACK(ERR_LIB_UI, UI_F_UI_DUP_VERIFY_STRING, 0),
+     "UI_dup_verify_string"},
+    {ERR_PACK(ERR_LIB_UI, UI_F_UI_GET0_RESULT, 0), "UI_get0_result"},
+    {ERR_PACK(ERR_LIB_UI, UI_F_UI_NEW_METHOD, 0), "UI_new_method"},
+    {ERR_PACK(ERR_LIB_UI, UI_F_UI_PROCESS, 0), "UI_process"},
+    {ERR_PACK(ERR_LIB_UI, UI_F_UI_SET_RESULT, 0), "UI_set_result"},
     {0, NULL}
 };
 
-static ERR_STRING_DATA UI_str_reasons[] = {
-    {ERR_REASON(UI_R_COMMON_OK_AND_CANCEL_CHARACTERS),
-     "common ok and cancel characters"},
-    {ERR_REASON(UI_R_INDEX_TOO_LARGE), "index too large"},
-    {ERR_REASON(UI_R_INDEX_TOO_SMALL), "index too small"},
-    {ERR_REASON(UI_R_NO_RESULT_BUFFER), "no result buffer"},
-    {ERR_REASON(UI_R_PROCESSING_ERROR), "processing error"},
-    {ERR_REASON(UI_R_RESULT_TOO_LARGE), "result too large"},
-    {ERR_REASON(UI_R_RESULT_TOO_SMALL), "result too small"},
-    {ERR_REASON(UI_R_SYSASSIGN_ERROR), "sys$assign error"},
-    {ERR_REASON(UI_R_SYSDASSGN_ERROR), "sys$dassgn error"},
-    {ERR_REASON(UI_R_SYSQIOW_ERROR), "sys$qiow error"},
-    {ERR_REASON(UI_R_UNKNOWN_CONTROL_COMMAND), "unknown control command"},
-    {ERR_REASON(UI_R_UNKNOWN_TTYGET_ERRNO_VALUE),
-     "unknown ttyget errno value"},
-    {ERR_REASON(UI_R_USER_DATA_DUPLICATION_UNSUPPORTED),
-     "user data duplication unsupported"},
+static const ERR_STRING_DATA UI_str_reasons[] = {
+    {ERR_PACK(ERR_LIB_UI, 0, UI_R_COMMON_OK_AND_CANCEL_CHARACTERS),
+    "common ok and cancel characters"},
+    {ERR_PACK(ERR_LIB_UI, 0, UI_R_INDEX_TOO_LARGE), "index too large"},
+    {ERR_PACK(ERR_LIB_UI, 0, UI_R_INDEX_TOO_SMALL), "index too small"},
+    {ERR_PACK(ERR_LIB_UI, 0, UI_R_NO_RESULT_BUFFER), "no result buffer"},
+    {ERR_PACK(ERR_LIB_UI, 0, UI_R_PROCESSING_ERROR), "processing error"},
+    {ERR_PACK(ERR_LIB_UI, 0, UI_R_RESULT_TOO_LARGE), "result too large"},
+    {ERR_PACK(ERR_LIB_UI, 0, UI_R_RESULT_TOO_SMALL), "result too small"},
+    {ERR_PACK(ERR_LIB_UI, 0, UI_R_SYSASSIGN_ERROR), "sys$assign error"},
+    {ERR_PACK(ERR_LIB_UI, 0, UI_R_SYSDASSGN_ERROR), "sys$dassgn error"},
+    {ERR_PACK(ERR_LIB_UI, 0, UI_R_SYSQIOW_ERROR), "sys$qiow error"},
+    {ERR_PACK(ERR_LIB_UI, 0, UI_R_UNKNOWN_CONTROL_COMMAND),
+    "unknown control command"},
+    {ERR_PACK(ERR_LIB_UI, 0, UI_R_UNKNOWN_TTYGET_ERRNO_VALUE),
+    "unknown ttyget errno value"},
+    {ERR_PACK(ERR_LIB_UI, 0, UI_R_USER_DATA_DUPLICATION_UNSUPPORTED),
+    "user data duplication unsupported"},
     {0, NULL}
 };
 
@@ -65,10 +65,9 @@ static ERR_STRING_DATA UI_str_reasons[] = {
 int ERR_load_UI_strings(void)
 {
 #ifndef OPENSSL_NO_ERR
-
     if (ERR_func_error_string(UI_str_functs[0].error) == NULL) {
-        ERR_load_strings(0, UI_str_functs);
-        ERR_load_strings(0, UI_str_reasons);
+        ERR_load_strings_const(UI_str_functs);
+        ERR_load_strings_const(UI_str_reasons);
     }
 #endif
     return 1;
diff --git a/crypto/x509/x509_err.c b/crypto/x509/x509_err.c
index e50b7f6..84c726f 100644
--- a/crypto/x509/x509_err.c
+++ b/crypto/x509/x509_err.c
@@ -8,126 +8,148 @@
  * https://www.openssl.org/source/license.html
  */
 
-#include <stdio.h>
 #include <openssl/err.h>
-#include <openssl/x509.h>
+#include <openssl/x509err.h>
 
-/* BEGIN ERROR CODES */
 #ifndef OPENSSL_NO_ERR
 
-# define ERR_FUNC(func) ERR_PACK(ERR_LIB_X509,func,0)
-# define ERR_REASON(reason) ERR_PACK(ERR_LIB_X509,0,reason)
-
-static ERR_STRING_DATA X509_str_functs[] = {
-    {ERR_FUNC(X509_F_ADD_CERT_DIR), "add_cert_dir"},
-    {ERR_FUNC(X509_F_BUILD_CHAIN), "build_chain"},
-    {ERR_FUNC(X509_F_BY_FILE_CTRL), "by_file_ctrl"},
-    {ERR_FUNC(X509_F_CHECK_NAME_CONSTRAINTS), "check_name_constraints"},
-    {ERR_FUNC(X509_F_CHECK_POLICY), "check_policy"},
-    {ERR_FUNC(X509_F_DANE_I2D), "dane_i2d"},
-    {ERR_FUNC(X509_F_DIR_CTRL), "dir_ctrl"},
-    {ERR_FUNC(X509_F_GET_CERT_BY_SUBJECT), "get_cert_by_subject"},
-    {ERR_FUNC(X509_F_NETSCAPE_SPKI_B64_DECODE), "NETSCAPE_SPKI_b64_decode"},
-    {ERR_FUNC(X509_F_NETSCAPE_SPKI_B64_ENCODE), "NETSCAPE_SPKI_b64_encode"},
-    {ERR_FUNC(X509_F_X509AT_ADD1_ATTR), "X509at_add1_attr"},
-    {ERR_FUNC(X509_F_X509V3_ADD_EXT), "X509v3_add_ext"},
-    {ERR_FUNC(X509_F_X509_ATTRIBUTE_CREATE_BY_NID),
+static const ERR_STRING_DATA X509_str_functs[] = {
+    {ERR_PACK(ERR_LIB_X509, X509_F_ADD_CERT_DIR, 0), "add_cert_dir"},
+    {ERR_PACK(ERR_LIB_X509, X509_F_BUILD_CHAIN, 0), "build_chain"},
+    {ERR_PACK(ERR_LIB_X509, X509_F_BY_FILE_CTRL, 0), "by_file_ctrl"},
+    {ERR_PACK(ERR_LIB_X509, X509_F_CHECK_NAME_CONSTRAINTS, 0),
+     "check_name_constraints"},
+    {ERR_PACK(ERR_LIB_X509, X509_F_CHECK_POLICY, 0), "check_policy"},
+    {ERR_PACK(ERR_LIB_X509, X509_F_DANE_I2D, 0), "dane_i2d"},
+    {ERR_PACK(ERR_LIB_X509, X509_F_DIR_CTRL, 0), "dir_ctrl"},
+    {ERR_PACK(ERR_LIB_X509, X509_F_GET_CERT_BY_SUBJECT, 0),
+     "get_cert_by_subject"},
+    {ERR_PACK(ERR_LIB_X509, X509_F_NETSCAPE_SPKI_B64_DECODE, 0),
+     "NETSCAPE_SPKI_b64_decode"},
+    {ERR_PACK(ERR_LIB_X509, X509_F_NETSCAPE_SPKI_B64_ENCODE, 0),
+     "NETSCAPE_SPKI_b64_encode"},
+    {ERR_PACK(ERR_LIB_X509, X509_F_X509AT_ADD1_ATTR, 0), "X509at_add1_attr"},
+    {ERR_PACK(ERR_LIB_X509, X509_F_X509V3_ADD_EXT, 0), "X509v3_add_ext"},
+    {ERR_PACK(ERR_LIB_X509, X509_F_X509_ATTRIBUTE_CREATE_BY_NID, 0),
      "X509_ATTRIBUTE_create_by_NID"},
-    {ERR_FUNC(X509_F_X509_ATTRIBUTE_CREATE_BY_OBJ),
+    {ERR_PACK(ERR_LIB_X509, X509_F_X509_ATTRIBUTE_CREATE_BY_OBJ, 0),
      "X509_ATTRIBUTE_create_by_OBJ"},
-    {ERR_FUNC(X509_F_X509_ATTRIBUTE_CREATE_BY_TXT),
+    {ERR_PACK(ERR_LIB_X509, X509_F_X509_ATTRIBUTE_CREATE_BY_TXT, 0),
      "X509_ATTRIBUTE_create_by_txt"},
-    {ERR_FUNC(X509_F_X509_ATTRIBUTE_GET0_DATA), "X509_ATTRIBUTE_get0_data"},
-    {ERR_FUNC(X509_F_X509_ATTRIBUTE_SET1_DATA), "X509_ATTRIBUTE_set1_data"},
-    {ERR_FUNC(X509_F_X509_CHECK_PRIVATE_KEY), "X509_check_private_key"},
-    {ERR_FUNC(X509_F_X509_CRL_DIFF), "X509_CRL_diff"},
-    {ERR_FUNC(X509_F_X509_CRL_PRINT_FP), "X509_CRL_print_fp"},
-    {ERR_FUNC(X509_F_X509_EXTENSION_CREATE_BY_NID),
+    {ERR_PACK(ERR_LIB_X509, X509_F_X509_ATTRIBUTE_GET0_DATA, 0),
+     "X509_ATTRIBUTE_get0_data"},
+    {ERR_PACK(ERR_LIB_X509, X509_F_X509_ATTRIBUTE_SET1_DATA, 0),
+     "X509_ATTRIBUTE_set1_data"},
+    {ERR_PACK(ERR_LIB_X509, X509_F_X509_CHECK_PRIVATE_KEY, 0),
+     "X509_check_private_key"},
+    {ERR_PACK(ERR_LIB_X509, X509_F_X509_CRL_DIFF, 0), "X509_CRL_diff"},
+    {ERR_PACK(ERR_LIB_X509, X509_F_X509_CRL_PRINT_FP, 0), "X509_CRL_print_fp"},
+    {ERR_PACK(ERR_LIB_X509, X509_F_X509_EXTENSION_CREATE_BY_NID, 0),
      "X509_EXTENSION_create_by_NID"},
-    {ERR_FUNC(X509_F_X509_EXTENSION_CREATE_BY_OBJ),
+    {ERR_PACK(ERR_LIB_X509, X509_F_X509_EXTENSION_CREATE_BY_OBJ, 0),
      "X509_EXTENSION_create_by_OBJ"},
-    {ERR_FUNC(X509_F_X509_GET_PUBKEY_PARAMETERS),
+    {ERR_PACK(ERR_LIB_X509, X509_F_X509_GET_PUBKEY_PARAMETERS, 0),
      "X509_get_pubkey_parameters"},
-    {ERR_FUNC(X509_F_X509_LOAD_CERT_CRL_FILE), "X509_load_cert_crl_file"},
-    {ERR_FUNC(X509_F_X509_LOAD_CERT_FILE), "X509_load_cert_file"},
-    {ERR_FUNC(X509_F_X509_LOAD_CRL_FILE), "X509_load_crl_file"},
-    {ERR_FUNC(X509_F_X509_NAME_ADD_ENTRY), "X509_NAME_add_entry"},
-    {ERR_FUNC(X509_F_X509_NAME_ENTRY_CREATE_BY_NID),
+    {ERR_PACK(ERR_LIB_X509, X509_F_X509_LOAD_CERT_CRL_FILE, 0),
+     "X509_load_cert_crl_file"},
+    {ERR_PACK(ERR_LIB_X509, X509_F_X509_LOAD_CERT_FILE, 0),
+     "X509_load_cert_file"},
+    {ERR_PACK(ERR_LIB_X509, X509_F_X509_LOAD_CRL_FILE, 0),
+     "X509_load_crl_file"},
+    {ERR_PACK(ERR_LIB_X509, X509_F_X509_NAME_ADD_ENTRY, 0),
+     "X509_NAME_add_entry"},
+    {ERR_PACK(ERR_LIB_X509, X509_F_X509_NAME_ENTRY_CREATE_BY_NID, 0),
      "X509_NAME_ENTRY_create_by_NID"},
-    {ERR_FUNC(X509_F_X509_NAME_ENTRY_CREATE_BY_TXT),
+    {ERR_PACK(ERR_LIB_X509, X509_F_X509_NAME_ENTRY_CREATE_BY_TXT, 0),
      "X509_NAME_ENTRY_create_by_txt"},
-    {ERR_FUNC(X509_F_X509_NAME_ENTRY_SET_OBJECT),
+    {ERR_PACK(ERR_LIB_X509, X509_F_X509_NAME_ENTRY_SET_OBJECT, 0),
      "X509_NAME_ENTRY_set_object"},
-    {ERR_FUNC(X509_F_X509_NAME_ONELINE), "X509_NAME_oneline"},
-    {ERR_FUNC(X509_F_X509_NAME_PRINT), "X509_NAME_print"},
-    {ERR_FUNC(X509_F_X509_OBJECT_NEW), "X509_OBJECT_new"},
-    {ERR_FUNC(X509_F_X509_PRINT_EX_FP), "X509_print_ex_fp"},
-    {ERR_FUNC(X509_F_X509_PUBKEY_DECODE), "x509_pubkey_decode"},
-    {ERR_FUNC(X509_F_X509_PUBKEY_GET0), "X509_PUBKEY_get0"},
-    {ERR_FUNC(X509_F_X509_PUBKEY_SET), "X509_PUBKEY_set"},
-    {ERR_FUNC(X509_F_X509_REQ_CHECK_PRIVATE_KEY),
+    {ERR_PACK(ERR_LIB_X509, X509_F_X509_NAME_ONELINE, 0), "X509_NAME_oneline"},
+    {ERR_PACK(ERR_LIB_X509, X509_F_X509_NAME_PRINT, 0), "X509_NAME_print"},
+    {ERR_PACK(ERR_LIB_X509, X509_F_X509_OBJECT_NEW, 0), "X509_OBJECT_new"},
+    {ERR_PACK(ERR_LIB_X509, X509_F_X509_PRINT_EX_FP, 0), "X509_print_ex_fp"},
+    {ERR_PACK(ERR_LIB_X509, X509_F_X509_PUBKEY_DECODE, 0),
+     "x509_pubkey_decode"},
+    {ERR_PACK(ERR_LIB_X509, X509_F_X509_PUBKEY_GET0, 0), "X509_PUBKEY_get0"},
+    {ERR_PACK(ERR_LIB_X509, X509_F_X509_PUBKEY_SET, 0), "X509_PUBKEY_set"},
+    {ERR_PACK(ERR_LIB_X509, X509_F_X509_REQ_CHECK_PRIVATE_KEY, 0),
      "X509_REQ_check_private_key"},
-    {ERR_FUNC(X509_F_X509_REQ_PRINT_EX), "X509_REQ_print_ex"},
-    {ERR_FUNC(X509_F_X509_REQ_PRINT_FP), "X509_REQ_print_fp"},
-    {ERR_FUNC(X509_F_X509_REQ_TO_X509), "X509_REQ_to_X509"},
-    {ERR_FUNC(X509_F_X509_STORE_ADD_CERT), "X509_STORE_add_cert"},
-    {ERR_FUNC(X509_F_X509_STORE_ADD_CRL), "X509_STORE_add_crl"},
-    {ERR_FUNC(X509_F_X509_STORE_CTX_GET1_ISSUER),
+    {ERR_PACK(ERR_LIB_X509, X509_F_X509_REQ_PRINT_EX, 0), "X509_REQ_print_ex"},
+    {ERR_PACK(ERR_LIB_X509, X509_F_X509_REQ_PRINT_FP, 0), "X509_REQ_print_fp"},
+    {ERR_PACK(ERR_LIB_X509, X509_F_X509_REQ_TO_X509, 0), "X509_REQ_to_X509"},
+    {ERR_PACK(ERR_LIB_X509, X509_F_X509_STORE_ADD_CERT, 0),
+     "X509_STORE_add_cert"},
+    {ERR_PACK(ERR_LIB_X509, X509_F_X509_STORE_ADD_CRL, 0),
+     "X509_STORE_add_crl"},
+    {ERR_PACK(ERR_LIB_X509, X509_F_X509_STORE_CTX_GET1_ISSUER, 0),
      "X509_STORE_CTX_get1_issuer"},
-    {ERR_FUNC(X509_F_X509_STORE_CTX_INIT), "X509_STORE_CTX_init"},
-    {ERR_FUNC(X509_F_X509_STORE_CTX_NEW), "X509_STORE_CTX_new"},
-    {ERR_FUNC(X509_F_X509_STORE_CTX_PURPOSE_INHERIT),
+    {ERR_PACK(ERR_LIB_X509, X509_F_X509_STORE_CTX_INIT, 0),
+     "X509_STORE_CTX_init"},
+    {ERR_PACK(ERR_LIB_X509, X509_F_X509_STORE_CTX_NEW, 0),
+     "X509_STORE_CTX_new"},
+    {ERR_PACK(ERR_LIB_X509, X509_F_X509_STORE_CTX_PURPOSE_INHERIT, 0),
      "X509_STORE_CTX_purpose_inherit"},
-    {ERR_FUNC(X509_F_X509_TO_X509_REQ), "X509_to_X509_REQ"},
-    {ERR_FUNC(X509_F_X509_TRUST_ADD), "X509_TRUST_add"},
-    {ERR_FUNC(X509_F_X509_TRUST_SET), "X509_TRUST_set"},
-    {ERR_FUNC(X509_F_X509_VERIFY_CERT), "X509_verify_cert"},
+    {ERR_PACK(ERR_LIB_X509, X509_F_X509_TO_X509_REQ, 0), "X509_to_X509_REQ"},
+    {ERR_PACK(ERR_LIB_X509, X509_F_X509_TRUST_ADD, 0), "X509_TRUST_add"},
+    {ERR_PACK(ERR_LIB_X509, X509_F_X509_TRUST_SET, 0), "X509_TRUST_set"},
+    {ERR_PACK(ERR_LIB_X509, X509_F_X509_VERIFY_CERT, 0), "X509_verify_cert"},
     {0, NULL}
 };
 
-static ERR_STRING_DATA X509_str_reasons[] = {
-    {ERR_REASON(X509_R_AKID_MISMATCH), "akid mismatch"},
-    {ERR_REASON(X509_R_BAD_SELECTOR), "bad selector"},
-    {ERR_REASON(X509_R_BAD_X509_FILETYPE), "bad x509 filetype"},
-    {ERR_REASON(X509_R_BASE64_DECODE_ERROR), "base64 decode error"},
-    {ERR_REASON(X509_R_CANT_CHECK_DH_KEY), "cant check dh key"},
-    {ERR_REASON(X509_R_CERT_ALREADY_IN_HASH_TABLE),
-     "cert already in hash table"},
-    {ERR_REASON(X509_R_CRL_ALREADY_DELTA), "crl already delta"},
-    {ERR_REASON(X509_R_CRL_VERIFY_FAILURE), "crl verify failure"},
-    {ERR_REASON(X509_R_IDP_MISMATCH), "idp mismatch"},
-    {ERR_REASON(X509_R_INVALID_DIRECTORY), "invalid directory"},
-    {ERR_REASON(X509_R_INVALID_FIELD_NAME), "invalid field name"},
-    {ERR_REASON(X509_R_INVALID_TRUST), "invalid trust"},
-    {ERR_REASON(X509_R_ISSUER_MISMATCH), "issuer mismatch"},
-    {ERR_REASON(X509_R_KEY_TYPE_MISMATCH), "key type mismatch"},
-    {ERR_REASON(X509_R_KEY_VALUES_MISMATCH), "key values mismatch"},
-    {ERR_REASON(X509_R_LOADING_CERT_DIR), "loading cert dir"},
-    {ERR_REASON(X509_R_LOADING_DEFAULTS), "loading defaults"},
-    {ERR_REASON(X509_R_METHOD_NOT_SUPPORTED), "method not supported"},
-    {ERR_REASON(X509_R_NAME_TOO_LONG), "name too long"},
-    {ERR_REASON(X509_R_NEWER_CRL_NOT_NEWER), "newer crl not newer"},
-    {ERR_REASON(X509_R_NO_CERTIFICATE_FOUND), "no certificate found"},
-    {ERR_REASON(X509_R_NO_CERTIFICATE_OR_CRL_FOUND),
-     "no certificate or crl found"},
-    {ERR_REASON(X509_R_NO_CERT_SET_FOR_US_TO_VERIFY),
-     "no cert set for us to verify"},
-    {ERR_REASON(X509_R_NO_CRL_FOUND), "no crl found"},
-    {ERR_REASON(X509_R_NO_CRL_NUMBER), "no crl number"},
-    {ERR_REASON(X509_R_PUBLIC_KEY_DECODE_ERROR), "public key decode error"},
-    {ERR_REASON(X509_R_PUBLIC_KEY_ENCODE_ERROR), "public key encode error"},
-    {ERR_REASON(X509_R_SHOULD_RETRY), "should retry"},
-    {ERR_REASON(X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN),
-     "unable to find parameters in chain"},
-    {ERR_REASON(X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY),
-     "unable to get certs public key"},
-    {ERR_REASON(X509_R_UNKNOWN_KEY_TYPE), "unknown key type"},
-    {ERR_REASON(X509_R_UNKNOWN_NID), "unknown nid"},
-    {ERR_REASON(X509_R_UNKNOWN_PURPOSE_ID), "unknown purpose id"},
-    {ERR_REASON(X509_R_UNKNOWN_TRUST_ID), "unknown trust id"},
-    {ERR_REASON(X509_R_UNSUPPORTED_ALGORITHM), "unsupported algorithm"},
-    {ERR_REASON(X509_R_WRONG_LOOKUP_TYPE), "wrong lookup type"},
-    {ERR_REASON(X509_R_WRONG_TYPE), "wrong type"},
+static const ERR_STRING_DATA X509_str_reasons[] = {
+    {ERR_PACK(ERR_LIB_X509, 0, X509_R_AKID_MISMATCH), "akid mismatch"},
+    {ERR_PACK(ERR_LIB_X509, 0, X509_R_BAD_SELECTOR), "bad selector"},
+    {ERR_PACK(ERR_LIB_X509, 0, X509_R_BAD_X509_FILETYPE), "bad x509 filetype"},
+    {ERR_PACK(ERR_LIB_X509, 0, X509_R_BASE64_DECODE_ERROR),
+    "base64 decode error"},
+    {ERR_PACK(ERR_LIB_X509, 0, X509_R_CANT_CHECK_DH_KEY), "cant check dh key"},
+    {ERR_PACK(ERR_LIB_X509, 0, X509_R_CERT_ALREADY_IN_HASH_TABLE),
+    "cert already in hash table"},
+    {ERR_PACK(ERR_LIB_X509, 0, X509_R_CRL_ALREADY_DELTA), "crl already delta"},
+    {ERR_PACK(ERR_LIB_X509, 0, X509_R_CRL_VERIFY_FAILURE),
+    "crl verify failure"},
+    {ERR_PACK(ERR_LIB_X509, 0, X509_R_IDP_MISMATCH), "idp mismatch"},
+    {ERR_PACK(ERR_LIB_X509, 0, X509_R_INVALID_DIRECTORY), "invalid directory"},
+    {ERR_PACK(ERR_LIB_X509, 0, X509_R_INVALID_FIELD_NAME),
+    "invalid field name"},
+    {ERR_PACK(ERR_LIB_X509, 0, X509_R_INVALID_TRUST), "invalid trust"},
+    {ERR_PACK(ERR_LIB_X509, 0, X509_R_ISSUER_MISMATCH), "issuer mismatch"},
+    {ERR_PACK(ERR_LIB_X509, 0, X509_R_KEY_TYPE_MISMATCH), "key type mismatch"},
+    {ERR_PACK(ERR_LIB_X509, 0, X509_R_KEY_VALUES_MISMATCH),
+    "key values mismatch"},
+    {ERR_PACK(ERR_LIB_X509, 0, X509_R_LOADING_CERT_DIR), "loading cert dir"},
+    {ERR_PACK(ERR_LIB_X509, 0, X509_R_LOADING_DEFAULTS), "loading defaults"},
+    {ERR_PACK(ERR_LIB_X509, 0, X509_R_METHOD_NOT_SUPPORTED),
+    "method not supported"},
+    {ERR_PACK(ERR_LIB_X509, 0, X509_R_NAME_TOO_LONG), "name too long"},
+    {ERR_PACK(ERR_LIB_X509, 0, X509_R_NEWER_CRL_NOT_NEWER),
+    "newer crl not newer"},
+    {ERR_PACK(ERR_LIB_X509, 0, X509_R_NO_CERTIFICATE_FOUND),
+    "no certificate found"},
+    {ERR_PACK(ERR_LIB_X509, 0, X509_R_NO_CERTIFICATE_OR_CRL_FOUND),
+    "no certificate or crl found"},
+    {ERR_PACK(ERR_LIB_X509, 0, X509_R_NO_CERT_SET_FOR_US_TO_VERIFY),
+    "no cert set for us to verify"},
+    {ERR_PACK(ERR_LIB_X509, 0, X509_R_NO_CRL_FOUND), "no crl found"},
+    {ERR_PACK(ERR_LIB_X509, 0, X509_R_NO_CRL_NUMBER), "no crl number"},
+    {ERR_PACK(ERR_LIB_X509, 0, X509_R_PUBLIC_KEY_DECODE_ERROR),
+    "public key decode error"},
+    {ERR_PACK(ERR_LIB_X509, 0, X509_R_PUBLIC_KEY_ENCODE_ERROR),
+    "public key encode error"},
+    {ERR_PACK(ERR_LIB_X509, 0, X509_R_SHOULD_RETRY), "should retry"},
+    {ERR_PACK(ERR_LIB_X509, 0, X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN),
+    "unable to find parameters in chain"},
+    {ERR_PACK(ERR_LIB_X509, 0, X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY),
+    "unable to get certs public key"},
+    {ERR_PACK(ERR_LIB_X509, 0, X509_R_UNKNOWN_KEY_TYPE), "unknown key type"},
+    {ERR_PACK(ERR_LIB_X509, 0, X509_R_UNKNOWN_NID), "unknown nid"},
+    {ERR_PACK(ERR_LIB_X509, 0, X509_R_UNKNOWN_PURPOSE_ID),
+    "unknown purpose id"},
+    {ERR_PACK(ERR_LIB_X509, 0, X509_R_UNKNOWN_TRUST_ID), "unknown trust id"},
+    {ERR_PACK(ERR_LIB_X509, 0, X509_R_UNSUPPORTED_ALGORITHM),
+    "unsupported algorithm"},
+    {ERR_PACK(ERR_LIB_X509, 0, X509_R_WRONG_LOOKUP_TYPE), "wrong lookup type"},
+    {ERR_PACK(ERR_LIB_X509, 0, X509_R_WRONG_TYPE), "wrong type"},
     {0, NULL}
 };
 
@@ -136,10 +158,9 @@ static ERR_STRING_DATA X509_str_reasons[] = {
 int ERR_load_X509_strings(void)
 {
 #ifndef OPENSSL_NO_ERR
-
     if (ERR_func_error_string(X509_str_functs[0].error) == NULL) {
-        ERR_load_strings(0, X509_str_functs);
-        ERR_load_strings(0, X509_str_reasons);
+        ERR_load_strings_const(X509_str_functs);
+        ERR_load_strings_const(X509_str_reasons);
     }
 #endif
     return 1;
diff --git a/crypto/x509v3/v3err.c b/crypto/x509v3/v3err.c
index 5d79c8c..d661623 100644
--- a/crypto/x509v3/v3err.c
+++ b/crypto/x509v3/v3err.c
@@ -1,6 +1,6 @@
 /*
  * Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -8,167 +8,229 @@
  * https://www.openssl.org/source/license.html
  */
 
-#include <stdio.h>
 #include <openssl/err.h>
-#include <openssl/x509v3.h>
+#include <openssl/x509v3err.h>
 
-/* BEGIN ERROR CODES */
 #ifndef OPENSSL_NO_ERR
 
-# define ERR_FUNC(func) ERR_PACK(ERR_LIB_X509V3,func,0)
-# define ERR_REASON(reason) ERR_PACK(ERR_LIB_X509V3,0,reason)
-
-static ERR_STRING_DATA X509V3_str_functs[] = {
-    {ERR_FUNC(X509V3_F_A2I_GENERAL_NAME), "a2i_GENERAL_NAME"},
-    {ERR_FUNC(X509V3_F_ADDR_VALIDATE_PATH_INTERNAL),
+static const ERR_STRING_DATA X509V3_str_functs[] = {
+    {ERR_PACK(ERR_LIB_X509V3, X509V3_F_A2I_GENERAL_NAME, 0),
+     "a2i_GENERAL_NAME"},
+    {ERR_PACK(ERR_LIB_X509V3, X509V3_F_ADDR_VALIDATE_PATH_INTERNAL, 0),
      "addr_validate_path_internal"},
-    {ERR_FUNC(X509V3_F_ASIDENTIFIERCHOICE_CANONIZE),
+    {ERR_PACK(ERR_LIB_X509V3, X509V3_F_ASIDENTIFIERCHOICE_CANONIZE, 0),
      "ASIdentifierChoice_canonize"},
-    {ERR_FUNC(X509V3_F_ASIDENTIFIERCHOICE_IS_CANONICAL),
+    {ERR_PACK(ERR_LIB_X509V3, X509V3_F_ASIDENTIFIERCHOICE_IS_CANONICAL, 0),
      "ASIdentifierChoice_is_canonical"},
-    {ERR_FUNC(X509V3_F_COPY_EMAIL), "copy_email"},
-    {ERR_FUNC(X509V3_F_COPY_ISSUER), "copy_issuer"},
-    {ERR_FUNC(X509V3_F_DO_DIRNAME), "do_dirname"},
-    {ERR_FUNC(X509V3_F_DO_EXT_I2D), "do_ext_i2d"},
-    {ERR_FUNC(X509V3_F_DO_EXT_NCONF), "do_ext_nconf"},
-    {ERR_FUNC(X509V3_F_GNAMES_FROM_SECTNAME), "gnames_from_sectname"},
-    {ERR_FUNC(X509V3_F_I2S_ASN1_ENUMERATED), "i2s_ASN1_ENUMERATED"},
-    {ERR_FUNC(X509V3_F_I2S_ASN1_IA5STRING), "i2s_ASN1_IA5STRING"},
-    {ERR_FUNC(X509V3_F_I2S_ASN1_INTEGER), "i2s_ASN1_INTEGER"},
-    {ERR_FUNC(X509V3_F_I2V_AUTHORITY_INFO_ACCESS),
+    {ERR_PACK(ERR_LIB_X509V3, X509V3_F_COPY_EMAIL, 0), "copy_email"},
+    {ERR_PACK(ERR_LIB_X509V3, X509V3_F_COPY_ISSUER, 0), "copy_issuer"},
+    {ERR_PACK(ERR_LIB_X509V3, X509V3_F_DO_DIRNAME, 0), "do_dirname"},
+    {ERR_PACK(ERR_LIB_X509V3, X509V3_F_DO_EXT_I2D, 0), "do_ext_i2d"},
+    {ERR_PACK(ERR_LIB_X509V3, X509V3_F_DO_EXT_NCONF, 0), "do_ext_nconf"},
+    {ERR_PACK(ERR_LIB_X509V3, X509V3_F_GNAMES_FROM_SECTNAME, 0),
+     "gnames_from_sectname"},
+    {ERR_PACK(ERR_LIB_X509V3, X509V3_F_I2S_ASN1_ENUMERATED, 0),
+     "i2s_ASN1_ENUMERATED"},
+    {ERR_PACK(ERR_LIB_X509V3, X509V3_F_I2S_ASN1_IA5STRING, 0),
+     "i2s_ASN1_IA5STRING"},
+    {ERR_PACK(ERR_LIB_X509V3, X509V3_F_I2S_ASN1_INTEGER, 0),
+     "i2s_ASN1_INTEGER"},
+    {ERR_PACK(ERR_LIB_X509V3, X509V3_F_I2V_AUTHORITY_INFO_ACCESS, 0),
      "i2v_AUTHORITY_INFO_ACCESS"},
-    {ERR_FUNC(X509V3_F_NOTICE_SECTION), "notice_section"},
-    {ERR_FUNC(X509V3_F_NREF_NOS), "nref_nos"},
-    {ERR_FUNC(X509V3_F_POLICY_SECTION), "policy_section"},
-    {ERR_FUNC(X509V3_F_PROCESS_PCI_VALUE), "process_pci_value"},
-    {ERR_FUNC(X509V3_F_R2I_CERTPOL), "r2i_certpol"},
-    {ERR_FUNC(X509V3_F_R2I_PCI), "r2i_pci"},
-    {ERR_FUNC(X509V3_F_S2I_ASN1_IA5STRING), "s2i_ASN1_IA5STRING"},
-    {ERR_FUNC(X509V3_F_S2I_ASN1_INTEGER), "s2i_ASN1_INTEGER"},
-    {ERR_FUNC(X509V3_F_S2I_ASN1_OCTET_STRING), "s2i_ASN1_OCTET_STRING"},
-    {ERR_FUNC(X509V3_F_S2I_SKEY_ID), "s2i_skey_id"},
-    {ERR_FUNC(X509V3_F_SET_DIST_POINT_NAME), "set_dist_point_name"},
-    {ERR_FUNC(X509V3_F_SXNET_ADD_ID_ASC), "SXNET_add_id_asc"},
-    {ERR_FUNC(X509V3_F_SXNET_ADD_ID_INTEGER), "SXNET_add_id_INTEGER"},
-    {ERR_FUNC(X509V3_F_SXNET_ADD_ID_ULONG), "SXNET_add_id_ulong"},
-    {ERR_FUNC(X509V3_F_SXNET_GET_ID_ASC), "SXNET_get_id_asc"},
-    {ERR_FUNC(X509V3_F_SXNET_GET_ID_ULONG), "SXNET_get_id_ulong"},
-    {ERR_FUNC(X509V3_F_V2I_ASIDENTIFIERS), "v2i_ASIdentifiers"},
-    {ERR_FUNC(X509V3_F_V2I_ASN1_BIT_STRING), "v2i_ASN1_BIT_STRING"},
-    {ERR_FUNC(X509V3_F_V2I_AUTHORITY_INFO_ACCESS),
+    {ERR_PACK(ERR_LIB_X509V3, X509V3_F_NOTICE_SECTION, 0), "notice_section"},
+    {ERR_PACK(ERR_LIB_X509V3, X509V3_F_NREF_NOS, 0), "nref_nos"},
+    {ERR_PACK(ERR_LIB_X509V3, X509V3_F_POLICY_SECTION, 0), "policy_section"},
+    {ERR_PACK(ERR_LIB_X509V3, X509V3_F_PROCESS_PCI_VALUE, 0),
+     "process_pci_value"},
+    {ERR_PACK(ERR_LIB_X509V3, X509V3_F_R2I_CERTPOL, 0), "r2i_certpol"},
+    {ERR_PACK(ERR_LIB_X509V3, X509V3_F_R2I_PCI, 0), "r2i_pci"},
+    {ERR_PACK(ERR_LIB_X509V3, X509V3_F_S2I_ASN1_IA5STRING, 0),
+     "s2i_ASN1_IA5STRING"},
+    {ERR_PACK(ERR_LIB_X509V3, X509V3_F_S2I_ASN1_INTEGER, 0),
+     "s2i_ASN1_INTEGER"},
+    {ERR_PACK(ERR_LIB_X509V3, X509V3_F_S2I_ASN1_OCTET_STRING, 0),
+     "s2i_ASN1_OCTET_STRING"},
+    {ERR_PACK(ERR_LIB_X509V3, X509V3_F_S2I_SKEY_ID, 0), "s2i_skey_id"},
+    {ERR_PACK(ERR_LIB_X509V3, X509V3_F_SET_DIST_POINT_NAME, 0),
+     "set_dist_point_name"},
+    {ERR_PACK(ERR_LIB_X509V3, X509V3_F_SXNET_ADD_ID_ASC, 0),
+     "SXNET_add_id_asc"},
+    {ERR_PACK(ERR_LIB_X509V3, X509V3_F_SXNET_ADD_ID_INTEGER, 0),
+     "SXNET_add_id_INTEGER"},
+    {ERR_PACK(ERR_LIB_X509V3, X509V3_F_SXNET_ADD_ID_ULONG, 0),
+     "SXNET_add_id_ulong"},
+    {ERR_PACK(ERR_LIB_X509V3, X509V3_F_SXNET_GET_ID_ASC, 0),
+     "SXNET_get_id_asc"},
+    {ERR_PACK(ERR_LIB_X509V3, X509V3_F_SXNET_GET_ID_ULONG, 0),
+     "SXNET_get_id_ulong"},
+    {ERR_PACK(ERR_LIB_X509V3, X509V3_F_V2I_ASIDENTIFIERS, 0),
+     "v2i_ASIdentifiers"},
+    {ERR_PACK(ERR_LIB_X509V3, X509V3_F_V2I_ASN1_BIT_STRING, 0),
+     "v2i_ASN1_BIT_STRING"},
+    {ERR_PACK(ERR_LIB_X509V3, X509V3_F_V2I_AUTHORITY_INFO_ACCESS, 0),
      "v2i_AUTHORITY_INFO_ACCESS"},
-    {ERR_FUNC(X509V3_F_V2I_AUTHORITY_KEYID), "v2i_AUTHORITY_KEYID"},
-    {ERR_FUNC(X509V3_F_V2I_BASIC_CONSTRAINTS), "v2i_BASIC_CONSTRAINTS"},
-    {ERR_FUNC(X509V3_F_V2I_CRLD), "v2i_crld"},
-    {ERR_FUNC(X509V3_F_V2I_EXTENDED_KEY_USAGE), "v2i_EXTENDED_KEY_USAGE"},
-    {ERR_FUNC(X509V3_F_V2I_GENERAL_NAMES), "v2i_GENERAL_NAMES"},
-    {ERR_FUNC(X509V3_F_V2I_GENERAL_NAME_EX), "v2i_GENERAL_NAME_ex"},
-    {ERR_FUNC(X509V3_F_V2I_IDP), "v2i_idp"},
-    {ERR_FUNC(X509V3_F_V2I_IPADDRBLOCKS), "v2i_IPAddrBlocks"},
-    {ERR_FUNC(X509V3_F_V2I_ISSUER_ALT), "v2i_issuer_alt"},
-    {ERR_FUNC(X509V3_F_V2I_NAME_CONSTRAINTS), "v2i_NAME_CONSTRAINTS"},
-    {ERR_FUNC(X509V3_F_V2I_POLICY_CONSTRAINTS), "v2i_POLICY_CONSTRAINTS"},
-    {ERR_FUNC(X509V3_F_V2I_POLICY_MAPPINGS), "v2i_POLICY_MAPPINGS"},
-    {ERR_FUNC(X509V3_F_V2I_SUBJECT_ALT), "v2i_subject_alt"},
-    {ERR_FUNC(X509V3_F_V2I_TLS_FEATURE), "v2i_TLS_FEATURE"},
-    {ERR_FUNC(X509V3_F_V3_GENERIC_EXTENSION), "v3_generic_extension"},
-    {ERR_FUNC(X509V3_F_X509V3_ADD1_I2D), "X509V3_add1_i2d"},
-    {ERR_FUNC(X509V3_F_X509V3_ADD_VALUE), "X509V3_add_value"},
-    {ERR_FUNC(X509V3_F_X509V3_EXT_ADD), "X509V3_EXT_add"},
-    {ERR_FUNC(X509V3_F_X509V3_EXT_ADD_ALIAS), "X509V3_EXT_add_alias"},
-    {ERR_FUNC(X509V3_F_X509V3_EXT_I2D), "X509V3_EXT_i2d"},
-    {ERR_FUNC(X509V3_F_X509V3_EXT_NCONF), "X509V3_EXT_nconf"},
-    {ERR_FUNC(X509V3_F_X509V3_GET_SECTION), "X509V3_get_section"},
-    {ERR_FUNC(X509V3_F_X509V3_GET_STRING), "X509V3_get_string"},
-    {ERR_FUNC(X509V3_F_X509V3_GET_VALUE_BOOL), "X509V3_get_value_bool"},
-    {ERR_FUNC(X509V3_F_X509V3_PARSE_LIST), "X509V3_parse_list"},
-    {ERR_FUNC(X509V3_F_X509_PURPOSE_ADD), "X509_PURPOSE_add"},
-    {ERR_FUNC(X509V3_F_X509_PURPOSE_SET), "X509_PURPOSE_set"},
+    {ERR_PACK(ERR_LIB_X509V3, X509V3_F_V2I_AUTHORITY_KEYID, 0),
+     "v2i_AUTHORITY_KEYID"},
+    {ERR_PACK(ERR_LIB_X509V3, X509V3_F_V2I_BASIC_CONSTRAINTS, 0),
+     "v2i_BASIC_CONSTRAINTS"},
+    {ERR_PACK(ERR_LIB_X509V3, X509V3_F_V2I_CRLD, 0), "v2i_crld"},
+    {ERR_PACK(ERR_LIB_X509V3, X509V3_F_V2I_EXTENDED_KEY_USAGE, 0),
+     "v2i_EXTENDED_KEY_USAGE"},
+    {ERR_PACK(ERR_LIB_X509V3, X509V3_F_V2I_GENERAL_NAMES, 0),
+     "v2i_GENERAL_NAMES"},
+    {ERR_PACK(ERR_LIB_X509V3, X509V3_F_V2I_GENERAL_NAME_EX, 0),
+     "v2i_GENERAL_NAME_ex"},
+    {ERR_PACK(ERR_LIB_X509V3, X509V3_F_V2I_IDP, 0), "v2i_idp"},
+    {ERR_PACK(ERR_LIB_X509V3, X509V3_F_V2I_IPADDRBLOCKS, 0),
+     "v2i_IPAddrBlocks"},
+    {ERR_PACK(ERR_LIB_X509V3, X509V3_F_V2I_ISSUER_ALT, 0), "v2i_issuer_alt"},
+    {ERR_PACK(ERR_LIB_X509V3, X509V3_F_V2I_NAME_CONSTRAINTS, 0),
+     "v2i_NAME_CONSTRAINTS"},
+    {ERR_PACK(ERR_LIB_X509V3, X509V3_F_V2I_POLICY_CONSTRAINTS, 0),
+     "v2i_POLICY_CONSTRAINTS"},
+    {ERR_PACK(ERR_LIB_X509V3, X509V3_F_V2I_POLICY_MAPPINGS, 0),
+     "v2i_POLICY_MAPPINGS"},
+    {ERR_PACK(ERR_LIB_X509V3, X509V3_F_V2I_SUBJECT_ALT, 0), "v2i_subject_alt"},
+    {ERR_PACK(ERR_LIB_X509V3, X509V3_F_V2I_TLS_FEATURE, 0), "v2i_TLS_FEATURE"},
+    {ERR_PACK(ERR_LIB_X509V3, X509V3_F_V3_GENERIC_EXTENSION, 0),
+     "v3_generic_extension"},
+    {ERR_PACK(ERR_LIB_X509V3, X509V3_F_X509V3_ADD1_I2D, 0), "X509V3_add1_i2d"},
+    {ERR_PACK(ERR_LIB_X509V3, X509V3_F_X509V3_ADD_VALUE, 0),
+     "X509V3_add_value"},
+    {ERR_PACK(ERR_LIB_X509V3, X509V3_F_X509V3_EXT_ADD, 0), "X509V3_EXT_add"},
+    {ERR_PACK(ERR_LIB_X509V3, X509V3_F_X509V3_EXT_ADD_ALIAS, 0),
+     "X509V3_EXT_add_alias"},
+    {ERR_PACK(ERR_LIB_X509V3, X509V3_F_X509V3_EXT_I2D, 0), "X509V3_EXT_i2d"},
+    {ERR_PACK(ERR_LIB_X509V3, X509V3_F_X509V3_EXT_NCONF, 0),
+     "X509V3_EXT_nconf"},
+    {ERR_PACK(ERR_LIB_X509V3, X509V3_F_X509V3_GET_SECTION, 0),
+     "X509V3_get_section"},
+    {ERR_PACK(ERR_LIB_X509V3, X509V3_F_X509V3_GET_STRING, 0),
+     "X509V3_get_string"},
+    {ERR_PACK(ERR_LIB_X509V3, X509V3_F_X509V3_GET_VALUE_BOOL, 0),
+     "X509V3_get_value_bool"},
+    {ERR_PACK(ERR_LIB_X509V3, X509V3_F_X509V3_PARSE_LIST, 0),
+     "X509V3_parse_list"},
+    {ERR_PACK(ERR_LIB_X509V3, X509V3_F_X509_PURPOSE_ADD, 0),
+     "X509_PURPOSE_add"},
+    {ERR_PACK(ERR_LIB_X509V3, X509V3_F_X509_PURPOSE_SET, 0),
+     "X509_PURPOSE_set"},
     {0, NULL}
 };
 
-static ERR_STRING_DATA X509V3_str_reasons[] = {
-    {ERR_REASON(X509V3_R_BAD_IP_ADDRESS), "bad ip address"},
-    {ERR_REASON(X509V3_R_BAD_OBJECT), "bad object"},
-    {ERR_REASON(X509V3_R_BN_DEC2BN_ERROR), "bn dec2bn error"},
-    {ERR_REASON(X509V3_R_BN_TO_ASN1_INTEGER_ERROR),
-     "bn to asn1 integer error"},
-    {ERR_REASON(X509V3_R_DIRNAME_ERROR), "dirname error"},
-    {ERR_REASON(X509V3_R_DISTPOINT_ALREADY_SET), "distpoint already set"},
-    {ERR_REASON(X509V3_R_DUPLICATE_ZONE_ID), "duplicate zone id"},
-    {ERR_REASON(X509V3_R_ERROR_CONVERTING_ZONE), "error converting zone"},
-    {ERR_REASON(X509V3_R_ERROR_CREATING_EXTENSION),
-     "error creating extension"},
-    {ERR_REASON(X509V3_R_ERROR_IN_EXTENSION), "error in extension"},
-    {ERR_REASON(X509V3_R_EXPECTED_A_SECTION_NAME), "expected a section name"},
-    {ERR_REASON(X509V3_R_EXTENSION_EXISTS), "extension exists"},
-    {ERR_REASON(X509V3_R_EXTENSION_NAME_ERROR), "extension name error"},
-    {ERR_REASON(X509V3_R_EXTENSION_NOT_FOUND), "extension not found"},
-    {ERR_REASON(X509V3_R_EXTENSION_SETTING_NOT_SUPPORTED),
-     "extension setting not supported"},
-    {ERR_REASON(X509V3_R_EXTENSION_VALUE_ERROR), "extension value error"},
-    {ERR_REASON(X509V3_R_ILLEGAL_EMPTY_EXTENSION), "illegal empty extension"},
-    {ERR_REASON(X509V3_R_INCORRECT_POLICY_SYNTAX_TAG),
-     "incorrect policy syntax tag"},
-    {ERR_REASON(X509V3_R_INVALID_ASNUMBER), "invalid asnumber"},
-    {ERR_REASON(X509V3_R_INVALID_ASRANGE), "invalid asrange"},
-    {ERR_REASON(X509V3_R_INVALID_BOOLEAN_STRING), "invalid boolean string"},
-    {ERR_REASON(X509V3_R_INVALID_EXTENSION_STRING),
-     "invalid extension string"},
-    {ERR_REASON(X509V3_R_INVALID_INHERITANCE), "invalid inheritance"},
-    {ERR_REASON(X509V3_R_INVALID_IPADDRESS), "invalid ipaddress"},
-    {ERR_REASON(X509V3_R_INVALID_MULTIPLE_RDNS), "invalid multiple rdns"},
-    {ERR_REASON(X509V3_R_INVALID_NAME), "invalid name"},
-    {ERR_REASON(X509V3_R_INVALID_NULL_ARGUMENT), "invalid null argument"},
-    {ERR_REASON(X509V3_R_INVALID_NULL_NAME), "invalid null name"},
-    {ERR_REASON(X509V3_R_INVALID_NULL_VALUE), "invalid null value"},
-    {ERR_REASON(X509V3_R_INVALID_NUMBER), "invalid number"},
-    {ERR_REASON(X509V3_R_INVALID_NUMBERS), "invalid numbers"},
-    {ERR_REASON(X509V3_R_INVALID_OBJECT_IDENTIFIER),
-     "invalid object identifier"},
-    {ERR_REASON(X509V3_R_INVALID_OPTION), "invalid option"},
-    {ERR_REASON(X509V3_R_INVALID_POLICY_IDENTIFIER),
-     "invalid policy identifier"},
-    {ERR_REASON(X509V3_R_INVALID_PROXY_POLICY_SETTING),
-     "invalid proxy policy setting"},
-    {ERR_REASON(X509V3_R_INVALID_PURPOSE), "invalid purpose"},
-    {ERR_REASON(X509V3_R_INVALID_SAFI), "invalid safi"},
-    {ERR_REASON(X509V3_R_INVALID_SECTION), "invalid section"},
-    {ERR_REASON(X509V3_R_INVALID_SYNTAX), "invalid syntax"},
-    {ERR_REASON(X509V3_R_ISSUER_DECODE_ERROR), "issuer decode error"},
-    {ERR_REASON(X509V3_R_MISSING_VALUE), "missing value"},
-    {ERR_REASON(X509V3_R_NEED_ORGANIZATION_AND_NUMBERS),
-     "need organization and numbers"},
-    {ERR_REASON(X509V3_R_NO_CONFIG_DATABASE), "no config database"},
-    {ERR_REASON(X509V3_R_NO_ISSUER_CERTIFICATE), "no issuer certificate"},
-    {ERR_REASON(X509V3_R_NO_ISSUER_DETAILS), "no issuer details"},
-    {ERR_REASON(X509V3_R_NO_POLICY_IDENTIFIER), "no policy identifier"},
-    {ERR_REASON(X509V3_R_NO_PROXY_CERT_POLICY_LANGUAGE_DEFINED),
-     "no proxy cert policy language defined"},
-    {ERR_REASON(X509V3_R_NO_PUBLIC_KEY), "no public key"},
-    {ERR_REASON(X509V3_R_NO_SUBJECT_DETAILS), "no subject details"},
-    {ERR_REASON(X509V3_R_OPERATION_NOT_DEFINED), "operation not defined"},
-    {ERR_REASON(X509V3_R_OTHERNAME_ERROR), "othername error"},
-    {ERR_REASON(X509V3_R_POLICY_LANGUAGE_ALREADY_DEFINED),
-     "policy language already defined"},
-    {ERR_REASON(X509V3_R_POLICY_PATH_LENGTH), "policy path length"},
-    {ERR_REASON(X509V3_R_POLICY_PATH_LENGTH_ALREADY_DEFINED),
-     "policy path length already defined"},
-    {ERR_REASON(X509V3_R_POLICY_WHEN_PROXY_LANGUAGE_REQUIRES_NO_POLICY),
-     "policy when proxy language requires no policy"},
-    {ERR_REASON(X509V3_R_SECTION_NOT_FOUND), "section not found"},
-    {ERR_REASON(X509V3_R_UNABLE_TO_GET_ISSUER_DETAILS),
-     "unable to get issuer details"},
-    {ERR_REASON(X509V3_R_UNABLE_TO_GET_ISSUER_KEYID),
-     "unable to get issuer keyid"},
-    {ERR_REASON(X509V3_R_UNKNOWN_BIT_STRING_ARGUMENT),
-     "unknown bit string argument"},
-    {ERR_REASON(X509V3_R_UNKNOWN_EXTENSION), "unknown extension"},
-    {ERR_REASON(X509V3_R_UNKNOWN_EXTENSION_NAME), "unknown extension name"},
-    {ERR_REASON(X509V3_R_UNKNOWN_OPTION), "unknown option"},
-    {ERR_REASON(X509V3_R_UNSUPPORTED_OPTION), "unsupported option"},
-    {ERR_REASON(X509V3_R_UNSUPPORTED_TYPE), "unsupported type"},
-    {ERR_REASON(X509V3_R_USER_TOO_LONG), "user too long"},
+static const ERR_STRING_DATA X509V3_str_reasons[] = {
+    {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_BAD_IP_ADDRESS), "bad ip address"},
+    {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_BAD_OBJECT), "bad object"},
+    {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_BN_DEC2BN_ERROR), "bn dec2bn error"},
+    {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_BN_TO_ASN1_INTEGER_ERROR),
+    "bn to asn1 integer error"},
+    {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_DIRNAME_ERROR), "dirname error"},
+    {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_DISTPOINT_ALREADY_SET),
+    "distpoint already set"},
+    {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_DUPLICATE_ZONE_ID),
+    "duplicate zone id"},
+    {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_ERROR_CONVERTING_ZONE),
+    "error converting zone"},
+    {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_ERROR_CREATING_EXTENSION),
+    "error creating extension"},
+    {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_ERROR_IN_EXTENSION),
+    "error in extension"},
+    {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_EXPECTED_A_SECTION_NAME),
+    "expected a section name"},
+    {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_EXTENSION_EXISTS),
+    "extension exists"},
+    {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_EXTENSION_NAME_ERROR),
+    "extension name error"},
+    {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_EXTENSION_NOT_FOUND),
+    "extension not found"},
+    {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_EXTENSION_SETTING_NOT_SUPPORTED),
+    "extension setting not supported"},
+    {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_EXTENSION_VALUE_ERROR),
+    "extension value error"},
+    {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_ILLEGAL_EMPTY_EXTENSION),
+    "illegal empty extension"},
+    {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_INCORRECT_POLICY_SYNTAX_TAG),
+    "incorrect policy syntax tag"},
+    {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_INVALID_ASNUMBER),
+    "invalid asnumber"},
+    {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_INVALID_ASRANGE), "invalid asrange"},
+    {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_INVALID_BOOLEAN_STRING),
+    "invalid boolean string"},
+    {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_INVALID_EXTENSION_STRING),
+    "invalid extension string"},
+    {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_INVALID_INHERITANCE),
+    "invalid inheritance"},
+    {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_INVALID_IPADDRESS),
+    "invalid ipaddress"},
+    {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_INVALID_MULTIPLE_RDNS),
+    "invalid multiple rdns"},
+    {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_INVALID_NAME), "invalid name"},
+    {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_INVALID_NULL_ARGUMENT),
+    "invalid null argument"},
+    {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_INVALID_NULL_NAME),
+    "invalid null name"},
+    {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_INVALID_NULL_VALUE),
+    "invalid null value"},
+    {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_INVALID_NUMBER), "invalid number"},
+    {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_INVALID_NUMBERS), "invalid numbers"},
+    {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_INVALID_OBJECT_IDENTIFIER),
+    "invalid object identifier"},
+    {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_INVALID_OPTION), "invalid option"},
+    {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_INVALID_POLICY_IDENTIFIER),
+    "invalid policy identifier"},
+    {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_INVALID_PROXY_POLICY_SETTING),
+    "invalid proxy policy setting"},
+    {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_INVALID_PURPOSE), "invalid purpose"},
+    {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_INVALID_SAFI), "invalid safi"},
+    {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_INVALID_SECTION), "invalid section"},
+    {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_INVALID_SYNTAX), "invalid syntax"},
+    {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_ISSUER_DECODE_ERROR),
+    "issuer decode error"},
+    {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_MISSING_VALUE), "missing value"},
+    {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_NEED_ORGANIZATION_AND_NUMBERS),
+    "need organization and numbers"},
+    {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_NO_CONFIG_DATABASE),
+    "no config database"},
+    {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_NO_ISSUER_CERTIFICATE),
+    "no issuer certificate"},
+    {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_NO_ISSUER_DETAILS),
+    "no issuer details"},
+    {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_NO_POLICY_IDENTIFIER),
+    "no policy identifier"},
+    {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_NO_PROXY_CERT_POLICY_LANGUAGE_DEFINED),
+    "no proxy cert policy language defined"},
+    {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_NO_PUBLIC_KEY), "no public key"},
+    {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_NO_SUBJECT_DETAILS),
+    "no subject details"},
+    {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_OPERATION_NOT_DEFINED),
+    "operation not defined"},
+    {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_OTHERNAME_ERROR), "othername error"},
+    {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_POLICY_LANGUAGE_ALREADY_DEFINED),
+    "policy language already defined"},
+    {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_POLICY_PATH_LENGTH),
+    "policy path length"},
+    {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_POLICY_PATH_LENGTH_ALREADY_DEFINED),
+    "policy path length already defined"},
+    {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_POLICY_WHEN_PROXY_LANGUAGE_REQUIRES_NO_POLICY),
+    "policy when proxy language requires no policy"},
+    {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_SECTION_NOT_FOUND),
+    "section not found"},
+    {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_UNABLE_TO_GET_ISSUER_DETAILS),
+    "unable to get issuer details"},
+    {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_UNABLE_TO_GET_ISSUER_KEYID),
+    "unable to get issuer keyid"},
+    {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_UNKNOWN_BIT_STRING_ARGUMENT),
+    "unknown bit string argument"},
+    {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_UNKNOWN_EXTENSION),
+    "unknown extension"},
+    {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_UNKNOWN_EXTENSION_NAME),
+    "unknown extension name"},
+    {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_UNKNOWN_OPTION), "unknown option"},
+    {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_UNSUPPORTED_OPTION),
+    "unsupported option"},
+    {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_UNSUPPORTED_TYPE),
+    "unsupported type"},
+    {ERR_PACK(ERR_LIB_X509V3, 0, X509V3_R_USER_TOO_LONG), "user too long"},
     {0, NULL}
 };
 
@@ -177,10 +239,9 @@ static ERR_STRING_DATA X509V3_str_reasons[] = {
 int ERR_load_X509V3_strings(void)
 {
 #ifndef OPENSSL_NO_ERR
-
     if (ERR_func_error_string(X509V3_str_functs[0].error) == NULL) {
-        ERR_load_strings(0, X509V3_str_functs);
-        ERR_load_strings(0, X509V3_str_reasons);
+        ERR_load_strings_const(X509V3_str_functs);
+        ERR_load_strings_const(X509V3_str_reasons);
     }
 #endif
     return 1;
diff --git a/demos/engines/e_chil.txt b/demos/engines/e_chil.txt
new file mode 100644
index 0000000..dc7076b
--- /dev/null
+++ b/demos/engines/e_chil.txt
@@ -0,0 +1,12 @@
+HWCRHK_F_BIND_HELPER                             110
+HWCRHK_F_HWCRHK_CTRL                             100
+HWCRHK_F_HWCRHK_FINISH                           101
+HWCRHK_F_HWCRHK_GET_PASS                         102
+HWCRHK_F_HWCRHK_INIT                             103
+HWCRHK_F_HWCRHK_INSERT_CARD                      104
+HWCRHK_F_HWCRHK_LOAD_PRIVKEY                     105
+HWCRHK_F_HWCRHK_LOAD_PUBKEY                      106
+HWCRHK_F_HWCRHK_MOD_EXP                          107
+HWCRHK_F_HWCRHK_MUTEX_INIT                       111
+HWCRHK_F_HWCRHK_RAND_BYTES                       108
+HWCRHK_F_HWCRHK_RSA_MOD_EXP                      109
diff --git a/engines/build.info b/engines/build.info
index 2f0c54a..d74d380 100644
--- a/engines/build.info
+++ b/engines/build.info
@@ -8,7 +8,7 @@ IF[{- !$disabled{"engine"} -}]
       SOURCE[../libcrypto]=e_capi.c
     ENDIF
     IF[{- !$disabled{afalgeng} -}]
-      SOURCE[../libcrypto]=e_afalg.c e_afalg_err.c
+      SOURCE[../libcrypto]=e_afalg.c
     ENDIF
   ELSE
     ENGINES=padlock
@@ -23,7 +23,7 @@ IF[{- !$disabled{"engine"} -}]
     ENDIF
     IF[{- !$disabled{afalgeng} -}]
       ENGINES=afalg
-      SOURCE[afalg]=e_afalg.c e_afalg_err.c
+      SOURCE[afalg]=e_afalg.c
       DEPEND[afalg]=../libcrypto
       INCLUDE[afalg]= ../include
     ENDIF
diff --git a/engines/e_afalg.c b/engines/e_afalg.c
index 5ce9047..7e68255 100644
--- a/engines/e_afalg.c
+++ b/engines/e_afalg.c
@@ -45,9 +45,7 @@ void engine_load_afalg_int(void)
 # include <errno.h>
 
 # include "e_afalg.h"
-
-# define AFALG_LIB_NAME "AFALG"
-# include "e_afalg_err.h"
+# include "e_afalg_err.c"
 
 # ifndef SOL_ALG
 #  define SOL_ALG 279
diff --git a/engines/e_afalg.ec b/engines/e_afalg.ec
index 2d14d65..6d7420f 100644
--- a/engines/e_afalg.ec
+++ b/engines/e_afalg.ec
@@ -1 +1,3 @@
-L       AFALG    e_afalg_err.h e_afalg_err.c
+# The INPUT HEADER is scanned for declarations
+# LIBNAME       INPUT HEADER                    ERROR-TABLE FILE
+L AFALG         e_afalg_err.h                   e_afalg_err.c
diff --git a/engines/e_afalg.txt b/engines/e_afalg.txt
new file mode 100644
index 0000000..4f30476
--- /dev/null
+++ b/engines/e_afalg.txt
@@ -0,0 +1,18 @@
+AFALG_F_AFALG_CHK_PLATFORM 100
+AFALG_F_AFALG_CREATE_SK 101
+AFALG_F_AFALG_INIT_AIO 102
+AFALG_F_AFALG_SETUP_ASYNC_EVENT_NOTIFICATION 103
+AFALG_F_AFALG_SET_KEY 104
+AFALG_F_BIND_AFALG 105
+AFALG_R_EVENTFD_FAILED 108
+AFALG_R_FAILED_TO_GET_PLATFORM_INFO 111
+AFALG_R_INIT_FAILED 100
+AFALG_R_IO_SETUP_FAILED 105
+AFALG_R_KERNEL_DOES_NOT_SUPPORT_AFALG 101
+AFALG_R_KERNEL_DOES_NOT_SUPPORT_ASYNC_AFALG 107
+AFALG_R_MEM_ALLOC_FAILED 102
+AFALG_R_SOCKET_ACCEPT_FAILED 110
+AFALG_R_SOCKET_BIND_FAILED 103
+AFALG_R_SOCKET_CREATE_FAILED 109
+AFALG_R_SOCKET_OPERATION_FAILED 104
+AFALG_R_SOCKET_SET_KEY_FAILED 106
diff --git a/engines/e_afalg_err.c b/engines/e_afalg_err.c
index ca394ed..18fe9c3 100644
--- a/engines/e_afalg_err.c
+++ b/engines/e_afalg_err.c
@@ -1,5 +1,6 @@
 /*
- * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Generated by util/mkerr.pl DO NOT EDIT
+ * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -7,105 +8,76 @@
  * https://www.openssl.org/source/license.html
  */
 
-/*
- * NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
 #include <openssl/err.h>
 #include "e_afalg_err.h"
 
-/* BEGIN ERROR CODES */
 #ifndef OPENSSL_NO_ERR
 
-# define ERR_FUNC(func) ERR_PACK(0,func,0)
-# define ERR_REASON(reason) ERR_PACK(0,0,reason)
-
 static ERR_STRING_DATA AFALG_str_functs[] = {
-    {ERR_FUNC(AFALG_F_AFALG_CHK_PLATFORM), "afalg_chk_platform"},
-    {ERR_FUNC(AFALG_F_AFALG_CREATE_BIND_SK), "afalg_create_bind_sk"},
-    {ERR_FUNC(AFALG_F_AFALG_CREATE_BIND_SOCKET), "afalg_create_bind_sk"},
-    {ERR_FUNC(AFALG_F_AFALG_CREATE_SK), "afalg_create_sk"},
-    {ERR_FUNC(AFALG_F_AFALG_INIT_AIO), "afalg_init_aio"},
-    {ERR_FUNC(AFALG_F_AFALG_SETUP_ASYNC_EVENT_NOTIFICATION),
+    {ERR_PACK(0, AFALG_F_AFALG_CHK_PLATFORM, 0), "afalg_chk_platform"},
+    {ERR_PACK(0, AFALG_F_AFALG_CREATE_SK, 0), "afalg_create_sk"},
+    {ERR_PACK(0, AFALG_F_AFALG_INIT_AIO, 0), "afalg_init_aio"},
+    {ERR_PACK(0, AFALG_F_AFALG_SETUP_ASYNC_EVENT_NOTIFICATION, 0),
      "afalg_setup_async_event_notification"},
-    {ERR_FUNC(AFALG_F_AFALG_SET_KEY), "afalg_set_key"},
-    {ERR_FUNC(AFALG_F_AFALG_SOCKET), "afalg_socket"},
-    {ERR_FUNC(AFALG_F_AFALG_START_CIPHER_SK), "afalg_start_cipher_sk"},
-    {ERR_FUNC(AFALG_F_BIND_AFALG), "bind_afalg"},
+    {ERR_PACK(0, AFALG_F_AFALG_SET_KEY, 0), "afalg_set_key"},
+    {ERR_PACK(0, AFALG_F_BIND_AFALG, 0), "bind_afalg"},
     {0, NULL}
 };
 
 static ERR_STRING_DATA AFALG_str_reasons[] = {
-    {ERR_REASON(AFALG_R_EVENTFD_FAILED), "eventfd failed"},
-    {ERR_REASON(AFALG_R_FAILED_TO_GET_PLATFORM_INFO),
-     "failed to get platform info"},
-    {ERR_REASON(AFALG_R_INIT_FAILED), "init failed"},
-    {ERR_REASON(AFALG_R_IO_SETUP_FAILED), "io setup failed"},
-    {ERR_REASON(AFALG_R_KERNEL_DOES_NOT_SUPPORT_AFALG),
-     "kernel does not support afalg"},
-    {ERR_REASON(AFALG_R_KERNEL_DOES_NOT_SUPPORT_ASYNC_AFALG),
-     "kernel does not support async afalg"},
-    {ERR_REASON(AFALG_R_MEM_ALLOC_FAILED), "mem alloc failed"},
-    {ERR_REASON(AFALG_R_SOCKET_ACCEPT_FAILED), "socket accept failed"},
-    {ERR_REASON(AFALG_R_SOCKET_BIND_FAILED), "socket bind failed"},
-    {ERR_REASON(AFALG_R_SOCKET_CREATE_FAILED), "socket create failed"},
-    {ERR_REASON(AFALG_R_SOCKET_OPERATION_FAILED), "socket operation failed"},
-    {ERR_REASON(AFALG_R_SOCKET_SET_KEY_FAILED), "socket set key failed"},
+    {ERR_PACK(0, 0, AFALG_R_EVENTFD_FAILED), "eventfd failed"},
+    {ERR_PACK(0, 0, AFALG_R_FAILED_TO_GET_PLATFORM_INFO),
+    "failed to get platform info"},
+    {ERR_PACK(0, 0, AFALG_R_INIT_FAILED), "init failed"},
+    {ERR_PACK(0, 0, AFALG_R_IO_SETUP_FAILED), "io setup failed"},
+    {ERR_PACK(0, 0, AFALG_R_KERNEL_DOES_NOT_SUPPORT_AFALG),
+    "kernel does not support afalg"},
+    {ERR_PACK(0, 0, AFALG_R_KERNEL_DOES_NOT_SUPPORT_ASYNC_AFALG),
+    "kernel does not support async afalg"},
+    {ERR_PACK(0, 0, AFALG_R_MEM_ALLOC_FAILED), "mem alloc failed"},
+    {ERR_PACK(0, 0, AFALG_R_SOCKET_ACCEPT_FAILED), "socket accept failed"},
+    {ERR_PACK(0, 0, AFALG_R_SOCKET_BIND_FAILED), "socket bind failed"},
+    {ERR_PACK(0, 0, AFALG_R_SOCKET_CREATE_FAILED), "socket create failed"},
+    {ERR_PACK(0, 0, AFALG_R_SOCKET_OPERATION_FAILED),
+    "socket operation failed"},
+    {ERR_PACK(0, 0, AFALG_R_SOCKET_SET_KEY_FAILED), "socket set key failed"},
     {0, NULL}
 };
 
 #endif
 
-#ifdef AFALG_LIB_NAME
-static ERR_STRING_DATA AFALG_lib_name[] = {
-    {0, AFALG_LIB_NAME},
-    {0, NULL}
-};
-#endif
-
-static int AFALG_lib_error_code = 0;
-static int AFALG_error_init = 1;
+static int lib_code = 0;
+static int error_loaded = 0;
 
-void ERR_load_AFALG_strings(void)
+static int ERR_load_AFALG_strings(void)
 {
-    if (AFALG_lib_error_code == 0)
-        AFALG_lib_error_code = ERR_get_next_error_library();
+    if (lib_code == 0)
+        lib_code = ERR_get_next_error_library();
 
-    if (AFALG_error_init) {
-        AFALG_error_init = 0;
+    if (!error_loaded) {
 #ifndef OPENSSL_NO_ERR
-        ERR_load_strings(AFALG_lib_error_code, AFALG_str_functs);
-        ERR_load_strings(AFALG_lib_error_code, AFALG_str_reasons);
-#endif
-
-#ifdef AFALG_LIB_NAME
-        AFALG_lib_name->error = ERR_PACK(AFALG_lib_error_code, 0, 0);
-        ERR_load_strings(0, AFALG_lib_name);
+        ERR_load_strings(lib_code, AFALG_str_functs);
+        ERR_load_strings(lib_code, AFALG_str_reasons);
 #endif
+        error_loaded = 1;
     }
+    return 1;
 }
 
-void ERR_unload_AFALG_strings(void)
+static void ERR_unload_AFALG_strings(void)
 {
-    if (AFALG_error_init == 0) {
+    if (error_loaded) {
 #ifndef OPENSSL_NO_ERR
-        ERR_unload_strings(AFALG_lib_error_code, AFALG_str_functs);
-        ERR_unload_strings(AFALG_lib_error_code, AFALG_str_reasons);
-#endif
-
-#ifdef AFALG_LIB_NAME
-        ERR_unload_strings(0, AFALG_lib_name);
+        ERR_unload_strings(lib_code, AFALG_str_functs);
+        ERR_unload_strings(lib_code, AFALG_str_reasons);
 #endif
-        AFALG_error_init = 1;
+        error_loaded = 0;
     }
 }
 
-void ERR_AFALG_error(int function, int reason, char *file, int line)
+static void ERR_AFALG_error(int function, int reason, char *file, int line)
 {
-    if (AFALG_lib_error_code == 0)
-        AFALG_lib_error_code = ERR_get_next_error_library();
-    ERR_PUT_error(AFALG_lib_error_code, function, reason, file, line);
+    if (lib_code == 0)
+        lib_code = ERR_get_next_error_library();
+    ERR_PUT_error(lib_code, function, reason, file, line);
 }
diff --git a/engines/e_afalg_err.h b/engines/e_afalg_err.h
index 21abc97..3eb1332 100644
--- a/engines/e_afalg_err.h
+++ b/engines/e_afalg_err.h
@@ -1,5 +1,6 @@
 /*
- * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Generated by util/mkerr.pl DO NOT EDIT
+ * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -7,40 +8,25 @@
  * https://www.openssl.org/source/license.html
  */
 
-/*
- * NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#ifndef HEADER_AFALG_ERR_H
-# define HEADER_AFALG_ERR_H
+#ifndef HEADER_AFALGERR_H
+# define HEADER_AFALGERR_H
 
-# ifdef  __cplusplus
-extern "C" {
-# endif
+# define AFALGerr(f, r) ERR_AFALG_error((f), (r), OPENSSL_FILE, OPENSSL_LINE)
 
-/* BEGIN ERROR CODES */
-void ERR_load_AFALG_strings(void);
-void ERR_unload_AFALG_strings(void);
-void ERR_AFALG_error(int function, int reason, char *file, int line);
-# define AFALGerr(f,r) ERR_AFALG_error((f),(r),__FILE__,__LINE__)
 
-/* Error codes for the AFALG functions. */
-
-/* Function codes. */
+/*
+ * AFALG function codes.
+ */
 # define AFALG_F_AFALG_CHK_PLATFORM                       100
-# define AFALG_F_AFALG_CREATE_BIND_SK                     106
-# define AFALG_F_AFALG_CREATE_BIND_SOCKET                 105
-# define AFALG_F_AFALG_CREATE_SK                          108
-# define AFALG_F_AFALG_INIT_AIO                           101
-# define AFALG_F_AFALG_SETUP_ASYNC_EVENT_NOTIFICATION     107
-# define AFALG_F_AFALG_SET_KEY                            109
-# define AFALG_F_AFALG_SOCKET                             102
-# define AFALG_F_AFALG_START_CIPHER_SK                    103
-# define AFALG_F_BIND_AFALG                               104
+# define AFALG_F_AFALG_CREATE_SK                          101
+# define AFALG_F_AFALG_INIT_AIO                           102
+# define AFALG_F_AFALG_SETUP_ASYNC_EVENT_NOTIFICATION     103
+# define AFALG_F_AFALG_SET_KEY                            104
+# define AFALG_F_BIND_AFALG                               105
 
-/* Reason codes. */
+/*
+ * AFALG reason codes.
+ */
 # define AFALG_R_EVENTFD_FAILED                           108
 # define AFALG_R_FAILED_TO_GET_PLATFORM_INFO              111
 # define AFALG_R_INIT_FAILED                              100
@@ -54,7 +40,4 @@ void ERR_AFALG_error(int function, int reason, char *file, int line);
 # define AFALG_R_SOCKET_OPERATION_FAILED                  104
 # define AFALG_R_SOCKET_SET_KEY_FAILED                    106
 
-#ifdef  __cplusplus
-}
-#endif
 #endif
diff --git a/engines/e_capi.ec b/engines/e_capi.ec
index d2ad668..d9c7aa5 100644
--- a/engines/e_capi.ec
+++ b/engines/e_capi.ec
@@ -1 +1,3 @@
-L       CAPI    e_capi_err.h e_capi_err.c
+# The INPUT HEADER is scanned for declarations
+# LIBNAME       INPUT HEADER                    ERROR-TABLE FILE
+L CAPI          e_capi_err.h                    e_capi_err.c
diff --git a/engines/e_capi.txt b/engines/e_capi.txt
new file mode 100644
index 0000000..6444a06
--- /dev/null
+++ b/engines/e_capi.txt
@@ -0,0 +1,50 @@
+CAPI_F_CAPI_CERT_GET_FNAME 99
+CAPI_F_CAPI_CTRL 100
+CAPI_F_CAPI_CTX_NEW 101
+CAPI_F_CAPI_CTX_SET_PROVNAME 102
+CAPI_F_CAPI_DSA_DO_SIGN 114
+CAPI_F_CAPI_GET_KEY 103
+CAPI_F_CAPI_GET_PKEY 115
+CAPI_F_CAPI_GET_PROVNAME 104
+CAPI_F_CAPI_GET_PROV_INFO 105
+CAPI_F_CAPI_INIT 106
+CAPI_F_CAPI_LIST_CONTAINERS 107
+CAPI_F_CAPI_LOAD_PRIVKEY 108
+CAPI_F_CAPI_OPEN_STORE 109
+CAPI_F_CAPI_RSA_PRIV_DEC 110
+CAPI_F_CAPI_RSA_PRIV_ENC 111
+CAPI_F_CAPI_RSA_SIGN 112
+CAPI_F_CAPI_VTRACE 118
+CAPI_F_CERT_SELECT_DIALOG 117
+CAPI_F_CLIENT_CERT_SELECT 116
+CAPI_F_WIDE_TO_ASC 113
+CAPI_R_CANT_CREATE_HASH_OBJECT 100
+CAPI_R_CANT_FIND_CAPI_CONTEXT 101
+CAPI_R_CANT_GET_KEY 102
+CAPI_R_CANT_SET_HASH_VALUE 103
+CAPI_R_CRYPTACQUIRECONTEXT_ERROR 104
+CAPI_R_CRYPTENUMPROVIDERS_ERROR 105
+CAPI_R_DECRYPT_ERROR 106
+CAPI_R_ENGINE_NOT_INITIALIZED 107
+CAPI_R_ENUMCONTAINERS_ERROR 108
+CAPI_R_ERROR_ADDING_CERT 109
+CAPI_R_ERROR_CREATING_STORE 110
+CAPI_R_ERROR_GETTING_FRIENDLY_NAME 111
+CAPI_R_ERROR_GETTING_KEY_PROVIDER_INFO 112
+CAPI_R_ERROR_OPENING_STORE 113
+CAPI_R_ERROR_SIGNING_HASH 114
+CAPI_R_FILE_OPEN_ERROR 115
+CAPI_R_FUNCTION_NOT_SUPPORTED 116
+CAPI_R_GETUSERKEY_ERROR 117
+CAPI_R_INVALID_DIGEST_LENGTH 118
+CAPI_R_INVALID_DSA_PUBLIC_KEY_BLOB_MAGIC_NUMBER 119
+CAPI_R_INVALID_LOOKUP_METHOD 120
+CAPI_R_INVALID_PUBLIC_KEY_BLOB 121
+CAPI_R_INVALID_RSA_PUBLIC_KEY_BLOB_MAGIC_NUMBER 122
+CAPI_R_PUBKEY_EXPORT_ERROR 123
+CAPI_R_PUBKEY_EXPORT_LENGTH_ERROR 124
+CAPI_R_UNKNOWN_COMMAND 125
+CAPI_R_UNSUPPORTED_ALGORITHM_NID 126
+CAPI_R_UNSUPPORTED_PADDING 127
+CAPI_R_UNSUPPORTED_PUBLIC_KEY_ALGORITHM 128
+CAPI_R_WIN32_ERROR 129
diff --git a/engines/e_capi.txt.old b/engines/e_capi.txt.old
new file mode 100644
index 0000000..6444a06
--- /dev/null
+++ b/engines/e_capi.txt.old
@@ -0,0 +1,50 @@
+CAPI_F_CAPI_CERT_GET_FNAME 99
+CAPI_F_CAPI_CTRL 100
+CAPI_F_CAPI_CTX_NEW 101
+CAPI_F_CAPI_CTX_SET_PROVNAME 102
+CAPI_F_CAPI_DSA_DO_SIGN 114
+CAPI_F_CAPI_GET_KEY 103
+CAPI_F_CAPI_GET_PKEY 115
+CAPI_F_CAPI_GET_PROVNAME 104
+CAPI_F_CAPI_GET_PROV_INFO 105
+CAPI_F_CAPI_INIT 106
+CAPI_F_CAPI_LIST_CONTAINERS 107
+CAPI_F_CAPI_LOAD_PRIVKEY 108
+CAPI_F_CAPI_OPEN_STORE 109
+CAPI_F_CAPI_RSA_PRIV_DEC 110
+CAPI_F_CAPI_RSA_PRIV_ENC 111
+CAPI_F_CAPI_RSA_SIGN 112
+CAPI_F_CAPI_VTRACE 118
+CAPI_F_CERT_SELECT_DIALOG 117
+CAPI_F_CLIENT_CERT_SELECT 116
+CAPI_F_WIDE_TO_ASC 113
+CAPI_R_CANT_CREATE_HASH_OBJECT 100
+CAPI_R_CANT_FIND_CAPI_CONTEXT 101
+CAPI_R_CANT_GET_KEY 102
+CAPI_R_CANT_SET_HASH_VALUE 103
+CAPI_R_CRYPTACQUIRECONTEXT_ERROR 104
+CAPI_R_CRYPTENUMPROVIDERS_ERROR 105
+CAPI_R_DECRYPT_ERROR 106
+CAPI_R_ENGINE_NOT_INITIALIZED 107
+CAPI_R_ENUMCONTAINERS_ERROR 108
+CAPI_R_ERROR_ADDING_CERT 109
+CAPI_R_ERROR_CREATING_STORE 110
+CAPI_R_ERROR_GETTING_FRIENDLY_NAME 111
+CAPI_R_ERROR_GETTING_KEY_PROVIDER_INFO 112
+CAPI_R_ERROR_OPENING_STORE 113
+CAPI_R_ERROR_SIGNING_HASH 114
+CAPI_R_FILE_OPEN_ERROR 115
+CAPI_R_FUNCTION_NOT_SUPPORTED 116
+CAPI_R_GETUSERKEY_ERROR 117
+CAPI_R_INVALID_DIGEST_LENGTH 118
+CAPI_R_INVALID_DSA_PUBLIC_KEY_BLOB_MAGIC_NUMBER 119
+CAPI_R_INVALID_LOOKUP_METHOD 120
+CAPI_R_INVALID_PUBLIC_KEY_BLOB 121
+CAPI_R_INVALID_RSA_PUBLIC_KEY_BLOB_MAGIC_NUMBER 122
+CAPI_R_PUBKEY_EXPORT_ERROR 123
+CAPI_R_PUBKEY_EXPORT_LENGTH_ERROR 124
+CAPI_R_UNKNOWN_COMMAND 125
+CAPI_R_UNSUPPORTED_ALGORITHM_NID 126
+CAPI_R_UNSUPPORTED_PADDING 127
+CAPI_R_UNSUPPORTED_PUBLIC_KEY_ALGORITHM 128
+CAPI_R_WIN32_ERROR 129
diff --git a/engines/e_capi_err.c b/engines/e_capi_err.c
index 64e963a..23bcc09 100644
--- a/engines/e_capi_err.c
+++ b/engines/e_capi_err.c
@@ -1,5 +1,6 @@
 /*
- * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Generated by util/mkerr.pl DO NOT EDIT
+ * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -7,137 +8,112 @@
  * https://www.openssl.org/source/license.html
  */
 
-/*
- * NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
 #include <openssl/err.h>
 #include "e_capi_err.h"
 
-/* BEGIN ERROR CODES */
 #ifndef OPENSSL_NO_ERR
 
-# define ERR_FUNC(func) ERR_PACK(0,func,0)
-# define ERR_REASON(reason) ERR_PACK(0,0,reason)
-
 static ERR_STRING_DATA CAPI_str_functs[] = {
-    {ERR_FUNC(CAPI_F_CAPI_CERT_GET_FNAME), "CAPI_CERT_GET_FNAME"},
-    {ERR_FUNC(CAPI_F_CAPI_CTRL), "CAPI_CTRL"},
-    {ERR_FUNC(CAPI_F_CAPI_CTX_NEW), "CAPI_CTX_NEW"},
-    {ERR_FUNC(CAPI_F_CAPI_CTX_SET_PROVNAME), "CAPI_CTX_SET_PROVNAME"},
-    {ERR_FUNC(CAPI_F_CAPI_DSA_DO_SIGN), "CAPI_DSA_DO_SIGN"},
-    {ERR_FUNC(CAPI_F_CAPI_GET_KEY), "CAPI_GET_KEY"},
-    {ERR_FUNC(CAPI_F_CAPI_GET_PKEY), "CAPI_GET_PKEY"},
-    {ERR_FUNC(CAPI_F_CAPI_GET_PROVNAME), "CAPI_GET_PROVNAME"},
-    {ERR_FUNC(CAPI_F_CAPI_GET_PROV_INFO), "CAPI_GET_PROV_INFO"},
-    {ERR_FUNC(CAPI_F_CAPI_INIT), "CAPI_INIT"},
-    {ERR_FUNC(CAPI_F_CAPI_LIST_CONTAINERS), "CAPI_LIST_CONTAINERS"},
-    {ERR_FUNC(CAPI_F_CAPI_LOAD_PRIVKEY), "CAPI_LOAD_PRIVKEY"},
-    {ERR_FUNC(CAPI_F_CAPI_OPEN_STORE), "CAPI_OPEN_STORE"},
-    {ERR_FUNC(CAPI_F_CAPI_RSA_PRIV_DEC), "CAPI_RSA_PRIV_DEC"},
-    {ERR_FUNC(CAPI_F_CAPI_RSA_PRIV_ENC), "CAPI_RSA_PRIV_ENC"},
-    {ERR_FUNC(CAPI_F_CAPI_RSA_SIGN), "CAPI_RSA_SIGN"},
-    {ERR_FUNC(CAPI_F_CAPI_VTRACE), "CAPI_VTRACE"},
-    {ERR_FUNC(CAPI_F_CERT_SELECT_DIALOG), "CERT_SELECT_DIALOG"},
-    {ERR_FUNC(CAPI_F_CLIENT_CERT_SELECT), "CLIENT_CERT_SELECT"},
-    {ERR_FUNC(CAPI_F_WIDE_TO_ASC), "WIDE_TO_ASC"},
+    {ERR_PACK(0, CAPI_F_CAPI_CERT_GET_FNAME, 0), "capi_cert_get_fname"},
+    {ERR_PACK(0, CAPI_F_CAPI_CTRL, 0), "capi_ctrl"},
+    {ERR_PACK(0, CAPI_F_CAPI_CTX_NEW, 0), "capi_ctx_new"},
+    {ERR_PACK(0, CAPI_F_CAPI_CTX_SET_PROVNAME, 0), "capi_ctx_set_provname"},
+    {ERR_PACK(0, CAPI_F_CAPI_DSA_DO_SIGN, 0), "capi_dsa_do_sign"},
+    {ERR_PACK(0, CAPI_F_CAPI_GET_KEY, 0), "capi_get_key"},
+    {ERR_PACK(0, CAPI_F_CAPI_GET_PKEY, 0), "capi_get_pkey"},
+    {ERR_PACK(0, CAPI_F_CAPI_GET_PROVNAME, 0), "capi_get_provname"},
+    {ERR_PACK(0, CAPI_F_CAPI_GET_PROV_INFO, 0), "capi_get_prov_info"},
+    {ERR_PACK(0, CAPI_F_CAPI_INIT, 0), "capi_init"},
+    {ERR_PACK(0, CAPI_F_CAPI_LIST_CONTAINERS, 0), "capi_list_containers"},
+    {ERR_PACK(0, CAPI_F_CAPI_LOAD_PRIVKEY, 0), "capi_load_privkey"},
+    {ERR_PACK(0, CAPI_F_CAPI_OPEN_STORE, 0), "capi_open_store"},
+    {ERR_PACK(0, CAPI_F_CAPI_RSA_PRIV_DEC, 0), "capi_rsa_priv_dec"},
+    {ERR_PACK(0, CAPI_F_CAPI_RSA_PRIV_ENC, 0), "capi_rsa_priv_enc"},
+    {ERR_PACK(0, CAPI_F_CAPI_RSA_SIGN, 0), "capi_rsa_sign"},
+    {ERR_PACK(0, CAPI_F_CAPI_VTRACE, 0), "capi_vtrace"},
+    {ERR_PACK(0, CAPI_F_CERT_SELECT_DIALOG, 0), "cert_select_dialog"},
+    {ERR_PACK(0, CAPI_F_CLIENT_CERT_SELECT, 0), "CLIENT_CERT_SELECT"},
+    {ERR_PACK(0, CAPI_F_WIDE_TO_ASC, 0), "wide_to_asc"},
     {0, NULL}
 };
 
 static ERR_STRING_DATA CAPI_str_reasons[] = {
-    {ERR_REASON(CAPI_R_CANT_CREATE_HASH_OBJECT), "cant create hash object"},
-    {ERR_REASON(CAPI_R_CANT_FIND_CAPI_CONTEXT), "cant find capi context"},
-    {ERR_REASON(CAPI_R_CANT_GET_KEY), "cant get key"},
-    {ERR_REASON(CAPI_R_CANT_SET_HASH_VALUE), "cant set hash value"},
-    {ERR_REASON(CAPI_R_CRYPTACQUIRECONTEXT_ERROR),
-     "cryptacquirecontext error"},
-    {ERR_REASON(CAPI_R_CRYPTENUMPROVIDERS_ERROR), "cryptenumproviders error"},
-    {ERR_REASON(CAPI_R_DECRYPT_ERROR), "decrypt error"},
-    {ERR_REASON(CAPI_R_ENGINE_NOT_INITIALIZED), "engine not initialized"},
-    {ERR_REASON(CAPI_R_ENUMCONTAINERS_ERROR), "enumcontainers error"},
-    {ERR_REASON(CAPI_R_ERROR_ADDING_CERT), "error adding cert"},
-    {ERR_REASON(CAPI_R_ERROR_CREATING_STORE), "error creating store"},
-    {ERR_REASON(CAPI_R_ERROR_GETTING_FRIENDLY_NAME),
-     "error getting friendly name"},
-    {ERR_REASON(CAPI_R_ERROR_GETTING_KEY_PROVIDER_INFO),
-     "error getting key provider info"},
-    {ERR_REASON(CAPI_R_ERROR_OPENING_STORE), "error opening store"},
-    {ERR_REASON(CAPI_R_ERROR_SIGNING_HASH), "error signing hash"},
-    {ERR_REASON(CAPI_R_FILE_OPEN_ERROR), "file open error"},
-    {ERR_REASON(CAPI_R_FUNCTION_NOT_SUPPORTED), "function not supported"},
-    {ERR_REASON(CAPI_R_GETUSERKEY_ERROR), "getuserkey error"},
-    {ERR_REASON(CAPI_R_INVALID_DIGEST_LENGTH), "invalid digest length"},
-    {ERR_REASON(CAPI_R_INVALID_DSA_PUBLIC_KEY_BLOB_MAGIC_NUMBER),
-     "invalid dsa public key blob magic number"},
-    {ERR_REASON(CAPI_R_INVALID_LOOKUP_METHOD), "invalid lookup method"},
-    {ERR_REASON(CAPI_R_INVALID_PUBLIC_KEY_BLOB), "invalid public key blob"},
-    {ERR_REASON(CAPI_R_INVALID_RSA_PUBLIC_KEY_BLOB_MAGIC_NUMBER),
-     "invalid rsa public key blob magic number"},
-    {ERR_REASON(CAPI_R_PUBKEY_EXPORT_ERROR), "pubkey export error"},
-    {ERR_REASON(CAPI_R_PUBKEY_EXPORT_LENGTH_ERROR),
-     "pubkey export length error"},
-    {ERR_REASON(CAPI_R_UNKNOWN_COMMAND), "unknown command"},
-    {ERR_REASON(CAPI_R_UNSUPPORTED_ALGORITHM_NID),
-     "unsupported algorithm nid"},
-    {ERR_REASON(CAPI_R_UNSUPPORTED_PADDING), "unsupported padding"},
-    {ERR_REASON(CAPI_R_UNSUPPORTED_PUBLIC_KEY_ALGORITHM),
-     "unsupported public key algorithm"},
-    {ERR_REASON(CAPI_R_WIN32_ERROR), "win32 error"},
+    {ERR_PACK(0, 0, CAPI_R_CANT_CREATE_HASH_OBJECT), "cant create hash object"},
+    {ERR_PACK(0, 0, CAPI_R_CANT_FIND_CAPI_CONTEXT), "cant find capi context"},
+    {ERR_PACK(0, 0, CAPI_R_CANT_GET_KEY), "cant get key"},
+    {ERR_PACK(0, 0, CAPI_R_CANT_SET_HASH_VALUE), "cant set hash value"},
+    {ERR_PACK(0, 0, CAPI_R_CRYPTACQUIRECONTEXT_ERROR),
+    "cryptacquirecontext error"},
+    {ERR_PACK(0, 0, CAPI_R_CRYPTENUMPROVIDERS_ERROR),
+    "cryptenumproviders error"},
+    {ERR_PACK(0, 0, CAPI_R_DECRYPT_ERROR), "decrypt error"},
+    {ERR_PACK(0, 0, CAPI_R_ENGINE_NOT_INITIALIZED), "engine not initialized"},
+    {ERR_PACK(0, 0, CAPI_R_ENUMCONTAINERS_ERROR), "enumcontainers error"},
+    {ERR_PACK(0, 0, CAPI_R_ERROR_ADDING_CERT), "error adding cert"},
+    {ERR_PACK(0, 0, CAPI_R_ERROR_CREATING_STORE), "error creating store"},
+    {ERR_PACK(0, 0, CAPI_R_ERROR_GETTING_FRIENDLY_NAME),
+    "error getting friendly name"},
+    {ERR_PACK(0, 0, CAPI_R_ERROR_GETTING_KEY_PROVIDER_INFO),
+    "error getting key provider info"},
+    {ERR_PACK(0, 0, CAPI_R_ERROR_OPENING_STORE), "error opening store"},
+    {ERR_PACK(0, 0, CAPI_R_ERROR_SIGNING_HASH), "error signing hash"},
+    {ERR_PACK(0, 0, CAPI_R_FILE_OPEN_ERROR), "file open error"},
+    {ERR_PACK(0, 0, CAPI_R_FUNCTION_NOT_SUPPORTED), "function not supported"},
+    {ERR_PACK(0, 0, CAPI_R_GETUSERKEY_ERROR), "getuserkey error"},
+    {ERR_PACK(0, 0, CAPI_R_INVALID_DIGEST_LENGTH), "invalid digest length"},
+    {ERR_PACK(0, 0, CAPI_R_INVALID_DSA_PUBLIC_KEY_BLOB_MAGIC_NUMBER),
+    "invalid dsa public key blob magic number"},
+    {ERR_PACK(0, 0, CAPI_R_INVALID_LOOKUP_METHOD), "invalid lookup method"},
+    {ERR_PACK(0, 0, CAPI_R_INVALID_PUBLIC_KEY_BLOB), "invalid public key blob"},
+    {ERR_PACK(0, 0, CAPI_R_INVALID_RSA_PUBLIC_KEY_BLOB_MAGIC_NUMBER),
+    "invalid rsa public key blob magic number"},
+    {ERR_PACK(0, 0, CAPI_R_PUBKEY_EXPORT_ERROR), "pubkey export error"},
+    {ERR_PACK(0, 0, CAPI_R_PUBKEY_EXPORT_LENGTH_ERROR),
+    "pubkey export length error"},
+    {ERR_PACK(0, 0, CAPI_R_UNKNOWN_COMMAND), "unknown command"},
+    {ERR_PACK(0, 0, CAPI_R_UNSUPPORTED_ALGORITHM_NID),
+    "unsupported algorithm nid"},
+    {ERR_PACK(0, 0, CAPI_R_UNSUPPORTED_PADDING), "unsupported padding"},
+    {ERR_PACK(0, 0, CAPI_R_UNSUPPORTED_PUBLIC_KEY_ALGORITHM),
+    "unsupported public key algorithm"},
+    {ERR_PACK(0, 0, CAPI_R_WIN32_ERROR), "win32 error"},
     {0, NULL}
 };
 
 #endif
 
-#ifdef CAPI_LIB_NAME
-static ERR_STRING_DATA CAPI_lib_name[] = {
-    {0, CAPI_LIB_NAME},
-    {0, NULL}
-};
-#endif
-
-static int CAPI_lib_error_code = 0;
-static int CAPI_error_init = 1;
+static int lib_code = 0;
+static int error_loaded = 0;
 
-static void ERR_load_CAPI_strings(void)
+static int ERR_load_CAPI_strings(void)
 {
-    if (CAPI_lib_error_code == 0)
-        CAPI_lib_error_code = ERR_get_next_error_library();
+    if (lib_code == 0)
+        lib_code = ERR_get_next_error_library();
 
-    if (CAPI_error_init) {
-        CAPI_error_init = 0;
+    if (!error_loaded) {
 #ifndef OPENSSL_NO_ERR
-        ERR_load_strings(CAPI_lib_error_code, CAPI_str_functs);
-        ERR_load_strings(CAPI_lib_error_code, CAPI_str_reasons);
-#endif
-
-#ifdef CAPI_LIB_NAME
-        CAPI_lib_name->error = ERR_PACK(CAPI_lib_error_code, 0, 0);
-        ERR_load_strings(0, CAPI_lib_name);
+        ERR_load_strings(lib_code, CAPI_str_functs);
+        ERR_load_strings(lib_code, CAPI_str_reasons);
 #endif
+        error_loaded = 1;
     }
+    return 1;
 }
 
 static void ERR_unload_CAPI_strings(void)
 {
-    if (CAPI_error_init == 0) {
+    if (error_loaded) {
 #ifndef OPENSSL_NO_ERR
-        ERR_unload_strings(CAPI_lib_error_code, CAPI_str_functs);
-        ERR_unload_strings(CAPI_lib_error_code, CAPI_str_reasons);
-#endif
-
-#ifdef CAPI_LIB_NAME
-        ERR_unload_strings(0, CAPI_lib_name);
+        ERR_unload_strings(lib_code, CAPI_str_functs);
+        ERR_unload_strings(lib_code, CAPI_str_reasons);
 #endif
-        CAPI_error_init = 1;
+        error_loaded = 0;
     }
 }
 
 static void ERR_CAPI_error(int function, int reason, char *file, int line)
 {
-    if (CAPI_lib_error_code == 0)
-        CAPI_lib_error_code = ERR_get_next_error_library();
-    ERR_PUT_error(CAPI_lib_error_code, function, reason, file, line);
+    if (lib_code == 0)
+        lib_code = ERR_get_next_error_library();
+    ERR_PUT_error(lib_code, function, reason, file, line);
 }
diff --git a/engines/e_capi_err.h b/engines/e_capi_err.h
index bbaffad..e034c98 100644
--- a/engines/e_capi_err.h
+++ b/engines/e_capi_err.h
@@ -1,5 +1,6 @@
 /*
- * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Generated by util/mkerr.pl DO NOT EDIT
+ * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -7,28 +8,15 @@
  * https://www.openssl.org/source/license.html
  */
 
-/*
- * NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#ifndef HEADER_CAPI_ERR_H
-# define HEADER_CAPI_ERR_H
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
+#ifndef HEADER_CAPIERR_H
+# define HEADER_CAPIERR_H
 
-/* BEGIN ERROR CODES */
-static void ERR_load_CAPI_strings(void);
-static void ERR_unload_CAPI_strings(void);
-static void ERR_CAPI_error(int function, int reason, char *file, int line);
-# define CAPIerr(f,r) ERR_CAPI_error((f),(r),OPENSSL_FILE,OPENSSL_LINE)
+# define CAPIerr(f, r) ERR_CAPI_error((f), (r), OPENSSL_FILE, OPENSSL_LINE)
 
-/* Error codes for the CAPI functions. */
 
-/* Function codes. */
+/*
+ * CAPI function codes.
+ */
 # define CAPI_F_CAPI_CERT_GET_FNAME                       99
 # define CAPI_F_CAPI_CTRL                                 100
 # define CAPI_F_CAPI_CTX_NEW                              101
@@ -50,39 +38,38 @@ static void ERR_CAPI_error(int function, int reason, char *file, int line);
 # define CAPI_F_CLIENT_CERT_SELECT                        116
 # define CAPI_F_WIDE_TO_ASC                               113
 
-/* Reason codes. */
-# define CAPI_R_CANT_CREATE_HASH_OBJECT                   99
-# define CAPI_R_CANT_FIND_CAPI_CONTEXT                    100
-# define CAPI_R_CANT_GET_KEY                              101
-# define CAPI_R_CANT_SET_HASH_VALUE                       102
-# define CAPI_R_CRYPTACQUIRECONTEXT_ERROR                 103
-# define CAPI_R_CRYPTENUMPROVIDERS_ERROR                  104
-# define CAPI_R_DECRYPT_ERROR                             105
-# define CAPI_R_ENGINE_NOT_INITIALIZED                    106
-# define CAPI_R_ENUMCONTAINERS_ERROR                      107
-# define CAPI_R_ERROR_ADDING_CERT                         125
-# define CAPI_R_ERROR_CREATING_STORE                      126
-# define CAPI_R_ERROR_GETTING_FRIENDLY_NAME               108
-# define CAPI_R_ERROR_GETTING_KEY_PROVIDER_INFO           109
-# define CAPI_R_ERROR_OPENING_STORE                       110
-# define CAPI_R_ERROR_SIGNING_HASH                        111
-# define CAPI_R_FILE_OPEN_ERROR                           128
-# define CAPI_R_FUNCTION_NOT_SUPPORTED                    112
-# define CAPI_R_GETUSERKEY_ERROR                          113
-# define CAPI_R_INVALID_DIGEST_LENGTH                     124
-# define CAPI_R_INVALID_DSA_PUBLIC_KEY_BLOB_MAGIC_NUMBER  122
-# define CAPI_R_INVALID_LOOKUP_METHOD                     114
-# define CAPI_R_INVALID_PUBLIC_KEY_BLOB                   115
-# define CAPI_R_INVALID_RSA_PUBLIC_KEY_BLOB_MAGIC_NUMBER  123
-# define CAPI_R_PUBKEY_EXPORT_ERROR                       116
-# define CAPI_R_PUBKEY_EXPORT_LENGTH_ERROR                117
-# define CAPI_R_UNKNOWN_COMMAND                           118
-# define CAPI_R_UNSUPPORTED_ALGORITHM_NID                 119
-# define CAPI_R_UNSUPPORTED_PADDING                       120
-# define CAPI_R_UNSUPPORTED_PUBLIC_KEY_ALGORITHM          121
-# define CAPI_R_WIN32_ERROR                               127
+/*
+ * CAPI reason codes.
+ */
+# define CAPI_R_CANT_CREATE_HASH_OBJECT                   100
+# define CAPI_R_CANT_FIND_CAPI_CONTEXT                    101
+# define CAPI_R_CANT_GET_KEY                              102
+# define CAPI_R_CANT_SET_HASH_VALUE                       103
+# define CAPI_R_CRYPTACQUIRECONTEXT_ERROR                 104
+# define CAPI_R_CRYPTENUMPROVIDERS_ERROR                  105
+# define CAPI_R_DECRYPT_ERROR                             106
+# define CAPI_R_ENGINE_NOT_INITIALIZED                    107
+# define CAPI_R_ENUMCONTAINERS_ERROR                      108
+# define CAPI_R_ERROR_ADDING_CERT                         109
+# define CAPI_R_ERROR_CREATING_STORE                      110
+# define CAPI_R_ERROR_GETTING_FRIENDLY_NAME               111
+# define CAPI_R_ERROR_GETTING_KEY_PROVIDER_INFO           112
+# define CAPI_R_ERROR_OPENING_STORE                       113
+# define CAPI_R_ERROR_SIGNING_HASH                        114
+# define CAPI_R_FILE_OPEN_ERROR                           115
+# define CAPI_R_FUNCTION_NOT_SUPPORTED                    116
+# define CAPI_R_GETUSERKEY_ERROR                          117
+# define CAPI_R_INVALID_DIGEST_LENGTH                     118
+# define CAPI_R_INVALID_DSA_PUBLIC_KEY_BLOB_MAGIC_NUMBER  119
+# define CAPI_R_INVALID_LOOKUP_METHOD                     120
+# define CAPI_R_INVALID_PUBLIC_KEY_BLOB                   121
+# define CAPI_R_INVALID_RSA_PUBLIC_KEY_BLOB_MAGIC_NUMBER  122
+# define CAPI_R_PUBKEY_EXPORT_ERROR                       123
+# define CAPI_R_PUBKEY_EXPORT_LENGTH_ERROR                124
+# define CAPI_R_UNKNOWN_COMMAND                           125
+# define CAPI_R_UNSUPPORTED_ALGORITHM_NID                 126
+# define CAPI_R_UNSUPPORTED_PADDING                       127
+# define CAPI_R_UNSUPPORTED_PUBLIC_KEY_ALGORITHM          128
+# define CAPI_R_WIN32_ERROR                               129
 
-#ifdef  __cplusplus
-}
-#endif
 #endif
diff --git a/engines/e_dasync.c b/engines/e_dasync.c
index 4e3e936..9211ab7 100644
--- a/engines/e_dasync.c
+++ b/engines/e_dasync.c
@@ -34,7 +34,6 @@
 # define ASYNC_WIN
 #endif
 
-#define DASYNC_LIB_NAME "DASYNC"
 #include "e_dasync_err.c"
 
 /* Engine Id and Name */
diff --git a/engines/e_dasync.ec b/engines/e_dasync.ec
index 385faa0..3d56ebc 100644
--- a/engines/e_dasync.ec
+++ b/engines/e_dasync.ec
@@ -1 +1,3 @@
-L       DASYNC    e_dasync_err.h e_dasync_err.c
+# The INPUT HEADER is scanned for declarations
+# LIBNAME       INPUT HEADER                    ERROR-TABLE FILE
+L DASYNC        e_dasync_err.h                  e_dasync_err.c
diff --git a/engines/e_dasync.txt b/engines/e_dasync.txt
new file mode 100644
index 0000000..05f359d
--- /dev/null
+++ b/engines/e_dasync.txt
@@ -0,0 +1,12 @@
+DASYNC_F_BIND_DASYNC 107
+DASYNC_F_CIPHER_AES_128_CBC_CODE 100
+DASYNC_F_DASYNC_AES128_CBC_HMAC_SHA1_INIT_KEY 109
+DASYNC_F_DASYNC_AES128_INIT_KEY 108
+DASYNC_F_DASYNC_BN_MOD_EXP 101
+DASYNC_F_DASYNC_CIPHER_INIT_KEY_HELPER 110
+DASYNC_F_DASYNC_MOD_EXP 102
+DASYNC_F_DASYNC_PRIVATE_DECRYPT 103
+DASYNC_F_DASYNC_PRIVATE_ENCRYPT 104
+DASYNC_F_DASYNC_PUBLIC_DECRYPT 105
+DASYNC_F_DASYNC_PUBLIC_ENCRYPT 106
+DASYNC_R_INIT_FAILED 100
diff --git a/engines/e_dasync.txt.old b/engines/e_dasync.txt.old
new file mode 100644
index 0000000..05f359d
--- /dev/null
+++ b/engines/e_dasync.txt.old
@@ -0,0 +1,12 @@
+DASYNC_F_BIND_DASYNC 107
+DASYNC_F_CIPHER_AES_128_CBC_CODE 100
+DASYNC_F_DASYNC_AES128_CBC_HMAC_SHA1_INIT_KEY 109
+DASYNC_F_DASYNC_AES128_INIT_KEY 108
+DASYNC_F_DASYNC_BN_MOD_EXP 101
+DASYNC_F_DASYNC_CIPHER_INIT_KEY_HELPER 110
+DASYNC_F_DASYNC_MOD_EXP 102
+DASYNC_F_DASYNC_PRIVATE_DECRYPT 103
+DASYNC_F_DASYNC_PRIVATE_ENCRYPT 104
+DASYNC_F_DASYNC_PUBLIC_DECRYPT 105
+DASYNC_F_DASYNC_PUBLIC_ENCRYPT 106
+DASYNC_R_INIT_FAILED 100
diff --git a/engines/e_dasync_err.c b/engines/e_dasync_err.c
index a9e7765..6f14e12 100644
--- a/engines/e_dasync_err.c
+++ b/engines/e_dasync_err.c
@@ -1,5 +1,6 @@
 /*
- * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Generated by util/mkerr.pl DO NOT EDIT
+ * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -7,96 +8,68 @@
  * https://www.openssl.org/source/license.html
  */
 
-/*
- * NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
 #include <openssl/err.h>
 #include "e_dasync_err.h"
 
-/* BEGIN ERROR CODES */
 #ifndef OPENSSL_NO_ERR
 
-# define ERR_FUNC(func) ERR_PACK(0,func,0)
-# define ERR_REASON(reason) ERR_PACK(0,0,reason)
-
 static ERR_STRING_DATA DASYNC_str_functs[] = {
-    {ERR_FUNC(DASYNC_F_BIND_DASYNC), "bind_dasync"},
-    {ERR_FUNC(DASYNC_F_CIPHER_AES_128_CBC_CODE), "CIPHER_AES_128_CBC_CODE"},
-    {ERR_FUNC(DASYNC_F_DASYNC_AES128_CBC_HMAC_SHA1_INIT_KEY),
+    {ERR_PACK(0, DASYNC_F_BIND_DASYNC, 0), "bind_dasync"},
+    {ERR_PACK(0, DASYNC_F_CIPHER_AES_128_CBC_CODE, 0),
+     "CIPHER_AES_128_CBC_CODE"},
+    {ERR_PACK(0, DASYNC_F_DASYNC_AES128_CBC_HMAC_SHA1_INIT_KEY, 0),
      "dasync_aes128_cbc_hmac_sha1_init_key"},
-    {ERR_FUNC(DASYNC_F_DASYNC_AES128_INIT_KEY), "dasync_aes128_init_key"},
-    {ERR_FUNC(DASYNC_F_DASYNC_BN_MOD_EXP), "DASYNC_BN_MOD_EXP"},
-    {ERR_FUNC(DASYNC_F_DASYNC_CIPHER_INIT_KEY_HELPER),
+    {ERR_PACK(0, DASYNC_F_DASYNC_AES128_INIT_KEY, 0), "dasync_aes128_init_key"},
+    {ERR_PACK(0, DASYNC_F_DASYNC_BN_MOD_EXP, 0), "DASYNC_BN_MOD_EXP"},
+    {ERR_PACK(0, DASYNC_F_DASYNC_CIPHER_INIT_KEY_HELPER, 0),
      "dasync_cipher_init_key_helper"},
-    {ERR_FUNC(DASYNC_F_DASYNC_MOD_EXP), "DASYNC_MOD_EXP"},
-    {ERR_FUNC(DASYNC_F_DASYNC_PRIVATE_DECRYPT), "DASYNC_PRIVATE_DECRYPT"},
-    {ERR_FUNC(DASYNC_F_DASYNC_PRIVATE_ENCRYPT), "DASYNC_PRIVATE_ENCRYPT"},
-    {ERR_FUNC(DASYNC_F_DASYNC_PUBLIC_DECRYPT), "DASYNC_PUBLIC_DECRYPT"},
-    {ERR_FUNC(DASYNC_F_DASYNC_PUBLIC_ENCRYPT), "DASYNC_PUBLIC_ENCRYPT"},
+    {ERR_PACK(0, DASYNC_F_DASYNC_MOD_EXP, 0), "DASYNC_MOD_EXP"},
+    {ERR_PACK(0, DASYNC_F_DASYNC_PRIVATE_DECRYPT, 0), "DASYNC_PRIVATE_DECRYPT"},
+    {ERR_PACK(0, DASYNC_F_DASYNC_PRIVATE_ENCRYPT, 0), "DASYNC_PRIVATE_ENCRYPT"},
+    {ERR_PACK(0, DASYNC_F_DASYNC_PUBLIC_DECRYPT, 0), "DASYNC_PUBLIC_DECRYPT"},
+    {ERR_PACK(0, DASYNC_F_DASYNC_PUBLIC_ENCRYPT, 0), "DASYNC_PUBLIC_ENCRYPT"},
     {0, NULL}
 };
 
 static ERR_STRING_DATA DASYNC_str_reasons[] = {
-    {ERR_REASON(DASYNC_R_INIT_FAILED), "init failed"},
-    {ERR_REASON(DASYNC_R_LENGTH_NOT_BLOCK_ALIGNED),
-     "length not block aligned"},
-    {ERR_REASON(DASYNC_R_UNKNOWN_FAULT), "unknown fault"},
+    {ERR_PACK(0, 0, DASYNC_R_INIT_FAILED), "init failed"},
     {0, NULL}
 };
 
 #endif
 
-#ifdef DASYNC_LIB_NAME
-static ERR_STRING_DATA DASYNC_lib_name[] = {
-    {0, DASYNC_LIB_NAME},
-    {0, NULL}
-};
-#endif
-
-static int DASYNC_lib_error_code = 0;
-static int DASYNC_error_init = 1;
+static int lib_code = 0;
+static int error_loaded = 0;
 
-static void ERR_load_DASYNC_strings(void)
+static int ERR_load_DASYNC_strings(void)
 {
-    if (DASYNC_lib_error_code == 0)
-        DASYNC_lib_error_code = ERR_get_next_error_library();
+    if (lib_code == 0)
+        lib_code = ERR_get_next_error_library();
 
-    if (DASYNC_error_init) {
-        DASYNC_error_init = 0;
+    if (!error_loaded) {
 #ifndef OPENSSL_NO_ERR
-        ERR_load_strings(DASYNC_lib_error_code, DASYNC_str_functs);
-        ERR_load_strings(DASYNC_lib_error_code, DASYNC_str_reasons);
-#endif
-
-#ifdef DASYNC_LIB_NAME
-        DASYNC_lib_name->error = ERR_PACK(DASYNC_lib_error_code, 0, 0);
-        ERR_load_strings(0, DASYNC_lib_name);
+        ERR_load_strings(lib_code, DASYNC_str_functs);
+        ERR_load_strings(lib_code, DASYNC_str_reasons);
 #endif
+        error_loaded = 1;
     }
+    return 1;
 }
 
 static void ERR_unload_DASYNC_strings(void)
 {
-    if (DASYNC_error_init == 0) {
+    if (error_loaded) {
 #ifndef OPENSSL_NO_ERR
-        ERR_unload_strings(DASYNC_lib_error_code, DASYNC_str_functs);
-        ERR_unload_strings(DASYNC_lib_error_code, DASYNC_str_reasons);
-#endif
-
-#ifdef DASYNC_LIB_NAME
-        ERR_unload_strings(0, DASYNC_lib_name);
+        ERR_unload_strings(lib_code, DASYNC_str_functs);
+        ERR_unload_strings(lib_code, DASYNC_str_reasons);
 #endif
-        DASYNC_error_init = 1;
+        error_loaded = 0;
     }
 }
 
 static void ERR_DASYNC_error(int function, int reason, char *file, int line)
 {
-    if (DASYNC_lib_error_code == 0)
-        DASYNC_lib_error_code = ERR_get_next_error_library();
-    ERR_PUT_error(DASYNC_lib_error_code, function, reason, file, line);
+    if (lib_code == 0)
+        lib_code = ERR_get_next_error_library();
+    ERR_PUT_error(lib_code, function, reason, file, line);
 }
diff --git a/engines/e_dasync_err.h b/engines/e_dasync_err.h
index b01fead..7c2c027 100644
--- a/engines/e_dasync_err.h
+++ b/engines/e_dasync_err.h
@@ -1,5 +1,6 @@
 /*
- * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Generated by util/mkerr.pl DO NOT EDIT
+ * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -7,28 +8,15 @@
  * https://www.openssl.org/source/license.html
  */
 
-/*
- * NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#ifndef HEADER_DASYNC_ERR_H
-# define HEADER_DASYNC_ERR_H
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
+#ifndef HEADER_DASYNCERR_H
+# define HEADER_DASYNCERR_H
 
-/* BEGIN ERROR CODES */
-static void ERR_load_DASYNC_strings(void);
-static void ERR_unload_DASYNC_strings(void);
-static void ERR_DASYNC_error(int function, int reason, char *file, int line);
-# define DASYNCerr(f,r) ERR_DASYNC_error((f),(r),OPENSSL_FILE,OPENSSL_LINE)
+# define DASYNCerr(f, r) ERR_DASYNC_error((f), (r), OPENSSL_FILE, OPENSSL_LINE)
 
-/* Error codes for the DASYNC functions. */
 
-/* Function codes. */
+/*
+ * DASYNC function codes.
+ */
 # define DASYNC_F_BIND_DASYNC                             107
 # define DASYNC_F_CIPHER_AES_128_CBC_CODE                 100
 # define DASYNC_F_DASYNC_AES128_CBC_HMAC_SHA1_INIT_KEY    109
@@ -41,12 +29,9 @@ static void ERR_DASYNC_error(int function, int reason, char *file, int line);
 # define DASYNC_F_DASYNC_PUBLIC_DECRYPT                   105
 # define DASYNC_F_DASYNC_PUBLIC_ENCRYPT                   106
 
-/* Reason codes. */
-# define DASYNC_R_INIT_FAILED                             102
-# define DASYNC_R_LENGTH_NOT_BLOCK_ALIGNED                100
-# define DASYNC_R_UNKNOWN_FAULT                           101
+/*
+ * DASYNC reason codes.
+ */
+# define DASYNC_R_INIT_FAILED                             100
 
-#ifdef  __cplusplus
-}
-#endif
 #endif
diff --git a/engines/e_ossltest.c b/engines/e_ossltest.c
index 3c9f08c..ea752d5 100644
--- a/engines/e_ossltest.c
+++ b/engines/e_ossltest.c
@@ -25,7 +25,6 @@
 #include <openssl/aes.h>
 #include <openssl/crypto.h>
 
-#define OSSLTEST_LIB_NAME "OSSLTEST"
 #include "e_ossltest_err.c"
 
 /* Engine Id and Name */
diff --git a/engines/e_ossltest.ec b/engines/e_ossltest.ec
index d8a1bef..a4a55ec 100644
--- a/engines/e_ossltest.ec
+++ b/engines/e_ossltest.ec
@@ -1 +1,3 @@
-L       OSSLTEST    e_ossltest_err.h e_ossltest_err.c
+# The INPUT HEADER is scanned for declarations
+# LIBNAME       INPUT HEADER                    ERROR-TABLE FILE
+L OSSLTEST      e_ossltest_err.h                e_ossltest_err.c
diff --git a/engines/e_ossltest.txt b/engines/e_ossltest.txt
new file mode 100644
index 0000000..e51eb8c
--- /dev/null
+++ b/engines/e_ossltest.txt
@@ -0,0 +1,3 @@
+OSSLTEST_F_BIND_OSSLTEST 100
+OSSLTEST_F_OSSLTEST_AES128_INIT_KEY 101
+OSSLTEST_R_INIT_FAILED 100
diff --git a/engines/e_ossltest.txt.old b/engines/e_ossltest.txt.old
new file mode 100644
index 0000000..e51eb8c
--- /dev/null
+++ b/engines/e_ossltest.txt.old
@@ -0,0 +1,3 @@
+OSSLTEST_F_BIND_OSSLTEST 100
+OSSLTEST_F_OSSLTEST_AES128_INIT_KEY 101
+OSSLTEST_R_INIT_FAILED 100
diff --git a/engines/e_ossltest_err.c b/engines/e_ossltest_err.c
index 71d0578..d46c038 100644
--- a/engines/e_ossltest_err.c
+++ b/engines/e_ossltest_err.c
@@ -1,5 +1,6 @@
 /*
- * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Generated by util/mkerr.pl DO NOT EDIT
+ * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -7,83 +8,57 @@
  * https://www.openssl.org/source/license.html
  */
 
-/*
- * NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
 #include <openssl/err.h>
 #include "e_ossltest_err.h"
 
-/* BEGIN ERROR CODES */
 #ifndef OPENSSL_NO_ERR
 
-# define ERR_FUNC(func) ERR_PACK(0,func,0)
-# define ERR_REASON(reason) ERR_PACK(0,0,reason)
-
 static ERR_STRING_DATA OSSLTEST_str_functs[] = {
-    {ERR_FUNC(OSSLTEST_F_BIND_OSSLTEST), "BIND_OSSLTEST"},
-    {ERR_FUNC(OSSLTEST_F_OSSLTEST_AES128_INIT_KEY),
+    {ERR_PACK(0, OSSLTEST_F_BIND_OSSLTEST, 0), "bind_ossltest"},
+    {ERR_PACK(0, OSSLTEST_F_OSSLTEST_AES128_INIT_KEY, 0),
      "OSSLTEST_AES128_INIT_KEY"},
     {0, NULL}
 };
 
 static ERR_STRING_DATA OSSLTEST_str_reasons[] = {
-    {ERR_REASON(OSSLTEST_R_INIT_FAILED), "init failed"},
+    {ERR_PACK(0, 0, OSSLTEST_R_INIT_FAILED), "init failed"},
     {0, NULL}
 };
 
 #endif
 
-#ifdef OSSLTEST_LIB_NAME
-static ERR_STRING_DATA OSSLTEST_lib_name[] = {
-    {0, OSSLTEST_LIB_NAME},
-    {0, NULL}
-};
-#endif
-
-static int OSSLTEST_lib_error_code = 0;
-static int OSSLTEST_error_init = 1;
+static int lib_code = 0;
+static int error_loaded = 0;
 
-static void ERR_load_OSSLTEST_strings(void)
+static int ERR_load_OSSLTEST_strings(void)
 {
-    if (OSSLTEST_lib_error_code == 0)
-        OSSLTEST_lib_error_code = ERR_get_next_error_library();
+    if (lib_code == 0)
+        lib_code = ERR_get_next_error_library();
 
-    if (OSSLTEST_error_init) {
-        OSSLTEST_error_init = 0;
+    if (!error_loaded) {
 #ifndef OPENSSL_NO_ERR
-        ERR_load_strings(OSSLTEST_lib_error_code, OSSLTEST_str_functs);
-        ERR_load_strings(OSSLTEST_lib_error_code, OSSLTEST_str_reasons);
-#endif
-
-#ifdef OSSLTEST_LIB_NAME
-        OSSLTEST_lib_name->error = ERR_PACK(OSSLTEST_lib_error_code, 0, 0);
-        ERR_load_strings(0, OSSLTEST_lib_name);
+        ERR_load_strings(lib_code, OSSLTEST_str_functs);
+        ERR_load_strings(lib_code, OSSLTEST_str_reasons);
 #endif
+        error_loaded = 1;
     }
+    return 1;
 }
 
 static void ERR_unload_OSSLTEST_strings(void)
 {
-    if (OSSLTEST_error_init == 0) {
+    if (error_loaded) {
 #ifndef OPENSSL_NO_ERR
-        ERR_unload_strings(OSSLTEST_lib_error_code, OSSLTEST_str_functs);
-        ERR_unload_strings(OSSLTEST_lib_error_code, OSSLTEST_str_reasons);
-#endif
-
-#ifdef OSSLTEST_LIB_NAME
-        ERR_unload_strings(0, OSSLTEST_lib_name);
+        ERR_unload_strings(lib_code, OSSLTEST_str_functs);
+        ERR_unload_strings(lib_code, OSSLTEST_str_reasons);
 #endif
-        OSSLTEST_error_init = 1;
+        error_loaded = 0;
     }
 }
 
 static void ERR_OSSLTEST_error(int function, int reason, char *file, int line)
 {
-    if (OSSLTEST_lib_error_code == 0)
-        OSSLTEST_lib_error_code = ERR_get_next_error_library();
-    ERR_PUT_error(OSSLTEST_lib_error_code, function, reason, file, line);
+    if (lib_code == 0)
+        lib_code = ERR_get_next_error_library();
+    ERR_PUT_error(lib_code, function, reason, file, line);
 }
diff --git a/engines/e_ossltest_err.h b/engines/e_ossltest_err.h
index a323c39..e745c1a 100644
--- a/engines/e_ossltest_err.h
+++ b/engines/e_ossltest_err.h
@@ -1,5 +1,6 @@
 /*
- * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Generated by util/mkerr.pl DO NOT EDIT
+ * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -7,35 +8,21 @@
  * https://www.openssl.org/source/license.html
  */
 
-/*
- * NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#ifndef HEADER_OSSLTEST_ERR_H
-# define HEADER_OSSLTEST_ERR_H
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
+#ifndef HEADER_OSSLTESTERR_H
+# define HEADER_OSSLTESTERR_H
 
-/* BEGIN ERROR CODES */
-static void ERR_load_OSSLTEST_strings(void);
-static void ERR_unload_OSSLTEST_strings(void);
-static void ERR_OSSLTEST_error(int function, int reason, char *file, int line);
-# define OSSLTESTerr(f,r) ERR_OSSLTEST_error((f),(r),OPENSSL_FILE,OPENSSL_LINE)
+# define OSSLTESTerr(f, r) ERR_OSSLTEST_error((f), (r), OPENSSL_FILE, OPENSSL_LINE)
 
-/* Error codes for the OSSLTEST functions. */
 
-/* Function codes. */
+/*
+ * OSSLTEST function codes.
+ */
 # define OSSLTEST_F_BIND_OSSLTEST                         100
 # define OSSLTEST_F_OSSLTEST_AES128_INIT_KEY              101
 
-/* Reason codes. */
+/*
+ * OSSLTEST reason codes.
+ */
 # define OSSLTEST_R_INIT_FAILED                           100
 
-#ifdef  __cplusplus
-}
-#endif
 #endif
diff --git a/engines/e_padlock.ec b/engines/e_padlock.ec
deleted file mode 100644
index 5c8a1d2..0000000
--- a/engines/e_padlock.ec
+++ /dev/null
@@ -1 +0,0 @@
-L PADLOCK	e_padlock_err.h			e_padlock_err.c
diff --git a/include/internal/dso.h b/include/internal/dso.h
index b1021cb..c076c58 100644
--- a/include/internal/dso.h
+++ b/include/internal/dso.h
@@ -11,6 +11,7 @@
 # define HEADER_DSO_H
 
 # include <openssl/crypto.h>
+# include <internal/dsoerr.h>
 
 #ifdef __cplusplus
 extern "C" {
@@ -163,71 +164,8 @@ DSO *DSO_dsobyaddr(void *addr, int flags);
  */
 void *DSO_global_lookup(const char *name);
 
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-
 int ERR_load_DSO_strings(void);
 
-/* Error codes for the DSO functions. */
-
-/* Function codes. */
-# define DSO_F_DLFCN_BIND_FUNC                            100
-# define DSO_F_DLFCN_LOAD                                 102
-# define DSO_F_DLFCN_MERGER                               130
-# define DSO_F_DLFCN_NAME_CONVERTER                       123
-# define DSO_F_DLFCN_UNLOAD                               103
-# define DSO_F_DL_BIND_FUNC                               104
-# define DSO_F_DL_LOAD                                    106
-# define DSO_F_DL_MERGER                                  131
-# define DSO_F_DL_NAME_CONVERTER                          124
-# define DSO_F_DL_UNLOAD                                  107
-# define DSO_F_DSO_BIND_FUNC                              108
-# define DSO_F_DSO_CONVERT_FILENAME                       126
-# define DSO_F_DSO_CTRL                                   110
-# define DSO_F_DSO_FREE                                   111
-# define DSO_F_DSO_GET_FILENAME                           127
-# define DSO_F_DSO_GLOBAL_LOOKUP                          139
-# define DSO_F_DSO_LOAD                                   112
-# define DSO_F_DSO_MERGE                                  132
-# define DSO_F_DSO_NEW_METHOD                             113
-# define DSO_F_DSO_PATHBYADDR                             105
-# define DSO_F_DSO_SET_FILENAME                           129
-# define DSO_F_DSO_UP_REF                                 114
-# define DSO_F_VMS_BIND_SYM                               115
-# define DSO_F_VMS_LOAD                                   116
-# define DSO_F_VMS_MERGER                                 133
-# define DSO_F_VMS_UNLOAD                                 117
-# define DSO_F_WIN32_BIND_FUNC                            101
-# define DSO_F_WIN32_GLOBALLOOKUP                         142
-# define DSO_F_WIN32_JOINER                               135
-# define DSO_F_WIN32_LOAD                                 120
-# define DSO_F_WIN32_MERGER                               134
-# define DSO_F_WIN32_NAME_CONVERTER                       125
-# define DSO_F_WIN32_PATHBYADDR                           109
-# define DSO_F_WIN32_SPLITTER                             136
-# define DSO_F_WIN32_UNLOAD                               121
-
-/* Reason codes. */
-# define DSO_R_CTRL_FAILED                                100
-# define DSO_R_DSO_ALREADY_LOADED                         110
-# define DSO_R_EMPTY_FILE_STRUCTURE                       113
-# define DSO_R_FAILURE                                    114
-# define DSO_R_FILENAME_TOO_BIG                           101
-# define DSO_R_FINISH_FAILED                              102
-# define DSO_R_INCORRECT_FILE_SYNTAX                      115
-# define DSO_R_LOAD_FAILED                                103
-# define DSO_R_NAME_TRANSLATION_FAILED                    109
-# define DSO_R_NO_FILENAME                                111
-# define DSO_R_NULL_HANDLE                                104
-# define DSO_R_SET_FILENAME_FAILED                        112
-# define DSO_R_STACK_ERROR                                105
-# define DSO_R_SYM_FAILURE                                106
-# define DSO_R_UNLOAD_FAILED                              107
-# define DSO_R_UNSUPPORTED                                108
-
 # ifdef  __cplusplus
 }
 # endif
diff --git a/include/internal/dsoerr.h b/include/internal/dsoerr.h
new file mode 100644
index 0000000..9f1ebf6
--- /dev/null
+++ b/include/internal/dsoerr.h
@@ -0,0 +1,81 @@
+/*
+ * Generated by util/mkerr.pl DO NOT EDIT
+ * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the OpenSSL license (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef HEADER_DSOERR_H
+# define HEADER_DSOERR_H
+
+# ifdef  __cplusplus
+extern "C" {
+# endif
+int ERR_load_DSO_strings(void);
+# ifdef  __cplusplus
+}
+# endif
+
+/*
+ * DSO function codes.
+ */
+# define DSO_F_DLFCN_BIND_FUNC                            100
+# define DSO_F_DLFCN_LOAD                                 102
+# define DSO_F_DLFCN_MERGER                               130
+# define DSO_F_DLFCN_NAME_CONVERTER                       123
+# define DSO_F_DLFCN_UNLOAD                               103
+# define DSO_F_DL_BIND_FUNC                               104
+# define DSO_F_DL_LOAD                                    106
+# define DSO_F_DL_MERGER                                  131
+# define DSO_F_DL_NAME_CONVERTER                          124
+# define DSO_F_DL_UNLOAD                                  107
+# define DSO_F_DSO_BIND_FUNC                              108
+# define DSO_F_DSO_CONVERT_FILENAME                       126
+# define DSO_F_DSO_CTRL                                   110
+# define DSO_F_DSO_FREE                                   111
+# define DSO_F_DSO_GET_FILENAME                           127
+# define DSO_F_DSO_GLOBAL_LOOKUP                          139
+# define DSO_F_DSO_LOAD                                   112
+# define DSO_F_DSO_MERGE                                  132
+# define DSO_F_DSO_NEW_METHOD                             113
+# define DSO_F_DSO_PATHBYADDR                             105
+# define DSO_F_DSO_SET_FILENAME                           129
+# define DSO_F_DSO_UP_REF                                 114
+# define DSO_F_VMS_BIND_SYM                               115
+# define DSO_F_VMS_LOAD                                   116
+# define DSO_F_VMS_MERGER                                 133
+# define DSO_F_VMS_UNLOAD                                 117
+# define DSO_F_WIN32_BIND_FUNC                            101
+# define DSO_F_WIN32_GLOBALLOOKUP                         142
+# define DSO_F_WIN32_JOINER                               135
+# define DSO_F_WIN32_LOAD                                 120
+# define DSO_F_WIN32_MERGER                               134
+# define DSO_F_WIN32_NAME_CONVERTER                       125
+# define DSO_F_WIN32_PATHBYADDR                           109
+# define DSO_F_WIN32_SPLITTER                             136
+# define DSO_F_WIN32_UNLOAD                               121
+
+/*
+ * DSO reason codes.
+ */
+# define DSO_R_CTRL_FAILED                                100
+# define DSO_R_DSO_ALREADY_LOADED                         110
+# define DSO_R_EMPTY_FILE_STRUCTURE                       113
+# define DSO_R_FAILURE                                    114
+# define DSO_R_FILENAME_TOO_BIG                           101
+# define DSO_R_FINISH_FAILED                              102
+# define DSO_R_INCORRECT_FILE_SYNTAX                      115
+# define DSO_R_LOAD_FAILED                                103
+# define DSO_R_NAME_TRANSLATION_FAILED                    109
+# define DSO_R_NO_FILENAME                                111
+# define DSO_R_NULL_HANDLE                                104
+# define DSO_R_SET_FILENAME_FAILED                        112
+# define DSO_R_STACK_ERROR                                105
+# define DSO_R_SYM_FAILURE                                106
+# define DSO_R_UNLOAD_FAILED                              107
+# define DSO_R_UNSUPPORTED                                108
+
+#endif
diff --git a/include/openssl/asn1.h b/include/openssl/asn1.h
index 2e239f7..47796db 100644
--- a/include/openssl/asn1.h
+++ b/include/openssl/asn1.h
@@ -16,7 +16,7 @@
 # include <openssl/bio.h>
 # include <openssl/stack.h>
 # include <openssl/safestack.h>
-
+# include <openssl/asn1err.h>
 # include <openssl/symhacks.h>
 
 # include <openssl/ossl_typ.h>
@@ -873,229 +873,6 @@ int SMIME_text(BIO *in, BIO *out);
 const ASN1_ITEM *ASN1_ITEM_lookup(const char *name);
 const ASN1_ITEM *ASN1_ITEM_get(size_t i);
 
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-
-int ERR_load_ASN1_strings(void);
-
-/* Error codes for the ASN1 functions. */
-
-/* Function codes. */
-# define ASN1_F_A2D_ASN1_OBJECT                           100
-# define ASN1_F_A2I_ASN1_INTEGER                          102
-# define ASN1_F_A2I_ASN1_STRING                           103
-# define ASN1_F_APPEND_EXP                                176
-# define ASN1_F_ASN1_BIT_STRING_SET_BIT                   183
-# define ASN1_F_ASN1_CB                                   177
-# define ASN1_F_ASN1_CHECK_TLEN                           104
-# define ASN1_F_ASN1_COLLECT                              106
-# define ASN1_F_ASN1_D2I_EX_PRIMITIVE                     108
-# define ASN1_F_ASN1_D2I_FP                               109
-# define ASN1_F_ASN1_D2I_READ_BIO                         107
-# define ASN1_F_ASN1_DIGEST                               184
-# define ASN1_F_ASN1_DO_ADB                               110
-# define ASN1_F_ASN1_DO_LOCK                              233
-# define ASN1_F_ASN1_DUP                                  111
-# define ASN1_F_ASN1_EX_C2I                               204
-# define ASN1_F_ASN1_FIND_END                             190
-# define ASN1_F_ASN1_GENERALIZEDTIME_ADJ                  216
-# define ASN1_F_ASN1_GENERATE_V3                          178
-# define ASN1_F_ASN1_GET_INT64                            224
-# define ASN1_F_ASN1_GET_OBJECT                           114
-# define ASN1_F_ASN1_GET_UINT64                           225
-# define ASN1_F_ASN1_I2D_BIO                              116
-# define ASN1_F_ASN1_I2D_FP                               117
-# define ASN1_F_ASN1_ITEM_D2I_FP                          206
-# define ASN1_F_ASN1_ITEM_DUP                             191
-# define ASN1_F_ASN1_ITEM_EMBED_D2I                       120
-# define ASN1_F_ASN1_ITEM_EMBED_NEW                       121
-# define ASN1_F_ASN1_ITEM_I2D_BIO                         192
-# define ASN1_F_ASN1_ITEM_I2D_FP                          193
-# define ASN1_F_ASN1_ITEM_PACK                            198
-# define ASN1_F_ASN1_ITEM_SIGN                            195
-# define ASN1_F_ASN1_ITEM_SIGN_CTX                        220
-# define ASN1_F_ASN1_ITEM_UNPACK                          199
-# define ASN1_F_ASN1_ITEM_VERIFY                          197
-# define ASN1_F_ASN1_MBSTRING_NCOPY                       122
-# define ASN1_F_ASN1_OBJECT_NEW                           123
-# define ASN1_F_ASN1_OUTPUT_DATA                          214
-# define ASN1_F_ASN1_PCTX_NEW                             205
-# define ASN1_F_ASN1_SCTX_NEW                             221
-# define ASN1_F_ASN1_SIGN                                 128
-# define ASN1_F_ASN1_STR2TYPE                             179
-# define ASN1_F_ASN1_STRING_GET_INT64                     227
-# define ASN1_F_ASN1_STRING_GET_UINT64                    230
-# define ASN1_F_ASN1_STRING_SET                           186
-# define ASN1_F_ASN1_STRING_TABLE_ADD                     129
-# define ASN1_F_ASN1_STRING_TO_BN                         228
-# define ASN1_F_ASN1_STRING_TYPE_NEW                      130
-# define ASN1_F_ASN1_TEMPLATE_EX_D2I                      132
-# define ASN1_F_ASN1_TEMPLATE_NEW                         133
-# define ASN1_F_ASN1_TEMPLATE_NOEXP_D2I                   131
-# define ASN1_F_ASN1_TIME_ADJ                             217
-# define ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING             134
-# define ASN1_F_ASN1_TYPE_GET_OCTETSTRING                 135
-# define ASN1_F_ASN1_UTCTIME_ADJ                          218
-# define ASN1_F_ASN1_VERIFY                               137
-# define ASN1_F_B64_READ_ASN1                             209
-# define ASN1_F_B64_WRITE_ASN1                            210
-# define ASN1_F_BIO_NEW_NDEF                              208
-# define ASN1_F_BITSTR_CB                                 180
-# define ASN1_F_BN_TO_ASN1_STRING                         229
-# define ASN1_F_C2I_ASN1_BIT_STRING                       189
-# define ASN1_F_C2I_ASN1_INTEGER                          194
-# define ASN1_F_C2I_ASN1_OBJECT                           196
-# define ASN1_F_C2I_IBUF                                  226
-# define ASN1_F_C2I_UINT64_INT                            101
-# define ASN1_F_COLLECT_DATA                              140
-# define ASN1_F_D2I_ASN1_OBJECT                           147
-# define ASN1_F_D2I_ASN1_UINTEGER                         150
-# define ASN1_F_D2I_AUTOPRIVATEKEY                        207
-# define ASN1_F_D2I_PRIVATEKEY                            154
-# define ASN1_F_D2I_PUBLICKEY                             155
-# define ASN1_F_DO_TCREATE                                222
-# define ASN1_F_I2D_ASN1_BIO_STREAM                       211
-# define ASN1_F_I2D_DSA_PUBKEY                            161
-# define ASN1_F_I2D_EC_PUBKEY                             181
-# define ASN1_F_I2D_PRIVATEKEY                            163
-# define ASN1_F_I2D_PUBLICKEY                             164
-# define ASN1_F_I2D_RSA_PUBKEY                            165
-# define ASN1_F_LONG_C2I                                  166
-# define ASN1_F_OID_MODULE_INIT                           174
-# define ASN1_F_PARSE_TAGGING                             182
-# define ASN1_F_PKCS5_PBE2_SET_IV                         167
-# define ASN1_F_PKCS5_PBE2_SET_SCRYPT                     231
-# define ASN1_F_PKCS5_PBE_SET                             202
-# define ASN1_F_PKCS5_PBE_SET0_ALGOR                      215
-# define ASN1_F_PKCS5_PBKDF2_SET                          219
-# define ASN1_F_PKCS5_SCRYPT_SET                          232
-# define ASN1_F_SMIME_READ_ASN1                           212
-# define ASN1_F_SMIME_TEXT                                213
-# define ASN1_F_STBL_MODULE_INIT                          223
-# define ASN1_F_UINT32_C2I                                105
-# define ASN1_F_UINT64_C2I                                112
-# define ASN1_F_X509_CRL_ADD0_REVOKED                     169
-# define ASN1_F_X509_INFO_NEW                             170
-# define ASN1_F_X509_NAME_ENCODE                          203
-# define ASN1_F_X509_NAME_EX_D2I                          158
-# define ASN1_F_X509_NAME_EX_NEW                          171
-# define ASN1_F_X509_PKEY_NEW                             173
-
-/* Reason codes. */
-# define ASN1_R_ADDING_OBJECT                             171
-# define ASN1_R_ASN1_PARSE_ERROR                          203
-# define ASN1_R_ASN1_SIG_PARSE_ERROR                      204
-# define ASN1_R_AUX_ERROR                                 100
-# define ASN1_R_BAD_OBJECT_HEADER                         102
-# define ASN1_R_BMPSTRING_IS_WRONG_LENGTH                 214
-# define ASN1_R_BN_LIB                                    105
-# define ASN1_R_BOOLEAN_IS_WRONG_LENGTH                   106
-# define ASN1_R_BUFFER_TOO_SMALL                          107
-# define ASN1_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER           108
-# define ASN1_R_CONTEXT_NOT_INITIALISED                   217
-# define ASN1_R_DATA_IS_WRONG                             109
-# define ASN1_R_DECODE_ERROR                              110
-# define ASN1_R_DEPTH_EXCEEDED                            174
-# define ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED         198
-# define ASN1_R_ENCODE_ERROR                              112
-# define ASN1_R_ERROR_GETTING_TIME                        173
-# define ASN1_R_ERROR_LOADING_SECTION                     172
-# define ASN1_R_ERROR_SETTING_CIPHER_PARAMS               114
-# define ASN1_R_EXPECTING_AN_INTEGER                      115
-# define ASN1_R_EXPECTING_AN_OBJECT                       116
-# define ASN1_R_EXPLICIT_LENGTH_MISMATCH                  119
-# define ASN1_R_EXPLICIT_TAG_NOT_CONSTRUCTED              120
-# define ASN1_R_FIELD_MISSING                             121
-# define ASN1_R_FIRST_NUM_TOO_LARGE                       122
-# define ASN1_R_HEADER_TOO_LONG                           123
-# define ASN1_R_ILLEGAL_BITSTRING_FORMAT                  175
-# define ASN1_R_ILLEGAL_BOOLEAN                           176
-# define ASN1_R_ILLEGAL_CHARACTERS                        124
-# define ASN1_R_ILLEGAL_FORMAT                            177
-# define ASN1_R_ILLEGAL_HEX                               178
-# define ASN1_R_ILLEGAL_IMPLICIT_TAG                      179
-# define ASN1_R_ILLEGAL_INTEGER                           180
-# define ASN1_R_ILLEGAL_NEGATIVE_VALUE                    226
-# define ASN1_R_ILLEGAL_NESTED_TAGGING                    181
-# define ASN1_R_ILLEGAL_NULL                              125
-# define ASN1_R_ILLEGAL_NULL_VALUE                        182
-# define ASN1_R_ILLEGAL_OBJECT                            183
-# define ASN1_R_ILLEGAL_OPTIONAL_ANY                      126
-# define ASN1_R_ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE          170
-# define ASN1_R_ILLEGAL_PADDING                           221
-# define ASN1_R_ILLEGAL_TAGGED_ANY                        127
-# define ASN1_R_ILLEGAL_TIME_VALUE                        184
-# define ASN1_R_ILLEGAL_ZERO_CONTENT                      222
-# define ASN1_R_INTEGER_NOT_ASCII_FORMAT                  185
-# define ASN1_R_INTEGER_TOO_LARGE_FOR_LONG                128
-# define ASN1_R_INVALID_BIT_STRING_BITS_LEFT              220
-# define ASN1_R_INVALID_BMPSTRING_LENGTH                  129
-# define ASN1_R_INVALID_DIGIT                             130
-# define ASN1_R_INVALID_MIME_TYPE                         205
-# define ASN1_R_INVALID_MODIFIER                          186
-# define ASN1_R_INVALID_NUMBER                            187
-# define ASN1_R_INVALID_OBJECT_ENCODING                   216
-# define ASN1_R_INVALID_SCRYPT_PARAMETERS                 227
-# define ASN1_R_INVALID_SEPARATOR                         131
-# define ASN1_R_INVALID_STRING_TABLE_VALUE                218
-# define ASN1_R_INVALID_UNIVERSALSTRING_LENGTH            133
-# define ASN1_R_INVALID_UTF8STRING                        134
-# define ASN1_R_INVALID_VALUE                             219
-# define ASN1_R_LIST_ERROR                                188
-# define ASN1_R_MIME_NO_CONTENT_TYPE                      206
-# define ASN1_R_MIME_PARSE_ERROR                          207
-# define ASN1_R_MIME_SIG_PARSE_ERROR                      208
-# define ASN1_R_MISSING_EOC                               137
-# define ASN1_R_MISSING_SECOND_NUMBER                     138
-# define ASN1_R_MISSING_VALUE                             189
-# define ASN1_R_MSTRING_NOT_UNIVERSAL                     139
-# define ASN1_R_MSTRING_WRONG_TAG                         140
-# define ASN1_R_NESTED_ASN1_STRING                        197
-# define ASN1_R_NON_HEX_CHARACTERS                        141
-# define ASN1_R_NOT_ASCII_FORMAT                          190
-# define ASN1_R_NOT_ENOUGH_DATA                           142
-# define ASN1_R_NO_CONTENT_TYPE                           209
-# define ASN1_R_NO_MATCHING_CHOICE_TYPE                   143
-# define ASN1_R_NO_MULTIPART_BODY_FAILURE                 210
-# define ASN1_R_NO_MULTIPART_BOUNDARY                     211
-# define ASN1_R_NO_SIG_CONTENT_TYPE                       212
-# define ASN1_R_NULL_IS_WRONG_LENGTH                      144
-# define ASN1_R_OBJECT_NOT_ASCII_FORMAT                   191
-# define ASN1_R_ODD_NUMBER_OF_CHARS                       145
-# define ASN1_R_SECOND_NUMBER_TOO_LARGE                   147
-# define ASN1_R_SEQUENCE_LENGTH_MISMATCH                  148
-# define ASN1_R_SEQUENCE_NOT_CONSTRUCTED                  149
-# define ASN1_R_SEQUENCE_OR_SET_NEEDS_CONFIG              192
-# define ASN1_R_SHORT_LINE                                150
-# define ASN1_R_SIG_INVALID_MIME_TYPE                     213
-# define ASN1_R_STREAMING_NOT_SUPPORTED                   202
-# define ASN1_R_STRING_TOO_LONG                           151
-# define ASN1_R_STRING_TOO_SHORT                          152
-# define ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 154
-# define ASN1_R_TIME_NOT_ASCII_FORMAT                     193
-# define ASN1_R_TOO_LARGE                                 223
-# define ASN1_R_TOO_LONG                                  155
-# define ASN1_R_TOO_SMALL                                 224
-# define ASN1_R_TYPE_NOT_CONSTRUCTED                      156
-# define ASN1_R_TYPE_NOT_PRIMITIVE                        195
-# define ASN1_R_UNEXPECTED_EOC                            159
-# define ASN1_R_UNIVERSALSTRING_IS_WRONG_LENGTH           215
-# define ASN1_R_UNKNOWN_FORMAT                            160
-# define ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM          161
-# define ASN1_R_UNKNOWN_OBJECT_TYPE                       162
-# define ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE                   163
-# define ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM               199
-# define ASN1_R_UNKNOWN_TAG                               194
-# define ASN1_R_UNSUPPORTED_ANY_DEFINED_BY_TYPE           164
-# define ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE               167
-# define ASN1_R_UNSUPPORTED_TYPE                          196
-# define ASN1_R_WRONG_INTEGER_TYPE                        225
-# define ASN1_R_WRONG_PUBLIC_KEY_TYPE                     200
-# define ASN1_R_WRONG_TAG                                 168
-
 # ifdef  __cplusplus
 }
 # endif
diff --git a/include/openssl/asn1err.h b/include/openssl/asn1err.h
new file mode 100644
index 0000000..c02bb0f
--- /dev/null
+++ b/include/openssl/asn1err.h
@@ -0,0 +1,239 @@
+/*
+ * Generated by util/mkerr.pl DO NOT EDIT
+ * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the OpenSSL license (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef HEADER_ASN1ERR_H
+# define HEADER_ASN1ERR_H
+
+# ifdef  __cplusplus
+extern "C" {
+# endif
+int ERR_load_ASN1_strings(void);
+# ifdef  __cplusplus
+}
+# endif
+
+/*
+ * ASN1 function codes.
+ */
+# define ASN1_F_A2D_ASN1_OBJECT                           100
+# define ASN1_F_A2I_ASN1_INTEGER                          102
+# define ASN1_F_A2I_ASN1_STRING                           103
+# define ASN1_F_APPEND_EXP                                176
+# define ASN1_F_ASN1_BIT_STRING_SET_BIT                   183
+# define ASN1_F_ASN1_CB                                   177
+# define ASN1_F_ASN1_CHECK_TLEN                           104
+# define ASN1_F_ASN1_COLLECT                              106
+# define ASN1_F_ASN1_D2I_EX_PRIMITIVE                     108
+# define ASN1_F_ASN1_D2I_FP                               109
+# define ASN1_F_ASN1_D2I_READ_BIO                         107
+# define ASN1_F_ASN1_DIGEST                               184
+# define ASN1_F_ASN1_DO_ADB                               110
+# define ASN1_F_ASN1_DO_LOCK                              233
+# define ASN1_F_ASN1_DUP                                  111
+# define ASN1_F_ASN1_EX_C2I                               204
+# define ASN1_F_ASN1_FIND_END                             190
+# define ASN1_F_ASN1_GENERALIZEDTIME_ADJ                  216
+# define ASN1_F_ASN1_GENERATE_V3                          178
+# define ASN1_F_ASN1_GET_INT64                            224
+# define ASN1_F_ASN1_GET_OBJECT                           114
+# define ASN1_F_ASN1_GET_UINT64                           225
+# define ASN1_F_ASN1_I2D_BIO                              116
+# define ASN1_F_ASN1_I2D_FP                               117
+# define ASN1_F_ASN1_ITEM_D2I_FP                          206
+# define ASN1_F_ASN1_ITEM_DUP                             191
+# define ASN1_F_ASN1_ITEM_EMBED_D2I                       120
+# define ASN1_F_ASN1_ITEM_EMBED_NEW                       121
+# define ASN1_F_ASN1_ITEM_I2D_BIO                         192
+# define ASN1_F_ASN1_ITEM_I2D_FP                          193
+# define ASN1_F_ASN1_ITEM_PACK                            198
+# define ASN1_F_ASN1_ITEM_SIGN                            195
+# define ASN1_F_ASN1_ITEM_SIGN_CTX                        220
+# define ASN1_F_ASN1_ITEM_UNPACK                          199
+# define ASN1_F_ASN1_ITEM_VERIFY                          197
+# define ASN1_F_ASN1_MBSTRING_NCOPY                       122
+# define ASN1_F_ASN1_OBJECT_NEW                           123
+# define ASN1_F_ASN1_OUTPUT_DATA                          214
+# define ASN1_F_ASN1_PCTX_NEW                             205
+# define ASN1_F_ASN1_SCTX_NEW                             221
+# define ASN1_F_ASN1_SIGN                                 128
+# define ASN1_F_ASN1_STR2TYPE                             179
+# define ASN1_F_ASN1_STRING_GET_INT64                     227
+# define ASN1_F_ASN1_STRING_GET_UINT64                    230
+# define ASN1_F_ASN1_STRING_SET                           186
+# define ASN1_F_ASN1_STRING_TABLE_ADD                     129
+# define ASN1_F_ASN1_STRING_TO_BN                         228
+# define ASN1_F_ASN1_STRING_TYPE_NEW                      130
+# define ASN1_F_ASN1_TEMPLATE_EX_D2I                      132
+# define ASN1_F_ASN1_TEMPLATE_NEW                         133
+# define ASN1_F_ASN1_TEMPLATE_NOEXP_D2I                   131
+# define ASN1_F_ASN1_TIME_ADJ                             217
+# define ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING             134
+# define ASN1_F_ASN1_TYPE_GET_OCTETSTRING                 135
+# define ASN1_F_ASN1_UTCTIME_ADJ                          218
+# define ASN1_F_ASN1_VERIFY                               137
+# define ASN1_F_B64_READ_ASN1                             209
+# define ASN1_F_B64_WRITE_ASN1                            210
+# define ASN1_F_BIO_NEW_NDEF                              208
+# define ASN1_F_BITSTR_CB                                 180
+# define ASN1_F_BN_TO_ASN1_STRING                         229
+# define ASN1_F_C2I_ASN1_BIT_STRING                       189
+# define ASN1_F_C2I_ASN1_INTEGER                          194
+# define ASN1_F_C2I_ASN1_OBJECT                           196
+# define ASN1_F_C2I_IBUF                                  226
+# define ASN1_F_C2I_UINT64_INT                            101
+# define ASN1_F_COLLECT_DATA                              140
+# define ASN1_F_D2I_ASN1_OBJECT                           147
+# define ASN1_F_D2I_ASN1_UINTEGER                         150
+# define ASN1_F_D2I_AUTOPRIVATEKEY                        207
+# define ASN1_F_D2I_PRIVATEKEY                            154
+# define ASN1_F_D2I_PUBLICKEY                             155
+# define ASN1_F_DO_TCREATE                                222
+# define ASN1_F_I2D_ASN1_BIO_STREAM                       211
+# define ASN1_F_I2D_DSA_PUBKEY                            161
+# define ASN1_F_I2D_EC_PUBKEY                             181
+# define ASN1_F_I2D_PRIVATEKEY                            163
+# define ASN1_F_I2D_PUBLICKEY                             164
+# define ASN1_F_I2D_RSA_PUBKEY                            165
+# define ASN1_F_LONG_C2I                                  166
+# define ASN1_F_OID_MODULE_INIT                           174
+# define ASN1_F_PARSE_TAGGING                             182
+# define ASN1_F_PKCS5_PBE2_SET_IV                         167
+# define ASN1_F_PKCS5_PBE2_SET_SCRYPT                     231
+# define ASN1_F_PKCS5_PBE_SET                             202
+# define ASN1_F_PKCS5_PBE_SET0_ALGOR                      215
+# define ASN1_F_PKCS5_PBKDF2_SET                          219
+# define ASN1_F_PKCS5_SCRYPT_SET                          232
+# define ASN1_F_SMIME_READ_ASN1                           212
+# define ASN1_F_SMIME_TEXT                                213
+# define ASN1_F_STBL_MODULE_INIT                          223
+# define ASN1_F_UINT32_C2I                                105
+# define ASN1_F_UINT64_C2I                                112
+# define ASN1_F_X509_CRL_ADD0_REVOKED                     169
+# define ASN1_F_X509_INFO_NEW                             170
+# define ASN1_F_X509_NAME_ENCODE                          203
+# define ASN1_F_X509_NAME_EX_D2I                          158
+# define ASN1_F_X509_NAME_EX_NEW                          171
+# define ASN1_F_X509_PKEY_NEW                             173
+
+/*
+ * ASN1 reason codes.
+ */
+# define ASN1_R_ADDING_OBJECT                             171
+# define ASN1_R_ASN1_PARSE_ERROR                          203
+# define ASN1_R_ASN1_SIG_PARSE_ERROR                      204
+# define ASN1_R_AUX_ERROR                                 100
+# define ASN1_R_BAD_OBJECT_HEADER                         102
+# define ASN1_R_BMPSTRING_IS_WRONG_LENGTH                 214
+# define ASN1_R_BN_LIB                                    105
+# define ASN1_R_BOOLEAN_IS_WRONG_LENGTH                   106
+# define ASN1_R_BUFFER_TOO_SMALL                          107
+# define ASN1_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER           108
+# define ASN1_R_CONTEXT_NOT_INITIALISED                   217
+# define ASN1_R_DATA_IS_WRONG                             109
+# define ASN1_R_DECODE_ERROR                              110
+# define ASN1_R_DEPTH_EXCEEDED                            174
+# define ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED         198
+# define ASN1_R_ENCODE_ERROR                              112
+# define ASN1_R_ERROR_GETTING_TIME                        173
+# define ASN1_R_ERROR_LOADING_SECTION                     172
+# define ASN1_R_ERROR_SETTING_CIPHER_PARAMS               114
+# define ASN1_R_EXPECTING_AN_INTEGER                      115
+# define ASN1_R_EXPECTING_AN_OBJECT                       116
+# define ASN1_R_EXPLICIT_LENGTH_MISMATCH                  119
+# define ASN1_R_EXPLICIT_TAG_NOT_CONSTRUCTED              120
+# define ASN1_R_FIELD_MISSING                             121
+# define ASN1_R_FIRST_NUM_TOO_LARGE                       122
+# define ASN1_R_HEADER_TOO_LONG                           123
+# define ASN1_R_ILLEGAL_BITSTRING_FORMAT                  175
+# define ASN1_R_ILLEGAL_BOOLEAN                           176
+# define ASN1_R_ILLEGAL_CHARACTERS                        124
+# define ASN1_R_ILLEGAL_FORMAT                            177
+# define ASN1_R_ILLEGAL_HEX                               178
+# define ASN1_R_ILLEGAL_IMPLICIT_TAG                      179
+# define ASN1_R_ILLEGAL_INTEGER                           180
+# define ASN1_R_ILLEGAL_NEGATIVE_VALUE                    226
+# define ASN1_R_ILLEGAL_NESTED_TAGGING                    181
+# define ASN1_R_ILLEGAL_NULL                              125
+# define ASN1_R_ILLEGAL_NULL_VALUE                        182
+# define ASN1_R_ILLEGAL_OBJECT                            183
+# define ASN1_R_ILLEGAL_OPTIONAL_ANY                      126
+# define ASN1_R_ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE          170
+# define ASN1_R_ILLEGAL_PADDING                           221
+# define ASN1_R_ILLEGAL_TAGGED_ANY                        127
+# define ASN1_R_ILLEGAL_TIME_VALUE                        184
+# define ASN1_R_ILLEGAL_ZERO_CONTENT                      222
+# define ASN1_R_INTEGER_NOT_ASCII_FORMAT                  185
+# define ASN1_R_INTEGER_TOO_LARGE_FOR_LONG                128
+# define ASN1_R_INVALID_BIT_STRING_BITS_LEFT              220
+# define ASN1_R_INVALID_BMPSTRING_LENGTH                  129
+# define ASN1_R_INVALID_DIGIT                             130
+# define ASN1_R_INVALID_MIME_TYPE                         205
+# define ASN1_R_INVALID_MODIFIER                          186
+# define ASN1_R_INVALID_NUMBER                            187
+# define ASN1_R_INVALID_OBJECT_ENCODING                   216
+# define ASN1_R_INVALID_SCRYPT_PARAMETERS                 227
+# define ASN1_R_INVALID_SEPARATOR                         131
+# define ASN1_R_INVALID_STRING_TABLE_VALUE                218
+# define ASN1_R_INVALID_UNIVERSALSTRING_LENGTH            133
+# define ASN1_R_INVALID_UTF8STRING                        134
+# define ASN1_R_INVALID_VALUE                             219
+# define ASN1_R_LIST_ERROR                                188
+# define ASN1_R_MIME_NO_CONTENT_TYPE                      206
+# define ASN1_R_MIME_PARSE_ERROR                          207
+# define ASN1_R_MIME_SIG_PARSE_ERROR                      208
+# define ASN1_R_MISSING_EOC                               137
+# define ASN1_R_MISSING_SECOND_NUMBER                     138
+# define ASN1_R_MISSING_VALUE                             189
+# define ASN1_R_MSTRING_NOT_UNIVERSAL                     139
+# define ASN1_R_MSTRING_WRONG_TAG                         140
+# define ASN1_R_NESTED_ASN1_STRING                        197
+# define ASN1_R_NON_HEX_CHARACTERS                        141
+# define ASN1_R_NOT_ASCII_FORMAT                          190
+# define ASN1_R_NOT_ENOUGH_DATA                           142
+# define ASN1_R_NO_CONTENT_TYPE                           209
+# define ASN1_R_NO_MATCHING_CHOICE_TYPE                   143
+# define ASN1_R_NO_MULTIPART_BODY_FAILURE                 210
+# define ASN1_R_NO_MULTIPART_BOUNDARY                     211
+# define ASN1_R_NO_SIG_CONTENT_TYPE                       212
+# define ASN1_R_NULL_IS_WRONG_LENGTH                      144
+# define ASN1_R_OBJECT_NOT_ASCII_FORMAT                   191
+# define ASN1_R_ODD_NUMBER_OF_CHARS                       145
+# define ASN1_R_SECOND_NUMBER_TOO_LARGE                   147
+# define ASN1_R_SEQUENCE_LENGTH_MISMATCH                  148
+# define ASN1_R_SEQUENCE_NOT_CONSTRUCTED                  149
+# define ASN1_R_SEQUENCE_OR_SET_NEEDS_CONFIG              192
+# define ASN1_R_SHORT_LINE                                150
+# define ASN1_R_SIG_INVALID_MIME_TYPE                     213
+# define ASN1_R_STREAMING_NOT_SUPPORTED                   202
+# define ASN1_R_STRING_TOO_LONG                           151
+# define ASN1_R_STRING_TOO_SHORT                          152
+# define ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 154
+# define ASN1_R_TIME_NOT_ASCII_FORMAT                     193
+# define ASN1_R_TOO_LARGE                                 223
+# define ASN1_R_TOO_LONG                                  155
+# define ASN1_R_TOO_SMALL                                 224
+# define ASN1_R_TYPE_NOT_CONSTRUCTED                      156
+# define ASN1_R_TYPE_NOT_PRIMITIVE                        195
+# define ASN1_R_UNEXPECTED_EOC                            159
+# define ASN1_R_UNIVERSALSTRING_IS_WRONG_LENGTH           215
+# define ASN1_R_UNKNOWN_FORMAT                            160
+# define ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM          161
+# define ASN1_R_UNKNOWN_OBJECT_TYPE                       162
+# define ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE                   163
+# define ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM               199
+# define ASN1_R_UNKNOWN_TAG                               194
+# define ASN1_R_UNSUPPORTED_ANY_DEFINED_BY_TYPE           164
+# define ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE               167
+# define ASN1_R_UNSUPPORTED_TYPE                          196
+# define ASN1_R_WRONG_INTEGER_TYPE                        225
+# define ASN1_R_WRONG_PUBLIC_KEY_TYPE                     200
+# define ASN1_R_WRONG_TAG                                 168
+
+#endif
diff --git a/include/openssl/async.h b/include/openssl/async.h
index 5b2e496..45ff30a 100644
--- a/include/openssl/async.h
+++ b/include/openssl/async.h
@@ -22,6 +22,7 @@
 #define OSSL_ASYNC_FD       int
 #define OSSL_BAD_ASYNC_FD   -1
 #endif
+# include <openssl/asyncerr.h>
 
 
 # ifdef  __cplusplus
@@ -68,30 +69,8 @@ ASYNC_WAIT_CTX *ASYNC_get_wait_ctx(ASYNC_JOB *job);
 void ASYNC_block_pause(void);
 void ASYNC_unblock_pause(void);
 
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-
 int ERR_load_ASYNC_strings(void);
 
-/* Error codes for the ASYNC functions. */
-
-/* Function codes. */
-# define ASYNC_F_ASYNC_CTX_NEW                            100
-# define ASYNC_F_ASYNC_INIT_THREAD                        101
-# define ASYNC_F_ASYNC_JOB_NEW                            102
-# define ASYNC_F_ASYNC_PAUSE_JOB                          103
-# define ASYNC_F_ASYNC_START_FUNC                         104
-# define ASYNC_F_ASYNC_START_JOB                          105
-
-/* Reason codes. */
-# define ASYNC_R_FAILED_TO_SET_POOL                       101
-# define ASYNC_R_FAILED_TO_SWAP_CONTEXT                   102
-# define ASYNC_R_INIT_FAILED                              105
-# define ASYNC_R_INVALID_POOL_SIZE                        103
-
 # ifdef  __cplusplus
 }
 # endif
diff --git a/include/openssl/asyncerr.h b/include/openssl/asyncerr.h
new file mode 100644
index 0000000..a9bb86e
--- /dev/null
+++ b/include/openssl/asyncerr.h
@@ -0,0 +1,40 @@
+/*
+ * Generated by util/mkerr.pl DO NOT EDIT
+ * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the OpenSSL license (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef HEADER_ASYNCERR_H
+# define HEADER_ASYNCERR_H
+
+# ifdef  __cplusplus
+extern "C" {
+# endif
+int ERR_load_ASYNC_strings(void);
+# ifdef  __cplusplus
+}
+# endif
+
+/*
+ * ASYNC function codes.
+ */
+# define ASYNC_F_ASYNC_CTX_NEW                            100
+# define ASYNC_F_ASYNC_INIT_THREAD                        101
+# define ASYNC_F_ASYNC_JOB_NEW                            102
+# define ASYNC_F_ASYNC_PAUSE_JOB                          103
+# define ASYNC_F_ASYNC_START_FUNC                         104
+# define ASYNC_F_ASYNC_START_JOB                          105
+
+/*
+ * ASYNC reason codes.
+ */
+# define ASYNC_R_FAILED_TO_SET_POOL                       101
+# define ASYNC_R_FAILED_TO_SWAP_CONTEXT                   102
+# define ASYNC_R_INIT_FAILED                              105
+# define ASYNC_R_INVALID_POOL_SIZE                        103
+
+#endif
diff --git a/include/openssl/bio.h b/include/openssl/bio.h
index 003a9b1..0955b76 100644
--- a/include/openssl/bio.h
+++ b/include/openssl/bio.h
@@ -18,6 +18,7 @@
 # include <stdarg.h>
 
 # include <openssl/crypto.h>
+# include <openssl/bioerr.h>
 
 # ifndef OPENSSL_NO_SCTP
 #  include <openssl/e_os2.h>
@@ -785,104 +786,8 @@ long (*BIO_meth_get_callback_ctrl(BIO_METHOD *biom))
 int BIO_meth_set_callback_ctrl(BIO_METHOD *biom,
                                long (*callback_ctrl) (BIO *, int,
                                                       bio_info_cb *));
-
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-
 int ERR_load_BIO_strings(void);
 
-/* Error codes for the BIO functions. */
-
-/* Function codes. */
-# define BIO_F_ACPT_STATE                                 100
-# define BIO_F_ADDR_STRINGS                               134
-# define BIO_F_BIO_ACCEPT                                 101
-# define BIO_F_BIO_ACCEPT_EX                              137
-# define BIO_F_BIO_ADDR_NEW                               144
-# define BIO_F_BIO_CALLBACK_CTRL                          131
-# define BIO_F_BIO_CONNECT                                138
-# define BIO_F_BIO_CTRL                                   103
-# define BIO_F_BIO_GETS                                   104
-# define BIO_F_BIO_GET_HOST_IP                            106
-# define BIO_F_BIO_GET_NEW_INDEX                          102
-# define BIO_F_BIO_GET_PORT                               107
-# define BIO_F_BIO_LISTEN                                 139
-# define BIO_F_BIO_LOOKUP                                 135
-# define BIO_F_BIO_LOOKUP_EX                              143
-# define BIO_F_BIO_MAKE_PAIR                              121
-# define BIO_F_BIO_NEW                                    108
-# define BIO_F_BIO_NEW_DGRAM_SCTP                         145
-# define BIO_F_BIO_NEW_FILE                               109
-# define BIO_F_BIO_NEW_MEM_BUF                            126
-# define BIO_F_BIO_NREAD                                  123
-# define BIO_F_BIO_NREAD0                                 124
-# define BIO_F_BIO_NWRITE                                 125
-# define BIO_F_BIO_NWRITE0                                122
-# define BIO_F_BIO_PARSE_HOSTSERV                         136
-# define BIO_F_BIO_PUTS                                   110
-# define BIO_F_BIO_READ                                   111
-# define BIO_F_BIO_READ_EX                                105
-# define BIO_F_BIO_READ_INTERN                            120
-# define BIO_F_BIO_SOCKET                                 140
-# define BIO_F_BIO_SOCKET_NBIO                            142
-# define BIO_F_BIO_SOCK_INFO                              141
-# define BIO_F_BIO_SOCK_INIT                              112
-# define BIO_F_BIO_WRITE                                  113
-# define BIO_F_BIO_WRITE_EX                               119
-# define BIO_F_BIO_WRITE_INTERN                           128
-# define BIO_F_BUFFER_CTRL                                114
-# define BIO_F_CONN_CTRL                                  127
-# define BIO_F_CONN_STATE                                 115
-# define BIO_F_DGRAM_SCTP_READ                            132
-# define BIO_F_DGRAM_SCTP_WRITE                           133
-# define BIO_F_FILE_CTRL                                  116
-# define BIO_F_FILE_READ                                  130
-# define BIO_F_LINEBUFFER_CTRL                            129
-# define BIO_F_MEM_WRITE                                  117
-# define BIO_F_SSL_NEW                                    118
-
-/* Reason codes. */
-# define BIO_R_ACCEPT_ERROR                               100
-# define BIO_R_ADDRINFO_ADDR_IS_NOT_AF_INET               141
-# define BIO_R_AMBIGUOUS_HOST_OR_SERVICE                  129
-# define BIO_R_BAD_FOPEN_MODE                             101
-# define BIO_R_BROKEN_PIPE                                124
-# define BIO_R_CONNECT_ERROR                              103
-# define BIO_R_GETHOSTBYNAME_ADDR_IS_NOT_AF_INET          107
-# define BIO_R_GETSOCKNAME_ERROR                          132
-# define BIO_R_GETSOCKNAME_TRUNCATED_ADDRESS              133
-# define BIO_R_GETTING_SOCKTYPE                           134
-# define BIO_R_INVALID_ARGUMENT                           125
-# define BIO_R_INVALID_SOCKET                             135
-# define BIO_R_IN_USE                                     123
-# define BIO_R_LENGTH_TOO_LONG                            102
-# define BIO_R_LISTEN_V6_ONLY                             136
-# define BIO_R_LOOKUP_RETURNED_NOTHING                    142
-# define BIO_R_MALFORMED_HOST_OR_SERVICE                  130
-# define BIO_R_NBIO_CONNECT_ERROR                         110
-# define BIO_R_NO_ACCEPT_ADDR_OR_SERVICE_SPECIFIED        143
-# define BIO_R_NO_HOSTNAME_OR_SERVICE_SPECIFIED           144
-# define BIO_R_NO_PORT_DEFINED                            113
-# define BIO_R_NO_SUCH_FILE                               128
-# define BIO_R_NULL_PARAMETER                             115
-# define BIO_R_UNABLE_TO_BIND_SOCKET                      117
-# define BIO_R_UNABLE_TO_CREATE_SOCKET                    118
-# define BIO_R_UNABLE_TO_KEEPALIVE                        137
-# define BIO_R_UNABLE_TO_LISTEN_SOCKET                    119
-# define BIO_R_UNABLE_TO_NODELAY                          138
-# define BIO_R_UNABLE_TO_REUSEADDR                        139
-# define BIO_R_UNAVAILABLE_IP_FAMILY                      145
-# define BIO_R_UNINITIALIZED                              120
-# define BIO_R_UNKNOWN_INFO_TYPE                          140
-# define BIO_R_UNSUPPORTED_IP_FAMILY                      146
-# define BIO_R_UNSUPPORTED_METHOD                         121
-# define BIO_R_UNSUPPORTED_PROTOCOL_FAMILY                131
-# define BIO_R_WRITE_TO_READ_ONLY_BIO                     126
-# define BIO_R_WSASTARTUP                                 122
-
 # ifdef  __cplusplus
 }
 # endif
diff --git a/include/openssl/bioerr.h b/include/openssl/bioerr.h
new file mode 100644
index 0000000..2510230
--- /dev/null
+++ b/include/openssl/bioerr.h
@@ -0,0 +1,113 @@
+/*
+ * Generated by util/mkerr.pl DO NOT EDIT
+ * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the OpenSSL license (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef HEADER_BIOERR_H
+# define HEADER_BIOERR_H
+
+# ifdef  __cplusplus
+extern "C" {
+# endif
+int ERR_load_BIO_strings(void);
+# ifdef  __cplusplus
+}
+# endif
+
+/*
+ * BIO function codes.
+ */
+# define BIO_F_ACPT_STATE                                 100
+# define BIO_F_ADDR_STRINGS                               134
+# define BIO_F_BIO_ACCEPT                                 101
+# define BIO_F_BIO_ACCEPT_EX                              137
+# define BIO_F_BIO_ADDR_NEW                               144
+# define BIO_F_BIO_CALLBACK_CTRL                          131
+# define BIO_F_BIO_CONNECT                                138
+# define BIO_F_BIO_CTRL                                   103
+# define BIO_F_BIO_GETS                                   104
+# define BIO_F_BIO_GET_HOST_IP                            106
+# define BIO_F_BIO_GET_NEW_INDEX                          102
+# define BIO_F_BIO_GET_PORT                               107
+# define BIO_F_BIO_LISTEN                                 139
+# define BIO_F_BIO_LOOKUP                                 135
+# define BIO_F_BIO_LOOKUP_EX                              143
+# define BIO_F_BIO_MAKE_PAIR                              121
+# define BIO_F_BIO_NEW                                    108
+# define BIO_F_BIO_NEW_DGRAM_SCTP                         145
+# define BIO_F_BIO_NEW_FILE                               109
+# define BIO_F_BIO_NEW_MEM_BUF                            126
+# define BIO_F_BIO_NREAD                                  123
+# define BIO_F_BIO_NREAD0                                 124
+# define BIO_F_BIO_NWRITE                                 125
+# define BIO_F_BIO_NWRITE0                                122
+# define BIO_F_BIO_PARSE_HOSTSERV                         136
+# define BIO_F_BIO_PUTS                                   110
+# define BIO_F_BIO_READ                                   111
+# define BIO_F_BIO_READ_EX                                105
+# define BIO_F_BIO_READ_INTERN                            120
+# define BIO_F_BIO_SOCKET                                 140
+# define BIO_F_BIO_SOCKET_NBIO                            142
+# define BIO_F_BIO_SOCK_INFO                              141
+# define BIO_F_BIO_SOCK_INIT                              112
+# define BIO_F_BIO_WRITE                                  113
+# define BIO_F_BIO_WRITE_EX                               119
+# define BIO_F_BIO_WRITE_INTERN                           128
+# define BIO_F_BUFFER_CTRL                                114
+# define BIO_F_CONN_CTRL                                  127
+# define BIO_F_CONN_STATE                                 115
+# define BIO_F_DGRAM_SCTP_READ                            132
+# define BIO_F_DGRAM_SCTP_WRITE                           133
+# define BIO_F_FILE_CTRL                                  116
+# define BIO_F_FILE_READ                                  130
+# define BIO_F_LINEBUFFER_CTRL                            129
+# define BIO_F_MEM_WRITE                                  117
+# define BIO_F_SSL_NEW                                    118
+
+/*
+ * BIO reason codes.
+ */
+# define BIO_R_ACCEPT_ERROR                               100
+# define BIO_R_ADDRINFO_ADDR_IS_NOT_AF_INET               141
+# define BIO_R_AMBIGUOUS_HOST_OR_SERVICE                  129
+# define BIO_R_BAD_FOPEN_MODE                             101
+# define BIO_R_BROKEN_PIPE                                124
+# define BIO_R_CONNECT_ERROR                              103
+# define BIO_R_GETHOSTBYNAME_ADDR_IS_NOT_AF_INET          107
+# define BIO_R_GETSOCKNAME_ERROR                          132
+# define BIO_R_GETSOCKNAME_TRUNCATED_ADDRESS              133
+# define BIO_R_GETTING_SOCKTYPE                           134
+# define BIO_R_INVALID_ARGUMENT                           125
+# define BIO_R_INVALID_SOCKET                             135
+# define BIO_R_IN_USE                                     123
+# define BIO_R_LENGTH_TOO_LONG                            102
+# define BIO_R_LISTEN_V6_ONLY                             136
+# define BIO_R_LOOKUP_RETURNED_NOTHING                    142
+# define BIO_R_MALFORMED_HOST_OR_SERVICE                  130
+# define BIO_R_NBIO_CONNECT_ERROR                         110
+# define BIO_R_NO_ACCEPT_ADDR_OR_SERVICE_SPECIFIED        143
+# define BIO_R_NO_HOSTNAME_OR_SERVICE_SPECIFIED           144
+# define BIO_R_NO_PORT_DEFINED                            113
+# define BIO_R_NO_SUCH_FILE                               128
+# define BIO_R_NULL_PARAMETER                             115
+# define BIO_R_UNABLE_TO_BIND_SOCKET                      117
+# define BIO_R_UNABLE_TO_CREATE_SOCKET                    118
+# define BIO_R_UNABLE_TO_KEEPALIVE                        137
+# define BIO_R_UNABLE_TO_LISTEN_SOCKET                    119
+# define BIO_R_UNABLE_TO_NODELAY                          138
+# define BIO_R_UNABLE_TO_REUSEADDR                        139
+# define BIO_R_UNAVAILABLE_IP_FAMILY                      145
+# define BIO_R_UNINITIALIZED                              120
+# define BIO_R_UNKNOWN_INFO_TYPE                          140
+# define BIO_R_UNSUPPORTED_IP_FAMILY                      146
+# define BIO_R_UNSUPPORTED_METHOD                         121
+# define BIO_R_UNSUPPORTED_PROTOCOL_FAMILY                131
+# define BIO_R_WRITE_TO_READ_ONLY_BIO                     126
+# define BIO_R_WSASTARTUP                                 122
+
+#endif
diff --git a/include/openssl/bn.h b/include/openssl/bn.h
index 17bd521..2b0a37a 100644
--- a/include/openssl/bn.h
+++ b/include/openssl/bn.h
@@ -31,6 +31,7 @@
 # include <openssl/opensslconf.h>
 # include <openssl/ossl_typ.h>
 # include <openssl/crypto.h>
+# include <openssl/bnerr.h>
 
 #ifdef  __cplusplus
 extern "C" {
@@ -491,84 +492,8 @@ BIGNUM *BN_get_rfc3526_prime_8192(BIGNUM *bn);
 
 int BN_bntest_rand(BIGNUM *rnd, int bits, int top, int bottom);
 
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-
 int ERR_load_BN_strings(void);
 
-/* Error codes for the BN functions. */
-
-/* Function codes. */
-# define BN_F_BNRAND                                      127
-# define BN_F_BN_BLINDING_CONVERT_EX                      100
-# define BN_F_BN_BLINDING_CREATE_PARAM                    128
-# define BN_F_BN_BLINDING_INVERT_EX                       101
-# define BN_F_BN_BLINDING_NEW                             102
-# define BN_F_BN_BLINDING_UPDATE                          103
-# define BN_F_BN_BN2DEC                                   104
-# define BN_F_BN_BN2HEX                                   105
-# define BN_F_BN_COMPUTE_WNAF                             142
-# define BN_F_BN_CTX_GET                                  116
-# define BN_F_BN_CTX_NEW                                  106
-# define BN_F_BN_CTX_START                                129
-# define BN_F_BN_DIV                                      107
-# define BN_F_BN_DIV_RECP                                 130
-# define BN_F_BN_EXP                                      123
-# define BN_F_BN_EXPAND_INTERNAL                          120
-# define BN_F_BN_GENCB_NEW                                143
-# define BN_F_BN_GENERATE_DSA_NONCE                       140
-# define BN_F_BN_GENERATE_PRIME_EX                        141
-# define BN_F_BN_GF2M_MOD                                 131
-# define BN_F_BN_GF2M_MOD_EXP                             132
-# define BN_F_BN_GF2M_MOD_MUL                             133
-# define BN_F_BN_GF2M_MOD_SOLVE_QUAD                      134
-# define BN_F_BN_GF2M_MOD_SOLVE_QUAD_ARR                  135
-# define BN_F_BN_GF2M_MOD_SQR                             136
-# define BN_F_BN_GF2M_MOD_SQRT                            137
-# define BN_F_BN_LSHIFT                                   145
-# define BN_F_BN_MOD_EXP2_MONT                            118
-# define BN_F_BN_MOD_EXP_MONT                             109
-# define BN_F_BN_MOD_EXP_MONT_CONSTTIME                   124
-# define BN_F_BN_MOD_EXP_MONT_WORD                        117
-# define BN_F_BN_MOD_EXP_RECP                             125
-# define BN_F_BN_MOD_EXP_SIMPLE                           126
-# define BN_F_BN_MOD_INVERSE                              110
-# define BN_F_BN_MOD_INVERSE_NO_BRANCH                    139
-# define BN_F_BN_MOD_LSHIFT_QUICK                         119
-# define BN_F_BN_MOD_SQRT                                 121
-# define BN_F_BN_MPI2BN                                   112
-# define BN_F_BN_NEW                                      113
-# define BN_F_BN_RAND                                     114
-# define BN_F_BN_RAND_RANGE                               122
-# define BN_F_BN_RSHIFT                                   146
-# define BN_F_BN_SET_WORDS                                144
-# define BN_F_BN_USUB                                     115
-
-/* Reason codes. */
-# define BN_R_ARG2_LT_ARG3                                100
-# define BN_R_BAD_RECIPROCAL                              101
-# define BN_R_BIGNUM_TOO_LONG                             114
-# define BN_R_BITS_TOO_SMALL                              118
-# define BN_R_CALLED_WITH_EVEN_MODULUS                    102
-# define BN_R_DIV_BY_ZERO                                 103
-# define BN_R_ENCODING_ERROR                              104
-# define BN_R_EXPAND_ON_STATIC_BIGNUM_DATA                105
-# define BN_R_INPUT_NOT_REDUCED                           110
-# define BN_R_INVALID_LENGTH                              106
-# define BN_R_INVALID_RANGE                               115
-# define BN_R_INVALID_SHIFT                               119
-# define BN_R_NOT_A_SQUARE                                111
-# define BN_R_NOT_INITIALIZED                             107
-# define BN_R_NO_INVERSE                                  108
-# define BN_R_NO_SOLUTION                                 116
-# define BN_R_PRIVATE_KEY_TOO_LARGE                       117
-# define BN_R_P_IS_NOT_PRIME                              112
-# define BN_R_TOO_MANY_ITERATIONS                         113
-# define BN_R_TOO_MANY_TEMPORARY_VARIABLES                109
-
 # ifdef  __cplusplus
 }
 # endif
diff --git a/include/openssl/bnerr.h b/include/openssl/bnerr.h
new file mode 100644
index 0000000..0578473
--- /dev/null
+++ b/include/openssl/bnerr.h
@@ -0,0 +1,94 @@
+/*
+ * Generated by util/mkerr.pl DO NOT EDIT
+ * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the OpenSSL license (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef HEADER_BNERR_H
+# define HEADER_BNERR_H
+
+# ifdef  __cplusplus
+extern "C" {
+# endif
+int ERR_load_BN_strings(void);
+# ifdef  __cplusplus
+}
+# endif
+
+/*
+ * BN function codes.
+ */
+# define BN_F_BNRAND                                      127
+# define BN_F_BN_BLINDING_CONVERT_EX                      100
+# define BN_F_BN_BLINDING_CREATE_PARAM                    128
+# define BN_F_BN_BLINDING_INVERT_EX                       101
+# define BN_F_BN_BLINDING_NEW                             102
+# define BN_F_BN_BLINDING_UPDATE                          103
+# define BN_F_BN_BN2DEC                                   104
+# define BN_F_BN_BN2HEX                                   105
+# define BN_F_BN_COMPUTE_WNAF                             142
+# define BN_F_BN_CTX_GET                                  116
+# define BN_F_BN_CTX_NEW                                  106
+# define BN_F_BN_CTX_START                                129
+# define BN_F_BN_DIV                                      107
+# define BN_F_BN_DIV_RECP                                 130
+# define BN_F_BN_EXP                                      123
+# define BN_F_BN_EXPAND_INTERNAL                          120
+# define BN_F_BN_GENCB_NEW                                143
+# define BN_F_BN_GENERATE_DSA_NONCE                       140
+# define BN_F_BN_GENERATE_PRIME_EX                        141
+# define BN_F_BN_GF2M_MOD                                 131
+# define BN_F_BN_GF2M_MOD_EXP                             132
+# define BN_F_BN_GF2M_MOD_MUL                             133
+# define BN_F_BN_GF2M_MOD_SOLVE_QUAD                      134
+# define BN_F_BN_GF2M_MOD_SOLVE_QUAD_ARR                  135
+# define BN_F_BN_GF2M_MOD_SQR                             136
+# define BN_F_BN_GF2M_MOD_SQRT                            137
+# define BN_F_BN_LSHIFT                                   145
+# define BN_F_BN_MOD_EXP2_MONT                            118
+# define BN_F_BN_MOD_EXP_MONT                             109
+# define BN_F_BN_MOD_EXP_MONT_CONSTTIME                   124
+# define BN_F_BN_MOD_EXP_MONT_WORD                        117
+# define BN_F_BN_MOD_EXP_RECP                             125
+# define BN_F_BN_MOD_EXP_SIMPLE                           126
+# define BN_F_BN_MOD_INVERSE                              110
+# define BN_F_BN_MOD_INVERSE_NO_BRANCH                    139
+# define BN_F_BN_MOD_LSHIFT_QUICK                         119
+# define BN_F_BN_MOD_SQRT                                 121
+# define BN_F_BN_MPI2BN                                   112
+# define BN_F_BN_NEW                                      113
+# define BN_F_BN_RAND                                     114
+# define BN_F_BN_RAND_RANGE                               122
+# define BN_F_BN_RSHIFT                                   146
+# define BN_F_BN_SET_WORDS                                144
+# define BN_F_BN_USUB                                     115
+
+/*
+ * BN reason codes.
+ */
+# define BN_R_ARG2_LT_ARG3                                100
+# define BN_R_BAD_RECIPROCAL                              101
+# define BN_R_BIGNUM_TOO_LONG                             114
+# define BN_R_BITS_TOO_SMALL                              118
+# define BN_R_CALLED_WITH_EVEN_MODULUS                    102
+# define BN_R_DIV_BY_ZERO                                 103
+# define BN_R_ENCODING_ERROR                              104
+# define BN_R_EXPAND_ON_STATIC_BIGNUM_DATA                105
+# define BN_R_INPUT_NOT_REDUCED                           110
+# define BN_R_INVALID_LENGTH                              106
+# define BN_R_INVALID_RANGE                               115
+# define BN_R_INVALID_SHIFT                               119
+# define BN_R_NOT_A_SQUARE                                111
+# define BN_R_NOT_INITIALIZED                             107
+# define BN_R_NO_INVERSE                                  108
+# define BN_R_NO_SOLUTION                                 116
+# define BN_R_PRIVATE_KEY_TOO_LARGE                       117
+# define BN_R_P_IS_NOT_PRIME                              112
+# define BN_R_TOO_MANY_ITERATIONS                         113
+# define BN_R_TOO_MANY_TEMPORARY_VARIABLES                109
+
+#endif
diff --git a/include/openssl/buffer.h b/include/openssl/buffer.h
index 91f0e07..0eb90bb 100644
--- a/include/openssl/buffer.h
+++ b/include/openssl/buffer.h
@@ -14,6 +14,7 @@
 # ifndef HEADER_CRYPTO_H
 #  include <openssl/crypto.h>
 # endif
+# include <openssl/buffererr.h>
 
 
 #ifdef  __cplusplus
@@ -53,23 +54,8 @@ size_t BUF_MEM_grow(BUF_MEM *str, size_t len);
 size_t BUF_MEM_grow_clean(BUF_MEM *str, size_t len);
 void BUF_reverse(unsigned char *out, const unsigned char *in, size_t siz);
 
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-
 int ERR_load_BUF_strings(void);
 
-/* Error codes for the BUF functions. */
-
-/* Function codes. */
-# define BUF_F_BUF_MEM_GROW                               100
-# define BUF_F_BUF_MEM_GROW_CLEAN                         105
-# define BUF_F_BUF_MEM_NEW                                101
-
-/* Reason codes. */
-
 # ifdef  __cplusplus
 }
 # endif
diff --git a/include/openssl/buffererr.h b/include/openssl/buffererr.h
new file mode 100644
index 0000000..9007586
--- /dev/null
+++ b/include/openssl/buffererr.h
@@ -0,0 +1,33 @@
+/*
+ * Generated by util/mkerr.pl DO NOT EDIT
+ * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the OpenSSL license (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef HEADER_BUFERR_H
+# define HEADER_BUFERR_H
+
+# ifdef  __cplusplus
+extern "C" {
+# endif
+int ERR_load_BUF_strings(void);
+# ifdef  __cplusplus
+}
+# endif
+
+/*
+ * BUF function codes.
+ */
+# define BUF_F_BUF_MEM_GROW                               100
+# define BUF_F_BUF_MEM_GROW_CLEAN                         105
+# define BUF_F_BUF_MEM_NEW                                101
+
+/*
+ * BUF reason codes.
+ */
+
+#endif
diff --git a/include/openssl/cms.h b/include/openssl/cms.h
index a042069..c9294e5 100644
--- a/include/openssl/cms.h
+++ b/include/openssl/cms.h
@@ -15,6 +15,7 @@
 # ifndef OPENSSL_NO_CMS
 # include <openssl/x509.h>
 # include <openssl/x509v3.h>
+# include <openssl/cmserr.h>
 # ifdef __cplusplus
 extern "C" {
 # endif
@@ -329,187 +330,12 @@ int CMS_RecipientInfo_kari_decrypt(CMS_ContentInfo *cms,
 int CMS_SharedInfo_encode(unsigned char **pder, X509_ALGOR *kekalg,
                           ASN1_OCTET_STRING *ukm, int keylen);
 
-/* Compat for: CMS_R_UNKNOWN_DIGEST_ALGORITHM */
-# define CMS_R_UNKNOWN_DIGEST_ALGORITM                    149
-/* Compat for: CMS_R_UNSUPPORTED_RECIPIENTINFO_TYPE */
-# define CMS_R_UNSUPPORTED_RECPIENTINFO_TYPE              155
-
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
+/* Backward compatibility for spelling errors. */
+# define CMS_R_UNKNOWN_DIGEST_ALGORITM CMS_R_UNKNOWN_DIGEST_ALGORITHM
+# define CMS_R_UNSUPPORTED_RECPIENTINFO_TYPE \
+    CMS_R_UNSUPPORTED_RECIPIENTINFO_TYPE
 
 int ERR_load_CMS_strings(void);
-
-/* Error codes for the CMS functions. */
-
-/* Function codes. */
-# define CMS_F_CHECK_CONTENT                              99
-# define CMS_F_CMS_ADD0_CERT                              164
-# define CMS_F_CMS_ADD0_RECIPIENT_KEY                     100
-# define CMS_F_CMS_ADD0_RECIPIENT_PASSWORD                165
-# define CMS_F_CMS_ADD1_RECEIPTREQUEST                    158
-# define CMS_F_CMS_ADD1_RECIPIENT_CERT                    101
-# define CMS_F_CMS_ADD1_SIGNER                            102
-# define CMS_F_CMS_ADD1_SIGNINGTIME                       103
-# define CMS_F_CMS_COMPRESS                               104
-# define CMS_F_CMS_COMPRESSEDDATA_CREATE                  105
-# define CMS_F_CMS_COMPRESSEDDATA_INIT_BIO                106
-# define CMS_F_CMS_COPY_CONTENT                           107
-# define CMS_F_CMS_COPY_MESSAGEDIGEST                     108
-# define CMS_F_CMS_DATA                                   109
-# define CMS_F_CMS_DATAFINAL                              110
-# define CMS_F_CMS_DATAINIT                               111
-# define CMS_F_CMS_DECRYPT                                112
-# define CMS_F_CMS_DECRYPT_SET1_KEY                       113
-# define CMS_F_CMS_DECRYPT_SET1_PASSWORD                  166
-# define CMS_F_CMS_DECRYPT_SET1_PKEY                      114
-# define CMS_F_CMS_DIGESTALGORITHM_FIND_CTX               115
-# define CMS_F_CMS_DIGESTALGORITHM_INIT_BIO               116
-# define CMS_F_CMS_DIGESTEDDATA_DO_FINAL                  117
-# define CMS_F_CMS_DIGEST_VERIFY                          118
-# define CMS_F_CMS_ENCODE_RECEIPT                         161
-# define CMS_F_CMS_ENCRYPT                                119
-# define CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO              120
-# define CMS_F_CMS_ENCRYPTEDDATA_DECRYPT                  121
-# define CMS_F_CMS_ENCRYPTEDDATA_ENCRYPT                  122
-# define CMS_F_CMS_ENCRYPTEDDATA_SET1_KEY                 123
-# define CMS_F_CMS_ENVELOPEDDATA_CREATE                   124
-# define CMS_F_CMS_ENVELOPEDDATA_INIT_BIO                 125
-# define CMS_F_CMS_ENVELOPED_DATA_INIT                    126
-# define CMS_F_CMS_ENV_ASN1_CTRL                          171
-# define CMS_F_CMS_FINAL                                  127
-# define CMS_F_CMS_GET0_CERTIFICATE_CHOICES               128
-# define CMS_F_CMS_GET0_CONTENT                           129
-# define CMS_F_CMS_GET0_ECONTENT_TYPE                     130
-# define CMS_F_CMS_GET0_ENVELOPED                         131
-# define CMS_F_CMS_GET0_REVOCATION_CHOICES                132
-# define CMS_F_CMS_GET0_SIGNED                            133
-# define CMS_F_CMS_MSGSIGDIGEST_ADD1                      162
-# define CMS_F_CMS_RECEIPTREQUEST_CREATE0                 159
-# define CMS_F_CMS_RECEIPT_VERIFY                         160
-# define CMS_F_CMS_RECIPIENTINFO_DECRYPT                  134
-# define CMS_F_CMS_RECIPIENTINFO_ENCRYPT                  169
-# define CMS_F_CMS_RECIPIENTINFO_KARI_ENCRYPT             178
-# define CMS_F_CMS_RECIPIENTINFO_KARI_GET0_ALG            175
-# define CMS_F_CMS_RECIPIENTINFO_KARI_GET0_ORIG_ID        173
-# define CMS_F_CMS_RECIPIENTINFO_KARI_GET0_REKS           172
-# define CMS_F_CMS_RECIPIENTINFO_KARI_ORIG_ID_CMP         174
-# define CMS_F_CMS_RECIPIENTINFO_KEKRI_DECRYPT            135
-# define CMS_F_CMS_RECIPIENTINFO_KEKRI_ENCRYPT            136
-# define CMS_F_CMS_RECIPIENTINFO_KEKRI_GET0_ID            137
-# define CMS_F_CMS_RECIPIENTINFO_KEKRI_ID_CMP             138
-# define CMS_F_CMS_RECIPIENTINFO_KTRI_CERT_CMP            139
-# define CMS_F_CMS_RECIPIENTINFO_KTRI_DECRYPT             140
-# define CMS_F_CMS_RECIPIENTINFO_KTRI_ENCRYPT             141
-# define CMS_F_CMS_RECIPIENTINFO_KTRI_GET0_ALGS           142
-# define CMS_F_CMS_RECIPIENTINFO_KTRI_GET0_SIGNER_ID      143
-# define CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT               167
-# define CMS_F_CMS_RECIPIENTINFO_SET0_KEY                 144
-# define CMS_F_CMS_RECIPIENTINFO_SET0_PASSWORD            168
-# define CMS_F_CMS_RECIPIENTINFO_SET0_PKEY                145
-# define CMS_F_CMS_SD_ASN1_CTRL                           170
-# define CMS_F_CMS_SET1_IAS                               176
-# define CMS_F_CMS_SET1_KEYID                             177
-# define CMS_F_CMS_SET1_SIGNERIDENTIFIER                  146
-# define CMS_F_CMS_SET_DETACHED                           147
-# define CMS_F_CMS_SIGN                                   148
-# define CMS_F_CMS_SIGNED_DATA_INIT                       149
-# define CMS_F_CMS_SIGNERINFO_CONTENT_SIGN                150
-# define CMS_F_CMS_SIGNERINFO_SIGN                        151
-# define CMS_F_CMS_SIGNERINFO_VERIFY                      152
-# define CMS_F_CMS_SIGNERINFO_VERIFY_CERT                 153
-# define CMS_F_CMS_SIGNERINFO_VERIFY_CONTENT              154
-# define CMS_F_CMS_SIGN_RECEIPT                           163
-# define CMS_F_CMS_STREAM                                 155
-# define CMS_F_CMS_UNCOMPRESS                             156
-# define CMS_F_CMS_VERIFY                                 157
-
-/* Reason codes. */
-# define CMS_R_ADD_SIGNER_ERROR                           99
-# define CMS_R_CERTIFICATE_ALREADY_PRESENT                175
-# define CMS_R_CERTIFICATE_HAS_NO_KEYID                   160
-# define CMS_R_CERTIFICATE_VERIFY_ERROR                   100
-# define CMS_R_CIPHER_INITIALISATION_ERROR                101
-# define CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR      102
-# define CMS_R_CMS_DATAFINAL_ERROR                        103
-# define CMS_R_CMS_LIB                                    104
-# define CMS_R_CONTENTIDENTIFIER_MISMATCH                 170
-# define CMS_R_CONTENT_NOT_FOUND                          105
-# define CMS_R_CONTENT_TYPE_MISMATCH                      171
-# define CMS_R_CONTENT_TYPE_NOT_COMPRESSED_DATA           106
-# define CMS_R_CONTENT_TYPE_NOT_ENVELOPED_DATA            107
-# define CMS_R_CONTENT_TYPE_NOT_SIGNED_DATA               108
-# define CMS_R_CONTENT_VERIFY_ERROR                       109
-# define CMS_R_CTRL_ERROR                                 110
-# define CMS_R_CTRL_FAILURE                               111
-# define CMS_R_DECRYPT_ERROR                              112
-# define CMS_R_ERROR_GETTING_PUBLIC_KEY                   113
-# define CMS_R_ERROR_READING_MESSAGEDIGEST_ATTRIBUTE      114
-# define CMS_R_ERROR_SETTING_KEY                          115
-# define CMS_R_ERROR_SETTING_RECIPIENTINFO                116
-# define CMS_R_INVALID_ENCRYPTED_KEY_LENGTH               117
-# define CMS_R_INVALID_KEY_ENCRYPTION_PARAMETER           176
-# define CMS_R_INVALID_KEY_LENGTH                         118
-# define CMS_R_MD_BIO_INIT_ERROR                          119
-# define CMS_R_MESSAGEDIGEST_ATTRIBUTE_WRONG_LENGTH       120
-# define CMS_R_MESSAGEDIGEST_WRONG_LENGTH                 121
-# define CMS_R_MSGSIGDIGEST_ERROR                         172
-# define CMS_R_MSGSIGDIGEST_VERIFICATION_FAILURE          162
-# define CMS_R_MSGSIGDIGEST_WRONG_LENGTH                  163
-# define CMS_R_NEED_ONE_SIGNER                            164
-# define CMS_R_NOT_A_SIGNED_RECEIPT                       165
-# define CMS_R_NOT_ENCRYPTED_DATA                         122
-# define CMS_R_NOT_KEK                                    123
-# define CMS_R_NOT_KEY_AGREEMENT                          181
-# define CMS_R_NOT_KEY_TRANSPORT                          124
-# define CMS_R_NOT_PWRI                                   177
-# define CMS_R_NOT_SUPPORTED_FOR_THIS_KEY_TYPE            125
-# define CMS_R_NO_CIPHER                                  126
-# define CMS_R_NO_CONTENT                                 127
-# define CMS_R_NO_CONTENT_TYPE                            173
-# define CMS_R_NO_DEFAULT_DIGEST                          128
-# define CMS_R_NO_DIGEST_SET                              129
-# define CMS_R_NO_KEY                                     130
-# define CMS_R_NO_KEY_OR_CERT                             174
-# define CMS_R_NO_MATCHING_DIGEST                         131
-# define CMS_R_NO_MATCHING_RECIPIENT                      132
-# define CMS_R_NO_MATCHING_SIGNATURE                      166
-# define CMS_R_NO_MSGSIGDIGEST                            167
-# define CMS_R_NO_PASSWORD                                178
-# define CMS_R_NO_PRIVATE_KEY                             133
-# define CMS_R_NO_PUBLIC_KEY                              134
-# define CMS_R_NO_RECEIPT_REQUEST                         168
-# define CMS_R_NO_SIGNERS                                 135
-# define CMS_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE     136
-# define CMS_R_RECEIPT_DECODE_ERROR                       169
-# define CMS_R_RECIPIENT_ERROR                            137
-# define CMS_R_SIGNER_CERTIFICATE_NOT_FOUND               138
-# define CMS_R_SIGNFINAL_ERROR                            139
-# define CMS_R_SMIME_TEXT_ERROR                           140
-# define CMS_R_STORE_INIT_ERROR                           141
-# define CMS_R_TYPE_NOT_COMPRESSED_DATA                   142
-# define CMS_R_TYPE_NOT_DATA                              143
-# define CMS_R_TYPE_NOT_DIGESTED_DATA                     144
-# define CMS_R_TYPE_NOT_ENCRYPTED_DATA                    145
-# define CMS_R_TYPE_NOT_ENVELOPED_DATA                    146
-# define CMS_R_UNABLE_TO_FINALIZE_CONTEXT                 147
-# define CMS_R_UNKNOWN_CIPHER                             148
-# define CMS_R_UNKNOWN_DIGEST_ALGORITHM                   149
-# define CMS_R_UNKNOWN_ID                                 150
-# define CMS_R_UNSUPPORTED_COMPRESSION_ALGORITHM          151
-# define CMS_R_UNSUPPORTED_CONTENT_TYPE                   152
-# define CMS_R_UNSUPPORTED_KEK_ALGORITHM                  153
-# define CMS_R_UNSUPPORTED_KEY_ENCRYPTION_ALGORITHM       179
-# define CMS_R_UNSUPPORTED_RECIPIENT_TYPE                 154
-# define CMS_R_UNSUPPORTED_RECIPIENTINFO_TYPE             155
-# define CMS_R_UNSUPPORTED_TYPE                           156
-# define CMS_R_UNWRAP_ERROR                               157
-# define CMS_R_UNWRAP_FAILURE                             180
-# define CMS_R_VERIFICATION_FAILURE                       158
-# define CMS_R_WRAP_ERROR                                 159
-
 #  ifdef  __cplusplus
 }
 #  endif
diff --git a/include/openssl/cmserr.h b/include/openssl/cmserr.h
new file mode 100644
index 0000000..a599590
--- /dev/null
+++ b/include/openssl/cmserr.h
@@ -0,0 +1,192 @@
+/*
+ * Generated by util/mkerr.pl DO NOT EDIT
+ * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the OpenSSL license (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef HEADER_CMSERR_H
+# define HEADER_CMSERR_H
+
+# ifdef  __cplusplus
+extern "C" {
+# endif
+int ERR_load_CMS_strings(void);
+# ifdef  __cplusplus
+}
+# endif
+
+/*
+ * CMS function codes.
+ */
+# define CMS_F_CHECK_CONTENT                              99
+# define CMS_F_CMS_ADD0_CERT                              164
+# define CMS_F_CMS_ADD0_RECIPIENT_KEY                     100
+# define CMS_F_CMS_ADD0_RECIPIENT_PASSWORD                165
+# define CMS_F_CMS_ADD1_RECEIPTREQUEST                    158
+# define CMS_F_CMS_ADD1_RECIPIENT_CERT                    101
+# define CMS_F_CMS_ADD1_SIGNER                            102
+# define CMS_F_CMS_ADD1_SIGNINGTIME                       103
+# define CMS_F_CMS_COMPRESS                               104
+# define CMS_F_CMS_COMPRESSEDDATA_CREATE                  105
+# define CMS_F_CMS_COMPRESSEDDATA_INIT_BIO                106
+# define CMS_F_CMS_COPY_CONTENT                           107
+# define CMS_F_CMS_COPY_MESSAGEDIGEST                     108
+# define CMS_F_CMS_DATA                                   109
+# define CMS_F_CMS_DATAFINAL                              110
+# define CMS_F_CMS_DATAINIT                               111
+# define CMS_F_CMS_DECRYPT                                112
+# define CMS_F_CMS_DECRYPT_SET1_KEY                       113
+# define CMS_F_CMS_DECRYPT_SET1_PASSWORD                  166
+# define CMS_F_CMS_DECRYPT_SET1_PKEY                      114
+# define CMS_F_CMS_DIGESTALGORITHM_FIND_CTX               115
+# define CMS_F_CMS_DIGESTALGORITHM_INIT_BIO               116
+# define CMS_F_CMS_DIGESTEDDATA_DO_FINAL                  117
+# define CMS_F_CMS_DIGEST_VERIFY                          118
+# define CMS_F_CMS_ENCODE_RECEIPT                         161
+# define CMS_F_CMS_ENCRYPT                                119
+# define CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO              120
+# define CMS_F_CMS_ENCRYPTEDDATA_DECRYPT                  121
+# define CMS_F_CMS_ENCRYPTEDDATA_ENCRYPT                  122
+# define CMS_F_CMS_ENCRYPTEDDATA_SET1_KEY                 123
+# define CMS_F_CMS_ENVELOPEDDATA_CREATE                   124
+# define CMS_F_CMS_ENVELOPEDDATA_INIT_BIO                 125
+# define CMS_F_CMS_ENVELOPED_DATA_INIT                    126
+# define CMS_F_CMS_ENV_ASN1_CTRL                          171
+# define CMS_F_CMS_FINAL                                  127
+# define CMS_F_CMS_GET0_CERTIFICATE_CHOICES               128
+# define CMS_F_CMS_GET0_CONTENT                           129
+# define CMS_F_CMS_GET0_ECONTENT_TYPE                     130
+# define CMS_F_CMS_GET0_ENVELOPED                         131
+# define CMS_F_CMS_GET0_REVOCATION_CHOICES                132
+# define CMS_F_CMS_GET0_SIGNED                            133
+# define CMS_F_CMS_MSGSIGDIGEST_ADD1                      162
+# define CMS_F_CMS_RECEIPTREQUEST_CREATE0                 159
+# define CMS_F_CMS_RECEIPT_VERIFY                         160
+# define CMS_F_CMS_RECIPIENTINFO_DECRYPT                  134
+# define CMS_F_CMS_RECIPIENTINFO_ENCRYPT                  169
+# define CMS_F_CMS_RECIPIENTINFO_KARI_ENCRYPT             178
+# define CMS_F_CMS_RECIPIENTINFO_KARI_GET0_ALG            175
+# define CMS_F_CMS_RECIPIENTINFO_KARI_GET0_ORIG_ID        173
+# define CMS_F_CMS_RECIPIENTINFO_KARI_GET0_REKS           172
+# define CMS_F_CMS_RECIPIENTINFO_KARI_ORIG_ID_CMP         174
+# define CMS_F_CMS_RECIPIENTINFO_KEKRI_DECRYPT            135
+# define CMS_F_CMS_RECIPIENTINFO_KEKRI_ENCRYPT            136
+# define CMS_F_CMS_RECIPIENTINFO_KEKRI_GET0_ID            137
+# define CMS_F_CMS_RECIPIENTINFO_KEKRI_ID_CMP             138
+# define CMS_F_CMS_RECIPIENTINFO_KTRI_CERT_CMP            139
+# define CMS_F_CMS_RECIPIENTINFO_KTRI_DECRYPT             140
+# define CMS_F_CMS_RECIPIENTINFO_KTRI_ENCRYPT             141
+# define CMS_F_CMS_RECIPIENTINFO_KTRI_GET0_ALGS           142
+# define CMS_F_CMS_RECIPIENTINFO_KTRI_GET0_SIGNER_ID      143
+# define CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT               167
+# define CMS_F_CMS_RECIPIENTINFO_SET0_KEY                 144
+# define CMS_F_CMS_RECIPIENTINFO_SET0_PASSWORD            168
+# define CMS_F_CMS_RECIPIENTINFO_SET0_PKEY                145
+# define CMS_F_CMS_SD_ASN1_CTRL                           170
+# define CMS_F_CMS_SET1_IAS                               176
+# define CMS_F_CMS_SET1_KEYID                             177
+# define CMS_F_CMS_SET1_SIGNERIDENTIFIER                  146
+# define CMS_F_CMS_SET_DETACHED                           147
+# define CMS_F_CMS_SIGN                                   148
+# define CMS_F_CMS_SIGNED_DATA_INIT                       149
+# define CMS_F_CMS_SIGNERINFO_CONTENT_SIGN                150
+# define CMS_F_CMS_SIGNERINFO_SIGN                        151
+# define CMS_F_CMS_SIGNERINFO_VERIFY                      152
+# define CMS_F_CMS_SIGNERINFO_VERIFY_CERT                 153
+# define CMS_F_CMS_SIGNERINFO_VERIFY_CONTENT              154
+# define CMS_F_CMS_SIGN_RECEIPT                           163
+# define CMS_F_CMS_STREAM                                 155
+# define CMS_F_CMS_UNCOMPRESS                             156
+# define CMS_F_CMS_VERIFY                                 157
+
+/*
+ * CMS reason codes.
+ */
+# define CMS_R_ADD_SIGNER_ERROR                           99
+# define CMS_R_CERTIFICATE_ALREADY_PRESENT                175
+# define CMS_R_CERTIFICATE_HAS_NO_KEYID                   160
+# define CMS_R_CERTIFICATE_VERIFY_ERROR                   100
+# define CMS_R_CIPHER_INITIALISATION_ERROR                101
+# define CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR      102
+# define CMS_R_CMS_DATAFINAL_ERROR                        103
+# define CMS_R_CMS_LIB                                    104
+# define CMS_R_CONTENTIDENTIFIER_MISMATCH                 170
+# define CMS_R_CONTENT_NOT_FOUND                          105
+# define CMS_R_CONTENT_TYPE_MISMATCH                      171
+# define CMS_R_CONTENT_TYPE_NOT_COMPRESSED_DATA           106
+# define CMS_R_CONTENT_TYPE_NOT_ENVELOPED_DATA            107
+# define CMS_R_CONTENT_TYPE_NOT_SIGNED_DATA               108
+# define CMS_R_CONTENT_VERIFY_ERROR                       109
+# define CMS_R_CTRL_ERROR                                 110
+# define CMS_R_CTRL_FAILURE                               111
+# define CMS_R_DECRYPT_ERROR                              112
+# define CMS_R_ERROR_GETTING_PUBLIC_KEY                   113
+# define CMS_R_ERROR_READING_MESSAGEDIGEST_ATTRIBUTE      114
+# define CMS_R_ERROR_SETTING_KEY                          115
+# define CMS_R_ERROR_SETTING_RECIPIENTINFO                116
+# define CMS_R_INVALID_ENCRYPTED_KEY_LENGTH               117
+# define CMS_R_INVALID_KEY_ENCRYPTION_PARAMETER           176
+# define CMS_R_INVALID_KEY_LENGTH                         118
+# define CMS_R_MD_BIO_INIT_ERROR                          119
+# define CMS_R_MESSAGEDIGEST_ATTRIBUTE_WRONG_LENGTH       120
+# define CMS_R_MESSAGEDIGEST_WRONG_LENGTH                 121
+# define CMS_R_MSGSIGDIGEST_ERROR                         172
+# define CMS_R_MSGSIGDIGEST_VERIFICATION_FAILURE          162
+# define CMS_R_MSGSIGDIGEST_WRONG_LENGTH                  163
+# define CMS_R_NEED_ONE_SIGNER                            164
+# define CMS_R_NOT_A_SIGNED_RECEIPT                       165
+# define CMS_R_NOT_ENCRYPTED_DATA                         122
+# define CMS_R_NOT_KEK                                    123
+# define CMS_R_NOT_KEY_AGREEMENT                          181
+# define CMS_R_NOT_KEY_TRANSPORT                          124
+# define CMS_R_NOT_PWRI                                   177
+# define CMS_R_NOT_SUPPORTED_FOR_THIS_KEY_TYPE            125
+# define CMS_R_NO_CIPHER                                  126
+# define CMS_R_NO_CONTENT                                 127
+# define CMS_R_NO_CONTENT_TYPE                            173
+# define CMS_R_NO_DEFAULT_DIGEST                          128
+# define CMS_R_NO_DIGEST_SET                              129
+# define CMS_R_NO_KEY                                     130
+# define CMS_R_NO_KEY_OR_CERT                             174
+# define CMS_R_NO_MATCHING_DIGEST                         131
+# define CMS_R_NO_MATCHING_RECIPIENT                      132
+# define CMS_R_NO_MATCHING_SIGNATURE                      166
+# define CMS_R_NO_MSGSIGDIGEST                            167
+# define CMS_R_NO_PASSWORD                                178
+# define CMS_R_NO_PRIVATE_KEY                             133
+# define CMS_R_NO_PUBLIC_KEY                              134
+# define CMS_R_NO_RECEIPT_REQUEST                         168
+# define CMS_R_NO_SIGNERS                                 135
+# define CMS_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE     136
+# define CMS_R_RECEIPT_DECODE_ERROR                       169
+# define CMS_R_RECIPIENT_ERROR                            137
+# define CMS_R_SIGNER_CERTIFICATE_NOT_FOUND               138
+# define CMS_R_SIGNFINAL_ERROR                            139
+# define CMS_R_SMIME_TEXT_ERROR                           140
+# define CMS_R_STORE_INIT_ERROR                           141
+# define CMS_R_TYPE_NOT_COMPRESSED_DATA                   142
+# define CMS_R_TYPE_NOT_DATA                              143
+# define CMS_R_TYPE_NOT_DIGESTED_DATA                     144
+# define CMS_R_TYPE_NOT_ENCRYPTED_DATA                    145
+# define CMS_R_TYPE_NOT_ENVELOPED_DATA                    146
+# define CMS_R_UNABLE_TO_FINALIZE_CONTEXT                 147
+# define CMS_R_UNKNOWN_CIPHER                             148
+# define CMS_R_UNKNOWN_DIGEST_ALGORITHM                   149
+# define CMS_R_UNKNOWN_ID                                 150
+# define CMS_R_UNSUPPORTED_COMPRESSION_ALGORITHM          151
+# define CMS_R_UNSUPPORTED_CONTENT_TYPE                   152
+# define CMS_R_UNSUPPORTED_KEK_ALGORITHM                  153
+# define CMS_R_UNSUPPORTED_KEY_ENCRYPTION_ALGORITHM       179
+# define CMS_R_UNSUPPORTED_RECIPIENTINFO_TYPE             155
+# define CMS_R_UNSUPPORTED_RECIPIENT_TYPE                 154
+# define CMS_R_UNSUPPORTED_TYPE                           156
+# define CMS_R_UNWRAP_ERROR                               157
+# define CMS_R_UNWRAP_FAILURE                             180
+# define CMS_R_VERIFICATION_FAILURE                       158
+# define CMS_R_WRAP_ERROR                                 159
+
+#endif
diff --git a/include/openssl/comp.h b/include/openssl/comp.h
index 260ff1e..27ff659 100644
--- a/include/openssl/comp.h
+++ b/include/openssl/comp.h
@@ -14,6 +14,7 @@
 
 # ifndef OPENSSL_NO_COMP
 # include <openssl/crypto.h>
+# include <openssl/comperr.h>
 # ifdef  __cplusplus
 extern "C" {
 # endif
@@ -44,27 +45,8 @@ const BIO_METHOD *BIO_f_zlib(void);
 #  endif
 # endif
 
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-
 int ERR_load_COMP_strings(void);
 
-/* Error codes for the COMP functions. */
-
-/* Function codes. */
-# define COMP_F_BIO_ZLIB_FLUSH                            99
-# define COMP_F_BIO_ZLIB_NEW                              100
-# define COMP_F_BIO_ZLIB_READ                             101
-# define COMP_F_BIO_ZLIB_WRITE                            102
-
-/* Reason codes. */
-# define COMP_R_ZLIB_DEFLATE_ERROR                        99
-# define COMP_R_ZLIB_INFLATE_ERROR                        100
-# define COMP_R_ZLIB_NOT_SUPPORTED                        101
-
 #  ifdef  __cplusplus
 }
 #  endif
diff --git a/include/openssl/comperr.h b/include/openssl/comperr.h
new file mode 100644
index 0000000..e6fe3f0
--- /dev/null
+++ b/include/openssl/comperr.h
@@ -0,0 +1,37 @@
+/*
+ * Generated by util/mkerr.pl DO NOT EDIT
+ * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the OpenSSL license (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef HEADER_COMPERR_H
+# define HEADER_COMPERR_H
+
+# ifdef  __cplusplus
+extern "C" {
+# endif
+int ERR_load_COMP_strings(void);
+# ifdef  __cplusplus
+}
+# endif
+
+/*
+ * COMP function codes.
+ */
+# define COMP_F_BIO_ZLIB_FLUSH                            99
+# define COMP_F_BIO_ZLIB_NEW                              100
+# define COMP_F_BIO_ZLIB_READ                             101
+# define COMP_F_BIO_ZLIB_WRITE                            102
+
+/*
+ * COMP reason codes.
+ */
+# define COMP_R_ZLIB_DEFLATE_ERROR                        99
+# define COMP_R_ZLIB_INFLATE_ERROR                        100
+# define COMP_R_ZLIB_NOT_SUPPORTED                        101
+
+#endif
diff --git a/include/openssl/conf.h b/include/openssl/conf.h
index 980a51b..2be21d8 100644
--- a/include/openssl/conf.h
+++ b/include/openssl/conf.h
@@ -15,8 +15,8 @@
 # include <openssl/stack.h>
 # include <openssl/safestack.h>
 # include <openssl/e_os2.h>
-
 # include <openssl/ossl_typ.h>
+# include <openssl/conferr.h>
 
 #ifdef  __cplusplus
 extern "C" {
@@ -162,55 +162,8 @@ int CONF_parse_list(const char *list, int sep, int nospc,
 
 void OPENSSL_load_builtin_modules(void);
 
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-
 int ERR_load_CONF_strings(void);
 
-/* Error codes for the CONF functions. */
-
-/* Function codes. */
-# define CONF_F_CONF_DUMP_FP                              104
-# define CONF_F_CONF_LOAD                                 100
-# define CONF_F_CONF_LOAD_FP                              103
-# define CONF_F_CONF_PARSE_LIST                           119
-# define CONF_F_DEF_LOAD                                  120
-# define CONF_F_DEF_LOAD_BIO                              121
-# define CONF_F_MODULE_INIT                               115
-# define CONF_F_MODULE_LOAD_DSO                           117
-# define CONF_F_MODULE_RUN                                118
-# define CONF_F_NCONF_DUMP_BIO                            105
-# define CONF_F_NCONF_DUMP_FP                             106
-# define CONF_F_NCONF_GET_NUMBER_E                        112
-# define CONF_F_NCONF_GET_SECTION                         108
-# define CONF_F_NCONF_GET_STRING                          109
-# define CONF_F_NCONF_LOAD                                113
-# define CONF_F_NCONF_LOAD_BIO                            110
-# define CONF_F_NCONF_LOAD_FP                             114
-# define CONF_F_NCONF_NEW                                 111
-# define CONF_F_STR_COPY                                  101
-
-/* Reason codes. */
-# define CONF_R_ERROR_LOADING_DSO                         110
-# define CONF_R_LIST_CANNOT_BE_NULL                       115
-# define CONF_R_MISSING_CLOSE_SQUARE_BRACKET              100
-# define CONF_R_MISSING_EQUAL_SIGN                        101
-# define CONF_R_MISSING_INIT_FUNCTION                     112
-# define CONF_R_MODULE_INITIALIZATION_ERROR               109
-# define CONF_R_NO_CLOSE_BRACE                            102
-# define CONF_R_NO_CONF                                   105
-# define CONF_R_NO_CONF_OR_ENVIRONMENT_VARIABLE           106
-# define CONF_R_NO_SECTION                                107
-# define CONF_R_NO_SUCH_FILE                              114
-# define CONF_R_NO_VALUE                                  108
-# define CONF_R_UNABLE_TO_CREATE_NEW_SECTION              103
-# define CONF_R_UNKNOWN_MODULE_NAME                       113
-# define CONF_R_VARIABLE_EXPANSION_TOO_LONG               116
-# define CONF_R_VARIABLE_HAS_NO_VALUE                     104
-
 # ifdef  __cplusplus
 }
 # endif
diff --git a/include/openssl/conferr.h b/include/openssl/conferr.h
new file mode 100644
index 0000000..4348e62
--- /dev/null
+++ b/include/openssl/conferr.h
@@ -0,0 +1,65 @@
+/*
+ * Generated by util/mkerr.pl DO NOT EDIT
+ * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the OpenSSL license (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef HEADER_CONFERR_H
+# define HEADER_CONFERR_H
+
+# ifdef  __cplusplus
+extern "C" {
+# endif
+int ERR_load_CONF_strings(void);
+# ifdef  __cplusplus
+}
+# endif
+
+/*
+ * CONF function codes.
+ */
+# define CONF_F_CONF_DUMP_FP                              104
+# define CONF_F_CONF_LOAD                                 100
+# define CONF_F_CONF_LOAD_FP                              103
+# define CONF_F_CONF_PARSE_LIST                           119
+# define CONF_F_DEF_LOAD                                  120
+# define CONF_F_DEF_LOAD_BIO                              121
+# define CONF_F_MODULE_INIT                               115
+# define CONF_F_MODULE_LOAD_DSO                           117
+# define CONF_F_MODULE_RUN                                118
+# define CONF_F_NCONF_DUMP_BIO                            105
+# define CONF_F_NCONF_DUMP_FP                             106
+# define CONF_F_NCONF_GET_NUMBER_E                        112
+# define CONF_F_NCONF_GET_SECTION                         108
+# define CONF_F_NCONF_GET_STRING                          109
+# define CONF_F_NCONF_LOAD                                113
+# define CONF_F_NCONF_LOAD_BIO                            110
+# define CONF_F_NCONF_LOAD_FP                             114
+# define CONF_F_NCONF_NEW                                 111
+# define CONF_F_STR_COPY                                  101
+
+/*
+ * CONF reason codes.
+ */
+# define CONF_R_ERROR_LOADING_DSO                         110
+# define CONF_R_LIST_CANNOT_BE_NULL                       115
+# define CONF_R_MISSING_CLOSE_SQUARE_BRACKET              100
+# define CONF_R_MISSING_EQUAL_SIGN                        101
+# define CONF_R_MISSING_INIT_FUNCTION                     112
+# define CONF_R_MODULE_INITIALIZATION_ERROR               109
+# define CONF_R_NO_CLOSE_BRACE                            102
+# define CONF_R_NO_CONF                                   105
+# define CONF_R_NO_CONF_OR_ENVIRONMENT_VARIABLE           106
+# define CONF_R_NO_SECTION                                107
+# define CONF_R_NO_SUCH_FILE                              114
+# define CONF_R_NO_VALUE                                  108
+# define CONF_R_UNABLE_TO_CREATE_NEW_SECTION              103
+# define CONF_R_UNKNOWN_MODULE_NAME                       113
+# define CONF_R_VARIABLE_EXPANSION_TOO_LONG               116
+# define CONF_R_VARIABLE_HAS_NO_VALUE                     104
+
+#endif
diff --git a/include/openssl/crypto.h b/include/openssl/crypto.h
index 42e888d..90847af 100644
--- a/include/openssl/crypto.h
+++ b/include/openssl/crypto.h
@@ -30,6 +30,7 @@
 # include <openssl/opensslv.h>
 # include <openssl/ossl_typ.h>
 # include <openssl/opensslconf.h>
+# include <openssl/cryptoerr.h>
 
 # ifdef CHARSET_EBCDIC
 #  include <openssl/ebcdic.h>
@@ -430,34 +431,8 @@ int CRYPTO_THREAD_cleanup_local(CRYPTO_THREAD_LOCAL *key);
 CRYPTO_THREAD_ID CRYPTO_THREAD_get_current_id(void);
 int CRYPTO_THREAD_compare_id(CRYPTO_THREAD_ID a, CRYPTO_THREAD_ID b);
 
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-
 int ERR_load_CRYPTO_strings(void);
 
-/* Error codes for the CRYPTO functions. */
-
-/* Function codes. */
-# define CRYPTO_F_CRYPTO_DUP_EX_DATA                      110
-# define CRYPTO_F_CRYPTO_FREE_EX_DATA                     111
-# define CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX                 100
-# define CRYPTO_F_CRYPTO_MEMDUP                           115
-# define CRYPTO_F_CRYPTO_NEW_EX_DATA                      112
-# define CRYPTO_F_CRYPTO_SET_EX_DATA                      102
-# define CRYPTO_F_FIPS_MODE_SET                           109
-# define CRYPTO_F_GET_AND_LOCK                            113
-# define CRYPTO_F_OPENSSL_BUF2HEXSTR                      117
-# define CRYPTO_F_OPENSSL_HEXSTR2BUF                      118
-# define CRYPTO_F_OPENSSL_INIT_CRYPTO                     116
-
-/* Reason codes. */
-# define CRYPTO_R_FIPS_MODE_NOT_SUPPORTED                 101
-# define CRYPTO_R_ILLEGAL_HEX_DIGIT                       102
-# define CRYPTO_R_ODD_NUMBER_OF_DIGITS                    103
-
 # ifdef  __cplusplus
 }
 # endif
diff --git a/include/openssl/cryptoerr.h b/include/openssl/cryptoerr.h
new file mode 100644
index 0000000..98fc278
--- /dev/null
+++ b/include/openssl/cryptoerr.h
@@ -0,0 +1,44 @@
+/*
+ * Generated by util/mkerr.pl DO NOT EDIT
+ * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the OpenSSL license (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef HEADER_CRYPTOERR_H
+# define HEADER_CRYPTOERR_H
+
+# ifdef  __cplusplus
+extern "C" {
+# endif
+int ERR_load_CRYPTO_strings(void);
+# ifdef  __cplusplus
+}
+# endif
+
+/*
+ * CRYPTO function codes.
+ */
+# define CRYPTO_F_CRYPTO_DUP_EX_DATA                      110
+# define CRYPTO_F_CRYPTO_FREE_EX_DATA                     111
+# define CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX                 100
+# define CRYPTO_F_CRYPTO_MEMDUP                           115
+# define CRYPTO_F_CRYPTO_NEW_EX_DATA                      112
+# define CRYPTO_F_CRYPTO_SET_EX_DATA                      102
+# define CRYPTO_F_FIPS_MODE_SET                           109
+# define CRYPTO_F_GET_AND_LOCK                            113
+# define CRYPTO_F_OPENSSL_BUF2HEXSTR                      117
+# define CRYPTO_F_OPENSSL_HEXSTR2BUF                      118
+# define CRYPTO_F_OPENSSL_INIT_CRYPTO                     116
+
+/*
+ * CRYPTO reason codes.
+ */
+# define CRYPTO_R_FIPS_MODE_NOT_SUPPORTED                 101
+# define CRYPTO_R_ILLEGAL_HEX_DIGIT                       102
+# define CRYPTO_R_ODD_NUMBER_OF_DIGITS                    103
+
+#endif
diff --git a/include/openssl/ct.h b/include/openssl/ct.h
index bf29fba..96f3b7c 100644
--- a/include/openssl/ct.h
+++ b/include/openssl/ct.h
@@ -16,6 +16,7 @@
 # include <openssl/ossl_typ.h>
 # include <openssl/safestack.h>
 # include <openssl/x509.h>
+# include <openssl/cterr.h>
 # ifdef  __cplusplus
 extern "C" {
 # endif
@@ -468,64 +469,7 @@ __owur int CTLOG_STORE_load_file(CTLOG_STORE *store, const char *file);
  */
 __owur int CTLOG_STORE_load_default_file(CTLOG_STORE *store);
 
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-
 int ERR_load_CT_strings(void);
-
-/* Error codes for the CT functions. */
-
-/* Function codes. */
-# define CT_F_CTLOG_NEW                                   117
-# define CT_F_CTLOG_NEW_FROM_BASE64                       118
-# define CT_F_CTLOG_NEW_FROM_CONF                         119
-# define CT_F_CTLOG_STORE_LOAD_CTX_NEW                    122
-# define CT_F_CTLOG_STORE_LOAD_FILE                       123
-# define CT_F_CTLOG_STORE_LOAD_LOG                        130
-# define CT_F_CTLOG_STORE_NEW                             131
-# define CT_F_CT_BASE64_DECODE                            124
-# define CT_F_CT_POLICY_EVAL_CTX_NEW                      133
-# define CT_F_CT_V1_LOG_ID_FROM_PKEY                      125
-# define CT_F_I2O_SCT                                     107
-# define CT_F_I2O_SCT_LIST                                108
-# define CT_F_I2O_SCT_SIGNATURE                           109
-# define CT_F_O2I_SCT                                     110
-# define CT_F_O2I_SCT_LIST                                111
-# define CT_F_O2I_SCT_SIGNATURE                           112
-# define CT_F_SCT_CTX_NEW                                 126
-# define CT_F_SCT_CTX_VERIFY                              128
-# define CT_F_SCT_NEW                                     100
-# define CT_F_SCT_NEW_FROM_BASE64                         127
-# define CT_F_SCT_SET0_LOG_ID                             101
-# define CT_F_SCT_SET1_EXTENSIONS                         114
-# define CT_F_SCT_SET1_LOG_ID                             115
-# define CT_F_SCT_SET1_SIGNATURE                          116
-# define CT_F_SCT_SET_LOG_ENTRY_TYPE                      102
-# define CT_F_SCT_SET_SIGNATURE_NID                       103
-# define CT_F_SCT_SET_VERSION                             104
-
-/* Reason codes. */
-# define CT_R_BASE64_DECODE_ERROR                         108
-# define CT_R_INVALID_LOG_ID_LENGTH                       100
-# define CT_R_LOG_CONF_INVALID                            109
-# define CT_R_LOG_CONF_INVALID_KEY                        110
-# define CT_R_LOG_CONF_MISSING_DESCRIPTION                111
-# define CT_R_LOG_CONF_MISSING_KEY                        112
-# define CT_R_LOG_KEY_INVALID                             113
-# define CT_R_SCT_FUTURE_TIMESTAMP                        116
-# define CT_R_SCT_INVALID                                 104
-# define CT_R_SCT_INVALID_SIGNATURE                       107
-# define CT_R_SCT_LIST_INVALID                            105
-# define CT_R_SCT_LOG_ID_MISMATCH                         114
-# define CT_R_SCT_NOT_SET                                 106
-# define CT_R_SCT_UNSUPPORTED_VERSION                     115
-# define CT_R_UNRECOGNIZED_SIGNATURE_NID                  101
-# define CT_R_UNSUPPORTED_ENTRY_TYPE                      102
-# define CT_R_UNSUPPORTED_VERSION                         103
-
 #  ifdef  __cplusplus
 }
 #  endif
diff --git a/include/openssl/cterr.h b/include/openssl/cterr.h
new file mode 100644
index 0000000..fc014cb
--- /dev/null
+++ b/include/openssl/cterr.h
@@ -0,0 +1,74 @@
+/*
+ * Generated by util/mkerr.pl DO NOT EDIT
+ * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the OpenSSL license (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef HEADER_CTERR_H
+# define HEADER_CTERR_H
+
+# ifdef  __cplusplus
+extern "C" {
+# endif
+int ERR_load_CT_strings(void);
+# ifdef  __cplusplus
+}
+# endif
+
+/*
+ * CT function codes.
+ */
+# define CT_F_CTLOG_NEW                                   117
+# define CT_F_CTLOG_NEW_FROM_BASE64                       118
+# define CT_F_CTLOG_NEW_FROM_CONF                         119
+# define CT_F_CTLOG_STORE_LOAD_CTX_NEW                    122
+# define CT_F_CTLOG_STORE_LOAD_FILE                       123
+# define CT_F_CTLOG_STORE_LOAD_LOG                        130
+# define CT_F_CTLOG_STORE_NEW                             131
+# define CT_F_CT_BASE64_DECODE                            124
+# define CT_F_CT_POLICY_EVAL_CTX_NEW                      133
+# define CT_F_CT_V1_LOG_ID_FROM_PKEY                      125
+# define CT_F_I2O_SCT                                     107
+# define CT_F_I2O_SCT_LIST                                108
+# define CT_F_I2O_SCT_SIGNATURE                           109
+# define CT_F_O2I_SCT                                     110
+# define CT_F_O2I_SCT_LIST                                111
+# define CT_F_O2I_SCT_SIGNATURE                           112
+# define CT_F_SCT_CTX_NEW                                 126
+# define CT_F_SCT_CTX_VERIFY                              128
+# define CT_F_SCT_NEW                                     100
+# define CT_F_SCT_NEW_FROM_BASE64                         127
+# define CT_F_SCT_SET0_LOG_ID                             101
+# define CT_F_SCT_SET1_EXTENSIONS                         114
+# define CT_F_SCT_SET1_LOG_ID                             115
+# define CT_F_SCT_SET1_SIGNATURE                          116
+# define CT_F_SCT_SET_LOG_ENTRY_TYPE                      102
+# define CT_F_SCT_SET_SIGNATURE_NID                       103
+# define CT_F_SCT_SET_VERSION                             104
+
+/*
+ * CT reason codes.
+ */
+# define CT_R_BASE64_DECODE_ERROR                         108
+# define CT_R_INVALID_LOG_ID_LENGTH                       100
+# define CT_R_LOG_CONF_INVALID                            109
+# define CT_R_LOG_CONF_INVALID_KEY                        110
+# define CT_R_LOG_CONF_MISSING_DESCRIPTION                111
+# define CT_R_LOG_CONF_MISSING_KEY                        112
+# define CT_R_LOG_KEY_INVALID                             113
+# define CT_R_SCT_FUTURE_TIMESTAMP                        116
+# define CT_R_SCT_INVALID                                 104
+# define CT_R_SCT_INVALID_SIGNATURE                       107
+# define CT_R_SCT_LIST_INVALID                            105
+# define CT_R_SCT_LOG_ID_MISMATCH                         114
+# define CT_R_SCT_NOT_SET                                 106
+# define CT_R_SCT_UNSUPPORTED_VERSION                     115
+# define CT_R_UNRECOGNIZED_SIGNATURE_NID                  101
+# define CT_R_UNSUPPORTED_ENTRY_TYPE                      102
+# define CT_R_UNSUPPORTED_VERSION                         103
+
+#endif
diff --git a/include/openssl/dh.h b/include/openssl/dh.h
index 2dd641d..ebd936a 100644
--- a/include/openssl/dh.h
+++ b/include/openssl/dh.h
@@ -20,6 +20,7 @@
 # if OPENSSL_API_COMPAT < 0x10100000L
 #  include <openssl/bn.h>
 # endif
+# include <openssl/dherr.h>
 
 # ifdef  __cplusplus
 extern "C" {
@@ -308,52 +309,8 @@ int DH_meth_set_generate_params(DH_METHOD *dhm,
 # define EVP_PKEY_DH_KDF_X9_42                           2
 # endif
 
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-
 int ERR_load_DH_strings(void);
 
-/* Error codes for the DH functions. */
-
-/* Function codes. */
-# define DH_F_COMPUTE_KEY                                 102
-# define DH_F_DHPARAMS_PRINT_FP                           101
-# define DH_F_DH_BUILTIN_GENPARAMS                        106
-# define DH_F_DH_CMS_DECRYPT                              114
-# define DH_F_DH_CMS_SET_PEERKEY                          115
-# define DH_F_DH_CMS_SET_SHARED_INFO                      116
-# define DH_F_DH_METH_DUP                                 117
-# define DH_F_DH_METH_NEW                                 118
-# define DH_F_DH_METH_SET1_NAME                           119
-# define DH_F_DH_NEW_METHOD                               105
-# define DH_F_DH_PARAM_DECODE                             107
-# define DH_F_DH_PRIV_DECODE                              110
-# define DH_F_DH_PRIV_ENCODE                              111
-# define DH_F_DH_PUB_DECODE                               108
-# define DH_F_DH_PUB_ENCODE                               109
-# define DH_F_DO_DH_PRINT                                 100
-# define DH_F_GENERATE_KEY                                103
-# define DH_F_PKEY_DH_DERIVE                              112
-# define DH_F_PKEY_DH_KEYGEN                              113
-
-/* Reason codes. */
-# define DH_R_BAD_GENERATOR                               101
-# define DH_R_BN_DECODE_ERROR                             109
-# define DH_R_BN_ERROR                                    106
-# define DH_R_DECODE_ERROR                                104
-# define DH_R_INVALID_PUBKEY                              102
-# define DH_R_KDF_PARAMETER_ERROR                         112
-# define DH_R_KEYS_NOT_SET                                108
-# define DH_R_MODULUS_TOO_LARGE                           103
-# define DH_R_NO_PARAMETERS_SET                           107
-# define DH_R_NO_PRIVATE_VALUE                            100
-# define DH_R_PARAMETER_ENCODING_ERROR                    105
-# define DH_R_PEER_KEY_ERROR                              111
-# define DH_R_SHARED_INFO_ERROR                           113
-
 #  ifdef  __cplusplus
 }
 #  endif
diff --git a/include/openssl/dherr.h b/include/openssl/dherr.h
new file mode 100644
index 0000000..51b6084
--- /dev/null
+++ b/include/openssl/dherr.h
@@ -0,0 +1,62 @@
+/*
+ * Generated by util/mkerr.pl DO NOT EDIT
+ * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the OpenSSL license (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef HEADER_DHERR_H
+# define HEADER_DHERR_H
+
+# ifdef  __cplusplus
+extern "C" {
+# endif
+int ERR_load_DH_strings(void);
+# ifdef  __cplusplus
+}
+# endif
+
+/*
+ * DH function codes.
+ */
+# define DH_F_COMPUTE_KEY                                 102
+# define DH_F_DHPARAMS_PRINT_FP                           101
+# define DH_F_DH_BUILTIN_GENPARAMS                        106
+# define DH_F_DH_CMS_DECRYPT                              114
+# define DH_F_DH_CMS_SET_PEERKEY                          115
+# define DH_F_DH_CMS_SET_SHARED_INFO                      116
+# define DH_F_DH_METH_DUP                                 117
+# define DH_F_DH_METH_NEW                                 118
+# define DH_F_DH_METH_SET1_NAME                           119
+# define DH_F_DH_NEW_METHOD                               105
+# define DH_F_DH_PARAM_DECODE                             107
+# define DH_F_DH_PRIV_DECODE                              110
+# define DH_F_DH_PRIV_ENCODE                              111
+# define DH_F_DH_PUB_DECODE                               108
+# define DH_F_DH_PUB_ENCODE                               109
+# define DH_F_DO_DH_PRINT                                 100
+# define DH_F_GENERATE_KEY                                103
+# define DH_F_PKEY_DH_DERIVE                              112
+# define DH_F_PKEY_DH_KEYGEN                              113
+
+/*
+ * DH reason codes.
+ */
+# define DH_R_BAD_GENERATOR                               101
+# define DH_R_BN_DECODE_ERROR                             109
+# define DH_R_BN_ERROR                                    106
+# define DH_R_DECODE_ERROR                                104
+# define DH_R_INVALID_PUBKEY                              102
+# define DH_R_KDF_PARAMETER_ERROR                         112
+# define DH_R_KEYS_NOT_SET                                108
+# define DH_R_MODULUS_TOO_LARGE                           103
+# define DH_R_NO_PARAMETERS_SET                           107
+# define DH_R_NO_PRIVATE_VALUE                            100
+# define DH_R_PARAMETER_ENCODING_ERROR                    105
+# define DH_R_PEER_KEY_ERROR                              111
+# define DH_R_SHARED_INFO_ERROR                           113
+
+#endif
diff --git a/include/openssl/dsa.h b/include/openssl/dsa.h
index d03e6de..4acf68e 100644
--- a/include/openssl/dsa.h
+++ b/include/openssl/dsa.h
@@ -30,6 +30,7 @@ extern "C" {
 # if OPENSSL_API_COMPAT < 0x10100000L
 #  include <openssl/dh.h>
 # endif
+# include <openssl/dsaerr.h>
 
 # ifndef OPENSSL_DSA_MAX_MODULUS_BITS
 #  define OPENSSL_DSA_MAX_MODULUS_BITS   10000
@@ -228,54 +229,8 @@ int DSA_meth_set_paramgen(DSA_METHOD *dsam,
 int (*DSA_meth_get_keygen(const DSA_METHOD *dsam)) (DSA *);
 int DSA_meth_set_keygen(DSA_METHOD *dsam, int (*keygen) (DSA *));
 
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-
 int ERR_load_DSA_strings(void);
 
-/* Error codes for the DSA functions. */
-
-/* Function codes. */
-# define DSA_F_DSAPARAMS_PRINT                            100
-# define DSA_F_DSAPARAMS_PRINT_FP                         101
-# define DSA_F_DSA_BUILTIN_PARAMGEN                       125
-# define DSA_F_DSA_BUILTIN_PARAMGEN2                      126
-# define DSA_F_DSA_DO_SIGN                                112
-# define DSA_F_DSA_DO_VERIFY                              113
-# define DSA_F_DSA_METH_DUP                               127
-# define DSA_F_DSA_METH_NEW                               128
-# define DSA_F_DSA_METH_SET1_NAME                         129
-# define DSA_F_DSA_NEW_METHOD                             103
-# define DSA_F_DSA_PARAM_DECODE                           119
-# define DSA_F_DSA_PRINT_FP                               105
-# define DSA_F_DSA_PRIV_DECODE                            115
-# define DSA_F_DSA_PRIV_ENCODE                            116
-# define DSA_F_DSA_PUB_DECODE                             117
-# define DSA_F_DSA_PUB_ENCODE                             118
-# define DSA_F_DSA_SIGN                                   106
-# define DSA_F_DSA_SIGN_SETUP                             107
-# define DSA_F_DSA_SIG_NEW                                102
-# define DSA_F_OLD_DSA_PRIV_DECODE                        122
-# define DSA_F_PKEY_DSA_CTRL                              120
-# define DSA_F_PKEY_DSA_KEYGEN                            121
-
-/* Reason codes. */
-# define DSA_R_BAD_Q_VALUE                                102
-# define DSA_R_BN_DECODE_ERROR                            108
-# define DSA_R_BN_ERROR                                   109
-# define DSA_R_DECODE_ERROR                               104
-# define DSA_R_INVALID_DIGEST_TYPE                        106
-# define DSA_R_INVALID_PARAMETERS                         112
-# define DSA_R_MISSING_PARAMETERS                         101
-# define DSA_R_MODULUS_TOO_LARGE                          103
-# define DSA_R_NO_PARAMETERS_SET                          107
-# define DSA_R_PARAMETER_ENCODING_ERROR                   105
-# define DSA_R_Q_NOT_PRIME                                113
-# define DSA_R_SEED_LEN_SMALL                             110
-
 #  ifdef  __cplusplus
 }
 #  endif
diff --git a/include/openssl/dsaerr.h b/include/openssl/dsaerr.h
new file mode 100644
index 0000000..357c226
--- /dev/null
+++ b/include/openssl/dsaerr.h
@@ -0,0 +1,64 @@
+/*
+ * Generated by util/mkerr.pl DO NOT EDIT
+ * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the OpenSSL license (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef HEADER_DSAERR_H
+# define HEADER_DSAERR_H
+
+# ifdef  __cplusplus
+extern "C" {
+# endif
+int ERR_load_DSA_strings(void);
+# ifdef  __cplusplus
+}
+# endif
+
+/*
+ * DSA function codes.
+ */
+# define DSA_F_DSAPARAMS_PRINT                            100
+# define DSA_F_DSAPARAMS_PRINT_FP                         101
+# define DSA_F_DSA_BUILTIN_PARAMGEN                       125
+# define DSA_F_DSA_BUILTIN_PARAMGEN2                      126
+# define DSA_F_DSA_DO_SIGN                                112
+# define DSA_F_DSA_DO_VERIFY                              113
+# define DSA_F_DSA_METH_DUP                               127
+# define DSA_F_DSA_METH_NEW                               128
+# define DSA_F_DSA_METH_SET1_NAME                         129
+# define DSA_F_DSA_NEW_METHOD                             103
+# define DSA_F_DSA_PARAM_DECODE                           119
+# define DSA_F_DSA_PRINT_FP                               105
+# define DSA_F_DSA_PRIV_DECODE                            115
+# define DSA_F_DSA_PRIV_ENCODE                            116
+# define DSA_F_DSA_PUB_DECODE                             117
+# define DSA_F_DSA_PUB_ENCODE                             118
+# define DSA_F_DSA_SIGN                                   106
+# define DSA_F_DSA_SIGN_SETUP                             107
+# define DSA_F_DSA_SIG_NEW                                102
+# define DSA_F_OLD_DSA_PRIV_DECODE                        122
+# define DSA_F_PKEY_DSA_CTRL                              120
+# define DSA_F_PKEY_DSA_KEYGEN                            121
+
+/*
+ * DSA reason codes.
+ */
+# define DSA_R_BAD_Q_VALUE                                102
+# define DSA_R_BN_DECODE_ERROR                            108
+# define DSA_R_BN_ERROR                                   109
+# define DSA_R_DECODE_ERROR                               104
+# define DSA_R_INVALID_DIGEST_TYPE                        106
+# define DSA_R_INVALID_PARAMETERS                         112
+# define DSA_R_MISSING_PARAMETERS                         101
+# define DSA_R_MODULUS_TOO_LARGE                          103
+# define DSA_R_NO_PARAMETERS_SET                          107
+# define DSA_R_PARAMETER_ENCODING_ERROR                   105
+# define DSA_R_Q_NOT_PRIME                                113
+# define DSA_R_SEED_LEN_SMALL                             110
+
+#endif
diff --git a/include/openssl/ec.h b/include/openssl/ec.h
index 205afff..f418df3 100644
--- a/include/openssl/ec.h
+++ b/include/openssl/ec.h
@@ -32,6 +32,7 @@
 # if OPENSSL_API_COMPAT < 0x10100000L
 #  include <openssl/bn.h>
 # endif
+# include <openssl/ecerr.h>
 # ifdef  __cplusplus
 extern "C" {
 # endif
@@ -1358,227 +1359,8 @@ void EC_KEY_METHOD_get_verify(EC_KEY_METHOD *meth,
 # define EVP_PKEY_ECDH_KDF_NONE                          1
 # define EVP_PKEY_ECDH_KDF_X9_62                         2
 
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-
 int ERR_load_EC_strings(void);
 
-/* Error codes for the EC functions. */
-
-/* Function codes. */
-# define EC_F_BN_TO_FELEM                                 224
-# define EC_F_D2I_ECPARAMETERS                            144
-# define EC_F_D2I_ECPKPARAMETERS                          145
-# define EC_F_D2I_ECPRIVATEKEY                            146
-# define EC_F_DO_EC_KEY_PRINT                             221
-# define EC_F_ECDH_CMS_DECRYPT                            238
-# define EC_F_ECDH_CMS_SET_SHARED_INFO                    239
-# define EC_F_ECDH_COMPUTE_KEY                            246
-# define EC_F_ECDH_SIMPLE_COMPUTE_KEY                     257
-# define EC_F_ECDSA_DO_SIGN_EX                            251
-# define EC_F_ECDSA_DO_VERIFY                             252
-# define EC_F_ECDSA_SIGN_EX                               254
-# define EC_F_ECDSA_SIGN_SETUP                            248
-# define EC_F_ECDSA_SIG_NEW                               265
-# define EC_F_ECDSA_VERIFY                                253
-# define EC_F_ECD_ITEM_VERIFY                             272
-# define EC_F_ECKEY_PARAM2TYPE                            223
-# define EC_F_ECKEY_PARAM_DECODE                          212
-# define EC_F_ECKEY_PRIV_DECODE                           213
-# define EC_F_ECKEY_PRIV_ENCODE                           214
-# define EC_F_ECKEY_PUB_DECODE                            215
-# define EC_F_ECKEY_PUB_ENCODE                            216
-# define EC_F_ECKEY_TYPE2PARAM                            220
-# define EC_F_ECPARAMETERS_PRINT                          147
-# define EC_F_ECPARAMETERS_PRINT_FP                       148
-# define EC_F_ECPKPARAMETERS_PRINT                        149
-# define EC_F_ECPKPARAMETERS_PRINT_FP                     150
-# define EC_F_ECP_NISTZ256_GET_AFFINE                     240
-# define EC_F_ECP_NISTZ256_MULT_PRECOMPUTE                243
-# define EC_F_ECP_NISTZ256_POINTS_MUL                     241
-# define EC_F_ECP_NISTZ256_PRE_COMP_NEW                   244
-# define EC_F_ECP_NISTZ256_WINDOWED_MUL                   242
-# define EC_F_ECX_KEY_OP                                  266
-# define EC_F_ECX_PRIV_ENCODE                             267
-# define EC_F_ECX_PUB_ENCODE                              268
-# define EC_F_EC_ASN1_GROUP2CURVE                         153
-# define EC_F_EC_ASN1_GROUP2FIELDID                       154
-# define EC_F_EC_GF2M_MONTGOMERY_POINT_MULTIPLY           208
-# define EC_F_EC_GF2M_SIMPLE_GROUP_CHECK_DISCRIMINANT     159
-# define EC_F_EC_GF2M_SIMPLE_GROUP_SET_CURVE              195
-# define EC_F_EC_GF2M_SIMPLE_OCT2POINT                    160
-# define EC_F_EC_GF2M_SIMPLE_POINT2OCT                    161
-# define EC_F_EC_GF2M_SIMPLE_POINT_GET_AFFINE_COORDINATES 162
-# define EC_F_EC_GF2M_SIMPLE_POINT_SET_AFFINE_COORDINATES 163
-# define EC_F_EC_GF2M_SIMPLE_SET_COMPRESSED_COORDINATES   164
-# define EC_F_EC_GFP_MONT_FIELD_DECODE                    133
-# define EC_F_EC_GFP_MONT_FIELD_ENCODE                    134
-# define EC_F_EC_GFP_MONT_FIELD_MUL                       131
-# define EC_F_EC_GFP_MONT_FIELD_SET_TO_ONE                209
-# define EC_F_EC_GFP_MONT_FIELD_SQR                       132
-# define EC_F_EC_GFP_MONT_GROUP_SET_CURVE                 189
-# define EC_F_EC_GFP_NISTP224_GROUP_SET_CURVE             225
-# define EC_F_EC_GFP_NISTP224_POINTS_MUL                  228
-# define EC_F_EC_GFP_NISTP224_POINT_GET_AFFINE_COORDINATES 226
-# define EC_F_EC_GFP_NISTP256_GROUP_SET_CURVE             230
-# define EC_F_EC_GFP_NISTP256_POINTS_MUL                  231
-# define EC_F_EC_GFP_NISTP256_POINT_GET_AFFINE_COORDINATES 232
-# define EC_F_EC_GFP_NISTP521_GROUP_SET_CURVE             233
-# define EC_F_EC_GFP_NISTP521_POINTS_MUL                  234
-# define EC_F_EC_GFP_NISTP521_POINT_GET_AFFINE_COORDINATES 235
-# define EC_F_EC_GFP_NIST_FIELD_MUL                       200
-# define EC_F_EC_GFP_NIST_FIELD_SQR                       201
-# define EC_F_EC_GFP_NIST_GROUP_SET_CURVE                 202
-# define EC_F_EC_GFP_SIMPLE_GROUP_CHECK_DISCRIMINANT      165
-# define EC_F_EC_GFP_SIMPLE_GROUP_SET_CURVE               166
-# define EC_F_EC_GFP_SIMPLE_MAKE_AFFINE                   102
-# define EC_F_EC_GFP_SIMPLE_OCT2POINT                     103
-# define EC_F_EC_GFP_SIMPLE_POINT2OCT                     104
-# define EC_F_EC_GFP_SIMPLE_POINTS_MAKE_AFFINE            137
-# define EC_F_EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES  167
-# define EC_F_EC_GFP_SIMPLE_POINT_SET_AFFINE_COORDINATES  168
-# define EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES    169
-# define EC_F_EC_GROUP_CHECK                              170
-# define EC_F_EC_GROUP_CHECK_DISCRIMINANT                 171
-# define EC_F_EC_GROUP_COPY                               106
-# define EC_F_EC_GROUP_GET_CURVE_GF2M                     172
-# define EC_F_EC_GROUP_GET_CURVE_GFP                      130
-# define EC_F_EC_GROUP_GET_DEGREE                         173
-# define EC_F_EC_GROUP_GET_ECPARAMETERS                   261
-# define EC_F_EC_GROUP_GET_ECPKPARAMETERS                 262
-# define EC_F_EC_GROUP_GET_PENTANOMIAL_BASIS              193
-# define EC_F_EC_GROUP_GET_TRINOMIAL_BASIS                194
-# define EC_F_EC_GROUP_NEW                                108
-# define EC_F_EC_GROUP_NEW_BY_CURVE_NAME                  174
-# define EC_F_EC_GROUP_NEW_FROM_DATA                      175
-# define EC_F_EC_GROUP_NEW_FROM_ECPARAMETERS              263
-# define EC_F_EC_GROUP_NEW_FROM_ECPKPARAMETERS            264
-# define EC_F_EC_GROUP_SET_CURVE_GF2M                     176
-# define EC_F_EC_GROUP_SET_CURVE_GFP                      109
-# define EC_F_EC_GROUP_SET_GENERATOR                      111
-# define EC_F_EC_KEY_CHECK_KEY                            177
-# define EC_F_EC_KEY_COPY                                 178
-# define EC_F_EC_KEY_GENERATE_KEY                         179
-# define EC_F_EC_KEY_NEW                                  182
-# define EC_F_EC_KEY_NEW_METHOD                           245
-# define EC_F_EC_KEY_OCT2PRIV                             255
-# define EC_F_EC_KEY_PRINT                                180
-# define EC_F_EC_KEY_PRINT_FP                             181
-# define EC_F_EC_KEY_PRIV2OCT                             256
-# define EC_F_EC_KEY_SET_PUBLIC_KEY_AFFINE_COORDINATES    229
-# define EC_F_EC_KEY_SIMPLE_CHECK_KEY                     258
-# define EC_F_EC_KEY_SIMPLE_OCT2PRIV                      259
-# define EC_F_EC_KEY_SIMPLE_PRIV2OCT                      260
-# define EC_F_EC_POINTS_MAKE_AFFINE                       136
-# define EC_F_EC_POINT_ADD                                112
-# define EC_F_EC_POINT_CMP                                113
-# define EC_F_EC_POINT_COPY                               114
-# define EC_F_EC_POINT_DBL                                115
-# define EC_F_EC_POINT_GET_AFFINE_COORDINATES_GF2M        183
-# define EC_F_EC_POINT_GET_AFFINE_COORDINATES_GFP         116
-# define EC_F_EC_POINT_GET_JPROJECTIVE_COORDINATES_GFP    117
-# define EC_F_EC_POINT_INVERT                             210
-# define EC_F_EC_POINT_IS_AT_INFINITY                     118
-# define EC_F_EC_POINT_IS_ON_CURVE                        119
-# define EC_F_EC_POINT_MAKE_AFFINE                        120
-# define EC_F_EC_POINT_NEW                                121
-# define EC_F_EC_POINT_OCT2POINT                          122
-# define EC_F_EC_POINT_POINT2OCT                          123
-# define EC_F_EC_POINT_SET_AFFINE_COORDINATES_GF2M        185
-# define EC_F_EC_POINT_SET_AFFINE_COORDINATES_GFP         124
-# define EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GF2M    186
-# define EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GFP     125
-# define EC_F_EC_POINT_SET_JPROJECTIVE_COORDINATES_GFP    126
-# define EC_F_EC_POINT_SET_TO_INFINITY                    127
-# define EC_F_EC_PRE_COMP_NEW                             196
-# define EC_F_EC_WNAF_MUL                                 187
-# define EC_F_EC_WNAF_PRECOMPUTE_MULT                     188
-# define EC_F_I2D_ECPARAMETERS                            190
-# define EC_F_I2D_ECPKPARAMETERS                          191
-# define EC_F_I2D_ECPRIVATEKEY                            192
-# define EC_F_I2O_ECPUBLICKEY                             151
-# define EC_F_NISTP224_PRE_COMP_NEW                       227
-# define EC_F_NISTP256_PRE_COMP_NEW                       236
-# define EC_F_NISTP521_PRE_COMP_NEW                       237
-# define EC_F_O2I_ECPUBLICKEY                             152
-# define EC_F_OLD_EC_PRIV_DECODE                          222
-# define EC_F_OSSL_ECDH_COMPUTE_KEY                       247
-# define EC_F_OSSL_ECDSA_SIGN_SIG                         249
-# define EC_F_OSSL_ECDSA_VERIFY_SIG                       250
-# define EC_F_PKEY_ECD_CTRL                               270
-# define EC_F_PKEY_ECD_DIGESTSIGN                         271
-# define EC_F_PKEY_ECX_DERIVE                             269
-# define EC_F_PKEY_EC_CTRL                                197
-# define EC_F_PKEY_EC_CTRL_STR                            198
-# define EC_F_PKEY_EC_DERIVE                              217
-# define EC_F_PKEY_EC_KEYGEN                              199
-# define EC_F_PKEY_EC_PARAMGEN                            219
-# define EC_F_PKEY_EC_SIGN                                218
-
-/* Reason codes. */
-# define EC_R_ASN1_ERROR                                  115
-# define EC_R_BAD_SIGNATURE                               156
-# define EC_R_BIGNUM_OUT_OF_RANGE                         144
-# define EC_R_BUFFER_TOO_SMALL                            100
-# define EC_R_COORDINATES_OUT_OF_RANGE                    146
-# define EC_R_CURVE_DOES_NOT_SUPPORT_ECDH                 160
-# define EC_R_CURVE_DOES_NOT_SUPPORT_SIGNING              159
-# define EC_R_D2I_ECPKPARAMETERS_FAILURE                  117
-# define EC_R_DECODE_ERROR                                142
-# define EC_R_DISCRIMINANT_IS_ZERO                        118
-# define EC_R_EC_GROUP_NEW_BY_NAME_FAILURE                119
-# define EC_R_FIELD_TOO_LARGE                             143
-# define EC_R_GF2M_NOT_SUPPORTED                          147
-# define EC_R_GROUP2PKPARAMETERS_FAILURE                  120
-# define EC_R_I2D_ECPKPARAMETERS_FAILURE                  121
-# define EC_R_INCOMPATIBLE_OBJECTS                        101
-# define EC_R_INVALID_ARGUMENT                            112
-# define EC_R_INVALID_COMPRESSED_POINT                    110
-# define EC_R_INVALID_COMPRESSION_BIT                     109
-# define EC_R_INVALID_CURVE                               141
-# define EC_R_INVALID_DIGEST                              151
-# define EC_R_INVALID_DIGEST_TYPE                         138
-# define EC_R_INVALID_ENCODING                            102
-# define EC_R_INVALID_FIELD                               103
-# define EC_R_INVALID_FORM                                104
-# define EC_R_INVALID_GROUP_ORDER                         122
-# define EC_R_INVALID_KEY                                 116
-# define EC_R_INVALID_OUTPUT_LENGTH                       161
-# define EC_R_INVALID_PEER_KEY                            133
-# define EC_R_INVALID_PENTANOMIAL_BASIS                   132
-# define EC_R_INVALID_PRIVATE_KEY                         123
-# define EC_R_INVALID_TRINOMIAL_BASIS                     137
-# define EC_R_KDF_PARAMETER_ERROR                         148
-# define EC_R_KEYS_NOT_SET                                140
-# define EC_R_MISSING_PARAMETERS                          124
-# define EC_R_MISSING_PRIVATE_KEY                         125
-# define EC_R_NEED_NEW_SETUP_VALUES                       157
-# define EC_R_NOT_A_NIST_PRIME                            135
-# define EC_R_NOT_IMPLEMENTED                             126
-# define EC_R_NOT_INITIALIZED                             111
-# define EC_R_NO_PARAMETERS_SET                           139
-# define EC_R_NO_PRIVATE_VALUE                            154
-# define EC_R_OPERATION_NOT_SUPPORTED                     152
-# define EC_R_PASSED_NULL_PARAMETER                       134
-# define EC_R_PEER_KEY_ERROR                              149
-# define EC_R_PKPARAMETERS2GROUP_FAILURE                  127
-# define EC_R_POINT_ARITHMETIC_FAILURE                    155
-# define EC_R_POINT_AT_INFINITY                           106
-# define EC_R_POINT_IS_NOT_ON_CURVE                       107
-# define EC_R_RANDOM_NUMBER_GENERATION_FAILED             158
-# define EC_R_SHARED_INFO_ERROR                           150
-# define EC_R_SLOT_FULL                                   108
-# define EC_R_UNDEFINED_GENERATOR                         113
-# define EC_R_UNDEFINED_ORDER                             128
-# define EC_R_UNKNOWN_GROUP                               129
-# define EC_R_UNKNOWN_ORDER                               114
-# define EC_R_UNSUPPORTED_FIELD                           131
-# define EC_R_WRONG_CURVE_PARAMETERS                      145
-# define EC_R_WRONG_ORDER                                 130
-
 #  ifdef  __cplusplus
 }
 #  endif
diff --git a/include/openssl/ecerr.h b/include/openssl/ecerr.h
new file mode 100644
index 0000000..55caec4
--- /dev/null
+++ b/include/openssl/ecerr.h
@@ -0,0 +1,237 @@
+/*
+ * Generated by util/mkerr.pl DO NOT EDIT
+ * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the OpenSSL license (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef HEADER_ECERR_H
+# define HEADER_ECERR_H
+
+# ifdef  __cplusplus
+extern "C" {
+# endif
+int ERR_load_EC_strings(void);
+# ifdef  __cplusplus
+}
+# endif
+
+/*
+ * EC function codes.
+ */
+# define EC_F_BN_TO_FELEM                                 224
+# define EC_F_D2I_ECPARAMETERS                            144
+# define EC_F_D2I_ECPKPARAMETERS                          145
+# define EC_F_D2I_ECPRIVATEKEY                            146
+# define EC_F_DO_EC_KEY_PRINT                             221
+# define EC_F_ECDH_CMS_DECRYPT                            238
+# define EC_F_ECDH_CMS_SET_SHARED_INFO                    239
+# define EC_F_ECDH_COMPUTE_KEY                            246
+# define EC_F_ECDH_SIMPLE_COMPUTE_KEY                     257
+# define EC_F_ECDSA_DO_SIGN_EX                            251
+# define EC_F_ECDSA_DO_VERIFY                             252
+# define EC_F_ECDSA_SIGN_EX                               254
+# define EC_F_ECDSA_SIGN_SETUP                            248
+# define EC_F_ECDSA_SIG_NEW                               265
+# define EC_F_ECDSA_VERIFY                                253
+# define EC_F_ECD_ITEM_VERIFY                             270
+# define EC_F_ECKEY_PARAM2TYPE                            223
+# define EC_F_ECKEY_PARAM_DECODE                          212
+# define EC_F_ECKEY_PRIV_DECODE                           213
+# define EC_F_ECKEY_PRIV_ENCODE                           214
+# define EC_F_ECKEY_PUB_DECODE                            215
+# define EC_F_ECKEY_PUB_ENCODE                            216
+# define EC_F_ECKEY_TYPE2PARAM                            220
+# define EC_F_ECPARAMETERS_PRINT                          147
+# define EC_F_ECPARAMETERS_PRINT_FP                       148
+# define EC_F_ECPKPARAMETERS_PRINT                        149
+# define EC_F_ECPKPARAMETERS_PRINT_FP                     150
+# define EC_F_ECP_NISTZ256_GET_AFFINE                     240
+# define EC_F_ECP_NISTZ256_MULT_PRECOMPUTE                243
+# define EC_F_ECP_NISTZ256_POINTS_MUL                     241
+# define EC_F_ECP_NISTZ256_PRE_COMP_NEW                   244
+# define EC_F_ECP_NISTZ256_WINDOWED_MUL                   242
+# define EC_F_ECX_KEY_OP                                  266
+# define EC_F_ECX_PRIV_ENCODE                             267
+# define EC_F_ECX_PUB_ENCODE                              268
+# define EC_F_EC_ASN1_GROUP2CURVE                         153
+# define EC_F_EC_ASN1_GROUP2FIELDID                       154
+# define EC_F_EC_GF2M_MONTGOMERY_POINT_MULTIPLY           208
+# define EC_F_EC_GF2M_SIMPLE_GROUP_CHECK_DISCRIMINANT     159
+# define EC_F_EC_GF2M_SIMPLE_GROUP_SET_CURVE              195
+# define EC_F_EC_GF2M_SIMPLE_OCT2POINT                    160
+# define EC_F_EC_GF2M_SIMPLE_POINT2OCT                    161
+# define EC_F_EC_GF2M_SIMPLE_POINT_GET_AFFINE_COORDINATES 162
+# define EC_F_EC_GF2M_SIMPLE_POINT_SET_AFFINE_COORDINATES 163
+# define EC_F_EC_GF2M_SIMPLE_SET_COMPRESSED_COORDINATES   164
+# define EC_F_EC_GFP_MONT_FIELD_DECODE                    133
+# define EC_F_EC_GFP_MONT_FIELD_ENCODE                    134
+# define EC_F_EC_GFP_MONT_FIELD_MUL                       131
+# define EC_F_EC_GFP_MONT_FIELD_SET_TO_ONE                209
+# define EC_F_EC_GFP_MONT_FIELD_SQR                       132
+# define EC_F_EC_GFP_MONT_GROUP_SET_CURVE                 189
+# define EC_F_EC_GFP_NISTP224_GROUP_SET_CURVE             225
+# define EC_F_EC_GFP_NISTP224_POINTS_MUL                  228
+# define EC_F_EC_GFP_NISTP224_POINT_GET_AFFINE_COORDINATES 226
+# define EC_F_EC_GFP_NISTP256_GROUP_SET_CURVE             230
+# define EC_F_EC_GFP_NISTP256_POINTS_MUL                  231
+# define EC_F_EC_GFP_NISTP256_POINT_GET_AFFINE_COORDINATES 232
+# define EC_F_EC_GFP_NISTP521_GROUP_SET_CURVE             233
+# define EC_F_EC_GFP_NISTP521_POINTS_MUL                  234
+# define EC_F_EC_GFP_NISTP521_POINT_GET_AFFINE_COORDINATES 235
+# define EC_F_EC_GFP_NIST_FIELD_MUL                       200
+# define EC_F_EC_GFP_NIST_FIELD_SQR                       201
+# define EC_F_EC_GFP_NIST_GROUP_SET_CURVE                 202
+# define EC_F_EC_GFP_SIMPLE_GROUP_CHECK_DISCRIMINANT      165
+# define EC_F_EC_GFP_SIMPLE_GROUP_SET_CURVE               166
+# define EC_F_EC_GFP_SIMPLE_MAKE_AFFINE                   102
+# define EC_F_EC_GFP_SIMPLE_OCT2POINT                     103
+# define EC_F_EC_GFP_SIMPLE_POINT2OCT                     104
+# define EC_F_EC_GFP_SIMPLE_POINTS_MAKE_AFFINE            137
+# define EC_F_EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES  167
+# define EC_F_EC_GFP_SIMPLE_POINT_SET_AFFINE_COORDINATES  168
+# define EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES    169
+# define EC_F_EC_GROUP_CHECK                              170
+# define EC_F_EC_GROUP_CHECK_DISCRIMINANT                 171
+# define EC_F_EC_GROUP_COPY                               106
+# define EC_F_EC_GROUP_GET_CURVE_GF2M                     172
+# define EC_F_EC_GROUP_GET_CURVE_GFP                      130
+# define EC_F_EC_GROUP_GET_DEGREE                         173
+# define EC_F_EC_GROUP_GET_ECPARAMETERS                   261
+# define EC_F_EC_GROUP_GET_ECPKPARAMETERS                 262
+# define EC_F_EC_GROUP_GET_PENTANOMIAL_BASIS              193
+# define EC_F_EC_GROUP_GET_TRINOMIAL_BASIS                194
+# define EC_F_EC_GROUP_NEW                                108
+# define EC_F_EC_GROUP_NEW_BY_CURVE_NAME                  174
+# define EC_F_EC_GROUP_NEW_FROM_DATA                      175
+# define EC_F_EC_GROUP_NEW_FROM_ECPARAMETERS              263
+# define EC_F_EC_GROUP_NEW_FROM_ECPKPARAMETERS            264
+# define EC_F_EC_GROUP_SET_CURVE_GF2M                     176
+# define EC_F_EC_GROUP_SET_CURVE_GFP                      109
+# define EC_F_EC_GROUP_SET_GENERATOR                      111
+# define EC_F_EC_KEY_CHECK_KEY                            177
+# define EC_F_EC_KEY_COPY                                 178
+# define EC_F_EC_KEY_GENERATE_KEY                         179
+# define EC_F_EC_KEY_NEW                                  182
+# define EC_F_EC_KEY_NEW_METHOD                           245
+# define EC_F_EC_KEY_OCT2PRIV                             255
+# define EC_F_EC_KEY_PRINT                                180
+# define EC_F_EC_KEY_PRINT_FP                             181
+# define EC_F_EC_KEY_PRIV2OCT                             256
+# define EC_F_EC_KEY_SET_PUBLIC_KEY_AFFINE_COORDINATES    229
+# define EC_F_EC_KEY_SIMPLE_CHECK_KEY                     258
+# define EC_F_EC_KEY_SIMPLE_OCT2PRIV                      259
+# define EC_F_EC_KEY_SIMPLE_PRIV2OCT                      260
+# define EC_F_EC_POINTS_MAKE_AFFINE                       136
+# define EC_F_EC_POINT_ADD                                112
+# define EC_F_EC_POINT_CMP                                113
+# define EC_F_EC_POINT_COPY                               114
+# define EC_F_EC_POINT_DBL                                115
+# define EC_F_EC_POINT_GET_AFFINE_COORDINATES_GF2M        183
+# define EC_F_EC_POINT_GET_AFFINE_COORDINATES_GFP         116
+# define EC_F_EC_POINT_GET_JPROJECTIVE_COORDINATES_GFP    117
+# define EC_F_EC_POINT_INVERT                             210
+# define EC_F_EC_POINT_IS_AT_INFINITY                     118
+# define EC_F_EC_POINT_IS_ON_CURVE                        119
+# define EC_F_EC_POINT_MAKE_AFFINE                        120
+# define EC_F_EC_POINT_NEW                                121
+# define EC_F_EC_POINT_OCT2POINT                          122
+# define EC_F_EC_POINT_POINT2OCT                          123
+# define EC_F_EC_POINT_SET_AFFINE_COORDINATES_GF2M        185
+# define EC_F_EC_POINT_SET_AFFINE_COORDINATES_GFP         124
+# define EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GF2M    186
+# define EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GFP     125
+# define EC_F_EC_POINT_SET_JPROJECTIVE_COORDINATES_GFP    126
+# define EC_F_EC_POINT_SET_TO_INFINITY                    127
+# define EC_F_EC_PRE_COMP_NEW                             196
+# define EC_F_EC_WNAF_MUL                                 187
+# define EC_F_EC_WNAF_PRECOMPUTE_MULT                     188
+# define EC_F_I2D_ECPARAMETERS                            190
+# define EC_F_I2D_ECPKPARAMETERS                          191
+# define EC_F_I2D_ECPRIVATEKEY                            192
+# define EC_F_I2O_ECPUBLICKEY                             151
+# define EC_F_NISTP224_PRE_COMP_NEW                       227
+# define EC_F_NISTP256_PRE_COMP_NEW                       236
+# define EC_F_NISTP521_PRE_COMP_NEW                       237
+# define EC_F_O2I_ECPUBLICKEY                             152
+# define EC_F_OLD_EC_PRIV_DECODE                          222
+# define EC_F_OSSL_ECDH_COMPUTE_KEY                       247
+# define EC_F_OSSL_ECDSA_SIGN_SIG                         249
+# define EC_F_OSSL_ECDSA_VERIFY_SIG                       250
+# define EC_F_PKEY_ECD_CTRL                               271
+# define EC_F_PKEY_ECD_DIGESTSIGN                         272
+# define EC_F_PKEY_ECX_DERIVE                             269
+# define EC_F_PKEY_EC_CTRL                                197
+# define EC_F_PKEY_EC_CTRL_STR                            198
+# define EC_F_PKEY_EC_DERIVE                              217
+# define EC_F_PKEY_EC_KEYGEN                              199
+# define EC_F_PKEY_EC_PARAMGEN                            219
+# define EC_F_PKEY_EC_SIGN                                218
+
+/*
+ * EC reason codes.
+ */
+# define EC_R_ASN1_ERROR                                  115
+# define EC_R_BAD_SIGNATURE                               156
+# define EC_R_BIGNUM_OUT_OF_RANGE                         144
+# define EC_R_BUFFER_TOO_SMALL                            100
+# define EC_R_COORDINATES_OUT_OF_RANGE                    146
+# define EC_R_CURVE_DOES_NOT_SUPPORT_ECDH                 160
+# define EC_R_CURVE_DOES_NOT_SUPPORT_SIGNING              159
+# define EC_R_D2I_ECPKPARAMETERS_FAILURE                  117
+# define EC_R_DECODE_ERROR                                142
+# define EC_R_DISCRIMINANT_IS_ZERO                        118
+# define EC_R_EC_GROUP_NEW_BY_NAME_FAILURE                119
+# define EC_R_FIELD_TOO_LARGE                             143
+# define EC_R_GF2M_NOT_SUPPORTED                          147
+# define EC_R_GROUP2PKPARAMETERS_FAILURE                  120
+# define EC_R_I2D_ECPKPARAMETERS_FAILURE                  121
+# define EC_R_INCOMPATIBLE_OBJECTS                        101
+# define EC_R_INVALID_ARGUMENT                            112
+# define EC_R_INVALID_COMPRESSED_POINT                    110
+# define EC_R_INVALID_COMPRESSION_BIT                     109
+# define EC_R_INVALID_CURVE                               141
+# define EC_R_INVALID_DIGEST                              151
+# define EC_R_INVALID_DIGEST_TYPE                         138
+# define EC_R_INVALID_ENCODING                            102
+# define EC_R_INVALID_FIELD                               103
+# define EC_R_INVALID_FORM                                104
+# define EC_R_INVALID_GROUP_ORDER                         122
+# define EC_R_INVALID_KEY                                 116
+# define EC_R_INVALID_OUTPUT_LENGTH                       161
+# define EC_R_INVALID_PEER_KEY                            133
+# define EC_R_INVALID_PENTANOMIAL_BASIS                   132
+# define EC_R_INVALID_PRIVATE_KEY                         123
+# define EC_R_INVALID_TRINOMIAL_BASIS                     137
+# define EC_R_KDF_PARAMETER_ERROR                         148
+# define EC_R_KEYS_NOT_SET                                140
+# define EC_R_MISSING_PARAMETERS                          124
+# define EC_R_MISSING_PRIVATE_KEY                         125
+# define EC_R_NEED_NEW_SETUP_VALUES                       157
+# define EC_R_NOT_A_NIST_PRIME                            135
+# define EC_R_NOT_IMPLEMENTED                             126
+# define EC_R_NOT_INITIALIZED                             111
+# define EC_R_NO_PARAMETERS_SET                           139
+# define EC_R_NO_PRIVATE_VALUE                            154
+# define EC_R_OPERATION_NOT_SUPPORTED                     152
+# define EC_R_PASSED_NULL_PARAMETER                       134
+# define EC_R_PEER_KEY_ERROR                              149
+# define EC_R_PKPARAMETERS2GROUP_FAILURE                  127
+# define EC_R_POINT_ARITHMETIC_FAILURE                    155
+# define EC_R_POINT_AT_INFINITY                           106
+# define EC_R_POINT_IS_NOT_ON_CURVE                       107
+# define EC_R_RANDOM_NUMBER_GENERATION_FAILED             158
+# define EC_R_SHARED_INFO_ERROR                           150
+# define EC_R_SLOT_FULL                                   108
+# define EC_R_UNDEFINED_GENERATOR                         113
+# define EC_R_UNDEFINED_ORDER                             128
+# define EC_R_UNKNOWN_GROUP                               129
+# define EC_R_UNKNOWN_ORDER                               114
+# define EC_R_UNSUPPORTED_FIELD                           131
+# define EC_R_WRONG_CURVE_PARAMETERS                      145
+# define EC_R_WRONG_ORDER                                 130
+
+#endif
diff --git a/include/openssl/engine.h b/include/openssl/engine.h
index 1544cc4..ca3fcbc 100644
--- a/include/openssl/engine.h
+++ b/include/openssl/engine.h
@@ -32,6 +32,7 @@
 # include <openssl/ossl_typ.h>
 # include <openssl/symhacks.h>
 # include <openssl/x509.h>
+# include <openssl/engineerr.h>
 # ifdef  __cplusplus
 extern "C" {
 # endif
@@ -747,92 +748,8 @@ void *ENGINE_get_static_state(void);
 DEPRECATEDIN_1_1_0(void ENGINE_setup_bsd_cryptodev(void))
 # endif
 
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-
 int ERR_load_ENGINE_strings(void);
 
-/* Error codes for the ENGINE functions. */
-
-/* Function codes. */
-# define ENGINE_F_DYNAMIC_CTRL                            180
-# define ENGINE_F_DYNAMIC_GET_DATA_CTX                    181
-# define ENGINE_F_DYNAMIC_LOAD                            182
-# define ENGINE_F_DYNAMIC_SET_DATA_CTX                    183
-# define ENGINE_F_ENGINE_ADD                              105
-# define ENGINE_F_ENGINE_BY_ID                            106
-# define ENGINE_F_ENGINE_CMD_IS_EXECUTABLE                170
-# define ENGINE_F_ENGINE_CTRL                             142
-# define ENGINE_F_ENGINE_CTRL_CMD                         178
-# define ENGINE_F_ENGINE_CTRL_CMD_STRING                  171
-# define ENGINE_F_ENGINE_FINISH                           107
-# define ENGINE_F_ENGINE_GET_CIPHER                       185
-# define ENGINE_F_ENGINE_GET_DIGEST                       186
-# define ENGINE_F_ENGINE_GET_FIRST                        195
-# define ENGINE_F_ENGINE_GET_LAST                         196
-# define ENGINE_F_ENGINE_GET_NEXT                         115
-# define ENGINE_F_ENGINE_GET_PKEY_ASN1_METH               193
-# define ENGINE_F_ENGINE_GET_PKEY_METH                    192
-# define ENGINE_F_ENGINE_GET_PREV                         116
-# define ENGINE_F_ENGINE_INIT                             119
-# define ENGINE_F_ENGINE_LIST_ADD                         120
-# define ENGINE_F_ENGINE_LIST_REMOVE                      121
-# define ENGINE_F_ENGINE_LOAD_PRIVATE_KEY                 150
-# define ENGINE_F_ENGINE_LOAD_PUBLIC_KEY                  151
-# define ENGINE_F_ENGINE_LOAD_SSL_CLIENT_CERT             194
-# define ENGINE_F_ENGINE_NEW                              122
-# define ENGINE_F_ENGINE_PKEY_ASN1_FIND_STR               197
-# define ENGINE_F_ENGINE_REMOVE                           123
-# define ENGINE_F_ENGINE_SET_DEFAULT_STRING               189
-# define ENGINE_F_ENGINE_SET_ID                           129
-# define ENGINE_F_ENGINE_SET_NAME                         130
-# define ENGINE_F_ENGINE_TABLE_REGISTER                   184
-# define ENGINE_F_ENGINE_UNLOCKED_FINISH                  191
-# define ENGINE_F_ENGINE_UP_REF                           190
-# define ENGINE_F_INT_CTRL_HELPER                         172
-# define ENGINE_F_INT_ENGINE_CONFIGURE                    188
-# define ENGINE_F_INT_ENGINE_MODULE_INIT                  187
-
-/* Reason codes. */
-# define ENGINE_R_ALREADY_LOADED                          100
-# define ENGINE_R_ARGUMENT_IS_NOT_A_NUMBER                133
-# define ENGINE_R_CMD_NOT_EXECUTABLE                      134
-# define ENGINE_R_COMMAND_TAKES_INPUT                     135
-# define ENGINE_R_COMMAND_TAKES_NO_INPUT                  136
-# define ENGINE_R_CONFLICTING_ENGINE_ID                   103
-# define ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED            119
-# define ENGINE_R_DSO_FAILURE                             104
-# define ENGINE_R_DSO_NOT_FOUND                           132
-# define ENGINE_R_ENGINES_SECTION_ERROR                   148
-# define ENGINE_R_ENGINE_CONFIGURATION_ERROR              102
-# define ENGINE_R_ENGINE_IS_NOT_IN_LIST                   105
-# define ENGINE_R_ENGINE_SECTION_ERROR                    149
-# define ENGINE_R_FAILED_LOADING_PRIVATE_KEY              128
-# define ENGINE_R_FAILED_LOADING_PUBLIC_KEY               129
-# define ENGINE_R_FINISH_FAILED                           106
-# define ENGINE_R_ID_OR_NAME_MISSING                      108
-# define ENGINE_R_INIT_FAILED                             109
-# define ENGINE_R_INTERNAL_LIST_ERROR                     110
-# define ENGINE_R_INVALID_ARGUMENT                        143
-# define ENGINE_R_INVALID_CMD_NAME                        137
-# define ENGINE_R_INVALID_CMD_NUMBER                      138
-# define ENGINE_R_INVALID_INIT_VALUE                      151
-# define ENGINE_R_INVALID_STRING                          150
-# define ENGINE_R_NOT_INITIALISED                         117
-# define ENGINE_R_NOT_LOADED                              112
-# define ENGINE_R_NO_CONTROL_FUNCTION                     120
-# define ENGINE_R_NO_INDEX                                144
-# define ENGINE_R_NO_LOAD_FUNCTION                        125
-# define ENGINE_R_NO_REFERENCE                            130
-# define ENGINE_R_NO_SUCH_ENGINE                          116
-# define ENGINE_R_UNIMPLEMENTED_CIPHER                    146
-# define ENGINE_R_UNIMPLEMENTED_DIGEST                    147
-# define ENGINE_R_UNIMPLEMENTED_PUBLIC_KEY_METHOD         101
-# define ENGINE_R_VERSION_INCOMPATIBILITY                 145
-
 #  ifdef  __cplusplus
 }
 #  endif
diff --git a/include/openssl/engineerr.h b/include/openssl/engineerr.h
new file mode 100644
index 0000000..2f35887
--- /dev/null
+++ b/include/openssl/engineerr.h
@@ -0,0 +1,102 @@
+/*
+ * Generated by util/mkerr.pl DO NOT EDIT
+ * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the OpenSSL license (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef HEADER_ENGINEERR_H
+# define HEADER_ENGINEERR_H
+
+# ifdef  __cplusplus
+extern "C" {
+# endif
+int ERR_load_ENGINE_strings(void);
+# ifdef  __cplusplus
+}
+# endif
+
+/*
+ * ENGINE function codes.
+ */
+# define ENGINE_F_DYNAMIC_CTRL                            180
+# define ENGINE_F_DYNAMIC_GET_DATA_CTX                    181
+# define ENGINE_F_DYNAMIC_LOAD                            182
+# define ENGINE_F_DYNAMIC_SET_DATA_CTX                    183
+# define ENGINE_F_ENGINE_ADD                              105
+# define ENGINE_F_ENGINE_BY_ID                            106
+# define ENGINE_F_ENGINE_CMD_IS_EXECUTABLE                170
+# define ENGINE_F_ENGINE_CTRL                             142
+# define ENGINE_F_ENGINE_CTRL_CMD                         178
+# define ENGINE_F_ENGINE_CTRL_CMD_STRING                  171
+# define ENGINE_F_ENGINE_FINISH                           107
+# define ENGINE_F_ENGINE_GET_CIPHER                       185
+# define ENGINE_F_ENGINE_GET_DIGEST                       186
+# define ENGINE_F_ENGINE_GET_FIRST                        195
+# define ENGINE_F_ENGINE_GET_LAST                         196
+# define ENGINE_F_ENGINE_GET_NEXT                         115
+# define ENGINE_F_ENGINE_GET_PKEY_ASN1_METH               193
+# define ENGINE_F_ENGINE_GET_PKEY_METH                    192
+# define ENGINE_F_ENGINE_GET_PREV                         116
+# define ENGINE_F_ENGINE_INIT                             119
+# define ENGINE_F_ENGINE_LIST_ADD                         120
+# define ENGINE_F_ENGINE_LIST_REMOVE                      121
+# define ENGINE_F_ENGINE_LOAD_PRIVATE_KEY                 150
+# define ENGINE_F_ENGINE_LOAD_PUBLIC_KEY                  151
+# define ENGINE_F_ENGINE_LOAD_SSL_CLIENT_CERT             194
+# define ENGINE_F_ENGINE_NEW                              122
+# define ENGINE_F_ENGINE_PKEY_ASN1_FIND_STR               197
+# define ENGINE_F_ENGINE_REMOVE                           123
+# define ENGINE_F_ENGINE_SET_DEFAULT_STRING               189
+# define ENGINE_F_ENGINE_SET_ID                           129
+# define ENGINE_F_ENGINE_SET_NAME                         130
+# define ENGINE_F_ENGINE_TABLE_REGISTER                   184
+# define ENGINE_F_ENGINE_UNLOCKED_FINISH                  191
+# define ENGINE_F_ENGINE_UP_REF                           190
+# define ENGINE_F_INT_CTRL_HELPER                         172
+# define ENGINE_F_INT_ENGINE_CONFIGURE                    188
+# define ENGINE_F_INT_ENGINE_MODULE_INIT                  187
+
+/*
+ * ENGINE reason codes.
+ */
+# define ENGINE_R_ALREADY_LOADED                          100
+# define ENGINE_R_ARGUMENT_IS_NOT_A_NUMBER                133
+# define ENGINE_R_CMD_NOT_EXECUTABLE                      134
+# define ENGINE_R_COMMAND_TAKES_INPUT                     135
+# define ENGINE_R_COMMAND_TAKES_NO_INPUT                  136
+# define ENGINE_R_CONFLICTING_ENGINE_ID                   103
+# define ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED            119
+# define ENGINE_R_DSO_FAILURE                             104
+# define ENGINE_R_DSO_NOT_FOUND                           132
+# define ENGINE_R_ENGINES_SECTION_ERROR                   148
+# define ENGINE_R_ENGINE_CONFIGURATION_ERROR              102
+# define ENGINE_R_ENGINE_IS_NOT_IN_LIST                   105
+# define ENGINE_R_ENGINE_SECTION_ERROR                    149
+# define ENGINE_R_FAILED_LOADING_PRIVATE_KEY              128
+# define ENGINE_R_FAILED_LOADING_PUBLIC_KEY               129
+# define ENGINE_R_FINISH_FAILED                           106
+# define ENGINE_R_ID_OR_NAME_MISSING                      108
+# define ENGINE_R_INIT_FAILED                             109
+# define ENGINE_R_INTERNAL_LIST_ERROR                     110
+# define ENGINE_R_INVALID_ARGUMENT                        143
+# define ENGINE_R_INVALID_CMD_NAME                        137
+# define ENGINE_R_INVALID_CMD_NUMBER                      138
+# define ENGINE_R_INVALID_INIT_VALUE                      151
+# define ENGINE_R_INVALID_STRING                          150
+# define ENGINE_R_NOT_INITIALISED                         117
+# define ENGINE_R_NOT_LOADED                              112
+# define ENGINE_R_NO_CONTROL_FUNCTION                     120
+# define ENGINE_R_NO_INDEX                                144
+# define ENGINE_R_NO_LOAD_FUNCTION                        125
+# define ENGINE_R_NO_REFERENCE                            130
+# define ENGINE_R_NO_SUCH_ENGINE                          116
+# define ENGINE_R_UNIMPLEMENTED_CIPHER                    146
+# define ENGINE_R_UNIMPLEMENTED_DIGEST                    147
+# define ENGINE_R_UNIMPLEMENTED_PUBLIC_KEY_METHOD         101
+# define ENGINE_R_VERSION_INCOMPATIBILITY                 145
+
+#endif
diff --git a/include/openssl/err.h b/include/openssl/err.h
index 29a261c..6661945 100644
--- a/include/openssl/err.h
+++ b/include/openssl/err.h
@@ -234,8 +234,9 @@ void ERR_print_errors_fp(FILE *fp);
 void ERR_print_errors(BIO *bp);
 void ERR_add_error_data(int num, ...);
 void ERR_add_error_vdata(int num, va_list args);
-int ERR_load_strings(int lib, ERR_STRING_DATA str[]);
-int ERR_unload_strings(int lib, ERR_STRING_DATA str[]);
+int ERR_load_strings(int lib, ERR_STRING_DATA *str);
+int ERR_load_strings_const(const ERR_STRING_DATA *str);
+int ERR_unload_strings(int lib, ERR_STRING_DATA *str);
 int ERR_load_ERR_strings(void);
 
 #if OPENSSL_API_COMPAT < 0x10100000L
diff --git a/include/openssl/evp.h b/include/openssl/evp.h
index 0105dd0..4d7326b 100644
--- a/include/openssl/evp.h
+++ b/include/openssl/evp.h
@@ -14,6 +14,7 @@
 # include <openssl/ossl_typ.h>
 # include <openssl/symhacks.h>
 # include <openssl/bio.h>
+# include <openssl/evperr.h>
 
 # define EVP_MAX_MD_SIZE                 64/* longest known is SHA512 */
 # define EVP_MAX_KEY_LENGTH              64
@@ -1510,157 +1511,8 @@ void EVP_PKEY_meth_get_ctrl(EVP_PKEY_METHOD *pmeth,
 
 void EVP_add_alg_module(void);
 
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-
 int ERR_load_EVP_strings(void);
 
-/* Error codes for the EVP functions. */
-
-/* Function codes. */
-# define EVP_F_AESNI_INIT_KEY                             165
-# define EVP_F_AES_INIT_KEY                               133
-# define EVP_F_AES_OCB_CIPHER                             169
-# define EVP_F_AES_T4_INIT_KEY                            178
-# define EVP_F_AES_WRAP_CIPHER                            170
-# define EVP_F_ALG_MODULE_INIT                            177
-# define EVP_F_ARIA_INIT_KEY                              185
-# define EVP_F_CAMELLIA_INIT_KEY                          159
-# define EVP_F_CHACHA20_POLY1305_CTRL                     182
-# define EVP_F_CMLL_T4_INIT_KEY                           179
-# define EVP_F_DES_EDE3_WRAP_CIPHER                       171
-# define EVP_F_DO_SIGVER_INIT                             161
-# define EVP_F_EVP_CIPHERINIT_EX                          123
-# define EVP_F_EVP_CIPHER_CTX_COPY                        163
-# define EVP_F_EVP_CIPHER_CTX_CTRL                        124
-# define EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH              122
-# define EVP_F_EVP_DECRYPTFINAL_EX                        101
-# define EVP_F_EVP_DECRYPTUPDATE                          166
-# define EVP_F_EVP_DIGESTINIT_EX                          128
-# define EVP_F_EVP_ENCRYPTFINAL_EX                        127
-# define EVP_F_EVP_ENCRYPTUPDATE                          167
-# define EVP_F_EVP_MD_CTX_COPY_EX                         110
-# define EVP_F_EVP_MD_SIZE                                162
-# define EVP_F_EVP_OPENINIT                               102
-# define EVP_F_EVP_PBE_ALG_ADD                            115
-# define EVP_F_EVP_PBE_ALG_ADD_TYPE                       160
-# define EVP_F_EVP_PBE_CIPHERINIT                         116
-# define EVP_F_EVP_PBE_SCRYPT                             181
-# define EVP_F_EVP_PKCS82PKEY                             111
-# define EVP_F_EVP_PKEY2PKCS8                             113
-# define EVP_F_EVP_PKEY_COPY_PARAMETERS                   103
-# define EVP_F_EVP_PKEY_CTX_CTRL                          137
-# define EVP_F_EVP_PKEY_CTX_CTRL_STR                      150
-# define EVP_F_EVP_PKEY_CTX_DUP                           156
-# define EVP_F_EVP_PKEY_CTX_MD                            168
-# define EVP_F_EVP_PKEY_DECRYPT                           104
-# define EVP_F_EVP_PKEY_DECRYPT_INIT                      138
-# define EVP_F_EVP_PKEY_DECRYPT_OLD                       151
-# define EVP_F_EVP_PKEY_DERIVE                            153
-# define EVP_F_EVP_PKEY_DERIVE_INIT                       154
-# define EVP_F_EVP_PKEY_DERIVE_SET_PEER                   155
-# define EVP_F_EVP_PKEY_ENCRYPT                           105
-# define EVP_F_EVP_PKEY_ENCRYPT_INIT                      139
-# define EVP_F_EVP_PKEY_ENCRYPT_OLD                       152
-# define EVP_F_EVP_PKEY_GET0_DH                           119
-# define EVP_F_EVP_PKEY_GET0_DSA                          120
-# define EVP_F_EVP_PKEY_GET0_EC_KEY                       131
-# define EVP_F_EVP_PKEY_GET0_HMAC                         183
-# define EVP_F_EVP_PKEY_GET0_POLY1305                     184
-# define EVP_F_EVP_PKEY_GET0_RSA                          121
-# define EVP_F_EVP_PKEY_GET0_SIPHASH                      172
-# define EVP_F_EVP_PKEY_KEYGEN                            146
-# define EVP_F_EVP_PKEY_KEYGEN_INIT                       147
-# define EVP_F_EVP_PKEY_NEW                               106
-# define EVP_F_EVP_PKEY_PARAMGEN                          148
-# define EVP_F_EVP_PKEY_PARAMGEN_INIT                     149
-# define EVP_F_EVP_PKEY_SIGN                              140
-# define EVP_F_EVP_PKEY_SIGN_INIT                         141
-# define EVP_F_EVP_PKEY_VERIFY                            142
-# define EVP_F_EVP_PKEY_VERIFY_INIT                       143
-# define EVP_F_EVP_PKEY_VERIFY_RECOVER                    144
-# define EVP_F_EVP_PKEY_VERIFY_RECOVER_INIT               145
-# define EVP_F_EVP_SIGNFINAL                              107
-# define EVP_F_EVP_VERIFYFINAL                            108
-# define EVP_F_INT_CTX_NEW                                157
-# define EVP_F_PKCS5_PBE_KEYIVGEN                         117
-# define EVP_F_PKCS5_V2_PBE_KEYIVGEN                      118
-# define EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN                   164
-# define EVP_F_PKCS5_V2_SCRYPT_KEYIVGEN                   180
-# define EVP_F_PKEY_SET_TYPE                              158
-# define EVP_F_RC2_MAGIC_TO_METH                          109
-# define EVP_F_RC5_CTRL                                   125
-# define EVP_F_UPDATE                                     173
-
-/* Reason codes. */
-# define EVP_R_AES_KEY_SETUP_FAILED                       143
-# define EVP_R_ARIA_KEY_SETUP_FAILED                      176
-# define EVP_R_BAD_DECRYPT                                100
-# define EVP_R_BUFFER_TOO_SMALL                           155
-# define EVP_R_CAMELLIA_KEY_SETUP_FAILED                  157
-# define EVP_R_CIPHER_PARAMETER_ERROR                     122
-# define EVP_R_COMMAND_NOT_SUPPORTED                      147
-# define EVP_R_COPY_ERROR                                 173
-# define EVP_R_CTRL_NOT_IMPLEMENTED                       132
-# define EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED             133
-# define EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH          138
-# define EVP_R_DECODE_ERROR                               114
-# define EVP_R_DIFFERENT_KEY_TYPES                        101
-# define EVP_R_DIFFERENT_PARAMETERS                       153
-# define EVP_R_ERROR_LOADING_SECTION                      165
-# define EVP_R_ERROR_SETTING_FIPS_MODE                    166
-# define EVP_R_EXPECTING_AN_HMAC_KEY                      174
-# define EVP_R_EXPECTING_AN_RSA_KEY                       127
-# define EVP_R_EXPECTING_A_DH_KEY                         128
-# define EVP_R_EXPECTING_A_DSA_KEY                        129
-# define EVP_R_EXPECTING_A_EC_KEY                         142
-# define EVP_R_EXPECTING_A_POLY1305_KEY                   164
-# define EVP_R_EXPECTING_A_SIPHASH_KEY                    175
-# define EVP_R_FIPS_MODE_NOT_SUPPORTED                    167
-# define EVP_R_ILLEGAL_SCRYPT_PARAMETERS                  171
-# define EVP_R_INITIALIZATION_ERROR                       134
-# define EVP_R_INPUT_NOT_INITIALIZED                      111
-# define EVP_R_INVALID_DIGEST                             152
-# define EVP_R_INVALID_FIPS_MODE                          168
-# define EVP_R_INVALID_KEY                                163
-# define EVP_R_INVALID_KEY_LENGTH                         130
-# define EVP_R_INVALID_OPERATION                          148
-# define EVP_R_KEYGEN_FAILURE                             120
-# define EVP_R_MEMORY_LIMIT_EXCEEDED                      172
-# define EVP_R_MESSAGE_DIGEST_IS_NULL                     159
-# define EVP_R_METHOD_NOT_SUPPORTED                       144
-# define EVP_R_MISSING_PARAMETERS                         103
-# define EVP_R_NO_CIPHER_SET                              131
-# define EVP_R_NO_DEFAULT_DIGEST                          158
-# define EVP_R_NO_DIGEST_SET                              139
-# define EVP_R_NO_KEY_SET                                 154
-# define EVP_R_NO_OPERATION_SET                           149
-# define EVP_R_ONLY_ONESHOT_SUPPORTED                     177
-# define EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE   150
-# define EVP_R_OPERATON_NOT_INITIALIZED                   151
-# define EVP_R_PARTIALLY_OVERLAPPING                      162
-# define EVP_R_PRIVATE_KEY_DECODE_ERROR                   145
-# define EVP_R_PRIVATE_KEY_ENCODE_ERROR                   146
-# define EVP_R_PUBLIC_KEY_NOT_RSA                         106
-# define EVP_R_UNKNOWN_CIPHER                             160
-# define EVP_R_UNKNOWN_DIGEST                             161
-# define EVP_R_UNKNOWN_OPTION                             169
-# define EVP_R_UNKNOWN_PBE_ALGORITHM                      121
-# define EVP_R_UNSUPPORTED_ALGORITHM                      156
-# define EVP_R_UNSUPPORTED_CIPHER                         107
-# define EVP_R_UNSUPPORTED_KEYLENGTH                      123
-# define EVP_R_UNSUPPORTED_KEY_DERIVATION_FUNCTION        124
-# define EVP_R_UNSUPPORTED_KEY_SIZE                       108
-# define EVP_R_UNSUPPORTED_NUMBER_OF_ROUNDS               135
-# define EVP_R_UNSUPPORTED_PRF                            125
-# define EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM          118
-# define EVP_R_UNSUPPORTED_SALT_TYPE                      126
-# define EVP_R_WRAP_MODE_NOT_ALLOWED                      170
-# define EVP_R_WRONG_FINAL_BLOCK_LENGTH                   109
-
 # ifdef  __cplusplus
 }
 # endif
diff --git a/include/openssl/evperr.h b/include/openssl/evperr.h
new file mode 100644
index 0000000..334d84e
--- /dev/null
+++ b/include/openssl/evperr.h
@@ -0,0 +1,167 @@
+/*
+ * Generated by util/mkerr.pl DO NOT EDIT
+ * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the OpenSSL license (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef HEADER_EVPERR_H
+# define HEADER_EVPERR_H
+
+# ifdef  __cplusplus
+extern "C" {
+# endif
+int ERR_load_EVP_strings(void);
+# ifdef  __cplusplus
+}
+# endif
+
+/*
+ * EVP function codes.
+ */
+# define EVP_F_AESNI_INIT_KEY                             165
+# define EVP_F_AES_INIT_KEY                               133
+# define EVP_F_AES_OCB_CIPHER                             169
+# define EVP_F_AES_T4_INIT_KEY                            178
+# define EVP_F_AES_WRAP_CIPHER                            170
+# define EVP_F_ALG_MODULE_INIT                            177
+# define EVP_F_ARIA_INIT_KEY                              185
+# define EVP_F_CAMELLIA_INIT_KEY                          159
+# define EVP_F_CHACHA20_POLY1305_CTRL                     182
+# define EVP_F_CMLL_T4_INIT_KEY                           179
+# define EVP_F_DES_EDE3_WRAP_CIPHER                       171
+# define EVP_F_DO_SIGVER_INIT                             161
+# define EVP_F_EVP_CIPHERINIT_EX                          123
+# define EVP_F_EVP_CIPHER_CTX_COPY                        163
+# define EVP_F_EVP_CIPHER_CTX_CTRL                        124
+# define EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH              122
+# define EVP_F_EVP_DECRYPTFINAL_EX                        101
+# define EVP_F_EVP_DECRYPTUPDATE                          166
+# define EVP_F_EVP_DIGESTINIT_EX                          128
+# define EVP_F_EVP_ENCRYPTFINAL_EX                        127
+# define EVP_F_EVP_ENCRYPTUPDATE                          167
+# define EVP_F_EVP_MD_CTX_COPY_EX                         110
+# define EVP_F_EVP_MD_SIZE                                162
+# define EVP_F_EVP_OPENINIT                               102
+# define EVP_F_EVP_PBE_ALG_ADD                            115
+# define EVP_F_EVP_PBE_ALG_ADD_TYPE                       160
+# define EVP_F_EVP_PBE_CIPHERINIT                         116
+# define EVP_F_EVP_PBE_SCRYPT                             181
+# define EVP_F_EVP_PKCS82PKEY                             111
+# define EVP_F_EVP_PKEY2PKCS8                             113
+# define EVP_F_EVP_PKEY_COPY_PARAMETERS                   103
+# define EVP_F_EVP_PKEY_CTX_CTRL                          137
+# define EVP_F_EVP_PKEY_CTX_CTRL_STR                      150
+# define EVP_F_EVP_PKEY_CTX_DUP                           156
+# define EVP_F_EVP_PKEY_CTX_MD                            168
+# define EVP_F_EVP_PKEY_DECRYPT                           104
+# define EVP_F_EVP_PKEY_DECRYPT_INIT                      138
+# define EVP_F_EVP_PKEY_DECRYPT_OLD                       151
+# define EVP_F_EVP_PKEY_DERIVE                            153
+# define EVP_F_EVP_PKEY_DERIVE_INIT                       154
+# define EVP_F_EVP_PKEY_DERIVE_SET_PEER                   155
+# define EVP_F_EVP_PKEY_ENCRYPT                           105
+# define EVP_F_EVP_PKEY_ENCRYPT_INIT                      139
+# define EVP_F_EVP_PKEY_ENCRYPT_OLD                       152
+# define EVP_F_EVP_PKEY_GET0_DH                           119
+# define EVP_F_EVP_PKEY_GET0_DSA                          120
+# define EVP_F_EVP_PKEY_GET0_EC_KEY                       131
+# define EVP_F_EVP_PKEY_GET0_HMAC                         183
+# define EVP_F_EVP_PKEY_GET0_POLY1305                     184
+# define EVP_F_EVP_PKEY_GET0_RSA                          121
+# define EVP_F_EVP_PKEY_GET0_SIPHASH                      172
+# define EVP_F_EVP_PKEY_KEYGEN                            146
+# define EVP_F_EVP_PKEY_KEYGEN_INIT                       147
+# define EVP_F_EVP_PKEY_NEW                               106
+# define EVP_F_EVP_PKEY_PARAMGEN                          148
+# define EVP_F_EVP_PKEY_PARAMGEN_INIT                     149
+# define EVP_F_EVP_PKEY_SIGN                              140
+# define EVP_F_EVP_PKEY_SIGN_INIT                         141
+# define EVP_F_EVP_PKEY_VERIFY                            142
+# define EVP_F_EVP_PKEY_VERIFY_INIT                       143
+# define EVP_F_EVP_PKEY_VERIFY_RECOVER                    144
+# define EVP_F_EVP_PKEY_VERIFY_RECOVER_INIT               145
+# define EVP_F_EVP_SIGNFINAL                              107
+# define EVP_F_EVP_VERIFYFINAL                            108
+# define EVP_F_INT_CTX_NEW                                157
+# define EVP_F_PKCS5_PBE_KEYIVGEN                         117
+# define EVP_F_PKCS5_V2_PBE_KEYIVGEN                      118
+# define EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN                   164
+# define EVP_F_PKCS5_V2_SCRYPT_KEYIVGEN                   180
+# define EVP_F_PKEY_SET_TYPE                              158
+# define EVP_F_RC2_MAGIC_TO_METH                          109
+# define EVP_F_RC5_CTRL                                   125
+# define EVP_F_UPDATE                                     173
+
+/*
+ * EVP reason codes.
+ */
+# define EVP_R_AES_KEY_SETUP_FAILED                       143
+# define EVP_R_ARIA_KEY_SETUP_FAILED                      176
+# define EVP_R_BAD_DECRYPT                                100
+# define EVP_R_BUFFER_TOO_SMALL                           155
+# define EVP_R_CAMELLIA_KEY_SETUP_FAILED                  157
+# define EVP_R_CIPHER_PARAMETER_ERROR                     122
+# define EVP_R_COMMAND_NOT_SUPPORTED                      147
+# define EVP_R_COPY_ERROR                                 173
+# define EVP_R_CTRL_NOT_IMPLEMENTED                       132
+# define EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED             133
+# define EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH          138
+# define EVP_R_DECODE_ERROR                               114
+# define EVP_R_DIFFERENT_KEY_TYPES                        101
+# define EVP_R_DIFFERENT_PARAMETERS                       153
+# define EVP_R_ERROR_LOADING_SECTION                      165
+# define EVP_R_ERROR_SETTING_FIPS_MODE                    166
+# define EVP_R_EXPECTING_AN_HMAC_KEY                      174
+# define EVP_R_EXPECTING_AN_RSA_KEY                       127
+# define EVP_R_EXPECTING_A_DH_KEY                         128
+# define EVP_R_EXPECTING_A_DSA_KEY                        129
+# define EVP_R_EXPECTING_A_EC_KEY                         142
+# define EVP_R_EXPECTING_A_POLY1305_KEY                   164
+# define EVP_R_EXPECTING_A_SIPHASH_KEY                    175
+# define EVP_R_FIPS_MODE_NOT_SUPPORTED                    167
+# define EVP_R_ILLEGAL_SCRYPT_PARAMETERS                  171
+# define EVP_R_INITIALIZATION_ERROR                       134
+# define EVP_R_INPUT_NOT_INITIALIZED                      111
+# define EVP_R_INVALID_DIGEST                             152
+# define EVP_R_INVALID_FIPS_MODE                          168
+# define EVP_R_INVALID_KEY                                163
+# define EVP_R_INVALID_KEY_LENGTH                         130
+# define EVP_R_INVALID_OPERATION                          148
+# define EVP_R_KEYGEN_FAILURE                             120
+# define EVP_R_MEMORY_LIMIT_EXCEEDED                      172
+# define EVP_R_MESSAGE_DIGEST_IS_NULL                     159
+# define EVP_R_METHOD_NOT_SUPPORTED                       144
+# define EVP_R_MISSING_PARAMETERS                         103
+# define EVP_R_NO_CIPHER_SET                              131
+# define EVP_R_NO_DEFAULT_DIGEST                          158
+# define EVP_R_NO_DIGEST_SET                              139
+# define EVP_R_NO_KEY_SET                                 154
+# define EVP_R_NO_OPERATION_SET                           149
+# define EVP_R_ONLY_ONESHOT_SUPPORTED                     177
+# define EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE   150
+# define EVP_R_OPERATON_NOT_INITIALIZED                   151
+# define EVP_R_PARTIALLY_OVERLAPPING                      162
+# define EVP_R_PRIVATE_KEY_DECODE_ERROR                   145
+# define EVP_R_PRIVATE_KEY_ENCODE_ERROR                   146
+# define EVP_R_PUBLIC_KEY_NOT_RSA                         106
+# define EVP_R_UNKNOWN_CIPHER                             160
+# define EVP_R_UNKNOWN_DIGEST                             161
+# define EVP_R_UNKNOWN_OPTION                             169
+# define EVP_R_UNKNOWN_PBE_ALGORITHM                      121
+# define EVP_R_UNSUPPORTED_ALGORITHM                      156
+# define EVP_R_UNSUPPORTED_CIPHER                         107
+# define EVP_R_UNSUPPORTED_KEYLENGTH                      123
+# define EVP_R_UNSUPPORTED_KEY_DERIVATION_FUNCTION        124
+# define EVP_R_UNSUPPORTED_KEY_SIZE                       108
+# define EVP_R_UNSUPPORTED_NUMBER_OF_ROUNDS               135
+# define EVP_R_UNSUPPORTED_PRF                            125
+# define EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM          118
+# define EVP_R_UNSUPPORTED_SALT_TYPE                      126
+# define EVP_R_WRAP_MODE_NOT_ALLOWED                      170
+# define EVP_R_WRONG_FINAL_BLOCK_LENGTH                   109
+
+#endif
diff --git a/include/openssl/kdf.h b/include/openssl/kdf.h
index 17d5ca3..bd74515 100644
--- a/include/openssl/kdf.h
+++ b/include/openssl/kdf.h
@@ -10,6 +10,7 @@
 #ifndef HEADER_KDF_H
 # define HEADER_KDF_H
 
+# include <openssl/kdferr.h>
 #ifdef __cplusplus
 extern "C" {
 #endif
@@ -58,26 +59,8 @@ extern "C" {
 # define EVP_PKEY_CTX_hkdf_mode(pctx, mode) \
             EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_DERIVE, \
                               EVP_PKEY_CTRL_HKDF_MODE, mode, NULL)
-
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-
 int ERR_load_KDF_strings(void);
 
-/* Error codes for the KDF functions. */
-
-/* Function codes. */
-# define KDF_F_PKEY_TLS1_PRF_CTRL_STR                     100
-# define KDF_F_PKEY_TLS1_PRF_DERIVE                       101
-
-/* Reason codes. */
-# define KDF_R_INVALID_DIGEST                             100
-# define KDF_R_MISSING_PARAMETER                          101
-# define KDF_R_VALUE_MISSING                              102
-
 # ifdef  __cplusplus
 }
 # endif
diff --git a/include/openssl/kdferr.h b/include/openssl/kdferr.h
new file mode 100644
index 0000000..f101cbf
--- /dev/null
+++ b/include/openssl/kdferr.h
@@ -0,0 +1,35 @@
+/*
+ * Generated by util/mkerr.pl DO NOT EDIT
+ * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the OpenSSL license (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef HEADER_KDFERR_H
+# define HEADER_KDFERR_H
+
+# ifdef  __cplusplus
+extern "C" {
+# endif
+int ERR_load_KDF_strings(void);
+# ifdef  __cplusplus
+}
+# endif
+
+/*
+ * KDF function codes.
+ */
+# define KDF_F_PKEY_TLS1_PRF_CTRL_STR                     100
+# define KDF_F_PKEY_TLS1_PRF_DERIVE                       101
+
+/*
+ * KDF reason codes.
+ */
+# define KDF_R_INVALID_DIGEST                             100
+# define KDF_R_MISSING_PARAMETER                          101
+# define KDF_R_VALUE_MISSING                              102
+
+#endif
diff --git a/include/openssl/objects.h b/include/openssl/objects.h
index 265d8e5..54b42ee 100644
--- a/include/openssl/objects.h
+++ b/include/openssl/objects.h
@@ -13,6 +13,7 @@
 # include <openssl/obj_mac.h>
 # include <openssl/bio.h>
 # include <openssl/asn1.h>
+# include <openssl/objectserr.h>
 
 # define OBJ_NAME_TYPE_UNDEF             0x00
 # define OBJ_NAME_TYPE_MD_METH           0x01
@@ -167,29 +168,8 @@ int OBJ_find_sigid_by_algs(int *psignid, int dig_nid, int pkey_nid);
 int OBJ_add_sigid(int signid, int dig_id, int pkey_id);
 void OBJ_sigid_free(void);
 
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-
 int ERR_load_OBJ_strings(void);
 
-/* Error codes for the OBJ functions. */
-
-/* Function codes. */
-# define OBJ_F_OBJ_ADD_OBJECT                             105
-# define OBJ_F_OBJ_CREATE                                 100
-# define OBJ_F_OBJ_DUP                                    101
-# define OBJ_F_OBJ_NAME_NEW_INDEX                         106
-# define OBJ_F_OBJ_NID2LN                                 102
-# define OBJ_F_OBJ_NID2OBJ                                103
-# define OBJ_F_OBJ_NID2SN                                 104
-
-/* Reason codes. */
-# define OBJ_R_OID_EXISTS                                 102
-# define OBJ_R_UNKNOWN_NID                                101
-
 # ifdef  __cplusplus
 }
 # endif
diff --git a/include/openssl/objectserr.h b/include/openssl/objectserr.h
new file mode 100644
index 0000000..a6051c8
--- /dev/null
+++ b/include/openssl/objectserr.h
@@ -0,0 +1,39 @@
+/*
+ * Generated by util/mkerr.pl DO NOT EDIT
+ * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the OpenSSL license (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef HEADER_OBJERR_H
+# define HEADER_OBJERR_H
+
+# ifdef  __cplusplus
+extern "C" {
+# endif
+int ERR_load_OBJ_strings(void);
+# ifdef  __cplusplus
+}
+# endif
+
+/*
+ * OBJ function codes.
+ */
+# define OBJ_F_OBJ_ADD_OBJECT                             105
+# define OBJ_F_OBJ_CREATE                                 100
+# define OBJ_F_OBJ_DUP                                    101
+# define OBJ_F_OBJ_NAME_NEW_INDEX                         106
+# define OBJ_F_OBJ_NID2LN                                 102
+# define OBJ_F_OBJ_NID2OBJ                                103
+# define OBJ_F_OBJ_NID2SN                                 104
+
+/*
+ * OBJ reason codes.
+ */
+# define OBJ_R_OID_EXISTS                                 102
+# define OBJ_R_UNKNOWN_NID                                101
+
+#endif
diff --git a/include/openssl/ocsp.h b/include/openssl/ocsp.h
index fb384b6..6b1a490 100644
--- a/include/openssl/ocsp.h
+++ b/include/openssl/ocsp.h
@@ -45,6 +45,7 @@
 #  include <openssl/x509.h>
 #  include <openssl/x509v3.h>
 #  include <openssl/safestack.h>
+#  include <openssl/ocsperr.h>
 
 #ifdef  __cplusplus
 extern "C" {
@@ -352,61 +353,8 @@ int OCSP_RESPONSE_print(BIO *bp, OCSP_RESPONSE *o, unsigned long flags);
 int OCSP_basic_verify(OCSP_BASICRESP *bs, STACK_OF(X509) *certs,
                       X509_STORE *st, unsigned long flags);
 
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-
 int ERR_load_OCSP_strings(void);
 
-/* Error codes for the OCSP functions. */
-
-/* Function codes. */
-# define OCSP_F_D2I_OCSP_NONCE                            102
-# define OCSP_F_OCSP_BASIC_ADD1_STATUS                    103
-# define OCSP_F_OCSP_BASIC_SIGN                           104
-# define OCSP_F_OCSP_BASIC_VERIFY                         105
-# define OCSP_F_OCSP_CERT_ID_NEW                          101
-# define OCSP_F_OCSP_CHECK_DELEGATED                      106
-# define OCSP_F_OCSP_CHECK_IDS                            107
-# define OCSP_F_OCSP_CHECK_ISSUER                         108
-# define OCSP_F_OCSP_CHECK_VALIDITY                       115
-# define OCSP_F_OCSP_MATCH_ISSUERID                       109
-# define OCSP_F_OCSP_PARSE_URL                            114
-# define OCSP_F_OCSP_REQUEST_SIGN                         110
-# define OCSP_F_OCSP_REQUEST_VERIFY                       116
-# define OCSP_F_OCSP_RESPONSE_GET1_BASIC                  111
-# define OCSP_F_PARSE_HTTP_LINE1                          118
-
-/* Reason codes. */
-# define OCSP_R_CERTIFICATE_VERIFY_ERROR                  101
-# define OCSP_R_DIGEST_ERR                                102
-# define OCSP_R_ERROR_IN_NEXTUPDATE_FIELD                 122
-# define OCSP_R_ERROR_IN_THISUPDATE_FIELD                 123
-# define OCSP_R_ERROR_PARSING_URL                         121
-# define OCSP_R_MISSING_OCSPSIGNING_USAGE                 103
-# define OCSP_R_NEXTUPDATE_BEFORE_THISUPDATE              124
-# define OCSP_R_NOT_BASIC_RESPONSE                        104
-# define OCSP_R_NO_CERTIFICATES_IN_CHAIN                  105
-# define OCSP_R_NO_RESPONSE_DATA                          108
-# define OCSP_R_NO_REVOKED_TIME                           109
-# define OCSP_R_NO_SIGNER_KEY                             130
-# define OCSP_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE    110
-# define OCSP_R_REQUEST_NOT_SIGNED                        128
-# define OCSP_R_RESPONSE_CONTAINS_NO_REVOCATION_DATA      111
-# define OCSP_R_ROOT_CA_NOT_TRUSTED                       112
-# define OCSP_R_SERVER_RESPONSE_ERROR                     114
-# define OCSP_R_SERVER_RESPONSE_PARSE_ERROR               115
-# define OCSP_R_SIGNATURE_FAILURE                         117
-# define OCSP_R_SIGNER_CERTIFICATE_NOT_FOUND              118
-# define OCSP_R_STATUS_EXPIRED                            125
-# define OCSP_R_STATUS_NOT_YET_VALID                      126
-# define OCSP_R_STATUS_TOO_OLD                            127
-# define OCSP_R_UNKNOWN_MESSAGE_DIGEST                    119
-# define OCSP_R_UNKNOWN_NID                               120
-# define OCSP_R_UNSUPPORTED_REQUESTORNAME_TYPE            129
-
 #  ifdef  __cplusplus
 }
 #  endif
diff --git a/include/openssl/ocsperr.h b/include/openssl/ocsperr.h
new file mode 100644
index 0000000..0fdb47c
--- /dev/null
+++ b/include/openssl/ocsperr.h
@@ -0,0 +1,71 @@
+/*
+ * Generated by util/mkerr.pl DO NOT EDIT
+ * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the OpenSSL license (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef HEADER_OCSPERR_H
+# define HEADER_OCSPERR_H
+
+# ifdef  __cplusplus
+extern "C" {
+# endif
+int ERR_load_OCSP_strings(void);
+# ifdef  __cplusplus
+}
+# endif
+
+/*
+ * OCSP function codes.
+ */
+# define OCSP_F_D2I_OCSP_NONCE                            102
+# define OCSP_F_OCSP_BASIC_ADD1_STATUS                    103
+# define OCSP_F_OCSP_BASIC_SIGN                           104
+# define OCSP_F_OCSP_BASIC_VERIFY                         105
+# define OCSP_F_OCSP_CERT_ID_NEW                          101
+# define OCSP_F_OCSP_CHECK_DELEGATED                      106
+# define OCSP_F_OCSP_CHECK_IDS                            107
+# define OCSP_F_OCSP_CHECK_ISSUER                         108
+# define OCSP_F_OCSP_CHECK_VALIDITY                       115
+# define OCSP_F_OCSP_MATCH_ISSUERID                       109
+# define OCSP_F_OCSP_PARSE_URL                            114
+# define OCSP_F_OCSP_REQUEST_SIGN                         110
+# define OCSP_F_OCSP_REQUEST_VERIFY                       116
+# define OCSP_F_OCSP_RESPONSE_GET1_BASIC                  111
+# define OCSP_F_PARSE_HTTP_LINE1                          118
+
+/*
+ * OCSP reason codes.
+ */
+# define OCSP_R_CERTIFICATE_VERIFY_ERROR                  101
+# define OCSP_R_DIGEST_ERR                                102
+# define OCSP_R_ERROR_IN_NEXTUPDATE_FIELD                 122
+# define OCSP_R_ERROR_IN_THISUPDATE_FIELD                 123
+# define OCSP_R_ERROR_PARSING_URL                         121
+# define OCSP_R_MISSING_OCSPSIGNING_USAGE                 103
+# define OCSP_R_NEXTUPDATE_BEFORE_THISUPDATE              124
+# define OCSP_R_NOT_BASIC_RESPONSE                        104
+# define OCSP_R_NO_CERTIFICATES_IN_CHAIN                  105
+# define OCSP_R_NO_RESPONSE_DATA                          108
+# define OCSP_R_NO_REVOKED_TIME                           109
+# define OCSP_R_NO_SIGNER_KEY                             130
+# define OCSP_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE    110
+# define OCSP_R_REQUEST_NOT_SIGNED                        128
+# define OCSP_R_RESPONSE_CONTAINS_NO_REVOCATION_DATA      111
+# define OCSP_R_ROOT_CA_NOT_TRUSTED                       112
+# define OCSP_R_SERVER_RESPONSE_ERROR                     114
+# define OCSP_R_SERVER_RESPONSE_PARSE_ERROR               115
+# define OCSP_R_SIGNATURE_FAILURE                         117
+# define OCSP_R_SIGNER_CERTIFICATE_NOT_FOUND              118
+# define OCSP_R_STATUS_EXPIRED                            125
+# define OCSP_R_STATUS_NOT_YET_VALID                      126
+# define OCSP_R_STATUS_TOO_OLD                            127
+# define OCSP_R_UNKNOWN_MESSAGE_DIGEST                    119
+# define OCSP_R_UNKNOWN_NID                               120
+# define OCSP_R_UNSUPPORTED_REQUESTORNAME_TYPE            129
+
+#endif
diff --git a/include/openssl/pem.h b/include/openssl/pem.h
index 105c810..314d374 100644
--- a/include/openssl/pem.h
+++ b/include/openssl/pem.h
@@ -16,6 +16,7 @@
 # include <openssl/evp.h>
 # include <openssl/x509.h>
 # include <openssl/pem2.h>
+# include <openssl/pemerr.h>
 
 #ifdef  __cplusplus
 extern "C" {
@@ -371,91 +372,7 @@ int i2b_PVK_bio(BIO *out, EVP_PKEY *pk, int enclevel,
 #  endif
 # endif
 
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-
 int ERR_load_PEM_strings(void);
-
-/* Error codes for the PEM functions. */
-
-/* Function codes. */
-# define PEM_F_B2I_DSS                                    127
-# define PEM_F_B2I_PVK_BIO                                128
-# define PEM_F_B2I_RSA                                    129
-# define PEM_F_CHECK_BITLEN_DSA                           130
-# define PEM_F_CHECK_BITLEN_RSA                           131
-# define PEM_F_D2I_PKCS8PRIVATEKEY_BIO                    120
-# define PEM_F_D2I_PKCS8PRIVATEKEY_FP                     121
-# define PEM_F_DO_B2I                                     132
-# define PEM_F_DO_B2I_BIO                                 133
-# define PEM_F_DO_BLOB_HEADER                             134
-# define PEM_F_DO_PK8PKEY                                 126
-# define PEM_F_DO_PK8PKEY_FP                              125
-# define PEM_F_DO_PVK_BODY                                135
-# define PEM_F_DO_PVK_HEADER                              136
-# define PEM_F_GET_HEADER_AND_DATA                        143
-# define PEM_F_GET_NAME                                   144
-# define PEM_F_I2B_PVK                                    137
-# define PEM_F_I2B_PVK_BIO                                138
-# define PEM_F_LOAD_IV                                    101
-# define PEM_F_PEM_ASN1_READ                              102
-# define PEM_F_PEM_ASN1_READ_BIO                          103
-# define PEM_F_PEM_ASN1_WRITE                             104
-# define PEM_F_PEM_ASN1_WRITE_BIO                         105
-# define PEM_F_PEM_DEF_CALLBACK                           100
-# define PEM_F_PEM_DO_HEADER                              106
-# define PEM_F_PEM_GET_EVP_CIPHER_INFO                    107
-# define PEM_F_PEM_READ                                   108
-# define PEM_F_PEM_READ_BIO                               109
-# define PEM_F_PEM_READ_BIO_DHPARAMS                      141
-# define PEM_F_PEM_READ_BIO_EX                            145
-# define PEM_F_PEM_READ_BIO_PARAMETERS                    140
-# define PEM_F_PEM_READ_BIO_PRIVATEKEY                    123
-# define PEM_F_PEM_READ_DHPARAMS                          142
-# define PEM_F_PEM_READ_PRIVATEKEY                        124
-# define PEM_F_PEM_SIGNFINAL                              112
-# define PEM_F_PEM_WRITE                                  113
-# define PEM_F_PEM_WRITE_BIO                              114
-# define PEM_F_PEM_WRITE_PRIVATEKEY                       139
-# define PEM_F_PEM_X509_INFO_READ                         115
-# define PEM_F_PEM_X509_INFO_READ_BIO                     116
-# define PEM_F_PEM_X509_INFO_WRITE_BIO                    117
-
-/* Reason codes. */
-# define PEM_R_BAD_BASE64_DECODE                          100
-# define PEM_R_BAD_DECRYPT                                101
-# define PEM_R_BAD_END_LINE                               102
-# define PEM_R_BAD_IV_CHARS                               103
-# define PEM_R_BAD_MAGIC_NUMBER                           116
-# define PEM_R_BAD_PASSWORD_READ                          104
-# define PEM_R_BAD_VERSION_NUMBER                         117
-# define PEM_R_BIO_WRITE_FAILURE                          118
-# define PEM_R_CIPHER_IS_NULL                             127
-# define PEM_R_ERROR_CONVERTING_PRIVATE_KEY               115
-# define PEM_R_EXPECTING_PRIVATE_KEY_BLOB                 119
-# define PEM_R_EXPECTING_PUBLIC_KEY_BLOB                  120
-# define PEM_R_HEADER_TOO_LONG                            128
-# define PEM_R_INCONSISTENT_HEADER                        121
-# define PEM_R_KEYBLOB_HEADER_PARSE_ERROR                 122
-# define PEM_R_KEYBLOB_TOO_SHORT                          123
-# define PEM_R_MISSING_DEK_IV                             129
-# define PEM_R_NOT_DEK_INFO                               105
-# define PEM_R_NOT_ENCRYPTED                              106
-# define PEM_R_NOT_PROC_TYPE                              107
-# define PEM_R_NO_START_LINE                              108
-# define PEM_R_PROBLEMS_GETTING_PASSWORD                  109
-# define PEM_R_PVK_DATA_TOO_SHORT                         124
-# define PEM_R_PVK_TOO_SHORT                              125
-# define PEM_R_READ_KEY                                   111
-# define PEM_R_SHORT_HEADER                               112
-# define PEM_R_UNEXPECTED_DEK_IV                          130
-# define PEM_R_UNSUPPORTED_CIPHER                         113
-# define PEM_R_UNSUPPORTED_ENCRYPTION                     114
-# define PEM_R_UNSUPPORTED_KEY_COMPONENTS                 126
-
 # ifdef  __cplusplus
 }
 # endif
diff --git a/include/openssl/pemerr.h b/include/openssl/pemerr.h
new file mode 100644
index 0000000..12eb5cb
--- /dev/null
+++ b/include/openssl/pemerr.h
@@ -0,0 +1,101 @@
+/*
+ * Generated by util/mkerr.pl DO NOT EDIT
+ * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the OpenSSL license (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef HEADER_PEMERR_H
+# define HEADER_PEMERR_H
+
+# ifdef  __cplusplus
+extern "C" {
+# endif
+int ERR_load_PEM_strings(void);
+# ifdef  __cplusplus
+}
+# endif
+
+/*
+ * PEM function codes.
+ */
+# define PEM_F_B2I_DSS                                    127
+# define PEM_F_B2I_PVK_BIO                                128
+# define PEM_F_B2I_RSA                                    129
+# define PEM_F_CHECK_BITLEN_DSA                           130
+# define PEM_F_CHECK_BITLEN_RSA                           131
+# define PEM_F_D2I_PKCS8PRIVATEKEY_BIO                    120
+# define PEM_F_D2I_PKCS8PRIVATEKEY_FP                     121
+# define PEM_F_DO_B2I                                     132
+# define PEM_F_DO_B2I_BIO                                 133
+# define PEM_F_DO_BLOB_HEADER                             134
+# define PEM_F_DO_PK8PKEY                                 126
+# define PEM_F_DO_PK8PKEY_FP                              125
+# define PEM_F_DO_PVK_BODY                                135
+# define PEM_F_DO_PVK_HEADER                              136
+# define PEM_F_GET_HEADER_AND_DATA                        143
+# define PEM_F_GET_NAME                                   144
+# define PEM_F_I2B_PVK                                    137
+# define PEM_F_I2B_PVK_BIO                                138
+# define PEM_F_LOAD_IV                                    101
+# define PEM_F_PEM_ASN1_READ                              102
+# define PEM_F_PEM_ASN1_READ_BIO                          103
+# define PEM_F_PEM_ASN1_WRITE                             104
+# define PEM_F_PEM_ASN1_WRITE_BIO                         105
+# define PEM_F_PEM_DEF_CALLBACK                           100
+# define PEM_F_PEM_DO_HEADER                              106
+# define PEM_F_PEM_GET_EVP_CIPHER_INFO                    107
+# define PEM_F_PEM_READ                                   108
+# define PEM_F_PEM_READ_BIO                               109
+# define PEM_F_PEM_READ_BIO_DHPARAMS                      141
+# define PEM_F_PEM_READ_BIO_EX                            145
+# define PEM_F_PEM_READ_BIO_PARAMETERS                    140
+# define PEM_F_PEM_READ_BIO_PRIVATEKEY                    123
+# define PEM_F_PEM_READ_DHPARAMS                          142
+# define PEM_F_PEM_READ_PRIVATEKEY                        124
+# define PEM_F_PEM_SIGNFINAL                              112
+# define PEM_F_PEM_WRITE                                  113
+# define PEM_F_PEM_WRITE_BIO                              114
+# define PEM_F_PEM_WRITE_PRIVATEKEY                       139
+# define PEM_F_PEM_X509_INFO_READ                         115
+# define PEM_F_PEM_X509_INFO_READ_BIO                     116
+# define PEM_F_PEM_X509_INFO_WRITE_BIO                    117
+
+/*
+ * PEM reason codes.
+ */
+# define PEM_R_BAD_BASE64_DECODE                          100
+# define PEM_R_BAD_DECRYPT                                101
+# define PEM_R_BAD_END_LINE                               102
+# define PEM_R_BAD_IV_CHARS                               103
+# define PEM_R_BAD_MAGIC_NUMBER                           116
+# define PEM_R_BAD_PASSWORD_READ                          104
+# define PEM_R_BAD_VERSION_NUMBER                         117
+# define PEM_R_BIO_WRITE_FAILURE                          118
+# define PEM_R_CIPHER_IS_NULL                             127
+# define PEM_R_ERROR_CONVERTING_PRIVATE_KEY               115
+# define PEM_R_EXPECTING_PRIVATE_KEY_BLOB                 119
+# define PEM_R_EXPECTING_PUBLIC_KEY_BLOB                  120
+# define PEM_R_HEADER_TOO_LONG                            128
+# define PEM_R_INCONSISTENT_HEADER                        121
+# define PEM_R_KEYBLOB_HEADER_PARSE_ERROR                 122
+# define PEM_R_KEYBLOB_TOO_SHORT                          123
+# define PEM_R_MISSING_DEK_IV                             129
+# define PEM_R_NOT_DEK_INFO                               105
+# define PEM_R_NOT_ENCRYPTED                              106
+# define PEM_R_NOT_PROC_TYPE                              107
+# define PEM_R_NO_START_LINE                              108
+# define PEM_R_PROBLEMS_GETTING_PASSWORD                  109
+# define PEM_R_PVK_DATA_TOO_SHORT                         124
+# define PEM_R_PVK_TOO_SHORT                              125
+# define PEM_R_READ_KEY                                   111
+# define PEM_R_SHORT_HEADER                               112
+# define PEM_R_UNEXPECTED_DEK_IV                          130
+# define PEM_R_UNSUPPORTED_CIPHER                         113
+# define PEM_R_UNSUPPORTED_ENCRYPTION                     114
+# define PEM_R_UNSUPPORTED_KEY_COMPONENTS                 126
+
+#endif
diff --git a/include/openssl/pkcs12.h b/include/openssl/pkcs12.h
index deaded9..3f43dad 100644
--- a/include/openssl/pkcs12.h
+++ b/include/openssl/pkcs12.h
@@ -12,6 +12,7 @@
 
 # include <openssl/bio.h>
 # include <openssl/x509.h>
+# include <openssl/pkcs12err.h>
 
 #ifdef __cplusplus
 extern "C" {
@@ -216,66 +217,6 @@ PKCS12 *d2i_PKCS12_fp(FILE *fp, PKCS12 **p12);
 # endif
 int PKCS12_newpass(PKCS12 *p12, const char *oldpass, const char *newpass);
 
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-
-int ERR_load_PKCS12_strings(void);
-
-/* Error codes for the PKCS12 functions. */
-
-/* Function codes. */
-# define PKCS12_F_PKCS12_CREATE                           105
-# define PKCS12_F_PKCS12_GEN_MAC                          107
-# define PKCS12_F_PKCS12_INIT                             109
-# define PKCS12_F_PKCS12_ITEM_DECRYPT_D2I                 106
-# define PKCS12_F_PKCS12_ITEM_I2D_ENCRYPT                 108
-# define PKCS12_F_PKCS12_ITEM_PACK_SAFEBAG                117
-# define PKCS12_F_PKCS12_KEY_GEN_ASC                      110
-# define PKCS12_F_PKCS12_KEY_GEN_UNI                      111
-# define PKCS12_F_PKCS12_KEY_GEN_UTF8                     116
-# define PKCS12_F_PKCS12_NEWPASS                          128
-# define PKCS12_F_PKCS12_PACK_P7DATA                      114
-# define PKCS12_F_PKCS12_PACK_P7ENCDATA                   115
-# define PKCS12_F_PKCS12_PARSE                            118
-# define PKCS12_F_PKCS12_PBE_CRYPT                        119
-# define PKCS12_F_PKCS12_PBE_KEYIVGEN                     120
-# define PKCS12_F_PKCS12_SAFEBAG_CREATE0_P8INF            112
-# define PKCS12_F_PKCS12_SAFEBAG_CREATE0_PKCS8            113
-# define PKCS12_F_PKCS12_SAFEBAG_CREATE_PKCS8_ENCRYPT     133
-# define PKCS12_F_PKCS12_SETUP_MAC                        122
-# define PKCS12_F_PKCS12_SET_MAC                          123
-# define PKCS12_F_PKCS12_UNPACK_AUTHSAFES                 130
-# define PKCS12_F_PKCS12_UNPACK_P7DATA                    131
-# define PKCS12_F_PKCS12_VERIFY_MAC                       126
-# define PKCS12_F_PKCS8_ENCRYPT                           125
-# define PKCS12_F_PKCS8_SET0_PBE                          132
-
-/* Reason codes. */
-# define PKCS12_R_CANT_PACK_STRUCTURE                     100
-# define PKCS12_R_CONTENT_TYPE_NOT_DATA                   121
-# define PKCS12_R_DECODE_ERROR                            101
-# define PKCS12_R_ENCODE_ERROR                            102
-# define PKCS12_R_ENCRYPT_ERROR                           103
-# define PKCS12_R_ERROR_SETTING_ENCRYPTED_DATA_TYPE       120
-# define PKCS12_R_INVALID_NULL_ARGUMENT                   104
-# define PKCS12_R_INVALID_NULL_PKCS12_POINTER             105
-# define PKCS12_R_IV_GEN_ERROR                            106
-# define PKCS12_R_KEY_GEN_ERROR                           107
-# define PKCS12_R_MAC_ABSENT                              108
-# define PKCS12_R_MAC_GENERATION_ERROR                    109
-# define PKCS12_R_MAC_SETUP_ERROR                         110
-# define PKCS12_R_MAC_STRING_SET_ERROR                    111
-# define PKCS12_R_MAC_VERIFY_FAILURE                      113
-# define PKCS12_R_PARSE_ERROR                             114
-# define PKCS12_R_PKCS12_ALGOR_CIPHERINIT_ERROR           115
-# define PKCS12_R_PKCS12_CIPHERFINAL_ERROR                116
-# define PKCS12_R_PKCS12_PBE_CRYPT_ERROR                  117
-# define PKCS12_R_UNKNOWN_DIGEST_ALGORITHM                118
-# define PKCS12_R_UNSUPPORTED_PKCS12_MODE                 119
-
 # ifdef  __cplusplus
 }
 # endif
diff --git a/include/openssl/pkcs12err.h b/include/openssl/pkcs12err.h
new file mode 100644
index 0000000..6bbd232
--- /dev/null
+++ b/include/openssl/pkcs12err.h
@@ -0,0 +1,76 @@
+/*
+ * Generated by util/mkerr.pl DO NOT EDIT
+ * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the OpenSSL license (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef HEADER_PKCS12ERR_H
+# define HEADER_PKCS12ERR_H
+
+# ifdef  __cplusplus
+extern "C" {
+# endif
+int ERR_load_PKCS12_strings(void);
+# ifdef  __cplusplus
+}
+# endif
+
+/*
+ * PKCS12 function codes.
+ */
+# define PKCS12_F_PKCS12_CREATE                           105
+# define PKCS12_F_PKCS12_GEN_MAC                          107
+# define PKCS12_F_PKCS12_INIT                             109
+# define PKCS12_F_PKCS12_ITEM_DECRYPT_D2I                 106
+# define PKCS12_F_PKCS12_ITEM_I2D_ENCRYPT                 108
+# define PKCS12_F_PKCS12_ITEM_PACK_SAFEBAG                117
+# define PKCS12_F_PKCS12_KEY_GEN_ASC                      110
+# define PKCS12_F_PKCS12_KEY_GEN_UNI                      111
+# define PKCS12_F_PKCS12_KEY_GEN_UTF8                     116
+# define PKCS12_F_PKCS12_NEWPASS                          128
+# define PKCS12_F_PKCS12_PACK_P7DATA                      114
+# define PKCS12_F_PKCS12_PACK_P7ENCDATA                   115
+# define PKCS12_F_PKCS12_PARSE                            118
+# define PKCS12_F_PKCS12_PBE_CRYPT                        119
+# define PKCS12_F_PKCS12_PBE_KEYIVGEN                     120
+# define PKCS12_F_PKCS12_SAFEBAG_CREATE0_P8INF            112
+# define PKCS12_F_PKCS12_SAFEBAG_CREATE0_PKCS8            113
+# define PKCS12_F_PKCS12_SAFEBAG_CREATE_PKCS8_ENCRYPT     133
+# define PKCS12_F_PKCS12_SETUP_MAC                        122
+# define PKCS12_F_PKCS12_SET_MAC                          123
+# define PKCS12_F_PKCS12_UNPACK_AUTHSAFES                 130
+# define PKCS12_F_PKCS12_UNPACK_P7DATA                    131
+# define PKCS12_F_PKCS12_VERIFY_MAC                       126
+# define PKCS12_F_PKCS8_ENCRYPT                           125
+# define PKCS12_F_PKCS8_SET0_PBE                          132
+
+/*
+ * PKCS12 reason codes.
+ */
+# define PKCS12_R_CANT_PACK_STRUCTURE                     100
+# define PKCS12_R_CONTENT_TYPE_NOT_DATA                   121
+# define PKCS12_R_DECODE_ERROR                            101
+# define PKCS12_R_ENCODE_ERROR                            102
+# define PKCS12_R_ENCRYPT_ERROR                           103
+# define PKCS12_R_ERROR_SETTING_ENCRYPTED_DATA_TYPE       120
+# define PKCS12_R_INVALID_NULL_ARGUMENT                   104
+# define PKCS12_R_INVALID_NULL_PKCS12_POINTER             105
+# define PKCS12_R_IV_GEN_ERROR                            106
+# define PKCS12_R_KEY_GEN_ERROR                           107
+# define PKCS12_R_MAC_ABSENT                              108
+# define PKCS12_R_MAC_GENERATION_ERROR                    109
+# define PKCS12_R_MAC_SETUP_ERROR                         110
+# define PKCS12_R_MAC_STRING_SET_ERROR                    111
+# define PKCS12_R_MAC_VERIFY_FAILURE                      113
+# define PKCS12_R_PARSE_ERROR                             114
+# define PKCS12_R_PKCS12_ALGOR_CIPHERINIT_ERROR           115
+# define PKCS12_R_PKCS12_CIPHERFINAL_ERROR                116
+# define PKCS12_R_PKCS12_PBE_CRYPT_ERROR                  117
+# define PKCS12_R_UNKNOWN_DIGEST_ALGORITHM                118
+# define PKCS12_R_UNSUPPORTED_PKCS12_MODE                 119
+
+#endif
diff --git a/include/openssl/pkcs7.h b/include/openssl/pkcs7.h
index 691f722..9b66e00 100644
--- a/include/openssl/pkcs7.h
+++ b/include/openssl/pkcs7.h
@@ -16,6 +16,7 @@
 
 # include <openssl/symhacks.h>
 # include <openssl/ossl_typ.h>
+# include <openssl/pkcs7err.h>
 
 #ifdef  __cplusplus
 extern "C" {
@@ -312,92 +313,6 @@ PKCS7 *SMIME_read_PKCS7(BIO *bio, BIO **bcont);
 
 BIO *BIO_new_PKCS7(BIO *out, PKCS7 *p7);
 
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-
-int ERR_load_PKCS7_strings(void);
-
-/* Error codes for the PKCS7 functions. */
-
-/* Function codes. */
-# define PKCS7_F_DO_PKCS7_SIGNED_ATTRIB                   136
-# define PKCS7_F_PKCS7_ADD0_ATTRIB_SIGNING_TIME           135
-# define PKCS7_F_PKCS7_ADD_ATTRIB_SMIMECAP                118
-# define PKCS7_F_PKCS7_ADD_CERTIFICATE                    100
-# define PKCS7_F_PKCS7_ADD_CRL                            101
-# define PKCS7_F_PKCS7_ADD_RECIPIENT_INFO                 102
-# define PKCS7_F_PKCS7_ADD_SIGNATURE                      131
-# define PKCS7_F_PKCS7_ADD_SIGNER                         103
-# define PKCS7_F_PKCS7_BIO_ADD_DIGEST                     125
-# define PKCS7_F_PKCS7_COPY_EXISTING_DIGEST               138
-# define PKCS7_F_PKCS7_CTRL                               104
-# define PKCS7_F_PKCS7_DATADECODE                         112
-# define PKCS7_F_PKCS7_DATAFINAL                          128
-# define PKCS7_F_PKCS7_DATAINIT                           105
-# define PKCS7_F_PKCS7_DATAVERIFY                         107
-# define PKCS7_F_PKCS7_DECRYPT                            114
-# define PKCS7_F_PKCS7_DECRYPT_RINFO                      133
-# define PKCS7_F_PKCS7_ENCODE_RINFO                       132
-# define PKCS7_F_PKCS7_ENCRYPT                            115
-# define PKCS7_F_PKCS7_FINAL                              134
-# define PKCS7_F_PKCS7_FIND_DIGEST                        127
-# define PKCS7_F_PKCS7_GET0_SIGNERS                       124
-# define PKCS7_F_PKCS7_RECIP_INFO_SET                     130
-# define PKCS7_F_PKCS7_SET_CIPHER                         108
-# define PKCS7_F_PKCS7_SET_CONTENT                        109
-# define PKCS7_F_PKCS7_SET_DIGEST                         126
-# define PKCS7_F_PKCS7_SET_TYPE                           110
-# define PKCS7_F_PKCS7_SIGN                               116
-# define PKCS7_F_PKCS7_SIGNATUREVERIFY                    113
-# define PKCS7_F_PKCS7_SIGNER_INFO_SET                    129
-# define PKCS7_F_PKCS7_SIGNER_INFO_SIGN                   139
-# define PKCS7_F_PKCS7_SIGN_ADD_SIGNER                    137
-# define PKCS7_F_PKCS7_SIMPLE_SMIMECAP                    119
-# define PKCS7_F_PKCS7_VERIFY                             117
-
-/* Reason codes. */
-# define PKCS7_R_CERTIFICATE_VERIFY_ERROR                 117
-# define PKCS7_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER          144
-# define PKCS7_R_CIPHER_NOT_INITIALIZED                   116
-# define PKCS7_R_CONTENT_AND_DATA_PRESENT                 118
-# define PKCS7_R_CTRL_ERROR                               152
-# define PKCS7_R_DECRYPT_ERROR                            119
-# define PKCS7_R_DIGEST_FAILURE                           101
-# define PKCS7_R_ENCRYPTION_CTRL_FAILURE                  149
-# define PKCS7_R_ENCRYPTION_NOT_SUPPORTED_FOR_THIS_KEY_TYPE 150
-# define PKCS7_R_ERROR_ADDING_RECIPIENT                   120
-# define PKCS7_R_ERROR_SETTING_CIPHER                     121
-# define PKCS7_R_INVALID_NULL_POINTER                     143
-# define PKCS7_R_INVALID_SIGNED_DATA_TYPE                 155
-# define PKCS7_R_NO_CONTENT                               122
-# define PKCS7_R_NO_DEFAULT_DIGEST                        151
-# define PKCS7_R_NO_MATCHING_DIGEST_TYPE_FOUND            154
-# define PKCS7_R_NO_RECIPIENT_MATCHES_CERTIFICATE         115
-# define PKCS7_R_NO_SIGNATURES_ON_DATA                    123
-# define PKCS7_R_NO_SIGNERS                               142
-# define PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE     104
-# define PKCS7_R_PKCS7_ADD_SIGNATURE_ERROR                124
-# define PKCS7_R_PKCS7_ADD_SIGNER_ERROR                   153
-# define PKCS7_R_PKCS7_DATASIGN                           145
-# define PKCS7_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE   127
-# define PKCS7_R_SIGNATURE_FAILURE                        105
-# define PKCS7_R_SIGNER_CERTIFICATE_NOT_FOUND             128
-# define PKCS7_R_SIGNING_CTRL_FAILURE                     147
-# define PKCS7_R_SIGNING_NOT_SUPPORTED_FOR_THIS_KEY_TYPE  148
-# define PKCS7_R_SMIME_TEXT_ERROR                         129
-# define PKCS7_R_UNABLE_TO_FIND_CERTIFICATE               106
-# define PKCS7_R_UNABLE_TO_FIND_MEM_BIO                   107
-# define PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST            108
-# define PKCS7_R_UNKNOWN_DIGEST_TYPE                      109
-# define PKCS7_R_UNKNOWN_OPERATION                        110
-# define PKCS7_R_UNSUPPORTED_CIPHER_TYPE                  111
-# define PKCS7_R_UNSUPPORTED_CONTENT_TYPE                 112
-# define PKCS7_R_WRONG_CONTENT_TYPE                       113
-# define PKCS7_R_WRONG_PKCS7_TYPE                         114
-
 # ifdef  __cplusplus
 }
 # endif
diff --git a/include/openssl/pkcs7err.h b/include/openssl/pkcs7err.h
new file mode 100644
index 0000000..5e5f708
--- /dev/null
+++ b/include/openssl/pkcs7err.h
@@ -0,0 +1,102 @@
+/*
+ * Generated by util/mkerr.pl DO NOT EDIT
+ * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the OpenSSL license (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef HEADER_PKCS7ERR_H
+# define HEADER_PKCS7ERR_H
+
+# ifdef  __cplusplus
+extern "C" {
+# endif
+int ERR_load_PKCS7_strings(void);
+# ifdef  __cplusplus
+}
+# endif
+
+/*
+ * PKCS7 function codes.
+ */
+# define PKCS7_F_DO_PKCS7_SIGNED_ATTRIB                   136
+# define PKCS7_F_PKCS7_ADD0_ATTRIB_SIGNING_TIME           135
+# define PKCS7_F_PKCS7_ADD_ATTRIB_SMIMECAP                118
+# define PKCS7_F_PKCS7_ADD_CERTIFICATE                    100
+# define PKCS7_F_PKCS7_ADD_CRL                            101
+# define PKCS7_F_PKCS7_ADD_RECIPIENT_INFO                 102
+# define PKCS7_F_PKCS7_ADD_SIGNATURE                      131
+# define PKCS7_F_PKCS7_ADD_SIGNER                         103
+# define PKCS7_F_PKCS7_BIO_ADD_DIGEST                     125
+# define PKCS7_F_PKCS7_COPY_EXISTING_DIGEST               138
+# define PKCS7_F_PKCS7_CTRL                               104
+# define PKCS7_F_PKCS7_DATADECODE                         112
+# define PKCS7_F_PKCS7_DATAFINAL                          128
+# define PKCS7_F_PKCS7_DATAINIT                           105
+# define PKCS7_F_PKCS7_DATAVERIFY                         107
+# define PKCS7_F_PKCS7_DECRYPT                            114
+# define PKCS7_F_PKCS7_DECRYPT_RINFO                      133
+# define PKCS7_F_PKCS7_ENCODE_RINFO                       132
+# define PKCS7_F_PKCS7_ENCRYPT                            115
+# define PKCS7_F_PKCS7_FINAL                              134
+# define PKCS7_F_PKCS7_FIND_DIGEST                        127
+# define PKCS7_F_PKCS7_GET0_SIGNERS                       124
+# define PKCS7_F_PKCS7_RECIP_INFO_SET                     130
+# define PKCS7_F_PKCS7_SET_CIPHER                         108
+# define PKCS7_F_PKCS7_SET_CONTENT                        109
+# define PKCS7_F_PKCS7_SET_DIGEST                         126
+# define PKCS7_F_PKCS7_SET_TYPE                           110
+# define PKCS7_F_PKCS7_SIGN                               116
+# define PKCS7_F_PKCS7_SIGNATUREVERIFY                    113
+# define PKCS7_F_PKCS7_SIGNER_INFO_SET                    129
+# define PKCS7_F_PKCS7_SIGNER_INFO_SIGN                   139
+# define PKCS7_F_PKCS7_SIGN_ADD_SIGNER                    137
+# define PKCS7_F_PKCS7_SIMPLE_SMIMECAP                    119
+# define PKCS7_F_PKCS7_VERIFY                             117
+
+/*
+ * PKCS7 reason codes.
+ */
+# define PKCS7_R_CERTIFICATE_VERIFY_ERROR                 117
+# define PKCS7_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER          144
+# define PKCS7_R_CIPHER_NOT_INITIALIZED                   116
+# define PKCS7_R_CONTENT_AND_DATA_PRESENT                 118
+# define PKCS7_R_CTRL_ERROR                               152
+# define PKCS7_R_DECRYPT_ERROR                            119
+# define PKCS7_R_DIGEST_FAILURE                           101
+# define PKCS7_R_ENCRYPTION_CTRL_FAILURE                  149
+# define PKCS7_R_ENCRYPTION_NOT_SUPPORTED_FOR_THIS_KEY_TYPE 150
+# define PKCS7_R_ERROR_ADDING_RECIPIENT                   120
+# define PKCS7_R_ERROR_SETTING_CIPHER                     121
+# define PKCS7_R_INVALID_NULL_POINTER                     143
+# define PKCS7_R_INVALID_SIGNED_DATA_TYPE                 155
+# define PKCS7_R_NO_CONTENT                               122
+# define PKCS7_R_NO_DEFAULT_DIGEST                        151
+# define PKCS7_R_NO_MATCHING_DIGEST_TYPE_FOUND            154
+# define PKCS7_R_NO_RECIPIENT_MATCHES_CERTIFICATE         115
+# define PKCS7_R_NO_SIGNATURES_ON_DATA                    123
+# define PKCS7_R_NO_SIGNERS                               142
+# define PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE     104
+# define PKCS7_R_PKCS7_ADD_SIGNATURE_ERROR                124
+# define PKCS7_R_PKCS7_ADD_SIGNER_ERROR                   153
+# define PKCS7_R_PKCS7_DATASIGN                           145
+# define PKCS7_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE   127
+# define PKCS7_R_SIGNATURE_FAILURE                        105
+# define PKCS7_R_SIGNER_CERTIFICATE_NOT_FOUND             128
+# define PKCS7_R_SIGNING_CTRL_FAILURE                     147
+# define PKCS7_R_SIGNING_NOT_SUPPORTED_FOR_THIS_KEY_TYPE  148
+# define PKCS7_R_SMIME_TEXT_ERROR                         129
+# define PKCS7_R_UNABLE_TO_FIND_CERTIFICATE               106
+# define PKCS7_R_UNABLE_TO_FIND_MEM_BIO                   107
+# define PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST            108
+# define PKCS7_R_UNKNOWN_DIGEST_TYPE                      109
+# define PKCS7_R_UNKNOWN_OPERATION                        110
+# define PKCS7_R_UNSUPPORTED_CIPHER_TYPE                  111
+# define PKCS7_R_UNSUPPORTED_CONTENT_TYPE                 112
+# define PKCS7_R_WRONG_CONTENT_TYPE                       113
+# define PKCS7_R_WRONG_PKCS7_TYPE                         114
+
+#endif
diff --git a/include/openssl/rand.h b/include/openssl/rand.h
index d521ae1..157d1ef 100644
--- a/include/openssl/rand.h
+++ b/include/openssl/rand.h
@@ -13,6 +13,7 @@
 # include <stdlib.h>
 # include <openssl/ossl_typ.h>
 # include <openssl/e_os2.h>
+# include <openssl/randerr.h>
 
 #ifdef  __cplusplus
 extern "C" {
@@ -67,22 +68,8 @@ DEPRECATEDIN_1_1_0(void RAND_screen(void))
 DEPRECATEDIN_1_1_0(int RAND_event(UINT, WPARAM, LPARAM))
 #endif
 
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-
 int ERR_load_RAND_strings(void);
 
-/* Error codes for the RAND functions. */
-
-/* Function codes. */
-# define RAND_F_RAND_BYTES                                100
-
-/* Reason codes. */
-# define RAND_R_PRNG_NOT_SEEDED                           100
-
 # ifdef  __cplusplus
 }
 # endif
diff --git a/include/openssl/randerr.h b/include/openssl/randerr.h
new file mode 100644
index 0000000..80f1a68
--- /dev/null
+++ b/include/openssl/randerr.h
@@ -0,0 +1,32 @@
+/*
+ * Generated by util/mkerr.pl DO NOT EDIT
+ * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the OpenSSL license (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef HEADER_RANDERR_H
+# define HEADER_RANDERR_H
+
+# ifdef  __cplusplus
+extern "C" {
+# endif
+int ERR_load_RAND_strings(void);
+# ifdef  __cplusplus
+}
+# endif
+
+/*
+ * RAND function codes.
+ */
+# define RAND_F_RAND_BYTES                                100
+
+/*
+ * RAND reason codes.
+ */
+# define RAND_R_PRNG_NOT_SEEDED                           100
+
+#endif
diff --git a/include/openssl/rsa.h b/include/openssl/rsa.h
index 3b56c86..f45ea2e 100644
--- a/include/openssl/rsa.h
+++ b/include/openssl/rsa.h
@@ -20,6 +20,7 @@
 # if OPENSSL_API_COMPAT < 0x10100000L
 #  include <openssl/bn.h>
 # endif
+# include <openssl/rsaerr.h>
 # ifdef  __cplusplus
 extern "C" {
 # endif
@@ -467,148 +468,8 @@ int (*RSA_meth_get_keygen(const RSA_METHOD *meth))
 int RSA_meth_set_keygen(RSA_METHOD *rsa,
                         int (*keygen) (RSA *rsa, int bits, BIGNUM *e,
                                        BN_GENCB *cb));
-
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-
 int ERR_load_RSA_strings(void);
 
-/* Error codes for the RSA functions. */
-
-/* Function codes. */
-# define RSA_F_CHECK_PADDING_MD                           140
-# define RSA_F_ENCODE_PKCS1                               146
-# define RSA_F_INT_RSA_VERIFY                             145
-# define RSA_F_OLD_RSA_PRIV_DECODE                        147
-# define RSA_F_PKEY_PSS_INIT                              165
-# define RSA_F_PKEY_RSA_CTRL                              143
-# define RSA_F_PKEY_RSA_CTRL_STR                          144
-# define RSA_F_PKEY_RSA_SIGN                              142
-# define RSA_F_PKEY_RSA_VERIFY                            149
-# define RSA_F_PKEY_RSA_VERIFYRECOVER                     141
-# define RSA_F_RSA_ALGOR_TO_MD                            156
-# define RSA_F_RSA_BUILTIN_KEYGEN                         129
-# define RSA_F_RSA_CHECK_KEY                              123
-# define RSA_F_RSA_CHECK_KEY_EX                           160
-# define RSA_F_RSA_CMS_DECRYPT                            159
-# define RSA_F_RSA_CMS_VERIFY                             158
-# define RSA_F_RSA_ITEM_VERIFY                            148
-# define RSA_F_RSA_METH_DUP                               161
-# define RSA_F_RSA_METH_NEW                               162
-# define RSA_F_RSA_METH_SET1_NAME                         163
-# define RSA_F_RSA_MGF1_TO_MD                             157
-# define RSA_F_RSA_NEW_METHOD                             106
-# define RSA_F_RSA_NULL                                   124
-# define RSA_F_RSA_NULL_PRIVATE_DECRYPT                   132
-# define RSA_F_RSA_NULL_PRIVATE_ENCRYPT                   133
-# define RSA_F_RSA_NULL_PUBLIC_DECRYPT                    134
-# define RSA_F_RSA_NULL_PUBLIC_ENCRYPT                    135
-# define RSA_F_RSA_OSSL_PRIVATE_DECRYPT                   101
-# define RSA_F_RSA_OSSL_PRIVATE_ENCRYPT                   102
-# define RSA_F_RSA_OSSL_PUBLIC_DECRYPT                    103
-# define RSA_F_RSA_OSSL_PUBLIC_ENCRYPT                    104
-# define RSA_F_RSA_PADDING_ADD_NONE                       107
-# define RSA_F_RSA_PADDING_ADD_PKCS1_OAEP                 121
-# define RSA_F_RSA_PADDING_ADD_PKCS1_OAEP_MGF1            154
-# define RSA_F_RSA_PADDING_ADD_PKCS1_PSS                  125
-# define RSA_F_RSA_PADDING_ADD_PKCS1_PSS_MGF1             152
-# define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1               108
-# define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2               109
-# define RSA_F_RSA_PADDING_ADD_SSLV23                     110
-# define RSA_F_RSA_PADDING_ADD_X931                       127
-# define RSA_F_RSA_PADDING_CHECK_NONE                     111
-# define RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP               122
-# define RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP_MGF1          153
-# define RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1             112
-# define RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2             113
-# define RSA_F_RSA_PADDING_CHECK_SSLV23                   114
-# define RSA_F_RSA_PADDING_CHECK_X931                     128
-# define RSA_F_RSA_PARAM_DECODE                           164
-# define RSA_F_RSA_PRINT                                  115
-# define RSA_F_RSA_PRINT_FP                               116
-# define RSA_F_RSA_PRIV_DECODE                            150
-# define RSA_F_RSA_PRIV_ENCODE                            138
-# define RSA_F_RSA_PSS_GET_PARAM                          151
-# define RSA_F_RSA_PSS_TO_CTX                             155
-# define RSA_F_RSA_PUB_DECODE                             139
-# define RSA_F_RSA_SETUP_BLINDING                         136
-# define RSA_F_RSA_SIGN                                   117
-# define RSA_F_RSA_SIGN_ASN1_OCTET_STRING                 118
-# define RSA_F_RSA_VERIFY                                 119
-# define RSA_F_RSA_VERIFY_ASN1_OCTET_STRING               120
-# define RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1                  126
-
-/* Reason codes. */
-# define RSA_R_ALGORITHM_MISMATCH                         100
-# define RSA_R_BAD_E_VALUE                                101
-# define RSA_R_BAD_FIXED_HEADER_DECRYPT                   102
-# define RSA_R_BAD_PAD_BYTE_COUNT                         103
-# define RSA_R_BAD_SIGNATURE                              104
-# define RSA_R_BLOCK_TYPE_IS_NOT_01                       106
-# define RSA_R_BLOCK_TYPE_IS_NOT_02                       107
-# define RSA_R_DATA_GREATER_THAN_MOD_LEN                  108
-# define RSA_R_DATA_TOO_LARGE                             109
-# define RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE                110
-# define RSA_R_DATA_TOO_LARGE_FOR_MODULUS                 132
-# define RSA_R_DATA_TOO_SMALL                             111
-# define RSA_R_DATA_TOO_SMALL_FOR_KEY_SIZE                122
-# define RSA_R_DIGEST_DOES_NOT_MATCH                      158
-# define RSA_R_DIGEST_NOT_ALLOWED                         145
-# define RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY                 112
-# define RSA_R_DMP1_NOT_CONGRUENT_TO_D                    124
-# define RSA_R_DMQ1_NOT_CONGRUENT_TO_D                    125
-# define RSA_R_D_E_NOT_CONGRUENT_TO_1                     123
-# define RSA_R_FIRST_OCTET_INVALID                        133
-# define RSA_R_ILLEGAL_OR_UNSUPPORTED_PADDING_MODE        144
-# define RSA_R_INVALID_DIGEST                             157
-# define RSA_R_INVALID_DIGEST_LENGTH                      143
-# define RSA_R_INVALID_HEADER                             137
-# define RSA_R_INVALID_LABEL                              160
-# define RSA_R_INVALID_MESSAGE_LENGTH                     131
-# define RSA_R_INVALID_MGF1_MD                            156
-# define RSA_R_INVALID_OAEP_PARAMETERS                    161
-# define RSA_R_INVALID_PADDING                            138
-# define RSA_R_INVALID_PADDING_MODE                       141
-# define RSA_R_INVALID_PSS_PARAMETERS                     149
-# define RSA_R_INVALID_PSS_SALTLEN                        146
-# define RSA_R_INVALID_SALT_LENGTH                        150
-# define RSA_R_INVALID_TRAILER                            139
-# define RSA_R_INVALID_X931_DIGEST                        142
-# define RSA_R_IQMP_NOT_INVERSE_OF_Q                      126
-# define RSA_R_KEY_SIZE_TOO_SMALL                         120
-# define RSA_R_LAST_OCTET_INVALID                         134
-# define RSA_R_MGF1_DIGEST_NOT_ALLOWED                    152
-# define RSA_R_MODULUS_TOO_LARGE                          105
-# define RSA_R_NO_PUBLIC_EXPONENT                         140
-# define RSA_R_NULL_BEFORE_BLOCK_MISSING                  113
-# define RSA_R_N_DOES_NOT_EQUAL_P_Q                       127
-# define RSA_R_OAEP_DECODING_ERROR                        121
-# define RSA_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE   148
-# define RSA_R_PADDING_CHECK_FAILED                       114
-# define RSA_R_PKCS_DECODING_ERROR                        159
-# define RSA_R_PSS_SALTLEN_TOO_SMALL                      164
-# define RSA_R_P_NOT_PRIME                                128
-# define RSA_R_Q_NOT_PRIME                                129
-# define RSA_R_RSA_OPERATIONS_NOT_SUPPORTED               130
-# define RSA_R_SLEN_CHECK_FAILED                          136
-# define RSA_R_SLEN_RECOVERY_FAILED                       135
-# define RSA_R_SSLV3_ROLLBACK_ATTACK                      115
-# define RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 116
-# define RSA_R_UNKNOWN_ALGORITHM_TYPE                     117
-# define RSA_R_UNKNOWN_DIGEST                             166
-# define RSA_R_UNKNOWN_MASK_DIGEST                        151
-# define RSA_R_UNKNOWN_PADDING_TYPE                       118
-# define RSA_R_UNSUPPORTED_ENCRYPTION_TYPE                162
-# define RSA_R_UNSUPPORTED_LABEL_SOURCE                   163
-# define RSA_R_UNSUPPORTED_MASK_ALGORITHM                 153
-# define RSA_R_UNSUPPORTED_MASK_PARAMETER                 154
-# define RSA_R_UNSUPPORTED_SIGNATURE_TYPE                 155
-# define RSA_R_VALUE_MISSING                              147
-# define RSA_R_WRONG_SIGNATURE_LENGTH                     119
-
 #  ifdef  __cplusplus
 }
 #  endif
diff --git a/include/openssl/rsaerr.h b/include/openssl/rsaerr.h
new file mode 100644
index 0000000..6e6aac2
--- /dev/null
+++ b/include/openssl/rsaerr.h
@@ -0,0 +1,157 @@
+/*
+ * Generated by util/mkerr.pl DO NOT EDIT
+ * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the OpenSSL license (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef HEADER_RSAERR_H
+# define HEADER_RSAERR_H
+
+# ifdef  __cplusplus
+extern "C" {
+# endif
+int ERR_load_RSA_strings(void);
+# ifdef  __cplusplus
+}
+# endif
+
+/*
+ * RSA function codes.
+ */
+# define RSA_F_CHECK_PADDING_MD                           140
+# define RSA_F_ENCODE_PKCS1                               146
+# define RSA_F_INT_RSA_VERIFY                             145
+# define RSA_F_OLD_RSA_PRIV_DECODE                        147
+# define RSA_F_PKEY_PSS_INIT                              165
+# define RSA_F_PKEY_RSA_CTRL                              143
+# define RSA_F_PKEY_RSA_CTRL_STR                          144
+# define RSA_F_PKEY_RSA_SIGN                              142
+# define RSA_F_PKEY_RSA_VERIFY                            149
+# define RSA_F_PKEY_RSA_VERIFYRECOVER                     141
+# define RSA_F_RSA_ALGOR_TO_MD                            156
+# define RSA_F_RSA_BUILTIN_KEYGEN                         129
+# define RSA_F_RSA_CHECK_KEY                              123
+# define RSA_F_RSA_CHECK_KEY_EX                           160
+# define RSA_F_RSA_CMS_DECRYPT                            159
+# define RSA_F_RSA_CMS_VERIFY                             158
+# define RSA_F_RSA_ITEM_VERIFY                            148
+# define RSA_F_RSA_METH_DUP                               161
+# define RSA_F_RSA_METH_NEW                               162
+# define RSA_F_RSA_METH_SET1_NAME                         163
+# define RSA_F_RSA_MGF1_TO_MD                             157
+# define RSA_F_RSA_NEW_METHOD                             106
+# define RSA_F_RSA_NULL                                   124
+# define RSA_F_RSA_NULL_PRIVATE_DECRYPT                   132
+# define RSA_F_RSA_NULL_PRIVATE_ENCRYPT                   133
+# define RSA_F_RSA_NULL_PUBLIC_DECRYPT                    134
+# define RSA_F_RSA_NULL_PUBLIC_ENCRYPT                    135
+# define RSA_F_RSA_OSSL_PRIVATE_DECRYPT                   101
+# define RSA_F_RSA_OSSL_PRIVATE_ENCRYPT                   102
+# define RSA_F_RSA_OSSL_PUBLIC_DECRYPT                    103
+# define RSA_F_RSA_OSSL_PUBLIC_ENCRYPT                    104
+# define RSA_F_RSA_PADDING_ADD_NONE                       107
+# define RSA_F_RSA_PADDING_ADD_PKCS1_OAEP                 121
+# define RSA_F_RSA_PADDING_ADD_PKCS1_OAEP_MGF1            154
+# define RSA_F_RSA_PADDING_ADD_PKCS1_PSS                  125
+# define RSA_F_RSA_PADDING_ADD_PKCS1_PSS_MGF1             152
+# define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1               108
+# define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2               109
+# define RSA_F_RSA_PADDING_ADD_SSLV23                     110
+# define RSA_F_RSA_PADDING_ADD_X931                       127
+# define RSA_F_RSA_PADDING_CHECK_NONE                     111
+# define RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP               122
+# define RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP_MGF1          153
+# define RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1             112
+# define RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2             113
+# define RSA_F_RSA_PADDING_CHECK_SSLV23                   114
+# define RSA_F_RSA_PADDING_CHECK_X931                     128
+# define RSA_F_RSA_PARAM_DECODE                           164
+# define RSA_F_RSA_PRINT                                  115
+# define RSA_F_RSA_PRINT_FP                               116
+# define RSA_F_RSA_PRIV_DECODE                            150
+# define RSA_F_RSA_PRIV_ENCODE                            138
+# define RSA_F_RSA_PSS_GET_PARAM                          151
+# define RSA_F_RSA_PSS_TO_CTX                             155
+# define RSA_F_RSA_PUB_DECODE                             139
+# define RSA_F_RSA_SETUP_BLINDING                         136
+# define RSA_F_RSA_SIGN                                   117
+# define RSA_F_RSA_SIGN_ASN1_OCTET_STRING                 118
+# define RSA_F_RSA_VERIFY                                 119
+# define RSA_F_RSA_VERIFY_ASN1_OCTET_STRING               120
+# define RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1                  126
+
+/*
+ * RSA reason codes.
+ */
+# define RSA_R_ALGORITHM_MISMATCH                         100
+# define RSA_R_BAD_E_VALUE                                101
+# define RSA_R_BAD_FIXED_HEADER_DECRYPT                   102
+# define RSA_R_BAD_PAD_BYTE_COUNT                         103
+# define RSA_R_BAD_SIGNATURE                              104
+# define RSA_R_BLOCK_TYPE_IS_NOT_01                       106
+# define RSA_R_BLOCK_TYPE_IS_NOT_02                       107
+# define RSA_R_DATA_GREATER_THAN_MOD_LEN                  108
+# define RSA_R_DATA_TOO_LARGE                             109
+# define RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE                110
+# define RSA_R_DATA_TOO_LARGE_FOR_MODULUS                 132
+# define RSA_R_DATA_TOO_SMALL                             111
+# define RSA_R_DATA_TOO_SMALL_FOR_KEY_SIZE                122
+# define RSA_R_DIGEST_DOES_NOT_MATCH                      158
+# define RSA_R_DIGEST_NOT_ALLOWED                         145
+# define RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY                 112
+# define RSA_R_DMP1_NOT_CONGRUENT_TO_D                    124
+# define RSA_R_DMQ1_NOT_CONGRUENT_TO_D                    125
+# define RSA_R_D_E_NOT_CONGRUENT_TO_1                     123
+# define RSA_R_FIRST_OCTET_INVALID                        133
+# define RSA_R_ILLEGAL_OR_UNSUPPORTED_PADDING_MODE        144
+# define RSA_R_INVALID_DIGEST                             157
+# define RSA_R_INVALID_DIGEST_LENGTH                      143
+# define RSA_R_INVALID_HEADER                             137
+# define RSA_R_INVALID_LABEL                              160
+# define RSA_R_INVALID_MESSAGE_LENGTH                     131
+# define RSA_R_INVALID_MGF1_MD                            156
+# define RSA_R_INVALID_OAEP_PARAMETERS                    161
+# define RSA_R_INVALID_PADDING                            138
+# define RSA_R_INVALID_PADDING_MODE                       141
+# define RSA_R_INVALID_PSS_PARAMETERS                     149
+# define RSA_R_INVALID_PSS_SALTLEN                        146
+# define RSA_R_INVALID_SALT_LENGTH                        150
+# define RSA_R_INVALID_TRAILER                            139
+# define RSA_R_INVALID_X931_DIGEST                        142
+# define RSA_R_IQMP_NOT_INVERSE_OF_Q                      126
+# define RSA_R_KEY_SIZE_TOO_SMALL                         120
+# define RSA_R_LAST_OCTET_INVALID                         134
+# define RSA_R_MGF1_DIGEST_NOT_ALLOWED                    152
+# define RSA_R_MODULUS_TOO_LARGE                          105
+# define RSA_R_NO_PUBLIC_EXPONENT                         140
+# define RSA_R_NULL_BEFORE_BLOCK_MISSING                  113
+# define RSA_R_N_DOES_NOT_EQUAL_P_Q                       127
+# define RSA_R_OAEP_DECODING_ERROR                        121
+# define RSA_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE   148
+# define RSA_R_PADDING_CHECK_FAILED                       114
+# define RSA_R_PKCS_DECODING_ERROR                        159
+# define RSA_R_PSS_SALTLEN_TOO_SMALL                      164
+# define RSA_R_P_NOT_PRIME                                128
+# define RSA_R_Q_NOT_PRIME                                129
+# define RSA_R_RSA_OPERATIONS_NOT_SUPPORTED               130
+# define RSA_R_SLEN_CHECK_FAILED                          136
+# define RSA_R_SLEN_RECOVERY_FAILED                       135
+# define RSA_R_SSLV3_ROLLBACK_ATTACK                      115
+# define RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 116
+# define RSA_R_UNKNOWN_ALGORITHM_TYPE                     117
+# define RSA_R_UNKNOWN_DIGEST                             166
+# define RSA_R_UNKNOWN_MASK_DIGEST                        151
+# define RSA_R_UNKNOWN_PADDING_TYPE                       118
+# define RSA_R_UNSUPPORTED_ENCRYPTION_TYPE                162
+# define RSA_R_UNSUPPORTED_LABEL_SOURCE                   163
+# define RSA_R_UNSUPPORTED_MASK_ALGORITHM                 153
+# define RSA_R_UNSUPPORTED_MASK_PARAMETER                 154
+# define RSA_R_UNSUPPORTED_SIGNATURE_TYPE                 155
+# define RSA_R_VALUE_MISSING                              147
+# define RSA_R_WRONG_SIGNATURE_LENGTH                     119
+
+#endif
diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h
index 3b0ac50..4015cd2 100644
--- a/include/openssl/ssl.h
+++ b/include/openssl/ssl.h
@@ -59,6 +59,7 @@
 # include <openssl/safestack.h>
 # include <openssl/symhacks.h>
 # include <openssl/ct.h>
+# include <openssl/sslerr.h>
 
 #ifdef  __cplusplus
 extern "C" {
@@ -2227,633 +2228,8 @@ __owur const struct openssl_ssl_test_functions *SSL_test_functions(void);
 
 extern const char SSL_version_str[];
 
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-
 int ERR_load_SSL_strings(void);
 
-/* Error codes for the SSL functions. */
-
-/* Function codes. */
-# define SSL_F_ADD_CLIENT_KEY_SHARE_EXT                   438
-# define SSL_F_ADD_KEY_SHARE                              512
-# define SSL_F_BYTES_TO_CIPHER_LIST                       519
-# define SSL_F_CHECK_SUITEB_CIPHER_LIST                   331
-# define SSL_F_CREATE_SYNTHETIC_MESSAGE_HASH              539
-# define SSL_F_CT_MOVE_SCTS                               345
-# define SSL_F_CT_STRICT                                  349
-# define SSL_F_D2I_SSL_SESSION                            103
-# define SSL_F_DANE_CTX_ENABLE                            347
-# define SSL_F_DANE_MTYPE_SET                             393
-# define SSL_F_DANE_TLSA_ADD                              394
-# define SSL_F_DERIVE_SECRET_KEY_AND_IV                   514
-# define SSL_F_DO_DTLS1_WRITE                             245
-# define SSL_F_DO_SSL3_WRITE                              104
-# define SSL_F_DTLS1_BUFFER_RECORD                        247
-# define SSL_F_DTLS1_CHECK_TIMEOUT_NUM                    318
-# define SSL_F_DTLS1_HEARTBEAT                            305
-# define SSL_F_DTLS1_PREPROCESS_FRAGMENT                  288
-# define SSL_F_DTLS1_PROCESS_BUFFERED_RECORDS             424
-# define SSL_F_DTLS1_PROCESS_RECORD                       257
-# define SSL_F_DTLS1_READ_BYTES                           258
-# define SSL_F_DTLS1_READ_FAILED                          339
-# define SSL_F_DTLS1_RETRANSMIT_MESSAGE                   390
-# define SSL_F_DTLS1_WRITE_APP_DATA_BYTES                 268
-# define SSL_F_DTLS1_WRITE_BYTES                          545
-# define SSL_F_DTLSV1_LISTEN                              350
-# define SSL_F_DTLS_CONSTRUCT_CHANGE_CIPHER_SPEC          371
-# define SSL_F_DTLS_CONSTRUCT_HELLO_VERIFY_REQUEST        385
-# define SSL_F_DTLS_GET_REASSEMBLED_MESSAGE               370
-# define SSL_F_DTLS_PROCESS_HELLO_VERIFY                  386
-# define SSL_F_EARLY_DATA_COUNT_OK                        532
-# define SSL_F_FINAL_EC_PT_FORMATS                        485
-# define SSL_F_FINAL_EMS                                  486
-# define SSL_F_FINAL_KEY_SHARE                            503
-# define SSL_F_FINAL_RENEGOTIATE                          483
-# define SSL_F_FINAL_SIG_ALGS                             497
-# define SSL_F_NSS_KEYLOG_INT                             500
-# define SSL_F_OPENSSL_INIT_SSL                           342
-# define SSL_F_OSSL_STATEM_CLIENT13_READ_TRANSITION       436
-# define SSL_F_OSSL_STATEM_CLIENT_CONSTRUCT_MESSAGE       430
-# define SSL_F_OSSL_STATEM_CLIENT_READ_TRANSITION         417
-# define SSL_F_OSSL_STATEM_SERVER13_READ_TRANSITION       437
-# define SSL_F_OSSL_STATEM_SERVER_CONSTRUCT_MESSAGE       431
-# define SSL_F_OSSL_STATEM_SERVER_READ_TRANSITION         418
-# define SSL_F_PARSE_CA_NAMES                             541
-# define SSL_F_PROCESS_KEY_SHARE_EXT                      439
-# define SSL_F_READ_STATE_MACHINE                         352
-# define SSL_F_SET_CLIENT_CIPHERSUITE                     540
-# define SSL_F_SSL3_CHANGE_CIPHER_STATE                   129
-# define SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM              130
-# define SSL_F_SSL3_CTRL                                  213
-# define SSL_F_SSL3_CTX_CTRL                              133
-# define SSL_F_SSL3_DIGEST_CACHED_RECORDS                 293
-# define SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC                 292
-# define SSL_F_SSL3_FINAL_FINISH_MAC                      285
-# define SSL_F_SSL3_GENERATE_KEY_BLOCK                    238
-# define SSL_F_SSL3_GENERATE_MASTER_SECRET                388
-# define SSL_F_SSL3_GET_RECORD                            143
-# define SSL_F_SSL3_INIT_FINISHED_MAC                     397
-# define SSL_F_SSL3_OUTPUT_CERT_CHAIN                     147
-# define SSL_F_SSL3_READ_BYTES                            148
-# define SSL_F_SSL3_READ_N                                149
-# define SSL_F_SSL3_SETUP_KEY_BLOCK                       157
-# define SSL_F_SSL3_SETUP_READ_BUFFER                     156
-# define SSL_F_SSL3_SETUP_WRITE_BUFFER                    291
-# define SSL_F_SSL3_WRITE_BYTES                           158
-# define SSL_F_SSL3_WRITE_PENDING                         159
-# define SSL_F_SSL_ADD_CERT_CHAIN                         316
-# define SSL_F_SSL_ADD_CERT_TO_BUF                        319
-# define SSL_F_SSL_ADD_CERT_TO_WPACKET                    493
-# define SSL_F_SSL_ADD_CLIENTHELLO_RENEGOTIATE_EXT        298
-# define SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT                 277
-# define SSL_F_SSL_ADD_CLIENTHELLO_USE_SRTP_EXT           307
-# define SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK         215
-# define SSL_F_SSL_ADD_FILE_CERT_SUBJECTS_TO_STACK        216
-# define SSL_F_SSL_ADD_SERVERHELLO_RENEGOTIATE_EXT        299
-# define SSL_F_SSL_ADD_SERVERHELLO_TLSEXT                 278
-# define SSL_F_SSL_ADD_SERVERHELLO_USE_SRTP_EXT           308
-# define SSL_F_SSL_BAD_METHOD                             160
-# define SSL_F_SSL_BUILD_CERT_CHAIN                       332
-# define SSL_F_SSL_BYTES_TO_CIPHER_LIST                   161
-# define SSL_F_SSL_CACHE_CIPHERLIST                       520
-# define SSL_F_SSL_CERT_ADD0_CHAIN_CERT                   346
-# define SSL_F_SSL_CERT_DUP                               221
-# define SSL_F_SSL_CERT_NEW                               162
-# define SSL_F_SSL_CERT_SET0_CHAIN                        340
-# define SSL_F_SSL_CHECK_PRIVATE_KEY                      163
-# define SSL_F_SSL_CHECK_SERVERHELLO_TLSEXT               280
-# define SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG            279
-# define SSL_F_SSL_CIPHER_LIST_TO_BYTES                   425
-# define SSL_F_SSL_CIPHER_PROCESS_RULESTR                 230
-# define SSL_F_SSL_CIPHER_STRENGTH_SORT                   231
-# define SSL_F_SSL_CLEAR                                  164
-# define SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD            165
-# define SSL_F_SSL_CONF_CMD                               334
-# define SSL_F_SSL_CREATE_CIPHER_LIST                     166
-# define SSL_F_SSL_CTRL                                   232
-# define SSL_F_SSL_CTX_CHECK_PRIVATE_KEY                  168
-# define SSL_F_SSL_CTX_ENABLE_CT                          398
-# define SSL_F_SSL_CTX_MAKE_PROFILES                      309
-# define SSL_F_SSL_CTX_NEW                                169
-# define SSL_F_SSL_CTX_SET_ALPN_PROTOS                    343
-# define SSL_F_SSL_CTX_SET_CIPHER_LIST                    269
-# define SSL_F_SSL_CTX_SET_CLIENT_CERT_ENGINE             290
-# define SSL_F_SSL_CTX_SET_CT_VALIDATION_CALLBACK         396
-# define SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT             219
-# define SSL_F_SSL_CTX_SET_SSL_VERSION                    170
-# define SSL_F_SSL_CTX_USE_CERTIFICATE                    171
-# define SSL_F_SSL_CTX_USE_CERTIFICATE_ASN1               172
-# define SSL_F_SSL_CTX_USE_CERTIFICATE_FILE               173
-# define SSL_F_SSL_CTX_USE_PRIVATEKEY                     174
-# define SSL_F_SSL_CTX_USE_PRIVATEKEY_ASN1                175
-# define SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE                176
-# define SSL_F_SSL_CTX_USE_PSK_IDENTITY_HINT              272
-# define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY                  177
-# define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_ASN1             178
-# define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE             179
-# define SSL_F_SSL_CTX_USE_SERVERINFO                     336
-# define SSL_F_SSL_CTX_USE_SERVERINFO_EX                  543
-# define SSL_F_SSL_CTX_USE_SERVERINFO_FILE                337
-# define SSL_F_SSL_DANE_DUP                               403
-# define SSL_F_SSL_DANE_ENABLE                            395
-# define SSL_F_SSL_DO_CONFIG                              391
-# define SSL_F_SSL_DO_HANDSHAKE                           180
-# define SSL_F_SSL_DUP_CA_LIST                            408
-# define SSL_F_SSL_ENABLE_CT                              402
-# define SSL_F_SSL_GET_NEW_SESSION                        181
-# define SSL_F_SSL_GET_PREV_SESSION                       217
-# define SSL_F_SSL_GET_SERVER_CERT_INDEX                  322
-# define SSL_F_SSL_GET_SIGN_PKEY                          183
-# define SSL_F_SSL_INIT_WBIO_BUFFER                       184
-# define SSL_F_SSL_KEY_UPDATE                             515
-# define SSL_F_SSL_LOAD_CLIENT_CA_FILE                    185
-# define SSL_F_SSL_LOG_MASTER_SECRET                      498
-# define SSL_F_SSL_LOG_RSA_CLIENT_KEY_EXCHANGE            499
-# define SSL_F_SSL_MODULE_INIT                            392
-# define SSL_F_SSL_NEW                                    186
-# define SSL_F_SSL_PARSE_CLIENTHELLO_RENEGOTIATE_EXT      300
-# define SSL_F_SSL_PARSE_CLIENTHELLO_TLSEXT               302
-# define SSL_F_SSL_PARSE_CLIENTHELLO_USE_SRTP_EXT         310
-# define SSL_F_SSL_PARSE_SERVERHELLO_RENEGOTIATE_EXT      301
-# define SSL_F_SSL_PARSE_SERVERHELLO_TLSEXT               303
-# define SSL_F_SSL_PARSE_SERVERHELLO_USE_SRTP_EXT         311
-# define SSL_F_SSL_PEEK                                   270
-# define SSL_F_SSL_PEEK_EX                                432
-# define SSL_F_SSL_PEEK_INTERNAL                          522
-# define SSL_F_SSL_READ                                   223
-# define SSL_F_SSL_READ_EARLY_DATA                        529
-# define SSL_F_SSL_READ_EX                                434
-# define SSL_F_SSL_READ_INTERNAL                          523
-# define SSL_F_SSL_RENEGOTIATE                            516
-# define SSL_F_SSL_RENEGOTIATE_ABBREVIATED                546
-# define SSL_F_SSL_SCAN_CLIENTHELLO_TLSEXT                320
-# define SSL_F_SSL_SCAN_SERVERHELLO_TLSEXT                321
-# define SSL_F_SSL_SESSION_DUP                            348
-# define SSL_F_SSL_SESSION_NEW                            189
-# define SSL_F_SSL_SESSION_PRINT_FP                       190
-# define SSL_F_SSL_SESSION_SET1_ID                        423
-# define SSL_F_SSL_SESSION_SET1_ID_CONTEXT                312
-# define SSL_F_SSL_SET_ALPN_PROTOS                        344
-# define SSL_F_SSL_SET_CERT                               191
-# define SSL_F_SSL_SET_CIPHER_LIST                        271
-# define SSL_F_SSL_SET_CT_VALIDATION_CALLBACK             399
-# define SSL_F_SSL_SET_FD                                 192
-# define SSL_F_SSL_SET_PKEY                               193
-# define SSL_F_SSL_SET_RFD                                194
-# define SSL_F_SSL_SET_SESSION                            195
-# define SSL_F_SSL_SET_SESSION_ID_CONTEXT                 218
-# define SSL_F_SSL_SET_SESSION_TICKET_EXT                 294
-# define SSL_F_SSL_SET_WFD                                196
-# define SSL_F_SSL_SHUTDOWN                               224
-# define SSL_F_SSL_SRP_CTX_INIT                           313
-# define SSL_F_SSL_START_ASYNC_JOB                        389
-# define SSL_F_SSL_UNDEFINED_FUNCTION                     197
-# define SSL_F_SSL_UNDEFINED_VOID_FUNCTION                244
-# define SSL_F_SSL_USE_CERTIFICATE                        198
-# define SSL_F_SSL_USE_CERTIFICATE_ASN1                   199
-# define SSL_F_SSL_USE_CERTIFICATE_FILE                   200
-# define SSL_F_SSL_USE_PRIVATEKEY                         201
-# define SSL_F_SSL_USE_PRIVATEKEY_ASN1                    202
-# define SSL_F_SSL_USE_PRIVATEKEY_FILE                    203
-# define SSL_F_SSL_USE_PSK_IDENTITY_HINT                  273
-# define SSL_F_SSL_USE_RSAPRIVATEKEY                      204
-# define SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1                 205
-# define SSL_F_SSL_USE_RSAPRIVATEKEY_FILE                 206
-# define SSL_F_SSL_VALIDATE_CT                            400
-# define SSL_F_SSL_VERIFY_CERT_CHAIN                      207
-# define SSL_F_SSL_WRITE                                  208
-# define SSL_F_SSL_WRITE_EARLY_DATA                       526
-# define SSL_F_SSL_WRITE_EARLY_FINISH                     527
-# define SSL_F_SSL_WRITE_EX                               433
-# define SSL_F_SSL_WRITE_INTERNAL                         524
-# define SSL_F_STATE_MACHINE                              353
-# define SSL_F_TLS12_CHECK_PEER_SIGALG                    333
-# define SSL_F_TLS12_COPY_SIGALGS                         533
-# define SSL_F_TLS13_CHANGE_CIPHER_STATE                  440
-# define SSL_F_TLS13_SETUP_KEY_BLOCK                      441
-# define SSL_F_TLS1_CHANGE_CIPHER_STATE                   209
-# define SSL_F_TLS1_CHECK_DUPLICATE_EXTENSIONS            341
-# define SSL_F_TLS1_ENC                                   401
-# define SSL_F_TLS1_EXPORT_KEYING_MATERIAL                314
-# define SSL_F_TLS1_GET_CURVELIST                         338
-# define SSL_F_TLS1_PRF                                   284
-# define SSL_F_TLS1_SETUP_KEY_BLOCK                       211
-# define SSL_F_TLS1_SET_SERVER_SIGALGS                    335
-# define SSL_F_TLS_CHOOSE_SIGALG                          513
-# define SSL_F_TLS_CLIENT_KEY_EXCHANGE_POST_WORK          354
-# define SSL_F_TLS_COLLECT_EXTENSIONS                     435
-# define SSL_F_TLS_CONSTRUCT_CERTIFICATE_AUTHORITIES      542
-# define SSL_F_TLS_CONSTRUCT_CERTIFICATE_REQUEST          372
-# define SSL_F_TLS_CONSTRUCT_CERT_STATUS                  429
-# define SSL_F_TLS_CONSTRUCT_CERT_STATUS_BODY             494
-# define SSL_F_TLS_CONSTRUCT_CERT_VERIFY                  496
-# define SSL_F_TLS_CONSTRUCT_CHANGE_CIPHER_SPEC           427
-# define SSL_F_TLS_CONSTRUCT_CKE_DHE                      404
-# define SSL_F_TLS_CONSTRUCT_CKE_ECDHE                    405
-# define SSL_F_TLS_CONSTRUCT_CKE_GOST                     406
-# define SSL_F_TLS_CONSTRUCT_CKE_PSK_PREAMBLE             407
-# define SSL_F_TLS_CONSTRUCT_CKE_RSA                      409
-# define SSL_F_TLS_CONSTRUCT_CKE_SRP                      410
-# define SSL_F_TLS_CONSTRUCT_CLIENT_CERTIFICATE           484
-# define SSL_F_TLS_CONSTRUCT_CLIENT_HELLO                 487
-# define SSL_F_TLS_CONSTRUCT_CLIENT_KEY_EXCHANGE          488
-# define SSL_F_TLS_CONSTRUCT_CLIENT_VERIFY                489
-# define SSL_F_TLS_CONSTRUCT_CTOS_ALPN                    466
-# define SSL_F_TLS_CONSTRUCT_CTOS_CERTIFICATE             355
-# define SSL_F_TLS_CONSTRUCT_CTOS_COOKIE                  535
-# define SSL_F_TLS_CONSTRUCT_CTOS_EARLY_DATA              530
-# define SSL_F_TLS_CONSTRUCT_CTOS_EC_PT_FORMATS           467
-# define SSL_F_TLS_CONSTRUCT_CTOS_EMS                     468
-# define SSL_F_TLS_CONSTRUCT_CTOS_ETM                     469
-# define SSL_F_TLS_CONSTRUCT_CTOS_HELLO                   356
-# define SSL_F_TLS_CONSTRUCT_CTOS_KEY_EXCHANGE            357
-# define SSL_F_TLS_CONSTRUCT_CTOS_KEY_SHARE               470
-# define SSL_F_TLS_CONSTRUCT_CTOS_NPN                     471
-# define SSL_F_TLS_CONSTRUCT_CTOS_PADDING                 472
-# define SSL_F_TLS_CONSTRUCT_CTOS_PSK                     501
-# define SSL_F_TLS_CONSTRUCT_CTOS_PSK_KEX_MODES           509
-# define SSL_F_TLS_CONSTRUCT_CTOS_RENEGOTIATE             473
-# define SSL_F_TLS_CONSTRUCT_CTOS_SCT                     474
-# define SSL_F_TLS_CONSTRUCT_CTOS_SERVER_NAME             475
-# define SSL_F_TLS_CONSTRUCT_CTOS_SESSION_TICKET          476
-# define SSL_F_TLS_CONSTRUCT_CTOS_SIG_ALGS                477
-# define SSL_F_TLS_CONSTRUCT_CTOS_SRP                     478
-# define SSL_F_TLS_CONSTRUCT_CTOS_STATUS_REQUEST          479
-# define SSL_F_TLS_CONSTRUCT_CTOS_SUPPORTED_GROUPS        480
-# define SSL_F_TLS_CONSTRUCT_CTOS_SUPPORTED_VERSIONS      481
-# define SSL_F_TLS_CONSTRUCT_CTOS_USE_SRTP                482
-# define SSL_F_TLS_CONSTRUCT_CTOS_VERIFY                  358
-# define SSL_F_TLS_CONSTRUCT_ENCRYPTED_EXTENSIONS         443
-# define SSL_F_TLS_CONSTRUCT_END_OF_EARLY_DATA            536
-# define SSL_F_TLS_CONSTRUCT_EXTENSIONS                   447
-# define SSL_F_TLS_CONSTRUCT_FINISHED                     359
-# define SSL_F_TLS_CONSTRUCT_HELLO_REQUEST                373
-# define SSL_F_TLS_CONSTRUCT_HELLO_RETRY_REQUEST          510
-# define SSL_F_TLS_CONSTRUCT_KEY_UPDATE                   517
-# define SSL_F_TLS_CONSTRUCT_NEW_SESSION_TICKET           428
-# define SSL_F_TLS_CONSTRUCT_NEXT_PROTO                   426
-# define SSL_F_TLS_CONSTRUCT_SERVER_CERTIFICATE           490
-# define SSL_F_TLS_CONSTRUCT_SERVER_HELLO                 491
-# define SSL_F_TLS_CONSTRUCT_SERVER_KEY_EXCHANGE          492
-# define SSL_F_TLS_CONSTRUCT_STOC_ALPN                    451
-# define SSL_F_TLS_CONSTRUCT_STOC_CERTIFICATE             374
-# define SSL_F_TLS_CONSTRUCT_STOC_CRYPTOPRO_BUG           452
-# define SSL_F_TLS_CONSTRUCT_STOC_DONE                    375
-# define SSL_F_TLS_CONSTRUCT_STOC_EARLY_DATA              531
-# define SSL_F_TLS_CONSTRUCT_STOC_EARLY_DATA_INFO         525
-# define SSL_F_TLS_CONSTRUCT_STOC_EC_PT_FORMATS           453
-# define SSL_F_TLS_CONSTRUCT_STOC_EMS                     454
-# define SSL_F_TLS_CONSTRUCT_STOC_ETM                     455
-# define SSL_F_TLS_CONSTRUCT_STOC_HELLO                   376
-# define SSL_F_TLS_CONSTRUCT_STOC_KEY_EXCHANGE            377
-# define SSL_F_TLS_CONSTRUCT_STOC_KEY_SHARE               456
-# define SSL_F_TLS_CONSTRUCT_STOC_NEXT_PROTO_NEG          457
-# define SSL_F_TLS_CONSTRUCT_STOC_PSK                     504
-# define SSL_F_TLS_CONSTRUCT_STOC_RENEGOTIATE             458
-# define SSL_F_TLS_CONSTRUCT_STOC_SERVER_NAME             459
-# define SSL_F_TLS_CONSTRUCT_STOC_SESSION_TICKET          460
-# define SSL_F_TLS_CONSTRUCT_STOC_STATUS_REQUEST          461
-# define SSL_F_TLS_CONSTRUCT_STOC_SUPPORTED_GROUPS        544
-# define SSL_F_TLS_CONSTRUCT_STOC_USE_SRTP                462
-# define SSL_F_TLS_EARLY_POST_PROCESS_CLIENT_HELLO        521
-# define SSL_F_TLS_GET_MESSAGE_BODY                       351
-# define SSL_F_TLS_GET_MESSAGE_HEADER                     387
-# define SSL_F_TLS_PARSE_CLIENTHELLO_TLSEXT               449
-# define SSL_F_TLS_PARSE_CTOS_KEY_SHARE                   463
-# define SSL_F_TLS_PARSE_CTOS_PSK                         505
-# define SSL_F_TLS_PARSE_CTOS_RENEGOTIATE                 464
-# define SSL_F_TLS_PARSE_CTOS_USE_SRTP                    465
-# define SSL_F_TLS_PARSE_STOC_COOKIE                      534
-# define SSL_F_TLS_PARSE_STOC_EARLY_DATA                  538
-# define SSL_F_TLS_PARSE_STOC_EARLY_DATA_INFO             528
-# define SSL_F_TLS_PARSE_STOC_KEY_SHARE                   445
-# define SSL_F_TLS_PARSE_STOC_PSK                         502
-# define SSL_F_TLS_PARSE_STOC_RENEGOTIATE                 448
-# define SSL_F_TLS_PARSE_STOC_USE_SRTP                    446
-# define SSL_F_TLS_POST_PROCESS_CLIENT_HELLO              378
-# define SSL_F_TLS_POST_PROCESS_CLIENT_KEY_EXCHANGE       384
-# define SSL_F_TLS_PREPARE_CLIENT_CERTIFICATE             360
-# define SSL_F_TLS_PROCESS_CERTIFICATE_REQUEST            361
-# define SSL_F_TLS_PROCESS_CERT_STATUS                    362
-# define SSL_F_TLS_PROCESS_CERT_STATUS_BODY               495
-# define SSL_F_TLS_PROCESS_CERT_VERIFY                    379
-# define SSL_F_TLS_PROCESS_CHANGE_CIPHER_SPEC             363
-# define SSL_F_TLS_PROCESS_CKE_DHE                        411
-# define SSL_F_TLS_PROCESS_CKE_ECDHE                      412
-# define SSL_F_TLS_PROCESS_CKE_GOST                       413
-# define SSL_F_TLS_PROCESS_CKE_PSK_PREAMBLE               414
-# define SSL_F_TLS_PROCESS_CKE_RSA                        415
-# define SSL_F_TLS_PROCESS_CKE_SRP                        416
-# define SSL_F_TLS_PROCESS_CLIENT_CERTIFICATE             380
-# define SSL_F_TLS_PROCESS_CLIENT_HELLO                   381
-# define SSL_F_TLS_PROCESS_CLIENT_KEY_EXCHANGE            382
-# define SSL_F_TLS_PROCESS_ENCRYPTED_EXTENSIONS           444
-# define SSL_F_TLS_PROCESS_END_OF_EARLY_DATA              537
-# define SSL_F_TLS_PROCESS_FINISHED                       364
-# define SSL_F_TLS_PROCESS_HELLO_REQ                      507
-# define SSL_F_TLS_PROCESS_HELLO_RETRY_REQUEST            511
-# define SSL_F_TLS_PROCESS_INITIAL_SERVER_FLIGHT          442
-# define SSL_F_TLS_PROCESS_KEY_EXCHANGE                   365
-# define SSL_F_TLS_PROCESS_KEY_UPDATE                     518
-# define SSL_F_TLS_PROCESS_NEW_SESSION_TICKET             366
-# define SSL_F_TLS_PROCESS_NEXT_PROTO                     383
-# define SSL_F_TLS_PROCESS_SERVER_CERTIFICATE             367
-# define SSL_F_TLS_PROCESS_SERVER_DONE                    368
-# define SSL_F_TLS_PROCESS_SERVER_HELLO                   369
-# define SSL_F_TLS_PROCESS_SKE_DHE                        419
-# define SSL_F_TLS_PROCESS_SKE_ECDHE                      420
-# define SSL_F_TLS_PROCESS_SKE_PSK_PREAMBLE               421
-# define SSL_F_TLS_PROCESS_SKE_SRP                        422
-# define SSL_F_TLS_PSK_DO_BINDER                          506
-# define SSL_F_TLS_SCAN_CLIENTHELLO_TLSEXT                450
-# define SSL_F_TLS_SETUP_HANDSHAKE                        508
-# define SSL_F_USE_CERTIFICATE_CHAIN_FILE                 220
-
-/* Reason codes. */
-# define SSL_R_APP_DATA_IN_HANDSHAKE                      100
-# define SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT 272
-# define SSL_R_AT_LEAST_TLS_1_0_NEEDED_IN_FIPS_MODE       143
-# define SSL_R_AT_LEAST_TLS_1_2_NEEDED_IN_SUITEB_MODE     158
-# define SSL_R_BAD_CHANGE_CIPHER_SPEC                     103
-# define SSL_R_BAD_CIPHER                                 186
-# define SSL_R_BAD_DATA                                   390
-# define SSL_R_BAD_DATA_RETURNED_BY_CALLBACK              106
-# define SSL_R_BAD_DECOMPRESSION                          107
-# define SSL_R_BAD_DH_VALUE                               102
-# define SSL_R_BAD_DIGEST_LENGTH                          111
-# define SSL_R_BAD_ECC_CERT                               304
-# define SSL_R_BAD_ECPOINT                                306
-# define SSL_R_BAD_EXTENSION                              110
-# define SSL_R_BAD_HANDSHAKE_LENGTH                       332
-# define SSL_R_BAD_HELLO_REQUEST                          105
-# define SSL_R_BAD_KEY_SHARE                              108
-# define SSL_R_BAD_KEY_UPDATE                             122
-# define SSL_R_BAD_LENGTH                                 271
-# define SSL_R_BAD_PACKET_LENGTH                          115
-# define SSL_R_BAD_PROTOCOL_VERSION_NUMBER                116
-# define SSL_R_BAD_PSK_IDENTITY                           114
-# define SSL_R_BAD_RECORD_TYPE                            443
-# define SSL_R_BAD_RSA_ENCRYPT                            119
-# define SSL_R_BAD_SIGNATURE                              123
-# define SSL_R_BAD_SRP_A_LENGTH                           347
-# define SSL_R_BAD_SRP_PARAMETERS                         371
-# define SSL_R_BAD_SRTP_MKI_VALUE                         352
-# define SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST           353
-# define SSL_R_BAD_SSL_FILETYPE                           124
-# define SSL_R_BAD_VALUE                                  384
-# define SSL_R_BAD_WRITE_RETRY                            127
-# define SSL_R_BIO_NOT_SET                                128
-# define SSL_R_BLOCK_CIPHER_PAD_IS_WRONG                  129
-# define SSL_R_BN_LIB                                     130
-# define SSL_R_CANNOT_CHANGE_CIPHER                       109
-# define SSL_R_CA_DN_LENGTH_MISMATCH                      131
-# define SSL_R_CA_KEY_TOO_SMALL                           397
-# define SSL_R_CA_MD_TOO_WEAK                             398
-# define SSL_R_CCS_RECEIVED_EARLY                         133
-# define SSL_R_CERTIFICATE_VERIFY_FAILED                  134
-# define SSL_R_CERT_CB_ERROR                              377
-# define SSL_R_CERT_LENGTH_MISMATCH                       135
-# define SSL_R_CIPHER_CODE_WRONG_LENGTH                   137
-# define SSL_R_CIPHER_OR_HASH_UNAVAILABLE                 138
-# define SSL_R_CLIENTHELLO_TLSEXT                         226
-# define SSL_R_COMPRESSED_LENGTH_TOO_LONG                 140
-# define SSL_R_COMPRESSION_DISABLED                       343
-# define SSL_R_COMPRESSION_FAILURE                        141
-# define SSL_R_COMPRESSION_ID_NOT_WITHIN_PRIVATE_RANGE    307
-# define SSL_R_COMPRESSION_LIBRARY_ERROR                  142
-# define SSL_R_CONNECTION_TYPE_NOT_SET                    144
-# define SSL_R_CONTEXT_NOT_DANE_ENABLED                   167
-# define SSL_R_COOKIE_GEN_CALLBACK_FAILURE                400
-# define SSL_R_COOKIE_MISMATCH                            308
-# define SSL_R_CUSTOM_EXT_HANDLER_ALREADY_INSTALLED       206
-# define SSL_R_DANE_ALREADY_ENABLED                       172
-# define SSL_R_DANE_CANNOT_OVERRIDE_MTYPE_FULL            173
-# define SSL_R_DANE_NOT_ENABLED                           175
-# define SSL_R_DANE_TLSA_BAD_CERTIFICATE                  180
-# define SSL_R_DANE_TLSA_BAD_CERTIFICATE_USAGE            184
-# define SSL_R_DANE_TLSA_BAD_DATA_LENGTH                  189
-# define SSL_R_DANE_TLSA_BAD_DIGEST_LENGTH                192
-# define SSL_R_DANE_TLSA_BAD_MATCHING_TYPE                200
-# define SSL_R_DANE_TLSA_BAD_PUBLIC_KEY                   201
-# define SSL_R_DANE_TLSA_BAD_SELECTOR                     202
-# define SSL_R_DANE_TLSA_NULL_DATA                        203
-# define SSL_R_DATA_BETWEEN_CCS_AND_FINISHED              145
-# define SSL_R_DATA_LENGTH_TOO_LONG                       146
-# define SSL_R_DECRYPTION_FAILED                          147
-# define SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC        281
-# define SSL_R_DH_KEY_TOO_SMALL                           394
-# define SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG            148
-# define SSL_R_DIGEST_CHECK_FAILED                        149
-# define SSL_R_DTLS_MESSAGE_TOO_BIG                       334
-# define SSL_R_DUPLICATE_COMPRESSION_ID                   309
-# define SSL_R_ECC_CERT_NOT_FOR_SIGNING                   318
-# define SSL_R_ECDH_REQUIRED_FOR_SUITEB_MODE              374
-# define SSL_R_EE_KEY_TOO_SMALL                           399
-# define SSL_R_EMPTY_SRTP_PROTECTION_PROFILE_LIST         354
-# define SSL_R_ENCRYPTED_LENGTH_TOO_LONG                  150
-# define SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST              151
-# define SSL_R_ERROR_SETTING_TLSA_BASE_DOMAIN             204
-# define SSL_R_EXCEEDS_MAX_FRAGMENT_SIZE                  194
-# define SSL_R_EXCESSIVE_MESSAGE_SIZE                     152
-# define SSL_R_EXTRA_DATA_IN_MESSAGE                      153
-# define SSL_R_EXT_LENGTH_MISMATCH                        163
-# define SSL_R_FAILED_TO_INIT_ASYNC                       405
-# define SSL_R_FRAGMENTED_CLIENT_HELLO                    401
-# define SSL_R_GOT_A_FIN_BEFORE_A_CCS                     154
-# define SSL_R_HTTPS_PROXY_REQUEST                        155
-# define SSL_R_HTTP_REQUEST                               156
-# define SSL_R_ILLEGAL_POINT_COMPRESSION                  162
-# define SSL_R_ILLEGAL_SUITEB_DIGEST                      380
-# define SSL_R_INAPPROPRIATE_FALLBACK                     373
-# define SSL_R_INCONSISTENT_COMPRESSION                   340
-# define SSL_R_INCONSISTENT_EXTMS                         104
-# define SSL_R_INVALID_ALERT                              209
-# define SSL_R_INVALID_COMMAND                            280
-# define SSL_R_INVALID_COMPRESSION_ALGORITHM              341
-# define SSL_R_INVALID_CONFIGURATION_NAME                 113
-# define SSL_R_INVALID_CT_VALIDATION_TYPE                 212
-# define SSL_R_INVALID_KEY_UPDATE_TYPE                    120
-# define SSL_R_INVALID_MAX_EARLY_DATA                     174
-# define SSL_R_INVALID_NULL_CMD_NAME                      385
-# define SSL_R_INVALID_SEQUENCE_NUMBER                    402
-# define SSL_R_INVALID_SERVERINFO_DATA                    388
-# define SSL_R_INVALID_SRP_USERNAME                       357
-# define SSL_R_INVALID_STATUS_RESPONSE                    328
-# define SSL_R_INVALID_TICKET_KEYS_LENGTH                 325
-# define SSL_R_LENGTH_MISMATCH                            159
-# define SSL_R_LENGTH_TOO_LONG                            404
-# define SSL_R_LENGTH_TOO_SHORT                           160
-# define SSL_R_LIBRARY_BUG                                274
-# define SSL_R_LIBRARY_HAS_NO_CIPHERS                     161
-# define SSL_R_MISSING_DSA_SIGNING_CERT                   165
-# define SSL_R_MISSING_ECDSA_SIGNING_CERT                 381
-# define SSL_R_MISSING_RSA_CERTIFICATE                    168
-# define SSL_R_MISSING_RSA_ENCRYPTING_CERT                169
-# define SSL_R_MISSING_RSA_SIGNING_CERT                   170
-# define SSL_R_MISSING_SIGALGS_EXTENSION                  112
-# define SSL_R_MISSING_SRP_PARAM                          358
-# define SSL_R_MISSING_SUPPORTED_GROUPS_EXTENSION         214
-# define SSL_R_MISSING_TMP_DH_KEY                         171
-# define SSL_R_MISSING_TMP_ECDH_KEY                       311
-# define SSL_R_NOT_ON_RECORD_BOUNDARY                     182
-# define SSL_R_NO_CERTIFICATES_RETURNED                   176
-# define SSL_R_NO_CERTIFICATE_ASSIGNED                    177
-# define SSL_R_NO_CERTIFICATE_SET                         179
-# define SSL_R_NO_CHANGE_FOLLOWING_HRR                    205
-# define SSL_R_NO_CIPHERS_AVAILABLE                       181
-# define SSL_R_NO_CIPHERS_SPECIFIED                       183
-# define SSL_R_NO_CIPHER_MATCH                            185
-# define SSL_R_NO_CLIENT_CERT_METHOD                      331
-# define SSL_R_NO_COMPRESSION_SPECIFIED                   187
-# define SSL_R_NO_GOST_CERTIFICATE_SENT_BY_PEER           330
-# define SSL_R_NO_METHOD_SPECIFIED                        188
-# define SSL_R_NO_PEM_EXTENSIONS                          389
-# define SSL_R_NO_PRIVATE_KEY_ASSIGNED                    190
-# define SSL_R_NO_PROTOCOLS_AVAILABLE                     191
-# define SSL_R_NO_RENEGOTIATION                           339
-# define SSL_R_NO_REQUIRED_DIGEST                         324
-# define SSL_R_NO_SHARED_CIPHER                           193
-# define SSL_R_NO_SHARED_GROUPS                           410
-# define SSL_R_NO_SHARED_SIGNATURE_ALGORITHMS             376
-# define SSL_R_NO_SRTP_PROFILES                           359
-# define SSL_R_NO_SUITABLE_KEY_SHARE                      101
-# define SSL_R_NO_SUITABLE_SIGNATURE_ALGORITHM            118
-# define SSL_R_NO_VALID_SCTS                              216
-# define SSL_R_NO_VERIFY_COOKIE_CALLBACK                  403
-# define SSL_R_NULL_SSL_CTX                               195
-# define SSL_R_NULL_SSL_METHOD_PASSED                     196
-# define SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED            197
-# define SSL_R_OLD_SESSION_COMPRESSION_ALGORITHM_NOT_RETURNED 344
-# define SSL_R_PACKET_LENGTH_TOO_LONG                     198
-# define SSL_R_PARSE_TLSEXT                               227
-# define SSL_R_PATH_TOO_LONG                              270
-# define SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE          199
-# define SSL_R_PEM_NAME_BAD_PREFIX                        391
-# define SSL_R_PEM_NAME_TOO_SHORT                         392
-# define SSL_R_PIPELINE_FAILURE                           406
-# define SSL_R_PROTOCOL_IS_SHUTDOWN                       207
-# define SSL_R_PSK_IDENTITY_NOT_FOUND                     223
-# define SSL_R_PSK_NO_CLIENT_CB                           224
-# define SSL_R_PSK_NO_SERVER_CB                           225
-# define SSL_R_READ_BIO_NOT_SET                           211
-# define SSL_R_READ_TIMEOUT_EXPIRED                       312
-# define SSL_R_RECORD_LENGTH_MISMATCH                     213
-# define SSL_R_RECORD_TOO_SMALL                           298
-# define SSL_R_RENEGOTIATE_EXT_TOO_LONG                   335
-# define SSL_R_RENEGOTIATION_ENCODING_ERR                 336
-# define SSL_R_RENEGOTIATION_MISMATCH                     337
-# define SSL_R_REQUIRED_CIPHER_MISSING                    215
-# define SSL_R_REQUIRED_COMPRESSION_ALGORITHM_MISSING     342
-# define SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING           345
-# define SSL_R_SCT_VERIFICATION_FAILED                    208
-# define SSL_R_SERVERHELLO_TLSEXT                         275
-# define SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED           277
-# define SSL_R_SHUTDOWN_WHILE_IN_INIT                     407
-# define SSL_R_SIGNATURE_ALGORITHMS_ERROR                 360
-# define SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE      220
-# define SSL_R_SRP_A_CALC                                 361
-# define SSL_R_SRTP_COULD_NOT_ALLOCATE_PROFILES           362
-# define SSL_R_SRTP_PROTECTION_PROFILE_LIST_TOO_LONG      363
-# define SSL_R_SRTP_UNKNOWN_PROTECTION_PROFILE            364
-# define SSL_R_SSL3_EXT_INVALID_SERVERNAME                319
-# define SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE           320
-# define SSL_R_SSL3_SESSION_ID_TOO_LONG                   300
-# define SSL_R_SSLV3_ALERT_BAD_CERTIFICATE                1042
-# define SSL_R_SSLV3_ALERT_BAD_RECORD_MAC                 1020
-# define SSL_R_SSLV3_ALERT_CERTIFICATE_EXPIRED            1045
-# define SSL_R_SSLV3_ALERT_CERTIFICATE_REVOKED            1044
-# define SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN            1046
-# define SSL_R_SSLV3_ALERT_DECOMPRESSION_FAILURE          1030
-# define SSL_R_SSLV3_ALERT_HANDSHAKE_FAILURE              1040
-# define SSL_R_SSLV3_ALERT_ILLEGAL_PARAMETER              1047
-# define SSL_R_SSLV3_ALERT_NO_CERTIFICATE                 1041
-# define SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE             1010
-# define SSL_R_SSLV3_ALERT_UNSUPPORTED_CERTIFICATE        1043
-# define SSL_R_SSL_COMMAND_SECTION_EMPTY                  117
-# define SSL_R_SSL_COMMAND_SECTION_NOT_FOUND              125
-# define SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION         228
-# define SSL_R_SSL_HANDSHAKE_FAILURE                      229
-# define SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS                 230
-# define SSL_R_SSL_NEGATIVE_LENGTH                        372
-# define SSL_R_SSL_SECTION_EMPTY                          126
-# define SSL_R_SSL_SECTION_NOT_FOUND                      136
-# define SSL_R_SSL_SESSION_ID_CALLBACK_FAILED             301
-# define SSL_R_SSL_SESSION_ID_CONFLICT                    302
-# define SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG            273
-# define SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH              303
-# define SSL_R_SSL_SESSION_ID_TOO_LONG                    408
-# define SSL_R_SSL_SESSION_VERSION_MISMATCH               210
-# define SSL_R_STILL_IN_INIT                              121
-# define SSL_R_TLSV1_ALERT_ACCESS_DENIED                  1049
-# define SSL_R_TLSV1_ALERT_DECODE_ERROR                   1050
-# define SSL_R_TLSV1_ALERT_DECRYPTION_FAILED              1021
-# define SSL_R_TLSV1_ALERT_DECRYPT_ERROR                  1051
-# define SSL_R_TLSV1_ALERT_EXPORT_RESTRICTION             1060
-# define SSL_R_TLSV1_ALERT_INAPPROPRIATE_FALLBACK         1086
-# define SSL_R_TLSV1_ALERT_INSUFFICIENT_SECURITY          1071
-# define SSL_R_TLSV1_ALERT_INTERNAL_ERROR                 1080
-# define SSL_R_TLSV1_ALERT_NO_RENEGOTIATION               1100
-# define SSL_R_TLSV1_ALERT_PROTOCOL_VERSION               1070
-# define SSL_R_TLSV1_ALERT_RECORD_OVERFLOW                1022
-# define SSL_R_TLSV1_ALERT_UNKNOWN_CA                     1048
-# define SSL_R_TLSV1_ALERT_USER_CANCELLED                 1090
-# define SSL_R_TLSV1_BAD_CERTIFICATE_HASH_VALUE           1114
-# define SSL_R_TLSV1_BAD_CERTIFICATE_STATUS_RESPONSE      1113
-# define SSL_R_TLSV1_CERTIFICATE_UNOBTAINABLE             1111
-# define SSL_R_TLSV1_UNRECOGNIZED_NAME                    1112
-# define SSL_R_TLSV1_UNSUPPORTED_EXTENSION                1110
-# define SSL_R_TLS_HEARTBEAT_PEER_DOESNT_ACCEPT           365
-# define SSL_R_TLS_HEARTBEAT_PENDING                      366
-# define SSL_R_TLS_ILLEGAL_EXPORTER_LABEL                 367
-# define SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST             157
-# define SSL_R_TOO_MANY_KEY_UPDATES                       132
-# define SSL_R_TOO_MANY_WARN_ALERTS                       409
-# define SSL_R_TOO_MUCH_EARLY_DATA                        164
-# define SSL_R_UNABLE_TO_FIND_ECDH_PARAMETERS             314
-# define SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS       239
-# define SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES           242
-# define SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES          243
-# define SSL_R_UNEXPECTED_END_OF_EARLY_DATA               178
-# define SSL_R_UNEXPECTED_MESSAGE                         244
-# define SSL_R_UNEXPECTED_RECORD                          245
-# define SSL_R_UNINITIALIZED                              276
-# define SSL_R_UNKNOWN_ALERT_TYPE                         246
-# define SSL_R_UNKNOWN_CERTIFICATE_TYPE                   247
-# define SSL_R_UNKNOWN_CIPHER_RETURNED                    248
-# define SSL_R_UNKNOWN_CIPHER_TYPE                        249
-# define SSL_R_UNKNOWN_CMD_NAME                           386
-# define SSL_R_UNKNOWN_COMMAND                            139
-# define SSL_R_UNKNOWN_DIGEST                             368
-# define SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE                  250
-# define SSL_R_UNKNOWN_PKEY_TYPE                          251
-# define SSL_R_UNKNOWN_PROTOCOL                           252
-# define SSL_R_UNKNOWN_SSL_VERSION                        254
-# define SSL_R_UNKNOWN_STATE                              255
-# define SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED       338
-# define SSL_R_UNSOLICITED_EXTENSION                      217
-# define SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM          257
-# define SSL_R_UNSUPPORTED_ELLIPTIC_CURVE                 315
-# define SSL_R_UNSUPPORTED_PROTOCOL                       258
-# define SSL_R_UNSUPPORTED_SSL_VERSION                    259
-# define SSL_R_UNSUPPORTED_STATUS_TYPE                    329
-# define SSL_R_USE_SRTP_NOT_NEGOTIATED                    369
-# define SSL_R_VERSION_TOO_HIGH                           166
-# define SSL_R_VERSION_TOO_LOW                            396
-# define SSL_R_WRONG_CERTIFICATE_TYPE                     383
-# define SSL_R_WRONG_CIPHER_RETURNED                      261
-# define SSL_R_WRONG_CURVE                                378
-# define SSL_R_WRONG_SIGNATURE_LENGTH                     264
-# define SSL_R_WRONG_SIGNATURE_SIZE                       265
-# define SSL_R_WRONG_SIGNATURE_TYPE                       370
-# define SSL_R_WRONG_SSL_VERSION                          266
-# define SSL_R_WRONG_VERSION_NUMBER                       267
-# define SSL_R_X509_LIB                                   268
-# define SSL_R_X509_VERIFICATION_SETUP_PROBLEMS           269
-
 # ifdef  __cplusplus
 }
 # endif
diff --git a/include/openssl/sslerr.h b/include/openssl/sslerr.h
new file mode 100644
index 0000000..fdb59f4
--- /dev/null
+++ b/include/openssl/sslerr.h
@@ -0,0 +1,643 @@
+/*
+ * Generated by util/mkerr.pl DO NOT EDIT
+ * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the OpenSSL license (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef HEADER_SSLERR_H
+# define HEADER_SSLERR_H
+
+# ifdef  __cplusplus
+extern "C" {
+# endif
+int ERR_load_SSL_strings(void);
+# ifdef  __cplusplus
+}
+# endif
+
+/*
+ * SSL function codes.
+ */
+# define SSL_F_ADD_CLIENT_KEY_SHARE_EXT                   438
+# define SSL_F_ADD_KEY_SHARE                              512
+# define SSL_F_BYTES_TO_CIPHER_LIST                       519
+# define SSL_F_CHECK_SUITEB_CIPHER_LIST                   331
+# define SSL_F_CREATE_SYNTHETIC_MESSAGE_HASH              539
+# define SSL_F_CT_MOVE_SCTS                               345
+# define SSL_F_CT_STRICT                                  349
+# define SSL_F_D2I_SSL_SESSION                            103
+# define SSL_F_DANE_CTX_ENABLE                            347
+# define SSL_F_DANE_MTYPE_SET                             393
+# define SSL_F_DANE_TLSA_ADD                              394
+# define SSL_F_DERIVE_SECRET_KEY_AND_IV                   514
+# define SSL_F_DO_DTLS1_WRITE                             245
+# define SSL_F_DO_SSL3_WRITE                              104
+# define SSL_F_DTLS1_BUFFER_RECORD                        247
+# define SSL_F_DTLS1_CHECK_TIMEOUT_NUM                    318
+# define SSL_F_DTLS1_HEARTBEAT                            305
+# define SSL_F_DTLS1_PREPROCESS_FRAGMENT                  288
+# define SSL_F_DTLS1_PROCESS_BUFFERED_RECORDS             424
+# define SSL_F_DTLS1_PROCESS_RECORD                       257
+# define SSL_F_DTLS1_READ_BYTES                           258
+# define SSL_F_DTLS1_READ_FAILED                          339
+# define SSL_F_DTLS1_RETRANSMIT_MESSAGE                   390
+# define SSL_F_DTLS1_WRITE_APP_DATA_BYTES                 268
+# define SSL_F_DTLS1_WRITE_BYTES                          545
+# define SSL_F_DTLSV1_LISTEN                              350
+# define SSL_F_DTLS_CONSTRUCT_CHANGE_CIPHER_SPEC          371
+# define SSL_F_DTLS_CONSTRUCT_HELLO_VERIFY_REQUEST        385
+# define SSL_F_DTLS_GET_REASSEMBLED_MESSAGE               370
+# define SSL_F_DTLS_PROCESS_HELLO_VERIFY                  386
+# define SSL_F_EARLY_DATA_COUNT_OK                        532
+# define SSL_F_FINAL_EC_PT_FORMATS                        485
+# define SSL_F_FINAL_EMS                                  486
+# define SSL_F_FINAL_KEY_SHARE                            503
+# define SSL_F_FINAL_RENEGOTIATE                          483
+# define SSL_F_FINAL_SIG_ALGS                             497
+# define SSL_F_NSS_KEYLOG_INT                             500
+# define SSL_F_OPENSSL_INIT_SSL                           342
+# define SSL_F_OSSL_STATEM_CLIENT13_READ_TRANSITION       436
+# define SSL_F_OSSL_STATEM_CLIENT_CONSTRUCT_MESSAGE       430
+# define SSL_F_OSSL_STATEM_CLIENT_READ_TRANSITION         417
+# define SSL_F_OSSL_STATEM_SERVER13_READ_TRANSITION       437
+# define SSL_F_OSSL_STATEM_SERVER_CONSTRUCT_MESSAGE       431
+# define SSL_F_OSSL_STATEM_SERVER_READ_TRANSITION         418
+# define SSL_F_PARSE_CA_NAMES                             541
+# define SSL_F_PROCESS_KEY_SHARE_EXT                      439
+# define SSL_F_READ_STATE_MACHINE                         352
+# define SSL_F_SET_CLIENT_CIPHERSUITE                     540
+# define SSL_F_SSL3_CHANGE_CIPHER_STATE                   129
+# define SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM              130
+# define SSL_F_SSL3_CTRL                                  213
+# define SSL_F_SSL3_CTX_CTRL                              133
+# define SSL_F_SSL3_DIGEST_CACHED_RECORDS                 293
+# define SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC                 292
+# define SSL_F_SSL3_FINAL_FINISH_MAC                      285
+# define SSL_F_SSL3_GENERATE_KEY_BLOCK                    238
+# define SSL_F_SSL3_GENERATE_MASTER_SECRET                388
+# define SSL_F_SSL3_GET_RECORD                            143
+# define SSL_F_SSL3_INIT_FINISHED_MAC                     397
+# define SSL_F_SSL3_OUTPUT_CERT_CHAIN                     147
+# define SSL_F_SSL3_READ_BYTES                            148
+# define SSL_F_SSL3_READ_N                                149
+# define SSL_F_SSL3_SETUP_KEY_BLOCK                       157
+# define SSL_F_SSL3_SETUP_READ_BUFFER                     156
+# define SSL_F_SSL3_SETUP_WRITE_BUFFER                    291
+# define SSL_F_SSL3_WRITE_BYTES                           158
+# define SSL_F_SSL3_WRITE_PENDING                         159
+# define SSL_F_SSL_ADD_CERT_CHAIN                         316
+# define SSL_F_SSL_ADD_CERT_TO_BUF                        319
+# define SSL_F_SSL_ADD_CERT_TO_WPACKET                    493
+# define SSL_F_SSL_ADD_CLIENTHELLO_RENEGOTIATE_EXT        298
+# define SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT                 277
+# define SSL_F_SSL_ADD_CLIENTHELLO_USE_SRTP_EXT           307
+# define SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK         215
+# define SSL_F_SSL_ADD_FILE_CERT_SUBJECTS_TO_STACK        216
+# define SSL_F_SSL_ADD_SERVERHELLO_RENEGOTIATE_EXT        299
+# define SSL_F_SSL_ADD_SERVERHELLO_TLSEXT                 278
+# define SSL_F_SSL_ADD_SERVERHELLO_USE_SRTP_EXT           308
+# define SSL_F_SSL_BAD_METHOD                             160
+# define SSL_F_SSL_BUILD_CERT_CHAIN                       332
+# define SSL_F_SSL_BYTES_TO_CIPHER_LIST                   161
+# define SSL_F_SSL_CACHE_CIPHERLIST                       520
+# define SSL_F_SSL_CERT_ADD0_CHAIN_CERT                   346
+# define SSL_F_SSL_CERT_DUP                               221
+# define SSL_F_SSL_CERT_NEW                               162
+# define SSL_F_SSL_CERT_SET0_CHAIN                        340
+# define SSL_F_SSL_CHECK_PRIVATE_KEY                      163
+# define SSL_F_SSL_CHECK_SERVERHELLO_TLSEXT               280
+# define SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG            279
+# define SSL_F_SSL_CIPHER_LIST_TO_BYTES                   425
+# define SSL_F_SSL_CIPHER_PROCESS_RULESTR                 230
+# define SSL_F_SSL_CIPHER_STRENGTH_SORT                   231
+# define SSL_F_SSL_CLEAR                                  164
+# define SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD            165
+# define SSL_F_SSL_CONF_CMD                               334
+# define SSL_F_SSL_CREATE_CIPHER_LIST                     166
+# define SSL_F_SSL_CTRL                                   232
+# define SSL_F_SSL_CTX_CHECK_PRIVATE_KEY                  168
+# define SSL_F_SSL_CTX_ENABLE_CT                          398
+# define SSL_F_SSL_CTX_MAKE_PROFILES                      309
+# define SSL_F_SSL_CTX_NEW                                169
+# define SSL_F_SSL_CTX_SET_ALPN_PROTOS                    343
+# define SSL_F_SSL_CTX_SET_CIPHER_LIST                    269
+# define SSL_F_SSL_CTX_SET_CLIENT_CERT_ENGINE             290
+# define SSL_F_SSL_CTX_SET_CT_VALIDATION_CALLBACK         396
+# define SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT             219
+# define SSL_F_SSL_CTX_SET_SSL_VERSION                    170
+# define SSL_F_SSL_CTX_USE_CERTIFICATE                    171
+# define SSL_F_SSL_CTX_USE_CERTIFICATE_ASN1               172
+# define SSL_F_SSL_CTX_USE_CERTIFICATE_FILE               173
+# define SSL_F_SSL_CTX_USE_PRIVATEKEY                     174
+# define SSL_F_SSL_CTX_USE_PRIVATEKEY_ASN1                175
+# define SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE                176
+# define SSL_F_SSL_CTX_USE_PSK_IDENTITY_HINT              272
+# define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY                  177
+# define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_ASN1             178
+# define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE             179
+# define SSL_F_SSL_CTX_USE_SERVERINFO                     336
+# define SSL_F_SSL_CTX_USE_SERVERINFO_EX                  543
+# define SSL_F_SSL_CTX_USE_SERVERINFO_FILE                337
+# define SSL_F_SSL_DANE_DUP                               403
+# define SSL_F_SSL_DANE_ENABLE                            395
+# define SSL_F_SSL_DO_CONFIG                              391
+# define SSL_F_SSL_DO_HANDSHAKE                           180
+# define SSL_F_SSL_DUP_CA_LIST                            408
+# define SSL_F_SSL_ENABLE_CT                              402
+# define SSL_F_SSL_GET_NEW_SESSION                        181
+# define SSL_F_SSL_GET_PREV_SESSION                       217
+# define SSL_F_SSL_GET_SERVER_CERT_INDEX                  322
+# define SSL_F_SSL_GET_SIGN_PKEY                          183
+# define SSL_F_SSL_INIT_WBIO_BUFFER                       184
+# define SSL_F_SSL_KEY_UPDATE                             515
+# define SSL_F_SSL_LOAD_CLIENT_CA_FILE                    185
+# define SSL_F_SSL_LOG_MASTER_SECRET                      498
+# define SSL_F_SSL_LOG_RSA_CLIENT_KEY_EXCHANGE            499
+# define SSL_F_SSL_MODULE_INIT                            392
+# define SSL_F_SSL_NEW                                    186
+# define SSL_F_SSL_PARSE_CLIENTHELLO_RENEGOTIATE_EXT      300
+# define SSL_F_SSL_PARSE_CLIENTHELLO_TLSEXT               302
+# define SSL_F_SSL_PARSE_CLIENTHELLO_USE_SRTP_EXT         310
+# define SSL_F_SSL_PARSE_SERVERHELLO_RENEGOTIATE_EXT      301
+# define SSL_F_SSL_PARSE_SERVERHELLO_TLSEXT               303
+# define SSL_F_SSL_PARSE_SERVERHELLO_USE_SRTP_EXT         311
+# define SSL_F_SSL_PEEK                                   270
+# define SSL_F_SSL_PEEK_EX                                432
+# define SSL_F_SSL_PEEK_INTERNAL                          522
+# define SSL_F_SSL_READ                                   223
+# define SSL_F_SSL_READ_EARLY_DATA                        529
+# define SSL_F_SSL_READ_EX                                434
+# define SSL_F_SSL_READ_INTERNAL                          523
+# define SSL_F_SSL_RENEGOTIATE                            516
+# define SSL_F_SSL_RENEGOTIATE_ABBREVIATED                546
+# define SSL_F_SSL_SCAN_CLIENTHELLO_TLSEXT                320
+# define SSL_F_SSL_SCAN_SERVERHELLO_TLSEXT                321
+# define SSL_F_SSL_SESSION_DUP                            348
+# define SSL_F_SSL_SESSION_NEW                            189
+# define SSL_F_SSL_SESSION_PRINT_FP                       190
+# define SSL_F_SSL_SESSION_SET1_ID                        423
+# define SSL_F_SSL_SESSION_SET1_ID_CONTEXT                312
+# define SSL_F_SSL_SET_ALPN_PROTOS                        344
+# define SSL_F_SSL_SET_CERT                               191
+# define SSL_F_SSL_SET_CIPHER_LIST                        271
+# define SSL_F_SSL_SET_CT_VALIDATION_CALLBACK             399
+# define SSL_F_SSL_SET_FD                                 192
+# define SSL_F_SSL_SET_PKEY                               193
+# define SSL_F_SSL_SET_RFD                                194
+# define SSL_F_SSL_SET_SESSION                            195
+# define SSL_F_SSL_SET_SESSION_ID_CONTEXT                 218
+# define SSL_F_SSL_SET_SESSION_TICKET_EXT                 294
+# define SSL_F_SSL_SET_WFD                                196
+# define SSL_F_SSL_SHUTDOWN                               224
+# define SSL_F_SSL_SRP_CTX_INIT                           313
+# define SSL_F_SSL_START_ASYNC_JOB                        389
+# define SSL_F_SSL_UNDEFINED_FUNCTION                     197
+# define SSL_F_SSL_UNDEFINED_VOID_FUNCTION                244
+# define SSL_F_SSL_USE_CERTIFICATE                        198
+# define SSL_F_SSL_USE_CERTIFICATE_ASN1                   199
+# define SSL_F_SSL_USE_CERTIFICATE_FILE                   200
+# define SSL_F_SSL_USE_PRIVATEKEY                         201
+# define SSL_F_SSL_USE_PRIVATEKEY_ASN1                    202
+# define SSL_F_SSL_USE_PRIVATEKEY_FILE                    203
+# define SSL_F_SSL_USE_PSK_IDENTITY_HINT                  273
+# define SSL_F_SSL_USE_RSAPRIVATEKEY                      204
+# define SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1                 205
+# define SSL_F_SSL_USE_RSAPRIVATEKEY_FILE                 206
+# define SSL_F_SSL_VALIDATE_CT                            400
+# define SSL_F_SSL_VERIFY_CERT_CHAIN                      207
+# define SSL_F_SSL_WRITE                                  208
+# define SSL_F_SSL_WRITE_EARLY_DATA                       526
+# define SSL_F_SSL_WRITE_EARLY_FINISH                     527
+# define SSL_F_SSL_WRITE_EX                               433
+# define SSL_F_SSL_WRITE_INTERNAL                         524
+# define SSL_F_STATE_MACHINE                              353
+# define SSL_F_TLS12_CHECK_PEER_SIGALG                    333
+# define SSL_F_TLS12_COPY_SIGALGS                         533
+# define SSL_F_TLS13_CHANGE_CIPHER_STATE                  440
+# define SSL_F_TLS13_SETUP_KEY_BLOCK                      441
+# define SSL_F_TLS1_CHANGE_CIPHER_STATE                   209
+# define SSL_F_TLS1_CHECK_DUPLICATE_EXTENSIONS            341
+# define SSL_F_TLS1_ENC                                   401
+# define SSL_F_TLS1_EXPORT_KEYING_MATERIAL                314
+# define SSL_F_TLS1_GET_CURVELIST                         338
+# define SSL_F_TLS1_PRF                                   284
+# define SSL_F_TLS1_SETUP_KEY_BLOCK                       211
+# define SSL_F_TLS1_SET_SERVER_SIGALGS                    335
+# define SSL_F_TLS_CHOOSE_SIGALG                          513
+# define SSL_F_TLS_CLIENT_KEY_EXCHANGE_POST_WORK          354
+# define SSL_F_TLS_COLLECT_EXTENSIONS                     435
+# define SSL_F_TLS_CONSTRUCT_CERTIFICATE_AUTHORITIES      542
+# define SSL_F_TLS_CONSTRUCT_CERTIFICATE_REQUEST          372
+# define SSL_F_TLS_CONSTRUCT_CERT_STATUS                  429
+# define SSL_F_TLS_CONSTRUCT_CERT_STATUS_BODY             494
+# define SSL_F_TLS_CONSTRUCT_CERT_VERIFY                  496
+# define SSL_F_TLS_CONSTRUCT_CHANGE_CIPHER_SPEC           427
+# define SSL_F_TLS_CONSTRUCT_CKE_DHE                      404
+# define SSL_F_TLS_CONSTRUCT_CKE_ECDHE                    405
+# define SSL_F_TLS_CONSTRUCT_CKE_GOST                     406
+# define SSL_F_TLS_CONSTRUCT_CKE_PSK_PREAMBLE             407
+# define SSL_F_TLS_CONSTRUCT_CKE_RSA                      409
+# define SSL_F_TLS_CONSTRUCT_CKE_SRP                      410
+# define SSL_F_TLS_CONSTRUCT_CLIENT_CERTIFICATE           484
+# define SSL_F_TLS_CONSTRUCT_CLIENT_HELLO                 487
+# define SSL_F_TLS_CONSTRUCT_CLIENT_KEY_EXCHANGE          488
+# define SSL_F_TLS_CONSTRUCT_CLIENT_VERIFY                489
+# define SSL_F_TLS_CONSTRUCT_CTOS_ALPN                    466
+# define SSL_F_TLS_CONSTRUCT_CTOS_CERTIFICATE             355
+# define SSL_F_TLS_CONSTRUCT_CTOS_COOKIE                  535
+# define SSL_F_TLS_CONSTRUCT_CTOS_EARLY_DATA              530
+# define SSL_F_TLS_CONSTRUCT_CTOS_EC_PT_FORMATS           467
+# define SSL_F_TLS_CONSTRUCT_CTOS_EMS                     468
+# define SSL_F_TLS_CONSTRUCT_CTOS_ETM                     469
+# define SSL_F_TLS_CONSTRUCT_CTOS_HELLO                   356
+# define SSL_F_TLS_CONSTRUCT_CTOS_KEY_EXCHANGE            357
+# define SSL_F_TLS_CONSTRUCT_CTOS_KEY_SHARE               470
+# define SSL_F_TLS_CONSTRUCT_CTOS_NPN                     471
+# define SSL_F_TLS_CONSTRUCT_CTOS_PADDING                 472
+# define SSL_F_TLS_CONSTRUCT_CTOS_PSK                     501
+# define SSL_F_TLS_CONSTRUCT_CTOS_PSK_KEX_MODES           509
+# define SSL_F_TLS_CONSTRUCT_CTOS_RENEGOTIATE             473
+# define SSL_F_TLS_CONSTRUCT_CTOS_SCT                     474
+# define SSL_F_TLS_CONSTRUCT_CTOS_SERVER_NAME             475
+# define SSL_F_TLS_CONSTRUCT_CTOS_SESSION_TICKET          476
+# define SSL_F_TLS_CONSTRUCT_CTOS_SIG_ALGS                477
+# define SSL_F_TLS_CONSTRUCT_CTOS_SRP                     478
+# define SSL_F_TLS_CONSTRUCT_CTOS_STATUS_REQUEST          479
+# define SSL_F_TLS_CONSTRUCT_CTOS_SUPPORTED_GROUPS        480
+# define SSL_F_TLS_CONSTRUCT_CTOS_SUPPORTED_VERSIONS      481
+# define SSL_F_TLS_CONSTRUCT_CTOS_USE_SRTP                482
+# define SSL_F_TLS_CONSTRUCT_CTOS_VERIFY                  358
+# define SSL_F_TLS_CONSTRUCT_ENCRYPTED_EXTENSIONS         443
+# define SSL_F_TLS_CONSTRUCT_END_OF_EARLY_DATA            536
+# define SSL_F_TLS_CONSTRUCT_EXTENSIONS                   447
+# define SSL_F_TLS_CONSTRUCT_FINISHED                     359
+# define SSL_F_TLS_CONSTRUCT_HELLO_REQUEST                373
+# define SSL_F_TLS_CONSTRUCT_HELLO_RETRY_REQUEST          510
+# define SSL_F_TLS_CONSTRUCT_KEY_UPDATE                   517
+# define SSL_F_TLS_CONSTRUCT_NEW_SESSION_TICKET           428
+# define SSL_F_TLS_CONSTRUCT_NEXT_PROTO                   426
+# define SSL_F_TLS_CONSTRUCT_SERVER_CERTIFICATE           490
+# define SSL_F_TLS_CONSTRUCT_SERVER_HELLO                 491
+# define SSL_F_TLS_CONSTRUCT_SERVER_KEY_EXCHANGE          492
+# define SSL_F_TLS_CONSTRUCT_STOC_ALPN                    451
+# define SSL_F_TLS_CONSTRUCT_STOC_CERTIFICATE             374
+# define SSL_F_TLS_CONSTRUCT_STOC_CRYPTOPRO_BUG           452
+# define SSL_F_TLS_CONSTRUCT_STOC_DONE                    375
+# define SSL_F_TLS_CONSTRUCT_STOC_EARLY_DATA              531
+# define SSL_F_TLS_CONSTRUCT_STOC_EARLY_DATA_INFO         525
+# define SSL_F_TLS_CONSTRUCT_STOC_EC_PT_FORMATS           453
+# define SSL_F_TLS_CONSTRUCT_STOC_EMS                     454
+# define SSL_F_TLS_CONSTRUCT_STOC_ETM                     455
+# define SSL_F_TLS_CONSTRUCT_STOC_HELLO                   376
+# define SSL_F_TLS_CONSTRUCT_STOC_KEY_EXCHANGE            377
+# define SSL_F_TLS_CONSTRUCT_STOC_KEY_SHARE               456
+# define SSL_F_TLS_CONSTRUCT_STOC_NEXT_PROTO_NEG          457
+# define SSL_F_TLS_CONSTRUCT_STOC_PSK                     504
+# define SSL_F_TLS_CONSTRUCT_STOC_RENEGOTIATE             458
+# define SSL_F_TLS_CONSTRUCT_STOC_SERVER_NAME             459
+# define SSL_F_TLS_CONSTRUCT_STOC_SESSION_TICKET          460
+# define SSL_F_TLS_CONSTRUCT_STOC_STATUS_REQUEST          461
+# define SSL_F_TLS_CONSTRUCT_STOC_SUPPORTED_GROUPS        544
+# define SSL_F_TLS_CONSTRUCT_STOC_USE_SRTP                462
+# define SSL_F_TLS_EARLY_POST_PROCESS_CLIENT_HELLO        521
+# define SSL_F_TLS_GET_MESSAGE_BODY                       351
+# define SSL_F_TLS_GET_MESSAGE_HEADER                     387
+# define SSL_F_TLS_PARSE_CLIENTHELLO_TLSEXT               449
+# define SSL_F_TLS_PARSE_CTOS_KEY_SHARE                   463
+# define SSL_F_TLS_PARSE_CTOS_PSK                         505
+# define SSL_F_TLS_PARSE_CTOS_RENEGOTIATE                 464
+# define SSL_F_TLS_PARSE_CTOS_USE_SRTP                    465
+# define SSL_F_TLS_PARSE_STOC_COOKIE                      534
+# define SSL_F_TLS_PARSE_STOC_EARLY_DATA                  538
+# define SSL_F_TLS_PARSE_STOC_EARLY_DATA_INFO             528
+# define SSL_F_TLS_PARSE_STOC_KEY_SHARE                   445
+# define SSL_F_TLS_PARSE_STOC_PSK                         502
+# define SSL_F_TLS_PARSE_STOC_RENEGOTIATE                 448
+# define SSL_F_TLS_PARSE_STOC_USE_SRTP                    446
+# define SSL_F_TLS_POST_PROCESS_CLIENT_HELLO              378
+# define SSL_F_TLS_POST_PROCESS_CLIENT_KEY_EXCHANGE       384
+# define SSL_F_TLS_PREPARE_CLIENT_CERTIFICATE             360
+# define SSL_F_TLS_PROCESS_CERTIFICATE_REQUEST            361
+# define SSL_F_TLS_PROCESS_CERT_STATUS                    362
+# define SSL_F_TLS_PROCESS_CERT_STATUS_BODY               495
+# define SSL_F_TLS_PROCESS_CERT_VERIFY                    379
+# define SSL_F_TLS_PROCESS_CHANGE_CIPHER_SPEC             363
+# define SSL_F_TLS_PROCESS_CKE_DHE                        411
+# define SSL_F_TLS_PROCESS_CKE_ECDHE                      412
+# define SSL_F_TLS_PROCESS_CKE_GOST                       413
+# define SSL_F_TLS_PROCESS_CKE_PSK_PREAMBLE               414
+# define SSL_F_TLS_PROCESS_CKE_RSA                        415
+# define SSL_F_TLS_PROCESS_CKE_SRP                        416
+# define SSL_F_TLS_PROCESS_CLIENT_CERTIFICATE             380
+# define SSL_F_TLS_PROCESS_CLIENT_HELLO                   381
+# define SSL_F_TLS_PROCESS_CLIENT_KEY_EXCHANGE            382
+# define SSL_F_TLS_PROCESS_ENCRYPTED_EXTENSIONS           444
+# define SSL_F_TLS_PROCESS_END_OF_EARLY_DATA              537
+# define SSL_F_TLS_PROCESS_FINISHED                       364
+# define SSL_F_TLS_PROCESS_HELLO_REQ                      507
+# define SSL_F_TLS_PROCESS_HELLO_RETRY_REQUEST            511
+# define SSL_F_TLS_PROCESS_INITIAL_SERVER_FLIGHT          442
+# define SSL_F_TLS_PROCESS_KEY_EXCHANGE                   365
+# define SSL_F_TLS_PROCESS_KEY_UPDATE                     518
+# define SSL_F_TLS_PROCESS_NEW_SESSION_TICKET             366
+# define SSL_F_TLS_PROCESS_NEXT_PROTO                     383
+# define SSL_F_TLS_PROCESS_SERVER_CERTIFICATE             367
+# define SSL_F_TLS_PROCESS_SERVER_DONE                    368
+# define SSL_F_TLS_PROCESS_SERVER_HELLO                   369
+# define SSL_F_TLS_PROCESS_SKE_DHE                        419
+# define SSL_F_TLS_PROCESS_SKE_ECDHE                      420
+# define SSL_F_TLS_PROCESS_SKE_PSK_PREAMBLE               421
+# define SSL_F_TLS_PROCESS_SKE_SRP                        422
+# define SSL_F_TLS_PSK_DO_BINDER                          506
+# define SSL_F_TLS_SCAN_CLIENTHELLO_TLSEXT                450
+# define SSL_F_TLS_SETUP_HANDSHAKE                        508
+# define SSL_F_USE_CERTIFICATE_CHAIN_FILE                 220
+
+/*
+ * SSL reason codes.
+ */
+# define SSL_R_APP_DATA_IN_HANDSHAKE                      100
+# define SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT 272
+# define SSL_R_AT_LEAST_TLS_1_0_NEEDED_IN_FIPS_MODE       143
+# define SSL_R_AT_LEAST_TLS_1_2_NEEDED_IN_SUITEB_MODE     158
+# define SSL_R_BAD_CHANGE_CIPHER_SPEC                     103
+# define SSL_R_BAD_CIPHER                                 186
+# define SSL_R_BAD_DATA                                   390
+# define SSL_R_BAD_DATA_RETURNED_BY_CALLBACK              106
+# define SSL_R_BAD_DECOMPRESSION                          107
+# define SSL_R_BAD_DH_VALUE                               102
+# define SSL_R_BAD_DIGEST_LENGTH                          111
+# define SSL_R_BAD_ECC_CERT                               304
+# define SSL_R_BAD_ECPOINT                                306
+# define SSL_R_BAD_EXTENSION                              110
+# define SSL_R_BAD_HANDSHAKE_LENGTH                       332
+# define SSL_R_BAD_HELLO_REQUEST                          105
+# define SSL_R_BAD_KEY_SHARE                              108
+# define SSL_R_BAD_KEY_UPDATE                             122
+# define SSL_R_BAD_LENGTH                                 271
+# define SSL_R_BAD_PACKET_LENGTH                          115
+# define SSL_R_BAD_PROTOCOL_VERSION_NUMBER                116
+# define SSL_R_BAD_PSK_IDENTITY                           114
+# define SSL_R_BAD_RECORD_TYPE                            443
+# define SSL_R_BAD_RSA_ENCRYPT                            119
+# define SSL_R_BAD_SIGNATURE                              123
+# define SSL_R_BAD_SRP_A_LENGTH                           347
+# define SSL_R_BAD_SRP_PARAMETERS                         371
+# define SSL_R_BAD_SRTP_MKI_VALUE                         352
+# define SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST           353
+# define SSL_R_BAD_SSL_FILETYPE                           124
+# define SSL_R_BAD_VALUE                                  384
+# define SSL_R_BAD_WRITE_RETRY                            127
+# define SSL_R_BIO_NOT_SET                                128
+# define SSL_R_BLOCK_CIPHER_PAD_IS_WRONG                  129
+# define SSL_R_BN_LIB                                     130
+# define SSL_R_CANNOT_CHANGE_CIPHER                       109
+# define SSL_R_CA_DN_LENGTH_MISMATCH                      131
+# define SSL_R_CA_KEY_TOO_SMALL                           397
+# define SSL_R_CA_MD_TOO_WEAK                             398
+# define SSL_R_CCS_RECEIVED_EARLY                         133
+# define SSL_R_CERTIFICATE_VERIFY_FAILED                  134
+# define SSL_R_CERT_CB_ERROR                              377
+# define SSL_R_CERT_LENGTH_MISMATCH                       135
+# define SSL_R_CIPHER_CODE_WRONG_LENGTH                   137
+# define SSL_R_CIPHER_OR_HASH_UNAVAILABLE                 138
+# define SSL_R_CLIENTHELLO_TLSEXT                         226
+# define SSL_R_COMPRESSED_LENGTH_TOO_LONG                 140
+# define SSL_R_COMPRESSION_DISABLED                       343
+# define SSL_R_COMPRESSION_FAILURE                        141
+# define SSL_R_COMPRESSION_ID_NOT_WITHIN_PRIVATE_RANGE    307
+# define SSL_R_COMPRESSION_LIBRARY_ERROR                  142
+# define SSL_R_CONNECTION_TYPE_NOT_SET                    144
+# define SSL_R_CONTEXT_NOT_DANE_ENABLED                   167
+# define SSL_R_COOKIE_GEN_CALLBACK_FAILURE                400
+# define SSL_R_COOKIE_MISMATCH                            308
+# define SSL_R_CUSTOM_EXT_HANDLER_ALREADY_INSTALLED       206
+# define SSL_R_DANE_ALREADY_ENABLED                       172
+# define SSL_R_DANE_CANNOT_OVERRIDE_MTYPE_FULL            173
+# define SSL_R_DANE_NOT_ENABLED                           175
+# define SSL_R_DANE_TLSA_BAD_CERTIFICATE                  180
+# define SSL_R_DANE_TLSA_BAD_CERTIFICATE_USAGE            184
+# define SSL_R_DANE_TLSA_BAD_DATA_LENGTH                  189
+# define SSL_R_DANE_TLSA_BAD_DIGEST_LENGTH                192
+# define SSL_R_DANE_TLSA_BAD_MATCHING_TYPE                200
+# define SSL_R_DANE_TLSA_BAD_PUBLIC_KEY                   201
+# define SSL_R_DANE_TLSA_BAD_SELECTOR                     202
+# define SSL_R_DANE_TLSA_NULL_DATA                        203
+# define SSL_R_DATA_BETWEEN_CCS_AND_FINISHED              145
+# define SSL_R_DATA_LENGTH_TOO_LONG                       146
+# define SSL_R_DECRYPTION_FAILED                          147
+# define SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC        281
+# define SSL_R_DH_KEY_TOO_SMALL                           394
+# define SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG            148
+# define SSL_R_DIGEST_CHECK_FAILED                        149
+# define SSL_R_DTLS_MESSAGE_TOO_BIG                       334
+# define SSL_R_DUPLICATE_COMPRESSION_ID                   309
+# define SSL_R_ECC_CERT_NOT_FOR_SIGNING                   318
+# define SSL_R_ECDH_REQUIRED_FOR_SUITEB_MODE              374
+# define SSL_R_EE_KEY_TOO_SMALL                           399
+# define SSL_R_EMPTY_SRTP_PROTECTION_PROFILE_LIST         354
+# define SSL_R_ENCRYPTED_LENGTH_TOO_LONG                  150
+# define SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST              151
+# define SSL_R_ERROR_SETTING_TLSA_BASE_DOMAIN             204
+# define SSL_R_EXCEEDS_MAX_FRAGMENT_SIZE                  194
+# define SSL_R_EXCESSIVE_MESSAGE_SIZE                     152
+# define SSL_R_EXTRA_DATA_IN_MESSAGE                      153
+# define SSL_R_EXT_LENGTH_MISMATCH                        163
+# define SSL_R_FAILED_TO_INIT_ASYNC                       405
+# define SSL_R_FRAGMENTED_CLIENT_HELLO                    401
+# define SSL_R_GOT_A_FIN_BEFORE_A_CCS                     154
+# define SSL_R_HTTPS_PROXY_REQUEST                        155
+# define SSL_R_HTTP_REQUEST                               156
+# define SSL_R_ILLEGAL_POINT_COMPRESSION                  162
+# define SSL_R_ILLEGAL_SUITEB_DIGEST                      380
+# define SSL_R_INAPPROPRIATE_FALLBACK                     373
+# define SSL_R_INCONSISTENT_COMPRESSION                   340
+# define SSL_R_INCONSISTENT_EXTMS                         104
+# define SSL_R_INVALID_ALERT                              205
+# define SSL_R_INVALID_COMMAND                            280
+# define SSL_R_INVALID_COMPRESSION_ALGORITHM              341
+# define SSL_R_INVALID_CONFIGURATION_NAME                 113
+# define SSL_R_INVALID_CT_VALIDATION_TYPE                 212
+# define SSL_R_INVALID_KEY_UPDATE_TYPE                    120
+# define SSL_R_INVALID_MAX_EARLY_DATA                     174
+# define SSL_R_INVALID_NULL_CMD_NAME                      385
+# define SSL_R_INVALID_SEQUENCE_NUMBER                    402
+# define SSL_R_INVALID_SERVERINFO_DATA                    388
+# define SSL_R_INVALID_SRP_USERNAME                       357
+# define SSL_R_INVALID_STATUS_RESPONSE                    328
+# define SSL_R_INVALID_TICKET_KEYS_LENGTH                 325
+# define SSL_R_LENGTH_MISMATCH                            159
+# define SSL_R_LENGTH_TOO_LONG                            404
+# define SSL_R_LENGTH_TOO_SHORT                           160
+# define SSL_R_LIBRARY_BUG                                274
+# define SSL_R_LIBRARY_HAS_NO_CIPHERS                     161
+# define SSL_R_MISSING_DSA_SIGNING_CERT                   165
+# define SSL_R_MISSING_ECDSA_SIGNING_CERT                 381
+# define SSL_R_MISSING_RSA_CERTIFICATE                    168
+# define SSL_R_MISSING_RSA_ENCRYPTING_CERT                169
+# define SSL_R_MISSING_RSA_SIGNING_CERT                   170
+# define SSL_R_MISSING_SIGALGS_EXTENSION                  112
+# define SSL_R_MISSING_SRP_PARAM                          358
+# define SSL_R_MISSING_SUPPORTED_GROUPS_EXTENSION         209
+# define SSL_R_MISSING_TMP_DH_KEY                         171
+# define SSL_R_MISSING_TMP_ECDH_KEY                       311
+# define SSL_R_NOT_ON_RECORD_BOUNDARY                     182
+# define SSL_R_NO_CERTIFICATES_RETURNED                   176
+# define SSL_R_NO_CERTIFICATE_ASSIGNED                    177
+# define SSL_R_NO_CERTIFICATE_SET                         179
+# define SSL_R_NO_CHANGE_FOLLOWING_HRR                    214
+# define SSL_R_NO_CIPHERS_AVAILABLE                       181
+# define SSL_R_NO_CIPHERS_SPECIFIED                       183
+# define SSL_R_NO_CIPHER_MATCH                            185
+# define SSL_R_NO_CLIENT_CERT_METHOD                      331
+# define SSL_R_NO_COMPRESSION_SPECIFIED                   187
+# define SSL_R_NO_GOST_CERTIFICATE_SENT_BY_PEER           330
+# define SSL_R_NO_METHOD_SPECIFIED                        188
+# define SSL_R_NO_PEM_EXTENSIONS                          389
+# define SSL_R_NO_PRIVATE_KEY_ASSIGNED                    190
+# define SSL_R_NO_PROTOCOLS_AVAILABLE                     191
+# define SSL_R_NO_RENEGOTIATION                           339
+# define SSL_R_NO_REQUIRED_DIGEST                         324
+# define SSL_R_NO_SHARED_CIPHER                           193
+# define SSL_R_NO_SHARED_GROUPS                           410
+# define SSL_R_NO_SHARED_SIGNATURE_ALGORITHMS             376
+# define SSL_R_NO_SRTP_PROFILES                           359
+# define SSL_R_NO_SUITABLE_KEY_SHARE                      101
+# define SSL_R_NO_SUITABLE_SIGNATURE_ALGORITHM            118
+# define SSL_R_NO_VALID_SCTS                              216
+# define SSL_R_NO_VERIFY_COOKIE_CALLBACK                  403
+# define SSL_R_NULL_SSL_CTX                               195
+# define SSL_R_NULL_SSL_METHOD_PASSED                     196
+# define SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED            197
+# define SSL_R_OLD_SESSION_COMPRESSION_ALGORITHM_NOT_RETURNED 344
+# define SSL_R_PACKET_LENGTH_TOO_LONG                     198
+# define SSL_R_PARSE_TLSEXT                               227
+# define SSL_R_PATH_TOO_LONG                              270
+# define SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE          199
+# define SSL_R_PEM_NAME_BAD_PREFIX                        391
+# define SSL_R_PEM_NAME_TOO_SHORT                         392
+# define SSL_R_PIPELINE_FAILURE                           406
+# define SSL_R_PROTOCOL_IS_SHUTDOWN                       207
+# define SSL_R_PSK_IDENTITY_NOT_FOUND                     223
+# define SSL_R_PSK_NO_CLIENT_CB                           224
+# define SSL_R_PSK_NO_SERVER_CB                           225
+# define SSL_R_READ_BIO_NOT_SET                           211
+# define SSL_R_READ_TIMEOUT_EXPIRED                       312
+# define SSL_R_RECORD_LENGTH_MISMATCH                     213
+# define SSL_R_RECORD_TOO_SMALL                           298
+# define SSL_R_RENEGOTIATE_EXT_TOO_LONG                   335
+# define SSL_R_RENEGOTIATION_ENCODING_ERR                 336
+# define SSL_R_RENEGOTIATION_MISMATCH                     337
+# define SSL_R_REQUIRED_CIPHER_MISSING                    215
+# define SSL_R_REQUIRED_COMPRESSION_ALGORITHM_MISSING     342
+# define SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING           345
+# define SSL_R_SCT_VERIFICATION_FAILED                    208
+# define SSL_R_SERVERHELLO_TLSEXT                         275
+# define SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED           277
+# define SSL_R_SHUTDOWN_WHILE_IN_INIT                     407
+# define SSL_R_SIGNATURE_ALGORITHMS_ERROR                 360
+# define SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE      220
+# define SSL_R_SRP_A_CALC                                 361
+# define SSL_R_SRTP_COULD_NOT_ALLOCATE_PROFILES           362
+# define SSL_R_SRTP_PROTECTION_PROFILE_LIST_TOO_LONG      363
+# define SSL_R_SRTP_UNKNOWN_PROTECTION_PROFILE            364
+# define SSL_R_SSL3_EXT_INVALID_SERVERNAME                319
+# define SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE           320
+# define SSL_R_SSL3_SESSION_ID_TOO_LONG                   300
+# define SSL_R_SSLV3_ALERT_BAD_CERTIFICATE                1042
+# define SSL_R_SSLV3_ALERT_BAD_RECORD_MAC                 1020
+# define SSL_R_SSLV3_ALERT_CERTIFICATE_EXPIRED            1045
+# define SSL_R_SSLV3_ALERT_CERTIFICATE_REVOKED            1044
+# define SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN            1046
+# define SSL_R_SSLV3_ALERT_DECOMPRESSION_FAILURE          1030
+# define SSL_R_SSLV3_ALERT_HANDSHAKE_FAILURE              1040
+# define SSL_R_SSLV3_ALERT_ILLEGAL_PARAMETER              1047
+# define SSL_R_SSLV3_ALERT_NO_CERTIFICATE                 1041
+# define SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE             1010
+# define SSL_R_SSLV3_ALERT_UNSUPPORTED_CERTIFICATE        1043
+# define SSL_R_SSL_COMMAND_SECTION_EMPTY                  117
+# define SSL_R_SSL_COMMAND_SECTION_NOT_FOUND              125
+# define SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION         228
+# define SSL_R_SSL_HANDSHAKE_FAILURE                      229
+# define SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS                 230
+# define SSL_R_SSL_NEGATIVE_LENGTH                        372
+# define SSL_R_SSL_SECTION_EMPTY                          126
+# define SSL_R_SSL_SECTION_NOT_FOUND                      136
+# define SSL_R_SSL_SESSION_ID_CALLBACK_FAILED             301
+# define SSL_R_SSL_SESSION_ID_CONFLICT                    302
+# define SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG            273
+# define SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH              303
+# define SSL_R_SSL_SESSION_ID_TOO_LONG                    408
+# define SSL_R_SSL_SESSION_VERSION_MISMATCH               210
+# define SSL_R_STILL_IN_INIT                              121
+# define SSL_R_TLSV1_ALERT_ACCESS_DENIED                  1049
+# define SSL_R_TLSV1_ALERT_DECODE_ERROR                   1050
+# define SSL_R_TLSV1_ALERT_DECRYPTION_FAILED              1021
+# define SSL_R_TLSV1_ALERT_DECRYPT_ERROR                  1051
+# define SSL_R_TLSV1_ALERT_EXPORT_RESTRICTION             1060
+# define SSL_R_TLSV1_ALERT_INAPPROPRIATE_FALLBACK         1086
+# define SSL_R_TLSV1_ALERT_INSUFFICIENT_SECURITY          1071
+# define SSL_R_TLSV1_ALERT_INTERNAL_ERROR                 1080
+# define SSL_R_TLSV1_ALERT_NO_RENEGOTIATION               1100
+# define SSL_R_TLSV1_ALERT_PROTOCOL_VERSION               1070
+# define SSL_R_TLSV1_ALERT_RECORD_OVERFLOW                1022
+# define SSL_R_TLSV1_ALERT_UNKNOWN_CA                     1048
+# define SSL_R_TLSV1_ALERT_USER_CANCELLED                 1090
+# define SSL_R_TLSV1_BAD_CERTIFICATE_HASH_VALUE           1114
+# define SSL_R_TLSV1_BAD_CERTIFICATE_STATUS_RESPONSE      1113
+# define SSL_R_TLSV1_CERTIFICATE_UNOBTAINABLE             1111
+# define SSL_R_TLSV1_UNRECOGNIZED_NAME                    1112
+# define SSL_R_TLSV1_UNSUPPORTED_EXTENSION                1110
+# define SSL_R_TLS_HEARTBEAT_PEER_DOESNT_ACCEPT           365
+# define SSL_R_TLS_HEARTBEAT_PENDING                      366
+# define SSL_R_TLS_ILLEGAL_EXPORTER_LABEL                 367
+# define SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST             157
+# define SSL_R_TOO_MANY_KEY_UPDATES                       132
+# define SSL_R_TOO_MANY_WARN_ALERTS                       409
+# define SSL_R_TOO_MUCH_EARLY_DATA                        164
+# define SSL_R_UNABLE_TO_FIND_ECDH_PARAMETERS             314
+# define SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS       239
+# define SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES           242
+# define SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES          243
+# define SSL_R_UNEXPECTED_END_OF_EARLY_DATA               178
+# define SSL_R_UNEXPECTED_MESSAGE                         244
+# define SSL_R_UNEXPECTED_RECORD                          245
+# define SSL_R_UNINITIALIZED                              276
+# define SSL_R_UNKNOWN_ALERT_TYPE                         246
+# define SSL_R_UNKNOWN_CERTIFICATE_TYPE                   247
+# define SSL_R_UNKNOWN_CIPHER_RETURNED                    248
+# define SSL_R_UNKNOWN_CIPHER_TYPE                        249
+# define SSL_R_UNKNOWN_CMD_NAME                           386
+# define SSL_R_UNKNOWN_COMMAND                            139
+# define SSL_R_UNKNOWN_DIGEST                             368
+# define SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE                  250
+# define SSL_R_UNKNOWN_PKEY_TYPE                          251
+# define SSL_R_UNKNOWN_PROTOCOL                           252
+# define SSL_R_UNKNOWN_SSL_VERSION                        254
+# define SSL_R_UNKNOWN_STATE                              255
+# define SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED       338
+# define SSL_R_UNSOLICITED_EXTENSION                      217
+# define SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM          257
+# define SSL_R_UNSUPPORTED_ELLIPTIC_CURVE                 315
+# define SSL_R_UNSUPPORTED_PROTOCOL                       258
+# define SSL_R_UNSUPPORTED_SSL_VERSION                    259
+# define SSL_R_UNSUPPORTED_STATUS_TYPE                    329
+# define SSL_R_USE_SRTP_NOT_NEGOTIATED                    369
+# define SSL_R_VERSION_TOO_HIGH                           166
+# define SSL_R_VERSION_TOO_LOW                            396
+# define SSL_R_WRONG_CERTIFICATE_TYPE                     383
+# define SSL_R_WRONG_CIPHER_RETURNED                      261
+# define SSL_R_WRONG_CURVE                                378
+# define SSL_R_WRONG_SIGNATURE_LENGTH                     264
+# define SSL_R_WRONG_SIGNATURE_SIZE                       265
+# define SSL_R_WRONG_SIGNATURE_TYPE                       370
+# define SSL_R_WRONG_SSL_VERSION                          266
+# define SSL_R_WRONG_VERSION_NUMBER                       267
+# define SSL_R_X509_LIB                                   268
+# define SSL_R_X509_VERIFICATION_SETUP_PROBLEMS           269
+
+#endif
diff --git a/include/openssl/ts.h b/include/openssl/ts.h
index ce83410..e67e70f 100644
--- a/include/openssl/ts.h
+++ b/include/openssl/ts.h
@@ -23,6 +23,7 @@
 # include <openssl/rsa.h>
 # include <openssl/dsa.h>
 # include <openssl/dh.h>
+# include <openssl/tserr.h>
 # ifdef  __cplusplus
 extern "C" {
 # endif
@@ -551,118 +552,8 @@ int TS_CONF_set_ess_cert_id_chain(CONF *conf, const char *section,
                                   TS_RESP_CTX *ctx);
 int TS_CONF_set_ess_cert_id_digest(CONF *conf, const char *section,
                                       TS_RESP_CTX *ctx);
-
-/* -------------------------------------------------- */
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-
 int ERR_load_TS_strings(void);
 
-/* Error codes for the TS functions. */
-
-/* Function codes. */
-# define TS_F_DEF_SERIAL_CB                               110
-# define TS_F_DEF_TIME_CB                                 111
-# define TS_F_ESS_ADD_SIGNING_CERT                        112
-# define TS_F_ESS_ADD_SIGNING_CERT_V2                     147
-# define TS_F_ESS_CERT_ID_NEW_INIT                        113
-# define TS_F_ESS_CERT_ID_V2_NEW_INIT                     156
-# define TS_F_ESS_SIGNING_CERT_NEW_INIT                   114
-# define TS_F_ESS_SIGNING_CERT_V2_NEW_INIT                157
-# define TS_F_INT_TS_RESP_VERIFY_TOKEN                    149
-# define TS_F_PKCS7_TO_TS_TST_INFO                        148
-# define TS_F_TS_ACCURACY_SET_MICROS                      115
-# define TS_F_TS_ACCURACY_SET_MILLIS                      116
-# define TS_F_TS_ACCURACY_SET_SECONDS                     117
-# define TS_F_TS_CHECK_IMPRINTS                           100
-# define TS_F_TS_CHECK_NONCES                             101
-# define TS_F_TS_CHECK_POLICY                             102
-# define TS_F_TS_CHECK_SIGNING_CERTS                      103
-# define TS_F_TS_CHECK_STATUS_INFO                        104
-# define TS_F_TS_COMPUTE_IMPRINT                          145
-# define TS_F_TS_CONF_INVALID                             151
-# define TS_F_TS_CONF_LOAD_CERT                           153
-# define TS_F_TS_CONF_LOAD_CERTS                          154
-# define TS_F_TS_CONF_LOAD_KEY                            155
-# define TS_F_TS_CONF_LOOKUP_FAIL                         152
-# define TS_F_TS_CONF_SET_DEFAULT_ENGINE                  146
-# define TS_F_TS_GET_STATUS_TEXT                          105
-# define TS_F_TS_MSG_IMPRINT_SET_ALGO                     118
-# define TS_F_TS_REQ_SET_MSG_IMPRINT                      119
-# define TS_F_TS_REQ_SET_NONCE                            120
-# define TS_F_TS_REQ_SET_POLICY_ID                        121
-# define TS_F_TS_RESP_CREATE_RESPONSE                     122
-# define TS_F_TS_RESP_CREATE_TST_INFO                     123
-# define TS_F_TS_RESP_CTX_ADD_FAILURE_INFO                124
-# define TS_F_TS_RESP_CTX_ADD_MD                          125
-# define TS_F_TS_RESP_CTX_ADD_POLICY                      126
-# define TS_F_TS_RESP_CTX_NEW                             127
-# define TS_F_TS_RESP_CTX_SET_ACCURACY                    128
-# define TS_F_TS_RESP_CTX_SET_CERTS                       129
-# define TS_F_TS_RESP_CTX_SET_DEF_POLICY                  130
-# define TS_F_TS_RESP_CTX_SET_SIGNER_CERT                 131
-# define TS_F_TS_RESP_CTX_SET_STATUS_INFO                 132
-# define TS_F_TS_RESP_GET_POLICY                          133
-# define TS_F_TS_RESP_SET_GENTIME_WITH_PRECISION          134
-# define TS_F_TS_RESP_SET_STATUS_INFO                     135
-# define TS_F_TS_RESP_SET_TST_INFO                        150
-# define TS_F_TS_RESP_SIGN                                136
-# define TS_F_TS_RESP_VERIFY_SIGNATURE                    106
-# define TS_F_TS_TST_INFO_SET_ACCURACY                    137
-# define TS_F_TS_TST_INFO_SET_MSG_IMPRINT                 138
-# define TS_F_TS_TST_INFO_SET_NONCE                       139
-# define TS_F_TS_TST_INFO_SET_POLICY_ID                   140
-# define TS_F_TS_TST_INFO_SET_SERIAL                      141
-# define TS_F_TS_TST_INFO_SET_TIME                        142
-# define TS_F_TS_TST_INFO_SET_TSA                         143
-# define TS_F_TS_VERIFY                                   108
-# define TS_F_TS_VERIFY_CERT                              109
-# define TS_F_TS_VERIFY_CTX_NEW                           144
-
-/* Reason codes. */
-# define TS_R_BAD_PKCS7_TYPE                              132
-# define TS_R_BAD_TYPE                                    133
-# define TS_R_CANNOT_LOAD_CERT                            137
-# define TS_R_CANNOT_LOAD_KEY                             138
-# define TS_R_CERTIFICATE_VERIFY_ERROR                    100
-# define TS_R_COULD_NOT_SET_ENGINE                        127
-# define TS_R_COULD_NOT_SET_TIME                          115
-# define TS_R_DETACHED_CONTENT                            134
-# define TS_R_ESS_ADD_SIGNING_CERT_ERROR                  116
-# define TS_R_ESS_ADD_SIGNING_CERT_V2_ERROR               139
-# define TS_R_ESS_SIGNING_CERTIFICATE_ERROR               101
-# define TS_R_INVALID_NULL_POINTER                        102
-# define TS_R_INVALID_SIGNER_CERTIFICATE_PURPOSE          117
-# define TS_R_MESSAGE_IMPRINT_MISMATCH                    103
-# define TS_R_NONCE_MISMATCH                              104
-# define TS_R_NONCE_NOT_RETURNED                          105
-# define TS_R_NO_CONTENT                                  106
-# define TS_R_NO_TIME_STAMP_TOKEN                         107
-# define TS_R_PKCS7_ADD_SIGNATURE_ERROR                   118
-# define TS_R_PKCS7_ADD_SIGNED_ATTR_ERROR                 119
-# define TS_R_PKCS7_TO_TS_TST_INFO_FAILED                 129
-# define TS_R_POLICY_MISMATCH                             108
-# define TS_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE      120
-# define TS_R_RESPONSE_SETUP_ERROR                        121
-# define TS_R_SIGNATURE_FAILURE                           109
-# define TS_R_THERE_MUST_BE_ONE_SIGNER                    110
-# define TS_R_TIME_SYSCALL_ERROR                          122
-# define TS_R_TOKEN_NOT_PRESENT                           130
-# define TS_R_TOKEN_PRESENT                               131
-# define TS_R_TSA_NAME_MISMATCH                           111
-# define TS_R_TSA_UNTRUSTED                               112
-# define TS_R_TST_INFO_SETUP_ERROR                        123
-# define TS_R_TS_DATASIGN                                 124
-# define TS_R_UNACCEPTABLE_POLICY                         125
-# define TS_R_UNSUPPORTED_MD_ALGORITHM                    126
-# define TS_R_UNSUPPORTED_VERSION                         113
-# define TS_R_VAR_BAD_VALUE                               135
-# define TS_R_VAR_LOOKUP_FAILURE                          136
-# define TS_R_WRONG_CONTENT_TYPE                          114
-
 #  ifdef  __cplusplus
 }
 #  endif
diff --git a/include/openssl/tserr.h b/include/openssl/tserr.h
new file mode 100644
index 0000000..233438a
--- /dev/null
+++ b/include/openssl/tserr.h
@@ -0,0 +1,126 @@
+/*
+ * Generated by util/mkerr.pl DO NOT EDIT
+ * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the OpenSSL license (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef HEADER_TSERR_H
+# define HEADER_TSERR_H
+
+# ifdef  __cplusplus
+extern "C" {
+# endif
+int ERR_load_TS_strings(void);
+# ifdef  __cplusplus
+}
+# endif
+
+/*
+ * TS function codes.
+ */
+# define TS_F_DEF_SERIAL_CB                               110
+# define TS_F_DEF_TIME_CB                                 111
+# define TS_F_ESS_ADD_SIGNING_CERT                        112
+# define TS_F_ESS_ADD_SIGNING_CERT_V2                     147
+# define TS_F_ESS_CERT_ID_NEW_INIT                        113
+# define TS_F_ESS_CERT_ID_V2_NEW_INIT                     156
+# define TS_F_ESS_SIGNING_CERT_NEW_INIT                   114
+# define TS_F_ESS_SIGNING_CERT_V2_NEW_INIT                157
+# define TS_F_INT_TS_RESP_VERIFY_TOKEN                    149
+# define TS_F_PKCS7_TO_TS_TST_INFO                        148
+# define TS_F_TS_ACCURACY_SET_MICROS                      115
+# define TS_F_TS_ACCURACY_SET_MILLIS                      116
+# define TS_F_TS_ACCURACY_SET_SECONDS                     117
+# define TS_F_TS_CHECK_IMPRINTS                           100
+# define TS_F_TS_CHECK_NONCES                             101
+# define TS_F_TS_CHECK_POLICY                             102
+# define TS_F_TS_CHECK_SIGNING_CERTS                      103
+# define TS_F_TS_CHECK_STATUS_INFO                        104
+# define TS_F_TS_COMPUTE_IMPRINT                          145
+# define TS_F_TS_CONF_INVALID                             151
+# define TS_F_TS_CONF_LOAD_CERT                           153
+# define TS_F_TS_CONF_LOAD_CERTS                          154
+# define TS_F_TS_CONF_LOAD_KEY                            155
+# define TS_F_TS_CONF_LOOKUP_FAIL                         152
+# define TS_F_TS_CONF_SET_DEFAULT_ENGINE                  146
+# define TS_F_TS_GET_STATUS_TEXT                          105
+# define TS_F_TS_MSG_IMPRINT_SET_ALGO                     118
+# define TS_F_TS_REQ_SET_MSG_IMPRINT                      119
+# define TS_F_TS_REQ_SET_NONCE                            120
+# define TS_F_TS_REQ_SET_POLICY_ID                        121
+# define TS_F_TS_RESP_CREATE_RESPONSE                     122
+# define TS_F_TS_RESP_CREATE_TST_INFO                     123
+# define TS_F_TS_RESP_CTX_ADD_FAILURE_INFO                124
+# define TS_F_TS_RESP_CTX_ADD_MD                          125
+# define TS_F_TS_RESP_CTX_ADD_POLICY                      126
+# define TS_F_TS_RESP_CTX_NEW                             127
+# define TS_F_TS_RESP_CTX_SET_ACCURACY                    128
+# define TS_F_TS_RESP_CTX_SET_CERTS                       129
+# define TS_F_TS_RESP_CTX_SET_DEF_POLICY                  130
+# define TS_F_TS_RESP_CTX_SET_SIGNER_CERT                 131
+# define TS_F_TS_RESP_CTX_SET_STATUS_INFO                 132
+# define TS_F_TS_RESP_GET_POLICY                          133
+# define TS_F_TS_RESP_SET_GENTIME_WITH_PRECISION          134
+# define TS_F_TS_RESP_SET_STATUS_INFO                     135
+# define TS_F_TS_RESP_SET_TST_INFO                        150
+# define TS_F_TS_RESP_SIGN                                136
+# define TS_F_TS_RESP_VERIFY_SIGNATURE                    106
+# define TS_F_TS_TST_INFO_SET_ACCURACY                    137
+# define TS_F_TS_TST_INFO_SET_MSG_IMPRINT                 138
+# define TS_F_TS_TST_INFO_SET_NONCE                       139
+# define TS_F_TS_TST_INFO_SET_POLICY_ID                   140
+# define TS_F_TS_TST_INFO_SET_SERIAL                      141
+# define TS_F_TS_TST_INFO_SET_TIME                        142
+# define TS_F_TS_TST_INFO_SET_TSA                         143
+# define TS_F_TS_VERIFY                                   108
+# define TS_F_TS_VERIFY_CERT                              109
+# define TS_F_TS_VERIFY_CTX_NEW                           144
+
+/*
+ * TS reason codes.
+ */
+# define TS_R_BAD_PKCS7_TYPE                              132
+# define TS_R_BAD_TYPE                                    133
+# define TS_R_CANNOT_LOAD_CERT                            137
+# define TS_R_CANNOT_LOAD_KEY                             138
+# define TS_R_CERTIFICATE_VERIFY_ERROR                    100
+# define TS_R_COULD_NOT_SET_ENGINE                        127
+# define TS_R_COULD_NOT_SET_TIME                          115
+# define TS_R_DETACHED_CONTENT                            134
+# define TS_R_ESS_ADD_SIGNING_CERT_ERROR                  116
+# define TS_R_ESS_ADD_SIGNING_CERT_V2_ERROR               139
+# define TS_R_ESS_SIGNING_CERTIFICATE_ERROR               101
+# define TS_R_INVALID_NULL_POINTER                        102
+# define TS_R_INVALID_SIGNER_CERTIFICATE_PURPOSE          117
+# define TS_R_MESSAGE_IMPRINT_MISMATCH                    103
+# define TS_R_NONCE_MISMATCH                              104
+# define TS_R_NONCE_NOT_RETURNED                          105
+# define TS_R_NO_CONTENT                                  106
+# define TS_R_NO_TIME_STAMP_TOKEN                         107
+# define TS_R_PKCS7_ADD_SIGNATURE_ERROR                   118
+# define TS_R_PKCS7_ADD_SIGNED_ATTR_ERROR                 119
+# define TS_R_PKCS7_TO_TS_TST_INFO_FAILED                 129
+# define TS_R_POLICY_MISMATCH                             108
+# define TS_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE      120
+# define TS_R_RESPONSE_SETUP_ERROR                        121
+# define TS_R_SIGNATURE_FAILURE                           109
+# define TS_R_THERE_MUST_BE_ONE_SIGNER                    110
+# define TS_R_TIME_SYSCALL_ERROR                          122
+# define TS_R_TOKEN_NOT_PRESENT                           130
+# define TS_R_TOKEN_PRESENT                               131
+# define TS_R_TSA_NAME_MISMATCH                           111
+# define TS_R_TSA_UNTRUSTED                               112
+# define TS_R_TST_INFO_SETUP_ERROR                        123
+# define TS_R_TS_DATASIGN                                 124
+# define TS_R_UNACCEPTABLE_POLICY                         125
+# define TS_R_UNSUPPORTED_MD_ALGORITHM                    126
+# define TS_R_UNSUPPORTED_VERSION                         113
+# define TS_R_VAR_BAD_VALUE                               135
+# define TS_R_VAR_LOOKUP_FAILURE                          136
+# define TS_R_WRONG_CONTENT_TYPE                          114
+
+#endif
diff --git a/include/openssl/ui.h b/include/openssl/ui.h
index c770e0a..5990153 100644
--- a/include/openssl/ui.h
+++ b/include/openssl/ui.h
@@ -20,6 +20,7 @@
 #  include <openssl/safestack.h>
 #  include <openssl/pem.h>
 #  include <openssl/ossl_typ.h>
+#  include <openssl/uierr.h>
 
 #ifdef  __cplusplus
 extern "C" {
@@ -348,51 +349,8 @@ int UI_UTIL_read_pw(char *buf, char *buff, int size, const char *prompt,
                     int verify);
 UI_METHOD *UI_UTIL_wrap_read_pem_callback(pem_password_cb *cb, int rwflag);
 
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-
 int ERR_load_UI_strings(void);
 
-/* Error codes for the UI functions. */
-
-/* Function codes. */
-# define UI_F_CLOSE_CONSOLE                               115
-# define UI_F_ECHO_CONSOLE                                116
-# define UI_F_GENERAL_ALLOCATE_BOOLEAN                    108
-# define UI_F_GENERAL_ALLOCATE_PROMPT                     109
-# define UI_F_NOECHO_CONSOLE                              117
-# define UI_F_OPEN_CONSOLE                                114
-# define UI_F_UI_CREATE_METHOD                            112
-# define UI_F_UI_CTRL                                     111
-# define UI_F_UI_DUP_ERROR_STRING                         101
-# define UI_F_UI_DUP_INFO_STRING                          102
-# define UI_F_UI_DUP_INPUT_BOOLEAN                        110
-# define UI_F_UI_DUP_INPUT_STRING                         103
-# define UI_F_UI_DUP_USER_DATA                            118
-# define UI_F_UI_DUP_VERIFY_STRING                        106
-# define UI_F_UI_GET0_RESULT                              107
-# define UI_F_UI_NEW_METHOD                               104
-# define UI_F_UI_PROCESS                                  113
-# define UI_F_UI_SET_RESULT                               105
-
-/* Reason codes. */
-# define UI_R_COMMON_OK_AND_CANCEL_CHARACTERS             104
-# define UI_R_INDEX_TOO_LARGE                             102
-# define UI_R_INDEX_TOO_SMALL                             103
-# define UI_R_NO_RESULT_BUFFER                            105
-# define UI_R_PROCESSING_ERROR                            107
-# define UI_R_RESULT_TOO_LARGE                            100
-# define UI_R_RESULT_TOO_SMALL                            101
-# define UI_R_SYSASSIGN_ERROR                             109
-# define UI_R_SYSDASSGN_ERROR                             110
-# define UI_R_SYSQIOW_ERROR                               111
-# define UI_R_UNKNOWN_CONTROL_COMMAND                     106
-# define UI_R_UNKNOWN_TTYGET_ERRNO_VALUE                  108
-# define UI_R_USER_DATA_DUPLICATION_UNSUPPORTED           112
-
 #  ifdef  __cplusplus
 }
 #  endif
diff --git a/include/openssl/uierr.h b/include/openssl/uierr.h
new file mode 100644
index 0000000..3550650
--- /dev/null
+++ b/include/openssl/uierr.h
@@ -0,0 +1,61 @@
+/*
+ * Generated by util/mkerr.pl DO NOT EDIT
+ * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the OpenSSL license (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef HEADER_UIERR_H
+# define HEADER_UIERR_H
+
+# ifdef  __cplusplus
+extern "C" {
+# endif
+int ERR_load_UI_strings(void);
+# ifdef  __cplusplus
+}
+# endif
+
+/*
+ * UI function codes.
+ */
+# define UI_F_CLOSE_CONSOLE                               115
+# define UI_F_ECHO_CONSOLE                                116
+# define UI_F_GENERAL_ALLOCATE_BOOLEAN                    108
+# define UI_F_GENERAL_ALLOCATE_PROMPT                     109
+# define UI_F_NOECHO_CONSOLE                              117
+# define UI_F_OPEN_CONSOLE                                114
+# define UI_F_UI_CREATE_METHOD                            112
+# define UI_F_UI_CTRL                                     111
+# define UI_F_UI_DUP_ERROR_STRING                         101
+# define UI_F_UI_DUP_INFO_STRING                          102
+# define UI_F_UI_DUP_INPUT_BOOLEAN                        110
+# define UI_F_UI_DUP_INPUT_STRING                         103
+# define UI_F_UI_DUP_USER_DATA                            118
+# define UI_F_UI_DUP_VERIFY_STRING                        106
+# define UI_F_UI_GET0_RESULT                              107
+# define UI_F_UI_NEW_METHOD                               104
+# define UI_F_UI_PROCESS                                  113
+# define UI_F_UI_SET_RESULT                               105
+
+/*
+ * UI reason codes.
+ */
+# define UI_R_COMMON_OK_AND_CANCEL_CHARACTERS             104
+# define UI_R_INDEX_TOO_LARGE                             102
+# define UI_R_INDEX_TOO_SMALL                             103
+# define UI_R_NO_RESULT_BUFFER                            105
+# define UI_R_PROCESSING_ERROR                            107
+# define UI_R_RESULT_TOO_LARGE                            100
+# define UI_R_RESULT_TOO_SMALL                            101
+# define UI_R_SYSASSIGN_ERROR                             109
+# define UI_R_SYSDASSGN_ERROR                             110
+# define UI_R_SYSQIOW_ERROR                               111
+# define UI_R_UNKNOWN_CONTROL_COMMAND                     106
+# define UI_R_UNKNOWN_TTYGET_ERRNO_VALUE                  108
+# define UI_R_USER_DATA_DUPLICATION_UNSUPPORTED           112
+
+#endif
diff --git a/include/openssl/x509.h b/include/openssl/x509.h
index 0a692f8..7d07eb7 100644
--- a/include/openssl/x509.h
+++ b/include/openssl/x509.h
@@ -34,6 +34,7 @@
 # endif
 
 # include <openssl/sha.h>
+# include <openssl/x509err.h>
 
 #ifdef  __cplusplus
 extern "C" {
@@ -1034,108 +1035,6 @@ int X509_TRUST_get_flags(const X509_TRUST *xp);
 char *X509_TRUST_get0_name(const X509_TRUST *xp);
 int X509_TRUST_get_trust(const X509_TRUST *xp);
 
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-
-int ERR_load_X509_strings(void);
-
-/* Error codes for the X509 functions. */
-
-/* Function codes. */
-# define X509_F_ADD_CERT_DIR                              100
-# define X509_F_BUILD_CHAIN                               106
-# define X509_F_BY_FILE_CTRL                              101
-# define X509_F_CHECK_NAME_CONSTRAINTS                    149
-# define X509_F_CHECK_POLICY                              145
-# define X509_F_DANE_I2D                                  107
-# define X509_F_DIR_CTRL                                  102
-# define X509_F_GET_CERT_BY_SUBJECT                       103
-# define X509_F_NETSCAPE_SPKI_B64_DECODE                  129
-# define X509_F_NETSCAPE_SPKI_B64_ENCODE                  130
-# define X509_F_X509AT_ADD1_ATTR                          135
-# define X509_F_X509V3_ADD_EXT                            104
-# define X509_F_X509_ATTRIBUTE_CREATE_BY_NID              136
-# define X509_F_X509_ATTRIBUTE_CREATE_BY_OBJ              137
-# define X509_F_X509_ATTRIBUTE_CREATE_BY_TXT              140
-# define X509_F_X509_ATTRIBUTE_GET0_DATA                  139
-# define X509_F_X509_ATTRIBUTE_SET1_DATA                  138
-# define X509_F_X509_CHECK_PRIVATE_KEY                    128
-# define X509_F_X509_CRL_DIFF                             105
-# define X509_F_X509_CRL_PRINT_FP                         147
-# define X509_F_X509_EXTENSION_CREATE_BY_NID              108
-# define X509_F_X509_EXTENSION_CREATE_BY_OBJ              109
-# define X509_F_X509_GET_PUBKEY_PARAMETERS                110
-# define X509_F_X509_LOAD_CERT_CRL_FILE                   132
-# define X509_F_X509_LOAD_CERT_FILE                       111
-# define X509_F_X509_LOAD_CRL_FILE                        112
-# define X509_F_X509_NAME_ADD_ENTRY                       113
-# define X509_F_X509_NAME_ENTRY_CREATE_BY_NID             114
-# define X509_F_X509_NAME_ENTRY_CREATE_BY_TXT             131
-# define X509_F_X509_NAME_ENTRY_SET_OBJECT                115
-# define X509_F_X509_NAME_ONELINE                         116
-# define X509_F_X509_NAME_PRINT                           117
-# define X509_F_X509_OBJECT_NEW                           150
-# define X509_F_X509_PRINT_EX_FP                          118
-# define X509_F_X509_PUBKEY_DECODE                        148
-# define X509_F_X509_PUBKEY_GET0                          119
-# define X509_F_X509_PUBKEY_SET                           120
-# define X509_F_X509_REQ_CHECK_PRIVATE_KEY                144
-# define X509_F_X509_REQ_PRINT_EX                         121
-# define X509_F_X509_REQ_PRINT_FP                         122
-# define X509_F_X509_REQ_TO_X509                          123
-# define X509_F_X509_STORE_ADD_CERT                       124
-# define X509_F_X509_STORE_ADD_CRL                        125
-# define X509_F_X509_STORE_CTX_GET1_ISSUER                146
-# define X509_F_X509_STORE_CTX_INIT                       143
-# define X509_F_X509_STORE_CTX_NEW                        142
-# define X509_F_X509_STORE_CTX_PURPOSE_INHERIT            134
-# define X509_F_X509_TO_X509_REQ                          126
-# define X509_F_X509_TRUST_ADD                            133
-# define X509_F_X509_TRUST_SET                            141
-# define X509_F_X509_VERIFY_CERT                          127
-
-/* Reason codes. */
-# define X509_R_AKID_MISMATCH                             110
-# define X509_R_BAD_SELECTOR                              133
-# define X509_R_BAD_X509_FILETYPE                         100
-# define X509_R_BASE64_DECODE_ERROR                       118
-# define X509_R_CANT_CHECK_DH_KEY                         114
-# define X509_R_CERT_ALREADY_IN_HASH_TABLE                101
-# define X509_R_CRL_ALREADY_DELTA                         127
-# define X509_R_CRL_VERIFY_FAILURE                        131
-# define X509_R_IDP_MISMATCH                              128
-# define X509_R_INVALID_DIRECTORY                         113
-# define X509_R_INVALID_FIELD_NAME                        119
-# define X509_R_INVALID_TRUST                             123
-# define X509_R_ISSUER_MISMATCH                           129
-# define X509_R_KEY_TYPE_MISMATCH                         115
-# define X509_R_KEY_VALUES_MISMATCH                       116
-# define X509_R_LOADING_CERT_DIR                          103
-# define X509_R_LOADING_DEFAULTS                          104
-# define X509_R_METHOD_NOT_SUPPORTED                      124
-# define X509_R_NAME_TOO_LONG                             134
-# define X509_R_NEWER_CRL_NOT_NEWER                       132
-# define X509_R_NO_CERTIFICATE_FOUND                      135
-# define X509_R_NO_CERTIFICATE_OR_CRL_FOUND               136
-# define X509_R_NO_CERT_SET_FOR_US_TO_VERIFY              105
-# define X509_R_NO_CRL_FOUND                              137
-# define X509_R_NO_CRL_NUMBER                             130
-# define X509_R_PUBLIC_KEY_DECODE_ERROR                   125
-# define X509_R_PUBLIC_KEY_ENCODE_ERROR                   126
-# define X509_R_SHOULD_RETRY                              106
-# define X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN        107
-# define X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY            108
-# define X509_R_UNKNOWN_KEY_TYPE                          117
-# define X509_R_UNKNOWN_NID                               109
-# define X509_R_UNKNOWN_PURPOSE_ID                        121
-# define X509_R_UNKNOWN_TRUST_ID                          120
-# define X509_R_UNSUPPORTED_ALGORITHM                     111
-# define X509_R_WRONG_LOOKUP_TYPE                         112
-# define X509_R_WRONG_TYPE                                122
-
 # ifdef  __cplusplus
 }
 # endif
diff --git a/include/openssl/x509err.h b/include/openssl/x509err.h
new file mode 100644
index 0000000..4b57c3d
--- /dev/null
+++ b/include/openssl/x509err.h
@@ -0,0 +1,118 @@
+/*
+ * Generated by util/mkerr.pl DO NOT EDIT
+ * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the OpenSSL license (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef HEADER_X509ERR_H
+# define HEADER_X509ERR_H
+
+# ifdef  __cplusplus
+extern "C" {
+# endif
+int ERR_load_X509_strings(void);
+# ifdef  __cplusplus
+}
+# endif
+
+/*
+ * X509 function codes.
+ */
+# define X509_F_ADD_CERT_DIR                              100
+# define X509_F_BUILD_CHAIN                               106
+# define X509_F_BY_FILE_CTRL                              101
+# define X509_F_CHECK_NAME_CONSTRAINTS                    149
+# define X509_F_CHECK_POLICY                              145
+# define X509_F_DANE_I2D                                  107
+# define X509_F_DIR_CTRL                                  102
+# define X509_F_GET_CERT_BY_SUBJECT                       103
+# define X509_F_NETSCAPE_SPKI_B64_DECODE                  129
+# define X509_F_NETSCAPE_SPKI_B64_ENCODE                  130
+# define X509_F_X509AT_ADD1_ATTR                          135
+# define X509_F_X509V3_ADD_EXT                            104
+# define X509_F_X509_ATTRIBUTE_CREATE_BY_NID              136
+# define X509_F_X509_ATTRIBUTE_CREATE_BY_OBJ              137
+# define X509_F_X509_ATTRIBUTE_CREATE_BY_TXT              140
+# define X509_F_X509_ATTRIBUTE_GET0_DATA                  139
+# define X509_F_X509_ATTRIBUTE_SET1_DATA                  138
+# define X509_F_X509_CHECK_PRIVATE_KEY                    128
+# define X509_F_X509_CRL_DIFF                             105
+# define X509_F_X509_CRL_PRINT_FP                         147
+# define X509_F_X509_EXTENSION_CREATE_BY_NID              108
+# define X509_F_X509_EXTENSION_CREATE_BY_OBJ              109
+# define X509_F_X509_GET_PUBKEY_PARAMETERS                110
+# define X509_F_X509_LOAD_CERT_CRL_FILE                   132
+# define X509_F_X509_LOAD_CERT_FILE                       111
+# define X509_F_X509_LOAD_CRL_FILE                        112
+# define X509_F_X509_NAME_ADD_ENTRY                       113
+# define X509_F_X509_NAME_ENTRY_CREATE_BY_NID             114
+# define X509_F_X509_NAME_ENTRY_CREATE_BY_TXT             131
+# define X509_F_X509_NAME_ENTRY_SET_OBJECT                115
+# define X509_F_X509_NAME_ONELINE                         116
+# define X509_F_X509_NAME_PRINT                           117
+# define X509_F_X509_OBJECT_NEW                           150
+# define X509_F_X509_PRINT_EX_FP                          118
+# define X509_F_X509_PUBKEY_DECODE                        148
+# define X509_F_X509_PUBKEY_GET0                          119
+# define X509_F_X509_PUBKEY_SET                           120
+# define X509_F_X509_REQ_CHECK_PRIVATE_KEY                144
+# define X509_F_X509_REQ_PRINT_EX                         121
+# define X509_F_X509_REQ_PRINT_FP                         122
+# define X509_F_X509_REQ_TO_X509                          123
+# define X509_F_X509_STORE_ADD_CERT                       124
+# define X509_F_X509_STORE_ADD_CRL                        125
+# define X509_F_X509_STORE_CTX_GET1_ISSUER                146
+# define X509_F_X509_STORE_CTX_INIT                       143
+# define X509_F_X509_STORE_CTX_NEW                        142
+# define X509_F_X509_STORE_CTX_PURPOSE_INHERIT            134
+# define X509_F_X509_TO_X509_REQ                          126
+# define X509_F_X509_TRUST_ADD                            133
+# define X509_F_X509_TRUST_SET                            141
+# define X509_F_X509_VERIFY_CERT                          127
+
+/*
+ * X509 reason codes.
+ */
+# define X509_R_AKID_MISMATCH                             110
+# define X509_R_BAD_SELECTOR                              133
+# define X509_R_BAD_X509_FILETYPE                         100
+# define X509_R_BASE64_DECODE_ERROR                       118
+# define X509_R_CANT_CHECK_DH_KEY                         114
+# define X509_R_CERT_ALREADY_IN_HASH_TABLE                101
+# define X509_R_CRL_ALREADY_DELTA                         127
+# define X509_R_CRL_VERIFY_FAILURE                        131
+# define X509_R_IDP_MISMATCH                              128
+# define X509_R_INVALID_DIRECTORY                         113
+# define X509_R_INVALID_FIELD_NAME                        119
+# define X509_R_INVALID_TRUST                             123
+# define X509_R_ISSUER_MISMATCH                           129
+# define X509_R_KEY_TYPE_MISMATCH                         115
+# define X509_R_KEY_VALUES_MISMATCH                       116
+# define X509_R_LOADING_CERT_DIR                          103
+# define X509_R_LOADING_DEFAULTS                          104
+# define X509_R_METHOD_NOT_SUPPORTED                      124
+# define X509_R_NAME_TOO_LONG                             134
+# define X509_R_NEWER_CRL_NOT_NEWER                       132
+# define X509_R_NO_CERTIFICATE_FOUND                      135
+# define X509_R_NO_CERTIFICATE_OR_CRL_FOUND               136
+# define X509_R_NO_CERT_SET_FOR_US_TO_VERIFY              105
+# define X509_R_NO_CRL_FOUND                              137
+# define X509_R_NO_CRL_NUMBER                             130
+# define X509_R_PUBLIC_KEY_DECODE_ERROR                   125
+# define X509_R_PUBLIC_KEY_ENCODE_ERROR                   126
+# define X509_R_SHOULD_RETRY                              106
+# define X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN        107
+# define X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY            108
+# define X509_R_UNKNOWN_KEY_TYPE                          117
+# define X509_R_UNKNOWN_NID                               109
+# define X509_R_UNKNOWN_PURPOSE_ID                        121
+# define X509_R_UNKNOWN_TRUST_ID                          120
+# define X509_R_UNSUPPORTED_ALGORITHM                     111
+# define X509_R_WRONG_LOOKUP_TYPE                         112
+# define X509_R_WRONG_TYPE                                122
+
+#endif
diff --git a/include/openssl/x509v3.h b/include/openssl/x509v3.h
index 7a99b63..fd1da34 100644
--- a/include/openssl/x509v3.h
+++ b/include/openssl/x509v3.h
@@ -13,6 +13,7 @@
 # include <openssl/bio.h>
 # include <openssl/x509.h>
 # include <openssl/conf.h>
+# include <openssl/x509v3err.h>
 
 #ifdef __cplusplus
 extern "C" {
@@ -862,145 +863,6 @@ int X509v3_addr_validate_resource_set(STACK_OF(X509) *chain,
 
 #endif                         /* OPENSSL_NO_RFC3779 */
 
-/* BEGIN ERROR CODES */
-/*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-
-int ERR_load_X509V3_strings(void);
-
-/* Error codes for the X509V3 functions. */
-
-/* Function codes. */
-# define X509V3_F_A2I_GENERAL_NAME                        164
-# define X509V3_F_ADDR_VALIDATE_PATH_INTERNAL             166
-# define X509V3_F_ASIDENTIFIERCHOICE_CANONIZE             161
-# define X509V3_F_ASIDENTIFIERCHOICE_IS_CANONICAL         162
-# define X509V3_F_COPY_EMAIL                              122
-# define X509V3_F_COPY_ISSUER                             123
-# define X509V3_F_DO_DIRNAME                              144
-# define X509V3_F_DO_EXT_I2D                              135
-# define X509V3_F_DO_EXT_NCONF                            151
-# define X509V3_F_GNAMES_FROM_SECTNAME                    156
-# define X509V3_F_I2S_ASN1_ENUMERATED                     121
-# define X509V3_F_I2S_ASN1_IA5STRING                      149
-# define X509V3_F_I2S_ASN1_INTEGER                        120
-# define X509V3_F_I2V_AUTHORITY_INFO_ACCESS               138
-# define X509V3_F_NOTICE_SECTION                          132
-# define X509V3_F_NREF_NOS                                133
-# define X509V3_F_POLICY_SECTION                          131
-# define X509V3_F_PROCESS_PCI_VALUE                       150
-# define X509V3_F_R2I_CERTPOL                             130
-# define X509V3_F_R2I_PCI                                 155
-# define X509V3_F_S2I_ASN1_IA5STRING                      100
-# define X509V3_F_S2I_ASN1_INTEGER                        108
-# define X509V3_F_S2I_ASN1_OCTET_STRING                   112
-# define X509V3_F_S2I_SKEY_ID                             115
-# define X509V3_F_SET_DIST_POINT_NAME                     158
-# define X509V3_F_SXNET_ADD_ID_ASC                        125
-# define X509V3_F_SXNET_ADD_ID_INTEGER                    126
-# define X509V3_F_SXNET_ADD_ID_ULONG                      127
-# define X509V3_F_SXNET_GET_ID_ASC                        128
-# define X509V3_F_SXNET_GET_ID_ULONG                      129
-# define X509V3_F_V2I_ASIDENTIFIERS                       163
-# define X509V3_F_V2I_ASN1_BIT_STRING                     101
-# define X509V3_F_V2I_AUTHORITY_INFO_ACCESS               139
-# define X509V3_F_V2I_AUTHORITY_KEYID                     119
-# define X509V3_F_V2I_BASIC_CONSTRAINTS                   102
-# define X509V3_F_V2I_CRLD                                134
-# define X509V3_F_V2I_EXTENDED_KEY_USAGE                  103
-# define X509V3_F_V2I_GENERAL_NAMES                       118
-# define X509V3_F_V2I_GENERAL_NAME_EX                     117
-# define X509V3_F_V2I_IDP                                 157
-# define X509V3_F_V2I_IPADDRBLOCKS                        159
-# define X509V3_F_V2I_ISSUER_ALT                          153
-# define X509V3_F_V2I_NAME_CONSTRAINTS                    147
-# define X509V3_F_V2I_POLICY_CONSTRAINTS                  146
-# define X509V3_F_V2I_POLICY_MAPPINGS                     145
-# define X509V3_F_V2I_SUBJECT_ALT                         154
-# define X509V3_F_V2I_TLS_FEATURE                         165
-# define X509V3_F_V3_GENERIC_EXTENSION                    116
-# define X509V3_F_X509V3_ADD1_I2D                         140
-# define X509V3_F_X509V3_ADD_VALUE                        105
-# define X509V3_F_X509V3_EXT_ADD                          104
-# define X509V3_F_X509V3_EXT_ADD_ALIAS                    106
-# define X509V3_F_X509V3_EXT_I2D                          136
-# define X509V3_F_X509V3_EXT_NCONF                        152
-# define X509V3_F_X509V3_GET_SECTION                      142
-# define X509V3_F_X509V3_GET_STRING                       143
-# define X509V3_F_X509V3_GET_VALUE_BOOL                   110
-# define X509V3_F_X509V3_PARSE_LIST                       109
-# define X509V3_F_X509_PURPOSE_ADD                        137
-# define X509V3_F_X509_PURPOSE_SET                        141
-
-/* Reason codes. */
-# define X509V3_R_BAD_IP_ADDRESS                          118
-# define X509V3_R_BAD_OBJECT                              119
-# define X509V3_R_BN_DEC2BN_ERROR                         100
-# define X509V3_R_BN_TO_ASN1_INTEGER_ERROR                101
-# define X509V3_R_DIRNAME_ERROR                           149
-# define X509V3_R_DISTPOINT_ALREADY_SET                   160
-# define X509V3_R_DUPLICATE_ZONE_ID                       133
-# define X509V3_R_ERROR_CONVERTING_ZONE                   131
-# define X509V3_R_ERROR_CREATING_EXTENSION                144
-# define X509V3_R_ERROR_IN_EXTENSION                      128
-# define X509V3_R_EXPECTED_A_SECTION_NAME                 137
-# define X509V3_R_EXTENSION_EXISTS                        145
-# define X509V3_R_EXTENSION_NAME_ERROR                    115
-# define X509V3_R_EXTENSION_NOT_FOUND                     102
-# define X509V3_R_EXTENSION_SETTING_NOT_SUPPORTED         103
-# define X509V3_R_EXTENSION_VALUE_ERROR                   116
-# define X509V3_R_ILLEGAL_EMPTY_EXTENSION                 151
-# define X509V3_R_INCORRECT_POLICY_SYNTAX_TAG             152
-# define X509V3_R_INVALID_ASNUMBER                        162
-# define X509V3_R_INVALID_ASRANGE                         163
-# define X509V3_R_INVALID_BOOLEAN_STRING                  104
-# define X509V3_R_INVALID_EXTENSION_STRING                105
-# define X509V3_R_INVALID_INHERITANCE                     165
-# define X509V3_R_INVALID_IPADDRESS                       166
-# define X509V3_R_INVALID_MULTIPLE_RDNS                   161
-# define X509V3_R_INVALID_NAME                            106
-# define X509V3_R_INVALID_NULL_ARGUMENT                   107
-# define X509V3_R_INVALID_NULL_NAME                       108
-# define X509V3_R_INVALID_NULL_VALUE                      109
-# define X509V3_R_INVALID_NUMBER                          140
-# define X509V3_R_INVALID_NUMBERS                         141
-# define X509V3_R_INVALID_OBJECT_IDENTIFIER               110
-# define X509V3_R_INVALID_OPTION                          138
-# define X509V3_R_INVALID_POLICY_IDENTIFIER               134
-# define X509V3_R_INVALID_PROXY_POLICY_SETTING            153
-# define X509V3_R_INVALID_PURPOSE                         146
-# define X509V3_R_INVALID_SAFI                            164
-# define X509V3_R_INVALID_SECTION                         135
-# define X509V3_R_INVALID_SYNTAX                          143
-# define X509V3_R_ISSUER_DECODE_ERROR                     126
-# define X509V3_R_MISSING_VALUE                           124
-# define X509V3_R_NEED_ORGANIZATION_AND_NUMBERS           142
-# define X509V3_R_NO_CONFIG_DATABASE                      136
-# define X509V3_R_NO_ISSUER_CERTIFICATE                   121
-# define X509V3_R_NO_ISSUER_DETAILS                       127
-# define X509V3_R_NO_POLICY_IDENTIFIER                    139
-# define X509V3_R_NO_PROXY_CERT_POLICY_LANGUAGE_DEFINED   154
-# define X509V3_R_NO_PUBLIC_KEY                           114
-# define X509V3_R_NO_SUBJECT_DETAILS                      125
-# define X509V3_R_OPERATION_NOT_DEFINED                   148
-# define X509V3_R_OTHERNAME_ERROR                         147
-# define X509V3_R_POLICY_LANGUAGE_ALREADY_DEFINED         155
-# define X509V3_R_POLICY_PATH_LENGTH                      156
-# define X509V3_R_POLICY_PATH_LENGTH_ALREADY_DEFINED      157
-# define X509V3_R_POLICY_WHEN_PROXY_LANGUAGE_REQUIRES_NO_POLICY 159
-# define X509V3_R_SECTION_NOT_FOUND                       150
-# define X509V3_R_UNABLE_TO_GET_ISSUER_DETAILS            122
-# define X509V3_R_UNABLE_TO_GET_ISSUER_KEYID              123
-# define X509V3_R_UNKNOWN_BIT_STRING_ARGUMENT             111
-# define X509V3_R_UNKNOWN_EXTENSION                       129
-# define X509V3_R_UNKNOWN_EXTENSION_NAME                  130
-# define X509V3_R_UNKNOWN_OPTION                          120
-# define X509V3_R_UNSUPPORTED_OPTION                      117
-# define X509V3_R_UNSUPPORTED_TYPE                        167
-# define X509V3_R_USER_TOO_LONG                           132
-
 # ifdef  __cplusplus
 }
 # endif
diff --git a/include/openssl/x509v3err.h b/include/openssl/x509v3err.h
new file mode 100644
index 0000000..2bd515c
--- /dev/null
+++ b/include/openssl/x509v3err.h
@@ -0,0 +1,155 @@
+/*
+ * Generated by util/mkerr.pl DO NOT EDIT
+ * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the OpenSSL license (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef HEADER_X509V3ERR_H
+# define HEADER_X509V3ERR_H
+
+# ifdef  __cplusplus
+extern "C" {
+# endif
+int ERR_load_X509V3_strings(void);
+# ifdef  __cplusplus
+}
+# endif
+
+/*
+ * X509V3 function codes.
+ */
+# define X509V3_F_A2I_GENERAL_NAME                        164
+# define X509V3_F_ADDR_VALIDATE_PATH_INTERNAL             166
+# define X509V3_F_ASIDENTIFIERCHOICE_CANONIZE             161
+# define X509V3_F_ASIDENTIFIERCHOICE_IS_CANONICAL         162
+# define X509V3_F_COPY_EMAIL                              122
+# define X509V3_F_COPY_ISSUER                             123
+# define X509V3_F_DO_DIRNAME                              144
+# define X509V3_F_DO_EXT_I2D                              135
+# define X509V3_F_DO_EXT_NCONF                            151
+# define X509V3_F_GNAMES_FROM_SECTNAME                    156
+# define X509V3_F_I2S_ASN1_ENUMERATED                     121
+# define X509V3_F_I2S_ASN1_IA5STRING                      149
+# define X509V3_F_I2S_ASN1_INTEGER                        120
+# define X509V3_F_I2V_AUTHORITY_INFO_ACCESS               138
+# define X509V3_F_NOTICE_SECTION                          132
+# define X509V3_F_NREF_NOS                                133
+# define X509V3_F_POLICY_SECTION                          131
+# define X509V3_F_PROCESS_PCI_VALUE                       150
+# define X509V3_F_R2I_CERTPOL                             130
+# define X509V3_F_R2I_PCI                                 155
+# define X509V3_F_S2I_ASN1_IA5STRING                      100
+# define X509V3_F_S2I_ASN1_INTEGER                        108
+# define X509V3_F_S2I_ASN1_OCTET_STRING                   112
+# define X509V3_F_S2I_SKEY_ID                             115
+# define X509V3_F_SET_DIST_POINT_NAME                     158
+# define X509V3_F_SXNET_ADD_ID_ASC                        125
+# define X509V3_F_SXNET_ADD_ID_INTEGER                    126
+# define X509V3_F_SXNET_ADD_ID_ULONG                      127
+# define X509V3_F_SXNET_GET_ID_ASC                        128
+# define X509V3_F_SXNET_GET_ID_ULONG                      129
+# define X509V3_F_V2I_ASIDENTIFIERS                       163
+# define X509V3_F_V2I_ASN1_BIT_STRING                     101
+# define X509V3_F_V2I_AUTHORITY_INFO_ACCESS               139
+# define X509V3_F_V2I_AUTHORITY_KEYID                     119
+# define X509V3_F_V2I_BASIC_CONSTRAINTS                   102
+# define X509V3_F_V2I_CRLD                                134
+# define X509V3_F_V2I_EXTENDED_KEY_USAGE                  103
+# define X509V3_F_V2I_GENERAL_NAMES                       118
+# define X509V3_F_V2I_GENERAL_NAME_EX                     117
+# define X509V3_F_V2I_IDP                                 157
+# define X509V3_F_V2I_IPADDRBLOCKS                        159
+# define X509V3_F_V2I_ISSUER_ALT                          153
+# define X509V3_F_V2I_NAME_CONSTRAINTS                    147
+# define X509V3_F_V2I_POLICY_CONSTRAINTS                  146
+# define X509V3_F_V2I_POLICY_MAPPINGS                     145
+# define X509V3_F_V2I_SUBJECT_ALT                         154
+# define X509V3_F_V2I_TLS_FEATURE                         165
+# define X509V3_F_V3_GENERIC_EXTENSION                    116
+# define X509V3_F_X509V3_ADD1_I2D                         140
+# define X509V3_F_X509V3_ADD_VALUE                        105
+# define X509V3_F_X509V3_EXT_ADD                          104
+# define X509V3_F_X509V3_EXT_ADD_ALIAS                    106
+# define X509V3_F_X509V3_EXT_I2D                          136
+# define X509V3_F_X509V3_EXT_NCONF                        152
+# define X509V3_F_X509V3_GET_SECTION                      142
+# define X509V3_F_X509V3_GET_STRING                       143
+# define X509V3_F_X509V3_GET_VALUE_BOOL                   110
+# define X509V3_F_X509V3_PARSE_LIST                       109
+# define X509V3_F_X509_PURPOSE_ADD                        137
+# define X509V3_F_X509_PURPOSE_SET                        141
+
+/*
+ * X509V3 reason codes.
+ */
+# define X509V3_R_BAD_IP_ADDRESS                          118
+# define X509V3_R_BAD_OBJECT                              119
+# define X509V3_R_BN_DEC2BN_ERROR                         100
+# define X509V3_R_BN_TO_ASN1_INTEGER_ERROR                101
+# define X509V3_R_DIRNAME_ERROR                           149
+# define X509V3_R_DISTPOINT_ALREADY_SET                   160
+# define X509V3_R_DUPLICATE_ZONE_ID                       133
+# define X509V3_R_ERROR_CONVERTING_ZONE                   131
+# define X509V3_R_ERROR_CREATING_EXTENSION                144
+# define X509V3_R_ERROR_IN_EXTENSION                      128
+# define X509V3_R_EXPECTED_A_SECTION_NAME                 137
+# define X509V3_R_EXTENSION_EXISTS                        145
+# define X509V3_R_EXTENSION_NAME_ERROR                    115
+# define X509V3_R_EXTENSION_NOT_FOUND                     102
+# define X509V3_R_EXTENSION_SETTING_NOT_SUPPORTED         103
+# define X509V3_R_EXTENSION_VALUE_ERROR                   116
+# define X509V3_R_ILLEGAL_EMPTY_EXTENSION                 151
+# define X509V3_R_INCORRECT_POLICY_SYNTAX_TAG             152
+# define X509V3_R_INVALID_ASNUMBER                        162
+# define X509V3_R_INVALID_ASRANGE                         163
+# define X509V3_R_INVALID_BOOLEAN_STRING                  104
+# define X509V3_R_INVALID_EXTENSION_STRING                105
+# define X509V3_R_INVALID_INHERITANCE                     165
+# define X509V3_R_INVALID_IPADDRESS                       166
+# define X509V3_R_INVALID_MULTIPLE_RDNS                   161
+# define X509V3_R_INVALID_NAME                            106
+# define X509V3_R_INVALID_NULL_ARGUMENT                   107
+# define X509V3_R_INVALID_NULL_NAME                       108
+# define X509V3_R_INVALID_NULL_VALUE                      109
+# define X509V3_R_INVALID_NUMBER                          140
+# define X509V3_R_INVALID_NUMBERS                         141
+# define X509V3_R_INVALID_OBJECT_IDENTIFIER               110
+# define X509V3_R_INVALID_OPTION                          138
+# define X509V3_R_INVALID_POLICY_IDENTIFIER               134
+# define X509V3_R_INVALID_PROXY_POLICY_SETTING            153
+# define X509V3_R_INVALID_PURPOSE                         146
+# define X509V3_R_INVALID_SAFI                            164
+# define X509V3_R_INVALID_SECTION                         135
+# define X509V3_R_INVALID_SYNTAX                          143
+# define X509V3_R_ISSUER_DECODE_ERROR                     126
+# define X509V3_R_MISSING_VALUE                           124
+# define X509V3_R_NEED_ORGANIZATION_AND_NUMBERS           142
+# define X509V3_R_NO_CONFIG_DATABASE                      136
+# define X509V3_R_NO_ISSUER_CERTIFICATE                   121
+# define X509V3_R_NO_ISSUER_DETAILS                       127
+# define X509V3_R_NO_POLICY_IDENTIFIER                    139
+# define X509V3_R_NO_PROXY_CERT_POLICY_LANGUAGE_DEFINED   154
+# define X509V3_R_NO_PUBLIC_KEY                           114
+# define X509V3_R_NO_SUBJECT_DETAILS                      125
+# define X509V3_R_OPERATION_NOT_DEFINED                   148
+# define X509V3_R_OTHERNAME_ERROR                         147
+# define X509V3_R_POLICY_LANGUAGE_ALREADY_DEFINED         155
+# define X509V3_R_POLICY_PATH_LENGTH                      156
+# define X509V3_R_POLICY_PATH_LENGTH_ALREADY_DEFINED      157
+# define X509V3_R_POLICY_WHEN_PROXY_LANGUAGE_REQUIRES_NO_POLICY 159
+# define X509V3_R_SECTION_NOT_FOUND                       150
+# define X509V3_R_UNABLE_TO_GET_ISSUER_DETAILS            122
+# define X509V3_R_UNABLE_TO_GET_ISSUER_KEYID              123
+# define X509V3_R_UNKNOWN_BIT_STRING_ARGUMENT             111
+# define X509V3_R_UNKNOWN_EXTENSION                       129
+# define X509V3_R_UNKNOWN_EXTENSION_NAME                  130
+# define X509V3_R_UNKNOWN_OPTION                          120
+# define X509V3_R_UNSUPPORTED_OPTION                      117
+# define X509V3_R_UNSUPPORTED_TYPE                        167
+# define X509V3_R_USER_TOO_LONG                           132
+
+#endif
diff --git a/ssl/ssl_err.c b/ssl/ssl_err.c
index 7152fa2..7456a74 100644
--- a/ssl/ssl_err.c
+++ b/ssl/ssl_err.c
@@ -8,866 +8,1082 @@
  * https://www.openssl.org/source/license.html
  */
 
-#include <stdio.h>
 #include <openssl/err.h>
-#include <openssl/ssl.h>
+#include <openssl/sslerr.h>
 
-/* BEGIN ERROR CODES */
 #ifndef OPENSSL_NO_ERR
 
-# define ERR_FUNC(func) ERR_PACK(ERR_LIB_SSL,func,0)
-# define ERR_REASON(reason) ERR_PACK(ERR_LIB_SSL,0,reason)
-
-static ERR_STRING_DATA SSL_str_functs[] = {
-    {ERR_FUNC(SSL_F_ADD_CLIENT_KEY_SHARE_EXT), "add_client_key_share_ext"},
-    {ERR_FUNC(SSL_F_ADD_KEY_SHARE), "add_key_share"},
-    {ERR_FUNC(SSL_F_BYTES_TO_CIPHER_LIST), "bytes_to_cipher_list"},
-    {ERR_FUNC(SSL_F_CHECK_SUITEB_CIPHER_LIST), "check_suiteb_cipher_list"},
-    {ERR_FUNC(SSL_F_CREATE_SYNTHETIC_MESSAGE_HASH),
+static const ERR_STRING_DATA SSL_str_functs[] = {
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_ADD_CLIENT_KEY_SHARE_EXT, 0),
+     "add_client_key_share_ext"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_ADD_KEY_SHARE, 0), "add_key_share"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_BYTES_TO_CIPHER_LIST, 0),
+     "bytes_to_cipher_list"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_CHECK_SUITEB_CIPHER_LIST, 0),
+     "check_suiteb_cipher_list"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_CREATE_SYNTHETIC_MESSAGE_HASH, 0),
      "create_synthetic_message_hash"},
-    {ERR_FUNC(SSL_F_CT_MOVE_SCTS), "ct_move_scts"},
-    {ERR_FUNC(SSL_F_CT_STRICT), "ct_strict"},
-    {ERR_FUNC(SSL_F_D2I_SSL_SESSION), "d2i_SSL_SESSION"},
-    {ERR_FUNC(SSL_F_DANE_CTX_ENABLE), "dane_ctx_enable"},
-    {ERR_FUNC(SSL_F_DANE_MTYPE_SET), "dane_mtype_set"},
-    {ERR_FUNC(SSL_F_DANE_TLSA_ADD), "dane_tlsa_add"},
-    {ERR_FUNC(SSL_F_DERIVE_SECRET_KEY_AND_IV), "derive_secret_key_and_iv"},
-    {ERR_FUNC(SSL_F_DO_DTLS1_WRITE), "do_dtls1_write"},
-    {ERR_FUNC(SSL_F_DO_SSL3_WRITE), "do_ssl3_write"},
-    {ERR_FUNC(SSL_F_DTLS1_BUFFER_RECORD), "dtls1_buffer_record"},
-    {ERR_FUNC(SSL_F_DTLS1_CHECK_TIMEOUT_NUM), "dtls1_check_timeout_num"},
-    {ERR_FUNC(SSL_F_DTLS1_HEARTBEAT), "dtls1_heartbeat"},
-    {ERR_FUNC(SSL_F_DTLS1_PREPROCESS_FRAGMENT), "dtls1_preprocess_fragment"},
-    {ERR_FUNC(SSL_F_DTLS1_PROCESS_BUFFERED_RECORDS),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_CT_MOVE_SCTS, 0), "ct_move_scts"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_CT_STRICT, 0), "ct_strict"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_D2I_SSL_SESSION, 0), "d2i_SSL_SESSION"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_DANE_CTX_ENABLE, 0), "dane_ctx_enable"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_DANE_MTYPE_SET, 0), "dane_mtype_set"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_DANE_TLSA_ADD, 0), "dane_tlsa_add"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_DERIVE_SECRET_KEY_AND_IV, 0),
+     "derive_secret_key_and_iv"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_DO_DTLS1_WRITE, 0), "do_dtls1_write"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_DO_SSL3_WRITE, 0), "do_ssl3_write"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_DTLS1_BUFFER_RECORD, 0),
+     "dtls1_buffer_record"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_DTLS1_CHECK_TIMEOUT_NUM, 0),
+     "dtls1_check_timeout_num"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_DTLS1_HEARTBEAT, 0), "dtls1_heartbeat"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_DTLS1_PREPROCESS_FRAGMENT, 0),
+     "dtls1_preprocess_fragment"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_DTLS1_PROCESS_BUFFERED_RECORDS, 0),
      "dtls1_process_buffered_records"},
-    {ERR_FUNC(SSL_F_DTLS1_PROCESS_RECORD), "dtls1_process_record"},
-    {ERR_FUNC(SSL_F_DTLS1_READ_BYTES), "dtls1_read_bytes"},
-    {ERR_FUNC(SSL_F_DTLS1_READ_FAILED), "dtls1_read_failed"},
-    {ERR_FUNC(SSL_F_DTLS1_RETRANSMIT_MESSAGE), "dtls1_retransmit_message"},
-    {ERR_FUNC(SSL_F_DTLS1_WRITE_APP_DATA_BYTES),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_DTLS1_PROCESS_RECORD, 0),
+     "dtls1_process_record"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_DTLS1_READ_BYTES, 0), "dtls1_read_bytes"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_DTLS1_READ_FAILED, 0), "dtls1_read_failed"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_DTLS1_RETRANSMIT_MESSAGE, 0),
+     "dtls1_retransmit_message"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_DTLS1_WRITE_APP_DATA_BYTES, 0),
      "dtls1_write_app_data_bytes"},
-    {ERR_FUNC(SSL_F_DTLS1_WRITE_BYTES), "dtls1_write_bytes"},
-    {ERR_FUNC(SSL_F_DTLSV1_LISTEN), "DTLSv1_listen"},
-    {ERR_FUNC(SSL_F_DTLS_CONSTRUCT_CHANGE_CIPHER_SPEC),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_DTLS1_WRITE_BYTES, 0), "dtls1_write_bytes"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_DTLSV1_LISTEN, 0), "DTLSv1_listen"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_DTLS_CONSTRUCT_CHANGE_CIPHER_SPEC, 0),
      "dtls_construct_change_cipher_spec"},
-    {ERR_FUNC(SSL_F_DTLS_CONSTRUCT_HELLO_VERIFY_REQUEST),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_DTLS_CONSTRUCT_HELLO_VERIFY_REQUEST, 0),
      "dtls_construct_hello_verify_request"},
-    {ERR_FUNC(SSL_F_DTLS_GET_REASSEMBLED_MESSAGE),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_DTLS_GET_REASSEMBLED_MESSAGE, 0),
      "dtls_get_reassembled_message"},
-    {ERR_FUNC(SSL_F_DTLS_PROCESS_HELLO_VERIFY), "dtls_process_hello_verify"},
-    {ERR_FUNC(SSL_F_EARLY_DATA_COUNT_OK), "early_data_count_ok"},
-    {ERR_FUNC(SSL_F_FINAL_EC_PT_FORMATS), "final_ec_pt_formats"},
-    {ERR_FUNC(SSL_F_FINAL_EMS), "final_ems"},
-    {ERR_FUNC(SSL_F_FINAL_KEY_SHARE), "final_key_share"},
-    {ERR_FUNC(SSL_F_FINAL_RENEGOTIATE), "final_renegotiate"},
-    {ERR_FUNC(SSL_F_FINAL_SIG_ALGS), "final_sig_algs"},
-    {ERR_FUNC(SSL_F_NSS_KEYLOG_INT), "nss_keylog_int"},
-    {ERR_FUNC(SSL_F_OPENSSL_INIT_SSL), "OPENSSL_init_ssl"},
-    {ERR_FUNC(SSL_F_OSSL_STATEM_CLIENT13_READ_TRANSITION),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_DTLS_PROCESS_HELLO_VERIFY, 0),
+     "dtls_process_hello_verify"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_EARLY_DATA_COUNT_OK, 0),
+     "early_data_count_ok"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_FINAL_EC_PT_FORMATS, 0),
+     "final_ec_pt_formats"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_FINAL_EMS, 0), "final_ems"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_FINAL_KEY_SHARE, 0), "final_key_share"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_FINAL_RENEGOTIATE, 0), "final_renegotiate"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_FINAL_SIG_ALGS, 0), "final_sig_algs"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_NSS_KEYLOG_INT, 0), "nss_keylog_int"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_OPENSSL_INIT_SSL, 0), "OPENSSL_init_ssl"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_OSSL_STATEM_CLIENT13_READ_TRANSITION, 0),
      "ossl_statem_client13_read_transition"},
-    {ERR_FUNC(SSL_F_OSSL_STATEM_CLIENT_CONSTRUCT_MESSAGE),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_OSSL_STATEM_CLIENT_CONSTRUCT_MESSAGE, 0),
      "ossl_statem_client_construct_message"},
-    {ERR_FUNC(SSL_F_OSSL_STATEM_CLIENT_READ_TRANSITION),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_OSSL_STATEM_CLIENT_READ_TRANSITION, 0),
      "ossl_statem_client_read_transition"},
-    {ERR_FUNC(SSL_F_OSSL_STATEM_SERVER13_READ_TRANSITION),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_OSSL_STATEM_SERVER13_READ_TRANSITION, 0),
      "ossl_statem_server13_read_transition"},
-    {ERR_FUNC(SSL_F_OSSL_STATEM_SERVER_CONSTRUCT_MESSAGE),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_OSSL_STATEM_SERVER_CONSTRUCT_MESSAGE, 0),
      "ossl_statem_server_construct_message"},
-    {ERR_FUNC(SSL_F_OSSL_STATEM_SERVER_READ_TRANSITION),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_OSSL_STATEM_SERVER_READ_TRANSITION, 0),
      "ossl_statem_server_read_transition"},
-    {ERR_FUNC(SSL_F_PARSE_CA_NAMES), "parse_ca_names"},
-    {ERR_FUNC(SSL_F_PROCESS_KEY_SHARE_EXT), "process_key_share_ext"},
-    {ERR_FUNC(SSL_F_READ_STATE_MACHINE), "read_state_machine"},
-    {ERR_FUNC(SSL_F_SET_CLIENT_CIPHERSUITE), "set_client_ciphersuite"},
-    {ERR_FUNC(SSL_F_SSL3_CHANGE_CIPHER_STATE), "ssl3_change_cipher_state"},
-    {ERR_FUNC(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_PARSE_CA_NAMES, 0), "parse_ca_names"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_PROCESS_KEY_SHARE_EXT, 0),
+     "process_key_share_ext"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_READ_STATE_MACHINE, 0), "read_state_machine"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SET_CLIENT_CIPHERSUITE, 0),
+     "set_client_ciphersuite"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL3_CHANGE_CIPHER_STATE, 0),
+     "ssl3_change_cipher_state"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM, 0),
      "ssl3_check_cert_and_algorithm"},
-    {ERR_FUNC(SSL_F_SSL3_CTRL), "ssl3_ctrl"},
-    {ERR_FUNC(SSL_F_SSL3_CTX_CTRL), "ssl3_ctx_ctrl"},
-    {ERR_FUNC(SSL_F_SSL3_DIGEST_CACHED_RECORDS),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL3_CTRL, 0), "ssl3_ctrl"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL3_CTX_CTRL, 0), "ssl3_ctx_ctrl"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL3_DIGEST_CACHED_RECORDS, 0),
      "ssl3_digest_cached_records"},
-    {ERR_FUNC(SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC, 0),
      "ssl3_do_change_cipher_spec"},
-    {ERR_FUNC(SSL_F_SSL3_FINAL_FINISH_MAC), "ssl3_final_finish_mac"},
-    {ERR_FUNC(SSL_F_SSL3_GENERATE_KEY_BLOCK), "ssl3_generate_key_block"},
-    {ERR_FUNC(SSL_F_SSL3_GENERATE_MASTER_SECRET),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL3_FINAL_FINISH_MAC, 0),
+     "ssl3_final_finish_mac"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL3_GENERATE_KEY_BLOCK, 0),
+     "ssl3_generate_key_block"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL3_GENERATE_MASTER_SECRET, 0),
      "ssl3_generate_master_secret"},
-    {ERR_FUNC(SSL_F_SSL3_GET_RECORD), "ssl3_get_record"},
-    {ERR_FUNC(SSL_F_SSL3_INIT_FINISHED_MAC), "ssl3_init_finished_mac"},
-    {ERR_FUNC(SSL_F_SSL3_OUTPUT_CERT_CHAIN), "ssl3_output_cert_chain"},
-    {ERR_FUNC(SSL_F_SSL3_READ_BYTES), "ssl3_read_bytes"},
-    {ERR_FUNC(SSL_F_SSL3_READ_N), "ssl3_read_n"},
-    {ERR_FUNC(SSL_F_SSL3_SETUP_KEY_BLOCK), "ssl3_setup_key_block"},
-    {ERR_FUNC(SSL_F_SSL3_SETUP_READ_BUFFER), "ssl3_setup_read_buffer"},
-    {ERR_FUNC(SSL_F_SSL3_SETUP_WRITE_BUFFER), "ssl3_setup_write_buffer"},
-    {ERR_FUNC(SSL_F_SSL3_WRITE_BYTES), "ssl3_write_bytes"},
-    {ERR_FUNC(SSL_F_SSL3_WRITE_PENDING), "ssl3_write_pending"},
-    {ERR_FUNC(SSL_F_SSL_ADD_CERT_CHAIN), "ssl_add_cert_chain"},
-    {ERR_FUNC(SSL_F_SSL_ADD_CERT_TO_BUF), "ssl_add_cert_to_buf"},
-    {ERR_FUNC(SSL_F_SSL_ADD_CERT_TO_WPACKET), "ssl_add_cert_to_wpacket"},
-    {ERR_FUNC(SSL_F_SSL_ADD_CLIENTHELLO_RENEGOTIATE_EXT),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL3_GET_RECORD, 0), "ssl3_get_record"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL3_INIT_FINISHED_MAC, 0),
+     "ssl3_init_finished_mac"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL3_OUTPUT_CERT_CHAIN, 0),
+     "ssl3_output_cert_chain"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL3_READ_BYTES, 0), "ssl3_read_bytes"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL3_READ_N, 0), "ssl3_read_n"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL3_SETUP_KEY_BLOCK, 0),
+     "ssl3_setup_key_block"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL3_SETUP_READ_BUFFER, 0),
+     "ssl3_setup_read_buffer"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL3_SETUP_WRITE_BUFFER, 0),
+     "ssl3_setup_write_buffer"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL3_WRITE_BYTES, 0), "ssl3_write_bytes"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL3_WRITE_PENDING, 0), "ssl3_write_pending"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_ADD_CERT_CHAIN, 0), "ssl_add_cert_chain"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_ADD_CERT_TO_BUF, 0),
+     "ssl_add_cert_to_buf"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_ADD_CERT_TO_WPACKET, 0),
+     "ssl_add_cert_to_wpacket"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_ADD_CLIENTHELLO_RENEGOTIATE_EXT, 0),
      "ssl_add_clienthello_renegotiate_ext"},
-    {ERR_FUNC(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, 0),
      "ssl_add_clienthello_tlsext"},
-    {ERR_FUNC(SSL_F_SSL_ADD_CLIENTHELLO_USE_SRTP_EXT),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_ADD_CLIENTHELLO_USE_SRTP_EXT, 0),
      "ssl_add_clienthello_use_srtp_ext"},
-    {ERR_FUNC(SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK, 0),
      "SSL_add_dir_cert_subjects_to_stack"},
-    {ERR_FUNC(SSL_F_SSL_ADD_FILE_CERT_SUBJECTS_TO_STACK),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_ADD_FILE_CERT_SUBJECTS_TO_STACK, 0),
      "SSL_add_file_cert_subjects_to_stack"},
-    {ERR_FUNC(SSL_F_SSL_ADD_SERVERHELLO_RENEGOTIATE_EXT),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_ADD_SERVERHELLO_RENEGOTIATE_EXT, 0),
      "ssl_add_serverhello_renegotiate_ext"},
-    {ERR_FUNC(SSL_F_SSL_ADD_SERVERHELLO_TLSEXT),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_ADD_SERVERHELLO_TLSEXT, 0),
      "ssl_add_serverhello_tlsext"},
-    {ERR_FUNC(SSL_F_SSL_ADD_SERVERHELLO_USE_SRTP_EXT),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_ADD_SERVERHELLO_USE_SRTP_EXT, 0),
      "ssl_add_serverhello_use_srtp_ext"},
-    {ERR_FUNC(SSL_F_SSL_BAD_METHOD), "ssl_bad_method"},
-    {ERR_FUNC(SSL_F_SSL_BUILD_CERT_CHAIN), "ssl_build_cert_chain"},
-    {ERR_FUNC(SSL_F_SSL_BYTES_TO_CIPHER_LIST), "SSL_bytes_to_cipher_list"},
-    {ERR_FUNC(SSL_F_SSL_CACHE_CIPHERLIST), "ssl_cache_cipherlist"},
-    {ERR_FUNC(SSL_F_SSL_CERT_ADD0_CHAIN_CERT), "ssl_cert_add0_chain_cert"},
-    {ERR_FUNC(SSL_F_SSL_CERT_DUP), "ssl_cert_dup"},
-    {ERR_FUNC(SSL_F_SSL_CERT_NEW), "ssl_cert_new"},
-    {ERR_FUNC(SSL_F_SSL_CERT_SET0_CHAIN), "ssl_cert_set0_chain"},
-    {ERR_FUNC(SSL_F_SSL_CHECK_PRIVATE_KEY), "SSL_check_private_key"},
-    {ERR_FUNC(SSL_F_SSL_CHECK_SERVERHELLO_TLSEXT),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_BAD_METHOD, 0), "ssl_bad_method"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_BUILD_CERT_CHAIN, 0),
+     "ssl_build_cert_chain"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_BYTES_TO_CIPHER_LIST, 0),
+     "SSL_bytes_to_cipher_list"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_CACHE_CIPHERLIST, 0),
+     "ssl_cache_cipherlist"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_CERT_ADD0_CHAIN_CERT, 0),
+     "ssl_cert_add0_chain_cert"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_CERT_DUP, 0), "ssl_cert_dup"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_CERT_NEW, 0), "ssl_cert_new"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_CERT_SET0_CHAIN, 0),
+     "ssl_cert_set0_chain"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_CHECK_PRIVATE_KEY, 0),
+     "SSL_check_private_key"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_CHECK_SERVERHELLO_TLSEXT, 0),
      "ssl_check_serverhello_tlsext"},
-    {ERR_FUNC(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG, 0),
      "ssl_check_srvr_ecc_cert_and_alg"},
-    {ERR_FUNC(SSL_F_SSL_CIPHER_LIST_TO_BYTES), "ssl_cipher_list_to_bytes"},
-    {ERR_FUNC(SSL_F_SSL_CIPHER_PROCESS_RULESTR),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_CIPHER_LIST_TO_BYTES, 0),
+     "ssl_cipher_list_to_bytes"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_CIPHER_PROCESS_RULESTR, 0),
      "ssl_cipher_process_rulestr"},
-    {ERR_FUNC(SSL_F_SSL_CIPHER_STRENGTH_SORT), "ssl_cipher_strength_sort"},
-    {ERR_FUNC(SSL_F_SSL_CLEAR), "SSL_clear"},
-    {ERR_FUNC(SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_CIPHER_STRENGTH_SORT, 0),
+     "ssl_cipher_strength_sort"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_CLEAR, 0), "SSL_clear"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD, 0),
      "SSL_COMP_add_compression_method"},
-    {ERR_FUNC(SSL_F_SSL_CONF_CMD), "SSL_CONF_cmd"},
-    {ERR_FUNC(SSL_F_SSL_CREATE_CIPHER_LIST), "ssl_create_cipher_list"},
-    {ERR_FUNC(SSL_F_SSL_CTRL), "SSL_ctrl"},
-    {ERR_FUNC(SSL_F_SSL_CTX_CHECK_PRIVATE_KEY), "SSL_CTX_check_private_key"},
-    {ERR_FUNC(SSL_F_SSL_CTX_ENABLE_CT), "SSL_CTX_enable_ct"},
-    {ERR_FUNC(SSL_F_SSL_CTX_MAKE_PROFILES), "ssl_ctx_make_profiles"},
-    {ERR_FUNC(SSL_F_SSL_CTX_NEW), "SSL_CTX_new"},
-    {ERR_FUNC(SSL_F_SSL_CTX_SET_ALPN_PROTOS), "SSL_CTX_set_alpn_protos"},
-    {ERR_FUNC(SSL_F_SSL_CTX_SET_CIPHER_LIST), "SSL_CTX_set_cipher_list"},
-    {ERR_FUNC(SSL_F_SSL_CTX_SET_CLIENT_CERT_ENGINE),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_CONF_CMD, 0), "SSL_CONF_cmd"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_CREATE_CIPHER_LIST, 0),
+     "ssl_create_cipher_list"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_CTRL, 0), "SSL_ctrl"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_CTX_CHECK_PRIVATE_KEY, 0),
+     "SSL_CTX_check_private_key"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_CTX_ENABLE_CT, 0), "SSL_CTX_enable_ct"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_CTX_MAKE_PROFILES, 0),
+     "ssl_ctx_make_profiles"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_CTX_NEW, 0), "SSL_CTX_new"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_CTX_SET_ALPN_PROTOS, 0),
+     "SSL_CTX_set_alpn_protos"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_CTX_SET_CIPHER_LIST, 0),
+     "SSL_CTX_set_cipher_list"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_CTX_SET_CLIENT_CERT_ENGINE, 0),
      "SSL_CTX_set_client_cert_engine"},
-    {ERR_FUNC(SSL_F_SSL_CTX_SET_CT_VALIDATION_CALLBACK),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_CTX_SET_CT_VALIDATION_CALLBACK, 0),
      "SSL_CTX_set_ct_validation_callback"},
-    {ERR_FUNC(SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT, 0),
      "SSL_CTX_set_session_id_context"},
-    {ERR_FUNC(SSL_F_SSL_CTX_SET_SSL_VERSION), "SSL_CTX_set_ssl_version"},
-    {ERR_FUNC(SSL_F_SSL_CTX_USE_CERTIFICATE), "SSL_CTX_use_certificate"},
-    {ERR_FUNC(SSL_F_SSL_CTX_USE_CERTIFICATE_ASN1),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_CTX_SET_SSL_VERSION, 0),
+     "SSL_CTX_set_ssl_version"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_CTX_USE_CERTIFICATE, 0),
+     "SSL_CTX_use_certificate"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_CTX_USE_CERTIFICATE_ASN1, 0),
      "SSL_CTX_use_certificate_ASN1"},
-    {ERR_FUNC(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_CTX_USE_CERTIFICATE_FILE, 0),
      "SSL_CTX_use_certificate_file"},
-    {ERR_FUNC(SSL_F_SSL_CTX_USE_PRIVATEKEY), "SSL_CTX_use_PrivateKey"},
-    {ERR_FUNC(SSL_F_SSL_CTX_USE_PRIVATEKEY_ASN1),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_CTX_USE_PRIVATEKEY, 0),
+     "SSL_CTX_use_PrivateKey"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_CTX_USE_PRIVATEKEY_ASN1, 0),
      "SSL_CTX_use_PrivateKey_ASN1"},
-    {ERR_FUNC(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE, 0),
      "SSL_CTX_use_PrivateKey_file"},
-    {ERR_FUNC(SSL_F_SSL_CTX_USE_PSK_IDENTITY_HINT),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_CTX_USE_PSK_IDENTITY_HINT, 0),
      "SSL_CTX_use_psk_identity_hint"},
-    {ERR_FUNC(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY), "SSL_CTX_use_RSAPrivateKey"},
-    {ERR_FUNC(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_ASN1),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_CTX_USE_RSAPRIVATEKEY, 0),
+     "SSL_CTX_use_RSAPrivateKey"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_ASN1, 0),
      "SSL_CTX_use_RSAPrivateKey_ASN1"},
-    {ERR_FUNC(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE, 0),
      "SSL_CTX_use_RSAPrivateKey_file"},
-    {ERR_FUNC(SSL_F_SSL_CTX_USE_SERVERINFO), "SSL_CTX_use_serverinfo"},
-    {ERR_FUNC(SSL_F_SSL_CTX_USE_SERVERINFO_EX), "SSL_CTX_use_serverinfo_ex"},
-    {ERR_FUNC(SSL_F_SSL_CTX_USE_SERVERINFO_FILE),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_CTX_USE_SERVERINFO, 0),
+     "SSL_CTX_use_serverinfo"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_CTX_USE_SERVERINFO_EX, 0),
+     "SSL_CTX_use_serverinfo_ex"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_CTX_USE_SERVERINFO_FILE, 0),
      "SSL_CTX_use_serverinfo_file"},
-    {ERR_FUNC(SSL_F_SSL_DANE_DUP), "ssl_dane_dup"},
-    {ERR_FUNC(SSL_F_SSL_DANE_ENABLE), "SSL_dane_enable"},
-    {ERR_FUNC(SSL_F_SSL_DO_CONFIG), "ssl_do_config"},
-    {ERR_FUNC(SSL_F_SSL_DO_HANDSHAKE), "SSL_do_handshake"},
-    {ERR_FUNC(SSL_F_SSL_DUP_CA_LIST), "SSL_dup_CA_list"},
-    {ERR_FUNC(SSL_F_SSL_ENABLE_CT), "SSL_enable_ct"},
-    {ERR_FUNC(SSL_F_SSL_GET_NEW_SESSION), "ssl_get_new_session"},
-    {ERR_FUNC(SSL_F_SSL_GET_PREV_SESSION), "ssl_get_prev_session"},
-    {ERR_FUNC(SSL_F_SSL_GET_SERVER_CERT_INDEX), "ssl_get_server_cert_index"},
-    {ERR_FUNC(SSL_F_SSL_GET_SIGN_PKEY), "ssl_get_sign_pkey"},
-    {ERR_FUNC(SSL_F_SSL_INIT_WBIO_BUFFER), "ssl_init_wbio_buffer"},
-    {ERR_FUNC(SSL_F_SSL_KEY_UPDATE), "SSL_key_update"},
-    {ERR_FUNC(SSL_F_SSL_LOAD_CLIENT_CA_FILE), "SSL_load_client_CA_file"},
-    {ERR_FUNC(SSL_F_SSL_LOG_MASTER_SECRET), "ssl_log_master_secret"},
-    {ERR_FUNC(SSL_F_SSL_LOG_RSA_CLIENT_KEY_EXCHANGE),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_DANE_DUP, 0), "ssl_dane_dup"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_DANE_ENABLE, 0), "SSL_dane_enable"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_DO_CONFIG, 0), "ssl_do_config"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_DO_HANDSHAKE, 0), "SSL_do_handshake"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_DUP_CA_LIST, 0), "SSL_dup_CA_list"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_ENABLE_CT, 0), "SSL_enable_ct"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_GET_NEW_SESSION, 0),
+     "ssl_get_new_session"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_GET_PREV_SESSION, 0),
+     "ssl_get_prev_session"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_GET_SERVER_CERT_INDEX, 0),
+     "ssl_get_server_cert_index"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_GET_SIGN_PKEY, 0), "ssl_get_sign_pkey"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_INIT_WBIO_BUFFER, 0),
+     "ssl_init_wbio_buffer"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_KEY_UPDATE, 0), "SSL_key_update"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_LOAD_CLIENT_CA_FILE, 0),
+     "SSL_load_client_CA_file"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_LOG_MASTER_SECRET, 0),
+     "ssl_log_master_secret"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_LOG_RSA_CLIENT_KEY_EXCHANGE, 0),
      "ssl_log_rsa_client_key_exchange"},
-    {ERR_FUNC(SSL_F_SSL_MODULE_INIT), "ssl_module_init"},
-    {ERR_FUNC(SSL_F_SSL_NEW), "SSL_new"},
-    {ERR_FUNC(SSL_F_SSL_PARSE_CLIENTHELLO_RENEGOTIATE_EXT),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_MODULE_INIT, 0), "ssl_module_init"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_NEW, 0), "SSL_new"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_PARSE_CLIENTHELLO_RENEGOTIATE_EXT, 0),
      "ssl_parse_clienthello_renegotiate_ext"},
-    {ERR_FUNC(SSL_F_SSL_PARSE_CLIENTHELLO_TLSEXT),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_PARSE_CLIENTHELLO_TLSEXT, 0),
      "ssl_parse_clienthello_tlsext"},
-    {ERR_FUNC(SSL_F_SSL_PARSE_CLIENTHELLO_USE_SRTP_EXT),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_PARSE_CLIENTHELLO_USE_SRTP_EXT, 0),
      "ssl_parse_clienthello_use_srtp_ext"},
-    {ERR_FUNC(SSL_F_SSL_PARSE_SERVERHELLO_RENEGOTIATE_EXT),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_PARSE_SERVERHELLO_RENEGOTIATE_EXT, 0),
      "ssl_parse_serverhello_renegotiate_ext"},
-    {ERR_FUNC(SSL_F_SSL_PARSE_SERVERHELLO_TLSEXT),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_PARSE_SERVERHELLO_TLSEXT, 0),
      "ssl_parse_serverhello_tlsext"},
-    {ERR_FUNC(SSL_F_SSL_PARSE_SERVERHELLO_USE_SRTP_EXT),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_PARSE_SERVERHELLO_USE_SRTP_EXT, 0),
      "ssl_parse_serverhello_use_srtp_ext"},
-    {ERR_FUNC(SSL_F_SSL_PEEK), "SSL_peek"},
-    {ERR_FUNC(SSL_F_SSL_PEEK_EX), "SSL_peek_ex"},
-    {ERR_FUNC(SSL_F_SSL_PEEK_INTERNAL), "ssl_peek_internal"},
-    {ERR_FUNC(SSL_F_SSL_READ), "SSL_read"},
-    {ERR_FUNC(SSL_F_SSL_READ_EARLY_DATA), "SSL_read_early_data"},
-    {ERR_FUNC(SSL_F_SSL_READ_EX), "SSL_read_ex"},
-    {ERR_FUNC(SSL_F_SSL_READ_INTERNAL), "ssl_read_internal"},
-    {ERR_FUNC(SSL_F_SSL_RENEGOTIATE), "SSL_renegotiate"},
-    {ERR_FUNC(SSL_F_SSL_RENEGOTIATE_ABBREVIATED),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_PEEK, 0), "SSL_peek"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_PEEK_EX, 0), "SSL_peek_ex"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_PEEK_INTERNAL, 0), "ssl_peek_internal"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_READ, 0), "SSL_read"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_READ_EARLY_DATA, 0),
+     "SSL_read_early_data"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_READ_EX, 0), "SSL_read_ex"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_READ_INTERNAL, 0), "ssl_read_internal"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_RENEGOTIATE, 0), "SSL_renegotiate"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_RENEGOTIATE_ABBREVIATED, 0),
      "SSL_renegotiate_abbreviated"},
-    {ERR_FUNC(SSL_F_SSL_SCAN_CLIENTHELLO_TLSEXT),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_SCAN_CLIENTHELLO_TLSEXT, 0),
      "ssl_scan_clienthello_tlsext"},
-    {ERR_FUNC(SSL_F_SSL_SCAN_SERVERHELLO_TLSEXT),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_SCAN_SERVERHELLO_TLSEXT, 0),
      "ssl_scan_serverhello_tlsext"},
-    {ERR_FUNC(SSL_F_SSL_SESSION_DUP), "ssl_session_dup"},
-    {ERR_FUNC(SSL_F_SSL_SESSION_NEW), "SSL_SESSION_new"},
-    {ERR_FUNC(SSL_F_SSL_SESSION_PRINT_FP), "SSL_SESSION_print_fp"},
-    {ERR_FUNC(SSL_F_SSL_SESSION_SET1_ID), "SSL_SESSION_set1_id"},
-    {ERR_FUNC(SSL_F_SSL_SESSION_SET1_ID_CONTEXT),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_SESSION_DUP, 0), "ssl_session_dup"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_SESSION_NEW, 0), "SSL_SESSION_new"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_SESSION_PRINT_FP, 0),
+     "SSL_SESSION_print_fp"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_SESSION_SET1_ID, 0),
+     "SSL_SESSION_set1_id"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_SESSION_SET1_ID_CONTEXT, 0),
      "SSL_SESSION_set1_id_context"},
-    {ERR_FUNC(SSL_F_SSL_SET_ALPN_PROTOS), "SSL_set_alpn_protos"},
-    {ERR_FUNC(SSL_F_SSL_SET_CERT), "ssl_set_cert"},
-    {ERR_FUNC(SSL_F_SSL_SET_CIPHER_LIST), "SSL_set_cipher_list"},
-    {ERR_FUNC(SSL_F_SSL_SET_CT_VALIDATION_CALLBACK),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_SET_ALPN_PROTOS, 0),
+     "SSL_set_alpn_protos"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_SET_CERT, 0), "ssl_set_cert"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_SET_CIPHER_LIST, 0),
+     "SSL_set_cipher_list"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_SET_CT_VALIDATION_CALLBACK, 0),
      "SSL_set_ct_validation_callback"},
-    {ERR_FUNC(SSL_F_SSL_SET_FD), "SSL_set_fd"},
-    {ERR_FUNC(SSL_F_SSL_SET_PKEY), "ssl_set_pkey"},
-    {ERR_FUNC(SSL_F_SSL_SET_RFD), "SSL_set_rfd"},
-    {ERR_FUNC(SSL_F_SSL_SET_SESSION), "SSL_set_session"},
-    {ERR_FUNC(SSL_F_SSL_SET_SESSION_ID_CONTEXT),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_SET_FD, 0), "SSL_set_fd"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_SET_PKEY, 0), "ssl_set_pkey"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_SET_RFD, 0), "SSL_set_rfd"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_SET_SESSION, 0), "SSL_set_session"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_SET_SESSION_ID_CONTEXT, 0),
      "SSL_set_session_id_context"},
-    {ERR_FUNC(SSL_F_SSL_SET_SESSION_TICKET_EXT),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_SET_SESSION_TICKET_EXT, 0),
      "SSL_set_session_ticket_ext"},
-    {ERR_FUNC(SSL_F_SSL_SET_WFD), "SSL_set_wfd"},
-    {ERR_FUNC(SSL_F_SSL_SHUTDOWN), "SSL_shutdown"},
-    {ERR_FUNC(SSL_F_SSL_SRP_CTX_INIT), "SSL_SRP_CTX_init"},
-    {ERR_FUNC(SSL_F_SSL_START_ASYNC_JOB), "ssl_start_async_job"},
-    {ERR_FUNC(SSL_F_SSL_UNDEFINED_FUNCTION), "ssl_undefined_function"},
-    {ERR_FUNC(SSL_F_SSL_UNDEFINED_VOID_FUNCTION),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_SET_WFD, 0), "SSL_set_wfd"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_SHUTDOWN, 0), "SSL_shutdown"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_SRP_CTX_INIT, 0), "SSL_SRP_CTX_init"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_START_ASYNC_JOB, 0),
+     "ssl_start_async_job"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_UNDEFINED_FUNCTION, 0),
+     "ssl_undefined_function"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_UNDEFINED_VOID_FUNCTION, 0),
      "ssl_undefined_void_function"},
-    {ERR_FUNC(SSL_F_SSL_USE_CERTIFICATE), "SSL_use_certificate"},
-    {ERR_FUNC(SSL_F_SSL_USE_CERTIFICATE_ASN1), "SSL_use_certificate_ASN1"},
-    {ERR_FUNC(SSL_F_SSL_USE_CERTIFICATE_FILE), "SSL_use_certificate_file"},
-    {ERR_FUNC(SSL_F_SSL_USE_PRIVATEKEY), "SSL_use_PrivateKey"},
-    {ERR_FUNC(SSL_F_SSL_USE_PRIVATEKEY_ASN1), "SSL_use_PrivateKey_ASN1"},
-    {ERR_FUNC(SSL_F_SSL_USE_PRIVATEKEY_FILE), "SSL_use_PrivateKey_file"},
-    {ERR_FUNC(SSL_F_SSL_USE_PSK_IDENTITY_HINT), "SSL_use_psk_identity_hint"},
-    {ERR_FUNC(SSL_F_SSL_USE_RSAPRIVATEKEY), "SSL_use_RSAPrivateKey"},
-    {ERR_FUNC(SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_USE_CERTIFICATE, 0),
+     "SSL_use_certificate"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_USE_CERTIFICATE_ASN1, 0),
+     "SSL_use_certificate_ASN1"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_USE_CERTIFICATE_FILE, 0),
+     "SSL_use_certificate_file"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_USE_PRIVATEKEY, 0), "SSL_use_PrivateKey"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_USE_PRIVATEKEY_ASN1, 0),
+     "SSL_use_PrivateKey_ASN1"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_USE_PRIVATEKEY_FILE, 0),
+     "SSL_use_PrivateKey_file"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_USE_PSK_IDENTITY_HINT, 0),
+     "SSL_use_psk_identity_hint"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_USE_RSAPRIVATEKEY, 0),
+     "SSL_use_RSAPrivateKey"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1, 0),
      "SSL_use_RSAPrivateKey_ASN1"},
-    {ERR_FUNC(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_USE_RSAPRIVATEKEY_FILE, 0),
      "SSL_use_RSAPrivateKey_file"},
-    {ERR_FUNC(SSL_F_SSL_VALIDATE_CT), "ssl_validate_ct"},
-    {ERR_FUNC(SSL_F_SSL_VERIFY_CERT_CHAIN), "ssl_verify_cert_chain"},
-    {ERR_FUNC(SSL_F_SSL_WRITE), "SSL_write"},
-    {ERR_FUNC(SSL_F_SSL_WRITE_EARLY_DATA), "SSL_write_early_data"},
-    {ERR_FUNC(SSL_F_SSL_WRITE_EARLY_FINISH), "ssl_write_early_finish"},
-    {ERR_FUNC(SSL_F_SSL_WRITE_EX), "SSL_write_ex"},
-    {ERR_FUNC(SSL_F_SSL_WRITE_INTERNAL), "ssl_write_internal"},
-    {ERR_FUNC(SSL_F_STATE_MACHINE), "state_machine"},
-    {ERR_FUNC(SSL_F_TLS12_CHECK_PEER_SIGALG), "tls12_check_peer_sigalg"},
-    {ERR_FUNC(SSL_F_TLS12_COPY_SIGALGS), "tls12_copy_sigalgs"},
-    {ERR_FUNC(SSL_F_TLS13_CHANGE_CIPHER_STATE), "tls13_change_cipher_state"},
-    {ERR_FUNC(SSL_F_TLS13_SETUP_KEY_BLOCK), "tls13_setup_key_block"},
-    {ERR_FUNC(SSL_F_TLS1_CHANGE_CIPHER_STATE), "tls1_change_cipher_state"},
-    {ERR_FUNC(SSL_F_TLS1_CHECK_DUPLICATE_EXTENSIONS),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_VALIDATE_CT, 0), "ssl_validate_ct"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_VERIFY_CERT_CHAIN, 0),
+     "ssl_verify_cert_chain"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_WRITE, 0), "SSL_write"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_WRITE_EARLY_DATA, 0),
+     "SSL_write_early_data"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_WRITE_EARLY_FINISH, 0),
+     "ssl_write_early_finish"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_WRITE_EX, 0), "SSL_write_ex"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_WRITE_INTERNAL, 0), "ssl_write_internal"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_STATE_MACHINE, 0), "state_machine"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS12_CHECK_PEER_SIGALG, 0),
+     "tls12_check_peer_sigalg"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS12_COPY_SIGALGS, 0), "tls12_copy_sigalgs"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS13_CHANGE_CIPHER_STATE, 0),
+     "tls13_change_cipher_state"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS13_SETUP_KEY_BLOCK, 0),
+     "tls13_setup_key_block"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS1_CHANGE_CIPHER_STATE, 0),
+     "tls1_change_cipher_state"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS1_CHECK_DUPLICATE_EXTENSIONS, 0),
      "tls1_check_duplicate_extensions"},
-    {ERR_FUNC(SSL_F_TLS1_ENC), "tls1_enc"},
-    {ERR_FUNC(SSL_F_TLS1_EXPORT_KEYING_MATERIAL),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS1_ENC, 0), "tls1_enc"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS1_EXPORT_KEYING_MATERIAL, 0),
      "tls1_export_keying_material"},
-    {ERR_FUNC(SSL_F_TLS1_GET_CURVELIST), "tls1_get_curvelist"},
-    {ERR_FUNC(SSL_F_TLS1_PRF), "tls1_PRF"},
-    {ERR_FUNC(SSL_F_TLS1_SETUP_KEY_BLOCK), "tls1_setup_key_block"},
-    {ERR_FUNC(SSL_F_TLS1_SET_SERVER_SIGALGS), "tls1_set_server_sigalgs"},
-    {ERR_FUNC(SSL_F_TLS_CHOOSE_SIGALG), "tls_choose_sigalg"},
-    {ERR_FUNC(SSL_F_TLS_CLIENT_KEY_EXCHANGE_POST_WORK),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS1_GET_CURVELIST, 0), "tls1_get_curvelist"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS1_PRF, 0), "tls1_PRF"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS1_SETUP_KEY_BLOCK, 0),
+     "tls1_setup_key_block"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS1_SET_SERVER_SIGALGS, 0),
+     "tls1_set_server_sigalgs"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_CHOOSE_SIGALG, 0), "tls_choose_sigalg"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_CLIENT_KEY_EXCHANGE_POST_WORK, 0),
      "tls_client_key_exchange_post_work"},
-    {ERR_FUNC(SSL_F_TLS_COLLECT_EXTENSIONS), "tls_collect_extensions"},
-    {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CERTIFICATE_AUTHORITIES),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_COLLECT_EXTENSIONS, 0),
+     "tls_collect_extensions"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_CONSTRUCT_CERTIFICATE_AUTHORITIES, 0),
      "tls_construct_certificate_authorities"},
-    {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CERTIFICATE_REQUEST),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_CONSTRUCT_CERTIFICATE_REQUEST, 0),
      "tls_construct_certificate_request"},
-    {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CERT_STATUS), "tls_construct_cert_status"},
-    {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CERT_STATUS_BODY),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_CONSTRUCT_CERT_STATUS, 0),
+     "tls_construct_cert_status"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_CONSTRUCT_CERT_STATUS_BODY, 0),
      "tls_construct_cert_status_body"},
-    {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CERT_VERIFY), "tls_construct_cert_verify"},
-    {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CHANGE_CIPHER_SPEC),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_CONSTRUCT_CERT_VERIFY, 0),
+     "tls_construct_cert_verify"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_CONSTRUCT_CHANGE_CIPHER_SPEC, 0),
      "tls_construct_change_cipher_spec"},
-    {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CKE_DHE), "tls_construct_cke_dhe"},
-    {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CKE_ECDHE), "tls_construct_cke_ecdhe"},
-    {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CKE_GOST), "tls_construct_cke_gost"},
-    {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CKE_PSK_PREAMBLE),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_CONSTRUCT_CKE_DHE, 0),
+     "tls_construct_cke_dhe"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_CONSTRUCT_CKE_ECDHE, 0),
+     "tls_construct_cke_ecdhe"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_CONSTRUCT_CKE_GOST, 0),
+     "tls_construct_cke_gost"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_CONSTRUCT_CKE_PSK_PREAMBLE, 0),
      "tls_construct_cke_psk_preamble"},
-    {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CKE_RSA), "tls_construct_cke_rsa"},
-    {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CKE_SRP), "tls_construct_cke_srp"},
-    {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CLIENT_CERTIFICATE),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_CONSTRUCT_CKE_RSA, 0),
+     "tls_construct_cke_rsa"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_CONSTRUCT_CKE_SRP, 0),
+     "tls_construct_cke_srp"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_CONSTRUCT_CLIENT_CERTIFICATE, 0),
      "tls_construct_client_certificate"},
-    {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CLIENT_HELLO),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_CONSTRUCT_CLIENT_HELLO, 0),
      "tls_construct_client_hello"},
-    {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CLIENT_KEY_EXCHANGE),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_CONSTRUCT_CLIENT_KEY_EXCHANGE, 0),
      "tls_construct_client_key_exchange"},
-    {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CLIENT_VERIFY),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_CONSTRUCT_CLIENT_VERIFY, 0),
      "tls_construct_client_verify"},
-    {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CTOS_ALPN), "tls_construct_ctos_alpn"},
-    {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CTOS_CERTIFICATE),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_CONSTRUCT_CTOS_ALPN, 0),
+     "tls_construct_ctos_alpn"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_CONSTRUCT_CTOS_CERTIFICATE, 0),
      "TLS_CONSTRUCT_CTOS_CERTIFICATE"},
-    {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CTOS_COOKIE), "tls_construct_ctos_cookie"},
-    {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CTOS_EARLY_DATA),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_CONSTRUCT_CTOS_COOKIE, 0),
+     "tls_construct_ctos_cookie"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_CONSTRUCT_CTOS_EARLY_DATA, 0),
      "tls_construct_ctos_early_data"},
-    {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CTOS_EC_PT_FORMATS),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_CONSTRUCT_CTOS_EC_PT_FORMATS, 0),
      "tls_construct_ctos_ec_pt_formats"},
-    {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CTOS_EMS), "tls_construct_ctos_ems"},
-    {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CTOS_ETM), "tls_construct_ctos_etm"},
-    {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CTOS_HELLO), "TLS_CONSTRUCT_CTOS_HELLO"},
-    {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CTOS_KEY_EXCHANGE),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_CONSTRUCT_CTOS_EMS, 0),
+     "tls_construct_ctos_ems"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_CONSTRUCT_CTOS_ETM, 0),
+     "tls_construct_ctos_etm"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_CONSTRUCT_CTOS_HELLO, 0),
+     "TLS_CONSTRUCT_CTOS_HELLO"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_CONSTRUCT_CTOS_KEY_EXCHANGE, 0),
      "TLS_CONSTRUCT_CTOS_KEY_EXCHANGE"},
-    {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CTOS_KEY_SHARE),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_CONSTRUCT_CTOS_KEY_SHARE, 0),
      "tls_construct_ctos_key_share"},
-    {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CTOS_NPN), "tls_construct_ctos_npn"},
-    {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CTOS_PADDING),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_CONSTRUCT_CTOS_NPN, 0),
+     "tls_construct_ctos_npn"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_CONSTRUCT_CTOS_PADDING, 0),
      "tls_construct_ctos_padding"},
-    {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CTOS_PSK), "tls_construct_ctos_psk"},
-    {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CTOS_PSK_KEX_MODES),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_CONSTRUCT_CTOS_PSK, 0),
+     "tls_construct_ctos_psk"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_CONSTRUCT_CTOS_PSK_KEX_MODES, 0),
      "tls_construct_ctos_psk_kex_modes"},
-    {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CTOS_RENEGOTIATE),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_CONSTRUCT_CTOS_RENEGOTIATE, 0),
      "tls_construct_ctos_renegotiate"},
-    {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CTOS_SCT), "tls_construct_ctos_sct"},
-    {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CTOS_SERVER_NAME),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_CONSTRUCT_CTOS_SCT, 0),
+     "tls_construct_ctos_sct"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_CONSTRUCT_CTOS_SERVER_NAME, 0),
      "tls_construct_ctos_server_name"},
-    {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CTOS_SESSION_TICKET),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_CONSTRUCT_CTOS_SESSION_TICKET, 0),
      "tls_construct_ctos_session_ticket"},
-    {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CTOS_SIG_ALGS),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_CONSTRUCT_CTOS_SIG_ALGS, 0),
      "tls_construct_ctos_sig_algs"},
-    {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CTOS_SRP), "tls_construct_ctos_srp"},
-    {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CTOS_STATUS_REQUEST),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_CONSTRUCT_CTOS_SRP, 0),
+     "tls_construct_ctos_srp"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_CONSTRUCT_CTOS_STATUS_REQUEST, 0),
      "tls_construct_ctos_status_request"},
-    {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CTOS_SUPPORTED_GROUPS),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_CONSTRUCT_CTOS_SUPPORTED_GROUPS, 0),
      "tls_construct_ctos_supported_groups"},
-    {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CTOS_SUPPORTED_VERSIONS),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_CONSTRUCT_CTOS_SUPPORTED_VERSIONS, 0),
      "tls_construct_ctos_supported_versions"},
-    {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CTOS_USE_SRTP),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_CONSTRUCT_CTOS_USE_SRTP, 0),
      "tls_construct_ctos_use_srtp"},
-    {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CTOS_VERIFY), "TLS_CONSTRUCT_CTOS_VERIFY"},
-    {ERR_FUNC(SSL_F_TLS_CONSTRUCT_ENCRYPTED_EXTENSIONS),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_CONSTRUCT_CTOS_VERIFY, 0),
+     "TLS_CONSTRUCT_CTOS_VERIFY"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_CONSTRUCT_ENCRYPTED_EXTENSIONS, 0),
      "tls_construct_encrypted_extensions"},
-    {ERR_FUNC(SSL_F_TLS_CONSTRUCT_END_OF_EARLY_DATA),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_CONSTRUCT_END_OF_EARLY_DATA, 0),
      "tls_construct_end_of_early_data"},
-    {ERR_FUNC(SSL_F_TLS_CONSTRUCT_EXTENSIONS), "tls_construct_extensions"},
-    {ERR_FUNC(SSL_F_TLS_CONSTRUCT_FINISHED), "tls_construct_finished"},
-    {ERR_FUNC(SSL_F_TLS_CONSTRUCT_HELLO_REQUEST),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_CONSTRUCT_EXTENSIONS, 0),
+     "tls_construct_extensions"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_CONSTRUCT_FINISHED, 0),
+     "tls_construct_finished"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_CONSTRUCT_HELLO_REQUEST, 0),
      "tls_construct_hello_request"},
-    {ERR_FUNC(SSL_F_TLS_CONSTRUCT_HELLO_RETRY_REQUEST),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_CONSTRUCT_HELLO_RETRY_REQUEST, 0),
      "tls_construct_hello_retry_request"},
-    {ERR_FUNC(SSL_F_TLS_CONSTRUCT_KEY_UPDATE), "tls_construct_key_update"},
-    {ERR_FUNC(SSL_F_TLS_CONSTRUCT_NEW_SESSION_TICKET),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_CONSTRUCT_KEY_UPDATE, 0),
+     "tls_construct_key_update"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_CONSTRUCT_NEW_SESSION_TICKET, 0),
      "tls_construct_new_session_ticket"},
-    {ERR_FUNC(SSL_F_TLS_CONSTRUCT_NEXT_PROTO), "tls_construct_next_proto"},
-    {ERR_FUNC(SSL_F_TLS_CONSTRUCT_SERVER_CERTIFICATE),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_CONSTRUCT_NEXT_PROTO, 0),
+     "tls_construct_next_proto"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_CONSTRUCT_SERVER_CERTIFICATE, 0),
      "tls_construct_server_certificate"},
-    {ERR_FUNC(SSL_F_TLS_CONSTRUCT_SERVER_HELLO),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_CONSTRUCT_SERVER_HELLO, 0),
      "tls_construct_server_hello"},
-    {ERR_FUNC(SSL_F_TLS_CONSTRUCT_SERVER_KEY_EXCHANGE),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_CONSTRUCT_SERVER_KEY_EXCHANGE, 0),
      "tls_construct_server_key_exchange"},
-    {ERR_FUNC(SSL_F_TLS_CONSTRUCT_STOC_ALPN), "tls_construct_stoc_alpn"},
-    {ERR_FUNC(SSL_F_TLS_CONSTRUCT_STOC_CERTIFICATE),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_CONSTRUCT_STOC_ALPN, 0),
+     "tls_construct_stoc_alpn"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_CONSTRUCT_STOC_CERTIFICATE, 0),
      "TLS_CONSTRUCT_STOC_CERTIFICATE"},
-    {ERR_FUNC(SSL_F_TLS_CONSTRUCT_STOC_CRYPTOPRO_BUG),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_CONSTRUCT_STOC_CRYPTOPRO_BUG, 0),
      "tls_construct_stoc_cryptopro_bug"},
-    {ERR_FUNC(SSL_F_TLS_CONSTRUCT_STOC_DONE), "TLS_CONSTRUCT_STOC_DONE"},
-    {ERR_FUNC(SSL_F_TLS_CONSTRUCT_STOC_EARLY_DATA),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_CONSTRUCT_STOC_DONE, 0),
+     "TLS_CONSTRUCT_STOC_DONE"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_CONSTRUCT_STOC_EARLY_DATA, 0),
      "tls_construct_stoc_early_data"},
-    {ERR_FUNC(SSL_F_TLS_CONSTRUCT_STOC_EARLY_DATA_INFO),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_CONSTRUCT_STOC_EARLY_DATA_INFO, 0),
      "tls_construct_stoc_early_data_info"},
-    {ERR_FUNC(SSL_F_TLS_CONSTRUCT_STOC_EC_PT_FORMATS),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_CONSTRUCT_STOC_EC_PT_FORMATS, 0),
      "tls_construct_stoc_ec_pt_formats"},
-    {ERR_FUNC(SSL_F_TLS_CONSTRUCT_STOC_EMS), "tls_construct_stoc_ems"},
-    {ERR_FUNC(SSL_F_TLS_CONSTRUCT_STOC_ETM), "tls_construct_stoc_etm"},
-    {ERR_FUNC(SSL_F_TLS_CONSTRUCT_STOC_HELLO), "TLS_CONSTRUCT_STOC_HELLO"},
-    {ERR_FUNC(SSL_F_TLS_CONSTRUCT_STOC_KEY_EXCHANGE),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_CONSTRUCT_STOC_EMS, 0),
+     "tls_construct_stoc_ems"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_CONSTRUCT_STOC_ETM, 0),
+     "tls_construct_stoc_etm"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_CONSTRUCT_STOC_HELLO, 0),
+     "TLS_CONSTRUCT_STOC_HELLO"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_CONSTRUCT_STOC_KEY_EXCHANGE, 0),
      "TLS_CONSTRUCT_STOC_KEY_EXCHANGE"},
-    {ERR_FUNC(SSL_F_TLS_CONSTRUCT_STOC_KEY_SHARE),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_CONSTRUCT_STOC_KEY_SHARE, 0),
      "tls_construct_stoc_key_share"},
-    {ERR_FUNC(SSL_F_TLS_CONSTRUCT_STOC_NEXT_PROTO_NEG),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_CONSTRUCT_STOC_NEXT_PROTO_NEG, 0),
      "tls_construct_stoc_next_proto_neg"},
-    {ERR_FUNC(SSL_F_TLS_CONSTRUCT_STOC_PSK), "tls_construct_stoc_psk"},
-    {ERR_FUNC(SSL_F_TLS_CONSTRUCT_STOC_RENEGOTIATE),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_CONSTRUCT_STOC_PSK, 0),
+     "tls_construct_stoc_psk"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_CONSTRUCT_STOC_RENEGOTIATE, 0),
      "tls_construct_stoc_renegotiate"},
-    {ERR_FUNC(SSL_F_TLS_CONSTRUCT_STOC_SERVER_NAME),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_CONSTRUCT_STOC_SERVER_NAME, 0),
      "tls_construct_stoc_server_name"},
-    {ERR_FUNC(SSL_F_TLS_CONSTRUCT_STOC_SESSION_TICKET),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_CONSTRUCT_STOC_SESSION_TICKET, 0),
      "tls_construct_stoc_session_ticket"},
-    {ERR_FUNC(SSL_F_TLS_CONSTRUCT_STOC_STATUS_REQUEST),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_CONSTRUCT_STOC_STATUS_REQUEST, 0),
      "tls_construct_stoc_status_request"},
-    {ERR_FUNC(SSL_F_TLS_CONSTRUCT_STOC_SUPPORTED_GROUPS),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_CONSTRUCT_STOC_SUPPORTED_GROUPS, 0),
      "tls_construct_stoc_supported_groups"},
-    {ERR_FUNC(SSL_F_TLS_CONSTRUCT_STOC_USE_SRTP),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_CONSTRUCT_STOC_USE_SRTP, 0),
      "tls_construct_stoc_use_srtp"},
-    {ERR_FUNC(SSL_F_TLS_EARLY_POST_PROCESS_CLIENT_HELLO),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_EARLY_POST_PROCESS_CLIENT_HELLO, 0),
      "tls_early_post_process_client_hello"},
-    {ERR_FUNC(SSL_F_TLS_GET_MESSAGE_BODY), "tls_get_message_body"},
-    {ERR_FUNC(SSL_F_TLS_GET_MESSAGE_HEADER), "tls_get_message_header"},
-    {ERR_FUNC(SSL_F_TLS_PARSE_CLIENTHELLO_TLSEXT),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_GET_MESSAGE_BODY, 0),
+     "tls_get_message_body"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_GET_MESSAGE_HEADER, 0),
+     "tls_get_message_header"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_PARSE_CLIENTHELLO_TLSEXT, 0),
      "tls_parse_clienthello_tlsext"},
-    {ERR_FUNC(SSL_F_TLS_PARSE_CTOS_KEY_SHARE), "tls_parse_ctos_key_share"},
-    {ERR_FUNC(SSL_F_TLS_PARSE_CTOS_PSK), "tls_parse_ctos_psk"},
-    {ERR_FUNC(SSL_F_TLS_PARSE_CTOS_RENEGOTIATE),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_PARSE_CTOS_KEY_SHARE, 0),
+     "tls_parse_ctos_key_share"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_PARSE_CTOS_PSK, 0), "tls_parse_ctos_psk"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_PARSE_CTOS_RENEGOTIATE, 0),
      "tls_parse_ctos_renegotiate"},
-    {ERR_FUNC(SSL_F_TLS_PARSE_CTOS_USE_SRTP), "tls_parse_ctos_use_srtp"},
-    {ERR_FUNC(SSL_F_TLS_PARSE_STOC_COOKIE), "tls_parse_stoc_cookie"},
-    {ERR_FUNC(SSL_F_TLS_PARSE_STOC_EARLY_DATA), "tls_parse_stoc_early_data"},
-    {ERR_FUNC(SSL_F_TLS_PARSE_STOC_EARLY_DATA_INFO),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_PARSE_CTOS_USE_SRTP, 0),
+     "tls_parse_ctos_use_srtp"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_PARSE_STOC_COOKIE, 0),
+     "tls_parse_stoc_cookie"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_PARSE_STOC_EARLY_DATA, 0),
+     "tls_parse_stoc_early_data"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_PARSE_STOC_EARLY_DATA_INFO, 0),
      "tls_parse_stoc_early_data_info"},
-    {ERR_FUNC(SSL_F_TLS_PARSE_STOC_KEY_SHARE), "tls_parse_stoc_key_share"},
-    {ERR_FUNC(SSL_F_TLS_PARSE_STOC_PSK), "tls_parse_stoc_psk"},
-    {ERR_FUNC(SSL_F_TLS_PARSE_STOC_RENEGOTIATE),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_PARSE_STOC_KEY_SHARE, 0),
+     "tls_parse_stoc_key_share"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_PARSE_STOC_PSK, 0), "tls_parse_stoc_psk"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_PARSE_STOC_RENEGOTIATE, 0),
      "tls_parse_stoc_renegotiate"},
-    {ERR_FUNC(SSL_F_TLS_PARSE_STOC_USE_SRTP), "tls_parse_stoc_use_srtp"},
-    {ERR_FUNC(SSL_F_TLS_POST_PROCESS_CLIENT_HELLO),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_PARSE_STOC_USE_SRTP, 0),
+     "tls_parse_stoc_use_srtp"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_POST_PROCESS_CLIENT_HELLO, 0),
      "tls_post_process_client_hello"},
-    {ERR_FUNC(SSL_F_TLS_POST_PROCESS_CLIENT_KEY_EXCHANGE),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_POST_PROCESS_CLIENT_KEY_EXCHANGE, 0),
      "tls_post_process_client_key_exchange"},
-    {ERR_FUNC(SSL_F_TLS_PREPARE_CLIENT_CERTIFICATE),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_PREPARE_CLIENT_CERTIFICATE, 0),
      "tls_prepare_client_certificate"},
-    {ERR_FUNC(SSL_F_TLS_PROCESS_CERTIFICATE_REQUEST),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_PROCESS_CERTIFICATE_REQUEST, 0),
      "tls_process_certificate_request"},
-    {ERR_FUNC(SSL_F_TLS_PROCESS_CERT_STATUS), "tls_process_cert_status"},
-    {ERR_FUNC(SSL_F_TLS_PROCESS_CERT_STATUS_BODY),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_PROCESS_CERT_STATUS, 0),
+     "tls_process_cert_status"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_PROCESS_CERT_STATUS_BODY, 0),
      "tls_process_cert_status_body"},
-    {ERR_FUNC(SSL_F_TLS_PROCESS_CERT_VERIFY), "tls_process_cert_verify"},
-    {ERR_FUNC(SSL_F_TLS_PROCESS_CHANGE_CIPHER_SPEC),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_PROCESS_CERT_VERIFY, 0),
+     "tls_process_cert_verify"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_PROCESS_CHANGE_CIPHER_SPEC, 0),
      "tls_process_change_cipher_spec"},
-    {ERR_FUNC(SSL_F_TLS_PROCESS_CKE_DHE), "tls_process_cke_dhe"},
-    {ERR_FUNC(SSL_F_TLS_PROCESS_CKE_ECDHE), "tls_process_cke_ecdhe"},
-    {ERR_FUNC(SSL_F_TLS_PROCESS_CKE_GOST), "tls_process_cke_gost"},
-    {ERR_FUNC(SSL_F_TLS_PROCESS_CKE_PSK_PREAMBLE),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_PROCESS_CKE_DHE, 0),
+     "tls_process_cke_dhe"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_PROCESS_CKE_ECDHE, 0),
+     "tls_process_cke_ecdhe"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_PROCESS_CKE_GOST, 0),
+     "tls_process_cke_gost"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_PROCESS_CKE_PSK_PREAMBLE, 0),
      "tls_process_cke_psk_preamble"},
-    {ERR_FUNC(SSL_F_TLS_PROCESS_CKE_RSA), "tls_process_cke_rsa"},
-    {ERR_FUNC(SSL_F_TLS_PROCESS_CKE_SRP), "tls_process_cke_srp"},
-    {ERR_FUNC(SSL_F_TLS_PROCESS_CLIENT_CERTIFICATE),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_PROCESS_CKE_RSA, 0),
+     "tls_process_cke_rsa"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_PROCESS_CKE_SRP, 0),
+     "tls_process_cke_srp"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_PROCESS_CLIENT_CERTIFICATE, 0),
      "tls_process_client_certificate"},
-    {ERR_FUNC(SSL_F_TLS_PROCESS_CLIENT_HELLO), "tls_process_client_hello"},
-    {ERR_FUNC(SSL_F_TLS_PROCESS_CLIENT_KEY_EXCHANGE),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_PROCESS_CLIENT_HELLO, 0),
+     "tls_process_client_hello"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_PROCESS_CLIENT_KEY_EXCHANGE, 0),
      "tls_process_client_key_exchange"},
-    {ERR_FUNC(SSL_F_TLS_PROCESS_ENCRYPTED_EXTENSIONS),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_PROCESS_ENCRYPTED_EXTENSIONS, 0),
      "tls_process_encrypted_extensions"},
-    {ERR_FUNC(SSL_F_TLS_PROCESS_END_OF_EARLY_DATA),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_PROCESS_END_OF_EARLY_DATA, 0),
      "tls_process_end_of_early_data"},
-    {ERR_FUNC(SSL_F_TLS_PROCESS_FINISHED), "tls_process_finished"},
-    {ERR_FUNC(SSL_F_TLS_PROCESS_HELLO_REQ), "tls_process_hello_req"},
-    {ERR_FUNC(SSL_F_TLS_PROCESS_HELLO_RETRY_REQUEST),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_PROCESS_FINISHED, 0),
+     "tls_process_finished"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_PROCESS_HELLO_REQ, 0),
+     "tls_process_hello_req"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_PROCESS_HELLO_RETRY_REQUEST, 0),
      "tls_process_hello_retry_request"},
-    {ERR_FUNC(SSL_F_TLS_PROCESS_INITIAL_SERVER_FLIGHT),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_PROCESS_INITIAL_SERVER_FLIGHT, 0),
      "tls_process_initial_server_flight"},
-    {ERR_FUNC(SSL_F_TLS_PROCESS_KEY_EXCHANGE), "tls_process_key_exchange"},
-    {ERR_FUNC(SSL_F_TLS_PROCESS_KEY_UPDATE), "tls_process_key_update"},
-    {ERR_FUNC(SSL_F_TLS_PROCESS_NEW_SESSION_TICKET),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_PROCESS_KEY_EXCHANGE, 0),
+     "tls_process_key_exchange"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_PROCESS_KEY_UPDATE, 0),
+     "tls_process_key_update"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_PROCESS_NEW_SESSION_TICKET, 0),
      "tls_process_new_session_ticket"},
-    {ERR_FUNC(SSL_F_TLS_PROCESS_NEXT_PROTO), "tls_process_next_proto"},
-    {ERR_FUNC(SSL_F_TLS_PROCESS_SERVER_CERTIFICATE),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_PROCESS_NEXT_PROTO, 0),
+     "tls_process_next_proto"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_PROCESS_SERVER_CERTIFICATE, 0),
      "tls_process_server_certificate"},
-    {ERR_FUNC(SSL_F_TLS_PROCESS_SERVER_DONE), "tls_process_server_done"},
-    {ERR_FUNC(SSL_F_TLS_PROCESS_SERVER_HELLO), "tls_process_server_hello"},
-    {ERR_FUNC(SSL_F_TLS_PROCESS_SKE_DHE), "tls_process_ske_dhe"},
-    {ERR_FUNC(SSL_F_TLS_PROCESS_SKE_ECDHE), "tls_process_ske_ecdhe"},
-    {ERR_FUNC(SSL_F_TLS_PROCESS_SKE_PSK_PREAMBLE),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_PROCESS_SERVER_DONE, 0),
+     "tls_process_server_done"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_PROCESS_SERVER_HELLO, 0),
+     "tls_process_server_hello"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_PROCESS_SKE_DHE, 0),
+     "tls_process_ske_dhe"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_PROCESS_SKE_ECDHE, 0),
+     "tls_process_ske_ecdhe"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_PROCESS_SKE_PSK_PREAMBLE, 0),
      "tls_process_ske_psk_preamble"},
-    {ERR_FUNC(SSL_F_TLS_PROCESS_SKE_SRP), "tls_process_ske_srp"},
-    {ERR_FUNC(SSL_F_TLS_PSK_DO_BINDER), "tls_psk_do_binder"},
-    {ERR_FUNC(SSL_F_TLS_SCAN_CLIENTHELLO_TLSEXT),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_PROCESS_SKE_SRP, 0),
+     "tls_process_ske_srp"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_PSK_DO_BINDER, 0), "tls_psk_do_binder"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_SCAN_CLIENTHELLO_TLSEXT, 0),
      "tls_scan_clienthello_tlsext"},
-    {ERR_FUNC(SSL_F_TLS_SETUP_HANDSHAKE), "tls_setup_handshake"},
-    {ERR_FUNC(SSL_F_USE_CERTIFICATE_CHAIN_FILE),
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_SETUP_HANDSHAKE, 0),
+     "tls_setup_handshake"},
+    {ERR_PACK(ERR_LIB_SSL, SSL_F_USE_CERTIFICATE_CHAIN_FILE, 0),
      "use_certificate_chain_file"},
     {0, NULL}
 };
 
-static ERR_STRING_DATA SSL_str_reasons[] = {
-    {ERR_REASON(SSL_R_APP_DATA_IN_HANDSHAKE), "app data in handshake"},
-    {ERR_REASON(SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT),
-     "attempt to reuse session in different context"},
-    {ERR_REASON(SSL_R_AT_LEAST_TLS_1_0_NEEDED_IN_FIPS_MODE),
-     "at least TLS 1.0 needed in FIPS mode"},
-    {ERR_REASON(SSL_R_AT_LEAST_TLS_1_2_NEEDED_IN_SUITEB_MODE),
-     "at least (D)TLS 1.2 needed in Suite B mode"},
-    {ERR_REASON(SSL_R_BAD_CHANGE_CIPHER_SPEC), "bad change cipher spec"},
-    {ERR_REASON(SSL_R_BAD_CIPHER), "bad cipher"},
-    {ERR_REASON(SSL_R_BAD_DATA), "bad data"},
-    {ERR_REASON(SSL_R_BAD_DATA_RETURNED_BY_CALLBACK),
-     "bad data returned by callback"},
-    {ERR_REASON(SSL_R_BAD_DECOMPRESSION), "bad decompression"},
-    {ERR_REASON(SSL_R_BAD_DH_VALUE), "bad dh value"},
-    {ERR_REASON(SSL_R_BAD_DIGEST_LENGTH), "bad digest length"},
-    {ERR_REASON(SSL_R_BAD_ECC_CERT), "bad ecc cert"},
-    {ERR_REASON(SSL_R_BAD_ECPOINT), "bad ecpoint"},
-    {ERR_REASON(SSL_R_BAD_EXTENSION), "bad extension"},
-    {ERR_REASON(SSL_R_BAD_HANDSHAKE_LENGTH), "bad handshake length"},
-    {ERR_REASON(SSL_R_BAD_HELLO_REQUEST), "bad hello request"},
-    {ERR_REASON(SSL_R_BAD_KEY_SHARE), "bad key share"},
-    {ERR_REASON(SSL_R_BAD_KEY_UPDATE), "bad key update"},
-    {ERR_REASON(SSL_R_BAD_LENGTH), "bad length"},
-    {ERR_REASON(SSL_R_BAD_PACKET_LENGTH), "bad packet length"},
-    {ERR_REASON(SSL_R_BAD_PROTOCOL_VERSION_NUMBER),
-     "bad protocol version number"},
-    {ERR_REASON(SSL_R_BAD_PSK_IDENTITY), "bad psk identity"},
-    {ERR_REASON(SSL_R_BAD_RECORD_TYPE), "bad record type"},
-    {ERR_REASON(SSL_R_BAD_RSA_ENCRYPT), "bad rsa encrypt"},
-    {ERR_REASON(SSL_R_BAD_SIGNATURE), "bad signature"},
-    {ERR_REASON(SSL_R_BAD_SRP_A_LENGTH), "bad srp a length"},
-    {ERR_REASON(SSL_R_BAD_SRP_PARAMETERS), "bad srp parameters"},
-    {ERR_REASON(SSL_R_BAD_SRTP_MKI_VALUE), "bad srtp mki value"},
-    {ERR_REASON(SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST),
-     "bad srtp protection profile list"},
-    {ERR_REASON(SSL_R_BAD_SSL_FILETYPE), "bad ssl filetype"},
-    {ERR_REASON(SSL_R_BAD_VALUE), "bad value"},
-    {ERR_REASON(SSL_R_BAD_WRITE_RETRY), "bad write retry"},
-    {ERR_REASON(SSL_R_BIO_NOT_SET), "bio not set"},
-    {ERR_REASON(SSL_R_BLOCK_CIPHER_PAD_IS_WRONG),
-     "block cipher pad is wrong"},
-    {ERR_REASON(SSL_R_BN_LIB), "bn lib"},
-    {ERR_REASON(SSL_R_CANNOT_CHANGE_CIPHER), "cannot change cipher"},
-    {ERR_REASON(SSL_R_CA_DN_LENGTH_MISMATCH), "ca dn length mismatch"},
-    {ERR_REASON(SSL_R_CA_KEY_TOO_SMALL), "ca key too small"},
-    {ERR_REASON(SSL_R_CA_MD_TOO_WEAK), "ca md too weak"},
-    {ERR_REASON(SSL_R_CCS_RECEIVED_EARLY), "ccs received early"},
-    {ERR_REASON(SSL_R_CERTIFICATE_VERIFY_FAILED),
-     "certificate verify failed"},
-    {ERR_REASON(SSL_R_CERT_CB_ERROR), "cert cb error"},
-    {ERR_REASON(SSL_R_CERT_LENGTH_MISMATCH), "cert length mismatch"},
-    {ERR_REASON(SSL_R_CIPHER_CODE_WRONG_LENGTH), "cipher code wrong length"},
-    {ERR_REASON(SSL_R_CIPHER_OR_HASH_UNAVAILABLE),
-     "cipher or hash unavailable"},
-    {ERR_REASON(SSL_R_CLIENTHELLO_TLSEXT), "clienthello tlsext"},
-    {ERR_REASON(SSL_R_COMPRESSED_LENGTH_TOO_LONG),
-     "compressed length too long"},
-    {ERR_REASON(SSL_R_COMPRESSION_DISABLED), "compression disabled"},
-    {ERR_REASON(SSL_R_COMPRESSION_FAILURE), "compression failure"},
-    {ERR_REASON(SSL_R_COMPRESSION_ID_NOT_WITHIN_PRIVATE_RANGE),
-     "compression id not within private range"},
-    {ERR_REASON(SSL_R_COMPRESSION_LIBRARY_ERROR),
-     "compression library error"},
-    {ERR_REASON(SSL_R_CONNECTION_TYPE_NOT_SET), "connection type not set"},
-    {ERR_REASON(SSL_R_CONTEXT_NOT_DANE_ENABLED), "context not dane enabled"},
-    {ERR_REASON(SSL_R_COOKIE_GEN_CALLBACK_FAILURE),
-     "cookie gen callback failure"},
-    {ERR_REASON(SSL_R_COOKIE_MISMATCH), "cookie mismatch"},
-    {ERR_REASON(SSL_R_CUSTOM_EXT_HANDLER_ALREADY_INSTALLED),
-     "custom ext handler already installed"},
-    {ERR_REASON(SSL_R_DANE_ALREADY_ENABLED), "dane already enabled"},
-    {ERR_REASON(SSL_R_DANE_CANNOT_OVERRIDE_MTYPE_FULL),
-     "dane cannot override mtype full"},
-    {ERR_REASON(SSL_R_DANE_NOT_ENABLED), "dane not enabled"},
-    {ERR_REASON(SSL_R_DANE_TLSA_BAD_CERTIFICATE),
-     "dane tlsa bad certificate"},
-    {ERR_REASON(SSL_R_DANE_TLSA_BAD_CERTIFICATE_USAGE),
-     "dane tlsa bad certificate usage"},
-    {ERR_REASON(SSL_R_DANE_TLSA_BAD_DATA_LENGTH),
-     "dane tlsa bad data length"},
-    {ERR_REASON(SSL_R_DANE_TLSA_BAD_DIGEST_LENGTH),
-     "dane tlsa bad digest length"},
-    {ERR_REASON(SSL_R_DANE_TLSA_BAD_MATCHING_TYPE),
-     "dane tlsa bad matching type"},
-    {ERR_REASON(SSL_R_DANE_TLSA_BAD_PUBLIC_KEY), "dane tlsa bad public key"},
-    {ERR_REASON(SSL_R_DANE_TLSA_BAD_SELECTOR), "dane tlsa bad selector"},
-    {ERR_REASON(SSL_R_DANE_TLSA_NULL_DATA), "dane tlsa null data"},
-    {ERR_REASON(SSL_R_DATA_BETWEEN_CCS_AND_FINISHED),
-     "data between ccs and finished"},
-    {ERR_REASON(SSL_R_DATA_LENGTH_TOO_LONG), "data length too long"},
-    {ERR_REASON(SSL_R_DECRYPTION_FAILED), "decryption failed"},
-    {ERR_REASON(SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC),
-     "decryption failed or bad record mac"},
-    {ERR_REASON(SSL_R_DH_KEY_TOO_SMALL), "dh key too small"},
-    {ERR_REASON(SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG),
-     "dh public value length is wrong"},
-    {ERR_REASON(SSL_R_DIGEST_CHECK_FAILED), "digest check failed"},
-    {ERR_REASON(SSL_R_DTLS_MESSAGE_TOO_BIG), "dtls message too big"},
-    {ERR_REASON(SSL_R_DUPLICATE_COMPRESSION_ID), "duplicate compression id"},
-    {ERR_REASON(SSL_R_ECC_CERT_NOT_FOR_SIGNING), "ecc cert not for signing"},
-    {ERR_REASON(SSL_R_ECDH_REQUIRED_FOR_SUITEB_MODE),
-     "ecdh required for suiteb mode"},
-    {ERR_REASON(SSL_R_EE_KEY_TOO_SMALL), "ee key too small"},
-    {ERR_REASON(SSL_R_EMPTY_SRTP_PROTECTION_PROFILE_LIST),
-     "empty srtp protection profile list"},
-    {ERR_REASON(SSL_R_ENCRYPTED_LENGTH_TOO_LONG),
-     "encrypted length too long"},
-    {ERR_REASON(SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST),
-     "error in received cipher list"},
-    {ERR_REASON(SSL_R_ERROR_SETTING_TLSA_BASE_DOMAIN),
-     "error setting tlsa base domain"},
-    {ERR_REASON(SSL_R_EXCEEDS_MAX_FRAGMENT_SIZE),
-     "exceeds max fragment size"},
-    {ERR_REASON(SSL_R_EXCESSIVE_MESSAGE_SIZE), "excessive message size"},
-    {ERR_REASON(SSL_R_EXTRA_DATA_IN_MESSAGE), "extra data in message"},
-    {ERR_REASON(SSL_R_EXT_LENGTH_MISMATCH), "ext length mismatch"},
-    {ERR_REASON(SSL_R_FAILED_TO_INIT_ASYNC), "failed to init async"},
-    {ERR_REASON(SSL_R_FRAGMENTED_CLIENT_HELLO), "fragmented client hello"},
-    {ERR_REASON(SSL_R_GOT_A_FIN_BEFORE_A_CCS), "got a fin before a ccs"},
-    {ERR_REASON(SSL_R_HTTPS_PROXY_REQUEST), "https proxy request"},
-    {ERR_REASON(SSL_R_HTTP_REQUEST), "http request"},
-    {ERR_REASON(SSL_R_ILLEGAL_POINT_COMPRESSION),
-     "illegal point compression"},
-    {ERR_REASON(SSL_R_ILLEGAL_SUITEB_DIGEST), "illegal Suite B digest"},
-    {ERR_REASON(SSL_R_INAPPROPRIATE_FALLBACK), "inappropriate fallback"},
-    {ERR_REASON(SSL_R_INCONSISTENT_COMPRESSION), "inconsistent compression"},
-    {ERR_REASON(SSL_R_INCONSISTENT_EXTMS), "inconsistent extms"},
-    {ERR_REASON(SSL_R_INVALID_ALERT), "invalid alert"},
-    {ERR_REASON(SSL_R_INVALID_COMMAND), "invalid command"},
-    {ERR_REASON(SSL_R_INVALID_COMPRESSION_ALGORITHM),
-     "invalid compression algorithm"},
-    {ERR_REASON(SSL_R_INVALID_CONFIGURATION_NAME),
-     "invalid configuration name"},
-    {ERR_REASON(SSL_R_INVALID_CT_VALIDATION_TYPE),
-     "invalid ct validation type"},
-    {ERR_REASON(SSL_R_INVALID_KEY_UPDATE_TYPE), "invalid key update type"},
-    {ERR_REASON(SSL_R_INVALID_MAX_EARLY_DATA), "invalid max early data"},
-    {ERR_REASON(SSL_R_INVALID_NULL_CMD_NAME), "invalid null cmd name"},
-    {ERR_REASON(SSL_R_INVALID_SEQUENCE_NUMBER), "invalid sequence number"},
-    {ERR_REASON(SSL_R_INVALID_SERVERINFO_DATA), "invalid serverinfo data"},
-    {ERR_REASON(SSL_R_INVALID_SRP_USERNAME), "invalid srp username"},
-    {ERR_REASON(SSL_R_INVALID_STATUS_RESPONSE), "invalid status response"},
-    {ERR_REASON(SSL_R_INVALID_TICKET_KEYS_LENGTH),
-     "invalid ticket keys length"},
-    {ERR_REASON(SSL_R_LENGTH_MISMATCH), "length mismatch"},
-    {ERR_REASON(SSL_R_LENGTH_TOO_LONG), "length too long"},
-    {ERR_REASON(SSL_R_LENGTH_TOO_SHORT), "length too short"},
-    {ERR_REASON(SSL_R_LIBRARY_BUG), "library bug"},
-    {ERR_REASON(SSL_R_LIBRARY_HAS_NO_CIPHERS), "library has no ciphers"},
-    {ERR_REASON(SSL_R_MISSING_DSA_SIGNING_CERT), "missing dsa signing cert"},
-    {ERR_REASON(SSL_R_MISSING_ECDSA_SIGNING_CERT),
-     "missing ecdsa signing cert"},
-    {ERR_REASON(SSL_R_MISSING_RSA_CERTIFICATE), "missing rsa certificate"},
-    {ERR_REASON(SSL_R_MISSING_RSA_ENCRYPTING_CERT),
-     "missing rsa encrypting cert"},
-    {ERR_REASON(SSL_R_MISSING_RSA_SIGNING_CERT), "missing rsa signing cert"},
-    {ERR_REASON(SSL_R_MISSING_SIGALGS_EXTENSION),
-     "missing sigalgs extension"},
-    {ERR_REASON(SSL_R_MISSING_SRP_PARAM), "can't find SRP server param"},
-    {ERR_REASON(SSL_R_MISSING_SUPPORTED_GROUPS_EXTENSION),
-     "missing supported groups extension"},
-    {ERR_REASON(SSL_R_MISSING_TMP_DH_KEY), "missing tmp dh key"},
-    {ERR_REASON(SSL_R_MISSING_TMP_ECDH_KEY), "missing tmp ecdh key"},
-    {ERR_REASON(SSL_R_NOT_ON_RECORD_BOUNDARY), "not on record boundary"},
-    {ERR_REASON(SSL_R_NO_CERTIFICATES_RETURNED), "no certificates returned"},
-    {ERR_REASON(SSL_R_NO_CERTIFICATE_ASSIGNED), "no certificate assigned"},
-    {ERR_REASON(SSL_R_NO_CERTIFICATE_SET), "no certificate set"},
-    {ERR_REASON(SSL_R_NO_CHANGE_FOLLOWING_HRR), "no change following hrr"},
-    {ERR_REASON(SSL_R_NO_CIPHERS_AVAILABLE), "no ciphers available"},
-    {ERR_REASON(SSL_R_NO_CIPHERS_SPECIFIED), "no ciphers specified"},
-    {ERR_REASON(SSL_R_NO_CIPHER_MATCH), "no cipher match"},
-    {ERR_REASON(SSL_R_NO_CLIENT_CERT_METHOD), "no client cert method"},
-    {ERR_REASON(SSL_R_NO_COMPRESSION_SPECIFIED), "no compression specified"},
-    {ERR_REASON(SSL_R_NO_GOST_CERTIFICATE_SENT_BY_PEER),
-     "Peer haven't sent GOST certificate, required for selected ciphersuite"},
-    {ERR_REASON(SSL_R_NO_METHOD_SPECIFIED), "no method specified"},
-    {ERR_REASON(SSL_R_NO_PEM_EXTENSIONS), "no pem extensions"},
-    {ERR_REASON(SSL_R_NO_PRIVATE_KEY_ASSIGNED), "no private key assigned"},
-    {ERR_REASON(SSL_R_NO_PROTOCOLS_AVAILABLE), "no protocols available"},
-    {ERR_REASON(SSL_R_NO_RENEGOTIATION), "no renegotiation"},
-    {ERR_REASON(SSL_R_NO_REQUIRED_DIGEST), "no required digest"},
-    {ERR_REASON(SSL_R_NO_SHARED_CIPHER), "no shared cipher"},
-    {ERR_REASON(SSL_R_NO_SHARED_GROUPS), "no shared groups"},
-    {ERR_REASON(SSL_R_NO_SHARED_SIGNATURE_ALGORITHMS),
-     "no shared signature algorithms"},
-    {ERR_REASON(SSL_R_NO_SRTP_PROFILES), "no srtp profiles"},
-    {ERR_REASON(SSL_R_NO_SUITABLE_KEY_SHARE), "no suitable key share"},
-    {ERR_REASON(SSL_R_NO_SUITABLE_SIGNATURE_ALGORITHM),
-     "no suitable signature algorithm"},
-    {ERR_REASON(SSL_R_NO_VALID_SCTS), "no valid scts"},
-    {ERR_REASON(SSL_R_NO_VERIFY_COOKIE_CALLBACK),
-     "no verify cookie callback"},
-    {ERR_REASON(SSL_R_NULL_SSL_CTX), "null ssl ctx"},
-    {ERR_REASON(SSL_R_NULL_SSL_METHOD_PASSED), "null ssl method passed"},
-    {ERR_REASON(SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED),
-     "old session cipher not returned"},
-    {ERR_REASON(SSL_R_OLD_SESSION_COMPRESSION_ALGORITHM_NOT_RETURNED),
-     "old session compression algorithm not returned"},
-    {ERR_REASON(SSL_R_PACKET_LENGTH_TOO_LONG), "packet length too long"},
-    {ERR_REASON(SSL_R_PARSE_TLSEXT), "parse tlsext"},
-    {ERR_REASON(SSL_R_PATH_TOO_LONG), "path too long"},
-    {ERR_REASON(SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE),
-     "peer did not return a certificate"},
-    {ERR_REASON(SSL_R_PEM_NAME_BAD_PREFIX), "pem name bad prefix"},
-    {ERR_REASON(SSL_R_PEM_NAME_TOO_SHORT), "pem name too short"},
-    {ERR_REASON(SSL_R_PIPELINE_FAILURE), "pipeline failure"},
-    {ERR_REASON(SSL_R_PROTOCOL_IS_SHUTDOWN), "protocol is shutdown"},
-    {ERR_REASON(SSL_R_PSK_IDENTITY_NOT_FOUND), "psk identity not found"},
-    {ERR_REASON(SSL_R_PSK_NO_CLIENT_CB), "psk no client cb"},
-    {ERR_REASON(SSL_R_PSK_NO_SERVER_CB), "psk no server cb"},
-    {ERR_REASON(SSL_R_READ_BIO_NOT_SET), "read bio not set"},
-    {ERR_REASON(SSL_R_READ_TIMEOUT_EXPIRED), "read timeout expired"},
-    {ERR_REASON(SSL_R_RECORD_LENGTH_MISMATCH), "record length mismatch"},
-    {ERR_REASON(SSL_R_RECORD_TOO_SMALL), "record too small"},
-    {ERR_REASON(SSL_R_RENEGOTIATE_EXT_TOO_LONG), "renegotiate ext too long"},
-    {ERR_REASON(SSL_R_RENEGOTIATION_ENCODING_ERR),
-     "renegotiation encoding err"},
-    {ERR_REASON(SSL_R_RENEGOTIATION_MISMATCH), "renegotiation mismatch"},
-    {ERR_REASON(SSL_R_REQUIRED_CIPHER_MISSING), "required cipher missing"},
-    {ERR_REASON(SSL_R_REQUIRED_COMPRESSION_ALGORITHM_MISSING),
-     "required compression algorithm missing"},
-    {ERR_REASON(SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING),
-     "scsv received when renegotiating"},
-    {ERR_REASON(SSL_R_SCT_VERIFICATION_FAILED), "sct verification failed"},
-    {ERR_REASON(SSL_R_SERVERHELLO_TLSEXT), "serverhello tlsext"},
-    {ERR_REASON(SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED),
-     "session id context uninitialized"},
-    {ERR_REASON(SSL_R_SHUTDOWN_WHILE_IN_INIT), "shutdown while in init"},
-    {ERR_REASON(SSL_R_SIGNATURE_ALGORITHMS_ERROR),
-     "signature algorithms error"},
-    {ERR_REASON(SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE),
-     "signature for non signing certificate"},
-    {ERR_REASON(SSL_R_SRP_A_CALC), "error with the srp params"},
-    {ERR_REASON(SSL_R_SRTP_COULD_NOT_ALLOCATE_PROFILES),
-     "srtp could not allocate profiles"},
-    {ERR_REASON(SSL_R_SRTP_PROTECTION_PROFILE_LIST_TOO_LONG),
-     "srtp protection profile list too long"},
-    {ERR_REASON(SSL_R_SRTP_UNKNOWN_PROTECTION_PROFILE),
-     "srtp unknown protection profile"},
-    {ERR_REASON(SSL_R_SSL3_EXT_INVALID_SERVERNAME),
-     "ssl3 ext invalid servername"},
-    {ERR_REASON(SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE),
-     "ssl3 ext invalid servername type"},
-    {ERR_REASON(SSL_R_SSL3_SESSION_ID_TOO_LONG), "ssl3 session id too long"},
-    {ERR_REASON(SSL_R_SSLV3_ALERT_BAD_CERTIFICATE),
-     "sslv3 alert bad certificate"},
-    {ERR_REASON(SSL_R_SSLV3_ALERT_BAD_RECORD_MAC),
-     "sslv3 alert bad record mac"},
-    {ERR_REASON(SSL_R_SSLV3_ALERT_CERTIFICATE_EXPIRED),
-     "sslv3 alert certificate expired"},
-    {ERR_REASON(SSL_R_SSLV3_ALERT_CERTIFICATE_REVOKED),
-     "sslv3 alert certificate revoked"},
-    {ERR_REASON(SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN),
-     "sslv3 alert certificate unknown"},
-    {ERR_REASON(SSL_R_SSLV3_ALERT_DECOMPRESSION_FAILURE),
-     "sslv3 alert decompression failure"},
-    {ERR_REASON(SSL_R_SSLV3_ALERT_HANDSHAKE_FAILURE),
-     "sslv3 alert handshake failure"},
-    {ERR_REASON(SSL_R_SSLV3_ALERT_ILLEGAL_PARAMETER),
-     "sslv3 alert illegal parameter"},
-    {ERR_REASON(SSL_R_SSLV3_ALERT_NO_CERTIFICATE),
-     "sslv3 alert no certificate"},
-    {ERR_REASON(SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE),
-     "sslv3 alert unexpected message"},
-    {ERR_REASON(SSL_R_SSLV3_ALERT_UNSUPPORTED_CERTIFICATE),
-     "sslv3 alert unsupported certificate"},
-    {ERR_REASON(SSL_R_SSL_COMMAND_SECTION_EMPTY),
-     "ssl command section empty"},
-    {ERR_REASON(SSL_R_SSL_COMMAND_SECTION_NOT_FOUND),
-     "ssl command section not found"},
-    {ERR_REASON(SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION),
-     "ssl ctx has no default ssl version"},
-    {ERR_REASON(SSL_R_SSL_HANDSHAKE_FAILURE), "ssl handshake failure"},
-    {ERR_REASON(SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS),
-     "ssl library has no ciphers"},
-    {ERR_REASON(SSL_R_SSL_NEGATIVE_LENGTH), "ssl negative length"},
-    {ERR_REASON(SSL_R_SSL_SECTION_EMPTY), "ssl section empty"},
-    {ERR_REASON(SSL_R_SSL_SECTION_NOT_FOUND), "ssl section not found"},
-    {ERR_REASON(SSL_R_SSL_SESSION_ID_CALLBACK_FAILED),
-     "ssl session id callback failed"},
-    {ERR_REASON(SSL_R_SSL_SESSION_ID_CONFLICT), "ssl session id conflict"},
-    {ERR_REASON(SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG),
-     "ssl session id context too long"},
-    {ERR_REASON(SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH),
-     "ssl session id has bad length"},
-    {ERR_REASON(SSL_R_SSL_SESSION_ID_TOO_LONG), "ssl session id too long"},
-    {ERR_REASON(SSL_R_SSL_SESSION_VERSION_MISMATCH),
-     "ssl session version mismatch"},
-    {ERR_REASON(SSL_R_STILL_IN_INIT), "still in init"},
-    {ERR_REASON(SSL_R_TLSV1_ALERT_ACCESS_DENIED),
-     "tlsv1 alert access denied"},
-    {ERR_REASON(SSL_R_TLSV1_ALERT_DECODE_ERROR), "tlsv1 alert decode error"},
-    {ERR_REASON(SSL_R_TLSV1_ALERT_DECRYPTION_FAILED),
-     "tlsv1 alert decryption failed"},
-    {ERR_REASON(SSL_R_TLSV1_ALERT_DECRYPT_ERROR),
-     "tlsv1 alert decrypt error"},
-    {ERR_REASON(SSL_R_TLSV1_ALERT_EXPORT_RESTRICTION),
-     "tlsv1 alert export restriction"},
-    {ERR_REASON(SSL_R_TLSV1_ALERT_INAPPROPRIATE_FALLBACK),
-     "tlsv1 alert inappropriate fallback"},
-    {ERR_REASON(SSL_R_TLSV1_ALERT_INSUFFICIENT_SECURITY),
-     "tlsv1 alert insufficient security"},
-    {ERR_REASON(SSL_R_TLSV1_ALERT_INTERNAL_ERROR),
-     "tlsv1 alert internal error"},
-    {ERR_REASON(SSL_R_TLSV1_ALERT_NO_RENEGOTIATION),
-     "tlsv1 alert no renegotiation"},
-    {ERR_REASON(SSL_R_TLSV1_ALERT_PROTOCOL_VERSION),
-     "tlsv1 alert protocol version"},
-    {ERR_REASON(SSL_R_TLSV1_ALERT_RECORD_OVERFLOW),
-     "tlsv1 alert record overflow"},
-    {ERR_REASON(SSL_R_TLSV1_ALERT_UNKNOWN_CA), "tlsv1 alert unknown ca"},
-    {ERR_REASON(SSL_R_TLSV1_ALERT_USER_CANCELLED),
-     "tlsv1 alert user cancelled"},
-    {ERR_REASON(SSL_R_TLSV1_BAD_CERTIFICATE_HASH_VALUE),
-     "tlsv1 bad certificate hash value"},
-    {ERR_REASON(SSL_R_TLSV1_BAD_CERTIFICATE_STATUS_RESPONSE),
-     "tlsv1 bad certificate status response"},
-    {ERR_REASON(SSL_R_TLSV1_CERTIFICATE_UNOBTAINABLE),
-     "tlsv1 certificate unobtainable"},
-    {ERR_REASON(SSL_R_TLSV1_UNRECOGNIZED_NAME), "tlsv1 unrecognized name"},
-    {ERR_REASON(SSL_R_TLSV1_UNSUPPORTED_EXTENSION),
-     "tlsv1 unsupported extension"},
-    {ERR_REASON(SSL_R_TLS_HEARTBEAT_PEER_DOESNT_ACCEPT),
-     "peer does not accept heartbeats"},
-    {ERR_REASON(SSL_R_TLS_HEARTBEAT_PENDING),
-     "heartbeat request already pending"},
-    {ERR_REASON(SSL_R_TLS_ILLEGAL_EXPORTER_LABEL),
-     "tls illegal exporter label"},
-    {ERR_REASON(SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST),
-     "tls invalid ecpointformat list"},
-    {ERR_REASON(SSL_R_TOO_MANY_KEY_UPDATES), "too many key updates"},
-    {ERR_REASON(SSL_R_TOO_MANY_WARN_ALERTS), "too many warn alerts"},
-    {ERR_REASON(SSL_R_TOO_MUCH_EARLY_DATA), "too much early data"},
-    {ERR_REASON(SSL_R_UNABLE_TO_FIND_ECDH_PARAMETERS),
-     "unable to find ecdh parameters"},
-    {ERR_REASON(SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS),
-     "unable to find public key parameters"},
-    {ERR_REASON(SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES),
-     "unable to load ssl3 md5 routines"},
-    {ERR_REASON(SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES),
-     "unable to load ssl3 sha1 routines"},
-    {ERR_REASON(SSL_R_UNEXPECTED_END_OF_EARLY_DATA),
-     "unexpected end of early data"},
-    {ERR_REASON(SSL_R_UNEXPECTED_MESSAGE), "unexpected message"},
-    {ERR_REASON(SSL_R_UNEXPECTED_RECORD), "unexpected record"},
-    {ERR_REASON(SSL_R_UNINITIALIZED), "uninitialized"},
-    {ERR_REASON(SSL_R_UNKNOWN_ALERT_TYPE), "unknown alert type"},
-    {ERR_REASON(SSL_R_UNKNOWN_CERTIFICATE_TYPE), "unknown certificate type"},
-    {ERR_REASON(SSL_R_UNKNOWN_CIPHER_RETURNED), "unknown cipher returned"},
-    {ERR_REASON(SSL_R_UNKNOWN_CIPHER_TYPE), "unknown cipher type"},
-    {ERR_REASON(SSL_R_UNKNOWN_CMD_NAME), "unknown cmd name"},
-    {ERR_REASON(SSL_R_UNKNOWN_COMMAND), "unknown command"},
-    {ERR_REASON(SSL_R_UNKNOWN_DIGEST), "unknown digest"},
-    {ERR_REASON(SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE),
-     "unknown key exchange type"},
-    {ERR_REASON(SSL_R_UNKNOWN_PKEY_TYPE), "unknown pkey type"},
-    {ERR_REASON(SSL_R_UNKNOWN_PROTOCOL), "unknown protocol"},
-    {ERR_REASON(SSL_R_UNKNOWN_SSL_VERSION), "unknown ssl version"},
-    {ERR_REASON(SSL_R_UNKNOWN_STATE), "unknown state"},
-    {ERR_REASON(SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED),
-     "unsafe legacy renegotiation disabled"},
-    {ERR_REASON(SSL_R_UNSOLICITED_EXTENSION), "unsolicited extension"},
-    {ERR_REASON(SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM),
-     "unsupported compression algorithm"},
-    {ERR_REASON(SSL_R_UNSUPPORTED_ELLIPTIC_CURVE),
-     "unsupported elliptic curve"},
-    {ERR_REASON(SSL_R_UNSUPPORTED_PROTOCOL), "unsupported protocol"},
-    {ERR_REASON(SSL_R_UNSUPPORTED_SSL_VERSION), "unsupported ssl version"},
-    {ERR_REASON(SSL_R_UNSUPPORTED_STATUS_TYPE), "unsupported status type"},
-    {ERR_REASON(SSL_R_USE_SRTP_NOT_NEGOTIATED), "use srtp not negotiated"},
-    {ERR_REASON(SSL_R_VERSION_TOO_HIGH), "version too high"},
-    {ERR_REASON(SSL_R_VERSION_TOO_LOW), "version too low"},
-    {ERR_REASON(SSL_R_WRONG_CERTIFICATE_TYPE), "wrong certificate type"},
-    {ERR_REASON(SSL_R_WRONG_CIPHER_RETURNED), "wrong cipher returned"},
-    {ERR_REASON(SSL_R_WRONG_CURVE), "wrong curve"},
-    {ERR_REASON(SSL_R_WRONG_SIGNATURE_LENGTH), "wrong signature length"},
-    {ERR_REASON(SSL_R_WRONG_SIGNATURE_SIZE), "wrong signature size"},
-    {ERR_REASON(SSL_R_WRONG_SIGNATURE_TYPE), "wrong signature type"},
-    {ERR_REASON(SSL_R_WRONG_SSL_VERSION), "wrong ssl version"},
-    {ERR_REASON(SSL_R_WRONG_VERSION_NUMBER), "wrong version number"},
-    {ERR_REASON(SSL_R_X509_LIB), "x509 lib"},
-    {ERR_REASON(SSL_R_X509_VERIFICATION_SETUP_PROBLEMS),
-     "x509 verification setup problems"},
+static const ERR_STRING_DATA SSL_str_reasons[] = {
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_APP_DATA_IN_HANDSHAKE),
+    "app data in handshake"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT),
+    "attempt to reuse session in different context"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_AT_LEAST_TLS_1_0_NEEDED_IN_FIPS_MODE),
+    "at least TLS 1.0 needed in FIPS mode"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_AT_LEAST_TLS_1_2_NEEDED_IN_SUITEB_MODE),
+    "at least (D)TLS 1.2 needed in Suite B mode"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_BAD_CHANGE_CIPHER_SPEC),
+    "bad change cipher spec"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_BAD_CIPHER), "bad cipher"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_BAD_DATA), "bad data"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_BAD_DATA_RETURNED_BY_CALLBACK),
+    "bad data returned by callback"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_BAD_DECOMPRESSION), "bad decompression"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_BAD_DH_VALUE), "bad dh value"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_BAD_DIGEST_LENGTH), "bad digest length"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_BAD_ECC_CERT), "bad ecc cert"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_BAD_ECPOINT), "bad ecpoint"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_BAD_EXTENSION), "bad extension"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_BAD_HANDSHAKE_LENGTH),
+    "bad handshake length"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_BAD_HELLO_REQUEST), "bad hello request"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_BAD_KEY_SHARE), "bad key share"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_BAD_KEY_UPDATE), "bad key update"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_BAD_LENGTH), "bad length"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_BAD_PACKET_LENGTH), "bad packet length"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_BAD_PROTOCOL_VERSION_NUMBER),
+    "bad protocol version number"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_BAD_PSK_IDENTITY), "bad psk identity"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_BAD_RECORD_TYPE), "bad record type"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_BAD_RSA_ENCRYPT), "bad rsa encrypt"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_BAD_SIGNATURE), "bad signature"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_BAD_SRP_A_LENGTH), "bad srp a length"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_BAD_SRP_PARAMETERS), "bad srp parameters"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_BAD_SRTP_MKI_VALUE), "bad srtp mki value"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST),
+    "bad srtp protection profile list"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_BAD_SSL_FILETYPE), "bad ssl filetype"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_BAD_VALUE), "bad value"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_BAD_WRITE_RETRY), "bad write retry"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_BIO_NOT_SET), "bio not set"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_BLOCK_CIPHER_PAD_IS_WRONG),
+    "block cipher pad is wrong"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_BN_LIB), "bn lib"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_CANNOT_CHANGE_CIPHER),
+    "cannot change cipher"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_CA_DN_LENGTH_MISMATCH),
+    "ca dn length mismatch"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_CA_KEY_TOO_SMALL), "ca key too small"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_CA_MD_TOO_WEAK), "ca md too weak"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_CCS_RECEIVED_EARLY), "ccs received early"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_CERTIFICATE_VERIFY_FAILED),
+    "certificate verify failed"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_CERT_CB_ERROR), "cert cb error"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_CERT_LENGTH_MISMATCH),
+    "cert length mismatch"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_CIPHER_CODE_WRONG_LENGTH),
+    "cipher code wrong length"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_CIPHER_OR_HASH_UNAVAILABLE),
+    "cipher or hash unavailable"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_CLIENTHELLO_TLSEXT), "clienthello tlsext"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_COMPRESSED_LENGTH_TOO_LONG),
+    "compressed length too long"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_COMPRESSION_DISABLED),
+    "compression disabled"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_COMPRESSION_FAILURE),
+    "compression failure"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_COMPRESSION_ID_NOT_WITHIN_PRIVATE_RANGE),
+    "compression id not within private range"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_COMPRESSION_LIBRARY_ERROR),
+    "compression library error"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_CONNECTION_TYPE_NOT_SET),
+    "connection type not set"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_CONTEXT_NOT_DANE_ENABLED),
+    "context not dane enabled"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_COOKIE_GEN_CALLBACK_FAILURE),
+    "cookie gen callback failure"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_COOKIE_MISMATCH), "cookie mismatch"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_CUSTOM_EXT_HANDLER_ALREADY_INSTALLED),
+    "custom ext handler already installed"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_DANE_ALREADY_ENABLED),
+    "dane already enabled"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_DANE_CANNOT_OVERRIDE_MTYPE_FULL),
+    "dane cannot override mtype full"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_DANE_NOT_ENABLED), "dane not enabled"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_DANE_TLSA_BAD_CERTIFICATE),
+    "dane tlsa bad certificate"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_DANE_TLSA_BAD_CERTIFICATE_USAGE),
+    "dane tlsa bad certificate usage"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_DANE_TLSA_BAD_DATA_LENGTH),
+    "dane tlsa bad data length"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_DANE_TLSA_BAD_DIGEST_LENGTH),
+    "dane tlsa bad digest length"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_DANE_TLSA_BAD_MATCHING_TYPE),
+    "dane tlsa bad matching type"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_DANE_TLSA_BAD_PUBLIC_KEY),
+    "dane tlsa bad public key"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_DANE_TLSA_BAD_SELECTOR),
+    "dane tlsa bad selector"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_DANE_TLSA_NULL_DATA),
+    "dane tlsa null data"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_DATA_BETWEEN_CCS_AND_FINISHED),
+    "data between ccs and finished"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_DATA_LENGTH_TOO_LONG),
+    "data length too long"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_DECRYPTION_FAILED), "decryption failed"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC),
+    "decryption failed or bad record mac"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_DH_KEY_TOO_SMALL), "dh key too small"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG),
+    "dh public value length is wrong"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_DIGEST_CHECK_FAILED),
+    "digest check failed"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_DTLS_MESSAGE_TOO_BIG),
+    "dtls message too big"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_DUPLICATE_COMPRESSION_ID),
+    "duplicate compression id"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_ECC_CERT_NOT_FOR_SIGNING),
+    "ecc cert not for signing"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_ECDH_REQUIRED_FOR_SUITEB_MODE),
+    "ecdh required for suiteb mode"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_EE_KEY_TOO_SMALL), "ee key too small"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_EMPTY_SRTP_PROTECTION_PROFILE_LIST),
+    "empty srtp protection profile list"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_ENCRYPTED_LENGTH_TOO_LONG),
+    "encrypted length too long"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST),
+    "error in received cipher list"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_ERROR_SETTING_TLSA_BASE_DOMAIN),
+    "error setting tlsa base domain"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_EXCEEDS_MAX_FRAGMENT_SIZE),
+    "exceeds max fragment size"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_EXCESSIVE_MESSAGE_SIZE),
+    "excessive message size"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_EXTRA_DATA_IN_MESSAGE),
+    "extra data in message"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_EXT_LENGTH_MISMATCH),
+    "ext length mismatch"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_FAILED_TO_INIT_ASYNC),
+    "failed to init async"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_FRAGMENTED_CLIENT_HELLO),
+    "fragmented client hello"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_GOT_A_FIN_BEFORE_A_CCS),
+    "got a fin before a ccs"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_HTTPS_PROXY_REQUEST),
+    "https proxy request"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_HTTP_REQUEST), "http request"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_ILLEGAL_POINT_COMPRESSION),
+    "illegal point compression"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_ILLEGAL_SUITEB_DIGEST),
+    "illegal Suite B digest"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_INAPPROPRIATE_FALLBACK),
+    "inappropriate fallback"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_INCONSISTENT_COMPRESSION),
+    "inconsistent compression"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_INCONSISTENT_EXTMS), "inconsistent extms"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_INVALID_ALERT), "invalid alert"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_INVALID_COMMAND), "invalid command"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_INVALID_COMPRESSION_ALGORITHM),
+    "invalid compression algorithm"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_INVALID_CONFIGURATION_NAME),
+    "invalid configuration name"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_INVALID_CT_VALIDATION_TYPE),
+    "invalid ct validation type"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_INVALID_KEY_UPDATE_TYPE),
+    "invalid key update type"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_INVALID_MAX_EARLY_DATA),
+    "invalid max early data"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_INVALID_NULL_CMD_NAME),
+    "invalid null cmd name"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_INVALID_SEQUENCE_NUMBER),
+    "invalid sequence number"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_INVALID_SERVERINFO_DATA),
+    "invalid serverinfo data"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_INVALID_SRP_USERNAME),
+    "invalid srp username"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_INVALID_STATUS_RESPONSE),
+    "invalid status response"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_INVALID_TICKET_KEYS_LENGTH),
+    "invalid ticket keys length"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_LENGTH_MISMATCH), "length mismatch"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_LENGTH_TOO_LONG), "length too long"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_LENGTH_TOO_SHORT), "length too short"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_LIBRARY_BUG), "library bug"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_LIBRARY_HAS_NO_CIPHERS),
+    "library has no ciphers"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_MISSING_DSA_SIGNING_CERT),
+    "missing dsa signing cert"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_MISSING_ECDSA_SIGNING_CERT),
+    "missing ecdsa signing cert"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_MISSING_RSA_CERTIFICATE),
+    "missing rsa certificate"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_MISSING_RSA_ENCRYPTING_CERT),
+    "missing rsa encrypting cert"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_MISSING_RSA_SIGNING_CERT),
+    "missing rsa signing cert"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_MISSING_SIGALGS_EXTENSION),
+    "missing sigalgs extension"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_MISSING_SRP_PARAM),
+    "can't find SRP server param"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_MISSING_SUPPORTED_GROUPS_EXTENSION),
+    "missing supported groups extension"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_MISSING_TMP_DH_KEY), "missing tmp dh key"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_MISSING_TMP_ECDH_KEY),
+    "missing tmp ecdh key"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_NOT_ON_RECORD_BOUNDARY),
+    "not on record boundary"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_NO_CERTIFICATES_RETURNED),
+    "no certificates returned"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_NO_CERTIFICATE_ASSIGNED),
+    "no certificate assigned"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_NO_CERTIFICATE_SET), "no certificate set"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_NO_CHANGE_FOLLOWING_HRR),
+    "no change following hrr"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_NO_CIPHERS_AVAILABLE),
+    "no ciphers available"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_NO_CIPHERS_SPECIFIED),
+    "no ciphers specified"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_NO_CIPHER_MATCH), "no cipher match"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_NO_CLIENT_CERT_METHOD),
+    "no client cert method"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_NO_COMPRESSION_SPECIFIED),
+    "no compression specified"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_NO_GOST_CERTIFICATE_SENT_BY_PEER),
+    "Peer haven't sent GOST certificate, required for selected ciphersuite"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_NO_METHOD_SPECIFIED),
+    "no method specified"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_NO_PEM_EXTENSIONS), "no pem extensions"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_NO_PRIVATE_KEY_ASSIGNED),
+    "no private key assigned"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_NO_PROTOCOLS_AVAILABLE),
+    "no protocols available"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_NO_RENEGOTIATION), "no renegotiation"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_NO_REQUIRED_DIGEST), "no required digest"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_NO_SHARED_CIPHER), "no shared cipher"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_NO_SHARED_GROUPS), "no shared groups"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_NO_SHARED_SIGNATURE_ALGORITHMS),
+    "no shared signature algorithms"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_NO_SRTP_PROFILES), "no srtp profiles"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_NO_SUITABLE_KEY_SHARE),
+    "no suitable key share"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_NO_SUITABLE_SIGNATURE_ALGORITHM),
+    "no suitable signature algorithm"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_NO_VALID_SCTS), "no valid scts"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_NO_VERIFY_COOKIE_CALLBACK),
+    "no verify cookie callback"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_NULL_SSL_CTX), "null ssl ctx"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_NULL_SSL_METHOD_PASSED),
+    "null ssl method passed"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED),
+    "old session cipher not returned"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_OLD_SESSION_COMPRESSION_ALGORITHM_NOT_RETURNED),
+    "old session compression algorithm not returned"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_PACKET_LENGTH_TOO_LONG),
+    "packet length too long"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_PARSE_TLSEXT), "parse tlsext"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_PATH_TOO_LONG), "path too long"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE),
+    "peer did not return a certificate"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_PEM_NAME_BAD_PREFIX),
+    "pem name bad prefix"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_PEM_NAME_TOO_SHORT), "pem name too short"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_PIPELINE_FAILURE), "pipeline failure"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_PROTOCOL_IS_SHUTDOWN),
+    "protocol is shutdown"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_PSK_IDENTITY_NOT_FOUND),
+    "psk identity not found"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_PSK_NO_CLIENT_CB), "psk no client cb"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_PSK_NO_SERVER_CB), "psk no server cb"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_READ_BIO_NOT_SET), "read bio not set"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_READ_TIMEOUT_EXPIRED),
+    "read timeout expired"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_RECORD_LENGTH_MISMATCH),
+    "record length mismatch"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_RECORD_TOO_SMALL), "record too small"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_RENEGOTIATE_EXT_TOO_LONG),
+    "renegotiate ext too long"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_RENEGOTIATION_ENCODING_ERR),
+    "renegotiation encoding err"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_RENEGOTIATION_MISMATCH),
+    "renegotiation mismatch"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_REQUIRED_CIPHER_MISSING),
+    "required cipher missing"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_REQUIRED_COMPRESSION_ALGORITHM_MISSING),
+    "required compression algorithm missing"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING),
+    "scsv received when renegotiating"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_SCT_VERIFICATION_FAILED),
+    "sct verification failed"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_SERVERHELLO_TLSEXT), "serverhello tlsext"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED),
+    "session id context uninitialized"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_SHUTDOWN_WHILE_IN_INIT),
+    "shutdown while in init"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_SIGNATURE_ALGORITHMS_ERROR),
+    "signature algorithms error"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE),
+    "signature for non signing certificate"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_SRP_A_CALC), "error with the srp params"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_SRTP_COULD_NOT_ALLOCATE_PROFILES),
+    "srtp could not allocate profiles"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_SRTP_PROTECTION_PROFILE_LIST_TOO_LONG),
+    "srtp protection profile list too long"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_SRTP_UNKNOWN_PROTECTION_PROFILE),
+    "srtp unknown protection profile"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_SSL3_EXT_INVALID_SERVERNAME),
+    "ssl3 ext invalid servername"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE),
+    "ssl3 ext invalid servername type"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_SSL3_SESSION_ID_TOO_LONG),
+    "ssl3 session id too long"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_SSLV3_ALERT_BAD_CERTIFICATE),
+    "sslv3 alert bad certificate"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_SSLV3_ALERT_BAD_RECORD_MAC),
+    "sslv3 alert bad record mac"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_SSLV3_ALERT_CERTIFICATE_EXPIRED),
+    "sslv3 alert certificate expired"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_SSLV3_ALERT_CERTIFICATE_REVOKED),
+    "sslv3 alert certificate revoked"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN),
+    "sslv3 alert certificate unknown"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_SSLV3_ALERT_DECOMPRESSION_FAILURE),
+    "sslv3 alert decompression failure"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_SSLV3_ALERT_HANDSHAKE_FAILURE),
+    "sslv3 alert handshake failure"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_SSLV3_ALERT_ILLEGAL_PARAMETER),
+    "sslv3 alert illegal parameter"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_SSLV3_ALERT_NO_CERTIFICATE),
+    "sslv3 alert no certificate"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE),
+    "sslv3 alert unexpected message"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_SSLV3_ALERT_UNSUPPORTED_CERTIFICATE),
+    "sslv3 alert unsupported certificate"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_SSL_COMMAND_SECTION_EMPTY),
+    "ssl command section empty"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_SSL_COMMAND_SECTION_NOT_FOUND),
+    "ssl command section not found"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION),
+    "ssl ctx has no default ssl version"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_SSL_HANDSHAKE_FAILURE),
+    "ssl handshake failure"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS),
+    "ssl library has no ciphers"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_SSL_NEGATIVE_LENGTH),
+    "ssl negative length"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_SSL_SECTION_EMPTY), "ssl section empty"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_SSL_SECTION_NOT_FOUND),
+    "ssl section not found"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_SSL_SESSION_ID_CALLBACK_FAILED),
+    "ssl session id callback failed"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_SSL_SESSION_ID_CONFLICT),
+    "ssl session id conflict"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG),
+    "ssl session id context too long"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH),
+    "ssl session id has bad length"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_SSL_SESSION_ID_TOO_LONG),
+    "ssl session id too long"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_SSL_SESSION_VERSION_MISMATCH),
+    "ssl session version mismatch"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_STILL_IN_INIT), "still in init"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_TLSV1_ALERT_ACCESS_DENIED),
+    "tlsv1 alert access denied"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_TLSV1_ALERT_DECODE_ERROR),
+    "tlsv1 alert decode error"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_TLSV1_ALERT_DECRYPTION_FAILED),
+    "tlsv1 alert decryption failed"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_TLSV1_ALERT_DECRYPT_ERROR),
+    "tlsv1 alert decrypt error"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_TLSV1_ALERT_EXPORT_RESTRICTION),
+    "tlsv1 alert export restriction"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_TLSV1_ALERT_INAPPROPRIATE_FALLBACK),
+    "tlsv1 alert inappropriate fallback"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_TLSV1_ALERT_INSUFFICIENT_SECURITY),
+    "tlsv1 alert insufficient security"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_TLSV1_ALERT_INTERNAL_ERROR),
+    "tlsv1 alert internal error"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_TLSV1_ALERT_NO_RENEGOTIATION),
+    "tlsv1 alert no renegotiation"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_TLSV1_ALERT_PROTOCOL_VERSION),
+    "tlsv1 alert protocol version"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_TLSV1_ALERT_RECORD_OVERFLOW),
+    "tlsv1 alert record overflow"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_TLSV1_ALERT_UNKNOWN_CA),
+    "tlsv1 alert unknown ca"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_TLSV1_ALERT_USER_CANCELLED),
+    "tlsv1 alert user cancelled"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_TLSV1_BAD_CERTIFICATE_HASH_VALUE),
+    "tlsv1 bad certificate hash value"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_TLSV1_BAD_CERTIFICATE_STATUS_RESPONSE),
+    "tlsv1 bad certificate status response"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_TLSV1_CERTIFICATE_UNOBTAINABLE),
+    "tlsv1 certificate unobtainable"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_TLSV1_UNRECOGNIZED_NAME),
+    "tlsv1 unrecognized name"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_TLSV1_UNSUPPORTED_EXTENSION),
+    "tlsv1 unsupported extension"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_TLS_HEARTBEAT_PEER_DOESNT_ACCEPT),
+    "peer does not accept heartbeats"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_TLS_HEARTBEAT_PENDING),
+    "heartbeat request already pending"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_TLS_ILLEGAL_EXPORTER_LABEL),
+    "tls illegal exporter label"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST),
+    "tls invalid ecpointformat list"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_TOO_MANY_KEY_UPDATES),
+    "too many key updates"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_TOO_MANY_WARN_ALERTS),
+    "too many warn alerts"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_TOO_MUCH_EARLY_DATA),
+    "too much early data"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_UNABLE_TO_FIND_ECDH_PARAMETERS),
+    "unable to find ecdh parameters"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS),
+    "unable to find public key parameters"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES),
+    "unable to load ssl3 md5 routines"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES),
+    "unable to load ssl3 sha1 routines"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_UNEXPECTED_END_OF_EARLY_DATA),
+    "unexpected end of early data"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_UNEXPECTED_MESSAGE), "unexpected message"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_UNEXPECTED_RECORD), "unexpected record"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_UNINITIALIZED), "uninitialized"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_UNKNOWN_ALERT_TYPE), "unknown alert type"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_UNKNOWN_CERTIFICATE_TYPE),
+    "unknown certificate type"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_UNKNOWN_CIPHER_RETURNED),
+    "unknown cipher returned"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_UNKNOWN_CIPHER_TYPE),
+    "unknown cipher type"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_UNKNOWN_CMD_NAME), "unknown cmd name"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_UNKNOWN_COMMAND), "unknown command"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_UNKNOWN_DIGEST), "unknown digest"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE),
+    "unknown key exchange type"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_UNKNOWN_PKEY_TYPE), "unknown pkey type"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_UNKNOWN_PROTOCOL), "unknown protocol"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_UNKNOWN_SSL_VERSION),
+    "unknown ssl version"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_UNKNOWN_STATE), "unknown state"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED),
+    "unsafe legacy renegotiation disabled"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_UNSOLICITED_EXTENSION),
+    "unsolicited extension"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM),
+    "unsupported compression algorithm"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_UNSUPPORTED_ELLIPTIC_CURVE),
+    "unsupported elliptic curve"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_UNSUPPORTED_PROTOCOL),
+    "unsupported protocol"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_UNSUPPORTED_SSL_VERSION),
+    "unsupported ssl version"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_UNSUPPORTED_STATUS_TYPE),
+    "unsupported status type"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_USE_SRTP_NOT_NEGOTIATED),
+    "use srtp not negotiated"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_VERSION_TOO_HIGH), "version too high"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_VERSION_TOO_LOW), "version too low"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_WRONG_CERTIFICATE_TYPE),
+    "wrong certificate type"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_WRONG_CIPHER_RETURNED),
+    "wrong cipher returned"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_WRONG_CURVE), "wrong curve"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_WRONG_SIGNATURE_LENGTH),
+    "wrong signature length"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_WRONG_SIGNATURE_SIZE),
+    "wrong signature size"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_WRONG_SIGNATURE_TYPE),
+    "wrong signature type"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_WRONG_SSL_VERSION), "wrong ssl version"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_WRONG_VERSION_NUMBER),
+    "wrong version number"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_X509_LIB), "x509 lib"},
+    {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_X509_VERIFICATION_SETUP_PROBLEMS),
+    "x509 verification setup problems"},
     {0, NULL}
 };
 
@@ -876,10 +1092,9 @@ static ERR_STRING_DATA SSL_str_reasons[] = {
 int ERR_load_SSL_strings(void)
 {
 #ifndef OPENSSL_NO_ERR
-
     if (ERR_func_error_string(SSL_str_functs[0].error) == NULL) {
-        ERR_load_strings(0, SSL_str_functs);
-        ERR_load_strings(0, SSL_str_reasons);
+        ERR_load_strings_const(SSL_str_functs);
+        ERR_load_strings_const(SSL_str_reasons);
     }
 #endif
     return 1;
diff --git a/util/libcrypto.num b/util/libcrypto.num
index 6bb9129..b2e5f68 100644
--- a/util/libcrypto.num
+++ b/util/libcrypto.num
@@ -4296,3 +4296,4 @@ UI_method_get_data_duplicator           4238	1_1_1	EXIST::FUNCTION:UI
 UI_method_set_data_duplicator           4239	1_1_1	EXIST::FUNCTION:UI
 UI_dup_user_data                        4240	1_1_1	EXIST::FUNCTION:UI
 UI_method_get_data_destructor           4241	1_1_1	EXIST::FUNCTION:UI
+ERR_load_strings_const                  4242	1_1_1	EXIST::FUNCTION:
diff --git a/util/mkdef.pl b/util/mkdef.pl
index c9fa98e..0fdf965 100755
--- a/util/mkdef.pl
+++ b/util/mkdef.pl
@@ -48,6 +48,8 @@
 use lib ".";
 use configdata;
 use File::Spec::Functions;
+use File::Basename;
+use if $^O ne "VMS", 'File::Glob' => qw/glob/;
 
 my $debug=0;
 
@@ -223,74 +225,29 @@ $max_ssl = $max_num;
 $max_crypto = $max_num;
 
 my $ssl="include/openssl/ssl.h";
+$ssl.=" include/openssl/sslerr.h";
 $ssl.=" include/openssl/tls1.h";
 $ssl.=" include/openssl/srtp.h";
 
+# When scanning include/openssl, skip all SSL files and some internal ones.
+my %skipthese;
+foreach my $f ( split(/\s+/, $ssl) ) {
+    $skipthese{$f} = 1;
+}
+$skipthese{'include/openssl/conf_api.h'} = 1;
+$skipthese{'include/openssl/ebcdic.h'} = 1;
+$skipthese{'include/openssl/opensslconf.h'} = 1;
+
 # We use headers found in include/openssl and include/internal only.
 # The latter is needed so libssl.so/.dll/.exe can link properly.
-my $crypto ="include/openssl/crypto.h";
+my $crypto ="include/internal/dso.h";
 $crypto.=" include/internal/o_dir.h";
 $crypto.=" include/internal/o_str.h";
 $crypto.=" include/internal/err.h";
-$crypto.=" include/openssl/des.h" ; # unless $no_des;
-$crypto.=" include/openssl/idea.h" ; # unless $no_idea;
-$crypto.=" include/openssl/rc4.h" ; # unless $no_rc4;
-$crypto.=" include/openssl/rc5.h" ; # unless $no_rc5;
-$crypto.=" include/openssl/rc2.h" ; # unless $no_rc2;
-$crypto.=" include/openssl/blowfish.h" ; # unless $no_bf;
-$crypto.=" include/openssl/cast.h" ; # unless $no_cast;
-$crypto.=" include/openssl/whrlpool.h" ;
-$crypto.=" include/openssl/md2.h" ; # unless $no_md2;
-$crypto.=" include/openssl/md4.h" ; # unless $no_md4;
-$crypto.=" include/openssl/md5.h" ; # unless $no_md5;
-$crypto.=" include/openssl/mdc2.h" ; # unless $no_mdc2;
-$crypto.=" include/openssl/sha.h" ; # unless $no_sha;
-$crypto.=" include/openssl/ripemd.h" ; # unless $no_ripemd;
-$crypto.=" include/openssl/aes.h" ; # unless $no_aes;
-$crypto.=" include/openssl/camellia.h" ; # unless $no_camellia;
-$crypto.=" include/openssl/seed.h"; # unless $no_seed;
-
-$crypto.=" include/openssl/bn.h";
-$crypto.=" include/openssl/rsa.h" ; # unless $no_rsa;
-$crypto.=" include/openssl/dsa.h" ; # unless $no_dsa;
-$crypto.=" include/openssl/dh.h" ; # unless $no_dh;
-$crypto.=" include/openssl/ec.h" ; # unless $no_ec;
-$crypto.=" include/openssl/hmac.h" ; # unless $no_hmac;
-$crypto.=" include/openssl/cmac.h" ;
-
-$crypto.=" include/openssl/engine.h"; # unless $no_engine;
-$crypto.=" include/openssl/stack.h" ; # unless $no_stack;
-$crypto.=" include/openssl/buffer.h" ; # unless $no_buffer;
-$crypto.=" include/openssl/bio.h" ; # unless $no_bio;
-$crypto.=" include/internal/dso.h" ; # unless $no_dso;
-$crypto.=" include/openssl/lhash.h" ; # unless $no_lhash;
-$crypto.=" include/openssl/conf.h";
-$crypto.=" include/openssl/txt_db.h";
-
-$crypto.=" include/openssl/evp.h" ; # unless $no_evp;
-$crypto.=" include/openssl/objects.h";
-$crypto.=" include/openssl/pem.h";
-#$crypto.=" include/openssl/meth.h";
-$crypto.=" include/openssl/asn1.h";
-$crypto.=" include/openssl/asn1t.h";
-$crypto.=" include/openssl/err.h" ; # unless $no_err;
-$crypto.=" include/openssl/pkcs7.h";
-$crypto.=" include/openssl/pkcs12.h";
-$crypto.=" include/openssl/x509.h";
-$crypto.=" include/openssl/x509_vfy.h";
-$crypto.=" include/openssl/x509v3.h";
-$crypto.=" include/openssl/ts.h";
-$crypto.=" include/openssl/rand.h";
-$crypto.=" include/openssl/comp.h" ; # unless $no_comp;
-$crypto.=" include/openssl/ocsp.h";
-$crypto.=" include/openssl/ui.h";
-#$crypto.=" include/openssl/store.h";
-$crypto.=" include/openssl/cms.h";
-$crypto.=" include/openssl/srp.h";
-$crypto.=" include/openssl/modes.h";
-$crypto.=" include/openssl/async.h";
-$crypto.=" include/openssl/ct.h";
-$crypto.=" include/openssl/kdf.h";
+foreach my $f ( glob(catfile($config{sourcedir},'include/openssl/*.h')) ) {
+    my $fn = "include/openssl/" . lc(basename($f));
+    $crypto .= " $fn" if !defined $skipthese{$fn} && $f !~ m@/[a-z]+err\.h$@;
+}
 
 my $symhacks="include/openssl/symhacks.h";
 
@@ -380,7 +337,7 @@ sub do_defs
 		{
 		my $fn = catfile($config{sourcedir},$file);
 		print STDERR "DEBUG: starting on $fn:\n" if $debug;
-		open(IN,"<$fn") || die "unable to open $fn:$!\n";
+		open(IN,"<$fn") || die "Can't open $fn, $!,";
 		my $line = "", my $def= "";
 		my %tag = (
 			(map { $_ => 0 } @known_platforms),
diff --git a/util/mkerr.pl b/util/mkerr.pl
old mode 100644
new mode 100755
index 4645658..23e4a22
--- a/util/mkerr.pl
+++ b/util/mkerr.pl
@@ -6,585 +6,534 @@
 # in the file LICENSE in the source distribution or at
 # https://www.openssl.org/source/license.html
 
-my $config = "crypto/err/openssl.ec";
-my $debug = 0;
-my $unref = 0;
-my $rebuild = 0;
-my $static = 1;
-my $recurse = 0;
-my $reindex = 0;
-my $dowrite = 0;
-my $staticloader = "";
-my @t = localtime();
-my $YEAR = @t[5] + 1900;
-
-my $pack_errcode;
-my $load_errcode;
-
-my $errcount;
-my $year = (localtime)[5] + 1900;
-
-while (@ARGV) {
-	my $arg = $ARGV[0];
-	if($arg eq "-conf") {
-		shift @ARGV;
-		$config = shift @ARGV;
-	} elsif($arg eq "-hprefix") {
-		shift @ARGV;
-		$hprefix = shift @ARGV;
-	} elsif($arg eq "-debug") {
-		$debug = 1;
-		$unref = 1;
-		shift @ARGV;
-	} elsif($arg eq "-rebuild") {
-		$rebuild = 1;
-		shift @ARGV;
-	} elsif($arg eq "-recurse") {
-		$recurse = 1;
-		shift @ARGV;
-	} elsif($arg eq "-reindex") {
-		$reindex = 1;
-		shift @ARGV;
-	} elsif($arg eq "-nostatic") {
-		$static = 0;
-		shift @ARGV;
-	} elsif($arg eq "-staticloader") {
-		$staticloader = "static ";
-		shift @ARGV;
-	} elsif($arg eq "-unref") {
-		$unref = 1;
-		shift @ARGV;
-	} elsif($arg eq "-write") {
-		$dowrite = 1;
-		shift @ARGV;
-	} elsif($arg eq "-help" || $arg eq "-h" || $arg eq "-?" || $arg eq "--help") {
-		print STDERR <<"EOF";
-mkerr.pl [options] ...
+use strict;
+use warnings;
+
+my $config       = "crypto/err/openssl.ec";
+my $debug        = 0;
+my $internal     = 0;
+my $nowrite      = 0;
+my $rebuild      = 0;
+my $reindex      = 0;
+my $static       = 0;
+my $unref        = 0;
+
+my $errors       = 0;
+my @t            = localtime();
+my $YEAR         = $t[5] + 1900;
+
+sub phase
+{
+    my $text = uc(shift);
+    print STDERR "\n---\n$text\n" if $debug;
+}
+
+sub help
+{
+    print STDERR <<"EOF";
+mkerr.pl [options] [files...]
 
 Options:
 
-  -conf F       Use the config file F instead of the default one:
-                  crypto/err/openssl.ec
-
-  -hprefix P    Prepend the filenames in generated #include <header>
-                statements with prefix P. Default: 'openssl/' (without
-                the quotes, naturally)
-                NOTE: not used any more because our include directory
-                structure has changed.
-
-  -debug        Turn on debugging verbose output on stderr.
-
-  -rebuild      Rebuild all header and C source files, irrespective of the
-                fact if any error or function codes have been added/removed.
-                Default: only update files for libraries which saw change
-                         (of course, this requires '-write' as well, or no
-                          files will be touched!)
-
-  -recurse      scan a preconfigured set of directories / files for error and
-                function codes:
-                  (<crypto/*.c>, <crypto/*/*.c>, <ssl/*.c>, <apps/*.c>)
-                When this option is NOT specified, the filelist is taken from
-                the commandline instead. Here, wildcards may be embedded. (Be
-                sure to escape those to prevent the shell from expanding them
-                for you when you wish mkerr.pl to do so instead.)
-                Default: take file list to scan from the command line.
-
-  -reindex      Discard the numeric values previously assigned to the error
-                and function codes as extracted from the scanned header files;
-                instead renumber all of them starting from 100. (Note that
-                the numbers assigned through 'R' records in the config file
-                remain intact.)
-                Default: keep previously assigned numbers. (You are warned
-                         when collisions are detected.)
-
-  -nostatic     Generates a different source code, where these additional
-                functions are generated for each library specified in the
-                config file:
-                  void ERR_load_<LIB>_strings(void);
-                  void ERR_unload_<LIB>_strings(void);
-                  void ERR_<LIB>_error(int f, int r, char *fn, int ln);
-                  #define <LIB>err(f,r) ERR_<LIB>_error(f,r,OPENSSL_FILE,OPENSSL_LINE)
-                while the code facilitates the use of these in an environment
-                where the error support routines are dynamically loaded at
-                runtime.
-                Default: 'static' code generation.
-
-  -staticloader Prefix generated functions with the 'static' scope modifier.
-                Default: don't write any scope modifier prefix.
-
-  -unref        Print out unreferenced function and reason codes.
-
-  -write        Actually (over)write the generated code to the header and C
-                source files as assigned to each library through the config
-                file.
-                Default: don't write.
-
-  -help / -h / -? / --help            Show this help text.
-
-  ...           Additional arguments are added to the file list to scan,
-                assuming '-recurse' was NOT specified on the command line.
+    -conf FILE  Use the named config file FILE instead of the default.
+
+    -debug      Verbose output debugging on stderr.
+
+    -internal   Generate code that is to be built as part of OpenSSL itself.
+                Also scans internal list of files.
+
+    -nowrite    Do not write the header/source files, even if changed.
+
+    -rebuild    Rebuild all header and C source files, even if there
+                were no changes.
+
+    -reindex    Ignore previously assigned values (except for R records in
+                the config file) and renumber everything starting at 100.
+
+    -static     Make the load/unload functions static.
+
+    -unref      List all unreferenced function and reason codes on stderr;
+                implies -nowrite.
+
+    -help       Show this help text.
+
+    ...         Additional arguments are added to the file list to scan,
+                if '-internal' was NOT specified on the command line.
 
 EOF
-		exit 1;
-	} else {
-		last;
-	}
 }
 
-if($recurse) {
-	@source = ( <crypto/*.c>, <crypto/*/*.c>, <ssl/*.c>, <ssl/*/*.c> )
-} else {
-	@source = @ARGV;
+while ( @ARGV ) {
+    my $arg = $ARGV[0];
+    last unless $arg =~ /-.*/;
+    $arg = $1 if $arg =~ /-(-.*)/;
+    if ( $arg eq "-conf" ) {
+        $config = $ARGV[1];
+        shift @ARGV;
+    } elsif ( $arg eq "-debug" ) {
+        $debug = 1;
+        $unref = 1;
+    } elsif ( $arg eq "-internal" ) {
+        $internal = 1;
+    } elsif ( $arg eq "-nowrite" ) {
+        $nowrite = 1;
+    } elsif ( $arg eq "-rebuild" ) {
+        $rebuild = 1;
+    } elsif ( $arg eq "-reindex" ) {
+        $reindex = 1;
+    } elsif ( $arg eq "-static" ) {
+        $static = 1;
+    } elsif ( $arg eq "-unref" ) {
+        $unref = 1;
+        $nowrite = 1;
+    } elsif ( $arg =~ /-*h(elp)?/ ) {
+        &help();
+        exit;
+    } elsif ( $arg =~ /-.*/ ) {
+        die "Unknown option $arg; use -h for help.\n";
+    }
+    shift @ARGV;
 }
 
-# Read in the config file
-
-open(IN, "<$config") || die "Can't open config file $config";
+my @source;
+if ( $internal ) {
+    die "Cannot mix -internal and -static\n" if $static;
+    die "Extra parameters given.\n" if @ARGV;
+    @source = ( glob('crypto/*.c'), glob('crypto/*/*.c'),
+                glob('ssl/*.c'), glob('ssl/*/*.c') );
+} else {
+    @source = @ARGV;
+}
 
-# Parse config file
+# Data parsed out of the config and state files.
+my %hinc;       # lib -> header
+my %libinc;     # header -> lib
+my %cskip;      # error_file -> lib
+my %errorfile;  # lib -> error file name
+my %fmax;       # lib -> max assigned function code
+my %rmax;       # lib -> max assigned reason code
+my %fassigned;  # lib -> colon-separated list of assigned function codes
+my %rassigned;  # lib -> colon-separated list of assigned reason codes
+my %fnew;       # lib -> count of new function codes
+my %rnew;       # lib -> count of new reason codes
+my %rextra;     # "extra" reason code -> lib
+my %rcodes;     # reason-name -> value
+my %ftrans;     # old name -> #define-friendly name (all caps)
+my %fcodes;     # function-name -> value
+my $statefile;  # state file with assigned reason and function codes
+
+# Read and parse the config file
+open(IN, "$config") || die "Can't open config file $config, $!,";
+while ( <IN> ) {
+    next if /^#/ || /^$/;
+    if ( /^L\s+(\S+)\s+(\S+)\s+(\S+)/ ) {
+        my $lib = $1;
+        my $hdr = $2;
+        my $err = $3;
+        $hinc{$lib}   = $hdr;
+        $libinc{$hdr} = $lib;
+        $cskip{$err}  = $lib;
+        next if $err eq 'NONE';
+        $errorfile{$lib} = $err;
+        $fmax{$lib}      = 100;
+        $rmax{$lib}      = 100;
+        $fassigned{$lib} = ":";
+        $rassigned{$lib} = ":";
+        $fnew{$lib}      = 0;
+        $rnew{$lib}      = 0;
+    } elsif ( /^R\s+(\S+)\s+(\S+)/ ) {
+        $rextra{$1} = $2;
+        $rcodes{$1} = $2;
+    } elsif ( /^S\s+(\S+)/ ) {
+        $statefile = $1;
+    } else {
+        die "Illegal config line $_\n";
+    }
+}
+close IN;
 
-while(<IN>)
-{
-	if(/^L\s+(\S+)\s+(\S+)\s+(\S+)/) {
-		$hinc{$1} = $2;
-		$libinc{$2} = $1;
-		$cskip{$3} = $1;
-		if($3 ne "NONE") {
-			$csrc{$1} = $3;
-			$fmax{$1} = 100;
-			$rmax{$1} = 100;
-			$fassigned{$1} = ":";
-			$rassigned{$1} = ":";
-			$fnew{$1} = 0;
-			$rnew{$1} = 0;
-		}
-	} elsif (/^F\s+(\S+)/) {
-	# Add extra function with $1
-	} elsif (/^R\s+(\S+)\s+(\S+)/) {
-		$rextra{$1} = $2;
-		$rcodes{$1} = $2;
-	}
+if ( ! $statefile ) {
+    $statefile = $config;
+    $statefile =~ s/.ec/.txt/;
 }
 
-close IN;
+# The statefile has all the previous assignments.
+&phase("Reading state");
+my $skippedstate = 0;
+if ( ! $reindex && $statefile ) {
+    open(STATE, "<$statefile") || die "Can't open $statefile, $!";
+
+    # Scan function and reason codes and store them: keep a note of the
+    # maximum code used.
+    while ( <STATE> ) {
+        next if /^#/ || /^$/;
+        die "Bad line in $statefile:\n$_\n" unless /(\S+)\s+(\d+)/;
+        my $name = $1;
+        my $code = $2;
+        my $lib = $name;
+        $lib =~ s/_.*//;
+        $lib = "SSL" if $lib =~ /TLS/;
+        if ( !defined $errorfile{$lib} ) {
+            print "Skipping $_";
+            $skippedstate++;
+            next;
+        }
+        if ( $name =~ /^[A-Z0-9]+_R_/ ) {
+            die "$lib reason code $code collision at $name\n"
+                if $rassigned{$lib} =~ /:$code:/;
+            $rassigned{$lib} .= "$code:";
+            if ( !exists $rextra{$name} ) {
+                $rmax{$lib} = $code if $code > $rmax{$lib};
+            }
+            $rcodes{$name} = $code;
+        } elsif ( $name =~ /^[A-Z0-9]+_F_/ ) {
+            die "$lib function code $code collision at $name\n"
+                if $fassigned{$lib} =~ /:$code:/;
+            $fassigned{$lib} .= "$code:";
+            $fmax{$lib} = $code if $code > $fmax{$lib};
+            $fcodes{$name} = $code;
+        } else {
+            die "Bad line in $statefile:\n$_\n";
+        }
+    }
+    close(STATE);
+
+    if ( $debug ) {
+        foreach my $lib ( sort keys %rmax ) {
+            print STDERR "Reason codes for ${lib}:\n";
+            if ( $rassigned{$lib} =~ m/^:(.*):$/ ) {
+                my @rassigned = sort { $a <=> $b } split( ":", $1 );
+                print STDERR "  ", join(' ', @rassigned), "\n";
+            } else {
+                print STDERR "  --none--\n";
+            }
+        }
+        print STDERR "\n";
+        foreach my $lib ( sort keys %fmax ) {
+            print STDERR "Function codes for ${lib}:\n";
+            if ( $fassigned{$lib} =~ m/^:(.*):$/ ) {
+                my @fassigned = sort { $a <=> $b } split( ":", $1 );
+                print STDERR "  ", join(' ', @fassigned), "\n";
+            } else {
+                print STDERR "  --none--\n";
+            }
+        }
+    }
+}
 
-# Scan each header file in turn and make a list of error codes
+# Scan each header file and make a list of error codes
 # and function names
+&phase("Scanning headers");
+while ( ( my $hdr, my $lib ) = each %libinc ) {
+    next if $hdr eq "NONE";
+    print STDERR " ." if $debug;
+    my $line = "";
+    my $def = "";
+    my $linenr = 0;
+    my $cpp = 0;
+
+    open(IN, "<$hdr") || die "Can't open $hdr, $!,";
+    while ( <IN> ) {
+        $linenr++;
+
+        if ( $line ne '' ) {
+            $_    = $line . $_;
+            $line = '';
+        }
+
+        if ( /\\$/ ) {
+            $line = $_;
+            next;
+        }
+
+        if ( /\/\*/ ) {
+            if ( not /\*\// ) {    # multiline comment...
+                $line = $_;        # ... just accumulate
+                next;
+            } else {
+                s/\/\*.*?\*\///gs;    # wipe it
+            }
+        }
 
-while (($hdr, $lib) = each %libinc)
-{
-	next if($hdr eq "NONE");
-	print STDERR "Scanning header file $hdr\n" if $debug;
-	my $line = "", $def= "", $linenr = 0, $gotfile = 0, $cpp = 0;
-	if (open(IN, "<$hdr")) {
-	    $gotfile = 1;
-	    while(<IN>) {
-		$linenr++;
-		print STDERR "line: $linenr\r" if $debug;
-
-		last if(/BEGIN\s+ERROR\s+CODES/);
-		if ($line ne '') {
-		    $_ = $line . $_;
-		    $line = '';
-		}
-
-		if (/\\$/) {
-		    $line = $_;
-		    next;
-		}
-
-		if(/\/\*/) {
-		    if (not /\*\//) {		# multiline comment...
-			$line = $_;		# ... just accumulate
-			next;
-		    } else {
-			s/\/\*.*?\*\///gs;	# wipe it
-		    }
-		}
-
-		if ($cpp) {
-		    $cpp++ if /^#\s*if/;
-		    $cpp-- if /^#\s*endif/;
-		    next;
-		}
-		$cpp = 1 if /^#.*ifdef.*cplusplus/;  # skip "C" declaration
-
-		next if (/^\#/);                      # skip preprocessor directives
-
-		s/{[^{}]*}//gs;                      # ignore {} blocks
-
-		if (/\{|\/\*/) { # Add a } so editor works...
-		    $line = $_;
-		} else {
-		    $def .= $_;
-		}
-	    }
-	}
-
-	print STDERR "                                  \r" if $debug;
-        $defnr = 0;
-	# Delete any DECLARE_ macros
-	$def =~ s/DECLARE_\w+\([\w,\s]+\)//gs;
-	foreach (split /;/, $def) {
-	    $defnr++;
-	    print STDERR "def: $defnr\r" if $debug;
-
-	    # The goal is to collect function names from function declarations.
-
-	    s/^[\n\s]*//g;
-	    s/[\n\s]*$//g;
-
-	    # Skip over recognized non-function declarations
-	    next if(/typedef\W/ or /DECLARE_STACK_OF/ or /TYPEDEF_.*_OF/);
-
-	    # Remove STACK_OF(foo)
-	    s/STACK_OF\(\w+\)/void/;
-
-	    # Reduce argument lists to empty ()
-	    # fold round brackets recursively: (t(*v)(t),t) -> (t{}{},t) -> {}
-	    while(/\(.*\)/s) {
-		s/\([^\(\)]+\)/\{\}/gs;
-		s/\(\s*\*\s*(\w+)\s*\{\}\s*\)/$1/gs;	#(*f{}) -> f
-	    }
-	    # pretend as we didn't use curly braces: {} -> ()
-	    s/\{\}/\(\)/gs;
-
-	    if (/(\w+)\s*\(\).*/s) {	# first token prior [first] () is
-		my $name = $1;		# a function name!
-		$name =~ tr/[a-z]/[A-Z]/;
-		$ftrans{$name} = $1;
-	    } elsif (/[\(\)]/ and not (/=/)) {
-		print STDERR "Header $hdr: cannot parse: $_;\n";
-	    }
-	}
-
-	print STDERR "                                  \r" if $debug;
-
-	next if $reindex;
-
-	# Scan function and reason codes and store them: keep a note of the
-	# maximum code used.
-
-	if ($gotfile) {
-	  while(<IN>) {
-		if(/^\#\s*define\s+(\S+)\s+(\S+)/) {
-			$name = $1;
-			$code = $2;
-			next if $name =~ /^${lib}err/;
-			unless($name =~ /^${lib}_([RF])_(\w+)$/) {
-				print STDERR "Invalid error code $name\n";
-				next;
-			}
-			if($1 eq "R") {
-				$rcodes{$name} = $code;
-				if ($rassigned{$lib} =~ /:$code:/) {
-					print STDERR "!! ERROR: $lib reason code $code assigned twice (collision at $name)\n";
-					++$errcount;
-				}
-				$rassigned{$lib} .= "$code:";
-				if(!(exists $rextra{$name}) &&
-					 ($code > $rmax{$lib}) ) {
-					$rmax{$lib} = $code;
-				}
-			} else {
-				if ($fassigned{$lib} =~ /:$code:/) {
-					print STDERR "!! ERROR: $lib function code $code assigned twice (collision at $name)\n";
-					++$errcount;
-				}
-				$fassigned{$lib} .= "$code:";
-				if($code > $fmax{$lib}) {
-					$fmax{$lib} = $code;
-				}
-				$fcodes{$name} = $code;
-			}
-		}
-	  }
-	}
-
-	if ($debug) {
-		if (defined($fmax{$lib})) {
-			print STDERR "Max function code fmax" . "{" . "$lib" . "} = $fmax{$lib}\n";
-			$fassigned{$lib} =~ m/^:(.*):$/;
-			@fassigned = sort {$a <=> $b} split(":", $1);
-			print STDERR "  @fassigned\n";
-		}
-		if (defined($rmax{$lib})) {
-			print STDERR "Max reason code rmax" . "{" . "$lib" . "} = $rmax{$lib}\n";
-			$rassigned{$lib} =~ m/^:(.*):$/;
-			@rassigned = sort {$a <=> $b} split(":", $1);
-			print STDERR "  @rassigned\n";
-		}
-	}
-
-	if ($lib eq "SSL") {
-		if ($rmax{$lib} >= 1000) {
-			print STDERR "!! ERROR: SSL error codes 1000+ are reserved for alerts.\n";
-			print STDERR "!!        Any new alerts must be added to $config.\n";
-			++$errcount;
-			print STDERR "\n";
-		}
-	}
-	close IN;
+        if ( $cpp ) {
+            $cpp++ if /^#\s*if/;
+            $cpp-- if /^#\s*endif/;
+            next;
+        }
+        $cpp = 1 if /^#.*ifdef.*cplusplus/;    # skip "C" declaration
+
+        next if /^\#/;    # skip preprocessor directives
+
+        s/{[^{}]*}//gs;     # ignore {} blocks
+
+        if ( /\{|\/\*/ ) {    # Add a so editor works...
+            $line = $_;
+        } else {
+            $def .= $_;
+        }
+    }
+
+    # Delete any DECLARE_ macros
+    my $defnr = 0;
+    $def =~ s/DECLARE_\w+\([\w,\s]+\)//gs;
+    foreach ( split /;/, $def ) {
+        $defnr++;
+        # The goal is to collect function names from function declarations.
+
+        s/^[\n\s]*//g;
+        s/[\n\s]*$//g;
+
+        # Skip over recognized non-function declarations
+        next if /typedef\W/ or /DECLARE_STACK_OF/ or /TYPEDEF_.*_OF/;
+
+        # Remove STACK_OF(foo)
+        s/STACK_OF\(\w+\)/void/;
+
+        # Reduce argument lists to empty ()
+        # fold round brackets recursively: (t(*v)(t),t) -> (t{}{},t) -> {}
+        while ( /\(.*\)/s ) {
+            s/\([^\(\)]+\)/\{\}/gs;
+            s/\(\s*\*\s*(\w+)\s*\{\}\s*\)/$1/gs;    #(*f{}) -> f
+        }
+
+        # pretend as we didn't use curly braces: {} -> ()
+        s/\{\}/\(\)/gs;
+
+        if ( /(\w+)\s*\(\).*/s ) {    # first token prior [first] () is
+            my $name = $1;          # a function name!
+            $name =~ tr/[a-z]/[A-Z]/;
+            $ftrans{$name} = $1;
+        } elsif ( /[\(\)]/ and not(/=/) ) {
+            print STDERR "Header $hdr: cannot parse: $_;\n";
+        }
+    }
+
+    next if $reindex;
+
+    if ( $lib eq "SSL" && $rmax{$lib} >= 1000 ) {
+        print STDERR "SSL error codes 1000+ are reserved for alerts.\n";
+        print STDERR "Any new alerts must be added to $config.\n";
+        $errors++;
+    }
+    close IN;
 }
+print STDERR "\n" if $debug;
 
 # Scan each C source file and look for function and reason codes
 # This is done by looking for strings that "look like" function or
 # reason codes: basically anything consisting of all upper case and
 # numerics which has _F_ or _R_ in it and which has the name of an
-# error library at the start. This seems to work fine except for the
+# error library at the start.  This seems to work fine except for the
 # oddly named structure BIO_F_CTX which needs to be ignored.
 # If a code doesn't exist in list compiled from headers then mark it
 # with the value "X" as a place holder to give it a value later.
-# Store all function and reason codes found in %ufcodes and %urcodes
+# Store all function and reason codes found in %usedfuncs and %usedreasons
 # so all those unreferenced can be printed out.
-
-
-foreach $file (@source) {
-	# Don't parse the error source file.
-	next if exists $cskip{$file};
-	print STDERR "File loaded: ".$file."\r" if $debug;
-	open(IN, "<$file") || die "Can't open source file $file\n";
-	my $func;
-	my $linenr = 0;
-	while(<IN>) {
-		# skip obsoleted source files entirely!
-		last if(/^#error\s+obsolete/);
-		$linenr++;
-		if (!/;$/ && /^\**([a-zA-Z_].*[\s*])?([A-Za-z_0-9]+)\(.*([),]|$)/)
-			{
-			/^([^()]*(\([^()]*\)[^()]*)*)\(/;
-			$1 =~ /([A-Za-z_0-9]*)$/;
-			$func = $1;
-			}
-
-		if(/(([A-Z0-9]+)_F_([A-Z0-9_]+))/) {
-			next unless exists $csrc{$2};
-			next if($1 eq "BIO_F_BUFFER_CTX");
-			$ufcodes{$1} = 1;
-			if(!exists $fcodes{$1}) {
-				$fcodes{$1} = "X";
-				$fnew{$2}++;
-			}
-			$ftrans{$3} = $func unless exists $ftrans{$3};
-            if (uc $func ne $3) {
+&phase("Scanning source");
+my %usedfuncs;
+my %usedreasons;
+foreach my $file ( @source ) {
+    # Don't parse the error source file.
+    next if exists $cskip{$file};
+    open( IN, "<$file" ) || die "Can't open $file, $!,";
+    my $func;
+    my $linenr = 0;
+    print STDERR "$file:\n" if $debug;
+    while ( <IN> ) {
+
+        # skip obsoleted source files entirely!
+        last if /^#error\s+obsolete/;
+        $linenr++;
+        if ( !/;$/ && /^\**([a-zA-Z_].*[\s*])?([A-Za-z_0-9]+)\(.*([),]|$)/ ) {
+            /^([^()]*(\([^()]*\)[^()]*)*)\(/;
+            $1 =~ /([A-Za-z_0-9]*)$/;
+            $func = $1;
+        }
+
+        if ( /(([A-Z0-9]+)_F_([A-Z0-9_]+))/ ) {
+            next unless exists $errorfile{$2};
+            next if $1 eq "BIO_F_BUFFER_CTX";
+            $usedfuncs{$1} = 1;
+            if ( !exists $fcodes{$1} ) {
+                print STDERR "  New function $1\n" if $debug;
+                $fcodes{$1} = "X";
+                $fnew{$2}++;
+            }
+            $ftrans{$3} = $func unless exists $ftrans{$3};
+            if ( uc($func) ne $3 ) {
                 print STDERR "ERROR: mismatch $file:$linenr $func:$3\n";
-                $errcount++;
+                $errors++;
+            }
+            print STDERR "  Function $1 = $fcodes{$1}\n"
+              if $debug;
+        }
+        if ( /(([A-Z0-9]+)_R_[A-Z0-9_]+)/ ) {
+            next unless exists $errorfile{$2};
+            $usedreasons{$1} = 1;
+            if ( !exists $rcodes{$1} ) {
+                print STDERR "  New reason $1\n" if $debug;
+                $rcodes{$1} = "X";
+                $rnew{$2}++;
             }
-			print STDERR "Function: $1\t= $fcodes{$1} (lib: $2, name: $3)\n" if $debug;
-		}
-		if(/(([A-Z0-9]+)_R_[A-Z0-9_]+)/) {
-			next unless exists $csrc{$2};
-			$urcodes{$1} = 1;
-			if(!exists $rcodes{$1}) {
-				$rcodes{$1} = "X";
-				$rnew{$2}++;
-			}
-			print STDERR "Reason: $1\t= $rcodes{$1} (lib: $2)\n" if $debug;
-		}
-	}
-	close IN;
+            print STDERR "  Reason $1 = $rcodes{$1}\n" if $debug;
+        }
+    }
+    close IN;
 }
-print STDERR "                                  \n" if $debug;
+print STDERR "\n" if $debug;
 
 # Now process each library in turn.
+&phase("Writing files");
+my $newstate = 0;
+foreach my $lib ( keys %errorfile ) {
+    if ( ! $fnew{$lib} && ! $rnew{$lib} ) {
+        next unless $rebuild;
+    }
+    next if $nowrite;
+    print STDERR "$lib: $fnew{$lib} new functions\n" if $fnew{$lib};
+    print STDERR "$lib: $rnew{$lib} new reasons\n" if $rnew{$lib};
+    $newstate = 1;
 
-foreach $lib (keys %csrc)
-{
-	my $hfile = $hinc{$lib};
-	my $cfile = $csrc{$lib};
-	if(!$fnew{$lib} && !$rnew{$lib}) {
-		next unless $rebuild;
-	} else {
-		print STDERR "$lib:\t\t$fnew{$lib} New Functions,";
-		print STDERR " $rnew{$lib} New Reasons.\n";
-		next unless $dowrite;
-	}
-
-	# If we get here then we have some new error codes so we
-	# need to rebuild the header file and C file.
-
-	# Make a sorted list of error and reason codes for later use.
-
-	my @function = sort grep(/^${lib}_/,keys %fcodes);
-	my @reasons = sort grep(/^${lib}_/,keys %rcodes);
-
-	# Rewrite the header file
-
-	$cpp = 0;
-	$cplusplus = 0;
-	if (open(IN, "<$hfile")) {
-	    # Copy across the old file
-	    while(<IN>) {
-		$cplusplus = $cpp if /^#.*ifdef.*cplusplus/;
-		$cpp++ if /^#\s*if/;
-		$cpp-- if /^#\s*endif/;
-		push @out, $_;
-		last if (/BEGIN ERROR CODES/);
-	    }
-	    close IN;
-	} else {
-	    $cpp = 1;
-	    $cplusplus = 1;
-	    push @out,
-"/*\n",
-" * Copyright 1995-$YEAR The OpenSSL Project Authors. All Rights Reserved.\n",
-" *\n",
-" * Licensed under the OpenSSL license (the \"License\").  You may not use\n",
-" * this file except in compliance with the License.  You can obtain a copy\n",
-" * in the file LICENSE in the source distribution or at\n",
-" * https://www.openssl.org/source/license.html\n",
-" */\n",
-"\n",
-"#ifndef HEADER_${lib}_ERR_H\n",
-"# define HEADER_${lib}_ERR_H\n",
-"\n",
-"# ifdef  __cplusplus\n",
-"extern \"C\" {\n",
-"# endif\n",
-"\n",
-"/* BEGIN ERROR CODES */\n";
-	}
-	open (OUT, ">$hfile") || die "Can't Open File $hfile for writing\n";
-
-	print OUT @out;
-	undef @out;
-	print OUT <<"EOF";
+    # If we get here then we have some new error codes so we
+    # need to rebuild the header file and C file.
+
+    # Make a sorted list of error and reason codes for later use.
+    my @function = sort grep( /^${lib}_/, keys %fcodes );
+    my @reasons  = sort grep( /^${lib}_/, keys %rcodes );
+
+    # Rewrite the header file
+
+    my $hfile = $hinc{$lib};
+    $hfile =~ s/.h$/err.h/ if $internal;
+    open( OUT, ">$hfile" ) || die "Can't write to $hfile, $!,";
+    print OUT <<"EOF";
 /*
- * The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
+ * Generated by util/mkerr.pl DO NOT EDIT
+ * Copyright 1995-$YEAR The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the OpenSSL license (the \"License\").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
  */
 
-EOF
-	if($static) {
-		print OUT <<"EOF";
-${staticloader}int ERR_load_${lib}_strings(void);
+#ifndef HEADER_${lib}ERR_H
+# define HEADER_${lib}ERR_H
 
 EOF
-	} else {
-		print OUT <<"EOF";
-${staticloader}int ERR_load_${lib}_strings(void);
-${staticloader}void ERR_unload_${lib}_strings(void);
-${staticloader}void ERR_${lib}_error(int function, int reason, char *file, int line);
-# define ${lib}err(f,r) ERR_${lib}_error((f),(r),OPENSSL_FILE,OPENSSL_LINE)
-
+    if ( $internal ) {
+        # Declare the load function because the generate C file
+        # includes "fooerr.h" not "foo.h"
+        print OUT <<"EOF";
+# ifdef  __cplusplus
+extern \"C\" {
+# endif
+int ERR_load_${lib}_strings(void);
+# ifdef  __cplusplus
+}
+# endif
 EOF
-	}
-	print OUT <<"EOF";
-/* Error codes for the $lib functions. */
+    } else {
+        print OUT <<"EOF";
+# define ${lib}err(f, r) ERR_${lib}_error((f), (r), OPENSSL_FILE, OPENSSL_LINE)
 
-/* Function codes. */
 EOF
+        if ( ! $static ) {
+            print OUT <<"EOF";
+
+# ifdef  __cplusplus
+extern \"C\" {
+# endif
+int ERR_load_${lib}_strings(void);
+void ERR_unload_${lib}_strings(void);
+void ERR_${lib}_error(int function, int reason, char *file, int line);
+# ifdef  __cplusplus
+}
+# endif
+EOF
+        }
+    }
+
+    print OUT "\n/*\n * $lib function codes.\n */\n";
+    foreach my $i ( @function ) {
+        my $z = 48 - length($i);
+        if ( $fcodes{$i} eq "X" ) {
+            $fassigned{$lib} =~ m/^:([^:]*):/;
+            my $findcode = $1;
+            $findcode = $fmax{$lib} if !defined $findcode;
+            while ( $fassigned{$lib} =~ m/:$findcode:/ ) {
+                $findcode++;
+            }
+            $fcodes{$i} = $findcode;
+            $fassigned{$lib} .= "$findcode:";
+            print STDERR "New Function code $i\n" if $debug;
+        }
+        printf OUT "# define $i%s $fcodes{$i}\n", " " x $z;
+    }
 
-	foreach $i (@function) {
-		$z=48 - length($i);
-		if($fcodes{$i} eq "X") {
-			$fassigned{$lib} =~ m/^:([^:]*):/;
-			$findcode = $1;
-			if (!defined($findcode)) {
-				$findcode = $fmax{$lib};
-			}
-			while ($fassigned{$lib} =~ m/:$findcode:/) {
-				$findcode++;
-			}
-			$fcodes{$i} = $findcode;
-			$fassigned{$lib} .= "$findcode:";
-			print STDERR "New Function code $i\n" if $debug;
-		}
-		printf OUT "# define $i%s $fcodes{$i}\n"," " x $z;
-	}
-
-	print OUT "\n/* Reason codes. */\n";
-
-	foreach $i (@reasons) {
-		$z=48 - length($i);
-		if($rcodes{$i} eq "X") {
-			$rassigned{$lib} =~ m/^:([^:]*):/;
-			$findcode = $1;
-			if (!defined($findcode)) {
-				$findcode = $rmax{$lib};
-			}
-			while ($rassigned{$lib} =~ m/:$findcode:/) {
-				$findcode++;
-			}
-			$rcodes{$i} = $findcode;
-			$rassigned{$lib} .= "$findcode:";
-			print STDERR "New Reason code   $i\n" if $debug;
-		}
-		printf OUT "# define $i%s $rcodes{$i}\n"," " x $z;
-	}
-	print OUT <<"EOF";
+    print OUT "\n/*\n * $lib reason codes.\n */\n";
+    foreach my $i ( @reasons ) {
+        my $z = 48 - length($i);
+        if ( $rcodes{$i} eq "X" ) {
+            $rassigned{$lib} =~ m/^:([^:]*):/;
+            my $findcode = $1;
+            $findcode = $rmax{$lib} if !defined $findcode;
+            while ( $rassigned{$lib} =~ m/:$findcode:/ ) {
+                $findcode++;
+            }
+            $rcodes{$i} = $findcode;
+            $rassigned{$lib} .= "$findcode:";
+            print STDERR "New Reason code $i\n" if $debug;
+        }
+        printf OUT "# define $i%s $rcodes{$i}\n", " " x $z;
+    }
+    print OUT "\n";
+
+    print OUT "#endif\n";
+
+    # Rewrite the C source file containing the error details.
+
+    # First, read any existing reason string definitions:
+    my %err_reason_strings;
+    my $cfile = $errorfile{$lib};
+    if ( open( IN, "<$cfile" ) ) {
+        my $line = "";
+        while ( <IN> ) {
+            s|\R$||;    # Better chomp
+            $_    = $line . $_;
+            $line = "";
+            if ( /{ERR_(PACK|FUNC|REASON)\(/ ) {
+                if ( /\b(${lib}_R_\w*)\b.*\"(.*)\"/ ) {
+                    $err_reason_strings{$1} = $2;
+                } elsif ( /\b${lib}_F_(\w*)\b.*\"(.*)\"/ ) {
+                    if ( !exists $ftrans{$1} && $1 ne $2 ) {
+#                       Don't print warning, too noisy. :(
+#                       print STDERR "WARNING: Mismatched/unused function $2\n";
+                        $ftrans{$1} = $2;
+                    }
+                } else {
+                    $line = $_;
+                }
+            }
+        }
+        close(IN);
+    }
 
-EOF
-	do {
-	    if ($cplusplus == $cpp) {
-		print OUT "#", " "x$cpp, "ifdef  __cplusplus\n";
-		print OUT "}\n";
-		print OUT "#", " "x$cpp, "endif\n";
-	    }
-	    if ($cpp-- > 0) {
-		print OUT "#", " "x$cpp, "endif\n";
-	    }
-	} while ($cpp);
-	close OUT;
-
-	# Rewrite the C source file containing the error details.
-
-	# First, read any existing reason string definitions:
-	my %err_reason_strings;
-	if (open(IN,"<$cfile")) {
-		my $line = "";
-		while (<IN>) {
-			s|\R$||; # Better chomp
-			$_ = $line . $_;
-			$line = "";
-			if (/{ERR_(FUNC|REASON)\(/) {
-				if (/\b(${lib}_R_\w*)\b.*\"(.*)\"/) {
-					$err_reason_strings{$1} = $2;
-				} elsif (/\b${lib}_F_(\w*)\b.*\"(.*)\"/) {
-					if (!exists $ftrans{$1} && ($1 ne $2)) {
-						print STDERR "WARNING: Mismatched function string $2\n";
-						$ftrans{$1} = $2;
-					}
-				} else {
-					$line = $_;
-				}
-			}
-		}
-		close(IN);
-	}
-
-
-	my $hincf;
-	if($static) {
-		$hincf = $hfile;
-		$hincf =~ s|.*include/||;
-		if ($hincf =~ m|^openssl/|) {
-			$hincf = "<${hincf}>";
-		} else {
-			$hincf = "\"${hincf}\"";
-		}
-	} else {
-		$hincf = "\"$hfile\"";
-	}
-
-	# If static we know the error code at compile time so use it
-	# in error definitions.
-
-	if ($static)
-		{
-		$pack_errcode = "ERR_LIB_${lib}";
-		$load_errcode = "0";
-		}
-	else
-		{
-		$pack_errcode = "0";
-		$load_errcode = "ERR_LIB_${lib}";
-		}
-
-
-	open (OUT,">$cfile") || die "Can't open $cfile for writing";
-
-	print OUT <<"EOF";
+    my $pack_lib = $internal ? "ERR_LIB_${lib}" : "0";
+    my $hincf = $hfile;
+    $hincf =~ s|.*include/||;
+    if ( $hincf =~ m|^openssl/| ) {
+        $hincf = "<${hincf}>";
+    } else {
+        $hincf = "\"${hincf}\"";
+    }
+
+    open( OUT, ">$cfile" )
+        || die "Can't open $cfile for writing, $!, stopped";
+
+    my $const = $internal ? 'const ' : '';
+
+    print OUT <<"EOF";
 /*
  * Generated by util/mkerr.pl DO NOT EDIT
  * Copyright 1995-$YEAR The OpenSSL Project Authors. All Rights Reserved.
@@ -595,177 +544,163 @@ EOF
  * https://www.openssl.org/source/license.html
  */
 
-#include <stdio.h>
 #include <openssl/err.h>
 #include $hincf
 
-/* BEGIN ERROR CODES */
 #ifndef OPENSSL_NO_ERR
 
-# define ERR_FUNC(func) ERR_PACK($pack_errcode,func,0)
-# define ERR_REASON(reason) ERR_PACK($pack_errcode,0,reason)
-
-static ERR_STRING_DATA ${lib}_str_functs[] = {
+static ${const}ERR_STRING_DATA ${lib}_str_functs[] = {
 EOF
-	# Add each function code: if a function name is found then use it.
-	foreach $i (@function) {
-		my $fn;
-		$i =~ /^${lib}_F_(\S+)$/;
-		$fn = $1;
-		if(exists $ftrans{$fn}) {
-			$fn = $ftrans{$fn};
-		}
-#		print OUT "{ERR_PACK($pack_errcode,$i,0),\t\"$fn\"},\n";
-		if(length($i) + length($fn) > 57) {
-			print OUT "    {ERR_FUNC($i),\n     \"$fn\"},\n";
-		} else {
-			print OUT "    {ERR_FUNC($i), \"$fn\"},\n";
-		}
-	}
-	print OUT <<"EOF";
+
+    # Add each function code: if a function name is found then use it.
+    foreach my $i ( @function ) {
+        my $fn;
+        $i =~ /^${lib}_F_(\S+)$/;
+        $fn = $1;
+        $fn = $ftrans{$fn} if exists $ftrans{$fn};
+        my $short = "    {ERR_PACK($pack_lib, $i, 0), \"$fn\"},";
+        if ( length($short) <= 80 ) {
+            print OUT "$short\n";
+        } else {
+            print OUT "    {ERR_PACK($pack_lib, $i, 0),\n     \"$fn\"},\n";
+        }
+    }
+    print OUT <<"EOF";
     {0, NULL}
 };
 
-static ERR_STRING_DATA ${lib}_str_reasons[] = {
+static ${const}ERR_STRING_DATA ${lib}_str_reasons[] = {
 EOF
-	# Add each reason code.
-	foreach $i (@reasons) {
-		my $rn;
-		my $rstr = "ERR_REASON($i)";
-		if (exists $err_reason_strings{$i}) {
-			$rn = $err_reason_strings{$i};
-		} else {
-			$i =~ /^${lib}_R_(\S+)$/;
-			$rn = $1;
-			$rn =~ tr/_[A-Z]/ [a-z]/;
-		}
-		if(length($i) + length($rn) > 55) {
-			print OUT "    {${rstr},\n     \"$rn\"},\n";
-		} else {
-			print OUT "    {${rstr}, \"$rn\"},\n";
-		}
-	}
-if($static) {
-	print OUT <<"EOF";
+
+    # Add each reason code.
+    foreach my $i ( @reasons ) {
+        my $rn;
+        if ( exists $err_reason_strings{$i} ) {
+            $rn = $err_reason_strings{$i};
+        } else {
+            $i =~ /^${lib}_R_(\S+)$/;
+            $rn = $1;
+            $rn =~ tr/_[A-Z]/ [a-z]/;
+        }
+        my $short = "    {ERR_PACK($pack_lib, 0, $i), \"$rn\"},";
+        if ( length($short) <= 80 ) {
+            print OUT "$short\n";
+        } else {
+            print OUT "    {ERR_PACK($pack_lib, 0, $i),\n    \"$rn\"},\n";
+        }
+    }
+    print OUT <<"EOF";
     {0, NULL}
 };
 
 #endif
+EOF
+    if ( $internal ) {
+        print OUT <<"EOF";
 
-${staticloader}int ERR_load_${lib}_strings(void)
+int ERR_load_${lib}_strings(void)
 {
 #ifndef OPENSSL_NO_ERR
-
     if (ERR_func_error_string(${lib}_str_functs[0].error) == NULL) {
-        ERR_load_strings($load_errcode, ${lib}_str_functs);
-        ERR_load_strings($load_errcode, ${lib}_str_reasons);
+        ERR_load_strings_const(${lib}_str_functs);
+        ERR_load_strings_const(${lib}_str_reasons);
     }
 #endif
     return 1;
 }
 EOF
-} else {
-	print OUT <<"EOF";
-    {0, NULL}
-};
+    } else {
+        my $st = $static ? "static " : "";
+        print OUT <<"EOF";
 
-#endif
+static int lib_code = 0;
+static int error_loaded = 0;
 
-#ifdef ${lib}_LIB_NAME
-static ERR_STRING_DATA ${lib}_lib_name[] = {
-    {0, ${lib}_LIB_NAME},
-    {0, NULL}
-};
-#endif
-
-static int ${lib}_lib_error_code = 0;
-static int ${lib}_error_init = 1;
-
-${staticloader}int ERR_load_${lib}_strings(void)
+${st}int ERR_load_${lib}_strings(void)
 {
-    if (${lib}_lib_error_code == 0)
-        ${lib}_lib_error_code = ERR_get_next_error_library();
+    if (lib_code == 0)
+        lib_code = ERR_get_next_error_library();
 
-    if (${lib}_error_init) {
-        ${lib}_error_init = 0;
+    if (!error_loaded) {
 #ifndef OPENSSL_NO_ERR
-        ERR_load_strings(${lib}_lib_error_code, ${lib}_str_functs);
-        ERR_load_strings(${lib}_lib_error_code, ${lib}_str_reasons);
-#endif
-
-#ifdef ${lib}_LIB_NAME
-        ${lib}_lib_name->error = ERR_PACK(${lib}_lib_error_code, 0, 0);
-        ERR_load_strings(0, ${lib}_lib_name);
+        ERR_load_strings(lib_code, ${lib}_str_functs);
+        ERR_load_strings(lib_code, ${lib}_str_reasons);
 #endif
+        error_loaded = 1;
     }
     return 1;
 }
 
-${staticloader}void ERR_unload_${lib}_strings(void)
+${st}void ERR_unload_${lib}_strings(void)
 {
-    if (${lib}_error_init == 0) {
+    if (error_loaded) {
 #ifndef OPENSSL_NO_ERR
-        ERR_unload_strings(${lib}_lib_error_code, ${lib}_str_functs);
-        ERR_unload_strings(${lib}_lib_error_code, ${lib}_str_reasons);
-#endif
-
-#ifdef ${lib}_LIB_NAME
-        ERR_unload_strings(0, ${lib}_lib_name);
+        ERR_unload_strings(lib_code, ${lib}_str_functs);
+        ERR_unload_strings(lib_code, ${lib}_str_reasons);
 #endif
-        ${lib}_error_init = 1;
+        error_loaded = 0;
     }
 }
 
-${staticloader}void ERR_${lib}_error(int function, int reason, char *file, int line)
+${st}void ERR_${lib}_error(int function, int reason, char *file, int line)
 {
-    if (${lib}_lib_error_code == 0)
-        ${lib}_lib_error_code = ERR_get_next_error_library();
-    ERR_PUT_error(${lib}_lib_error_code, function, reason, file, line);
+    if (lib_code == 0)
+        lib_code = ERR_get_next_error_library();
+    ERR_PUT_error(lib_code, function, reason, file, line);
 }
 EOF
 
-}
-
-	close OUT;
-	undef %err_reason_strings;
-}
+    }
 
-if($debug && %notrans) {
-	print STDERR "The following function codes were not translated:\n";
-	foreach(sort keys %notrans)
-	{
-		print STDERR "$_\n";
-	}
+    close OUT;
+    undef %err_reason_strings;
 }
 
+&phase("Ending");
 # Make a list of unreferenced function and reason codes
-
-foreach (keys %fcodes) {
-	push (@funref, $_) unless exists $ufcodes{$_};
-}
-
-foreach (keys %rcodes) {
-	push (@runref, $_) unless exists $urcodes{$_};
-}
-
-if($unref && @funref) {
-	print STDERR "The following function codes were not referenced:\n";
-	foreach(sort @funref)
-	{
-		print STDERR "$_\n";
-	}
+if ( $unref ) {
+    my @funref;
+    foreach ( keys %fcodes ) {
+        push( @funref, $_ ) unless exists $usedfuncs{$_};
+    }
+    my @runref;
+    foreach ( keys %rcodes ) {
+        push( @runref, $_ ) unless exists $usedreasons{$_};
+    }
+    if ( @funref ) {
+        print STDERR "The following function codes were not referenced:\n";
+        foreach ( sort @funref ) {
+            print STDERR "  $_\n";
+        }
+    }
+    if ( @runref ) {
+        print STDERR "The following reason codes were not referenced:\n";
+        foreach ( sort @runref ) {
+            print STDERR "  $_\n";
+        }
+    }
 }
 
-if($unref && @runref) {
-	print STDERR "The following reason codes were not referenced:\n";
-	foreach(sort @runref)
-	{
-		print STDERR "$_\n";
-	}
-}
+die "Found $errors errors, quitting" if $errors;
 
-if($errcount) {
-	print STDERR "There were errors, failing...\n\n";
-	exit $errcount;
+# Update the state file
+if ( $newstate )  {
+    open(OUT, ">$statefile.new")
+        || die "Can't write $statefile.new, $!";
+    foreach my $i ( sort keys %fcodes ) {
+        print OUT "$i $fcodes{$i}\n";
+    }
+    foreach my $i ( sort keys %rcodes ) {
+        print OUT "$i $rcodes{$i}\n" if !exists $rextra{$i};
+    }
+    close(OUT);
+    if ( $skippedstate ) {
+        print "Skipped state, leaving update in $statefile.new";
+    } else {
+        rename "$statefile", "$statefile.old"
+            || die "Can't backup $statefile to $statefile.old, $!";
+        rename "$statefile.new", "$statefile"
+            || die "Can't rename $statefile to $statefile.new, $!";
+    }
 }
-
+exit;


More information about the openssl-commits mailing list