This can be used to speed up SRTP with libsrtp, e.g. on TI omap/sitara based devices.

Improve CBC decrypt and CTR by ~13/16%, which adds up to ~25/33%
improvement over "pre-Silvermont" version. [Add performance table to
aesni-x86.pl].

When a chain is complete and ends in a trusted root checks are also
performed on the TA and the callback notified with ok==1. For
consistency do the same for chains where the TA is not self signed.

(other processors unaffected).

Atom Silvermont. On other CPUs one can observe 1% loss on some
algorithms.

+5% on Atom Silvermont, up to +8% improvement of legacy code.
Harmonize sha1-586.pl and aesni-sha1-x86_86.p with sha1-x86_64.pl.

Always add a dynamically loaded ENGINE to list. Otherwise it can cause
problems when multiply loaded, especially if it adds new public key methods.
For all current engines we only want a single implementation anyway.

If available rdrand is used as an additional entropy source for the
PRNG and for additional input in FIPS mode.

(and shave off cycle even from integer-only code)

(and update performance data, and fix typo)

but keep it disabled, too little gain... Add some Atom-specific
optimization.

PR: 3202

If content is detached and not binary mode translate the input to
CRLF format. Before this change the input was verified verbatim
which lead to a discrepancy between sign and verify.

(cherry picked from commit a6c62f0c25a756c263a80ce52afbae888028e986)

(and ensure stack alignment in the process)

It worked because it was never called.

SHA512_Transform was initially added rather as tribute to tradition
than for practucal reasons. But use was recently found in ssl/s3_cbc.c
and it turned to be problematic on platforms that don't tolerate
misasligned references to memory and lack assembly subroutine.

Move the IP, email and host checking fields from the public
X509_VERIFY_PARAM structure into an opaque X509_VERIFY_PARAM_ID
structure. By doing this the structure can be modified in future
without risk of breaking any applications.
(cherry picked from commit adc6bd73e3bd10ce6e76867482e8d137071298d7)

Conflicts:

	crypto/x509/x509_vpm.c

For consistency with other cases if we are performing
partial chain verification with just one certificate
notify the callback with ok==1.
(cherry picked from commit 852553d9005e13aed7feb986a5d71cb885b994c7)