diff --git a/CHANGES b/CHANGES
index 157dfc23cb..96a0188daf 100644
--- a/CHANGES
+++ b/CHANGES
@@ -4,6 +4,10 @@
 
  Changes between 0.9.8e and 0.9.8f-fips  [xx XXX xxxx]
 
+  *) Updates to WIN32 build system. Make use of AES assembly language routines.
+     Use assembly language routines in FIPS compilation.
+     [Steve Henson]
+
   *) Use standard implementations of SHAx, DES, AES under crypto/ in FIPS
      mode to avoid having to maintain two versions. This will also make use
      of appropriate assembly language optimizations.
diff --git a/ms/do_masm.bat b/ms/do_masm.bat
index 720d6f367b..d522232ce7 100755
--- a/ms/do_masm.bat
+++ b/ms/do_masm.bat
@@ -1,63 +1,68 @@
-@echo off
-echo Generating x86 for MASM assember
-
-echo Bignum
-cd crypto\bn\asm
-perl x86.pl win32 > bn_win32.asm
-cd ..\..\..
-
-echo DES
-cd crypto\des\asm
-perl des-586.pl win32 > d_win32.asm
-cd ..\..\..
-
-echo "crypt(3)"
-
-cd crypto\des\asm
-perl crypt586.pl win32 > y_win32.asm
-cd ..\..\..
-
-echo Blowfish
-
-cd crypto\bf\asm
-perl bf-586.pl win32 > b_win32.asm
-cd ..\..\..
-
-echo CAST5
-cd crypto\cast\asm
-perl cast-586.pl win32 > c_win32.asm
-cd ..\..\..
-
-echo RC4
-cd crypto\rc4\asm
-perl rc4-586.pl win32 > r4_win32.asm
-cd ..\..\..
-
-echo MD5
-cd crypto\md5\asm
-perl md5-586.pl win32 > m5_win32.asm
-cd ..\..\..
-
-echo SHA1
-cd crypto\sha\asm
-perl sha1-586.pl win32 > s1_win32.asm
-cd ..\..\..
-
-echo RIPEMD160
-cd crypto\ripemd\asm
-perl rmd-586.pl win32 > rm_win32.asm
-cd ..\..\..
-
-echo RC5\32
-cd crypto\rc5\asm
-perl rc5-586.pl win32 > r5_win32.asm
-cd ..\..\..
-
-echo on
-
-perl util\mkfiles.pl >MINFO
-perl util\mk1mf.pl VC-WIN32 >ms\nt.mak
-perl util\mk1mf.pl dll VC-WIN32 >ms\ntdll.mak
-
-perl util\mkdef.pl 32 libeay > ms\libeay32.def
-perl util\mkdef.pl 32 ssleay > ms\ssleay32.def
+@echo off
+echo Generating x86 for MASM assember
+
+echo Bignum
+cd crypto\bn\asm
+perl x86.pl win32 > bn_win32.asm
+cd ..\..\..
+
+echo AES
+cd crypto\aes\asm
+perl aes-586.pl win32 > a_win32.asm
+cd ..\..\..
+
+echo DES
+cd crypto\des\asm
+perl des-586.pl win32 > d_win32.asm
+cd ..\..\..
+
+echo "crypt(3)"
+
+cd crypto\des\asm
+perl crypt586.pl win32 > y_win32.asm
+cd ..\..\..
+
+echo Blowfish
+
+cd crypto\bf\asm
+perl bf-586.pl win32 > b_win32.asm
+cd ..\..\..
+
+echo CAST5
+cd crypto\cast\asm
+perl cast-586.pl win32 > c_win32.asm
+cd ..\..\..
+
+echo RC4
+cd crypto\rc4\asm
+perl rc4-586.pl win32 > r4_win32.asm
+cd ..\..\..
+
+echo MD5
+cd crypto\md5\asm
+perl md5-586.pl win32 > m5_win32.asm
+cd ..\..\..
+
+echo SHA1
+cd crypto\sha\asm
+perl sha1-586.pl win32 > s1_win32.asm
+cd ..\..\..
+
+echo RIPEMD160
+cd crypto\ripemd\asm
+perl rmd-586.pl win32 > rm_win32.asm
+cd ..\..\..
+
+echo RC5\32
+cd crypto\rc5\asm
+perl rc5-586.pl win32 > r5_win32.asm
+cd ..\..\..
+
+echo on
+
+perl util\mkfiles.pl >MINFO
+perl util\mk1mf.pl VC-WIN32 >ms\nt.mak
+perl util\mk1mf.pl dll VC-WIN32 >ms\ntdll.mak
+
+perl util\mkdef.pl 32 libeay > ms\libeay32.def
+perl util\mkdef.pl 32 ssleay > ms\ssleay32.def
diff --git a/ms/do_nasm.bat b/ms/do_nasm.bat
index 0b51f80704..9a27b1af66 100755
--- a/ms/do_nasm.bat
+++ b/ms/do_nasm.bat
@@ -1,65 +1,70 @@
-
-@echo off
-echo Generating x86 for NASM assember
-
-echo Bignum
-cd crypto\bn\asm
-perl x86.pl win32n > bn_win32.asm
-cd ..\..\..
-
-echo DES
-cd crypto\des\asm
-perl des-586.pl win32n > d_win32.asm
-cd ..\..\..
-
-echo "crypt(3)"
-
-cd crypto\des\asm
-perl crypt586.pl win32n > y_win32.asm
-cd ..\..\..
-
-echo Blowfish
-
-cd crypto\bf\asm
-perl bf-586.pl win32n > b_win32.asm
-cd ..\..\..
-
-echo CAST5
-cd crypto\cast\asm
-perl cast-586.pl win32n > c_win32.asm
-cd ..\..\..
-
-echo RC4
-cd crypto\rc4\asm
-perl rc4-586.pl win32n > r4_win32.asm
-cd ..\..\..
-
-echo MD5
-cd crypto\md5\asm
-perl md5-586.pl win32n > m5_win32.asm
-cd ..\..\..
-
-echo SHA1
-cd crypto\sha\asm
-perl sha1-586.pl win32n > s1_win32.asm
-cd ..\..\..
-
-echo RIPEMD160
-cd crypto\ripemd\asm
-perl rmd-586.pl win32n > rm_win32.asm
-cd ..\..\..
-
-echo RC5\32
-cd crypto\rc5\asm
-perl rc5-586.pl win32n > r5_win32.asm
-cd ..\..\..
-
-echo on
-
-perl util\mkfiles.pl >MINFO
-perl util\mk1mf.pl nasm VC-WIN32 >ms\nt.mak
-perl util\mk1mf.pl dll nasm VC-WIN32 >ms\ntdll.mak
-perl util\mk1mf.pl nasm BC-NT >ms\bcb.mak
-
-perl util\mkdef.pl 32 libeay > ms\libeay32.def
-perl util\mkdef.pl 32 ssleay > ms\ssleay32.def
+
+@echo off
+echo Generating x86 for NASM assember
+
+echo Bignum
+cd crypto\bn\asm
+perl x86.pl win32n > bn_win32.asm
+cd ..\..\..
+
+echo AES
+cd crypto\aes\asm
+perl aes-586.pl win32n > a_win32.asm
+cd ..\..\..
+
+echo DES
+cd crypto\des\asm
+perl des-586.pl win32n > d_win32.asm
+cd ..\..\..
+
+echo "crypt(3)"
+
+cd crypto\des\asm
+perl crypt586.pl win32n > y_win32.asm
+cd ..\..\..
+
+echo Blowfish
+
+cd crypto\bf\asm
+perl bf-586.pl win32n > b_win32.asm
+cd ..\..\..
+
+echo CAST5
+cd crypto\cast\asm
+perl cast-586.pl win32n > c_win32.asm
+cd ..\..\..
+
+echo RC4
+cd crypto\rc4\asm
+perl rc4-586.pl win32n > r4_win32.asm
+cd ..\..\..
+
+echo MD5
+cd crypto\md5\asm
+perl md5-586.pl win32n > m5_win32.asm
+cd ..\..\..
+
+echo SHA1
+cd crypto\sha\asm
+perl sha1-586.pl win32n > s1_win32.asm
+cd ..\..\..
+
+echo RIPEMD160
+cd crypto\ripemd\asm
+perl rmd-586.pl win32n > rm_win32.asm
+cd ..\..\..
+
+echo RC5\32
+cd crypto\rc5\asm
+perl rc5-586.pl win32n > r5_win32.asm
+cd ..\..\..
+
+echo on
+
+perl util\mkfiles.pl >MINFO
+perl util\mk1mf.pl nasm VC-WIN32 >ms\nt.mak
+perl util\mk1mf.pl dll nasm VC-WIN32 >ms\ntdll.mak
+perl util\mk1mf.pl nasm BC-NT >ms\bcb.mak
+
+perl util\mkdef.pl 32 libeay > ms\libeay32.def
+perl util\mkdef.pl 32 ssleay > ms\ssleay32.def
diff --git a/util/mk1mf.pl b/util/mk1mf.pl
index 99b6d321f0..b2d7153c24 100755
--- a/util/mk1mf.pl
+++ b/util/mk1mf.pl
@@ -373,6 +373,10 @@ if ($fips)
 		}
 
 	$fips_exclude_obj{"bn_asm"} = 1;
+	$fips_exclude_obj{"des_enc"} = 1;
+	$fips_exclude_obj{"fcrypt_b"} = 1;
+	$fips_exclude_obj{"aes_core"} = 1;
+	$fips_exclude_obj{"aes_cbc"} = 1;
 
 	my @ltmp = split " ", $lib_obj{"CRYPTO"};
 
@@ -530,6 +534,8 @@ LFLAGS=$lflags
 RSC=$rsc
 FIPSLINK=\$(PERL) util${o}fipslink.pl
 
+AES_ASM_OBJ=$aes_asm_obj
+AES_ASM_SRC=$aes_asm_src
 BN_ASM_OBJ=$bn_asm_obj
 BN_ASM_SRC=$bn_asm_src
 BNCO_ASM_OBJ=$bnco_asm_obj
@@ -779,21 +785,35 @@ foreach (values %lib_nam)
 		next;
 		}
 
-	if (($bn_asm_obj ne "") && ($_ eq "CRYPTO"))
+	if ((!$fips && ($_ eq "CRYPTO")) || ($fips && ($_ eq "FIPS")))
 		{
-		$lib_obj =~ s/\s\S*\/bn_asm\S*/ \$(BN_ASM_OBJ)/;
-		$rules.=&do_asm_rule($bn_asm_obj,$bn_asm_src);
-		}
-	if (($bnco_asm_obj ne "") && ($_ eq "CRYPTO"))
-		{
-		$lib_obj .= "\$(BNCO_ASM_OBJ)";
-		$rules.=&do_asm_rule($bnco_asm_obj,$bnco_asm_src);
-		}
-	if (($des_enc_obj ne "") && ($_ eq "CRYPTO"))
-		{
-		$lib_obj =~ s/\s\S*des_enc\S*/ \$(DES_ENC_OBJ)/;
-		$lib_obj =~ s/\s\S*\/fcrypt_b\S*\s*/ /;
-		$rules.=&do_asm_rule($des_enc_obj,$des_enc_src);
+		if ($aes_asm_obj ne "")
+			{
+			$lib_obj =~ s/\s(\S*\/aes_core\S*)/ \$(AES_ASM_OBJ)/;
+			$lib_obj =~ s/\s\S*\/aes_cbc\S*//;
+			$rules.=&do_asm_rule($aes_asm_obj,$aes_asm_src);
+			}
+		if ($sha1_asm_obj ne "")
+			{
+			$lib_obj =~ s/\s(\S*\/sha1dgst\S*)/ $1 \$(SHA1_ASM_OBJ)/;
+			$rules.=&do_asm_rule($sha1_asm_obj,$sha1_asm_src);
+			}
+		if ($bn_asm_obj ne "")
+			{
+			$lib_obj =~ s/\s\S*\/bn_asm\S*/ \$(BN_ASM_OBJ)/;
+			$rules.=&do_asm_rule($bn_asm_obj,$bn_asm_src);
+			}
+		if ($bnco_asm_obj ne "")
+			{
+			$lib_obj .= "\$(BNCO_ASM_OBJ)";
+			$rules.=&do_asm_rule($bnco_asm_obj,$bnco_asm_src);
+			}
+		if ($des_enc_obj ne "")
+			{
+			$lib_obj =~ s/\s\S*des_enc\S*/ \$(DES_ENC_OBJ)/;
+			$lib_obj =~ s/\s\S*\/fcrypt_b\S*\s*/ /;
+			$rules.=&do_asm_rule($des_enc_obj,$des_enc_src);
+			}
 		}
 	if (($bf_enc_obj ne "") && ($_ eq "CRYPTO"))
 		{
@@ -820,11 +840,6 @@ foreach (values %lib_nam)
 		$lib_obj =~ s/\s(\S*\/md5_dgst\S*)/ $1 \$(MD5_ASM_OBJ)/;
 		$rules.=&do_asm_rule($md5_asm_obj,$md5_asm_src);
 		}
-	if (($sha1_asm_obj ne "") && ($_ eq "CRYPTO"))
-		{
-		$lib_obj =~ s/\s(\S*\/sha1dgst\S*)/ $1 \$(SHA1_ASM_OBJ)/;
-		$rules.=&do_asm_rule($sha1_asm_obj,$sha1_asm_src);
-		}
 	if (($rmd160_asm_obj ne "") && ($_ eq "CRYPTO"))
 		{
 		$lib_obj =~ s/\s(\S*\/rmd_dgst\S*)/ $1 \$(RMD160_ASM_OBJ)/;
@@ -858,9 +873,19 @@ EOF
 $defs.=&do_defs("T_EXE",$test,"\$(TEST_D)",$exep);
 foreach (split(/\s+/,$test))
 	{
+	my $t_libs;
 	$t=&bname($_);
+	if ($fipsdso && /fips-1.0/)
+		{
+		$t_libs = "\$(L_FIPS)";
+		}
+	else
+		{
+		$t_libs = "\$(L_LIBS)";
+		}
+	
 	$tt="\$(OBJ_D)${o}$t${obj}";
-	$rules.=&do_link_rule("\$(TEST_D)$o$t$exep",$tt,"\$(LIBS_DEP)","\$(L_LIBS) \$(EX_LIBS)");
+	$rules.=&do_link_rule("\$(TEST_D)$o$t$exep",$tt,"\$(LIBS_DEP)","$t_libs \$(EX_LIBS)");
 	}
 
 $defs.=&do_defs("E_SHLIB",$engines,"\$(ENG_D)",$shlibp);
@@ -917,7 +942,7 @@ if ($fips)
 	$rules.= &do_rlink_rule("\$(O_FIPSCANISTER)", "\$(OBJ_D)${o}fips_start$obj", "\$(FIPSOBJ)", "\$(OBJ_D)${o}fips_end$obj", "\$(FIPS_SHA1_EXE)", "") if $fipscanisterbuild;
 	$rules.=&do_link_rule("\$(PREMAIN_DSO_EXE)","\$(OBJ_D)${o}\$(E_PREMAIN_DSO)$obj \$(CRYPTOOBJ) \$(O_FIPSCANISTER)","","\$(EX_LIBS)", 1);
 	
-	$rules.=&do_link_rule("\$(FIPS_SHA1_EXE)","\$(OBJ_D)${o}fips_standalone_sha1$obj \$(OBJ_D)${o}sha1dgst$obj","","", 1);
+	$rules.=&do_link_rule("\$(FIPS_SHA1_EXE)","\$(OBJ_D)${o}fips_standalone_sha1$obj \$(OBJ_D)${o}sha1dgst$obj \$(SHA1_ASM_OBJ)","","", 1);
 	}
 
 $rules.=&do_link_rule("\$(BIN_D)$o\$(E_EXE)$exep","\$(E_OBJ)","\$(LIBS_DEP)","\$(L_LIBS) \$(EX_LIBS)",0);
@@ -1067,6 +1092,7 @@ sub do_defs
 		elsif ($_ =~ /RC5_ENC/)	{ $t="$_ "; }
 		elsif ($_ =~ /MD5_ASM/)	{ $t="$_ "; }
 		elsif ($_ =~ /SHA1_ASM/){ $t="$_ "; }
+		elsif ($_ =~ /AES_ASM/){ $t="$_ "; }
 		elsif ($_ =~ /RMD160_ASM/){ $t="$_ "; }
 		elsif ($_ =~ /CPUID_ASM/){ $t="$_ "; }
 		else	{ $t="$location${o}$_$pf "; }
diff --git a/util/pl/VC-32.pl b/util/pl/VC-32.pl
index 9902205839..6f64f3abf4 100644
--- a/util/pl/VC-32.pl
+++ b/util/pl/VC-32.pl
@@ -180,6 +180,7 @@ if ($nasm) {
 	$afile='/Fo';
 }
 
+$aes_asm_obj='';
 $bn_asm_obj='';
 $bn_asm_src='';
 $des_enc_obj='';
@@ -187,8 +188,10 @@ $des_enc_src='';
 $bf_enc_obj='';
 $bf_enc_src='';
 
-if (!$no_asm && !$fips)
+if (!$no_asm)
 	{
+	$aes_asm_obj='crypto\aes\asm\a_win32.obj';
+	$aes_asm_src='crypto\aes\asm\a_win32.asm';
 	$bn_asm_obj='crypto\bn\asm\bn_win32.obj';
 	$bn_asm_src='crypto\bn\asm\bn_win32.asm';
 	$des_enc_obj='crypto\des\asm\d_win32.obj crypto\des\asm\y_win32.obj';
@@ -207,7 +210,7 @@ if (!$no_asm && !$fips)
 	$sha1_asm_src='crypto\sha\asm\s1_win32.asm';
 	$rmd160_asm_obj='crypto\ripemd\asm\rm_win32.obj';
 	$rmd160_asm_src='crypto\ripemd\asm\rm_win32.asm';
-	$cflags.=" -DBN_ASM -DMD5_ASM -DSHA1_ASM -DRMD160_ASM";
+	$cflags.=" -DAES_ASM -DBN_ASM -DMD5_ASM -DSHA1_ASM -DRMD160_ASM";
 	}
 
 if ($shlib && $FLAVOR !~ /CE/)