Marin Kraemer <Martin.Kraemer@MchP.Siemens.De> sent us patches to make
the OpenSSL commands x50 and req work better on a EBCDIC system.
diff --git a/CHANGES b/CHANGES
index dcb354f..50a643e 100644
--- a/CHANGES
+++ b/CHANGES
@@ -4,6 +4,10 @@
 
  Changes between 0.9.5a and 0.9.6  [xx XXX 2000]
 
+  *) Add a few more EBCDIC conditionals that make `req' and `x509'
+     work better on such systems.
+     [Martin Kraemer <Martin.Kraemer@MchP.Siemens.De>]
+
   *) Add two demo programs for PKCS12_parse() and PKCS12_create().
      Update PKCS12_parse() so it copies the friendlyName and the
      keyid to the certificates aux info.
diff --git a/apps/req.c b/apps/req.c
index 6a225bb..2c1b9ee 100644
--- a/apps/req.c
+++ b/apps/req.c
@@ -1099,7 +1099,11 @@
 		 * multiple instances 
 		 */
 		for(p = v->name; *p ; p++) 
+#ifndef CHARSET_EBCDIC
 			if ((*p == ':') || (*p == ',') || (*p == '.')) {
+#else
+			if ((*p == os_toascii[':']) || (*p == os_toascii[',']) || (*p == os_toascii['.'])) {
+#endif
 				p++;
 				if(*p) type = p;
 				break;
@@ -1215,6 +1219,9 @@
 		return(0);
 		}
 	buf[--i]='\0';
+#ifdef CHARSET_EBCDIC
+	ebcdic2ascii(buf, buf, i);
+#endif
 	if(!req_check_len(i, min, max)) goto start;
 
 	if(!X509_REQ_add1_attr_by_NID(req, nid, MBSTRING_ASC,
diff --git a/crypto/asn1/a_mbstr.c b/crypto/asn1/a_mbstr.c
index 9842b65..5d981c6 100644
--- a/crypto/asn1/a_mbstr.c
+++ b/crypto/asn1/a_mbstr.c
@@ -385,9 +385,16 @@
 	/* Note: we can't use 'isalnum' because certain accented 
 	 * characters may count as alphanumeric in some environments.
 	 */
+#ifndef CHARSET_EBCDIC
 	if((ch >= 'a') && (ch <= 'z')) return 1;
 	if((ch >= 'A') && (ch <= 'Z')) return 1;
 	if((ch >= '0') && (ch <= '9')) return 1;
 	if ((ch == ' ') || strchr("'()+,-./:=?", ch)) return 1;
+#else /*CHARSET_EBCDIC*/
+	if((ch >= os_toascii['a']) && (ch <= os_toascii['z'])) return 1;
+	if((ch >= os_toascii['A']) && (ch <= os_toascii['Z'])) return 1;
+	if((ch >= os_toascii['0']) && (ch <= os_toascii['9'])) return 1;
+	if ((ch == os_toascii[' ']) || strchr("'()+,-./:=?", os_toebcdic[ch])) return 1;
+#endif /*CHARSET_EBCDIC*/
 	return 0;
 }
diff --git a/crypto/x509v3/v3_utl.c b/crypto/x509v3/v3_utl.c
index 0976bcc..e6e99b2 100644
--- a/crypto/x509v3/v3_utl.c
+++ b/crypto/x509v3/v3_utl.c
@@ -331,6 +331,7 @@
 
 /* Given a buffer of length 'len' return a OPENSSL_malloc'ed string with its
  * hex representation
+ * @@@ (Contents of buffer are always kept in ASCII, also on EBCDIC machines)
  */
 
 char *hex_to_string(unsigned char *buffer, long len)
@@ -351,6 +352,10 @@
 		*q++ = ':';
 	}
 	q[-1] = 0;
+#ifdef CHARSET_EBCDIC
+	ebcdic2ascii(tmp, tmp, q - tmp - 1);
+#endif
+
 	return tmp;
 }
 
@@ -369,8 +374,14 @@
 	if(!(hexbuf = OPENSSL_malloc(strlen(str) >> 1))) goto err;
 	for(p = (unsigned char *)str, q = hexbuf; *p;) {
 		ch = *p++;
+#ifdef CHARSET_EBCDIC
+		ch = os_toebcdic[ch];
+#endif
 		if(ch == ':') continue;
 		cl = *p++;
+#ifdef CHARSET_EBCDIC
+		cl = os_toebcdic[cl];
+#endif
 		if(!cl) {
 			X509V3err(X509V3_F_STRING_TO_HEX,X509V3_R_ODD_NUMBER_OF_DIGITS);
 			OPENSSL_free(hexbuf);