diff --git a/sys/src/cmd/gs/mkfile b/sys/src/cmd/gs/mkfile
index 2567b2ddb..50f162bf4 100644
--- a/sys/src/cmd/gs/mkfile
+++ b/sys/src/cmd/gs/mkfile
@@ -64,8 +64,7 @@ BIN=/$objtype/bin
 TARG=gs
 OFILES=\
 	obj/gs.$O\
-	`{sed 's#^./obj/(.*)\.o .*#obj/\1.$O#' src/ld.tr >[2] /dev/null | sort} \
-	/$objtype/lib/ape/libcrypto.a
+	`{sed 's#^./obj/(.*)\.o .*#obj/\1.$O#' src/ld.tr >[2] /dev/null | sort}
 
 # The first driver is the default.
 DRIVERS=\
diff --git a/sys/src/cmd/gs/src/saes.c b/sys/src/cmd/gs/src/saes.c
index 14d60dd77..552b0529b 100644
--- a/sys/src/cmd/gs/src/saes.c
+++ b/sys/src/cmd/gs/src/saes.c
@@ -102,19 +102,20 @@ s_aes_process(stream_state * ss, stream_cursor_read * pr,
     if (state->keylength < 1 || state->keylength > SAES_MAX_KEYLENGTH)
         return ERRC;
     if (!state->initialized) {
-        memset(&state->aes, 0, sizeof(state->aes));
-        AES_set_decrypt_key(state->key, state->keylength*8, &state->aes);
+        if (in_size < 16) return 0; /* get more data */
 
         /* read the initialization vector from the first 16 bytes */
-        if (in_size < 16) return 0; /* get more data */
         memcpy(state->iv, pr->ptr + 1, 16);
-        state->initialized = 1;
         pr->ptr += 16;
+
+        setupAESstate(&state->aes, state->key, state->keylength, state->iv);
+        state->initialized = 1;
     }
 
     /* decrypt available blocks */
     while (pr->ptr + 16 <= limit) {
-      AES_cbc_encrypt(pr->ptr + 1, temp, 16, &state->aes, state->iv, AES_DECRYPT);
+      memcpy(temp, pr->ptr + 1, 16);
+      aesCBCdecrypt(temp, 16, &state->aes);
       pr->ptr += 16;
       if (last && pr->ptr == pr->limit) {
         /* we're on the last block; unpad if necessary */
diff --git a/sys/src/cmd/gs/src/saes.h b/sys/src/cmd/gs/src/saes.h
index a11695145..53f73e73f 100644
--- a/sys/src/cmd/gs/src/saes.h
+++ b/sys/src/cmd/gs/src/saes.h
@@ -21,7 +21,9 @@
 #  define saes_INCLUDED
 
 #include "scommon.h"
-#include <openssl/aes.h>
+
+#define _PLAN9_SOURCE
+#include <libsec.h>
 
 /* maximum supported key length in bytes */
 #define SAES_MAX_KEYLENGTH 32
@@ -36,7 +38,7 @@ struct stream_aes_state_s
     unsigned char iv[16];	/* CBC initialization vector */
     int initialized;		/* whether we're set up */
     int use_padding;		/* are we using RFC 1423-style padding? */
-    AES_KEY aes;
+    AESstate aes;
 };
 
 #ifndef stream_aes_state_DEFINED