diff --git a/apps/snmpusm.c b/apps/snmpusm.c
index 42919bd..6aa34ce 100644
--- a/apps/snmpusm.c
+++ b/apps/snmpusm.c
@@ -190,6 +190,7 @@ get_USM_DH_key(netsnmp_variable_list *vars, netsnmp_variable_list *dhvar,
                oid *keyoid, size_t keyoid_len) {
     u_char *dhkeychange;
     DH *dh;
+    const BIGNUM *p, *g, *pub_key;
     BIGNUM *other_pub;
     u_char *key;
     size_t key_len;
@@ -205,25 +206,28 @@ get_USM_DH_key(netsnmp_variable_list *vars, netsnmp_variable_list *dhvar,
         dh = d2i_DHparams(NULL, &cp, dhvar->val_len);
     }
 
-    if (!dh || !dh->g || !dh->p) {
+    if (dh)
+	    DH_get0_pqg(dh, &p, NULL, &g);
+
+    if (!dh || !g || !p) {
         SNMP_FREE(dhkeychange);
         return SNMPERR_GENERR;
     }
 
-    DH_generate_key(dh);
-    if (!dh->pub_key) {
+    if (!DH_generate_key(dh)) {
         SNMP_FREE(dhkeychange);
         return SNMPERR_GENERR;
     }
             
-    if (vars->val_len != (unsigned int)BN_num_bytes(dh->pub_key)) {
+    DH_get0_key(dh, &pub_key, NULL);
+    if (vars->val_len != (unsigned int)BN_num_bytes(pub_key)) {
         SNMP_FREE(dhkeychange);
         fprintf(stderr,"incorrect diffie-helman lengths (%lu != %d)\n",
-                (unsigned long)vars->val_len, BN_num_bytes(dh->pub_key));
+                (unsigned long)vars->val_len, BN_num_bytes(pub_key));
         return SNMPERR_GENERR;
     }
 
-    BN_bn2bin(dh->pub_key, dhkeychange + vars->val_len);
+    BN_bn2bin(pub_key, dhkeychange + vars->val_len);
 
     key_len = DH_size(dh);
     if (!key_len) {
diff --git a/snmplib/keytools.c b/snmplib/keytools.c
index 0ccb3a6..a957c92 100644
--- a/snmplib/keytools.c
+++ b/snmplib/keytools.c
@@ -152,7 +152,7 @@ generate_Ku(const oid * hashtype, u_int hashtype_len,
 #ifdef HAVE_EVP_MD_CTX_CREATE
     ctx = EVP_MD_CTX_create();
 #else
-    ctx = malloc(sizeof(*ctx));
+    ctx = EVP_MD_CTX_new();
     if (!EVP_MD_CTX_init(ctx))
         return SNMPERR_GENERR;
 #endif
@@ -262,8 +262,7 @@ generate_Ku(const oid * hashtype, u_int hashtype_len,
 #ifdef HAVE_EVP_MD_CTX_DESTROY
         EVP_MD_CTX_destroy(ctx);
 #else
-        EVP_MD_CTX_cleanup(ctx);
-        free(ctx);
+        EVP_MD_CTX_free(ctx);
 #endif
     }
 #endif
diff --git a/snmplib/scapi.c b/snmplib/scapi.c
index 16ac829..89e9036 100644
--- a/snmplib/scapi.c
+++ b/snmplib/scapi.c
@@ -489,7 +489,7 @@ sc_hash(const oid * hashtype, size_t hashtypelen, const u_char * buf,
 #ifdef HAVE_EVP_MD_CTX_CREATE
     cptr = EVP_MD_CTX_create();
 #else
-    cptr = malloc(sizeof(*cptr));
+    cptr = EVP_MD_CTX_new();
 #if defined(OLD_DES)
     memset(cptr, 0, sizeof(*cptr));
 #else
@@ -511,10 +511,11 @@ sc_hash(const oid * hashtype, size_t hashtypelen, const u_char * buf,
     EVP_MD_CTX_destroy(cptr);
 #else
 #if !defined(OLD_DES)
-    EVP_MD_CTX_cleanup(cptr);
-#endif
+    EVP_MD_CTX_free(cptr);
+#else
     free(cptr);
 #endif
+#endif
     return (rval);
 
 #elif NETSNMP_USE_INTERNAL_CRYPTO