diff --git a/src/sha.erl b/src/sha.erl
index 44a552bb9..591ed6f30 100644
--- a/src/sha.erl
+++ b/src/sha.erl
@@ -27,10 +27,27 @@
 -module(sha).
 -author('alexey@process-one.net').
 
--export([start/0, sha/1]).
+-export([start/0, sha/1, sha1/1, sha224/1, sha256/1, sha384/1, sha512/1]).
+
+-include("ejabberd.hrl").
+
+-define(DRIVER, sha_drv).
 
 start() ->
-    crypto:start().
+    crypto:start(),
+    Res = case erl_ddll:load_driver(ejabberd:get_so_path(), ?DRIVER) of
+	      ok -> ok;
+	      {error, already_loaded} -> ok;
+	      Err -> Err
+	  end,
+    case Res of
+	ok ->
+	    Port = open_port({spawn, ?DRIVER}, [binary]),
+	    register(?DRIVER, Port);
+	{error, Reason} ->
+	    ?CRITICAL_MSG("unable to load driver '~s': ~s",
+			  [driver_path(), erl_ddll:format_error(Reason)])
+    end.
 
 digit_to_xchar(D) when (D >= 0) and (D < 10) ->
     D + 48;
@@ -47,3 +64,24 @@ ints_to_rxstr([N | Ns], Res) ->
     ints_to_rxstr(Ns, [digit_to_xchar(N rem 16),
 		       digit_to_xchar(N div 16) | Res]).
 
+sha1(Text) ->
+    crypto:sha(Text).
+
+sha224(Text) ->
+    erlang:port_control(?DRIVER, 224, Text).
+
+sha256(Text) ->
+    erlang:port_control(?DRIVER, 256, Text).
+
+sha384(Text) ->
+    erlang:port_control(?DRIVER, 384, Text).
+
+sha512(Text) ->
+    erlang:port_control(?DRIVER, 512, Text).
+
+driver_path() ->
+    Suffix = case os:type() of
+		 {win32, _} -> ".dll";
+		 _ -> ".so"
+	     end,
+    filename:join(ejabberd:get_so_path(), atom_to_list(?DRIVER) ++ Suffix).
diff --git a/src/tls/Makefile.in b/src/tls/Makefile.in
index 0622d36f2..131e92b44 100644
--- a/src/tls/Makefile.in
+++ b/src/tls/Makefile.in
@@ -29,7 +29,7 @@ ifdef debug
 	EFLAGS+=+debug_info +export_all
 endif
 
-ERLSHLIBS = ../tls_drv.so
+ERLSHLIBS = ../tls_drv.so ../sha_drv.so
 OUTDIR = ..
 SOURCES = $(wildcard *.erl)
 BEAMS = $(addprefix $(OUTDIR)/,$(SOURCES:.erl=.beam))
diff --git a/src/tls/Makefile.win32 b/src/tls/Makefile.win32
index 4ead4f26e..b982791e2 100644
--- a/src/tls/Makefile.win32
+++ b/src/tls/Makefile.win32
@@ -6,9 +6,9 @@ EFLAGS = -I .. -pz ..
 OUTDIR = ..
 BEAMS = ..\tls.beam
 
-SOURCE = tls_drv.c
-OBJECT = tls_drv.o
-DLL    = $(OUTDIR)\tls_drv.dll
+SOURCE = tls_drv.c sha_drv.c
+OBJECT = tls_drv.o sha_drv.o
+DLL    = $(OUTDIR)\tls_drv.dll $(OUTPUT)\sha_drv.dll
 
 ALL : $(DLL) $(BEAMS)
 
@@ -16,6 +16,8 @@ CLEAN :
 	-@erase $(DLL)
 	-@erase $(OUTDIR)\tls_drv.exp
 	-@erase $(OUTDIR)\tls_drv.lib
+	-@erase $(OUTDIR)\sha_drv.exp
+	-@erase $(OUTDIR)\sha_drv.lib
 	-@erase $(OBJECT)
 	-@erase $(BEAMS)
 
diff --git a/src/tls/sha_drv.c b/src/tls/sha_drv.c
new file mode 100644
index 000000000..bfb101391
--- /dev/null
+++ b/src/tls/sha_drv.c
@@ -0,0 +1,88 @@
+/*
+ * ejabberd, Copyright (C) 2002-2010   ProcessOne
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License as
+ * published by the Free Software Foundation; either version 2 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
+ * 02111-1307 USA
+ *
+ */
+
+#include <erl_driver.h>
+#include <openssl/sha.h>
+
+static ErlDrvData sha_drv_start(ErlDrvPort port, char *buf)
+{
+  set_port_control_flags(port, PORT_CONTROL_FLAG_BINARY);
+  return NULL;
+}
+
+static int sha_drv_control(ErlDrvData handle,
+			   unsigned int command,
+			   char *buf, int len,
+			   char **rbuf, int rlen)
+{
+  ErlDrvBinary *b = NULL;
+
+  switch (command) {
+  case 224:
+    rlen = SHA224_DIGEST_LENGTH;
+    b = driver_alloc_binary(rlen);
+    if (b) SHA224((unsigned char*)buf, len, (unsigned char*)b->orig_bytes);
+    break;
+  case 256:
+    rlen = SHA256_DIGEST_LENGTH;
+    b = driver_alloc_binary(rlen);
+    if (b) SHA256((unsigned char*)buf, len, (unsigned char*)b->orig_bytes);
+    break;
+  case 384:
+    rlen = SHA384_DIGEST_LENGTH;
+    b = driver_alloc_binary(rlen);
+    if (b) SHA384((unsigned char*)buf, len, (unsigned char*)b->orig_bytes);
+    break;
+  case 512:
+    rlen = SHA512_DIGEST_LENGTH;
+    b = driver_alloc_binary(rlen);
+    if (b) SHA512((unsigned char*)buf, len, (unsigned char*)b->orig_bytes);
+    break;
+  };
+  
+  if (b) {
+    *rbuf = (char *)b;
+  } else {
+    *rbuf = NULL;
+    rlen = 0;
+  };
+
+  return rlen;
+}
+
+ErlDrvEntry sha_driver_entry = {
+  NULL,			/* F_PTR init, N/A */
+  sha_drv_start,        /* L_PTR start, called when port is opened */
+  NULL,                 /* F_PTR stop, called when port is closed */
+  NULL,			/* F_PTR output, called when erlang has sent */
+  NULL,			/* F_PTR ready_input, called when input descriptor ready */
+  NULL,			/* F_PTR ready_output, called when output descriptor ready */
+  "sha_drv",		/* char *driver_name, the argument to open_port */
+  NULL,                 /* F_PTR finish, called when unloaded */
+  NULL,			/* handle */
+  sha_drv_control,	/* F_PTR control, port_command callback */
+  NULL,			/* F_PTR timeout, reserved */
+  NULL			/* F_PTR outputv, reserved */
+};
+
+DRIVER_INIT(sha_drv) /* must match name in driver_entry */
+{
+  return &sha_driver_entry;
+}