diff --git a/source/lobby/scripting/JSInterface_Lobby.cpp b/source/lobby/scripting/JSInterface_Lobby.cpp
index be6fc5dd10..0d553455a5 100644
--- a/source/lobby/scripting/JSInterface_Lobby.cpp
+++ b/source/lobby/scripting/JSInterface_Lobby.cpp
@@ -22,8 +22,8 @@
 #include "gui/GUIManager.h"
 #include "lib/utf8.h"
 #include "lobby/IXmppClient.h"
-#include "lobby/pkcs5_pbkdf2.h"
-#include "lobby/sha.h"
+#include "third_party/encryption/pkcs5_pbkdf2.h"
+#include "third_party/encryption/sha.h"
 
 #include "scriptinterface/ScriptInterface.h"
 
@@ -246,8 +246,8 @@ std::string JSI_Lobby::EncryptPassword(const std::string& password, const std::s
 	char hex[2 * DIGESTSIZE];
 	for (int i = 0; i < DIGESTSIZE; ++i)
 	{
-		hex[i*2] = base16[encrypted[i] >> 4];		   // 4 high bits
-		hex[i*2 + 1] = base16[encrypted[i] & 0x0F];// 4 low bits
+		hex[i*2] = base16[encrypted[i] >> 4];		// 4 high bits
+		hex[i*2 + 1] = base16[encrypted[i] & 0x0F];	// 4 low bits
 	}
 	return std::string(hex, sizeof(hex));
 }
diff --git a/source/lobby/pkcs5_pbkdf2.cpp b/source/third_party/encryption/pkcs5_pbkdf2.cpp
similarity index 100%
rename from source/lobby/pkcs5_pbkdf2.cpp
rename to source/third_party/encryption/pkcs5_pbkdf2.cpp
diff --git a/source/lobby/pkcs5_pbkdf2.h b/source/third_party/encryption/pkcs5_pbkdf2.h
similarity index 95%
rename from source/lobby/pkcs5_pbkdf2.h
rename to source/third_party/encryption/pkcs5_pbkdf2.h
index 77948ebcfd..ca74031cc1 100644
--- a/source/lobby/pkcs5_pbkdf2.h
+++ b/source/third_party/encryption/pkcs5_pbkdf2.h
@@ -23,8 +23,8 @@
 #ifndef PKCS5_PBKD2_INCLUDED
 #define PKCS5_PBKD2_INCLUDED
 
-#define SHA_DIGEST_SIZE 32
-
+// We need to know SHA_DIGEST_SIZE.
+#include "third_party/encryption/sha.h"
 
 /**
  * Simple PBKDF2 implementation for hard to crack passwords
diff --git a/source/lobby/sha.cpp b/source/third_party/encryption/sha.cpp
similarity index 100%
rename from source/lobby/sha.cpp
rename to source/third_party/encryption/sha.cpp
diff --git a/source/lobby/sha.h b/source/third_party/encryption/sha.h
similarity index 98%
rename from source/lobby/sha.h
rename to source/third_party/encryption/sha.h
index 2ba97c088a..bea4b0671e 100644
--- a/source/lobby/sha.h
+++ b/source/third_party/encryption/sha.h
@@ -23,6 +23,8 @@
 #ifndef SHA_INCLUDED
 #define SHA_INCLUDED
 
+#define SHA_DIGEST_SIZE 32
+
 /**
  * Structure for performing SHA256 encryption on arbitrary data
  */
diff --git a/source/third_party/encryption/tests/test_pkcs5_pbkdf5.cpp b/source/third_party/encryption/tests/test_pkcs5_pbkdf5.cpp
new file mode 100644
index 0000000000..ae499b78d9
--- /dev/null
+++ b/source/third_party/encryption/tests/test_pkcs5_pbkdf5.cpp
@@ -0,0 +1,26 @@
+/* Generated file, do not edit */
+
+#ifndef CXXTEST_RUNNING
+#define CXXTEST_RUNNING
+#endif
+
+#define _CXXTEST_HAVE_STD
+#include "precompiled.h"
+#include <cxxtest/TestListener.h>
+#include <cxxtest/TestTracker.h>
+#include <cxxtest/TestRunner.h>
+#include <cxxtest/RealDescriptions.h>
+
+#include "../../../source/third_party/encryption/tests/test_pkcs5_pbkdf5.h"
+
+static TestEncryptionPkcs5Pbkd2 suite_TestEncryptionPkcs5Pbkd2;
+
+static CxxTest::List Tests_TestEncryptionPkcs5Pbkd2 = { 0, 0 };
+CxxTest::StaticSuiteDescription suiteDescription_TestEncryptionPkcs5Pbkd2( "../../../source/third_party/encryption/tests/test_pkcs5_pbkdf5.h", 22, "TestEncryptionPkcs5Pbkd2", suite_TestEncryptionPkcs5Pbkd2, Tests_TestEncryptionPkcs5Pbkd2 );
+
+static class TestDescription_TestEncryptionPkcs5Pbkd2_test_pkcs5_pbkd2 : public CxxTest::RealTestDescription {
+public:
+ TestDescription_TestEncryptionPkcs5Pbkd2_test_pkcs5_pbkd2() : CxxTest::RealTestDescription( Tests_TestEncryptionPkcs5Pbkd2, suiteDescription_TestEncryptionPkcs5Pbkd2, 25, "test_pkcs5_pbkd2" ) {}
+ void runTest() { suite_TestEncryptionPkcs5Pbkd2.test_pkcs5_pbkd2(); }
+} testDescription_TestEncryptionPkcs5Pbkd2_test_pkcs5_pbkd2;
+
diff --git a/source/third_party/encryption/tests/test_pkcs5_pbkdf5.h b/source/third_party/encryption/tests/test_pkcs5_pbkdf5.h
new file mode 100644
index 0000000000..da5a8d3626
--- /dev/null
+++ b/source/third_party/encryption/tests/test_pkcs5_pbkdf5.h
@@ -0,0 +1,69 @@
+/* Copyright (C) 2014 Wildfire Games.
+ * This file is part of 0 A.D.
+ *
+ * 0 A.D. is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * 0 A.D. is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with 0 A.D.  If not, see <http://www.gnu.org/licenses/>.
+ */
+
+#include "lib/self_test.h"
+
+#include "third_party/encryption/pkcs5_pbkdf2.h"
+
+class TestEncryptionPkcs5Pbkd2 : public CxxTest::TestSuite 
+{
+public:
+	void test_pkcs5_pbkd2()
+	{
+		// Mock salt.
+		const unsigned char salt_buffer[SHA_DIGEST_SIZE] = {
+			244, 243, 249, 244, 32, 33, 34, 35, 10, 11, 12, 13, 14, 15, 16, 17,
+			18, 19, 20, 32, 33, 244, 224, 127, 129, 130, 140, 153, 133, 123, 234, 123 };
+		// Mock passwords.
+		const char password1[] = "0adr0ckz";
+		const char password2[] = "0adIsAws0me";
+
+		// Run twice with the same input.
+		unsigned char encrypted1A[SHA_DIGEST_SIZE], encrypted1B[SHA_DIGEST_SIZE];
+		pbkdf2(encrypted1A, (unsigned char*)password1, sizeof(password1), salt_buffer, SHA_DIGEST_SIZE, 50);
+		pbkdf2(encrypted1B, (unsigned char*)password1, sizeof(password1), salt_buffer, SHA_DIGEST_SIZE, 50);
+
+		// Test that the result does not equal input.
+		TS_ASSERT_DIFFERS(*password1, *encrypted1A);
+		TS_ASSERT_DIFFERS(*salt_buffer, *encrypted1A);
+
+		// Test determinism.
+		TS_ASSERT_EQUALS(*encrypted1A, *encrypted1B);
+
+		// Run twice again with more iterations.
+		unsigned char encrypted2A[SHA_DIGEST_SIZE], encrypted2B[SHA_DIGEST_SIZE];
+		pbkdf2(encrypted2A, (unsigned char*)password1, sizeof(password1), salt_buffer, SHA_DIGEST_SIZE, 100);
+		pbkdf2(encrypted2B, (unsigned char*)password1, sizeof(password1), salt_buffer, SHA_DIGEST_SIZE, 100);
+
+		// Test determinism.
+		TS_ASSERT_EQUALS(*encrypted2A, *encrypted2B);
+
+		// Make sure more iterations results differently.
+		TS_ASSERT_DIFFERS(*encrypted1A, *encrypted2A);
+
+		// Run twice again with different password.
+		unsigned char encrypted3A[SHA_DIGEST_SIZE], encrypted3B[SHA_DIGEST_SIZE];
+		pbkdf2(encrypted3A, (unsigned char*)password2, sizeof(password2), salt_buffer, SHA_DIGEST_SIZE, 50);
+		pbkdf2(encrypted3B, (unsigned char*)password2, sizeof(password2), salt_buffer, SHA_DIGEST_SIZE, 50);
+
+		// Test determinism.
+		TS_ASSERT_EQUALS(*encrypted3A, *encrypted3B);
+
+		// Make sure a different password results differently.
+		TS_ASSERT_DIFFERS(*encrypted3A, *encrypted1A);
+	}
+};
diff --git a/source/third_party/encryption/tests/test_sha.cpp b/source/third_party/encryption/tests/test_sha.cpp
new file mode 100644
index 0000000000..8b696a5036
--- /dev/null
+++ b/source/third_party/encryption/tests/test_sha.cpp
@@ -0,0 +1,26 @@
+/* Generated file, do not edit */
+
+#ifndef CXXTEST_RUNNING
+#define CXXTEST_RUNNING
+#endif
+
+#define _CXXTEST_HAVE_STD
+#include "precompiled.h"
+#include <cxxtest/TestListener.h>
+#include <cxxtest/TestTracker.h>
+#include <cxxtest/TestRunner.h>
+#include <cxxtest/RealDescriptions.h>
+
+#include "../../../source/third_party/encryption/tests/test_sha.h"
+
+static TestEncryptionSha256 suite_TestEncryptionSha256;
+
+static CxxTest::List Tests_TestEncryptionSha256 = { 0, 0 };
+CxxTest::StaticSuiteDescription suiteDescription_TestEncryptionSha256( "../../../source/third_party/encryption/tests/test_sha.h", 22, "TestEncryptionSha256", suite_TestEncryptionSha256, Tests_TestEncryptionSha256 );
+
+static class TestDescription_TestEncryptionSha256_test_sha256 : public CxxTest::RealTestDescription {
+public:
+ TestDescription_TestEncryptionSha256_test_sha256() : CxxTest::RealTestDescription( Tests_TestEncryptionSha256, suiteDescription_TestEncryptionSha256, 25, "test_sha256" ) {}
+ void runTest() { suite_TestEncryptionSha256.test_sha256(); }
+} testDescription_TestEncryptionSha256_test_sha256;
+
diff --git a/source/third_party/encryption/tests/test_sha.h b/source/third_party/encryption/tests/test_sha.h
new file mode 100644
index 0000000000..56f9e368f7
--- /dev/null
+++ b/source/third_party/encryption/tests/test_sha.h
@@ -0,0 +1,57 @@
+/* Copyright (C) 2014 Wildfire Games.
+ * This file is part of 0 A.D.
+ *
+ * 0 A.D. is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * 0 A.D. is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with 0 A.D.  If not, see <http://www.gnu.org/licenses/>.
+ */
+
+#include "lib/self_test.h"
+
+#include "third_party/encryption/sha.h"
+
+class TestEncryptionSha256 : public CxxTest::TestSuite 
+{
+public:
+	void test_sha256()
+	{
+		// Test two hashes of the same variable are equal.
+		SHA256 hash1, hash2;
+		unsigned char finalHash1A[SHA_DIGEST_SIZE], finalHash1B[SHA_DIGEST_SIZE];
+		const char cStringToHash1[] = "Hash me!";
+		hash1.update(cStringToHash1, sizeof(cStringToHash1));
+		hash2.update(cStringToHash1, sizeof(cStringToHash1));
+
+		hash1.finish(finalHash1A);
+		hash2.finish(finalHash1B);
+		TS_ASSERT_EQUALS(*finalHash1A, *finalHash1B);
+
+		// Test that the output isn't the same as the input.
+		TS_ASSERT_DIFFERS(*cStringToHash1, *finalHash1A)
+
+		// Test if updating the hash multiple times changes the
+		//  original hashes but still results in them being equal.
+		unsigned char finalHash2A[SHA_DIGEST_SIZE], finalHash2B[SHA_DIGEST_SIZE];
+		const char cStringToHash2[] = "Hash me too please!";
+		hash1.update(cStringToHash2, sizeof(cStringToHash2));
+		hash2.update(cStringToHash2, sizeof(cStringToHash2));
+
+		hash1.finish(finalHash2A);
+		hash2.finish(finalHash2B);
+		TS_ASSERT_EQUALS(*finalHash2A, *finalHash2B);
+
+		// Make sure the updated hash is actually different
+		//  compared to the original hash.
+		TS_ASSERT_DIFFERS(*finalHash1A, *finalHash2A);
+		TS_ASSERT_DIFFERS(*finalHash1B, *finalHash2B);
+	}
+};